Beyond Linux: The New Kernels Rising from the Ashes of Open-Source Conflicts

The world of Linux and its surrounding ecosystem is experiencing turbulent times. Developers are divided over how to integrate Rust into the kernel, key contributors are departing, and core subsystems are being handed over to external maintainers. Against this backdrop of conflict, renewed discussions about potential forks have emerged. Yet the reality is more nuanced—alongside Linux, an entire layer of alternative operating systems is maturing, each pursuing its own path and showcasing distinct approaches to kernel architecture, security, and compatibility.

The Rust saga has proven particularly painful for the kernel community. The prospect of using this language in low-level components opened new horizons, but also ignited fierce debate. Vedson Almeida Filho, the lead maintainer of Kernel Rust, stepped down from his role. Shortly thereafter, Hector Martin, head of the Asahi Linux project responsible for porting the kernel to Apple Silicon, also departed. Following him, other pivotal figures withdrew, including Asahi Lina, the GPU driver developer, and later Alyssa Rosenzweig, another key contributor to the graphics stack. Rosenzweig has since joined Intel, where many hope her expertise will accelerate the development of open-source drivers for the company’s modern GPUs. Meanwhile, the decade-long effort to integrate the bcachefs filesystem ended in disappointment—it was moved to external maintenance rather than accepted into the mainline kernel.

These departures and disputes raise a pressing question: where will talented contributors go once they tire of the constant struggles within Linux? The answer lies in projects that build entirely new kernels and operating systems from the ground up. Though some may appear academic in nature, their maturity and feature sets are becoming increasingly compelling.

One such project is Managarm, now in its sixth year, though its description still reads like science fiction. It is a microkernel-based operating system where asynchrony permeates every layer, yet it supports a wide array of Linux applications. Architectures include x86-64, Arm64, and a rapidly advancing RISC-V port. Features already implemented include multiprocessor support, ACPI, AHCI and NVMe storage, IPv4 networking, Intel and QEMU virtualization, Wayland and X11 display servers, hundreds of GNU utilities, and even games like Doom. Written in C++ and fully hosted on GitHub, the system boasts extensive documentation in the Managarm Handbook. Despite its research origins, the project’s functionality and compatibility with existing applications make it an exceptional presence among microkernel initiatives.

Asterinas follows a different path. While it, too, can execute Linux applications, its kernel design is wholly unique. Written in Rust, it is built on the framekernel concept, described in the paper Framekernel: A Safe and Efficient Kernel Architecture via Rust-based Intra-kernel Privilege Separation. Unlike traditional microkernels, which rely on hardware privilege levels, the framekernel leverages Rust’s intrinsic safety guarantees. As a result, only a minimal portion of the kernel may run unsafe code, while all other services must be implemented in Rust’s safe subset. This architecture echoes earlier academic experiments—such as RedLeaf OS, SPIN (in Modula-3), and HOUSE (in Haskell)—but Rust provides a far more practical foundation. Asterinas already offers solid documentation and has attracted significant attention, as the Rust language itself has become a central theme in the IT industry.

A third initiative combines elements of both approaches: Xous, a Rust-based microkernel that deliberately avoids Linux compatibility. Its ambition is different: to create a secure computing platform with its own applications and hardware. The project is led by renowned hardware researcher Andrew “Bunnie” Huang, whose team tied Xous to the Betrusted initiative. Their work produced Precursor, a handheld computer with a screen and battery designed for secure storage of digital identities. Precursor runs the Vault application, which unifies management of U2F/FIDO2, TOTP, and traditional passwords. Like a YubiKey, it can authenticate users when connected to a PC—but with one critical distinction: the display shows exactly which service is being unlocked. The ecosystem also includes the Plausibly Deniable DataBase (PDDB), a storage system designed with deniability in mind, underscoring the developers’ deep commitment to privacy. Comprehensive documentation is provided through the Xous Book and Betrusted’s wiki, detailing architecture and use cases.

These systems remain niche, yet they demonstrate the breadth of innovation taking place outside the traditional Linux community. Even if many experienced developers never return to kernel work, their knowledge and vision live on in projects like Managarm, Asterinas, and Xous. These initiatives not only propose novel solutions but also repurpose the vast ecosystem of tools surrounding Linux, preserving continuity while opening new frontiers for operating system design.

Support Our Threat Intelligence

If you find our technology report and cybersecurity news helpful, consider supporting our work.

Buy Me a Coffee PayPal Crypto

USDT (TRC20):

TN8BdV8cp4T1Cd28gK9qTAnZknzzuwyUtm Copy

USDT (ERC20):

0x3725e1a7d3bc5765499fa6aaafe307fabcd75bce Copy