Codezero Microkernel v0.2 Released

I would like to announce that Codezero Microkernel v0.2 has been released.

On this release, the microkernel is now fully capability checked, and we
introduced the notion of containers to provide isolated execution
environments. Please see below for a brief description.

1.) Containers

In Codezero containers provide the architectural infrastructure for
isolation of execution environments. Each container is allocated with a
set of address spaces, threads, and any other resource that would
otherwise be globally available on the platform, such as virtual and
physical memory.

Using the simple notion of containers, it is possible to build any type
of software design hierarchy. A hierarchical client/server design, or
multi-threaded standalone applications are both possible scenarios.

2.) Capabilities

Capabilities protect all resources maintained by the kernel. Currently,
all system calls are protected by capabilities, except a few trivial
ones that have been left out. Physical and virtual memory, typed memory
pools, and inter-process communication are among other resources that
are protected by capability checking.

Capabilities build upon the foundation of containers, providing a
fine-grained security architecture, inside and among container boundaries.

We also introduced a capability control system call, by which the