Repository files navigation

Escape is a UNIX-like microkernel operating system on which I'm working sinceOctober 2008. It's implemented in C, C++ and a bit Assembler. I'm trying towrite all code myself to maximize the learning effect and the fun, butthere are some cases where it just gets too time consuming to do that. Thus,I'm using the bootloader GRUB, libgcc, libsupc++ and x86emu.

Escape runs on x86, x86_64, ECO32 and MMIX.ECO32 is a 32-bit big-endian RISCarchitecture, created by Hellwig Geisse at the University of Applied Sciencesin Gießen for research and teaching purposes.MMIX is a 64-bit big-endian RISC architecture, developed by Donald Knuth asthe successor of MIX, which is the abstract machine that is used in the famousbookseries The Art of Computer Programming. More precisely, Escape runs onlyonGIMMIX, a simulator for MMIXdeveloped by myself for my master thesis (the differences are minimal, butcurrently required for Escape).

If you just want to take a quick look, you'll findscreenshots andready-to-useimages inthe wiki.

Escape consists of a kernel, drivers, libraries and user applications. Thekernel is responsible for processes, threads, memory management, a virtualfile system (VFS) and some other things. Drivers run in user space and workvia message passing. They do not necessarily access the hardware and shouldtherefore more seen as an instance that provides a service.

The VFS is one of the central points of Escape. Besides the opportunity tocreate files and folders in it, it is used to provide information about thestate of the system for the user space (memory usage, CPU, runningprocesses, ...). Most important, the VFS is used to communicate with devices,which are registered and handled by drivers. That means, each device getsa node in the VFS over which it can be accessed. So, for example anopen("/dev/zero",...) would open the device "zero". Afterwards one can usethe received file descriptor to communicate with it.

Basically, the communication works over messages. Escape provides thesystem callssend andreceive for that purpose. Additionally, Escape definesstandard messages foropen,read,write andclose, which devicesmay support. For example, when using theread system call with afile descriptor for a device, Escape will send the read message tothe corresponding device and handle the communication for the user program.As soon as the answer is available, the result is passed back to theuser program that calledread.Because of this mechanism the user space doesn't have to distinguish betweenvirtual files, "real" files and devices. So, for example the tool cat cansimply do anopen and useread to read from that file andwrite towrite to stdout.

The same mechanism is used for filesystems, which can be mounted somewherein the VFS. If a file is opened which belongs to one of these mountedfilesystems, the kernel will handle the communication with the driver thathas been registers as being responsible for this filesystem. This does notonly serve for getting filesystems out of the kernel, but does also providethe possibility to use the filesystem interface whenever it fits. For example,Escape has a ftpfs that allows you to access a FTP server by mounting itsomewhere and a tarfs to access and/or change a tar file.

Escape has also an interesting sandboxing mechanism, which causes noperformance overhead, can be used by unprivileged users (non-root) andis nestable (sandboxed processes can create sandboxes). In general, Escapedoes not allow to upgrade privileges, but only to downgrade them. To downgradepermissions, the sandbox application can be used. It allows to leave groupsto restrict the access to drivers and services. And it allows to remountdirectories in the filesystem to reduce the permissions of entire subtrees.Let's consider a (non-existing) music player as an example. We could usesandbox to:

• leave all groups, except audio
• remove all access to the filesystem, except read+exec permission to its owndirectory containing the executable, libraries, etc. and read permission tothe directory that contains the music library.

Although the music player runs with our user, which makes sandboxing simple,it can't cause any harm to the rest of the system.

Escape has currently the following features:

• Kernel
  • Memory management supporting copy-on-write, text sharing,shared libraries, shared memory, mapping of physical mem (e.g. VESA),demand loading and swapping
  • Process and thread management, scheduler, ELF loader, groups, signals,semaphores (are also used to pass interrupts to drivers) andtimer management (for sleeping and preemption)
  • SMP support, CPU detection and CPU-speed calculation, FPU support
  • Virtual file system for driver access, accessing the filesystems,creating virtual files and directories and providing information aboutthe system (memory usage, cpu, running processes, ...)
  • Debugging console
• libc
  Except of some IMO not very important things like locale, math and so on,most of a C standard library exists by now.
• libcpp
  The C++ standard library isn't that complete as the libc. But the most basicthings like string, iostreams, vector, list, tuple, map, algorithm and a fewother things are available (some of them are a bit simpler than the standardspecifies it). That means, one can develop applications with the library whenone doesn't need the more exotic stuff ;)
• libesc
  Many abstractions specifically for Escape. Most important, it contains classesto communicate with certain types of devices like the window managers, NICs,TCP/IP stacks and so on. Additionally, the library provides classes toimplement devices.
• libgui
  The GUI library isn't finished yet, but does already provide things likebasic controls, layout manager, image support (BMP and PNG), event system(keypresses, ...) and so on. It is written in C++, which was one of the mainreason to provide C++ support in Escape.
• libz
  Contains classes for deflate/inflate, gzip and CRC32.
• drivers
  Escape has some architecture-specific drivers and some common drivers thatare architecture independent. Currently, there are:
  • common
    • ext2: a nearly complete ext2-rev0 fs
    • ftpfs: allows to access an FTP like an fs
    • http: presents a HTTP accessible resource as a file
    • init: is responsible for loading the drivers and restarting themon crashes. The file /etc/drivers defines the drivers to load.
    • initloader: Is loaded as boot module and is used as the first user process.Loads the other boot modules (disk driver, pci (on x86 only) and fsbecause we need them to load other drivers and user apps from the disk)and mounts the root filesystem. After that it replaces itself with init.
    • iso9660: a iso9660 fs (cd fs)
    • lo: the loopback driver
    • network: starts the network drivers according to PCI and creates linksfor them. On crashes, it restarts the driver.
    • pipe: realizes pipes
    • ramdisk: a fs backend that sits in RAM
    • tarfs: allows to access a tar like an fs
    • tcpip: a TCP/IP stack (v4 only atm)
    • uimng: multiplexes input and output devices between its clients.A client gets an UI which supplies him with keyboard and mouseevents and provides him a screen. Both text and graphical interfacesare supported. uimng has keyboard shortcuts for creating UIs andswitching between them.
    • vterm: a text-interface client of uimng that provides a layer ofabstraction for user processes that are textbased.
    • winmng: a GUI client of uimng that manages all existing windows. Getskeyboard and mouse events from uimng and forwards it to thecorresponding application.
    • random/null/zero: like /dev/{random,null,zero} in e.g. Linux
  • x86
    • ata: reading and writing from/to ATA/ATAPI devices. It supportsPIO-mode and DMA, LBA28 and LBA48.
    • e1000: network driver for Intel e1000 cards.
    • ne2k: network driver for NE2000 compatible cards
    • pci: collects the available PCI devices and gives others access tothem. This is e.g. used by ata to find the IDE controller.
    • ps2: a PS/2 driver with keyboard and mouse support. Gets notifiedabout interrupts, converts scancodes to keycodes and broadcastskeyboard/mouse events to all clients.
    • serial: provides a vterm interface for a serial port
    • speaker: produces beeps with the PC speaker with a specifiedfrequency and duration.
    • video: an output device for uimng that supports VGA and VESA. Ituses the BIOS via x86emu (to support x86 and x86_64) to get and setvideo modes. Clients establish a shared memory for the screen andtalk via messages with the driver to copy parts of it to the actualframebuffer.
  • ECO32/MMIX
    Both architectures have the same devices atm (the only difference is thatECO32 devices are accessed with 32-bit words and MMIX devices with 64-bitwords).
    • disk: the disk driver and therefore the equivalent to ata on x86.
    • keyb: the keyboard driver
    • term: provides a vterm interface for a terminal
    • video: the VGA driver
• user
  There are quite a few user programs so that you can actually do something withEscape ;) The most important ones are:
  • mount: creates a filesystem device and binds it to a path.
  • bind: binds an existing filesystem device to a different path.
  • dynlink: the dynamic linker of Escape that is started by the kernel, ifthe requested application is dynamically linked. It receives the fd forthe executable, loads all dependencies, does the relocation andinitialization and finally jumps to the application.
  • users, groups: tools to conveniently add, edit and delete users/groups.
  • (g)login: accepts username+password, sets uid, gid and further group idsusing /etc/users and /etc/groups, creates stdin, stdout and stderr, setsthe env vars CWD and USER and exchanges itself with the shell. There isone for the text interface and one for the GUI.
  • shell: The shell implements an interpreter for a small shell-scriptinglanguage with pipes, io redirection, path expansion, background jobs,arithmetic, loops, if statements, functions, variables and arrays.The interpreter is implemented with flex and bison.
  • cat, chmod, chown, cp, cut, date, dd, du, dump, find, grep, gunzip, gzip,head, id, killall, less, ln, ls, lscpu, lspci, mkdir, mke2fs, more, mv,ping, ps, pstree, readelf, rm, rmdir, size, sleep, sort, stat, strace, sync,tail, tar, tee, time, top, touch, truncate, umount, wc, xargs, yes: Thewell-known UNIX tools. They don't do exactly the same and are, of course,much simpler, but in principle they are intended for the same things.
  • ts: analogously to ps, ts lists all threads
  • power: for reboot / shutdown using init.
  • uictrl: a tool to show and set video modes, set keymap and list UIs
  • lsacpi: list ACPI tables
  • net-link: a tool for managing the network links (similar to ifconfig)
  • net-arp: a tool to manage the ARP tables
  • net-routes: a tool to manage the routing tables
  • dhcp: use DHCP to configure a network link
  • imginfo: show information about an image
  • plasma: shows a plasma animation in text mode, graphical mode or GUI window
  • sandbox: starts an application with restricted permissions (groups, mountspace)
  • cpugraph, desktop, fileman, gcalc, gclock, gsettings, guishell, slideshow:some GUI programs
  • ...

1. At first you need to build the cross compiler for the desiredarchitecture:
   $ cd cross
$ ./build.sh (i586|x86_64|eco32|mmix)
   This will download gcc and binutils, build the cross compiler and put itinto /opt/escape-cross-$arch.
2. Now you can build escape:
   $ cd ../source
$ export ESC_TARGET=$arch # choose $arch, if necessary (default: i586)
   $ ./b
3. To start it, you have to choose a boot script at boot/$ESC_TARGET/.E.g.:
   $ ./b run qemu-cd
4. For further information, take a look at./b -h