The build is KOS-centric: Everything paths through
KOS’s Makefile.rules and startup chain. Without the vendored KOS at
toolchains/kos/, no compilation is possible.
CDI creation is INVALID per P0 mandate: Multiple
scripts (build-cdi.sh, fix-cdi-build.sh,
fix-cdi-build-v2.sh) address ELF segment extraction and
scrambling. The process depends on Python and exact readelf
output parsing. All produce INVALID artifacts - Use ISO
only
Release script is comprehensive but complex:
release.sh handles version management, changelog
generation, packaging, git tagging, and remote push — it effectively
automates the full SB-013 delivery flow.
Two Makefile layers: Root Makefile
orchestrates top-level (CDI P0: INVALID/ISO/run),
src/Makefile handles actual compilation. This creates a
split context where flags and paths must be kept in sync.
SHACHI and SPECTRE are optional: They degrade
gracefully via wildcard checks and conditional compilation
— the project builds without them.
Docker reproducibility: The Dockerfile
provides a clean ubuntu:22.04 environment with all
cross-compiler deps. The KOS installation step (git clone +
make) is fragile as it runs at build time.