Skip to content
RISC-V Microkernel Tutorial

What We Are Building

The finished tutorial kernel is a microkernel-shaped teaching kernel:

  • the kernel runs in S-mode
  • user programs run in U-mode
  • each process has its own page table
  • user code talks to the kernel through ecall
  • processes communicate through synchronous endpoints

The kernel still includes some services that a mature microkernel would push into user space. Console output and process loading are the obvious examples. That is intentional: the tutorial introduces isolation and IPC first, then moves services out later.

The first chapter is a temporary exception: it boots as a tiny M-mode image with -bios none. That checkpoint exists to make reset, the linker address, the boot stack, and UART MMIO concrete before OpenSBI takes over machine mode in Chapter 2.

Core Boundary

Section titled “Core Boundary”

The central boundary is the user/kernel trap path.

user process
  ecall or timer interrupt
    -> trampoline saves user registers
    -> kernel restores its page table
    -> Rust trap handler decodes the cause
    -> scheduler updates process state
    -> trampoline restores user registers
  sret
user process resumes

Once that path is correct, everything else in the tutorial has somewhere to attach.

Microkernel Direction

Section titled “Microkernel Direction”

The endpoint code is the first microkernel-specific mechanism. A sender and receiver meet at an endpoint. If the partner is not waiting, the caller blocks. When the partner arrives, the kernel transfers register-sized message words and wakes both processes.

Capabilities are the next step. Raw endpoint IDs are easy to teach, but they are forgeable. Capabilities make access explicit and unforgeable.