Summary
I've built what I believe is the world's first userspace NPU (Neural Processing Unit) driver for a microkernel operating system. It targets the Intel Meteor Lake NPU (VPU 4.0, PCI ID 0x7D1D) and runs entirely in Redox OS userspace — zero kernel modifications required.
This is an interest check before submitting a merge request to the Redox ecosystem (redox-os/drivers or redox-os/cookbook).
Why This Matters for Redox
-
Validates the microkernel driver model — A real hardware driver (not a toy) running entirely via Redox schemes, proving that complex DMA-based drivers work in userspace.
-
First NPU support for any microkernel OS — No microkernel (Minix, seL4, Fuchsia, Redox) currently has an NPU driver. This opens AI/ML inference capabilities.
-
Fills an unaddressed gap — The Redox Development Priorities for 2025/26 mention GPU, WiFi, USB, and I2C, but not NPU. As AI workloads become standard, NPU support will be expected.
Architecture
+----------------------------------------------------------+
| Userspace (our driver) |
| |
| +----------+ +----------+ +-----------+ +--------+ |
| | PCI | | MMIO | | DMA | | Boot | |
| | Discovery| | BAR0 | | phys_cont.| |Sequence| |
| +----+-----+ +----+-----+ +-----+-----+ +---+----+ |
| | | | | |
| +----+--------------+--------------+-------------+---+ |
| | npu: Scheme Handler | |
| | open("npu:infer") -> write(model) -> read(result)| |
| +---------------------------------------------------------+
+---------------------------+------------------------------+
| Redox Schemes
+---------------------------+------------------------------+
| Redox Kernel |
| (ZERO modifications needed) |
+----------------------------------------------------------+
Key Design Decisions
| Decision |
Approach |
Rationale |
| DMA allocation |
memory:phys_contiguous?size=N&uncacheable |
Existing Redox scheme, no kernel changes |
| Register access |
MMIO via BAR0 fmap + volatile reads/writes |
Standard PCI BAR mapping |
| Firmware loading |
Load to DMA buffer, write phys addr to NPU registers |
Matches Linux ivpu driver flow |
| IPC protocol |
Hexspeak handshake: 0xF00D=Ready, 0xDEAD=Fatal, 0xCAFE=Nudge |
Reverse-engineered from Linux ivpu_hw_40xx.c |
| User interface |
npu: scheme (open/read/write/close) |
Native Redox "everything is a URL" philosophy |
| Command queue |
Ring buffer (256 x 64-byte descriptors) in DMA memory |
Standard hardware command submission pattern |
Files
| File |
Lines |
Purpose |
main.rs |
~240 |
Entry point, 6-phase startup orchestration |
boot.rs |
~380 |
Power-up, firmware load, doorbell handshake with nudge strategy |
dma.rs |
~390 |
DMA buffer via phys_contiguous, volatile I/O, firmware loader |
pci.rs |
~290 |
PCI bus scan, Bus Mastering, BAR0 mapping |
mmio.rs |
~170 |
Safe MMIO abstraction (volatile, fenced, bounds-checked) |
hw_mtl.rs |
~210 |
Register map (reverse-engineered from Linux ivpu driver) |
inference.rs |
~290 |
Command queue ring buffer, job submission |
scheme.rs |
~130 |
Redox npu: scheme (file-based inference API) |
status.rs |
~175 |
Health monitor, state machine, diagnostics |
Total: ~2,275 lines of Rust, with full mock mode for development on Linux/macOS/Windows.
Safety & Audit Status
The driver has been through 10 recursive security audits covering:
- Memory safety & UB analysis
- Integer overflow protection
- Hardware protocol correctness
- Resource leak prevention
- Security & attack surface
22 critical/high findings were identified and fixed, including:
- Correct doorbell trigger value (
0x80000000, bit 31)
- Clock-before-reset boot order (matching Linux ivpu driver)
- Volatile DMA reads/writes throughout
- Firmware magic byte validation
- UID authorization on
npu:infer scheme access
- Overflow-safe MMIO bounds checks (no panics -- returns
0xFFFFFFFF like PCI)
Hardware Support
| Device |
PCI ID |
Status |
| Meteor Lake NPU (VPU 4.0) |
0x7D1D |
Primary target |
| Arrow Lake NPU (VPU 4.0) |
0xAD1D |
Register map ready |
| Lunar Lake NPU (VPU 5.0) |
0x6467 |
Future |
What I'm Looking For
- Feedback on whether this fits in
redox-os/drivers or redox-os/cookbook
- Code review from the Redox community on the scheme design and DMA approach
- Guidance on the preferred directory structure and build integration
- Testing help from anyone with Meteor Lake hardware running Redox
References
- Linux ivpu driver:
drivers/accel/ivpu/
- Intel NPU firmware:
linux-firmware.git -> intel/vpu/vpu_40xx_v*.bin
- Redox
memory:phys_contiguous: used by existing Redox drivers for DMA
- Source code:
drive/ in this repository
About
This driver was developed as part of the EVA OS project -- an AI-powered virtual assistant ecosystem. The NPU driver enables on-device neural inference for speech processing, image recognition, and real-time AI tasks without relying on cloud APIs.
Feedback welcome here, on the Redox Matrix chat (#redox:matrix.org), or on the Redox GitLab (gitlab.redox-os.org).
Summary
I've built what I believe is the world's first userspace NPU (Neural Processing Unit) driver for a microkernel operating system. It targets the Intel Meteor Lake NPU (VPU 4.0, PCI ID
0x7D1D) and runs entirely in Redox OS userspace — zero kernel modifications required.This is an interest check before submitting a merge request to the Redox ecosystem (
redox-os/driversorredox-os/cookbook).Why This Matters for Redox
Validates the microkernel driver model — A real hardware driver (not a toy) running entirely via Redox schemes, proving that complex DMA-based drivers work in userspace.
First NPU support for any microkernel OS — No microkernel (Minix, seL4, Fuchsia, Redox) currently has an NPU driver. This opens AI/ML inference capabilities.
Fills an unaddressed gap — The Redox Development Priorities for 2025/26 mention GPU, WiFi, USB, and I2C, but not NPU. As AI workloads become standard, NPU support will be expected.
Architecture
Key Design Decisions
memory:phys_contiguous?size=N&uncacheablefmap+ volatile reads/writesivpudriver flow0xF00D=Ready,0xDEAD=Fatal,0xCAFE=Nudgeivpu_hw_40xx.cnpu:scheme (open/read/write/close)Files
main.rsboot.rsdma.rsphys_contiguous, volatile I/O, firmware loaderpci.rsmmio.rshw_mtl.rsinference.rsscheme.rsnpu:scheme (file-based inference API)status.rsTotal: ~2,275 lines of Rust, with full mock mode for development on Linux/macOS/Windows.
Safety & Audit Status
The driver has been through 10 recursive security audits covering:
22 critical/high findings were identified and fixed, including:
0x80000000, bit 31)npu:inferscheme access0xFFFFFFFFlike PCI)Hardware Support
0x7D1D0xAD1D0x6467What I'm Looking For
redox-os/driversorredox-os/cookbookReferences
drivers/accel/ivpu/linux-firmware.git->intel/vpu/vpu_40xx_v*.binmemory:phys_contiguous: used by existing Redox drivers for DMAdrive/in this repositoryAbout
This driver was developed as part of the EVA OS project -- an AI-powered virtual assistant ecosystem. The NPU driver enables on-device neural inference for speech processing, image recognition, and real-time AI tasks without relying on cloud APIs.
Feedback welcome here, on the Redox Matrix chat (#redox:matrix.org), or on the Redox GitLab (gitlab.redox-os.org).