#!/bin/rc
# build.rc — rebuild libsec, its userspace consumers, and the kernel
# after applying tls-modern-client.
#
# rc build.rc # rebuild everything (default)
# rc build.rc userspace # libsec + hget + webfs + tlsclient only
# rc build.rc kernel # 9pcf or 9k10f kernel only
#
# Run as a user with write access to /sys and /$cputype. Most patches
# touch userspace only; tls-aead-record-layer and the devtls hunks of
# tls-ecdsa-and-chain-integration also modify the in-kernel TLS driver
# and require a kernel rebuild + reboot.
#
# After the kernel build, fshalt -r and boot the fresh /$cputype/9*.
mode=$1
if(~ $#mode 0)
mode=all
echo 'building for objtype='^$objtype^' mode='^$mode
if(~ $mode userspace all){
echo
echo '=== mk libsec ==='
cd /sys/src/libsec
mk clean >[2]/dev/null
mk all || exit 'libsec: mk failed'
mk install || exit 'libsec: mk install failed'
echo
echo '=== mk webfs ==='
cd /sys/src/cmd/webfs
mk clean >[2]/dev/null
mk all || echo 'warn: webfs: mk failed' >[1=2]
mk install || echo 'warn: webfs: mk install failed' >[1=2]
echo
echo '=== mk hget, tlsclient ==='
cd /sys/src/cmd
# On 9legacy both sources live directly in /sys/src/cmd and the
# top-level mkfile knows about them. mk <prog>.install compiles
# with the correct $cputype-matched compiler/linker.
#
# Plan 9 mk does not track /$objtype/lib/libsec.a as a dependency
# of <prog>.install, so after a libsec rebuild `mk hget.install`
# reports "up to date" and never relinks. Delete intermediates to
# force the link. Pattern *.hget covers 6.hget / 8.hget / v.hget.
rm -f hget.[568qv] [568qv].hget tlsclient.[568qv] [568qv].tlsclient
for(t in hget.install tlsclient.install){
mk $t || echo 'warn: '^$t^' failed' >[1=2]
}
}
if(~ $mode kernel all){
echo
echo '=== mk kernel ==='
# Pick the config matching your booted kernel. Edit if yours differs.
if(~ $objtype 386){
cd /sys/src/9/pc
kconf=pcf
}
if(~ $objtype amd64){
cd /sys/src/9k/k10
kconf=k10f
}
if(! ~ $objtype 386 amd64){
echo 'unknown objtype for kernel build: '^$objtype >[1=2]
exit 'kernel: unknown arch'
}
mk clean >[2]/dev/null
mk 'CONF='^$kconf || exit 'kernel: mk failed'
mk 'CONF='^$kconf install || exit 'kernel: mk install failed'
# `mk install` writes the new kernel to /$objtype/ on fossil, but
# the 9load bootloader reads from the DOS FAT 9fat partition per
# plan9.ini's `bootfile=sdC0!9fat!9<CONF>`. Without an explicit
# copy the next cold boot still loads the stale pre-patch kernel.
# Copy the freshly built kernel into 9fat so fshalt -r or cold
# boot picks it up.
echo
echo '=== copy kernel to 9fat partition ==='
# auto-detect installed disk from plan9.ini's bootfile=sdXX!9fat!9<CONF>
kdisk=`{cat /env/bootfile | sed 's/!.*//'}
if(~ $#kdisk 0) kdisk=sdC0 # fallback if bootfile unavailable
if(test -f /dev/$kdisk/9fat){
if(! test -e /srv/9fatbuild){
dossrv -f /dev/$kdisk/9fat 9fatbuild
}
mkdir -p /n/9fatbuild
unmount /n/9fatbuild >[2]/dev/null
mount /srv/9fatbuild /n/9fatbuild || exit 'mount 9fat failed'
cp /$objtype/9^$kconf /n/9fatbuild/9^$kconf \
|| echo 'warn: 9fat kernel copy failed' >[1=2]
unmount /n/9fatbuild
rm -f /srv/9fatbuild
echo 'updated /9fat/9'^$kconf^' on '$kdisk
}
if not {
echo 'warn: no /dev/'^$kdisk^'/9fat found; 9fat kernel copy skipped.' >[1=2]
echo ' bootloader will keep loading the stale kernel — update' >[1=2]
echo ' plan9.ini or manually cp /'^$objtype^'/9'^$kconf^' to your 9fat.' >[1=2]
}
}
echo
echo '=== build complete ==='
switch($mode){
case userspace
echo 'userspace rebuilt. If a devtls patch (tls-aead-record-layer'
echo 'or tls-ecdsa-and-chain-integration) was applied, also run'
echo '`rc '^$0^' kernel` and reboot before retrying HTTPS.'
case kernel
echo 'kernel installed. fshalt -r and boot the new image.'
case all
echo 'userspace + kernel installed. fshalt -r and boot the new image.'
}
|
