This looks like a very cool project. We know that there are architectural problems with Linux that impact its security, like being written in mostly memory unsafe C and being monolithic, the corruption of something in kernel space gives full root access. Asterinas would aim to fix this problem with replacement frame kernels. From their website:
In the framekernel OS architecture, the entire OS resides in the same address space (like a monolithic kernel) and is required to be written in Rust. However, there’s a twist—the kernel is partitioned in two halves: the privileged Framework (akin to a microkernel) and the unprivileged Services. Only the privileged Framework is allowed to use unsafe features of Rust, while the unprivileged Services must be written exclusively in safe Rust.
The memory safety of the entire kernel is reduced to that of the Framework, a minimal, expressive, and rock-solid foundation. Residing in the same address space, the rest of the kernel can communicate with the Framework in the most efficient way.
Writing in Rust and limiting memory unsafe Rust to a small part of the project prevents tons of memory vulnerabilities. They also have created a general framework make frame kernels.
By maintaining compatibility with the Linux API, most Linux apps would work out of the box. Thus, you could get the architectural upgrade of a modern kernel while retaining the app ecosystem of Linux.
This concept seems very powerful. If you could get an Asterinas kernel, Nix style reproducible builds, secureblue/fedora atomic style atomic/read-only OS, you could get an incredibly powerful and fully FOSS operating system that is designed like a modern operating system.
It’s not ready for production yet, but I find this idea exciting.