GitHub – ipenas-cl/AtomicOs: AtomicOS – A security-first operating system built from scratch.

Posted on by


A security-first operating system built from scratch with real memory protection, cryptography, and a deterministic programming language.

Version
License
Platform

AtomicOS is an educational operating system that prioritizes security over performance. Unlike many hobby OS projects, it implements real security features including AES-128 encryption, SHA-256 hashing, and a complete Memory Management Unit (MMU).

Philosophy: “Seguridad primero, luego estabilidad y luego performance” (Security first, then stability, then performance)

  • ✅ Custom bootloader (Multiboot compliant)
  • ✅ Protected mode with stack protection
  • ✅ Memory Management Unit (MMU) with 2-level paging
  • ✅ Physical and virtual memory management
  • ✅ VGA text mode with color support
  • Real AES-128 encryption (not XOR!)
  • SHA-256 cryptographic hashing
  • ✅ Memory guards and bounds checking
  • ✅ W^X (Write XOR Execute) enforcement
  • ✅ Secure memory wiping on free
  • ✅ Page-level access control

Tempo Programming Language

  • ✅ Deterministic execution
  • ✅ Worst-Case Execution Time (WCET) analysis
  • ✅ Compiles to x86 assembly
  • ✅ Integrated runtime in kernel
  • i686-elf-gcc (cross-compiler for x86)
  • nasm (Netwide Assembler)
  • qemu-system-i386 (for testing)
  • make
# Build AtomicOS v0.4 with MMU
make -f Makefile.v4

# Run in QEMU
./run_mmu.sh
# v0.3 - Security-first design
make -f Makefile.v3
./run_atomicos.sh

# Simple visual demo
make -f Makefile.demo
./ver_demo.sh
AtomicOS/
├── kernel/
│   ├── kernel_v4_mmu.c    # Latest kernel with MMU
│   ├── mmu.c              # Memory Management Unit
│   ├── crypto_real.c      # AES-128 & SHA-256
│   ├── boot.asm           # Bootloader
│   └── ...
├── tempo/
│   ├── tempo_compiler.c   # Tempo language compiler
│   ├── LANGUAGE_SPEC.md   # Language specification
│   └── examples/
└── docs/
    ├── REALITY_CHECK.md   # Honest assessment
    └── EVIDENCE_*.md      # Test results

0x00000000 - 0x003FFFFF : Kernel Space (4MB)
0x00400000 - 0xBFFFFFFF : User Space
0xC0000000 - 0xFFFFFFFF : Kernel Mirror (Higher Half)
  • AES-128: Full implementation with S-boxes, MixColumns, and key scheduling
  • SHA-256: Complete with 64 rounds and proper constants
  • MMU: Hardware-enforced memory protection via page tables

This is an educational project. While it implements real security concepts, it is NOT production-ready:

  • No network stack
  • No file system
  • No device drivers (except basic VGA)
  • Single-threaded execution
  • Limited error handling

MIT License with attribution requirements. See LICENSE file.

Key points:

  • ✅ Open source – you can use, modify, and distribute
  • ✅ Attribution required – must credit original project
  • ✅ Name protection – forks must use different name
  • ✅ Change disclosure – modifications must be documented

Contributions welcome! Please:

  1. Fork the repository
  2. Create a feature branch
  3. Document your changes
  4. Submit a pull request

Original Author: Ignacio Peña
Created: 2024

AtomicOS Boot Demo on YouTube – Boot demonstration and features

“No exploits, no crashes, no lies.” – AtomicOS motto



Source link