- Rust 100%
| .github | ||
| src | ||
| .editorconfig | ||
| .gitignore | ||
| .markdownlint-cli2.yaml | ||
| ARCHITECTURE.md | ||
| Cargo.toml | ||
| CODE_OF_CONDUCT.md | ||
| CONTRIBUTING.md | ||
| LICENSE | ||
| README.md | ||
| ROADMAP.md | ||
| rustfmt.toml | ||
| SECURITY.md | ||
lib-handoff
lib-handoff a thin, no-policy Rust crate for EriX handoff structures used in
early boot and early userspace bootstrap.
EriX is a clean-room, capability-based microkernel operating system written entirely in Rust.
Technical requirements are tracked in the EriX requirements, conventions, and project documentation.
See:
- docs for design documents, specifications, and development plans.
- Related architecture repositories for kernel, services, libraries, drivers, and integration tooling.
Purpose of This Repository
This repository implements the EriX handoff library. Its purpose in EriX is to provide reusable handoff primitives and contracts to EriX components.
Functionally, it exposes the handoff APIs, validation tests, and documentation used by dependent repositories. The repository keeps the implementation, interface contracts, tests, and documentation for that behavior in one reviewable ownership boundary.
The maintained responsibilities are:
- expose the
lib-handoffcrate API for handoff behavior used by dependent components - keep data formats, constants, and validation helpers documented and tested
- preserve clean-room, no-external-crate implementation boundaries
- maintain compatibility expectations for downstream repositories
Clean-Room Policy
EriX follows a strict clean-room philosophy:
- No external source code may be copied.
- No external Rust crates are allowed.
- No code generation tools that embed third-party code.
- All code must be authored within the project.
Violations will result in rejection of the contribution.
License
All EriX repositories are licensed under the ISC License.
Development Model
EriX development is modular, deterministic, reproducible, authority-explicit, security-first, and self-hosting oriented.
This repository follows the project roadmap and the validation rules documented in its own roadmap.
Testing strategy
- Positive fixture tests for valid v1 handoffs
- Negative tests for:
- wrong magic/version
- out-of-bounds offsets
- integer overflow in table math
- malformed entry size/count combinations
- Cross-repo compatibility tests (producer bytes match consumer decode)
- Determinism tests (same input bytes -> same parse result)
Dependencies
- External crates: none
- Internal dependencies: minimal; prefer no dependency where possible
See clean-room policy in ../docs/policies/no-external-code.md.
Status
Early development.
Protocol docs exist in docs/handoff; this crate is the implementation layer
for those schemas. Current role constant set for root->services v1 is split as
memd=1, vspaced=2, pagerd=3, procd=4 (>=1024 extension roles).
Governance Principles
lib-handoff governance is scoped to reusable handoff contracts shared by
dependent repositories.
The scoped governance rules are:
- It must expose narrow, documented APIs rather than component-specific policy.
- It keeps wire formats, constants, parsers, and validation helpers deterministic and testable.
- It preserves clean-room implementation boundaries and does not introduce external crate dependencies.
- Breaking API or format changes require coordinated updates in every dependent repository.
Library Boundaries
lib-handoffcarries no runtime authority by itself; authority is held by callers that use the library.- The crate must not hide ambient I/O, allocation policy, or service discovery behind helper APIs.
Contact
Development occurs in EriX organization and discussions happen in issues and design documents.
No decisions are considered valid without documented rationale.
Maintainers can be reached via email: admin@erikinkinen.fi.