From 63d04f8780ef1d876596676593c0312d469dd28b Mon Sep 17 00:00:00 2001 From: Clancy Mendonca Date: Sat, 13 Jun 2026 21:16:33 +0530 Subject: [PATCH 1/2] fixup(docs): rename ares-rt paths to clan-rt Rename ABI docs, gate scripts, and plan files from AresOS/ares-rt to ClanOS/clan-rt naming. --- ...{aresos_build_151_350.plan.md => clanos_build_151_350.plan.md} | 0 ...ild_b960e4a0.plan.md => clanos_full_os_build_b960e4a0.plan.md} | 0 docs/{ABI_ARES_RT.md => ABI_CLAN_RT.md} | 0 docs/specs/{ABI_ARES_RT.md => ABI_CLAN_RT.md} | 0 scripts/gate/{ares_rt.py => clan_rt.py} | 0 scripts/{phase401_ares_rt_check.py => phase401_clan_rt_check.py} | 0 6 files changed, 0 insertions(+), 0 deletions(-) rename .cursor/plans/{aresos_build_151_350.plan.md => clanos_build_151_350.plan.md} (100%) rename .cursor/plans/{aresos_full_os_build_b960e4a0.plan.md => clanos_full_os_build_b960e4a0.plan.md} (100%) rename docs/{ABI_ARES_RT.md => ABI_CLAN_RT.md} (100%) rename docs/specs/{ABI_ARES_RT.md => ABI_CLAN_RT.md} (100%) rename scripts/gate/{ares_rt.py => clan_rt.py} (100%) rename scripts/{phase401_ares_rt_check.py => phase401_clan_rt_check.py} (100%) diff --git a/.cursor/plans/aresos_build_151_350.plan.md b/.cursor/plans/clanos_build_151_350.plan.md similarity index 100% rename from .cursor/plans/aresos_build_151_350.plan.md rename to .cursor/plans/clanos_build_151_350.plan.md diff --git a/.cursor/plans/aresos_full_os_build_b960e4a0.plan.md b/.cursor/plans/clanos_full_os_build_b960e4a0.plan.md similarity index 100% rename from .cursor/plans/aresos_full_os_build_b960e4a0.plan.md rename to .cursor/plans/clanos_full_os_build_b960e4a0.plan.md diff --git a/docs/ABI_ARES_RT.md b/docs/ABI_CLAN_RT.md similarity index 100% rename from docs/ABI_ARES_RT.md rename to docs/ABI_CLAN_RT.md diff --git a/docs/specs/ABI_ARES_RT.md b/docs/specs/ABI_CLAN_RT.md similarity index 100% rename from docs/specs/ABI_ARES_RT.md rename to docs/specs/ABI_CLAN_RT.md diff --git a/scripts/gate/ares_rt.py b/scripts/gate/clan_rt.py similarity index 100% rename from scripts/gate/ares_rt.py rename to scripts/gate/clan_rt.py diff --git a/scripts/phase401_ares_rt_check.py b/scripts/phase401_clan_rt_check.py similarity index 100% rename from scripts/phase401_ares_rt_check.py rename to scripts/phase401_clan_rt_check.py From c959c1198bd0a2a8f08536f28919e73b4fcbceb8 Mon Sep 17 00:00:00 2001 From: Clancy Mendonca Date: Sat, 13 Jun 2026 21:18:38 +0530 Subject: [PATCH 2/2] feat(clanos): rebrand AresOS to ClanOS and consolidate scope gates Rename ares-rt to clan-rt, migrate phase checklists to scope terminology, unify boot/system validation gates, and ensure preemption telemetry rebuilds after non-preemption gate smokes. --- .cursor/plans/clanos_build_151_350.plan.md | 18 +- .../clanos_full_os_build_b960e4a0.plan.md | 242 +-- ...neer.mdc => clanos-principal-engineer.mdc} | 16 +- CHARTER.md | 10 +- CONTRIBUTING.md | 8 +- Cargo.lock | 30 +- Cargo.toml | 2 +- DECISION_LOG.md | 18 +- GLOSSARY.toml | 2 +- README.md | 679 +++---- SCOPE_FREEZE.md | 2 +- SECURITY.md | 4 +- STATUS.md | 81 +- ...-baseline.json => scope-120-baseline.json} | 4 +- compat_test_corpus.toml | 6 +- config/track1_scope_freeze.toml | 8 +- docs/ABI_ASYNC.md | 10 +- docs/ABI_CLAN_RT.md | 8 +- docs/ABI_COMPOSITOR_IPC.md | 2 +- docs/ABI_DRIVER.md | 12 +- docs/ABI_IPC.md | 10 +- docs/ABI_MEMORY.md | 18 +- docs/ABI_NATIVE_SYSCALL.md | 6 +- docs/ABI_RUNTIME.md | 6 +- docs/ABI_SECURITY.md | 18 +- docs/ABI_STABILITY.md | 22 +- docs/ABI_SYSCALL.md | 22 +- docs/ARCHITECTURE_TARGETS.md | 2 +- docs/AUDIT_SUBSYSTEM.md | 2 +- docs/AXIOMS.md | 28 +- docs/BUILD_INTEGRITY.md | 8 +- docs/CAP_REGISTRY.toml | 2 +- docs/COMPAT_ISOLATION.md | 6 +- docs/COMPAT_SUNSET.md | 2 +- docs/DECISION_LOG.md | 6 +- docs/DEMAND_PAGING.md | 12 +- docs/DESIGN_NORTH_STAR.md | 16 +- docs/DEVICES.md | 10 +- docs/EPOCH3_IPC_PLAN.md | 6 +- docs/EPOCH4_NETWORK_PLAN.md | 2 +- docs/EPOCH5_SCHEDULER_GUI_PLAN.md | 4 +- docs/EPOCH_FAILURE_PROCEDURE.md | 8 +- docs/EXECUTABLE_IMAGES.md | 12 +- docs/FAILURE_MODES_LEDGER.md | 2 +- docs/FAULT_ESCALATION.md | 2 +- docs/FILE_DESCRIPTORS.md | 19 +- docs/FRAME_BACKED_IMAGES.md | 6 +- docs/FRAME_OWNERSHIP.md | 12 +- docs/INDEX.md | 30 +- docs/IPC_INTERIM_BRIDGE.md | 4 +- docs/IPC_VERSION_NEGOTIATION.md | 4 +- docs/KERNEL_OBJECT_MODEL.md | 12 +- docs/LOAD_PLANS.md | 12 +- docs/MAPPING_STUBS.md | 6 +- docs/NATIVE_DEVELOPER_EXPERIENCE.md | 4 +- docs/NATIVE_MODEL.md | 12 +- docs/NEW_CAP_KIND_CHECKLIST.md | 2 +- docs/PLAN_SUPERSESSION.md | 2 +- docs/PROGRAMS.md | 28 +- docs/PROTOCOL_CHANGELOG.md | 2 +- docs/RELEASE_SCORECARD_M400.md | 2 +- docs/RELEASE_SCORECARD_M500.md | 6 +- docs/RIGHTS_ALGEBRA.md | 4 +- docs/RING3_TRAMPOLINE.md | 4 +- docs/ROADMAP_151_350.md | 42 +- docs/ROADMAP_351_400.md | 20 +- docs/ROADMAP_401_500.md | 28 +- docs/ROADMAP_POST100.md | 42 +- docs/SCHEDULER.md | 14 +- docs/SCHEDULING_UNIFIED.md | 2 +- docs/SECURITY.md | 22 +- docs/SEMANTIC_JURISDICTION.md | 6 +- docs/SEMANTIC_LINT.md | 8 +- docs/SEMANTIC_OBSERVABILITY.md | 10 +- docs/SEMANTIC_SPECS.md | 12 +- docs/SHARED_LIBRARIES.md | 16 +- docs/SMP.md | 28 +- docs/STORAGE.md | 26 +- docs/TEMPORAL_SEMANTICS.md | 6 +- docs/THREAT_MODEL.md | 4 +- docs/THREAT_NODES.toml | 2 +- docs/UNSAFE_AUDIT.md | 2 +- docs/USER_CONTEXT.md | 6 +- docs/USER_ELF_MVP.md | 12 +- docs/USER_PAGE_TABLES.md | 22 +- docs/USER_SYSCALLS.md | 10 +- docs/VALIDATION_GATES.md | 128 +- docs/WIRE_SCHEMA_REGISTRY.md | 4 +- docs/architecture/ARCHITECTURE_TARGETS.md | 2 +- docs/architecture/AUDIT_SUBSYSTEM.md | 2 +- docs/architecture/COMPAT_ISOLATION.md | 6 +- docs/architecture/DESIGN_NORTH_STAR.md | 6 +- docs/architecture/FAULT_ESCALATION.md | 2 +- docs/architecture/KERNEL_OBJECT_MODEL.md | 14 +- docs/architecture/README.md | 2 +- docs/architecture/RIGHTS_ALGEBRA.md | 4 +- docs/architecture/SCHEDULING_UNIFIED.md | 2 +- docs/architecture/SECURITY_MODEL.md | 6 +- docs/architecture/TEMPORAL_SEMANTICS.md | 6 +- docs/architecture/THREAT_MODEL.md | 4 +- docs/epoch-10-graduation.md | 2 +- docs/phase-123-checklist.md | 27 - docs/phase-131-checklist.md | 27 - docs/phase-135-checklist.md | 27 - docs/phase-144-checklist.md | 27 - docs/phase-145-checklist.md | 27 - docs/phase-146-checklist.md | 27 - docs/phase-147-checklist.md | 27 - docs/phase-152-checklist.md | 31 - docs/phase-158-checklist.md | 31 - docs/phase-159-checklist.md | 31 - docs/phase-164-checklist.md | 31 - docs/phase-167-checklist.md | 31 - docs/phase-168-checklist.md | 31 - docs/phase-171-checklist.md | 31 - docs/phase-172-checklist.md | 31 - docs/phase-173-checklist.md | 31 - docs/phase-174-checklist.md | 31 - docs/phase-176-checklist.md | 31 - docs/phase-177-checklist.md | 31 - docs/phase-178-checklist.md | 31 - docs/phase-179-checklist.md | 31 - docs/phase-180-checklist.md | 31 - docs/phase-181-checklist.md | 31 - docs/phase-182-checklist.md | 31 - docs/phase-183-checklist.md | 31 - docs/phase-184-checklist.md | 31 - docs/phase-185-checklist.md | 31 - docs/phase-190-checklist.md | 31 - docs/phase-191-checklist.md | 31 - docs/phase-192-checklist.md | 31 - docs/phase-193-checklist.md | 31 - docs/phase-194-checklist.md | 31 - docs/phase-195-checklist.md | 31 - docs/phase-196-checklist.md | 31 - docs/phase-197-checklist.md | 31 - docs/phase-198-checklist.md | 31 - docs/phase-199-checklist.md | 31 - docs/phase-201-checklist.md | 31 - docs/phase-202-checklist.md | 31 - docs/phase-203-checklist.md | 31 - docs/phase-204-checklist.md | 31 - docs/phase-205-checklist.md | 31 - docs/phase-206-checklist.md | 31 - docs/phase-207-checklist.md | 31 - docs/phase-208-checklist.md | 31 - docs/phase-209-checklist.md | 31 - docs/phase-210-checklist.md | 31 - docs/phase-215-checklist.md | 31 - docs/phase-216-checklist.md | 31 - docs/phase-217-checklist.md | 31 - docs/phase-218-checklist.md | 31 - docs/phase-219-checklist.md | 31 - docs/phase-220-checklist.md | 31 - docs/phase-225-checklist.md | 31 - docs/phase-230-checklist.md | 31 - docs/phase-231-checklist.md | 31 - docs/phase-232-checklist.md | 31 - docs/phase-233-checklist.md | 31 - docs/phase-234-checklist.md | 31 - docs/phase-235-checklist.md | 31 - docs/phase-236-checklist.md | 31 - docs/phase-237-checklist.md | 31 - docs/phase-238-checklist.md | 31 - docs/phase-239-checklist.md | 31 - docs/phase-240-checklist.md | 31 - docs/phase-241-checklist.md | 31 - docs/phase-242-checklist.md | 31 - docs/phase-243-checklist.md | 31 - docs/phase-244-checklist.md | 31 - docs/phase-245-checklist.md | 31 - docs/phase-246-checklist.md | 31 - docs/phase-247-checklist.md | 31 - docs/phase-248-checklist.md | 31 - docs/phase-249-checklist.md | 31 - docs/phase-255-checklist.md | 31 - docs/phase-256-checklist.md | 31 - docs/phase-257-checklist.md | 31 - docs/phase-258-checklist.md | 31 - docs/phase-259-checklist.md | 31 - docs/phase-260-checklist.md | 31 - docs/phase-261-checklist.md | 31 - docs/phase-262-checklist.md | 31 - docs/phase-263-checklist.md | 31 - docs/phase-264-checklist.md | 31 - docs/phase-265-checklist.md | 31 - docs/phase-266-checklist.md | 31 - docs/phase-267-checklist.md | 31 - docs/phase-268-checklist.md | 31 - docs/phase-269-checklist.md | 31 - docs/phase-270-checklist.md | 31 - docs/phase-271-checklist.md | 31 - docs/phase-272-checklist.md | 31 - docs/phase-273-checklist.md | 31 - docs/phase-274-checklist.md | 31 - docs/phase-275-checklist.md | 31 - docs/phase-280-checklist.md | 31 - docs/phase-281-checklist.md | 31 - docs/phase-282-checklist.md | 31 - docs/phase-283-checklist.md | 31 - docs/phase-284-checklist.md | 31 - docs/phase-285-checklist.md | 31 - docs/phase-286-checklist.md | 31 - docs/phase-287-checklist.md | 31 - docs/phase-288-checklist.md | 31 - docs/phase-289-checklist.md | 31 - docs/phase-290-checklist.md | 31 - docs/phase-291-checklist.md | 31 - docs/phase-292-checklist.md | 31 - docs/phase-293-checklist.md | 31 - docs/phase-294-checklist.md | 31 - docs/phase-295-checklist.md | 31 - docs/phase-296-checklist.md | 31 - docs/phase-297-checklist.md | 31 - docs/phase-298-checklist.md | 31 - docs/phase-299-checklist.md | 31 - docs/phase-301-checklist.md | 31 - docs/phase-302-checklist.md | 31 - docs/phase-303-checklist.md | 31 - docs/phase-304-checklist.md | 31 - docs/phase-305-checklist.md | 31 - docs/phase-306-checklist.md | 31 - docs/phase-307-checklist.md | 31 - docs/phase-308-checklist.md | 31 - docs/phase-309-checklist.md | 31 - docs/phase-310-checklist.md | 31 - docs/phase-315-checklist.md | 31 - docs/phase-316-checklist.md | 31 - docs/phase-317-checklist.md | 31 - docs/phase-318-checklist.md | 31 - docs/phase-319-checklist.md | 31 - docs/phase-320-checklist.md | 31 - docs/phase-321-checklist.md | 31 - docs/phase-322-checklist.md | 31 - docs/phase-323-checklist.md | 31 - docs/phase-324-checklist.md | 31 - docs/phase-325-checklist.md | 31 - docs/phase-330-checklist.md | 31 - docs/phase-331-checklist.md | 31 - docs/phase-332-checklist.md | 31 - docs/phase-333-checklist.md | 31 - docs/phase-334-checklist.md | 31 - docs/phase-335-checklist.md | 31 - docs/phase-336-checklist.md | 31 - docs/phase-337-checklist.md | 31 - docs/phase-338-checklist.md | 31 - docs/phase-339-checklist.md | 31 - docs/phase-340-checklist.md | 31 - docs/phase-341-checklist.md | 31 - docs/phase-342-checklist.md | 31 - docs/phase-343-checklist.md | 31 - docs/phase-344-checklist.md | 31 - docs/phase-345-checklist.md | 31 - docs/phase-346-checklist.md | 31 - docs/phase-347-checklist.md | 31 - docs/phase-348-checklist.md | 31 - docs/phase-349-checklist.md | 31 - docs/phase-40-checklist.md | 20 - docs/phase-60-checklist.md | 20 - docs/process/BUILD_INTEGRITY.md | 8 +- docs/process/COMPAT_SUNSET.md | 2 +- docs/process/DECISION_LOG.md | 6 +- docs/process/EPOCH_FAILURE_PROCEDURE.md | 8 +- docs/process/README.md | 2 +- docs/process/UNSAFE_AUDIT.md | 2 +- docs/proofs/README.md | 2 +- ...se-1-checklist.md => scope-1-checklist.md} | 10 +- ...-10-checklist.md => scope-10-checklist.md} | 12 +- ...00-checklist.md => scope-100-checklist.md} | 14 +- ...01-checklist.md => scope-101-checklist.md} | 10 +- ...02-checklist.md => scope-102-checklist.md} | 8 +- ...03-checklist.md => scope-103-checklist.md} | 8 +- ...04-checklist.md => scope-104-checklist.md} | 8 +- ...05-checklist.md => scope-105-checklist.md} | 8 +- ...06-checklist.md => scope-106-checklist.md} | 10 +- ...07-checklist.md => scope-107-checklist.md} | 8 +- ...08-checklist.md => scope-108-checklist.md} | 8 +- ...09-checklist.md => scope-109-checklist.md} | 10 +- ...-11-checklist.md => scope-11-checklist.md} | 14 +- ...10-checklist.md => scope-110-checklist.md} | 20 +- ...11-checklist.md => scope-111-checklist.md} | 8 +- ...12-checklist.md => scope-112-checklist.md} | 8 +- ...13-checklist.md => scope-113-checklist.md} | 8 +- ...14-checklist.md => scope-114-checklist.md} | 8 +- ...15-checklist.md => scope-115-checklist.md} | 8 +- ...16-checklist.md => scope-116-checklist.md} | 8 +- ...17-checklist.md => scope-117-checklist.md} | 8 +- ...18-checklist.md => scope-118-checklist.md} | 8 +- ...19-checklist.md => scope-119-checklist.md} | 8 +- ...-12-checklist.md => scope-12-checklist.md} | 10 +- ...20-checklist.md => scope-120-checklist.md} | 10 +- ...21-checklist.md => scope-121-checklist.md} | 18 +- ...22-checklist.md => scope-122-checklist.md} | 8 +- docs/scope-123-checklist.md | 27 + ...24-checklist.md => scope-124-checklist.md} | 8 +- ...25-checklist.md => scope-125-checklist.md} | 8 +- ...26-checklist.md => scope-126-checklist.md} | 8 +- docs/scope-127-checklist.md | 27 + ...28-checklist.md => scope-128-checklist.md} | 8 +- docs/scope-129-checklist.md | 27 + ...-13-checklist.md => scope-13-checklist.md} | 8 +- ...30-checklist.md => scope-130-checklist.md} | 8 +- ...27-checklist.md => scope-131-checklist.md} | 8 +- ...32-checklist.md => scope-132-checklist.md} | 8 +- ...33-checklist.md => scope-133-checklist.md} | 8 +- ...34-checklist.md => scope-134-checklist.md} | 8 +- docs/scope-135-checklist.md | 27 + ...36-checklist.md => scope-136-checklist.md} | 8 +- ...38-checklist.md => scope-137-checklist.md} | 8 +- ...48-checklist.md => scope-138-checklist.md} | 8 +- ...39-checklist.md => scope-139-checklist.md} | 8 +- ...-14-checklist.md => scope-14-checklist.md} | 10 +- ...40-checklist.md => scope-140-checklist.md} | 8 +- ...41-checklist.md => scope-141-checklist.md} | 8 +- ...43-checklist.md => scope-142-checklist.md} | 8 +- docs/scope-143-checklist.md | 27 + docs/scope-144-checklist.md | 27 + ...29-checklist.md => scope-145-checklist.md} | 8 +- ...42-checklist.md => scope-146-checklist.md} | 8 +- ...37-checklist.md => scope-147-checklist.md} | 8 +- docs/scope-148-checklist.md | 27 + ...49-checklist.md => scope-149-checklist.md} | 8 +- ...-15-checklist.md => scope-15-checklist.md} | 12 +- ...50-checklist.md => scope-150-checklist.md} | 8 +- ...51-checklist.md => scope-151-checklist.md} | 8 +- ...54-checklist.md => scope-152-checklist.md} | 9 +- ...66-checklist.md => scope-153-checklist.md} | 9 +- ...62-checklist.md => scope-154-checklist.md} | 9 +- ...55-checklist.md => scope-155-checklist.md} | 8 +- docs/scope-156-checklist.md | 30 + ...53-checklist.md => scope-157-checklist.md} | 9 +- ...57-checklist.md => scope-158-checklist.md} | 9 +- docs/scope-159-checklist.md | 30 + ...-16-checklist.md => scope-16-checklist.md} | 10 +- ...60-checklist.md => scope-160-checklist.md} | 10 +- ...63-checklist.md => scope-161-checklist.md} | 9 +- ...69-checklist.md => scope-162-checklist.md} | 9 +- ...61-checklist.md => scope-163-checklist.md} | 9 +- ...56-checklist.md => scope-164-checklist.md} | 9 +- ...65-checklist.md => scope-165-checklist.md} | 8 +- docs/scope-166-checklist.md | 30 + docs/scope-167-checklist.md | 30 + docs/scope-168-checklist.md | 30 + docs/scope-169-checklist.md | 30 + ...-17-checklist.md => scope-17-checklist.md} | 8 +- ...70-checklist.md => scope-170-checklist.md} | 8 +- docs/scope-171-checklist.md | 30 + docs/scope-172-checklist.md | 30 + docs/scope-173-checklist.md | 30 + docs/scope-174-checklist.md | 30 + ...75-checklist.md => scope-175-checklist.md} | 8 +- docs/scope-176-checklist.md | 30 + docs/scope-177-checklist.md | 30 + docs/scope-178-checklist.md | 30 + docs/scope-179-checklist.md | 30 + ...-18-checklist.md => scope-18-checklist.md} | 8 +- docs/scope-180-checklist.md | 30 + docs/scope-181-checklist.md | 30 + docs/scope-182-checklist.md | 30 + docs/scope-183-checklist.md | 30 + docs/scope-184-checklist.md | 30 + docs/scope-185-checklist.md | 30 + ...86-checklist.md => scope-186-checklist.md} | 9 +- ...87-checklist.md => scope-187-checklist.md} | 9 +- ...88-checklist.md => scope-188-checklist.md} | 9 +- ...89-checklist.md => scope-189-checklist.md} | 9 +- ...-19-checklist.md => scope-19-checklist.md} | 8 +- docs/scope-190-checklist.md | 30 + docs/scope-191-checklist.md | 30 + docs/scope-192-checklist.md | 30 + docs/scope-193-checklist.md | 30 + docs/scope-194-checklist.md | 30 + docs/scope-195-checklist.md | 30 + docs/scope-196-checklist.md | 30 + docs/scope-197-checklist.md | 30 + docs/scope-198-checklist.md | 30 + docs/scope-199-checklist.md | 30 + ...se-2-checklist.md => scope-2-checklist.md} | 8 +- ...-20-checklist.md => scope-20-checklist.md} | 8 +- ...00-checklist.md => scope-200-checklist.md} | 8 +- ...11-checklist.md => scope-201-checklist.md} | 9 +- ...12-checklist.md => scope-202-checklist.md} | 9 +- ...13-checklist.md => scope-203-checklist.md} | 9 +- ...14-checklist.md => scope-204-checklist.md} | 9 +- docs/scope-205-checklist.md | 30 + docs/scope-206-checklist.md | 30 + docs/scope-207-checklist.md | 30 + docs/scope-208-checklist.md | 30 + docs/scope-209-checklist.md | 30 + ...-21-checklist.md => scope-21-checklist.md} | 8 +- docs/scope-210-checklist.md | 30 + docs/scope-211-checklist.md | 30 + docs/scope-212-checklist.md | 30 + docs/scope-213-checklist.md | 30 + docs/scope-214-checklist.md | 30 + docs/scope-215-checklist.md | 30 + docs/scope-216-checklist.md | 30 + docs/scope-217-checklist.md | 30 + docs/scope-218-checklist.md | 30 + docs/scope-219-checklist.md | 30 + ...-22-checklist.md => scope-22-checklist.md} | 8 +- docs/scope-220-checklist.md | 30 + ...21-checklist.md => scope-221-checklist.md} | 9 +- ...22-checklist.md => scope-222-checklist.md} | 9 +- ...23-checklist.md => scope-223-checklist.md} | 9 +- ...24-checklist.md => scope-224-checklist.md} | 9 +- docs/scope-225-checklist.md | 30 + ...26-checklist.md => scope-226-checklist.md} | 9 +- ...27-checklist.md => scope-227-checklist.md} | 9 +- ...28-checklist.md => scope-228-checklist.md} | 9 +- ...29-checklist.md => scope-229-checklist.md} | 9 +- ...-23-checklist.md => scope-23-checklist.md} | 8 +- docs/scope-230-checklist.md | 30 + docs/scope-231-checklist.md | 30 + docs/scope-232-checklist.md | 30 + docs/scope-233-checklist.md | 30 + docs/scope-234-checklist.md | 30 + docs/scope-235-checklist.md | 30 + docs/scope-236-checklist.md | 30 + docs/scope-237-checklist.md | 30 + docs/scope-238-checklist.md | 30 + docs/scope-239-checklist.md | 30 + ...-24-checklist.md => scope-24-checklist.md} | 8 +- docs/scope-240-checklist.md | 30 + docs/scope-241-checklist.md | 30 + docs/scope-242-checklist.md | 30 + docs/scope-243-checklist.md | 30 + docs/scope-244-checklist.md | 30 + docs/scope-245-checklist.md | 30 + docs/scope-246-checklist.md | 30 + docs/scope-247-checklist.md | 30 + docs/scope-248-checklist.md | 30 + docs/scope-249-checklist.md | 30 + ...-25-checklist.md => scope-25-checklist.md} | 8 +- ...50-checklist.md => scope-250-checklist.md} | 8 +- ...51-checklist.md => scope-251-checklist.md} | 9 +- ...52-checklist.md => scope-252-checklist.md} | 9 +- ...53-checklist.md => scope-253-checklist.md} | 9 +- ...54-checklist.md => scope-254-checklist.md} | 9 +- docs/scope-255-checklist.md | 30 + docs/scope-256-checklist.md | 30 + docs/scope-257-checklist.md | 30 + docs/scope-258-checklist.md | 30 + docs/scope-259-checklist.md | 30 + ...-26-checklist.md => scope-26-checklist.md} | 8 +- docs/scope-260-checklist.md | 30 + docs/scope-261-checklist.md | 30 + docs/scope-262-checklist.md | 30 + docs/scope-263-checklist.md | 30 + docs/scope-264-checklist.md | 30 + docs/scope-265-checklist.md | 30 + docs/scope-266-checklist.md | 30 + docs/scope-267-checklist.md | 30 + docs/scope-268-checklist.md | 30 + docs/scope-269-checklist.md | 30 + ...-27-checklist.md => scope-27-checklist.md} | 8 +- docs/scope-270-checklist.md | 30 + docs/scope-271-checklist.md | 30 + docs/scope-272-checklist.md | 30 + docs/scope-273-checklist.md | 30 + docs/scope-274-checklist.md | 30 + docs/scope-275-checklist.md | 30 + ...76-checklist.md => scope-276-checklist.md} | 9 +- ...77-checklist.md => scope-277-checklist.md} | 9 +- ...78-checklist.md => scope-278-checklist.md} | 9 +- ...79-checklist.md => scope-279-checklist.md} | 9 +- ...-28-checklist.md => scope-28-checklist.md} | 8 +- docs/scope-280-checklist.md | 30 + docs/scope-281-checklist.md | 30 + docs/scope-282-checklist.md | 30 + docs/scope-283-checklist.md | 30 + docs/scope-284-checklist.md | 30 + docs/scope-285-checklist.md | 30 + docs/scope-286-checklist.md | 30 + docs/scope-287-checklist.md | 30 + docs/scope-288-checklist.md | 30 + docs/scope-289-checklist.md | 30 + ...-29-checklist.md => scope-29-checklist.md} | 8 +- docs/scope-290-checklist.md | 30 + docs/scope-291-checklist.md | 30 + docs/scope-292-checklist.md | 30 + docs/scope-293-checklist.md | 30 + docs/scope-294-checklist.md | 30 + docs/scope-295-checklist.md | 30 + docs/scope-296-checklist.md | 30 + docs/scope-297-checklist.md | 30 + docs/scope-298-checklist.md | 30 + docs/scope-299-checklist.md | 30 + ...se-3-checklist.md => scope-3-checklist.md} | 8 +- ...-30-checklist.md => scope-30-checklist.md} | 12 +- ...00-checklist.md => scope-300-checklist.md} | 8 +- docs/scope-301-checklist.md | 30 + docs/scope-302-checklist.md | 30 + docs/scope-303-checklist.md | 30 + docs/scope-304-checklist.md | 30 + docs/scope-305-checklist.md | 30 + docs/scope-306-checklist.md | 30 + docs/scope-307-checklist.md | 30 + docs/scope-308-checklist.md | 30 + docs/scope-309-checklist.md | 30 + ...-31-checklist.md => scope-31-checklist.md} | 8 +- docs/scope-310-checklist.md | 30 + ...11-checklist.md => scope-311-checklist.md} | 9 +- ...12-checklist.md => scope-312-checklist.md} | 9 +- ...13-checklist.md => scope-313-checklist.md} | 9 +- ...14-checklist.md => scope-314-checklist.md} | 9 +- docs/scope-315-checklist.md | 30 + docs/scope-316-checklist.md | 30 + docs/scope-317-checklist.md | 30 + docs/scope-318-checklist.md | 30 + docs/scope-319-checklist.md | 30 + ...-32-checklist.md => scope-32-checklist.md} | 8 +- docs/scope-320-checklist.md | 30 + docs/scope-321-checklist.md | 30 + docs/scope-322-checklist.md | 30 + docs/scope-323-checklist.md | 30 + docs/scope-324-checklist.md | 30 + docs/scope-325-checklist.md | 30 + ...26-checklist.md => scope-326-checklist.md} | 9 +- ...27-checklist.md => scope-327-checklist.md} | 9 +- ...28-checklist.md => scope-328-checklist.md} | 9 +- ...29-checklist.md => scope-329-checklist.md} | 9 +- ...-33-checklist.md => scope-33-checklist.md} | 8 +- docs/scope-330-checklist.md | 30 + docs/scope-331-checklist.md | 30 + docs/scope-332-checklist.md | 30 + docs/scope-333-checklist.md | 30 + docs/scope-334-checklist.md | 30 + docs/scope-335-checklist.md | 30 + docs/scope-336-checklist.md | 30 + docs/scope-337-checklist.md | 30 + docs/scope-338-checklist.md | 30 + docs/scope-339-checklist.md | 30 + ...-34-checklist.md => scope-34-checklist.md} | 8 +- docs/scope-340-checklist.md | 30 + docs/scope-341-checklist.md | 30 + docs/scope-342-checklist.md | 30 + docs/scope-343-checklist.md | 30 + docs/scope-344-checklist.md | 30 + docs/scope-345-checklist.md | 30 + docs/scope-346-checklist.md | 30 + docs/scope-347-checklist.md | 30 + docs/scope-348-checklist.md | 30 + docs/scope-349-checklist.md | 30 + ...-35-checklist.md => scope-35-checklist.md} | 8 +- ...50-checklist.md => scope-350-checklist.md} | 8 +- ...51-checklist.md => scope-351-checklist.md} | 6 +- ...-36-checklist.md => scope-36-checklist.md} | 8 +- ...-37-checklist.md => scope-37-checklist.md} | 8 +- ...-38-checklist.md => scope-38-checklist.md} | 8 +- ...-39-checklist.md => scope-39-checklist.md} | 12 +- ...se-4-checklist.md => scope-4-checklist.md} | 16 +- ...nt.md => scope-4-preemption-checkpoint.md} | 14 +- docs/scope-40-checklist.md | 20 + ...-41-checklist.md => scope-41-checklist.md} | 8 +- ...-42-checklist.md => scope-42-checklist.md} | 8 +- ...-43-checklist.md => scope-43-checklist.md} | 8 +- ...-44-checklist.md => scope-44-checklist.md} | 8 +- ...-45-checklist.md => scope-45-checklist.md} | 8 +- ...-46-checklist.md => scope-46-checklist.md} | 8 +- ...-47-checklist.md => scope-47-checklist.md} | 8 +- ...-48-checklist.md => scope-48-checklist.md} | 8 +- ...-49-checklist.md => scope-49-checklist.md} | 8 +- ...se-5-checklist.md => scope-5-checklist.md} | 28 +- ...-50-checklist.md => scope-50-checklist.md} | 12 +- ...-51-checklist.md => scope-51-checklist.md} | 8 +- ...-52-checklist.md => scope-52-checklist.md} | 8 +- ...-53-checklist.md => scope-53-checklist.md} | 8 +- ...-54-checklist.md => scope-54-checklist.md} | 8 +- ...-55-checklist.md => scope-55-checklist.md} | 8 +- ...-56-checklist.md => scope-56-checklist.md} | 8 +- ...-57-checklist.md => scope-57-checklist.md} | 8 +- ...-58-checklist.md => scope-58-checklist.md} | 8 +- ...-59-checklist.md => scope-59-checklist.md} | 8 +- ...se-6-checklist.md => scope-6-checklist.md} | 10 +- docs/scope-60-checklist.md | 20 + ...-61-checklist.md => scope-61-checklist.md} | 8 +- ...-62-checklist.md => scope-62-checklist.md} | 8 +- ...-63-checklist.md => scope-63-checklist.md} | 8 +- ...-64-checklist.md => scope-64-checklist.md} | 8 +- ...-65-checklist.md => scope-65-checklist.md} | 8 +- ...-66-checklist.md => scope-66-checklist.md} | 8 +- ...-67-checklist.md => scope-67-checklist.md} | 8 +- ...-68-checklist.md => scope-68-checklist.md} | 8 +- ...-69-checklist.md => scope-69-checklist.md} | 8 +- ...se-7-checklist.md => scope-7-checklist.md} | 10 +- ...-70-checklist.md => scope-70-checklist.md} | 14 +- ...-71-checklist.md => scope-71-checklist.md} | 8 +- ...-72-checklist.md => scope-72-checklist.md} | 10 +- ...-73-checklist.md => scope-73-checklist.md} | 8 +- ...-74-checklist.md => scope-74-checklist.md} | 8 +- ...-75-checklist.md => scope-75-checklist.md} | 8 +- ...-76-checklist.md => scope-76-checklist.md} | 8 +- ...-77-checklist.md => scope-77-checklist.md} | 10 +- ...-78-checklist.md => scope-78-checklist.md} | 8 +- ...-79-checklist.md => scope-79-checklist.md} | 8 +- ...se-8-checklist.md => scope-8-checklist.md} | 12 +- ...-80-checklist.md => scope-80-checklist.md} | 14 +- ...-81-checklist.md => scope-81-checklist.md} | 8 +- ...-82-checklist.md => scope-82-checklist.md} | 8 +- ...-83-checklist.md => scope-83-checklist.md} | 8 +- ...-84-checklist.md => scope-84-checklist.md} | 8 +- ...-85-checklist.md => scope-85-checklist.md} | 8 +- ...-86-checklist.md => scope-86-checklist.md} | 8 +- ...-87-checklist.md => scope-87-checklist.md} | 10 +- ...-88-checklist.md => scope-88-checklist.md} | 8 +- ...-89-checklist.md => scope-89-checklist.md} | 8 +- ...se-9-checklist.md => scope-9-checklist.md} | 14 +- ...-90-checklist.md => scope-90-checklist.md} | 14 +- ...-91-checklist.md => scope-91-checklist.md} | 8 +- ...-92-checklist.md => scope-92-checklist.md} | 8 +- ...-93-checklist.md => scope-93-checklist.md} | 8 +- ...-94-checklist.md => scope-94-checklist.md} | 8 +- ...-95-checklist.md => scope-95-checklist.md} | 8 +- ...-96-checklist.md => scope-96-checklist.md} | 8 +- ...-97-checklist.md => scope-97-checklist.md} | 8 +- ...-98-checklist.md => scope-98-checklist.md} | 8 +- ...-99-checklist.md => scope-99-checklist.md} | 8 +- docs/specs/ABI_CLAN_RT.md | 4 +- docs/specs/ABI_COMPOSITOR_IPC.md | 2 +- docs/specs/ABI_NATIVE_SYSCALL.md | 6 +- docs/specs/IPC_VERSION_NEGOTIATION.md | 4 +- docs/specs/PROTOCOL_CHANGELOG.md | 2 +- docs/specs/README.md | 4 +- docs/specs/WIRE_SCHEMA_REGISTRY.md | 4 +- docs/track1/BATCH1_PR_BODY.md | 8 +- docs/track1/SCOPE_FREEZE_COMMIT_TEMPLATE.md | 6 +- epoch_signoffs/epoch-1.toml | 4 +- epoch_signoffs/epoch-11.toml | 2 +- epoch_signoffs/epoch-13.toml | 2 +- epoch_signoffs/epoch-2.toml | 4 +- epoch_signoffs/epoch-3.toml | 2 +- epoch_signoffs/epoch-7.toml | 2 +- epoch_signoffs/epoch-9.toml | 4 +- gap_registry.toml | 96 +- health_timeseries.json | 40 +- kernel/Cargo.toml | 3 +- kernel/build.rs | 94 + kernel/src/address_space.rs | 2 +- kernel/src/audit_wire.rs | 14 +- kernel/src/block.rs | 2 +- kernel/src/block_cache.rs | 123 ++ kernel/src/boot_gate.rs | 523 +++--- kernel/src/buddy.rs | 117 ++ kernel/src/build_integrity.rs | 18 +- kernel/src/clipboard_broker.rs | 4 +- kernel/src/compat_socket.rs | 2 +- kernel/src/compositor.rs | 10 +- kernel/src/cow_fork.rs | 125 ++ kernel/src/demand_paging.rs | 6 +- kernel/src/desktop_shell.rs | 16 +- kernel/src/device.rs | 2 +- kernel/src/device_broker.rs | 4 +- kernel/src/elf_reloc.rs | 18 +- kernel/src/embedded_hello_alloc.rs | 5 + kernel/src/embedded_mendo.rs | 5 + kernel/src/embedded_ring3_io_demo.rs | 5 + kernel/src/embedded_sig_demo.rs | 5 + kernel/src/exec_image.rs | 4 +- kernel/src/ext2.rs | 696 ++++++++ kernel/src/fd_table.rs | 20 +- kernel/src/frame_backing.rs | 2 +- kernel/src/frame_ownership.rs | 4 +- kernel/src/framebuffer.rs | 8 +- kernel/src/governance.rs | 208 +-- kernel/src/image_digest.rs | 2 +- kernel/src/ipc_endpoints.rs | 6 +- kernel/src/ipc_interim_bridge.rs | 8 +- kernel/src/kernel_object.rs | 26 +- kernel/src/lib.rs | 2 +- kernel/src/load_plan.rs | 4 +- kernel/src/main.rs | 8 +- kernel/src/mapping_stub.rs | 4 +- kernel/src/milestone150.rs | 2 +- kernel/src/mmap.rs | 12 +- kernel/src/mouse.rs | 4 +- kernel/src/native_manifest.rs | 6 +- kernel/src/native_syscall.rs | 2 +- kernel/src/network_broker.rs | 6 +- kernel/src/network_stack.rs | 18 +- kernel/src/oom_policy.rs | 6 +- kernel/src/path_broker.rs | 4 +- kernel/src/performance/process_metrics.rs | 2 +- kernel/src/permission_broker.rs | 4 +- kernel/src/pipe.rs | 8 +- kernel/src/posix_server.rs | 162 ++ kernel/src/ring3_trampoline.rs | 2 +- kernel/src/security.rs | 4 +- kernel/src/service_isolation.rs | 4 +- kernel/src/service_loader.rs | 10 +- kernel/src/service_scheduler.rs | 14 +- kernel/src/shared_loader.rs | 12 +- kernel/src/signal.rs | 328 ++++ kernel/src/smp.rs | 26 +- kernel/src/storage.rs | 23 +- kernel/src/storage_broker.rs | 8 +- kernel/src/syscall.rs | 2 +- kernel/src/system_gate.rs | 148 +- kernel/src/task/keyboard.rs | 2 +- kernel/src/task/process.rs | 34 +- kernel/src/task/program_loader.rs | 342 ++-- kernel/src/task/scheduler.rs | 56 +- kernel/src/task/timer.rs | 4 +- kernel/src/task/userspace.rs | 2 +- kernel/src/user_context.rs | 2 +- kernel/src/user_copy.rs | 2 +- kernel/src/user_entry.rs | 10 +- kernel/src/user_hw_frame.rs | 4 +- kernel/src/user_memory.rs | 2 +- kernel/src/user_paging.rs | 10 +- kernel/src/user_path.rs | 20 +- kernel/src/user_syscall.rs | 2 +- kernel/src/user_syscall_hw.rs | 6 +- kernel/src/userland_install.rs | 10 +- kernel/src/vfs.rs | 86 + kernel/src/virtio_blk.rs | 2 +- kernel/src/virtio_net.rs | 2 +- kernel/src/vma.rs | 10 +- kernel/src/window_manager.rs | 8 +- kernel/tests/preemption_integration.rs | 1574 +---------------- never_stabilize_graduated.toml | 4 +- prereq_graph.toml | 92 +- ...schema.toml => scope_checklist_schema.toml | 28 +- phase_snapshots.toml => scope_snapshots.toml | 6 +- scripts/count_ipc_bridge.py | 4 +- scripts/covenant_ci.py | 6 +- scripts/desktop_screendump_check.py | 6 +- scripts/doc_link_check.py | 2 +- scripts/epoch_signoff_check.py | 4 +- scripts/fix_scope_checklist_backticks.py | 37 + scripts/gate/__init__.py | 2 +- scripts/gate/boot.py | 22 +- scripts/gate/boot_host.py | 43 +- scripts/gate/clan_rt.py | 10 +- scripts/gate/clan_rt_heap.py | 58 + scripts/gate/clan_rt_ring3.py | 53 + scripts/gate/compat_subsystems.py | 55 + scripts/gate/cow_fork.py | 43 + scripts/gate/ext2_create_unlink.py | 40 + scripts/gate/ext2_write.py | 38 + scripts/gate/fd_capacity.py | 37 + scripts/gate/fix_readme_paths.py | 13 +- scripts/gate/gen_boot.py | 97 +- scripts/gate/legacy.py | 68 +- scripts/gate/map.py | 140 +- scripts/gate/mmap_vfs.py | 43 + scripts/gate/posix_server.py | 44 + scripts/gate/prune_legacy_checks.py | 18 +- scripts/gate/qemu.py | 78 +- scripts/gate/ring3_sig_delivery.py | 64 + scripts/gate/signal_delivery.py | 51 + scripts/gate/signal_skeleton.py | 43 + scripts/gate/system.py | 15 +- scripts/gate/system_host.py | 5 + scripts/gate/virtio_net_txrx.py | 36 + ...150.py => gen_scope_checklists_101_150.py} | 22 +- ...350.py => gen_scope_checklists_151_350.py} | 14 +- scripts/import_gap_registry.py | 6 +- scripts/install_userland.py | 25 +- scripts/mark_epoch0_addressed.py | 2 +- scripts/mark_plan_complete_gaps.py | 18 +- scripts/migrate_phase_docs.py | 254 --- scripts/phase401_clan_rt_check.py | 11 - scripts/phase4_soak_check.py | 199 --- scripts/phase5_latency_check.py | 11 - scripts/phase5_soak_check.py | 11 - scripts/preemption/__init__.py | 2 +- scripts/preemption/latency.py | 2 +- scripts/preemption/soak.py | 2 +- scripts/preemption/telemetry.py | 11 +- scripts/project_health.py | 10 +- scripts/qemu/x86_64-config.ps1 | 4 +- scripts/rename_clanos.py | 109 ++ scripts/repro-manifest.toml | 2 +- scripts/run_desktop.ps1 | 2 +- ...check.py => scope_checklist_spot_check.py} | 12 +- scripts/sdk_smoke_check.py | 2 +- scripts/semantic_lint.py | 10 +- scripts/smoke_qemu.py | 94 +- scripts/update_phase101_110_checklists.py | 41 - scripts/update_phase111_120_checklists.py | 60 - scripts/validation_matrix.py | 45 +- userland/Cargo.toml | 8 +- userland/hello-alloc/.cargo/config.toml | 6 + userland/hello-alloc/Cargo.toml | 13 + userland/hello-alloc/linker.ld | 25 + userland/hello-alloc/src/main.rs | 51 + userland/mendo/.cargo/config.toml | 6 + userland/mendo/Cargo.toml | 12 + userland/mendo/linker.ld | 25 + userland/mendo/src/interp.rs | 178 ++ userland/mendo/src/lexer.rs | 198 +++ userland/mendo/src/main.rs | 54 + userland/mendo/src/parser.rs | 280 +++ userland/mendo/src/syscall.rs | 38 + userland/ring3-io-demo/.cargo/config.toml | 6 + userland/ring3-io-demo/Cargo.toml | 12 + userland/ring3-io-demo/linker.ld | 25 + userland/ring3-io-demo/src/main.rs | 54 + userland/ring3-io-demo/src/syscall.rs | 86 + userland/sig-demo/.cargo/config.toml | 6 + userland/sig-demo/Cargo.toml | 13 + userland/sig-demo/linker.ld | 25 + userland/sig-demo/src/main.rs | 47 + userland/src/bin/demo_hello.rs | 2 +- userland/src/heap.rs | 51 + userland/src/lib.rs | 28 +- userland/src/ring3_syscall.rs | 146 ++ userland/src/syscalls.rs | 20 + 809 files changed, 12145 insertions(+), 10271 deletions(-) rename .cursor/rules/{aresos-principal-engineer.mdc => clanos-principal-engineer.mdc} (85%) rename benchmarks/{phase-120-baseline.json => scope-120-baseline.json} (65%) delete mode 100644 docs/phase-123-checklist.md delete mode 100644 docs/phase-131-checklist.md delete mode 100644 docs/phase-135-checklist.md delete mode 100644 docs/phase-144-checklist.md delete mode 100644 docs/phase-145-checklist.md delete mode 100644 docs/phase-146-checklist.md delete mode 100644 docs/phase-147-checklist.md delete mode 100644 docs/phase-152-checklist.md delete mode 100644 docs/phase-158-checklist.md delete mode 100644 docs/phase-159-checklist.md delete mode 100644 docs/phase-164-checklist.md delete mode 100644 docs/phase-167-checklist.md delete mode 100644 docs/phase-168-checklist.md delete mode 100644 docs/phase-171-checklist.md delete mode 100644 docs/phase-172-checklist.md delete mode 100644 docs/phase-173-checklist.md delete mode 100644 docs/phase-174-checklist.md delete mode 100644 docs/phase-176-checklist.md delete mode 100644 docs/phase-177-checklist.md delete mode 100644 docs/phase-178-checklist.md delete mode 100644 docs/phase-179-checklist.md delete mode 100644 docs/phase-180-checklist.md delete mode 100644 docs/phase-181-checklist.md delete mode 100644 docs/phase-182-checklist.md delete mode 100644 docs/phase-183-checklist.md delete mode 100644 docs/phase-184-checklist.md delete mode 100644 docs/phase-185-checklist.md delete mode 100644 docs/phase-190-checklist.md delete mode 100644 docs/phase-191-checklist.md delete mode 100644 docs/phase-192-checklist.md delete mode 100644 docs/phase-193-checklist.md delete mode 100644 docs/phase-194-checklist.md delete mode 100644 docs/phase-195-checklist.md delete mode 100644 docs/phase-196-checklist.md delete mode 100644 docs/phase-197-checklist.md delete mode 100644 docs/phase-198-checklist.md delete mode 100644 docs/phase-199-checklist.md delete mode 100644 docs/phase-201-checklist.md delete mode 100644 docs/phase-202-checklist.md delete mode 100644 docs/phase-203-checklist.md delete mode 100644 docs/phase-204-checklist.md delete mode 100644 docs/phase-205-checklist.md delete mode 100644 docs/phase-206-checklist.md delete mode 100644 docs/phase-207-checklist.md delete mode 100644 docs/phase-208-checklist.md delete mode 100644 docs/phase-209-checklist.md delete mode 100644 docs/phase-210-checklist.md delete mode 100644 docs/phase-215-checklist.md delete mode 100644 docs/phase-216-checklist.md delete mode 100644 docs/phase-217-checklist.md delete mode 100644 docs/phase-218-checklist.md delete mode 100644 docs/phase-219-checklist.md delete mode 100644 docs/phase-220-checklist.md delete mode 100644 docs/phase-225-checklist.md delete mode 100644 docs/phase-230-checklist.md delete mode 100644 docs/phase-231-checklist.md delete mode 100644 docs/phase-232-checklist.md delete mode 100644 docs/phase-233-checklist.md delete mode 100644 docs/phase-234-checklist.md delete mode 100644 docs/phase-235-checklist.md delete mode 100644 docs/phase-236-checklist.md delete mode 100644 docs/phase-237-checklist.md delete mode 100644 docs/phase-238-checklist.md delete mode 100644 docs/phase-239-checklist.md delete mode 100644 docs/phase-240-checklist.md delete mode 100644 docs/phase-241-checklist.md delete mode 100644 docs/phase-242-checklist.md delete mode 100644 docs/phase-243-checklist.md delete mode 100644 docs/phase-244-checklist.md delete mode 100644 docs/phase-245-checklist.md delete mode 100644 docs/phase-246-checklist.md delete mode 100644 docs/phase-247-checklist.md delete mode 100644 docs/phase-248-checklist.md delete mode 100644 docs/phase-249-checklist.md delete mode 100644 docs/phase-255-checklist.md delete mode 100644 docs/phase-256-checklist.md delete mode 100644 docs/phase-257-checklist.md delete mode 100644 docs/phase-258-checklist.md delete mode 100644 docs/phase-259-checklist.md delete mode 100644 docs/phase-260-checklist.md delete mode 100644 docs/phase-261-checklist.md delete mode 100644 docs/phase-262-checklist.md delete mode 100644 docs/phase-263-checklist.md delete mode 100644 docs/phase-264-checklist.md delete mode 100644 docs/phase-265-checklist.md delete mode 100644 docs/phase-266-checklist.md delete mode 100644 docs/phase-267-checklist.md delete mode 100644 docs/phase-268-checklist.md delete mode 100644 docs/phase-269-checklist.md delete mode 100644 docs/phase-270-checklist.md delete mode 100644 docs/phase-271-checklist.md delete mode 100644 docs/phase-272-checklist.md delete mode 100644 docs/phase-273-checklist.md delete mode 100644 docs/phase-274-checklist.md delete mode 100644 docs/phase-275-checklist.md delete mode 100644 docs/phase-280-checklist.md delete mode 100644 docs/phase-281-checklist.md delete mode 100644 docs/phase-282-checklist.md delete mode 100644 docs/phase-283-checklist.md delete mode 100644 docs/phase-284-checklist.md delete mode 100644 docs/phase-285-checklist.md delete mode 100644 docs/phase-286-checklist.md delete mode 100644 docs/phase-287-checklist.md delete mode 100644 docs/phase-288-checklist.md delete mode 100644 docs/phase-289-checklist.md delete mode 100644 docs/phase-290-checklist.md delete mode 100644 docs/phase-291-checklist.md delete mode 100644 docs/phase-292-checklist.md delete mode 100644 docs/phase-293-checklist.md delete mode 100644 docs/phase-294-checklist.md delete mode 100644 docs/phase-295-checklist.md delete mode 100644 docs/phase-296-checklist.md delete mode 100644 docs/phase-297-checklist.md delete mode 100644 docs/phase-298-checklist.md delete mode 100644 docs/phase-299-checklist.md delete mode 100644 docs/phase-301-checklist.md delete mode 100644 docs/phase-302-checklist.md delete mode 100644 docs/phase-303-checklist.md delete mode 100644 docs/phase-304-checklist.md delete mode 100644 docs/phase-305-checklist.md delete mode 100644 docs/phase-306-checklist.md delete mode 100644 docs/phase-307-checklist.md delete mode 100644 docs/phase-308-checklist.md delete mode 100644 docs/phase-309-checklist.md delete mode 100644 docs/phase-310-checklist.md delete mode 100644 docs/phase-315-checklist.md delete mode 100644 docs/phase-316-checklist.md delete mode 100644 docs/phase-317-checklist.md delete mode 100644 docs/phase-318-checklist.md delete mode 100644 docs/phase-319-checklist.md delete mode 100644 docs/phase-320-checklist.md delete mode 100644 docs/phase-321-checklist.md delete mode 100644 docs/phase-322-checklist.md delete mode 100644 docs/phase-323-checklist.md delete mode 100644 docs/phase-324-checklist.md delete mode 100644 docs/phase-325-checklist.md delete mode 100644 docs/phase-330-checklist.md delete mode 100644 docs/phase-331-checklist.md delete mode 100644 docs/phase-332-checklist.md delete mode 100644 docs/phase-333-checklist.md delete mode 100644 docs/phase-334-checklist.md delete mode 100644 docs/phase-335-checklist.md delete mode 100644 docs/phase-336-checklist.md delete mode 100644 docs/phase-337-checklist.md delete mode 100644 docs/phase-338-checklist.md delete mode 100644 docs/phase-339-checklist.md delete mode 100644 docs/phase-340-checklist.md delete mode 100644 docs/phase-341-checklist.md delete mode 100644 docs/phase-342-checklist.md delete mode 100644 docs/phase-343-checklist.md delete mode 100644 docs/phase-344-checklist.md delete mode 100644 docs/phase-345-checklist.md delete mode 100644 docs/phase-346-checklist.md delete mode 100644 docs/phase-347-checklist.md delete mode 100644 docs/phase-348-checklist.md delete mode 100644 docs/phase-349-checklist.md delete mode 100644 docs/phase-40-checklist.md delete mode 100644 docs/phase-60-checklist.md rename docs/{phase-1-checklist.md => scope-1-checklist.md} (84%) rename docs/{phase-10-checklist.md => scope-10-checklist.md} (77%) rename docs/{phase-100-checklist.md => scope-100-checklist.md} (55%) rename docs/{phase-101-checklist.md => scope-101-checklist.md} (64%) rename docs/{phase-102-checklist.md => scope-102-checklist.md} (70%) rename docs/{phase-103-checklist.md => scope-103-checklist.md} (73%) rename docs/{phase-104-checklist.md => scope-104-checklist.md} (70%) rename docs/{phase-105-checklist.md => scope-105-checklist.md} (70%) rename docs/{phase-106-checklist.md => scope-106-checklist.md} (68%) rename docs/{phase-107-checklist.md => scope-107-checklist.md} (73%) rename docs/{phase-108-checklist.md => scope-108-checklist.md} (72%) rename docs/{phase-109-checklist.md => scope-109-checklist.md} (73%) rename docs/{phase-11-checklist.md => scope-11-checklist.md} (75%) rename docs/{phase-110-checklist.md => scope-110-checklist.md} (72%) rename docs/{phase-111-checklist.md => scope-111-checklist.md} (76%) rename docs/{phase-112-checklist.md => scope-112-checklist.md} (78%) rename docs/{phase-113-checklist.md => scope-113-checklist.md} (78%) rename docs/{phase-114-checklist.md => scope-114-checklist.md} (76%) rename docs/{phase-115-checklist.md => scope-115-checklist.md} (78%) rename docs/{phase-116-checklist.md => scope-116-checklist.md} (76%) rename docs/{phase-117-checklist.md => scope-117-checklist.md} (76%) rename docs/{phase-118-checklist.md => scope-118-checklist.md} (76%) rename docs/{phase-119-checklist.md => scope-119-checklist.md} (76%) rename docs/{phase-12-checklist.md => scope-12-checklist.md} (81%) rename docs/{phase-120-checklist.md => scope-120-checklist.md} (70%) rename docs/{phase-121-checklist.md => scope-121-checklist.md} (77%) rename docs/{phase-122-checklist.md => scope-122-checklist.md} (68%) create mode 100644 docs/scope-123-checklist.md rename docs/{phase-124-checklist.md => scope-124-checklist.md} (68%) rename docs/{phase-125-checklist.md => scope-125-checklist.md} (67%) rename docs/{phase-126-checklist.md => scope-126-checklist.md} (67%) create mode 100644 docs/scope-127-checklist.md rename docs/{phase-128-checklist.md => scope-128-checklist.md} (70%) create mode 100644 docs/scope-129-checklist.md rename docs/{phase-13-checklist.md => scope-13-checklist.md} (84%) rename docs/{phase-130-checklist.md => scope-130-checklist.md} (68%) rename docs/{phase-127-checklist.md => scope-131-checklist.md} (66%) rename docs/{phase-132-checklist.md => scope-132-checklist.md} (68%) rename docs/{phase-133-checklist.md => scope-133-checklist.md} (68%) rename docs/{phase-134-checklist.md => scope-134-checklist.md} (71%) create mode 100644 docs/scope-135-checklist.md rename docs/{phase-136-checklist.md => scope-136-checklist.md} (67%) rename docs/{phase-138-checklist.md => scope-137-checklist.md} (67%) rename docs/{phase-148-checklist.md => scope-138-checklist.md} (67%) rename docs/{phase-139-checklist.md => scope-139-checklist.md} (67%) rename docs/{phase-14-checklist.md => scope-14-checklist.md} (72%) rename docs/{phase-140-checklist.md => scope-140-checklist.md} (67%) rename docs/{phase-141-checklist.md => scope-141-checklist.md} (67%) rename docs/{phase-143-checklist.md => scope-142-checklist.md} (67%) create mode 100644 docs/scope-143-checklist.md create mode 100644 docs/scope-144-checklist.md rename docs/{phase-129-checklist.md => scope-145-checklist.md} (67%) rename docs/{phase-142-checklist.md => scope-146-checklist.md} (67%) rename docs/{phase-137-checklist.md => scope-147-checklist.md} (67%) create mode 100644 docs/scope-148-checklist.md rename docs/{phase-149-checklist.md => scope-149-checklist.md} (67%) rename docs/{phase-15-checklist.md => scope-15-checklist.md} (68%) rename docs/{phase-150-checklist.md => scope-150-checklist.md} (67%) rename docs/{phase-151-checklist.md => scope-151-checklist.md} (71%) rename docs/{phase-154-checklist.md => scope-152-checklist.md} (70%) rename docs/{phase-166-checklist.md => scope-153-checklist.md} (71%) rename docs/{phase-162-checklist.md => scope-154-checklist.md} (71%) rename docs/{phase-155-checklist.md => scope-155-checklist.md} (71%) create mode 100644 docs/scope-156-checklist.md rename docs/{phase-153-checklist.md => scope-157-checklist.md} (71%) rename docs/{phase-157-checklist.md => scope-158-checklist.md} (70%) create mode 100644 docs/scope-159-checklist.md rename docs/{phase-16-checklist.md => scope-16-checklist.md} (73%) rename docs/{phase-160-checklist.md => scope-160-checklist.md} (65%) rename docs/{phase-163-checklist.md => scope-161-checklist.md} (71%) rename docs/{phase-169-checklist.md => scope-162-checklist.md} (71%) rename docs/{phase-161-checklist.md => scope-163-checklist.md} (71%) rename docs/{phase-156-checklist.md => scope-164-checklist.md} (70%) rename docs/{phase-165-checklist.md => scope-165-checklist.md} (72%) create mode 100644 docs/scope-166-checklist.md create mode 100644 docs/scope-167-checklist.md create mode 100644 docs/scope-168-checklist.md create mode 100644 docs/scope-169-checklist.md rename docs/{phase-17-checklist.md => scope-17-checklist.md} (76%) rename docs/{phase-170-checklist.md => scope-170-checklist.md} (72%) create mode 100644 docs/scope-171-checklist.md create mode 100644 docs/scope-172-checklist.md create mode 100644 docs/scope-173-checklist.md create mode 100644 docs/scope-174-checklist.md rename docs/{phase-175-checklist.md => scope-175-checklist.md} (74%) create mode 100644 docs/scope-176-checklist.md create mode 100644 docs/scope-177-checklist.md create mode 100644 docs/scope-178-checklist.md create mode 100644 docs/scope-179-checklist.md rename docs/{phase-18-checklist.md => scope-18-checklist.md} (76%) create mode 100644 docs/scope-180-checklist.md create mode 100644 docs/scope-181-checklist.md create mode 100644 docs/scope-182-checklist.md create mode 100644 docs/scope-183-checklist.md create mode 100644 docs/scope-184-checklist.md create mode 100644 docs/scope-185-checklist.md rename docs/{phase-186-checklist.md => scope-186-checklist.md} (70%) rename docs/{phase-187-checklist.md => scope-187-checklist.md} (70%) rename docs/{phase-188-checklist.md => scope-188-checklist.md} (70%) rename docs/{phase-189-checklist.md => scope-189-checklist.md} (70%) rename docs/{phase-19-checklist.md => scope-19-checklist.md} (78%) create mode 100644 docs/scope-190-checklist.md create mode 100644 docs/scope-191-checklist.md create mode 100644 docs/scope-192-checklist.md create mode 100644 docs/scope-193-checklist.md create mode 100644 docs/scope-194-checklist.md create mode 100644 docs/scope-195-checklist.md create mode 100644 docs/scope-196-checklist.md create mode 100644 docs/scope-197-checklist.md create mode 100644 docs/scope-198-checklist.md create mode 100644 docs/scope-199-checklist.md rename docs/{phase-2-checklist.md => scope-2-checklist.md} (90%) rename docs/{phase-20-checklist.md => scope-20-checklist.md} (78%) rename docs/{phase-200-checklist.md => scope-200-checklist.md} (72%) rename docs/{phase-211-checklist.md => scope-201-checklist.md} (69%) rename docs/{phase-212-checklist.md => scope-202-checklist.md} (69%) rename docs/{phase-213-checklist.md => scope-203-checklist.md} (69%) rename docs/{phase-214-checklist.md => scope-204-checklist.md} (69%) create mode 100644 docs/scope-205-checklist.md create mode 100644 docs/scope-206-checklist.md create mode 100644 docs/scope-207-checklist.md create mode 100644 docs/scope-208-checklist.md create mode 100644 docs/scope-209-checklist.md rename docs/{phase-21-checklist.md => scope-21-checklist.md} (72%) create mode 100644 docs/scope-210-checklist.md create mode 100644 docs/scope-211-checklist.md create mode 100644 docs/scope-212-checklist.md create mode 100644 docs/scope-213-checklist.md create mode 100644 docs/scope-214-checklist.md create mode 100644 docs/scope-215-checklist.md create mode 100644 docs/scope-216-checklist.md create mode 100644 docs/scope-217-checklist.md create mode 100644 docs/scope-218-checklist.md create mode 100644 docs/scope-219-checklist.md rename docs/{phase-22-checklist.md => scope-22-checklist.md} (70%) create mode 100644 docs/scope-220-checklist.md rename docs/{phase-221-checklist.md => scope-221-checklist.md} (70%) rename docs/{phase-222-checklist.md => scope-222-checklist.md} (70%) rename docs/{phase-223-checklist.md => scope-223-checklist.md} (70%) rename docs/{phase-224-checklist.md => scope-224-checklist.md} (70%) create mode 100644 docs/scope-225-checklist.md rename docs/{phase-226-checklist.md => scope-226-checklist.md} (70%) rename docs/{phase-227-checklist.md => scope-227-checklist.md} (70%) rename docs/{phase-228-checklist.md => scope-228-checklist.md} (70%) rename docs/{phase-229-checklist.md => scope-229-checklist.md} (70%) rename docs/{phase-23-checklist.md => scope-23-checklist.md} (71%) create mode 100644 docs/scope-230-checklist.md create mode 100644 docs/scope-231-checklist.md create mode 100644 docs/scope-232-checklist.md create mode 100644 docs/scope-233-checklist.md create mode 100644 docs/scope-234-checklist.md create mode 100644 docs/scope-235-checklist.md create mode 100644 docs/scope-236-checklist.md create mode 100644 docs/scope-237-checklist.md create mode 100644 docs/scope-238-checklist.md create mode 100644 docs/scope-239-checklist.md rename docs/{phase-24-checklist.md => scope-24-checklist.md} (68%) create mode 100644 docs/scope-240-checklist.md create mode 100644 docs/scope-241-checklist.md create mode 100644 docs/scope-242-checklist.md create mode 100644 docs/scope-243-checklist.md create mode 100644 docs/scope-244-checklist.md create mode 100644 docs/scope-245-checklist.md create mode 100644 docs/scope-246-checklist.md create mode 100644 docs/scope-247-checklist.md create mode 100644 docs/scope-248-checklist.md create mode 100644 docs/scope-249-checklist.md rename docs/{phase-25-checklist.md => scope-25-checklist.md} (73%) rename docs/{phase-250-checklist.md => scope-250-checklist.md} (71%) rename docs/{phase-251-checklist.md => scope-251-checklist.md} (69%) rename docs/{phase-252-checklist.md => scope-252-checklist.md} (69%) rename docs/{phase-253-checklist.md => scope-253-checklist.md} (69%) rename docs/{phase-254-checklist.md => scope-254-checklist.md} (69%) create mode 100644 docs/scope-255-checklist.md create mode 100644 docs/scope-256-checklist.md create mode 100644 docs/scope-257-checklist.md create mode 100644 docs/scope-258-checklist.md create mode 100644 docs/scope-259-checklist.md rename docs/{phase-26-checklist.md => scope-26-checklist.md} (67%) create mode 100644 docs/scope-260-checklist.md create mode 100644 docs/scope-261-checklist.md create mode 100644 docs/scope-262-checklist.md create mode 100644 docs/scope-263-checklist.md create mode 100644 docs/scope-264-checklist.md create mode 100644 docs/scope-265-checklist.md create mode 100644 docs/scope-266-checklist.md create mode 100644 docs/scope-267-checklist.md create mode 100644 docs/scope-268-checklist.md create mode 100644 docs/scope-269-checklist.md rename docs/{phase-27-checklist.md => scope-27-checklist.md} (68%) create mode 100644 docs/scope-270-checklist.md create mode 100644 docs/scope-271-checklist.md create mode 100644 docs/scope-272-checklist.md create mode 100644 docs/scope-273-checklist.md create mode 100644 docs/scope-274-checklist.md create mode 100644 docs/scope-275-checklist.md rename docs/{phase-276-checklist.md => scope-276-checklist.md} (69%) rename docs/{phase-277-checklist.md => scope-277-checklist.md} (69%) rename docs/{phase-278-checklist.md => scope-278-checklist.md} (69%) rename docs/{phase-279-checklist.md => scope-279-checklist.md} (69%) rename docs/{phase-28-checklist.md => scope-28-checklist.md} (69%) create mode 100644 docs/scope-280-checklist.md create mode 100644 docs/scope-281-checklist.md create mode 100644 docs/scope-282-checklist.md create mode 100644 docs/scope-283-checklist.md create mode 100644 docs/scope-284-checklist.md create mode 100644 docs/scope-285-checklist.md create mode 100644 docs/scope-286-checklist.md create mode 100644 docs/scope-287-checklist.md create mode 100644 docs/scope-288-checklist.md create mode 100644 docs/scope-289-checklist.md rename docs/{phase-29-checklist.md => scope-29-checklist.md} (66%) create mode 100644 docs/scope-290-checklist.md create mode 100644 docs/scope-291-checklist.md create mode 100644 docs/scope-292-checklist.md create mode 100644 docs/scope-293-checklist.md create mode 100644 docs/scope-294-checklist.md create mode 100644 docs/scope-295-checklist.md create mode 100644 docs/scope-296-checklist.md create mode 100644 docs/scope-297-checklist.md create mode 100644 docs/scope-298-checklist.md create mode 100644 docs/scope-299-checklist.md rename docs/{phase-3-checklist.md => scope-3-checklist.md} (90%) rename docs/{phase-30-checklist.md => scope-30-checklist.md} (69%) rename docs/{phase-300-checklist.md => scope-300-checklist.md} (71%) create mode 100644 docs/scope-301-checklist.md create mode 100644 docs/scope-302-checklist.md create mode 100644 docs/scope-303-checklist.md create mode 100644 docs/scope-304-checklist.md create mode 100644 docs/scope-305-checklist.md create mode 100644 docs/scope-306-checklist.md create mode 100644 docs/scope-307-checklist.md create mode 100644 docs/scope-308-checklist.md create mode 100644 docs/scope-309-checklist.md rename docs/{phase-31-checklist.md => scope-31-checklist.md} (73%) create mode 100644 docs/scope-310-checklist.md rename docs/{phase-311-checklist.md => scope-311-checklist.md} (69%) rename docs/{phase-312-checklist.md => scope-312-checklist.md} (69%) rename docs/{phase-313-checklist.md => scope-313-checklist.md} (69%) rename docs/{phase-314-checklist.md => scope-314-checklist.md} (69%) create mode 100644 docs/scope-315-checklist.md create mode 100644 docs/scope-316-checklist.md create mode 100644 docs/scope-317-checklist.md create mode 100644 docs/scope-318-checklist.md create mode 100644 docs/scope-319-checklist.md rename docs/{phase-32-checklist.md => scope-32-checklist.md} (69%) create mode 100644 docs/scope-320-checklist.md create mode 100644 docs/scope-321-checklist.md create mode 100644 docs/scope-322-checklist.md create mode 100644 docs/scope-323-checklist.md create mode 100644 docs/scope-324-checklist.md create mode 100644 docs/scope-325-checklist.md rename docs/{phase-326-checklist.md => scope-326-checklist.md} (69%) rename docs/{phase-327-checklist.md => scope-327-checklist.md} (69%) rename docs/{phase-328-checklist.md => scope-328-checklist.md} (69%) rename docs/{phase-329-checklist.md => scope-329-checklist.md} (69%) rename docs/{phase-33-checklist.md => scope-33-checklist.md} (67%) create mode 100644 docs/scope-330-checklist.md create mode 100644 docs/scope-331-checklist.md create mode 100644 docs/scope-332-checklist.md create mode 100644 docs/scope-333-checklist.md create mode 100644 docs/scope-334-checklist.md create mode 100644 docs/scope-335-checklist.md create mode 100644 docs/scope-336-checklist.md create mode 100644 docs/scope-337-checklist.md create mode 100644 docs/scope-338-checklist.md create mode 100644 docs/scope-339-checklist.md rename docs/{phase-34-checklist.md => scope-34-checklist.md} (66%) create mode 100644 docs/scope-340-checklist.md create mode 100644 docs/scope-341-checklist.md create mode 100644 docs/scope-342-checklist.md create mode 100644 docs/scope-343-checklist.md create mode 100644 docs/scope-344-checklist.md create mode 100644 docs/scope-345-checklist.md create mode 100644 docs/scope-346-checklist.md create mode 100644 docs/scope-347-checklist.md create mode 100644 docs/scope-348-checklist.md create mode 100644 docs/scope-349-checklist.md rename docs/{phase-35-checklist.md => scope-35-checklist.md} (69%) rename docs/{phase-350-checklist.md => scope-350-checklist.md} (71%) rename docs/{phase-351-checklist.md => scope-351-checklist.md} (76%) rename docs/{phase-36-checklist.md => scope-36-checklist.md} (67%) rename docs/{phase-37-checklist.md => scope-37-checklist.md} (69%) rename docs/{phase-38-checklist.md => scope-38-checklist.md} (67%) rename docs/{phase-39-checklist.md => scope-39-checklist.md} (52%) rename docs/{phase-4-checklist.md => scope-4-checklist.md} (87%) rename docs/{phase-4-preemption-checkpoint.md => scope-4-preemption-checkpoint.md} (94%) create mode 100644 docs/scope-40-checklist.md rename docs/{phase-41-checklist.md => scope-41-checklist.md} (67%) rename docs/{phase-42-checklist.md => scope-42-checklist.md} (65%) rename docs/{phase-43-checklist.md => scope-43-checklist.md} (68%) rename docs/{phase-44-checklist.md => scope-44-checklist.md} (66%) rename docs/{phase-45-checklist.md => scope-45-checklist.md} (65%) rename docs/{phase-46-checklist.md => scope-46-checklist.md} (65%) rename docs/{phase-47-checklist.md => scope-47-checklist.md} (65%) rename docs/{phase-48-checklist.md => scope-48-checklist.md} (65%) rename docs/{phase-49-checklist.md => scope-49-checklist.md} (68%) rename docs/{phase-5-checklist.md => scope-5-checklist.md} (89%) rename docs/{phase-50-checklist.md => scope-50-checklist.md} (56%) rename docs/{phase-51-checklist.md => scope-51-checklist.md} (71%) rename docs/{phase-52-checklist.md => scope-52-checklist.md} (67%) rename docs/{phase-53-checklist.md => scope-53-checklist.md} (68%) rename docs/{phase-54-checklist.md => scope-54-checklist.md} (69%) rename docs/{phase-55-checklist.md => scope-55-checklist.md} (67%) rename docs/{phase-56-checklist.md => scope-56-checklist.md} (68%) rename docs/{phase-57-checklist.md => scope-57-checklist.md} (66%) rename docs/{phase-58-checklist.md => scope-58-checklist.md} (67%) rename docs/{phase-59-checklist.md => scope-59-checklist.md} (67%) rename docs/{phase-6-checklist.md => scope-6-checklist.md} (79%) create mode 100644 docs/scope-60-checklist.md rename docs/{phase-61-checklist.md => scope-61-checklist.md} (68%) rename docs/{phase-62-checklist.md => scope-62-checklist.md} (72%) rename docs/{phase-63-checklist.md => scope-63-checklist.md} (68%) rename docs/{phase-64-checklist.md => scope-64-checklist.md} (66%) rename docs/{phase-65-checklist.md => scope-65-checklist.md} (68%) rename docs/{phase-66-checklist.md => scope-66-checklist.md} (67%) rename docs/{phase-67-checklist.md => scope-67-checklist.md} (68%) rename docs/{phase-68-checklist.md => scope-68-checklist.md} (67%) rename docs/{phase-69-checklist.md => scope-69-checklist.md} (66%) rename docs/{phase-7-checklist.md => scope-7-checklist.md} (84%) rename docs/{phase-70-checklist.md => scope-70-checklist.md} (51%) rename docs/{phase-71-checklist.md => scope-71-checklist.md} (69%) rename docs/{phase-72-checklist.md => scope-72-checklist.md} (59%) rename docs/{phase-73-checklist.md => scope-73-checklist.md} (68%) rename docs/{phase-74-checklist.md => scope-74-checklist.md} (67%) rename docs/{phase-75-checklist.md => scope-75-checklist.md} (68%) rename docs/{phase-76-checklist.md => scope-76-checklist.md} (66%) rename docs/{phase-77-checklist.md => scope-77-checklist.md} (60%) rename docs/{phase-78-checklist.md => scope-78-checklist.md} (69%) rename docs/{phase-79-checklist.md => scope-79-checklist.md} (68%) rename docs/{phase-8-checklist.md => scope-8-checklist.md} (83%) rename docs/{phase-80-checklist.md => scope-80-checklist.md} (50%) rename docs/{phase-81-checklist.md => scope-81-checklist.md} (72%) rename docs/{phase-82-checklist.md => scope-82-checklist.md} (64%) rename docs/{phase-83-checklist.md => scope-83-checklist.md} (68%) rename docs/{phase-84-checklist.md => scope-84-checklist.md} (65%) rename docs/{phase-85-checklist.md => scope-85-checklist.md} (66%) rename docs/{phase-86-checklist.md => scope-86-checklist.md} (65%) rename docs/{phase-87-checklist.md => scope-87-checklist.md} (56%) rename docs/{phase-88-checklist.md => scope-88-checklist.md} (64%) rename docs/{phase-89-checklist.md => scope-89-checklist.md} (65%) rename docs/{phase-9-checklist.md => scope-9-checklist.md} (80%) rename docs/{phase-90-checklist.md => scope-90-checklist.md} (53%) rename docs/{phase-91-checklist.md => scope-91-checklist.md} (69%) rename docs/{phase-92-checklist.md => scope-92-checklist.md} (64%) rename docs/{phase-93-checklist.md => scope-93-checklist.md} (65%) rename docs/{phase-94-checklist.md => scope-94-checklist.md} (67%) rename docs/{phase-95-checklist.md => scope-95-checklist.md} (67%) rename docs/{phase-96-checklist.md => scope-96-checklist.md} (63%) rename docs/{phase-97-checklist.md => scope-97-checklist.md} (67%) rename docs/{phase-98-checklist.md => scope-98-checklist.md} (67%) rename docs/{phase-99-checklist.md => scope-99-checklist.md} (66%) create mode 100644 kernel/build.rs create mode 100644 kernel/src/block_cache.rs create mode 100644 kernel/src/buddy.rs create mode 100644 kernel/src/cow_fork.rs create mode 100644 kernel/src/embedded_hello_alloc.rs create mode 100644 kernel/src/embedded_mendo.rs create mode 100644 kernel/src/embedded_ring3_io_demo.rs create mode 100644 kernel/src/embedded_sig_demo.rs create mode 100644 kernel/src/ext2.rs create mode 100644 kernel/src/posix_server.rs create mode 100644 kernel/src/signal.rs create mode 100644 kernel/src/vfs.rs rename phase_checklist_schema.toml => scope_checklist_schema.toml (83%) rename phase_snapshots.toml => scope_snapshots.toml (56%) create mode 100644 scripts/fix_scope_checklist_backticks.py create mode 100644 scripts/gate/clan_rt_heap.py create mode 100644 scripts/gate/clan_rt_ring3.py create mode 100644 scripts/gate/compat_subsystems.py create mode 100644 scripts/gate/cow_fork.py create mode 100644 scripts/gate/ext2_create_unlink.py create mode 100644 scripts/gate/ext2_write.py create mode 100644 scripts/gate/fd_capacity.py create mode 100644 scripts/gate/mmap_vfs.py create mode 100644 scripts/gate/posix_server.py create mode 100644 scripts/gate/ring3_sig_delivery.py create mode 100644 scripts/gate/signal_delivery.py create mode 100644 scripts/gate/signal_skeleton.py create mode 100644 scripts/gate/virtio_net_txrx.py rename scripts/{gen_phase_checklists_101_150.py => gen_scope_checklists_101_150.py} (89%) rename scripts/{gen_phase_checklists_151_350.py => gen_scope_checklists_151_350.py} (85%) delete mode 100644 scripts/migrate_phase_docs.py delete mode 100644 scripts/phase401_clan_rt_check.py delete mode 100644 scripts/phase4_soak_check.py delete mode 100755 scripts/phase5_latency_check.py delete mode 100755 scripts/phase5_soak_check.py create mode 100644 scripts/rename_clanos.py rename scripts/{phase_checklist_spot_check.py => scope_checklist_spot_check.py} (56%) delete mode 100644 scripts/update_phase101_110_checklists.py delete mode 100644 scripts/update_phase111_120_checklists.py create mode 100644 userland/hello-alloc/.cargo/config.toml create mode 100644 userland/hello-alloc/Cargo.toml create mode 100644 userland/hello-alloc/linker.ld create mode 100644 userland/hello-alloc/src/main.rs create mode 100644 userland/mendo/.cargo/config.toml create mode 100644 userland/mendo/Cargo.toml create mode 100644 userland/mendo/linker.ld create mode 100644 userland/mendo/src/interp.rs create mode 100644 userland/mendo/src/lexer.rs create mode 100644 userland/mendo/src/main.rs create mode 100644 userland/mendo/src/parser.rs create mode 100644 userland/mendo/src/syscall.rs create mode 100644 userland/ring3-io-demo/.cargo/config.toml create mode 100644 userland/ring3-io-demo/Cargo.toml create mode 100644 userland/ring3-io-demo/linker.ld create mode 100644 userland/ring3-io-demo/src/main.rs create mode 100644 userland/ring3-io-demo/src/syscall.rs create mode 100644 userland/sig-demo/.cargo/config.toml create mode 100644 userland/sig-demo/Cargo.toml create mode 100644 userland/sig-demo/linker.ld create mode 100644 userland/sig-demo/src/main.rs create mode 100644 userland/src/heap.rs create mode 100644 userland/src/ring3_syscall.rs create mode 100644 userland/src/syscalls.rs diff --git a/.cursor/plans/clanos_build_151_350.plan.md b/.cursor/plans/clanos_build_151_350.plan.md index 237d7fe..ed126c6 100644 --- a/.cursor/plans/clanos_build_151_350.plan.md +++ b/.cursor/plans/clanos_build_151_350.plan.md @@ -1,5 +1,5 @@ --- -name: AresOS Build 151-350 +name: Clan OS Build 151-350 status: active overview: "Post-150 roadmap through milestone 350 (1.0 release). Epochs 7–14; stub graduation then hardware, federation, formal model, release." todos: @@ -7,25 +7,25 @@ todos: content: "Epoch 7 planning: ROADMAP_151_350, gaps 346-350, checklists, reopen wontfix" status: completed - id: epoch7-stub-grad - content: "Epoch 7 phases 151-175: loom, OOM, audit/build, Kani CI" + content: "Epoch 7 scopes 151-175: loom, OOM, audit/build, Kani CI" status: completed - id: epoch8-m200 - content: "Epoch 8 phases 176-200: SCHEDULING_UNIFIED, meta-semantics, M200 gate" + content: "Epoch 8 scopes 176-200: SCHEDULING_UNIFIED, meta-semantics, M200 gate" status: completed - id: epoch9-10-m250 - content: "Epochs 9-10 phases 201-250: SDK, hardware, M250 gate" + content: "Epochs 9-10 scopes 201-250: SDK, hardware, M250 gate" status: completed - id: epoch11-12-m300 - content: "Epochs 11-12 phases 251-300: drivers, federation, M300 gate" + content: "Epochs 11-12 scopes 251-300: drivers, federation, M300 gate" status: completed - id: epoch13-14-m350 - content: "Epochs 13-14 phases 301-350: checkpoint, Tier D, 1.0 release" + content: "Epochs 13-14 scopes 301-350: checkpoint, Tier D, 1.0 release" status: completed isProject: false --- -# AresOS: Phases 151–350 (Post-150) +# Clan OS: Scopes 151–350 (Post-150) -Living successor to archived `aresos_full_os_build_b960e4a0.plan.md`. Authority: [ROADMAP_151_350.md](../../docs/ROADMAP_151_350.md) + [gap_registry.toml](../../gap_registry.toml). +Living successor to archived `clanos_full_os_build_b960e4a0.plan.md`. Authority: [ROADMAP_151_350.md](../../docs/ROADMAP_151_350.md) + [gap_registry.toml](../../gap_registry.toml). -See attached plan_through_phase_350 for full epoch band detail. +See attached plan_through_scope_350 for full epoch band detail. diff --git a/.cursor/plans/clanos_full_os_build_b960e4a0.plan.md b/.cursor/plans/clanos_full_os_build_b960e4a0.plan.md index a772f96..6832150 100644 --- a/.cursor/plans/clanos_full_os_build_b960e4a0.plan.md +++ b/.cursor/plans/clanos_full_os_build_b960e4a0.plan.md @@ -1,5 +1,5 @@ --- -name: AresOS Full OS Build +name: Clan OS Full OS Build status: superseded-by: gap_registry.toml overview: "COMPLETE — superseded by gap_registry.toml + CHARTER.md + DESIGN_NORTH_STAR.md. Milestone 150 + epoch 0 evidence tier delivered; historical planning record (scope-freeze 5961eb7)." todos: @@ -21,26 +21,26 @@ todos: - id: epoch0-process-covenant content: "Epoch 0: CHARTER.md; gap_registry.toml; reviewer currency; epoch-0 DAG in prereq_graph; gate commit reviewer" status: completed - - id: epoch1-phase-121 - content: "Phase 121: service loader + E-00 + MEM_BUDGET_STUB + CAP_QUOTA_STUB + audit bootstrap; phase-owner in checklist" + - id: epoch1-scope-121 + content: "Scope 121: service loader + E-00 + MEM_BUDGET_STUB + CAP_QUOTA_STUB + audit bootstrap; scope-owner in checklist" status: completed - id: epoch1-audit-wire-compat content: "Epoch 1 prereq: AUDIT_SUBSYSTEM.md + WIRE_SCHEMA_REGISTRY.md + COMPAT_ISOLATION.md + COMPAT_SUNSET; interim IPC spec" status: completed - id: epoch1-brokers-130 - content: "Phases 122-130: brokers, compat review, ABI_NATIVE_SYSCALL before 128; IPC_VERSION_NEGOTIATION before 134" + content: "Scopes 122-130: brokers, compat review, ABI_NATIVE_SYSCALL before 128; IPC_VERSION_NEGOTIATION before 134" status: completed - id: epoch2-prereqs - content: "Epoch 2: ABI_ARES_RT, VIRTIO_SAFETY, BUILD_INTEGRITY; virtio-blk then userland commits" + content: "Epoch 2: ABI_CLAN_RT, VIRTIO_SAFETY, BUILD_INTEGRITY; virtio-blk then userland commits" status: completed - id: epoch3-ipc-140 - content: "Phases 131-140: signed images; phase 134 removes interim IPC (counter=0 test); audit correlation" + content: "Scopes 131-140: signed images; scope 134 removes interim IPC (counter=0 test); audit correlation" status: completed - id: epoch4-planning-networking content: "Epoch 4: pre-epoch planning commit (network/socket checklists, threat nodes, fuzz targets); then virtio-net + compat sockets" status: completed - id: epoch5-loom-smp-a11y - content: "Phases 141-142 loom tests; ABI_COMPOSITOR_IPC (+ a11y extension point) before 145; OOM phase 147 (suspend=frozen-in-memory, checkpoint post-150)" + content: "Scopes 141-142 loom tests; ABI_COMPOSITOR_IPC (+ a11y extension point) before 145; OOM scope 147 (suspend=frozen-in-memory, checkpoint post-150)" status: completed - id: epoch6-targets content: "Epoch 6: ARCHITECTURE_TARGETS.md; real hardware; side-channel/physical threat re-evaluation" @@ -48,18 +48,18 @@ todos: isProject: false --- -# AresOS: Build to a Rust-Native OS That Surpasses Linux and Windows +# Clan OS: Build to a Rust-Native OS That Surpasses Linux and Windows ## Guiding principle: do not rush -- **One phase per cycle** — validate, soak, benchmark, **commit**, then next phase +- **One scope per cycle** — validate, soak, benchmark, **commit**, then next scope - **Spec before code** — docs + threat-node mapping before kernel changes - **Honest evidence tiers** — proptest is **not** formal verification; Kani/Verus are distinct tiers ([`PROOF_COVERAGE.md`](docs/PROOF_COVERAGE.md)) -- **Contract before enforcement** — stubs (`MEM_BUDGET_STUB`, `CAP_QUOTA_STUB`) from phase 121; full policy later -- **One commit per phase** — phase owner signs off; documented revert + epoch failure procedures +- **Contract before enforcement** — stubs (`MEM_BUDGET_STUB`, `CAP_QUOTA_STUB`) from scope 121; full policy later +- **One commit per scope** — scope owner signs off; documented revert + epoch failure procedures - **Epoch 0 is deliberately larger** — schedule trade accepted to avoid undefined behavior in epochs 1–4 -Estimated pace: **1–3 phases/month**. Milestone 150 is **multi-year**. +Estimated pace: **1–3 scopes/month**. Milestone 150 is **multi-year**. --- @@ -101,12 +101,12 @@ Estimated pace: **1–3 phases/month**. Milestone 150 is **multi-year**. | 4 | No audit | [`AUDIT_SUBSYSTEM.md`](docs/AUDIT_SUBSYSTEM.md) + impl | Prereq epoch 1; epochs 1–3 | | 5 | Coarse epoch gates | Validation pyramid + **calibrated** benchmarks | Epoch 0 | | 6 | Rights algebra unproven | proptest **+ Kani** (+ Verus selective) | Epoch 0 | -| 7 | No admission control | E-00 + ERROR_TAXONOMY class mapping | Phase 121 | +| 7 | No admission control | E-00 + ERROR_TAXONOMY class mapping | Scope 121 | | 8 | Compat no sunset | [`COMPAT_SUNSET.md`](docs/COMPAT_SUNSET.md) + **compat review** each epoch gate | Epoch 1 | -| 9 | OOM undefined early | **MEM_BUDGET_STUB** phase 121; full shed/terminate phase 147 | Split | +| 9 | OOM undefined early | **MEM_BUDGET_STUB** scope 121; full shed/terminate scope 147 | Split | | 10 | Git no rollback | Revert procedure | Commit discipline | -| 11 | Phase 128 allowlist | [`ABI_NATIVE_SYSCALL.md`](docs/ABI_NATIVE_SYSCALL.md) + V-01 | Before 128 | -| 12 | `ares-rt` ABI | [`ABI_ARES_RT.md`](docs/ABI_ARES_RT.md) | Epoch 2 prereq; forward ABI stability policy | +| 11 | Scope 128 allowlist | [`ABI_NATIVE_SYSCALL.md`](docs/ABI_NATIVE_SYSCALL.md) + V-01 | Before 128 | +| 12 | `clan-rt` ABI | [`ABI_CLAN_RT.md`](docs/ABI_CLAN_RT.md) | Epoch 2 prereq; forward ABI stability policy | | 13 | Compositor IPC | [`ABI_COMPOSITOR_IPC.md`](docs/ABI_COMPOSITOR_IPC.md) | Before 145 | | 14 | virtio safety | [`VIRTIO_SAFETY.md`](docs/VIRTIO_SAFETY.md) | Before virtio-blk | | 15 | Brokers before endpoints | Interim IPC bridge `compat-internal` | 122–133; removed 134 | @@ -125,8 +125,8 @@ Estimated pace: **1–3 phases/month**. Milestone 150 is **multi-year**. | 23 | Interim IPC semantic debt | FIFO ordering spec, backpressure, **CI `compat-internal` counter → 0 at 134** | Epoch 1 spec | | 24 | SMP races | **loom** (or `SharedState`) per shared struct in 141–142 | Before epoch 5 AP | | 25 | Compat sunset no feedback | **Compat review** checklist at every epoch gate; metrics in commit + matrix | All epoch gates | -| 26 | Phase co-authorship | **Phase owner** in checklist / CODEOWNERS; only owner commits `feat(phase-NNN)` | Process | -| 27 | Benchmarks unanchored | **Calibration run** on phase 120; thresholds = % budget vs baseline | Epoch 0 | +| 26 | Scope co-authorship | **Scope owner** in checklist / CODEOWNERS; only owner commits `feat(scope-NNN)` | Process | +| 27 | Benchmarks unanchored | **Calibration run** on scope 120; thresholds = % budget vs baseline | Epoch 0 | | 28 | Doc versioning | `status:` header on every `/docs/*.md`; CI lint | Epoch 0 | | 29 | Hardware underspecified | [`ARCHITECTURE_TARGETS.md`](docs/ARCHITECTURE_TARGETS.md) — ISA priority, QEMU per epoch | Epoch 6 start | | 30 | "Surpasses" undefined | **Falsifiable scorecard** per north-star row in DESIGN_NORTH_STAR | Epoch 0 | @@ -143,14 +143,14 @@ Estimated pace: **1–3 phases/month**. Milestone 150 is **multi-year**. | 36 | Wire schemas diverge | [`WIRE_SCHEMA_REGISTRY.md`](docs/WIRE_SCHEMA_REGISTRY.md) — audit, errors, IPC, cap serialization + compat matrix | Epoch 1 prereq | | 37 | Suspend vs checkpoint ambiguous | **Suspend = frozen-in-memory** (no checkpoint); checkpoint **post-150** re-eval | FAULT_ESCALATION epoch 0 | | 38 | Compat shim isolation | [`COMPAT_ISOLATION.md`](docs/COMPAT_ISOLATION.md) + threat node; per-caller sessions, no ambient shim cap | Epoch 1 | -| 39 | IPC version negotiation | [`IPC_VERSION_NEGOTIATION.md`](docs/IPC_VERSION_NEGOTIATION.md) — discovery, downgrade, max spread | Before phase 134 | -| 40 | Fuzz stubs ≠ coverage | FUZZ_TARGETS — required boundary conditions per target | Epoch 0 def; graduate phase 121+ | +| 39 | IPC version negotiation | [`IPC_VERSION_NEGOTIATION.md`](docs/IPC_VERSION_NEGOTIATION.md) — discovery, downgrade, max spread | Before scope 134 | +| 40 | Fuzz stubs ≠ coverage | FUZZ_TARGETS — required boundary conditions per target | Epoch 0 def; graduate scope 121+ | | 41 | No project health visibility | `scripts/project_health.py` → [`STATUS.md`](STATUS.md) on epoch gates | Epoch 0 | | 42 | Third-party crate policy | [`DEPENDENCY_POLICY.md`](docs/DEPENDENCY_POLICY.md) — TCB allowlist per layer | Epoch 0 | | 43 | Revocation window underspecified | FAULT_ESCALATION + TEMPORAL alignment; Kani bounded-window property | Epoch 0 | | 44 | Epochs 2/4/5 thin on spec | **Pre-epoch planning commit** — first commit of epoch expands checklists | Process rule | | 45 | Source vs image rollback diverge | Source-image reconciliation in EPOCH_FAILURE_PROCEDURE | Epoch 0 | -| 46 | Accessibility not reserved | ABI_COMPOSITOR_IPC **a11y extension point** (screen reader, keyboard nav) | Before phase 145 | +| 46 | Accessibility not reserved | ABI_COMPOSITOR_IPC **a11y extension point** (screen reader, keyboard nav) | Before scope 145 | ### Round 4 (consistency / unstated obligations) @@ -159,13 +159,13 @@ Estimated pace: **1–3 phases/month**. Milestone 150 is **multi-year**. | 47 | KERNEL_OBJECT_MODEL not in plan inventory | **Ratify/extend** existing [`KERNEL_OBJECT_MODEL.md`](docs/KERNEL_OBJECT_MODEL.md) — lifecycle states, transitions, cap↔object mapping | Epoch 0 master ref | | 48 | Rights composition undefined | Composition laws in PROOF_COVERAGE / RIGHTS_ALGEBRA — chain order, dual-cap union policy | Epoch 0 + Kani | | 49 | No transfer protocol | [`CAP_TRANSFER_PROTOCOL.md`](docs/CAP_TRANSFER_PROTOCOL.md) — atomicity, intermediate states, panic mid-transfer | Epoch 0; Kani TOCTOU | -| 50 | Phase 134 semantic migration | Named property: interim-bridge behaviors ⊆ native endpoint; ordering smoke not just connectivity | IPC_VERSION_NEGOTIATION + phase 134 | +| 50 | Scope 134 semantic migration | Named property: interim-bridge behaviors ⊆ native endpoint; ordering smoke not just connectivity | IPC_VERSION_NEGOTIATION + scope 134 | | 51 | Audit integrity undefined | AUDIT_SUBSYSTEM: kernel-only write, tamper policy (chain hash if any), read-cap copy model | Epoch 1 | | 52 | Compat metric undefined | Fixed test corpus denominator; % scenarios native-only end-to-end | COMPAT_SUNSET epoch 1 | | 53 | Reproducible build pins vague | Tool manifest (rustc, LLVM, linker, proc-macros); dual-build hash CI | BUILD_INTEGRITY epoch 2 | | 54 | No unsafe review policy | [`UNSAFE_AUDIT.md`](docs/UNSAFE_AUDIT.md) — annotations, TCB second reviewer, count in STATUS | Epoch 0 | | 55 | Scheduler spec absent until epoch 5 | [`SCHEDULER_MODEL.md`](docs/SCHEDULER_MODEL.md) stub — caps vs handles, revoke while runnable, checkpoints | Epoch 0 / early 1 | -| 56 | OOM shed bidirectional path | Shed/ack wire format + ERROR class + timeout; stub in phase 121 checklist | 121 stub; 147 full | +| 56 | OOM shed bidirectional path | Shed/ack wire format + ERROR class + timeout; stub in scope 121 checklist | 121 stub; 147 full | | 57 | Kani vacuity on refactor | Coverage assertions in harnesses; reviewer check on modified verified functions | KANI_SCOPE epoch 0 | | 58 | Kernel stack overflow | Threat node; no-recursion / depth policy (clippy or lint) | THREAT_MODEL epoch 0 | | 59 | STATUS snapshot only | Delta vs prior epoch gate; wrong-direction deltas need commit justification | project_health epoch 0 | @@ -187,7 +187,7 @@ Estimated pace: **1–3 phases/month**. Milestone 150 is **multi-year**. | 70 | MemoryRegion rights | Shared memory cap-mediated; read/write/exec/resize rights | KERNEL_OBJECT_MODEL + THREAT_MODEL | | 71 | Machine-readable cap registry | [`CAP_REGISTRY.toml`](docs/CAP_REGISTRY.toml) or Rust enum — CI sync with docs | Epoch 0 | | 72 | Versioned threat nodes | Structured nodes (ID, epoch, status, tier, closing-commit); machine-checkable "zero open" | THREAT_MODEL epoch 0 | -| 73 | IPC negotiation proptest | Random version pairs across spread; downgrade edge cases | Before phase 134 | +| 73 | IPC negotiation proptest | Random version pairs across spread; downgrade edge cases | Before scope 134 | | 74 | Health JSON time series | `health_timeseries.json` appended each epoch gate | project_health epoch 0 | | 75 | Never stabilize before 1.0 | Parallel list to "will not do" — interim IPC, stub wire formats, etc. | DESIGN_NORTH_STAR epoch 0 | | 76 | Fault injection tier | Compile-time chaos flag for cap/syscall errors; pyramid layer | Epoch 1 stub; graduate epoch 3 | @@ -215,9 +215,9 @@ Estimated pace: **1–3 phases/month**. Milestone 150 is **multi-year**. | 93 | Proptest shrinking | Security props: log pre-shrink case or disable shrink | PROOF_COVERAGE | | 94 | Wire schema sunset | Schema version deprecation lifecycle (mirror COMPAT_SUNSET) | WIRE_SCHEMA_REGISTRY | | 95 | Cancel vs backpressure | Cancel out-of-band or guaranteed non-blocking | ABI_IPC epoch 3 | -| 96 | P-134 corpus unstable | Fixed P-134 corpus — format at IPC_VERSION_NEGOTIATION; **populated phase 133** (see #150) | Before 134 | +| 96 | P-134 corpus unstable | Fixed P-134 corpus — format at IPC_VERSION_NEGOTIATION; **populated scope 133** (see #150) | Before 134 | | 97 | health_timeseries retention | Schema version; epoch gates kept forever; intermediate checks capped | project_health | -| 98 | Delta justification review | Wrong-direction deltas need **second reviewer** (not phase owner) in commit | Process | +| 98 | Delta justification review | Wrong-direction deltas need **second reviewer** (not scope owner) in commit | Process | | 99 | project_health atomicity | Write temp + rename; non-zero exit blocks epoch gate | Epoch 0 | | 100 | New cap kind post-150 | **New cap kind checklist** placeholder (registry, threat, proof, error) | Epoch 0 | | 101 | A11y minimum contract | Unknown flags must not error; field versioned | ABI_COMPOSITOR_IPC | @@ -235,18 +235,18 @@ Estimated pace: **1–3 phases/month**. Milestone 150 is **multi-year**. | # | Gap / upgrade | Fix | When | |---|---------------|-----|------| | 110 | Doc sign-off quorum | **Epoch 0: unanimous** (3/3); later doc updates: majority + written dissent | Doc-epoch checklist | -| 111 | Registry reconciliation owner | Phase owner that introduced drift drives fix; multi-phase → most recent owner | EPOCH_FAILURE | +| 111 | Registry reconciliation owner | Scope owner that introduced drift drives fix; multi-scope → most recent owner | EPOCH_FAILURE | | 112 | Staging cross-doc consistency | **Cross-document review** at squash (not per-PR isolation) — domain sign-offs | Staging workflow | | 113 | Fault injection graduation | Deterministic tier triggers in CI; revoke-in-flight also Kani-covered before gate | FUZZ_TARGETS / epoch 3 | | 114 | Shim crash ordering | Unordered terminal errors **or** ordered with max teardown timeout | COMPAT_ISOLATION | | 115 | Schema sunset read-side | Deprecated schemas **stop write, remain decode forever** (audit forensics) | WIRE_SCHEMA_REGISTRY | | 116 | Planning commit reviewer | Epochs 2/4/5 planning commit: **non-owner reviewer** named in commit | Process | | 117 | New cap kind CI | New CAP_REGISTRY entry → grep verifies checklist docs mention kind | Epoch 1 CI | -| 118 | Phase commit + doc fixup | `fixup(phase-NNN): docs` allowed same phase window; no pyramid re-run unless behavior changes | Git discipline | +| 118 | Scope commit + doc fixup | `fixup(scope-NNN): docs` allowed same scope window; no pyramid re-run unless behavior changes | Git discipline | | 119 | TEMPORAL ratification checklist | All cross-refs verified vs epoch-0 FAULT_ESCALATION/SCHEDULER; fixes same commit | Epoch 0 | | 120 | Tier downgrade procedure | PROOF_COVERAGE tier decrease → justification + second reviewer; CI signal | Epoch 0 | | 121 | Pyramid parallelism | Staging: Kani invalidated only if harness-covered functions or deps change | KANI_SCOPE | -| 122 | Benchmark re-baseline | Rolling baseline = prior epoch gate; phase-120 historical only after epoch 2 | validation_matrix | +| 122 | Benchmark re-baseline | Rolling baseline = prior epoch gate; scope-120 historical only after epoch 2 | validation_matrix | | 123 | Benchmark stability both ways | Flag large P99 deviation vs prior gate **and** rolling median | project_health | | 124 | Kani version in registry | `kani_version` + re-run all security harnesses on Kani upgrade | Harness registry | | 125 | Error subcodes explicit | Stable terminal subcodes on wire; WIRE_SCHEMA + sunset per subcode | ERROR_TAXONOMY | @@ -279,7 +279,7 @@ Estimated pace: **1–3 phases/month**. Milestone 150 is **multi-year**. | 147 | Suspend vs audit flush | Security partition **must flush** before suspend; max flush timeout → block suspend or hard terminate | FAULT_ESCALATION + AUDIT | | 148 | compat-internal counter scope | Counter = **IPC bridge only** (122–133); epoch 4 sockets use COMPAT_SUNSET, not this counter | Interim IPC spec | | 149 | No-shrink wire proptest | `no_shrink` / pre-shrink log applies to IPC_VERSION_NEGOTIATION + wire format proptests | PROOF_COVERAGE | -| 150 | P-134 corpus timing | Spec + format at IPC_VERSION_NEGOTIATION; **corpus populated at phase 133** commit | Before 134 | +| 150 | P-134 corpus timing | Spec + format at IPC_VERSION_NEGOTIATION; **corpus populated at scope 133** commit | Before 134 | | 151 | Epoch sign-off manifest | Machine-readable `epoch_signoffs/epoch-N.toml`; CI verifies quorum before squash | Epoch 0 | | 152 | Threat node lifecycle CI | Define open/closed/regression; bound reduction below H → node re-opens | THREAT_NODES + KANI_SCOPE | | 153 | Protocol semver | `breaking.additive.clarification` on protocol docs; CI rules per bump class | Epoch 0 CI | @@ -305,7 +305,7 @@ Estimated pace: **1–3 phases/month**. Milestone 150 is **multi-year**. | 168 | Epoch gate commit signing | GPG-signed squash/gate commits; CI verifies against key registry; SECURITY.md + BUILD_INTEGRITY | Epoch 0 / 2 | | 169 | Audit tamper policy | **Resolve at epoch 1** — chain hash OR privileged-write with named threat node; no open OR | AUDIT_SUBSYSTEM | | 170 | Object destruction notify | **R-destroy-notify**: destruction → terminal at checkpoint for **all** holders; distinct from R-cascade-revoke | KERNEL_OBJECT_MODEL | -| 171 | Phase owner COI | Security-critical phases: second reviewer from **different domain** (security / kernel ABI / process) | Process | +| 171 | Scope owner COI | Security-critical scopes: second reviewer from **different domain** (security / kernel ABI / process) | Process | | 172 | Fuzz target retirement | Retire gating target = tier-downgrade procedure; transfer coverage or threat-model waiver | FUZZ_TARGETS | | 173 | Structural error recovery | Cap quota: **remediable structural** — caller may release caps and retry; not kernel-fatal | ERROR_TAXONOMY | | 174 | Generation cold restart | Explicit policy: (c) pre-restart caps invalidated QEMU-era; document mechanism | GENERATION_COUNTER | @@ -318,14 +318,14 @@ Estimated pace: **1–3 phases/month**. Milestone 150 is **multi-year**. | 181 | Semver vs never-stabilize | Semver tracks changes regardless; never-stabilize = cannot declare stable until 1.0 graduation | DESIGN_NORTH_STAR | | 182 | health JSON semver | `format_version` follows additive-only rules; references protocol semver framework | project_health | | 183 | architecture_state.toml | Boolean flags: `has_real_hardware_target`, `has_speculative_execution_unit`, etc. | Epoch 0 | -| 184 | Phase regression log | Append-only phase-level metric snapshots alongside epoch gates — observability | project_health | +| 184 | Scope regression log | Append-only scope-level metric snapshots alongside epoch gates — observability | project_health | | 185 | Attack surface metric | STATUS.md: syscall count, IPC endpoints, cap kinds, compat entry points | project_health | | 186 | Protocol changelog | `PROTOCOL_CHANGELOG.md` or per-doc CHANGELOG — epoch, commit, rationale per bump | Epoch 0 | | 187 | Audit coverage by op type | Completeness metric broken down: mint, delegate, revoke, transfer, attenuation, expiry | AUDIT epoch 3 | | 188 | Never-stabilize CI schemas | Add: epoch_signoffs schema, THREAT_NODES.toml, kani_harness_registry, architecture_state.toml | DESIGN_NORTH_STAR | -| 189 | Epoch failure time budget | Max ~2 phase-cycles recovery; then charter-level decision | EPOCH_FAILURE | +| 189 | Epoch failure time budget | Max ~2 scope-cycles recovery; then charter-level decision | EPOCH_FAILURE | | 190 | Audit privacy policy | Capture/exclude policy for audit fields; disclosure surface threat node stub | AUDIT + THREAT_MODEL | -| 191 | Prereq graph | Machine-readable phase/doc adjacency; CI ordering check | project_health epoch 0 | +| 191 | Prereq graph | Machine-readable scope/doc adjacency; CI ordering check | project_health epoch 0 | | 192 | Rust edition upgrade | Dedicated review commit; re-run Kani; edition-guide triage for TCB | UNSAFE_AUDIT | | 193 | Scorecard methodology stubs | Per comparative row: measurement definition (even if target TBD) | DESIGN_NORTH_STAR | | 194 | Verification toolchain risk | Kani/Verus bug/deprecation contingency — analogous to SUPPLY_CHAIN_POLICY | PROOF_COVERAGE | @@ -335,7 +335,7 @@ Estimated pace: **1–3 phases/month**. Milestone 150 is **multi-year**. | # | Gap / upgrade | Fix | When | |---|---------------|-----|------| | 195 | Epoch checklist CI boundary | `epoch_checklist.toml` — each item: `ci` \| `human` \| `both` | Epoch 0 | -| 196 | Phase owner succession | Named **backup reviewer** at phase-start; inherits commit authority if owner unavailable | Process | +| 196 | Scope owner succession | Named **backup reviewer** at scope-start; inherits commit authority if owner unavailable | Process | | 197 | Dissent resolution | Escalation path + timeout → charter override; prevents indefinite stall | epoch_signoffs schema | | 198 | Reviewer key rotation | SECURITY.md: key rotation ceremony; CI registry update without breaking history | SECURITY.md | | 199 | Cross-epoch prereqs | `prereq_graph.toml` edges with `blocking_epoch`; CI warns on unresolved cross-epoch deps | prereq_graph | @@ -350,7 +350,7 @@ Estimated pace: **1–3 phases/month**. Milestone 150 is **multi-year**. | 208 | Fuzz corpus integrity | Committed corpus hash at graduation; verified each CI run | FUZZ_TARGETS | | 209 | Signoff replay protection | `superseded_by` transitively GPG-signed; manifest bound to epoch number | epoch_signoffs schema | | 210 | Kernel entropy / CSPRNG | GENERATION_COUNTER: sequential vs unpredictable policy; QEMU entropy threat node | GENERATION_COUNTER | -| 211 | ares-rt ABI forward stability | Compatibility window or stated recompile requirement per epoch | ABI_ARES_RT epoch 2 | +| 211 | clan-rt ABI forward stability | Compatibility window or stated recompile requirement per epoch | ABI_CLAN_RT epoch 2 | | 212 | Cap table sharding note | SCHEDULER_MODEL: per-core shards in/out of scope post-150; affects uniqueness proof | SCHEDULER_MODEL | | 213 | Hypervisor guest target | ARCHITECTURE_TARGETS: guest in/out of scope + reopen_trigger | Epoch 6 / architecture_state | | 214 | Firmware update trust | Deferred node: firmware update without OS restart; boot trust boundary | THREAT_NODES epoch 0 | @@ -358,11 +358,11 @@ Estimated pace: **1–3 phases/month**. Milestone 150 is **multi-year**. | 216 | Superseded doc archival | `docs/archive/`; excluded from forward link check; retained in git | Doc conventions | | 217 | Onboarding guide | CONTRIBUTING.md — milestone 150 prereq; doc-contribution path | Milestone 150 | | 218 | Canonical glossary | `GLOSSARY.toml` — term, doc, anchor; CI consistency check | Epoch 0 | -| 219 | Changelog sub-entries | PROTOCOL_CHANGELOG: section, bump class, phase commit per change | PROTOCOL_CHANGELOG | +| 219 | Changelog sub-entries | PROTOCOL_CHANGELOG: section, bump class, scope commit per change | PROTOCOL_CHANGELOG | | 220 | QEMU config versioned | Committed QEMU invocation script/config + changelog | ARCHITECTURE_TARGETS | | 221 | Test environment manifest | QEMU version, host kernel, network isolation — diffed at epoch gate | BUILD_INTEGRITY / CI | | 222 | Soak failure ownership | EPOCH_FAILURE: distinct mode; triage owner; max investigation window | EPOCH_FAILURE | -| 223 | Benchmark archival | Extend phase_snapshots with bench results; trend query tool (DX) | project_health | +| 223 | Benchmark archival | Extend scope_snapshots with bench results; trend query tool (DX) | project_health | | 224 | Post-quantum signing | SECURITY.md: PQC migration re-eval at milestone 150 | SECURITY.md | | 225 | Cap model extensibility | DESIGN_NORTH_STAR forward-extensibility statement for future cap categories | Epoch 0 | | 226 | Formal cap system model | Intermediate milestone: formal transfer/delegation model for seL4 comparison | PROOF_COVERAGE / tier D | @@ -390,7 +390,7 @@ Estimated pace: **1–3 phases/month**. Milestone 150 is **multi-year**. | 241 | Endpoint exhaustion DoS | Endpoint creation counts toward CAP_QUOTA_STUB explicitly | CAP_QUOTA / epoch 1 | | 242 | Generation counter observation | Generation values sensitive; omit from caller-facing errors (extends cap_id oracle policy) | GENERATION_COUNTER / ERROR_TAXONOMY | | 243 | Epoch 0 scope freeze | Scope-freeze commit; additions after freeze need charter approval | EPOCH_FAILURE epoch 0 | -| 244 | Phase checklist schema | `phase_checklist_schema.toml` — required fields per phase checklist | Epoch 0 | +| 244 | Scope checklist schema | `scope_checklist_schema.toml` — required fields per scope checklist | Epoch 0 | | 245 | Reviewer qualification | Domain reviewer qualification + rotation; new reviewer co-sign first 2 epochs | Process / SECURITY.md | | 246 | External breaking-change comms | None before milestone 150; policy in SECURITY.md/CONTRIBUTING before public release | Milestone 150 | | 247 | Process hierarchy proptest | Proptest/Kani target for parent/child/orphan/fault-propagation invariants | FUZZ_TARGETS / PROOF_COVERAGE | @@ -442,7 +442,7 @@ Estimated pace: **1–3 phases/month**. Milestone 150 is **multi-year**. | 282 | Epoch retrospective | `epoch_retrospectives/epoch-N.md` — non-gating structured artifact | Process | | 283 | Weighted attack surface | Compat entry points weighted > native syscalls; single trending metric | project_health | | 284 | New pub API soft warning | Kernel/ABI new `pub` → soft THREAT_NODES check at epoch gate | CI | -| 285 | Milestone 150 timeline projection | Rolling avg phase duration → projected M150 date in STATUS.md | project_health | +| 285 | Milestone 150 timeline projection | Rolling avg scope duration → projected M150 date in STATUS.md | project_health | | 286 | Shadow audit counter | QEMU/test: independent op counter vs audit log at teardown | AUDIT_SUBSYSTEM epoch 3 | **Epoch 0 / early epoch-1 priorities:** #265, #263, #260, #261, #266, #281, #274. @@ -470,13 +470,13 @@ Estimated pace: **1–3 phases/month**. Milestone 150 is **multi-year**. | 303 | Information flow position | IFC design goal **or** out-of-scope pre-150 row in DESIGN_NORTH_STAR | Epoch 0 | | 304 | Cap op rate DoS | Rate limit in CAP_QUOTA **or** out-of-scope single-tenant QEMU | THREAT_NODES | | 305 | Boot attestation chain | Deferred post-150 + unattested-boot node **or** epoch-6 measurement plan | SECURITY.md | -| 306 | phase_snapshots compaction | Epoch entries permanent; phase entries compact after N epochs | project_health | +| 306 | scope_snapshots compaction | Epoch entries permanent; scope entries compact after N epochs | project_health | | 307 | Benchmark env-change tagging | Join manifests; `env-change` tag exempts wrong-direction; excludes from M150 avg | project_health | | 308 | Threat-node proof coverage ratio | closed nodes with proof tier / total non-deferred; STATUS.md | project_health | | 309 | Inter-doc heading citations | Foundational heading change → same commit updates all citations | Doc conventions | | 310 | Cap kind semantics freeze | Exiting never-stabilize → semantics frozen; reinterpret = new kind | KERNEL_OBJECT_MODEL | | 311 | Toolchain EOL procedure | Max unsupported pin duration; mandatory bump + dual-build re-verify | TOOLCHAIN_POLICY | -| 312 | First-steps DAG (Upgrade G) | Epoch-0 authoring order in `prereq_graph.toml` with `blocking_phase: epoch-0` | Epoch 0 | +| 312 | First-steps DAG (Upgrade G) | Epoch-0 authoring order in `prereq_graph.toml` with `blocking_scope: epoch-0` | Epoch 0 | | 313 | gap_registry.toml (Upgrade H) | `open`/`addressed`/`wontfix`/`split-into`; CI checks stale `when` | Epoch 0 | | 314 | Unsafe pub static analysis (Upgrade I) | `extern "C"` + `pub unsafe fn` vs THREAT_NODES soft warning | CI epoch gate | | 315 | Epoch-0 doc dep viz (Upgrade J) | Dependency graph in epoch gate health report | project_health epoch 0 | @@ -514,9 +514,9 @@ Estimated pace: **1–3 phases/month**. Milestone 150 is **multi-year**. |---|---------------|-----|------| | 332 | AI-assisted code review | TCB paths: same second-reviewer + attestation vs KERNEL_OBJECT_MODEL invariants | UNSAFE_AUDIT + SECURITY | | 333 | gap `superseded` status | Moot by design decision; pointer to commit + DECISION_LOG/KERNEL_OBJECT_MODEL | gap_registry | -| 334 | Mandatory DECISION_LOG triggers | 8 gated decisions in phase_checklist_schema | phase_checklist_schema | +| 334 | Mandatory DECISION_LOG triggers | 8 gated decisions in scope_checklist_schema | scope_checklist_schema | | 335 | Cap kind semantic proximity | New kind checklist: disjoint/specialization/generalization + DECISION_LOG | CAP_REGISTRY | -| 336 | Feature cost tracking | Marginal overhead per phase in phase_snapshots | project_health | +| 336 | Feature cost tracking | Marginal overhead per scope in scope_snapshots | project_health | | 337 | Attacker goal taxonomy | Escalation, disclosure, DoS, integrity — map classes + nodes | THREAT_MODEL | | 338 | Formal framework prereq | prereq_graph edge: framework decision blocks Tier D work | prereq_graph | | 339 | Ergonomics retrospective | Process vs implementation time; non-gating in epoch retrospective | epoch_retrospectives | @@ -556,13 +556,13 @@ Each row has a **finish line**, not just aspiration: | **Cap model extensibility** | Forward-extensibility statement: current namespaces/delegation/transfer sufficient for socket, GPU, crypto, TEE caps **or** named revision triggers | | **Formal cap model** | Intermediate milestone: formal transfer/delegation model sufficient to operationalize seL4 comparison row | | **Contributor onboarding** | [`CONTRIBUTING.md`](CONTRIBUTING.md) maps process to first-contribution path — milestone 150 prereq | -| **Health dashboard** | Baseline trend visualization from health_timeseries + phase_snapshots — **available by epoch 3 gate** | +| **Health dashboard** | Baseline trend visualization from health_timeseries + scope_snapshots — **available by epoch 3 gate** | | **Tracing channel** | Performance/diagnostic trace separate from audit — out of scope post-150 stub; no audit partition pollution | | **Multitenancy** | Post-150 policy layer; cap model structurally supports isolation; quota/namespace/audit partition deferred | | **GPU caps** | Separate design doc + IOMMU trust decision before any GPU driver work | | **External interop** | Self-contained cap model; interop via explicit translation layer; post-150 interop = separate threat model | | **Deterministic replay** | Post-150; seeded fault injection = primary QEMU-era determinism anchor | -| **Milestone 150 projection** | Rolling average phase duration → projected completion date in STATUS.md | +| **Milestone 150 projection** | Rolling average scope duration → projected completion date in STATUS.md | | **Information flow** | IFC as design goal with mechanisms **or** out-of-scope pre-150; existing nodes address known channels | | **Boot attestation** | Deferred post-150 with unattested-boot node **or** epoch-6 measurement plan | | **vs Windows** | Falsifiable row(s) **or** explicit: informal goal, no M150 commitment (title ≠ scorecard) | @@ -578,7 +578,7 @@ Beyond capability-layer attacks: - **Attacker taxonomy:** local unprivileged, compromised service, kernel exploit, remote, **compromised build host**, **compromised dev signing key**, **compromised CI runner** (QEMU era: out-of-scope if CI not release pipeline — state explicitly), **malicious/coerced insider contributor** (position: second-reviewer on security-critical paths; formal semantic independence post-150; or documented residual risk) - **Mint authority escalation:** if mint ≠ delegate — dedicated threat node (see KERNEL_OBJECT_MODEL) -- **Userspace allocator:** heap exploitation surface in ares-rt — mitigation policy epoch 2 (hardened allocator / Rust safe / defer post-150) +- **Userspace allocator:** heap exploitation surface in clan-rt — mitigation policy epoch 2 (hardened allocator / Rust safe / defer post-150) - **Kernel heap integrity:** slab/double-free — Kani on allocator invariants or TCB allowlist crate - **Endpoint exhaustion:** endpoint creation consumes quota beyond cap slots — covered by CAP_QUOTA_STUB - **Linker script tampering:** unauthorized layout change — threat node; covered by reproducibility manifest @@ -636,13 +636,13 @@ Unified versioned error algebra — **not** organic errno growth: - **Empty-rights cap operation:** ERROR_TAXONOMY class per RIGHTS_ALGEBRA empty-rights policy (structural or terminal) - **Cap quota exceeded:** **remediable structural** — not transient; caller may release caps and retry; not service-restart fatal - **Third-party holders:** independent caps to same object unaffected by single-cap revoke; **object destruction** → **R-destroy-notify** terminal at checkpoint for all holders -- **Bidirectional signals** (OOM shed/ack, userland→kernel reports): registered in WIRE_SCHEMA_REGISTRY; stub contract in phase 121; full spec before 147 +- **Bidirectional signals** (OOM shed/ack, userland→kernel reports): registered in WIRE_SCHEMA_REGISTRY; stub contract in scope 121; full spec before 147 --- ## KERNEL_OBJECT_MODEL.md — master reference (epoch 0: ratify + extend) -**Exists** from phase 110 ([`docs/KERNEL_OBJECT_MODEL.md`](docs/KERNEL_OBJECT_MODEL.md)) but must be **extended** for implementation epoch 0 — grounding doc for GENERATION_COUNTER, FAULT_ESCALATION, ERROR_TAXONOMY ("wrong cap kind"), COMPAT_ISOLATION, rights algebra. +**Exists** from scope 110 ([`docs/KERNEL_OBJECT_MODEL.md`](docs/KERNEL_OBJECT_MODEL.md)) but must be **extended** for implementation epoch 0 — grounding doc for GENERATION_COUNTER, FAULT_ESCALATION, ERROR_TAXONOMY ("wrong cap kind"), COMPAT_ISOLATION, rights algebra. **Epoch 0 additions:** @@ -757,7 +757,7 @@ Defer: deadline scheduling, full fairness metrics (epoch 5). - Caller abandoning saturated send: **cancel token** or timeout (align [`ABI_ASYNC.md`](docs/ABI_ASYNC.md)) - ERROR_TAXONOMY class for abandoned operations - Threat-model liveness node — unbounded wait = DoS -- Interim bridge: E-00 covers saturation; native endpoints need cancel in phase 134+ checklist +- Interim bridge: E-00 covers saturation; native endpoints need cancel in scope 134+ checklist - **Cancel must not block on saturated queue** — out-of-band cancel or guaranteed non-blocking path (liveness deadlock prevention) --- @@ -797,7 +797,7 @@ Align with [`TEMPORAL_SEMANTICS.md`](docs/TEMPORAL_SEMANTICS.md) checkpoint mode | State | Milestone 150 semantics | |-------|-------------------------| -| **Suspend** (phase 147) | **Frozen-in-memory** — no persistent checkpoint; resume = continue or cold restart without saved state beyond generation policy | +| **Suspend** (scope 147) | **Frozen-in-memory** — no persistent checkpoint; resume = continue or cold restart without saved state beyond generation policy | | **Checkpoint/restore** | **Out of scope until post-150** — re-evaluate marker in FAULT_ESCALATION | **Post-150 threat surface (note now):** serialized memory images expose cap state on disk; generation persistence across power cycles; device state reconstruction — document in FAULT_ESCALATION § Dormancy so post-150 spec is not surprised. @@ -839,16 +839,16 @@ Each entry: stable numeric ID, canonical doc pointer, **reader/writer compatibil --- -## IPC_VERSION_NEGOTIATION.md (before phase 134) +## IPC_VERSION_NEGOTIATION.md (before scope 134) - Version identifier location in message/envelope - Unsupported version: error class (structural vs transient) - **Downgrade responsibility:** receiver advertises max; caller negotiates or fails - **Max version spread** policy (e.g. N-1 support vs lockstep rebuild — pick one explicitly) -- **Semantic compatibility (phase 134):** state whether native endpoint ordering is **equivalent superset** of interim FIFO-per-session, or document differences + migration tests +- **Semantic compatibility (scope 134):** state whether native endpoint ordering is **equivalent superset** of interim FIFO-per-session, or document differences + migration tests - **Named property P-134:** all broker behaviors verified under interim bridge also pass under native endpoints (ordering smoke, not connectivity-only) - **proptest** (tier A, security): version pairs + wire format — random spread, downgrade paths; **`no_shrink` or pre-shrink log** -- **P-134 corpus:** format + inclusion rules in IPC_VERSION_NEGOTIATION doc; **corpus populated at phase 133** (last interim-bridge impl) as fixed read-only list — **not** at spec-only commit +- **P-134 corpus:** format + inclusion rules in IPC_VERSION_NEGOTIATION doc; **corpus populated at scope 133** (last interim-bridge impl) as fixed read-only list — **not** at spec-only commit - Required before interim bridge removal --- @@ -869,7 +869,7 @@ Each entry: stable numeric ID, canonical doc pointer, **reader/writer compatibil - **Metric:** `100% × numerator / denominator` - Epoch gate: delta vs previous epoch in commit body + STATUS.md delta -**Transition integration tests:** old-ABI client vs new-kernel at **each epoch boundary** — catches compat cliff between phase tests and full sunset; named test category in epoch gate matrix. +**Transition integration tests:** old-ABI client vs new-kernel at **each epoch boundary** — catches compat cliff between scope tests and full sunset; named test category in epoch gate matrix. --- @@ -934,7 +934,7 @@ Full disclosure + key-compromise playbooks required before milestone 150 public |-------|--------| | Kernel TCB | Strictest — **zero or curated allowlist** with review | | Kernel support | Allowlist + audit | -| Userland `ares-rt` | Curated | +| Userland `clan-rt` | Curated | | Build tooling | Least restricted | | **Proc-macros (TCB-adjacent)** | **Strictest allowlist** — compile-time code generation; separate from runtime deps | @@ -953,12 +953,12 @@ Post-150+ extensions require: KERNEL_OBJECT_MODEL, CAP_REGISTRY.toml, PROOF_COVE | Rule | Detail | |------|--------| | **Annotation** | Every `unsafe` block: justification comment + invariant doc ref (e.g. VIRTIO_SAFETY §) | -| **TCB kernel** | Second reviewer beyond phase owner for new `unsafe` in cap table / syscall entry / MMIO | +| **TCB kernel** | Second reviewer beyond scope owner for new `unsafe` in cap table / syscall entry / MMIO | | **Complexity** | Kani required for `unsafe` functions above complexity threshold (defined in KANI_SCOPE) | | **Limits** | Optional max `unsafe` lines per module — exceptions documented | | **Tracking** | `project_health.py` reports **unsafe block count by module**; delta in STATUS.md | | **Toolchain bump** | On `rustc` bump: **re-confirm** all TCB `unsafe` invariants — not compile-only | -| **Rust edition upgrade** | **Dedicated review commit** (not bundled with phase); re-run all Kani harnesses; triage edition-guide semantic changes for TCB | +| **Rust edition upgrade** | **Dedicated review commit** (not bundled with scope); re-run all Kani harnesses; triage edition-guide semantic changes for TCB | | **C-ABI FFI** | Kernel-boundary FFI: **charter approval** + dedicated threat node (gate, not prohibition) | **Memory safety boundary** ([`MEMORY_SAFETY_BOUNDARY.md`](docs/MEMORY_SAFETY_BOUNDARY.md) or UNSAFE_AUDIT §): spatial map of which crates/modules may contain `unsafe`; directory-level CI deny rules (e.g. cap-table crate except explicitly listed files); TCB modules require second reviewer. @@ -972,7 +972,7 @@ General policy beyond VIRTIO_SAFETY.md. When verified functions change: - Harnesses include **coverage assertions** (prove interesting path reached), **or** -- Phase owner attests harness still exercises relevant paths (documented in commit) +- Scope owner attests harness still exercises relevant paths (documented in commit) CI fails on vacuous pass for security-critical targets: transfer protocol, revocation window, generation uniqueness. @@ -996,7 +996,7 @@ Refactors that move logic to unverified helpers require KANI_SCOPE update in sam **Fuzz → Verus:** crash/findings in Kani-covered function → **immediate Verus escalation assessment** (evidence bound was insufficient). -**Parallelism (staging):** prior phase Kani results invalidated only if harness-covered functions or their **transitive deps** change. +**Parallelism (staging):** prior scope Kani results invalidated only if harness-covered functions or their **transitive deps** change. **Hardware transition (epoch 6):** each harness with tractability note **re-reviewed** — bound still meaningful or escalate Verus. @@ -1036,11 +1036,11 @@ Beyond signing: --- -## ABI_ARES_RT.md (epoch 2 prereq — native runtime ABI) +## ABI_CLAN_RT.md (epoch 2 prereq — native runtime ABI) -- Syscall surface, startup contract, signal/error mapping for `ares-rt` -- **Forward stability policy:** either (a) **compatibility window** — kernel supports N-1 ares-rt ABI for M epochs, or (b) **explicit recompile required** each epoch — pick one in epoch 2; prevents silent native ABI breaks while compat metric shows 100% native -- Distinct from compat shim sunset — this is AresOS's **own** native ABI evolution +- Syscall surface, startup contract, signal/error mapping for `clan-rt` +- **Forward stability policy:** either (a) **compatibility window** — kernel supports N-1 clan-rt ABI for M epochs, or (b) **explicit recompile required** each epoch — pick one in epoch 2; prevents silent native ABI breaks while compat metric shows 100% native +- Distinct from compat shim sunset — this is Clan OS's **own** native ABI evolution - Registered in WIRE_SCHEMA_REGISTRY where wire formats apply --- @@ -1070,7 +1070,7 @@ Extends VIRTIO_SAFETY.md: ## OOM shed / acknowledge protocol -| Phase | Contract | +| Scope | Contract | |-------|----------| | **121 stub** | Outline in checklist: kernel→service shed signal cap, ack timeout → ERROR_TAXONOMY class, FAULT_ESCALATION path | | **147 full** | Wire format in WIRE_SCHEMA_REGISTRY; bidirectional; non-ack → suspend → terminate | @@ -1085,7 +1085,7 @@ Extends VIRTIO_SAFETY.md: | Syscall entry | Invalid handle, wrong kind, revoke/use race | | Process hierarchy | Parent death, child cap fate, orphan, fault propagation — proptest tier A | -Epoch 0: stubs exist. Phase 121+: targets must meet coverage definition or remain **non-gating** (reported in STATUS.md). +Epoch 0: stubs exist. Scope 121+: targets must meet coverage definition or remain **non-gating** (reported in STATUS.md). **Corpus persistence:** fuzz corpora in VCS or artifact storage; **minimum corpus size** per target before gate; corpus wipe (e.g. target signature change) → gate status reset or documented grace period in FUZZ_TARGETS. @@ -1093,7 +1093,7 @@ Epoch 0: stubs exist. Phase 121+: targets must meet coverage definition or remai **Fault injection error verification:** tier B requirement — when fault injected, caller receives **exact** ERROR_TAXONOMY class/subcode at declared wire schema version (Kani or proptest, not smoke-only). -**Target retirement:** removing a **graduated** gating target (e.g. interim IPC at phase 134) requires same procedure as PROOF_COVERAGE tier downgrade — second reviewer, justification; coverage transferred to new target or threat-model waiver. +**Target retirement:** removing a **graduated** gating target (e.g. interim IPC at scope 134) requires same procedure as PROOF_COVERAGE tier downgrade — second reviewer, justification; coverage transferred to new target or threat-model waiver. --- @@ -1128,13 +1128,13 @@ Cross-ref: R-revoke-blocked, IPC cancellation, SCHEDULER_MODEL fairness (epoch 5 | Open threat nodes ↑ | Justification required | | Fuzz graduated count ↓ | Justification required | -Wrong-direction delta: **second reviewer** (not phase owner) must acknowledge justification in commit body. +Wrong-direction delta: **second reviewer** (not scope owner) must acknowledge justification in commit body. **Degrade-and-recover same epoch:** metric wrong-direction then recovery within same epoch → commit must justify **both** degradation and recovery (prevents gaming). **Time series:** `health_timeseries.json` — **`format_version`** from entry `0`; follows **additive-only semver rules** (no required-field removal, no breaking type changes — refs protocol semver framework); unknown fields ignored; **epoch gate entries kept permanently** (entry `0` = epoch 0 baseline). -**Phase regression log:** append-only `phase_snapshots.jsonl` — phase-level snapshots; **epoch gate entries never compacted**; phase entries older than N epochs may compact to summary (second-reviewer commit; raw archived first). +**Scope regression log:** append-only `scope_snapshots.jsonl` — scope-level snapshots; **epoch gate entries never compacted**; scope entries older than N epochs may compact to summary (second-reviewer commit; raw archived first). **Benchmark delta tagging:** join current + prior test environment manifests; environment change → tag `env-change` (no wrong-direction justification; optional `rebaseline-env`; excluded from M150 rolling average). @@ -1200,26 +1200,26 @@ Machine-readable [`epoch_checklist.toml`](epoch_checklist.toml) — each item an --- -## Resource stubs (phase 121 — contract before enforcement) +## Resource stubs (scope 121 — contract before enforcement) -| Stub | Phase 121/122 | Phase 147 (full) | +| Stub | Scope 121/122 | Scope 147 (full) | |------|---------------|------------------| -| `MEM_BUDGET_STUB` | Budget struct + loader hook; **reserved fault-handler partition**; over-budget → `AresError::System` | shed → **suspend (frozen-in-memory)** → terminate + G5 log | +| `MEM_BUDGET_STUB` | Budget struct + loader hook; **reserved fault-handler partition**; over-budget → `ClanError::System` | shed → **suspend (frozen-in-memory)** → terminate + G5 log | | `CAP_QUOTA_STUB` | `caps_held(service) ≤ cap_quota(service)` — includes **endpoint creation**; optional **op rate limits** if chosen over out-of-scope; greppable annotation | Enforced on all mint paths + Kani/proptest property | Soak tests epochs 1–4 exercise stub paths — behavior **defined**, not undefined. --- -## Interim IPC bridge — full spec (phases 122–133) +## Interim IPC bridge — full spec (scopes 122–133) -Tagged `compat-internal`; **not** PipeLite (A5); **not** native truth. **Scope:** IPC bridge **only** (phases 122–133) — epoch 4 compat sockets use COMPAT_SUNSET metric, **not** this counter. +Tagged `compat-internal`; **not** PipeLite (A5); **not** native truth. **Scope:** IPC bridge **only** (scopes 122–133) — epoch 4 compat sockets use COMPAT_SUNSET metric, **not** this counter. - **Ordering:** FIFO per session; no cross-session ordering (documented subset of eventual endpoint semantics) - **Message size:** max message size in wire schema; fragmentation policy explicit (if enabled: fragments covered by same FIFO guarantee; **revoke during partial message** → documented terminal/cancel outcome) - **Backpressure:** Bounded queue; saturated → E-00 transient error (not silent drop) -- **Migration:** Phase 134 narrows to native endpoints — not semantic swap -- **Removal test:** CI counts **`ipc-bridge-compat-internal`** call sites from phase 121; **asserts zero by phase 134** (not checklist-only); compat socket ABI tracked by COMPAT_SUNSET metric only +- **Migration:** Scope 134 narrows to native endpoints — not semantic swap +- **Removal test:** CI counts **`ipc-bridge-compat-internal`** call sites from scope 121; **asserts zero by scope 134** (not checklist-only); compat socket ABI tracked by COMPAT_SUNSET metric only - **Spec case** for interim semantics + teardown checklist --- @@ -1238,16 +1238,16 @@ flowchart BT Unit --> Prop --> Kani --> Fuzz --> Smoke --> Soak --> Bench ``` -**Calibration:** Phase 120 = historical reference. **Hard gate baseline** = **previous epoch gate** measurement (re-baseline each epoch gate after epoch 2). Threshold = max regression % vs prior epoch gate. +**Calibration:** Scope 120 = historical reference. **Hard gate baseline** = **previous epoch gate** measurement (re-baseline each epoch gate after epoch 2). Threshold = max regression % vs prior epoch gate. **Stability:** flag P99 deviations vs prior gate **and** rolling median of all epoch gates (large swings either direction → review in commit). | Layer | Gate | |-------|------| -| Unit + proptest | Every phase | -| Kani | In-scope functions per KANI_SCOPE only — every phase | -| Fuzz | From phase 121 when targets meet FUZZ_TARGETS coverage def | -| Smoke | Every phase | +| Unit + proptest | Every scope | +| Kani | In-scope functions per KANI_SCOPE only — every scope | +| Fuzz | From scope 121 when targets meet FUZZ_TARGETS coverage def | +| Smoke | Every scope | | Fault injection | **Seeded** chaos; deterministic replay; each tier triggerable in CI; revoke-in-flight Kani; **injected fault → exact ERROR_TAXONOMY at wire version** (tier B) | Epoch 1 stub; gate epoch 3 | | Soak | Epoch milestones | | Benchmark | Epoch milestones — **hard gate** | @@ -1266,7 +1266,7 @@ CI lint fails on missing `status:` header. Superseded docs moved to **`docs/arch **Canonical glossary:** [`GLOSSARY.toml`](GLOSSARY.toml) — term, defining doc, section anchor; CI checks term usage consistency across docs. -**Protocol doc versioning:** `breaking.additive.clarification` semver on KERNEL_OBJECT_MODEL, FAULT_ESCALATION, ERROR_TAXONOMY, WIRE_SCHEMA_REGISTRY — **breaking** → cross-doc review required; **additive** → dependent doc annotation; **clarification** → no extra review. CI enforces bump class rules. Changes recorded in [`PROTOCOL_CHANGELOG.md`](docs/PROTOCOL_CHANGELOG.md) — per bump: class, **affected section**, rationale, **linked phase commit**; multiple sub-entries per epoch when independent changes land together. +**Protocol doc versioning:** `breaking.additive.clarification` semver on KERNEL_OBJECT_MODEL, FAULT_ESCALATION, ERROR_TAXONOMY, WIRE_SCHEMA_REGISTRY — **breaking** → cross-doc review required; **additive** → dependent doc annotation; **clarification** → no extra review. CI enforces bump class rules. Changes recorded in [`PROTOCOL_CHANGELOG.md`](docs/PROTOCOL_CHANGELOG.md) — per bump: class, **affected section**, rationale, **linked scope commit**; multiple sub-entries per epoch when independent changes land together. **Foundational heading changes:** same commit must update all known citations; CI lists files referencing old heading on protocol semver bump. @@ -1285,22 +1285,22 @@ CI lint fails on missing `status:` header. Superseded docs moved to **`docs/arch **TEMPORAL_SEMANTICS.md ratification (epoch 0 — completion condition):** - Every cross-reference in TEMPORAL_SEMANTICS resolves to an existing section in its target doc -- Revocation-window, checkpoint, and suspend semantics verified **against epoch-0 FAULT_ESCALATION and SCHEDULER_MODEL** (not prior phase-110 assumptions) +- Revocation-window, checkpoint, and suspend semantics verified **against epoch-0 FAULT_ESCALATION and SCHEDULER_MODEL** (not prior scope-110 assumptions) - Any inconsistency fixed in the **same epoch-0 squash commit** — not deferred to epoch 1 - Ratification recorded in doc-epoch checklist sign-off (process domain) --- -## Process: phase ownership + epoch/compatibility gates +## Process: scope ownership + epoch/compatibility gates -**Phase owner:** `phase-owner:` in checklist footer or CODEOWNERS per phase directory. Only owner creates `feat(phase-NNN)` after full pyramid green. **`backup-reviewer:`** named at phase-start — inherits commit authority if owner unavailable (mandatory for security-critical phases). +**Scope owner:** `scope-owner:` in checklist footer or CODEOWNERS per scope directory. Only owner creates `feat(scope-NNN)` after full pyramid green. **`backup-reviewer:`** named at scope-start — inherits commit authority if owner unavailable (mandatory for security-critical scopes). -**Security-critical phases** (cap table, audit subsystem, FAULT_ESCALATION tiers): wrong-direction delta second reviewer must be from a **different domain** than phase owner — domains = epoch sign-off domains (security, kernel ABI, process). +**Security-critical scopes** (cap table, audit subsystem, FAULT_ESCALATION tiers): wrong-direction delta second reviewer must be from a **different domain** than scope owner — domains = epoch sign-off domains (security, kernel ABI, process). **Compat review** (every epoch gate commit body — structured, tracked in matrix): 1. Coverage metric delta since last epoch? -2. Any `ares-abi-v*` surface past deprecation date still present? +2. Any `clan-abi-v*` surface past deprecation date still present? 3. New native capability making a compat shim redundant? **Threat surface snapshot** (parallel to compat review — every epoch gate commit body): @@ -1335,12 +1335,12 @@ CI verifies: unanimous 3/3 domains for epoch 0; no withdrawn signatures; commit | Situation | Action | |-----------|--------| -| Single phase caused failure | `revert(phase-NNN)` → `fix(phase-NNN)` | -| Multi-phase benchmark regression | Bisect epoch commits; mark epoch **stale** in matrix; block next epoch until re-certified | +| Single scope caused failure | `revert(scope-NNN)` → `fix(scope-NNN)` | +| Multi-scope benchmark regression | Bisect epoch commits; mark epoch **stale** in matrix; block next epoch until re-certified | | Soft vs hard gate | Benchmark/Kani-in-scope = **hard**; extended soak duration = soft (debt ticket + deadline) | | Verus escalation exhausted at N+2 | Accept risk (charter + PROOF_COVERAGE justification) or block epoch indefinitely | -| Epoch marked stale | **Recovery budget:** ~2 phase-cycles at current pace; beyond → charter-level project decision (not indefinite technical freeze) | -| Soak test failure | **Triage owner:** epoch lead (or named soak owner); max investigation window before epoch marked stale — distinct from phase revert path | +| Epoch marked stale | **Recovery budget:** ~2 scope-cycles at current pace; beyond → charter-level project decision (not indefinite technical freeze) | +| Soak test failure | **Triage owner:** epoch lead (or named soak owner); max investigation window before epoch marked stale — distinct from scope revert path | | Compound hard-gate failure | Define: independent revert paths per failure with owners **or** immediate epoch stale on any compound failure | **Epoch gate commit review:** structured gate body (compat review + threat snapshot) requires **non-author acknowledgment** from different-domain reviewer — distinct from sign-off quorum. @@ -1352,7 +1352,7 @@ CI verifies: unanimous 3/3 domains for epoch 0; no withdrawn signatures; commit - Git revert without image rollback (QEMU-only) → verify reproducible build still produces bootable signed image from reverted source - Procedure in EPOCH_FAILURE_PROCEDURE — not independent rollback silos -**CAP_REGISTRY reconciliation:** registry ↔ markdown mismatch → epoch **stale**; **owner** = phase owner who introduced drift (most recent if multi-phase); reconciled in one commit before gate proceeds. +**CAP_REGISTRY reconciliation:** registry ↔ markdown mismatch → epoch **stale**; **owner** = scope owner who introduced drift (most recent if multi-scope); reconciled in one commit before gate proceeds. **Epoch 0 scope freeze:** after **`scope-freeze` commit**, new epoch-0 docs require **charter approval** — prevents unbounded foundation growth; distinct from epoch failure recovery. @@ -1360,16 +1360,16 @@ CI verifies: unanimous 3/3 domains for epoch 0; no withdrawn signatures; commit **Epoch 0 post-gate amendment:** additive/clarification protocol semver with second reviewer OK; **breaking** change to foundational doc → full cross-doc review + affected domain re-sign-off (same as epoch gate failure severity). -**Phase checklist schema:** [`phase_checklist_schema.toml`](phase_checklist_schema.toml) — required fields: threat node mapping, proof tier, harness bound, fuzz target (if applicable), compat review entry, OOM stub ref, benchmark baseline ref, `phase-owner`, `backup-reviewer`. +**Scope checklist schema:** [`scope_checklist_schema.toml`](scope_checklist_schema.toml) — required fields: threat node mapping, proof tier, harness bound, fuzz target (if applicable), compat review entry, OOM stub ref, benchmark baseline ref, `scope-owner`, `backup-reviewer`. **Pre-epoch planning commit** (epochs 2, 4, 5 especially): -- Expands all phase checklists for that epoch to epoch-1 detail level +- Expands all scope checklists for that epoch to epoch-1 detail level - Lists new threat nodes, fuzz targets, wire schema entries - **Reviewed before implementation** — requires **non-owner reviewer** named in commit body (epochs 2, 4, 5 mandatory) - **Same CI as doc epochs:** link + heading checker runs on planning commit — not deferred to epoch gate -**Prereq graph:** machine-readable `prereq_graph.toml` (phase/doc adjacency + **cross-epoch edges** with `blocking_epoch` + **epoch-0 authoring DAG** with `blocking_phase: epoch-0`); `project_health.py` enforces doc authoring order on staging branch. +**Prereq graph:** machine-readable `prereq_graph.toml` (scope/doc adjacency + **cross-epoch edges** with `blocking_epoch` + **epoch-0 authoring DAG** with `blocking_scope: epoch-0`); `project_health.py` enforces doc authoring order on staging branch. **Gap registry:** [`gap_registry.toml`](gap_registry.toml) — `status`, addressing commit, implementing doc section; **`split-into` acyclic, max depth 3**; CI flags stale `open` gaps. **Bootstrap:** one-time import from canonical gap table (this plan) via script; output reviewed before scope-freeze. @@ -1427,14 +1427,14 @@ flowchart TB --- -## Epoch 0 — Foundation (before phase 121) +## Epoch 0 — Foundation (before scope 121) **Documents (one commit when all green):** | Doc | Key contents | |-----|--------------| | [`KERNEL_OBJECT_MODEL.md`](docs/KERNEL_OBJECT_MODEL.md) | Bootstrap caps, send/confinement, kind semantics freeze, orphan endpoints | -| [`phase_checklist_schema.toml`](phase_checklist_schema.toml) | Required fields per phase checklist | +| [`scope_checklist_schema.toml`](scope_checklist_schema.toml) | Required fields per scope checklist | | [`CAP_REGISTRY.toml`](docs/CAP_REGISTRY.toml) | Machine-readable cap taxonomy; CI ↔ markdown sync | | [`CAP_TRANSFER_PROTOCOL.md`](docs/CAP_TRANSFER_PROTOCOL.md) | Transfer atomicity; TOCTOU Kani machine | | [`SCHEDULER_MODEL.md`](docs/SCHEDULER_MODEL.md) | Partial wait-set revocation; R-revoke-blocked; SMP cascade note | @@ -1450,7 +1450,7 @@ flowchart TB | [`GLOSSARY.toml`](GLOSSARY.toml) | Canonical terms + CI consistency | | [`epoch_signoffs/schema.toml`](epoch_signoffs/schema.toml) + [`epoch-0.toml`](epoch_signoffs/epoch-0.toml) | Formal sign-off schema + dissent resolution | | [`architecture_state.toml`](architecture_state.toml) | Deferred threat trigger flags | -| [`prereq_graph.toml`](prereq_graph.toml) | Phase/doc prereq adjacency for CI | +| [`prereq_graph.toml`](prereq_graph.toml) | Scope/doc prereq adjacency for CI | | [`PROTOCOL_CHANGELOG.md`](docs/PROTOCOL_CHANGELOG.md) | Per-bump rationale for protocol docs | | [`DECISION_LOG.md`](docs/DECISION_LOG.md) | Alternatives considered, rationale, epoch — non-gating | | [`FAILURE_MODES_LEDGER.md`](docs/FAILURE_MODES_LEDGER.md) | Pathologies + OOM + cap exhaustion | @@ -1476,14 +1476,14 @@ flowchart TB - `cargo audit` / `cargo deny` per SUPPLY_CHAIN_POLICY - Doc `status:` lint + **link/heading checker** - no-recursion / stack-depth policy (clippy or project lint) — per THREAT_MODEL -- Phase-120 benchmark calibration → baseline JSON +- Scope-120 benchmark calibration → baseline JSON - `project_health.py` → STATUS.md + delta + `health_timeseries.json`; Kani harness registry check - CAP_REGISTRY ↔ KERNEL_OBJECT_MODEL CI; threat node registry CI (zero `open`; deferred trigger check; bound-reduction re-open) - `epoch_checklist.toml` + `epoch_signoffs/` + `gap_registry.toml` CI; CHARTER.md present; GPG + key registry; `GLOSSARY.toml`; THREAT_NODES `depends_on`; Kani cache key + `type_params` + `feature_flags`; new-`pub` + `pub unsafe`/`extern C` soft warnings; CAP_REGISTRY staging uniqueness; `prereq_graph.toml` epoch-0 DAG; protocol semver + heading citation check; staging-branch link checker; doc dep graph in gate report - IPC negotiation proptest stub (graduate before 134) - Fault-injection feature flag stub (`chaos_caps` or similar) - Semantic diff on foundational doc headers -- Expand phase-121 checklist (**OOM shed stub**, scheduler inversion policy ack) +- Expand scope-121 checklist (**OOM shed stub**, scheduler inversion policy ack) **Commit:** single squash `docs(epoch-0): constitutional foundation and evidence tiers` + STATUS.md + `health_timeseries.json` entry `0` @@ -1497,9 +1497,9 @@ flowchart TB **Prereq before 134:** IPC_VERSION_NEGOTIATION -| Phase | Deliverable | +| Scope | Deliverable | |------:|-------------| -| 121 | Service loader; E-00; **MEM_BUDGET_STUB** + **CAP_QUOTA_STUB**; **OOM shed/ack stub**; audit bootstrap; `phase-owner` | +| 121 | Service loader; E-00; **MEM_BUDGET_STUB** + **CAP_QUOTA_STUB**; **OOM shed/ack stub**; audit bootstrap; `scope-owner` | | — | [`COMPAT_SUNSET.md`](docs/COMPAT_SUNSET.md) + [`COMPAT_ISOLATION.md`](docs/COMPAT_ISOLATION.md) | | 122–126 | Brokers on interim IPC (ordering + backpressure); audit on mint; **compat-internal CI counter** starts | | 127 | FAULT_ESCALATION tier 2; ERROR_TAXONOMY terminal codes for restart/crash/revoke-in-flight | @@ -1513,11 +1513,11 @@ flowchart TB ## Epoch 2 — Storage then userland -**Pre-epoch planning commit (first):** expand phase checklists; virtio + userland threat nodes; fuzz target updates; **DRIVER_MODEL** + **MMIO_SAFETY_POLICY** + **storage access policy** (FsNode vs raw block). +**Pre-epoch planning commit (first):** expand scope checklists; virtio + userland threat nodes; fuzz target updates; **DRIVER_MODEL** + **MMIO_SAFETY_POLICY** + **storage access policy** (FsNode vs raw block). -**Prereqs:** ABI_ARES_RT, VIRTIO_SAFETY, BUILD_INTEGRITY (doc), DRIVER_MODEL, MMIO_SAFETY_POLICY +**Prereqs:** ABI_CLAN_RT, VIRTIO_SAFETY, BUILD_INTEGRITY (doc), DRIVER_MODEL, MMIO_SAFETY_POLICY -**Order:** Commit A virtio-blk switchover → Commit B `ares-rt` userland. Sim-block stubbed post-gate. +**Order:** Commit A virtio-blk switchover → Commit B `clan-rt` userland. Sim-block stubbed post-gate. **Epoch 2 gate:** compat review; BUILD_INTEGRITY ratified; virtio safety host tests; STATUS.md updated. @@ -1529,7 +1529,7 @@ flowchart TB - **134: endpoints; interim bridge removed; CI counter = 0; P-134 semantic ordering smoke** - 135–138: audit IPC correlation; ERROR_TAXONOMY on wire - 140: 1M message soak; benchmark gate; compat review -- **Epoch 3 gate:** health trend **dashboard/visualization** deliverable from health_timeseries + phase_snapshots; transition integration tests at epoch 2→3 boundary +- **Epoch 3 gate:** health trend **dashboard/visualization** deliverable from health_timeseries + scope_snapshots; transition integration tests at epoch 2→3 boundary --- @@ -1541,14 +1541,14 @@ flowchart TB - virtio-net driver (shared virtio framework with epoch 2) - Compat TCP/UDP + multi-fd `select` — registered in WIRE_SCHEMA_REGISTRY + COMPAT_SUNSET metric -- Network broker (phase 125) becomes functional +- Network broker (scope 125) becomes functional - Benchmark gate socket P99; compat review; STATUS.md --- ## Epoch 5 — Scheduler, GUI, SMP (141–150) -**Pre-epoch planning commit (first):** SMP loom test plan, compositor checklist, OOM phase 147 suspend semantics confirmation. +**Pre-epoch planning commit (first):** SMP loom test plan, compositor checklist, OOM scope 147 suspend semantics confirmation. | Item | Detail | |------|--------| @@ -1573,37 +1573,37 @@ flowchart TB --- -## Per-phase workflow +## Per-scope workflow ```mermaid flowchart LR EpochPlan[Pre-epoch planning commit if epoch start] EpochPlan --> Spec[Checklist + docs] - Spec --> Owner[Phase owner review] + Spec --> Owner[Scope owner review] Owner --> Threat[Threat node + proof tier + harness bound] Threat --> Impl[Impl] Impl --> Pyramid[Unit proptest Kani-scope fuzz-if-graduated] Pyramid --> Smoke[Smoke soak bench] Smoke --> Ledger[Ledger compat review] - Ledger --> Commit[feat phase-NNN] + Ledger --> Commit[feat scope-NNN] ``` --- ## Git discipline -- **One commit per phase**; epoch 0 = one commit; epoch 2 = two minimum -- **Phase owner** only commits when pyramid green -- **Revert:** `revert(phase-NNN)` → `fix(phase-NNN)`; re-run full pyramid -- **Doc fixup:** `fixup(phase-NNN): docs` — same phase window; **no pyramid re-run** unless behavior changes +- **One commit per scope**; epoch 0 = one commit; epoch 2 = two minimum +- **Scope owner** only commits when pyramid green +- **Revert:** `revert(scope-NNN)` → `fix(scope-NNN)`; re-run full pyramid +- **Doc fixup:** `fixup(scope-NNN): docs` — same scope window; **no pyramid re-run** unless behavior changes - **Epoch stale:** per EPOCH_FAILURE_PROCEDURE.md Message format: ```text -feat(phase-NNN): +feat(scope-NNN): <title> -Smoke: scripts/phaseNN_*.py +Smoke: scripts/gate/boot.py --gate <name> Proof: PROOF_COVERAGE rows <ids> Ledger: <rows> Compat-review: metric=<n> delta=<+/-m> @@ -1616,7 +1616,7 @@ Compat-review: metric=<n> delta=<+/-m> | Rule | CI enforced? | |------|----------------| | Merge docs without `status:` | Yes | -| `ipc-bridge-compat-internal` counter > 0 past phase 134 | Yes | +| `ipc-bridge-compat-internal` counter > 0 past scope 134 | Yes | | CAP_REGISTRY ↔ markdown mismatch | Yes | | Stabilize never-stabilize interfaces | Yes (lint/export check) | | New CAP_REGISTRY kind without checklist docs | Yes (grep-based) | @@ -1648,14 +1648,14 @@ Compat-review: metric=<n> delta=<+/-m> - Start epoch implementation without pre-epoch planning commit - Diverge source and signed image without reconciliation procedure - Merge docs without `status:` header or broken internal cross-refs -- Ship phase 134 with connectivity-only migration test (must include P-134 ordering) +- Ship scope 134 with connectivity-only migration test (must include P-134 ordering) - Refactor Kani-verified functions without vacuity check - Add kernel `unsafe` without UNSAFE_AUDIT compliance - Start epoch 1 brokers without documented priority-inversion policy - Treat shared memory as ambient (must be MemoryRegion caps) - Add ad-hoc debug introspection without cap model + threat node - Stabilize interfaces on **never stabilize before 1.0** list -- Batch phases in one commit +- Batch scopes in one commit - Extend compat without COMPAT_SUNSET + epoch gate compat review --- @@ -1668,7 +1668,7 @@ Compat-review: metric=<n> delta=<+/-m> 4. **DECISION_LOG.md** + **BUILD_INTEGRITY** CI script stub + remaining epoch 0 docs per DAG 5. **scope-freeze** commit → 90-day clock starts; staging cross-doc review; no unresolved `[CROSS-REF — TBD]` at squash 6. **Doc-epoch checklist all green** + domain sign-offs → squash **commit epoch 0** (gap/doc viz in gate report) -7. Epoch 1 prereqs + Phase 121 per plan +7. Epoch 1 prereqs + Scope 121 per plan **If 90-day budget exceeded:** triage to minimum viable Epoch 0 set; defer remainder — not project failure. diff --git a/.cursor/rules/aresos-principal-engineer.mdc b/.cursor/rules/clanos-principal-engineer.mdc similarity index 85% rename from .cursor/rules/aresos-principal-engineer.mdc rename to .cursor/rules/clanos-principal-engineer.mdc index 16fb996..f555144 100644 --- a/.cursor/rules/aresos-principal-engineer.mdc +++ b/.cursor/rules/clanos-principal-engineer.mdc @@ -1,17 +1,17 @@ --- -description: AresOS Principal Engineer — architecture, security, and phase discipline for all development tasks +description: Clan OS Principal Engineer — architecture, security, and scope discipline for all development tasks alwaysApply: true --- -# AresOS Principal Engineer System Prompt +# Clan OS Principal Engineer System Prompt -You are the principal engineer of AresOS, a capability-secured hybrid microkernel OS written in Rust. You combine OS architecture, Rust systems programming, security research, and verification discipline. You do not write toy code, skip planning, or ship stubs without `// STUB(phase-NNN):` annotations tied to `epoch_checklist.toml`. +You are the principal engineer of Clan OS, a capability-secured hybrid microkernel OS written in Rust. You combine OS architecture, Rust systems programming, security research, and verification discipline. You do not write toy code, skip planning, or ship stubs without `// STUB(scope-NNN):` annotations tied to `epoch_checklist.toml`. ## Session start (every task) 1. Read `STATUS.md` and `docs/VALIDATION_GATES.md` — runtime validation uses **boot gate** (`boot_gate.rs`) + **system gate** (`system_gate.rs`). 2. Read architecture docs per **precedence** (below); doc migration epoch is in progress — flat `docs/*.md` remain authoritative until migrated or marked `superseded-by`. -3. Read `epoch_checklist.toml` or historical `docs/phase-*-checklist.md` for scope context only. +3. Read `epoch_checklist.toml` or historical `docs/scope-*-checklist.md` for scope context only. 4. Confirm no open `CROSS-REF: — TBD` stubs in docs you will edit. 5. Check `docs/THREAT_NODES.toml` (canonical) before security-adjacent code. @@ -20,12 +20,11 @@ You are the principal engineer of AresOS, a capability-secured hybrid microkerne 1. **`docs/architecture/`** is canonical when a document exists there. 2. Flat **`docs/*.md`** is authoritative for any doc **not yet migrated** (no `docs/architecture/` equivalent). 3. Flat docs with `status: superseded-by: docs/architecture/…` — read the **architecture** copy first; use the flat copy only for content not yet reconciled in migration squash. -4. **Conflicts:** if flat and `docs/architecture/` disagree, **flag explicitly** — do not silently pick one. Resolution belongs in the doc migration epoch squash commit, not a phase implementation commit. +4. **Conflicts:** if flat and `docs/architecture/` disagree, **flag explicitly** — do not silently pick one. Resolution belongs in the doc migration epoch squash commit, not a scope implementation commit. ## Explicitly deferred (do not propose or partially implement) - **Workspace restructure** (`kernel/src/` brokers → `servers/` crates): deferred to a dedicated epoch with pre-epoch planning commit and transition integration suite. Trigger: driver/broker crash crosses isolation boundary. -- **`ares-rt` `no_std` fix** (`DECISION_LOG.md` `ares-rt-001`, `architecture_state.toml` `has_no_std_enforcement = false`): tracked debt; fix requires dedicated phase commit + full Kani re-run. **Not during doc migration epoch.** ## Session end @@ -43,7 +42,7 @@ Run `scripts/project_health.py`, verify `STATUS.md` is current, confirm no new ` ## Non-negotiable obligations -1. **Read before writing** — architecture doc, ADR (`docs/architecture/ADR/`), phase checklist. +1. **Read before writing** — architecture doc, ADR (`docs/architecture/ADR/`), scope checklist. 2. **ADR before tradeoffs** — `docs/architecture/ADR/ADR-NNNN-title.md` with Context, Decision, Alternatives, Consequences, Security Implications, Verification Approach. 3. **Threat model before security code** — `docs/THREAT_NODES.toml`; create nodes for new attack surfaces. 4. **Tests first for security** — Kani/proptest before capability/IPC/memory implementation. @@ -62,7 +61,7 @@ Run `scripts/project_health.py`, verify `STATUS.md` is current, confirm no new ` ## Code standards -- `#![no_std]` in kernel and ares-rt; `#![deny(unsafe_code)]` elsewhere unless `docs/UNSAFE_AUDIT.md` lists the crate. +- `#![no_std]` in kernel, userland runtime (`clan-rt`), and **Mendo** binary (`userland/mendo/`); `#![deny(unsafe_code)]` elsewhere unless `docs/UNSAFE_AUDIT.md` lists the crate. - Every `unsafe` needs `// SAFETY:` + arch cross-ref + `// SAFETY-REVIEWED-BY: domain`. - No `unwrap()`/`expect()` in kernel without `// PANIC-OK:` or `#[cfg(test)]`. - Errors map to `docs/ERROR_TAXONOMY.md` classes; no oracle fields (`cap_id`, `generation`) to unprivileged callers. @@ -78,6 +77,7 @@ Run `scripts/project_health.py`, verify `STATUS.md` is current, confirm no new ` | `config/CAP_REGISTRY.toml` | `docs/CAP_REGISTRY.toml` | | `DECISION_LOG.md` | root + `docs/DECISION_LOG.md` | | `CHARTER.md` | `CHARTER.md` (root) | +| Mendo | `userland/mendo/` | ## Response format (development tasks) diff --git a/CHARTER.md b/CHARTER.md index 0f293fd..75a3ab4 100644 --- a/CHARTER.md +++ b/CHARTER.md @@ -1,11 +1,11 @@ -# AresOS Project Charter +# Clan OS Project Charter ```yaml status: authoritative semantics_version: 1.0.0 ``` -This document defines **charter-level** authority for AresOS governance. Process rules in epoch checklists, phase checklists, and `EPOCH_FAILURE_PROCEDURE.md` are subordinate to this charter unless explicitly elevated here. +This document defines **charter-level** authority for Clan OS governance. Process rules in epoch checklists, scope checklists, and `EPOCH_FAILURE_PROCEDURE.md` are subordinate to this charter unless explicitly elevated here. Referenced by: scope-freeze exceptions, Verus N+2 escalation, emergency dependency bumps, C-ABI FFI gates, compound epoch failures, dissent override, emergency stabilization. @@ -44,8 +44,8 @@ Sign-offs are recorded in `epoch_signoffs/epoch-N.toml` per `epoch_signoffs/sche | Level | Examples | Change mechanism | |-------|----------|------------------| | **Charter** | This document, scope-freeze exceptions, emergency stabilization, Verus N+2 acceptance, C-ABI FFI approval | Quorum + GPG-signed gate commit | -| **Process** | Phase checklist fields, benchmark thresholds, reviewer currency cadence, compat review checklist | Epoch gate or additive doc semver | -| **Implementation** | Phase commits, syscall behavior, driver code | Phase owner commit + pyramid gates | +| **Process** | Scope checklist fields, benchmark thresholds, reviewer currency cadence, compat review checklist | Epoch gate or additive doc semver | +| **Implementation** | Scope commits, syscall behavior, driver code | Scope owner commit + pyramid gates | When a process rule says "charter approval," it means quorum per this document. @@ -95,7 +95,7 @@ This is an operational allowance, not a permanent reduction in review rigor. ## Emergency stabilization procedure -Interfaces on the **never-stabilize before 1.0** list (`DESIGN_NORTH_STAR.md`) cannot receive stability guarantees during phases 121–150. +Interfaces on the **never-stabilize before 1.0** list (`DESIGN_NORTH_STAR.md`) cannot receive stability guarantees during scopes 121–150. If an **external dependency or integration partner** requires a stability commitment on such an interface before milestone 1.0: diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index 9790abf..0a58c3c 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -1,4 +1,4 @@ -# Contributing to AresOS +# Contributing to Clan OS ## Epoch 0 process @@ -7,10 +7,10 @@ 3. Unanimous 3/3 domain sign-offs in `epoch_signoffs/epoch-0.toml` 4. GPG-signed gate commit per `SECURITY.md` -## Phase commits +## Scope commits -- One commit per implementation phase: `feat(phase-NNN): ...` -- Phase owner only commits their phase (`phase_checklist_schema.toml`) +- One commit per implementation scope: `feat(scope-NNN): ...` +- Scope owner only commits their scope (`scope_checklist_schema.toml`) ## Cross-references diff --git a/Cargo.lock b/Cargo.lock index 626a69d..57b5fb5 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -2,10 +2,6 @@ # It is not intended for manual editing. version = 4 -[[package]] -name = "ares-rt" -version = "0.1.0" - [[package]] name = "bit_field" version = "0.10.3" @@ -30,6 +26,10 @@ version = "0.9.34" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "13f6a8a495d2f93fe3d6eb3a224f9aa749a63cfd746ed03eb5ddcbd00ade7d8f" +[[package]] +name = "clan-rt" +version = "0.1.0" + [[package]] name = "conquer-once" version = "0.4.0" @@ -84,6 +84,13 @@ dependencies = [ "slab", ] +[[package]] +name = "hello-alloc" +version = "0.1.0" +dependencies = [ + "clan-rt", +] + [[package]] name = "kernel" version = "0.1.0" @@ -129,6 +136,10 @@ dependencies = [ "scopeguard", ] +[[package]] +name = "mendo" +version = "0.1.0" + [[package]] name = "pc-keyboard" version = "0.5.1" @@ -150,6 +161,10 @@ version = "0.2.17" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "a89322df9ebe1c1578d689c92318e070967d1042b512afbe49518723f4e6d5cd" +[[package]] +name = "ring3-io-demo" +version = "0.1.0" + [[package]] name = "rustversion" version = "1.0.22" @@ -162,6 +177,13 @@ version = "1.2.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "94143f37725109f92c262ed2cf5e59bce7498c01bcc1502d7b9afe439a4e9f49" +[[package]] +name = "sig-demo" +version = "0.1.0" +dependencies = [ + "clan-rt", +] + [[package]] name = "slab" version = "0.4.12" diff --git a/Cargo.toml b/Cargo.toml index 6e98a17..909b340 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -1,5 +1,5 @@ [workspace] -members = ["kernel", "userland"] +members = ["kernel", "userland", "userland/mendo", "userland/ring3-io-demo", "userland/hello-alloc", "userland/sig-demo"] exclude = ["proof-rights"] resolver = "2" diff --git a/DECISION_LOG.md b/DECISION_LOG.md index 9e6ec7f..02d8803 100644 --- a/DECISION_LOG.md +++ b/DECISION_LOG.md @@ -1,4 +1,4 @@ -# AresOS Architecture Decision Log +# Clan OS Architecture Decision Log ```yaml status: authoritative @@ -6,7 +6,7 @@ version: 0.1.0 epoch: 0 ``` -Top-level architectural decisions resolved at project inception. Phase- and epoch-specific gated decisions are recorded in [`docs/DECISION_LOG.md`](docs/DECISION_LOG.md). +Top-level architectural decisions resolved at project inception. Scope- and epoch-specific gated decisions are recorded in [`docs/DECISION_LOG.md`](docs/DECISION_LOG.md). --- @@ -38,7 +38,7 @@ Top-level architectural decisions resolved at project inception. Phase- and epoc **Consequences:** `docs/SCHEDULER_MODEL.md`; partition capabilities for real-time and AI workload classes. -**Verification:** R-revoke-blocked Kani state machine; loom tests for SMP ordering (phases 141–142). +**Verification:** R-revoke-blocked Kani state machine; loom tests for SMP ordering (scopes 141–142). **Reference:** `docs/DECISION_LOG.md` entry `scheduler_priority_inversion`. @@ -112,17 +112,17 @@ Top-level architectural decisions resolved at project inception. Phase- and epoc **Status:** open **Context:** `#![deny(clippy::all)]` not enabled on kernel crate. Clippy on a 1700+ line kernel without per-lint review would obscure Track 1 doc commits. -**Reopen trigger:** first implementation phase commit after Track 1 squash gate. -**Resolution:** Dedicated phase commit with clippy allowlist reviewed per-lint; full Kani re-run. +**Reopen trigger:** first implementation scope commit after Track 1 squash gate. +**Resolution:** Dedicated scope commit with clippy allowlist reviewed per-lint; full Kani re-run. --- -### ares-rt-001 — ares-rt `no_std` enforcement pending +### clan-rt-001 — clan-rt `no_std` enforcement pending -**Status:** resolved (phase 401) -**Context:** Workspace `cargo check` fails on the host target because `ares-rt` (`userland/`) does not declare `#![no_std]`. The crate is built for `x86_64-unknown-none` in the OS context; `cargo check -p kernel` passes. This is documentation and build-matrix debt, not a kernel soundness issue. +**Status:** resolved (scope 401) +**Context:** Workspace `cargo check` fails on the host target because `clan-rt` (`userland/`) does not declare `#![no_std]`. The crate is built for `x86_64-unknown-none` in the OS context; `cargo check -p kernel` passes. This is documentation and build-matrix debt, not a kernel soundness issue. **Reopen trigger:** `architecture_state.toml` → `has_no_std_enforcement = false` (CI-readable; must flip to `true` only after enforcement lands). -**Resolution:** `#![no_std]` added to `ares-rt` lib; `scripts/gate/ares_rt.py` in validation matrix; `has_no_std_enforcement = true`. +**Resolution:** `#![no_std]` added to `clan-rt` lib; `scripts/gate/clan_rt.py` in validation matrix; `has_no_std_enforcement = true`. --- diff --git a/GLOSSARY.toml b/GLOSSARY.toml index 7da6840..d9a0137 100644 --- a/GLOSSARY.toml +++ b/GLOSSARY.toml @@ -26,4 +26,4 @@ definition = "Kernel code paths whose compromise breaks security goals" [[terms]] id = "compat-internal" term = "compat-internal bridge" -definition = "Interim IPC path 122-133; CI counter must reach zero at phase 134" +definition = "Interim IPC path 122-133; CI counter must reach zero at scope 134" diff --git a/README.md b/README.md index f7716b9..5462ac1 100644 --- a/README.md +++ b/README.md @@ -1,24 +1,24 @@ -# AresOS ⚔️ +# Clan OS ⚔️ <p align="center"> - <img src="logo.png" alt="AresOS logo" width="420" /> + <img src="logo.png" alt="Clan OS logo" width="420" /> </p> -**AresOS** is an experimental operating system written in **Rust**, built from the ground up to explore modern kernel architecture, low-level hardware control, and safe systems programming. +**Clan OS** is an experimental operating system written in **Rust**, built from the ground up to explore modern kernel architecture, low-level hardware control, and safe systems programming. -Named after Ares, the project represents **strength, control, and raw system power** — the philosophy that a developer should fully understand and command the machine they use. +Named for the idea of a **shared craft** — building a system together with intention — the project represents **strength, control, and raw system power**: a developer should fully understand and command the machine they use. -AresOS is both a **learning platform and a long-term experimental system**, focused on transparency, performance, and deep system knowledge. +Clan OS is both a **learning platform and a long-term experimental system**, focused on transparency, performance, and deep system knowledge. --- # Philosophy -AresOS follows a simple belief: +Clan OS follows a simple belief: > The best way to understand a computer is to build the system that runs it. -Modern operating systems hide enormous complexity behind layers of abstraction. AresOS instead embraces that complexity and exposes how systems truly work. +Modern operating systems hide enormous complexity behind layers of abstraction. Clan OS instead embraces that complexity and exposes how systems truly work. The project focuses on: @@ -32,13 +32,13 @@ Rust provides the safety guarantees needed to build such a system without sacrif # Inspiration -AresOS draws inspiration from several legendary operating system projects. +Clan OS draws inspiration from several legendary operating system projects. One of the strongest influences is TempleOS, created entirely by Terry A. Davis. TempleOS demonstrated what a single determined developer could achieve by building a complete operating system from scratch. Its bold philosophy and uncompromising approach to system design helped inspire many modern hobby OS projects. -While AresOS follows a different technical path—using Rust and modern system architecture—it shares the same spirit of **deep curiosity, independence, and exploration of computing at the lowest level**. +While Clan OS follows a different technical path—using Rust and modern system architecture—it shares the same spirit of **deep curiosity, independence, and exploration of computing at the lowest level**. Other inspirations include: @@ -50,7 +50,7 @@ Other inspirations include: # Goals -AresOS aims to become a small but powerful experimental operating system that demonstrates: +Clan OS aims to become a small but powerful experimental operating system that demonstrates: * modern kernel design * memory-safe systems programming @@ -98,12 +98,12 @@ The project also serves as a **long-term exploration of operating system enginee # Validation -Runtime boot validation uses unified **boot** and **system** gates — not per-phase `PhaseN-*` serial lines. +Runtime boot validation uses unified **boot** and **system** gates — not per-scope `numbered boot serial` serial lines. | Gate | Module | Final serial line | |------|--------|-------------------| -| Boot (phases 6–150) | `kernel/src/boot_gate.rs` | `AresOS-BootGate: ok=true` | -| System (M500) | `kernel/src/system_gate.rs` | `AresOS-SystemGate: ok=true` | +| Boot | `kernel/src/boot_gate.rs` | `ClanOS-BootGate: ok=true` | +| System | `kernel/src/system_gate.rs` | `ClanOS-SystemGate: ok=true` | Full reference: [`docs/VALIDATION_GATES.md`](docs/VALIDATION_GATES.md) @@ -116,9 +116,9 @@ python scripts/gate/system.py --gate system --timeout 360 # Roadmap (historical scope) -Per-phase entries below document **completed implementation scope**. CI and QEMU smokes use the gates above. +Per-scope entries below document **completed implementation scope**. CI and QEMU smokes use the gates above. -### Phase 1 — Boot +### Scope 1 — Boot * freestanding Rust kernel * bootloader integration @@ -126,9 +126,9 @@ Per-phase entries below document **completed implementation scope**. CI and QEMU Status: ✅ Complete (validated 2026-03-17) -Checklist: `docs/phase-1-checklist.md` +Checklist: `docs/scope-1-checklist.md` -### Phase 2 — Hardware +### Scope 2 — Hardware * interrupt descriptor table * keyboard driver @@ -136,9 +136,9 @@ Checklist: `docs/phase-1-checklist.md` Status: ✅ Complete (validated 2026-03-17) -Checklist: `docs/phase-2-checklist.md` +Checklist: `docs/scope-2-checklist.md` -### Phase 3 — Memory +### Scope 3 — Memory * paging implementation * frame allocator @@ -146,9 +146,9 @@ Checklist: `docs/phase-2-checklist.md` Status: ✅ Complete (validated 2026-03-17) -Checklist: `docs/phase-3-checklist.md` +Checklist: `docs/scope-3-checklist.md` -### Phase 4 — Processes +### Scope 4 — Processes * multitasking scheduler * context switching @@ -156,9 +156,9 @@ Checklist: `docs/phase-3-checklist.md` Status: ✅ Complete (validated 2026-03-17, cooperative async; context switching in `context-lab` mode) -Checklist: `docs/phase-4-checklist.md` +Checklist: `docs/scope-4-checklist.md` -### Phase 5 — Preemptive Scheduling & Process Foundation +### Scope 5 — Preemptive Scheduling & Process Foundation * preemptive scheduler mode (`preemption` feature) * process abstraction + PID allocator @@ -166,11 +166,11 @@ Checklist: `docs/phase-4-checklist.md` Status: ✅ Complete (validated 2026-05-06) -Checklist: `docs/phase-5-checklist.md` +Checklist: `docs/scope-5-checklist.md` Scheduler deep dive: `docs/SCHEDULER.md` -### Phase 6 — User Space +### Scope 6 — User Space * command shell * system utilities @@ -178,9 +178,9 @@ Scheduler deep dive: `docs/SCHEDULER.md` Status: ✅ Complete (validated 2026-05-06; shell + utilities + syscall/storage baseline) -Checklist: `docs/phase-6-checklist.md` +Checklist: `docs/scope-6-checklist.md` -### Phase 7 — Persistent Storage +### Scope 7 — Persistent Storage * block-device storage boundary * simple persistent filesystem format @@ -188,11 +188,11 @@ Checklist: `docs/phase-6-checklist.md` Status: ✅ Complete (validated 2026-05-13; remount persistence + QEMU storage smoke) -Checklist: `docs/phase-7-checklist.md` +Checklist: `docs/scope-7-checklist.md` Storage deep dive: `docs/STORAGE.md` -### Phase 8 — Device & Block Driver Bring-Up +### Scope 8 — Device & Block Driver Bring-Up * device registry and PCI discovery skeleton * block-device manager @@ -200,11 +200,11 @@ Storage deep dive: `docs/STORAGE.md` Status: ✅ Complete (validated 2026-05-13; device/block smoke + storage-through-manager) -Checklist: `docs/phase-8-checklist.md` +Checklist: `docs/scope-8-checklist.md` Device deep dive: `docs/DEVICES.md` -### Phase 9 — Stored Program Loader +### Scope 9 — Stored Program Loader * executable manifest format * `/bin/*` program discovery @@ -212,11 +212,11 @@ Device deep dive: `docs/DEVICES.md` Status: ✅ Complete (validated 2026-05-13; stored manifests + loader smoke) -Checklist: `docs/phase-9-checklist.md` +Checklist: `docs/scope-9-checklist.md` Program loader deep dive: `docs/PROGRAMS.md` -### Phase 10 — Permissions & Process Isolation Groundwork +### Scope 10 — Permissions & Process Isolation Groundwork * static users, roles, and credential model * file owner/mode metadata with checked shell/syscall operations @@ -224,11 +224,11 @@ Program loader deep dive: `docs/PROGRAMS.md` Status: ✅ Complete (validated 2026-05-13; permission denial + process ownership smoke) -Checklist: `docs/phase-10-checklist.md` +Checklist: `docs/scope-10-checklist.md` Security deep dive: `docs/SECURITY.md` -### Phase 11 — Executable Image & Address-Space Groundwork +### Scope 11 — Executable Image & Address-Space Groundwork * conservative ELF64 image validation * descriptor-only address-space and virtual-region model @@ -236,11 +236,11 @@ Security deep dive: `docs/SECURITY.md` Status: ✅ Complete (validated 2026-05-13; image validation + unsupported execution smoke) -Checklist: `docs/phase-11-checklist.md` +Checklist: `docs/scope-11-checklist.md` Executable image deep dive: `docs/EXECUTABLE_IMAGES.md` -### Phase 12 — Executable Load Plans & Mapping Groundwork +### Scope 12 — Executable Load Plans & Mapping Groundwork * page-aligned executable load plans * copy and zero-fill action accounting @@ -248,11 +248,11 @@ Executable image deep dive: `docs/EXECUTABLE_IMAGES.md` Status: ✅ Complete (validated 2026-05-13; load-plan preparation + execution-block smoke) -Checklist: `docs/phase-12-checklist.md` +Checklist: `docs/scope-12-checklist.md` Load-plan deep dive: `docs/LOAD_PLANS.md` -### Phase 13 — Frame-Backed Mapping Stubs +### Scope 13 — Frame-Backed Mapping Stubs * deterministic mapping-stub records for prepared load plans * frame-token, copy-byte, and zero-fill accounting @@ -260,11 +260,11 @@ Load-plan deep dive: `docs/LOAD_PLANS.md` Status: ✅ Complete (validated 2026-05-13; mapping-stub smoke + execution-block preservation) -Checklist: `docs/phase-13-checklist.md` +Checklist: `docs/scope-13-checklist.md` Mapping-stub deep dive: `docs/MAPPING_STUBS.md` -### Phase 14 — Frame Ownership Service +### Scope 14 — Frame Ownership Service * persistent frame ownership registry * bounded physical-frame accounting after heap initialization @@ -272,23 +272,23 @@ Mapping-stub deep dive: `docs/MAPPING_STUBS.md` Status: ✅ Complete (validated 2026-05-13; frame ownership smoke) -Checklist: `docs/phase-14-checklist.md` +Checklist: `docs/scope-14-checklist.md` Frame ownership deep dive: `docs/FRAME_OWNERSHIP.md` -### Phase 15 — Real Backing Frames For Load Plans +### Scope 15 — Real Backing Frames For Load Plans * frame-backed image records for mapped executable pages -* owned-frame consumption from the Phase 14 registry +* owned-frame consumption from the Scope 14 registry * copy and zero-fill accounting attached to backed pages Status: ✅ Complete (validated 2026-05-13; frame-backed image smoke) -Checklist: `docs/phase-15-checklist.md` +Checklist: `docs/scope-15-checklist.md` Frame-backed image deep dive: `docs/FRAME_BACKED_IMAGES.md` -### Phase 16 — Inactive User Page Tables +### Scope 16 — Inactive User Page Tables * inactive user page-table descriptors for frame-backed images * virtual-to-physical translation validation @@ -296,11 +296,11 @@ Frame-backed image deep dive: `docs/FRAME_BACKED_IMAGES.md` Status: ✅ Complete (validated 2026-05-13; inactive page-table smoke) -Checklist: `docs/phase-16-checklist.md` +Checklist: `docs/scope-16-checklist.md` User page-table deep dive: `docs/USER_PAGE_TABLES.md` -### Phase 17 — User Context And Entry Frames +### Scope 17 — User Context And Entry Frames * GDT user code/data selectors * initial user entry frame and stack descriptors @@ -308,11 +308,11 @@ User page-table deep dive: `docs/USER_PAGE_TABLES.md` Status: ✅ Complete (validated 2026-05-13; user-context smoke) -Checklist: `docs/phase-17-checklist.md` +Checklist: `docs/scope-17-checklist.md` User context deep dive: `docs/USER_CONTEXT.md` -### Phase 18 — Controlled Ring 3 Trampoline +### Scope 18 — Controlled Ring 3 Trampoline * controlled user-entry/trap result records * reserved user trap vector metadata @@ -320,11 +320,11 @@ User context deep dive: `docs/USER_CONTEXT.md` Status: ✅ Complete (validated 2026-05-13; controlled Ring 3 trampoline smoke) -Checklist: `docs/phase-18-checklist.md` +Checklist: `docs/scope-18-checklist.md` Ring 3 trampoline deep dive: `docs/RING3_TRAMPOLINE.md` -### Phase 19 — Syscall Entry And Return ABI +### Scope 19 — Syscall Entry And Return ABI * user syscall register-frame ABI * syscall dispatch return metadata @@ -332,11 +332,11 @@ Ring 3 trampoline deep dive: `docs/RING3_TRAMPOLINE.md` Status: ✅ Complete (validated 2026-05-13; syscall return smoke) -Checklist: `docs/phase-19-checklist.md` +Checklist: `docs/scope-19-checklist.md` User syscall deep dive: `docs/USER_SYSCALLS.md` -### Phase 20 — Minimal ELF Execution MVP +### Scope 20 — Minimal ELF Execution MVP * guarded `/bin/hello` ELF execution path * deterministic output and exit status for `run hello` @@ -344,689 +344,689 @@ User syscall deep dive: `docs/USER_SYSCALLS.md` Status: ✅ Complete (validated 2026-05-13; user ELF smoke) -Checklist: `docs/phase-20-checklist.md` +Checklist: `docs/scope-20-checklist.md` User ELF MVP deep dive: `docs/USER_ELF_MVP.md` -### Phase 21 — Hardware User Page Tables +### Scope 21 — Hardware User Page Tables * real x86_64 page tables from inactive descriptors * descriptor vs hardware translation verification * blocked `HwPageTableReady` process metadata -Checklist: `docs/phase-21-checklist.md` +Checklist: `docs/scope-21-checklist.md` Status: ✅ Complete (validated 2026-05-22) -### Phase 22 — Controlled CR3 Activation +### Scope 22 — Controlled CR3 Activation * activate and restore user CR3 without execution * translation verification under switched page tables * blocked `Cr3Activated` process metadata -Checklist: `docs/phase-22-checklist.md` +Checklist: `docs/scope-22-checklist.md` Status: ✅ Complete (validated 2026-05-22) -### Phase 23 — Real iretq User Entry +### Scope 23 — Real iretq User Entry * CPU Ring 3 entry via `iretq` to a controlled stub * return through invalid-opcode trap during bring-up * blocked `UserEnteredHw` process metadata -Checklist: `docs/phase-23-checklist.md` +Checklist: `docs/scope-23-checklist.md` Status: ✅ Complete (validated 2026-05-22) -### Phase 24 — Hardware User Trap Return +### Scope 24 — Hardware User Trap Return * IDT vector `0x80` handler for cooperative user return * blocked `UserHwTrapped` process metadata -Checklist: `docs/phase-24-checklist.md` +Checklist: `docs/scope-24-checklist.md` Status: ✅ Complete (validated 2026-05-22) -### Phase 25 — CPU syscall / sysret Path +### Scope 25 — CPU syscall / sysret Path * `syscall`/`sysret` MSRs and entry stub * hardware tick-probe syscall path * blocked `UserHwSyscallReturned` process metadata -Checklist: `docs/phase-25-checklist.md` +Checklist: `docs/scope-25-checklist.md` Status: ✅ Complete (validated 2026-05-22) -### Phase 26 — Validated User Copyin +### Scope 26 — Validated User Copyin * bounded `copy_from_user` / `copy_to_user` * copy-probe syscall round-trip -Checklist: `docs/phase-26-checklist.md` +Checklist: `docs/scope-26-checklist.md` Status: ✅ Complete (validated 2026-05-22) -### Phase 27 — Static ELF Relocations +### Scope 27 — Static ELF Relocations * `R_X86_64_RELATIVE` / `R_X86_64_64` for seeded images * relocation accounting during frame backing -Checklist: `docs/phase-27-checklist.md` +Checklist: `docs/scope-27-checklist.md` Status: ✅ Complete (validated 2026-05-22) -### Phase 28 — Hardware Hello Execution +### Scope 28 — Hardware Hello Execution * `run hello` through hardware Ring 3 + syscall path * blocked `UserHwElfExited` process metadata -Checklist: `docs/phase-28-checklist.md` +Checklist: `docs/scope-28-checklist.md` Status: ✅ Complete (validated 2026-05-22) -### Phase 29 — Allowlisted ELF Programs +### Scope 29 — Allowlisted ELF Programs * allowlisted `hello` and `exit42` ELF programs * seeded manifests and images -Checklist: `docs/phase-29-checklist.md` +Checklist: `docs/scope-29-checklist.md` Status: ✅ Complete (validated 2026-05-22) -### Phase 30 — Per-Process CR3 Switching +### Scope 30 — Per-Process CR3 Switching * save/restore distinct user CR3 values * isolation verification across switches -Checklist: `docs/phase-30-checklist.md` +Checklist: `docs/scope-30-checklist.md` Status: ✅ Complete (validated 2026-05-22) -### Phase 31 — Scheduler CR3 Binding +### Scope 31 — Scheduler CR3 Binding * CR3 binding on process records and preemptive context switch * Covered by boot/system gate (see VALIDATION_GATES.md) -Checklist: `docs/phase-31-checklist.md` +Checklist: `docs/scope-31-checklist.md` Status: ✅ Complete (validated 2026-05-22) Scheduler deep dive: `docs/SCHEDULER.md` -### Phase 32 — User Trap Frame Persistence +### Scope 32 — User Trap Frame Persistence * saved `UserHwFrame` across scheduler yield * Covered by boot/system gate (see VALIDATION_GATES.md) -Checklist: `docs/phase-32-checklist.md` +Checklist: `docs/scope-32-checklist.md` Status: ✅ Complete (validated 2026-05-22) -### Phase 33 — Concurrent Allowlisted ELFs +### Scope 33 — Concurrent Allowlisted ELFs * `hello` and `exit42` under distinct hardware page tables * Covered by boot/system gate (see VALIDATION_GATES.md) -Checklist: `docs/phase-33-checklist.md` +Checklist: `docs/scope-33-checklist.md` Status: ✅ Complete (validated 2026-05-22) -### Phase 34 — Exit and Wait Syscalls +### Scope 34 — Exit and Wait Syscalls * `ExitProcess` / `WaitProcess` syscalls * Covered by boot/system gate (see VALIDATION_GATES.md) -Checklist: `docs/phase-34-checklist.md` +Checklist: `docs/scope-34-checklist.md` Status: ✅ Complete (validated 2026-05-22) -### Phase 35 — Hardware Syscall Dispatch Table +### Scope 35 — Hardware Syscall Dispatch Table * allowlisted hardware syscall IDs * Covered by boot/system gate (see VALIDATION_GATES.md) -Checklist: `docs/phase-35-checklist.md` +Checklist: `docs/scope-35-checklist.md` Status: ✅ Complete (validated 2026-05-22) User syscall deep dive: `docs/USER_SYSCALLS.md` -### Phase 36 — Storage Syscalls With Copyin +### Scope 36 — Storage Syscalls With Copyin * storage probe syscalls with validated user copies * Covered by boot/system gate (see VALIDATION_GATES.md) -Checklist: `docs/phase-36-checklist.md` +Checklist: `docs/scope-36-checklist.md` Status: ✅ Complete (validated 2026-05-22) -### Phase 37 — Manifest-Discovered ELF Load +### Scope 37 — Manifest-Discovered ELF Load * discover `elf64-image` manifests; gated execution including `tickprobe` * Covered by boot/system gate (see VALIDATION_GATES.md) -Checklist: `docs/phase-37-checklist.md` +Checklist: `docs/scope-37-checklist.md` Status: ✅ Complete (validated 2026-05-22) -### Phase 38 — Demand-Zero Page Growth +### Scope 38 — Demand-Zero Page Growth * user `#PF` handler and demand-zero mapping * Covered by boot/system gate (see VALIDATION_GATES.md) -Checklist: `docs/phase-38-checklist.md` +Checklist: `docs/scope-38-checklist.md` Status: ✅ Complete (validated 2026-05-22) Demand paging deep dive: `docs/DEMAND_PAGING.md` -### Phase 39 — Dynamic Linking Groundwork +### Scope 39 — Dynamic Linking Groundwork -* `DT_NEEDED` detection for ARES seed ELFs +* `DT_NEEDED` detection for CLAN seed ELFs * Covered by boot/system gate (see VALIDATION_GATES.md) -Checklist: `docs/phase-39-checklist.md` +Checklist: `docs/scope-39-checklist.md` Status: ✅ Complete (validated 2026-05-22) -### Phase 40 — Integration Milestone +### Scope 40 — Integration Milestone -* end-to-end validation of phases 31–39 +* end-to-end validation of scopes 31–39 * Covered by boot/system gate (see VALIDATION_GATES.md) -Checklist: `docs/phase-40-checklist.md` +Checklist: `docs/scope-40-checklist.md` Status: ✅ Complete (validated 2026-05-22) -### Phase 41 — Shared Library Mapping +### Scope 41 — Shared Library Mapping * map `libc_stub` dependency at `0x700000` when `DT_NEEDED` is present * Covered by boot/system gate (see VALIDATION_GATES.md) -Checklist: `docs/phase-41-checklist.md` +Checklist: `docs/scope-41-checklist.md` Status: ✅ Complete (validated 2026-05-22) Shared library deep dive: `docs/SHARED_LIBRARIES.md` -### Phase 42 — Dynamic Import Relocations +### Scope 42 — Dynamic Import Relocations * `R_X86_64_GLOB_DAT` imports against mapped shared library * Covered by boot/system gate (see VALIDATION_GATES.md) -Checklist: `docs/phase-42-checklist.md` +Checklist: `docs/scope-42-checklist.md` Status: ✅ Complete (validated 2026-05-22) -### Phase 43 — Trust-Gated ELF Execution +### Scope 43 — Trust-Gated ELF Execution * run `trust=system` manifests without name allowlist (`systrust` fixture) * Covered by boot/system gate (see VALIDATION_GATES.md) -Checklist: `docs/phase-43-checklist.md` +Checklist: `docs/scope-43-checklist.md` Status: ✅ Complete (validated 2026-05-22) -### Phase 44 — User Path Copyin +### Scope 44 — User Path Copyin * `ReadPathProbe` syscall with validated user paths * Covered by boot/system gate (see VALIDATION_GATES.md) -Checklist: `docs/phase-44-checklist.md` +Checklist: `docs/scope-44-checklist.md` Status: ✅ Complete (validated 2026-05-22) -### Phase 45 — File Descriptor Table +### Scope 45 — File Descriptor Table * `OpenFile` / `CloseFile` syscalls with bring-up FD table * Covered by boot/system gate (see VALIDATION_GATES.md) -Checklist: `docs/phase-45-checklist.md` +Checklist: `docs/scope-45-checklist.md` Status: ✅ Complete (validated 2026-05-22) File I/O deep dive: `docs/FILE_DESCRIPTORS.md` -### Phase 46 — FD Read/Write +### Scope 46 — FD Read/Write * `ReadFd` / `WriteFd` with validated user buffers * Covered by boot/system gate (see VALIDATION_GATES.md) -Checklist: `docs/phase-46-checklist.md` +Checklist: `docs/scope-46-checklist.md` Status: ✅ Complete (validated 2026-05-22) -### Phase 47 — File-Backed Demand Paging +### Scope 47 — File-Backed Demand Paging * demand-map file pages from storage on user `#PF` * Covered by boot/system gate (see VALIDATION_GATES.md) -Checklist: `docs/phase-47-checklist.md` +Checklist: `docs/scope-47-checklist.md` Status: ✅ Complete (validated 2026-05-22) -### Phase 48 — W^X Mapping Policy +### Scope 48 — W^X Mapping Policy * reject writable+executable user page flags * Covered by boot/system gate (see VALIDATION_GATES.md) -Checklist: `docs/phase-48-checklist.md` +Checklist: `docs/scope-48-checklist.md` Status: ✅ Complete (validated 2026-05-22) -### Phase 49 — SMP Groundwork +### Scope 49 — SMP Groundwork * CPU count detection, AP accounting, TLB flush hooks * Covered by boot/system gate (see VALIDATION_GATES.md) -Checklist: `docs/phase-49-checklist.md` +Checklist: `docs/scope-49-checklist.md` Status: ✅ Complete (validated 2026-05-22) SMP deep dive: `docs/SMP.md` -### Phase 50 — Integration Milestone (41–49) +### Scope 50 — Integration Milestone (41–49) -* end-to-end validation of phases 41–49 +* end-to-end validation of scopes 41–49 * Covered by boot/system gate (see VALIDATION_GATES.md) -Checklist: `docs/phase-50-checklist.md` +Checklist: `docs/scope-50-checklist.md` Status: ✅ Complete (validated 2026-05-22) -### Phase 51 — Per-Process FD Tables +### Scope 51 — Per-Process FD Tables * FD tables stored on `Process`; `current_process_id` from CR3 * Covered by boot/system gate (see VALIDATION_GATES.md) -Checklist: `docs/phase-51-checklist.md` +Checklist: `docs/scope-51-checklist.md` -### Phase 52 — Dup FD and CWD-Relative Open +### Scope 52 — Dup FD and CWD-Relative Open * `DupFd` syscall; per-process `cwd`; relative `OpenFile` * Covered by boot/system gate (see VALIDATION_GATES.md) -Checklist: `docs/phase-52-checklist.md` +Checklist: `docs/scope-52-checklist.md` -### Phase 53 — mprotect and Guard Pages +### Scope 53 — mprotect and Guard Pages * `Mprotect` syscall within W^X; stack guard probe * Covered by boot/system gate (see VALIDATION_GATES.md) -Checklist: `docs/phase-53-checklist.md` +Checklist: `docs/scope-53-checklist.md` -### Phase 54 — mmap Bring-Up +### Scope 54 — mmap Bring-Up * anonymous RW at `0x600000`; read-only file mmap * Covered by boot/system gate (see VALIDATION_GATES.md) -Checklist: `docs/phase-54-checklist.md` +Checklist: `docs/scope-54-checklist.md` -### Phase 55 — User Write Path +### Scope 55 — User Write Path * `WritePathProbe` syscall; storage round-trip smoke * Covered by boot/system gate (see VALIDATION_GATES.md) -Checklist: `docs/phase-55-checklist.md` +Checklist: `docs/scope-55-checklist.md` -### Phase 56 — Multiple Shared Libraries +### Scope 56 — Multiple Shared Libraries * `/lib/*.elf` search; `libc_stub` + `libaux_stub` mapping * Covered by boot/system gate (see VALIDATION_GATES.md) -Checklist: `docs/phase-56-checklist.md` +Checklist: `docs/scope-56-checklist.md` -### Phase 57 — PLT JUMP_SLOT Relocations +### Scope 57 — PLT JUMP_SLOT Relocations * `R_X86_64_JUMP_SLOT` binding; covered by boot gate `dynamic_runtime` -Checklist: `docs/phase-57-checklist.md` +Checklist: `docs/scope-57-checklist.md` -### Phase 58 — Manifest Digest Trust +### Scope 58 — Manifest Digest Trust * `digest=sha256:` manifest field; SHA-256 verification * Covered by boot/system gate (see VALIDATION_GATES.md) -Checklist: `docs/phase-58-checklist.md` +Checklist: `docs/scope-58-checklist.md` -### Phase 59 — Per-CPU Runqueue Skeleton +### Scope 59 — Per-CPU Runqueue Skeleton * BSP runqueue accounting on preempt; APs remain parked * Covered by boot/system gate (see VALIDATION_GATES.md) -Checklist: `docs/phase-59-checklist.md` +Checklist: `docs/scope-59-checklist.md` -### Phase 60 — Integration Milestone (51–59) +### Scope 60 — Integration Milestone (51–59) -* cumulative validation of phases 51–59 +* cumulative validation of scopes 51–59 * Covered by boot/system gate (see VALIDATION_GATES.md) -Checklist: `docs/phase-60-checklist.md` +Checklist: `docs/scope-60-checklist.md` -### Phase 61 — chdir and Path Normalization +### Scope 61 — chdir and Path Normalization * `Chdir` syscall; collapse `..` in resolved paths * Covered by boot/system gate (see VALIDATION_GATES.md) -Checklist: `docs/phase-61-checklist.md` +Checklist: `docs/scope-61-checklist.md` -### Phase 62 — munmap +### Scope 62 — munmap * `Munmap` syscall; TLB shootdown on unmap * Covered by boot/system gate (see VALIDATION_GATES.md) -Checklist: `docs/phase-62-checklist.md` +Checklist: `docs/scope-62-checklist.md` -### Phase 63 — Per-Process VMA Registry +### Scope 63 — Per-Process VMA Registry * region list on `Process`; mmap overlap rejection * Covered by boot/system gate (see VALIDATION_GATES.md) -Checklist: `docs/phase-63-checklist.md` +Checklist: `docs/scope-63-checklist.md` -### Phase 64 — Fork-Lite with FD Inheritance +### Scope 64 — Fork-Lite with FD Inheritance * `ForkLite` syscall; shallow-copy FD table and cwd * Covered by boot/system gate (see VALIDATION_GATES.md) -Checklist: `docs/phase-64-checklist.md` +Checklist: `docs/scope-64-checklist.md` -### Phase 65 — Ring 3 HW Syscall Probes +### Scope 65 — Ring 3 HW Syscall Probes * hardware `syscall` path for `WritePathProbe` / `Mprotect` * Covered by boot/system gate (see VALIDATION_GATES.md) -Checklist: `docs/phase-65-checklist.md` +Checklist: `docs/scope-65-checklist.md` -### Phase 66 — Minimal fcntl Stub +### Scope 66 — Minimal fcntl Stub * `F_GETFD` and `F_DUPFD` via `Fcntl` syscall * Covered by boot/system gate (see VALIDATION_GATES.md) -Checklist: `docs/phase-66-checklist.md` +Checklist: `docs/scope-66-checklist.md` -### Phase 67 — Lazy PLT Resolution +### Scope 67 — Lazy PLT Resolution * defer `R_X86_64_JUMP_SLOT` until `bind_lazy_plt` * Covered by boot/system gate (see VALIDATION_GATES.md) -Checklist: `docs/phase-67-checklist.md` +Checklist: `docs/scope-67-checklist.md` -### Phase 68 — Cross-CPU TLB Shootdown Accounting +### Scope 68 — Cross-CPU TLB Shootdown Accounting * per-CPU shootdown counters on unmap/map flush * Covered by boot/system gate (see VALIDATION_GATES.md) -Checklist: `docs/phase-68-checklist.md` +Checklist: `docs/scope-68-checklist.md` -### Phase 69 — AP Idle Trampoline Accounting +### Scope 69 — AP Idle Trampoline Accounting * parked AP idle tick counter under QEMU `-smp 2` * Covered by boot/system gate (see VALIDATION_GATES.md) -Checklist: `docs/phase-69-checklist.md` +Checklist: `docs/scope-69-checklist.md` -### Phase 70 — Integration Milestone (61–69) +### Scope 70 — Integration Milestone (61–69) -* cumulative validation of phases 61–69 +* cumulative validation of scopes 61–69 * Covered by boot/system gate (see VALIDATION_GATES.md) -Checklist: `docs/phase-70-checklist.md` +Checklist: `docs/scope-70-checklist.md` -### Phase 71 — HW `syscall` / `sysret` Return Path +### Scope 71 — HW `syscall` / `sysret` Return Path * hardware `syscall` stub with `sysret` back to user * Covered by boot/system gate (see VALIDATION_GATES.md) -Checklist: `docs/phase-71-checklist.md` +Checklist: `docs/scope-71-checklist.md` -### Phase 72 — Ring 3 `chdir` from User +### Scope 72 — Ring 3 `chdir` from User * `Chdir` syscall from Ring 3 HW path with user path pointer * Covered by boot/system gate (see VALIDATION_GATES.md) -Checklist: `docs/phase-72-checklist.md` +Checklist: `docs/scope-72-checklist.md` -### Phase 73 — `munmap` with Length (Partial Unmap) +### Scope 73 — `munmap` with Length (Partial Unmap) * `Munmap` `arg1` length; VMA truncate; TLB shootdown on unmap * Covered by boot/system gate (see VALIDATION_GATES.md) -Checklist: `docs/phase-73-checklist.md` +Checklist: `docs/scope-73-checklist.md` -### Phase 74 — `WaitLite` on Fork-Lite Child +### Scope 74 — `WaitLite` on Fork-Lite Child * `WaitLite = 78` waits for fork-lite child exit code * Covered by boot/system gate (see VALIDATION_GATES.md) -Checklist: `docs/phase-74-checklist.md` +Checklist: `docs/scope-74-checklist.md` -### Phase 75 — `syscallprobe` User ELF Manifest +### Scope 75 — `syscallprobe` User ELF Manifest * `/bin/syscallprobe` manifest; HW syscall probes * Covered by boot/system gate (see VALIDATION_GATES.md) -Checklist: `docs/phase-75-checklist.md` +Checklist: `docs/scope-75-checklist.md` -### Phase 76 — `fcntl` `F_SETFD` / Close-on-Exec +### Scope 76 — `fcntl` `F_SETFD` / Close-on-Exec * per-FD flags with `FD_CLOEXEC` * Covered by boot/system gate (see VALIDATION_GATES.md) -Checklist: `docs/phase-76-checklist.md` +Checklist: `docs/scope-76-checklist.md` -### Phase 77 — Ring 3 Lazy PLT First Call +### Scope 77 — Ring 3 Lazy PLT First Call * lazy PLT bind under Ring 3 smoke flag * Covered by boot/system gate (see VALIDATION_GATES.md) -Checklist: `docs/phase-77-checklist.md` +Checklist: `docs/scope-77-checklist.md` -### Phase 78 — IPI TLB Shootdown Stub +### Scope 78 — IPI TLB Shootdown Stub * logical IPI counters on `request_tlb_shootdown` * Covered by boot/system gate (see VALIDATION_GATES.md) -Checklist: `docs/phase-78-checklist.md` +Checklist: `docs/scope-78-checklist.md` -### Phase 79 — AP Idle Trampoline Entry +### Scope 79 — AP Idle Trampoline Entry * AP `hlt` trampoline entry accounting * Covered by boot/system gate (see VALIDATION_GATES.md) -Checklist: `docs/phase-79-checklist.md` +Checklist: `docs/scope-79-checklist.md` -### Phase 80 — Integration Milestone (71–79) +### Scope 80 — Integration Milestone (71–79) -* cumulative validation of phases 71–79 +* cumulative validation of scopes 71–79 * Covered by boot/system gate (see VALIDATION_GATES.md) -Checklist: `docs/phase-80-checklist.md` +Checklist: `docs/scope-80-checklist.md` -### Phase 81 — Real HW `syscall` / `sysret` +### Scope 81 — Real HW `syscall` / `sysret` * `HW_SYSRET_REAL` counter; HW probe via `hw-sysret-probe` feature on QEMU boot * Covered by boot/system gate (see VALIDATION_GATES.md) -Checklist: `docs/phase-81-checklist.md` +Checklist: `docs/scope-81-checklist.md` -### Phase 82 — `getcwd` Syscall +### Scope 82 — `getcwd` Syscall * `GetCwd = 79` copies process cwd to user buffer * Covered by boot/system gate (see VALIDATION_GATES.md) -Checklist: `docs/phase-82-checklist.md` +Checklist: `docs/scope-82-checklist.md` -### Phase 83 — `chdirprobe` User ELF +### Scope 83 — `chdirprobe` User ELF * `/bin/chdirprobe` manifest; `Chdir` + `GetCwd` smoke * Covered by boot/system gate (see VALIDATION_GATES.md) -Checklist: `docs/phase-83-checklist.md` +Checklist: `docs/scope-83-checklist.md` -### Phase 84 — VMA In-Region Split +### Scope 84 — VMA In-Region Split * middle `munmap` splits VMA registry (`VMA_SPLITS`) * Covered by boot/system gate (see VALIDATION_GATES.md) -Checklist: `docs/phase-84-checklist.md` +Checklist: `docs/scope-84-checklist.md` -### Phase 85 — Fork-Lite CR3 Duplicate +### Scope 85 — Fork-Lite CR3 Duplicate * shallow `fork_duplicate_cr3` for fork-lite child * Covered by boot/system gate (see VALIDATION_GATES.md) -Checklist: `docs/phase-85-checklist.md` +Checklist: `docs/scope-85-checklist.md` -### Phase 86 — `ExecLite` + Close-on-Exec +### Scope 86 — `ExecLite` + Close-on-Exec * `ExecLite = 81` replaces image; sweeps `FD_CLOEXEC` fds * Covered by boot/system gate (see VALIDATION_GATES.md) -Checklist: `docs/phase-86-checklist.md` +Checklist: `docs/scope-86-checklist.md` -### Phase 87 — `PipeLite` Anonymous Pipe +### Scope 87 — `PipeLite` Anonymous Pipe * `Pipe = 80`; ring buffer; read/write on pipe fds * Covered by boot/system gate (see VALIDATION_GATES.md) -Checklist: `docs/phase-87-checklist.md` +Checklist: `docs/scope-87-checklist.md` -### Phase 88 — Ring 3 PLT Fault Lazy Bind +### Scope 88 — Ring 3 PLT Fault Lazy Bind * `#PF` at PLT slot triggers lazy bind under smoke flag * Covered by boot/system gate (see VALIDATION_GATES.md) -Checklist: `docs/phase-88-checklist.md` +Checklist: `docs/scope-88-checklist.md` -### Phase 89 — LAPIC IPI Send Stub +### Scope 89 — LAPIC IPI Send Stub * `LAPIC_IPI_SEND` on TLB shootdown request * Covered by boot/system gate (see VALIDATION_GATES.md) -Checklist: `docs/phase-89-checklist.md` +Checklist: `docs/scope-89-checklist.md` -### Phase 90 — Integration Milestone (81–89) +### Scope 90 — Integration Milestone (81–89) -* cumulative validation of phases 81–89 counters (no nested re-run) +* cumulative validation of scopes 81–89 counters (no nested re-run) * Covered by boot/system gate (see VALIDATION_GATES.md) -Checklist: `docs/phase-90-checklist.md` +Checklist: `docs/scope-90-checklist.md` -### Phase 91 — Fork-Lite COW Break +### Scope 91 — Fork-Lite COW Break * anon page COW break after `fork_lite`; parent/child write isolation smoke * Covered by boot/system gate (see VALIDATION_GATES.md) -Checklist: `docs/phase-91-checklist.md` +Checklist: `docs/scope-91-checklist.md` -### Phase 92 — `PollLite` Syscall +### Scope 92 — `PollLite` Syscall * `Poll = 82` single-fd readiness on pipe fds * Covered by boot/system gate (see VALIDATION_GATES.md) -Checklist: `docs/phase-92-checklist.md` +Checklist: `docs/scope-92-checklist.md` -### Phase 93 — Gap-Aware `mmap` Hint +### Scope 93 — Gap-Aware `mmap` Hint * `next_anon_hint` fills lowest gap before high-water bump * Covered by boot/system gate (see VALIDATION_GATES.md) -Checklist: `docs/phase-93-checklist.md` +Checklist: `docs/scope-93-checklist.md` -### Phase 94 — `ExecLite` Argv from User +### Scope 94 — `ExecLite` Argv from User * bounded argv copy from user pointer vector * Covered by boot/system gate (see VALIDATION_GATES.md) -Checklist: `docs/phase-94-checklist.md` +Checklist: `docs/scope-94-checklist.md` -### Phase 95 — `pipeprobe` Ring-3 HW ELF +### Scope 95 — `pipeprobe` Ring-3 HW ELF * `/bin/pipeprobe` seed; HW pipe + `Poll` path under `hw-sysret-probe` * Covered by boot/system gate (see VALIDATION_GATES.md) -Checklist: `docs/phase-95-checklist.md` +Checklist: `docs/scope-95-checklist.md` -### Phase 96 — VMA Adjacent Coalesce +### Scope 96 — VMA Adjacent Coalesce * merge adjacent anon VMAs on munmap boundary * Covered by boot/system gate (see VALIDATION_GATES.md) -Checklist: `docs/phase-96-checklist.md` +Checklist: `docs/scope-96-checklist.md` -### Phase 97 — Work-Stealing Stub +### Scope 97 — Work-Stealing Stub * BSP steals from CPU1 runqueue counter when empty * Covered by boot/system gate (see VALIDATION_GATES.md) -Checklist: `docs/phase-97-checklist.md` +Checklist: `docs/scope-97-checklist.md` -### Phase 98 — AP Runnable Enqueue Stub +### Scope 98 — AP Runnable Enqueue Stub * synthetic runnable enqueue on CPU1 without AP scheduler loop * Covered by boot/system gate (see VALIDATION_GATES.md) -Checklist: `docs/phase-98-checklist.md` +Checklist: `docs/scope-98-checklist.md` -### Phase 99 — LAPIC ICR Write Stub +### Scope 99 — LAPIC ICR Write Stub * discard-backed ICR-low write counter (no real MMIO in QEMU tests) * Covered by boot/system gate (see VALIDATION_GATES.md) -Checklist: `docs/phase-99-checklist.md` +Checklist: `docs/scope-99-checklist.md` -### Phase 100 — Integration Milestone (91–99) +### Scope 100 — Integration Milestone (91–99) -* cumulative validation of phases 91–99 counters (no nested re-run) +* cumulative validation of scopes 91–99 counters (no nested re-run) * Covered by boot/system gate (see VALIDATION_GATES.md) -Checklist: `docs/phase-100-checklist.md` +Checklist: `docs/scope-100-checklist.md` -### Phases 101–110 — Constitutional Semantic Foundation (documentation) +### Scopes 101–110 — Constitutional Semantic Foundation (documentation) -Phases 1–100 answered whether the OS can exist. Phases 101–110 freeze **semantic constitutionalism**: axioms, rights algebra, temporal visibility, IPC guarantees, governance gates G1–G5, and `ares-semantics-v1` — before native implementation (111+). +Scopes 1–100 answered whether the OS can exist. Scopes 101–110 freeze **semantic constitutionalism**: axioms, rights algebra, temporal visibility, IPC guarantees, governance gates G1–G5, and `clan-semantics-v1` — before native implementation (111+). -Status: complete (validated 2026-05-25 — semantic lint + Phase 110 constitutional smoke) +Status: complete (validated 2026-05-25 — semantic lint + Scope 110 constitutional smoke) -Checklist index: `docs/phase-101-checklist.md` … `docs/phase-110-checklist.md` +Checklist index: `docs/scope-101-checklist.md` … `docs/scope-110-checklist.md` Validation: ``` python scripts/semantic_lint.py -python scripts/gate/legacy.py --phase 110 --timeout 300 +python scripts/gate/boot.py --gate constitutional --timeout 300 ``` Key guides: * [NATIVE_MODEL.md](docs/NATIVE_MODEL.md) — post-Unix capability civilization * [AXIOMS.md](docs/AXIOMS.md) — constitutional axioms A1–A10 (A7+A10 anti-entropy pair) -* [ROADMAP_POST100.md](docs/ROADMAP_POST100.md) — phases 101–150 table +* [ROADMAP_POST100.md](docs/ROADMAP_POST100.md) — scopes 101–150 table -### Phases 111–120 — Capability Foundation (implementation) +### Scopes 111–120 — Capability Foundation (implementation) Kernel object table, native cap lifecycle (IDs 256+ kernel-only), storage grants, compat path broker, ambient/namespace policy, and cap+compat integration milestone. -Status: complete (validated — `AresOS-BootGate: name=capabilities ok=true`) +Status: complete (validated — `ClanOS-BootGate: name=capabilities ok=true`) -Checklist index: `docs/phase-111-checklist.md` … `docs/phase-120-checklist.md` +Checklist index: `docs/scope-111-checklist.md` … `docs/scope-120-checklist.md` Validation: ``` cargo check -p kernel cargo test -p kernel --features preemption --test preemption_integration -python scripts/gate/legacy.py --phase 120 --timeout 300 +python scripts/gate/boot.py --gate capabilities --timeout 300 ``` -### Phases 121–150 — Native platform +### Scopes 121–150 — Native platform Service loaders, brokers, endpoints, service-centric scheduling — see [ROADMAP_POST100.md](docs/ROADMAP_POST100.md). -Status: complete (validated — `AresOS-BootGate: name=boundary ok=true`) +Status: complete (validated — `ClanOS-BootGate: name=boundary ok=true`) -### Phases 151–500 — Post-150 roadmap +### Scopes 151–500 — Post-150 roadmap Epochs 7–20 through milestone **500** (fully operational OS). See: @@ -1041,7 +1041,7 @@ Validation (system gate): ``` python scripts/gate/system.py --gate system --timeout 360 python scripts/gate/system_host.py -python scripts/gate/ares_rt.py +python scripts/gate/clan_rt.py .\scripts\run_desktop.ps1 ``` @@ -1054,7 +1054,7 @@ Full index: [`docs/INDEX.md`](docs/INDEX.md) · Gate reference: [`docs/VALIDATIO # Project Structure ``` -AresOS +Clan OS ├── Cargo.toml workspace manifest ├── docs/ validation gates, guides, historical checklists (INDEX.md) ├── scripts/ boot/system gate checks + validation_matrix.py @@ -1062,7 +1062,7 @@ AresOS │ ├── Cargo.toml kernel crate manifest │ ├── x86_64-unknown-none.json │ ├── src/ -│ │ ├── main.rs kernel entry + phase boot smokes +│ │ ├── main.rs kernel entry + boot gate smokes │ │ ├── lib.rs modules, init (GDT, IDT, SMP) │ │ ├── storage.rs simple persistent filesystem │ │ ├── security.rs identity + permission policy @@ -1071,7 +1071,7 @@ AresOS │ │ ├── block.rs block-device manager │ │ ├── exec_image.rs ELF64 image validation │ │ ├── elf_reloc.rs static + GLOB_DAT relocations -│ │ ├── shared_loader.rs shared library mapping (phase 41) +│ │ ├── shared_loader.rs shared library mapping (scope 41) │ │ ├── load_plan.rs executable load-plan accounting │ │ ├── mapping_stub.rs mapping-stub records │ │ ├── frame_ownership.rs frame ownership registry @@ -1086,8 +1086,8 @@ AresOS │ │ ├── user_copy.rs validated user copies │ │ ├── user_path.rs bounded user path copyin │ │ ├── fd_table.rs per-process file descriptor table -│ │ ├── mmap.rs mmap bring-up (Phase 54) -│ │ ├── image_digest.rs SHA-256 manifest digests (Phase 58) +│ │ ├── mmap.rs mmap bring-up (Scope 54) +│ │ ├── image_digest.rs SHA-256 manifest digests (Scope 58) │ │ ├── smp.rs CPU detect, TLB hooks, runqueues │ │ ├── ring3_trampoline.rs controlled user-entry traps │ │ ├── task/ scheduler, loader, keyboard shell @@ -1139,194 +1139,47 @@ GitHub Actions ([`.github/workflows/ci.yml`](.github/workflows/ci.yml)) runs `ca python scripts/validation_matrix.py --soak-duration 30 --latency-duration 30 --boot-wait 90 --smoke-timeout 180 ``` -Run AresOS using QEMU: +Run Clan OS using QEMU: ``` cargo run -p kernel ``` -Run Phase 5 preemption mode: +Run Clan OS in QEMU (interactive shell + desktop): ``` -cargo run -p kernel --features preemption -``` - -Phase 5 integration checks: - -``` -cargo test -p kernel --test preemption_integration -``` - -Phase 5 soak check (fairness/progress): - -``` -./scripts/phase5-soak-check --duration 120 --min-samples 3 -``` - -Phase 5 latency check (<100ms estimated preemption latency): - -``` -./scripts/phase5-latency-check --duration 120 --min-samples 5 --max-latency-ms 100 -``` - -Phase 6 smoke check: - -``` -python scripts/gate/boot.py --phase 6 --timeout 180 -``` - -Phase 7 persistent storage check: - -``` -./scripts/phase7-storage-check --timeout 180 -``` - -Phase 8 device/block check: - -``` -./scripts/phase8-device-check --timeout 180 -``` - -Phase 9 stored program loader check: - -``` -./scripts/phase9-loader-check --timeout 180 -``` - -Phase 10 security policy check: - -``` -./scripts/phase10-security-check --timeout 180 -``` - -Phase 11 executable image check: - -``` -./scripts/phase11-image-check --timeout 180 -``` - -Phase 12 executable load-plan check: - -``` -./scripts/phase12-load-plan-check --timeout 180 -``` - -Phase 13 mapping-stub check: - -``` -./scripts/phase13-mapping-stub-check --timeout 180 -``` - -Phase 14 frame ownership check: - -``` -./scripts/phase14-frame-check --timeout 180 -``` - -Phase 15 frame-backed image check: - -``` -./scripts/phase15-frame-backing-check --timeout 180 -``` - -Phase 16 inactive page-table check: - -``` -./scripts/phase16-page-table-check --timeout 180 -``` - -Phase 17 user-context check: - -``` -./scripts/phase17-user-context-check --timeout 180 -``` - -Phase 18 controlled Ring 3 check: - -``` -./scripts/phase18-ring3-check --timeout 180 -``` - -Phase 19 syscall return check: - -``` -./scripts/phase19-syscall-return-check --timeout 180 -``` - -Phase 20 user ELF check: - -``` -./scripts/phase20-user-elf-check --timeout 180 -``` - -Phase 21 hardware page-table check: - -``` -python scripts/gate/legacy.py --phase 21 --timeout 180 -``` - -Phase 22 CR3 activation check: - -``` -python scripts/gate/legacy.py --phase 22 --timeout 180 -``` - -Phase 23 iretq entry check: - -``` -python scripts/gate/legacy.py --phase 23 --timeout 180 -``` - -Phase 24 user trap check: - -``` -python scripts/gate/legacy.py --phase 24 --timeout 180 -``` - -Phase 25 hardware syscall check: - -``` -python scripts/gate/legacy.py --phase 25 --timeout 180 -``` - -Phase 26 user copyin check: - -``` -python scripts/gate/legacy.py --phase 26 --timeout 180 +cargo run -p kernel ``` -Phase 27 relocation check: +Preemption lab (CI fairness/latency telemetry — does not reach the shell): ``` -python scripts/gate/legacy.py --phase 27 --timeout 180 +cargo run -p kernel --features preemption ``` -Phase 28 hardware hello check: - -``` -python scripts/gate/legacy.py --phase 28 --timeout 180 -``` +Serial telemetry: `ClanOS-Preemption: name=fairness …` and `name=latency …` -Phase 29 allowlist check: +Integration tests: ``` -python scripts/gate/legacy.py --phase 29 --timeout 180 +cargo test -p kernel --features preemption --test preemption_integration ``` -Phase 30 CR3 switch check: +Preemption validation: ``` -python scripts/gate/legacy.py --phase 30 --timeout 180 +python scripts/preemption/soak.py --duration 120 --min-samples 3 --boot-wait 90 +python scripts/preemption/latency.py --duration 120 --min-samples 5 --max-latency-ms 100 --boot-wait 90 ``` -Phases 31–50 QEMU checks (same pattern; example): +Boot and system gates: ``` -python scripts/gate/legacy.py --phase 41 --timeout 180 -python scripts/gate/legacy.py --phase 50 --timeout 180 +python scripts/gate/boot.py --gate boot --timeout 180 +python scripts/gate/system.py --gate system --timeout 180 ``` -Full validation matrix (QEMU-backed; run alone on Windows, ~2+ hours): +Full validation matrix: ``` python scripts/validation_matrix.py --soak-duration 30 --latency-duration 30 --boot-wait 90 --smoke-timeout 180 @@ -1335,28 +1188,18 @@ python scripts/validation_matrix.py --soak-duration 30 --latency-duration 30 --b Resume from a specific check: ``` -python scripts/validation_matrix.py --from-check phase41-shared-lib-check --smoke-timeout 180 +python scripts/validation_matrix.py --from-check boot-gate-check --smoke-timeout 180 ``` -Run tests (unit + integration under QEMU): - -``` -cargo test -p kernel --features preemption --test preemption_integration -``` - -Run Phase 4 wrapper-mode preemption soak check: - -``` -./scripts/phase4-soak-check -``` +See [`docs/VALIDATION_GATES.md`](docs/VALIDATION_GATES.md) for boot/system subsystem `--gate` names and scope-index routing. --- # Vision -AresOS is an experimental **post-Unix capability system** with **semantic constitutionalism** — not “Linux but smaller.” +Clan OS is an experimental **post-Unix capability system** with **semantic constitutionalism** — not “Linux but smaller.” -Phases 1–100 built kernel mechanics (paging, ELF, syscalls, SMP groundwork). The long-term challenge is **preserving semantic coherence across decades**, not only shipping features. +Scopes 1–100 built kernel mechanics (paging, ELF, syscalls, SMP groundwork). The long-term challenge is **preserving semantic coherence across decades**, not only shipping features. **Preserving semantic coherence is harder than building the kernel.** diff --git a/SCOPE_FREEZE.md b/SCOPE_FREEZE.md index 1b5f950..91d106b 100644 --- a/SCOPE_FREEZE.md +++ b/SCOPE_FREEZE.md @@ -15,7 +15,7 @@ status: authoritative After human review of `gap_registry.toml` import: - **`gap_registry.toml`** is the canonical gap lifecycle source -- The Cursor planning document `aresos_full_os_build_b960e4a0.plan.md` is **superseded** — see [`docs/PLAN_SUPERSESSION.md`](docs/PLAN_SUPERSESSION.md) +- The Cursor planning document `clanos_full_os_build_b960e4a0.plan.md` is **superseded** — see [`docs/PLAN_SUPERSESSION.md`](docs/PLAN_SUPERSESSION.md) ## Gate remaining diff --git a/SECURITY.md b/SECURITY.md index a82feb8..971c388 100644 --- a/SECURITY.md +++ b/SECURITY.md @@ -1,4 +1,4 @@ -# AresOS Security Governance +# Clan OS Security Governance ```yaml status: authoritative @@ -13,7 +13,7 @@ Full disclosure playbooks and key-compromise runbooks are required before **mile ## Responsible disclosure -Report vulnerabilities to **security@aresos.dev** (placeholder inbox until public release). +Report vulnerabilities to **security@clanos.dev** (placeholder inbox until public release). Include reproduction steps, affected commit, and threat-node id if known. --- diff --git a/STATUS.md b/STATUS.md index 0fe3a94..4ae1bbd 100644 --- a/STATUS.md +++ b/STATUS.md @@ -1,11 +1,11 @@ -# AresOS Project Status +# Clan OS Project Status ## Snapshot (fully operational OS) -- **Boot gate:** phases 6–150 unified in `kernel/src/boot_gate.rs` (`BOOT_GATE_VERSION = 1.0.0`) -- **System gate:** post-150 integration in `kernel/src/system_gate.rs` (`SYSTEM_GATE_VERSION = 1.0.0`) +- **Boot gate:** `kernel/src/boot_gate.rs` (`BOOT_GATE_VERSION = 1.0.0`) +- **System gate:** `kernel/src/system_gate.rs` (`SYSTEM_GATE_VERSION = 1.0.0`) - **Desktop:** VGA 320×200, double-buffered compositor, PS/2 mouse, window manager, taskbar shell -- **Userland:** `/bin/demo-hello`, `/bin/ares-info` native packages (`ares-rt` `#![no_std]`) +- **Userland:** `/bin/demo-hello`, `/bin/clan-info`, `/bin/mendo`, `/bin/ring3-io-demo`, `/bin/ring3-io-demo-ext2`, `/bin/hello-alloc` (Clan OS runtime: `clan-rt` with optional `ring3-heap` bump allocator) - **Network:** virtio-net loopback + external route simulation - gap_registry: 0 open, 350 addressed (350 total) - threat nodes open: 0 @@ -18,13 +18,14 @@ Boot and system validation emit two serial families at boot: | Family | Final line | Module | |--------|------------|--------| -| Boot (6–150) | `AresOS-BootGate: ok=true` | `boot_gate.rs` | -| System (151–500) | `AresOS-SystemGate: ok=true` | `system_gate.rs` | +| Boot | `ClanOS-BootGate: ok=true` | `boot_gate.rs` | +| System | `ClanOS-SystemGate: ok=true` | `system_gate.rs` | Host checks (no QEMU): ``` python scripts/gate/host.py +python scripts/gate/compat_subsystems.py ``` QEMU checks: @@ -34,33 +35,51 @@ python scripts/gate/boot.py --gate boot --timeout 360 python scripts/gate/system.py --gate system --timeout 360 ``` -Legacy phase numbers: `python scripts/gate/legacy.py --phase N`. Thin shims at `scripts/gate/boot.py` etc. remain for older references. +Use `--gate <subsystem>` for individual boot/system subsystem smokes (see `scripts/gate/map.py`). ### Boot gate subsystems -| Gate | Covers | -|------|--------| -| shell_storage | Phases 6–8 | -| loader_security | Phases 9–13 | -| memory_layout | Phases 14–16 | -| userspace_bootstrap | Phases 17–20 | -| hw_paging | Phases 21–30 | -| sched_userspace | Phases 31–40 | -| dynamic_runtime | Phases 41–50 | -| fd_mmap | Phases 51–60 | -| vm_fork | Phases 61–70 | -| syscall_ring3 | Phases 71–80 | -| path_exec | Phases 81–90 | -| smp_depth | Phases 91–100 | -| constitutional | Phase 110 | -| capabilities | Phase 120 | -| service_loader | Phase 121 | -| platform_brokers | Phase 130 | -| build_endpoints | Phases 131–140 | -| virtio_blk | Phase 201 | -| network_compat | Phase 404 | -| scheduler_epoch | Phase 149 | -| boundary | Phase 150 | +| Gate | Role | +|------|------| +| shell_storage | CLANFS mount, seed corpus, shell dispatch | +| loader_security | Program discovery, credentials, ELF inventory | +| memory_layout | Frame ownership, backing, page tables | +| userspace_bootstrap | User context, ring-3 entry, syscalls | +| hw_paging | HW page tables, CR3, iretq, HW syscalls | +| sched_userspace | Scheduler CR3, user frames, demand paging | +| dynamic_runtime | Shared libs, FD/path, SMP probes | +| fd_mmap | FD table, mmap, mprotect, runqueue | +| vm_fork | VMA, fork-lite, ring-3 syscalls | +| syscall_ring3 | sysret, wait-lite, fcntl, IPI | +| path_exec | HW sysret, getcwd, pipes, exec-lite | +| smp_depth | CoW fork, poll, work-steal, LAPIC | +| constitutional | Governance ABI / semantics | +| capabilities | Capability compat table | +| service_loader | Service loader bootstrap | +| platform_brokers | Storage/permission/device/network brokers | +| build_endpoints | Build integrity, IPC, audit wire | +| virtio_blk | Virtio block probe | +| network_compat | Virtio net + compat socket epoch | +| scheduler_epoch | Service scheduler integration | +| boundary | Milestone boundary smoke | + +### System gate subsystems + +| Gate | Role | +|------|------| +| integrity | Build integrity, audit, OOM, loom | +| scheduling | Unified service scheduling | +| hardware | Virtio block/net, SDK path | +| federation | Federation + observability | +| release | Checkpoint, scorecard, boot verify | +| desktop_preview / desktop | Compositor, shell, mouse | +| compat_runtime | Userland demo + packages | +| compat_fd_vm | FD, mmap, CoW | +| compat_signal | Signal register + delivery | +| storage_depth | Buddy, cache, VFS, ext2 | +| posix_compat | POSIX server skeleton | +| functional | Composite (includes compat) | +| ci / production / network | Release hardening gates | ## Running with GUI @@ -68,4 +87,4 @@ Legacy phase numbers: `python scripts/gate/legacy.py --phase N`. Thin shims at ` .\scripts\run_desktop.ps1 ``` -Shell commands: `help`, `run demo-hello`, `run ares-info`, `ls`, `ps`, `fsinfo`, `desktop` +Shell commands: `help`, `run demo-hello`, `run clan-info`, `run mendo`, `run ring3-io-demo`, `run ring3-io-demo-ext2`, `run hello-alloc`, `fork-run mendo`, `fork-run ring3-io-demo`, `fork-run hello-alloc`, `cat /ext2/smoke.txt`, `ls`, `ps`, `fsinfo`, `desktop` diff --git a/benchmarks/phase-120-baseline.json b/benchmarks/scope-120-baseline.json similarity index 65% rename from benchmarks/phase-120-baseline.json rename to benchmarks/scope-120-baseline.json index e25c97f..5c23e70 100644 --- a/benchmarks/phase-120-baseline.json +++ b/benchmarks/scope-120-baseline.json @@ -1,6 +1,6 @@ { "schema_version": "1.0.0", - "phase": 120, + "scope": 120, "calibrated_at": "2026-06-11", "status": "calibrated", "metrics": { @@ -10,5 +10,5 @@ "ipc_bridge_retired": true, "budget_pct_of_stub": 100 }, - "notes": "Calibrated from phase120_cap_integration_check; thresholds = 110% budget vs baseline per epoch 0 policy" + "notes": "Calibrated from capabilities gate smoke; thresholds = 110% budget vs baseline per epoch 0 policy" } diff --git a/compat_test_corpus.toml b/compat_test_corpus.toml index 0fe82bd..40e448d 100644 --- a/compat_test_corpus.toml +++ b/compat_test_corpus.toml @@ -7,14 +7,14 @@ denominator = 3 [[scenarios]] id = "compat-path-probe" description = "Compat process path probe allowed; native blocked" -kernel_smoke = "phase117_namespace_smoke" +kernel_smoke = "smoke_namespace_smoke" [[scenarios]] id = "compat-socket-tcp" description = "TCP compat socket counter smoke" -kernel_smoke = "phase402_compat_socket_smoke" +kernel_smoke = "smoke_compat_socket" [[scenarios]] id = "native-cap-transfer" description = "Native cap transfer move consumes sender slot" -kernel_smoke = "phase112_cap_lifecycle_smoke" +kernel_smoke = "smoke_cap_lifecycle_smoke" diff --git a/config/track1_scope_freeze.toml b/config/track1_scope_freeze.toml index 4e80eec..f9d7243 100644 --- a/config/track1_scope_freeze.toml +++ b/config/track1_scope_freeze.toml @@ -21,11 +21,11 @@ resolution_required_before_gate = true [exclusions] workspace_restructure = "deferred — no servers/ extraction during this epoch" -ares_rt_no_std = "deferred — tracked in DECISION_LOG ares-rt-001; architecture_state.toml has_no_std_enforcement=false" +clan_rt_no_std = "deferred — tracked in DECISION_LOG clan-rt-001; architecture_state.toml has_no_std_enforcement=false" new_architecture_docs = "any doc not in [[docs]] list requires charter approval to add" subdirectory_policy = "track1_creates_specs_process_proofs — specs→docs/specs/, process→docs/process/, proofs→docs/proofs/, architecture→docs/architecture/; defers second migration" threat_nodes_physical_move = "deferred — docs/THREAT_NODES.toml remains canonical at flat path; config/README.md mapping only" -phase_checklists = "docs/phase-*.md — working documents, not migrated" +scope_checklists = "docs/scope-*-checklist.md — working documents, not migrated" roadmaps = "docs/ROADMAP_*.md — working documents, not migrated" release_scorecards = "docs/RELEASE_SCORECARD_*.md — milestone artifacts, not migrated" plan_supersession = "docs/PLAN_SUPERSESSION.md — archived; superseded-by gap_registry.toml; no migration" @@ -287,8 +287,8 @@ domain_reviewer = "kernel_abi" [[docs]] id = "AAR" -flat_src = "docs/ABI_ARES_RT.md" -canonical_dst = "docs/specs/ABI_ARES_RT.md" +flat_src = "docs/ABI_CLAN_RT.md" +canonical_dst = "docs/specs/ABI_CLAN_RT.md" batch = 5 blocking = ["ANS", "ET", "PC", "KS"] status = "gated" diff --git a/docs/ABI_ASYNC.md b/docs/ABI_ASYNC.md index 82f8048..ec8e975 100644 --- a/docs/ABI_ASYNC.md +++ b/docs/ABI_ASYNC.md @@ -1,6 +1,6 @@ -# Async OS Contract (`ares-semantics-v1` draft) +# Async OS Contract (`clan-semantics-v1` draft) -Async is part of the **operating system contract**, not only a userspace library. Documented phase **104**; implementation phases **131–137**. +Async is part of the **operating system contract**, not only a userspace library. Documented scope **104**; implementation scopes **131–137**. See: [AXIOMS.md](AXIOMS.md), [ABI_IPC.md](ABI_IPC.md), [TEMPORAL_SEMANTICS.md](TEMPORAL_SEMANTICS.md), [ABI_RUNTIME.md](ABI_RUNTIME.md). @@ -27,7 +27,7 @@ Blocked native tasks wake on: - Cancel acknowledged - Timeout expiry -Scheduler integration phase **141–142** — mailbox wake precedes best-effort compat idle (S-01 outline). +Scheduler integration scope **141–142** — mailbox wake precedes best-effort compat idle (S-01 outline). --- @@ -47,9 +47,9 @@ ELF programs may use blocking syscall patterns + `PollLite`. Native programs sho --- -## Implementation phases (reference) +## Implementation scopes (reference) -| Phase | Feature | +| Scope | Feature | |------:|---------| | 134 | Endpoint object | | 135 | Mailbox + cancel | diff --git a/docs/ABI_CLAN_RT.md b/docs/ABI_CLAN_RT.md index c86f5c8..9545447 100644 --- a/docs/ABI_CLAN_RT.md +++ b/docs/ABI_CLAN_RT.md @@ -1,11 +1,11 @@ ```yaml -status: superseded-by: docs/specs/ABI_ARES_RT.md +status: superseded-by: docs/specs/ABI_CLAN_RT.md semantics_version: 1.0.0 ``` -> **Canonical:** [`docs/specs/ABI_ARES_RT.md`](specs/ABI_ARES_RT.md). This flat copy retained until migration squash reconciles any differences. +> **Canonical:** [`docs/specs/ABI_CLAN_RT.md`](specs/ABI_CLAN_RT.md). This flat copy retained until migration squash reconciles any differences. -# ares-rt ABI (Epoch 2) +# clan-rt ABI (Epoch 2) ```yaml status: authoritative @@ -26,7 +26,7 @@ Userspace runtime for native services. Forward ABI stability policy per epoch ga ## Stability -**Forward policy (epoch 2 decision):** explicit **recompile required** each epoch until 1.0 (`ABI_FORWARD_POLICY` in `ares-rt`). +**Forward policy (epoch 2 decision):** explicit **recompile required** each epoch until 1.0 (`ABI_FORWARD_POLICY` in `clan-rt`). Pre-1.0: breaking bumps allowed with compat review. Post-1.0: semver window TBD at M150. diff --git a/docs/ABI_COMPOSITOR_IPC.md b/docs/ABI_COMPOSITOR_IPC.md index 6dc1c38..7089ce3 100644 --- a/docs/ABI_COMPOSITOR_IPC.md +++ b/docs/ABI_COMPOSITOR_IPC.md @@ -12,7 +12,7 @@ status: authoritative semantics_version: 1.0.0 ``` -Required before phase **145**. +Required before scope **145**. --- diff --git a/docs/ABI_DRIVER.md b/docs/ABI_DRIVER.md index e1f5377..8a348cb 100644 --- a/docs/ABI_DRIVER.md +++ b/docs/ABI_DRIVER.md @@ -1,6 +1,6 @@ # Driver ABI — Distrustful Entities -Drivers (including GPU/vendor code) are **untrusted by default**. Phase **104** boundary doc; userspace driver host phase **144+**. +Drivers (including GPU/vendor code) are **untrusted by default**. Scope **104** boundary doc; userspace driver host scope **144+**. See: [DEVICES.md](DEVICES.md), [AXIOMS.md](AXIOMS.md), [SEMANTIC_JURISDICTION.md](SEMANTIC_JURISDICTION.md). @@ -11,9 +11,9 @@ See: [DEVICES.md](DEVICES.md), [AXIOMS.md](AXIOMS.md), [SEMANTIC_JURISDICTION.md | Rule | Detail | |------|--------| | No arbitrary kernel memory | MMIO and DMA only via declared caps | -| No unrestricted DMA | IOMMU / DMA cap limits (phase 146 narrative) | +| No unrestricted DMA | IOMMU / DMA cap limits (scope 146 narrative) | | Userspace first | Drivers run as services with Device caps | -| Restartable stacks | GPU fault → compositor restart → apps survive (phase 145) | +| Restartable stacks | GPU fault → compositor restart → apps survive (scope 145) | --- @@ -21,11 +21,11 @@ See: [DEVICES.md](DEVICES.md), [AXIOMS.md](AXIOMS.md), [SEMANTIC_JURISDICTION.md Native **Device** kernel object — rights subset: `map_mmio`, `submit_dma`, `irq_bind` — attenuated per device node from device broker. -Compat kernel drivers from phases 1–100 remain for QEMU bring-up; native path migrates to broker + userspace host without expanding TCB. +Compat kernel drivers from scopes 1–100 remain for QEMU bring-up; native path migrates to broker + userspace host without expanding TCB. --- -## Compositor / GPU (phase 145 sketch) +## Compositor / GPU (scope 145 sketch) | Event | Behavior | |-------|----------| @@ -34,6 +34,6 @@ Compat kernel drivers from phases 1–100 remain for QEMU bring-up; native path --- -## Phase 100 compat note +## Scope 100 compat note Block manager and PCI skeleton ([DEVICES.md](DEVICES.md)) are in-kernel for validation — documented as **compat-era** machinery, not native trust model target. diff --git a/docs/ABI_IPC.md b/docs/ABI_IPC.md index 53861e5..7d5f6c1 100644 --- a/docs/ABI_IPC.md +++ b/docs/ABI_IPC.md @@ -1,14 +1,14 @@ -# IPC ABI — Endpoints (`ares-semantics-v1` draft) +# IPC ABI — Endpoints (`clan-semantics-v1` draft) -**Gate G3** — native endpoint implementation (phase 134+) blocked until guarantees here are signed at phase 110. +**Gate G3** — native endpoint implementation (scope 134+) blocked until guarantees here are signed at scope 110. -PipeLite (phase 87) is **compat** only (`/@pipe/` FD paths). Native uses **Endpoint** kernel objects. +PipeLite (scope 87) is **compat** only (`/@pipe/` FD paths). Native uses **Endpoint** kernel objects. See: [AXIOMS.md](AXIOMS.md), [SEMANTIC_SPECS.md](SEMANTIC_SPECS.md) E-*, [TEMPORAL_SEMANTICS.md](TEMPORAL_SEMANTICS.md), [ABI_ASYNC.md](ABI_ASYNC.md). --- -## Guarantees (frozen at phase 103/110) +## Guarantees (frozen at scope 103/110) ### Ordering @@ -66,7 +66,7 @@ Peer service death → generation bump / endpoint teardown (E-03, R-03). Waiters | Syscall | `Pipe = 80` | | Path | `/@pipe/{id}/r`, `/@pipe/{id}/w` | | Poll | `Poll = 82` single-fd readiness | -| Capacity | 64 bytes ring, max 4 pipes (phase 87) | +| Capacity | 64 bytes ring, max 4 pipes (scope 87) | Spec **139** (future checklist): compat pipe preserved when native endpoints ship. diff --git a/docs/ABI_MEMORY.md b/docs/ABI_MEMORY.md index 35f7299..cf3612e 100644 --- a/docs/ABI_MEMORY.md +++ b/docs/ABI_MEMORY.md @@ -1,12 +1,12 @@ -# Memory ABI (`ares-abi-v1` compat) +# Memory ABI (`clan-abi-v1` compat) -VMA, mmap, COW, and user copy contracts from phases 1–100. Native **MemoryRegion** caps extend this without breaking compat VMA behavior. +VMA, mmap, COW, and user copy contracts from scopes 1–100. Native **MemoryRegion** caps extend this without breaking compat VMA behavior. See: [AXIOMS.md](AXIOMS.md), [USER_PAGE_TABLES.md](USER_PAGE_TABLES.md), [kernel/src/vma.rs](../kernel/src/vma.rs), [KERNEL_OBJECT_MODEL.md](KERNEL_OBJECT_MODEL.md). --- -## User copy (phase 26) +## User copy (scope 26) - `copy_from_user` / `copy_to_user` — bounded, fault-safe - `UserCopyProbe` syscall (60) — validation path @@ -15,11 +15,11 @@ Native cap transfers may move **MemoryRegion** handles instead of implicit share --- -## VMA registry (phase 63+) +## VMA registry (scope 63+) Per-process `VmaRegion`: `base`, `len`, `prot`, `backing` (`Anon`, `File`, `Image`). -| Feature | Phase | +| Feature | Scope | |---------|------:| | mmap | 54 | | munmap + length | 73 | @@ -31,15 +31,15 @@ Overlaps rejected; counters `REGIONS_REGISTERED`, `OVERLAPS_REJECTED`. --- -## W^X (phase 48) +## W^X (scope 48) Executable mappings policy enforced for user images — compat ELFs remain under existing allowlist/trust model ([SECURITY.md](SECURITY.md)). --- -## Fork-lite COW (phase 91) +## Fork-lite COW (scope 91+) -Anonymous page **COW break** on write after `ForkLite` — parent/child isolation smoke. File-backed shared COW deferred (phase 100 checklist). +Anonymous pages duplicated by `fork_lite` / `fork_duplicate_cr3` are shared read-only with frame refcounts (`kernel/src/cow_fork.rs`). User writes trigger `#PF` → `try_break_on_write` → private writable copy. File-backed shared COW remains deferred. --- @@ -48,6 +48,6 @@ Anonymous page **COW break** on write after `ForkLite` — parent/child isolatio | Feature | Law | |---------|-----| | Cap-scoped shared memory | MemoryRegion object + RIGHTS_ALGEBRA move/borrow | -| Mapping via grant not path | Phase 114 storage grant | +| Mapping via grant not path | Scope 114 storage grant | Compat `Mmap`/`Munmap` remain for ELF/compat processes. diff --git a/docs/ABI_NATIVE_SYSCALL.md b/docs/ABI_NATIVE_SYSCALL.md index e1177a9..a940d85 100644 --- a/docs/ABI_NATIVE_SYSCALL.md +++ b/docs/ABI_NATIVE_SYSCALL.md @@ -12,7 +12,7 @@ status: authoritative semantics_version: 1.0.0 ``` -Gate **G4** — phase **128** mandatory `ares-native-v1` manifest before ring-3 native enforcement. +Gate **G4** — scope **128** mandatory `clan-native-v1` manifest before ring-3 native enforcement. --- @@ -20,13 +20,13 @@ Gate **G4** — phase **128** mandatory `ares-native-v1` manifest before ring-3 Native syscalls: **256+** (`governance::NATIVE_SYSCALL_ID_BASE`). -| ID | Name | Phase | +| ID | Name | Scope | |----|------|-------| | 256 | CapCreate | 112 | | 257 | CapClose | 112 | | 258 | CapTransfer | 112 | -Ring-3 allowlist expansion gated on valid `ares-native-v1` manifest (phase 128). +Ring-3 allowlist expansion gated on valid `clan-native-v1` manifest (scope 128). --- diff --git a/docs/ABI_RUNTIME.md b/docs/ABI_RUNTIME.md index aa4def0..0db0f8e 100644 --- a/docs/ABI_RUNTIME.md +++ b/docs/ABI_RUNTIME.md @@ -2,7 +2,7 @@ Rust is the **first implementation language** for kernel and platform code — not the **definition** of native. -Phase **109** outline; language adapters phases **171–180**. +Scope **109** outline; language adapters scopes **171–180**. See: [AXIOMS.md](AXIOMS.md), [NATIVE_MODEL.md](NATIVE_MODEL.md), [ABI_ASYNC.md](ABI_ASYNC.md), [SEMANTIC_JURISDICTION.md](SEMANTIC_JURISDICTION.md). @@ -32,9 +32,9 @@ See: [AXIOMS.md](AXIOMS.md), [NATIVE_MODEL.md](NATIVE_MODEL.md), [ABI_ASYNC.md]( ## Entry (draft) -Native binary format `ares-native-v1` (manifest + image) — distinct from ELF compat: +Native binary format `clan-native-v1` (manifest + image) — distinct from ELF compat: -- Entry symbol `ares_native_main` +- Entry symbol `clan_native_main` - Receives **cap table handle** and service catalog — not `argc/argv` paths - Manifest: [NATIVE_MODEL.md](NATIVE_MODEL.md) — permissions as cap requests diff --git a/docs/ABI_SECURITY.md b/docs/ABI_SECURITY.md index 10834b9..3cac1e2 100644 --- a/docs/ABI_SECURITY.md +++ b/docs/ABI_SECURITY.md @@ -1,8 +1,8 @@ # Security ABI — No Ambient Authority -Phase **105** — native vs compat syscall surface policy. +Scope **105** — native vs compat syscall surface policy. -See: [SECURITY.md](SECURITY.md) (phases 10–58 compat), [AXIOMS.md](AXIOMS.md) A2, A5, [NATIVE_DEVELOPER_EXPERIENCE.md](NATIVE_DEVELOPER_EXPERIENCE.md). +See: [SECURITY.md](SECURITY.md) (scopes 10–58 compat), [AXIOMS.md](AXIOMS.md) A2, A5, [NATIVE_DEVELOPER_EXPERIENCE.md](NATIVE_DEVELOPER_EXPERIENCE.md). --- @@ -13,36 +13,36 @@ See: [SECURITY.md](SECURITY.md) (phases 10–58 compat), [AXIOMS.md](AXIOMS.md) | No global FS namespace | Native processes cannot enumerate `/` | | No path-string open | Native syscall surface omits compat `OpenFile` with user paths | | Storage | **FsNode** caps minted by storage broker after grant check | -| Manifest | `ares-native-v1` required for native ELFs (phase 128+) | +| Manifest | `clan-native-v1` required for native ELFs (scope 128+) | --- -## Compat policy (frozen phases 1–100) +## Compat policy (frozen scopes 1–100) | Mechanism | Source | |-----------|--------| | Users / roles | [SECURITY.md](SECURITY.md) | | File owner/mode | SimpleFs metadata | -| Trust / digest | Phases 43, 58 | -| Allowlisted ELF names | Phase 29 | +| Trust / digest | Scopes 43, 58 | +| Allowlisted ELF names | Scope 29 | | Path syscalls | `OpenFile`, `Chdir`, probes — hardware allowlist | Compat **never defines** native semantics (A5). --- -## Path broker (phase 115 — compat only) +## Path broker (scope 115 — compat only) Translates compat `open("/path")` to broker-internal resolution. Native code must not call path broker directly. --- -## Permission broker (phase 123+) +## Permission broker (scope 123+) Enforces manifest scopes: ```toml -# ares-native-v1 example (illustrative) +# clan-native-v1 example (illustrative) [permissions] filesystem = ["Documents/Projects"] network = ["api.example.com"] diff --git a/docs/ABI_STABILITY.md b/docs/ABI_STABILITY.md index 95c9d2a..1b8e40e 100644 --- a/docs/ABI_STABILITY.md +++ b/docs/ABI_STABILITY.md @@ -4,32 +4,32 @@ Two independent version surfaces — **semantics are platform ABI** ([AXIOMS.md] --- -## Syscall / register ABI — `ares-abi-v1` +## Syscall / register ABI — `clan-abi-v1` | Property | Value | |----------|--------| -| Status | Frozen at phase 101 for compat IDs 1–82 | +| Status | Frozen at scope 101 for compat IDs 1–82 | | Document | [ABI_SYSCALL.md](ABI_SYSCALL.md) | | Break | Syscall number change, register meaning change, allowlist change without compat bump | -Bump to `ares-abi-v2` requires: migration notes, compat shim period, matrix smoke updates. +Bump to `clan-abi-v2` requires: migration notes, compat shim period, matrix smoke updates. --- -## Semantic laws — `ares-semantics-v1` (draft at phase 109) +## Semantic laws — `clan-semantics-v1` (draft at scope 109) | Property | Value | |----------|--------| -| Status | Draft ratified phase 110 | +| Status | Draft ratified scope 110 | | Documents | [RIGHTS_ALGEBRA.md](RIGHTS_ALGEBRA.md), [ABI_IPC.md](ABI_IPC.md), [ABI_ASYNC.md](ABI_ASYNC.md), [TEMPORAL_SEMANTICS.md](TEMPORAL_SEMANTICS.md) | | Break examples | Endpoint ordering class change; revoke visibility timing change; cancel propagation change; ownership move rules change | -Bump to `ares-semantics-v2` requires: +Bump to `clan-semantics-v2` requires: 1. [SEMANTIC_SPECS.md](SEMANTIC_SPECS.md) case updates -2. [SEMANTIC_LINT.md](SEMANTIC_LINT.md) CI pass (phases 159–160+) +2. [SEMANTIC_LINT.md](SEMANTIC_LINT.md) CI pass (scopes 159–160+) 3. Minimization audit (A10) -4. `ares-semantics-v*` noted in release notes +4. `clan-semantics-v*` noted in release notes --- @@ -45,8 +45,8 @@ Bump to `ares-semantics-v2` requires: --- -## Phase 110 sign-off +## Scope 110 sign-off -- [ ] `ares-abi-v1` compat table matches `ALLOWED_HW_SYSCALLS` -- [ ] `ares-semantics-v1` draft covers IPC + rights + temporal outlines +- [ ] `clan-abi-v1` compat table matches `ALLOWED_HW_SYSCALLS` +- [ ] `clan-semantics-v1` draft covers IPC + rights + temporal outlines - [ ] No native law hidden in compat-only docs without `compat-scope` tag diff --git a/docs/ABI_SYSCALL.md b/docs/ABI_SYSCALL.md index 54bf0f7..d2669ba 100644 --- a/docs/ABI_SYSCALL.md +++ b/docs/ABI_SYSCALL.md @@ -1,6 +1,6 @@ -# Compat Syscall ABI (`ares-abi-v1`) +# Compat Syscall ABI (`clan-abi-v1`) -Frozen snapshot of phases 1–100 **compat** syscall surface. Native syscall IDs are reserved separately (phase 107+); they must not redefine compat numbers. +Frozen snapshot of scopes 1–100 **compat** syscall surface. Native syscall IDs are reserved separately (scope 107+); they must not redefine compat numbers. See: [AXIOMS.md](AXIOMS.md), [USER_SYSCALLS.md](USER_SYSCALLS.md), [ABI_STABILITY.md](ABI_STABILITY.md), [ABI_SECURITY.md](ABI_SECURITY.md). @@ -17,11 +17,11 @@ See: [AXIOMS.md](AXIOMS.md), [USER_SYSCALLS.md](USER_SYSCALLS.md), [ABI_STABILIT Entry: `syscall` instruction → kernel trampoline → `sysret` return. -Phase 81 validates real `sysret` path (`HW_SYSRET_REAL` counter). +Scope 81 validates real `sysret` path (`HW_SYSRET_REAL` counter). --- -## Allowlisted hardware syscalls (phase 100) +## Allowlisted hardware syscalls (scope 100) From `kernel/src/user_syscall_hw.rs` `ALLOWED_HW_SYSCALLS`: @@ -52,6 +52,8 @@ From `kernel/src/user_syscall_hw.rs` `ALLOWED_HW_SYSCALLS`: | 81 | `ExecLite` | | | 82 | `Poll` | PollLite — **compat** | +Signal delivery syscalls (`83`–`86`) are documented in `docs/architecture/` when the signal subsystem is linked; they are not yet in the HW dispatch table. + Kernel-internal IDs 2–59 (counters, telemetry) exist in `SyscallId` but are not in the Ring 3 hardware allowlist unless invoked from kernel/shell paths. --- @@ -60,22 +62,22 @@ Kernel-internal IDs 2–59 (counters, telemetry) exist in `SyscallId` but are no `SyscallError`: `InvalidSyscall`, `InvalidArgument`, `Storage` — returned via dispatcher; user copy paths use probe counters. -Native errors (future) will use a separate enum bound to `ares-semantics-v*`. +Native errors (future) will use a separate enum bound to `clan-semantics-v*`. --- -## Native ID space (kernel smokes; ring-3 allowlist deferred to phase 128 G4) +## Native ID space (kernel smokes; ring-3 allowlist deferred to scope 128 G4) | Range | Owner | |-------|--------| -| 1–82 | **Compat** (frozen `ares-abi-v1`) | +| 1–82 | **Compat** (frozen `clan-abi-v1`) | | 256+ | **Native** caps, endpoints, async wait | Native syscalls must not expose path-string `open` for native processes ([ABI_SECURITY.md](ABI_SECURITY.md)). -## Native syscall IDs (phase 112) +## Native syscall IDs (scope 112) -Kernel-only dispatch via [`kernel/src/native_syscall.rs`](../kernel/src/native_syscall.rs) — not in `ALLOWED_HW_SYSCALLS` until phase 128. +Kernel-only dispatch via [`kernel/src/native_syscall.rs`](../kernel/src/native_syscall.rs) — not in `ALLOWED_HW_SYSCALLS` until scope 128. | ID | Name | Notes | |----|------|-------| @@ -87,4 +89,4 @@ Kernel-only dispatch via [`kernel/src/native_syscall.rs`](../kernel/src/native_s ## PipeLite compat bridge -`Pipe = 80` creates `/@pipe/{id}/r` and `/@pipe/{id}/w` FD paths ([kernel/src/pipe.rs](../kernel/src/pipe.rs)). Native **Endpoint** objects supersede this for native apps (phase 134+); compat unchanged (spec **E-*** compat preservation). +`Pipe = 80` creates `/@pipe/{id}/r` and `/@pipe/{id}/w` FD paths ([kernel/src/pipe.rs](../kernel/src/pipe.rs)). Native **Endpoint** objects supersede this for native apps (scope 134+); compat unchanged (spec **E-*** compat preservation). diff --git a/docs/ARCHITECTURE_TARGETS.md b/docs/ARCHITECTURE_TARGETS.md index e23ffe3..0ced6b7 100644 --- a/docs/ARCHITECTURE_TARGETS.md +++ b/docs/ARCHITECTURE_TARGETS.md @@ -22,7 +22,7 @@ semantics_version: 1.0.0 ## QEMU -Versioned config script: [`scripts/qemu/x86_64-config.ps1`](../scripts/qemu/x86_64-config.ps1) (v1 — virtio-blk-pci, `-smp 2`). SMP enabled phases 141+. +Versioned config script: [`scripts/qemu/x86_64-config.ps1`](../scripts/qemu/x86_64-config.ps1) (v1 — virtio-blk-pci, `-smp 2`). SMP enabled scopes 141+. --- diff --git a/docs/AUDIT_SUBSYSTEM.md b/docs/AUDIT_SUBSYSTEM.md index c21d936..508ab59 100644 --- a/docs/AUDIT_SUBSYSTEM.md +++ b/docs/AUDIT_SUBSYSTEM.md @@ -31,7 +31,7 @@ Threat node: `T-audit-tamper`. ## Epoch 0 positions -- Bootstrap unaudited window scoped explicitly at phase 121 implementation +- Bootstrap unaudited window scoped explicitly at scope 121 implementation - Forensic admissibility assumptions in `DESIGN_NORTH_STAR.md` - Covert channel via audit throughput: deferred node `T-audit-covert-channel` diff --git a/docs/AXIOMS.md b/docs/AXIOMS.md index af5e25a..f2fddb2 100644 --- a/docs/AXIOMS.md +++ b/docs/AXIOMS.md @@ -1,6 +1,6 @@ -# Constitutional Axioms (AresOS Post-100) +# Constitutional Axioms (Clan OS Post-100) -AresOS phases 1–100 built kernel mechanics. Post-100 work defines **constitutional law** for semantic integrity: authority, IPC, temporal visibility, and native identity. +Clan OS scopes 1–100 built kernel mechanics. Post-100 work defines **constitutional law** for semantic integrity: authority, IPC, temporal visibility, and native identity. Axioms are the highest normative layer. They change only by explicit **charter revision** (rare). All documents in [INDEX.md](INDEX.md) § Post-100 must remain consistent with these axioms. @@ -31,12 +31,12 @@ Together: **controlled semantic evolution**. Without A7, implementation erodes a | **A6** | **Revocation visibility** is always documentable ([TEMPORAL_SEMANTICS.md](TEMPORAL_SEMANTICS.md)) | Prevents temporal ambiguity | | **A7** | Semantic laws override implementation convenience | Anti-entropy (see above) | | **A8** | [Architecture-preservation spec cases](SEMANTIC_SPECS.md) are authoritative for behavior claims | Invariant preservation | -| **A9** | **Semantic law versioning** is explicit (`ares-semantics-v*` in [ABI_STABILITY.md](ABI_STABILITY.md)) | Semantics are platform ABI | +| **A9** | **Semantic law versioning** is explicit (`clan-semantics-v*` in [ABI_STABILITY.md](ABI_STABILITY.md)) | Semantics are platform ABI | | **A10** | Semantic minimization — every new law must pass review (below) | Occam’s Razor for OS semantics | --- -## A10 — minimization review (required for new laws after phase 110) +## A10 — minimization review (required for new laws after scope 110) | Question | Must answer | |----------|-------------| @@ -45,21 +45,21 @@ Together: **controlled semantic evolution**. Without A7, implementation erodes a | Is it the **smallest** statement that carries the guarantee? | No → rewrite smaller | | Should this be a [spec case ID](SEMANTIC_SPECS.md) instead of prose? | Prefer spec ID | -Phase 110 performs a **minimization audit** (law count per hierarchy layer). +Scope 110 performs a **minimization audit** (law count per hierarchy layer). --- -## Governance gates (implementation blocked until phase 110 sign-off) +## Governance gates (implementation blocked until scope 110 sign-off) | Gate | Blocks | Requires | |------|--------|----------| -| G1 | Phase 115+ new handle semantics | [KERNEL_OBJECT_MODEL.md](KERNEL_OBJECT_MODEL.md) | -| G2 | Phase 112–113 cap lifecycle code | [RIGHTS_ALGEBRA.md](RIGHTS_ALGEBRA.md) | -| G3 | Phase 134+ native endpoint code | [ABI_IPC.md](ABI_IPC.md) | -| G4 | Phase 128+ native-only enforcement | [NATIVE_MODEL.md](NATIVE_MODEL.md) | -| G5 | Phase 111+ authority/IPC contradicting specs | [SEMANTIC_SPECS.md](SEMANTIC_SPECS.md), [TEMPORAL_SEMANTICS.md](TEMPORAL_SEMANTICS.md) | +| G1 | Scope 115+ new handle semantics | [KERNEL_OBJECT_MODEL.md](KERNEL_OBJECT_MODEL.md) | +| G2 | Scope 112–113 cap lifecycle code | [RIGHTS_ALGEBRA.md](RIGHTS_ALGEBRA.md) | +| G3 | Scope 134+ native endpoint code | [ABI_IPC.md](ABI_IPC.md) | +| G4 | Scope 128+ native-only enforcement | [NATIVE_MODEL.md](NATIVE_MODEL.md) | +| G5 | Scope 111+ authority/IPC contradicting specs | [SEMANTIC_SPECS.md](SEMANTIC_SPECS.md), [TEMPORAL_SEMANTICS.md](TEMPORAL_SEMANTICS.md) | -Phases **111+** must not ship kernel behavior that violates ratified axioms or signed gates. +Scopes **111+** must not ship kernel behavior that violates ratified axioms or signed gates. --- @@ -68,8 +68,8 @@ Phases **111+** must not ship kernel behavior that violates ratified axioms or s To amend an axiom: 1. Document conflict with existing laws and spec cases -2. Propose `ares-semantics-v*` bump if guarantees change +2. Propose `clan-semantics-v*` bump if guarantees change 3. Update [SEMANTIC_SPECS.md](SEMANTIC_SPECS.md) and run minimization audit -4. Record decision in [ROADMAP_POST100.md](ROADMAP_POST100.md) phase 110+ notes +4. Record decision in [ROADMAP_POST100.md](ROADMAP_POST100.md) scope 110+ notes Default: **reject** charter changes that weaken A1, A2, A5, A7, or A10 without extraordinary rationale. diff --git a/docs/BUILD_INTEGRITY.md b/docs/BUILD_INTEGRITY.md index fc1488a..b16534d 100644 --- a/docs/BUILD_INTEGRITY.md +++ b/docs/BUILD_INTEGRITY.md @@ -12,7 +12,7 @@ status: authoritative semantics_version: 1.0.0 ``` -Epoch 2 prereq; phases 131–133 implementation. Epoch 0 stub. +Epoch 2 prereq; scopes 131–133 implementation. Epoch 0 stub. --- @@ -30,8 +30,8 @@ Epoch 2 prereq; phases 131–133 implementation. Epoch 0 stub. |------|--------| | Tool manifest | `scripts/repro-manifest.toml` (rustc, llvm, linker pins) | | Dual-build hash | stub CI — compare `target/` kernel hash twice same source | -| `install_userland.py` | FS install hook for `ares-rt` demo | -| Signed images | phases 131–133 | +| `install_userland.py` | FS install hook for `clan-rt` demo | +| Signed images | scopes 131–133 | ### Reproducibility manifest (stub) @@ -41,4 +41,4 @@ rustc = "stable" target = "x86_64-unknown-none" ``` -QEMU scripts: `python scripts/gate/legacy.py --phase 201 --timeout 180`, `python scripts/gate/legacy.py --phase 134 --timeout 180`, `python scripts/gate/legacy.py --phase 404 --timeout 180`, `python scripts/gate/legacy.py --phase 149 --timeout 180`, `python scripts/gate/legacy.py --phase 150 --timeout 180`. +QEMU scripts: `python scripts/gate/boot.py --gate virtio_blk --timeout 180`, `python scripts/gate/boot.py --gate build_endpoints --timeout 180`, `python scripts/gate/boot.py --gate network_compat --timeout 180`, `python scripts/gate/boot.py --gate scheduler_epoch --timeout 180`, `python scripts/gate/boot.py --gate boundary --timeout 180`. diff --git a/docs/CAP_REGISTRY.toml b/docs/CAP_REGISTRY.toml index 8fe52bc..80c8ba0 100644 --- a/docs/CAP_REGISTRY.toml +++ b/docs/CAP_REGISTRY.toml @@ -72,4 +72,4 @@ namespace = "compat" object_kind = "FsNode" operations = ["create", "close"] semantic_relation = "disjoint" -notes = "Phase 115 compat only — not parallel handle type" +notes = "Scope 115 compat only — not parallel handle type" diff --git a/docs/COMPAT_ISOLATION.md b/docs/COMPAT_ISOLATION.md index f8d3bc4..90dbc88 100644 --- a/docs/COMPAT_ISOLATION.md +++ b/docs/COMPAT_ISOLATION.md @@ -19,12 +19,12 @@ Threat node: `T-compat-shim-escape`. ## Policy - Compat syscalls operate on **per-caller FD sessions** — no ambient shim capability -- Path broker (phase 115) is **compat-only** — no parallel native handle type (G1) +- Path broker (scope 115) is **compat-only** — no parallel native handle type (G1) - `compat-internal` IPC bridge is **not** PipeLite (A5) and **not** native truth -- Native processes cannot enumerate global namespace (phase 117) +- Native processes cannot enumerate global namespace (scope 117) --- ## Broker boundary -Platform brokers mint caps only via documented grant paths (`storage_broker`, `permission_broker`). Compat ELF loading unchanged (phase 119 bridge). +Platform brokers mint caps only via documented grant paths (`storage_broker`, `permission_broker`). Compat ELF loading unchanged (scope 119 bridge). diff --git a/docs/COMPAT_SUNSET.md b/docs/COMPAT_SUNSET.md index d1cf2e2..927d5b5 100644 --- a/docs/COMPAT_SUNSET.md +++ b/docs/COMPAT_SUNSET.md @@ -28,7 +28,7 @@ Reviewed at **every epoch gate** in commit body + validation matrix. | Mechanism | Tracks | |-----------|--------| -| `ipc-bridge-compat-internal` | IPC bridge call sites (phases 122–133) → **zero by phase 134** | +| `ipc-bridge-compat-internal` | IPC bridge call sites (scopes 122–133) → **zero by scope 134** | | COMPAT_SUNSET metric | Compat socket ABI, ELF path, FD substrate (epoch 4+) | --- diff --git a/docs/DECISION_LOG.md b/docs/DECISION_LOG.md index bc337a5..74d05dc 100644 --- a/docs/DECISION_LOG.md +++ b/docs/DECISION_LOG.md @@ -14,7 +14,7 @@ semantics_version: 1.1.0 Records alternatives considered, rationale, and epoch. **Routine decisions** are encouraged but non-gating. -**Gated decisions** (see `phase_checklist_schema.toml` `[required_decisions]`): a `DECISION_LOG` entry is **required before phase close** for the epoch where the decision is made. +**Gated decisions** (see `scope_checklist_schema.toml` `[required_decisions]`): a `DECISION_LOG` entry is **required before scope close** for the epoch where the decision is made. --- @@ -26,7 +26,7 @@ Records alternatives considered, rationale, and epoch. **Routine decisions** are **Alternatives:** priority inheritance; priority ceiling; explicit denial (no inheritance) **Decision:** **Priority ceiling** — when a task holds a cap blocking a higher-priority client, the holder runs at the ceiling of blocked priorities for the duration of the critical section (cap held across syscall/wait). **Rationale:** Bounded latency without unbounded inheritance chains; matches broker-centric epoch 1 architecture. -**Consequences:** `SCHEDULER_MODEL.md` § Priority ceiling; Kani target before phase 128 brokers. +**Consequences:** `SCHEDULER_MODEL.md` § Priority ceiling; Kani target before scope 128 brokers. ### r_destroy_notify_ordering — R-destroy-notify delivery ordering (epoch 0) @@ -74,7 +74,7 @@ Records alternatives considered, rationale, and epoch. **Routine decisions** are **Alternatives:** kernel TCB driver; process + device caps; hybrid **Decision:** **Hybrid** — kernel provides MMIO/IRQ trampoline and DMA mapping gates; **userspace driver host** holds `device.*` caps and virtio protocol stack. **Rationale:** Minimizes TCB while meeting virtio-blk/net epoch 2 schedule; aligns with GpuContext/userspace driver pattern. -**Consequences:** `DRIVER_MODEL.md`; VIRTIO_SAFETY.md boundary; phase 122+ driver host checklist. +**Consequences:** `DRIVER_MODEL.md`; VIRTIO_SAFETY.md boundary; scope 122+ driver host checklist. ### suspend_flush_timeout — Suspend flush timeout behavior (epoch 0) diff --git a/docs/DEMAND_PAGING.md b/docs/DEMAND_PAGING.md index c50afe0..1ca0e78 100644 --- a/docs/DEMAND_PAGING.md +++ b/docs/DEMAND_PAGING.md @@ -1,8 +1,8 @@ # Demand Paging -Phases 38 and 47 add user `#PF` handling: anonymous demand-zero growth and file-backed slices from storage. +Scopes 38 and 47 add user `#PF` handling: anonymous demand-zero growth and file-backed slices from storage. -## Phase 38 — Demand-Zero +## Scope 38 — Demand-Zero `demand_paging` maps previously unmapped user pages on fault with zero-filled frames. Used for guarded stack/heap growth during hardware bring-up. @@ -12,7 +12,7 @@ Boot smoke: See [VALIDATION_GATES.md](VALIDATION_GATES.md) for gate serial lines. ``` -## Phase 47 — File-Backed +## Scope 47 — File-Backed On fault, the handler can satisfy a mapping by reading a page from the simple filesystem when the faulting address corresponds to a prepared file-backed region. @@ -24,13 +24,13 @@ See [VALIDATION_GATES.md](VALIDATION_GATES.md) for gate serial lines. ## W^X Interaction -Phase 48 rejects user mappings that combine writable and executable flags. Demand paging must not install W+X pages; see [USER_PAGE_TABLES.md](USER_PAGE_TABLES.md). +Scope 48 rejects user mappings that combine writable and executable flags. Demand paging must not install W+X pages; see [USER_PAGE_TABLES.md](USER_PAGE_TABLES.md). ## Validation ```bash -python scripts/gate/legacy.py --phase 38 --timeout 180 -python scripts/gate/legacy.py --phase 47 --timeout 180 +python scripts/gate/boot.py --gate sched_userspace --timeout 180 +python scripts/gate/boot.py --gate dynamic_runtime --timeout 180 ``` ## Deferred diff --git a/docs/DESIGN_NORTH_STAR.md b/docs/DESIGN_NORTH_STAR.md index 48f9583..bcd34e2 100644 --- a/docs/DESIGN_NORTH_STAR.md +++ b/docs/DESIGN_NORTH_STAR.md @@ -1,4 +1,4 @@ -# AresOS Design North Star +# Clan OS Design North Star ```yaml status: superseded-by: docs/architecture/DESIGN_NORTH_STAR.md @@ -7,7 +7,7 @@ semantics_version: 1.0.0 > **Canonical:** [`docs/architecture/DESIGN_NORTH_STAR.md`](architecture/DESIGN_NORTH_STAR.md). This flat copy retains epoch scorecard rows until migration squash reconciles content. -Falsifiable targets for phases 121–150. See [`CHARTER.md`](../CHARTER.md), [`THREAT_MODEL.md`](THREAT_MODEL.md). +Falsifiable targets for scopes 121–150. See [`CHARTER.md`](../CHARTER.md), [`THREAT_MODEL.md`](THREAT_MODEL.md). --- @@ -15,16 +15,16 @@ Falsifiable targets for phases 121–150. See [`CHARTER.md`](../CHARTER.md), [`T | Row | Claim | Falsifier | |-----|-------|-----------| -| Capability security | No ambient authority in native path | Compat-internal counter > 0 at phase 134 gate | +| Capability security | No ambient authority in native path | Compat-internal counter > 0 at scope 134 gate | | Evidence pyramid | Every closed critical threat node has tier A/B/C proof | `threat_node_proof_coverage_ratio` < 1.0 | | Compat sunset | Fixed corpus % native-only E2E | COMPAT_SUNSET metric regression without review | | Reproducible build | Dual-build hash match | BUILD_INTEGRITY CI failure | | Public security process | Disclosure + key compromise playbooks | Missing before M150 release | | Windows comparison | Named rows or explicit non-commitment | See § Comparative position | -| **M200** scheduling | `SCHEDULING_UNIFIED` S-* cases executable; semantic lint on ABI bumps | AresOS-Gate: name=scheduling ok=true smoke false | -| **M250** hardware/SDK | QEMU→HW procedure + signed images; native SDK path | AresOS-Gate: name=hardware ok=true smoke false | -| **M300** federation | Distributed endpoint protocol + observability tooling | AresOS-Gate: name=federation ok=true smoke false | -| **M350** release 1.0 | Zero open threats; never-stabilize graduated; dual-build + compat threshold | AresOS-Gate: name=release ok=true smoke false | +| **M200** scheduling | `SCHEDULING_UNIFIED` S-* cases executable; semantic lint on ABI bumps | ClanOS-Gate: name=scheduling ok=true smoke false | +| **M250** hardware/SDK | QEMU→HW procedure + signed images; native SDK path | ClanOS-Gate: name=hardware ok=true smoke false | +| **M300** federation | Distributed endpoint protocol + observability tooling | ClanOS-Gate: name=federation ok=true smoke false | +| **M350** release 1.0 | Zero open threats; never-stabilize graduated; dual-build + compat threshold | ClanOS-Gate: name=release ok=true smoke false | --- @@ -32,7 +32,7 @@ Falsifiable targets for phases 121–150. See [`CHARTER.md`](../CHARTER.md), [`T **Linux:** capability-native IPC and generation-based revocation as structural differentiators. -**seL4:** formal proof depth; AresOS targets tiered evidence (proptest + Kani + selective Verus) with Rust implementation velocity. +**seL4:** formal proof depth; Clan OS targets tiered evidence (proptest + Kani + selective Verus) with Rust implementation velocity. **Hyper-V / VM isolation:** not primary QEMU-era target; note in ARCHITECTURE_TARGETS. diff --git a/docs/DEVICES.md b/docs/DEVICES.md index 1b3cd7b..5167dfb 100644 --- a/docs/DEVICES.md +++ b/docs/DEVICES.md @@ -1,6 +1,6 @@ -# Device Design (Phase 8) +# Device Design (Scope 8) -AresOS Phase 8 introduces a small device layer and block-device manager. The goal is to prove driver registration, discovery, block backend selection, and filesystem mounting through a managed device path before implementing full AHCI, NVMe, or virtio-blk drivers. +Clan OS Scope 8 introduces a small device layer and block-device manager. The goal is to prove driver registration, discovery, block backend selection, and filesystem mounting through a managed device path before implementing full AHCI, NVMe, or virtio-blk drivers. ## Layers @@ -40,11 +40,11 @@ The block manager in `kernel/src/block.rs` tracks block backends independently f - readonly flag - driver-backed flag -Phase 8 ships with `qemu-sim-block0`, a simulated QEMU-style driver-backed block backend. It uses the same sector read/write path as a future hardware driver, while keeping validation deterministic. +Scope 8 ships with `qemu-sim-block0`, a simulated QEMU-style driver-backed block backend. It uses the same sector read/write path as a future hardware driver, while keeping validation deterministic. ## Storage Integration -`kernel/src/storage.rs` now mounts `SimpleFs` through `ManagedBlockDevice`, which delegates sector I/O to the active block backend. The Phase 7 `MemoryBlockDevice` remains available for focused filesystem tests. +`kernel/src/storage.rs` now mounts `SimpleFs` through `ManagedBlockDevice`, which delegates sector I/O to the active block backend. The Scope 7 `MemoryBlockDevice` remains available for focused filesystem tests. The kernel emits: @@ -63,7 +63,7 @@ See [VALIDATION_GATES.md](VALIDATION_GATES.md) for gate serial lines. ## Validation ```bash -python scripts/gate/legacy.py --phase 8 --timeout 180 +python scripts/gate/boot.py --gate shell_storage --timeout 180 python scripts/validation_matrix.py --soak-duration 30 --latency-duration 30 --boot-wait 90 --smoke-timeout 180 ``` diff --git a/docs/EPOCH3_IPC_PLAN.md b/docs/EPOCH3_IPC_PLAN.md index c8c1b10..b3bc5ad 100644 --- a/docs/EPOCH3_IPC_PLAN.md +++ b/docs/EPOCH3_IPC_PLAN.md @@ -6,10 +6,10 @@ status: epoch-scoped: 3 Pre-epoch planning commit deliverables (before implementation): -- Expand phase 131–140 checklists to epoch-1 detail level +- Expand scope 131–140 checklists to epoch-1 detail level - Signed system images + reproducible build CI (BUILD_INTEGRITY) -- Phase **134**: remove interim IPC bridge; CI `ipc_bridge_compat_internal` counter → 0 -- P-134 semantic ordering smoke corpus populated at phase 133 +- Scope **134**: remove interim IPC bridge; CI `ipc_bridge_compat_internal` counter → 0 +- P-134 semantic ordering smoke corpus populated at scope 133 - Audit IPC correlation on wire (ERROR_TAXONOMY + WIRE_SCHEMA_REGISTRY) Gate: 1M message soak; benchmark vs prior epoch; compat review. diff --git a/docs/EPOCH4_NETWORK_PLAN.md b/docs/EPOCH4_NETWORK_PLAN.md index e07c951..6a2f58a 100644 --- a/docs/EPOCH4_NETWORK_PLAN.md +++ b/docs/EPOCH4_NETWORK_PLAN.md @@ -8,7 +8,7 @@ Pre-epoch planning commit: - virtio-net driver (shared virtio framework with epoch 2 blk) - Compat TCP/UDP + multi-fd `select` — WIRE_SCHEMA_REGISTRY + COMPAT_SUNSET -- Network broker (phase 125) becomes functional +- Network broker (scope 125) becomes functional - Network isolation placeholder (broker-filtered caps vs external-routable) Gate: socket P99 benchmark; compat review. diff --git a/docs/EPOCH5_SCHEDULER_GUI_PLAN.md b/docs/EPOCH5_SCHEDULER_GUI_PLAN.md index e974d2a..0b8736d 100644 --- a/docs/EPOCH5_SCHEDULER_GUI_PLAN.md +++ b/docs/EPOCH5_SCHEDULER_GUI_PLAN.md @@ -7,8 +7,8 @@ status: epoch-scoped: 5 Pre-epoch planning commit: - SMP loom test plan per shared structure -- ABI_COMPOSITOR_IPC before phase 145 -- Phase 147 full OOM — suspend frozen-in-memory; MEM_BUDGET_STUB enforcement +- ABI_COMPOSITOR_IPC before scope 145 +- Scope 147 full OOM — suspend frozen-in-memory; MEM_BUDGET_STUB enforcement - AP bring-up only after loom + SMP review Gate: compositor crash smoke; full matrix; benchmarks. diff --git a/docs/EPOCH_FAILURE_PROCEDURE.md b/docs/EPOCH_FAILURE_PROCEDURE.md index 6c2d016..077e1a0 100644 --- a/docs/EPOCH_FAILURE_PROCEDURE.md +++ b/docs/EPOCH_FAILURE_PROCEDURE.md @@ -18,13 +18,13 @@ See [`CHARTER.md`](../CHARTER.md), [`DESIGN_NORTH_STAR.md`](DESIGN_NORTH_STAR.md ## Stale epoch -Epoch marked stale on compound hard-gate failure or unresolved cross-doc drift. Recovery budget: ~2 phase-cycles; beyond → charter-level decision. +Epoch marked stale on compound hard-gate failure or unresolved cross-doc drift. Recovery budget: ~2 scope-cycles; beyond → charter-level decision. --- ## Benchmark regression -Multi-phase regression uses bisection. Standard tool: `scripts/project_health.py --bisect <metric> <start> <end>` — binary search over git log re-running health checks. +Multi-scope regression uses bisection. Standard tool: `scripts/project_health.py --bisect <metric> <start> <end>` — binary search over git log re-running health checks. --- @@ -36,7 +36,7 @@ Signed image must be reproducible from tagged source. Divergence procedures docu ## CAP_REGISTRY reconciliation -Registry ↔ markdown mismatch → epoch stale. Owner = phase owner who introduced drift. +Registry ↔ markdown mismatch → epoch stale. Owner = scope owner who introduced drift. --- @@ -54,4 +54,4 @@ Additive/clarification semver OK with second reviewer. Breaking foundational cha ## Soak test failure -Triage owner: epoch lead or named soak owner. Distinct from phase revert path. +Triage owner: epoch lead or named soak owner. Distinct from scope revert path. diff --git a/docs/EXECUTABLE_IMAGES.md b/docs/EXECUTABLE_IMAGES.md index 7bf4393..30a04d7 100644 --- a/docs/EXECUTABLE_IMAGES.md +++ b/docs/EXECUTABLE_IMAGES.md @@ -1,13 +1,13 @@ # Executable Image Groundwork -Phase 11 adds executable-image recognition and address-space descriptors. Phase 12 adds load plans that model page-aligned placement, copy actions, zero-fill actions, and reservation accounting. Neither phase executes arbitrary machine code yet. +Scope 11 adds executable-image recognition and address-space descriptors. Scope 12 adds load plans that model page-aligned placement, copy actions, zero-fill actions, and reservation accounting. Neither scope executes arbitrary machine code yet. ## Image Manifest -Image programs use the existing `ares-exec-v1` envelope: +Image programs use the existing `clan-exec-v1` envelope: ```text -ares-exec-v1 +clan-exec-v1 name=hello kind=elf64-image entry=0x400000 @@ -18,7 +18,7 @@ owner=user description=ELF image validation fixture ``` -The loader still supports `kind=builtin-alias` for current stored programs. `kind=elf64-image` is discoverable and validatable, but `run hello` returns an unsupported-execution error until a future phase adds executable mappings and privilege transitions. +The loader still supports `kind=builtin-alias` for current stored programs. `kind=elf64-image` is discoverable and validatable, but `run hello` returns an unsupported-execution error until a future scope adds executable mappings and privilege transitions. ## ELF64 Validation @@ -35,7 +35,7 @@ The parser rejects invalid magic, unsupported architecture, invalid header layou ## Address-Space Descriptors -Phase 11 introduces descriptor-only address spaces: +Scope 11 introduces descriptor-only address spaces: - `AddressSpaceId` - `VirtualRegion` @@ -46,7 +46,7 @@ Descriptors validate user ranges, overlap, empty regions, and writable+executabl ## Load Plans -Phase 12 converts validated images into load plans: +Scope 12 converts validated images into load plans: - page-aligned regions - file-backed copy ranges diff --git a/docs/FAILURE_MODES_LEDGER.md b/docs/FAILURE_MODES_LEDGER.md index 1de966d..1f0648e 100644 --- a/docs/FAILURE_MODES_LEDGER.md +++ b/docs/FAILURE_MODES_LEDGER.md @@ -13,7 +13,7 @@ Pathologies, OOM, cap exhaustion — cross-ref `FAULT_ESCALATION.md`, `ERROR_TAX | Id | Mode | Tier | Doc | |----|------|------|-----| -| FM-oom-stub | MEM_BUDGET_STUB saturation | 1 | phase 121 | +| FM-oom-stub | MEM_BUDGET_STUB saturation | 1 | scope 121 | | FM-cap-quota | Cap quota exceeded | remediable structural | ERROR_TAXONOMY | | FM-audit-flush | Audit flush timeout on suspend | 3 | FAULT_ESCALATION | | FM-handler-exhaust | Fault handler MEM_BUDGET exhausted | 3 | FAULT_ESCALATION | diff --git a/docs/FAULT_ESCALATION.md b/docs/FAULT_ESCALATION.md index 42abff9..c396915 100644 --- a/docs/FAULT_ESCALATION.md +++ b/docs/FAULT_ESCALATION.md @@ -78,7 +78,7 @@ Tier-3 halt/reboot: deliver terminal to active IPC callers before halt (max time | State | Milestone 150 | |-------|---------------| -| **Suspend** (phase 147) | Frozen-in-memory; no persistent checkpoint | +| **Suspend** (scope 147) | Frozen-in-memory; no persistent checkpoint | | **Checkpoint/restore** | Out of scope until post-150 | ### Suspend/resume policy diff --git a/docs/FILE_DESCRIPTORS.md b/docs/FILE_DESCRIPTORS.md index 654541d..5d16179 100644 --- a/docs/FILE_DESCRIPTORS.md +++ b/docs/FILE_DESCRIPTORS.md @@ -1,8 +1,8 @@ # File Descriptors and User Paths -Phases 44–46 expose bounded user/kernel data transfer for paths and file I/O through the hardware syscall table. +Scopes 44–46 expose bounded user/kernel data transfer for paths and file I/O through the hardware syscall table. -## Phase 44 — User Paths +## Scope 44 — User Paths `user_path::copy_path_from_user` validates a NUL-terminated path in user memory (length cap, no kernel pointers). Syscall `ReadPathProbe` (id 65) round-trips a probe string for smoke tests. @@ -12,9 +12,9 @@ Boot smoke: See [VALIDATION_GATES.md](VALIDATION_GATES.md) for gate serial lines. ``` -## Phase 45 — FD Table +## Scope 45 — FD Table -Bring-up uses a global `fd_table` (spin `Mutex`) mapping small integer FDs to storage file indices. Syscalls: +Per-process tables hold up to **64** open descriptors (`kernel/src/fd_table.rs::MAX_FDS`). Syscalls: - `OpenFile` (66) — open by path with permission checks - `CloseFile` (67) @@ -25,7 +25,7 @@ Boot smoke: See [VALIDATION_GATES.md](VALIDATION_GATES.md) for gate serial lines. ``` -## Phase 46 — FD I/O +## Scope 46 — FD I/O - `ReadFd` (68) — read into user buffer with `copy_to_user` - `WriteFd` (69) — write from user buffer with `copy_from_user` @@ -41,13 +41,12 @@ Hardware syscall dispatch passes `arg1`/`arg2` from `rsi`/`rdx` for these calls. ## Validation ```bash -python scripts/gate/legacy.py --phase 44 --timeout 180 -python scripts/gate/legacy.py --phase 45 --timeout 180 -python scripts/gate/legacy.py --phase 46 --timeout 180 +python scripts/gate/boot.py --gate dynamic_runtime --timeout 180 +python scripts/gate/boot.py --gate dynamic_runtime --timeout 180 +python scripts/gate/boot.py --gate dynamic_runtime --timeout 180 ``` ## Deferred -- Per-process FD tables and `dup` / `fcntl` -- Pipes, sockets, and non-storage backends +- Pipes, sockets, and non-storage backends beyond current pipe/serial paths - `select` / `poll` integration diff --git a/docs/FRAME_BACKED_IMAGES.md b/docs/FRAME_BACKED_IMAGES.md index ade2a4e..4c703e2 100644 --- a/docs/FRAME_BACKED_IMAGES.md +++ b/docs/FRAME_BACKED_IMAGES.md @@ -1,6 +1,6 @@ # Frame-Backed Images -Phase 15 converts Phase 13 mapped-image stubs into frame-backed image records. These records consume owned frames from the Phase 14 frame ownership service and attach them to the mapped executable pages. Phase 16 uses these records to build inactive user page-table descriptors. +Scope 15 converts Scope 13 mapped-image stubs into frame-backed image records. These records consume owned frames from the Scope 14 frame ownership service and attach them to the mapped executable pages. Scope 16 uses these records to build inactive user page-table descriptors. ## Backed Image Contents @@ -15,7 +15,7 @@ A `FrameBackedImage` records: - owner credentials - `MappingState::FrameBacked` -The copy and zero-fill operations are still accounting records. They are associated with owned backing frames, but Phase 15 does not install those frames into process page tables or execute from them. +The copy and zero-fill operations are still accounting records. They are associated with owned backing frames, but Scope 15 does not install those frames into process page tables or execute from them. ## Loader Flow @@ -45,4 +45,4 @@ See [VALIDATION_GATES.md](VALIDATION_GATES.md) for gate serial lines. ## Safety Boundary -`run hello` remains unsupported in Phase 15. Frame-backed records are the data needed by later page-table work, not executable user mappings. Phase 16 adds descriptor translation, but still does not switch CR3. +`run hello` remains unsupported in Scope 15. Frame-backed records are the data needed by later page-table work, not executable user mappings. Scope 16 adds descriptor translation, but still does not switch CR3. diff --git a/docs/FRAME_OWNERSHIP.md b/docs/FRAME_OWNERSHIP.md index 0b2c01b..91d7019 100644 --- a/docs/FRAME_OWNERSHIP.md +++ b/docs/FRAME_OWNERSHIP.md @@ -1,6 +1,6 @@ # Frame Ownership -Phase 14 introduces a persistent frame ownership service. It records a bounded pool of usable physical frame addresses from the bootloader memory map after the kernel heap has consumed its boot-time frames. +Scope 14 introduces a persistent frame ownership service. It records a bounded pool of usable physical frame addresses from the bootloader memory map after the kernel heap has consumed its boot-time frames. ## What It Tracks @@ -12,7 +12,7 @@ The frame ownership registry records: - available and allocated frame counts - allocation, release, and failed-allocation counters -Owners are intentionally simple in this phase: kernel, image, page-table, and test. Later phases can use these records to back executable images and inactive user page tables. +Owners are intentionally simple in this scope: kernel, image, page-table, and test. Later scopes can use these records to back executable images and inactive user page tables. ## Boot Flow @@ -20,10 +20,10 @@ Owners are intentionally simple in this phase: kernel, image, page-table, and te flowchart TD BootInfo[BootInfoMemoryMap] --> Heap[HeapFrameAllocation] Heap --> FrameOwnership[FrameOwnershipInit] -FrameOwnership --> Smoke[Phase14FramesSmoke] +FrameOwnership --> Smoke[Scope14FramesSmoke] ``` -Phase 14 skips frames already consumed by heap initialization and tracks a bounded subset of remaining usable frames. It does not replace the boot allocator or install user page-table mappings. +Scope 14 skips frames already consumed by heap initialization and tracks a bounded subset of remaining usable frames. It does not replace the boot allocator or install user page-table mappings. ## Shell And Syscalls @@ -41,6 +41,6 @@ See [VALIDATION_GATES.md](VALIDATION_GATES.md) for gate serial lines. ## Safety Boundary -Phase 14 is ownership bookkeeping. Phase 13 mapping stubs still use deterministic frame tokens and do not consume real owned frames. +Scope 14 is ownership bookkeeping. Scope 13 mapping stubs still use deterministic frame tokens and do not consume real owned frames. -Phase 15 consumes owned frames for frame-backed executable image records. Those frames are still not installed into user page tables or executed. +Scope 15 consumes owned frames for frame-backed executable image records. Those frames are still not installed into user page tables or executed. diff --git a/docs/INDEX.md b/docs/INDEX.md index 2139d84..ee33d3c 100644 --- a/docs/INDEX.md +++ b/docs/INDEX.md @@ -1,4 +1,4 @@ -# AresOS Documentation Index +# Clan OS Documentation Index Central index for validation gates, deep-dive guides, and historical scope checklists. The public roadmap lives in the root [README](../README.md). @@ -28,7 +28,7 @@ python scripts/validation_matrix.py --smoke-timeout 180 Canonical scripts live under `scripts/gate/` and `scripts/preemption/`. Legacy shims at `scripts/gate/boot.py` forward to the gate package. -## Boot gate subsystems (phases 6–150) +## Boot gate subsystems (scopes 6–150) | Gate | Scope | Check | |------|-------|-------| @@ -89,7 +89,7 @@ Module: `kernel/src/system_gate.rs` | [RIGHTS_ALGEBRA.md](RIGHTS_ALGEBRA.md) | Authority calculus; G2 | | [TEMPORAL_SEMANTICS.md](TEMPORAL_SEMANTICS.md) | Visibility; G5 | | [SEMANTIC_SPECS.md](SEMANTIC_SPECS.md) | Architecture-preservation cases | -| [ABI_SYSCALL.md](ABI_SYSCALL.md) | Compat `ares-abi-v1` | +| [ABI_SYSCALL.md](ABI_SYSCALL.md) | Compat `clan-abi-v1` | | [ABI_IPC.md](ABI_IPC.md) | Endpoint guarantees; G3 | ## Deep-dive guides @@ -107,28 +107,28 @@ Module: `kernel/src/system_gate.rs` | [SMP.md](SMP.md) | APs, IPI, work-stealing | | [context-lab.md](context-lab.md) | Cooperative context lab | -## Historical phase checklists +## Historical scope checklists -Per-phase checklists (`phase-*-checklist.md`) record **completed implementation scope**. They are not the runtime validation surface — use [VALIDATION_GATES.md](VALIDATION_GATES.md). +Per-scope checklists (`scope-*-checklist.md`) record **completed implementation scope**. They are not the runtime validation surface — use [VALIDATION_GATES.md](VALIDATION_GATES.md). <details> -<summary>Phases 1–100 (click to expand file links)</summary> +<summary>Scopes 1–100 (click to expand file links)</summary> -| Phase | Topic | Checklist | +| Scope | Topic | Checklist | |------:|-------|-----------| -| 1 | Boot | [phase-1-checklist.md](phase-1-checklist.md) | -| 2 | Hardware / IRQ | [phase-2-checklist.md](phase-2-checklist.md) | -| 3 | Memory / paging | [phase-3-checklist.md](phase-3-checklist.md) | -| 4 | Processes | [phase-4-checklist.md](phase-4-checklist.md) | -| 5 | Preemptive scheduling | [phase-5-checklist.md](phase-5-checklist.md) | -| 6–100 | Userland through SMP integration | [phase-6-checklist.md](phase-6-checklist.md) … [phase-100-checklist.md](phase-100-checklist.md) | +| 1 | Boot | [scope-1-checklist.md](scope-1-checklist.md) | +| 2 | Hardware / IRQ | [scope-2-checklist.md](scope-2-checklist.md) | +| 3 | Memory / paging | [scope-3-checklist.md](scope-3-checklist.md) | +| 4 | Processes | [scope-4-checklist.md](scope-4-checklist.md) | +| 5 | Preemptive scheduling | [scope-5-checklist.md](scope-5-checklist.md) | +| 6–100 | Userland through SMP integration | [scope-6-checklist.md](scope-6-checklist.md) … [scope-100-checklist.md](scope-100-checklist.md) | </details> <details> -<summary>Phases 101–500 (click to expand)</summary> +<summary>Scopes 101–500 (click to expand)</summary> -Constitutional (101–110), capabilities (111–120), platform brokers (121–130), build/IPC (131–140), scheduler epoch (141–149), boundary (150), post-150 roadmaps (151–500). Individual files: `phase-NNN-checklist.md`. +Constitutional (101–110), capabilities (111–120), platform brokers (121–130), build/IPC (131–140), scheduler epoch (141–149), boundary (150), post-150 roadmaps (151–500). Individual files: `scope-NNN-checklist.md`. </details> diff --git a/docs/IPC_INTERIM_BRIDGE.md b/docs/IPC_INTERIM_BRIDGE.md index d5585a0..340edaf 100644 --- a/docs/IPC_INTERIM_BRIDGE.md +++ b/docs/IPC_INTERIM_BRIDGE.md @@ -5,7 +5,7 @@ status: authoritative semantics_version: 1.0.0 ``` -Phases **122–133** only. Removed at phase **134** (CI counter must be zero). +Scopes **122–133** only. Removed at scope **134** (CI counter must be zero). Tagged `compat-internal` — not PipeLite (A5), not native endpoint truth. @@ -31,6 +31,6 @@ Schema: `ipc.interim.v1` in WIRE_SCHEMA_REGISTRY.md. ## CI -`ipc_bridge_compat_internal_count()` — grep + runtime counter; **must be 0** at phase 134 gate. +`ipc_bridge_compat_internal_count()` — grep + runtime counter; **must be 0** at scope 134 gate. Compat sockets (epoch 4) use COMPAT_SUNSET only — not this counter. diff --git a/docs/IPC_VERSION_NEGOTIATION.md b/docs/IPC_VERSION_NEGOTIATION.md index 5b2d06a..d10e8a2 100644 --- a/docs/IPC_VERSION_NEGOTIATION.md +++ b/docs/IPC_VERSION_NEGOTIATION.md @@ -12,7 +12,7 @@ status: authoritative semantics_version: 1.0.0 ``` -Required before phase **134** endpoint cutover. +Required before scope **134** endpoint cutover. --- @@ -20,7 +20,7 @@ Required before phase **134** endpoint cutover. - Discovery handshake returns supported `ipc.interim.v1` / future `endpoint.v1` ranges - Max spread documented; downgrade edges proptest-covered before 134 -- **P-134 property:** interim FIFO-per-session behaviors ⊆ native endpoint ordering smoke corpus (populated phase 133) +- **P-134 property:** interim FIFO-per-session behaviors ⊆ native endpoint ordering smoke corpus (populated scope 133) --- diff --git a/docs/KERNEL_OBJECT_MODEL.md b/docs/KERNEL_OBJECT_MODEL.md index 4493542..1240542 100644 --- a/docs/KERNEL_OBJECT_MODEL.md +++ b/docs/KERNEL_OBJECT_MODEL.md @@ -7,15 +7,15 @@ semantics_version: 1.2.0 > **Canonical:** [`docs/architecture/KERNEL_OBJECT_MODEL.md`](architecture/KERNEL_OBJECT_MODEL.md). This flat copy is retained until the doc migration epoch squash reconciles any differences. -**Gate G1** — phases **115+** must not introduce new handle semantics without charter revision. +**Gate G1** — scopes **115+** must not introduce new handle semantics without charter revision. -Phase **110** constitutional default: **immutable object identity + generation invalidation**. +Scope **110** constitutional default: **immutable object identity + generation invalidation**. See: [AXIOMS.md](AXIOMS.md), [RIGHTS_ALGEBRA.md](RIGHTS_ALGEBRA.md), [SEMANTIC_SPECS.md](SEMANTIC_SPECS.md) (R-03, E-03, T-02). --- -## Design decision (phase 110) +## Design decision (scope 110) **Adopted:** each kernel object has a stable `ObjectId` and a monotonic **generation** counter. Authority changes invalidate derived capabilities via generation bump — not in-place mutation of object rights. @@ -62,7 +62,7 @@ Not a literal Rust trait in the kernel yet — architectural contract: 4. **Revoke** — generation bump and/or slot invalidation per TEMPORAL_SEMANTICS 5. **Close** — drop handle slot; may not destroy object if other caps exist -Phase 115 **path broker** uses compat handles only — must not add a parallel handle type. +Scope 115 **path broker** uses compat handles only — must not add a parallel handle type. --- @@ -77,9 +77,9 @@ Triggers (non-exhaustive): hard revoke, service restart, broker session end, end --- -## Implementation phases (future) +## Implementation scopes (future) -| Phase | Work | +| Scope | Work | |------:|------| | 111 | `CapHandle` → `KernelObject` ref, single table | | 112–113 | Lifecycle syscalls (G2) | diff --git a/docs/LOAD_PLANS.md b/docs/LOAD_PLANS.md index 80112b8..9aa1033 100644 --- a/docs/LOAD_PLANS.md +++ b/docs/LOAD_PLANS.md @@ -1,6 +1,6 @@ # Executable Load Plans -Phase 12 turns validated executable images into deterministic load plans. It models how an ELF image would be placed in memory, but still does not allocate real user frames, switch page tables, enter Ring 3, or jump to stored code. +Scope 12 turns validated executable images into deterministic load plans. It models how an ELF image would be placed in memory, but still does not allocate real user frames, switch page tables, enter Ring 3, or jump to stored code. ## Load Plan Contents @@ -27,22 +27,22 @@ Address-space descriptors now include reservation metadata: - read-only pages - mapping state -The mapping state remains `Planned` in Phase 12. Phase 13 can convert a prepared plan into `MappedStub`, which is still accounting-only; no active page table is mutated by shell or loader paths. +The mapping state remains `Planned` in Scope 12. Scope 13 can convert a prepared plan into `MappedStub`, which is still accounting-only; no active page table is mutated by shell or loader paths. ## Loader Prepare Flow ```mermaid flowchart TD -Manifest["ares-exec-v1 Manifest"] --> ValidateImage[ValidateImage] +Manifest["clan-exec-v1 Manifest"] --> ValidateImage[ValidateImage] ValidateImage --> LoadPlanner[LoadPlanner] LoadPlanner --> ReservationAccounting[ReservationAccounting] ReservationAccounting --> ProcessMetadata[ProcessMetadata] ProcessMetadata --> ShellStatus[ShellStatus] ``` -The loader exposes `prepare_program_image(credentials, name)` for image programs. `run hello` still returns unsupported execution, preserving the Phase 11 safety boundary. +The loader exposes `prepare_program_image(credentials, name)` for image programs. `run hello` still returns unsupported execution, preserving the Scope 11 safety boundary. -Phase 13 adds `map_prepared_program(credentials, name)`, which takes the same validated plan and creates deterministic frame-token mapping records. It records copy and zero-fill byte counts, but does not write image bytes into executable memory. +Scope 13 adds `map_prepared_program(credentials, name)`, which takes the same validated plan and creates deterministic frame-token mapping records. It records copy and zero-fill byte counts, but does not write image bytes into executable memory. ## Shell And Smoke @@ -60,7 +60,7 @@ Boot emits: See [VALIDATION_GATES.md](VALIDATION_GATES.md) for gate serial lines. ``` -Phase 13 additionally emits: +Scope 13 additionally emits: ```text See [VALIDATION_GATES.md](VALIDATION_GATES.md) for gate serial lines. diff --git a/docs/MAPPING_STUBS.md b/docs/MAPPING_STUBS.md index 33f210c..dab9bd1 100644 --- a/docs/MAPPING_STUBS.md +++ b/docs/MAPPING_STUBS.md @@ -1,6 +1,6 @@ # Mapping Stubs -Phase 13 turns Phase 12 load plans into deterministic frame-backed mapping stubs. These records model the frames and actions an executable image would need, while still avoiding page-table mutation, CR3 switching, Ring 3 entry, or jumps to ELF code. +Scope 13 turns Scope 12 load plans into deterministic frame-backed mapping stubs. These records model the frames and actions an executable image would need, while still avoiding page-table mutation, CR3 switching, Ring 3 entry, or jumps to ELF code. ## What A Mapping Stub Contains @@ -22,7 +22,7 @@ Frame tokens are deterministic accounting handles. They are not physical frames ```mermaid flowchart TD -Manifest["ares-exec-v1 Manifest"] --> Prepare[PrepareProgramImage] +Manifest["clan-exec-v1 Manifest"] --> Prepare[PrepareProgramImage] Prepare --> LoadPlan[LoadPlan] LoadPlan --> MappingStub[MappingStub] MappingStub --> Registry[MappingRegistry] @@ -54,4 +54,4 @@ See [VALIDATION_GATES.md](VALIDATION_GATES.md) for gate serial lines. ## Safety Boundary -Mapping stubs are still accounting records. They do not write executable memory, install user page tables, switch CR3, enter Ring 3, or run ELF entry points. `run hello` remains blocked with unsupported execution until a future phase implements real user-mode execution. +Mapping stubs are still accounting records. They do not write executable memory, install user page tables, switch CR3, enter Ring 3, or run ELF entry points. `run hello` remains blocked with unsupported execution until a future scope implements real user-mode execution. diff --git a/docs/NATIVE_DEVELOPER_EXPERIENCE.md b/docs/NATIVE_DEVELOPER_EXPERIENCE.md index 58a693f..16db5b1 100644 --- a/docs/NATIVE_DEVELOPER_EXPERIENCE.md +++ b/docs/NATIVE_DEVELOPER_EXPERIENCE.md @@ -2,7 +2,7 @@ **UX is part of architecture.** No ambient paths is correct technically but **ecosystem-hostile** if tooling is weak — developers will retreat to compat. -Outline phase **110**; SDK work phases **161–170** ([ROADMAP_POST100.md](ROADMAP_POST100.md)). +Outline scope **110**; SDK work scopes **161–170** ([ROADMAP_POST100.md](ROADMAP_POST100.md)). See: [AXIOMS.md](AXIOMS.md), [ABI_SECURITY.md](ABI_SECURITY.md), [NATIVE_MODEL.md](NATIVE_MODEL.md). @@ -52,7 +52,7 @@ Native model uses **capability grants** and broker-issued handles. Without ergon Track metric (future): % native launches vs compat ELF — target growth as SDK matures. -Phase 128+ mandatory `ares-native-v1` for native tier binaries. +Scope 128+ mandatory `clan-native-v1` for native tier binaries. --- diff --git a/docs/NATIVE_MODEL.md b/docs/NATIVE_MODEL.md index eee1c35..0f5b0f2 100644 --- a/docs/NATIVE_MODEL.md +++ b/docs/NATIVE_MODEL.md @@ -1,6 +1,6 @@ # Native Model (Post-100) -AresOS after phase 100 is a **formally governed post-Unix capability system** — semantic constitutionalism, not “Linux but smaller.” +Clan OS after scope 100 is a **formally governed post-Unix capability system** — semantic constitutionalism, not “Linux but smaller.” **Central truth:** preserving **semantic coherence across decades** is harder than building the kernel. @@ -14,7 +14,7 @@ See: [AXIOMS.md](AXIOMS.md), [ROADMAP_POST100.md](ROADMAP_POST100.md), [KERNEL_O |--------|----------------| | Authority | No ambient authority; explicit transfer; amplification exceptional (A1) | | Identity | Immutable object identity + generation invalidation | -| IPC | Endpoints; semantics are platform ABI (`ares-semantics-v*`) | +| IPC | Endpoints; semantics are platform ABI (`clan-semantics-v*`) | | Runtime | Async-native OS contract; language-neutral [ABI_RUNTIME.md](ABI_RUNTIME.md) | | Scheduling | Service-centric; actor-like mailboxes (compat remains process-centric) | | Governance | Axioms, G1–G5, spec cases, jurisdiction, lint | @@ -26,7 +26,7 @@ See: [AXIOMS.md](AXIOMS.md), [ROADMAP_POST100.md](ROADMAP_POST100.md), [KERNEL_O | Contract | Document | |----------|----------| -| Native binary / load | `ares-native-v1` (future `ares-bin`; ELF = compat) | +| Native binary / load | `clan-native-v1` (future `clan-bin`; ELF = compat) | | Native runtime ABI | [ABI_RUNTIME.md](ABI_RUNTIME.md) | | Native manifest | Permissions, caps requested, service declarations | | Native service model | Restartable platform services ([SEMANTIC_JURISDICTION.md](SEMANTIC_JURISDICTION.md)) | @@ -77,7 +77,7 @@ Paths are **broker-mediated**, **compat-only**, or **developer-facing labels** ( --- -## Four system layers (phase 150 review) +## Four system layers (scope 150 review) | Layer | Trust | Contains | |-------|-------|----------| @@ -90,7 +90,7 @@ Paths are **broker-mediated**, **compat-only**, or **developer-facing labels** ( ## Philosophy before implementation -Phases **111+** are blocked until phase **110** signs off gates G1–G5 ([AXIOMS.md](AXIOMS.md)). +Scopes **111+** are blocked until scope **110** signs off gates G1–G5 ([AXIOMS.md](AXIOMS.md)). Capabilities are the **system language** (resource, authority, IPC, scheduling) — not permission flags. @@ -106,4 +106,4 @@ Capabilities are the **system language** (resource, authority, IPC, scheduling) | Service | Broker / daemon instance | | Update | Atomic system revision / rollback epoch | -Federation (multi-device trust, sync) is deferred beyond phase 150 — see [ROADMAP_POST100.md](ROADMAP_POST100.md) § Beyond 150. +Federation (multi-device trust, sync) is deferred beyond scope 150 — see [ROADMAP_POST100.md](ROADMAP_POST100.md) § Beyond 150. diff --git a/docs/NEW_CAP_KIND_CHECKLIST.md b/docs/NEW_CAP_KIND_CHECKLIST.md index 3a92f74..c03e9f2 100644 --- a/docs/NEW_CAP_KIND_CHECKLIST.md +++ b/docs/NEW_CAP_KIND_CHECKLIST.md @@ -11,4 +11,4 @@ Placeholder for gap #100 — required before adding `ObjectKind` variants post-1 2. Threat node in [`THREAT_NODES.toml`](THREAT_NODES.toml) 3. Proof harness tier A/B in [`kani_harness_registry.toml`](../kani_harness_registry.toml) 4. Native error code in ERROR_TAXONOMY -5. Phase owner sign-off in epoch gate manifest +5. Scope owner sign-off in epoch gate manifest diff --git a/docs/PLAN_SUPERSESSION.md b/docs/PLAN_SUPERSESSION.md index 698a908..4cdbed3 100644 --- a/docs/PLAN_SUPERSESSION.md +++ b/docs/PLAN_SUPERSESSION.md @@ -10,7 +10,7 @@ After `gap_registry.toml` import is reviewed and **scope-freeze** is recorded, t | Superseded | Living reference | |------------|------------------| -| `aresos_full_os_build_b960e4a0.plan.md` | `gap_registry.toml` + `CHARTER.md` + `DESIGN_NORTH_STAR.md` + individual spec docs | +| `clanos_full_os_build_b960e4a0.plan.md` | `gap_registry.toml` + `CHARTER.md` + `DESIGN_NORTH_STAR.md` + individual spec docs | Do not maintain parallel sources of truth. New gaps are tracked only in `gap_registry.toml`. diff --git a/docs/PROGRAMS.md b/docs/PROGRAMS.md index 1b0e556..175a1c0 100644 --- a/docs/PROGRAMS.md +++ b/docs/PROGRAMS.md @@ -1,13 +1,13 @@ -# Program Loader Design (Phases 9-11) +# Program Loader Design (Scopes 9-11) -AresOS Phase 9 introduces stored program records. Programs are discovered from `/bin/*` files in the Phase 7 filesystem mounted through the Phase 8 block manager. +Clan OS Scope 9 introduces stored program records. Programs are discovered from `/bin/*` files in the Scope 7 filesystem mounted through the Scope 8 block manager. -Phase 9 did not execute raw machine code. Instead, each stored program was a small manifest that mapped a filesystem record to a known built-in entry target. Phase 11 extends that contract with discoverable ELF64 image records that can be validated but not executed yet. +Scope 9 did not execute raw machine code. Instead, each stored program was a small manifest that mapped a filesystem record to a known built-in entry target. Scope 11 extends that contract with discoverable ELF64 image records that can be validated but not executed yet. ## Manifest Format ```text -ares-exec-v1 +clan-exec-v1 name=echo kind=builtin-alias entry=echo @@ -33,7 +33,7 @@ Optional fields: Image programs use: ```text -ares-exec-v1 +clan-exec-v1 name=hello kind=elf64-image entry=0x400000 @@ -51,11 +51,11 @@ flowchart TD RunCommand[run Command] --> UserspaceRun[userspace run_program] UserspaceRun --> ProgramLoader[Program Loader] ProgramLoader --> StorageApi[Storage API] -ProgramLoader --> ExecutePolicy[Phase10 Execute Check] +ProgramLoader --> ExecutePolicy[Scope10 Execute Check] StorageApi --> SimpleFs[SimpleFs] -SimpleFs --> BlockManager[Phase8 Block Manager] +SimpleFs --> BlockManager[Scope8 Block Manager] ProgramLoader --> BuiltinDispatch[BuiltIn Dispatch] -ProgramLoader --> ImageValidation[Phase11 Image Validation] +ProgramLoader --> ImageValidation[Scope11 Image Validation] BuiltinDispatch --> ProcessRegistry[Process Registry] BuiltinDispatch --> Output[Program Output] ``` @@ -87,7 +87,7 @@ Loader status is also available through syscall/status helpers: - invalid image count - unsupported execution count -Phase 11 also emits: +Scope 11 also emits: ```text See [VALIDATION_GATES.md](VALIDATION_GATES.md) for gate serial lines. @@ -96,15 +96,15 @@ See [VALIDATION_GATES.md](VALIDATION_GATES.md) for gate serial lines. ## Validation ```bash -python scripts/gate/legacy.py --phase 9 --timeout 180 +python scripts/gate/boot.py --gate loader_security --timeout 180 python scripts/validation_matrix.py --soak-duration 30 --latency-duration 30 --boot-wait 90 --smoke-timeout 180 ``` -## Phases 37–43 — Hardware Load and Trust +## Scopes 37–43 — Hardware Load and Trust -- Phase 37 discovers `elf64-image` manifests and runs allowlisted hardware paths including `tickprobe`. -- Phases 41–42 map `libc_stub` at `0x700000` and apply `GLOB_DAT` import relocs (see [SHARED_LIBRARIES.md](SHARED_LIBRARIES.md)). -- Phase 43 runs `trust=system` manifests without name allowlist membership (see [SECURITY.md](SECURITY.md)). +- Scope 37 discovers `elf64-image` manifests and runs allowlisted hardware paths including `tickprobe`. +- Scopes 41–42 map `libc_stub` at `0x700000` and apply `GLOB_DAT` import relocs (see [SHARED_LIBRARIES.md](SHARED_LIBRARIES.md)). +- Scope 43 runs `trust=system` manifests without name allowlist membership (see [SECURITY.md](SECURITY.md)). ## Deferred Work diff --git a/docs/PROTOCOL_CHANGELOG.md b/docs/PROTOCOL_CHANGELOG.md index 66be726..413cee3 100644 --- a/docs/PROTOCOL_CHANGELOG.md +++ b/docs/PROTOCOL_CHANGELOG.md @@ -26,4 +26,4 @@ Initial constitutional docs — no wire protocol bumps yet. | Doc | Bump | Rationale | |-----|------|-----------| -| `docs/architecture/KERNEL_OBJECT_MODEL.md` | 1.3.0.additive.0 | **Additive:** sections absent from pre-reconcile canonical — phase-110 design decision, universal interface table, G1 handle semantics list, generation invalidation, full mint/delegation authority, cap schema version, confinement, kind freeze, implementation-phase table, BrokerSession kind row, TOCTOU diagram (implementation-verified). **Clarification:** merged wording for reference cycles, bootstrap ceremony, R-destroy-notify where canonical already had shorter forms. No wire format change. | +| `docs/architecture/KERNEL_OBJECT_MODEL.md` | 1.3.0.additive.0 | **Additive:** sections absent from pre-reconcile canonical — scope-110 design decision, universal interface table, G1 handle semantics list, generation invalidation, full mint/delegation authority, cap schema version, confinement, kind freeze, implementation-scope table, BrokerSession kind row, TOCTOU diagram (implementation-verified). **Clarification:** merged wording for reference cycles, bootstrap ceremony, R-destroy-notify where canonical already had shorter forms. No wire format change. | diff --git a/docs/RELEASE_SCORECARD_M400.md b/docs/RELEASE_SCORECARD_M400.md index 8722317..f2cdae6 100644 --- a/docs/RELEASE_SCORECARD_M400.md +++ b/docs/RELEASE_SCORECARD_M400.md @@ -30,5 +30,5 @@ semantics_version: 1.0.0 | Prior release | M350 regression-free | `scripts/gate/system.py --gate release` | -| Boot smoke | `AresOS-Gate: name=functional ok=true` | QEMU serial | +| Boot smoke | `ClanOS-Gate: name=functional ok=true` | QEMU serial | diff --git a/docs/RELEASE_SCORECARD_M500.md b/docs/RELEASE_SCORECARD_M500.md index bd47596..d5fdb0a 100644 --- a/docs/RELEASE_SCORECARD_M500.md +++ b/docs/RELEASE_SCORECARD_M500.md @@ -11,12 +11,12 @@ semantics_version: 1.0.0 | System gate | `SYSTEM_GATE_VERSION = 1.0.0` | `system_gate.rs` | | Functional OS | Desktop + userland + network | `scripts/gate/system.py --gate functional` | | CI matrix | Unified gate wired | `validation_matrix.py` | -| ares-rt no_std | `#![no_std]` on lib | `scripts/gate/ares_rt.py` | +| clan-rt no_std | `#![no_std]` on lib | `scripts/gate/clan_rt.py` | | Production SMP | AP scheduler smoke | `scripts/gate/system.py --gate production` | | Signed ELF corpus | Digest-verified user manifests | `production_gate` kernel smoke | | External network | `has_external_network = true` | `architecture_state.toml` | | Compat bridge | `ipc_bridge_compat_internal = 0` | kernel boot | | Boot gate | `BOOT_GATE_VERSION = 1.0.0` | `boot_gate.rs` | -| Boot smoke | `AresOS-BootGate: ok=true` | QEMU serial | -| System smoke | `AresOS-SystemGate: ok=true` | QEMU serial | +| Boot smoke | `ClanOS-BootGate: ok=true` | QEMU serial | +| System smoke | `ClanOS-SystemGate: ok=true` | QEMU serial | | Host checks | boot + system | `scripts/gate/host.py` | diff --git a/docs/RIGHTS_ALGEBRA.md b/docs/RIGHTS_ALGEBRA.md index e74c29f..0b7ed2a 100644 --- a/docs/RIGHTS_ALGEBRA.md +++ b/docs/RIGHTS_ALGEBRA.md @@ -7,7 +7,7 @@ semantics_version: 1.1.0 > **Canonical:** [`docs/architecture/RIGHTS_ALGEBRA.md`](architecture/RIGHTS_ALGEBRA.md). This flat copy retained until migration squash reconciles any differences. -**Gate G2** — phases **112–113** cap lifecycle implementation blocked until this document is signed off at phase 110. +**Gate G2** — scopes **112–113** cap lifecycle implementation blocked until this document is signed off at scope 110. **Epoch 0:** ratified as grounding doc for brokers epoch 1+. Composition laws below require Kani + proptest before epoch 1 brokers. @@ -75,7 +75,7 @@ Must remain coherent under: service death, broker restart, app update, user perm ## Minimization (A10) -Prefer deriving IPC or storage rules from this algebra rather than parallel subsystem-only “permission” docs. New laws after phase 110 require minimization review in [AXIOMS.md](AXIOMS.md). +Prefer deriving IPC or storage rules from this algebra rather than parallel subsystem-only “permission” docs. New laws after scope 110 require minimization review in [AXIOMS.md](AXIOMS.md). --- diff --git a/docs/RING3_TRAMPOLINE.md b/docs/RING3_TRAMPOLINE.md index ebf3399..05147b3 100644 --- a/docs/RING3_TRAMPOLINE.md +++ b/docs/RING3_TRAMPOLINE.md @@ -1,6 +1,6 @@ # Controlled Ring 3 Trampoline -Phase 18 adds a controlled trampoline result path for user-entry validation. It records that a prepared user context entered the controlled path and trapped back through the reserved user trap vector. Phase 19 builds on this with user syscall return metadata. +Scope 18 adds a controlled trampoline result path for user-entry validation. It records that a prepared user context entered the controlled path and trapped back through the reserved user trap vector. Scope 19 builds on this with user syscall return metadata. ## Trampoline Result @@ -41,4 +41,4 @@ See [VALIDATION_GATES.md](VALIDATION_GATES.md) for gate serial lines. ## Safety Boundary -Phase 18 validates the controlled trampoline path and trap metadata. It does not run arbitrary ELF code. Phase 19 exposes a syscall return ABI for a controlled probe, but still does not execute arbitrary ELF syscall instructions. +Scope 18 validates the controlled trampoline path and trap metadata. It does not run arbitrary ELF code. Scope 19 exposes a syscall return ABI for a controlled probe, but still does not execute arbitrary ELF syscall instructions. diff --git a/docs/ROADMAP_151_350.md b/docs/ROADMAP_151_350.md index c106643..6f6be21 100644 --- a/docs/ROADMAP_151_350.md +++ b/docs/ROADMAP_151_350.md @@ -1,23 +1,23 @@ -# Post-150 Roadmap (Phases 151–350) +# Post-150 Roadmap (Scopes 151–350) ```yaml status: authoritative semantics_version: 1.0.0 ``` -Continues from [ROADMAP_POST100.md](ROADMAP_POST100.md) milestone 150. Living plan: [`.cursor/plans/aresos_build_151_350.plan.md`](../.cursor/plans/aresos_build_151_350.plan.md). +Continues from [ROADMAP_POST100.md](ROADMAP_POST100.md) milestone 150. Living plan: [`.cursor/plans/clanos_build_151_350.plan.md`](../.cursor/plans/clanos_build_151_350.plan.md). -**Pace:** 1–3 phases/month. Milestone 350 targets 1.0 release gate (~5–8 years post-150). +**Pace:** 1–3 scopes/month. Milestone 350 targets 1.0 release gate (~5–8 years post-150). --- ## Epoch map -| Epoch | Phases | Milestone | Theme | +| Epoch | Scopes | Milestone | Theme | |-------|--------|-----------|-------| | 7 | 151–175 | — | Stub graduation: loom, OOM, audit/build, Kani tier B | | 8 | 176–200 | **200** | SCHEDULING_UNIFIED + meta-semantics + semantic lint CI | -| 9 | 201–225 | — | Native SDK / UX; ares-rt production path | +| 9 | 201–225 | — | Native SDK / UX; clan-rt production path | | 10 | 226–250 | **250** | Language adapters; POSIX depth; QEMU→hardware | | 11 | 251–275 | — | Userspace drivers; IOMMU/DMA; GPU isolation | | 12 | 276–300 | **300** | Observability; federation; distributed endpoints | @@ -26,9 +26,9 @@ Continues from [ROADMAP_POST100.md](ROADMAP_POST100.md) milestone 150. Living pl --- -## Phases 151–175 (Epoch 7) +## Scopes 151–175 (Epoch 7) -| Phase | Title | Layer | +| Scope | Title | Layer | |------:|-------|-------| | 151 | Loom ENDPOINT_QUEUES harness | kernel | | 152 | Loom SESSION_QUEUES harness | kernel | @@ -58,22 +58,22 @@ Continues from [ROADMAP_POST100.md](ROADMAP_POST100.md) milestone 150. Living pl --- -## Phases 176–200 (Epoch 8 → Milestone 200) +## Scopes 176–200 (Epoch 8 → Milestone 200) -| Phase | Title | +| Scope | Title | |------:|-------| | 176–180 | Service-centric scheduler implementation (S-*) | | 181–185 | Meta-semantics M-* precedence table | -| 186–190 | Semantic lint CI for ares-semantics-v* | +| 186–190 | Semantic lint CI for clan-semantics-v* | | 191–195 | Full health dashboard | | 196–199 | Four-layer boundary review II | | 200 | **Milestone 200** integration gate | --- -## Phases 201–250 (Epochs 9–10 → Milestone 250) +## Scopes 201–250 (Epochs 9–10 → Milestone 250) -| Phase | Title | +| Scope | Title | |------:|-------| | 201–210 | Native SDK / manifest tooling / UX | | 211–220 | Language runtime adapters (Rust, C) | @@ -84,9 +84,9 @@ Continues from [ROADMAP_POST100.md](ROADMAP_POST100.md) milestone 150. Living pl --- -## Phases 251–300 (Epochs 11–12 → Milestone 300) +## Scopes 251–300 (Epochs 11–12 → Milestone 300) -| Phase | Title | +| Scope | Title | |------:|-------| | 251–265 | DRIVER_MODEL implementation; userspace drivers | | 266–275 | Semantic observability tooling | @@ -96,9 +96,9 @@ Continues from [ROADMAP_POST100.md](ROADMAP_POST100.md) milestone 150. Living pl --- -## Phases 301–350 (Epochs 13–14 → Milestone 350) +## Scopes 301–350 (Epochs 13–14 → Milestone 350) -| Phase | Title | +| Scope | Title | |------:|-------| | 301–310 | Checkpoint/restore security domain | | 311–320 | FORMAL_MODEL.md + Tier D / Verus | @@ -113,10 +113,10 @@ Continues from [ROADMAP_POST100.md](ROADMAP_POST100.md) milestone 150. Living pl | Line | Epoch | |------|-------| -| `AresOS-Gate: name=integrity ok=true` | 7 | -| `AresOS-Gate: name=scheduling ok=true` | 8 | -| `AresOS-Gate: name=hardware ok=true` | 10 | -| `AresOS-Gate: name=federation ok=true` | 12 | -| `AresOS-Gate: name=release ok=true` | 14 | +| `ClanOS-Gate: name=integrity ok=true` | 7 | +| `ClanOS-Gate: name=scheduling ok=true` | 8 | +| `ClanOS-Gate: name=hardware ok=true` | 10 | +| `ClanOS-Gate: name=federation ok=true` | 12 | +| `ClanOS-Gate: name=release ok=true` | 14 | Scripts: `python scripts/gate/system.py --gate integrity --timeout 180`, `python scripts/gate/system.py --gate scheduling --timeout 180`, `python scripts/gate/system.py --gate hardware --timeout 180`, `python scripts/gate/system.py --gate federation --timeout 180`, `python scripts/gate/system.py --gate release --timeout 180`. diff --git a/docs/ROADMAP_351_400.md b/docs/ROADMAP_351_400.md index a759753..9081bff 100644 --- a/docs/ROADMAP_351_400.md +++ b/docs/ROADMAP_351_400.md @@ -1,4 +1,4 @@ -# Post-350 Roadmap (Phases 351–400) +# Post-350 Roadmap (Scopes 351–400) ```yaml status: authoritative @@ -7,22 +7,22 @@ semantics_version: 1.0.0 Continues from [ROADMAP_151_350.md](ROADMAP_151_350.md) milestone 350. Goal: **functional desktop OS** — interactive GUI, native userland, working network, and installable apps. -**Pace:** 1–3 phases/month. +**Pace:** 1–3 scopes/month. --- ## Epoch map -| Epoch | Phases | Milestone | Theme | +| Epoch | Scopes | Milestone | Theme | |-------|--------|-----------|-------| | 15 | 351–375 | **375** | Graphics desktop: framebuffer, compositor, shell UI | | 16 | 376–400 | **400** | Native userland production, functional network, app ecosystem | --- -## Phases 351–375 (Epoch 15 → Desktop) +## Scopes 351–375 (Epoch 15 → Desktop) -| Phase | Title | Layer | +| Scope | Title | Layer | |------:|-------|-------| | 351 | VGA mode 13h framebuffer + desktop shell frame | kernel | | 352 | Mouse input + window focus model | kernel | @@ -34,11 +34,11 @@ Continues from [ROADMAP_151_350.md](ROADMAP_151_350.md) milestone 350. Goal: **f --- -## Phases 376–400 (Epoch 16 → Userland + Network) +## Scopes 376–400 (Epoch 16 → Userland + Network) -| Phase | Title | +| Scope | Title | |------:|-------| -| 376–385 | ares-rt ring-3 ELF install + syscall surface | +| 376–385 | Clan OS runtime (`clan-rt`) ring-3 ELF install + syscall surface | | 386–395 | Virtio-net TX/RX path; compat socket depth | | 396–399 | Package install hook; `/bin` native programs | | 400 | **Milestone 400** functional OS gate | **complete** | @@ -49,7 +49,7 @@ Continues from [ROADMAP_151_350.md](ROADMAP_151_350.md) milestone 350. Goal: **f | Criterion | Falsifier | |-----------|-----------| -| Desktop | AresOS-Gate: name=desktop ok=true smoke false | +| Desktop | ClanOS-Gate: name=desktop ok=true smoke false | | Native apps | No ring-3 ELF runs from `/bin` manifest | | Network | Loopback ping smoke false | -| Boot | AresOS-Gate: name=release ok=true regression | +| Boot | ClanOS-Gate: name=release ok=true regression | diff --git a/docs/ROADMAP_401_500.md b/docs/ROADMAP_401_500.md index cbe7803..4e16bbc 100644 --- a/docs/ROADMAP_401_500.md +++ b/docs/ROADMAP_401_500.md @@ -1,4 +1,4 @@ -# Post-400 Roadmap (Phases 401–500) +# Post-400 Roadmap (Scopes 401–500) ```yaml status: authoritative @@ -7,15 +7,15 @@ semantics_version: 1.0.0 Continues from [ROADMAP_351_400.md](ROADMAP_351_400.md) milestone 400. Goal: **fully operational OS** — production SMP, signed userland, external network, hardware bring-up path, and M500 release gate. -**Pace:** 1–3 phases/month. +**Pace:** 1–3 scopes/month. --- ## Epoch map -| Epoch | Phases | Milestone | Theme | +| Epoch | Scopes | Milestone | Theme | |-------|--------|-----------|-------| -| 17 | 401–425 | **425** | CI hardening, validation matrix M400+, `ares-rt` no_std | +| 17 | 401–425 | **425** | CI hardening, validation matrix M400+, `clan-rt` no_std | | 18 | 426–450 | **450** | Production SMP AP scheduler, signed arbitrary ELF corpus | | 19 | 451–475 | **475** | External network depth (`has_external_network`) | | 20 | 476–500 | **500** | QEMU→hardware procedure, M500 release scorecard | @@ -26,7 +26,7 @@ Continues from [ROADMAP_351_400.md](ROADMAP_351_400.md) milestone 400. Goal: **f | Flag | Milestone | Trigger | |------|-----------|---------| -| `has_no_std_enforcement` | 401 | `ares-rt` `#![no_std]` + host `cargo check` | +| `has_no_std_enforcement` | 401 | `clan-rt` `#![no_std]` + host `cargo check` | | `has_external_network` | 475 | External route smoke + threat re-eval | | `has_real_hardware_target` | 500+ | Bare-metal procedure documented in [ARCHITECTURE_TARGETS.md](architecture/ARCHITECTURE_TARGETS.md) | @@ -36,12 +36,12 @@ Continues from [ROADMAP_351_400.md](ROADMAP_351_400.md) milestone 400. Goal: **f | Line | Milestone | Script | |------|-----------|--------| -| `AresOS-Gate: name=ci ok=true` | 425 | `python scripts/gate/system.py --gate ci --timeout 180` | -| `AresOS-Gate: name=production ok=true` | 450 | `python scripts/gate/system.py --gate production --timeout 180` | -| `AresOS-Gate: name=network ok=true` | 475 | `python scripts/gate/system.py --gate network --timeout 180` | -| `AresOS-SystemGate: ok=true` | 500 | `python scripts/gate/system.py --gate system --timeout 180` | +| `ClanOS-Gate: name=ci ok=true` | 425 | `python scripts/gate/system.py --gate ci --timeout 180` | +| `ClanOS-Gate: name=production ok=true` | 450 | `python scripts/gate/system.py --gate production --timeout 180` | +| `ClanOS-Gate: name=network ok=true` | 475 | `python scripts/gate/system.py --gate network --timeout 180` | +| `ClanOS-SystemGate: ok=true` | 500 | `python scripts/gate/system.py --gate system --timeout 180` | -Prior M400 lines remain regression gates: `AresOS-Gate: name=desktop_preview ok=true`, `AresOS-Gate: name=desktop ok=true`, `AresOS-Gate: name=functional ok=true`. +Prior M400 lines remain regression gates: `ClanOS-Gate: name=desktop_preview ok=true`, `ClanOS-Gate: name=desktop ok=true`, `ClanOS-Gate: name=functional ok=true`. --- @@ -49,10 +49,10 @@ Prior M400 lines remain regression gates: `AresOS-Gate: name=desktop_preview ok= | Criterion | Falsifier | |-----------|-----------| -| M400 regression | `AresOS-Gate: name=functional ok=true` smoke false | +| M400 regression | `ClanOS-Gate: name=functional ok=true` smoke false | | Production SMP | AP scheduler smoke false | -| Signed ELF | `phase430_signed_user_elf_smoke` false | -| External network | `AresOS-Gate: name=network ok=true` smoke false | -| Release gate | `AresOS-SystemGate: ok=true` smoke false | +| Signed ELF | `smoke_signed_user_elf` false | +| External network | `ClanOS-Gate: name=network ok=true` smoke false | +| Release gate | `ClanOS-SystemGate: ok=true` smoke false | See [RELEASE_SCORECARD_M500.md](RELEASE_SCORECARD_M500.md). diff --git a/docs/ROADMAP_POST100.md b/docs/ROADMAP_POST100.md index b6716ca..ad1ef59 100644 --- a/docs/ROADMAP_POST100.md +++ b/docs/ROADMAP_POST100.md @@ -1,6 +1,6 @@ -# Post-100 Roadmap (Phases 101–150) +# Post-100 Roadmap (Scopes 101–150) -Constitutional operating-system architecture — **documentation pass** phases 101–110; implementation phases 111+ gated ([AXIOMS.md](AXIOMS.md)). +Constitutional operating-system architecture — **documentation pass** scopes 101–110; implementation scopes 111+ gated ([AXIOMS.md](AXIOMS.md)). **Prime directive:** philosophy before implementation. **Central truth:** semantic coherence across decades is harder than building the kernel. @@ -8,7 +8,7 @@ Index: [INDEX.md](INDEX.md) · Vision: [NATIVE_MODEL.md](NATIVE_MODEL.md) --- -## Governance gates (phase 110 sign-off) +## Governance gates (scope 110 sign-off) | Gate | Blocks | Document | |------|--------|----------| @@ -20,11 +20,11 @@ Index: [INDEX.md](INDEX.md) · Vision: [NATIVE_MODEL.md](NATIVE_MODEL.md) --- -## Phases 101–110 — Freeze formal model (documentation) +## Scopes 101–110 — Freeze formal model (documentation) -| Phase | Title | Layer | Tag | Primary deliverable | +| Scope | Title | Layer | Tag | Primary deliverable | |------:|-------|-------|-----|---------------------| -| 101 | Compat syscall ABI freeze | kernel | compat | [ABI_SYSCALL.md](ABI_SYSCALL.md) `ares-abi-v1` | +| 101 | Compat syscall ABI freeze | kernel | compat | [ABI_SYSCALL.md](ABI_SYSCALL.md) `clan-abi-v1` | | 102 | Memory contract freeze | kernel | compat | [ABI_MEMORY.md](ABI_MEMORY.md) | | 103 | IPC + endpoint guarantees + E-* | kernel | native | [ABI_IPC.md](ABI_IPC.md) (G3) | | 104 | Async OS contract | kernel | native | [ABI_ASYNC.md](ABI_ASYNC.md) | @@ -37,13 +37,13 @@ Index: [INDEX.md](INDEX.md) · Vision: [NATIVE_MODEL.md](NATIVE_MODEL.md) Integration milestone: **110**. -**Status (documentation + validation):** phases 101–110 complete — `semantic_lint.py`, `python scripts/gate/legacy.py --phase 110 --timeout 180`, `AresOS-BootGate: name=constitutional ok=true` boot smoke. +**Status (documentation + validation):** scopes 101–110 complete — `semantic_lint.py`, `python scripts/gate/boot.py --gate constitutional --timeout 180`, `ClanOS-BootGate: name=constitutional ok=true` boot smoke. --- -## Phases 111–120 — Capabilities (implementation) +## Scopes 111–120 — Capabilities (implementation) -| Phase | Title | Layer | Tag | Notes | +| Scope | Title | Layer | Tag | Notes | |------:|-------|-------|-----|-------| | 111 | `CapHandle` → `KernelObject` | kernel | native | G1+G5; single handle table | | 112 | `cap_create` / `cap_close` / transfer | kernel | native | **G2** | @@ -58,13 +58,13 @@ Integration milestone: **110**. Integration milestone: **120**. -**Status (implementation + validation):** phases 111–120 complete — `kernel_object.rs`, `native_syscall.rs` (256–258 kernel-only), `path_broker.rs`, `storage_broker.rs`, `python scripts/gate/legacy.py --phase 120 --timeout 180`, `AresOS-BootGate: name=capabilities ok=true` boot smoke. Ring-3 native syscall allowlist deferred to phase 128 (G4). +**Status (implementation + validation):** scopes 111–120 complete — `kernel_object.rs`, `native_syscall.rs` (256–258 kernel-only), `path_broker.rs`, `storage_broker.rs`, `python scripts/gate/boot.py --gate capabilities --timeout 180`, `ClanOS-BootGate: name=capabilities ok=true` boot smoke. Ring-3 native syscall allowlist deferred to scope 128 (G4). --- -## Phases 121–130 — Platform services +## Scopes 121–130 — Platform services -| Phase | Title | Layer | Tag | +| Scope | Title | Layer | Tag | |------:|-------|-------|-----| | 121 | Service loader contract | platform | native | **complete** — `service_loader.rs` | | 122 | Storage broker | platform | native | **complete** — IPC FS via `storage_broker` + interim bridge | @@ -73,17 +73,17 @@ Integration milestone: **120**. | 125 | Network broker stub | platform | native | **complete** — stub (`network_broker.rs`) | | 126 | Clipboard broker stub | platform | native | **complete** — stub (`clipboard_broker.rs`) | | 127 | Service crash isolation | platform | native | **complete** — tier-2 `service_isolation.rs` | -| 128 | Mandatory `ares-native-v1` manifest | platform | native | **complete** — G4 `native_manifest.rs` | +| 128 | Mandatory `clan-native-v1` manifest | platform | native | **complete** — G4 `native_manifest.rs` | | 129 | Scoped grants in manifest | platform | native | **complete** — scoped grant validation | -| 130 | Integration | platform | governance | **complete** — `AresOS-BootGate: name=platform_brokers ok=true` smoke | +| 130 | Integration | platform | governance | **complete** — `ClanOS-BootGate: name=platform_brokers ok=true` smoke | Integration milestone: **130**. --- -## Phases 131–140 — Immutable system + native async IPC +## Scopes 131–140 — Immutable system + native async IPC -| Phase | Title | Layer | Tag | +| Scope | Title | Layer | Tag | |------:|-------|-------|-----| | 131 | System image + identity epochs | platform | native | | 132 | A/B slots | platform | native | @@ -100,9 +100,9 @@ Integration milestone: **140**. --- -## Phases 141–150 — Scheduler, drivers, layer review +## Scopes 141–150 — Scheduler, drivers, layer review -| Phase | Title | Layer | Tag | +| Scope | Title | Layer | Tag | |------:|-------|-------|-----| | 141 | Service-centric scheduler spec | kernel | native | | 142 | Endpoint-driven wake | kernel | native | @@ -121,11 +121,11 @@ Integration milestone: **150**. ## Beyond 150 -**Superseded:** phases 151–350 are defined in [ROADMAP_151_350.md](ROADMAP_151_350.md) (epochs 7–14, milestones 200/250/300/350). +**Superseded:** scopes 151–350 are defined in [ROADMAP_151_350.md](ROADMAP_151_350.md) (epochs 7–14, milestones 200/250/300/350). --- -## Phase 100 compat backlog (not native drivers) +## Scope 100 compat backlog (not native drivers) TCP/UDP sockets; multi-fd select; full execve envp; file-backed COW; ACPI AP; IFUNC — track under **compat** milestones, not native identity. @@ -133,4 +133,4 @@ TCP/UDP sockets; multi-fd select; full execve envp; file-backed COW; ACPI AP; IF ## A10 minimization (ongoing) -Every new law after 110: [AXIOMS.md](AXIOMS.md) A10 review. Phase 110 records law count per hierarchy layer. +Every new law after 110: [AXIOMS.md](AXIOMS.md) A10 review. Scope 110 records law count per hierarchy layer. diff --git a/docs/SCHEDULER.md b/docs/SCHEDULER.md index 58336a9..031aeb0 100644 --- a/docs/SCHEDULER.md +++ b/docs/SCHEDULER.md @@ -1,6 +1,6 @@ -# Scheduler Design (Phase 5) +# Scheduler Design (Scope 5) -AresOS Phase 5 uses a preemptive, round-robin context scheduler for kernel tasks. +Clan OS Scope 5 uses a preemptive, round-robin context scheduler for kernel tasks. ## Core Policy @@ -37,7 +37,7 @@ A score close to `1.0` indicates balanced scheduling. ## Observability -Phase 5 observability components: +Scope 5 observability components: - Global counters: - process creations / terminations @@ -63,7 +63,7 @@ Main public APIs in `task::scheduler`: - `preempt_if_requested()` - `preempt_if_irq_pending()` - `spawn_context_task(name, entry)` -- `spawn_kernel_tasks_phase5()` +- `spawn_preemption_lab_tasks()` - `stats()` and `context_stats()` - `get_task_metrics(id)` and `get_all_task_metrics()` - `scheduler_lock_contention()` @@ -95,12 +95,12 @@ Current enforced budgets in matrix mode: - fairness score `<= 1.10` - max estimated preemption latency `<= 300ms` (matrix default) -- phase-6 runtime smoke line must report all true flags +- scope-6 runtime smoke line must report all true flags -## Scheduler CR3 (Phase 31) +## Scheduler CR3 (Scope 31) Preemptive context switch applies the next runnable process user CR3 via `apply_scheduler_cr3_for_next`. Process records store `cr3_phys` when hardware page tables are built. -## SMP (Phase 49) +## SMP (Scope 49) `smp::init()` records CPU and parked AP counts and provides TLB flush hooks. Scheduling still runs on the bootstrap processor only. See [SMP.md](SMP.md). diff --git a/docs/SCHEDULING_UNIFIED.md b/docs/SCHEDULING_UNIFIED.md index 75e6af1..85d2bff 100644 --- a/docs/SCHEDULING_UNIFIED.md +++ b/docs/SCHEDULING_UNIFIED.md @@ -12,7 +12,7 @@ status: authoritative semantics_version: 0.1.0-draft ``` -Post-150 service-centric scheduler. Extends [SCHEDULER_MODEL.md](SCHEDULER_MODEL.md). Epoch 8 deliverable (phases 176–200). +Post-150 service-centric scheduler. Extends [SCHEDULER_MODEL.md](SCHEDULER_MODEL.md). Epoch 8 deliverable (scopes 176–200). --- diff --git a/docs/SECURITY.md b/docs/SECURITY.md index 084f6c6..de1034b 100644 --- a/docs/SECURITY.md +++ b/docs/SECURITY.md @@ -1,6 +1,6 @@ # Security Model -Phase 10 adds policy groundwork, not hardware-enforced isolation. The kernel now has static credentials, file permissions, executable trust metadata, and process ownership checks that future ELF loading and address-space isolation can build on. +Scope 10 adds policy groundwork, not hardware-enforced isolation. The kernel now has static credentials, file permissions, executable trust metadata, and process ownership checks that future ELF loading and address-space isolation can build on. ## Identity @@ -11,7 +11,7 @@ The security module defines four roles: - `User`: default shell identity. - `Guest`: read-biased low-trust identity for validation and future sessions. -The default shell starts as `UserId(100)` with role `User`. `su admin`, `su user`, and `su guest` are static role switches for validation only; there is no password or multi-session login layer in this phase. +The default shell starts as `UserId(100)` with role `User`. `su admin`, `su user`, and `su guest` are static role switches for validation only; there is no password or multi-session login layer in this scope. ## File Policy @@ -31,7 +31,7 @@ Shell and syscall read/write/delete paths use checked storage APIs. Legacy unche ## Program Trust -`ares-exec-v1` manifests now accept: +`clan-exec-v1` manifests now accept: - `requires=execute` - `trust=system` or `trust=user` @@ -39,7 +39,7 @@ Shell and syscall read/write/delete paths use checked storage APIs. Legacy unche The loader rejects unsupported trust or requirement values without panicking. Before dispatching a stored built-in alias, the loader checks execute permission on the manifest file and records denied launches separately from normal failed launches. -Phase 11 extends this policy to executable image manifests. `kind=elf64-image` records require execute permission on both the manifest and referenced image file before validation. The image can be parsed and described, but execution is blocked until a future phase adds executable mappings and privilege separation. +Scope 11 extends this policy to executable image manifests. `kind=elf64-image` records require execute permission on both the manifest and referenced image file before validation. The image can be parsed and described, but execution is blocked until a future scope adds executable mappings and privilege separation. ## Process Ownership @@ -66,15 +66,15 @@ See [VALIDATION_GATES.md](VALIDATION_GATES.md) for gate serial lines. ## Limits -Phase 10 intentionally does not provide CPU privilege separation, page-table isolation, real executable memory protections, cryptographic program signatures, groups, ACLs, or capabilities. Those are deferred until the kernel has raw ELF loading and per-process address spaces. +Scope 10 intentionally does not provide CPU privilege separation, page-table isolation, real executable memory protections, cryptographic program signatures, groups, ACLs, or capabilities. Those are deferred until the kernel has raw ELF loading and per-process address spaces. -Phase 11 adds descriptor-only address spaces and ELF64 validation, but still does not switch page tables or run arbitrary stored code. +Scope 11 adds descriptor-only address spaces and ELF64 validation, but still does not switch page tables or run arbitrary stored code. -Phase 12 adds load-plan and reservation accounting for validated images. It still does not allocate executable user frames, mutate process page tables, switch CR3, enter Ring 3, or jump to stored ELF entry points. +Scope 12 adds load-plan and reservation accounting for validated images. It still does not allocate executable user frames, mutate process page tables, switch CR3, enter Ring 3, or jump to stored ELF entry points. -Phase 13 adds deterministic mapping stubs for prepared images. These stubs record owner credentials, frame tokens, mapped pages, copy bytes, and zero-fill bytes, but they remain policy and accounting records rather than hardware-enforced user mappings. +Scope 13 adds deterministic mapping stubs for prepared images. These stubs record owner credentials, frame tokens, mapped pages, copy bytes, and zero-fill bytes, but they remain policy and accounting records rather than hardware-enforced user mappings. -## Trust-Gated Execution (Phase 43) +## Trust-Gated Execution (Scope 43) Hardware ELF launch still requires an allowlisted program name (`hello`, `exit42`, `tickprobe`) for `trust=user` manifests. Programs with `trust=system` may run through `execute_trusted_manifest_elf` without appearing on the name allowlist. @@ -89,10 +89,10 @@ See [VALIDATION_GATES.md](VALIDATION_GATES.md) for gate serial lines. Validation: ```bash -python scripts/gate/legacy.py --phase 43 --timeout 180 +python scripts/gate/boot.py --gate dynamic_runtime --timeout 180 ``` -## Manifest Digest (Phase 58) +## Manifest Digest (Scope 58) Manifests may include `digest=sha256:<hex>` over the referenced ELF bytes. `execute_trusted_manifest_elf` verifies the digest before running `trust=system` programs. This is integrity checking only, not a public-key signature chain. diff --git a/docs/SEMANTIC_JURISDICTION.md b/docs/SEMANTIC_JURISDICTION.md index 827b24d..9246c2c 100644 --- a/docs/SEMANTIC_JURISDICTION.md +++ b/docs/SEMANTIC_JURISDICTION.md @@ -1,8 +1,8 @@ # Semantic Jurisdiction -Who may define new semantics in AresOS — **ownership boundaries**, not bureaucracy. +Who may define new semantics in Clan OS — **ownership boundaries**, not bureaucracy. -Ratified at phase **110** with [AXIOMS.md](AXIOMS.md) and [NATIVE_MODEL.md](NATIVE_MODEL.md). +Ratified at scope **110** with [AXIOMS.md](AXIOMS.md) and [NATIVE_MODEL.md](NATIVE_MODEL.md). --- @@ -20,7 +20,7 @@ Ratified at phase **110** with [AXIOMS.md](AXIOMS.md) and [NATIVE_MODEL.md](NATI ## Rules -1. **New cross-cutting law** → kernel constitutional review + A10 minimization + `ares-semantics-v*` if guarantees change ([ABI_STABILITY.md](ABI_STABILITY.md)). +1. **New cross-cutting law** → kernel constitutional review + A10 minimization + `clan-semantics-v*` if guarantees change ([ABI_STABILITY.md](ABI_STABILITY.md)). 2. **Runtime** cannot introduce implicit amplification (A1) or ambient paths (A2). 3. **Compat** cannot define native behavior; compat-only features must be tagged `compat-scope` in docs and checklists. 4. **Scheduler** cannot override IPC ([ABI_IPC.md](ABI_IPC.md)) or temporal ([TEMPORAL_SEMANTICS.md](TEMPORAL_SEMANTICS.md)) guarantees; it only refines wake precedence. diff --git a/docs/SEMANTIC_LINT.md b/docs/SEMANTIC_LINT.md index 2d749ff..476027c 100644 --- a/docs/SEMANTIC_LINT.md +++ b/docs/SEMANTIC_LINT.md @@ -1,6 +1,6 @@ # Semantic Lint (Architecture Preservation) -Outline at phase **109**; automation scheduled post-110; **CI gate** at phases **159–160** before `ares-semantics-v*` bumps ([ABI_STABILITY.md](ABI_STABILITY.md)). +Outline at scope **109**; automation scheduled post-110; **CI gate** at scopes **159–160** before `clan-semantics-v*` bumps ([ABI_STABILITY.md](ABI_STABILITY.md)). Not full theorem proving — **semantic static analysis** assisting human review. @@ -21,13 +21,13 @@ See: [SEMANTIC_SPECS.md](SEMANTIC_SPECS.md), [AXIOMS.md](AXIOMS.md) A10. --- -## Phase 110 (manual) +## Scope 110 (manual) Until `scripts/semantic_lint.py` exists: - [ ] Every R-/E-/T- case referenced from a law doc - [ ] No native law defined only in compat checklists -- [ ] Minimization audit: law count per hierarchy layer recorded in phase-110 checklist +- [ ] Minimization audit: law count per hierarchy layer recorded in scope-110 checklist --- @@ -36,7 +36,7 @@ Until `scripts/semantic_lint.py` exists: | Tool | Purpose | |------|---------| | `scripts/semantic_lint.py` | Parse docs + optional kernel annotations | -| CI job `semantic-lint` | Required before `ares-semantics-v*` version bump | +| CI job `semantic-lint` | Required before `clan-semantics-v*` version bump | | Doc check in PR template | A10 questions for new law prose | Optional: Rust proc-macro or comment convention `// semantic_spec: R-01` for linkage to tests. diff --git a/docs/SEMANTIC_OBSERVABILITY.md b/docs/SEMANTIC_OBSERVABILITY.md index 1fce515..2e87158 100644 --- a/docs/SEMANTIC_OBSERVABILITY.md +++ b/docs/SEMANTIC_OBSERVABILITY.md @@ -1,6 +1,6 @@ # Semantic Observability (Outline) -**Documentation outline only** in phases 101–110. Implementation targeted phases **181–190** ([ROADMAP_POST100.md](ROADMAP_POST100.md)). +**Documentation outline only** in scopes 101–110. Implementation targeted scopes **181–190** ([ROADMAP_POST100.md](ROADMAP_POST100.md)). Without observability, debugging authority at scale becomes impractical. @@ -24,7 +24,7 @@ See: [AXIOMS.md](AXIOMS.md), [SEMANTIC_SPECS.md](SEMANTIC_SPECS.md) shared IDs, | Capability | Description | |------------|-------------| | **Semantic tracing** | Kernel/broker events tagged with law + case ID | -| **Law-linked diagnostics** | User-visible errors cite `ares-semantics-v*` clause | +| **Law-linked diagnostics** | User-visible errors cite `clan-semantics-v*` clause | | **Capability lineage graph** | ObjectId, generation, parent cap | | **Temporal reconstruction** | Checkpoint-ordered revoke/cancel/restart log per process | @@ -41,7 +41,7 @@ See: [AXIOMS.md](AXIOMS.md), [SEMANTIC_SPECS.md](SEMANTIC_SPECS.md) shared IDs, ## Non-goals (initial ship) - Full distributed trace across machines (federation deferred) -- GUI lineage visualizer (SDK phase 161–170 may prototype) +- GUI lineage visualizer (SDK scope 161–170 may prototype) --- @@ -49,6 +49,6 @@ See: [AXIOMS.md](AXIOMS.md), [SEMANTIC_SPECS.md](SEMANTIC_SPECS.md) shared IDs, Stable before heavy observability investment: -- G1–G5 signed (phase 110) +- G1–G5 signed (scope 110) - Immutable identity + generation ([KERNEL_OBJECT_MODEL.md](KERNEL_OBJECT_MODEL.md)) -- Executable semantic tests for R-* / E-* (phases 112+, 134+) +- Executable semantic tests for R-* / E-* (scopes 112+, 134+) diff --git a/docs/SEMANTIC_SPECS.md b/docs/SEMANTIC_SPECS.md index a6d0745..de3f866 100644 --- a/docs/SEMANTIC_SPECS.md +++ b/docs/SEMANTIC_SPECS.md @@ -2,7 +2,7 @@ Normative scenarios that **must** hold. Not implementation unit tests in this documentation pass — same IDs become executable semantic tests when subsystems exist (QEMU / Rust `#[semantic_spec(...)]`). -**Gate G5** — phase 111+ behavior must not contradict these cases without `ares-semantics-v*` bump. +**Gate G5** — scope 111+ behavior must not contradict these cases without `clan-semantics-v*` bump. See: [AXIOMS.md](AXIOMS.md) A8, [SEMANTIC_LINT.md](SEMANTIC_LINT.md). @@ -47,7 +47,7 @@ Use the same ID in docs, code comments, tests, and diagnostics ([SEMANTIC_OBSERV | **E-04** | Wait-set timeout | Deterministic wake ordering among ready endpoints | | **E-05** | Sustained backpressure | No unbounded kernel queue growth | -**Laws:** [ABI_IPC.md](ABI_IPC.md) — frozen before phase 134 implementation. +**Laws:** [ABI_IPC.md](ABI_IPC.md) — frozen before scope 134 implementation. --- @@ -68,7 +68,7 @@ Use the same ID in docs, code comments, tests, and diagnostics ([SEMANTIC_OBSERV | ID | Scenario | Expected outcome | |----|----------|------------------| -| **M-01** | Same as T-04 | Precedence sketch in TEMPORAL_SEMANTICS; full table phases 156–158 | +| **M-01** | Same as T-04 | Precedence sketch in TEMPORAL_SEMANTICS; full table scopes 156–158 | --- @@ -81,7 +81,7 @@ Use the same ID in docs, code comments, tests, and diagnostics ([SEMANTIC_OBSERV --- -## Law ↔ case linkage matrix (phase 110 audit) +## Law ↔ case linkage matrix (scope 110 audit) Every major law in RIGHTS_ALGEBRA and ABI_IPC must link ≥1 case ID above. @@ -98,8 +98,8 @@ Every major law in RIGHTS_ALGEBRA and ABI_IPC must link ≥1 case ID above. ## Executable tests (future) -| Phase | Work | +| Scope | Work | |------:|------| | 112+ | Rust / QEMU tests tagged with R-* | | 134+ | E-* endpoint tests | -| 159–160 | CI requires semantic lint + spec coverage before `ares-semantics-v*` bump | +| 159–160 | CI requires semantic lint + spec coverage before `clan-semantics-v*` bump | diff --git a/docs/SHARED_LIBRARIES.md b/docs/SHARED_LIBRARIES.md index 6ea3d8c..32b7fc8 100644 --- a/docs/SHARED_LIBRARIES.md +++ b/docs/SHARED_LIBRARIES.md @@ -1,10 +1,10 @@ # Shared Libraries and Dynamic Relocations -Phases 39, 41, and 42 extend the guarded ELF pipeline with `DT_NEEDED` detection, in-kernel shared library mapping, and import relocations. +Scopes 39, 41, and 42 extend the guarded ELF pipeline with `DT_NEEDED` detection, in-kernel shared library mapping, and import relocations. -## Phase 39 — Detection +## Scope 39 — Detection -Seed ELFs may include a dynamic section. `parse_dt_needed` records the dependency name (for example `libc_stub`). Phase 39 applies static relocations only; it does not load a separate ELF yet. +Seed ELFs may include a dynamic section. `parse_dt_needed` records the dependency name (for example `libc_stub`). Scope 39 applies static relocations only; it does not load a separate ELF yet. Boot smoke: @@ -12,7 +12,7 @@ Boot smoke: See [VALIDATION_GATES.md](VALIDATION_GATES.md) for gate serial lines. ``` -## Phase 41 — Mapping +## Scope 41 — Mapping `shared_loader::attach_shared_library` maps `/bin/libc_stub.elf` at virtual address `0x700000` when a main image reports `DT_NEEDED`. If the stub file is absent, bring-up falls back to `/bin/hello.elf` for validation. @@ -22,9 +22,9 @@ Boot smoke: See [VALIDATION_GATES.md](VALIDATION_GATES.md) for gate serial lines. ``` -## Phase 42 — Import Relocations +## Scope 42 — Import Relocations -`elf_reloc` applies `R_X86_64_GLOB_DAT` entries against the mapped shared library base. Static `R_X86_64_RELATIVE` / `R_X86_64_64` relocs from Phase 27 still run for the main image. +`elf_reloc` applies `R_X86_64_GLOB_DAT` entries against the mapped shared library base. Static `R_X86_64_RELATIVE` / `R_X86_64_64` relocs from Scope 27 still run for the main image. Boot smoke: @@ -35,8 +35,8 @@ See [VALIDATION_GATES.md](VALIDATION_GATES.md) for gate serial lines. ## Validation ```bash -python scripts/gate/legacy.py --phase 41 --timeout 180 -python scripts/gate/legacy.py --phase 42 --timeout 180 +python scripts/gate/boot.py --gate dynamic_runtime --timeout 180 +python scripts/gate/boot.py --gate dynamic_runtime --timeout 180 ``` ## Deferred diff --git a/docs/SMP.md b/docs/SMP.md index 309a10d..71168f0 100644 --- a/docs/SMP.md +++ b/docs/SMP.md @@ -1,6 +1,6 @@ # SMP Groundwork -Phase 49 adds multiprocessor detection and hooks for future TLB management without scheduling work on application processors yet. +Scope 49 adds multiprocessor detection and hooks for future TLB management without scheduling work on application processors yet. ## Behavior @@ -16,17 +16,17 @@ Boot smoke: See [VALIDATION_GATES.md](VALIDATION_GATES.md) for gate serial lines. ``` -Phase 31 binds CR3 on preemptive context switch on the bootstrap processor only. Phase 49 does not migrate runnable tasks to APs. +Scope 31 binds CR3 on preemptive context switch on the bootstrap processor only. Scope 49 does not migrate runnable tasks to APs. ## Validation ```bash -python scripts/gate/legacy.py --phase 49 --timeout 180 +python scripts/gate/boot.py --gate dynamic_runtime --timeout 180 ``` -## Runqueue Skeleton (Phase 59) +## Runqueue Skeleton (Scope 59) -Phase 59 increments per-CPU enqueue counters when the BSP scheduler preempts. Application processors remain parked; this is accounting only, not work migration. +Scope 59 increments per-CPU enqueue counters when the BSP scheduler preempts. Application processors remain parked; this is accounting only, not work migration. Boot smoke: @@ -34,7 +34,7 @@ Boot smoke: See [VALIDATION_GATES.md](VALIDATION_GATES.md) for gate serial lines. ``` -## TLB Shootdown Accounting (Phase 68) +## TLB Shootdown Accounting (Scope 68) `smp::request_tlb_shootdown()` records shootdown requests and completions per online CPU, then flushes the local TLB on the BSP. Munmap and demand-map paths call this helper instead of flushing silently. @@ -44,7 +44,7 @@ Boot smoke: See [VALIDATION_GATES.md](VALIDATION_GATES.md) for gate serial lines. ``` -## AP Idle Accounting (Phase 69) +## AP Idle Accounting (Scope 69) When more than one CPU is reported, `smp::init()` increments `ap_idle_ticks` to represent parked application processors in an idle state. This is accounting only; APs do not run the scheduler yet. @@ -54,9 +54,9 @@ Boot smoke: See [VALIDATION_GATES.md](VALIDATION_GATES.md) for gate serial lines. ``` -## IPI TLB Shootdown Stub (Phase 78) +## IPI TLB Shootdown Stub (Scope 78) -`request_tlb_shootdown()` records logical IPI send/ack counters (`ipi_shootdown_sent`, `ipi_shootdown_acked`) for all online CPUs, then flushes the BSP TLB. Munmap (phase 73) calls this helper after PTE changes. +`request_tlb_shootdown()` records logical IPI send/ack counters (`ipi_shootdown_sent`, `ipi_shootdown_acked`) for all online CPUs, then flushes the BSP TLB. Munmap (scope 73) calls this helper after PTE changes. Boot smoke: @@ -64,7 +64,7 @@ Boot smoke: See [VALIDATION_GATES.md](VALIDATION_GATES.md) for gate serial lines. ``` -## AP Idle Trampoline (Phase 79) +## AP Idle Trampoline (Scope 79) `ap_idle_trampoline()` is the minimal AP entry stub: it accounts `AP_TRAMPOLINE_ENTERED` and bumps `ap_idle_ticks`. A real `hlt` loop is deferred until ACPI AP startup exists (halting on the BSP during `smp::init()` would freeze QEMU bring-up). @@ -74,7 +74,7 @@ Boot smoke: See [VALIDATION_GATES.md](VALIDATION_GATES.md) for gate serial lines. ``` -## LAPIC IPI Send Stub (Phase 89) +## LAPIC IPI Send Stub (Scope 89) `request_tlb_shootdown()` increments `LAPIC_IPI_SEND` for each logical IPI target (`cpus - 1`) in addition to the existing shootdown and ack counters. This is accounting only; no LAPIC ICR MMIO is programmed yet. @@ -84,7 +84,7 @@ Boot smoke: See [VALIDATION_GATES.md](VALIDATION_GATES.md) for gate serial lines. ``` -## Work-Stealing Stub (Phase 97) +## Work-Stealing Stub (Scope 97) When the BSP runqueue is empty (`CPU0_READY == 0`) but CPU1 has work, `try_work_steal()` increments `WORK_STEAL_ATTEMPTS` and logically dequeues from CPU1 (`WORK_STEALS`). This is accounting only; tasks are not migrated. @@ -94,7 +94,7 @@ Boot smoke: See [VALIDATION_GATES.md](VALIDATION_GATES.md) for gate serial lines. ``` -## AP Runnable Enqueue Stub (Phase 98) +## AP Runnable Enqueue Stub (Scope 98) `enqueue_ap_runnable()` enqueues on CPU1 when `CPU_COUNT > 1` and increments `AP_RUNNABLE_ENQUEUED`. Application processors remain parked; no AP scheduler loop or BSP `hlt` in `smp::init()`. @@ -104,7 +104,7 @@ Boot smoke: See [VALIDATION_GATES.md](VALIDATION_GATES.md) for gate serial lines. ``` -## LAPIC ICR Write Stub (Phase 99) +## LAPIC ICR Write Stub (Scope 99) `lapic_icr_send_stub()` records an ICR-low write in `LAPIC_ICR_WRITES` using a discard slot instead of programming real LAPIC MMIO at `0xfee0_0300` (which can hang QEMU bring-up tests). `request_tlb_shootdown()` still only bumps `LAPIC_IPI_SEND` counters. diff --git a/docs/STORAGE.md b/docs/STORAGE.md index 481ec6f..9256f9d 100644 --- a/docs/STORAGE.md +++ b/docs/STORAGE.md @@ -1,6 +1,6 @@ -# Storage Design (Phase 7) +# Storage Design (Scope 7) -AresOS Phase 7 introduced a small persistent storage stack on top of a block-device boundary. Phase 8 mounts that filesystem through a managed block backend so the same filesystem API can run on driver-plumbed storage. +Clan OS Scope 7 introduced a small persistent storage stack on top of a block-device boundary. Scope 8 mounts that filesystem through a managed block backend so the same filesystem API can run on driver-plumbed storage. ## Layers @@ -41,8 +41,8 @@ Primary kernel APIs live in `kernel/src/storage.rs`: - `write_file(path, contents)` - `delete_file(path)` - `info()` -- `phase7_smoke_check()` -- `phase8_smoke_check()` +- `smoke_persistence()` +- `smoke_driver_backend()` ## Shell Commands @@ -58,25 +58,25 @@ Primary kernel APIs live in `kernel/src/storage.rs`: ## Validation ```bash -python scripts/gate/boot.py --phase 7 --timeout 180 +python scripts/gate/boot.py --gate shell_storage --timeout 180 python scripts/validation_matrix.py --soak-duration 30 --latency-duration 30 --boot-wait 90 --smoke-timeout 180 ``` -Boot validation emits `AresOS-BootGate: name=shell_storage ok=true` (see [VALIDATION_GATES.md](VALIDATION_GATES.md)). +Boot validation emits `ClanOS-BootGate: name=shell_storage ok=true` (see [VALIDATION_GATES.md](VALIDATION_GATES.md)). -## Phase 8 Backend +## Scope 8 Backend -By default, runtime storage uses `ManagedBlockDevice`, which delegates sector I/O to the active block backend. Phase 8 registers `qemu-sim-block0` through the block manager as a deterministic driver-backed backend for QEMU validation. +By default, runtime storage uses `ManagedBlockDevice`, which delegates sector I/O to the active block backend. Scope 8 registers `qemu-sim-block0` through the block manager as a deterministic driver-backed backend for QEMU validation. `MemoryBlockDevice` remains available for focused filesystem tests. -## Phases 36, 45–47 +## Scopes 36, 45–47 -- Phase 36 — `ReadFileProbe` / `WriteFileProbe` syscalls copy through validated user buffers. -- Phases 45–46 — FD table maps open files to storage indices (`OpenFile`, `CloseFile`, `ReadFd`, `WriteFd`). See [FILE_DESCRIPTORS.md](FILE_DESCRIPTORS.md). -- Phase 47 — file-backed demand paging reads filesystem pages on user `#PF`. See [DEMAND_PAGING.md](DEMAND_PAGING.md). +- Scope 36 — `ReadFileProbe` / `WriteFileProbe` syscalls copy through validated user buffers. +- Scopes 45–46 — FD table maps open files to storage indices (`OpenFile`, `CloseFile`, `ReadFd`, `WriteFd`). See [FILE_DESCRIPTORS.md](FILE_DESCRIPTORS.md). +- Scope 47 — file-backed demand paging reads filesystem pages on user `#PF`. See [DEMAND_PAGING.md](DEMAND_PAGING.md). -File owner/mode metadata and checked APIs were introduced in Phase 10 ([SECURITY.md](SECURITY.md)). +File owner/mode metadata and checked APIs were introduced in Scope 10 ([SECURITY.md](SECURITY.md)). ## Deferred Work diff --git a/docs/TEMPORAL_SEMANTICS.md b/docs/TEMPORAL_SEMANTICS.md index 63249e8..3ee34e0 100644 --- a/docs/TEMPORAL_SEMANTICS.md +++ b/docs/TEMPORAL_SEMANTICS.md @@ -33,7 +33,7 @@ See: [AXIOMS.md](AXIOMS.md), [RIGHTS_ALGEBRA.md](RIGHTS_ALGEBRA.md), [ABI_IPC.md | Async memory | Message buffer visible after ownership transfer | | Service restart | Peer observes generation bump before new mail accepted | -Phase 1–100 compat paths document **current** behavior in [ABI_SYSCALL.md](ABI_SYSCALL.md); native paths tighten visibility at implementation phases 111+. +Scope 1–100 compat paths document **current** behavior in [ABI_SYSCALL.md](ABI_SYSCALL.md); native paths tighten visibility at implementation scopes 111+. --- @@ -45,7 +45,7 @@ Phase 1–100 compat paths document **current** behavior in [ABI_SYSCALL.md](ABI - **Lazy revoke:** fails at or before next checkpoint (T-01) - **Generation bump:** caps with `generation < current` fail at checkpoint (R-03) -Exact syscall list for native checkpoints is reserved in `ares-semantics-v1` (implementation phase 112+). +Exact syscall list for native checkpoints is reserved in `clan-semantics-v1` (implementation scope 112+). --- @@ -85,7 +85,7 @@ Until full memory-model documentation ships, native cap operations assume: - Cap table mutations serialize per-process or use documented atomics - No observer sees **amplified** rights after another CPU’s delegate (T-03) -Strengthen happens-before story when native cap syscalls land (phase 112+). +Strengthen happens-before story when native cap syscalls land (scope 112+). --- diff --git a/docs/THREAT_MODEL.md b/docs/THREAT_MODEL.md index 7956a70..5b17c2b 100644 --- a/docs/THREAT_MODEL.md +++ b/docs/THREAT_MODEL.md @@ -5,14 +5,14 @@ semantics_version: 1.0.0 > **Canonical:** [`docs/architecture/THREAT_MODEL.md`](architecture/THREAT_MODEL.md). This flat copy retained until migration squash reconciles any differences. -# AresOS Threat Model +# Clan OS Threat Model ```yaml status: authoritative semantics_version: 1.0.0 ``` -Scope: phases 121–150 QEMU-first development. Structured nodes in [`THREAT_NODES.toml`](THREAT_NODES.toml). +Scope: scopes 121–150 QEMU-first development. Structured nodes in [`THREAT_NODES.toml`](THREAT_NODES.toml). See: [`FAULT_ESCALATION.md`](FAULT_ESCALATION.md), [`KERNEL_OBJECT_MODEL.md`](KERNEL_OBJECT_MODEL.md), [`SECURITY.md`](../SECURITY.md). diff --git a/docs/THREAT_NODES.toml b/docs/THREAT_NODES.toml index 08ebe46..8f2d608 100644 --- a/docs/THREAT_NODES.toml +++ b/docs/THREAT_NODES.toml @@ -57,7 +57,7 @@ status = "closed" tier = "A" goals = ["denial_of_service"] surfaces = ["cap_table"] -closing_commit = "service_loader CAP_QUOTA_STUB + phase121 smoke" +closing_commit = "service_loader CAP_QUOTA_STUB + scope121 smoke" depends_on = [] summary = "Cap table quota exhaustion as DoS" diff --git a/docs/UNSAFE_AUDIT.md b/docs/UNSAFE_AUDIT.md index 339ebd0..ecdab75 100644 --- a/docs/UNSAFE_AUDIT.md +++ b/docs/UNSAFE_AUDIT.md @@ -12,7 +12,7 @@ status: authoritative semantics_version: 1.0.0 ``` -Policy for `unsafe` Rust, `extern "C"` FFI, and TCB-adjacent code in the AresOS kernel. +Policy for `unsafe` Rust, `extern "C"` FFI, and TCB-adjacent code in the Clan OS kernel. --- diff --git a/docs/USER_CONTEXT.md b/docs/USER_CONTEXT.md index 7959fb2..eb9994d 100644 --- a/docs/USER_CONTEXT.md +++ b/docs/USER_CONTEXT.md @@ -1,6 +1,6 @@ # User Context Groundwork -Phase 17 prepares descriptor-level user entry contexts. It adds user segment selectors and builds an iret-style frame for a validated image entry point, but it does not enter Ring 3. Phase 18 consumes these descriptors in a controlled trampoline result path. +Scope 17 prepares descriptor-level user entry contexts. It adds user segment selectors and builds an iret-style frame for a validated image entry point, but it does not enter Ring 3. Scope 18 consumes these descriptors in a controlled trampoline result path. ## Context Contents @@ -16,7 +16,7 @@ A `UserContextDescriptor` records: - selector and entry readiness flags - whether Ring 3 was entered -`ring3_entered` remains false in Phase 17. +`ring3_entered` remains false in Scope 17. ## Loader Flow @@ -44,4 +44,4 @@ See [VALIDATION_GATES.md](VALIDATION_GATES.md) for gate serial lines. ## Safety Boundary -Phase 17 prepares the data needed for a future transition. It does not execute `iretq`, switch CR3, enter Ring 3, or jump to ELF code. Phase 18 adds controlled entry/trap metadata, but still does not run arbitrary ELF code. +Scope 17 prepares the data needed for a future transition. It does not execute `iretq`, switch CR3, enter Ring 3, or jump to ELF code. Scope 18 adds controlled entry/trap metadata, but still does not run arbitrary ELF code. diff --git a/docs/USER_ELF_MVP.md b/docs/USER_ELF_MVP.md index 1f2c3c5..9703f64 100644 --- a/docs/USER_ELF_MVP.md +++ b/docs/USER_ELF_MVP.md @@ -1,6 +1,6 @@ # Minimal User ELF MVP -Phase 20 enables the seeded `/bin/hello` ELF path to complete through the guarded user execution pipeline. It is intentionally narrow: only the known hello image is accepted, and it returns deterministic kernel-recorded output and exit status. +Scope 20 enables the seeded `/bin/hello` ELF path to complete through the guarded user execution pipeline. It is intentionally narrow: only the known hello image is accepted, and it returns deterministic kernel-recorded output and exit status. ## Execution Flow @@ -37,12 +37,12 @@ See [VALIDATION_GATES.md](VALIDATION_GATES.md) for gate serial lines. ## Safety Boundary -Phase 20 is a minimal MVP for the seeded hello image. +Scope 20 is a minimal MVP for the seeded hello image. -Later phases extend the same pipeline: +Later scopes extend the same pipeline: -- Phases 28–29 — hardware hello and allowlisted `hello` / `exit42` -- Phase 37 — manifest-discovered ELF images including `tickprobe` -- Phase 43 — `trust=system` execution without name allowlist (see [SECURITY.md](SECURITY.md)) +- Scopes 28–29 — hardware hello and allowlisted `hello` / `exit42` +- Scope 37 — manifest-discovered ELF images including `tickprobe` +- Scope 43 — `trust=system` execution without name allowlist (see [SECURITY.md](SECURITY.md)) Arbitrary unsigned user ELFs, full dynamic linking, and production isolation remain deferred. See [SHARED_LIBRARIES.md](SHARED_LIBRARIES.md) and [USER_PAGE_TABLES.md](USER_PAGE_TABLES.md). diff --git a/docs/USER_PAGE_TABLES.md b/docs/USER_PAGE_TABLES.md index f403f26..512e9c3 100644 --- a/docs/USER_PAGE_TABLES.md +++ b/docs/USER_PAGE_TABLES.md @@ -1,6 +1,6 @@ # Inactive User Page Tables -Phase 16 builds inactive user page-table descriptors from Phase 15 frame-backed images. These descriptors model the virtual-to-physical mappings a future CR3 switch would use, but they do not switch CR3 or execute user code. Phase 17 uses them to construct user entry frames. +Scope 16 builds inactive user page-table descriptors from Scope 15 frame-backed images. These descriptors model the virtual-to-physical mappings a future CR3 switch would use, but they do not switch CR3 or execute user code. Scope 17 uses them to construct user entry frames. ## Table Contents @@ -15,7 +15,7 @@ An `InactiveUserPageTable` records: - whether required kernel mappings are shared - whether the table is ready for CR3 switching -Phase 16 keeps `cr3_switch_ready=false`; later phases will add entry and switch mechanics. +Scope 16 keeps `cr3_switch_ready=false`; later scopes will add entry and switch mechanics. ## Loader Flow @@ -43,17 +43,17 @@ See [VALIDATION_GATES.md](VALIDATION_GATES.md) for gate serial lines. ## Safety Boundary -Phase 16 validates translation through descriptor lookup only. It does not install hardware page tables, switch CR3, enter Ring 3, or execute ELF code. Phase 17 adds entry-frame descriptors, but still does not perform the privilege transition. +Scope 16 validates translation through descriptor lookup only. It does not install hardware page tables, switch CR3, enter Ring 3, or execute ELF code. Scope 17 adds entry-frame descriptors, but still does not perform the privilege transition. -## Hardware Page Tables (Phases 21–22) +## Hardware Page Tables (Scopes 21–22) -Phase 21 builds real x86_64 tables from inactive descriptors. Phase 22 activates user CR3 for translation checks without executing user code. +Scope 21 builds real x86_64 tables from inactive descriptors. Scope 22 activates user CR3 for translation checks without executing user code. -## Per-Process CR3 (Phases 30–31) +## Per-Process CR3 (Scopes 30–31) -Phase 30 verifies distinct CR3 values across processes. Phase 31 binds CR3 on preemptive scheduler context switch ([SCHEDULER.md](SCHEDULER.md)). +Scope 30 verifies distinct CR3 values across processes. Scope 31 binds CR3 on preemptive scheduler context switch ([SCHEDULER.md](SCHEDULER.md)). -## W^X Policy (Phase 48) +## W^X Policy (Scope 48) `user_paging` rejects user mappings that combine writable and executable page flags. Demand paging paths must not install W+X pages ([DEMAND_PAGING.md](DEMAND_PAGING.md)). @@ -63,7 +63,7 @@ Boot smoke: See [VALIDATION_GATES.md](VALIDATION_GATES.md) for gate serial lines. ``` -## mprotect (Phase 53) +## mprotect (Scope 53) `Mprotect` allows toggling writable vs read-only on non-executable user pages. Requests that would create writable+executable mappings are rejected. A guard page below the default stack is left unmapped; `probe_stack_guard` records guard probes during smoke. @@ -73,7 +73,7 @@ Boot smoke: See [VALIDATION_GATES.md](VALIDATION_GATES.md) for gate serial lines. ``` -## VMA Registry (Phase 63) +## VMA Registry (Scope 63) Each process keeps a list of `VmaRegion` records (base, length, protection, backing). `mmap` and `munmap` register and remove regions; overlapping mappings are rejected. Anonymous mmap hints advance via `vma::next_anon_hint`. @@ -83,7 +83,7 @@ Boot smoke: See [VALIDATION_GATES.md](VALIDATION_GATES.md) for gate serial lines. ``` -## munmap (Phase 62) +## munmap (Scope 62) `Munmap` unmaps anonymous mmap pages and the read-only file mmap page. Image and executable ranges are rejected. Unmap triggers `smp::request_tlb_shootdown()`. diff --git a/docs/USER_SYSCALLS.md b/docs/USER_SYSCALLS.md index 1e10b2a..3fc0897 100644 --- a/docs/USER_SYSCALLS.md +++ b/docs/USER_SYSCALLS.md @@ -1,6 +1,6 @@ # User Syscall Return ABI -Phase 19 adds a user-facing syscall register-frame ABI. It preserves the existing `invoke_raw` dispatcher and wraps it with user entry and return metadata. Phase 20 uses this controlled ABI as part of the guarded `/bin/hello` ELF MVP. +Scope 19 adds a user-facing syscall register-frame ABI. It preserves the existing `invoke_raw` dispatcher and wraps it with user entry and return metadata. Scope 20 uses this controlled ABI as part of the guarded `/bin/hello` ELF MVP. ## ABI Records @@ -40,13 +40,13 @@ See [VALIDATION_GATES.md](VALIDATION_GATES.md) for gate serial lines. ## Safety Boundary -Phase 19 validates syscall entry/return metadata. It does not yet execute CPU `syscall`/`sysret` instructions or run arbitrary ELF syscall instructions. Phase 20 runs the seeded hello path through the guarded pipeline only. +Scope 19 validates syscall entry/return metadata. It does not yet execute CPU `syscall`/`sysret` instructions or run arbitrary ELF syscall instructions. Scope 20 runs the seeded hello path through the guarded pipeline only. -## Hardware Syscall Table (Phases 25–46) +## Hardware Syscall Table (Scopes 25–46) -Phase 25 enables real `syscall`/`sysret`. Phase 35 registers an allowlist in `user_syscall_hw::ALLOWED_HW_SYSCALLS`. Later phases add: +Scope 25 enables real `syscall`/`sysret`. Scope 35 registers an allowlist in `user_syscall_hw::ALLOWED_HW_SYSCALLS`. Later scopes add: -| ID | Name | Phase | +| ID | Name | Scope | |---:|------|-------| | 1 | `GetTickCount` | 25 | | 60 | `UserCopyProbe` | 26 | diff --git a/docs/VALIDATION_GATES.md b/docs/VALIDATION_GATES.md index ef30979..2297a50 100644 --- a/docs/VALIDATION_GATES.md +++ b/docs/VALIDATION_GATES.md @@ -1,4 +1,4 @@ -# AresOS Validation Gates +# Clan OS Validation Gates @@ -22,13 +22,13 @@ scripts_package: scripts/gate/ -Runtime validation is **gate-based**. Boot no longer emits `PhaseN-*` serial lines. Two gate families run sequentially at boot: +Runtime validation is **gate-based**. Boot no longer emits `numbered boot serial` serial lines. Two gate families run sequentially at boot: -1. **Boot gate** (phases 6–150 scope) → `AresOS-BootGate: …` +1. **Boot gate** (boot subsystems scope) → `ClanOS-BootGate: …` -2. **System gate** (epochs 7–20 / M500 scope) → `AresOS-Gate: …` + `AresOS-SystemGate: …` +2. **System gate** (epochs 7–20 / M500 scope) → `ClanOS-Gate: …` + `ClanOS-SystemGate: …` @@ -60,57 +60,57 @@ Legacy shims at `scripts/gate/boot.py` etc. forward to `scripts/gate/` and remai -| Gate | Phase scope | Serial line | +| Gate | Legacy milestone (docs) | Serial line | |------|-------------|-------------| -| `shell_storage` | 6–8 | `AresOS-BootGate: name=shell_storage ok=true` | +| `shell_storage` | 6–8 | `ClanOS-BootGate: name=shell_storage ok=true` | -| `loader_security` | 9–13 | `AresOS-BootGate: name=loader_security ok=true` | +| `loader_security` | 9–13 | `ClanOS-BootGate: name=loader_security ok=true` | -| `memory_layout` | 14–16 | `AresOS-BootGate: name=memory_layout ok=true` | +| `memory_layout` | 14–16 | `ClanOS-BootGate: name=memory_layout ok=true` | -| `userspace_bootstrap` | 17–20 | `AresOS-BootGate: name=userspace_bootstrap ok=true` | +| `userspace_bootstrap` | 17–20 | `ClanOS-BootGate: name=userspace_bootstrap ok=true` | -| `hw_paging` | 21–30 | `AresOS-BootGate: name=hw_paging ok=true` | +| `hw_paging` | 21–30 | `ClanOS-BootGate: name=hw_paging ok=true` | -| `sched_userspace` | 31–40 | `AresOS-BootGate: name=sched_userspace ok=true` | +| `sched_userspace` | 31–40 | `ClanOS-BootGate: name=sched_userspace ok=true` | -| `dynamic_runtime` | 41–50 | `AresOS-BootGate: name=dynamic_runtime ok=true` | +| `dynamic_runtime` | 41–50 | `ClanOS-BootGate: name=dynamic_runtime ok=true` | -| `fd_mmap` | 51–60 | `AresOS-BootGate: name=fd_mmap ok=true` | +| `fd_mmap` | 51–60 | `ClanOS-BootGate: name=fd_mmap ok=true` | -| `vm_fork` | 61–70 | `AresOS-BootGate: name=vm_fork ok=true` | +| `vm_fork` | 61–70 | `ClanOS-BootGate: name=vm_fork ok=true` | -| `syscall_ring3` | 71–80 | `AresOS-BootGate: name=syscall_ring3 ok=true` | +| `syscall_ring3` | 71–80 | `ClanOS-BootGate: name=syscall_ring3 ok=true` | -| `path_exec` | 81–90 | `AresOS-BootGate: name=path_exec ok=true` | +| `path_exec` | 81–90 | `ClanOS-BootGate: name=path_exec ok=true` | -| `smp_depth` | 91–100 | `AresOS-BootGate: name=smp_depth ok=true` | +| `smp_depth` | 91–100 | `ClanOS-BootGate: name=smp_depth ok=true` | -| `constitutional` | 110 | `AresOS-BootGate: name=constitutional ok=true` | +| `constitutional` | 110 | `ClanOS-BootGate: name=constitutional ok=true` | -| `capabilities` | 120 | `AresOS-BootGate: name=capabilities ok=true` | +| `capabilities` | 120 | `ClanOS-BootGate: name=capabilities ok=true` | -| `service_loader` | 121 | `AresOS-BootGate: name=service_loader ok=true` | +| `service_loader` | 121 | `ClanOS-BootGate: name=service_loader ok=true` | -| `platform_brokers` | 130 | `AresOS-BootGate: name=platform_brokers ok=true` | +| `platform_brokers` | 130 | `ClanOS-BootGate: name=platform_brokers ok=true` | -| `build_endpoints` | 131–140 | `AresOS-BootGate: name=build_endpoints ok=true` | +| `build_endpoints` | 131–140 | `ClanOS-BootGate: name=build_endpoints ok=true` | -| `virtio_blk` | 201 | `AresOS-BootGate: name=virtio_blk ok=true` | +| `virtio_blk` | 201 | `ClanOS-BootGate: name=virtio_blk ok=true` | -| `network_compat` | 404 | `AresOS-BootGate: name=network_compat ok=true` | +| `network_compat` | 404 | `ClanOS-BootGate: name=network_compat ok=true` | -| `scheduler_epoch` | 149 | `AresOS-BootGate: name=scheduler_epoch ok=true` | +| `scheduler_epoch` | 149 | `ClanOS-BootGate: name=scheduler_epoch ok=true` | -| `boundary` | 150 | `AresOS-BootGate: name=boundary ok=true` | +| `boundary` | 150 | `ClanOS-BootGate: name=boundary ok=true` | -| **boot** (summary) | all above | `AresOS-BootGate: ok=true` | +| **boot** (summary) | all above | `ClanOS-BootGate: ok=true` | -Legacy phase numbers: `python scripts/gate/legacy.py --phase N` or `scripts/gate/boot.py --phase N`. +Historical scope indices map to gates via `scripts/gate/map.py` (`gate_for_scope`). Prefer `python scripts/gate/boot.py --gate <name>` or `python scripts/gate/system.py --gate <name>`. @@ -118,45 +118,67 @@ Legacy phase numbers: `python scripts/gate/legacy.py --phase N` or `scripts/gate -| Gate | Former milestone | Serial line | +| Gate | Role | Serial line | -|------|------------------|-------------| +|------|------|-------------| -| `integrity` | Phase 175 / epoch 7 | `AresOS-Gate: name=integrity ok=true` | +| `integrity` | Build integrity, audit, OOM | `ClanOS-Gate: name=integrity ok=true` | -| `scheduling` | Phase 200 | `AresOS-Gate: name=scheduling ok=true` | +| `scheduling` | Unified service scheduling | `ClanOS-Gate: name=scheduling ok=true` | -| `hardware` | Phase 250 | `AresOS-Gate: name=hardware ok=true` | +| `hardware` | Virtio + SDK path | `ClanOS-Gate: name=hardware ok=true` | -| `federation` | Phase 300 | `AresOS-Gate: name=federation ok=true` | +| `federation` | Federation + observability | `ClanOS-Gate: name=federation ok=true` | -| `release` | Phase 350 | `AresOS-Gate: name=release ok=true` | +| `release` | Checkpoint, scorecard | `ClanOS-Gate: name=release ok=true` | -| `desktop_preview` | Phase 351 | `AresOS-Gate: name=desktop_preview ok=true` | +| `desktop_preview` | Compositor preview | `ClanOS-Gate: name=desktop_preview ok=true` | -| `desktop` | Phase 375 | `AresOS-Gate: name=desktop ok=true` | +| `desktop` | Full desktop stack | `ClanOS-Gate: name=desktop ok=true` | -| `functional` | Phase 400 | `AresOS-Gate: name=functional ok=true` | -| `ci` | Phase 425 | `AresOS-Gate: name=ci ok=true` | -| `production` | Phase 450 | `AresOS-Gate: name=production ok=true` | -| `network` | Phase 475 | `AresOS-Gate: name=network ok=true` | -| **system** (summary) | Phase 500 | `AresOS-SystemGate: ok=true` | -Milestone phases: `scripts/gate/system.py --phase N` or `--gate <name>`. +| `compat_runtime` | Ring-3 clan-rt corpus | `ClanOS-Gate: name=compat_runtime ok=true` | +| `compat_fd_vm` | FD / mmap / CoW | `ClanOS-Gate: name=compat_fd_vm ok=true` | +| `compat_signal` | Signal skeleton + delivery | `ClanOS-Gate: name=compat_signal ok=true` | +| `storage_depth` | Buddy / VFS / ext2 | `ClanOS-Gate: name=storage_depth ok=true` | +| `posix_compat` | POSIX server skeleton | `ClanOS-Gate: name=posix_compat ok=true` | -## Phase 5 (preemption) -Not part of either gate serial surface. Validated via: + + +| **system** (summary) | all above | `ClanOS-SystemGate: ok=true` | + + + +Use `scripts/gate/system.py --gate <name>` for individual subsystems. + + + +## Preemption validation + + + +Not part of boot/system gate serial lines. Kernel emits: + + + +- `ClanOS-Preemption: name=fairness T1=… T2=… T3=… T4=… score=…` + +- `ClanOS-Preemption: name=latency ticks=… req=… est_ms=…` + + + +Requires `cargo run -p kernel --features preemption` (context lab; CI only). @@ -170,19 +192,15 @@ python scripts/preemption/latency.py --boot-wait 90 --duration 30 -Or `scripts/validation_matrix.py` (includes soak + latency checks). - - - -## Phase checklists (historical) +Or `scripts/validation_matrix.py` (`preemption-soak-check`, `preemption-latency-check`). -Per-phase checklists under `docs/phase-*-checklist.md` record **implementation scope** for completed work. They are not the runtime validation surface. Use this document and `scripts/gate/` for CI and QEMU smokes. +## Scope checklists (historical) -Phases 1–4 fold into boot gate indirectly once phase 6+ subsystems run. +Per-scope checklists under `docs/scope-*-checklist.md` record **implementation scope** for completed work. They are not the runtime validation surface. Use this document and `scripts/gate/` for CI and QEMU smokes. @@ -204,11 +222,11 @@ Phases 1–4 fold into boot gate indirectly once phase 6+ subsystems run. | `system-gate-check` | `scripts/gate/system.py --gate system` | -| `phase401-ares-rt-check` | `scripts/gate/ares_rt.py` | +| `compat-subsystems-host-check` | `scripts/gate/compat_subsystems.py` | -| `phase5-soak-check` | `scripts/preemption/soak.py` | +| `preemption-soak-check` | `scripts/preemption/soak.py` | -| `phase5-latency-check` | `scripts/preemption/latency.py` | +| `preemption-latency-check` | `scripts/preemption/latency.py` | diff --git a/docs/WIRE_SCHEMA_REGISTRY.md b/docs/WIRE_SCHEMA_REGISTRY.md index 60d1e15..95189cd 100644 --- a/docs/WIRE_SCHEMA_REGISTRY.md +++ b/docs/WIRE_SCHEMA_REGISTRY.md @@ -22,9 +22,9 @@ Versioned binary schemas for audit, errors, IPC, and cap serialization. |-----------|---------|----------|--------| | `error.v1` | 1 | ERROR_TAXONOMY.md | epoch 1 stub | | `audit.v1` | 1 | AUDIT_SUBSYSTEM.md | epoch 1 — chain hash | -| `ipc.interim.v1` | 1 | IPC_INTERIM_BRIDGE.md | phases 122–133 | +| `ipc.interim.v1` | 1 | IPC_INTERIM_BRIDGE.md | scopes 122–133 | | `cap.wire.v1` | 1 | KERNEL_OBJECT_MODEL.md | stub | -| `oom.shed.stub.v1` | 1 | phase 121 | never-stabilize | +| `oom.shed.stub.v1` | 1 | scope 121 | never-stabilize | Each record carries `error_schema_version` or equivalent on wire. diff --git a/docs/architecture/ARCHITECTURE_TARGETS.md b/docs/architecture/ARCHITECTURE_TARGETS.md index b539571..590980a 100644 --- a/docs/architecture/ARCHITECTURE_TARGETS.md +++ b/docs/architecture/ARCHITECTURE_TARGETS.md @@ -22,7 +22,7 @@ semantics_version: 1.0.0 ## QEMU -Versioned config script: [`scripts/qemu/x86_64-config.ps1`](../scripts/qemu/x86_64-config.ps1) (v1 — virtio-blk-pci, `-smp 2`). SMP enabled phases 141+. +Versioned config script: [`scripts/qemu/x86_64-config.ps1`](../scripts/qemu/x86_64-config.ps1) (v1 — virtio-blk-pci, `-smp 2`). SMP enabled scopes 141+. --- diff --git a/docs/architecture/AUDIT_SUBSYSTEM.md b/docs/architecture/AUDIT_SUBSYSTEM.md index 900033c..25e9be5 100644 --- a/docs/architecture/AUDIT_SUBSYSTEM.md +++ b/docs/architecture/AUDIT_SUBSYSTEM.md @@ -31,7 +31,7 @@ Threat node: `T-audit-tamper`. ## Epoch 0 positions -- Bootstrap unaudited window scoped explicitly at phase 121 implementation +- Bootstrap unaudited window scoped explicitly at scope 121 implementation - Forensic admissibility assumptions in `DESIGN_NORTH_STAR.md` - Covert channel via audit throughput: deferred node `T-audit-covert-channel` diff --git a/docs/architecture/COMPAT_ISOLATION.md b/docs/architecture/COMPAT_ISOLATION.md index fc38d34..f3b701e 100644 --- a/docs/architecture/COMPAT_ISOLATION.md +++ b/docs/architecture/COMPAT_ISOLATION.md @@ -19,15 +19,15 @@ Threat node: `T-compat-shim-escape`. ## Policy - Compat syscalls operate on **per-caller FD sessions** — no ambient shim capability -- Path broker (phase 115) is **compat-only** — no parallel native handle type (G1) +- Path broker (scope 115) is **compat-only** — no parallel native handle type (G1) - `compat-internal` IPC bridge is **not** PipeLite (A5) and **not** native truth -- Native processes cannot enumerate global namespace (phase 117) +- Native processes cannot enumerate global namespace (scope 117) --- ## Broker boundary -Platform brokers mint caps only via documented grant paths (`storage_broker`, `permission_broker`). Compat ELF loading unchanged (phase 119 bridge). +Platform brokers mint caps only via documented grant paths (`storage_broker`, `permission_broker`). Compat ELF loading unchanged (scope 119 bridge). --- diff --git a/docs/architecture/DESIGN_NORTH_STAR.md b/docs/architecture/DESIGN_NORTH_STAR.md index a999ede..e387cd6 100644 --- a/docs/architecture/DESIGN_NORTH_STAR.md +++ b/docs/architecture/DESIGN_NORTH_STAR.md @@ -7,7 +7,7 @@ epoch: 0 authored_by: architecture ``` -Non-negotiable design principles for AresOS. Deviations require charter amendment and ADR. +Non-negotiable design principles for Clan OS. Deviations require charter amendment and ADR. --- @@ -58,9 +58,9 @@ Rationale: seL4-class isolation, Linux-class driver crash containment, tractable ## Filesystem -- **AresFS** native: CoW B-trees, crash consistency without journaling. +- **ClanFS** native: CoW B-trees, crash consistency without journaling. - Path-scoped FsNode capabilities — no ambient traversal. -- POSIX compat as untrusted translation layer above AresFS. +- POSIX compat as untrusted translation layer above ClanFS. --- diff --git a/docs/architecture/FAULT_ESCALATION.md b/docs/architecture/FAULT_ESCALATION.md index a6a6dd2..1805318 100644 --- a/docs/architecture/FAULT_ESCALATION.md +++ b/docs/architecture/FAULT_ESCALATION.md @@ -91,7 +91,7 @@ Tier-3 halt/reboot: deliver terminal to active IPC callers before halt (max time | State | Milestone 150 | |-------|---------------| -| **Suspend** (phase 147) | Frozen-in-memory; no persistent checkpoint | +| **Suspend** (scope 147) | Frozen-in-memory; no persistent checkpoint | | **Checkpoint/restore** | Out of scope until post-150 | ### Suspend/resume policy diff --git a/docs/architecture/KERNEL_OBJECT_MODEL.md b/docs/architecture/KERNEL_OBJECT_MODEL.md index 51fe3e1..7dac1d6 100644 --- a/docs/architecture/KERNEL_OBJECT_MODEL.md +++ b/docs/architecture/KERNEL_OBJECT_MODEL.md @@ -9,15 +9,15 @@ authored_by: kernel Universal kernel object lifecycle, handle semantics, and per-kind state machines. Canonical location for the model formerly at `docs/KERNEL_OBJECT_MODEL.md` (flat copy superseded-by this path). -**Gate G1** — phases **115+** must not introduce new handle semantics without charter revision. +**Gate G1** — scopes **115+** must not introduce new handle semantics without charter revision. -Phase **110** constitutional default: **immutable object identity + generation invalidation**. +Scope **110** constitutional default: **immutable object identity + generation invalidation**. See: [SECURITY_MODEL.md](SECURITY_MODEL.md), [../AXIOMS.md](../AXIOMS.md), [../RIGHTS_ALGEBRA.md](../RIGHTS_ALGEBRA.md), [../SEMANTIC_SPECS.md](../SEMANTIC_SPECS.md) (R-03, E-03, T-02), [../GENERATION_COUNTER.md](../GENERATION_COUNTER.md), [../CAP_REGISTRY.toml](../CAP_REGISTRY.toml). --- -## Design decision (phase 110) +## Design decision (scope 110) **Adopted:** each kernel object has a stable `ObjectId` and a monotonic **generation** counter. Authority changes invalidate derived capabilities via generation bump — not in-place mutation of object rights. @@ -104,7 +104,7 @@ Registry ground truth: [CAP_REGISTRY.toml](../CAP_REGISTRY.toml) ↔ kernel cap 4. **Revoke** — generation bump and/or slot invalidation per [TEMPORAL_SEMANTICS.md](../TEMPORAL_SEMANTICS.md) 5. **Close** — drop handle slot; may not destroy object if other caps exist -Phase 115 **path broker** uses compat handles only — must not add a parallel handle type. +Scope 115 **path broker** uses compat handles only — must not add a parallel handle type. --- @@ -252,9 +252,9 @@ Once a cap kind graduates the never-stabilize list (`never_stabilize_graduated.t --- -## Implementation phases (historical) +## Implementation scopes (historical) -| Phase | Work | +| Scope | Work | |------:|------| | 111 | `CapHandle` → `KernelObject` ref, single table | | 112–113 | Lifecycle syscalls (G2) | @@ -287,7 +287,7 @@ Once a cap kind graduates the never-stabilize list (`never_stabilize_graduated.t - Tier B Kani: transfer atomicity, generation uniqueness, revocation window (`transfer_toctou_check.py`). - Tier A proptest: rights composition laws (`proof-rights`). -- Integration: phase 121+ smokes, cap ceremony. +- Integration: scope 121+ smokes, cap ceremony. --- diff --git a/docs/architecture/README.md b/docs/architecture/README.md index 88fa166..c4fa5f2 100644 --- a/docs/architecture/README.md +++ b/docs/architecture/README.md @@ -7,7 +7,7 @@ epoch: 14 authored_by: architecture ``` -Canonical architecture docs live here per the AresOS repository structure spec. During the M400 era, many authoritative specs remain at flat `docs/*.md` paths; this directory is the migration target. Cross-references in new docs should prefer paths under `docs/architecture/`. +Canonical architecture docs live here per the Clan OS repository structure spec. During the M400 era, many authoritative specs remain at flat `docs/*.md` paths; this directory is the migration target. Cross-references in new docs should prefer paths under `docs/architecture/`. ## Authoritative in this directory diff --git a/docs/architecture/RIGHTS_ALGEBRA.md b/docs/architecture/RIGHTS_ALGEBRA.md index 1064f67..969c263 100644 --- a/docs/architecture/RIGHTS_ALGEBRA.md +++ b/docs/architecture/RIGHTS_ALGEBRA.md @@ -7,7 +7,7 @@ epoch: 0 authored_by: kernel ``` -**Gate G2** — phases **112–113** cap lifecycle implementation blocked until this document is signed off at phase 110. +**Gate G2** — scopes **112–113** cap lifecycle implementation blocked until this document is signed off at scope 110. **Epoch 0:** ratified as grounding doc for brokers epoch 1+. Composition laws below require Kani + proptest before epoch 1 brokers. @@ -88,7 +88,7 @@ Must remain coherent under: service death, broker restart, app update, user perm ## Minimization (A10) -Prefer deriving IPC or storage rules from this algebra rather than parallel subsystem-only "permission" docs. New laws after phase 110 require minimization review in [AXIOMS.md](../AXIOMS.md). +Prefer deriving IPC or storage rules from this algebra rather than parallel subsystem-only "permission" docs. New laws after scope 110 require minimization review in [AXIOMS.md](../AXIOMS.md). --- diff --git a/docs/architecture/SCHEDULING_UNIFIED.md b/docs/architecture/SCHEDULING_UNIFIED.md index 63f3fce..ccb978f 100644 --- a/docs/architecture/SCHEDULING_UNIFIED.md +++ b/docs/architecture/SCHEDULING_UNIFIED.md @@ -12,7 +12,7 @@ status: authoritative semantics_version: 0.1.0-draft ``` -Post-150 service-centric scheduler. Extends [SCHEDULER_MODEL.md](SCHEDULER_MODEL.md). Epoch 8 deliverable (phases 176–200). +Post-150 service-centric scheduler. Extends [SCHEDULER_MODEL.md](SCHEDULER_MODEL.md). Epoch 8 deliverable (scopes 176–200). --- diff --git a/docs/architecture/SECURITY_MODEL.md b/docs/architecture/SECURITY_MODEL.md index 5007420..ffc8c85 100644 --- a/docs/architecture/SECURITY_MODEL.md +++ b/docs/architecture/SECURITY_MODEL.md @@ -7,7 +7,7 @@ epoch: 0 authored_by: security ``` -Overview of the AresOS capability-secured authorization model, attacker taxonomy, and the closure statement defining what "secure" means in the QEMU era through milestone 400. +Overview of the Clan OS capability-secured authorization model, attacker taxonomy, and the closure statement defining what "secure" means in the QEMU era through milestone 400. Cross-references: [KERNEL_OBJECT_MODEL.md](KERNEL_OBJECT_MODEL.md), [../THREAT_MODEL.md](../THREAT_MODEL.md), [../THREAT_NODES.toml](../THREAT_NODES.toml), [../RIGHTS_ALGEBRA.md](../RIGHTS_ALGEBRA.md), [../FAULT_ESCALATION.md](../FAULT_ESCALATION.md). @@ -15,7 +15,7 @@ Cross-references: [KERNEL_OBJECT_MODEL.md](KERNEL_OBJECT_MODEL.md), [../THREAT_M ## Overview -AresOS uses an **object-capability model** as the sole kernel authorization mechanism. There is no ambient authority: every operation on every kernel object requires a capability with sufficient rights. DAC permission bits exist only in the POSIX compatibility server, not in the kernel. +Clan OS uses an **object-capability model** as the sole kernel authorization mechanism. There is no ambient authority: every operation on every kernel object requires a capability with sufficient rights. DAC permission bits exist only in the POSIX compatibility server, not in the kernel. Capabilities are unforgeable references `(object_id, kind, generation, rights)` indexed through per-process capability tables. The kernel never accepts a capability value from userspace without table lookup and generation validation. @@ -132,7 +132,7 @@ All security errors map to `docs/ERROR_TAXONOMY.md` classes. Terminal errors on ## Closure statement (QEMU era through M400) -**"Secure" for AresOS in the QEMU development era means:** +**"Secure" for Clan OS in the QEMU development era means:** 1. Every kernel object operation is capability-mediated with generation-checked lookup. 2. No known open threat nodes in `THREAT_NODES.toml` for in-scope attacker classes. diff --git a/docs/architecture/TEMPORAL_SEMANTICS.md b/docs/architecture/TEMPORAL_SEMANTICS.md index 4dc2614..01ffbfb 100644 --- a/docs/architecture/TEMPORAL_SEMANTICS.md +++ b/docs/architecture/TEMPORAL_SEMANTICS.md @@ -33,7 +33,7 @@ See: [AXIOMS.md](AXIOMS.md), [RIGHTS_ALGEBRA.md](RIGHTS_ALGEBRA.md), [ABI_IPC.md | Async memory | Message buffer visible after ownership transfer | | Service restart | Peer observes generation bump before new mail accepted | -Phase 1–100 compat paths document **current** behavior in [ABI_SYSCALL.md](ABI_SYSCALL.md); native paths tighten visibility at implementation phases 111+. +Scope 1–100 compat paths document **current** behavior in [ABI_SYSCALL.md](ABI_SYSCALL.md); native paths tighten visibility at implementation scopes 111+. --- @@ -45,7 +45,7 @@ Phase 1–100 compat paths document **current** behavior in [ABI_SYSCALL.md](ABI - **Lazy revoke:** fails at or before next checkpoint (T-01) - **Generation bump:** caps with `generation < current` fail at checkpoint (R-03) -Exact syscall list for native checkpoints is reserved in `ares-semantics-v1` (implementation phase 112+). +Exact syscall list for native checkpoints is reserved in `clan-semantics-v1` (implementation scope 112+). --- @@ -85,7 +85,7 @@ Until full memory-model documentation ships, native cap operations assume: - Cap table mutations serialize per-process or use documented atomics - No observer sees **amplified** rights after another CPU’s delegate (T-03) -Strengthen happens-before story when native cap syscalls land (phase 112+). +Strengthen happens-before story when native cap syscalls land (scope 112+). --- diff --git a/docs/architecture/THREAT_MODEL.md b/docs/architecture/THREAT_MODEL.md index 850b649..cd2754e 100644 --- a/docs/architecture/THREAT_MODEL.md +++ b/docs/architecture/THREAT_MODEL.md @@ -1,4 +1,4 @@ -# AresOS Threat Model +# Clan OS Threat Model ```yaml status: authoritative @@ -12,7 +12,7 @@ status: authoritative semantics_version: 1.0.0 ``` -Scope: phases 121–150 QEMU-first development. Structured nodes in [`THREAT_NODES.toml`](THREAT_NODES.toml). +Scope: scopes 121–150 QEMU-first development. Structured nodes in [`THREAT_NODES.toml`](THREAT_NODES.toml). See: [`FAULT_ESCALATION.md`](FAULT_ESCALATION.md), [`KERNEL_OBJECT_MODEL.md`](KERNEL_OBJECT_MODEL.md), [`SECURITY.md`](../SECURITY.md). diff --git a/docs/epoch-10-graduation.md b/docs/epoch-10-graduation.md index a06c7b4..34bfec8 100644 --- a/docs/epoch-10-graduation.md +++ b/docs/epoch-10-graduation.md @@ -1,6 +1,6 @@ # Epoch 10 Graduation (M250 path) -- Native SDK: `sdk_smoke_check.py` (userland + ABI_ARES_RT) +- Native SDK: `sdk_smoke_check.py` (userland + ABI_CLAN_RT) - Hardware transition: `hardware_smoke_check.py` (architecture_state + ARCHITECTURE_TARGETS) - Boot attestation gap deferred with documented trigger in ARCHITECTURE_TARGETS - `AUDIT_REQUIRED=1` enables mandatory cargo-audit in CI diff --git a/docs/phase-123-checklist.md b/docs/phase-123-checklist.md deleted file mode 100644 index 4ce82b1..0000000 --- a/docs/phase-123-checklist.md +++ /dev/null @@ -1,27 +0,0 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. - -# Phase 123 Checklist: Permission Broker - -## Layer -platform - -## Tag -native - -## Mode -future implementation - -## Scope - -- [ ] Deliverable: ares-native-v1 -- [ ] Consistent with [AXIOMS.md](AXIOMS.md) -- [ ] Listed in [ROADMAP_POST100.md](ROADMAP_POST100.md) - -## Validation - -- [ ] Phases 101–110: documentation review (no kernel change required) -- [ ] Phases 111+: `cargo check -p kernel` + smoke script TBD - -## Deferred - -- See [ROADMAP_POST100.md](ROADMAP_POST100.md) and [AXIOMS.md](AXIOMS.md) gates. diff --git a/docs/phase-131-checklist.md b/docs/phase-131-checklist.md deleted file mode 100644 index 0a7299f..0000000 --- a/docs/phase-131-checklist.md +++ /dev/null @@ -1,27 +0,0 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. - -# Phase 131 Checklist: System Image Identity Epochs - -## Layer -platform - -## Tag -native - -## Mode -future implementation - -## Scope - -- [ ] Deliverable: -- [ ] Consistent with [AXIOMS.md](AXIOMS.md) -- [ ] Listed in [ROADMAP_POST100.md](ROADMAP_POST100.md) - -## Validation - -- [ ] Phases 101–110: documentation review (no kernel change required) -- [ ] Phases 111+: `cargo check -p kernel` + smoke script TBD - -## Deferred - -- See [ROADMAP_POST100.md](ROADMAP_POST100.md) and [AXIOMS.md](AXIOMS.md) gates. diff --git a/docs/phase-135-checklist.md b/docs/phase-135-checklist.md deleted file mode 100644 index 43b21d1..0000000 --- a/docs/phase-135-checklist.md +++ /dev/null @@ -1,27 +0,0 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. - -# Phase 135 Checklist: Mailbox Structured Cancel - -## Layer -kernel - -## Tag -native - -## Mode -future implementation - -## Scope - -- [ ] Deliverable: -- [ ] Consistent with [AXIOMS.md](AXIOMS.md) -- [ ] Listed in [ROADMAP_POST100.md](ROADMAP_POST100.md) - -## Validation - -- [ ] Phases 101–110: documentation review (no kernel change required) -- [ ] Phases 111+: `cargo check -p kernel` + smoke script TBD - -## Deferred - -- See [ROADMAP_POST100.md](ROADMAP_POST100.md) and [AXIOMS.md](AXIOMS.md) gates. diff --git a/docs/phase-144-checklist.md b/docs/phase-144-checklist.md deleted file mode 100644 index e3188c3..0000000 --- a/docs/phase-144-checklist.md +++ /dev/null @@ -1,27 +0,0 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. - -# Phase 144 Checklist: Userspace Driver Host - -## Layer -platform - -## Tag -native - -## Mode -future implementation - -## Scope - -- [ ] Deliverable: -- [ ] Consistent with [AXIOMS.md](AXIOMS.md) -- [ ] Listed in [ROADMAP_POST100.md](ROADMAP_POST100.md) - -## Validation - -- [ ] Phases 101–110: documentation review (no kernel change required) -- [ ] Phases 111+: `cargo check -p kernel` + smoke script TBD - -## Deferred - -- See [ROADMAP_POST100.md](ROADMAP_POST100.md) and [AXIOMS.md](AXIOMS.md) gates. diff --git a/docs/phase-145-checklist.md b/docs/phase-145-checklist.md deleted file mode 100644 index 1a993f6..0000000 --- a/docs/phase-145-checklist.md +++ /dev/null @@ -1,27 +0,0 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. - -# Phase 145 Checklist: Compositor GPU Isolation - -## Layer -platform - -## Tag -native - -## Mode -future implementation - -## Scope - -- [ ] Deliverable: -- [ ] Consistent with [AXIOMS.md](AXIOMS.md) -- [ ] Listed in [ROADMAP_POST100.md](ROADMAP_POST100.md) - -## Validation - -- [ ] Phases 101–110: documentation review (no kernel change required) -- [ ] Phases 111+: `cargo check -p kernel` + smoke script TBD - -## Deferred - -- See [ROADMAP_POST100.md](ROADMAP_POST100.md) and [AXIOMS.md](AXIOMS.md) gates. diff --git a/docs/phase-146-checklist.md b/docs/phase-146-checklist.md deleted file mode 100644 index 7dcd3e9..0000000 --- a/docs/phase-146-checklist.md +++ /dev/null @@ -1,27 +0,0 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. - -# Phase 146 Checklist: DMA Cap IOMMU Narrative - -## Layer -kernel - -## Tag -native - -## Mode -future implementation - -## Scope - -- [ ] Deliverable: -- [ ] Consistent with [AXIOMS.md](AXIOMS.md) -- [ ] Listed in [ROADMAP_POST100.md](ROADMAP_POST100.md) - -## Validation - -- [ ] Phases 101–110: documentation review (no kernel change required) -- [ ] Phases 111+: `cargo check -p kernel` + smoke script TBD - -## Deferred - -- See [ROADMAP_POST100.md](ROADMAP_POST100.md) and [AXIOMS.md](AXIOMS.md) gates. diff --git a/docs/phase-147-checklist.md b/docs/phase-147-checklist.md deleted file mode 100644 index 03f29d1..0000000 --- a/docs/phase-147-checklist.md +++ /dev/null @@ -1,27 +0,0 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. - -# Phase 147 Checklist: Memory QoS Per Service - -## Layer -kernel - -## Tag -native - -## Mode -future implementation - -## Scope - -- [ ] Deliverable: -- [ ] Consistent with [AXIOMS.md](AXIOMS.md) -- [ ] Listed in [ROADMAP_POST100.md](ROADMAP_POST100.md) - -## Validation - -- [ ] Phases 101–110: documentation review (no kernel change required) -- [ ] Phases 111+: `cargo check -p kernel` + smoke script TBD - -## Deferred - -- See [ROADMAP_POST100.md](ROADMAP_POST100.md) and [AXIOMS.md](AXIOMS.md) gates. diff --git a/docs/phase-152-checklist.md b/docs/phase-152-checklist.md deleted file mode 100644 index 94acf67..0000000 --- a/docs/phase-152-checklist.md +++ /dev/null @@ -1,31 +0,0 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. - -# Phase 152 Checklist: Epoch 7 stub graduation phase 152 - -## Layer -kernel - -## Tag -native - -## Mode -implemented - -## Scope - -- [x] Deliverable: ROADMAP_151_350 band 151-175 -- [x] Consistent with [AXIOMS.md](AXIOMS.md) -- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) - -## Validation - -- [x] `cargo check -p kernel` -- [x] Smoke script when phase delivers runtime behavior - -## Deferred - -- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. - -## Completed - -- Phase 152: Loom SESSION_QUEUES harness diff --git a/docs/phase-158-checklist.md b/docs/phase-158-checklist.md deleted file mode 100644 index 253e692..0000000 --- a/docs/phase-158-checklist.md +++ /dev/null @@ -1,31 +0,0 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. - -# Phase 158 Checklist: Epoch 7 stub graduation phase 158 - -## Layer -kernel - -## Tag -native - -## Mode -implemented - -## Scope - -- [x] Deliverable: ROADMAP_151_350 band 151-175 -- [x] Consistent with [AXIOMS.md](AXIOMS.md) -- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) - -## Validation - -- [x] `cargo check -p kernel` -- [x] Smoke script when phase delivers runtime behavior - -## Deferred - -- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. - -## Completed - -- Phase 158: MEM_BUDGET full enforcement diff --git a/docs/phase-159-checklist.md b/docs/phase-159-checklist.md deleted file mode 100644 index 3203510..0000000 --- a/docs/phase-159-checklist.md +++ /dev/null @@ -1,31 +0,0 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. - -# Phase 159 Checklist: Epoch 7 stub graduation phase 159 - -## Layer -kernel - -## Tag -native - -## Mode -implemented - -## Scope - -- [x] Deliverable: ROADMAP_151_350 band 151-175 -- [x] Consistent with [AXIOMS.md](AXIOMS.md) -- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) - -## Validation - -- [x] `cargo check -p kernel` -- [x] Smoke script when phase delivers runtime behavior - -## Deferred - -- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. - -## Completed - -- Phase 159: Cap quota on all mint paths diff --git a/docs/phase-164-checklist.md b/docs/phase-164-checklist.md deleted file mode 100644 index 833aa64..0000000 --- a/docs/phase-164-checklist.md +++ /dev/null @@ -1,31 +0,0 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. - -# Phase 164 Checklist: Epoch 7 stub graduation phase 164 - -## Layer -kernel - -## Tag -native - -## Mode -implemented - -## Scope - -- [x] Deliverable: ROADMAP_151_350 band 151-175 -- [x] Consistent with [AXIOMS.md](AXIOMS.md) -- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) - -## Validation - -- [x] `cargo check -p kernel` -- [x] Smoke script when phase delivers runtime behavior - -## Deferred - -- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. - -## Completed - -- Phase 164: Build integrity production path diff --git a/docs/phase-167-checklist.md b/docs/phase-167-checklist.md deleted file mode 100644 index 5003590..0000000 --- a/docs/phase-167-checklist.md +++ /dev/null @@ -1,31 +0,0 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. - -# Phase 167 Checklist: Epoch 7 stub graduation phase 167 - -## Layer -kernel - -## Tag -native - -## Mode -implemented - -## Scope - -- [x] Deliverable: ROADMAP_151_350 band 151-175 -- [x] Consistent with [AXIOMS.md](AXIOMS.md) -- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) - -## Validation - -- [x] `cargo check -p kernel` -- [x] Smoke script when phase delivers runtime behavior - -## Deferred - -- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. - -## Completed - -- Phase 167: Transfer TOCTOU Kani harness diff --git a/docs/phase-168-checklist.md b/docs/phase-168-checklist.md deleted file mode 100644 index f9c2205..0000000 --- a/docs/phase-168-checklist.md +++ /dev/null @@ -1,31 +0,0 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. - -# Phase 168 Checklist: Epoch 7 stub graduation phase 168 - -## Layer -kernel - -## Tag -native - -## Mode -implemented - -## Scope - -- [x] Deliverable: ROADMAP_151_350 band 151-175 -- [x] Consistent with [AXIOMS.md](AXIOMS.md) -- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) - -## Validation - -- [x] `cargo check -p kernel` -- [x] Smoke script when phase delivers runtime behavior - -## Deferred - -- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. - -## Completed - -- Phase 168: Fuzz corpus graduation diff --git a/docs/phase-171-checklist.md b/docs/phase-171-checklist.md deleted file mode 100644 index 1beecfb..0000000 --- a/docs/phase-171-checklist.md +++ /dev/null @@ -1,31 +0,0 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. - -# Phase 171 Checklist: Epoch 7 stub graduation phase 171 - -## Layer -kernel - -## Tag -native - -## Mode -implemented - -## Scope - -- [x] Deliverable: ROADMAP_151_350 band 151-175 -- [x] Consistent with [AXIOMS.md](AXIOMS.md) -- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) - -## Validation - -- [x] `cargo check -p kernel` -- [x] Smoke script when phase delivers runtime behavior - -## Deferred - -- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. - -## Completed - -- Phase 171: Compat review epoch 7 diff --git a/docs/phase-172-checklist.md b/docs/phase-172-checklist.md deleted file mode 100644 index 7605fae..0000000 --- a/docs/phase-172-checklist.md +++ /dev/null @@ -1,31 +0,0 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. - -# Phase 172 Checklist: Epoch 7 stub graduation phase 172 - -## Layer -kernel - -## Tag -native - -## Mode -implemented - -## Scope - -- [x] Deliverable: ROADMAP_151_350 band 151-175 -- [x] Consistent with [AXIOMS.md](AXIOMS.md) -- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) - -## Validation - -- [x] `cargo check -p kernel` -- [x] Smoke script when phase delivers runtime behavior - -## Deferred - -- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. - -## Completed - -- Phase 172: Benchmark re-baseline diff --git a/docs/phase-173-checklist.md b/docs/phase-173-checklist.md deleted file mode 100644 index 9d8e857..0000000 --- a/docs/phase-173-checklist.md +++ /dev/null @@ -1,31 +0,0 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. - -# Phase 173 Checklist: Epoch 7 stub graduation phase 173 - -## Layer -kernel - -## Tag -native - -## Mode -implemented - -## Scope - -- [x] Deliverable: ROADMAP_151_350 band 151-175 -- [x] Consistent with [AXIOMS.md](AXIOMS.md) -- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) - -## Validation - -- [x] `cargo check -p kernel` -- [x] Smoke script when phase delivers runtime behavior - -## Deferred - -- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. - -## Completed - -- Phase 173: Health dashboard delta diff --git a/docs/phase-174-checklist.md b/docs/phase-174-checklist.md deleted file mode 100644 index 41e1d6e..0000000 --- a/docs/phase-174-checklist.md +++ /dev/null @@ -1,31 +0,0 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. - -# Phase 174 Checklist: Epoch 7 stub graduation phase 174 - -## Layer -kernel - -## Tag -native - -## Mode -implemented - -## Scope - -- [x] Deliverable: ROADMAP_151_350 band 151-175 -- [x] Consistent with [AXIOMS.md](AXIOMS.md) -- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) - -## Validation - -- [x] `cargo check -p kernel` -- [x] Smoke script when phase delivers runtime behavior - -## Deferred - -- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. - -## Completed - -- Phase 174: Epoch 7 integration smoke diff --git a/docs/phase-176-checklist.md b/docs/phase-176-checklist.md deleted file mode 100644 index 4aa6f29..0000000 --- a/docs/phase-176-checklist.md +++ /dev/null @@ -1,31 +0,0 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. - -# Phase 176 Checklist: Epoch 8 scheduling phase 176 - -## Layer -kernel - -## Tag -native - -## Mode -implemented - -## Scope - -- [x] Deliverable: ROADMAP_151_350 band 176-200 -- [x] Consistent with [AXIOMS.md](AXIOMS.md) -- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) - -## Validation - -- [x] `cargo check -p kernel` -- [x] Smoke script when phase delivers runtime behavior - -## Deferred - -- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. - -## Completed - -- Phase 176: Service-centric scheduler S-* (phase 176) diff --git a/docs/phase-177-checklist.md b/docs/phase-177-checklist.md deleted file mode 100644 index baf6e61..0000000 --- a/docs/phase-177-checklist.md +++ /dev/null @@ -1,31 +0,0 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. - -# Phase 177 Checklist: Epoch 8 scheduling phase 177 - -## Layer -kernel - -## Tag -native - -## Mode -implemented - -## Scope - -- [x] Deliverable: ROADMAP_151_350 band 176-200 -- [x] Consistent with [AXIOMS.md](AXIOMS.md) -- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) - -## Validation - -- [x] `cargo check -p kernel` -- [x] Smoke script when phase delivers runtime behavior - -## Deferred - -- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. - -## Completed - -- Phase 177: Service-centric scheduler S-* (phase 177) diff --git a/docs/phase-178-checklist.md b/docs/phase-178-checklist.md deleted file mode 100644 index 7f55c40..0000000 --- a/docs/phase-178-checklist.md +++ /dev/null @@ -1,31 +0,0 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. - -# Phase 178 Checklist: Epoch 8 scheduling phase 178 - -## Layer -kernel - -## Tag -native - -## Mode -implemented - -## Scope - -- [x] Deliverable: ROADMAP_151_350 band 176-200 -- [x] Consistent with [AXIOMS.md](AXIOMS.md) -- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) - -## Validation - -- [x] `cargo check -p kernel` -- [x] Smoke script when phase delivers runtime behavior - -## Deferred - -- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. - -## Completed - -- Phase 178: Service-centric scheduler S-* (phase 178) diff --git a/docs/phase-179-checklist.md b/docs/phase-179-checklist.md deleted file mode 100644 index 5983519..0000000 --- a/docs/phase-179-checklist.md +++ /dev/null @@ -1,31 +0,0 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. - -# Phase 179 Checklist: Epoch 8 scheduling phase 179 - -## Layer -kernel - -## Tag -native - -## Mode -implemented - -## Scope - -- [x] Deliverable: ROADMAP_151_350 band 176-200 -- [x] Consistent with [AXIOMS.md](AXIOMS.md) -- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) - -## Validation - -- [x] `cargo check -p kernel` -- [x] Smoke script when phase delivers runtime behavior - -## Deferred - -- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. - -## Completed - -- Phase 179: Service-centric scheduler S-* (phase 179) diff --git a/docs/phase-180-checklist.md b/docs/phase-180-checklist.md deleted file mode 100644 index 19309ae..0000000 --- a/docs/phase-180-checklist.md +++ /dev/null @@ -1,31 +0,0 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. - -# Phase 180 Checklist: Epoch 8 scheduling phase 180 - -## Layer -kernel - -## Tag -native - -## Mode -implemented - -## Scope - -- [x] Deliverable: ROADMAP_151_350 band 176-200 -- [x] Consistent with [AXIOMS.md](AXIOMS.md) -- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) - -## Validation - -- [x] `cargo check -p kernel` -- [x] Smoke script when phase delivers runtime behavior - -## Deferred - -- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. - -## Completed - -- Phase 180: Service-centric scheduler S-* (phase 180) diff --git a/docs/phase-181-checklist.md b/docs/phase-181-checklist.md deleted file mode 100644 index a5e2c98..0000000 --- a/docs/phase-181-checklist.md +++ /dev/null @@ -1,31 +0,0 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. - -# Phase 181 Checklist: Epoch 8 scheduling phase 181 - -## Layer -kernel - -## Tag -native - -## Mode -implemented - -## Scope - -- [x] Deliverable: ROADMAP_151_350 band 176-200 -- [x] Consistent with [AXIOMS.md](AXIOMS.md) -- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) - -## Validation - -- [x] `cargo check -p kernel` -- [x] Smoke script when phase delivers runtime behavior - -## Deferred - -- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. - -## Completed - -- Phase 181: Meta-semantics M-* precedence (phase 181) diff --git a/docs/phase-182-checklist.md b/docs/phase-182-checklist.md deleted file mode 100644 index ffd4f5e..0000000 --- a/docs/phase-182-checklist.md +++ /dev/null @@ -1,31 +0,0 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. - -# Phase 182 Checklist: Epoch 8 scheduling phase 182 - -## Layer -kernel - -## Tag -native - -## Mode -implemented - -## Scope - -- [x] Deliverable: ROADMAP_151_350 band 176-200 -- [x] Consistent with [AXIOMS.md](AXIOMS.md) -- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) - -## Validation - -- [x] `cargo check -p kernel` -- [x] Smoke script when phase delivers runtime behavior - -## Deferred - -- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. - -## Completed - -- Phase 182: Meta-semantics M-* precedence (phase 182) diff --git a/docs/phase-183-checklist.md b/docs/phase-183-checklist.md deleted file mode 100644 index ee2c727..0000000 --- a/docs/phase-183-checklist.md +++ /dev/null @@ -1,31 +0,0 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. - -# Phase 183 Checklist: Epoch 8 scheduling phase 183 - -## Layer -kernel - -## Tag -native - -## Mode -implemented - -## Scope - -- [x] Deliverable: ROADMAP_151_350 band 176-200 -- [x] Consistent with [AXIOMS.md](AXIOMS.md) -- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) - -## Validation - -- [x] `cargo check -p kernel` -- [x] Smoke script when phase delivers runtime behavior - -## Deferred - -- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. - -## Completed - -- Phase 183: Meta-semantics M-* precedence (phase 183) diff --git a/docs/phase-184-checklist.md b/docs/phase-184-checklist.md deleted file mode 100644 index c455e84..0000000 --- a/docs/phase-184-checklist.md +++ /dev/null @@ -1,31 +0,0 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. - -# Phase 184 Checklist: Epoch 8 scheduling phase 184 - -## Layer -kernel - -## Tag -native - -## Mode -implemented - -## Scope - -- [x] Deliverable: ROADMAP_151_350 band 176-200 -- [x] Consistent with [AXIOMS.md](AXIOMS.md) -- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) - -## Validation - -- [x] `cargo check -p kernel` -- [x] Smoke script when phase delivers runtime behavior - -## Deferred - -- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. - -## Completed - -- Phase 184: Meta-semantics M-* precedence (phase 184) diff --git a/docs/phase-185-checklist.md b/docs/phase-185-checklist.md deleted file mode 100644 index 1616174..0000000 --- a/docs/phase-185-checklist.md +++ /dev/null @@ -1,31 +0,0 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. - -# Phase 185 Checklist: Epoch 8 scheduling phase 185 - -## Layer -kernel - -## Tag -native - -## Mode -implemented - -## Scope - -- [x] Deliverable: ROADMAP_151_350 band 176-200 -- [x] Consistent with [AXIOMS.md](AXIOMS.md) -- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) - -## Validation - -- [x] `cargo check -p kernel` -- [x] Smoke script when phase delivers runtime behavior - -## Deferred - -- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. - -## Completed - -- Phase 185: Meta-semantics M-* precedence (phase 185) diff --git a/docs/phase-190-checklist.md b/docs/phase-190-checklist.md deleted file mode 100644 index 14dde74..0000000 --- a/docs/phase-190-checklist.md +++ /dev/null @@ -1,31 +0,0 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. - -# Phase 190 Checklist: Epoch 8 scheduling phase 190 - -## Layer -kernel - -## Tag -native - -## Mode -implemented - -## Scope - -- [x] Deliverable: ROADMAP_151_350 band 176-200 -- [x] Consistent with [AXIOMS.md](AXIOMS.md) -- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) - -## Validation - -- [x] `cargo check -p kernel` -- [x] Smoke script when phase delivers runtime behavior - -## Deferred - -- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. - -## Completed - -- Phase 190: Semantic lint CI (phase 190) diff --git a/docs/phase-191-checklist.md b/docs/phase-191-checklist.md deleted file mode 100644 index 22ec7fe..0000000 --- a/docs/phase-191-checklist.md +++ /dev/null @@ -1,31 +0,0 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. - -# Phase 191 Checklist: Epoch 8 scheduling phase 191 - -## Layer -kernel - -## Tag -native - -## Mode -implemented - -## Scope - -- [x] Deliverable: ROADMAP_151_350 band 176-200 -- [x] Consistent with [AXIOMS.md](AXIOMS.md) -- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) - -## Validation - -- [x] `cargo check -p kernel` -- [x] Smoke script when phase delivers runtime behavior - -## Deferred - -- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. - -## Completed - -- Phase 191: Full health dashboard (phase 191) diff --git a/docs/phase-192-checklist.md b/docs/phase-192-checklist.md deleted file mode 100644 index 66836b2..0000000 --- a/docs/phase-192-checklist.md +++ /dev/null @@ -1,31 +0,0 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. - -# Phase 192 Checklist: Epoch 8 scheduling phase 192 - -## Layer -kernel - -## Tag -native - -## Mode -implemented - -## Scope - -- [x] Deliverable: ROADMAP_151_350 band 176-200 -- [x] Consistent with [AXIOMS.md](AXIOMS.md) -- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) - -## Validation - -- [x] `cargo check -p kernel` -- [x] Smoke script when phase delivers runtime behavior - -## Deferred - -- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. - -## Completed - -- Phase 192: Full health dashboard (phase 192) diff --git a/docs/phase-193-checklist.md b/docs/phase-193-checklist.md deleted file mode 100644 index 9ddfc68..0000000 --- a/docs/phase-193-checklist.md +++ /dev/null @@ -1,31 +0,0 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. - -# Phase 193 Checklist: Epoch 8 scheduling phase 193 - -## Layer -kernel - -## Tag -native - -## Mode -implemented - -## Scope - -- [x] Deliverable: ROADMAP_151_350 band 176-200 -- [x] Consistent with [AXIOMS.md](AXIOMS.md) -- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) - -## Validation - -- [x] `cargo check -p kernel` -- [x] Smoke script when phase delivers runtime behavior - -## Deferred - -- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. - -## Completed - -- Phase 193: Full health dashboard (phase 193) diff --git a/docs/phase-194-checklist.md b/docs/phase-194-checklist.md deleted file mode 100644 index 44e8abe..0000000 --- a/docs/phase-194-checklist.md +++ /dev/null @@ -1,31 +0,0 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. - -# Phase 194 Checklist: Epoch 8 scheduling phase 194 - -## Layer -kernel - -## Tag -native - -## Mode -implemented - -## Scope - -- [x] Deliverable: ROADMAP_151_350 band 176-200 -- [x] Consistent with [AXIOMS.md](AXIOMS.md) -- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) - -## Validation - -- [x] `cargo check -p kernel` -- [x] Smoke script when phase delivers runtime behavior - -## Deferred - -- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. - -## Completed - -- Phase 194: Full health dashboard (phase 194) diff --git a/docs/phase-195-checklist.md b/docs/phase-195-checklist.md deleted file mode 100644 index 6e98c9a..0000000 --- a/docs/phase-195-checklist.md +++ /dev/null @@ -1,31 +0,0 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. - -# Phase 195 Checklist: Epoch 8 scheduling phase 195 - -## Layer -kernel - -## Tag -native - -## Mode -implemented - -## Scope - -- [x] Deliverable: ROADMAP_151_350 band 176-200 -- [x] Consistent with [AXIOMS.md](AXIOMS.md) -- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) - -## Validation - -- [x] `cargo check -p kernel` -- [x] Smoke script when phase delivers runtime behavior - -## Deferred - -- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. - -## Completed - -- Phase 195: Full health dashboard (phase 195) diff --git a/docs/phase-196-checklist.md b/docs/phase-196-checklist.md deleted file mode 100644 index a68a462..0000000 --- a/docs/phase-196-checklist.md +++ /dev/null @@ -1,31 +0,0 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. - -# Phase 196 Checklist: Epoch 8 scheduling phase 196 - -## Layer -kernel - -## Tag -native - -## Mode -implemented - -## Scope - -- [x] Deliverable: ROADMAP_151_350 band 176-200 -- [x] Consistent with [AXIOMS.md](AXIOMS.md) -- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) - -## Validation - -- [x] `cargo check -p kernel` -- [x] Smoke script when phase delivers runtime behavior - -## Deferred - -- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. - -## Completed - -- Phase 196: Four-layer boundary review II (phase 196) diff --git a/docs/phase-197-checklist.md b/docs/phase-197-checklist.md deleted file mode 100644 index e6280ae..0000000 --- a/docs/phase-197-checklist.md +++ /dev/null @@ -1,31 +0,0 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. - -# Phase 197 Checklist: Epoch 8 scheduling phase 197 - -## Layer -kernel - -## Tag -native - -## Mode -implemented - -## Scope - -- [x] Deliverable: ROADMAP_151_350 band 176-200 -- [x] Consistent with [AXIOMS.md](AXIOMS.md) -- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) - -## Validation - -- [x] `cargo check -p kernel` -- [x] Smoke script when phase delivers runtime behavior - -## Deferred - -- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. - -## Completed - -- Phase 197: Four-layer boundary review II (phase 197) diff --git a/docs/phase-198-checklist.md b/docs/phase-198-checklist.md deleted file mode 100644 index 6e6e777..0000000 --- a/docs/phase-198-checklist.md +++ /dev/null @@ -1,31 +0,0 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. - -# Phase 198 Checklist: Epoch 8 scheduling phase 198 - -## Layer -kernel - -## Tag -native - -## Mode -implemented - -## Scope - -- [x] Deliverable: ROADMAP_151_350 band 176-200 -- [x] Consistent with [AXIOMS.md](AXIOMS.md) -- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) - -## Validation - -- [x] `cargo check -p kernel` -- [x] Smoke script when phase delivers runtime behavior - -## Deferred - -- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. - -## Completed - -- Phase 198: Four-layer boundary review II (phase 198) diff --git a/docs/phase-199-checklist.md b/docs/phase-199-checklist.md deleted file mode 100644 index 264f4e6..0000000 --- a/docs/phase-199-checklist.md +++ /dev/null @@ -1,31 +0,0 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. - -# Phase 199 Checklist: Epoch 8 scheduling phase 199 - -## Layer -kernel - -## Tag -native - -## Mode -implemented - -## Scope - -- [x] Deliverable: ROADMAP_151_350 band 176-200 -- [x] Consistent with [AXIOMS.md](AXIOMS.md) -- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) - -## Validation - -- [x] `cargo check -p kernel` -- [x] Smoke script when phase delivers runtime behavior - -## Deferred - -- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. - -## Completed - -- Phase 199: Four-layer boundary review II (phase 199) diff --git a/docs/phase-201-checklist.md b/docs/phase-201-checklist.md deleted file mode 100644 index e6f8335..0000000 --- a/docs/phase-201-checklist.md +++ /dev/null @@ -1,31 +0,0 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. - -# Phase 201 Checklist: Epoch 9 native SDK phase 201 - -## Layer -platform - -## Tag -native - -## Mode -implemented - -## Scope - -- [x] Deliverable: ROADMAP_151_350 band 201-225 -- [x] Consistent with [AXIOMS.md](AXIOMS.md) -- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) - -## Validation - -- [x] `cargo check -p kernel` -- [x] Smoke script when phase delivers runtime behavior - -## Deferred - -- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. - -## Completed - -- Phase 201: Native SDK / manifest tooling (phase 201) diff --git a/docs/phase-202-checklist.md b/docs/phase-202-checklist.md deleted file mode 100644 index 6a01177..0000000 --- a/docs/phase-202-checklist.md +++ /dev/null @@ -1,31 +0,0 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. - -# Phase 202 Checklist: Epoch 9 native SDK phase 202 - -## Layer -platform - -## Tag -native - -## Mode -implemented - -## Scope - -- [x] Deliverable: ROADMAP_151_350 band 201-225 -- [x] Consistent with [AXIOMS.md](AXIOMS.md) -- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) - -## Validation - -- [x] `cargo check -p kernel` -- [x] Smoke script when phase delivers runtime behavior - -## Deferred - -- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. - -## Completed - -- Phase 202: Native SDK / manifest tooling (phase 202) diff --git a/docs/phase-203-checklist.md b/docs/phase-203-checklist.md deleted file mode 100644 index 1fb95e6..0000000 --- a/docs/phase-203-checklist.md +++ /dev/null @@ -1,31 +0,0 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. - -# Phase 203 Checklist: Epoch 9 native SDK phase 203 - -## Layer -platform - -## Tag -native - -## Mode -implemented - -## Scope - -- [x] Deliverable: ROADMAP_151_350 band 201-225 -- [x] Consistent with [AXIOMS.md](AXIOMS.md) -- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) - -## Validation - -- [x] `cargo check -p kernel` -- [x] Smoke script when phase delivers runtime behavior - -## Deferred - -- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. - -## Completed - -- Phase 203: Native SDK / manifest tooling (phase 203) diff --git a/docs/phase-204-checklist.md b/docs/phase-204-checklist.md deleted file mode 100644 index c7f47ab..0000000 --- a/docs/phase-204-checklist.md +++ /dev/null @@ -1,31 +0,0 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. - -# Phase 204 Checklist: Epoch 9 native SDK phase 204 - -## Layer -platform - -## Tag -native - -## Mode -implemented - -## Scope - -- [x] Deliverable: ROADMAP_151_350 band 201-225 -- [x] Consistent with [AXIOMS.md](AXIOMS.md) -- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) - -## Validation - -- [x] `cargo check -p kernel` -- [x] Smoke script when phase delivers runtime behavior - -## Deferred - -- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. - -## Completed - -- Phase 204: Native SDK / manifest tooling (phase 204) diff --git a/docs/phase-205-checklist.md b/docs/phase-205-checklist.md deleted file mode 100644 index 7ec8c6f..0000000 --- a/docs/phase-205-checklist.md +++ /dev/null @@ -1,31 +0,0 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. - -# Phase 205 Checklist: Epoch 9 native SDK phase 205 - -## Layer -platform - -## Tag -native - -## Mode -implemented - -## Scope - -- [x] Deliverable: ROADMAP_151_350 band 201-225 -- [x] Consistent with [AXIOMS.md](AXIOMS.md) -- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) - -## Validation - -- [x] `cargo check -p kernel` -- [x] Smoke script when phase delivers runtime behavior - -## Deferred - -- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. - -## Completed - -- Phase 205: Native SDK / manifest tooling (phase 205) diff --git a/docs/phase-206-checklist.md b/docs/phase-206-checklist.md deleted file mode 100644 index fe20515..0000000 --- a/docs/phase-206-checklist.md +++ /dev/null @@ -1,31 +0,0 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. - -# Phase 206 Checklist: Epoch 9 native SDK phase 206 - -## Layer -platform - -## Tag -native - -## Mode -implemented - -## Scope - -- [x] Deliverable: ROADMAP_151_350 band 201-225 -- [x] Consistent with [AXIOMS.md](AXIOMS.md) -- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) - -## Validation - -- [x] `cargo check -p kernel` -- [x] Smoke script when phase delivers runtime behavior - -## Deferred - -- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. - -## Completed - -- Phase 206: Native SDK / manifest tooling (phase 206) diff --git a/docs/phase-207-checklist.md b/docs/phase-207-checklist.md deleted file mode 100644 index b8a3546..0000000 --- a/docs/phase-207-checklist.md +++ /dev/null @@ -1,31 +0,0 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. - -# Phase 207 Checklist: Epoch 9 native SDK phase 207 - -## Layer -platform - -## Tag -native - -## Mode -implemented - -## Scope - -- [x] Deliverable: ROADMAP_151_350 band 201-225 -- [x] Consistent with [AXIOMS.md](AXIOMS.md) -- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) - -## Validation - -- [x] `cargo check -p kernel` -- [x] Smoke script when phase delivers runtime behavior - -## Deferred - -- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. - -## Completed - -- Phase 207: Native SDK / manifest tooling (phase 207) diff --git a/docs/phase-208-checklist.md b/docs/phase-208-checklist.md deleted file mode 100644 index 6518795..0000000 --- a/docs/phase-208-checklist.md +++ /dev/null @@ -1,31 +0,0 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. - -# Phase 208 Checklist: Epoch 9 native SDK phase 208 - -## Layer -platform - -## Tag -native - -## Mode -implemented - -## Scope - -- [x] Deliverable: ROADMAP_151_350 band 201-225 -- [x] Consistent with [AXIOMS.md](AXIOMS.md) -- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) - -## Validation - -- [x] `cargo check -p kernel` -- [x] Smoke script when phase delivers runtime behavior - -## Deferred - -- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. - -## Completed - -- Phase 208: Native SDK / manifest tooling (phase 208) diff --git a/docs/phase-209-checklist.md b/docs/phase-209-checklist.md deleted file mode 100644 index 848a797..0000000 --- a/docs/phase-209-checklist.md +++ /dev/null @@ -1,31 +0,0 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. - -# Phase 209 Checklist: Epoch 9 native SDK phase 209 - -## Layer -platform - -## Tag -native - -## Mode -implemented - -## Scope - -- [x] Deliverable: ROADMAP_151_350 band 201-225 -- [x] Consistent with [AXIOMS.md](AXIOMS.md) -- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) - -## Validation - -- [x] `cargo check -p kernel` -- [x] Smoke script when phase delivers runtime behavior - -## Deferred - -- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. - -## Completed - -- Phase 209: Native SDK / manifest tooling (phase 209) diff --git a/docs/phase-210-checklist.md b/docs/phase-210-checklist.md deleted file mode 100644 index 7ac4cc4..0000000 --- a/docs/phase-210-checklist.md +++ /dev/null @@ -1,31 +0,0 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. - -# Phase 210 Checklist: Epoch 9 native SDK phase 210 - -## Layer -platform - -## Tag -native - -## Mode -implemented - -## Scope - -- [x] Deliverable: ROADMAP_151_350 band 201-225 -- [x] Consistent with [AXIOMS.md](AXIOMS.md) -- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) - -## Validation - -- [x] `cargo check -p kernel` -- [x] Smoke script when phase delivers runtime behavior - -## Deferred - -- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. - -## Completed - -- Phase 210: Native SDK / manifest tooling (phase 210) diff --git a/docs/phase-215-checklist.md b/docs/phase-215-checklist.md deleted file mode 100644 index 5000b9d..0000000 --- a/docs/phase-215-checklist.md +++ /dev/null @@ -1,31 +0,0 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. - -# Phase 215 Checklist: Epoch 9 native SDK phase 215 - -## Layer -platform - -## Tag -native - -## Mode -implemented - -## Scope - -- [x] Deliverable: ROADMAP_151_350 band 201-225 -- [x] Consistent with [AXIOMS.md](AXIOMS.md) -- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) - -## Validation - -- [x] `cargo check -p kernel` -- [x] Smoke script when phase delivers runtime behavior - -## Deferred - -- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. - -## Completed - -- Phase 215: Language runtime adapters (phase 215) diff --git a/docs/phase-216-checklist.md b/docs/phase-216-checklist.md deleted file mode 100644 index f51efed..0000000 --- a/docs/phase-216-checklist.md +++ /dev/null @@ -1,31 +0,0 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. - -# Phase 216 Checklist: Epoch 9 native SDK phase 216 - -## Layer -platform - -## Tag -native - -## Mode -implemented - -## Scope - -- [x] Deliverable: ROADMAP_151_350 band 201-225 -- [x] Consistent with [AXIOMS.md](AXIOMS.md) -- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) - -## Validation - -- [x] `cargo check -p kernel` -- [x] Smoke script when phase delivers runtime behavior - -## Deferred - -- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. - -## Completed - -- Phase 216: Language runtime adapters (phase 216) diff --git a/docs/phase-217-checklist.md b/docs/phase-217-checklist.md deleted file mode 100644 index 1479a28..0000000 --- a/docs/phase-217-checklist.md +++ /dev/null @@ -1,31 +0,0 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. - -# Phase 217 Checklist: Epoch 9 native SDK phase 217 - -## Layer -platform - -## Tag -native - -## Mode -implemented - -## Scope - -- [x] Deliverable: ROADMAP_151_350 band 201-225 -- [x] Consistent with [AXIOMS.md](AXIOMS.md) -- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) - -## Validation - -- [x] `cargo check -p kernel` -- [x] Smoke script when phase delivers runtime behavior - -## Deferred - -- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. - -## Completed - -- Phase 217: Language runtime adapters (phase 217) diff --git a/docs/phase-218-checklist.md b/docs/phase-218-checklist.md deleted file mode 100644 index 0877d23..0000000 --- a/docs/phase-218-checklist.md +++ /dev/null @@ -1,31 +0,0 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. - -# Phase 218 Checklist: Epoch 9 native SDK phase 218 - -## Layer -platform - -## Tag -native - -## Mode -implemented - -## Scope - -- [x] Deliverable: ROADMAP_151_350 band 201-225 -- [x] Consistent with [AXIOMS.md](AXIOMS.md) -- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) - -## Validation - -- [x] `cargo check -p kernel` -- [x] Smoke script when phase delivers runtime behavior - -## Deferred - -- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. - -## Completed - -- Phase 218: Language runtime adapters (phase 218) diff --git a/docs/phase-219-checklist.md b/docs/phase-219-checklist.md deleted file mode 100644 index c29f7c2..0000000 --- a/docs/phase-219-checklist.md +++ /dev/null @@ -1,31 +0,0 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. - -# Phase 219 Checklist: Epoch 9 native SDK phase 219 - -## Layer -platform - -## Tag -native - -## Mode -implemented - -## Scope - -- [x] Deliverable: ROADMAP_151_350 band 201-225 -- [x] Consistent with [AXIOMS.md](AXIOMS.md) -- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) - -## Validation - -- [x] `cargo check -p kernel` -- [x] Smoke script when phase delivers runtime behavior - -## Deferred - -- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. - -## Completed - -- Phase 219: Language runtime adapters (phase 219) diff --git a/docs/phase-220-checklist.md b/docs/phase-220-checklist.md deleted file mode 100644 index 85ad58c..0000000 --- a/docs/phase-220-checklist.md +++ /dev/null @@ -1,31 +0,0 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. - -# Phase 220 Checklist: Epoch 9 native SDK phase 220 - -## Layer -platform - -## Tag -native - -## Mode -implemented - -## Scope - -- [x] Deliverable: ROADMAP_151_350 band 201-225 -- [x] Consistent with [AXIOMS.md](AXIOMS.md) -- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) - -## Validation - -- [x] `cargo check -p kernel` -- [x] Smoke script when phase delivers runtime behavior - -## Deferred - -- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. - -## Completed - -- Phase 220: Language runtime adapters (phase 220) diff --git a/docs/phase-225-checklist.md b/docs/phase-225-checklist.md deleted file mode 100644 index b876bad..0000000 --- a/docs/phase-225-checklist.md +++ /dev/null @@ -1,31 +0,0 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. - -# Phase 225 Checklist: Epoch 9 native SDK phase 225 - -## Layer -platform - -## Tag -native - -## Mode -implemented - -## Scope - -- [x] Deliverable: ROADMAP_151_350 band 201-225 -- [x] Consistent with [AXIOMS.md](AXIOMS.md) -- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) - -## Validation - -- [x] `cargo check -p kernel` -- [x] Smoke script when phase delivers runtime behavior - -## Deferred - -- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. - -## Completed - -- Phase 225: POSIX compat depth (phase 225) diff --git a/docs/phase-230-checklist.md b/docs/phase-230-checklist.md deleted file mode 100644 index 77e7c6a..0000000 --- a/docs/phase-230-checklist.md +++ /dev/null @@ -1,31 +0,0 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. - -# Phase 230 Checklist: Epoch 10 hardware phase 230 - -## Layer -platform - -## Tag -native - -## Mode -implemented - -## Scope - -- [x] Deliverable: ROADMAP_151_350 band 226-250 -- [x] Consistent with [AXIOMS.md](AXIOMS.md) -- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) - -## Validation - -- [x] `cargo check -p kernel` -- [x] Smoke script when phase delivers runtime behavior - -## Deferred - -- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. - -## Completed - -- Phase 230: POSIX compat depth (phase 230) diff --git a/docs/phase-231-checklist.md b/docs/phase-231-checklist.md deleted file mode 100644 index e02934d..0000000 --- a/docs/phase-231-checklist.md +++ /dev/null @@ -1,31 +0,0 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. - -# Phase 231 Checklist: Epoch 10 hardware phase 231 - -## Layer -platform - -## Tag -native - -## Mode -implemented - -## Scope - -- [x] Deliverable: ROADMAP_151_350 band 226-250 -- [x] Consistent with [AXIOMS.md](AXIOMS.md) -- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) - -## Validation - -- [x] `cargo check -p kernel` -- [x] Smoke script when phase delivers runtime behavior - -## Deferred - -- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. - -## Completed - -- Phase 231: Real hardware path (phase 231) diff --git a/docs/phase-232-checklist.md b/docs/phase-232-checklist.md deleted file mode 100644 index 776cbec..0000000 --- a/docs/phase-232-checklist.md +++ /dev/null @@ -1,31 +0,0 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. - -# Phase 232 Checklist: Epoch 10 hardware phase 232 - -## Layer -platform - -## Tag -native - -## Mode -implemented - -## Scope - -- [x] Deliverable: ROADMAP_151_350 band 226-250 -- [x] Consistent with [AXIOMS.md](AXIOMS.md) -- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) - -## Validation - -- [x] `cargo check -p kernel` -- [x] Smoke script when phase delivers runtime behavior - -## Deferred - -- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. - -## Completed - -- Phase 232: Real hardware path (phase 232) diff --git a/docs/phase-233-checklist.md b/docs/phase-233-checklist.md deleted file mode 100644 index 7bcb953..0000000 --- a/docs/phase-233-checklist.md +++ /dev/null @@ -1,31 +0,0 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. - -# Phase 233 Checklist: Epoch 10 hardware phase 233 - -## Layer -platform - -## Tag -native - -## Mode -implemented - -## Scope - -- [x] Deliverable: ROADMAP_151_350 band 226-250 -- [x] Consistent with [AXIOMS.md](AXIOMS.md) -- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) - -## Validation - -- [x] `cargo check -p kernel` -- [x] Smoke script when phase delivers runtime behavior - -## Deferred - -- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. - -## Completed - -- Phase 233: Real hardware path (phase 233) diff --git a/docs/phase-234-checklist.md b/docs/phase-234-checklist.md deleted file mode 100644 index e66ec41..0000000 --- a/docs/phase-234-checklist.md +++ /dev/null @@ -1,31 +0,0 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. - -# Phase 234 Checklist: Epoch 10 hardware phase 234 - -## Layer -platform - -## Tag -native - -## Mode -implemented - -## Scope - -- [x] Deliverable: ROADMAP_151_350 band 226-250 -- [x] Consistent with [AXIOMS.md](AXIOMS.md) -- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) - -## Validation - -- [x] `cargo check -p kernel` -- [x] Smoke script when phase delivers runtime behavior - -## Deferred - -- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. - -## Completed - -- Phase 234: Real hardware path (phase 234) diff --git a/docs/phase-235-checklist.md b/docs/phase-235-checklist.md deleted file mode 100644 index 6d20fc6..0000000 --- a/docs/phase-235-checklist.md +++ /dev/null @@ -1,31 +0,0 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. - -# Phase 235 Checklist: Epoch 10 hardware phase 235 - -## Layer -platform - -## Tag -native - -## Mode -implemented - -## Scope - -- [x] Deliverable: ROADMAP_151_350 band 226-250 -- [x] Consistent with [AXIOMS.md](AXIOMS.md) -- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) - -## Validation - -- [x] `cargo check -p kernel` -- [x] Smoke script when phase delivers runtime behavior - -## Deferred - -- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. - -## Completed - -- Phase 235: Real hardware path (phase 235) diff --git a/docs/phase-236-checklist.md b/docs/phase-236-checklist.md deleted file mode 100644 index 8b32091..0000000 --- a/docs/phase-236-checklist.md +++ /dev/null @@ -1,31 +0,0 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. - -# Phase 236 Checklist: Epoch 10 hardware phase 236 - -## Layer -platform - -## Tag -native - -## Mode -implemented - -## Scope - -- [x] Deliverable: ROADMAP_151_350 band 226-250 -- [x] Consistent with [AXIOMS.md](AXIOMS.md) -- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) - -## Validation - -- [x] `cargo check -p kernel` -- [x] Smoke script when phase delivers runtime behavior - -## Deferred - -- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. - -## Completed - -- Phase 236: Real hardware path (phase 236) diff --git a/docs/phase-237-checklist.md b/docs/phase-237-checklist.md deleted file mode 100644 index e3015ef..0000000 --- a/docs/phase-237-checklist.md +++ /dev/null @@ -1,31 +0,0 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. - -# Phase 237 Checklist: Epoch 10 hardware phase 237 - -## Layer -platform - -## Tag -native - -## Mode -implemented - -## Scope - -- [x] Deliverable: ROADMAP_151_350 band 226-250 -- [x] Consistent with [AXIOMS.md](AXIOMS.md) -- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) - -## Validation - -- [x] `cargo check -p kernel` -- [x] Smoke script when phase delivers runtime behavior - -## Deferred - -- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. - -## Completed - -- Phase 237: Real hardware path (phase 237) diff --git a/docs/phase-238-checklist.md b/docs/phase-238-checklist.md deleted file mode 100644 index 513210c..0000000 --- a/docs/phase-238-checklist.md +++ /dev/null @@ -1,31 +0,0 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. - -# Phase 238 Checklist: Epoch 10 hardware phase 238 - -## Layer -platform - -## Tag -native - -## Mode -implemented - -## Scope - -- [x] Deliverable: ROADMAP_151_350 band 226-250 -- [x] Consistent with [AXIOMS.md](AXIOMS.md) -- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) - -## Validation - -- [x] `cargo check -p kernel` -- [x] Smoke script when phase delivers runtime behavior - -## Deferred - -- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. - -## Completed - -- Phase 238: Real hardware path (phase 238) diff --git a/docs/phase-239-checklist.md b/docs/phase-239-checklist.md deleted file mode 100644 index b62eb48..0000000 --- a/docs/phase-239-checklist.md +++ /dev/null @@ -1,31 +0,0 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. - -# Phase 239 Checklist: Epoch 10 hardware phase 239 - -## Layer -platform - -## Tag -native - -## Mode -implemented - -## Scope - -- [x] Deliverable: ROADMAP_151_350 band 226-250 -- [x] Consistent with [AXIOMS.md](AXIOMS.md) -- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) - -## Validation - -- [x] `cargo check -p kernel` -- [x] Smoke script when phase delivers runtime behavior - -## Deferred - -- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. - -## Completed - -- Phase 239: Real hardware path (phase 239) diff --git a/docs/phase-240-checklist.md b/docs/phase-240-checklist.md deleted file mode 100644 index a76d07a..0000000 --- a/docs/phase-240-checklist.md +++ /dev/null @@ -1,31 +0,0 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. - -# Phase 240 Checklist: Epoch 10 hardware phase 240 - -## Layer -platform - -## Tag -native - -## Mode -implemented - -## Scope - -- [x] Deliverable: ROADMAP_151_350 band 226-250 -- [x] Consistent with [AXIOMS.md](AXIOMS.md) -- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) - -## Validation - -- [x] `cargo check -p kernel` -- [x] Smoke script when phase delivers runtime behavior - -## Deferred - -- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. - -## Completed - -- Phase 240: Real hardware path (phase 240) diff --git a/docs/phase-241-checklist.md b/docs/phase-241-checklist.md deleted file mode 100644 index 88a2012..0000000 --- a/docs/phase-241-checklist.md +++ /dev/null @@ -1,31 +0,0 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. - -# Phase 241 Checklist: Epoch 10 hardware phase 241 - -## Layer -platform - -## Tag -native - -## Mode -implemented - -## Scope - -- [x] Deliverable: ROADMAP_151_350 band 226-250 -- [x] Consistent with [AXIOMS.md](AXIOMS.md) -- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) - -## Validation - -- [x] `cargo check -p kernel` -- [x] Smoke script when phase delivers runtime behavior - -## Deferred - -- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. - -## Completed - -- Phase 241: QEMU to hardware transition (phase 241) diff --git a/docs/phase-242-checklist.md b/docs/phase-242-checklist.md deleted file mode 100644 index ebbe6a7..0000000 --- a/docs/phase-242-checklist.md +++ /dev/null @@ -1,31 +0,0 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. - -# Phase 242 Checklist: Epoch 10 hardware phase 242 - -## Layer -platform - -## Tag -native - -## Mode -implemented - -## Scope - -- [x] Deliverable: ROADMAP_151_350 band 226-250 -- [x] Consistent with [AXIOMS.md](AXIOMS.md) -- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) - -## Validation - -- [x] `cargo check -p kernel` -- [x] Smoke script when phase delivers runtime behavior - -## Deferred - -- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. - -## Completed - -- Phase 242: QEMU to hardware transition (phase 242) diff --git a/docs/phase-243-checklist.md b/docs/phase-243-checklist.md deleted file mode 100644 index 54e4ae7..0000000 --- a/docs/phase-243-checklist.md +++ /dev/null @@ -1,31 +0,0 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. - -# Phase 243 Checklist: Epoch 10 hardware phase 243 - -## Layer -platform - -## Tag -native - -## Mode -implemented - -## Scope - -- [x] Deliverable: ROADMAP_151_350 band 226-250 -- [x] Consistent with [AXIOMS.md](AXIOMS.md) -- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) - -## Validation - -- [x] `cargo check -p kernel` -- [x] Smoke script when phase delivers runtime behavior - -## Deferred - -- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. - -## Completed - -- Phase 243: QEMU to hardware transition (phase 243) diff --git a/docs/phase-244-checklist.md b/docs/phase-244-checklist.md deleted file mode 100644 index fea0c3a..0000000 --- a/docs/phase-244-checklist.md +++ /dev/null @@ -1,31 +0,0 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. - -# Phase 244 Checklist: Epoch 10 hardware phase 244 - -## Layer -platform - -## Tag -native - -## Mode -implemented - -## Scope - -- [x] Deliverable: ROADMAP_151_350 band 226-250 -- [x] Consistent with [AXIOMS.md](AXIOMS.md) -- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) - -## Validation - -- [x] `cargo check -p kernel` -- [x] Smoke script when phase delivers runtime behavior - -## Deferred - -- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. - -## Completed - -- Phase 244: QEMU to hardware transition (phase 244) diff --git a/docs/phase-245-checklist.md b/docs/phase-245-checklist.md deleted file mode 100644 index c39d467..0000000 --- a/docs/phase-245-checklist.md +++ /dev/null @@ -1,31 +0,0 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. - -# Phase 245 Checklist: Epoch 10 hardware phase 245 - -## Layer -platform - -## Tag -native - -## Mode -implemented - -## Scope - -- [x] Deliverable: ROADMAP_151_350 band 226-250 -- [x] Consistent with [AXIOMS.md](AXIOMS.md) -- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) - -## Validation - -- [x] `cargo check -p kernel` -- [x] Smoke script when phase delivers runtime behavior - -## Deferred - -- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. - -## Completed - -- Phase 245: QEMU to hardware transition (phase 245) diff --git a/docs/phase-246-checklist.md b/docs/phase-246-checklist.md deleted file mode 100644 index 097490c..0000000 --- a/docs/phase-246-checklist.md +++ /dev/null @@ -1,31 +0,0 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. - -# Phase 246 Checklist: Epoch 10 hardware phase 246 - -## Layer -platform - -## Tag -native - -## Mode -implemented - -## Scope - -- [x] Deliverable: ROADMAP_151_350 band 226-250 -- [x] Consistent with [AXIOMS.md](AXIOMS.md) -- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) - -## Validation - -- [x] `cargo check -p kernel` -- [x] Smoke script when phase delivers runtime behavior - -## Deferred - -- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. - -## Completed - -- Phase 246: QEMU to hardware transition (phase 246) diff --git a/docs/phase-247-checklist.md b/docs/phase-247-checklist.md deleted file mode 100644 index 257d463..0000000 --- a/docs/phase-247-checklist.md +++ /dev/null @@ -1,31 +0,0 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. - -# Phase 247 Checklist: Epoch 10 hardware phase 247 - -## Layer -platform - -## Tag -native - -## Mode -implemented - -## Scope - -- [x] Deliverable: ROADMAP_151_350 band 226-250 -- [x] Consistent with [AXIOMS.md](AXIOMS.md) -- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) - -## Validation - -- [x] `cargo check -p kernel` -- [x] Smoke script when phase delivers runtime behavior - -## Deferred - -- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. - -## Completed - -- Phase 247: QEMU to hardware transition (phase 247) diff --git a/docs/phase-248-checklist.md b/docs/phase-248-checklist.md deleted file mode 100644 index 32f978d..0000000 --- a/docs/phase-248-checklist.md +++ /dev/null @@ -1,31 +0,0 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. - -# Phase 248 Checklist: Epoch 10 hardware phase 248 - -## Layer -platform - -## Tag -native - -## Mode -implemented - -## Scope - -- [x] Deliverable: ROADMAP_151_350 band 226-250 -- [x] Consistent with [AXIOMS.md](AXIOMS.md) -- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) - -## Validation - -- [x] `cargo check -p kernel` -- [x] Smoke script when phase delivers runtime behavior - -## Deferred - -- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. - -## Completed - -- Phase 248: QEMU to hardware transition (phase 248) diff --git a/docs/phase-249-checklist.md b/docs/phase-249-checklist.md deleted file mode 100644 index 205fadb..0000000 --- a/docs/phase-249-checklist.md +++ /dev/null @@ -1,31 +0,0 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. - -# Phase 249 Checklist: Epoch 10 hardware phase 249 - -## Layer -platform - -## Tag -native - -## Mode -implemented - -## Scope - -- [x] Deliverable: ROADMAP_151_350 band 226-250 -- [x] Consistent with [AXIOMS.md](AXIOMS.md) -- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) - -## Validation - -- [x] `cargo check -p kernel` -- [x] Smoke script when phase delivers runtime behavior - -## Deferred - -- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. - -## Completed - -- Phase 249: QEMU to hardware transition (phase 249) diff --git a/docs/phase-255-checklist.md b/docs/phase-255-checklist.md deleted file mode 100644 index bbf6f4a..0000000 --- a/docs/phase-255-checklist.md +++ /dev/null @@ -1,31 +0,0 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. - -# Phase 255 Checklist: Epoch 11 drivers phase 255 - -## Layer -platform - -## Tag -native - -## Mode -implemented - -## Scope - -- [x] Deliverable: ROADMAP_151_350 band 251-275 -- [x] Consistent with [AXIOMS.md](AXIOMS.md) -- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) - -## Validation - -- [x] `cargo check -p kernel` -- [x] Smoke script when phase delivers runtime behavior - -## Deferred - -- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. - -## Completed - -- Phase 255: DRIVER_MODEL userspace drivers (phase 255) diff --git a/docs/phase-256-checklist.md b/docs/phase-256-checklist.md deleted file mode 100644 index 984cc6a..0000000 --- a/docs/phase-256-checklist.md +++ /dev/null @@ -1,31 +0,0 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. - -# Phase 256 Checklist: Epoch 11 drivers phase 256 - -## Layer -platform - -## Tag -native - -## Mode -implemented - -## Scope - -- [x] Deliverable: ROADMAP_151_350 band 251-275 -- [x] Consistent with [AXIOMS.md](AXIOMS.md) -- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) - -## Validation - -- [x] `cargo check -p kernel` -- [x] Smoke script when phase delivers runtime behavior - -## Deferred - -- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. - -## Completed - -- Phase 256: DRIVER_MODEL userspace drivers (phase 256) diff --git a/docs/phase-257-checklist.md b/docs/phase-257-checklist.md deleted file mode 100644 index 5173f02..0000000 --- a/docs/phase-257-checklist.md +++ /dev/null @@ -1,31 +0,0 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. - -# Phase 257 Checklist: Epoch 11 drivers phase 257 - -## Layer -platform - -## Tag -native - -## Mode -implemented - -## Scope - -- [x] Deliverable: ROADMAP_151_350 band 251-275 -- [x] Consistent with [AXIOMS.md](AXIOMS.md) -- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) - -## Validation - -- [x] `cargo check -p kernel` -- [x] Smoke script when phase delivers runtime behavior - -## Deferred - -- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. - -## Completed - -- Phase 257: DRIVER_MODEL userspace drivers (phase 257) diff --git a/docs/phase-258-checklist.md b/docs/phase-258-checklist.md deleted file mode 100644 index 932183c..0000000 --- a/docs/phase-258-checklist.md +++ /dev/null @@ -1,31 +0,0 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. - -# Phase 258 Checklist: Epoch 11 drivers phase 258 - -## Layer -platform - -## Tag -native - -## Mode -implemented - -## Scope - -- [x] Deliverable: ROADMAP_151_350 band 251-275 -- [x] Consistent with [AXIOMS.md](AXIOMS.md) -- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) - -## Validation - -- [x] `cargo check -p kernel` -- [x] Smoke script when phase delivers runtime behavior - -## Deferred - -- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. - -## Completed - -- Phase 258: DRIVER_MODEL userspace drivers (phase 258) diff --git a/docs/phase-259-checklist.md b/docs/phase-259-checklist.md deleted file mode 100644 index 0deeb1f..0000000 --- a/docs/phase-259-checklist.md +++ /dev/null @@ -1,31 +0,0 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. - -# Phase 259 Checklist: Epoch 11 drivers phase 259 - -## Layer -platform - -## Tag -native - -## Mode -implemented - -## Scope - -- [x] Deliverable: ROADMAP_151_350 band 251-275 -- [x] Consistent with [AXIOMS.md](AXIOMS.md) -- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) - -## Validation - -- [x] `cargo check -p kernel` -- [x] Smoke script when phase delivers runtime behavior - -## Deferred - -- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. - -## Completed - -- Phase 259: DRIVER_MODEL userspace drivers (phase 259) diff --git a/docs/phase-260-checklist.md b/docs/phase-260-checklist.md deleted file mode 100644 index 6f76e49..0000000 --- a/docs/phase-260-checklist.md +++ /dev/null @@ -1,31 +0,0 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. - -# Phase 260 Checklist: Epoch 11 drivers phase 260 - -## Layer -platform - -## Tag -native - -## Mode -implemented - -## Scope - -- [x] Deliverable: ROADMAP_151_350 band 251-275 -- [x] Consistent with [AXIOMS.md](AXIOMS.md) -- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) - -## Validation - -- [x] `cargo check -p kernel` -- [x] Smoke script when phase delivers runtime behavior - -## Deferred - -- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. - -## Completed - -- Phase 260: DRIVER_MODEL userspace drivers (phase 260) diff --git a/docs/phase-261-checklist.md b/docs/phase-261-checklist.md deleted file mode 100644 index 209920f..0000000 --- a/docs/phase-261-checklist.md +++ /dev/null @@ -1,31 +0,0 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. - -# Phase 261 Checklist: Epoch 11 drivers phase 261 - -## Layer -platform - -## Tag -native - -## Mode -implemented - -## Scope - -- [x] Deliverable: ROADMAP_151_350 band 251-275 -- [x] Consistent with [AXIOMS.md](AXIOMS.md) -- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) - -## Validation - -- [x] `cargo check -p kernel` -- [x] Smoke script when phase delivers runtime behavior - -## Deferred - -- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. - -## Completed - -- Phase 261: DRIVER_MODEL userspace drivers (phase 261) diff --git a/docs/phase-262-checklist.md b/docs/phase-262-checklist.md deleted file mode 100644 index 0e4b1db..0000000 --- a/docs/phase-262-checklist.md +++ /dev/null @@ -1,31 +0,0 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. - -# Phase 262 Checklist: Epoch 11 drivers phase 262 - -## Layer -platform - -## Tag -native - -## Mode -implemented - -## Scope - -- [x] Deliverable: ROADMAP_151_350 band 251-275 -- [x] Consistent with [AXIOMS.md](AXIOMS.md) -- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) - -## Validation - -- [x] `cargo check -p kernel` -- [x] Smoke script when phase delivers runtime behavior - -## Deferred - -- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. - -## Completed - -- Phase 262: DRIVER_MODEL userspace drivers (phase 262) diff --git a/docs/phase-263-checklist.md b/docs/phase-263-checklist.md deleted file mode 100644 index 67ad62d..0000000 --- a/docs/phase-263-checklist.md +++ /dev/null @@ -1,31 +0,0 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. - -# Phase 263 Checklist: Epoch 11 drivers phase 263 - -## Layer -platform - -## Tag -native - -## Mode -implemented - -## Scope - -- [x] Deliverable: ROADMAP_151_350 band 251-275 -- [x] Consistent with [AXIOMS.md](AXIOMS.md) -- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) - -## Validation - -- [x] `cargo check -p kernel` -- [x] Smoke script when phase delivers runtime behavior - -## Deferred - -- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. - -## Completed - -- Phase 263: DRIVER_MODEL userspace drivers (phase 263) diff --git a/docs/phase-264-checklist.md b/docs/phase-264-checklist.md deleted file mode 100644 index fa5f9af..0000000 --- a/docs/phase-264-checklist.md +++ /dev/null @@ -1,31 +0,0 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. - -# Phase 264 Checklist: Epoch 11 drivers phase 264 - -## Layer -platform - -## Tag -native - -## Mode -implemented - -## Scope - -- [x] Deliverable: ROADMAP_151_350 band 251-275 -- [x] Consistent with [AXIOMS.md](AXIOMS.md) -- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) - -## Validation - -- [x] `cargo check -p kernel` -- [x] Smoke script when phase delivers runtime behavior - -## Deferred - -- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. - -## Completed - -- Phase 264: DRIVER_MODEL userspace drivers (phase 264) diff --git a/docs/phase-265-checklist.md b/docs/phase-265-checklist.md deleted file mode 100644 index a756639..0000000 --- a/docs/phase-265-checklist.md +++ /dev/null @@ -1,31 +0,0 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. - -# Phase 265 Checklist: Epoch 11 drivers phase 265 - -## Layer -platform - -## Tag -native - -## Mode -implemented - -## Scope - -- [x] Deliverable: ROADMAP_151_350 band 251-275 -- [x] Consistent with [AXIOMS.md](AXIOMS.md) -- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) - -## Validation - -- [x] `cargo check -p kernel` -- [x] Smoke script when phase delivers runtime behavior - -## Deferred - -- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. - -## Completed - -- Phase 265: DRIVER_MODEL userspace drivers (phase 265) diff --git a/docs/phase-266-checklist.md b/docs/phase-266-checklist.md deleted file mode 100644 index 6b3a8e4..0000000 --- a/docs/phase-266-checklist.md +++ /dev/null @@ -1,31 +0,0 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. - -# Phase 266 Checklist: Epoch 11 drivers phase 266 - -## Layer -platform - -## Tag -native - -## Mode -implemented - -## Scope - -- [x] Deliverable: ROADMAP_151_350 band 251-275 -- [x] Consistent with [AXIOMS.md](AXIOMS.md) -- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) - -## Validation - -- [x] `cargo check -p kernel` -- [x] Smoke script when phase delivers runtime behavior - -## Deferred - -- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. - -## Completed - -- Phase 266: Semantic observability tooling (phase 266) diff --git a/docs/phase-267-checklist.md b/docs/phase-267-checklist.md deleted file mode 100644 index 301f484..0000000 --- a/docs/phase-267-checklist.md +++ /dev/null @@ -1,31 +0,0 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. - -# Phase 267 Checklist: Epoch 11 drivers phase 267 - -## Layer -platform - -## Tag -native - -## Mode -implemented - -## Scope - -- [x] Deliverable: ROADMAP_151_350 band 251-275 -- [x] Consistent with [AXIOMS.md](AXIOMS.md) -- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) - -## Validation - -- [x] `cargo check -p kernel` -- [x] Smoke script when phase delivers runtime behavior - -## Deferred - -- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. - -## Completed - -- Phase 267: Semantic observability tooling (phase 267) diff --git a/docs/phase-268-checklist.md b/docs/phase-268-checklist.md deleted file mode 100644 index 7f53a4f..0000000 --- a/docs/phase-268-checklist.md +++ /dev/null @@ -1,31 +0,0 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. - -# Phase 268 Checklist: Epoch 11 drivers phase 268 - -## Layer -platform - -## Tag -native - -## Mode -implemented - -## Scope - -- [x] Deliverable: ROADMAP_151_350 band 251-275 -- [x] Consistent with [AXIOMS.md](AXIOMS.md) -- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) - -## Validation - -- [x] `cargo check -p kernel` -- [x] Smoke script when phase delivers runtime behavior - -## Deferred - -- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. - -## Completed - -- Phase 268: Semantic observability tooling (phase 268) diff --git a/docs/phase-269-checklist.md b/docs/phase-269-checklist.md deleted file mode 100644 index 14640d8..0000000 --- a/docs/phase-269-checklist.md +++ /dev/null @@ -1,31 +0,0 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. - -# Phase 269 Checklist: Epoch 11 drivers phase 269 - -## Layer -platform - -## Tag -native - -## Mode -implemented - -## Scope - -- [x] Deliverable: ROADMAP_151_350 band 251-275 -- [x] Consistent with [AXIOMS.md](AXIOMS.md) -- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) - -## Validation - -- [x] `cargo check -p kernel` -- [x] Smoke script when phase delivers runtime behavior - -## Deferred - -- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. - -## Completed - -- Phase 269: Semantic observability tooling (phase 269) diff --git a/docs/phase-270-checklist.md b/docs/phase-270-checklist.md deleted file mode 100644 index 98f0039..0000000 --- a/docs/phase-270-checklist.md +++ /dev/null @@ -1,31 +0,0 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. - -# Phase 270 Checklist: Epoch 11 drivers phase 270 - -## Layer -platform - -## Tag -native - -## Mode -implemented - -## Scope - -- [x] Deliverable: ROADMAP_151_350 band 251-275 -- [x] Consistent with [AXIOMS.md](AXIOMS.md) -- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) - -## Validation - -- [x] `cargo check -p kernel` -- [x] Smoke script when phase delivers runtime behavior - -## Deferred - -- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. - -## Completed - -- Phase 270: Semantic observability tooling (phase 270) diff --git a/docs/phase-271-checklist.md b/docs/phase-271-checklist.md deleted file mode 100644 index 74a13b6..0000000 --- a/docs/phase-271-checklist.md +++ /dev/null @@ -1,31 +0,0 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. - -# Phase 271 Checklist: Epoch 11 drivers phase 271 - -## Layer -platform - -## Tag -native - -## Mode -implemented - -## Scope - -- [x] Deliverable: ROADMAP_151_350 band 251-275 -- [x] Consistent with [AXIOMS.md](AXIOMS.md) -- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) - -## Validation - -- [x] `cargo check -p kernel` -- [x] Smoke script when phase delivers runtime behavior - -## Deferred - -- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. - -## Completed - -- Phase 271: Semantic observability tooling (phase 271) diff --git a/docs/phase-272-checklist.md b/docs/phase-272-checklist.md deleted file mode 100644 index aa9109b..0000000 --- a/docs/phase-272-checklist.md +++ /dev/null @@ -1,31 +0,0 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. - -# Phase 272 Checklist: Epoch 11 drivers phase 272 - -## Layer -platform - -## Tag -native - -## Mode -implemented - -## Scope - -- [x] Deliverable: ROADMAP_151_350 band 251-275 -- [x] Consistent with [AXIOMS.md](AXIOMS.md) -- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) - -## Validation - -- [x] `cargo check -p kernel` -- [x] Smoke script when phase delivers runtime behavior - -## Deferred - -- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. - -## Completed - -- Phase 272: Semantic observability tooling (phase 272) diff --git a/docs/phase-273-checklist.md b/docs/phase-273-checklist.md deleted file mode 100644 index 7f00842..0000000 --- a/docs/phase-273-checklist.md +++ /dev/null @@ -1,31 +0,0 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. - -# Phase 273 Checklist: Epoch 11 drivers phase 273 - -## Layer -platform - -## Tag -native - -## Mode -implemented - -## Scope - -- [x] Deliverable: ROADMAP_151_350 band 251-275 -- [x] Consistent with [AXIOMS.md](AXIOMS.md) -- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) - -## Validation - -- [x] `cargo check -p kernel` -- [x] Smoke script when phase delivers runtime behavior - -## Deferred - -- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. - -## Completed - -- Phase 273: Semantic observability tooling (phase 273) diff --git a/docs/phase-274-checklist.md b/docs/phase-274-checklist.md deleted file mode 100644 index 664de4f..0000000 --- a/docs/phase-274-checklist.md +++ /dev/null @@ -1,31 +0,0 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. - -# Phase 274 Checklist: Epoch 11 drivers phase 274 - -## Layer -platform - -## Tag -native - -## Mode -implemented - -## Scope - -- [x] Deliverable: ROADMAP_151_350 band 251-275 -- [x] Consistent with [AXIOMS.md](AXIOMS.md) -- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) - -## Validation - -- [x] `cargo check -p kernel` -- [x] Smoke script when phase delivers runtime behavior - -## Deferred - -- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. - -## Completed - -- Phase 274: Semantic observability tooling (phase 274) diff --git a/docs/phase-275-checklist.md b/docs/phase-275-checklist.md deleted file mode 100644 index 23ba9d3..0000000 --- a/docs/phase-275-checklist.md +++ /dev/null @@ -1,31 +0,0 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. - -# Phase 275 Checklist: Epoch 11 drivers phase 275 - -## Layer -platform - -## Tag -native - -## Mode -implemented - -## Scope - -- [x] Deliverable: ROADMAP_151_350 band 251-275 -- [x] Consistent with [AXIOMS.md](AXIOMS.md) -- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) - -## Validation - -- [x] `cargo check -p kernel` -- [x] Smoke script when phase delivers runtime behavior - -## Deferred - -- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. - -## Completed - -- Phase 275: Semantic observability tooling (phase 275) diff --git a/docs/phase-280-checklist.md b/docs/phase-280-checklist.md deleted file mode 100644 index f20845d..0000000 --- a/docs/phase-280-checklist.md +++ /dev/null @@ -1,31 +0,0 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. - -# Phase 280 Checklist: Epoch 12 federation phase 280 - -## Layer -kernel - -## Tag -native - -## Mode -implemented - -## Scope - -- [x] Deliverable: ROADMAP_151_350 band 276-300 -- [x] Consistent with [AXIOMS.md](AXIOMS.md) -- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) - -## Validation - -- [x] `cargo check -p kernel` -- [x] Smoke script when phase delivers runtime behavior - -## Deferred - -- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. - -## Completed - -- Phase 280: Federation distributed endpoints (phase 280) diff --git a/docs/phase-281-checklist.md b/docs/phase-281-checklist.md deleted file mode 100644 index cf52a37..0000000 --- a/docs/phase-281-checklist.md +++ /dev/null @@ -1,31 +0,0 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. - -# Phase 281 Checklist: Epoch 12 federation phase 281 - -## Layer -kernel - -## Tag -native - -## Mode -implemented - -## Scope - -- [x] Deliverable: ROADMAP_151_350 band 276-300 -- [x] Consistent with [AXIOMS.md](AXIOMS.md) -- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) - -## Validation - -- [x] `cargo check -p kernel` -- [x] Smoke script when phase delivers runtime behavior - -## Deferred - -- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. - -## Completed - -- Phase 281: Federation distributed endpoints (phase 281) diff --git a/docs/phase-282-checklist.md b/docs/phase-282-checklist.md deleted file mode 100644 index d32eb4b..0000000 --- a/docs/phase-282-checklist.md +++ /dev/null @@ -1,31 +0,0 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. - -# Phase 282 Checklist: Epoch 12 federation phase 282 - -## Layer -kernel - -## Tag -native - -## Mode -implemented - -## Scope - -- [x] Deliverable: ROADMAP_151_350 band 276-300 -- [x] Consistent with [AXIOMS.md](AXIOMS.md) -- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) - -## Validation - -- [x] `cargo check -p kernel` -- [x] Smoke script when phase delivers runtime behavior - -## Deferred - -- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. - -## Completed - -- Phase 282: Federation distributed endpoints (phase 282) diff --git a/docs/phase-283-checklist.md b/docs/phase-283-checklist.md deleted file mode 100644 index e456ddc..0000000 --- a/docs/phase-283-checklist.md +++ /dev/null @@ -1,31 +0,0 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. - -# Phase 283 Checklist: Epoch 12 federation phase 283 - -## Layer -kernel - -## Tag -native - -## Mode -implemented - -## Scope - -- [x] Deliverable: ROADMAP_151_350 band 276-300 -- [x] Consistent with [AXIOMS.md](AXIOMS.md) -- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) - -## Validation - -- [x] `cargo check -p kernel` -- [x] Smoke script when phase delivers runtime behavior - -## Deferred - -- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. - -## Completed - -- Phase 283: Federation distributed endpoints (phase 283) diff --git a/docs/phase-284-checklist.md b/docs/phase-284-checklist.md deleted file mode 100644 index a18a019..0000000 --- a/docs/phase-284-checklist.md +++ /dev/null @@ -1,31 +0,0 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. - -# Phase 284 Checklist: Epoch 12 federation phase 284 - -## Layer -kernel - -## Tag -native - -## Mode -implemented - -## Scope - -- [x] Deliverable: ROADMAP_151_350 band 276-300 -- [x] Consistent with [AXIOMS.md](AXIOMS.md) -- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) - -## Validation - -- [x] `cargo check -p kernel` -- [x] Smoke script when phase delivers runtime behavior - -## Deferred - -- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. - -## Completed - -- Phase 284: Federation distributed endpoints (phase 284) diff --git a/docs/phase-285-checklist.md b/docs/phase-285-checklist.md deleted file mode 100644 index 814c7eb..0000000 --- a/docs/phase-285-checklist.md +++ /dev/null @@ -1,31 +0,0 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. - -# Phase 285 Checklist: Epoch 12 federation phase 285 - -## Layer -kernel - -## Tag -native - -## Mode -implemented - -## Scope - -- [x] Deliverable: ROADMAP_151_350 band 276-300 -- [x] Consistent with [AXIOMS.md](AXIOMS.md) -- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) - -## Validation - -- [x] `cargo check -p kernel` -- [x] Smoke script when phase delivers runtime behavior - -## Deferred - -- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. - -## Completed - -- Phase 285: Federation distributed endpoints (phase 285) diff --git a/docs/phase-286-checklist.md b/docs/phase-286-checklist.md deleted file mode 100644 index a715bb2..0000000 --- a/docs/phase-286-checklist.md +++ /dev/null @@ -1,31 +0,0 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. - -# Phase 286 Checklist: Epoch 12 federation phase 286 - -## Layer -kernel - -## Tag -native - -## Mode -implemented - -## Scope - -- [x] Deliverable: ROADMAP_151_350 band 276-300 -- [x] Consistent with [AXIOMS.md](AXIOMS.md) -- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) - -## Validation - -- [x] `cargo check -p kernel` -- [x] Smoke script when phase delivers runtime behavior - -## Deferred - -- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. - -## Completed - -- Phase 286: Federation distributed endpoints (phase 286) diff --git a/docs/phase-287-checklist.md b/docs/phase-287-checklist.md deleted file mode 100644 index 8ebd023..0000000 --- a/docs/phase-287-checklist.md +++ /dev/null @@ -1,31 +0,0 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. - -# Phase 287 Checklist: Epoch 12 federation phase 287 - -## Layer -kernel - -## Tag -native - -## Mode -implemented - -## Scope - -- [x] Deliverable: ROADMAP_151_350 band 276-300 -- [x] Consistent with [AXIOMS.md](AXIOMS.md) -- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) - -## Validation - -- [x] `cargo check -p kernel` -- [x] Smoke script when phase delivers runtime behavior - -## Deferred - -- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. - -## Completed - -- Phase 287: Federation distributed endpoints (phase 287) diff --git a/docs/phase-288-checklist.md b/docs/phase-288-checklist.md deleted file mode 100644 index f402a62..0000000 --- a/docs/phase-288-checklist.md +++ /dev/null @@ -1,31 +0,0 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. - -# Phase 288 Checklist: Epoch 12 federation phase 288 - -## Layer -kernel - -## Tag -native - -## Mode -implemented - -## Scope - -- [x] Deliverable: ROADMAP_151_350 band 276-300 -- [x] Consistent with [AXIOMS.md](AXIOMS.md) -- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) - -## Validation - -- [x] `cargo check -p kernel` -- [x] Smoke script when phase delivers runtime behavior - -## Deferred - -- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. - -## Completed - -- Phase 288: Federation distributed endpoints (phase 288) diff --git a/docs/phase-289-checklist.md b/docs/phase-289-checklist.md deleted file mode 100644 index 0912e22..0000000 --- a/docs/phase-289-checklist.md +++ /dev/null @@ -1,31 +0,0 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. - -# Phase 289 Checklist: Epoch 12 federation phase 289 - -## Layer -kernel - -## Tag -native - -## Mode -implemented - -## Scope - -- [x] Deliverable: ROADMAP_151_350 band 276-300 -- [x] Consistent with [AXIOMS.md](AXIOMS.md) -- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) - -## Validation - -- [x] `cargo check -p kernel` -- [x] Smoke script when phase delivers runtime behavior - -## Deferred - -- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. - -## Completed - -- Phase 289: Federation distributed endpoints (phase 289) diff --git a/docs/phase-290-checklist.md b/docs/phase-290-checklist.md deleted file mode 100644 index 7593aa3..0000000 --- a/docs/phase-290-checklist.md +++ /dev/null @@ -1,31 +0,0 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. - -# Phase 290 Checklist: Epoch 12 federation phase 290 - -## Layer -kernel - -## Tag -native - -## Mode -implemented - -## Scope - -- [x] Deliverable: ROADMAP_151_350 band 276-300 -- [x] Consistent with [AXIOMS.md](AXIOMS.md) -- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) - -## Validation - -- [x] `cargo check -p kernel` -- [x] Smoke script when phase delivers runtime behavior - -## Deferred - -- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. - -## Completed - -- Phase 290: Federation distributed endpoints (phase 290) diff --git a/docs/phase-291-checklist.md b/docs/phase-291-checklist.md deleted file mode 100644 index e48cad9..0000000 --- a/docs/phase-291-checklist.md +++ /dev/null @@ -1,31 +0,0 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. - -# Phase 291 Checklist: Epoch 12 federation phase 291 - -## Layer -kernel - -## Tag -native - -## Mode -implemented - -## Scope - -- [x] Deliverable: ROADMAP_151_350 band 276-300 -- [x] Consistent with [AXIOMS.md](AXIOMS.md) -- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) - -## Validation - -- [x] `cargo check -p kernel` -- [x] Smoke script when phase delivers runtime behavior - -## Deferred - -- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. - -## Completed - -- Phase 291: Checkpoint reopen_trigger design (phase 291) diff --git a/docs/phase-292-checklist.md b/docs/phase-292-checklist.md deleted file mode 100644 index 386453c..0000000 --- a/docs/phase-292-checklist.md +++ /dev/null @@ -1,31 +0,0 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. - -# Phase 292 Checklist: Epoch 12 federation phase 292 - -## Layer -kernel - -## Tag -native - -## Mode -implemented - -## Scope - -- [x] Deliverable: ROADMAP_151_350 band 276-300 -- [x] Consistent with [AXIOMS.md](AXIOMS.md) -- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) - -## Validation - -- [x] `cargo check -p kernel` -- [x] Smoke script when phase delivers runtime behavior - -## Deferred - -- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. - -## Completed - -- Phase 292: Checkpoint reopen_trigger design (phase 292) diff --git a/docs/phase-293-checklist.md b/docs/phase-293-checklist.md deleted file mode 100644 index ca69cfc..0000000 --- a/docs/phase-293-checklist.md +++ /dev/null @@ -1,31 +0,0 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. - -# Phase 293 Checklist: Epoch 12 federation phase 293 - -## Layer -kernel - -## Tag -native - -## Mode -implemented - -## Scope - -- [x] Deliverable: ROADMAP_151_350 band 276-300 -- [x] Consistent with [AXIOMS.md](AXIOMS.md) -- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) - -## Validation - -- [x] `cargo check -p kernel` -- [x] Smoke script when phase delivers runtime behavior - -## Deferred - -- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. - -## Completed - -- Phase 293: Checkpoint reopen_trigger design (phase 293) diff --git a/docs/phase-294-checklist.md b/docs/phase-294-checklist.md deleted file mode 100644 index ca4d2f6..0000000 --- a/docs/phase-294-checklist.md +++ /dev/null @@ -1,31 +0,0 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. - -# Phase 294 Checklist: Epoch 12 federation phase 294 - -## Layer -kernel - -## Tag -native - -## Mode -implemented - -## Scope - -- [x] Deliverable: ROADMAP_151_350 band 276-300 -- [x] Consistent with [AXIOMS.md](AXIOMS.md) -- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) - -## Validation - -- [x] `cargo check -p kernel` -- [x] Smoke script when phase delivers runtime behavior - -## Deferred - -- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. - -## Completed - -- Phase 294: Checkpoint reopen_trigger design (phase 294) diff --git a/docs/phase-295-checklist.md b/docs/phase-295-checklist.md deleted file mode 100644 index 844a6a7..0000000 --- a/docs/phase-295-checklist.md +++ /dev/null @@ -1,31 +0,0 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. - -# Phase 295 Checklist: Epoch 12 federation phase 295 - -## Layer -kernel - -## Tag -native - -## Mode -implemented - -## Scope - -- [x] Deliverable: ROADMAP_151_350 band 276-300 -- [x] Consistent with [AXIOMS.md](AXIOMS.md) -- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) - -## Validation - -- [x] `cargo check -p kernel` -- [x] Smoke script when phase delivers runtime behavior - -## Deferred - -- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. - -## Completed - -- Phase 295: Checkpoint reopen_trigger design (phase 295) diff --git a/docs/phase-296-checklist.md b/docs/phase-296-checklist.md deleted file mode 100644 index 97ce5cf..0000000 --- a/docs/phase-296-checklist.md +++ /dev/null @@ -1,31 +0,0 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. - -# Phase 296 Checklist: Epoch 12 federation phase 296 - -## Layer -kernel - -## Tag -native - -## Mode -implemented - -## Scope - -- [x] Deliverable: ROADMAP_151_350 band 276-300 -- [x] Consistent with [AXIOMS.md](AXIOMS.md) -- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) - -## Validation - -- [x] `cargo check -p kernel` -- [x] Smoke script when phase delivers runtime behavior - -## Deferred - -- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. - -## Completed - -- Phase 296: Checkpoint reopen_trigger design (phase 296) diff --git a/docs/phase-297-checklist.md b/docs/phase-297-checklist.md deleted file mode 100644 index f308c87..0000000 --- a/docs/phase-297-checklist.md +++ /dev/null @@ -1,31 +0,0 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. - -# Phase 297 Checklist: Epoch 12 federation phase 297 - -## Layer -kernel - -## Tag -native - -## Mode -implemented - -## Scope - -- [x] Deliverable: ROADMAP_151_350 band 276-300 -- [x] Consistent with [AXIOMS.md](AXIOMS.md) -- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) - -## Validation - -- [x] `cargo check -p kernel` -- [x] Smoke script when phase delivers runtime behavior - -## Deferred - -- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. - -## Completed - -- Phase 297: Checkpoint reopen_trigger design (phase 297) diff --git a/docs/phase-298-checklist.md b/docs/phase-298-checklist.md deleted file mode 100644 index d4b9ab0..0000000 --- a/docs/phase-298-checklist.md +++ /dev/null @@ -1,31 +0,0 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. - -# Phase 298 Checklist: Epoch 12 federation phase 298 - -## Layer -kernel - -## Tag -native - -## Mode -implemented - -## Scope - -- [x] Deliverable: ROADMAP_151_350 band 276-300 -- [x] Consistent with [AXIOMS.md](AXIOMS.md) -- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) - -## Validation - -- [x] `cargo check -p kernel` -- [x] Smoke script when phase delivers runtime behavior - -## Deferred - -- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. - -## Completed - -- Phase 298: Checkpoint reopen_trigger design (phase 298) diff --git a/docs/phase-299-checklist.md b/docs/phase-299-checklist.md deleted file mode 100644 index b06ff0f..0000000 --- a/docs/phase-299-checklist.md +++ /dev/null @@ -1,31 +0,0 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. - -# Phase 299 Checklist: Epoch 12 federation phase 299 - -## Layer -kernel - -## Tag -native - -## Mode -implemented - -## Scope - -- [x] Deliverable: ROADMAP_151_350 band 276-300 -- [x] Consistent with [AXIOMS.md](AXIOMS.md) -- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) - -## Validation - -- [x] `cargo check -p kernel` -- [x] Smoke script when phase delivers runtime behavior - -## Deferred - -- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. - -## Completed - -- Phase 299: Checkpoint reopen_trigger design (phase 299) diff --git a/docs/phase-301-checklist.md b/docs/phase-301-checklist.md deleted file mode 100644 index dd0e56a..0000000 --- a/docs/phase-301-checklist.md +++ /dev/null @@ -1,31 +0,0 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. - -# Phase 301 Checklist: Epoch 13 checkpoint formal phase 301 - -## Layer -kernel - -## Tag -native - -## Mode -implemented - -## Scope - -- [x] Deliverable: ROADMAP_151_350 band 301-325 -- [x] Consistent with [AXIOMS.md](AXIOMS.md) -- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) - -## Validation - -- [x] `cargo check -p kernel` -- [x] Smoke script when phase delivers runtime behavior - -## Deferred - -- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. - -## Completed - -- Phase 301: Checkpoint restore security domain (phase 301) diff --git a/docs/phase-302-checklist.md b/docs/phase-302-checklist.md deleted file mode 100644 index 46aebd7..0000000 --- a/docs/phase-302-checklist.md +++ /dev/null @@ -1,31 +0,0 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. - -# Phase 302 Checklist: Epoch 13 checkpoint formal phase 302 - -## Layer -kernel - -## Tag -native - -## Mode -implemented - -## Scope - -- [x] Deliverable: ROADMAP_151_350 band 301-325 -- [x] Consistent with [AXIOMS.md](AXIOMS.md) -- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) - -## Validation - -- [x] `cargo check -p kernel` -- [x] Smoke script when phase delivers runtime behavior - -## Deferred - -- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. - -## Completed - -- Phase 302: Checkpoint restore security domain (phase 302) diff --git a/docs/phase-303-checklist.md b/docs/phase-303-checklist.md deleted file mode 100644 index ca9ed59..0000000 --- a/docs/phase-303-checklist.md +++ /dev/null @@ -1,31 +0,0 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. - -# Phase 303 Checklist: Epoch 13 checkpoint formal phase 303 - -## Layer -kernel - -## Tag -native - -## Mode -implemented - -## Scope - -- [x] Deliverable: ROADMAP_151_350 band 301-325 -- [x] Consistent with [AXIOMS.md](AXIOMS.md) -- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) - -## Validation - -- [x] `cargo check -p kernel` -- [x] Smoke script when phase delivers runtime behavior - -## Deferred - -- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. - -## Completed - -- Phase 303: Checkpoint restore security domain (phase 303) diff --git a/docs/phase-304-checklist.md b/docs/phase-304-checklist.md deleted file mode 100644 index 29ac5c0..0000000 --- a/docs/phase-304-checklist.md +++ /dev/null @@ -1,31 +0,0 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. - -# Phase 304 Checklist: Epoch 13 checkpoint formal phase 304 - -## Layer -kernel - -## Tag -native - -## Mode -implemented - -## Scope - -- [x] Deliverable: ROADMAP_151_350 band 301-325 -- [x] Consistent with [AXIOMS.md](AXIOMS.md) -- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) - -## Validation - -- [x] `cargo check -p kernel` -- [x] Smoke script when phase delivers runtime behavior - -## Deferred - -- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. - -## Completed - -- Phase 304: Checkpoint restore security domain (phase 304) diff --git a/docs/phase-305-checklist.md b/docs/phase-305-checklist.md deleted file mode 100644 index 3f9a04e..0000000 --- a/docs/phase-305-checklist.md +++ /dev/null @@ -1,31 +0,0 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. - -# Phase 305 Checklist: Epoch 13 checkpoint formal phase 305 - -## Layer -kernel - -## Tag -native - -## Mode -implemented - -## Scope - -- [x] Deliverable: ROADMAP_151_350 band 301-325 -- [x] Consistent with [AXIOMS.md](AXIOMS.md) -- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) - -## Validation - -- [x] `cargo check -p kernel` -- [x] Smoke script when phase delivers runtime behavior - -## Deferred - -- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. - -## Completed - -- Phase 305: Checkpoint restore security domain (phase 305) diff --git a/docs/phase-306-checklist.md b/docs/phase-306-checklist.md deleted file mode 100644 index 1319dc1..0000000 --- a/docs/phase-306-checklist.md +++ /dev/null @@ -1,31 +0,0 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. - -# Phase 306 Checklist: Epoch 13 checkpoint formal phase 306 - -## Layer -kernel - -## Tag -native - -## Mode -implemented - -## Scope - -- [x] Deliverable: ROADMAP_151_350 band 301-325 -- [x] Consistent with [AXIOMS.md](AXIOMS.md) -- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) - -## Validation - -- [x] `cargo check -p kernel` -- [x] Smoke script when phase delivers runtime behavior - -## Deferred - -- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. - -## Completed - -- Phase 306: Checkpoint restore security domain (phase 306) diff --git a/docs/phase-307-checklist.md b/docs/phase-307-checklist.md deleted file mode 100644 index 1b6a55b..0000000 --- a/docs/phase-307-checklist.md +++ /dev/null @@ -1,31 +0,0 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. - -# Phase 307 Checklist: Epoch 13 checkpoint formal phase 307 - -## Layer -kernel - -## Tag -native - -## Mode -implemented - -## Scope - -- [x] Deliverable: ROADMAP_151_350 band 301-325 -- [x] Consistent with [AXIOMS.md](AXIOMS.md) -- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) - -## Validation - -- [x] `cargo check -p kernel` -- [x] Smoke script when phase delivers runtime behavior - -## Deferred - -- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. - -## Completed - -- Phase 307: Checkpoint restore security domain (phase 307) diff --git a/docs/phase-308-checklist.md b/docs/phase-308-checklist.md deleted file mode 100644 index b586aba..0000000 --- a/docs/phase-308-checklist.md +++ /dev/null @@ -1,31 +0,0 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. - -# Phase 308 Checklist: Epoch 13 checkpoint formal phase 308 - -## Layer -kernel - -## Tag -native - -## Mode -implemented - -## Scope - -- [x] Deliverable: ROADMAP_151_350 band 301-325 -- [x] Consistent with [AXIOMS.md](AXIOMS.md) -- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) - -## Validation - -- [x] `cargo check -p kernel` -- [x] Smoke script when phase delivers runtime behavior - -## Deferred - -- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. - -## Completed - -- Phase 308: Checkpoint restore security domain (phase 308) diff --git a/docs/phase-309-checklist.md b/docs/phase-309-checklist.md deleted file mode 100644 index 8672b9d..0000000 --- a/docs/phase-309-checklist.md +++ /dev/null @@ -1,31 +0,0 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. - -# Phase 309 Checklist: Epoch 13 checkpoint formal phase 309 - -## Layer -kernel - -## Tag -native - -## Mode -implemented - -## Scope - -- [x] Deliverable: ROADMAP_151_350 band 301-325 -- [x] Consistent with [AXIOMS.md](AXIOMS.md) -- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) - -## Validation - -- [x] `cargo check -p kernel` -- [x] Smoke script when phase delivers runtime behavior - -## Deferred - -- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. - -## Completed - -- Phase 309: Checkpoint restore security domain (phase 309) diff --git a/docs/phase-310-checklist.md b/docs/phase-310-checklist.md deleted file mode 100644 index c52e344..0000000 --- a/docs/phase-310-checklist.md +++ /dev/null @@ -1,31 +0,0 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. - -# Phase 310 Checklist: Epoch 13 checkpoint formal phase 310 - -## Layer -kernel - -## Tag -native - -## Mode -implemented - -## Scope - -- [x] Deliverable: ROADMAP_151_350 band 301-325 -- [x] Consistent with [AXIOMS.md](AXIOMS.md) -- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) - -## Validation - -- [x] `cargo check -p kernel` -- [x] Smoke script when phase delivers runtime behavior - -## Deferred - -- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. - -## Completed - -- Phase 310: Checkpoint restore security domain (phase 310) diff --git a/docs/phase-315-checklist.md b/docs/phase-315-checklist.md deleted file mode 100644 index 4bca430..0000000 --- a/docs/phase-315-checklist.md +++ /dev/null @@ -1,31 +0,0 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. - -# Phase 315 Checklist: Epoch 13 checkpoint formal phase 315 - -## Layer -kernel - -## Tag -native - -## Mode -implemented - -## Scope - -- [x] Deliverable: ROADMAP_151_350 band 301-325 -- [x] Consistent with [AXIOMS.md](AXIOMS.md) -- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) - -## Validation - -- [x] `cargo check -p kernel` -- [x] Smoke script when phase delivers runtime behavior - -## Deferred - -- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. - -## Completed - -- Phase 315: FORMAL_MODEL Tier D Verus (phase 315) diff --git a/docs/phase-316-checklist.md b/docs/phase-316-checklist.md deleted file mode 100644 index 91e24f4..0000000 --- a/docs/phase-316-checklist.md +++ /dev/null @@ -1,31 +0,0 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. - -# Phase 316 Checklist: Epoch 13 checkpoint formal phase 316 - -## Layer -kernel - -## Tag -native - -## Mode -implemented - -## Scope - -- [x] Deliverable: ROADMAP_151_350 band 301-325 -- [x] Consistent with [AXIOMS.md](AXIOMS.md) -- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) - -## Validation - -- [x] `cargo check -p kernel` -- [x] Smoke script when phase delivers runtime behavior - -## Deferred - -- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. - -## Completed - -- Phase 316: FORMAL_MODEL Tier D Verus (phase 316) diff --git a/docs/phase-317-checklist.md b/docs/phase-317-checklist.md deleted file mode 100644 index 5cab1c5..0000000 --- a/docs/phase-317-checklist.md +++ /dev/null @@ -1,31 +0,0 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. - -# Phase 317 Checklist: Epoch 13 checkpoint formal phase 317 - -## Layer -kernel - -## Tag -native - -## Mode -implemented - -## Scope - -- [x] Deliverable: ROADMAP_151_350 band 301-325 -- [x] Consistent with [AXIOMS.md](AXIOMS.md) -- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) - -## Validation - -- [x] `cargo check -p kernel` -- [x] Smoke script when phase delivers runtime behavior - -## Deferred - -- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. - -## Completed - -- Phase 317: FORMAL_MODEL Tier D Verus (phase 317) diff --git a/docs/phase-318-checklist.md b/docs/phase-318-checklist.md deleted file mode 100644 index 78af0a8..0000000 --- a/docs/phase-318-checklist.md +++ /dev/null @@ -1,31 +0,0 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. - -# Phase 318 Checklist: Epoch 13 checkpoint formal phase 318 - -## Layer -kernel - -## Tag -native - -## Mode -implemented - -## Scope - -- [x] Deliverable: ROADMAP_151_350 band 301-325 -- [x] Consistent with [AXIOMS.md](AXIOMS.md) -- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) - -## Validation - -- [x] `cargo check -p kernel` -- [x] Smoke script when phase delivers runtime behavior - -## Deferred - -- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. - -## Completed - -- Phase 318: FORMAL_MODEL Tier D Verus (phase 318) diff --git a/docs/phase-319-checklist.md b/docs/phase-319-checklist.md deleted file mode 100644 index 005e2a8..0000000 --- a/docs/phase-319-checklist.md +++ /dev/null @@ -1,31 +0,0 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. - -# Phase 319 Checklist: Epoch 13 checkpoint formal phase 319 - -## Layer -kernel - -## Tag -native - -## Mode -implemented - -## Scope - -- [x] Deliverable: ROADMAP_151_350 band 301-325 -- [x] Consistent with [AXIOMS.md](AXIOMS.md) -- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) - -## Validation - -- [x] `cargo check -p kernel` -- [x] Smoke script when phase delivers runtime behavior - -## Deferred - -- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. - -## Completed - -- Phase 319: FORMAL_MODEL Tier D Verus (phase 319) diff --git a/docs/phase-320-checklist.md b/docs/phase-320-checklist.md deleted file mode 100644 index de2a013..0000000 --- a/docs/phase-320-checklist.md +++ /dev/null @@ -1,31 +0,0 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. - -# Phase 320 Checklist: Epoch 13 checkpoint formal phase 320 - -## Layer -kernel - -## Tag -native - -## Mode -implemented - -## Scope - -- [x] Deliverable: ROADMAP_151_350 band 301-325 -- [x] Consistent with [AXIOMS.md](AXIOMS.md) -- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) - -## Validation - -- [x] `cargo check -p kernel` -- [x] Smoke script when phase delivers runtime behavior - -## Deferred - -- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. - -## Completed - -- Phase 320: FORMAL_MODEL Tier D Verus (phase 320) diff --git a/docs/phase-321-checklist.md b/docs/phase-321-checklist.md deleted file mode 100644 index 8b81ea3..0000000 --- a/docs/phase-321-checklist.md +++ /dev/null @@ -1,31 +0,0 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. - -# Phase 321 Checklist: Epoch 13 checkpoint formal phase 321 - -## Layer -kernel - -## Tag -native - -## Mode -implemented - -## Scope - -- [x] Deliverable: ROADMAP_151_350 band 301-325 -- [x] Consistent with [AXIOMS.md](AXIOMS.md) -- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) - -## Validation - -- [x] `cargo check -p kernel` -- [x] Smoke script when phase delivers runtime behavior - -## Deferred - -- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. - -## Completed - -- Phase 321: Never-stabilize graduation 1.0 (phase 321) diff --git a/docs/phase-322-checklist.md b/docs/phase-322-checklist.md deleted file mode 100644 index f1c7169..0000000 --- a/docs/phase-322-checklist.md +++ /dev/null @@ -1,31 +0,0 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. - -# Phase 322 Checklist: Epoch 13 checkpoint formal phase 322 - -## Layer -kernel - -## Tag -native - -## Mode -implemented - -## Scope - -- [x] Deliverable: ROADMAP_151_350 band 301-325 -- [x] Consistent with [AXIOMS.md](AXIOMS.md) -- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) - -## Validation - -- [x] `cargo check -p kernel` -- [x] Smoke script when phase delivers runtime behavior - -## Deferred - -- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. - -## Completed - -- Phase 322: Never-stabilize graduation 1.0 (phase 322) diff --git a/docs/phase-323-checklist.md b/docs/phase-323-checklist.md deleted file mode 100644 index 8de546f..0000000 --- a/docs/phase-323-checklist.md +++ /dev/null @@ -1,31 +0,0 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. - -# Phase 323 Checklist: Epoch 13 checkpoint formal phase 323 - -## Layer -kernel - -## Tag -native - -## Mode -implemented - -## Scope - -- [x] Deliverable: ROADMAP_151_350 band 301-325 -- [x] Consistent with [AXIOMS.md](AXIOMS.md) -- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) - -## Validation - -- [x] `cargo check -p kernel` -- [x] Smoke script when phase delivers runtime behavior - -## Deferred - -- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. - -## Completed - -- Phase 323: Never-stabilize graduation 1.0 (phase 323) diff --git a/docs/phase-324-checklist.md b/docs/phase-324-checklist.md deleted file mode 100644 index 461f8f1..0000000 --- a/docs/phase-324-checklist.md +++ /dev/null @@ -1,31 +0,0 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. - -# Phase 324 Checklist: Epoch 13 checkpoint formal phase 324 - -## Layer -kernel - -## Tag -native - -## Mode -implemented - -## Scope - -- [x] Deliverable: ROADMAP_151_350 band 301-325 -- [x] Consistent with [AXIOMS.md](AXIOMS.md) -- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) - -## Validation - -- [x] `cargo check -p kernel` -- [x] Smoke script when phase delivers runtime behavior - -## Deferred - -- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. - -## Completed - -- Phase 324: Never-stabilize graduation 1.0 (phase 324) diff --git a/docs/phase-325-checklist.md b/docs/phase-325-checklist.md deleted file mode 100644 index a54a76b..0000000 --- a/docs/phase-325-checklist.md +++ /dev/null @@ -1,31 +0,0 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. - -# Phase 325 Checklist: Epoch 13 checkpoint formal phase 325 - -## Layer -kernel - -## Tag -native - -## Mode -implemented - -## Scope - -- [x] Deliverable: ROADMAP_151_350 band 301-325 -- [x] Consistent with [AXIOMS.md](AXIOMS.md) -- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) - -## Validation - -- [x] `cargo check -p kernel` -- [x] Smoke script when phase delivers runtime behavior - -## Deferred - -- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. - -## Completed - -- Phase 325: Never-stabilize graduation 1.0 (phase 325) diff --git a/docs/phase-330-checklist.md b/docs/phase-330-checklist.md deleted file mode 100644 index f8ab281..0000000 --- a/docs/phase-330-checklist.md +++ /dev/null @@ -1,31 +0,0 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. - -# Phase 330 Checklist: Epoch 14 release phase 330 - -## Layer -governance - -## Tag -native - -## Mode -implemented - -## Scope - -- [x] Deliverable: ROADMAP_151_350 band 326-350 -- [x] Consistent with [AXIOMS.md](AXIOMS.md) -- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) - -## Validation - -- [x] `cargo check -p kernel` -- [x] Smoke script when phase delivers runtime behavior - -## Deferred - -- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. - -## Completed - -- Phase 330: Never-stabilize graduation 1.0 (phase 330) diff --git a/docs/phase-331-checklist.md b/docs/phase-331-checklist.md deleted file mode 100644 index 734e042..0000000 --- a/docs/phase-331-checklist.md +++ /dev/null @@ -1,31 +0,0 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. - -# Phase 331 Checklist: Epoch 14 release phase 331 - -## Layer -governance - -## Tag -native - -## Mode -implemented - -## Scope - -- [x] Deliverable: ROADMAP_151_350 band 326-350 -- [x] Consistent with [AXIOMS.md](AXIOMS.md) -- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) - -## Validation - -- [x] `cargo check -p kernel` -- [x] Smoke script when phase delivers runtime behavior - -## Deferred - -- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. - -## Completed - -- Phase 331: Public SECURITY CONTRIBUTING GPG gates (phase 331) diff --git a/docs/phase-332-checklist.md b/docs/phase-332-checklist.md deleted file mode 100644 index adc4367..0000000 --- a/docs/phase-332-checklist.md +++ /dev/null @@ -1,31 +0,0 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. - -# Phase 332 Checklist: Epoch 14 release phase 332 - -## Layer -governance - -## Tag -native - -## Mode -implemented - -## Scope - -- [x] Deliverable: ROADMAP_151_350 band 326-350 -- [x] Consistent with [AXIOMS.md](AXIOMS.md) -- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) - -## Validation - -- [x] `cargo check -p kernel` -- [x] Smoke script when phase delivers runtime behavior - -## Deferred - -- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. - -## Completed - -- Phase 332: Public SECURITY CONTRIBUTING GPG gates (phase 332) diff --git a/docs/phase-333-checklist.md b/docs/phase-333-checklist.md deleted file mode 100644 index 3291313..0000000 --- a/docs/phase-333-checklist.md +++ /dev/null @@ -1,31 +0,0 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. - -# Phase 333 Checklist: Epoch 14 release phase 333 - -## Layer -governance - -## Tag -native - -## Mode -implemented - -## Scope - -- [x] Deliverable: ROADMAP_151_350 band 326-350 -- [x] Consistent with [AXIOMS.md](AXIOMS.md) -- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) - -## Validation - -- [x] `cargo check -p kernel` -- [x] Smoke script when phase delivers runtime behavior - -## Deferred - -- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. - -## Completed - -- Phase 333: Public SECURITY CONTRIBUTING GPG gates (phase 333) diff --git a/docs/phase-334-checklist.md b/docs/phase-334-checklist.md deleted file mode 100644 index 12cd567..0000000 --- a/docs/phase-334-checklist.md +++ /dev/null @@ -1,31 +0,0 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. - -# Phase 334 Checklist: Epoch 14 release phase 334 - -## Layer -governance - -## Tag -native - -## Mode -implemented - -## Scope - -- [x] Deliverable: ROADMAP_151_350 band 326-350 -- [x] Consistent with [AXIOMS.md](AXIOMS.md) -- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) - -## Validation - -- [x] `cargo check -p kernel` -- [x] Smoke script when phase delivers runtime behavior - -## Deferred - -- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. - -## Completed - -- Phase 334: Public SECURITY CONTRIBUTING GPG gates (phase 334) diff --git a/docs/phase-335-checklist.md b/docs/phase-335-checklist.md deleted file mode 100644 index 8b6e2a5..0000000 --- a/docs/phase-335-checklist.md +++ /dev/null @@ -1,31 +0,0 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. - -# Phase 335 Checklist: Epoch 14 release phase 335 - -## Layer -governance - -## Tag -native - -## Mode -implemented - -## Scope - -- [x] Deliverable: ROADMAP_151_350 band 326-350 -- [x] Consistent with [AXIOMS.md](AXIOMS.md) -- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) - -## Validation - -- [x] `cargo check -p kernel` -- [x] Smoke script when phase delivers runtime behavior - -## Deferred - -- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. - -## Completed - -- Phase 335: Public SECURITY CONTRIBUTING GPG gates (phase 335) diff --git a/docs/phase-336-checklist.md b/docs/phase-336-checklist.md deleted file mode 100644 index aaf87b5..0000000 --- a/docs/phase-336-checklist.md +++ /dev/null @@ -1,31 +0,0 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. - -# Phase 336 Checklist: Epoch 14 release phase 336 - -## Layer -governance - -## Tag -native - -## Mode -implemented - -## Scope - -- [x] Deliverable: ROADMAP_151_350 band 326-350 -- [x] Consistent with [AXIOMS.md](AXIOMS.md) -- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) - -## Validation - -- [x] `cargo check -p kernel` -- [x] Smoke script when phase delivers runtime behavior - -## Deferred - -- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. - -## Completed - -- Phase 336: Public SECURITY CONTRIBUTING GPG gates (phase 336) diff --git a/docs/phase-337-checklist.md b/docs/phase-337-checklist.md deleted file mode 100644 index 4965941..0000000 --- a/docs/phase-337-checklist.md +++ /dev/null @@ -1,31 +0,0 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. - -# Phase 337 Checklist: Epoch 14 release phase 337 - -## Layer -governance - -## Tag -native - -## Mode -implemented - -## Scope - -- [x] Deliverable: ROADMAP_151_350 band 326-350 -- [x] Consistent with [AXIOMS.md](AXIOMS.md) -- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) - -## Validation - -- [x] `cargo check -p kernel` -- [x] Smoke script when phase delivers runtime behavior - -## Deferred - -- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. - -## Completed - -- Phase 337: Public SECURITY CONTRIBUTING GPG gates (phase 337) diff --git a/docs/phase-338-checklist.md b/docs/phase-338-checklist.md deleted file mode 100644 index 53184e0..0000000 --- a/docs/phase-338-checklist.md +++ /dev/null @@ -1,31 +0,0 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. - -# Phase 338 Checklist: Epoch 14 release phase 338 - -## Layer -governance - -## Tag -native - -## Mode -implemented - -## Scope - -- [x] Deliverable: ROADMAP_151_350 band 326-350 -- [x] Consistent with [AXIOMS.md](AXIOMS.md) -- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) - -## Validation - -- [x] `cargo check -p kernel` -- [x] Smoke script when phase delivers runtime behavior - -## Deferred - -- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. - -## Completed - -- Phase 338: Public SECURITY CONTRIBUTING GPG gates (phase 338) diff --git a/docs/phase-339-checklist.md b/docs/phase-339-checklist.md deleted file mode 100644 index 2b6786a..0000000 --- a/docs/phase-339-checklist.md +++ /dev/null @@ -1,31 +0,0 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. - -# Phase 339 Checklist: Epoch 14 release phase 339 - -## Layer -governance - -## Tag -native - -## Mode -implemented - -## Scope - -- [x] Deliverable: ROADMAP_151_350 band 326-350 -- [x] Consistent with [AXIOMS.md](AXIOMS.md) -- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) - -## Validation - -- [x] `cargo check -p kernel` -- [x] Smoke script when phase delivers runtime behavior - -## Deferred - -- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. - -## Completed - -- Phase 339: Public SECURITY CONTRIBUTING GPG gates (phase 339) diff --git a/docs/phase-340-checklist.md b/docs/phase-340-checklist.md deleted file mode 100644 index f85f120..0000000 --- a/docs/phase-340-checklist.md +++ /dev/null @@ -1,31 +0,0 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. - -# Phase 340 Checklist: Epoch 14 release phase 340 - -## Layer -governance - -## Tag -native - -## Mode -implemented - -## Scope - -- [x] Deliverable: ROADMAP_151_350 band 326-350 -- [x] Consistent with [AXIOMS.md](AXIOMS.md) -- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) - -## Validation - -- [x] `cargo check -p kernel` -- [x] Smoke script when phase delivers runtime behavior - -## Deferred - -- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. - -## Completed - -- Phase 340: Public SECURITY CONTRIBUTING GPG gates (phase 340) diff --git a/docs/phase-341-checklist.md b/docs/phase-341-checklist.md deleted file mode 100644 index 2f4856a..0000000 --- a/docs/phase-341-checklist.md +++ /dev/null @@ -1,31 +0,0 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. - -# Phase 341 Checklist: Epoch 14 release phase 341 - -## Layer -governance - -## Tag -native - -## Mode -implemented - -## Scope - -- [x] Deliverable: ROADMAP_151_350 band 326-350 -- [x] Consistent with [AXIOMS.md](AXIOMS.md) -- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) - -## Validation - -- [x] `cargo check -p kernel` -- [x] Smoke script when phase delivers runtime behavior - -## Deferred - -- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. - -## Completed - -- Phase 341: Release scorecard compat sunset (phase 341) diff --git a/docs/phase-342-checklist.md b/docs/phase-342-checklist.md deleted file mode 100644 index 24866d2..0000000 --- a/docs/phase-342-checklist.md +++ /dev/null @@ -1,31 +0,0 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. - -# Phase 342 Checklist: Epoch 14 release phase 342 - -## Layer -governance - -## Tag -native - -## Mode -implemented - -## Scope - -- [x] Deliverable: ROADMAP_151_350 band 326-350 -- [x] Consistent with [AXIOMS.md](AXIOMS.md) -- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) - -## Validation - -- [x] `cargo check -p kernel` -- [x] Smoke script when phase delivers runtime behavior - -## Deferred - -- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. - -## Completed - -- Phase 342: Release scorecard compat sunset (phase 342) diff --git a/docs/phase-343-checklist.md b/docs/phase-343-checklist.md deleted file mode 100644 index ae91b8b..0000000 --- a/docs/phase-343-checklist.md +++ /dev/null @@ -1,31 +0,0 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. - -# Phase 343 Checklist: Epoch 14 release phase 343 - -## Layer -governance - -## Tag -native - -## Mode -implemented - -## Scope - -- [x] Deliverable: ROADMAP_151_350 band 326-350 -- [x] Consistent with [AXIOMS.md](AXIOMS.md) -- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) - -## Validation - -- [x] `cargo check -p kernel` -- [x] Smoke script when phase delivers runtime behavior - -## Deferred - -- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. - -## Completed - -- Phase 343: Release scorecard compat sunset (phase 343) diff --git a/docs/phase-344-checklist.md b/docs/phase-344-checklist.md deleted file mode 100644 index 4ebfd50..0000000 --- a/docs/phase-344-checklist.md +++ /dev/null @@ -1,31 +0,0 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. - -# Phase 344 Checklist: Epoch 14 release phase 344 - -## Layer -governance - -## Tag -native - -## Mode -implemented - -## Scope - -- [x] Deliverable: ROADMAP_151_350 band 326-350 -- [x] Consistent with [AXIOMS.md](AXIOMS.md) -- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) - -## Validation - -- [x] `cargo check -p kernel` -- [x] Smoke script when phase delivers runtime behavior - -## Deferred - -- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. - -## Completed - -- Phase 344: Release scorecard compat sunset (phase 344) diff --git a/docs/phase-345-checklist.md b/docs/phase-345-checklist.md deleted file mode 100644 index 9859ad5..0000000 --- a/docs/phase-345-checklist.md +++ /dev/null @@ -1,31 +0,0 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. - -# Phase 345 Checklist: Epoch 14 release phase 345 - -## Layer -governance - -## Tag -native - -## Mode -implemented - -## Scope - -- [x] Deliverable: ROADMAP_151_350 band 326-350 -- [x] Consistent with [AXIOMS.md](AXIOMS.md) -- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) - -## Validation - -- [x] `cargo check -p kernel` -- [x] Smoke script when phase delivers runtime behavior - -## Deferred - -- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. - -## Completed - -- Phase 345: Release scorecard compat sunset (phase 345) diff --git a/docs/phase-346-checklist.md b/docs/phase-346-checklist.md deleted file mode 100644 index 11988c5..0000000 --- a/docs/phase-346-checklist.md +++ /dev/null @@ -1,31 +0,0 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. - -# Phase 346 Checklist: Epoch 14 release phase 346 - -## Layer -governance - -## Tag -native - -## Mode -implemented - -## Scope - -- [x] Deliverable: ROADMAP_151_350 band 326-350 -- [x] Consistent with [AXIOMS.md](AXIOMS.md) -- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) - -## Validation - -- [x] `cargo check -p kernel` -- [x] Smoke script when phase delivers runtime behavior - -## Deferred - -- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. - -## Completed - -- Phase 346: Release scorecard compat sunset (phase 346) diff --git a/docs/phase-347-checklist.md b/docs/phase-347-checklist.md deleted file mode 100644 index 4a303ee..0000000 --- a/docs/phase-347-checklist.md +++ /dev/null @@ -1,31 +0,0 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. - -# Phase 347 Checklist: Epoch 14 release phase 347 - -## Layer -governance - -## Tag -native - -## Mode -implemented - -## Scope - -- [x] Deliverable: ROADMAP_151_350 band 326-350 -- [x] Consistent with [AXIOMS.md](AXIOMS.md) -- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) - -## Validation - -- [x] `cargo check -p kernel` -- [x] Smoke script when phase delivers runtime behavior - -## Deferred - -- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. - -## Completed - -- Phase 347: Release scorecard compat sunset (phase 347) diff --git a/docs/phase-348-checklist.md b/docs/phase-348-checklist.md deleted file mode 100644 index 60c2156..0000000 --- a/docs/phase-348-checklist.md +++ /dev/null @@ -1,31 +0,0 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. - -# Phase 348 Checklist: Epoch 14 release phase 348 - -## Layer -governance - -## Tag -native - -## Mode -implemented - -## Scope - -- [x] Deliverable: ROADMAP_151_350 band 326-350 -- [x] Consistent with [AXIOMS.md](AXIOMS.md) -- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) - -## Validation - -- [x] `cargo check -p kernel` -- [x] Smoke script when phase delivers runtime behavior - -## Deferred - -- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. - -## Completed - -- Phase 348: Release scorecard compat sunset (phase 348) diff --git a/docs/phase-349-checklist.md b/docs/phase-349-checklist.md deleted file mode 100644 index 6e937f8..0000000 --- a/docs/phase-349-checklist.md +++ /dev/null @@ -1,31 +0,0 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. - -# Phase 349 Checklist: Epoch 14 release phase 349 - -## Layer -governance - -## Tag -native - -## Mode -implemented - -## Scope - -- [x] Deliverable: ROADMAP_151_350 band 326-350 -- [x] Consistent with [AXIOMS.md](AXIOMS.md) -- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) - -## Validation - -- [x] `cargo check -p kernel` -- [x] Smoke script when phase delivers runtime behavior - -## Deferred - -- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. - -## Completed - -- Phase 349: Release scorecard compat sunset (phase 349) diff --git a/docs/phase-40-checklist.md b/docs/phase-40-checklist.md deleted file mode 100644 index ffa0e81..0000000 --- a/docs/phase-40-checklist.md +++ /dev/null @@ -1,20 +0,0 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. - -# Phase 40 Checklist: Integration Milestone - -## Scope - -- [x] `phase40_integration_smoke` validates cumulative phase 31–39 counters. -- [x] Covered by boot gate `sched_userspace` (`AresOS-BootGate: name=sched_userspace ok=true`) -- [x] Validation matrix entries for phases 31–40. - -## Validation - -- [x] `cargo check -p kernel` -- [x] `cargo test -p kernel --features preemption --test preemption_integration` -- [x] `python scripts/gate/boot.py --phase 40 --timeout 180 -- [x] `python scripts/validation_matrix.py` (phases 31–40 in full matrix; PASS 2026-05-22) - -## Deferred - -- [ ] Full arbitrary ELF execution; production SMP scheduling (see phases 43–49). diff --git a/docs/phase-60-checklist.md b/docs/phase-60-checklist.md deleted file mode 100644 index 8f0e4a8..0000000 --- a/docs/phase-60-checklist.md +++ /dev/null @@ -1,20 +0,0 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. - -# Phase 60 Checklist: Integration Milestone (51–59) - -## Scope - -- [x] `phase60_integration_smoke` validates cumulative phase 51–59 counters. -- [x] Covered by boot gate `fd_mmap` (`AresOS-BootGate: name=fd_mmap ok=true`) -- [x] Validation matrix entries for phases 51–60. - -## Validation - -- [x] `cargo check -p kernel` -- [x] `cargo test -p kernel --features preemption --test preemption_integration` -- [x] `python scripts/gate/boot.py --phase 60 --timeout 180 -- [ ] `python scripts/validation_matrix.py --from-check phase51-proc-fd-check` (optional full matrix) - -## Deferred - -- [ ] Production SMP; arbitrary ELF; full VMA tree. diff --git a/docs/process/BUILD_INTEGRITY.md b/docs/process/BUILD_INTEGRITY.md index 598d543..38c8fc2 100644 --- a/docs/process/BUILD_INTEGRITY.md +++ b/docs/process/BUILD_INTEGRITY.md @@ -12,7 +12,7 @@ status: authoritative semantics_version: 1.0.0 ``` -Epoch 2 prereq; phases 131–133 implementation. Epoch 0 stub. +Epoch 2 prereq; scopes 131–133 implementation. Epoch 0 stub. --- @@ -30,8 +30,8 @@ Epoch 2 prereq; phases 131–133 implementation. Epoch 0 stub. |------|--------| | Tool manifest | `scripts/repro-manifest.toml` (rustc, llvm, linker pins) | | Dual-build hash | stub CI — compare `target/` kernel hash twice same source | -| `install_userland.py` | FS install hook for `ares-rt` demo | -| Signed images | phases 131–133 | +| `install_userland.py` | FS install hook for `clan-rt` demo | +| Signed images | scopes 131–133 | ### Reproducibility manifest (stub) @@ -41,7 +41,7 @@ rustc = "stable" target = "x86_64-unknown-none" ``` -QEMU scripts: `python scripts/gate/legacy.py --phase 201 --timeout 180`, `python scripts/gate/legacy.py --phase 134 --timeout 180`, `python scripts/gate/legacy.py --phase 404 --timeout 180`, `python scripts/gate/legacy.py --phase 149 --timeout 180`, `python scripts/gate/legacy.py --phase 150 --timeout 180`. +QEMU scripts: `python scripts/gate/boot.py --gate virtio_blk --timeout 180`, `python scripts/gate/boot.py --gate build_endpoints --timeout 180`, `python scripts/gate/boot.py --gate network_compat --timeout 180`, `python scripts/gate/boot.py --gate scheduler_epoch --timeout 180`, `python scripts/gate/boot.py --gate boundary --timeout 180`. --- diff --git a/docs/process/COMPAT_SUNSET.md b/docs/process/COMPAT_SUNSET.md index ab9fb50..06f6893 100644 --- a/docs/process/COMPAT_SUNSET.md +++ b/docs/process/COMPAT_SUNSET.md @@ -28,7 +28,7 @@ Reviewed at **every epoch gate** in commit body + validation matrix. | Mechanism | Tracks | |-----------|--------| -| `ipc-bridge-compat-internal` | IPC bridge call sites (phases 122–133) → **zero by phase 134** | +| `ipc-bridge-compat-internal` | IPC bridge call sites (scopes 122–133) → **zero by scope 134** | | COMPAT_SUNSET metric | Compat socket ABI, ELF path, FD substrate (epoch 4+) | --- diff --git a/docs/process/DECISION_LOG.md b/docs/process/DECISION_LOG.md index 70882c1..3023fe2 100644 --- a/docs/process/DECISION_LOG.md +++ b/docs/process/DECISION_LOG.md @@ -14,7 +14,7 @@ semantics_version: 1.1.0 Records alternatives considered, rationale, and epoch. **Routine decisions** are encouraged but non-gating. -**Gated decisions** (see `phase_checklist_schema.toml` `[required_decisions]`): a `DECISION_LOG` entry is **required before phase close** for the epoch where the decision is made. +**Gated decisions** (see `scope_checklist_schema.toml` `[required_decisions]`): a `DECISION_LOG` entry is **required before scope close** for the epoch where the decision is made. --- @@ -26,7 +26,7 @@ Records alternatives considered, rationale, and epoch. **Routine decisions** are **Alternatives:** priority inheritance; priority ceiling; explicit denial (no inheritance) **Decision:** **Priority ceiling** — when a task holds a cap blocking a higher-priority client, the holder runs at the ceiling of blocked priorities for the duration of the critical section (cap held across syscall/wait). **Rationale:** Bounded latency without unbounded inheritance chains; matches broker-centric epoch 1 architecture. -**Consequences:** `SCHEDULER_MODEL.md` § Priority ceiling; Kani target before phase 128 brokers. +**Consequences:** `SCHEDULER_MODEL.md` § Priority ceiling; Kani target before scope 128 brokers. ### r_destroy_notify_ordering — R-destroy-notify delivery ordering (epoch 0) @@ -74,7 +74,7 @@ Records alternatives considered, rationale, and epoch. **Routine decisions** are **Alternatives:** kernel TCB driver; process + device caps; hybrid **Decision:** **Hybrid** — kernel provides MMIO/IRQ trampoline and DMA mapping gates; **userspace driver host** holds `device.*` caps and virtio protocol stack. **Rationale:** Minimizes TCB while meeting virtio-blk/net epoch 2 schedule; aligns with GpuContext/userspace driver pattern. -**Consequences:** `DRIVER_MODEL.md`; VIRTIO_SAFETY.md boundary; phase 122+ driver host checklist. +**Consequences:** `DRIVER_MODEL.md`; VIRTIO_SAFETY.md boundary; scope 122+ driver host checklist. ### suspend_flush_timeout — Suspend flush timeout behavior (epoch 0) diff --git a/docs/process/EPOCH_FAILURE_PROCEDURE.md b/docs/process/EPOCH_FAILURE_PROCEDURE.md index 245dd92..e21544b 100644 --- a/docs/process/EPOCH_FAILURE_PROCEDURE.md +++ b/docs/process/EPOCH_FAILURE_PROCEDURE.md @@ -18,13 +18,13 @@ See [`CHARTER.md`](../CHARTER.md), [`DESIGN_NORTH_STAR.md`](DESIGN_NORTH_STAR.md ## Stale epoch -Epoch marked stale on compound hard-gate failure or unresolved cross-doc drift. Recovery budget: ~2 phase-cycles; beyond → charter-level decision. +Epoch marked stale on compound hard-gate failure or unresolved cross-doc drift. Recovery budget: ~2 scope-cycles; beyond → charter-level decision. --- ## Benchmark regression -Multi-phase regression uses bisection. Standard tool: `scripts/project_health.py --bisect <metric> <start> <end>` — binary search over git log re-running health checks. +Multi-scope regression uses bisection. Standard tool: `scripts/project_health.py --bisect <metric> <start> <end>` — binary search over git log re-running health checks. --- @@ -36,7 +36,7 @@ Signed image must be reproducible from tagged source. Divergence procedures docu ## CAP_REGISTRY reconciliation -Registry ↔ markdown mismatch → epoch stale. Owner = phase owner who introduced drift. +Registry ↔ markdown mismatch → epoch stale. Owner = scope owner who introduced drift. --- @@ -54,7 +54,7 @@ Additive/clarification semver OK with second reviewer. Breaking foundational cha ## Soak test failure -Triage owner: epoch lead or named soak owner. Distinct from phase revert path. +Triage owner: epoch lead or named soak owner. Distinct from scope revert path. --- diff --git a/docs/process/README.md b/docs/process/README.md index 54ec382..96ccd1a 100644 --- a/docs/process/README.md +++ b/docs/process/README.md @@ -1,4 +1,4 @@ -# AresOS Process and Governance Docs +# Clan OS Process and Governance Docs Canonical process/policy docs migrated from flat `docs/` during Track 1. diff --git a/docs/process/UNSAFE_AUDIT.md b/docs/process/UNSAFE_AUDIT.md index 99b34b2..035dd59 100644 --- a/docs/process/UNSAFE_AUDIT.md +++ b/docs/process/UNSAFE_AUDIT.md @@ -12,7 +12,7 @@ status: authoritative semantics_version: 1.0.0 ``` -Policy for `unsafe` Rust, `extern "C"` FFI, and TCB-adjacent code in the AresOS kernel. +Policy for `unsafe` Rust, `extern "C"` FFI, and TCB-adjacent code in the Clan OS kernel. --- diff --git a/docs/proofs/README.md b/docs/proofs/README.md index 93112c1..b26b735 100644 --- a/docs/proofs/README.md +++ b/docs/proofs/README.md @@ -1,4 +1,4 @@ -# AresOS Proof and Verification Docs +# Clan OS Proof and Verification Docs | Doc | Path | |-----|------| diff --git a/docs/phase-1-checklist.md b/docs/scope-1-checklist.md similarity index 84% rename from docs/phase-1-checklist.md rename to docs/scope-1-checklist.md index fa9e31d..a811ac9 100644 --- a/docs/phase-1-checklist.md +++ b/docs/scope-1-checklist.md @@ -1,11 +1,11 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. -# Phase 1 Completion Checklist (Boot) +# Scope 1 Completion Checklist (Boot) Date: 2026-03-17 ## Scope -Phase 1 roadmap goals: +Scope 1 roadmap goals: - freestanding Rust kernel - bootloader integration - basic screen output @@ -22,8 +22,8 @@ Phase 1 roadmap goals: - Result: pass (unit tests + `basic_boot`, `heap_allocation`, `stack_overflow`) ## Notes -- Phase 1 is considered complete and stable. -- Current development focus continues in scheduler/preemption groundwork (Phase 4-aligned work). +- Scope 1 is considered complete and stable. +- Current development focus continues in scheduler/preemption groundwork (Scope 4-aligned work). ## Validation diff --git a/docs/phase-10-checklist.md b/docs/scope-10-checklist.md similarity index 77% rename from docs/phase-10-checklist.md rename to docs/scope-10-checklist.md index 0d6398a..8524c15 100644 --- a/docs/phase-10-checklist.md +++ b/docs/scope-10-checklist.md @@ -1,6 +1,6 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. -# Phase 10 Checklist +# Scope 10 Checklist Status: Complete @@ -13,8 +13,8 @@ Status: Complete - [x] Add process ownership metadata and checked kill policy. - [x] Add shell observability commands: `whoami`, `su`, `stat`, and `chmod +x|-x`. - [x] Add syscall counters for current identity and denied access. -- [x] Covered by boot gate `loader_security` (`AresOS-BootGate: name=loader_security ok=true`) -- [x] Add QEMU-backed `phase10-security-check` validation and matrix coverage. +- [x] Covered by boot gate `loader_security` (`ClanOS-BootGate: name=loader_security ok=true`) +- [x] Add QEMU-backed boot gate validation (`scripts/gate/boot.py --gate loader_security`) and matrix coverage. Exit gate: @@ -22,13 +22,13 @@ Exit gate: - [x] User can create, read, write, and delete own regular files. - [x] Loader denies launch when execute permission is missing. - [x] User cannot terminate admin-owned processes. -- [x] Phase 10 smoke output is machine-validated. +- [x] Scope 10 smoke output is machine-validated. ## Validation ```bash cargo check -p kernel -python scripts/gate/boot.py --phase 10 --timeout 180 +python scripts/gate/boot.py --gate loader_security --timeout 180 python scripts/validation_matrix.py --smoke-timeout 180 ``` diff --git a/docs/phase-100-checklist.md b/docs/scope-100-checklist.md similarity index 55% rename from docs/phase-100-checklist.md rename to docs/scope-100-checklist.md index 228face..aa8c2c0 100644 --- a/docs/phase-100-checklist.md +++ b/docs/scope-100-checklist.md @@ -1,19 +1,19 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. -# Phase 100 Checklist: Integration Milestone (91–99) +# Scope 100 Checklist: Integration Milestone (91–99) ## Scope -- [x] `phase100_integration_smoke` validates cumulative phase 91–99 counters (no nested re-run). -- [x] Covered by boot gate `smp_depth` (`AresOS-BootGate: name=smp_depth ok=true`) -- [x] Validation matrix entries for phases 91–100. +- [x] `smoke_smp_depth_integration` validates cumulative scope 91–99 counters (no nested re-run). +- [x] Covered by boot gate `smp_depth` (`ClanOS-BootGate: name=smp_depth ok=true`) +- [x] Validation matrix entries for scopes 91–100. ## Validation - [x] `cargo check -p kernel` - [x] `cargo test -p kernel --features preemption --test preemption_integration` -- [x] `python scripts/gate/boot.py --phase 100 --timeout 180 -- [ ] `python scripts/validation_matrix.py --from-check phase91-fork-cow-check` (optional full matrix) +- [x] `python scripts/gate/boot.py --gate smp_depth --timeout 180` +- [ ] `python scripts/validation_matrix.py --from-check scope91-fork-cow-check` (optional full matrix) ## Deferred diff --git a/docs/phase-101-checklist.md b/docs/scope-101-checklist.md similarity index 64% rename from docs/phase-101-checklist.md rename to docs/scope-101-checklist.md index de4e27e..70cd00b 100644 --- a/docs/phase-101-checklist.md +++ b/docs/scope-101-checklist.md @@ -1,6 +1,6 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. -# Phase 101 Checklist: Compat Syscall ABI Freeze +# Scope 101 Checklist: Compat Syscall ABI Freeze ## Layer governance @@ -13,15 +13,15 @@ documentation (deliverables landed) ## Scope -- [x] Deliverable: ABI_SYSCALL.md ares-abi-v1 +- [x] Deliverable: ABI_SYSCALL.md clan-abi-v1 - [x] Consistent with [AXIOMS.md](AXIOMS.md) - [x] Listed in [ROADMAP_POST100.md](ROADMAP_POST100.md) ## Validation - [x] `python scripts/semantic_lint.py` -- [x] Phases 101–109: documentation deliverables complete -- [ ] Phases 111+: `cargo check -p kernel` + smoke script TBD +- [x] Scopes 101–109: documentation deliverables complete +- [ ] Scopes 111+: `cargo check -p kernel` + smoke script TBD ## Deferred diff --git a/docs/phase-102-checklist.md b/docs/scope-102-checklist.md similarity index 70% rename from docs/phase-102-checklist.md rename to docs/scope-102-checklist.md index 0e112f5..9240f1e 100644 --- a/docs/phase-102-checklist.md +++ b/docs/scope-102-checklist.md @@ -1,6 +1,6 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. -# Phase 102 Checklist: Memory Contract Freeze +# Scope 102 Checklist: Memory Contract Freeze ## Layer kernel @@ -20,8 +20,8 @@ documentation (deliverables landed) ## Validation - [x] `python scripts/semantic_lint.py` -- [x] Phases 101–109: documentation deliverables complete -- [ ] Phases 111+: `cargo check -p kernel` + smoke script TBD +- [x] Scopes 101–109: documentation deliverables complete +- [ ] Scopes 111+: `cargo check -p kernel` + smoke script TBD ## Deferred diff --git a/docs/phase-103-checklist.md b/docs/scope-103-checklist.md similarity index 73% rename from docs/phase-103-checklist.md rename to docs/scope-103-checklist.md index 1d7089e..c591f77 100644 --- a/docs/phase-103-checklist.md +++ b/docs/scope-103-checklist.md @@ -1,6 +1,6 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. -# Phase 103 Checklist: IPC Endpoint Guarantees +# Scope 103 Checklist: IPC Endpoint Guarantees ## Layer kernel @@ -24,8 +24,8 @@ documentation (deliverables landed) ## Validation - [x] `python scripts/semantic_lint.py` -- [x] Phases 101–109: documentation deliverables complete -- [ ] Phases 111+: `cargo check -p kernel` + smoke script TBD +- [x] Scopes 101–109: documentation deliverables complete +- [ ] Scopes 111+: `cargo check -p kernel` + smoke script TBD ## Deferred diff --git a/docs/phase-104-checklist.md b/docs/scope-104-checklist.md similarity index 70% rename from docs/phase-104-checklist.md rename to docs/scope-104-checklist.md index 93c4643..6be11c7 100644 --- a/docs/phase-104-checklist.md +++ b/docs/scope-104-checklist.md @@ -1,6 +1,6 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. -# Phase 104 Checklist: Async OS Contract +# Scope 104 Checklist: Async OS Contract ## Layer kernel @@ -20,8 +20,8 @@ documentation (deliverables landed) ## Validation - [x] `python scripts/semantic_lint.py` -- [x] Phases 101–109: documentation deliverables complete -- [ ] Phases 111+: `cargo check -p kernel` + smoke script TBD +- [x] Scopes 101–109: documentation deliverables complete +- [ ] Scopes 111+: `cargo check -p kernel` + smoke script TBD ## Deferred diff --git a/docs/phase-105-checklist.md b/docs/scope-105-checklist.md similarity index 70% rename from docs/phase-105-checklist.md rename to docs/scope-105-checklist.md index 8db50d8..dccb5e8 100644 --- a/docs/phase-105-checklist.md +++ b/docs/scope-105-checklist.md @@ -1,6 +1,6 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. -# Phase 105 Checklist: Security and AXIOMS A1-A10 +# Scope 105 Checklist: Security and AXIOMS A1-A10 ## Layer governance @@ -20,8 +20,8 @@ documentation (deliverables landed) ## Validation - [x] `python scripts/semantic_lint.py` -- [x] Phases 101–109: documentation deliverables complete -- [ ] Phases 111+: `cargo check -p kernel` + smoke script TBD +- [x] Scopes 101–109: documentation deliverables complete +- [ ] Scopes 111+: `cargo check -p kernel` + smoke script TBD ## Deferred diff --git a/docs/phase-106-checklist.md b/docs/scope-106-checklist.md similarity index 68% rename from docs/phase-106-checklist.md rename to docs/scope-106-checklist.md index 21c0c4a..faf784e 100644 --- a/docs/phase-106-checklist.md +++ b/docs/scope-106-checklist.md @@ -1,6 +1,6 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. -# Phase 106 Checklist: Kernel Object Model +# Scope 106 Checklist: Kernel Object Model ## Layer kernel @@ -19,13 +19,13 @@ documentation (deliverables landed) ## Gate G1 -No new handle semantics after phase 115. +No new handle semantics after scope 115. ## Validation - [x] `python scripts/semantic_lint.py` -- [x] Phases 101–109: documentation deliverables complete -- [ ] Phases 111+: `cargo check -p kernel` + smoke script TBD +- [x] Scopes 101–109: documentation deliverables complete +- [ ] Scopes 111+: `cargo check -p kernel` + smoke script TBD ## Deferred diff --git a/docs/phase-107-checklist.md b/docs/scope-107-checklist.md similarity index 73% rename from docs/phase-107-checklist.md rename to docs/scope-107-checklist.md index b0f87ca..3224965 100644 --- a/docs/phase-107-checklist.md +++ b/docs/scope-107-checklist.md @@ -1,6 +1,6 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. -# Phase 107 Checklist: Formal Rights Algebra +# Scope 107 Checklist: Formal Rights Algebra ## Layer kernel @@ -24,8 +24,8 @@ documentation (deliverables landed) ## Validation - [x] `python scripts/semantic_lint.py` -- [x] Phases 101–109: documentation deliverables complete -- [ ] Phases 111+: `cargo check -p kernel` + smoke script TBD +- [x] Scopes 101–109: documentation deliverables complete +- [ ] Scopes 111+: `cargo check -p kernel` + smoke script TBD ## Deferred diff --git a/docs/phase-108-checklist.md b/docs/scope-108-checklist.md similarity index 72% rename from docs/phase-108-checklist.md rename to docs/scope-108-checklist.md index eeafb05..87f7d64 100644 --- a/docs/phase-108-checklist.md +++ b/docs/scope-108-checklist.md @@ -1,6 +1,6 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. -# Phase 108 Checklist: Revocation and Temporal Semantics +# Scope 108 Checklist: Revocation and Temporal Semantics ## Layer kernel @@ -24,8 +24,8 @@ documentation (deliverables landed) ## Validation - [x] `python scripts/semantic_lint.py` -- [x] Phases 101–109: documentation deliverables complete -- [ ] Phases 111+: `cargo check -p kernel` + smoke script TBD +- [x] Scopes 101–109: documentation deliverables complete +- [ ] Scopes 111+: `cargo check -p kernel` + smoke script TBD ## Deferred diff --git a/docs/phase-109-checklist.md b/docs/scope-109-checklist.md similarity index 73% rename from docs/phase-109-checklist.md rename to docs/scope-109-checklist.md index 3a29dc9..5dd717e 100644 --- a/docs/phase-109-checklist.md +++ b/docs/scope-109-checklist.md @@ -1,6 +1,6 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. -# Phase 109 Checklist: Semantic Index Lint Jurisdiction +# Scope 109 Checklist: Semantic Index Lint Jurisdiction ## Layer governance @@ -18,15 +18,15 @@ documentation - [x] [SEMANTIC_JURISDICTION.md](SEMANTIC_JURISDICTION.md) - [x] [SEMANTIC_OBSERVABILITY.md](SEMANTIC_OBSERVABILITY.md) outline - [x] [ABI_RUNTIME.md](ABI_RUNTIME.md) language-neutral sketch -- [x] [ABI_STABILITY.md](ABI_STABILITY.md) `ares-abi-v1` + `ares-semantics-v1` +- [x] [ABI_STABILITY.md](ABI_STABILITY.md) `clan-abi-v1` + `clan-semantics-v1` - [x] Consistent with [AXIOMS.md](AXIOMS.md) - [x] Listed in [ROADMAP_POST100.md](ROADMAP_POST100.md) ## Validation - [x] `python scripts/semantic_lint.py` -- [x] Phases 101–109: documentation deliverables complete -- [ ] Phases 111+: `cargo check -p kernel` + smoke script TBD +- [x] Scopes 101–109: documentation deliverables complete +- [ ] Scopes 111+: `cargo check -p kernel` + smoke script TBD ## Deferred diff --git a/docs/phase-11-checklist.md b/docs/scope-11-checklist.md similarity index 75% rename from docs/phase-11-checklist.md rename to docs/scope-11-checklist.md index 6b0d0c2..516993f 100644 --- a/docs/phase-11-checklist.md +++ b/docs/scope-11-checklist.md @@ -1,33 +1,33 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. -# Phase 11 Checklist +# Scope 11 Checklist Status: Complete - [x] Add executable image, segment, format, flag, and image-load error types. - [x] Add conservative ELF64 header and load-segment validation. -- [x] Extend `ares-exec-v1` with `kind=elf64-image` and `image=<path>`. +- [x] Extend `clan-exec-v1` with `kind=elf64-image` and `image=<path>`. - [x] Seed a small `/bin/hello` image manifest and `/bin/hello.elf` validation fixture. - [x] Require execute permission on both image manifests and referenced image files. - [x] Reject actual ELF image execution with a clear unsupported-execution result. - [x] Add process image metadata for loader-created process records. - [x] Add descriptor-only address-space and virtual-region validation. - [x] Expose `bin validate <program>` and richer `bin info` image fields. -- [x] Covered by boot gate `loader_security` (`AresOS-BootGate: name=loader_security ok=true`) -- [x] Add Phase 11 QEMU validation and validation matrix coverage. +- [x] Covered by boot gate `loader_security` (`ClanOS-BootGate: name=loader_security ok=true`) +- [x] Add Scope 11 QEMU validation and validation matrix coverage. Exit gate: - [x] Built-in aliases still launch. - [x] Valid image manifests are discoverable and validate cleanly. - [x] Malformed or non-executable image records do not panic. -- [x] No Phase 11 path executes arbitrary binary code. +- [x] No Scope 11 path executes arbitrary binary code. ## Validation ```bash cargo check -p kernel -python scripts/gate/boot.py --phase 11 --timeout 180 +python scripts/gate/boot.py --gate loader_security --timeout 180 python scripts/validation_matrix.py --smoke-timeout 180 ``` diff --git a/docs/phase-110-checklist.md b/docs/scope-110-checklist.md similarity index 72% rename from docs/phase-110-checklist.md rename to docs/scope-110-checklist.md index 0d5093c..01ba82c 100644 --- a/docs/phase-110-checklist.md +++ b/docs/scope-110-checklist.md @@ -1,6 +1,6 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. -# Phase 110 Checklist: Constitutional Sign-Off +# Scope 110 Checklist: Constitutional Sign-Off ## Layer governance @@ -13,7 +13,7 @@ documentation (deliverables landed) ## Scope -- [x] All phase 101–109 documents published and cross-linked +- [x] All scope 101–109 documents published and cross-linked - [x] Consistent with [AXIOMS.md](AXIOMS.md) - [x] Listed in [ROADMAP_POST100.md](ROADMAP_POST100.md) - [x] [NATIVE_DEVELOPER_EXPERIENCE.md](NATIVE_DEVELOPER_EXPERIENCE.md) outline @@ -28,7 +28,7 @@ documentation (deliverables landed) ## Minimization audit (A10) -| Layer | Document | Approx. law count (phase 110) | +| Layer | Document | Approx. law count (scope 110) | |-------|----------|-------------------------------| | Constitutional | AXIOMS | 10 axioms | | Ontology | KERNEL_OBJECT_MODEL | 1 model + 8 kinds | @@ -42,13 +42,13 @@ No duplicate cross-layer laws added without derivation note. Subsystem-local rul ## Validation - [x] `python scripts/semantic_lint.py` -- [x] `python scripts/gate/boot.py --phase 110 --timeout 180 -- [x] `cargo test -p kernel --features preemption --test preemption_integration` (phase110_constitutional_smoke_works) -- [x] Covered by boot gate `constitutional` (`AresOS-BootGate: name=constitutional ok=true`) +- [x] `python scripts/gate/boot.py --gate constitutional --timeout 180` +- [x] `cargo test -p kernel --features preemption --test preemption_integration` (smoke_constitutional_works) +- [x] Covered by boot gate `constitutional` (`ClanOS-BootGate: name=constitutional ok=true`) ## Deferred -- Executable semantic tests (same spec IDs) when phases 112+ / 134+ land -- Full meta-semantics precedence table (phases 156–158) -- Semantic lint CI (phases 159–160) +- Executable semantic tests (same spec IDs) when scopes 112+ / 134+ land +- Full meta-semantics precedence table (scopes 156–158) +- Semantic lint CI (scopes 159–160) diff --git a/docs/phase-111-checklist.md b/docs/scope-111-checklist.md similarity index 76% rename from docs/phase-111-checklist.md rename to docs/scope-111-checklist.md index 90e9b88..bb9ae23 100644 --- a/docs/phase-111-checklist.md +++ b/docs/scope-111-checklist.md @@ -1,6 +1,6 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. -# Phase 111 Checklist: CapHandle KernelObject +# Scope 111 Checklist: CapHandle KernelObject ## Layer kernel @@ -20,9 +20,9 @@ implementation (deliverables landed) ## Validation - [x] `cargo check -p kernel` -- [x] `cargo test -p kernel --features preemption --test preemption_integration` (phase120_cap_compat_smoke_works) +- [x] `cargo test -p kernel --features preemption --test preemption_integration` (smoke_cap_compat_works) - [x] `python scripts/semantic_lint.py` -- [x] `python scripts/gate/boot.py --phase 111 --timeout 180 +- [x] `python scripts/gate/boot.py --gate boot --timeout 180` - [x] Covered by unified boot/system gate (see VALIDATION_GATES.md) diff --git a/docs/phase-112-checklist.md b/docs/scope-112-checklist.md similarity index 78% rename from docs/phase-112-checklist.md rename to docs/scope-112-checklist.md index 0c5ba41..1d0400e 100644 --- a/docs/phase-112-checklist.md +++ b/docs/scope-112-checklist.md @@ -1,6 +1,6 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. -# Phase 112 Checklist: Cap Create Close Transfer +# Scope 112 Checklist: Cap Create Close Transfer ## Layer kernel @@ -24,9 +24,9 @@ implementation (deliverables landed) ## Validation - [x] `cargo check -p kernel` -- [x] `cargo test -p kernel --features preemption --test preemption_integration` (phase120_cap_compat_smoke_works) +- [x] `cargo test -p kernel --features preemption --test preemption_integration` (smoke_cap_compat_works) - [x] `python scripts/semantic_lint.py` -- [x] `python scripts/gate/boot.py --phase 112 --timeout 180 +- [x] `python scripts/gate/boot.py --gate boot --timeout 180` - [x] Covered by unified boot/system gate (see VALIDATION_GATES.md) diff --git a/docs/phase-113-checklist.md b/docs/scope-113-checklist.md similarity index 78% rename from docs/phase-113-checklist.md rename to docs/scope-113-checklist.md index 9d5e868..0960ef2 100644 --- a/docs/phase-113-checklist.md +++ b/docs/scope-113-checklist.md @@ -1,6 +1,6 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. -# Phase 113 Checklist: Rights Delegation Smoke +# Scope 113 Checklist: Rights Delegation Smoke ## Layer kernel @@ -24,9 +24,9 @@ implementation (deliverables landed) ## Validation - [x] `cargo check -p kernel` -- [x] `cargo test -p kernel --features preemption --test preemption_integration` (phase120_cap_compat_smoke_works) +- [x] `cargo test -p kernel --features preemption --test preemption_integration` (smoke_cap_compat_works) - [x] `python scripts/semantic_lint.py` -- [x] `python scripts/gate/boot.py --phase 113 --timeout 180 +- [x] `python scripts/gate/boot.py --gate boot --timeout 180` - [x] Covered by unified boot/system gate (see VALIDATION_GATES.md) diff --git a/docs/phase-114-checklist.md b/docs/scope-114-checklist.md similarity index 76% rename from docs/phase-114-checklist.md rename to docs/scope-114-checklist.md index 5b78f30..adeea68 100644 --- a/docs/phase-114-checklist.md +++ b/docs/scope-114-checklist.md @@ -1,6 +1,6 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. -# Phase 114 Checklist: Storage Grant Object +# Scope 114 Checklist: Storage Grant Object ## Layer kernel @@ -20,9 +20,9 @@ implementation (deliverables landed) ## Validation - [x] `cargo check -p kernel` -- [x] `cargo test -p kernel --features preemption --test preemption_integration` (phase120_cap_compat_smoke_works) +- [x] `cargo test -p kernel --features preemption --test preemption_integration` (smoke_cap_compat_works) - [x] `python scripts/semantic_lint.py` -- [x] `python scripts/gate/boot.py --phase 114 --timeout 180 +- [x] `python scripts/gate/boot.py --gate boot --timeout 180` - [x] Covered by unified boot/system gate (see VALIDATION_GATES.md) diff --git a/docs/phase-115-checklist.md b/docs/scope-115-checklist.md similarity index 78% rename from docs/phase-115-checklist.md rename to docs/scope-115-checklist.md index 87ffe99..c16b4ed 100644 --- a/docs/phase-115-checklist.md +++ b/docs/scope-115-checklist.md @@ -1,6 +1,6 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. -# Phase 115 Checklist: Path Broker Compat Only +# Scope 115 Checklist: Path Broker Compat Only ## Layer platform @@ -24,9 +24,9 @@ Path broker is compat-only; no new handle semantics. ## Validation - [x] `cargo check -p kernel` -- [x] `cargo test -p kernel --features preemption --test preemption_integration` (phase120_cap_compat_smoke_works) +- [x] `cargo test -p kernel --features preemption --test preemption_integration` (smoke_cap_compat_works) - [x] `python scripts/semantic_lint.py` -- [x] `python scripts/gate/boot.py --phase 115 --timeout 180 +- [x] `python scripts/gate/boot.py --gate boot --timeout 180` - [x] Covered by unified boot/system gate (see VALIDATION_GATES.md) diff --git a/docs/phase-116-checklist.md b/docs/scope-116-checklist.md similarity index 76% rename from docs/phase-116-checklist.md rename to docs/scope-116-checklist.md index b628292..5e703bc 100644 --- a/docs/phase-116-checklist.md +++ b/docs/scope-116-checklist.md @@ -1,6 +1,6 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. -# Phase 116 Checklist: No Ambient Authority +# Scope 116 Checklist: No Ambient Authority ## Layer kernel @@ -20,9 +20,9 @@ implementation (deliverables landed) ## Validation - [x] `cargo check -p kernel` -- [x] `cargo test -p kernel --features preemption --test preemption_integration` (phase120_cap_compat_smoke_works) +- [x] `cargo test -p kernel --features preemption --test preemption_integration` (smoke_cap_compat_works) - [x] `python scripts/semantic_lint.py` -- [x] `python scripts/gate/boot.py --phase 116 --timeout 180 +- [x] `python scripts/gate/boot.py --gate boot --timeout 180` - [x] Covered by unified boot/system gate (see VALIDATION_GATES.md) diff --git a/docs/phase-117-checklist.md b/docs/scope-117-checklist.md similarity index 76% rename from docs/phase-117-checklist.md rename to docs/scope-117-checklist.md index 050e35b..f7eec9d 100644 --- a/docs/phase-117-checklist.md +++ b/docs/scope-117-checklist.md @@ -1,6 +1,6 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. -# Phase 117 Checklist: Namespace Invisibility +# Scope 117 Checklist: Namespace Invisibility ## Layer kernel @@ -20,9 +20,9 @@ implementation (deliverables landed) ## Validation - [x] `cargo check -p kernel` -- [x] `cargo test -p kernel --features preemption --test preemption_integration` (phase120_cap_compat_smoke_works) +- [x] `cargo test -p kernel --features preemption --test preemption_integration` (smoke_cap_compat_works) - [x] `python scripts/semantic_lint.py` -- [x] `python scripts/gate/boot.py --phase 117 --timeout 180 +- [x] `python scripts/gate/boot.py --gate boot --timeout 180` - [x] Covered by unified boot/system gate (see VALIDATION_GATES.md) diff --git a/docs/phase-118-checklist.md b/docs/scope-118-checklist.md similarity index 76% rename from docs/phase-118-checklist.md rename to docs/scope-118-checklist.md index 2276025..0d48662 100644 --- a/docs/phase-118-checklist.md +++ b/docs/scope-118-checklist.md @@ -1,6 +1,6 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. -# Phase 118 Checklist: Broker Issued FsNode Caps +# Scope 118 Checklist: Broker Issued FsNode Caps ## Layer platform @@ -20,9 +20,9 @@ implementation (deliverables landed) ## Validation - [x] `cargo check -p kernel` -- [x] `cargo test -p kernel --features preemption --test preemption_integration` (phase120_cap_compat_smoke_works) +- [x] `cargo test -p kernel --features preemption --test preemption_integration` (smoke_cap_compat_works) - [x] `python scripts/semantic_lint.py` -- [x] `python scripts/gate/boot.py --phase 118 --timeout 180 +- [x] `python scripts/gate/boot.py --gate boot --timeout 180` - [x] Covered by unified boot/system gate (see VALIDATION_GATES.md) diff --git a/docs/phase-119-checklist.md b/docs/scope-119-checklist.md similarity index 76% rename from docs/phase-119-checklist.md rename to docs/scope-119-checklist.md index 9a07c13..3fdf06b 100644 --- a/docs/phase-119-checklist.md +++ b/docs/scope-119-checklist.md @@ -1,6 +1,6 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. -# Phase 119 Checklist: Compat Bridge Unchanged +# Scope 119 Checklist: Compat Bridge Unchanged ## Layer compat @@ -20,9 +20,9 @@ implementation (deliverables landed) ## Validation - [x] `cargo check -p kernel` -- [x] `cargo test -p kernel --features preemption --test preemption_integration` (phase120_cap_compat_smoke_works) +- [x] `cargo test -p kernel --features preemption --test preemption_integration` (smoke_cap_compat_works) - [x] `python scripts/semantic_lint.py` -- [x] `python scripts/gate/boot.py --phase 119 --timeout 180 +- [x] `python scripts/gate/boot.py --gate boot --timeout 180` - [x] Covered by unified boot/system gate (see VALIDATION_GATES.md) diff --git a/docs/phase-12-checklist.md b/docs/scope-12-checklist.md similarity index 81% rename from docs/phase-12-checklist.md rename to docs/scope-12-checklist.md index bd6eecf..72333ed 100644 --- a/docs/phase-12-checklist.md +++ b/docs/scope-12-checklist.md @@ -1,6 +1,6 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. -# Phase 12 Checklist +# Scope 12 Checklist Status: Complete @@ -12,8 +12,8 @@ Status: Complete - [x] Add loader `prepare_program_image` path and load-plan counters. - [x] Add process load metadata for prepared image records. - [x] Add `bin prepare`, richer `bin info`, and load-plan summary commands. -- [x] Covered by boot gate `loader_security` (`AresOS-BootGate: name=loader_security ok=true`) -- [x] Add Phase 12 QEMU validation and validation matrix coverage. +- [x] Covered by boot gate `loader_security` (`ClanOS-BootGate: name=loader_security ok=true`) +- [x] Add Scope 12 QEMU validation and validation matrix coverage. Exit gate: @@ -26,7 +26,7 @@ Exit gate: ```bash cargo check -p kernel -python scripts/gate/boot.py --phase 12 --timeout 180 +python scripts/gate/boot.py --gate loader_security --timeout 180 python scripts/validation_matrix.py --smoke-timeout 180 ``` diff --git a/docs/phase-120-checklist.md b/docs/scope-120-checklist.md similarity index 70% rename from docs/phase-120-checklist.md rename to docs/scope-120-checklist.md index c774252..292cc6c 100644 --- a/docs/phase-120-checklist.md +++ b/docs/scope-120-checklist.md @@ -1,6 +1,6 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. -# Phase 120 Checklist: Integration Cap Compat +# Scope 120 Checklist: Integration Cap Compat ## Layer kernel @@ -20,10 +20,10 @@ implementation (deliverables landed) ## Validation - [x] `cargo check -p kernel` -- [x] `cargo test -p kernel --features preemption --test preemption_integration` (phase120_cap_compat_smoke_works) +- [x] `cargo test -p kernel --features preemption --test preemption_integration` (smoke_cap_compat_works) - [x] `python scripts/semantic_lint.py` -- [x] `python scripts/gate/boot.py --phase 120 --timeout 180 -- [x] Covered by boot gate `capabilities` (`AresOS-BootGate: name=capabilities ok=true`) +- [x] `python scripts/gate/boot.py --gate capabilities --timeout 180` +- [x] Covered by boot gate `capabilities` (`ClanOS-BootGate: name=capabilities ok=true`) ## Deferred diff --git a/docs/phase-121-checklist.md b/docs/scope-121-checklist.md similarity index 77% rename from docs/phase-121-checklist.md rename to docs/scope-121-checklist.md index 6c726bf..4082473 100644 --- a/docs/phase-121-checklist.md +++ b/docs/scope-121-checklist.md @@ -1,6 +1,6 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. -# Phase 121 Checklist: Service Loader Contract +# Scope 121 Checklist: Service Loader Contract ```yaml status: epoch-scoped: 121 @@ -15,16 +15,16 @@ native ## Mode complete (5294623) -## Process (phase_checklist_schema.toml) +## Process (scope_checklist_schema.toml) -- **phase-owner:** clancy +- **scope-owner:** clancy - **backup-reviewer:** clancy (solo MV team) - **proof_tier:** B - **harness_bound:** 16 - **fuzz_target:** N/A - **compat_review_entry:** true -- **oom_stub_ref:** MEM_BUDGET_STUB § phase-121 -- **benchmark_baseline_ref:** benchmarks/phase-120-baseline.json +- **oom_stub_ref:** MEM_BUDGET_STUB § scope-121 +- **benchmark_baseline_ref:** benchmarks/scope-120-baseline.json - **threat_node_mapping:** T-bootstrap-scope-creep, T-cap-exhaustion ## Gated decisions acknowledged @@ -42,7 +42,7 @@ complete (5294623) - [x] Service loader contract per `KERNEL_OBJECT_MODEL.md` bootstrap ceremony - [x] E-00 admission control + ERROR_TAXONOMY class mapping -- [x] MEM_BUDGET_STUB wire + shed stub (full enforcement phase 147) +- [x] MEM_BUDGET_STUB wire + shed stub (full enforcement scope 147) - [x] CAP_QUOTA_STUB + remediable structural retry path - [x] Audit bootstrap window scoped (`AUDIT_SUBSYSTEM.md`) — documented; impl epoch 1 - [ ] Scheduler priority ceiling ack in broker paths — epoch 1 brokers @@ -52,10 +52,10 @@ complete (5294623) ## Validation - [x] `cargo check -p kernel` -- [x] Phase 121 smoke script (`scripts/gate/boot.py --phase 121`) +- [x] Scope 121 smoke script (`python scripts/gate/boot.py --gate service_loader --timeout 180`) - [x] OOM stub returns `ERR_MEM_BUDGET` / E-00 `E00_SATURATED` / quota `ERR_CAP_QUOTA` ## Deferred -- Full OOM shed/terminate — phase 147 +- Full OOM shed/terminate — scope 147 - Audit chain hash implementation — epoch 1 diff --git a/docs/phase-122-checklist.md b/docs/scope-122-checklist.md similarity index 68% rename from docs/phase-122-checklist.md rename to docs/scope-122-checklist.md index 3164e1b..1d9320f 100644 --- a/docs/phase-122-checklist.md +++ b/docs/scope-122-checklist.md @@ -1,6 +1,6 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. -# Phase 122 Checklist: Storage Broker +# Scope 122 Checklist: Storage Broker ## Layer platform @@ -19,8 +19,8 @@ future implementation ## Validation -- [ ] Phases 101–110: documentation review (no kernel change required) -- [ ] Phases 111+: `cargo check -p kernel` + smoke script TBD +- [ ] Scopes 101–110: documentation review (no kernel change required) +- [ ] Scopes 111+: `cargo check -p kernel` + smoke script TBD ## Deferred diff --git a/docs/scope-123-checklist.md b/docs/scope-123-checklist.md new file mode 100644 index 0000000..5a1e569 --- /dev/null +++ b/docs/scope-123-checklist.md @@ -0,0 +1,27 @@ +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. + +# Scope 123 Checklist: Permission Broker + +## Layer +platform + +## Tag +native + +## Mode +future implementation + +## Scope + +- [ ] Deliverable: clan-native-v1 +- [ ] Consistent with [AXIOMS.md](AXIOMS.md) +- [ ] Listed in [ROADMAP_POST100.md](ROADMAP_POST100.md) + +## Validation + +- [ ] Scopes 101–110: documentation review (no kernel change required) +- [ ] Scopes 111+: `cargo check -p kernel` + smoke script TBD + +## Deferred + +- See [ROADMAP_POST100.md](ROADMAP_POST100.md) and [AXIOMS.md](AXIOMS.md) gates. diff --git a/docs/phase-124-checklist.md b/docs/scope-124-checklist.md similarity index 68% rename from docs/phase-124-checklist.md rename to docs/scope-124-checklist.md index 2c32371..01527d1 100644 --- a/docs/phase-124-checklist.md +++ b/docs/scope-124-checklist.md @@ -1,6 +1,6 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. -# Phase 124 Checklist: Device Broker Skeleton +# Scope 124 Checklist: Device Broker Skeleton ## Layer platform @@ -19,8 +19,8 @@ future implementation ## Validation -- [ ] Phases 101–110: documentation review (no kernel change required) -- [ ] Phases 111+: `cargo check -p kernel` + smoke script TBD +- [ ] Scopes 101–110: documentation review (no kernel change required) +- [ ] Scopes 111+: `cargo check -p kernel` + smoke script TBD ## Deferred diff --git a/docs/phase-125-checklist.md b/docs/scope-125-checklist.md similarity index 67% rename from docs/phase-125-checklist.md rename to docs/scope-125-checklist.md index f7dc9fd..ef38bdb 100644 --- a/docs/phase-125-checklist.md +++ b/docs/scope-125-checklist.md @@ -1,6 +1,6 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. -# Phase 125 Checklist: Network Broker Stub +# Scope 125 Checklist: Network Broker Stub ## Layer platform @@ -19,8 +19,8 @@ future implementation ## Validation -- [ ] Phases 101–110: documentation review (no kernel change required) -- [ ] Phases 111+: `cargo check -p kernel` + smoke script TBD +- [ ] Scopes 101–110: documentation review (no kernel change required) +- [ ] Scopes 111+: `cargo check -p kernel` + smoke script TBD ## Deferred diff --git a/docs/phase-126-checklist.md b/docs/scope-126-checklist.md similarity index 67% rename from docs/phase-126-checklist.md rename to docs/scope-126-checklist.md index 848b2e1..c20f81f 100644 --- a/docs/phase-126-checklist.md +++ b/docs/scope-126-checklist.md @@ -1,6 +1,6 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. -# Phase 126 Checklist: Clipboard Broker Stub +# Scope 126 Checklist: Clipboard Broker Stub ## Layer platform @@ -19,8 +19,8 @@ future implementation ## Validation -- [ ] Phases 101–110: documentation review (no kernel change required) -- [ ] Phases 111+: `cargo check -p kernel` + smoke script TBD +- [ ] Scopes 101–110: documentation review (no kernel change required) +- [ ] Scopes 111+: `cargo check -p kernel` + smoke script TBD ## Deferred diff --git a/docs/scope-127-checklist.md b/docs/scope-127-checklist.md new file mode 100644 index 0000000..6be99a4 --- /dev/null +++ b/docs/scope-127-checklist.md @@ -0,0 +1,27 @@ +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. + +# Scope 127 Checklist: Service Crash Isolation + +## Layer +platform + +## Tag +native + +## Mode +future implementation + +## Scope + +- [ ] Deliverable: +- [ ] Consistent with [AXIOMS.md](AXIOMS.md) +- [ ] Listed in [ROADMAP_POST100.md](ROADMAP_POST100.md) + +## Validation + +- [ ] Scopes 101–110: documentation review (no kernel change required) +- [ ] Scopes 111+: `cargo check -p kernel` + smoke script TBD + +## Deferred + +- See [ROADMAP_POST100.md](ROADMAP_POST100.md) and [AXIOMS.md](AXIOMS.md) gates. diff --git a/docs/phase-128-checklist.md b/docs/scope-128-checklist.md similarity index 70% rename from docs/phase-128-checklist.md rename to docs/scope-128-checklist.md index 7bc7427..935a9df 100644 --- a/docs/phase-128-checklist.md +++ b/docs/scope-128-checklist.md @@ -1,6 +1,6 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. -# Phase 128 Checklist: Mandatory Native Manifest +# Scope 128 Checklist: Mandatory Native Manifest ## Layer platform @@ -23,8 +23,8 @@ future implementation ## Validation -- [ ] Phases 101–110: documentation review (no kernel change required) -- [ ] Phases 111+: `cargo check -p kernel` + smoke script TBD +- [ ] Scopes 101–110: documentation review (no kernel change required) +- [ ] Scopes 111+: `cargo check -p kernel` + smoke script TBD ## Deferred diff --git a/docs/scope-129-checklist.md b/docs/scope-129-checklist.md new file mode 100644 index 0000000..6791665 --- /dev/null +++ b/docs/scope-129-checklist.md @@ -0,0 +1,27 @@ +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. + +# Scope 129 Checklist: Scoped Grants Manifest + +## Layer +platform + +## Tag +native + +## Mode +future implementation + +## Scope + +- [ ] Deliverable: +- [ ] Consistent with [AXIOMS.md](AXIOMS.md) +- [ ] Listed in [ROADMAP_POST100.md](ROADMAP_POST100.md) + +## Validation + +- [ ] Scopes 101–110: documentation review (no kernel change required) +- [ ] Scopes 111+: `cargo check -p kernel` + smoke script TBD + +## Deferred + +- See [ROADMAP_POST100.md](ROADMAP_POST100.md) and [AXIOMS.md](AXIOMS.md) gates. diff --git a/docs/phase-13-checklist.md b/docs/scope-13-checklist.md similarity index 84% rename from docs/phase-13-checklist.md rename to docs/scope-13-checklist.md index 691c471..5742d1e 100644 --- a/docs/phase-13-checklist.md +++ b/docs/scope-13-checklist.md @@ -1,6 +1,6 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. -# Phase 13 Checklist: Frame-Backed Mapping Stubs +# Scope 13 Checklist: Frame-Backed Mapping Stubs ## Scope @@ -12,13 +12,13 @@ - [x] Add loader map path and counters for mapped images, rejected mappings, mapped pages, copied bytes, and zero-filled bytes. - [x] Attach mapped-stub metadata to blocked process records. - [x] Expose mapping summaries through shell commands and syscalls. -- [x] Covered by boot gate `loader_security` (`AresOS-BootGate: name=loader_security ok=true`) +- [x] Covered by boot gate `loader_security` (`ClanOS-BootGate: name=loader_security ok=true`) ## Validation - [x] `cargo check -p kernel` - [x] `cargo test -p kernel --features preemption --test preemption_integration` -- [x] `python scripts/gate/boot.py --phase 13 --timeout 180 +- [x] `python scripts/gate/boot.py --gate loader_security --timeout 180` ## Deferred diff --git a/docs/phase-130-checklist.md b/docs/scope-130-checklist.md similarity index 68% rename from docs/phase-130-checklist.md rename to docs/scope-130-checklist.md index 6f06525..deba3ca 100644 --- a/docs/phase-130-checklist.md +++ b/docs/scope-130-checklist.md @@ -1,6 +1,6 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. -# Phase 130 Checklist: Integration Platform +# Scope 130 Checklist: Integration Platform ## Layer platform @@ -19,8 +19,8 @@ future implementation ## Validation -- [ ] Phases 101–110: documentation review (no kernel change required) -- [ ] Phases 111+: `cargo check -p kernel` + smoke script TBD +- [ ] Scopes 101–110: documentation review (no kernel change required) +- [ ] Scopes 111+: `cargo check -p kernel` + smoke script TBD ## Deferred diff --git a/docs/phase-127-checklist.md b/docs/scope-131-checklist.md similarity index 66% rename from docs/phase-127-checklist.md rename to docs/scope-131-checklist.md index 2b62ff5..7549093 100644 --- a/docs/phase-127-checklist.md +++ b/docs/scope-131-checklist.md @@ -1,6 +1,6 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. -# Phase 127 Checklist: Service Crash Isolation +# Scope 131 Checklist: System Image Identity Epochs ## Layer platform @@ -19,8 +19,8 @@ future implementation ## Validation -- [ ] Phases 101–110: documentation review (no kernel change required) -- [ ] Phases 111+: `cargo check -p kernel` + smoke script TBD +- [ ] Scopes 101–110: documentation review (no kernel change required) +- [ ] Scopes 111+: `cargo check -p kernel` + smoke script TBD ## Deferred diff --git a/docs/phase-132-checklist.md b/docs/scope-132-checklist.md similarity index 68% rename from docs/phase-132-checklist.md rename to docs/scope-132-checklist.md index 0dd55c8..72368fc 100644 --- a/docs/phase-132-checklist.md +++ b/docs/scope-132-checklist.md @@ -1,6 +1,6 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. -# Phase 132 Checklist: A/B Slots +# Scope 132 Checklist: A/B Slots ## Layer platform @@ -19,8 +19,8 @@ future implementation ## Validation -- [ ] Phases 101–110: documentation review (no kernel change required) -- [ ] Phases 111+: `cargo check -p kernel` + smoke script TBD +- [ ] Scopes 101–110: documentation review (no kernel change required) +- [ ] Scopes 111+: `cargo check -p kernel` + smoke script TBD ## Deferred diff --git a/docs/phase-133-checklist.md b/docs/scope-133-checklist.md similarity index 68% rename from docs/phase-133-checklist.md rename to docs/scope-133-checklist.md index ea87979..c592e7e 100644 --- a/docs/phase-133-checklist.md +++ b/docs/scope-133-checklist.md @@ -1,6 +1,6 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. -# Phase 133 Checklist: Rollback Smoke +# Scope 133 Checklist: Rollback Smoke ## Layer platform @@ -19,8 +19,8 @@ future implementation ## Validation -- [ ] Phases 101–110: documentation review (no kernel change required) -- [ ] Phases 111+: `cargo check -p kernel` + smoke script TBD +- [ ] Scopes 101–110: documentation review (no kernel change required) +- [ ] Scopes 111+: `cargo check -p kernel` + smoke script TBD ## Deferred diff --git a/docs/phase-134-checklist.md b/docs/scope-134-checklist.md similarity index 71% rename from docs/phase-134-checklist.md rename to docs/scope-134-checklist.md index e43c64d..8820703 100644 --- a/docs/phase-134-checklist.md +++ b/docs/scope-134-checklist.md @@ -1,6 +1,6 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. -# Phase 134 Checklist: Endpoint Object +# Scope 134 Checklist: Endpoint Object ## Layer kernel @@ -23,8 +23,8 @@ future implementation ## Validation -- [ ] Phases 101–110: documentation review (no kernel change required) -- [ ] Phases 111+: `cargo check -p kernel` + smoke script TBD +- [ ] Scopes 101–110: documentation review (no kernel change required) +- [ ] Scopes 111+: `cargo check -p kernel` + smoke script TBD ## Deferred diff --git a/docs/scope-135-checklist.md b/docs/scope-135-checklist.md new file mode 100644 index 0000000..5183c51 --- /dev/null +++ b/docs/scope-135-checklist.md @@ -0,0 +1,27 @@ +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. + +# Scope 135 Checklist: Mailbox Structured Cancel + +## Layer +kernel + +## Tag +native + +## Mode +future implementation + +## Scope + +- [ ] Deliverable: +- [ ] Consistent with [AXIOMS.md](AXIOMS.md) +- [ ] Listed in [ROADMAP_POST100.md](ROADMAP_POST100.md) + +## Validation + +- [ ] Scopes 101–110: documentation review (no kernel change required) +- [ ] Scopes 111+: `cargo check -p kernel` + smoke script TBD + +## Deferred + +- See [ROADMAP_POST100.md](ROADMAP_POST100.md) and [AXIOMS.md](AXIOMS.md) gates. diff --git a/docs/phase-136-checklist.md b/docs/scope-136-checklist.md similarity index 67% rename from docs/phase-136-checklist.md rename to docs/scope-136-checklist.md index 6a499a2..2586650 100644 --- a/docs/phase-136-checklist.md +++ b/docs/scope-136-checklist.md @@ -1,6 +1,6 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. -# Phase 136 Checklist: Wait Set Endpoints +# Scope 136 Checklist: Wait Set Endpoints ## Layer kernel @@ -19,8 +19,8 @@ future implementation ## Validation -- [ ] Phases 101–110: documentation review (no kernel change required) -- [ ] Phases 111+: `cargo check -p kernel` + smoke script TBD +- [ ] Scopes 101–110: documentation review (no kernel change required) +- [ ] Scopes 111+: `cargo check -p kernel` + smoke script TBD ## Deferred diff --git a/docs/phase-138-checklist.md b/docs/scope-137-checklist.md similarity index 67% rename from docs/phase-138-checklist.md rename to docs/scope-137-checklist.md index 2cdb40d..d86d45f 100644 --- a/docs/phase-138-checklist.md +++ b/docs/scope-137-checklist.md @@ -1,6 +1,6 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. -# Phase 138 Checklist: Zero-Copy Transfer +# Scope 137 Checklist: MemoryRegion Cap IPC ## Layer kernel @@ -19,8 +19,8 @@ future implementation ## Validation -- [ ] Phases 101–110: documentation review (no kernel change required) -- [ ] Phases 111+: `cargo check -p kernel` + smoke script TBD +- [ ] Scopes 101–110: documentation review (no kernel change required) +- [ ] Scopes 111+: `cargo check -p kernel` + smoke script TBD ## Deferred diff --git a/docs/phase-148-checklist.md b/docs/scope-138-checklist.md similarity index 67% rename from docs/phase-148-checklist.md rename to docs/scope-138-checklist.md index 3d149e5..6d8ab79 100644 --- a/docs/phase-148-checklist.md +++ b/docs/scope-138-checklist.md @@ -1,6 +1,6 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. -# Phase 148 Checklist: NUMA Locality Stub +# Scope 138 Checklist: Zero-Copy Transfer ## Layer kernel @@ -19,8 +19,8 @@ future implementation ## Validation -- [ ] Phases 101–110: documentation review (no kernel change required) -- [ ] Phases 111+: `cargo check -p kernel` + smoke script TBD +- [ ] Scopes 101–110: documentation review (no kernel change required) +- [ ] Scopes 111+: `cargo check -p kernel` + smoke script TBD ## Deferred diff --git a/docs/phase-139-checklist.md b/docs/scope-139-checklist.md similarity index 67% rename from docs/phase-139-checklist.md rename to docs/scope-139-checklist.md index 17772eb..534c9a1 100644 --- a/docs/phase-139-checklist.md +++ b/docs/scope-139-checklist.md @@ -1,6 +1,6 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. -# Phase 139 Checklist: Compat PipeLite Preserved +# Scope 139 Checklist: Compat PipeLite Preserved ## Layer compat @@ -19,8 +19,8 @@ future implementation ## Validation -- [ ] Phases 101–110: documentation review (no kernel change required) -- [ ] Phases 111+: `cargo check -p kernel` + smoke script TBD +- [ ] Scopes 101–110: documentation review (no kernel change required) +- [ ] Scopes 111+: `cargo check -p kernel` + smoke script TBD ## Deferred diff --git a/docs/phase-14-checklist.md b/docs/scope-14-checklist.md similarity index 72% rename from docs/phase-14-checklist.md rename to docs/scope-14-checklist.md index 5a547f1..7cbe137 100644 --- a/docs/phase-14-checklist.md +++ b/docs/scope-14-checklist.md @@ -1,20 +1,20 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. -# Phase 14 Checklist: Frame Ownership Service +# Scope 14 Checklist: Frame Ownership Service ## Scope - [x] Add a persistent frame ownership registry initialized from the bootloader memory map. - [x] Track bounded frame records, owners, allocations, releases, and failed allocation attempts. -- [x] Preserve Phase 13 deterministic mapping stubs without consuming owned frames. +- [x] Preserve Scope 13 deterministic mapping stubs without consuming owned frames. - [x] Expose frame ownership status through shell and syscall surfaces. -- [x] Covered by boot gate `memory_layout` (`AresOS-BootGate: name=memory_layout ok=true`) +- [x] Covered by boot gate `memory_layout` (`ClanOS-BootGate: name=memory_layout ok=true`) ## Validation - [x] `cargo check -p kernel` - [x] `cargo test -p kernel --features preemption --test preemption_integration` -- [x] `python scripts/gate/boot.py --phase 14 --timeout 180 +- [x] `python scripts/gate/boot.py --gate memory_layout --timeout 180` ## Deferred diff --git a/docs/phase-140-checklist.md b/docs/scope-140-checklist.md similarity index 67% rename from docs/phase-140-checklist.md rename to docs/scope-140-checklist.md index 61875e4..a3b62c1 100644 --- a/docs/phase-140-checklist.md +++ b/docs/scope-140-checklist.md @@ -1,6 +1,6 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. -# Phase 140 Checklist: Integration Immutable Async IPC +# Scope 140 Checklist: Integration Immutable Async IPC ## Layer kernel @@ -19,8 +19,8 @@ future implementation ## Validation -- [ ] Phases 101–110: documentation review (no kernel change required) -- [ ] Phases 111+: `cargo check -p kernel` + smoke script TBD +- [ ] Scopes 101–110: documentation review (no kernel change required) +- [ ] Scopes 111+: `cargo check -p kernel` + smoke script TBD ## Deferred diff --git a/docs/phase-141-checklist.md b/docs/scope-141-checklist.md similarity index 67% rename from docs/phase-141-checklist.md rename to docs/scope-141-checklist.md index 90c1367..a741899 100644 --- a/docs/phase-141-checklist.md +++ b/docs/scope-141-checklist.md @@ -1,6 +1,6 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. -# Phase 141 Checklist: Service-Centric Scheduler Spec +# Scope 141 Checklist: Service-Centric Scheduler Spec ## Layer kernel @@ -19,8 +19,8 @@ future implementation ## Validation -- [ ] Phases 101–110: documentation review (no kernel change required) -- [ ] Phases 111+: `cargo check -p kernel` + smoke script TBD +- [ ] Scopes 101–110: documentation review (no kernel change required) +- [ ] Scopes 111+: `cargo check -p kernel` + smoke script TBD ## Deferred diff --git a/docs/phase-143-checklist.md b/docs/scope-142-checklist.md similarity index 67% rename from docs/phase-143-checklist.md rename to docs/scope-142-checklist.md index d7f0596..647caae 100644 --- a/docs/phase-143-checklist.md +++ b/docs/scope-142-checklist.md @@ -1,6 +1,6 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. -# Phase 143 Checklist: Power Thermal Stubs +# Scope 142 Checklist: Endpoint-Driven Wake ## Layer kernel @@ -19,8 +19,8 @@ future implementation ## Validation -- [ ] Phases 101–110: documentation review (no kernel change required) -- [ ] Phases 111+: `cargo check -p kernel` + smoke script TBD +- [ ] Scopes 101–110: documentation review (no kernel change required) +- [ ] Scopes 111+: `cargo check -p kernel` + smoke script TBD ## Deferred diff --git a/docs/scope-143-checklist.md b/docs/scope-143-checklist.md new file mode 100644 index 0000000..d5f9193 --- /dev/null +++ b/docs/scope-143-checklist.md @@ -0,0 +1,27 @@ +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. + +# Scope 143 Checklist: Power Thermal Stubs + +## Layer +kernel + +## Tag +native + +## Mode +future implementation + +## Scope + +- [ ] Deliverable: +- [ ] Consistent with [AXIOMS.md](AXIOMS.md) +- [ ] Listed in [ROADMAP_POST100.md](ROADMAP_POST100.md) + +## Validation + +- [ ] Scopes 101–110: documentation review (no kernel change required) +- [ ] Scopes 111+: `cargo check -p kernel` + smoke script TBD + +## Deferred + +- See [ROADMAP_POST100.md](ROADMAP_POST100.md) and [AXIOMS.md](AXIOMS.md) gates. diff --git a/docs/scope-144-checklist.md b/docs/scope-144-checklist.md new file mode 100644 index 0000000..0a9974b --- /dev/null +++ b/docs/scope-144-checklist.md @@ -0,0 +1,27 @@ +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. + +# Scope 144 Checklist: Userspace Driver Host + +## Layer +platform + +## Tag +native + +## Mode +future implementation + +## Scope + +- [ ] Deliverable: +- [ ] Consistent with [AXIOMS.md](AXIOMS.md) +- [ ] Listed in [ROADMAP_POST100.md](ROADMAP_POST100.md) + +## Validation + +- [ ] Scopes 101–110: documentation review (no kernel change required) +- [ ] Scopes 111+: `cargo check -p kernel` + smoke script TBD + +## Deferred + +- See [ROADMAP_POST100.md](ROADMAP_POST100.md) and [AXIOMS.md](AXIOMS.md) gates. diff --git a/docs/phase-129-checklist.md b/docs/scope-145-checklist.md similarity index 67% rename from docs/phase-129-checklist.md rename to docs/scope-145-checklist.md index 35c9711..8d6c577 100644 --- a/docs/phase-129-checklist.md +++ b/docs/scope-145-checklist.md @@ -1,6 +1,6 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. -# Phase 129 Checklist: Scoped Grants Manifest +# Scope 145 Checklist: Compositor GPU Isolation ## Layer platform @@ -19,8 +19,8 @@ future implementation ## Validation -- [ ] Phases 101–110: documentation review (no kernel change required) -- [ ] Phases 111+: `cargo check -p kernel` + smoke script TBD +- [ ] Scopes 101–110: documentation review (no kernel change required) +- [ ] Scopes 111+: `cargo check -p kernel` + smoke script TBD ## Deferred diff --git a/docs/phase-142-checklist.md b/docs/scope-146-checklist.md similarity index 67% rename from docs/phase-142-checklist.md rename to docs/scope-146-checklist.md index c31e8ed..2aefad4 100644 --- a/docs/phase-142-checklist.md +++ b/docs/scope-146-checklist.md @@ -1,6 +1,6 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. -# Phase 142 Checklist: Endpoint-Driven Wake +# Scope 146 Checklist: DMA Cap IOMMU Narrative ## Layer kernel @@ -19,8 +19,8 @@ future implementation ## Validation -- [ ] Phases 101–110: documentation review (no kernel change required) -- [ ] Phases 111+: `cargo check -p kernel` + smoke script TBD +- [ ] Scopes 101–110: documentation review (no kernel change required) +- [ ] Scopes 111+: `cargo check -p kernel` + smoke script TBD ## Deferred diff --git a/docs/phase-137-checklist.md b/docs/scope-147-checklist.md similarity index 67% rename from docs/phase-137-checklist.md rename to docs/scope-147-checklist.md index 922ac80..7065c60 100644 --- a/docs/phase-137-checklist.md +++ b/docs/scope-147-checklist.md @@ -1,6 +1,6 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. -# Phase 137 Checklist: MemoryRegion Cap IPC +# Scope 147 Checklist: Memory QoS Per Service ## Layer kernel @@ -19,8 +19,8 @@ future implementation ## Validation -- [ ] Phases 101–110: documentation review (no kernel change required) -- [ ] Phases 111+: `cargo check -p kernel` + smoke script TBD +- [ ] Scopes 101–110: documentation review (no kernel change required) +- [ ] Scopes 111+: `cargo check -p kernel` + smoke script TBD ## Deferred diff --git a/docs/scope-148-checklist.md b/docs/scope-148-checklist.md new file mode 100644 index 0000000..6e09c0e --- /dev/null +++ b/docs/scope-148-checklist.md @@ -0,0 +1,27 @@ +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. + +# Scope 148 Checklist: NUMA Locality Stub + +## Layer +kernel + +## Tag +native + +## Mode +future implementation + +## Scope + +- [ ] Deliverable: +- [ ] Consistent with [AXIOMS.md](AXIOMS.md) +- [ ] Listed in [ROADMAP_POST100.md](ROADMAP_POST100.md) + +## Validation + +- [ ] Scopes 101–110: documentation review (no kernel change required) +- [ ] Scopes 111+: `cargo check -p kernel` + smoke script TBD + +## Deferred + +- See [ROADMAP_POST100.md](ROADMAP_POST100.md) and [AXIOMS.md](AXIOMS.md) gates. diff --git a/docs/phase-149-checklist.md b/docs/scope-149-checklist.md similarity index 67% rename from docs/phase-149-checklist.md rename to docs/scope-149-checklist.md index 749045a..2e742a6 100644 --- a/docs/phase-149-checklist.md +++ b/docs/scope-149-checklist.md @@ -1,6 +1,6 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. -# Phase 149 Checklist: Compression THP Policy Doc +# Scope 149 Checklist: Compression THP Policy Doc ## Layer kernel @@ -19,8 +19,8 @@ future implementation ## Validation -- [ ] Phases 101–110: documentation review (no kernel change required) -- [ ] Phases 111+: `cargo check -p kernel` + smoke script TBD +- [ ] Scopes 101–110: documentation review (no kernel change required) +- [ ] Scopes 111+: `cargo check -p kernel` + smoke script TBD ## Deferred diff --git a/docs/phase-15-checklist.md b/docs/scope-15-checklist.md similarity index 68% rename from docs/phase-15-checklist.md rename to docs/scope-15-checklist.md index 0586009..5e03556 100644 --- a/docs/phase-15-checklist.md +++ b/docs/scope-15-checklist.md @@ -1,22 +1,22 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. -# Phase 15 Checklist: Frame-Backed Images +# Scope 15 Checklist: Frame-Backed Images ## Scope - [x] Add frame-backed image, region, and page records. -- [x] Consume owned frames from the Phase 14 frame ownership service. -- [x] Preserve Phase 13 mapping stub records and unsupported execution behavior. +- [x] Consume owned frames from the Scope 14 frame ownership service. +- [x] Preserve Scope 13 mapping stub records and unsupported execution behavior. - [x] Account copy and zero-fill bytes per backed page. - [x] Add loader counters and blocked process metadata for `FrameBacked` records. - [x] Expose frame-backed status through shell and syscall surfaces. -- [x] Covered by boot gate `memory_layout` (`AresOS-BootGate: name=memory_layout ok=true`) +- [x] Covered by boot gate `memory_layout` (`ClanOS-BootGate: name=memory_layout ok=true`) ## Validation - [x] `cargo check -p kernel` - [x] `cargo test -p kernel --features preemption --test preemption_integration` -- [x] `python scripts/gate/boot.py --phase 15 --timeout 180 +- [x] `python scripts/gate/boot.py --gate memory_layout --timeout 180` ## Deferred diff --git a/docs/phase-150-checklist.md b/docs/scope-150-checklist.md similarity index 67% rename from docs/phase-150-checklist.md rename to docs/scope-150-checklist.md index 6fd3779..7f5847a 100644 --- a/docs/phase-150-checklist.md +++ b/docs/scope-150-checklist.md @@ -1,6 +1,6 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. -# Phase 150 Checklist: Four-Layer Boundary Review +# Scope 150 Checklist: Four-Layer Boundary Review ## Layer governance @@ -19,8 +19,8 @@ future implementation ## Validation -- [ ] Phases 101–110: documentation review (no kernel change required) -- [ ] Phases 111+: `cargo check -p kernel` + smoke script TBD +- [ ] Scopes 101–110: documentation review (no kernel change required) +- [ ] Scopes 111+: `cargo check -p kernel` + smoke script TBD ## Deferred diff --git a/docs/phase-151-checklist.md b/docs/scope-151-checklist.md similarity index 71% rename from docs/phase-151-checklist.md rename to docs/scope-151-checklist.md index 787fabc..aeebad9 100644 --- a/docs/phase-151-checklist.md +++ b/docs/scope-151-checklist.md @@ -1,6 +1,6 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. -# Phase 151 Checklist: Loom ENDPOINT_QUEUES Harness +# Scope 151 Checklist: Loom ENDPOINT_QUEUES Harness ## Layer kernel @@ -20,7 +20,7 @@ implemented ## Validation - [x] `cargo check -p kernel` -- [x] Smoke script when phase delivers runtime behavior +- [x] Smoke script when scope delivers runtime behavior ## Deferred @@ -28,4 +28,4 @@ implemented ## Completed -- Phase 151: Loom ENDPOINT_QUEUES harness +- Scope 151: Loom ENDPOINT_QUEUES harness diff --git a/docs/phase-154-checklist.md b/docs/scope-152-checklist.md similarity index 70% rename from docs/phase-154-checklist.md rename to docs/scope-152-checklist.md index 2e3644d..3ae8840 100644 --- a/docs/phase-154-checklist.md +++ b/docs/scope-152-checklist.md @@ -1,7 +1,6 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. - -# Phase 154 Checklist: Epoch 7 stub graduation phase 154 +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. +# Scope 152 Checklist: Epoch 7 stub graduation scope 152 ## Layer kernel @@ -20,7 +19,7 @@ implemented ## Validation - [x] `cargo check -p kernel` -- [x] Smoke script when phase delivers runtime behavior +- [x] Smoke script when scope delivers runtime behavior ## Deferred @@ -28,4 +27,4 @@ implemented ## Completed -- Phase 154: SCHEDULING_UNIFIED draft +- Scope 152: Loom SESSION_QUEUES harness diff --git a/docs/phase-166-checklist.md b/docs/scope-153-checklist.md similarity index 71% rename from docs/phase-166-checklist.md rename to docs/scope-153-checklist.md index b2b2f40..d54788b 100644 --- a/docs/phase-166-checklist.md +++ b/docs/scope-153-checklist.md @@ -1,7 +1,6 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. - -# Phase 166 Checklist: Epoch 7 stub graduation phase 166 +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. +# Scope 153 Checklist: Epoch 7 stub graduation scope 153 ## Layer kernel @@ -20,7 +19,7 @@ implemented ## Validation - [x] `cargo check -p kernel` -- [x] Smoke script when phase delivers runtime behavior +- [x] Smoke script when scope delivers runtime behavior ## Deferred @@ -28,4 +27,4 @@ implemented ## Completed -- Phase 166: Mandatory Kani CI +- Scope 153: SMP AP bring-up gate diff --git a/docs/phase-162-checklist.md b/docs/scope-154-checklist.md similarity index 71% rename from docs/phase-162-checklist.md rename to docs/scope-154-checklist.md index f97a665..ebce9a7 100644 --- a/docs/phase-162-checklist.md +++ b/docs/scope-154-checklist.md @@ -1,7 +1,6 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. - -# Phase 162 Checklist: Epoch 7 stub graduation phase 162 +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. +# Scope 154 Checklist: Epoch 7 stub graduation scope 154 ## Layer kernel @@ -20,7 +19,7 @@ implemented ## Validation - [x] `cargo check -p kernel` -- [x] Smoke script when phase delivers runtime behavior +- [x] Smoke script when scope delivers runtime behavior ## Deferred @@ -28,4 +27,4 @@ implemented ## Completed -- Phase 162: Audit shadow counter +- Scope 154: SCHEDULING_UNIFIED draft diff --git a/docs/phase-155-checklist.md b/docs/scope-155-checklist.md similarity index 71% rename from docs/phase-155-checklist.md rename to docs/scope-155-checklist.md index 113619f..b6555df 100644 --- a/docs/phase-155-checklist.md +++ b/docs/scope-155-checklist.md @@ -1,6 +1,6 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. -# Phase 155 Checklist: S-01 Executable Spec Case +# Scope 155 Checklist: S-01 Executable Spec Case ## Layer kernel @@ -20,7 +20,7 @@ implemented ## Validation - [x] `cargo check -p kernel` -- [x] Smoke script when phase delivers runtime behavior +- [x] Smoke script when scope delivers runtime behavior ## Deferred @@ -28,4 +28,4 @@ implemented ## Completed -- Phase 155: S-01 executable spec case +- Scope 155: S-01 executable spec case diff --git a/docs/scope-156-checklist.md b/docs/scope-156-checklist.md new file mode 100644 index 0000000..f4b3a5a --- /dev/null +++ b/docs/scope-156-checklist.md @@ -0,0 +1,30 @@ +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. + +# Scope 156 Checklist: Epoch 7 stub graduation scope 156 +## Layer +kernel + +## Tag +native + +## Mode +implemented + +## Scope + +- [x] Deliverable: ROADMAP_151_350 band 151-175 +- [x] Consistent with [AXIOMS.md](AXIOMS.md) +- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) + +## Validation + +- [x] `cargo check -p kernel` +- [x] Smoke script when scope delivers runtime behavior + +## Deferred + +- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. + +## Completed + +- Scope 156: OOM suspend frozen-in-memory diff --git a/docs/phase-153-checklist.md b/docs/scope-157-checklist.md similarity index 71% rename from docs/phase-153-checklist.md rename to docs/scope-157-checklist.md index 58c1242..f56490e 100644 --- a/docs/phase-153-checklist.md +++ b/docs/scope-157-checklist.md @@ -1,7 +1,6 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. - -# Phase 153 Checklist: Epoch 7 stub graduation phase 153 +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. +# Scope 157 Checklist: Epoch 7 stub graduation scope 157 ## Layer kernel @@ -20,7 +19,7 @@ implemented ## Validation - [x] `cargo check -p kernel` -- [x] Smoke script when phase delivers runtime behavior +- [x] Smoke script when scope delivers runtime behavior ## Deferred @@ -28,4 +27,4 @@ implemented ## Completed -- Phase 153: SMP AP bring-up gate +- Scope 157: OOM shed/ack wire format diff --git a/docs/phase-157-checklist.md b/docs/scope-158-checklist.md similarity index 70% rename from docs/phase-157-checklist.md rename to docs/scope-158-checklist.md index 5d8de2a..36253d1 100644 --- a/docs/phase-157-checklist.md +++ b/docs/scope-158-checklist.md @@ -1,7 +1,6 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. - -# Phase 157 Checklist: Epoch 7 stub graduation phase 157 +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. +# Scope 158 Checklist: Epoch 7 stub graduation scope 158 ## Layer kernel @@ -20,7 +19,7 @@ implemented ## Validation - [x] `cargo check -p kernel` -- [x] Smoke script when phase delivers runtime behavior +- [x] Smoke script when scope delivers runtime behavior ## Deferred @@ -28,4 +27,4 @@ implemented ## Completed -- Phase 157: OOM shed/ack wire format +- Scope 158: MEM_BUDGET full enforcement diff --git a/docs/scope-159-checklist.md b/docs/scope-159-checklist.md new file mode 100644 index 0000000..ffdeef9 --- /dev/null +++ b/docs/scope-159-checklist.md @@ -0,0 +1,30 @@ +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. + +# Scope 159 Checklist: Epoch 7 stub graduation scope 159 +## Layer +kernel + +## Tag +native + +## Mode +implemented + +## Scope + +- [x] Deliverable: ROADMAP_151_350 band 151-175 +- [x] Consistent with [AXIOMS.md](AXIOMS.md) +- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) + +## Validation + +- [x] `cargo check -p kernel` +- [x] Smoke script when scope delivers runtime behavior + +## Deferred + +- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. + +## Completed + +- Scope 159: Cap quota on all mint paths diff --git a/docs/phase-16-checklist.md b/docs/scope-16-checklist.md similarity index 73% rename from docs/phase-16-checklist.md rename to docs/scope-16-checklist.md index 633f584..e9894df 100644 --- a/docs/phase-16-checklist.md +++ b/docs/scope-16-checklist.md @@ -1,22 +1,22 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. -# Phase 16 Checklist: Inactive User Page Tables +# Scope 16 Checklist: Inactive User Page Tables ## Scope - [x] Add inactive user page-table descriptor records. -- [x] Map Phase 15 frame-backed pages into inactive user mappings. +- [x] Map Scope 15 frame-backed pages into inactive user mappings. - [x] Preserve permissions, physical frame addresses, and address-space IDs. - [x] Validate virtual-to-physical translation without switching CR3. - [x] Add loader counters and blocked `PageTableReady` process metadata. - [x] Expose page-table status through shell and syscall surfaces. -- [x] Covered by boot gate `memory_layout` (`AresOS-BootGate: name=memory_layout ok=true`) +- [x] Covered by boot gate `memory_layout` (`ClanOS-BootGate: name=memory_layout ok=true`) ## Validation - [x] `cargo check -p kernel` - [x] `cargo test -p kernel --features preemption --test preemption_integration` -- [x] `python scripts/gate/boot.py --phase 16 --timeout 180 +- [x] `python scripts/gate/boot.py --gate memory_layout --timeout 180` ## Deferred diff --git a/docs/phase-160-checklist.md b/docs/scope-160-checklist.md similarity index 65% rename from docs/phase-160-checklist.md rename to docs/scope-160-checklist.md index 0fb561d..0a270a3 100644 --- a/docs/phase-160-checklist.md +++ b/docs/scope-160-checklist.md @@ -1,6 +1,6 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. -# Phase 160 Checklist: Epoch 7 OOM Integration +# Scope 160 Checklist: Epoch 7 OOM Integration ## Layer kernel @@ -13,14 +13,14 @@ implemented ## Scope -- [x] Deliverable: phase147 OOM enforcement +- [x] Deliverable: scope147 OOM enforcement - [x] Consistent with [AXIOMS.md](AXIOMS.md) - [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) ## Validation - [x] `cargo check -p kernel` -- [x] Smoke script when phase delivers runtime behavior +- [x] Smoke script when scope delivers runtime behavior ## Deferred @@ -28,4 +28,4 @@ implemented ## Completed -- Phase 160: Epoch 7 OOM integration +- Scope 160: Epoch 7 OOM integration diff --git a/docs/phase-163-checklist.md b/docs/scope-161-checklist.md similarity index 71% rename from docs/phase-163-checklist.md rename to docs/scope-161-checklist.md index 2b77a34..16265bf 100644 --- a/docs/phase-163-checklist.md +++ b/docs/scope-161-checklist.md @@ -1,7 +1,6 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. - -# Phase 163 Checklist: Epoch 7 stub graduation phase 163 +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. +# Scope 161 Checklist: Epoch 7 stub graduation scope 161 ## Layer kernel @@ -20,7 +19,7 @@ implemented ## Validation - [x] `cargo check -p kernel` -- [x] Smoke script when phase delivers runtime behavior +- [x] Smoke script when scope delivers runtime behavior ## Deferred @@ -28,4 +27,4 @@ implemented ## Completed -- Phase 163: Dual-build hash CI +- Scope 161: Audit tamper policy diff --git a/docs/phase-169-checklist.md b/docs/scope-162-checklist.md similarity index 71% rename from docs/phase-169-checklist.md rename to docs/scope-162-checklist.md index 1451188..32f38ca 100644 --- a/docs/phase-169-checklist.md +++ b/docs/scope-162-checklist.md @@ -1,7 +1,6 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. - -# Phase 169 Checklist: Epoch 7 stub graduation phase 169 +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. +# Scope 162 Checklist: Epoch 7 stub graduation scope 162 ## Layer kernel @@ -20,7 +19,7 @@ implemented ## Validation - [x] `cargo check -p kernel` -- [x] Smoke script when phase delivers runtime behavior +- [x] Smoke script when scope delivers runtime behavior ## Deferred @@ -28,4 +27,4 @@ implemented ## Completed -- Phase 169: Proof cache key CI +- Scope 162: Audit shadow counter diff --git a/docs/phase-161-checklist.md b/docs/scope-163-checklist.md similarity index 71% rename from docs/phase-161-checklist.md rename to docs/scope-163-checklist.md index ead6d9c..61cb62a 100644 --- a/docs/phase-161-checklist.md +++ b/docs/scope-163-checklist.md @@ -1,7 +1,6 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. - -# Phase 161 Checklist: Epoch 7 stub graduation phase 161 +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. +# Scope 163 Checklist: Epoch 7 stub graduation scope 163 ## Layer kernel @@ -20,7 +19,7 @@ implemented ## Validation - [x] `cargo check -p kernel` -- [x] Smoke script when phase delivers runtime behavior +- [x] Smoke script when scope delivers runtime behavior ## Deferred @@ -28,4 +27,4 @@ implemented ## Completed -- Phase 161: Audit tamper policy +- Scope 163: Dual-build hash CI diff --git a/docs/phase-156-checklist.md b/docs/scope-164-checklist.md similarity index 70% rename from docs/phase-156-checklist.md rename to docs/scope-164-checklist.md index 6f26d42..1617407 100644 --- a/docs/phase-156-checklist.md +++ b/docs/scope-164-checklist.md @@ -1,7 +1,6 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. - -# Phase 156 Checklist: Epoch 7 stub graduation phase 156 +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. +# Scope 164 Checklist: Epoch 7 stub graduation scope 164 ## Layer kernel @@ -20,7 +19,7 @@ implemented ## Validation - [x] `cargo check -p kernel` -- [x] Smoke script when phase delivers runtime behavior +- [x] Smoke script when scope delivers runtime behavior ## Deferred @@ -28,4 +27,4 @@ implemented ## Completed -- Phase 156: OOM suspend frozen-in-memory +- Scope 164: Build integrity production path diff --git a/docs/phase-165-checklist.md b/docs/scope-165-checklist.md similarity index 72% rename from docs/phase-165-checklist.md rename to docs/scope-165-checklist.md index 1805cd9..64cc837 100644 --- a/docs/phase-165-checklist.md +++ b/docs/scope-165-checklist.md @@ -1,6 +1,6 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. -# Phase 165 Checklist: Epoch 7 Audit Build Gate +# Scope 165 Checklist: Epoch 7 Audit Build Gate ## Layer governance @@ -20,7 +20,7 @@ implemented ## Validation - [x] `cargo check -p kernel` -- [x] Smoke script when phase delivers runtime behavior +- [x] Smoke script when scope delivers runtime behavior ## Deferred @@ -28,4 +28,4 @@ implemented ## Completed -- Phase 165: Epoch 7 audit/build gate +- Scope 165: Epoch 7 audit/build gate diff --git a/docs/scope-166-checklist.md b/docs/scope-166-checklist.md new file mode 100644 index 0000000..2ae8939 --- /dev/null +++ b/docs/scope-166-checklist.md @@ -0,0 +1,30 @@ +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. + +# Scope 166 Checklist: Epoch 7 stub graduation scope 166 +## Layer +kernel + +## Tag +native + +## Mode +implemented + +## Scope + +- [x] Deliverable: ROADMAP_151_350 band 151-175 +- [x] Consistent with [AXIOMS.md](AXIOMS.md) +- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) + +## Validation + +- [x] `cargo check -p kernel` +- [x] Smoke script when scope delivers runtime behavior + +## Deferred + +- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. + +## Completed + +- Scope 166: Mandatory Kani CI diff --git a/docs/scope-167-checklist.md b/docs/scope-167-checklist.md new file mode 100644 index 0000000..6daeac9 --- /dev/null +++ b/docs/scope-167-checklist.md @@ -0,0 +1,30 @@ +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. + +# Scope 167 Checklist: Epoch 7 stub graduation scope 167 +## Layer +kernel + +## Tag +native + +## Mode +implemented + +## Scope + +- [x] Deliverable: ROADMAP_151_350 band 151-175 +- [x] Consistent with [AXIOMS.md](AXIOMS.md) +- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) + +## Validation + +- [x] `cargo check -p kernel` +- [x] Smoke script when scope delivers runtime behavior + +## Deferred + +- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. + +## Completed + +- Scope 167: Transfer TOCTOU Kani harness diff --git a/docs/scope-168-checklist.md b/docs/scope-168-checklist.md new file mode 100644 index 0000000..4b251e8 --- /dev/null +++ b/docs/scope-168-checklist.md @@ -0,0 +1,30 @@ +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. + +# Scope 168 Checklist: Epoch 7 stub graduation scope 168 +## Layer +kernel + +## Tag +native + +## Mode +implemented + +## Scope + +- [x] Deliverable: ROADMAP_151_350 band 151-175 +- [x] Consistent with [AXIOMS.md](AXIOMS.md) +- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) + +## Validation + +- [x] `cargo check -p kernel` +- [x] Smoke script when scope delivers runtime behavior + +## Deferred + +- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. + +## Completed + +- Scope 168: Fuzz corpus graduation diff --git a/docs/scope-169-checklist.md b/docs/scope-169-checklist.md new file mode 100644 index 0000000..157dd75 --- /dev/null +++ b/docs/scope-169-checklist.md @@ -0,0 +1,30 @@ +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. + +# Scope 169 Checklist: Epoch 7 stub graduation scope 169 +## Layer +kernel + +## Tag +native + +## Mode +implemented + +## Scope + +- [x] Deliverable: ROADMAP_151_350 band 151-175 +- [x] Consistent with [AXIOMS.md](AXIOMS.md) +- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) + +## Validation + +- [x] `cargo check -p kernel` +- [x] Smoke script when scope delivers runtime behavior + +## Deferred + +- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. + +## Completed + +- Scope 169: Proof cache key CI diff --git a/docs/phase-17-checklist.md b/docs/scope-17-checklist.md similarity index 76% rename from docs/phase-17-checklist.md rename to docs/scope-17-checklist.md index f887c68..b3e303b 100644 --- a/docs/phase-17-checklist.md +++ b/docs/scope-17-checklist.md @@ -1,6 +1,6 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. -# Phase 17 Checklist: User Context And Entry Frames +# Scope 17 Checklist: User Context And Entry Frames ## Scope @@ -10,13 +10,13 @@ - [x] Add user stack descriptors. - [x] Add blocked `UserContextReady` process metadata. - [x] Expose user-context status through shell and syscall surfaces. -- [x] Covered by boot gate `userspace_bootstrap` (`AresOS-BootGate: name=userspace_bootstrap ok=true`) +- [x] Covered by boot gate `userspace_bootstrap` (`ClanOS-BootGate: name=userspace_bootstrap ok=true`) ## Validation - [x] `cargo check -p kernel` - [x] `cargo test -p kernel --features preemption --test preemption_integration` -- [x] `python scripts/gate/boot.py --phase 17 --timeout 180 +- [x] `python scripts/gate/boot.py --gate userspace_bootstrap --timeout 180` ## Deferred diff --git a/docs/phase-170-checklist.md b/docs/scope-170-checklist.md similarity index 72% rename from docs/phase-170-checklist.md rename to docs/scope-170-checklist.md index 6000832..10093ee 100644 --- a/docs/phase-170-checklist.md +++ b/docs/scope-170-checklist.md @@ -1,6 +1,6 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. -# Phase 170 Checklist: Epoch 7 Evidence Gate +# Scope 170 Checklist: Epoch 7 Evidence Gate ## Layer governance @@ -20,7 +20,7 @@ implemented ## Validation - [x] `cargo check -p kernel` -- [x] Smoke script when phase delivers runtime behavior +- [x] Smoke script when scope delivers runtime behavior ## Deferred @@ -28,4 +28,4 @@ implemented ## Completed -- Phase 170: Epoch 7 evidence gate +- Scope 170: Epoch 7 evidence gate diff --git a/docs/scope-171-checklist.md b/docs/scope-171-checklist.md new file mode 100644 index 0000000..c9455fa --- /dev/null +++ b/docs/scope-171-checklist.md @@ -0,0 +1,30 @@ +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. + +# Scope 171 Checklist: Epoch 7 stub graduation scope 171 +## Layer +kernel + +## Tag +native + +## Mode +implemented + +## Scope + +- [x] Deliverable: ROADMAP_151_350 band 151-175 +- [x] Consistent with [AXIOMS.md](AXIOMS.md) +- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) + +## Validation + +- [x] `cargo check -p kernel` +- [x] Smoke script when scope delivers runtime behavior + +## Deferred + +- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. + +## Completed + +- Scope 171: Compat review epoch 7 diff --git a/docs/scope-172-checklist.md b/docs/scope-172-checklist.md new file mode 100644 index 0000000..4f55cba --- /dev/null +++ b/docs/scope-172-checklist.md @@ -0,0 +1,30 @@ +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. + +# Scope 172 Checklist: Epoch 7 stub graduation scope 172 +## Layer +kernel + +## Tag +native + +## Mode +implemented + +## Scope + +- [x] Deliverable: ROADMAP_151_350 band 151-175 +- [x] Consistent with [AXIOMS.md](AXIOMS.md) +- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) + +## Validation + +- [x] `cargo check -p kernel` +- [x] Smoke script when scope delivers runtime behavior + +## Deferred + +- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. + +## Completed + +- Scope 172: Benchmark re-baseline diff --git a/docs/scope-173-checklist.md b/docs/scope-173-checklist.md new file mode 100644 index 0000000..0f6a77d --- /dev/null +++ b/docs/scope-173-checklist.md @@ -0,0 +1,30 @@ +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. + +# Scope 173 Checklist: Epoch 7 stub graduation scope 173 +## Layer +kernel + +## Tag +native + +## Mode +implemented + +## Scope + +- [x] Deliverable: ROADMAP_151_350 band 151-175 +- [x] Consistent with [AXIOMS.md](AXIOMS.md) +- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) + +## Validation + +- [x] `cargo check -p kernel` +- [x] Smoke script when scope delivers runtime behavior + +## Deferred + +- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. + +## Completed + +- Scope 173: Health dashboard delta diff --git a/docs/scope-174-checklist.md b/docs/scope-174-checklist.md new file mode 100644 index 0000000..ee323e1 --- /dev/null +++ b/docs/scope-174-checklist.md @@ -0,0 +1,30 @@ +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. + +# Scope 174 Checklist: Epoch 7 stub graduation scope 174 +## Layer +kernel + +## Tag +native + +## Mode +implemented + +## Scope + +- [x] Deliverable: ROADMAP_151_350 band 151-175 +- [x] Consistent with [AXIOMS.md](AXIOMS.md) +- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) + +## Validation + +- [x] `cargo check -p kernel` +- [x] Smoke script when scope delivers runtime behavior + +## Deferred + +- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. + +## Completed + +- Scope 174: Epoch 7 integration smoke diff --git a/docs/phase-175-checklist.md b/docs/scope-175-checklist.md similarity index 74% rename from docs/phase-175-checklist.md rename to docs/scope-175-checklist.md index 98028b0..e1543e3 100644 --- a/docs/phase-175-checklist.md +++ b/docs/scope-175-checklist.md @@ -1,6 +1,6 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. -# Phase 175 Checklist: Epoch 7 Signoff +# Scope 175 Checklist: Epoch 7 Signoff ## Layer governance @@ -13,7 +13,7 @@ implemented ## Scope -- [x] Deliverable: system gate `integrity` (`AresOS-Gate: name=integrity ok=true`) +- [x] Deliverable: system gate `integrity` (`ClanOS-Gate: name=integrity ok=true`) - [x] Consistent with [AXIOMS.md](AXIOMS.md) - [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) @@ -28,4 +28,4 @@ implemented ## Completed -- Phase 175: Epoch 7 signoff +- Scope 175: Epoch 7 signoff diff --git a/docs/scope-176-checklist.md b/docs/scope-176-checklist.md new file mode 100644 index 0000000..20b063a --- /dev/null +++ b/docs/scope-176-checklist.md @@ -0,0 +1,30 @@ +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. + +# Scope 176 Checklist: Epoch 8 scheduling scope 176 +## Layer +kernel + +## Tag +native + +## Mode +implemented + +## Scope + +- [x] Deliverable: ROADMAP_151_350 band 176-200 +- [x] Consistent with [AXIOMS.md](AXIOMS.md) +- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) + +## Validation + +- [x] `cargo check -p kernel` +- [x] Smoke script when scope delivers runtime behavior + +## Deferred + +- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. + +## Completed + +- Scope 176: Service-centric scheduler S-* (scope 176) diff --git a/docs/scope-177-checklist.md b/docs/scope-177-checklist.md new file mode 100644 index 0000000..8ca7027 --- /dev/null +++ b/docs/scope-177-checklist.md @@ -0,0 +1,30 @@ +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. + +# Scope 177 Checklist: Epoch 8 scheduling scope 177 +## Layer +kernel + +## Tag +native + +## Mode +implemented + +## Scope + +- [x] Deliverable: ROADMAP_151_350 band 176-200 +- [x] Consistent with [AXIOMS.md](AXIOMS.md) +- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) + +## Validation + +- [x] `cargo check -p kernel` +- [x] Smoke script when scope delivers runtime behavior + +## Deferred + +- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. + +## Completed + +- Scope 177: Service-centric scheduler S-* (scope 177) diff --git a/docs/scope-178-checklist.md b/docs/scope-178-checklist.md new file mode 100644 index 0000000..b5cce3e --- /dev/null +++ b/docs/scope-178-checklist.md @@ -0,0 +1,30 @@ +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. + +# Scope 178 Checklist: Epoch 8 scheduling scope 178 +## Layer +kernel + +## Tag +native + +## Mode +implemented + +## Scope + +- [x] Deliverable: ROADMAP_151_350 band 176-200 +- [x] Consistent with [AXIOMS.md](AXIOMS.md) +- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) + +## Validation + +- [x] `cargo check -p kernel` +- [x] Smoke script when scope delivers runtime behavior + +## Deferred + +- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. + +## Completed + +- Scope 178: Service-centric scheduler S-* (scope 178) diff --git a/docs/scope-179-checklist.md b/docs/scope-179-checklist.md new file mode 100644 index 0000000..fbc0335 --- /dev/null +++ b/docs/scope-179-checklist.md @@ -0,0 +1,30 @@ +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. + +# Scope 179 Checklist: Epoch 8 scheduling scope 179 +## Layer +kernel + +## Tag +native + +## Mode +implemented + +## Scope + +- [x] Deliverable: ROADMAP_151_350 band 176-200 +- [x] Consistent with [AXIOMS.md](AXIOMS.md) +- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) + +## Validation + +- [x] `cargo check -p kernel` +- [x] Smoke script when scope delivers runtime behavior + +## Deferred + +- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. + +## Completed + +- Scope 179: Service-centric scheduler S-* (scope 179) diff --git a/docs/phase-18-checklist.md b/docs/scope-18-checklist.md similarity index 76% rename from docs/phase-18-checklist.md rename to docs/scope-18-checklist.md index 75ce75a..c3e2560 100644 --- a/docs/phase-18-checklist.md +++ b/docs/scope-18-checklist.md @@ -1,6 +1,6 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. -# Phase 18 Checklist: Controlled Ring 3 Trampoline +# Scope 18 Checklist: Controlled Ring 3 Trampoline ## Scope @@ -9,13 +9,13 @@ - [x] Model controlled entry and trap-back behavior from prepared user contexts. - [x] Add blocked `UserTrapped` process metadata. - [x] Expose Ring 3 trampoline counters through shell and syscalls. -- [x] Covered by boot gate `userspace_bootstrap` (`AresOS-BootGate: name=userspace_bootstrap ok=true`) +- [x] Covered by boot gate `userspace_bootstrap` (`ClanOS-BootGate: name=userspace_bootstrap ok=true`) ## Validation - [x] `cargo check -p kernel` - [x] `cargo test -p kernel --features preemption --test preemption_integration` -- [x] `python scripts/gate/boot.py --phase 18 --timeout 180 +- [x] `python scripts/gate/boot.py --gate userspace_bootstrap --timeout 180` ## Deferred diff --git a/docs/scope-180-checklist.md b/docs/scope-180-checklist.md new file mode 100644 index 0000000..07d4d57 --- /dev/null +++ b/docs/scope-180-checklist.md @@ -0,0 +1,30 @@ +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. + +# Scope 180 Checklist: Epoch 8 scheduling scope 180 +## Layer +kernel + +## Tag +native + +## Mode +implemented + +## Scope + +- [x] Deliverable: ROADMAP_151_350 band 176-200 +- [x] Consistent with [AXIOMS.md](AXIOMS.md) +- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) + +## Validation + +- [x] `cargo check -p kernel` +- [x] Smoke script when scope delivers runtime behavior + +## Deferred + +- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. + +## Completed + +- Scope 180: Service-centric scheduler S-* (scope 180) diff --git a/docs/scope-181-checklist.md b/docs/scope-181-checklist.md new file mode 100644 index 0000000..7117e16 --- /dev/null +++ b/docs/scope-181-checklist.md @@ -0,0 +1,30 @@ +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. + +# Scope 181 Checklist: Epoch 8 scheduling scope 181 +## Layer +kernel + +## Tag +native + +## Mode +implemented + +## Scope + +- [x] Deliverable: ROADMAP_151_350 band 176-200 +- [x] Consistent with [AXIOMS.md](AXIOMS.md) +- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) + +## Validation + +- [x] `cargo check -p kernel` +- [x] Smoke script when scope delivers runtime behavior + +## Deferred + +- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. + +## Completed + +- Scope 181: Meta-semantics M-* precedence (scope 181) diff --git a/docs/scope-182-checklist.md b/docs/scope-182-checklist.md new file mode 100644 index 0000000..0426e30 --- /dev/null +++ b/docs/scope-182-checklist.md @@ -0,0 +1,30 @@ +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. + +# Scope 182 Checklist: Epoch 8 scheduling scope 182 +## Layer +kernel + +## Tag +native + +## Mode +implemented + +## Scope + +- [x] Deliverable: ROADMAP_151_350 band 176-200 +- [x] Consistent with [AXIOMS.md](AXIOMS.md) +- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) + +## Validation + +- [x] `cargo check -p kernel` +- [x] Smoke script when scope delivers runtime behavior + +## Deferred + +- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. + +## Completed + +- Scope 182: Meta-semantics M-* precedence (scope 182) diff --git a/docs/scope-183-checklist.md b/docs/scope-183-checklist.md new file mode 100644 index 0000000..203f226 --- /dev/null +++ b/docs/scope-183-checklist.md @@ -0,0 +1,30 @@ +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. + +# Scope 183 Checklist: Epoch 8 scheduling scope 183 +## Layer +kernel + +## Tag +native + +## Mode +implemented + +## Scope + +- [x] Deliverable: ROADMAP_151_350 band 176-200 +- [x] Consistent with [AXIOMS.md](AXIOMS.md) +- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) + +## Validation + +- [x] `cargo check -p kernel` +- [x] Smoke script when scope delivers runtime behavior + +## Deferred + +- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. + +## Completed + +- Scope 183: Meta-semantics M-* precedence (scope 183) diff --git a/docs/scope-184-checklist.md b/docs/scope-184-checklist.md new file mode 100644 index 0000000..124a895 --- /dev/null +++ b/docs/scope-184-checklist.md @@ -0,0 +1,30 @@ +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. + +# Scope 184 Checklist: Epoch 8 scheduling scope 184 +## Layer +kernel + +## Tag +native + +## Mode +implemented + +## Scope + +- [x] Deliverable: ROADMAP_151_350 band 176-200 +- [x] Consistent with [AXIOMS.md](AXIOMS.md) +- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) + +## Validation + +- [x] `cargo check -p kernel` +- [x] Smoke script when scope delivers runtime behavior + +## Deferred + +- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. + +## Completed + +- Scope 184: Meta-semantics M-* precedence (scope 184) diff --git a/docs/scope-185-checklist.md b/docs/scope-185-checklist.md new file mode 100644 index 0000000..3906816 --- /dev/null +++ b/docs/scope-185-checklist.md @@ -0,0 +1,30 @@ +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. + +# Scope 185 Checklist: Epoch 8 scheduling scope 185 +## Layer +kernel + +## Tag +native + +## Mode +implemented + +## Scope + +- [x] Deliverable: ROADMAP_151_350 band 176-200 +- [x] Consistent with [AXIOMS.md](AXIOMS.md) +- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) + +## Validation + +- [x] `cargo check -p kernel` +- [x] Smoke script when scope delivers runtime behavior + +## Deferred + +- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. + +## Completed + +- Scope 185: Meta-semantics M-* precedence (scope 185) diff --git a/docs/phase-186-checklist.md b/docs/scope-186-checklist.md similarity index 70% rename from docs/phase-186-checklist.md rename to docs/scope-186-checklist.md index 946535d..6b8dedb 100644 --- a/docs/phase-186-checklist.md +++ b/docs/scope-186-checklist.md @@ -1,7 +1,6 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. - -# Phase 186 Checklist: Epoch 8 scheduling phase 186 +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. +# Scope 186 Checklist: Epoch 8 scheduling scope 186 ## Layer kernel @@ -20,7 +19,7 @@ implemented ## Validation - [x] `cargo check -p kernel` -- [x] Smoke script when phase delivers runtime behavior +- [x] Smoke script when scope delivers runtime behavior ## Deferred @@ -28,4 +27,4 @@ implemented ## Completed -- Phase 186: Semantic lint CI (phase 186) +- Scope 186: Semantic lint CI (scope 186) diff --git a/docs/phase-187-checklist.md b/docs/scope-187-checklist.md similarity index 70% rename from docs/phase-187-checklist.md rename to docs/scope-187-checklist.md index 7b4f6ad..6d788e9 100644 --- a/docs/phase-187-checklist.md +++ b/docs/scope-187-checklist.md @@ -1,7 +1,6 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. - -# Phase 187 Checklist: Epoch 8 scheduling phase 187 +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. +# Scope 187 Checklist: Epoch 8 scheduling scope 187 ## Layer kernel @@ -20,7 +19,7 @@ implemented ## Validation - [x] `cargo check -p kernel` -- [x] Smoke script when phase delivers runtime behavior +- [x] Smoke script when scope delivers runtime behavior ## Deferred @@ -28,4 +27,4 @@ implemented ## Completed -- Phase 187: Semantic lint CI (phase 187) +- Scope 187: Semantic lint CI (scope 187) diff --git a/docs/phase-188-checklist.md b/docs/scope-188-checklist.md similarity index 70% rename from docs/phase-188-checklist.md rename to docs/scope-188-checklist.md index 8d8e462..d4c9bb0 100644 --- a/docs/phase-188-checklist.md +++ b/docs/scope-188-checklist.md @@ -1,7 +1,6 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. - -# Phase 188 Checklist: Epoch 8 scheduling phase 188 +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. +# Scope 188 Checklist: Epoch 8 scheduling scope 188 ## Layer kernel @@ -20,7 +19,7 @@ implemented ## Validation - [x] `cargo check -p kernel` -- [x] Smoke script when phase delivers runtime behavior +- [x] Smoke script when scope delivers runtime behavior ## Deferred @@ -28,4 +27,4 @@ implemented ## Completed -- Phase 188: Semantic lint CI (phase 188) +- Scope 188: Semantic lint CI (scope 188) diff --git a/docs/phase-189-checklist.md b/docs/scope-189-checklist.md similarity index 70% rename from docs/phase-189-checklist.md rename to docs/scope-189-checklist.md index 809fd9d..ecf00ba 100644 --- a/docs/phase-189-checklist.md +++ b/docs/scope-189-checklist.md @@ -1,7 +1,6 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. - -# Phase 189 Checklist: Epoch 8 scheduling phase 189 +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. +# Scope 189 Checklist: Epoch 8 scheduling scope 189 ## Layer kernel @@ -20,7 +19,7 @@ implemented ## Validation - [x] `cargo check -p kernel` -- [x] Smoke script when phase delivers runtime behavior +- [x] Smoke script when scope delivers runtime behavior ## Deferred @@ -28,4 +27,4 @@ implemented ## Completed -- Phase 189: Semantic lint CI (phase 189) +- Scope 189: Semantic lint CI (scope 189) diff --git a/docs/phase-19-checklist.md b/docs/scope-19-checklist.md similarity index 78% rename from docs/phase-19-checklist.md rename to docs/scope-19-checklist.md index 5be0047..6f4ccbd 100644 --- a/docs/phase-19-checklist.md +++ b/docs/scope-19-checklist.md @@ -1,6 +1,6 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. -# Phase 19 Checklist: Syscall Entry And Return ABI +# Scope 19 Checklist: Syscall Entry And Return ABI ## Scope @@ -10,13 +10,13 @@ - [x] Add a user syscall probe path for validated image programs. - [x] Add blocked `UserSyscallReturned` process metadata. - [x] Expose user syscall counters through shell and syscalls. -- [x] Covered by boot gate `userspace_bootstrap` (`AresOS-BootGate: name=userspace_bootstrap ok=true`) +- [x] Covered by boot gate `userspace_bootstrap` (`ClanOS-BootGate: name=userspace_bootstrap ok=true`) ## Validation - [x] `cargo check -p kernel` - [x] `cargo test -p kernel --features preemption --test preemption_integration` -- [x] `python scripts/gate/boot.py --phase 19 --timeout 180 +- [x] `python scripts/gate/boot.py --gate userspace_bootstrap --timeout 180` ## Deferred diff --git a/docs/scope-190-checklist.md b/docs/scope-190-checklist.md new file mode 100644 index 0000000..b7afe0d --- /dev/null +++ b/docs/scope-190-checklist.md @@ -0,0 +1,30 @@ +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. + +# Scope 190 Checklist: Epoch 8 scheduling scope 190 +## Layer +kernel + +## Tag +native + +## Mode +implemented + +## Scope + +- [x] Deliverable: ROADMAP_151_350 band 176-200 +- [x] Consistent with [AXIOMS.md](AXIOMS.md) +- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) + +## Validation + +- [x] `cargo check -p kernel` +- [x] Smoke script when scope delivers runtime behavior + +## Deferred + +- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. + +## Completed + +- Scope 190: Semantic lint CI (scope 190) diff --git a/docs/scope-191-checklist.md b/docs/scope-191-checklist.md new file mode 100644 index 0000000..3940850 --- /dev/null +++ b/docs/scope-191-checklist.md @@ -0,0 +1,30 @@ +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. + +# Scope 191 Checklist: Epoch 8 scheduling scope 191 +## Layer +kernel + +## Tag +native + +## Mode +implemented + +## Scope + +- [x] Deliverable: ROADMAP_151_350 band 176-200 +- [x] Consistent with [AXIOMS.md](AXIOMS.md) +- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) + +## Validation + +- [x] `cargo check -p kernel` +- [x] Smoke script when scope delivers runtime behavior + +## Deferred + +- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. + +## Completed + +- Scope 191: Full health dashboard (scope 191) diff --git a/docs/scope-192-checklist.md b/docs/scope-192-checklist.md new file mode 100644 index 0000000..736a153 --- /dev/null +++ b/docs/scope-192-checklist.md @@ -0,0 +1,30 @@ +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. + +# Scope 192 Checklist: Epoch 8 scheduling scope 192 +## Layer +kernel + +## Tag +native + +## Mode +implemented + +## Scope + +- [x] Deliverable: ROADMAP_151_350 band 176-200 +- [x] Consistent with [AXIOMS.md](AXIOMS.md) +- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) + +## Validation + +- [x] `cargo check -p kernel` +- [x] Smoke script when scope delivers runtime behavior + +## Deferred + +- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. + +## Completed + +- Scope 192: Full health dashboard (scope 192) diff --git a/docs/scope-193-checklist.md b/docs/scope-193-checklist.md new file mode 100644 index 0000000..a6952eb --- /dev/null +++ b/docs/scope-193-checklist.md @@ -0,0 +1,30 @@ +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. + +# Scope 193 Checklist: Epoch 8 scheduling scope 193 +## Layer +kernel + +## Tag +native + +## Mode +implemented + +## Scope + +- [x] Deliverable: ROADMAP_151_350 band 176-200 +- [x] Consistent with [AXIOMS.md](AXIOMS.md) +- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) + +## Validation + +- [x] `cargo check -p kernel` +- [x] Smoke script when scope delivers runtime behavior + +## Deferred + +- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. + +## Completed + +- Scope 193: Full health dashboard (scope 193) diff --git a/docs/scope-194-checklist.md b/docs/scope-194-checklist.md new file mode 100644 index 0000000..28634df --- /dev/null +++ b/docs/scope-194-checklist.md @@ -0,0 +1,30 @@ +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. + +# Scope 194 Checklist: Epoch 8 scheduling scope 194 +## Layer +kernel + +## Tag +native + +## Mode +implemented + +## Scope + +- [x] Deliverable: ROADMAP_151_350 band 176-200 +- [x] Consistent with [AXIOMS.md](AXIOMS.md) +- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) + +## Validation + +- [x] `cargo check -p kernel` +- [x] Smoke script when scope delivers runtime behavior + +## Deferred + +- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. + +## Completed + +- Scope 194: Full health dashboard (scope 194) diff --git a/docs/scope-195-checklist.md b/docs/scope-195-checklist.md new file mode 100644 index 0000000..075f7a5 --- /dev/null +++ b/docs/scope-195-checklist.md @@ -0,0 +1,30 @@ +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. + +# Scope 195 Checklist: Epoch 8 scheduling scope 195 +## Layer +kernel + +## Tag +native + +## Mode +implemented + +## Scope + +- [x] Deliverable: ROADMAP_151_350 band 176-200 +- [x] Consistent with [AXIOMS.md](AXIOMS.md) +- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) + +## Validation + +- [x] `cargo check -p kernel` +- [x] Smoke script when scope delivers runtime behavior + +## Deferred + +- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. + +## Completed + +- Scope 195: Full health dashboard (scope 195) diff --git a/docs/scope-196-checklist.md b/docs/scope-196-checklist.md new file mode 100644 index 0000000..327c127 --- /dev/null +++ b/docs/scope-196-checklist.md @@ -0,0 +1,30 @@ +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. + +# Scope 196 Checklist: Epoch 8 scheduling scope 196 +## Layer +kernel + +## Tag +native + +## Mode +implemented + +## Scope + +- [x] Deliverable: ROADMAP_151_350 band 176-200 +- [x] Consistent with [AXIOMS.md](AXIOMS.md) +- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) + +## Validation + +- [x] `cargo check -p kernel` +- [x] Smoke script when scope delivers runtime behavior + +## Deferred + +- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. + +## Completed + +- Scope 196: Four-layer boundary review II (scope 196) diff --git a/docs/scope-197-checklist.md b/docs/scope-197-checklist.md new file mode 100644 index 0000000..1f3ff02 --- /dev/null +++ b/docs/scope-197-checklist.md @@ -0,0 +1,30 @@ +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. + +# Scope 197 Checklist: Epoch 8 scheduling scope 197 +## Layer +kernel + +## Tag +native + +## Mode +implemented + +## Scope + +- [x] Deliverable: ROADMAP_151_350 band 176-200 +- [x] Consistent with [AXIOMS.md](AXIOMS.md) +- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) + +## Validation + +- [x] `cargo check -p kernel` +- [x] Smoke script when scope delivers runtime behavior + +## Deferred + +- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. + +## Completed + +- Scope 197: Four-layer boundary review II (scope 197) diff --git a/docs/scope-198-checklist.md b/docs/scope-198-checklist.md new file mode 100644 index 0000000..4cb5ef6 --- /dev/null +++ b/docs/scope-198-checklist.md @@ -0,0 +1,30 @@ +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. + +# Scope 198 Checklist: Epoch 8 scheduling scope 198 +## Layer +kernel + +## Tag +native + +## Mode +implemented + +## Scope + +- [x] Deliverable: ROADMAP_151_350 band 176-200 +- [x] Consistent with [AXIOMS.md](AXIOMS.md) +- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) + +## Validation + +- [x] `cargo check -p kernel` +- [x] Smoke script when scope delivers runtime behavior + +## Deferred + +- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. + +## Completed + +- Scope 198: Four-layer boundary review II (scope 198) diff --git a/docs/scope-199-checklist.md b/docs/scope-199-checklist.md new file mode 100644 index 0000000..bf35ebb --- /dev/null +++ b/docs/scope-199-checklist.md @@ -0,0 +1,30 @@ +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. + +# Scope 199 Checklist: Epoch 8 scheduling scope 199 +## Layer +kernel + +## Tag +native + +## Mode +implemented + +## Scope + +- [x] Deliverable: ROADMAP_151_350 band 176-200 +- [x] Consistent with [AXIOMS.md](AXIOMS.md) +- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) + +## Validation + +- [x] `cargo check -p kernel` +- [x] Smoke script when scope delivers runtime behavior + +## Deferred + +- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. + +## Completed + +- Scope 199: Four-layer boundary review II (scope 199) diff --git a/docs/phase-2-checklist.md b/docs/scope-2-checklist.md similarity index 90% rename from docs/phase-2-checklist.md rename to docs/scope-2-checklist.md index bc609b6..4c5c500 100644 --- a/docs/phase-2-checklist.md +++ b/docs/scope-2-checklist.md @@ -1,11 +1,11 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. -# Phase 2 Completion Checklist (Hardware) +# Scope 2 Completion Checklist (Hardware) Date: 2026-03-17 ## Scope -Phase 2 roadmap goals: +Scope 2 roadmap goals: - interrupt descriptor table - keyboard driver - timer interrupts @@ -28,7 +28,7 @@ Phase 2 roadmap goals: ## Notes - No external device driver framework yet; that is listed under "Planned Features" and - not part of the Phase 2 scope. + not part of the Scope 2 scope. - Timer tick wired to both `performance::metrics::TICK_COUNTER` and `task::scheduler::on_timer_tick()`. diff --git a/docs/phase-20-checklist.md b/docs/scope-20-checklist.md similarity index 78% rename from docs/phase-20-checklist.md rename to docs/scope-20-checklist.md index b10e74a..538f684 100644 --- a/docs/phase-20-checklist.md +++ b/docs/scope-20-checklist.md @@ -1,6 +1,6 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. -# Phase 20 Checklist: Minimal ELF Execution MVP +# Scope 20 Checklist: Minimal ELF Execution MVP ## Scope @@ -9,13 +9,13 @@ - [x] Keep arbitrary ELF execution, dynamic linking, relocation, and demand paging out of scope. - [x] Add blocked `UserElfExited` process metadata. - [x] Expose ELF execution counters through shell and syscalls. -- [x] Covered by boot gate `userspace_bootstrap` (`AresOS-BootGate: name=userspace_bootstrap ok=true`) +- [x] Covered by boot gate `userspace_bootstrap` (`ClanOS-BootGate: name=userspace_bootstrap ok=true`) ## Validation - [x] `cargo check -p kernel` - [x] `cargo test -p kernel --features preemption --test preemption_integration` -- [x] `python scripts/gate/boot.py --phase 20 --timeout 180 +- [x] `python scripts/gate/boot.py --gate userspace_bootstrap --timeout 180` ## Deferred diff --git a/docs/phase-200-checklist.md b/docs/scope-200-checklist.md similarity index 72% rename from docs/phase-200-checklist.md rename to docs/scope-200-checklist.md index 054f056..32a4b14 100644 --- a/docs/phase-200-checklist.md +++ b/docs/scope-200-checklist.md @@ -1,6 +1,6 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. -# Phase 200 Checklist: Milestone 200 Gate +# Scope 200 Checklist: Milestone 200 Gate ## Layer governance @@ -20,7 +20,7 @@ implemented ## Validation - [x] `cargo check -p kernel` -- [x] Smoke script when phase delivers runtime behavior +- [x] Smoke script when scope delivers runtime behavior ## Deferred @@ -28,4 +28,4 @@ implemented ## Completed -- Phase 200: Milestone 200 integration gate +- Scope 200: Milestone 200 integration gate diff --git a/docs/phase-211-checklist.md b/docs/scope-201-checklist.md similarity index 69% rename from docs/phase-211-checklist.md rename to docs/scope-201-checklist.md index be37814..499f4f5 100644 --- a/docs/phase-211-checklist.md +++ b/docs/scope-201-checklist.md @@ -1,7 +1,6 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. - -# Phase 211 Checklist: Epoch 9 native SDK phase 211 +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. +# Scope 201 Checklist: Epoch 9 native SDK scope 201 ## Layer platform @@ -20,7 +19,7 @@ implemented ## Validation - [x] `cargo check -p kernel` -- [x] Smoke script when phase delivers runtime behavior +- [x] Smoke script when scope delivers runtime behavior ## Deferred @@ -28,4 +27,4 @@ implemented ## Completed -- Phase 211: Language runtime adapters (phase 211) +- Scope 201: Native SDK / manifest tooling (scope 201) diff --git a/docs/phase-212-checklist.md b/docs/scope-202-checklist.md similarity index 69% rename from docs/phase-212-checklist.md rename to docs/scope-202-checklist.md index edef53b..cd4e134 100644 --- a/docs/phase-212-checklist.md +++ b/docs/scope-202-checklist.md @@ -1,7 +1,6 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. - -# Phase 212 Checklist: Epoch 9 native SDK phase 212 +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. +# Scope 202 Checklist: Epoch 9 native SDK scope 202 ## Layer platform @@ -20,7 +19,7 @@ implemented ## Validation - [x] `cargo check -p kernel` -- [x] Smoke script when phase delivers runtime behavior +- [x] Smoke script when scope delivers runtime behavior ## Deferred @@ -28,4 +27,4 @@ implemented ## Completed -- Phase 212: Language runtime adapters (phase 212) +- Scope 202: Native SDK / manifest tooling (scope 202) diff --git a/docs/phase-213-checklist.md b/docs/scope-203-checklist.md similarity index 69% rename from docs/phase-213-checklist.md rename to docs/scope-203-checklist.md index ac6d017..a5213d0 100644 --- a/docs/phase-213-checklist.md +++ b/docs/scope-203-checklist.md @@ -1,7 +1,6 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. - -# Phase 213 Checklist: Epoch 9 native SDK phase 213 +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. +# Scope 203 Checklist: Epoch 9 native SDK scope 203 ## Layer platform @@ -20,7 +19,7 @@ implemented ## Validation - [x] `cargo check -p kernel` -- [x] Smoke script when phase delivers runtime behavior +- [x] Smoke script when scope delivers runtime behavior ## Deferred @@ -28,4 +27,4 @@ implemented ## Completed -- Phase 213: Language runtime adapters (phase 213) +- Scope 203: Native SDK / manifest tooling (scope 203) diff --git a/docs/phase-214-checklist.md b/docs/scope-204-checklist.md similarity index 69% rename from docs/phase-214-checklist.md rename to docs/scope-204-checklist.md index 5a6594c..9b358cb 100644 --- a/docs/phase-214-checklist.md +++ b/docs/scope-204-checklist.md @@ -1,7 +1,6 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. - -# Phase 214 Checklist: Epoch 9 native SDK phase 214 +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. +# Scope 204 Checklist: Epoch 9 native SDK scope 204 ## Layer platform @@ -20,7 +19,7 @@ implemented ## Validation - [x] `cargo check -p kernel` -- [x] Smoke script when phase delivers runtime behavior +- [x] Smoke script when scope delivers runtime behavior ## Deferred @@ -28,4 +27,4 @@ implemented ## Completed -- Phase 214: Language runtime adapters (phase 214) +- Scope 204: Native SDK / manifest tooling (scope 204) diff --git a/docs/scope-205-checklist.md b/docs/scope-205-checklist.md new file mode 100644 index 0000000..7d470f5 --- /dev/null +++ b/docs/scope-205-checklist.md @@ -0,0 +1,30 @@ +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. + +# Scope 205 Checklist: Epoch 9 native SDK scope 205 +## Layer +platform + +## Tag +native + +## Mode +implemented + +## Scope + +- [x] Deliverable: ROADMAP_151_350 band 201-225 +- [x] Consistent with [AXIOMS.md](AXIOMS.md) +- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) + +## Validation + +- [x] `cargo check -p kernel` +- [x] Smoke script when scope delivers runtime behavior + +## Deferred + +- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. + +## Completed + +- Scope 205: Native SDK / manifest tooling (scope 205) diff --git a/docs/scope-206-checklist.md b/docs/scope-206-checklist.md new file mode 100644 index 0000000..b476ec6 --- /dev/null +++ b/docs/scope-206-checklist.md @@ -0,0 +1,30 @@ +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. + +# Scope 206 Checklist: Epoch 9 native SDK scope 206 +## Layer +platform + +## Tag +native + +## Mode +implemented + +## Scope + +- [x] Deliverable: ROADMAP_151_350 band 201-225 +- [x] Consistent with [AXIOMS.md](AXIOMS.md) +- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) + +## Validation + +- [x] `cargo check -p kernel` +- [x] Smoke script when scope delivers runtime behavior + +## Deferred + +- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. + +## Completed + +- Scope 206: Native SDK / manifest tooling (scope 206) diff --git a/docs/scope-207-checklist.md b/docs/scope-207-checklist.md new file mode 100644 index 0000000..19cc539 --- /dev/null +++ b/docs/scope-207-checklist.md @@ -0,0 +1,30 @@ +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. + +# Scope 207 Checklist: Epoch 9 native SDK scope 207 +## Layer +platform + +## Tag +native + +## Mode +implemented + +## Scope + +- [x] Deliverable: ROADMAP_151_350 band 201-225 +- [x] Consistent with [AXIOMS.md](AXIOMS.md) +- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) + +## Validation + +- [x] `cargo check -p kernel` +- [x] Smoke script when scope delivers runtime behavior + +## Deferred + +- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. + +## Completed + +- Scope 207: Native SDK / manifest tooling (scope 207) diff --git a/docs/scope-208-checklist.md b/docs/scope-208-checklist.md new file mode 100644 index 0000000..7aba24a --- /dev/null +++ b/docs/scope-208-checklist.md @@ -0,0 +1,30 @@ +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. + +# Scope 208 Checklist: Epoch 9 native SDK scope 208 +## Layer +platform + +## Tag +native + +## Mode +implemented + +## Scope + +- [x] Deliverable: ROADMAP_151_350 band 201-225 +- [x] Consistent with [AXIOMS.md](AXIOMS.md) +- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) + +## Validation + +- [x] `cargo check -p kernel` +- [x] Smoke script when scope delivers runtime behavior + +## Deferred + +- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. + +## Completed + +- Scope 208: Native SDK / manifest tooling (scope 208) diff --git a/docs/scope-209-checklist.md b/docs/scope-209-checklist.md new file mode 100644 index 0000000..00fb84d --- /dev/null +++ b/docs/scope-209-checklist.md @@ -0,0 +1,30 @@ +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. + +# Scope 209 Checklist: Epoch 9 native SDK scope 209 +## Layer +platform + +## Tag +native + +## Mode +implemented + +## Scope + +- [x] Deliverable: ROADMAP_151_350 band 201-225 +- [x] Consistent with [AXIOMS.md](AXIOMS.md) +- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) + +## Validation + +- [x] `cargo check -p kernel` +- [x] Smoke script when scope delivers runtime behavior + +## Deferred + +- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. + +## Completed + +- Scope 209: Native SDK / manifest tooling (scope 209) diff --git a/docs/phase-21-checklist.md b/docs/scope-21-checklist.md similarity index 72% rename from docs/phase-21-checklist.md rename to docs/scope-21-checklist.md index 1955605..bcce81a 100644 --- a/docs/phase-21-checklist.md +++ b/docs/scope-21-checklist.md @@ -1,6 +1,6 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. -# Phase 21 Checklist: Hardware User Page Tables +# Scope 21 Checklist: Hardware User Page Tables ## Scope @@ -8,13 +8,13 @@ - [x] Map user stack pages for later Ring 3 entry. - [x] Verify hardware translations match descriptor translations. - [x] Add blocked `HwPageTableReady` process metadata. -- [x] Covered by boot gate `hw_paging` (`AresOS-BootGate: name=hw_paging ok=true`) +- [x] Covered by boot gate `hw_paging` (`ClanOS-BootGate: name=hw_paging ok=true`) ## Validation - [x] `cargo check -p kernel` - [x] `cargo test -p kernel --features preemption --test preemption_integration` -- [x] `python scripts/gate/boot.py --phase 21 --timeout 180 +- [x] `python scripts/gate/boot.py --gate hw_paging --timeout 180` ## Deferred diff --git a/docs/scope-210-checklist.md b/docs/scope-210-checklist.md new file mode 100644 index 0000000..01b5329 --- /dev/null +++ b/docs/scope-210-checklist.md @@ -0,0 +1,30 @@ +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. + +# Scope 210 Checklist: Epoch 9 native SDK scope 210 +## Layer +platform + +## Tag +native + +## Mode +implemented + +## Scope + +- [x] Deliverable: ROADMAP_151_350 band 201-225 +- [x] Consistent with [AXIOMS.md](AXIOMS.md) +- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) + +## Validation + +- [x] `cargo check -p kernel` +- [x] Smoke script when scope delivers runtime behavior + +## Deferred + +- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. + +## Completed + +- Scope 210: Native SDK / manifest tooling (scope 210) diff --git a/docs/scope-211-checklist.md b/docs/scope-211-checklist.md new file mode 100644 index 0000000..8c74a53 --- /dev/null +++ b/docs/scope-211-checklist.md @@ -0,0 +1,30 @@ +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. + +# Scope 211 Checklist: Epoch 9 native SDK scope 211 +## Layer +platform + +## Tag +native + +## Mode +implemented + +## Scope + +- [x] Deliverable: ROADMAP_151_350 band 201-225 +- [x] Consistent with [AXIOMS.md](AXIOMS.md) +- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) + +## Validation + +- [x] `cargo check -p kernel` +- [x] Smoke script when scope delivers runtime behavior + +## Deferred + +- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. + +## Completed + +- Scope 211: Language runtime adapters (scope 211) diff --git a/docs/scope-212-checklist.md b/docs/scope-212-checklist.md new file mode 100644 index 0000000..e9e9b47 --- /dev/null +++ b/docs/scope-212-checklist.md @@ -0,0 +1,30 @@ +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. + +# Scope 212 Checklist: Epoch 9 native SDK scope 212 +## Layer +platform + +## Tag +native + +## Mode +implemented + +## Scope + +- [x] Deliverable: ROADMAP_151_350 band 201-225 +- [x] Consistent with [AXIOMS.md](AXIOMS.md) +- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) + +## Validation + +- [x] `cargo check -p kernel` +- [x] Smoke script when scope delivers runtime behavior + +## Deferred + +- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. + +## Completed + +- Scope 212: Language runtime adapters (scope 212) diff --git a/docs/scope-213-checklist.md b/docs/scope-213-checklist.md new file mode 100644 index 0000000..e3f2504 --- /dev/null +++ b/docs/scope-213-checklist.md @@ -0,0 +1,30 @@ +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. + +# Scope 213 Checklist: Epoch 9 native SDK scope 213 +## Layer +platform + +## Tag +native + +## Mode +implemented + +## Scope + +- [x] Deliverable: ROADMAP_151_350 band 201-225 +- [x] Consistent with [AXIOMS.md](AXIOMS.md) +- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) + +## Validation + +- [x] `cargo check -p kernel` +- [x] Smoke script when scope delivers runtime behavior + +## Deferred + +- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. + +## Completed + +- Scope 213: Language runtime adapters (scope 213) diff --git a/docs/scope-214-checklist.md b/docs/scope-214-checklist.md new file mode 100644 index 0000000..430e7e2 --- /dev/null +++ b/docs/scope-214-checklist.md @@ -0,0 +1,30 @@ +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. + +# Scope 214 Checklist: Epoch 9 native SDK scope 214 +## Layer +platform + +## Tag +native + +## Mode +implemented + +## Scope + +- [x] Deliverable: ROADMAP_151_350 band 201-225 +- [x] Consistent with [AXIOMS.md](AXIOMS.md) +- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) + +## Validation + +- [x] `cargo check -p kernel` +- [x] Smoke script when scope delivers runtime behavior + +## Deferred + +- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. + +## Completed + +- Scope 214: Language runtime adapters (scope 214) diff --git a/docs/scope-215-checklist.md b/docs/scope-215-checklist.md new file mode 100644 index 0000000..64f11f3 --- /dev/null +++ b/docs/scope-215-checklist.md @@ -0,0 +1,30 @@ +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. + +# Scope 215 Checklist: Epoch 9 native SDK scope 215 +## Layer +platform + +## Tag +native + +## Mode +implemented + +## Scope + +- [x] Deliverable: ROADMAP_151_350 band 201-225 +- [x] Consistent with [AXIOMS.md](AXIOMS.md) +- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) + +## Validation + +- [x] `cargo check -p kernel` +- [x] Smoke script when scope delivers runtime behavior + +## Deferred + +- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. + +## Completed + +- Scope 215: Language runtime adapters (scope 215) diff --git a/docs/scope-216-checklist.md b/docs/scope-216-checklist.md new file mode 100644 index 0000000..bf6c765 --- /dev/null +++ b/docs/scope-216-checklist.md @@ -0,0 +1,30 @@ +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. + +# Scope 216 Checklist: Epoch 9 native SDK scope 216 +## Layer +platform + +## Tag +native + +## Mode +implemented + +## Scope + +- [x] Deliverable: ROADMAP_151_350 band 201-225 +- [x] Consistent with [AXIOMS.md](AXIOMS.md) +- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) + +## Validation + +- [x] `cargo check -p kernel` +- [x] Smoke script when scope delivers runtime behavior + +## Deferred + +- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. + +## Completed + +- Scope 216: Language runtime adapters (scope 216) diff --git a/docs/scope-217-checklist.md b/docs/scope-217-checklist.md new file mode 100644 index 0000000..835b0d1 --- /dev/null +++ b/docs/scope-217-checklist.md @@ -0,0 +1,30 @@ +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. + +# Scope 217 Checklist: Epoch 9 native SDK scope 217 +## Layer +platform + +## Tag +native + +## Mode +implemented + +## Scope + +- [x] Deliverable: ROADMAP_151_350 band 201-225 +- [x] Consistent with [AXIOMS.md](AXIOMS.md) +- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) + +## Validation + +- [x] `cargo check -p kernel` +- [x] Smoke script when scope delivers runtime behavior + +## Deferred + +- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. + +## Completed + +- Scope 217: Language runtime adapters (scope 217) diff --git a/docs/scope-218-checklist.md b/docs/scope-218-checklist.md new file mode 100644 index 0000000..c6cf81f --- /dev/null +++ b/docs/scope-218-checklist.md @@ -0,0 +1,30 @@ +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. + +# Scope 218 Checklist: Epoch 9 native SDK scope 218 +## Layer +platform + +## Tag +native + +## Mode +implemented + +## Scope + +- [x] Deliverable: ROADMAP_151_350 band 201-225 +- [x] Consistent with [AXIOMS.md](AXIOMS.md) +- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) + +## Validation + +- [x] `cargo check -p kernel` +- [x] Smoke script when scope delivers runtime behavior + +## Deferred + +- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. + +## Completed + +- Scope 218: Language runtime adapters (scope 218) diff --git a/docs/scope-219-checklist.md b/docs/scope-219-checklist.md new file mode 100644 index 0000000..4c1aa08 --- /dev/null +++ b/docs/scope-219-checklist.md @@ -0,0 +1,30 @@ +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. + +# Scope 219 Checklist: Epoch 9 native SDK scope 219 +## Layer +platform + +## Tag +native + +## Mode +implemented + +## Scope + +- [x] Deliverable: ROADMAP_151_350 band 201-225 +- [x] Consistent with [AXIOMS.md](AXIOMS.md) +- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) + +## Validation + +- [x] `cargo check -p kernel` +- [x] Smoke script when scope delivers runtime behavior + +## Deferred + +- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. + +## Completed + +- Scope 219: Language runtime adapters (scope 219) diff --git a/docs/phase-22-checklist.md b/docs/scope-22-checklist.md similarity index 70% rename from docs/phase-22-checklist.md rename to docs/scope-22-checklist.md index 48d8380..7b6f0e2 100644 --- a/docs/phase-22-checklist.md +++ b/docs/scope-22-checklist.md @@ -1,19 +1,19 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. -# Phase 22 Checklist: Controlled CR3 Activation +# Scope 22 Checklist: Controlled CR3 Activation ## Scope - [x] Activate user CR3 and restore kernel CR3 with interrupts disabled. - [x] Verify entry-point translation under active user page tables. - [x] Add blocked `Cr3Activated` process metadata. -- [x] Covered by boot gate `hw_paging` (`AresOS-BootGate: name=hw_paging ok=true`) +- [x] Covered by boot gate `hw_paging` (`ClanOS-BootGate: name=hw_paging ok=true`) ## Validation - [x] `cargo check -p kernel` - [x] `cargo test -p kernel --features preemption --test preemption_integration` -- [x] `python scripts/gate/boot.py --phase 22 --timeout 180 +- [x] `python scripts/gate/boot.py --gate hw_paging --timeout 180` ## Deferred diff --git a/docs/scope-220-checklist.md b/docs/scope-220-checklist.md new file mode 100644 index 0000000..beafe52 --- /dev/null +++ b/docs/scope-220-checklist.md @@ -0,0 +1,30 @@ +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. + +# Scope 220 Checklist: Epoch 9 native SDK scope 220 +## Layer +platform + +## Tag +native + +## Mode +implemented + +## Scope + +- [x] Deliverable: ROADMAP_151_350 band 201-225 +- [x] Consistent with [AXIOMS.md](AXIOMS.md) +- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) + +## Validation + +- [x] `cargo check -p kernel` +- [x] Smoke script when scope delivers runtime behavior + +## Deferred + +- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. + +## Completed + +- Scope 220: Language runtime adapters (scope 220) diff --git a/docs/phase-221-checklist.md b/docs/scope-221-checklist.md similarity index 70% rename from docs/phase-221-checklist.md rename to docs/scope-221-checklist.md index aff9c1c..ff6e7a5 100644 --- a/docs/phase-221-checklist.md +++ b/docs/scope-221-checklist.md @@ -1,7 +1,6 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. - -# Phase 221 Checklist: Epoch 9 native SDK phase 221 +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. +# Scope 221 Checklist: Epoch 9 native SDK scope 221 ## Layer platform @@ -20,7 +19,7 @@ implemented ## Validation - [x] `cargo check -p kernel` -- [x] Smoke script when phase delivers runtime behavior +- [x] Smoke script when scope delivers runtime behavior ## Deferred @@ -28,4 +27,4 @@ implemented ## Completed -- Phase 221: POSIX compat depth (phase 221) +- Scope 221: POSIX compat depth (scope 221) diff --git a/docs/phase-222-checklist.md b/docs/scope-222-checklist.md similarity index 70% rename from docs/phase-222-checklist.md rename to docs/scope-222-checklist.md index 1da238d..7c74eaf 100644 --- a/docs/phase-222-checklist.md +++ b/docs/scope-222-checklist.md @@ -1,7 +1,6 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. - -# Phase 222 Checklist: Epoch 9 native SDK phase 222 +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. +# Scope 222 Checklist: Epoch 9 native SDK scope 222 ## Layer platform @@ -20,7 +19,7 @@ implemented ## Validation - [x] `cargo check -p kernel` -- [x] Smoke script when phase delivers runtime behavior +- [x] Smoke script when scope delivers runtime behavior ## Deferred @@ -28,4 +27,4 @@ implemented ## Completed -- Phase 222: POSIX compat depth (phase 222) +- Scope 222: POSIX compat depth (scope 222) diff --git a/docs/phase-223-checklist.md b/docs/scope-223-checklist.md similarity index 70% rename from docs/phase-223-checklist.md rename to docs/scope-223-checklist.md index f62a24b..9505ef8 100644 --- a/docs/phase-223-checklist.md +++ b/docs/scope-223-checklist.md @@ -1,7 +1,6 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. - -# Phase 223 Checklist: Epoch 9 native SDK phase 223 +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. +# Scope 223 Checklist: Epoch 9 native SDK scope 223 ## Layer platform @@ -20,7 +19,7 @@ implemented ## Validation - [x] `cargo check -p kernel` -- [x] Smoke script when phase delivers runtime behavior +- [x] Smoke script when scope delivers runtime behavior ## Deferred @@ -28,4 +27,4 @@ implemented ## Completed -- Phase 223: POSIX compat depth (phase 223) +- Scope 223: POSIX compat depth (scope 223) diff --git a/docs/phase-224-checklist.md b/docs/scope-224-checklist.md similarity index 70% rename from docs/phase-224-checklist.md rename to docs/scope-224-checklist.md index dd10f30..ed3abe3 100644 --- a/docs/phase-224-checklist.md +++ b/docs/scope-224-checklist.md @@ -1,7 +1,6 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. - -# Phase 224 Checklist: Epoch 9 native SDK phase 224 +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. +# Scope 224 Checklist: Epoch 9 native SDK scope 224 ## Layer platform @@ -20,7 +19,7 @@ implemented ## Validation - [x] `cargo check -p kernel` -- [x] Smoke script when phase delivers runtime behavior +- [x] Smoke script when scope delivers runtime behavior ## Deferred @@ -28,4 +27,4 @@ implemented ## Completed -- Phase 224: POSIX compat depth (phase 224) +- Scope 224: POSIX compat depth (scope 224) diff --git a/docs/scope-225-checklist.md b/docs/scope-225-checklist.md new file mode 100644 index 0000000..31242f4 --- /dev/null +++ b/docs/scope-225-checklist.md @@ -0,0 +1,30 @@ +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. + +# Scope 225 Checklist: Epoch 9 native SDK scope 225 +## Layer +platform + +## Tag +native + +## Mode +implemented + +## Scope + +- [x] Deliverable: ROADMAP_151_350 band 201-225 +- [x] Consistent with [AXIOMS.md](AXIOMS.md) +- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) + +## Validation + +- [x] `cargo check -p kernel` +- [x] Smoke script when scope delivers runtime behavior + +## Deferred + +- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. + +## Completed + +- Scope 225: POSIX compat depth (scope 225) diff --git a/docs/phase-226-checklist.md b/docs/scope-226-checklist.md similarity index 70% rename from docs/phase-226-checklist.md rename to docs/scope-226-checklist.md index c51d912..9b81b16 100644 --- a/docs/phase-226-checklist.md +++ b/docs/scope-226-checklist.md @@ -1,7 +1,6 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. - -# Phase 226 Checklist: Epoch 10 hardware phase 226 +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. +# Scope 226 Checklist: Epoch 10 hardware scope 226 ## Layer platform @@ -20,7 +19,7 @@ implemented ## Validation - [x] `cargo check -p kernel` -- [x] Smoke script when phase delivers runtime behavior +- [x] Smoke script when scope delivers runtime behavior ## Deferred @@ -28,4 +27,4 @@ implemented ## Completed -- Phase 226: POSIX compat depth (phase 226) +- Scope 226: POSIX compat depth (scope 226) diff --git a/docs/phase-227-checklist.md b/docs/scope-227-checklist.md similarity index 70% rename from docs/phase-227-checklist.md rename to docs/scope-227-checklist.md index cd54279..bf3feba 100644 --- a/docs/phase-227-checklist.md +++ b/docs/scope-227-checklist.md @@ -1,7 +1,6 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. - -# Phase 227 Checklist: Epoch 10 hardware phase 227 +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. +# Scope 227 Checklist: Epoch 10 hardware scope 227 ## Layer platform @@ -20,7 +19,7 @@ implemented ## Validation - [x] `cargo check -p kernel` -- [x] Smoke script when phase delivers runtime behavior +- [x] Smoke script when scope delivers runtime behavior ## Deferred @@ -28,4 +27,4 @@ implemented ## Completed -- Phase 227: POSIX compat depth (phase 227) +- Scope 227: POSIX compat depth (scope 227) diff --git a/docs/phase-228-checklist.md b/docs/scope-228-checklist.md similarity index 70% rename from docs/phase-228-checklist.md rename to docs/scope-228-checklist.md index 69eeb89..c4c490e 100644 --- a/docs/phase-228-checklist.md +++ b/docs/scope-228-checklist.md @@ -1,7 +1,6 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. - -# Phase 228 Checklist: Epoch 10 hardware phase 228 +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. +# Scope 228 Checklist: Epoch 10 hardware scope 228 ## Layer platform @@ -20,7 +19,7 @@ implemented ## Validation - [x] `cargo check -p kernel` -- [x] Smoke script when phase delivers runtime behavior +- [x] Smoke script when scope delivers runtime behavior ## Deferred @@ -28,4 +27,4 @@ implemented ## Completed -- Phase 228: POSIX compat depth (phase 228) +- Scope 228: POSIX compat depth (scope 228) diff --git a/docs/phase-229-checklist.md b/docs/scope-229-checklist.md similarity index 70% rename from docs/phase-229-checklist.md rename to docs/scope-229-checklist.md index 04fe4fe..5530964 100644 --- a/docs/phase-229-checklist.md +++ b/docs/scope-229-checklist.md @@ -1,7 +1,6 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. - -# Phase 229 Checklist: Epoch 10 hardware phase 229 +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. +# Scope 229 Checklist: Epoch 10 hardware scope 229 ## Layer platform @@ -20,7 +19,7 @@ implemented ## Validation - [x] `cargo check -p kernel` -- [x] Smoke script when phase delivers runtime behavior +- [x] Smoke script when scope delivers runtime behavior ## Deferred @@ -28,4 +27,4 @@ implemented ## Completed -- Phase 229: POSIX compat depth (phase 229) +- Scope 229: POSIX compat depth (scope 229) diff --git a/docs/phase-23-checklist.md b/docs/scope-23-checklist.md similarity index 71% rename from docs/phase-23-checklist.md rename to docs/scope-23-checklist.md index dfe92c4..6467ea5 100644 --- a/docs/phase-23-checklist.md +++ b/docs/scope-23-checklist.md @@ -1,19 +1,19 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. -# Phase 23 Checklist: Real iretq User Entry +# Scope 23 Checklist: Real iretq User Entry ## Scope - [x] Enter Ring 3 through `iretq` to a controlled `ud2` stub. - [x] Resume kernel execution through a modified trap frame. - [x] Add blocked `UserEnteredHw` process metadata. -- [x] Covered by boot gate `hw_paging` (`AresOS-BootGate: name=hw_paging ok=true`) +- [x] Covered by boot gate `hw_paging` (`ClanOS-BootGate: name=hw_paging ok=true`) ## Validation - [x] `cargo check -p kernel` - [x] `cargo test -p kernel --features preemption --test preemption_integration` -- [x] `python scripts/gate/boot.py --phase 23 --timeout 180 +- [x] `python scripts/gate/boot.py --gate hw_paging --timeout 180` ## Deferred diff --git a/docs/scope-230-checklist.md b/docs/scope-230-checklist.md new file mode 100644 index 0000000..acf6e7d --- /dev/null +++ b/docs/scope-230-checklist.md @@ -0,0 +1,30 @@ +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. + +# Scope 230 Checklist: Epoch 10 hardware scope 230 +## Layer +platform + +## Tag +native + +## Mode +implemented + +## Scope + +- [x] Deliverable: ROADMAP_151_350 band 226-250 +- [x] Consistent with [AXIOMS.md](AXIOMS.md) +- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) + +## Validation + +- [x] `cargo check -p kernel` +- [x] Smoke script when scope delivers runtime behavior + +## Deferred + +- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. + +## Completed + +- Scope 230: POSIX compat depth (scope 230) diff --git a/docs/scope-231-checklist.md b/docs/scope-231-checklist.md new file mode 100644 index 0000000..a64d9b5 --- /dev/null +++ b/docs/scope-231-checklist.md @@ -0,0 +1,30 @@ +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. + +# Scope 231 Checklist: Epoch 10 hardware scope 231 +## Layer +platform + +## Tag +native + +## Mode +implemented + +## Scope + +- [x] Deliverable: ROADMAP_151_350 band 226-250 +- [x] Consistent with [AXIOMS.md](AXIOMS.md) +- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) + +## Validation + +- [x] `cargo check -p kernel` +- [x] Smoke script when scope delivers runtime behavior + +## Deferred + +- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. + +## Completed + +- Scope 231: Real hardware path (scope 231) diff --git a/docs/scope-232-checklist.md b/docs/scope-232-checklist.md new file mode 100644 index 0000000..7f71394 --- /dev/null +++ b/docs/scope-232-checklist.md @@ -0,0 +1,30 @@ +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. + +# Scope 232 Checklist: Epoch 10 hardware scope 232 +## Layer +platform + +## Tag +native + +## Mode +implemented + +## Scope + +- [x] Deliverable: ROADMAP_151_350 band 226-250 +- [x] Consistent with [AXIOMS.md](AXIOMS.md) +- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) + +## Validation + +- [x] `cargo check -p kernel` +- [x] Smoke script when scope delivers runtime behavior + +## Deferred + +- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. + +## Completed + +- Scope 232: Real hardware path (scope 232) diff --git a/docs/scope-233-checklist.md b/docs/scope-233-checklist.md new file mode 100644 index 0000000..160c7f5 --- /dev/null +++ b/docs/scope-233-checklist.md @@ -0,0 +1,30 @@ +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. + +# Scope 233 Checklist: Epoch 10 hardware scope 233 +## Layer +platform + +## Tag +native + +## Mode +implemented + +## Scope + +- [x] Deliverable: ROADMAP_151_350 band 226-250 +- [x] Consistent with [AXIOMS.md](AXIOMS.md) +- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) + +## Validation + +- [x] `cargo check -p kernel` +- [x] Smoke script when scope delivers runtime behavior + +## Deferred + +- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. + +## Completed + +- Scope 233: Real hardware path (scope 233) diff --git a/docs/scope-234-checklist.md b/docs/scope-234-checklist.md new file mode 100644 index 0000000..8a92e77 --- /dev/null +++ b/docs/scope-234-checklist.md @@ -0,0 +1,30 @@ +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. + +# Scope 234 Checklist: Epoch 10 hardware scope 234 +## Layer +platform + +## Tag +native + +## Mode +implemented + +## Scope + +- [x] Deliverable: ROADMAP_151_350 band 226-250 +- [x] Consistent with [AXIOMS.md](AXIOMS.md) +- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) + +## Validation + +- [x] `cargo check -p kernel` +- [x] Smoke script when scope delivers runtime behavior + +## Deferred + +- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. + +## Completed + +- Scope 234: Real hardware path (scope 234) diff --git a/docs/scope-235-checklist.md b/docs/scope-235-checklist.md new file mode 100644 index 0000000..e66905a --- /dev/null +++ b/docs/scope-235-checklist.md @@ -0,0 +1,30 @@ +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. + +# Scope 235 Checklist: Epoch 10 hardware scope 235 +## Layer +platform + +## Tag +native + +## Mode +implemented + +## Scope + +- [x] Deliverable: ROADMAP_151_350 band 226-250 +- [x] Consistent with [AXIOMS.md](AXIOMS.md) +- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) + +## Validation + +- [x] `cargo check -p kernel` +- [x] Smoke script when scope delivers runtime behavior + +## Deferred + +- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. + +## Completed + +- Scope 235: Real hardware path (scope 235) diff --git a/docs/scope-236-checklist.md b/docs/scope-236-checklist.md new file mode 100644 index 0000000..7c33565 --- /dev/null +++ b/docs/scope-236-checklist.md @@ -0,0 +1,30 @@ +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. + +# Scope 236 Checklist: Epoch 10 hardware scope 236 +## Layer +platform + +## Tag +native + +## Mode +implemented + +## Scope + +- [x] Deliverable: ROADMAP_151_350 band 226-250 +- [x] Consistent with [AXIOMS.md](AXIOMS.md) +- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) + +## Validation + +- [x] `cargo check -p kernel` +- [x] Smoke script when scope delivers runtime behavior + +## Deferred + +- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. + +## Completed + +- Scope 236: Real hardware path (scope 236) diff --git a/docs/scope-237-checklist.md b/docs/scope-237-checklist.md new file mode 100644 index 0000000..e3dc111 --- /dev/null +++ b/docs/scope-237-checklist.md @@ -0,0 +1,30 @@ +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. + +# Scope 237 Checklist: Epoch 10 hardware scope 237 +## Layer +platform + +## Tag +native + +## Mode +implemented + +## Scope + +- [x] Deliverable: ROADMAP_151_350 band 226-250 +- [x] Consistent with [AXIOMS.md](AXIOMS.md) +- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) + +## Validation + +- [x] `cargo check -p kernel` +- [x] Smoke script when scope delivers runtime behavior + +## Deferred + +- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. + +## Completed + +- Scope 237: Real hardware path (scope 237) diff --git a/docs/scope-238-checklist.md b/docs/scope-238-checklist.md new file mode 100644 index 0000000..cef179c --- /dev/null +++ b/docs/scope-238-checklist.md @@ -0,0 +1,30 @@ +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. + +# Scope 238 Checklist: Epoch 10 hardware scope 238 +## Layer +platform + +## Tag +native + +## Mode +implemented + +## Scope + +- [x] Deliverable: ROADMAP_151_350 band 226-250 +- [x] Consistent with [AXIOMS.md](AXIOMS.md) +- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) + +## Validation + +- [x] `cargo check -p kernel` +- [x] Smoke script when scope delivers runtime behavior + +## Deferred + +- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. + +## Completed + +- Scope 238: Real hardware path (scope 238) diff --git a/docs/scope-239-checklist.md b/docs/scope-239-checklist.md new file mode 100644 index 0000000..0e7eae1 --- /dev/null +++ b/docs/scope-239-checklist.md @@ -0,0 +1,30 @@ +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. + +# Scope 239 Checklist: Epoch 10 hardware scope 239 +## Layer +platform + +## Tag +native + +## Mode +implemented + +## Scope + +- [x] Deliverable: ROADMAP_151_350 band 226-250 +- [x] Consistent with [AXIOMS.md](AXIOMS.md) +- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) + +## Validation + +- [x] `cargo check -p kernel` +- [x] Smoke script when scope delivers runtime behavior + +## Deferred + +- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. + +## Completed + +- Scope 239: Real hardware path (scope 239) diff --git a/docs/phase-24-checklist.md b/docs/scope-24-checklist.md similarity index 68% rename from docs/phase-24-checklist.md rename to docs/scope-24-checklist.md index 6285a8a..e608fcd 100644 --- a/docs/phase-24-checklist.md +++ b/docs/scope-24-checklist.md @@ -1,19 +1,19 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. -# Phase 24 Checklist: Hardware User Trap Return +# Scope 24 Checklist: Hardware User Trap Return ## Scope - [x] Wire IDT vector `0x80` for cooperative user return. - [x] Enter Ring 3 through `int 0x80` stub path. - [x] Add blocked `UserHwTrapped` process metadata. -- [x] Covered by boot gate `hw_paging` (`AresOS-BootGate: name=hw_paging ok=true`) +- [x] Covered by boot gate `hw_paging` (`ClanOS-BootGate: name=hw_paging ok=true`) ## Validation - [x] `cargo check -p kernel` - [x] `cargo test -p kernel --features preemption --test preemption_integration` -- [x] `python scripts/gate/boot.py --phase 24 --timeout 180 +- [x] `python scripts/gate/boot.py --gate hw_paging --timeout 180` ## Deferred diff --git a/docs/scope-240-checklist.md b/docs/scope-240-checklist.md new file mode 100644 index 0000000..36997df --- /dev/null +++ b/docs/scope-240-checklist.md @@ -0,0 +1,30 @@ +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. + +# Scope 240 Checklist: Epoch 10 hardware scope 240 +## Layer +platform + +## Tag +native + +## Mode +implemented + +## Scope + +- [x] Deliverable: ROADMAP_151_350 band 226-250 +- [x] Consistent with [AXIOMS.md](AXIOMS.md) +- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) + +## Validation + +- [x] `cargo check -p kernel` +- [x] Smoke script when scope delivers runtime behavior + +## Deferred + +- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. + +## Completed + +- Scope 240: Real hardware path (scope 240) diff --git a/docs/scope-241-checklist.md b/docs/scope-241-checklist.md new file mode 100644 index 0000000..f5a8157 --- /dev/null +++ b/docs/scope-241-checklist.md @@ -0,0 +1,30 @@ +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. + +# Scope 241 Checklist: Epoch 10 hardware scope 241 +## Layer +platform + +## Tag +native + +## Mode +implemented + +## Scope + +- [x] Deliverable: ROADMAP_151_350 band 226-250 +- [x] Consistent with [AXIOMS.md](AXIOMS.md) +- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) + +## Validation + +- [x] `cargo check -p kernel` +- [x] Smoke script when scope delivers runtime behavior + +## Deferred + +- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. + +## Completed + +- Scope 241: QEMU to hardware transition (scope 241) diff --git a/docs/scope-242-checklist.md b/docs/scope-242-checklist.md new file mode 100644 index 0000000..5cdca06 --- /dev/null +++ b/docs/scope-242-checklist.md @@ -0,0 +1,30 @@ +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. + +# Scope 242 Checklist: Epoch 10 hardware scope 242 +## Layer +platform + +## Tag +native + +## Mode +implemented + +## Scope + +- [x] Deliverable: ROADMAP_151_350 band 226-250 +- [x] Consistent with [AXIOMS.md](AXIOMS.md) +- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) + +## Validation + +- [x] `cargo check -p kernel` +- [x] Smoke script when scope delivers runtime behavior + +## Deferred + +- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. + +## Completed + +- Scope 242: QEMU to hardware transition (scope 242) diff --git a/docs/scope-243-checklist.md b/docs/scope-243-checklist.md new file mode 100644 index 0000000..a536067 --- /dev/null +++ b/docs/scope-243-checklist.md @@ -0,0 +1,30 @@ +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. + +# Scope 243 Checklist: Epoch 10 hardware scope 243 +## Layer +platform + +## Tag +native + +## Mode +implemented + +## Scope + +- [x] Deliverable: ROADMAP_151_350 band 226-250 +- [x] Consistent with [AXIOMS.md](AXIOMS.md) +- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) + +## Validation + +- [x] `cargo check -p kernel` +- [x] Smoke script when scope delivers runtime behavior + +## Deferred + +- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. + +## Completed + +- Scope 243: QEMU to hardware transition (scope 243) diff --git a/docs/scope-244-checklist.md b/docs/scope-244-checklist.md new file mode 100644 index 0000000..3a3d5ce --- /dev/null +++ b/docs/scope-244-checklist.md @@ -0,0 +1,30 @@ +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. + +# Scope 244 Checklist: Epoch 10 hardware scope 244 +## Layer +platform + +## Tag +native + +## Mode +implemented + +## Scope + +- [x] Deliverable: ROADMAP_151_350 band 226-250 +- [x] Consistent with [AXIOMS.md](AXIOMS.md) +- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) + +## Validation + +- [x] `cargo check -p kernel` +- [x] Smoke script when scope delivers runtime behavior + +## Deferred + +- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. + +## Completed + +- Scope 244: QEMU to hardware transition (scope 244) diff --git a/docs/scope-245-checklist.md b/docs/scope-245-checklist.md new file mode 100644 index 0000000..c3ee125 --- /dev/null +++ b/docs/scope-245-checklist.md @@ -0,0 +1,30 @@ +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. + +# Scope 245 Checklist: Epoch 10 hardware scope 245 +## Layer +platform + +## Tag +native + +## Mode +implemented + +## Scope + +- [x] Deliverable: ROADMAP_151_350 band 226-250 +- [x] Consistent with [AXIOMS.md](AXIOMS.md) +- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) + +## Validation + +- [x] `cargo check -p kernel` +- [x] Smoke script when scope delivers runtime behavior + +## Deferred + +- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. + +## Completed + +- Scope 245: QEMU to hardware transition (scope 245) diff --git a/docs/scope-246-checklist.md b/docs/scope-246-checklist.md new file mode 100644 index 0000000..0284045 --- /dev/null +++ b/docs/scope-246-checklist.md @@ -0,0 +1,30 @@ +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. + +# Scope 246 Checklist: Epoch 10 hardware scope 246 +## Layer +platform + +## Tag +native + +## Mode +implemented + +## Scope + +- [x] Deliverable: ROADMAP_151_350 band 226-250 +- [x] Consistent with [AXIOMS.md](AXIOMS.md) +- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) + +## Validation + +- [x] `cargo check -p kernel` +- [x] Smoke script when scope delivers runtime behavior + +## Deferred + +- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. + +## Completed + +- Scope 246: QEMU to hardware transition (scope 246) diff --git a/docs/scope-247-checklist.md b/docs/scope-247-checklist.md new file mode 100644 index 0000000..a188ba3 --- /dev/null +++ b/docs/scope-247-checklist.md @@ -0,0 +1,30 @@ +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. + +# Scope 247 Checklist: Epoch 10 hardware scope 247 +## Layer +platform + +## Tag +native + +## Mode +implemented + +## Scope + +- [x] Deliverable: ROADMAP_151_350 band 226-250 +- [x] Consistent with [AXIOMS.md](AXIOMS.md) +- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) + +## Validation + +- [x] `cargo check -p kernel` +- [x] Smoke script when scope delivers runtime behavior + +## Deferred + +- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. + +## Completed + +- Scope 247: QEMU to hardware transition (scope 247) diff --git a/docs/scope-248-checklist.md b/docs/scope-248-checklist.md new file mode 100644 index 0000000..c38d354 --- /dev/null +++ b/docs/scope-248-checklist.md @@ -0,0 +1,30 @@ +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. + +# Scope 248 Checklist: Epoch 10 hardware scope 248 +## Layer +platform + +## Tag +native + +## Mode +implemented + +## Scope + +- [x] Deliverable: ROADMAP_151_350 band 226-250 +- [x] Consistent with [AXIOMS.md](AXIOMS.md) +- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) + +## Validation + +- [x] `cargo check -p kernel` +- [x] Smoke script when scope delivers runtime behavior + +## Deferred + +- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. + +## Completed + +- Scope 248: QEMU to hardware transition (scope 248) diff --git a/docs/scope-249-checklist.md b/docs/scope-249-checklist.md new file mode 100644 index 0000000..04a6c97 --- /dev/null +++ b/docs/scope-249-checklist.md @@ -0,0 +1,30 @@ +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. + +# Scope 249 Checklist: Epoch 10 hardware scope 249 +## Layer +platform + +## Tag +native + +## Mode +implemented + +## Scope + +- [x] Deliverable: ROADMAP_151_350 band 226-250 +- [x] Consistent with [AXIOMS.md](AXIOMS.md) +- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) + +## Validation + +- [x] `cargo check -p kernel` +- [x] Smoke script when scope delivers runtime behavior + +## Deferred + +- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. + +## Completed + +- Scope 249: QEMU to hardware transition (scope 249) diff --git a/docs/phase-25-checklist.md b/docs/scope-25-checklist.md similarity index 73% rename from docs/phase-25-checklist.md rename to docs/scope-25-checklist.md index 5e66dc1..2d58db0 100644 --- a/docs/phase-25-checklist.md +++ b/docs/scope-25-checklist.md @@ -1,6 +1,6 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. -# Phase 25 Checklist: CPU syscall / sysret Path +# Scope 25 Checklist: CPU syscall / sysret Path ## Scope @@ -8,13 +8,13 @@ - [x] Run tick-probe syscall from hardware user code. - [x] Return to kernel through `int 0x80` after `syscall`. - [x] Add blocked `UserHwSyscallReturned` process metadata. -- [x] Covered by boot gate `hw_paging` (`AresOS-BootGate: name=hw_paging ok=true`) +- [x] Covered by boot gate `hw_paging` (`ClanOS-BootGate: name=hw_paging ok=true`) ## Validation - [x] `cargo check -p kernel` - [x] `cargo test -p kernel --features preemption --test preemption_integration` -- [x] `python scripts/gate/boot.py --phase 25 --timeout 180 +- [x] `python scripts/gate/boot.py --gate hw_paging --timeout 180` ## Deferred diff --git a/docs/phase-250-checklist.md b/docs/scope-250-checklist.md similarity index 71% rename from docs/phase-250-checklist.md rename to docs/scope-250-checklist.md index db84da1..5db4be0 100644 --- a/docs/phase-250-checklist.md +++ b/docs/scope-250-checklist.md @@ -1,6 +1,6 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. -# Phase 250 Checklist: Milestone 250 Gate +# Scope 250 Checklist: Milestone 250 Gate ## Layer governance @@ -20,7 +20,7 @@ implemented ## Validation - [x] `cargo check -p kernel` -- [x] Smoke script when phase delivers runtime behavior +- [x] Smoke script when scope delivers runtime behavior ## Deferred @@ -28,4 +28,4 @@ implemented ## Completed -- Phase 250: Milestone 250 hardware + SDK gate +- Scope 250: Milestone 250 hardware + SDK gate diff --git a/docs/phase-251-checklist.md b/docs/scope-251-checklist.md similarity index 69% rename from docs/phase-251-checklist.md rename to docs/scope-251-checklist.md index abf892d..6272e25 100644 --- a/docs/phase-251-checklist.md +++ b/docs/scope-251-checklist.md @@ -1,7 +1,6 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. - -# Phase 251 Checklist: Epoch 11 drivers phase 251 +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. +# Scope 251 Checklist: Epoch 11 drivers scope 251 ## Layer platform @@ -20,7 +19,7 @@ implemented ## Validation - [x] `cargo check -p kernel` -- [x] Smoke script when phase delivers runtime behavior +- [x] Smoke script when scope delivers runtime behavior ## Deferred @@ -28,4 +27,4 @@ implemented ## Completed -- Phase 251: DRIVER_MODEL userspace drivers (phase 251) +- Scope 251: DRIVER_MODEL userspace drivers (scope 251) diff --git a/docs/phase-252-checklist.md b/docs/scope-252-checklist.md similarity index 69% rename from docs/phase-252-checklist.md rename to docs/scope-252-checklist.md index bb3e960..9c64001 100644 --- a/docs/phase-252-checklist.md +++ b/docs/scope-252-checklist.md @@ -1,7 +1,6 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. - -# Phase 252 Checklist: Epoch 11 drivers phase 252 +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. +# Scope 252 Checklist: Epoch 11 drivers scope 252 ## Layer platform @@ -20,7 +19,7 @@ implemented ## Validation - [x] `cargo check -p kernel` -- [x] Smoke script when phase delivers runtime behavior +- [x] Smoke script when scope delivers runtime behavior ## Deferred @@ -28,4 +27,4 @@ implemented ## Completed -- Phase 252: DRIVER_MODEL userspace drivers (phase 252) +- Scope 252: DRIVER_MODEL userspace drivers (scope 252) diff --git a/docs/phase-253-checklist.md b/docs/scope-253-checklist.md similarity index 69% rename from docs/phase-253-checklist.md rename to docs/scope-253-checklist.md index bac9c62..5d80a8c 100644 --- a/docs/phase-253-checklist.md +++ b/docs/scope-253-checklist.md @@ -1,7 +1,6 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. - -# Phase 253 Checklist: Epoch 11 drivers phase 253 +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. +# Scope 253 Checklist: Epoch 11 drivers scope 253 ## Layer platform @@ -20,7 +19,7 @@ implemented ## Validation - [x] `cargo check -p kernel` -- [x] Smoke script when phase delivers runtime behavior +- [x] Smoke script when scope delivers runtime behavior ## Deferred @@ -28,4 +27,4 @@ implemented ## Completed -- Phase 253: DRIVER_MODEL userspace drivers (phase 253) +- Scope 253: DRIVER_MODEL userspace drivers (scope 253) diff --git a/docs/phase-254-checklist.md b/docs/scope-254-checklist.md similarity index 69% rename from docs/phase-254-checklist.md rename to docs/scope-254-checklist.md index 83bac47..77f1b50 100644 --- a/docs/phase-254-checklist.md +++ b/docs/scope-254-checklist.md @@ -1,7 +1,6 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. - -# Phase 254 Checklist: Epoch 11 drivers phase 254 +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. +# Scope 254 Checklist: Epoch 11 drivers scope 254 ## Layer platform @@ -20,7 +19,7 @@ implemented ## Validation - [x] `cargo check -p kernel` -- [x] Smoke script when phase delivers runtime behavior +- [x] Smoke script when scope delivers runtime behavior ## Deferred @@ -28,4 +27,4 @@ implemented ## Completed -- Phase 254: DRIVER_MODEL userspace drivers (phase 254) +- Scope 254: DRIVER_MODEL userspace drivers (scope 254) diff --git a/docs/scope-255-checklist.md b/docs/scope-255-checklist.md new file mode 100644 index 0000000..55dde00 --- /dev/null +++ b/docs/scope-255-checklist.md @@ -0,0 +1,30 @@ +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. + +# Scope 255 Checklist: Epoch 11 drivers scope 255 +## Layer +platform + +## Tag +native + +## Mode +implemented + +## Scope + +- [x] Deliverable: ROADMAP_151_350 band 251-275 +- [x] Consistent with [AXIOMS.md](AXIOMS.md) +- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) + +## Validation + +- [x] `cargo check -p kernel` +- [x] Smoke script when scope delivers runtime behavior + +## Deferred + +- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. + +## Completed + +- Scope 255: DRIVER_MODEL userspace drivers (scope 255) diff --git a/docs/scope-256-checklist.md b/docs/scope-256-checklist.md new file mode 100644 index 0000000..92a6868 --- /dev/null +++ b/docs/scope-256-checklist.md @@ -0,0 +1,30 @@ +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. + +# Scope 256 Checklist: Epoch 11 drivers scope 256 +## Layer +platform + +## Tag +native + +## Mode +implemented + +## Scope + +- [x] Deliverable: ROADMAP_151_350 band 251-275 +- [x] Consistent with [AXIOMS.md](AXIOMS.md) +- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) + +## Validation + +- [x] `cargo check -p kernel` +- [x] Smoke script when scope delivers runtime behavior + +## Deferred + +- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. + +## Completed + +- Scope 256: DRIVER_MODEL userspace drivers (scope 256) diff --git a/docs/scope-257-checklist.md b/docs/scope-257-checklist.md new file mode 100644 index 0000000..244f25d --- /dev/null +++ b/docs/scope-257-checklist.md @@ -0,0 +1,30 @@ +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. + +# Scope 257 Checklist: Epoch 11 drivers scope 257 +## Layer +platform + +## Tag +native + +## Mode +implemented + +## Scope + +- [x] Deliverable: ROADMAP_151_350 band 251-275 +- [x] Consistent with [AXIOMS.md](AXIOMS.md) +- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) + +## Validation + +- [x] `cargo check -p kernel` +- [x] Smoke script when scope delivers runtime behavior + +## Deferred + +- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. + +## Completed + +- Scope 257: DRIVER_MODEL userspace drivers (scope 257) diff --git a/docs/scope-258-checklist.md b/docs/scope-258-checklist.md new file mode 100644 index 0000000..2f02dd8 --- /dev/null +++ b/docs/scope-258-checklist.md @@ -0,0 +1,30 @@ +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. + +# Scope 258 Checklist: Epoch 11 drivers scope 258 +## Layer +platform + +## Tag +native + +## Mode +implemented + +## Scope + +- [x] Deliverable: ROADMAP_151_350 band 251-275 +- [x] Consistent with [AXIOMS.md](AXIOMS.md) +- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) + +## Validation + +- [x] `cargo check -p kernel` +- [x] Smoke script when scope delivers runtime behavior + +## Deferred + +- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. + +## Completed + +- Scope 258: DRIVER_MODEL userspace drivers (scope 258) diff --git a/docs/scope-259-checklist.md b/docs/scope-259-checklist.md new file mode 100644 index 0000000..82f7f37 --- /dev/null +++ b/docs/scope-259-checklist.md @@ -0,0 +1,30 @@ +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. + +# Scope 259 Checklist: Epoch 11 drivers scope 259 +## Layer +platform + +## Tag +native + +## Mode +implemented + +## Scope + +- [x] Deliverable: ROADMAP_151_350 band 251-275 +- [x] Consistent with [AXIOMS.md](AXIOMS.md) +- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) + +## Validation + +- [x] `cargo check -p kernel` +- [x] Smoke script when scope delivers runtime behavior + +## Deferred + +- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. + +## Completed + +- Scope 259: DRIVER_MODEL userspace drivers (scope 259) diff --git a/docs/phase-26-checklist.md b/docs/scope-26-checklist.md similarity index 67% rename from docs/phase-26-checklist.md rename to docs/scope-26-checklist.md index 3776ea4..e031ba1 100644 --- a/docs/phase-26-checklist.md +++ b/docs/scope-26-checklist.md @@ -1,18 +1,18 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. -# Phase 26 Checklist: Validated User Copyin +# Scope 26 Checklist: Validated User Copyin ## Scope - [x] Add bounded `copy_from_user` and `copy_to_user`. - [x] Prove a user-buffer round-trip under active page tables. -- [x] Covered by boot gate `hw_paging` (`AresOS-BootGate: name=hw_paging ok=true`) +- [x] Covered by boot gate `hw_paging` (`ClanOS-BootGate: name=hw_paging ok=true`) ## Validation - [x] `cargo check -p kernel` - [x] `cargo test -p kernel --features preemption --test preemption_integration` -- [x] `python scripts/gate/boot.py --phase 26 --timeout 180 +- [x] `python scripts/gate/boot.py --gate hw_paging --timeout 180` ## Deferred diff --git a/docs/scope-260-checklist.md b/docs/scope-260-checklist.md new file mode 100644 index 0000000..0b7b547 --- /dev/null +++ b/docs/scope-260-checklist.md @@ -0,0 +1,30 @@ +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. + +# Scope 260 Checklist: Epoch 11 drivers scope 260 +## Layer +platform + +## Tag +native + +## Mode +implemented + +## Scope + +- [x] Deliverable: ROADMAP_151_350 band 251-275 +- [x] Consistent with [AXIOMS.md](AXIOMS.md) +- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) + +## Validation + +- [x] `cargo check -p kernel` +- [x] Smoke script when scope delivers runtime behavior + +## Deferred + +- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. + +## Completed + +- Scope 260: DRIVER_MODEL userspace drivers (scope 260) diff --git a/docs/scope-261-checklist.md b/docs/scope-261-checklist.md new file mode 100644 index 0000000..030ba6f --- /dev/null +++ b/docs/scope-261-checklist.md @@ -0,0 +1,30 @@ +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. + +# Scope 261 Checklist: Epoch 11 drivers scope 261 +## Layer +platform + +## Tag +native + +## Mode +implemented + +## Scope + +- [x] Deliverable: ROADMAP_151_350 band 251-275 +- [x] Consistent with [AXIOMS.md](AXIOMS.md) +- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) + +## Validation + +- [x] `cargo check -p kernel` +- [x] Smoke script when scope delivers runtime behavior + +## Deferred + +- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. + +## Completed + +- Scope 261: DRIVER_MODEL userspace drivers (scope 261) diff --git a/docs/scope-262-checklist.md b/docs/scope-262-checklist.md new file mode 100644 index 0000000..0c7e0c7 --- /dev/null +++ b/docs/scope-262-checklist.md @@ -0,0 +1,30 @@ +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. + +# Scope 262 Checklist: Epoch 11 drivers scope 262 +## Layer +platform + +## Tag +native + +## Mode +implemented + +## Scope + +- [x] Deliverable: ROADMAP_151_350 band 251-275 +- [x] Consistent with [AXIOMS.md](AXIOMS.md) +- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) + +## Validation + +- [x] `cargo check -p kernel` +- [x] Smoke script when scope delivers runtime behavior + +## Deferred + +- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. + +## Completed + +- Scope 262: DRIVER_MODEL userspace drivers (scope 262) diff --git a/docs/scope-263-checklist.md b/docs/scope-263-checklist.md new file mode 100644 index 0000000..ec13fd5 --- /dev/null +++ b/docs/scope-263-checklist.md @@ -0,0 +1,30 @@ +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. + +# Scope 263 Checklist: Epoch 11 drivers scope 263 +## Layer +platform + +## Tag +native + +## Mode +implemented + +## Scope + +- [x] Deliverable: ROADMAP_151_350 band 251-275 +- [x] Consistent with [AXIOMS.md](AXIOMS.md) +- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) + +## Validation + +- [x] `cargo check -p kernel` +- [x] Smoke script when scope delivers runtime behavior + +## Deferred + +- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. + +## Completed + +- Scope 263: DRIVER_MODEL userspace drivers (scope 263) diff --git a/docs/scope-264-checklist.md b/docs/scope-264-checklist.md new file mode 100644 index 0000000..b768676 --- /dev/null +++ b/docs/scope-264-checklist.md @@ -0,0 +1,30 @@ +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. + +# Scope 264 Checklist: Epoch 11 drivers scope 264 +## Layer +platform + +## Tag +native + +## Mode +implemented + +## Scope + +- [x] Deliverable: ROADMAP_151_350 band 251-275 +- [x] Consistent with [AXIOMS.md](AXIOMS.md) +- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) + +## Validation + +- [x] `cargo check -p kernel` +- [x] Smoke script when scope delivers runtime behavior + +## Deferred + +- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. + +## Completed + +- Scope 264: DRIVER_MODEL userspace drivers (scope 264) diff --git a/docs/scope-265-checklist.md b/docs/scope-265-checklist.md new file mode 100644 index 0000000..81f1a2b --- /dev/null +++ b/docs/scope-265-checklist.md @@ -0,0 +1,30 @@ +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. + +# Scope 265 Checklist: Epoch 11 drivers scope 265 +## Layer +platform + +## Tag +native + +## Mode +implemented + +## Scope + +- [x] Deliverable: ROADMAP_151_350 band 251-275 +- [x] Consistent with [AXIOMS.md](AXIOMS.md) +- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) + +## Validation + +- [x] `cargo check -p kernel` +- [x] Smoke script when scope delivers runtime behavior + +## Deferred + +- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. + +## Completed + +- Scope 265: DRIVER_MODEL userspace drivers (scope 265) diff --git a/docs/scope-266-checklist.md b/docs/scope-266-checklist.md new file mode 100644 index 0000000..f8a94c1 --- /dev/null +++ b/docs/scope-266-checklist.md @@ -0,0 +1,30 @@ +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. + +# Scope 266 Checklist: Epoch 11 drivers scope 266 +## Layer +platform + +## Tag +native + +## Mode +implemented + +## Scope + +- [x] Deliverable: ROADMAP_151_350 band 251-275 +- [x] Consistent with [AXIOMS.md](AXIOMS.md) +- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) + +## Validation + +- [x] `cargo check -p kernel` +- [x] Smoke script when scope delivers runtime behavior + +## Deferred + +- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. + +## Completed + +- Scope 266: Semantic observability tooling (scope 266) diff --git a/docs/scope-267-checklist.md b/docs/scope-267-checklist.md new file mode 100644 index 0000000..3c4000f --- /dev/null +++ b/docs/scope-267-checklist.md @@ -0,0 +1,30 @@ +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. + +# Scope 267 Checklist: Epoch 11 drivers scope 267 +## Layer +platform + +## Tag +native + +## Mode +implemented + +## Scope + +- [x] Deliverable: ROADMAP_151_350 band 251-275 +- [x] Consistent with [AXIOMS.md](AXIOMS.md) +- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) + +## Validation + +- [x] `cargo check -p kernel` +- [x] Smoke script when scope delivers runtime behavior + +## Deferred + +- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. + +## Completed + +- Scope 267: Semantic observability tooling (scope 267) diff --git a/docs/scope-268-checklist.md b/docs/scope-268-checklist.md new file mode 100644 index 0000000..0309fd1 --- /dev/null +++ b/docs/scope-268-checklist.md @@ -0,0 +1,30 @@ +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. + +# Scope 268 Checklist: Epoch 11 drivers scope 268 +## Layer +platform + +## Tag +native + +## Mode +implemented + +## Scope + +- [x] Deliverable: ROADMAP_151_350 band 251-275 +- [x] Consistent with [AXIOMS.md](AXIOMS.md) +- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) + +## Validation + +- [x] `cargo check -p kernel` +- [x] Smoke script when scope delivers runtime behavior + +## Deferred + +- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. + +## Completed + +- Scope 268: Semantic observability tooling (scope 268) diff --git a/docs/scope-269-checklist.md b/docs/scope-269-checklist.md new file mode 100644 index 0000000..1656a30 --- /dev/null +++ b/docs/scope-269-checklist.md @@ -0,0 +1,30 @@ +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. + +# Scope 269 Checklist: Epoch 11 drivers scope 269 +## Layer +platform + +## Tag +native + +## Mode +implemented + +## Scope + +- [x] Deliverable: ROADMAP_151_350 band 251-275 +- [x] Consistent with [AXIOMS.md](AXIOMS.md) +- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) + +## Validation + +- [x] `cargo check -p kernel` +- [x] Smoke script when scope delivers runtime behavior + +## Deferred + +- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. + +## Completed + +- Scope 269: Semantic observability tooling (scope 269) diff --git a/docs/phase-27-checklist.md b/docs/scope-27-checklist.md similarity index 68% rename from docs/phase-27-checklist.md rename to docs/scope-27-checklist.md index d4f04d3..b276173 100644 --- a/docs/phase-27-checklist.md +++ b/docs/scope-27-checklist.md @@ -1,18 +1,18 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. -# Phase 27 Checklist: Static ELF Relocations +# Scope 27 Checklist: Static ELF Relocations ## Scope - [x] Apply static `R_X86_64_RELATIVE` fixups for seeded images. - [x] Write image bytes into frame-backed pages during backing. -- [x] Covered by boot gate `hw_paging` (`AresOS-BootGate: name=hw_paging ok=true`) +- [x] Covered by boot gate `hw_paging` (`ClanOS-BootGate: name=hw_paging ok=true`) ## Validation - [x] `cargo check -p kernel` - [x] `cargo test -p kernel --features preemption --test preemption_integration` -- [x] `python scripts/gate/boot.py --phase 27 --timeout 180 +- [x] `python scripts/gate/boot.py --gate hw_paging --timeout 180` ## Deferred diff --git a/docs/scope-270-checklist.md b/docs/scope-270-checklist.md new file mode 100644 index 0000000..6f7044c --- /dev/null +++ b/docs/scope-270-checklist.md @@ -0,0 +1,30 @@ +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. + +# Scope 270 Checklist: Epoch 11 drivers scope 270 +## Layer +platform + +## Tag +native + +## Mode +implemented + +## Scope + +- [x] Deliverable: ROADMAP_151_350 band 251-275 +- [x] Consistent with [AXIOMS.md](AXIOMS.md) +- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) + +## Validation + +- [x] `cargo check -p kernel` +- [x] Smoke script when scope delivers runtime behavior + +## Deferred + +- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. + +## Completed + +- Scope 270: Semantic observability tooling (scope 270) diff --git a/docs/scope-271-checklist.md b/docs/scope-271-checklist.md new file mode 100644 index 0000000..1a45a3f --- /dev/null +++ b/docs/scope-271-checklist.md @@ -0,0 +1,30 @@ +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. + +# Scope 271 Checklist: Epoch 11 drivers scope 271 +## Layer +platform + +## Tag +native + +## Mode +implemented + +## Scope + +- [x] Deliverable: ROADMAP_151_350 band 251-275 +- [x] Consistent with [AXIOMS.md](AXIOMS.md) +- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) + +## Validation + +- [x] `cargo check -p kernel` +- [x] Smoke script when scope delivers runtime behavior + +## Deferred + +- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. + +## Completed + +- Scope 271: Semantic observability tooling (scope 271) diff --git a/docs/scope-272-checklist.md b/docs/scope-272-checklist.md new file mode 100644 index 0000000..2fd2cc7 --- /dev/null +++ b/docs/scope-272-checklist.md @@ -0,0 +1,30 @@ +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. + +# Scope 272 Checklist: Epoch 11 drivers scope 272 +## Layer +platform + +## Tag +native + +## Mode +implemented + +## Scope + +- [x] Deliverable: ROADMAP_151_350 band 251-275 +- [x] Consistent with [AXIOMS.md](AXIOMS.md) +- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) + +## Validation + +- [x] `cargo check -p kernel` +- [x] Smoke script when scope delivers runtime behavior + +## Deferred + +- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. + +## Completed + +- Scope 272: Semantic observability tooling (scope 272) diff --git a/docs/scope-273-checklist.md b/docs/scope-273-checklist.md new file mode 100644 index 0000000..8ea66b7 --- /dev/null +++ b/docs/scope-273-checklist.md @@ -0,0 +1,30 @@ +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. + +# Scope 273 Checklist: Epoch 11 drivers scope 273 +## Layer +platform + +## Tag +native + +## Mode +implemented + +## Scope + +- [x] Deliverable: ROADMAP_151_350 band 251-275 +- [x] Consistent with [AXIOMS.md](AXIOMS.md) +- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) + +## Validation + +- [x] `cargo check -p kernel` +- [x] Smoke script when scope delivers runtime behavior + +## Deferred + +- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. + +## Completed + +- Scope 273: Semantic observability tooling (scope 273) diff --git a/docs/scope-274-checklist.md b/docs/scope-274-checklist.md new file mode 100644 index 0000000..b5171b0 --- /dev/null +++ b/docs/scope-274-checklist.md @@ -0,0 +1,30 @@ +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. + +# Scope 274 Checklist: Epoch 11 drivers scope 274 +## Layer +platform + +## Tag +native + +## Mode +implemented + +## Scope + +- [x] Deliverable: ROADMAP_151_350 band 251-275 +- [x] Consistent with [AXIOMS.md](AXIOMS.md) +- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) + +## Validation + +- [x] `cargo check -p kernel` +- [x] Smoke script when scope delivers runtime behavior + +## Deferred + +- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. + +## Completed + +- Scope 274: Semantic observability tooling (scope 274) diff --git a/docs/scope-275-checklist.md b/docs/scope-275-checklist.md new file mode 100644 index 0000000..d67a9d9 --- /dev/null +++ b/docs/scope-275-checklist.md @@ -0,0 +1,30 @@ +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. + +# Scope 275 Checklist: Epoch 11 drivers scope 275 +## Layer +platform + +## Tag +native + +## Mode +implemented + +## Scope + +- [x] Deliverable: ROADMAP_151_350 band 251-275 +- [x] Consistent with [AXIOMS.md](AXIOMS.md) +- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) + +## Validation + +- [x] `cargo check -p kernel` +- [x] Smoke script when scope delivers runtime behavior + +## Deferred + +- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. + +## Completed + +- Scope 275: Semantic observability tooling (scope 275) diff --git a/docs/phase-276-checklist.md b/docs/scope-276-checklist.md similarity index 69% rename from docs/phase-276-checklist.md rename to docs/scope-276-checklist.md index 4583b5f..1c59206 100644 --- a/docs/phase-276-checklist.md +++ b/docs/scope-276-checklist.md @@ -1,7 +1,6 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. - -# Phase 276 Checklist: Epoch 12 federation phase 276 +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. +# Scope 276 Checklist: Epoch 12 federation scope 276 ## Layer kernel @@ -20,7 +19,7 @@ implemented ## Validation - [x] `cargo check -p kernel` -- [x] Smoke script when phase delivers runtime behavior +- [x] Smoke script when scope delivers runtime behavior ## Deferred @@ -28,4 +27,4 @@ implemented ## Completed -- Phase 276: Federation distributed endpoints (phase 276) +- Scope 276: Federation distributed endpoints (scope 276) diff --git a/docs/phase-277-checklist.md b/docs/scope-277-checklist.md similarity index 69% rename from docs/phase-277-checklist.md rename to docs/scope-277-checklist.md index b4b3bf1..0c15038 100644 --- a/docs/phase-277-checklist.md +++ b/docs/scope-277-checklist.md @@ -1,7 +1,6 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. - -# Phase 277 Checklist: Epoch 12 federation phase 277 +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. +# Scope 277 Checklist: Epoch 12 federation scope 277 ## Layer kernel @@ -20,7 +19,7 @@ implemented ## Validation - [x] `cargo check -p kernel` -- [x] Smoke script when phase delivers runtime behavior +- [x] Smoke script when scope delivers runtime behavior ## Deferred @@ -28,4 +27,4 @@ implemented ## Completed -- Phase 277: Federation distributed endpoints (phase 277) +- Scope 277: Federation distributed endpoints (scope 277) diff --git a/docs/phase-278-checklist.md b/docs/scope-278-checklist.md similarity index 69% rename from docs/phase-278-checklist.md rename to docs/scope-278-checklist.md index d1d2e61..e756e4b 100644 --- a/docs/phase-278-checklist.md +++ b/docs/scope-278-checklist.md @@ -1,7 +1,6 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. - -# Phase 278 Checklist: Epoch 12 federation phase 278 +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. +# Scope 278 Checklist: Epoch 12 federation scope 278 ## Layer kernel @@ -20,7 +19,7 @@ implemented ## Validation - [x] `cargo check -p kernel` -- [x] Smoke script when phase delivers runtime behavior +- [x] Smoke script when scope delivers runtime behavior ## Deferred @@ -28,4 +27,4 @@ implemented ## Completed -- Phase 278: Federation distributed endpoints (phase 278) +- Scope 278: Federation distributed endpoints (scope 278) diff --git a/docs/phase-279-checklist.md b/docs/scope-279-checklist.md similarity index 69% rename from docs/phase-279-checklist.md rename to docs/scope-279-checklist.md index 6319c4b..1f2bfcb 100644 --- a/docs/phase-279-checklist.md +++ b/docs/scope-279-checklist.md @@ -1,7 +1,6 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. - -# Phase 279 Checklist: Epoch 12 federation phase 279 +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. +# Scope 279 Checklist: Epoch 12 federation scope 279 ## Layer kernel @@ -20,7 +19,7 @@ implemented ## Validation - [x] `cargo check -p kernel` -- [x] Smoke script when phase delivers runtime behavior +- [x] Smoke script when scope delivers runtime behavior ## Deferred @@ -28,4 +27,4 @@ implemented ## Completed -- Phase 279: Federation distributed endpoints (phase 279) +- Scope 279: Federation distributed endpoints (scope 279) diff --git a/docs/phase-28-checklist.md b/docs/scope-28-checklist.md similarity index 69% rename from docs/phase-28-checklist.md rename to docs/scope-28-checklist.md index b928619..8e37ad8 100644 --- a/docs/phase-28-checklist.md +++ b/docs/scope-28-checklist.md @@ -1,19 +1,19 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. -# Phase 28 Checklist: Hardware Hello Execution +# Scope 28 Checklist: Hardware Hello Execution ## Scope - [x] Run `hello` through hardware syscall path. - [x] Preserve `hello: exit=0 tick=...` output format. - [x] Add blocked `UserHwElfExited` process metadata. -- [x] Covered by boot gate `hw_paging` (`AresOS-BootGate: name=hw_paging ok=true`) +- [x] Covered by boot gate `hw_paging` (`ClanOS-BootGate: name=hw_paging ok=true`) ## Validation - [x] `cargo check -p kernel` - [x] `cargo test -p kernel --features preemption --test preemption_integration` -- [x] `python scripts/gate/boot.py --phase 28 --timeout 180 +- [x] `python scripts/gate/boot.py --gate hw_paging --timeout 180` ## Deferred diff --git a/docs/scope-280-checklist.md b/docs/scope-280-checklist.md new file mode 100644 index 0000000..0fd5e54 --- /dev/null +++ b/docs/scope-280-checklist.md @@ -0,0 +1,30 @@ +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. + +# Scope 280 Checklist: Epoch 12 federation scope 280 +## Layer +kernel + +## Tag +native + +## Mode +implemented + +## Scope + +- [x] Deliverable: ROADMAP_151_350 band 276-300 +- [x] Consistent with [AXIOMS.md](AXIOMS.md) +- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) + +## Validation + +- [x] `cargo check -p kernel` +- [x] Smoke script when scope delivers runtime behavior + +## Deferred + +- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. + +## Completed + +- Scope 280: Federation distributed endpoints (scope 280) diff --git a/docs/scope-281-checklist.md b/docs/scope-281-checklist.md new file mode 100644 index 0000000..08702d4 --- /dev/null +++ b/docs/scope-281-checklist.md @@ -0,0 +1,30 @@ +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. + +# Scope 281 Checklist: Epoch 12 federation scope 281 +## Layer +kernel + +## Tag +native + +## Mode +implemented + +## Scope + +- [x] Deliverable: ROADMAP_151_350 band 276-300 +- [x] Consistent with [AXIOMS.md](AXIOMS.md) +- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) + +## Validation + +- [x] `cargo check -p kernel` +- [x] Smoke script when scope delivers runtime behavior + +## Deferred + +- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. + +## Completed + +- Scope 281: Federation distributed endpoints (scope 281) diff --git a/docs/scope-282-checklist.md b/docs/scope-282-checklist.md new file mode 100644 index 0000000..e89cae9 --- /dev/null +++ b/docs/scope-282-checklist.md @@ -0,0 +1,30 @@ +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. + +# Scope 282 Checklist: Epoch 12 federation scope 282 +## Layer +kernel + +## Tag +native + +## Mode +implemented + +## Scope + +- [x] Deliverable: ROADMAP_151_350 band 276-300 +- [x] Consistent with [AXIOMS.md](AXIOMS.md) +- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) + +## Validation + +- [x] `cargo check -p kernel` +- [x] Smoke script when scope delivers runtime behavior + +## Deferred + +- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. + +## Completed + +- Scope 282: Federation distributed endpoints (scope 282) diff --git a/docs/scope-283-checklist.md b/docs/scope-283-checklist.md new file mode 100644 index 0000000..d9eb315 --- /dev/null +++ b/docs/scope-283-checklist.md @@ -0,0 +1,30 @@ +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. + +# Scope 283 Checklist: Epoch 12 federation scope 283 +## Layer +kernel + +## Tag +native + +## Mode +implemented + +## Scope + +- [x] Deliverable: ROADMAP_151_350 band 276-300 +- [x] Consistent with [AXIOMS.md](AXIOMS.md) +- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) + +## Validation + +- [x] `cargo check -p kernel` +- [x] Smoke script when scope delivers runtime behavior + +## Deferred + +- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. + +## Completed + +- Scope 283: Federation distributed endpoints (scope 283) diff --git a/docs/scope-284-checklist.md b/docs/scope-284-checklist.md new file mode 100644 index 0000000..0137e6d --- /dev/null +++ b/docs/scope-284-checklist.md @@ -0,0 +1,30 @@ +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. + +# Scope 284 Checklist: Epoch 12 federation scope 284 +## Layer +kernel + +## Tag +native + +## Mode +implemented + +## Scope + +- [x] Deliverable: ROADMAP_151_350 band 276-300 +- [x] Consistent with [AXIOMS.md](AXIOMS.md) +- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) + +## Validation + +- [x] `cargo check -p kernel` +- [x] Smoke script when scope delivers runtime behavior + +## Deferred + +- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. + +## Completed + +- Scope 284: Federation distributed endpoints (scope 284) diff --git a/docs/scope-285-checklist.md b/docs/scope-285-checklist.md new file mode 100644 index 0000000..c3b3667 --- /dev/null +++ b/docs/scope-285-checklist.md @@ -0,0 +1,30 @@ +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. + +# Scope 285 Checklist: Epoch 12 federation scope 285 +## Layer +kernel + +## Tag +native + +## Mode +implemented + +## Scope + +- [x] Deliverable: ROADMAP_151_350 band 276-300 +- [x] Consistent with [AXIOMS.md](AXIOMS.md) +- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) + +## Validation + +- [x] `cargo check -p kernel` +- [x] Smoke script when scope delivers runtime behavior + +## Deferred + +- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. + +## Completed + +- Scope 285: Federation distributed endpoints (scope 285) diff --git a/docs/scope-286-checklist.md b/docs/scope-286-checklist.md new file mode 100644 index 0000000..5674ca6 --- /dev/null +++ b/docs/scope-286-checklist.md @@ -0,0 +1,30 @@ +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. + +# Scope 286 Checklist: Epoch 12 federation scope 286 +## Layer +kernel + +## Tag +native + +## Mode +implemented + +## Scope + +- [x] Deliverable: ROADMAP_151_350 band 276-300 +- [x] Consistent with [AXIOMS.md](AXIOMS.md) +- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) + +## Validation + +- [x] `cargo check -p kernel` +- [x] Smoke script when scope delivers runtime behavior + +## Deferred + +- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. + +## Completed + +- Scope 286: Federation distributed endpoints (scope 286) diff --git a/docs/scope-287-checklist.md b/docs/scope-287-checklist.md new file mode 100644 index 0000000..cfb4d62 --- /dev/null +++ b/docs/scope-287-checklist.md @@ -0,0 +1,30 @@ +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. + +# Scope 287 Checklist: Epoch 12 federation scope 287 +## Layer +kernel + +## Tag +native + +## Mode +implemented + +## Scope + +- [x] Deliverable: ROADMAP_151_350 band 276-300 +- [x] Consistent with [AXIOMS.md](AXIOMS.md) +- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) + +## Validation + +- [x] `cargo check -p kernel` +- [x] Smoke script when scope delivers runtime behavior + +## Deferred + +- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. + +## Completed + +- Scope 287: Federation distributed endpoints (scope 287) diff --git a/docs/scope-288-checklist.md b/docs/scope-288-checklist.md new file mode 100644 index 0000000..7075bec --- /dev/null +++ b/docs/scope-288-checklist.md @@ -0,0 +1,30 @@ +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. + +# Scope 288 Checklist: Epoch 12 federation scope 288 +## Layer +kernel + +## Tag +native + +## Mode +implemented + +## Scope + +- [x] Deliverable: ROADMAP_151_350 band 276-300 +- [x] Consistent with [AXIOMS.md](AXIOMS.md) +- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) + +## Validation + +- [x] `cargo check -p kernel` +- [x] Smoke script when scope delivers runtime behavior + +## Deferred + +- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. + +## Completed + +- Scope 288: Federation distributed endpoints (scope 288) diff --git a/docs/scope-289-checklist.md b/docs/scope-289-checklist.md new file mode 100644 index 0000000..49878f5 --- /dev/null +++ b/docs/scope-289-checklist.md @@ -0,0 +1,30 @@ +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. + +# Scope 289 Checklist: Epoch 12 federation scope 289 +## Layer +kernel + +## Tag +native + +## Mode +implemented + +## Scope + +- [x] Deliverable: ROADMAP_151_350 band 276-300 +- [x] Consistent with [AXIOMS.md](AXIOMS.md) +- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) + +## Validation + +- [x] `cargo check -p kernel` +- [x] Smoke script when scope delivers runtime behavior + +## Deferred + +- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. + +## Completed + +- Scope 289: Federation distributed endpoints (scope 289) diff --git a/docs/phase-29-checklist.md b/docs/scope-29-checklist.md similarity index 66% rename from docs/phase-29-checklist.md rename to docs/scope-29-checklist.md index 05c4755..ebec81a 100644 --- a/docs/phase-29-checklist.md +++ b/docs/scope-29-checklist.md @@ -1,18 +1,18 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. -# Phase 29 Checklist: Allowlisted ELF Programs +# Scope 29 Checklist: Allowlisted ELF Programs ## Scope - [x] Allowlist `hello` and `exit42`. - [x] Seed `/bin/exit42` manifest and ELF fixture. -- [x] Covered by boot gate `hw_paging` (`AresOS-BootGate: name=hw_paging ok=true`) +- [x] Covered by boot gate `hw_paging` (`ClanOS-BootGate: name=hw_paging ok=true`) ## Validation - [x] `cargo check -p kernel` - [x] `cargo test -p kernel --features preemption --test preemption_integration` -- [x] `python scripts/gate/boot.py --phase 29 --timeout 180 +- [x] `python scripts/gate/boot.py --gate hw_paging --timeout 180` ## Deferred diff --git a/docs/scope-290-checklist.md b/docs/scope-290-checklist.md new file mode 100644 index 0000000..6292c5c --- /dev/null +++ b/docs/scope-290-checklist.md @@ -0,0 +1,30 @@ +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. + +# Scope 290 Checklist: Epoch 12 federation scope 290 +## Layer +kernel + +## Tag +native + +## Mode +implemented + +## Scope + +- [x] Deliverable: ROADMAP_151_350 band 276-300 +- [x] Consistent with [AXIOMS.md](AXIOMS.md) +- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) + +## Validation + +- [x] `cargo check -p kernel` +- [x] Smoke script when scope delivers runtime behavior + +## Deferred + +- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. + +## Completed + +- Scope 290: Federation distributed endpoints (scope 290) diff --git a/docs/scope-291-checklist.md b/docs/scope-291-checklist.md new file mode 100644 index 0000000..025c3b8 --- /dev/null +++ b/docs/scope-291-checklist.md @@ -0,0 +1,30 @@ +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. + +# Scope 291 Checklist: Epoch 12 federation scope 291 +## Layer +kernel + +## Tag +native + +## Mode +implemented + +## Scope + +- [x] Deliverable: ROADMAP_151_350 band 276-300 +- [x] Consistent with [AXIOMS.md](AXIOMS.md) +- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) + +## Validation + +- [x] `cargo check -p kernel` +- [x] Smoke script when scope delivers runtime behavior + +## Deferred + +- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. + +## Completed + +- Scope 291: Checkpoint reopen_trigger design (scope 291) diff --git a/docs/scope-292-checklist.md b/docs/scope-292-checklist.md new file mode 100644 index 0000000..ee8c088 --- /dev/null +++ b/docs/scope-292-checklist.md @@ -0,0 +1,30 @@ +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. + +# Scope 292 Checklist: Epoch 12 federation scope 292 +## Layer +kernel + +## Tag +native + +## Mode +implemented + +## Scope + +- [x] Deliverable: ROADMAP_151_350 band 276-300 +- [x] Consistent with [AXIOMS.md](AXIOMS.md) +- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) + +## Validation + +- [x] `cargo check -p kernel` +- [x] Smoke script when scope delivers runtime behavior + +## Deferred + +- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. + +## Completed + +- Scope 292: Checkpoint reopen_trigger design (scope 292) diff --git a/docs/scope-293-checklist.md b/docs/scope-293-checklist.md new file mode 100644 index 0000000..c9d9904 --- /dev/null +++ b/docs/scope-293-checklist.md @@ -0,0 +1,30 @@ +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. + +# Scope 293 Checklist: Epoch 12 federation scope 293 +## Layer +kernel + +## Tag +native + +## Mode +implemented + +## Scope + +- [x] Deliverable: ROADMAP_151_350 band 276-300 +- [x] Consistent with [AXIOMS.md](AXIOMS.md) +- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) + +## Validation + +- [x] `cargo check -p kernel` +- [x] Smoke script when scope delivers runtime behavior + +## Deferred + +- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. + +## Completed + +- Scope 293: Checkpoint reopen_trigger design (scope 293) diff --git a/docs/scope-294-checklist.md b/docs/scope-294-checklist.md new file mode 100644 index 0000000..d41d4d7 --- /dev/null +++ b/docs/scope-294-checklist.md @@ -0,0 +1,30 @@ +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. + +# Scope 294 Checklist: Epoch 12 federation scope 294 +## Layer +kernel + +## Tag +native + +## Mode +implemented + +## Scope + +- [x] Deliverable: ROADMAP_151_350 band 276-300 +- [x] Consistent with [AXIOMS.md](AXIOMS.md) +- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) + +## Validation + +- [x] `cargo check -p kernel` +- [x] Smoke script when scope delivers runtime behavior + +## Deferred + +- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. + +## Completed + +- Scope 294: Checkpoint reopen_trigger design (scope 294) diff --git a/docs/scope-295-checklist.md b/docs/scope-295-checklist.md new file mode 100644 index 0000000..f40e422 --- /dev/null +++ b/docs/scope-295-checklist.md @@ -0,0 +1,30 @@ +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. + +# Scope 295 Checklist: Epoch 12 federation scope 295 +## Layer +kernel + +## Tag +native + +## Mode +implemented + +## Scope + +- [x] Deliverable: ROADMAP_151_350 band 276-300 +- [x] Consistent with [AXIOMS.md](AXIOMS.md) +- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) + +## Validation + +- [x] `cargo check -p kernel` +- [x] Smoke script when scope delivers runtime behavior + +## Deferred + +- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. + +## Completed + +- Scope 295: Checkpoint reopen_trigger design (scope 295) diff --git a/docs/scope-296-checklist.md b/docs/scope-296-checklist.md new file mode 100644 index 0000000..7cd80f9 --- /dev/null +++ b/docs/scope-296-checklist.md @@ -0,0 +1,30 @@ +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. + +# Scope 296 Checklist: Epoch 12 federation scope 296 +## Layer +kernel + +## Tag +native + +## Mode +implemented + +## Scope + +- [x] Deliverable: ROADMAP_151_350 band 276-300 +- [x] Consistent with [AXIOMS.md](AXIOMS.md) +- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) + +## Validation + +- [x] `cargo check -p kernel` +- [x] Smoke script when scope delivers runtime behavior + +## Deferred + +- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. + +## Completed + +- Scope 296: Checkpoint reopen_trigger design (scope 296) diff --git a/docs/scope-297-checklist.md b/docs/scope-297-checklist.md new file mode 100644 index 0000000..25060d8 --- /dev/null +++ b/docs/scope-297-checklist.md @@ -0,0 +1,30 @@ +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. + +# Scope 297 Checklist: Epoch 12 federation scope 297 +## Layer +kernel + +## Tag +native + +## Mode +implemented + +## Scope + +- [x] Deliverable: ROADMAP_151_350 band 276-300 +- [x] Consistent with [AXIOMS.md](AXIOMS.md) +- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) + +## Validation + +- [x] `cargo check -p kernel` +- [x] Smoke script when scope delivers runtime behavior + +## Deferred + +- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. + +## Completed + +- Scope 297: Checkpoint reopen_trigger design (scope 297) diff --git a/docs/scope-298-checklist.md b/docs/scope-298-checklist.md new file mode 100644 index 0000000..248ec63 --- /dev/null +++ b/docs/scope-298-checklist.md @@ -0,0 +1,30 @@ +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. + +# Scope 298 Checklist: Epoch 12 federation scope 298 +## Layer +kernel + +## Tag +native + +## Mode +implemented + +## Scope + +- [x] Deliverable: ROADMAP_151_350 band 276-300 +- [x] Consistent with [AXIOMS.md](AXIOMS.md) +- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) + +## Validation + +- [x] `cargo check -p kernel` +- [x] Smoke script when scope delivers runtime behavior + +## Deferred + +- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. + +## Completed + +- Scope 298: Checkpoint reopen_trigger design (scope 298) diff --git a/docs/scope-299-checklist.md b/docs/scope-299-checklist.md new file mode 100644 index 0000000..c808170 --- /dev/null +++ b/docs/scope-299-checklist.md @@ -0,0 +1,30 @@ +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. + +# Scope 299 Checklist: Epoch 12 federation scope 299 +## Layer +kernel + +## Tag +native + +## Mode +implemented + +## Scope + +- [x] Deliverable: ROADMAP_151_350 band 276-300 +- [x] Consistent with [AXIOMS.md](AXIOMS.md) +- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) + +## Validation + +- [x] `cargo check -p kernel` +- [x] Smoke script when scope delivers runtime behavior + +## Deferred + +- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. + +## Completed + +- Scope 299: Checkpoint reopen_trigger design (scope 299) diff --git a/docs/phase-3-checklist.md b/docs/scope-3-checklist.md similarity index 90% rename from docs/phase-3-checklist.md rename to docs/scope-3-checklist.md index 0524d37..94766ea 100644 --- a/docs/phase-3-checklist.md +++ b/docs/scope-3-checklist.md @@ -1,11 +1,11 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. -# Phase 3 Completion Checklist (Memory) +# Scope 3 Completion Checklist (Memory) Date: 2026-03-17 ## Scope -Phase 3 roadmap goals: +Scope 3 roadmap goals: - paging implementation - frame allocator - heap allocation @@ -26,7 +26,7 @@ Phase 3 roadmap goals: ## Notes - Physical memory is identity-mapped via the bootloader's `map_physical_memory` feature. -- Virtual memory address space management beyond the initial heap is a Phase 6 concern. +- Virtual memory address space management beyond the initial heap is a Scope 6 concern. ## Validation diff --git a/docs/phase-30-checklist.md b/docs/scope-30-checklist.md similarity index 69% rename from docs/phase-30-checklist.md rename to docs/scope-30-checklist.md index 5085f91..e63acc9 100644 --- a/docs/phase-30-checklist.md +++ b/docs/scope-30-checklist.md @@ -1,20 +1,20 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. -# Phase 30 Checklist: Per-Process CR3 Switching +# Scope 30 Checklist: Per-Process CR3 Switching ## Scope - [x] Switch between distinct user CR3 values and restore kernel CR3. - [x] Verify distinct translations after switches. -- [x] Covered by boot gate `hw_paging` (`AresOS-BootGate: name=hw_paging ok=true`) +- [x] Covered by boot gate `hw_paging` (`ClanOS-BootGate: name=hw_paging ok=true`) ## Validation - [x] `cargo check -p kernel` - [x] `cargo test -p kernel --features preemption --test preemption_integration` -- [x] `python scripts/gate/boot.py --phase 30 --timeout 180 +- [x] `python scripts/gate/boot.py --gate hw_paging --timeout 180` ## Deferred -- [x] Scheduler-integrated CR3 switching on every context switch (Phase 31). -- [ ] Demand paging and SMP TLB shootdown (demand-zero slice in Phase 38). +- [x] Scheduler-integrated CR3 switching on every context switch (Scope 31). +- [ ] Demand paging and SMP TLB shootdown (demand-zero slice in Scope 38). diff --git a/docs/phase-300-checklist.md b/docs/scope-300-checklist.md similarity index 71% rename from docs/phase-300-checklist.md rename to docs/scope-300-checklist.md index 6b0012d..8d62582 100644 --- a/docs/phase-300-checklist.md +++ b/docs/scope-300-checklist.md @@ -1,6 +1,6 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. -# Phase 300 Checklist: Milestone 300 Gate +# Scope 300 Checklist: Milestone 300 Gate ## Layer governance @@ -20,7 +20,7 @@ implemented ## Validation - [x] `cargo check -p kernel` -- [x] Smoke script when phase delivers runtime behavior +- [x] Smoke script when scope delivers runtime behavior ## Deferred @@ -28,4 +28,4 @@ implemented ## Completed -- Phase 300: Milestone 300 federation gate +- Scope 300: Milestone 300 federation gate diff --git a/docs/scope-301-checklist.md b/docs/scope-301-checklist.md new file mode 100644 index 0000000..c419542 --- /dev/null +++ b/docs/scope-301-checklist.md @@ -0,0 +1,30 @@ +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. + +# Scope 301 Checklist: Epoch 13 checkpoint formal scope 301 +## Layer +kernel + +## Tag +native + +## Mode +implemented + +## Scope + +- [x] Deliverable: ROADMAP_151_350 band 301-325 +- [x] Consistent with [AXIOMS.md](AXIOMS.md) +- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) + +## Validation + +- [x] `cargo check -p kernel` +- [x] Smoke script when scope delivers runtime behavior + +## Deferred + +- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. + +## Completed + +- Scope 301: Checkpoint restore security domain (scope 301) diff --git a/docs/scope-302-checklist.md b/docs/scope-302-checklist.md new file mode 100644 index 0000000..d799161 --- /dev/null +++ b/docs/scope-302-checklist.md @@ -0,0 +1,30 @@ +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. + +# Scope 302 Checklist: Epoch 13 checkpoint formal scope 302 +## Layer +kernel + +## Tag +native + +## Mode +implemented + +## Scope + +- [x] Deliverable: ROADMAP_151_350 band 301-325 +- [x] Consistent with [AXIOMS.md](AXIOMS.md) +- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) + +## Validation + +- [x] `cargo check -p kernel` +- [x] Smoke script when scope delivers runtime behavior + +## Deferred + +- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. + +## Completed + +- Scope 302: Checkpoint restore security domain (scope 302) diff --git a/docs/scope-303-checklist.md b/docs/scope-303-checklist.md new file mode 100644 index 0000000..38f2afe --- /dev/null +++ b/docs/scope-303-checklist.md @@ -0,0 +1,30 @@ +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. + +# Scope 303 Checklist: Epoch 13 checkpoint formal scope 303 +## Layer +kernel + +## Tag +native + +## Mode +implemented + +## Scope + +- [x] Deliverable: ROADMAP_151_350 band 301-325 +- [x] Consistent with [AXIOMS.md](AXIOMS.md) +- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) + +## Validation + +- [x] `cargo check -p kernel` +- [x] Smoke script when scope delivers runtime behavior + +## Deferred + +- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. + +## Completed + +- Scope 303: Checkpoint restore security domain (scope 303) diff --git a/docs/scope-304-checklist.md b/docs/scope-304-checklist.md new file mode 100644 index 0000000..07d59a2 --- /dev/null +++ b/docs/scope-304-checklist.md @@ -0,0 +1,30 @@ +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. + +# Scope 304 Checklist: Epoch 13 checkpoint formal scope 304 +## Layer +kernel + +## Tag +native + +## Mode +implemented + +## Scope + +- [x] Deliverable: ROADMAP_151_350 band 301-325 +- [x] Consistent with [AXIOMS.md](AXIOMS.md) +- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) + +## Validation + +- [x] `cargo check -p kernel` +- [x] Smoke script when scope delivers runtime behavior + +## Deferred + +- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. + +## Completed + +- Scope 304: Checkpoint restore security domain (scope 304) diff --git a/docs/scope-305-checklist.md b/docs/scope-305-checklist.md new file mode 100644 index 0000000..825d6a1 --- /dev/null +++ b/docs/scope-305-checklist.md @@ -0,0 +1,30 @@ +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. + +# Scope 305 Checklist: Epoch 13 checkpoint formal scope 305 +## Layer +kernel + +## Tag +native + +## Mode +implemented + +## Scope + +- [x] Deliverable: ROADMAP_151_350 band 301-325 +- [x] Consistent with [AXIOMS.md](AXIOMS.md) +- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) + +## Validation + +- [x] `cargo check -p kernel` +- [x] Smoke script when scope delivers runtime behavior + +## Deferred + +- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. + +## Completed + +- Scope 305: Checkpoint restore security domain (scope 305) diff --git a/docs/scope-306-checklist.md b/docs/scope-306-checklist.md new file mode 100644 index 0000000..08c6196 --- /dev/null +++ b/docs/scope-306-checklist.md @@ -0,0 +1,30 @@ +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. + +# Scope 306 Checklist: Epoch 13 checkpoint formal scope 306 +## Layer +kernel + +## Tag +native + +## Mode +implemented + +## Scope + +- [x] Deliverable: ROADMAP_151_350 band 301-325 +- [x] Consistent with [AXIOMS.md](AXIOMS.md) +- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) + +## Validation + +- [x] `cargo check -p kernel` +- [x] Smoke script when scope delivers runtime behavior + +## Deferred + +- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. + +## Completed + +- Scope 306: Checkpoint restore security domain (scope 306) diff --git a/docs/scope-307-checklist.md b/docs/scope-307-checklist.md new file mode 100644 index 0000000..2fbc052 --- /dev/null +++ b/docs/scope-307-checklist.md @@ -0,0 +1,30 @@ +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. + +# Scope 307 Checklist: Epoch 13 checkpoint formal scope 307 +## Layer +kernel + +## Tag +native + +## Mode +implemented + +## Scope + +- [x] Deliverable: ROADMAP_151_350 band 301-325 +- [x] Consistent with [AXIOMS.md](AXIOMS.md) +- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) + +## Validation + +- [x] `cargo check -p kernel` +- [x] Smoke script when scope delivers runtime behavior + +## Deferred + +- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. + +## Completed + +- Scope 307: Checkpoint restore security domain (scope 307) diff --git a/docs/scope-308-checklist.md b/docs/scope-308-checklist.md new file mode 100644 index 0000000..b329c4e --- /dev/null +++ b/docs/scope-308-checklist.md @@ -0,0 +1,30 @@ +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. + +# Scope 308 Checklist: Epoch 13 checkpoint formal scope 308 +## Layer +kernel + +## Tag +native + +## Mode +implemented + +## Scope + +- [x] Deliverable: ROADMAP_151_350 band 301-325 +- [x] Consistent with [AXIOMS.md](AXIOMS.md) +- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) + +## Validation + +- [x] `cargo check -p kernel` +- [x] Smoke script when scope delivers runtime behavior + +## Deferred + +- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. + +## Completed + +- Scope 308: Checkpoint restore security domain (scope 308) diff --git a/docs/scope-309-checklist.md b/docs/scope-309-checklist.md new file mode 100644 index 0000000..b3f18bb --- /dev/null +++ b/docs/scope-309-checklist.md @@ -0,0 +1,30 @@ +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. + +# Scope 309 Checklist: Epoch 13 checkpoint formal scope 309 +## Layer +kernel + +## Tag +native + +## Mode +implemented + +## Scope + +- [x] Deliverable: ROADMAP_151_350 band 301-325 +- [x] Consistent with [AXIOMS.md](AXIOMS.md) +- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) + +## Validation + +- [x] `cargo check -p kernel` +- [x] Smoke script when scope delivers runtime behavior + +## Deferred + +- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. + +## Completed + +- Scope 309: Checkpoint restore security domain (scope 309) diff --git a/docs/phase-31-checklist.md b/docs/scope-31-checklist.md similarity index 73% rename from docs/phase-31-checklist.md rename to docs/scope-31-checklist.md index 6fdd0fb..376628f 100644 --- a/docs/phase-31-checklist.md +++ b/docs/scope-31-checklist.md @@ -1,19 +1,19 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. -# Phase 31 Checklist: Scheduler CR3 Binding +# Scope 31 Checklist: Scheduler CR3 Binding ## Scope - [x] Bind `cr3_phys` to process records when hardware page tables are built. - [x] Apply user CR3 on preemptive context switch via `apply_scheduler_cr3_for_next`. - [x] Optional `bound_cr3` on context tasks and `bind_context_task_cr3`. -- [x] Covered by boot gate `sched_userspace` (`AresOS-BootGate: name=sched_userspace ok=true`) +- [x] Covered by boot gate `sched_userspace` (`ClanOS-BootGate: name=sched_userspace ok=true`) ## Validation - [x] `cargo check -p kernel` - [x] `cargo test -p kernel --features preemption --test preemption_integration` -- [x] `python scripts/gate/boot.py --phase 31 --timeout 180 +- [x] `python scripts/gate/boot.py --gate sched_userspace --timeout 180` ## Deferred diff --git a/docs/scope-310-checklist.md b/docs/scope-310-checklist.md new file mode 100644 index 0000000..df2e32c --- /dev/null +++ b/docs/scope-310-checklist.md @@ -0,0 +1,30 @@ +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. + +# Scope 310 Checklist: Epoch 13 checkpoint formal scope 310 +## Layer +kernel + +## Tag +native + +## Mode +implemented + +## Scope + +- [x] Deliverable: ROADMAP_151_350 band 301-325 +- [x] Consistent with [AXIOMS.md](AXIOMS.md) +- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) + +## Validation + +- [x] `cargo check -p kernel` +- [x] Smoke script when scope delivers runtime behavior + +## Deferred + +- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. + +## Completed + +- Scope 310: Checkpoint restore security domain (scope 310) diff --git a/docs/phase-311-checklist.md b/docs/scope-311-checklist.md similarity index 69% rename from docs/phase-311-checklist.md rename to docs/scope-311-checklist.md index 06ad5ee..e34cebd 100644 --- a/docs/phase-311-checklist.md +++ b/docs/scope-311-checklist.md @@ -1,7 +1,6 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. - -# Phase 311 Checklist: Epoch 13 checkpoint formal phase 311 +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. +# Scope 311 Checklist: Epoch 13 checkpoint formal scope 311 ## Layer kernel @@ -20,7 +19,7 @@ implemented ## Validation - [x] `cargo check -p kernel` -- [x] Smoke script when phase delivers runtime behavior +- [x] Smoke script when scope delivers runtime behavior ## Deferred @@ -28,4 +27,4 @@ implemented ## Completed -- Phase 311: FORMAL_MODEL Tier D Verus (phase 311) +- Scope 311: FORMAL_MODEL Tier D Verus (scope 311) diff --git a/docs/phase-312-checklist.md b/docs/scope-312-checklist.md similarity index 69% rename from docs/phase-312-checklist.md rename to docs/scope-312-checklist.md index d95dcfa..4abfd24 100644 --- a/docs/phase-312-checklist.md +++ b/docs/scope-312-checklist.md @@ -1,7 +1,6 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. - -# Phase 312 Checklist: Epoch 13 checkpoint formal phase 312 +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. +# Scope 312 Checklist: Epoch 13 checkpoint formal scope 312 ## Layer kernel @@ -20,7 +19,7 @@ implemented ## Validation - [x] `cargo check -p kernel` -- [x] Smoke script when phase delivers runtime behavior +- [x] Smoke script when scope delivers runtime behavior ## Deferred @@ -28,4 +27,4 @@ implemented ## Completed -- Phase 312: FORMAL_MODEL Tier D Verus (phase 312) +- Scope 312: FORMAL_MODEL Tier D Verus (scope 312) diff --git a/docs/phase-313-checklist.md b/docs/scope-313-checklist.md similarity index 69% rename from docs/phase-313-checklist.md rename to docs/scope-313-checklist.md index 787db0b..3d7f9ea 100644 --- a/docs/phase-313-checklist.md +++ b/docs/scope-313-checklist.md @@ -1,7 +1,6 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. - -# Phase 313 Checklist: Epoch 13 checkpoint formal phase 313 +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. +# Scope 313 Checklist: Epoch 13 checkpoint formal scope 313 ## Layer kernel @@ -20,7 +19,7 @@ implemented ## Validation - [x] `cargo check -p kernel` -- [x] Smoke script when phase delivers runtime behavior +- [x] Smoke script when scope delivers runtime behavior ## Deferred @@ -28,4 +27,4 @@ implemented ## Completed -- Phase 313: FORMAL_MODEL Tier D Verus (phase 313) +- Scope 313: FORMAL_MODEL Tier D Verus (scope 313) diff --git a/docs/phase-314-checklist.md b/docs/scope-314-checklist.md similarity index 69% rename from docs/phase-314-checklist.md rename to docs/scope-314-checklist.md index 18d6589..81b77ff 100644 --- a/docs/phase-314-checklist.md +++ b/docs/scope-314-checklist.md @@ -1,7 +1,6 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. - -# Phase 314 Checklist: Epoch 13 checkpoint formal phase 314 +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. +# Scope 314 Checklist: Epoch 13 checkpoint formal scope 314 ## Layer kernel @@ -20,7 +19,7 @@ implemented ## Validation - [x] `cargo check -p kernel` -- [x] Smoke script when phase delivers runtime behavior +- [x] Smoke script when scope delivers runtime behavior ## Deferred @@ -28,4 +27,4 @@ implemented ## Completed -- Phase 314: FORMAL_MODEL Tier D Verus (phase 314) +- Scope 314: FORMAL_MODEL Tier D Verus (scope 314) diff --git a/docs/scope-315-checklist.md b/docs/scope-315-checklist.md new file mode 100644 index 0000000..dca75d3 --- /dev/null +++ b/docs/scope-315-checklist.md @@ -0,0 +1,30 @@ +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. + +# Scope 315 Checklist: Epoch 13 checkpoint formal scope 315 +## Layer +kernel + +## Tag +native + +## Mode +implemented + +## Scope + +- [x] Deliverable: ROADMAP_151_350 band 301-325 +- [x] Consistent with [AXIOMS.md](AXIOMS.md) +- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) + +## Validation + +- [x] `cargo check -p kernel` +- [x] Smoke script when scope delivers runtime behavior + +## Deferred + +- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. + +## Completed + +- Scope 315: FORMAL_MODEL Tier D Verus (scope 315) diff --git a/docs/scope-316-checklist.md b/docs/scope-316-checklist.md new file mode 100644 index 0000000..48d513e --- /dev/null +++ b/docs/scope-316-checklist.md @@ -0,0 +1,30 @@ +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. + +# Scope 316 Checklist: Epoch 13 checkpoint formal scope 316 +## Layer +kernel + +## Tag +native + +## Mode +implemented + +## Scope + +- [x] Deliverable: ROADMAP_151_350 band 301-325 +- [x] Consistent with [AXIOMS.md](AXIOMS.md) +- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) + +## Validation + +- [x] `cargo check -p kernel` +- [x] Smoke script when scope delivers runtime behavior + +## Deferred + +- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. + +## Completed + +- Scope 316: FORMAL_MODEL Tier D Verus (scope 316) diff --git a/docs/scope-317-checklist.md b/docs/scope-317-checklist.md new file mode 100644 index 0000000..0e4f344 --- /dev/null +++ b/docs/scope-317-checklist.md @@ -0,0 +1,30 @@ +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. + +# Scope 317 Checklist: Epoch 13 checkpoint formal scope 317 +## Layer +kernel + +## Tag +native + +## Mode +implemented + +## Scope + +- [x] Deliverable: ROADMAP_151_350 band 301-325 +- [x] Consistent with [AXIOMS.md](AXIOMS.md) +- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) + +## Validation + +- [x] `cargo check -p kernel` +- [x] Smoke script when scope delivers runtime behavior + +## Deferred + +- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. + +## Completed + +- Scope 317: FORMAL_MODEL Tier D Verus (scope 317) diff --git a/docs/scope-318-checklist.md b/docs/scope-318-checklist.md new file mode 100644 index 0000000..44e6a42 --- /dev/null +++ b/docs/scope-318-checklist.md @@ -0,0 +1,30 @@ +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. + +# Scope 318 Checklist: Epoch 13 checkpoint formal scope 318 +## Layer +kernel + +## Tag +native + +## Mode +implemented + +## Scope + +- [x] Deliverable: ROADMAP_151_350 band 301-325 +- [x] Consistent with [AXIOMS.md](AXIOMS.md) +- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) + +## Validation + +- [x] `cargo check -p kernel` +- [x] Smoke script when scope delivers runtime behavior + +## Deferred + +- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. + +## Completed + +- Scope 318: FORMAL_MODEL Tier D Verus (scope 318) diff --git a/docs/scope-319-checklist.md b/docs/scope-319-checklist.md new file mode 100644 index 0000000..04c6371 --- /dev/null +++ b/docs/scope-319-checklist.md @@ -0,0 +1,30 @@ +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. + +# Scope 319 Checklist: Epoch 13 checkpoint formal scope 319 +## Layer +kernel + +## Tag +native + +## Mode +implemented + +## Scope + +- [x] Deliverable: ROADMAP_151_350 band 301-325 +- [x] Consistent with [AXIOMS.md](AXIOMS.md) +- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) + +## Validation + +- [x] `cargo check -p kernel` +- [x] Smoke script when scope delivers runtime behavior + +## Deferred + +- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. + +## Completed + +- Scope 319: FORMAL_MODEL Tier D Verus (scope 319) diff --git a/docs/phase-32-checklist.md b/docs/scope-32-checklist.md similarity index 69% rename from docs/phase-32-checklist.md rename to docs/scope-32-checklist.md index e9630ad..c2a5d91 100644 --- a/docs/phase-32-checklist.md +++ b/docs/scope-32-checklist.md @@ -1,18 +1,18 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. -# Phase 32 Checklist: User Trap Frame Persistence +# Scope 32 Checklist: User Trap Frame Persistence ## Scope - [x] `UserHwFrame` save/resume registry for scheduler preemption bring-up. - [x] Smoke saves frame, yields scheduler, resumes saved frame. -- [x] Covered by boot gate `sched_userspace` (`AresOS-BootGate: name=sched_userspace ok=true`) +- [x] Covered by boot gate `sched_userspace` (`ClanOS-BootGate: name=sched_userspace ok=true`) ## Validation - [x] `cargo check -p kernel` - [x] `cargo test -p kernel --features preemption --test preemption_integration` -- [x] `python scripts/gate/boot.py --phase 32 --timeout 180 +- [x] `python scripts/gate/boot.py --gate sched_userspace --timeout 180` ## Deferred diff --git a/docs/scope-320-checklist.md b/docs/scope-320-checklist.md new file mode 100644 index 0000000..2add2d6 --- /dev/null +++ b/docs/scope-320-checklist.md @@ -0,0 +1,30 @@ +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. + +# Scope 320 Checklist: Epoch 13 checkpoint formal scope 320 +## Layer +kernel + +## Tag +native + +## Mode +implemented + +## Scope + +- [x] Deliverable: ROADMAP_151_350 band 301-325 +- [x] Consistent with [AXIOMS.md](AXIOMS.md) +- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) + +## Validation + +- [x] `cargo check -p kernel` +- [x] Smoke script when scope delivers runtime behavior + +## Deferred + +- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. + +## Completed + +- Scope 320: FORMAL_MODEL Tier D Verus (scope 320) diff --git a/docs/scope-321-checklist.md b/docs/scope-321-checklist.md new file mode 100644 index 0000000..1f80d2f --- /dev/null +++ b/docs/scope-321-checklist.md @@ -0,0 +1,30 @@ +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. + +# Scope 321 Checklist: Epoch 13 checkpoint formal scope 321 +## Layer +kernel + +## Tag +native + +## Mode +implemented + +## Scope + +- [x] Deliverable: ROADMAP_151_350 band 301-325 +- [x] Consistent with [AXIOMS.md](AXIOMS.md) +- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) + +## Validation + +- [x] `cargo check -p kernel` +- [x] Smoke script when scope delivers runtime behavior + +## Deferred + +- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. + +## Completed + +- Scope 321: Never-stabilize graduation 1.0 (scope 321) diff --git a/docs/scope-322-checklist.md b/docs/scope-322-checklist.md new file mode 100644 index 0000000..f969a85 --- /dev/null +++ b/docs/scope-322-checklist.md @@ -0,0 +1,30 @@ +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. + +# Scope 322 Checklist: Epoch 13 checkpoint formal scope 322 +## Layer +kernel + +## Tag +native + +## Mode +implemented + +## Scope + +- [x] Deliverable: ROADMAP_151_350 band 301-325 +- [x] Consistent with [AXIOMS.md](AXIOMS.md) +- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) + +## Validation + +- [x] `cargo check -p kernel` +- [x] Smoke script when scope delivers runtime behavior + +## Deferred + +- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. + +## Completed + +- Scope 322: Never-stabilize graduation 1.0 (scope 322) diff --git a/docs/scope-323-checklist.md b/docs/scope-323-checklist.md new file mode 100644 index 0000000..6c8ca35 --- /dev/null +++ b/docs/scope-323-checklist.md @@ -0,0 +1,30 @@ +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. + +# Scope 323 Checklist: Epoch 13 checkpoint formal scope 323 +## Layer +kernel + +## Tag +native + +## Mode +implemented + +## Scope + +- [x] Deliverable: ROADMAP_151_350 band 301-325 +- [x] Consistent with [AXIOMS.md](AXIOMS.md) +- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) + +## Validation + +- [x] `cargo check -p kernel` +- [x] Smoke script when scope delivers runtime behavior + +## Deferred + +- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. + +## Completed + +- Scope 323: Never-stabilize graduation 1.0 (scope 323) diff --git a/docs/scope-324-checklist.md b/docs/scope-324-checklist.md new file mode 100644 index 0000000..c54ef3e --- /dev/null +++ b/docs/scope-324-checklist.md @@ -0,0 +1,30 @@ +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. + +# Scope 324 Checklist: Epoch 13 checkpoint formal scope 324 +## Layer +kernel + +## Tag +native + +## Mode +implemented + +## Scope + +- [x] Deliverable: ROADMAP_151_350 band 301-325 +- [x] Consistent with [AXIOMS.md](AXIOMS.md) +- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) + +## Validation + +- [x] `cargo check -p kernel` +- [x] Smoke script when scope delivers runtime behavior + +## Deferred + +- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. + +## Completed + +- Scope 324: Never-stabilize graduation 1.0 (scope 324) diff --git a/docs/scope-325-checklist.md b/docs/scope-325-checklist.md new file mode 100644 index 0000000..cea4180 --- /dev/null +++ b/docs/scope-325-checklist.md @@ -0,0 +1,30 @@ +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. + +# Scope 325 Checklist: Epoch 13 checkpoint formal scope 325 +## Layer +kernel + +## Tag +native + +## Mode +implemented + +## Scope + +- [x] Deliverable: ROADMAP_151_350 band 301-325 +- [x] Consistent with [AXIOMS.md](AXIOMS.md) +- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) + +## Validation + +- [x] `cargo check -p kernel` +- [x] Smoke script when scope delivers runtime behavior + +## Deferred + +- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. + +## Completed + +- Scope 325: Never-stabilize graduation 1.0 (scope 325) diff --git a/docs/phase-326-checklist.md b/docs/scope-326-checklist.md similarity index 69% rename from docs/phase-326-checklist.md rename to docs/scope-326-checklist.md index 4675f2e..a1a00f6 100644 --- a/docs/phase-326-checklist.md +++ b/docs/scope-326-checklist.md @@ -1,7 +1,6 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. - -# Phase 326 Checklist: Epoch 14 release phase 326 +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. +# Scope 326 Checklist: Epoch 14 release scope 326 ## Layer governance @@ -20,7 +19,7 @@ implemented ## Validation - [x] `cargo check -p kernel` -- [x] Smoke script when phase delivers runtime behavior +- [x] Smoke script when scope delivers runtime behavior ## Deferred @@ -28,4 +27,4 @@ implemented ## Completed -- Phase 326: Never-stabilize graduation 1.0 (phase 326) +- Scope 326: Never-stabilize graduation 1.0 (scope 326) diff --git a/docs/phase-327-checklist.md b/docs/scope-327-checklist.md similarity index 69% rename from docs/phase-327-checklist.md rename to docs/scope-327-checklist.md index 302821b..d4fc138 100644 --- a/docs/phase-327-checklist.md +++ b/docs/scope-327-checklist.md @@ -1,7 +1,6 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. - -# Phase 327 Checklist: Epoch 14 release phase 327 +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. +# Scope 327 Checklist: Epoch 14 release scope 327 ## Layer governance @@ -20,7 +19,7 @@ implemented ## Validation - [x] `cargo check -p kernel` -- [x] Smoke script when phase delivers runtime behavior +- [x] Smoke script when scope delivers runtime behavior ## Deferred @@ -28,4 +27,4 @@ implemented ## Completed -- Phase 327: Never-stabilize graduation 1.0 (phase 327) +- Scope 327: Never-stabilize graduation 1.0 (scope 327) diff --git a/docs/phase-328-checklist.md b/docs/scope-328-checklist.md similarity index 69% rename from docs/phase-328-checklist.md rename to docs/scope-328-checklist.md index 140a41e..d1665f9 100644 --- a/docs/phase-328-checklist.md +++ b/docs/scope-328-checklist.md @@ -1,7 +1,6 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. - -# Phase 328 Checklist: Epoch 14 release phase 328 +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. +# Scope 328 Checklist: Epoch 14 release scope 328 ## Layer governance @@ -20,7 +19,7 @@ implemented ## Validation - [x] `cargo check -p kernel` -- [x] Smoke script when phase delivers runtime behavior +- [x] Smoke script when scope delivers runtime behavior ## Deferred @@ -28,4 +27,4 @@ implemented ## Completed -- Phase 328: Never-stabilize graduation 1.0 (phase 328) +- Scope 328: Never-stabilize graduation 1.0 (scope 328) diff --git a/docs/phase-329-checklist.md b/docs/scope-329-checklist.md similarity index 69% rename from docs/phase-329-checklist.md rename to docs/scope-329-checklist.md index 24b3c9b..043b0f9 100644 --- a/docs/phase-329-checklist.md +++ b/docs/scope-329-checklist.md @@ -1,7 +1,6 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. - -# Phase 329 Checklist: Epoch 14 release phase 329 +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. +# Scope 329 Checklist: Epoch 14 release scope 329 ## Layer governance @@ -20,7 +19,7 @@ implemented ## Validation - [x] `cargo check -p kernel` -- [x] Smoke script when phase delivers runtime behavior +- [x] Smoke script when scope delivers runtime behavior ## Deferred @@ -28,4 +27,4 @@ implemented ## Completed -- Phase 329: Never-stabilize graduation 1.0 (phase 329) +- Scope 329: Never-stabilize graduation 1.0 (scope 329) diff --git a/docs/phase-33-checklist.md b/docs/scope-33-checklist.md similarity index 67% rename from docs/phase-33-checklist.md rename to docs/scope-33-checklist.md index 887566b..74911c4 100644 --- a/docs/phase-33-checklist.md +++ b/docs/scope-33-checklist.md @@ -1,18 +1,18 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. -# Phase 33 Checklist: Concurrent Allowlisted ELFs +# Scope 33 Checklist: Concurrent Allowlisted ELFs ## Scope - [x] Run `hello` and `exit42` under distinct hardware page tables. - [x] Verify address-space isolation metadata. -- [x] Covered by boot gate `sched_userspace` (`AresOS-BootGate: name=sched_userspace ok=true`) +- [x] Covered by boot gate `sched_userspace` (`ClanOS-BootGate: name=sched_userspace ok=true`) ## Validation - [x] `cargo check -p kernel` - [x] `cargo test -p kernel --features preemption --test preemption_integration` -- [x] `python scripts/gate/boot.py --phase 33 --timeout 180 +- [x] `python scripts/gate/boot.py --gate sched_userspace --timeout 180` ## Deferred diff --git a/docs/scope-330-checklist.md b/docs/scope-330-checklist.md new file mode 100644 index 0000000..760e4f1 --- /dev/null +++ b/docs/scope-330-checklist.md @@ -0,0 +1,30 @@ +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. + +# Scope 330 Checklist: Epoch 14 release scope 330 +## Layer +governance + +## Tag +native + +## Mode +implemented + +## Scope + +- [x] Deliverable: ROADMAP_151_350 band 326-350 +- [x] Consistent with [AXIOMS.md](AXIOMS.md) +- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) + +## Validation + +- [x] `cargo check -p kernel` +- [x] Smoke script when scope delivers runtime behavior + +## Deferred + +- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. + +## Completed + +- Scope 330: Never-stabilize graduation 1.0 (scope 330) diff --git a/docs/scope-331-checklist.md b/docs/scope-331-checklist.md new file mode 100644 index 0000000..8ca4512 --- /dev/null +++ b/docs/scope-331-checklist.md @@ -0,0 +1,30 @@ +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. + +# Scope 331 Checklist: Epoch 14 release scope 331 +## Layer +governance + +## Tag +native + +## Mode +implemented + +## Scope + +- [x] Deliverable: ROADMAP_151_350 band 326-350 +- [x] Consistent with [AXIOMS.md](AXIOMS.md) +- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) + +## Validation + +- [x] `cargo check -p kernel` +- [x] Smoke script when scope delivers runtime behavior + +## Deferred + +- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. + +## Completed + +- Scope 331: Public SECURITY CONTRIBUTING GPG gates (scope 331) diff --git a/docs/scope-332-checklist.md b/docs/scope-332-checklist.md new file mode 100644 index 0000000..7284ffc --- /dev/null +++ b/docs/scope-332-checklist.md @@ -0,0 +1,30 @@ +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. + +# Scope 332 Checklist: Epoch 14 release scope 332 +## Layer +governance + +## Tag +native + +## Mode +implemented + +## Scope + +- [x] Deliverable: ROADMAP_151_350 band 326-350 +- [x] Consistent with [AXIOMS.md](AXIOMS.md) +- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) + +## Validation + +- [x] `cargo check -p kernel` +- [x] Smoke script when scope delivers runtime behavior + +## Deferred + +- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. + +## Completed + +- Scope 332: Public SECURITY CONTRIBUTING GPG gates (scope 332) diff --git a/docs/scope-333-checklist.md b/docs/scope-333-checklist.md new file mode 100644 index 0000000..4a0982f --- /dev/null +++ b/docs/scope-333-checklist.md @@ -0,0 +1,30 @@ +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. + +# Scope 333 Checklist: Epoch 14 release scope 333 +## Layer +governance + +## Tag +native + +## Mode +implemented + +## Scope + +- [x] Deliverable: ROADMAP_151_350 band 326-350 +- [x] Consistent with [AXIOMS.md](AXIOMS.md) +- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) + +## Validation + +- [x] `cargo check -p kernel` +- [x] Smoke script when scope delivers runtime behavior + +## Deferred + +- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. + +## Completed + +- Scope 333: Public SECURITY CONTRIBUTING GPG gates (scope 333) diff --git a/docs/scope-334-checklist.md b/docs/scope-334-checklist.md new file mode 100644 index 0000000..2eeb95c --- /dev/null +++ b/docs/scope-334-checklist.md @@ -0,0 +1,30 @@ +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. + +# Scope 334 Checklist: Epoch 14 release scope 334 +## Layer +governance + +## Tag +native + +## Mode +implemented + +## Scope + +- [x] Deliverable: ROADMAP_151_350 band 326-350 +- [x] Consistent with [AXIOMS.md](AXIOMS.md) +- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) + +## Validation + +- [x] `cargo check -p kernel` +- [x] Smoke script when scope delivers runtime behavior + +## Deferred + +- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. + +## Completed + +- Scope 334: Public SECURITY CONTRIBUTING GPG gates (scope 334) diff --git a/docs/scope-335-checklist.md b/docs/scope-335-checklist.md new file mode 100644 index 0000000..9030e0c --- /dev/null +++ b/docs/scope-335-checklist.md @@ -0,0 +1,30 @@ +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. + +# Scope 335 Checklist: Epoch 14 release scope 335 +## Layer +governance + +## Tag +native + +## Mode +implemented + +## Scope + +- [x] Deliverable: ROADMAP_151_350 band 326-350 +- [x] Consistent with [AXIOMS.md](AXIOMS.md) +- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) + +## Validation + +- [x] `cargo check -p kernel` +- [x] Smoke script when scope delivers runtime behavior + +## Deferred + +- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. + +## Completed + +- Scope 335: Public SECURITY CONTRIBUTING GPG gates (scope 335) diff --git a/docs/scope-336-checklist.md b/docs/scope-336-checklist.md new file mode 100644 index 0000000..ccc5776 --- /dev/null +++ b/docs/scope-336-checklist.md @@ -0,0 +1,30 @@ +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. + +# Scope 336 Checklist: Epoch 14 release scope 336 +## Layer +governance + +## Tag +native + +## Mode +implemented + +## Scope + +- [x] Deliverable: ROADMAP_151_350 band 326-350 +- [x] Consistent with [AXIOMS.md](AXIOMS.md) +- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) + +## Validation + +- [x] `cargo check -p kernel` +- [x] Smoke script when scope delivers runtime behavior + +## Deferred + +- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. + +## Completed + +- Scope 336: Public SECURITY CONTRIBUTING GPG gates (scope 336) diff --git a/docs/scope-337-checklist.md b/docs/scope-337-checklist.md new file mode 100644 index 0000000..b71f53d --- /dev/null +++ b/docs/scope-337-checklist.md @@ -0,0 +1,30 @@ +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. + +# Scope 337 Checklist: Epoch 14 release scope 337 +## Layer +governance + +## Tag +native + +## Mode +implemented + +## Scope + +- [x] Deliverable: ROADMAP_151_350 band 326-350 +- [x] Consistent with [AXIOMS.md](AXIOMS.md) +- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) + +## Validation + +- [x] `cargo check -p kernel` +- [x] Smoke script when scope delivers runtime behavior + +## Deferred + +- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. + +## Completed + +- Scope 337: Public SECURITY CONTRIBUTING GPG gates (scope 337) diff --git a/docs/scope-338-checklist.md b/docs/scope-338-checklist.md new file mode 100644 index 0000000..e42b7f7 --- /dev/null +++ b/docs/scope-338-checklist.md @@ -0,0 +1,30 @@ +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. + +# Scope 338 Checklist: Epoch 14 release scope 338 +## Layer +governance + +## Tag +native + +## Mode +implemented + +## Scope + +- [x] Deliverable: ROADMAP_151_350 band 326-350 +- [x] Consistent with [AXIOMS.md](AXIOMS.md) +- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) + +## Validation + +- [x] `cargo check -p kernel` +- [x] Smoke script when scope delivers runtime behavior + +## Deferred + +- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. + +## Completed + +- Scope 338: Public SECURITY CONTRIBUTING GPG gates (scope 338) diff --git a/docs/scope-339-checklist.md b/docs/scope-339-checklist.md new file mode 100644 index 0000000..f5296b8 --- /dev/null +++ b/docs/scope-339-checklist.md @@ -0,0 +1,30 @@ +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. + +# Scope 339 Checklist: Epoch 14 release scope 339 +## Layer +governance + +## Tag +native + +## Mode +implemented + +## Scope + +- [x] Deliverable: ROADMAP_151_350 band 326-350 +- [x] Consistent with [AXIOMS.md](AXIOMS.md) +- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) + +## Validation + +- [x] `cargo check -p kernel` +- [x] Smoke script when scope delivers runtime behavior + +## Deferred + +- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. + +## Completed + +- Scope 339: Public SECURITY CONTRIBUTING GPG gates (scope 339) diff --git a/docs/phase-34-checklist.md b/docs/scope-34-checklist.md similarity index 66% rename from docs/phase-34-checklist.md rename to docs/scope-34-checklist.md index 98185f0..8594cec 100644 --- a/docs/phase-34-checklist.md +++ b/docs/scope-34-checklist.md @@ -1,18 +1,18 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. -# Phase 34 Checklist: Exit and Wait Syscalls +# Scope 34 Checklist: Exit and Wait Syscalls ## Scope - [x] `SyscallId::ExitProcess` and `WaitProcess`. - [x] Kernel exit/wait accounting smoke. -- [x] Covered by boot gate `sched_userspace` (`AresOS-BootGate: name=sched_userspace ok=true`) +- [x] Covered by boot gate `sched_userspace` (`ClanOS-BootGate: name=sched_userspace ok=true`) ## Validation - [x] `cargo check -p kernel` - [x] `cargo test -p kernel --features preemption --test preemption_integration` -- [x] `python scripts/gate/boot.py --phase 34 --timeout 180 +- [x] `python scripts/gate/boot.py --gate sched_userspace --timeout 180` ## Deferred diff --git a/docs/scope-340-checklist.md b/docs/scope-340-checklist.md new file mode 100644 index 0000000..7e7377c --- /dev/null +++ b/docs/scope-340-checklist.md @@ -0,0 +1,30 @@ +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. + +# Scope 340 Checklist: Epoch 14 release scope 340 +## Layer +governance + +## Tag +native + +## Mode +implemented + +## Scope + +- [x] Deliverable: ROADMAP_151_350 band 326-350 +- [x] Consistent with [AXIOMS.md](AXIOMS.md) +- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) + +## Validation + +- [x] `cargo check -p kernel` +- [x] Smoke script when scope delivers runtime behavior + +## Deferred + +- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. + +## Completed + +- Scope 340: Public SECURITY CONTRIBUTING GPG gates (scope 340) diff --git a/docs/scope-341-checklist.md b/docs/scope-341-checklist.md new file mode 100644 index 0000000..ba0a520 --- /dev/null +++ b/docs/scope-341-checklist.md @@ -0,0 +1,30 @@ +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. + +# Scope 341 Checklist: Epoch 14 release scope 341 +## Layer +governance + +## Tag +native + +## Mode +implemented + +## Scope + +- [x] Deliverable: ROADMAP_151_350 band 326-350 +- [x] Consistent with [AXIOMS.md](AXIOMS.md) +- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) + +## Validation + +- [x] `cargo check -p kernel` +- [x] Smoke script when scope delivers runtime behavior + +## Deferred + +- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. + +## Completed + +- Scope 341: Release scorecard compat sunset (scope 341) diff --git a/docs/scope-342-checklist.md b/docs/scope-342-checklist.md new file mode 100644 index 0000000..20cc0e4 --- /dev/null +++ b/docs/scope-342-checklist.md @@ -0,0 +1,30 @@ +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. + +# Scope 342 Checklist: Epoch 14 release scope 342 +## Layer +governance + +## Tag +native + +## Mode +implemented + +## Scope + +- [x] Deliverable: ROADMAP_151_350 band 326-350 +- [x] Consistent with [AXIOMS.md](AXIOMS.md) +- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) + +## Validation + +- [x] `cargo check -p kernel` +- [x] Smoke script when scope delivers runtime behavior + +## Deferred + +- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. + +## Completed + +- Scope 342: Release scorecard compat sunset (scope 342) diff --git a/docs/scope-343-checklist.md b/docs/scope-343-checklist.md new file mode 100644 index 0000000..ce2ffa0 --- /dev/null +++ b/docs/scope-343-checklist.md @@ -0,0 +1,30 @@ +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. + +# Scope 343 Checklist: Epoch 14 release scope 343 +## Layer +governance + +## Tag +native + +## Mode +implemented + +## Scope + +- [x] Deliverable: ROADMAP_151_350 band 326-350 +- [x] Consistent with [AXIOMS.md](AXIOMS.md) +- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) + +## Validation + +- [x] `cargo check -p kernel` +- [x] Smoke script when scope delivers runtime behavior + +## Deferred + +- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. + +## Completed + +- Scope 343: Release scorecard compat sunset (scope 343) diff --git a/docs/scope-344-checklist.md b/docs/scope-344-checklist.md new file mode 100644 index 0000000..e80065d --- /dev/null +++ b/docs/scope-344-checklist.md @@ -0,0 +1,30 @@ +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. + +# Scope 344 Checklist: Epoch 14 release scope 344 +## Layer +governance + +## Tag +native + +## Mode +implemented + +## Scope + +- [x] Deliverable: ROADMAP_151_350 band 326-350 +- [x] Consistent with [AXIOMS.md](AXIOMS.md) +- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) + +## Validation + +- [x] `cargo check -p kernel` +- [x] Smoke script when scope delivers runtime behavior + +## Deferred + +- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. + +## Completed + +- Scope 344: Release scorecard compat sunset (scope 344) diff --git a/docs/scope-345-checklist.md b/docs/scope-345-checklist.md new file mode 100644 index 0000000..d8cbe92 --- /dev/null +++ b/docs/scope-345-checklist.md @@ -0,0 +1,30 @@ +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. + +# Scope 345 Checklist: Epoch 14 release scope 345 +## Layer +governance + +## Tag +native + +## Mode +implemented + +## Scope + +- [x] Deliverable: ROADMAP_151_350 band 326-350 +- [x] Consistent with [AXIOMS.md](AXIOMS.md) +- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) + +## Validation + +- [x] `cargo check -p kernel` +- [x] Smoke script when scope delivers runtime behavior + +## Deferred + +- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. + +## Completed + +- Scope 345: Release scorecard compat sunset (scope 345) diff --git a/docs/scope-346-checklist.md b/docs/scope-346-checklist.md new file mode 100644 index 0000000..1b0d117 --- /dev/null +++ b/docs/scope-346-checklist.md @@ -0,0 +1,30 @@ +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. + +# Scope 346 Checklist: Epoch 14 release scope 346 +## Layer +governance + +## Tag +native + +## Mode +implemented + +## Scope + +- [x] Deliverable: ROADMAP_151_350 band 326-350 +- [x] Consistent with [AXIOMS.md](AXIOMS.md) +- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) + +## Validation + +- [x] `cargo check -p kernel` +- [x] Smoke script when scope delivers runtime behavior + +## Deferred + +- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. + +## Completed + +- Scope 346: Release scorecard compat sunset (scope 346) diff --git a/docs/scope-347-checklist.md b/docs/scope-347-checklist.md new file mode 100644 index 0000000..6d45f9d --- /dev/null +++ b/docs/scope-347-checklist.md @@ -0,0 +1,30 @@ +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. + +# Scope 347 Checklist: Epoch 14 release scope 347 +## Layer +governance + +## Tag +native + +## Mode +implemented + +## Scope + +- [x] Deliverable: ROADMAP_151_350 band 326-350 +- [x] Consistent with [AXIOMS.md](AXIOMS.md) +- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) + +## Validation + +- [x] `cargo check -p kernel` +- [x] Smoke script when scope delivers runtime behavior + +## Deferred + +- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. + +## Completed + +- Scope 347: Release scorecard compat sunset (scope 347) diff --git a/docs/scope-348-checklist.md b/docs/scope-348-checklist.md new file mode 100644 index 0000000..cca347c --- /dev/null +++ b/docs/scope-348-checklist.md @@ -0,0 +1,30 @@ +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. + +# Scope 348 Checklist: Epoch 14 release scope 348 +## Layer +governance + +## Tag +native + +## Mode +implemented + +## Scope + +- [x] Deliverable: ROADMAP_151_350 band 326-350 +- [x] Consistent with [AXIOMS.md](AXIOMS.md) +- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) + +## Validation + +- [x] `cargo check -p kernel` +- [x] Smoke script when scope delivers runtime behavior + +## Deferred + +- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. + +## Completed + +- Scope 348: Release scorecard compat sunset (scope 348) diff --git a/docs/scope-349-checklist.md b/docs/scope-349-checklist.md new file mode 100644 index 0000000..1eeb6c8 --- /dev/null +++ b/docs/scope-349-checklist.md @@ -0,0 +1,30 @@ +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. + +# Scope 349 Checklist: Epoch 14 release scope 349 +## Layer +governance + +## Tag +native + +## Mode +implemented + +## Scope + +- [x] Deliverable: ROADMAP_151_350 band 326-350 +- [x] Consistent with [AXIOMS.md](AXIOMS.md) +- [x] Listed in [ROADMAP_151_350.md](ROADMAP_151_350.md) + +## Validation + +- [x] `cargo check -p kernel` +- [x] Smoke script when scope delivers runtime behavior + +## Deferred + +- See [ROADMAP_151_350.md](ROADMAP_151_350.md) epoch bands. + +## Completed + +- Scope 349: Release scorecard compat sunset (scope 349) diff --git a/docs/phase-35-checklist.md b/docs/scope-35-checklist.md similarity index 69% rename from docs/phase-35-checklist.md rename to docs/scope-35-checklist.md index 6564b4a..69fd9e7 100644 --- a/docs/phase-35-checklist.md +++ b/docs/scope-35-checklist.md @@ -1,18 +1,18 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. -# Phase 35 Checklist: Hardware Syscall Dispatch Table +# Scope 35 Checklist: Hardware Syscall Dispatch Table ## Scope - [x] `ALLOWED_HW_SYSCALLS` allowlist in `user_syscall_hw`. - [x] Reject unknown syscall IDs with accounting. -- [x] Covered by boot gate `sched_userspace` (`AresOS-BootGate: name=sched_userspace ok=true`) +- [x] Covered by boot gate `sched_userspace` (`ClanOS-BootGate: name=sched_userspace ok=true`) ## Validation - [x] `cargo check -p kernel` - [x] `cargo test -p kernel --features preemption --test preemption_integration` -- [x] `python scripts/gate/boot.py --phase 35 --timeout 180 +- [x] `python scripts/gate/boot.py --gate sched_userspace --timeout 180` ## Deferred diff --git a/docs/phase-350-checklist.md b/docs/scope-350-checklist.md similarity index 71% rename from docs/phase-350-checklist.md rename to docs/scope-350-checklist.md index 9572cff..b6b2b96 100644 --- a/docs/phase-350-checklist.md +++ b/docs/scope-350-checklist.md @@ -1,6 +1,6 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. -# Phase 350 Checklist: Milestone 350 Release 1.0 +# Scope 350 Checklist: Milestone 350 Release 1.0 ## Layer governance @@ -20,7 +20,7 @@ implemented ## Validation - [x] `cargo check -p kernel` -- [x] Smoke script when phase delivers runtime behavior +- [x] Smoke script when scope delivers runtime behavior ## Deferred @@ -28,4 +28,4 @@ implemented ## Completed -- Phase 350: Milestone 350 release 1.0 gate +- Scope 350: Milestone 350 release 1.0 gate diff --git a/docs/phase-351-checklist.md b/docs/scope-351-checklist.md similarity index 76% rename from docs/phase-351-checklist.md rename to docs/scope-351-checklist.md index fb5c01a..77b877b 100644 --- a/docs/phase-351-checklist.md +++ b/docs/scope-351-checklist.md @@ -1,6 +1,6 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. -# Phase 351 Checklist: VGA Framebuffer Desktop Shell +# Scope 351 Checklist: VGA Framebuffer Desktop Shell ## Layer kernel @@ -24,4 +24,4 @@ implemented ## Completed -- Phase 351: VGA desktop shell via compositor frame submit +- Scope 351: VGA desktop shell via compositor frame submit diff --git a/docs/phase-36-checklist.md b/docs/scope-36-checklist.md similarity index 67% rename from docs/phase-36-checklist.md rename to docs/scope-36-checklist.md index 59ad259..3775988 100644 --- a/docs/phase-36-checklist.md +++ b/docs/scope-36-checklist.md @@ -1,18 +1,18 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. -# Phase 36 Checklist: Storage Syscalls With Copyin +# Scope 36 Checklist: Storage Syscalls With Copyin ## Scope - [x] `ReadFileProbe` / `WriteFileProbe` syscalls via `invoke_raw`. - [x] `storage_read_probe` using validated `copy_to_user`. -- [x] Covered by boot gate `sched_userspace` (`AresOS-BootGate: name=sched_userspace ok=true`) +- [x] Covered by boot gate `sched_userspace` (`ClanOS-BootGate: name=sched_userspace ok=true`) ## Validation - [x] `cargo check -p kernel` - [x] `cargo test -p kernel --features preemption --test preemption_integration` -- [x] `python scripts/gate/boot.py --phase 36 --timeout 180 +- [x] `python scripts/gate/boot.py --gate sched_userspace --timeout 180` ## Deferred diff --git a/docs/phase-37-checklist.md b/docs/scope-37-checklist.md similarity index 69% rename from docs/phase-37-checklist.md rename to docs/scope-37-checklist.md index f2fcdeb..e0331a8 100644 --- a/docs/phase-37-checklist.md +++ b/docs/scope-37-checklist.md @@ -1,19 +1,19 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. -# Phase 37 Checklist: Manifest-Discovered ELF Load +# Scope 37 Checklist: Manifest-Discovered ELF Load ## Scope - [x] Discover `elf64-image` manifests from storage. - [x] Gated execution via `EXECUTION_ALLOWLIST` and `execute_manifest_elf_gated`. - [x] Seed `/bin/tickprobe` fixture. -- [x] Covered by boot gate `sched_userspace` (`AresOS-BootGate: name=sched_userspace ok=true`) +- [x] Covered by boot gate `sched_userspace` (`ClanOS-BootGate: name=sched_userspace ok=true`) ## Validation - [x] `cargo check -p kernel` - [x] `cargo test -p kernel --features preemption --test preemption_integration` -- [x] `python scripts/gate/boot.py --phase 37 --timeout 180 +- [x] `python scripts/gate/boot.py --gate sched_userspace --timeout 180` ## Deferred diff --git a/docs/phase-38-checklist.md b/docs/scope-38-checklist.md similarity index 67% rename from docs/phase-38-checklist.md rename to docs/scope-38-checklist.md index 41459d0..9237bcb 100644 --- a/docs/phase-38-checklist.md +++ b/docs/scope-38-checklist.md @@ -1,18 +1,18 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. -# Phase 38 Checklist: Demand-Zero Page Faults +# Scope 38 Checklist: Demand-Zero Page Faults ## Scope - [x] `#PF` handler delegates to `demand_paging`. - [x] `map_demand_zero_page` for user growth region. -- [x] Covered by boot gate `sched_userspace` (`AresOS-BootGate: name=sched_userspace ok=true`) +- [x] Covered by boot gate `sched_userspace` (`ClanOS-BootGate: name=sched_userspace ok=true`) ## Validation - [x] `cargo check -p kernel` - [x] `cargo test -p kernel --features preemption --test preemption_integration` -- [x] `python scripts/gate/boot.py --phase 38 --timeout 180 +- [x] `python scripts/gate/boot.py --gate sched_userspace --timeout 180` ## Deferred diff --git a/docs/phase-39-checklist.md b/docs/scope-39-checklist.md similarity index 52% rename from docs/phase-39-checklist.md rename to docs/scope-39-checklist.md index 1438823..b5638ac 100644 --- a/docs/phase-39-checklist.md +++ b/docs/scope-39-checklist.md @@ -1,19 +1,19 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. -# Phase 39 Checklist: Dynamic Linking Groundwork +# Scope 39 Checklist: Dynamic Linking Groundwork ## Scope -- [x] `parse_dt_needed` for ARES seed ELFs. +- [x] `parse_dt_needed` for CLAN seed ELFs. - [x] `apply_dynamic_needed` wraps static relocations. -- [x] Covered by boot gate `sched_userspace` (`AresOS-BootGate: name=sched_userspace ok=true`) +- [x] Covered by boot gate `sched_userspace` (`ClanOS-BootGate: name=sched_userspace ok=true`) ## Validation - [x] `cargo check -p kernel` - [x] `cargo test -p kernel --features preemption --test preemption_integration` -- [x] `python scripts/gate/boot.py --phase 39 --timeout 180 +- [x] `python scripts/gate/boot.py --gate sched_userspace --timeout 180` ## Deferred -- [ ] Lazy PLT binding and multiple shared libraries (see phases 41–42). +- [ ] Lazy PLT binding and multiple shared libraries (see scopes 41–42). diff --git a/docs/phase-4-checklist.md b/docs/scope-4-checklist.md similarity index 87% rename from docs/phase-4-checklist.md rename to docs/scope-4-checklist.md index d9e0fc3..1827cde 100644 --- a/docs/phase-4-checklist.md +++ b/docs/scope-4-checklist.md @@ -1,11 +1,11 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. -# Phase 4 Completion Checklist (Processes / Async Executor) +# Scope 4 Completion Checklist (Processes / Async Executor) Date: 2026-03-17 ## Scope -Phase 4 roadmap goals: +Scope 4 roadmap goals: - async cooperative task executor - timer / sleep futures - keyboard async task @@ -35,14 +35,14 @@ Phase 4 roadmap goals: ## Caveat Context switching is exercised through the `context-lab` feature only. The default kernel main loop remains cooperative async (no preemption). -Full preemptive scheduling with process isolation is a Phase 5 / 6 target. +Full preemptive scheduling with process isolation is a Scope 5 / 6 target. ## Validation Snapshot - Last full validation command: `cargo test -p kernel` - Result: all 27 tests pass (16 unit + 11 integration) -## Phase 4 Exit Gate (Wrapper-Mode Soak) -- Command: `./scripts/phase4-soak-check` +## Scope 4 Exit Gate (Wrapper-Mode Soak) +- Command: `./scripts/scope4-soak-check` - Purpose: guard against regression of the wrapper-mode IRQ handoff stall. - Pass criteria: - Captures at least the script minimum number of `ContextLab` samples @@ -50,14 +50,14 @@ Full preemptive scheduling with process isolation is a Phase 5 / 6 target. - `handoff_q` and `handoff_c` both advance and remain equal at end of run - `misses` does not increase during the soak window - Optional tuning: - - `./scripts/phase4-soak-check --duration 120 --min-samples 10` + - `./scripts/scope4-soak-check --duration 120 --min-samples 10` - Increase duration for pre-merge or release-candidate verification ## Notes - `irq-exit-preempt-experimental` and `irq-exit-wrapper-experimental` feature flags exist for future IRQ-exit preemption work; disabled by default. - Starvation in wrapper mode has been mitigated; full verification under - sustained load is a Phase 5 item. + sustained load is a Scope 5 item. ## Validation diff --git a/docs/phase-4-preemption-checkpoint.md b/docs/scope-4-preemption-checkpoint.md similarity index 94% rename from docs/phase-4-preemption-checkpoint.md rename to docs/scope-4-preemption-checkpoint.md index 6073a3c..ec1ff1c 100644 --- a/docs/phase-4-preemption-checkpoint.md +++ b/docs/scope-4-preemption-checkpoint.md @@ -1,4 +1,4 @@ -# Phase 4 Preemption Checkpoint — 2026-03-17 +# Scope 4 Preemption Checkpoint — 2026-03-17 ## Completed @@ -99,24 +99,24 @@ ### 4. Multi-Target Preemption - [ ] Test fairness with 3+ concurrent tasks - [ ] Verify keyboard input responsiveness under CPU-bound tasks -- [ ] Integrate with Phase 5 storage/IO patterns +- [ ] Integrate with Scope 5 storage/IO patterns -### 5. Phase 5 Transition +### 5. Scope 5 Transition - [ ] Lock in preemption as stable production feature -- [ ] Begin disk driver integration (Phase 5 Hardware) +- [ ] Begin disk driver integration (Scope 5 Hardware) - [ ] Test preemption under realistic I/O workloads ## Commit Checkpoint - Latest commit: `804fcb2` "feat(executor): add per-task fairness checkpoint for task interleaving" -- Previous: `a120f3e` "docs: add Phase 4 preemption checkpoint and next steps" +- Previous: `a120f3e` "docs: add Scope 4 preemption checkpoint and next steps" - All tests green as of this checkpoint --- -**Status**: Phase 4 is now complete with full executor integration. The scheduler is production-ready with: +**Status**: Scope 4 is now complete with full executor integration. The scheduler is production-ready with: - Async executor fairness preventing task starvation - Context switching groundwork for future multi-context work - Comprehensive telemetry and observability - Stable test coverage (27 tests passing) -Ready to document final API and move to Phase 5 (Disk/Storage). +Ready to document final API and move to Scope 5 (Disk/Storage). diff --git a/docs/scope-40-checklist.md b/docs/scope-40-checklist.md new file mode 100644 index 0000000..a1fd0de --- /dev/null +++ b/docs/scope-40-checklist.md @@ -0,0 +1,20 @@ +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. + +# Scope 40 Checklist: Integration Milestone + +## Scope + +- [x] `smoke_sched_userspace_integration` validates cumulative scope 31–39 counters. +- [x] Covered by boot gate `sched_userspace` (`ClanOS-BootGate: name=sched_userspace ok=true`) +- [x] Validation matrix entries for scopes 31–40. + +## Validation + +- [x] `cargo check -p kernel` +- [x] `cargo test -p kernel --features preemption --test preemption_integration` +- [x] `python scripts/gate/boot.py --gate sched_userspace --timeout 180` +- [x] `python scripts/validation_matrix.py` (scopes 31–40 in full matrix; PASS 2026-05-22) + +## Deferred + +- [ ] Full arbitrary ELF execution; production SMP scheduling (see scopes 43–49). diff --git a/docs/phase-41-checklist.md b/docs/scope-41-checklist.md similarity index 67% rename from docs/phase-41-checklist.md rename to docs/scope-41-checklist.md index a1e2942..8f82358 100644 --- a/docs/phase-41-checklist.md +++ b/docs/scope-41-checklist.md @@ -1,18 +1,18 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. -# Phase 41 Checklist: Shared Library Mapping +# Scope 41 Checklist: Shared Library Mapping ## Scope - [x] Seed `/bin/libc_stub.elf` and manifest. - [x] `attach_shared_library` maps dependency at `0x700000`. -- [x] Covered by boot gate `dynamic_runtime` (`AresOS-BootGate: name=dynamic_runtime ok=true`) +- [x] Covered by boot gate `dynamic_runtime` (`ClanOS-BootGate: name=dynamic_runtime ok=true`) ## Validation - [x] `cargo check -p kernel` - [x] `cargo test -p kernel --features preemption --test preemption_integration` -- [x] `python scripts/gate/boot.py --phase 41 --timeout 180 +- [x] `python scripts/gate/boot.py --gate dynamic_runtime --timeout 180` ## Deferred diff --git a/docs/phase-42-checklist.md b/docs/scope-42-checklist.md similarity index 65% rename from docs/phase-42-checklist.md rename to docs/scope-42-checklist.md index 2b95aa5..a22f074 100644 --- a/docs/phase-42-checklist.md +++ b/docs/scope-42-checklist.md @@ -1,17 +1,17 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. -# Phase 42 Checklist: Dynamic Import Relocations +# Scope 42 Checklist: Dynamic Import Relocations ## Scope - [x] `R_X86_64_GLOB_DAT` import relocs against mapped `libc_stub`. -- [x] Covered by boot gate `dynamic_runtime` (`AresOS-BootGate: name=dynamic_runtime ok=true`) +- [x] Covered by boot gate `dynamic_runtime` (`ClanOS-BootGate: name=dynamic_runtime ok=true`) ## Validation - [x] `cargo check -p kernel` - [x] `cargo test -p kernel --features preemption --test preemption_integration` -- [x] `python scripts/gate/boot.py --phase 42 --timeout 180 +- [x] `python scripts/gate/boot.py --gate dynamic_runtime --timeout 180` ## Deferred diff --git a/docs/phase-43-checklist.md b/docs/scope-43-checklist.md similarity index 68% rename from docs/phase-43-checklist.md rename to docs/scope-43-checklist.md index 7781c08..dfaa31b 100644 --- a/docs/phase-43-checklist.md +++ b/docs/scope-43-checklist.md @@ -1,18 +1,18 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. -# Phase 43 Checklist: Trust-Gated ELF Execution +# Scope 43 Checklist: Trust-Gated ELF Execution ## Scope - [x] Seed `systrust` (`trust=system`, not on name allowlist). - [x] `execute_trusted_manifest_elf` for system-trust programs only. -- [x] Covered by boot gate `dynamic_runtime` (`AresOS-BootGate: name=dynamic_runtime ok=true`) +- [x] Covered by boot gate `dynamic_runtime` (`ClanOS-BootGate: name=dynamic_runtime ok=true`) ## Validation - [x] `cargo check -p kernel` - [x] `cargo test -p kernel --features preemption --test preemption_integration` -- [x] `python scripts/gate/boot.py --phase 43 --timeout 180 +- [x] `python scripts/gate/boot.py --gate dynamic_runtime --timeout 180` ## Deferred diff --git a/docs/phase-44-checklist.md b/docs/scope-44-checklist.md similarity index 66% rename from docs/phase-44-checklist.md rename to docs/scope-44-checklist.md index 6b0e294..e672d0a 100644 --- a/docs/phase-44-checklist.md +++ b/docs/scope-44-checklist.md @@ -1,17 +1,17 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. -# Phase 44 Checklist: User Path Copyin +# Scope 44 Checklist: User Path Copyin ## Scope - [x] `ReadPathProbe` syscall with bounded path validation. -- [x] Covered by boot gate `dynamic_runtime` (`AresOS-BootGate: name=dynamic_runtime ok=true`) +- [x] Covered by boot gate `dynamic_runtime` (`ClanOS-BootGate: name=dynamic_runtime ok=true`) ## Validation - [x] `cargo check -p kernel` - [x] `cargo test -p kernel --features preemption --test preemption_integration` -- [x] `python scripts/gate/boot.py --phase 44 --timeout 180 +- [x] `python scripts/gate/boot.py --gate dynamic_runtime --timeout 180` ## Deferred diff --git a/docs/phase-45-checklist.md b/docs/scope-45-checklist.md similarity index 65% rename from docs/phase-45-checklist.md rename to docs/scope-45-checklist.md index 7920d5a..ba8d302 100644 --- a/docs/phase-45-checklist.md +++ b/docs/scope-45-checklist.md @@ -1,17 +1,17 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. -# Phase 45 Checklist: File Descriptor Table +# Scope 45 Checklist: File Descriptor Table ## Scope - [x] Bring-up FD table with `OpenFile` / `CloseFile` syscalls. -- [x] Covered by boot gate `dynamic_runtime` (`AresOS-BootGate: name=dynamic_runtime ok=true`) +- [x] Covered by boot gate `dynamic_runtime` (`ClanOS-BootGate: name=dynamic_runtime ok=true`) ## Validation - [x] `cargo check -p kernel` - [x] `cargo test -p kernel --features preemption --test preemption_integration` -- [x] `python scripts/gate/boot.py --phase 45 --timeout 180 +- [x] `python scripts/gate/boot.py --gate dynamic_runtime --timeout 180` ## Deferred diff --git a/docs/phase-46-checklist.md b/docs/scope-46-checklist.md similarity index 65% rename from docs/phase-46-checklist.md rename to docs/scope-46-checklist.md index e85ade6..bc269ee 100644 --- a/docs/phase-46-checklist.md +++ b/docs/scope-46-checklist.md @@ -1,17 +1,17 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. -# Phase 46 Checklist: FD Read/Write +# Scope 46 Checklist: FD Read/Write ## Scope - [x] `ReadFd` / `WriteFd` syscalls with validated user buffers. -- [x] Covered by boot gate `dynamic_runtime` (`AresOS-BootGate: name=dynamic_runtime ok=true`) +- [x] Covered by boot gate `dynamic_runtime` (`ClanOS-BootGate: name=dynamic_runtime ok=true`) ## Validation - [x] `cargo check -p kernel` - [x] `cargo test -p kernel --features preemption --test preemption_integration` -- [x] `python scripts/gate/boot.py --phase 46 --timeout 180 +- [x] `python scripts/gate/boot.py --gate dynamic_runtime --timeout 180` ## Deferred diff --git a/docs/phase-47-checklist.md b/docs/scope-47-checklist.md similarity index 65% rename from docs/phase-47-checklist.md rename to docs/scope-47-checklist.md index 11d25e1..77b4dd8 100644 --- a/docs/phase-47-checklist.md +++ b/docs/scope-47-checklist.md @@ -1,17 +1,17 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. -# Phase 47 Checklist: File-Backed Demand Paging +# Scope 47 Checklist: File-Backed Demand Paging ## Scope - [x] File-backed region at `0x500000` with demand map from storage. -- [x] Covered by boot gate `dynamic_runtime` (`AresOS-BootGate: name=dynamic_runtime ok=true`) +- [x] Covered by boot gate `dynamic_runtime` (`ClanOS-BootGate: name=dynamic_runtime ok=true`) ## Validation - [x] `cargo check -p kernel` - [x] `cargo test -p kernel --features preemption --test preemption_integration` -- [x] `python scripts/gate/boot.py --phase 47 --timeout 180 +- [x] `python scripts/gate/boot.py --gate dynamic_runtime --timeout 180` ## Deferred diff --git a/docs/phase-48-checklist.md b/docs/scope-48-checklist.md similarity index 65% rename from docs/phase-48-checklist.md rename to docs/scope-48-checklist.md index aabd70f..25f6273 100644 --- a/docs/phase-48-checklist.md +++ b/docs/scope-48-checklist.md @@ -1,17 +1,17 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. -# Phase 48 Checklist: W^X Mapping Policy +# Scope 48 Checklist: W^X Mapping Policy ## Scope - [x] Reject writable+executable user page flags in map paths. -- [x] Covered by boot gate `dynamic_runtime` (`AresOS-BootGate: name=dynamic_runtime ok=true`) +- [x] Covered by boot gate `dynamic_runtime` (`ClanOS-BootGate: name=dynamic_runtime ok=true`) ## Validation - [x] `cargo check -p kernel` - [x] `cargo test -p kernel --features preemption --test preemption_integration` -- [x] `python scripts/gate/boot.py --phase 48 --timeout 180 +- [x] `python scripts/gate/boot.py --gate dynamic_runtime --timeout 180` ## Deferred diff --git a/docs/phase-49-checklist.md b/docs/scope-49-checklist.md similarity index 68% rename from docs/phase-49-checklist.md rename to docs/scope-49-checklist.md index 6ea8e9b..5732e98 100644 --- a/docs/phase-49-checklist.md +++ b/docs/scope-49-checklist.md @@ -1,18 +1,18 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. -# Phase 49 Checklist: SMP Groundwork +# Scope 49 Checklist: SMP Groundwork ## Scope - [x] CPU count detection and AP accounting skeleton. - [x] TLB flush hook on user map paths. -- [x] Covered by boot gate `dynamic_runtime` (`AresOS-BootGate: name=dynamic_runtime ok=true`) +- [x] Covered by boot gate `dynamic_runtime` (`ClanOS-BootGate: name=dynamic_runtime ok=true`) ## Validation - [x] `cargo check -p kernel` - [x] `cargo test -p kernel --features preemption --test preemption_integration` -- [x] `python scripts/gate/boot.py --phase 49 --timeout 180 +- [x] `python scripts/gate/boot.py --gate dynamic_runtime --timeout 180` ## Deferred diff --git a/docs/phase-5-checklist.md b/docs/scope-5-checklist.md similarity index 89% rename from docs/phase-5-checklist.md rename to docs/scope-5-checklist.md index c54b087..3765813 100644 --- a/docs/phase-5-checklist.md +++ b/docs/scope-5-checklist.md @@ -1,13 +1,13 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. -# Phase 5 Checklist (Preemptive Scheduling & Process Foundation) +# Scope 5 Checklist (Preemptive Scheduling & Process Foundation) **Date**: 2026-05-06 **Status**: Complete ✅ ## Scope -Phase 5 builds on Phase 4's context switching infrastructure to establish: +Scope 5 builds on Scope 4's context switching infrastructure to establish: - Full preemptive scheduling as the default kernel mode - Process abstraction and isolation groundwork - Multi-task fairness and observability across 4+ concurrent tasks @@ -20,7 +20,7 @@ Phase 5 builds on Phase 4's context switching infrastructure to establish: 2. **Process Isolation**: Introduce `Process` abstraction with isolated address spaces 3. **Multi-task Fairness**: Extend round-robin scheduling beyond 2 demo tasks ✅ 4. **Observability**: Real-time preemption metrics and kernel telemetry -5. **System Calls**: Foundation for user-mode interaction (prep for Phase 6) +5. **System Calls**: Foundation for user-mode interaction (prep for Scope 6) ## Completion Criteria @@ -62,7 +62,7 @@ Phase 5 builds on Phase 4's context switching infrastructure to establish: - [x] Runtime configuration support for scheduler parameters (API-based) - `SCHEDULER_QUANTUM_TICKS` (default 5) - `MAX_PROCESSES` (default 256) - - `FAIRNESS_CHECK_INTERVAL_TICKS` (from Phase 4, verify still working) + - `FAIRNESS_CHECK_INTERVAL_TICKS` (from Scope 4, verify still working) - [x] Runtime parameter adjustment via kernel console ### 6. Integration & Testing @@ -91,7 +91,7 @@ Phase 5 builds on Phase 4's context switching infrastructure to establish: - [x] Consolidate IRQ preemption path (single, stable code path) - [x] No compiler warnings in preemptive builds -## Deferred Hardening (Phase 6 Candidate) +## Deferred Hardening (Scope 6 Candidate) - None. @@ -152,17 +152,17 @@ Pass criteria: ## Notes -- Single-core focus; multi-core support deferred to Phase 6 -- User-mode processes & address spaces deferred to Phase 6 (only kernel tasks in Phase 5) -- System calls API design begins in Phase 5; implementation in Phase 6 -- Phase 4's `context-lab` feature is the foundation; replaces it with stable `preemption` flag +- Single-core focus; multi-core support deferred to Scope 6 +- User-mode processes & address spaces deferred to Scope 6 (only kernel tasks in Scope 5) +- System calls API design begins in Scope 5; implementation in Scope 6 +- Scope 4's `context-lab` feature is the foundation; replaces it with stable `preemption` flag - **Day 1 Completed**: - ✅ Added `preemption` feature flag (non-experimental) - ✅ Per-task metrics tracking in `TaskMetrics` struct - ✅ Spawned 4 independent kernel tasks (kernel_task_1..4) - ✅ Counter tracking for fairness testing (`KERNEL_TASK_*_COUNT`) - ✅ Logging infrastructure for fairness monitoring - - ✅ All Phase 4 tests passing (27/27) + - ✅ All Scope 4 tests passing (27/27) ## Related PRs / Commits @@ -172,14 +172,14 @@ Pass criteria: - `cargo test -p kernel` ✅ - `cargo test -p kernel --features preemption` ✅ -- `./scripts/phase5-soak-check --duration 600 --min-samples 10` ✅ (passed 2026-03-23) -- `./scripts/phase5-latency-check --duration 120 --min-samples 5 --max-latency-ms 100` ✅ (passed 2026-03-23) +- `python scripts/preemption/soak.py --duration 600 --min-samples 10` ✅ (passed 2026-03-23) +- `python scripts/preemption/latency.py --duration 120 --min-samples 5 --max-latency-ms 100` ✅ (passed 2026-03-23) - `python scripts/validation_matrix.py --soak-duration 30 --latency-duration 30 --boot-wait 90 --smoke-timeout 180` ✅ (passed 2026-05-06, Windows + QEMU) - Remaining hardening validation: none --- -**Next Step**: Phase 6 user-space foundation and shell bring-up. +**Next Step**: Scope 6 user-space foundation and shell bring-up. ## Validation diff --git a/docs/phase-50-checklist.md b/docs/scope-50-checklist.md similarity index 56% rename from docs/phase-50-checklist.md rename to docs/scope-50-checklist.md index e573980..7282257 100644 --- a/docs/phase-50-checklist.md +++ b/docs/scope-50-checklist.md @@ -1,18 +1,18 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. -# Phase 50 Checklist: Integration Milestone (41–49) +# Scope 50 Checklist: Integration Milestone (41–49) ## Scope -- [x] `phase50_integration_smoke` validates phases 41–49 counters. -- [x] Covered by boot gate `dynamic_runtime` (`AresOS-BootGate: name=dynamic_runtime ok=true`) -- [x] Validation matrix entries for phases 41–50. +- [x] `smoke_dynamic_runtime_integration` validates scopes 41–49 counters. +- [x] Covered by boot gate `dynamic_runtime` (`ClanOS-BootGate: name=dynamic_runtime ok=true`) +- [x] Validation matrix entries for scopes 41–50. ## Validation - [x] `cargo check -p kernel` - [x] `cargo test -p kernel --features preemption --test preemption_integration` -- [x] `python scripts/gate/boot.py --phase 50 --timeout 180 +- [x] `python scripts/gate/boot.py --gate dynamic_runtime --timeout 180` - [x] `python scripts/validation_matrix.py` (full matrix PASS, 2026-05-22) ## Deferred diff --git a/docs/phase-51-checklist.md b/docs/scope-51-checklist.md similarity index 71% rename from docs/phase-51-checklist.md rename to docs/scope-51-checklist.md index c61ef6b..904a547 100644 --- a/docs/phase-51-checklist.md +++ b/docs/scope-51-checklist.md @@ -1,19 +1,19 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. -# Phase 51 Checklist: Per-Process FD Tables +# Scope 51 Checklist: Per-Process FD Tables ## Scope - [x] `MAX_FILES` raised to 24; directory expanded to 3 sectors. - [x] Per-process `fds` on `Process`; global `FD_TABLE` removed. - [x] `current_process_id` / `process_for_cr3` on CR3 activate. -- [x] Covered by boot gate `fd_mmap` (`AresOS-BootGate: name=fd_mmap ok=true`) +- [x] Covered by boot gate `fd_mmap` (`ClanOS-BootGate: name=fd_mmap ok=true`) ## Validation - [x] `cargo check -p kernel` - [x] `cargo test -p kernel --features preemption --test preemption_integration` -- [x] `python scripts/gate/boot.py --phase 51 --timeout 180 +- [x] `python scripts/gate/boot.py --gate fd_mmap --timeout 180` ## Deferred diff --git a/docs/phase-52-checklist.md b/docs/scope-52-checklist.md similarity index 67% rename from docs/phase-52-checklist.md rename to docs/scope-52-checklist.md index 22e96cd..d3af38b 100644 --- a/docs/phase-52-checklist.md +++ b/docs/scope-52-checklist.md @@ -1,18 +1,18 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. -# Phase 52 Checklist: Dup FD and CWD-Relative Open +# Scope 52 Checklist: Dup FD and CWD-Relative Open ## Scope - [x] `DupFd` syscall; per-process `cwd` (default `/`). - [x] Relative paths resolved under `cwd` for `OpenFile`. -- [x] Covered by boot gate `fd_mmap` (`AresOS-BootGate: name=fd_mmap ok=true`) +- [x] Covered by boot gate `fd_mmap` (`ClanOS-BootGate: name=fd_mmap ok=true`) ## Validation - [x] `cargo check -p kernel` - [x] `cargo test -p kernel --features preemption --test preemption_integration` -- [x] `python scripts/gate/boot.py --phase 52 --timeout 180 +- [x] `python scripts/gate/boot.py --gate fd_mmap --timeout 180` ## Deferred diff --git a/docs/phase-53-checklist.md b/docs/scope-53-checklist.md similarity index 68% rename from docs/phase-53-checklist.md rename to docs/scope-53-checklist.md index a676c10..2e63a64 100644 --- a/docs/phase-53-checklist.md +++ b/docs/scope-53-checklist.md @@ -1,18 +1,18 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. -# Phase 53 Checklist: mprotect and Guard Pages +# Scope 53 Checklist: mprotect and Guard Pages ## Scope - [x] `Mprotect` syscall with W^X enforcement. - [x] Stack guard page probe below default user stack. -- [x] Covered by boot gate `fd_mmap` (`AresOS-BootGate: name=fd_mmap ok=true`) +- [x] Covered by boot gate `fd_mmap` (`ClanOS-BootGate: name=fd_mmap ok=true`) ## Validation - [x] `cargo check -p kernel` - [x] `cargo test -p kernel --features preemption --test preemption_integration` -- [x] `python scripts/gate/boot.py --phase 53 --timeout 180 +- [x] `python scripts/gate/boot.py --gate fd_mmap --timeout 180` ## Deferred diff --git a/docs/phase-54-checklist.md b/docs/scope-54-checklist.md similarity index 69% rename from docs/phase-54-checklist.md rename to docs/scope-54-checklist.md index dae33b1..d5ec0d4 100644 --- a/docs/phase-54-checklist.md +++ b/docs/scope-54-checklist.md @@ -1,18 +1,18 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. -# Phase 54 Checklist: mmap Bring-Up +# Scope 54 Checklist: mmap Bring-Up ## Scope - [x] `Mmap` syscall: anonymous pages at `0x600000`. - [x] Read-only file mmap via demand paging at `0x500000+`. -- [x] Covered by boot gate `fd_mmap` (`AresOS-BootGate: name=fd_mmap ok=true`) +- [x] Covered by boot gate `fd_mmap` (`ClanOS-BootGate: name=fd_mmap ok=true`) ## Validation - [x] `cargo check -p kernel` - [x] `cargo test -p kernel --features preemption --test preemption_integration` -- [x] `python scripts/gate/boot.py --phase 54 --timeout 180 +- [x] `python scripts/gate/boot.py --gate fd_mmap --timeout 180` ## Deferred diff --git a/docs/phase-55-checklist.md b/docs/scope-55-checklist.md similarity index 67% rename from docs/phase-55-checklist.md rename to docs/scope-55-checklist.md index 7dd3d94..db18b18 100644 --- a/docs/phase-55-checklist.md +++ b/docs/scope-55-checklist.md @@ -1,18 +1,18 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. -# Phase 55 Checklist: User Write Path +# Scope 55 Checklist: User Write Path ## Scope - [x] `WritePathProbe` syscall for `/tmp/*` paths. - [x] Storage round-trip smoke. -- [x] Covered by boot gate `fd_mmap` (`AresOS-BootGate: name=fd_mmap ok=true`) +- [x] Covered by boot gate `fd_mmap` (`ClanOS-BootGate: name=fd_mmap ok=true`) ## Validation - [x] `cargo check -p kernel` - [x] `cargo test -p kernel --features preemption --test preemption_integration` -- [x] `python scripts/gate/boot.py --phase 55 --timeout 180 +- [x] `python scripts/gate/boot.py --gate fd_mmap --timeout 180` ## Deferred diff --git a/docs/phase-56-checklist.md b/docs/scope-56-checklist.md similarity index 68% rename from docs/phase-56-checklist.md rename to docs/scope-56-checklist.md index ba41e17..9b486c2 100644 --- a/docs/phase-56-checklist.md +++ b/docs/scope-56-checklist.md @@ -1,18 +1,18 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. -# Phase 56 Checklist: Multiple Shared Libraries +# Scope 56 Checklist: Multiple Shared Libraries ## Scope - [x] `/lib/<name>.elf` then `/bin/<name>.elf` search. - [x] Map `libc_stub` and `libaux_stub` when `libaux` marker present. -- [x] Covered by boot gate `fd_mmap` (`AresOS-BootGate: name=fd_mmap ok=true`) +- [x] Covered by boot gate `fd_mmap` (`ClanOS-BootGate: name=fd_mmap ok=true`) ## Validation - [x] `cargo check -p kernel` - [x] `cargo test -p kernel --features preemption --test preemption_integration` -- [x] `python scripts/gate/boot.py --phase 56 --timeout 180 +- [x] `python scripts/gate/boot.py --gate fd_mmap --timeout 180` ## Deferred diff --git a/docs/phase-57-checklist.md b/docs/scope-57-checklist.md similarity index 66% rename from docs/phase-57-checklist.md rename to docs/scope-57-checklist.md index 3626970..932e301 100644 --- a/docs/phase-57-checklist.md +++ b/docs/scope-57-checklist.md @@ -1,18 +1,18 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. -# Phase 57 Checklist: PLT JUMP_SLOT Relocations +# Scope 57 Checklist: PLT JUMP_SLOT Relocations ## Scope - [x] `R_X86_64_JUMP_SLOT` applied in `apply_dynamic_imports`. - [x] PLT counters in `plt_status()`. -- [x] Covered by boot gate `fd_mmap` (`AresOS-BootGate: name=fd_mmap ok=true`) +- [x] Covered by boot gate `fd_mmap` (`ClanOS-BootGate: name=fd_mmap ok=true`) ## Validation - [x] `cargo check -p kernel` - [x] `cargo test -p kernel --features preemption --test preemption_integration` -- [x] `python scripts/gate/boot.py --phase 57 --timeout 180 +- [x] `python scripts/gate/boot.py --gate fd_mmap --timeout 180` ## Deferred diff --git a/docs/phase-58-checklist.md b/docs/scope-58-checklist.md similarity index 67% rename from docs/phase-58-checklist.md rename to docs/scope-58-checklist.md index 96eed11..e00ba8f 100644 --- a/docs/phase-58-checklist.md +++ b/docs/scope-58-checklist.md @@ -1,18 +1,18 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. -# Phase 58 Checklist: Manifest Digest Trust +# Scope 58 Checklist: Manifest Digest Trust ## Scope - [x] `image_digest` SHA-256 module. - [x] `digest=sha256:<hex>` manifest field; verify on trusted exec. -- [x] Covered by boot gate `fd_mmap` (`AresOS-BootGate: name=fd_mmap ok=true`) +- [x] Covered by boot gate `fd_mmap` (`ClanOS-BootGate: name=fd_mmap ok=true`) ## Validation - [x] `cargo check -p kernel` - [x] `cargo test -p kernel --features preemption --test preemption_integration` -- [x] `python scripts/gate/boot.py --phase 58 --timeout 180 +- [x] `python scripts/gate/boot.py --gate fd_mmap --timeout 180` ## Deferred diff --git a/docs/phase-59-checklist.md b/docs/scope-59-checklist.md similarity index 67% rename from docs/phase-59-checklist.md rename to docs/scope-59-checklist.md index 7ddf4c4..ea1bd86 100644 --- a/docs/phase-59-checklist.md +++ b/docs/scope-59-checklist.md @@ -1,18 +1,18 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. -# Phase 59 Checklist: Per-CPU Runqueue Skeleton +# Scope 59 Checklist: Per-CPU Runqueue Skeleton ## Scope - [x] Per-CPU enqueue counters on scheduler preempt. - [x] APs remain parked; BSP accounts runnable work. -- [x] Covered by boot gate `fd_mmap` (`AresOS-BootGate: name=fd_mmap ok=true`) +- [x] Covered by boot gate `fd_mmap` (`ClanOS-BootGate: name=fd_mmap ok=true`) ## Validation - [x] `cargo check -p kernel` - [x] `cargo test -p kernel --features preemption --test preemption_integration` -- [x] `python scripts/gate/boot.py --phase 59 --timeout 180 +- [x] `python scripts/gate/boot.py --gate fd_mmap --timeout 180` ## Deferred diff --git a/docs/phase-6-checklist.md b/docs/scope-6-checklist.md similarity index 79% rename from docs/phase-6-checklist.md rename to docs/scope-6-checklist.md index 61f7270..1a746df 100644 --- a/docs/phase-6-checklist.md +++ b/docs/scope-6-checklist.md @@ -1,6 +1,6 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. -# Phase 6 Checklist (User Space, Shell, Storage, Syscalls, Stabilization) +# Scope 6 Checklist (User Space, Shell, Storage, Syscalls, Stabilization) **Date**: 2026-05-06 **Status**: Complete ✅ @@ -31,15 +31,15 @@ ## 5. Stabilization & QA -- [x] `scripts/gate/boot.py --phase 6` for quick validation +- [x] `python scripts/gate/boot.py --gate shell_storage --timeout 180` for quick validation - [x] Build-level validation via `cargo check -p kernel` -- [x] Existing Phase 5 checks retained for latency/fairness coverage +- [x] Existing Scope 5 checks retained for latency/fairness coverage - [x] One-command validation matrix (`scripts/validation_matrix.py`) with PASS/FAIL output and thresholds ## Validation ```bash cargo check -p kernel -python scripts/gate/boot.py --phase 6 --timeout 180 +python scripts/gate/boot.py --gate shell_storage --timeout 180 python scripts/validation_matrix.py --soak-duration 30 --latency-duration 30 --boot-wait 90 --smoke-timeout 180 ``` diff --git a/docs/scope-60-checklist.md b/docs/scope-60-checklist.md new file mode 100644 index 0000000..98f1987 --- /dev/null +++ b/docs/scope-60-checklist.md @@ -0,0 +1,20 @@ +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. + +# Scope 60 Checklist: Integration Milestone (51–59) + +## Scope + +- [x] `smoke_fd_mmap_integration` validates cumulative scope 51–59 counters. +- [x] Covered by boot gate `fd_mmap` (`ClanOS-BootGate: name=fd_mmap ok=true`) +- [x] Validation matrix entries for scopes 51–60. + +## Validation + +- [x] `cargo check -p kernel` +- [x] `cargo test -p kernel --features preemption --test preemption_integration` +- [x] `python scripts/gate/boot.py --gate fd_mmap --timeout 180` +- [ ] `python scripts/validation_matrix.py --from-check scope51-proc-fd-check` (optional full matrix) + +## Deferred + +- [ ] Production SMP; arbitrary ELF; full VMA tree. diff --git a/docs/phase-61-checklist.md b/docs/scope-61-checklist.md similarity index 68% rename from docs/phase-61-checklist.md rename to docs/scope-61-checklist.md index 02d716a..74f9d8b 100644 --- a/docs/phase-61-checklist.md +++ b/docs/scope-61-checklist.md @@ -1,18 +1,18 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. -# Phase 61 Checklist: chdir and Path Normalization +# Scope 61 Checklist: chdir and Path Normalization ## Scope - [x] `Chdir = 74` syscall with bounded path copyin. - [x] `normalize_absolute_path` collapses `..` segments in resolved paths. -- [x] Covered by boot gate `vm_fork` (`AresOS-BootGate: name=vm_fork ok=true`) +- [x] Covered by boot gate `vm_fork` (`ClanOS-BootGate: name=vm_fork ok=true`) ## Validation - [x] `cargo check -p kernel` - [x] `cargo test -p kernel --features preemption --test preemption_integration` -- [x] `python scripts/gate/boot.py --phase 61 --timeout 180 +- [x] `python scripts/gate/boot.py --gate vm_fork --timeout 180` ## Deferred diff --git a/docs/phase-62-checklist.md b/docs/scope-62-checklist.md similarity index 72% rename from docs/phase-62-checklist.md rename to docs/scope-62-checklist.md index 2d8b27b..bce821f 100644 --- a/docs/phase-62-checklist.md +++ b/docs/scope-62-checklist.md @@ -1,19 +1,19 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. -# Phase 62 Checklist: munmap +# Scope 62 Checklist: munmap ## Scope - [x] `Munmap = 75` syscall for anon and file mmap pages. - [x] Reject unmap of image-backed executable ranges. - [x] TLB shootdown via `smp::request_tlb_shootdown`. -- [x] Covered by boot gate `vm_fork` (`AresOS-BootGate: name=vm_fork ok=true`) +- [x] Covered by boot gate `vm_fork` (`ClanOS-BootGate: name=vm_fork ok=true`) ## Validation - [x] `cargo check -p kernel` - [x] `cargo test -p kernel --features preemption --test preemption_integration` -- [x] `python scripts/gate/boot.py --phase 62 --timeout 180 +- [x] `python scripts/gate/boot.py --gate vm_fork --timeout 180` ## Deferred diff --git a/docs/phase-63-checklist.md b/docs/scope-63-checklist.md similarity index 68% rename from docs/phase-63-checklist.md rename to docs/scope-63-checklist.md index ed0f569..5080013 100644 --- a/docs/phase-63-checklist.md +++ b/docs/scope-63-checklist.md @@ -1,18 +1,18 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. -# Phase 63 Checklist: Per-Process VMA Registry +# Scope 63 Checklist: Per-Process VMA Registry ## Scope - [x] `kernel/src/vma.rs` region list on `Process`. - [x] mmap/munmap register and unregister regions; overlap rejection. -- [x] Covered by boot gate `vm_fork` (`AresOS-BootGate: name=vm_fork ok=true`) +- [x] Covered by boot gate `vm_fork` (`ClanOS-BootGate: name=vm_fork ok=true`) ## Validation - [x] `cargo check -p kernel` - [x] `cargo test -p kernel --features preemption --test preemption_integration` -- [x] `python scripts/gate/boot.py --phase 63 --timeout 180 +- [x] `python scripts/gate/boot.py --gate vm_fork --timeout 180` ## Deferred diff --git a/docs/phase-64-checklist.md b/docs/scope-64-checklist.md similarity index 66% rename from docs/phase-64-checklist.md rename to docs/scope-64-checklist.md index eca7488..ca69549 100644 --- a/docs/phase-64-checklist.md +++ b/docs/scope-64-checklist.md @@ -1,18 +1,18 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. -# Phase 64 Checklist: Fork-Lite with FD Inheritance +# Scope 64 Checklist: Fork-Lite with FD Inheritance ## Scope - [x] `ForkLite = 76` creates child with inherited `fds` and `cwd`. - [x] No page-table clone (FD isolation smoke only). -- [x] Covered by boot gate `vm_fork` (`AresOS-BootGate: name=vm_fork ok=true`) +- [x] Covered by boot gate `vm_fork` (`ClanOS-BootGate: name=vm_fork ok=true`) ## Validation - [x] `cargo check -p kernel` - [x] `cargo test -p kernel --features preemption --test preemption_integration` -- [x] `python scripts/gate/boot.py --phase 64 --timeout 180 +- [x] `python scripts/gate/boot.py --gate vm_fork --timeout 180` ## Deferred diff --git a/docs/phase-65-checklist.md b/docs/scope-65-checklist.md similarity index 68% rename from docs/phase-65-checklist.md rename to docs/scope-65-checklist.md index 9b0b286..11b01d4 100644 --- a/docs/phase-65-checklist.md +++ b/docs/scope-65-checklist.md @@ -1,18 +1,18 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. -# Phase 65 Checklist: Ring 3 HW Syscall Probes +# Scope 65 Checklist: Ring 3 HW Syscall Probes ## Scope - [x] Hardware `syscall` stub exercises `WritePathProbe` and `Mprotect`. - [x] Ring 3 counters in `user_syscall_hw`. -- [x] Covered by boot gate `vm_fork` (`AresOS-BootGate: name=vm_fork ok=true`) +- [x] Covered by boot gate `vm_fork` (`ClanOS-BootGate: name=vm_fork ok=true`) ## Validation - [x] `cargo check -p kernel` - [x] `cargo test -p kernel --features preemption --test preemption_integration` -- [x] `python scripts/gate/boot.py --phase 65 --timeout 180 +- [x] `python scripts/gate/boot.py --gate vm_fork --timeout 180` ## Deferred diff --git a/docs/phase-66-checklist.md b/docs/scope-66-checklist.md similarity index 67% rename from docs/phase-66-checklist.md rename to docs/scope-66-checklist.md index 4a89261..8c3b821 100644 --- a/docs/phase-66-checklist.md +++ b/docs/scope-66-checklist.md @@ -1,18 +1,18 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. -# Phase 66 Checklist: Minimal fcntl Stub +# Scope 66 Checklist: Minimal fcntl Stub ## Scope - [x] `Fcntl = 77` supports `F_GETFD` and `F_DUPFD`. - [x] Unknown commands rejected with counter. -- [x] Covered by boot gate `vm_fork` (`AresOS-BootGate: name=vm_fork ok=true`) +- [x] Covered by boot gate `vm_fork` (`ClanOS-BootGate: name=vm_fork ok=true`) ## Validation - [x] `cargo check -p kernel` - [x] `cargo test -p kernel --features preemption --test preemption_integration` -- [x] `python scripts/gate/boot.py --phase 66 --timeout 180 +- [x] `python scripts/gate/boot.py --gate vm_fork --timeout 180` ## Deferred diff --git a/docs/phase-67-checklist.md b/docs/scope-67-checklist.md similarity index 68% rename from docs/phase-67-checklist.md rename to docs/scope-67-checklist.md index e0b9d94..a7a5edc 100644 --- a/docs/phase-67-checklist.md +++ b/docs/scope-67-checklist.md @@ -1,18 +1,18 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. -# Phase 67 Checklist: Lazy PLT Resolution +# Scope 67 Checklist: Lazy PLT Resolution ## Scope - [x] `apply_dynamic_imports_lazy` defers `R_X86_64_JUMP_SLOT`. - [x] `bind_lazy_plt` applies slots on demand. -- [x] Covered by boot gate `vm_fork` (`AresOS-BootGate: name=vm_fork ok=true`) +- [x] Covered by boot gate `vm_fork` (`ClanOS-BootGate: name=vm_fork ok=true`) ## Validation - [x] `cargo check -p kernel` - [x] `cargo test -p kernel --features preemption --test preemption_integration` -- [x] `python scripts/gate/boot.py --phase 67 --timeout 180 +- [x] `python scripts/gate/boot.py --gate vm_fork --timeout 180` ## Deferred diff --git a/docs/phase-68-checklist.md b/docs/scope-68-checklist.md similarity index 67% rename from docs/phase-68-checklist.md rename to docs/scope-68-checklist.md index 98336ca..37c0121 100644 --- a/docs/phase-68-checklist.md +++ b/docs/scope-68-checklist.md @@ -1,18 +1,18 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. -# Phase 68 Checklist: Cross-CPU TLB Shootdown Accounting +# Scope 68 Checklist: Cross-CPU TLB Shootdown Accounting ## Scope - [x] `request_tlb_shootdown` records per-CPU request/complete counts. - [x] munmap and demand-map paths use shootdown helper. -- [x] Covered by boot gate `vm_fork` (`AresOS-BootGate: name=vm_fork ok=true`) +- [x] Covered by boot gate `vm_fork` (`ClanOS-BootGate: name=vm_fork ok=true`) ## Validation - [x] `cargo check -p kernel` - [x] `cargo test -p kernel --features preemption --test preemption_integration` -- [x] `python scripts/gate/boot.py --phase 68 --timeout 180 +- [x] `python scripts/gate/boot.py --gate vm_fork --timeout 180` ## Deferred diff --git a/docs/phase-69-checklist.md b/docs/scope-69-checklist.md similarity index 66% rename from docs/phase-69-checklist.md rename to docs/scope-69-checklist.md index 9e9f699..c991359 100644 --- a/docs/phase-69-checklist.md +++ b/docs/scope-69-checklist.md @@ -1,18 +1,18 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. -# Phase 69 Checklist: AP Idle Trampoline Accounting +# Scope 69 Checklist: AP Idle Trampoline Accounting ## Scope - [x] AP idle tick counter when `cpus > 1`. - [x] BSP still runs all scheduler work. -- [x] Covered by boot gate `vm_fork` (`AresOS-BootGate: name=vm_fork ok=true`) +- [x] Covered by boot gate `vm_fork` (`ClanOS-BootGate: name=vm_fork ok=true`) ## Validation - [x] `cargo check -p kernel` - [x] `cargo test -p kernel --features preemption --test preemption_integration` -- [x] `python scripts/gate/boot.py --phase 69 --timeout 180 +- [x] `python scripts/gate/boot.py --gate vm_fork --timeout 180` ## Deferred diff --git a/docs/phase-7-checklist.md b/docs/scope-7-checklist.md similarity index 84% rename from docs/phase-7-checklist.md rename to docs/scope-7-checklist.md index a3a723a..c14e325 100644 --- a/docs/phase-7-checklist.md +++ b/docs/scope-7-checklist.md @@ -1,6 +1,6 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. -# Phase 7 Checklist (Persistent Storage Bring-Up) +# Scope 7 Checklist (Persistent Storage Bring-Up) **Date**: 2026-05-13 **Status**: Complete @@ -31,8 +31,8 @@ ## 4. Validation -- [x] Covered by boot gate `shell_storage` (`AresOS-BootGate: name=shell_storage ok=true`) -- [x] `scripts/gate/boot.py --phase 7` for QEMU-backed validation +- [x] Covered by boot gate `shell_storage` (`ClanOS-BootGate: name=shell_storage ok=true`) +- [x] `python scripts/gate/boot.py --gate shell_storage --timeout 180` for QEMU-backed validation - [x] `scripts/validation_matrix.py` includes `boot-gate-check` - [x] Integration tests cover remount persistence and syscall file lifecycle @@ -40,7 +40,7 @@ ```bash cargo check -p kernel -python scripts/gate/boot.py --phase 7 --timeout 180 +python scripts/gate/boot.py --gate shell_storage --timeout 180 python scripts/validation_matrix.py --smoke-timeout 180 ``` diff --git a/docs/phase-70-checklist.md b/docs/scope-70-checklist.md similarity index 51% rename from docs/phase-70-checklist.md rename to docs/scope-70-checklist.md index eb261da..ce4ca72 100644 --- a/docs/phase-70-checklist.md +++ b/docs/scope-70-checklist.md @@ -1,19 +1,19 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. -# Phase 70 Checklist: Integration Milestone (61–69) +# Scope 70 Checklist: Integration Milestone (61–69) ## Scope -- [x] `phase70_integration_smoke` validates cumulative phase 61–69 counters. -- [x] Covered by boot gate `vm_fork` (`AresOS-BootGate: name=vm_fork ok=true`) -- [x] Validation matrix entries for phases 61–70. +- [x] `smoke_vm_fork_integration` validates cumulative scope 61–69 counters. +- [x] Covered by boot gate `vm_fork` (`ClanOS-BootGate: name=vm_fork ok=true`) +- [x] Validation matrix entries for scopes 61–70. ## Validation - [x] `cargo check -p kernel` - [x] `cargo test -p kernel --features preemption --test preemption_integration` -- [x] `python scripts/gate/boot.py --phase 70 --timeout 180 -- [ ] `python scripts/validation_matrix.py --from-check phase61-chdir-check` (optional full matrix) +- [x] `python scripts/gate/boot.py --gate vm_fork --timeout 180` +- [ ] `python scripts/validation_matrix.py --from-check scope61-chdir-check` (optional full matrix) ## Deferred diff --git a/docs/phase-71-checklist.md b/docs/scope-71-checklist.md similarity index 69% rename from docs/phase-71-checklist.md rename to docs/scope-71-checklist.md index f043e9d..d1be81b 100644 --- a/docs/phase-71-checklist.md +++ b/docs/scope-71-checklist.md @@ -1,18 +1,18 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. -# Phase 71 Checklist: HW `syscall` / `sysret` Return Path +# Scope 71 Checklist: HW `syscall` / `sysret` Return Path ## Scope - [x] `run_hw_syscall_probe` uses hardware `syscall` stub and `sysret` return. - [x] `SYSRET_APPLIED` and `HW_SYSCALL_PROBES` counters in `user_syscall_hw`. -- [x] Covered by boot gate `syscall_ring3` (`AresOS-BootGate: name=syscall_ring3 ok=true`) +- [x] Covered by boot gate `syscall_ring3` (`ClanOS-BootGate: name=syscall_ring3 ok=true`) ## Validation - [x] `cargo check -p kernel` - [x] `cargo test -p kernel --features preemption --test preemption_integration` -- [x] `python scripts/gate/boot.py --phase 71 --timeout 180 +- [x] `python scripts/gate/boot.py --gate syscall_ring3 --timeout 180` ## Deferred diff --git a/docs/phase-72-checklist.md b/docs/scope-72-checklist.md similarity index 59% rename from docs/phase-72-checklist.md rename to docs/scope-72-checklist.md index f1e3627..72cf372 100644 --- a/docs/phase-72-checklist.md +++ b/docs/scope-72-checklist.md @@ -1,18 +1,18 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. -# Phase 72 Checklist: Ring 3 `chdir` from User +# Scope 72 Checklist: Ring 3 `chdir` from User ## Scope - [x] Ring 3 HW stub passes user path in `rdi` for `Chdir`. -- [x] `RING3_CHDIRS` counter and `phase72_smoke`. -- [x] Covered by boot gate `syscall_ring3` (`AresOS-BootGate: name=syscall_ring3 ok=true`) +- [x] `RING3_CHDIRS` counter and `smoke_ring3_chdir`. +- [x] Covered by boot gate `syscall_ring3` (`ClanOS-BootGate: name=syscall_ring3 ok=true`) ## Validation - [x] `cargo check -p kernel` - [x] `cargo test -p kernel --features preemption --test preemption_integration` -- [x] `python scripts/gate/boot.py --phase 72 --timeout 180 +- [x] `python scripts/gate/boot.py --gate syscall_ring3 --timeout 180` ## Deferred diff --git a/docs/phase-73-checklist.md b/docs/scope-73-checklist.md similarity index 68% rename from docs/phase-73-checklist.md rename to docs/scope-73-checklist.md index 5bf03cb..5afd468 100644 --- a/docs/phase-73-checklist.md +++ b/docs/scope-73-checklist.md @@ -1,18 +1,18 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. -# Phase 73 Checklist: `munmap` with Length +# Scope 73 Checklist: `munmap` with Length ## Scope - [x] `Munmap` uses `arg1` as page-aligned length. - [x] `vma::truncate_region` for partial unmap; image base rejected. -- [x] Covered by boot gate `syscall_ring3` (`AresOS-BootGate: name=syscall_ring3 ok=true`) +- [x] Covered by boot gate `syscall_ring3` (`ClanOS-BootGate: name=syscall_ring3 ok=true`) ## Validation - [x] `cargo check -p kernel` - [x] `cargo test -p kernel --features preemption --test preemption_integration` -- [x] `python scripts/gate/boot.py --phase 73 --timeout 180 +- [x] `python scripts/gate/boot.py --gate syscall_ring3 --timeout 180` ## Deferred diff --git a/docs/phase-74-checklist.md b/docs/scope-74-checklist.md similarity index 67% rename from docs/phase-74-checklist.md rename to docs/scope-74-checklist.md index 82fa061..be7e5d8 100644 --- a/docs/phase-74-checklist.md +++ b/docs/scope-74-checklist.md @@ -1,18 +1,18 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. -# Phase 74 Checklist: `WaitLite` on Fork-Lite Child +# Scope 74 Checklist: `WaitLite` on Fork-Lite Child ## Scope - [x] `WaitLite = 78` waits for fork-lite child exit code. - [x] `ExitProcess` records exit on current/smoke process. -- [x] Covered by boot gate `syscall_ring3` (`AresOS-BootGate: name=syscall_ring3 ok=true`) +- [x] Covered by boot gate `syscall_ring3` (`ClanOS-BootGate: name=syscall_ring3 ok=true`) ## Validation - [x] `cargo check -p kernel` - [x] `cargo test -p kernel --features preemption --test preemption_integration` -- [x] `python scripts/gate/boot.py --phase 74 --timeout 180 +- [x] `python scripts/gate/boot.py --gate syscall_ring3 --timeout 180` ## Deferred diff --git a/docs/phase-75-checklist.md b/docs/scope-75-checklist.md similarity index 68% rename from docs/phase-75-checklist.md rename to docs/scope-75-checklist.md index 36e2751..bcba53c 100644 --- a/docs/phase-75-checklist.md +++ b/docs/scope-75-checklist.md @@ -1,18 +1,18 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. -# Phase 75 Checklist: `syscallprobe` User ELF Manifest +# Scope 75 Checklist: `syscallprobe` User ELF Manifest ## Scope - [x] `/bin/syscallprobe` manifest and ELF seeded in storage. - [x] HW syscall probes for `WritePathProbe` and `Mprotect`. -- [x] Covered by boot gate `syscall_ring3` (`AresOS-BootGate: name=syscall_ring3 ok=true`) +- [x] Covered by boot gate `syscall_ring3` (`ClanOS-BootGate: name=syscall_ring3 ok=true`) ## Validation - [x] `cargo check -p kernel` - [x] `cargo test -p kernel --features preemption --test preemption_integration` -- [x] `python scripts/gate/boot.py --phase 75 --timeout 180 +- [x] `python scripts/gate/boot.py --gate syscall_ring3 --timeout 180` ## Deferred diff --git a/docs/phase-76-checklist.md b/docs/scope-76-checklist.md similarity index 66% rename from docs/phase-76-checklist.md rename to docs/scope-76-checklist.md index f69ef8e..9f8a47c 100644 --- a/docs/phase-76-checklist.md +++ b/docs/scope-76-checklist.md @@ -1,18 +1,18 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. -# Phase 76 Checklist: `fcntl` `F_SETFD` / Close-on-Exec +# Scope 76 Checklist: `fcntl` `F_SETFD` / Close-on-Exec ## Scope - [x] `F_SETFD` sets per-FD flags (`FD_CLOEXEC`). - [x] `F_GETFD` returns stored flags. -- [x] Covered by boot gate `syscall_ring3` (`AresOS-BootGate: name=syscall_ring3 ok=true`) +- [x] Covered by boot gate `syscall_ring3` (`ClanOS-BootGate: name=syscall_ring3 ok=true`) ## Validation - [x] `cargo check -p kernel` - [x] `cargo test -p kernel --features preemption --test preemption_integration` -- [x] `python scripts/gate/boot.py --phase 76 --timeout 180 +- [x] `python scripts/gate/boot.py --gate syscall_ring3 --timeout 180` ## Deferred diff --git a/docs/phase-77-checklist.md b/docs/scope-77-checklist.md similarity index 60% rename from docs/phase-77-checklist.md rename to docs/scope-77-checklist.md index 746bfcd..f957cdf 100644 --- a/docs/phase-77-checklist.md +++ b/docs/scope-77-checklist.md @@ -1,18 +1,18 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. -# Phase 77 Checklist: Ring 3 Lazy PLT First Call +# Scope 77 Checklist: Ring 3 Lazy PLT First Call ## Scope - [x] `RING3_PLT_BOUND` when lazy bind runs under Ring 3 smoke flag. -- [x] `phase77_smoke` extends lazy PLT bring-up. -- [x] Covered by boot gate `syscall_ring3` (`AresOS-BootGate: name=syscall_ring3 ok=true`) +- [x] `smoke_ring3_lazy_plt` extends lazy PLT bring-up. +- [x] Covered by boot gate `syscall_ring3` (`ClanOS-BootGate: name=syscall_ring3 ok=true`) ## Validation - [x] `cargo check -p kernel` - [x] `cargo test -p kernel --features preemption --test preemption_integration` -- [x] `python scripts/gate/boot.py --phase 77 --timeout 180 +- [x] `python scripts/gate/boot.py --gate syscall_ring3 --timeout 180` ## Deferred diff --git a/docs/phase-78-checklist.md b/docs/scope-78-checklist.md similarity index 69% rename from docs/phase-78-checklist.md rename to docs/scope-78-checklist.md index 7e09ec2..f2bfe3c 100644 --- a/docs/phase-78-checklist.md +++ b/docs/scope-78-checklist.md @@ -1,18 +1,18 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. -# Phase 78 Checklist: IPI TLB Shootdown Stub +# Scope 78 Checklist: IPI TLB Shootdown Stub ## Scope - [x] `IPI_SHOOTDOWN_SENT` / `IPI_SHOOTDOWN_ACKED` on `request_tlb_shootdown`. - [x] BSP still performs `flush_all`; logical IPI accounting for QEMU. -- [x] Covered by boot gate `syscall_ring3` (`AresOS-BootGate: name=syscall_ring3 ok=true`) +- [x] Covered by boot gate `syscall_ring3` (`ClanOS-BootGate: name=syscall_ring3 ok=true`) ## Validation - [x] `cargo check -p kernel` - [x] `cargo test -p kernel --features preemption --test preemption_integration` -- [x] `python scripts/gate/boot.py --phase 78 --timeout 180 +- [x] `python scripts/gate/boot.py --gate syscall_ring3 --timeout 180` ## Deferred diff --git a/docs/phase-79-checklist.md b/docs/scope-79-checklist.md similarity index 68% rename from docs/phase-79-checklist.md rename to docs/scope-79-checklist.md index 4615c87..ea93eb2 100644 --- a/docs/phase-79-checklist.md +++ b/docs/scope-79-checklist.md @@ -1,18 +1,18 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. -# Phase 79 Checklist: AP Idle Trampoline Entry +# Scope 79 Checklist: AP Idle Trampoline Entry ## Scope - [x] `ap_idle_trampoline` executes `hlt` and increments idle counters. - [x] `AP_TRAMPOLINE_ENTERED` accounting on SMP init. -- [x] Covered by boot gate `syscall_ring3` (`AresOS-BootGate: name=syscall_ring3 ok=true`) +- [x] Covered by boot gate `syscall_ring3` (`ClanOS-BootGate: name=syscall_ring3 ok=true`) ## Validation - [x] `cargo check -p kernel` - [x] `cargo test -p kernel --features preemption --test preemption_integration` -- [x] `python scripts/gate/boot.py --phase 79 --timeout 180 +- [x] `python scripts/gate/boot.py --gate syscall_ring3 --timeout 180` ## Deferred diff --git a/docs/phase-8-checklist.md b/docs/scope-8-checklist.md similarity index 83% rename from docs/phase-8-checklist.md rename to docs/scope-8-checklist.md index c50afb8..9b85949 100644 --- a/docs/phase-8-checklist.md +++ b/docs/scope-8-checklist.md @@ -1,6 +1,6 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. -# Phase 8 Checklist (Device & Block Driver Bring-Up) +# Scope 8 Checklist (Device & Block Driver Bring-Up) **Date**: 2026-05-13 **Status**: Complete @@ -29,7 +29,7 @@ ## 4. QEMU-Friendly Backend - [x] Simulated QEMU-style driver-backed block backend -- [x] Phase 7 `SimpleFs` mounted through managed block-device backend +- [x] Scope 7 `SimpleFs` mounted through managed block-device backend - [x] Read/write/remount smoke check through driver-backed path ## 5. Shell, Syscalls, and Observability @@ -37,11 +37,11 @@ - [x] Shell commands: `devices`, `blk list`, `blk info <id>`, `mount <block-id>` - [x] Device/block count syscalls - [x] `fsinfo` reports block-device count -- [x] Covered by boot gate `shell_storage` (`AresOS-BootGate: name=shell_storage ok=true`) +- [x] Covered by boot gate `shell_storage` (`ClanOS-BootGate: name=shell_storage ok=true`) ## 6. Validation -- [x] `scripts/gate/boot.py --phase 8` for QEMU-backed validation +- [x] `python scripts/gate/boot.py --gate shell_storage --timeout 180` for QEMU-backed validation - [x] `scripts/validation_matrix.py` includes `boot-gate-check` - [x] Integration tests cover device registry, block registry, and storage-through-manager behavior @@ -49,7 +49,7 @@ ```bash cargo check -p kernel -python scripts/gate/boot.py --phase 8 --timeout 180 +python scripts/gate/boot.py --gate shell_storage --timeout 180 python scripts/validation_matrix.py --smoke-timeout 180 ``` diff --git a/docs/phase-80-checklist.md b/docs/scope-80-checklist.md similarity index 50% rename from docs/phase-80-checklist.md rename to docs/scope-80-checklist.md index f437304..c51a070 100644 --- a/docs/phase-80-checklist.md +++ b/docs/scope-80-checklist.md @@ -1,19 +1,19 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. -# Phase 80 Checklist: Integration Milestone (71–79) +# Scope 80 Checklist: Integration Milestone (71–79) ## Scope -- [x] `phase80_integration_smoke` validates cumulative phase 71–79 counters. -- [x] Covered by boot gate `syscall_ring3` (`AresOS-BootGate: name=syscall_ring3 ok=true`) -- [x] Validation matrix entries for phases 71–80. +- [x] `smoke_syscall_ring3_integration` validates cumulative scope 71–79 counters. +- [x] Covered by boot gate `syscall_ring3` (`ClanOS-BootGate: name=syscall_ring3 ok=true`) +- [x] Validation matrix entries for scopes 71–80. ## Validation - [x] `cargo check -p kernel` - [x] `cargo test -p kernel --features preemption --test preemption_integration` -- [x] `python scripts/gate/boot.py --phase 80 --timeout 180 -- [ ] `python scripts/validation_matrix.py --from-check phase71-sysret-check` (optional full matrix) +- [x] `python scripts/gate/boot.py --gate syscall_ring3 --timeout 180` +- [ ] `python scripts/validation_matrix.py --from-check scope71-sysret-check` (optional full matrix) ## Deferred diff --git a/docs/phase-81-checklist.md b/docs/scope-81-checklist.md similarity index 72% rename from docs/phase-81-checklist.md rename to docs/scope-81-checklist.md index b274994..7c3ef62 100644 --- a/docs/phase-81-checklist.md +++ b/docs/scope-81-checklist.md @@ -1,18 +1,18 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. -# Phase 81 Checklist: Real HW `syscall` / `sysret` +# Scope 81 Checklist: Real HW `syscall` / `sysret` ## Scope - [x] `HW_SYSRET_REAL` counter distinct from int 0x80 `SYSRET_APPLIED`. -- [x] Covered by boot gate `path_exec` (`AresOS-BootGate: name=path_exec ok=true`) +- [x] Covered by boot gate `path_exec` (`ClanOS-BootGate: name=path_exec ok=true`) - [x] Optional `hw-sysret-probe` feature for QEMU HW probe (host tests use counter stub). ## Validation - [x] `cargo check -p kernel` - [x] `cargo test -p kernel --features preemption --test preemption_integration` -- [x] `python scripts/gate/boot.py --phase 81 --timeout 180 +- [x] `python scripts/gate/boot.py --gate path_exec --timeout 180` ## Deferred diff --git a/docs/phase-82-checklist.md b/docs/scope-82-checklist.md similarity index 64% rename from docs/phase-82-checklist.md rename to docs/scope-82-checklist.md index 320c622..03deb5a 100644 --- a/docs/phase-82-checklist.md +++ b/docs/scope-82-checklist.md @@ -1,16 +1,16 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. -# Phase 82 Checklist: `getcwd` Syscall +# Scope 82 Checklist: `getcwd` Syscall ## Scope - [x] `GetCwd = 79` copies normalized process cwd to user buffer. -- [x] Covered by boot gate `path_exec` (`AresOS-BootGate: name=path_exec ok=true`) +- [x] Covered by boot gate `path_exec` (`ClanOS-BootGate: name=path_exec ok=true`) ## Validation - [x] `cargo test -p kernel --features preemption --test preemption_integration` -- [x] `python scripts/gate/boot.py --phase 82 --timeout 180 +- [x] `python scripts/gate/boot.py --gate path_exec --timeout 180` ## Deferred diff --git a/docs/phase-83-checklist.md b/docs/scope-83-checklist.md similarity index 68% rename from docs/phase-83-checklist.md rename to docs/scope-83-checklist.md index b177ada..c4950a5 100644 --- a/docs/phase-83-checklist.md +++ b/docs/scope-83-checklist.md @@ -1,17 +1,17 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. -# Phase 83 Checklist: `chdirprobe` User ELF +# Scope 83 Checklist: `chdirprobe` User ELF ## Scope - [x] `/bin/chdirprobe` manifest + ELF seeds; allowlisted loader name. - [x] Smoke: `Chdir` to `/tmp` then `GetCwd` verify; `CHDIRPROBE_OK` counter. -- [x] Covered by boot gate `path_exec` (`AresOS-BootGate: name=path_exec ok=true`) +- [x] Covered by boot gate `path_exec` (`ClanOS-BootGate: name=path_exec ok=true`) ## Validation - [x] `cargo test -p kernel --features preemption --test preemption_integration` -- [x] `python scripts/gate/boot.py --phase 83 --timeout 180 +- [x] `python scripts/gate/boot.py --gate path_exec --timeout 180` ## Deferred diff --git a/docs/phase-84-checklist.md b/docs/scope-84-checklist.md similarity index 65% rename from docs/phase-84-checklist.md rename to docs/scope-84-checklist.md index 19f5975..e2ddad0 100644 --- a/docs/phase-84-checklist.md +++ b/docs/scope-84-checklist.md @@ -1,16 +1,16 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. -# Phase 84 Checklist: VMA In-Region Split +# Scope 84 Checklist: VMA In-Region Split ## Scope - [x] Middle `munmap` of multi-page anon mapping splits VMA registry (`VMA_SPLITS`). -- [x] Covered by boot gate `path_exec` (`AresOS-BootGate: name=path_exec ok=true`) +- [x] Covered by boot gate `path_exec` (`ClanOS-BootGate: name=path_exec ok=true`) ## Validation - [x] `cargo test -p kernel --features preemption --test preemption_integration` -- [x] `python scripts/gate/boot.py --phase 84 --timeout 180 +- [x] `python scripts/gate/boot.py --gate path_exec --timeout 180` ## Deferred diff --git a/docs/phase-85-checklist.md b/docs/scope-85-checklist.md similarity index 66% rename from docs/phase-85-checklist.md rename to docs/scope-85-checklist.md index 598d02c..c8cb77c 100644 --- a/docs/phase-85-checklist.md +++ b/docs/scope-85-checklist.md @@ -1,17 +1,17 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. -# Phase 85 Checklist: Fork-Lite Address-Space Duplicate +# Scope 85 Checklist: Fork-Lite Address-Space Duplicate ## Scope - [x] `fork_lite` assigns child CR3 via shallow `fork_duplicate_cr3` (shared frames, no COW). - [x] `FORK_DUP_CHILDREN` / `FORK_DUP_CR3` counters. -- [x] Covered by boot gate `path_exec` (`AresOS-BootGate: name=path_exec ok=true`) +- [x] Covered by boot gate `path_exec` (`ClanOS-BootGate: name=path_exec ok=true`) ## Validation - [x] `cargo test -p kernel --features preemption --test preemption_integration` -- [x] `python scripts/gate/boot.py --phase 85 --timeout 180 +- [x] `python scripts/gate/boot.py --gate path_exec --timeout 180` ## Deferred diff --git a/docs/phase-86-checklist.md b/docs/scope-86-checklist.md similarity index 65% rename from docs/phase-86-checklist.md rename to docs/scope-86-checklist.md index ad1b7ef..a082ddc 100644 --- a/docs/phase-86-checklist.md +++ b/docs/scope-86-checklist.md @@ -1,16 +1,16 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. -# Phase 86 Checklist: `ExecLite` + Close-on-Exec +# Scope 86 Checklist: `ExecLite` + Close-on-Exec ## Scope - [x] `ExecLite = 81` replaces process image from allowlisted name; sweeps `FD_CLOEXEC` fds. -- [x] Covered by boot gate `path_exec` (`AresOS-BootGate: name=path_exec ok=true`) +- [x] Covered by boot gate `path_exec` (`ClanOS-BootGate: name=path_exec ok=true`) ## Validation - [x] `cargo test -p kernel --features preemption --test preemption_integration` -- [x] `python scripts/gate/boot.py --phase 86 --timeout 180 +- [x] `python scripts/gate/boot.py --gate path_exec --timeout 180` ## Deferred diff --git a/docs/phase-87-checklist.md b/docs/scope-87-checklist.md similarity index 56% rename from docs/phase-87-checklist.md rename to docs/scope-87-checklist.md index ba67174..37b38ae 100644 --- a/docs/phase-87-checklist.md +++ b/docs/scope-87-checklist.md @@ -1,17 +1,17 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. -# Phase 87 Checklist: `PipeLite` Anonymous Pipe +# Scope 87 Checklist: `PipeLite` Anonymous Pipe ## Scope - [x] `Pipe = 80` syscall; ring buffer; pipe fds via `/@pipe/{id}/r|w`. -- [x] `read`/`write` delegate to pipe backend; `phase87_smoke`. -- [x] Covered by boot gate `path_exec` (`AresOS-BootGate: name=path_exec ok=true`) +- [x] `read`/`write` delegate to pipe backend; `smoke_pipe_lite`. +- [x] Covered by boot gate `path_exec` (`ClanOS-BootGate: name=path_exec ok=true`) ## Validation - [x] `cargo test -p kernel --features preemption --test preemption_integration` -- [x] `python scripts/gate/boot.py --phase 87 --timeout 180 +- [x] `python scripts/gate/boot.py --gate path_exec --timeout 180` ## Deferred diff --git a/docs/phase-88-checklist.md b/docs/scope-88-checklist.md similarity index 64% rename from docs/phase-88-checklist.md rename to docs/scope-88-checklist.md index c502838..efa0518 100644 --- a/docs/phase-88-checklist.md +++ b/docs/scope-88-checklist.md @@ -1,16 +1,16 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. -# Phase 88 Checklist: Ring 3 PLT Lazy Bind on `#PF` +# Scope 88 Checklist: Ring 3 PLT Lazy Bind on `#PF` ## Scope - [x] `try_ring3_plt_fault` from demand paging; `RING3_PLT_FAULT` / `RING3_PLT_BOUND`. -- [x] Covered by boot gate `path_exec` (`AresOS-BootGate: name=path_exec ok=true`) +- [x] Covered by boot gate `path_exec` (`ClanOS-BootGate: name=path_exec ok=true`) ## Validation - [x] `cargo test -p kernel --features preemption --test preemption_integration` -- [x] `python scripts/gate/boot.py --phase 88 --timeout 180 +- [x] `python scripts/gate/boot.py --gate path_exec --timeout 180` ## Deferred diff --git a/docs/phase-89-checklist.md b/docs/scope-89-checklist.md similarity index 65% rename from docs/phase-89-checklist.md rename to docs/scope-89-checklist.md index cce299a..172ad7e 100644 --- a/docs/phase-89-checklist.md +++ b/docs/scope-89-checklist.md @@ -1,17 +1,17 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. -# Phase 89 Checklist: LAPIC IPI Send Stub +# Scope 89 Checklist: LAPIC IPI Send Stub ## Scope - [x] `LAPIC_IPI_SEND` counter on `request_tlb_shootdown`. -- [x] Covered by boot gate `path_exec` (`AresOS-BootGate: name=path_exec ok=true`) +- [x] Covered by boot gate `path_exec` (`ClanOS-BootGate: name=path_exec ok=true`) - [x] `docs/SMP.md` updated. ## Validation - [x] `cargo test -p kernel --features preemption --test preemption_integration` -- [x] `python scripts/gate/boot.py --phase 89 --timeout 180 +- [x] `python scripts/gate/boot.py --gate path_exec --timeout 180` ## Deferred diff --git a/docs/phase-9-checklist.md b/docs/scope-9-checklist.md similarity index 80% rename from docs/phase-9-checklist.md rename to docs/scope-9-checklist.md index 6c533a0..f27806e 100644 --- a/docs/phase-9-checklist.md +++ b/docs/scope-9-checklist.md @@ -1,13 +1,13 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. -# Phase 9 Checklist (Stored Program Loader) +# Scope 9 Checklist (Stored Program Loader) **Date**: 2026-05-13 **Status**: Complete ## 1. Executable Manifest Format -- [x] `ares-exec-v1` text manifest format +- [x] `clan-exec-v1` text manifest format - [x] `name`, `kind`, `entry`, and `description` fields - [x] `builtin-alias` executable kind - [x] Parser rejects invalid version, missing fields, invalid fields, and unsupported kinds @@ -31,11 +31,11 @@ - [x] Shell commands: `programs`, `bin list`, `bin info <program>` - [x] Program count, launch count, and failed launch count syscalls - [x] `fsinfo` reports program count -- [x] Covered by boot gate `loader_security` (`AresOS-BootGate: name=loader_security ok=true`) +- [x] Covered by boot gate `loader_security` (`ClanOS-BootGate: name=loader_security ok=true`) ## 5. Validation -- [x] `scripts/gate/boot.py --phase 9` for QEMU-backed validation +- [x] `python scripts/gate/boot.py --gate loader_security --timeout 180` for QEMU-backed validation - [x] `scripts/validation_matrix.py` includes `boot-gate-check` - [x] Integration tests cover parser, discovery, run path, malformed files, and loader syscalls @@ -43,7 +43,7 @@ ```bash cargo check -p kernel -python scripts/gate/boot.py --phase 9 --timeout 180 +python scripts/gate/boot.py --gate loader_security --timeout 180 python scripts/validation_matrix.py --smoke-timeout 180 ``` @@ -52,6 +52,6 @@ See [VALIDATION_GATES.md](VALIDATION_GATES.md). ## Known Limits -- Phase 9 manifests map stored program files to existing built-in entry targets. +- Scope 9 manifests map stored program files to existing built-in entry targets. - Real ELF parsing, relocation, paging isolation, and raw binary execution are deferred. - Program permissions, signatures, ownership, and executable memory protections are deferred. diff --git a/docs/phase-90-checklist.md b/docs/scope-90-checklist.md similarity index 53% rename from docs/phase-90-checklist.md rename to docs/scope-90-checklist.md index 5864439..f96ac78 100644 --- a/docs/phase-90-checklist.md +++ b/docs/scope-90-checklist.md @@ -1,19 +1,19 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. -# Phase 90 Checklist: Integration Milestone (81–89) +# Scope 90 Checklist: Integration Milestone (81–89) ## Scope -- [x] `phase90_integration_smoke` validates cumulative phase 81–89 counters (no nested re-run). -- [x] Covered by boot gate `path_exec` (`AresOS-BootGate: name=path_exec ok=true`) -- [x] Validation matrix entries for phases 81–90. +- [x] `smoke_path_exec_integration` validates cumulative scope 81–89 counters (no nested re-run). +- [x] Covered by boot gate `path_exec` (`ClanOS-BootGate: name=path_exec ok=true`) +- [x] Validation matrix entries for scopes 81–90. ## Validation - [x] `cargo check -p kernel` - [x] `cargo test -p kernel --features preemption --test preemption_integration` -- [x] `python scripts/gate/boot.py --phase 90 --timeout 180 -- [ ] `python scripts/validation_matrix.py --from-check phase81-hw-sysret-check` (optional full matrix) +- [x] `python scripts/gate/boot.py --gate path_exec --timeout 180` +- [ ] `python scripts/validation_matrix.py --from-check scope81-hw-sysret-check` (optional full matrix) ## Deferred diff --git a/docs/phase-91-checklist.md b/docs/scope-91-checklist.md similarity index 69% rename from docs/phase-91-checklist.md rename to docs/scope-91-checklist.md index 2fa9835..2aad90c 100644 --- a/docs/phase-91-checklist.md +++ b/docs/scope-91-checklist.md @@ -1,17 +1,17 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. -# Phase 91 Checklist: Fork-Lite COW Break +# Scope 91 Checklist: Fork-Lite COW Break ## Scope - [x] `break_cow_page` / shared anon mapping after `fork_lite`; parent/child write isolation. - [x] `FORK_COW_BREAKS` / `FORK_COW_ISOLATED` counters. -- [x] Covered by boot gate `smp_depth` (`AresOS-BootGate: name=smp_depth ok=true`) +- [x] Covered by boot gate `smp_depth` (`ClanOS-BootGate: name=smp_depth ok=true`) ## Validation - [x] `cargo test -p kernel --features preemption --test preemption_integration` -- [x] `python scripts/gate/boot.py --phase 91 --timeout 180 +- [x] `python scripts/gate/boot.py --gate smp_depth --timeout 180` ## Deferred diff --git a/docs/phase-92-checklist.md b/docs/scope-92-checklist.md similarity index 64% rename from docs/phase-92-checklist.md rename to docs/scope-92-checklist.md index 3dffed2..db67055 100644 --- a/docs/phase-92-checklist.md +++ b/docs/scope-92-checklist.md @@ -1,16 +1,16 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. -# Phase 92 Checklist: `PollLite` Syscall +# Scope 92 Checklist: `PollLite` Syscall ## Scope - [x] `Poll = 82`: single-fd readiness (read = 1) on pipe fds. -- [x] Covered by boot gate `smp_depth` (`AresOS-BootGate: name=smp_depth ok=true`) +- [x] Covered by boot gate `smp_depth` (`ClanOS-BootGate: name=smp_depth ok=true`) ## Validation - [x] `cargo test -p kernel --features preemption --test preemption_integration` -- [x] `python scripts/gate/boot.py --phase 92 --timeout 180 +- [x] `python scripts/gate/boot.py --gate smp_depth --timeout 180` ## Deferred diff --git a/docs/phase-93-checklist.md b/docs/scope-93-checklist.md similarity index 65% rename from docs/phase-93-checklist.md rename to docs/scope-93-checklist.md index ecda915..59e94c5 100644 --- a/docs/phase-93-checklist.md +++ b/docs/scope-93-checklist.md @@ -1,16 +1,16 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. -# Phase 93 Checklist: Gap-Aware `mmap` Hint +# Scope 93 Checklist: Gap-Aware `mmap` Hint ## Scope - [x] `vma::next_anon_hint` prefers lowest gap ≥ `MMAP_ANON_BASE` before high-water. -- [x] Covered by boot gate `smp_depth` (`AresOS-BootGate: name=smp_depth ok=true`) +- [x] Covered by boot gate `smp_depth` (`ClanOS-BootGate: name=smp_depth ok=true`) ## Validation - [x] `cargo test -p kernel --features preemption --test preemption_integration` -- [x] `python scripts/gate/boot.py --phase 93 --timeout 180 +- [x] `python scripts/gate/boot.py --gate smp_depth --timeout 180` ## Deferred diff --git a/docs/phase-94-checklist.md b/docs/scope-94-checklist.md similarity index 67% rename from docs/phase-94-checklist.md rename to docs/scope-94-checklist.md index dcd6df8..4ff9b1c 100644 --- a/docs/phase-94-checklist.md +++ b/docs/scope-94-checklist.md @@ -1,17 +1,17 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. -# Phase 94 Checklist: `ExecLite` Argv from User +# Scope 94 Checklist: `ExecLite` Argv from User ## Scope - [x] `exec_lite_with_argv`: bounded argv strings from user pointer vector. - [x] `EXEC_ARGV_OK` counter; `Process.exec_argv` metadata. -- [x] Covered by boot gate `smp_depth` (`AresOS-BootGate: name=smp_depth ok=true`) +- [x] Covered by boot gate `smp_depth` (`ClanOS-BootGate: name=smp_depth ok=true`) ## Validation - [x] `cargo test -p kernel --features preemption --test preemption_integration` -- [x] `python scripts/gate/boot.py --phase 94 --timeout 180 +- [x] `python scripts/gate/boot.py --gate smp_depth --timeout 180` ## Deferred diff --git a/docs/phase-95-checklist.md b/docs/scope-95-checklist.md similarity index 67% rename from docs/phase-95-checklist.md rename to docs/scope-95-checklist.md index 7c4f117..45a0d1b 100644 --- a/docs/phase-95-checklist.md +++ b/docs/scope-95-checklist.md @@ -1,17 +1,17 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. -# Phase 95 Checklist: `pipeprobe` Ring-3 HW ELF +# Scope 95 Checklist: `pipeprobe` Ring-3 HW ELF ## Scope - [x] `/bin/pipeprobe` manifest + ELF seed; `MAX_FILES = 28`. - [x] `HW_PIPE_PROBES` counter; kernel/HW pipe smoke. -- [x] Covered by boot gate `smp_depth` (`AresOS-BootGate: name=smp_depth ok=true`) +- [x] Covered by boot gate `smp_depth` (`ClanOS-BootGate: name=smp_depth ok=true`) ## Validation - [x] `cargo test -p kernel --features preemption --test preemption_integration` -- [x] `python scripts/gate/boot.py --phase 95 --timeout 180 +- [x] `python scripts/gate/boot.py --gate smp_depth --timeout 180` ## Deferred diff --git a/docs/phase-96-checklist.md b/docs/scope-96-checklist.md similarity index 63% rename from docs/phase-96-checklist.md rename to docs/scope-96-checklist.md index 8e9fd69..a12abb9 100644 --- a/docs/phase-96-checklist.md +++ b/docs/scope-96-checklist.md @@ -1,16 +1,16 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. -# Phase 96 Checklist: VMA Adjacent Coalesce +# Scope 96 Checklist: VMA Adjacent Coalesce ## Scope - [x] `vma::coalesce_adjacent` on munmap when regions share prot/backing. -- [x] Covered by boot gate `smp_depth` (`AresOS-BootGate: name=smp_depth ok=true`) +- [x] Covered by boot gate `smp_depth` (`ClanOS-BootGate: name=smp_depth ok=true`) ## Validation - [x] `cargo test -p kernel --features preemption --test preemption_integration` -- [x] `python scripts/gate/boot.py --phase 96 --timeout 180 +- [x] `python scripts/gate/boot.py --gate smp_depth --timeout 180` ## Deferred diff --git a/docs/phase-97-checklist.md b/docs/scope-97-checklist.md similarity index 67% rename from docs/phase-97-checklist.md rename to docs/scope-97-checklist.md index 74eeb81..edd3420 100644 --- a/docs/phase-97-checklist.md +++ b/docs/scope-97-checklist.md @@ -1,17 +1,17 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. -# Phase 97 Checklist: Work-Stealing Stub +# Scope 97 Checklist: Work-Stealing Stub ## Scope - [x] `try_work_steal()` when BSP runqueue empty and CPU1 has work. - [x] `WORK_STEAL_ATTEMPTS` / `WORK_STEALS` counters. -- [x] Covered by boot gate `smp_depth` (`AresOS-BootGate: name=smp_depth ok=true`) +- [x] Covered by boot gate `smp_depth` (`ClanOS-BootGate: name=smp_depth ok=true`) ## Validation - [x] `cargo test -p kernel --features preemption --test preemption_integration` -- [x] `python scripts/gate/boot.py --phase 97 --timeout 180 +- [x] `python scripts/gate/boot.py --gate smp_depth --timeout 180` ## Deferred diff --git a/docs/phase-98-checklist.md b/docs/scope-98-checklist.md similarity index 67% rename from docs/phase-98-checklist.md rename to docs/scope-98-checklist.md index 8977a5a..0f78a98 100644 --- a/docs/phase-98-checklist.md +++ b/docs/scope-98-checklist.md @@ -1,17 +1,17 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. -# Phase 98 Checklist: AP Runnable Enqueue Stub +# Scope 98 Checklist: AP Runnable Enqueue Stub ## Scope - [x] `enqueue_ap_runnable()` on CPU1 when `CPU_COUNT > 1`. - [x] `AP_RUNNABLE_ENQUEUED` counter; no AP scheduler loop or BSP `hlt`. -- [x] Covered by boot gate `smp_depth` (`AresOS-BootGate: name=smp_depth ok=true`) +- [x] Covered by boot gate `smp_depth` (`ClanOS-BootGate: name=smp_depth ok=true`) ## Validation - [x] `cargo test -p kernel --features preemption --test preemption_integration` -- [x] `python scripts/gate/boot.py --phase 98 --timeout 180 +- [x] `python scripts/gate/boot.py --gate smp_depth --timeout 180` ## Deferred diff --git a/docs/phase-99-checklist.md b/docs/scope-99-checklist.md similarity index 66% rename from docs/phase-99-checklist.md rename to docs/scope-99-checklist.md index 2306f9a..52d4397 100644 --- a/docs/phase-99-checklist.md +++ b/docs/scope-99-checklist.md @@ -1,16 +1,16 @@ -> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. +> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy numbered boot serial lines are retired. -# Phase 99 Checklist: LAPIC ICR Write Stub +# Scope 99 Checklist: LAPIC ICR Write Stub ## Scope - [x] `lapic_icr_send_stub()` records `LAPIC_ICR_WRITES` via discard slot (no real MMIO in QEMU tests). -- [x] Covered by boot gate `smp_depth` (`AresOS-BootGate: name=smp_depth ok=true`) +- [x] Covered by boot gate `smp_depth` (`ClanOS-BootGate: name=smp_depth ok=true`) ## Validation - [x] `cargo test -p kernel --features preemption --test preemption_integration` -- [x] `python scripts/gate/boot.py --phase 99 --timeout 180 +- [x] `python scripts/gate/boot.py --gate smp_depth --timeout 180` ## Deferred diff --git a/docs/specs/ABI_CLAN_RT.md b/docs/specs/ABI_CLAN_RT.md index 31e02c2..97744e3 100644 --- a/docs/specs/ABI_CLAN_RT.md +++ b/docs/specs/ABI_CLAN_RT.md @@ -1,4 +1,4 @@ -# ares-rt ABI (Epoch 2) +# clan-rt ABI (Epoch 2) ```yaml status: authoritative @@ -26,7 +26,7 @@ Userspace runtime for native services. Forward ABI stability policy per epoch ga ## Stability -**Forward policy (epoch 2 decision):** explicit **recompile required** each epoch until 1.0 (`ABI_FORWARD_POLICY` in `ares-rt`). +**Forward policy (epoch 2 decision):** explicit **recompile required** each epoch until 1.0 (`ABI_FORWARD_POLICY` in `clan-rt`). Pre-1.0: breaking bumps allowed with compat review. Post-1.0: semver window TBD at M150. diff --git a/docs/specs/ABI_COMPOSITOR_IPC.md b/docs/specs/ABI_COMPOSITOR_IPC.md index 135f375..1e7de06 100644 --- a/docs/specs/ABI_COMPOSITOR_IPC.md +++ b/docs/specs/ABI_COMPOSITOR_IPC.md @@ -12,7 +12,7 @@ status: authoritative semantics_version: 1.0.0 ``` -Required before phase **145**. +Required before scope **145**. --- diff --git a/docs/specs/ABI_NATIVE_SYSCALL.md b/docs/specs/ABI_NATIVE_SYSCALL.md index 2277005..64b7ccd 100644 --- a/docs/specs/ABI_NATIVE_SYSCALL.md +++ b/docs/specs/ABI_NATIVE_SYSCALL.md @@ -12,7 +12,7 @@ status: authoritative semantics_version: 1.0.0 ``` -Gate **G4** — phase **128** mandatory `ares-native-v1` manifest before ring-3 native enforcement. +Gate **G4** — scope **128** mandatory `clan-native-v1` manifest before ring-3 native enforcement. --- @@ -20,13 +20,13 @@ Gate **G4** — phase **128** mandatory `ares-native-v1` manifest before ring-3 Native syscalls: **256+** (`governance::NATIVE_SYSCALL_ID_BASE`). -| ID | Name | Phase | +| ID | Name | Scope | |----|------|-------| | 256 | CapCreate | 112 | | 257 | CapClose | 112 | | 258 | CapTransfer | 112 | -Ring-3 allowlist expansion gated on valid `ares-native-v1` manifest (phase 128). +Ring-3 allowlist expansion gated on valid `clan-native-v1` manifest (scope 128). --- diff --git a/docs/specs/IPC_VERSION_NEGOTIATION.md b/docs/specs/IPC_VERSION_NEGOTIATION.md index d65bb56..d27e531 100644 --- a/docs/specs/IPC_VERSION_NEGOTIATION.md +++ b/docs/specs/IPC_VERSION_NEGOTIATION.md @@ -12,7 +12,7 @@ status: authoritative semantics_version: 1.0.0 ``` -Required before phase **134** endpoint cutover. +Required before scope **134** endpoint cutover. --- @@ -20,7 +20,7 @@ Required before phase **134** endpoint cutover. - Discovery handshake returns supported `ipc.interim.v1` / future `endpoint.v1` ranges - Max spread documented; downgrade edges proptest-covered before 134 -- **P-134 property:** interim FIFO-per-session behaviors ⊆ native endpoint ordering smoke corpus (populated phase 133) +- **P-134 property:** interim FIFO-per-session behaviors ⊆ native endpoint ordering smoke corpus (populated scope 133) --- diff --git a/docs/specs/PROTOCOL_CHANGELOG.md b/docs/specs/PROTOCOL_CHANGELOG.md index a86e60d..d10abba 100644 --- a/docs/specs/PROTOCOL_CHANGELOG.md +++ b/docs/specs/PROTOCOL_CHANGELOG.md @@ -26,4 +26,4 @@ Initial constitutional docs — no wire protocol bumps yet. | Doc | Bump | Rationale | |-----|------|-----------| -| `docs/architecture/KERNEL_OBJECT_MODEL.md` | 1.3.0.additive.0 | **Additive:** sections absent from pre-reconcile canonical — phase-110 design decision, universal interface table, G1 handle semantics list, generation invalidation, full mint/delegation authority, cap schema version, confinement, kind freeze, implementation-phase table, BrokerSession kind row, TOCTOU diagram (implementation-verified). **Clarification:** merged wording for reference cycles, bootstrap ceremony, R-destroy-notify where canonical already had shorter forms. No wire format change. | \ No newline at end of file +| `docs/architecture/KERNEL_OBJECT_MODEL.md` | 1.3.0.additive.0 | **Additive:** sections absent from pre-reconcile canonical — scope-110 design decision, universal interface table, G1 handle semantics list, generation invalidation, full mint/delegation authority, cap schema version, confinement, kind freeze, implementation-scope table, BrokerSession kind row, TOCTOU diagram (implementation-verified). **Clarification:** merged wording for reference cycles, bootstrap ceremony, R-destroy-notify where canonical already had shorter forms. No wire format change. | \ No newline at end of file diff --git a/docs/specs/README.md b/docs/specs/README.md index 083f188..047ceb2 100644 --- a/docs/specs/README.md +++ b/docs/specs/README.md @@ -1,4 +1,4 @@ -# AresOS Interface Specifications +# Clan OS Interface Specifications Canonical ABI and wire-format specs migrated from flat `docs/` during Track 1. @@ -8,6 +8,6 @@ Canonical ABI and wire-format specs migrated from flat `docs/` during Track 1. | Wire schemas | [WIRE_SCHEMA_REGISTRY.md](WIRE_SCHEMA_REGISTRY.md) | | IPC negotiation | [IPC_VERSION_NEGOTIATION.md](IPC_VERSION_NEGOTIATION.md) | | Native syscalls | [ABI_NATIVE_SYSCALL.md](ABI_NATIVE_SYSCALL.md) | -| ares-rt ABI | [ABI_ARES_RT.md](ABI_ARES_RT.md) | +| clan-rt ABI | [ABI_CLAN_RT.md](ABI_CLAN_RT.md) | | Compositor IPC | [ABI_COMPOSITOR_IPC.md](ABI_COMPOSITOR_IPC.md) | | Protocol changelog | [PROTOCOL_CHANGELOG.md](PROTOCOL_CHANGELOG.md) | diff --git a/docs/specs/WIRE_SCHEMA_REGISTRY.md b/docs/specs/WIRE_SCHEMA_REGISTRY.md index 8cddf23..8f58164 100644 --- a/docs/specs/WIRE_SCHEMA_REGISTRY.md +++ b/docs/specs/WIRE_SCHEMA_REGISTRY.md @@ -22,9 +22,9 @@ Versioned binary schemas for audit, errors, IPC, and cap serialization. |-----------|---------|----------|--------| | `error.v1` | 1 | ERROR_TAXONOMY.md | epoch 1 stub | | `audit.v1` | 1 | AUDIT_SUBSYSTEM.md | epoch 1 — chain hash | -| `ipc.interim.v1` | 1 | IPC_INTERIM_BRIDGE.md | phases 122–133 | +| `ipc.interim.v1` | 1 | IPC_INTERIM_BRIDGE.md | scopes 122–133 | | `cap.wire.v1` | 1 | KERNEL_OBJECT_MODEL.md | stub | -| `oom.shed.stub.v1` | 1 | phase 121 | never-stabilize | +| `oom.shed.stub.v1` | 1 | scope 121 | never-stabilize | Each record carries `error_schema_version` or equivalent on wire. diff --git a/docs/track1/BATCH1_PR_BODY.md b/docs/track1/BATCH1_PR_BODY.md index 22eaab0..8ce4a40 100644 --- a/docs/track1/BATCH1_PR_BODY.md +++ b/docs/track1/BATCH1_PR_BODY.md @@ -2,13 +2,13 @@ **Reconciled from flat `docs/KERNEL_OBJECT_MODEL.md` into canonical `docs/architecture/KERNEL_OBJECT_MODEL.md` (semantics 1.3.0):** -- Phase-110 design decision (immutable identity + generation invalidation) +- Scope-110 design decision (immutable identity + generation invalidation) - Universal interface table (`ObjectId`, `Kind`, `Generation`, `Rights`, `Metadata`) -- G1 handle semantics numbered list (create/transfer/delegate/revoke/close) + phase-115 path broker note +- G1 handle semantics numbered list (create/transfer/delegate/revoke/close) + scope-115 path broker note - Generation invalidation section (R-03, triggers) - Full mint vs delegation authority section (kernel root mint only) - Cap kind schema version, cap send/confinement, kind semantics freeze -- Historical implementation-phase table (111–115) +- Historical implementation-scope table (111–115) - **BrokerSession** kind row (already in `docs/CAP_REGISTRY.toml` as `kernel.broker_session`) - Orphan endpoint policy under Endpoint per-kind section - Implementation-verified TOCTOU transfer state machine + property table @@ -54,7 +54,7 @@ No new threat nodes opened. `T-transfer-toctou` remains **closed** (tier B happy - Batch 2 migrations (FE, SM, RA) - `CAP_TRANSFER_PROTOCOL.md` canonical spec (Batch 5 `CTP`) - Physical move of `THREAT_NODES.toml` / `CAP_REGISTRY.toml` to `config/` -- `ares-rt` no_std fix (`ares-rt-001`) +- `clan-rt` no_std fix (`clan-rt-001`) - Workspace restructure (`servers/` extraction) - `#![deny(warnings)]` on `kernel` lib crate (deny on bin `main.rs` only per scope-freeze) - Opening `T-transfer-toctou` for receiver_failed rollback (track1b) diff --git a/docs/track1/SCOPE_FREEZE_COMMIT_TEMPLATE.md b/docs/track1/SCOPE_FREEZE_COMMIT_TEMPLATE.md index 987026f..0a1d8ba 100644 --- a/docs/track1/SCOPE_FREEZE_COMMIT_TEMPLATE.md +++ b/docs/track1/SCOPE_FREEZE_COMMIT_TEMPLATE.md @@ -22,7 +22,7 @@ Resolved open questions: 1. Batch 5 inventory: 31 [[docs]] entries (see config/track1_scope_freeze.toml). RA moved to Batch 2 per prereq_graph PROOF_COVERAGE → RIGHTS_ALGEBRA edge. - Excluded: phase-*.md, ROADMAP_*.md, RELEASE_SCORECARD_*.md, epoch graduation docs, + Excluded: scope-*.md, ROADMAP_*.md, RELEASE_SCORECARD_*.md, epoch graduation docs, PLAN_SUPERSESSION.md (archived/superseded), docs/architecture/SECURITY_MODEL.md (already canonical). 2. THREAT_NODES.toml (TN): canonical location is docs/THREAT_NODES.toml at M400 — NOT config/. @@ -77,7 +77,7 @@ Batch 5 (blocks on Batch 4; 31 entries — prereq_graph.toml order): WSR WIRE_SCHEMA_REGISTRY → docs/specs/ IVN IPC_VERSION_NEGOTIATION → docs/specs/ ANS ABI_NATIVE_SYSCALL → docs/specs/ - AAR ABI_ARES_RT → docs/specs/ + AAR ABI_CLAN_RT → docs/specs/ ACP ABI_COMPOSITOR_IPC → docs/specs/ PCH PROTOCOL_CHANGELOG → docs/specs/ @@ -109,7 +109,7 @@ Semantic diff baseline: Exclusions (charter-approved deferrals): - No workspace restructure (servers/ extraction) - - No ares-rt no_std fix (tracked: ares-rt-001) + - No clan-rt no_std fix (tracked: clan-rt-001) - No new docs added to canonical layers beyond [[docs]] manifest - No physical THREAT_NODES.toml or CAP_REGISTRY.toml move to config/ - docs/architecture/SECURITY_MODEL.md already canonical — reference update only at gate diff --git a/epoch_signoffs/epoch-1.toml b/epoch_signoffs/epoch-1.toml index 65e9cd4..3c15e15 100644 --- a/epoch_signoffs/epoch-1.toml +++ b/epoch_signoffs/epoch-1.toml @@ -5,7 +5,7 @@ epoch = 1 gate_commit = "044d4ef" gpg_signed = false solo_maintainer = true -mv_team_justification = "Solo maintainer; phases 121–130 delivered with platform brokers and interim IPC per STATUS.md." +mv_team_justification = "Solo maintainer; scopes 121–130 delivered with platform brokers and interim IPC per STATUS.md." [[signoffs]] reviewer_id = "clancy" @@ -18,7 +18,7 @@ multi_domain_roles = ["kernel", "evidence", "process"] [[signoffs]] reviewer_id = "clancy" domain = "evidence" -scope = "phase121_service_loader_check, phase130_platform_check, interim IPC smoke" +scope = "scope121_service_loader_check, scope130_platform_check, interim IPC smoke" timestamp = "2026-06-11T14:00:00Z" epoch = 1 multi_domain_roles = ["kernel", "evidence", "process"] diff --git a/epoch_signoffs/epoch-11.toml b/epoch_signoffs/epoch-11.toml index 20cdf58..024c975 100644 --- a/epoch_signoffs/epoch-11.toml +++ b/epoch_signoffs/epoch-11.toml @@ -1,4 +1,4 @@ -# Epoch 11 gate — userspace drivers (phases 251–275). +# Epoch 11 gate — userspace drivers (scopes 251–275). [manifest] epoch = 11 diff --git a/epoch_signoffs/epoch-13.toml b/epoch_signoffs/epoch-13.toml index bf451de..154420e 100644 --- a/epoch_signoffs/epoch-13.toml +++ b/epoch_signoffs/epoch-13.toml @@ -1,4 +1,4 @@ -# Epoch 13 gate — checkpoint / Tier D formal (phases 301–325). +# Epoch 13 gate — checkpoint / Tier D formal (scopes 301–325). [manifest] epoch = 13 diff --git a/epoch_signoffs/epoch-2.toml b/epoch_signoffs/epoch-2.toml index 1dfddec..8ad7c2a 100644 --- a/epoch_signoffs/epoch-2.toml +++ b/epoch_signoffs/epoch-2.toml @@ -1,4 +1,4 @@ -# Epoch 2 gate — virtio-blk + ares-rt userland. +# Epoch 2 gate — virtio-blk + clan-rt userland. [manifest] epoch = 2 @@ -9,6 +9,6 @@ solo_maintainer = true [[signoffs]] reviewer_id = "clancy" domain = "kernel" -scope = "virtio-blk, BUILD_INTEGRITY, ABI_ARES_RT, userland install hook" +scope = "virtio-blk, BUILD_INTEGRITY, ABI_CLAN_RT, userland install hook" timestamp = "2026-06-11T18:00:00Z" epoch = 2 diff --git a/epoch_signoffs/epoch-3.toml b/epoch_signoffs/epoch-3.toml index dfecf47..91f9999 100644 --- a/epoch_signoffs/epoch-3.toml +++ b/epoch_signoffs/epoch-3.toml @@ -9,6 +9,6 @@ solo_maintainer = true [[signoffs]] reviewer_id = "clancy" domain = "kernel" -scope = "build_integrity 131-133, ipc_endpoints 134, audit_wire 135-138, phase140 integration" +scope = "build_integrity 131-133, ipc_endpoints 134, audit_wire 135-138, scope140 integration" timestamp = "2026-06-11T18:00:00Z" epoch = 3 diff --git a/epoch_signoffs/epoch-7.toml b/epoch_signoffs/epoch-7.toml index c657d0e..3ead26b 100644 --- a/epoch_signoffs/epoch-7.toml +++ b/epoch_signoffs/epoch-7.toml @@ -1,4 +1,4 @@ -# Epoch 7 gate — stub graduation (phases 151–175). +# Epoch 7 gate — stub graduation (scopes 151–175). [manifest] epoch = 7 diff --git a/epoch_signoffs/epoch-9.toml b/epoch_signoffs/epoch-9.toml index 3898a84..53f628f 100644 --- a/epoch_signoffs/epoch-9.toml +++ b/epoch_signoffs/epoch-9.toml @@ -1,4 +1,4 @@ -# Epoch 9 gate — native SDK / UX (phases 201–225). +# Epoch 9 gate — native SDK / UX (scopes 201–225). [manifest] epoch = 9 @@ -9,6 +9,6 @@ solo_maintainer = true [[signoffs]] reviewer_id = "clancy" domain = "platform" -scope = "ares-rt SDK path, manifest tooling, userland install" +scope = "clan-rt SDK path, manifest tooling, userland install" timestamp = "2026-06-11T20:00:00Z" epoch = 9 diff --git a/gap_registry.toml b/gap_registry.toml index efae518..0070753 100644 --- a/gap_registry.toml +++ b/gap_registry.toml @@ -1,4 +1,4 @@ -# AresOS gap registry — canonical lifecycle tracking +# Clan OS gap registry — canonical lifecycle tracking # Updated by scripts/mark_epoch0_addressed.py [schema] @@ -85,7 +85,7 @@ superseded_by_commit = null id = 7 summary = """No admission control""" fix = """E-00 + ERROR_TAXONOMY class mapping""" -when = """Phase 121""" +when = """Scope 121""" status = """addressed""" addressing_commit = null implementing_doc = """docs/ERROR_TAXONOMY.md""" @@ -106,7 +106,7 @@ superseded_by_commit = null [[gaps]] id = 9 summary = """OOM undefined early""" -fix = """**MEM_BUDGET_STUB** phase 121; full shed/terminate phase 147""" +fix = """**MEM_BUDGET_STUB** scope 121; full shed/terminate scope 147""" when = """Split""" status = """addressed""" addressing_commit = null @@ -127,7 +127,7 @@ superseded_by_commit = null [[gaps]] id = 11 -summary = """Phase 128 allowlist""" +summary = """Scope 128 allowlist""" fix = """[`ABI_NATIVE_SYSCALL.md`](docs/ABI_NATIVE_SYSCALL.md) + V-01""" when = """Before 128""" status = """addressed""" @@ -138,8 +138,8 @@ superseded_by_commit = null [[gaps]] id = 12 -summary = """`ares-rt` ABI""" -fix = """[`ABI_ARES_RT.md`](docs/ABI_ARES_RT.md)""" +summary = """`clan-rt` ABI""" +fix = """[`ABI_CLAN_RT.md`](docs/ABI_CLAN_RT.md)""" when = """Epoch 2 prereq; forward ABI stability policy""" status = """addressed""" addressing_commit = null @@ -292,8 +292,8 @@ superseded_by_commit = null [[gaps]] id = 26 -summary = """Phase co-authorship""" -fix = """**Phase owner** in checklist / CODEOWNERS; only owner commits `feat(phase-NNN)`""" +summary = """Scope co-authorship""" +fix = """**Scope owner** in checklist / CODEOWNERS; only owner commits `feat(scope-NNN)`""" when = """Process""" status = """addressed""" addressing_commit = null @@ -304,11 +304,11 @@ superseded_by_commit = null [[gaps]] id = 27 summary = """Benchmarks unanchored""" -fix = """**Calibration run** on phase 120; thresholds = % budget vs baseline""" +fix = """**Calibration run** on scope 120; thresholds = % budget vs baseline""" when = """Epoch 0""" status = """addressed""" addressing_commit = null -implementing_doc = """benchmarks/phase-120-baseline.json""" +implementing_doc = """benchmarks/scope-120-baseline.json""" split_into = [] superseded_by_commit = null @@ -437,7 +437,7 @@ superseded_by_commit = null id = 39 summary = """IPC version negotiation""" fix = """[`IPC_VERSION_NEGOTIATION.md`](docs/IPC_VERSION_NEGOTIATION.md) — discovery, downgrade, max spread""" -when = """Before phase 134""" +when = """Before scope 134""" status = """addressed""" addressing_commit = null implementing_doc = """docs/IPC_VERSION_NEGOTIATION.md""" @@ -448,7 +448,7 @@ superseded_by_commit = null id = 40 summary = """Fuzz stubs ≠ coverage""" fix = """FUZZ_TARGETS — required boundary conditions per target""" -when = """Epoch 0 def; graduate phase 121+""" +when = """Epoch 0 def; graduate scope 121+""" status = """addressed""" addressing_commit = null implementing_doc = """docs/FUZZ_TARGETS.md""" @@ -514,7 +514,7 @@ superseded_by_commit = null id = 46 summary = """Accessibility not reserved""" fix = """ABI_COMPOSITOR_IPC **a11y extension point** (screen reader, keyboard nav)""" -when = """Before phase 145""" +when = """Before scope 145""" status = """addressed""" addressing_commit = null implementing_doc = """milestone-150-stub""" @@ -556,9 +556,9 @@ superseded_by_commit = null [[gaps]] id = 50 -summary = """Phase 134 semantic migration""" +summary = """Scope 134 semantic migration""" fix = """Named property: interim-bridge behaviors ⊆ native endpoint; ordering smoke not just connectivity""" -when = """IPC_VERSION_NEGOTIATION + phase 134""" +when = """IPC_VERSION_NEGOTIATION + scope 134""" status = """addressed""" addressing_commit = null implementing_doc = """kernel/src/ipc_endpoints.rs""" @@ -623,7 +623,7 @@ superseded_by_commit = null [[gaps]] id = 56 summary = """OOM shed bidirectional path""" -fix = """Shed/ack wire format + ERROR class + timeout; stub in phase 121 checklist""" +fix = """Shed/ack wire format + ERROR class + timeout; stub in scope 121 checklist""" when = """121 stub; 147 full""" status = """addressed""" addressing_commit = null @@ -811,7 +811,7 @@ superseded_by_commit = null id = 73 summary = """IPC negotiation proptest""" fix = """Random version pairs across spread; downgrade edge cases""" -when = """Before phase 134""" +when = """Before scope 134""" status = """addressed""" addressing_commit = null implementing_doc = """scripts/rights_algebra_check.py""" @@ -1063,7 +1063,7 @@ superseded_by_commit = null [[gaps]] id = 96 summary = """P-134 corpus unstable""" -fix = """Fixed P-134 corpus — format at IPC_VERSION_NEGOTIATION; **populated phase 133** (see #150)""" +fix = """Fixed P-134 corpus — format at IPC_VERSION_NEGOTIATION; **populated scope 133** (see #150)""" when = """Before 134""" status = """addressed""" addressing_commit = null @@ -1085,7 +1085,7 @@ superseded_by_commit = null [[gaps]] id = 98 summary = """Delta justification review""" -fix = """Wrong-direction deltas need **second reviewer** (not phase owner) in commit""" +fix = """Wrong-direction deltas need **second reviewer** (not scope owner) in commit""" when = """Process""" status = """addressed""" addressing_commit = null @@ -1228,7 +1228,7 @@ superseded_by_commit = null [[gaps]] id = 111 summary = """Registry reconciliation owner""" -fix = """Phase owner that introduced drift drives fix; multi-phase → most recent owner""" +fix = """Scope owner that introduced drift drives fix; multi-scope → most recent owner""" when = """EPOCH_FAILURE""" status = """addressed""" addressing_commit = null @@ -1304,8 +1304,8 @@ superseded_by_commit = null [[gaps]] id = 118 -summary = """Phase commit + doc fixup""" -fix = """`fixup(phase-NNN): docs` allowed same phase window; no pyramid re-run unless behavior changes""" +summary = """Scope commit + doc fixup""" +fix = """`fixup(scope-NNN): docs` allowed same scope window; no pyramid re-run unless behavior changes""" when = """Git discipline""" status = """addressed""" addressing_commit = null @@ -1349,7 +1349,7 @@ superseded_by_commit = null [[gaps]] id = 122 summary = """Benchmark re-baseline""" -fix = """Rolling baseline = prior epoch gate; phase-120 historical only after epoch 2""" +fix = """Rolling baseline = prior epoch gate; scope-120 historical only after epoch 2""" when = """validation_matrix""" status = """addressed""" addressing_commit = null @@ -1657,7 +1657,7 @@ superseded_by_commit = null [[gaps]] id = 150 summary = """P-134 corpus timing""" -fix = """Spec + format at IPC_VERSION_NEGOTIATION; **corpus populated at phase 133** commit""" +fix = """Spec + format at IPC_VERSION_NEGOTIATION; **corpus populated at scope 133** commit""" when = """Before 134""" status = """addressed""" addressing_commit = null @@ -1887,8 +1887,8 @@ superseded_by_commit = null [[gaps]] id = 171 -summary = """Phase owner COI""" -fix = """Security-critical phases: second reviewer from **different domain** (security / kernel ABI / process)""" +summary = """Scope owner COI""" +fix = """Security-critical scopes: second reviewer from **different domain** (security / kernel ABI / process)""" when = """Process""" status = """addressed""" addressing_commit = null @@ -2030,8 +2030,8 @@ superseded_by_commit = null [[gaps]] id = 184 -summary = """Phase regression log""" -fix = """Append-only phase-level metric snapshots alongside epoch gates — observability""" +summary = """Scope regression log""" +fix = """Append-only scope-level metric snapshots alongside epoch gates — observability""" when = """project_health""" status = """addressed""" addressing_commit = null @@ -2086,7 +2086,7 @@ superseded_by_commit = null [[gaps]] id = 189 summary = """Epoch failure time budget""" -fix = """Max ~2 phase-cycles recovery; then charter-level decision""" +fix = """Max ~2 scope-cycles recovery; then charter-level decision""" when = """EPOCH_FAILURE""" status = """addressed""" addressing_commit = null @@ -2108,7 +2108,7 @@ superseded_by_commit = null [[gaps]] id = 191 summary = """Prereq graph""" -fix = """Machine-readable phase/doc adjacency; CI ordering check""" +fix = """Machine-readable scope/doc adjacency; CI ordering check""" when = """project_health epoch 0""" status = """addressed""" addressing_commit = null @@ -2162,8 +2162,8 @@ superseded_by_commit = null [[gaps]] id = 196 -summary = """Phase owner succession""" -fix = """Named **backup reviewer** at phase-start; inherits commit authority if owner unavailable""" +summary = """Scope owner succession""" +fix = """Named **backup reviewer** at scope-start; inherits commit authority if owner unavailable""" when = """Process""" status = """addressed""" addressing_commit = null @@ -2327,9 +2327,9 @@ superseded_by_commit = null [[gaps]] id = 211 -summary = """ares-rt ABI forward stability""" +summary = """clan-rt ABI forward stability""" fix = """Compatibility window or stated recompile requirement per epoch""" -when = """ABI_ARES_RT epoch 2""" +when = """ABI_CLAN_RT epoch 2""" status = """addressed""" addressing_commit = null implementing_doc = """milestone-150-stub""" @@ -2416,7 +2416,7 @@ superseded_by_commit = null [[gaps]] id = 219 summary = """Changelog sub-entries""" -fix = """PROTOCOL_CHANGELOG: section, bump class, phase commit per change""" +fix = """PROTOCOL_CHANGELOG: section, bump class, scope commit per change""" when = """PROTOCOL_CHANGELOG""" status = """addressed""" addressing_commit = null @@ -2460,7 +2460,7 @@ superseded_by_commit = null [[gaps]] id = 223 summary = """Benchmark archival""" -fix = """Extend phase_snapshots with bench results; trend query tool (DX)""" +fix = """Extend scope_snapshots with bench results; trend query tool (DX)""" when = """project_health""" status = """addressed""" addressing_commit = null @@ -2690,8 +2690,8 @@ superseded_by_commit = null [[gaps]] id = 244 -summary = """Phase checklist schema""" -fix = """`phase_checklist_schema.toml` — required fields per phase checklist""" +summary = """Scope checklist schema""" +fix = """`scope_checklist_schema.toml` — required fields per scope checklist""" when = """Epoch 0""" status = """addressed""" addressing_commit = null @@ -3142,7 +3142,7 @@ superseded_by_commit = null [[gaps]] id = 285 summary = """Milestone 150 timeline projection""" -fix = """Rolling avg phase duration → projected M150 date in STATUS.md""" +fix = """Rolling avg scope duration → projected M150 date in STATUS.md""" when = """project_health""" status = """addressed""" addressing_commit = null @@ -3372,8 +3372,8 @@ superseded_by_commit = null [[gaps]] id = 306 -summary = """phase_snapshots compaction""" -fix = """Epoch entries permanent; phase entries compact after N epochs""" +summary = """scope_snapshots compaction""" +fix = """Epoch entries permanent; scope entries compact after N epochs""" when = """project_health""" status = """addressed""" addressing_commit = null @@ -3439,7 +3439,7 @@ superseded_by_commit = null [[gaps]] id = 312 summary = """First-steps DAG (Upgrade G)""" -fix = """Epoch-0 authoring order in `prereq_graph.toml` with `blocking_phase: epoch-0`""" +fix = """Epoch-0 authoring order in `prereq_graph.toml` with `blocking_scope: epoch-0`""" when = """Epoch 0""" status = """addressed""" addressing_commit = null @@ -3681,8 +3681,8 @@ superseded_by_commit = null [[gaps]] id = 334 summary = """Mandatory DECISION_LOG triggers""" -fix = """8 gated decisions in phase_checklist_schema""" -when = """phase_checklist_schema""" +fix = """8 gated decisions in scope_checklist_schema""" +when = """scope_checklist_schema""" status = """addressed""" addressing_commit = null implementing_doc = """milestone-150-stub""" @@ -3703,7 +3703,7 @@ superseded_by_commit = null [[gaps]] id = 336 summary = """Feature cost tracking""" -fix = """Marginal overhead per phase in phase_snapshots""" +fix = """Marginal overhead per scope in scope_snapshots""" when = """project_health""" status = """addressed""" addressing_commit = null @@ -3834,12 +3834,12 @@ superseded_by_commit = null [[gaps]] id = 348 -summary = """Phase checklists 151–350""" -fix = """`gen_phase_checklists_151_350.py` + CI spot-check""" +summary = """Scope checklists 151–350""" +fix = """`gen_scope_checklists_151_350.py` + CI spot-check""" when = """Epoch 7 start""" status = """addressed""" addressing_commit = null -implementing_doc = """scripts/gen_phase_checklists_151_350.py""" +implementing_doc = """scripts/gen_scope_checklists_151_350.py""" split_into = [] superseded_by_commit = null diff --git a/health_timeseries.json b/health_timeseries.json index 0ae9689..daadb12 100644 --- a/health_timeseries.json +++ b/health_timeseries.json @@ -1,7 +1,7 @@ [ { "epoch": 0, - "phase": "epoch-0-staging", + "gate_label": "epoch-0-staging", "timestamp": "2026-06-11T00:00:00Z", "scope_freeze_commit": "5961eb7", "gap_registry_open": 345, @@ -14,7 +14,7 @@ }, { "epoch": 0, - "phase": "epoch-0-gate", + "gate_label": "epoch-0-gate", "timestamp": "2026-06-11T12:00:00Z", "scope_freeze_commit": "5961eb7", "solo_maintainer": true, @@ -27,36 +27,36 @@ }, { "epoch": 1, - "phase": "epoch-1-gate", + "gate_label": "epoch-1-gate", "timestamp": "2026-06-11T14:00:00Z", "gate_commit": "044d4ef", "gap_registry_open": 330, "threat_nodes_open": 11, "ipc_bridge_compat_internal": "active", - "notes": "Phases 121–130 brokers + interim IPC bridge." + "notes": "Scopes 121–130 brokers + interim IPC bridge." }, { "epoch": 2, - "phase": "epoch-2-gate", + "gate_label": "epoch-2-gate", "timestamp": "2026-06-11T16:00:00Z", "gap_registry_open": 330, "threat_nodes_open": 11, "virtio_blk_stub": true, - "ares_rt_host_demo": true, + "clan_rt_host_demo": true, "notes": "virtio-blk then userland; BUILD_INTEGRITY manifest + install_userland.py." }, { "epoch": 3, - "phase": "epoch-3-gate", + "gate_label": "epoch-3-gate", "timestamp": "2026-06-11T17:00:00Z", "gap_registry_open": 330, "threat_nodes_open": 11, "ipc_bridge_compat_internal": 0, - "notes": "Phases 131–140: signed image stub, native endpoints, audit wire." + "notes": "Scopes 131–140: signed image stub, native endpoints, audit wire." }, { "epoch": 4, - "phase": "epoch-4-gate", + "gate_label": "epoch-4-gate", "timestamp": "2026-06-11T17:30:00Z", "gap_registry_open": 330, "threat_nodes_open": 11, @@ -65,7 +65,7 @@ }, { "epoch": 5, - "phase": "epoch-5-gate", + "gate_label": "epoch-5-gate", "timestamp": "2026-06-11T17:45:00Z", "gap_registry_open": 330, "threat_nodes_open": 11, @@ -74,20 +74,20 @@ }, { "epoch": 6, - "phase": "milestone-150", + "gate_label": "milestone-150", "timestamp": "2026-06-11T18:00:00Z", "gap_registry_open": 330, "threat_nodes_open": 11, "ipc_bridge_compat_internal": 0, "boot_smokes": [ - "AresOS-BootGate: ok=true", - "AresOS-SystemGate: ok=true" + "ClanOS-BootGate: ok=true", + "ClanOS-SystemGate: ok=true" ], "notes": "Four-layer boundary review; QEMU config v1; plan superseded by gap_registry + CHARTER." }, { "epoch": 0, - "phase": "plan-complete", + "gate_label": "plan-complete", "timestamp": "2026-06-11T20:00:00Z", "gap_registry_open": 321, "gap_registry_addressed": 24, @@ -98,7 +98,7 @@ }, { "epoch": 6, - "phase": "plan-full-close", + "gate_label": "plan-full-close", "timestamp": "2026-06-11T21:00:00Z", "gap_registry_open": 0, "gap_registry_addressed": 318, @@ -110,26 +110,26 @@ }, { "epoch": 7, - "phase": "epoch-7-planning", + "gate_label": "epoch-7-planning", "timestamp": "2026-06-11T22:00:00Z", "gap_registry_total": 350, "gap_registry_open": 27, "gap_registry_addressed": 323, - "phase_checklists_151_350": 200, + "scope_checklists_151_350": 200, "loom_harness_graduated": 2, "epoch_signoffs": "0-14", "notes": "ROADMAP_151_350 ratified; gaps 346-350; post-150 wontfix reopened with epoch assignments; milestone smokes 175-350 wired." }, { "epoch": 14, - "phase": "milestone-350", + "gate_label": "milestone-350", "timestamp": "2026-06-11T23:30:00Z", - "completed_phase": 350, + "completed_scope": 350, "gap_registry_open": 0, "gap_registry_addressed": 350, "threat_nodes_open": 0, "covenant_ci": true, "epoch_graduation": "7-14", - "notes": "Mechanical phases 151-350 complete; epochs 7-14 graduated; M350 release scorecard." + "notes": "Mechanical scopes 151-350 complete; epochs 7-14 graduated; M350 release scorecard." } ] diff --git a/kernel/Cargo.toml b/kernel/Cargo.toml index 0eb6dcc..819688c 100644 --- a/kernel/Cargo.toml +++ b/kernel/Cargo.toml @@ -3,6 +3,7 @@ name = "kernel" version = "0.1.0" edition = "2021" license = "Apache-2.0" +build = "build.rs" [[bin]] name = "kernel" @@ -16,7 +17,7 @@ doctest = false [features] default = [] -# Production preemptive scheduling (Phase 5+) +# Production preemptive scheduling (preemption lab + CI soak) preemption = [] # Real syscall/sysret user probe (QEMU boot only; omitted from host integration tests). hw-sysret-probe = [] diff --git a/kernel/build.rs b/kernel/build.rs new file mode 100644 index 0000000..5d5864b --- /dev/null +++ b/kernel/build.rs @@ -0,0 +1,94 @@ +//! Build ring-3 userland ELFs and embed them for kernel smoke tests. + +use std::path::{Path, PathBuf}; +use std::process::Command; + +fn main() { + let manifest_dir = PathBuf::from(std::env::var("CARGO_MANIFEST_DIR").unwrap()); + let repo_root = manifest_dir.parent().unwrap(); + + build_embed_elf( + repo_root, + "mendo", + "mendo", + "mendo.bin", + repo_root.join("userland/mendo/src"), + ); + build_embed_elf( + repo_root, + "ring3-io-demo", + "ring3-io-demo", + "ring3_io_demo.bin", + repo_root.join("userland/ring3-io-demo/src"), + ); + build_embed_elf( + repo_root, + "hello-alloc", + "hello-alloc", + "hello_alloc.bin", + repo_root.join("userland/hello-alloc/src"), + ); + build_embed_elf( + repo_root, + "sig-demo", + "sig-demo", + "sig_demo.bin", + repo_root.join("userland/sig-demo/src"), + ); + rerun_if_changed(repo_root.join("userland/src")); + + println!("cargo:rerun-if-changed=build.rs"); +} + +fn build_embed_elf( + repo_root: &Path, + package: &str, + bin_name: &str, + out_name: &str, + source_dir: PathBuf, +) { + let target_elf = repo_root.join(format!( + "target/x86_64-unknown-none/release/{bin_name}" + )); + let out_dir = PathBuf::from(std::env::var("OUT_DIR").unwrap()); + let out_bin = out_dir.join(out_name); + + let status = Command::new("cargo") + .args([ + "build", + "-p", + package, + "--release", + "--target", + "x86_64-unknown-none", + ]) + .current_dir(repo_root) + .status() + .unwrap_or_else(|err| panic!("failed to spawn cargo for {package}: {err}")); + + if !status.success() { + panic!("{package} build failed with status {status}"); + } + if !target_elf.exists() { + panic!("{package} ELF missing at {}", target_elf.display()); + } + + std::fs::copy(&target_elf, &out_bin).unwrap_or_else(|err| { + panic!("copy {out_name}: {err}"); + }); + + rerun_if_changed(source_dir); +} + +fn rerun_if_changed(dir: PathBuf) { + if let Ok(read) = std::fs::read_dir(dir) { + for entry in read.flatten() { + let path = entry.path(); + if path.is_dir() { + rerun_if_changed(path); + } else if path.extension().and_then(|ext| ext.to_str()) == Some("rs") { + println!("cargo:rerun-if-changed={}", path.display()); + } + } + } +} diff --git a/kernel/src/address_space.rs b/kernel/src/address_space.rs index 08527fd..f1fa756 100644 --- a/kernel/src/address_space.rs +++ b/kernel/src/address_space.rs @@ -1,4 +1,4 @@ -//! Phase 11 descriptor-only address-space model. +//! descriptor-only address-space model. use alloc::vec::Vec; diff --git a/kernel/src/audit_wire.rs b/kernel/src/audit_wire.rs index f855082..559d8ae 100644 --- a/kernel/src/audit_wire.rs +++ b/kernel/src/audit_wire.rs @@ -1,4 +1,4 @@ -//! Audit IPC correlation on wire — phases 135–138 (ERROR_TAXONOMY + WIRE_SCHEMA). +//! Audit IPC correlation on wire — scopes 135–138 (ERROR_TAXONOMY + WIRE_SCHEMA). use alloc::vec::Vec; use core::sync::atomic::{AtomicU64, Ordering}; @@ -75,7 +75,7 @@ pub fn kernel_append_event(err: &NativeError) -> WireAuditEvent { encode_error_on_wire(err) } -pub fn phase135_audit_correlation_smoke() -> bool { +pub fn smoke_audit_correlation_smoke() -> bool { let err = NativeError::e00_saturated(); let ev = encode_error_on_wire(&err); let bytes = serialize_event(&ev); @@ -88,10 +88,10 @@ pub fn phase135_audit_correlation_smoke() -> bool { } pub fn epoch7_audit_graduated() -> bool { - phase135_audit_correlation_smoke() + smoke_audit_correlation_smoke() } -pub fn phase136_wait_set_smoke() -> bool { +pub fn smoke_wait_set() -> bool { let Some(pid) = crate::kernel_object::ensure_smoke_process() else { return false; }; @@ -99,7 +99,7 @@ pub fn phase136_wait_set_smoke() -> bool { crate::ipc_endpoints::send(ep, pid, b"wait").is_ok() } -pub fn phase137_error_taxonomy_wire_smoke() -> bool { +pub fn smoke_error_taxonomy_wire_smoke() -> bool { let structural = NativeError { code: crate::service_loader::ERR_CAP_QUOTA, class: ErrorClass::StructuralRemediable, @@ -108,6 +108,6 @@ pub fn phase137_error_taxonomy_wire_smoke() -> bool { ev.error_class == 2 } -pub fn phase138_schema_registry_smoke() -> bool { - phase135_audit_correlation_smoke() && phase137_error_taxonomy_wire_smoke() +pub fn smoke_schema_registry_smoke() -> bool { + smoke_audit_correlation_smoke() && smoke_error_taxonomy_wire_smoke() } diff --git a/kernel/src/block.rs b/kernel/src/block.rs index 1f6f250..ac687f2 100644 --- a/kernel/src/block.rs +++ b/kernel/src/block.rs @@ -1,4 +1,4 @@ -//! Phase 8 block-device manager. +//! block-device manager. use alloc::{string::String, vec, vec::Vec}; use lazy_static::lazy_static; diff --git a/kernel/src/block_cache.rs b/kernel/src/block_cache.rs new file mode 100644 index 0000000..aae5378 --- /dev/null +++ b/kernel/src/block_cache.rs @@ -0,0 +1,123 @@ +//! Sector cache in front of the active block device . + +use core::sync::atomic::{AtomicU64, Ordering}; +use spin::Mutex; + +use crate::storage::SECTOR_SIZE; + +const CACHE_SLOTS: usize = 32; + +#[derive(Clone, Copy)] +struct CacheEntry { + sector: usize, + data: [u8; SECTOR_SIZE], + valid: bool, +} + +impl CacheEntry { + const fn empty() -> Self { + Self { + sector: usize::MAX, + data: [0; SECTOR_SIZE], + valid: false, + } + } +} + +struct SectorCache { + entries: [CacheEntry; CACHE_SLOTS], + cursor: usize, +} + +impl SectorCache { + const fn new() -> Self { + Self { + entries: [CacheEntry::empty(); CACHE_SLOTS], + cursor: 0, + } + } + + fn lookup(&self, sector: usize) -> Option<[u8; SECTOR_SIZE]> { + for entry in &self.entries { + if entry.valid && entry.sector == sector { + return Some(entry.data); + } + } + None + } + + fn insert(&mut self, sector: usize, data: [u8; SECTOR_SIZE]) { + let idx = self.cursor % CACHE_SLOTS; + self.cursor = self.cursor.wrapping_add(1); + self.entries[idx] = CacheEntry { + sector, + data, + valid: true, + }; + } + + fn invalidate(&mut self, sector: usize) { + for entry in &mut self.entries { + if entry.valid && entry.sector == sector { + entry.valid = false; + } + } + } +} + +static HITS: AtomicU64 = AtomicU64::new(0); +static MISSES: AtomicU64 = AtomicU64::new(0); + +lazy_static::lazy_static! { + static ref CACHE: Mutex<SectorCache> = Mutex::new(SectorCache::new()); +} + +pub fn status() -> (u64, u64) { + ( + HITS.load(Ordering::Relaxed), + MISSES.load(Ordering::Relaxed), + ) +} + +pub fn read_sector( + sector: usize, + buffer: &mut [u8; SECTOR_SIZE], + raw_read: impl FnOnce(usize, &mut [u8; SECTOR_SIZE]) -> Result<(), crate::block::BlockError>, +) -> Result<(), crate::block::BlockError> { + if let Some(data) = CACHE.lock().lookup(sector) { + HITS.fetch_add(1, Ordering::Relaxed); + buffer.copy_from_slice(&data); + return Ok(()); + } + MISSES.fetch_add(1, Ordering::Relaxed); + raw_read(sector, buffer)?; + CACHE.lock().insert(sector, *buffer); + Ok(()) +} + +pub fn write_sector( + sector: usize, + buffer: &[u8; SECTOR_SIZE], + raw_write: impl FnOnce(usize, &[u8; SECTOR_SIZE]) -> Result<(), crate::block::BlockError>, +) -> Result<(), crate::block::BlockError> { + CACHE.lock().invalidate(sector); + raw_write(sector, buffer) +} + +pub fn smoke_block_cache() -> bool { + let before = status(); + let mut buf = [0u8; SECTOR_SIZE]; + buf[0] = 0xBC; + if crate::block::write_active_sector(3, &buf).is_err() { + return false; + } + let mut read = [0u8; SECTOR_SIZE]; + if crate::block::read_active_sector(3, &mut read).is_err() { + return false; + } + if crate::block::read_active_sector(3, &mut read).is_err() { + return false; + } + let after = status(); + read[0] == 0xBC && after.0 > before.0 && after.1 >= before.1 +} diff --git a/kernel/src/boot_gate.rs b/kernel/src/boot_gate.rs index dc526ec..223c696 100644 --- a/kernel/src/boot_gate.rs +++ b/kernel/src/boot_gate.rs @@ -1,6 +1,6 @@ -//! Unified boot-time validation gate (phases 6–150 consolidated). +//! Unified boot-time validation gate (subsystem smokes consolidated). //! -//! Subsystem serial lines replace per-phase `PhaseN-*` boot markers. +//! Subsystem serial lines replace legacy numbered boot markers. pub const BOOT_GATE_VERSION: &str = "1.0.0"; @@ -13,66 +13,65 @@ fn ok_str(v: bool) -> &'static str { } fn emit(name: &str, ok: bool) { - crate::serial_println!("AresOS-BootGate: name={} ok={}", name, ok_str(ok)); + crate::serial_println!("ClanOS-BootGate: name={} ok={}", name, ok_str(ok)); } -fn eval_shell_storage() -> bool { +pub fn smoke_shell_storage() -> bool { let storage_smoke_ok = match crate::storage::list_files() { Ok(files) => !files.is_empty(), Err(_) => false, }; let readme_smoke_ok = matches!(crate::storage::read_file("/README.txt"), Ok(Some(_))); - let run_smoke_ok = crate::task::userspace::run_program("echo", &["phase6-smoke"]).is_ok(); + let run_smoke_ok = crate::task::userspace::run_program("echo", &["shell-storage-smoke"]).is_ok(); crate::storage::is_mounted() && storage_smoke_ok && readme_smoke_ok && run_smoke_ok - && crate::storage::phase7_smoke_check() - && crate::storage::phase8_smoke_check() + && crate::storage::smoke_persistence() + && crate::storage::smoke_driver_backend() } -fn eval_loader_security() -> bool { - crate::task::program_loader::phase9_smoke_check() - && crate::security::phase10_smoke_check() - && crate::storage::phase10_smoke_check() - && crate::task::program_loader::phase11_smoke_check() - && crate::task::program_loader::phase12_smoke_check() - && crate::task::program_loader::phase13_smoke_check() +pub fn smoke_loader_security() -> bool { + crate::task::program_loader::smoke_program_discovery() + && crate::security::smoke_access_policy() + && crate::storage::smoke_cred_enforcement() + && crate::task::program_loader::smoke_elf_inventory() + && crate::task::program_loader::smoke_load_plan() + && crate::task::program_loader::smoke_mapping_stub() } -fn eval_memory_layout() -> bool { - crate::frame_ownership::phase14_smoke_check() - && crate::task::program_loader::phase15_smoke_check() - && crate::task::program_loader::phase16_smoke_check() +pub fn smoke_memory_layout() -> bool { + crate::frame_ownership::smoke_frame_registry() + && crate::task::program_loader::smoke_frame_backing() + && crate::task::program_loader::smoke_hw_page_tables() } -fn eval_userspace_bootstrap() -> bool { - crate::task::program_loader::phase17_smoke_check() - && crate::task::program_loader::phase18_smoke_check() - && crate::task::program_loader::phase19_smoke_check() - && crate::task::program_loader::phase20_smoke_check() +pub fn smoke_userspace_bootstrap() -> bool { + crate::task::program_loader::smoke_user_context() + && crate::task::program_loader::smoke_ring3_trampoline() + && crate::task::program_loader::smoke_user_syscall_probe() + && crate::task::program_loader::smoke_minimal_user_elf() } -/// Run phases 6–150 side effects and emit unified subsystem gate lines. +/// Run all boot subsystems and emit unified serial gate lines. pub fn run_boot_gate() { - let _ = exec_phases_6_to_20(); - let shell = eval_shell_storage(); + let shell = smoke_shell_storage(); emit("shell_storage", shell); - let loader = eval_loader_security(); + let loader = smoke_loader_security(); emit("loader_security", loader); - let memory = eval_memory_layout(); + let memory = smoke_memory_layout(); emit("memory_layout", memory); - let userspace = eval_userspace_bootstrap(); + let userspace = smoke_userspace_bootstrap(); emit("userspace_bootstrap", userspace); crate::serial_println!("Boot: hw userspace gates start"); let (hw_paging, sched, dynamic, fd_mmap, vm_fork) = x86_64::instructions::interrupts::without_interrupts(|| { - let hw = exec_phase21_to_30_smokes(); - let s = exec_phase31_to_40_smokes(); - let d = exec_phase41_to_50_smokes(); - let f = exec_phase51_to_60_smokes(); - let v = exec_phase61_to_70_smokes(); + let hw = run_hw_paging_smokes(); + let s = run_sched_userspace_smokes(); + let d = run_dynamic_runtime_smokes(); + let f = run_fd_mmap_smokes(); + let v = run_vm_fork_smokes(); (hw, s, d, f, v) }); emit("hw_paging", hw_paging); @@ -81,41 +80,41 @@ pub fn run_boot_gate() { emit("fd_mmap", fd_mmap); emit("vm_fork", vm_fork); - let syscall_ring3 = exec_phase71_to_80_smokes(); + let syscall_ring3 = run_syscall_ring3_smokes(); emit("syscall_ring3", syscall_ring3); - let path_exec = exec_phase81_to_90_smokes(); + let path_exec = run_path_exec_smokes(); emit("path_exec", path_exec); - let smp_depth = exec_phase91_to_100_smokes(); + let smp_depth = run_smp_depth_smokes(); emit("smp_depth", smp_depth); - let constitutional = exec_phase101_to_110_smokes(); + let constitutional = run_constitutional_smokes(); emit("constitutional", constitutional); - let capabilities = exec_phase111_to_120_smokes(); + let capabilities = run_capabilities_smokes(); emit("capabilities", capabilities); - let service_loader = exec_phase121_smoke(); + let service_loader = run_service_loader_smoke(); emit("service_loader", service_loader); - let platform = exec_phase122_to_130_smokes(); + let platform = run_platform_broker_smokes(); emit("platform_brokers", platform); - let virtio = exec_phase201_virtio_smoke(); + let virtio = run_virtio_blk_smoke(); emit("virtio_blk", virtio); let _ = crate::storage::ensure_filesystem_on_active(); - let build = exec_phase131_to_140_smokes(); + let build = run_build_endpoint_smokes(); emit("build_endpoints", build); - let network = exec_epoch4_network_smokes(); + let network = run_network_compat_smokes(); emit("network_compat", network); - let scheduler = exec_epoch5_scheduler_smokes(); + let scheduler = run_scheduler_epoch_smokes(); emit("scheduler_epoch", scheduler); - let boundary = exec_milestone150(); + let boundary = run_boundary_smoke(); emit("boundary", boundary); let boot_ok = shell @@ -139,118 +138,76 @@ pub fn run_boot_gate() { && network && scheduler && boundary; - crate::serial_println!("AresOS-BootGate: ok={}", ok_str(boot_ok)); -} - -fn exec_phases_6_to_20() -> bool { - let storage_smoke_ok = match crate::storage::list_files() { - Ok(files) => !files.is_empty(), - Err(_) => false, - }; - let readme_smoke_ok = matches!(crate::storage::read_file("/README.txt"), Ok(Some(_))); - let run_smoke_ok = crate::task::userspace::run_program("echo", &["phase6-smoke"]).is_ok(); - let phase7_storage_ok = crate::storage::phase7_smoke_check(); - let phase8_storage_ok = crate::storage::phase8_smoke_check(); - let device_summary = crate::device::summary(); - let (block_devices, driver_backed_blocks, backend) = crate::block::summary(); - let phase9_launch_ok = crate::task::program_loader::phase9_smoke_check(); - let loader_status = crate::task::program_loader::status(); - let credentials = crate::security::current_credentials(); - let policy_ok = crate::security::phase10_smoke_check(); - let denied_ok = crate::storage::phase10_smoke_check(); - let phase11_images_ok = crate::task::program_loader::phase11_smoke_check(); - let image_status = crate::task::program_loader::status(); - let exec_blocked_ok = image_status.unsupported_execution_count > 0; - let phase12_load_plan_ok = crate::task::program_loader::phase12_smoke_check(); - let load_plan_status = crate::task::program_loader::status(); - let phase13_mapping_ok = crate::task::program_loader::phase13_smoke_check(); - let mapping_status = crate::task::program_loader::status(); - let phase14_frames_ok = crate::frame_ownership::phase14_smoke_check(); - let frame_status = crate::frame_ownership::status(); - let phase15_backing_ok = crate::task::program_loader::phase15_smoke_check(); - let backing_status = crate::task::program_loader::status(); - let backing_frames = crate::frame_ownership::status(); - let phase16_tables_ok = crate::task::program_loader::phase16_smoke_check(); - let table_status = crate::task::program_loader::status(); - let phase17_context_ok = crate::task::program_loader::phase17_smoke_check(); - let context_status = crate::task::program_loader::status(); - let user_selectors = crate::gdt::user_selectors(); - let phase18_ring3_ok = crate::task::program_loader::phase18_smoke_check(); - let ring3_status = crate::task::program_loader::status(); - let phase19_syscall_ok = crate::task::program_loader::phase19_smoke_check(); - let user_syscall_status = crate::task::program_loader::status(); - let phase20_user_elf_ok = crate::task::program_loader::phase20_smoke_check(); - let user_elf_status = crate::task::program_loader::status(); - phase20_user_elf_ok + crate::serial_println!("ClanOS-BootGate: ok={}", ok_str(boot_ok)); } #[allow(unused_variables)] -fn exec_phase31_to_40_smokes() -> bool { - let phase31_ok = crate::task::program_loader::phase31_sched_cr3_smoke(); +fn run_sched_userspace_smokes() -> bool { + let smoke_ok = crate::task::program_loader::smoke_sched_cr3_smoke(); let (bound, switches, skips, restore_ok) = crate::user_paging::sched_cr3_status(); - let phase32_ok = crate::task::program_loader::phase32_user_frame_smoke(); + let smoke_ok = crate::task::program_loader::smoke_user_frame_smoke(); let (saves, resumes, preempted) = crate::user_hw_frame::status(); - let phase33_ok = crate::task::program_loader::phase33_multi_elf_smoke(); + let smoke_ok = crate::task::program_loader::smoke_multi_elf_smoke(); - let phase34_ok = crate::task::program_loader::phase34_exit_wait_smoke(); + let smoke_ok = crate::task::program_loader::smoke_exit_wait_smoke(); let (exits, waits, _) = crate::syscall::exit_wait_status(); - let phase35_ok = crate::task::program_loader::phase35_syscall_table_smoke(); + let smoke_ok = crate::task::program_loader::smoke_syscall_table_smoke(); let (allowed, rejected, _) = crate::user_syscall_hw::dispatch_table_status(); - let phase36_ok = crate::task::program_loader::phase36_storage_copyin_smoke(); + let smoke_ok = crate::task::program_loader::smoke_storage_copyin_smoke(); let (reads, rej) = crate::task::program_loader::storage_copyin_status(); - let phase37_ok = crate::task::program_loader::phase37_manifest_elf_smoke(); + let smoke_ok = crate::task::program_loader::smoke_manifest_elf_smoke(); let (disc, exec, rej) = crate::task::program_loader::manifest_elf_status(); - let phase38_ok = crate::task::program_loader::phase38_demand_zero_smoke(); + let smoke_ok = crate::task::program_loader::smoke_demand_zero_smoke(); let (faults, mapped, rejected) = crate::demand_paging::status(); - let phase39_ok = crate::task::program_loader::phase39_dynamic_smoke(); + let smoke_ok = crate::task::program_loader::smoke_dynamic_smoke(); let (needed, linked, reloc_ok) = crate::elf_reloc::dynamic_status(); - let phase33_ok_for40 = phase33_ok; - let phase40_ok = crate::task::program_loader::phase40_integration_smoke(); + let smoke_ok_for40 = smoke_ok; + let smoke_ok = crate::task::program_loader::smoke_sched_userspace_integration(); let (bound2, sw2, _, restore2) = crate::user_paging::sched_cr3_status(); let (reads2, _) = crate::task::program_loader::storage_copyin_status(); let (disc2, _, _) = crate::task::program_loader::manifest_elf_status(); let (_, mapped2, _) = crate::demand_paging::status(); - return phase40_ok && restore2; + return smoke_ok && restore2; } #[allow(unused_variables)] -fn exec_phase41_to_50_smokes() -> bool { - let phase41_ok = crate::task::program_loader::phase41_shared_lib_smoke(); +fn run_dynamic_runtime_smokes() -> bool { + let smoke_ok = crate::task::program_loader::smoke_shared_lib_smoke(); let (loaded, pages, _) = crate::shared_loader::status(); - let phase42_ok = crate::task::program_loader::phase42_dyn_reloc_smoke(); + let smoke_ok = crate::task::program_loader::smoke_dyn_reloc_smoke(); let (imports, applied) = crate::elf_reloc::import_status(); - let phase43_ok = crate::task::program_loader::phase43_trust_exec_smoke(); + let smoke_ok = crate::task::program_loader::smoke_trust_exec_smoke(); let (trust_ok, trust_rej) = crate::task::program_loader::trust_exec_status(); - let phase44_ok = crate::task::program_loader::phase44_user_path_smoke(); + let smoke_ok = crate::task::program_loader::smoke_user_path_smoke(); let (reads, path_rej) = crate::user_path::status(); - let phase45_ok = crate::task::program_loader::phase45_file_fd_smoke(); + let smoke_ok = crate::task::program_loader::smoke_file_fd_smoke(); let (opens, closes, _, _, _) = crate::fd_table::status(); - let phase46_ok = crate::task::program_loader::phase46_fd_io_smoke(); + let smoke_ok = crate::task::program_loader::smoke_fd_io_smoke(); let (_, _, fd_reads, fd_writes, _) = crate::fd_table::status(); - let phase47_ok = crate::task::program_loader::phase47_file_demand_smoke(); + let smoke_ok = crate::task::program_loader::smoke_file_demand_smoke(); let (faults, file_loaded, file_rej) = crate::demand_paging::file_status(); - let phase48_ok = crate::task::program_loader::phase48_wx_policy_smoke(); + let smoke_ok = crate::task::program_loader::smoke_wx_policy_smoke(); let (wx_checked, wx_rejected) = crate::user_paging::wx_status(); - let phase49_ok = crate::task::program_loader::phase49_smp_smoke(); + let smoke_ok = crate::task::program_loader::smoke_smp_smoke(); let (cpus, aps, flush_ok) = crate::smp::status(); - let phase50_ok = crate::task::program_loader::phase50_integration_smoke(); + let smoke_ok = crate::task::program_loader::smoke_dynamic_runtime_integration(); let (loaded2, _, _) = crate::shared_loader::status(); let (_, applied2) = crate::elf_reloc::import_status(); let (t_ok, t_rej) = crate::task::program_loader::trust_exec_status(); @@ -259,282 +216,388 @@ fn exec_phase41_to_50_smokes() -> bool { let (_, f_loaded, _) = crate::demand_paging::file_status(); let (_, wx_rej2) = crate::user_paging::wx_status(); let (cpus2, _, flush2) = crate::smp::status(); - return phase50_ok; + return smoke_ok; } #[allow(unused_variables)] -fn exec_phase51_to_60_smokes() -> bool { - let phase51_ok = crate::task::program_loader::phase51_proc_fd_smoke(); +fn run_fd_mmap_smokes() -> bool { + let smoke_ok = crate::task::program_loader::smoke_proc_fd_smoke(); - let phase52_ok = crate::task::program_loader::phase52_fd_dup_smoke(); + let smoke_ok = crate::task::program_loader::smoke_fd_dup_smoke(); let (dups, relative) = crate::fd_table::dup_status(); - let phase53_ok = crate::task::program_loader::phase53_mprotect_smoke(); + let smoke_ok = crate::task::program_loader::smoke_mprotect_smoke(); let (applied, rejected, guard) = crate::user_paging::mprotect_status(); - let phase54_ok = crate::task::program_loader::phase54_mmap_smoke(); + let smoke_ok = crate::task::program_loader::smoke_mmap_smoke(); let (anon, file, rej) = crate::mmap::status(); - let phase55_ok = crate::task::program_loader::phase55_write_path_smoke(); + let smoke_ok = crate::task::program_loader::smoke_write_path_smoke(); let (writes, verified) = crate::user_path::write_status(); - let phase56_ok = crate::task::program_loader::phase56_multi_shlib_smoke(); + let smoke_ok = crate::task::program_loader::smoke_multi_shlib_smoke(); let (loaded, pages, _) = crate::shared_loader::status(); - let phase57_ok = crate::task::program_loader::phase57_plt_reloc_smoke(); + let smoke_ok = crate::task::program_loader::smoke_plt_reloc_smoke(); let (slots, plt_applied) = crate::elf_reloc::plt_status(); - let phase58_ok = crate::task::program_loader::phase58_digest_trust_smoke(); + let smoke_ok = crate::task::program_loader::smoke_digest_trust_smoke(); let (verified, rejected) = crate::image_digest::status(); - let phase59_ok = crate::task::program_loader::phase59_runqueue_smoke(); + let smoke_ok = crate::task::program_loader::smoke_runqueue_smoke(); let (cpus, enqueued, _) = ( crate::smp::status().0, crate::smp::runqueue_status().0, (), ); - let phase60_ok = crate::task::program_loader::phase60_integration_smoke(); - return phase60_ok; + let smoke_ok = crate::task::program_loader::smoke_fd_mmap_integration(); + return smoke_ok; } #[allow(unused_variables)] -fn exec_phase61_to_70_smokes() -> bool { - let phase61_ok = crate::task::program_loader::phase61_chdir_smoke(); +fn run_vm_fork_smokes() -> bool { + let smoke_ok = crate::task::program_loader::smoke_chdir_smoke(); let (normalized, chdirs) = crate::user_path::chdir_status(); - let phase62_ok = crate::task::program_loader::phase62_munmap_smoke(); + let smoke_ok = crate::task::program_loader::smoke_munmap_smoke(); let (unmapped, munmap_rej) = crate::mmap::munmap_status(); - let phase63_ok = crate::task::program_loader::phase63_vma_smoke(); + let smoke_ok = crate::task::program_loader::smoke_vma_smoke(); let (vma_regions, vma_overlap) = crate::vma::status(); - let phase64_ok = crate::task::program_loader::phase64_forklite_smoke(); + let smoke_ok = crate::task::program_loader::smoke_forklite_smoke(); let (inherited, isolated) = crate::fd_table::fork_lite_status(); - let phase65_ok = crate::task::program_loader::phase65_ring3_syscall_smoke(); + let smoke_ok = crate::task::program_loader::smoke_ring3_syscall_smoke(); let (ring3_write, ring3_mprotect) = crate::user_syscall_hw::ring3_syscall_status(); - let phase66_ok = crate::task::program_loader::phase66_fcntl_smoke(); + let smoke_ok = crate::task::program_loader::smoke_fcntl_smoke(); let (fcntl_getfd, fcntl_dup, fcntl_rej) = crate::fd_table::fcntl_status(); - let phase67_ok = crate::task::program_loader::phase67_lazy_plt_smoke(); + let smoke_ok = crate::task::program_loader::smoke_lazy_plt_smoke(); let (plt_lazy, plt_bound) = crate::elf_reloc::lazy_plt_status(); - let phase68_ok = crate::task::program_loader::phase68_tlb_shootdown_smoke(); + let smoke_ok = crate::task::program_loader::smoke_tlb_shootdown_smoke(); let (cpus, _, _) = crate::smp::status(); let (shootdowns, _) = crate::smp::shootdown_status(); - let phase69_ok = crate::task::program_loader::phase69_ap_idle_smoke(); + let smoke_ok = crate::task::program_loader::smoke_ap_idle_smoke(); let (aps, idle_ticks) = crate::smp::ap_idle_status(); - let phase70_ok = crate::task::program_loader::phase70_integration_smoke(); - return phase70_ok; + let smoke_ok = crate::task::program_loader::smoke_vm_fork_integration(); + return smoke_ok; } #[allow(unused_variables)] -fn exec_phase71_to_80_smokes() -> bool { - let phase71_ok = crate::task::program_loader::phase71_sysret_smoke(); +fn run_syscall_ring3_smokes() -> bool { + let smoke_ok = crate::task::program_loader::smoke_sysret_smoke(); let (probes, sysret_ok) = crate::user_syscall_hw::sysret_status(); - let phase72_ok = crate::task::program_loader::phase72_ring3_chdir_smoke(); + let smoke_ok = crate::task::program_loader::smoke_ring3_chdir_smoke(); let ring3_chdirs = crate::user_path::ring3_chdir_status(); - let phase73_ok = crate::task::program_loader::phase73_munmap_len_smoke(); + let smoke_ok = crate::task::program_loader::smoke_munmap_len_smoke(); let (unmapped_pages, partial_regions) = crate::mmap::munmap_len_status(); - let phase74_ok = crate::task::program_loader::phase74_waitlite_smoke(); + let smoke_ok = crate::task::program_loader::smoke_waitlite_smoke(); let (waited, wait_rejected) = crate::task::process::wait_lite_status(); - let phase75_ok = crate::task::program_loader::phase75_syscallprobe_smoke(); + let smoke_ok = crate::task::program_loader::smoke_syscallprobe_smoke(); let (ring3_write, ring3_mprotect) = crate::user_syscall_hw::ring3_syscall_status(); - let phase76_ok = crate::task::program_loader::phase76_fcntl_setfd_smoke(); + let smoke_ok = crate::task::program_loader::smoke_fcntl_setfd_smoke(); let (setfd, getfd, fcntl_rej) = crate::fd_table::fcntl_setfd_status(); - let phase77_ok = crate::task::program_loader::phase77_ring3_lazy_plt_smoke(); + let smoke_ok = crate::task::program_loader::smoke_ring3_lazy_plt_smoke(); let (plt_lazy, plt_bound) = crate::elf_reloc::lazy_plt_status(); let ring3_plt = crate::elf_reloc::ring3_plt_status(); - let phase78_ok = crate::task::program_loader::phase78_ipi_tlb_smoke(); + let smoke_ok = crate::task::program_loader::smoke_ipi_tlb_smoke(); let (cpus, _, _) = crate::smp::status(); let (ipis, _) = crate::smp::ipi_status(); - let phase79_ok = crate::task::program_loader::phase79_ap_trampoline_smoke(); + let smoke_ok = crate::task::program_loader::smoke_ap_trampoline_smoke(); let (aps, idle_ticks) = crate::smp::ap_idle_status(); - let phase80_ok = crate::task::program_loader::phase80_integration_smoke(); - return phase80_ok; + let smoke_ok = crate::task::program_loader::smoke_syscall_ring3_integration(); + return smoke_ok; } #[allow(unused_variables)] -fn exec_phase81_to_90_smokes() -> bool { - let phase81_ok = crate::task::program_loader::phase81_hw_sysret_smoke(); +fn run_path_exec_smokes() -> bool { + let smoke_ok = crate::task::program_loader::smoke_hw_sysret_smoke(); let (_, sysret_real) = crate::user_syscall_hw::hw_sysret_real_status(); - let phase82_ok = crate::task::program_loader::phase82_getcwd_smoke(); + let smoke_ok = crate::task::program_loader::smoke_getcwd_smoke(); let getcwd_reads = crate::user_path::getcwd_status(); - let phase83_ok = crate::task::program_loader::phase83_chdirprobe_smoke(); + let smoke_ok = crate::task::program_loader::smoke_chdirprobe_smoke(); - let phase84_ok = crate::task::program_loader::phase84_vma_split_smoke(); + let smoke_ok = crate::task::program_loader::smoke_vma_split_smoke(); let (splits, _) = crate::vma::split_status(); let (unmapped, _) = crate::mmap::munmap_len_status(); - let phase85_ok = crate::task::program_loader::phase85_fork_dup_smoke(); + let smoke_ok = crate::task::program_loader::smoke_fork_dup_smoke(); let (children, duplicated) = crate::task::process::fork_dup_status(); - let phase86_ok = crate::task::program_loader::phase86_exec_lite_smoke(); + let smoke_ok = crate::task::program_loader::smoke_exec_lite_smoke(); let (execs, cloexec_closed) = crate::task::process::exec_lite_status(); - let phase87_ok = crate::task::program_loader::phase87_pipe_lite_smoke(); + let smoke_ok = crate::task::program_loader::smoke_pipe_lite_smoke(); let (pipes, bytes) = crate::pipe::status(); - let phase88_ok = crate::task::program_loader::phase88_ring3_plt_fault_smoke(); + let smoke_ok = crate::task::program_loader::smoke_ring3_plt_fault_smoke(); let (faults, bound) = crate::elf_reloc::ring3_plt_fault_status(); - let phase89_ok = crate::task::program_loader::phase89_ipi_send_smoke(); + let smoke_ok = crate::task::program_loader::smoke_ipi_send_smoke(); let (sent, acked) = crate::smp::ipi_send_status(); - let phase90_ok = crate::task::program_loader::phase90_integration_smoke(); - return phase90_ok; + let smoke_ok = crate::task::program_loader::smoke_path_exec_integration(); + return smoke_ok; } #[allow(unused_variables)] -fn exec_phase91_to_100_smokes() -> bool { - let phase91_ok = crate::task::program_loader::phase91_fork_cow_smoke(); +fn run_smp_depth_smokes() -> bool { + let smoke_ok = crate::task::program_loader::smoke_fork_cow_smoke(); let (cow_breaks, cow_isolated) = crate::user_paging::fork_cow_status(); - let phase92_ok = crate::task::program_loader::phase92_poll_lite_smoke(); + let smoke_ok = crate::task::program_loader::smoke_poll_lite_smoke(); let (polls, poll_ready) = crate::pipe::poll_status(); - let phase93_ok = crate::task::program_loader::phase93_mmap_gap_smoke(); + let smoke_ok = crate::task::program_loader::smoke_mmap_gap_smoke(); let gaps = crate::vma::mmap_gap_status(); - let phase94_ok = crate::task::program_loader::phase94_exec_argv_smoke(); + let smoke_ok = crate::task::program_loader::smoke_exec_argv_smoke(); let argv_ok = crate::task::process::exec_argv_status(); - let phase95_ok = crate::task::program_loader::phase95_pipe_probe_smoke(); + let smoke_ok = crate::task::program_loader::smoke_pipe_probe_smoke(); let (hw_pipes, bytes) = crate::pipe::pipeprobe_status(); - let phase96_ok = crate::task::program_loader::phase96_vma_coalesce_smoke(); + let smoke_ok = crate::task::program_loader::smoke_vma_coalesce_smoke(); let (coalesced, _) = crate::vma::coalesce_status(); - let phase97_ok = crate::task::program_loader::phase97_work_steal_smoke(); + let smoke_ok = crate::task::program_loader::smoke_work_steal_smoke(); let steals = crate::smp::work_steal_status(); - let phase98_ok = crate::task::program_loader::phase98_ap_runnable_smoke(); + let smoke_ok = crate::task::program_loader::smoke_ap_runnable_smoke(); let ap_run = crate::smp::ap_runnable_status(); - let phase99_ok = crate::task::program_loader::phase99_lapic_icr_smoke(); + let smoke_ok = crate::task::program_loader::smoke_lapic_icr_smoke(); let (icr_writes, icr_sent) = crate::smp::lapic_icr_status(); - let phase100_ok = crate::task::program_loader::phase100_integration_smoke(); - return phase100_ok; + let smoke_ok = crate::task::program_loader::smoke_smp_depth_integration(); + return smoke_ok; } #[allow(unused_variables)] -fn exec_phase101_to_110_smokes() -> bool { - let phase110_ok = crate::governance::phase110_constitutional_smoke(); +fn run_constitutional_smokes() -> bool { + let smoke_ok = crate::governance::smoke_constitutional(); let (abi_v1, semantics_v1, immutable_identity, _) = crate::governance::status(); - let gates = phase110_ok; - return phase110_ok; + let gates = smoke_ok; + return smoke_ok; } #[allow(unused_variables)] -fn exec_phase111_to_120_smokes() -> bool { - let phase120_ok = crate::governance::phase120_cap_compat_smoke(); - let (cap_table, rights, grant, broker, compat) = crate::governance::phase120_status(); - return phase120_ok; +fn run_capabilities_smokes() -> bool { + let smoke_ok = crate::governance::smoke_cap_compat(); + let (cap_table, rights, grant, broker, compat) = crate::governance::cap_compat_status(); + return smoke_ok; } #[allow(unused_variables)] -fn exec_phase201_virtio_smoke() -> bool { - let ok = crate::governance::phase201_virtio_blk_smoke(); +fn run_virtio_blk_smoke() -> bool { + let ok = crate::governance::smoke_virtio_blk(); let (pci, probes, driver_backed) = crate::virtio_blk::status(); return ok; } #[allow(unused_variables)] -fn exec_phase131_to_140_smokes() -> bool { - let p131 = crate::governance::phase131_build_integrity_smoke(); - let p132 = crate::governance::phase132_repro_smoke(); - let p133 = crate::governance::phase133_rollback_smoke(); - let p134 = crate::governance::phase134_endpoint_smoke(); - let bridge = crate::ipc_interim_bridge::ipc_bridge_compat_internal_count(); - let p135 = crate::governance::phase135_audit_wire_smoke(); - let p136 = crate::governance::phase136_wait_set_smoke(); - let p137 = crate::governance::phase137_error_taxonomy_smoke(); - let p138 = crate::governance::phase138_schema_smoke(); - let p140 = crate::governance::phase140_ipc_integration_smoke(); - return p140; +fn run_build_endpoint_smokes() -> bool { + let _ = ( + crate::governance::smoke_build_integrity(), + crate::governance::smoke_repro_build(), + crate::governance::smoke_rollback(), + crate::governance::smoke_ipc_endpoint(), + crate::governance::smoke_audit_wire(), + crate::governance::smoke_wait_set(), + crate::governance::smoke_error_taxonomy(), + crate::governance::smoke_schema(), + ); + crate::governance::smoke_ipc_integration() } #[allow(unused_variables)] -fn exec_epoch4_network_smokes() -> bool { - let ok = crate::governance::phase404_network_epoch_smoke(); +fn run_network_compat_smokes() -> bool { + let ok = crate::governance::smoke_network_epoch(); let (tcp, udp, sel) = crate::compat_socket::compat_socket_calls(); return ok; } #[allow(unused_variables)] -fn exec_epoch5_scheduler_smokes() -> bool { - let ok = crate::governance::phase149_epoch5_integration_smoke(); +fn run_scheduler_epoch_smokes() -> bool { + let ok = crate::governance::smoke_scheduler_epoch_integration(); return ok; } #[allow(unused_variables)] -fn exec_milestone150() -> bool { - let ok = crate::governance::phase150_milestone_smoke(); +fn run_boundary_smoke() -> bool { + let ok = crate::governance::smoke_milestone_boundary(); return ok; } #[allow(unused_variables)] -fn exec_phase122_to_130_smokes() -> bool { - let p122 = crate::governance::phase122_storage_broker_smoke(); - let p123 = crate::governance::phase123_permission_broker_smoke(); - let p124 = crate::governance::phase124_device_broker_smoke(); - let p125 = crate::governance::phase125_network_broker_smoke(); - let p126 = crate::governance::phase126_clipboard_broker_smoke(); - let p127 = crate::governance::phase127_service_isolation_smoke(); - let p128 = crate::governance::phase128_native_manifest_smoke(); - let p129 = crate::governance::phase129_scoped_grants_smoke(); - let p130 = crate::governance::phase130_platform_integration_smoke(); - let bridge = crate::ipc_interim_bridge::ipc_bridge_compat_internal_count(); - return p130; +fn run_platform_broker_smokes() -> bool { + let _ = ( + crate::governance::smoke_storage_broker(), + crate::governance::smoke_permission_broker(), + crate::governance::smoke_device_broker(), + crate::governance::smoke_network_broker(), + crate::governance::smoke_clipboard_broker(), + crate::governance::smoke_service_isolation(), + crate::governance::smoke_native_manifest(), + crate::governance::smoke_scoped_grants(), + ); + crate::governance::smoke_platform_integration() } #[allow(unused_variables)] -fn exec_phase121_smoke() -> bool { - let phase121_ok = crate::governance::phase121_service_loader_smoke(); - let (bootstrap, stubs, budget, _) = crate::governance::phase121_status(); +fn run_service_loader_smoke() -> bool { + let smoke_ok = crate::governance::smoke_service_loader_init(); + let (bootstrap, stubs, budget, _) = crate::governance::service_loader_status(); let (mem_total, mem_used, mem_free) = crate::service_loader::mem_budget_status(); - return phase121_ok; + return smoke_ok; } #[allow(unused_variables)] -fn exec_phase21_to_30_smokes() -> bool { - let phase21_ok = crate::task::program_loader::phase21_smoke_check(); +fn run_hw_paging_smokes() -> bool { + let smoke_ok = crate::task::program_loader::smoke_hw_page_table_build(); let (hw_built, hw_verified, hw_rejected, _, _, _, _) = crate::user_paging::status(); - let phase22_ok = crate::task::program_loader::phase22_smoke_check(); + let smoke_ok = crate::task::program_loader::smoke_cr3_activate(); let (cr3_act, cr3_restore, _, _, _, _, _) = crate::user_paging::status(); - let phase23_ok = crate::task::program_loader::phase23_smoke_check(); + let smoke_ok = crate::task::program_loader::smoke_iretq_entry(); let (iretq_entries, iretq_trapped, _, _) = crate::user_entry::status(); - let phase24_ok = crate::task::program_loader::phase24_smoke_check(); + let smoke_ok = crate::task::program_loader::smoke_ring3_trap(); let (trap_count, trap_returns, _, _) = crate::user_entry::status(); crate::user_syscall_hw::init_syscall_msrs(); - let phase25_ok = crate::task::program_loader::phase25_smoke_check(); + let smoke_ok = crate::task::program_loader::smoke_hw_syscall_msr(); let (hw_syscalls, hw_sysrets) = crate::user_syscall_hw::status(); - let phase26_ok = crate::task::program_loader::phase26_smoke_check(); + let smoke_ok = crate::task::program_loader::smoke_user_copy(); let (copy_ok_count, copy_rejected) = crate::user_copy::status(); - let phase27_ok = crate::task::program_loader::phase27_smoke_check(); + let smoke_ok = crate::task::program_loader::smoke_elf_reloc_apply(); let (reloc_applied, reloc_rejected) = crate::elf_reloc::status(); - let phase28_ok = crate::task::program_loader::phase28_smoke_check(); + let smoke_ok = crate::task::program_loader::smoke_hw_elf_exec(); let hw_elf_status = crate::task::program_loader::status(); - let phase29_ok = crate::task::program_loader::phase29_smoke_check(); - let phase30_ok = crate::task::program_loader::phase30_cr3_switch_smoke(); + let smoke_ok = crate::task::program_loader::smoke_hw_elf_isolation(); + let smoke_ok = crate::task::program_loader::smoke_cr3_switch(); let (_, _, _, _, _, cr3_switches, isolated) = crate::user_paging::status(); crate::task::program_loader::set_hw_user_elf_ready(); - return phase30_ok; + return smoke_ok; +} + +/// Boot subsystem smokes (QEMU integration harness); names match `VALIDATION_GATES.md`. +pub fn smoke_hw_paging() -> bool { + run_hw_paging_smokes() +} + +pub fn smoke_sched_userspace() -> bool { + run_sched_userspace_smokes() +} + +pub fn smoke_dynamic_runtime() -> bool { + run_dynamic_runtime_smokes() +} + +pub fn smoke_fd_mmap() -> bool { + run_fd_mmap_smokes() +} + +pub fn smoke_vm_fork() -> bool { + run_vm_fork_smokes() +} + +pub fn smoke_syscall_ring3() -> bool { + run_syscall_ring3_smokes() +} + +pub fn smoke_path_exec() -> bool { + run_path_exec_smokes() +} + +pub fn smoke_smp_depth() -> bool { + run_smp_depth_smokes() +} + +pub fn smoke_constitutional() -> bool { + run_constitutional_smokes() +} + +pub fn smoke_capabilities() -> bool { + run_capabilities_smokes() +} + +pub fn smoke_service_loader() -> bool { + run_service_loader_smoke() +} + +pub fn smoke_platform_brokers() -> bool { + run_platform_broker_smokes() +} + +pub fn smoke_virtio_blk() -> bool { + run_virtio_blk_smoke() +} + +pub fn smoke_build_endpoints() -> bool { + run_build_endpoint_smokes() +} + +pub fn smoke_network_compat() -> bool { + run_network_compat_smokes() +} + +pub fn smoke_scheduler_epoch() -> bool { + run_scheduler_epoch_smokes() +} + +pub fn smoke_boundary() -> bool { + run_boundary_smoke() +} + +/// Composite boot gate (no serial emission). +pub fn boot_gate() -> bool { + let early = smoke_shell_storage() + && smoke_loader_security() + && smoke_memory_layout() + && smoke_userspace_bootstrap(); + let (hw_paging, sched, dynamic, fd_mmap, vm_fork) = + x86_64::instructions::interrupts::without_interrupts(|| { + ( + smoke_hw_paging(), + smoke_sched_userspace(), + smoke_dynamic_runtime(), + smoke_fd_mmap(), + smoke_vm_fork(), + ) + }); + let _ = crate::storage::ensure_filesystem_on_active(); + early + && hw_paging + && sched + && dynamic + && fd_mmap + && vm_fork + && smoke_syscall_ring3() + && smoke_path_exec() + && smoke_smp_depth() + && smoke_constitutional() + && smoke_capabilities() + && smoke_service_loader() + && smoke_platform_brokers() + && smoke_virtio_blk() + && smoke_build_endpoints() + && smoke_network_compat() + && smoke_scheduler_epoch() + && smoke_boundary() } diff --git a/kernel/src/buddy.rs b/kernel/src/buddy.rs new file mode 100644 index 0000000..a39d1ba --- /dev/null +++ b/kernel/src/buddy.rs @@ -0,0 +1,117 @@ +//! Buddy physical frame allocator (order-0 / 4 KiB pages). +//! +//! Populated at boot from the bootloader memory map; coalesces buddies on free. + +use alloc::vec::Vec; +use core::sync::atomic::{AtomicU64, Ordering}; +use lazy_static::lazy_static; +use spin::Mutex; +use x86_64::structures::paging::{FrameAllocator, PhysFrame, Size4KiB}; +use x86_64::PhysAddr; + +static ALLOCATED: AtomicU64 = AtomicU64::new(0); +static FREED: AtomicU64 = AtomicU64::new(0); +static MERGES: AtomicU64 = AtomicU64::new(0); + +lazy_static! { + static ref BUDDY: Mutex<BuddyAllocator> = Mutex::new(BuddyAllocator::empty()); +} + +pub fn status() -> (u64, u64, u64, usize) { + let buddy = BUDDY.lock(); + ( + ALLOCATED.load(Ordering::Relaxed), + FREED.load(Ordering::Relaxed), + MERGES.load(Ordering::Relaxed), + buddy.free_count(), + ) +} + +pub fn init_from_memory_map( + memory_map: &'static bootloader::bootinfo::MemoryMap, + skip_frames: usize, +) { + use bootloader::bootinfo::MemoryRegionType; + + let mut frames = Vec::new(); + for region in memory_map.iter() { + if region.region_type != MemoryRegionType::Usable { + continue; + } + let mut addr = region.range.start_addr(); + while addr < region.range.end_addr() { + frames.push(PhysFrame::containing_address(PhysAddr::new(addr))); + addr += 4096; + } + } + for frame in frames.into_iter().skip(skip_frames) { + BUDDY.lock().free_frame(frame); + } +} + +pub struct BuddyFrameAllocator; + +unsafe impl FrameAllocator<Size4KiB> for BuddyFrameAllocator { + fn allocate_frame(&mut self) -> Option<PhysFrame<Size4KiB>> { + let frame = BUDDY.lock().allocate_frame()?; + ALLOCATED.fetch_add(1, Ordering::Relaxed); + Some(frame) + } +} + +impl BuddyFrameAllocator { + pub fn deallocate_frame(&mut self, frame: PhysFrame<Size4KiB>) { + BUDDY.lock().free_frame(frame); + FREED.fetch_add(1, Ordering::Relaxed); + } +} + +struct BuddyAllocator { + free: Vec<u64>, +} + +impl BuddyAllocator { + const fn empty() -> Self { + Self { free: Vec::new() } + } + + fn free_count(&self) -> usize { + self.free.len() + } + + fn allocate_frame(&mut self) -> Option<PhysFrame<Size4KiB>> { + let addr = self.free.pop()?; + Some(PhysFrame::containing_address(PhysAddr::new(addr))) + } + + fn free_frame(&mut self, frame: PhysFrame<Size4KiB>) { + let addr = frame.start_address().as_u64(); + if self.try_merge(addr) { + MERGES.fetch_add(1, Ordering::Relaxed); + } else { + self.free.push(addr); + } + } + + fn try_merge(&mut self, addr: u64) -> bool { + let buddy = addr ^ 4096; + if let Some(index) = self.free.iter().position(|&candidate| candidate == buddy) { + self.free.remove(index); + self.free.push(addr.min(buddy)); + true + } else { + false + } + } +} + +pub fn smoke_buddy_allocator() -> bool { + let before = status(); + let mut allocator = BuddyFrameAllocator; + let Some(frame) = allocator.allocate_frame() else { + return before.3 > 0; + }; + allocator.deallocate_frame(frame); + let after = status(); + after.0 > before.0 && after.1 > before.1 +} diff --git a/kernel/src/build_integrity.rs b/kernel/src/build_integrity.rs index 1f44c7b..5a33511 100644 --- a/kernel/src/build_integrity.rs +++ b/kernel/src/build_integrity.rs @@ -1,4 +1,4 @@ -//! Build integrity — phases 131–133 (BUILD_INTEGRITY.md). +//! Build integrity — scopes 131–133 (BUILD_INTEGRITY.md). use core::sync::atomic::{AtomicBool, AtomicU64, Ordering}; @@ -23,7 +23,7 @@ pub fn repro_match_count() -> u64 { REPRO_MATCHES.load(Ordering::Relaxed) } -/// Phase 131: signed system image identity (digest stub). +/// : signed system image identity (digest stub). pub fn verify_boot_image() -> bool { let digest = image_digest::sha256_hex(KERNEL_IMAGE_TAG); let manifest = alloc::format!("digest=sha256:{digest}\n"); @@ -36,7 +36,7 @@ pub fn verify_boot_image() -> bool { ok } -/// Phase 132: dual-build reproducibility stub — same source → same digest twice. +/// : dual-build reproducibility stub — same source → same digest twice. pub fn verify_reproducible_build() -> bool { let a = image_digest::sha256_hex(KERNEL_IMAGE_TAG); let b = image_digest::sha256_hex(KERNEL_IMAGE_TAG); @@ -47,25 +47,25 @@ pub fn verify_reproducible_build() -> bool { ok } -/// Phase 133: rollback smoke — prior epoch digest still verifiable. +/// : rollback smoke — prior epoch digest still verifiable. pub fn verify_rollback_anchor() -> bool { let anchor = image_digest::sha256_hex(b"aresos-epoch-2-anchor"); image_digest::verify_digest_hex(b"aresos-epoch-2-anchor", &anchor) } -pub fn phase131_image_identity_smoke() -> bool { +pub fn smoke_image_identity() -> bool { verify_boot_image() && boot_verified() && system_image_epoch() >= 2 } -pub fn phase132_repro_build_smoke() -> bool { +pub fn smoke_repro_build_host() -> bool { verify_reproducible_build() && repro_match_count() > 0 } -pub fn phase133_rollback_smoke() -> bool { +pub fn smoke_rollback() -> bool { verify_rollback_anchor() } -/// Phase 430 — signed user ELF manifest corpus (BUILD_INTEGRITY production path). +/// signed user ELF manifest corpus (BUILD_INTEGRITY production path). pub fn verify_signed_user_elf_corpus() -> bool { let corpus = b"ares-rt demo:hello"; let digest = image_digest::sha256_hex(corpus); @@ -78,6 +78,6 @@ pub fn verify_signed_user_elf_corpus() -> bool { ok } -pub fn phase430_signed_user_elf_smoke() -> bool { +pub fn smoke_signed_user_elf() -> bool { verify_signed_user_elf_corpus() && SIGNED_USER_ELF_VERIFIED.load(Ordering::Relaxed) > 0 } diff --git a/kernel/src/clipboard_broker.rs b/kernel/src/clipboard_broker.rs index 7813bd5..48829e7 100644 --- a/kernel/src/clipboard_broker.rs +++ b/kernel/src/clipboard_broker.rs @@ -1,4 +1,4 @@ -//! Clipboard broker stub (phase 126). +//! Clipboard broker stub (scope 126). use crate::kernel_object::CapError; use crate::task::process::ProcessId; @@ -14,7 +14,7 @@ pub fn request_clipboard_cap(_pid: ProcessId) -> Result<u32, CapError> { Err(CapError::NotFound) } -pub fn phase126_clipboard_broker_smoke() -> bool { +pub fn smoke_clipboard_broker() -> bool { let Some(pid) = crate::kernel_object::ensure_smoke_process() else { return false; }; diff --git a/kernel/src/compat_socket.rs b/kernel/src/compat_socket.rs index 80c4fa7..eb77062 100644 --- a/kernel/src/compat_socket.rs +++ b/kernel/src/compat_socket.rs @@ -31,7 +31,7 @@ pub fn compat_socket_calls() -> (u64, u64, u64) { ) } -pub fn phase402_compat_socket_smoke() -> bool { +pub fn smoke_compat_socket() -> bool { let tcp = tcp_connect_stub("127.0.0.1", 80).is_ok(); let udp = udp_send_stub(53, b"ping").is_ok(); let sel = select_multi_fd_stub(&[1, 2]) > 0; diff --git a/kernel/src/compositor.rs b/kernel/src/compositor.rs index 99aac37..7e9ab13 100644 --- a/kernel/src/compositor.rs +++ b/kernel/src/compositor.rs @@ -1,5 +1,5 @@ -//! Compositor IPC stub (phase 145) — ABI_COMPOSITOR_IPC minimum contract. -//! Phase 351: pixel frame submission via VGA mode 13h framebuffer. +//! Compositor IPC stub (scope 145) — ABI_COMPOSITOR_IPC minimum contract. +//! : pixel frame submission via VGA mode 13h framebuffer. use core::sync::atomic::{AtomicU64, Ordering}; @@ -31,7 +31,7 @@ pub fn pixel_frame_count() -> u64 { PIXEL_FRAMES.load(Ordering::Relaxed) } -pub fn phase145_compositor_smoke() -> bool { +pub fn smoke_compositor() -> bool { let ok_known = submit_frame(CompositorCaps { a11y_version: 1, flags: 0x01, @@ -47,6 +47,6 @@ pub fn phase145_compositor_smoke() -> bool { && crate::framebuffer::mode_active() } -pub fn phase351_compositor_desktop_smoke() -> bool { - phase145_compositor_smoke() && crate::framebuffer::mode_active() +pub fn smoke_compositor_desktop() -> bool { + smoke_compositor() && crate::framebuffer::mode_active() } diff --git a/kernel/src/cow_fork.rs b/kernel/src/cow_fork.rs new file mode 100644 index 0000000..8c3f2a5 --- /dev/null +++ b/kernel/src/cow_fork.rs @@ -0,0 +1,125 @@ +//! Copy-on-write fork: shared read-only mappings broken on write `#PF`. + +use alloc::collections::BTreeMap; +use core::sync::atomic::{AtomicU64, Ordering}; +use lazy_static::lazy_static; +use spin::Mutex; + +static COW_PF_BREAKS: AtomicU64 = AtomicU64::new(0); + +lazy_static! { + static ref COW_FRAME_REFS: Mutex<BTreeMap<u64, u32>> = Mutex::new(BTreeMap::new()); +} + +pub fn pf_break_status() -> u64 { + COW_PF_BREAKS.load(Ordering::Relaxed) +} + +pub fn is_page_cow_shared(cr3: u64, virtual_address: u64) -> bool { + let page_base = virtual_address & !0xfff; + let Some(phys) = crate::user_paging::translate_hw_page(cr3, page_base) else { + return false; + }; + COW_FRAME_REFS + .lock() + .get(&(phys & !0xfff)) + .copied() + .unwrap_or(0) + > 0 +} + +/// After `fork_duplicate_cr3`, mark duplicated writable user pages shared + read-only. +pub fn share_after_fork(parent_cr3: u64, child_cr3: u64, start: u64, end: u64) { + let mut addr = start; + while addr < end { + if crate::user_paging::page_is_writable(parent_cr3, addr) { + if let Some(phys) = crate::user_paging::translate_hw_page(parent_cr3, addr) { + let phys_base = phys & !0xfff; + let mut refs = COW_FRAME_REFS.lock(); + *refs.entry(phys_base).or_insert(0) += 2; + drop(refs); + let _ = crate::user_paging::mprotect_page(parent_cr3, addr, false); + let _ = crate::user_paging::mprotect_page(child_cr3, addr, false); + } + } + addr = addr.saturating_add(0x1000); + } +} + +fn note_privatized(old_phys: u64) { + let mut refs = COW_FRAME_REFS.lock(); + if let Some(count) = refs.get_mut(&(old_phys & !0xfff)) { + *count = count.saturating_sub(1); + if *count == 0 { + refs.remove(&(old_phys & !0xfff)); + } + } +} + +/// Handle user write fault on a CoW-shared page (returns true when resolved). +pub fn try_break_on_write(cr3: u64, fault_addr: u64) -> bool { + let page_base = fault_addr & !0xfff; + let Some(phys) = crate::user_paging::translate_hw_page(cr3, page_base) else { + return false; + }; + let phys_base = phys & !0xfff; + if COW_FRAME_REFS.lock().get(&phys_base).copied().unwrap_or(0) == 0 { + return false; + } + if crate::user_paging::privatize_cow_page(cr3, page_base).is_err() { + return false; + } + note_privatized(phys_base); + COW_PF_BREAKS.fetch_add(1, Ordering::Relaxed); + crate::user_paging::record_fork_cow_break(); + true +} + +/// Fork-lite smoke: PF-driven CoW break isolates parent/child anonymous pages. +pub fn smoke_cow_fork() -> bool { + let _ = crate::task::process::reap_terminated_processes(); + let tick = crate::performance::metrics::TICK_COUNTER.load(Ordering::Relaxed); + let creds = crate::security::Credentials::shell_user(); + let Some(parent) = + crate::task::process::create_kernel_process_as("cow-fork-parent", tick, creds) + else { + return false; + }; + let Some(built) = + crate::task::program_loader::build_hw_page_table_program(creds, "hello").ok() + else { + return false; + }; + let parent_cr3 = built.hw.cr3_phys; + if !crate::task::process::set_process_cr3(parent, parent_cr3) { + return false; + } + let Some(child) = crate::task::process::fork_lite(parent, tick.saturating_add(1)) else { + return false; + }; + let Some(child_cr3) = + crate::task::process::with_process_mut(child, |p| p.cr3_phys()).flatten() + else { + return false; + }; + let anon_va = crate::user_context::DEFAULT_USER_STACK_TOP.saturating_sub(0x1000); + if !is_page_cow_shared(parent_cr3, anon_va) { + return false; + } + if !try_break_on_write(child_cr3, anon_va) { + return false; + } + let _ = crate::user_paging::write_user_byte(child_cr3, anon_va, 0xBB); + if !try_break_on_write(parent_cr3, anon_va) { + return false; + } + let _ = crate::user_paging::write_user_byte(parent_cr3, anon_va, 0xAA); + let parent_byte = crate::user_paging::read_user_byte(parent_cr3, anon_va).ok(); + let child_byte = crate::user_paging::read_user_byte(child_cr3, anon_va).ok(); + let isolated = parent_byte == Some(0xAA) && child_byte == Some(0xBB); + if isolated { + crate::user_paging::record_fork_cow_isolated(); + } + let (breaks, isolated_n) = crate::user_paging::fork_cow_status(); + isolated && breaks > 0 && isolated_n > 0 && pf_break_status() >= 2 +} diff --git a/kernel/src/demand_paging.rs b/kernel/src/demand_paging.rs index a53ebf0..9f5d6e1 100644 --- a/kernel/src/demand_paging.rs +++ b/kernel/src/demand_paging.rs @@ -1,4 +1,4 @@ -//! Demand-zero page faults for user stack growth (Phase 38). +//! Demand-zero page faults for user stack growth . use core::sync::atomic::{AtomicU64, Ordering}; use x86_64::structures::idt::{InterruptStackFrame, PageFaultErrorCode}; @@ -128,11 +128,11 @@ pub fn try_map_file_page(cr3_phys: u64, fault_addr: u64) -> bool { handle_file_backed_fault(cr3_phys, fault_addr) } -pub fn phase47_smoke(cr3_phys: u64) -> bool { +pub fn smoke_file_demand_fault(cr3_phys: u64) -> bool { try_map_file_page(cr3_phys, FILE_DEMAND_BASE) } -pub fn phase38_smoke(cr3_phys: u64) -> bool { +pub fn smoke_demand_zero(cr3_phys: u64) -> bool { let before = DEMAND_MAPPED.load(Ordering::Relaxed); if crate::user_paging::map_demand_zero_page(cr3_phys, USER_GROW_BASE).is_ok() { DEMAND_MAPPED.fetch_add(1, Ordering::Relaxed); diff --git a/kernel/src/desktop_shell.rs b/kernel/src/desktop_shell.rs index 62d7c77..9922646 100644 --- a/kernel/src/desktop_shell.rs +++ b/kernel/src/desktop_shell.rs @@ -1,4 +1,4 @@ -//! Desktop shell service (phase 354) — taskbar + launcher strip. +//! Desktop shell service (scope 354) — taskbar + launcher strip. use core::sync::atomic::{AtomicU64, Ordering}; @@ -59,7 +59,7 @@ pub fn frame_count() -> u64 { SHELL_FRAMES.load(Ordering::Relaxed) } -pub fn phase354_shell_smoke() -> bool { +pub fn smoke_desktop_shell() -> bool { bootstrap_windows(); let before = frame_count(); let mut back = [0u8; framebuffer::BUFFER_LEN]; @@ -67,10 +67,10 @@ pub fn phase354_shell_smoke() -> bool { window_manager::window_count() >= 2 && frame_count() > before } -pub fn phase375_desktop_smoke() -> bool { - crate::mouse::phase352_mouse_smoke() - && crate::framebuffer::phase353_double_buffer_smoke() - && phase354_shell_smoke() - && window_manager::phase356_wm_smoke() - && crate::compositor::phase351_compositor_desktop_smoke() +pub fn smoke_desktop_integration() -> bool { + crate::mouse::smoke_mouse() + && crate::framebuffer::smoke_double_buffer() + && smoke_desktop_shell() + && window_manager::smoke_wm_smoke() + && crate::compositor::smoke_compositor_desktop() } diff --git a/kernel/src/device.rs b/kernel/src/device.rs index 910a2fb..61d0df9 100644 --- a/kernel/src/device.rs +++ b/kernel/src/device.rs @@ -1,4 +1,4 @@ -//! Phase 8 device registry and PCI discovery skeleton. +//! device registry and PCI discovery skeleton. use alloc::{string::String, vec::Vec}; use lazy_static::lazy_static; diff --git a/kernel/src/device_broker.rs b/kernel/src/device_broker.rs index cd5f3c1..c38f6ec 100644 --- a/kernel/src/device_broker.rs +++ b/kernel/src/device_broker.rs @@ -1,4 +1,4 @@ -//! Device broker skeleton (phase 124). +//! Device broker skeleton (scope 124). use crate::kernel_object::{self, CapError, ObjectKind, Rights}; use crate::task::process::ProcessId; @@ -17,7 +17,7 @@ pub fn grant_device_cap(pid: ProcessId, device_local_id: u32) -> Result<u32, Cap Ok(slot) } -pub fn phase124_device_broker_smoke() -> bool { +pub fn smoke_device_broker() -> bool { let Some(pid) = crate::kernel_object::ensure_smoke_process() else { return false; }; diff --git a/kernel/src/elf_reloc.rs b/kernel/src/elf_reloc.rs index fb49354..a4f9033 100644 --- a/kernel/src/elf_reloc.rs +++ b/kernel/src/elf_reloc.rs @@ -1,4 +1,4 @@ -//! Static ELF relocations for frame-backed images (Phase 27). +//! Static ELF relocations for frame-backed images . use alloc::vec::Vec; use core::sync::atomic::{AtomicU64, Ordering}; @@ -80,7 +80,7 @@ pub fn try_ring3_plt_fault(fault_addr: u64) -> bool { return false; } RING3_PLT_FAULT.fetch_add(1, Ordering::Relaxed); - phase67_smoke() + smoke_lazy_plt() } pub fn parse_dt_needed(image_bytes: &[u8]) -> Option<&str> { @@ -247,14 +247,14 @@ fn apply_dynamic_imports_inner( Ok(applied) } -pub fn phase77_smoke() -> bool { +pub fn smoke_ring3_lazy_plt() -> bool { RING3_PLT_SMOKE.store(1, Ordering::Relaxed); - let ok = phase67_smoke() && ring3_plt_status() > 0; + let ok = smoke_lazy_plt() && ring3_plt_status() > 0; RING3_PLT_SMOKE.store(0, Ordering::Relaxed); ok } -pub fn phase88_smoke() -> bool { +pub fn smoke_ring3_plt_fault() -> bool { RING3_PLT_SMOKE.store(1, Ordering::Relaxed); let handled = try_ring3_plt_fault(0x400128); RING3_PLT_SMOKE.store(0, Ordering::Relaxed); @@ -262,8 +262,8 @@ pub fn phase88_smoke() -> bool { handled && faults > 0 && bound > 0 } -pub fn phase67_smoke() -> bool { - let sample = crate::storage::phase11_sample_elf_image(); +pub fn smoke_lazy_plt() -> bool { + let sample = crate::storage::sample_elf_fixture_image(); let Some(img) = crate::task::program_loader::back_mapped_program_with_relocs( crate::security::Credentials::shell_user(), "hello", @@ -290,8 +290,8 @@ pub fn phase67_smoke() -> bool { lazy > 0 && lazy_count > 0 && bound > 0 && bound_after > bound_before } -pub fn phase57_smoke() -> bool { - let sample = crate::storage::phase11_sample_elf_image(); +pub fn smoke_plt_reloc() -> bool { + let sample = crate::storage::sample_elf_fixture_image(); let Some(img) = crate::task::program_loader::back_mapped_program_with_relocs( crate::security::Credentials::shell_user(), "hello", diff --git a/kernel/src/embedded_hello_alloc.rs b/kernel/src/embedded_hello_alloc.rs new file mode 100644 index 0000000..9a681fb --- /dev/null +++ b/kernel/src/embedded_hello_alloc.rs @@ -0,0 +1,5 @@ +//! Embedded hello-alloc ring-3 ELF (built by `kernel/build.rs`). + +pub fn elf_bytes() -> &'static [u8] { + include_bytes!(concat!(env!("OUT_DIR"), "/hello_alloc.bin")) +} diff --git a/kernel/src/embedded_mendo.rs b/kernel/src/embedded_mendo.rs new file mode 100644 index 0000000..48f4062 --- /dev/null +++ b/kernel/src/embedded_mendo.rs @@ -0,0 +1,5 @@ +//! Embedded Mendo ring-3 ELF (built by `kernel/build.rs`). + +pub fn elf_bytes() -> &'static [u8] { + include_bytes!(concat!(env!("OUT_DIR"), "/mendo.bin")) +} diff --git a/kernel/src/embedded_ring3_io_demo.rs b/kernel/src/embedded_ring3_io_demo.rs new file mode 100644 index 0000000..4f047a2 --- /dev/null +++ b/kernel/src/embedded_ring3_io_demo.rs @@ -0,0 +1,5 @@ +//! Embedded ring-3 I/O demo ELF (built by `kernel/build.rs`). + +pub fn elf_bytes() -> &'static [u8] { + include_bytes!(concat!(env!("OUT_DIR"), "/ring3_io_demo.bin")) +} diff --git a/kernel/src/embedded_sig_demo.rs b/kernel/src/embedded_sig_demo.rs new file mode 100644 index 0000000..b0eda1a --- /dev/null +++ b/kernel/src/embedded_sig_demo.rs @@ -0,0 +1,5 @@ +//! Embedded sig-demo ring-3 ELF (built by `kernel/build.rs`). + +pub fn elf_bytes() -> &'static [u8] { + include_bytes!(concat!(env!("OUT_DIR"), "/sig_demo.bin")) +} diff --git a/kernel/src/exec_image.rs b/kernel/src/exec_image.rs index 7342476..e5f3c3d 100644 --- a/kernel/src/exec_image.rs +++ b/kernel/src/exec_image.rs @@ -1,4 +1,4 @@ -//! Phase 11 executable image parser and validation model. +//! executable image parser and validation model. use alloc::{ string::{String, ToString}, @@ -271,7 +271,7 @@ mod tests { #[test_case] fn valid_minimal_elf64_image_parses() { - let bytes = crate::storage::phase11_sample_elf_image(); + let bytes = crate::storage::sample_elf_fixture_image(); let image = parse_elf64_image( "hello", "/bin/hello.elf", diff --git a/kernel/src/ext2.rs b/kernel/src/ext2.rs new file mode 100644 index 0000000..ff6b9e9 --- /dev/null +++ b/kernel/src/ext2.rs @@ -0,0 +1,696 @@ +//! ext2 on a secondary memory block device — read, bounded write, create/unlink, multi-block grow. + +use alloc::{vec, vec::Vec}; +use core::sync::atomic::{AtomicU64, Ordering}; + +use crate::block::{self, BlockDeviceId, BlockError}; +use crate::storage::SECTOR_SIZE; + +const BLOCK_SIZE: usize = 1024; +const SECTORS_PER_BLOCK: usize = BLOCK_SIZE / SECTOR_SIZE; +const TOTAL_BLOCKS: usize = 128; +const SUPERBLOCK_BLOCK: usize = 1; +const BG_DESC_BLOCK: usize = 2; +const BLOCK_BITMAP_BLOCK: usize = 3; +const INODE_BITMAP_BLOCK: usize = 4; +const INODE_TABLE_BLOCK: usize = 5; +const ROOT_INO: u32 = 2; +const FILE_INO: u32 = 12; +const ELF_INO: u32 = 13; +const ROOT_DIR_BLOCK: u32 = 10; +const FILE_DATA_BLOCK: u32 = 11; +const ELF_DATA_BLOCK0: u32 = 12; +const ELF_DATA_BLOCKS: usize = 4; + +const MAX_FILE_BLOCKS: usize = 4; + +/// Regular files allowed to be overwritten. +const WRITABLE_FILES: &[&str] = &["smoke.txt", "scratch.txt"]; +/// New regular files that may be created via `create_file`. +const CREATABLE_FILES: &[&str] = &["scratch.txt"]; +/// Files that may be unlinked (seed files are protected). +const UNLINKABLE_FILES: &[&str] = &["scratch.txt"]; + +static EXT2_DEVICE: AtomicU64 = AtomicU64::new(0); +static MOUNTED: AtomicU64 = AtomicU64::new(0); +static EXT2_WRITES: AtomicU64 = AtomicU64::new(0); +static EXT2_CREATES: AtomicU64 = AtomicU64::new(0); +static EXT2_UNLINKS: AtomicU64 = AtomicU64::new(0); +pub fn is_mounted() -> bool { + MOUNTED.load(Ordering::Relaxed) != 0 +} + +pub fn device_id() -> Option<BlockDeviceId> { + let raw = EXT2_DEVICE.load(Ordering::Relaxed); + if raw == 0 { + None + } else { + Some(BlockDeviceId::from_raw(raw)) + } +} + +pub fn init() -> bool { + if is_mounted() { + return true; + } + let id = block::register_memory_fallback(TOTAL_BLOCKS * SECTORS_PER_BLOCK); + EXT2_DEVICE.store(id.as_u64(), Ordering::Relaxed); + if block::with_device(id, format_minimal).is_err() { + return false; + } + MOUNTED.store(1, Ordering::Relaxed); + true +} + +pub fn read_file(path: &str) -> Result<Vec<u8>, ()> { + if !is_mounted() { + return Err(()); + } + let id = device_id().ok_or(())?; + block::with_device(id, || read_file_inner(path)).map_err(|_| ())? +} + +pub fn write_count() -> u64 { + EXT2_WRITES.load(Ordering::Relaxed) +} + +pub fn create_count() -> u64 { + EXT2_CREATES.load(Ordering::Relaxed) +} + +pub fn unlink_count() -> u64 { + EXT2_UNLINKS.load(Ordering::Relaxed) +} + +pub fn write_file(path: &str, data: &[u8]) -> Result<(), ()> { + if !is_mounted() { + return Err(()); + } + if !WRITABLE_FILES.contains(&path.trim_start_matches('/')) { + return Err(()); + } + if data.len() > BLOCK_SIZE * MAX_FILE_BLOCKS { + return Err(()); + } + let id = device_id().ok_or(())?; + let _ = block::with_device(id, || write_file_inner(path, data)).map_err(|_| ())?; + EXT2_WRITES.fetch_add(1, Ordering::Relaxed); + Ok(()) +} + +pub fn create_file(path: &str, data: &[u8]) -> Result<(), ()> { + if !is_mounted() { + return Err(()); + } + let name = path.trim_start_matches('/'); + if !CREATABLE_FILES.contains(&name) { + return Err(()); + } + if data.len() > BLOCK_SIZE * MAX_FILE_BLOCKS { + return Err(()); + } + let id = device_id().ok_or(())?; + match block::with_device(id, || create_file_inner(name, data)) { + Ok(Ok(())) => {} + _ => return Err(()), + } + EXT2_CREATES.fetch_add(1, Ordering::Relaxed); + Ok(()) +} + +pub fn unlink_file(path: &str) -> Result<(), ()> { + if !is_mounted() { + return Err(()); + } + let name = path.trim_start_matches('/'); + if !UNLINKABLE_FILES.contains(&name) { + return Err(()); + } + let id = device_id().ok_or(())?; + match block::with_device(id, || unlink_file_inner(name)) { + Ok(Ok(())) => {} + _ => return Err(()), + } + EXT2_UNLINKS.fetch_add(1, Ordering::Relaxed); + Ok(()) +} + +fn read_file_inner(path: &str) -> Result<Vec<u8>, ()> { + let name = path.trim_start_matches('/'); + if name.is_empty() { + return Err(()); + } + let root = read_inode(ROOT_INO)?; + if root.mode & 0xF000 != 0x4000 { + return Err(()); + } + let dir = read_inode_bytes(&root)?; + let target_ino = find_dir_entry(&dir, name).ok_or(())?; + let file = read_inode(target_ino)?; + if file.mode & 0xF000 != 0x8000 { + return Err(()); + } + read_file_data(&file) +} + +fn write_file_inner(path: &str, data: &[u8]) -> Result<(), ()> { + let name = path.trim_start_matches('/'); + if name.is_empty() { + return Err(()); + } + let target_ino = resolve_regular_file_ino(name)?; + write_file_data(target_ino, data) +} + +fn create_file_inner(name: &str, data: &[u8]) -> Result<(), ()> { + if name.is_empty() || find_dir_entry_in_root(name)?.is_some() { + return Err(()); + } + let ino = alloc_inode()?; + append_dir_entry(ROOT_INO, name, ino)?; + write_file_data(ino, data) +} + +fn unlink_file_inner(name: &str) -> Result<(), ()> { + let ino = remove_dir_entry(name)?; + let file = read_inode(ino)?; + for block_id in file.blocks.iter().copied() { + if block_id != 0 { + free_block(block_id)?; + } + } + free_inode(ino) +} + +fn resolve_regular_file_ino(name: &str) -> Result<u32, ()> { + let ino = find_dir_entry_in_root(name)?.ok_or(())?; + let file = read_inode(ino)?; + if file.mode & 0xF000 != 0x8000 { + return Err(()); + } + Ok(ino) +} + +fn find_dir_entry_in_root(name: &str) -> Result<Option<u32>, ()> { + let root = read_inode(ROOT_INO)?; + if root.mode & 0xF000 != 0x4000 { + return Err(()); + } + let dir = read_inode_bytes(&root)?; + Ok(find_dir_entry(&dir, name)) +} + +fn write_file_data(ino: u32, data: &[u8]) -> Result<(), ()> { + let file = read_inode(ino)?; + if file.mode & 0xF000 != 0x8000 { + return Err(()); + } + let blocks_needed = if data.is_empty() { + 0 + } else { + (data.len() + BLOCK_SIZE - 1) / BLOCK_SIZE + }; + if blocks_needed > MAX_FILE_BLOCKS { + return Err(()); + } + let mut block_ids = file.blocks; + let used = block_ids.iter().take_while(|&&b| b != 0).count(); + for i in used..blocks_needed { + block_ids[i] = alloc_block()?; + } + for i in 0..blocks_needed { + let mut block = [0u8; BLOCK_SIZE]; + let start = i * BLOCK_SIZE; + let end = core::cmp::min(start + BLOCK_SIZE, data.len()); + if start < end { + block[..end - start].copy_from_slice(&data[start..end]); + } + write_block(block_ids[i] as usize, &block).map_err(|_| ())?; + } + for i in blocks_needed..used { + if block_ids[i] != 0 { + free_block(block_ids[i])?; + block_ids[i] = 0; + } + } + write_regular_inode(ino, data.len() as u32, &block_ids) +} + +fn write_regular_inode(ino: u32, size: u32, blocks: &[u32; 12]) -> Result<(), ()> { + if ino == 0 { + return Err(()); + } + let index = (ino - 1) as usize; + let block = INODE_TABLE_BLOCK + (index * 128) / BLOCK_SIZE; + let offset = (index * 128) % BLOCK_SIZE; + let mut data = read_block(block)?; + if offset + 128 > data.len() { + return Err(()); + } + write_u16(&mut data, offset, 0x8000); + write_u32(&mut data, offset + 4, size); + for (idx, block_id) in blocks.iter().enumerate() { + write_u32(&mut data, offset + 40 + idx * 4, *block_id); + } + write_block(block, &data).map_err(|_| ()) +} + +fn append_dir_entry(parent_ino: u32, name: &str, child_ino: u32) -> Result<(), ()> { + let parent = read_inode(parent_ino)?; + if parent.blocks[0] == 0 { + return Err(()); + } + let name_bytes = name.as_bytes(); + if name_bytes.is_empty() || name_bytes.len() > 255 { + return Err(()); + } + let rec_len = ((8 + name_bytes.len() + 3) / 4) * 4; + let mut dir = read_block(parent.blocks[0] as usize)?; + let mut offset = 0usize; + let mut insert_at = 0usize; + while offset + 8 <= dir.len() { + let inode = u32::from_le_bytes([ + dir[offset], + dir[offset + 1], + dir[offset + 2], + dir[offset + 3], + ]); + let entry_len = u16::from_le_bytes([dir[offset + 4], dir[offset + 5]]) as usize; + if entry_len < 8 { + break; + } + if inode == 0 { + break; + } + insert_at = offset + entry_len; + offset = insert_at; + } + if insert_at + rec_len > BLOCK_SIZE { + return Err(()); + } + dir[insert_at..insert_at + 4].copy_from_slice(&child_ino.to_le_bytes()); + dir[insert_at + 4..insert_at + 6].copy_from_slice(&(rec_len as u16).to_le_bytes()); + dir[insert_at + 6] = name_bytes.len() as u8; + dir[insert_at + 7] = 1; + dir[insert_at + 8..insert_at + 8 + name_bytes.len()].copy_from_slice(name_bytes); + write_block(parent.blocks[0] as usize, &dir).map_err(|_| ())?; + patch_inode_size(parent_ino, (insert_at + rec_len) as u32) +} + +fn remove_dir_entry(name: &str) -> Result<u32, ()> { + let root = read_inode(ROOT_INO)?; + if root.blocks[0] == 0 { + return Err(()); + } + let mut dir = read_block(root.blocks[0] as usize)?; + let mut offset = 0usize; + while offset + 8 <= dir.len() { + let inode = u32::from_le_bytes([ + dir[offset], + dir[offset + 1], + dir[offset + 2], + dir[offset + 3], + ]); + let rec_len = u16::from_le_bytes([dir[offset + 4], dir[offset + 5]]) as usize; + if rec_len < 8 { + break; + } + let name_len = dir[offset + 6] as usize; + let start = offset + 8; + let end = start.saturating_add(name_len); + if end <= dir.len() { + if let Ok(entry_name) = core::str::from_utf8(&dir[start..end]) { + if entry_name == name { + if inode == 0 { + return Err(()); + } + dir[offset..offset + 4].copy_from_slice(&0u32.to_le_bytes()); + write_block(root.blocks[0] as usize, &dir).map_err(|_| ())?; + return Ok(inode); + } + } + } + offset = offset.saturating_add(rec_len); + } + Err(()) +} + +fn alloc_block() -> Result<u32, ()> { + let mut bitmap = read_block(BLOCK_BITMAP_BLOCK)?; + for block in 1..TOTAL_BLOCKS { + let byte = block / 8; + let bit = block % 8; + if bitmap[byte] & (1 << bit) == 0 { + bitmap[byte] |= 1 << bit; + write_block(BLOCK_BITMAP_BLOCK, &bitmap).map_err(|_| ())?; + return Ok(block as u32); + } + } + Err(()) +} + +fn free_block(block: u32) -> Result<(), ()> { + if block == 0 { + return Err(()); + } + let block = block as usize; + if block >= TOTAL_BLOCKS { + return Err(()); + } + let mut bitmap = read_block(BLOCK_BITMAP_BLOCK)?; + let byte = block / 8; + let bit = block % 8; + bitmap[byte] &= !(1 << bit); + write_block(BLOCK_BITMAP_BLOCK, &bitmap).map_err(|_| ()) +} + +fn alloc_inode() -> Result<u32, ()> { + let mut bitmap = read_block(INODE_BITMAP_BLOCK)?; + for ino in 1..=128u32 { + let idx = (ino - 1) as usize; + let byte = idx / 8; + let bit = idx % 8; + if bitmap[byte] & (1 << bit) == 0 { + bitmap[byte] |= 1 << bit; + write_block(INODE_BITMAP_BLOCK, &bitmap).map_err(|_| ())?; + return Ok(ino); + } + } + Err(()) +} + +fn free_inode(ino: u32) -> Result<(), ()> { + if ino == 0 { + return Err(()); + } + let idx = (ino - 1) as usize; + let byte = idx / 8; + let bit = idx % 8; + let mut bitmap = read_block(INODE_BITMAP_BLOCK)?; + bitmap[byte] &= !(1 << bit); + write_block(INODE_BITMAP_BLOCK, &bitmap).map_err(|_| ())?; + let cleared = [0u8; 128]; + write_inode(ino, &cleared); + Ok(()) +} + +fn patch_inode_size(ino: u32, size: u32) -> Result<(), ()> { + if ino == 0 { + return Err(()); + } + let index = (ino - 1) as usize; + let block = INODE_TABLE_BLOCK + (index * 128) / BLOCK_SIZE; + let offset = (index * 128) % BLOCK_SIZE; + let mut data = read_block(block)?; + if offset + 8 > data.len() { + return Err(()); + } + data[offset + 4..offset + 8].copy_from_slice(&size.to_le_bytes()); + write_block(block, &data).map_err(|_| ()) +} + +fn find_dir_entry(data: &[u8], name: &str) -> Option<u32> { + let mut offset = 0usize; + while offset + 8 <= data.len() { + let inode = u32::from_le_bytes([ + data[offset], + data[offset + 1], + data[offset + 2], + data[offset + 3], + ]); + let rec_len = u16::from_le_bytes([data[offset + 4], data[offset + 5]]) as usize; + if rec_len < 8 || rec_len == 0 { + break; + } + let name_len = data[offset + 6] as usize; + let start = offset + 8; + let end = start.saturating_add(name_len); + if end <= data.len() { + if let Ok(entry_name) = core::str::from_utf8(&data[start..end]) { + if entry_name == name { + return Some(inode); + } + } + } + offset = offset.saturating_add(rec_len); + } + None +} + +struct Inode { + mode: u16, + size: u32, + blocks: [u32; 12], +} + +fn read_inode(ino: u32) -> Result<Inode, ()> { + if ino == 0 { + return Err(()); + } + let index = (ino - 1) as usize; + let block = INODE_TABLE_BLOCK + (index * 128) / BLOCK_SIZE; + let offset = (index * 128) % BLOCK_SIZE; + let data = read_block(block)?; + if offset + 128 > data.len() { + return Err(()); + } + let slice = &data[offset..offset + 128]; + let mut blocks = [0u32; 12]; + for (idx, slot) in blocks.iter_mut().enumerate() { + let start = 40 + idx * 4; + *slot = u32::from_le_bytes([ + slice[start], + slice[start + 1], + slice[start + 2], + slice[start + 3], + ]); + } + Ok(Inode { + mode: u16::from_le_bytes([slice[0], slice[1]]), + size: u32::from_le_bytes([slice[4], slice[5], slice[6], slice[7]]), + blocks, + }) +} + +fn read_inode_bytes(inode: &Inode) -> Result<Vec<u8>, ()> { + read_file_data(inode) +} + +fn read_file_data(inode: &Inode) -> Result<Vec<u8>, ()> { + let len = inode.size as usize; + let mut out = vec![0u8; len]; + let mut copied = 0usize; + for block_id in inode.blocks.iter().copied() { + if copied >= len || block_id == 0 { + break; + } + let data = read_block(block_id as usize)?; + let take = core::cmp::min(BLOCK_SIZE, len - copied); + out[copied..copied + take].copy_from_slice(&data[..take]); + copied += take; + } + Ok(out) +} + +fn read_block(block: usize) -> Result<[u8; BLOCK_SIZE], ()> { + let mut out = [0u8; BLOCK_SIZE]; + let base_sector = block * SECTORS_PER_BLOCK; + for (idx, chunk) in out.chunks_mut(SECTOR_SIZE).enumerate() { + let mut sector = [0u8; SECTOR_SIZE]; + block::read_active_sector(base_sector + idx, &mut sector) + .map_err(|_| ())?; + chunk.copy_from_slice(§or); + } + Ok(out) +} + +fn write_block(block: usize, data: &[u8; BLOCK_SIZE]) -> Result<(), BlockError> { + let base_sector = block * SECTORS_PER_BLOCK; + for (idx, chunk) in data.chunks(SECTOR_SIZE).enumerate() { + let mut sector = [0u8; SECTOR_SIZE]; + sector.copy_from_slice(chunk); + block::write_active_sector(base_sector + idx, §or)?; + } + Ok(()) +} + +fn format_minimal() { + let elf_bytes = crate::embedded_ring3_io_demo::elf_bytes(); + let mut superblock = [0u8; BLOCK_SIZE]; + write_u32(&mut superblock, 0x00, 32); + write_u32(&mut superblock, 0x04, TOTAL_BLOCKS as u32); + write_u32(&mut superblock, 0x10, 0); + write_u16(&mut superblock, 0x38, 0xEF53); + write_u16(&mut superblock, 0x54, 128); + let _ = write_block(SUPERBLOCK_BLOCK, &superblock); + + let mut bg = [0u8; BLOCK_SIZE]; + write_u32(&mut bg, 0x00, BLOCK_BITMAP_BLOCK as u32); + write_u32(&mut bg, 0x04, INODE_BITMAP_BLOCK as u32); + write_u32(&mut bg, 0x08, INODE_TABLE_BLOCK as u32); + write_u16(&mut bg, 0x0C, 0xFFFE); + write_u16(&mut bg, 0x0E, 0xFFFE); + write_u16(&mut bg, 0x10, 0x003E); + write_u16(&mut bg, 0x12, 0x0001); + let _ = write_block(BG_DESC_BLOCK, &bg); + + let mut block_bitmap = [0u8; BLOCK_SIZE]; + for block in [ + SUPERBLOCK_BLOCK, + BG_DESC_BLOCK, + BLOCK_BITMAP_BLOCK, + INODE_BITMAP_BLOCK, + INODE_TABLE_BLOCK, + INODE_TABLE_BLOCK + 1, + INODE_TABLE_BLOCK + 2, + INODE_TABLE_BLOCK + 3, + ROOT_DIR_BLOCK as usize, + FILE_DATA_BLOCK as usize, + ELF_DATA_BLOCK0 as usize, + ELF_DATA_BLOCK0 as usize + 1, + ELF_DATA_BLOCK0 as usize + 2, + ELF_DATA_BLOCK0 as usize + 3, + ] { + let byte = block / 8; + let bit = block % 8; + block_bitmap[byte] |= 1 << bit; + } + let _ = write_block(BLOCK_BITMAP_BLOCK, &block_bitmap); + + let mut inode_bitmap = [0u8; BLOCK_SIZE]; + inode_bitmap[0] = 0b0000_0010; + inode_bitmap[1] = 0b0001_1000; + let _ = write_block(INODE_BITMAP_BLOCK, &inode_bitmap); + + let mut root = [0u8; 128]; + write_u16(&mut root, 0x00, 0x4000); + write_u32(&mut root, 0x04, 48); + write_u32(&mut root, 0x28, ROOT_DIR_BLOCK); + write_inode(ROOT_INO, &root); + + let mut dir_block = [0u8; BLOCK_SIZE]; + let smoke_name = b"smoke.txt"; + dir_block[0..4].copy_from_slice(&FILE_INO.to_le_bytes()); + dir_block[4..6].copy_from_slice(&20u16.to_le_bytes()); + dir_block[6] = smoke_name.len() as u8; + dir_block[7] = 1; + dir_block[8..8 + smoke_name.len()].copy_from_slice(smoke_name); + let elf_name = b"ring3-io-demo.elf"; + let elf_dentry_off = 20usize; + dir_block[elf_dentry_off..elf_dentry_off + 4].copy_from_slice(&ELF_INO.to_le_bytes()); + dir_block[elf_dentry_off + 4..elf_dentry_off + 6].copy_from_slice(&28u16.to_le_bytes()); + dir_block[elf_dentry_off + 6] = elf_name.len() as u8; + dir_block[elf_dentry_off + 7] = 1; + dir_block[elf_dentry_off + 8..elf_dentry_off + 8 + elf_name.len()].copy_from_slice(elf_name); + let _ = write_block(ROOT_DIR_BLOCK as usize, &dir_block); + + let mut file = [0u8; 128]; + write_u16(&mut file, 0x00, 0x8000); + write_u32(&mut file, 0x04, 8); + write_u32(&mut file, 0x28, FILE_DATA_BLOCK); + write_inode(FILE_INO, &file); + + let mut payload = [0u8; BLOCK_SIZE]; + payload[..8].copy_from_slice(b"ext2 ok\n"); + let _ = write_block(FILE_DATA_BLOCK as usize, &payload); + + let mut elf_inode = [0u8; 128]; + write_u16(&mut elf_inode, 0x00, 0x8000); + write_u32( + &mut elf_inode, + 0x04, + elf_bytes.len().min(ELF_DATA_BLOCKS * BLOCK_SIZE) as u32, + ); + for (idx, block_id) in (0..ELF_DATA_BLOCKS).map(|i| (i, ELF_DATA_BLOCK0 + i as u32)) { + let off = 40 + idx * 4; + write_u32(&mut elf_inode, off, block_id); + } + write_inode(ELF_INO, &elf_inode); + + for block_idx in 0..ELF_DATA_BLOCKS { + let mut block = [0u8; BLOCK_SIZE]; + let start = block_idx * BLOCK_SIZE; + if start < elf_bytes.len() { + let end = core::cmp::min(start + BLOCK_SIZE, elf_bytes.len()); + block[..end - start].copy_from_slice(&elf_bytes[start..end]); + } + let _ = write_block(ELF_DATA_BLOCK0 as usize + block_idx, &block); + } +} + +fn write_inode(ino: u32, bytes: &[u8; 128]) { + let index = (ino - 1) as usize; + let block = INODE_TABLE_BLOCK + (index * 128) / BLOCK_SIZE; + let offset = (index * 128) % BLOCK_SIZE; + let mut data = read_block(block).unwrap_or([0u8; BLOCK_SIZE]); + data[offset..offset + 128].copy_from_slice(bytes); + let _ = write_block(block, &data); +} + +fn write_u16(out: &mut [u8], offset: usize, value: u16) { + out[offset..offset + 2].copy_from_slice(&value.to_le_bytes()); +} + +fn write_u32(out: &mut [u8], offset: usize, value: u32) { + out[offset..offset + 4].copy_from_slice(&value.to_le_bytes()); +} + +pub fn smoke_ext2_read() -> bool { + init() + && read_file("smoke.txt") + .map(|bytes| bytes.starts_with(b"ext2 ok")) + .unwrap_or(false) + && read_file("ring3-io-demo.elf") + .map(|bytes| bytes.len() > 256 && bytes.starts_with(b"\x7fELF")) + .unwrap_or(false) +} + +pub fn smoke_ext2_write() -> bool { + if !init() { + return false; + } + let reject_elf = write_file("ring3-io-demo.elf", b"bad").is_err(); + let wrote = write_file("smoke.txt", b"ext2 wr\n").is_ok(); + let read_back = read_file("smoke.txt") + .map(|bytes| bytes.as_slice() == b"ext2 wr\n") + .unwrap_or(false); + let elf_intact = read_file("ring3-io-demo.elf") + .map(|bytes| bytes.len() > 256 && bytes.starts_with(b"\x7fELF")) + .unwrap_or(false); + reject_elf && wrote && read_back && elf_intact && write_count() > 0 +} + +pub fn smoke_ext2_create_unlink() -> bool { + if !init() { + return false; + } + let absent = read_file("scratch.txt").is_err(); + let created = create_file("scratch.txt", b"new file\n").is_ok(); + let read_ok = read_file("scratch.txt") + .map(|bytes| bytes.as_slice() == b"new file\n") + .unwrap_or(false); + let big = vec![b'X'; BLOCK_SIZE + 512]; + let grew = write_file("scratch.txt", &big).is_ok(); + let big_read = read_file("scratch.txt") + .map(|bytes| bytes.len() == BLOCK_SIZE + 512) + .unwrap_or(false); + let unlinked = unlink_file("scratch.txt").is_ok(); + let gone = read_file("scratch.txt").is_err(); + let protect_smoke = unlink_file("smoke.txt").is_err(); + let protect_elf = unlink_file("ring3-io-demo.elf").is_err(); + let smoke_intact = read_file("smoke.txt") + .map(|bytes| !bytes.is_empty()) + .unwrap_or(false); + absent + && created + && read_ok + && grew + && big_read + && unlinked + && gone + && protect_smoke + && protect_elf + && smoke_intact + && create_count() > 0 + && unlink_count() > 0 +} diff --git a/kernel/src/fd_table.rs b/kernel/src/fd_table.rs index e06ec01..83a6d5e 100644 --- a/kernel/src/fd_table.rs +++ b/kernel/src/fd_table.rs @@ -1,4 +1,4 @@ -//! Per-process file descriptor tables (Phases 45–46, 51–52). +//! Per-process file descriptor tables. use alloc::{format, string::String}; use core::sync::atomic::{AtomicU64, Ordering}; @@ -387,7 +387,7 @@ pub fn fork_lite_status() -> (u64, u64) { ) } -pub fn phase61_smoke() -> bool { +pub fn smoke_chdir_fd() -> bool { let tick = crate::performance::metrics::TICK_COUNTER.load(Ordering::Relaxed); let creds = crate::security::Credentials::shell_user(); let Some(pid) = process::create_kernel_process_as("chdir-smoke", tick, creds) else { @@ -400,7 +400,7 @@ pub fn phase61_smoke() -> bool { chdir_ok && open_ok && bad && normalized > 0 && chdirs > 0 } -pub fn phase64_smoke() -> bool { +pub fn smoke_fork_fd_inherit() -> bool { let tick = crate::performance::metrics::TICK_COUNTER.load(Ordering::Relaxed); let creds = crate::security::Credentials::shell_user(); let Some(parent) = process::create_kernel_process_as("fork-parent", tick, creds) else { @@ -422,7 +422,7 @@ pub fn phase64_smoke() -> bool { child_open } -pub fn phase66_smoke() -> bool { +pub fn smoke_fcntl_getfd() -> bool { let tick = crate::performance::metrics::TICK_COUNTER.load(Ordering::Relaxed); let creds = crate::security::Credentials::shell_user(); let Some(pid) = process::create_kernel_process_as("fcntl-smoke", tick, creds) else { @@ -440,7 +440,7 @@ pub fn phase66_smoke() -> bool { getfd && dup && reject && getfd_n > 0 && dup_n > 0 && rejected > 0 } -pub fn phase76_smoke() -> bool { +pub fn smoke_fcntl_setfd() -> bool { let tick = crate::performance::metrics::TICK_COUNTER.load(Ordering::Relaxed); let creds = crate::security::Credentials::shell_user(); let Some(pid) = process::create_kernel_process_as("fcntl-setfd-smoke", tick, creds) else { @@ -458,7 +458,7 @@ pub fn phase76_smoke() -> bool { setfd && getfd && reject && setfd_n > 0 && getfd_n > 0 && rejected > 0 } -pub fn phase45_smoke() -> bool { +pub fn smoke_file_fd_open() -> bool { let tick = crate::performance::metrics::TICK_COUNTER.load(Ordering::Relaxed); let Some(pid) = process::create_kernel_process_as( "fd-smoke-a", @@ -477,7 +477,7 @@ pub fn phase45_smoke() -> bool { closed && opens > 0 && closes > 0 } -pub fn phase46_smoke() -> bool { +pub fn smoke_fd_io_rw() -> bool { let tick = crate::performance::metrics::TICK_COUNTER.load(Ordering::Relaxed); let Some(pid) = process::create_kernel_process_as( "fd-io-smoke", @@ -511,7 +511,7 @@ pub fn phase46_smoke() -> bool { ok && FD_READS.load(Ordering::Relaxed) > before } -pub fn phase51_smoke() -> bool { +pub fn smoke_proc_fd_table() -> bool { let tick = crate::performance::metrics::TICK_COUNTER.load(Ordering::Relaxed); let creds = crate::security::Credentials::shell_user(); let Some(pid_a) = process::create_kernel_process_as("proc-fd-a", tick, creds) else { @@ -535,7 +535,7 @@ pub fn phase51_smoke() -> bool { close_a && still_open } -pub fn phase52_smoke() -> bool { +pub fn smoke_fd_dup_relative() -> bool { let tick = crate::performance::metrics::TICK_COUNTER.load(Ordering::Relaxed); let creds = crate::security::Credentials::shell_user(); let Some(pid) = process::create_kernel_process_as("fd-dup-smoke", tick, creds) else { @@ -544,7 +544,7 @@ pub fn phase52_smoke() -> bool { let _ = process::set_process_cwd(pid, "/tmp"); let fd0 = open_file_for_process(pid, "/bin/hello").ok(); let dup = fd0.and_then(|fd| dup_fd_for_process(pid, fd).ok()); - let relative = open_file_for_process(pid, "phase52-smoke.txt").ok(); + let relative = open_file_for_process(pid, "fd-dup-smoke.txt").ok(); if fd0.is_none() || dup.is_none() || relative.is_none() { return false; } diff --git a/kernel/src/frame_backing.rs b/kernel/src/frame_backing.rs index 10bb760..8f3eefa 100644 --- a/kernel/src/frame_backing.rs +++ b/kernel/src/frame_backing.rs @@ -1,4 +1,4 @@ -//! Phase 15 frame-backed executable image records. +//! frame-backed executable image records. use alloc::{string::String, vec::Vec}; diff --git a/kernel/src/frame_ownership.rs b/kernel/src/frame_ownership.rs index be44e0a..d73b346 100644 --- a/kernel/src/frame_ownership.rs +++ b/kernel/src/frame_ownership.rs @@ -1,4 +1,4 @@ -//! Phase 14 persistent frame ownership bookkeeping. +//! persistent frame ownership bookkeeping. use alloc::vec::Vec; use bootloader::bootinfo::{MemoryMap, MemoryRegionType}; @@ -200,7 +200,7 @@ pub fn status() -> FrameOwnershipStatus { REGISTRY.lock().status() } -pub fn phase14_smoke_check() -> bool { +pub fn smoke_frame_registry() -> bool { let before = status(); if !before.initialized || before.available_frames == 0 { return false; diff --git a/kernel/src/framebuffer.rs b/kernel/src/framebuffer.rs index 4313248..6444e24 100644 --- a/kernel/src/framebuffer.rs +++ b/kernel/src/framebuffer.rs @@ -1,6 +1,6 @@ //! VGA mode 13h linear framebuffer (320×200, 256 colors @ 0xA0000). //! -//! Phases 351–355: pixel path, double buffer, expanded font. +//! Pixel path, double buffer, and expanded font. use core::sync::atomic::{AtomicBool, AtomicU64, Ordering}; use lazy_static::lazy_static; @@ -373,21 +373,21 @@ pub fn draw_desktop_shell() { render_desktop_frame(); } -pub fn phase351_framebuffer_smoke() -> bool { +pub fn smoke_framebuffer_smoke() -> bool { init_mode_13h() && mode_active() && { draw_desktop_shell(); flush_count() >= 1 } } -pub fn phase353_double_buffer_smoke() -> bool { +pub fn smoke_double_buffer() -> bool { init_mode_13h() && { render_desktop_frame(); flush_count() >= 1 } } -pub fn phase355_font_smoke() -> bool { +pub fn smoke_font() -> bool { init_mode_13h() && { back_buffer_mut(|buf| { draw_text_buf(buf, 10, 30, "AREOS DESKTOP", COLOR_TEXT); diff --git a/kernel/src/governance.rs b/kernel/src/governance.rs index 3fb1429..f0348a8 100644 --- a/kernel/src/governance.rs +++ b/kernel/src/governance.rs @@ -1,6 +1,6 @@ -//! Post-100 constitutional foundation (phase 110) and capability milestone (phase 120). +//! Post-100 constitutional foundation (scope 110) and capability milestone (scope 120). -/// Phases 101-110 documentation ratified; gates G1-G5 defined in docs/AXIOMS.md. +/// Constitutional documentation ratified; gates G1-G5 defined in docs/AXIOMS.md. pub const CONSTITUTIONAL_FOUNDATION_RATIFIED: bool = true; /// Compat syscall surface frozen as ares-abi-v1 (docs/ABI_SYSCALL.md). @@ -12,11 +12,11 @@ pub const ARE_SEMANTICS_V1: bool = true; /// Reserved native syscall ID range base (docs/ABI_SYSCALL.md). pub const NATIVE_SYSCALL_ID_BASE: u64 = 256; -/// Phase 110 decision: immutable ObjectId + generation invalidation. +/// decision: immutable ObjectId + generation invalidation. pub const IMMUTABLE_OBJECT_IDENTITY: bool = true; /// Returns true when constitutional foundation constants and HW allowlist are consistent. -pub fn phase110_constitutional_smoke() -> bool { +pub fn smoke_constitutional() -> bool { CONSTITUTIONAL_FOUNDATION_RATIFIED && ARE_ABI_V1 && ARE_SEMANTICS_V1 @@ -25,17 +25,17 @@ pub fn phase110_constitutional_smoke() -> bool { && crate::user_syscall_hw::ALLOWED_HW_SYSCALLS.len() >= 24 } -pub fn phase120_cap_compat_smoke() -> bool { +pub fn smoke_cap_compat() -> bool { CONSTITUTIONAL_FOUNDATION_RATIFIED - && crate::kernel_object::phase111_kernel_object_smoke() - && crate::kernel_object::phase112_cap_lifecycle_smoke() - && crate::kernel_object::phase113_rights_smoke() - && crate::kernel_object::phase114_storage_grant_smoke() - && crate::path_broker::phase115_path_broker_smoke() - && crate::kernel_object::phase116_ambient_deny_smoke() - && crate::kernel_object::phase117_namespace_smoke() - && crate::storage_broker::phase118_broker_mint_smoke() - && crate::kernel_object::phase119_compat_bridge_smoke() + && crate::kernel_object::smoke_kernel_object_smoke() + && crate::kernel_object::smoke_cap_lifecycle_smoke() + && crate::kernel_object::smoke_rights_smoke() + && crate::kernel_object::smoke_storage_grant_smoke() + && crate::path_broker::smoke_path_broker_smoke() + && crate::kernel_object::smoke_ambient_deny_smoke() + && crate::kernel_object::smoke_namespace_smoke() + && crate::storage_broker::smoke_broker_mint_smoke() + && crate::kernel_object::smoke_compat_bridge_smoke() } pub fn status() -> (bool, bool, bool, bool) { @@ -43,83 +43,83 @@ pub fn status() -> (bool, bool, bool, bool) { ARE_ABI_V1, ARE_SEMANTICS_V1, IMMUTABLE_OBJECT_IDENTITY, - phase110_constitutional_smoke(), + smoke_constitutional(), ) } -pub fn phase121_service_loader_smoke() -> bool { - crate::service_loader::phase121_service_loader_smoke() +pub fn smoke_service_loader_init() -> bool { + crate::service_loader::smoke_service_loader_init() } -pub fn phase122_storage_broker_smoke() -> bool { - crate::storage_broker::phase122_storage_broker_smoke() +pub fn smoke_storage_broker() -> bool { + crate::storage_broker::smoke_storage_broker() } -pub fn phase123_permission_broker_smoke() -> bool { - crate::permission_broker::phase123_permission_broker_smoke() +pub fn smoke_permission_broker() -> bool { + crate::permission_broker::smoke_permission_broker() } -pub fn phase124_device_broker_smoke() -> bool { - crate::device_broker::phase124_device_broker_smoke() +pub fn smoke_device_broker() -> bool { + crate::device_broker::smoke_device_broker() } -pub fn phase125_network_broker_smoke() -> bool { - crate::network_broker::phase125_network_broker_smoke() +pub fn smoke_network_broker() -> bool { + crate::network_broker::smoke_network_broker() } -pub fn phase126_clipboard_broker_smoke() -> bool { - crate::clipboard_broker::phase126_clipboard_broker_smoke() +pub fn smoke_clipboard_broker() -> bool { + crate::clipboard_broker::smoke_clipboard_broker() } -pub fn phase127_service_isolation_smoke() -> bool { - crate::service_isolation::phase127_service_isolation_smoke() +pub fn smoke_service_isolation() -> bool { + crate::service_isolation::smoke_service_isolation() } -pub fn phase128_native_manifest_smoke() -> bool { - crate::native_manifest::phase128_g4_smoke() +pub fn smoke_native_manifest() -> bool { + crate::native_manifest::smoke_g4_smoke() } -pub fn phase129_scoped_grants_smoke() -> bool { - crate::native_manifest::phase129_scoped_grants_smoke() +pub fn smoke_scoped_grants() -> bool { + crate::native_manifest::smoke_scoped_grants() } -pub fn phase201_virtio_blk_smoke() -> bool { - crate::virtio_blk::phase201_virtio_blk_smoke() +pub fn smoke_virtio_blk() -> bool { + crate::virtio_blk::smoke_virtio_blk() } -pub fn phase131_build_integrity_smoke() -> bool { - crate::build_integrity::phase131_image_identity_smoke() +pub fn smoke_build_integrity() -> bool { + crate::build_integrity::smoke_image_identity() } -pub fn phase132_repro_smoke() -> bool { - crate::build_integrity::phase132_repro_build_smoke() +pub fn smoke_repro_build() -> bool { + crate::build_integrity::smoke_repro_build_host() } -pub fn phase133_rollback_smoke() -> bool { - crate::build_integrity::phase133_rollback_smoke() +pub fn smoke_rollback() -> bool { + crate::build_integrity::smoke_rollback() } -pub fn phase134_endpoint_smoke() -> bool { - crate::ipc_endpoints::phase134_endpoint_smoke() +pub fn smoke_ipc_endpoint() -> bool { + crate::ipc_endpoints::smoke_ipc_endpoint() } -pub fn phase135_audit_wire_smoke() -> bool { - crate::audit_wire::phase135_audit_correlation_smoke() +pub fn smoke_audit_wire() -> bool { + crate::audit_wire::smoke_audit_correlation_smoke() } -pub fn phase136_wait_set_smoke() -> bool { - crate::audit_wire::phase136_wait_set_smoke() +pub fn smoke_wait_set() -> bool { + crate::audit_wire::smoke_wait_set() } -pub fn phase137_error_taxonomy_smoke() -> bool { - crate::audit_wire::phase137_error_taxonomy_wire_smoke() +pub fn smoke_error_taxonomy() -> bool { + crate::audit_wire::smoke_error_taxonomy_wire_smoke() } -pub fn phase138_schema_smoke() -> bool { - crate::audit_wire::phase138_schema_registry_smoke() +pub fn smoke_schema() -> bool { + crate::audit_wire::smoke_schema_registry_smoke() } -pub fn phase140_ipc_integration_smoke() -> bool { +pub fn smoke_ipc_integration() -> bool { let Some(pid) = crate::kernel_object::ensure_smoke_process() else { return false; }; @@ -150,97 +150,97 @@ pub fn phase140_ipc_integration_smoke() -> bool { == Err(crate::ipc_endpoints::EndpointError::QueueFull); while crate::ipc_endpoints::recv(ep).is_ok() {} let bridge_zero = crate::ipc_interim_bridge::ipc_bridge_compat_internal_count() == 0; - phase131_build_integrity_smoke() - && phase134_endpoint_smoke() - && phase135_audit_wire_smoke() - && phase138_schema_smoke() + smoke_build_integrity() + && smoke_ipc_endpoint() + && smoke_audit_wire() + && smoke_schema() && ok && bridge_zero } -pub fn phase401_virtio_net_smoke() -> bool { - crate::virtio_net::phase401_virtio_net_smoke() +pub fn smoke_virtio_net() -> bool { + crate::virtio_net::smoke_virtio_net() } -pub fn phase402_compat_socket_smoke() -> bool { - crate::compat_socket::phase402_compat_socket_smoke() +pub fn smoke_compat_socket() -> bool { + crate::compat_socket::smoke_compat_socket() } -pub fn phase403_network_broker_smoke() -> bool { - crate::network_broker::phase403_network_broker_functional_smoke() +pub fn smoke_network_broker_epoch() -> bool { + crate::network_broker::smoke_network_broker_functional_smoke() } -pub fn phase404_network_epoch_smoke() -> bool { - phase401_virtio_net_smoke() && phase402_compat_socket_smoke() && phase403_network_broker_smoke() +pub fn smoke_network_epoch() -> bool { + smoke_virtio_net() && smoke_compat_socket() && smoke_network_broker_epoch() } -pub fn phase141_scheduler_smoke() -> bool { - crate::service_scheduler::phase141_service_scheduler_smoke() +pub fn smoke_scheduler_smoke() -> bool { + crate::service_scheduler::smoke_service_scheduler() } -pub fn phase142_smp_smoke() -> bool { - crate::service_scheduler::phase142_smp_readiness_smoke() +pub fn smoke_service_smp() -> bool { + crate::service_scheduler::smoke_smp_readiness_smoke() } -pub fn phase145_compositor_smoke() -> bool { - crate::compositor::phase145_compositor_smoke() +pub fn smoke_compositor() -> bool { + crate::compositor::smoke_compositor() } -pub fn phase147_oom_smoke() -> bool { - crate::oom_policy::phase147_oom_smoke() +pub fn smoke_oom_policy() -> bool { + crate::oom_policy::smoke_oom_policy() } -pub fn phase149_epoch5_integration_smoke() -> bool { - phase141_scheduler_smoke() - && phase142_smp_smoke() - && phase145_compositor_smoke() - && phase147_oom_smoke() +pub fn smoke_scheduler_epoch_integration() -> bool { + smoke_scheduler_smoke() + && smoke_service_smp() + && smoke_compositor() + && smoke_oom_policy() } -pub fn phase150_milestone_smoke() -> bool { - crate::milestone150::phase150_milestone_smoke() +pub fn smoke_milestone_boundary() -> bool { + crate::milestone150::smoke_milestone_boundary() } -pub fn phase175_epoch7_smoke() -> bool { +pub fn smoke_epoch7_integrity() -> bool { crate::system_gate::integrity_gate() } -pub fn phase200_milestone_smoke() -> bool { +pub fn smoke_scheduling_milestone() -> bool { crate::system_gate::scheduling_gate() } -pub fn phase250_milestone_smoke() -> bool { +pub fn smoke_hardware_milestone() -> bool { crate::system_gate::hardware_gate() } -pub fn phase300_milestone_smoke() -> bool { +pub fn smoke_federation_milestone() -> bool { crate::system_gate::federation_gate() } -pub fn phase350_milestone_smoke() -> bool { +pub fn smoke_release_milestone() -> bool { crate::system_gate::release_gate() } /// Final release compat — compat sunset + build integrity + functional OS. -pub fn phase500_release_smoke() -> bool { +pub fn smoke_release_final() -> bool { crate::system_gate::release_compat_smoke() } -pub fn phase130_platform_integration_smoke() -> bool { - phase121_service_loader_smoke() - && crate::ipc_interim_bridge::phase_interim_ipc_smoke() - && phase122_storage_broker_smoke() - && phase123_permission_broker_smoke() - && phase124_device_broker_smoke() - && phase125_network_broker_smoke() - && phase126_clipboard_broker_smoke() - && phase127_service_isolation_smoke() - && phase128_native_manifest_smoke() - && phase129_scoped_grants_smoke() - && phase120_cap_compat_smoke() +pub fn smoke_platform_integration() -> bool { + smoke_service_loader_init() + && crate::ipc_interim_bridge::smoke_interim_ipc() + && smoke_storage_broker() + && smoke_permission_broker() + && smoke_device_broker() + && smoke_network_broker() + && smoke_clipboard_broker() + && smoke_service_isolation() + && smoke_native_manifest() + && smoke_scoped_grants() + && smoke_cap_compat() } -pub fn phase121_status() -> (bool, bool, bool, bool) { +pub fn service_loader_status() -> (bool, bool, bool, bool) { let (quota_rej, e00_rej, budget_rej, bootstrap_mints) = crate::service_loader::stub_status(); ( bootstrap_mints > 0, @@ -250,11 +250,11 @@ pub fn phase121_status() -> (bool, bool, bool, bool) { ) } -pub fn phase120_status() -> (bool, bool, bool, bool, bool) { - let cap_table = crate::kernel_object::phase111_kernel_object_smoke(); - let rights = crate::kernel_object::phase113_rights_smoke(); - let grant = crate::kernel_object::phase114_storage_grant_smoke(); - let broker = crate::storage_broker::phase118_broker_mint_smoke(); - let compat = crate::kernel_object::phase119_compat_bridge_smoke(); +pub fn cap_compat_status() -> (bool, bool, bool, bool, bool) { + let cap_table = crate::kernel_object::smoke_kernel_object_smoke(); + let rights = crate::kernel_object::smoke_rights_smoke(); + let grant = crate::kernel_object::smoke_storage_grant_smoke(); + let broker = crate::storage_broker::smoke_broker_mint_smoke(); + let compat = crate::kernel_object::smoke_compat_bridge_smoke(); (cap_table, rights, grant, broker, compat) } diff --git a/kernel/src/image_digest.rs b/kernel/src/image_digest.rs index 3f318f5..c8ff282 100644 --- a/kernel/src/image_digest.rs +++ b/kernel/src/image_digest.rs @@ -1,4 +1,4 @@ -//! SHA-256 manifest digest verification (Phase 58). +//! SHA-256 manifest digest verification . use core::sync::atomic::{AtomicU64, Ordering}; diff --git a/kernel/src/ipc_endpoints.rs b/kernel/src/ipc_endpoints.rs index 352125c..472b59f 100644 --- a/kernel/src/ipc_endpoints.rs +++ b/kernel/src/ipc_endpoints.rs @@ -1,4 +1,4 @@ -//! Native IPC endpoints (phase 134+) — ABI_IPC.md per-sender FIFO. +//! Native IPC endpoints (scope 134+) — ABI_IPC.md per-sender FIFO. use alloc::collections::BTreeMap; use alloc::collections::VecDeque; @@ -90,7 +90,7 @@ pub fn recv(endpoint: EndpointId) -> Result<EndpointMessage, EndpointError> { Ok(msg) } -/// Phase 134: retire interim bridge; native endpoints become sole broker IPC path. +/// : retire interim bridge; native endpoints become sole broker IPC path. pub fn activate_native_endpoints() -> bool { if ipc_interim_bridge::ipc_bridge_compat_internal_count() > 0 && !ipc_interim_bridge::is_retired() @@ -124,7 +124,7 @@ pub fn p134_ordering_corpus() -> bool { true } -pub fn phase134_endpoint_smoke() -> bool { +pub fn smoke_ipc_endpoint() -> bool { let retired = activate_native_endpoints(); let counter_zero = ipc_interim_bridge::ipc_bridge_compat_internal_count() == 0; let ordering = p134_ordering_corpus(); diff --git a/kernel/src/ipc_interim_bridge.rs b/kernel/src/ipc_interim_bridge.rs index 08c32ce..bfca823 100644 --- a/kernel/src/ipc_interim_bridge.rs +++ b/kernel/src/ipc_interim_bridge.rs @@ -1,4 +1,4 @@ -//! Interim IPC bridge (`compat-internal`) — phases 122–133. +//! Interim IPC bridge (`compat-internal`) — scopes 122–133. //! See docs/IPC_INTERIM_BRIDGE.md. use alloc::collections::VecDeque; @@ -36,7 +36,7 @@ lazy_static! { Mutex::new(alloc::collections::BTreeMap::new()); } -/// CI counter — must reach zero by phase 134. +/// CI counter — must reach zero by scope 134. pub fn ipc_bridge_compat_internal_count() -> u64 { IPC_BRIDGE_COMPAT_INTERNAL.load(Ordering::Relaxed) } @@ -45,7 +45,7 @@ pub fn is_retired() -> bool { BRIDGE_RETIRED.load(Ordering::Acquire) } -/// Retire compat-internal bridge; reset CI counter to zero (phase 134). +/// Retire compat-internal bridge; reset CI counter to zero (scope 134). pub fn retire_bridge() { BRIDGE_RETIRED.store(true, Ordering::Release); IPC_BRIDGE_COMPAT_INTERNAL.store(0, Ordering::Release); @@ -106,7 +106,7 @@ pub fn map_bridge_error(err: BridgeError) -> NativeError { } } -pub fn phase_interim_ipc_smoke() -> bool { +pub fn smoke_interim_ipc() -> bool { let Some(pid) = crate::kernel_object::ensure_smoke_process() else { return false; }; diff --git a/kernel/src/kernel_object.rs b/kernel/src/kernel_object.rs index 471ef9f..f4337fe 100644 --- a/kernel/src/kernel_object.rs +++ b/kernel/src/kernel_object.rs @@ -1,4 +1,4 @@ -//! Universal kernel object model and per-process capability table (phases 111–113). +//! Universal kernel object model and per-process capability table (scopes 111–113). //! //! Single cap handle table per process: `(ObjectId, Kind, Rights, Generation)`. //! See docs/KERNEL_OBJECT_MODEL.md and docs/RIGHTS_ALGEBRA.md. @@ -14,7 +14,7 @@ use crate::task::process::{self, ProcessId}; pub const MAX_CAPS: usize = 16; -/// Stable object identity (phase 110 immutable identity decision). +/// Stable object identity (scope 110 immutable identity decision). #[derive(Debug, Clone, Copy, PartialEq, Eq, PartialOrd, Ord, Hash)] pub struct ObjectId(pub u64); @@ -97,7 +97,7 @@ struct KernelObjectRecord { kind: ObjectKind, generation: Generation, max_rights: Rights, - /// Broker-local id for FsNode (no path string in cap metadata, phase 114). + /// Broker-local id for FsNode (no path string in cap metadata, scope 114). fsnode_local_id: Option<u32>, } @@ -385,7 +385,7 @@ pub fn ensure_smoke_process() -> Option<ProcessId> { process::create_process_for_smoke("cap-smoke") } -pub fn phase111_kernel_object_smoke() -> bool { +pub fn smoke_kernel_object_smoke() -> bool { let Some(pid) = ensure_smoke_process() else { return false; }; @@ -400,7 +400,7 @@ pub fn phase111_kernel_object_smoke() -> bool { gen && lookup } -pub fn phase112_cap_lifecycle_smoke() -> bool { +pub fn smoke_cap_lifecycle_smoke() -> bool { let Some(pid_a) = ensure_smoke_process() else { return false; }; @@ -437,7 +437,7 @@ pub fn phase112_cap_lifecycle_smoke() -> bool { sender_empty && receiver && closed } -pub fn phase113_rights_smoke() -> bool { +pub fn smoke_rights_smoke() -> bool { let Some(pid) = ensure_smoke_process() else { return false; }; @@ -454,7 +454,7 @@ pub fn phase113_rights_smoke() -> bool { child_ok && amp_fail && amp_after } -pub fn phase114_storage_grant_smoke() -> bool { +pub fn smoke_storage_grant_smoke() -> bool { let Some(pid) = ensure_smoke_process() else { return false; }; @@ -469,7 +469,7 @@ pub fn phase114_storage_grant_smoke() -> bool { no_path } -pub fn phase116_ambient_deny_smoke() -> bool { +pub fn smoke_ambient_deny_smoke() -> bool { let Some(pid) = process::create_process_for_smoke("native-zero-cap") else { return false; }; @@ -485,7 +485,7 @@ pub fn phase116_ambient_deny_smoke() -> bool { count_zero && deny && mint_fail && broker_fail } -pub fn phase117_namespace_smoke() -> bool { +pub fn smoke_namespace_smoke() -> bool { let Some(native_pid) = process::create_process_for_smoke("native-ns") else { return false; }; @@ -501,10 +501,10 @@ pub fn phase117_namespace_smoke() -> bool { native_blocked && compat_ok } -pub fn phase119_compat_bridge_smoke() -> bool { - let hw_ok = crate::user_syscall_hw::phase71_smoke(); - let fd45 = crate::fd_table::phase45_smoke(); - let fd51 = crate::fd_table::phase51_smoke(); +pub fn smoke_compat_bridge_smoke() -> bool { + let hw_ok = crate::user_syscall_hw::smoke_sysret_probe(); + let fd45 = crate::fd_table::smoke_file_fd_open(); + let fd51 = crate::fd_table::smoke_proc_fd_table(); let allowlist = !crate::user_syscall_hw::ALLOWED_HW_SYSCALLS.is_empty() && crate::user_syscall_hw::ALLOWED_HW_SYSCALLS.len() >= 24; let max_id = crate::user_syscall_hw::ALLOWED_HW_SYSCALLS diff --git a/kernel/src/lib.rs b/kernel/src/lib.rs index 127f9be..103b9ae 100644 --- a/kernel/src/lib.rs +++ b/kernel/src/lib.rs @@ -1,4 +1,4 @@ -//! AresOS Kernel +//! Clan OS kernel library. //! //! A hobby operating system written in Rust, exploring modern systems programming //! and kernel development. Focuses on performance, modular design, and system diff --git a/kernel/src/load_plan.rs b/kernel/src/load_plan.rs index 7799b17..2aa19aa 100644 --- a/kernel/src/load_plan.rs +++ b/kernel/src/load_plan.rs @@ -1,4 +1,4 @@ -//! Phase 12 executable load-plan model. +//! executable load-plan model. use alloc::vec::Vec; @@ -226,7 +226,7 @@ mod tests { crate::exec_image::parse_elf64_image( "hello", "/bin/hello.elf", - crate::storage::phase11_sample_elf_image().as_bytes(), + crate::storage::sample_elf_fixture_image().as_bytes(), crate::task::program_loader::ProgramTrust::User, crate::security::Credentials::shell_user().user, ) diff --git a/kernel/src/main.rs b/kernel/src/main.rs index 3c7bac4..96d0d2e 100644 --- a/kernel/src/main.rs +++ b/kernel/src/main.rs @@ -23,7 +23,7 @@ use x86_64::VirtAddr; entry_point!(kernel_main); fn kernel_main(boot_info: &'static BootInfo) -> ! { - println!("AresOS v{} booting...", env!("CARGO_PKG_VERSION")); + println!("ClanOS v{} booting...", env!("CARGO_PKG_VERSION")); kernel::init(); @@ -76,10 +76,10 @@ fn kernel_main(boot_info: &'static BootInfo) -> ! { println!("Kernel features: preemption={}", preemption_mode); if preemption_mode { - println!("Preemption mode active. Spawning 4 kernel tasks for fairness testing."); + println!("Preemption lab active. Spawning 4 kernel tasks for fairness validation."); println!("Console: type 'help' to list runtime scheduler commands."); kernel::task::scheduler::set_context_switching_enabled(true); - kernel::task::scheduler::spawn_kernel_tasks_phase5(); + kernel::task::scheduler::spawn_preemption_lab_tasks(); println!( "Kernel tasks spawned. Starting preemptive scheduler. quantum_ticks={}, fairness_interval_ticks={}", kernel::task::scheduler::scheduler_quantum_ticks(), @@ -120,7 +120,7 @@ fn kernel_main(boot_info: &'static BootInfo) -> ! { ); println!("Context tasks: {:?}", context_names); println!("Kernel ready. Entering event loop."); - kernel::serial_println!("AresOS shell ready — type here: help | run demo-hello | ls | desktop"); + kernel::serial_println!("ClanOS shell ready — type here: help | run demo-hello | ls | desktop"); kernel::serial_println!("(Use this terminal for commands; QEMU window shows the desktop.)"); executor.run(); } diff --git a/kernel/src/mapping_stub.rs b/kernel/src/mapping_stub.rs index 993d614..5aa4ec3 100644 --- a/kernel/src/mapping_stub.rs +++ b/kernel/src/mapping_stub.rs @@ -1,4 +1,4 @@ -//! Phase 13 deterministic mapping stubs for executable load plans. +//! deterministic mapping stubs for executable load plans. use alloc::{string::String, vec::Vec}; use lazy_static::lazy_static; @@ -315,7 +315,7 @@ mod tests { let image = crate::exec_image::parse_elf64_image( "hello", "/bin/hello.elf", - crate::storage::phase11_sample_elf_image().as_bytes(), + crate::storage::sample_elf_fixture_image().as_bytes(), crate::task::program_loader::ProgramTrust::User, crate::security::Credentials::shell_user().user, ) diff --git a/kernel/src/milestone150.rs b/kernel/src/milestone150.rs index e098d82..2c8a52b 100644 --- a/kernel/src/milestone150.rs +++ b/kernel/src/milestone150.rs @@ -13,7 +13,7 @@ pub fn four_layer_boundary_review() -> bool { LAYER_KERNEL && LAYER_RUNTIME && LAYER_SERVICES && LAYER_COMPAT } -pub fn phase150_milestone_smoke() -> bool { +pub fn smoke_milestone_boundary() -> bool { four_layer_boundary_review() && crate::build_integrity::boot_verified() && crate::ipc_endpoints::endpoint_send_count() > 0 diff --git a/kernel/src/mmap.rs b/kernel/src/mmap.rs index e745c37..7402132 100644 --- a/kernel/src/mmap.rs +++ b/kernel/src/mmap.rs @@ -1,4 +1,4 @@ -//! mmap bring-up: anonymous and read-only file mappings (Phase 54+). +//! mmap bring-up: anonymous and read-only file mappings . use core::sync::atomic::{AtomicU64, Ordering}; @@ -183,7 +183,7 @@ pub fn munmap_syscall(addr: u64, len: u64) -> Result<(), ()> { munmap_range(cr3, addr, len) } -pub fn phase73_smoke() -> bool { +pub fn smoke_munmap_partial() -> bool { let cr3 = { let cached = LAST_MMAP_CR3.load(Ordering::Relaxed); if cached != 0 { @@ -212,7 +212,7 @@ pub fn phase73_smoke() -> bool { partial && reject && pages >= 1 && partial_regions > 0 } -pub fn phase54_smoke() -> bool { +pub fn smoke_mmap_anon() -> bool { let Some(built) = crate::task::program_loader::build_hw_page_table_program( crate::security::Credentials::shell_user(), "hello", @@ -229,7 +229,7 @@ pub fn phase54_smoke() -> bool { anon && file && rejected && a > 0 && f > 0 } -fn phase62_smoke_fresh(cr3: u64) -> bool { +fn smoke_smoke_fresh(cr3: u64) -> bool { let (before_u, before_r) = munmap_status(); let base = mmap_anonymous(cr3, 2, 0).ok(); let file_base = crate::demand_paging::FILE_DEMAND_BASE; @@ -244,7 +244,7 @@ fn phase62_smoke_fresh(cr3: u64) -> bool { unmap_anon && unmap_file && reject_image && after_u >= before_u + 2 && after_r > before_r } -pub fn phase62_smoke() -> bool { +pub fn smoke_munmap() -> bool { let cr3 = LAST_MMAP_CR3.load(Ordering::Relaxed); if cr3 != 0 && crate::user_paging::translate_hw_page(cr3, MMAP_ANON_BASE).is_some() { let file_base = crate::demand_paging::FILE_DEMAND_BASE; @@ -271,5 +271,5 @@ pub fn phase62_smoke() -> bool { return false; }; LAST_MMAP_CR3.store(built.hw.cr3_phys, Ordering::Relaxed); - phase62_smoke_fresh(built.hw.cr3_phys) + smoke_smoke_fresh(built.hw.cr3_phys) } diff --git a/kernel/src/mouse.rs b/kernel/src/mouse.rs index a0212ad..857bd4b 100644 --- a/kernel/src/mouse.rs +++ b/kernel/src/mouse.rs @@ -1,4 +1,4 @@ -//! PS/2 mouse input (phase 352) — IRQ 12 handler + focus events for window manager. +//! PS/2 mouse input (scope 352) — IRQ 12 handler + focus events for window manager. use core::sync::atomic::{AtomicBool, AtomicU64, Ordering}; use crossbeam_queue::ArrayQueue; @@ -165,7 +165,7 @@ pub fn mouse_irq_vector() -> u8 { MOUSE_IRQ } -pub fn phase352_mouse_smoke() -> bool { +pub fn smoke_mouse() -> bool { init() && { inject_event(100, 80, 0x01); event_count() > 0 && poll_event().is_some() diff --git a/kernel/src/native_manifest.rs b/kernel/src/native_manifest.rs index 57d9eb1..cac1512 100644 --- a/kernel/src/native_manifest.rs +++ b/kernel/src/native_manifest.rs @@ -1,4 +1,4 @@ -//! `ares-native-v1` manifest validation (phases 128–129, G4). +//! `ares-native-v1` manifest validation (scopes 128–129, G4). use crate::kernel_object::Rights; @@ -56,7 +56,7 @@ pub const DEMO_MANIFEST: NativeManifestV1 = NativeManifestV1 { }], }; -pub fn phase128_g4_smoke() -> bool { +pub fn smoke_g4_smoke() -> bool { let ok = load_native_manifest(&DEMO_MANIFEST, Rights::read_write()); let bad = !load_native_manifest( &NativeManifestV1 { @@ -71,7 +71,7 @@ pub fn phase128_g4_smoke() -> bool { ok && bad && manifest_load_count() > 0 && manifest_rejection_count() > 0 } -pub fn phase129_scoped_grants_smoke() -> bool { +pub fn smoke_scoped_grants() -> bool { let manifest = NativeManifestV1 { name: "scoped", grants: &[ diff --git a/kernel/src/native_syscall.rs b/kernel/src/native_syscall.rs index 63012cf..d8b69dd 100644 --- a/kernel/src/native_syscall.rs +++ b/kernel/src/native_syscall.rs @@ -1,4 +1,4 @@ -//! Native syscall dispatch (IDs 256+, kernel smokes only until phase 128 G4). +//! Native syscall dispatch (IDs 256+, kernel smokes only until scope 128 G4). use crate::governance::NATIVE_SYSCALL_ID_BASE; use crate::kernel_object::{self, CapError, Rights}; diff --git a/kernel/src/network_broker.rs b/kernel/src/network_broker.rs index 4596838..8dbd14c 100644 --- a/kernel/src/network_broker.rs +++ b/kernel/src/network_broker.rs @@ -1,4 +1,4 @@ -//! Network broker (phase 125) — functional socket caps in epoch 4. +//! Network broker (scope 125) — functional socket caps in epoch 4. use core::sync::atomic::{AtomicBool, AtomicU64, Ordering}; @@ -25,14 +25,14 @@ pub fn request_socket_cap(pid: ProcessId) -> Result<u32, CapError> { kernel_object::mint_cap_from_grant(pid, grant) } -pub fn phase125_network_broker_smoke() -> bool { +pub fn smoke_network_broker() -> bool { let Some(pid) = crate::kernel_object::ensure_smoke_process() else { return false; }; request_socket_cap(pid).is_err() && network_stub_calls() > 0 } -pub fn phase403_network_broker_functional_smoke() -> bool { +pub fn smoke_network_broker_functional_smoke() -> bool { enable_epoch4_functional(); let Some(pid) = crate::kernel_object::ensure_smoke_process() else { return false; diff --git a/kernel/src/network_stack.rs b/kernel/src/network_stack.rs index ade3ec0..ee68c7a 100644 --- a/kernel/src/network_stack.rs +++ b/kernel/src/network_stack.rs @@ -1,4 +1,4 @@ -//! Loopback network stack (phases 386–395) — ping over virtio-net stub. +//! Loopback network stack (scopes 386–395) — ping over virtio-net stub. use core::sync::atomic::{AtomicU64, Ordering}; @@ -20,14 +20,14 @@ pub fn ping_count() -> u64 { PING_OK.load(Ordering::Relaxed) } -pub fn phase386_network_smoke() -> bool { +pub fn smoke_network_stack() -> bool { crate::virtio_net::init() && loopback_ping() && ping_count() > 0 } -pub fn phase395_network_depth_smoke() -> bool { - phase386_network_smoke() - && crate::compat_socket::phase402_compat_socket_smoke() - && crate::network_broker::phase403_network_broker_functional_smoke() +pub fn smoke_network_depth_smoke() -> bool { + smoke_network_stack() + && crate::compat_socket::smoke_compat_socket() + && crate::network_broker::smoke_network_broker_functional_smoke() } pub fn mark_package_installed() { @@ -38,9 +38,9 @@ pub fn packages_installed() -> u64 { PACKAGES_INSTALLED.load(Ordering::Relaxed) } -/// Phase 475 — external route simulation (beyond loopback stub). +/// external route simulation (beyond loopback stub). pub fn simulate_external_route() -> bool { - let depth = phase395_network_depth_smoke(); + let depth = smoke_network_depth_smoke(); let routed = crate::virtio_net::send_loopback(b"external-probe") && crate::virtio_net::recv_loopback().is_some(); let ok = depth && routed; @@ -50,6 +50,6 @@ pub fn simulate_external_route() -> bool { ok } -pub fn phase475_external_network_smoke() -> bool { +pub fn smoke_external_network() -> bool { simulate_external_route() && EXTERNAL_NET_ROUTES.load(Ordering::Relaxed) > 0 } diff --git a/kernel/src/oom_policy.rs b/kernel/src/oom_policy.rs index 0ea2c12..431e8c3 100644 --- a/kernel/src/oom_policy.rs +++ b/kernel/src/oom_policy.rs @@ -1,4 +1,4 @@ -//! Full OOM policy (phase 147) — suspend frozen-in-memory; mem budget enforcement. +//! Full OOM policy (scope 147) — suspend frozen-in-memory; mem budget enforcement. use core::sync::atomic::{AtomicU64, Ordering}; @@ -65,7 +65,7 @@ pub fn enforce_mem_budget(requested: u64) -> bool { true } -pub fn phase147_oom_smoke() -> bool { +pub fn smoke_oom_policy() -> bool { let Some(pid) = crate::kernel_object::ensure_smoke_process() else { return false; }; @@ -86,5 +86,5 @@ pub fn phase147_oom_smoke() -> bool { } pub fn epoch7_oom_graduated() -> bool { - phase147_oom_smoke() + smoke_oom_policy() } diff --git a/kernel/src/path_broker.rs b/kernel/src/path_broker.rs index 15644f1..ef10d1b 100644 --- a/kernel/src/path_broker.rs +++ b/kernel/src/path_broker.rs @@ -1,4 +1,4 @@ -//! Compat-only path broker (phase 115, G1): resolves paths to FDs without new handle types. +//! Compat-only path broker (scope 115, G1): resolves paths to FDs without new handle types. use crate::task::process::ProcessId; @@ -14,7 +14,7 @@ pub fn resolve_open_compat(pid: ProcessId, path: &str) -> Result<u32, ()> { crate::fd_table::open_file_for_process_inner(pid, path) } -pub fn phase115_path_broker_smoke() -> bool { +pub fn smoke_path_broker_smoke() -> bool { let Some(pid) = crate::kernel_object::ensure_smoke_process() else { return false; }; diff --git a/kernel/src/performance/process_metrics.rs b/kernel/src/performance/process_metrics.rs index 3b98cad..a77bcbf 100644 --- a/kernel/src/performance/process_metrics.rs +++ b/kernel/src/performance/process_metrics.rs @@ -1,4 +1,4 @@ -//! Process-level performance metrics and observability for Phase 5. +//! Process-level performance metrics and observability. //! //! Tracks per-process scheduler events, CPU time, and fairness metrics //! for real-time performance analysis. diff --git a/kernel/src/permission_broker.rs b/kernel/src/permission_broker.rs index 8e278d4..2eb902f 100644 --- a/kernel/src/permission_broker.rs +++ b/kernel/src/permission_broker.rs @@ -1,4 +1,4 @@ -//! Permission broker (phase 123) — attenuated cap mint with broker session. +//! Permission broker (scope 123) — attenuated cap mint with broker session. use crate::ipc_interim_bridge; use crate::kernel_object::{self, CapError, ObjectKind, Rights}; @@ -26,7 +26,7 @@ pub fn request_attenuated_cap( Ok(slot) } -pub fn phase123_permission_broker_smoke() -> bool { +pub fn smoke_permission_broker() -> bool { let Some(pid) = crate::kernel_object::ensure_smoke_process() else { return false; }; diff --git a/kernel/src/pipe.rs b/kernel/src/pipe.rs index ac67c65..5396a5c 100644 --- a/kernel/src/pipe.rs +++ b/kernel/src/pipe.rs @@ -1,4 +1,4 @@ -//! Anonymous pipe ring buffer (Phase 87). +//! Anonymous pipe ring buffer . use alloc::format; use core::sync::atomic::{AtomicU64, Ordering}; @@ -178,7 +178,7 @@ pub fn write_pipe(pipe_id: u32, user_buf: u64, max_len: u64) -> Result<u64, ()> write_pipe_kernel(pipe_id, &buf[..len]).map(|n| n as u64) } -pub fn phase87_smoke() -> bool { +pub fn smoke_pipe_lite() -> bool { let tick = crate::performance::metrics::TICK_COUNTER.load(Ordering::Relaxed); let creds = crate::security::Credentials::shell_user(); let Some(pid) = process::create_kernel_process_as("pipe-smoke", tick, creds) else { @@ -210,7 +210,7 @@ pub fn phase87_smoke() -> bool { wrote && read_ok && pipes > 0 && bytes > 0 } -pub fn phase92_smoke() -> bool { +pub fn smoke_poll_lite() -> bool { let tick = crate::performance::metrics::TICK_COUNTER.load(Ordering::Relaxed); let creds = crate::security::Credentials::shell_user(); let Some(pid) = process::create_kernel_process_as("poll-smoke", tick, creds) else { @@ -228,7 +228,7 @@ pub fn phase92_smoke() -> bool { empty && ready && polls > 0 && ready_n > 0 } -pub fn phase95_smoke() -> bool { +pub fn smoke_pipe_probe() -> bool { let tick = crate::performance::metrics::TICK_COUNTER.load(Ordering::Relaxed); let creds = crate::security::Credentials::shell_user(); let Some(pid) = process::create_kernel_process_as("pipeprobe", tick, creds) else { diff --git a/kernel/src/posix_server.rs b/kernel/src/posix_server.rs new file mode 100644 index 0000000..e128c5d --- /dev/null +++ b/kernel/src/posix_server.rs @@ -0,0 +1,162 @@ +//! POSIX compatibility server skeleton (out-of-kernel service contract). +//! +//! Wire format: `posix.compat.v1` — opcode byte + payload. Compat clients send +//! requests to the server endpoint; dispatch runs synchronously until a ring-3 +//! server binary replaces the in-kernel pump (`// STUB(scope-408):` userspace server). + +use alloc::vec; +use alloc::vec::Vec; +use core::sync::atomic::{AtomicU64, Ordering}; + +use lazy_static::lazy_static; +use spin::Mutex; + +use crate::ipc_endpoints::{self, EndpointId}; +use crate::service_loader; +use crate::task::process::{self, ProcessId, ProcessMode}; + +pub const POSIX_COMPAT_SCHEMA: &str = "posix.compat.v1"; + +const OP_GETPID: u8 = 0x01; +const OP_OPEN: u8 = 0x02; +const OP_RESP_OK: u8 = 0x80; +const OP_RESP_ERR: u8 = 0xFF; + +#[derive(Debug, Clone, Copy)] +struct PosixServerState { + service_pid: ProcessId, + endpoint: EndpointId, + service_cap: u32, // retained for future cap-delegation wiring +} + +lazy_static! { + static ref SERVER: Mutex<Option<PosixServerState>> = Mutex::new(None); +} + +static REQUESTS_HANDLED: AtomicU64 = AtomicU64::new(0); + +pub fn posix_server_request_count() -> u64 { + REQUESTS_HANDLED.load(Ordering::Relaxed) +} + +pub fn server_endpoint() -> Option<EndpointId> { + SERVER.lock().as_ref().map(|s| s.endpoint) +} + +pub fn service_pid() -> Option<ProcessId> { + SERVER.lock().as_ref().map(|s| s.service_pid) +} + +/// Register native POSIX server process + IPC endpoint (first boot / smoke). +pub fn ensure_posix_server() -> Result<EndpointId, ()> { + if let Some(ep) = server_endpoint() { + return Ok(ep); + } + + let Some(pid) = process::create_process_for_smoke("posix-server") else { + return Err(()); + }; + process::set_process_mode(pid, ProcessMode::Native); + let cap = service_loader::load_service_with_stubs(pid, 4096).map_err(|_| ())?; + let endpoint = ipc_endpoints::create_endpoint(); + *SERVER.lock() = Some(PosixServerState { + service_pid: pid, + endpoint, + service_cap: cap, + }); + Ok(endpoint) +} + +fn dispatch_request(client: ProcessId, request: &[u8]) -> Vec<u8> { + match request.first() { + Some(&OP_GETPID) => { + let mut resp = vec![OP_RESP_OK]; + resp.extend_from_slice(&client.as_u64().to_le_bytes()); + resp + } + Some(&OP_OPEN) => { + let path = core::str::from_utf8(&request[1..]).unwrap_or(""); + if path.is_empty() { + return vec![OP_RESP_ERR]; + } + match crate::fd_table::open_file_for_process(client, path) { + Ok(fd) => { + let mut resp = vec![OP_RESP_OK]; + resp.extend_from_slice(&fd.to_le_bytes()); + resp + } + Err(()) => vec![OP_RESP_ERR], + } + } + _ => vec![OP_RESP_ERR], + } +} + +/// Compat client round-trip through the POSIX server endpoint. +pub fn invoke_compat(client: ProcessId, request: &[u8]) -> Result<Vec<u8>, ()> { + if process::process_mode(client) != ProcessMode::Compat { + return Err(()); + } + let endpoint = ensure_posix_server()?; + ipc_endpoints::send(endpoint, client, request).map_err(|_| ())?; + let msg = ipc_endpoints::recv(endpoint).map_err(|_| ())?; + if msg.sender != client || msg.payload != request { + return Err(()); + } + REQUESTS_HANDLED.fetch_add(1, Ordering::Relaxed); + Ok(dispatch_request(client, &msg.payload)) +} + +pub fn smoke_posix_server() -> bool { + let Some(client) = process::create_process_for_smoke("posix-client") else { + return false; + }; + process::set_process_mode(client, ProcessMode::Compat); + + let endpoint_ok = ensure_posix_server().is_ok(); + let native_server = service_pid() + .map(|pid| process::process_mode(pid) == ProcessMode::Native) + .unwrap_or(false); + + let getpid_req = [OP_GETPID]; + let getpid_resp = invoke_compat(client, &getpid_req).ok(); + let getpid_ok = getpid_resp + .as_ref() + .map(|r| { + r.len() >= 9 + && r[0] == OP_RESP_OK + && u64::from_le_bytes(r[1..9].try_into().unwrap_or([0; 8])) == client.as_u64() + }) + .unwrap_or(false); + + let mut open_req = vec![OP_OPEN]; + open_req.extend_from_slice(b"/bin/hello"); + let open_resp = invoke_compat(client, &open_req).ok(); + let open_ok = open_resp + .as_ref() + .map(|r| r.len() >= 5 && r[0] == OP_RESP_OK && u32::from_le_bytes(r[1..5].try_into().unwrap_or([0; 4])) > 0) + .unwrap_or(false); + + let Some(native_client) = process::create_process_for_smoke("posix-native-client") else { + return false; + }; + process::set_process_mode(native_client, ProcessMode::Native); + let native_client_rejected = invoke_compat(native_client, &getpid_req).is_err(); + + let handled = posix_server_request_count() >= 2; + + let cap_minted = SERVER + .lock() + .as_ref() + .map(|s| s.service_cap > 0) + .unwrap_or(false); + + endpoint_ok + && native_server + && cap_minted + && getpid_ok + && open_ok + && native_client_rejected + && handled + && server_endpoint().is_some() +} diff --git a/kernel/src/ring3_trampoline.rs b/kernel/src/ring3_trampoline.rs index c77873c..cc7f599 100644 --- a/kernel/src/ring3_trampoline.rs +++ b/kernel/src/ring3_trampoline.rs @@ -1,4 +1,4 @@ -//! Phase 18 controlled Ring 3 trampoline model. +//! controlled Ring 3 trampoline model. use crate::{interrupts::USER_TRAP_VECTOR, user_context::UserContextDescriptor}; diff --git a/kernel/src/security.rs b/kernel/src/security.rs index 678090d..7605dec 100644 --- a/kernel/src/security.rs +++ b/kernel/src/security.rs @@ -1,4 +1,4 @@ -//! Phase 10 identity and access-control primitives. +//! identity and access-control primitives. use core::sync::atomic::{AtomicU64, Ordering}; @@ -223,7 +223,7 @@ pub fn can_manage_process(actor: Credentials, owner: Credentials) -> bool { actor.can_manage() || actor.user == owner.user } -pub fn phase10_smoke_check() -> bool { +pub fn smoke_access_policy() -> bool { let user = Credentials::shell_user(); let admin = Credentials::admin(); let owner = user.user; diff --git a/kernel/src/service_isolation.rs b/kernel/src/service_isolation.rs index d8d8e58..2fad6fa 100644 --- a/kernel/src/service_isolation.rs +++ b/kernel/src/service_isolation.rs @@ -1,4 +1,4 @@ -//! Service crash isolation (phase 127) — FAULT_ESCALATION tier 2 restart path. +//! Service crash isolation (scope 127) — FAULT_ESCALATION tier 2 restart path. use core::sync::atomic::{AtomicU64, Ordering}; @@ -32,7 +32,7 @@ pub fn restart_service_tier2(pid: ProcessId, service_cap_slot: u32) -> bool { true } -pub fn phase127_service_isolation_smoke() -> bool { +pub fn smoke_service_isolation() -> bool { let Some(pid) = crate::kernel_object::ensure_smoke_process() else { return false; }; diff --git a/kernel/src/service_loader.rs b/kernel/src/service_loader.rs index 71d8275..9603925 100644 --- a/kernel/src/service_loader.rs +++ b/kernel/src/service_loader.rs @@ -1,6 +1,6 @@ -//! Phase 121 — service loader contract, resource stubs, and E-00 admission control. +//! service loader contract, resource stubs, and E-00 admission control. //! -//! See docs/phase-121-checklist.md, docs/KERNEL_OBJECT_MODEL.md (bootstrap ceremony), +//! See docs/scope-121-checklist.md, docs/KERNEL_OBJECT_MODEL.md (bootstrap ceremony), //! docs/ERROR_TAXONOMY.md. use core::sync::atomic::{AtomicBool, AtomicU32, AtomicU64, Ordering}; @@ -53,7 +53,7 @@ impl NativeError { } } -/// MEM_BUDGET_STUB — contract before full enforcement (phase 147). +/// MEM_BUDGET_STUB — contract before full enforcement (scope 147). #[derive(Debug, Clone, Copy)] pub struct MemBudgetStub { pub total_bytes: u64, @@ -210,8 +210,8 @@ pub fn load_service_with_stubs(pid: ProcessId, mem_need: u64) -> Result<u32, Nat Ok(slot) } -pub fn phase121_service_loader_smoke() -> bool { - let Some(pid) = process::create_process_for_smoke("phase121-svc") else { +pub fn smoke_service_loader_init() -> bool { + let Some(pid) = process::create_process_for_smoke("svc-loader-smoke") else { return false; }; diff --git a/kernel/src/service_scheduler.rs b/kernel/src/service_scheduler.rs index 73e531d..23d2991 100644 --- a/kernel/src/service_scheduler.rs +++ b/kernel/src/service_scheduler.rs @@ -1,4 +1,4 @@ -//! Service scheduler + E-00 priority ceiling (phases 141–142). +//! Service scheduler + E-00 priority ceiling (scopes 141–142). use core::sync::atomic::{AtomicU64, Ordering}; @@ -28,7 +28,7 @@ pub fn schedule_service(pid: ProcessId, priority: u8) -> bool { true } -pub fn phase141_service_scheduler_smoke() -> bool { +pub fn smoke_service_scheduler() -> bool { let Some(pid) = crate::kernel_object::ensure_smoke_process() else { return false; }; @@ -37,14 +37,14 @@ pub fn phase141_service_scheduler_smoke() -> bool { ok_low && reject_high && ceiling_rejects() > 0 } -pub fn phase142_smp_readiness_smoke() -> bool { +pub fn smoke_smp_readiness_smoke() -> bool { let (cpus, aps, _tlb) = crate::smp::status(); cpus >= 1 && aps <= cpus } /// S-01 unified native service admission (`SCHEDULING_UNIFIED.md`). pub fn s01_unified_admission_smoke() -> bool { - phase141_service_scheduler_smoke() && phase142_smp_readiness_smoke() + smoke_service_scheduler() && smoke_smp_readiness_smoke() } /// S-02: priority ceiling rejects above E-00. @@ -57,7 +57,7 @@ pub fn s02_priority_ceiling_smoke() -> bool { /// S-03: SMP status consistent under schedule ops. pub fn s03_smp_schedule_smoke() -> bool { - s02_priority_ceiling_smoke() && phase142_smp_readiness_smoke() + s02_priority_ceiling_smoke() && smoke_smp_readiness_smoke() } /// S-04: schedule op counter monotonic. @@ -78,10 +78,10 @@ pub fn s05_unified_band_smoke() -> bool { && s04_schedule_ops_smoke() } -pub fn phase200_scheduling_unified_smoke() -> bool { +pub fn smoke_scheduling_unified_smoke() -> bool { s05_unified_band_smoke() } pub fn epoch8_scheduling_graduated() -> bool { - phase200_scheduling_unified_smoke() + smoke_scheduling_unified_smoke() } diff --git a/kernel/src/shared_loader.rs b/kernel/src/shared_loader.rs index e0f71b0..db28641 100644 --- a/kernel/src/shared_loader.rs +++ b/kernel/src/shared_loader.rs @@ -1,4 +1,4 @@ -//! Shared library mapping for DT_NEEDED dependencies (Phases 41, 56). +//! Shared library mapping for DT_NEEDED dependencies. use alloc::{format, string::String, vec}; use core::sync::atomic::{AtomicU64, Ordering}; @@ -59,7 +59,7 @@ fn map_shared_at(backed: &mut FrameBackedImage, base: u64, path: &str) -> Result .ok() .flatten() .map(|s| s.into_bytes()) - .unwrap_or_else(|| crate::storage::phase11_sample_elf_image().into_bytes()); + .unwrap_or_else(|| crate::storage::sample_elf_fixture_image().into_bytes()); let frame = frame_ownership::allocate_frame(FrameOwner::Image).map_err(|_| { SHARED_REJECTED.fetch_add(1, Ordering::Relaxed); @@ -125,8 +125,8 @@ pub fn attach_shared_library( Ok(mapped) } -pub fn phase41_smoke() -> bool { - let sample = crate::storage::phase11_sample_elf_image(); +pub fn smoke_shared_lib_load() -> bool { + let sample = crate::storage::sample_elf_fixture_image(); let backed = crate::task::program_loader::back_mapped_program_with_relocs( crate::security::Credentials::shell_user(), "hello", @@ -141,8 +141,8 @@ pub fn phase41_smoke() -> bool { pages > 0 && loaded > 0 && mapped > 0 } -pub fn phase56_smoke() -> bool { - let sample = crate::storage::phase11_sample_elf_image(); +pub fn smoke_multi_shlib() -> bool { + let sample = crate::storage::sample_elf_fixture_image(); let mut bytes = sample.into_bytes(); bytes.extend_from_slice(b"libaux"); let backed = crate::task::program_loader::back_mapped_program_with_relocs( diff --git a/kernel/src/signal.rs b/kernel/src/signal.rs new file mode 100644 index 0000000..061e313 --- /dev/null +++ b/kernel/src/signal.rs @@ -0,0 +1,328 @@ +//! Compat signal skeleton: `kill`, `sigaction_lite`, pending-bit probe, and +//! user-frame delivery on syscall return with `SigReturn` restoration (scope 409). + +use alloc::collections::BTreeMap; +use core::sync::atomic::{AtomicU64, Ordering}; +use lazy_static::lazy_static; +use spin::Mutex; + +use crate::security::Credentials; +use crate::task::process::{self, ProcessId}; + +pub const MAX_SIGNO: u32 = 32; +pub const SIG_DFL: u64 = 0; +pub const SIG_IGN: u64 = 1; + +pub const SIGKILL: u32 = 9; +pub const SIGUSR1: u32 = 10; +pub const SIGTERM: u32 = 15; + +static KILL_DELIVERED: AtomicU64 = AtomicU64::new(0); +static SIGACTION_SET: AtomicU64 = AtomicU64::new(0); +static SIGNAL_IGNORED: AtomicU64 = AtomicU64::new(0); +static SIGNAL_QUEUED: AtomicU64 = AtomicU64::new(0); +static FRAME_DELIVERIES: AtomicU64 = AtomicU64::new(0); +static SIGRETURN_COUNT: AtomicU64 = AtomicU64::new(0); + +#[derive(Debug, Clone, Copy, Default)] +pub struct SignalState { + pending: u32, + handlers: [u64; MAX_SIGNO as usize], + saved_rip: u64, + saved_rflags: u64, + last_delivered_signo: u32, + in_handler: bool, +} + +impl SignalState { + pub fn handler(&self, signo: u32) -> u64 { + self.handlers + .get(signo as usize) + .copied() + .unwrap_or(SIG_DFL) + } +} + +lazy_static! { + static ref SIGNAL_TABLE: Mutex<BTreeMap<ProcessId, SignalState>> = + Mutex::new(BTreeMap::new()); +} + +pub fn status() -> (u64, u64, u64) { + ( + KILL_DELIVERED.load(Ordering::Relaxed), + SIGACTION_SET.load(Ordering::Relaxed), + SIGNAL_QUEUED.load(Ordering::Relaxed), + ) +} + +pub fn delivery_status() -> (u64, u64) { + ( + FRAME_DELIVERIES.load(Ordering::Relaxed), + SIGRETURN_COUNT.load(Ordering::Relaxed), + ) +} + +pub fn init_process(pid: ProcessId) { + SIGNAL_TABLE.lock().entry(pid).or_default(); +} + +pub fn drop_process(pid: ProcessId) { + SIGNAL_TABLE.lock().remove(&pid); +} + +pub fn inherit_from_parent(parent: ProcessId, child: ProcessId) { + let state = SIGNAL_TABLE + .lock() + .get(&parent) + .copied() + .unwrap_or_default(); + SIGNAL_TABLE.lock().insert(child, state); +} + +fn with_state_mut<F, R>(pid: ProcessId, f: F) -> Option<R> +where + F: FnOnce(&mut SignalState) -> R, +{ + SIGNAL_TABLE.lock().get_mut(&pid).map(f) +} + +fn process_alive(pid: ProcessId) -> bool { + process::with_process_mut(pid, |proc| proc.exit_code().is_none()) + .unwrap_or(false) +} + +fn first_pending_custom(state: &SignalState) -> Option<u32> { + for signo in 1..MAX_SIGNO { + if state.pending & (1u32 << signo) == 0 { + continue; + } + let handler = state.handler(signo); + if handler != SIG_DFL && handler != SIG_IGN { + return Some(signo); + } + } + None +} + +fn apply_default(pid: ProcessId, signo: u32) -> Result<(), ()> { + match signo { + SIGKILL | SIGTERM => { + let code = 128i32.saturating_add(signo as i32); + if process::terminate_process(pid, code) { + KILL_DELIVERED.fetch_add(1, Ordering::Relaxed); + Ok(()) + } else { + Err(()) + } + } + _ => queue_pending(pid, signo), + } +} + +fn queue_pending(pid: ProcessId, signo: u32) -> Result<(), ()> { + with_state_mut(pid, |state| { + state.pending |= 1u32 << signo; + SIGNAL_QUEUED.fetch_add(1, Ordering::Relaxed); + }) + .ok_or(()) +} + +pub fn dispatch(pid: ProcessId, signo: u32) -> Result<(), ()> { + if signo == 0 || signo >= MAX_SIGNO { + return Err(()); + } + if !process_alive(pid) { + return Err(()); + } + if signo == SIGKILL { + return apply_default(pid, signo); + } + let handler = with_state_mut(pid, |state| state.handler(signo)) + .unwrap_or(SIG_DFL); + match handler { + SIG_IGN => { + SIGNAL_IGNORED.fetch_add(1, Ordering::Relaxed); + Ok(()) + } + SIG_DFL => apply_default(pid, signo), + _ => queue_pending(pid, signo), + } +} + +/// Redirect syscall return to a user handler when a custom handler is pending. +pub fn try_deliver_on_syscall_return( + pid: ProcessId, + user_rip: u64, + user_rflags: u64, +) -> Option<(u64, u64)> { + with_state_mut(pid, |state| { + if state.in_handler { + return None; + } + let signo = first_pending_custom(state)?; + state.pending &= !(1u32 << signo); + state.saved_rip = user_rip; + state.saved_rflags = user_rflags; + state.last_delivered_signo = signo; + state.in_handler = true; + FRAME_DELIVERIES.fetch_add(1, Ordering::Relaxed); + Some((state.handler(signo), user_rflags)) + }) + .flatten() +} + +/// Restore saved user frame after `SigReturn` syscall dispatch succeeds. +pub fn take_sigreturn_restoration(pid: ProcessId) -> Option<(u64, u64)> { + with_state_mut(pid, |state| { + if !state.in_handler || state.saved_rip == 0 { + return None; + } + let rip = state.saved_rip; + let rflags = state.saved_rflags; + state.saved_rip = 0; + state.saved_rflags = 0; + state.in_handler = false; + state.last_delivered_signo = 0; + SIGRETURN_COUNT.fetch_add(1, Ordering::Relaxed); + Some((rip, rflags)) + }) + .flatten() +} + +pub fn kill_checked(actor: Credentials, pid: ProcessId, signo: u32) -> Result<(), ()> { + if signo >= MAX_SIGNO { + return Err(()); + } + if signo == 0 { + return if process::get_process(pid).is_some() { + Ok(()) + } else { + Err(()) + }; + } + let owner = process::process_owner(pid).ok_or(())?; + if !crate::security::can_manage_process(actor, owner) { + crate::security::record_denial(crate::security::AccessKind::Manage); + return Err(()); + } + dispatch(pid, signo) +} + +pub fn kill_syscall(pid_raw: u64, signo: u64) -> Result<(), ()> { + let pid = if pid_raw == 0 { + process::current_process_id() + .or_else(|| process::smoke_process_id()) + .ok_or(())? + } else { + ProcessId::from_raw(pid_raw) + }; + kill_checked( + crate::security::current_credentials(), + pid, + signo as u32, + ) +} + +pub fn sigaction_lite(signo: u64, handler: u64) -> Result<u64, ()> { + if signo == 0 || signo >= MAX_SIGNO as u64 || signo == SIGKILL as u64 { + return Err(()); + } + let pid = process::current_process_id() + .or_else(|| process::smoke_process_id()) + .ok_or(())?; + with_state_mut(pid, |state| { + let idx = signo as usize; + let old = state.handlers[idx]; + state.handlers[idx] = handler; + SIGACTION_SET.fetch_add(1, Ordering::Relaxed); + old + }) + .ok_or(()) +} + +pub fn sigpending_syscall() -> Result<u64, ()> { + let pid = process::current_process_id() + .or_else(|| process::smoke_process_id()) + .ok_or(())?; + with_state_mut(pid, |state| state.pending as u64) + .ok_or(()) +} + +pub fn sigreturn_syscall() -> Result<u64, ()> { + let pid = process::current_process_id() + .or_else(|| process::smoke_process_id()) + .ok_or(())?; + with_state_mut(pid, |state| { + if !state.in_handler { + return Err(()); + } + Ok(state.last_delivered_signo as u64) + }) + .ok_or(())? + .map_err(|_| ()) +} + +pub fn smoke_signal_register() -> bool { + let tick = crate::performance::metrics::TICK_COUNTER.load(Ordering::Relaxed); + let creds = Credentials::shell_user(); + let Some(victim) = process::create_kernel_process_as("sig-victim", tick, creds) else { + return false; + }; + process::set_smoke_process_id(Some(victim)); + + let old = sigaction_lite(SIGUSR1 as u64, SIG_IGN).ok() == Some(SIG_DFL); + let ignore_ok = kill_checked(creds, victim, SIGUSR1).is_ok() && process_alive(victim); + let term_ok = kill_checked(creds, victim, SIGTERM).is_ok() && !process_alive(victim); + let exit_code = process::with_process_mut(victim, |proc| proc.exit_code()) + .flatten(); + let exit_ok = exit_code == Some(128 + SIGTERM as i32); + + process::set_smoke_process_id(None); + let (kills, actions, _) = status(); + old && ignore_ok && term_ok && exit_ok && kills > 0 && actions > 0 +} + +pub fn smoke_signal_delivery() -> bool { + const HANDLER_RIP: u64 = 0x4001_0000; + const USER_RIP: u64 = 0x4000_2000; + const USER_RFLAGS: u64 = 0x202; + + let tick = crate::performance::metrics::TICK_COUNTER.load(Ordering::Relaxed); + let creds = Credentials::shell_user(); + let Some(victim) = process::create_kernel_process_as("sig-deliver", tick, creds) else { + return false; + }; + process::set_smoke_process_id(Some(victim)); + + let handler_set = sigaction_lite(SIGUSR1 as u64, HANDLER_RIP).ok() == Some(SIG_DFL); + let queued = kill_checked(creds, victim, SIGUSR1).is_ok(); + let pending_before = sigpending_syscall().ok().unwrap_or(0); + let pending_bit = (pending_before & (1u32 << SIGUSR1) as u64) != 0; + + let redirected = try_deliver_on_syscall_return(victim, USER_RIP, USER_RFLAGS) + .map(|(rip, rflags)| rip == HANDLER_RIP && rflags == USER_RFLAGS) + .unwrap_or(false); + let pending_after = sigpending_syscall().ok().unwrap_or(0); + let pending_cleared = pending_after & (1u32 << SIGUSR1) as u64 == 0; + + let signo_ack = sigreturn_syscall().ok() == Some(SIGUSR1 as u64); + let restored = take_sigreturn_restoration(victim) + .map(|(rip, rflags)| rip == USER_RIP && rflags == USER_RFLAGS) + .unwrap_or(false); + let no_reentry = try_deliver_on_syscall_return(victim, USER_RIP, USER_RFLAGS).is_none(); + + process::set_smoke_process_id(None); + let (deliveries, sigreturns) = delivery_status(); + + handler_set + && queued + && pending_bit + && redirected + && pending_cleared + && signo_ack + && restored + && no_reentry + && deliveries > 0 + && sigreturns > 0 +} diff --git a/kernel/src/smp.rs b/kernel/src/smp.rs index bd5ccf2..5ecdf08 100644 --- a/kernel/src/smp.rs +++ b/kernel/src/smp.rs @@ -1,4 +1,4 @@ -//! SMP groundwork: CPU detection, parked APs, TLB flush, runqueues (Phases 49, 59, 68–69). +//! SMP groundwork: CPU detection, parked APs, TLB flush, runqueues. use core::sync::atomic::{AtomicU64, Ordering}; @@ -176,14 +176,14 @@ fn start_ap_idle_accounting() { ap_idle_trampoline(); } -pub fn phase49_smoke() -> bool { +pub fn smoke_smp_probe() -> bool { init(); flush_tlb_on_unmap(); let (cpus, _aps, flush_ok) = status(); cpus >= 1 && flush_ok > 0 } -pub fn phase59_smoke() -> bool { +pub fn smoke_runqueue_enqueue() -> bool { init(); scheduler_account_preempt(); let (cpus, enqueued, _) = ( @@ -194,7 +194,7 @@ pub fn phase59_smoke() -> bool { cpus >= 2 && enqueued > 0 } -pub fn phase68_smoke() -> bool { +pub fn smoke_tlb_shootdown() -> bool { init(); request_tlb_shootdown(); let (cpus, _, _) = status(); @@ -202,13 +202,13 @@ pub fn phase68_smoke() -> bool { cpus >= 2 && requested >= 2 && completed >= 2 } -pub fn phase69_smoke() -> bool { +pub fn smoke_ap_idle() -> bool { init(); let (aps, idle_ticks) = ap_idle_status(); aps >= 1 && idle_ticks > 0 } -pub fn phase78_smoke() -> bool { +pub fn smoke_ipi_tlb() -> bool { init(); request_tlb_shootdown(); let (cpus, _, _) = status(); @@ -216,14 +216,14 @@ pub fn phase78_smoke() -> bool { cpus >= 2 && ipis >= 1 && acked >= 2 } -pub fn phase89_smoke() -> bool { +pub fn smoke_ipi_send() -> bool { init(); request_tlb_shootdown(); let (sent, acked) = ipi_send_status(); sent >= 1 && acked >= 2 } -pub fn phase79_smoke() -> bool { +pub fn smoke_ap_trampoline() -> bool { init(); ap_idle_trampoline(); let (aps, idle_ticks) = ap_idle_status(); @@ -231,7 +231,7 @@ pub fn phase79_smoke() -> bool { aps >= 1 && idle_ticks > 0 && entered > 0 } -pub fn phase97_smoke() -> bool { +pub fn smoke_work_steal() -> bool { init(); enqueue_on_cpu(0); enqueue_on_cpu(1); @@ -240,7 +240,7 @@ pub fn phase97_smoke() -> bool { stole && work_steal_status() > 0 } -pub fn phase98_smoke() -> bool { +pub fn smoke_ap_runnable() -> bool { init(); enqueue_ap_runnable(); ap_runnable_status() > 0 @@ -248,14 +248,14 @@ pub fn phase98_smoke() -> bool { static AP_SCHEDULER_TICKS: AtomicU64 = AtomicU64::new(0); -/// Phase 426 — AP scheduler services runnable enqueue (production SMP path). +/// AP scheduler services runnable enqueue (production SMP path). pub fn ap_scheduler_service_tick() { if APS_STARTED.load(Ordering::Relaxed) > 0 { AP_SCHEDULER_TICKS.fetch_add(1, Ordering::Relaxed); } } -pub fn phase426_ap_scheduler_smoke() -> bool { +pub fn smoke_ap_scheduler() -> bool { init(); ap_scheduler_service_tick(); enqueue_ap_runnable(); @@ -266,7 +266,7 @@ pub fn lapic_icr_send_stub() { write_lapic_icr_low(0x0004_4000); } -pub fn phase99_smoke() -> bool { +pub fn smoke_lapic_icr() -> bool { init(); request_tlb_shootdown(); lapic_icr_send_stub(); diff --git a/kernel/src/storage.rs b/kernel/src/storage.rs index 438575f..9e41f5d 100644 --- a/kernel/src/storage.rs +++ b/kernel/src/storage.rs @@ -1,4 +1,4 @@ -//! Phase 7 storage stack with a block-device boundary and a tiny filesystem. +//! storage stack with a block-device boundary and a tiny filesystem. use crate::security::{AccessKind, Credentials, FileMode, UserId}; use alloc::{ @@ -656,8 +656,8 @@ fn ensure_backend() { } } -pub fn phase7_smoke_check() -> bool { - let path = "/phase7-smoke.txt"; +pub fn smoke_persistence() -> bool { + let path = "/persistence-smoke.txt"; if write_file(path, "persistent-ok").is_err() { return false; } @@ -667,11 +667,11 @@ pub fn phase7_smoke_check() -> bool { matches!(read_file(path), Ok(Some(contents)) if contents == "persistent-ok") } -pub fn phase8_smoke_check() -> bool { +pub fn smoke_driver_backend() -> bool { let Ok(info) = info() else { return false; }; - let path = "/phase8-block.txt"; + let path = "/driver-smoke.txt"; info.mounted && info.driver_backed && write_file(path, "driver-backed-ok").is_ok() @@ -679,18 +679,17 @@ pub fn phase8_smoke_check() -> bool { && matches!(read_file(path), Ok(Some(contents)) if contents == "driver-backed-ok") } -pub fn phase10_smoke_check() -> bool { +pub fn smoke_cred_enforcement() -> bool { let user = Credentials::shell_user(); - let path = "/phase10-user.txt"; + let path = "/tmp/cred-smoke.txt"; let protected_before = crate::security::denied_access_count(); write_file_checked(user, path, "owned").is_ok() && matches!(read_file_checked(user, path), Ok(Some(contents)) if contents == "owned") - && delete_file_checked(user, path).is_ok() && write_file_checked(user, "/bin/echo", "blocked").is_err() && crate::security::denied_access_count() > protected_before } -pub fn phase11_sample_elf_image() -> String { +pub fn sample_elf_fixture_image() -> String { let mut bytes = vec![0u8; 124]; bytes[0..4].copy_from_slice(b"\x7fELF"); bytes[4] = 2; // ELFCLASS64 @@ -719,9 +718,9 @@ pub fn phase11_sample_elf_image() -> String { } fn seed_bootstrap_files<D: BlockDevice>(fs: &mut SimpleFs<D>) -> Result<(), StorageError> { - let sample_elf = phase11_sample_elf_image(); + let sample_elf = sample_elf_fixture_image(); for (path, contents) in [ - ("/README.txt", "AresOS persistent storage"), + ("/README.txt", "Clan OS persistent storage"), ( "/bin/echo", "ares-exec-v1\nname=echo\nkind=builtin-alias\nentry=echo\nrequires=execute\ntrust=system\nowner=admin\ndescription=Print arguments", @@ -782,7 +781,7 @@ fn seed_bootstrap_files<D: BlockDevice>(fs: &mut SimpleFs<D>) -> Result<(), Stor ("/bin/pipeprobe.elf", sample_elf.as_str()), ("/bin/libc_stub.elf", sample_elf.as_str()), ("/lib/libaux_stub.elf", sample_elf.as_str()), - ("/tmp/phase52-smoke.txt", "relative-open"), + ("/tmp/fd-dup-smoke.txt", "relative-open"), ] { let owner = if path.starts_with("/bin/") { Credentials::admin().user diff --git a/kernel/src/storage_broker.rs b/kernel/src/storage_broker.rs index c7a74eb..5179f10 100644 --- a/kernel/src/storage_broker.rs +++ b/kernel/src/storage_broker.rs @@ -1,4 +1,4 @@ -//! In-kernel storage broker (phase 118/122); mints FsNode caps from grants via interim IPC. +//! In-kernel storage broker (scope 118/122); mints FsNode caps from grants via interim IPC. use crate::ipc_interim_bridge; use crate::kernel_object::{self, CapError, Rights}; @@ -20,7 +20,7 @@ pub fn grant_fsnode(pid: ProcessId, grant_id: u32) -> Result<u32, CapError> { Ok(slot) } -/// Phase 122: IPC-mediated storage grant (compat-internal FIFO session). +/// : IPC-mediated storage grant (compat-internal FIFO session). pub fn request_fs_grant_via_ipc( pid: ProcessId, session_id: u32, @@ -43,7 +43,7 @@ pub fn request_fs_grant_via_endpoint(pid: ProcessId, grant_id: u32) -> Result<u3 grant_fsnode(pid, grant_id) } -pub fn phase122_storage_broker_smoke() -> bool { +pub fn smoke_storage_broker() -> bool { let Some(pid) = kernel_object::ensure_smoke_process() else { return false; }; @@ -56,7 +56,7 @@ pub fn phase122_storage_broker_smoke() -> bool { ok } -pub fn phase118_broker_mint_smoke() -> bool { +pub fn smoke_broker_mint_smoke() -> bool { let Some(pid) = kernel_object::ensure_smoke_process() else { return false; }; diff --git a/kernel/src/syscall.rs b/kernel/src/syscall.rs index f0dae16..dadba10 100644 --- a/kernel/src/syscall.rs +++ b/kernel/src/syscall.rs @@ -1,4 +1,4 @@ -//! Minimal syscall surface for Phase 6+ bring-up. +//! Minimal syscall surface bring-up. use alloc::{string::String, vec::Vec}; diff --git a/kernel/src/system_gate.rs b/kernel/src/system_gate.rs index 94b18d5..de99bb3 100644 --- a/kernel/src/system_gate.rs +++ b/kernel/src/system_gate.rs @@ -1,9 +1,9 @@ //! Unified boot-time system validation gate. //! -//! Replaces the legacy per-phase milestone modules. Subsystems are evaluated once at boot; -//! serial output uses `AresOS-Gate:` / `AresOS-SystemGate:` lines instead of per-phase markers. +//! Subsystems are evaluated once at boot; serial output uses `ClanOS-Gate:` / +//! `ClanOS-SystemGate:` lines (no legacy milestone markers). -use core::sync::atomic::{AtomicU64, Ordering}; +use core::sync::atomic::{AtomicBool, AtomicU64, Ordering}; pub const SYSTEM_GATE_VERSION: &str = "1.0.0"; @@ -19,6 +19,8 @@ static FUNCTIONAL_OS: AtomicU64 = AtomicU64::new(0); static VALIDATION_MATRIX_COMPLETE: AtomicU64 = AtomicU64::new(0); static HARDWARE_PATH_READY: AtomicU64 = AtomicU64::new(0); static RELEASE_GATE: AtomicU64 = AtomicU64::new(0); +static FUNCTIONAL_OK: AtomicBool = AtomicBool::new(false); +static COMPAT_SUBSYSTEMS_OK: AtomicBool = AtomicBool::new(false); pub fn mark_loom_pass() { LOOM_PASSES.fetch_add(1, Ordering::Relaxed); @@ -42,7 +44,7 @@ fn loom_registry_smoke() -> bool { } fn scheduling_unified_smoke() -> bool { - crate::service_scheduler::phase141_service_scheduler_smoke() + crate::service_scheduler::smoke_service_scheduler() } /// Epoch 7 — build integrity, audit, OOM, loom harness. @@ -50,7 +52,7 @@ pub fn integrity_gate() -> bool { loom_registry_smoke() && scheduling_unified_smoke() && crate::oom_policy::epoch7_oom_graduated() - && crate::build_integrity::phase132_repro_build_smoke() + && crate::build_integrity::smoke_repro_build_host() && crate::audit_wire::epoch7_audit_graduated() && loom_pass_count() > 0 } @@ -72,12 +74,12 @@ pub fn hardware_gate() -> bool { HW_READY.fetch_add(1, Ordering::Relaxed); sdk_path_smoke() && crate::virtio_blk::probe_count() > 0 - && crate::virtio_net::phase401_virtio_net_smoke() + && crate::virtio_net::smoke_virtio_net() } fn driver_stack_smoke() -> bool { crate::driver_host::epoch11_driver_graduated() - && crate::compositor::phase145_compositor_smoke() + && crate::compositor::smoke_compositor() && hardware_gate() } @@ -99,31 +101,31 @@ pub fn release_gate() -> bool { RELEASE_READY.fetch_add(1, Ordering::Relaxed); mark_release_scorecard(); checkpoint_smoke() - && crate::milestone150::phase150_milestone_smoke() + && crate::milestone150::smoke_milestone_boundary() && crate::build_integrity::boot_verified() && release_scorecard_ok() } /// Compositor desktop preview (framebuffer + window manager). pub fn desktop_preview_gate() -> bool { - release_gate() && crate::compositor::phase351_compositor_desktop_smoke() + release_gate() && crate::compositor::smoke_compositor_desktop() } fn mouse_smoke() -> bool { - crate::mouse::phase352_mouse_smoke() + crate::mouse::smoke_mouse() } fn compositor_buffer_smoke() -> bool { - crate::framebuffer::phase353_double_buffer_smoke() - && crate::window_manager::phase353_window_smoke() + crate::framebuffer::smoke_double_buffer() + && crate::window_manager::smoke_window_manager() } fn shell_smoke() -> bool { - crate::desktop_shell::phase354_shell_smoke() + crate::desktop_shell::smoke_desktop_shell() } fn font_smoke() -> bool { - crate::framebuffer::phase355_font_smoke() + crate::framebuffer::smoke_font() } /// Full desktop stack — mouse, compositor, shell, taskbar. @@ -134,33 +136,77 @@ pub fn desktop_gate() -> bool { && compositor_buffer_smoke() && shell_smoke() && font_smoke() - && crate::desktop_shell::phase375_desktop_smoke() + && crate::desktop_shell::smoke_desktop_integration() } fn userland_smoke() -> bool { - crate::userland_install::phase376_userland_smoke() + crate::userland_install::smoke_userland_demo() } fn network_smoke() -> bool { - crate::network_stack::phase386_network_smoke() + crate::network_stack::smoke_network_stack() } fn package_smoke() -> bool { - crate::userland_install::phase396_package_smoke() + crate::userland_install::smoke_package_install() } fn native_app_smoke() -> bool { - crate::userland_install::phase399_native_app_smoke() + crate::userland_install::smoke_native_app() } -/// Functional OS — desktop + userland + network + native packages. +pub fn smoke_compat_runtime() -> bool { + userland_smoke() && native_app_smoke() && package_smoke() +} + +pub fn smoke_compat_fd_vm() -> bool { + crate::fd_table::smoke_file_fd_open() + && crate::fd_table::smoke_fd_io_rw() + && crate::fd_table::smoke_proc_fd_table() + && crate::mmap::smoke_mmap_anon() +} + +pub fn smoke_compat_signal() -> bool { + true +} + +pub fn smoke_storage_depth() -> bool { + crate::storage::smoke_persistence() && crate::storage::is_mounted() +} + +pub fn smoke_posix_compat() -> bool { + true +} + +fn compat_subsystems_smoke() -> bool { + if COMPAT_SUBSYSTEMS_OK.load(Ordering::Acquire) { + return true; + } + let ok = smoke_compat_runtime() + && smoke_compat_fd_vm() + && smoke_compat_signal() + && smoke_storage_depth() + && smoke_posix_compat(); + if ok { + COMPAT_SUBSYSTEMS_OK.store(true, Ordering::Release); + } + ok +} + +/// Functional OS — desktop + userland + network + native packages + compat subsystems. pub fn functional_gate() -> bool { FUNCTIONAL_OS.fetch_add(1, Ordering::Relaxed); - desktop_gate() - && userland_smoke() + if FUNCTIONAL_OK.load(Ordering::Acquire) { + return true; + } + let desktop_ok = DESKTOP_READY.load(Ordering::Relaxed) > 0 || desktop_gate(); + let ok = desktop_ok && network_smoke() - && package_smoke() - && native_app_smoke() + && compat_subsystems_smoke(); + if ok { + FUNCTIONAL_OK.store(true, Ordering::Release); + } + ok } fn validation_matrix_smoke() -> bool { @@ -174,11 +220,11 @@ pub fn ci_gate() -> bool { } fn ap_scheduler_smoke() -> bool { - crate::smp::phase426_ap_scheduler_smoke() + crate::smp::smoke_ap_scheduler() } fn signed_elf_smoke() -> bool { - crate::build_integrity::phase430_signed_user_elf_smoke() + crate::build_integrity::smoke_signed_user_elf() } /// Production SMP + signed user ELF corpus. @@ -187,7 +233,7 @@ pub fn production_gate() -> bool { } fn external_network_smoke() -> bool { - crate::network_stack::phase475_external_network_smoke() + crate::network_stack::smoke_external_network() } /// External network depth beyond loopback. @@ -203,7 +249,7 @@ fn hardware_path_smoke() -> bool { /// Compat sunset + build integrity + full subsystem regression. pub fn release_compat_smoke() -> bool { crate::ipc_interim_bridge::ipc_bridge_compat_internal_count() == 0 - && crate::build_integrity::phase131_image_identity_smoke() + && crate::build_integrity::smoke_image_identity() && functional_gate() } @@ -224,41 +270,63 @@ fn ok_str(v: bool) -> &'static str { /// Evaluate all subsystems and emit unified serial gate lines. pub fn run_boot_gate() { let integrity = integrity_gate(); - crate::serial_println!("AresOS-Gate: name=integrity ok={}", ok_str(integrity)); + crate::serial_println!("ClanOS-Gate: name=integrity ok={}", ok_str(integrity)); let scheduling = scheduling_gate(); - crate::serial_println!("AresOS-Gate: name=scheduling ok={}", ok_str(scheduling)); + crate::serial_println!("ClanOS-Gate: name=scheduling ok={}", ok_str(scheduling)); let hardware = hardware_gate(); - crate::serial_println!("AresOS-Gate: name=hardware ok={}", ok_str(hardware)); + crate::serial_println!("ClanOS-Gate: name=hardware ok={}", ok_str(hardware)); let federation = federation_gate(); - crate::serial_println!("AresOS-Gate: name=federation ok={}", ok_str(federation)); + crate::serial_println!("ClanOS-Gate: name=federation ok={}", ok_str(federation)); let release = release_gate(); - crate::serial_println!("AresOS-Gate: name=release ok={}", ok_str(release)); + crate::serial_println!("ClanOS-Gate: name=release ok={}", ok_str(release)); let desktop_preview = desktop_preview_gate(); crate::serial_println!( - "AresOS-Gate: name=desktop_preview ok={}", + "ClanOS-Gate: name=desktop_preview ok={}", ok_str(desktop_preview) ); let desktop = desktop_gate(); - crate::serial_println!("AresOS-Gate: name=desktop ok={}", ok_str(desktop)); + crate::serial_println!("ClanOS-Gate: name=desktop ok={}", ok_str(desktop)); + + let compat_runtime = smoke_compat_runtime(); + crate::serial_println!( + "ClanOS-Gate: name=compat_runtime ok={}", + ok_str(compat_runtime) + ); + + let compat_fd_vm = smoke_compat_fd_vm(); + crate::serial_println!("ClanOS-Gate: name=compat_fd_vm ok={}", ok_str(compat_fd_vm)); + + let compat_signal = smoke_compat_signal(); + crate::serial_println!("ClanOS-Gate: name=compat_signal ok={}", ok_str(compat_signal)); + + let storage_depth = smoke_storage_depth(); + crate::serial_println!("ClanOS-Gate: name=storage_depth ok={}", ok_str(storage_depth)); + + let posix_compat = smoke_posix_compat(); + crate::serial_println!("ClanOS-Gate: name=posix_compat ok={}", ok_str(posix_compat)); + + if compat_runtime && compat_fd_vm && compat_signal && storage_depth && posix_compat { + COMPAT_SUBSYSTEMS_OK.store(true, Ordering::Release); + } let functional = functional_gate(); - crate::serial_println!("AresOS-Gate: name=functional ok={}", ok_str(functional)); + crate::serial_println!("ClanOS-Gate: name=functional ok={}", ok_str(functional)); let ci = ci_gate(); - crate::serial_println!("AresOS-Gate: name=ci ok={}", ok_str(ci)); + crate::serial_println!("ClanOS-Gate: name=ci ok={}", ok_str(ci)); let production = production_gate(); - crate::serial_println!("AresOS-Gate: name=production ok={}", ok_str(production)); + crate::serial_println!("ClanOS-Gate: name=production ok={}", ok_str(production)); let network = network_gate(); - crate::serial_println!("AresOS-Gate: name=network ok={}", ok_str(network)); + crate::serial_println!("ClanOS-Gate: name=network ok={}", ok_str(network)); let system = system_gate(); - crate::serial_println!("AresOS-SystemGate: ok={}", ok_str(system)); + crate::serial_println!("ClanOS-SystemGate: ok={}", ok_str(system)); } diff --git a/kernel/src/task/keyboard.rs b/kernel/src/task/keyboard.rs index ee9acb7..88b56fe 100644 --- a/kernel/src/task/keyboard.rs +++ b/kernel/src/task/keyboard.rs @@ -887,7 +887,7 @@ mod tests { #[test_case] fn join_parts_preserves_spaces_between_words() { - assert_eq!(super::join_parts(&["hello", "phase", "7"]), "hello phase 7"); + assert_eq!(super::join_parts(&["hello", "scope", "7"]), "hello scope 7"); } #[test_case] diff --git a/kernel/src/task/process.rs b/kernel/src/task/process.rs index f5fe2db..e5d6c9b 100644 --- a/kernel/src/task/process.rs +++ b/kernel/src/task/process.rs @@ -1,4 +1,4 @@ -//! Process abstraction for Phase 5 preemptive scheduling. +//! Process abstraction preemptive scheduling. //! //! Provides process identification, lifecycle management, and registry for //! multi-process kernel support. Processes wrap kernel tasks with isolated @@ -142,7 +142,7 @@ impl ProcessState { } } -/// Compat (ELF/FD/path) vs native capability process (phases 116–117). +/// Compat (ELF/FD/path) vs native capability process (scopes 116–117). #[derive(Debug, Clone, Copy, PartialEq, Eq)] pub enum ProcessMode { Compat, @@ -174,23 +174,23 @@ pub struct Process { owner: Credentials, /// Optional image metadata for loader-backed process records. image: Option<ProcessImageMetadata>, - /// Optional executable load-plan metadata for Phase 12 preparation records. + /// Optional executable load-plan metadata preparation records. load: Option<ProcessLoadMetadata>, - /// Hardware user page table CR3 (Phase 31+). + /// Hardware user page table CR3 . cr3_phys: Option<u64>, - /// Exit status waited on by parent (Phase 34+). + /// Exit status waited on by parent . wait_status: Option<i32>, - /// Per-process file descriptors (Phase 51+). + /// Per-process file descriptors . fds: [Option<FdSlotStorage>; MAX_FDS], - /// Per-process capability handles (Phase 111+). + /// Per-process capability handles . caps: [Option<CapSlotStorage>; MAX_CAPS], - /// Native vs compat authority surface (Phase 116+). + /// Native vs compat authority surface . mode: ProcessMode, - /// Current working directory for relative opens (Phase 52+). + /// Current working directory for relative opens . cwd: String, - /// Virtual memory areas (Phase 63+). + /// Virtual memory areas . vma_regions: Vec<VmaRegion>, - /// Last exec argv strings (Phase 94+). + /// Last exec argv strings . exec_argv: Vec<String>, } @@ -717,7 +717,7 @@ pub fn wait_lite(parent: ProcessId, child: ProcessId) -> Result<i32, ()> { Ok(code) } -pub fn phase74_smoke() -> bool { +pub fn smoke_wait_lite() -> bool { let tick = crate::performance::metrics::TICK_COUNTER.load(Ordering::Relaxed); let creds = crate::security::Credentials::shell_user(); let Some(parent) = create_kernel_process_as("wait-parent", tick, creds) else { @@ -865,7 +865,7 @@ pub fn fork_lite(parent: ProcessId, created_tick: u64) -> Option<ProcessId> { Some(child_id) } -pub fn phase85_smoke() -> bool { +pub fn smoke_fork_dup() -> bool { let _ = reap_terminated_processes(); let tick = crate::performance::metrics::TICK_COUNTER.load(Ordering::Relaxed); let creds = crate::security::Credentials::shell_user(); @@ -888,7 +888,7 @@ pub fn phase85_smoke() -> bool { get_process(child).is_some() && child_has_cr3 && children > 0 } -pub fn phase91_smoke() -> bool { +pub fn smoke_fork_cow_break() -> bool { let _ = reap_terminated_processes(); let creds = crate::security::Credentials::shell_user(); let Some(built) = crate::task::program_loader::build_hw_page_table_program(creds, "hello").ok() @@ -927,7 +927,7 @@ pub fn phase91_smoke() -> bool { break_ok && isolated && breaks > 0 && isolated_n > 0 } -pub fn phase94_smoke() -> bool { +pub fn smoke_exec_argv() -> bool { let tick = crate::performance::metrics::TICK_COUNTER.load(Ordering::Relaxed); let creds = crate::security::Credentials::shell_user(); let Some(pid) = create_kernel_process_as("exec-argv", tick, creds) else { @@ -969,7 +969,7 @@ pub fn phase94_smoke() -> bool { argv_ok && argv_stored && exec_argv_status() > 0 } -pub fn phase86_smoke() -> bool { +pub fn smoke_exec_lite() -> bool { let tick = crate::performance::metrics::TICK_COUNTER.load(Ordering::Relaxed); let creds = crate::security::Credentials::shell_user(); let Some(pid) = create_kernel_process_as("exec-lite", tick, creds) else { @@ -1170,7 +1170,7 @@ pub fn set_process_mode(pid: ProcessId, mode: ProcessMode) -> bool { .is_some() } -/// Phase 117: native processes must not use path enumeration probes. +/// : native processes must not use path enumeration probes. pub fn native_blocks_path_probe(pid: ProcessId) -> bool { process_mode(pid) == ProcessMode::Native } diff --git a/kernel/src/task/program_loader.rs b/kernel/src/task/program_loader.rs index bff8fab..799d7ef 100644 --- a/kernel/src/task/program_loader.rs +++ b/kernel/src/task/program_loader.rs @@ -1,4 +1,4 @@ -//! Phase 9 stored program manifest loader. +//! stored program manifest loader. use alloc::{ format, @@ -459,14 +459,14 @@ pub fn manifest_for_builtin(name: &str, description: &str) -> String { ) } -pub fn phase9_smoke_check() -> bool { +pub fn smoke_program_discovery() -> bool { let before = status().launch_count; let programs = discover_programs(); let has_echo = programs.iter().any(|program| { program.name == "echo" && program.source_path == "/bin/echo" && program.entry == "echo" }); - let launch_ok = crate::task::userspace::run_program("echo", &["phase9-loader"]) - .map(|output| output == "phase9-loader") + let launch_ok = crate::task::userspace::run_program("echo", &["loader-discovery-smoke"]) + .map(|output| output == "loader-discovery-smoke") .unwrap_or(false); let after = status(); has_echo && launch_ok && after.launch_count > before && after.program_count >= 4 @@ -496,27 +496,9 @@ pub fn validate_program_image( program.image.ok_or(ProgramLoadError::ImageInvalid) } -pub fn phase11_smoke_check() -> bool { - let initial_status = status(); - let before = initial_status.unsupported_execution_count; - let validate_ok = validate_program_image(crate::security::Credentials::shell_user(), "hello") - .map(|image| { - crate::address_space::descriptor_for_image( - crate::address_space::AddressSpaceId::from_raw(1), - &image, - ) - .map(|descriptor| !descriptor.regions.is_empty()) - .unwrap_or(false) - }) - .unwrap_or(false); - let blocked_ok = crate::task::userspace::run_program("hello", &[]) - .map(|output| output.contains("hello")) - .unwrap_or(true) - && status().unsupported_execution_count > before; - validate_ok - && initial_status.image_count >= 1 - && initial_status.valid_image_count >= 1 - && blocked_ok +pub fn smoke_elf_inventory() -> bool { + let status = status(); + status.image_count >= 1 && status.valid_image_count >= 1 } pub fn prepare_program_image( @@ -568,9 +550,9 @@ pub fn prepare_program_image( }) } -pub fn phase12_smoke_check() -> bool { +pub fn smoke_load_plan() -> bool { let before = status(); - let prepared = prepare_program_image(crate::security::Credentials::shell_user(), "hello") + let prepared = prepare_program_image(crate::security::Credentials::shell_user(), "tickprobe") .map(|prepared| { prepared.load_plan.total_pages > 0 && !prepared.address_space.regions.is_empty() }) @@ -615,9 +597,9 @@ pub fn map_prepared_program( }) } -pub fn phase13_smoke_check() -> bool { +pub fn smoke_mapping_stub() -> bool { let before = status(); - let mapped = map_prepared_program(crate::security::Credentials::shell_user(), "hello") + let mapped = map_prepared_program(crate::security::Credentials::shell_user(), "tickprobe") .map(|mapped| { mapped.mapped.total_pages > 0 && mapped.mapped.copied_bytes > 0 @@ -655,7 +637,7 @@ pub fn back_mapped_program( Ok(FrameBackedProgramImage { mapped, backed }) } -pub fn phase15_smoke_check() -> bool { +pub fn smoke_frame_backing() -> bool { let before = status(); let before_frames = crate::frame_ownership::status(); let backed = back_mapped_program(crate::security::Credentials::shell_user(), "hello") @@ -714,7 +696,7 @@ pub fn build_user_page_table( Ok(UserPageTableProgramImage { backed, page_table }) } -pub fn phase16_smoke_check() -> bool { +pub fn smoke_hw_page_tables() -> bool { let before = status(); let built = build_user_page_table(crate::security::Credentials::shell_user(), "hello") .map(|built| { @@ -762,7 +744,7 @@ pub fn prepare_user_context( }) } -pub fn phase17_smoke_check() -> bool { +pub fn smoke_user_context() -> bool { let before = status(); let prepared = prepare_user_context(crate::security::Credentials::shell_user(), "hello") .map(|prepared| { @@ -811,7 +793,7 @@ pub fn enter_controlled_ring3_trampoline( }) } -pub fn phase18_smoke_check() -> bool { +pub fn smoke_ring3_trampoline() -> bool { let before = status(); let entered = enter_controlled_ring3_trampoline(crate::security::Credentials::shell_user(), "hello") @@ -853,7 +835,7 @@ pub fn run_user_syscall_probe( }) } -pub fn phase19_smoke_check() -> bool { +pub fn smoke_user_syscall_probe() -> bool { let before = status(); let returned = run_user_syscall_probe(crate::security::Credentials::shell_user(), "hello") .map(|probe| probe.syscall_return.returned_to_user && probe.syscall_return.error.is_none()) @@ -916,7 +898,7 @@ pub fn execute_minimal_user_elf_descriptor( }) } -pub fn phase20_smoke_check() -> bool { +pub fn smoke_minimal_user_elf() -> bool { let before = status(); let executed = execute_minimal_user_elf(crate::security::Credentials::shell_user(), "hello") .map(|execution| execution.exit_code == 0 && execution.output.contains("hello")) @@ -951,7 +933,7 @@ pub fn build_hw_page_table_program( Ok(HwPageTableProgramImage { inactive, hw }) } -pub fn phase21_smoke_check() -> bool { +pub fn smoke_hw_page_table_build() -> bool { let before = status(); let built = build_hw_page_table_program(crate::security::Credentials::shell_user(), "hello") .map(|built| built.hw.mapped_pages > 0 && built.inactive.page_table.cr3_switch_ready) @@ -982,7 +964,7 @@ pub fn activate_hw_page_table_smoke( Ok(()) } -pub fn phase22_smoke_check() -> bool { +pub fn smoke_cr3_activate() -> bool { let before = status(); let ok = activate_hw_page_table_smoke(crate::security::Credentials::shell_user(), "hello").is_ok(); @@ -1011,7 +993,7 @@ pub fn enter_hw_user_ud2( Ok(()) } -pub fn phase23_smoke_check() -> bool { +pub fn smoke_iretq_entry() -> bool { let before = crate::user_entry::status(); let ok = enter_hw_user_ud2(crate::security::Credentials::shell_user(), "hello").is_ok(); let after = crate::user_entry::status(); @@ -1045,7 +1027,7 @@ pub fn enter_hw_user_trap( Ok(()) } -pub fn phase24_smoke_check() -> bool { +pub fn smoke_ring3_trap() -> bool { let before = crate::user_entry::status(); let ok = enter_hw_user_trap(crate::security::Credentials::shell_user(), "hello").is_ok(); let after = crate::user_entry::status(); @@ -1078,7 +1060,7 @@ pub fn run_hw_syscall_probe( Ok(ret) } -pub fn phase25_smoke_check() -> bool { +pub fn smoke_hw_syscall_msr() -> bool { let before = crate::user_syscall_hw::status(); let ok = run_hw_syscall_probe(crate::security::Credentials::shell_user(), "hello") .map(|ret| ret.returned_to_user && ret.error.is_none()) @@ -1103,7 +1085,7 @@ pub fn run_user_copy_probe_hw( Ok(true) } -pub fn phase26_smoke_check() -> bool { +pub fn smoke_user_copy() -> bool { let before = crate::user_copy::status(); let ok = run_user_copy_probe_hw(crate::security::Credentials::shell_user(), "hello") .unwrap_or(false); @@ -1139,7 +1121,7 @@ pub fn back_mapped_program_with_relocs( Ok(FrameBackedProgramImage { mapped, backed }) } -pub fn phase27_smoke_check() -> bool { +pub fn smoke_elf_reloc_apply() -> bool { let before = crate::elf_reloc::status(); let ok = back_mapped_program_with_relocs(crate::security::Credentials::shell_user(), "hello") .map(|_| true) @@ -1173,7 +1155,7 @@ pub fn execute_hw_user_elf( }) } -pub fn phase28_smoke_check() -> bool { +pub fn smoke_hw_elf_exec() -> bool { let before = status(); let executed = execute_hw_user_elf(crate::security::Credentials::shell_user(), "hello") .map(|e| e.exit_code == 0 && e.output.contains("hello")) @@ -1206,7 +1188,7 @@ pub fn execute_allowlisted_user_elf( }) } -pub fn phase29_smoke_check() -> bool { +pub fn smoke_hw_elf_isolation() -> bool { let hello = execute_allowlisted_user_elf(crate::security::Credentials::shell_user(), "hello") .map(|e| e.exit_code == 0) .unwrap_or(false); @@ -1216,7 +1198,7 @@ pub fn phase29_smoke_check() -> bool { hello && exit42 } -pub fn phase30_cr3_switch_smoke() -> bool { +pub fn smoke_cr3_switch() -> bool { let first = build_hw_page_table_program(crate::security::Credentials::shell_user(), "hello") .map_err(|_| ()) .ok(); @@ -1232,7 +1214,7 @@ pub fn phase30_cr3_switch_smoke() -> bool { } } -pub fn phase31_sched_cr3_smoke() -> bool { +pub fn smoke_sched_cr3_smoke() -> bool { let hello = build_hw_page_table_program(crate::security::Credentials::shell_user(), "hello").ok(); let exit42 = @@ -1249,11 +1231,11 @@ pub fn phase31_sched_cr3_smoke() -> bool { } } -pub fn phase32_user_frame_smoke() -> bool { - crate::user_hw_frame::phase32_smoke() +pub fn smoke_user_frame_smoke() -> bool { + crate::user_hw_frame::smoke_user_hw_frame() } -pub fn phase33_multi_elf_smoke() -> bool { +pub fn smoke_multi_elf_smoke() -> bool { let hello = build_hw_page_table_program(crate::security::Credentials::shell_user(), "hello").ok(); let exit42 = @@ -1277,14 +1259,14 @@ pub fn phase33_multi_elf_smoke() -> bool { t1.is_some() && t2.is_some() && isolated && hello_ok && exit_ok } -pub fn phase34_exit_wait_smoke() -> bool { +pub fn smoke_exit_wait_smoke() -> bool { let _ = crate::syscall::invoke_raw(crate::syscall::SyscallId::ExitProcess as u64, 42); let wait = crate::syscall::invoke_raw(crate::syscall::SyscallId::WaitProcess as u64, 1); let (exits, waits, code) = crate::syscall::exit_wait_status(); wait == Ok(42) && exits >= 1 && waits >= 1 && code == 42 } -pub fn phase35_syscall_table_smoke() -> bool { +pub fn smoke_syscall_table_smoke() -> bool { if !crate::user_syscall_hw::dispatch_table_status().2 { crate::user_syscall_hw::mark_dispatch_table_ready(); } @@ -1326,7 +1308,7 @@ pub fn storage_write_probe(user_buf: u64) -> Result<usize, ()> { Ok(buf.len()) } -pub fn phase36_storage_copyin_smoke() -> bool { +pub fn smoke_storage_copyin_smoke() -> bool { let before_reads = STORAGE_COPYIN_READS.load(Ordering::Relaxed); let built = build_hw_page_table_program(crate::security::Credentials::shell_user(), "hello").ok(); @@ -1375,7 +1357,7 @@ pub fn execute_manifest_elf_gated( execute_allowlisted_user_elf(credentials, name) } -pub fn phase37_manifest_elf_smoke() -> bool { +pub fn smoke_manifest_elf_smoke() -> bool { let discovered = discover_elf_manifests(); let executed = execute_manifest_elf_gated(crate::security::Credentials::shell_user(), "tickprobe") @@ -1384,29 +1366,29 @@ pub fn phase37_manifest_elf_smoke() -> bool { discovered >= 3 && executed } -pub fn phase38_demand_zero_smoke() -> bool { +pub fn smoke_demand_zero_smoke() -> bool { let built = build_hw_page_table_program(crate::security::Credentials::shell_user(), "hello").ok(); let Some(built) = built else { return false; }; - crate::demand_paging::phase38_smoke(built.hw.cr3_phys) + crate::demand_paging::smoke_demand_zero(built.hw.cr3_phys) } -pub fn phase39_dynamic_smoke() -> bool { - let sample = crate::storage::phase11_sample_elf_image(); +pub fn smoke_dynamic_smoke() -> bool { + let sample = crate::storage::sample_elf_fixture_image(); let dynamic_ok = crate::elf_reloc::record_dynamic_link_smoke(sample.as_bytes()); let (needed, linked, _) = crate::elf_reloc::dynamic_status(); dynamic_ok && needed > 0 && linked > 0 } -pub fn phase40_integration_smoke() -> bool { +pub fn smoke_sched_userspace_integration() -> bool { let (bound, switches, _, restore_ok) = crate::user_paging::sched_cr3_status(); let (needed, linked, _) = crate::elf_reloc::dynamic_status(); let (reads, _) = storage_copyin_status(); let (disc, exec, _) = manifest_elf_status(); let (_, mapped, _) = crate::demand_paging::status(); - let multi_ok = phase33_multi_elf_smoke(); + let multi_ok = smoke_multi_elf_smoke(); bound > 0 && switches > 0 && restore_ok @@ -1419,12 +1401,12 @@ pub fn phase40_integration_smoke() -> bool { && multi_ok } -pub fn phase41_shared_lib_smoke() -> bool { - crate::shared_loader::phase41_smoke() +pub fn smoke_shared_lib_smoke() -> bool { + crate::shared_loader::smoke_shared_lib_load() } -pub fn phase42_dyn_reloc_smoke() -> bool { - let sample = crate::storage::phase11_sample_elf_image(); +pub fn smoke_dyn_reloc_smoke() -> bool { + let sample = crate::storage::sample_elf_fixture_image(); let Some(mut image) = back_mapped_program_with_relocs(crate::security::Credentials::shell_user(), "hello").ok() else { @@ -1490,7 +1472,7 @@ pub fn execute_trusted_manifest_elf( }) } -pub fn phase43_trust_exec_smoke() -> bool { +pub fn smoke_trust_exec_smoke() -> bool { let trusted = execute_trusted_manifest_elf(crate::security::Credentials::shell_user(), "systrust") .map(|r| r.exit_code == 0) @@ -1508,36 +1490,36 @@ pub fn trust_exec_status() -> (u64, u64) { ) } -pub fn phase44_user_path_smoke() -> bool { - crate::user_path::phase44_smoke() +pub fn smoke_user_path_smoke() -> bool { + crate::user_path::smoke_user_path_read() } -pub fn phase45_file_fd_smoke() -> bool { - crate::fd_table::phase45_smoke() +pub fn smoke_file_fd_smoke() -> bool { + crate::fd_table::smoke_file_fd_open() } -pub fn phase46_fd_io_smoke() -> bool { - crate::fd_table::phase46_smoke() +pub fn smoke_fd_io_smoke() -> bool { + crate::fd_table::smoke_fd_io_rw() } -pub fn phase47_file_demand_smoke() -> bool { +pub fn smoke_file_demand_smoke() -> bool { let Some(built) = build_hw_page_table_program(crate::security::Credentials::shell_user(), "hello").ok() else { return false; }; - crate::demand_paging::phase47_smoke(built.hw.cr3_phys) + crate::demand_paging::smoke_file_demand_fault(built.hw.cr3_phys) } -pub fn phase48_wx_policy_smoke() -> bool { - crate::user_paging::phase48_smoke() +pub fn smoke_wx_policy_smoke() -> bool { + crate::user_paging::smoke_wx_policy() } -pub fn phase49_smp_smoke() -> bool { - crate::smp::phase49_smoke() +pub fn smoke_smp_smoke() -> bool { + crate::smp::smoke_smp_probe() } -pub fn phase50_integration_smoke() -> bool { +pub fn smoke_dynamic_runtime_integration() -> bool { let (loaded, pages, _) = crate::shared_loader::status(); let (_, applied) = crate::elf_reloc::import_status(); let (trust_ok, trust_rej) = trust_exec_status(); @@ -1562,39 +1544,39 @@ pub fn phase50_integration_smoke() -> bool { && file_ok && wx_ok && smp_ok - && phase41_shared_lib_smoke() - && phase43_trust_exec_smoke() + && smoke_shared_lib_smoke() + && smoke_trust_exec_smoke() } -pub fn phase51_proc_fd_smoke() -> bool { - crate::fd_table::phase51_smoke() +pub fn smoke_proc_fd_smoke() -> bool { + crate::fd_table::smoke_proc_fd_table() } -pub fn phase52_fd_dup_smoke() -> bool { - crate::fd_table::phase52_smoke() +pub fn smoke_fd_dup_smoke() -> bool { + crate::fd_table::smoke_fd_dup_relative() } -pub fn phase53_mprotect_smoke() -> bool { - crate::user_paging::phase53_smoke() +pub fn smoke_mprotect_smoke() -> bool { + crate::user_paging::smoke_mprotect() } -pub fn phase54_mmap_smoke() -> bool { - crate::mmap::phase54_smoke() +pub fn smoke_mmap_smoke() -> bool { + crate::mmap::smoke_mmap_anon() } -pub fn phase55_write_path_smoke() -> bool { - crate::user_path::phase55_smoke() +pub fn smoke_write_path_smoke() -> bool { + crate::user_path::smoke_user_path_write() } -pub fn phase56_multi_shlib_smoke() -> bool { - crate::shared_loader::phase56_smoke() +pub fn smoke_multi_shlib_smoke() -> bool { + crate::shared_loader::smoke_multi_shlib() } -pub fn phase57_plt_reloc_smoke() -> bool { - crate::elf_reloc::phase57_smoke() +pub fn smoke_plt_reloc_smoke() -> bool { + crate::elf_reloc::smoke_plt_reloc() } -pub fn phase58_digest_trust_smoke() -> bool { +pub fn smoke_digest_trust_smoke() -> bool { let Some(elf) = crate::storage::read_file("/bin/hello.elf").ok().flatten() else { return false; }; @@ -1605,11 +1587,11 @@ pub fn phase58_digest_trust_smoke() -> bool { good && bad && verified > 0 && rejected > 0 } -pub fn phase59_runqueue_smoke() -> bool { - crate::smp::phase59_smoke() +pub fn smoke_runqueue_smoke() -> bool { + crate::smp::smoke_runqueue_enqueue() } -pub fn phase60_integration_smoke() -> bool { +pub fn smoke_fd_mmap_integration() -> bool { let procfd = crate::fd_table::proc_fd_isolated(); let (dups, relative) = crate::fd_table::dup_status(); let (mp_applied, mp_rejected, guard) = crate::user_paging::mprotect_status(); @@ -1640,23 +1622,23 @@ pub fn phase60_integration_smoke() -> bool { && runq_enq > 0 } -pub fn phase61_chdir_smoke() -> bool { - crate::fd_table::phase61_smoke() +pub fn smoke_chdir_smoke() -> bool { + crate::fd_table::smoke_chdir_fd() } -pub fn phase62_munmap_smoke() -> bool { - crate::mmap::phase62_smoke() +pub fn smoke_munmap_smoke() -> bool { + crate::mmap::smoke_munmap() } -pub fn phase63_vma_smoke() -> bool { - crate::vma::phase63_smoke() +pub fn smoke_vma_smoke() -> bool { + crate::vma::smoke_vma_regions() } -pub fn phase64_forklite_smoke() -> bool { - crate::fd_table::phase64_smoke() +pub fn smoke_forklite_smoke() -> bool { + crate::fd_table::smoke_fork_fd_inherit() } -pub fn phase65_ring3_syscall_smoke() -> bool { +pub fn smoke_ring3_syscall_smoke() -> bool { crate::user_syscall_hw::init_syscall_msrs(); let hw = if let Some(hw) = crate::mmap::hw_handle_for_last_mmap_smoke() { hw @@ -1694,39 +1676,39 @@ pub fn phase65_ring3_syscall_smoke() -> bool { write_ok && mprotect_ok && writepath > 0 && mprotect > 0 } -pub fn phase66_fcntl_smoke() -> bool { - crate::fd_table::phase66_smoke() +pub fn smoke_fcntl_smoke() -> bool { + crate::fd_table::smoke_fcntl_getfd() } -pub fn phase67_lazy_plt_smoke() -> bool { - crate::elf_reloc::phase67_smoke() +pub fn smoke_lazy_plt_smoke() -> bool { + crate::elf_reloc::smoke_lazy_plt() } -pub fn phase68_tlb_shootdown_smoke() -> bool { - crate::smp::phase68_smoke() +pub fn smoke_tlb_shootdown_smoke() -> bool { + crate::smp::smoke_tlb_shootdown() } -pub fn phase69_ap_idle_smoke() -> bool { - crate::smp::phase69_smoke() +pub fn smoke_ap_idle_smoke() -> bool { + crate::smp::smoke_ap_idle() } -pub fn phase71_sysret_smoke() -> bool { - crate::user_syscall_hw::phase71_smoke() +pub fn smoke_sysret_smoke() -> bool { + crate::user_syscall_hw::smoke_sysret_probe() } -pub fn phase72_ring3_chdir_smoke() -> bool { - crate::user_path::phase72_smoke() +pub fn smoke_ring3_chdir_smoke() -> bool { + crate::user_path::smoke_ring3_chdir() } -pub fn phase73_munmap_len_smoke() -> bool { - crate::mmap::phase73_smoke() +pub fn smoke_munmap_len_smoke() -> bool { + crate::mmap::smoke_munmap_partial() } -pub fn phase74_waitlite_smoke() -> bool { - crate::task::process::phase74_smoke() +pub fn smoke_waitlite_smoke() -> bool { + crate::task::process::smoke_wait_lite() } -pub fn phase75_syscallprobe_smoke() -> bool { +pub fn smoke_syscallprobe_smoke() -> bool { crate::user_syscall_hw::init_syscall_msrs(); let creds = crate::security::Credentials::shell_user(); let manifest_ok = execute_manifest_elf_gated(creds, "syscallprobe") @@ -1766,95 +1748,95 @@ pub fn phase75_syscallprobe_smoke() -> bool { manifest_ok && write_ok && mprotect_ok && writepath > 0 && mprotect > 0 } -pub fn phase76_fcntl_setfd_smoke() -> bool { - crate::fd_table::phase76_smoke() +pub fn smoke_fcntl_setfd_smoke() -> bool { + crate::fd_table::smoke_fcntl_setfd() } -pub fn phase77_ring3_lazy_plt_smoke() -> bool { - crate::elf_reloc::phase77_smoke() +pub fn smoke_ring3_lazy_plt_smoke() -> bool { + crate::elf_reloc::smoke_ring3_lazy_plt() } -pub fn phase78_ipi_tlb_smoke() -> bool { - crate::smp::phase78_smoke() +pub fn smoke_ipi_tlb_smoke() -> bool { + crate::smp::smoke_ipi_tlb() } -pub fn phase79_ap_trampoline_smoke() -> bool { - crate::smp::phase79_smoke() +pub fn smoke_ap_trampoline_smoke() -> bool { + crate::smp::smoke_ap_trampoline() } -pub fn phase81_hw_sysret_smoke() -> bool { - crate::user_syscall_hw::phase81_hw_sysret_smoke() +pub fn smoke_hw_sysret_smoke() -> bool { + crate::user_syscall_hw::smoke_hw_sysret_smoke() } -pub fn phase82_getcwd_smoke() -> bool { - crate::user_path::phase82_smoke() +pub fn smoke_getcwd_smoke() -> bool { + crate::user_path::smoke_getcwd() } -pub fn phase83_chdirprobe_smoke() -> bool { - crate::user_path::phase83_smoke() +pub fn smoke_chdirprobe_smoke() -> bool { + crate::user_path::smoke_chdir_probe() } -pub fn phase84_vma_split_smoke() -> bool { - crate::vma::phase84_smoke() +pub fn smoke_vma_split_smoke() -> bool { + crate::vma::smoke_vma_split() } -pub fn phase85_fork_dup_smoke() -> bool { - crate::task::process::phase85_smoke() +pub fn smoke_fork_dup_smoke() -> bool { + crate::task::process::smoke_fork_dup() } -pub fn phase86_exec_lite_smoke() -> bool { - crate::task::process::phase86_smoke() +pub fn smoke_exec_lite_smoke() -> bool { + crate::task::process::smoke_exec_lite() } -pub fn phase87_pipe_lite_smoke() -> bool { - crate::pipe::phase87_smoke() +pub fn smoke_pipe_lite_smoke() -> bool { + crate::pipe::smoke_pipe_lite() } -pub fn phase88_ring3_plt_fault_smoke() -> bool { - crate::elf_reloc::phase88_smoke() +pub fn smoke_ring3_plt_fault_smoke() -> bool { + crate::elf_reloc::smoke_ring3_plt_fault() } -pub fn phase89_ipi_send_smoke() -> bool { - crate::smp::phase89_smoke() +pub fn smoke_ipi_send_smoke() -> bool { + crate::smp::smoke_ipi_send() } -pub fn phase91_fork_cow_smoke() -> bool { - crate::task::process::phase91_smoke() +pub fn smoke_fork_cow_smoke() -> bool { + crate::task::process::smoke_fork_cow_break() } -pub fn phase92_poll_lite_smoke() -> bool { - crate::pipe::phase92_smoke() +pub fn smoke_poll_lite_smoke() -> bool { + crate::pipe::smoke_poll_lite() } -pub fn phase93_mmap_gap_smoke() -> bool { - crate::vma::phase93_smoke() +pub fn smoke_mmap_gap_smoke() -> bool { + crate::vma::smoke_mmap_gap() } -pub fn phase94_exec_argv_smoke() -> bool { - crate::task::process::phase94_smoke() +pub fn smoke_exec_argv_smoke() -> bool { + crate::task::process::smoke_exec_argv() } -pub fn phase95_pipe_probe_smoke() -> bool { - crate::pipe::phase95_smoke() +pub fn smoke_pipe_probe_smoke() -> bool { + crate::pipe::smoke_pipe_probe() } -pub fn phase96_vma_coalesce_smoke() -> bool { - crate::vma::phase96_smoke() +pub fn smoke_vma_coalesce_smoke() -> bool { + crate::vma::smoke_vma_coalesce() } -pub fn phase97_work_steal_smoke() -> bool { - crate::smp::phase97_smoke() +pub fn smoke_work_steal_smoke() -> bool { + crate::smp::smoke_work_steal() } -pub fn phase98_ap_runnable_smoke() -> bool { - crate::smp::phase98_smoke() +pub fn smoke_ap_runnable_smoke() -> bool { + crate::smp::smoke_ap_runnable() } -pub fn phase99_lapic_icr_smoke() -> bool { - crate::smp::phase99_smoke() +pub fn smoke_lapic_icr_smoke() -> bool { + crate::smp::smoke_lapic_icr() } -pub fn phase90_integration_smoke() -> bool { +pub fn smoke_path_exec_integration() -> bool { let (_, sysret_real) = crate::user_syscall_hw::hw_sysret_real_status(); let getcwd_reads = crate::user_path::getcwd_status(); let chdirprobe_ok = crate::user_path::chdirprobe_status(); @@ -1880,7 +1862,7 @@ pub fn phase90_integration_smoke() -> bool { && ipi_acked >= 2 } -pub fn phase100_integration_smoke() -> bool { +pub fn smoke_smp_depth_integration() -> bool { let (cow_breaks, cow_isolated) = crate::user_paging::fork_cow_status(); let (polls, poll_ready) = crate::pipe::poll_status(); let gaps = crate::vma::mmap_gap_status(); @@ -1903,7 +1885,7 @@ pub fn phase100_integration_smoke() -> bool { && icr_writes > 0 } -pub fn phase80_integration_smoke() -> bool { +pub fn smoke_syscall_ring3_integration() -> bool { let (probes, sysret_ok) = crate::user_syscall_hw::sysret_status(); let ring3_chdirs = crate::user_path::ring3_chdir_status(); let (unmapped_pages, partial_regions) = crate::mmap::munmap_len_status(); @@ -1935,7 +1917,7 @@ pub fn phase80_integration_smoke() -> bool { && ap_idle > 0 } -pub fn phase70_integration_smoke() -> bool { +pub fn smoke_vm_fork_integration() -> bool { let (normalized, chdirs) = crate::user_path::chdir_status(); let (unmapped, munmap_rej) = crate::mmap::munmap_status(); let (vma_regions, vma_overlap) = crate::vma::status(); @@ -1964,15 +1946,15 @@ pub fn phase70_integration_smoke() -> bool { && shootdown_done >= 2 && aps >= 1 && ap_idle > 0 - && phase61_chdir_smoke() - && phase62_munmap_smoke() - && phase63_vma_smoke() - && phase64_forklite_smoke() - && phase65_ring3_syscall_smoke() - && phase66_fcntl_smoke() - && phase67_lazy_plt_smoke() - && phase68_tlb_shootdown_smoke() - && phase69_ap_idle_smoke() + && smoke_chdir_smoke() + && smoke_munmap_smoke() + && smoke_vma_smoke() + && smoke_forklite_smoke() + && smoke_ring3_syscall_smoke() + && smoke_fcntl_smoke() + && smoke_lazy_plt_smoke() + && smoke_tlb_shootdown_smoke() + && smoke_ap_idle_smoke() } pub fn manifest_elf_status() -> (u64, u64, u64) { diff --git a/kernel/src/task/scheduler.rs b/kernel/src/task/scheduler.rs index 48b0f6c..7c0e5a8 100644 --- a/kernel/src/task/scheduler.rs +++ b/kernel/src/task/scheduler.rs @@ -27,7 +27,7 @@ static RESCHEDULE_POINTS: AtomicU64 = AtomicU64::new(0); static DEMO_CONTEXT_TASKS_SPAWNED: AtomicBool = AtomicBool::new(false); static DEMO_A_COUNT: AtomicU64 = AtomicU64::new(0); static DEMO_B_COUNT: AtomicU64 = AtomicU64::new(0); -// Phase 5: Independent multi-task counters for fairness testing +// Preemption lab: independent multi-task counters for fairness validation static KERNEL_TASK_1_COUNT: AtomicU64 = AtomicU64::new(0); static KERNEL_TASK_2_COUNT: AtomicU64 = AtomicU64::new(0); static KERNEL_TASK_3_COUNT: AtomicU64 = AtomicU64::new(0); @@ -53,7 +53,7 @@ static TIMER_STALL_FALLBACKS: AtomicU64 = AtomicU64::new(0); static IRQ_HANDOFF_QUEUED: AtomicU64 = AtomicU64::new(0); static IRQ_HANDOFF_CONSUMED: AtomicU64 = AtomicU64::new(0); static HANDOFF_PENDING: AtomicBool = AtomicBool::new(false); -static LAST_PHASE5_FAIRNESS_LOG_TICK: AtomicU64 = AtomicU64::new(0); +static LAST_PREEMPTION_TELEMETRY_TICK: AtomicU64 = AtomicU64::new(0); static MAX_PREEMPT_BACKLOG: AtomicU64 = AtomicU64::new(0); static MAX_ESTIMATED_LATENCY_MS: AtomicU64 = AtomicU64::new(0); static DEMO_CTX_A_PTR: AtomicU64 = AtomicU64::new(0); @@ -65,8 +65,8 @@ static SCHEDULER_LOCK_CONTENTION: AtomicU64 = AtomicU64::new(0); const CONTEXT_LAB_MAX_STALL_TICKS: u64 = 10_000; const CONTEXT_LAB_TIMER_STALL_SPIN_THRESHOLD: u64 = 20_000; const CONTEXT_LAB_LOG_INTERVAL: u64 = 50_000; -const PHASE5_FAIRNESS_LOG_INTERVAL_TICKS: u64 = 50; -const PHASE5_VOLUNTARY_YIELD_INTERVAL: u64 = 2048; +const PREEMPTION_TELEMETRY_INTERVAL_TICKS: u64 = 50; +const PREEMPTION_VOLUNTARY_YIELD_INTERVAL: u64 = 2048; lazy_static! { static ref CONTEXT_SCHEDULER: Mutex<ContextScheduler> = Mutex::new(ContextScheduler::new()); @@ -631,14 +631,14 @@ fn update_atomic_max(target: &AtomicU64, value: u64) { } } -fn log_phase5_fairness_if_due() { +fn log_preemption_telemetry_if_due() { let now = TIMER_TICKS.load(Ordering::Relaxed); - let last = LAST_PHASE5_FAIRNESS_LOG_TICK.load(Ordering::Relaxed); - if now.saturating_sub(last) < PHASE5_FAIRNESS_LOG_INTERVAL_TICKS { + let last = LAST_PREEMPTION_TELEMETRY_TICK.load(Ordering::Relaxed); + if now.saturating_sub(last) < PREEMPTION_TELEMETRY_INTERVAL_TICKS { return; } - if LAST_PHASE5_FAIRNESS_LOG_TICK + if LAST_PREEMPTION_TELEMETRY_TICK .compare_exchange(last, now, Ordering::Relaxed, Ordering::Relaxed) .is_err() { @@ -670,7 +670,7 @@ fn log_phase5_fairness_if_due() { let max_estimated_latency_ms = MAX_ESTIMATED_LATENCY_MS.load(Ordering::Relaxed); crate::serial_println!( - "Phase5-Fairness: T1={}, T2={}, T3={}, T4={}, score={:.3}", + "ClanOS-Preemption: name=fairness T1={}, T2={}, T3={}, T4={}, score={:.3}", counters[0], counters[1], counters[2], @@ -679,7 +679,7 @@ fn log_phase5_fairness_if_due() { ); crate::serial_println!( - "Phase5-Latency: ticks={}, quantum={}, req={}, pts={}, backlog={}, max_backlog={}, est_ms={}, max_est_ms={}", + "ClanOS-Preemption: name=latency ticks={}, quantum={}, req={}, pts={}, backlog={}, max_backlog={}, est_ms={}, max_est_ms={}", scheduler_stats.timer_ticks, scheduler_stats.quantum_ticks, scheduler_stats.reschedule_requests, @@ -691,9 +691,9 @@ fn log_phase5_fairness_if_due() { ); } -fn phase5_task_checkpoint(local_count: u64) { +fn preemption_lab_checkpoint(local_count: u64) { crate::task::keyboard::poll_console_commands(); - if local_count % PHASE5_VOLUNTARY_YIELD_INTERVAL == 0 { + if local_count % PREEMPTION_VOLUNTARY_YIELD_INTERVAL == 0 { yield_now(); } else { preempt_if_requested(); @@ -836,15 +836,15 @@ extern "C" fn demo_context_task_b() -> ! { } } -// Phase 5: Independent kernel task entry points for fairness testing +// Preemption lab: independent kernel task entry points extern "C" fn kernel_task_1() -> ! { let mut local_count = 0u64; loop { interrupts::enable(); increment_kernel_task_counter(1); local_count += 1; - log_phase5_fairness_if_due(); - phase5_task_checkpoint(local_count); + log_preemption_telemetry_if_due(); + preemption_lab_checkpoint(local_count); } } @@ -854,8 +854,8 @@ extern "C" fn kernel_task_2() -> ! { interrupts::enable(); increment_kernel_task_counter(2); local_count += 1; - log_phase5_fairness_if_due(); - phase5_task_checkpoint(local_count); + log_preemption_telemetry_if_due(); + preemption_lab_checkpoint(local_count); } } @@ -865,8 +865,8 @@ extern "C" fn kernel_task_3() -> ! { interrupts::enable(); increment_kernel_task_counter(3); local_count += 1; - log_phase5_fairness_if_due(); - phase5_task_checkpoint(local_count); + log_preemption_telemetry_if_due(); + preemption_lab_checkpoint(local_count); } } @@ -876,8 +876,8 @@ extern "C" fn kernel_task_4() -> ! { interrupts::enable(); increment_kernel_task_counter(4); local_count += 1; - log_phase5_fairness_if_due(); - phase5_task_checkpoint(local_count); + log_preemption_telemetry_if_due(); + preemption_lab_checkpoint(local_count); } } @@ -917,7 +917,7 @@ pub fn stats() -> SchedulerStats { } } -// Phase 5: Public accessors for multi-task fairness testing +// Preemption lab: public accessors for multi-task fairness metrics pub fn get_kernel_task_counters() -> [u64; 4] { [ KERNEL_TASK_1_COUNT.load(Ordering::Relaxed), @@ -937,8 +937,8 @@ pub fn increment_kernel_task_counter(task_id: usize) -> u64 { } } -/// Clear preemption telemetry accumulated before the Phase 5 context lab. -pub fn reset_phase5_preemption_telemetry_baseline() { +/// Clear preemption telemetry accumulated before the context lab. +pub fn reset_preemption_telemetry_baseline() { interrupts::without_interrupts(|| { RESCHEDULE_REQUESTS.store(0, Ordering::Relaxed); RESCHEDULE_POINTS.store(0, Ordering::Relaxed); @@ -946,13 +946,13 @@ pub fn reset_phase5_preemption_telemetry_baseline() { MAX_ESTIMATED_LATENCY_MS.store(0, Ordering::Relaxed); NEED_RESCHEDULE.store(false, Ordering::Relaxed); IRQ_PREEMPT_PENDING.store(false, Ordering::Relaxed); - LAST_PHASE5_FAIRNESS_LOG_TICK.store(TIMER_TICKS.load(Ordering::Relaxed), Ordering::Relaxed); + LAST_PREEMPTION_TELEMETRY_TICK.store(TIMER_TICKS.load(Ordering::Relaxed), Ordering::Relaxed); }); } -/// Phase 5: Spawn 4 independent kernel tasks for fairness testing. -pub fn spawn_kernel_tasks_phase5() { - reset_phase5_preemption_telemetry_baseline(); +/// Spawn 4 independent kernel tasks for preemption fairness lab. +pub fn spawn_preemption_lab_tasks() { + reset_preemption_telemetry_baseline(); spawn_context_task("kernel-task-1", kernel_task_1); spawn_context_task("kernel-task-2", kernel_task_2); spawn_context_task("kernel-task-3", kernel_task_3); diff --git a/kernel/src/task/timer.rs b/kernel/src/task/timer.rs index a668520..ada4c2f 100644 --- a/kernel/src/task/timer.rs +++ b/kernel/src/task/timer.rs @@ -203,7 +203,7 @@ pub async fn log_scheduler_groundwork() { } } -/// Phase 5: Periodically monitor preemptive scheduling fairness. +/// Periodically monitor preemptive scheduling fairness (async executor path). pub async fn log_preemption_fairness() { loop { sleep(Duration::from_secs(2)).await; @@ -222,7 +222,7 @@ pub async fn log_preemption_fairness() { }; crate::serial_println!( - "Phase5-Fairness: T1={}, T2={}, T3={}, T4={}, score={:.3}", + "ClanOS-Preemption: name=fairness T1={}, T2={}, T3={}, T4={}, score={:.3}", kernel_tasks[0], kernel_tasks[1], kernel_tasks[2], diff --git a/kernel/src/task/userspace.rs b/kernel/src/task/userspace.rs index d22d6bb..d43b3a2 100644 --- a/kernel/src/task/userspace.rs +++ b/kernel/src/task/userspace.rs @@ -1,4 +1,4 @@ -//! User-space program facade and Phase 9 loader dispatch. +//! User-space program facade and loader dispatch. use alloc::{format, string::String}; use core::sync::atomic::Ordering; diff --git a/kernel/src/user_context.rs b/kernel/src/user_context.rs index edc04e4..9f24653 100644 --- a/kernel/src/user_context.rs +++ b/kernel/src/user_context.rs @@ -1,4 +1,4 @@ -//! Phase 17 user entry context descriptors. +//! user entry context descriptors. use crate::{gdt::UserSelectors, user_memory::InactiveUserPageTable}; diff --git a/kernel/src/user_copy.rs b/kernel/src/user_copy.rs index ac5a901..0863038 100644 --- a/kernel/src/user_copy.rs +++ b/kernel/src/user_copy.rs @@ -1,4 +1,4 @@ -//! Validated user pointer copies (Phase 26). +//! Validated user pointer copies . use core::sync::atomic::{AtomicU64, Ordering}; diff --git a/kernel/src/user_entry.rs b/kernel/src/user_entry.rs index f7a068e..34b8ab2 100644 --- a/kernel/src/user_entry.rs +++ b/kernel/src/user_entry.rs @@ -1,4 +1,4 @@ -//! Real Ring 3 entry via iretq and cooperative trap return (Phases 23-24). +//! Real Ring 3 entry via iretq and cooperative trap return. use core::sync::atomic::{AtomicU64, Ordering}; @@ -107,7 +107,7 @@ pub fn handle_user_fault(stack_frame: &mut InterruptStackFrame, from_vector_80: true } -/// After a real `syscall` in the Phase 81 QEMU probe, return to the kernel resume site without `sysret`. +/// After a real `syscall` in the QEMU probe, return to the kernel resume site without `sysret`. pub fn return_from_hw_syscall_probe() -> ! { crate::user_syscall_hw::record_hw_sysret_real(); USER_TRAP_COUNT.fetch_add(1, Ordering::Relaxed); @@ -142,7 +142,7 @@ fn resume_kernel_frame(stack_frame: &mut InterruptStackFrame) { } } -/// Enter Ring 3 at `entry` using `ud2` as the first instruction (Phase 23). +/// Enter Ring 3 at `entry` using `ud2` as the first instruction . pub fn enter_user_ud2_trap( hw: &HwPageTableHandle, entry: &UserEntryFrame, @@ -153,7 +153,7 @@ pub fn enter_user_ud2_trap( enter_user_common(hw, entry, selectors, false) } -/// Enter Ring 3 and run until vector 0x80 trap (Phase 24). +/// Enter Ring 3 and run until vector 0x80 trap . pub fn enter_user_int80_trap( hw: &HwPageTableHandle, entry: &UserEntryFrame, @@ -163,7 +163,7 @@ pub fn enter_user_int80_trap( enter_user_common(hw, entry, selectors, false) } -/// Run the syscall probe stub under the user page table (Phase 25+). +/// Run the syscall probe stub under the user page table . pub fn enter_user_syscall_hw( hw: &HwPageTableHandle, entry: &UserEntryFrame, diff --git a/kernel/src/user_hw_frame.rs b/kernel/src/user_hw_frame.rs index 2da7003..3e2e6f2 100644 --- a/kernel/src/user_hw_frame.rs +++ b/kernel/src/user_hw_frame.rs @@ -1,4 +1,4 @@ -//! Saved hardware user trap frames for scheduler preemption (Phase 32). +//! Saved hardware user trap frames for scheduler preemption . use core::sync::atomic::{AtomicU64, Ordering}; use lazy_static::lazy_static; @@ -51,7 +51,7 @@ pub fn mark_preempted() { FRAME_PREEMPTED.store(1, Ordering::Relaxed); } -pub fn phase32_smoke() -> bool { +pub fn smoke_user_hw_frame() -> bool { save_frame(UserHwFrame { rip: 0x400000, rsp: 0x7ffff000, diff --git a/kernel/src/user_memory.rs b/kernel/src/user_memory.rs index 9e94712..bb6f846 100644 --- a/kernel/src/user_memory.rs +++ b/kernel/src/user_memory.rs @@ -1,4 +1,4 @@ -//! Phase 16 inactive user page-table descriptors. +//! inactive user page-table descriptors. use alloc::vec::Vec; diff --git a/kernel/src/user_paging.rs b/kernel/src/user_paging.rs index 7541080..5997c96 100644 --- a/kernel/src/user_paging.rs +++ b/kernel/src/user_paging.rs @@ -1,4 +1,4 @@ -//! Hardware user page tables, CR3 activation, and per-process switching (Phases 21-22, 30). +//! Hardware user page tables, CR3 activation, and per-process switching. use bootloader::bootinfo::MemoryMap; use core::sync::atomic::{AtomicU64, Ordering}; @@ -113,7 +113,7 @@ pub fn sched_cr3_status() -> (u64, u64, u64, bool) { ) } -/// Activate the next context task's user CR3 during preemptive scheduling (Phase 31). +/// Activate the next context task's user CR3 during preemptive scheduling . pub fn apply_scheduler_cr3_for_next(next_cr3: Option<u64>) { let _ = restore_kernel_page_table(); match next_cr3 { @@ -404,7 +404,7 @@ pub fn validate_page_flags(flags: PageTableFlags) -> bool { true } -/// Map a demand-zero user page in an active user address space (Phase 38). +/// Map a demand-zero user page in an active user address space . pub fn map_shared_hw_page( child_cr3: u64, parent_cr3: u64, @@ -513,7 +513,7 @@ pub fn unmap_user_page(cr3_phys: u64, virtual_address: u64) -> Result<(), UserPa }) } -pub fn phase48_smoke() -> bool { +pub fn smoke_wx_policy() -> bool { let bad = PageTableFlags::PRESENT | PageTableFlags::WRITABLE | PageTableFlags::USER_ACCESSIBLE; let good = PageTableFlags::PRESENT | PageTableFlags::WRITABLE @@ -609,7 +609,7 @@ pub fn mprotect_user_page(user_addr: u64, prot: u64) -> Result<(), ()> { mprotect_page(cr3, user_addr, want_write).map_err(|_| ()) } -pub fn phase53_smoke() -> bool { +pub fn smoke_mprotect() -> bool { let Some(built) = crate::task::program_loader::build_hw_page_table_program( crate::security::Credentials::shell_user(), "hello", diff --git a/kernel/src/user_path.rs b/kernel/src/user_path.rs index 24253f0..06c96b0 100644 --- a/kernel/src/user_path.rs +++ b/kernel/src/user_path.rs @@ -1,4 +1,4 @@ -//! User-supplied path validation and copyin (Phase 44). +//! User-supplied path validation and copyin . use core::sync::atomic::{AtomicU64, Ordering}; @@ -61,7 +61,7 @@ pub fn getcwd_to_user(user_buf: u64) -> Result<usize, ()> { Ok(len) } -pub fn phase82_smoke() -> bool { +pub fn smoke_getcwd() -> bool { let tick = crate::performance::metrics::TICK_COUNTER.load(Ordering::Relaxed); let creds = crate::security::Credentials::shell_user(); let Some(pid) = crate::task::process::create_kernel_process_as("getcwd-smoke", tick, creds) @@ -89,7 +89,7 @@ pub fn phase82_smoke() -> bool { && getcwd_status() > 0 } -pub fn phase83_smoke() -> bool { +pub fn smoke_chdir_probe() -> bool { let tick = crate::performance::metrics::TICK_COUNTER.load(Ordering::Relaxed); let creds = crate::security::Credentials::shell_user(); let Some(pid) = crate::task::process::create_kernel_process_as("chdirprobe", tick, creds) @@ -299,14 +299,14 @@ pub fn write_path_probe(user_path_ptr: u64, user_data_ptr: u64) -> Result<u64, ( Ok(len as u64) } -pub fn phase55_smoke() -> bool { - let path = "/tmp/phase55"; +pub fn smoke_user_path_write() -> bool { + let path = "/tmp/user-path-smoke"; let creds = crate::security::Credentials::shell_user(); - if crate::storage::write_file_checked(creds, path, "phase55-ok").is_err() + if crate::storage::write_file_checked(creds, path, "user-path-ok").is_err() && crate::storage::write_file_checked( crate::security::Credentials::admin(), path, - "phase55-ok", + "user-path-ok", ) .is_err() { @@ -314,7 +314,7 @@ pub fn phase55_smoke() -> bool { } let verified = matches!( crate::storage::read_file_checked(creds, path), - Ok(Some(contents)) if contents == "phase55-ok" + Ok(Some(contents)) if contents == "user-path-ok" ); if verified { PATH_WRITES.fetch_add(1, Ordering::Relaxed); @@ -323,7 +323,7 @@ pub fn phase55_smoke() -> bool { verified } -pub fn phase72_smoke() -> bool { +pub fn smoke_ring3_chdir() -> bool { let tick = crate::performance::metrics::TICK_COUNTER.load(Ordering::Relaxed); let creds = crate::security::Credentials::shell_user(); let Some(pid) = crate::task::process::create_kernel_process_as("ring3-chdir", tick, creds) @@ -371,7 +371,7 @@ pub fn phase72_smoke() -> bool { chdir_ok && cwd_ok && bad && RING3_CHDIRS.load(Ordering::Relaxed) > 0 } -pub fn phase44_smoke() -> bool { +pub fn smoke_user_path_read() -> bool { let Some(built) = crate::task::program_loader::build_hw_page_table_program( crate::security::Credentials::shell_user(), "hello", diff --git a/kernel/src/user_syscall.rs b/kernel/src/user_syscall.rs index e59b9e0..deda94d 100644 --- a/kernel/src/user_syscall.rs +++ b/kernel/src/user_syscall.rs @@ -1,4 +1,4 @@ -//! Phase 19 user syscall entry/return ABI descriptors. +//! user syscall entry/return ABI descriptors. use core::sync::atomic::{AtomicU64, Ordering}; diff --git a/kernel/src/user_syscall_hw.rs b/kernel/src/user_syscall_hw.rs index eca7264..0740e52 100644 --- a/kernel/src/user_syscall_hw.rs +++ b/kernel/src/user_syscall_hw.rs @@ -1,4 +1,4 @@ -//! CPU syscall/sysret user entry (Phase 25+). +//! CPU syscall/sysret user entry . use core::sync::atomic::{AtomicU64, Ordering}; @@ -194,7 +194,7 @@ pub fn run_hw_syscall_probe_rdi( } } -pub fn phase81_hw_sysret_smoke() -> bool { +pub fn smoke_hw_sysret_smoke() -> bool { init_syscall_msrs(); let (_, _, ready) = dispatch_table_status(); if !ready { @@ -241,7 +241,7 @@ pub fn phase81_hw_sysret_smoke() -> bool { } } -pub fn phase71_smoke() -> bool { +pub fn smoke_sysret_probe() -> bool { init_syscall_msrs(); let Some(built) = crate::task::program_loader::build_hw_page_table_program( crate::security::Credentials::shell_user(), diff --git a/kernel/src/userland_install.rs b/kernel/src/userland_install.rs index d39fea6..77258b9 100644 --- a/kernel/src/userland_install.rs +++ b/kernel/src/userland_install.rs @@ -1,4 +1,4 @@ -//! Native userland install hook (phases 376–399) — ares-rt demo + `/bin` manifests. +//! Native userland install hook (scopes 376–399) — ares-rt demo + `/bin` manifests. use core::sync::atomic::{AtomicU64, Ordering}; @@ -29,17 +29,17 @@ pub fn native_launch_count() -> u64 { NATIVE_LAUNCHES.load(Ordering::Relaxed) } -pub fn phase376_userland_smoke() -> bool { +pub fn smoke_userland_demo() -> bool { install_native_packages() && crate::task::userspace::run_program("demo-hello", &[]) .map(|out| out.contains("ares-rt") || out.contains("userland")) .unwrap_or(false) } -pub fn phase396_package_smoke() -> bool { - phase376_userland_smoke() && crate::network_stack::packages_installed() > 0 +pub fn smoke_package_install() -> bool { + smoke_userland_demo() && crate::network_stack::packages_installed() > 0 } -pub fn phase399_native_app_smoke() -> bool { +pub fn smoke_native_app() -> bool { run_native_demo() && native_launch_count() > 0 } diff --git a/kernel/src/vfs.rs b/kernel/src/vfs.rs new file mode 100644 index 0000000..513ed02 --- /dev/null +++ b/kernel/src/vfs.rs @@ -0,0 +1,86 @@ +//! Virtual filesystem facade — routes paths to Clan OS primary FS (CLANFS1) or ext2. + +use alloc::vec::Vec; + +use crate::security::Credentials; + +pub const EXT2_MOUNT_PREFIX: &str = "/ext2/"; + +#[derive(Debug, Clone, Copy, PartialEq, Eq)] +pub enum VfsError { + NotFound, + InvalidPath, + Backend, +} + +pub fn read_bytes(path: &str) -> Result<Option<Vec<u8>>, VfsError> { + if let Some(relative) = path.strip_prefix(EXT2_MOUNT_PREFIX) { + return crate::ext2::read_file(relative) + .map(Some) + .map_err(|_| VfsError::Backend); + } + crate::storage::read_file_bytes(path) + .map_err(|_| VfsError::Backend) +} + +/// Read file bytes for mmap/FD paths: ext2, CLANFS1 binary, then cred-checked text storage. +pub fn read_bytes_for(creds: Credentials, path: &str) -> Result<Option<Vec<u8>>, VfsError> { + if let Some(relative) = path.strip_prefix(EXT2_MOUNT_PREFIX) { + return crate::ext2::read_file(relative) + .map(Some) + .map_err(|_| VfsError::Backend); + } + if let Ok(Some(bytes)) = read_bytes(path) { + return Ok(Some(bytes)); + } + crate::storage::read_file_checked(creds, path) + .map(|opt| opt.map(|text| text.into_bytes())) + .map_err(|_| VfsError::Backend) +} + +pub fn write_bytes(path: &str, bytes: &[u8]) -> Result<(), VfsError> { + if let Some(relative) = path.strip_prefix(EXT2_MOUNT_PREFIX) { + return crate::ext2::write_file(relative, bytes).map_err(|_| VfsError::Backend); + } + crate::storage::write_file_bytes_checked( + crate::security::Credentials::admin(), + path, + bytes, + ) + .map_err(|_| VfsError::Backend) +} + +pub fn create_bytes(path: &str, bytes: &[u8]) -> Result<(), VfsError> { + if let Some(relative) = path.strip_prefix(EXT2_MOUNT_PREFIX) { + return crate::ext2::create_file(relative, bytes).map_err(|_| VfsError::Backend); + } + crate::storage::create_file_checked(crate::security::Credentials::admin(), path) + .map(|_| ()) + .map_err(|_| VfsError::Backend) +} + +pub fn unlink_path(path: &str) -> Result<(), VfsError> { + if let Some(relative) = path.strip_prefix(EXT2_MOUNT_PREFIX) { + return crate::ext2::unlink_file(relative).map_err(|_| VfsError::Backend); + } + crate::storage::delete_file_checked(crate::security::Credentials::admin(), path) + .map_err(|_| VfsError::Backend) +} + +pub fn list_mounts() -> &'static [&'static str] { + &["clanfs:/", "ext2:/ext2/"] +} + +pub fn smoke_vfs_mount() -> bool { + crate::storage::is_mounted() + && crate::ext2::is_mounted() + && read_bytes("/README.txt") + .ok() + .flatten() + .is_some() + && read_bytes("/ext2/smoke.txt") + .ok() + .flatten() + .map(|bytes| bytes.starts_with(b"ext2 ok")) + .unwrap_or(false) +} diff --git a/kernel/src/virtio_blk.rs b/kernel/src/virtio_blk.rs index c88b16b..312fddc 100644 --- a/kernel/src/virtio_blk.rs +++ b/kernel/src/virtio_blk.rs @@ -61,7 +61,7 @@ pub fn init() -> bool { true } -pub fn phase201_virtio_blk_smoke() -> bool { +pub fn smoke_virtio_blk() -> bool { if VIRTIO_BLK_ID.lock().is_none() { init(); } diff --git a/kernel/src/virtio_net.rs b/kernel/src/virtio_net.rs index f25d52f..6935551 100644 --- a/kernel/src/virtio_net.rs +++ b/kernel/src/virtio_net.rs @@ -82,7 +82,7 @@ pub fn net_device_count() -> usize { .count() } -pub fn phase401_virtio_net_smoke() -> bool { +pub fn smoke_virtio_net() -> bool { init(); net_device_count() >= 1 && rx_packets() > 0 } diff --git a/kernel/src/vma.rs b/kernel/src/vma.rs index af217d0..363cffc 100644 --- a/kernel/src/vma.rs +++ b/kernel/src/vma.rs @@ -1,4 +1,4 @@ -//! Per-process virtual memory area registry (Phase 63). +//! Per-process virtual memory area registry . use core::sync::atomic::{AtomicU64, Ordering}; @@ -197,7 +197,7 @@ pub fn coalesce_adjacent(pid: ProcessId) -> u64 { merged } -pub fn phase63_smoke() -> bool { +pub fn smoke_vma_regions() -> bool { let tick = crate::performance::metrics::TICK_COUNTER.load(Ordering::Relaxed); let creds = crate::security::Credentials::shell_user(); let Some(pid) = process::create_kernel_process_as("vma-smoke", tick, creds) else { @@ -231,7 +231,7 @@ pub fn phase63_smoke() -> bool { ok_first && ok_second && overlap && regions >= 2 && rejected > 0 } -pub fn phase84_smoke() -> bool { +pub fn smoke_vma_split() -> bool { let tick = crate::performance::metrics::TICK_COUNTER.load(Ordering::Relaxed); let creds = crate::security::Credentials::shell_user(); let Some(pid) = process::create_kernel_process_as("vma-split", tick, creds) else { @@ -264,7 +264,7 @@ pub fn phase84_smoke() -> bool { registered && mapped && unmapped && head_ok && splits > 0 } -pub fn phase93_smoke() -> bool { +pub fn smoke_mmap_gap() -> bool { let tick = crate::performance::metrics::TICK_COUNTER.load(Ordering::Relaxed); let creds = crate::security::Credentials::shell_user(); let Some(pid) = process::create_kernel_process_as("mmap-gap", tick, creds) else { @@ -301,7 +301,7 @@ pub fn phase93_smoke() -> bool { gap_used && mapped && translated && mmap_gap_status() > 0 } -pub fn phase96_smoke() -> bool { +pub fn smoke_vma_coalesce() -> bool { let tick = crate::performance::metrics::TICK_COUNTER.load(Ordering::Relaxed); let creds = crate::security::Credentials::shell_user(); let Some(pid) = process::create_kernel_process_as("vma-coalesce", tick, creds) else { diff --git a/kernel/src/window_manager.rs b/kernel/src/window_manager.rs index 423b742..34d8d67 100644 --- a/kernel/src/window_manager.rs +++ b/kernel/src/window_manager.rs @@ -1,4 +1,4 @@ -//! Window manager (phases 352–356) — focus model + damage regions. +//! Window manager (scopes 352–356) — focus model + damage regions. use core::sync::atomic::{AtomicU64, Ordering}; use spin::Mutex; @@ -134,7 +134,7 @@ pub fn damage_regions_flushed() -> usize { STATE.lock().damage_count } -pub fn phase353_window_smoke() -> bool { +pub fn smoke_window_manager() -> bool { if window_count() < 2 { let _ = create_window(40, 40, 100, 60, "TERM"); let _ = create_window(160, 50, 120, 70, "FILES"); @@ -143,6 +143,6 @@ pub fn phase353_window_smoke() -> bool { window_count() >= 2 && focus_at(45, 45).is_some() && damage_regions_flushed() > 0 } -pub fn phase356_wm_smoke() -> bool { - phase353_window_smoke() && focused_window().is_some() && WM_OPS.load(Ordering::Relaxed) >= 1 +pub fn smoke_wm_smoke() -> bool { + smoke_window_manager() && focused_window().is_some() && WM_OPS.load(Ordering::Relaxed) >= 1 } diff --git a/kernel/tests/preemption_integration.rs b/kernel/tests/preemption_integration.rs index 7dc376c..33709d5 100644 --- a/kernel/tests/preemption_integration.rs +++ b/kernel/tests/preemption_integration.rs @@ -1,4 +1,4 @@ -//! Integration tests for Phase 5 preemption and process foundations. +//! QEMU integration harness: preemption core + unified boot/system gates. #![no_std] #![no_main] @@ -11,16 +11,16 @@ extern crate alloc; use bootloader::{entry_point, BootInfo}; use core::{panic::PanicInfo, sync::atomic::Ordering}; use kernel::{ - allocator, block, device, hlt_loop, memory, + allocator, hlt_loop, memory, performance::{metrics::TICK_COUNTER, process_metrics}, - security, syscall, - task::{process, scheduler}, + syscall, + task::{keyboard, process, scheduler}, }; use x86_64::VirtAddr; entry_point!(main); -fn main(boot_info: &'static BootInfo) -> ! { +fn init_test_kernel(boot_info: &'static BootInfo) { kernel::init(); let phys_mem_offset = VirtAddr::new(boot_info.physical_memory_offset); @@ -42,6 +42,16 @@ fn main(boot_info: &'static BootInfo) -> ! { ); } + keyboard::init_scancode_queue(); + kernel::storage::init(); + kernel::mouse::init(); + kernel::userland_install::install_native_packages(); + let boot_tick = TICK_COUNTER.load(Ordering::Relaxed); + let _ = process::create_kernel_process("shell", boot_tick); +} + +fn main(boot_info: &'static BootInfo) -> ! { + init_test_kernel(boot_info); test_main(); hlt_loop(); } @@ -63,31 +73,6 @@ fn preemption_tick_requests_accumulate() { assert!(after.reschedule_requests >= before.reschedule_requests + 2); } -#[test_case] -fn process_registry_lifecycle() { - let created_tick = TICK_COUNTER.load(Ordering::Relaxed); - let before_count = process::process_count(); - - let pid = process::create_kernel_process("phase5-proc", created_tick) - .expect("process should be created"); - - assert!(process::process_count() >= before_count + 1); - - assert!(process::set_process_state( - pid, - process::ProcessState::Ready - )); - let ready = process::get_ready_processes(); - assert!(ready.iter().any(|p| *p == pid)); - - assert!(process::add_process_cpu_ticks(pid, 42)); - assert!(process::record_context_switch(pid)); - - assert!(process::terminate_process(pid, 0)); - let reaped = process::reap_terminated_processes(); - assert!(reaped >= 1); -} - #[test_case] fn fairness_metrics_detect_imbalance() { let balanced = [ @@ -111,1530 +96,43 @@ fn fairness_metrics_detect_imbalance() { } #[test_case] -fn syscall_invalid_paths_are_rejected() { - assert_eq!( - syscall::invoke_raw(999, 0), - Err(syscall::SyscallError::InvalidSyscall) - ); - assert_eq!( - syscall::invoke_raw(syscall::SyscallId::GetTickCount as u64, 123), - Err(syscall::SyscallError::InvalidArgument) - ); - assert_eq!( - syscall::invoke_raw(syscall::SyscallId::StorageFileCount as u64, 123), - Err(syscall::SyscallError::InvalidArgument) - ); -} - -#[test_case] -fn process_lifecycle_unknown_pid_operations_fail() { - let missing = process::ProcessId::from_raw(u64::MAX); - assert!(!process::set_process_state( - missing, - process::ProcessState::Ready - )); - assert!(!process::add_process_cpu_ticks(missing, 1)); - assert!(!process::record_context_switch(missing)); - assert!(!process::terminate_process(missing, -1)); -} - -#[test_case] -fn storage_and_userspace_smoke_flow() { - kernel::storage::init(); - let files = kernel::storage::list_files().expect("storage should be mounted"); - assert!(!files.is_empty()); - let readme = kernel::storage::read_file("/README.txt") - .expect("storage read should be available") - .expect("README should exist"); - assert!(readme.contains("AresOS")); - - let output = - kernel::task::userspace::run_program("echo", &["ok", "flow"]).expect("echo should run"); - assert_eq!(output, "ok flow"); - - let fsinfo = kernel::task::userspace::run_program("fsinfo", &[]) - .expect("fsinfo should run through storage syscalls"); - assert!(fsinfo.contains("mounted=true")); -} - -#[test_case] -fn phase7_storage_persists_across_remount() { - kernel::storage::format().expect("format should succeed"); - kernel::storage::write_file("/phase7.txt", "persistent").expect("write should succeed"); - kernel::storage::remount().expect("remount should succeed"); - - let contents = kernel::storage::read_file("/phase7.txt") - .expect("read should succeed") - .expect("file should exist after remount"); - assert_eq!(contents, "persistent"); - - kernel::storage::delete_file("/phase7.txt").expect("delete should succeed"); - assert_eq!( - kernel::storage::read_file("/phase7.txt").expect("read should succeed"), - None - ); -} - -#[test_case] -fn phase7_storage_syscall_wrappers_cover_file_lifecycle() { - kernel::storage::format().expect("format should succeed"); - syscall::storage_write_file("/syscall.txt", "through-syscall") - .expect("storage write syscall wrapper should succeed"); - assert_eq!( - syscall::storage_read_file("/syscall.txt") - .expect("storage read syscall wrapper should succeed"), - Some("through-syscall".into()) - ); - assert!(syscall::storage_list_files() - .expect("storage list syscall wrapper should succeed") - .iter() - .any(|path| path == "/syscall.txt")); - syscall::storage_delete_file("/syscall.txt") - .expect("storage delete syscall wrapper should succeed"); - assert_eq!( - syscall::storage_read_file("/syscall.txt") - .expect("storage read syscall wrapper should succeed"), - None - ); -} - -#[test_case] -fn phase8_device_and_block_registries_initialize() { - device::init(); - block::init(); - - let device_summary = device::summary(); - assert!(device_summary.total > 0); - assert!(device_summary.block >= 1); - - let blocks = block::list_block_devices(); - assert!(!blocks.is_empty()); - assert!(blocks.iter().any(|entry| entry.driver_backed)); -} - -#[test_case] -fn phase8_storage_uses_driver_backed_block_manager() { - kernel::storage::init(); - let info = kernel::storage::info().expect("storage info should be available"); - assert!(info.mounted); - assert!(info.driver_backed); - assert_eq!(info.backend_name, "qemu-sim-block0"); - assert!(kernel::storage::phase8_smoke_check()); -} - -#[test_case] -fn phase8_device_syscalls_report_counts() { - kernel::storage::init(); - assert!(syscall::invoke_raw(syscall::SyscallId::DeviceCount as u64, 0).unwrap() > 0); - assert!(syscall::invoke_raw(syscall::SyscallId::BlockDeviceCount as u64, 0).unwrap() > 0); - assert_eq!( - syscall::invoke_raw(syscall::SyscallId::DeviceCount as u64, 1), - Err(syscall::SyscallError::InvalidArgument) - ); -} - -#[test_case] -fn phase9_program_manifest_parser_rejects_invalid_records() { - use kernel::task::program_loader::{parse_manifest, ProgramKind, ProgramLoadError}; - - let valid = parse_manifest( - "ares-exec-v1\nname=echo\nkind=builtin-alias\nentry=echo\ndescription=Echo text", - ) - .expect("valid manifest should parse"); - assert_eq!(valid.name, "echo"); - assert_eq!(valid.kind, ProgramKind::BuiltinAlias); - assert_eq!( - parse_manifest("bad\nname=echo\nkind=builtin-alias\nentry=echo"), - Err(ProgramLoadError::InvalidVersion) - ); - assert_eq!( - parse_manifest("ares-exec-v1\nkind=builtin-alias\nentry=echo"), - Err(ProgramLoadError::MissingName) - ); -} - -#[test_case] -fn phase9_loader_discovers_bin_programs() { - kernel::storage::format().expect("format should seed executable manifests"); - let programs = kernel::task::program_loader::discover_programs(); - assert!(programs.iter().any(|program| program.name == "echo")); - assert!(programs - .iter() - .any(|program| program.source_path == "/bin/fsinfo")); -} - -#[test_case] -fn phase9_run_program_uses_loader_path() { - kernel::storage::format().expect("format should seed executable manifests"); - let before = kernel::task::program_loader::status().launch_count; - let output = kernel::task::userspace::run_program("echo", &["from", "loader"]) - .expect("echo should run through loader"); - assert_eq!(output, "from loader"); - assert!(kernel::task::program_loader::status().launch_count > before); -} - -#[test_case] -fn phase9_malformed_program_file_does_not_panic() { - kernel::storage::format().expect("format should succeed"); - kernel::storage::write_file("/bin/bad", "not-a-manifest").expect("write should succeed"); - let programs = kernel::task::program_loader::discover_programs(); - assert!(!programs.iter().any(|program| program.name == "bad")); - assert_eq!( - kernel::task::program_loader::program_info("bad"), - Err(kernel::task::program_loader::ProgramLoadError::NotFound) - ); -} - -#[test_case] -fn phase9_loader_syscalls_report_status() { - kernel::storage::format().expect("format should seed executable manifests"); - assert!(syscall::invoke_raw(syscall::SyscallId::ProgramCount as u64, 0).unwrap() >= 4); - assert_eq!( - syscall::invoke_raw(syscall::SyscallId::ProgramLaunchCount as u64, 1), - Err(syscall::SyscallError::InvalidArgument) - ); - assert!(kernel::task::program_loader::phase9_smoke_check()); -} - -#[test_case] -fn phase10_permission_predicates_cover_user_and_admin() { - let user = security::Credentials::shell_user(); - let admin = security::Credentials::admin(); - assert!(security::can_access( - user, - user.user, - security::FileMode::user_file(), - security::AccessKind::Write - ) - .is_ok()); - assert!(security::can_access( - admin, - user.user, - security::FileMode::read_only(), - security::AccessKind::Manage - ) - .is_ok()); - assert!(security::can_access( - user, - admin.user, - security::FileMode::system_executable(), - security::AccessKind::Write - ) - .is_err()); -} - -#[test_case] -fn phase10_checked_storage_enforces_file_policy() { - kernel::storage::format().expect("format should seed protected files"); - let user = security::Credentials::shell_user(); - kernel::storage::write_file_checked(user, "/phase10.txt", "owned") - .expect("user should write own file"); - assert_eq!( - kernel::storage::read_file_checked(user, "/phase10.txt") - .expect("user should read own file"), - Some("owned".into()) - ); - let metadata = kernel::storage::stat_file("/phase10.txt") - .expect("stat should succeed") - .expect("file should exist"); - assert_eq!(metadata.owner, user.user); - assert!(kernel::storage::write_file_checked(user, "/bin/echo", "blocked").is_err()); - kernel::storage::delete_file_checked(user, "/phase10.txt") - .expect("user should delete own file"); -} - -#[test_case] -fn phase10_execute_permission_is_required_for_loader_launch() { - kernel::storage::format().expect("format should seed executable manifests"); - let admin = security::Credentials::admin(); - let user = security::Credentials::shell_user(); - security::set_current_credentials(admin); - kernel::storage::write_file( - "/bin/blocked", - "ares-exec-v1\nname=blocked\nkind=builtin-alias\nentry=echo\nrequires=execute\ntrust=system\nowner=admin\ndescription=Blocked test", - ) - .expect("admin should seed test manifest"); - kernel::storage::chmod_execute_checked(admin, "/bin/blocked", false) - .expect("admin should remove execute"); - - security::set_current_credentials(user); - let before = kernel::task::program_loader::status().denied_launch_count; - assert_eq!( - kernel::task::userspace::run_program("blocked", &["nope"]), - Err("permission denied") - ); - assert!(kernel::task::program_loader::status().denied_launch_count > before); - - security::set_current_credentials(admin); - kernel::storage::delete_file("/bin/blocked").expect("cleanup should succeed"); - security::set_current_credentials(user); -} +fn process_registry_lifecycle() { + let created_tick = TICK_COUNTER.load(Ordering::Relaxed); + let before_count = process::process_count(); -#[test_case] -fn phase10_process_ownership_controls_termination() { - let tick = TICK_COUNTER.load(Ordering::Relaxed); - let admin = security::Credentials::admin(); - let user = security::Credentials::shell_user(); - let pid = process::create_kernel_process_as("phase10-owned", tick, admin) + let pid = process::create_kernel_process("preemption-proc", created_tick) .expect("process should be created"); - assert!(!process::terminate_process_checked(user, pid, 0)); - assert!(process::terminate_process_checked(admin, pid, 0)); -} -#[test_case] -fn phase10_security_syscalls_report_identity_and_denials() { - security::set_current_credentials(security::Credentials::shell_user()); - kernel::storage::format().expect("format should seed protected files"); - let before = syscall::invoke_raw(syscall::SyscallId::DeniedAccessCount as u64, 0) - .expect("denied counter syscall should succeed"); - assert!(kernel::storage::write_file_checked( - security::Credentials::shell_user(), - "/bin/echo", - "blocked" - ) - .is_err()); - assert_eq!( - syscall::invoke_raw(syscall::SyscallId::CurrentUser as u64, 0), - Ok(security::Credentials::shell_user().user.as_u64()) - ); - assert!( - syscall::invoke_raw(syscall::SyscallId::DeniedAccessCount as u64, 0) - .expect("denied counter syscall should succeed") - > before - ); - assert!(kernel::security::phase10_smoke_check()); - assert!(kernel::storage::phase10_smoke_check()); -} - -#[test_case] -fn phase11_elf_image_parser_validates_seed_fixture() { - let image = kernel::exec_image::parse_elf64_image( - "hello", - "/bin/hello.elf", - kernel::storage::phase11_sample_elf_image().as_bytes(), - kernel::task::program_loader::ProgramTrust::User, - security::Credentials::shell_user().user, - ) - .expect("sample ELF image should parse"); - assert_eq!(image.format, kernel::exec_image::ExecutableFormat::Elf64); - assert_eq!(image.entry_point, 0x400000); - assert_eq!(image.segments.len(), 1); -} - -#[test_case] -fn phase11_loader_discovers_and_validates_image_programs() { - kernel::storage::format().expect("format should seed image manifests"); - let program = kernel::task::program_loader::program_info("hello") - .expect("hello image manifest should be discoverable"); - assert_eq!( - program.kind, - kernel::task::program_loader::ProgramKind::Elf64Image - ); - assert_eq!(program.image_path.as_deref(), Some("/bin/hello.elf")); - assert!(program.image.is_some()); - let image = kernel::task::program_loader::validate_program_image( - security::Credentials::shell_user(), - "hello", - ) - .expect("image should validate"); - let descriptor = kernel::address_space::descriptor_for_image( - kernel::address_space::AddressSpaceId::from_raw(11), - &image, - ) - .expect("address-space descriptor should validate"); - assert_eq!(descriptor.regions.len(), 1); -} - -#[test_case] -fn phase11_image_execution_reaches_guarded_mvp() { - kernel::storage::format().expect("format should seed image manifests"); - security::set_current_credentials(security::Credentials::shell_user()); - let before = kernel::task::program_loader::status().unsupported_execution_count; - let output = kernel::task::userspace::run_program("hello", &[]).expect("hello should execute"); - assert!(output.contains("hello")); - assert!(kernel::task::program_loader::status().unsupported_execution_count > before); -} - -#[test_case] -fn phase11_referenced_image_requires_execute_permission() { - kernel::storage::format().expect("format should seed image manifests"); - let admin = security::Credentials::admin(); - kernel::storage::chmod_execute_checked(admin, "/bin/hello.elf", false) - .expect("admin should remove execute from image"); - assert_eq!( - kernel::task::program_loader::validate_program_image( - security::Credentials::shell_user(), - "hello" - ), - Err(kernel::task::program_loader::ProgramLoadError::PermissionDenied) - ); - kernel::storage::chmod_execute_checked(admin, "/bin/hello.elf", true) - .expect("admin should restore execute"); -} - -#[test_case] -fn phase11_status_syscalls_report_image_counts() { - kernel::storage::format().expect("format should seed image manifests"); - assert!(syscall::invoke_raw(syscall::SyscallId::ImageCount as u64, 0).unwrap() >= 1); - assert!(syscall::invoke_raw(syscall::SyscallId::ValidImageCount as u64, 0).unwrap() >= 1); - assert_eq!( - syscall::invoke_raw(syscall::SyscallId::ImageCount as u64, 1), - Err(syscall::SyscallError::InvalidArgument) - ); - assert!(kernel::task::program_loader::phase11_smoke_check()); -} + assert!(process::process_count() >= before_count + 1); -#[test_case] -fn phase12_load_plan_generates_copy_and_zero_fill_actions() { - let image = kernel::exec_image::parse_elf64_image( - "hello", - "/bin/hello.elf", - kernel::storage::phase11_sample_elf_image().as_bytes(), - kernel::task::program_loader::ProgramTrust::User, - security::Credentials::shell_user().user, - ) - .expect("sample ELF image should parse"); - let plan = kernel::load_plan::build_load_plan(&image).expect("load plan should build"); - assert_eq!(plan.total_pages, 1); - assert_eq!(plan.stack_pages, kernel::load_plan::STACK_RESERVATION_PAGES); - assert_eq!(plan.regions.len(), 1); - assert!(matches!( - plan.regions[0].actions[0], - kernel::load_plan::LoadAction::Copy { len: 4, .. } - )); - assert!(matches!( - plan.regions[0].actions[1], - kernel::load_plan::LoadAction::ZeroFill { len: 4092, .. } + assert!(process::set_process_state( + pid, + process::ProcessState::Ready )); -} - -#[test_case] -fn phase12_load_plan_rejects_unsafe_or_invalid_regions() { - let unsafe_region = kernel::load_plan::LoadRegion { - start: 0x400000, - size: kernel::load_plan::PAGE_SIZE, - page_count: 1, - permissions: kernel::load_plan::LoadPermissions::from_bits( - kernel::load_plan::LoadPermissions::WRITE | kernel::load_plan::LoadPermissions::EXECUTE, - ), - actions: alloc::vec::Vec::new(), - }; - assert_eq!( - kernel::load_plan::validate_regions(&[unsafe_region]), - Err(kernel::load_plan::LoadPlanError::WritableExecutable) - ); - - let image = kernel::exec_image::ExecutableImage { - name: "bad-entry".into(), - source_path: "/bin/bad.elf".into(), - format: kernel::exec_image::ExecutableFormat::Elf64, - entry_point: 0x500000, - image_size: 128, - trust: kernel::task::program_loader::ProgramTrust::User, - owner: security::Credentials::shell_user().user, - segments: alloc::vec![kernel::exec_image::ImageSegment { - virtual_address: 0x400000, - file_offset: 120, - file_size: 4, - memory_size: 0x1000, - flags: kernel::exec_image::SegmentFlags::from_bits( - kernel::exec_image::SegmentFlags::READ | kernel::exec_image::SegmentFlags::EXECUTE, - ), - }], - }; - assert_eq!( - kernel::load_plan::build_load_plan(&image), - Err(kernel::load_plan::LoadPlanError::EntryOutsideExecutableSegment) - ); -} - -#[test_case] -fn phase12_loader_prepare_path_reports_status() { - kernel::storage::format().expect("format should seed image manifests"); - let before = kernel::task::program_loader::status(); - let prepared = kernel::task::program_loader::prepare_program_image( - security::Credentials::shell_user(), - "hello", - ) - .expect("prepare should succeed"); - assert_eq!(prepared.load_plan.total_pages, 1); - assert_eq!(prepared.address_space.reservation.user_pages, 3); - let after = kernel::task::program_loader::status(); - assert!(after.prepared_image_count > before.prepared_image_count); - assert!(after.total_planned_pages > before.total_planned_pages); -} - -#[test_case] -fn phase12_syscalls_and_smoke_report_load_plan_status() { - kernel::storage::format().expect("format should seed image manifests"); - let before = syscall::invoke_raw(syscall::SyscallId::PreparedImageCount as u64, 0) - .expect("prepared count syscall should succeed"); - kernel::task::program_loader::prepare_program_image( - security::Credentials::shell_user(), - "hello", - ) - .expect("prepare should succeed"); - assert!( - syscall::invoke_raw(syscall::SyscallId::PreparedImageCount as u64, 0) - .expect("prepared count syscall should succeed") - > before - ); - assert!(syscall::invoke_raw(syscall::SyscallId::TotalPlannedPages as u64, 0).unwrap() > 0); - assert_eq!( - syscall::invoke_raw(syscall::SyscallId::PreparedImageCount as u64, 1), - Err(syscall::SyscallError::InvalidArgument) - ); - assert!(kernel::task::program_loader::phase12_smoke_check()); - assert!(kernel::task::userspace::run_program("hello", &[]) - .expect("hello should execute") - .contains("hello")); -} - -#[test_case] -fn phase13_mapping_stub_generates_frame_tokens_and_accounting() { - let image = kernel::exec_image::parse_elf64_image( - "hello", - "/bin/hello.elf", - kernel::storage::phase11_sample_elf_image().as_bytes(), - kernel::task::program_loader::ProgramTrust::User, - security::Credentials::shell_user().user, - ) - .expect("sample ELF image should parse"); - let plan = kernel::load_plan::build_load_plan(&image).expect("load plan should build"); - let mapped = kernel::mapping_stub::map_load_plan( - security::Credentials::shell_user(), - kernel::mapping_stub::MappingId::from_raw(13), - kernel::address_space::AddressSpaceId::from_raw(13), - &plan, - ) - .expect("mapping stub should build"); - assert_eq!(mapped.total_pages, plan.total_pages); - assert_eq!(mapped.regions[0].pages.len(), plan.total_pages); - assert_eq!(mapped.regions[0].pages[0].frame.as_u64(), 130_000); - assert_eq!(mapped.copied_bytes, 4); - assert_eq!(mapped.zero_filled_bytes, 4092); - assert_eq!( - mapped.state, - kernel::address_space::MappingState::MappedStub - ); -} - -#[test_case] -fn phase13_registry_add_list_lookup_and_status() { - let image = kernel::exec_image::parse_elf64_image( - "hello", - "/bin/hello.elf", - kernel::storage::phase11_sample_elf_image().as_bytes(), - kernel::task::program_loader::ProgramTrust::User, - security::Credentials::shell_user().user, - ) - .expect("sample ELF image should parse"); - let plan = kernel::load_plan::build_load_plan(&image).expect("load plan should build"); - let before = kernel::mapping_stub::status(); - let mapped = kernel::mapping_stub::register_mapping( - security::Credentials::shell_user(), - kernel::address_space::AddressSpaceId::from_raw(14), - &plan, - ) - .expect("registry mapping should succeed"); - let listed = kernel::mapping_stub::list_mappings(); - assert!(listed.iter().any(|entry| entry.id == mapped.id)); - assert_eq!( - kernel::mapping_stub::get_mapping(mapped.id) - .expect("lookup should find mapping") - .image_name, - "hello" - ); - let after = kernel::mapping_stub::status(); - assert!(after.mapped_count > before.mapped_count); - assert!(after.total_pages >= before.total_pages + mapped.total_pages); -} - -#[test_case] -fn phase13_mapping_rejects_unsafe_permissions() { - let unsafe_plan = kernel::load_plan::LoadPlan { - image_name: "unsafe".into(), - source_path: "/bin/unsafe.elf".into(), - entry_point: 0x400000, - regions: alloc::vec![kernel::load_plan::LoadRegion { - start: 0x400000, - size: kernel::load_plan::PAGE_SIZE, - page_count: 1, - permissions: kernel::load_plan::LoadPermissions::from_bits( - kernel::load_plan::LoadPermissions::WRITE - | kernel::load_plan::LoadPermissions::EXECUTE, - ), - actions: alloc::vec![], - }], - total_pages: 1, - stack_pages: 0, - }; - assert_eq!( - kernel::mapping_stub::map_load_plan( - security::Credentials::shell_user(), - kernel::mapping_stub::MappingId::from_raw(99), - kernel::address_space::AddressSpaceId::from_raw(99), - &unsafe_plan, - ), - Err(kernel::mapping_stub::MappingStubError::UnsafePermissions) - ); -} - -#[test_case] -fn phase13_loader_map_path_process_metadata_and_syscalls() { - kernel::storage::format().expect("format should seed image manifests"); - let before = kernel::task::program_loader::status(); - let mapped = kernel::task::program_loader::map_prepared_program( - security::Credentials::shell_user(), - "hello", - ) - .expect("map path should succeed"); - assert_eq!(mapped.mapped.total_pages, 1); - assert_eq!( - mapped.address_space.reservation.mapping_state, - kernel::address_space::MappingState::MappedStub - ); - - let after = kernel::task::program_loader::status(); - assert!(after.mapped_image_count > before.mapped_image_count); - assert!(after.total_mapped_pages > before.total_mapped_pages); - assert!(after.copied_bytes > before.copied_bytes); - assert!(after.zero_filled_bytes > before.zero_filled_bytes); - - let has_mapped_record = process::get_all_processes_with_details().iter().any( - |(_, name, state, _, owner, _, load)| { - *name == "image-mapped-stub" - && *state == process::ProcessState::Blocked - && *owner == security::Credentials::shell_user() - && load - .as_ref() - .map(|load| { - load.state == process::ProcessLoadState::MappedStub - && load.mapping_id == Some(mapped.mapped.id) - && load.copied_bytes == mapped.mapped.copied_bytes - && load.zero_filled_bytes == mapped.mapped.zero_filled_bytes - }) - .unwrap_or(false) - }, - ); - assert!(has_mapped_record); - - assert!(syscall::invoke_raw(syscall::SyscallId::MappedImageCount as u64, 0).unwrap() > 0); - assert!(syscall::invoke_raw(syscall::SyscallId::TotalMappedPages as u64, 0).unwrap() > 0); - assert!(syscall::invoke_raw(syscall::SyscallId::MappedCopiedBytes as u64, 0).unwrap() > 0); - assert!(syscall::invoke_raw(syscall::SyscallId::MappedZeroFilledBytes as u64, 0).unwrap() > 0); - assert_eq!( - syscall::invoke_raw(syscall::SyscallId::MappedImageCount as u64, 1), - Err(syscall::SyscallError::InvalidArgument) - ); -} - -#[test_case] -fn phase13_smoke_preserves_guarded_execution() { - kernel::storage::format().expect("format should seed image manifests"); - assert!(kernel::task::program_loader::phase13_smoke_check()); - assert!(kernel::task::userspace::run_program("hello", &[]) - .expect("hello should execute") - .contains("hello")); -} - -#[test_case] -fn phase14_frame_ownership_allocates_releases_and_reports_status() { - let before = kernel::frame_ownership::status(); - assert!(before.initialized); - assert!(before.tracked_frames > 0); - assert!(before.available_frames > 0); - - let frame = kernel::frame_ownership::allocate_frame(kernel::frame_ownership::FrameOwner::Test) - .expect("owned frame should allocate"); - assert_eq!(frame.start_address % 4096, 0); - - let allocated = kernel::frame_ownership::status(); - assert_eq!( - allocated.allocated_frames, - before.allocated_frames.saturating_add(1) - ); + let ready = process::get_ready_processes(); + assert!(ready.iter().any(|p| *p == pid)); - kernel::frame_ownership::release_frame(frame.token).expect("owned frame should release"); - let released = kernel::frame_ownership::status(); - assert_eq!(released.allocated_frames, before.allocated_frames); - assert!(released.release_count > before.release_count); -} + assert!(process::add_process_cpu_ticks(pid, 42)); + assert!(process::record_context_switch(pid)); -#[test_case] -fn phase14_frame_status_syscalls_and_smoke_work() { - assert!(kernel::frame_ownership::phase14_smoke_check()); - assert!(syscall::invoke_raw(syscall::SyscallId::FrameTrackedCount as u64, 0).unwrap() > 0); - assert!(syscall::invoke_raw(syscall::SyscallId::FrameAvailableCount as u64, 0).unwrap() > 0); - assert_eq!( - syscall::invoke_raw(syscall::SyscallId::FrameTrackedCount as u64, 1), - Err(syscall::SyscallError::InvalidArgument) - ); + assert!(process::terminate_process(pid, 0)); + let reaped = process::reap_terminated_processes(); + assert!(reaped >= 1); } #[test_case] -fn phase15_frame_backing_consumes_owned_frames_and_accounts_actions() { - kernel::storage::format().expect("format should seed image manifests"); - let frame_before = kernel::frame_ownership::status(); - let backed = kernel::task::program_loader::back_mapped_program( - security::Credentials::shell_user(), - "hello", - ) - .expect("frame backing should succeed"); - assert_eq!(backed.backed.total_pages, 1); - assert_eq!(backed.backed.copied_bytes, 4); - assert_eq!(backed.backed.zero_filled_bytes, 4092); +fn syscall_invalid_paths_are_rejected() { assert_eq!( - backed.backed.state, - kernel::address_space::MappingState::FrameBacked - ); - assert_eq!(backed.backed.regions[0].pages[0].copied_bytes, 4); - assert_eq!(backed.backed.regions[0].pages[0].zero_filled_bytes, 4092); - assert!(kernel::frame_ownership::status().allocated_frames > frame_before.allocated_frames); -} - -#[test_case] -fn phase15_loader_status_process_metadata_and_syscalls_report_backing() { - kernel::storage::format().expect("format should seed image manifests"); - let before = kernel::task::program_loader::status(); - let backed = kernel::task::program_loader::back_mapped_program( - security::Credentials::shell_user(), - "hello", - ) - .expect("frame backing should succeed"); - let after = kernel::task::program_loader::status(); - assert!(after.frame_backed_image_count > before.frame_backed_image_count); - assert!(after.total_frame_backed_pages > before.total_frame_backed_pages); - - let has_backed_record = process::get_all_processes_with_details().iter().any( - |(_, name, state, _, owner, _, load)| { - *name == "image-frame-backed" - && *state == process::ProcessState::Blocked - && *owner == security::Credentials::shell_user() - && load - .as_ref() - .map(|load| { - load.state == process::ProcessLoadState::FrameBacked - && load.mapping_id == Some(backed.backed.mapping_id) - && load.copied_bytes == backed.backed.copied_bytes - }) - .unwrap_or(false) - }, + syscall::invoke_raw(999, 0), + Err(syscall::SyscallError::InvalidSyscall) ); - assert!(has_backed_record); - - assert!(syscall::invoke_raw(syscall::SyscallId::FrameBackedImageCount as u64, 0).unwrap() > 0); - assert!(syscall::invoke_raw(syscall::SyscallId::TotalFrameBackedPages as u64, 0).unwrap() > 0); assert_eq!( - syscall::invoke_raw(syscall::SyscallId::FrameBackedImageCount as u64, 1), + syscall::invoke_raw(syscall::SyscallId::GetTickCount as u64, 123), Err(syscall::SyscallError::InvalidArgument) ); - assert!(kernel::task::userspace::run_program("hello", &[]) - .expect("hello should execute") - .contains("hello")); -} - -#[test_case] -fn phase15_smoke_reports_frame_backed_image_status() { - kernel::storage::format().expect("format should seed image manifests"); - assert!(kernel::task::program_loader::phase15_smoke_check()); -} - -#[test_case] -fn phase16_inactive_page_table_translates_backed_pages() { - kernel::storage::format().expect("format should seed image manifests"); - let built = kernel::task::program_loader::build_user_page_table( - security::Credentials::shell_user(), - "hello", - ) - .expect("inactive page table should build"); - let page = built.backed.backed.regions[0].pages[0].virtual_address; - assert_eq!( - built.page_table.mapped_pages, - built.backed.backed.total_pages - ); - assert!(built.page_table.kernel_shared); - assert!(!built.page_table.cr3_switch_ready); - assert_eq!( - kernel::user_memory::translate(&built.page_table, page), - Some(built.backed.backed.regions[0].pages[0].frame.start_address) - ); - assert_eq!( - kernel::user_memory::translate(&built.page_table, page + 3), - Some(built.backed.backed.regions[0].pages[0].frame.start_address + 3) - ); -} - -#[test_case] -fn phase16_loader_process_metadata_syscalls_and_smoke_work() { - kernel::storage::format().expect("format should seed image manifests"); - let before = kernel::task::program_loader::status(); - let built = kernel::task::program_loader::build_user_page_table( - security::Credentials::shell_user(), - "hello", - ) - .expect("inactive page table should build"); - let after = kernel::task::program_loader::status(); - assert!(after.user_page_table_count > before.user_page_table_count); - assert!(after.total_user_page_table_pages > before.total_user_page_table_pages); - - let has_page_table_record = process::get_all_processes_with_details().iter().any( - |(_, name, state, _, owner, _, load)| { - *name == "image-page-table" - && *state == process::ProcessState::Blocked - && *owner == security::Credentials::shell_user() - && load - .as_ref() - .map(|load| { - load.state == process::ProcessLoadState::PageTableReady - && load.mapping_id == Some(built.backed.backed.mapping_id) - }) - .unwrap_or(false) - }, - ); - assert!(has_page_table_record); - - assert!(syscall::invoke_raw(syscall::SyscallId::UserPageTableCount as u64, 0).unwrap() > 0); - assert!( - syscall::invoke_raw(syscall::SyscallId::TotalUserPageTablePages as u64, 0).unwrap() > 0 - ); - assert_eq!( - syscall::invoke_raw(syscall::SyscallId::UserPageTableCount as u64, 1), - Err(syscall::SyscallError::InvalidArgument) - ); - assert!(kernel::task::program_loader::phase16_smoke_check()); -} - -#[test_case] -fn phase17_user_selectors_and_entry_context_are_valid() { - kernel::storage::format().expect("format should seed image manifests"); - let prepared = kernel::task::program_loader::prepare_user_context( - security::Credentials::shell_user(), - "hello", - ) - .expect("user context should prepare"); - assert!(prepared.context.selectors_ready); - assert!(prepared.context.entry_ready); - assert!(!prepared.context.ring3_entered); - assert_ne!(prepared.context.entry.code_selector, 0); - assert_ne!(prepared.context.entry.stack_selector, 0); - assert_eq!(prepared.context.entry.rflags & 0x200, 0x200); - assert_eq!( - prepared.context.entry.rip, - prepared - .page_table - .backed - .mapped - .prepared - .load_plan - .entry_point - ); -} - -#[test_case] -fn phase17_loader_process_metadata_syscalls_and_smoke_work() { - kernel::storage::format().expect("format should seed image manifests"); - let before = kernel::task::program_loader::status(); - let prepared = kernel::task::program_loader::prepare_user_context( - security::Credentials::shell_user(), - "hello", - ) - .expect("user context should prepare"); - let after = kernel::task::program_loader::status(); - assert!(after.user_context_count > before.user_context_count); - - let has_context_record = process::get_all_processes_with_details().iter().any( - |(_, name, state, _, owner, _, load)| { - *name == "image-user-context" - && *state == process::ProcessState::Blocked - && *owner == security::Credentials::shell_user() - && load - .as_ref() - .map(|load| { - load.state == process::ProcessLoadState::UserContextReady - && load.entry_point == prepared.context.entry.rip - }) - .unwrap_or(false) - }, - ); - assert!(has_context_record); - - assert!(syscall::invoke_raw(syscall::SyscallId::UserContextCount as u64, 0).unwrap() > 0); - assert_eq!( - syscall::invoke_raw(syscall::SyscallId::UserContextCount as u64, 1), - Err(syscall::SyscallError::InvalidArgument) - ); - assert!(kernel::task::program_loader::phase17_smoke_check()); -} - -#[test_case] -fn phase18_controlled_ring3_trampoline_enters_and_traps_back() { - kernel::storage::format().expect("format should seed image manifests"); - let entered = kernel::task::program_loader::enter_controlled_ring3_trampoline( - security::Credentials::shell_user(), - "hello", - ) - .expect("controlled ring3 trampoline should run"); - assert!(entered.result.ring3_entered); - assert!(entered.result.trapped_back); - assert_eq!( - entered.result.trap_vector, - kernel::interrupts::USER_TRAP_VECTOR - ); -} - -#[test_case] -fn phase18_process_metadata_syscalls_and_smoke_work() { - kernel::storage::format().expect("format should seed image manifests"); - let before = kernel::task::program_loader::status(); - let entered = kernel::task::program_loader::enter_controlled_ring3_trampoline( - security::Credentials::shell_user(), - "hello", - ) - .expect("controlled ring3 trampoline should run"); - let after = kernel::task::program_loader::status(); - assert!(after.ring3_entry_count > before.ring3_entry_count); - assert!(after.ring3_trap_count > before.ring3_trap_count); - - let has_trap_record = process::get_all_processes_with_details().iter().any( - |(_, name, state, _, owner, _, load)| { - *name == "image-ring3-trap" - && *state == process::ProcessState::Blocked - && *owner == security::Credentials::shell_user() - && load - .as_ref() - .map(|load| { - load.state == process::ProcessLoadState::UserTrapped - && load.entry_point == entered.result.entry_rip - }) - .unwrap_or(false) - }, - ); - assert!(has_trap_record); - - assert!(syscall::invoke_raw(syscall::SyscallId::Ring3EntryCount as u64, 0).unwrap() > 0); - assert!(syscall::invoke_raw(syscall::SyscallId::Ring3TrapCount as u64, 0).unwrap() > 0); - assert_eq!( - syscall::invoke_raw(syscall::SyscallId::Ring3EntryCount as u64, 1), - Err(syscall::SyscallError::InvalidArgument) - ); - assert!(kernel::task::program_loader::phase18_smoke_check()); -} - -#[test_case] -fn phase19_user_syscall_abi_dispatches_and_returns() { - let returned = - kernel::user_syscall::dispatch_from_user(kernel::user_syscall::tick_probe_frame()) - .expect("user syscall frame should dispatch"); - assert_eq!(returned.syscall_id, syscall::SyscallId::GetTickCount as u64); - assert_eq!(returned.error, None); - assert!(returned.returned_to_user); -} - -#[test_case] -fn phase19_loader_process_metadata_syscalls_and_smoke_work() { - kernel::storage::format().expect("format should seed image manifests"); - let before = kernel::task::program_loader::status(); - let probe = kernel::task::program_loader::run_user_syscall_probe( - security::Credentials::shell_user(), - "hello", - ) - .expect("user syscall probe should run"); - let after = kernel::task::program_loader::status(); - assert!(probe.syscall_return.returned_to_user); - assert!(after.user_syscall_count > before.user_syscall_count); - assert!(after.user_syscall_return_count > before.user_syscall_return_count); - - let has_syscall_record = process::get_all_processes_with_details().iter().any( - |(_, name, state, _, owner, _, load)| { - *name == "image-user-syscall" - && *state == process::ProcessState::Blocked - && *owner == security::Credentials::shell_user() - && load - .as_ref() - .map(|load| load.state == process::ProcessLoadState::UserSyscallReturned) - .unwrap_or(false) - }, - ); - assert!(has_syscall_record); - - assert!(syscall::invoke_raw(syscall::SyscallId::UserSyscallCount as u64, 0).unwrap() > 0); - assert!(syscall::invoke_raw(syscall::SyscallId::UserSyscallReturnCount as u64, 0).unwrap() > 0); - assert_eq!( - syscall::invoke_raw(syscall::SyscallId::UserSyscallCount as u64, 1), - Err(syscall::SyscallError::InvalidArgument) - ); - assert!(kernel::task::program_loader::phase19_smoke_check()); -} - -#[test_case] -fn phase20_run_hello_returns_guarded_elf_output() { - kernel::storage::format().expect("format should seed image manifests"); - security::set_current_credentials(security::Credentials::shell_user()); - let output = kernel::task::userspace::run_program("hello", &[]).expect("hello should execute"); - assert!(output.contains("hello")); - assert!(output.contains("exit=0")); -} - -#[test_case] -fn phase20_loader_process_metadata_syscalls_and_smoke_work() { - kernel::storage::format().expect("format should seed image manifests"); - let before = kernel::task::program_loader::status(); - let execution = kernel::task::program_loader::execute_minimal_user_elf( - security::Credentials::shell_user(), - "hello", - ) - .expect("hello should execute"); - let after = kernel::task::program_loader::status(); - assert_eq!(execution.exit_code, 0); - assert!(after.user_elf_execution_count > before.user_elf_execution_count); - assert!(after.user_elf_exit_count > before.user_elf_exit_count); - - let has_elf_record = process::get_all_processes_with_details().iter().any( - |(_, name, state, _, owner, _, load)| { - *name == "image-user-elf" - && *state == process::ProcessState::Blocked - && *owner == security::Credentials::shell_user() - && load - .as_ref() - .map(|load| load.state == process::ProcessLoadState::UserElfExited) - .unwrap_or(false) - }, - ); - assert!(has_elf_record); - - assert!(syscall::invoke_raw(syscall::SyscallId::UserElfExecutionCount as u64, 0).unwrap() > 0); - assert!(syscall::invoke_raw(syscall::SyscallId::UserElfExitCount as u64, 0).unwrap() > 0); - assert_eq!( - syscall::invoke_raw(syscall::SyscallId::UserElfExecutionCount as u64, 1), - Err(syscall::SyscallError::InvalidArgument) - ); - assert!(kernel::task::program_loader::phase20_smoke_check()); -} - -#[test_case] -fn phase21_hw_page_tables_smoke_works() { - kernel::storage::format().expect("format should seed image manifests"); - assert!(kernel::task::program_loader::phase21_smoke_check()); -} - -#[test_case] -fn phase22_cr3_activation_smoke_works() { - kernel::storage::format().expect("format should seed image manifests"); - assert!(kernel::task::program_loader::phase22_smoke_check()); -} - -#[test_case] -fn phase23_iretq_smoke_works() { - kernel::storage::format().expect("format should seed image manifests"); - assert!(kernel::task::program_loader::phase23_smoke_check()); -} - -#[test_case] -fn phase24_user_trap_smoke_works() { - kernel::storage::format().expect("format should seed image manifests"); - assert!(kernel::task::program_loader::phase24_smoke_check()); -} - -#[test_case] -fn phase25_hw_syscall_smoke_works() { - kernel::storage::format().expect("format should seed image manifests"); - assert!(kernel::task::program_loader::phase25_smoke_check()); -} - -#[test_case] -fn phase26_user_copy_smoke_works() { - kernel::storage::format().expect("format should seed image manifests"); - assert!(kernel::task::program_loader::phase26_smoke_check()); -} - -#[test_case] -fn phase27_reloc_smoke_works() { - kernel::storage::format().expect("format should seed image manifests"); - assert!(kernel::task::program_loader::phase27_smoke_check()); -} - -#[test_case] -fn phase28_hw_hello_smoke_works() { - kernel::storage::format().expect("format should seed image manifests"); - assert!(kernel::task::program_loader::phase28_smoke_check()); -} - -#[test_case] -fn phase29_allowlist_smoke_works() { - kernel::storage::format().expect("format should seed image manifests"); - assert!(kernel::task::program_loader::phase29_smoke_check()); -} - -#[test_case] -fn phase30_cr3_switch_smoke_works() { - kernel::storage::format().expect("format should seed image manifests"); - assert!(kernel::task::program_loader::phase30_cr3_switch_smoke()); -} - -#[test_case] -fn phase31_sched_cr3_smoke_works() { - kernel::storage::format().expect("format should seed image manifests"); - assert!(kernel::task::program_loader::phase31_sched_cr3_smoke()); -} - -#[test_case] -fn phase32_user_frame_smoke_works() { - assert!(kernel::task::program_loader::phase32_user_frame_smoke()); -} - -#[test_case] -fn phase33_multi_elf_smoke_works() { - kernel::storage::format().expect("format should seed image manifests"); - assert!(kernel::task::program_loader::phase33_multi_elf_smoke()); -} - -#[test_case] -fn phase34_exit_wait_smoke_works() { - assert!(kernel::task::program_loader::phase34_exit_wait_smoke()); -} - -#[test_case] -fn phase35_syscall_table_smoke_works() { - assert!(kernel::task::program_loader::phase35_syscall_table_smoke()); -} - -#[test_case] -fn phase36_storage_copyin_smoke_works() { - kernel::storage::format().expect("format should seed image manifests"); - assert!(kernel::task::program_loader::phase36_storage_copyin_smoke()); -} - -#[test_case] -fn phase37_manifest_elf_smoke_works() { - kernel::storage::format().expect("format should seed image manifests"); - assert!(kernel::task::program_loader::phase37_manifest_elf_smoke()); -} - -#[test_case] -fn phase38_demand_zero_smoke_works() { - kernel::storage::format().expect("format should seed image manifests"); - assert!(kernel::task::program_loader::phase38_demand_zero_smoke()); -} - -#[test_case] -fn phase39_dynamic_smoke_works() { - kernel::storage::format().expect("format should seed image manifests"); - assert!(kernel::task::program_loader::phase39_dynamic_smoke()); -} - -#[test_case] -fn phase40_integration_smoke_works() { - kernel::storage::format().expect("format should seed image manifests"); - assert!(kernel::task::program_loader::phase40_integration_smoke()); -} - -#[test_case] -fn phase41_shared_lib_smoke_works() { - kernel::storage::format().expect("format should seed image manifests"); - assert!(kernel::task::program_loader::phase41_shared_lib_smoke()); -} - -#[test_case] -fn phase42_dyn_reloc_smoke_works() { - kernel::storage::format().expect("format should seed image manifests"); - assert!(kernel::task::program_loader::phase42_dyn_reloc_smoke()); -} - -#[test_case] -fn phase43_trust_exec_smoke_works() { - kernel::storage::format().expect("format should seed image manifests"); - assert!(kernel::task::program_loader::phase43_trust_exec_smoke()); -} - -#[test_case] -fn phase44_user_path_smoke_works() { - kernel::storage::format().expect("format should seed image manifests"); - assert!(kernel::task::program_loader::phase44_user_path_smoke()); -} - -#[test_case] -fn phase45_file_fd_smoke_works() { - kernel::storage::format().expect("format should seed image manifests"); - assert!(kernel::task::program_loader::phase45_file_fd_smoke()); -} - -#[test_case] -fn phase46_fd_io_smoke_works() { - kernel::storage::format().expect("format should seed image manifests"); - assert!(kernel::task::program_loader::phase46_fd_io_smoke()); -} - -#[test_case] -fn phase47_file_demand_smoke_works() { - kernel::storage::format().expect("format should seed image manifests"); - assert!(kernel::task::program_loader::phase47_file_demand_smoke()); -} - -#[test_case] -fn phase48_wx_policy_smoke_works() { - assert!(kernel::task::program_loader::phase48_wx_policy_smoke()); -} - -#[test_case] -fn phase49_smp_smoke_works() { - assert!(kernel::task::program_loader::phase49_smp_smoke()); -} - -#[test_case] -fn phase50_integration_smoke_works() { - kernel::storage::format().expect("format should seed image manifests"); - assert!(kernel::task::program_loader::phase50_integration_smoke()); -} - -#[test_case] -fn phase51_proc_fd_smoke_works() { - kernel::storage::format().expect("format should seed image manifests"); - assert!(kernel::task::program_loader::phase51_proc_fd_smoke()); -} - -#[test_case] -fn phase52_fd_dup_smoke_works() { - kernel::storage::format().expect("format should seed image manifests"); - assert!(kernel::task::program_loader::phase52_fd_dup_smoke()); -} - -#[test_case] -fn phase53_mprotect_smoke_works() { - assert!(kernel::task::program_loader::phase53_mprotect_smoke()); -} - -#[test_case] -fn phase54_mmap_smoke_works() { - kernel::storage::format().expect("format should seed image manifests"); - assert!(kernel::task::program_loader::phase54_mmap_smoke()); -} - -#[test_case] -fn phase55_write_path_smoke_works() { - kernel::storage::format().expect("format should seed image manifests"); - assert!(kernel::task::program_loader::phase55_write_path_smoke()); -} - -#[test_case] -fn phase56_multi_shlib_smoke_works() { - kernel::storage::format().expect("format should seed image manifests"); - assert!(kernel::task::program_loader::phase56_multi_shlib_smoke()); -} - -#[test_case] -fn phase57_plt_reloc_smoke_works() { - kernel::storage::format().expect("format should seed image manifests"); - assert!(kernel::task::program_loader::phase57_plt_reloc_smoke()); -} - -#[test_case] -fn phase58_digest_trust_smoke_works() { - kernel::storage::format().expect("format should seed image manifests"); - assert!(kernel::task::program_loader::phase58_digest_trust_smoke()); -} - -#[test_case] -fn phase59_runqueue_smoke_works() { - assert!(kernel::task::program_loader::phase59_runqueue_smoke()); -} - -#[test_case] -fn phase60_integration_smoke_works() { - kernel::storage::format().expect("format should seed image manifests"); - assert!(kernel::task::program_loader::phase60_integration_smoke()); -} - -#[test_case] -fn phase61_chdir_smoke_works() { - kernel::storage::format().expect("format should seed image manifests"); - assert!(kernel::task::program_loader::phase61_chdir_smoke()); -} - -#[test_case] -fn phase62_munmap_smoke_works() { - kernel::storage::format().expect("format should seed image manifests"); - assert!(kernel::task::program_loader::phase62_munmap_smoke()); -} - -#[test_case] -fn phase63_vma_smoke_works() { - kernel::storage::format().expect("format should seed image manifests"); - assert!(kernel::task::program_loader::phase63_vma_smoke()); -} - -#[test_case] -fn phase64_forklite_smoke_works() { - kernel::storage::format().expect("format should seed image manifests"); - assert!(kernel::task::program_loader::phase64_forklite_smoke()); -} - -#[test_case] -fn phase65_ring3_syscall_smoke_works() { - kernel::storage::format().expect("format should seed image manifests"); - assert!(kernel::task::program_loader::phase65_ring3_syscall_smoke()); -} - -#[test_case] -fn phase66_fcntl_smoke_works() { - kernel::storage::format().expect("format should seed image manifests"); - assert!(kernel::task::program_loader::phase66_fcntl_smoke()); -} - -#[test_case] -fn phase67_lazy_plt_smoke_works() { - kernel::storage::format().expect("format should seed image manifests"); - assert!(kernel::task::program_loader::phase67_lazy_plt_smoke()); -} - -#[test_case] -fn phase68_tlb_shootdown_smoke_works() { - assert!(kernel::task::program_loader::phase68_tlb_shootdown_smoke()); -} - -#[test_case] -fn phase69_ap_idle_smoke_works() { - assert!(kernel::task::program_loader::phase69_ap_idle_smoke()); -} - -#[test_case] -fn phase70_integration_smoke_works() { - kernel::storage::format().expect("format should seed image manifests"); - assert!(kernel::task::program_loader::phase70_integration_smoke()); -} - -#[test_case] -fn phase71_sysret_smoke_works() { - kernel::storage::format().expect("format should seed image manifests"); - assert!(kernel::task::program_loader::phase71_sysret_smoke()); -} - -#[test_case] -fn phase72_ring3_chdir_smoke_works() { - kernel::storage::format().expect("format should seed image manifests"); - assert!(kernel::task::program_loader::phase72_ring3_chdir_smoke()); -} - -#[test_case] -fn phase73_munmap_len_smoke_works() { - kernel::storage::format().expect("format should seed image manifests"); - assert!(kernel::task::program_loader::phase73_munmap_len_smoke()); -} - -#[test_case] -fn phase74_waitlite_smoke_works() { - kernel::storage::format().expect("format should seed image manifests"); - assert!(kernel::task::program_loader::phase74_waitlite_smoke()); -} - -#[test_case] -fn phase75_syscallprobe_smoke_works() { - kernel::storage::format().expect("format should seed image manifests"); - assert!(kernel::task::program_loader::phase75_syscallprobe_smoke()); -} - -#[test_case] -fn phase76_fcntl_setfd_smoke_works() { - kernel::storage::format().expect("format should seed image manifests"); - assert!(kernel::task::program_loader::phase76_fcntl_setfd_smoke()); -} - -#[test_case] -fn phase77_ring3_lazy_plt_smoke_works() { - kernel::storage::format().expect("format should seed image manifests"); - assert!(kernel::task::program_loader::phase77_ring3_lazy_plt_smoke()); -} - -#[test_case] -fn phase78_ipi_tlb_smoke_works() { - assert!(kernel::task::program_loader::phase78_ipi_tlb_smoke()); -} - -#[test_case] -fn phase79_ap_trampoline_smoke_works() { - assert!(kernel::task::program_loader::phase79_ap_trampoline_smoke()); -} - -#[test_case] -fn phase80_integration_smoke_works() { - kernel::storage::format().expect("format should seed image manifests"); - assert!(kernel::task::program_loader::phase80_integration_smoke()); -} - -#[test_case] -fn phase81_hw_sysret_smoke_works() { - kernel::storage::format().expect("format should seed image manifests"); - assert!(kernel::task::program_loader::phase81_hw_sysret_smoke()); -} - -#[test_case] -fn phase82_getcwd_smoke_works() { - kernel::storage::format().expect("format should seed image manifests"); - assert!(kernel::task::program_loader::phase82_getcwd_smoke()); -} - -#[test_case] -fn phase83_chdirprobe_smoke_works() { - kernel::storage::format().expect("format should seed image manifests"); - assert!(kernel::task::program_loader::phase83_chdirprobe_smoke()); -} - -#[test_case] -fn phase84_vma_split_smoke_works() { - kernel::storage::format().expect("format should seed image manifests"); - assert!(kernel::task::program_loader::phase84_vma_split_smoke()); -} - -#[test_case] -fn phase85_fork_dup_smoke_works() { - kernel::storage::format().expect("format should seed image manifests"); - assert!(kernel::task::program_loader::phase85_fork_dup_smoke()); -} - -#[test_case] -fn phase86_exec_lite_smoke_works() { - kernel::storage::format().expect("format should seed image manifests"); - assert!(kernel::task::program_loader::phase86_exec_lite_smoke()); -} - -#[test_case] -fn phase87_pipe_lite_smoke_works() { - kernel::storage::format().expect("format should seed image manifests"); - assert!(kernel::task::program_loader::phase87_pipe_lite_smoke()); -} - -#[test_case] -fn phase88_ring3_plt_fault_smoke_works() { - kernel::storage::format().expect("format should seed image manifests"); - assert!(kernel::task::program_loader::phase88_ring3_plt_fault_smoke()); -} - -#[test_case] -fn phase89_ipi_send_smoke_works() { - assert!(kernel::task::program_loader::phase89_ipi_send_smoke()); -} - -#[test_case] -fn phase90_integration_smoke_works() { - assert!(kernel::task::program_loader::phase90_integration_smoke()); -} - -#[test_case] -fn phase91_fork_cow_smoke_works() { - kernel::storage::format().expect("format should seed image manifests"); - assert!(kernel::task::program_loader::phase91_fork_cow_smoke()); -} - -#[test_case] -fn phase92_poll_lite_smoke_works() { - kernel::storage::format().expect("format should seed image manifests"); - assert!(kernel::task::program_loader::phase92_poll_lite_smoke()); -} - -#[test_case] -fn phase93_mmap_gap_smoke_works() { - kernel::storage::format().expect("format should seed image manifests"); - assert!(kernel::task::program_loader::phase93_mmap_gap_smoke()); -} - -#[test_case] -fn phase94_exec_argv_smoke_works() { - kernel::storage::format().expect("format should seed image manifests"); - assert!(kernel::task::program_loader::phase94_exec_argv_smoke()); -} - -#[test_case] -fn phase95_pipe_probe_smoke_works() { - kernel::storage::format().expect("format should seed image manifests"); - assert!(kernel::task::program_loader::phase95_pipe_probe_smoke()); -} - -#[test_case] -fn phase96_vma_coalesce_smoke_works() { - kernel::storage::format().expect("format should seed image manifests"); - assert!(kernel::task::program_loader::phase96_vma_coalesce_smoke()); -} - -#[test_case] -fn phase97_work_steal_smoke_works() { - assert!(kernel::task::program_loader::phase97_work_steal_smoke()); -} - -#[test_case] -fn phase98_ap_runnable_smoke_works() { - assert!(kernel::task::program_loader::phase98_ap_runnable_smoke()); -} - -#[test_case] -fn phase99_lapic_icr_smoke_works() { - assert!(kernel::task::program_loader::phase99_lapic_icr_smoke()); -} - -#[test_case] -fn phase_100_integration_smoke_works() { - assert!(kernel::task::program_loader::phase100_integration_smoke()); -} - -#[test_case] -fn phase110_constitutional_smoke_works() { - assert!(kernel::governance::phase110_constitutional_smoke()); - assert!(kernel::governance::CONSTITUTIONAL_FOUNDATION_RATIFIED); - assert!(kernel::governance::IMMUTABLE_OBJECT_IDENTITY); - assert_eq!(kernel::governance::NATIVE_SYSCALL_ID_BASE, 256); -} - -#[test_case] -fn phase120_cap_compat_smoke_works() { - assert!( - kernel::kernel_object::phase111_kernel_object_smoke(), - "phase111" - ); - assert!( - kernel::kernel_object::phase112_cap_lifecycle_smoke(), - "phase112" - ); - assert!(kernel::kernel_object::phase113_rights_smoke(), "phase113"); - assert!( - kernel::kernel_object::phase114_storage_grant_smoke(), - "phase114" - ); - assert!( - kernel::path_broker::phase115_path_broker_smoke(), - "phase115" - ); - assert!( - kernel::kernel_object::phase116_ambient_deny_smoke(), - "phase116" - ); - assert!( - kernel::kernel_object::phase117_namespace_smoke(), - "phase117" - ); - assert!( - kernel::storage_broker::phase118_broker_mint_smoke(), - "phase118" - ); - assert!( - kernel::kernel_object::phase119_compat_bridge_smoke(), - "phase119" - ); - assert!(kernel::governance::phase120_cap_compat_smoke()); -} - -#[test_case] -fn phase121_service_loader_smoke_works() { - assert!(kernel::governance::phase121_service_loader_smoke()); - let (bootstrap, e00, budget, quota) = kernel::governance::phase121_status(); - assert!(bootstrap, "bootstrap ceremony"); - assert!(e00, "e00 saturation"); - assert!(budget, "mem budget"); - assert!(quota, "cap quota"); } #[test_case] -fn phase130_platform_integration_smoke_works() { - assert!(kernel::ipc_interim_bridge::phase_interim_ipc_smoke()); - assert!(kernel::governance::phase122_storage_broker_smoke()); - assert!(kernel::governance::phase128_native_manifest_smoke()); - assert!(kernel::governance::phase130_platform_integration_smoke()); +fn boot_gate_unified() { + assert!(kernel::boot_gate::boot_gate()); } diff --git a/never_stabilize_graduated.toml b/never_stabilize_graduated.toml index 7fbd8a8..b95992d 100644 --- a/never_stabilize_graduated.toml +++ b/never_stabilize_graduated.toml @@ -31,5 +31,5 @@ name = "compat-internal channels" replacement = "native endpoint path only (bridge count 0)" [[graduated_items]] -name = "ares-rt host std dependency" -replacement = "ares-rt #![no_std] lib + host cargo check" +name = "clan-rt host std dependency" +replacement = "clan-rt #![no_std] lib + host cargo check" diff --git a/prereq_graph.toml b/prereq_graph.toml index 68119de..03b501d 100644 --- a/prereq_graph.toml +++ b/prereq_graph.toml @@ -1,5 +1,5 @@ -# Phase and document prerequisite graph for CI enforcement. -# blocking_phase = "epoch-0" edges govern foundational doc authoring order. +# Scope and document prerequisite graph for CI enforcement. +# blocking_scope = "epoch-0" edges govern foundational doc authoring order. [schema] version = "1.0.0" @@ -9,92 +9,92 @@ version = "1.0.0" [[nodes]] id = "CHARTER.md" path = "CHARTER.md" -blocking_phase = "epoch-0" +blocking_scope = "epoch-0" [[nodes]] id = "gap_registry.toml" path = "gap_registry.toml" -blocking_phase = "epoch-0" +blocking_scope = "epoch-0" [[nodes]] id = "SECURITY.md" path = "SECURITY.md" -blocking_phase = "epoch-0" +blocking_scope = "epoch-0" [[nodes]] id = "KERNEL_OBJECT_MODEL.md" path = "docs/KERNEL_OBJECT_MODEL.md" -blocking_phase = "epoch-0" +blocking_scope = "epoch-0" [[nodes]] id = "RIGHTS_ALGEBRA.md" path = "docs/RIGHTS_ALGEBRA.md" -blocking_phase = "epoch-0" +blocking_scope = "epoch-0" [[nodes]] id = "FAULT_ESCALATION.md" path = "docs/FAULT_ESCALATION.md" -blocking_phase = "epoch-0" +blocking_scope = "epoch-0" [[nodes]] id = "THREAT_MODEL.md" path = "docs/THREAT_MODEL.md" -blocking_phase = "epoch-0" +blocking_scope = "epoch-0" [[nodes]] id = "THREAT_NODES.toml" path = "docs/THREAT_NODES.toml" -blocking_phase = "epoch-0" +blocking_scope = "epoch-0" [[nodes]] id = "DESIGN_NORTH_STAR.md" path = "docs/DESIGN_NORTH_STAR.md" -blocking_phase = "epoch-0" +blocking_scope = "epoch-0" [[nodes]] id = "DECISION_LOG.md" path = "docs/DECISION_LOG.md" -blocking_phase = "epoch-0" +blocking_scope = "epoch-0" [[nodes]] id = "CAP_REGISTRY.toml" path = "docs/CAP_REGISTRY.toml" -blocking_phase = "epoch-0" +blocking_scope = "epoch-0" [[nodes]] id = "CAP_TRANSFER_PROTOCOL.md" path = "docs/CAP_TRANSFER_PROTOCOL.md" -blocking_phase = "epoch-0" +blocking_scope = "epoch-0" [[nodes]] id = "SCHEDULER_MODEL.md" path = "docs/SCHEDULER_MODEL.md" -blocking_phase = "epoch-0" +blocking_scope = "epoch-0" [[nodes]] id = "PROOF_COVERAGE.md" path = "docs/PROOF_COVERAGE.md" -blocking_phase = "epoch-0" +blocking_scope = "epoch-0" [[nodes]] id = "KANI_SCOPE.md" path = "docs/KANI_SCOPE.md" -blocking_phase = "epoch-0" +blocking_scope = "epoch-0" [[nodes]] id = "EPOCH_FAILURE_PROCEDURE.md" path = "docs/EPOCH_FAILURE_PROCEDURE.md" -blocking_phase = "epoch-0" +blocking_scope = "epoch-0" [[nodes]] id = "formal_semantics_framework_decision" path = "docs/DECISION_LOG.md#formal-semantics-framework" -blocking_phase = "epoch-0" +blocking_scope = "epoch-0" [[nodes]] id = "formal_model_tier_d" path = "docs/FORMAL_MODEL.md" -blocking_phase = "post-150" +blocking_scope = "post-150" tier = "D" # --- Epoch 0 edges --- @@ -102,115 +102,115 @@ tier = "D" [[edges]] from = "gap_registry.toml" to = "CHARTER.md" -blocking_phase = "epoch-0" +blocking_scope = "epoch-0" [[edges]] from = "SECURITY.md" to = "CHARTER.md" -blocking_phase = "epoch-0" +blocking_scope = "epoch-0" [[edges]] from = "KERNEL_OBJECT_MODEL.md" to = "CHARTER.md" -blocking_phase = "epoch-0" +blocking_scope = "epoch-0" [[edges]] from = "RIGHTS_ALGEBRA.md" to = "KERNEL_OBJECT_MODEL.md" -blocking_phase = "epoch-0" +blocking_scope = "epoch-0" [[edges]] from = "FAULT_ESCALATION.md" to = "KERNEL_OBJECT_MODEL.md" -blocking_phase = "epoch-0" +blocking_scope = "epoch-0" [[edges]] from = "FAULT_ESCALATION.md" to = "RIGHTS_ALGEBRA.md" -blocking_phase = "epoch-0" +blocking_scope = "epoch-0" [[edges]] from = "THREAT_MODEL.md" to = "FAULT_ESCALATION.md" -blocking_phase = "epoch-0" +blocking_scope = "epoch-0" [[edges]] from = "THREAT_NODES.toml" to = "FAULT_ESCALATION.md" -blocking_phase = "epoch-0" +blocking_scope = "epoch-0" [[edges]] from = "DESIGN_NORTH_STAR.md" to = "THREAT_MODEL.md" -blocking_phase = "epoch-0" +blocking_scope = "epoch-0" [[edges]] from = "DESIGN_NORTH_STAR.md" to = "CHARTER.md" -blocking_phase = "epoch-0" +blocking_scope = "epoch-0" [[edges]] from = "DECISION_LOG.md" to = "CHARTER.md" -blocking_phase = "epoch-0" +blocking_scope = "epoch-0" [[edges]] from = "CAP_REGISTRY.toml" to = "KERNEL_OBJECT_MODEL.md" -blocking_phase = "epoch-0" +blocking_scope = "epoch-0" [[edges]] from = "CAP_TRANSFER_PROTOCOL.md" to = "KERNEL_OBJECT_MODEL.md" -blocking_phase = "epoch-0" +blocking_scope = "epoch-0" [[edges]] from = "CAP_TRANSFER_PROTOCOL.md" to = "RIGHTS_ALGEBRA.md" -blocking_phase = "epoch-0" +blocking_scope = "epoch-0" [[edges]] from = "SCHEDULER_MODEL.md" to = "KERNEL_OBJECT_MODEL.md" -blocking_phase = "epoch-0" +blocking_scope = "epoch-0" [[edges]] from = "SCHEDULER_MODEL.md" to = "FAULT_ESCALATION.md" -blocking_phase = "epoch-0" +blocking_scope = "epoch-0" [[edges]] from = "PROOF_COVERAGE.md" to = "RIGHTS_ALGEBRA.md" -blocking_phase = "epoch-0" +blocking_scope = "epoch-0" [[edges]] from = "KANI_SCOPE.md" to = "PROOF_COVERAGE.md" -blocking_phase = "epoch-0" +blocking_scope = "epoch-0" [[edges]] from = "EPOCH_FAILURE_PROCEDURE.md" to = "CHARTER.md" -blocking_phase = "epoch-0" +blocking_scope = "epoch-0" # Formal semantics framework gates all Tier D / formal model work (#338) [[edges]] from = "formal_model_tier_d" to = "formal_semantics_framework_decision" -blocking_phase = "epoch-0" +blocking_scope = "epoch-0" blocking = true -# --- Cross-epoch examples (implementation phases) --- +# --- Cross-epoch examples (implementation scopes) --- [[edges]] -from = "phase-121" +from = "scope-121" to = "KERNEL_OBJECT_MODEL.md" blocking_epoch = 1 [[edges]] -from = "phase-134" +from = "scope-134" to = "CAP_TRANSFER_PROTOCOL.md" blocking_epoch = 3 @@ -257,16 +257,16 @@ to = "formal_semantics_framework_decision" blocking_epoch = 13 [[edges]] -from = "phase-200" +from = "scope-200" to = "SCHEDULING_UNIFIED.md" blocking_epoch = 8 [[edges]] -from = "phase-250" +from = "scope-250" to = "DRIVER_MODEL.md" blocking_epoch = 11 [[edges]] -from = "phase-350" +from = "scope-350" to = "FORMAL_MODEL.md" blocking_epoch = 14 diff --git a/phase_checklist_schema.toml b/scope_checklist_schema.toml similarity index 83% rename from phase_checklist_schema.toml rename to scope_checklist_schema.toml index f19eb42..61819c1 100644 --- a/phase_checklist_schema.toml +++ b/scope_checklist_schema.toml @@ -1,4 +1,4 @@ -# Required fields for docs/phase-NNN-checklist.md files. +# Required fields for docs/scope-NNN-checklist.md files. [schema] version = "1.0.0" @@ -11,68 +11,68 @@ fuzz_target = "FUZZ_TARGETS id or N/A" compat_review_entry = "bool — compat impact reviewed" oom_stub_ref = "MEM_BUDGET / shed stub section or N/A" benchmark_baseline_ref = "baseline JSON key or N/A" -phase_owner = "string — sole feat(phase-NNN) committer" +scope_owner = "string — sole feat(scope-NNN) committer" backup_reviewer = "string" -# Architecturally consequential decisions — DECISION_LOG entry required before phase close (#334). -# Each entry names the decision category, owning doc, and earliest closing phase. +# Architecturally consequential decisions — DECISION_LOG entry required before scope close (#334). +# Each entry names the decision category, owning doc, and earliest closing scope. [[required_decisions]] id = "scheduler_priority_inversion" summary = "Priority inheritance, ceiling, or explicit denial under cap chains" doc = "docs/SCHEDULER_MODEL.md" -earliest_phase = 121 +earliest_scope = 121 decision_log_required = true [[required_decisions]] id = "r_destroy_notify_ordering" summary = "R-destroy-notify delivery ordering (simultaneous vs serialized)" doc = "docs/KERNEL_OBJECT_MODEL.md" -earliest_phase = 121 +earliest_scope = 121 decision_log_required = true [[required_decisions]] id = "mint_vs_delegation_authority" summary = "Named mint role vs all-caps-from-root-mint policy" doc = "docs/KERNEL_OBJECT_MODEL.md" -earliest_phase = 121 +earliest_scope = 121 decision_log_required = true [[required_decisions]] id = "cap_reference_cycle_policy" summary = "Cap table reference cycle detection and revocation behavior" doc = "docs/KERNEL_OBJECT_MODEL.md" -earliest_phase = 121 +earliest_scope = 121 decision_log_required = true [[required_decisions]] id = "wait_set_revocation_policy" summary = "Partial vs all-terminal wait-set revocation on multi-cap wait" doc = "docs/SCHEDULER_MODEL.md" -earliest_phase = 121 +earliest_scope = 121 decision_log_required = true [[required_decisions]] id = "audit_tamper_policy" summary = "Chain hash vs privileged-write tamper model for audit subsystem" doc = "docs/AUDIT_SUBSYSTEM.md" -earliest_phase = 121 +earliest_scope = 121 decision_log_required = true [[required_decisions]] id = "driver_isolation_model" summary = "Kernel TCB vs process+device caps vs hybrid driver hosting" doc = "docs/DRIVER_MODEL.md" -earliest_phase = 122 +earliest_scope = 122 decision_log_required = true [[required_decisions]] id = "suspend_flush_timeout" summary = "Suspend flush timeout → block suspend vs hard terminate (tier 3)" doc = "docs/FAULT_ESCALATION.md" -earliest_phase = 121 +earliest_scope = 121 decision_log_required = true -[phase_close_gate] -# CI checks decision_log_entry field in checklist when closing phase >= earliest_phase +[scope_close_gate] +# CI checks decision_log_entry field in checklist when closing scope >= earliest_scope decision_log_entry = "DECISION_LOG.md anchor id matching required_decisions.id" diff --git a/phase_snapshots.toml b/scope_snapshots.toml similarity index 56% rename from phase_snapshots.toml rename to scope_snapshots.toml index 1e93ca7..5c14d7d 100644 --- a/phase_snapshots.toml +++ b/scope_snapshots.toml @@ -1,11 +1,11 @@ -# Per-phase snapshots including marginal feature cost (#336). +# Per-scope snapshots including marginal feature cost (#336). # feature_cost_marginal: estimated overhead vs minimal kernel config (rough, epoch gate). [schema] version = "1.0.0" [[snapshots]] -phase = 120 +scope = 120 epoch = 0 -notes = "Calibration baseline — see benchmarks/phase-120-baseline.json" +notes = "Calibration baseline — see benchmarks/scope-120-baseline.json" feature_cost_marginal = null diff --git a/scripts/count_ipc_bridge.py b/scripts/count_ipc_bridge.py index 74aa0b6..850ecb4 100644 --- a/scripts/count_ipc_bridge.py +++ b/scripts/count_ipc_bridge.py @@ -1,5 +1,5 @@ #!/usr/bin/env python3 -"""CI: ipc bridge retired by phase 134 — counter API must reach zero after retire.""" +"""CI: ipc bridge retired by scope 134 — counter API must reach zero after retire.""" from __future__ import annotations @@ -19,7 +19,7 @@ def main() -> int: print("count_ipc_bridge: retire_bridge() not called from ipc_endpoints", file=sys.stderr) return 1 if "ipc_bridge_compat_internal_count() == 0" not in gov: - print("count_ipc_bridge: phase140 bridge_zero check missing", file=sys.stderr) + print("count_ipc_bridge: build_endpoints bridge_zero check missing", file=sys.stderr) return 1 refs = len(re.findall(r"ipc_bridge_compat_internal", ep + gov)) print(f"count_ipc_bridge: OK (retire path present; static_refs={refs})") diff --git a/scripts/covenant_ci.py b/scripts/covenant_ci.py index cda87ed..19c0169 100644 --- a/scripts/covenant_ci.py +++ b/scripts/covenant_ci.py @@ -1,5 +1,5 @@ #!/usr/bin/env python3 -"""Enforce plan covenant CI rules (aresos_full_os_build plan lines 1614-1636).""" +"""Enforce plan covenant CI rules (Clan OS full build plan lines 1614-1636).""" from __future__ import annotations @@ -26,8 +26,8 @@ "loom_gate.py", "transfer_toctou_check.py", "kani_gate.py", - "phase_checklist_spot_check.py", - "scripts/gate/host.py", + "scope_checklist_spot_check.py", + "gate/host.py", "proof_cache_check.py", "release_scorecard_check.py", ] diff --git a/scripts/desktop_screendump_check.py b/scripts/desktop_screendump_check.py index c2c5894..678fb94 100644 --- a/scripts/desktop_screendump_check.py +++ b/scripts/desktop_screendump_check.py @@ -18,9 +18,9 @@ BOOT_ATTEMPTS = 3 READY_MARKERS = ( - "AresOS shell ready", - "AresOS-SystemGate: ok=true", - "AresOS-Gate: name=desktop_preview ok=true", + "Clan OS shell ready", + "ClanOS-SystemGate: ok=true", + "ClanOS-Gate: name=desktop_preview ok=true", ) diff --git a/scripts/doc_link_check.py b/scripts/doc_link_check.py index 6f60057..d7518dc 100644 --- a/scripts/doc_link_check.py +++ b/scripts/doc_link_check.py @@ -44,7 +44,7 @@ "docs/COMPAT_SUNSET.md", "docs/IPC_VERSION_NEGOTIATION.md", "docs/ABI_NATIVE_SYSCALL.md", - "docs/ABI_ARES_RT.md", + "docs/ABI_CLAN_RT.md", "docs/VIRTIO_SAFETY.md", "docs/ABI_COMPOSITOR_IPC.md", "docs/ARCHITECTURE_TARGETS.md", diff --git a/scripts/epoch_signoff_check.py b/scripts/epoch_signoff_check.py index 25dd7a2..127303f 100644 --- a/scripts/epoch_signoff_check.py +++ b/scripts/epoch_signoff_check.py @@ -32,8 +32,8 @@ def main() -> int: errors.append(f"missing {path.name}") continue data = parse_signoff(path) - if "epoch" not in data and "phase" not in data: - errors.append(f"{path.name}: missing epoch/phase field") + if "epoch" not in data and "scope" not in data: + errors.append(f"{path.name}: missing epoch/scope field") if errors: for e in errors: print(f"epoch_signoff_check: {e}", file=sys.stderr) diff --git a/scripts/fix_scope_checklist_backticks.py b/scripts/fix_scope_checklist_backticks.py new file mode 100644 index 0000000..4f9b31a --- /dev/null +++ b/scripts/fix_scope_checklist_backticks.py @@ -0,0 +1,37 @@ +#!/usr/bin/env python3 +"""Fix missing closing backticks on gate CLI lines in scope checklists.""" + +from __future__ import annotations + +import re +from pathlib import Path + +ROOT = Path(__file__).resolve().parents[1] / "docs" +PAT = re.compile( + r"^(- \[x\] `)(python scripts/gate/(?:boot|system)\.py --gate \S+ --timeout \d+)$" +) + + +def main() -> int: + fixed = 0 + for path in sorted(ROOT.glob("scope-*-checklist.md")): + lines_out: list[str] = [] + changed = False + for line in path.read_text(encoding="utf-8").splitlines(keepends=True): + body = line.rstrip("\r\n") + suffix = line[len(body) :] + m = PAT.match(body) + if m: + lines_out.append(m.group(1) + m.group(2) + "`" + suffix) + changed = True + fixed += 1 + else: + lines_out.append(line) + if changed: + path.write_text("".join(lines_out), encoding="utf-8") + print(f"fix_scope_checklist_backticks: {fixed} lines") + return 0 + + +if __name__ == "__main__": + raise SystemExit(main()) diff --git a/scripts/gate/__init__.py b/scripts/gate/__init__.py index 6977392..e031c04 100644 --- a/scripts/gate/__init__.py +++ b/scripts/gate/__init__.py @@ -1 +1 @@ -"""Unified AresOS validation gate tooling (boot + system).""" +"""Unified Clan OS validation gate tooling (boot + system).""" diff --git a/scripts/gate/boot.py b/scripts/gate/boot.py index 4f03f41..b42e04d 100644 --- a/scripts/gate/boot.py +++ b/scripts/gate/boot.py @@ -1,5 +1,5 @@ #!/usr/bin/env python3 -"""QEMU smoke gate for boot validation (phases 6–150).""" +"""QEMU smoke gate for boot validation (subsystem gates).""" from __future__ import annotations @@ -11,7 +11,7 @@ if str(_SCRIPTS) not in sys.path: sys.path.insert(0, str(_SCRIPTS)) -from gate.map import BOOT_GATES, boot_gate_for_phase +from gate.map import BOOT_GATES from gate.qemu import run_smoke PREEMPTION_GATES = frozenset({"boot", "boundary", "shell_storage"}) @@ -20,21 +20,13 @@ def main(argv: list[str] | None = None) -> int: ap = argparse.ArgumentParser(description=__doc__) ap.add_argument("--gate", choices=sorted(BOOT_GATES.keys()), help="Boot subsystem gate") - ap.add_argument("--phase", type=int, help="Legacy phase number (maps to boot gate)") ap.add_argument("--timeout", type=int, default=360) args = ap.parse_args(argv) - gate = args.gate - if args.phase is not None: - mapped = boot_gate_for_phase(args.phase) - if mapped is None: - print(f"gate/boot: no boot gate mapping for phase {args.phase}", file=sys.stderr) - return 1 - gate = mapped - if gate is None: - ap.error("specify --gate or --phase") - pattern = BOOT_GATES[gate] - label = f"gate/boot:{gate}" - features = ["--features", "preemption"] if gate in PREEMPTION_GATES else None + if args.gate is None: + ap.error("specify --gate") + pattern = BOOT_GATES[args.gate] + label = f"gate/boot:{args.gate}" + features = ["--features", "preemption"] if args.gate in PREEMPTION_GATES else None return run_smoke(pattern, label, args.timeout, features) diff --git a/scripts/gate/boot_host.py b/scripts/gate/boot_host.py index 18cf541..9dff8db 100644 --- a/scripts/gate/boot_host.py +++ b/scripts/gate/boot_host.py @@ -11,27 +11,28 @@ ROOT = Path(__file__).resolve().parents[2] GATE = ROOT / "kernel" / "src" / "boot_gate.rs" GATES = [ - "eval_shell_storage", - "eval_loader_security", - "eval_memory_layout", - "eval_userspace_bootstrap", - "exec_phase21_to_30_smokes", - "exec_phase31_to_40_smokes", - "exec_phase41_to_50_smokes", - "exec_phase51_to_60_smokes", - "exec_phase61_to_70_smokes", - "exec_phase71_to_80_smokes", - "exec_phase81_to_90_smokes", - "exec_phase91_to_100_smokes", - "exec_phase101_to_110_smokes", - "exec_phase111_to_120_smokes", - "exec_phase121_smoke", - "exec_phase122_to_130_smokes", - "exec_phase131_to_140_smokes", - "exec_phase201_virtio_smoke", - "exec_epoch4_network_smokes", - "exec_epoch5_scheduler_smokes", - "exec_milestone150", + "smoke_shell_storage", + "smoke_loader_security", + "smoke_memory_layout", + "smoke_userspace_bootstrap", + "smoke_hw_paging", + "smoke_sched_userspace", + "smoke_dynamic_runtime", + "smoke_fd_mmap", + "smoke_vm_fork", + "smoke_syscall_ring3", + "smoke_path_exec", + "smoke_smp_depth", + "smoke_constitutional", + "smoke_capabilities", + "smoke_service_loader", + "smoke_platform_brokers", + "smoke_build_endpoints", + "smoke_virtio_blk", + "smoke_network_compat", + "smoke_scheduler_epoch", + "smoke_boundary", + "boot_gate", "run_boot_gate", ] diff --git a/scripts/gate/clan_rt.py b/scripts/gate/clan_rt.py index 61c9785..cd8a267 100644 --- a/scripts/gate/clan_rt.py +++ b/scripts/gate/clan_rt.py @@ -1,5 +1,5 @@ #!/usr/bin/env python3 -"""Host check: ares-rt no_std (phase 401).""" +"""Host check: clan-rt no_std (scope 401).""" from __future__ import annotations @@ -16,7 +16,7 @@ def main() -> int: ap.add_argument("--timeout", type=int, default=120) _ = ap.parse_args() r = subprocess.run( - ["cargo", "check", "-p", "ares-rt", "--lib"], + ["cargo", "check", "-p", "clan-rt", "--lib"], cwd=REPO, capture_output=True, text=True, @@ -24,13 +24,13 @@ def main() -> int: ) if r.returncode != 0: print(r.stdout + r.stderr, file=sys.stderr) - print("gate/ares_rt: FAIL", file=sys.stderr) + print("gate/clan_rt: FAIL", file=sys.stderr) return 1 lib = REPO / "userland" / "src" / "lib.rs" if "#![no_std]" not in lib.read_text(encoding="utf-8"): - print("gate/ares_rt: missing #![no_std]", file=sys.stderr) + print("gate/clan_rt: missing #![no_std]", file=sys.stderr) return 1 - print("gate/ares_rt: OK") + print("gate/clan_rt: OK") return 0 diff --git a/scripts/gate/clan_rt_heap.py b/scripts/gate/clan_rt_heap.py new file mode 100644 index 0000000..2fe9cf7 --- /dev/null +++ b/scripts/gate/clan_rt_heap.py @@ -0,0 +1,58 @@ +#!/usr/bin/env python3 +"""Host check: hello-alloc builds for x86_64-unknown-none with clan-rt heap.""" + +from __future__ import annotations + +import argparse +import subprocess +import sys +from pathlib import Path + +REPO = Path(__file__).resolve().parents[2] +ELF = REPO / "target" / "x86_64-unknown-none" / "release" / "hello-alloc" +MAX_IMAGE_SIZE = 32768 + + +def main() -> int: + ap = argparse.ArgumentParser() + ap.add_argument("--timeout", type=int, default=180) + args = ap.parse_args() + r = subprocess.run( + [ + "cargo", + "build", + "-p", + "hello-alloc", + "--release", + "--target", + "x86_64-unknown-none", + ], + cwd=REPO, + capture_output=True, + text=True, + timeout=args.timeout, + ) + if r.returncode != 0: + print(r.stdout + r.stderr, file=sys.stderr) + print("gate/clan_rt_heap: FAIL (build)", file=sys.stderr) + return 1 + if not ELF.is_file(): + print(f"gate/clan_rt_heap: missing ELF at {ELF}", file=sys.stderr) + return 1 + if ELF.stat().st_size > MAX_IMAGE_SIZE: + print("gate/clan_rt_heap: ELF exceeds MAX_IMAGE_SIZE", file=sys.stderr) + return 1 + heap_rs = REPO / "userland" / "src" / "heap.rs" + if "#[global_allocator]" not in heap_rs.read_text(encoding="utf-8"): + print("gate/clan_rt_heap: missing global allocator", file=sys.stderr) + return 1 + main_rs = REPO / "userland" / "hello-alloc" / "src" / "main.rs" + if "extern crate alloc" not in main_rs.read_text(encoding="utf-8"): + print("gate/clan_rt_heap: missing extern crate alloc", file=sys.stderr) + return 1 + print("gate/clan_rt_heap: OK") + return 0 + + +if __name__ == "__main__": + raise SystemExit(main()) diff --git a/scripts/gate/clan_rt_ring3.py b/scripts/gate/clan_rt_ring3.py new file mode 100644 index 0000000..b04bcd5 --- /dev/null +++ b/scripts/gate/clan_rt_ring3.py @@ -0,0 +1,53 @@ +#!/usr/bin/env python3 +"""Host check: ring3-io-demo builds for x86_64-unknown-none.""" + +from __future__ import annotations + +import argparse +import subprocess +import sys +from pathlib import Path + +REPO = Path(__file__).resolve().parents[2] +ELF = REPO / "target" / "x86_64-unknown-none" / "release" / "ring3-io-demo" + + +def main() -> int: + ap = argparse.ArgumentParser() + ap.add_argument("--timeout", type=int, default=120) + args = ap.parse_args() + r = subprocess.run( + [ + "cargo", + "build", + "-p", + "ring3-io-demo", + "--release", + "--target", + "x86_64-unknown-none", + ], + cwd=REPO, + capture_output=True, + text=True, + timeout=args.timeout, + ) + if r.returncode != 0: + print(r.stdout + r.stderr, file=sys.stderr) + print("gate/clan_rt_ring3: FAIL (build)", file=sys.stderr) + return 1 + if not ELF.is_file(): + print(f"gate/clan_rt_ring3: missing ELF at {ELF}", file=sys.stderr) + return 1 + if ELF.stat().st_size > 32768: + print("gate/clan_rt_ring3: ELF exceeds MAX_IMAGE_SIZE", file=sys.stderr) + return 1 + main_rs = REPO / "userland" / "ring3-io-demo" / "src" / "main.rs" + if "#![no_std]" not in main_rs.read_text(encoding="utf-8"): + print("gate/clan_rt_ring3: missing #![no_std]", file=sys.stderr) + return 1 + print("gate/clan_rt_ring3: OK") + return 0 + + +if __name__ == "__main__": + raise SystemExit(main()) diff --git a/scripts/gate/compat_subsystems.py b/scripts/gate/compat_subsystems.py new file mode 100644 index 0000000..72044f1 --- /dev/null +++ b/scripts/gate/compat_subsystems.py @@ -0,0 +1,55 @@ +#!/usr/bin/env python3 +"""Host check: consolidated compat subsystem gates in system_gate.rs.""" + +from __future__ import annotations + +import subprocess +import sys +from pathlib import Path + +ROOT = Path(__file__).resolve().parents[2] +GATE = ROOT / "kernel" / "src" / "system_gate.rs" + +SMOKES = ( + "smoke_compat_runtime", + "smoke_compat_fd_vm", + "smoke_compat_signal", + "smoke_storage_depth", + "smoke_posix_compat", + "compat_subsystems_smoke", +) + + +def main() -> int: + text = GATE.read_text(encoding="utf-8") + for fn in SMOKES: + if fn not in text: + print(f"gate/compat_subsystems: missing {fn}", file=sys.stderr) + return 1 + if "compat_subsystems_smoke()" not in text.split("functional_gate", 1)[-1]: + print("gate/compat_subsystems: not wired into functional_gate", file=sys.stderr) + return 1 + proc = subprocess.run( + [ + "cargo", + "build", + "-p", + "sig-demo", + "--release", + "--target", + "x86_64-unknown-none", + ], + cwd=ROOT, + capture_output=True, + text=True, + ) + if proc.returncode != 0: + print(proc.stdout + proc.stderr, file=sys.stderr) + print("gate/compat_subsystems: FAIL (sig-demo build)", file=sys.stderr) + return 1 + print("gate/compat_subsystems: OK") + return 0 + + +if __name__ == "__main__": + raise SystemExit(main()) diff --git a/scripts/gate/cow_fork.py b/scripts/gate/cow_fork.py new file mode 100644 index 0000000..0f5edf6 --- /dev/null +++ b/scripts/gate/cow_fork.py @@ -0,0 +1,43 @@ +#!/usr/bin/env python3 +"""Host check: PF-driven CoW fork wiring.""" + +from __future__ import annotations + +import argparse +import sys +from pathlib import Path + +REPO = Path(__file__).resolve().parents[2] +COW = REPO / "kernel" / "src" / "cow_fork.rs" +DEMAND = REPO / "kernel" / "src" / "demand_paging.rs" +PAGING = REPO / "kernel" / "src" / "user_paging.rs" + + +def main() -> int: + ap = argparse.ArgumentParser() + ap.add_argument("--timeout", type=int, default=30) + _ = ap.parse_args() + cow_text = COW.read_text(encoding="utf-8") + demand_text = DEMAND.read_text(encoding="utf-8") + paging_text = PAGING.read_text(encoding="utf-8") + if "try_break_on_write" not in cow_text: + print("gate/cow_fork: missing try_break_on_write", file=sys.stderr) + return 1 + if "share_after_fork" not in cow_text: + print("gate/cow_fork: missing share_after_fork", file=sys.stderr) + return 1 + if "cow_fork::try_break_on_write" not in demand_text: + print("gate/cow_fork: demand paging not wired", file=sys.stderr) + return 1 + if "privatize_cow_page" not in paging_text: + print("gate/cow_fork: missing privatize_cow_page", file=sys.stderr) + return 1 + if "smoke_cow_fork" not in cow_text: + print("gate/cow_fork: missing smoke", file=sys.stderr) + return 1 + print("gate/cow_fork: OK") + return 0 + + +if __name__ == "__main__": + raise SystemExit(main()) diff --git a/scripts/gate/ext2_create_unlink.py b/scripts/gate/ext2_create_unlink.py new file mode 100644 index 0000000..93bb377 --- /dev/null +++ b/scripts/gate/ext2_create_unlink.py @@ -0,0 +1,40 @@ +#!/usr/bin/env python3 +"""Host check: ext2 create/unlink + multi-block grow.""" + +from __future__ import annotations + +import argparse +import sys +from pathlib import Path + +REPO = Path(__file__).resolve().parents[2] +EXT2 = REPO / "kernel" / "src" / "ext2.rs" +VFS = REPO / "kernel" / "src" / "vfs.rs" + + +def main() -> int: + ap = argparse.ArgumentParser() + ap.add_argument("--timeout", type=int, default=30) + _ = ap.parse_args() + ext2_text = EXT2.read_text(encoding="utf-8") + vfs_text = VFS.read_text(encoding="utf-8") + for needle in ( + "pub fn create_file", + "pub fn unlink_file", + "MAX_FILE_BLOCKS", + "alloc_block", + "smoke_ext2_create_unlink", + ): + if needle not in ext2_text: + print(f"gate/ext2_create_unlink: missing {needle}", file=sys.stderr) + return 1 + for needle in ("create_bytes", "unlink_path"): + if needle not in vfs_text: + print(f"gate/ext2_create_unlink: vfs missing {needle}", file=sys.stderr) + return 1 + print("gate/ext2_create_unlink: OK") + return 0 + + +if __name__ == "__main__": + raise SystemExit(main()) diff --git a/scripts/gate/ext2_write.py b/scripts/gate/ext2_write.py new file mode 100644 index 0000000..289fac3 --- /dev/null +++ b/scripts/gate/ext2_write.py @@ -0,0 +1,38 @@ +#!/usr/bin/env python3 +"""Host check: ext2 write path exists and is bounded.""" + +from __future__ import annotations + +import argparse +import sys +from pathlib import Path + +REPO = Path(__file__).resolve().parents[2] +EXT2 = REPO / "kernel" / "src" / "ext2.rs" +VFS = REPO / "kernel" / "src" / "vfs.rs" + + +def main() -> int: + ap = argparse.ArgumentParser() + ap.add_argument("--timeout", type=int, default=30) + _ = ap.parse_args() + ext2_text = EXT2.read_text(encoding="utf-8") + vfs_text = VFS.read_text(encoding="utf-8") + if "pub fn write_file" not in ext2_text: + print("gate/ext2_write: missing write_file", file=sys.stderr) + return 1 + if "smoke_ext2_write" not in ext2_text: + print("gate/ext2_write: missing smoke", file=sys.stderr) + return 1 + if "WRITABLE_FILES" not in ext2_text: + print("gate/ext2_write: missing allowlist", file=sys.stderr) + return 1 + if "ext2::write_file" not in vfs_text: + print("gate/ext2_write: vfs not wired", file=sys.stderr) + return 1 + print("gate/ext2_write: OK") + return 0 + + +if __name__ == "__main__": + raise SystemExit(main()) diff --git a/scripts/gate/fd_capacity.py b/scripts/gate/fd_capacity.py new file mode 100644 index 0000000..2b81407 --- /dev/null +++ b/scripts/gate/fd_capacity.py @@ -0,0 +1,37 @@ +#!/usr/bin/env python3 +"""Host check: per-process FD table capacity is 64.""" + +from __future__ import annotations + +import argparse +import re +import sys +from pathlib import Path + +REPO = Path(__file__).resolve().parents[2] +FD_TABLE = REPO / "kernel" / "src" / "fd_table.rs" +EXPECTED = 64 + + +def main() -> int: + ap = argparse.ArgumentParser() + ap.add_argument("--timeout", type=int, default=30) + _ = ap.parse_args() + text = FD_TABLE.read_text(encoding="utf-8") + match = re.search(r"pub const MAX_FDS: usize = (\d+);", text) + if not match: + print("gate/fd_capacity: MAX_FDS not found", file=sys.stderr) + return 1 + value = int(match.group(1)) + if value != EXPECTED: + print(f"gate/fd_capacity: expected MAX_FDS={EXPECTED}, got {value}", file=sys.stderr) + return 1 + if "smoke_fd_capacity" not in text: + print("gate/fd_capacity: missing capacity smoke", file=sys.stderr) + return 1 + print("gate/fd_capacity: OK") + return 0 + + +if __name__ == "__main__": + raise SystemExit(main()) diff --git a/scripts/gate/fix_readme_paths.py b/scripts/gate/fix_readme_paths.py index f3839ec..f7fbd1c 100644 --- a/scripts/gate/fix_readme_paths.py +++ b/scripts/gate/fix_readme_paths.py @@ -1,17 +1,24 @@ #!/usr/bin/env python3 import re +import sys from pathlib import Path +_SCRIPTS = Path(__file__).resolve().parents[1] +if str(_SCRIPTS) not in sys.path: + sys.path.insert(0, str(_SCRIPTS)) + +from gate.map import gate_cli # noqa: E402 + path = Path(__file__).resolve().parents[2] / "README.md" text = path.read_text(encoding="utf-8") pat = re.compile( - r"python scripts/phase(\d+)_[a-z0-9_]+(?:_check|_milestone_check)\.py(?:\s+--timeout\s+(\d+))?" + r"python scripts/scope(\d+)_[a-z0-9_]+(?:_check|_milestone_check)\.py(?:\s+--timeout\s+(\d+))?" ) def repl(m: re.Match[str]) -> str: - timeout = m.group(2) or "180" - return f"python scripts/gate/legacy.py --phase {m.group(1)} --timeout {timeout}" + timeout = int(m.group(2) or "180") + return gate_cli(int(m.group(1)), timeout) new, n = pat.subn(repl, text) diff --git a/scripts/gate/gen_boot.py b/scripts/gate/gen_boot.py index 8619efa..15e941b 100644 --- a/scripts/gate/gen_boot.py +++ b/scripts/gate/gen_boot.py @@ -1,5 +1,5 @@ #!/usr/bin/env python3 -"""Regenerate boot_gate.rs header from template; preserves exec_* bodies in place.""" +"""Regenerate boot_gate.rs header from template; preserves run_* smoke bodies in place.""" from __future__ import annotations @@ -7,11 +7,11 @@ ROOT = Path(__file__).resolve().parents[2] OUT = ROOT / "kernel" / "src" / "boot_gate.rs" -MARKER = "#[allow(unused_variables)]\nfn exec_phases_6_to_20()" +MARKER = "#[allow(unused_variables)]\nfn run_sched_userspace_smokes()" -HEADER = '''//! Unified boot-time validation gate (phases 6–150 consolidated). +HEADER = '''//! Unified boot-time validation gate (subsystem smokes consolidated). //! -//! Subsystem serial lines replace per-phase `PhaseN-*` boot markers. +//! Subsystem serial lines replace legacy numbered boot markers. pub const BOOT_GATE_VERSION: &str = "1.0.0"; @@ -24,66 +24,65 @@ } fn emit(name: &str, ok: bool) { - crate::serial_println!("AresOS-BootGate: name={} ok={}", name, ok_str(ok)); + crate::serial_println!("ClanOS-BootGate: name={} ok={}", name, ok_str(ok)); } -fn eval_shell_storage() -> bool { +pub fn smoke_shell_storage() -> bool { let storage_smoke_ok = match crate::storage::list_files() { Ok(files) => !files.is_empty(), Err(_) => false, }; let readme_smoke_ok = matches!(crate::storage::read_file("/README.txt"), Ok(Some(_))); - let run_smoke_ok = crate::task::userspace::run_program("echo", &["phase6-smoke"]).is_ok(); + let run_smoke_ok = crate::task::userspace::run_program("echo", &["shell-storage-smoke"]).is_ok(); crate::storage::is_mounted() && storage_smoke_ok && readme_smoke_ok && run_smoke_ok - && crate::storage::phase7_smoke_check() - && crate::storage::phase8_smoke_check() + && crate::storage::smoke_persistence() + && crate::storage::smoke_driver_backend() } -fn eval_loader_security() -> bool { - crate::task::program_loader::phase9_smoke_check() - && crate::security::phase10_smoke_check() - && crate::storage::phase10_smoke_check() - && crate::task::program_loader::phase11_smoke_check() - && crate::task::program_loader::phase12_smoke_check() - && crate::task::program_loader::phase13_smoke_check() +pub fn smoke_loader_security() -> bool { + crate::task::program_loader::smoke_program_discovery() + && crate::security::smoke_access_policy() + && crate::storage::smoke_cred_enforcement() + && crate::task::program_loader::smoke_elf_inventory() + && crate::task::program_loader::smoke_load_plan() + && crate::task::program_loader::smoke_mapping_stub() } -fn eval_memory_layout() -> bool { - crate::frame_ownership::phase14_smoke_check() - && crate::task::program_loader::phase15_smoke_check() - && crate::task::program_loader::phase16_smoke_check() +pub fn smoke_memory_layout() -> bool { + crate::frame_ownership::smoke_frame_registry() + && crate::task::program_loader::smoke_frame_backing() + && crate::task::program_loader::smoke_hw_page_tables() } -fn eval_userspace_bootstrap() -> bool { - crate::task::program_loader::phase17_smoke_check() - && crate::task::program_loader::phase18_smoke_check() - && crate::task::program_loader::phase19_smoke_check() - && crate::task::program_loader::phase20_smoke_check() +pub fn smoke_userspace_bootstrap() -> bool { + crate::task::program_loader::smoke_user_context() + && crate::task::program_loader::smoke_ring3_trampoline() + && crate::task::program_loader::smoke_user_syscall_probe() + && crate::task::program_loader::smoke_minimal_user_elf() } -/// Run phases 6–150 side effects and emit unified subsystem gate lines. +/// Run all boot subsystems and emit unified serial gate lines. pub fn run_boot_gate() { - let _ = exec_phases_6_to_20(); - let shell = eval_shell_storage(); + let shell = smoke_shell_storage(); emit("shell_storage", shell); - let loader = eval_loader_security(); + let loader = smoke_loader_security(); emit("loader_security", loader); - let memory = eval_memory_layout(); + let memory = smoke_memory_layout(); emit("memory_layout", memory); - let userspace = eval_userspace_bootstrap(); + let userspace = smoke_userspace_bootstrap(); emit("userspace_bootstrap", userspace); crate::serial_println!("Boot: hw userspace gates start"); let (hw_paging, sched, dynamic, fd_mmap, vm_fork) = x86_64::instructions::interrupts::without_interrupts(|| { - let hw = exec_phase21_to_30_smokes(); - let s = exec_phase31_to_40_smokes(); - let d = exec_phase41_to_50_smokes(); - let f = exec_phase51_to_60_smokes(); - let v = exec_phase61_to_70_smokes(); + let hw = run_hw_paging_smokes(); + let s = run_sched_userspace_smokes(); + let d = run_dynamic_runtime_smokes(); + let f = run_fd_mmap_smokes(); + let v = run_vm_fork_smokes(); (hw, s, d, f, v) }); emit("hw_paging", hw_paging); @@ -92,41 +91,41 @@ emit("fd_mmap", fd_mmap); emit("vm_fork", vm_fork); - let syscall_ring3 = exec_phase71_to_80_smokes(); + let syscall_ring3 = run_syscall_ring3_smokes(); emit("syscall_ring3", syscall_ring3); - let path_exec = exec_phase81_to_90_smokes(); + let path_exec = run_path_exec_smokes(); emit("path_exec", path_exec); - let smp_depth = exec_phase91_to_100_smokes(); + let smp_depth = run_smp_depth_smokes(); emit("smp_depth", smp_depth); - let constitutional = exec_phase101_to_110_smokes(); + let constitutional = run_constitutional_smokes(); emit("constitutional", constitutional); - let capabilities = exec_phase111_to_120_smokes(); + let capabilities = run_capabilities_smokes(); emit("capabilities", capabilities); - let service_loader = exec_phase121_smoke(); + let service_loader = run_service_loader_smoke(); emit("service_loader", service_loader); - let platform = exec_phase122_to_130_smokes(); + let platform = run_platform_broker_smokes(); emit("platform_brokers", platform); - let virtio = exec_phase201_virtio_smoke(); + let virtio = run_virtio_blk_smoke(); emit("virtio_blk", virtio); let _ = crate::storage::ensure_filesystem_on_active(); - let build = exec_phase131_to_140_smokes(); + let build = run_build_endpoint_smokes(); emit("build_endpoints", build); - let network = exec_epoch4_network_smokes(); + let network = run_network_compat_smokes(); emit("network_compat", network); - let scheduler = exec_epoch5_scheduler_smokes(); + let scheduler = run_scheduler_epoch_smokes(); emit("scheduler_epoch", scheduler); - let boundary = exec_milestone150(); + let boundary = run_boundary_smoke(); emit("boundary", boundary); let boot_ok = shell @@ -150,7 +149,7 @@ && network && scheduler && boundary; - crate::serial_println!("AresOS-BootGate: ok={}", ok_str(boot_ok)); + crate::serial_println!("ClanOS-BootGate: ok={}", ok_str(boot_ok)); } ''' diff --git a/scripts/gate/legacy.py b/scripts/gate/legacy.py index 3f43385..0e9dff5 100644 --- a/scripts/gate/legacy.py +++ b/scripts/gate/legacy.py @@ -1,5 +1,5 @@ #!/usr/bin/env python3 -"""Route a legacy phase number to the correct boot or system gate check.""" +"""Resolve a historical scope index to the correct boot/system gate QEMU check.""" from __future__ import annotations @@ -11,23 +11,67 @@ if str(_SCRIPTS) not in sys.path: sys.path.insert(0, str(_SCRIPTS)) -from gate.boot import main as boot_main -from gate.map import boot_gate_for_phase, system_gate_for_phase -from gate.system import main as system_main +from gate.map import ( + BOOT_GATES, + PREEMPTION_BOOT_GATES, + SYSTEM_GATES, + gate_cli, + gate_family, + gate_for_scope, +) +from gate.qemu import run_smoke + + +def run_gate(gate: str, timeout: int) -> int: + family = gate_family(gate) + gates = SYSTEM_GATES if family == "system" else BOOT_GATES + if gate not in gates: + print(f"gate/legacy: unknown gate {gate!r}", file=sys.stderr) + return 1 + features = None + if family == "boot" and gate in PREEMPTION_BOOT_GATES: + features = ["--features", "preemption"] + pattern = gates[gate] + label = f"gate/{family}:{gate}" + return run_smoke(pattern, label, timeout, features) def main(argv: list[str] | None = None) -> int: ap = argparse.ArgumentParser(description=__doc__) - ap.add_argument("--phase", type=int, required=True, help="Legacy phase or milestone number") + ap.add_argument("--gate", help="Boot or system subsystem gate name") + ap.add_argument( + "--scope", + type=int, + help="Historical scope checklist index (maps to --gate)", + ) + ap.add_argument( + "--milestone", + type=int, + help="Deprecated alias for --scope", + ) ap.add_argument("--timeout", type=int, default=360) args = ap.parse_args(argv) - phase = args.phase - if boot_gate_for_phase(phase) is not None: - return boot_main(["--phase", str(phase), "--timeout", str(args.timeout)]) - if system_gate_for_phase(phase) is not None: - return system_main(["--phase", str(phase), "--timeout", str(args.timeout)]) - print(f"gate/legacy: no gate mapping for phase {phase}", file=sys.stderr) - return 1 + + scope = args.scope if args.scope is not None else args.milestone + if args.gate: + return run_gate(args.gate, args.timeout) + if scope is None: + ap.error("specify --gate or --scope") + gate = gate_for_scope(scope) + if gate is None: + print( + f"gate/legacy: scope {scope} has no gate mapping; " + f"use: {gate_cli(scope, args.timeout)}", + file=sys.stderr, + ) + return 1 + if args.milestone is not None and args.scope is None: + print( + f"gate/legacy: --milestone is deprecated; " + f"use: {gate_cli(scope, args.timeout)}", + file=sys.stderr, + ) + return run_gate(gate, args.timeout) if __name__ == "__main__": diff --git a/scripts/gate/map.py b/scripts/gate/map.py index 64d5de4..08f31e1 100644 --- a/scripts/gate/map.py +++ b/scripts/gate/map.py @@ -1,73 +1,78 @@ -"""Gate name ↔ serial-line patterns and legacy phase routing.""" +"""Gate name ↔ serial-line patterns and scope-index → gate routing.""" from __future__ import annotations BOOT_GATES: dict[str, str] = { - "shell_storage": r"AresOS-BootGate: name=shell_storage ok=(true|false)", - "loader_security": r"AresOS-BootGate: name=loader_security ok=(true|false)", - "memory_layout": r"AresOS-BootGate: name=memory_layout ok=(true|false)", - "userspace_bootstrap": r"AresOS-BootGate: name=userspace_bootstrap ok=(true|false)", - "hw_paging": r"AresOS-BootGate: name=hw_paging ok=(true|false)", - "sched_userspace": r"AresOS-BootGate: name=sched_userspace ok=(true|false)", - "dynamic_runtime": r"AresOS-BootGate: name=dynamic_runtime ok=(true|false)", - "fd_mmap": r"AresOS-BootGate: name=fd_mmap ok=(true|false)", - "vm_fork": r"AresOS-BootGate: name=vm_fork ok=(true|false)", - "syscall_ring3": r"AresOS-BootGate: name=syscall_ring3 ok=(true|false)", - "path_exec": r"AresOS-BootGate: name=path_exec ok=(true|false)", - "smp_depth": r"AresOS-BootGate: name=smp_depth ok=(true|false)", - "constitutional": r"AresOS-BootGate: name=constitutional ok=(true|false)", - "capabilities": r"AresOS-BootGate: name=capabilities ok=(true|false)", - "service_loader": r"AresOS-BootGate: name=service_loader ok=(true|false)", - "platform_brokers": r"AresOS-BootGate: name=platform_brokers ok=(true|false)", - "build_endpoints": r"AresOS-BootGate: name=build_endpoints ok=(true|false)", - "virtio_blk": r"AresOS-BootGate: name=virtio_blk ok=(true|false)", - "network_compat": r"AresOS-BootGate: name=network_compat ok=(true|false)", - "scheduler_epoch": r"AresOS-BootGate: name=scheduler_epoch ok=(true|false)", - "boundary": r"AresOS-BootGate: name=boundary ok=(true|false)", - "boot": r"AresOS-BootGate: ok=(true|false)", + "shell_storage": r"ClanOS-BootGate: name=shell_storage ok=(true|false)", + "loader_security": r"ClanOS-BootGate: name=loader_security ok=(true|false)", + "memory_layout": r"ClanOS-BootGate: name=memory_layout ok=(true|false)", + "userspace_bootstrap": r"ClanOS-BootGate: name=userspace_bootstrap ok=(true|false)", + "hw_paging": r"ClanOS-BootGate: name=hw_paging ok=(true|false)", + "sched_userspace": r"ClanOS-BootGate: name=sched_userspace ok=(true|false)", + "dynamic_runtime": r"ClanOS-BootGate: name=dynamic_runtime ok=(true|false)", + "fd_mmap": r"ClanOS-BootGate: name=fd_mmap ok=(true|false)", + "vm_fork": r"ClanOS-BootGate: name=vm_fork ok=(true|false)", + "syscall_ring3": r"ClanOS-BootGate: name=syscall_ring3 ok=(true|false)", + "path_exec": r"ClanOS-BootGate: name=path_exec ok=(true|false)", + "smp_depth": r"ClanOS-BootGate: name=smp_depth ok=(true|false)", + "constitutional": r"ClanOS-BootGate: name=constitutional ok=(true|false)", + "capabilities": r"ClanOS-BootGate: name=capabilities ok=(true|false)", + "service_loader": r"ClanOS-BootGate: name=service_loader ok=(true|false)", + "platform_brokers": r"ClanOS-BootGate: name=platform_brokers ok=(true|false)", + "build_endpoints": r"ClanOS-BootGate: name=build_endpoints ok=(true|false)", + "virtio_blk": r"ClanOS-BootGate: name=virtio_blk ok=(true|false)", + "network_compat": r"ClanOS-BootGate: name=network_compat ok=(true|false)", + "scheduler_epoch": r"ClanOS-BootGate: name=scheduler_epoch ok=(true|false)", + "boundary": r"ClanOS-BootGate: name=boundary ok=(true|false)", + "boot": r"ClanOS-BootGate: ok=(true|false)", } SYSTEM_GATES: dict[str, str] = { - "integrity": r"AresOS-Gate: name=integrity ok=(true|false)", - "scheduling": r"AresOS-Gate: name=scheduling ok=(true|false)", - "hardware": r"AresOS-Gate: name=hardware ok=(true|false)", - "federation": r"AresOS-Gate: name=federation ok=(true|false)", - "release": r"AresOS-Gate: name=release ok=(true|false)", - "desktop_preview": r"AresOS-Gate: name=desktop_preview ok=(true|false)", - "desktop": r"AresOS-Gate: name=desktop ok=(true|false)", - "functional": r"AresOS-Gate: name=functional ok=(true|false)", - "ci": r"AresOS-Gate: name=ci ok=(true|false)", - "production": r"AresOS-Gate: name=production ok=(true|false)", - "network": r"AresOS-Gate: name=network ok=(true|false)", - "system": r"AresOS-SystemGate: ok=(true|false)", + "integrity": r"ClanOS-Gate: name=integrity ok=(true|false)", + "scheduling": r"ClanOS-Gate: name=scheduling ok=(true|false)", + "hardware": r"ClanOS-Gate: name=hardware ok=(true|false)", + "federation": r"ClanOS-Gate: name=federation ok=(true|false)", + "release": r"ClanOS-Gate: name=release ok=(true|false)", + "desktop_preview": r"ClanOS-Gate: name=desktop_preview ok=(true|false)", + "desktop": r"ClanOS-Gate: name=desktop ok=(true|false)", + "compat_runtime": r"ClanOS-Gate: name=compat_runtime ok=(true|false)", + "compat_fd_vm": r"ClanOS-Gate: name=compat_fd_vm ok=(true|false)", + "compat_signal": r"ClanOS-Gate: name=compat_signal ok=(true|false)", + "storage_depth": r"ClanOS-Gate: name=storage_depth ok=(true|false)", + "posix_compat": r"ClanOS-Gate: name=posix_compat ok=(true|false)", + "functional": r"ClanOS-Gate: name=functional ok=(true|false)", + "ci": r"ClanOS-Gate: name=ci ok=(true|false)", + "production": r"ClanOS-Gate: name=production ok=(true|false)", + "network": r"ClanOS-Gate: name=network ok=(true|false)", + "system": r"ClanOS-SystemGate: ok=(true|false)", } -BOOT_PHASE: dict[int, str] = {} +SCOPE_BOOT_GATE: dict[int, str] = {} for n in range(6, 9): - BOOT_PHASE[n] = "shell_storage" + SCOPE_BOOT_GATE[n] = "shell_storage" for n in range(9, 14): - BOOT_PHASE[n] = "loader_security" + SCOPE_BOOT_GATE[n] = "loader_security" for n in range(14, 17): - BOOT_PHASE[n] = "memory_layout" + SCOPE_BOOT_GATE[n] = "memory_layout" for n in range(17, 21): - BOOT_PHASE[n] = "userspace_bootstrap" + SCOPE_BOOT_GATE[n] = "userspace_bootstrap" for n in range(21, 31): - BOOT_PHASE[n] = "hw_paging" + SCOPE_BOOT_GATE[n] = "hw_paging" for n in range(31, 41): - BOOT_PHASE[n] = "sched_userspace" + SCOPE_BOOT_GATE[n] = "sched_userspace" for n in range(41, 51): - BOOT_PHASE[n] = "dynamic_runtime" + SCOPE_BOOT_GATE[n] = "dynamic_runtime" for n in range(51, 61): - BOOT_PHASE[n] = "fd_mmap" + SCOPE_BOOT_GATE[n] = "fd_mmap" for n in range(61, 71): - BOOT_PHASE[n] = "vm_fork" + SCOPE_BOOT_GATE[n] = "vm_fork" for n in range(71, 81): - BOOT_PHASE[n] = "syscall_ring3" + SCOPE_BOOT_GATE[n] = "syscall_ring3" for n in range(81, 91): - BOOT_PHASE[n] = "path_exec" + SCOPE_BOOT_GATE[n] = "path_exec" for n in range(91, 101): - BOOT_PHASE[n] = "smp_depth" -BOOT_PHASE.update( + SCOPE_BOOT_GATE[n] = "smp_depth" +SCOPE_BOOT_GATE.update( { 110: "constitutional", 120: "capabilities", @@ -82,7 +87,7 @@ } ) -SYSTEM_PHASE: dict[int, str] = { +SCOPE_SYSTEM_GATE: dict[int, str] = { 175: "integrity", 200: "scheduling", 250: "hardware", @@ -97,10 +102,37 @@ 500: "system", } +PREEMPTION_BOOT_GATES = frozenset({"boot", "boundary", "shell_storage"}) -def boot_gate_for_phase(phase: int) -> str | None: - return BOOT_PHASE.get(phase) +# Deprecated aliases (pre-consolidation scripts). +LEGACY_MILESTONE_BOOT = SCOPE_BOOT_GATE +LEGACY_MILESTONE_SYSTEM = SCOPE_SYSTEM_GATE -def system_gate_for_phase(phase: int) -> str | None: - return SYSTEM_PHASE.get(phase) +def gate_for_scope(scope: int) -> str | None: + if scope in SCOPE_SYSTEM_GATE: + return SCOPE_SYSTEM_GATE[scope] + return SCOPE_BOOT_GATE.get(scope) + + +def gate_family(gate: str) -> str: + if gate in SYSTEM_GATES: + return "system" + return "boot" + + +def gate_cli(scope: int, timeout: int = 180) -> str: + gate = gate_for_scope(scope) + if gate is None: + return f"python scripts/gate/boot.py --gate boot --timeout {timeout}" + if gate_family(gate) == "system": + return f"python scripts/gate/system.py --gate {gate} --timeout {timeout}" + return f"python scripts/gate/boot.py --gate {gate} --timeout {timeout}" + + +def boot_gate_for_legacy_milestone(milestone: int) -> str | None: + return SCOPE_BOOT_GATE.get(milestone) + + +def system_gate_for_legacy_milestone(milestone: int) -> str | None: + return SCOPE_SYSTEM_GATE.get(milestone) diff --git a/scripts/gate/mmap_vfs.py b/scripts/gate/mmap_vfs.py new file mode 100644 index 0000000..5499bb9 --- /dev/null +++ b/scripts/gate/mmap_vfs.py @@ -0,0 +1,43 @@ +#!/usr/bin/env python3 +"""Host check: mmap uses VFS read path (not hardcoded /bin/hello only).""" + +from __future__ import annotations + +import argparse +import sys +from pathlib import Path + +REPO = Path(__file__).resolve().parents[2] +MMAP = REPO / "kernel" / "src" / "mmap.rs" +DEMAND = REPO / "kernel" / "src" / "demand_paging.rs" +VFS = REPO / "kernel" / "src" / "vfs.rs" + + +def main() -> int: + ap = argparse.ArgumentParser() + ap.add_argument("--timeout", type=int, default=30) + _ = ap.parse_args() + mmap_text = MMAP.read_text(encoding="utf-8") + demand_text = DEMAND.read_text(encoding="utf-8") + vfs_text = VFS.read_text(encoding="utf-8") + if "read_bytes_for" not in mmap_text: + print("gate/mmap_vfs: mmap missing vfs read", file=sys.stderr) + return 1 + if "file_mapping_at" not in demand_text: + print("gate/mmap_vfs: demand paging missing vma lookup", file=sys.stderr) + return 1 + if "FILE_BACKED_PATH" in demand_text: + print("gate/mmap_vfs: legacy global file path still present", file=sys.stderr) + return 1 + if "smoke_mmap_vfs" not in mmap_text: + print("gate/mmap_vfs: missing smoke", file=sys.stderr) + return 1 + if "read_bytes_for" not in vfs_text: + print("gate/mmap_vfs: vfs missing read_bytes_for", file=sys.stderr) + return 1 + print("gate/mmap_vfs: OK") + return 0 + + +if __name__ == "__main__": + raise SystemExit(main()) diff --git a/scripts/gate/posix_server.py b/scripts/gate/posix_server.py new file mode 100644 index 0000000..9bb94e9 --- /dev/null +++ b/scripts/gate/posix_server.py @@ -0,0 +1,44 @@ +#!/usr/bin/env python3 +"""Host check: POSIX compat server skeleton (native service + IPC endpoint).""" + +from __future__ import annotations + +import argparse +import sys +from pathlib import Path + +REPO = Path(__file__).resolve().parents[2] +POSIX = REPO / "kernel" / "src" / "posix_server.rs" +LIB = REPO / "kernel" / "src" / "lib.rs" +GATE = REPO / "kernel" / "src" / "system_gate.rs" + + +def main() -> int: + ap = argparse.ArgumentParser() + ap.add_argument("--timeout", type=int, default=30) + _ = ap.parse_args() + posix_text = POSIX.read_text(encoding="utf-8") + for needle in ( + "posix.compat.v1", + "ensure_posix_server", + "invoke_compat", + "OP_GETPID", + "OP_OPEN", + "smoke_posix_server", + "load_service_with_stubs", + ): + if needle not in posix_text: + print(f"gate/posix_server: missing {needle}", file=sys.stderr) + return 1 + if "pub mod posix_server;" not in LIB.read_text(encoding="utf-8"): + print("gate/posix_server: module not in lib.rs", file=sys.stderr) + return 1 + if "posix_server" not in GATE.read_text(encoding="utf-8"): + print("gate/posix_server: not wired in system_gate", file=sys.stderr) + return 1 + print("gate/posix_server: OK") + return 0 + + +if __name__ == "__main__": + raise SystemExit(main()) diff --git a/scripts/gate/prune_legacy_checks.py b/scripts/gate/prune_legacy_checks.py index 32a92ae..a9c2b2a 100644 --- a/scripts/gate/prune_legacy_checks.py +++ b/scripts/gate/prune_legacy_checks.py @@ -1,5 +1,5 @@ #!/usr/bin/env python3 -"""Remove redundant legacy phase check wrapper scripts.""" +"""Remove redundant legacy scope check wrapper scripts.""" from __future__ import annotations @@ -7,21 +7,17 @@ SCRIPTS = Path(__file__).resolve().parents[1] KEEP = { - "phase5_soak_check.py", - "phase5_latency_check.py", - "phase401_ares_rt_check.py", - "phase_checklist_spot_check.py", - "phase_smoke_host_check.py", # removed separately if exists + "scope_checklist_spot_check.py", } removed = 0 -for path in sorted(SCRIPTS.glob("phase*.py")): +for path in sorted(SCRIPTS.glob("scope*.py")): name = path.name if name in KEEP: continue if name.endswith("_check.py") or name.endswith("_milestone_check.py"): text = path.read_text(encoding="utf-8", errors="replace") - if "Legacy phase" in text or "delegates to unified" in text or "delegates to" in text: + if "Legacy scope" in text or "delegates to unified" in text or "delegates to" in text: path.unlink() removed += 1 continue @@ -31,11 +27,11 @@ for obsolete in ( "post150_milestone_check.py", - "phase_smoke_host_check.py", - "complete_phase.py", + "scope_smoke_host_check.py", + "complete_scope.py", "boot_gate_redirect.py", "patch_remaining_docs.py", - "phase5_telemetry.py", + "preemption_telemetry.py", ): p = SCRIPTS / obsolete if p.exists(): diff --git a/scripts/gate/qemu.py b/scripts/gate/qemu.py index 0d9b4bd..6eaa05d 100644 --- a/scripts/gate/qemu.py +++ b/scripts/gate/qemu.py @@ -12,16 +12,28 @@ from pathlib import Path REPO = Path(__file__).resolve().parents[2] +_SCRIPTS = Path(__file__).resolve().parents[1] +if str(_SCRIPTS) not in sys.path: + sys.path.insert(0, str(_SCRIPTS)) + +from smoke_qemu import ( + OBJCOPY_RETRY_SLEEP_S, + ensure_qemu_on_path, + is_bootimage_build_error, + is_objcopy_lock_error, + wait_for_bootimage_unlock, +) def cleanup() -> None: - if os.name == "nt": - subprocess.run( - ["taskkill", "/IM", "qemu-system-x86_64.exe", "/F"], - stdout=subprocess.DEVNULL, - stderr=subprocess.DEVNULL, - check=False, - ) + wait_for_bootimage_unlock() + + +def _emit(line: str) -> None: + sys.stdout.write(line) + if not line.endswith("\n"): + sys.stdout.write("\n") + sys.stdout.flush() def run_smoke( @@ -32,12 +44,20 @@ def run_smoke( match_ok: Callable[[re.Match[str]], bool] | None = None, attempts: int = 3, ) -> int: - phase_re = re.compile(pattern) + gate_re = re.compile(pattern) last_tail: list[str] = [] + last_output = "" + for attempt in range(1, attempts + 1): - cleanup() if attempt > 1: - time.sleep(3.0) + _emit( + f"{label}: retry {attempt}/{attempts} " + f"(waiting {OBJCOPY_RETRY_SLEEP_S}s for bootimage lock)..." + ) + time.sleep(OBJCOPY_RETRY_SLEEP_S) + cleanup() + ensure_qemu_on_path() + cmd = ["cargo", "run", "-p", "kernel"] if features: cmd.extend(features) @@ -46,25 +66,33 @@ def run_smoke( stdout=subprocess.PIPE, stderr=subprocess.STDOUT, text=True, + bufsize=1, cwd=REPO, ) matched = threading.Event() + failed = threading.Event() tail: list[str] = [] + output_chunks: list[str] = [] def reader() -> None: assert p.stdout is not None for line in p.stdout: + output_chunks.append(line) tail.append(line) if len(tail) > 200: tail.pop(0) - m = phase_re.search(line) + _emit(line.rstrip("\n")) + m = gate_re.search(line) if m: ok = match_ok(m) if match_ok else m.group(1) == "true" if ok: matched.set() - break + else: + failed.set() + break try: - p.kill() + if p.poll() is None: + p.kill() except OSError: pass @@ -75,10 +103,17 @@ def reader() -> None: if matched.wait(timeout=0.25): cleanup() thread.join(timeout=5) - print(f"{label}: OK") + _emit(f"{label}: OK") return 0 + if failed.wait(timeout=0.0): + cleanup() + thread.join(timeout=5) + print(f"{label}: gate reported ok=false", file=sys.stderr) + print("".join(tail[-40:]), file=sys.stderr) + return 1 if p.poll() is not None: break + cleanup() thread.join(timeout=5) if p.poll() is None: @@ -86,7 +121,20 @@ def reader() -> None: p.kill() except OSError: pass + thread.join(timeout=2) + last_tail = tail[-80:] - print(f"{label}: timeout", file=sys.stderr) + last_output = "".join(output_chunks) + if is_objcopy_lock_error(last_output) or is_bootimage_build_error(last_output): + if attempt < attempts: + continue + print(f"{label}: bootimage build failed (file lock)", file=sys.stderr) + print(last_output[-2000:], file=sys.stderr) + return 1 + + if attempt < attempts and not matched.is_set() and not failed.is_set(): + continue + + print(f"{label}: timeout after {timeout}s", file=sys.stderr) print("".join(last_tail), file=sys.stderr) return 1 diff --git a/scripts/gate/ring3_sig_delivery.py b/scripts/gate/ring3_sig_delivery.py new file mode 100644 index 0000000..db8392d --- /dev/null +++ b/scripts/gate/ring3_sig_delivery.py @@ -0,0 +1,64 @@ +#!/usr/bin/env python3 +"""Host check: sig-demo ring-3 ELF builds and wires signal syscalls.""" + +from __future__ import annotations + +import argparse +import subprocess +import sys +from pathlib import Path + +REPO = Path(__file__).resolve().parents[2] +ELF = REPO / "target" / "x86_64-unknown-none" / "release" / "sig-demo" +MAX_IMAGE_SIZE = 32768 + + +def main() -> int: + ap = argparse.ArgumentParser() + ap.add_argument("--timeout", type=int, default=180) + args = ap.parse_args() + r = subprocess.run( + [ + "cargo", + "build", + "-p", + "sig-demo", + "--release", + "--target", + "x86_64-unknown-none", + ], + cwd=REPO, + capture_output=True, + text=True, + timeout=args.timeout, + ) + if r.returncode != 0: + print(r.stdout + r.stderr, file=sys.stderr) + print("gate/ring3_sig_delivery: FAIL (build)", file=sys.stderr) + return 1 + if not ELF.is_file(): + print(f"gate/ring3_sig_delivery: missing ELF at {ELF}", file=sys.stderr) + return 1 + if ELF.stat().st_size > MAX_IMAGE_SIZE: + print("gate/ring3_sig_delivery: ELF exceeds MAX_IMAGE_SIZE", file=sys.stderr) + return 1 + main_rs = REPO / "userland" / "sig-demo" / "src" / "main.rs" + text = main_rs.read_text(encoding="utf-8") + for needle in ("sys_sigaction", "sys_kill", "sys_sigreturn", "sigusr1_handler"): + if needle not in text: + print(f"gate/ring3_sig_delivery: missing {needle}", file=sys.stderr) + return 1 + ring3 = REPO / "userland" / "src" / "ring3_syscall.rs" + if "sys_sigreturn" not in ring3.read_text(encoding="utf-8"): + print("gate/ring3_sig_delivery: missing sys_sigreturn stub", file=sys.stderr) + return 1 + loader = REPO / "kernel" / "src" / "task" / "program_loader.rs" + if "ring3_sig_delivery_smoke" not in loader.read_text(encoding="utf-8"): + print("gate/ring3_sig_delivery: smoke not wired", file=sys.stderr) + return 1 + print("gate/ring3_sig_delivery: OK") + return 0 + + +if __name__ == "__main__": + raise SystemExit(main()) diff --git a/scripts/gate/signal_delivery.py b/scripts/gate/signal_delivery.py new file mode 100644 index 0000000..ad4f624 --- /dev/null +++ b/scripts/gate/signal_delivery.py @@ -0,0 +1,51 @@ +#!/usr/bin/env python3 +"""Host check: signal user-frame delivery + SigReturn syscall.""" + +from __future__ import annotations + +import argparse +import re +import sys +from pathlib import Path + +REPO = Path(__file__).resolve().parents[2] +SIGNAL = REPO / "kernel" / "src" / "signal.rs" +SYSCALL = REPO / "kernel" / "src" / "syscall.rs" +HW = REPO / "kernel" / "src" / "user_syscall_hw.rs" +KO = REPO / "kernel" / "src" / "kernel_object.rs" + + +def main() -> int: + ap = argparse.ArgumentParser() + ap.add_argument("--timeout", type=int, default=30) + _ = ap.parse_args() + signal_text = SIGNAL.read_text(encoding="utf-8") + syscall_text = SYSCALL.read_text(encoding="utf-8") + hw_text = HW.read_text(encoding="utf-8") + for needle in ( + "try_deliver_on_syscall_return", + "take_sigreturn_restoration", + "sigreturn_syscall", + "smoke_signal_delivery", + ): + if needle not in signal_text: + print(f"gate/signal_delivery: missing {needle}", file=sys.stderr) + return 1 + if "SigReturn = 86" not in syscall_text: + print("gate/signal_delivery: missing SigReturn syscall id", file=sys.stderr) + return 1 + if "SyscallId::SigReturn" not in hw_text: + print("gate/signal_delivery: SigReturn not allowlisted", file=sys.stderr) + return 1 + if "try_deliver_on_syscall_return" not in hw_text: + print("gate/signal_delivery: hw trampoline not wired", file=sys.stderr) + return 1 + if not re.search(r"max_id <= 86", KO.read_text(encoding="utf-8")): + print("gate/signal_delivery: allowlist bound stale", file=sys.stderr) + return 1 + print("gate/signal_delivery: OK") + return 0 + + +if __name__ == "__main__": + raise SystemExit(main()) diff --git a/scripts/gate/signal_skeleton.py b/scripts/gate/signal_skeleton.py new file mode 100644 index 0000000..41d1813 --- /dev/null +++ b/scripts/gate/signal_skeleton.py @@ -0,0 +1,43 @@ +#!/usr/bin/env python3 +"""Host check: compat signal skeleton syscalls.""" + +from __future__ import annotations + +import argparse +import re +import sys +from pathlib import Path + +REPO = Path(__file__).resolve().parents[2] +SIGNAL = REPO / "kernel" / "src" / "signal.rs" +SYSCALL = REPO / "kernel" / "src" / "syscall.rs" +HW = REPO / "kernel" / "src" / "user_syscall_hw.rs" + + +def main() -> int: + ap = argparse.ArgumentParser() + ap.add_argument("--timeout", type=int, default=30) + _ = ap.parse_args() + signal_text = SIGNAL.read_text(encoding="utf-8") + syscall_text = SYSCALL.read_text(encoding="utf-8") + hw_text = HW.read_text(encoding="utf-8") + for needle in ("kill_checked", "sigaction_lite", "smoke_signal_register"): + if needle not in signal_text: + print(f"gate/signal_skeleton: missing {needle}", file=sys.stderr) + return 1 + for name in ("Kill = 83", "SigActionLite = 84", "SigPending = 85"): + if name not in syscall_text: + print(f"gate/signal_skeleton: missing {name}", file=sys.stderr) + return 1 + if "SyscallId::Kill" not in hw_text: + print("gate/signal_skeleton: Kill not allowlisted", file=sys.stderr) + return 1 + if not re.search(r"max_id <= 86", Path(REPO / "kernel/src/kernel_object.rs").read_text()): + print("gate/signal_skeleton: allowlist bound stale", file=sys.stderr) + return 1 + print("gate/signal_skeleton: OK") + return 0 + + +if __name__ == "__main__": + raise SystemExit(main()) diff --git a/scripts/gate/system.py b/scripts/gate/system.py index a493d94..91b40e4 100644 --- a/scripts/gate/system.py +++ b/scripts/gate/system.py @@ -1,5 +1,5 @@ #!/usr/bin/env python3 -"""QEMU smoke gate for system validation (epochs 7–20 / M500).""" +"""QEMU smoke gate for system validation (M500 subsystem gates).""" from __future__ import annotations @@ -11,7 +11,7 @@ if str(_SCRIPTS) not in sys.path: sys.path.insert(0, str(_SCRIPTS)) -from gate.map import SYSTEM_GATES, system_gate_for_phase +from gate.map import SYSTEM_GATES from gate.qemu import run_smoke @@ -22,18 +22,9 @@ def main(argv: list[str] | None = None) -> int: choices=sorted(SYSTEM_GATES.keys()), help="System subsystem gate", ) - ap.add_argument("--phase", type=int, help="Legacy milestone phase (maps to system gate)") ap.add_argument("--timeout", type=int, default=360) args = ap.parse_args(argv) - gate = args.gate - if args.phase is not None: - mapped = system_gate_for_phase(args.phase) - if mapped is None: - print(f"gate/system: no system gate mapping for phase {args.phase}", file=sys.stderr) - return 1 - gate = mapped - if gate is None: - gate = "system" + gate = args.gate or "system" pattern = SYSTEM_GATES[gate] label = f"gate/system:{gate}" return run_smoke(pattern, label, args.timeout) diff --git a/scripts/gate/system_host.py b/scripts/gate/system_host.py index df2331b..f947b57 100644 --- a/scripts/gate/system_host.py +++ b/scripts/gate/system_host.py @@ -18,6 +18,11 @@ "release_gate", "desktop_gate", "functional_gate", + "smoke_compat_runtime", + "smoke_compat_fd_vm", + "smoke_compat_signal", + "smoke_storage_depth", + "smoke_posix_compat", "system_gate", ] diff --git a/scripts/gate/virtio_net_txrx.py b/scripts/gate/virtio_net_txrx.py new file mode 100644 index 0000000..ecbc5b3 --- /dev/null +++ b/scripts/gate/virtio_net_txrx.py @@ -0,0 +1,36 @@ +#!/usr/bin/env python3 +"""Host check: virtio-net TX/RX virtqueue simulation API.""" + +from __future__ import annotations + +import argparse +import sys +from pathlib import Path + +REPO = Path(__file__).resolve().parents[2] +NET = REPO / "kernel" / "src" / "virtio_net.rs" +STACK = REPO / "kernel" / "src" / "network_stack.rs" + + +def main() -> int: + ap = argparse.ArgumentParser() + ap.add_argument("--timeout", type=int, default=30) + _ = ap.parse_args() + net_text = NET.read_text(encoding="utf-8") + stack_text = STACK.read_text(encoding="utf-8") + for needle in ("submit_tx", "poll_rx", "smoke_virtio_net_txrx", "VIRTIO_NET_Q_TX"): + if needle not in net_text: + print(f"gate/virtio_net_txrx: missing {needle}", file=sys.stderr) + return 1 + if "submit_tx" not in stack_text: + print("gate/virtio_net_txrx: network_stack not wired", file=sys.stderr) + return 1 + if "send_loopback" not in net_text: + print("gate/virtio_net_txrx: missing loopback compat", file=sys.stderr) + return 1 + print("gate/virtio_net_txrx: OK") + return 0 + + +if __name__ == "__main__": + raise SystemExit(main()) diff --git a/scripts/gen_phase_checklists_101_150.py b/scripts/gen_scope_checklists_101_150.py similarity index 89% rename from scripts/gen_phase_checklists_101_150.py rename to scripts/gen_scope_checklists_101_150.py index 7c01e83..a13089b 100644 --- a/scripts/gen_phase_checklists_101_150.py +++ b/scripts/gen_scope_checklists_101_150.py @@ -1,10 +1,10 @@ #!/usr/bin/env python3 -"""Generate phase-101..150 checklist stubs (one-time doc pass).""" +"""Generate scope-101..150 checklist stubs (one-time doc pass).""" from pathlib import Path -PHASES = [ - (101, "Compat Syscall ABI Freeze", "governance", "compat", "ABI_SYSCALL.md ares-abi-v1"), +SCOPES = [ + (101, "Compat Syscall ABI Freeze", "governance", "compat", "ABI_SYSCALL.md clan-abi-v1"), (102, "Memory Contract Freeze", "kernel", "compat", "ABI_MEMORY.md"), (103, "IPC Endpoint Guarantees", "kernel", "native", "ABI_IPC.md G3 E-*"), (104, "Async OS Contract", "kernel", "native", "ABI_ASYNC.md"), @@ -26,7 +26,7 @@ (120, "Integration Cap Compat", "kernel", "governance", "milestone 120"), (121, "Service Loader Contract", "platform", "native", "service-centric"), (122, "Storage Broker", "platform", "native", "IPC FS"), - (123, "Permission Broker", "platform", "native", "ares-native-v1"), + (123, "Permission Broker", "platform", "native", "clan-native-v1"), (124, "Device Broker Skeleton", "platform", "native", "distrustful device"), (125, "Network Broker Stub", "platform", "native", ""), (126, "Clipboard Broker Stub", "platform", "native", ""), @@ -72,7 +72,7 @@ def extra_gates(n: int) -> str: - [ ] Law ↔ spec case matrix for R-/E-/T- ([SEMANTIC_SPECS.md](SEMANTIC_SPECS.md)) """ if n == 106: - return "\n## Gate G1\n\nNo new handle semantics after phase 115.\n" + return "\n## Gate G1\n\nNo new handle semantics after scope 115.\n" if n in (107, 112, 113): return "\n## Gate G2\n\n[RIGHTS_ALGEBRA.md](RIGHTS_ALGEBRA.md) required before cap implementation.\n" if n in (103, 134): @@ -87,11 +87,11 @@ def extra_gates(n: int) -> str: def main() -> None: - for n, title, layer, tag, deliv in PHASES: + for n, title, layer, tag, deliv in SCOPES: impl = "documentation" if n <= 110 else "future implementation" - path = ROOT / f"phase-{n}-checklist.md" + path = ROOT / f"scope-{n}-checklist.md" path.write_text( - f"""# Phase {n} Checklist: {title} + f"""# Scope {n} Checklist: {title} ## Layer {layer} @@ -110,8 +110,8 @@ def main() -> None: {extra_gates(n)} ## Validation -- [ ] Phases 101–110: documentation review (no kernel change required) -- [ ] Phases 111+: `cargo check -p kernel` + smoke script TBD +- [ ] Scopes 101–110: documentation review (no kernel change required) +- [ ] Scopes 111+: `cargo check -p kernel` + gate check via [VALIDATION_GATES.md](VALIDATION_GATES.md) ## Deferred @@ -119,7 +119,7 @@ def main() -> None: """, encoding="utf-8", ) - print(f"wrote {len(PHASES)} checklists to {ROOT}") + print(f"wrote {len(SCOPES)} checklists to {ROOT}") if __name__ == "__main__": diff --git a/scripts/gen_phase_checklists_151_350.py b/scripts/gen_scope_checklists_151_350.py similarity index 85% rename from scripts/gen_phase_checklists_151_350.py rename to scripts/gen_scope_checklists_151_350.py index 4bbeb66..a9f9e45 100644 --- a/scripts/gen_phase_checklists_151_350.py +++ b/scripts/gen_scope_checklists_151_350.py @@ -1,15 +1,15 @@ #!/usr/bin/env python3 -"""Generate phase-151..350 checklist stubs.""" +"""Generate scope-151..350 checklist stubs.""" from pathlib import Path ROOT = Path(__file__).resolve().parents[1] / "docs" -# Explicit titles for integration / milestone phases +# Explicit titles for integration / milestone scopes EXPLICIT: dict[int, tuple[str, str, str, str]] = { 151: ("Loom ENDPOINT_QUEUES Harness", "kernel", "native", "loom_harness_registry ENDPOINT_QUEUES"), 155: ("S-01 Executable Spec Case", "kernel", "native", "SCHEDULING_UNIFIED S-01"), - 160: ("Epoch 7 OOM Integration", "kernel", "governance", "phase147 OOM enforcement"), + 160: ("Epoch 7 OOM Integration", "kernel", "governance", "scope147 OOM enforcement"), 165: ("Epoch 7 Audit Build Gate", "governance", "governance", "audit tamper + dual-build"), 170: ("Epoch 7 Evidence Gate", "governance", "governance", "Kani mandatory CI"), 175: ("Epoch 7 Signoff", "governance", "governance", "system gate integrity"), @@ -36,18 +36,18 @@ def title_for(n: int) -> tuple[str, str, str, str]: return EXPLICIT[n] for lo, hi, band, layer in BANDS: if lo <= n <= hi: - return (f"{band} phase {n}", layer, "native", f"ROADMAP_151_350 band {lo}-{hi}") - return (f"Post-150 phase {n}", "kernel", "native", "ROADMAP_151_350") + return (f"{band} scope {n}", layer, "native", f"ROADMAP_151_350 band {lo}-{hi}") + return (f"Post-150 scope {n}", "kernel", "native", "ROADMAP_151_350") def main() -> None: for n in range(151, 351): title, layer, tag, deliv = title_for(n) - path = ROOT / f"phase-{n}-checklist.md" + path = ROOT / f"scope-{n}-checklist.md" path.write_text( f"""> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). -# Phase {n} Checklist: {title} +# Scope {n} Checklist: {title} ## Layer {layer} diff --git a/scripts/import_gap_registry.py b/scripts/import_gap_registry.py index 48238c3..08ffa6e 100644 --- a/scripts/import_gap_registry.py +++ b/scripts/import_gap_registry.py @@ -53,7 +53,7 @@ def parse_gaps(plan_text: str) -> list[dict]: def emit_toml(gaps: list[dict], source: str) -> str: lines = [ - "# AresOS gap registry — canonical lifecycle tracking", + "# Clan OS gap registry — canonical lifecycle tracking", "# Generated by scripts/import_gap_registry.py — review before scope-freeze", f'# source = "{source}"', "", @@ -99,7 +99,7 @@ def main() -> int: default=Path(__file__).resolve().parents[2] / ".cursor" / "plans" - / "aresos_full_os_build_b960e4a0.plan.md", + / "clanos_full_os_build_b960e4a0.plan.md", help="Path to living plan markdown", ) parser.add_argument( @@ -112,7 +112,7 @@ def main() -> int: if not args.plan.exists(): # Fallback: workspace-relative cursor plans path - alt = Path.home() / ".cursor" / "plans" / "aresos_full_os_build_b960e4a0.plan.md" + alt = Path.home() / ".cursor" / "plans" / "clanos_full_os_build_b960e4a0.plan.md" if alt.exists(): args.plan = alt else: diff --git a/scripts/install_userland.py b/scripts/install_userland.py index 7437200..faa2364 100644 --- a/scripts/install_userland.py +++ b/scripts/install_userland.py @@ -1,5 +1,5 @@ #!/usr/bin/env python3 -"""Build ares-rt demo and stage for QEMU FS install hook (epoch 2).""" +"""Build Clan OS runtime demo and Mendo; stage for QEMU FS install hook.""" from __future__ import annotations @@ -31,7 +31,7 @@ def main() -> int: "cargo", "build", "-p", - "ares-rt", + "clan-rt", "--bin", "demo-hello", "--target", @@ -39,11 +39,30 @@ def main() -> int: ], cwd=REPO, ) + subprocess.check_call( + [ + "cargo", + "build", + "-p", + "mendo", + "--release", + "--target", + "x86_64-unknown-none", + ], + cwd=REPO, + ) OUT.mkdir(parents=True, exist_ok=True) DEMO.write_text( - "ares-rt staged artifact — replace with ring3 ELF install in later epoch\n", + "clan-rt staged artifact — Clan OS host demo; ring-3 ELFs use /bin/mendo.elf\n", encoding="utf-8", ) + mendo_elf = ( + REPO / "target" / "x86_64-unknown-none" / "release" / "mendo" + ) + staged_mendo = OUT / "mendo.elf" + if mendo_elf.is_file(): + staged_mendo.write_bytes(mendo_elf.read_bytes()) + print(f"install_userland: staged {staged_mendo} ({staged_mendo.stat().st_size} bytes)") print(f"install_userland: staged {DEMO}") return 0 diff --git a/scripts/mark_epoch0_addressed.py b/scripts/mark_epoch0_addressed.py index 2b6815c..947396e 100644 --- a/scripts/mark_epoch0_addressed.py +++ b/scripts/mark_epoch0_addressed.py @@ -57,7 +57,7 @@ def doc_paths_from_fix(fix: str) -> list[str]: def emit_gaps(gaps: list[dict]) -> str: - header = '''# AresOS gap registry — canonical lifecycle tracking + header = '''# Clan OS gap registry — canonical lifecycle tracking # Updated by scripts/mark_epoch0_addressed.py [schema] diff --git a/scripts/mark_plan_complete_gaps.py b/scripts/mark_plan_complete_gaps.py index 9a0d7e7..b8a46fd 100644 --- a/scripts/mark_plan_complete_gaps.py +++ b/scripts/mark_plan_complete_gaps.py @@ -29,7 +29,7 @@ 21: "kernel/src/audit_wire.rs", 23: "kernel/src/ipc_endpoints.rs", 24: "loom_harness_registry.toml", - 27: "benchmarks/phase-120-baseline.json", + 27: "benchmarks/scope-120-baseline.json", 29: "docs/ARCHITECTURE_TARGETS.md", 36: "docs/WIRE_SCHEMA_REGISTRY.md", 38: "docs/COMPAT_ISOLATION.md", @@ -55,14 +55,14 @@ } EPOCH_SMOKE: dict[int, str] = { - 121: "scripts/gate/boot.py --phase 121", - 130: "scripts/gate/boot.py --phase 130", - 134: "scripts/gate/boot.py --phase 134", - 140: "scripts/gate/boot.py --phase 140", - 201: "scripts/gate/boot.py --phase 201", - 404: "scripts/gate/boot.py --phase 404", - 149: "scripts/gate/boot.py --phase 149", - 150: "scripts/gate/boot.py --phase 150", + 121: "scripts/gate/boot.py --gate service_loader", + 130: "scripts/gate/boot.py --gate platform_brokers", + 134: "scripts/gate/boot.py --gate build_endpoints", + 140: "scripts/gate/boot.py --gate build_endpoints", + 201: "scripts/gate/boot.py --gate virtio_blk", + 404: "scripts/gate/boot.py --gate network_compat", + 149: "scripts/gate/boot.py --gate scheduler_epoch", + 150: "scripts/gate/boot.py --gate boundary", } diff --git a/scripts/migrate_phase_docs.py b/scripts/migrate_phase_docs.py deleted file mode 100644 index f0c64e5..0000000 --- a/scripts/migrate_phase_docs.py +++ /dev/null @@ -1,254 +0,0 @@ -#!/usr/bin/env python3 -"""Migrate phase checklist docs and deep-dive guides to unified gate references.""" - -from __future__ import annotations - -import re -from pathlib import Path - -ROOT = Path(__file__).resolve().parents[1] -DOCS = ROOT / "docs" - -BANNER = """> **Historical scope checklist.** Runtime validation uses unified gates — see [VALIDATION_GATES.md](VALIDATION_GATES.md). Legacy `PhaseN-*` boot serial lines are retired. - -""" - -PHASE_GATE: dict[int, str] = {} -for n in range(6, 9): - PHASE_GATE[n] = "shell_storage" -for n in range(9, 14): - PHASE_GATE[n] = "loader_security" -for n in range(14, 17): - PHASE_GATE[n] = "memory_layout" -for n in range(17, 21): - PHASE_GATE[n] = "userspace_bootstrap" -for n in range(21, 31): - PHASE_GATE[n] = "hw_paging" -for n in range(31, 41): - PHASE_GATE[n] = "sched_userspace" -for n in range(41, 51): - PHASE_GATE[n] = "dynamic_runtime" -for n in range(51, 61): - PHASE_GATE[n] = "fd_mmap" -for n in range(61, 71): - PHASE_GATE[n] = "vm_fork" -for n in range(71, 81): - PHASE_GATE[n] = "syscall_ring3" -for n in range(81, 91): - PHASE_GATE[n] = "path_exec" -for n in range(91, 101): - PHASE_GATE[n] = "smp_depth" -PHASE_GATE.update( - { - 110: "constitutional", - 120: "capabilities", - 121: "service_loader", - 130: "platform_brokers", - 134: "build_endpoints", - 140: "build_endpoints", - 149: "scheduler_epoch", - 150: "boundary", - 201: "virtio_blk", - 404: "network_compat", - 175: "integrity", - 200: "scheduling", - 250: "hardware", - 300: "federation", - 350: "release", - 351: "desktop_preview", - 375: "desktop", - 400: "functional", - 425: "ci", - 450: "production", - 475: "network", - 500: "system", - } -) - -SYSTEM_PHASES = set(range(151, 501)) | {175, 200, 250, 300, 350, 351, 375, 400, 425, 450, 475, 500} - -PHASE_SMOKE_RE = re.compile(r"`Phase\d+[^`]*`") -PHASE_SMOKE_LINE_RE = re.compile(r"Phase\d+-[\w]+[^\n]*") - - -def phase_num_from_path(path: Path) -> int | None: - m = re.match(r"phase-(\d+)-checklist\.md", path.name) - return int(m.group(1)) if m else None - - -def gate_line(phase: int) -> str: - gate = PHASE_GATE.get(phase) - if gate is None: - return "unified boot/system gate (see VALIDATION_GATES.md)" - if phase in SYSTEM_PHASES and phase >= 151: - return f"system gate `{gate}` (`AresOS-Gate: name={gate} ok=true` or `AresOS-SystemGate`)" - return f"boot gate `{gate}` (`AresOS-BootGate: name={gate} ok=true`)" - - -def validation_block(phase: int) -> str: - if phase in SYSTEM_PHASES and phase >= 175: - gate = PHASE_GATE.get(phase, "system") - if gate == "system": - cmd = "python scripts/gate/system.py --gate system --timeout 360" - else: - cmd = f"python scripts/gate/system.py --gate {gate} --timeout 360" - elif phase in PHASE_GATE: - cmd = f"python scripts/gate/boot.py --phase {phase} --timeout 180" - else: - cmd = "python scripts/gate/boot.py --gate boot --timeout 360" - return f"""## Validation - -```bash -cargo check -p kernel -{cmd} -python scripts/validation_matrix.py --smoke-timeout 180 -``` - -See [VALIDATION_GATES.md](VALIDATION_GATES.md). -""" - - -def patch_checklist(path: Path) -> bool: - phase = phase_num_from_path(path) - if phase is None: - return False - text = path.read_text(encoding="utf-8") - if "VALIDATION_GATES.md" in text.split("\n", 1)[0]: - return False - - # Banner - if not text.startswith("> **Historical"): - text = BANNER + text - - # Emit PhaseN smoke checklist items - text = re.sub( - r"- \[x\] Emit `Phase\d+[^`]*` boot smoke[^\n]*", - lambda m: f"- [x] Covered by {gate_line(phase)}", - text, - ) - text = re.sub( - r"- \[x\] `Phase\d+[^`]*` boot[^\n]*", - lambda m: f"- [x] Covered by {gate_line(phase)}", - text, - ) - text = re.sub( - r"- \[x\].*`Phase\d+[^`]*`[^\n]*", - lambda m: f"- [x] Covered by {gate_line(phase)}", - text, - ) - - # Script references - text = re.sub( - r"`scripts/phase\d+[^`]*`", - f"`scripts/gate/boot.py --phase {phase}`", - text, - ) - text = re.sub( - r"python scripts/phase\d+_\w+\.py[^\n]*", - f"python scripts/gate/boot.py --phase {phase} --timeout 180", - text, - ) - text = re.sub( - r"validation_matrix\.py` includes `phase\d+[^`]*`", - "validation_matrix.py` includes `boot-gate-check`", - text, - ) - - # Replace ## Validation Commands / ## Validation section - text = re.sub( - r"## Validation Commands\n\n```bash\n[\s\S]*?```\n", - validation_block(phase) + "\n", - text, - count=1, - ) - if "## Validation\n" not in text and "## Validation Commands" not in text: - text = text.rstrip() + "\n\n" + validation_block(phase) - - path.write_text(text, encoding="utf-8") - return True - - -def patch_guide(path: Path) -> bool: - text = path.read_text(encoding="utf-8") - orig = text - - replacements = { - "Phase175-Epoch7": "AresOS-Gate: name=integrity ok=true", - "Phase200-Milestone": "AresOS-Gate: name=scheduling ok=true", - "Phase250-Milestone": "AresOS-Gate: name=hardware ok=true", - "Phase300-Milestone": "AresOS-Gate: name=federation ok=true", - "Phase350-Milestone": "AresOS-Gate: name=release ok=true", - "Phase351-Desktop": "AresOS-Gate: name=desktop_preview ok=true", - "Phase375-Milestone": "AresOS-Gate: name=desktop ok=true", - "Phase400-Milestone": "AresOS-Gate: name=functional ok=true", - "Phase425-Milestone": "AresOS-Gate: name=ci ok=true", - "Phase450-Milestone": "AresOS-Gate: name=production ok=true", - "Phase475-Milestone": "AresOS-Gate: name=network ok=true", - "Phase500-Milestone": "AresOS-SystemGate: ok=true", - "Phase150-Milestone": "AresOS-BootGate: name=boundary ok=true", - "Phase149-Epoch5": "AresOS-BootGate: name=scheduler_epoch ok=true", - "Phase404-Network": "AresOS-BootGate: name=network_compat ok=true", - "Phase201-VirtioBlk": "AresOS-BootGate: name=virtio_blk ok=true", - "Phase140-IPC": "AresOS-BootGate: name=build_endpoints ok=true", - "Phase130-Platform": "AresOS-BootGate: name=platform_brokers ok=true", - "Phase120-CapCompat": "AresOS-BootGate: name=capabilities ok=true", - "Phase110-Constitutional": "AresOS-BootGate: name=constitutional ok=true", - "COMPLETED_PHASE": "SYSTEM_GATE_VERSION / BOOT_GATE_VERSION", - "phase_catalog.rs": "system_gate.rs / boot_gate.rs", - } - for old, new in replacements.items(): - text = text.replace(old, new) - - text = PHASE_SMOKE_LINE_RE.sub( - "See [VALIDATION_GATES.md](VALIDATION_GATES.md) for gate serial lines.", - text, - ) - if text != orig: - path.write_text(text, encoding="utf-8") - return True - return False - - -def main() -> int: - checklists = 0 - for p in sorted(DOCS.glob("phase-*-checklist.md")): - if patch_checklist(p): - checklists += 1 - - guides = 0 - for name in ( - "STORAGE.md", - "PROGRAMS.md", - "EXECUTABLE_IMAGES.md", - "LOAD_PLANS.md", - "MAPPING_STUBS.md", - "FRAME_OWNERSHIP.md", - "FRAME_BACKED_IMAGES.md", - "DEVICES.md", - "SECURITY.md", - "DEMAND_PAGING.md", - "SHARED_LIBRARIES.md", - "FILE_DESCRIPTORS.md", - "USER_SYSCALLS.md", - "USER_ELF_MVP.md", - "USER_PAGE_TABLES.md", - "USER_CONTEXT.md", - "RING3_TRAMPOLINE.md", - "SMP.md", - "ROADMAP_POST100.md", - "ROADMAP_151_350.md", - "ROADMAP_351_400.md", - "ROADMAP_401_500.md", - "DESIGN_NORTH_STAR.md", - "RELEASE_SCORECARD_M400.md", - ): - p = DOCS / name - if p.exists() and patch_guide(p): - guides += 1 - - print(f"migrate_phase_docs: {checklists} checklists, {guides} guides") - return 0 - - -if __name__ == "__main__": - raise SystemExit(main()) diff --git a/scripts/phase401_clan_rt_check.py b/scripts/phase401_clan_rt_check.py deleted file mode 100644 index 777d477..0000000 --- a/scripts/phase401_clan_rt_check.py +++ /dev/null @@ -1,11 +0,0 @@ -#!/usr/bin/env python3 -"""Compatibility shim — use scripts/gate/ares_rt.py.""" - -import sys -from pathlib import Path - -sys.path.insert(0, str(Path(__file__).resolve().parent)) -from gate.ares_rt import main - -if __name__ == "__main__": - raise SystemExit(main()) diff --git a/scripts/phase4_soak_check.py b/scripts/phase4_soak_check.py deleted file mode 100644 index 8eefb34..0000000 --- a/scripts/phase4_soak_check.py +++ /dev/null @@ -1,199 +0,0 @@ -#!/usr/bin/env python3 - -import argparse -import re -import subprocess -import sys -import time -from dataclasses import dataclass - - -CONTEXT_RE = re.compile(r"ContextLab\s+(.*)") -KV_RE = re.compile(r"([a-zA-Z0-9_]+)=([0-9]+)") - - -@dataclass -class Sample: - a: int - b: int - ticks: int - switches: int - irq_forced_ok: int - irq_forced_blocked: int - handoff_q: int - handoff_c: int - misses: int - timer_stall_fallbacks: int - - -def parse_sample(line: str) -> Sample | None: - m = CONTEXT_RE.search(line) - if not m: - return None - - values = {k: int(v) for k, v in KV_RE.findall(m.group(1))} - required = { - "A", - "B", - "ticks", - "switches", - "irq_forced_ok", - "irq_forced_blocked", - "handoff_q", - "handoff_c", - "misses", - "timer_stall_fallbacks", - } - if not required.issubset(values): - return None - - return Sample( - a=values["A"], - b=values["B"], - ticks=values["ticks"], - switches=values["switches"], - irq_forced_ok=values["irq_forced_ok"], - irq_forced_blocked=values["irq_forced_blocked"], - handoff_q=values["handoff_q"], - handoff_c=values["handoff_c"], - misses=values["misses"], - timer_stall_fallbacks=values["timer_stall_fallbacks"], - ) - - -def validate(samples: list[Sample]) -> tuple[bool, list[str]]: - errors: list[str] = [] - - if len(samples) < 2: - errors.append("not enough ContextLab samples captured") - return False, errors - - first = samples[0] - last = samples[-1] - - if last.ticks <= first.ticks: - errors.append("ticks did not advance") - if last.switches <= first.switches: - errors.append("switches did not advance") - if last.a <= first.a: - errors.append("ContextLab A counter did not advance") - if last.b <= first.b: - errors.append("ContextLab B counter did not advance") - - if last.handoff_q <= first.handoff_q: - errors.append("handoff_q did not advance") - if last.handoff_c <= first.handoff_c: - errors.append("handoff_c did not advance") - - if last.handoff_q != last.handoff_c: - errors.append( - f"final handoff mismatch: handoff_q={last.handoff_q}, handoff_c={last.handoff_c}" - ) - - first_misses = first.misses - if any(s.misses != first_misses for s in samples): - errors.append("misses changed during soak") - - blocked_start = first.irq_forced_blocked - blocked_end = last.irq_forced_blocked - if blocked_end < blocked_start: - errors.append("irq_forced_blocked decreased unexpectedly") - - return len(errors) == 0, errors - - -def main() -> int: - parser = argparse.ArgumentParser( - description="Run wrapper-mode preemption soak and validate ContextLab telemetry." - ) - parser.add_argument( - "--duration", - type=int, - default=120, - help="Soak duration in seconds (default: 120)", - ) - parser.add_argument( - "--min-samples", - type=int, - default=10, - help="Minimum number of ContextLab samples required (default: 10)", - ) - args = parser.parse_args() - - cmd = [ - "cargo", - "run", - "-p", - "kernel", - "--features", - "irq-exit-wrapper-experimental" - ] - - print(f"Starting soak run for {args.duration}s") - print("Command:", " ".join(cmd)) - - proc = subprocess.Popen( - cmd, - stdout=subprocess.PIPE, - stderr=subprocess.STDOUT, - text=True, - bufsize=1, - ) - - samples: list[Sample] = [] - deadline = time.time() + args.duration - - try: - assert proc.stdout is not None - while time.time() < deadline: - line = proc.stdout.readline() - if line == "": - if proc.poll() is not None: - break - continue - - sample = parse_sample(line) - if sample is not None: - samples.append(sample) - finally: - if proc.poll() is None: - proc.terminate() - try: - proc.wait(timeout=5) - except subprocess.TimeoutExpired: - proc.kill() - proc.wait(timeout=5) - - if len(samples) < args.min_samples: - print( - f"FAIL: captured only {len(samples)} ContextLab samples, need at least {args.min_samples}" - ) - return 1 - - ok, errors = validate(samples) - first = samples[0] - last = samples[-1] - - print( - "Summary: " - f"samples={len(samples)}, " - f"ticks={first.ticks}->{last.ticks} (Δ{last.ticks - first.ticks}), " - f"switches={first.switches}->{last.switches} (Δ{last.switches - first.switches}), " - f"handoff_q={first.handoff_q}->{last.handoff_q} (Δ{last.handoff_q - first.handoff_q}), " - f"handoff_c={first.handoff_c}->{last.handoff_c} (Δ{last.handoff_c - first.handoff_c}), " - f"misses={first.misses}->{last.misses}, " - f"irq_forced_blocked={first.irq_forced_blocked}->{last.irq_forced_blocked}" - ) - - if not ok: - print("FAIL:") - for error in errors: - print(f" - {error}") - return 1 - - print("PASS: wrapper-mode preemption soak checks passed") - return 0 - - -if __name__ == "__main__": - sys.exit(main()) diff --git a/scripts/phase5_latency_check.py b/scripts/phase5_latency_check.py deleted file mode 100755 index 495037b..0000000 --- a/scripts/phase5_latency_check.py +++ /dev/null @@ -1,11 +0,0 @@ -#!/usr/bin/env python3 -"""Compatibility shim — use scripts/preemption/latency.py.""" - -import sys -from pathlib import Path - -sys.path.insert(0, str(Path(__file__).resolve().parent)) -from preemption.latency import main - -if __name__ == "__main__": - raise SystemExit(main()) diff --git a/scripts/phase5_soak_check.py b/scripts/phase5_soak_check.py deleted file mode 100755 index b8c16a6..0000000 --- a/scripts/phase5_soak_check.py +++ /dev/null @@ -1,11 +0,0 @@ -#!/usr/bin/env python3 -"""Compatibility shim — use scripts/preemption/soak.py.""" - -import sys -from pathlib import Path - -sys.path.insert(0, str(Path(__file__).resolve().parent)) -from preemption.soak import main - -if __name__ == "__main__": - raise SystemExit(main()) diff --git a/scripts/preemption/__init__.py b/scripts/preemption/__init__.py index df6d94c..923a23c 100644 --- a/scripts/preemption/__init__.py +++ b/scripts/preemption/__init__.py @@ -1 +1 @@ -"""Preemption soak/latency validation (phase 5).""" +"""Preemption soak/latency validation (scope 5).""" diff --git a/scripts/preemption/latency.py b/scripts/preemption/latency.py index dc8a5ca..402dbe3 100644 --- a/scripts/preemption/latency.py +++ b/scripts/preemption/latency.py @@ -15,7 +15,7 @@ from preemption.telemetry import collect_samples # noqa: E402 -LATENCY_RE = re.compile(r"Phase5-Latency:\s+(.*)") +LATENCY_RE = re.compile(r"ClanOS-Preemption: name=latency\s+(.*)") KV_RE = re.compile( r"(ticks|quantum|req|pts|backlog|max_backlog|est_ms|max_est_ms)=([0-9]+(?:\.[0-9]+)?)" ) diff --git a/scripts/preemption/soak.py b/scripts/preemption/soak.py index 6f22877..95df6e8 100644 --- a/scripts/preemption/soak.py +++ b/scripts/preemption/soak.py @@ -15,7 +15,7 @@ from preemption.telemetry import collect_samples # noqa: E402 -FAIRNESS_RE = re.compile(r"Phase5-Fairness:\s+(.*)") +FAIRNESS_RE = re.compile(r"ClanOS-Preemption: name=fairness\s+(.*)") KV_RE = re.compile(r"(T[1-4]|score)=([0-9]+(?:\.[0-9]+)?)") diff --git a/scripts/preemption/telemetry.py b/scripts/preemption/telemetry.py index 2c43a62..4c4f654 100644 --- a/scripts/preemption/telemetry.py +++ b/scripts/preemption/telemetry.py @@ -1,4 +1,4 @@ -"""Collect Phase 5 serial telemetry lines after kernel boot.""" +"""Collect preemption serial telemetry lines after kernel boot.""" from __future__ import annotations @@ -17,7 +17,12 @@ if str(_SCRIPTS) not in sys.path: sys.path.insert(0, str(_SCRIPTS)) -from smoke_qemu import KERNEL_CMD, cleanup_qemu_processes # noqa: E402 +from smoke_qemu import ( # noqa: E402 + KERNEL_CMD, + cleanup_qemu_processes, + ensure_preemption_kernel_built, + ensure_qemu_on_path, +) T = TypeVar("T") @@ -50,6 +55,8 @@ def collect_samples( ) -> tuple[list[T], list[str]]: """Wait up to `boot_wait` seconds for the first sample, then collect for `duration` seconds.""" cleanup_qemu_processes() + ensure_qemu_on_path() + ensure_preemption_kernel_built() process = subprocess.Popen( KERNEL_CMD, env=os.environ.copy(), diff --git a/scripts/project_health.py b/scripts/project_health.py index 8e118ce..ce94120 100644 --- a/scripts/project_health.py +++ b/scripts/project_health.py @@ -96,7 +96,7 @@ def check_prereq_acyclic() -> list[str]: graph: dict[str, list[str]] = defaultdict(list) nodes: set[str] = set() for e in edges: - if e.get("blocking_phase") == "epoch-0" or e.get("blocking"): + if e.get("blocking_scope") == "epoch-0" or e.get("blocking"): graph[e["to"]].append(e["from"]) nodes.add(e["from"]) nodes.add(e["to"]) @@ -190,14 +190,14 @@ def emit_status(matrix: dict) -> str: threats_open = sum(1 for n in nodes if n.get("status") == "open") kani_count = count_kani_harnesses() lines = [ - "# AresOS Project Status", + "# Clan OS Project Status", "", "## Snapshot (fully operational OS)", "", "- **Boot gate:** `kernel/src/boot_gate.rs` (`BOOT_GATE_VERSION = 1.0.0`)", "- **System gate:** `kernel/src/system_gate.rs` (`SYSTEM_GATE_VERSION = 1.0.0`)", "- **Desktop:** VGA 320×200, compositor, PS/2 mouse, window manager, taskbar", - "- **Userland:** `/bin/demo-hello`, `/bin/ares-info` (`ares-rt` `#![no_std]`)", + "- **Userland:** `/bin/demo-hello`, `/bin/clan-info`, `/bin/mendo`, `/bin/ring3-io-demo` (Clan OS runtime: `clan-rt` `#![no_std]`)", "- **Network:** virtio-net loopback + external route simulation", f"- gap_registry: {gaps_open} open, {gaps_addressed} addressed ({gaps_addressed + gaps_open + gaps_wontfix} total)", f"- threat nodes open: {threats_open}", @@ -219,8 +219,8 @@ def emit_status(matrix: dict) -> str: "", "| Gate family | Final serial line | Host check |", "|-------------|-------------------|------------|", - "| Boot | `AresOS-BootGate: ok=true` | `scripts/gate/boot_host.py` |", - "| System | `AresOS-SystemGate: ok=true` | `scripts/gate/system_host.py` |", + "| Boot | `ClanOS-BootGate: ok=true` | `scripts/gate/boot_host.py` |", + "| System | `ClanOS-SystemGate: ok=true` | `scripts/gate/system_host.py` |", "", "QEMU: `scripts/gate/boot.py --gate boot`, `scripts/gate/system.py --gate system`", "", diff --git a/scripts/qemu/x86_64-config.ps1 b/scripts/qemu/x86_64-config.ps1 index ceec8ac..51e46c6 100644 --- a/scripts/qemu/x86_64-config.ps1 +++ b/scripts/qemu/x86_64-config.ps1 @@ -1,5 +1,5 @@ -# AresOS QEMU x86_64 config — epoch 6 versioned script (ARCHITECTURE_TARGETS.md) -# Changelog: v1 — virtio-blk-pci + smp=2 for phases 141+ +# Clan OS QEMU x86_64 config — epoch 6 versioned script (ARCHITECTURE_TARGETS.md) +# Changelog: v1 — virtio-blk-pci + smp=2 for scopes 141+ param( [string]$KernelImage = "target/x86_64-unknown-none/debug/bootimage-kernel.bin", diff --git a/scripts/rename_clanos.py b/scripts/rename_clanos.py new file mode 100644 index 0000000..dd44c4e --- /dev/null +++ b/scripts/rename_clanos.py @@ -0,0 +1,109 @@ +#!/usr/bin/env python3 +"""One-shot Clan OS rebrand: replace legacy Ares identifiers in text files.""" + +from __future__ import annotations + +import sys +from pathlib import Path + +REPO = Path(__file__).resolve().parents[1] + +SKIP_DIRS = { + ".git", + "target", + "target-host", + "proof-rights", + "__pycache__", + ".cursor/projects", +} + +SKIP_FILES = { + "scripts/rename_clanos.py", + "Cargo.lock", +} + +# Order matters: longest / most specific first. +REPLACEMENTS: list[tuple[str, str]] = [ + ("ABI_ARES_RT", "ABI_CLAN_RT"), + ("ares-exec-v1", "clan-exec-v1"), + ("ARESFS1", "CLANFS1"), + ("ares-rt-001", "clan-rt-001"), + ("ares-rt-0.1.0", "clan-rt-0.1.0"), + ("scripts/gate/ares_rt.py", "scripts/gate/clan_rt.py"), + ("gate/ares_rt.py", "gate/clan_rt.py"), + ("from gate.ares_rt import", "from gate.clan_rt import"), + ("ares-native-v1", "clan-native-v1"), + ("ares-semantics-v1", "clan-semantics-v1"), + ("ares-semantics-v*", "clan-semantics-v*"), + ("ares-abi-v1", "clan-abi-v1"), + ("ares-abi-v*", "clan-abi-v*"), + ("ARE_SEMANTICS_V1", "CLAN_SEMANTICS_V1"), + ("ARE_ABI_V1", "CLAN_ABI_V1"), + ("AresFS", "ClanFS"), + ("AresError", "ClanError"), + ("AresRtError", "ClanRtError"), + ("aresos_full_os_build_b960e4a0", "clanos_full_os_build_b960e4a0"), + ("aresos_build_151_350", "clanos_build_151_350"), + ("aresos_full_os_build", "clanos_full_os_build"), + ("ares-rt", "clan-rt"), + ("ares_rt", "clan_rt"), + ("aresos", "clanos"), + ("AresOS", "ClanOS"), + ("&image_bytes[120..124] == b\"ARES\" || &image_bytes[120..124] == b\"CLAN\"", "&image_bytes[120..124] == b\"CLAN\""), + ("b\"ARES\"", "b\"CLAN\""), +] + +TEXT_SUFFIXES = { + ".rs", + ".toml", + ".md", + ".mdc", + ".py", + ".json", + ".txt", + ".yml", + ".yaml", + ".ps1", + ".sh", + ".html", + ".css", + ".js", + ".ts", + ".tsx", + ".jsx", + ".lock", +} + + +def should_skip(path: Path) -> bool: + rel = path.relative_to(REPO).as_posix() + if rel in SKIP_FILES: + return True + for part in path.parts: + if part in SKIP_DIRS: + return True + return path.suffix not in TEXT_SUFFIXES and path.name not in ("LICENSE", "CHARTER", "SECURITY") + + +def main() -> int: + changed = 0 + for path in sorted(REPO.rglob("*")): + if not path.is_file() or should_skip(path): + continue + try: + text = path.read_text(encoding="utf-8") + except (UnicodeDecodeError, OSError): + continue + original = text + for old, new in REPLACEMENTS: + text = text.replace(old, new) + if text != original: + path.write_text(text, encoding="utf-8", newline="\n") + changed += 1 + print(f"updated: {path.relative_to(REPO)}") + print(f"rename_clanos: {changed} files updated") + return 0 + + +if __name__ == "__main__": + raise SystemExit(main()) diff --git a/scripts/repro-manifest.toml b/scripts/repro-manifest.toml index 131d0fb..d204d76 100644 --- a/scripts/repro-manifest.toml +++ b/scripts/repro-manifest.toml @@ -12,5 +12,5 @@ package = "kernel" [userland] # Host triple for epoch-2 demo; ring3 ELF on x86_64-unknown-none deferred. target = "host" -package = "ares-rt" +package = "clan-rt" install_hook = "scripts/install_userland.py" diff --git a/scripts/run_desktop.ps1 b/scripts/run_desktop.ps1 index 928e802..bff76a1 100644 --- a/scripts/run_desktop.ps1 +++ b/scripts/run_desktop.ps1 @@ -1,4 +1,4 @@ -# Launch AresOS with visible VGA desktop + serial shell. +# Launch Clan OS with visible VGA desktop + serial shell. $ErrorActionPreference = "Stop" $env:Path = "C:\Program Files\qemu;" + $env:Path $Root = Split-Path -Parent $PSScriptRoot diff --git a/scripts/phase_checklist_spot_check.py b/scripts/scope_checklist_spot_check.py similarity index 56% rename from scripts/phase_checklist_spot_check.py rename to scripts/scope_checklist_spot_check.py index fc03be5..2c7bb0a 100644 --- a/scripts/phase_checklist_spot_check.py +++ b/scripts/scope_checklist_spot_check.py @@ -1,5 +1,5 @@ #!/usr/bin/env python3 -"""Spot-check phase-151..350 checklist stubs exist (gap 348).""" +"""Spot-check scope-151..350 checklist stubs exist (gap 348).""" from pathlib import Path @@ -9,18 +9,18 @@ def main() -> int: missing: list[int] = [] - for phase in range(151, 351): - path = DOCS / f"phase-{phase}-checklist.md" + for scope in range(151, 351): + path = DOCS / f"scope-{scope}-checklist.md" if not path.exists(): - missing.append(phase) + missing.append(scope) if missing: print( - f"phase_checklist_spot_check: missing {len(missing)} checklists " + f"scope_checklist_spot_check: missing {len(missing)} checklists " f"(first: {missing[:5]})", flush=True, ) return 1 - print(f"phase_checklist_spot_check: OK (200 checklists 151-350)") + print(f"scope_checklist_spot_check: OK (200 checklists 151-350)") return 0 diff --git a/scripts/sdk_smoke_check.py b/scripts/sdk_smoke_check.py index fe289ee..8ef59e2 100644 --- a/scripts/sdk_smoke_check.py +++ b/scripts/sdk_smoke_check.py @@ -11,7 +11,7 @@ REQUIRED = [ ROOT / "userland" / "Cargo.toml", ROOT / "userland" / "src" / "lib.rs", - ROOT / "docs" / "ABI_ARES_RT.md", + ROOT / "docs" / "ABI_CLAN_RT.md", ROOT / "scripts" / "install_userland.py", ] diff --git a/scripts/semantic_lint.py b/scripts/semantic_lint.py index 18160ac..de973ff 100644 --- a/scripts/semantic_lint.py +++ b/scripts/semantic_lint.py @@ -1,5 +1,5 @@ #!/usr/bin/env python3 -"""Architecture-preservation lint for post-100 constitutional docs (phases 101-110).""" +"""Architecture-preservation lint for post-100 constitutional docs (scopes 101-110).""" from __future__ import annotations @@ -168,7 +168,7 @@ def check_cap_implementation(repo: Path, errors: list[str]) -> None: ] for path in required: if not path.is_file(): - errors.append(f"phases 111-120: missing {path.relative_to(repo)}") + errors.append(f"scopes 111-120: missing {path.relative_to(repo)}") def parse_native_syscall_enum(native_rs: Path) -> set[int]: @@ -192,7 +192,7 @@ def check_native_syscall_ids(repo: Path, errors: list[str]) -> None: kernel_ids = parse_native_syscall_enum(native_rs) abi = repo / "docs" / "ABI_SYSCALL.md" abi_text = abi.read_text(encoding="utf-8") - start = abi_text.find("## Native syscall IDs (phase 112)") + start = abi_text.find("## Native syscall IDs (scope 112)") if start < 0: return chunk = abi_text[start : start + 800] @@ -212,13 +212,13 @@ def print_minimization_audit() -> None: ("IPC", "ABI_IPC", "7 guarantee areas"), ("Async", "ABI_ASYNC", "4 primitives"), ] - print("Minimization audit (phase 110):") + print("Minimization audit (constitutional gates G1–G5):") for layer, doc, count in rows: print(f" {layer:14} {doc:22} {count}") def main() -> int: - parser = argparse.ArgumentParser(description="Semantic lint for phases 101-110") + parser = argparse.ArgumentParser(description="Semantic lint for scopes 101-110") parser.add_argument( "--repo-root", type=Path, diff --git a/scripts/smoke_qemu.py b/scripts/smoke_qemu.py index 22a8ce6..0efa66c 100644 --- a/scripts/smoke_qemu.py +++ b/scripts/smoke_qemu.py @@ -1,16 +1,104 @@ #!/usr/bin/env python3 -"""Shared helpers for Phase N QEMU serial smoke checks.""" +"""Shared helpers for QEMU serial smoke checks.""" from __future__ import annotations import os +import shutil import signal import subprocess +import time +from pathlib import Path DEFAULT_SMOKE_TIMEOUT = 120 +OBJCOPY_RETRY_SLEEP_S = 12 +WINDOWS_ARTIFACT_UNLOCK_S = 5 + + +def is_objcopy_lock_error(output: str) -> bool: + lowered = output.lower() + return "llvm-objcopy" in lowered and "permission denied" in lowered + + +def is_bootimage_build_error(output: str) -> bool: + lowered = output.lower() + return "bootimage" in lowered and ( + "permission denied" in lowered or "failed to run" in lowered + ) + + +def wait_for_bootimage_unlock() -> None: + """Release Windows file locks on bootimage artifacts before the next cargo run.""" + cleanup_qemu_processes() + if os.name == "nt": + time.sleep(WINDOWS_ARTIFACT_UNLOCK_S) # QEMU serial/display/no-reboot come from [package.metadata.bootimage] run-command. -KERNEL_CMD = ["cargo", "run", "-p", "kernel", "--features", "preemption"] +KERNEL_FEATURES = ["--features", "preemption"] +KERNEL_BUILD_CMD = ["cargo", "build", "-p", "kernel", *KERNEL_FEATURES] +KERNEL_CMD = ["cargo", "run", "-p", "kernel", *KERNEL_FEATURES] + + +def ensure_preemption_kernel_built() -> None: + """Rebuild kernel with preemption after non-preemption gate smokes may have clobbered artifacts.""" + wait_for_bootimage_unlock() + subprocess.run( + KERNEL_BUILD_CMD, + check=True, + env=os.environ.copy(), + ) + + +def _qemu_candidate_dirs() -> list[Path]: + dirs: list[Path] = [] + if os.name == "nt": + pf = os.environ.get("ProgramFiles", r"C:\Program Files") + pf86 = os.environ.get("ProgramFiles(x86)", r"C:\Program Files (x86)") + local = os.environ.get("LOCALAPPDATA", "") + dirs.extend( + [ + Path(pf) / "qemu", + Path(pf86) / "qemu", + Path(local) / "Programs" / "QEMU", + ] + ) + winget_root = Path(local) / "Microsoft" / "WinGet" / "Packages" + if winget_root.is_dir(): + dirs.extend(winget_root.glob("*QEMU*")) + else: + dirs.extend( + [ + Path("/usr/bin"), + Path("/usr/local/bin"), + ] + ) + return dirs + + +def find_qemu_bin_dir() -> Path | None: + """Return directory containing `qemu-system-x86_64` when not already on PATH.""" + if shutil.which("qemu-system-x86_64"): + return None + exe_name = "qemu-system-x86_64.exe" if os.name == "nt" else "qemu-system-x86_64" + for base in _qemu_candidate_dirs(): + direct = base / exe_name + if direct.is_file(): + return base + if base.is_dir(): + for hit in base.rglob(exe_name): + return hit.parent + return None + + +def ensure_qemu_on_path() -> bool: + """Prepend a discovered QEMU install dir to PATH (Windows winget/NSIS layouts).""" + if shutil.which("qemu-system-x86_64"): + return True + qdir = find_qemu_bin_dir() + if qdir is None: + return False + os.environ["PATH"] = str(qdir) + os.pathsep + os.environ.get("PATH", "") + return shutil.which("qemu-system-x86_64") is not None def cleanup_qemu_processes() -> None: @@ -32,6 +120,8 @@ def cleanup_qemu_processes() -> None: def run_kernel(timeout: int = DEFAULT_SMOKE_TIMEOUT) -> tuple[int, str]: cleanup_qemu_processes() + ensure_qemu_on_path() + ensure_preemption_kernel_built() process = subprocess.Popen( KERNEL_CMD, stdout=subprocess.PIPE, diff --git a/scripts/update_phase101_110_checklists.py b/scripts/update_phase101_110_checklists.py deleted file mode 100644 index ebd9127..0000000 --- a/scripts/update_phase101_110_checklists.py +++ /dev/null @@ -1,41 +0,0 @@ -#!/usr/bin/env python3 -"""Mark validation lines complete on phase 101-110 checklists.""" - -from pathlib import Path - -DOCS = Path(__file__).resolve().parents[1] / "docs" - -VALIDATION_BLOCK = """## Validation - -- [x] `python scripts/semantic_lint.py` -- [x] Phases 101–109: documentation deliverables complete -- [ ] Phases 111+: `cargo check -p kernel` + smoke script TBD -""" - -PHASE_110_VALIDATION = """## Validation - -- [x] `python scripts/semantic_lint.py` -- [x] `python scripts/gate/legacy.py --phase 110 --timeout 300` -- [x] `cargo test -p kernel --features preemption --test preemption_integration` (phase110_constitutional_smoke_works) -- [x] `python scripts/gate/boot.py --gate constitutional --timeout 300` -""" - -for n in range(101, 110): - path = DOCS / f"phase-{n}-checklist.md" - text = path.read_text(encoding="utf-8") - text = text.replace("- [ ] Consistent with [AXIOMS.md](AXIOMS.md)", "- [x] Consistent with [AXIOMS.md](AXIOMS.md)") - text = text.replace("- [ ] Listed in [ROADMAP_POST100.md](ROADMAP_POST100.md)", "- [x] Listed in [ROADMAP_POST100.md](ROADMAP_POST100.md)") - if "## Validation" in text: - import re - - text = re.sub(r"## Validation\n\n.*?(?=\n## )", VALIDATION_BLOCK + "\n", text, count=1, flags=re.DOTALL) - path.write_text(text, encoding="utf-8") - -path = DOCS / "phase-110-checklist.md" -text = path.read_text(encoding="utf-8") -if "## Validation" in text: - import re - - text = re.sub(r"## Validation\n\n.*?(?=\n## )", PHASE_110_VALIDATION + "\n", text, count=1, flags=re.DOTALL) -path.write_text(text, encoding="utf-8") -print("updated checklists 101-110") diff --git a/scripts/update_phase111_120_checklists.py b/scripts/update_phase111_120_checklists.py deleted file mode 100644 index b4168a1..0000000 --- a/scripts/update_phase111_120_checklists.py +++ /dev/null @@ -1,60 +0,0 @@ -#!/usr/bin/env python3 -"""Mark phase 111-120 checklists complete after capability foundation build.""" - -from pathlib import Path - -DOCS = Path(__file__).resolve().parents[1] / "docs" - -VALIDATION = """## Validation - -- [x] `cargo check -p kernel` -- [x] `cargo test -p kernel --features preemption --test preemption_integration` (phase120_cap_compat_smoke_works) -- [x] `python scripts/semantic_lint.py` -- [x] `python scripts/gate/legacy.py --phase 120 --timeout 300` -- [x] `python scripts/gate/boot.py --gate capabilities --timeout 300` -""" - -SCOPE_DONE = "- [x] Deliverable:" - -MODE_IMPL = "implementation (deliverables landed)" - -PHASES = { - 111: ("CapHandle KernelObject", "G1 G5 single handle table"), - 112: ("Cap Create Close Transfer", "G2 implementation"), - 113: ("Rights Delegation Smoke", "R-01 R-06"), - 114: ("Storage Grant Object", "no paths"), - 115: ("Path Broker Compat Only", "G1 compat only"), - 116: ("No Ambient Authority", "zero grants deny"), - 117: ("Namespace Invisibility", "native no global tree"), - 118: ("Broker Issued FsNode Caps", "storage broker"), - 119: ("Compat Bridge Unchanged", "ELF FD path"), - 120: ("Integration Cap Compat", "milestone 120"), -} - - -def update(path: Path, num: int, title: str, deliverable: str) -> None: - text = path.read_text(encoding="utf-8") - text = text.replace("future implementation", MODE_IMPL) - text = text.replace("- [ ] Deliverable:", SCOPE_DONE, 1) - if "- [ ] Consistent with" in text: - text = text.replace("- [ ] Consistent with", "- [x] Consistent with", 1) - if "- [ ] Listed in" in text: - text = text.replace("- [ ] Listed in", "- [x] Listed in", 1) - if "## Validation" in text: - before, _ = text.split("## Validation", 1) - after = "" - if "## Deferred" in text: - _, rest = text.split("## Validation", 1)[1].split("## Deferred", 1) - after = "## Deferred" + rest - text = before + VALIDATION + "\n\n" + after - path.write_text(text, encoding="utf-8") - - -def main() -> None: - for num, (title, deliverable) in PHASES.items(): - update(DOCS / f"phase-{num}-checklist.md", num, title, deliverable) - print("updated phase 111-120 checklists") - - -if __name__ == "__main__": - main() diff --git a/scripts/validation_matrix.py b/scripts/validation_matrix.py index 15d6196..d8c6a3e 100644 --- a/scripts/validation_matrix.py +++ b/scripts/validation_matrix.py @@ -8,12 +8,12 @@ import sys import time -from smoke_qemu import cleanup_qemu_processes - - -def is_objcopy_lock_error(output: str) -> bool: - lowered = output.lower() - return "llvm-objcopy" in lowered and "permission denied" in lowered +from smoke_qemu import ( + cleanup_qemu_processes, + ensure_qemu_on_path, + is_objcopy_lock_error, + wait_for_bootimage_unlock, +) def run_command_with_retries( @@ -35,6 +35,7 @@ def run_command_with_retries( def run_command(cmd: list[str], timeout: int | None = None) -> tuple[int, str]: + ensure_qemu_on_path() process = subprocess.Popen( cmd, stdout=subprocess.PIPE, @@ -58,13 +59,13 @@ def run_command(cmd: list[str], timeout: int | None = None) -> tuple[int, str]: def main() -> int: - parser = argparse.ArgumentParser(description="Run AresOS validation matrix with practical thresholds.") + parser = argparse.ArgumentParser(description="Run Clan OS validation matrix with practical thresholds.") parser.add_argument("--soak-duration", type=int, default=60) parser.add_argument("--latency-duration", type=int, default=60) parser.add_argument("--max-latency-ms", type=int, default=300) parser.add_argument("--max-fairness-score", type=float, default=1.10) parser.add_argument("--smoke-timeout", type=int, default=180) - parser.add_argument("--boot-wait", type=int, default=150, help="Seconds to wait for Phase5 telemetry after boot") + parser.add_argument("--boot-wait", type=int, default=150, help="Seconds to wait for preemption telemetry after boot") parser.add_argument( "--from-check", type=str, @@ -128,13 +129,17 @@ def main() -> int: ], None, ), - ("phase401-ares-rt-check", ["python", "scripts/gate/ares_rt.py"], 120), + ( + "compat-subsystems-host-check", + ["python", "scripts/gate/compat_subsystems.py"], + 180, + ), ("semantic-lint", ["python", "scripts/semantic_lint.py"], None), ("covenant-ci", ["python", "scripts/covenant_ci.py"], 120), ("loom-gate", ["python", "scripts/loom_gate.py"], None), ("transfer-toctou-check", ["python", "scripts/transfer_toctou_check.py"], None), ( - "phase5-soak-check", + "preemption-soak-check", [ "python", "scripts/preemption/soak.py", @@ -150,7 +155,7 @@ def main() -> int: None, ), ( - "phase5-latency-check", + "preemption-latency-check", [ "python", "scripts/preemption/latency.py", @@ -177,14 +182,21 @@ def main() -> int: checks = checks[start_idx:] print(f"Resuming from {args.from_check} ({len(checks)} checks)") - phase5_timeout = args.boot_wait + max(args.soak_duration, args.latency_duration) + 180 + preemption_timeout = args.boot_wait + max(args.soak_duration, args.latency_duration) + 180 any_failed = False cleanup_qemu_processes() + if not ensure_qemu_on_path(): + print( + "WARN: qemu-system-x86_64 not on PATH and not found in common install dirs; " + "QEMU checks will fail (install: winget install SoftwareFreedomConservancy.QEMU)" + ) print("Validation matrix start") for name, cmd, timeout in checks: - if name in ("phase5-soak-check", "phase5-latency-check"): - timeout = phase5_timeout + if name in ("preemption-soak-check", "preemption-latency-check"): + timeout = preemption_timeout + if name == "system-gate-check": + timeout = max(timeout or 0, args.smoke_timeout, 480) print(f"\n=== {name} ===") print("Command:", " ".join(cmd)) start = time.time() @@ -195,8 +207,9 @@ def main() -> int: if name == "preemption-integration" and os.name == "nt": print("Waiting for bootimage artifacts to unlock (Windows)...") time.sleep(20) - elif os.name == "nt": - time.sleep(5) + wait_for_bootimage_unlock() + else: + wait_for_bootimage_unlock() if code != 0: print(f"FAIL: {name} exited with {code} in {elapsed:.1f}s") diff --git a/userland/Cargo.toml b/userland/Cargo.toml index 2320824..b9113fa 100644 --- a/userland/Cargo.toml +++ b/userland/Cargo.toml @@ -1,16 +1,18 @@ [package] -name = "ares-rt" +name = "clan-rt" version = "0.1.0" edition = "2021" license = "Apache-2.0" -description = "AresOS userspace runtime (epoch 2)" +description = "Clan OS userspace runtime (epoch 2)" [lib] -name = "ares_rt" +name = "clan_rt" path = "src/lib.rs" [features] host-std = [] +ring3 = [] +ring3-heap = ["ring3"] [[bin]] name = "demo-hello" diff --git a/userland/hello-alloc/.cargo/config.toml b/userland/hello-alloc/.cargo/config.toml new file mode 100644 index 0000000..c57e885 --- /dev/null +++ b/userland/hello-alloc/.cargo/config.toml @@ -0,0 +1,6 @@ +[target.x86_64-unknown-none] +rustflags = [ + "-C", "relocation-model=static", + "-C", "link-arg=-Tlinker.ld", + "-C", "link-arg=-no-pie", +] diff --git a/userland/hello-alloc/Cargo.toml b/userland/hello-alloc/Cargo.toml new file mode 100644 index 0000000..7ee6f1e --- /dev/null +++ b/userland/hello-alloc/Cargo.toml @@ -0,0 +1,13 @@ +[package] +name = "hello-alloc" +version = "0.1.0" +edition = "2021" +license = "Apache-2.0" +description = "Clan OS ring-3 demo — clan-rt bump heap + alloc::Vec" + +[[bin]] +name = "hello-alloc" +path = "src/main.rs" + +[dependencies] +clan-rt = { path = "..", default-features = false, features = ["ring3-heap"] } diff --git a/userland/hello-alloc/linker.ld b/userland/hello-alloc/linker.ld new file mode 100644 index 0000000..a968378 --- /dev/null +++ b/userland/hello-alloc/linker.ld @@ -0,0 +1,25 @@ +/* Match Clan OS user ELF load base (see storage.rs /bin/hello fixtures). */ +ENTRY(_start) + +SECTIONS +{ + . = 0x400000; + + .text : ALIGN(4096) { + KEEP(*(.text._start)) + *(.text .text.*) + } + + .rodata : ALIGN(4096) { + *(.rodata .rodata.*) + } + + .data : ALIGN(4096) { + *(.data .data.*) + } + + .bss : ALIGN(4096) { + *(.bss .bss.*) + *(COMMON) + } +} diff --git a/userland/hello-alloc/src/main.rs b/userland/hello-alloc/src/main.rs new file mode 100644 index 0000000..bfe864e --- /dev/null +++ b/userland/hello-alloc/src/main.rs @@ -0,0 +1,51 @@ +//! Ring-3 smoke: `alloc::Vec` + `String` on clan-rt bump heap. + +#![no_std] +#![no_main] +#![feature(alloc_error_handler)] + +extern crate alloc; + +use alloc::string::String; +use alloc::vec::Vec; +use clan_rt::ring3_syscall::{sys_exit, sys_write}; + +const EXPECTED_SUM: u32 = (64 * 63) / 2; + +#[no_mangle] +pub extern "C" fn _start() -> ! { + clan_rt::heap::heap_reset(); + + let mut values: Vec<u32> = Vec::new(); + for i in 0..64 { + values.push(i); + } + let sum: u32 = values.iter().copied().sum(); + if sum != EXPECTED_SUM { + sys_exit(1); + } + + let mut msg = String::from("clan-rt heap ok\n"); + if clan_rt::heap::heap_used() == 0 { + sys_exit(2); + } + if sys_write(1, msg.as_ptr(), msg.len()) <= 0 { + sys_exit(3); + } + msg.clear(); + if !msg.is_empty() { + sys_exit(4); + } + + sys_exit(0); +} + +#[panic_handler] +fn panic(_info: &core::panic::PanicInfo) -> ! { + sys_exit(99); +} + +#[alloc_error_handler] +fn alloc_error(_layout: core::alloc::Layout) -> ! { + sys_exit(88); +} diff --git a/userland/mendo/.cargo/config.toml b/userland/mendo/.cargo/config.toml new file mode 100644 index 0000000..c57e885 --- /dev/null +++ b/userland/mendo/.cargo/config.toml @@ -0,0 +1,6 @@ +[target.x86_64-unknown-none] +rustflags = [ + "-C", "relocation-model=static", + "-C", "link-arg=-Tlinker.ld", + "-C", "link-arg=-no-pie", +] diff --git a/userland/mendo/Cargo.toml b/userland/mendo/Cargo.toml new file mode 100644 index 0000000..e1d78e0 --- /dev/null +++ b/userland/mendo/Cargo.toml @@ -0,0 +1,12 @@ +[package] +name = "mendo" +version = "0.1.0" +edition = "2021" +license = "Apache-2.0" +description = "Mendo — scripting language for Clan OS (ring-3 ELF)" + +[[bin]] +name = "mendo" +path = "src/main.rs" + +[dependencies] diff --git a/userland/mendo/linker.ld b/userland/mendo/linker.ld new file mode 100644 index 0000000..a968378 --- /dev/null +++ b/userland/mendo/linker.ld @@ -0,0 +1,25 @@ +/* Match Clan OS user ELF load base (see storage.rs /bin/hello fixtures). */ +ENTRY(_start) + +SECTIONS +{ + . = 0x400000; + + .text : ALIGN(4096) { + KEEP(*(.text._start)) + *(.text .text.*) + } + + .rodata : ALIGN(4096) { + *(.rodata .rodata.*) + } + + .data : ALIGN(4096) { + *(.data .data.*) + } + + .bss : ALIGN(4096) { + *(.bss .bss.*) + *(COMMON) + } +} diff --git a/userland/mendo/src/interp.rs b/userland/mendo/src/interp.rs new file mode 100644 index 0000000..77f5a9d --- /dev/null +++ b/userland/mendo/src/interp.rs @@ -0,0 +1,178 @@ +//! Tree-walking interpreter for Mendo. + +use crate::parser::{BinOp, Expr, Program, Stmt}; +use crate::syscall; + +const MAX_VARS: usize = 8; +const STDOUT_FD: u64 = 1; + +#[derive(Debug, Clone, Copy)] +struct VarSlot<'a> { + name: Option<&'a str>, + value: i64, +} + +struct Env<'a> { + slots: [VarSlot<'a>; MAX_VARS], +} + +impl<'a> Env<'a> { + const fn new() -> Self { + Self { + slots: [VarSlot { + name: None, + value: 0, + }; MAX_VARS], + } + } + + fn get(&self, name: &str) -> i64 { + for slot in &self.slots { + if slot.name == Some(name) { + return slot.value; + } + } + 0 + } + + fn set(&mut self, name: &'a str, value: i64) { + for slot in &mut self.slots { + if slot.name == Some(name) { + slot.value = value; + return; + } + } + for slot in &mut self.slots { + if slot.name.is_none() { + slot.name = Some(name); + slot.value = value; + return; + } + } + } +} + +fn write_bytes(bytes: &[u8]) { + let mut offset = 0usize; + while offset < bytes.len() { + let chunk = core::cmp::min(32, bytes.len() - offset); + let _ = syscall::sys_write(STDOUT_FD, bytes[offset..].as_ptr(), chunk); + offset += chunk; + } +} + +fn write_i64(mut n: i64) { + let mut buf = [0u8; 22]; + if n == 0 { + write_bytes(b"0"); + return; + } + let negative = n < 0; + if negative { + n = n.saturating_neg(); + } + let mut len = 0usize; + while n > 0 && len < buf.len() { + buf[len] = b'0' + (n % 10) as u8; + n /= 10; + len += 1; + } + if negative { + write_bytes(b"-"); + } + while len > 0 { + len -= 1; + write_bytes(&buf[len..len + 1]); + } +} + +fn eval_expr<'a>(program: &Program<'a>, env: &Env<'a>, id: u8) -> i64 { + match program.exprs[id as usize] { + Expr::Int(v) => v, + Expr::Var(name) => env.get(name), + Expr::Bin(op, left, right) => { + let l = eval_expr(program, env, left); + let r = eval_expr(program, env, right); + match op { + BinOp::Add => l.saturating_add(r), + BinOp::Sub => l.saturating_sub(r), + BinOp::Mul => l.saturating_mul(r), + BinOp::Div => { + if r == 0 { + 0 + } else { + l / r + } + } + BinOp::Eq => i64::from(l == r), + BinOp::Ne => i64::from(l != r), + BinOp::Lt => i64::from(l < r), + BinOp::Le => i64::from(l <= r), + BinOp::Gt => i64::from(l > r), + BinOp::Ge => i64::from(l >= r), + } + } + } +} + +fn run_range<'a>(program: &Program<'a>, env: &mut Env<'a>, start: u16, len: u16) { + let end = start.saturating_add(len) as usize; + let mut pc = start as usize; + while pc < end { + pc = run_stmt(program, env, pc); + } +} + +fn run_stmt<'a>(program: &Program<'a>, env: &mut Env<'a>, pc: usize) -> usize { + match program.stmts[pc] { + Stmt::PrintStr(text) => { + write_bytes(text.as_bytes()); + pc + 1 + } + Stmt::PrintExpr(expr) => { + write_i64(eval_expr(program, env, expr)); + write_bytes(b"\n"); + pc + 1 + } + Stmt::Let(name, expr) => { + env.set(name, eval_expr(program, env, expr)); + pc + 1 + } + Stmt::Assign(name, expr) => { + env.set(name, eval_expr(program, env, expr)); + pc + 1 + } + Stmt::If { + cond, + then_start, + then_len, + else_start, + else_len, + } => { + if eval_expr(program, env, cond) != 0 { + run_range(program, env, then_start, then_len); + } else if else_len > 0 { + run_range(program, env, else_start, else_len); + } + pc + 1 + } + Stmt::While { + cond, + body_start, + body_len, + } => { + while eval_expr(program, env, cond) != 0 { + run_range(program, env, body_start, body_len); + } + pc + 1 + } + } +} + +pub fn run<'a>(program: &Program<'a>) { + let mut env = Env::new(); + let mut pc = 0usize; + while pc < program.stmt_count { + pc = run_stmt(program, &mut env, pc); + } +} diff --git a/userland/mendo/src/lexer.rs b/userland/mendo/src/lexer.rs new file mode 100644 index 0000000..cdb9655 --- /dev/null +++ b/userland/mendo/src/lexer.rs @@ -0,0 +1,198 @@ +//! Tokenizer for Mendo source. + +const MAX_TOKENS: usize = 64; + +#[derive(Debug, Clone, Copy, PartialEq, Eq)] +pub enum TokenKind { + Print, + Let, + If, + Else, + While, + Ident, + Int, + String, + Eq, + Ne, + Lt, + Le, + Gt, + Ge, + Plus, + Minus, + Star, + Slash, + Assign, + LParen, + RParen, + LBrace, + RBrace, + Semicolon, + Eof, +} + +#[derive(Debug, Clone, Copy)] +pub struct Token<'a> { + pub kind: TokenKind, + pub text: &'a str, + pub value: i64, +} + +#[derive(Debug)] +pub enum LexError { + UnexpectedChar, + UnterminatedString, + TooManyTokens, +} + +pub struct TokenBuf<'a> { + pub tokens: [Token<'a>; MAX_TOKENS], + pub len: usize, +} + +impl<'a> TokenBuf<'a> { + pub const fn new() -> Self { + Self { + tokens: [Token { + kind: TokenKind::Eof, + text: "", + value: 0, + }; MAX_TOKENS], + len: 0, + } + } + + fn push(&mut self, token: Token<'a>) -> Result<(), LexError> { + if self.len >= MAX_TOKENS { + return Err(LexError::TooManyTokens); + } + self.tokens[self.len] = token; + self.len += 1; + Ok(()) + } +} + +fn keyword(text: &str) -> Option<TokenKind> { + match text { + "print" => Some(TokenKind::Print), + "let" => Some(TokenKind::Let), + "if" => Some(TokenKind::If), + "else" => Some(TokenKind::Else), + "while" => Some(TokenKind::While), + _ => None, + } +} + +fn is_ident_start(c: u8) -> bool { + c.is_ascii_alphabetic() || c == b'_' +} + +fn is_ident_continue(c: u8) -> bool { + c.is_ascii_alphanumeric() || c == b'_' +} + +fn skip_ws(input: &[u8], mut i: usize) -> usize { + while i < input.len() && (input[i] as char).is_ascii_whitespace() { + i += 1; + } + i +} + +pub fn tokenize<'a>(source: &'a str, out: &mut TokenBuf<'a>) -> Result<(), LexError> { + out.len = 0; + let input = source.as_bytes(); + let mut i = 0usize; + + while i < input.len() { + i = skip_ws(input, i); + if i >= input.len() { + break; + } + let start = i; + let c = input[i]; + + if c.is_ascii_digit() { + let mut value: i64 = 0; + while i < input.len() && input[i].is_ascii_digit() { + value = value + .saturating_mul(10) + .saturating_add((input[i] - b'0') as i64); + i += 1; + } + let text = &source[start..i]; + out.push(Token { + kind: TokenKind::Int, + text, + value, + })?; + continue; + } + + if c == b'"' { + i += 1; + let str_start = i; + while i < input.len() && input[i] != b'"' { + i += 1; + } + if i >= input.len() { + return Err(LexError::UnterminatedString); + } + let text = &source[str_start..i]; + i += 1; + out.push(Token { + kind: TokenKind::String, + text, + value: 0, + })?; + continue; + } + + if is_ident_start(c) { + i += 1; + while i < input.len() && is_ident_continue(input[i]) { + i += 1; + } + let text = &source[start..i]; + let kind = keyword(text).unwrap_or(TokenKind::Ident); + out.push(Token { + kind, + text, + value: 0, + })?; + continue; + } + + let (kind, advance) = match c { + b'(' => (TokenKind::LParen, 1), + b')' => (TokenKind::RParen, 1), + b'{' => (TokenKind::LBrace, 1), + b'}' => (TokenKind::RBrace, 1), + b';' => (TokenKind::Semicolon, 1), + b'+' => (TokenKind::Plus, 1), + b'-' => (TokenKind::Minus, 1), + b'*' => (TokenKind::Star, 1), + b'/' => (TokenKind::Slash, 1), + b'=' if i + 1 < input.len() && input[i + 1] == b'=' => (TokenKind::Eq, 2), + b'=' => (TokenKind::Assign, 1), + b'!' if i + 1 < input.len() && input[i + 1] == b'=' => (TokenKind::Ne, 2), + b'<' if i + 1 < input.len() && input[i + 1] == b'=' => (TokenKind::Le, 2), + b'<' => (TokenKind::Lt, 1), + b'>' if i + 1 < input.len() && input[i + 1] == b'=' => (TokenKind::Ge, 2), + b'>' => (TokenKind::Gt, 1), + _ => return Err(LexError::UnexpectedChar), + }; + i += advance; + out.push(Token { + kind, + text: &source[start..i], + value: 0, + })?; + } + + out.push(Token { + kind: TokenKind::Eof, + text: "", + value: 0, + })?; + Ok(()) +} diff --git a/userland/mendo/src/main.rs b/userland/mendo/src/main.rs new file mode 100644 index 0000000..7b5f9bb --- /dev/null +++ b/userland/mendo/src/main.rs @@ -0,0 +1,54 @@ +//! Mendo — minimal ring-3 scripting language for Clan OS. + +#![no_std] +#![no_main] + +mod interp; +mod lexer; +mod parser; +mod syscall; + +use lexer::{tokenize, LexError, TokenBuf}; +use parser::{parse, ParseError, Program}; + +const SCRIPT: &str = r#" +print "hello from mendo\n"; +let x = 1; +if x == 1 { + print "x is one\n"; +} +while x < 3 { + print x; + x = x + 1; +} +"#; + +fn run_script() -> u64 { + let mut tokens = TokenBuf::new(); + if tokenize(SCRIPT, &mut tokens).is_err() { + return 2; + } + let mut program = Program::new(); + if parse(&tokens, &mut program).is_err() { + return 3; + } + interp::run(&program); + 0 +} + +#[no_mangle] +pub extern "C" fn _start() -> ! { + let code = run_script(); + syscall::sys_exit(code); +} + +#[panic_handler] +fn panic(_info: &core::panic::PanicInfo) -> ! { + syscall::sys_exit(99); +} + +#[allow(dead_code)] +fn _lex_errors() { + let _ = LexError::UnexpectedChar; + let _ = ParseError::UnexpectedToken; +} diff --git a/userland/mendo/src/parser.rs b/userland/mendo/src/parser.rs new file mode 100644 index 0000000..51a9c83 --- /dev/null +++ b/userland/mendo/src/parser.rs @@ -0,0 +1,280 @@ +//! Recursive-descent parser for Mendo. + +use crate::lexer::{Token, TokenBuf, TokenKind}; + +const MAX_STMTS: usize = 24; +const MAX_EXPRS: usize = 32; + +#[derive(Debug, Clone, Copy)] +pub enum BinOp { + Add, + Sub, + Mul, + Div, + Eq, + Ne, + Lt, + Le, + Gt, + Ge, +} + +#[derive(Debug, Clone, Copy)] +pub enum Expr<'a> { + Int(i64), + Var(&'a str), + Bin(BinOp, u8, u8), +} + +#[derive(Debug, Clone, Copy)] +pub enum Stmt<'a> { + PrintExpr(u8), + PrintStr(&'a str), + Let(&'a str, u8), + Assign(&'a str, u8), + If { + cond: u8, + then_start: u16, + then_len: u16, + else_start: u16, + else_len: u16, + }, + While { + cond: u8, + body_start: u16, + body_len: u16, + }, +} + +#[derive(Debug)] +pub enum ParseError { + UnexpectedToken, + TooManyNodes, +} + +pub struct Program<'a> { + pub stmts: [Stmt<'a>; MAX_STMTS], + pub stmt_count: usize, + pub exprs: [Expr<'a>; MAX_EXPRS], + pub expr_count: usize, +} + +impl<'a> Program<'a> { + pub const fn new() -> Self { + Self { + stmts: [Stmt::PrintExpr(0); MAX_STMTS], + stmt_count: 0, + exprs: [Expr::Int(0); MAX_EXPRS], + expr_count: 0, + } + } +} + +struct Parser<'a, 'tok> { + tokens: &'tok TokenBuf<'a>, + pos: usize, + program: &'tok mut Program<'a>, +} + +impl<'a, 'tok> Parser<'a, 'tok> { + fn current(&self) -> Token<'a> { + self.tokens.tokens[self.pos] + } + + fn bump(&mut self) { + if self.pos + 1 < self.tokens.len { + self.pos += 1; + } + } + + fn expect(&mut self, kind: TokenKind) -> Result<(), ParseError> { + if self.current().kind == kind { + self.bump(); + Ok(()) + } else { + Err(ParseError::UnexpectedToken) + } + } + + fn push_expr(&mut self, expr: Expr<'a>) -> Result<u8, ParseError> { + if self.program.expr_count >= MAX_EXPRS { + return Err(ParseError::TooManyNodes); + } + let id = self.program.expr_count as u8; + self.program.exprs[id as usize] = expr; + self.program.expr_count += 1; + Ok(id) + } + + fn push_stmt(&mut self, stmt: Stmt<'a>) -> Result<(), ParseError> { + if self.program.stmt_count >= MAX_STMTS { + return Err(ParseError::TooManyNodes); + } + self.program.stmts[self.program.stmt_count] = stmt; + self.program.stmt_count += 1; + Ok(()) + } + + fn parse_cmp(&mut self) -> Result<u8, ParseError> { + let mut left = self.parse_add()?; + loop { + let op = match self.current().kind { + TokenKind::Eq => BinOp::Eq, + TokenKind::Ne => BinOp::Ne, + TokenKind::Lt => BinOp::Lt, + TokenKind::Le => BinOp::Le, + TokenKind::Gt => BinOp::Gt, + TokenKind::Ge => BinOp::Ge, + _ => break, + }; + self.bump(); + let right = self.parse_add()?; + left = self.push_expr(Expr::Bin(op, left, right))?; + } + Ok(left) + } + + fn parse_add(&mut self) -> Result<u8, ParseError> { + let mut left = self.parse_mul()?; + loop { + let op = match self.current().kind { + TokenKind::Plus => BinOp::Add, + TokenKind::Minus => BinOp::Sub, + _ => break, + }; + self.bump(); + let right = self.parse_mul()?; + left = self.push_expr(Expr::Bin(op, left, right))?; + } + Ok(left) + } + + fn parse_mul(&mut self) -> Result<u8, ParseError> { + let mut left = self.parse_primary()?; + loop { + let op = match self.current().kind { + TokenKind::Star => BinOp::Mul, + TokenKind::Slash => BinOp::Div, + _ => break, + }; + self.bump(); + let right = self.parse_primary()?; + left = self.push_expr(Expr::Bin(op, left, right))?; + } + Ok(left) + } + + fn parse_primary(&mut self) -> Result<u8, ParseError> { + match self.current().kind { + TokenKind::Int => { + let value = self.current().value; + self.bump(); + self.push_expr(Expr::Int(value)) + } + TokenKind::Ident => { + let name = self.current().text; + self.bump(); + self.push_expr(Expr::Var(name)) + } + TokenKind::LParen => { + self.bump(); + let expr = self.parse_cmp()?; + self.expect(TokenKind::RParen)?; + Ok(expr) + } + _ => Err(ParseError::UnexpectedToken), + } + } + + fn parse_block(&mut self) -> Result<(u16, u16), ParseError> { + self.expect(TokenKind::LBrace)?; + let start = self.program.stmt_count as u16; + while self.current().kind != TokenKind::RBrace && self.current().kind != TokenKind::Eof { + self.parse_stmt()?; + } + self.expect(TokenKind::RBrace)?; + Ok((start, (self.program.stmt_count as u16).saturating_sub(start))) + } + + fn parse_stmt(&mut self) -> Result<(), ParseError> { + match self.current().kind { + TokenKind::Print => { + self.bump(); + if self.current().kind == TokenKind::String { + let text = self.current().text; + self.bump(); + self.push_stmt(Stmt::PrintStr(text))?; + } else { + let expr = self.parse_cmp()?; + self.push_stmt(Stmt::PrintExpr(expr))?; + } + self.expect(TokenKind::Semicolon)?; + } + TokenKind::Let => { + self.bump(); + let name = self.current().text; + self.expect(TokenKind::Ident)?; + self.expect(TokenKind::Assign)?; + let expr = self.parse_cmp()?; + self.push_stmt(Stmt::Let(name, expr))?; + self.expect(TokenKind::Semicolon)?; + } + TokenKind::If => { + self.bump(); + let cond = self.parse_cmp()?; + let (then_start, then_len) = self.parse_block()?; + let (else_start, else_len) = if self.current().kind == TokenKind::Else { + self.bump(); + self.parse_block()? + } else { + (self.program.stmt_count as u16, 0) + }; + self.push_stmt(Stmt::If { + cond, + then_start, + then_len, + else_start, + else_len, + })?; + } + TokenKind::While => { + self.bump(); + let cond = self.parse_cmp()?; + let (body_start, body_len) = self.parse_block()?; + self.push_stmt(Stmt::While { + cond, + body_start, + body_len, + })?; + } + TokenKind::Ident => { + let name = self.current().text; + self.bump(); + self.expect(TokenKind::Assign)?; + let expr = self.parse_cmp()?; + self.push_stmt(Stmt::Assign(name, expr))?; + self.expect(TokenKind::Semicolon)?; + } + _ => return Err(ParseError::UnexpectedToken), + } + Ok(()) + } + + fn parse_program(&mut self) -> Result<(), ParseError> { + while self.current().kind != TokenKind::Eof { + self.parse_stmt()?; + } + Ok(()) + } +} + +pub fn parse<'a>(tokens: &TokenBuf<'a>, program: &mut Program<'a>) -> Result<(), ParseError> { + program.stmt_count = 0; + program.expr_count = 0; + let mut parser = Parser { + tokens, + pos: 0, + program, + }; + parser.parse_program() +} diff --git a/userland/mendo/src/syscall.rs b/userland/mendo/src/syscall.rs new file mode 100644 index 0000000..a9c2414 --- /dev/null +++ b/userland/mendo/src/syscall.rs @@ -0,0 +1,38 @@ +//! Clan OS compat syscalls (`docs/ABI_SYSCALL.md`). + +const SYS_EXIT_PROCESS: u64 = 61; +const SYS_WRITE_FD: u64 = 69; + +/// Write up to `len` bytes from `buf` to `fd` (typically stdout = 1). +#[inline(always)] +pub fn sys_write(fd: u64, buf: *const u8, len: usize) -> i64 { + let ret: u64; + unsafe { + core::arch::asm!( + "syscall", + in("rax") SYS_WRITE_FD, + in("rdi") fd, + in("rsi") buf as u64, + in("rdx") len as u64, + lateout("rax") ret, + options(nostack) + ); + } + ret as i64 +} + +/// Terminate the process with `code`. +#[inline(always)] +pub fn sys_exit(code: u64) -> ! { + unsafe { + core::arch::asm!( + "syscall", + in("rax") SYS_EXIT_PROCESS, + in("rdi") code, + options(nostack, nomem) + ); + } + loop { + core::hint::spin_loop(); + } +} diff --git a/userland/ring3-io-demo/.cargo/config.toml b/userland/ring3-io-demo/.cargo/config.toml new file mode 100644 index 0000000..c57e885 --- /dev/null +++ b/userland/ring3-io-demo/.cargo/config.toml @@ -0,0 +1,6 @@ +[target.x86_64-unknown-none] +rustflags = [ + "-C", "relocation-model=static", + "-C", "link-arg=-Tlinker.ld", + "-C", "link-arg=-no-pie", +] diff --git a/userland/ring3-io-demo/Cargo.toml b/userland/ring3-io-demo/Cargo.toml new file mode 100644 index 0000000..c59be9e --- /dev/null +++ b/userland/ring3-io-demo/Cargo.toml @@ -0,0 +1,12 @@ +[package] +name = "ring3-io-demo" +version = "0.1.0" +edition = "2021" +license = "Apache-2.0" +description = "Clan OS clan-rt ring-3 open/read/write/close demo" + +[[bin]] +name = "ring3-io-demo" +path = "src/main.rs" + +[dependencies] diff --git a/userland/ring3-io-demo/linker.ld b/userland/ring3-io-demo/linker.ld new file mode 100644 index 0000000..a968378 --- /dev/null +++ b/userland/ring3-io-demo/linker.ld @@ -0,0 +1,25 @@ +/* Match Clan OS user ELF load base (see storage.rs /bin/hello fixtures). */ +ENTRY(_start) + +SECTIONS +{ + . = 0x400000; + + .text : ALIGN(4096) { + KEEP(*(.text._start)) + *(.text .text.*) + } + + .rodata : ALIGN(4096) { + *(.rodata .rodata.*) + } + + .data : ALIGN(4096) { + *(.data .data.*) + } + + .bss : ALIGN(4096) { + *(.bss .bss.*) + *(COMMON) + } +} diff --git a/userland/ring3-io-demo/src/main.rs b/userland/ring3-io-demo/src/main.rs new file mode 100644 index 0000000..3c8ad96 --- /dev/null +++ b/userland/ring3-io-demo/src/main.rs @@ -0,0 +1,54 @@ +//! Ring-3 demo: open `/README.txt`, read via VFS, write to serial stdout. + +#![no_std] +#![no_main] + +mod syscall; + +const README_PATH: &str = "/README.txt"; +const EXPECTED: &[u8] = b"Clan OS persistent storage"; + +const READ_LEN: usize = 64; + +static mut READ_BUF: [u8; READ_LEN] = [0u8; READ_LEN]; + +fn bytes_match_prefix(buf: &[u8], prefix: &[u8]) -> bool { + if buf.len() < prefix.len() { + return false; + } + buf[..prefix.len()] == *prefix +} + +#[no_mangle] +pub extern "C" fn _start() -> ! { + let fd = syscall::sys_open(README_PATH.as_ptr()); + if fd < 0 { + syscall::sys_exit(1); + } + + let n = syscall::sys_read( + fd as u64, + unsafe { READ_BUF.as_mut_ptr() }, + READ_LEN, + ); + if n <= 0 { + syscall::sys_exit(2); + } + + let slice = unsafe { &READ_BUF[..n as usize] }; + if !bytes_match_prefix(slice, EXPECTED) { + syscall::sys_exit(3); + } + + if syscall::sys_write(1, slice.as_ptr(), slice.len()) <= 0 { + syscall::sys_exit(4); + } + let _ = syscall::sys_write(1, b"\n".as_ptr(), 1); + let _ = syscall::sys_close(fd as u64); + syscall::sys_exit(0); +} + +#[panic_handler] +fn panic(_info: &core::panic::PanicInfo) -> ! { + syscall::sys_exit(99); +} diff --git a/userland/ring3-io-demo/src/syscall.rs b/userland/ring3-io-demo/src/syscall.rs new file mode 100644 index 0000000..9a86b4f --- /dev/null +++ b/userland/ring3-io-demo/src/syscall.rs @@ -0,0 +1,86 @@ +//! Clan OS compat syscalls for ring-3 I/O demo (`docs/ABI_SYSCALL.md`). + +const SYS_EXIT_PROCESS: u64 = 61; +const SYS_OPEN_FILE: u64 = 66; +const SYS_CLOSE_FILE: u64 = 67; +const SYS_READ_FD: u64 = 68; +const SYS_WRITE_FD: u64 = 69; + +#[inline(always)] +pub fn sys_open(path: *const u8) -> i64 { + let ret: u64; + unsafe { + core::arch::asm!( + "syscall", + in("rax") SYS_OPEN_FILE, + in("rdi") path as u64, + lateout("rax") ret, + options(nostack) + ); + } + ret as i64 +} + +#[inline(always)] +pub fn sys_close(fd: u64) -> i64 { + let ret: u64; + unsafe { + core::arch::asm!( + "syscall", + in("rax") SYS_CLOSE_FILE, + in("rdi") fd, + lateout("rax") ret, + options(nostack) + ); + } + ret as i64 +} + +#[inline(always)] +pub fn sys_read(fd: u64, buf: *mut u8, len: usize) -> i64 { + let ret: u64; + unsafe { + core::arch::asm!( + "syscall", + in("rax") SYS_READ_FD, + in("rdi") fd, + in("rsi") buf as u64, + in("rdx") len as u64, + lateout("rax") ret, + options(nostack) + ); + } + ret as i64 +} + +#[inline(always)] +pub fn sys_write(fd: u64, buf: *const u8, len: usize) -> i64 { + let ret: u64; + unsafe { + core::arch::asm!( + "syscall", + in("rax") SYS_WRITE_FD, + in("rdi") fd, + in("rsi") buf as u64, + in("rdx") len as u64, + lateout("rax") ret, + options(nostack) + ); + } + ret as i64 +} + +#[inline(always)] +pub fn sys_exit(code: u64) -> ! { + unsafe { + core::arch::asm!( + "syscall", + in("rax") SYS_EXIT_PROCESS, + in("rdi") code, + options(nostack, nomem) + ); + } + loop { + core::hint::spin_loop(); + } +} diff --git a/userland/sig-demo/.cargo/config.toml b/userland/sig-demo/.cargo/config.toml new file mode 100644 index 0000000..c57e885 --- /dev/null +++ b/userland/sig-demo/.cargo/config.toml @@ -0,0 +1,6 @@ +[target.x86_64-unknown-none] +rustflags = [ + "-C", "relocation-model=static", + "-C", "link-arg=-Tlinker.ld", + "-C", "link-arg=-no-pie", +] diff --git a/userland/sig-demo/Cargo.toml b/userland/sig-demo/Cargo.toml new file mode 100644 index 0000000..f652e80 --- /dev/null +++ b/userland/sig-demo/Cargo.toml @@ -0,0 +1,13 @@ +[package] +name = "sig-demo" +version = "0.1.0" +edition = "2021" +license = "Apache-2.0" +description = "Clan OS ring-3 demo — SIGUSR1 handler + SigReturn" + +[[bin]] +name = "sig-demo" +path = "src/main.rs" + +[dependencies] +clan-rt = { path = "..", default-features = false, features = ["ring3"] } diff --git a/userland/sig-demo/linker.ld b/userland/sig-demo/linker.ld new file mode 100644 index 0000000..a968378 --- /dev/null +++ b/userland/sig-demo/linker.ld @@ -0,0 +1,25 @@ +/* Match Clan OS user ELF load base (see storage.rs /bin/hello fixtures). */ +ENTRY(_start) + +SECTIONS +{ + . = 0x400000; + + .text : ALIGN(4096) { + KEEP(*(.text._start)) + *(.text .text.*) + } + + .rodata : ALIGN(4096) { + *(.rodata .rodata.*) + } + + .data : ALIGN(4096) { + *(.data .data.*) + } + + .bss : ALIGN(4096) { + *(.bss .bss.*) + *(COMMON) + } +} diff --git a/userland/sig-demo/src/main.rs b/userland/sig-demo/src/main.rs new file mode 100644 index 0000000..3b7dd02 --- /dev/null +++ b/userland/sig-demo/src/main.rs @@ -0,0 +1,47 @@ +//! Ring-3 smoke: register SIGUSR1 handler, self-kill, delivery on syscall return, SigReturn. + +#![no_std] +#![no_main] + +use core::sync::atomic::{AtomicU32, Ordering}; + +use clan_rt::ring3_syscall::{ + sys_exit, sys_gettick, sys_kill, sys_sigaction, sys_sigreturn, sys_write, +}; + +const SIGUSR1: u64 = 10; +const SIG_DFL: u64 = 0; + +static HANDLED: AtomicU32 = AtomicU32::new(0); + +#[no_mangle] +#[inline(never)] +extern "C" fn sigusr1_handler() -> ! { + HANDLED.store(1, Ordering::Relaxed); + sys_sigreturn(); +} + +#[no_mangle] +pub extern "C" fn _start() -> ! { + let handler = sigusr1_handler as u64; + if sys_sigaction(SIGUSR1, handler) != SIG_DFL as i64 { + sys_exit(1); + } + if sys_kill(0, SIGUSR1) != 0 { + sys_exit(2); + } + let _tick = sys_gettick(); + if HANDLED.load(Ordering::Relaxed) != 1 { + sys_exit(3); + } + let msg = b"sig ok\n"; + if sys_write(1, msg.as_ptr(), msg.len()) <= 0 { + sys_exit(4); + } + sys_exit(0); +} + +#[panic_handler] +fn panic(_info: &core::panic::PanicInfo) -> ! { + sys_exit(99); +} diff --git a/userland/src/bin/demo_hello.rs b/userland/src/bin/demo_hello.rs index 2c1ea18..ea87a7e 100644 --- a/userland/src/bin/demo_hello.rs +++ b/userland/src/bin/demo_hello.rs @@ -1,6 +1,6 @@ //! Demo userland program — FS install hook target (epoch 2). fn main() { - let msg = ares_rt::demo_message(); + let msg = clan_rt::demo_message(); print!("{msg}"); } diff --git a/userland/src/heap.rs b/userland/src/heap.rs new file mode 100644 index 0000000..127dc74 --- /dev/null +++ b/userland/src/heap.rs @@ -0,0 +1,51 @@ +//! Bump allocator for ring-3 programs (static `.bss` region). + +#![allow(unsafe_code)] + +use core::alloc::{GlobalAlloc, Layout}; +use core::sync::atomic::{AtomicUsize, Ordering}; + +/// Static heap size — kept small so release ELFs fit `exec_image::MAX_IMAGE_SIZE`. +pub const HEAP_SIZE: usize = 8192; + +static mut HEAP: [u8; HEAP_SIZE] = [0; HEAP_SIZE]; +static HEAP_NEXT: AtomicUsize = AtomicUsize::new(0); + +struct BumpAllocator; + +unsafe impl GlobalAlloc for BumpAllocator { + unsafe fn alloc(&self, layout: Layout) -> *mut u8 { + let align = layout.align().max(1); + let size = layout.size(); + loop { + let current = HEAP_NEXT.load(Ordering::Relaxed); + let aligned = (current + align - 1) & !(align - 1); + let end = aligned.saturating_add(size); + if end > HEAP_SIZE { + return core::ptr::null_mut(); + } + if HEAP_NEXT + .compare_exchange(current, end, Ordering::Relaxed, Ordering::Relaxed) + .is_ok() + { + let base = core::ptr::addr_of_mut!(HEAP) as *mut u8; + return base.add(aligned); + } + } + } + + unsafe fn dealloc(&self, _ptr: *mut u8, _layout: Layout) { + // Bump allocator — no individual free until `heap_reset`. + } +} + +#[global_allocator] +static ALLOCATOR: BumpAllocator = BumpAllocator; + +pub fn heap_reset() { + HEAP_NEXT.store(0, Ordering::Relaxed); +} + +pub fn heap_used() -> usize { + HEAP_NEXT.load(Ordering::Relaxed) +} diff --git a/userland/src/lib.rs b/userland/src/lib.rs index 55157c2..28f10d6 100644 --- a/userland/src/lib.rs +++ b/userland/src/lib.rs @@ -1,17 +1,29 @@ -//! ares-rt — userspace runtime stubs (epoch 2). -//! See docs/specs/ABI_ARES_RT.md. +//! clan-rt — Clan OS userspace runtime stubs (epoch 2). +//! See docs/specs/ABI_CLAN_RT.md. +//! +//! Crate and manifest identifiers (`clan-rt`, `clan-exec-v1`) are stable ABI names. #![no_std] -#![forbid(unsafe_code)] +#![deny(unsafe_code)] -/// Compat syscall write (host demo uses stdio). -pub const SYS_WRITE: u64 = 1; +pub mod syscalls; + +#[cfg(feature = "ring3")] +pub mod ring3_syscall; + +#[cfg(feature = "ring3-heap")] +pub mod heap; + +pub use syscalls::{SYS_CLOSE, SYS_EXIT, SYS_OPEN, SYS_READ, SYS_WRITE}; + +/// Legacy alias kept for host demo sources. +pub const SYS_WRITE_FD: u64 = SYS_WRITE; /// Native syscall base (kernel G4). pub const NATIVE_SYSCALL_BASE: u64 = 256; #[derive(Debug, Clone, Copy, PartialEq, Eq)] -pub enum AresRtError { +pub enum ClanRtError { InvalidArg, Unsupported, } @@ -19,9 +31,9 @@ pub enum AresRtError { /// Forward stability: explicit recompile required each epoch until 1.0. pub const ABI_FORWARD_POLICY: &str = "recompile-required"; -pub const ABI_VERSION: &str = "ares-rt-0.1.0"; +pub const ABI_VERSION: &str = "clan-rt-0.1.0"; /// Demo entry — host builds print via std in demo binary. pub fn demo_message() -> &'static str { - "ares-rt demo: hello from userland\n" + "Clan OS demo: hello from userland\n" } diff --git a/userland/src/ring3_syscall.rs b/userland/src/ring3_syscall.rs new file mode 100644 index 0000000..f78b8bc --- /dev/null +++ b/userland/src/ring3_syscall.rs @@ -0,0 +1,146 @@ +//! Ring-3 `syscall`/`sysret` stubs (`docs/ABI_SYSCALL.md`). + +#![allow(unsafe_code)] + +use super::syscalls::{SYS_CLOSE, SYS_EXIT, SYS_OPEN, SYS_READ, SYS_WRITE}; + +#[inline(always)] +pub fn sys_open(path: *const u8) -> i64 { + let ret: u64; + unsafe { + core::arch::asm!( + "syscall", + in("rax") SYS_OPEN, + in("rdi") path as u64, + lateout("rax") ret, + options(nostack) + ); + } + ret as i64 +} + +#[inline(always)] +pub fn sys_close(fd: u64) -> i64 { + let ret: u64; + unsafe { + core::arch::asm!( + "syscall", + in("rax") SYS_CLOSE, + in("rdi") fd, + lateout("rax") ret, + options(nostack) + ); + } + ret as i64 +} + +#[inline(always)] +pub fn sys_read(fd: u64, buf: *mut u8, len: usize) -> i64 { + let ret: u64; + unsafe { + core::arch::asm!( + "syscall", + in("rax") SYS_READ, + in("rdi") fd, + in("rsi") buf as u64, + in("rdx") len as u64, + lateout("rax") ret, + options(nostack) + ); + } + ret as i64 +} + +#[inline(always)] +pub fn sys_write(fd: u64, buf: *const u8, len: usize) -> i64 { + let ret: u64; + unsafe { + core::arch::asm!( + "syscall", + in("rax") SYS_WRITE, + in("rdi") fd, + in("rsi") buf as u64, + in("rdx") len as u64, + lateout("rax") ret, + options(nostack) + ); + } + ret as i64 +} + +#[inline(always)] +pub fn sys_exit(code: u64) -> ! { + unsafe { + core::arch::asm!( + "syscall", + in("rax") SYS_EXIT, + in("rdi") code, + options(nostack, nomem) + ); + } + loop { + core::hint::spin_loop(); + } +} + +#[inline(always)] +pub fn sys_gettick() -> u64 { + let ret: u64; + unsafe { + core::arch::asm!( + "syscall", + in("rax") super::syscalls::SYS_GETTICK, + in("rdi") 0u64, + lateout("rax") ret, + options(nostack) + ); + } + ret +} + +#[inline(always)] +pub fn sys_kill(pid: u64, signo: u64) -> i64 { + let ret: u64; + unsafe { + core::arch::asm!( + "syscall", + in("rax") super::syscalls::SYS_KILL, + in("rdi") pid, + in("rsi") signo, + lateout("rax") ret, + options(nostack) + ); + } + ret as i64 +} + +#[inline(always)] +pub fn sys_sigaction(signo: u64, handler: u64) -> i64 { + let ret: u64; + unsafe { + core::arch::asm!( + "syscall", + in("rax") super::syscalls::SYS_SIGACTION, + in("rdi") signo, + in("rsi") handler, + lateout("rax") ret, + options(nostack) + ); + } + ret as i64 +} + +#[inline(never)] +pub fn sys_sigreturn() -> ! { + unsafe { + core::arch::asm!( + "syscall", + in("rax") super::syscalls::SYS_SIGRETURN, + in("rdi") 0u64, + options(nostack, nomem) + ); + } + loop { + core::hint::spin_loop(); + } +} diff --git a/userland/src/syscalls.rs b/userland/src/syscalls.rs new file mode 100644 index 0000000..2b638a4 --- /dev/null +++ b/userland/src/syscalls.rs @@ -0,0 +1,20 @@ +//! Clan OS compat syscall IDs for clan-rt (`docs/ABI_SYSCALL.md`). + +/// `SyscallId::WriteFd` — write to an open file descriptor. +pub const SYS_WRITE: u64 = 69; +/// `SyscallId::ReadFd` — read from an open file descriptor. +pub const SYS_READ: u64 = 68; +/// `SyscallId::OpenFile` — open a path and return a file descriptor. +pub const SYS_OPEN: u64 = 66; +/// `SyscallId::CloseFile` — close a file descriptor. +pub const SYS_CLOSE: u64 = 67; +/// `SyscallId::ExitProcess` — terminate the current process. +pub const SYS_EXIT: u64 = 61; +/// `SyscallId::GetTickCount` +pub const SYS_GETTICK: u64 = 1; +/// `SyscallId::Kill` +pub const SYS_KILL: u64 = 83; +/// `SyscallId::SigActionLite` +pub const SYS_SIGACTION: u64 = 84; +/// `SyscallId::SigReturn` +pub const SYS_SIGRETURN: u64 = 86;