Key features
Everything below is shipped and verified on the C++ kernel unless noted. JefeRust tracks the core OS, networking and crypto at near-parity.
From-scratch kernel core
Limine boot, 4-level paging, physical + virtual memory managers, an 8 MB heap with coalescing, and a preemptive round-robin scheduler with PIT-driven preemption.
Own userspace
ELF64 loader, ring-3 execution, per-process page tables, an INT 0x80 syscall interface, and its own libc — no host runtime.
Full network stack
E1000 / Tulip NIC drivers up through Ethernet, ARP, IPv4, IPv6 (link-local + NDP), ICMP, UDP, TCP, DNS and DHCP — built from the wire up.
Crypto & secure services
TLS 1.3 client, an SSH 2.0 server + client (ChaCha20-Poly1305, Ed25519, X25519), SFTP/SCP, an HTTP/S client, and NTP/NTS authenticated time verified against Cloudflare.
Filesystems
NTFS read/write and FAT32. A plain JefeOS-written directory now passes Windows chkdsk /f clean (exit-0), and grown directory indexes pass too.
Linux ABI compatibility
A WSL1-style Linux syscall translation layer (SYSCALL/LSTAR). Static and dynamic Linux binaries run; chroot + Alpine apk read and write work — packages like tree and jq install and execute.
GUI & shell
A framebuffer window manager with 5 switchable themes (Win31, Win95, Mac Classic, Amiga, Modern Dark), a text editor, and a shell with 80+ commands plus cross-platform aliases.
Real workloads run
A real Node.js Discord bot and an unmodified Python Twitch chatbot have both run live on JefeOS — two-way gateways, LLM round-trips, and HTTPS over the kernel's own TLS.
Reliability hardening
Fault-survivable user-pointer handling (hostile pointer → -EFAULT, not a crash), panic/crash records that persist across reboot, and CI-tested leak-free daemon teardown.
In progress, not yet done: POSIX 1003.1-2024 coverage sits around ~83% strict on both kernels (100% is the standing goal); the interactive Alpine login prompt is the last manual gate on the top Linux tier; SMP and full JefeRust parity are ongoing.
Xylem: the OS is the cluster Thesis · pre-implementation
Xylem is JefeOS's north-star identity: instead of bolting an external orchestrator (like Kubernetes) on top of a cluster-blind OS, the cluster control plane is folded into the kernel. The roadmap calls for a "service" to become a first-class kernel object with a replica count and a supervision policy — so redundancy, scaling and failover become kernel verbs rather than YAML reconciled from the outside.
It's named after plant xylem — a distributed transport tissue that reroutes flow around a dead vessel (built-in failover as structure), regrows (self-healing), and is load-bearing. The design principle is biomimicry: decentralized, pressure-driven, no central authority.
- Composes with — but is orthogonal to — JefeOS's Linux-compatibility work: a Linux container can run inside a Xylem "cell" and inherit failover for free, but the capability is JefeOS's, not Linux's.
- The roadmap supports both a pragmatic external replicated store to start, and eventual kernel-native replicated storage for stateful cells.
- Initial posture is a trusted fleet; hostile multi-tenant isolation is a future possibility, not a launch goal.
Honest framing: Xylem is a thesis and long-arc direction — almost none of it is built yet. The foundations it would build on (per-process page tables, fault-survival hardening, the network stack, the scheduler) exist; the cross-node clustering itself does not. Nothing here ships today.
Read the Xylem whitepaper →Explore JefeOS
Pick a thread — live progress, the long-arc thesis, the story, or the code.