feat: userspace overhaul, Intel GPU driver, and more

This commit is contained in:
2026-02-19 15:46:49 +01:00
parent d355d376f9
commit cae7dd352e
55 changed files with 9080 additions and 270 deletions
+62
View File
@@ -0,0 +1,62 @@
.TH FETCH 1
.SH NAME
fetch - HTTP/HTTPS client for ZenithOS
.SH SYNOPSIS
fetch [-v] <url>
fetch [-v] <host> <port> [path]
.SH DESCRIPTION
fetch performs an HTTP/1.0 GET request and prints the response
body to the terminal. Supports both plain HTTP and HTTPS (TLS 1.2)
connections. By default only the body is printed.
In URL mode, the scheme (http:// or https://) determines whether
TLS is used. The port defaults to 80 for HTTP and 443 for HTTPS.
In legacy mode, the host and port are specified as separate
arguments and the connection is always plain HTTP.
The host may be an IP address or a hostname. Hostnames are
resolved via the configured DNS server.
If no path is given, "/" is used.
.SH OPTIONS
.B -v
Verbose mode. Print connection info, trust anchor count, TLS
handshake progress, and the HTTP status/size header before
the body.
.SH EXAMPLES
fetch https://icanhazip.com
Print your public IP address over HTTPS.
fetch http://icanhazip.com
Same, but over plain HTTP.
fetch -v https://example.com
Fetch a page with verbose output showing:
Connecting to example.com:443 (HTTPS)...
Loaded 128 trust anchors
TLS handshake...
TLS connection established
GET /
HTTP 200 OK (1256 bytes)
fetch 10.0.68.1 80 /
Fetch from a local server by IP (legacy syntax).
.SH TLS SUPPORT
HTTPS connections use BearSSL for TLS 1.2. Server certificates
are validated against the system CA bundle at
0:/etc/ca-certificates.crt.
Entropy for the TLS handshake is provided by RDTSC-seeded
random data via the SYS_GETRANDOM syscall.
.SH KEYBOARD
Ctrl+Q Abort the request
.SH SEE ALSO
ping(1), nslookup(1), tcpconnect(1), shell(1), syscalls(2)
+10 -1
View File
@@ -67,8 +67,17 @@
}
zenith::close(h);
.SH WRITING FILES
Files can be created and written on the ramdisk:
.BI int zenith::fcreate(const char* path);
.BI int zenith::fwrite(int handle, const uint8_t* buf, uint64_t offset, uint64_t size);
fcreate creates a new file and returns a handle. fwrite writes
bytes at the given offset. Changes persist only until reboot --
the ramdisk is reloaded from the USTAR archive on each boot.
.SH NOTES
The filesystem is read-only. There are no write or create calls.
All files live on the ramdisk which is loaded at boot from a
USTAR tar archive.
+43
View File
@@ -0,0 +1,43 @@
.TH FONTSCALE 1
.SH NAME
fontscale - get or set terminal font scale
.SH SYNOPSIS
fontscale
fontscale <n>
fontscale <x> <y>
.SH DESCRIPTION
Controls the terminal font scale factor. The Flanterm terminal
emulator renders text at a configurable scale multiplier.
Increasing the scale makes text larger, which is useful on
high-resolution displays or real hardware where text may be
too small to read comfortably.
With no arguments, prints the current scale factor and terminal
dimensions.
With one argument, sets both the horizontal and vertical scale
to the same value.
With two arguments, sets asymmetric horizontal and vertical
scale factors independently.
Valid scale values are 1 through 8. After rescaling, the screen
is cleared.
.SH OUTPUT
fontscale
Scale: 1x1 (160 cols x 50 rows)
fontscale 2
Scale set to 2x2 (80 cols x 25 rows)
.SH EXAMPLES
fontscale Show current scale and dimensions
fontscale 2 Double the font size
fontscale 3 2 3x horizontal, 2x vertical
fontscale 1 Reset to default size
.SH SEE ALSO
shell(1), syscalls(2)
+5
View File
@@ -53,6 +53,11 @@
shell(1) Shell commands reference
init(1) Init system
dhcp(1) DHCP client
fetch(1) HTTP client
ping(1) ICMP ping
nslookup(1) DNS lookup
fontscale(1) Terminal font scaling
edit(1) Text editor
man(1) The man command itself
legal(7) Copyright and legal information
syscalls(2) Overview of all syscalls
+36
View File
@@ -0,0 +1,36 @@
.TH NSLOOKUP 1
.SH NAME
nslookup - DNS hostname lookup
.SH SYNOPSIS
nslookup <hostname>
.SH DESCRIPTION
Resolves a hostname to an IPv4 address using the configured
DNS server and prints the result.
The kernel DNS resolver sends a UDP query to port 53 of the
configured DNS server and waits up to 5 seconds for a reply.
Results are cached in an 8-entry kernel cache with TTL support.
.SH OUTPUT
Server: 10.0.68.1
Name: example.com
Address: 93.184.216.34
Time: 3ms
If the lookup fails:
Could not resolve: badhost.invalid
.SH DNS CONFIGURATION
The DNS server address is obtained automatically via DHCP.
It can also be viewed and set with ifconfig. The default
is 10.0.68.1 (QEMU user-mode networking).
.SH EXAMPLES
nslookup google.com
nslookup icanhazip.com
.SH SEE ALSO
ping(1), fetch(1), dhcp(1), ifconfig(1), syscalls(2)
+37
View File
@@ -0,0 +1,37 @@
.TH PING 1
.SH NAME
ping - send ICMP echo requests
.SH SYNOPSIS
ping <host>
.SH DESCRIPTION
Sends 4 ICMP echo requests to the specified host and prints
the round-trip time for each reply.
The host may be an IP address or a hostname. Hostnames are
resolved via the configured DNS server.
Each request has a 3-second timeout. Requests are sent at
1-second intervals.
.SH OUTPUT
PING example.com (93.184.216.34)
Reply from 93.184.216.34: time=12ms
Reply from 93.184.216.34: time=11ms
Reply from 93.184.216.34: time=13ms
Reply from 93.184.216.34: time=11ms
If a reply is not received within the timeout:
Request timed out
.SH EXAMPLES
ping 10.0.68.1
Ping the gateway by IP address.
ping google.com
Ping by hostname (requires DNS).
.SH SEE ALSO
nslookup(1), ifconfig(1), shell(1), syscalls(2)
+9 -3
View File
@@ -61,18 +61,24 @@
date Show current date and time
uptime Show system uptime
clear Clear the screen and framebuffer
fontscale [n] Get or set terminal font scale
reset Reboot the system
shutdown Shut down the system
.SS Network commands (0:/os/)
ping <ip> Send ICMP echo requests
ping <host> Send ICMP echo requests
nslookup <host> DNS lookup
ifconfig Show/set network configuration
tcpconnect <ip> <port> Interactive TCP client
tcpconnect <host> <port> Interactive TCP client
irc IRC client
dhcp DHCP client
fetch HTTP client
fetch HTTP/HTTPS client (TLS 1.2)
wiki Wikipedia article viewer
httpd HTTP server
Network commands accept both IP addresses and hostnames.
Hostnames are resolved via the configured DNS server.
.SS Games (0:/games/)
doom DOOM
+37 -3
View File
@@ -3,7 +3,7 @@
syscalls - overview of ZenithOS system calls
.SH DESCRIPTION
ZenithOS provides 41 system calls (numbers 0-40) for userspace
ZenithOS provides 46 system calls (numbers 0-45) for userspace
programs. Syscalls use the x86-64 SYSCALL instruction with the
following register convention:
@@ -121,13 +121,22 @@
int32_t zenith::ping(uint32_t ip, uint32_t timeoutMs);
.B SYS_GETNETCFG (37)
Get the current network configuration (IP, mask, gateway, MAC).
Get the current network configuration (IP, mask, gateway, MAC,
DNS server).
void zenith::get_netcfg(Zenith::NetCfg* out);
.B SYS_SETNETCFG (38)
Set the network configuration (IP, mask, gateway).
Set the network configuration (IP, mask, gateway, DNS server).
int zenith::set_netcfg(const Zenith::NetCfg* cfg);
.B SYS_RESOLVE (44)
Resolve a hostname to an IPv4 address via DNS. Sends a UDP
query to the configured DNS server and waits up to 5 seconds
for a reply. Returns the IP in network byte order, or 0 on
failure. IP address strings (e.g. "10.0.0.1") are detected
and returned directly without a DNS query.
uint32_t zenith::resolve(const char* hostname);
.SH SOCKETS
.B SYS_SOCKET (29)
Create a socket. type=SOCK_TCP (1) or SOCK_UDP (2).
@@ -174,6 +183,17 @@
int zenith::recvfrom(int fd, void* buf, uint32_t maxLen,
uint32_t* srcIp, uint16_t* srcPort);
.SH FILE WRITE
.B SYS_FWRITE (41)
Write bytes to a file at a given offset.
int zenith::fwrite(int handle, const uint8_t* buf,
uint64_t offset, uint64_t size);
.B SYS_FCREATE (42)
Create a new file on the ramdisk. Returns a handle or negative
on error.
int zenith::fcreate(const char* path);
.SH FRAMEBUFFER
.B SYS_FBINFO (21)
Get framebuffer dimensions and format.
@@ -188,11 +208,25 @@
Get terminal dimensions (columns and rows).
void zenith::termsize(int* cols, int* rows);
.B SYS_TERMSCALE (43)
Get or set the terminal font scale factor. When scale_x is 0,
returns the current scale as (scale_y << 32 | scale_x). When
scale_x is non-zero, sets the font scale and returns the new
terminal dimensions as (rows << 32 | cols).
void zenith::termscale(int scale_x, int scale_y);
void zenith::get_termscale(int* scale_x, int* scale_y);
.SH ARGUMENTS
.B SYS_GETARGS (25)
Get the argument string passed to this process at spawn time.
int zenith::getargs(char* buf, uint64_t maxLen);
.SH RANDOM
.B SYS_GETRANDOM (45)
Fill a buffer with random bytes using RDTSC-seeded entropy.
Returns the number of bytes written.
int64_t zenith::getrandom(void* buf, uint32_t len);
.SH POWER MANAGEMENT
.B SYS_RESET (26)
Reboot the system.
+237
View File
@@ -0,0 +1,237 @@
.TH TLS-ERRORS 5
.SH NAME
tls-errors - BearSSL TLS and X.509 error codes
.SH DESCRIPTION
ZenithOS uses BearSSL for TLS 1.2 connections. When a TLS
operation fails, an integer error code is reported. This page
lists all possible error codes.
.SH SSL/TLS ENGINE ERRORS
.B 0 BR_ERR_OK
No error.
.B 1 BR_ERR_BAD_PARAM
Caller-provided parameter is incorrect.
.B 2 BR_ERR_BAD_STATE
Operation cannot be applied in the current engine state.
.B 3 BR_ERR_UNSUPPORTED_VERSION
Incoming protocol or record version is unsupported.
.B 4 BR_ERR_BAD_VERSION
Incoming record version does not match the expected version.
.B 5 BR_ERR_BAD_LENGTH
Incoming record length is invalid.
.B 6 BR_ERR_TOO_LARGE
Incoming record is too large, or buffer is too small for the
handshake message to send.
.B 7 BR_ERR_BAD_MAC
Decryption found invalid padding, or the record MAC is
not correct.
.B 8 BR_ERR_NO_RANDOM
No initial entropy was provided and none could be obtained
from the OS.
.B 9 BR_ERR_UNKNOWN_TYPE
Incoming record type is unknown.
.B 10 BR_ERR_UNEXPECTED
Incoming record or message has wrong type for the current
engine state.
.B 12 BR_ERR_BAD_CCS
ChangeCipherSpec message from the peer has invalid contents.
.B 13 BR_ERR_BAD_ALERT
Alert message from the peer has invalid contents (odd length).
.B 14 BR_ERR_BAD_HANDSHAKE
Incoming handshake message decoding failed.
.B 15 BR_ERR_OVERSIZED_ID
ServerHello contains a session ID larger than 32 bytes.
.B 16 BR_ERR_BAD_CIPHER_SUITE
Server wants to use a cipher suite that we did not advertise,
or we tried to advertise a cipher suite that we do not support.
.B 17 BR_ERR_BAD_COMPRESSION
Server wants to use a compression method that we did not
advertise.
.B 18 BR_ERR_BAD_FRAGLEN
Server's max fragment length does not match client's.
.B 19 BR_ERR_BAD_SECRENEG
Secure renegotiation failed.
.B 20 BR_ERR_EXTRA_EXTENSION
Server sent an extension type that we did not announce, or
used the same extension type more than once in ServerHello.
.B 21 BR_ERR_BAD_SNI
Invalid Server Name Indication contents (when used by the
server, this extension shall be empty).
.B 22 BR_ERR_BAD_HELLO_DONE
Invalid ServerHelloDone from the server (length is not 0).
.B 23 BR_ERR_LIMIT_EXCEEDED
Internal limit exceeded (e.g. server's public key is too
large).
.B 24 BR_ERR_BAD_FINISHED
Finished message from peer does not match the expected value.
.B 25 BR_ERR_RESUME_MISMATCH
Session resumption attempted with a different version or
cipher suite.
.B 26 BR_ERR_INVALID_ALGORITHM
Unsupported or invalid algorithm (ECDHE curve, signature
algorithm, hash function).
.B 27 BR_ERR_BAD_SIGNATURE
Invalid signature on ServerKeyExchange or CertificateVerify.
.B 28 BR_ERR_WRONG_KEY_USAGE
Peer's public key does not have the proper type or is not
allowed for the requested operation.
.B 29 BR_ERR_NO_CLIENT_AUTH
Client did not send a certificate upon request, or the client
certificate could not be validated.
.B 31 BR_ERR_IO
I/O error or premature close on the underlying transport.
.SH X.509 CERTIFICATE ERRORS
.B 32 BR_ERR_X509_OK
X.509 validation was successful (not an error).
.B 33 BR_ERR_X509_INVALID_VALUE
Invalid value in an ASN.1 structure.
.B 34 BR_ERR_X509_TRUNCATED
Truncated certificate.
.B 35 BR_ERR_X509_EMPTY_CHAIN
Empty certificate chain (no certificate at all).
.B 36 BR_ERR_X509_INNER_TRUNC
Inner element extends beyond outer element size.
.B 37 BR_ERR_X509_BAD_TAG_CLASS
Unsupported tag class (application or private).
.B 38 BR_ERR_X509_BAD_TAG_VALUE
Unsupported tag value.
.B 39 BR_ERR_X509_INDEFINITE_LENGTH
Indefinite length encoding found.
.B 40 BR_ERR_X509_EXTRA_ELEMENT
Extraneous element in certificate.
.B 41 BR_ERR_X509_UNEXPECTED
Unexpected element in certificate.
.B 42 BR_ERR_X509_NOT_CONSTRUCTED
Expected constructed element, but found primitive.
.B 43 BR_ERR_X509_NOT_PRIMITIVE
Expected primitive element, but found constructed.
.B 44 BR_ERR_X509_PARTIAL_BYTE
BIT STRING length is not a multiple of 8.
.B 45 BR_ERR_X509_BAD_BOOLEAN
BOOLEAN value has invalid length.
.B 46 BR_ERR_X509_OVERFLOW
Value is off-limits (overflow).
.B 47 BR_ERR_X509_BAD_DN
Invalid distinguished name.
.B 48 BR_ERR_X509_BAD_TIME
Invalid date/time representation in certificate.
.B 49 BR_ERR_X509_UNSUPPORTED
Certificate contains unsupported features that cannot be
ignored.
.B 50 BR_ERR_X509_LIMIT_EXCEEDED
Key or signature size exceeds internal limits.
.B 51 BR_ERR_X509_WRONG_KEY_TYPE
Key type does not match that which was expected.
.B 52 BR_ERR_X509_BAD_SIGNATURE
Signature is invalid.
.B 53 BR_ERR_X509_TIME_UNKNOWN
Validation time is unknown (no time was set).
.B 54 BR_ERR_X509_EXPIRED
Certificate is expired or not yet valid.
.B 55 BR_ERR_X509_DN_MISMATCH
Issuer/subject DN mismatch in the chain.
.B 56 BR_ERR_X509_BAD_SERVER_NAME
Expected server name was not found in the chain.
.B 57 BR_ERR_X509_CRITICAL_EXTENSION
Unknown critical extension in certificate.
.B 58 BR_ERR_X509_NOT_CA
Not a CA, or path length constraint violation.
.B 59 BR_ERR_X509_FORBIDDEN_KEY_USAGE
Key Usage extension prohibits the intended usage.
.B 60 BR_ERR_X509_WEAK_PUBLIC_KEY
Public key found in certificate is too small.
.B 62 BR_ERR_X509_NOT_TRUSTED
Chain could not be linked to a trust anchor.
.SH FATAL ALERTS
When a fatal alert is received from the peer, the error code
is 256 + the TLS alert value. When a fatal alert is sent to
the peer, the error code is 512 + the TLS alert value.
Common alert values:
0 close_notify
10 unexpected_message
20 bad_record_mac
40 handshake_failure
42 bad_certificate
43 unsupported_certificate
44 certificate_revoked
45 certificate_expired
46 certificate_unknown
47 illegal_parameter
48 unknown_ca
50 decode_error
51 decrypt_error
70 protocol_version
71 insufficient_security
80 internal_error
86 unrecognized_name
112 no_application_protocol
For example, error 296 means a handshake_failure alert was
received (256 + 40 = 296).
.SH SEE ALSO
fetch(1), syscalls(2)
+64
View File
@@ -0,0 +1,64 @@
.TH WIKI 1
.SH NAME
wiki - Wikipedia article viewer for ZenithOS
.SH SYNOPSIS
wiki <title>
wiki -f <title>
wiki -s <query>
.SH DESCRIPTION
wiki fetches and displays Wikipedia articles in the terminal.
It connects to en.wikipedia.org over HTTPS (TLS 1.2) and
uses the Wikipedia REST and Action APIs to retrieve article
content as plain text.
Articles are displayed in a fullscreen interactive pager with
color-coded headings and word-wrapped text. Multi-word titles
are accepted as separate arguments and joined automatically.
.SH OPTIONS
.B -f
Full article mode. Display the complete article text instead
of just the summary. Section headings are color-coded.
.B -s
Search mode. Search Wikipedia for articles matching the
query and display a numbered list of up to 10 results.
Press a number key to view that article's summary.
.SH EXAMPLES
wiki Linux
Show a summary of the Linux article.
wiki -f C programming language
Show the full text of the C programming language article.
wiki -s operating system
Search for articles related to "operating system".
.SH TLS SUPPORT
Connections use BearSSL for TLS 1.2. Server certificates
are validated against the system CA bundle at
0:/etc/ca-certificates.crt.
.SH KEYBOARD
.SS Article pager
j / Down Scroll down one line
k / Up Scroll up one line
Space / PgDn Scroll down one page
b / PgUp Scroll up one page
g / Home Jump to top
G / End Jump to bottom
q Quit pager
.SS Search results
1-9, 0 View article (0 = result 10)
q Quit search
.SS General
Ctrl+Q Abort during network request
.SH SEE ALSO
fetch(1), ping(1), nslookup(1), shell(1)