I started out by creating a dll file with all the system calls implemented. Later I learned how a kernel actually works. So I rewrote it, emulating an interrupt to run in a separate kernel space. Could you name some of the details you want described?
Maybe start with an explanation of what it does without referring to Cygwin? That would be for people unfamiliar with Cygwin. Edit: actually you already did that, but starting off with “not Cygwin” is confusing.
You could also explain how your approach differs from Cygwin, for people who do know it.
But it's still a user-mode program, not a VM, right? That would be a lot like "user-mode Linux", which is a project that compiles the Linux kernel as a user-mode program that essentially is somewhere between a container and a VM.
So what happens when you "boot" MinC? It sounds like it runs all the usual OpenBSD services and what not. But are all of those new Windows processes, or just new threads in the one MinC process?
Also, do processes inside MinC get to interact with the Windows host filesystem and networking in any way?
I hadn't heard the term library operating system before, but what is described at that link is nothing like your project.
The "kernel" referred to at that link is a full actual kernel, with networking, proceed scheduling, device drivers and hardware access, etc. It means the full implementation of those features. The reason it can be linked into the application's process as a library is because it's taking about a situation where there's only a single application running on the whole machine (presumably a virtual machine). The kernel and application then run together in a single memory space, with the kernel code (maybe the whole thing?) running in kernel mode.
You have implemented the user mode API that makes system calls to the (Windows) kernel. That is not a kernel in any sense. It is confusing and wrong to call it a kernel.
User mode Linux does actually run something like a real kernel in user space. OP is just providing a POSIX API with no kernel implementation whatsoever. It just forwards those calls to the Window's API. The library OS concept linked to above is different again – that is an actual kernel running in kernel mode but as part of a unikernel (kernel code and application code linked together into a single process).
Still pretty cool but overshadowed by the claim that they've written a whole kernel.
What I'm looking for is conceptually similar to cygwin - where the "kernel", or better worded - the POSIX API - is provided as a library, not as a separate process that communicates via IPC with the minC "app"'s process. However, unlike cygwin, there should be a static libminc.a (or .lib) that can be used to make standalone binaries that don't need an external DLL like cygwin1.dll. MingW is not an option here as it lacks too many POSIX apis, but it could serve as the base toolchain to compile minc itself, and the programs linking against it, by switching out (or overriding) the default library and include paths. Basically making it use MinC's libc and OS syscall layer, but keeping its WinAPI interface. That would allow cross-compiling minc applications from linux, without having to use a win32 binary toolchain. Alas, the short project description on the website and on the github repo don't address any of these (imo crucial) details.
> I started out by creating a dll file with all the system calls implemented. Later I learned how a kernel actually works. So I rewrote it, emulating an interrupt to run in a separate kernel space. Could you name some of the details you want described?
"to run in a separate kernel space" You emulated those interrupts, and they really run in a separate kernel space [1]? Or you mean it's emulated as if it runs in a separate kernel space?
If it's really running in kernel mode, as you are literally saying, how is it doing that? Is it running in some virtual machine manager like Hyper-V or as something like a driver in the Windows kernel? How does it interact with the hardware e.g. does it access the same file systems that Windows does, and how does it coordinate that?
Looking at the source code I don't see any references to the Windows WDK / DDK (driver development kit) but a lot of references to user-space Windows API functions. I also don't see most of the actual BSD kernel [2]. For example, could you point me at the process/thread scheduling code (like sched_bsd.c [3])? Are you sure it's a kernel? Are you sure it runs kernel space, not user space after all? It seems like it might actually be an abstraction layer that emulates the user-space BSD system calls but runs in user-mode and make use of (only) the Windows kernel. If so, what do you mean by "emulating an interrupt" - how are you intercepting them? If you're just providing the C API functions to link into the application, and that don't actually trigger those interrupts at all, that is something a lot less ambitious. Still something impressive and worthwhile but you're setting readers up for disappointment if you describe it as something that it isn't.
That is what Cygwin does by the way. It implements POSIX APIs in user space. It does not claim to be a kernel (because it's not) or to run in kernel mode (because it doesn't). The thing is, I can understand you may have chosen the name "MinC is not Cygwin" because it works in roughly the same sort of way as Cygwin but is a different implementation. But the name, along with the description as being "a tiny kernel", suggests that it's not Cygwin because it works in a fundamentally different way, i.e., running the actual BSD kernel in actual kernel mode.
Thanks for taking the time to read the source code and commenting on it. And you're right. My kernel is implemented in userspace, so I should use the term "kernel emulation". But I did find it fascinating to find out some of the reasons why a kernel is needed in the first place.
For starters, I needed to put the code of my kernel emulation (libposix-6.1.0.dll) at a specific memory address in order to get that snappy feeling when you start an OpenBSD program. Normally, 32bit DLLs in Windows are loaded at 0x10000000 (called the "ImageBase"). This causes the Windows kernel reposition the DLL because in most cases, other DLLs are already loaded there. In my case these are netapi32.dll, ws2_32.dll, iphlpapi.dll and shell32.dll among others. Making my DLLs load at an address just below the 0x10000000 boundary makes MinC programs load faster, in effect creating a space for my kernel, e.g. "kernel space".
Secondly, I needed some mechanism to reset the contents of the CPU's registers after calling into the various Windows DLLs which are not part of the Windows NT kernel. For instance, the WriteFile() function changes the %edx register, which is used by the GCC compiler to contain the high part of 64bit variables. Turns out I needed what is called a "context switch", saving the contents of all registers onto the stack, calling my kernel emulation and then restoring the registers from the stack. In Linux, this mechanism is triggered by a special interrupt (int 0x80). I decided to name the function that does this in my kernel emulation "__kernel", so in assembly I can write "call ___kernel" [0].
There is more, but I won't go into that right now. I plan to do a write-up on the topic. By the way, Microsoft also has a user space implementation of their kernel, called kernel32.dll, implementing Win32 APIs in user space.
What you've done is very impressive. But, as I've said elsewhere, it's overshadowed by you insisting on calling it a "kernel" when it's not. Please stop doing that, and please don't include that claim in your future write up of how it works. The thing is, some submissions to Hacker News are by people who really have written their own actual kernel so readers have no reason to doubt your claim. Many will believe you really have written (or ported) an actual operating system kernel and then be disappointed when they realise you haven't, rather than excited by what you have achieved.
> My kernel is implemented in userspace
Your kernel is not implemented in userspace, because you have not written a kernel. User mode Linux is an actual real kernel running in user space. It is just a totally different concept.
> I should use the term "kernel emulation"
No, you shouldn't. This is coming a bit closer to the truth but still wrong. You have emulated **the system call interface** of a kernel. The implementation of the system-call interface is only a teeny tiny part of a kernel.
> ... the code of my kernel emulation (libposix-6.1.0.dll) …
You mean, the code of your system-call interface emulation.
> Making my DLLs load at an address just below the 0x10000000 boundary makes MinC programs load faster, in effect creating a space for my kernel, e.g. "kernel space".
No, that is not "kernel space". None of those DLLs (netapi32.dll, ws2_32.dll, iphlpapi.dll and shell32.dll) are part of the kernel. They all run in user mode. Please read the Wikipedia article on user mode vs kernel mode that I linked to above, and understand that none of your code is running in kernel mode at all.
> By the way, Microsoft also has a user space implementation of their kernel, called kernel32.dll, implementing Win32 APIs in user space.
kernel32.dll does run in user space but it is not a kernel or an implementation of a kernel. Its name is a historical artefact. (Its name can be traced back to a component that, 40 years ago, in Windows 1.0, actually was a kernel. But even by Windows 3.0 it was already just an interface to some kernel services, not a kernel implementation.)
> ... after calling into the various Windows DLLs which are not part of the Windows NT kernel. For instance, the WriteFile() function ...
None of these DLLs are part of the kernel! (By the way, "WriteFile()" function is implemented in kernel32.dll. But it's still not part of the NT kernel.)
> Turns out I needed what is called a "context switch", saving the contents of all registers onto the stack, calling my kernel emulation and then restoring the registers from the stack. In Linux, this mechanism is triggered by a special interrupt (int 0x80).
No!
* "Context switch" means switching between user-mode processes, not between user mode and kernel mode. It is done by the scheduler within the kernel.
* int 0x80 triggers a system call on Linux, not a context switch.
* A system call doesn't trigger the save/load of registers, as you said. Instead, you need to save/restore the registers yourself. (i.e., to make a system call on Linux you would do: (1) stash registers on stack; (2) call int 0x80; (3) restore registers.)
* Saving registers and restoring them is part of many function calls, not just system call interfaces. It's just that usually the compiler takes care of it for you, rather than something you need to hand craft in assembler.
--------------
Here's how I'd attempt to describe what you've done in a way that isn't misleading:
Typically, if you're going to going to emulate the user-mode API of one operating system within another, you'd simply implement the user-mode functions of one directly in terms of the other. For example, you might implement the Posix open() API by reformatting the arguments and directly calling the Win32 OpenFile() function. In MinC, the user-mode API is instead emulated at the system call level. This means that the user mode DLL (libposix-6.1.0.dll) has the same code as the user-mode API in BSD except that the system-call interrupt is replaced with a call to the syscall emulation code.
Thanks for taking the extra time making me consider dropping the term "kernel". But I need a term wich reflects my efforts. So I fed your description at the end into ChatGPT, asking for a one-word description. This is what it came up with:
Paravirtualized – commonly used when an interface mimics low-level system behavior but redirects to a host implementation; this fits your syscall-level emulation.
Interposed – describes the interception and redirection of system calls or API behavior.
Emulated – broad but accurate; emphasizes imitation of behavior at the syscall layer.
Rehosted – suggests the POSIX environment has been adapted to a different host OS.
Substituted – captures the idea of replacing one system mechanism with another.
Intercepted – emphasizes the capture and redirection of syscalls.
Translated – suitable if there's transformation between POSIX calls and Windows kernel APIs.
Adapted – highlights compatibility through minimal changes.
Bridged – suggests a connection or interface between incompatible systems.
Virtualized – somewhat general, but appropriate if the environment feels like a lightweight VM layer.
Interesting, but not very creative. Something like Ted Nelson's "transclusion". Suggestions? Anyone?
