Atm some targets don't have comments support enabled for iptables. There's no reason to limit that to just arm64-rockhip target, so this change addresses that.
Enable option for the netfilter NETMAP target, as it can be useful for some
users. Until now it's been enabled only for some targets as an option coming
from upstream defconfigs; make sure it's available for all targets.
Fixes#4183
Since
127c420335
change in package/systemd, this option is patched by systemd build because
userspace FW loading has never been supported with Systemd. This should have no
runtime effect, just clear the warning about disabled option.
* Update RPi kernel to 6.12.20
Update to latest stable RPi kernel and remove unnecessary 6.6.y kernel config
fragments.
* Refresh RPi and Yellow patches
Rebase all patches on 6.12.20, remove patches that are already present
upstream.
* Update Yellow device trees for 6.12.20
Upstream changes broke our downstream device trees. While the CM4 fix was
trivial, there were more changes in the CM5 device tree due to adaptation to
upstream code. To simplify future maintenance, DTS was refactored to reuse CM5
DTS include and override only what's necessary.
* Bump buildroot to update to matching package/rpi-firmware
* buildroot ead21eb6d2...cd82256125 (1):
> package/rpi-firmware: bump version to f49a396 (1.20250326)
Instead of using per-file ZSTD compression, compress firmware (and newly also
kernel modules) using LZMA within EROFS image. LZMA was picked because ZSTD
support in EROFS is still experimental and due to some limitations in the
implementation, the compression takes significantly more time.
This change gives us more control over compression of the files and with the
proposed settings, saves a bit of the space (~10 MiB) in the resulting image.
In theory, even higher savings could be achieved through compressing other
runtime binaries, but this would need to be thoroughly tested whether it
doesn't have any detrimental effects. For firmware and modules, the overhead
should be minimal, as they are usually touched only once per boot and are
rather small before decompression.
* buildroot 74994c4f32...92fab35fed (6):
> fs/erofs: add custom compression option with optional compress-hints file
> package/erofs-utils: bump to version 1.8.5
> package/erofs-utils: bump to version 1.8.3
> package/erofs-utils: bump to version 1.8.2
> package/erofs-utils: bump to version 1.8.1
> package/erofs-utils: add libdeflate and zlib optional dependencies
* Upgrade Rockchip platforms to Linux 6.12
Upgrade all Rockchip boards to latest 6.12. Patches for M1S can be dropped, its
DTS has been merged. Same goes for the Rockchip TRNG, it only had to be enabled
in the Green DTS. Patch for broken combphy has been updated for 6.12.y.
* Remove deprecated and nonsense symbols from Rockchip defconfig
Many symbols have been removed between 6.6 and 6.12. Most of them have no use
in Rockchip defconfig, or should be set by other kernel fragments anyway.
Remove all of them, with the exception of USB_ONBOARD_HUB (which was renamed to
USB_ONBOARD_DEV) and FSCACHE (which was changed from tristate to bool).
* Update generic-aarch64 to Linux 6.12
* Update Amlogic-based ODROID boards to Linux 6.12
Removed couple of deprecated/unrelated kernel options.
* Update VIM3 to Linux 6.12
Cleaned up symbols unrelated/deprecated in 6.12 from defconfig.
* Update ODROID-XU4 to Linux 6.12
The usual defconfigs suspects had to been removed and the regulator patch for
ethernet needed a minor update after refactoring in upstream.
* Update Tinker to Linux 6.12
Needed defconfig cleanup for 6.12, otherwise no changes.
* Update x86 and OVA to latest 6.12 release
This way the extra patches directory can be removed too.
* Remove 6.6.73 patches
* Refresh all linux patch series against 6.12.11 sources
* Reenable HW RNG on M1S to speed up boot
The TRNG on RK3566 supposedly [1] has low quality, that's why it's disabled in
upstream for this SoC. We had it enabled in the past and without it, the boot
is delayed by quite a lot. Enable it again for now and investigate the RNG
issues later.
[1] https://patchew.org/linux/cover.1722355365.git.daniel@makrotopia.org/
* Also remove CACHEFILES module from Rockchip config
It was only enabled for Rockchip and Tinker, and to my knowledge there is no
cachefiles daemon or anything other in the userspace that's using it.
* Remove unused 6.6.y fragments
Since we only have 6.6.y for Raspberry Pi now, it doesn't need the Rockchip and
wireless PCI fragments.
* Linux: Update kernel to 6.12.6
* Linux 6.12
* https://github.com/home-assistant/operating-system/pull/3767#discussion_r1899169881
* https://github.com/home-assistant/operating-system/pull/3767#discussion_r1899170543
* Add patch descriptions, kernel ver conditionals
Signed-off-by: Nick Venenga <nick@venenga.com>
* Remove extra zram compression algos
* Undo fragment files config change
...for platforms that didn't receive kernel updates
* Sort Dockerfile apt packages
* Add Upstream refs to patches
* Re-enable TC
* Restore v6.6.y kernel fragments
* Update buildroot to rebased branch
* Apply 6.12 migration only to generic-x86-64
* package/eq3_char_loop: port patch from RaspberryMatic by @jens-maus
* package/generic_raw_uart: port patch from RaspberryMatic by @jens-maus
* Restore buildroot-external/board/pc/patches/linux
It's used in ova and generic-aarch64 defconfigs. Keep the path removed from
generic-x86-64 defconfig.
* Split linux patches to be version-specific
The IPv6 reachability patch needs different context on 6.6.y and 6.12.y -
introduce version-specific linux directories. To avoid the need for extra
directory for version used in RPi, copy those patches to its patches directory.
* Replace removed Intel Skylake audio driver with Intel AVS
The Skylake driver was removed and should be now replaced either by Intel HD
Audio or Intel AVS. Remove the old options and enable AVS.
SND_SOC_INTEL_SKYLAKE=m not found (defined in /build/buildroot-external/board/pc/generic-x86-64/kernel.config:63)
SND_SOC_INTEL_SKL=m not found (defined in /build/buildroot-external/board/pc/generic-x86-64/kernel.config:64)
SND_SOC_INTEL_APL=m not found (defined in /build/buildroot-external/board/pc/generic-x86-64/kernel.config:65)
SND_SOC_INTEL_KBL=m not found (defined in /build/buildroot-external/board/pc/generic-x86-64/kernel.config:66)
SND_SOC_INTEL_GLK=m not found (defined in /build/buildroot-external/board/pc/generic-x86-64/kernel.config:67)
SND_SOC_INTEL_CNL=m not found (defined in /build/buildroot-external/board/pc/generic-x86-64/kernel.config:68)
SND_SOC_INTEL_CFL=m not found (defined in /build/buildroot-external/board/pc/generic-x86-64/kernel.config:69)
SND_SOC_INTEL_CML_H=m not found (defined in /build/buildroot-external/board/pc/generic-x86-64/kernel.config:70)
SND_SOC_INTEL_CML_LP=m not found (defined in /build/buildroot-external/board/pc/generic-x86-64/kernel.config:71)
SND_SOC_INTEL_SKYLAKE_FAMILY=m not found (defined in /build/buildroot-external/board/pc/generic-x86-64/kernel.config:72)
SND_SOC_INTEL_SKYLAKE_HDAUDIO_CODEC=y not found (defined in /build/buildroot-external/board/pc/generic-x86-64/kernel.config:73)
SND_SOC_INTEL_SKYLAKE_COMMON=m not found (defined in /build/buildroot-external/board/pc/generic-x86-64/kernel.config:74)
-> a882f4d750
SND_SOC_INTEL_SST=m requested, actual = n (defined in /build/buildroot-external/board/pc/generic-x86-64/kernel.config:58)
-> 970d299b0a
* Remove I2C_COMPAT option
I2C_COMPAT=y not found (defined in /build/buildroot-external/board/pc/generic-x86-64/kernel.config:163)
-> 7e722083fc
* Correctly disable module compression after Kconfig change
The Kconfig structure was changed, there's now a top-level bool:
c7ff693fa2
---------
Signed-off-by: Nick Venenga <nick@venenga.com>
Co-authored-by: Jan Čermák <sairon@sairon.cz>
The TCPMSS target module for iptables was enabled in some kernel defconfigs but
not for all targets. It is used e.g. in default config of @bigmoby's WireGuard
Client add-on. Enable it globally in the HAOS kernel config to make sure it's
always present.
Fixes#3730
Build cypress_m8 driver as module for all targets - some of them had it in
their base defconfig while some not. It is required e.g. for UPB PIM (Powerline
Interface Module).
Fixes#3690
Enable NTFS and exFAT drivers, as they're not in defconfigs of all platforms and may be useful when mounting removable drives.
Fixes#2723
Co-authored-by: Jan Čermák <sairon@users.noreply.github.com>
Rockchip config fragment had EROFS compression explicitly disabled. Remove that
option and also remove the EROFS one, as it's already set in common config.
* Use name.sh functions for paths in genimage
Paths for images generated outside of genimage were not used in genimage
definitions. Use them as the single source of truth.
Images generated by genimage itself (e.g. kernel.img) don't need to use those
functions, so remove the unused ones.
* Use EROFS instead of SquashFS for root FS
* Enabled EROFS in common kernel fragment
* RootFS image switched to EROFS with options to get decent compression
* rootfstype removed from kernel command line
* Get size of correct FS image in GH build summary
Enable libkcapi in generic kernel config. The bloat is minimal and the
options are enabled on most distributions. These modules are also needed
for Bluetooth Mesh and adding them fixes compatibility with some HCI USB
adapters.
Fixes#3322
* RaspberryPi: Update kernel to 6.6.20 - 6f16847710cc0502450788b9f12f0a14d3429668
Used version specified in RPi OS release notes [1].
[1] https://downloads.raspberrypi.org/raspios_arm64/release_notes.txt
* Update RPi Buildroot defconfigs for v6.6.y kernel
* Update RPi kernel patches for v6.6.y kernel
* Amended old patches to accomodate for new DTS paths
* Removed 6.6.25 patches -> moved to the common folder
* Added patch to fix Yellow DTS compilation
* Bump buildroot to update rpi-firmware
* buildroot b45d671fe3...9f5750121a (1):
> package/rpi-firmware: bump to version for (untagged) kernel v6.6.20
* Remove kernel v6.1.y config fragments, as they're not needed anymore
The official description says:
Multipath TCP (MPTCP) connections send and receive data over multiple
subflows in order to utilize multiple network paths. Each subflow uses
the TCP protocol, and TCP options carry header information for MPTCP.
Thanks to MPTCP, being able to use multiple paths in parallel or
simultaneously brings new use-cases:
- Seamless handovers: switching from one path to another while
preserving established connections -- Apple is using it for this
reason since 2013.
- Best network selection: using the "best" available path (latency,
losses, cost, bandwidth) -- one path can be used as a "backup" one.
- Network aggregation: using multiple paths at the same time to have a
higher throughput -- e.g. to combine a fixed an mobile network to
send files faster.
For example, for HA, it is possible to keep a SSH connection alive when
switching from one network to another (e.g. while travelling).
To be able to use MPTCP, both ends need to support it. An application
has to request it, by creating an MPTCP socket instead of a TCP one.
The rest in unchanged. An alternative is to use 'mptcpize' tool, which
relies on LD_PRELOAD to create an MPTCP socket instead of a TCP one.
Note that a MPTCP-enabled server continues to accept regular TCP
connections that do not use the Multipath TCP extension without any
performance impact. When a connection request is received, and is linked
to a listening socket with MPTCP support, the kernel will simply check
if MPTCP options are present. If not, the accepted socket will be a
"plain" TCP one, with the same impact as before.
To use multiple paths at the same time, additional IP addresses need to
be configured, e.g. via the 'ip' tool (IPRoute2).
MPTCP in the kernel is enabled in most main Linux distributions (Debian,
Ubuntu, RedHat, Fedora, etc.), but in more specific ones like Raspbian.
It is available in the Linux kernel since v5.6.
Signed-off-by: Matthieu Baerts (NGI0) <matttbe@kernel.org>
The in-tree driver introduced in HAOS 12.0 is having random issues,
so revert back to the stable OOT driver that was used before for now.
Also it add it to RPi 2 and Yellow where it's been missing the whole
time.
Fixes#3205
* Create common kernel config for Rockchip aarch64 boards
* Green: drop kernel option already included in main config
* Move rockchip RNG patchset to common folder
* Odroid-m1 has no board specific patches now
* Use separate path for v6.1.y and v6.6.y kernel config fragments
Since we're now maintaining Linux configs for two different versions,
it may happen that we want to add some options only to one of the
versions. While the Kconfig might figure the invalid options itself,
our config checking tooling would spam us with warnings. This commit
splits the configs to two directories. This pattern is used only for
the common fragments, more specific ones are usually sharing the same
Linux version anyway.
* Add back options removed in v6.6.y to v6.1.y kernel config fragments
* Linux: Update kernel 6.6.15
* Update buildroot packages to work with Linux 6.6
* Fix top-level and pc patches of linux
* Update tinker patch series
* Drop Odroid M1 patches
M1 is now supported in upstream.
* Update Hardkernel patches
Needed larger refactoring because of 379ae64609c7a3301b60483eb65bd8bc78f76328
* Update Green patches
* Update Odroid XU4 patches
Removing the TMU patch/hack for now, need to check if it's still needed.
If it is indeed, then it needs slighter rewrite.
* Move Rockchip RNG patches to M1 and Green dirs
* Update rtl88x2bu package to fix build
* Update gasket package to fix build
* Fix eq3_char_loop build
* Use fan53555 instead of custom rk860x driver
* Fix kernel base configs and fragments after 6.6 update
Mostly removed options that have been removed between releases. Only
a few options have been renamed, then there's bunch of options that
had dependencies added so they are available only on some architectures,
which are not those that we're using.
* Remove deprecated regulator-compatible from Green DTS
Enabling CONFIG_EXPERT, which was a dependency of some options we try
to set by our config fragments, had a side-effect of toggling some other
options, most importantly the framebuffer console support. Enable the
options found by diffing old and new kernel configs.
Fixes#3112
* Remove all non-existing kernel config symbols
* Remove unapplied x86 Intel sound options
These are missing various subsystem dependencies and were never in fact
enabled, assuming they're rather exotic and removing them completely.
* Add missing dependencies, adjust tristate values, remove nonsense
* Use KERNEL_LZ4 only for non-aarch64
Since aarch64 doesn't use self-extracting kernel:
https://patchwork.kernel.org/project/linux-arm-kernel/patch/20190119185540.20526-1-tobias.johannes.klausmann@mni.thm.de/
* Extract PCI options to device-support-pci fragment (renamed from device-support-pcie)
RPi 4+ should use this fragment too, since CM4 has PCIe support.
* Rename RPi's kernel-32b fragment to kernel-armv7
Compress firmware files from linux-firmware using ZSTD algorithm.
This should grant us some more space to add more firmwares and should
not have any major performance impact, because firmwares are not accessed
frequently.
Includes buildroot submodule bump:
* buildroot 07e08e01b2...8a75878da4 (1):
> linux-firmware: add option for firmware files compression
Preemptively enable larger set of WiFi drivers for all platforms and add more firmwares for them with the aim to harmonize WiFi device support among all boards and to have implicit support of devices that users might want to use. Targets `generic_aarch64`, `generic_x86_64` and `ova` also include options and firmwares for cards that are using PCI/PCIe bus - support for these is in a separate config fragment.
Especially the `generic_x86_64` is currently very tight with the rootfs space, so I had to do some triaging and select only sensible drivers and firmwares - especially archaic PCMCIA devices or devices not supporting only 802.11g or lower standards were among the first that I removed during the triaging - we can consider enabling those but this time on an someone's explicit need to have them enabled.
This closes#2815 and replaces large part of #2761, also potentially addresses (at least) these: #2806, #2783, #2841, #2776, #2725, #2600
-------------
* Remove WiFi options from generic and board kernel config fragments
* Enable MMC in OVA kernel
This is needed for SDIO drivers to work. Use the same options as we
currently use for generic_x86_64.
* Add CRYPTO_MICHAEL_MIC to the common kernel config
This is requirement for TKIP and is a dependency of ATH11K driver.
* Add kernel config fragments with wireless cards support
* Add firmwares for WiFi cards
* Enable more Bluetooth device drivers
Clean up all kernel configs and fragments from non-existing kernel
options, invalid choice values and choices that trigger warnings
during kernel package configuration.
Here's an example of warnings triggered for Yellow:
.config:8531:warning: override: MODULE_COMPRESS_NONE changes choice state
.config:8536:warning: override: ZSWAP_COMPRESSOR_DEFAULT_LZ4 changes choice state
.config:8537:warning: override: ZSWAP_ZPOOL_DEFAULT_ZSMALLOC changes choice state
.config:8543:warning: override: CPU_FREQ_DEFAULT_GOV_ONDEMAND changes choice state
.config:8717:warning: override: reassigning to symbol CGROUP_HUGETLB
.config:8767:warning: symbol value 'm' invalid for XFRM
.config:8852:warning: symbol value 'm' invalid for MEDIA_CONTROLLER_DVB
.config:8972:warning: symbol value 'm' invalid for SND_HDA_I915
There were also some options that are set in our or default configs
but end up patched by `KCONFIG_(DIS|EN)ABLE_OPT` in package makefiles,
these options are now explicitly set in our fragments too. For example
this was toggled for `generic_aarch64`:
CONFIG_DEFAULT_SECURITY_APPARMOR n -> y
CONFIG_DEFAULT_SECURITY_DAC y -> n
CONFIG_GCC_PLUGINS y -> n
The only goal of this commit is to make sure no warnings appear
anymore and the resulting kernel configs remain unchanged. This will
allow us to create tools for sanity checks of our kernel config
overrides. There is one single change in `ova` config resulting from
previously invalid `m` option for a bool value:
-# CONFIG_9P_FS_POSIX_ACL is not set
+CONFIG_9P_FS_POSIX_ACL=y
* Use kernel local version for HAOS compiled Linux kernel
Use the local version config option to add "haos" to the system's Linux
kernel version to indicate the kernel is built specifically for Home
Assistant OS. This makes sure to overwrite any other local version (e.g.
provided by Raspberry Pi kernel's defconfig) and makes it easier to
verify something is running on HAOS since the string will be visible in
any Container using `uname -a`.
* Add dash in front
Currently `CONFIG_OVERLAY_FS_METACOPY` and
`CONFIG_OVERLAY_FS_REDIRECT_DIR` kernel options are enabled but not
preferred by Docker. The metadata copy feature is disabled by default,
and also not actively used by the overlayfs2 driver (see
2c3d1f7b4b).
So the metadata copy config is not really problematic per se. However,
it enables the redirect_dir feature. And a kernel which has the
redirect_dir feature compiled in also enables it by default. This
actually makes the overlayfs2 driver to fallback to naive diff, which
is, from what I understand, slower than the overlayfs native diff (see
also
49c3a7c4ba).
The Docker daemon is also reporting this on startup:
Not using native diff for overlay2, this may cause degraded performance
for building images: kernel has CONFIG_OVERLAY_FS_REDIRECT_DIR enabled
Currently `CONFIG_OVERLAY_FS_METACOPY` is enabled, and it also enables
`CONFIG_OVERLAY_FS_REDIRECT_DIR`. There was already a previous attempt
to disable the latter (see #2067).
Disable both configs explicitly until Docker is able to use them.
Enable fully preemptible kernel (low-latency desktop) configuration for
Home Assistant. Home Assistant can be considered as a soft real-time
system, where a lower latency is preferred over throughput.
A few tests using the rt_test development add-on didn't show measurable
improvements, but this could be due to rather synthetic test.
Currently some platform use voluntary preemptible kernel, and some fully
preemptible. So besides improving latency, this also aims to synchronize
the settings across all platforms.
Also make sure that debugging is not enable as it can have high runtime
overhead according to Kconfig.
* Enable Multi-Gen LRU
Multi-Gen LRU should improve performance under memory pressure. This is
especially useful for embedded platforms where memory is scarce.
* Add service to configure Multi-Gen LRU
Use min_ttl_ms of 1 which is the least aggressive in terms of lag. Since
we are a server application, we can tune trashing prevention with a
higher acceptable lag.
