Don't panic if `set_child_tid` is invalid

This change primarily provides statistical data for the `processes` field in `/proc/stat`.
This field represents the total count of all processes and threads created since system boot,
rather than just processes as the name might imply.

.github/ISSUE_TEMPLATE/rfc.md

@@ -1,46 +0,0 @@
----
-name: RFC Submission
-about: Propose a new idea or significant change for consideration
-title: Concise description of the proposal
-labels: C-rfc
----
-
-<!-- Thank you for taking the time to propose a new idea or significant change. Please provide a comprehensive overview of the concepts and motivations at play. -->
-
-### Summary
-
-<!-- Briefly summarize the idea, change, or feature you are proposing. What is it about, and what does it aim to achieve? -->
-
-### Context and Problem Statement
-
-<!-- Describe the problem or inadequacy of the current situation/state that your proposal is addressing. This is a key aspect of putting your RFC into context. -->
-
-### Proposal
-
-<!-- Clearly and comprehensively describe your proposal including high-level technical specifics, any new interfaces or APIs, and how it should integrate into the existing system. -->
-
-### Motivation and Rationale
-
-<!-- Elaborate on why this proposal is important. Provide justifications for why it should be considered and what benefits it brings. Include use cases, user stories, and pain points it intends to solve. -->
-
-### Detailed Design
-
-<!-- Dive into the nitty-gritty details of your proposal. Discuss possible implementation strategies, potential issues, and how the proposal would alter workflows, behaviors, or structures. Include pseudocode, diagrams, or mock-ups if possible. -->
-
-### Alternatives Considered
-
-<!-- Detail any alternative solutions or features you've considered. Why were they discarded in favor of this proposal? -->
-
-### Additional Information and Resources
-
-<!-- Offer any additional information, context, links, or resources that stakeholders might find helpful for understanding the proposal. -->
-
-### Open Questions
-
-<!-- List any questions that you have that might need further discussion. This can include areas where you are seeking feedback or require input to finalize decisions. -->
-
-### Future Possibilities
-
-<!-- If your RFC is likely to lead to subsequent changes, provide a brief outline of what those might be and how your proposal may lay the groundwork for them. -->
-
-<!-- We appreciate your effort in contributing to the evolution of our system and look forward to reviewing and discussing your ideas! -->

.github/actions/benchmark/action.yml

@@ -41,7 +41,7 @@ runs:
       shell: bash
       run: |
         make install_osdk
-        bash test/benchmark/bench_linux_and_aster.sh "${{ matrix.benchmarks }}" "${{ inputs.platform }}"
+        bash test/src/benchmark/bench_linux_and_aster.sh "${{ matrix.benchmarks }}" "${{ inputs.platform }}"
         BENCHMARK_ARTIFACT=results_$(echo "${{ matrix.benchmarks }}" | tr '/' '-')
         echo "BENCHMARK_ARTIFACT=$BENCHMARK_ARTIFACT" >> $GITHUB_ENV
 
@@ -76,8 +76,8 @@ runs:
           BENCHMARK_DIR=$(echo "$benchmark_id" | sed 's/-/\//g')
           BENCHMARK_SUITE=$(echo "$BENCHMARK_DIR" | awk -F'/' '{print $1}')
           BENCHMARK_NAME=$(echo "$BENCHMARK_DIR" | sed -E 's|^[^/]+/||; s|/bench_results||g; s|/|_|g')
-          BENCH_RESULT_YAML="test/benchmark/${BENCHMARK_DIR}/bench_result.yaml"
-          [ -f "$BENCH_RESULT_YAML" ] || BENCH_RESULT_YAML="test/benchmark/${BENCHMARK_DIR}.yaml"
+          BENCH_RESULT_YAML="test/src/benchmark/${BENCHMARK_DIR}/bench_result.yaml"
+          [ -f "$BENCH_RESULT_YAML" ] || BENCH_RESULT_YAML="test/src/benchmark/${BENCHMARK_DIR}.yaml"
 
           if [ ! -f "$BENCH_RESULT_YAML" ]; then
             echo "Warning: YAML file not found for $benchmark_id at $BENCH_RESULT_YAML. Skipping config generation."
@@ -91,9 +91,9 @@ runs:
           DESCRIPTION=$(yq -r '.chart.description // "No description provided"' "$BENCH_RESULT_YAML")
 
           # Generate summary JSON if needed (only once per suite)
-          SUMMARY_JSON="test/benchmark/$BENCHMARK_SUITE/summary.json"
+          SUMMARY_JSON="test/src/benchmark/$BENCHMARK_SUITE/summary.json"
           if [ ! -f "$SUMMARY_JSON" ]; then
-              SUMMARY_YAML="test/benchmark/$BENCHMARK_SUITE/summary.yaml"
+              SUMMARY_YAML="test/src/benchmark/$BENCHMARK_SUITE/summary.yaml"
               if [ -f "$SUMMARY_YAML" ]; then
                 yq . "$SUMMARY_YAML" > "$SUMMARY_JSON"
                 echo "Generated $SUMMARY_JSON"

.github/actions/test/action.yml

@@ -31,7 +31,7 @@ inputs:
   
   # Test Parameters
   arch:
-    description: 'Architecture (x86_64/riscv64)'
+    description: 'Architecture (x86_64/riscv64/loongarch64)'
     required: false
   extra_blocklists:
     description: 'Extra blocklists directories'
@@ -70,7 +70,7 @@ runs:
         [[ "${{ matrix.id }}" == "compile" ]] && CMD+="make build FEATURES=all"
         [[ "${{ matrix.id }}" == "usermode_test" ]] && CMD+="make test"
         [[ "${{ matrix.id }}" == "ktest" ]] && CMD+="make ktest NETDEV=tap"
-        [[ -n "${{ inputs.arch }}" ]] && CMD+=" ARCH=${{ inputs.arch }}"
+        [[ -n "${{ inputs.arch }}" ]] && CMD+=" OSDK_TARGET_ARCH=${{ inputs.arch }}"
         
         echo "Executing: $CMD"
         eval $CMD
@@ -86,7 +86,7 @@ runs:
         [[ -n "${{ inputs.smp }}" ]] && CMD+=" SMP=${{ inputs.smp }}"
         [[ -n "${{ inputs.netdev }}" ]] && CMD+=" NETDEV=${{ inputs.netdev }}"
         [[ -n "${{ inputs.scheme }}" ]] && CMD+=" SCHEME=${{ inputs.scheme }}"
-        [[ -n "${{ inputs.arch }}" ]] && CMD+=" ARCH=${{ inputs.arch }}"
+        [[ -n "${{ inputs.arch }}" ]] && CMD+=" OSDK_TARGET_ARCH=${{ inputs.arch }}"
         [[ -n "${{ inputs.extra_blocklists }}" ]] && CMD+=" EXTRA_BLOCKLISTS_DIRS=${{ inputs.extra_blocklists }}"
         [[ -n "${{ inputs.syscall_test_suite }}" ]] && CMD+=" SYSCALL_TEST_SUITE=${{ inputs.syscall_test_suite }}"
         [[ -n "${{ inputs.syscall_test_workdir }}" ]] && CMD+=" SYSCALL_TEST_WORKDIR=${{ inputs.syscall_test_workdir }}"

.github/workflows/benchmark_x86.yml

@@ -3,8 +3,8 @@ on:
   # In case of manual trigger, use workflow_dispatch
   workflow_dispatch:
   schedule:
-    # Schedule to run on every day at 20:00 UTC (04:00 Beijing Time)
-    - cron: '0 20 * * *'
+    # Schedule to run on every day at 17:00 UTC (01:00 Beijing Time)
+    - cron: '0 17 * * *'
 
 jobs:
   Benchmarks:
@@ -107,7 +107,7 @@ jobs:
       max-parallel: 1
     timeout-minutes: 60
     container: 
-      image: asterinas/asterinas:0.15.2-20250613
+      image: asterinas/asterinas:0.16.1-20250922
       options: --device=/dev/kvm --privileged
 
     steps:

.github/workflows/benchmark_x86_tdx.yml

@@ -3,8 +3,8 @@ on:
   # In case of manual trigger, use workflow_dispatch
   workflow_dispatch:
   schedule:
-    # Schedule to run on every day at 20:00 UTC (04:00 Beijing Time)
-    - cron: '0 18 * * *'
+    # Schedule to run on every day at 16:00 UTC (00:00 Beijing Time)
+    - cron: '0 16 * * *'
 
 jobs:
   Benchmarks:
@@ -108,7 +108,7 @@ jobs:
       max-parallel: 1
     timeout-minutes: 60
     container: 
-      image: asterinas/asterinas:0.15.2-20250613-tdx
+      image: asterinas/asterinas:0.16.1-20250922
       options: --device=/dev/kvm --privileged
 
     steps:

.github/workflows/publish_api_docs.yml

@@ -0,0 +1,48 @@
+name: Publish API Docs
+
+on:
+  # Manally run
+  workflow_dispatch:
+  # Pull request events for checking API docs
+  pull_request:
+  # Scheduled events for nightly API docs
+  schedule:
+    # UTC 00:00 everyday
+    - cron: "0 0 * * *"
+  # Events for API docs of new release
+  push:
+    branches:
+      - main
+    paths:
+      - VERSION
+  
+jobs: 
+  check_api_docs:
+    runs-on: ubuntu-latest
+    timeout-minutes: 15
+    container: asterinas/asterinas:0.16.1-20250922
+
+    steps: 
+      - uses: actions/checkout@v4
+
+      - name: Check API docs
+        if: github.event_name == 'pull_request'
+        run: ./tools/github_workflows/publish_api_docs.sh --dry-run
+
+      - name: Build & Upload Nightly API Docs
+        if: github.event_name == 'schedule' || github.event_name == 'workflow_dispatch'
+        env:
+          API_DOCS_NIGHTLY_PUBLISH_KEY: ${{ secrets.API_DOCS_NIGHTLY_PUBLISH_KEY }}
+        run: |
+          KEY_FILE=./api_docs_nightly_publish_key
+          echo "$API_DOCS_NIGHTLY_PUBLISH_KEY\n" > ${KEY_FILE}
+          ./tools/github_workflows/publish_api_docs.sh nightly ${KEY_FILE} 
+
+      - name: Build & Upload Release API Docs
+        if: github.event_name == 'push' || github.event_name == 'workflow_dispatch'
+        env:
+          API_DOCS_PUBLISH_KEY: ${{ secrets.API_DOCS_PUBLISH_KEY }}
+        run: |
+          KEY_FILE=./api_docs_publish_key
+          echo "$API_DOCS_PUBLISH_KEY\n" > ${KEY_FILE}
+          ./tools/github_workflows/publish_api_docs.sh release ${KEY_FILE} 

.github/workflows/publish_docker_images.yml

@@ -30,7 +30,7 @@ jobs:
           build-args: |
             ASTER_RUST_VERSION=${{ steps.prepare-for-docker-build-and-push.outputs.rust_version }}
 
-  publish_osdk_tdx_image:
+  publish_nix_image:
     needs: publish_osdk_image
     runs-on: ubuntu-latest
     steps:
@@ -38,22 +38,22 @@ jobs:
       - name: Prepare for Docker build and push
         id: prepare-for-docker-build-and-push
         run: |
-          ./tools/github_workflows/prepare_for_docker_build_and_push.sh ${{ secrets.DOCKERHUB_USERNAME }} ${{ secrets.DOCKERHUB_TOKEN }} osdk-tdx
+          ./tools/github_workflows/prepare_for_docker_build_and_push.sh ${{ secrets.DOCKERHUB_USERNAME }} ${{ secrets.DOCKERHUB_TOKEN }} nix
 
-      - name: Build and push the OSDK development image for Intel TDX
+      - name: Build and push the Nix image
         if: ${{ steps.prepare-for-docker-build-and-push.outputs.is_existed == 'false' }}
         uses: docker/build-push-action@v4
         with:
           context: .
-          file: ./osdk/tools/docker/tdx/Dockerfile
+          file: ./tools/docker/nix/Dockerfile
           platforms: linux/amd64
           push: true
-          tags: asterinas/osdk:${{ steps.prepare-for-docker-build-and-push.outputs.image_version }}-tdx
+          tags: asterinas/nix:${{ steps.prepare-for-docker-build-and-push.outputs.image_version }}
           build-args: |
             BASE_VERSION=${{ steps.prepare-for-docker-build-and-push.outputs.image_version }}
 
   publish_asterinas_image:
-    needs: publish_osdk_image
+    needs: publish_nix_image
     runs-on: ubuntu-latest
     steps:
       - uses: actions/checkout@v4
@@ -73,25 +73,3 @@ jobs:
           tags: asterinas/asterinas:${{ steps.prepare-for-docker-build-and-push.outputs.image_version }}
           build-args: |
             BASE_VERSION=${{ steps.prepare-for-docker-build-and-push.outputs.image_version }}
-
-  publish_asterinas_tdx_image:
-    needs: publish_asterinas_image
-    runs-on: ubuntu-latest
-    steps:
-      - uses: actions/checkout@v4
-      - name: Prepare for Docker build and push
-        id: prepare-for-docker-build-and-push
-        run: |
-          ./tools/github_workflows/prepare_for_docker_build_and_push.sh ${{ secrets.DOCKERHUB_USERNAME }} ${{ secrets.DOCKERHUB_TOKEN }} asterinas-tdx
-
-      - name: Build and push the Asterinas development image for Intel TDX
-        if: ${{ steps.prepare-for-docker-build-and-push.outputs.is_existed == 'false' }}
-        uses: docker/build-push-action@v4
-        with:
-          context: .
-          file: ./tools/docker/tdx/Dockerfile
-          platforms: linux/amd64
-          push: true
-          tags: asterinas/asterinas:${{ steps.prepare-for-docker-build-and-push.outputs.image_version }}-tdx
-          build-args: |
-            BASE_VERSION=${{ steps.prepare-for-docker-build-and-push.outputs.image_version }}

.github/workflows/publish_osdk_and_ostd.yml

@@ -17,7 +17,7 @@ jobs:
   publish:
     runs-on: ubuntu-latest
     timeout-minutes: 10
-    container: asterinas/asterinas:0.15.2-20250613
+    container: asterinas/asterinas:0.16.1-20250922
     steps:
       - uses: actions/checkout@v4
 

.github/workflows/publish_website.yml

@@ -4,20 +4,20 @@ on:
   workflow_dispatch:
   pull_request:
     paths:
-      - docs/**
+      - book/**
       - .github/workflows/update-website.yml
   push:
     branches:
       - main
     paths:
-      - docs/**
+      - book/**
       - .github/workflows/update-website.yml
 
 jobs:
   build_and_deploy:
     runs-on: ubuntu-latest
     timeout-minutes: 15
-    container: asterinas/asterinas:0.15.2-20250613
+    container: asterinas/asterinas:0.16.1-20250922
     steps:
       - uses: actions/checkout@v2
         with:
@@ -26,7 +26,7 @@ jobs:
       
       - name: Build the website
         run: |
-          cd asterinas/docs
+          cd asterinas/book
           mdbook build
 
       - name: Deploy website
@@ -45,7 +45,7 @@ jobs:
           cd temp_book
           git checkout --orphan newBranch
           git rm -rf *
-          cp -r ../asterinas/docs/book/* ./
+          cp -r ../asterinas/book/book/* ./
           git add -A
           git commit -am "Update website"
           git branch -D main

.github/workflows/push_git_tag.yml

@@ -18,4 +18,4 @@ jobs:
         uses: pxpm/github-tag-action@1.0.1
         with:
           repo-token: ${{ secrets.GITHUB_TOKEN }}
-          tag: v0.15.2
+          tag: v0.16.1

.github/workflows/test_asterinas_vsock.yml

@@ -23,7 +23,7 @@ jobs:
         run: |
             docker run \
               --privileged --network=host --device=/dev/kvm \
-              -v ./:/root/asterinas asterinas/asterinas:0.15.2-20250613 \
+              -v ./:/root/asterinas asterinas/asterinas:0.16.1-20250922 \
               make run AUTO_TEST=vsock ENABLE_KVM=0 SCHEME=microvm RELEASE_MODE=1 &
       - name: Run Vsock Client on Host
         id: host_vsock_client

.github/workflows/test_loongarch.yml

@@ -0,0 +1,27 @@
+name: "Test loongarch64  "
+
+on:
+  workflow_dispatch:
+  pull_request:
+  push:
+    branches:
+      - main
+
+jobs:
+  basic-test:
+    runs-on: ubuntu-latest
+    container:
+      image: asterinas/asterinas:0.16.1-20250922
+      options: --device=/dev/kvm --privileged
+    strategy:
+      matrix:
+        id: ['lint', 'compile']
+      fail-fast: false
+    steps:
+      - uses: actions/checkout@v4
+      - name: Run basic tests
+        uses: ./.github/actions/test
+        with:
+          auto_test: 'general'
+          runs_on: 'ubuntu-latest'
+          arch: 'loongarch64'

.github/workflows/test_riscv.yml

@@ -11,7 +11,7 @@ jobs:
   basic-test:
     runs-on: ubuntu-latest
     container:
-      image: asterinas/asterinas:0.15.2-20250613
+      image: asterinas/asterinas:0.16.1-20250922
       options: --device=/dev/kvm --privileged
     strategy:
       matrix:

.github/workflows/test_x86.yml

@@ -11,7 +11,7 @@ jobs:
   basic-test:
     runs-on: ubuntu-latest
     container:
-      image: asterinas/asterinas:0.15.2-20250613
+      image: asterinas/asterinas:0.16.1-20250922
       options: --device=/dev/kvm --privileged
     strategy:
       matrix:
@@ -28,7 +28,7 @@ jobs:
   integration-test:
     runs-on: ubuntu-latest
     container:
-      image: asterinas/asterinas:0.15.2-20250613
+      image: asterinas/asterinas:0.16.1-20250922
       options: --device=/dev/kvm --privileged
     strategy:
       matrix:
@@ -66,8 +66,9 @@ jobs:
             boot_protocol: 'multiboot2'
             smp: 4
 
-          # General Test (Linux EFI Handover)
-          - test_id: 'general-handover64'
+          # General Test (Linux EFI Handover) (Debug Build)
+          - test_id: 'general-handover64-debug'
+            release: false
             boot_protocol: 'linux-efi-handover64'
           # SMP General Test (Multiboot2)
           - test_id: 'general-multiboot2-smp4'
@@ -81,8 +82,8 @@ jobs:
         with:
           auto_test: ${{ (startsWith(matrix.test_id, 'boot') && 'boot') ||
               (startsWith(matrix.test_id, 'syscall') && 'syscall') || 'test' }}
-          release: ${{ matrix.release || true }}
-          enable_kvm: ${{ matrix.enable_kvm || true }}
+          release: ${{ !contains(matrix.release, 'false') }}
+          enable_kvm: ${{ !contains(matrix.enable_kvm, 'false') }}
           smp: ${{ matrix.smp }}
           netdev: ${{ matrix.netdev || 'tap' }}
           scheme: ${{ matrix.scheme }}
@@ -96,8 +97,8 @@ jobs:
         with:
           auto_test: ${{ (startsWith(matrix.test_id, 'boot') && 'boot') ||
               (startsWith(matrix.test_id, 'syscall') && 'syscall') || 'test' }}
-          release: ${{ matrix.release || true }}
-          enable_kvm: ${{ matrix.enable_kvm || true }}
+          release: ${{ !contains(matrix.release, 'false') }}
+          enable_kvm: ${{ !contains(matrix.enable_kvm, 'false') }}
           smp: ${{ matrix.smp }}
           netdev: ${{ matrix.netdev || 'tap' }}
           scheme: ${{ matrix.scheme }}
@@ -110,7 +111,7 @@ jobs:
     runs-on: ubuntu-latest
     strategy:
       matrix:
-        image: ['asterinas/asterinas:0.15.2-20250613', 'asterinas/osdk:0.15.2-20250613']
+        image: ['asterinas/asterinas:0.16.1-20250922', 'asterinas/osdk:0.16.1-20250922']
       fail-fast: false
     container:
       image: ${{ matrix.image }}

.github/workflows/test_x86_tdx.yml

@@ -10,7 +10,7 @@ jobs:
   integration-test:
     runs-on: self-hosted
     container:
-      image: asterinas/asterinas:0.15.2-20250613-tdx
+      image: asterinas/asterinas:0.16.1-20250922
       options: --device=/dev/kvm --privileged
     strategy:
       matrix:
@@ -58,7 +58,7 @@ jobs:
     runs-on: self-hosted
     strategy:
       matrix:
-        image: ['asterinas/asterinas:0.15.2-20250613-tdx', 'asterinas/osdk:0.15.2-20250613-tdx']
+        image: ['asterinas/asterinas:0.16.1-20250922', 'asterinas/osdk:0.16.1-20250922']
       fail-fast: false
     container:
       image: ${{ matrix.image }}

.typos.toml

@@ -13,6 +13,8 @@ TME  = "TME"
 BA   = "BA"
 ND   = "ND"
 Fo   = "Fo"
+pn   = "pn"
+sme  = "sme"
 Inh  = "Inh"
 DELET = "DELET"
 wrk = "wrk"
@@ -28,8 +30,8 @@ check-file = false
 # Files listed below are ignored to check.
 [files]
 extend-exclude = [
-    "test/syscall_test/gvisor/blocklists/pty_test",
+    "test/src/syscall/gvisor/blocklists/pty_test",
     "test/build/initramfs/opt/gvisor/blocklists/pty_test",
-    "test/syscall_test/gvisor/blocklists/sync_test",
+    "test/src/syscall/gvisor/blocklists/sync_test",
     "test/build/initramfs/opt/gvisor/blocklists/sync_test",
 ]

.vscode/settings.json

@@ -12,6 +12,10 @@
         "kernel/Cargo.toml",
         "--target",
         "x86_64-unknown-none",
+        "--target",
+        "riscv64imac-unknown-none-elf",
+        "--target",
+        "loongarch64-unknown-none-softfloat",
         "-Zbuild-std=core,alloc,compiler_builtins",
         "-Zbuild-std-features=compiler-builtins-mem"
     ],

CODEOWNERS

@@ -45,9 +45,11 @@
 # Component code owners
 /kernel/comps/block/            @lucassong-mh
 /kernel/comps/framebuffer/      @cqs21 @lrh2000
+/kernel/comps/keyboard/         @cqs21 @lrh2000
 /kernel/comps/logger/           @cchanging
 /kernel/comps/mlsdisk/          @cqs21 @lucassong-mh
 /kernel/comps/network/          @StevenJiang1110 @lrh2000
+/kernel/comps/pci/              @sdww0
 /kernel/comps/softirq/          @cchanging
 /kernel/comps/time/             @cchanging
 /kernel/comps/virtio/           @sdww0
@@ -71,7 +73,6 @@
 /ostd/                          @lrh2000 @junyang-zh @sdww0
 
 # Module code owners
-/ostd/src/bus/                  @sdww0
 /ostd/src/logger.rs             @cchanging
 /ostd/src/timer/                @cchanging
 
@@ -81,7 +82,7 @@
 
 /.github/                       @grief8
 /osdk/tools/docker/             @grief8
-/test/                          @grief8
+/test/                          @cqs21
 /tools/                         @grief8
 /triagebot.toml                 @grief8
 
@@ -91,3 +92,4 @@
 # The following critical files are singled out
 /CODEOWNERS                     @tatetian
 /VERSION                        @tatetian
+/RELEASES                       @tatetian

Cargo.lock

@@ -95,6 +95,7 @@ name = "aster-block"
 version = "0.1.0"
 dependencies = [
  "align_ext",
+ "aster-util",
  "bitvec",
  "component",
  "int-to-c-enum",
@@ -108,6 +109,7 @@ name = "aster-console"
 version = "0.1.0"
 dependencies = [
  "component",
+ "font8x8",
  "ostd",
  "spin",
 ]
@@ -117,8 +119,8 @@ name = "aster-framebuffer"
 version = "0.1.0"
 dependencies = [
  "aster-console",
+ "aster-keyboard",
  "component",
- "font8x8",
  "log",
  "ostd",
  "spin",
@@ -134,6 +136,18 @@ dependencies = [
  "spin",
 ]
 
+[[package]]
+name = "aster-keyboard"
+version = "0.1.0"
+dependencies = [
+ "aster-input",
+ "bitflags 2.9.1",
+ "component",
+ "log",
+ "ostd",
+ "spin",
+]
+
 [[package]]
 name = "aster-logger"
 version = "0.1.0"
@@ -187,6 +201,7 @@ dependencies = [
  "aster-console",
  "aster-framebuffer",
  "aster-input",
+ "aster-keyboard",
  "aster-logger",
  "aster-mlsdisk",
  "aster-network",
@@ -212,10 +227,13 @@ dependencies = [
  "inherit-methods-macro",
  "int-to-c-enum",
  "intrusive-collections",
+ "jhash",
  "keyable-arc",
  "lending-iterator",
  "libflate",
  "log",
+ "logo-ascii-art",
+ "loongArch64",
  "lru",
  "osdk-frame-allocator",
  "osdk-heap-allocator",
@@ -233,6 +251,20 @@ dependencies = [
  "xmas-elf",
 ]
 
+[[package]]
+name = "aster-pci"
+version = "0.1.0"
+dependencies = [
+ "align_ext",
+ "bitflags 1.3.2",
+ "cfg-if",
+ "component",
+ "fdt",
+ "log",
+ "ostd",
+ "spin",
+]
+
 [[package]]
 name = "aster-rights"
 version = "0.1.0"
@@ -256,6 +288,7 @@ dependencies = [
 name = "aster-softirq"
 version = "0.1.0"
 dependencies = [
+ "aster-util",
  "component",
  "intrusive-collections",
  "ostd",
@@ -266,6 +299,7 @@ dependencies = [
 name = "aster-systree"
 version = "0.1.0"
 dependencies = [
+ "aster-util",
  "bitflags 2.9.1",
  "component",
  "inherit-methods-macro",
@@ -292,6 +326,7 @@ dependencies = [
  "aster-rights",
  "aster-rights-proc",
  "inherit-methods-macro",
+ "osdk-heap-allocator",
  "ostd",
  "typeflags-util",
 ]
@@ -305,6 +340,7 @@ dependencies = [
  "aster-console",
  "aster-input",
  "aster-network",
+ "aster-pci",
  "aster-rights",
  "aster-softirq",
  "aster-systree",
@@ -418,6 +454,15 @@ version = "1.5.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "1fd0f2584146f6f2ef48085050886acf353beff7305ebd1ae69500e27c67f64b"
 
+[[package]]
+name = "cc"
+version = "1.2.5"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "c31a0499c1dc64f458ad13872de75c0eb7e3fdb0e67964610c914b034fc5956e"
+dependencies = [
+ "shlex",
+]
+
 [[package]]
 name = "cfg-if"
 version = "1.0.0"
@@ -1031,11 +1076,11 @@ dependencies = [
 
 [[package]]
 name = "linux-boot-params"
-version = "0.15.2"
+version = "0.16.1"
 
 [[package]]
 name = "linux-bzimage-builder"
-version = "0.15.2"
+version = "0.16.1"
 dependencies = [
  "align_ext",
  "bitflags 1.3.2",
@@ -1047,7 +1092,7 @@ dependencies = [
 
 [[package]]
 name = "linux-bzimage-setup"
-version = "0.15.2"
+version = "0.16.1"
 dependencies = [
  "cfg-if",
  "core2",
@@ -1077,6 +1122,23 @@ version = "0.4.27"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "13dc2df351e3202783a1fe0d44375f7295ffb4049267b0f3018346dc122a1d94"
 
+[[package]]
+name = "logo-ascii-art"
+version = "0.1.0"
+dependencies = [
+ "owo-colors 4.2.2",
+]
+
+[[package]]
+name = "loongArch64"
+version = "0.2.5"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "7c9f0d275c70310e2a9d2fc23250c5ac826a73fa828a5f256401f85c5c554283"
+dependencies = [
+ "bit_field",
+ "bitflags 2.9.1",
+]
+
 [[package]]
 name = "lru"
 version = "0.12.5"
@@ -1123,6 +1185,16 @@ dependencies = [
  "autocfg",
 ]
 
+[[package]]
+name = "minicov"
+version = "0.3.7"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "f27fe9f1cc3c22e1687f9446c2083c4c5fc7f0bcf1c7a86bdbded14985895b4b"
+dependencies = [
+ "cc",
+ "walkdir",
+]
+
 [[package]]
 name = "multiboot2"
 version = "0.24.0"
@@ -1174,75 +1246,12 @@ dependencies = [
  "syn 1.0.109",
 ]
 
-[[package]]
-name = "num"
-version = "0.4.3"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "35bd024e8b2ff75562e5f34e7f4905839deb4b22955ef5e73d2fea1b9813cb23"
-dependencies = [
- "num-complex",
- "num-integer",
- "num-iter",
- "num-rational",
- "num-traits",
-]
-
-[[package]]
-name = "num-complex"
-version = "0.4.6"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "73f88a1307638156682bada9d7604135552957b7818057dcef22705b4d509495"
-dependencies = [
- "num-traits",
-]
-
 [[package]]
 name = "num-conv"
 version = "0.1.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "51d515d32fb182ee37cda2ccdcb92950d6a3c2893aa280e540671c2cd0f3b1d9"
 
-[[package]]
-name = "num-derive"
-version = "0.4.2"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "ed3955f1a9c7c0c15e092f9c887db08b1fc683305fdf6eb6684f22555355e202"
-dependencies = [
- "proc-macro2",
- "quote",
- "syn 2.0.101",
-]
-
-[[package]]
-name = "num-integer"
-version = "0.1.46"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "7969661fd2958a5cb096e56c8e1ad0444ac2bbcd0061bd28660485a44879858f"
-dependencies = [
- "num-traits",
-]
-
-[[package]]
-name = "num-iter"
-version = "0.1.45"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "1429034a0490724d0075ebb2bc9e875d6503c3cf69e235a8941aa757d83ef5bf"
-dependencies = [
- "autocfg",
- "num-integer",
- "num-traits",
-]
-
-[[package]]
-name = "num-rational"
-version = "0.4.2"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "f83d14da390562dca69fc84082e73e548e1ad308d24accdedd2720017cb37824"
-dependencies = [
- "num-integer",
- "num-traits",
-]
-
 [[package]]
 name = "num-traits"
 version = "0.2.19"
@@ -1266,7 +1275,7 @@ checksum = "c08d65885ee38876c4f86fa503fb49d7b507c2b62552df7c70b2fce627e06381"
 
 [[package]]
 name = "osdk-frame-allocator"
-version = "0.15.2"
+version = "0.16.1"
 dependencies = [
  "log",
  "ostd",
@@ -1275,7 +1284,7 @@ dependencies = [
 
 [[package]]
 name = "osdk-heap-allocator"
-version = "0.15.2"
+version = "0.16.1"
 dependencies = [
  "log",
  "ostd",
@@ -1283,15 +1292,15 @@ dependencies = [
 
 [[package]]
 name = "osdk-test-kernel"
-version = "0.15.2"
+version = "0.16.1"
 dependencies = [
  "ostd",
- "owo-colors 4.2.0",
+ "owo-colors 4.2.2",
 ]
 
 [[package]]
 name = "ostd"
-version = "0.15.2"
+version = "0.16.1"
 dependencies = [
  "acpi",
  "align_ext",
@@ -1309,9 +1318,9 @@ dependencies = [
  "intrusive-collections",
  "linux-boot-params",
  "log",
+ "loongArch64",
+ "minicov",
  "multiboot2",
- "num",
- "num-derive",
  "num-traits",
  "ostd-macros",
  "ostd-pod",
@@ -1329,7 +1338,7 @@ dependencies = [
 
 [[package]]
 name = "ostd-macros"
-version = "0.15.2"
+version = "0.16.1"
 dependencies = [
  "proc-macro2",
  "quote",
@@ -1357,7 +1366,7 @@ dependencies = [
 
 [[package]]
 name = "ostd-test"
-version = "0.15.2"
+version = "0.16.1"
 
 [[package]]
 name = "owo-colors"
@@ -1367,9 +1376,9 @@ checksum = "c1b04fb49957986fdce4d6ee7a65027d55d4b6d2265e5848bbb507b58ccfdb6f"
 
 [[package]]
 name = "owo-colors"
-version = "4.2.0"
+version = "4.2.2"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "1036865bb9422d3300cf723f657c2851d0e9ab12567854b1f4eba3d77decf564"
+checksum = "48dd4f4a2c8405440fd0462561f0e5806bd0f77e86f51c761481bdd4018b545e"
 
 [[package]]
 name = "paste"
@@ -1583,6 +1592,15 @@ version = "1.0.20"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "eded382c5f5f786b989652c49544c4877d9f015cc22e145a5ea8ea66c2921cd2"
 
+[[package]]
+name = "same-file"
+version = "1.0.6"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "93fc1dc3aaa9bfed95e02e6eadabb4baf7e3078b0bd1b4d7b6b0b68378900502"
+dependencies = [
+ "winapi-util",
+]
+
 [[package]]
 name = "sbi-rt"
 version = "0.0.3"
@@ -1639,6 +1657,12 @@ dependencies = [
  "serde",
 ]
 
+[[package]]
+name = "shlex"
+version = "1.3.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "0fda2ff0d084019ba4d7c6f371c95d8fd75ce3524c3cb8fb653a3023f6323e64"
+
 [[package]]
 name = "smallvec"
 version = "1.15.0"
@@ -1934,12 +1958,104 @@ version = "0.6.1"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "af8ca9a5d4debca0633e697c88269395493cebf2e10db21ca2dbde37c1356452"
 
+[[package]]
+name = "walkdir"
+version = "2.5.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "29790946404f91d9c5d06f9874efddea1dc06c5efe94541a7d6863108e3a5e4b"
+dependencies = [
+ "same-file",
+ "winapi-util",
+]
+
 [[package]]
 name = "wasi"
 version = "0.11.0+wasi-snapshot-preview1"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "9c8d87e72b64a3b4db28d11ce29237c246188f4f51057d65a7eab63b7987e423"
 
+[[package]]
+name = "winapi-util"
+version = "0.1.9"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "cf221c93e13a30d793f7645a0e7762c55d169dbb0a49671918a2319d289b10bb"
+dependencies = [
+ "windows-sys",
+]
+
+[[package]]
+name = "windows-sys"
+version = "0.59.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "1e38bc4d79ed67fd075bcc251a1c39b32a1776bbe92e5bef1f0bf1f8c531853b"
+dependencies = [
+ "windows-targets",
+]
+
+[[package]]
+name = "windows-targets"
+version = "0.52.6"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "9b724f72796e036ab90c1021d4780d4d3d648aca59e491e6b98e725b84e99973"
+dependencies = [
+ "windows_aarch64_gnullvm",
+ "windows_aarch64_msvc",
+ "windows_i686_gnu",
+ "windows_i686_gnullvm",
+ "windows_i686_msvc",
+ "windows_x86_64_gnu",
+ "windows_x86_64_gnullvm",
+ "windows_x86_64_msvc",
+]
+
+[[package]]
+name = "windows_aarch64_gnullvm"
+version = "0.52.6"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "32a4622180e7a0ec044bb555404c800bc9fd9ec262ec147edd5989ccd0c02cd3"
+
+[[package]]
+name = "windows_aarch64_msvc"
+version = "0.52.6"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "09ec2a7bb152e2252b53fa7803150007879548bc709c039df7627cabbd05d469"
+
+[[package]]
+name = "windows_i686_gnu"
+version = "0.52.6"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "8e9b5ad5ab802e97eb8e295ac6720e509ee4c243f69d781394014ebfe8bbfa0b"
+
+[[package]]
+name = "windows_i686_gnullvm"
+version = "0.52.6"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "0eee52d38c090b3caa76c563b86c3a4bd71ef1a819287c19d586d7334ae8ed66"
+
+[[package]]
+name = "windows_i686_msvc"
+version = "0.52.6"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "240948bc05c5e7c6dabba28bf89d89ffce3e303022809e73deaefe4f6ec56c66"
+
+[[package]]
+name = "windows_x86_64_gnu"
+version = "0.52.6"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "147a5c80aabfbf0c7d901cb5895d1de30ef2907eb21fbbab29ca94c5b08b1a78"
+
+[[package]]
+name = "windows_x86_64_gnullvm"
+version = "0.52.6"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "24d5b23dc417412679681396f2b49f3de8c1473deb516bd34410872eff51ed0d"
+
+[[package]]
+name = "windows_x86_64_msvc"
+version = "0.52.6"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "589f6da84c646204747d1270a2a5661ea66ed1cced2631d546fdfb155959f9ec"
+
 [[package]]
 name = "winnow"
 version = "0.5.40"

Cargo.toml

@@ -17,6 +17,7 @@ members = [
     "kernel/comps/console",
     "kernel/comps/framebuffer",
     "kernel/comps/input",
+    "kernel/comps/keyboard",
     "kernel/comps/network",
     "kernel/comps/softirq",
     "kernel/comps/systree",
@@ -24,6 +25,7 @@ members = [
     "kernel/comps/mlsdisk",
     "kernel/comps/time",
     "kernel/comps/virtio",
+    "kernel/comps/pci",
     "kernel/libs/cpio-decoder",
     "kernel/libs/int-to-c-enum",
     "kernel/libs/int-to-c-enum/derive",
@@ -33,6 +35,7 @@ members = [
     "kernel/libs/aster-bigtcp",
     "kernel/libs/jhash",
     "kernel/libs/keyable-arc",
+    "kernel/libs/logo-ascii-art",
     "kernel/libs/typeflags",
     "kernel/libs/typeflags-util",
     "kernel/libs/atomic-integer-wrapper",

Components.toml

@@ -12,6 +12,8 @@ framebuffer = { name = "aster-framebuffer" }
 network = { name = "aster-network" }
 mlsdisk = { name = "aster-mlsdisk" }
 systree = { name = "aster-systree" }
+keyboard = { name = "aster-keyboard" }
+pci = { name = "aster-pci" }
 
 [whitelist]
 [whitelist.nix.main]

DOCKER_IMAGE_VERSION

@@ -1 +1 @@
-0.15.2-20250613
+0.16.1-20250922

Makefile

@@ -3,7 +3,7 @@
 # =========================== Makefile options. ===============================
 
 # Global build options.
-ARCH ?= x86_64
+OSDK_TARGET_ARCH ?= x86_64
 BENCHMARK ?= none
 BOOT_METHOD ?= grub-rescue-iso
 BOOT_PROTOCOL ?= multiboot2
@@ -20,6 +20,8 @@ SMP ?= 1
 OSTD_TASK_STACK_SIZE_IN_PAGES ?= 64
 FEATURES ?=
 NO_DEFAULT_FEATURES ?= 0
+COVERAGE ?= 0
+ENABLE_BASIC_TEST ?= false
 # End of global build options.
 
 # GDB debugging and profiling options.
@@ -50,7 +52,7 @@ SHELL := /bin/bash
 CARGO_OSDK := ~/.cargo/bin/cargo-osdk
 
 # Common arguments for `cargo osdk` `build`, `run` and `test` commands.
-CARGO_OSDK_COMMON_ARGS := --target-arch=$(ARCH)
+CARGO_OSDK_COMMON_ARGS := --target-arch=$(OSDK_TARGET_ARCH)
 # The build arguments also apply to the `cargo osdk run` command.
 CARGO_OSDK_BUILD_ARGS := --kcmd-args="ostd.log_level=$(LOG_LEVEL)"
 CARGO_OSDK_TEST_ARGS :=
@@ -62,13 +64,16 @@ CARGO_OSDK_BUILD_ARGS += --kcmd-args="SYSCALL_TEST_WORKDIR=$(SYSCALL_TEST_WORKDI
 CARGO_OSDK_BUILD_ARGS += --kcmd-args="EXTRA_BLOCKLISTS_DIRS=$(EXTRA_BLOCKLISTS_DIRS)"
 CARGO_OSDK_BUILD_ARGS += --init-args="/opt/syscall_test/run_syscall_test.sh"
 else ifeq ($(AUTO_TEST), test)
+ENABLE_BASIC_TEST := true
 	ifneq ($(SMP), 1)
 		CARGO_OSDK_BUILD_ARGS += --kcmd-args="BLOCK_UNSUPPORTED_SMP_TESTS=1"
 	endif
 CARGO_OSDK_BUILD_ARGS += --init-args="/test/run_general_test.sh"
 else ifeq ($(AUTO_TEST), boot)
+ENABLE_BASIC_TEST := true
 CARGO_OSDK_BUILD_ARGS += --init-args="/test/boot_hello.sh"
 else ifeq ($(AUTO_TEST), vsock)
+ENABLE_BASIC_TEST := true
 export VSOCK=on
 CARGO_OSDK_BUILD_ARGS += --init-args="/test/run_vsock_test.sh"
 endif
@@ -78,8 +83,15 @@ CARGO_OSDK_COMMON_ARGS += --profile release-lto
 OSTD_TASK_STACK_SIZE_IN_PAGES = 8
 else ifeq ($(RELEASE), 1)
 CARGO_OSDK_COMMON_ARGS += --release
+	ifeq ($(OSDK_TARGET_ARCH), riscv64)
+	# FIXME: Unwinding in RISC-V seems to cost more stack space, so we increase
+	# the stack size for it. This may need further investigation.
+	# See https://github.com/asterinas/asterinas/pull/2383#discussion_r2307673156
+	OSTD_TASK_STACK_SIZE_IN_PAGES = 16
+	else
 	OSTD_TASK_STACK_SIZE_IN_PAGES = 8
 	endif
+endif
 
 # If the BENCHMARK is set, we will run the benchmark in the kernel mode.
 ifneq ($(BENCHMARK), none)
@@ -100,8 +112,10 @@ BOOT_METHOD = qemu-direct
 OVMF = off
 endif
 
-ifeq ($(ARCH), riscv64)
+ifeq ($(OSDK_TARGET_ARCH), riscv64)
 SCHEME = riscv
+else ifeq ($(OSDK_TARGET_ARCH), loongarch64)
+SCHEME = loongarch
 endif
 
 ifneq ($(SCHEME), "")
@@ -110,6 +124,10 @@ else
 CARGO_OSDK_COMMON_ARGS += --boot-method="$(BOOT_METHOD)"
 endif
 
+ifeq ($(COVERAGE), 1)
+CARGO_OSDK_COMMON_ARGS += --coverage
+endif
+
 ifdef FEATURES
 CARGO_OSDK_COMMON_ARGS += --features="$(FEATURES)"
 endif
@@ -130,14 +148,14 @@ CARGO_OSDK_COMMON_ARGS += --grub-boot-protocol=$(BOOT_PROTOCOL)
 endif
 
 ifeq ($(ENABLE_KVM), 1)
-	ifeq ($(ARCH), x86_64)
+	ifeq ($(OSDK_TARGET_ARCH), x86_64)
 		CARGO_OSDK_COMMON_ARGS += --qemu-args="-accel kvm"
 	endif
 endif
 
 # Skip GZIP to make encoding and decoding of initramfs faster
 ifeq ($(INITRAMFS_SKIP_GZIP),1)
-CARGO_OSDK_INITRAMFS_OPTION := --initramfs=$(realpath test/build/initramfs.cpio)
+CARGO_OSDK_INITRAMFS_OPTION := --initramfs=$(abspath test/build/initramfs.cpio)
 CARGO_OSDK_COMMON_ARGS += $(CARGO_OSDK_INITRAMFS_OPTION)
 endif
 
@@ -156,16 +174,17 @@ NON_OSDK_CRATES := \
 	ostd/libs/linux-bzimage/boot-params \
 	ostd/libs/ostd-macros \
 	ostd/libs/ostd-test \
+	kernel/libs/aster-rights \
+	kernel/libs/aster-rights-proc \
+	kernel/libs/atomic-integer-wrapper \
 	kernel/libs/cpio-decoder \
 	kernel/libs/int-to-c-enum \
 	kernel/libs/int-to-c-enum/derive \
-	kernel/libs/aster-rights \
-	kernel/libs/aster-rights-proc \
 	kernel/libs/jhash \
 	kernel/libs/keyable-arc \
+	kernel/libs/logo-ascii-art \
 	kernel/libs/typeflags \
-	kernel/libs/typeflags-util \
-	kernel/libs/atomic-integer-wrapper
+	kernel/libs/typeflags-util
 
 # In contrast, OSDK crates depend on OSTD (or being `ostd` itself)
 # and need to be built or tested with OSDK.
@@ -180,6 +199,7 @@ OSDK_CRATES := \
 	kernel/comps/console \
 	kernel/comps/framebuffer \
 	kernel/comps/input \
+	kernel/comps/keyboard \
 	kernel/comps/network \
 	kernel/comps/softirq \
 	kernel/comps/systree \
@@ -187,6 +207,7 @@ OSDK_CRATES := \
 	kernel/comps/mlsdisk \
 	kernel/comps/time \
 	kernel/comps/virtio \
+	kernel/comps/pci \
 	kernel/libs/aster-util \
 	kernel/libs/aster-bigtcp \
 	kernel/libs/xarray
@@ -221,8 +242,19 @@ test_osdk:
 		OSDK_LOCAL_DEV=1 cargo build && \
 		OSDK_LOCAL_DEV=1 cargo test
 
+.PHONY: check_vdso
+check_vdso:
+	@# Checking `VDSO_LIBRARY_DIR` environment variable
+	@if [ -z "$(VDSO_LIBRARY_DIR)" ]; then \
+		echo "Error: the \$(VDSO_LIBRARY_DIR) environment variable must be given."; \
+		echo "    This variable points to a directory that provides Linux's vDSO files,"; \
+		echo "    which is required to build Asterinas. Search for VDSO_LIBRARY_DIR"; \
+		echo "    in Asterinas's Dockerfile for more information."; \
+		exit 1; \
+	fi
+
 .PHONY: initramfs
-initramfs:
+initramfs: check_vdso
 	@$(MAKE) --no-print-directory -C test
 
 .PHONY: build
@@ -293,8 +325,10 @@ docs: $(CARGO_OSDK)
 	@for dir in $(OSDK_CRATES); do \
 		(cd $$dir && cargo osdk doc --no-deps) || exit 1; \
 	done
-	@echo "" 						# Add a blank line
-	@cd docs && mdbook build 				# Build mdBook
+
+.PHONY: book
+book:
+	@cd book && mdbook build
 
 .PHONY: format
 format:
@@ -302,7 +336,6 @@ format:
 	@$(MAKE) --no-print-directory -C test format
 
 .PHONY: check
-# FIXME: Make `make check` arch-aware.
 check: initramfs $(CARGO_OSDK)
 	@# Check formatting issues of the Rust code
 	@./tools/format_all.sh --check
@@ -333,6 +366,9 @@ check: initramfs $(CARGO_OSDK)
 	done
 	@for dir in $(OSDK_CRATES); do \
 		echo "Checking $$dir"; \
+		# Exclude linux-bzimage-setup since it only supports x86-64 currently and will panic \
+		# in other architectures. \
+		[ "$$dir" = "ostd/libs/linux-bzimage/setup" ] && [ "$(OSDK_TARGET_ARCH)" != "x86_64" ] && continue; \
 		(cd $$dir && cargo osdk clippy -- -- -D warnings) || exit 1; \
 	done
 	@
@@ -348,8 +384,8 @@ clean:
 	@cargo clean
 	@echo "Cleaning up OSDK workspace target files"
 	@cd osdk && cargo clean
-	@echo "Cleaning up documentation target files"
-	@cd docs && mdbook clean
+	@echo "Cleaning up mdBook output files"
+	@cd book && mdbook clean
 	@echo "Cleaning up test target files"
 	@$(MAKE) --no-print-directory -C test clean
 	@echo "Uninstalling OSDK"

OSDK.toml

@@ -67,3 +67,23 @@ qemu.args = """\
     -device virtio-serial-device \
     -device virtconsole,chardev=mux \
 """
+
+[scheme."loongarch"]
+boot.method = "qemu-direct"
+build.strip_elf = false
+
+qemu.args = """\
+    -machine virt \
+    -m 8G \
+    -smp 1 \
+    --no-reboot \
+    -nographic \
+    -display none \
+    -serial chardev:mux \
+    -monitor chardev:mux \
+    -chardev stdio,id=mux,mux=on,signal=off,logfile=qemu.log \
+    -device virtio-keyboard-pci \
+    -device virtio-serial \
+    -device virtconsole,chardev=mux \
+    -rtc base=utc
+"""

README.md

@@ -1,8 +1,9 @@
 <p align="center">
-    <img src="docs/src/images/logo_en.svg" alt="asterinas-logo" width="620"><br>
+    <img src="book/src/images/logo_en.svg" alt="asterinas-logo" width="620"><br>
     A secure, fast, and general-purpose OS kernel written in Rust and compatible with Linux<br/>
     <a href="https://github.com/asterinas/asterinas/actions/workflows/test_x86.yml"><img src="https://github.com/asterinas/asterinas/actions/workflows/test_x86.yml/badge.svg?event=push" alt="Test x86-64" style="max-width: 100%;"></a>
     <a href="https://github.com/asterinas/asterinas/actions/workflows/test_riscv.yml"><img src="https://github.com/asterinas/asterinas/actions/workflows/test_riscv.yml/badge.svg?event=push" alt="Test riscv64" style="max-width: 100%;"></a>
+    <a href="https://github.com/asterinas/asterinas/actions/workflows/test_loongarch.yml"><img src="https://github.com/asterinas/asterinas/actions/workflows/test_loongarch.yml/badge.svg?event=push" alt="Test loongarch64" style="max-width: 100%;"></a>
     <a href="https://github.com/asterinas/asterinas/actions/workflows/test_x86_tdx.yml"><img src="https://github.com/asterinas/asterinas/actions/workflows/test_x86_tdx.yml/badge.svg" alt="Test Intel TDX" style="max-width: 100%;"></a>
     <a href="https://asterinas.github.io/benchmark/x86-64/"><img src="https://github.com/asterinas/asterinas/actions/workflows/benchmark_x86.yml/badge.svg" alt="Benchmark x86-64" style="max-width: 100%;"></a>
     <br/>
@@ -10,6 +11,8 @@
 
 English | [中文版](README_CN.md) | [日本語](README_JP.md)
 
+**NEWS: [SOSP'25](https://sigops.org/s/conferences/sosp/2025/) accepted yet another research paper on Asterinas: _CortenMM: Efficient Memory Management with Strong Correctness Guarantees_. Congratulations to the Asterinas community🎉🎉🎉**
+
 **NEWS: [USENIX ATC'25](https://www.usenix.org/conference/atc25) accepted two research papers on Asterinas: (1) _Asterinas: A Linux ABI-Compatible, Rust-Based Framekernel OS with a Small and Sound TCB_ and (2) _Converos: Practical Model Checking for Verifying Rust OS Kernel Concurrency_. Congratulations to the Asterinas community🎉🎉🎉**
 
 ## Introducing Asterinas
@@ -57,7 +60,7 @@ git clone https://github.com/asterinas/asterinas
 2. Run a Docker container as the development environment.
 
 ```bash
-docker run -it --privileged --network=host --device=/dev/kvm -v $(pwd)/asterinas:/root/asterinas asterinas/asterinas:0.15.2-20250613
+docker run -it --privileged --network=host --device=/dev/kvm -v $(pwd)/asterinas:/root/asterinas asterinas/asterinas:0.16.1-20250922
 ```
 
 3. Inside the container, go to the project folder to build and run Asterinas.

README_CN.md

@@ -1,8 +1,9 @@
 <p align="center">
-    <img src="docs/src/images/logo_cn.svg" alt="asterinas-logo" width="620"><br>
+    <img src="book/src/images/logo_cn.svg" alt="asterinas-logo" width="620"><br>
     一个安全、快速、通用的操作系统内核，使用Rust编写，并与Linux兼容<br/>
     <a href="https://github.com/asterinas/asterinas/actions/workflows/test_x86.yml"><img src="https://github.com/asterinas/asterinas/actions/workflows/test_x86.yml/badge.svg?event=push" alt="Test x86-64" style="max-width: 100%;"></a>
     <a href="https://github.com/asterinas/asterinas/actions/workflows/test_riscv.yml"><img src="https://github.com/asterinas/asterinas/actions/workflows/test_riscv.yml/badge.svg?event=push" alt="Test riscv64" style="max-width: 100%;"></a>
+    <a href="https://github.com/asterinas/asterinas/actions/workflows/test_loongarch.yml"><img src="https://github.com/asterinas/asterinas/actions/workflows/test_loongarch.yml/badge.svg?event=push" alt="Test loongarch64" style="max-width: 100%;"></a>
     <a href="https://github.com/asterinas/asterinas/actions/workflows/test_x86_tdx.yml"><img src="https://github.com/asterinas/asterinas/actions/workflows/test_x86_tdx.yml/badge.svg" alt="Test Intel TDX" style="max-width: 100%;"></a>
     <a href="https://asterinas.github.io/benchmark/x86-64/"><img src="https://github.com/asterinas/asterinas/actions/workflows/benchmark_x86.yml/badge.svg" alt="Benchmark x86-64" style="max-width: 100%;"></a>
     <br/>
@@ -50,7 +51,7 @@ git clone https://github.com/asterinas/asterinas
 2. 运行一个作为开发环境的Docker容器。
 
 ```bash
-docker run -it --privileged --network=host --device=/dev/kvm -v $(pwd)/asterinas:/root/asterinas asterinas/asterinas:0.15.2-20250613
+docker run -it --privileged --network=host --device=/dev/kvm -v $(pwd)/asterinas:/root/asterinas asterinas/asterinas:0.16.1-20250922
 ```
 
 3. 在容器内，进入项目文件夹构建并运行星绽。

README_JP.md

@@ -1,8 +1,9 @@
 <p align="center">
-    <img src="docs/src/images/logo_en.svg" alt="asterinas-logo" width="620"><br>
+    <img src="book/src/images/logo_en.svg" alt="asterinas-logo" width="620"><br>
     安全で高速、汎用的なOSカーネル。Rustで書かれ、Linuxと互換性があります<br/>
     <a href="https://github.com/asterinas/asterinas/actions/workflows/test_x86.yml"><img src="https://github.com/asterinas/asterinas/actions/workflows/test_x86.yml/badge.svg?event=push" alt="Test x86-64" style="max-width: 100%;"></a>
     <a href="https://github.com/asterinas/asterinas/actions/workflows/test_riscv.yml"><img src="https://github.com/asterinas/asterinas/actions/workflows/test_riscv.yml/badge.svg?event=push" alt="Test riscv64" style="max-width: 100%;"></a>
+    <a href="https://github.com/asterinas/asterinas/actions/workflows/test_loongarch.yml"><img src="https://github.com/asterinas/asterinas/actions/workflows/test_loongarch.yml/badge.svg?event=push" alt="Test loongarch64" style="max-width: 100%;"></a>
     <a href="https://github.com/asterinas/asterinas/actions/workflows/test_x86_tdx.yml"><img src="https://github.com/asterinas/asterinas/actions/workflows/test_x86_tdx.yml/badge.svg" alt="Test Intel TDX" style="max-width: 100%;"></a>
     <a href="https://asterinas.github.io/benchmark/x86-64/"><img src="https://github.com/asterinas/asterinas/actions/workflows/benchmark_x86.yml/badge.svg" alt="Benchmark x86-64" style="max-width: 100%;"></a>
     <br/>
@@ -46,7 +47,7 @@ git clone https://github.com/asterinas/asterinas
 2. 開発環境としてDockerコンテナを実行します。
 
 ```bash
-docker run -it --privileged --network=host --device=/dev/kvm -v $(pwd)/asterinas:/root/asterinas asterinas/asterinas:0.15.2-20250613
+docker run -it --privileged --network=host --device=/dev/kvm -v $(pwd)/asterinas:/root/asterinas asterinas/asterinas:0.16.1-20250922
 ```
 
 3. コンテナ内でプロジェクトフォルダに移動し、Asterinasをビルドして実行します。

RELEASES.md

@@ -0,0 +1,86 @@
+# Version 0.16.0 (2025-08-04)
+
+This release introduces initial support for the **LoongArch CPU architecture**, a major milestone for the project. Version 0.16.0 also significantly expands our Linux ABI compatibility with the addition of **nine new system calls** such as `memfd_create` and `pidfd_open`.
+
+Key enhancements include expanded functionality for **UNIX sockets (file descriptor passing and the `SOCK_SEQPACKET` socket type)**, partial support for **netlink sockets of the `NETLINK_KOBJECT_UEVENT` type**, the initial implementation of **CgroupFS**, and a major testing improvement with the integration of system call tests from the **Linux Test Project (LTP)**. We've also adopted **[Nix](https://nix.dev/manual/nix/2.28/introduction)** for building the initramfs, streamlining our cross-compilation and testing workflow.
+
+## Asterinas Kernel
+
+We have made the following key changes to the Asterinas kernel:
+
+* New system calls or features:
+    * Memory:
+        * [Add the `mremap` system call](https://github.com/asterinas/asterinas/pull/2162)
+        * [Add the `msync` system call based on an inefficient implementation](https://github.com/asterinas/asterinas/pull/2154)
+        * [Add the `memfd_create` system call](https://github.com/asterinas/asterinas/pull/2149)
+    * Processes and IPC:
+        * [Add the `pidfd_open` system call along with the `CLONE_PIDFD` flag](https://github.com/asterinas/asterinas/pull/2151)
+    * File systems and I/O in general:
+        * [Add the `close_range` system call](https://github.com/asterinas/asterinas/pull/2128)
+        * [Add the `fadvise64` system call (dummy implementation)](https://github.com/asterinas/asterinas/pull/2125)
+        * [Add the `ioprio_get` and `ioprio_set` system calls (dummy implementation)](https://github.com/asterinas/asterinas/pull/2126)
+        * [Add the `epoll_pwait2` system call](https://github.com/asterinas/asterinas/pull/2123)
+* Enhanced system calls or features:
+    * Processes:
+        * [Add `FUTEX_WAKE_OP` support for the `futex` system call](https://github.com/asterinas/asterinas/pull/2146)
+        * [Add `WSTOPPED` and `WCONTINUED` support to the `wait4` and `waitpid` system calls](https://github.com/asterinas/asterinas/pull/2166)
+        * [Add more fields in `/proc/*/stat` and `/proc/*/status`](https://github.com/asterinas/asterinas/pull/2215)
+    * File systems and I/O in general:
+        * [Add a few more features for the `statx` system call](https://github.com/asterinas/asterinas/pull/2127)
+        * [Fix partial writes and reads in writev and readv](https://github.com/asterinas/asterinas/pull/2230)
+        * [Introduce `FsType` and `FsRegistry`](https://github.com/asterinas/asterinas/pull/2267)
+    * Sockets and network:
+        * [Enable UNIX sockets to send and receive file descriptors](https://github.com/asterinas/asterinas/pull/2176)
+        * [Support `SO_PASSCRED` & `SCM_CREDENTIALS` & `SOCK_SEQPACKET` for UNIX sockets](https://github.com/asterinas/asterinas/pull/2268)
+        * [Add `NETLINK_KOBJECT_UEVENT` support for netlink sockets (a partial implementation)](https://github.com/asterinas/asterinas/pull/2109)
+        * [Support some missing socket options for UNIX stream sockets](https://github.com/asterinas/asterinas/pull/2192)
+        * [Truncate netlink messages when the user-space buffer is full](https://github.com/asterinas/asterinas/pull/2155)
+        * [Fix the networking address reusing behavior (`SO_REUSEADDR`)](https://github.com/asterinas/asterinas/pull/2277)
+    * Security:
+        * [Add basic cgroupfs implementation](https://github.com/asterinas/asterinas/pull/2121)
+* New device support:
+    * [Add basic i8042 keyboard support](https://github.com/asterinas/asterinas/pull/2054)
+* Enhanced device support:
+    * TTY
+        * [Refactor the TTY abstraction to support multiple I/O devices correctly](https://github.com/asterinas/asterinas/pull/2108)
+        * [Enhance the framebuffer console to support ANSI escape sequences](https://github.com/asterinas/asterinas/pull/2210)
+* Test infrastructure:
+    * [Introduce the system call tests from LTP](https://github.com/asterinas/asterinas/pull/2053)
+    * [Use Nix to build initramfs](https://github.com/asterinas/asterinas/pull/2101)
+
+## OSTD & OSDK
+
+We have made the following key changes to OSTD:
+
+* CPU architectures:
+    * x86-64:
+        * [Refactor floating-point context management in context switching and signal handling](https://github.com/asterinas/asterinas/pull/2219)
+        * [Use iret instead of sysret if the context is not clean](https://github.com/asterinas/asterinas/pull/2271)
+        * [Don't treat APIC IDs as CPU IDs](https://github.com/asterinas/asterinas/pull/2091)
+        * [Fix some CPUID problems and add support for AMD CPUs](https://github.com/asterinas/asterinas/pull/2273)
+    * RISC-V:
+        * [Add RISC-V timer support](https://github.com/asterinas/asterinas/pull/2044)
+        * [Parse device tree for RISC-V ISA extensions](https://github.com/asterinas/asterinas/pull/2113)
+    * LoongArch:
+        * [Add the initial LoongArch support](https://github.com/asterinas/asterinas/pull/2260)
+* CPU:
+    * [Add support for dynamically‌-allocated CPU-local objects](https://github.com/asterinas/asterinas/pull/2036)
+    * [Require `T: Send` for `CpuLocal<T, S>`](https://github.com/asterinas/asterinas/pull/2171)
+* Memory management:
+    * [Adopt a two-phase locking scheme for page tables](https://github.com/asterinas/asterinas/pull/1948)
+* Trap handling:
+    * [Create `IrqChip` abstraction](https://github.com/asterinas/asterinas/pull/2107)
+* Task and scheduling:
+    * [Rewrite the Rust doc of OSTD's scheduling module](https://github.com/asterinas/asterinas/pull/2284)
+    * [Fix the race between enabling IRQs and halting CPU](https://github.com/asterinas/asterinas/pull/2052)
+* Test infrastructure:
+    * [Add CI to check documentation and publish API documentation to a self-host website](https://github.com/asterinas/asterinas/pull/2218)
+
+We have made the following key changes to OSDK:
+
+* [Add OSDK's code coverage feature](https://github.com/asterinas/asterinas/pull/2203)
+* [Support `cargo osdk test` for RISC-V](https://github.com/asterinas/asterinas/pull/2168)
+
+# Before 0.16.0
+
+Release notes were not kept for versions prior to 0.16.0.

VERSION

@@ -1 +1 @@
-0.15.2
+0.16.1

book/src/SUMMARY.md

@@ -8,7 +8,20 @@
 * [Advanced Build and Test Instructions](kernel/advanced-instructions.md)
     * [Intel TDX](kernel/intel_tdx.md)
 * [The Framekernel Architecture](kernel/the-framekernel-architecture.md)
-* [Linux Compatibility](kernel/linux-compatibility.md)
+* [Linux Compatibility](kernel/linux-compatibility/README.md)
+    * [Limitations on System Calls](kernel/linux-compatibility/limitations-on-system-calls/README.md)
+        * [System Call Matching Language (SCML)](kernel/linux-compatibility/limitations-on-system-calls/system-call-matching-language.md)
+        * [Process and thread management](kernel/linux-compatibility/limitations-on-system-calls/process-and-thread-management.md)
+        * [Memory management](kernel/linux-compatibility/limitations-on-system-calls/memory-management.md)
+        * [File & directory operations](kernel/linux-compatibility/limitations-on-system-calls/file-and-directory-operations.md)
+        * [File systems & mount control](kernel/linux-compatibility/limitations-on-system-calls/file-systems-and-mount-control.md)
+        * [File descriptor & I/O control](kernel/linux-compatibility/limitations-on-system-calls/file-descriptor-and-io-control.md)
+        * [Inter-process communication](kernel/linux-compatibility/limitations-on-system-calls/inter-process-communication.md)
+        * [Networking & sockets](kernel/linux-compatibility/limitations-on-system-calls/networking-and-sockets.md)
+        * [Signals & timers](kernel/linux-compatibility/limitations-on-system-calls/signals-and-timers.md)
+        * [Namespaces, cgroups & security](kernel/linux-compatibility/limitations-on-system-calls/namespaces-cgroups-and-security.md)
+        * [System information & misc](kernel/linux-compatibility/limitations-on-system-calls/system-information-and-misc.md)
+    * [Limitations on File Systems]()
 * [Roadmap](kernel/roadmap.md)
 
 # Asterinas OSTD
@@ -36,6 +49,7 @@
         * [cargo osdk debug](osdk/reference/commands/debug.md)
         * [cargo osdk profile](osdk/reference/commands/profile.md)
     * [Manifest](osdk/reference/manifest.md)
+    * [Environment Variables](osdk/reference/environment-variables.md)
 
 # How to Contribute
 
@@ -50,8 +64,8 @@
 * [Community]()
 * [Code of Conduct]()
 
-# Request for Comments (RFC)
+# Request for Comments (RFCs)
 
-* [RFC Overview]()
-    * [RFC-0001: RFC Process]()
-    * [RFC-0002: Operating System Development Kit (OSDK)]()
+* [RFC Overview](rfcs/README.md)
+  * [RFC-0001: RFC Process](rfcs/0001-rfc-process.md)
+* [RFC Template](rfcs/rfc-template.md)

book/src/kernel/README.md

@@ -48,7 +48,7 @@ docker run -it --privileged \
                --network=host \
                --device=/dev/kvm \
                -v $(pwd)/asterinas:/root/asterinas \
-               asterinas/asterinas:0.15.2-20250613
+               asterinas/asterinas:0.16.1-20250922
 ```
 
 3. Inside the container, go to the project folder to build and run Asterinas.

book/src/kernel/advanced-instructions.md

@@ -34,7 +34,7 @@ cargo osdk test
 
 ### General Test
 
-The following command builds and runs the test binaries in `test/apps` directory on Asterinas.
+The following command builds and runs the test binaries in `test/src/apps` directory on Asterinas.
 
 ```bash
 make run AUTO_TEST=test

book/src/kernel/intel_tdx.md

@@ -66,7 +66,7 @@ git clone https://github.com/asterinas/asterinas
 2. Run a Docker container as the development environment.
 
 ```bash
-docker run -it --privileged --network=host --device=/dev/kvm -v $(pwd)/asterinas:/root/asterinas asterinas/asterinas:0.15.2-20250613-tdx
+docker run -it --privileged --network=host --device=/dev/kvm -v $(pwd)/asterinas:/root/asterinas asterinas/asterinas:0.16.1-20250922
 ```
 
 3. Inside the container,

book/src/kernel/linux-compatibility/README.md

@@ -0,0 +1,384 @@
+# Linux Compatibility
+
+> "We don't break user space."
+>
+> --- Linus Torvalds
+
+Asterinas is dedicated to maintaining compatibility with the Linux ABI,
+ensuring that applications and administrative tools
+designed for Linux can seamlessly operate within Asterinas.
+While we prioritize compatibility,
+it is important to note that Asterinas does not,
+nor will it in the future,
+support the loading of Linux kernel modules.
+
+## System Calls
+
+At the time of writing,
+Asterinas supports over 220 Linux system calls for the x86-64 architecture,
+which are summarized in the table below.
+
+| Numbers | Names                  | Supported      | Limitations |
+| ------- | ---------------------- | -------------- | --- |
+| 0       | read                   | ✅             |     |
+| 1       | write                  | ✅             |     |
+| 2       | open                   | ✅             | [⚠️](limitations-on-system-calls/file-and-directory-operations.md#open-and-openat) |
+| 3       | close                  | ✅             |     |
+| 4       | stat                   | ✅             |     |
+| 5       | fstat                  | ✅             |     |
+| 6       | lstat                  | ✅             |     |
+| 7       | poll                   | ✅             |     |
+| 8       | lseek                  | ✅             |     |
+| 9       | mmap                   | ✅             | [⚠️](limitations-on-system-calls/memory-management.md#mmap-and-munmap) |
+| 10      | mprotect               | ✅             | [⚠️](limitations-on-system-calls/memory-management.md#mprotect) |
+| 11      | munmap                 | ✅             |     |
+| 12      | brk                    | ✅             |     |
+| 13      | rt_sigaction           | ✅             | [⚠️](limitations-on-system-calls/signals-and-timers.md#rt_sigaction) |
+| 14      | rt_sigprocmask         | ✅             |     |
+| 15      | rt_sigreturn           | ✅             |     |
+| 16      | ioctl                  | ✅             |     |
+| 17      | pread64                | ✅             |     |
+| 18      | pwrite64               | ✅             |     |
+| 19      | readv                  | ✅             |     |
+| 20      | writev                 | ✅             |     |
+| 21      | access                 | ✅             |     |
+| 22      | pipe                   | ✅             |     |
+| 23      | select                 | ✅             |     |
+| 24      | sched_yield            | ✅             |     |
+| 25      | mremap                 | ✅             |     |
+| 26      | msync                  | ✅             | [⚠️](limitations-on-system-calls/memory-management.md#msync) |
+| 27      | mincore                | ❌             |     |
+| 28      | madvise                | ✅             | [⚠️](limitations-on-system-calls/memory-management.md#madvise) |
+| 29      | shmget                 | ❌             |     |
+| 30      | shmat                  | ❌             |     |
+| 31      | shmctl                 | ❌             |     |
+| 32      | dup                    | ✅             |     |
+| 33      | dup2                   | ✅             |     |
+| 34      | pause                  | ✅             |     |
+| 35      | nanosleep              | ✅             |     |
+| 36      | getitimer              | ✅             |     |
+| 37      | alarm                  | ✅             |     |
+| 38      | setitimer              | ✅             |     |
+| 39      | getpid                 | ✅             |     |
+| 40      | sendfile               | ✅             |     |
+| 41      | socket                 | ✅             | [⚠️](limitations-on-system-calls/networking-and-sockets.html#socket) |
+| 42      | connect                | ✅             |     |
+| 43      | accept                 | ✅             |     |
+| 44      | sendto                 | ✅             |     |
+| 45      | recvfrom               | ✅             |     |
+| 46      | sendmsg                | ✅             |     |
+| 47      | recvmsg                | ✅             |     |
+| 48      | shutdown               | ✅             |     |
+| 49      | bind                   | ✅             |     |
+| 50      | listen                 | ✅             |     |
+| 51      | getsockname            | ✅             |     |
+| 52      | getpeername            | ✅             |     |
+| 53      | socketpair             | ✅             |     |
+| 54      | setsockopt             | ✅             |     |
+| 55      | getsockopt             | ✅             |     |
+| 56      | clone                  | ✅             |     |
+| 57      | fork                   | ✅             |     |
+| 58      | vfork                  | ❌             |     |
+| 59      | execve                 | ✅             |     |
+| 60      | exit                   | ✅             |     |
+| 61      | wait4                  | ✅             |     |
+| 62      | kill                   | ✅             |     |
+| 63      | uname                  | ✅             |     |
+| 64      | semget                 | ✅             |     |
+| 65      | semop                  | ✅             | [⚠️](limitations-on-system-calls/inter-process-communication.md#semop-and-semtimedop) |
+| 66      | semctl                 | ✅             | [⚠️](limitations-on-system-calls/inter-process-communication.md#semctl) |
+| 67      | shmdt                  | ❌             |     |
+| 68      | msgget                 | ❌             |     |
+| 69      | msgsnd                 | ❌             |     |
+| 70      | msgrcv                 | ❌             |     |
+| 71      | msgctl                 | ❌             |     |
+| 72      | fcntl                  | ✅             | [⚠️](limitations-on-system-calls/file-descriptor-and-io-control.md#fcntl) |
+| 73      | flock                  | ✅             |     |
+| 74      | fsync                  | ✅             |     |
+| 75      | fdatasync              | ✅             |     |
+| 76      | truncate               | ✅             |     |
+| 77      | ftruncate              | ✅             |     |
+| 78      | getdents               | ✅             |     |
+| 79      | getcwd                 | ✅             |     |
+| 80      | chdir                  | ✅             |     |
+| 81      | fchdir                 | ✅             |     |
+| 82      | rename                 | ✅             |     |
+| 83      | mkdir                  | ✅             |     |
+| 84      | rmdir                  | ✅             |     |
+| 85      | creat                  | ✅             |     |
+| 86      | link                   | ✅             |     |
+| 87      | unlink                 | ✅             |     |
+| 88      | symlink                | ✅             |     |
+| 89      | readlink               | ✅             |     |
+| 90      | chmod                  | ✅             |     |
+| 91      | fchmod                 | ✅             |     |
+| 92      | chown                  | ✅             |     |
+| 93      | fchown                 | ✅             |     |
+| 94      | lchown                 | ✅             |     |
+| 95      | umask                  | ✅             |     |
+| 96      | gettimeofday           | ✅             |     |
+| 97      | getrlimit              | ✅             |     |
+| 98      | getrusage              | ✅             | [⚠️](limitations-on-system-calls/system-information-and-misc.md#getrusage) |
+| 99      | sysinfo                | ✅             |     |
+| 100     | times                  | ❌             |     |
+| 101     | ptrace                 | ❌             |     |
+| 102     | getuid                 | ✅             |     |
+| 103     | syslog                 | ❌             |     |
+| 104     | getgid                 | ✅             |     |
+| 105     | setuid                 | ✅             |     |
+| 106     | setgid                 | ✅             |     |
+| 107     | geteuid                | ✅             |     |
+| 108     | getegid                | ✅             |     |
+| 109     | setpgid                | ✅             |     |
+| 110     | getppid                | ✅             |     |
+| 111     | getpgrp                | ✅             |     |
+| 112     | setsid                 | ✅             |     |
+| 113     | setreuid               | ✅             |     |
+| 114     | setregid               | ✅             |     |
+| 115     | getgroups              | ✅             |     |
+| 116     | setgroups              | ✅             |     |
+| 117     | setresuid              | ✅             |     |
+| 118     | getresuid              | ✅             |     |
+| 119     | setresgid              | ✅             |     |
+| 120     | getresgid              | ✅             |     |
+| 121     | getpgid                | ✅             |     |
+| 122     | setfsuid               | ✅             |     |
+| 123     | setfsgid               | ✅             |     |
+| 124     | getsid                 | ✅             |     |
+| 125     | capget                 | ✅             | [⚠️](limitations-on-system-calls/namespaces-cgroups-and-security.md#capget-and-capset) |
+| 126     | capset                 | ✅             | [⚠️](limitations-on-system-calls/namespaces-cgroups-and-security.md#capget-and-capset) |
+| 127     | rt_sigpending          | ✅             |     |
+| 128     | rt_sigtimedwait        | ❌             |     |
+| 129     | rt_sigqueueinfo        | ❌             |     |
+| 130     | rt_sigsuspend          | ✅             |     |
+| 131     | sigaltstack            | ✅             |     |
+| 132     | utime                  | ✅             |     |
+| 133     | mknod                  | ✅             |     |
+| 134     | uselib                 | ❌             |     |
+| 135     | personality            | ❌             |     |
+| 136     | ustat                  | ❌             |     |
+| 137     | statfs                 | ✅             |     |
+| 138     | fstatfs                | ✅             |     |
+| 139     | sysfs                  | ❌             |     |
+| 140     | getpriority            | ✅             |     |
+| 141     | setpriority            | ✅             |     |
+| 142     | sched_setparam         | ✅             |     |
+| 143     | sched_getparam         | ✅             |     |
+| 144     | sched_setscheduler     | ✅             |     |
+| 145     | sched_getscheduler     | ✅             |     |
+| 146     | sched_get_priority_max | ✅             |     |
+| 147     | sched_get_priority_min | ✅             |     |
+| 148     | sched_rr_get_interval  | ❌             |     |
+| 149     | mlock                  | ❌             |     |
+| 150     | munlock                | ❌             |     |
+| 151     | mlockall               | ❌             |     |
+| 152     | munlockall             | ❌             |     |
+| 153     | vhangup                | ❌             |     |
+| 154     | modify_ldt             | ❌             |     |
+| 155     | pivot_root             | ❌             |     |
+| 156     | _sysctl                | ❌             |     |
+| 157     | prctl                  | ✅             | [⚠️](limitations-on-system-calls/namespaces-cgroups-and-security.md#prctl) |
+| 158     | arch_prctl             | ✅             | [⚠️](limitations-on-system-calls/system-information-and-misc.md#arch_prctl) |
+| 159     | adjtimex               | ❌             |     |
+| 160     | setrlimit              | ✅             |     |
+| 161     | chroot                 | ✅             |     |
+| 162     | sync                   | ✅             |     |
+| 163     | acct                   | ❌             |     |
+| 164     | settimeofday           | ❌             |     |
+| 165     | mount                  | ✅             | [⚠️](limitations-on-system-calls/file-systems-and-mount-control.md#mount) |
+| 166     | umount2                | ✅             | [⚠️](limitations-on-system-calls/file-systems-and-mount-control.md#umount-and-umount2) |
+| 167     | swapon                 | ❌             |     |
+| 168     | swapoff                | ❌             |     |
+| 169     | reboot                 | ❌             |     |
+| 170     | sethostname            | ✅             |     |
+| 171     | setdomainname          | ✅             |     |
+| 172     | iopl                   | ❌             |     |
+| 173     | ioperm                 | ❌             |     |
+| 174     | create_module          | ❌             |     |
+| 175     | init_module            | ❌             |     |
+| 176     | delete_module          | ❌             |     |
+| 177     | get_kernel_syms        | ❌             |     |
+| 178     | query_module           | ❌             |     |
+| 179     | quotactl               | ❌             |     |
+| 180     | nfsservctl             | ❌             |     |
+| 181     | getpmsg                | ❌             |     |
+| 182     | putpmsg                | ❌             |     |
+| 183     | afs_syscall            | ❌             |     |
+| 184     | tuxcall                | ❌             |     |
+| 185     | security               | ❌             |     |
+| 186     | gettid                 | ✅             |     |
+| 187     | readahead              | ❌             |     |
+| 188     | setxattr               | ✅             |     |
+| 189     | lsetxattr              | ✅             |     |
+| 190     | fsetxattr              | ✅             |     |
+| 191     | getxattr               | ✅             |     |
+| 192     | lgetxattr              | ✅             |     |
+| 193     | fgetxattr              | ✅             |     |
+| 194     | listxattr              | ✅             |     |
+| 195     | llistxattr             | ✅             |     |
+| 196     | flistxattr             | ✅             |     |
+| 197     | removexattr            | ✅             |     |
+| 198     | lremovexattr           | ✅             |     |
+| 199     | fremovexattr           | ✅             |     |
+| 200     | tkill                  | ❌             |     |
+| 201     | time                   | ✅             |     |
+| 202     | futex                  | ✅             |     |
+| 203     | sched_setaffinity      | ✅             |     |
+| 204     | sched_getaffinity      | ✅             |     |
+| 205     | set_thread_area        | ❌             |     |
+| 206     | io_setup               | ❌             |     |
+| 207     | io_destroy             | ❌             |     |
+| 208     | io_getevents           | ❌             |     |
+| 209     | io_submit              | ❌             |     |
+| 210     | io_cancel              | ❌             |     |
+| 211     | get_thread_area        | ❌             |     |
+| 212     | lookup_dcookie         | ❌             |     |
+| 213     | epoll_create           | ✅             |     |
+| 214     | epoll_ctl_old          | ❌             |     |
+| 215     | epoll_wait_old         | ❌             |     |
+| 216     | remap_file_pages       | ❌             |     |
+| 217     | getdents64             | ✅             |     |
+| 218     | set_tid_address        | ✅             |     |
+| 219     | restart_syscall        | ❌             |     |
+| 220     | semtimedop             | ✅             | [⚠️](limitations-on-system-calls/inter-process-communication.md#semop-and-semtimedop) |
+| 221     | fadvise64              | ✅             |     |
+| 222     | timer_create           | ✅             | [⚠️](limitations-on-system-calls/signals-and-timers.md#timer_create) |
+| 223     | timer_settime          | ✅             |     |
+| 224     | timer_gettime          | ✅             |     |
+| 225     | timer_getoverrun       | ❌             |     |
+| 226     | timer_delete           | ✅             |     |
+| 227     | clock_settime          | ❌             |     |
+| 228     | clock_gettime          | ✅             | [⚠️](limitations-on-system-calls/system-information-and-misc.md#clock_gettime) |
+| 229     | clock_getres           | ❌             |     |
+| 230     | clock_nanosleep        | ✅             | [⚠️](limitations-on-system-calls/system-information-and-misc.md#clock_nanosleep) |
+| 231     | exit_group             | ✅             |     |
+| 232     | epoll_wait             | ✅             |     |
+| 233     | epoll_ctl              | ✅             |     |
+| 234     | tgkill                 | ✅             |     |
+| 235     | utimes                 | ✅             |     |
+| 236     | vserver                | ❌             |     |
+| 237     | mbind                  | ❌             |     |
+| 238     | set_mempolicy          | ❌             |     |
+| 239     | get_mempolicy          | ❌             |     |
+| 240     | mq_open                | ❌             |     |
+| 241     | mq_unlink              | ❌             |     |
+| 242     | mq_timedsend           | ❌             |     |
+| 243     | mq_timedreceive        | ❌             |     |
+| 244     | mq_notify              | ❌             |     |
+| 245     | mq_getsetattr          | ❌             |     |
+| 246     | kexec_load             | ❌             |     |
+| 247     | waitid                 | ✅             |     |
+| 248     | add_key                | ❌             |     |
+| 249     | request_key            | ❌             |     |
+| 250     | keyctl                 | ❌             |     |
+| 251     | ioprio_set             | ✅             |     |
+| 252     | ioprio_get             | ✅             |     |
+| 253     | inotify_init           | ❌             |     |
+| 254     | inotify_add_watch      | ❌             |     |
+| 255     | inotify_rm_watch       | ❌             |     |
+| 256     | migrate_pages          | ❌             |     |
+| 257     | openat                 | ✅             | [⚠️](limitations-on-system-calls/file-and-directory-operations.md#open-and-openat) |
+| 258     | mkdirat                | ✅             |     |
+| 259     | mknodat                | ✅             |     |
+| 260     | fchownat               | ✅             |     |
+| 261     | futimesat              | ✅             |     |
+| 262     | newfstatat             | ✅             |     |
+| 263     | unlinkat               | ✅             |     |
+| 264     | renameat               | ✅             |     |
+| 265     | linkat                 | ✅             |     |
+| 266     | symlinkat              | ✅             |     |
+| 267     | readlinkat             | ✅             |     |
+| 268     | fchmodat               | ✅             |     |
+| 269     | faccessat              | ✅             |     |
+| 270     | pselect6               | ✅             |     |
+| 271     | ppoll                  | ✅             |     |
+| 272     | unshare                | ✅             |     |
+| 273     | set_robust_list        | ✅             |     |
+| 274     | get_robust_list        | ❌             |     |
+| 275     | splice                 | ❌             |     |
+| 276     | tee                    | ❌             |     |
+| 277     | sync_file_range        | ❌             |     |
+| 278     | vmsplice               | ❌             |     |
+| 279     | move_pages             | ❌             |     |
+| 280     | utimensat              | ✅             |     |
+| 281     | epoll_pwait            | ✅             |     |
+| 282     | signalfd               | ✅             |     |
+| 283     | timerfd_create         | ✅             |     |
+| 284     | eventfd                | ✅             |     |
+| 285     | fallocate              | ✅             |     |
+| 286     | timerfd_settime        | ✅             |     |
+| 287     | timerfd_gettime        | ✅             |     |
+| 288     | accept4                | ✅             |     |
+| 289     | signalfd4              | ✅             |     |
+| 290     | eventfd2               | ✅             | [⚠️](limitations-on-system-calls/file-descriptor-and-io-control.md#eventfd-and-eventfd2) |
+| 291     | epoll_create1          | ✅             |     |
+| 292     | dup3                   | ✅             |     |
+| 293     | pipe2                  | ✅             | [⚠️](limitations-on-system-calls/file-descriptor-and-io-control.md#pipe-and-pipe2) |
+| 294     | inotify_init1          | ❌             |     |
+| 295     | preadv                 | ✅             |     |
+| 296     | pwritev                | ✅             |     |
+| 297     | rt_tgsigqueueinfo      | ❌             |     |
+| 298     | perf_event_open        | ❌             |     |
+| 299     | recvmmsg               | ❌             |     |
+| 300     | fanotify_init          | ❌             |     |
+| 301     | fanotify_mark          | ❌             |     |
+| 302     | prlimit64              | ✅             |     |
+| 303     | name_to_handle_at      | ❌             |     |
+| 304     | open_by_handle_at      | ❌             |     |
+| 305     | clock_adjtime          | ❌             |     |
+| 306     | syncfs                 | ❌             |     |
+| 307     | sendmmsg               | ❌             |     |
+| 308     | setns                  | ✅             |     |
+| 309     | getcpu                 | ✅             |     |
+| 310     | process_vm_readv       | ❌             |     |
+| 311     | process_vm_writev      | ❌             |     |
+| 312     | kcmp                   | ❌             |     |
+| 313     | finit_module           | ❌             |     |
+| 314     | sched_setattr          | ✅             | [⚠️](limitations-on-system-calls/process-and-thread-management.md#sched_getattr-and-sched_setattr) |
+| 315     | sched_getattr          | ✅             | [⚠️](limitations-on-system-calls/process-and-thread-management.md#sched_getattr-and-sched_setattr) |
+| 316     | renameat2              | ✅             | [⚠️](limitations-on-system-calls/file-and-directory-operations.md#renameat2) |
+| 318     | getrandom              | ✅             | [⚠️](limitations-on-system-calls/system-information-and-misc.md#getrandom) |
+| 319     | memfd_create           | ✅             |     |
+| 322     | execveat               | ✅             |     |
+| 327     | preadv2                | ✅             |     |
+| 328     | pwritev2               | ✅             |     |
+| 332     | statx                  | ✅             |     |
+| 434     | pidfd_open             | ✅             |     |
+| 435     | clone3                 | ✅             |     |
+| 436     | close_range            | ✅             |     |
+| 439     | faccessat2             | ✅             |     |
+| 441     | epoll_pwait2           | ✅             |     |
+
+Most of these system calls (or their variants) are also supported
+for the RISC-V and LoongArch architectures.
+
+## File Systems
+
+Here is the list of supported file systems:
+* Devfs
+* Devpts
+* Ext2
+* Procfs
+* Ramfs
+
+## Sockets
+
+Here is the list of supported socket types:
+* TCP sockets over IPv4
+* UDP sockets over IPv4
+* Unix sockets
+
+## vDSO
+
+Here is the list of supported symbols in vDSO:
+* `__vdso_clock_gettime`
+* `__vdso_gettimeofday`
+* `__vdso_time`
+
+## Boot Protocols
+
+Here is the list of supported boot protocols:
+* [Multiboot](https://www.gnu.org/software/grub/manual/multiboot/multiboot.html)
+* [Multiboot2](https://www.gnu.org/software/grub/manual/multiboot2/multiboot.html)
+* [Linux 32-bit boot protocol](https://www.kernel.org/doc/html/v5.4/x86/boot.html#bit-boot-protocol)
+* [Linux EFI handover](https://www.kernel.org/doc/html/v5.4/x86/boot.html#efi-handover-protocol)

book/src/kernel/linux-compatibility/limitations-on-system-calls/README.md

@@ -0,0 +1,21 @@
+# Limitations on System Calls
+
+This section documents known limitations of Asterinas's implementation of Linux system calls.
+It introduce [**System Call Matching Language (SCML)**](system-call-matching-language.md),
+a lightweight domain‑specific language for
+specifying allowed and disallowed patterns of system‑call invocations.
+
+The rest of this section uses SCML
+to accurately and concisely describe
+both supported and unsupported functionality of system calls,
+which are divided into the following categories:
+* [Process and thread management](process-and-thread-management.md)
+* [Memory management](memory-management.md)
+* [File & directory operations](file-and-directory-operations.md)
+* [File systems & mount control](file-systems-and-mount-control.md)
+* [File descriptor & I/O control](file-descriptor-and-io-control.md)
+* [Inter-process communication](inter-process-communication.md)
+* [Networking & sockets](networking-and-sockets.md)
+* [Signals & timers](signals-and-timers.md)
+* [Namespaces, cgroups & security](namespaces-cgroups-and-security.md)
+* [System information & misc](system-information-and-misc.md)

book/src/kernel/linux-compatibility/limitations-on-system-calls/file-and-directory-operations.md

@@ -0,0 +1,136 @@
+# File and Directory Operations
+
+<!--
+Put system calls such as
+open, openat, creat, close, read, write, readv, writev, pread64, 
+pwrite64, lseek, stat, fstat, lstat, statx, mkdir, rmdir, link, 
+unlink, rename, symlink, readlink, chmod, fchmod, chown, fchown, 
+utime, and utimensat
+under this category.
+-->
+
+## `open` and `openat`
+
+Supported functionality of `open` in SCML:
+
+```c
+access_mode =
+    O_RDONLY |
+    O_WRONLY |
+    O_RDWR;
+creation_flags =
+    O_CLOEXEC |
+    O_DIRECTORY |
+    O_EXCL |
+    O_NOCTTY |
+    O_NOFOLLOW |
+    O_TRUNC;
+status_flags =
+    O_APPEND |
+    O_ASYNC |
+    O_DIRECT |
+    O_LARGEFILE |
+    O_NOATIME |
+    O_NONBLOCK |
+    O_SYNC;
+
+// Open an existing file
+open(
+    path,
+    flags = <access_mode> | <creation_flags> | <status_flags>,
+);
+
+// Create a new file
+open(
+    path,
+    flags = O_CREAT | <access_mode> | <creation_flags> | <status_flags>,
+    mode
+);
+
+// Status flags that are meaningful with O_PATH
+opath_valid_flags = O_CLOEXEC | O_DIRECTORY | O_NOFOLLOW;
+// All other flags are ignored with O_PATH
+opath_ignored_flags = O_CREAT | <creation_flags> | <status_flags>;
+// Obtain a file descriptor to indicate a location in FS
+open(
+    path,
+    flags = O_PATH | <opath_valid_flags> | <opath_ignored_flags>
+);
+
+// Create an unnamed file 
+// open(path, flags = O_TMPFILE | <creation_flags> | <status_flags>) 
+```
+
+Silently-ignored flags:
+* `O_NOCTTY`
+* `O_DSYNC`
+* `O_SYNC`
+* `O_LARGEFILE`
+* `O_NOATIME`
+* `O_NOCTTY`
+
+Partially-supported flags:
+* `O_PATH`
+
+Unsupported flags:
+* `O_TMPFILE`
+
+Supported and unsupported functionality of `openat` are the same as `open`.
+The SCML rules are omitted for brevity.
+
+For more information,
+see [the man page](https://man7.org/linux/man-pages/man2/openat.2.html).
+
+## `renameat2`
+
+Supported functionality in SCML:
+
+```c
+// Rename a file, moving it between directories if required.
+renameat2(olddirfd, oldpath, newdirfd, newpath, 0);
+```
+
+Unsupported flags:
+* `RENAME_EXCHANGE`
+* `RENAME_NOREPLACE`
+* `RENAME_WHITEOUT`
+
+For more information,
+see [the man page](https://man7.org/linux/man-pages/man2/rename.2.html).
+
+## `lseek`
+
+Supported functionality in SCML:
+
+```c
+// Set file offset
+lseek(
+    fd, offset,
+    whence = SEEK_SET | SEEK_CUR | SEEK_END
+);
+```
+
+Unsupported flags:
+* `SEEK_DATA`
+* `SEEK_HOLE`
+
+For more information,
+see [the man page](https://man7.org/linux/man-pages/man2/lseek.2.html).
+
+## `newfstatat`
+
+Supported functionality in SCML:
+
+```c
+// Retrieve file status by file descriptor
+newfstatat(
+    dirfd, path, statbuf,
+    flags = AT_EMPTY_PATH | AT_SYMLINK_NOFOLLOW
+);
+```
+
+Silently-ignored flags:
+* `AT_NO_AUTOMOUNT`
+
+For more information,
+see [the man page](https://man7.org/linux/man-pages/man2/newfstatat.2.html).

book/src/kernel/linux-compatibility/limitations-on-system-calls/file-descriptor-and-io-control.md

@@ -0,0 +1,88 @@
+# File Descriptor and I/O Control
+
+<!--
+Put system calls such as
+dup, dup2, dup3, fcntl, ioctl, pipe, pipe2, splice, tee, vmsplice, sendfile,
+eventfd, eventfd2, inotify_init, inotify_init1, inotify_add_watch, and inotify_rm_watch
+under this category.
+-->
+
+## `fcntl`
+
+Supported functionality in SCML:
+
+```c
+ignore_flags = O_RDONLY | O_WRONLY | O_RDWR | O_CREAT | O_EXCL | O_NOCTTY | O_TRUNC;
+can_change_flags = O_APPEND | O_ASYNC | O_DIRECT | O_NOATIME | O_NONBLOCK;
+
+// Duplicate a file descriptor
+fcntl(fd, cmd = F_DUPFD | F_DUPFD_CLOEXEC, arg);
+
+// Retrieve file descriptor flags (F_GETFD), file status flags (F_GETFL)
+// or SIGIO/SIGURG owner process (F_GETOWN)
+fcntl(fd, cmd = F_GETFD | F_GETFL | F_GETOWN);
+
+// Set file descriptor flags
+fcntl(fd, cmd = F_SETFD, arg = FD_CLOEXEC);
+
+// Set file status flags
+fcntl(fd, cmd = F_SETFL, arg = <ignore_flags> | <can_change_flags>);
+
+// Manage record locks: test (F_GETLK), non-blocking set (F_SETLK), blocking set (F_SETLKW)
+fcntl(fd, cmd = F_GETLK | F_SETLK | F_SETLKW, arg);
+
+// Assign SIGIO/SIGURG owner process
+fcntl(fd, cmd = F_SETOWN, arg);
+```
+
+Unsupported commands:
+* `F_NOTIFY`
+* `F_OFD_SETLK`, `F_OFD_SETLKW` and `F_OFD_GETLK`
+* `F_GETOWN_EX` and `F_SETOWN_EX`
+* `F_GETSIG` and `F_SETSIG`
+* `F_SETLEASE` and `F_GETLEASE`
+* `F_SETPIPE_SZ` and `F_GETPIPE_SZ`
+* `F_ADD_SEALS` and `F_GET_SEALS`
+* `F_GET_RW_HINT` and `F_SET_RW_HINT`
+* `F_GET_FILE_RW_HINT` and `F_SET_FILE_RW_HINT`
+
+For more information,
+see [the man page](https://man7.org/linux/man-pages/man2/fcntl.2.html).
+
+## `pipe` and `pipe2`
+
+Supported functionality in SCML:
+
+```c
+// Create pipe
+pipe(pipefd);
+
+// Create pipe with enhanced behavior control
+pipe2(pipefd, flags = O_CLOEXEC);
+```
+
+Silently-ignored flags:
+* `O_DIRECT`
+* `O_NONBLOCK`
+
+For more information,
+see [the man page](https://man7.org/linux/man-pages/man2/pipe.2.html).
+
+## `eventfd` and `eventfd2`
+
+Supported functionality in SCML:
+
+```c
+// Create event notification descriptor
+eventfd(initval);
+
+// Create event notification descriptor with enhanced behavior control
+eventfd2(initval, flags = EFD_CLOEXEC);
+```
+
+Silently-ignored flags:
+* `EFD_NONBLOCK`
+* `EFD_SEMAPHORE`
+
+For more information,
+see [the man page](https://man7.org/linux/man-pages/man2/eventfd.2.html).

book/src/kernel/linux-compatibility/limitations-on-system-calls/file-systems-and-mount-control.md

@@ -0,0 +1,86 @@
+# File Systems & Mount Control
+
+<!--
+Put system calls such as
+mount, umount2, pivot_root, statfs, fstatfs, truncate, ftruncate, fsync, 
+fdatasync, sync, syncfs, sync_file_range, open_tree, move_mount, fsopen,
+fsconfig, fsmount, and fspick
+under this category.
+-->
+
+## Mount and Unmount File Systems
+
+### `mount`
+
+Supported functionality in SCML:
+
+```c
+// Create a new mount
+mount(
+    source, target, filesystemtype,
+    mountflags = 0,
+    data
+);
+
+// Move the existing mount point
+mount(
+    source, target, filesystemtype,
+    mountflags = MS_MOVE,
+    data
+);
+
+// Create a bind mount
+mount(
+    source, target, filesystemtype,
+    mountflags = MS_BIND | MS_REC | MS_MOVE,
+    data
+);
+```
+
+Silently-ignored mount flags:
+* `MS_DIRSYNC`
+* `MS_LAZYTIME`
+* `MS_MANDLOCK`
+* `MS_NOATIME`
+* `MS_NODEV`
+* `MS_NODIRATIME`
+* `MS_NOEXEC`
+* `MS_NOSUID`
+* `MS_RDONLY`
+* `MS_RELATIME`
+* `MS_SILENT`
+* `MS_STRICTATIME`
+* `MS_SYNCHRONOUS`
+
+Partially supported mount flags:
+* `MS_REC` is only effective when used in conjunction with `MS_BIND`
+
+Unsupported mount flags:
+* `MS_REMOUNT`
+* `MS_SHARED`
+* `MS_PRIVATE`
+* `MS_SLAVE`
+* `MS_UNBINDABLE`
+
+For more information,
+see [the man page](https://man7.org/linux/man-pages/man2/mount.2.html).
+
+### `umount` and `umount2`
+
+Supported functionality in SCML:
+
+```c
+// Unmount a mounted file system
+umount(target);
+
+// Unmount a mounted file system with enhanced behavior control
+umount2(target, flags = UMOUNT_NOFOLLOW);
+```
+
+Silently-ignored flags:
+* `MNT_FORCE`
+* `MNT_DETACH`
+* `MNT_EXPIRE`
+
+For more information,
+see [the man page](https://man7.org/linux/man-pages/man2/umount.2.html).

book/src/kernel/linux-compatibility/limitations-on-system-calls/inter-process-communication.md

@@ -0,0 +1,166 @@
+# Inter-Process Communication
+
+<!--
+Put system calls such as
+msgget, msgsnd, msgrcv, msgctl, semget, semop, semctl, shmget, shmat, shmctl
+futex, set_robust_list, and get_robust_list
+under this category.
+-->
+
+## System V semaphore
+
+### `semget`
+
+Supported functionality in SCML:
+
+```c
+// Creat or open a semaphore set
+semget(
+    key,
+    nsems,
+    semflg = IPC_CREAT | IPC_EXCL
+);
+```
+
+For more information,
+see [the man page](https://man7.org/linux/man-pages/man2/semget.2.html).
+
+### `semop` and `semtimedop`
+
+Supported functionality in SCML:
+
+```c
+struct sembuf = {
+    sem_flg = IPC_NOWAIT,
+    ..
+};
+
+// Semaphore operations without blocking
+semop(
+    semid,
+    sops = [ <sembuf> ],
+    nsops
+);
+```
+
+Unsupported semaphore flags:
+* `SEM_UNDO`
+
+Supported and unsupported functionality of `semtimedop` are the same as `semop`.
+The SCML rules are omitted for brevity.
+
+For more information,
+see [the man page](https://man7.org/linux/man-pages/man2/semop.2.html).
+
+### `semctl`
+
+Supported functionality in SCML:
+
+```c
+// Remove the semaphore set
+semctl(
+    semid,
+    semnum,
+    cmd = IPC_RMID
+);
+
+// Initialize the value of the semnum-th semaphore
+semctl(
+    semid,
+    semnum,
+    cmd = SETVAL,
+    arg
+);
+
+// Return the current value (GETVAL), last operating process's PID (GETPID),
+// count of processes awaiting increment (GETNCNT) or count of processes awaiting
+// zero (GETZCNT) of the semnum-th semaphore
+semctl(
+    semid,
+    semnum,
+    cmd = GETVAL | GETPID | GETNCNT | GETZCNT
+);
+
+// Retrieve a copy of the `semid_ds` kernel structure for the specified semaphore set
+semctl(
+    semid,
+    semnum,
+    cmd = IPC_STAT,
+    arg
+);
+```
+
+Unsupported commands:
+* `IPC_INFO`
+* `SEM_INFO`
+* `SEM_STAT`
+* `SEM_STAT_ANY`
+* `GETALL`
+* `SETALL`
+
+For more information,
+see [the man page](https://man7.org/linux/man-pages/man2/semctl.2.html).
+
+### `futex`
+
+Supported functionality in SCML:
+
+```c
+opt_flags = FUTEX_PRIVATE_FLAG | FUTEX_CLOCK_REALTIME;
+
+// Block current thread if target value at `uaddr` matches `val`, and wait up to `timeout`.
+futex(
+    uaddr,
+    futex_op = FUTEX_WAIT | <opt_flags>,
+    val, timeout
+);
+
+// Block current thread with bitmask condition if target value at `uaddr` matches `val`,
+// and wait up to `timeout`.
+futex(
+    uaddr,
+    futex_op = FUTEX_WAIT_BITSET | <opt_flags>,
+    val, timeout, unused = NULL, bitmask
+);
+
+// Unblock up to `max_waiters` threads waiting on `uaddr`
+futex(
+    uaddr,
+    futex_op = FUTEX_WAKE | <opt_flags>,
+    max_waiters
+);
+
+// Unblock up to `max_waiters` threads on `uaddr`, if the value on `uaddr` matches `bitmask`
+futex(
+    uaddr,
+    futex_op = FUTEX_WAKE_BITSET | <opt_flags>,
+    max_waiters, unused0 = NULL, unused1 = NULL, bitmask
+);
+
+// Unblock up to `max_waiters` threads waiting on `uaddr`, and requeue up to
+// `max_requeue_waiters` of the remaining waiters to the target futex at `uaddr2`.
+futex(
+    uaddr,
+    futex_op = FUTEX_REQUEUE | <opt_flags>,
+    max_waiters, max_requeue_waiters, uaddr2
+);
+
+// Perform atomic operation encoded in `operation` on `uaddr2`. Unblock up to `max_waiters`
+// threads waiting on `uaddr`, and conditionally unblock up to `max_waiters2` threads
+// waiting on `uaddr2` based on the result of the atomic operation.
+futex(
+    uaddr,
+    futex_op = FUTEX_WAKE_OP | <opt_flags>,
+    max_waiters, max_waiters2, uaddr2, operation
+);
+```
+
+Unsupported operations:
+* `FUTEX_FD`
+* `FUTEX_CMP_REQUEUE`
+* `FUTEX_LOCK_PI`
+* `FUTEX_UNLOCK_PI`
+* `FUTEX_TRYLOCK_PI`
+
+For more information,
+see [the man page](https://man7.org/linux/man-pages/man2/futex.2.html).

book/src/kernel/linux-compatibility/limitations-on-system-calls/memory-management.md

@@ -0,0 +1,182 @@
+# Memory Management
+
+<!--
+Put system calls such as 
+brk, mmap, munmap, mprotect, mremap, msync, mincore, madvise, 
+shmget, shmat, shmctl, mlock, munlock, mbind, and set_mempolicy
+under this part.
+-->
+
+## Memory Mappings
+
+### `mmap` and `munmap`
+
+Supported functionality in SCML:
+
+```c
+prot = PROT_NONE |
+    PROT_EXEC |
+    PROT_READ |
+    PROT_WRITE;
+opt_flags =
+    MAP_ANONYMOUS |
+    MAP_FIXED |
+    MAP_FIXED_NOREPLACE |
+    MAP_GROWSDOWN |
+    MAP_HUGETLB |
+    MAP_LOCKED |
+    MAP_NONBLOCK |
+    MAP_NORESERVE |
+    MAP_POPULATE |
+    MAP_SYNC;
+
+// Create a private memory mapping
+mmap(
+    addr, length,
+    prot = <prot>, 
+    flags = MAP_PRIVATE | <opt_flags>
+    fd, offset
+);
+    
+// Create a shared memory mapping
+mmap(
+    addr, length,
+    prot = <prot>, 
+    flags = MAP_SHARED | MAP_SHARED_VALIDATE | <opt_flags>
+    fd, offset
+);
+
+// Unmap a memory mapping
+munmap(addr, length);
+```
+
+Silently-ignored flags:
+* `MAP_HUGETLB`
+* `MAP_GROWSDOWN`
+* `MAP_LOCKED`
+* `MAP_NONBLOCK`
+* `MAP_NORESERVE`
+* `MAP_POPULATE`
+* `MAP_SYNC`
+
+Partially supported flags:
+* `MAP_FIXED_NOREPLACE` is treated as `MAP_FIXED`
+
+Unsupported flags:
+* `MAP_32BIT`
+* `MAP_HUGE_1GB`
+* `MAP_HUGE_2MB`
+* `MAP_UNINITIALIZED`
+
+For more information,
+see [the man page](https://man7.org/linux/man-pages/man2/mmap.2.html).
+
+### `msync`
+
+Supported functionality in SCML:
+
+```c
+// Flush memory region to disk asynchronously
+msync(
+    addr, length,
+    flags = MS_ASYNC | MS_INVALIDATE
+);
+
+// Flush memory region to disk synchronously
+msync(
+    addr, length,
+    flags = MS_SYNC | MS_INVALIDATE
+);
+```
+
+Silently-ignored flags:
+* `MS_INVALIDATE` is ignored because all processes use the same page cache
+
+For more information,
+see [the man page](https://man7.org/linux/man-pages/man2/msync.2.html).
+
+### `mremap`
+
+Supported functionality in SCML:
+
+```c
+// Resize an existing memory mapping. Relocation is allowed if given `MREMAP_MAYMOVE`.
+mremap(
+    old_address,
+    old_size,
+    new_size,
+    flags = MREMAP_MAYMOVE
+);
+
+// Resize an existing memory mapping and force relocation to a specified location.
+mremap(
+    old_address,
+    old_size,
+    new_size,
+    flags = MREMAP_MAYMOVE | MREMAP_FIXED,
+    new_address
+);
+```
+
+For more information,
+see [the man page](https://man7.org/linux/man-pages/man2/mremap.2.html).
+
+### `mprotect`
+
+Supported functionality in SCML:
+
+```c
+// Set memory access permissions
+mprotect(
+    addr,
+    len,
+    prot = <prot>
+);
+```
+
+Silently-ignored protection flags:
+* `PROT_SEM`
+* `PROT_SAO`
+* `PROT_GROWSUP`
+* `PROT_GROWSDOWN`
+
+For more information,
+see [the man page](https://man7.org/linux/man-pages/man2/mprotect.2.html).
+
+### `madvise`
+
+Supported functionality in SCML:
+
+```c
+// Apply the default memory access pattern with no special optimizations
+madvise(addr, length, advice = MADV_NORMAL);
+
+// Indicate sequential access to enable aggressive read-ahead and immediate page release
+madvise(addr, length, advice = MADV_SEQUENTIAL);
+
+// Prefetch pages for near-future access to reduce latency
+madvise(addr, length, advice = MADV_WILLNEED);
+```
+
+Silently-ignored advice:
+* `MADV_DONTNEED`
+
+Unsupported advice:
+* `MADV_RANDOM`
+* `MADV_REMOVE`
+* `MADV_DONTFORK`
+* `MADV_DOFORK`
+* `MADV_HWPOISON`
+* `MADV_MERGEABLE`
+* `MADV_UNMERGEABLE`
+* `MADV_SOFT_OFFLINE`
+* `MADV_HUGEPAGE`
+* `MADV_NOHUGEPAGE`
+* `MADV_DONTDUMP`
+* `MADV_DODUMP`
+* `MADV_FREE`
+* `MADV_WIPEONFORK`
+* `MADV_KEEPONFORK`
+
+For more information,
+see [the man page](https://man7.org/linux/man-pages/man2/madvise.2.html).

book/src/kernel/linux-compatibility/limitations-on-system-calls/namespaces-cgroups-and-security.md

@@ -0,0 +1,97 @@
+# Namespaces, Cgroups & Security
+
+<!--
+Put system calls such as
+unshare, setns, clone (with namespace flags), chroot, pivot_root, prctl,
+capset, seccomp, landlock_create_ruleset, landlock_add_rule, 
+landlock_restrict_self, and bpf
+under this category.
+-->
+
+## `prctl`
+
+Supported functionality in SCML:
+
+```c
+// Retrieve or set the parent-death signal
+prctl(op = PR_GET_PDEATHSIG ｜ PR_SET_PDEATHSIG, sig);
+
+// Get or set the name of calling thread
+prctl(op = PR_GET_NAME ｜ PR_SET_NAME, name);
+
+// Query whether process retains permitted capabilities after `UID` changes
+prctl(op = PR_GET_KEEPCAPS);
+
+// Configure permitted capabilities retention after `UID` changes
+prctl(op = PR_SET_KEEPCAPS, state);
+
+// Retrieve or set "child subreaper" attribute
+prctl(op = PR_GET_CHILD_SUBREAPER | PR_SET_CHILD_SUBREAPER, isset);
+```
+
+Partially-supported operations:
+* `PR_GET_DUMPABLE` and `PR_SET_DUMPABLE` because coredump is not supported
+
+Unsupported operations:
+* `PR_CAP_AMBIENT`, `PR_CAPBSET_READ` and `PR_CAPBSET_DROP`
+* `PR_GET_ENDIAN` and `PR_SET_ENDIAN`
+* `PR_GET_FP_MODE` and `PR_SET_FP_MODE`
+* `PR_GET_FPEMU` and `PR_SET_FPEMU`
+* `PR_GET_FPEXC` and `PR_SET_FPEXC`
+* `PR_GET_IO_FLUSHER` and `PR_SET_IO_FLUSHER`
+* `PR_MCE_KILL` and `PR_MCE_KILL_GET`
+* `PR_SET_MM` and `PR_SET_VMA`
+* `PR_MPX_ENABLE_MANAGEMENT` and `PR_MPX_DISABLE_MANAGEMENT`
+* `PR_GET_NO_NEW_PRIVS` and `PR_SET_NO_NEW_PRIVS`
+* `PR_PAC_RESET_KEYS`
+* `PR_SET_PTRACER`
+* `PR_GET_SECCOMP` and `PR_SET_SECCOMP`
+* `PR_GET_SECUREBITS` and `PR_SET_SECUREBITS`
+* `PR_GET_SPECULATION_CTRL` and `PR_SET_SPECULATION_CTRL`
+* `PR_SVE_GET_VL` and `PR_SVE_SET_VL`
+* `PR_SET_SYSCALL_USER_DISPATCH`
+* `PR_GET_TAGGED_ADDR_CTRL` and `PR_SET_TAGGED_ADDR_CTRL`
+* `PR_TASK_PERF_EVENTS_ENABLE` and `PR_TASK_PERF_EVENTS_DISABLE`
+* `PR_GET_THP_DISABLE` and `PR_SET_THP_DISABLE`
+* `PR_GET_TID_ADDRESS`
+* `PR_GET_TIMERSLACK` and `PR_SET_TIMERSLACK`
+* `PR_GET_TIMING` and `PR_SET_TIMING`
+* `PR_GET_TSC` and `PR_SET_TSC`
+* `PR_GET_UNALIGN` and `PR_SET_UNALIGN`
+* `PR_GET_AUXV`
+* `PR_GET_MDWE` and `PR_SET_MDWE`
+* `PR_RISCV_SET_ICACHE_FLUSH_CTX`
+
+For more information,
+see [the man page](https://man7.org/linux/man-pages/man2/prctl.2.html).
+
+## `capget` and `capset`
+
+Supported functionality in SCML:
+
+```c
+// Get capabilities of thread
+capget(
+    hdrp = {
+        version = _LINUX_CAPABILITY_VERSION_3,
+        ..
+    },
+    datap
+);
+
+// Set capabilities of thread
+capset(
+    hdrp = {
+        version = _LINUX_CAPABILITY_VERSION_3,
+        ..
+    },
+    datap
+);
+```
+
+Unsupported versions:
+* `_LINUX_CAPABILITY_VERSION_1`
+* `_LINUX_CAPABILITY_VERSION_2`
+
+For more information,
+see [the man page](https://man7.org/linux/man-pages/man2/capget.2.html).

book/src/kernel/linux-compatibility/limitations-on-system-calls/networking-and-sockets.md

@@ -0,0 +1,49 @@
+# Networking & Sockets
+
+<!--
+Put system calls such as
+
+socket, socketpair, bind, listen, accept, connect, getsockname, getpeername, 
+sendto, recvfrom, sendmsg, recvmsg, shutdown, setsockopt, getsockopt, 
+sendmmsg, recvmmsg, accept4, recvmsg, and socketcall
+under this category.
+-->
+
+## `socket`
+
+
+```c
+// Optional flags for socket type
+opt_type_flags = SOCK_NONBLOCK | SOCK_CLOEXEC;
+
+// Create a UNIX socket
+socket(
+    family = AF_UNIX,
+    type = SOCK_STREAM | SOCK_SEQPACKET | <opt_type_flags>,
+    protocol = 0
+);
+
+// Create an IPv4 socket (TCP or UDP)
+socket(
+    family = AF_INET, 
+    type = SOCK_STREAM | SOCK_DGRAM | <opt_type_flags>,
+    protocol = IPPROTO_IP | IPPROTO_TCP | IPPROTO_UDP
+);
+
+// Create a netlink socket
+socket(
+    family = AF_NETLINK, 
+    type = SOCK_RAW | SOCK_DGRAM | <opt_type_flags>,
+    protocol = NETLINK_ROUTE | NETLINK_KOBJECT_UEVENT
+);
+
+// Create a VSOCK socket
+socket(
+    family = AF_VSOCK, 
+    type = SOCK_STREAM | <opt_type_flags>,
+    protocol = 0
+);
+```
+
+For more information,
+see [the man page](https://man7.org/linux/man-pages/man2/socket.2.html).

book/src/kernel/linux-compatibility/limitations-on-system-calls/process-and-thread-management.md

@@ -0,0 +1,66 @@
+# Process & Thread Management
+
+<!--
+Put system calls such as
+fork, vfork, clone, execve, exit, exit_group, wait4, waitid,
+getpid, getppid, gettid, setuid, setgid, getuid, getgid, and prctl
+under this category.
+-->
+
+## `sched_getattr` and `sched_setattr`
+
+Supported functionality in SCML:
+
+```c
+// Get the scheduling policy of a "normal" thread
+sched_getattr(
+    pid,
+    attr = {
+        sched_policy = SCHED_OTHER | SCHED_BATCH | SCHED_IDLE,
+        sched_flags = 0,
+        ..
+    },
+    flags = 0,
+);
+// Set the scheduling policy of a "normal" thread
+sched_setattr(
+    pid,
+    attr = {
+        sched_policy = SCHED_OTHER | SCHED_BATCH | SCHED_IDLE,
+        sched_flags = 0,
+        ..
+    },
+    flags = 0,
+);
+
+// Get the scheduling policy of a real-time thread
+sched_getattr(
+    pid,
+    attr = {
+        sched_policy = SCHED_FIFO | SCHED_RR,
+        sched_flags = 0,
+        ..
+    },
+    flags = 0,
+);
+// Set the scheduling policy of a real-time thread
+sched_setattr(
+    pid,
+    attr = {
+        sched_policy = SCHED_FIFO | SCHED_RR,
+        sched_flags = 0,
+        ..
+    },
+    flags = 0,
+);
+```
+
+Unsupported scheduling policies:
+* `SCHED_DEADLINE`
+
+Unsupported scheduling flags:
+* `SCHED_FLAG_RESET_ON_FORK`
+* `SCHED_FLAG_RECLAIM`
+* `SCHED_FLAG_DL_OVERRUN`
+* `SCHED_FLAG_UTIL_CLAMP_MIN`
+* `SCHED_FLAG_UTIL_CLAMP_MAX`

book/src/kernel/linux-compatibility/limitations-on-system-calls/signals-and-timers.md

@@ -0,0 +1,84 @@
+# Signals & Timers
+
+<!--
+Put system calls such as
+
+rt_sigaction, rt_sigprocmask, rt_sigpending, rt_sigqueueinfo, rt_tgsigqueueinfo,
+rt_sigreturn, kill, tkill, tgkill, alarm, setitimer, getitimer, nanosleep,
+timer_create, timer_settime, timer_gettime, and timer_delete
+under this category.
+-->
+
+## Signals
+
+### `rt_sigaction`
+
+Supported functionality in SCML:
+
+```c
+// Change and/or retrieve a signal action
+rt_sigaction(
+    signum,
+    act = {
+        sa_flags = SA_ONSTACK | SA_RESTART | SA_NODEFER | SA_RESTORER | SA_SIGINFO | SA_RESETHAND,
+        ..
+    },
+    oldact, sigsetsize
+);
+```
+
+Unsupported `sigaction` flags:
+* `SA_NOCLDSTOP`
+* `SA_NOCLDWAIT`
+
+For more information,
+see [the man page](https://man7.org/linux/man-pages/man2/sigaction.2.html).
+
+### `rt_sigprocmask`
+
+Supported functionality in SCML:
+
+```c
+// Change and/or retrieve blocked signals
+rt_sigprocmask(
+    how = SIG_BLOCK | SIG_UNBLOCK | SIG_SETMASK, set, oldset, sigsetsize
+);
+```
+
+For more information,
+see [the man page](https://man7.org/linux/man-pages/man2/sigprocmask.2.html).
+
+## POSIX Interval Timers
+
+### `timer_create`
+
+Supported functionality in SCML:
+
+```c
+opt_notify_methods = SIGEV_NONE | SIGEV_SIGNAL | SIGEV_THREAD_ID;
+
+// Create a timer with predefined clock source
+timer_create(
+    clockid = CLOCK_PROCESS_CPUTIME_ID | CLOCK_THREAD_CPUTIME_ID | CLOCK_REALTIME | CLOCK_MONOTONIC | CLOCK_BOOTTIME,
+    sevp = <opt_notify_methods>,
+    timerid
+);
+
+// Create a timer based on a per-process or per-thread clock
+timer_create(
+    clockid = <INTEGER>,
+    sevp = <opt_notify_methods>,
+    timerid
+);
+```
+
+Unsupported predefined clock IDs:
+* `CLOCK_REALTIME_ALARM`
+* `CLOCK_BOOTTIME_ALARM`
+* `CLOCK_TAI`
+
+Unsupported notification methods:
+* `SIGEV_THREAD`
+
+For more information,
+see [the man page](https://man7.org/linux/man-pages/man2/timer_create.2.html).

book/src/kernel/linux-compatibility/limitations-on-system-calls/system-call-matching-language.md

@@ -0,0 +1,284 @@
+# System Call Matching Language (SCML)
+
+SCML specifies matching patterns for system‑call invocations.
+Asterinas developers can easily write SCML rules to describe supported patterns.
+Likewise, users and developers can intuitively read these rules 
+to understand which system calls and features are available.
+
+SCML is designed to integrate seamlessly with
+[strace](https://man7.org/linux/man-pages/man1/strace.1.html),
+the standard Linux system‑call tracer.
+Strace emits each invocation in a C‑style syntax;
+given a set of SCML rules,
+a tool can automatically determine
+whether a strace log entry conforms to the supported patterns.
+This paves the way for an SCML‑based analyzer
+that reports unsupported calls in any application's trace.
+
+## Strace: A Quick Example
+
+To illustrate, run strace on a simple "Hello, World!" program:
+
+```bash
+$ strace ./hello_world
+```
+
+A typical trace might look like this:
+
+```shell
+execve("./hello_world", ["./hello_world"], 0xffffffd3f710 /* 4 vars */) = 0
+brk(NULL)                               = 0xaaaabdc1b000
+mmap(NULL, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0xffff890f4000
+openat(AT_FDCWD, "/lib/aarch64-linux-gnu/libc.so.6", O_RDONLY|O_CLOEXEC) = 3
+read(3, "\177ELF\2\1\1\3\0\0\0\0\0\0\0\0\3\0\267\0\1\0\0\0\360\206\2\0\0\0\0\0"..., 832) = 832
+fstat(3, {st_mode=S_IFREG|0755, st_size=1722920, ...}) = 0
+…
+write(1, "Hello, World!\n", 14)         = 14
+exit_group(0)                           = ?
+```
+
+Key points of this output:
+
+* System calls are rendered as `name(arg1, …, argN)`.
+* Flags appear as `FLAG1|FLAG2|…|FLAGN`.
+* Structs use `{field1=value1, …}`.
+* Arrays are shown as `[value1, …]`.
+
+SCML's syntax draws directly from these conventions.
+
+## SCML by Example
+
+SCML is intentionally simple:
+most Linux system‑call semantics hinge on bitflags.
+SCML rules act as templates:
+you define a rule once,
+and a human or an analyzer uses it to check if a syscall invocation matches it or not.
+
+Imagine you're developing a Linux-compatible OS (like Asterinas)
+that supports just a restricted subset of syscalls and their options.
+We will use SCML to describe the restricted functionality.
+
+### Matching Rules for System Calls
+
+For example,
+your OS supports the [`open`](https://man7.org/linux/man-pages/man2/openat.2.html) system call 
+with one or more of the four flags: `O_RDONLY`, `O_WRONLY`, `O_RDWR`, and `O_CLOEXEC`:
+This constraint can be expressed in the following system call matching rule.
+
+```c
+open(path, flags = O_RDONLY | O_WRONLY | O_RDWR | O_CLOEXEC);
+```
+
+To allow file creation,
+you add another matching rule that 
+includes the `O_CREAT` flag and requires a `mode` argument:
+
+```c
+open(path, flags = O_CREAT | O_RDONLY | O_WRONLY | O_RDWR | O_CLOEXEC, mode);
+```
+
+To support the `O_PATH` flag
+(only valid with `O_CLOEXEC`, not with  `O_RDONLY`, `O_WRONLY`, or `O_RDWR`),
+you add a third matching rule:
+
+```c
+open(path, flags = O_PATH | O_CLOEXEC);
+```
+
+SCML rules constrain only the flagged arguments;
+other parameters (like `path` and `mode`) accept any value.
+
+### C-Style Comments
+
+SCML also supports C‑style comments:
+
+```c
+// All matching rules for the open syscall.
+// A supported invocation of the open syscall must match at least one of the rules.
+open(path, flags = O_RDONLY | O_WRONLY | O_RDWR | O_CLOEXEC);
+open(path, flags = O_CREAT | O_RDONLY | O_WRONLY | O_RDWR | O_CLOEXEC, mode);
+open(path, flags = O_PATH | O_CLOEXEC);
+```
+
+### Matching Rules for Bitflags
+
+Above, we embedded flag combinations directly within individual system‑call rules,
+which can lead to duplication and make maintenance harder.
+SCML allows you to define named bitflag rules that
+can be reused across multiple rules.
+This reduces repetition and centralizes your flag definitions.
+For example:
+
+```c
+// Define a reusable bitflags rule
+access_mode = O_RDONLY | O_WRONLY | O_RDWR;
+
+open(path, flags = <access_mode> | O_CLOEXEC);
+open(path, flags = O_CREAT | <access_mode> | O_CLOEXEC, mode);
+open(path, flags = O_PATH | O_CLOEXEC);
+```
+
+### Matching Rules for Structs
+
+SCML can match flags inside struct fields.
+Consider [`sigaction`](https://man7.org/linux/man-pages/man2/sigaction.2.html):
+
+```c
+struct sigaction = {
+    sa_flags: SA_NOCLDSTOP | SA_NOCLDWAIT,
+    ..
+};
+```
+
+Here, `..` is a wildcard for remaining fields that we do not care.
+
+Then, we can write a system call rule that
+refers to the struct rule using the `<struct_rule>` syntax.
+
+```c
+sigaction(signum, act = <sigaction>, oldact = <sigaction>);
+```
+
+### Matching Rules for Arrays
+
+SCML can describe how to match flags embedded inside the struct values of an array.
+This is the case of the [`poll`](https://man7.org/linux/man-pages/man2/poll.2.html) system call.
+It takes an array of values of `struct pollfd`,
+whose `event` and `revents` fields are bitflags.
+
+```c
+// Support all but the POLLPRI flags
+events = POLLIN | POLLOUT | POLLRDHUP | POLLERR | POLLHUP | POLLNVAL;
+
+struct pollfd = {
+    events  = <events>,
+    revents = <events>,
+    ..
+};
+
+poll(fds = [ <pollfd> ], nfds, timeout);
+```
+
+Notice how SCML denotes an array with the `[ <struct_rule> ]` syntax.
+
+### Special Built-in Matching Rules
+
+Bitflags-based matching rules described above are expressive enough to
+capture most patterns of interesting system call arguments.
+But some system call arguments cannot be characterized with bitflags.
+To address such cases, SCML introduces two special built-in matching rules:
+`<PATH>` and `<INTEGER>`
+
+#### The file path matching rule
+
+The `<PATH>` matching rule is used to
+denote a system call argument of a C-string file path.
+For example, the matching rules for the `open` system call
+can be enhanced with `<PATH>` as follows:
+
+```c
+access_mode = O_RDONLY | O_WRONLY | O_RDWR;
+
+open(path = <PATH>, flags = <access_mode> | O_CLOEXEC);
+open(path = <PATH>, flags = O_CREAT | <access_mode> | O_CLOEXEC, mode);
+open(path = <PATH>, flags = O_PATH | O_CLOEXEC);
+```
+
+File paths provide a new dimension to determine whether a system call is supported or not.
+Linux has multiple pseudo file systems such as
+DevTmpFS, ProcFS, SysFS, CgroupFS, and ConfigFS,
+mounted at well-known locations.
+A Linux-compatible OS such as Asterinas may only support a sub-tree of an pseudo FS.
+Knowing which system call arguments refer to file paths,
+a tool may be built to automatically issue warnings
+when unsupported file paths are accessed by system calls.
+
+#### The integer matching rule
+
+The `<INTEGER>` matching rule can match any integer system call argument
+such as `1234`, `-100`, `0xdeadbeef`, and `0o666`.
+It can be used as a fallback rule
+when a system call takes an argument of either bitflags or integer.
+
+```c
+timer_create(
+    clockid =
+        // Static clock IDs represented as bitflags
+        CLOCK_PROCESS_CPUTIME_ID | CLOCK_THREAD_CPUTIME_ID | CLOCK_REALTIME | CLOCK_MONOTONIC | CLOCK_BOOTTIME |
+        // Dynamic clock IDs (per-process or per-thread clock IDs)
+        // represented as an integer value.
+        <INTEGER>,
+    sevp,
+    timerid
+);
+```
+
+### Advanced Usage
+
+Just like you can write multiple rules of the same system call,
+you may define multiple rules for the same struct:
+
+```c
+// Rules for control message header
+struct cmsghdr = {
+    cmsg_level = SOL_SOCKET,
+    cmsg_type  = SO_TIMESTAMP_OLD | SCM_RIGHTS | SCM_CREDENTIALS,
+    ..
+};
+struct cmsghdr = {
+    cmsg_level = SOL_IP,
+    cmsg_type  = IP_TTL,
+    ..
+};
+```
+
+A `cmsghdr` value matches if it satisfies any one rule.
+
+Struct rules may also be nested:
+
+```c
+// Rule for message header, which refers to the rules for control message header
+struct msghdr = {
+    msg_control = [ <cmsghdr> ],
+    ..
+};
+
+recvmsg(socket, message = <msghdr>, flags);
+```
+
+## Formal Syntax
+
+Below is the formal syntax of SCML,
+expressed in Extended Backus–Naur Form (EBNF).
+Non‑terminals are in angle brackets, terminals in quotes.
+
+```
+<scml>           ::= { <rule> }
+<rule>           ::= <syscall-rule> ';' 
+                   | <struct-rule> ';'
+                   | <bitflags-rule> ';'
+
+<syscall-rule>   ::= <identifier> '(' [ <param-list> ] ')'
+<param-list>     ::= <param> { ',' <param> }
+<param>          ::= <identifier> '=' <expr>
+                   | <identifier>
+
+<expr>           ::= <expr> '|' <expr>
+                   | <term>
+<term>           ::= <identifier>
+                   | '<' <identifier> '>'
+
+<array>          ::= '[' '<' <identifier> '>' ']'  
+
+<struct-rule>    ::= 'struct' <identifier> '=' '{' <field-list> [ ',' '..' ] '}'
+<field-list>     ::= <field> { ',' <field> }
+<field>          ::= <identifier>
+                   | <identifier> ':' <expr>
+                   | <identifier> ':' <array>
+
+<bitflags-rule>  ::= <identifier> '=' <expr>
+
+<identifier>     ::= letter { letter | digit | '_' }
+
+comment          ::= '//' { any-char }
+```

book/src/kernel/linux-compatibility/limitations-on-system-calls/system-information-and-misc.md

@@ -0,0 +1,123 @@
+# System Information & Misc.
+
+<!--
+Put system calls such as
+uname, getrlimit, setrlimit, sysinfo, times, gettimeofday, clock_gettime,
+clock_settime, getrusage, getdents, getdents64, personality, syslog,
+arch_prctl, set_tid_address, and getrandom
+under this category.
+-->
+
+## POSIX Clocks
+
+### `clock_gettime`
+
+Supported functionality in SCML:
+
+```c
+predefined_clockid = CLOCK_REALTIME | CLOCK_MONOTONIC | CLOCK_MONOTONIC_RAW |
+                     CLOCK_REALTIME_COARSE | CLOCK_MONOTONIC_COARSE | CLOCK_BOOTTIME |
+                     CLOCK_PROCESS_CPUTIME_ID | CLOCK_THREAD_CPUTIME_ID;
+
+// Get the time of a clock specified by a static ID
+clock_gettime(clockid = <predefined_clockid>, tp);
+
+// Get the time of a clock specified by a dynamic ID
+clock_gettime(clockid = <INTEGER>, tp);
+```
+
+Unsupported predefined clock IDs:
+* `CLOCK_REALTIME_ALARM`
+* `CLOCK_BOOTTIME_ALARM`
+* `CLOCK_TAI`
+
+For more information,
+see [the man page](https://man7.org/linux/man-pages/man2/clock_gettime.2.html).
+
+### `clock_nanosleep`
+
+Supported functionality in SCML:
+
+```c
+// Sleep with a specified clock
+clock_nanosleep(
+    clockid = CLOCK_REALTIME | CLOCK_MONOTONIC | CLOCK_BOOTTIME | CLOCK_PROCESS_CPUTIME_ID,
+    flags =
+        // Optional flags:
+        //
+        // Sleep until an absolute time point
+        TIMER_ABSTIME,
+    t, remain
+);
+```
+
+Unsupported clock IDs:
+* `CLOCK_TAI`
+
+For more information,
+see [the man page](https://man7.org/linux/man-pages/man2/clock_nanosleep.2.html).
+
+## `arch_prctl`
+
+Supported functionality in SCML:
+
+```c
+// Get or set the FS register
+arch_prctl(
+    code = ARCH_GET_FS | ARCH_SET_FS,
+    addr
+);
+```
+
+Unsupported codes:
+* `ARCH_GET_CPUID` and `ARCH_SET_CPUID`
+* `ARCH_GET_GS` and `ARCH_SET_GS`
+
+For more information,
+see [the man page](https://man7.org/linux/man-pages/man2/arch_prctl.2.html).
+
+## `getrusage`
+
+Supported functionality in SCML:
+
+```c
+// Return resource usage statistics for the calling process
+getrusage(
+    who = RUSAGE_SELF,
+    usage
+);
+
+// Return resource usage statistics for the calling thread
+getrusage(
+    who = RUSAGE_THREAD,
+    usage
+);
+```
+
+Unsupported `who` flags:
+* `RUSAGE_CHILDREN`
+
+For more information,
+see [the man page](https://man7.org/linux/man-pages/man2/getrusage.2.html).
+
+## `getrandom`
+
+Supported functionality in SCML:
+
+```c
+// Obtain random bytes
+getrandom(
+    buf, buflen,
+    flags =
+        // Optional flags:
+        //
+        // High-entropy pool
+        GRND_RANDOM
+);
+```
+
+Silently-ignored flags:
+* `GRND_NONBLOCK` because the underlying operation never blocks
+
+For more information,
+see [the man page](https://man7.org/linux/man-pages/man2/getrandom.2.html).

book/src/osdk/guide/intel-tdx.md

@@ -32,7 +32,7 @@ Therefore, it is recommended to use a Docker image to deploy the environment.
 Run a TDX Docker container:
 
 ```bash
-docker run -it --privileged --network=host --device=/dev/kvm asterinas/osdk:0.9.4-tdx
+docker run -it --privileged --network=host --device=/dev/kvm asterinas/osdk:0.16.1-20250922
 ```
 
 ## Edit `OSDK.toml` for Intel TDX support
@@ -53,7 +53,6 @@ grub.mkrescue_path = "~/tdx-tools/grub"
 grub.protocol = "linux"
 qemu.args = """\
     -accel kvm \
-    -name process=tdxvm,debug-threads=on \
     -m 8G \
     -vga none \
     -monitor pty \

book/src/osdk/reference/commands/run.md

@@ -25,6 +25,9 @@ comma separated configuration list:
  - `vscode`: generate a '.vscode/launch.json' for debugging with Visual Studio Code
     (Requires [CodeLLDB](https://marketplace.visualstudio.com/items?itemName=vadimcn.vscode-lldb)).
 
+Besides, to collect coverage data, we can use option `--coverage`. This option
+enables the coverage feature and collect coverage data to `coverage.profraw` when exit.
+
 See [Debug Command](debug.md) to interact with the GDB server in terminal.
 
 ## Examples

book/src/osdk/reference/environment-variables.md

@@ -0,0 +1,7 @@
+# Environment Variables
+
+The OSDK tool uses the following environment variables to customize compilation and target behavior. 
+
+## OSDK-Specific Variables
+- `OSDK_TARGET_ARCH`: If set, OSDK will use the specified value as its default target architecture (e.g., x86_64, riscv64). 
+If not set, OSDK will default to the host architecture.

book/src/rfcs/0001-rfc-process.md

@@ -0,0 +1,103 @@
+# RFC-0001: RFC process
+
+* Status: Draft
+* Pull request: https://github.com/asterinas/asterinas/pull/2365/
+* Date submitted: 2025-08-24
+* Date approved: YYYY-MM-DD
+
+## Summary
+
+The "RFC" (request for comments) process is intended to provide a consistent, transparent, structured path for the community to make "big" decisions. For example, the RFC process can be used to evolve the project roadmap and the system architecture.
+
+## Motivation
+
+As the Asterinas project grows in scale and community size, an informal decision-making process becomes insufficient. A formalized process is crucial for maintaining the quality and coherence of the project. Several highly successful open-source projects have demonstrated the value of such a process, including Rust ([RFCs](https://rust-lang.github.io/rfcs/introduction.html)), Fuchsia ([RFCs](https://fuchsia.dev/fuchsia-src/contribute/governance/rfcs)), Python ([Python Enhancement Proposals](https://peps.python.org/) or PEPs), and Kubernetes ([Kubernetes Enhancement Proposals](https://www.kubernetes.dev/resources/keps/) or KEPs).
+
+Adopting a formal RFC process will:
+- **Enhance decision quality**: By requiring a detailed proposal and public discussion, we can ensure that decisions are well-reasoned, technically sound, and consider a wide range of perspectives.
+- **Foster Consensus**: The process provides a clear framework for the community to come together, discuss differing viewpoints, and arrive at a consensus on important issues.
+- **Create design records**: Approved RFCs will serve as a historical archive, documenting the design choices made and the reasoning behind them. This is invaluable for new contributors and for future reference.
+
+By introducing this process, we aim to support the healthy and sustainable growth of the Asterinas project.
+
+## Design
+
+### When to follow the RFC process
+
+The RFC process should be used for any "substantial" change to Asterinas. Examples of changes that **require** an RFC include:
+- Launching new top-level sub-projects of a similar significance to OSTD and OSDK.
+- Defining or significantly altering the project roadmap and goals.
+- Establishing or changing project-wide norms, such as this RFC process itself or coding style guides.
+- Proposing significant architectural designs, such as the framekernel architecture or safe policy injection.
+- Introducing changes that affect user-space programs, such as adding a non-Linux system call or feature.
+
+Examples of changes that **do not** require an RFC include:
+- Proposing a design whose impact is confined to a single sub-project or module. If the design is significant or non-trivial, submit a design proposal on Github Issues for discussion.
+- Adding well-understood features with established patterns, such as a standard Linux system call or a device driver.
+- Refactoring existing code, fixing bugs, or improving performance.
+
+When in doubt, it is best to consult with the project maintainers using the methods described in the next section.
+
+### How the RFC process works
+
+The RFC process consists of several distinct stages:
+
+#### The Socialization Stage
+
+Before investing the time to write a full RFC, it is highly recommended to socialize the core idea with the community. This helps gauge interest, gather early feedback, and refine the proposal. Good venues for this include:
+
+- Starting a discussion on the project's [GitHub Discussions page](https://github.com/asterinas/asterinas/discussions).
+- Posting a "Pre-RFC" document to solicit more detailed feedback.
+- Talking to key contributors, code owners, or maintainers directly.
+
+Having support from at least a few other community members is a strong signal that the idea is ready for a formal RFC. Additionally, having a proof-of-concept implementation or identifying individuals committed to the implementation can strengthen the proposal.
+
+#### The Draft Stage
+
+Once you are ready to proceed, create a formal RFC document.
+1. Fork the `asterinas/asterinas` repository.
+2. In [the `rfcs` directory](https://github.com/asterinas/asterinas/tree/main/book/src/rfcs), copy `rfc-template.md` and rename it to `0000-your-rfc-title.md`. The `0000` is a placeholder for the RFC number, which will be assigned later.
+3. Fill out the template with your proposal. The template provides a solid structure, but feel free to adapt it to best suit your proposal.
+
+#### The Iteration Stage
+
+Submit your RFC draft as a pull request to the Asterinas repository. Once the PR is opened, the formal review process begins:
+- A project maintainer will be assigned as the **facilitator** for the RFC. The facilitator's role is to guide the discussion, ensure it remains productive, and ultimately determine when consensus has been reached.
+- All members of the community are encouraged to review the proposal and provide constructive feedback through comments on the pull request.
+- The RFC author is responsible for engaging with the feedback, addressing concerns, and updating the RFC text to reflect the evolving consensus.
+
+#### The Voting Stage
+
+When the discussion has converged and the major points of feedback have been addressed, the author can request that the facilitator initiate a final vote.
+
+- The vote is open to all project maintainers and code owners of top-level sub-projects. See the [`CODEOWNERS`](https://github.com/asterinas/asterinas/blob/main/CODEOWNERS) file for details.
+- Voters can express either "approval" or "rejection."
+- The final decision will be based on a [rough consensus](https://en.wikipedia.org/wiki/Rough_consensus) as determined by the facilitator. This means that while unanimous agreement is not required, any major objections must be addressed.
+
+If the final decision is approval:
+1. The facilitator will assign an unique RFC number.
+2. The author will update the RFC's file name with the assigned RFC number. The author should also update the metadata fields of the RFC.
+3. The facilitator will merge the pull request.
+
+#### The Maintenance Stage
+
+Once an RFC is approved, the proposed changes are ready for implementation. When the corresponding work is completed and merged, the RFC's status is updated from "approved" to "implemented."
+
+Approved RFCs are considered immutable historical records of design decisions. As such, only minor corrective edits like fixing typos or broken links are allowed.
+
+Significant changes or amendments to an existing RFC must be proposed through an entirely new RFC. This new proposal can also be used to formally deprecate a previous RFC, in which case the original's status will be updated to "deprecated."
+
+## License
+
+All RFCs submitted to the Asterinas project are licensed under [Apache License, Version 2.0](https://www.apache.org/licenses/LICENSE-2.0). This license is more permissive than [the MPL license](https://www.mozilla.org/en-US/MPL/) used for the Asterinas code.
+
+## Drawbacks
+
+Introducing a formal RFC process can increase the overhead for making changes to the project. The process is intentionally deliberate, which may slow down the pace of development for major features. There is also a risk that the process could become overly bureaucratic if not managed carefully. For contributors, the effort required to write a high-quality RFC and see it through the review process can be significant.
+
+## Prior Art and References
+
+The Asterinas RFC process is heavily inspired by the well-established processes of the following two open-source projects:
+
+- [Rust RFC Process](https://rust-lang.github.io/rfcs/0002-rfc-process.html): The overall structure and philosophy are closely modeled on Rust's RFC process.
+- [Fuchsia RFC Process](https://fuchsia.dev/fuchsia-src/contribute/governance/rfcs/rfc_process): We have drawn on the Fuchsia process for its clear definition of roles and its emphasis on transparent decision-making.

book/src/rfcs/README.md

@@ -0,0 +1,5 @@
+# RFC Overview
+
+The Asterinas RFC process is intended to provide a consistent, transparent, structured path for the community to make "big" decisions. For example, the RFC process can be used to evolve the project roadmap and the system architecture.
+
+For more details, see the [RFC-0001 RFC process](0001-rfc-process.md).

book/src/rfcs/rfc-template.md

@@ -0,0 +1,28 @@
+# RFC-0000: Your short, descriptive title
+
+* Status: Draft
+* Pull request: (link to PR)
+* Date submitted: YYYY-MM-DD
+* Date approved: YYYY-MM-DD
+
+## Summary
+
+Provide a concise, one-paragraph summary of the proposed change. This should explain the core idea at a high level, making it understandable to someone without deep context.
+
+## Motivation
+
+Explain the "why" behind this RFC. What problem does this solve? What is the user or developer story that justifies this change? Why is this change important for the Asterinas project *now*? This section should clearly articulate the benefits and convince readers of the proposal's necessity.
+
+## Design
+
+This is the heart of the RFC. Describe the proposed design in sufficient detail for a technical review. Explain how it works, how it interacts with other parts of the system, and any new APIs or concepts being introduced. Use code snippets, diagrams, and bullet points where they add clarity.
+
+## Drawbacks, Alternatives, and Unknown
+
+- **Drawbacks:** What are the negative consequences of this proposal? What compromises are being made?
+- **Alternatives:** What other designs or solutions were considered? Why was this specific design chosen over them? What is the impact of *not* doing this?
+- **Unresolved Questions:** What parts of the design are still to be determined (TBD)? What questions will need to be answered during the implementation phase?
+
+## Prior Art and References
+
+Include links to relevant work

book/src/to-contribute/style-guidelines/rust-guidelines.md

@@ -10,8 +10,9 @@ including crates, modules, structs, traits, functions, macros, and more.
 The use of the `#[warn(missing_docs)]` lint enforces this rule.
 
 Asterinas adheres to the API style guidelines of the Rust community.
-The recommended API documentation style can be found at
-[How to write documentation - The rustdoc book](https://doc.rust-lang.org/rustdoc/how-to-write-documentation.html).
+The recommended API documentation style are specified by two official resources:
+1. The rustdoc book: [How to write documentation](https://doc.rust-lang.org/rustdoc/how-to-write-documentation.html);
+2. The Rust RFC book: [API Documentation Conventions](https://rust-lang.github.io/rfcs/1574-more-api-documentation-conventions.html#appendix-a-full-conventions-text).
 
 ## Lint Guidelines
 

docs/src/kernel/linux-compatibility.md

@@ -1,378 +0,0 @@
-# Linux Compatibility
-
-> "We don't break user space."
->
-> --- Linus Torvalds
-
-Asterinas is dedicated to maintaining compatibility with the Linux ABI,
-ensuring that applications and administrative tools
-designed for Linux can seamlessly operate within Asterinas.
-While we prioritize compatibility,
-it is important to note that Asterinas does not,
-nor will it in the future,
-support the loading of Linux kernel modules.
-
-## System Calls
-
-At the time of writing,
-Asterinas implements 214 out of the 336 system calls
-provided by Linux on x86-64 architecture.
-
-| Numbers | Names            | Is Implemented  |
-| ------- | ---------------- | --------------- |
-| 0       | read             | ✅              |
-| 1       | write            | ✅              |
-| 2       | open             | ✅              |
-| 3       | close            | ✅              |
-| 4       | stat             | ✅              |
-| 5       | fstat            | ✅              |
-| 6       | lstat            | ✅              |
-| 7       | poll             | ✅              |
-| 8       | lseek            | ✅              |
-| 9       | mmap             | ✅              |
-| 10      | mprotect         | ✅              |
-| 11      | munmap           | ✅              |
-| 12      | brk              | ✅              |
-| 13      | rt_sigaction     | ✅              |
-| 14      | rt_sigprocmask   | ✅              |
-| 15      | rt_sigreturn     | ✅              |
-| 16      | ioctl            | ✅              |
-| 17      | pread64          | ✅              |
-| 18      | pwrite64         | ✅              |
-| 19      | readv            | ✅              |
-| 20      | writev           | ✅              |
-| 21      | access           | ✅              |
-| 22      | pipe             | ✅              |
-| 23      | select           | ✅              |
-| 24      | sched_yield      | ✅              |
-| 25      | mremap           | ✅              |
-| 26      | msync            | ✅              |
-| 27      | mincore          | ❌              |
-| 28      | madvise          | ✅              |
-| 29      | shmget           | ❌              |
-| 30      | shmat            | ❌              |
-| 31      | shmctl           | ❌              |
-| 32      | dup              | ✅              |
-| 33      | dup2             | ✅              |
-| 34      | pause            | ✅              |
-| 35      | nanosleep        | ✅              |
-| 36      | getitimer        | ✅              |
-| 37      | alarm            | ✅              |
-| 38      | setitimer        | ✅              |
-| 39      | getpid           | ✅              |
-| 40      | sendfile         | ✅              |
-| 41      | socket           | ✅              |
-| 42      | connect          | ✅              |
-| 43      | accept           | ✅              |
-| 44      | sendto           | ✅              |
-| 45      | recvfrom         | ✅              |
-| 46      | sendmsg          | ✅              |
-| 47      | recvmsg          | ✅              |
-| 48      | shutdown         | ✅              |
-| 49      | bind             | ✅              |
-| 50      | listen           | ✅              |
-| 51      | getsockname      | ✅              |
-| 52      | getpeername      | ✅              |
-| 53      | socketpair       | ✅              |
-| 54      | setsockopt       | ✅              |
-| 55      | getsockopt       | ✅              |
-| 56      | clone            | ✅              |
-| 57      | fork             | ✅              |
-| 58      | vfork            | ❌              |
-| 59      | execve           | ✅              |
-| 60      | exit             | ✅              |
-| 61      | wait4            | ✅              |
-| 62      | kill             | ✅              |
-| 63      | uname            | ✅              |
-| 64      | semget           | ✅              |
-| 65      | semop            | ✅              |
-| 66      | semctl           | ✅              |
-| 67      | shmdt            | ❌              |
-| 68      | msgget           | ❌              |
-| 69      | msgsnd           | ❌              |
-| 70      | msgrcv           | ❌              |
-| 71      | msgctl           | ❌              |
-| 72      | fcntl            | ✅              |
-| 73      | flock            | ✅              |
-| 74      | fsync            | ✅              |
-| 75      | fdatasync        | ✅              |
-| 76      | truncate         | ✅              |
-| 77      | ftruncate        | ✅              |
-| 78      | getdents         | ✅              |
-| 79      | getcwd           | ✅              |
-| 80      | chdir            | ✅              |
-| 81      | fchdir           | ✅              |
-| 82      | rename           | ✅              |
-| 83      | mkdir            | ✅              |
-| 84      | rmdir            | ✅              |
-| 85      | creat            | ✅              |
-| 86      | link             | ✅              |
-| 87      | unlink           | ✅              |
-| 88      | symlink          | ✅              |
-| 89      | readlink         | ✅              |
-| 90      | chmod            | ✅              |
-| 91      | fchmod           | ✅              |
-| 92      | chown            | ✅              |
-| 93      | fchown           | ✅              |
-| 94      | lchown           | ✅              |
-| 95      | umask            | ✅              |
-| 96      | gettimeofday     | ✅              |
-| 97      | getrlimit        | ✅              |
-| 98      | getrusage        | ✅              |
-| 99      | sysinfo          | ✅              |
-| 100     | times            | ❌              |
-| 101     | ptrace           | ❌              |
-| 102     | getuid           | ✅              |
-| 103     | syslog           | ❌              |
-| 104     | getgid           | ✅              |
-| 105     | setuid           | ✅              |
-| 106     | setgid           | ✅              |
-| 107     | geteuid          | ✅              |
-| 108     | getegid          | ✅              |
-| 109     | setpgid          | ✅              |
-| 110     | getppid          | ✅              |
-| 111     | getpgrp          | ✅              |
-| 112     | setsid           | ✅              |
-| 113     | setreuid         | ✅              |
-| 114     | setregid         | ✅              |
-| 115     | getgroups        | ✅              |
-| 116     | setgroups        | ✅              |
-| 117     | setresuid        | ✅              |
-| 118     | getresuid        | ✅              |
-| 119     | setresgid        | ✅              |
-| 120     | getresgid        | ✅              |
-| 121     | getpgid          | ✅              |
-| 122     | setfsuid         | ✅              |
-| 123     | setfsgid         | ✅              |
-| 124     | getsid           | ✅              |
-| 125     | capget           | ✅              |
-| 126     | capset           | ✅              |
-| 127     | rt_sigpending    | ✅              |
-| 128     | rt_sigtimedwait  | ❌              |
-| 129     | rt_sigqueueinfo  | ❌              |
-| 130     | rt_sigsuspend    | ✅              |
-| 131     | sigaltstack      | ✅              |
-| 132     | utime            | ✅              |
-| 133     | mknod            | ✅              |
-| 134     | uselib           | ❌              |
-| 135     | personality      | ❌              |
-| 136     | ustat            | ❌              |
-| 137     | statfs           | ✅              |
-| 138     | fstatfs          | ✅              |
-| 139     | sysfs            | ❌              |
-| 140     | getpriority      | ✅              |
-| 141     | setpriority      | ✅              |
-| 142     | sched_setparam   | ✅              |
-| 143     | sched_getparam   | ✅              |
-| 144     | sched_setscheduler | ✅            |
-| 145     | sched_getscheduler | ✅            |
-| 146     | sched_get_priority_max | ✅        |
-| 147     | sched_get_priority_min | ✅        |
-| 148     | sched_rr_get_interval | ❌         |
-| 149     | mlock            | ❌              |
-| 150     | munlock          | ❌              |
-| 151     | mlockall         | ❌              |
-| 152     | munlockall       | ❌              |
-| 153     | vhangup          | ❌              |
-| 154     | modify_ldt       | ❌              |
-| 155     | pivot_root       | ❌              |
-| 156     | _sysctl          | ❌              |
-| 157     | prctl            | ✅              |
-| 158     | arch_prctl       | ✅              |
-| 159     | adjtimex         | ❌              |
-| 160     | setrlimit        | ✅              |
-| 161     | chroot           | ✅              |
-| 162     | sync             | ✅              |
-| 163     | acct             | ❌              |
-| 164     | settimeofday     | ❌              |
-| 165     | mount            | ✅              |
-| 166     | umount2          | ✅              |
-| 167     | swapon           | ❌              |
-| 168     | swapoff          | ❌              |
-| 169     | reboot           | ❌              |
-| 170     | sethostname      | ❌              |
-| 171     | setdomainname    | ❌              |
-| 172     | iopl             | ❌              |
-| 173     | ioperm           | ❌              |
-| 174     | create_module    | ❌              |
-| 175     | init_module      | ❌              |
-| 176     | delete_module    | ❌              |
-| 177     | get_kernel_syms  | ❌              |
-| 178     | query_module     | ❌              |
-| 179     | quotactl         | ❌              |
-| 180     | nfsservctl       | ❌              |
-| 181     | getpmsg          | ❌              |
-| 182     | putpmsg          | ❌              |
-| 183     | afs_syscall      | ❌              |
-| 184     | tuxcall          | ❌              |
-| 185     | security         | ❌              |
-| 186     | gettid           | ✅              |
-| 187     | readahead        | ❌              |
-| 188     | setxattr         | ✅              |
-| 189     | lsetxattr        | ✅              |
-| 190     | fsetxattr        | ✅              |
-| 191     | getxattr         | ✅              |
-| 192     | lgetxattr        | ✅              |
-| 193     | fgetxattr        | ✅              |
-| 194     | listxattr        | ✅              |
-| 195     | llistxattr       | ✅              |
-| 196     | flistxattr       | ✅              |
-| 197     | removexattr      | ✅              |
-| 198     | lremovexattr     | ✅              |
-| 199     | fremovexattr     | ✅              |
-| 200     | tkill            | ❌              |
-| 201     | time             | ✅              |
-| 202     | futex            | ✅              |
-| 203     | sched_setaffinity | ✅             |
-| 204     | sched_getaffinity | ✅             |
-| 205     | set_thread_area  | ❌              |
-| 206     | io_setup         | ❌              |
-| 207     | io_destroy       | ❌              |
-| 208     | io_getevents     | ❌              |
-| 209     | io_submit        | ❌              |
-| 210     | io_cancel        | ❌              |
-| 211     | get_thread_area  | ❌              |
-| 212     | lookup_dcookie   | ❌              |
-| 213     | epoll_create     | ✅              |
-| 214     | epoll_ctl_old    | ❌              |
-| 215     | epoll_wait_old   | ❌              |
-| 216     | remap_file_pages | ❌              |
-| 217     | getdents64       | ✅              |
-| 218     | set_tid_address  | ✅              |
-| 219     | restart_syscall  | ❌              |
-| 220     | semtimedop       | ✅              |
-| 221     | fadvise64        | ❌              |
-| 222     | timer_create     | ✅              |
-| 223     | timer_settime    | ✅              |
-| 224     | timer_gettime    | ✅              |
-| 225     | timer_getoverrun | ❌              |
-| 226     | timer_delete     | ✅              |
-| 227     | clock_settime    | ❌              |
-| 228     | clock_gettime    | ✅              |
-| 229     | clock_getres     | ❌              |
-| 230     | clock_nanosleep  | ✅              |
-| 231     | exit_group       | ✅              |
-| 232     | epoll_wait       | ✅              |
-| 233     | epoll_ctl        | ✅              |
-| 234     | tgkill           | ✅              |
-| 235     | utimes           | ✅              |
-| 236     | vserver          | ❌              |
-| 237     | mbind            | ❌              |
-| 238     | set_mempolicy    | ❌              |
-| 239     | get_mempolicy    | ❌              |
-| 240     | mq_open          | ❌              |
-| 241     | mq_unlink        | ❌              |
-| 242     | mq_timedsend     | ❌              |
-| 243     | mq_timedreceive  | ❌              |
-| 244     | mq_notify        | ❌              |
-| 245     | mq_getsetattr    | ❌              |
-| 246     | kexec_load       | ❌              |
-| 247     | waitid           | ✅              |
-| 248     | add_key          | ❌              |
-| 249     | request_key      | ❌              |
-| 250     | keyctl           | ❌              |
-| 251     | ioprio_set       | ❌              |
-| 252     | ioprio_get       | ❌              |
-| 253     | inotify_init     | ❌              |
-| 254     | inotify_add_watch | ❌             |
-| 255     | inotify_rm_watch | ❌              |
-| 256     | migrate_pages    | ❌              |
-| 257     | openat           | ✅              |
-| 258     | mkdirat          | ✅              |
-| 259     | mknodat          | ✅              |
-| 260     | fchownat         | ✅              |
-| 261     | futimesat        | ✅              |
-| 262     | newfstatat       | ✅              |
-| 263     | unlinkat         | ✅              |
-| 264     | renameat         | ✅              |
-| 265     | linkat           | ✅              |
-| 266     | symlinkat        | ✅              |
-| 267     | readlinkat       | ✅              |
-| 268     | fchmodat         | ✅              |
-| 269     | faccessat        | ✅              |
-| 270     | pselect6         | ✅              |
-| 271     | ppoll            | ✅              |
-| 272     | unshare          | ❌              |
-| 273     | set_robust_list  | ✅              |
-| 274     | get_robust_list  | ❌              |
-| 275     | splice           | ❌              |
-| 276     | tee              | ❌              |
-| 277     | sync_file_range  | ❌              |
-| 278     | vmsplice         | ❌              |
-| 279     | move_pages       | ❌              |
-| 280     | utimensat        | ✅              |
-| 281     | epoll_pwait      | ✅              |
-| 282     | signalfd         | ✅              |
-| 283     | timerfd_create   | ✅              |
-| 284     | eventfd          | ✅              |
-| 285     | fallocate        | ✅              |
-| 286     | timerfd_settime  | ✅              |
-| 287     | timerfd_gettime  | ✅              |
-| 288     | accept4          | ✅              |
-| 289     | signalfd4        | ✅              |
-| 290     | eventfd2         | ✅              |
-| 291     | epoll_create1    | ✅              |
-| 292     | dup3             | ✅              |
-| 293     | pipe2            | ✅              |
-| 294     | inotify_init1    | ❌              |
-| 295     | preadv           | ✅              |
-| 296     | pwritev          | ✅              |
-| 297     | rt_tgsigqueueinfo | ❌             |
-| 298     | perf_event_open  | ❌              |
-| 299     | recvmmsg         | ❌              |
-| 300     | fanotify_init    | ❌              |
-| 301     | fanotify_mark    | ❌              |
-| 302	  | prlimit64        | ✅              |
-| 303	  | name_to_handle_at | ❌              |
-| 304	  | open_by_handle_at | ❌              |
-| 305	  | clock_adjtime    | ❌              |
-| 306	  | syncfs           | ❌              |
-| 307	  | sendmmsg         | ❌              |
-| 308	  | setns            | ❌              |
-| 309	  | getcpu	         | ✅              |
-| 310	  | process_vm_readv | ❌              |
-| 311	  | process_vm_writev | ❌              |
-| 312	  | kcmp             | ❌              |
-| 313	  | finit_module     | ❌              |
-| 314	  | sched_setattr    | ✅              |
-| 315	  | sched_getattr    | ✅              |
-| 318	  | getrandom        | ✅              |
-| 322	  | execveat         | ✅              |
-| 327	  | preadv2          | ✅              |
-| 328	  | pwritev2         | ✅              |
-| 332     | statx            | ✅              |
-| 435	  | clone3           | ✅              |
-| 436	  | close_range      | ✅              |
-| 439     | faccessat2       | ✅              |
-| 441     | epoll_pwait2     | ✅              |
-
-## File Systems
-
-Here is the list of supported file systems:
-* Devfs
-* Devpts
-* Ext2
-* Procfs
-* Ramfs
-
-## Sockets
-
-Here is the list of supported socket types:
-* TCP sockets over IPv4
-* UDP sockets over IPv4
-* Unix sockets
-
-## vDSO
-
-Here is the list of supported symbols in vDSO:
-* `__vdso_clock_gettime`
-* `__vdso_gettimeofday`
-* `__vdso_time`
-
-## Boot Protocols
-
-Here is the list of supported boot protocols:
-* [Multiboot](https://www.gnu.org/software/grub/manual/multiboot/multiboot.html)
-* [Multiboot2](https://www.gnu.org/software/grub/manual/multiboot2/multiboot.html)
-* [Linux 32-bit boot protocol](https://www.kernel.org/doc/html/v5.4/x86/boot.html#bit-boot-protocol)
-* [Linux EFI handover](https://www.kernel.org/doc/html/v5.4/x86/boot.html#efi-handover-protocol)

docs/src/rfcs/0001-rfc-process.md

@@ -1 +0,0 @@
-# RFC-0001: RFC Process

docs/src/rfcs/0002-osdk.md

@@ -1 +0,0 @@
-# RFC-0002: Operating System Development Kit (OSDK)

docs/src/rfcs/README.md

@@ -1 +0,0 @@
-# RFC Process

kernel/Cargo.toml

@@ -19,8 +19,10 @@ aster-time = { path = "comps/time" }
 aster-virtio = { path = "comps/virtio" }
 aster-rights = { path = "libs/aster-rights" }
 aster-systree = { path = "comps/systree" }
+aster-keyboard = { path = "comps/keyboard" }
 component = { path = "libs/comp-sys/component" }
 controlled = { path = "libs/comp-sys/controlled" }
+logo-ascii-art = { path = "libs/logo-ascii-art" }
 osdk-frame-allocator = { path = "../osdk/deps/frame-allocator" }
 osdk-heap-allocator = { path = "../osdk/deps/heap-allocator" }
 ostd = { path = "../ostd" }
@@ -32,6 +34,7 @@ aster-bigtcp = { path = "libs/aster-bigtcp" }
 atomic-integer-wrapper = { path = "libs/atomic-integer-wrapper" }
 id-alloc = { path = "../ostd/libs/id-alloc" }
 int-to-c-enum = { path = "libs/int-to-c-enum" }
+jhash = { path = "libs/jhash" }
 cpio-decoder = { path = "libs/cpio-decoder" }
 xarray = { path = "libs/xarray" }
 intrusive-collections = "0.9.5"
@@ -67,12 +70,16 @@ fixed = "1.28.0"
 [target.x86_64-unknown-none.dependencies]
 tdx-guest = { version = "0.2.1", optional = true }
 
-[target.riscv64gc-unknown-none-elf.dependencies]
+[target.riscv64imac-unknown-none-elf.dependencies]
 riscv = { version = "0.11.1", features = ["s-mode"] }
 
+[target.loongarch64-unknown-none-softfloat.dependencies]
+loongArch64 = "0.2.5"
+
 [features]
 all = ["cvm_guest"]
 cvm_guest = ["dep:tdx-guest", "ostd/cvm_guest", "aster-virtio/cvm_guest"]
+coverage = ["ostd/coverage"]
 
 [lints]
 workspace = true

kernel/comps/block/Cargo.toml

@@ -10,6 +10,7 @@ spin = "0.9.4"
 ostd = { path = "../../../ostd" }
 align_ext = { path = "../../../ostd/libs/align_ext" }
 int-to-c-enum = { path = "../../libs/int-to-c-enum" }
+aster-util = { path = "../../libs/aster-util" }
 component = { path = "../../libs/comp-sys/component" }
 log = "0.4"
 bitvec = { version = "1.0.1", default-features = false, features = ["alloc"] }

kernel/comps/block/src/bio.rs

@@ -1,12 +1,14 @@
 // SPDX-License-Identifier: MPL-2.0
 
 use align_ext::AlignExt;
+use aster_util::mem_obj_slice::Slice;
 use bitvec::array::BitArray;
 use int_to_c_enum::TryFromInt;
 use ostd::{
     mm::{
-        DmaDirection, DmaStream, DmaStreamSlice, FrameAllocOptions, Infallible, USegment, VmIo,
-        VmReader, VmWriter,
+        io_util::{HasVmReaderWriter, VmReaderWriterResult},
+        DmaDirection, DmaStream, FrameAllocOptions, HasSize, Infallible, USegment, VmReader,
+        VmWriter,
     },
     sync::{SpinLock, WaitQueue},
     Error,
@@ -374,10 +376,10 @@ pub struct BioSegment {
 
 /// The inner part of `BioSegment`.
 // TODO: Decouple `BioSegmentInner` with DMA-related buffers.
-#[derive(Debug, Clone)]
+#[derive(Debug)]
 struct BioSegmentInner {
     /// Internal DMA slice.
-    dma_slice: DmaStreamSlice<DmaStream>,
+    dma_slice: Slice<Arc<DmaStream>>,
     /// Whether the segment is allocated from the pool.
     from_pool: bool,
 }
@@ -391,7 +393,7 @@ pub enum BioDirection {
     ToDevice,
 }
 
-impl<'a> BioSegment {
+impl BioSegment {
     /// Allocates a new `BioSegment` with the wanted blocks count and
     /// the bio direction.
     pub fn alloc(nblocks: usize, direction: BioDirection) -> Self {
@@ -415,16 +417,17 @@ impl<'a> BioSegment {
         len: usize,
         direction: BioDirection,
     ) -> Self {
+        let offset = offset_within_first_block;
         assert!(
-            is_sector_aligned(offset_within_first_block)
-                && offset_within_first_block < BLOCK_SIZE
+            is_sector_aligned(offset)
+                && offset < BLOCK_SIZE
                 && is_sector_aligned(len)
-                && offset_within_first_block + len <= nblocks * BLOCK_SIZE
+                && offset + len <= nblocks * BLOCK_SIZE
         );
 
         // The target segment is whether from the pool or newly-allocated
         let bio_segment_inner = target_pool(direction)
-            .and_then(|pool| pool.alloc(nblocks, offset_within_first_block, len))
+            .and_then(|pool| pool.alloc(nblocks, offset, len))
             .unwrap_or_else(|| {
                 let segment = FrameAllocOptions::new()
                     .zeroed(false)
@@ -432,7 +435,7 @@ impl<'a> BioSegment {
                     .unwrap();
                 let dma_stream = DmaStream::map(segment.into(), direction.into(), false).unwrap();
                 BioSegmentInner {
-                    dma_slice: DmaStreamSlice::new(dma_stream, offset_within_first_block, len),
+                    dma_slice: Slice::new(Arc::new(dma_stream), offset..offset + len),
                     from_pool: false,
                 }
             });
@@ -448,7 +451,7 @@ impl<'a> BioSegment {
         let dma_stream = DmaStream::map(segment, direction.into(), false).unwrap();
         Self {
             inner: Arc::new(BioSegmentInner {
-                dma_slice: DmaStreamSlice::new(dma_stream, 0, len),
+                dma_slice: Slice::new(Arc::new(dma_stream), 0..len),
                 from_pool: false,
             }),
         }
@@ -456,7 +459,7 @@ impl<'a> BioSegment {
 
     /// Returns the number of bytes.
     pub fn nbytes(&self) -> usize {
-        self.inner.dma_slice.nbytes()
+        self.inner.dma_slice.size()
     }
 
     /// Returns the number of sectors.
@@ -471,41 +474,33 @@ impl<'a> BioSegment {
 
     /// Returns the offset (in bytes) within the first block.
     pub fn offset_within_first_block(&self) -> usize {
-        self.inner.dma_slice.offset() % BLOCK_SIZE
+        self.inner.dma_slice.offset().start % BLOCK_SIZE
     }
 
     /// Returns the inner DMA slice.
-    pub fn inner_dma_slice(&self) -> &DmaStreamSlice<DmaStream> {
+    pub fn inner_dma_slice(&self) -> &Slice<Arc<DmaStream>> {
         &self.inner.dma_slice
     }
 
     /// Returns the inner VM segment.
     #[cfg(ktest)]
     pub fn inner_segment(&self) -> &USegment {
-        self.inner.dma_slice.stream().segment()
+        self.inner.dma_slice.mem_obj().segment()
+    }
 }
 
-    /// Returns a reader to read data from it.
-    pub fn reader(&'a self) -> Result<VmReader<'a, Infallible>, Error> {
+impl HasVmReaderWriter for BioSegment {
+    type Types = VmReaderWriterResult;
+
+    fn reader(&self) -> Result<VmReader<'_, Infallible>, Error> {
         self.inner.dma_slice.reader()
     }
 
-    /// Returns a writer to write data into it.
-    pub fn writer(&'a self) -> Result<VmWriter<'a, Infallible>, Error> {
+    fn writer(&self) -> Result<VmWriter<'_, Infallible>, Error> {
         self.inner.dma_slice.writer()
     }
 }
 
-impl VmIo for BioSegment {
-    fn read(&self, offset: usize, writer: &mut VmWriter) -> Result<(), Error> {
-        self.inner.dma_slice.read(offset, writer)
-    }
-
-    fn write(&self, offset: usize, reader: &mut VmReader) -> Result<(), Error> {
-        self.inner.dma_slice.write(offset, reader)
-    }
-}
-
 // The timing for free the segment to the pool.
 impl Drop for BioSegmentInner {
     fn drop(&mut self) {
@@ -521,7 +516,7 @@ impl Drop for BioSegmentInner {
 impl BioSegmentInner {
     /// Returns the bio direction.
     fn direction(&self) -> BioDirection {
-        match self.dma_slice.stream().direction() {
+        match self.dma_slice.mem_obj().direction() {
             DmaDirection::FromDevice => BioDirection::FromDevice,
             DmaDirection::ToDevice => BioDirection::ToDevice,
             _ => unreachable!(),
@@ -536,7 +531,7 @@ impl BioSegmentInner {
 /// the `DmaStream`.
 // TODO: Use a more advanced allocation algorithm to replace the naive one to improve efficiency.
 struct BioSegmentPool {
-    pool: DmaStream,
+    pool: Arc<DmaStream>,
     total_blocks: usize,
     direction: BioDirection,
     manager: SpinLock<PoolSlotManager>,
@@ -572,7 +567,7 @@ impl BioSegmentPool {
         });
 
         Self {
-            pool,
+            pool: Arc::new(pool),
             total_blocks,
             direction,
             manager,
@@ -634,11 +629,10 @@ impl BioSegmentPool {
             .map(|pos| end + pos)
             .unwrap_or(self.total_blocks);
 
-        let dma_slice = DmaStreamSlice::new(
-            self.pool.clone(),
-            start * BLOCK_SIZE + offset_within_first_block,
-            len,
-        );
+        let dma_slice = {
+            let offset = start * BLOCK_SIZE + offset_within_first_block;
+            Slice::new(self.pool.clone(), offset..offset + len)
+        };
         let bio_segment = BioSegmentInner {
             dma_slice,
             from_pool: true,
@@ -658,8 +652,8 @@ impl BioSegmentPool {
         assert!(bio_segment.from_pool && bio_segment.direction() == self.direction);
         let (start, end) = {
             let dma_slice = &bio_segment.dma_slice;
-            let start = dma_slice.offset().align_down(BLOCK_SIZE) / BLOCK_SIZE;
-            let end = (dma_slice.offset() + dma_slice.nbytes()).align_up(BLOCK_SIZE) / BLOCK_SIZE;
+            let start = dma_slice.offset().start.align_down(BLOCK_SIZE) / BLOCK_SIZE;
+            let end = dma_slice.offset().end.align_up(BLOCK_SIZE) / BLOCK_SIZE;
 
             if end <= start || end > self.total_blocks {
                 return;

kernel/comps/block/src/lib.rs

@@ -28,7 +28,6 @@
 //!
 #![no_std]
 #![deny(unsafe_code)]
-#![feature(fn_traits)]
 #![feature(step_trait)]
 #![feature(trait_upcasting)]
 

kernel/comps/console/Cargo.toml

@@ -6,9 +6,10 @@ edition = "2021"
 # See more keys and their definitions at https://doc.rust-lang.org/cargo/reference/manifest.html
 
 [dependencies]
-spin = "0.9.4"
 ostd = { path = "../../../ostd" }
 component = { path = "../../libs/comp-sys/component" }
+spin = "0.9.4"
+font8x8 = { version = "0.2.5", default-features = false, features = [ "unicode" ] }
 
 [lints]
 workspace = true