Introduced release of the project Asterinas 0.18, developing a kernel written in the Rust language and intended for use in general-purpose operating systems. The kernel provides an ABI (Application Binary Interface) that is compatible with the Linux kernel and can be used instead. In parallel, the Asterinas NixOS distribution is being developed, combining the Asterinas kernel with the NixOS system environment. The project code is distributed under the MPL (Mozilla Public License).
Currently, about 240 Linux system calls are implemented in the kernel. In the Asterinas NixOS distribution, more than 100 packages from NixOS have been verified to work on top of the Asterinas kernel. Supported packages include: Xfce, Firefox, bash, systemd, Podman, QEMU, rsync, Apache httpd, nginx, SQLite, Redis, Clang, GCC, Go, Lua, Node.js, OpenJDK, Perl, PHP, Python, Ruby, Rust, Git, FFmpeg, PyTorch, TensorFlow, Ollama and Codex.
In the kernel Full support for the x86-64 architecture is provided, partial support for RISC-V 64 and x86-64 with isolation based on Intel TDX, as well as initial support for the LoongArch 64 architecture. Among the priority areas of application are systems based on the Linux ABI, but requiring a higher level of security. For example, Asterinas is proposed to be used to form a system environment of protected virtual machines, for the isolation of which technologies such as ARM CCA, AMD SEV and Intel TDX are used, as well as on the side of the host system that runs containers.
To reduce the likelihood of errors when working with memory, which are the main source of the most dangerous vulnerabilities, when writing Asterinas, the Rust language and the tactics of limited use of unsafe blocks are used. The kernel is built using the framekernel architecture,