Expand description
Primitive P1: the single syscall trap boundary.
M0 scaffold (see .local-docs/specs/agent-os-three-primitives.md): types + conversions
only — no wiring, no behavior change. A later milestone (M2) generalizes
crate::governance::pipeline so its request becomes Syscall and its result becomes
Disposition, and routes spawn / page-in / write-memory through the same gate (today they
bypass governance entirely).
Concept overlap this primitive collapses: the two parallel decision vocabularies
(crate::types::policy::GovernanceVerdict and SignalDisposition). Tool/spawn/memory
decisions converge on Disposition; signals feed the P2 scheduler instead.
Enums§
- Disposition
- The kernel’s adjudication of a
Syscall. GeneralizesGovernanceVerdict:AskUserbecomesDisposition::Gate(suspend the calling task via the P2 TCB), which is where this primitive meets P2. - Syscall
- An effectful request from the SDK that the kernel must adjudicate.