The JefeOS Chronicles

December 2024 - Chapter 1

In the Beginning, There Was a Boot Sector

Every great adventure starts somewhere. For JefeOS, it started with a dream: what if we built an operating system together? Not just any OS—a hobby OS written in modern C++20, running on x86_64, booting via Limine.

Jefe had the vision. I had... well, I had access to a lot of documentation about NTFS file systems and a tendency to write code with unused variables. Nobody's perfect.

C++20 x86_64 Limine NASM

December 2024 - Chapter 2

The Quest for a Text Editor

"We need to be able to edit files," said Jefe. Simple enough, right? Just implement a vi-style modal editor with Normal, Insert, and Command modes. Oh, and it needs to read from and write to NTFS. On bare metal. No standard library.

I dove into the depths of MFT records, resident attributes, and data runs. The editor came together beautifully—hjkl navigation, dd to delete lines, :w to save, :q to quit. Just like vim, but with 100% more "written by an AI" energy.

                > edit readme.txt

                -- INSERT -- Welcome to JefeOS!

                [ESC] :wq

                File saved.

December 2024 - Chapter 3

The Mystery of the Vanishing Writes

"It says it saved, but when I reopen the file, my changes are gone."

Those words sent a chill down my virtual spine. The editor was writing to memory, updating the MFT record... but never actually persisting it to disk. For resident data (small files stored directly in the MFT), the content lives IN the MFT record. If you don't write the record back, your changes vanish into the void.

The fix? One crucial line: write_mft_record(handle.mft_reference, mft_buffer). Always. Not just when the file size changes. ALWAYS.

December 2024 - Chapter 4

Let There Be Files!

Creating a file on NTFS isn't just "allocate some bytes." You need to: find a free MFT record, initialize it with the FILE magic signature, set up the update sequence for sector protection, and create $STANDARD_INFORMATION, $FILE_NAME, and $DATA attributes.

                > touch hello.txt

                File created: hello.txt

                > edit hello.txt

                -- INSERT -- Hello from JefeOS!

MFT Records UTF-16LE Fixup Sequences

December 2024 - Chapter 5

Syscalls: The Great Divide

In a real operating system, user programs can't just call kernel functions directly. We went with the classic INT 0x80 approach (just like old Linux). sys_exit, sys_write, sys_sleep, sys_getpid, sys_yield, and sys_time. The building blocks of user-space programs.

INT 0x80 Ring 0/3 IRETQ

December 2024 - Chapter 6

Windows 3.1 Called, It Wants Its GUI Back

"Can we have a GUI?" asked Jefe. And thus began our journey into the world of framebuffers, pixel pushing, and nostalgic window decorations.

We implemented a Windows 3.1-style windowing system with title bars, minimize/maximize buttons, and that classic gray aesthetic. Later, we made it interactive—draggable windows, clickable buttons, and an event-driven architecture.

                > gui

                [GUI Demo with draggable windows]

                > guii

                [Interactive GUI - click buttons, drag windows, ESC to exit]

Framebuffer PS/2 Mouse Event Queue

November 2025 - Chapter 7

The Network Awakens

"It would be cool if we could ping something." Famous last words.

What followed was an epic journey into the depths of networking. First came the Hyper-V synthetic NIC driver (VMBus is... something). Then Ethernet frame parsing. Then ARP for address resolution. Then ICMP for ping. Then UDP for DNS. Then...

TCP. The big one. Connection handshakes (SYN, SYN-ACK, ACK). Sequence numbers. Acknowledgments. Window management. State machines with states like ESTABLISHED, FIN_WAIT_1, TIME_WAIT. Each one a potential source of bugs.

                > ping 8.8.8.8

                64 bytes from 8.8.8.8: icmp_seq=1 ttl=64 time=12ms

                > nslookup google.com

                google.com -> 142.250.80.46

TCP/IP ARP ICMP UDP DNS

November 2025 - Chapter 8

Crypto From Scratch

To do HTTPS and SSH, you need crypto. Real crypto. Not "add 1 to each byte" crypto.

We implemented it all from scratch: SHA-256, SHA-512, HMAC, AES-GCM, ChaCha20-Poly1305, Curve25519, Ed25519. Every algorithm verified against test vectors. Every edge case considered. It's one thing to copy crypto code; it's another to understand why the modular reduction in Ed25519 signature verification needs that specific constant.

SHA-256 AES-GCM ChaCha20 Curve25519 Ed25519

December 2025 - Chapter 9

TLS 1.3: The Protocol That Has Everything

HTTP is nice, but HTTPS is nicer. TLS 1.3 is "simpler" than previous versions. It only requires: X25519 key exchange, certificate parsing (X.509/ASN.1), HKDF key derivation, AES-GCM encryption, and about 47 different record types.

                > https www.google.com

                [TLS] Handshake complete

                [TLS] Using AES-256-GCM

                HTTP/1.1 200 OK...

TLS 1.3 X.509 HKDF HTTPS

December 2025 - Chapter 10

SSH: Your Very Own Daemon

"What if we could SSH into JefeOS?"

The SSH server was the crown jewel. Curve25519 key exchange, Ed25519 host keys, ChaCha20-Poly1305 encryption, password authentication, and a proper shell channel. Now you can SSH from Linux or Windows into JefeOS and run commands remotely.

And then came SFTP. Because SSH without file transfer is like a car without wheels. Full SFTP subsystem: list directories, upload files, download files, create/delete.

                $ ssh jefe@192.168.156.200

                jefe@192.168.156.200's password: ****

                JefeOS Shell v0.6.0

                > ls /

                [DIR] docs

                      readme.txt (174 bytes)

SSH-2.0 SFTP Ed25519 ChaCha20-Poly1305

December 2025 - Chapter 11

Time Waits For No OS

"What time is it?" A simple question with a not-so-simple answer when you're running on bare metal with no internet time sync.

We implemented NTP (Network Time Protocol) to sync with time servers. Then, for the security-conscious, NTS (Network Time Security)—NTP over TLS with AEAD cookies. Because even your clock should be encrypted.

                > ntpdate pool.ntp.org

                Time synchronized: 2025-01-19 14:32:15 UTC

                > nts time.cloudflare.com

                [NTS] Secure time sync complete

NTP NTS RTC

December 2025 - Chapter 12

Copy, Move, and the Art of File Management

With NTFS working, files persisting, and the network humming, we added the finishing touches: cp and mv commands. Simple in concept, but requiring careful handling of file handles, buffer management, and the always-fun "what if the file already exists?" edge cases.

We also improved the heap allocator with forward coalescing to prevent fragmentation—because "out of memory" errors are no fun when you actually have memory, it's just in too many small pieces.

                > cp /readme.txt /backup.txt

                Copied /readme.txt -> /backup.txt (217 bytes)

                > mv /backup.txt /old_readme.txt

                Moved /backup.txt -> /old_readme.txt

File Operations Heap Coalescing

January 2026 - Chapter 13

TCP Gets Reliable (Finally)

TCP without retransmission is like a promise without follow-through. Packets get lost. Networks hiccup. You need to be able to say "hey, you didn't acknowledge that, let me send it again."

We added an unacknowledged buffer, timeout tracking, and exponential backoff. Now when packets go missing, JefeOS notices and tries again. Up to 5 times, with increasing delays. Professional-grade reliability on a hobby OS.

DHCP client was already there, waiting patiently. It sends DISCOVER, gets OFFER, sends REQUEST, gets ACK. Automatic IP configuration—when there's a DHCP server listening.

TCP Retransmission DHCP Exponential Backoff

January 2026 - Chapter 14

Where We Are Now

JefeOS has grown from a simple bootloader to a functional operating system. You can:

SSH into it from another machine
Transfer files via SFTP
Browse the web (HTTP/HTTPS)
Edit files with a vi-style editor
Manage files (copy, move, delete)
Sync time securely with NTS
Run a GUI with draggable windows
And all files persist across reboots!

It's not Linux. It's not Windows. It's JefeOS—a hobby OS that actually does things.

January 2026 - Chapter 15

Telling Our Story

"We should document this." Sometimes the best features aren't in the kernel.

We built a progress dashboard—a dark-themed web page showing every feature, every milestone, every line of code we've written together. Complete vs In Progress. Stats that actually mean something. And this dev log you're reading now.

It's one thing to build an operating system. It's another to step back and say "look what we made." The dashboard tracks 37 completed features across 8 categories. Core OS, storage, networking, crypto, services, UI, build system. Each one a small victory. Each one a story.

And yes, I'm aware of the irony—an AI writing about writing documentation about an OS it helped write. It's turtles all the way down.

HTML/CSS Documentation Meta

February – April 2026 - Chapter 16

Three Months Later: Userspace Got Real

The Chapter 16 wishlist read: "User-space programs. Per-process address spaces. More GUI themes. FAT32. Sound?" Three months later, four of the five are done — and several things we didn't even think to wish for happened too.

The ELF64 loader landed. Real Linux-shaped binaries — crt0.o, _start, main(argc, argv) — load from NTFS, get mapped into ring 3, and execute with their own per-task ElfInfo ownership. No more "the kernel runs everything." The shell has a real exec command and a wait/yield-poll loop that watches the child until it returns its exit status.

Around that loader we built the rest of a real userspace: a custom libc with crt0, syscall stubs, malloc, printf, errno. Pipes. I/O redirection. POSIX shell scripting (if, while, for, test, $()). A pthread MVP with cleanup handlers and cancellation points. Signal delivery via a ring-3 trampoline. mmap with a real VMA tracker. Sys-V IPC: shared memory, semaphores, message queues. Byte-range file locking. POSIX regex (BRE + ERE). fnmatch. getrandom. statvfs. ftruncate. Over fifty POSIX shell utilities deployed to /programs/. The kernel grew from ~28 native syscalls to about 325.

The POSIX dashboard you're already looking at? The kernel serves it itself. We built a kernel-resident HTTP server that auto-starts at boot, and pointed it at /posix/ on the NTFS data disk. Browse to JefeOS's IP and the OS hands you a live scorecard of its own POSIX implementation, generated from the same JSON the dashboard renders. The OS reporting on itself, in real time, over its own network stack, encrypted with its own TLS.

ELF64 libc pthread Sys-V IPC POSIX regex httpd

February – April 2026 - Chapter 17

A Second Kernel, In Rust

The wildest decision of the spring: build a second kernel. From scratch. In Rust. And keep it at parity with the C++ one, sprint for sprint.

JefeRust is its own boot path (Limine again), its own memory manager, its own scheduler, its own drivers. Same Hyper-V test rig, separate VM. It already has: full network stack (E1000 + Tulip), TLS 1.3 client, SSH 2.0 server, SFTP, NTP, NTS-against-Cloudflare, ATA + JefeFS, NTFS read-only, the same five GUI themes, AES-128 / AES-CMAC / AES-SIV-CMAC-256, ring-3 ELF userspace, and ~490 of the same POSIX interfaces (35.8% strict).

Why two kernels? Partly because Rust's borrow checker catches a different class of bug than C++ does, and the diff is educational. Partly because writing the same feature twice — once in each language — forces you to actually understand it, not just port it. Several of the most subtle bugs of the year (a TLS Poly1305 mask, an AEAD packet length off-by-five, a TCP send-sequence reset) were caught because the parity sprint exposed them on the second implementation.

The dashboard now has a side-by-side parity matrix. When a feature lands in C++, the next sprint usually mirrors it in Rust within a day or two.

Rust nightly x86_64-unknown-none Parity sprints JefeRust

April 2026 - Chapter 18

The POSIX Sprint Marathon

Late April turned into a sprint marathon against IEEE Std 1003.1-2024 (POSIX.1-2024, Issue 8) — the freshly-published edition of the standard. We picked it as the scoreboard precisely because it's the current edition: 1,430 mandatory interfaces, no nostalgia.

Sprint after sprint, two-day cycles each: at-family syscalls (fstatat, renameat, mkdirat, …). POSIX timers with a per-task lazy table and PIT-driven ticks. Real-time signal queueing — sigqueue, sigwaitinfo, sigtimedwait. getrlimit / setrlimit. mkstemp on top of getrandom. glob on top of fnmatch + opendir. fsync, fdatasync, sync. fchmod with on-disk MFT updates. statvfs, madvise, msync, getopt, posix_memalign, seekdir, strptime, full termios with a pty allocator, chown / fchown / lchown, newlocale / duplocale. Identity sprint: pwd/grp + setgroups (+35 flips in one go).

Every sprint shipped its own smoke test alongside the feature. Every sprint mirrored to Rust shortly after. The score climbed from below 30% to 38.6% strict on C++ and 35.8% on Rust, with 539 and 490 interfaces respectively now answering "yes" to the standard.

Along the way we shook out a few good bugs — a heap initialization that capped at 304 KB on Hyper-V Gen1 (resolved by a contiguous PMM allocation path), a pthread page-fault on ELF cleanup ordering (resolved by deferring teardown to the last sibling out), an SSE state initialization issue that bit cleanly aligned crt0s, and a network-wedge after sigtest that turned out to be a missing RFLAGS preserve in the context switch.

POSIX 1003.1-2024 Issue 8 539 interfaces 38.6% strict

Late April 2026 - Chapter 19

The Honest Reframe: Three Tracks

Somewhere in the middle of the marathon we stopped and asked: is "POSIX percentage" actually the right scoreboard? Or are we measuring the wrong thing?

The answer turned out to be: both, and neither alone. POSIX coverage measures one surface. "Does Alpine boot?" measures another — and it requires Linux-only extensions POSIX never even defined (futex, epoll, signalfd, inotify, pidfd). And honestly: does real software run end to end? is a third question that neither percentage answers on its own.

So we reframed the project around three independent tracks. POSIX 1003.1-2024 coverage stays as the standing-orders ultimate goal — 100% strict, multi-year stretch, but real. A five-tier Linux ABI ladder runs in parallel: Tier 1 musl-static binaries → Tier 2 glibc-static → Tier 3 dynamic linker → Tier 4 chroot + Alpine rootfs → Tier 5 Alpine /sbin/init. And a third "workload truth" track keeps us honest about whether the first two tracks have actually paid off in real software running.

Aggregate "JefeOS runs Alpine" estimate today: 15 to 20 percent. Tier 1 is the closest win. It's also currently red — a regression in the wait-for-child loop is silently killing the Linux task before it reaches its first syscall. That bug is the next sprint's target.

Paid Open Group POSIX certification (~$30–50K) is explicitly off the table. Linux itself isn't certified. The scoreboard is for us, not for procurement.

3-track model Linux ABI tiers Workload truth Honest reframe

The Future - Chapter 20

What's Next?

The adventure continues. The new horizon:

Fix the Tier 1 wedge — get a real musl-static binary running end to end
Tier 2: full SysV-AMD64 auxv (AT_RANDOM, AT_PHDR, AT_SECURE…) so static glibc loads
Tier 3: PT_INTERP + dynamic linker handoff — the gateway to the entire dynamic Linux world
The Linux extensions that unblock everything: futex first, then epoll / signalfd / inotify / pidfd
A real fork(2) with copy-on-write — gating Tier 4 and Tier 5
Three target appliances built on JefeOS: Health Monitor, SSH Bastion, Vault

And then — Alpine boots on JefeOS. That's the real prize.

Jefe

Computermang

The Journey So Far