diff options
Diffstat (limited to 'modules')
318 files changed, 21266 insertions, 0 deletions
diff --git a/modules/default.nix b/modules/default.nix new file mode 100644 index 000000000000..eae333ea34b2 --- /dev/null +++ b/modules/default.nix @@ -0,0 +1 @@ +import ../nixpkgs/nixos diff --git a/modules/hosts/default.nix b/modules/hosts/default.nix new file mode 100644 index 000000000000..9c5c4810550e --- /dev/null +++ b/modules/hosts/default.nix @@ -0,0 +1,9 @@ +{ ... }: + +{ + networking.hosts."85.119.82.108" = [ + "qyliss.net" + "git.qyliss.net" + "znc.qyliss.net" + ]; +} diff --git a/modules/nix/default.nix b/modules/nix/default.nix new file mode 100644 index 000000000000..c004e83b2217 --- /dev/null +++ b/modules/nix/default.nix @@ -0,0 +1,37 @@ +{ config, pkgs, options, lib, ... }: + +let + # Most of the standard Darwin-detection methods cause infinite recursion. + isDarwin = options.environment ? "darwinConfig"; + +in { + nix.nixPath = [ + "nixos-config=/run/current-system/nixlib/sys/${config.networking.hostName}.nix" + "/run/current-system/nixlib" + ]; + + nix.settings.auto-optimise-store = true; + nix.daemonCPUSchedPolicy = "idle"; + nix.settings.trusted-users = [ "@wheel" ]; + + nix.settings.substituters = [ "https://cache.dataaturservice.se/spectrum/" ]; + nix.settings.trusted-public-keys = [ + "cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY=" + "spectrum-os.org-1:rnnSumz3+Dbs5uewPlwZSTP0k3g/5SRG4hD7Wbr9YuQ=" + ]; + + system.extraSystemBuilderCmds = '' + ln -s ${lib.cleanSource ../..} $out/nixlib + ''; + + nixpkgs.overlays = + let + inherit (builtins) attrNames readDir; + dir = ../../overlays; + names = attrNames (readDir dir); + in + map (o: import "${dir}/${o}") names; + + services = lib.optionalAttrs isDarwin + { nix-daemon.enable = true; }; +} diff --git a/modules/nixos-apple-silicon/.github/workflows/installer.yml b/modules/nixos-apple-silicon/.github/workflows/installer.yml new file mode 100644 index 000000000000..2fe0b6d0655b --- /dev/null +++ b/modules/nixos-apple-silicon/.github/workflows/installer.yml @@ -0,0 +1,82 @@ +name: build bootstrap installer + +on: + push: + tags: + - 'release-*' + + workflow_dispatch: + +jobs: + build: + runs-on: ubuntu-latest + + steps: + - uses: actions/checkout@v3 + + - uses: cachix/install-nix-action@v18 + with: + install_url: https://releases.nixos.org/nix/nix-2.13.2/install + nix_path: nixpkgs=channel:nixos-unstable + extra_nix_config: | + # save space on disk and in cache + auto-optimise-store = true + # keep all store paths necessary to build the outputs + keep-outputs = true + keep-derivations = true + + - name: cache nix store + id: cache-nix-store + uses: actions/cache@v3 + with: + key: installer5-${{ github.sha }} + restore-keys: | + installer5 + path: | + nix_store_dir + nix_store_db.sqlite + + - name: restore cached nix store + run: | + if [ -e nix_store_db.sqlite ]; then + sudo systemctl stop nix-daemon + + # put cached store paths back in their proper locations + sudo rm -rf /nix/store /nix/var/nix/db/db.sqlite + sudo mv nix_store_dir /nix/store + sudo cp nix_store_db.sqlite /nix/var/nix/db/db.sqlite + + # fix store permissions + sudo chmod 1775 /nix/store + sudo chown root:nixbld /nix/store + sudo chmod 0644 /nix/var/nix/db/db.sqlite + sudo chown -R root:root /nix/store /nix/var/nix/db/db.sqlite + + sudo systemctl start nix-daemon + fi + + - name: build installer + run: | + nix build --extra-experimental-features 'nix-command flakes' .#installer-bootstrap -j2 -L + cp result/iso/*.iso $(basename result/iso/*.iso | sed s/aarch64-linux/apple-silicon-${{ github.ref_name }}/) + + - uses: actions/upload-artifact@v3 + with: + name: installer + path: ./*.iso + + - uses: softprops/action-gh-release@v1 + if: startsWith(github.ref, 'refs/tags/') + with: + files: ./*.iso + + - name: prepare nix store for caching + run: | + # delete old stuff not relevant to this build + nix-collect-garbage + sudo systemctl stop nix-daemon + + # move store to a place where the cache action can read it + sudo mv /nix/store nix_store_dir + sudo mv /nix/var/nix/db/db.sqlite nix_store_db.sqlite + diff --git a/modules/nixos-apple-silicon/.gitignore b/modules/nixos-apple-silicon/.gitignore new file mode 100644 index 000000000000..1aca8d47966e --- /dev/null +++ b/modules/nixos-apple-silicon/.gitignore @@ -0,0 +1,6 @@ +/result +/u-boot +/m1n1 +/rootfs +/installer +bootbits/ diff --git a/modules/nixos-apple-silicon/LICENSE b/modules/nixos-apple-silicon/LICENSE new file mode 100644 index 000000000000..a4985204f04c --- /dev/null +++ b/modules/nixos-apple-silicon/LICENSE @@ -0,0 +1,21 @@ +Copyright (c) 2021 Thomas Watson + +Permission is hereby granted, free of charge, to any person obtaining +a copy of this software and associated documentation files (the +"Software"), to deal in the Software without restriction, including +without limitation the rights to use, copy, modify, merge, publish, +distribute, sublicense, and/or sell copies of the Software, and to +permit persons to whom the Software is furnished to do so, subject to +the following conditions: + +The above copyright notice and this permission notice shall be +included in all copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, +EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF +MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. +IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY +CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, +TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE +SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. + diff --git a/modules/nixos-apple-silicon/README.md b/modules/nixos-apple-silicon/README.md new file mode 100644 index 000000000000..becc860ed023 --- /dev/null +++ b/modules/nixos-apple-silicon/README.md @@ -0,0 +1,22 @@ +## About + +This repository contains package expressions and NixOS configuration modules which are intended to provide a useful and straightforward bare metal NixOS experience on Apple Silicon Macs. Once NixOS is installed and the Apple Silicon configuration module is added, the system can be configured and operated like any other NixOS system. + +We aim to generally replicate the experience and software configuration/versions provided by the Asahi Linux reference distro, and we rely primarily on their hard work. Contributions to improve the NixOS experience and address specific issues are welcome, but configuration and versions which diverge significantly will not be accepted. + +Please see the documentation and guide below to get started. + +## Documentation + +* [Release Notes](docs/release-notes.md) +* [Setup, Installation, and Maintenance Guide (2024-03-11)](docs/uefi-standalone.md) + +## Credits + +This is mostly a restructuring of work many others have already done, and it wouldn't have been possible without them. Important parts of the NixOS on Apple Silicon experience include (but are not limited to): +* [Asahi Linux's m1n1 bootloader/hypervisor](https://github.com/AsahiLinux/m1n1) +* [Asahi Linux's kernel patches](https://github.com/AsahiLinux/linux) +* [Mark Kettenis' U-boot port](https://github.com/kettenis/u-boot) +* [Alyssa Rosenzweig's Mesa GPU driver](https://gitlab.freedesktop.org/asahi/mesa) + +The Nix derivations and documentation in this repository are licensed under the MIT license as included in the [LICENSE](LICENSE) file. Patches included in this repository, and the files that Nix builds, are covered by separate licenses. diff --git a/modules/nixos-apple-silicon/apple-silicon-support/default.nix b/modules/nixos-apple-silicon/apple-silicon-support/default.nix new file mode 100644 index 000000000000..71a5dd0f8a0f --- /dev/null +++ b/modules/nixos-apple-silicon/apple-silicon-support/default.nix @@ -0,0 +1,7 @@ +{ ... }: + +{ + imports = [ + ./modules/default.nix + ]; +} diff --git a/modules/nixos-apple-silicon/apple-silicon-support/modules/boot-m1n1/default.nix b/modules/nixos-apple-silicon/apple-silicon-support/modules/boot-m1n1/default.nix new file mode 100644 index 000000000000..ccbd40bddb8c --- /dev/null +++ b/modules/nixos-apple-silicon/apple-silicon-support/modules/boot-m1n1/default.nix @@ -0,0 +1,55 @@ +{ config, pkgs, lib, ... }: +let + pkgs' = config.hardware.asahi.pkgs; + + bootM1n1 = pkgs'.m1n1.override { + isRelease = true; + withTools = false; + customLogo = config.boot.m1n1CustomLogo; + }; + + bootUBoot = pkgs'.uboot-asahi.override { + m1n1 = bootM1n1; + }; + + bootFiles = { + "m1n1/boot.bin" = pkgs.runCommand "boot.bin" {} '' + cat ${bootM1n1}/build/m1n1.bin > $out + cat ${config.boot.kernelPackages.kernel}/dtbs/apple/*.dtb >> $out + cat ${bootUBoot}/u-boot-nodtb.bin.gz >> $out + if [ -n "${config.boot.m1n1ExtraOptions}" ]; then + echo '${config.boot.m1n1ExtraOptions}' >> $out + fi + ''; + }; +in { + config = lib.mkIf config.hardware.asahi.enable { + # install m1n1 with the boot loader + boot.loader.grub.extraFiles = bootFiles; + boot.loader.systemd-boot.extraFiles = bootFiles; + + # ensure the installer has m1n1 in the image + system.extraDependencies = lib.mkForce [ bootM1n1 bootUBoot ]; + system.build.m1n1 = bootFiles."m1n1/boot.bin"; + }; + + options.boot = { + m1n1ExtraOptions = lib.mkOption { + type = lib.types.str; + default = ""; + description = '' + Append extra options to the m1n1 boot binary. Might be useful for fixing + display problems on Mac minis. + https://github.com/AsahiLinux/m1n1/issues/159 + ''; + }; + + m1n1CustomLogo = lib.mkOption { + type = lib.types.nullOr lib.types.path; + default = null; + description = '' + Custom logo to build into m1n1. The path must point to a 256x256 PNG. + ''; + }; + }; +} diff --git a/modules/nixos-apple-silicon/apple-silicon-support/modules/default.nix b/modules/nixos-apple-silicon/apple-silicon-support/modules/default.nix new file mode 100644 index 000000000000..7990556d46b4 --- /dev/null +++ b/modules/nixos-apple-silicon/apple-silicon-support/modules/default.nix @@ -0,0 +1,69 @@ +{ config, pkgs, lib, ... }: +{ + imports = [ + ./kernel + ./mesa + ./peripheral-firmware + ./boot-m1n1 + ./sound + ]; + + config = let + cfg = config.hardware.asahi; + in lib.mkIf cfg.enable { + nixpkgs.overlays = lib.mkBefore [ cfg.overlay ]; + + hardware.asahi.pkgs = + if cfg.pkgsSystem != "aarch64-linux" + then + import (pkgs.path) { + crossSystem.system = "aarch64-linux"; + localSystem.system = cfg.pkgsSystem; + overlays = [ cfg.overlay ]; + } + else pkgs; + }; + + options.hardware.asahi = { + enable = lib.mkOption { + type = lib.types.bool; + default = true; + description = '' + Enable the basic Asahi Linux components, such as kernel and boot setup. + ''; + }; + + pkgsSystem = lib.mkOption { + type = lib.types.str; + default = "aarch64-linux"; + description = '' + System architecture that should be used to build the major Asahi + packages, if not the default aarch64-linux. This allows installing from + a cross-built ISO without rebuilding them during installation. + ''; + }; + + pkgs = lib.mkOption { + type = lib.types.raw; + description = '' + Package set used to build the major Asahi packages. Defaults to the + ambient set if not cross-built, otherwise re-imports the ambient set + with the system defined by `hardware.asahi.pkgsSystem`. + ''; + }; + + overlay = lib.mkOption { + type = lib.mkOptionType { + name = "nixpkgs-overlay"; + description = "nixpkgs overlay"; + check = lib.isFunction; + merge = lib.mergeOneOption; + }; + default = import ../packages/overlay.nix; + defaultText = "overlay provided with the module"; + description = '' + The nixpkgs overlay for asahi packages. + ''; + }; + }; +} diff --git a/modules/nixos-apple-silicon/apple-silicon-support/modules/kernel/default.nix b/modules/nixos-apple-silicon/apple-silicon-support/modules/kernel/default.nix new file mode 100644 index 000000000000..619a02634e93 --- /dev/null +++ b/modules/nixos-apple-silicon/apple-silicon-support/modules/kernel/default.nix @@ -0,0 +1,107 @@ +# the Asahi Linux kernel and options that must go along with it + +{ config, pkgs, lib, ... }: +{ + config = lib.mkIf config.hardware.asahi.enable { + boot.kernelPackages = let + pkgs' = config.hardware.asahi.pkgs; + in + pkgs'.linux-asahi.override { + _kernelPatches = config.boot.kernelPatches; + withRust = config.hardware.asahi.withRust; + }; + + # we definitely want to use CONFIG_ENERGY_MODEL, and + # schedutil is a prerequisite for using it + # source: https://www.kernel.org/doc/html/latest/scheduler/sched-energy.html + powerManagement.cpuFreqGovernor = lib.mkOverride 800 "schedutil"; + + boot.initrd.includeDefaultModules = false; + boot.initrd.availableKernelModules = [ + # list of initrd modules stolen from + # https://github.com/AsahiLinux/asahi-scripts/blob/f461f080a1d2575ae4b82879b5624360db3cff8c/initcpio/install/asahi + "apple-mailbox" + "nvme_apple" + "pinctrl-apple-gpio" + "macsmc" + "macsmc-rtkit" + "i2c-apple" + "tps6598x" + "apple-dart" + "dwc3" + "dwc3-of-simple" + "xhci-pci" + "pcie-apple" + "gpio_macsmc" + "phy-apple-atc" + "nvmem_apple_efuses" + "spi-apple" + "spi-hid-apple" + "spi-hid-apple-of" + "rtc-macsmc" + "simple-mfd-spmi" + "spmi-apple-controller" + "nvmem_spmi_mfd" + "apple-dockchannel" + "dockchannel-hid" + "apple-rtkit-helper" + + # additional stuff necessary to boot off USB for the installer + # and if the initrd (i.e. stage 1) goes wrong + "usb-storage" + "xhci-plat-hcd" + "usbhid" + "hid_generic" + ]; + + boot.kernelParams = [ + "earlycon" + "console=ttySAC0,115200n8" + "console=tty0" + "boot.shell_on_fail" + # Apple's SSDs are slow (~dozens of ms) at processing flush requests which + # slows down programs that make a lot of fsync calls. This parameter sets + # a delay in ms before actually flushing so that such requests can be + # coalesced. Be warned that increasing this parameter above zero (default + # is 1000) has the potential, though admittedly unlikely, risk of + # UNBOUNDED data corruption in case of power loss!!!! Don't even think + # about it on desktops!! + "nvme_apple.flush_interval=0" + ]; + + # U-Boot does not support EFI variables + boot.loader.efi.canTouchEfiVariables = lib.mkForce false; + + # U-Boot does not support switching console mode + boot.loader.systemd-boot.consoleMode = "0"; + + # GRUB has to be installed as removable if the user chooses to use it + boot.loader.grub = lib.mkDefault { + efiSupport = true; + efiInstallAsRemovable = true; + device = "nodev"; + }; + + # autosuspend was enabled as safe for the PCI SD card reader + # "Genesys Logic, Inc GL9755 SD Host Controller [17a0:9755] (rev 01)" + # by recent systemd versions, but this has a "negative interaction" + # with our kernel/SoC and causes random boot hangs. disable it! + services.udev.extraHwdb = '' + pci:v000017A0d00009755* + ID_AUTOSUSPEND=0 + ''; + }; + + imports = [ + (lib.mkRemovedOptionModule [ "hardware" "asahi" "addEdgeKernelConfig" ] + "All edge kernel config options are now the default.") + ]; + + options.hardware.asahi.withRust = lib.mkOption { + type = lib.types.bool; + default = false; + description = '' + Build the Asahi Linux kernel with Rust support. + ''; + }; +} diff --git a/modules/nixos-apple-silicon/apple-silicon-support/modules/mesa/default.nix b/modules/nixos-apple-silicon/apple-silicon-support/modules/mesa/default.nix new file mode 100644 index 000000000000..cc3db2b32930 --- /dev/null +++ b/modules/nixos-apple-silicon/apple-silicon-support/modules/mesa/default.nix @@ -0,0 +1,72 @@ +{ config, pkgs, lib, ... }: +{ + config = let + isMode = mode: (config.hardware.asahi.useExperimentalGPUDriver + && config.hardware.asahi.experimentalGPUInstallMode == mode); + in lib.mkIf config.hardware.asahi.enable (lib.mkMerge [ + { + # required for proper DRM setup even without GPU driver + services.xserver.config = '' + Section "OutputClass" + Identifier "appledrm" + MatchDriver "apple" + Driver "modesetting" + Option "PrimaryGPU" "true" + EndSection + ''; + } + (lib.mkIf config.hardware.asahi.useExperimentalGPUDriver { + # install the drivers + hardware.opengl.package = config.hardware.asahi.pkgs.mesa-asahi-edge.drivers; + + # required for in-kernel GPU driver + hardware.asahi.withRust = true; + }) + (lib.mkIf (isMode "replace") { + # replace the Mesa linked into system packages with the Asahi version + # without rebuilding them to avoid rebuilding the world. + system.replaceRuntimeDependencies = [ + { original = pkgs.mesa; + replacement = config.hardware.asahi.pkgs.mesa-asahi-edge; + } + ]; + }) + (lib.mkIf (isMode "overlay") { + # replace the Mesa used in Nixpkgs with the Asahi version using an overlay, + # which requires rebuilding the world but ensures it is done faithfully + # (and in a way compatible with pure evaluation) + nixpkgs.overlays = [ + (final: prev: { + mesa = final.mesa-asahi-edge; + }) + ]; + }) + ]); + + options.hardware.asahi.useExperimentalGPUDriver = lib.mkOption { + type = lib.types.bool; + default = false; + description = '' + Use the experimental Asahi Mesa GPU driver. + + Do not report issues using this driver under NixOS to the Asahi project. + ''; + }; + + options.hardware.asahi.experimentalGPUInstallMode = lib.mkOption { + type = lib.types.enum [ "driver" "replace" "overlay" ]; + default = "replace"; + description = '' + Mode to use to install the experimental GPU driver into the system. + + driver: install only as a driver, do not replace system Mesa. + Causes issues with certain programs like Plasma Wayland. + + replace (default): use replaceRuntimeDependencies to replace system Mesa with Asahi Mesa. + Does not work in pure evaluation context (i.e. in flakes by default). + + overlay: overlay system Mesa with Asahi Mesa + Requires rebuilding the world. + ''; + }; +} diff --git a/modules/nixos-apple-silicon/apple-silicon-support/modules/peripheral-firmware/default.nix b/modules/nixos-apple-silicon/apple-silicon-support/modules/peripheral-firmware/default.nix new file mode 100644 index 000000000000..e10632ff2a5e --- /dev/null +++ b/modules/nixos-apple-silicon/apple-silicon-support/modules/peripheral-firmware/default.nix @@ -0,0 +1,69 @@ +{ config, pkgs, lib, ... }: +{ + config = lib.mkIf config.hardware.asahi.enable { + assertions = lib.mkIf config.hardware.asahi.extractPeripheralFirmware [ + { assertion = config.hardware.asahi.peripheralFirmwareDirectory != null; + message = '' + Asahi peripheral firmware extraction is enabled but the firmware + location appears incorrect. + ''; + } + ]; + + hardware.firmware = let + pkgs' = config.hardware.asahi.pkgs; + in + lib.mkIf ((config.hardware.asahi.peripheralFirmwareDirectory != null) + && config.hardware.asahi.extractPeripheralFirmware) [ + (pkgs.stdenv.mkDerivation { + name = "asahi-peripheral-firmware"; + + nativeBuildInputs = [ pkgs'.asahi-fwextract pkgs.cpio ]; + + buildCommand = '' + mkdir extracted + asahi-fwextract ${config.hardware.asahi.peripheralFirmwareDirectory} extracted + + mkdir -p $out/lib/firmware + cat extracted/firmware.cpio | cpio -id --quiet --no-absolute-filenames + mv vendorfw/* $out/lib/firmware + ''; + }) + ]; + }; + + options.hardware.asahi = { + extractPeripheralFirmware = lib.mkOption { + type = lib.types.bool; + default = true; + description = '' + Automatically extract the non-free non-redistributable peripheral + firmware necessary for features like Wi-Fi. + ''; + }; + + peripheralFirmwareDirectory = lib.mkOption { + type = lib.types.nullOr lib.types.path; + + default = lib.findFirst (path: builtins.pathExists (path + "/all_firmware.tar.gz")) null + [ + # path when the system is operating normally + /boot/asahi + # path when the system is mounted in the installer + /mnt/boot/asahi + ]; + + description = '' + Path to the directory containing the non-free non-redistributable + peripheral firmware necessary for features like Wi-Fi. Ordinarily, this + will automatically point to the appropriate location on the ESP. Flake + users and those interested in maximum purity will want to copy those + files elsewhere and specify this manually. + + Currently, this consists of the files `all-firmware.tar.gz` and + `kernelcache*`. The official Asahi Linux installer places these files + in the `asahi` directory of the EFI system partition when creating it. + ''; + }; + }; +} diff --git a/modules/nixos-apple-silicon/apple-silicon-support/modules/sound/default.nix b/modules/nixos-apple-silicon/apple-silicon-support/modules/sound/default.nix new file mode 100644 index 000000000000..d76e7138d4c9 --- /dev/null +++ b/modules/nixos-apple-silicon/apple-silicon-support/modules/sound/default.nix @@ -0,0 +1,90 @@ +{ config, options, pkgs, lib, ... }: + +{ + imports = [ + # disable pulseaudio as the Asahi sound infrastructure can't use it. + # if we disable it only if setupAsahiSound is enabled, then infinite + # recursion results as pulseaudio enables config.sound by default. + { config.hardware.pulseaudio.enable = (!config.hardware.asahi.enable); } + ]; + + options.hardware.asahi = { + setupAsahiSound = lib.mkOption { + type = lib.types.bool; + default = config.sound.enable && config.hardware.asahi.enable; + description = '' + Set up the Asahi DSP components so that the speakers and headphone jack + work properly and safely. + ''; + }; + }; + + config = let + cfg = config.hardware.asahi; + + asahi-audio = pkgs.asahi-audio; # the asahi-audio we use + + lsp-plugins = pkgs.lsp-plugins; # the lsp-plugins we use + + lsp-plugins-is-patched = (lsp-plugins.overrideAttrs (old: { + passthru = (old.passthru or {}) // { + lsp-plugins-is-patched = builtins.elem "58c3f985f009c84347fa91236f164a9e47aafa93.patch" + (builtins.map (p: p.name) (old.patches or [])); + }; + })).lsp-plugins-is-patched; + + lsp-plugins-is-safe = (pkgs.lib.versionAtLeast lsp-plugins.version "1.2.14") || lsp-plugins-is-patched; + + # https://github.com/NixOS/nixpkgs/pull/282377 + # options is the set of all module option declarations, rather than their + # values, to prevent infinite recursion + newHotness = builtins.hasAttr "configPackages" options.services.pipewire; + + lv2Path = lib.makeSearchPath "lib/lv2" [ lsp-plugins pkgs.bankstown-lv2 ]; + in lib.mkIf (cfg.setupAsahiSound && cfg.enable) (lib.mkMerge [ + { + # enable pipewire to run real-time and avoid audible glitches + security.rtkit.enable = true; + # set up pipewire with the supported capabilities (instead of pulseaudio) + # and asahi-audio configs and plugins + services.pipewire = { + enable = true; + + alsa.enable = true; + pulse.enable = true; + wireplumber.enable = true; + }; + + # set up enivronment so that UCM configs are used as well + environment.variables.ALSA_CONFIG_UCM2 = "${pkgs.alsa-ucm-conf-asahi}/share/alsa/ucm2"; + systemd.user.services.pipewire.environment.ALSA_CONFIG_UCM2 = config.environment.variables.ALSA_CONFIG_UCM2; + systemd.user.services.wireplumber.environment.ALSA_CONFIG_UCM2 = config.environment.variables.ALSA_CONFIG_UCM2; + + # enable speakersafetyd to protect speakers + systemd.packages = lib.mkAssert lsp-plugins-is-safe + "lsp-plugins is unpatched/outdated and speakers cannot be safely enabled" + [ pkgs.speakersafetyd ]; + services.udev.packages = [ pkgs.speakersafetyd ]; + } + (lib.optionalAttrs newHotness { + # use configPackages and friends to install asahi-audio and plugins + services.pipewire = { + configPackages = [ asahi-audio ]; + extraLv2Packages = [ lsp-plugins pkgs.bankstown-lv2 ]; + wireplumber = { + configPackages = [ asahi-audio ]; + extraLv2Packages = [ lsp-plugins pkgs.bankstown-lv2 ]; + }; + }; + }) + (lib.optionalAttrs (!newHotness) { + # use environment.etc and environment variables to install asahi-audio and plugins + environment.etc = builtins.listToAttrs (builtins.map + (f: { name = f; value = { source = "${asahi-audio}/share/${f}"; }; }) + asahi-audio.providedConfigFiles); + + systemd.user.services.pipewire.environment.LV2_PATH = lv2Path; + systemd.user.services.wireplumber.environment.LV2_PATH = lv2Path; + }) + ]); +} diff --git a/modules/nixos-apple-silicon/apple-silicon-support/packages/alsa-ucm-conf-asahi/default.nix b/modules/nixos-apple-silicon/apple-silicon-support/packages/alsa-ucm-conf-asahi/default.nix new file mode 100644 index 000000000000..ac9d15e36d4e --- /dev/null +++ b/modules/nixos-apple-silicon/apple-silicon-support/packages/alsa-ucm-conf-asahi/default.nix @@ -0,0 +1,19 @@ +{ lib +, fetchFromGitHub +, alsa-ucm-conf }: + +(alsa-ucm-conf.overrideAttrs (oldAttrs: rec { + version = "5"; + + src_asahi = fetchFromGitHub { + # tracking: https://src.fedoraproject.org/rpms/alsa-ucm-asahi + owner = "AsahiLinux"; + repo = "alsa-ucm-conf-asahi"; + rev = "v${version}"; + hash = "sha256-daUNz5oUrPfSMO0Tqq/WbtiLHMOtPeQQlI+juGrhTxw="; + }; + + postInstall = oldAttrs.postInstall or "" + '' + cp -r ${src_asahi}/ucm2 $out/share/alsa + ''; +})) diff --git a/modules/nixos-apple-silicon/apple-silicon-support/packages/asahi-audio/default.nix b/modules/nixos-apple-silicon/apple-silicon-support/packages/asahi-audio/default.nix new file mode 100644 index 000000000000..4ccbcc5d066c --- /dev/null +++ b/modules/nixos-apple-silicon/apple-silicon-support/packages/asahi-audio/default.nix @@ -0,0 +1,51 @@ +{ stdenv +, lib +, fetchFromGitHub +}: + +stdenv.mkDerivation rec { + pname = "asahi-audio"; + # tracking: https://src.fedoraproject.org/rpms/asahi-audio + # note: ensure that the providedConfigFiles list below is current! + version = "1.6"; + + src = fetchFromGitHub { + owner = "AsahiLinux"; + repo = "asahi-audio"; + rev = "v${version}"; + hash = "sha256-NxTQD742U2FUZNmw7RHuOruMuTRLtAh1HDlMV9EzQkg="; + }; + + preBuild = '' + export PREFIX=$out + + readarray -t configs < <(\ + find . \ + -name '*.conf' -or \ + -name '*.json' -or \ + -name '*.lua' + ) + + substituteInPlace "''${configs[@]}" --replace \ + "/usr/share/asahi-audio" \ + "$out/asahi-audio" + ''; + + postInstall = '' + # no need to link the asahi-audio dir globally + mv $out/share/asahi-audio $out + ''; + + # list of config files installed in $out/share/ and destined for + # /etc/, from the `install -pm0644 conf/` lines in the Makefile. note + # that the contents of asahi-audio/ stay in $out/ and the config files + # are modified to point to them. + passthru.providedConfigFiles = [ + "wireplumber/wireplumber.conf.d/99-asahi.conf" + "wireplumber/policy.lua.d/85-asahi-policy.lua" + "wireplumber/main.lua.d/85-asahi.lua" + "wireplumber/scripts/policy-asahi.lua" + "pipewire/pipewire.conf.d/99-asahi.conf" + "pipewire/pipewire-pulse.conf.d/99-asahi.conf" + ]; +} diff --git a/modules/nixos-apple-silicon/apple-silicon-support/packages/asahi-fwextract/default.nix b/modules/nixos-apple-silicon/apple-silicon-support/packages/asahi-fwextract/default.nix new file mode 100755 index 000000000000..556beb571cb8 --- /dev/null +++ b/modules/nixos-apple-silicon/apple-silicon-support/packages/asahi-fwextract/default.nix @@ -0,0 +1,32 @@ +{ lib +, python3 +, fetchFromGitHub +, gzip +, gnutar +, lzfse +}: + +python3.pkgs.buildPythonApplication rec { + pname = "asahi-fwextract"; + version = "0.6.9"; + + # tracking version: https://github.com/AsahiLinux/PKGBUILDs/blob/main/asahi-fwextract/PKGBUILD + src = fetchFromGitHub { + owner = "AsahiLinux"; + repo = "asahi-installer"; + rev = "v${version}"; + hash = "sha256-MkNi4EBgT4gfev/yWqYyw5HZxewj6XTfb8na+eI2iVo="; + }; + + postPatch = '' + substituteInPlace asahi_firmware/img4.py \ + --replace 'liblzfse.so' '${lzfse}/lib/liblzfse.so' + substituteInPlace asahi_firmware/update.py \ + --replace '"tar"' '"${gnutar}/bin/tar"' \ + --replace '"xf"' '"-x", "-I", "${gzip}/bin/gzip", "-f"' + ''; + + nativeBuildInputs = [ python3.pkgs.setuptools ]; + + doCheck = false; +} diff --git a/modules/nixos-apple-silicon/apple-silicon-support/packages/bankstown-lv2/default.nix b/modules/nixos-apple-silicon/apple-silicon-support/packages/bankstown-lv2/default.nix new file mode 100644 index 000000000000..58c7bf91d078 --- /dev/null +++ b/modules/nixos-apple-silicon/apple-silicon-support/packages/bankstown-lv2/default.nix @@ -0,0 +1,38 @@ +{ lib +, lv2 +, pkg-config +, rustPlatform +, fetchFromGitHub +, fetchpatch +}: + +rustPlatform.buildRustPackage rec { + pname = "bankstown-lv2"; + # tracking: https://src.fedoraproject.org/rpms/rust-bankstown-lv2 + version = "1.1.0"; + + src = fetchFromGitHub { + owner = "chadmed"; + repo = "bankstown"; + rev = version; + hash = "sha256-IThXEY+mvT2MCw0PSWU/182xbUafd6dtm6hNjieLlKg="; + }; + + cargoSha256 = "sha256-yRzM4tcYc6mweTpLnnlCeKgP00L2wRgHamtUzK9Kstc="; + + installPhase = '' + export LIBDIR=$out/lib + mkdir -p $LIBDIR + + make + make install + ''; + + nativeBuildInputs = [ + pkg-config + ]; + + buildInputs = [ + lv2 + ]; +} diff --git a/modules/nixos-apple-silicon/apple-silicon-support/packages/linux-asahi/0001-check-in-new-alloc-for-1.75.0.patch b/modules/nixos-apple-silicon/apple-silicon-support/packages/linux-asahi/0001-check-in-new-alloc-for-1.75.0.patch new file mode 100644 index 000000000000..3c03bf913610 --- /dev/null +++ b/modules/nixos-apple-silicon/apple-silicon-support/packages/linux-asahi/0001-check-in-new-alloc-for-1.75.0.patch @@ -0,0 +1,1345 @@ +From 568b4e71264f2c636c65da0671e80d3c734489c6 Mon Sep 17 00:00:00 2001 +From: Yureka <yuka@yuka.dev> +Date: Tue, 16 Jan 2024 09:58:27 +0100 +Subject: [PATCH] check in new alloc for 1.75.0 + +--- + rust/alloc/alloc.rs | 63 +++++----- + rust/alloc/boxed.rs | 74 +++++++----- + rust/alloc/lib.rs | 27 +++-- + rust/alloc/raw_vec.rs | 49 +++++--- + rust/alloc/slice.rs | 2 +- + rust/alloc/vec/drain_filter.rs | 199 ------------------------------- + rust/alloc/vec/extract_if.rs | 115 ++++++++++++++++++ + rust/alloc/vec/mod.rs | 209 +++++++++++++++++++++++---------- + rust/alloc/vec/spec_extend.rs | 8 +- + 9 files changed, 389 insertions(+), 357 deletions(-) + delete mode 100644 rust/alloc/vec/drain_filter.rs + create mode 100644 rust/alloc/vec/extract_if.rs + +diff --git a/rust/alloc/alloc.rs b/rust/alloc/alloc.rs +index 08eafb3de807..8a6be8c98173 100644 +--- a/rust/alloc/alloc.rs ++++ b/rust/alloc/alloc.rs +@@ -6,9 +6,7 @@ + + #[cfg(not(test))] + use core::intrinsics; +-use core::intrinsics::{min_align_of_val, size_of_val}; + +-use core::ptr::Unique; + #[cfg(not(test))] + use core::ptr::{self, NonNull}; + +@@ -40,7 +38,6 @@ + #[rustc_nounwind] + fn __rust_alloc_zeroed(size: usize, align: usize) -> *mut u8; + +- #[cfg(not(bootstrap))] + static __rust_no_alloc_shim_is_unstable: u8; + } + +@@ -98,7 +95,6 @@ pub unsafe fn alloc(layout: Layout) -> *mut u8 { + unsafe { + // Make sure we don't accidentally allow omitting the allocator shim in + // stable code until it is actually stabilized. +- #[cfg(not(bootstrap))] + core::ptr::read_volatile(&__rust_no_alloc_shim_is_unstable); + + __rust_alloc(layout.size(), layout.align()) +@@ -339,23 +335,6 @@ unsafe fn exchange_malloc(size: usize, align: usize) -> *mut u8 { + } + } + +-#[cfg(not(version("1.72")))] +-#[cfg_attr(not(test), lang = "box_free")] +-#[inline] +-// This signature has to be the same as `Box`, otherwise an ICE will happen. +-// When an additional parameter to `Box` is added (like `A: Allocator`), this has to be added here as +-// well. +-// For example if `Box` is changed to `struct Box<T: ?Sized, A: Allocator>(Unique<T>, A)`, +-// this function has to be changed to `fn box_free<T: ?Sized, A: Allocator>(Unique<T>, A)` as well. +-pub(crate) unsafe fn box_free<T: ?Sized, A: Allocator>(ptr: Unique<T>, alloc: A) { +- unsafe { +- let size = size_of_val(ptr.as_ref()); +- let align = min_align_of_val(ptr.as_ref()); +- let layout = Layout::from_size_align_unchecked(size, align); +- alloc.deallocate(From::from(ptr.cast()), layout) +- } +-} +- + // # Allocation error handler + + #[cfg(not(no_global_oom_handling))] +@@ -366,18 +345,31 @@ pub(crate) unsafe fn box_free<T: ?Sized, A: Allocator>(ptr: Unique<T>, alloc: A) + fn __rust_alloc_error_handler(size: usize, align: usize) -> !; + } + +-/// Abort on memory allocation error or failure. ++/// Signal a memory allocation error. + /// +-/// Callers of memory allocation APIs wishing to abort computation ++/// Callers of memory allocation APIs wishing to cease execution + /// in response to an allocation error are encouraged to call this function, +-/// rather than directly invoking `panic!` or similar. ++/// rather than directly invoking [`panic!`] or similar. ++/// ++/// This function is guaranteed to diverge (not return normally with a value), but depending on ++/// global configuration, it may either panic (resulting in unwinding or aborting as per ++/// configuration for all panics), or abort the process (with no unwinding). + /// +-/// The default behavior of this function is to print a message to standard error +-/// and abort the process. +-/// It can be replaced with [`set_alloc_error_hook`] and [`take_alloc_error_hook`]. ++/// The default behavior is: ++/// ++/// * If the binary links against `std` (typically the case), then ++/// print a message to standard error and abort the process. ++/// This behavior can be replaced with [`set_alloc_error_hook`] and [`take_alloc_error_hook`]. ++/// Future versions of Rust may panic by default instead. ++/// ++/// * If the binary does not link against `std` (all of its crates are marked ++/// [`#![no_std]`][no_std]), then call [`panic!`] with a message. ++/// [The panic handler] applies as to any panic. + /// + /// [`set_alloc_error_hook`]: ../../std/alloc/fn.set_alloc_error_hook.html + /// [`take_alloc_error_hook`]: ../../std/alloc/fn.take_alloc_error_hook.html ++/// [The panic handler]: https://doc.rust-lang.org/reference/runtime.html#the-panic_handler-attribute ++/// [no_std]: https://doc.rust-lang.org/reference/names/preludes.html#the-no_std-attribute + #[stable(feature = "global_alloc", since = "1.28.0")] + #[rustc_const_unstable(feature = "const_alloc_error", issue = "92523")] + #[cfg(all(not(no_global_oom_handling), not(test)))] +@@ -387,13 +379,20 @@ const fn ct_error(_: Layout) -> ! { + panic!("allocation failed"); + } + ++ #[inline] + fn rt_error(layout: Layout) -> ! { + unsafe { + __rust_alloc_error_handler(layout.size(), layout.align()); + } + } + +- unsafe { core::intrinsics::const_eval_select((layout,), ct_error, rt_error) } ++ #[cfg(not(feature = "panic_immediate_abort"))] ++ unsafe { ++ core::intrinsics::const_eval_select((layout,), ct_error, rt_error) ++ } ++ ++ #[cfg(feature = "panic_immediate_abort")] ++ ct_error(layout) + } + + // For alloc test `std::alloc::handle_alloc_error` can be used directly. +@@ -415,13 +414,13 @@ pub unsafe fn __rdl_oom(size: usize, _align: usize) -> ! { + static __rust_alloc_error_handler_should_panic: u8; + } + +- #[allow(unused_unsafe)] + if unsafe { __rust_alloc_error_handler_should_panic != 0 } { + panic!("memory allocation of {size} bytes failed") + } else { +- core::panicking::panic_nounwind_fmt(format_args!( +- "memory allocation of {size} bytes failed" +- )) ++ core::panicking::panic_nounwind_fmt( ++ format_args!("memory allocation of {size} bytes failed"), ++ /* force_no_backtrace */ false, ++ ) + } + } + } +diff --git a/rust/alloc/boxed.rs b/rust/alloc/boxed.rs +index ed7e2f666178..f5f40778a193 100644 +--- a/rust/alloc/boxed.rs ++++ b/rust/alloc/boxed.rs +@@ -159,12 +159,12 @@ + use core::iter::FusedIterator; + use core::marker::Tuple; + use core::marker::Unsize; +-use core::mem; ++use core::mem::{self, SizedTypeProperties}; + use core::ops::{ +- CoerceUnsized, Deref, DerefMut, DispatchFromDyn, Generator, GeneratorState, Receiver, ++ CoerceUnsized, Coroutine, CoroutineState, Deref, DerefMut, DispatchFromDyn, Receiver, + }; + use core::pin::Pin; +-use core::ptr::{self, Unique}; ++use core::ptr::{self, NonNull, Unique}; + use core::task::{Context, Poll}; + + #[cfg(not(no_global_oom_handling))] +@@ -211,7 +211,7 @@ impl<T> Box<T> { + /// ``` + /// let five = Box::new(5); + /// ``` +- #[cfg(all(not(no_global_oom_handling)))] ++ #[cfg(not(no_global_oom_handling))] + #[inline(always)] + #[stable(feature = "rust1", since = "1.0.0")] + #[must_use] +@@ -483,8 +483,12 @@ pub fn try_new_uninit_in(alloc: A) -> Result<Box<mem::MaybeUninit<T>, A>, AllocE + where + A: Allocator, + { +- let layout = Layout::new::<mem::MaybeUninit<T>>(); +- let ptr = alloc.allocate(layout)?.cast(); ++ let ptr = if T::IS_ZST { ++ NonNull::dangling() ++ } else { ++ let layout = Layout::new::<mem::MaybeUninit<T>>(); ++ alloc.allocate(layout)?.cast() ++ }; + unsafe { Ok(Box::from_raw_in(ptr.as_ptr(), alloc)) } + } + +@@ -553,8 +557,12 @@ pub fn try_new_zeroed_in(alloc: A) -> Result<Box<mem::MaybeUninit<T>, A>, AllocE + where + A: Allocator, + { +- let layout = Layout::new::<mem::MaybeUninit<T>>(); +- let ptr = alloc.allocate_zeroed(layout)?.cast(); ++ let ptr = if T::IS_ZST { ++ NonNull::dangling() ++ } else { ++ let layout = Layout::new::<mem::MaybeUninit<T>>(); ++ alloc.allocate_zeroed(layout)?.cast() ++ }; + unsafe { Ok(Box::from_raw_in(ptr.as_ptr(), alloc)) } + } + +@@ -679,14 +687,16 @@ pub fn new_zeroed_slice(len: usize) -> Box<[mem::MaybeUninit<T>]> { + #[unstable(feature = "allocator_api", issue = "32838")] + #[inline] + pub fn try_new_uninit_slice(len: usize) -> Result<Box<[mem::MaybeUninit<T>]>, AllocError> { +- unsafe { ++ let ptr = if T::IS_ZST || len == 0 { ++ NonNull::dangling() ++ } else { + let layout = match Layout::array::<mem::MaybeUninit<T>>(len) { + Ok(l) => l, + Err(_) => return Err(AllocError), + }; +- let ptr = Global.allocate(layout)?; +- Ok(RawVec::from_raw_parts_in(ptr.as_mut_ptr() as *mut _, len, Global).into_box(len)) +- } ++ Global.allocate(layout)?.cast() ++ }; ++ unsafe { Ok(RawVec::from_raw_parts_in(ptr.as_ptr(), len, Global).into_box(len)) } + } + + /// Constructs a new boxed slice with uninitialized contents, with the memory +@@ -711,14 +721,16 @@ pub fn try_new_uninit_slice(len: usize) -> Result<Box<[mem::MaybeUninit<T>]>, Al + #[unstable(feature = "allocator_api", issue = "32838")] + #[inline] + pub fn try_new_zeroed_slice(len: usize) -> Result<Box<[mem::MaybeUninit<T>]>, AllocError> { +- unsafe { ++ let ptr = if T::IS_ZST || len == 0 { ++ NonNull::dangling() ++ } else { + let layout = match Layout::array::<mem::MaybeUninit<T>>(len) { + Ok(l) => l, + Err(_) => return Err(AllocError), + }; +- let ptr = Global.allocate_zeroed(layout)?; +- Ok(RawVec::from_raw_parts_in(ptr.as_mut_ptr() as *mut _, len, Global).into_box(len)) +- } ++ Global.allocate_zeroed(layout)?.cast() ++ }; ++ unsafe { Ok(RawVec::from_raw_parts_in(ptr.as_ptr(), len, Global).into_box(len)) } + } + } + +@@ -1215,12 +1227,6 @@ pub const fn into_pin(boxed: Self) -> Pin<Self> + + #[stable(feature = "rust1", since = "1.0.0")] + unsafe impl<#[may_dangle] T: ?Sized, A: Allocator> Drop for Box<T, A> { +- #[cfg(not(version("1.72")))] +- fn drop(&mut self) { +- // FIXME: Do nothing, drop is currently performed by compiler. +- } +- +- #[cfg(version("1.72"))] + #[inline] + fn drop(&mut self) { + // the T in the Box is dropped by the compiler before the destructor is run +@@ -1229,7 +1235,9 @@ fn drop(&mut self) { + + unsafe { + let layout = Layout::for_value_raw(ptr.as_ptr()); +- self.1.deallocate(From::from(ptr.cast()), layout) ++ if layout.size() != 0 { ++ self.1.deallocate(From::from(ptr.cast()), layout); ++ } + } + } + } +@@ -2102,28 +2110,28 @@ fn as_mut(&mut self) -> &mut T { + #[stable(feature = "pin", since = "1.33.0")] + impl<T: ?Sized, A: Allocator> Unpin for Box<T, A> where A: 'static {} + +-#[unstable(feature = "generator_trait", issue = "43122")] +-impl<G: ?Sized + Generator<R> + Unpin, R, A: Allocator> Generator<R> for Box<G, A> ++#[unstable(feature = "coroutine_trait", issue = "43122")] ++impl<G: ?Sized + Coroutine<R> + Unpin, R, A: Allocator> Coroutine<R> for Box<G, A> + where + A: 'static, + { + type Yield = G::Yield; + type Return = G::Return; + +- fn resume(mut self: Pin<&mut Self>, arg: R) -> GeneratorState<Self::Yield, Self::Return> { ++ fn resume(mut self: Pin<&mut Self>, arg: R) -> CoroutineState<Self::Yield, Self::Return> { + G::resume(Pin::new(&mut *self), arg) + } + } + +-#[unstable(feature = "generator_trait", issue = "43122")] +-impl<G: ?Sized + Generator<R>, R, A: Allocator> Generator<R> for Pin<Box<G, A>> ++#[unstable(feature = "coroutine_trait", issue = "43122")] ++impl<G: ?Sized + Coroutine<R>, R, A: Allocator> Coroutine<R> for Pin<Box<G, A>> + where + A: 'static, + { + type Yield = G::Yield; + type Return = G::Return; + +- fn resume(mut self: Pin<&mut Self>, arg: R) -> GeneratorState<Self::Yield, Self::Return> { ++ fn resume(mut self: Pin<&mut Self>, arg: R) -> CoroutineState<Self::Yield, Self::Return> { + G::resume((*self).as_mut(), arg) + } + } +@@ -2179,7 +2187,7 @@ pub fn downcast<T: Error + 'static>(self: Box<Self>) -> Result<Box<T>, Box<dyn E + let err: Box<dyn Error> = self; + <dyn Error>::downcast(err).map_err(|s| unsafe { + // Reapply the `Send` marker. +- mem::transmute::<Box<dyn Error>, Box<dyn Error + Send>>(s) ++ Box::from_raw(Box::into_raw(s) as *mut (dyn Error + Send)) + }) + } + } +@@ -2193,7 +2201,7 @@ pub fn downcast<T: Error + 'static>(self: Box<Self>) -> Result<Box<T>, Box<Self> + let err: Box<dyn Error> = self; + <dyn Error>::downcast(err).map_err(|s| unsafe { + // Reapply the `Send + Sync` marker. +- mem::transmute::<Box<dyn Error>, Box<dyn Error + Send + Sync>>(s) ++ Box::from_raw(Box::into_raw(s) as *mut (dyn Error + Send + Sync)) + }) + } + } +@@ -2440,4 +2448,8 @@ fn cause(&self) -> Option<&dyn core::error::Error> { + fn source(&self) -> Option<&(dyn core::error::Error + 'static)> { + core::error::Error::source(&**self) + } ++ ++ fn provide<'b>(&'b self, request: &mut core::error::Request<'b>) { ++ core::error::Error::provide(&**self, request); ++ } + } +diff --git a/rust/alloc/lib.rs b/rust/alloc/lib.rs +index 65b7a02d0956..345cf5c9cf92 100644 +--- a/rust/alloc/lib.rs ++++ b/rust/alloc/lib.rs +@@ -57,8 +57,12 @@ + //! [`Cell`]: core::cell + //! [`Rc`]: rc + //! [`RefCell`]: core::cell +-#![feature(doc_cfg_hide)] + ++// To run alloc tests without x.py without ending up with two copies of alloc, Miri needs to be ++// able to "empty" this crate. See <https://github.com/rust-lang/miri-test-libstd/issues/4>. ++// rustc itself never sets the feature, so this line has no effect there. ++#![cfg(any(not(feature = "miri-test-libstd"), test, doctest))] ++// + #![allow(unused_attributes)] + #![stable(feature = "alloc", since = "1.36.0")] + #![doc( +@@ -76,13 +80,10 @@ + not(no_sync), + target_has_atomic = "ptr" + ))] ++#![cfg_attr(not(bootstrap), doc(rust_logo))] ++#![cfg_attr(not(bootstrap), feature(rustdoc_internals))] + #![no_std] + #![needs_allocator] +-// To run alloc tests without x.py without ending up with two copies of alloc, Miri needs to be +-// able to "empty" this crate. See <https://github.com/rust-lang/miri-test-libstd/issues/4>. +-// rustc itself never sets the feature, so this line has no affect there. +-#![cfg(any(not(feature = "miri-test-libstd"), test, doctest))] +-// + // Lints: + #![deny(unsafe_op_in_unsafe_fn)] + #![deny(fuzzy_provenance_casts)] +@@ -91,6 +92,8 @@ + #![warn(missing_docs)] + #![allow(explicit_outlives_requirements)] + #![warn(multiple_supertrait_upcastable)] ++#![allow(internal_features)] ++#![allow(rustdoc::redundant_explicit_links)] + // + // Library features: + // tidy-alphabetical-start +@@ -107,21 +110,20 @@ + #![feature(ascii_char)] + #![feature(assert_matches)] + #![feature(async_iterator)] +-#![feature(cfg_version)] + #![feature(coerce_unsized)] + #![feature(const_align_of_val)] +-#![cfg_attr(not(version("1.73")), feature(const_box))] ++#![feature(const_box)] + #![cfg_attr(not(no_borrow), feature(const_cow_is_borrowed))] + #![feature(const_eval_select)] + #![feature(const_maybe_uninit_as_mut_ptr)] + #![feature(const_maybe_uninit_write)] +-#![feature(const_maybe_uninit_zeroed)] + #![feature(const_pin)] + #![feature(const_refs_to_cell)] + #![feature(const_size_of_val)] + #![feature(const_waker)] + #![feature(core_intrinsics)] + #![feature(core_panic)] ++#![feature(deprecated_suggestion)] + #![feature(dispatch_from_dyn)] + #![feature(error_generic_member_access)] + #![feature(error_in_core)] +@@ -140,13 +142,11 @@ + #![feature(maybe_uninit_uninit_array)] + #![feature(maybe_uninit_uninit_array_transpose)] + #![feature(pattern)] +-#![feature(pointer_byte_offsets)] +-#![cfg_attr(not(version("1.73")), feature(provide_any))] ++#![feature(ptr_addr_eq)] + #![feature(ptr_internals)] + #![feature(ptr_metadata)] + #![feature(ptr_sub_ptr)] + #![feature(receiver_trait)] +-#![feature(saturating_int_impl)] + #![feature(set_ptr_value)] + #![feature(sized_type_properties)] + #![feature(slice_from_ptr_range)] +@@ -169,7 +169,7 @@ + // + // Language features: + // tidy-alphabetical-start +-#![cfg_attr(not(test), feature(generator_trait))] ++#![cfg_attr(not(test), feature(coroutine_trait))] + #![cfg_attr(test, feature(panic_update_hook))] + #![cfg_attr(test, feature(test))] + #![feature(allocator_internals)] +@@ -204,6 +204,7 @@ + // + // Rustdoc features: + #![feature(doc_cfg)] ++#![feature(doc_cfg_hide)] + // Technically, this is a bug in rustdoc: rustdoc sees the documentation on `#[lang = slice_alloc]` + // blocks is for `&[T]`, which also has documentation using this feature in `core`, and gets mad + // that the feature-gate isn't enabled. Ideally, it wouldn't check for the feature gate for docs +diff --git a/rust/alloc/raw_vec.rs b/rust/alloc/raw_vec.rs +index 65d5ce15828e..f1b8cec8cc62 100644 +--- a/rust/alloc/raw_vec.rs ++++ b/rust/alloc/raw_vec.rs +@@ -338,10 +338,13 @@ pub fn reserve_for_push(&mut self, len: usize) { + /// The same as `reserve`, but returns on errors instead of panicking or aborting. + pub fn try_reserve(&mut self, len: usize, additional: usize) -> Result<(), TryReserveError> { + if self.needs_to_grow(len, additional) { +- self.grow_amortized(len, additional) +- } else { +- Ok(()) ++ self.grow_amortized(len, additional)?; ++ } ++ unsafe { ++ // Inform the optimizer that the reservation has succeeded or wasn't needed ++ core::intrinsics::assume(!self.needs_to_grow(len, additional)); + } ++ Ok(()) + } + + /// The same as `reserve_for_push`, but returns on errors instead of panicking or aborting. +@@ -378,7 +381,14 @@ pub fn try_reserve_exact( + len: usize, + additional: usize, + ) -> Result<(), TryReserveError> { +- if self.needs_to_grow(len, additional) { self.grow_exact(len, additional) } else { Ok(()) } ++ if self.needs_to_grow(len, additional) { ++ self.grow_exact(len, additional)?; ++ } ++ unsafe { ++ // Inform the optimizer that the reservation has succeeded or wasn't needed ++ core::intrinsics::assume(!self.needs_to_grow(len, additional)); ++ } ++ Ok(()) + } + + /// Shrinks the buffer down to the specified capacity. If the given amount +@@ -471,16 +481,26 @@ fn shrink(&mut self, cap: usize) -> Result<(), TryReserveError> { + let (ptr, layout) = if let Some(mem) = self.current_memory() { mem } else { return Ok(()) }; + // See current_memory() why this assert is here + let _: () = const { assert!(mem::size_of::<T>() % mem::align_of::<T>() == 0) }; +- let ptr = unsafe { +- // `Layout::array` cannot overflow here because it would have +- // overflowed earlier when capacity was larger. +- let new_size = mem::size_of::<T>().unchecked_mul(cap); +- let new_layout = Layout::from_size_align_unchecked(new_size, layout.align()); +- self.alloc +- .shrink(ptr, layout, new_layout) +- .map_err(|_| AllocError { layout: new_layout, non_exhaustive: () })? +- }; +- self.set_ptr_and_cap(ptr, cap); ++ ++ // If shrinking to 0, deallocate the buffer. We don't reach this point ++ // for the T::IS_ZST case since current_memory() will have returned ++ // None. ++ if cap == 0 { ++ unsafe { self.alloc.deallocate(ptr, layout) }; ++ self.ptr = Unique::dangling(); ++ self.cap = 0; ++ } else { ++ let ptr = unsafe { ++ // `Layout::array` cannot overflow here because it would have ++ // overflowed earlier when capacity was larger. ++ let new_size = mem::size_of::<T>().unchecked_mul(cap); ++ let new_layout = Layout::from_size_align_unchecked(new_size, layout.align()); ++ self.alloc ++ .shrink(ptr, layout, new_layout) ++ .map_err(|_| AllocError { layout: new_layout, non_exhaustive: () })? ++ }; ++ self.set_ptr_and_cap(ptr, cap); ++ } + Ok(()) + } + } +@@ -559,6 +579,7 @@ fn alloc_guard(alloc_size: usize) -> Result<(), TryReserveError> { + // ensure that the code generation related to these panics is minimal as there's + // only one location which panics rather than a bunch throughout the module. + #[cfg(not(no_global_oom_handling))] ++#[cfg_attr(not(feature = "panic_immediate_abort"), inline(never))] + fn capacity_overflow() -> ! { + panic!("capacity overflow"); + } +diff --git a/rust/alloc/slice.rs b/rust/alloc/slice.rs +index 6ac463bd3edc..1181836da5f4 100644 +--- a/rust/alloc/slice.rs ++++ b/rust/alloc/slice.rs +@@ -594,7 +594,7 @@ pub fn join<Separator>(&self, sep: Separator) -> <Self as Join<Separator>>::Outp + /// ``` + #[rustc_allow_incoherent_impl] + #[stable(feature = "rust1", since = "1.0.0")] +- #[deprecated(since = "1.3.0", note = "renamed to join")] ++ #[deprecated(since = "1.3.0", note = "renamed to join", suggestion = "join")] + pub fn connect<Separator>(&self, sep: Separator) -> <Self as Join<Separator>>::Output + where + Self: Join<Separator>, +diff --git a/rust/alloc/vec/drain_filter.rs b/rust/alloc/vec/drain_filter.rs +deleted file mode 100644 +index 09efff090e42..000000000000 +--- a/rust/alloc/vec/drain_filter.rs ++++ /dev/null +@@ -1,199 +0,0 @@ +-// SPDX-License-Identifier: Apache-2.0 OR MIT +- +-use crate::alloc::{Allocator, Global}; +-use core::mem::{ManuallyDrop, SizedTypeProperties}; +-use core::ptr; +-use core::slice; +- +-use super::Vec; +- +-/// An iterator which uses a closure to determine if an element should be removed. +-/// +-/// This struct is created by [`Vec::drain_filter`]. +-/// See its documentation for more. +-/// +-/// # Example +-/// +-/// ``` +-/// #![feature(drain_filter)] +-/// +-/// let mut v = vec![0, 1, 2]; +-/// let iter: std::vec::DrainFilter<'_, _, _> = v.drain_filter(|x| *x % 2 == 0); +-/// ``` +-#[unstable(feature = "drain_filter", reason = "recently added", issue = "43244")] +-#[derive(Debug)] +-pub struct DrainFilter< +- 'a, +- T, +- F, +- #[unstable(feature = "allocator_api", issue = "32838")] A: Allocator = Global, +-> where +- F: FnMut(&mut T) -> bool, +-{ +- pub(super) vec: &'a mut Vec<T, A>, +- /// The index of the item that will be inspected by the next call to `next`. +- pub(super) idx: usize, +- /// The number of items that have been drained (removed) thus far. +- pub(super) del: usize, +- /// The original length of `vec` prior to draining. +- pub(super) old_len: usize, +- /// The filter test predicate. +- pub(super) pred: F, +- /// A flag that indicates a panic has occurred in the filter test predicate. +- /// This is used as a hint in the drop implementation to prevent consumption +- /// of the remainder of the `DrainFilter`. Any unprocessed items will be +- /// backshifted in the `vec`, but no further items will be dropped or +- /// tested by the filter predicate. +- pub(super) panic_flag: bool, +-} +- +-impl<T, F, A: Allocator> DrainFilter<'_, T, F, A> +-where +- F: FnMut(&mut T) -> bool, +-{ +- /// Returns a reference to the underlying allocator. +- #[unstable(feature = "allocator_api", issue = "32838")] +- #[inline] +- pub fn allocator(&self) -> &A { +- self.vec.allocator() +- } +- +- /// Keep unyielded elements in the source `Vec`. +- /// +- /// # Examples +- /// +- /// ``` +- /// #![feature(drain_filter)] +- /// #![feature(drain_keep_rest)] +- /// +- /// let mut vec = vec!['a', 'b', 'c']; +- /// let mut drain = vec.drain_filter(|_| true); +- /// +- /// assert_eq!(drain.next().unwrap(), 'a'); +- /// +- /// // This call keeps 'b' and 'c' in the vec. +- /// drain.keep_rest(); +- /// +- /// // If we wouldn't call `keep_rest()`, +- /// // `vec` would be empty. +- /// assert_eq!(vec, ['b', 'c']); +- /// ``` +- #[unstable(feature = "drain_keep_rest", issue = "101122")] +- pub fn keep_rest(self) { +- // At this moment layout looks like this: +- // +- // _____________________/-- old_len +- // / \ +- // [kept] [yielded] [tail] +- // \_______/ ^-- idx +- // \-- del +- // +- // Normally `Drop` impl would drop [tail] (via .for_each(drop), ie still calling `pred`) +- // +- // 1. Move [tail] after [kept] +- // 2. Update length of the original vec to `old_len - del` +- // a. In case of ZST, this is the only thing we want to do +- // 3. Do *not* drop self, as everything is put in a consistent state already, there is nothing to do +- let mut this = ManuallyDrop::new(self); +- +- unsafe { +- // ZSTs have no identity, so we don't need to move them around. +- if !T::IS_ZST && this.idx < this.old_len && this.del > 0 { +- let ptr = this.vec.as_mut_ptr(); +- let src = ptr.add(this.idx); +- let dst = src.sub(this.del); +- let tail_len = this.old_len - this.idx; +- src.copy_to(dst, tail_len); +- } +- +- let new_len = this.old_len - this.del; +- this.vec.set_len(new_len); +- } +- } +-} +- +-#[unstable(feature = "drain_filter", reason = "recently added", issue = "43244")] +-impl<T, F, A: Allocator> Iterator for DrainFilter<'_, T, F, A> +-where +- F: FnMut(&mut T) -> bool, +-{ +- type Item = T; +- +- fn next(&mut self) -> Option<T> { +- unsafe { +- while self.idx < self.old_len { +- let i = self.idx; +- let v = slice::from_raw_parts_mut(self.vec.as_mut_ptr(), self.old_len); +- self.panic_flag = true; +- let drained = (self.pred)(&mut v[i]); +- self.panic_flag = false; +- // Update the index *after* the predicate is called. If the index +- // is updated prior and the predicate panics, the element at this +- // index would be leaked. +- self.idx += 1; +- if drained { +- self.del += 1; +- return Some(ptr::read(&v[i])); +- } else if self.del > 0 { +- let del = self.del; +- let src: *const T = &v[i]; +- let dst: *mut T = &mut v[i - del]; +- ptr::copy_nonoverlapping(src, dst, 1); +- } +- } +- None +- } +- } +- +- fn size_hint(&self) -> (usize, Option<usize>) { +- (0, Some(self.old_len - self.idx)) +- } +-} +- +-#[unstable(feature = "drain_filter", reason = "recently added", issue = "43244")] +-impl<T, F, A: Allocator> Drop for DrainFilter<'_, T, F, A> +-where +- F: FnMut(&mut T) -> bool, +-{ +- fn drop(&mut self) { +- struct BackshiftOnDrop<'a, 'b, T, F, A: Allocator> +- where +- F: FnMut(&mut T) -> bool, +- { +- drain: &'b mut DrainFilter<'a, T, F, A>, +- } +- +- impl<'a, 'b, T, F, A: Allocator> Drop for BackshiftOnDrop<'a, 'b, T, F, A> +- where +- F: FnMut(&mut T) -> bool, +- { +- fn drop(&mut self) { +- unsafe { +- if self.drain.idx < self.drain.old_len && self.drain.del > 0 { +- // This is a pretty messed up state, and there isn't really an +- // obviously right thing to do. We don't want to keep trying +- // to execute `pred`, so we just backshift all the unprocessed +- // elements and tell the vec that they still exist. The backshift +- // is required to prevent a double-drop of the last successfully +- // drained item prior to a panic in the predicate. +- let ptr = self.drain.vec.as_mut_ptr(); +- let src = ptr.add(self.drain.idx); +- let dst = src.sub(self.drain.del); +- let tail_len = self.drain.old_len - self.drain.idx; +- src.copy_to(dst, tail_len); +- } +- self.drain.vec.set_len(self.drain.old_len - self.drain.del); +- } +- } +- } +- +- let backshift = BackshiftOnDrop { drain: self }; +- +- // Attempt to consume any remaining elements if the filter predicate +- // has not yet panicked. We'll backshift any remaining elements +- // whether we've already panicked or if the consumption here panics. +- if !backshift.drain.panic_flag { +- backshift.drain.for_each(drop); +- } +- } +-} +diff --git a/rust/alloc/vec/extract_if.rs b/rust/alloc/vec/extract_if.rs +new file mode 100644 +index 000000000000..f314a51d4d3d +--- /dev/null ++++ b/rust/alloc/vec/extract_if.rs +@@ -0,0 +1,115 @@ ++// SPDX-License-Identifier: Apache-2.0 OR MIT ++ ++use crate::alloc::{Allocator, Global}; ++use core::ptr; ++use core::slice; ++ ++use super::Vec; ++ ++/// An iterator which uses a closure to determine if an element should be removed. ++/// ++/// This struct is created by [`Vec::extract_if`]. ++/// See its documentation for more. ++/// ++/// # Example ++/// ++/// ``` ++/// #![feature(extract_if)] ++/// ++/// let mut v = vec![0, 1, 2]; ++/// let iter: std::vec::ExtractIf<'_, _, _> = v.extract_if(|x| *x % 2 == 0); ++/// ``` ++#[unstable(feature = "extract_if", reason = "recently added", issue = "43244")] ++#[derive(Debug)] ++#[must_use = "iterators are lazy and do nothing unless consumed"] ++pub struct ExtractIf< ++ 'a, ++ T, ++ F, ++ #[unstable(feature = "allocator_api", issue = "32838")] A: Allocator = Global, ++> where ++ F: FnMut(&mut T) -> bool, ++{ ++ pub(super) vec: &'a mut Vec<T, A>, ++ /// The index of the item that will be inspected by the next call to `next`. ++ pub(super) idx: usize, ++ /// The number of items that have been drained (removed) thus far. ++ pub(super) del: usize, ++ /// The original length of `vec` prior to draining. ++ pub(super) old_len: usize, ++ /// The filter test predicate. ++ pub(super) pred: F, ++} ++ ++impl<T, F, A: Allocator> ExtractIf<'_, T, F, A> ++where ++ F: FnMut(&mut T) -> bool, ++{ ++ /// Returns a reference to the underlying allocator. ++ #[unstable(feature = "allocator_api", issue = "32838")] ++ #[inline] ++ pub fn allocator(&self) -> &A { ++ self.vec.allocator() ++ } ++} ++ ++#[unstable(feature = "extract_if", reason = "recently added", issue = "43244")] ++impl<T, F, A: Allocator> Iterator for ExtractIf<'_, T, F, A> ++where ++ F: FnMut(&mut T) -> bool, ++{ ++ type Item = T; ++ ++ fn next(&mut self) -> Option<T> { ++ unsafe { ++ while self.idx < self.old_len { ++ let i = self.idx; ++ let v = slice::from_raw_parts_mut(self.vec.as_mut_ptr(), self.old_len); ++ let drained = (self.pred)(&mut v[i]); ++ // Update the index *after* the predicate is called. If the index ++ // is updated prior and the predicate panics, the element at this ++ // index would be leaked. ++ self.idx += 1; ++ if drained { ++ self.del += 1; ++ return Some(ptr::read(&v[i])); ++ } else if self.del > 0 { ++ let del = self.del; ++ let src: *const T = &v[i]; ++ let dst: *mut T = &mut v[i - del]; ++ ptr::copy_nonoverlapping(src, dst, 1); ++ } ++ } ++ None ++ } ++ } ++ ++ fn size_hint(&self) -> (usize, Option<usize>) { ++ (0, Some(self.old_len - self.idx)) ++ } ++} ++ ++#[unstable(feature = "extract_if", reason = "recently added", issue = "43244")] ++impl<T, F, A: Allocator> Drop for ExtractIf<'_, T, F, A> ++where ++ F: FnMut(&mut T) -> bool, ++{ ++ fn drop(&mut self) { ++ unsafe { ++ if self.idx < self.old_len && self.del > 0 { ++ // This is a pretty messed up state, and there isn't really an ++ // obviously right thing to do. We don't want to keep trying ++ // to execute `pred`, so we just backshift all the unprocessed ++ // elements and tell the vec that they still exist. The backshift ++ // is required to prevent a double-drop of the last successfully ++ // drained item prior to a panic in the predicate. ++ let ptr = self.vec.as_mut_ptr(); ++ let src = ptr.add(self.idx); ++ let dst = src.sub(self.del); ++ let tail_len = self.old_len - self.idx; ++ src.copy_to(dst, tail_len); ++ } ++ self.vec.set_len(self.old_len - self.del); ++ } ++ } ++} +diff --git a/rust/alloc/vec/mod.rs b/rust/alloc/vec/mod.rs +index 05c70de0227e..0d95fd7ef337 100644 +--- a/rust/alloc/vec/mod.rs ++++ b/rust/alloc/vec/mod.rs +@@ -74,10 +74,10 @@ + use crate::collections::{TryReserveError, TryReserveErrorKind}; + use crate::raw_vec::RawVec; + +-#[unstable(feature = "drain_filter", reason = "recently added", issue = "43244")] +-pub use self::drain_filter::DrainFilter; ++#[unstable(feature = "extract_if", reason = "recently added", issue = "43244")] ++pub use self::extract_if::ExtractIf; + +-mod drain_filter; ++mod extract_if; + + #[cfg(not(no_global_oom_handling))] + #[stable(feature = "vec_splice", since = "1.21.0")] +@@ -216,7 +216,7 @@ + /// + /// # Indexing + /// +-/// The `Vec` type allows to access values by index, because it implements the ++/// The `Vec` type allows access to values by index, because it implements the + /// [`Index`] trait. An example will be more explicit: + /// + /// ``` +@@ -618,22 +618,20 @@ pub fn try_with_capacity(capacity: usize) -> Result<Self, TryReserveError> { + /// Using memory that was allocated elsewhere: + /// + /// ```rust +- /// #![feature(allocator_api)] +- /// +- /// use std::alloc::{AllocError, Allocator, Global, Layout}; ++ /// use std::alloc::{alloc, Layout}; + /// + /// fn main() { + /// let layout = Layout::array::<u32>(16).expect("overflow cannot happen"); + /// + /// let vec = unsafe { +- /// let mem = match Global.allocate(layout) { +- /// Ok(mem) => mem.cast::<u32>().as_ptr(), +- /// Err(AllocError) => return, +- /// }; ++ /// let mem = alloc(layout).cast::<u32>(); ++ /// if mem.is_null() { ++ /// return; ++ /// } + /// + /// mem.write(1_000_000); + /// +- /// Vec::from_raw_parts_in(mem, 1, 16, Global) ++ /// Vec::from_raw_parts(mem, 1, 16) + /// }; + /// + /// assert_eq!(vec, &[1_000_000]); +@@ -876,19 +874,22 @@ pub fn try_with_capacity_in(capacity: usize, alloc: A) -> Result<Self, TryReserv + /// Using memory that was allocated elsewhere: + /// + /// ```rust +- /// use std::alloc::{alloc, Layout}; ++ /// #![feature(allocator_api)] ++ /// ++ /// use std::alloc::{AllocError, Allocator, Global, Layout}; + /// + /// fn main() { + /// let layout = Layout::array::<u32>(16).expect("overflow cannot happen"); ++ /// + /// let vec = unsafe { +- /// let mem = alloc(layout).cast::<u32>(); +- /// if mem.is_null() { +- /// return; +- /// } ++ /// let mem = match Global.allocate(layout) { ++ /// Ok(mem) => mem.cast::<u32>().as_ptr(), ++ /// Err(AllocError) => return, ++ /// }; + /// + /// mem.write(1_000_000); + /// +- /// Vec::from_raw_parts(mem, 1, 16) ++ /// Vec::from_raw_parts_in(mem, 1, 16, Global) + /// }; + /// + /// assert_eq!(vec, &[1_000_000]); +@@ -1227,8 +1228,8 @@ pub fn into_boxed_slice(mut self) -> Box<[T], A> { + /// Shortens the vector, keeping the first `len` elements and dropping + /// the rest. + /// +- /// If `len` is greater than the vector's current length, this has no +- /// effect. ++ /// If `len` is greater or equal to the vector's current length, this has ++ /// no effect. + /// + /// The [`drain`] method can emulate `truncate`, but causes the excess + /// elements to be returned instead of dropped. +@@ -1335,6 +1336,15 @@ pub fn as_mut_slice(&mut self) -> &mut [T] { + /// is never written to (except inside an `UnsafeCell`) using this pointer or any pointer + /// derived from it. If you need to mutate the contents of the slice, use [`as_mut_ptr`]. + /// ++ /// This method guarantees that for the purpose of the aliasing model, this method ++ /// does not materialize a reference to the underlying slice, and thus the returned pointer ++ /// will remain valid when mixed with other calls to [`as_ptr`] and [`as_mut_ptr`]. ++ /// Note that calling other methods that materialize mutable references to the slice, ++ /// or mutable references to specific elements you are planning on accessing through this pointer, ++ /// as well as writing to those elements, may still invalidate this pointer. ++ /// See the second example below for how this guarantee can be used. ++ /// ++ /// + /// # Examples + /// + /// ``` +@@ -1348,8 +1358,25 @@ pub fn as_mut_slice(&mut self) -> &mut [T] { + /// } + /// ``` + /// ++ /// Due to the aliasing guarantee, the following code is legal: ++ /// ++ /// ```rust ++ /// unsafe { ++ /// let mut v = vec![0, 1, 2]; ++ /// let ptr1 = v.as_ptr(); ++ /// let _ = ptr1.read(); ++ /// let ptr2 = v.as_mut_ptr().offset(2); ++ /// ptr2.write(2); ++ /// // Notably, the write to `ptr2` did *not* invalidate `ptr1` ++ /// // because it mutated a different element: ++ /// let _ = ptr1.read(); ++ /// } ++ /// ``` ++ /// + /// [`as_mut_ptr`]: Vec::as_mut_ptr ++ /// [`as_ptr`]: Vec::as_ptr + #[stable(feature = "vec_as_ptr", since = "1.37.0")] ++ #[rustc_never_returns_null_ptr] + #[inline] + pub fn as_ptr(&self) -> *const T { + // We shadow the slice method of the same name to avoid going through +@@ -1365,6 +1392,15 @@ pub fn as_ptr(&self) -> *const T { + /// Modifying the vector may cause its buffer to be reallocated, + /// which would also make any pointers to it invalid. + /// ++ /// This method guarantees that for the purpose of the aliasing model, this method ++ /// does not materialize a reference to the underlying slice, and thus the returned pointer ++ /// will remain valid when mixed with other calls to [`as_ptr`] and [`as_mut_ptr`]. ++ /// Note that calling other methods that materialize references to the slice, ++ /// or references to specific elements you are planning on accessing through this pointer, ++ /// may still invalidate this pointer. ++ /// See the second example below for how this guarantee can be used. ++ /// ++ /// + /// # Examples + /// + /// ``` +@@ -1382,7 +1418,25 @@ pub fn as_ptr(&self) -> *const T { + /// } + /// assert_eq!(&*x, &[0, 1, 2, 3]); + /// ``` ++ /// ++ /// Due to the aliasing guarantee, the following code is legal: ++ /// ++ /// ```rust ++ /// unsafe { ++ /// let mut v = vec![0]; ++ /// let ptr1 = v.as_mut_ptr(); ++ /// ptr1.write(1); ++ /// let ptr2 = v.as_mut_ptr(); ++ /// ptr2.write(2); ++ /// // Notably, the write to `ptr2` did *not* invalidate `ptr1`: ++ /// ptr1.write(3); ++ /// } ++ /// ``` ++ /// ++ /// [`as_mut_ptr`]: Vec::as_mut_ptr ++ /// [`as_ptr`]: Vec::as_ptr + #[stable(feature = "vec_as_ptr", since = "1.37.0")] ++ #[rustc_never_returns_null_ptr] + #[inline] + pub fn as_mut_ptr(&mut self) -> *mut T { + // We shadow the slice method of the same name to avoid going through +@@ -1511,7 +1565,8 @@ pub unsafe fn set_len(&mut self, new_len: usize) { + #[stable(feature = "rust1", since = "1.0.0")] + pub fn swap_remove(&mut self, index: usize) -> T { + #[cold] +- #[inline(never)] ++ #[cfg_attr(not(feature = "panic_immediate_abort"), inline(never))] ++ #[track_caller] + fn assert_failed(index: usize, len: usize) -> ! { + panic!("swap_remove index (is {index}) should be < len (is {len})"); + } +@@ -1552,7 +1607,8 @@ fn assert_failed(index: usize, len: usize) -> ! { + #[stable(feature = "rust1", since = "1.0.0")] + pub fn insert(&mut self, index: usize, element: T) { + #[cold] +- #[inline(never)] ++ #[cfg_attr(not(feature = "panic_immediate_abort"), inline(never))] ++ #[track_caller] + fn assert_failed(index: usize, len: usize) -> ! { + panic!("insertion index (is {index}) should be <= len (is {len})"); + } +@@ -1613,7 +1669,7 @@ fn assert_failed(index: usize, len: usize) -> ! { + #[track_caller] + pub fn remove(&mut self, index: usize) -> T { + #[cold] +- #[inline(never)] ++ #[cfg_attr(not(feature = "panic_immediate_abort"), inline(never))] + #[track_caller] + fn assert_failed(index: usize, len: usize) -> ! { + panic!("removal index (is {index}) should be < len (is {len})"); +@@ -2043,6 +2099,7 @@ pub fn pop(&mut self) -> Option<T> { + } else { + unsafe { + self.len -= 1; ++ core::intrinsics::assume(self.len < self.capacity()); + Some(ptr::read(self.as_ptr().add(self.len()))) + } + } +@@ -2245,7 +2302,8 @@ pub fn split_off(&mut self, at: usize) -> Self + A: Clone, + { + #[cold] +- #[inline(never)] ++ #[cfg_attr(not(feature = "panic_immediate_abort"), inline(never))] ++ #[track_caller] + fn assert_failed(at: usize, len: usize) -> ! { + panic!("`at` split index (is {at}) should be <= len (is {len})"); + } +@@ -2507,7 +2565,7 @@ pub fn resize(&mut self, new_len: usize, value: T) { + let len = self.len(); + + if new_len > len { +- self.extend_with(new_len - len, ExtendElement(value)) ++ self.extend_with(new_len - len, value) + } else { + self.truncate(new_len); + } +@@ -2545,7 +2603,7 @@ pub fn try_resize(&mut self, new_len: usize, value: T) -> Result<(), TryReserveE + let len = self.len(); + + if new_len > len { +- self.try_extend_with(new_len - len, ExtendElement(value)) ++ self.try_extend_with(new_len - len, value) + } else { + self.truncate(new_len); + Ok(()) +@@ -2684,26 +2742,10 @@ pub fn into_flattened(self) -> Vec<T, A> { + } + } + +-// This code generalizes `extend_with_{element,default}`. +-trait ExtendWith<T> { +- fn next(&mut self) -> T; +- fn last(self) -> T; +-} +- +-struct ExtendElement<T>(T); +-impl<T: Clone> ExtendWith<T> for ExtendElement<T> { +- fn next(&mut self) -> T { +- self.0.clone() +- } +- fn last(self) -> T { +- self.0 +- } +-} +- +-impl<T, A: Allocator> Vec<T, A> { ++impl<T: Clone, A: Allocator> Vec<T, A> { + #[cfg(not(no_global_oom_handling))] +- /// Extend the vector by `n` values, using the given generator. +- fn extend_with<E: ExtendWith<T>>(&mut self, n: usize, mut value: E) { ++ /// Extend the vector by `n` clones of value. ++ fn extend_with(&mut self, n: usize, value: T) { + self.reserve(n); + + unsafe { +@@ -2715,15 +2757,15 @@ fn extend_with<E: ExtendWith<T>>(&mut self, n: usize, mut value: E) { + + // Write all elements except the last one + for _ in 1..n { +- ptr::write(ptr, value.next()); ++ ptr::write(ptr, value.clone()); + ptr = ptr.add(1); +- // Increment the length in every step in case next() panics ++ // Increment the length in every step in case clone() panics + local_len.increment_len(1); + } + + if n > 0 { + // We can write the last element directly without cloning needlessly +- ptr::write(ptr, value.last()); ++ ptr::write(ptr, value); + local_len.increment_len(1); + } + +@@ -2731,8 +2773,8 @@ fn extend_with<E: ExtendWith<T>>(&mut self, n: usize, mut value: E) { + } + } + +- /// Try to extend the vector by `n` values, using the given generator. +- fn try_extend_with<E: ExtendWith<T>>(&mut self, n: usize, mut value: E) -> Result<(), TryReserveError> { ++ /// Try to extend the vector by `n` clones of value. ++ fn try_extend_with(&mut self, n: usize, value: T) -> Result<(), TryReserveError> { + self.try_reserve(n)?; + + unsafe { +@@ -2744,15 +2786,15 @@ fn try_extend_with<E: ExtendWith<T>>(&mut self, n: usize, mut value: E) -> Resul + + // Write all elements except the last one + for _ in 1..n { +- ptr::write(ptr, value.next()); ++ ptr::write(ptr, value.clone()); + ptr = ptr.add(1); +- // Increment the length in every step in case next() panics ++ // Increment the length in every step in case clone() panics + local_len.increment_len(1); + } + + if n > 0 { + // We can write the last element directly without cloning needlessly +- ptr::write(ptr, value.last()); ++ ptr::write(ptr, value); + local_len.increment_len(1); + } + +@@ -3210,6 +3252,12 @@ pub fn splice<R, I>(&mut self, range: R, replace_with: I) -> Splice<'_, I::IntoI + /// If the closure returns false, the element will remain in the vector and will not be yielded + /// by the iterator. + /// ++ /// If the returned `ExtractIf` is not exhausted, e.g. because it is dropped without iterating ++ /// or the iteration short-circuits, then the remaining elements will be retained. ++ /// Use [`retain`] with a negated predicate if you do not need the returned iterator. ++ /// ++ /// [`retain`]: Vec::retain ++ /// + /// Using this method is equivalent to the following code: + /// + /// ``` +@@ -3228,10 +3276,10 @@ pub fn splice<R, I>(&mut self, range: R, replace_with: I) -> Splice<'_, I::IntoI + /// # assert_eq!(vec, vec![1, 4, 5]); + /// ``` + /// +- /// But `drain_filter` is easier to use. `drain_filter` is also more efficient, ++ /// But `extract_if` is easier to use. `extract_if` is also more efficient, + /// because it can backshift the elements of the array in bulk. + /// +- /// Note that `drain_filter` also lets you mutate every element in the filter closure, ++ /// Note that `extract_if` also lets you mutate every element in the filter closure, + /// regardless of whether you choose to keep or remove it. + /// + /// # Examples +@@ -3239,17 +3287,17 @@ pub fn splice<R, I>(&mut self, range: R, replace_with: I) -> Splice<'_, I::IntoI + /// Splitting an array into evens and odds, reusing the original allocation: + /// + /// ``` +- /// #![feature(drain_filter)] ++ /// #![feature(extract_if)] + /// let mut numbers = vec![1, 2, 3, 4, 5, 6, 8, 9, 11, 13, 14, 15]; + /// +- /// let evens = numbers.drain_filter(|x| *x % 2 == 0).collect::<Vec<_>>(); ++ /// let evens = numbers.extract_if(|x| *x % 2 == 0).collect::<Vec<_>>(); + /// let odds = numbers; + /// + /// assert_eq!(evens, vec![2, 4, 6, 8, 14]); + /// assert_eq!(odds, vec![1, 3, 5, 9, 11, 13, 15]); + /// ``` +- #[unstable(feature = "drain_filter", reason = "recently added", issue = "43244")] +- pub fn drain_filter<F>(&mut self, filter: F) -> DrainFilter<'_, T, F, A> ++ #[unstable(feature = "extract_if", reason = "recently added", issue = "43244")] ++ pub fn extract_if<F>(&mut self, filter: F) -> ExtractIf<'_, T, F, A> + where + F: FnMut(&mut T) -> bool, + { +@@ -3260,7 +3308,7 @@ pub fn drain_filter<F>(&mut self, filter: F) -> DrainFilter<'_, T, F, A> + self.set_len(0); + } + +- DrainFilter { vec: self, idx: 0, del: 0, old_len, pred: filter, panic_flag: false } ++ ExtractIf { vec: self, idx: 0, del: 0, old_len, pred: filter } + } + } + +@@ -3272,7 +3320,7 @@ pub fn drain_filter<F>(&mut self, filter: F) -> DrainFilter<'_, T, F, A> + /// [`copy_from_slice`]: slice::copy_from_slice + #[cfg(not(no_global_oom_handling))] + #[stable(feature = "extend_ref", since = "1.2.0")] +-impl<'a, T: Copy + 'a, A: Allocator + 'a> Extend<&'a T> for Vec<T, A> { ++impl<'a, T: Copy + 'a, A: Allocator> Extend<&'a T> for Vec<T, A> { + fn extend<I: IntoIterator<Item = &'a T>>(&mut self, iter: I) { + self.spec_extend(iter.into_iter()) + } +@@ -3290,9 +3338,14 @@ fn extend_reserve(&mut self, additional: usize) { + + /// Implements comparison of vectors, [lexicographically](Ord#lexicographical-comparison). + #[stable(feature = "rust1", since = "1.0.0")] +-impl<T: PartialOrd, A: Allocator> PartialOrd for Vec<T, A> { ++impl<T, A1, A2> PartialOrd<Vec<T, A2>> for Vec<T, A1> ++where ++ T: PartialOrd, ++ A1: Allocator, ++ A2: Allocator, ++{ + #[inline] +- fn partial_cmp(&self, other: &Self) -> Option<Ordering> { ++ fn partial_cmp(&self, other: &Vec<T, A2>) -> Option<Ordering> { + PartialOrd::partial_cmp(&**self, &**other) + } + } +@@ -3407,6 +3460,36 @@ fn from(s: &mut [T]) -> Vec<T> { + } + } + ++#[cfg(not(no_global_oom_handling))] ++#[stable(feature = "vec_from_array_ref", since = "1.74.0")] ++impl<T: Clone, const N: usize> From<&[T; N]> for Vec<T> { ++ /// Allocate a `Vec<T>` and fill it by cloning `s`'s items. ++ /// ++ /// # Examples ++ /// ++ /// ``` ++ /// assert_eq!(Vec::from(&[1, 2, 3]), vec![1, 2, 3]); ++ /// ``` ++ fn from(s: &[T; N]) -> Vec<T> { ++ Self::from(s.as_slice()) ++ } ++} ++ ++#[cfg(not(no_global_oom_handling))] ++#[stable(feature = "vec_from_array_ref", since = "1.74.0")] ++impl<T: Clone, const N: usize> From<&mut [T; N]> for Vec<T> { ++ /// Allocate a `Vec<T>` and fill it by cloning `s`'s items. ++ /// ++ /// # Examples ++ /// ++ /// ``` ++ /// assert_eq!(Vec::from(&mut [1, 2, 3]), vec![1, 2, 3]); ++ /// ``` ++ fn from(s: &mut [T; N]) -> Vec<T> { ++ Self::from(s.as_mut_slice()) ++ } ++} ++ + #[cfg(not(no_global_oom_handling))] + #[stable(feature = "vec_from_array", since = "1.44.0")] + impl<T, const N: usize> From<[T; N]> for Vec<T> { +diff --git a/rust/alloc/vec/spec_extend.rs b/rust/alloc/vec/spec_extend.rs +index a6a735201e59..ada919537446 100644 +--- a/rust/alloc/vec/spec_extend.rs ++++ b/rust/alloc/vec/spec_extend.rs +@@ -77,7 +77,7 @@ fn try_spec_extend(&mut self, mut iterator: IntoIter<T>) -> Result<(), TryReserv + } + + #[cfg(not(no_global_oom_handling))] +-impl<'a, T: 'a, I, A: Allocator + 'a> SpecExtend<&'a T, I> for Vec<T, A> ++impl<'a, T: 'a, I, A: Allocator> SpecExtend<&'a T, I> for Vec<T, A> + where + I: Iterator<Item = &'a T>, + T: Clone, +@@ -87,7 +87,7 @@ impl<'a, T: 'a, I, A: Allocator + 'a> SpecExtend<&'a T, I> for Vec<T, A> + } + } + +-impl<'a, T: 'a, I, A: Allocator + 'a> TrySpecExtend<&'a T, I> for Vec<T, A> ++impl<'a, T: 'a, I, A: Allocator> TrySpecExtend<&'a T, I> for Vec<T, A> + where + I: Iterator<Item = &'a T>, + T: Clone, +@@ -98,7 +98,7 @@ impl<'a, T: 'a, I, A: Allocator + 'a> TrySpecExtend<&'a T, I> for Vec<T, A> + } + + #[cfg(not(no_global_oom_handling))] +-impl<'a, T: 'a, A: Allocator + 'a> SpecExtend<&'a T, slice::Iter<'a, T>> for Vec<T, A> ++impl<'a, T: 'a, A: Allocator> SpecExtend<&'a T, slice::Iter<'a, T>> for Vec<T, A> + where + T: Copy, + { +@@ -108,7 +108,7 @@ fn spec_extend(&mut self, iterator: slice::Iter<'a, T>) { + } + } + +-impl<'a, T: 'a, A: Allocator + 'a> TrySpecExtend<&'a T, slice::Iter<'a, T>> for Vec<T, A> ++impl<'a, T: 'a, A: Allocator> TrySpecExtend<&'a T, slice::Iter<'a, T>> for Vec<T, A> + where + T: Copy, + { +-- +2.42.0 + diff --git a/modules/nixos-apple-silicon/apple-silicon-support/packages/linux-asahi/0001-fs-fcntl-accept-more-values-as-F_DUPFD_CLOEXEC-args.patch b/modules/nixos-apple-silicon/apple-silicon-support/packages/linux-asahi/0001-fs-fcntl-accept-more-values-as-F_DUPFD_CLOEXEC-args.patch new file mode 100644 index 000000000000..647fdb6c5340 --- /dev/null +++ b/modules/nixos-apple-silicon/apple-silicon-support/packages/linux-asahi/0001-fs-fcntl-accept-more-values-as-F_DUPFD_CLOEXEC-args.patch @@ -0,0 +1,40 @@ +From 0fcdbacd8b06c24f5761a0cf9cb0c43cad05c19b Mon Sep 17 00:00:00 2001 +From: Thomas Watson <twatson52@icloud.com> +Date: Mon, 26 Feb 2024 19:51:12 -0600 +Subject: [PATCH] fs/fcntl: accept more values as F_DUPFD_CLOEXEC args + +libwebrtc doesn't pass anything as the arg to this function so the +minimum fd ends up as random garbage. If it's bigger than the maximum +fd, which is likely, then the duplication fails, and libwebrtc breaks. + +The previous patch (081abc5fa701738699705a6c0a41c824df77cb37) rejects +args >= 1024 (the default soft max fd) and instead subtitutes a minimum +fd of 0 to allow such requests to succeed. + +However, gnulib's test suite can pass the following values and expects +them to fail; this patch prevents those from succeeding: +* -1 (hard-coded) +* 1024 (`ulimit -n` value by default) +* 1048576 (`ulimit -n` value in Nix build sandbox) + +Hopefully the garbage values libwebrtc passes do not match very often. +--- + fs/fcntl.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/fs/fcntl.c b/fs/fcntl.c +index f18f87419445..65a6861476ec 100644 +--- a/fs/fcntl.c ++++ b/fs/fcntl.c +@@ -326,7 +326,7 @@ static long do_fcntl(int fd, unsigned int cmd, unsigned long arg, + err = f_dupfd(argi, filp, 0); + break; + case F_DUPFD_CLOEXEC: +- if (arg >= 1024) ++ if ((arg > 1024) && (argi != 1048576) && (argi != -1)) + argi = 0; /* Lol libwebrtc */ + err = f_dupfd(argi, filp, O_CLOEXEC); + break; +-- +2.43.0 + diff --git a/modules/nixos-apple-silicon/apple-silicon-support/packages/linux-asahi/config b/modules/nixos-apple-silicon/apple-silicon-support/packages/linux-asahi/config new file mode 100644 index 000000000000..18639f02111b --- /dev/null +++ b/modules/nixos-apple-silicon/apple-silicon-support/packages/linux-asahi/config @@ -0,0 +1,7845 @@ +# originally from https://github.com/AsahiLinux/PKGBUILDs/blob/main/linux-asahi/config +# note that this file is not passed to the kernel verbatim, it is parsed and run through `make config`, so stuff below like compiler version will be automatically adjusted for NixOS + +# +# Automatically generated file; DO NOT EDIT. +# Linux/arm64 6.5.0 Kernel Configuration +# +CONFIG_CC_VERSION_TEXT="gcc (GCC) 12.1.0" +CONFIG_CC_IS_GCC=y +CONFIG_GCC_VERSION=120100 +CONFIG_CLANG_VERSION=0 +CONFIG_AS_IS_GNU=y +CONFIG_AS_VERSION=23800 +CONFIG_LD_IS_BFD=y +CONFIG_LD_VERSION=23800 +CONFIG_LLD_VERSION=0 +CONFIG_RUST_IS_AVAILABLE=y +CONFIG_CC_CAN_LINK=y +CONFIG_CC_CAN_LINK_STATIC=y +CONFIG_CC_HAS_ASM_GOTO_OUTPUT=y +CONFIG_CC_HAS_ASM_GOTO_TIED_OUTPUT=y +CONFIG_CC_HAS_ASM_INLINE=y +CONFIG_CC_HAS_NO_PROFILE_FN_ATTR=y +CONFIG_PAHOLE_VERSION=125 +CONFIG_CONSTRUCTORS=y +CONFIG_IRQ_WORK=y +CONFIG_BUILDTIME_TABLE_SORT=y +CONFIG_THREAD_INFO_IN_TASK=y + +# +# General setup +# +CONFIG_INIT_ENV_ARG_LIMIT=32 +# CONFIG_COMPILE_TEST is not set +# CONFIG_WERROR is not set +# CONFIG_LOCALVERSION="-ARCH" +# CONFIG_LOCALVERSION_AUTO is not set +CONFIG_BUILD_SALT="" +CONFIG_DEFAULT_INIT="" +CONFIG_DEFAULT_HOSTNAME="(none)" +CONFIG_SYSVIPC=y +CONFIG_SYSVIPC_SYSCTL=y +CONFIG_POSIX_MQUEUE=y +CONFIG_POSIX_MQUEUE_SYSCTL=y +CONFIG_WATCH_QUEUE=y +CONFIG_CROSS_MEMORY_ATTACH=y +# CONFIG_USELIB is not set +CONFIG_AUDIT=y +CONFIG_HAVE_ARCH_AUDITSYSCALL=y +CONFIG_AUDITSYSCALL=y + +# +# IRQ subsystem +# +CONFIG_GENERIC_IRQ_PROBE=y +CONFIG_GENERIC_IRQ_SHOW=y +CONFIG_GENERIC_IRQ_SHOW_LEVEL=y +CONFIG_GENERIC_IRQ_EFFECTIVE_AFF_MASK=y +CONFIG_GENERIC_IRQ_MIGRATION=y +CONFIG_GENERIC_IRQ_INJECTION=y +CONFIG_HARDIRQS_SW_RESEND=y +CONFIG_IRQ_DOMAIN=y +CONFIG_IRQ_DOMAIN_HIERARCHY=y +CONFIG_GENERIC_IRQ_IPI=y +CONFIG_GENERIC_IRQ_IPI_MUX=y +CONFIG_GENERIC_MSI_IRQ=y +CONFIG_IRQ_MSI_IOMMU=y +CONFIG_IRQ_FORCED_THREADING=y +CONFIG_SPARSE_IRQ=y +# CONFIG_GENERIC_IRQ_DEBUGFS is not set +# end of IRQ subsystem + +CONFIG_GENERIC_TIME_VSYSCALL=y +CONFIG_GENERIC_CLOCKEVENTS=y +CONFIG_ARCH_HAS_TICK_BROADCAST=y +CONFIG_GENERIC_CLOCKEVENTS_BROADCAST=y +CONFIG_HAVE_POSIX_CPU_TIMERS_TASK_WORK=y +CONFIG_POSIX_CPU_TIMERS_TASK_WORK=y +CONFIG_CONTEXT_TRACKING=y +CONFIG_CONTEXT_TRACKING_IDLE=y + +# +# Timers subsystem +# +CONFIG_TICK_ONESHOT=y +CONFIG_NO_HZ_COMMON=y +# CONFIG_HZ_PERIODIC is not set +# CONFIG_NO_HZ_IDLE is not set +CONFIG_NO_HZ_FULL=y +CONFIG_CONTEXT_TRACKING_USER=y +# CONFIG_CONTEXT_TRACKING_USER_FORCE is not set +# CONFIG_NO_HZ is not set +CONFIG_HIGH_RES_TIMERS=y +# end of Timers subsystem + +CONFIG_BPF=y +CONFIG_HAVE_EBPF_JIT=y +CONFIG_ARCH_WANT_DEFAULT_BPF_JIT=y + +# +# BPF subsystem +# +CONFIG_BPF_SYSCALL=y +CONFIG_BPF_JIT=y +# CONFIG_BPF_JIT_ALWAYS_ON is not set +CONFIG_BPF_JIT_DEFAULT_ON=y +# CONFIG_BPF_UNPRIV_DEFAULT_OFF is not set +CONFIG_USERMODE_DRIVER=y +# CONFIG_BPF_PRELOAD is not set +# end of BPF subsystem + +CONFIG_PREEMPT_BUILD=y +# CONFIG_PREEMPT_NONE is not set +# CONFIG_PREEMPT_VOLUNTARY is not set +CONFIG_PREEMPT=y +CONFIG_PREEMPT_COUNT=y +CONFIG_PREEMPTION=y +CONFIG_PREEMPT_DYNAMIC=y +# CONFIG_SCHED_CORE is not set + +# +# CPU/Task time and stats accounting +# +CONFIG_VIRT_CPU_ACCOUNTING=y +CONFIG_VIRT_CPU_ACCOUNTING_GEN=y +CONFIG_IRQ_TIME_ACCOUNTING=y +CONFIG_HAVE_SCHED_AVG_IRQ=y +CONFIG_SCHED_THERMAL_PRESSURE=y +CONFIG_BSD_PROCESS_ACCT=y +CONFIG_BSD_PROCESS_ACCT_V3=y +CONFIG_TASKSTATS=y +CONFIG_TASK_DELAY_ACCT=y +CONFIG_TASK_XACCT=y +CONFIG_TASK_IO_ACCOUNTING=y +CONFIG_PSI=y +# CONFIG_PSI_DEFAULT_DISABLED is not set +# end of CPU/Task time and stats accounting + +CONFIG_CPU_ISOLATION=y + +# +# RCU Subsystem +# +CONFIG_TREE_RCU=y +CONFIG_PREEMPT_RCU=y +# CONFIG_RCU_EXPERT is not set +CONFIG_TREE_SRCU=y +CONFIG_TASKS_RCU_GENERIC=y +CONFIG_TASKS_RCU=y +CONFIG_TASKS_TRACE_RCU=y +CONFIG_RCU_STALL_COMMON=y +CONFIG_RCU_NEED_SEGCBLIST=y +CONFIG_RCU_NOCB_CPU=y +# CONFIG_RCU_NOCB_CPU_DEFAULT_ALL is not set +# CONFIG_RCU_LAZY is not set +# end of RCU Subsystem + +CONFIG_IKCONFIG=y +CONFIG_IKCONFIG_PROC=y +# CONFIG_IKHEADERS is not set +CONFIG_LOG_BUF_SHIFT=18 +CONFIG_LOG_CPU_MAX_BUF_SHIFT=12 +# CONFIG_PRINTK_INDEX is not set +CONFIG_GENERIC_SCHED_CLOCK=y + +# +# Scheduler features +# +# CONFIG_UCLAMP_TASK is not set +# end of Scheduler features + +CONFIG_ARCH_SUPPORTS_NUMA_BALANCING=y +CONFIG_CC_HAS_INT128=y +CONFIG_CC_IMPLICIT_FALLTHROUGH="-Wimplicit-fallthrough=5" +CONFIG_GCC11_NO_ARRAY_BOUNDS=y +CONFIG_CC_NO_ARRAY_BOUNDS=y +CONFIG_ARCH_SUPPORTS_INT128=y +CONFIG_CGROUPS=y +CONFIG_PAGE_COUNTER=y +# CONFIG_CGROUP_FAVOR_DYNMODS is not set +CONFIG_MEMCG=y +CONFIG_MEMCG_KMEM=y +CONFIG_BLK_CGROUP=y +CONFIG_CGROUP_WRITEBACK=y +CONFIG_CGROUP_SCHED=y +CONFIG_FAIR_GROUP_SCHED=y +CONFIG_CFS_BANDWIDTH=y +# CONFIG_RT_GROUP_SCHED is not set +CONFIG_SCHED_MM_CID=y +CONFIG_CGROUP_PIDS=y +CONFIG_CGROUP_RDMA=y +CONFIG_CGROUP_FREEZER=y +CONFIG_CGROUP_HUGETLB=y +CONFIG_CPUSETS=y +CONFIG_PROC_PID_CPUSET=y +CONFIG_CGROUP_DEVICE=y +CONFIG_CGROUP_CPUACCT=y +CONFIG_CGROUP_PERF=y +CONFIG_CGROUP_BPF=y +CONFIG_CGROUP_MISC=y +# CONFIG_CGROUP_DEBUG is not set +CONFIG_SOCK_CGROUP_DATA=y +CONFIG_NAMESPACES=y +CONFIG_UTS_NS=y +CONFIG_TIME_NS=y +CONFIG_IPC_NS=y +CONFIG_USER_NS=y +CONFIG_PID_NS=y +CONFIG_NET_NS=y +CONFIG_CHECKPOINT_RESTORE=y +CONFIG_SCHED_AUTOGROUP=y +CONFIG_RELAY=y +CONFIG_BLK_DEV_INITRD=y +CONFIG_INITRAMFS_SOURCE="" +CONFIG_RD_GZIP=y +CONFIG_RD_BZIP2=y +CONFIG_RD_LZMA=y +CONFIG_RD_XZ=y +CONFIG_RD_LZO=y +CONFIG_RD_LZ4=y +CONFIG_RD_ZSTD=y +CONFIG_BOOT_CONFIG=y +# CONFIG_BOOT_CONFIG_FORCE is not set +# CONFIG_BOOT_CONFIG_EMBED is not set +CONFIG_INITRAMFS_PRESERVE_MTIME=y +CONFIG_CC_OPTIMIZE_FOR_PERFORMANCE=y +# CONFIG_CC_OPTIMIZE_FOR_SIZE is not set +CONFIG_LD_ORPHAN_WARN=y +CONFIG_LD_ORPHAN_WARN_LEVEL="warn" +CONFIG_SYSCTL=y +CONFIG_SYSCTL_EXCEPTION_TRACE=y +CONFIG_EXPERT=y +CONFIG_MULTIUSER=y +# CONFIG_SGETMASK_SYSCALL is not set +CONFIG_SYSFS_SYSCALL=y +CONFIG_FHANDLE=y +CONFIG_POSIX_TIMERS=y +CONFIG_PRINTK=y +CONFIG_BUG=y +CONFIG_ELF_CORE=y +CONFIG_BASE_FULL=y +CONFIG_FUTEX=y +CONFIG_FUTEX_PI=y +CONFIG_EPOLL=y +CONFIG_SIGNALFD=y +CONFIG_TIMERFD=y +CONFIG_EVENTFD=y +CONFIG_SHMEM=y +CONFIG_AIO=y +CONFIG_IO_URING=y +CONFIG_ADVISE_SYSCALLS=y +CONFIG_MEMBARRIER=y +CONFIG_KALLSYMS=y +# CONFIG_KALLSYMS_SELFTEST is not set +CONFIG_KALLSYMS_ALL=y +CONFIG_KALLSYMS_BASE_RELATIVE=y +CONFIG_ARCH_HAS_MEMBARRIER_SYNC_CORE=y +CONFIG_KCMP=y +CONFIG_RSEQ=y +CONFIG_CACHESTAT_SYSCALL=y +# CONFIG_DEBUG_RSEQ is not set +# CONFIG_EMBEDDED is not set +CONFIG_HAVE_PERF_EVENTS=y +CONFIG_GUEST_PERF_EVENTS=y +# CONFIG_PC104 is not set + +# +# Kernel Performance Events And Counters +# +CONFIG_PERF_EVENTS=y +# CONFIG_DEBUG_PERF_USE_VMALLOC is not set +# end of Kernel Performance Events And Counters + +CONFIG_SYSTEM_DATA_VERIFICATION=y +CONFIG_PROFILING=y +CONFIG_RUSTC_VERSION_TEXT="rustc 1.72.1 (d5c2e9c34 2023-09-13) (Arch Linux rust 1:1.72.1-1)" +CONFIG_BINDGEN_VERSION_TEXT="bindgen 0.68.1" +# end of General setup + +CONFIG_ARM64=y +CONFIG_GCC_SUPPORTS_DYNAMIC_FTRACE_WITH_ARGS=y +CONFIG_64BIT=y +CONFIG_MMU=y +CONFIG_ARM64_PAGE_SHIFT=14 +CONFIG_ARM64_CONT_PTE_SHIFT=7 +CONFIG_ARM64_CONT_PMD_SHIFT=5 +CONFIG_ARCH_MMAP_RND_BITS_MIN=16 +CONFIG_ARCH_MMAP_RND_BITS_MAX=31 +CONFIG_ARCH_MMAP_RND_COMPAT_BITS_MIN=9 +CONFIG_ARCH_MMAP_RND_COMPAT_BITS_MAX=16 +CONFIG_STACKTRACE_SUPPORT=y +CONFIG_ILLEGAL_POINTER_VALUE=0xdead000000000000 +CONFIG_LOCKDEP_SUPPORT=y +CONFIG_GENERIC_BUG=y +CONFIG_GENERIC_BUG_RELATIVE_POINTERS=y +CONFIG_GENERIC_HWEIGHT=y +CONFIG_GENERIC_CSUM=y +CONFIG_GENERIC_CALIBRATE_DELAY=y +CONFIG_ARCH_MHP_MEMMAP_ON_MEMORY_ENABLE=y +CONFIG_SMP=y +CONFIG_KERNEL_MODE_NEON=y +CONFIG_FIX_EARLYCON_MEM=y +CONFIG_PGTABLE_LEVELS=4 +CONFIG_ARCH_SUPPORTS_UPROBES=y +CONFIG_ARCH_PROC_KCORE_TEXT=y +CONFIG_BUILTIN_RETURN_ADDRESS_STRIPS_PAC=y +CONFIG_ARM64_ACTLR_STATE=y + +# +# Platform selection +# +# CONFIG_ARCH_ACTIONS is not set +# CONFIG_ARCH_SUNXI is not set +# CONFIG_ARCH_ALPINE is not set +CONFIG_ARCH_APPLE=y +# CONFIG_ARCH_BCM is not set +# CONFIG_ARCH_BERLIN is not set +# CONFIG_ARCH_BITMAIN is not set +# CONFIG_ARCH_EXYNOS is not set +# CONFIG_ARCH_SPARX5 is not set +# CONFIG_ARCH_K3 is not set +# CONFIG_ARCH_LG1K is not set +# CONFIG_ARCH_HISI is not set +# CONFIG_ARCH_KEEMBAY is not set +# CONFIG_ARCH_MEDIATEK is not set +# CONFIG_ARCH_MESON is not set +# CONFIG_ARCH_MVEBU is not set +# CONFIG_ARCH_NXP is not set +# CONFIG_ARCH_MA35 is not set +# CONFIG_ARCH_NPCM is not set +# CONFIG_ARCH_QCOM is not set +# CONFIG_ARCH_REALTEK is not set +# CONFIG_ARCH_RENESAS is not set +# CONFIG_ARCH_ROCKCHIP is not set +# CONFIG_ARCH_SEATTLE is not set +# CONFIG_ARCH_INTEL_SOCFPGA is not set +# CONFIG_ARCH_STM32 is not set +# CONFIG_ARCH_SYNQUACER is not set +# CONFIG_ARCH_TEGRA is not set +# CONFIG_ARCH_SPRD is not set +# CONFIG_ARCH_THUNDER is not set +# CONFIG_ARCH_THUNDER2 is not set +# CONFIG_ARCH_UNIPHIER is not set +# CONFIG_ARCH_VEXPRESS is not set +# CONFIG_ARCH_VISCONTI is not set +# CONFIG_ARCH_XGENE is not set +# CONFIG_ARCH_ZYNQMP is not set +# end of Platform selection + +# +# Kernel Features +# + +# +# ARM errata workarounds via the alternatives framework +# +# CONFIG_AMPERE_ERRATUM_AC03_CPU_38 is not set +# CONFIG_ARM64_ERRATUM_826319 is not set +# CONFIG_ARM64_ERRATUM_827319 is not set +# CONFIG_ARM64_ERRATUM_824069 is not set +# CONFIG_ARM64_ERRATUM_819472 is not set +# CONFIG_ARM64_ERRATUM_832075 is not set +# CONFIG_ARM64_ERRATUM_834220 is not set +# CONFIG_ARM64_ERRATUM_843419 is not set +CONFIG_ARM64_LD_HAS_FIX_ERRATUM_843419=y +# CONFIG_ARM64_ERRATUM_1024718 is not set +# CONFIG_ARM64_ERRATUM_1165522 is not set +# CONFIG_ARM64_ERRATUM_1319367 is not set +# CONFIG_ARM64_ERRATUM_1530923 is not set +# CONFIG_ARM64_ERRATUM_2441007 is not set +# CONFIG_ARM64_ERRATUM_1286807 is not set +# CONFIG_ARM64_ERRATUM_1463225 is not set +# CONFIG_ARM64_ERRATUM_1542419 is not set +# CONFIG_ARM64_ERRATUM_1508412 is not set +# CONFIG_ARM64_ERRATUM_2051678 is not set +# CONFIG_ARM64_ERRATUM_2077057 is not set +# CONFIG_ARM64_ERRATUM_2658417 is not set +# CONFIG_ARM64_ERRATUM_2054223 is not set +# CONFIG_ARM64_ERRATUM_2067961 is not set +# CONFIG_ARM64_ERRATUM_2441009 is not set +# CONFIG_ARM64_ERRATUM_2457168 is not set +# CONFIG_ARM64_ERRATUM_2645198 is not set +# CONFIG_CAVIUM_ERRATUM_22375 is not set +# CONFIG_CAVIUM_ERRATUM_23154 is not set +# CONFIG_CAVIUM_ERRATUM_27456 is not set +# CONFIG_CAVIUM_ERRATUM_30115 is not set +# CONFIG_CAVIUM_TX2_ERRATUM_219 is not set +# CONFIG_FUJITSU_ERRATUM_010001 is not set +# CONFIG_HISILICON_ERRATUM_161600802 is not set +# CONFIG_QCOM_FALKOR_ERRATUM_1003 is not set +# CONFIG_QCOM_FALKOR_ERRATUM_1009 is not set +# CONFIG_QCOM_QDF2400_ERRATUM_0065 is not set +# CONFIG_QCOM_FALKOR_ERRATUM_E1041 is not set +# CONFIG_NVIDIA_CARMEL_CNP_ERRATUM is not set +# CONFIG_ROCKCHIP_ERRATUM_3588001 is not set +# CONFIG_SOCIONEXT_SYNQUACER_PREITS is not set +# end of ARM errata workarounds via the alternatives framework + +# CONFIG_ARM64_4K_PAGES is not set +CONFIG_ARM64_16K_PAGES=y +# CONFIG_ARM64_64K_PAGES is not set +# CONFIG_ARM64_VA_BITS_36 is not set +# CONFIG_ARM64_VA_BITS_47 is not set +CONFIG_ARM64_VA_BITS_48=y +CONFIG_ARM64_VA_BITS=48 +CONFIG_ARM64_PA_BITS_48=y +CONFIG_ARM64_PA_BITS=48 +# CONFIG_CPU_BIG_ENDIAN is not set +CONFIG_CPU_LITTLE_ENDIAN=y +CONFIG_SCHED_MC=y +CONFIG_SCHED_CLUSTER=y +CONFIG_SCHED_SMT=y +CONFIG_NR_CPUS=64 +CONFIG_HOTPLUG_CPU=y +# CONFIG_NUMA is not set +# CONFIG_HZ_100 is not set +# CONFIG_HZ_250 is not set +# CONFIG_HZ_300 is not set +CONFIG_HZ_1000=y +CONFIG_HZ=1000 +CONFIG_SCHED_HRTICK=y +CONFIG_ARCH_SPARSEMEM_ENABLE=y +CONFIG_HW_PERF_EVENTS=y +CONFIG_CC_HAVE_SHADOW_CALL_STACK=y +CONFIG_PARAVIRT=y +CONFIG_PARAVIRT_TIME_ACCOUNTING=y +CONFIG_KEXEC_FILE=y +# CONFIG_KEXEC_SIG is not set +# CONFIG_CRASH_DUMP is not set +CONFIG_TRANS_TABLE=y +# CONFIG_XEN is not set +CONFIG_ARCH_FORCE_MAX_ORDER=11 +CONFIG_UNMAP_KERNEL_AT_EL0=y +CONFIG_MITIGATE_SPECTRE_BRANCH_HISTORY=y +CONFIG_RODATA_FULL_DEFAULT_ENABLED=y +# CONFIG_ARM64_SW_TTBR0_PAN is not set +CONFIG_ARM64_TAGGED_ADDR_ABI=y +# CONFIG_COMPAT is not set + +# +# ARMv8.1 architectural features +# +CONFIG_ARM64_HW_AFDBM=y +CONFIG_ARM64_PAN=y +CONFIG_AS_HAS_LDAPR=y +CONFIG_AS_HAS_LSE_ATOMICS=y +CONFIG_ARM64_LSE_ATOMICS=y +CONFIG_ARM64_USE_LSE_ATOMICS=y +# end of ARMv8.1 architectural features + +# +# ARMv8.2 architectural features +# +CONFIG_AS_HAS_ARMV8_2=y +CONFIG_AS_HAS_SHA3=y +# CONFIG_ARM64_PMEM is not set +CONFIG_ARM64_RAS_EXTN=y +CONFIG_ARM64_CNP=y +# end of ARMv8.2 architectural features + +# +# ARMv8.3 architectural features +# +CONFIG_ARM64_PTR_AUTH=y +CONFIG_ARM64_PTR_AUTH_KERNEL=y +CONFIG_CC_HAS_BRANCH_PROT_PAC_RET=y +CONFIG_CC_HAS_SIGN_RETURN_ADDRESS=y +CONFIG_AS_HAS_ARMV8_3=y +CONFIG_AS_HAS_CFI_NEGATE_RA_STATE=y +# end of ARMv8.3 architectural features + +# +# ARMv8.4 architectural features +# +CONFIG_ARM64_AMU_EXTN=y +CONFIG_AS_HAS_ARMV8_4=y +CONFIG_ARM64_TLB_RANGE=y +# end of ARMv8.4 architectural features + +# +# ARMv8.5 architectural features +# +CONFIG_AS_HAS_ARMV8_5=y +CONFIG_ARM64_BTI=y +CONFIG_CC_HAS_BRANCH_PROT_PAC_RET_BTI=y +CONFIG_ARM64_E0PD=y +CONFIG_ARM64_AS_HAS_MTE=y +CONFIG_ARM64_MTE=y +# end of ARMv8.5 architectural features + +# +# ARMv8.7 architectural features +# +CONFIG_ARM64_EPAN=y +# end of ARMv8.7 architectural features + +CONFIG_ARM64_SVE=y +CONFIG_ARM64_SME=y +# CONFIG_ARM64_PSEUDO_NMI is not set +CONFIG_ARM64_MEMORY_MODEL_CONTROL=y +CONFIG_RELOCATABLE=y +# CONFIG_RANDOMIZE_BASE is not set +CONFIG_CC_HAVE_STACKPROTECTOR_SYSREG=y +CONFIG_STACKPROTECTOR_PER_TASK=y +# end of Kernel Features + +# +# Boot options +# +CONFIG_CMDLINE="" +CONFIG_EFI_STUB=y +CONFIG_EFI=y +CONFIG_DMI=y +# end of Boot options + +# +# Power management options +# +# CONFIG_SUSPEND is not set +# CONFIG_HIBERNATION is not set +CONFIG_PM=y +CONFIG_PM_DEBUG=y +# CONFIG_PM_ADVANCED_DEBUG is not set +# CONFIG_DPM_WATCHDOG is not set +CONFIG_PM_CLK=y +CONFIG_PM_GENERIC_DOMAINS=y +# CONFIG_WQ_POWER_EFFICIENT_DEFAULT is not set +CONFIG_PM_GENERIC_DOMAINS_OF=y +CONFIG_CPU_PM=y +CONFIG_ENERGY_MODEL=y +CONFIG_ARCH_HIBERNATION_POSSIBLE=y +CONFIG_ARCH_SUSPEND_POSSIBLE=y +# end of Power management options + +# +# CPU Power Management +# + +# +# CPU Idle +# +CONFIG_CPU_IDLE=y +CONFIG_CPU_IDLE_MULTIPLE_DRIVERS=y +CONFIG_CPU_IDLE_GOV_LADDER=y +CONFIG_CPU_IDLE_GOV_MENU=y +CONFIG_CPU_IDLE_GOV_TEO=y +CONFIG_DT_IDLE_STATES=y +CONFIG_DT_IDLE_GENPD=y + +# +# ARM CPU Idle Drivers +# +CONFIG_ARM_PSCI_CPUIDLE=y +CONFIG_ARM_PSCI_CPUIDLE_DOMAIN=y +# end of ARM CPU Idle Drivers +# end of CPU Idle + +# +# CPU Frequency scaling +# +CONFIG_CPU_FREQ=y +CONFIG_CPU_FREQ_GOV_ATTR_SET=y +CONFIG_CPU_FREQ_GOV_COMMON=y +CONFIG_CPU_FREQ_STAT=y +# CONFIG_CPU_FREQ_DEFAULT_GOV_PERFORMANCE is not set +# CONFIG_CPU_FREQ_DEFAULT_GOV_POWERSAVE is not set +# CONFIG_CPU_FREQ_DEFAULT_GOV_USERSPACE is not set +# CONFIG_CPU_FREQ_DEFAULT_GOV_ONDEMAND is not set +# CONFIG_CPU_FREQ_DEFAULT_GOV_CONSERVATIVE is not set +CONFIG_CPU_FREQ_DEFAULT_GOV_SCHEDUTIL=y +CONFIG_CPU_FREQ_GOV_PERFORMANCE=y +CONFIG_CPU_FREQ_GOV_POWERSAVE=y +CONFIG_CPU_FREQ_GOV_USERSPACE=y +CONFIG_CPU_FREQ_GOV_ONDEMAND=y +CONFIG_CPU_FREQ_GOV_CONSERVATIVE=y +CONFIG_CPU_FREQ_GOV_SCHEDUTIL=y + +# +# CPU frequency scaling drivers +# +CONFIG_CPUFREQ_DT=y +CONFIG_CPUFREQ_DT_PLATDEV=y +CONFIG_ARM_APPLE_SOC_CPUFREQ=m +# end of CPU Frequency scaling +# end of CPU Power Management + +CONFIG_ARCH_SUPPORTS_ACPI=y +# CONFIG_ACPI is not set +CONFIG_IRQ_BYPASS_MANAGER=y +CONFIG_HAVE_KVM=y +CONFIG_HAVE_KVM_IRQCHIP=y +CONFIG_HAVE_KVM_IRQFD=y +CONFIG_HAVE_KVM_IRQ_ROUTING=y +CONFIG_HAVE_KVM_DIRTY_RING=y +CONFIG_HAVE_KVM_DIRTY_RING_ACQ_REL=y +CONFIG_NEED_KVM_DIRTY_RING_WITH_BITMAP=y +CONFIG_HAVE_KVM_EVENTFD=y +CONFIG_KVM_MMIO=y +CONFIG_HAVE_KVM_MSI=y +CONFIG_HAVE_KVM_CPU_RELAX_INTERCEPT=y +CONFIG_KVM_VFIO=y +CONFIG_HAVE_KVM_ARCH_TLB_FLUSH_ALL=y +CONFIG_KVM_GENERIC_DIRTYLOG_READ_PROTECT=y +CONFIG_HAVE_KVM_IRQ_BYPASS=y +CONFIG_HAVE_KVM_VCPU_RUN_PID_CHANGE=y +CONFIG_KVM_XFER_TO_GUEST_WORK=y +CONFIG_KVM_GENERIC_HARDWARE_ENABLING=y +CONFIG_VIRTUALIZATION=y +CONFIG_KVM=y +# CONFIG_NVHE_EL2_DEBUG is not set + +# +# General architecture-dependent options +# +CONFIG_CRASH_CORE=y +CONFIG_KEXEC_CORE=y +CONFIG_ARCH_HAS_SUBPAGE_FAULTS=y +CONFIG_HOTPLUG_CORE_SYNC=y +CONFIG_HOTPLUG_CORE_SYNC_DEAD=y +CONFIG_KPROBES=y +CONFIG_JUMP_LABEL=y +# CONFIG_STATIC_KEYS_SELFTEST is not set +CONFIG_HAVE_EFFICIENT_UNALIGNED_ACCESS=y +CONFIG_KRETPROBES=y +CONFIG_HAVE_IOREMAP_PROT=y +CONFIG_HAVE_KPROBES=y +CONFIG_HAVE_KRETPROBES=y +CONFIG_ARCH_CORRECT_STACKTRACE_ON_KRETPROBE=y +CONFIG_HAVE_FUNCTION_ERROR_INJECTION=y +CONFIG_HAVE_NMI=y +CONFIG_TRACE_IRQFLAGS_SUPPORT=y +CONFIG_TRACE_IRQFLAGS_NMI_SUPPORT=y +CONFIG_HAVE_ARCH_TRACEHOOK=y +CONFIG_HAVE_DMA_CONTIGUOUS=y +CONFIG_GENERIC_SMP_IDLE_THREAD=y +CONFIG_GENERIC_IDLE_POLL_SETUP=y +CONFIG_ARCH_HAS_FORTIFY_SOURCE=y +CONFIG_ARCH_HAS_KEEPINITRD=y +CONFIG_ARCH_HAS_SET_MEMORY=y +CONFIG_ARCH_HAS_SET_DIRECT_MAP=y +CONFIG_HAVE_ARCH_THREAD_STRUCT_WHITELIST=y +CONFIG_ARCH_WANTS_NO_INSTR=y +CONFIG_HAVE_ASM_MODVERSIONS=y +CONFIG_HAVE_REGS_AND_STACK_ACCESS_API=y +CONFIG_HAVE_RSEQ=y +CONFIG_HAVE_RUST=y +CONFIG_HAVE_FUNCTION_ARG_ACCESS_API=y +CONFIG_HAVE_HW_BREAKPOINT=y +CONFIG_HAVE_PERF_REGS=y +CONFIG_HAVE_PERF_USER_STACK_DUMP=y +CONFIG_HAVE_ARCH_JUMP_LABEL=y +CONFIG_HAVE_ARCH_JUMP_LABEL_RELATIVE=y +CONFIG_MMU_GATHER_TABLE_FREE=y +CONFIG_MMU_GATHER_RCU_TABLE_FREE=y +CONFIG_MMU_LAZY_TLB_REFCOUNT=y +CONFIG_ARCH_HAVE_NMI_SAFE_CMPXCHG=y +CONFIG_ARCH_HAS_NMI_SAFE_THIS_CPU_OPS=y +CONFIG_HAVE_ALIGNED_STRUCT_PAGE=y +CONFIG_HAVE_CMPXCHG_LOCAL=y +CONFIG_HAVE_CMPXCHG_DOUBLE=y +CONFIG_HAVE_ARCH_SECCOMP=y +CONFIG_HAVE_ARCH_SECCOMP_FILTER=y +CONFIG_SECCOMP=y +CONFIG_SECCOMP_FILTER=y +# CONFIG_SECCOMP_CACHE_DEBUG is not set +CONFIG_HAVE_ARCH_STACKLEAK=y +CONFIG_HAVE_STACKPROTECTOR=y +CONFIG_STACKPROTECTOR=y +CONFIG_STACKPROTECTOR_STRONG=y +CONFIG_ARCH_SUPPORTS_SHADOW_CALL_STACK=y +# CONFIG_SHADOW_CALL_STACK is not set +CONFIG_ARCH_SUPPORTS_LTO_CLANG=y +CONFIG_ARCH_SUPPORTS_LTO_CLANG_THIN=y +CONFIG_LTO_NONE=y +CONFIG_ARCH_SUPPORTS_CFI_CLANG=y +CONFIG_HAVE_CONTEXT_TRACKING_USER=y +CONFIG_HAVE_VIRT_CPU_ACCOUNTING_GEN=y +CONFIG_HAVE_IRQ_TIME_ACCOUNTING=y +CONFIG_HAVE_MOVE_PUD=y +CONFIG_HAVE_MOVE_PMD=y +CONFIG_HAVE_ARCH_TRANSPARENT_HUGEPAGE=y +CONFIG_HAVE_ARCH_HUGE_VMAP=y +CONFIG_HAVE_ARCH_HUGE_VMALLOC=y +CONFIG_ARCH_WANT_HUGE_PMD_SHARE=y +CONFIG_HAVE_MOD_ARCH_SPECIFIC=y +CONFIG_MODULES_USE_ELF_RELA=y +CONFIG_HAVE_SOFTIRQ_ON_OWN_STACK=y +CONFIG_SOFTIRQ_ON_OWN_STACK=y +CONFIG_ARCH_HAS_ELF_RANDOMIZE=y +CONFIG_HAVE_ARCH_MMAP_RND_BITS=y +CONFIG_ARCH_MMAP_RND_BITS=18 +CONFIG_PAGE_SIZE_LESS_THAN_64KB=y +CONFIG_PAGE_SIZE_LESS_THAN_256KB=y +CONFIG_ARCH_WANT_DEFAULT_TOPDOWN_MMAP_LAYOUT=y +CONFIG_CLONE_BACKWARDS=y +CONFIG_COMPAT_32BIT_TIME=y +CONFIG_HAVE_ARCH_VMAP_STACK=y +CONFIG_VMAP_STACK=y +CONFIG_HAVE_ARCH_RANDOMIZE_KSTACK_OFFSET=y +CONFIG_RANDOMIZE_KSTACK_OFFSET=y +# CONFIG_RANDOMIZE_KSTACK_OFFSET_DEFAULT is not set +CONFIG_ARCH_HAS_STRICT_KERNEL_RWX=y +CONFIG_STRICT_KERNEL_RWX=y +CONFIG_ARCH_HAS_STRICT_MODULE_RWX=y +CONFIG_STRICT_MODULE_RWX=y +CONFIG_HAVE_ARCH_COMPILER_H=y +CONFIG_HAVE_ARCH_PREL32_RELOCATIONS=y +CONFIG_ARCH_USE_MEMREMAP_PROT=y +# CONFIG_LOCK_EVENT_COUNTS is not set +CONFIG_ARCH_HAS_RELR=y +CONFIG_HAVE_PREEMPT_DYNAMIC=y +CONFIG_HAVE_PREEMPT_DYNAMIC_KEY=y +CONFIG_ARCH_WANT_LD_ORPHAN_WARN=y +CONFIG_ARCH_SUPPORTS_DEBUG_PAGEALLOC=y +CONFIG_ARCH_SUPPORTS_PAGE_TABLE_CHECK=y +CONFIG_ARCH_HAVE_TRACE_MMIO_ACCESS=y + +# +# GCOV-based kernel profiling +# +# CONFIG_GCOV_KERNEL is not set +CONFIG_ARCH_HAS_GCOV_PROFILE_ALL=y +# end of GCOV-based kernel profiling + +CONFIG_HAVE_GCC_PLUGINS=y +# CONFIG_GCC_PLUGINS is not set +CONFIG_FUNCTION_ALIGNMENT_4B=y +CONFIG_FUNCTION_ALIGNMENT=4 +# end of General architecture-dependent options + +CONFIG_RT_MUTEXES=y +CONFIG_BASE_SMALL=0 +CONFIG_MODULES=y +# CONFIG_MODULE_DEBUG is not set +# CONFIG_MODULE_FORCE_LOAD is not set +CONFIG_MODULE_UNLOAD=y +# CONFIG_MODULE_FORCE_UNLOAD is not set +# CONFIG_MODULE_UNLOAD_TAINT_TRACKING is not set +# CONFIG_MODVERSIONS is not set +# CONFIG_MODULE_SRCVERSION_ALL is not set +# CONFIG_MODULE_SIG is not set +# CONFIG_MODULE_COMPRESS_NONE is not set +# CONFIG_MODULE_COMPRESS_GZIP is not set +# CONFIG_MODULE_COMPRESS_XZ is not set +CONFIG_MODULE_COMPRESS_ZSTD=y +# CONFIG_MODULE_DECOMPRESS is not set +# CONFIG_MODULE_ALLOW_MISSING_NAMESPACE_IMPORTS is not set +CONFIG_MODPROBE_PATH="/sbin/modprobe" +# CONFIG_TRIM_UNUSED_KSYMS is not set +CONFIG_MODULES_TREE_LOOKUP=y +CONFIG_BLOCK=y +CONFIG_BLOCK_LEGACY_AUTOLOAD=y +CONFIG_BLK_RQ_ALLOC_TIME=y +CONFIG_BLK_CGROUP_RWSTAT=y +CONFIG_BLK_CGROUP_PUNT_BIO=y +CONFIG_BLK_DEV_BSG_COMMON=y +CONFIG_BLK_ICQ=y +CONFIG_BLK_DEV_BSGLIB=y +CONFIG_BLK_DEV_INTEGRITY=y +CONFIG_BLK_DEV_INTEGRITY_T10=y +CONFIG_BLK_DEV_ZONED=y +CONFIG_BLK_DEV_THROTTLING=y +# CONFIG_BLK_DEV_THROTTLING_LOW is not set +CONFIG_BLK_WBT=y +CONFIG_BLK_WBT_MQ=y +# CONFIG_BLK_CGROUP_IOLATENCY is not set +CONFIG_BLK_CGROUP_IOCOST=y +CONFIG_BLK_CGROUP_IOPRIO=y +CONFIG_BLK_DEBUG_FS=y +CONFIG_BLK_DEBUG_FS_ZONED=y +CONFIG_BLK_SED_OPAL=y +# CONFIG_BLK_INLINE_ENCRYPTION is not set + +# +# Partition Types +# +CONFIG_PARTITION_ADVANCED=y +# CONFIG_ACORN_PARTITION is not set +CONFIG_AIX_PARTITION=y +CONFIG_OSF_PARTITION=y +CONFIG_AMIGA_PARTITION=y +# CONFIG_ATARI_PARTITION is not set +CONFIG_MAC_PARTITION=y +CONFIG_MSDOS_PARTITION=y +CONFIG_BSD_DISKLABEL=y +CONFIG_MINIX_SUBPARTITION=y +CONFIG_SOLARIS_X86_PARTITION=y +CONFIG_UNIXWARE_DISKLABEL=y +CONFIG_LDM_PARTITION=y +# CONFIG_LDM_DEBUG is not set +CONFIG_SGI_PARTITION=y +# CONFIG_ULTRIX_PARTITION is not set +CONFIG_SUN_PARTITION=y +CONFIG_KARMA_PARTITION=y +CONFIG_EFI_PARTITION=y +# CONFIG_SYSV68_PARTITION is not set +# CONFIG_CMDLINE_PARTITION is not set +# end of Partition Types + +CONFIG_BLK_MQ_PCI=y +CONFIG_BLK_MQ_VIRTIO=y +CONFIG_BLK_PM=y +CONFIG_BLOCK_HOLDER_DEPRECATED=y +CONFIG_BLK_MQ_STACKING=y + +# +# IO Schedulers +# +CONFIG_MQ_IOSCHED_DEADLINE=y +CONFIG_MQ_IOSCHED_KYBER=y +CONFIG_IOSCHED_BFQ=y +CONFIG_BFQ_GROUP_IOSCHED=y +# CONFIG_BFQ_CGROUP_DEBUG is not set +# end of IO Schedulers + +CONFIG_PREEMPT_NOTIFIERS=y +CONFIG_PADATA=y +CONFIG_ASN1=y +CONFIG_UNINLINE_SPIN_UNLOCK=y +CONFIG_ARCH_SUPPORTS_ATOMIC_RMW=y +CONFIG_MUTEX_SPIN_ON_OWNER=y +CONFIG_RWSEM_SPIN_ON_OWNER=y +CONFIG_LOCK_SPIN_ON_OWNER=y +CONFIG_ARCH_USE_QUEUED_SPINLOCKS=y +CONFIG_QUEUED_SPINLOCKS=y +CONFIG_ARCH_USE_QUEUED_RWLOCKS=y +CONFIG_QUEUED_RWLOCKS=y +CONFIG_ARCH_HAS_NON_OVERLAPPING_ADDRESS_SPACE=y +CONFIG_ARCH_HAS_SYSCALL_WRAPPER=y +CONFIG_FREEZER=y + +# +# Executable file formats +# +CONFIG_BINFMT_ELF=y +CONFIG_ARCH_BINFMT_ELF_STATE=y +CONFIG_ARCH_BINFMT_ELF_EXTRA_PHDRS=y +CONFIG_ARCH_HAVE_ELF_PROT=y +CONFIG_ARCH_USE_GNU_PROPERTY=y +CONFIG_ELFCORE=y +CONFIG_CORE_DUMP_DEFAULT_ELF_HEADERS=y +CONFIG_BINFMT_SCRIPT=y +CONFIG_BINFMT_MISC=y +CONFIG_COREDUMP=y +# end of Executable file formats + +# +# Memory Management options +# +CONFIG_ZPOOL=y +CONFIG_SWAP=y +CONFIG_ZSWAP=y +# CONFIG_ZSWAP_DEFAULT_ON is not set +# CONFIG_ZSWAP_EXCLUSIVE_LOADS_DEFAULT_ON is not set +# CONFIG_ZSWAP_COMPRESSOR_DEFAULT_DEFLATE is not set +CONFIG_ZSWAP_COMPRESSOR_DEFAULT_LZO=y +# CONFIG_ZSWAP_COMPRESSOR_DEFAULT_842 is not set +# CONFIG_ZSWAP_COMPRESSOR_DEFAULT_LZ4 is not set +# CONFIG_ZSWAP_COMPRESSOR_DEFAULT_LZ4HC is not set +# CONFIG_ZSWAP_COMPRESSOR_DEFAULT_ZSTD is not set +CONFIG_ZSWAP_COMPRESSOR_DEFAULT="lzo" +CONFIG_ZSWAP_ZPOOL_DEFAULT_ZBUD=y +# CONFIG_ZSWAP_ZPOOL_DEFAULT_Z3FOLD is not set +# CONFIG_ZSWAP_ZPOOL_DEFAULT_ZSMALLOC is not set +CONFIG_ZSWAP_ZPOOL_DEFAULT="zbud" +CONFIG_ZBUD=y +CONFIG_Z3FOLD=y +CONFIG_ZSMALLOC=y +# CONFIG_ZSMALLOC_STAT is not set +CONFIG_ZSMALLOC_CHAIN_SIZE=8 + +# +# SLAB allocator options +# +# CONFIG_SLAB_DEPRECATED is not set +CONFIG_SLUB=y +# CONFIG_SLUB_TINY is not set +CONFIG_SLAB_MERGE_DEFAULT=y +CONFIG_SLAB_FREELIST_RANDOM=y +# CONFIG_SLAB_FREELIST_HARDENED is not set +# CONFIG_SLUB_STATS is not set +CONFIG_SLUB_CPU_PARTIAL=y +# end of SLAB allocator options + +# CONFIG_SHUFFLE_PAGE_ALLOCATOR is not set +# CONFIG_COMPAT_BRK is not set +CONFIG_SPARSEMEM=y +CONFIG_SPARSEMEM_EXTREME=y +CONFIG_SPARSEMEM_VMEMMAP_ENABLE=y +CONFIG_SPARSEMEM_VMEMMAP=y +CONFIG_HAVE_FAST_GUP=y +CONFIG_ARCH_KEEP_MEMBLOCK=y +CONFIG_MEMORY_ISOLATION=y +CONFIG_EXCLUSIVE_SYSTEM_RAM=y +CONFIG_ARCH_ENABLE_MEMORY_HOTPLUG=y +CONFIG_ARCH_ENABLE_MEMORY_HOTREMOVE=y +# CONFIG_MEMORY_HOTPLUG is not set +CONFIG_SPLIT_PTLOCK_CPUS=4 +CONFIG_ARCH_ENABLE_SPLIT_PMD_PTLOCK=y +CONFIG_MEMORY_BALLOON=y +CONFIG_BALLOON_COMPACTION=y +CONFIG_COMPACTION=y +CONFIG_COMPACT_UNEVICTABLE_DEFAULT=1 +CONFIG_PAGE_REPORTING=y +CONFIG_MIGRATION=y +CONFIG_ARCH_ENABLE_HUGEPAGE_MIGRATION=y +CONFIG_CONTIG_ALLOC=y +CONFIG_PHYS_ADDR_T_64BIT=y +CONFIG_MMU_NOTIFIER=y +CONFIG_KSM=y +CONFIG_DEFAULT_MMAP_MIN_ADDR=32768 +CONFIG_ARCH_SUPPORTS_MEMORY_FAILURE=y +# CONFIG_MEMORY_FAILURE is not set +# CONFIG_TRANSPARENT_HUGEPAGE is not set +CONFIG_FRONTSWAP=y +CONFIG_CMA=y +# CONFIG_CMA_DEBUG is not set +CONFIG_CMA_DEBUGFS=y +# CONFIG_CMA_SYSFS is not set +CONFIG_CMA_AREAS=7 +CONFIG_GENERIC_EARLY_IOREMAP=y +# CONFIG_DEFERRED_STRUCT_PAGE_INIT is not set +# CONFIG_IDLE_PAGE_TRACKING is not set +CONFIG_ARCH_HAS_CACHE_LINE_SIZE=y +CONFIG_ARCH_HAS_CURRENT_STACK_POINTER=y +CONFIG_ARCH_HAS_PTE_DEVMAP=y +CONFIG_ARCH_HAS_ZONE_DMA_SET=y +CONFIG_ZONE_DMA=y +CONFIG_ZONE_DMA32=y +CONFIG_ARCH_USES_HIGH_VMA_FLAGS=y +CONFIG_ARCH_USES_PG_ARCH_X=y +CONFIG_VM_EVENT_COUNTERS=y +# CONFIG_PERCPU_STATS is not set +# CONFIG_GUP_TEST is not set +# CONFIG_DMAPOOL_TEST is not set +CONFIG_ARCH_HAS_PTE_SPECIAL=y +CONFIG_SECRETMEM=y +# CONFIG_ANON_VMA_NAME is not set +# CONFIG_USERFAULTFD is not set +# CONFIG_LRU_GEN is not set +CONFIG_ARCH_SUPPORTS_PER_VMA_LOCK=y +CONFIG_PER_VMA_LOCK=y +CONFIG_LOCK_MM_AND_FIND_VMA=y + +# +# Data Access Monitoring +# +# CONFIG_DAMON is not set +# end of Data Access Monitoring +# end of Memory Management options + +CONFIG_NET=y +CONFIG_NET_INGRESS=y +CONFIG_NET_EGRESS=y +CONFIG_NET_REDIRECT=y +CONFIG_SKB_EXTENSIONS=y + +# +# Networking options +# +CONFIG_PACKET=y +CONFIG_PACKET_DIAG=m +CONFIG_UNIX=y +CONFIG_UNIX_SCM=y +CONFIG_AF_UNIX_OOB=y +CONFIG_UNIX_DIAG=m +CONFIG_TLS=m +# CONFIG_TLS_DEVICE is not set +# CONFIG_TLS_TOE is not set +CONFIG_XFRM=y +CONFIG_XFRM_ALGO=y +CONFIG_XFRM_USER=y +# CONFIG_XFRM_INTERFACE is not set +CONFIG_XFRM_SUB_POLICY=y +CONFIG_XFRM_MIGRATE=y +CONFIG_XFRM_STATISTICS=y +CONFIG_XFRM_AH=m +CONFIG_XFRM_ESP=m +CONFIG_XFRM_IPCOMP=m +CONFIG_NET_KEY=m +CONFIG_NET_KEY_MIGRATE=y +# CONFIG_XDP_SOCKETS is not set +CONFIG_NET_HANDSHAKE=y +CONFIG_INET=y +CONFIG_IP_MULTICAST=y +CONFIG_IP_ADVANCED_ROUTER=y +CONFIG_IP_FIB_TRIE_STATS=y +CONFIG_IP_MULTIPLE_TABLES=y +CONFIG_IP_ROUTE_MULTIPATH=y +CONFIG_IP_ROUTE_VERBOSE=y +CONFIG_IP_ROUTE_CLASSID=y +# CONFIG_IP_PNP is not set +CONFIG_NET_IPIP=m +CONFIG_NET_IPGRE_DEMUX=m +CONFIG_NET_IP_TUNNEL=m +CONFIG_NET_IPGRE=m +CONFIG_NET_IPGRE_BROADCAST=y +CONFIG_IP_MROUTE_COMMON=y +CONFIG_IP_MROUTE=y +CONFIG_IP_MROUTE_MULTIPLE_TABLES=y +CONFIG_IP_PIMSM_V1=y +CONFIG_IP_PIMSM_V2=y +CONFIG_SYN_COOKIES=y +CONFIG_NET_IPVTI=m +CONFIG_NET_UDP_TUNNEL=m +CONFIG_NET_FOU=m +CONFIG_NET_FOU_IP_TUNNELS=y +CONFIG_INET_AH=m +CONFIG_INET_ESP=m +# CONFIG_INET_ESP_OFFLOAD is not set +# CONFIG_INET_ESPINTCP is not set +CONFIG_INET_IPCOMP=m +CONFIG_INET_TABLE_PERTURB_ORDER=16 +CONFIG_INET_XFRM_TUNNEL=m +CONFIG_INET_TUNNEL=m +CONFIG_INET_DIAG=m +CONFIG_INET_TCP_DIAG=m +CONFIG_INET_UDP_DIAG=m +CONFIG_INET_RAW_DIAG=m +# CONFIG_INET_DIAG_DESTROY is not set +CONFIG_TCP_CONG_ADVANCED=y +CONFIG_TCP_CONG_BIC=m +CONFIG_TCP_CONG_CUBIC=y +CONFIG_TCP_CONG_WESTWOOD=m +CONFIG_TCP_CONG_HTCP=m +CONFIG_TCP_CONG_HSTCP=m +CONFIG_TCP_CONG_HYBLA=m +CONFIG_TCP_CONG_VEGAS=m +CONFIG_TCP_CONG_NV=m +CONFIG_TCP_CONG_SCALABLE=m +CONFIG_TCP_CONG_LP=m +CONFIG_TCP_CONG_VENO=m +CONFIG_TCP_CONG_YEAH=m +CONFIG_TCP_CONG_ILLINOIS=m +CONFIG_TCP_CONG_DCTCP=m +CONFIG_TCP_CONG_CDG=m +CONFIG_TCP_CONG_BBR=m +CONFIG_DEFAULT_CUBIC=y +# CONFIG_DEFAULT_RENO is not set +CONFIG_DEFAULT_TCP_CONG="cubic" +CONFIG_TCP_MD5SIG=y +CONFIG_IPV6=y +CONFIG_IPV6_ROUTER_PREF=y +CONFIG_IPV6_ROUTE_INFO=y +CONFIG_IPV6_OPTIMISTIC_DAD=y +CONFIG_INET6_AH=m +CONFIG_INET6_ESP=m +# CONFIG_INET6_ESP_OFFLOAD is not set +# CONFIG_INET6_ESPINTCP is not set +CONFIG_INET6_IPCOMP=m +CONFIG_IPV6_MIP6=y +CONFIG_IPV6_ILA=m +CONFIG_INET6_XFRM_TUNNEL=m +CONFIG_INET6_TUNNEL=m +CONFIG_IPV6_VTI=m +CONFIG_IPV6_SIT=m +CONFIG_IPV6_SIT_6RD=y +CONFIG_IPV6_NDISC_NODETYPE=y +CONFIG_IPV6_TUNNEL=m +CONFIG_IPV6_GRE=m +CONFIG_IPV6_FOU=m +CONFIG_IPV6_FOU_TUNNEL=m +CONFIG_IPV6_MULTIPLE_TABLES=y +CONFIG_IPV6_SUBTREES=y +CONFIG_IPV6_MROUTE=y +CONFIG_IPV6_MROUTE_MULTIPLE_TABLES=y +CONFIG_IPV6_PIMSM_V2=y +CONFIG_IPV6_SEG6_LWTUNNEL=y +CONFIG_IPV6_SEG6_HMAC=y +CONFIG_IPV6_SEG6_BPF=y +# CONFIG_IPV6_RPL_LWTUNNEL is not set +# CONFIG_IPV6_IOAM6_LWTUNNEL is not set +CONFIG_NETLABEL=y +CONFIG_MPTCP=y +CONFIG_INET_MPTCP_DIAG=m +CONFIG_MPTCP_IPV6=y +# CONFIG_NETWORK_SECMARK is not set +CONFIG_NET_PTP_CLASSIFY=y +CONFIG_NETWORK_PHY_TIMESTAMPING=y +CONFIG_NETFILTER=y +CONFIG_NETFILTER_ADVANCED=y +CONFIG_BRIDGE_NETFILTER=m + +# +# Core Netfilter Configuration +# +CONFIG_NETFILTER_INGRESS=y +CONFIG_NETFILTER_EGRESS=y +CONFIG_NETFILTER_SKIP_EGRESS=y +CONFIG_NETFILTER_NETLINK=m +CONFIG_NETFILTER_FAMILY_BRIDGE=y +CONFIG_NETFILTER_FAMILY_ARP=y +CONFIG_NETFILTER_BPF_LINK=y +CONFIG_NETFILTER_NETLINK_HOOK=m +CONFIG_NETFILTER_NETLINK_ACCT=m +CONFIG_NETFILTER_NETLINK_QUEUE=m +CONFIG_NETFILTER_NETLINK_LOG=m +CONFIG_NETFILTER_NETLINK_OSF=m +CONFIG_NF_CONNTRACK=m +CONFIG_NF_LOG_SYSLOG=m +CONFIG_NETFILTER_CONNCOUNT=m +CONFIG_NF_CONNTRACK_MARK=y +CONFIG_NF_CONNTRACK_ZONES=y +CONFIG_NF_CONNTRACK_PROCFS=y +CONFIG_NF_CONNTRACK_EVENTS=y +CONFIG_NF_CONNTRACK_TIMEOUT=y +CONFIG_NF_CONNTRACK_TIMESTAMP=y +CONFIG_NF_CONNTRACK_LABELS=y +CONFIG_NF_CONNTRACK_OVS=y +CONFIG_NF_CT_PROTO_DCCP=y +CONFIG_NF_CT_PROTO_GRE=y +CONFIG_NF_CT_PROTO_SCTP=y +CONFIG_NF_CT_PROTO_UDPLITE=y +CONFIG_NF_CONNTRACK_AMANDA=m +CONFIG_NF_CONNTRACK_FTP=m +CONFIG_NF_CONNTRACK_H323=m +CONFIG_NF_CONNTRACK_IRC=m +CONFIG_NF_CONNTRACK_BROADCAST=m +CONFIG_NF_CONNTRACK_NETBIOS_NS=m +CONFIG_NF_CONNTRACK_SNMP=m +CONFIG_NF_CONNTRACK_PPTP=m +CONFIG_NF_CONNTRACK_SANE=m +CONFIG_NF_CONNTRACK_SIP=m +CONFIG_NF_CONNTRACK_TFTP=m +CONFIG_NF_CT_NETLINK=m +CONFIG_NF_CT_NETLINK_TIMEOUT=m +CONFIG_NF_CT_NETLINK_HELPER=m +CONFIG_NETFILTER_NETLINK_GLUE_CT=y +CONFIG_NF_NAT=m +CONFIG_NF_NAT_AMANDA=m +CONFIG_NF_NAT_FTP=m +CONFIG_NF_NAT_IRC=m +CONFIG_NF_NAT_SIP=m +CONFIG_NF_NAT_TFTP=m +CONFIG_NF_NAT_REDIRECT=y +CONFIG_NF_NAT_MASQUERADE=y +CONFIG_NF_NAT_OVS=y +CONFIG_NETFILTER_SYNPROXY=m +CONFIG_NF_TABLES=m +CONFIG_NF_TABLES_INET=y +CONFIG_NF_TABLES_NETDEV=y +CONFIG_NFT_NUMGEN=m +CONFIG_NFT_CT=m +CONFIG_NFT_FLOW_OFFLOAD=m +CONFIG_NFT_CONNLIMIT=m +CONFIG_NFT_LOG=m +CONFIG_NFT_LIMIT=m +CONFIG_NFT_MASQ=m +CONFIG_NFT_REDIR=m +CONFIG_NFT_NAT=m +CONFIG_NFT_TUNNEL=m +CONFIG_NFT_QUEUE=m +CONFIG_NFT_QUOTA=m +CONFIG_NFT_REJECT=m +CONFIG_NFT_REJECT_INET=m +CONFIG_NFT_COMPAT=m +CONFIG_NFT_HASH=m +CONFIG_NFT_FIB=m +CONFIG_NFT_FIB_INET=m +CONFIG_NFT_XFRM=m +CONFIG_NFT_SOCKET=m +CONFIG_NFT_OSF=m +CONFIG_NFT_TPROXY=m +CONFIG_NFT_SYNPROXY=m +CONFIG_NF_DUP_NETDEV=m +CONFIG_NFT_DUP_NETDEV=m +CONFIG_NFT_FWD_NETDEV=m +CONFIG_NFT_FIB_NETDEV=m +CONFIG_NFT_REJECT_NETDEV=m +CONFIG_NF_FLOW_TABLE_INET=m +CONFIG_NF_FLOW_TABLE=m +# CONFIG_NF_FLOW_TABLE_PROCFS is not set +CONFIG_NETFILTER_XTABLES=y + +# +# Xtables combined modules +# +CONFIG_NETFILTER_XT_MARK=m +CONFIG_NETFILTER_XT_CONNMARK=m +CONFIG_NETFILTER_XT_SET=m + +# +# Xtables targets +# +CONFIG_NETFILTER_XT_TARGET_AUDIT=m +CONFIG_NETFILTER_XT_TARGET_CHECKSUM=m +CONFIG_NETFILTER_XT_TARGET_CLASSIFY=m +CONFIG_NETFILTER_XT_TARGET_CONNMARK=m +CONFIG_NETFILTER_XT_TARGET_CT=m +CONFIG_NETFILTER_XT_TARGET_DSCP=m +CONFIG_NETFILTER_XT_TARGET_HL=m +CONFIG_NETFILTER_XT_TARGET_HMARK=m +CONFIG_NETFILTER_XT_TARGET_IDLETIMER=m +CONFIG_NETFILTER_XT_TARGET_LED=m +CONFIG_NETFILTER_XT_TARGET_LOG=m +CONFIG_NETFILTER_XT_TARGET_MARK=m +CONFIG_NETFILTER_XT_NAT=m +CONFIG_NETFILTER_XT_TARGET_NETMAP=m +CONFIG_NETFILTER_XT_TARGET_NFLOG=m +CONFIG_NETFILTER_XT_TARGET_NFQUEUE=m +# CONFIG_NETFILTER_XT_TARGET_NOTRACK is not set +CONFIG_NETFILTER_XT_TARGET_RATEEST=m +CONFIG_NETFILTER_XT_TARGET_REDIRECT=m +CONFIG_NETFILTER_XT_TARGET_MASQUERADE=m +CONFIG_NETFILTER_XT_TARGET_TEE=m +CONFIG_NETFILTER_XT_TARGET_TPROXY=m +CONFIG_NETFILTER_XT_TARGET_TRACE=m +CONFIG_NETFILTER_XT_TARGET_TCPMSS=m +CONFIG_NETFILTER_XT_TARGET_TCPOPTSTRIP=m + +# +# Xtables matches +# +CONFIG_NETFILTER_XT_MATCH_ADDRTYPE=m +CONFIG_NETFILTER_XT_MATCH_BPF=m +CONFIG_NETFILTER_XT_MATCH_CGROUP=m +CONFIG_NETFILTER_XT_MATCH_CLUSTER=m +CONFIG_NETFILTER_XT_MATCH_COMMENT=m +CONFIG_NETFILTER_XT_MATCH_CONNBYTES=m +CONFIG_NETFILTER_XT_MATCH_CONNLABEL=m +CONFIG_NETFILTER_XT_MATCH_CONNLIMIT=m +CONFIG_NETFILTER_XT_MATCH_CONNMARK=m +CONFIG_NETFILTER_XT_MATCH_CONNTRACK=m +CONFIG_NETFILTER_XT_MATCH_CPU=m +CONFIG_NETFILTER_XT_MATCH_DCCP=m +CONFIG_NETFILTER_XT_MATCH_DEVGROUP=m +CONFIG_NETFILTER_XT_MATCH_DSCP=m +CONFIG_NETFILTER_XT_MATCH_ECN=m +CONFIG_NETFILTER_XT_MATCH_ESP=m +CONFIG_NETFILTER_XT_MATCH_HASHLIMIT=m +CONFIG_NETFILTER_XT_MATCH_HELPER=m +CONFIG_NETFILTER_XT_MATCH_HL=m +CONFIG_NETFILTER_XT_MATCH_IPCOMP=m +CONFIG_NETFILTER_XT_MATCH_IPRANGE=m +CONFIG_NETFILTER_XT_MATCH_IPVS=m +CONFIG_NETFILTER_XT_MATCH_L2TP=m +CONFIG_NETFILTER_XT_MATCH_LENGTH=m +CONFIG_NETFILTER_XT_MATCH_LIMIT=m +CONFIG_NETFILTER_XT_MATCH_MAC=m +CONFIG_NETFILTER_XT_MATCH_MARK=m +CONFIG_NETFILTER_XT_MATCH_MULTIPORT=m +CONFIG_NETFILTER_XT_MATCH_NFACCT=m +CONFIG_NETFILTER_XT_MATCH_OSF=m +CONFIG_NETFILTER_XT_MATCH_OWNER=m +CONFIG_NETFILTER_XT_MATCH_POLICY=m +CONFIG_NETFILTER_XT_MATCH_PHYSDEV=m +CONFIG_NETFILTER_XT_MATCH_PKTTYPE=m +CONFIG_NETFILTER_XT_MATCH_QUOTA=m +CONFIG_NETFILTER_XT_MATCH_RATEEST=m +CONFIG_NETFILTER_XT_MATCH_REALM=m +CONFIG_NETFILTER_XT_MATCH_RECENT=m +CONFIG_NETFILTER_XT_MATCH_SCTP=m +CONFIG_NETFILTER_XT_MATCH_SOCKET=m +CONFIG_NETFILTER_XT_MATCH_STATE=m +CONFIG_NETFILTER_XT_MATCH_STATISTIC=m +CONFIG_NETFILTER_XT_MATCH_STRING=m +CONFIG_NETFILTER_XT_MATCH_TCPMSS=m +CONFIG_NETFILTER_XT_MATCH_TIME=m +CONFIG_NETFILTER_XT_MATCH_U32=m +# end of Core Netfilter Configuration + +CONFIG_IP_SET=m +CONFIG_IP_SET_MAX=256 +CONFIG_IP_SET_BITMAP_IP=m +CONFIG_IP_SET_BITMAP_IPMAC=m +CONFIG_IP_SET_BITMAP_PORT=m +CONFIG_IP_SET_HASH_IP=m +CONFIG_IP_SET_HASH_IPMARK=m +CONFIG_IP_SET_HASH_IPPORT=m +CONFIG_IP_SET_HASH_IPPORTIP=m +CONFIG_IP_SET_HASH_IPPORTNET=m +CONFIG_IP_SET_HASH_IPMAC=m +CONFIG_IP_SET_HASH_MAC=m +CONFIG_IP_SET_HASH_NETPORTNET=m +CONFIG_IP_SET_HASH_NET=m +CONFIG_IP_SET_HASH_NETNET=m +CONFIG_IP_SET_HASH_NETPORT=m +CONFIG_IP_SET_HASH_NETIFACE=m +CONFIG_IP_SET_LIST_SET=m +CONFIG_IP_VS=m +CONFIG_IP_VS_IPV6=y +# CONFIG_IP_VS_DEBUG is not set +CONFIG_IP_VS_TAB_BITS=12 + +# +# IPVS transport protocol load balancing support +# +CONFIG_IP_VS_PROTO_TCP=y +CONFIG_IP_VS_PROTO_UDP=y +CONFIG_IP_VS_PROTO_AH_ESP=y +CONFIG_IP_VS_PROTO_ESP=y +CONFIG_IP_VS_PROTO_AH=y +CONFIG_IP_VS_PROTO_SCTP=y + +# +# IPVS scheduler +# +CONFIG_IP_VS_RR=m +CONFIG_IP_VS_WRR=m +CONFIG_IP_VS_LC=m +CONFIG_IP_VS_WLC=m +CONFIG_IP_VS_FO=m +CONFIG_IP_VS_OVF=m +CONFIG_IP_VS_LBLC=m +CONFIG_IP_VS_LBLCR=m +CONFIG_IP_VS_DH=m +CONFIG_IP_VS_SH=m +CONFIG_IP_VS_MH=m +CONFIG_IP_VS_SED=m +CONFIG_IP_VS_NQ=m +CONFIG_IP_VS_TWOS=m + +# +# IPVS SH scheduler +# +CONFIG_IP_VS_SH_TAB_BITS=8 + +# +# IPVS MH scheduler +# +CONFIG_IP_VS_MH_TAB_INDEX=12 + +# +# IPVS application helper +# +CONFIG_IP_VS_FTP=m +CONFIG_IP_VS_NFCT=y +CONFIG_IP_VS_PE_SIP=m + +# +# IP: Netfilter Configuration +# +CONFIG_NF_DEFRAG_IPV4=m +CONFIG_NF_SOCKET_IPV4=m +CONFIG_NF_TPROXY_IPV4=m +CONFIG_NF_TABLES_IPV4=y +CONFIG_NFT_REJECT_IPV4=m +CONFIG_NFT_DUP_IPV4=m +CONFIG_NFT_FIB_IPV4=m +CONFIG_NF_TABLES_ARP=y +CONFIG_NF_DUP_IPV4=m +CONFIG_NF_LOG_ARP=m +CONFIG_NF_LOG_IPV4=m +CONFIG_NF_REJECT_IPV4=y +CONFIG_NF_NAT_SNMP_BASIC=m +CONFIG_NF_NAT_PPTP=m +CONFIG_NF_NAT_H323=m +CONFIG_IP_NF_IPTABLES=y +CONFIG_IP_NF_MATCH_AH=m +CONFIG_IP_NF_MATCH_ECN=m +CONFIG_IP_NF_MATCH_RPFILTER=m +CONFIG_IP_NF_MATCH_TTL=m +CONFIG_IP_NF_FILTER=m +CONFIG_IP_NF_TARGET_REJECT=m +CONFIG_IP_NF_TARGET_SYNPROXY=m +CONFIG_IP_NF_NAT=m +CONFIG_IP_NF_TARGET_MASQUERADE=m +CONFIG_IP_NF_TARGET_NETMAP=m +CONFIG_IP_NF_TARGET_REDIRECT=m +CONFIG_IP_NF_MANGLE=m +CONFIG_IP_NF_TARGET_ECN=m +CONFIG_IP_NF_TARGET_TTL=m +CONFIG_IP_NF_RAW=m +CONFIG_IP_NF_SECURITY=m +CONFIG_IP_NF_ARPTABLES=m +CONFIG_IP_NF_ARPFILTER=m +CONFIG_IP_NF_ARP_MANGLE=m +# end of IP: Netfilter Configuration + +# +# IPv6: Netfilter Configuration +# +CONFIG_NF_SOCKET_IPV6=m +CONFIG_NF_TPROXY_IPV6=m +CONFIG_NF_TABLES_IPV6=y +CONFIG_NFT_REJECT_IPV6=m +CONFIG_NFT_DUP_IPV6=m +CONFIG_NFT_FIB_IPV6=m +CONFIG_NF_DUP_IPV6=m +CONFIG_NF_REJECT_IPV6=m +CONFIG_NF_LOG_IPV6=m +CONFIG_IP6_NF_IPTABLES=m +CONFIG_IP6_NF_MATCH_AH=m +CONFIG_IP6_NF_MATCH_EUI64=m +CONFIG_IP6_NF_MATCH_FRAG=m +CONFIG_IP6_NF_MATCH_OPTS=m +CONFIG_IP6_NF_MATCH_HL=m +CONFIG_IP6_NF_MATCH_IPV6HEADER=m +CONFIG_IP6_NF_MATCH_MH=m +CONFIG_IP6_NF_MATCH_RPFILTER=m +CONFIG_IP6_NF_MATCH_RT=m +CONFIG_IP6_NF_MATCH_SRH=m +CONFIG_IP6_NF_TARGET_HL=m +CONFIG_IP6_NF_FILTER=m +CONFIG_IP6_NF_TARGET_REJECT=m +CONFIG_IP6_NF_TARGET_SYNPROXY=m +CONFIG_IP6_NF_MANGLE=m +CONFIG_IP6_NF_RAW=m +CONFIG_IP6_NF_SECURITY=m +CONFIG_IP6_NF_NAT=m +CONFIG_IP6_NF_TARGET_MASQUERADE=m +CONFIG_IP6_NF_TARGET_NPT=m +# end of IPv6: Netfilter Configuration + +CONFIG_NF_DEFRAG_IPV6=m +CONFIG_NF_TABLES_BRIDGE=m +CONFIG_NFT_BRIDGE_META=m +CONFIG_NFT_BRIDGE_REJECT=m +CONFIG_NF_CONNTRACK_BRIDGE=m +CONFIG_BRIDGE_NF_EBTABLES=m +CONFIG_BRIDGE_EBT_BROUTE=m +CONFIG_BRIDGE_EBT_T_FILTER=m +CONFIG_BRIDGE_EBT_T_NAT=m +CONFIG_BRIDGE_EBT_802_3=m +CONFIG_BRIDGE_EBT_AMONG=m +CONFIG_BRIDGE_EBT_ARP=m +CONFIG_BRIDGE_EBT_IP=m +CONFIG_BRIDGE_EBT_IP6=m +CONFIG_BRIDGE_EBT_LIMIT=m +CONFIG_BRIDGE_EBT_MARK=m +CONFIG_BRIDGE_EBT_PKTTYPE=m +CONFIG_BRIDGE_EBT_STP=m +CONFIG_BRIDGE_EBT_VLAN=m +CONFIG_BRIDGE_EBT_ARPREPLY=m +CONFIG_BRIDGE_EBT_DNAT=m +CONFIG_BRIDGE_EBT_MARK_T=m +CONFIG_BRIDGE_EBT_REDIRECT=m +CONFIG_BRIDGE_EBT_SNAT=m +CONFIG_BRIDGE_EBT_LOG=m +CONFIG_BRIDGE_EBT_NFLOG=m +CONFIG_BPFILTER=y +CONFIG_BPFILTER_UMH=m +CONFIG_IP_DCCP=m +CONFIG_INET_DCCP_DIAG=m + +# +# DCCP CCIDs Configuration +# +# CONFIG_IP_DCCP_CCID2_DEBUG is not set +CONFIG_IP_DCCP_CCID3=y +# CONFIG_IP_DCCP_CCID3_DEBUG is not set +CONFIG_IP_DCCP_TFRC_LIB=y +# end of DCCP CCIDs Configuration + +# +# DCCP Kernel Hacking +# +# CONFIG_IP_DCCP_DEBUG is not set +# end of DCCP Kernel Hacking + +CONFIG_IP_SCTP=m +# CONFIG_SCTP_DBG_OBJCNT is not set +# CONFIG_SCTP_DEFAULT_COOKIE_HMAC_MD5 is not set +CONFIG_SCTP_DEFAULT_COOKIE_HMAC_SHA1=y +# CONFIG_SCTP_DEFAULT_COOKIE_HMAC_NONE is not set +CONFIG_SCTP_COOKIE_HMAC_MD5=y +CONFIG_SCTP_COOKIE_HMAC_SHA1=y +CONFIG_INET_SCTP_DIAG=m +CONFIG_RDS=m +CONFIG_RDS_TCP=m +# CONFIG_RDS_DEBUG is not set +CONFIG_TIPC=m +CONFIG_TIPC_MEDIA_UDP=y +CONFIG_TIPC_CRYPTO=y +CONFIG_TIPC_DIAG=m +CONFIG_ATM=m +CONFIG_ATM_CLIP=m +# CONFIG_ATM_CLIP_NO_ICMP is not set +CONFIG_ATM_LANE=m +# CONFIG_ATM_MPOA is not set +CONFIG_ATM_BR2684=m +# CONFIG_ATM_BR2684_IPFILTER is not set +CONFIG_L2TP=m +CONFIG_L2TP_DEBUGFS=m +CONFIG_L2TP_V3=y +CONFIG_L2TP_IP=m +CONFIG_L2TP_ETH=m +CONFIG_STP=m +CONFIG_GARP=m +CONFIG_MRP=m +CONFIG_BRIDGE=m +CONFIG_BRIDGE_IGMP_SNOOPING=y +CONFIG_BRIDGE_VLAN_FILTERING=y +# CONFIG_BRIDGE_MRP is not set +# CONFIG_BRIDGE_CFM is not set +CONFIG_NET_DSA=m +CONFIG_NET_DSA_TAG_NONE=m +# CONFIG_NET_DSA_TAG_AR9331 is not set +CONFIG_NET_DSA_TAG_BRCM_COMMON=m +CONFIG_NET_DSA_TAG_BRCM=m +CONFIG_NET_DSA_TAG_BRCM_LEGACY=m +CONFIG_NET_DSA_TAG_BRCM_PREPEND=m +# CONFIG_NET_DSA_TAG_HELLCREEK is not set +# CONFIG_NET_DSA_TAG_GSWIP is not set +CONFIG_NET_DSA_TAG_DSA_COMMON=m +CONFIG_NET_DSA_TAG_DSA=m +CONFIG_NET_DSA_TAG_EDSA=m +# CONFIG_NET_DSA_TAG_MTK is not set +# CONFIG_NET_DSA_TAG_KSZ is not set +# CONFIG_NET_DSA_TAG_OCELOT is not set +# CONFIG_NET_DSA_TAG_OCELOT_8021Q is not set +CONFIG_NET_DSA_TAG_QCA=m +# CONFIG_NET_DSA_TAG_RTL4_A is not set +# CONFIG_NET_DSA_TAG_RTL8_4 is not set +# CONFIG_NET_DSA_TAG_RZN1_A5PSW is not set +# CONFIG_NET_DSA_TAG_LAN9303 is not set +# CONFIG_NET_DSA_TAG_SJA1105 is not set +CONFIG_NET_DSA_TAG_TRAILER=m +# CONFIG_NET_DSA_TAG_XRS700X is not set +CONFIG_VLAN_8021Q=m +CONFIG_VLAN_8021Q_GVRP=y +CONFIG_VLAN_8021Q_MVRP=y +CONFIG_LLC=m +# CONFIG_LLC2 is not set +CONFIG_ATALK=m +CONFIG_DEV_APPLETALK=m +CONFIG_IPDDP=m +CONFIG_IPDDP_ENCAP=y +# CONFIG_X25 is not set +# CONFIG_LAPB is not set +# CONFIG_PHONET is not set +CONFIG_6LOWPAN=m +# CONFIG_6LOWPAN_DEBUGFS is not set +CONFIG_6LOWPAN_NHC=m +CONFIG_6LOWPAN_NHC_DEST=m +CONFIG_6LOWPAN_NHC_FRAGMENT=m +CONFIG_6LOWPAN_NHC_HOP=m +CONFIG_6LOWPAN_NHC_IPV6=m +CONFIG_6LOWPAN_NHC_MOBILITY=m +CONFIG_6LOWPAN_NHC_ROUTING=m +CONFIG_6LOWPAN_NHC_UDP=m +CONFIG_6LOWPAN_GHC_EXT_HDR_HOP=m +CONFIG_6LOWPAN_GHC_UDP=m +CONFIG_6LOWPAN_GHC_ICMPV6=m +CONFIG_6LOWPAN_GHC_EXT_HDR_DEST=m +CONFIG_6LOWPAN_GHC_EXT_HDR_FRAG=m +CONFIG_6LOWPAN_GHC_EXT_HDR_ROUTE=m +CONFIG_IEEE802154=m +# CONFIG_IEEE802154_NL802154_EXPERIMENTAL is not set +CONFIG_IEEE802154_SOCKET=m +CONFIG_IEEE802154_6LOWPAN=m +CONFIG_MAC802154=m +CONFIG_NET_SCHED=y + +# +# Queueing/Scheduling +# +CONFIG_NET_SCH_HTB=m +CONFIG_NET_SCH_HFSC=m +CONFIG_NET_SCH_PRIO=m +CONFIG_NET_SCH_MULTIQ=m +CONFIG_NET_SCH_RED=m +CONFIG_NET_SCH_SFB=m +CONFIG_NET_SCH_SFQ=m +CONFIG_NET_SCH_TEQL=m +CONFIG_NET_SCH_TBF=m +CONFIG_NET_SCH_CBS=m +CONFIG_NET_SCH_ETF=m +CONFIG_NET_SCH_MQPRIO_LIB=m +CONFIG_NET_SCH_TAPRIO=m +CONFIG_NET_SCH_GRED=m +CONFIG_NET_SCH_NETEM=m +CONFIG_NET_SCH_DRR=m +CONFIG_NET_SCH_MQPRIO=m +CONFIG_NET_SCH_SKBPRIO=m +CONFIG_NET_SCH_CHOKE=m +CONFIG_NET_SCH_QFQ=m +CONFIG_NET_SCH_CODEL=m +CONFIG_NET_SCH_FQ_CODEL=y +CONFIG_NET_SCH_CAKE=m +CONFIG_NET_SCH_FQ=m +CONFIG_NET_SCH_HHF=m +CONFIG_NET_SCH_PIE=m +CONFIG_NET_SCH_FQ_PIE=m +CONFIG_NET_SCH_INGRESS=m +CONFIG_NET_SCH_PLUG=m +CONFIG_NET_SCH_ETS=m +# CONFIG_NET_SCH_DEFAULT is not set + +# +# Classification +# +CONFIG_NET_CLS=y +CONFIG_NET_CLS_BASIC=m +CONFIG_NET_CLS_ROUTE4=m +CONFIG_NET_CLS_FW=m +CONFIG_NET_CLS_U32=m +CONFIG_CLS_U32_PERF=y +CONFIG_CLS_U32_MARK=y +CONFIG_NET_CLS_FLOW=m +CONFIG_NET_CLS_CGROUP=y +CONFIG_NET_CLS_BPF=m +CONFIG_NET_CLS_FLOWER=m +CONFIG_NET_CLS_MATCHALL=m +CONFIG_NET_EMATCH=y +CONFIG_NET_EMATCH_STACK=32 +CONFIG_NET_EMATCH_CMP=m +CONFIG_NET_EMATCH_NBYTE=m +CONFIG_NET_EMATCH_U32=m +CONFIG_NET_EMATCH_META=m +CONFIG_NET_EMATCH_TEXT=m +CONFIG_NET_EMATCH_CANID=m +CONFIG_NET_EMATCH_IPSET=m +CONFIG_NET_EMATCH_IPT=m +CONFIG_NET_CLS_ACT=y +CONFIG_NET_ACT_POLICE=m +CONFIG_NET_ACT_GACT=m +CONFIG_GACT_PROB=y +CONFIG_NET_ACT_MIRRED=m +CONFIG_NET_ACT_SAMPLE=m +CONFIG_NET_ACT_IPT=m +CONFIG_NET_ACT_NAT=m +CONFIG_NET_ACT_PEDIT=m +CONFIG_NET_ACT_SIMP=m +CONFIG_NET_ACT_SKBEDIT=m +CONFIG_NET_ACT_CSUM=m +# CONFIG_NET_ACT_MPLS is not set +CONFIG_NET_ACT_VLAN=m +CONFIG_NET_ACT_BPF=m +CONFIG_NET_ACT_CONNMARK=m +CONFIG_NET_ACT_CTINFO=m +CONFIG_NET_ACT_SKBMOD=m +CONFIG_NET_ACT_IFE=m +CONFIG_NET_ACT_TUNNEL_KEY=m +CONFIG_NET_ACT_CT=m +CONFIG_NET_ACT_GATE=m +CONFIG_NET_IFE_SKBMARK=m +CONFIG_NET_IFE_SKBPRIO=m +CONFIG_NET_IFE_SKBTCINDEX=m +# CONFIG_NET_TC_SKB_EXT is not set +CONFIG_NET_SCH_FIFO=y +CONFIG_DCB=y +CONFIG_DNS_RESOLVER=y +CONFIG_BATMAN_ADV=m +# CONFIG_BATMAN_ADV_BATMAN_V is not set +CONFIG_BATMAN_ADV_BLA=y +CONFIG_BATMAN_ADV_DAT=y +CONFIG_BATMAN_ADV_NC=y +CONFIG_BATMAN_ADV_MCAST=y +# CONFIG_BATMAN_ADV_DEBUG is not set +CONFIG_OPENVSWITCH=m +CONFIG_OPENVSWITCH_GRE=m +CONFIG_OPENVSWITCH_VXLAN=m +CONFIG_OPENVSWITCH_GENEVE=m +CONFIG_VSOCKETS=m +CONFIG_VSOCKETS_DIAG=m +CONFIG_VSOCKETS_LOOPBACK=m +CONFIG_VIRTIO_VSOCKETS=m +CONFIG_VIRTIO_VSOCKETS_COMMON=m +CONFIG_NETLINK_DIAG=m +CONFIG_MPLS=y +CONFIG_NET_MPLS_GSO=m +CONFIG_MPLS_ROUTING=m +# CONFIG_MPLS_IPTUNNEL is not set +CONFIG_NET_NSH=m +# CONFIG_HSR is not set +CONFIG_NET_SWITCHDEV=y +CONFIG_NET_L3_MASTER_DEV=y +CONFIG_QRTR=m +CONFIG_QRTR_TUN=m +# CONFIG_NET_NCSI is not set +CONFIG_PCPU_DEV_REFCNT=y +CONFIG_MAX_SKB_FRAGS=17 +CONFIG_RPS=y +CONFIG_RFS_ACCEL=y +CONFIG_SOCK_RX_QUEUE_MAPPING=y +CONFIG_XPS=y +CONFIG_CGROUP_NET_PRIO=y +CONFIG_CGROUP_NET_CLASSID=y +CONFIG_NET_RX_BUSY_POLL=y +CONFIG_BQL=y +CONFIG_BPF_STREAM_PARSER=y +CONFIG_NET_FLOW_LIMIT=y + +# +# Network testing +# +CONFIG_NET_PKTGEN=m +# end of Network testing +# end of Networking options + +CONFIG_HAMRADIO=y + +# +# Packet Radio protocols +# +CONFIG_AX25=m +CONFIG_AX25_DAMA_SLAVE=y +CONFIG_NETROM=m +CONFIG_ROSE=m + +# +# AX.25 network device drivers +# +CONFIG_MKISS=m +CONFIG_6PACK=m +CONFIG_BPQETHER=m +CONFIG_BAYCOM_SER_FDX=m +CONFIG_BAYCOM_SER_HDX=m +CONFIG_YAM=m +# end of AX.25 network device drivers + +CONFIG_CAN=m +CONFIG_CAN_RAW=m +CONFIG_CAN_BCM=m +CONFIG_CAN_GW=m +# CONFIG_CAN_J1939 is not set +# CONFIG_CAN_ISOTP is not set +CONFIG_BT=m +CONFIG_BT_BREDR=y +CONFIG_BT_RFCOMM=m +CONFIG_BT_RFCOMM_TTY=y +CONFIG_BT_BNEP=m +CONFIG_BT_BNEP_MC_FILTER=y +CONFIG_BT_BNEP_PROTO_FILTER=y +CONFIG_BT_HIDP=m +CONFIG_BT_HS=y +CONFIG_BT_LE=y +CONFIG_BT_LE_L2CAP_ECRED=y +CONFIG_BT_6LOWPAN=m +# CONFIG_BT_LEDS is not set +CONFIG_BT_MSFTEXT=y +# CONFIG_BT_AOSPEXT is not set +# CONFIG_BT_DEBUGFS is not set +# CONFIG_BT_SELFTEST is not set + +# +# Bluetooth device drivers +# +CONFIG_BT_INTEL=m +CONFIG_BT_BCM=m +CONFIG_BT_RTL=m +CONFIG_BT_QCA=m +CONFIG_BT_HCIBTUSB=m +# CONFIG_BT_HCIBTUSB_AUTOSUSPEND is not set +CONFIG_BT_HCIBTUSB_POLL_SYNC=y +CONFIG_BT_HCIBTUSB_BCM=y +# CONFIG_BT_HCIBTUSB_MTK is not set +CONFIG_BT_HCIBTUSB_RTL=y +CONFIG_BT_HCIBTSDIO=m +CONFIG_BT_HCIUART=m +CONFIG_BT_HCIUART_SERDEV=y +CONFIG_BT_HCIUART_H4=y +# CONFIG_BT_HCIUART_NOKIA is not set +CONFIG_BT_HCIUART_BCSP=y +CONFIG_BT_HCIUART_ATH3K=y +CONFIG_BT_HCIUART_LL=y +CONFIG_BT_HCIUART_3WIRE=y +CONFIG_BT_HCIUART_INTEL=y +CONFIG_BT_HCIUART_BCM=y +CONFIG_BT_HCIUART_RTL=y +CONFIG_BT_HCIUART_QCA=y +# CONFIG_BT_HCIUART_AG6XX is not set +CONFIG_BT_HCIUART_MRVL=y +CONFIG_BT_HCIBCM203X=m +CONFIG_BT_HCIBCM4377=m +CONFIG_BT_HCIBPA10X=m +CONFIG_BT_HCIBFUSB=m +CONFIG_BT_HCIVHCI=m +CONFIG_BT_MRVL=m +CONFIG_BT_MRVL_SDIO=m +CONFIG_BT_ATH3K=m +# CONFIG_BT_MTKSDIO is not set +# CONFIG_BT_MTKUART is not set +CONFIG_BT_HCIRSI=m +# CONFIG_BT_VIRTIO is not set +# CONFIG_BT_NXPUART is not set +# end of Bluetooth device drivers + +# CONFIG_AF_RXRPC is not set +# CONFIG_AF_KCM is not set +CONFIG_STREAM_PARSER=y +# CONFIG_MCTP is not set +CONFIG_FIB_RULES=y +CONFIG_WIRELESS=y +CONFIG_WIRELESS_EXT=y +CONFIG_WEXT_CORE=y +CONFIG_WEXT_PROC=y +CONFIG_WEXT_SPY=y +CONFIG_WEXT_PRIV=y +CONFIG_CFG80211=m +# CONFIG_NL80211_TESTMODE is not set +# CONFIG_CFG80211_DEVELOPER_WARNINGS is not set +# CONFIG_CFG80211_CERTIFICATION_ONUS is not set +CONFIG_CFG80211_REQUIRE_SIGNED_REGDB=y +CONFIG_CFG80211_USE_KERNEL_REGDB_KEYS=y +CONFIG_CFG80211_DEFAULT_PS=y +CONFIG_CFG80211_DEBUGFS=y +CONFIG_CFG80211_CRDA_SUPPORT=y +CONFIG_CFG80211_WEXT=y +CONFIG_CFG80211_WEXT_EXPORT=y +CONFIG_LIB80211=m +# CONFIG_LIB80211_DEBUG is not set +CONFIG_MAC80211=m +CONFIG_MAC80211_HAS_RC=y +CONFIG_MAC80211_RC_MINSTREL=y +CONFIG_MAC80211_RC_DEFAULT_MINSTREL=y +CONFIG_MAC80211_RC_DEFAULT="minstrel_ht" +CONFIG_MAC80211_MESH=y +CONFIG_MAC80211_LEDS=y +CONFIG_MAC80211_DEBUGFS=y +# CONFIG_MAC80211_MESSAGE_TRACING is not set +# CONFIG_MAC80211_DEBUG_MENU is not set +CONFIG_MAC80211_STA_HASH_MAX_SIZE=0 +CONFIG_RFKILL=m +CONFIG_RFKILL_LEDS=y +CONFIG_RFKILL_INPUT=y +CONFIG_RFKILL_GPIO=m +CONFIG_NET_9P=m +CONFIG_NET_9P_FD=m +CONFIG_NET_9P_VIRTIO=m +# CONFIG_NET_9P_DEBUG is not set +# CONFIG_CAIF is not set +CONFIG_CEPH_LIB=m +# CONFIG_CEPH_LIB_PRETTYDEBUG is not set +# CONFIG_CEPH_LIB_USE_DNS_RESOLVER is not set +CONFIG_NFC=m +CONFIG_NFC_DIGITAL=m +CONFIG_NFC_NCI=m +# CONFIG_NFC_NCI_SPI is not set +# CONFIG_NFC_NCI_UART is not set +CONFIG_NFC_HCI=m +CONFIG_NFC_SHDLC=y + +# +# Near Field Communication (NFC) devices +# +# CONFIG_NFC_TRF7970A is not set +CONFIG_NFC_SIM=m +CONFIG_NFC_PORT100=m +# CONFIG_NFC_VIRTUAL_NCI is not set +# CONFIG_NFC_FDP is not set +CONFIG_NFC_PN544=m +CONFIG_NFC_PN544_I2C=m +# CONFIG_NFC_PN533_USB is not set +# CONFIG_NFC_PN533_I2C is not set +# CONFIG_NFC_PN532_UART is not set +CONFIG_NFC_MICROREAD=m +CONFIG_NFC_MICROREAD_I2C=m +CONFIG_NFC_MRVL=m +CONFIG_NFC_MRVL_USB=m +# CONFIG_NFC_MRVL_I2C is not set +CONFIG_NFC_ST21NFCA=m +CONFIG_NFC_ST21NFCA_I2C=m +# CONFIG_NFC_ST_NCI_I2C is not set +# CONFIG_NFC_ST_NCI_SPI is not set +# CONFIG_NFC_NXP_NCI is not set +CONFIG_NFC_S3FWRN5=m +CONFIG_NFC_S3FWRN5_I2C=m +# CONFIG_NFC_S3FWRN82_UART is not set +# CONFIG_NFC_ST95HF is not set +# end of Near Field Communication (NFC) devices + +CONFIG_PSAMPLE=m +CONFIG_NET_IFE=m +CONFIG_LWTUNNEL=y +CONFIG_LWTUNNEL_BPF=y +CONFIG_DST_CACHE=y +CONFIG_GRO_CELLS=y +CONFIG_NET_SELFTESTS=y +CONFIG_NET_SOCK_MSG=y +CONFIG_NET_DEVLINK=y +CONFIG_PAGE_POOL=y +CONFIG_PAGE_POOL_STATS=y +CONFIG_FAILOVER=m +CONFIG_ETHTOOL_NETLINK=y + +# +# Device Drivers +# +CONFIG_ARM_AMBA=y +CONFIG_HAVE_PCI=y +CONFIG_PCI=y +CONFIG_PCI_DOMAINS=y +CONFIG_PCI_DOMAINS_GENERIC=y +CONFIG_PCI_SYSCALL=y +CONFIG_PCIEPORTBUS=y +CONFIG_HOTPLUG_PCI_PCIE=y +CONFIG_PCIEAER=y +CONFIG_PCIEAER_INJECT=m +CONFIG_PCIE_ECRC=y +CONFIG_PCIEASPM=y +CONFIG_PCIEASPM_DEFAULT=y +# CONFIG_PCIEASPM_POWERSAVE is not set +# CONFIG_PCIEASPM_POWER_SUPERSAVE is not set +# CONFIG_PCIEASPM_PERFORMANCE is not set +CONFIG_PCIE_PME=y +# CONFIG_PCIE_DPC is not set +# CONFIG_PCIE_PTM is not set +CONFIG_PCI_MSI=y +CONFIG_PCI_QUIRKS=y +# CONFIG_PCI_DEBUG is not set +# CONFIG_PCI_REALLOC_ENABLE_AUTO is not set +CONFIG_PCI_STUB=m +# CONFIG_PCI_PF_STUB is not set +CONFIG_PCI_ATS=y +CONFIG_PCI_ECAM=y +CONFIG_PCI_IOV=y +CONFIG_PCI_PRI=y +CONFIG_PCI_PASID=y +CONFIG_PCI_LABEL=y +# CONFIG_PCIE_BUS_TUNE_OFF is not set +CONFIG_PCIE_BUS_DEFAULT=y +# CONFIG_PCIE_BUS_SAFE is not set +# CONFIG_PCIE_BUS_PERFORMANCE is not set +# CONFIG_PCIE_BUS_PEER2PEER is not set +CONFIG_VGA_ARB=y +CONFIG_VGA_ARB_MAX_GPUS=16 +CONFIG_HOTPLUG_PCI=y +# CONFIG_HOTPLUG_PCI_CPCI is not set +# CONFIG_HOTPLUG_PCI_SHPC is not set + +# +# PCI controller drivers +# +# CONFIG_PCIE_ALTERA is not set +CONFIG_PCIE_APPLE_MSI_DOORBELL_ADDR=0xfffff000 +CONFIG_PCIE_APPLE=m +# CONFIG_PCI_HOST_THUNDER_PEM is not set +# CONFIG_PCI_HOST_THUNDER_ECAM is not set +# CONFIG_PCI_FTPCI100 is not set +CONFIG_PCI_HOST_COMMON=m +# CONFIG_PCI_HOST_GENERIC is not set +# CONFIG_PCIE_MICROCHIP_HOST is not set +# CONFIG_PCI_XGENE is not set +# CONFIG_PCIE_XILINX is not set + +# +# Cadence-based PCIe controllers +# +# CONFIG_PCIE_CADENCE_PLAT_HOST is not set +# CONFIG_PCI_J721E_HOST is not set +# end of Cadence-based PCIe controllers + +# +# DesignWare-based PCIe controllers +# +# CONFIG_PCIE_AL is not set +# CONFIG_PCI_MESON is not set +# CONFIG_PCI_HISI is not set +# CONFIG_PCIE_KIRIN is not set +# CONFIG_PCIE_DW_PLAT_HOST is not set +# end of DesignWare-based PCIe controllers + +# +# Mobiveil-based PCIe controllers +# +# end of Mobiveil-based PCIe controllers +# end of PCI controller drivers + +# +# PCI Endpoint +# +# CONFIG_PCI_ENDPOINT is not set +# end of PCI Endpoint + +# +# PCI switch controller drivers +# +# CONFIG_PCI_SW_SWITCHTEC is not set +# end of PCI switch controller drivers + +# CONFIG_CXL_BUS is not set +# CONFIG_PCCARD is not set +# CONFIG_RAPIDIO is not set + +# +# Generic Driver Options +# +# CONFIG_UEVENT_HELPER is not set +CONFIG_DEVTMPFS=y +CONFIG_DEVTMPFS_MOUNT=y +# CONFIG_DEVTMPFS_SAFE is not set +CONFIG_STANDALONE=y +CONFIG_PREVENT_FIRMWARE_BUILD=y + +# +# Firmware loader +# +CONFIG_FW_LOADER=y +CONFIG_FW_LOADER_DEBUG=y +CONFIG_FW_LOADER_PAGED_BUF=y +CONFIG_EXTRA_FIRMWARE="" +# CONFIG_FW_LOADER_USER_HELPER is not set +CONFIG_FW_LOADER_COMPRESS=y +CONFIG_FW_LOADER_COMPRESS_XZ=y +CONFIG_FW_LOADER_COMPRESS_ZSTD=y +# CONFIG_FW_UPLOAD is not set +# end of Firmware loader + +CONFIG_WANT_DEV_COREDUMP=y +CONFIG_ALLOW_DEV_COREDUMP=y +CONFIG_DEV_COREDUMP=y +# CONFIG_DEBUG_DRIVER is not set +CONFIG_DEBUG_DEVRES=y +# CONFIG_DEBUG_TEST_DRIVER_REMOVE is not set +# CONFIG_TEST_ASYNC_DRIVER_PROBE is not set +CONFIG_GENERIC_CPU_AUTOPROBE=y +CONFIG_GENERIC_CPU_VULNERABILITIES=y +CONFIG_REGMAP=y +CONFIG_REGMAP_I2C=y +CONFIG_REGMAP_SPI=y +CONFIG_REGMAP_SPMI=m +CONFIG_REGMAP_MMIO=y +CONFIG_REGMAP_IRQ=y +CONFIG_DMA_SHARED_BUFFER=y +# CONFIG_DMA_FENCE_TRACE is not set +CONFIG_GENERIC_ARCH_TOPOLOGY=y +# CONFIG_FW_DEVLINK_SYNC_STATE_TIMEOUT is not set +# end of Generic Driver Options + +# +# Bus devices +# +# CONFIG_BRCMSTB_GISB_ARB is not set +# CONFIG_MOXTET is not set +# CONFIG_VEXPRESS_CONFIG is not set +# CONFIG_MHI_BUS is not set +# CONFIG_MHI_BUS_EP is not set +# end of Bus devices + +CONFIG_CONNECTOR=y +CONFIG_PROC_EVENTS=y + +# +# Firmware Drivers +# + +# +# ARM System Control and Management Interface Protocol +# +# CONFIG_ARM_SCMI_PROTOCOL is not set +# end of ARM System Control and Management Interface Protocol + +# CONFIG_FIRMWARE_MEMMAP is not set +CONFIG_DMIID=y +CONFIG_DMI_SYSFS=y +# CONFIG_FW_CFG_SYSFS is not set +# CONFIG_SYSFB_SIMPLEFB is not set +# CONFIG_ARM_FFA_TRANSPORT is not set +CONFIG_FW_CS_DSP=m +# CONFIG_GOOGLE_FIRMWARE is not set + +# +# EFI (Extensible Firmware Interface) Support +# +CONFIG_EFI_ESRT=y +CONFIG_EFI_VARS_PSTORE=y +CONFIG_EFI_VARS_PSTORE_DEFAULT_DISABLE=y +CONFIG_EFI_PARAMS_FROM_FDT=y +CONFIG_EFI_RUNTIME_WRAPPERS=y +CONFIG_EFI_GENERIC_STUB=y +# CONFIG_EFI_ZBOOT is not set +# CONFIG_EFI_ARMSTUB_DTB_LOADER is not set +CONFIG_EFI_BOOTLOADER_CONTROL=y +# CONFIG_EFI_CAPSULE_LOADER is not set +# CONFIG_EFI_TEST is not set +# CONFIG_RESET_ATTACK_MITIGATION is not set +# CONFIG_EFI_DISABLE_PCI_DMA is not set +CONFIG_EFI_EARLYCON=y +# CONFIG_EFI_DISABLE_RUNTIME is not set +# CONFIG_EFI_COCO_SECRET is not set +# end of EFI (Extensible Firmware Interface) Support + +CONFIG_ARM_PSCI_FW=y +# CONFIG_ARM_PSCI_CHECKER is not set +CONFIG_HAVE_ARM_SMCCC=y +CONFIG_HAVE_ARM_SMCCC_DISCOVERY=y +# CONFIG_ARM_SMCCC_SOC_ID is not set + +# +# Tegra firmware driver +# +# end of Tegra firmware driver +# end of Firmware Drivers + +CONFIG_GNSS=m +CONFIG_GNSS_SERIAL=m +CONFIG_GNSS_MTK_SERIAL=m +CONFIG_GNSS_SIRF_SERIAL=m +CONFIG_GNSS_UBX_SERIAL=m +CONFIG_GNSS_USB=m +CONFIG_MTD=y +# CONFIG_MTD_TESTS is not set + +# +# Partition parsers +# +# CONFIG_MTD_AR7_PARTS is not set +# CONFIG_MTD_CMDLINE_PARTS is not set +CONFIG_MTD_OF_PARTS=m +# CONFIG_MTD_AFS_PARTS is not set +# CONFIG_MTD_REDBOOT_PARTS is not set +# end of Partition parsers + +# +# User Modules And Translation Layers +# +CONFIG_MTD_BLKDEVS=m +CONFIG_MTD_BLOCK=m +# CONFIG_MTD_BLOCK_RO is not set + +# +# Note that in some cases UBI block is preferred. See MTD_UBI_BLOCK. +# +# CONFIG_FTL is not set +# CONFIG_NFTL is not set +# CONFIG_INFTL is not set +# CONFIG_RFD_FTL is not set +# CONFIG_SSFDC is not set +# CONFIG_SM_FTL is not set +# CONFIG_MTD_OOPS is not set +# CONFIG_MTD_SWAP is not set +# CONFIG_MTD_PARTITIONED_MASTER is not set + +# +# RAM/ROM/Flash chip drivers +# +CONFIG_MTD_CFI=m +# CONFIG_MTD_JEDECPROBE is not set +CONFIG_MTD_GEN_PROBE=m +# CONFIG_MTD_CFI_ADV_OPTIONS is not set +CONFIG_MTD_MAP_BANK_WIDTH_1=y +CONFIG_MTD_MAP_BANK_WIDTH_2=y +CONFIG_MTD_MAP_BANK_WIDTH_4=y +CONFIG_MTD_CFI_I1=y +CONFIG_MTD_CFI_I2=y +CONFIG_MTD_CFI_INTELEXT=m +CONFIG_MTD_CFI_AMDSTD=m +CONFIG_MTD_CFI_STAA=m +CONFIG_MTD_CFI_UTIL=m +# CONFIG_MTD_RAM is not set +# CONFIG_MTD_ROM is not set +# CONFIG_MTD_ABSENT is not set +# end of RAM/ROM/Flash chip drivers + +# +# Mapping drivers for chip access +# +# CONFIG_MTD_COMPLEX_MAPPINGS is not set +# CONFIG_MTD_PHYSMAP is not set +# CONFIG_MTD_INTEL_VR_NOR is not set +# CONFIG_MTD_PLATRAM is not set +# end of Mapping drivers for chip access + +# +# Self-contained MTD device drivers +# +# CONFIG_MTD_PMC551 is not set +# CONFIG_MTD_DATAFLASH is not set +# CONFIG_MTD_MCHP23K256 is not set +# CONFIG_MTD_MCHP48L640 is not set +# CONFIG_MTD_SST25L is not set +# CONFIG_MTD_SLRAM is not set +# CONFIG_MTD_PHRAM is not set +# CONFIG_MTD_MTDRAM is not set +# CONFIG_MTD_BLOCK2MTD is not set + +# +# Disk-On-Chip Device Drivers +# +# CONFIG_MTD_DOCG3 is not set +# end of Self-contained MTD device drivers + +# +# NAND +# +# CONFIG_MTD_ONENAND is not set +# CONFIG_MTD_RAW_NAND is not set +# CONFIG_MTD_SPI_NAND is not set + +# +# ECC engine support +# +# CONFIG_MTD_NAND_ECC_SW_HAMMING is not set +# CONFIG_MTD_NAND_ECC_SW_BCH is not set +# CONFIG_MTD_NAND_ECC_MXIC is not set +# end of ECC engine support +# end of NAND + +# +# LPDDR & LPDDR2 PCM memory drivers +# +# CONFIG_MTD_LPDDR is not set +# end of LPDDR & LPDDR2 PCM memory drivers + +CONFIG_MTD_SPI_NOR=m +CONFIG_MTD_SPI_NOR_USE_4K_SECTORS=y +# CONFIG_MTD_SPI_NOR_SWP_DISABLE is not set +# CONFIG_MTD_SPI_NOR_SWP_DISABLE_ON_VOLATILE is not set +CONFIG_MTD_SPI_NOR_SWP_KEEP=y +# CONFIG_MTD_UBI is not set +# CONFIG_MTD_HYPERBUS is not set +CONFIG_DTC=y +CONFIG_OF=y +# CONFIG_OF_UNITTEST is not set +CONFIG_OF_FLATTREE=y +CONFIG_OF_EARLY_FLATTREE=y +CONFIG_OF_KOBJ=y +CONFIG_OF_DYNAMIC=y +CONFIG_OF_ADDRESS=y +CONFIG_OF_IRQ=y +CONFIG_OF_RESERVED_MEM=y +CONFIG_OF_RESOLVE=y +CONFIG_OF_OVERLAY=y +# CONFIG_PARPORT is not set +CONFIG_BLK_DEV=y +CONFIG_BLK_DEV_NULL_BLK=m +CONFIG_CDROM=y +# CONFIG_BLK_DEV_PCIESSD_MTIP32XX is not set +CONFIG_ZRAM=m +CONFIG_ZRAM_DEF_COMP_LZORLE=y +# CONFIG_ZRAM_DEF_COMP_ZSTD is not set +# CONFIG_ZRAM_DEF_COMP_LZ4 is not set +# CONFIG_ZRAM_DEF_COMP_LZO is not set +# CONFIG_ZRAM_DEF_COMP_LZ4HC is not set +# CONFIG_ZRAM_DEF_COMP_842 is not set +CONFIG_ZRAM_DEF_COMP="lzo-rle" +# CONFIG_ZRAM_WRITEBACK is not set +# CONFIG_ZRAM_MEMORY_TRACKING is not set +# CONFIG_ZRAM_MULTI_COMP is not set +CONFIG_BLK_DEV_LOOP=m +CONFIG_BLK_DEV_LOOP_MIN_COUNT=8 +CONFIG_BLK_DEV_DRBD=m +# CONFIG_DRBD_FAULT_INJECTION is not set +CONFIG_BLK_DEV_NBD=m +CONFIG_BLK_DEV_RAM=m +CONFIG_BLK_DEV_RAM_COUNT=16 +CONFIG_BLK_DEV_RAM_SIZE=16384 +# CONFIG_CDROM_PKTCDVD is not set +CONFIG_ATA_OVER_ETH=m +CONFIG_VIRTIO_BLK=y +CONFIG_BLK_DEV_RBD=m +# CONFIG_BLK_DEV_UBLK is not set + +# +# NVME Support +# +CONFIG_NVME_CORE=y +CONFIG_BLK_DEV_NVME=y +CONFIG_NVME_MULTIPATH=y +CONFIG_NVME_VERBOSE_ERRORS=y +# CONFIG_NVME_HWMON is not set +# CONFIG_NVME_FC is not set +# CONFIG_NVME_TCP is not set +# CONFIG_NVME_AUTH is not set +CONFIG_NVME_APPLE=m +# CONFIG_NVME_TARGET is not set +# end of NVME Support + +# +# Misc devices +# +# CONFIG_AD525X_DPOT is not set +# CONFIG_DUMMY_IRQ is not set +# CONFIG_PHANTOM is not set +CONFIG_TIFM_CORE=y +# CONFIG_TIFM_7XX1 is not set +# CONFIG_ICS932S401 is not set +CONFIG_ENCLOSURE_SERVICES=m +# CONFIG_HI6421V600_IRQ is not set +# CONFIG_HP_ILO is not set +# CONFIG_APDS9802ALS is not set +# CONFIG_ISL29003 is not set +# CONFIG_ISL29020 is not set +# CONFIG_SENSORS_TSL2550 is not set +# CONFIG_SENSORS_BH1770 is not set +# CONFIG_SENSORS_APDS990X is not set +# CONFIG_HMC6352 is not set +# CONFIG_DS1682 is not set +# CONFIG_LATTICE_ECP3_CONFIG is not set +# CONFIG_SRAM is not set +# CONFIG_DW_XDATA_PCIE is not set +# CONFIG_PCI_ENDPOINT_TEST is not set +# CONFIG_XILINX_SDFEC is not set +# CONFIG_HISI_HIKEY_USB is not set +# CONFIG_OPEN_DICE is not set +# CONFIG_VCPU_STALL_DETECTOR is not set +# CONFIG_C2PORT is not set + +# +# EEPROM support +# +CONFIG_EEPROM_AT24=m +# CONFIG_EEPROM_AT25 is not set +# CONFIG_EEPROM_LEGACY is not set +# CONFIG_EEPROM_MAX6875 is not set +CONFIG_EEPROM_93CX6=m +# CONFIG_EEPROM_93XX46 is not set +# CONFIG_EEPROM_IDT_89HPESX is not set +# CONFIG_EEPROM_EE1004 is not set +# end of EEPROM support + +CONFIG_CB710_CORE=y +# CONFIG_CB710_DEBUG is not set +CONFIG_CB710_DEBUG_ASSUMPTIONS=y + +# +# Texas Instruments shared transport line discipline +# +# CONFIG_TI_ST is not set +# end of Texas Instruments shared transport line discipline + +# CONFIG_SENSORS_LIS3_SPI is not set +# CONFIG_SENSORS_LIS3_I2C is not set +# CONFIG_ALTERA_STAPL is not set +# CONFIG_VMWARE_VMCI is not set +# CONFIG_GENWQE is not set +# CONFIG_ECHO is not set +# CONFIG_BCM_VK is not set +# CONFIG_MISC_ALCOR_PCI is not set +# CONFIG_MISC_RTSX_PCI is not set +# CONFIG_MISC_RTSX_USB is not set +CONFIG_UACCE=m +# CONFIG_PVPANIC is not set +# CONFIG_GP_PCI1XXXX is not set +# end of Misc devices + +# +# SCSI device support +# +CONFIG_SCSI_MOD=y +CONFIG_RAID_ATTRS=m +CONFIG_SCSI_COMMON=y +CONFIG_SCSI=y +CONFIG_SCSI_DMA=y +CONFIG_SCSI_NETLINK=y +CONFIG_SCSI_PROC_FS=y + +# +# SCSI support type (disk, tape, CD-ROM) +# +CONFIG_BLK_DEV_SD=y +CONFIG_CHR_DEV_ST=m +CONFIG_BLK_DEV_SR=y +CONFIG_CHR_DEV_SG=y +CONFIG_BLK_DEV_BSG=y +CONFIG_CHR_DEV_SCH=m +CONFIG_SCSI_ENCLOSURE=m +CONFIG_SCSI_CONSTANTS=y +CONFIG_SCSI_LOGGING=y +CONFIG_SCSI_SCAN_ASYNC=y + +# +# SCSI Transports +# +CONFIG_SCSI_SPI_ATTRS=m +CONFIG_SCSI_FC_ATTRS=m +CONFIG_SCSI_ISCSI_ATTRS=m +CONFIG_SCSI_SAS_ATTRS=m +CONFIG_SCSI_SAS_LIBSAS=m +CONFIG_SCSI_SAS_HOST_SMP=y +CONFIG_SCSI_SRP_ATTRS=m +# end of SCSI Transports + +CONFIG_SCSI_LOWLEVEL=y +CONFIG_ISCSI_TCP=m +CONFIG_ISCSI_BOOT_SYSFS=m +# CONFIG_SCSI_CXGB3_ISCSI is not set +# CONFIG_SCSI_CXGB4_ISCSI is not set +# CONFIG_SCSI_BNX2_ISCSI is not set +# CONFIG_BE2ISCSI is not set +# CONFIG_BLK_DEV_3W_XXXX_RAID is not set +# CONFIG_SCSI_HPSA is not set +# CONFIG_SCSI_3W_9XXX is not set +# CONFIG_SCSI_3W_SAS is not set +# CONFIG_SCSI_ACARD is not set +# CONFIG_SCSI_AACRAID is not set +# CONFIG_SCSI_AIC7XXX is not set +# CONFIG_SCSI_AIC79XX is not set +# CONFIG_SCSI_AIC94XX is not set +# CONFIG_SCSI_MVSAS is not set +# CONFIG_SCSI_MVUMI is not set +# CONFIG_SCSI_ADVANSYS is not set +# CONFIG_SCSI_ARCMSR is not set +# CONFIG_SCSI_ESAS2R is not set +# CONFIG_MEGARAID_NEWGEN is not set +# CONFIG_MEGARAID_LEGACY is not set +# CONFIG_MEGARAID_SAS is not set +# CONFIG_SCSI_MPT3SAS is not set +# CONFIG_SCSI_MPT2SAS is not set +# CONFIG_SCSI_MPI3MR is not set +# CONFIG_SCSI_SMARTPQI is not set +# CONFIG_SCSI_HPTIOP is not set +# CONFIG_SCSI_BUSLOGIC is not set +# CONFIG_SCSI_MYRB is not set +# CONFIG_SCSI_MYRS is not set +# CONFIG_LIBFC is not set +# CONFIG_SCSI_SNIC is not set +# CONFIG_SCSI_DMX3191D is not set +# CONFIG_SCSI_FDOMAIN_PCI is not set +# CONFIG_SCSI_IPS is not set +# CONFIG_SCSI_INITIO is not set +# CONFIG_SCSI_INIA100 is not set +# CONFIG_SCSI_STEX is not set +# CONFIG_SCSI_SYM53C8XX_2 is not set +# CONFIG_SCSI_IPR is not set +# CONFIG_SCSI_QLOGIC_1280 is not set +# CONFIG_SCSI_QLA_FC is not set +# CONFIG_SCSI_QLA_ISCSI is not set +# CONFIG_SCSI_LPFC is not set +# CONFIG_SCSI_EFCT is not set +# CONFIG_SCSI_DC395x is not set +# CONFIG_SCSI_AM53C974 is not set +# CONFIG_SCSI_WD719X is not set +# CONFIG_SCSI_DEBUG is not set +# CONFIG_SCSI_PMCRAID is not set +# CONFIG_SCSI_PM8001 is not set +# CONFIG_SCSI_BFA_FC is not set +CONFIG_SCSI_VIRTIO=y +# CONFIG_SCSI_CHELSIO_FCOE is not set +CONFIG_SCSI_DH=y +CONFIG_SCSI_DH_RDAC=m +CONFIG_SCSI_DH_HP_SW=m +CONFIG_SCSI_DH_EMC=m +CONFIG_SCSI_DH_ALUA=m +# end of SCSI device support + +# CONFIG_ATA is not set +CONFIG_MD=y +CONFIG_BLK_DEV_MD=y +CONFIG_MD_AUTODETECT=y +CONFIG_MD_LINEAR=m +CONFIG_MD_RAID0=m +CONFIG_MD_RAID1=m +CONFIG_MD_RAID10=m +CONFIG_MD_RAID456=m +CONFIG_MD_MULTIPATH=m +CONFIG_MD_FAULTY=m +CONFIG_MD_CLUSTER=m +CONFIG_BCACHE=m +# CONFIG_BCACHE_DEBUG is not set +# CONFIG_BCACHE_CLOSURES_DEBUG is not set +# CONFIG_BCACHE_ASYNC_REGISTRATION is not set +CONFIG_BLK_DEV_DM_BUILTIN=y +CONFIG_BLK_DEV_DM=y +CONFIG_DM_DEBUG=y +CONFIG_DM_BUFIO=y +# CONFIG_DM_DEBUG_BLOCK_MANAGER_LOCKING is not set +CONFIG_DM_BIO_PRISON=m +CONFIG_DM_PERSISTENT_DATA=m +# CONFIG_DM_UNSTRIPED is not set +CONFIG_DM_CRYPT=m +CONFIG_DM_SNAPSHOT=y +CONFIG_DM_THIN_PROVISIONING=m +CONFIG_DM_CACHE=m +CONFIG_DM_CACHE_SMQ=m +CONFIG_DM_WRITECACHE=m +# CONFIG_DM_EBS is not set +# CONFIG_DM_ERA is not set +# CONFIG_DM_CLONE is not set +CONFIG_DM_MIRROR=y +CONFIG_DM_LOG_USERSPACE=m +CONFIG_DM_RAID=m +CONFIG_DM_ZERO=y +CONFIG_DM_MULTIPATH=m +CONFIG_DM_MULTIPATH_QL=m +CONFIG_DM_MULTIPATH_ST=m +# CONFIG_DM_MULTIPATH_HST is not set +# CONFIG_DM_MULTIPATH_IOA is not set +CONFIG_DM_DELAY=m +CONFIG_DM_DUST=m +CONFIG_DM_INIT=y +CONFIG_DM_UEVENT=y +CONFIG_DM_FLAKEY=m +CONFIG_DM_VERITY=m +# CONFIG_DM_VERITY_VERIFY_ROOTHASH_SIG is not set +CONFIG_DM_VERITY_FEC=y +CONFIG_DM_SWITCH=m +CONFIG_DM_LOG_WRITES=m +CONFIG_DM_INTEGRITY=m +CONFIG_DM_ZONED=m +CONFIG_DM_AUDIT=y +CONFIG_TARGET_CORE=m +CONFIG_TCM_IBLOCK=m +CONFIG_TCM_FILEIO=m +CONFIG_TCM_PSCSI=m +CONFIG_LOOPBACK_TARGET=m +CONFIG_ISCSI_TARGET=m +# CONFIG_REMOTE_TARGET is not set +# CONFIG_FUSION is not set + +# +# IEEE 1394 (FireWire) support +# +# CONFIG_FIREWIRE is not set +# CONFIG_FIREWIRE_NOSY is not set +# end of IEEE 1394 (FireWire) support + +CONFIG_NETDEVICES=y +CONFIG_MII=m +CONFIG_NET_CORE=y +CONFIG_BONDING=m +CONFIG_DUMMY=m +CONFIG_WIREGUARD=m +# CONFIG_WIREGUARD_DEBUG is not set +CONFIG_EQUALIZER=m +CONFIG_NET_FC=y +CONFIG_IFB=m +CONFIG_NET_TEAM=m +CONFIG_NET_TEAM_MODE_BROADCAST=m +CONFIG_NET_TEAM_MODE_ROUNDROBIN=m +CONFIG_NET_TEAM_MODE_RANDOM=m +CONFIG_NET_TEAM_MODE_ACTIVEBACKUP=m +CONFIG_NET_TEAM_MODE_LOADBALANCE=m +CONFIG_MACVLAN=m +CONFIG_MACVTAP=m +CONFIG_IPVLAN_L3S=y +CONFIG_IPVLAN=m +CONFIG_IPVTAP=m +CONFIG_VXLAN=m +CONFIG_GENEVE=m +# CONFIG_BAREUDP is not set +# CONFIG_GTP is not set +# CONFIG_AMT is not set +# CONFIG_MACSEC is not set +CONFIG_NETCONSOLE=m +CONFIG_NETCONSOLE_DYNAMIC=y +CONFIG_NETPOLL=y +CONFIG_NET_POLL_CONTROLLER=y +CONFIG_TUN=m +CONFIG_TAP=m +# CONFIG_TUN_VNET_CROSS_LE is not set +CONFIG_VETH=m +CONFIG_VIRTIO_NET=m +CONFIG_NLMON=m +CONFIG_NET_VRF=m +# CONFIG_VSOCKMON is not set +# CONFIG_ARCNET is not set +# CONFIG_ATM_DRIVERS is not set + +# +# Distributed Switch Architecture drivers +# +CONFIG_B53=m +# CONFIG_B53_SPI_DRIVER is not set +# CONFIG_B53_MDIO_DRIVER is not set +# CONFIG_B53_MMAP_DRIVER is not set +# CONFIG_B53_SRAB_DRIVER is not set +# CONFIG_B53_SERDES is not set +CONFIG_NET_DSA_BCM_SF2=m +# CONFIG_NET_DSA_LOOP is not set +# CONFIG_NET_DSA_HIRSCHMANN_HELLCREEK is not set +# CONFIG_NET_DSA_LANTIQ_GSWIP is not set +# CONFIG_NET_DSA_MT7530 is not set +CONFIG_NET_DSA_MV88E6060=m +# CONFIG_NET_DSA_MICROCHIP_KSZ_COMMON is not set +CONFIG_NET_DSA_MV88E6XXX=m +CONFIG_NET_DSA_MV88E6XXX_PTP=y +# CONFIG_NET_DSA_AR9331 is not set +CONFIG_NET_DSA_QCA8K=m +# CONFIG_NET_DSA_QCA8K_LEDS_SUPPORT is not set +# CONFIG_NET_DSA_SJA1105 is not set +# CONFIG_NET_DSA_XRS700X_I2C is not set +# CONFIG_NET_DSA_XRS700X_MDIO is not set +# CONFIG_NET_DSA_REALTEK is not set +# CONFIG_NET_DSA_SMSC_LAN9303_I2C is not set +# CONFIG_NET_DSA_SMSC_LAN9303_MDIO is not set +# CONFIG_NET_DSA_VITESSE_VSC73XX_SPI is not set +# CONFIG_NET_DSA_VITESSE_VSC73XX_PLATFORM is not set +# end of Distributed Switch Architecture drivers + +CONFIG_ETHERNET=y +# CONFIG_NET_VENDOR_3COM is not set +# CONFIG_NET_VENDOR_ADAPTEC is not set +# CONFIG_NET_VENDOR_AGERE is not set +# CONFIG_NET_VENDOR_ALACRITECH is not set +# CONFIG_NET_VENDOR_ALTEON is not set +# CONFIG_ALTERA_TSE is not set +# CONFIG_NET_VENDOR_AMAZON is not set +# CONFIG_NET_VENDOR_AMD is not set +CONFIG_NET_VENDOR_AQUANTIA=y +CONFIG_AQTION=m +# CONFIG_NET_VENDOR_ARC is not set +# CONFIG_NET_VENDOR_ASIX is not set +# CONFIG_NET_VENDOR_ATHEROS is not set +CONFIG_NET_VENDOR_BROADCOM=y +# CONFIG_B44 is not set +# CONFIG_BCMGENET is not set +# CONFIG_BNX2 is not set +# CONFIG_CNIC is not set +CONFIG_TIGON3=m +CONFIG_TIGON3_HWMON=y +# CONFIG_BNX2X is not set +# CONFIG_SYSTEMPORT is not set +# CONFIG_BNXT is not set +# CONFIG_NET_VENDOR_CADENCE is not set +# CONFIG_NET_VENDOR_CAVIUM is not set +# CONFIG_NET_VENDOR_CHELSIO is not set +# CONFIG_NET_VENDOR_CISCO is not set +# CONFIG_NET_VENDOR_CORTINA is not set +# CONFIG_NET_VENDOR_DAVICOM is not set +# CONFIG_DNET is not set +# CONFIG_NET_VENDOR_DEC is not set +# CONFIG_NET_VENDOR_DLINK is not set +# CONFIG_NET_VENDOR_EMULEX is not set +# CONFIG_NET_VENDOR_ENGLEDER is not set +# CONFIG_NET_VENDOR_EZCHIP is not set +# CONFIG_NET_VENDOR_FUNGIBLE is not set +# CONFIG_NET_VENDOR_GOOGLE is not set +# CONFIG_NET_VENDOR_HISILICON is not set +# CONFIG_NET_VENDOR_HUAWEI is not set +# CONFIG_NET_VENDOR_INTEL is not set +# CONFIG_JME is not set +CONFIG_NET_VENDOR_ADI=y +# CONFIG_ADIN1110 is not set +# CONFIG_NET_VENDOR_LITEX is not set +# CONFIG_NET_VENDOR_MARVELL is not set +# CONFIG_NET_VENDOR_MELLANOX is not set +# CONFIG_NET_VENDOR_MICREL is not set +# CONFIG_NET_VENDOR_MICROCHIP is not set +# CONFIG_NET_VENDOR_MICROSEMI is not set +# CONFIG_NET_VENDOR_MICROSOFT is not set +# CONFIG_NET_VENDOR_MYRI is not set +# CONFIG_FEALNX is not set +# CONFIG_NET_VENDOR_NI is not set +# CONFIG_NET_VENDOR_NATSEMI is not set +# CONFIG_NET_VENDOR_NETERION is not set +# CONFIG_NET_VENDOR_NETRONOME is not set +# CONFIG_NET_VENDOR_NVIDIA is not set +# CONFIG_NET_VENDOR_OKI is not set +# CONFIG_ETHOC is not set +# CONFIG_NET_VENDOR_PACKET_ENGINES is not set +# CONFIG_NET_VENDOR_PENSANDO is not set +# CONFIG_NET_VENDOR_QLOGIC is not set +# CONFIG_NET_VENDOR_BROCADE is not set +# CONFIG_NET_VENDOR_QUALCOMM is not set +# CONFIG_NET_VENDOR_RDC is not set +# CONFIG_NET_VENDOR_REALTEK is not set +# CONFIG_NET_VENDOR_RENESAS is not set +# CONFIG_NET_VENDOR_ROCKER is not set +# CONFIG_NET_VENDOR_SAMSUNG is not set +# CONFIG_NET_VENDOR_SEEQ is not set +# CONFIG_NET_VENDOR_SILAN is not set +# CONFIG_NET_VENDOR_SIS is not set +# CONFIG_NET_VENDOR_SOLARFLARE is not set +# CONFIG_NET_VENDOR_SMSC is not set +# CONFIG_NET_VENDOR_SOCIONEXT is not set +# CONFIG_NET_VENDOR_STMICRO is not set +# CONFIG_NET_VENDOR_SUN is not set +# CONFIG_NET_VENDOR_SYNOPSYS is not set +# CONFIG_NET_VENDOR_TEHUTI is not set +# CONFIG_NET_VENDOR_TI is not set +# CONFIG_NET_VENDOR_VERTEXCOM is not set +# CONFIG_NET_VENDOR_VIA is not set +# CONFIG_NET_VENDOR_WANGXUN is not set +# CONFIG_NET_VENDOR_WIZNET is not set +# CONFIG_NET_VENDOR_XILINX is not set +# CONFIG_FDDI is not set +# CONFIG_HIPPI is not set +CONFIG_PHYLINK=m +CONFIG_PHYLIB=y +CONFIG_SWPHY=y +CONFIG_LED_TRIGGER_PHY=y +CONFIG_PHYLIB_LEDS=y +CONFIG_FIXED_PHY=y +CONFIG_SFP=m + +# +# MII PHY device drivers +# +CONFIG_AMD_PHY=m +# CONFIG_ADIN_PHY is not set +# CONFIG_ADIN1100_PHY is not set +# CONFIG_AQUANTIA_PHY is not set +CONFIG_AX88796B_PHY=m +CONFIG_BROADCOM_PHY=m +CONFIG_BCM54140_PHY=m +CONFIG_BCM7XXX_PHY=m +# CONFIG_BCM84881_PHY is not set +CONFIG_BCM87XX_PHY=m +CONFIG_BCM_NET_PHYLIB=m +CONFIG_BCM_NET_PHYPTP=m +CONFIG_CICADA_PHY=m +# CONFIG_CORTINA_PHY is not set +CONFIG_DAVICOM_PHY=m +CONFIG_ICPLUS_PHY=m +CONFIG_LXT_PHY=m +# CONFIG_INTEL_XWAY_PHY is not set +CONFIG_LSI_ET1011C_PHY=m +CONFIG_MARVELL_PHY=m +CONFIG_MARVELL_10G_PHY=m +# CONFIG_MARVELL_88X2222_PHY is not set +# CONFIG_MAXLINEAR_GPHY is not set +# CONFIG_MEDIATEK_GE_PHY is not set +CONFIG_MICREL_PHY=m +# CONFIG_MICROCHIP_T1S_PHY is not set +CONFIG_MICROCHIP_PHY=m +# CONFIG_MICROCHIP_T1_PHY is not set +# CONFIG_MICROSEMI_PHY is not set +# CONFIG_MOTORCOMM_PHY is not set +CONFIG_NATIONAL_PHY=m +# CONFIG_NXP_CBTX_PHY is not set +# CONFIG_NXP_C45_TJA11XX_PHY is not set +# CONFIG_NXP_TJA11XX_PHY is not set +# CONFIG_NCN26000_PHY is not set +CONFIG_AT803X_PHY=y +CONFIG_QSEMI_PHY=m +CONFIG_REALTEK_PHY=y +# CONFIG_RENESAS_PHY is not set +CONFIG_ROCKCHIP_PHY=y +CONFIG_SMSC_PHY=m +CONFIG_STE10XP=m +# CONFIG_TERANETICS_PHY is not set +# CONFIG_DP83822_PHY is not set +# CONFIG_DP83TC811_PHY is not set +CONFIG_DP83848_PHY=m +CONFIG_DP83867_PHY=m +# CONFIG_DP83869_PHY is not set +# CONFIG_DP83TD510_PHY is not set +CONFIG_VITESSE_PHY=m +# CONFIG_XILINX_GMII2RGMII is not set +# CONFIG_MICREL_KS8995MA is not set +# CONFIG_PSE_CONTROLLER is not set +CONFIG_CAN_DEV=m +CONFIG_CAN_VCAN=m +CONFIG_CAN_VXCAN=m +# CONFIG_CAN_NETLINK is not set +# CONFIG_CAN_DEBUG_DEVICES is not set +CONFIG_MDIO_DEVICE=y +CONFIG_MDIO_BUS=y +CONFIG_FWNODE_MDIO=y +CONFIG_OF_MDIO=y +CONFIG_MDIO_DEVRES=y +CONFIG_MDIO_BITBANG=m +CONFIG_MDIO_BCM_UNIMAC=y +# CONFIG_MDIO_GPIO is not set +# CONFIG_MDIO_HISI_FEMAC is not set +CONFIG_MDIO_I2C=m +# CONFIG_MDIO_MVUSB is not set +# CONFIG_MDIO_MSCC_MIIM is not set +# CONFIG_MDIO_OCTEON is not set +# CONFIG_MDIO_IPQ4019 is not set +# CONFIG_MDIO_IPQ8064 is not set +# CONFIG_MDIO_THUNDER is not set + +# +# MDIO Multiplexers +# +CONFIG_MDIO_BUS_MUX=m +CONFIG_MDIO_BUS_MUX_GPIO=m +# CONFIG_MDIO_BUS_MUX_MULTIPLEXER is not set +CONFIG_MDIO_BUS_MUX_MMIOREG=m + +# +# PCS device drivers +# +# end of PCS device drivers + +CONFIG_PPP=m +CONFIG_PPP_BSDCOMP=m +CONFIG_PPP_DEFLATE=m +CONFIG_PPP_FILTER=y +CONFIG_PPP_MPPE=m +CONFIG_PPP_MULTILINK=y +CONFIG_PPPOATM=m +CONFIG_PPPOE=m +# CONFIG_PPPOE_HASH_BITS_1 is not set +# CONFIG_PPPOE_HASH_BITS_2 is not set +CONFIG_PPPOE_HASH_BITS_4=y +# CONFIG_PPPOE_HASH_BITS_8 is not set +CONFIG_PPPOE_HASH_BITS=4 +CONFIG_PPTP=m +CONFIG_PPPOL2TP=m +CONFIG_PPP_ASYNC=m +CONFIG_PPP_SYNC_TTY=m +CONFIG_SLIP=m +CONFIG_SLHC=m +CONFIG_SLIP_COMPRESSED=y +CONFIG_SLIP_SMART=y +# CONFIG_SLIP_MODE_SLIP6 is not set +CONFIG_USB_NET_DRIVERS=y +CONFIG_USB_CATC=m +CONFIG_USB_KAWETH=m +CONFIG_USB_PEGASUS=m +CONFIG_USB_RTL8150=m +CONFIG_USB_RTL8152=m +CONFIG_USB_LAN78XX=m +CONFIG_USB_USBNET=m +CONFIG_USB_NET_AX8817X=m +CONFIG_USB_NET_AX88179_178A=m +CONFIG_USB_NET_CDCETHER=m +CONFIG_USB_NET_CDC_EEM=m +CONFIG_USB_NET_CDC_NCM=m +CONFIG_USB_NET_HUAWEI_CDC_NCM=m +CONFIG_USB_NET_CDC_MBIM=m +CONFIG_USB_NET_DM9601=m +CONFIG_USB_NET_SR9700=m +CONFIG_USB_NET_SR9800=m +CONFIG_USB_NET_SMSC75XX=m +CONFIG_USB_NET_SMSC95XX=m +CONFIG_USB_NET_GL620A=m +CONFIG_USB_NET_NET1080=m +CONFIG_USB_NET_PLUSB=m +CONFIG_USB_NET_MCS7830=m +CONFIG_USB_NET_RNDIS_HOST=m +CONFIG_USB_NET_CDC_SUBSET_ENABLE=m +CONFIG_USB_NET_CDC_SUBSET=m +CONFIG_USB_ALI_M5632=y +CONFIG_USB_AN2720=y +CONFIG_USB_BELKIN=y +CONFIG_USB_ARMLINUX=y +CONFIG_USB_EPSON2888=y +CONFIG_USB_KC2190=y +CONFIG_USB_NET_ZAURUS=m +CONFIG_USB_NET_CX82310_ETH=m +CONFIG_USB_NET_KALMIA=m +CONFIG_USB_NET_QMI_WWAN=m +CONFIG_USB_HSO=m +CONFIG_USB_NET_INT51X1=m +CONFIG_USB_IPHETH=m +CONFIG_USB_SIERRA_NET=m +CONFIG_USB_VL600=m +CONFIG_USB_NET_CH9200=m +CONFIG_USB_NET_AQC111=m +CONFIG_USB_RTL8153_ECM=m +CONFIG_WLAN=y +# CONFIG_WLAN_VENDOR_ADMTEK is not set +CONFIG_ATH_COMMON=m +CONFIG_WLAN_VENDOR_ATH=y +# CONFIG_ATH_DEBUG is not set +# CONFIG_ATH5K is not set +# CONFIG_ATH5K_PCI is not set +CONFIG_ATH9K_HW=m +CONFIG_ATH9K_COMMON=m +CONFIG_ATH9K_BTCOEX_SUPPORT=y +# CONFIG_ATH9K is not set +CONFIG_ATH9K_HTC=m +# CONFIG_ATH9K_HTC_DEBUGFS is not set +CONFIG_CARL9170=m +CONFIG_CARL9170_LEDS=y +# CONFIG_CARL9170_DEBUGFS is not set +CONFIG_CARL9170_WPC=y +# CONFIG_CARL9170_HWRNG is not set +CONFIG_ATH6KL=m +# CONFIG_ATH6KL_SDIO is not set +CONFIG_ATH6KL_USB=m +# CONFIG_ATH6KL_DEBUG is not set +CONFIG_AR5523=m +# CONFIG_WIL6210 is not set +CONFIG_ATH10K=m +CONFIG_ATH10K_CE=y +# CONFIG_ATH10K_PCI is not set +# CONFIG_ATH10K_SDIO is not set +CONFIG_ATH10K_USB=m +# CONFIG_ATH10K_DEBUG is not set +CONFIG_ATH10K_DEBUGFS=y +# CONFIG_ATH10K_SPECTRAL is not set +# CONFIG_WCN36XX is not set +# CONFIG_ATH11K is not set +# CONFIG_ATH12K is not set +CONFIG_WLAN_VENDOR_ATMEL=y +# CONFIG_ATMEL is not set +CONFIG_AT76C50X_USB=m +CONFIG_WLAN_VENDOR_BROADCOM=y +# CONFIG_B43 is not set +# CONFIG_B43LEGACY is not set +CONFIG_BRCMUTIL=m +# CONFIG_BRCMSMAC is not set +CONFIG_BRCMFMAC=m +CONFIG_BRCMFMAC_PROTO_BCDC=y +CONFIG_BRCMFMAC_PROTO_MSGBUF=y +# CONFIG_BRCMFMAC_SDIO is not set +CONFIG_BRCMFMAC_USB=y +CONFIG_BRCMFMAC_PCIE=y +# CONFIG_BRCM_TRACING is not set +# CONFIG_BRCMDBG is not set +CONFIG_WLAN_VENDOR_CISCO=y +# CONFIG_AIRO is not set +CONFIG_WLAN_VENDOR_INTEL=y +# CONFIG_IPW2100 is not set +# CONFIG_IPW2200 is not set +# CONFIG_IWL4965 is not set +# CONFIG_IWL3945 is not set +# CONFIG_IWLWIFI is not set +CONFIG_WLAN_VENDOR_INTERSIL=y +# CONFIG_HOSTAP is not set +CONFIG_HERMES=m +CONFIG_HERMES_PRISM=y +CONFIG_HERMES_CACHE_FW_ON_INIT=y +# CONFIG_PLX_HERMES is not set +# CONFIG_TMD_HERMES is not set +# CONFIG_NORTEL_HERMES is not set +# CONFIG_PCI_HERMES is not set +CONFIG_ORINOCO_USB=m +CONFIG_P54_COMMON=m +CONFIG_P54_USB=m +# CONFIG_P54_PCI is not set +# CONFIG_P54_SPI is not set +CONFIG_P54_LEDS=y +CONFIG_WLAN_VENDOR_MARVELL=y +CONFIG_LIBERTAS=m +CONFIG_LIBERTAS_USB=m +# CONFIG_LIBERTAS_SDIO is not set +# CONFIG_LIBERTAS_SPI is not set +# CONFIG_LIBERTAS_DEBUG is not set +CONFIG_LIBERTAS_MESH=y +CONFIG_LIBERTAS_THINFIRM=m +# CONFIG_LIBERTAS_THINFIRM_DEBUG is not set +CONFIG_LIBERTAS_THINFIRM_USB=m +CONFIG_MWIFIEX=m +# CONFIG_MWIFIEX_SDIO is not set +# CONFIG_MWIFIEX_PCIE is not set +CONFIG_MWIFIEX_USB=m +# CONFIG_MWL8K is not set +CONFIG_WLAN_VENDOR_MEDIATEK=y +CONFIG_MT7601U=m +CONFIG_MT76_CORE=m +CONFIG_MT76_LEDS=y +CONFIG_MT76_USB=m +CONFIG_MT76x02_LIB=m +CONFIG_MT76x02_USB=m +CONFIG_MT76_CONNAC_LIB=m +CONFIG_MT76x0_COMMON=m +CONFIG_MT76x0U=m +# CONFIG_MT76x0E is not set +CONFIG_MT76x2_COMMON=m +# CONFIG_MT76x2E is not set +CONFIG_MT76x2U=m +# CONFIG_MT7603E is not set +CONFIG_MT7615_COMMON=m +# CONFIG_MT7615E is not set +CONFIG_MT7663_USB_SDIO_COMMON=m +CONFIG_MT7663U=m +# CONFIG_MT7663S is not set +# CONFIG_MT7915E is not set +# CONFIG_MT7921E is not set +# CONFIG_MT7921S is not set +# CONFIG_MT7921U is not set +# CONFIG_MT7996E is not set +# CONFIG_WLAN_VENDOR_MICROCHIP is not set +# CONFIG_WLAN_VENDOR_PURELIFI is not set +CONFIG_WLAN_VENDOR_RALINK=y +CONFIG_RT2X00=m +# CONFIG_RT2400PCI is not set +# CONFIG_RT2500PCI is not set +# CONFIG_RT61PCI is not set +# CONFIG_RT2800PCI is not set +CONFIG_RT2500USB=m +CONFIG_RT73USB=m +CONFIG_RT2800USB=m +CONFIG_RT2800USB_RT33XX=y +CONFIG_RT2800USB_RT35XX=y +CONFIG_RT2800USB_RT3573=y +CONFIG_RT2800USB_RT53XX=y +CONFIG_RT2800USB_RT55XX=y +CONFIG_RT2800USB_UNKNOWN=y +CONFIG_RT2800_LIB=m +CONFIG_RT2X00_LIB_USB=m +CONFIG_RT2X00_LIB=m +CONFIG_RT2X00_LIB_FIRMWARE=y +CONFIG_RT2X00_LIB_CRYPTO=y +CONFIG_RT2X00_LIB_LEDS=y +CONFIG_RT2X00_LIB_DEBUGFS=y +# CONFIG_RT2X00_DEBUG is not set +CONFIG_WLAN_VENDOR_REALTEK=y +# CONFIG_RTL8180 is not set +CONFIG_RTL8187=m +CONFIG_RTL8187_LEDS=y +CONFIG_RTL_CARDS=m +# CONFIG_RTL8192CE is not set +# CONFIG_RTL8192SE is not set +# CONFIG_RTL8192DE is not set +# CONFIG_RTL8723AE is not set +# CONFIG_RTL8723BE is not set +# CONFIG_RTL8188EE is not set +# CONFIG_RTL8192EE is not set +# CONFIG_RTL8821AE is not set +CONFIG_RTL8192CU=m +CONFIG_RTLWIFI=m +CONFIG_RTLWIFI_USB=m +CONFIG_RTLWIFI_DEBUG=y +CONFIG_RTL8192C_COMMON=m +CONFIG_RTL8XXXU=m +# CONFIG_RTL8XXXU_UNTESTED is not set +# CONFIG_RTW88 is not set +# CONFIG_RTW89 is not set +CONFIG_WLAN_VENDOR_RSI=y +CONFIG_RSI_91X=m +CONFIG_RSI_DEBUGFS=y +# CONFIG_RSI_SDIO is not set +CONFIG_RSI_USB=m +CONFIG_RSI_COEX=y +CONFIG_WLAN_VENDOR_SILABS=y +# CONFIG_WFX is not set +# CONFIG_WLAN_VENDOR_ST is not set +# CONFIG_WLAN_VENDOR_TI is not set +CONFIG_WLAN_VENDOR_ZYDAS=y +CONFIG_USB_ZD1201=m +CONFIG_ZD1211RW=m +# CONFIG_ZD1211RW_DEBUG is not set +# CONFIG_WLAN_VENDOR_QUANTENNA is not set +CONFIG_USB_NET_RNDIS_WLAN=m +# CONFIG_MAC80211_HWSIM is not set +# CONFIG_VIRT_WIFI is not set +# CONFIG_WAN is not set +CONFIG_IEEE802154_DRIVERS=m +CONFIG_IEEE802154_FAKELB=m +# CONFIG_IEEE802154_AT86RF230 is not set +# CONFIG_IEEE802154_MRF24J40 is not set +# CONFIG_IEEE802154_CC2520 is not set +CONFIG_IEEE802154_ATUSB=m +# CONFIG_IEEE802154_ADF7242 is not set +# CONFIG_IEEE802154_CA8210 is not set +# CONFIG_IEEE802154_MCR20A is not set +# CONFIG_IEEE802154_HWSIM is not set + +# +# Wireless WAN +# +# CONFIG_WWAN is not set +# end of Wireless WAN + +# CONFIG_VMXNET3 is not set +# CONFIG_NETDEVSIM is not set +CONFIG_NET_FAILOVER=m +# CONFIG_ISDN is not set + +# +# Input device support +# +CONFIG_INPUT=y +CONFIG_INPUT_LEDS=y +CONFIG_INPUT_FF_MEMLESS=m +# CONFIG_INPUT_SPARSEKMAP is not set +# CONFIG_INPUT_MATRIXKMAP is not set + +# +# Userland interfaces +# +CONFIG_INPUT_MOUSEDEV=y +# CONFIG_INPUT_MOUSEDEV_PSAUX is not set +CONFIG_INPUT_MOUSEDEV_SCREEN_X=1024 +CONFIG_INPUT_MOUSEDEV_SCREEN_Y=768 +CONFIG_INPUT_JOYDEV=m +CONFIG_INPUT_EVDEV=y +# CONFIG_INPUT_EVBUG is not set + +# +# Input Device Drivers +# +CONFIG_INPUT_KEYBOARD=y +# CONFIG_KEYBOARD_ADP5588 is not set +# CONFIG_KEYBOARD_ADP5589 is not set +# CONFIG_KEYBOARD_ATKBD is not set +# CONFIG_KEYBOARD_QT1050 is not set +# CONFIG_KEYBOARD_QT1070 is not set +# CONFIG_KEYBOARD_QT2160 is not set +# CONFIG_KEYBOARD_DLINK_DIR685 is not set +# CONFIG_KEYBOARD_LKKBD is not set +CONFIG_KEYBOARD_GPIO=m +CONFIG_KEYBOARD_GPIO_POLLED=m +# CONFIG_KEYBOARD_TCA6416 is not set +# CONFIG_KEYBOARD_TCA8418 is not set +# CONFIG_KEYBOARD_MATRIX is not set +# CONFIG_KEYBOARD_LM8323 is not set +# CONFIG_KEYBOARD_LM8333 is not set +# CONFIG_KEYBOARD_MAX7359 is not set +# CONFIG_KEYBOARD_MCS is not set +# CONFIG_KEYBOARD_MPR121 is not set +# CONFIG_KEYBOARD_NEWTON is not set +# CONFIG_KEYBOARD_OPENCORES is not set +# CONFIG_KEYBOARD_PINEPHONE is not set +# CONFIG_KEYBOARD_SAMSUNG is not set +# CONFIG_KEYBOARD_STOWAWAY is not set +# CONFIG_KEYBOARD_SUNKBD is not set +# CONFIG_KEYBOARD_OMAP4 is not set +# CONFIG_KEYBOARD_TM2_TOUCHKEY is not set +# CONFIG_KEYBOARD_XTKBD is not set +# CONFIG_KEYBOARD_CAP11XX is not set +# CONFIG_KEYBOARD_BCM is not set +# CONFIG_KEYBOARD_CYPRESS_SF is not set +CONFIG_INPUT_MOUSE=y +# CONFIG_MOUSE_PS2 is not set +# CONFIG_MOUSE_SERIAL is not set +CONFIG_MOUSE_APPLETOUCH=m +CONFIG_MOUSE_BCM5974=m +# CONFIG_MOUSE_CYAPA is not set +# CONFIG_MOUSE_ELAN_I2C is not set +# CONFIG_MOUSE_VSXXXAA is not set +# CONFIG_MOUSE_GPIO is not set +# CONFIG_MOUSE_SYNAPTICS_I2C is not set +CONFIG_MOUSE_SYNAPTICS_USB=m +CONFIG_INPUT_JOYSTICK=y +# CONFIG_JOYSTICK_ANALOG is not set +# CONFIG_JOYSTICK_A3D is not set +# CONFIG_JOYSTICK_ADI is not set +# CONFIG_JOYSTICK_COBRA is not set +# CONFIG_JOYSTICK_GF2K is not set +# CONFIG_JOYSTICK_GRIP is not set +# CONFIG_JOYSTICK_GRIP_MP is not set +# CONFIG_JOYSTICK_GUILLEMOT is not set +# CONFIG_JOYSTICK_INTERACT is not set +# CONFIG_JOYSTICK_SIDEWINDER is not set +# CONFIG_JOYSTICK_TMDC is not set +CONFIG_JOYSTICK_IFORCE=m +CONFIG_JOYSTICK_IFORCE_USB=m +# CONFIG_JOYSTICK_WARRIOR is not set +# CONFIG_JOYSTICK_MAGELLAN is not set +# CONFIG_JOYSTICK_SPACEORB is not set +# CONFIG_JOYSTICK_SPACEBALL is not set +# CONFIG_JOYSTICK_STINGER is not set +# CONFIG_JOYSTICK_TWIDJOY is not set +# CONFIG_JOYSTICK_ZHENHUA is not set +# CONFIG_JOYSTICK_AS5011 is not set +# CONFIG_JOYSTICK_JOYDUMP is not set +CONFIG_JOYSTICK_XPAD=m +CONFIG_JOYSTICK_XPAD_FF=y +CONFIG_JOYSTICK_XPAD_LEDS=y +# CONFIG_JOYSTICK_PSXPAD_SPI is not set +# CONFIG_JOYSTICK_PXRC is not set +# CONFIG_JOYSTICK_QWIIC is not set +# CONFIG_JOYSTICK_FSIA6B is not set +# CONFIG_JOYSTICK_SENSEHAT is not set +CONFIG_INPUT_TABLET=y +CONFIG_TABLET_USB_ACECAD=m +CONFIG_TABLET_USB_AIPTEK=m +CONFIG_TABLET_USB_HANWANG=m +CONFIG_TABLET_USB_KBTAB=m +CONFIG_TABLET_USB_PEGASUS=m +# CONFIG_TABLET_SERIAL_WACOM4 is not set +CONFIG_INPUT_TOUCHSCREEN=y +CONFIG_INPUT_MISC=y +# CONFIG_INPUT_AD714X is not set +# CONFIG_INPUT_ATMEL_CAPTOUCH is not set +# CONFIG_INPUT_BMA150 is not set +CONFIG_INPUT_E3X0_BUTTON=m +# CONFIG_INPUT_MMA8450 is not set +# CONFIG_INPUT_GPIO_BEEPER is not set +# CONFIG_INPUT_GPIO_DECODER is not set +# CONFIG_INPUT_GPIO_VIBRA is not set +CONFIG_INPUT_ATI_REMOTE2=m +CONFIG_INPUT_KEYSPAN_REMOTE=m +# CONFIG_INPUT_KXTJ9 is not set +CONFIG_INPUT_POWERMATE=m +CONFIG_INPUT_YEALINK=m +CONFIG_INPUT_CM109=m +# CONFIG_INPUT_REGULATOR_HAPTIC is not set +CONFIG_INPUT_UINPUT=m +# CONFIG_INPUT_PCF8574 is not set +CONFIG_INPUT_PWM_BEEPER=m +CONFIG_INPUT_PWM_VIBRA=m +# CONFIG_INPUT_GPIO_ROTARY_ENCODER is not set +# CONFIG_INPUT_DA7280_HAPTICS is not set +# CONFIG_INPUT_ADXL34X is not set +# CONFIG_INPUT_IMS_PCU is not set +# CONFIG_INPUT_IQS269A is not set +# CONFIG_INPUT_IQS626A is not set +# CONFIG_INPUT_IQS7222 is not set +# CONFIG_INPUT_CMA3000 is not set +# CONFIG_INPUT_DRV260X_HAPTICS is not set +# CONFIG_INPUT_DRV2665_HAPTICS is not set +# CONFIG_INPUT_DRV2667_HAPTICS is not set +# CONFIG_RMI4_CORE is not set + +# +# Hardware I/O ports +# +# CONFIG_SERIO is not set +# CONFIG_GAMEPORT is not set +# end of Hardware I/O ports +# end of Input device support + +# +# Character devices +# +CONFIG_TTY=y +CONFIG_VT=y +CONFIG_CONSOLE_TRANSLATIONS=y +CONFIG_VT_CONSOLE=y +CONFIG_HW_CONSOLE=y +CONFIG_VT_HW_CONSOLE_BINDING=y +CONFIG_UNIX98_PTYS=y +# CONFIG_LEGACY_PTYS is not set +CONFIG_LEGACY_TIOCSTI=y +CONFIG_LDISC_AUTOLOAD=y + +# +# Serial drivers +# +CONFIG_SERIAL_EARLYCON=y +# CONFIG_SERIAL_8250 is not set + +# +# Non-8250 serial port support +# +# CONFIG_SERIAL_AMBA_PL010 is not set +# CONFIG_SERIAL_AMBA_PL011 is not set +# CONFIG_SERIAL_EARLYCON_SEMIHOST is not set +CONFIG_SERIAL_SAMSUNG=y +CONFIG_SERIAL_SAMSUNG_UARTS=4 +CONFIG_SERIAL_SAMSUNG_CONSOLE=y +# CONFIG_SERIAL_MAX3100 is not set +# CONFIG_SERIAL_MAX310X is not set +# CONFIG_SERIAL_UARTLITE is not set +CONFIG_SERIAL_CORE=y +CONFIG_SERIAL_CORE_CONSOLE=y +# CONFIG_SERIAL_JSM is not set +# CONFIG_SERIAL_SIFIVE is not set +# CONFIG_SERIAL_SCCNXP is not set +# CONFIG_SERIAL_SC16IS7XX is not set +# CONFIG_SERIAL_ALTERA_JTAGUART is not set +# CONFIG_SERIAL_ALTERA_UART is not set +# CONFIG_SERIAL_XILINX_PS_UART is not set +# CONFIG_SERIAL_ARC is not set +# CONFIG_SERIAL_RP2 is not set +# CONFIG_SERIAL_FSL_LPUART is not set +# CONFIG_SERIAL_FSL_LINFLEXUART is not set +# CONFIG_SERIAL_CONEXANT_DIGICOLOR is not set +# CONFIG_SERIAL_SPRD is not set +# end of Serial drivers + +CONFIG_SERIAL_NONSTANDARD=y +# CONFIG_MOXA_INTELLIO is not set +# CONFIG_MOXA_SMARTIO is not set +# CONFIG_SYNCLINK_GT is not set +# CONFIG_N_HDLC is not set +# CONFIG_N_GSM is not set +CONFIG_NOZOMI=m +# CONFIG_NULL_TTY is not set +CONFIG_HVC_DRIVER=y +# CONFIG_HVC_DCC is not set +CONFIG_SERIAL_DEV_BUS=y +CONFIG_SERIAL_DEV_CTRL_TTYPORT=y +# CONFIG_TTY_PRINTK is not set +CONFIG_VIRTIO_CONSOLE=y +# CONFIG_IPMI_HANDLER is not set +CONFIG_HW_RANDOM=y +# CONFIG_HW_RANDOM_TIMERIOMEM is not set +# CONFIG_HW_RANDOM_BA431 is not set +CONFIG_HW_RANDOM_VIRTIO=m +# CONFIG_HW_RANDOM_CCTRNG is not set +# CONFIG_HW_RANDOM_XIPHERA is not set +# CONFIG_HW_RANDOM_ARM_SMCCC_TRNG is not set +# CONFIG_HW_RANDOM_CN10K is not set +# CONFIG_APPLICOM is not set +CONFIG_DEVMEM=y +CONFIG_DEVPORT=y +# CONFIG_TCG_TPM is not set +# CONFIG_XILLYBUS is not set +# CONFIG_XILLYUSB is not set +# end of Character devices + +# +# I2C support +# +CONFIG_I2C=y +CONFIG_I2C_BOARDINFO=y +CONFIG_I2C_COMPAT=y +CONFIG_I2C_CHARDEV=m +CONFIG_I2C_MUX=y + +# +# Multiplexer I2C Chip support +# +CONFIG_I2C_ARB_GPIO_CHALLENGE=m +CONFIG_I2C_MUX_GPIO=m +CONFIG_I2C_MUX_GPMUX=m +# CONFIG_I2C_MUX_LTC4306 is not set +CONFIG_I2C_MUX_PCA9541=m +CONFIG_I2C_MUX_PCA954x=y +CONFIG_I2C_MUX_PINCTRL=m +CONFIG_I2C_MUX_REG=m +CONFIG_I2C_DEMUX_PINCTRL=m +# CONFIG_I2C_MUX_MLXCPLD is not set +# end of Multiplexer I2C Chip support + +CONFIG_I2C_HELPER_AUTO=y +CONFIG_I2C_ALGOBIT=m + +# +# I2C Hardware Bus support +# + +# +# PC SMBus host controller drivers +# +# CONFIG_I2C_ALI1535 is not set +# CONFIG_I2C_ALI1563 is not set +# CONFIG_I2C_ALI15X3 is not set +# CONFIG_I2C_AMD756 is not set +# CONFIG_I2C_AMD8111 is not set +# CONFIG_I2C_I801 is not set +# CONFIG_I2C_ISCH is not set +# CONFIG_I2C_PIIX4 is not set +# CONFIG_I2C_NFORCE2 is not set +# CONFIG_I2C_NVIDIA_GPU is not set +# CONFIG_I2C_SIS5595 is not set +# CONFIG_I2C_SIS630 is not set +# CONFIG_I2C_SIS96X is not set +# CONFIG_I2C_VIA is not set +# CONFIG_I2C_VIAPRO is not set + +# +# I2C system bus drivers (mostly embedded / system-on-chip) +# +# CONFIG_I2C_CADENCE is not set +# CONFIG_I2C_CBUS_GPIO is not set +# CONFIG_I2C_DESIGNWARE_PLATFORM is not set +# CONFIG_I2C_DESIGNWARE_PCI is not set +# CONFIG_I2C_EMEV2 is not set +# CONFIG_I2C_GPIO is not set +# CONFIG_I2C_HISI is not set +# CONFIG_I2C_NOMADIK is not set +# CONFIG_I2C_OCORES is not set +CONFIG_I2C_APPLE=m +# CONFIG_I2C_PCA_PLATFORM is not set +# CONFIG_I2C_RK3X is not set +# CONFIG_I2C_SIMTEC is not set +# CONFIG_I2C_THUNDERX is not set +# CONFIG_I2C_XILINX is not set + +# +# External I2C/SMBus adapter drivers +# +# CONFIG_I2C_DIOLAN_U2C is not set +# CONFIG_I2C_CP2615 is not set +# CONFIG_I2C_PCI1XXXX is not set +# CONFIG_I2C_ROBOTFUZZ_OSIF is not set +# CONFIG_I2C_TAOS_EVM is not set +# CONFIG_I2C_TINY_USB is not set + +# +# Other I2C/SMBus bus drivers +# +# CONFIG_I2C_VIRTIO is not set +# end of I2C Hardware Bus support + +# CONFIG_I2C_STUB is not set +# CONFIG_I2C_SLAVE is not set +# CONFIG_I2C_DEBUG_CORE is not set +# CONFIG_I2C_DEBUG_ALGO is not set +# CONFIG_I2C_DEBUG_BUS is not set +# end of I2C support + +# CONFIG_I3C is not set +CONFIG_SPI=y +# CONFIG_SPI_DEBUG is not set +CONFIG_SPI_MASTER=y +CONFIG_SPI_MEM=y + +# +# SPI Master Controller Drivers +# +# CONFIG_SPI_ALTERA is not set +# CONFIG_SPI_AXI_SPI_ENGINE is not set +# CONFIG_SPI_BITBANG is not set +# CONFIG_SPI_CADENCE is not set +# CONFIG_SPI_CADENCE_QUADSPI is not set +# CONFIG_SPI_CADENCE_XSPI is not set +# CONFIG_SPI_DESIGNWARE is not set +# CONFIG_SPI_GPIO is not set +# CONFIG_SPI_FSL_SPI is not set +# CONFIG_SPI_MICROCHIP_CORE is not set +# CONFIG_SPI_MICROCHIP_CORE_QSPI is not set +# CONFIG_SPI_OC_TINY is not set +# CONFIG_SPI_PCI1XXXX is not set +# CONFIG_SPI_PL022 is not set +# CONFIG_SPI_PXA2XX is not set +# CONFIG_SPI_SC18IS602 is not set +# CONFIG_SPI_SIFIVE is not set +# CONFIG_SPI_SN_F_OSPI is not set +# CONFIG_SPI_MXIC is not set +# CONFIG_SPI_THUNDERX is not set +# CONFIG_SPI_XCOMM is not set +# CONFIG_SPI_XILINX is not set +# CONFIG_SPI_ZYNQMP_GQSPI is not set +# CONFIG_SPI_AMD is not set + +# +# SPI Multiplexer support +# +# CONFIG_SPI_MUX is not set + +# +# SPI Protocol Masters +# +CONFIG_SPI_SPIDEV=m +# CONFIG_SPI_LOOPBACK_TEST is not set +# CONFIG_SPI_TLE62X0 is not set +# CONFIG_SPI_SLAVE is not set +CONFIG_SPI_DYNAMIC=y +CONFIG_SPMI=y +# CONFIG_SPMI_HISI3670 is not set +# CONFIG_HSI is not set +CONFIG_PPS=y +# CONFIG_PPS_DEBUG is not set + +# +# PPS clients support +# +# CONFIG_PPS_CLIENT_KTIMER is not set +CONFIG_PPS_CLIENT_LDISC=m +CONFIG_PPS_CLIENT_GPIO=m + +# +# PPS generators support +# + +# +# PTP clock support +# +CONFIG_PTP_1588_CLOCK=m +CONFIG_PTP_1588_CLOCK_OPTIONAL=m +# CONFIG_DP83640_PHY is not set +# CONFIG_PTP_1588_CLOCK_INES is not set +CONFIG_PTP_1588_CLOCK_KVM=m +# CONFIG_PTP_1588_CLOCK_IDT82P33 is not set +# CONFIG_PTP_1588_CLOCK_IDTCM is not set +# end of PTP clock support + +CONFIG_PINCTRL=y +CONFIG_GENERIC_PINCTRL_GROUPS=y +CONFIG_PINMUX=y +CONFIG_GENERIC_PINMUX_FUNCTIONS=y +# CONFIG_DEBUG_PINCTRL is not set +CONFIG_PINCTRL_APPLE_GPIO=m +# CONFIG_PINCTRL_CY8C95X0 is not set +# CONFIG_PINCTRL_MCP23S08 is not set +# CONFIG_PINCTRL_MICROCHIP_SGPIO is not set +# CONFIG_PINCTRL_OCELOT is not set +# CONFIG_PINCTRL_SINGLE is not set +# CONFIG_PINCTRL_STMFX is not set +# CONFIG_PINCTRL_SX150X is not set + +# +# Renesas pinctrl drivers +# +# end of Renesas pinctrl drivers + +CONFIG_GPIOLIB=y +CONFIG_GPIOLIB_FASTPATH_LIMIT=512 +CONFIG_OF_GPIO=y +CONFIG_GPIOLIB_IRQCHIP=y +# CONFIG_DEBUG_GPIO is not set +CONFIG_GPIO_SYSFS=y +CONFIG_GPIO_CDEV=y +CONFIG_GPIO_CDEV_V1=y + +# +# Memory mapped GPIO drivers +# +# CONFIG_GPIO_74XX_MMIO is not set +# CONFIG_GPIO_ALTERA is not set +# CONFIG_GPIO_CADENCE is not set +# CONFIG_GPIO_DWAPB is not set +# CONFIG_GPIO_FTGPIO010 is not set +# CONFIG_GPIO_GENERIC_PLATFORM is not set +# CONFIG_GPIO_GRGPIO is not set +# CONFIG_GPIO_HISI is not set +# CONFIG_GPIO_HLWD is not set +# CONFIG_GPIO_LOGICVC is not set +# CONFIG_GPIO_MB86S7X is not set +# CONFIG_GPIO_PL061 is not set +# CONFIG_GPIO_SIFIVE is not set +# CONFIG_GPIO_SYSCON is not set +# CONFIG_GPIO_XGENE is not set +# CONFIG_GPIO_XILINX is not set +# CONFIG_GPIO_AMD_FCH is not set +# end of Memory mapped GPIO drivers + +# +# I2C GPIO expanders +# +# CONFIG_GPIO_ADNP is not set +# CONFIG_GPIO_FXL6408 is not set +# CONFIG_GPIO_GW_PLD is not set +# CONFIG_GPIO_MAX7300 is not set +# CONFIG_GPIO_MAX732X is not set +# CONFIG_GPIO_PCA953X is not set +# CONFIG_GPIO_PCA9570 is not set +# CONFIG_GPIO_PCF857X is not set +# CONFIG_GPIO_TPIC2810 is not set +# end of I2C GPIO expanders + +# +# MFD GPIO expanders +# +# end of MFD GPIO expanders + +# +# PCI GPIO expanders +# +# CONFIG_GPIO_BT8XX is not set +# CONFIG_GPIO_PCI_IDIO_16 is not set +# CONFIG_GPIO_PCIE_IDIO_24 is not set +# CONFIG_GPIO_RDC321X is not set +# end of PCI GPIO expanders + +# +# SPI GPIO expanders +# +# CONFIG_GPIO_74X164 is not set +# CONFIG_GPIO_MAX3191X is not set +# CONFIG_GPIO_MAX7301 is not set +# CONFIG_GPIO_MC33880 is not set +# CONFIG_GPIO_PISOSR is not set +# CONFIG_GPIO_XRA1403 is not set +# end of SPI GPIO expanders + +# +# USB GPIO expanders +# +# end of USB GPIO expanders + +# +# Virtual GPIO drivers +# +# CONFIG_GPIO_AGGREGATOR is not set +# CONFIG_GPIO_LATCH is not set +# CONFIG_GPIO_MOCKUP is not set +# CONFIG_GPIO_VIRTIO is not set +# CONFIG_GPIO_SIM is not set +# end of Virtual GPIO drivers + +# CONFIG_W1 is not set +CONFIG_POWER_RESET=y +# CONFIG_POWER_RESET_BRCMSTB is not set +# CONFIG_POWER_RESET_GPIO is not set +# CONFIG_POWER_RESET_GPIO_RESTART is not set +# CONFIG_POWER_RESET_LTC2952 is not set +# CONFIG_POWER_RESET_REGULATOR is not set +# CONFIG_POWER_RESET_RESTART is not set +# CONFIG_POWER_RESET_XGENE is not set +# CONFIG_POWER_RESET_SYSCON is not set +# CONFIG_POWER_RESET_SYSCON_POWEROFF is not set +# CONFIG_SYSCON_REBOOT_MODE is not set +# CONFIG_NVMEM_REBOOT_MODE is not set +CONFIG_POWER_SUPPLY=y +# CONFIG_POWER_SUPPLY_DEBUG is not set +CONFIG_POWER_SUPPLY_HWMON=y +# CONFIG_IP5XXX_POWER is not set +# CONFIG_TEST_POWER is not set +# CONFIG_CHARGER_ADP5061 is not set +# CONFIG_BATTERY_CW2015 is not set +# CONFIG_BATTERY_DS2780 is not set +# CONFIG_BATTERY_DS2781 is not set +# CONFIG_BATTERY_DS2782 is not set +# CONFIG_BATTERY_SAMSUNG_SDI is not set +# CONFIG_BATTERY_SBS is not set +# CONFIG_CHARGER_SBS is not set +# CONFIG_MANAGER_SBS is not set +# CONFIG_BATTERY_BQ27XXX is not set +# CONFIG_BATTERY_MAX17040 is not set +# CONFIG_BATTERY_MAX17042 is not set +# CONFIG_CHARGER_ISP1704 is not set +# CONFIG_CHARGER_MAX8903 is not set +# CONFIG_CHARGER_LP8727 is not set +# CONFIG_CHARGER_GPIO is not set +# CONFIG_CHARGER_MANAGER is not set +# CONFIG_CHARGER_LT3651 is not set +# CONFIG_CHARGER_LTC4162L is not set +# CONFIG_CHARGER_DETECTOR_MAX14656 is not set +# CONFIG_CHARGER_MAX77976 is not set +# CONFIG_CHARGER_BQ2415X is not set +# CONFIG_CHARGER_BQ24190 is not set +# CONFIG_CHARGER_BQ24257 is not set +# CONFIG_CHARGER_BQ24735 is not set +# CONFIG_CHARGER_BQ2515X is not set +# CONFIG_CHARGER_BQ25890 is not set +# CONFIG_CHARGER_BQ25980 is not set +# CONFIG_CHARGER_BQ256XX is not set +# CONFIG_CHARGER_SMB347 is not set +# CONFIG_BATTERY_GAUGE_LTC2941 is not set +# CONFIG_BATTERY_GOLDFISH is not set +# CONFIG_BATTERY_RT5033 is not set +# CONFIG_CHARGER_RT9455 is not set +# CONFIG_CHARGER_RT9467 is not set +# CONFIG_CHARGER_RT9471 is not set +# CONFIG_CHARGER_UCS1002 is not set +# CONFIG_CHARGER_BD99954 is not set +# CONFIG_BATTERY_UG3105 is not set +CONFIG_HWMON=y +# CONFIG_HWMON_DEBUG_CHIP is not set + +# +# Native drivers +# +# CONFIG_SENSORS_AD7314 is not set +# CONFIG_SENSORS_AD7414 is not set +# CONFIG_SENSORS_AD7418 is not set +# CONFIG_SENSORS_ADM1021 is not set +# CONFIG_SENSORS_ADM1025 is not set +# CONFIG_SENSORS_ADM1026 is not set +# CONFIG_SENSORS_ADM1029 is not set +# CONFIG_SENSORS_ADM1031 is not set +# CONFIG_SENSORS_ADM1177 is not set +# CONFIG_SENSORS_ADM9240 is not set +# CONFIG_SENSORS_ADT7310 is not set +# CONFIG_SENSORS_ADT7410 is not set +# CONFIG_SENSORS_ADT7411 is not set +# CONFIG_SENSORS_ADT7462 is not set +# CONFIG_SENSORS_ADT7470 is not set +# CONFIG_SENSORS_ADT7475 is not set +# CONFIG_SENSORS_AHT10 is not set +# CONFIG_SENSORS_AQUACOMPUTER_D5NEXT is not set +# CONFIG_SENSORS_AS370 is not set +# CONFIG_SENSORS_ASC7621 is not set +# CONFIG_SENSORS_AXI_FAN_CONTROL is not set +# CONFIG_SENSORS_ATXP1 is not set +# CONFIG_SENSORS_CORSAIR_CPRO is not set +# CONFIG_SENSORS_CORSAIR_PSU is not set +# CONFIG_SENSORS_DS620 is not set +# CONFIG_SENSORS_DS1621 is not set +# CONFIG_SENSORS_I5K_AMB is not set +# CONFIG_SENSORS_F71805F is not set +# CONFIG_SENSORS_F71882FG is not set +# CONFIG_SENSORS_F75375S is not set +# CONFIG_SENSORS_FTSTEUTATES is not set +# CONFIG_SENSORS_GL518SM is not set +# CONFIG_SENSORS_GL520SM is not set +# CONFIG_SENSORS_G760A is not set +# CONFIG_SENSORS_G762 is not set +# CONFIG_SENSORS_GPIO_FAN is not set +# CONFIG_SENSORS_HIH6130 is not set +# CONFIG_SENSORS_IT87 is not set +# CONFIG_SENSORS_JC42 is not set +# CONFIG_SENSORS_POWR1220 is not set +# CONFIG_SENSORS_LINEAGE is not set +# CONFIG_SENSORS_LTC2945 is not set +# CONFIG_SENSORS_LTC2947_I2C is not set +# CONFIG_SENSORS_LTC2947_SPI is not set +# CONFIG_SENSORS_LTC2990 is not set +# CONFIG_SENSORS_LTC2992 is not set +# CONFIG_SENSORS_LTC4151 is not set +# CONFIG_SENSORS_LTC4215 is not set +# CONFIG_SENSORS_LTC4222 is not set +# CONFIG_SENSORS_LTC4245 is not set +# CONFIG_SENSORS_LTC4260 is not set +# CONFIG_SENSORS_LTC4261 is not set +# CONFIG_SENSORS_MAX1111 is not set +# CONFIG_SENSORS_MAX127 is not set +# CONFIG_SENSORS_MAX16065 is not set +# CONFIG_SENSORS_MAX1619 is not set +# CONFIG_SENSORS_MAX1668 is not set +# CONFIG_SENSORS_MAX197 is not set +# CONFIG_SENSORS_MAX31722 is not set +# CONFIG_SENSORS_MAX31730 is not set +# CONFIG_SENSORS_MAX31760 is not set +# CONFIG_MAX31827 is not set +# CONFIG_SENSORS_MAX6620 is not set +# CONFIG_SENSORS_MAX6621 is not set +# CONFIG_SENSORS_MAX6639 is not set +# CONFIG_SENSORS_MAX6642 is not set +# CONFIG_SENSORS_MAX6650 is not set +# CONFIG_SENSORS_MAX6697 is not set +# CONFIG_SENSORS_MAX31790 is not set +# CONFIG_SENSORS_MC34VR500 is not set +# CONFIG_SENSORS_MCP3021 is not set +# CONFIG_SENSORS_TC654 is not set +# CONFIG_SENSORS_TPS23861 is not set +# CONFIG_SENSORS_MR75203 is not set +# CONFIG_SENSORS_ADCXX is not set +# CONFIG_SENSORS_LM63 is not set +# CONFIG_SENSORS_LM70 is not set +# CONFIG_SENSORS_LM73 is not set +# CONFIG_SENSORS_LM75 is not set +# CONFIG_SENSORS_LM77 is not set +# CONFIG_SENSORS_LM78 is not set +# CONFIG_SENSORS_LM80 is not set +# CONFIG_SENSORS_LM83 is not set +# CONFIG_SENSORS_LM85 is not set +# CONFIG_SENSORS_LM87 is not set +# CONFIG_SENSORS_LM90 is not set +# CONFIG_SENSORS_LM92 is not set +# CONFIG_SENSORS_LM93 is not set +# CONFIG_SENSORS_LM95234 is not set +# CONFIG_SENSORS_LM95241 is not set +# CONFIG_SENSORS_LM95245 is not set +# CONFIG_SENSORS_PC87360 is not set +# CONFIG_SENSORS_PC87427 is not set +# CONFIG_SENSORS_NCT6683 is not set +# CONFIG_SENSORS_NCT6775 is not set +# CONFIG_SENSORS_NCT6775_I2C is not set +# CONFIG_SENSORS_NCT7802 is not set +# CONFIG_SENSORS_NCT7904 is not set +# CONFIG_SENSORS_NPCM7XX is not set +# CONFIG_SENSORS_NZXT_KRAKEN2 is not set +# CONFIG_SENSORS_NZXT_SMART2 is not set +# CONFIG_SENSORS_OCC_P8_I2C is not set +# CONFIG_SENSORS_PCF8591 is not set +# CONFIG_PMBUS is not set +# CONFIG_SENSORS_PWM_FAN is not set +# CONFIG_SENSORS_SBTSI is not set +# CONFIG_SENSORS_SBRMI is not set +# CONFIG_SENSORS_SHT15 is not set +# CONFIG_SENSORS_SHT21 is not set +# CONFIG_SENSORS_SHT3x is not set +# CONFIG_SENSORS_SHT4x is not set +# CONFIG_SENSORS_SHTC1 is not set +# CONFIG_SENSORS_SIS5595 is not set +# CONFIG_SENSORS_DME1737 is not set +# CONFIG_SENSORS_EMC1403 is not set +# CONFIG_SENSORS_EMC2103 is not set +# CONFIG_SENSORS_EMC2305 is not set +# CONFIG_SENSORS_EMC6W201 is not set +# CONFIG_SENSORS_SMSC47M1 is not set +# CONFIG_SENSORS_SMSC47M192 is not set +# CONFIG_SENSORS_SMSC47B397 is not set +# CONFIG_SENSORS_SCH5627 is not set +# CONFIG_SENSORS_SCH5636 is not set +# CONFIG_SENSORS_STTS751 is not set +# CONFIG_SENSORS_SMM665 is not set +# CONFIG_SENSORS_ADC128D818 is not set +# CONFIG_SENSORS_ADS7828 is not set +# CONFIG_SENSORS_ADS7871 is not set +# CONFIG_SENSORS_AMC6821 is not set +# CONFIG_SENSORS_INA209 is not set +# CONFIG_SENSORS_INA2XX is not set +# CONFIG_SENSORS_INA238 is not set +# CONFIG_SENSORS_INA3221 is not set +# CONFIG_SENSORS_TC74 is not set +# CONFIG_SENSORS_THMC50 is not set +# CONFIG_SENSORS_TMP102 is not set +# CONFIG_SENSORS_TMP103 is not set +# CONFIG_SENSORS_TMP108 is not set +# CONFIG_SENSORS_TMP401 is not set +# CONFIG_SENSORS_TMP421 is not set +# CONFIG_SENSORS_TMP464 is not set +# CONFIG_SENSORS_TMP513 is not set +# CONFIG_SENSORS_VIA686A is not set +# CONFIG_SENSORS_VT1211 is not set +# CONFIG_SENSORS_VT8231 is not set +# CONFIG_SENSORS_W83773G is not set +# CONFIG_SENSORS_W83781D is not set +# CONFIG_SENSORS_W83791D is not set +# CONFIG_SENSORS_W83792D is not set +# CONFIG_SENSORS_W83793 is not set +# CONFIG_SENSORS_W83795 is not set +# CONFIG_SENSORS_W83L785TS is not set +# CONFIG_SENSORS_W83L786NG is not set +# CONFIG_SENSORS_W83627HF is not set +# CONFIG_SENSORS_W83627EHF is not set +CONFIG_THERMAL=y +# CONFIG_THERMAL_NETLINK is not set +# CONFIG_THERMAL_STATISTICS is not set +CONFIG_THERMAL_EMERGENCY_POWEROFF_DELAY_MS=0 +CONFIG_THERMAL_HWMON=y +CONFIG_THERMAL_OF=y +CONFIG_THERMAL_WRITABLE_TRIPS=y +CONFIG_THERMAL_DEFAULT_GOV_STEP_WISE=y +# CONFIG_THERMAL_DEFAULT_GOV_FAIR_SHARE is not set +# CONFIG_THERMAL_DEFAULT_GOV_USER_SPACE is not set +# CONFIG_THERMAL_DEFAULT_GOV_POWER_ALLOCATOR is not set +# CONFIG_THERMAL_DEFAULT_GOV_BANG_BANG is not set +CONFIG_THERMAL_GOV_FAIR_SHARE=y +CONFIG_THERMAL_GOV_STEP_WISE=y +CONFIG_THERMAL_GOV_BANG_BANG=y +CONFIG_THERMAL_GOV_USER_SPACE=y +CONFIG_THERMAL_GOV_POWER_ALLOCATOR=y +CONFIG_CPU_THERMAL=y +CONFIG_CPU_FREQ_THERMAL=y +CONFIG_DEVFREQ_THERMAL=y +CONFIG_THERMAL_EMULATION=y +# CONFIG_THERMAL_MMIO is not set +CONFIG_WATCHDOG=y +CONFIG_WATCHDOG_CORE=y +# CONFIG_WATCHDOG_NOWAYOUT is not set +CONFIG_WATCHDOG_HANDLE_BOOT_ENABLED=y +CONFIG_WATCHDOG_OPEN_TIMEOUT=0 +# CONFIG_WATCHDOG_SYSFS is not set +# CONFIG_WATCHDOG_HRTIMER_PRETIMEOUT is not set + +# +# Watchdog Pretimeout Governors +# +# CONFIG_WATCHDOG_PRETIMEOUT_GOV is not set + +# +# Watchdog Device Drivers +# +CONFIG_SOFT_WATCHDOG=m +# CONFIG_GPIO_WATCHDOG is not set +# CONFIG_XILINX_WATCHDOG is not set +# CONFIG_XILINX_WINDOW_WATCHDOG is not set +# CONFIG_ZIIRAVE_WATCHDOG is not set +# CONFIG_ARM_SP805_WATCHDOG is not set +# CONFIG_ARM_SBSA_WATCHDOG is not set +# CONFIG_CADENCE_WATCHDOG is not set +# CONFIG_DW_WATCHDOG is not set +# CONFIG_MAX63XX_WATCHDOG is not set +# CONFIG_ARM_SMC_WATCHDOG is not set +CONFIG_APPLE_WATCHDOG=y +# CONFIG_ALIM7101_WDT is not set +# CONFIG_I6300ESB_WDT is not set +# CONFIG_HP_WATCHDOG is not set +# CONFIG_MEN_A21_WDT is not set + +# +# PCI-based Watchdog Cards +# +# CONFIG_PCIPCWATCHDOG is not set +# CONFIG_WDTPCI is not set + +# +# USB-based Watchdog Cards +# +# CONFIG_USBPCWATCHDOG is not set +CONFIG_SSB_POSSIBLE=y +# CONFIG_SSB is not set +CONFIG_BCMA_POSSIBLE=y +# CONFIG_BCMA is not set + +# +# Multifunction device drivers +# +CONFIG_MFD_CORE=m +# CONFIG_MFD_ACT8945A is not set +# CONFIG_MFD_AS3711 is not set +# CONFIG_MFD_SMPRO is not set +# CONFIG_MFD_AS3722 is not set +# CONFIG_PMIC_ADP5520 is not set +# CONFIG_MFD_AAT2870_CORE is not set +# CONFIG_MFD_ATMEL_FLEXCOM is not set +# CONFIG_MFD_ATMEL_HLCDC is not set +# CONFIG_MFD_BCM590XX is not set +# CONFIG_MFD_BD9571MWV is not set +# CONFIG_MFD_AXP20X_I2C is not set +# CONFIG_MFD_MADERA is not set +# CONFIG_MFD_MAX5970 is not set +# CONFIG_PMIC_DA903X is not set +# CONFIG_MFD_DA9052_SPI is not set +# CONFIG_MFD_DA9052_I2C is not set +# CONFIG_MFD_DA9055 is not set +# CONFIG_MFD_DA9062 is not set +# CONFIG_MFD_DA9063 is not set +# CONFIG_MFD_DA9150 is not set +# CONFIG_MFD_DLN2 is not set +# CONFIG_MFD_GATEWORKS_GSC is not set +# CONFIG_MFD_MC13XXX_SPI is not set +# CONFIG_MFD_MC13XXX_I2C is not set +# CONFIG_MFD_MP2629 is not set +# CONFIG_MFD_HI6421_PMIC is not set +# CONFIG_MFD_HI6421_SPMI is not set +# CONFIG_LPC_ICH is not set +# CONFIG_LPC_SCH is not set +# CONFIG_MFD_IQS62X is not set +# CONFIG_MFD_JANZ_CMODIO is not set +# CONFIG_MFD_KEMPLD is not set +# CONFIG_MFD_88PM800 is not set +# CONFIG_MFD_88PM805 is not set +# CONFIG_MFD_88PM860X is not set +# CONFIG_MFD_MAX14577 is not set +# CONFIG_MFD_MAX77541 is not set +# CONFIG_MFD_MAX77620 is not set +# CONFIG_MFD_MAX77650 is not set +# CONFIG_MFD_MAX77686 is not set +# CONFIG_MFD_MAX77693 is not set +# CONFIG_MFD_MAX77714 is not set +# CONFIG_MFD_MAX77843 is not set +# CONFIG_MFD_MAX8907 is not set +# CONFIG_MFD_MAX8925 is not set +# CONFIG_MFD_MAX8997 is not set +# CONFIG_MFD_MAX8998 is not set +# CONFIG_MFD_MT6360 is not set +# CONFIG_MFD_MT6370 is not set +# CONFIG_MFD_MT6397 is not set +# CONFIG_MFD_MENF21BMC is not set +# CONFIG_MFD_OCELOT is not set +# CONFIG_EZX_PCAP is not set +# CONFIG_MFD_CPCAP is not set +# CONFIG_MFD_VIPERBOARD is not set +# CONFIG_MFD_NTXEC is not set +# CONFIG_MFD_RETU is not set +# CONFIG_MFD_PCF50633 is not set +# CONFIG_MFD_SY7636A is not set +# CONFIG_MFD_RDC321X is not set +# CONFIG_MFD_RT4831 is not set +# CONFIG_MFD_RT5033 is not set +# CONFIG_MFD_RT5120 is not set +# CONFIG_MFD_RC5T583 is not set +# CONFIG_MFD_RK8XX_I2C is not set +# CONFIG_MFD_RK8XX_SPI is not set +# CONFIG_MFD_RN5T618 is not set +# CONFIG_MFD_SEC_CORE is not set +# CONFIG_MFD_SI476X_CORE is not set +CONFIG_MFD_SIMPLE_MFD_SPMI=m +# CONFIG_MFD_SM501 is not set +# CONFIG_MFD_SKY81452 is not set +# CONFIG_MFD_STMPE is not set +CONFIG_MFD_SYSCON=y +# CONFIG_MFD_TI_AM335X_TSCADC is not set +# CONFIG_MFD_LP3943 is not set +# CONFIG_MFD_LP8788 is not set +# CONFIG_MFD_TI_LMU is not set +# CONFIG_MFD_PALMAS is not set +# CONFIG_TPS6105X is not set +# CONFIG_TPS65010 is not set +# CONFIG_TPS6507X is not set +# CONFIG_MFD_TPS65086 is not set +# CONFIG_MFD_TPS65090 is not set +# CONFIG_MFD_TPS65217 is not set +# CONFIG_MFD_TI_LP873X is not set +# CONFIG_MFD_TI_LP87565 is not set +# CONFIG_MFD_TPS65218 is not set +# CONFIG_MFD_TPS65219 is not set +# CONFIG_MFD_TPS6586X is not set +# CONFIG_MFD_TPS65910 is not set +# CONFIG_MFD_TPS65912_I2C is not set +# CONFIG_MFD_TPS65912_SPI is not set +# CONFIG_MFD_TPS6594_I2C is not set +# CONFIG_MFD_TPS6594_SPI is not set +# CONFIG_TWL4030_CORE is not set +# CONFIG_TWL6040_CORE is not set +# CONFIG_MFD_WL1273_CORE is not set +# CONFIG_MFD_LM3533 is not set +# CONFIG_MFD_TC3589X is not set +# CONFIG_MFD_TQMX86 is not set +# CONFIG_MFD_VX855 is not set +# CONFIG_MFD_LOCHNAGAR is not set +# CONFIG_MFD_ARIZONA_I2C is not set +# CONFIG_MFD_ARIZONA_SPI is not set +# CONFIG_MFD_WM8400 is not set +# CONFIG_MFD_WM831X_I2C is not set +# CONFIG_MFD_WM831X_SPI is not set +# CONFIG_MFD_WM8350_I2C is not set +# CONFIG_MFD_WM8994 is not set +# CONFIG_MFD_ROHM_BD718XX is not set +# CONFIG_MFD_ROHM_BD71828 is not set +# CONFIG_MFD_ROHM_BD957XMUF is not set +# CONFIG_MFD_STPMIC1 is not set +# CONFIG_MFD_STMFX is not set +# CONFIG_MFD_ATC260X_I2C is not set +# CONFIG_MFD_QCOM_PM8008 is not set +# CONFIG_RAVE_SP_CORE is not set +# CONFIG_MFD_INTEL_M10_BMC_SPI is not set +# CONFIG_MFD_RSMU_I2C is not set +# CONFIG_MFD_RSMU_SPI is not set +# end of Multifunction device drivers + +CONFIG_REGULATOR=y +# CONFIG_REGULATOR_DEBUG is not set +CONFIG_REGULATOR_FIXED_VOLTAGE=y +# CONFIG_REGULATOR_VIRTUAL_CONSUMER is not set +# CONFIG_REGULATOR_USERSPACE_CONSUMER is not set +# CONFIG_REGULATOR_88PG86X is not set +# CONFIG_REGULATOR_ACT8865 is not set +# CONFIG_REGULATOR_AD5398 is not set +# CONFIG_REGULATOR_DA9121 is not set +# CONFIG_REGULATOR_DA9210 is not set +# CONFIG_REGULATOR_DA9211 is not set +# CONFIG_REGULATOR_FAN53555 is not set +# CONFIG_REGULATOR_FAN53880 is not set +# CONFIG_REGULATOR_GPIO is not set +# CONFIG_REGULATOR_ISL9305 is not set +# CONFIG_REGULATOR_ISL6271A is not set +# CONFIG_REGULATOR_LP3971 is not set +# CONFIG_REGULATOR_LP3972 is not set +# CONFIG_REGULATOR_LP872X is not set +# CONFIG_REGULATOR_LP8755 is not set +# CONFIG_REGULATOR_LTC3589 is not set +# CONFIG_REGULATOR_LTC3676 is not set +# CONFIG_REGULATOR_MAX1586 is not set +# CONFIG_REGULATOR_MAX8649 is not set +# CONFIG_REGULATOR_MAX8660 is not set +# CONFIG_REGULATOR_MAX8893 is not set +# CONFIG_REGULATOR_MAX8952 is not set +# CONFIG_REGULATOR_MAX8973 is not set +# CONFIG_REGULATOR_MAX20086 is not set +# CONFIG_REGULATOR_MAX20411 is not set +# CONFIG_REGULATOR_MAX77826 is not set +# CONFIG_REGULATOR_MCP16502 is not set +# CONFIG_REGULATOR_MP5416 is not set +# CONFIG_REGULATOR_MP8859 is not set +# CONFIG_REGULATOR_MP886X is not set +# CONFIG_REGULATOR_MPQ7920 is not set +# CONFIG_REGULATOR_MT6311 is not set +# CONFIG_REGULATOR_MT6315 is not set +# CONFIG_REGULATOR_PCA9450 is not set +# CONFIG_REGULATOR_PF8X00 is not set +# CONFIG_REGULATOR_PFUZE100 is not set +# CONFIG_REGULATOR_PV88060 is not set +# CONFIG_REGULATOR_PV88080 is not set +# CONFIG_REGULATOR_PV88090 is not set +# CONFIG_REGULATOR_PWM is not set +# CONFIG_REGULATOR_QCOM_SPMI is not set +# CONFIG_REGULATOR_QCOM_USB_VBUS is not set +# CONFIG_REGULATOR_RAA215300 is not set +# CONFIG_REGULATOR_RASPBERRYPI_TOUCHSCREEN_ATTINY is not set +# CONFIG_REGULATOR_RT4801 is not set +# CONFIG_REGULATOR_RT4803 is not set +# CONFIG_REGULATOR_RT5190A is not set +# CONFIG_REGULATOR_RT5739 is not set +# CONFIG_REGULATOR_RT5759 is not set +# CONFIG_REGULATOR_RT6160 is not set +# CONFIG_REGULATOR_RT6190 is not set +# CONFIG_REGULATOR_RT6245 is not set +# CONFIG_REGULATOR_RTQ2134 is not set +# CONFIG_REGULATOR_RTMV20 is not set +# CONFIG_REGULATOR_RTQ6752 is not set +# CONFIG_REGULATOR_SLG51000 is not set +# CONFIG_REGULATOR_SY8106A is not set +# CONFIG_REGULATOR_SY8824X is not set +# CONFIG_REGULATOR_SY8827N is not set +# CONFIG_REGULATOR_TPS51632 is not set +# CONFIG_REGULATOR_TPS62360 is not set +# CONFIG_REGULATOR_TPS6286X is not set +# CONFIG_REGULATOR_TPS6287X is not set +# CONFIG_REGULATOR_TPS65023 is not set +# CONFIG_REGULATOR_TPS6507X is not set +# CONFIG_REGULATOR_TPS65132 is not set +# CONFIG_REGULATOR_TPS6524X is not set +# CONFIG_REGULATOR_VCTRL is not set +# CONFIG_REGULATOR_QCOM_LABIBB is not set +CONFIG_RC_CORE=m +CONFIG_LIRC=y +CONFIG_RC_MAP=m +CONFIG_RC_DECODERS=y +CONFIG_IR_IMON_DECODER=m +CONFIG_IR_JVC_DECODER=m +CONFIG_IR_MCE_KBD_DECODER=m +CONFIG_IR_NEC_DECODER=m +CONFIG_IR_RC5_DECODER=m +CONFIG_IR_RC6_DECODER=m +CONFIG_IR_RCMM_DECODER=m +CONFIG_IR_SANYO_DECODER=m +CONFIG_IR_SHARP_DECODER=m +CONFIG_IR_SONY_DECODER=m +CONFIG_IR_XMP_DECODER=m +CONFIG_RC_DEVICES=y +# CONFIG_IR_GPIO_CIR is not set +# CONFIG_IR_GPIO_TX is not set +CONFIG_IR_HIX5HD2=m +CONFIG_IR_IGORPLUGUSB=m +CONFIG_IR_IGUANA=m +CONFIG_IR_IMON=m +CONFIG_IR_IMON_RAW=m +CONFIG_IR_MCEUSB=m +# CONFIG_IR_PWM_TX is not set +CONFIG_IR_REDRAT3=m +# CONFIG_IR_SERIAL is not set +# CONFIG_IR_SPI is not set +CONFIG_IR_STREAMZAP=m +CONFIG_IR_TOY=m +CONFIG_IR_TTUSBIR=m +CONFIG_RC_ATI_REMOTE=m +CONFIG_RC_LOOPBACK=m +# CONFIG_RC_XBOX_DVD is not set + +# +# CEC support +# +CONFIG_MEDIA_CEC_SUPPORT=y +# CONFIG_CEC_CH7322 is not set +# CONFIG_CEC_GPIO is not set +# CONFIG_USB_PULSE8_CEC is not set +# CONFIG_USB_RAINSHADOW_CEC is not set +# end of CEC support + +CONFIG_MEDIA_SUPPORT=m +# CONFIG_MEDIA_SUPPORT_FILTER is not set +CONFIG_MEDIA_SUBDRV_AUTOSELECT=y + +# +# Media device types +# +CONFIG_MEDIA_CAMERA_SUPPORT=y +CONFIG_MEDIA_ANALOG_TV_SUPPORT=y +CONFIG_MEDIA_DIGITAL_TV_SUPPORT=y +CONFIG_MEDIA_RADIO_SUPPORT=y +CONFIG_MEDIA_SDR_SUPPORT=y +CONFIG_MEDIA_PLATFORM_SUPPORT=y +CONFIG_MEDIA_TEST_SUPPORT=y +# end of Media device types + +# +# Media core support +# +CONFIG_VIDEO_DEV=m +CONFIG_MEDIA_CONTROLLER=y +CONFIG_DVB_CORE=m +# end of Media core support + +# +# Video4Linux options +# +CONFIG_VIDEO_V4L2_I2C=y +# CONFIG_VIDEO_ADV_DEBUG is not set +# CONFIG_VIDEO_FIXED_MINOR_RANGES is not set +CONFIG_VIDEO_TUNER=m +# CONFIG_V4L2_FLASH_LED_CLASS is not set +CONFIG_V4L2_FWNODE=m +CONFIG_V4L2_ASYNC=m +# end of Video4Linux options + +# +# Media controller options +# +CONFIG_MEDIA_CONTROLLER_DVB=y +# end of Media controller options + +# +# Digital TV options +# +# CONFIG_DVB_MMAP is not set +CONFIG_DVB_NET=y +CONFIG_DVB_MAX_ADAPTERS=8 +CONFIG_DVB_DYNAMIC_MINORS=y +# CONFIG_DVB_DEMUX_SECTION_LOSS_LOG is not set +# CONFIG_DVB_ULE_DEBUG is not set +# end of Digital TV options + +# +# Media drivers +# + +# +# Media drivers +# +CONFIG_MEDIA_USB_SUPPORT=y + +# +# Webcam devices +# +CONFIG_USB_GSPCA=m +CONFIG_USB_GSPCA_BENQ=m +CONFIG_USB_GSPCA_CONEX=m +CONFIG_USB_GSPCA_CPIA1=m +CONFIG_USB_GSPCA_DTCS033=m +CONFIG_USB_GSPCA_ETOMS=m +CONFIG_USB_GSPCA_FINEPIX=m +CONFIG_USB_GSPCA_JEILINJ=m +CONFIG_USB_GSPCA_JL2005BCD=m +CONFIG_USB_GSPCA_KINECT=m +CONFIG_USB_GSPCA_KONICA=m +CONFIG_USB_GSPCA_MARS=m +CONFIG_USB_GSPCA_MR97310A=m +CONFIG_USB_GSPCA_NW80X=m +CONFIG_USB_GSPCA_OV519=m +CONFIG_USB_GSPCA_OV534=m +CONFIG_USB_GSPCA_OV534_9=m +CONFIG_USB_GSPCA_PAC207=m +CONFIG_USB_GSPCA_PAC7302=m +CONFIG_USB_GSPCA_PAC7311=m +CONFIG_USB_GSPCA_SE401=m +CONFIG_USB_GSPCA_SN9C2028=m +CONFIG_USB_GSPCA_SN9C20X=m +CONFIG_USB_GSPCA_SONIXB=m +CONFIG_USB_GSPCA_SONIXJ=m +CONFIG_USB_GSPCA_SPCA1528=m +CONFIG_USB_GSPCA_SPCA500=m +CONFIG_USB_GSPCA_SPCA501=m +CONFIG_USB_GSPCA_SPCA505=m +CONFIG_USB_GSPCA_SPCA506=m +CONFIG_USB_GSPCA_SPCA508=m +CONFIG_USB_GSPCA_SPCA561=m +CONFIG_USB_GSPCA_SQ905=m +CONFIG_USB_GSPCA_SQ905C=m +CONFIG_USB_GSPCA_SQ930X=m +CONFIG_USB_GSPCA_STK014=m +CONFIG_USB_GSPCA_STK1135=m +CONFIG_USB_GSPCA_STV0680=m +CONFIG_USB_GSPCA_SUNPLUS=m +CONFIG_USB_GSPCA_T613=m +CONFIG_USB_GSPCA_TOPRO=m +CONFIG_USB_GSPCA_TOUPTEK=m +CONFIG_USB_GSPCA_TV8532=m +CONFIG_USB_GSPCA_VC032X=m +CONFIG_USB_GSPCA_VICAM=m +CONFIG_USB_GSPCA_XIRLINK_CIT=m +CONFIG_USB_GSPCA_ZC3XX=m +CONFIG_USB_GL860=m +CONFIG_USB_M5602=m +CONFIG_USB_STV06XX=m +CONFIG_USB_PWC=m +# CONFIG_USB_PWC_DEBUG is not set +CONFIG_USB_PWC_INPUT_EVDEV=y +CONFIG_USB_S2255=m +CONFIG_VIDEO_USBTV=m +CONFIG_USB_VIDEO_CLASS=m +CONFIG_USB_VIDEO_CLASS_INPUT_EVDEV=y + +# +# Analog TV USB devices +# +CONFIG_VIDEO_GO7007=m +CONFIG_VIDEO_GO7007_USB=m +CONFIG_VIDEO_GO7007_LOADER=m +CONFIG_VIDEO_GO7007_USB_S2250_BOARD=m +CONFIG_VIDEO_HDPVR=m +CONFIG_VIDEO_PVRUSB2=m +CONFIG_VIDEO_PVRUSB2_SYSFS=y +CONFIG_VIDEO_PVRUSB2_DVB=y +# CONFIG_VIDEO_PVRUSB2_DEBUGIFC is not set +CONFIG_VIDEO_STK1160=m + +# +# Analog/digital TV USB devices +# +CONFIG_VIDEO_AU0828=m +CONFIG_VIDEO_AU0828_V4L2=y +CONFIG_VIDEO_AU0828_RC=y +CONFIG_VIDEO_CX231XX=m +CONFIG_VIDEO_CX231XX_RC=y +CONFIG_VIDEO_CX231XX_ALSA=m +CONFIG_VIDEO_CX231XX_DVB=m + +# +# Digital TV USB devices +# +CONFIG_DVB_AS102=m +CONFIG_DVB_B2C2_FLEXCOP_USB=m +# CONFIG_DVB_B2C2_FLEXCOP_USB_DEBUG is not set +CONFIG_DVB_USB_V2=m +CONFIG_DVB_USB_AF9015=m +CONFIG_DVB_USB_AF9035=m +CONFIG_DVB_USB_ANYSEE=m +CONFIG_DVB_USB_AU6610=m +CONFIG_DVB_USB_AZ6007=m +CONFIG_DVB_USB_CE6230=m +CONFIG_DVB_USB_DVBSKY=m +CONFIG_DVB_USB_EC168=m +CONFIG_DVB_USB_GL861=m +CONFIG_DVB_USB_LME2510=m +CONFIG_DVB_USB_MXL111SF=m +CONFIG_DVB_USB_RTL28XXU=m +CONFIG_DVB_USB_ZD1301=m +CONFIG_DVB_USB=m +# CONFIG_DVB_USB_DEBUG is not set +CONFIG_DVB_USB_A800=m +CONFIG_DVB_USB_AF9005=m +CONFIG_DVB_USB_AF9005_REMOTE=m +CONFIG_DVB_USB_AZ6027=m +CONFIG_DVB_USB_CINERGY_T2=m +CONFIG_DVB_USB_CXUSB=m +# CONFIG_DVB_USB_CXUSB_ANALOG is not set +CONFIG_DVB_USB_DIB0700=m +CONFIG_DVB_USB_DIB3000MC=m +CONFIG_DVB_USB_DIBUSB_MB=m +# CONFIG_DVB_USB_DIBUSB_MB_FAULTY is not set +CONFIG_DVB_USB_DIBUSB_MC=m +CONFIG_DVB_USB_DIGITV=m +CONFIG_DVB_USB_DTT200U=m +CONFIG_DVB_USB_DTV5100=m +CONFIG_DVB_USB_DW2102=m +CONFIG_DVB_USB_GP8PSK=m +CONFIG_DVB_USB_M920X=m +CONFIG_DVB_USB_NOVA_T_USB2=m +CONFIG_DVB_USB_OPERA1=m +CONFIG_DVB_USB_PCTV452E=m +CONFIG_DVB_USB_TECHNISAT_USB2=m +CONFIG_DVB_USB_TTUSB2=m +CONFIG_DVB_USB_UMT_010=m +CONFIG_DVB_USB_VP702X=m +CONFIG_DVB_USB_VP7045=m +CONFIG_SMS_USB_DRV=m +CONFIG_DVB_TTUSB_BUDGET=m +CONFIG_DVB_TTUSB_DEC=m + +# +# Webcam, TV (analog/digital) USB devices +# +CONFIG_VIDEO_EM28XX=m +CONFIG_VIDEO_EM28XX_V4L2=m +CONFIG_VIDEO_EM28XX_ALSA=m +CONFIG_VIDEO_EM28XX_DVB=m +CONFIG_VIDEO_EM28XX_RC=m + +# +# Software defined radio USB devices +# +CONFIG_USB_AIRSPY=m +CONFIG_USB_HACKRF=m +# CONFIG_USB_MSI2500 is not set +# CONFIG_MEDIA_PCI_SUPPORT is not set +CONFIG_RADIO_ADAPTERS=m +CONFIG_RADIO_MAXIRADIO=m +# CONFIG_RADIO_SAA7706H is not set +CONFIG_RADIO_SHARK=m +CONFIG_RADIO_SHARK2=m +CONFIG_RADIO_SI4713=m +CONFIG_RADIO_TEA575X=m +# CONFIG_RADIO_TEA5764 is not set +# CONFIG_RADIO_TEF6862 is not set +# CONFIG_RADIO_WL1273 is not set +CONFIG_USB_DSBR=m +CONFIG_USB_KEENE=m +CONFIG_USB_MA901=m +CONFIG_USB_MR800=m +CONFIG_USB_RAREMONO=m +CONFIG_RADIO_SI470X=m +CONFIG_USB_SI470X=m +# CONFIG_I2C_SI470X is not set +CONFIG_USB_SI4713=m +# CONFIG_PLATFORM_SI4713 is not set +CONFIG_I2C_SI4713=m +CONFIG_MEDIA_PLATFORM_DRIVERS=y +CONFIG_V4L_PLATFORM_DRIVERS=y +# CONFIG_SDR_PLATFORM_DRIVERS is not set +# CONFIG_DVB_PLATFORM_DRIVERS is not set +CONFIG_V4L_MEM2MEM_DRIVERS=y +# CONFIG_VIDEO_MEM2MEM_DEINTERLACE is not set +# CONFIG_VIDEO_MUX is not set + +# +# Allegro DVT media platform drivers +# + +# +# Amlogic media platform drivers +# + +# +# Amphion drivers +# + +# +# Apple media platform drivers +# + +# +# Aspeed media platform drivers +# + +# +# Atmel media platform drivers +# + +# +# Cadence media platform drivers +# +# CONFIG_VIDEO_CADENCE_CSI2RX is not set +# CONFIG_VIDEO_CADENCE_CSI2TX is not set + +# +# Chips&Media media platform drivers +# + +# +# Intel media platform drivers +# + +# +# Marvell media platform drivers +# +# CONFIG_VIDEO_CAFE_CCIC is not set + +# +# Mediatek media platform drivers +# + +# +# Microchip Technology, Inc. media platform drivers +# + +# +# NVidia media platform drivers +# + +# +# NXP media platform drivers +# + +# +# Qualcomm media platform drivers +# + +# +# Renesas media platform drivers +# + +# +# Rockchip media platform drivers +# + +# +# Samsung media platform drivers +# + +# +# STMicroelectronics media platform drivers +# + +# +# Sunxi media platform drivers +# + +# +# Texas Instruments drivers +# + +# +# Verisilicon media platform drivers +# + +# +# VIA media platform drivers +# + +# +# Xilinx media platform drivers +# +# CONFIG_VIDEO_XILINX is not set + +# +# MMC/SDIO DVB adapters +# +# CONFIG_SMS_SDIO_DRV is not set +# CONFIG_V4L_TEST_DRIVERS is not set +# CONFIG_DVB_TEST_DRIVERS is not set +CONFIG_MEDIA_COMMON_OPTIONS=y + +# +# common driver options +# +CONFIG_CYPRESS_FIRMWARE=m +CONFIG_TTPCI_EEPROM=m +CONFIG_UVC_COMMON=m +CONFIG_VIDEO_CX2341X=m +CONFIG_VIDEO_TVEEPROM=m +CONFIG_DVB_B2C2_FLEXCOP=m +CONFIG_SMS_SIANO_MDTV=m +CONFIG_SMS_SIANO_RC=y +CONFIG_VIDEOBUF2_CORE=m +CONFIG_VIDEOBUF2_V4L2=m +CONFIG_VIDEOBUF2_MEMOPS=m +CONFIG_VIDEOBUF2_VMALLOC=m +CONFIG_VIDEOBUF2_DMA_SG=m +# end of Media drivers + +# +# Media ancillary drivers +# +CONFIG_MEDIA_ATTACH=y + +# +# IR I2C driver auto-selected by 'Autoselect ancillary drivers' +# +CONFIG_VIDEO_IR_I2C=m + +# +# Camera sensor devices +# +# CONFIG_VIDEO_AR0521 is not set +# CONFIG_VIDEO_HI556 is not set +# CONFIG_VIDEO_HI846 is not set +# CONFIG_VIDEO_HI847 is not set +# CONFIG_VIDEO_IMX208 is not set +# CONFIG_VIDEO_IMX214 is not set +# CONFIG_VIDEO_IMX219 is not set +# CONFIG_VIDEO_IMX258 is not set +# CONFIG_VIDEO_IMX274 is not set +# CONFIG_VIDEO_IMX290 is not set +# CONFIG_VIDEO_IMX296 is not set +# CONFIG_VIDEO_IMX319 is not set +# CONFIG_VIDEO_IMX334 is not set +# CONFIG_VIDEO_IMX335 is not set +# CONFIG_VIDEO_IMX355 is not set +# CONFIG_VIDEO_IMX412 is not set +# CONFIG_VIDEO_IMX415 is not set +# CONFIG_VIDEO_MT9M001 is not set +# CONFIG_VIDEO_MT9M111 is not set +# CONFIG_VIDEO_MT9P031 is not set +# CONFIG_VIDEO_MT9T112 is not set +CONFIG_VIDEO_MT9V011=m +# CONFIG_VIDEO_MT9V032 is not set +# CONFIG_VIDEO_MT9V111 is not set +# CONFIG_VIDEO_OG01A1B is not set +# CONFIG_VIDEO_OV01A10 is not set +# CONFIG_VIDEO_OV02A10 is not set +# CONFIG_VIDEO_OV08D10 is not set +# CONFIG_VIDEO_OV08X40 is not set +# CONFIG_VIDEO_OV13858 is not set +# CONFIG_VIDEO_OV13B10 is not set +CONFIG_VIDEO_OV2640=m +# CONFIG_VIDEO_OV2659 is not set +# CONFIG_VIDEO_OV2680 is not set +# CONFIG_VIDEO_OV2685 is not set +# CONFIG_VIDEO_OV4689 is not set +# CONFIG_VIDEO_OV5640 is not set +# CONFIG_VIDEO_OV5645 is not set +# CONFIG_VIDEO_OV5647 is not set +# CONFIG_VIDEO_OV5648 is not set +# CONFIG_VIDEO_OV5670 is not set +# CONFIG_VIDEO_OV5675 is not set +# CONFIG_VIDEO_OV5693 is not set +# CONFIG_VIDEO_OV5695 is not set +# CONFIG_VIDEO_OV6650 is not set +# CONFIG_VIDEO_OV7251 is not set +CONFIG_VIDEO_OV7640=m +# CONFIG_VIDEO_OV7670 is not set +# CONFIG_VIDEO_OV772X is not set +# CONFIG_VIDEO_OV7740 is not set +# CONFIG_VIDEO_OV8856 is not set +# CONFIG_VIDEO_OV8858 is not set +# CONFIG_VIDEO_OV8865 is not set +# CONFIG_VIDEO_OV9282 is not set +# CONFIG_VIDEO_OV9640 is not set +# CONFIG_VIDEO_OV9650 is not set +# CONFIG_VIDEO_RDACM20 is not set +# CONFIG_VIDEO_RDACM21 is not set +# CONFIG_VIDEO_RJ54N1 is not set +# CONFIG_VIDEO_S5C73M3 is not set +# CONFIG_VIDEO_S5K5BAF is not set +# CONFIG_VIDEO_S5K6A3 is not set +# CONFIG_VIDEO_ST_VGXY61 is not set +# CONFIG_VIDEO_CCS is not set +# CONFIG_VIDEO_ET8EK8 is not set +# end of Camera sensor devices + +# +# Lens drivers +# +# CONFIG_VIDEO_AD5820 is not set +# CONFIG_VIDEO_AK7375 is not set +# CONFIG_VIDEO_DW9714 is not set +# CONFIG_VIDEO_DW9768 is not set +# CONFIG_VIDEO_DW9807_VCM is not set +# end of Lens drivers + +# +# Flash devices +# +# CONFIG_VIDEO_ADP1653 is not set +# CONFIG_VIDEO_LM3560 is not set +# CONFIG_VIDEO_LM3646 is not set +# end of Flash devices + +# +# Audio decoders, processors and mixers +# +CONFIG_VIDEO_CS3308=m +CONFIG_VIDEO_CS5345=m +CONFIG_VIDEO_CS53L32A=m +CONFIG_VIDEO_MSP3400=m +CONFIG_VIDEO_SONY_BTF_MPX=m +# CONFIG_VIDEO_TDA1997X is not set +CONFIG_VIDEO_TDA7432=m +CONFIG_VIDEO_TDA9840=m +CONFIG_VIDEO_TEA6415C=m +CONFIG_VIDEO_TEA6420=m +# CONFIG_VIDEO_TLV320AIC23B is not set +CONFIG_VIDEO_TVAUDIO=m +CONFIG_VIDEO_UDA1342=m +CONFIG_VIDEO_VP27SMPX=m +CONFIG_VIDEO_WM8739=m +CONFIG_VIDEO_WM8775=m +# end of Audio decoders, processors and mixers + +# +# RDS decoders +# +CONFIG_VIDEO_SAA6588=m +# end of RDS decoders + +# +# Video decoders +# +# CONFIG_VIDEO_ADV7180 is not set +# CONFIG_VIDEO_ADV7183 is not set +# CONFIG_VIDEO_ADV748X is not set +# CONFIG_VIDEO_ADV7604 is not set +# CONFIG_VIDEO_ADV7842 is not set +# CONFIG_VIDEO_BT819 is not set +# CONFIG_VIDEO_BT856 is not set +# CONFIG_VIDEO_BT866 is not set +# CONFIG_VIDEO_ISL7998X is not set +# CONFIG_VIDEO_KS0127 is not set +# CONFIG_VIDEO_MAX9286 is not set +# CONFIG_VIDEO_ML86V7667 is not set +# CONFIG_VIDEO_SAA7110 is not set +CONFIG_VIDEO_SAA711X=m +# CONFIG_VIDEO_TC358743 is not set +# CONFIG_VIDEO_TC358746 is not set +# CONFIG_VIDEO_TVP514X is not set +CONFIG_VIDEO_TVP5150=m +# CONFIG_VIDEO_TVP7002 is not set +CONFIG_VIDEO_TW2804=m +CONFIG_VIDEO_TW9903=m +CONFIG_VIDEO_TW9906=m +# CONFIG_VIDEO_TW9910 is not set +# CONFIG_VIDEO_VPX3220 is not set + +# +# Video and audio decoders +# +CONFIG_VIDEO_SAA717X=m +CONFIG_VIDEO_CX25840=m +# end of Video decoders + +# +# Video encoders +# +# CONFIG_VIDEO_ADV7170 is not set +# CONFIG_VIDEO_ADV7175 is not set +# CONFIG_VIDEO_ADV7343 is not set +# CONFIG_VIDEO_ADV7393 is not set +# CONFIG_VIDEO_ADV7511 is not set +# CONFIG_VIDEO_AK881X is not set +# CONFIG_VIDEO_SAA7127 is not set +# CONFIG_VIDEO_SAA7185 is not set +# CONFIG_VIDEO_THS8200 is not set +# end of Video encoders + +# +# Video improvement chips +# +CONFIG_VIDEO_UPD64031A=m +CONFIG_VIDEO_UPD64083=m +# end of Video improvement chips + +# +# Audio/Video compression chips +# +CONFIG_VIDEO_SAA6752HS=m +# end of Audio/Video compression chips + +# +# SDR tuner chips +# +# CONFIG_SDR_MAX2175 is not set +# end of SDR tuner chips + +# +# Miscellaneous helper chips +# +# CONFIG_VIDEO_I2C is not set +CONFIG_VIDEO_M52790=m +# CONFIG_VIDEO_ST_MIPID02 is not set +# CONFIG_VIDEO_THS7303 is not set +# end of Miscellaneous helper chips + +# +# Media SPI Adapters +# +# CONFIG_CXD2880_SPI_DRV is not set +# CONFIG_VIDEO_GS1662 is not set +# end of Media SPI Adapters + +CONFIG_MEDIA_TUNER=m + +# +# Customize TV tuners +# +CONFIG_MEDIA_TUNER_E4000=m +CONFIG_MEDIA_TUNER_FC0011=m +CONFIG_MEDIA_TUNER_FC0012=m +CONFIG_MEDIA_TUNER_FC0013=m +CONFIG_MEDIA_TUNER_FC2580=m +CONFIG_MEDIA_TUNER_IT913X=m +CONFIG_MEDIA_TUNER_M88RS6000T=m +CONFIG_MEDIA_TUNER_MAX2165=m +CONFIG_MEDIA_TUNER_MC44S803=m +# CONFIG_MEDIA_TUNER_MSI001 is not set +CONFIG_MEDIA_TUNER_MT2060=m +CONFIG_MEDIA_TUNER_MT2063=m +CONFIG_MEDIA_TUNER_MT20XX=m +CONFIG_MEDIA_TUNER_MT2131=m +CONFIG_MEDIA_TUNER_MT2266=m +CONFIG_MEDIA_TUNER_MXL301RF=m +CONFIG_MEDIA_TUNER_MXL5005S=m +CONFIG_MEDIA_TUNER_MXL5007T=m +CONFIG_MEDIA_TUNER_QM1D1B0004=m +CONFIG_MEDIA_TUNER_QM1D1C0042=m +CONFIG_MEDIA_TUNER_QT1010=m +CONFIG_MEDIA_TUNER_R820T=m +CONFIG_MEDIA_TUNER_SI2157=m +CONFIG_MEDIA_TUNER_SIMPLE=m +CONFIG_MEDIA_TUNER_TDA18212=m +CONFIG_MEDIA_TUNER_TDA18218=m +CONFIG_MEDIA_TUNER_TDA18250=m +CONFIG_MEDIA_TUNER_TDA18271=m +CONFIG_MEDIA_TUNER_TDA827X=m +CONFIG_MEDIA_TUNER_TDA8290=m +CONFIG_MEDIA_TUNER_TDA9887=m +CONFIG_MEDIA_TUNER_TEA5761=m +CONFIG_MEDIA_TUNER_TEA5767=m +CONFIG_MEDIA_TUNER_TUA9001=m +CONFIG_MEDIA_TUNER_XC2028=m +CONFIG_MEDIA_TUNER_XC4000=m +CONFIG_MEDIA_TUNER_XC5000=m +# end of Customize TV tuners + +# +# Customise DVB Frontends +# + +# +# Multistandard (satellite) frontends +# +CONFIG_DVB_M88DS3103=m +CONFIG_DVB_MXL5XX=m +CONFIG_DVB_STB0899=m +CONFIG_DVB_STB6100=m +CONFIG_DVB_STV090x=m +CONFIG_DVB_STV0910=m +CONFIG_DVB_STV6110x=m +CONFIG_DVB_STV6111=m + +# +# Multistandard (cable + terrestrial) frontends +# +CONFIG_DVB_DRXK=m +CONFIG_DVB_MN88472=m +CONFIG_DVB_MN88473=m +CONFIG_DVB_SI2165=m +CONFIG_DVB_TDA18271C2DD=m + +# +# DVB-S (satellite) frontends +# +CONFIG_DVB_CX24110=m +CONFIG_DVB_CX24116=m +CONFIG_DVB_CX24117=m +CONFIG_DVB_CX24120=m +CONFIG_DVB_CX24123=m +CONFIG_DVB_DS3000=m +CONFIG_DVB_MB86A16=m +CONFIG_DVB_MT312=m +CONFIG_DVB_S5H1420=m +CONFIG_DVB_SI21XX=m +CONFIG_DVB_STB6000=m +CONFIG_DVB_STV0288=m +CONFIG_DVB_STV0299=m +CONFIG_DVB_STV0900=m +CONFIG_DVB_STV6110=m +CONFIG_DVB_TDA10071=m +CONFIG_DVB_TDA10086=m +CONFIG_DVB_TDA8083=m +CONFIG_DVB_TDA8261=m +CONFIG_DVB_TDA826X=m +CONFIG_DVB_TS2020=m +CONFIG_DVB_TUA6100=m +CONFIG_DVB_TUNER_CX24113=m +CONFIG_DVB_TUNER_ITD1000=m +CONFIG_DVB_VES1X93=m +CONFIG_DVB_ZL10036=m +CONFIG_DVB_ZL10039=m + +# +# DVB-T (terrestrial) frontends +# +CONFIG_DVB_AF9013=m +CONFIG_DVB_AS102_FE=m +CONFIG_DVB_CX22700=m +CONFIG_DVB_CX22702=m +CONFIG_DVB_CXD2820R=m +CONFIG_DVB_CXD2841ER=m +CONFIG_DVB_DIB3000MB=m +CONFIG_DVB_DIB3000MC=m +CONFIG_DVB_DIB7000M=m +CONFIG_DVB_DIB7000P=m +# CONFIG_DVB_DIB9000 is not set +CONFIG_DVB_DRXD=m +CONFIG_DVB_EC100=m +CONFIG_DVB_GP8PSK_FE=m +CONFIG_DVB_L64781=m +CONFIG_DVB_MT352=m +CONFIG_DVB_NXT6000=m +CONFIG_DVB_RTL2830=m +CONFIG_DVB_RTL2832=m +CONFIG_DVB_RTL2832_SDR=m +# CONFIG_DVB_S5H1432 is not set +CONFIG_DVB_SI2168=m +CONFIG_DVB_SP887X=m +CONFIG_DVB_STV0367=m +CONFIG_DVB_TDA10048=m +CONFIG_DVB_TDA1004X=m +CONFIG_DVB_ZD1301_DEMOD=m +CONFIG_DVB_ZL10353=m +# CONFIG_DVB_CXD2880 is not set + +# +# DVB-C (cable) frontends +# +CONFIG_DVB_STV0297=m +CONFIG_DVB_TDA10021=m +CONFIG_DVB_TDA10023=m +CONFIG_DVB_VES1820=m + +# +# ATSC (North American/Korean Terrestrial/Cable DTV) frontends +# +CONFIG_DVB_AU8522=m +CONFIG_DVB_AU8522_DTV=m +CONFIG_DVB_AU8522_V4L=m +CONFIG_DVB_BCM3510=m +CONFIG_DVB_LG2160=m +CONFIG_DVB_LGDT3305=m +CONFIG_DVB_LGDT3306A=m +CONFIG_DVB_LGDT330X=m +CONFIG_DVB_MXL692=m +CONFIG_DVB_NXT200X=m +CONFIG_DVB_OR51132=m +CONFIG_DVB_OR51211=m +CONFIG_DVB_S5H1409=m +CONFIG_DVB_S5H1411=m + +# +# ISDB-T (terrestrial) frontends +# +CONFIG_DVB_DIB8000=m +CONFIG_DVB_MB86A20S=m +CONFIG_DVB_S921=m + +# +# ISDB-S (satellite) & ISDB-T (terrestrial) frontends +# +# CONFIG_DVB_MN88443X is not set +CONFIG_DVB_TC90522=m + +# +# Digital terrestrial only tuners/PLL +# +CONFIG_DVB_PLL=m +CONFIG_DVB_TUNER_DIB0070=m +CONFIG_DVB_TUNER_DIB0090=m + +# +# SEC control devices for DVB-S +# +CONFIG_DVB_A8293=m +CONFIG_DVB_AF9033=m +# CONFIG_DVB_ASCOT2E is not set +CONFIG_DVB_ATBM8830=m +# CONFIG_DVB_HELENE is not set +# CONFIG_DVB_HORUS3A is not set +CONFIG_DVB_ISL6405=m +CONFIG_DVB_ISL6421=m +CONFIG_DVB_ISL6423=m +CONFIG_DVB_IX2505V=m +# CONFIG_DVB_LGS8GL5 is not set +CONFIG_DVB_LGS8GXX=m +CONFIG_DVB_LNBH25=m +# CONFIG_DVB_LNBH29 is not set +CONFIG_DVB_LNBP21=m +CONFIG_DVB_LNBP22=m +CONFIG_DVB_M88RS2000=m +CONFIG_DVB_TDA665x=m +CONFIG_DVB_DRX39XYJ=m + +# +# Common Interface (EN50221) controller drivers +# +CONFIG_DVB_CXD2099=m +CONFIG_DVB_SP2=m +# end of Customise DVB Frontends + +# +# Tools to develop new frontends +# +# CONFIG_DVB_DUMMY_FE is not set +# end of Media ancillary drivers + +# +# Graphics support +# +CONFIG_APERTURE_HELPERS=y +CONFIG_VIDEO_CMDLINE=y +CONFIG_VIDEO_NOMODESET=y +CONFIG_DRM=y +# CONFIG_DRM_DEBUG_MM is not set +CONFIG_DRM_KMS_HELPER=y +# CONFIG_DRM_DEBUG_DP_MST_TOPOLOGY_REFS is not set +# CONFIG_DRM_DEBUG_MODESET_LOCK is not set +CONFIG_DRM_FBDEV_EMULATION=y +CONFIG_DRM_FBDEV_OVERALLOC=100 +# CONFIG_DRM_FBDEV_LEAK_PHYS_SMEM is not set +CONFIG_DRM_LOAD_EDID_FIRMWARE=y +CONFIG_DRM_TTM=y +CONFIG_DRM_VRAM_HELPER=y +CONFIG_DRM_TTM_HELPER=y + +# +# I2C encoder or helper chips +# +# CONFIG_DRM_I2C_CH7006 is not set +# CONFIG_DRM_I2C_SIL164 is not set +# CONFIG_DRM_I2C_NXP_TDA998X is not set +# CONFIG_DRM_I2C_NXP_TDA9950 is not set +# end of I2C encoder or helper chips + +# +# ARM devices +# +# CONFIG_DRM_HDLCD is not set +# CONFIG_DRM_MALI_DISPLAY is not set +# CONFIG_DRM_KOMEDA is not set +# end of ARM devices + +# CONFIG_DRM_RADEON is not set +# CONFIG_DRM_AMDGPU is not set +# CONFIG_DRM_NOUVEAU is not set +CONFIG_DRM_VGEM=m +# CONFIG_DRM_VKMS is not set +# CONFIG_DRM_VMWGFX is not set +# CONFIG_DRM_UDL is not set +# CONFIG_DRM_AST is not set +# CONFIG_DRM_MGAG200 is not set +# CONFIG_DRM_QXL is not set +CONFIG_DRM_VIRTIO_GPU=m +CONFIG_DRM_VIRTIO_GPU_KMS=y +CONFIG_DRM_PANEL=y + +# +# Display Panels +# +# CONFIG_DRM_PANEL_ABT_Y030XX067A is not set +# CONFIG_DRM_PANEL_ARM_VERSATILE is not set +# CONFIG_DRM_PANEL_AUO_A030JTN01 is not set +# CONFIG_DRM_PANEL_LVDS is not set +CONFIG_DRM_PANEL_SIMPLE=m +# CONFIG_DRM_PANEL_EDP is not set +# CONFIG_DRM_PANEL_ILITEK_IL9322 is not set +# CONFIG_DRM_PANEL_ILITEK_ILI9341 is not set +# CONFIG_DRM_PANEL_INNOLUX_EJ030NA is not set +# CONFIG_DRM_PANEL_SAMSUNG_LD9040 is not set +# CONFIG_DRM_PANEL_LG_LB035Q02 is not set +# CONFIG_DRM_PANEL_LG_LG4573 is not set +# CONFIG_DRM_PANEL_NEC_NL8048HL11 is not set +# CONFIG_DRM_PANEL_NEWVISION_NV3052C is not set +# CONFIG_DRM_PANEL_NOVATEK_NT39016 is not set +# CONFIG_DRM_PANEL_OLIMEX_LCD_OLINUXINO is not set +# CONFIG_DRM_PANEL_ORISETECH_OTA5601A is not set +# CONFIG_DRM_PANEL_SAMSUNG_ATNA33XC20 is not set +# CONFIG_DRM_PANEL_SAMSUNG_DB7430 is not set +# CONFIG_DRM_PANEL_SAMSUNG_S6D27A1 is not set +# CONFIG_DRM_PANEL_SAMSUNG_S6D7AA0 is not set +# CONFIG_DRM_PANEL_SAMSUNG_S6E63M0 is not set +# CONFIG_DRM_PANEL_SAMSUNG_S6E88A0_AMS452EF01 is not set +# CONFIG_DRM_PANEL_SAMSUNG_S6E8AA0 is not set +# CONFIG_DRM_PANEL_SEIKO_43WVF1G is not set +# CONFIG_DRM_PANEL_SHARP_LS037V7DW01 is not set +# CONFIG_DRM_PANEL_SITRONIX_ST7789V is not set +# CONFIG_DRM_PANEL_SONY_ACX565AKM is not set +# CONFIG_DRM_PANEL_TPO_TD028TTEC1 is not set +# CONFIG_DRM_PANEL_TPO_TD043MTEA1 is not set +# CONFIG_DRM_PANEL_TPO_TPG110 is not set +# CONFIG_DRM_PANEL_WIDECHIPS_WS2401 is not set +# end of Display Panels + +CONFIG_DRM_BRIDGE=y +CONFIG_DRM_PANEL_BRIDGE=y + +# +# Display Interface Bridges +# +# CONFIG_DRM_CHIPONE_ICN6211 is not set +# CONFIG_DRM_CHRONTEL_CH7033 is not set +# CONFIG_DRM_DISPLAY_CONNECTOR is not set +# CONFIG_DRM_ITE_IT6505 is not set +# CONFIG_DRM_LONTIUM_LT8912B is not set +# CONFIG_DRM_LONTIUM_LT9211 is not set +# CONFIG_DRM_LONTIUM_LT9611 is not set +# CONFIG_DRM_LONTIUM_LT9611UXC is not set +# CONFIG_DRM_ITE_IT66121 is not set +# CONFIG_DRM_LVDS_CODEC is not set +# CONFIG_DRM_MEGACHIPS_STDPXXXX_GE_B850V3_FW is not set +# CONFIG_DRM_NWL_MIPI_DSI is not set +# CONFIG_DRM_NXP_PTN3460 is not set +# CONFIG_DRM_PARADE_PS8622 is not set +# CONFIG_DRM_PARADE_PS8640 is not set +# CONFIG_DRM_SAMSUNG_DSIM is not set +# CONFIG_DRM_SIL_SII8620 is not set +# CONFIG_DRM_SII902X is not set +# CONFIG_DRM_SII9234 is not set +# CONFIG_DRM_SIMPLE_BRIDGE is not set +# CONFIG_DRM_THINE_THC63LVD1024 is not set +# CONFIG_DRM_TOSHIBA_TC358762 is not set +# CONFIG_DRM_TOSHIBA_TC358764 is not set +# CONFIG_DRM_TOSHIBA_TC358767 is not set +# CONFIG_DRM_TOSHIBA_TC358768 is not set +# CONFIG_DRM_TOSHIBA_TC358775 is not set +# CONFIG_DRM_TI_DLPC3433 is not set +# CONFIG_DRM_TI_TFP410 is not set +# CONFIG_DRM_TI_SN65DSI83 is not set +# CONFIG_DRM_TI_SN65DSI86 is not set +# CONFIG_DRM_TI_TPD12S015 is not set +# CONFIG_DRM_ANALOGIX_ANX6345 is not set +# CONFIG_DRM_ANALOGIX_ANX78XX is not set +# CONFIG_DRM_ANALOGIX_ANX7625 is not set +# CONFIG_DRM_I2C_ADV7511 is not set +# CONFIG_DRM_CDNS_DSI is not set +# CONFIG_DRM_CDNS_MHDP8546 is not set +# end of Display Interface Bridges + +# CONFIG_DRM_ETNAVIV is not set +# CONFIG_DRM_HISI_HIBMC is not set +# CONFIG_DRM_HISI_KIRIN is not set +# CONFIG_DRM_LOGICVC is not set +# CONFIG_DRM_ARCPGU is not set +CONFIG_DRM_BOCHS=y +# CONFIG_DRM_CIRRUS_QEMU is not set +# CONFIG_DRM_GM12U320 is not set +# CONFIG_DRM_PANEL_MIPI_DBI is not set +CONFIG_DRM_SIMPLEDRM=y +# CONFIG_TINYDRM_HX8357D is not set +# CONFIG_TINYDRM_ILI9163 is not set +# CONFIG_TINYDRM_ILI9225 is not set +# CONFIG_TINYDRM_ILI9341 is not set +# CONFIG_TINYDRM_ILI9486 is not set +# CONFIG_TINYDRM_MI0283QT is not set +# CONFIG_TINYDRM_REPAPER is not set +# CONFIG_TINYDRM_ST7586 is not set +# CONFIG_TINYDRM_ST7735R is not set +# CONFIG_DRM_PL111 is not set +# CONFIG_DRM_LIMA is not set +# CONFIG_DRM_PANFROST is not set +# CONFIG_DRM_TIDSS is not set +# CONFIG_DRM_GUD is not set +# CONFIG_DRM_SSD130X is not set +# CONFIG_DRM_LEGACY is not set +CONFIG_DRM_PANEL_ORIENTATION_QUIRKS=y + +# +# Frame buffer Devices +# +CONFIG_FB_NOTIFY=y +CONFIG_FB=y +CONFIG_FIRMWARE_EDID=y +CONFIG_FB_SYS_FILLRECT=y +CONFIG_FB_SYS_COPYAREA=y +CONFIG_FB_SYS_IMAGEBLIT=y +# CONFIG_FB_FOREIGN_ENDIAN is not set +CONFIG_FB_SYS_FOPS=y +CONFIG_FB_DEFERRED_IO=y +CONFIG_FB_SYS_HELPERS=y +CONFIG_FB_SYS_HELPERS_DEFERRED=y +CONFIG_FB_MODE_HELPERS=y +CONFIG_FB_TILEBLITTING=y + +# +# Frame buffer hardware drivers +# +# CONFIG_FB_CIRRUS is not set +# CONFIG_FB_PM2 is not set +# CONFIG_FB_ARMCLCD is not set +# CONFIG_FB_CYBER2000 is not set +# CONFIG_FB_ASILIANT is not set +# CONFIG_FB_IMSTT is not set +# CONFIG_FB_UVESA is not set +# CONFIG_FB_EFI is not set +# CONFIG_FB_OPENCORES is not set +# CONFIG_FB_S1D13XXX is not set +# CONFIG_FB_NVIDIA is not set +# CONFIG_FB_RIVA is not set +# CONFIG_FB_I740 is not set +# CONFIG_FB_MATROX is not set +# CONFIG_FB_RADEON is not set +# CONFIG_FB_ATY128 is not set +# CONFIG_FB_ATY is not set +# CONFIG_FB_S3 is not set +# CONFIG_FB_SAVAGE is not set +# CONFIG_FB_SIS is not set +# CONFIG_FB_NEOMAGIC is not set +# CONFIG_FB_KYRO is not set +# CONFIG_FB_3DFX is not set +# CONFIG_FB_VOODOO1 is not set +# CONFIG_FB_VT8623 is not set +# CONFIG_FB_TRIDENT is not set +# CONFIG_FB_ARK is not set +# CONFIG_FB_PM3 is not set +# CONFIG_FB_CARMINE is not set +# CONFIG_FB_SMSCUFX is not set +CONFIG_FB_UDL=m +# CONFIG_FB_IBM_GXT4500 is not set +# CONFIG_FB_VIRTUAL is not set +# CONFIG_FB_METRONOME is not set +# CONFIG_FB_MB862XX is not set +# CONFIG_FB_SSD1307 is not set +# CONFIG_FB_SM712 is not set +# end of Frame buffer Devices + +# +# Backlight & LCD device support +# +CONFIG_LCD_CLASS_DEVICE=m +# CONFIG_LCD_L4F00242T03 is not set +# CONFIG_LCD_LMS283GF05 is not set +# CONFIG_LCD_LTV350QV is not set +# CONFIG_LCD_ILI922X is not set +# CONFIG_LCD_ILI9320 is not set +# CONFIG_LCD_TDO24M is not set +# CONFIG_LCD_VGG2432A4 is not set +CONFIG_LCD_PLATFORM=m +# CONFIG_LCD_AMS369FG06 is not set +# CONFIG_LCD_LMS501KF03 is not set +# CONFIG_LCD_HX8357 is not set +# CONFIG_LCD_OTM3225A is not set +CONFIG_BACKLIGHT_CLASS_DEVICE=y +# CONFIG_BACKLIGHT_KTD253 is not set +# CONFIG_BACKLIGHT_KTZ8866 is not set +# CONFIG_BACKLIGHT_PWM is not set +# CONFIG_BACKLIGHT_QCOM_WLED is not set +# CONFIG_BACKLIGHT_ADP8860 is not set +# CONFIG_BACKLIGHT_ADP8870 is not set +# CONFIG_BACKLIGHT_LM3630A is not set +# CONFIG_BACKLIGHT_LM3639 is not set +# CONFIG_BACKLIGHT_LP855X is not set +CONFIG_BACKLIGHT_GPIO=m +# CONFIG_BACKLIGHT_LV5207LP is not set +# CONFIG_BACKLIGHT_BD6107 is not set +# CONFIG_BACKLIGHT_ARCXCNN is not set +# CONFIG_BACKLIGHT_LED is not set +# end of Backlight & LCD device support + +CONFIG_VIDEOMODE_HELPERS=y +CONFIG_HDMI=y + +# +# Console display driver support +# +CONFIG_DUMMY_CONSOLE=y +CONFIG_DUMMY_CONSOLE_COLUMNS=80 +CONFIG_DUMMY_CONSOLE_ROWS=25 +CONFIG_FRAMEBUFFER_CONSOLE=y +CONFIG_FRAMEBUFFER_CONSOLE_LEGACY_ACCELERATION=y +CONFIG_FRAMEBUFFER_CONSOLE_DETECT_PRIMARY=y +CONFIG_FRAMEBUFFER_CONSOLE_ROTATION=y +# CONFIG_FRAMEBUFFER_CONSOLE_DEFERRED_TAKEOVER is not set +# end of Console display driver support + +CONFIG_LOGO=y +# CONFIG_LOGO_LINUX_MONO is not set +# CONFIG_LOGO_LINUX_VGA16 is not set +CONFIG_LOGO_LINUX_CLUT224=y +# end of Graphics support + +CONFIG_DRM_ACCEL=y +CONFIG_SOUND=y +CONFIG_SOUND_OSS_CORE=y +CONFIG_SOUND_OSS_CORE_PRECLAIM=y +CONFIG_SND=y +CONFIG_SND_TIMER=y +CONFIG_SND_PCM=y +CONFIG_SND_DMAENGINE_PCM=y +CONFIG_SND_HWDEP=m +CONFIG_SND_SEQ_DEVICE=m +CONFIG_SND_RAWMIDI=m +CONFIG_SND_COMPRESS_OFFLOAD=y +CONFIG_SND_JACK=y +CONFIG_SND_JACK_INPUT_DEV=y +CONFIG_SND_OSSEMUL=y +CONFIG_SND_MIXER_OSS=m +CONFIG_SND_PCM_OSS=m +CONFIG_SND_PCM_OSS_PLUGINS=y +CONFIG_SND_PCM_TIMER=y +CONFIG_SND_HRTIMER=m +CONFIG_SND_DYNAMIC_MINORS=y +CONFIG_SND_MAX_CARDS=32 +# CONFIG_SND_SUPPORT_OLD_API is not set +CONFIG_SND_PROC_FS=y +CONFIG_SND_VERBOSE_PROCFS=y +# CONFIG_SND_VERBOSE_PRINTK is not set +CONFIG_SND_CTL_FAST_LOOKUP=y +# CONFIG_SND_DEBUG is not set +CONFIG_SND_CTL_INPUT_VALIDATION=y +CONFIG_SND_VMASTER=y +CONFIG_SND_SEQUENCER=m +CONFIG_SND_SEQ_DUMMY=m +CONFIG_SND_SEQUENCER_OSS=m +CONFIG_SND_SEQ_HRTIMER_DEFAULT=y +CONFIG_SND_SEQ_MIDI_EVENT=m +CONFIG_SND_SEQ_MIDI=m +CONFIG_SND_SEQ_VIRMIDI=m +# CONFIG_SND_SEQ_UMP is not set +CONFIG_SND_MPU401_UART=m +CONFIG_SND_DRIVERS=y +CONFIG_SND_DUMMY=m +CONFIG_SND_ALOOP=m +# CONFIG_SND_PCMTEST is not set +CONFIG_SND_VIRMIDI=m +CONFIG_SND_MTPAV=m +CONFIG_SND_SERIAL_U16550=m +# CONFIG_SND_SERIAL_GENERIC is not set +CONFIG_SND_MPU401=m +# CONFIG_SND_PCI is not set + +# +# HD-Audio +# +# end of HD-Audio + +CONFIG_SND_HDA_PREALLOC_SIZE=4096 +# CONFIG_SND_SPI is not set +CONFIG_SND_USB=y +CONFIG_SND_USB_AUDIO=m +# CONFIG_SND_USB_AUDIO_MIDI_V2 is not set +CONFIG_SND_USB_AUDIO_USE_MEDIA_CONTROLLER=y +CONFIG_SND_USB_UA101=m +CONFIG_SND_USB_CAIAQ=m +CONFIG_SND_USB_CAIAQ_INPUT=y +CONFIG_SND_USB_6FIRE=m +CONFIG_SND_USB_HIFACE=m +# CONFIG_SND_BCD2000 is not set +CONFIG_SND_USB_LINE6=m +CONFIG_SND_USB_POD=m +CONFIG_SND_USB_PODHD=m +CONFIG_SND_USB_TONEPORT=m +CONFIG_SND_USB_VARIAX=m +CONFIG_SND_SOC=y +CONFIG_SND_SOC_GENERIC_DMAENGINE_PCM=y +CONFIG_SND_SOC_COMPRESS=y +# CONFIG_SND_SOC_ADI is not set +# CONFIG_SND_SOC_AMD_ACP is not set +# CONFIG_SND_AMD_ACP_CONFIG is not set +CONFIG_SND_SOC_APPLE_MCA=m +# CONFIG_SND_ATMEL_SOC is not set +# CONFIG_SND_BCM63XX_I2S_WHISTLER is not set +# CONFIG_SND_DESIGNWARE_I2S is not set + +# +# SoC Audio for Freescale CPUs +# + +# +# Common SoC Audio options for Freescale CPUs: +# +CONFIG_SND_SOC_FSL_ASRC=m +CONFIG_SND_SOC_FSL_SAI=m +# CONFIG_SND_SOC_FSL_MQS is not set +CONFIG_SND_SOC_FSL_AUDMIX=m +CONFIG_SND_SOC_FSL_SSI=m +CONFIG_SND_SOC_FSL_SPDIF=m +CONFIG_SND_SOC_FSL_ESAI=m +CONFIG_SND_SOC_FSL_MICFIL=m +CONFIG_SND_SOC_FSL_EASRC=m +# CONFIG_SND_SOC_FSL_XCVR is not set +CONFIG_SND_SOC_FSL_UTILS=m +CONFIG_SND_SOC_IMX_AUDMUX=m +# end of SoC Audio for Freescale CPUs + +# CONFIG_SND_SOC_CHV3_I2S is not set +# CONFIG_SND_I2S_HI6210_I2S is not set +# CONFIG_SND_SOC_IMG is not set +# CONFIG_SND_SOC_MTK_BTCVSD is not set +# CONFIG_SND_SOC_SOF_TOPLEVEL is not set + +# +# STMicroelectronics STM32 SOC audio support +# +# end of STMicroelectronics STM32 SOC audio support + +# CONFIG_SND_SOC_XILINX_I2S is not set +# CONFIG_SND_SOC_XILINX_AUDIO_FORMATTER is not set +# CONFIG_SND_SOC_XILINX_SPDIF is not set +# CONFIG_SND_SOC_XTFPGA_I2S is not set +CONFIG_SND_SOC_I2C_AND_SPI=y + +# +# CODEC drivers +# +CONFIG_SND_SOC_WM_ADSP=m +# CONFIG_SND_SOC_AC97_CODEC is not set +# CONFIG_SND_SOC_ADAU1372_I2C is not set +# CONFIG_SND_SOC_ADAU1372_SPI is not set +# CONFIG_SND_SOC_ADAU1701 is not set +# CONFIG_SND_SOC_ADAU1761_I2C is not set +# CONFIG_SND_SOC_ADAU1761_SPI is not set +# CONFIG_SND_SOC_ADAU7002 is not set +# CONFIG_SND_SOC_ADAU7118_HW is not set +# CONFIG_SND_SOC_ADAU7118_I2C is not set +# CONFIG_SND_SOC_AK4104 is not set +# CONFIG_SND_SOC_AK4118 is not set +# CONFIG_SND_SOC_AK4375 is not set +# CONFIG_SND_SOC_AK4458 is not set +# CONFIG_SND_SOC_AK4554 is not set +# CONFIG_SND_SOC_AK4613 is not set +# CONFIG_SND_SOC_AK4642 is not set +# CONFIG_SND_SOC_AK5386 is not set +# CONFIG_SND_SOC_AK5558 is not set +# CONFIG_SND_SOC_ALC5623 is not set +# CONFIG_SND_SOC_AW8738 is not set +# CONFIG_SND_SOC_AW88395 is not set +# CONFIG_SND_SOC_BD28623 is not set +CONFIG_SND_SOC_BT_SCO=m +# CONFIG_SND_SOC_CHV3_CODEC is not set +CONFIG_SND_SOC_CS35L32=m +CONFIG_SND_SOC_CS35L33=m +CONFIG_SND_SOC_CS35L34=m +CONFIG_SND_SOC_CS35L35=m +CONFIG_SND_SOC_CS35L36=m +CONFIG_SND_SOC_CS35L41_LIB=m +CONFIG_SND_SOC_CS35L41=m +CONFIG_SND_SOC_CS35L41_SPI=m +CONFIG_SND_SOC_CS35L41_I2C=m +CONFIG_SND_SOC_CS35L45=m +CONFIG_SND_SOC_CS35L45_SPI=m +CONFIG_SND_SOC_CS35L45_I2C=m +# CONFIG_SND_SOC_CS35L56_I2C is not set +# CONFIG_SND_SOC_CS35L56_SPI is not set +CONFIG_SND_SOC_CS42L42_CORE=m +CONFIG_SND_SOC_CS42L42=m +CONFIG_SND_SOC_CS42L51=m +CONFIG_SND_SOC_CS42L51_I2C=m +CONFIG_SND_SOC_CS42L52=m +CONFIG_SND_SOC_CS42L56=m +CONFIG_SND_SOC_CS42L73=m +CONFIG_SND_SOC_CS42L83=m +CONFIG_SND_SOC_CS42L84=m +CONFIG_SND_SOC_CS4234=m +CONFIG_SND_SOC_CS4265=m +CONFIG_SND_SOC_CS4270=m +CONFIG_SND_SOC_CS4271=m +CONFIG_SND_SOC_CS4271_I2C=m +CONFIG_SND_SOC_CS4271_SPI=m +CONFIG_SND_SOC_CS42XX8=m +CONFIG_SND_SOC_CS42XX8_I2C=m +CONFIG_SND_SOC_CS43130=m +CONFIG_SND_SOC_CS4341=m +CONFIG_SND_SOC_CS4349=m +CONFIG_SND_SOC_CS53L30=m +# CONFIG_SND_SOC_CX2072X is not set +# CONFIG_SND_SOC_DA7213 is not set +# CONFIG_SND_SOC_DMIC is not set +# CONFIG_SND_SOC_ES7134 is not set +# CONFIG_SND_SOC_ES7241 is not set +# CONFIG_SND_SOC_ES8316 is not set +# CONFIG_SND_SOC_ES8326 is not set +# CONFIG_SND_SOC_ES8328_I2C is not set +# CONFIG_SND_SOC_ES8328_SPI is not set +# CONFIG_SND_SOC_GTM601 is not set +# CONFIG_SND_SOC_HDA is not set +# CONFIG_SND_SOC_ICS43432 is not set +# CONFIG_SND_SOC_IDT821034 is not set +# CONFIG_SND_SOC_INNO_RK3036 is not set +# CONFIG_SND_SOC_MAX98088 is not set +# CONFIG_SND_SOC_MAX98090 is not set +# CONFIG_SND_SOC_MAX98357A is not set +# CONFIG_SND_SOC_MAX98504 is not set +# CONFIG_SND_SOC_MAX9867 is not set +# CONFIG_SND_SOC_MAX98927 is not set +# CONFIG_SND_SOC_MAX98520 is not set +# CONFIG_SND_SOC_MAX98373_I2C is not set +# CONFIG_SND_SOC_MAX98388 is not set +# CONFIG_SND_SOC_MAX98390 is not set +# CONFIG_SND_SOC_MAX98396 is not set +# CONFIG_SND_SOC_MAX9860 is not set +# CONFIG_SND_SOC_MSM8916_WCD_ANALOG is not set +# CONFIG_SND_SOC_MSM8916_WCD_DIGITAL is not set +# CONFIG_SND_SOC_PCM1681 is not set +# CONFIG_SND_SOC_PCM1789_I2C is not set +# CONFIG_SND_SOC_PCM179X_I2C is not set +# CONFIG_SND_SOC_PCM179X_SPI is not set +# CONFIG_SND_SOC_PCM186X_I2C is not set +# CONFIG_SND_SOC_PCM186X_SPI is not set +# CONFIG_SND_SOC_PCM3060_I2C is not set +# CONFIG_SND_SOC_PCM3060_SPI is not set +# CONFIG_SND_SOC_PCM3168A_I2C is not set +# CONFIG_SND_SOC_PCM3168A_SPI is not set +# CONFIG_SND_SOC_PCM5102A is not set +# CONFIG_SND_SOC_PCM512x_I2C is not set +# CONFIG_SND_SOC_PCM512x_SPI is not set +# CONFIG_SND_SOC_PEB2466 is not set +# CONFIG_SND_SOC_RK3328 is not set +# CONFIG_SND_SOC_RT5616 is not set +# CONFIG_SND_SOC_RT5631 is not set +# CONFIG_SND_SOC_RT5640 is not set +# CONFIG_SND_SOC_RT5659 is not set +# CONFIG_SND_SOC_RT9120 is not set +# CONFIG_SND_SOC_SGTL5000 is not set +# CONFIG_SND_SOC_SIMPLE_AMPLIFIER is not set +# CONFIG_SND_SOC_SIMPLE_MUX is not set +# CONFIG_SND_SOC_SMA1303 is not set +# CONFIG_SND_SOC_SPDIF is not set +# CONFIG_SND_SOC_SRC4XXX_I2C is not set +# CONFIG_SND_SOC_SSM2305 is not set +# CONFIG_SND_SOC_SSM2518 is not set +# CONFIG_SND_SOC_SSM2602_SPI is not set +# CONFIG_SND_SOC_SSM2602_I2C is not set +# CONFIG_SND_SOC_SSM3515 is not set +# CONFIG_SND_SOC_SSM4567 is not set +# CONFIG_SND_SOC_STA32X is not set +# CONFIG_SND_SOC_STA350 is not set +# CONFIG_SND_SOC_STI_SAS is not set +CONFIG_SND_SOC_TAS2552=m +CONFIG_SND_SOC_TAS2562=m +CONFIG_SND_SOC_TAS2764=m +CONFIG_SND_SOC_TAS2770=m +CONFIG_SND_SOC_TAS2780=m +# CONFIG_SND_SOC_TAS2781_I2C is not set +CONFIG_SND_SOC_TAS5086=m +CONFIG_SND_SOC_TAS571X=m +CONFIG_SND_SOC_TAS5720=m +CONFIG_SND_SOC_TAS5805M=m +CONFIG_SND_SOC_TAS6424=m +# CONFIG_SND_SOC_TDA7419 is not set +# CONFIG_SND_SOC_TFA9879 is not set +# CONFIG_SND_SOC_TFA989X is not set +# CONFIG_SND_SOC_TLV320ADC3XXX is not set +# CONFIG_SND_SOC_TLV320AIC23_I2C is not set +# CONFIG_SND_SOC_TLV320AIC23_SPI is not set +# CONFIG_SND_SOC_TLV320AIC31XX is not set +# CONFIG_SND_SOC_TLV320AIC32X4_I2C is not set +# CONFIG_SND_SOC_TLV320AIC32X4_SPI is not set +# CONFIG_SND_SOC_TLV320AIC3X_I2C is not set +# CONFIG_SND_SOC_TLV320AIC3X_SPI is not set +# CONFIG_SND_SOC_TLV320ADCX140 is not set +# CONFIG_SND_SOC_TS3A227E is not set +# CONFIG_SND_SOC_TSCS42XX is not set +# CONFIG_SND_SOC_TSCS454 is not set +# CONFIG_SND_SOC_UDA1334 is not set +# CONFIG_SND_SOC_WM8510 is not set +# CONFIG_SND_SOC_WM8523 is not set +# CONFIG_SND_SOC_WM8524 is not set +# CONFIG_SND_SOC_WM8580 is not set +# CONFIG_SND_SOC_WM8711 is not set +# CONFIG_SND_SOC_WM8728 is not set +# CONFIG_SND_SOC_WM8731_I2C is not set +# CONFIG_SND_SOC_WM8731_SPI is not set +# CONFIG_SND_SOC_WM8737 is not set +# CONFIG_SND_SOC_WM8741 is not set +# CONFIG_SND_SOC_WM8750 is not set +# CONFIG_SND_SOC_WM8753 is not set +# CONFIG_SND_SOC_WM8770 is not set +# CONFIG_SND_SOC_WM8776 is not set +# CONFIG_SND_SOC_WM8782 is not set +# CONFIG_SND_SOC_WM8804_I2C is not set +# CONFIG_SND_SOC_WM8804_SPI is not set +# CONFIG_SND_SOC_WM8903 is not set +# CONFIG_SND_SOC_WM8904 is not set +# CONFIG_SND_SOC_WM8940 is not set +# CONFIG_SND_SOC_WM8960 is not set +# CONFIG_SND_SOC_WM8961 is not set +# CONFIG_SND_SOC_WM8962 is not set +# CONFIG_SND_SOC_WM8974 is not set +# CONFIG_SND_SOC_WM8978 is not set +# CONFIG_SND_SOC_WM8985 is not set +# CONFIG_SND_SOC_ZL38060 is not set +# CONFIG_SND_SOC_MAX9759 is not set +# CONFIG_SND_SOC_MT6351 is not set +# CONFIG_SND_SOC_MT6358 is not set +# CONFIG_SND_SOC_MT6660 is not set +# CONFIG_SND_SOC_NAU8315 is not set +# CONFIG_SND_SOC_NAU8540 is not set +# CONFIG_SND_SOC_NAU8810 is not set +# CONFIG_SND_SOC_NAU8821 is not set +# CONFIG_SND_SOC_NAU8822 is not set +# CONFIG_SND_SOC_NAU8824 is not set +# CONFIG_SND_SOC_TPA6130A2 is not set +# CONFIG_SND_SOC_LPASS_WSA_MACRO is not set +# CONFIG_SND_SOC_LPASS_VA_MACRO is not set +# CONFIG_SND_SOC_LPASS_RX_MACRO is not set +# CONFIG_SND_SOC_LPASS_TX_MACRO is not set +# end of CODEC drivers + +CONFIG_SND_SIMPLE_CARD_UTILS=m +CONFIG_SND_SIMPLE_CARD=m +CONFIG_SND_AUDIO_GRAPH_CARD=m +CONFIG_SND_AUDIO_GRAPH_CARD2=m +# CONFIG_SND_AUDIO_GRAPH_CARD2_CUSTOM_SAMPLE is not set +# CONFIG_SND_TEST_COMPONENT is not set +CONFIG_SND_VIRTIO=m +CONFIG_HID_SUPPORT=y +CONFIG_HID=y +CONFIG_HID_BATTERY_STRENGTH=y +CONFIG_HIDRAW=y +CONFIG_UHID=m +CONFIG_HID_GENERIC=y + +# +# Special HID drivers +# +CONFIG_HID_A4TECH=m +CONFIG_HID_ACCUTOUCH=m +CONFIG_HID_ACRUX=m +CONFIG_HID_ACRUX_FF=y +CONFIG_HID_APPLE=m +CONFIG_HID_APPLEIR=m +# CONFIG_HID_ASUS is not set +CONFIG_HID_AUREAL=m +CONFIG_HID_BELKIN=m +CONFIG_HID_BETOP_FF=m +# CONFIG_HID_BIGBEN_FF is not set +CONFIG_HID_CHERRY=m +CONFIG_HID_CHICONY=m +CONFIG_HID_CORSAIR=m +CONFIG_HID_COUGAR=m +CONFIG_HID_MACALLY=m +CONFIG_HID_PRODIKEYS=m +CONFIG_HID_CMEDIA=m +CONFIG_HID_CP2112=m +# CONFIG_HID_CREATIVE_SB0540 is not set +CONFIG_HID_CYPRESS=m +CONFIG_HID_DRAGONRISE=m +CONFIG_DRAGONRISE_FF=y +CONFIG_HID_EMS_FF=m +# CONFIG_HID_ELAN is not set +CONFIG_HID_ELECOM=m +CONFIG_HID_ELO=m +# CONFIG_HID_EVISION is not set +CONFIG_HID_EZKEY=m +CONFIG_HID_FT260=m +CONFIG_HID_GEMBIRD=m +CONFIG_HID_GFRM=m +CONFIG_HID_GLORIOUS=m +CONFIG_HID_HOLTEK=m +CONFIG_HOLTEK_FF=y +# CONFIG_HID_VIVALDI is not set +CONFIG_HID_GT683R=m +CONFIG_HID_KEYTOUCH=m +CONFIG_HID_KYE=m +CONFIG_HID_UCLOGIC=m +CONFIG_HID_WALTOP=m +CONFIG_HID_VIEWSONIC=m +# CONFIG_HID_VRC2 is not set +CONFIG_HID_XIAOMI=m +CONFIG_HID_GYRATION=m +CONFIG_HID_ICADE=m +CONFIG_HID_ITE=m +CONFIG_HID_JABRA=m +CONFIG_HID_TWINHAN=m +CONFIG_HID_KENSINGTON=m +CONFIG_HID_LCPOWER=m +CONFIG_HID_LED=m +CONFIG_HID_LENOVO=m +CONFIG_HID_LETSKETCH=m +CONFIG_HID_LOGITECH=m +CONFIG_HID_LOGITECH_DJ=m +CONFIG_HID_LOGITECH_HIDPP=m +CONFIG_LOGITECH_FF=y +CONFIG_LOGIRUMBLEPAD2_FF=y +CONFIG_LOGIG940_FF=y +CONFIG_LOGIWHEELS_FF=y +CONFIG_HID_MAGICMOUSE=m +CONFIG_HID_MALTRON=m +CONFIG_HID_MAYFLASH=m +# CONFIG_HID_MEGAWORLD_FF is not set +CONFIG_HID_REDRAGON=m +CONFIG_HID_MICROSOFT=m +CONFIG_HID_MONTEREY=m +CONFIG_HID_MULTITOUCH=m +CONFIG_HID_NINTENDO=m +CONFIG_NINTENDO_FF=y +CONFIG_HID_NTI=m +CONFIG_HID_NTRIG=m +# CONFIG_HID_NVIDIA_SHIELD is not set +CONFIG_HID_ORTEK=m +CONFIG_HID_PANTHERLORD=m +CONFIG_PANTHERLORD_FF=y +CONFIG_HID_PENMOUNT=m +CONFIG_HID_PETALYNX=m +CONFIG_HID_PICOLCD=m +CONFIG_HID_PICOLCD_FB=y +CONFIG_HID_PICOLCD_BACKLIGHT=y +CONFIG_HID_PICOLCD_LCD=y +CONFIG_HID_PICOLCD_LEDS=y +CONFIG_HID_PICOLCD_CIR=y +CONFIG_HID_PLANTRONICS=m +# CONFIG_HID_PXRC is not set +# CONFIG_HID_RAZER is not set +CONFIG_HID_PRIMAX=m +CONFIG_HID_RETRODE=m +CONFIG_HID_ROCCAT=m +CONFIG_HID_SAITEK=m +CONFIG_HID_SAMSUNG=m +CONFIG_HID_SEMITEK=m +# CONFIG_HID_SIGMAMICRO is not set +CONFIG_HID_SONY=m +CONFIG_SONY_FF=y +CONFIG_HID_SPEEDLINK=m +CONFIG_HID_STEAM=m +# CONFIG_STEAM_FF is not set +CONFIG_HID_STEELSERIES=m +CONFIG_HID_SUNPLUS=m +# CONFIG_HID_RMI is not set +CONFIG_HID_GREENASIA=m +CONFIG_GREENASIA_FF=y +CONFIG_HID_SMARTJOYPLUS=m +CONFIG_SMARTJOYPLUS_FF=y +CONFIG_HID_TIVO=m +CONFIG_HID_TOPSEED=m +# CONFIG_HID_TOPRE is not set +CONFIG_HID_THINGM=m +CONFIG_HID_THRUSTMASTER=m +CONFIG_THRUSTMASTER_FF=y +CONFIG_HID_UDRAW_PS3=m +CONFIG_HID_U2FZERO=m +CONFIG_HID_WACOM=m +CONFIG_HID_WIIMOTE=m +CONFIG_HID_XINMO=m +CONFIG_HID_ZEROPLUS=m +CONFIG_ZEROPLUS_FF=y +CONFIG_HID_ZYDACRON=m +CONFIG_HID_SENSOR_HUB=m +CONFIG_HID_SENSOR_CUSTOM_SENSOR=m +CONFIG_HID_ALPS=m +CONFIG_HID_MCP2221=m +# end of Special HID drivers + +# +# HID-BPF support +# +# end of HID-BPF support + +# +# USB HID support +# +CONFIG_USB_HID=m +CONFIG_HID_PID=y +CONFIG_USB_HIDDEV=y + +# +# USB HID Boot Protocol drivers +# +# CONFIG_USB_KBD is not set +# CONFIG_USB_MOUSE is not set +# end of USB HID Boot Protocol drivers +# end of USB HID support + +CONFIG_I2C_HID=y +# CONFIG_I2C_HID_OF is not set +# CONFIG_I2C_HID_OF_ELAN is not set +# CONFIG_I2C_HID_OF_GOODIX is not set + +# +# SPI HID support +# +# end of SPI HID support + +CONFIG_SPI_HID_APPLE_CORE=m + +# +# DockChannel HID support +# +# end of DockChannel HID support + +CONFIG_USB_OHCI_LITTLE_ENDIAN=y +CONFIG_USB_SUPPORT=y +CONFIG_USB_COMMON=y +CONFIG_USB_LED_TRIG=y +CONFIG_USB_ULPI_BUS=y +CONFIG_USB_CONN_GPIO=y +CONFIG_USB_ARCH_HAS_HCD=y +CONFIG_USB=y +CONFIG_USB_PCI=y +CONFIG_USB_ANNOUNCE_NEW_DEVICES=y + +# +# Miscellaneous USB options +# +CONFIG_USB_DEFAULT_PERSIST=y +# CONFIG_USB_FEW_INIT_RETRIES is not set +# CONFIG_USB_DYNAMIC_MINORS is not set +CONFIG_USB_OTG=y +# CONFIG_USB_OTG_PRODUCTLIST is not set +# CONFIG_USB_OTG_DISABLE_EXTERNAL_HUB is not set +# CONFIG_USB_OTG_FSM is not set +# CONFIG_USB_LEDS_TRIGGER_USBPORT is not set +CONFIG_USB_AUTOSUSPEND_DELAY=2 +CONFIG_USB_MON=m + +# +# USB Host Controller Drivers +# +# CONFIG_USB_C67X00_HCD is not set +CONFIG_USB_XHCI_HCD=m +# CONFIG_USB_XHCI_DBGCAP is not set +CONFIG_USB_XHCI_PCI=m +# CONFIG_USB_XHCI_PCI_RENESAS is not set +CONFIG_USB_XHCI_PLATFORM=m +# CONFIG_USB_EHCI_HCD is not set +# CONFIG_USB_OXU210HP_HCD is not set +# CONFIG_USB_ISP116X_HCD is not set +# CONFIG_USB_MAX3421_HCD is not set +# CONFIG_USB_OHCI_HCD is not set +# CONFIG_USB_UHCI_HCD is not set +# CONFIG_USB_SL811_HCD is not set +# CONFIG_USB_R8A66597_HCD is not set +# CONFIG_USB_HCD_TEST_MODE is not set + +# +# USB Device Class drivers +# +CONFIG_USB_ACM=m +CONFIG_USB_PRINTER=m +CONFIG_USB_WDM=m +CONFIG_USB_TMC=m + +# +# NOTE: USB_STORAGE depends on SCSI but BLK_DEV_SD may +# + +# +# also be needed; see USB_STORAGE Help for more info +# +CONFIG_USB_STORAGE=m +# CONFIG_USB_STORAGE_DEBUG is not set +CONFIG_USB_STORAGE_REALTEK=m +CONFIG_REALTEK_AUTOPM=y +CONFIG_USB_STORAGE_DATAFAB=m +CONFIG_USB_STORAGE_FREECOM=m +CONFIG_USB_STORAGE_ISD200=m +CONFIG_USB_STORAGE_USBAT=m +CONFIG_USB_STORAGE_SDDR09=m +CONFIG_USB_STORAGE_SDDR55=m +CONFIG_USB_STORAGE_JUMPSHOT=m +CONFIG_USB_STORAGE_ALAUDA=m +CONFIG_USB_STORAGE_ONETOUCH=m +CONFIG_USB_STORAGE_KARMA=m +CONFIG_USB_STORAGE_CYPRESS_ATACB=m +CONFIG_USB_STORAGE_ENE_UB6250=m +CONFIG_USB_UAS=m + +# +# USB Imaging devices +# +CONFIG_USB_MDC800=m +CONFIG_USB_MICROTEK=m +CONFIG_USBIP_CORE=m +CONFIG_USBIP_VHCI_HCD=m +CONFIG_USBIP_VHCI_HC_PORTS=8 +CONFIG_USBIP_VHCI_NR_HCS=1 +CONFIG_USBIP_HOST=m +CONFIG_USBIP_VUDC=m +# CONFIG_USBIP_DEBUG is not set + +# +# USB dual-mode controller drivers +# +# CONFIG_USB_CDNS_SUPPORT is not set +# CONFIG_USB_MUSB_HDRC is not set +CONFIG_USB_DWC3=m +CONFIG_USB_DWC3_ULPI=y +# CONFIG_USB_DWC3_HOST is not set +# CONFIG_USB_DWC3_GADGET is not set +CONFIG_USB_DWC3_DUAL_ROLE=y + +# +# Platform Glue Driver Support +# +CONFIG_USB_DWC3_HAPS=m +CONFIG_USB_DWC3_OF_SIMPLE=m +# CONFIG_USB_DWC2 is not set +CONFIG_USB_CHIPIDEA=m +CONFIG_USB_CHIPIDEA_UDC=y +CONFIG_USB_CHIPIDEA_PCI=m +CONFIG_USB_CHIPIDEA_MSM=m +CONFIG_USB_CHIPIDEA_IMX=m +CONFIG_USB_CHIPIDEA_GENERIC=m +CONFIG_USB_CHIPIDEA_TEGRA=m +CONFIG_USB_ISP1760=y +CONFIG_USB_ISP1760_HCD=y +CONFIG_USB_ISP1760_HOST_ROLE=y + +# +# USB port drivers +# +CONFIG_USB_SERIAL=m +CONFIG_USB_SERIAL_GENERIC=y +CONFIG_USB_SERIAL_SIMPLE=m +CONFIG_USB_SERIAL_AIRCABLE=m +CONFIG_USB_SERIAL_ARK3116=m +CONFIG_USB_SERIAL_BELKIN=m +CONFIG_USB_SERIAL_CH341=m +CONFIG_USB_SERIAL_WHITEHEAT=m +CONFIG_USB_SERIAL_DIGI_ACCELEPORT=m +CONFIG_USB_SERIAL_CP210X=m +CONFIG_USB_SERIAL_CYPRESS_M8=m +CONFIG_USB_SERIAL_EMPEG=m +CONFIG_USB_SERIAL_FTDI_SIO=m +CONFIG_USB_SERIAL_VISOR=m +CONFIG_USB_SERIAL_IPAQ=m +CONFIG_USB_SERIAL_IR=m +CONFIG_USB_SERIAL_EDGEPORT=m +CONFIG_USB_SERIAL_EDGEPORT_TI=m +CONFIG_USB_SERIAL_F81232=m +CONFIG_USB_SERIAL_F8153X=m +CONFIG_USB_SERIAL_GARMIN=m +CONFIG_USB_SERIAL_IPW=m +CONFIG_USB_SERIAL_IUU=m +CONFIG_USB_SERIAL_KEYSPAN_PDA=m +CONFIG_USB_SERIAL_KEYSPAN=m +CONFIG_USB_SERIAL_KLSI=m +CONFIG_USB_SERIAL_KOBIL_SCT=m +CONFIG_USB_SERIAL_MCT_U232=m +CONFIG_USB_SERIAL_METRO=m +CONFIG_USB_SERIAL_MOS7720=m +CONFIG_USB_SERIAL_MOS7840=m +CONFIG_USB_SERIAL_MXUPORT=m +CONFIG_USB_SERIAL_NAVMAN=m +CONFIG_USB_SERIAL_PL2303=m +CONFIG_USB_SERIAL_OTI6858=m +CONFIG_USB_SERIAL_QCAUX=m +CONFIG_USB_SERIAL_QUALCOMM=m +CONFIG_USB_SERIAL_SPCP8X5=m +CONFIG_USB_SERIAL_SAFE=m +CONFIG_USB_SERIAL_SAFE_PADDED=y +CONFIG_USB_SERIAL_SIERRAWIRELESS=m +CONFIG_USB_SERIAL_SYMBOL=m +CONFIG_USB_SERIAL_TI=m +CONFIG_USB_SERIAL_CYBERJACK=m +CONFIG_USB_SERIAL_WWAN=m +CONFIG_USB_SERIAL_OPTION=m +CONFIG_USB_SERIAL_OMNINET=m +CONFIG_USB_SERIAL_OPTICON=m +CONFIG_USB_SERIAL_XSENS_MT=m +CONFIG_USB_SERIAL_WISHBONE=m +CONFIG_USB_SERIAL_SSU100=m +CONFIG_USB_SERIAL_QT2=m +CONFIG_USB_SERIAL_UPD78F0730=m +CONFIG_USB_SERIAL_XR=m +CONFIG_USB_SERIAL_DEBUG=m + +# +# USB Miscellaneous drivers +# +CONFIG_USB_EMI62=m +CONFIG_USB_EMI26=m +CONFIG_USB_ADUTUX=m +CONFIG_USB_SEVSEG=m +CONFIG_USB_LEGOTOWER=m +CONFIG_USB_LCD=m +# CONFIG_USB_CYPRESS_CY7C63 is not set +# CONFIG_USB_CYTHERM is not set +CONFIG_USB_IDMOUSE=m +CONFIG_USB_APPLEDISPLAY=m +CONFIG_APPLE_MFI_FASTCHARGE=m +CONFIG_USB_LD=m +CONFIG_USB_TRANCEVIBRATOR=m +CONFIG_USB_IOWARRIOR=m +# CONFIG_USB_TEST is not set +# CONFIG_USB_EHSET_TEST_FIXTURE is not set +CONFIG_USB_ISIGHTFW=m +CONFIG_USB_YUREX=m +CONFIG_USB_EZUSB_FX2=m +# CONFIG_USB_HUB_USB251XB is not set +# CONFIG_USB_HSIC_USB3503 is not set +# CONFIG_USB_HSIC_USB4604 is not set +# CONFIG_USB_LINK_LAYER_TEST is not set +CONFIG_USB_CHAOSKEY=m +# CONFIG_USB_ONBOARD_HUB is not set +CONFIG_USB_ATM=m +# CONFIG_USB_SPEEDTOUCH is not set +CONFIG_USB_CXACRU=m +CONFIG_USB_UEAGLEATM=m +CONFIG_USB_XUSBATM=m + +# +# USB Physical Layer drivers +# +CONFIG_USB_PHY=y +CONFIG_NOP_USB_XCEIV=m +# CONFIG_USB_ISP1301 is not set +CONFIG_USB_ULPI=y +CONFIG_USB_ULPI_VIEWPORT=y +# end of USB Physical Layer drivers + +CONFIG_USB_GADGET=m +# CONFIG_USB_GADGET_DEBUG is not set +# CONFIG_USB_GADGET_DEBUG_FILES is not set +# CONFIG_USB_GADGET_DEBUG_FS is not set +CONFIG_USB_GADGET_VBUS_DRAW=500 +CONFIG_USB_GADGET_STORAGE_NUM_BUFFERS=2 +# CONFIG_U_SERIAL_CONSOLE is not set + +# +# USB Peripheral Controller +# +# CONFIG_USB_GR_UDC is not set +# CONFIG_USB_R8A66597 is not set +# CONFIG_USB_PXA27X is not set +# CONFIG_USB_MV_UDC is not set +# CONFIG_USB_MV_U3D is not set +# CONFIG_USB_SNP_UDC_PLAT is not set +# CONFIG_USB_M66592 is not set +# CONFIG_USB_BDC_UDC is not set +# CONFIG_USB_AMD5536UDC is not set +# CONFIG_USB_NET2272 is not set +# CONFIG_USB_NET2280 is not set +# CONFIG_USB_GOKU is not set +# CONFIG_USB_EG20T is not set +# CONFIG_USB_GADGET_XILINX is not set +# CONFIG_USB_MAX3420_UDC is not set +# CONFIG_USB_DUMMY_HCD is not set +# end of USB Peripheral Controller + +CONFIG_USB_LIBCOMPOSITE=m +CONFIG_USB_F_ACM=m +CONFIG_USB_U_SERIAL=m +CONFIG_USB_U_ETHER=m +CONFIG_USB_U_AUDIO=m +CONFIG_USB_F_SERIAL=m +CONFIG_USB_F_OBEX=m +CONFIG_USB_F_NCM=m +CONFIG_USB_F_ECM=m +CONFIG_USB_F_EEM=m +CONFIG_USB_F_SUBSET=m +CONFIG_USB_F_RNDIS=m +CONFIG_USB_F_MASS_STORAGE=m +CONFIG_USB_F_FS=m +CONFIG_USB_F_UAC1=m +CONFIG_USB_F_UAC1_LEGACY=m +CONFIG_USB_F_UAC2=m +CONFIG_USB_F_UVC=m +CONFIG_USB_F_MIDI=m +CONFIG_USB_F_HID=m +CONFIG_USB_F_PRINTER=m +CONFIG_USB_F_TCM=m +CONFIG_USB_CONFIGFS=m +CONFIG_USB_CONFIGFS_SERIAL=y +CONFIG_USB_CONFIGFS_ACM=y +CONFIG_USB_CONFIGFS_OBEX=y +CONFIG_USB_CONFIGFS_NCM=y +CONFIG_USB_CONFIGFS_ECM=y +CONFIG_USB_CONFIGFS_ECM_SUBSET=y +CONFIG_USB_CONFIGFS_RNDIS=y +CONFIG_USB_CONFIGFS_EEM=y +CONFIG_USB_CONFIGFS_MASS_STORAGE=y +# CONFIG_USB_CONFIGFS_F_LB_SS is not set +CONFIG_USB_CONFIGFS_F_FS=y +CONFIG_USB_CONFIGFS_F_UAC1=y +CONFIG_USB_CONFIGFS_F_UAC1_LEGACY=y +CONFIG_USB_CONFIGFS_F_UAC2=y +CONFIG_USB_CONFIGFS_F_MIDI=y +CONFIG_USB_CONFIGFS_F_HID=y +CONFIG_USB_CONFIGFS_F_UVC=y +CONFIG_USB_CONFIGFS_F_PRINTER=y +CONFIG_USB_CONFIGFS_F_TCM=y + +# +# USB Gadget precomposed configurations +# +# CONFIG_USB_ZERO is not set +CONFIG_USB_AUDIO=m +CONFIG_GADGET_UAC1=y +# CONFIG_GADGET_UAC1_LEGACY is not set +CONFIG_USB_ETH=m +CONFIG_USB_ETH_RNDIS=y +CONFIG_USB_ETH_EEM=y +CONFIG_USB_G_NCM=m +CONFIG_USB_GADGETFS=m +CONFIG_USB_FUNCTIONFS=m +CONFIG_USB_FUNCTIONFS_ETH=y +CONFIG_USB_FUNCTIONFS_RNDIS=y +CONFIG_USB_FUNCTIONFS_GENERIC=y +CONFIG_USB_MASS_STORAGE=m +CONFIG_USB_GADGET_TARGET=m +CONFIG_USB_G_SERIAL=m +CONFIG_USB_MIDI_GADGET=m +CONFIG_USB_G_PRINTER=m +CONFIG_USB_CDC_COMPOSITE=m +CONFIG_USB_G_ACM_MS=m +CONFIG_USB_G_MULTI=m +CONFIG_USB_G_MULTI_RNDIS=y +CONFIG_USB_G_MULTI_CDC=y +CONFIG_USB_G_HID=m +# CONFIG_USB_G_DBGP is not set +CONFIG_USB_G_WEBCAM=m +# CONFIG_USB_RAW_GADGET is not set +# end of USB Gadget precomposed configurations + +CONFIG_TYPEC=m +CONFIG_TYPEC_TCPM=m +CONFIG_TYPEC_TCPCI=m +# CONFIG_TYPEC_RT1711H is not set +# CONFIG_TYPEC_TCPCI_MAXIM is not set +# CONFIG_TYPEC_FUSB302 is not set +CONFIG_TYPEC_UCSI=m +# CONFIG_UCSI_CCG is not set +# CONFIG_UCSI_STM32G0 is not set +CONFIG_TYPEC_TPS6598X=m +# CONFIG_TYPEC_ANX7411 is not set +# CONFIG_TYPEC_RT1719 is not set +# CONFIG_TYPEC_HD3SS3220 is not set +# CONFIG_TYPEC_STUSB160X is not set +# CONFIG_TYPEC_WUSB3801 is not set + +# +# USB Type-C Multiplexer/DeMultiplexer Switch support +# +# CONFIG_TYPEC_MUX_FSA4480 is not set +# CONFIG_TYPEC_MUX_GPIO_SBU is not set +# CONFIG_TYPEC_MUX_PI3USB30532 is not set +# CONFIG_TYPEC_MUX_NB7VPQ904M is not set +# end of USB Type-C Multiplexer/DeMultiplexer Switch support + +# +# USB Type-C Alternate Mode drivers +# +CONFIG_TYPEC_DP_ALTMODE=m +# CONFIG_TYPEC_NVIDIA_ALTMODE is not set +# end of USB Type-C Alternate Mode drivers + +CONFIG_USB_ROLE_SWITCH=y +CONFIG_MMC=m +CONFIG_PWRSEQ_EMMC=m +CONFIG_PWRSEQ_SD8787=m +CONFIG_PWRSEQ_SIMPLE=m +CONFIG_MMC_BLOCK=m +CONFIG_MMC_BLOCK_MINORS=32 +# CONFIG_SDIO_UART is not set +# CONFIG_MMC_TEST is not set + +# +# MMC/SD/SDIO Host Controller Drivers +# +# CONFIG_MMC_DEBUG is not set +# CONFIG_MMC_ARMMMCI is not set +CONFIG_MMC_SDHCI=m +CONFIG_MMC_SDHCI_IO_ACCESSORS=y +CONFIG_MMC_SDHCI_PCI=m +# CONFIG_MMC_RICOH_MMC is not set +# CONFIG_MMC_SDHCI_PLTFM is not set +# CONFIG_MMC_TIFM_SD is not set +# CONFIG_MMC_SPI is not set +# CONFIG_MMC_CB710 is not set +# CONFIG_MMC_VIA_SDMMC is not set +# CONFIG_MMC_DW is not set +# CONFIG_MMC_VUB300 is not set +# CONFIG_MMC_USHC is not set +# CONFIG_MMC_USDHI6ROL0 is not set +CONFIG_MMC_CQHCI=m +# CONFIG_MMC_HSQ is not set +# CONFIG_MMC_TOSHIBA_PCI is not set +# CONFIG_MMC_MTK is not set +# CONFIG_SCSI_UFSHCD is not set +# CONFIG_MEMSTICK is not set +CONFIG_NEW_LEDS=y +CONFIG_LEDS_CLASS=y +CONFIG_LEDS_CLASS_FLASH=m +# CONFIG_LEDS_CLASS_MULTICOLOR is not set +# CONFIG_LEDS_BRIGHTNESS_HW_CHANGED is not set + +# +# LED drivers +# +# CONFIG_LEDS_AN30259A is not set +# CONFIG_LEDS_AW200XX is not set +# CONFIG_LEDS_AW2013 is not set +# CONFIG_LEDS_BCM6328 is not set +# CONFIG_LEDS_BCM6358 is not set +# CONFIG_LEDS_CR0014114 is not set +# CONFIG_LEDS_EL15203000 is not set +# CONFIG_LEDS_LM3530 is not set +# CONFIG_LEDS_LM3532 is not set +# CONFIG_LEDS_LM3642 is not set +# CONFIG_LEDS_LM3692X is not set +# CONFIG_LEDS_PCA9532 is not set +CONFIG_LEDS_GPIO=m +# CONFIG_LEDS_LP3944 is not set +# CONFIG_LEDS_LP3952 is not set +# CONFIG_LEDS_LP50XX is not set +# CONFIG_LEDS_LP55XX_COMMON is not set +# CONFIG_LEDS_LP8860 is not set +# CONFIG_LEDS_PCA955X is not set +# CONFIG_LEDS_PCA963X is not set +# CONFIG_LEDS_DAC124S085 is not set +CONFIG_LEDS_PWM=m +# CONFIG_LEDS_REGULATOR is not set +# CONFIG_LEDS_BD2606MVV is not set +# CONFIG_LEDS_BD2802 is not set +# CONFIG_LEDS_LT3593 is not set +# CONFIG_LEDS_TCA6507 is not set +# CONFIG_LEDS_TLC591XX is not set +# CONFIG_LEDS_LM355x is not set +# CONFIG_LEDS_IS31FL319X is not set +# CONFIG_LEDS_IS31FL32XX is not set + +# +# LED driver for blink(1) USB RGB LED is under Special HID drivers (HID_THINGM) +# +# CONFIG_LEDS_BLINKM is not set +CONFIG_LEDS_SYSCON=y +# CONFIG_LEDS_MLXREG is not set +CONFIG_LEDS_USER=m +# CONFIG_LEDS_SPI_BYTE is not set +# CONFIG_LEDS_LM3697 is not set + +# +# Flash and Torch LED drivers +# +# CONFIG_LEDS_AAT1290 is not set +# CONFIG_LEDS_AS3645A is not set +# CONFIG_LEDS_KTD2692 is not set +# CONFIG_LEDS_LM3601X is not set +# CONFIG_LEDS_RT4505 is not set +# CONFIG_LEDS_RT8515 is not set +# CONFIG_LEDS_SGM3140 is not set + +# +# RGB LED drivers +# + +# +# LED Triggers +# +CONFIG_LEDS_TRIGGERS=y +CONFIG_LEDS_TRIGGER_TIMER=y +CONFIG_LEDS_TRIGGER_ONESHOT=y +CONFIG_LEDS_TRIGGER_MTD=y +CONFIG_LEDS_TRIGGER_HEARTBEAT=y +CONFIG_LEDS_TRIGGER_BACKLIGHT=y +CONFIG_LEDS_TRIGGER_CPU=y +CONFIG_LEDS_TRIGGER_ACTIVITY=y +CONFIG_LEDS_TRIGGER_DEFAULT_ON=y + +# +# iptables trigger is under Netfilter config (LED target) +# +CONFIG_LEDS_TRIGGER_TRANSIENT=y +CONFIG_LEDS_TRIGGER_CAMERA=y +CONFIG_LEDS_TRIGGER_PANIC=y +CONFIG_LEDS_TRIGGER_NETDEV=y +CONFIG_LEDS_TRIGGER_PATTERN=m +CONFIG_LEDS_TRIGGER_AUDIO=m +CONFIG_LEDS_TRIGGER_TTY=m + +# +# Simple LED drivers +# +CONFIG_ACCESSIBILITY=y +CONFIG_A11Y_BRAILLE_CONSOLE=y + +# +# Speakup console speech +# +CONFIG_SPEAKUP=m +CONFIG_SPEAKUP_SYNTH_ACNTSA=m +CONFIG_SPEAKUP_SYNTH_APOLLO=m +CONFIG_SPEAKUP_SYNTH_AUDPTR=m +CONFIG_SPEAKUP_SYNTH_BNS=m +CONFIG_SPEAKUP_SYNTH_DECTLK=m +CONFIG_SPEAKUP_SYNTH_DECEXT=m +CONFIG_SPEAKUP_SYNTH_LTLK=m +CONFIG_SPEAKUP_SYNTH_SOFT=m +CONFIG_SPEAKUP_SYNTH_SPKOUT=m +CONFIG_SPEAKUP_SYNTH_TXPRT=m +# CONFIG_SPEAKUP_SYNTH_DUMMY is not set +# end of Speakup console speech + +# CONFIG_INFINIBAND is not set +CONFIG_EDAC_SUPPORT=y +# CONFIG_EDAC is not set +CONFIG_RTC_LIB=y +CONFIG_RTC_CLASS=y +CONFIG_RTC_HCTOSYS=y +CONFIG_RTC_HCTOSYS_DEVICE="rtc0" +# CONFIG_RTC_SYSTOHC is not set +# CONFIG_RTC_DEBUG is not set +CONFIG_RTC_NVMEM=y + +# +# RTC interfaces +# +CONFIG_RTC_INTF_SYSFS=y +CONFIG_RTC_INTF_PROC=y +CONFIG_RTC_INTF_DEV=y +CONFIG_RTC_INTF_DEV_UIE_EMUL=y +# CONFIG_RTC_DRV_TEST is not set + +# +# I2C RTC drivers +# +# CONFIG_RTC_DRV_ABB5ZES3 is not set +# CONFIG_RTC_DRV_ABEOZ9 is not set +# CONFIG_RTC_DRV_ABX80X is not set +# CONFIG_RTC_DRV_DS1307 is not set +# CONFIG_RTC_DRV_DS1374 is not set +# CONFIG_RTC_DRV_DS1672 is not set +# CONFIG_RTC_DRV_HYM8563 is not set +# CONFIG_RTC_DRV_MAX6900 is not set +# CONFIG_RTC_DRV_NCT3018Y is not set +# CONFIG_RTC_DRV_RS5C372 is not set +# CONFIG_RTC_DRV_ISL1208 is not set +# CONFIG_RTC_DRV_ISL12022 is not set +# CONFIG_RTC_DRV_ISL12026 is not set +# CONFIG_RTC_DRV_X1205 is not set +# CONFIG_RTC_DRV_PCF8523 is not set +# CONFIG_RTC_DRV_PCF85063 is not set +# CONFIG_RTC_DRV_PCF85363 is not set +# CONFIG_RTC_DRV_PCF8563 is not set +# CONFIG_RTC_DRV_PCF8583 is not set +# CONFIG_RTC_DRV_M41T80 is not set +# CONFIG_RTC_DRV_BQ32K is not set +# CONFIG_RTC_DRV_S35390A is not set +# CONFIG_RTC_DRV_FM3130 is not set +# CONFIG_RTC_DRV_RX8010 is not set +# CONFIG_RTC_DRV_RX8581 is not set +# CONFIG_RTC_DRV_RX8025 is not set +# CONFIG_RTC_DRV_EM3027 is not set +# CONFIG_RTC_DRV_RV3028 is not set +# CONFIG_RTC_DRV_RV3032 is not set +# CONFIG_RTC_DRV_RV8803 is not set +# CONFIG_RTC_DRV_SD3078 is not set + +# +# SPI RTC drivers +# +# CONFIG_RTC_DRV_M41T93 is not set +# CONFIG_RTC_DRV_M41T94 is not set +# CONFIG_RTC_DRV_DS1302 is not set +# CONFIG_RTC_DRV_DS1305 is not set +# CONFIG_RTC_DRV_DS1343 is not set +# CONFIG_RTC_DRV_DS1347 is not set +# CONFIG_RTC_DRV_DS1390 is not set +# CONFIG_RTC_DRV_MAX6916 is not set +# CONFIG_RTC_DRV_R9701 is not set +# CONFIG_RTC_DRV_RX4581 is not set +# CONFIG_RTC_DRV_RS5C348 is not set +# CONFIG_RTC_DRV_MAX6902 is not set +# CONFIG_RTC_DRV_PCF2123 is not set +# CONFIG_RTC_DRV_MCP795 is not set +CONFIG_RTC_I2C_AND_SPI=y + +# +# SPI and I2C RTC drivers +# +# CONFIG_RTC_DRV_DS3232 is not set +# CONFIG_RTC_DRV_PCF2127 is not set +# CONFIG_RTC_DRV_RV3029C2 is not set +# CONFIG_RTC_DRV_RX6110 is not set + +# +# Platform RTC drivers +# +# CONFIG_RTC_DRV_DS1286 is not set +# CONFIG_RTC_DRV_DS1511 is not set +# CONFIG_RTC_DRV_DS1553 is not set +# CONFIG_RTC_DRV_DS1685_FAMILY is not set +# CONFIG_RTC_DRV_DS1742 is not set +# CONFIG_RTC_DRV_DS2404 is not set +# CONFIG_RTC_DRV_EFI is not set +# CONFIG_RTC_DRV_STK17TA8 is not set +# CONFIG_RTC_DRV_M48T86 is not set +# CONFIG_RTC_DRV_M48T35 is not set +# CONFIG_RTC_DRV_M48T59 is not set +# CONFIG_RTC_DRV_MSM6242 is not set +# CONFIG_RTC_DRV_BQ4802 is not set +# CONFIG_RTC_DRV_RP5C01 is not set +# CONFIG_RTC_DRV_ZYNQMP is not set + +# +# on-CPU RTC drivers +# +# CONFIG_RTC_DRV_PL030 is not set +# CONFIG_RTC_DRV_PL031 is not set +# CONFIG_RTC_DRV_CADENCE is not set +# CONFIG_RTC_DRV_FTRTC010 is not set +# CONFIG_RTC_DRV_R7301 is not set + +# +# HID Sensor RTC drivers +# +# CONFIG_RTC_DRV_GOLDFISH is not set +CONFIG_DMADEVICES=y +# CONFIG_DMADEVICES_DEBUG is not set + +# +# DMA Devices +# +CONFIG_DMA_ENGINE=y +CONFIG_DMA_OF=y +# CONFIG_ALTERA_MSGDMA is not set +# CONFIG_AMBA_PL08X is not set +CONFIG_APPLE_ADMAC=m +# CONFIG_DW_AXI_DMAC is not set +# CONFIG_FSL_EDMA is not set +# CONFIG_FSL_QDMA is not set +# CONFIG_INTEL_IDMA64 is not set +# CONFIG_MV_XOR_V2 is not set +# CONFIG_PL330_DMA is not set +# CONFIG_PLX_DMA is not set +# CONFIG_XILINX_DMA is not set +# CONFIG_XILINX_XDMA is not set +# CONFIG_XILINX_ZYNQMP_DMA is not set +# CONFIG_XILINX_ZYNQMP_DPDMA is not set +# CONFIG_QCOM_HIDMA_MGMT is not set +# CONFIG_QCOM_HIDMA is not set +# CONFIG_DW_DMAC is not set +# CONFIG_DW_DMAC_PCI is not set +# CONFIG_DW_EDMA is not set +# CONFIG_SF_PDMA is not set + +# +# DMA Clients +# +# CONFIG_ASYNC_TX_DMA is not set +# CONFIG_DMATEST is not set + +# +# DMABUF options +# +CONFIG_SYNC_FILE=y +# CONFIG_SW_SYNC is not set +# CONFIG_UDMABUF is not set +# CONFIG_DMABUF_MOVE_NOTIFY is not set +# CONFIG_DMABUF_DEBUG is not set +# CONFIG_DMABUF_SELFTESTS is not set +# CONFIG_DMABUF_HEAPS is not set +# CONFIG_DMABUF_SYSFS_STATS is not set +# end of DMABUF options + +# CONFIG_AUXDISPLAY is not set +# CONFIG_UIO is not set +CONFIG_VFIO=m +CONFIG_VFIO_CONTAINER=y +CONFIG_VFIO_IOMMU_TYPE1=m +# CONFIG_VFIO_NOIOMMU is not set +CONFIG_VFIO_VIRQFD=y + +# +# VFIO support for PCI devices +# +CONFIG_VFIO_PCI_CORE=m +CONFIG_VFIO_PCI_MMAP=y +CONFIG_VFIO_PCI_INTX=y +CONFIG_VFIO_PCI=m +# end of VFIO support for PCI devices + +# +# VFIO support for platform devices +# +CONFIG_VFIO_PLATFORM_BASE=m +CONFIG_VFIO_PLATFORM=m +# CONFIG_VFIO_AMBA is not set + +# +# VFIO platform reset drivers +# +# CONFIG_VFIO_PLATFORM_CALXEDAXGMAC_RESET is not set +# CONFIG_VFIO_PLATFORM_AMDXGBE_RESET is not set +# end of VFIO platform reset drivers +# end of VFIO support for platform devices + +# CONFIG_VIRT_DRIVERS is not set +CONFIG_VIRTIO_ANCHOR=y +CONFIG_VIRTIO=y +CONFIG_VIRTIO_PCI_LIB=m +CONFIG_VIRTIO_PCI_LIB_LEGACY=m +CONFIG_VIRTIO_MENU=y +CONFIG_VIRTIO_PCI=m +CONFIG_VIRTIO_PCI_LEGACY=y +CONFIG_VIRTIO_BALLOON=m +CONFIG_VIRTIO_INPUT=m +CONFIG_VIRTIO_MMIO=m +# CONFIG_VIRTIO_MMIO_CMDLINE_DEVICES is not set +CONFIG_VIRTIO_DMA_SHARED_BUFFER=m +# CONFIG_VDPA is not set +CONFIG_VHOST_IOTLB=m +CONFIG_VHOST_TASK=y +CONFIG_VHOST=m +CONFIG_VHOST_MENU=y +CONFIG_VHOST_NET=m +CONFIG_VHOST_SCSI=m +CONFIG_VHOST_VSOCK=m +# CONFIG_VHOST_CROSS_ENDIAN_LEGACY is not set + +# +# Microsoft Hyper-V guest support +# +# end of Microsoft Hyper-V guest support + +# CONFIG_GREYBUS is not set +# CONFIG_COMEDI is not set +CONFIG_STAGING=y +CONFIG_PRISM2_USB=m +CONFIG_RTL8192U=m +CONFIG_RTLLIB=m +CONFIG_RTLLIB_CRYPTO_CCMP=m +CONFIG_RTLLIB_CRYPTO_TKIP=m +CONFIG_RTLLIB_CRYPTO_WEP=m +CONFIG_RTL8192E=m +# CONFIG_RTL8723BS is not set +CONFIG_R8712U=m +# CONFIG_RTS5208 is not set +# CONFIG_VT6655 is not set +# CONFIG_VT6656 is not set +# CONFIG_FB_SM750 is not set +CONFIG_STAGING_MEDIA=y +# CONFIG_DVB_AV7110 is not set +# CONFIG_VIDEO_MAX96712 is not set +# CONFIG_STAGING_MEDIA_DEPRECATED is not set +# CONFIG_STAGING_BOARD is not set +# CONFIG_LTE_GDM724X is not set +# CONFIG_FB_TFT is not set +# CONFIG_KS7010 is not set +# CONFIG_PI433 is not set +# CONFIG_XIL_AXIS_FIFO is not set +# CONFIG_FIELDBUS_DEV is not set +# CONFIG_QLGE is not set +# CONFIG_VME_BUS is not set +# CONFIG_GOLDFISH is not set +# CONFIG_CHROME_PLATFORMS is not set +# CONFIG_MELLANOX_PLATFORM is not set +# CONFIG_SURFACE_PLATFORMS is not set +CONFIG_HAVE_CLK=y +CONFIG_HAVE_CLK_PREPARE=y +CONFIG_COMMON_CLK=y + +# +# Clock driver for ARM Reference designs +# +# CONFIG_CLK_ICST is not set +CONFIG_CLK_SP810=y +# end of Clock driver for ARM Reference designs + +# CONFIG_LMK04832 is not set +CONFIG_COMMON_CLK_APPLE_NCO=m +# CONFIG_COMMON_CLK_MAX9485 is not set +# CONFIG_COMMON_CLK_SI5341 is not set +# CONFIG_COMMON_CLK_SI5351 is not set +# CONFIG_COMMON_CLK_SI514 is not set +# CONFIG_COMMON_CLK_SI544 is not set +# CONFIG_COMMON_CLK_SI570 is not set +# CONFIG_COMMON_CLK_CDCE706 is not set +# CONFIG_COMMON_CLK_CDCE925 is not set +# CONFIG_COMMON_CLK_CS2000_CP is not set +# CONFIG_COMMON_CLK_AXI_CLKGEN is not set +# CONFIG_COMMON_CLK_XGENE is not set +# CONFIG_COMMON_CLK_PWM is not set +# CONFIG_COMMON_CLK_RS9_PCIE is not set +# CONFIG_COMMON_CLK_SI521XX is not set +# CONFIG_COMMON_CLK_VC5 is not set +# CONFIG_COMMON_CLK_VC7 is not set +# CONFIG_COMMON_CLK_FIXED_MMIO is not set +# CONFIG_XILINX_VCU is not set +# CONFIG_COMMON_CLK_XLNX_CLKWZRD is not set +# CONFIG_HWSPINLOCK is not set + +# +# Clock Source drivers +# +CONFIG_TIMER_OF=y +CONFIG_TIMER_PROBE=y +CONFIG_ARM_ARCH_TIMER=y +CONFIG_ARM_ARCH_TIMER_EVTSTREAM=y +# CONFIG_FSL_ERRATUM_A008585 is not set +# CONFIG_HISILICON_ERRATUM_161010101 is not set +# CONFIG_ARM64_ERRATUM_858921 is not set +# end of Clock Source drivers + +# CONFIG_MAILBOX is not set +CONFIG_IOMMU_IOVA=y +CONFIG_IOMMU_API=y +CONFIG_IOMMU_SUPPORT=y + +# +# Generic IOMMU Pagetable Support +# +CONFIG_IOMMU_IO_PGTABLE=y +CONFIG_IOMMU_IO_PGTABLE_LPAE=y +# CONFIG_IOMMU_IO_PGTABLE_LPAE_SELFTEST is not set +CONFIG_IOMMU_IO_PGTABLE_ARMV7S=y +# CONFIG_IOMMU_IO_PGTABLE_ARMV7S_SELFTEST is not set +CONFIG_IOMMU_IO_PGTABLE_DART=y +# end of Generic IOMMU Pagetable Support + +# CONFIG_IOMMU_DEBUGFS is not set +CONFIG_IOMMU_DEFAULT_DMA_STRICT=y +# CONFIG_IOMMU_DEFAULT_DMA_LAZY is not set +# CONFIG_IOMMU_DEFAULT_PASSTHROUGH is not set +CONFIG_OF_IOMMU=y +CONFIG_IOMMU_DMA=y +# CONFIG_IOMMUFD is not set +CONFIG_APPLE_DART=m +# CONFIG_ARM_SMMU is not set +# CONFIG_ARM_SMMU_V3 is not set +# CONFIG_VIRTIO_IOMMU is not set + +# +# Remoteproc drivers +# +# CONFIG_REMOTEPROC is not set +# end of Remoteproc drivers + +# +# Rpmsg drivers +# +# CONFIG_RPMSG_VIRTIO is not set +# end of Rpmsg drivers + +# CONFIG_SOUNDWIRE is not set + +# +# SOC (System On Chip) specific Drivers +# + +# +# Amlogic SoC drivers +# +# end of Amlogic SoC drivers + +# +# Apple SoC drivers +# +CONFIG_APPLE_PMGR_PWRSTATE=y +CONFIG_APPLE_SART=m +# end of Apple SoC drivers + +# +# Broadcom SoC drivers +# +# CONFIG_SOC_BRCMSTB is not set +# end of Broadcom SoC drivers + +# +# NXP/Freescale QorIQ SoC drivers +# +# CONFIG_QUICC_ENGINE is not set +# end of NXP/Freescale QorIQ SoC drivers + +# +# fujitsu SoC drivers +# +# end of fujitsu SoC drivers + +# +# i.MX SoC drivers +# +# end of i.MX SoC drivers + +# +# Enable LiteX SoC Builder specific drivers +# +# CONFIG_LITEX_SOC_CONTROLLER is not set +# end of Enable LiteX SoC Builder specific drivers + +# CONFIG_WPCM450_SOC is not set + +# +# Qualcomm SoC drivers +# +# end of Qualcomm SoC drivers + +# CONFIG_SOC_TI is not set + +# +# Xilinx SoC drivers +# +# end of Xilinx SoC drivers +# end of SOC (System On Chip) specific Drivers + +CONFIG_PM_DEVFREQ=y + +# +# DEVFREQ Governors +# +CONFIG_DEVFREQ_GOV_SIMPLE_ONDEMAND=y +CONFIG_DEVFREQ_GOV_PERFORMANCE=y +CONFIG_DEVFREQ_GOV_POWERSAVE=y +CONFIG_DEVFREQ_GOV_USERSPACE=y +CONFIG_DEVFREQ_GOV_PASSIVE=y + +# +# DEVFREQ Drivers +# +CONFIG_PM_DEVFREQ_EVENT=y +CONFIG_EXTCON=y + +# +# Extcon Device Drivers +# +# CONFIG_EXTCON_FSA9480 is not set +CONFIG_EXTCON_GPIO=y +# CONFIG_EXTCON_MAX3355 is not set +# CONFIG_EXTCON_PTN5150 is not set +# CONFIG_EXTCON_RT8973A is not set +# CONFIG_EXTCON_SM5502 is not set +CONFIG_EXTCON_USB_GPIO=y +# CONFIG_EXTCON_USBC_TUSB320 is not set +# CONFIG_MEMORY is not set +# CONFIG_IIO is not set +# CONFIG_NTB is not set +CONFIG_PWM=y +CONFIG_PWM_SYSFS=y +# CONFIG_PWM_DEBUG is not set +CONFIG_PWM_APPLE=m +# CONFIG_PWM_ATMEL_TCB is not set +# CONFIG_PWM_CLK is not set +# CONFIG_PWM_DWC is not set +# CONFIG_PWM_FSL_FTM is not set +# CONFIG_PWM_PCA9685 is not set +# CONFIG_PWM_XILINX is not set + +# +# IRQ chip support +# +CONFIG_IRQCHIP=y +CONFIG_ARM_GIC=y +CONFIG_ARM_GIC_MAX_NR=1 +CONFIG_ARM_GIC_V2M=y +CONFIG_ARM_GIC_V3=y +CONFIG_ARM_GIC_V3_ITS=y +CONFIG_ARM_GIC_V3_ITS_PCI=y +# CONFIG_AL_FIC is not set +# CONFIG_XILINX_INTC is not set +CONFIG_PARTITION_PERCPU=y +CONFIG_APPLE_AIC=y +# end of IRQ chip support + +# CONFIG_IPACK_BUS is not set +CONFIG_RESET_CONTROLLER=y +# CONFIG_RESET_SIMPLE is not set +# CONFIG_RESET_TI_SYSCON is not set +# CONFIG_RESET_TI_TPS380X is not set + +# +# PHY Subsystem +# +CONFIG_GENERIC_PHY=y +# CONFIG_PHY_CAN_TRANSCEIVER is not set + +# +# PHY drivers for Broadcom platforms +# +# CONFIG_BCM_KONA_USB2_PHY is not set +# end of PHY drivers for Broadcom platforms + +# CONFIG_PHY_CADENCE_TORRENT is not set +# CONFIG_PHY_CADENCE_DPHY is not set +# CONFIG_PHY_CADENCE_DPHY_RX is not set +# CONFIG_PHY_CADENCE_SIERRA is not set +# CONFIG_PHY_CADENCE_SALVO is not set +# CONFIG_PHY_PXA_28NM_HSIC is not set +# CONFIG_PHY_PXA_28NM_USB2 is not set +# CONFIG_PHY_LAN966X_SERDES is not set +# CONFIG_PHY_MAPPHONE_MDM6600 is not set +# CONFIG_PHY_OCELOT_SERDES is not set +# CONFIG_PHY_QCOM_USB_HS is not set +# CONFIG_PHY_QCOM_USB_HSIC is not set +# CONFIG_PHY_TUSB1210 is not set +# end of PHY Subsystem + +CONFIG_POWERCAP=y +# CONFIG_IDLE_INJECT is not set +# CONFIG_DTPM is not set +# CONFIG_MCB is not set + +# +# Performance monitor support +# +# CONFIG_ARM_CCI_PMU is not set +# CONFIG_ARM_CCN is not set +# CONFIG_ARM_CMN is not set +CONFIG_ARM_PMU=y +CONFIG_ARM_PMUV3=y +# CONFIG_ARM_DSU_PMU is not set +# CONFIG_ARM_SPE_PMU is not set +CONFIG_APPLE_M1_CPU_PMU=y +# CONFIG_HISI_PCIE_PMU is not set +# CONFIG_HNS3_PMU is not set +# CONFIG_ARM_CORESIGHT_PMU_ARCH_SYSTEM_PMU is not set +# end of Performance monitor support + +CONFIG_RAS=y +# CONFIG_USB4 is not set + +# +# Android +# +# CONFIG_ANDROID_BINDER_IPC is not set +# end of Android + +# CONFIG_LIBNVDIMM is not set +# CONFIG_DAX is not set +CONFIG_NVMEM=y +CONFIG_NVMEM_SYSFS=y + +# +# Layout Types +# +# CONFIG_NVMEM_LAYOUT_SL28_VPD is not set +# CONFIG_NVMEM_LAYOUT_ONIE_TLV is not set +# end of Layout Types + +CONFIG_NVMEM_APPLE_EFUSES=m +# CONFIG_NVMEM_RMEM is not set +# CONFIG_NVMEM_SPMI_SDAM is not set +# CONFIG_NVMEM_U_BOOT_ENV is not set + +# +# HW tracing support +# +# CONFIG_STM is not set +# CONFIG_INTEL_TH is not set +# CONFIG_HISI_PTT is not set +# end of HW tracing support + +# CONFIG_FPGA is not set +# CONFIG_FSI is not set +# CONFIG_TEE is not set +CONFIG_MULTIPLEXER=m + +# +# Multiplexer drivers +# +# CONFIG_MUX_ADG792A is not set +# CONFIG_MUX_ADGS1408 is not set +# CONFIG_MUX_GPIO is not set +# CONFIG_MUX_MMIO is not set +# end of Multiplexer drivers + +CONFIG_PM_OPP=y +# CONFIG_SIOX is not set +# CONFIG_SLIMBUS is not set +# CONFIG_INTERCONNECT is not set +# CONFIG_COUNTER is not set +# CONFIG_MOST is not set +# CONFIG_PECI is not set +# CONFIG_HTE is not set +# CONFIG_CDX_BUS is not set +# end of Device Drivers + +# +# File systems +# +CONFIG_DCACHE_WORD_ACCESS=y +CONFIG_VALIDATE_FS_PARSER=y +CONFIG_FS_IOMAP=y +CONFIG_LEGACY_DIRECT_IO=y +# CONFIG_EXT2_FS is not set +# CONFIG_EXT3_FS is not set +CONFIG_EXT4_FS=y +CONFIG_EXT4_USE_FOR_EXT2=y +CONFIG_EXT4_FS_POSIX_ACL=y +CONFIG_EXT4_FS_SECURITY=y +# CONFIG_EXT4_DEBUG is not set +CONFIG_JBD2=y +# CONFIG_JBD2_DEBUG is not set +CONFIG_FS_MBCACHE=y +CONFIG_REISERFS_FS=m +# CONFIG_REISERFS_CHECK is not set +CONFIG_REISERFS_PROC_INFO=y +CONFIG_REISERFS_FS_XATTR=y +CONFIG_REISERFS_FS_POSIX_ACL=y +CONFIG_REISERFS_FS_SECURITY=y +CONFIG_JFS_FS=m +CONFIG_JFS_POSIX_ACL=y +CONFIG_JFS_SECURITY=y +# CONFIG_JFS_DEBUG is not set +# CONFIG_JFS_STATISTICS is not set +CONFIG_XFS_FS=m +CONFIG_XFS_SUPPORT_V4=y +CONFIG_XFS_SUPPORT_ASCII_CI=y +CONFIG_XFS_QUOTA=y +CONFIG_XFS_POSIX_ACL=y +# CONFIG_XFS_RT is not set +# CONFIG_XFS_ONLINE_SCRUB is not set +# CONFIG_XFS_WARN is not set +# CONFIG_XFS_DEBUG is not set +CONFIG_GFS2_FS=m +CONFIG_GFS2_FS_LOCKING_DLM=y +CONFIG_OCFS2_FS=m +CONFIG_OCFS2_FS_O2CB=m +CONFIG_OCFS2_FS_USERSPACE_CLUSTER=m +# CONFIG_OCFS2_FS_STATS is not set +# CONFIG_OCFS2_DEBUG_MASKLOG is not set +# CONFIG_OCFS2_DEBUG_FS is not set +CONFIG_BTRFS_FS=m +CONFIG_BTRFS_FS_POSIX_ACL=y +# CONFIG_BTRFS_FS_CHECK_INTEGRITY is not set +# CONFIG_BTRFS_FS_RUN_SANITY_TESTS is not set +# CONFIG_BTRFS_DEBUG is not set +# CONFIG_BTRFS_ASSERT is not set +# CONFIG_BTRFS_FS_REF_VERIFY is not set +CONFIG_NILFS2_FS=m +# CONFIG_F2FS_FS is not set +# CONFIG_ZONEFS_FS is not set +CONFIG_FS_POSIX_ACL=y +CONFIG_EXPORTFS=y +CONFIG_EXPORTFS_BLOCK_OPS=y +CONFIG_FILE_LOCKING=y +CONFIG_FS_ENCRYPTION=y +CONFIG_FS_ENCRYPTION_ALGS=y +# CONFIG_FS_VERITY is not set +CONFIG_FSNOTIFY=y +CONFIG_DNOTIFY=y +CONFIG_INOTIFY_USER=y +CONFIG_FANOTIFY=y +CONFIG_FANOTIFY_ACCESS_PERMISSIONS=y +CONFIG_QUOTA=y +CONFIG_QUOTA_NETLINK_INTERFACE=y +# CONFIG_QUOTA_DEBUG is not set +CONFIG_QUOTA_TREE=y +# CONFIG_QFMT_V1 is not set +CONFIG_QFMT_V2=y +CONFIG_QUOTACTL=y +CONFIG_AUTOFS_FS=y +CONFIG_FUSE_FS=m +CONFIG_CUSE=m +# CONFIG_VIRTIO_FS is not set +CONFIG_OVERLAY_FS=m +# CONFIG_OVERLAY_FS_REDIRECT_DIR is not set +CONFIG_OVERLAY_FS_REDIRECT_ALWAYS_FOLLOW=y +# CONFIG_OVERLAY_FS_INDEX is not set +# CONFIG_OVERLAY_FS_XINO_AUTO is not set +# CONFIG_OVERLAY_FS_METACOPY is not set + +# +# Caches +# +CONFIG_NETFS_SUPPORT=m +CONFIG_NETFS_STATS=y +CONFIG_FSCACHE=m +CONFIG_FSCACHE_STATS=y +# CONFIG_FSCACHE_DEBUG is not set +CONFIG_CACHEFILES=m +# CONFIG_CACHEFILES_DEBUG is not set +# CONFIG_CACHEFILES_ERROR_INJECTION is not set +# CONFIG_CACHEFILES_ONDEMAND is not set +# end of Caches + +# +# CD-ROM/DVD Filesystems +# +CONFIG_ISO9660_FS=m +CONFIG_JOLIET=y +CONFIG_ZISOFS=y +CONFIG_UDF_FS=m +# end of CD-ROM/DVD Filesystems + +# +# DOS/FAT/EXFAT/NT Filesystems +# +CONFIG_FAT_FS=y +CONFIG_MSDOS_FS=m +CONFIG_VFAT_FS=y +CONFIG_FAT_DEFAULT_CODEPAGE=437 +CONFIG_FAT_DEFAULT_IOCHARSET="ascii" +# CONFIG_FAT_DEFAULT_UTF8 is not set +CONFIG_EXFAT_FS=m +CONFIG_EXFAT_DEFAULT_IOCHARSET="utf8" +# CONFIG_NTFS_FS is not set +CONFIG_NTFS3_FS=m +# CONFIG_NTFS3_64BIT_CLUSTER is not set +CONFIG_NTFS3_LZX_XPRESS=y +# CONFIG_NTFS3_FS_POSIX_ACL is not set +# end of DOS/FAT/EXFAT/NT Filesystems + +# +# Pseudo filesystems +# +CONFIG_PROC_FS=y +CONFIG_PROC_KCORE=y +CONFIG_PROC_SYSCTL=y +CONFIG_PROC_PAGE_MONITOR=y +CONFIG_PROC_CHILDREN=y +CONFIG_KERNFS=y +CONFIG_SYSFS=y +CONFIG_TMPFS=y +CONFIG_TMPFS_POSIX_ACL=y +CONFIG_TMPFS_XATTR=y +# CONFIG_TMPFS_INODE64 is not set +CONFIG_ARCH_SUPPORTS_HUGETLBFS=y +CONFIG_HUGETLBFS=y +CONFIG_HUGETLB_PAGE=y +CONFIG_MEMFD_CREATE=y +CONFIG_ARCH_HAS_GIGANTIC_PAGE=y +CONFIG_CONFIGFS_FS=y +CONFIG_EFIVAR_FS=y +# end of Pseudo filesystems + +CONFIG_MISC_FILESYSTEMS=y +# CONFIG_ORANGEFS_FS is not set +# CONFIG_ADFS_FS is not set +CONFIG_AFFS_FS=m +CONFIG_ECRYPT_FS=m +# CONFIG_ECRYPT_FS_MESSAGING is not set +CONFIG_HFS_FS=m +CONFIG_HFSPLUS_FS=m +CONFIG_BEFS_FS=m +# CONFIG_BEFS_DEBUG is not set +# CONFIG_BFS_FS is not set +# CONFIG_EFS_FS is not set +# CONFIG_JFFS2_FS is not set +CONFIG_CRAMFS=m +CONFIG_CRAMFS_BLOCKDEV=y +# CONFIG_CRAMFS_MTD is not set +CONFIG_SQUASHFS=m +CONFIG_SQUASHFS_FILE_CACHE=y +# CONFIG_SQUASHFS_FILE_DIRECT is not set +CONFIG_SQUASHFS_DECOMP_SINGLE=y +# CONFIG_SQUASHFS_CHOICE_DECOMP_BY_MOUNT is not set +CONFIG_SQUASHFS_COMPILE_DECOMP_SINGLE=y +# CONFIG_SQUASHFS_COMPILE_DECOMP_MULTI is not set +# CONFIG_SQUASHFS_COMPILE_DECOMP_MULTI_PERCPU is not set +CONFIG_SQUASHFS_XATTR=y +CONFIG_SQUASHFS_ZLIB=y +CONFIG_SQUASHFS_LZ4=y +CONFIG_SQUASHFS_LZO=y +CONFIG_SQUASHFS_XZ=y +CONFIG_SQUASHFS_ZSTD=y +# CONFIG_SQUASHFS_4K_DEVBLK_SIZE is not set +# CONFIG_SQUASHFS_EMBEDDED is not set +CONFIG_SQUASHFS_FRAGMENT_CACHE_SIZE=3 +# CONFIG_VXFS_FS is not set +CONFIG_MINIX_FS=m +# CONFIG_OMFS_FS is not set +# CONFIG_HPFS_FS is not set +# CONFIG_QNX4FS_FS is not set +# CONFIG_QNX6FS_FS is not set +CONFIG_ROMFS_FS=m +CONFIG_ROMFS_BACKED_BY_BLOCK=y +# CONFIG_ROMFS_BACKED_BY_MTD is not set +# CONFIG_ROMFS_BACKED_BY_BOTH is not set +CONFIG_ROMFS_ON_BLOCK=y +CONFIG_PSTORE=y +CONFIG_PSTORE_DEFAULT_KMSG_BYTES=10240 +CONFIG_PSTORE_DEFLATE_COMPRESS=y +# CONFIG_PSTORE_LZO_COMPRESS is not set +# CONFIG_PSTORE_LZ4_COMPRESS is not set +# CONFIG_PSTORE_LZ4HC_COMPRESS is not set +# CONFIG_PSTORE_842_COMPRESS is not set +# CONFIG_PSTORE_ZSTD_COMPRESS is not set +CONFIG_PSTORE_COMPRESS=y +CONFIG_PSTORE_DEFLATE_COMPRESS_DEFAULT=y +CONFIG_PSTORE_COMPRESS_DEFAULT="deflate" +# CONFIG_PSTORE_CONSOLE is not set +# CONFIG_PSTORE_PMSG is not set +CONFIG_PSTORE_RAM=m +# CONFIG_PSTORE_BLK is not set +CONFIG_SYSV_FS=m +CONFIG_UFS_FS=m +# CONFIG_UFS_FS_WRITE is not set +# CONFIG_UFS_DEBUG is not set +# CONFIG_EROFS_FS is not set +CONFIG_NETWORK_FILESYSTEMS=y +CONFIG_NFS_FS=y +# CONFIG_NFS_V2 is not set +CONFIG_NFS_V3=y +CONFIG_NFS_V3_ACL=y +CONFIG_NFS_V4=y +CONFIG_NFS_SWAP=y +CONFIG_NFS_V4_1=y +CONFIG_NFS_V4_2=y +CONFIG_PNFS_FILE_LAYOUT=y +CONFIG_PNFS_BLOCK=y +CONFIG_PNFS_FLEXFILE_LAYOUT=y +CONFIG_NFS_V4_1_IMPLEMENTATION_ID_DOMAIN="kernel.org" +# CONFIG_NFS_V4_1_MIGRATION is not set +CONFIG_NFS_V4_SECURITY_LABEL=y +# CONFIG_NFS_USE_LEGACY_DNS is not set +CONFIG_NFS_USE_KERNEL_DNS=y +CONFIG_NFS_DEBUG=y +CONFIG_NFS_DISABLE_UDP_SUPPORT=y +# CONFIG_NFS_V4_2_READ_PLUS is not set +CONFIG_NFSD=m +# CONFIG_NFSD_V2 is not set +CONFIG_NFSD_V3_ACL=y +CONFIG_NFSD_V4=y +CONFIG_NFSD_PNFS=y +CONFIG_NFSD_BLOCKLAYOUT=y +CONFIG_NFSD_SCSILAYOUT=y +CONFIG_NFSD_FLEXFILELAYOUT=y +CONFIG_NFSD_V4_2_INTER_SSC=y +CONFIG_NFSD_V4_SECURITY_LABEL=y +CONFIG_GRACE_PERIOD=y +CONFIG_LOCKD=y +CONFIG_LOCKD_V4=y +CONFIG_NFS_ACL_SUPPORT=y +CONFIG_NFS_COMMON=y +CONFIG_NFS_V4_2_SSC_HELPER=y +CONFIG_SUNRPC=y +CONFIG_SUNRPC_GSS=m +CONFIG_SUNRPC_BACKCHANNEL=y +CONFIG_SUNRPC_SWAP=y +CONFIG_RPCSEC_GSS_KRB5=m +CONFIG_RPCSEC_GSS_KRB5_CRYPTOSYSTEM=y +# CONFIG_RPCSEC_GSS_KRB5_ENCTYPES_DES is not set +CONFIG_RPCSEC_GSS_KRB5_ENCTYPES_AES_SHA1=y +# CONFIG_RPCSEC_GSS_KRB5_ENCTYPES_CAMELLIA is not set +# CONFIG_RPCSEC_GSS_KRB5_ENCTYPES_AES_SHA2 is not set +CONFIG_SUNRPC_DEBUG=y +CONFIG_CEPH_FS=m +CONFIG_CEPH_FSCACHE=y +CONFIG_CEPH_FS_POSIX_ACL=y +# CONFIG_CEPH_FS_SECURITY_LABEL is not set +CONFIG_CIFS=m +# CONFIG_CIFS_STATS2 is not set +CONFIG_CIFS_ALLOW_INSECURE_LEGACY=y +CONFIG_CIFS_UPCALL=y +CONFIG_CIFS_XATTR=y +CONFIG_CIFS_POSIX=y +CONFIG_CIFS_DEBUG=y +# CONFIG_CIFS_DEBUG2 is not set +# CONFIG_CIFS_DEBUG_DUMP_KEYS is not set +CONFIG_CIFS_DFS_UPCALL=y +# CONFIG_CIFS_SWN_UPCALL is not set +CONFIG_CIFS_FSCACHE=y +# CONFIG_SMB_SERVER is not set +CONFIG_SMBFS=m +CONFIG_CODA_FS=m +# CONFIG_AFS_FS is not set +CONFIG_9P_FS=m +CONFIG_9P_FSCACHE=y +CONFIG_9P_FS_POSIX_ACL=y +CONFIG_9P_FS_SECURITY=y +CONFIG_NLS=y +CONFIG_NLS_DEFAULT="utf8" +CONFIG_NLS_CODEPAGE_437=y +CONFIG_NLS_CODEPAGE_737=m +CONFIG_NLS_CODEPAGE_775=m +CONFIG_NLS_CODEPAGE_850=m +CONFIG_NLS_CODEPAGE_852=m +CONFIG_NLS_CODEPAGE_855=m +CONFIG_NLS_CODEPAGE_857=m +CONFIG_NLS_CODEPAGE_860=m +CONFIG_NLS_CODEPAGE_861=m +CONFIG_NLS_CODEPAGE_862=m +CONFIG_NLS_CODEPAGE_863=m +CONFIG_NLS_CODEPAGE_864=m +CONFIG_NLS_CODEPAGE_865=m +CONFIG_NLS_CODEPAGE_866=m +CONFIG_NLS_CODEPAGE_869=m +CONFIG_NLS_CODEPAGE_936=m +CONFIG_NLS_CODEPAGE_950=m +CONFIG_NLS_CODEPAGE_932=m +CONFIG_NLS_CODEPAGE_949=m +CONFIG_NLS_CODEPAGE_874=m +CONFIG_NLS_ISO8859_8=m +CONFIG_NLS_CODEPAGE_1250=m +CONFIG_NLS_CODEPAGE_1251=m +CONFIG_NLS_ASCII=y +CONFIG_NLS_ISO8859_1=m +CONFIG_NLS_ISO8859_2=m +CONFIG_NLS_ISO8859_3=m +CONFIG_NLS_ISO8859_4=m +CONFIG_NLS_ISO8859_5=m +CONFIG_NLS_ISO8859_6=m +CONFIG_NLS_ISO8859_7=m +CONFIG_NLS_ISO8859_9=m +CONFIG_NLS_ISO8859_13=m +CONFIG_NLS_ISO8859_14=m +CONFIG_NLS_ISO8859_15=m +CONFIG_NLS_KOI8_R=m +CONFIG_NLS_KOI8_U=m +CONFIG_NLS_MAC_ROMAN=m +CONFIG_NLS_MAC_CELTIC=m +CONFIG_NLS_MAC_CENTEURO=m +CONFIG_NLS_MAC_CROATIAN=m +CONFIG_NLS_MAC_CYRILLIC=m +CONFIG_NLS_MAC_GAELIC=m +CONFIG_NLS_MAC_GREEK=m +CONFIG_NLS_MAC_ICELAND=m +CONFIG_NLS_MAC_INUIT=m +CONFIG_NLS_MAC_ROMANIAN=m +CONFIG_NLS_MAC_TURKISH=m +CONFIG_NLS_UTF8=y +CONFIG_DLM=m +CONFIG_DLM_DEBUG=y +CONFIG_UNICODE=m +# CONFIG_UNICODE_NORMALIZATION_SELFTEST is not set +CONFIG_IO_WQ=y +# end of File systems + +# +# Security options +# +CONFIG_KEYS=y +# CONFIG_KEYS_REQUEST_CACHE is not set +CONFIG_PERSISTENT_KEYRINGS=y +# CONFIG_TRUSTED_KEYS is not set +CONFIG_ENCRYPTED_KEYS=y +# CONFIG_USER_DECRYPTED_DATA is not set +CONFIG_KEY_DH_OPERATIONS=y +# CONFIG_KEY_NOTIFICATIONS is not set +# CONFIG_SECURITY_DMESG_RESTRICT is not set +CONFIG_SECURITY=y +CONFIG_SECURITYFS=y +CONFIG_SECURITY_NETWORK=y +CONFIG_SECURITY_NETWORK_XFRM=y +CONFIG_SECURITY_PATH=y +# CONFIG_HARDENED_USERCOPY is not set +# CONFIG_FORTIFY_SOURCE is not set +# CONFIG_STATIC_USERMODEHELPER is not set +# CONFIG_SECURITY_SELINUX is not set +# CONFIG_SECURITY_SMACK is not set +# CONFIG_SECURITY_TOMOYO is not set +CONFIG_SECURITY_APPARMOR=y +# CONFIG_SECURITY_APPARMOR_DEBUG is not set +CONFIG_SECURITY_APPARMOR_INTROSPECT_POLICY=y +CONFIG_SECURITY_APPARMOR_HASH=y +CONFIG_SECURITY_APPARMOR_HASH_DEFAULT=y +CONFIG_SECURITY_APPARMOR_EXPORT_BINARY=y +CONFIG_SECURITY_APPARMOR_PARANOID_LOAD=y +# CONFIG_SECURITY_LOADPIN is not set +CONFIG_SECURITY_YAMA=y +# CONFIG_SECURITY_SAFESETID is not set +# CONFIG_SECURITY_LOCKDOWN_LSM is not set +# CONFIG_SECURITY_LANDLOCK is not set +# CONFIG_INTEGRITY is not set +# CONFIG_IMA_SECURE_AND_OR_TRUSTED_BOOT is not set +# CONFIG_DEFAULT_SECURITY_APPARMOR is not set +CONFIG_DEFAULT_SECURITY_DAC=y +CONFIG_LSM="yama,loadpin,safesetid,integrity,selinux,smack,tomoyo,apparmor" + +# +# Kernel hardening options +# + +# +# Memory initialization +# +CONFIG_CC_HAS_AUTO_VAR_INIT_PATTERN=y +CONFIG_CC_HAS_AUTO_VAR_INIT_ZERO_BARE=y +CONFIG_CC_HAS_AUTO_VAR_INIT_ZERO=y +CONFIG_INIT_STACK_NONE=y +# CONFIG_INIT_STACK_ALL_PATTERN is not set +# CONFIG_INIT_STACK_ALL_ZERO is not set +# CONFIG_INIT_ON_ALLOC_DEFAULT_ON is not set +# CONFIG_INIT_ON_FREE_DEFAULT_ON is not set +CONFIG_CC_HAS_ZERO_CALL_USED_REGS=y +# CONFIG_ZERO_CALL_USED_REGS is not set +# end of Memory initialization + +CONFIG_RANDSTRUCT_NONE=y +# end of Kernel hardening options +# end of Security options + +CONFIG_XOR_BLOCKS=m +CONFIG_ASYNC_CORE=m +CONFIG_ASYNC_MEMCPY=m +CONFIG_ASYNC_XOR=m +CONFIG_ASYNC_PQ=m +CONFIG_ASYNC_RAID6_RECOV=m +CONFIG_CRYPTO=y + +# +# Crypto core or helper +# +CONFIG_CRYPTO_ALGAPI=y +CONFIG_CRYPTO_ALGAPI2=y +CONFIG_CRYPTO_AEAD=y +CONFIG_CRYPTO_AEAD2=y +CONFIG_CRYPTO_SIG2=y +CONFIG_CRYPTO_SKCIPHER=y +CONFIG_CRYPTO_SKCIPHER2=y +CONFIG_CRYPTO_HASH=y +CONFIG_CRYPTO_HASH2=y +CONFIG_CRYPTO_RNG=y +CONFIG_CRYPTO_RNG2=y +CONFIG_CRYPTO_RNG_DEFAULT=y +CONFIG_CRYPTO_AKCIPHER2=y +CONFIG_CRYPTO_AKCIPHER=y +CONFIG_CRYPTO_KPP2=y +CONFIG_CRYPTO_KPP=y +CONFIG_CRYPTO_ACOMP2=y +CONFIG_CRYPTO_MANAGER=y +CONFIG_CRYPTO_MANAGER2=y +CONFIG_CRYPTO_USER=m +# CONFIG_CRYPTO_MANAGER_DISABLE_TESTS is not set +# CONFIG_CRYPTO_MANAGER_EXTRA_TESTS is not set +CONFIG_CRYPTO_NULL=y +CONFIG_CRYPTO_NULL2=y +CONFIG_CRYPTO_PCRYPT=m +CONFIG_CRYPTO_CRYPTD=y +CONFIG_CRYPTO_AUTHENC=m +# CONFIG_CRYPTO_TEST is not set +CONFIG_CRYPTO_ENGINE=m +# end of Crypto core or helper + +# +# Public-key cryptography +# +CONFIG_CRYPTO_RSA=y +CONFIG_CRYPTO_DH=y +# CONFIG_CRYPTO_DH_RFC7919_GROUPS is not set +CONFIG_CRYPTO_ECC=m +CONFIG_CRYPTO_ECDH=m +# CONFIG_CRYPTO_ECDSA is not set +# CONFIG_CRYPTO_ECRDSA is not set +# CONFIG_CRYPTO_SM2 is not set +# CONFIG_CRYPTO_CURVE25519 is not set +# end of Public-key cryptography + +# +# Block ciphers +# +CONFIG_CRYPTO_AES=y +# CONFIG_CRYPTO_AES_TI is not set +CONFIG_CRYPTO_ANUBIS=m +CONFIG_CRYPTO_ARIA=m +CONFIG_CRYPTO_BLOWFISH=m +CONFIG_CRYPTO_BLOWFISH_COMMON=m +CONFIG_CRYPTO_CAMELLIA=m +CONFIG_CRYPTO_CAST_COMMON=m +CONFIG_CRYPTO_CAST5=m +CONFIG_CRYPTO_CAST6=m +CONFIG_CRYPTO_DES=m +CONFIG_CRYPTO_FCRYPT=m +CONFIG_CRYPTO_KHAZAD=m +CONFIG_CRYPTO_SEED=m +CONFIG_CRYPTO_SERPENT=m +CONFIG_CRYPTO_SM4=y +CONFIG_CRYPTO_SM4_GENERIC=m +CONFIG_CRYPTO_TEA=m +CONFIG_CRYPTO_TWOFISH=m +CONFIG_CRYPTO_TWOFISH_COMMON=m +# end of Block ciphers + +# +# Length-preserving ciphers and modes +# +CONFIG_CRYPTO_ADIANTUM=m +CONFIG_CRYPTO_ARC4=m +CONFIG_CRYPTO_CHACHA20=y +CONFIG_CRYPTO_CBC=y +CONFIG_CRYPTO_CFB=m +CONFIG_CRYPTO_CTR=y +CONFIG_CRYPTO_CTS=y +CONFIG_CRYPTO_ECB=y +# CONFIG_CRYPTO_HCTR2 is not set +CONFIG_CRYPTO_KEYWRAP=m +CONFIG_CRYPTO_LRW=m +CONFIG_CRYPTO_OFB=m +CONFIG_CRYPTO_PCBC=m +CONFIG_CRYPTO_XTS=y +CONFIG_CRYPTO_NHPOLY1305=y +# end of Length-preserving ciphers and modes + +# +# AEAD (authenticated encryption with associated data) ciphers +# +CONFIG_CRYPTO_AEGIS128=m +# CONFIG_CRYPTO_AEGIS128_SIMD is not set +CONFIG_CRYPTO_CHACHA20POLY1305=m +CONFIG_CRYPTO_CCM=m +CONFIG_CRYPTO_GCM=y +CONFIG_CRYPTO_GENIV=y +CONFIG_CRYPTO_SEQIV=y +CONFIG_CRYPTO_ECHAINIV=m +CONFIG_CRYPTO_ESSIV=m +# end of AEAD (authenticated encryption with associated data) ciphers + +# +# Hashes, digests, and MACs +# +CONFIG_CRYPTO_BLAKE2B=y +CONFIG_CRYPTO_CMAC=m +CONFIG_CRYPTO_GHASH=y +CONFIG_CRYPTO_HMAC=y +CONFIG_CRYPTO_MD4=m +CONFIG_CRYPTO_MD5=y +CONFIG_CRYPTO_MICHAEL_MIC=m +CONFIG_CRYPTO_POLY1305=y +CONFIG_CRYPTO_RMD160=m +CONFIG_CRYPTO_SHA1=y +CONFIG_CRYPTO_SHA256=y +CONFIG_CRYPTO_SHA512=y +CONFIG_CRYPTO_SHA3=y +CONFIG_CRYPTO_SM3=y +CONFIG_CRYPTO_SM3_GENERIC=m +# CONFIG_CRYPTO_STREEBOG is not set +CONFIG_CRYPTO_VMAC=m +CONFIG_CRYPTO_WP512=m +CONFIG_CRYPTO_XCBC=m +CONFIG_CRYPTO_XXHASH=y +# end of Hashes, digests, and MACs + +# +# CRCs (cyclic redundancy checks) +# +CONFIG_CRYPTO_CRC32C=y +CONFIG_CRYPTO_CRC32=y +CONFIG_CRYPTO_CRCT10DIF=y +CONFIG_CRYPTO_CRC64_ROCKSOFT=y +# end of CRCs (cyclic redundancy checks) + +# +# Compression +# +CONFIG_CRYPTO_DEFLATE=y +CONFIG_CRYPTO_LZO=y +CONFIG_CRYPTO_842=m +CONFIG_CRYPTO_LZ4=m +CONFIG_CRYPTO_LZ4HC=m +CONFIG_CRYPTO_ZSTD=m +# end of Compression + +# +# Random number generation +# +CONFIG_CRYPTO_ANSI_CPRNG=m +CONFIG_CRYPTO_DRBG_MENU=y +CONFIG_CRYPTO_DRBG_HMAC=y +CONFIG_CRYPTO_DRBG_HASH=y +CONFIG_CRYPTO_DRBG_CTR=y +CONFIG_CRYPTO_DRBG=y +CONFIG_CRYPTO_JITTERENTROPY=y +# CONFIG_CRYPTO_JITTERENTROPY_TESTINTERFACE is not set +CONFIG_CRYPTO_KDF800108_CTR=y +# end of Random number generation + +# +# Userspace interface +# +CONFIG_CRYPTO_USER_API=y +CONFIG_CRYPTO_USER_API_HASH=y +CONFIG_CRYPTO_USER_API_SKCIPHER=y +CONFIG_CRYPTO_USER_API_RNG=y +# CONFIG_CRYPTO_USER_API_RNG_CAVP is not set +CONFIG_CRYPTO_USER_API_AEAD=y +CONFIG_CRYPTO_USER_API_ENABLE_OBSOLETE=y +# CONFIG_CRYPTO_STATS is not set +# end of Userspace interface + +CONFIG_CRYPTO_HASH_INFO=y +CONFIG_CRYPTO_NHPOLY1305_NEON=y +CONFIG_CRYPTO_CHACHA20_NEON=y + +# +# Accelerated Cryptographic Algorithms for CPU (arm64) +# +CONFIG_CRYPTO_GHASH_ARM64_CE=y +CONFIG_CRYPTO_POLY1305_NEON=y +CONFIG_CRYPTO_SHA1_ARM64_CE=y +CONFIG_CRYPTO_SHA256_ARM64=y +CONFIG_CRYPTO_SHA2_ARM64_CE=y +CONFIG_CRYPTO_SHA512_ARM64=y +CONFIG_CRYPTO_SHA512_ARM64_CE=y +CONFIG_CRYPTO_SHA3_ARM64=y +# CONFIG_CRYPTO_SM3_NEON is not set +CONFIG_CRYPTO_SM3_ARM64_CE=y +# CONFIG_CRYPTO_POLYVAL_ARM64_CE is not set +CONFIG_CRYPTO_AES_ARM64=y +CONFIG_CRYPTO_AES_ARM64_CE=y +CONFIG_CRYPTO_AES_ARM64_CE_BLK=y +CONFIG_CRYPTO_AES_ARM64_NEON_BLK=y +CONFIG_CRYPTO_AES_ARM64_BS=y +CONFIG_CRYPTO_SM4_ARM64_CE=y +CONFIG_CRYPTO_SM4_ARM64_CE_BLK=y +CONFIG_CRYPTO_SM4_ARM64_NEON_BLK=y +CONFIG_CRYPTO_AES_ARM64_CE_CCM=y +# CONFIG_CRYPTO_SM4_ARM64_CE_CCM is not set +# CONFIG_CRYPTO_SM4_ARM64_CE_GCM is not set +CONFIG_CRYPTO_CRCT10DIF_ARM64_CE=y +# end of Accelerated Cryptographic Algorithms for CPU (arm64) + +CONFIG_CRYPTO_HW=y +# CONFIG_CRYPTO_DEV_ATMEL_ECC is not set +# CONFIG_CRYPTO_DEV_ATMEL_SHA204A is not set +# CONFIG_CRYPTO_DEV_CCP is not set +# CONFIG_CRYPTO_DEV_NITROX_CNN55XX is not set +# CONFIG_CRYPTO_DEV_QAT_DH895xCC is not set +# CONFIG_CRYPTO_DEV_QAT_C3XXX is not set +# CONFIG_CRYPTO_DEV_QAT_C62X is not set +# CONFIG_CRYPTO_DEV_QAT_4XXX is not set +# CONFIG_CRYPTO_DEV_QAT_DH895xCCVF is not set +# CONFIG_CRYPTO_DEV_QAT_C3XXXVF is not set +# CONFIG_CRYPTO_DEV_QAT_C62XVF is not set +# CONFIG_CRYPTO_DEV_CAVIUM_ZIP is not set +CONFIG_CRYPTO_DEV_VIRTIO=m +# CONFIG_CRYPTO_DEV_SAFEXCEL is not set +# CONFIG_CRYPTO_DEV_CCREE is not set +# CONFIG_CRYPTO_DEV_HISI_SEC is not set +# CONFIG_CRYPTO_DEV_AMLOGIC_GXL is not set +CONFIG_ASYMMETRIC_KEY_TYPE=y +CONFIG_ASYMMETRIC_PUBLIC_KEY_SUBTYPE=y +CONFIG_X509_CERTIFICATE_PARSER=y +CONFIG_PKCS8_PRIVATE_KEY_PARSER=y +CONFIG_PKCS7_MESSAGE_PARSER=y +# CONFIG_PKCS7_TEST_KEY is not set +# CONFIG_SIGNED_PE_FILE_VERIFICATION is not set +# CONFIG_FIPS_SIGNATURE_SELFTEST is not set + +# +# Certificates for signature checking +# +CONFIG_SYSTEM_TRUSTED_KEYRING=y +CONFIG_SYSTEM_TRUSTED_KEYS="" +# CONFIG_SYSTEM_EXTRA_CERTIFICATE is not set +# CONFIG_SECONDARY_TRUSTED_KEYRING is not set +# CONFIG_SYSTEM_BLACKLIST_KEYRING is not set +# end of Certificates for signature checking + +CONFIG_BINARY_PRINTF=y + +# +# Library routines +# +CONFIG_RAID6_PQ=m +CONFIG_RAID6_PQ_BENCHMARK=y +CONFIG_LINEAR_RANGES=y +# CONFIG_PACKING is not set +CONFIG_BITREVERSE=y +CONFIG_HAVE_ARCH_BITREVERSE=y +CONFIG_GENERIC_STRNCPY_FROM_USER=y +CONFIG_GENERIC_STRNLEN_USER=y +CONFIG_GENERIC_NET_UTILS=y +CONFIG_CORDIC=m +# CONFIG_PRIME_NUMBERS is not set +CONFIG_RATIONAL=y +CONFIG_GENERIC_PCI_IOMAP=y +CONFIG_ARCH_USE_CMPXCHG_LOCKREF=y +CONFIG_ARCH_HAS_FAST_MULTIPLIER=y +CONFIG_ARCH_USE_SYM_ANNOTATIONS=y +# CONFIG_INDIRECT_PIO is not set + +# +# Crypto library routines +# +CONFIG_CRYPTO_LIB_UTILS=y +CONFIG_CRYPTO_LIB_AES=y +CONFIG_CRYPTO_LIB_ARC4=m +CONFIG_CRYPTO_LIB_GF128MUL=y +CONFIG_CRYPTO_LIB_BLAKE2S_GENERIC=y +CONFIG_CRYPTO_ARCH_HAVE_LIB_CHACHA=y +CONFIG_CRYPTO_LIB_CHACHA_GENERIC=y +CONFIG_CRYPTO_LIB_CHACHA=m +CONFIG_CRYPTO_LIB_CURVE25519_GENERIC=m +CONFIG_CRYPTO_LIB_CURVE25519=m +CONFIG_CRYPTO_LIB_DES=m +CONFIG_CRYPTO_LIB_POLY1305_RSIZE=9 +CONFIG_CRYPTO_ARCH_HAVE_LIB_POLY1305=y +CONFIG_CRYPTO_LIB_POLY1305_GENERIC=y +CONFIG_CRYPTO_LIB_POLY1305=m +CONFIG_CRYPTO_LIB_CHACHA20POLY1305=m +CONFIG_CRYPTO_LIB_SHA1=y +CONFIG_CRYPTO_LIB_SHA256=y +# end of Crypto library routines + +CONFIG_CRC_CCITT=y +CONFIG_CRC16=y +CONFIG_CRC_T10DIF=y +CONFIG_CRC64_ROCKSOFT=y +CONFIG_CRC_ITU_T=y +CONFIG_CRC32=y +# CONFIG_CRC32_SELFTEST is not set +CONFIG_CRC32_SLICEBY8=y +# CONFIG_CRC32_SLICEBY4 is not set +# CONFIG_CRC32_SARWATE is not set +# CONFIG_CRC32_BIT is not set +CONFIG_CRC64=y +# CONFIG_CRC4 is not set +CONFIG_CRC7=y +CONFIG_LIBCRC32C=y +CONFIG_CRC8=y +CONFIG_XXHASH=y +CONFIG_AUDIT_GENERIC=y +CONFIG_AUDIT_ARCH_COMPAT_GENERIC=y +# CONFIG_RANDOM32_SELFTEST is not set +CONFIG_842_COMPRESS=m +CONFIG_842_DECOMPRESS=m +CONFIG_ZLIB_INFLATE=y +CONFIG_ZLIB_DEFLATE=y +CONFIG_LZO_COMPRESS=y +CONFIG_LZO_DECOMPRESS=y +CONFIG_LZ4_COMPRESS=m +CONFIG_LZ4HC_COMPRESS=m +CONFIG_LZ4_DECOMPRESS=y +CONFIG_ZSTD_COMMON=y +CONFIG_ZSTD_COMPRESS=y +CONFIG_ZSTD_DECOMPRESS=y +CONFIG_XZ_DEC=y +# CONFIG_XZ_DEC_X86 is not set +# CONFIG_XZ_DEC_POWERPC is not set +# CONFIG_XZ_DEC_IA64 is not set +CONFIG_XZ_DEC_ARM=y +CONFIG_XZ_DEC_ARMTHUMB=y +# CONFIG_XZ_DEC_SPARC is not set +# CONFIG_XZ_DEC_MICROLZMA is not set +CONFIG_XZ_DEC_BCJ=y +# CONFIG_XZ_DEC_TEST is not set +CONFIG_DECOMPRESS_GZIP=y +CONFIG_DECOMPRESS_BZIP2=y +CONFIG_DECOMPRESS_LZMA=y +CONFIG_DECOMPRESS_XZ=y +CONFIG_DECOMPRESS_LZO=y +CONFIG_DECOMPRESS_LZ4=y +CONFIG_DECOMPRESS_ZSTD=y +CONFIG_GENERIC_ALLOCATOR=y +CONFIG_REED_SOLOMON=m +CONFIG_REED_SOLOMON_ENC8=y +CONFIG_REED_SOLOMON_DEC8=y +CONFIG_TEXTSEARCH=y +CONFIG_TEXTSEARCH_KMP=m +CONFIG_TEXTSEARCH_BM=m +CONFIG_TEXTSEARCH_FSM=m +CONFIG_INTERVAL_TREE=y +CONFIG_XARRAY_MULTI=y +CONFIG_ASSOCIATIVE_ARRAY=y +CONFIG_HAS_IOMEM=y +CONFIG_HAS_IOPORT=y +CONFIG_HAS_IOPORT_MAP=y +CONFIG_HAS_DMA=y +CONFIG_DMA_OPS=y +CONFIG_NEED_SG_DMA_FLAGS=y +CONFIG_NEED_SG_DMA_LENGTH=y +CONFIG_NEED_DMA_MAP_STATE=y +CONFIG_ARCH_DMA_ADDR_T_64BIT=y +CONFIG_DMA_DECLARE_COHERENT=y +CONFIG_ARCH_HAS_SETUP_DMA_OPS=y +CONFIG_ARCH_HAS_TEARDOWN_DMA_OPS=y +CONFIG_ARCH_HAS_SYNC_DMA_FOR_DEVICE=y +CONFIG_ARCH_HAS_SYNC_DMA_FOR_CPU=y +CONFIG_ARCH_HAS_DMA_PREP_COHERENT=y +CONFIG_SWIOTLB=y +CONFIG_DMA_BOUNCE_UNALIGNED_KMALLOC=y +# CONFIG_DMA_RESTRICTED_POOL is not set +CONFIG_DMA_NONCOHERENT_MMAP=y +CONFIG_DMA_COHERENT_POOL=y +CONFIG_DMA_DIRECT_REMAP=y +CONFIG_DMA_CMA=y +# CONFIG_DMA_PERNUMA_CMA is not set + +# +# Default contiguous memory area size: +# +CONFIG_CMA_SIZE_MBYTES=64 +CONFIG_CMA_SIZE_SEL_MBYTES=y +# CONFIG_CMA_SIZE_SEL_PERCENTAGE is not set +# CONFIG_CMA_SIZE_SEL_MIN is not set +# CONFIG_CMA_SIZE_SEL_MAX is not set +CONFIG_CMA_ALIGNMENT=8 +# CONFIG_DMA_API_DEBUG is not set +# CONFIG_DMA_MAP_BENCHMARK is not set +CONFIG_SGL_ALLOC=y +# CONFIG_FORCE_NR_CPUS is not set +CONFIG_CPU_RMAP=y +CONFIG_DQL=y +CONFIG_NLATTR=y +CONFIG_LRU_CACHE=m +CONFIG_CLZ_TAB=y +CONFIG_IRQ_POLL=y +CONFIG_MPILIB=y +CONFIG_LIBFDT=y +CONFIG_OID_REGISTRY=y +CONFIG_UCS2_STRING=y +CONFIG_HAVE_GENERIC_VDSO=y +CONFIG_GENERIC_GETTIMEOFDAY=y +CONFIG_GENERIC_VDSO_TIME_NS=y +CONFIG_FONT_SUPPORT=y +CONFIG_FONTS=y +# CONFIG_FONT_8x8 is not set +CONFIG_FONT_8x16=y +# CONFIG_FONT_6x11 is not set +# CONFIG_FONT_7x14 is not set +# CONFIG_FONT_PEARL_8x8 is not set +# CONFIG_FONT_ACORN_8x8 is not set +# CONFIG_FONT_MINI_4x6 is not set +# CONFIG_FONT_6x10 is not set +# CONFIG_FONT_10x18 is not set +# CONFIG_FONT_SUN8x16 is not set +# CONFIG_FONT_SUN12x22 is not set +CONFIG_FONT_TER16x32=y +# CONFIG_FONT_6x8 is not set +CONFIG_SG_POOL=y +CONFIG_ARCH_STACKWALK=y +CONFIG_SBITMAP=y +# end of Library routines + +CONFIG_GENERIC_IOREMAP=y +CONFIG_GENERIC_LIB_DEVMEM_IS_ALLOWED=y + +# +# Kernel hacking +# + +# +# printk and dmesg options +# +CONFIG_PRINTK_TIME=y +# CONFIG_PRINTK_CALLER is not set +# CONFIG_STACKTRACE_BUILD_ID is not set +CONFIG_CONSOLE_LOGLEVEL_DEFAULT=7 +CONFIG_CONSOLE_LOGLEVEL_QUIET=4 +CONFIG_MESSAGE_LOGLEVEL_DEFAULT=4 +CONFIG_BOOT_PRINTK_DELAY=y +CONFIG_DYNAMIC_DEBUG=y +CONFIG_DYNAMIC_DEBUG_CORE=y +CONFIG_SYMBOLIC_ERRNAME=y +CONFIG_DEBUG_BUGVERBOSE=y +# end of printk and dmesg options + +CONFIG_DEBUG_KERNEL=y +CONFIG_DEBUG_MISC=y + +# +# Compile-time checks and compiler options +# +CONFIG_AS_HAS_NON_CONST_LEB128=y +CONFIG_DEBUG_INFO_NONE=y +# CONFIG_DEBUG_INFO_DWARF_TOOLCHAIN_DEFAULT is not set +# CONFIG_DEBUG_INFO_DWARF4 is not set +# CONFIG_DEBUG_INFO_DWARF5 is not set +CONFIG_FRAME_WARN=2048 +CONFIG_STRIP_ASM_SYMS=y +# CONFIG_READABLE_ASM is not set +# CONFIG_HEADERS_INSTALL is not set +CONFIG_DEBUG_SECTION_MISMATCH=y +CONFIG_SECTION_MISMATCH_WARN_ONLY=y +# CONFIG_DEBUG_FORCE_FUNCTION_ALIGN_64B is not set +CONFIG_ARCH_WANT_FRAME_POINTERS=y +CONFIG_FRAME_POINTER=y +# CONFIG_VMLINUX_MAP is not set +# CONFIG_DEBUG_FORCE_WEAK_PER_CPU is not set +# end of Compile-time checks and compiler options + +# +# Generic Kernel Debugging Instruments +# +CONFIG_MAGIC_SYSRQ=y +CONFIG_MAGIC_SYSRQ_DEFAULT_ENABLE=0x0 +CONFIG_MAGIC_SYSRQ_SERIAL=y +CONFIG_MAGIC_SYSRQ_SERIAL_SEQUENCE="" +CONFIG_DEBUG_FS=y +CONFIG_DEBUG_FS_ALLOW_ALL=y +# CONFIG_DEBUG_FS_DISALLOW_MOUNT is not set +# CONFIG_DEBUG_FS_ALLOW_NONE is not set +CONFIG_HAVE_ARCH_KGDB=y +# CONFIG_KGDB is not set +CONFIG_ARCH_HAS_UBSAN_SANITIZE_ALL=y +# CONFIG_UBSAN is not set +CONFIG_HAVE_ARCH_KCSAN=y +CONFIG_HAVE_KCSAN_COMPILER=y +# CONFIG_KCSAN is not set +# end of Generic Kernel Debugging Instruments + +# +# Networking Debugging +# +# CONFIG_NET_DEV_REFCNT_TRACKER is not set +# CONFIG_NET_NS_REFCNT_TRACKER is not set +# CONFIG_DEBUG_NET is not set +# end of Networking Debugging + +# +# Memory Debugging +# +# CONFIG_PAGE_EXTENSION is not set +# CONFIG_DEBUG_PAGEALLOC is not set +# CONFIG_SLUB_DEBUG is not set +# CONFIG_PAGE_OWNER is not set +# CONFIG_PAGE_TABLE_CHECK is not set +# CONFIG_PAGE_POISONING is not set +# CONFIG_DEBUG_RODATA_TEST is not set +CONFIG_ARCH_HAS_DEBUG_WX=y +CONFIG_DEBUG_WX=y +CONFIG_GENERIC_PTDUMP=y +CONFIG_PTDUMP_CORE=y +# CONFIG_PTDUMP_DEBUGFS is not set +CONFIG_HAVE_DEBUG_KMEMLEAK=y +# CONFIG_DEBUG_KMEMLEAK is not set +# CONFIG_PER_VMA_LOCK_STATS is not set +# CONFIG_DEBUG_OBJECTS is not set +# CONFIG_SHRINKER_DEBUG is not set +# CONFIG_DEBUG_STACK_USAGE is not set +# CONFIG_SCHED_STACK_END_CHECK is not set +CONFIG_ARCH_HAS_DEBUG_VM_PGTABLE=y +# CONFIG_DEBUG_VM is not set +# CONFIG_DEBUG_VM_PGTABLE is not set +CONFIG_ARCH_HAS_DEBUG_VIRTUAL=y +# CONFIG_DEBUG_VIRTUAL is not set +# CONFIG_DEBUG_MEMORY_INIT is not set +# CONFIG_DEBUG_PER_CPU_MAPS is not set +CONFIG_CC_HAS_KASAN_GENERIC=y +CONFIG_CC_HAS_KASAN_SW_TAGS=y +CONFIG_CC_HAS_WORKING_NOSANITIZE_ADDRESS=y +CONFIG_HAVE_ARCH_KFENCE=y +# CONFIG_KFENCE is not set +# end of Memory Debugging + +# CONFIG_DEBUG_SHIRQ is not set + +# +# Debug Oops, Lockups and Hangs +# +# CONFIG_PANIC_ON_OOPS is not set +CONFIG_PANIC_ON_OOPS_VALUE=0 +CONFIG_PANIC_TIMEOUT=0 +CONFIG_LOCKUP_DETECTOR=y +CONFIG_SOFTLOCKUP_DETECTOR=y +# CONFIG_BOOTPARAM_SOFTLOCKUP_PANIC is not set +CONFIG_HAVE_HARDLOCKUP_DETECTOR_BUDDY=y +# CONFIG_HARDLOCKUP_DETECTOR is not set +CONFIG_DETECT_HUNG_TASK=y +CONFIG_DEFAULT_HUNG_TASK_TIMEOUT=120 +# CONFIG_BOOTPARAM_HUNG_TASK_PANIC is not set +# CONFIG_WQ_WATCHDOG is not set +# CONFIG_WQ_CPU_INTENSIVE_REPORT is not set +# CONFIG_TEST_LOCKUP is not set +# end of Debug Oops, Lockups and Hangs + +# +# Scheduler Debugging +# +CONFIG_SCHED_DEBUG=y +CONFIG_SCHED_INFO=y +CONFIG_SCHEDSTATS=y +# end of Scheduler Debugging + +# CONFIG_DEBUG_TIMEKEEPING is not set +CONFIG_DEBUG_PREEMPT=y + +# +# Lock Debugging (spinlocks, mutexes, etc...) +# +CONFIG_LOCK_DEBUGGING_SUPPORT=y +# CONFIG_PROVE_LOCKING is not set +# CONFIG_LOCK_STAT is not set +# CONFIG_DEBUG_RT_MUTEXES is not set +# CONFIG_DEBUG_SPINLOCK is not set +# CONFIG_DEBUG_MUTEXES is not set +# CONFIG_DEBUG_WW_MUTEX_SLOWPATH is not set +# CONFIG_DEBUG_RWSEMS is not set +# CONFIG_DEBUG_LOCK_ALLOC is not set +# CONFIG_DEBUG_ATOMIC_SLEEP is not set +# CONFIG_DEBUG_LOCKING_API_SELFTESTS is not set +# CONFIG_LOCK_TORTURE_TEST is not set +# CONFIG_WW_MUTEX_SELFTEST is not set +# CONFIG_SCF_TORTURE_TEST is not set +# CONFIG_CSD_LOCK_WAIT_DEBUG is not set +# end of Lock Debugging (spinlocks, mutexes, etc...) + +# CONFIG_DEBUG_IRQFLAGS is not set +CONFIG_STACKTRACE=y +# CONFIG_WARN_ALL_UNSEEDED_RANDOM is not set +# CONFIG_DEBUG_KOBJECT is not set + +# +# Debug kernel data structures +# +# CONFIG_DEBUG_LIST is not set +# CONFIG_DEBUG_PLIST is not set +# CONFIG_DEBUG_SG is not set +# CONFIG_DEBUG_NOTIFIERS is not set +# CONFIG_BUG_ON_DATA_CORRUPTION is not set +# CONFIG_DEBUG_MAPLE_TREE is not set +# end of Debug kernel data structures + +# CONFIG_DEBUG_CREDENTIALS is not set + +# +# RCU Debugging +# +CONFIG_TORTURE_TEST=m +# CONFIG_RCU_SCALE_TEST is not set +CONFIG_RCU_TORTURE_TEST=m +# CONFIG_RCU_REF_SCALE_TEST is not set +CONFIG_RCU_CPU_STALL_TIMEOUT=60 +CONFIG_RCU_EXP_CPU_STALL_TIMEOUT=0 +# CONFIG_RCU_CPU_STALL_CPUTIME is not set +# CONFIG_RCU_TRACE is not set +# CONFIG_RCU_EQS_DEBUG is not set +# end of RCU Debugging + +# CONFIG_DEBUG_WQ_FORCE_RR_CPU is not set +# CONFIG_CPU_HOTPLUG_STATE_CONTROL is not set +# CONFIG_LATENCYTOP is not set +# CONFIG_DEBUG_CGROUP_REF is not set +CONFIG_HAVE_FUNCTION_TRACER=y +CONFIG_HAVE_FUNCTION_GRAPH_TRACER=y +CONFIG_HAVE_FUNCTION_GRAPH_RETVAL=y +CONFIG_HAVE_DYNAMIC_FTRACE=y +CONFIG_HAVE_DYNAMIC_FTRACE_WITH_ARGS=y +CONFIG_HAVE_FTRACE_MCOUNT_RECORD=y +CONFIG_HAVE_SYSCALL_TRACEPOINTS=y +CONFIG_HAVE_C_RECORDMCOUNT=y +CONFIG_TRACING_SUPPORT=y +# CONFIG_FTRACE is not set +# CONFIG_SAMPLES is not set +CONFIG_HAVE_SAMPLE_FTRACE_DIRECT=y +CONFIG_HAVE_SAMPLE_FTRACE_DIRECT_MULTI=y +CONFIG_STRICT_DEVMEM=y +# CONFIG_IO_STRICT_DEVMEM is not set + +# +# arm64 Debugging +# +# CONFIG_PID_IN_CONTEXTIDR is not set +# CONFIG_ARM64_RELOC_TEST is not set +# CONFIG_CORESIGHT is not set +# end of arm64 Debugging + +# +# Kernel Testing and Coverage +# +# CONFIG_KUNIT is not set +# CONFIG_NOTIFIER_ERROR_INJECTION is not set +CONFIG_FUNCTION_ERROR_INJECTION=y +# CONFIG_FAULT_INJECTION is not set +CONFIG_ARCH_HAS_KCOV=y +CONFIG_CC_HAS_SANCOV_TRACE_PC=y +# CONFIG_KCOV is not set +# CONFIG_RUNTIME_TESTING_MENU is not set +CONFIG_ARCH_USE_MEMTEST=y +# CONFIG_MEMTEST is not set +# end of Kernel Testing and Coverage + +# +# Rust hacking +# +# end of Rust hacking +# end of Kernel hacking + +# NixOS-specific config options +# needed by systemd +CONFIG_AUTOFS4_FS=y +# needed for systemd initrd and TPM features +CONFIG_ACPI=y +CONFIG_TCG_TPM=y +CONFIG_TCG_TIS=m +CONFIG_TCG_CRB=m + +# for better efficiency with sound +CONFIG_UCLAMP_TASK=y +CONFIG_UCLAMP_TASK_GROUP=y +CONFIG_UCLAMP_BUCKETS_COUNT=5 + +# Fedora Asahi Remix-specific options +# generated with something like +# git diff --name-only fedora-6.6 fedora-asahi-6.6 redhat/configs/ | xargs cat >> config +# in a checkout of https://gitlab.com/fedora-asahi/kernel-asahi/-/tree/fedora-asahi-6.6 + +CONFIG_SUSPEND=y +# CONFIG_APPLE_PLATFORMS is not set +# CONFIG_DRM_SIMPLEDRM_BACKLIGHT is not set +CONFIG_RUST=y +# CONFIG_RUST_BUILD_ASSERT_ALLOW is not set +# CONFIG_RUST_DEBUG_ASSERTIONS is not set +# CONFIG_RUST_EXTRA_LOCKDEP is not set +CONFIG_RUST_OVERFLOW_CHECKS=y +# CONFIG_SPI_HID_APPLE_OF is not set +# CONFIG_USB_XHCI_PCI_ASMEDIA is not set +# CONFIG_APPLE_MAILBOX is not set +# CONFIG_APPLE_PMGR_MISC is not set +CONFIG_ARM64_MEMORY_MODEL_CONTROL=y +# CONFIG_ARM_APPLE_CPUIDLE is not set +# CONFIG_SND_SOC_CS42L84 is not set +CONFIG_DRM_GEM_SHMEM_HELPER=y +CONFIG_USB_XHCI_PCI_ASMEDIA=y +CONFIG_SND_SOC_CS42L84=m +CONFIG_TOUCHSCREEN_APPLE_Z2=m +CONFIG_APPLE_DOCKCHANNEL=m +CONFIG_APPLE_MBOX=y +CONFIG_APPLE_PLATFORMS=y +CONFIG_APPLE_PMGR_MISC=y +CONFIG_APPLE_RTKIT=y +CONFIG_APPLE_RTKIT_HELPER=m +CONFIG_APPLE_SMC=m +CONFIG_APPLE_SMC_RTKIT=m +CONFIG_ARM_APPLE_CPUIDLE=y +CONFIG_CHARGER_MACSMC=m +CONFIG_DRM_ADP=m +CONFIG_DRM_APPLE=m +CONFIG_DRM_ASAHI=m +# CONFIG_DRM_ASAHI_DEBUG_ALLOCATOR is not set +CONFIG_GPIO_MACSMC=m +CONFIG_HID_DOCKCHANNEL=m +CONFIG_INPUT_MACSMC_HID=m +CONFIG_MFD_APPLE_SPMI_PMU=m +CONFIG_MUX_APPLE_DPXBAR=m +CONFIG_NVMEM_SPMI_MFD=m +CONFIG_PHY_APPLE_ATC=m +CONFIG_PHY_APPLE_DPTX=m +CONFIG_POWER_RESET_MACSMC=m +CONFIG_RTC_DRV_MACSMC=m +CONFIG_SND_SOC_APPLE_MACAUDIO=m +CONFIG_SND_SOC_APPLE_SILICON=m +CONFIG_SPI_APPLE=m +CONFIG_SPI_HID_APPLE_OF=m +CONFIG_SPMI_APPLE=m +CONFIG_VIDEO_APPLE_ISP=m +CONFIG_SND_SOC_CS42L84=m diff --git a/modules/nixos-apple-silicon/apple-silicon-support/packages/linux-asahi/default.nix b/modules/nixos-apple-silicon/apple-silicon-support/packages/linux-asahi/default.nix new file mode 100644 index 000000000000..bb9a05466655 --- /dev/null +++ b/modules/nixos-apple-silicon/apple-silicon-support/packages/linux-asahi/default.nix @@ -0,0 +1,154 @@ +{ lib +, pkgs +, callPackage +, writeShellScriptBin +, writeText +, removeReferencesTo +, linuxPackagesFor +, withRust ? false +, _kernelPatches ? [ ] +}: + +let + i = builtins.elemAt; + + # parse <OPT> [ymn]|foo style configuration as found in a patch's extraConfig + # into a list of k, v tuples + parseExtraConfig = config: + let + lines = + builtins.filter (s: s != "") (lib.strings.splitString "\n" config); + parseLine = line: let + t = lib.strings.splitString " " line; + join = l: builtins.foldl' (a: b: "${a} ${b}") + (builtins.head l) (builtins.tail l); + v = if (builtins.length t) > 2 then join (builtins.tail t) else (i t 1); + in [ "CONFIG_${i t 0}" v ]; + in map parseLine lines; + + # parse <OPT>=lib.kernel.(yes|module|no)|lib.kernel.freeform "foo" + # style configuration as found in a patch's extraStructuredConfig into + # a list of k, v tuples + parseExtraStructuredConfig = config: lib.attrsets.mapAttrsToList + (k: v: [ "CONFIG_${k}" (v.tristate or v.freeform) ] ) config; + + parsePatchConfig = { extraConfig ? "", extraStructuredConfig ? {}, ... }: + (parseExtraConfig extraConfig) ++ + (parseExtraStructuredConfig extraStructuredConfig); + + # parse CONFIG_<OPT>=[ymn]|"foo" style configuration as found in a config file + # into a list of k, v tuples + parseConfig = config: + let + parseLine = builtins.match ''(CONFIG_[[:upper:][:digit:]_]+)=(([ymn])|"([^"]*)")''; + # get either the [ymn] option or the "foo" option; whichever matched + t = l: let v = (i l 2); in [ (i l 0) (if v != null then v else (i l 3)) ]; + lines = lib.strings.splitString "\n" config; + in map t (builtins.filter (l: l != null) (map parseLine lines)); + + origConfigfile = ./config; + + linux-asahi-pkg = { stdenv, lib, fetchFromGitHub, fetchpatch, linuxKernel, + rustPlatform, rustc, rustfmt, rust-bindgen, ... } @ args: + let + origConfigText = builtins.readFile origConfigfile; + + # extraConfig from all patches in order + extraConfig = + lib.fold (patch: ex: ex ++ (parsePatchConfig patch)) [] _kernelPatches; + # config file text for above + extraConfigText = let + text = k: v: if (v == "y") || (v == "m") || (v == "n") + then "${k}=${v}" else ''${k}="${v}"''; + in (map (t: text (i t 0) (i t 1)) extraConfig); + + # final config as a text file path + configfile = if extraConfig == [] then origConfigfile else + writeText "config" '' + ${origConfigText} + + # Patches + ${lib.strings.concatStringsSep "\n" extraConfigText} + ''; + # final config as an attrset + configAttrs = let + makePair = t: lib.nameValuePair (i t 0) (i t 1); + configList = (parseConfig origConfigText) ++ extraConfig; + in builtins.listToAttrs (map makePair (lib.lists.reverseList configList)); + + # used to (ostensibly) keep compatibility for those running stable versions of nixos + rustOlder = version: withRust && (lib.versionOlder rustc.version version); + bindgenOlder = version: withRust && (lib.versionOlder rust-bindgen.unwrapped.version version); + + # used to fix issues when nixpkgs gets ahead of the kernel + rustAtLeast = version: withRust && (lib.versionAtLeast rustc.version version); + bindgenAtLeast = version: withRust && (lib.versionAtLeast rust-bindgen.unwrapped.version version); + in + (linuxKernel.manualConfig rec { + inherit stdenv lib; + + version = "6.6.0-asahi"; + modDirVersion = version; + extraMeta.branch = "6.6"; + + src = fetchFromGitHub { + # tracking: https://github.com/AsahiLinux/linux/tree/asahi-wip (w/ fedora verification) + owner = "AsahiLinux"; + repo = "linux"; + rev = "asahi-6.6-15"; + hash = "sha256-Jm7wTKWuwd/6ZN0g5F4CNNETiOyGQL31hfSyTDYH85k="; + }; + + kernelPatches = [ + { name = "coreutils-fix"; + patch = ./0001-fs-fcntl-accept-more-values-as-F_DUPFD_CLOEXEC-args.patch; + } + # speaker enablement; we assert on the relevant lsp-plugins patch + # before installing speakersafetyd to let the speakers work + { name = "speakers-1"; + patch = fetchpatch { + url = "https://github.com/AsahiLinux/linux/commit/385ea7b5023486aba7919cec8b6b3f6a843a1013.patch"; + hash = "sha256-u7IzhJbUgBPfhJXAcpHw1I6OPzPHc1UKYjH91Ep3QHQ="; + }; + } + { name = "speakers-2"; + patch = fetchpatch { + url = "https://github.com/AsahiLinux/linux/commit/6a24102c06c95951ab992e2d41336cc6d4bfdf23.patch"; + hash = "sha256-wn5x2hN42/kCp/XHBvLWeNLfwlOBB+T6UeeMt2tSg3o="; + }; + } + ] ++ lib.optionals (rustAtLeast "1.75.0") [ + { name = "rustc-1.75.0"; + patch = ./0001-check-in-new-alloc-for-1.75.0.patch; + } + ] ++ lib.optionals (rustAtLeast "1.76.0") [ + { name = "rustc-1.76.0"; + patch = ./rust_1_76_0.patch; + } + ] ++ _kernelPatches; + + inherit configfile; + # hide Rust support from the nixpkgs infra to avoid it re-adding the rust packages. + # we can't use it until it's in stable and until we've evaluated the cross-compilation impact. + config = configAttrs // { "CONFIG_RUST" = "n"; }; + } // (args.argsOverride or {})).overrideAttrs (old: if withRust then { + nativeBuildInputs = (old.nativeBuildInputs or []) ++ [ + rust-bindgen + rustfmt + rustc + removeReferencesTo + ]; + # HACK: references shouldn't have been there in the first place + # TODO: remove once 23.05 is obsolete + postFixup = (old.postFixup or "") + '' + if [ -f $dev/lib/modules/${old.version}/build/vmlinux ]; then + remove-references-to -t $out $dev/lib/modules/${old.version}/build/vmlinux + fi + remove-references-to -t $dev $out/Image + ''; + RUST_LIB_SRC = rustPlatform.rustLibSrc; + } else {}); + + linux-asahi = (callPackage linux-asahi-pkg { }); +in lib.recurseIntoAttrs (linuxPackagesFor linux-asahi) + diff --git a/modules/nixos-apple-silicon/apple-silicon-support/packages/linux-asahi/rust_1_76_0.patch b/modules/nixos-apple-silicon/apple-silicon-support/packages/linux-asahi/rust_1_76_0.patch new file mode 100644 index 000000000000..0ede15025298 --- /dev/null +++ b/modules/nixos-apple-silicon/apple-silicon-support/packages/linux-asahi/rust_1_76_0.patch @@ -0,0 +1,426 @@ +diff --git a/rust/alloc/alloc.rs b/rust/alloc/alloc.rs +index 08eafb3de807..7cf4edb8b786 100644 +--- a/rust/alloc/alloc.rs ++++ b/rust/alloc/alloc.rs +@@ -426,12 +426,14 @@ pub unsafe fn __rdl_oom(size: usize, _align: usize) -> ! { + } + } + ++#[cfg(not(no_global_oom_handling))] + /// Specialize clones into pre-allocated, uninitialized memory. + /// Used by `Box::clone` and `Rc`/`Arc::make_mut`. + pub(crate) trait WriteCloneIntoRaw: Sized { + unsafe fn write_clone_into_raw(&self, target: *mut Self); + } + ++#[cfg(not(no_global_oom_handling))] + impl<T: Clone> WriteCloneIntoRaw for T { + #[inline] + default unsafe fn write_clone_into_raw(&self, target: *mut Self) { +@@ -441,6 +443,7 @@ impl<T: Clone> WriteCloneIntoRaw for T { + } + } + ++#[cfg(not(no_global_oom_handling))] + impl<T: Copy> WriteCloneIntoRaw for T { + #[inline] + unsafe fn write_clone_into_raw(&self, target: *mut Self) { +diff --git a/rust/alloc/boxed.rs b/rust/alloc/boxed.rs +index ed7e2f666178..359b8bcdb7a2 100644 +--- a/rust/alloc/boxed.rs ++++ b/rust/alloc/boxed.rs +@@ -1030,10 +1030,18 @@ impl<T: ?Sized, A: Allocator> Box<T, A> { + /// use std::ptr; + /// + /// let x = Box::new(String::from("Hello")); +- /// let p = Box::into_raw(x); ++ /// let ptr = Box::into_raw(x); ++ /// unsafe { ++ /// ptr::drop_in_place(ptr); ++ /// dealloc(ptr as *mut u8, Layout::new::<String>()); ++ /// } ++ /// ``` ++ /// Note: This is equivalent to the following: ++ /// ``` ++ /// let x = Box::new(String::from("Hello")); ++ /// let ptr = Box::into_raw(x); + /// unsafe { +- /// ptr::drop_in_place(p); +- /// dealloc(p as *mut u8, Layout::new::<String>()); ++ /// drop(Box::from_raw(ptr)); + /// } + /// ``` + /// +diff --git a/rust/alloc/collections/mod.rs b/rust/alloc/collections/mod.rs +index 2506065d158a..00ffb3b97365 100644 +--- a/rust/alloc/collections/mod.rs ++++ b/rust/alloc/collections/mod.rs +@@ -150,6 +150,7 @@ fn fmt( + + /// An intermediate trait for specialization of `Extend`. + #[doc(hidden)] ++#[cfg(not(no_global_oom_handling))] + trait SpecExtend<I: IntoIterator> { + /// Extends `self` with the contents of the given iterator. + fn spec_extend(&mut self, iter: I); +diff --git a/rust/alloc/lib.rs b/rust/alloc/lib.rs +index 65b7a02d0956..6cddaf298118 100644 +--- a/rust/alloc/lib.rs ++++ b/rust/alloc/lib.rs +@@ -157,6 +157,7 @@ + #![feature(std_internals)] + #![feature(str_internals)] + #![feature(strict_provenance)] ++#![feature(trusted_fused)] + #![feature(trusted_len)] + #![feature(trusted_random_access)] + #![feature(try_trait_v2)] +@@ -276,7 +277,7 @@ pub(crate) mod test_helpers { + /// seed not being the same for every RNG invocation too. + pub(crate) fn test_rng() -> rand_xorshift::XorShiftRng { + use std::hash::{BuildHasher, Hash, Hasher}; +- let mut hasher = std::collections::hash_map::RandomState::new().build_hasher(); ++ let mut hasher = std::hash::RandomState::new().build_hasher(); + std::panic::Location::caller().hash(&mut hasher); + let hc64 = hasher.finish(); + let seed_vec = +diff --git a/rust/alloc/raw_vec.rs b/rust/alloc/raw_vec.rs +index 65d5ce15828e..3fb1ee104cff 100644 +--- a/rust/alloc/raw_vec.rs ++++ b/rust/alloc/raw_vec.rs +@@ -27,6 +27,16 @@ enum AllocInit { + Zeroed, + } + ++#[repr(transparent)] ++#[cfg_attr(target_pointer_width = "16", rustc_layout_scalar_valid_range_end(0x7fff))] ++#[cfg_attr(target_pointer_width = "32", rustc_layout_scalar_valid_range_end(0x7fff_ffff))] ++#[cfg_attr(target_pointer_width = "64", rustc_layout_scalar_valid_range_end(0x7fff_ffff_ffff_ffff))] ++struct Cap(usize); ++ ++impl Cap { ++ const ZERO: Cap = unsafe { Cap(0) }; ++} ++ + /// A low-level utility for more ergonomically allocating, reallocating, and deallocating + /// a buffer of memory on the heap without having to worry about all the corner cases + /// involved. This type is excellent for building your own data structures like Vec and VecDeque. +@@ -52,7 +62,12 @@ enum AllocInit { + #[allow(missing_debug_implementations)] + pub(crate) struct RawVec<T, A: Allocator = Global> { + ptr: Unique<T>, +- cap: usize, ++ /// Never used for ZSTs; it's `capacity()`'s responsibility to return usize::MAX in that case. ++ /// ++ /// # Safety ++ /// ++ /// `cap` must be in the `0..=isize::MAX` range. ++ cap: Cap, + alloc: A, + } + +@@ -121,7 +136,7 @@ impl<T, A: Allocator> RawVec<T, A> { + /// the returned `RawVec`. + pub const fn new_in(alloc: A) -> Self { + // `cap: 0` means "unallocated". zero-sized types are ignored. +- Self { ptr: Unique::dangling(), cap: 0, alloc } ++ Self { ptr: Unique::dangling(), cap: Cap::ZERO, alloc } + } + + /// Like `with_capacity`, but parameterized over the choice of +@@ -203,7 +218,7 @@ fn allocate_in(capacity: usize, init: AllocInit, alloc: A) -> Self { + // here should change to `ptr.len() / mem::size_of::<T>()`. + Self { + ptr: unsafe { Unique::new_unchecked(ptr.cast().as_ptr()) }, +- cap: capacity, ++ cap: unsafe { Cap(capacity) }, + alloc, + } + } +@@ -228,7 +243,7 @@ fn try_allocate_in(capacity: usize, init: AllocInit, alloc: A) -> Result<Self, T + // here should change to `ptr.len() / mem::size_of::<T>()`. + Ok(Self { + ptr: unsafe { Unique::new_unchecked(ptr.cast().as_ptr()) }, +- cap: capacity, ++ cap: unsafe { Cap(capacity) }, + alloc, + }) + } +@@ -240,12 +255,13 @@ fn try_allocate_in(capacity: usize, init: AllocInit, alloc: A) -> Result<Self, T + /// The `ptr` must be allocated (via the given allocator `alloc`), and with the given + /// `capacity`. + /// The `capacity` cannot exceed `isize::MAX` for sized types. (only a concern on 32-bit +- /// systems). ZST vectors may have a capacity up to `usize::MAX`. ++ /// systems). For ZSTs capacity is ignored. + /// If the `ptr` and `capacity` come from a `RawVec` created via `alloc`, then this is + /// guaranteed. + #[inline] + pub unsafe fn from_raw_parts_in(ptr: *mut T, capacity: usize, alloc: A) -> Self { +- Self { ptr: unsafe { Unique::new_unchecked(ptr) }, cap: capacity, alloc } ++ let cap = if T::IS_ZST { Cap::ZERO } else { unsafe { Cap(capacity) } }; ++ Self { ptr: unsafe { Unique::new_unchecked(ptr) }, cap, alloc } + } + + /// Gets a raw pointer to the start of the allocation. Note that this is +@@ -261,7 +277,7 @@ pub fn ptr(&self) -> *mut T { + /// This will always be `usize::MAX` if `T` is zero-sized. + #[inline(always)] + pub fn capacity(&self) -> usize { +- if T::IS_ZST { usize::MAX } else { self.cap } ++ if T::IS_ZST { usize::MAX } else { self.cap.0 } + } + + /// Returns a shared reference to the allocator backing this `RawVec`. +@@ -270,7 +286,7 @@ pub fn allocator(&self) -> &A { + } + + fn current_memory(&self) -> Option<(NonNull<u8>, Layout)> { +- if T::IS_ZST || self.cap == 0 { ++ if T::IS_ZST || self.cap.0 == 0 { + None + } else { + // We could use Layout::array here which ensures the absence of isize and usize overflows +@@ -280,7 +296,7 @@ fn current_memory(&self) -> Option<(NonNull<u8>, Layout)> { + let _: () = const { assert!(mem::size_of::<T>() % mem::align_of::<T>() == 0) }; + unsafe { + let align = mem::align_of::<T>(); +- let size = mem::size_of::<T>().unchecked_mul(self.cap); ++ let size = mem::size_of::<T>().unchecked_mul(self.cap.0); + let layout = Layout::from_size_align_unchecked(size, align); + Some((self.ptr.cast().into(), layout)) + } +@@ -404,12 +420,15 @@ fn needs_to_grow(&self, len: usize, additional: usize) -> bool { + additional > self.capacity().wrapping_sub(len) + } + +- fn set_ptr_and_cap(&mut self, ptr: NonNull<[u8]>, cap: usize) { ++ /// # Safety: ++ /// ++ /// `cap` must not exceed `isize::MAX`. ++ unsafe fn set_ptr_and_cap(&mut self, ptr: NonNull<[u8]>, cap: usize) { + // Allocators currently return a `NonNull<[u8]>` whose length matches + // the size requested. If that ever changes, the capacity here should + // change to `ptr.len() / mem::size_of::<T>()`. + self.ptr = unsafe { Unique::new_unchecked(ptr.cast().as_ptr()) }; +- self.cap = cap; ++ self.cap = unsafe { Cap(cap) }; + } + + // This method is usually instantiated many times. So we want it to be as +@@ -434,14 +453,15 @@ fn grow_amortized(&mut self, len: usize, additional: usize) -> Result<(), TryRes + + // This guarantees exponential growth. The doubling cannot overflow + // because `cap <= isize::MAX` and the type of `cap` is `usize`. +- let cap = cmp::max(self.cap * 2, required_cap); ++ let cap = cmp::max(self.cap.0 * 2, required_cap); + let cap = cmp::max(Self::MIN_NON_ZERO_CAP, cap); + + let new_layout = Layout::array::<T>(cap); + + // `finish_grow` is non-generic over `T`. + let ptr = finish_grow(new_layout, self.current_memory(), &mut self.alloc)?; +- self.set_ptr_and_cap(ptr, cap); ++ // SAFETY: finish_grow would have resulted in a capacity overflow if we tried to allocate more than isize::MAX items ++ unsafe { self.set_ptr_and_cap(ptr, cap) }; + Ok(()) + } + +@@ -460,7 +480,10 @@ fn grow_exact(&mut self, len: usize, additional: usize) -> Result<(), TryReserve + + // `finish_grow` is non-generic over `T`. + let ptr = finish_grow(new_layout, self.current_memory(), &mut self.alloc)?; +- self.set_ptr_and_cap(ptr, cap); ++ // SAFETY: finish_grow would have resulted in a capacity overflow if we tried to allocate more than isize::MAX items ++ unsafe { ++ self.set_ptr_and_cap(ptr, cap); ++ } + Ok(()) + } + +diff --git a/rust/alloc/vec/into_iter.rs b/rust/alloc/vec/into_iter.rs +index aac0ec16aef1..136bfe94af6c 100644 +--- a/rust/alloc/vec/into_iter.rs ++++ b/rust/alloc/vec/into_iter.rs +@@ -9,7 +9,8 @@ + use core::array; + use core::fmt; + use core::iter::{ +- FusedIterator, InPlaceIterable, SourceIter, TrustedLen, TrustedRandomAccessNoCoerce, ++ FusedIterator, InPlaceIterable, SourceIter, TrustedFused, TrustedLen, ++ TrustedRandomAccessNoCoerce, + }; + use core::marker::PhantomData; + use core::mem::{self, ManuallyDrop, MaybeUninit, SizedTypeProperties}; +@@ -287,9 +288,7 @@ unsafe fn __iterator_get_unchecked(&mut self, i: usize) -> Self::Item + // Also note the implementation of `Self: TrustedRandomAccess` requires + // that `T: Copy` so reading elements from the buffer doesn't invalidate + // them for `Drop`. +- unsafe { +- if T::IS_ZST { mem::zeroed() } else { ptr::read(self.ptr.add(i)) } +- } ++ unsafe { if T::IS_ZST { mem::zeroed() } else { ptr::read(self.ptr.add(i)) } } + } + } + +@@ -341,6 +340,10 @@ fn is_empty(&self) -> bool { + #[stable(feature = "fused", since = "1.26.0")] + impl<T, A: Allocator> FusedIterator for IntoIter<T, A> {} + ++#[doc(hidden)] ++#[unstable(issue = "none", feature = "trusted_fused")] ++unsafe impl<T, A: Allocator> TrustedFused for IntoIter<T, A> {} ++ + #[unstable(feature = "trusted_len", issue = "37572")] + unsafe impl<T, A: Allocator> TrustedLen for IntoIter<T, A> {} + +@@ -425,7 +428,10 @@ fn drop(&mut self) { + // also refer to the vec::in_place_collect module documentation to get an overview + #[unstable(issue = "none", feature = "inplace_iteration")] + #[doc(hidden)] +-unsafe impl<T, A: Allocator> InPlaceIterable for IntoIter<T, A> {} ++unsafe impl<T, A: Allocator> InPlaceIterable for IntoIter<T, A> { ++ const EXPAND_BY: Option<NonZeroUsize> = NonZeroUsize::new(1); ++ const MERGE_BY: Option<NonZeroUsize> = NonZeroUsize::new(1); ++} + + #[unstable(issue = "none", feature = "inplace_iteration")] + #[doc(hidden)] +diff --git a/rust/alloc/vec/mod.rs b/rust/alloc/vec/mod.rs +index 05c70de0227e..2534ec65500e 100644 +--- a/rust/alloc/vec/mod.rs ++++ b/rust/alloc/vec/mod.rs +@@ -105,6 +105,7 @@ + #[cfg(not(no_global_oom_handling))] + use self::is_zero::IsZero; + ++#[cfg(not(no_global_oom_handling))] + mod is_zero; + + #[cfg(not(no_global_oom_handling))] +@@ -123,7 +124,7 @@ + mod set_len_on_drop; + + #[cfg(not(no_global_oom_handling))] +-use self::in_place_drop::{InPlaceDrop, InPlaceDstBufDrop}; ++use self::in_place_drop::{InPlaceDrop, InPlaceDstDataSrcBufDrop}; + + #[cfg(not(no_global_oom_handling))] + mod in_place_drop; +@@ -1837,7 +1838,32 @@ pub fn dedup_by<F>(&mut self, mut same_bucket: F) + return; + } + +- /* INVARIANT: vec.len() > read >= write > write-1 >= 0 */ ++ // Check if we ever want to remove anything. ++ // This allows to use copy_non_overlapping in next cycle. ++ // And avoids any memory writes if we don't need to remove anything. ++ let mut first_duplicate_idx: usize = 1; ++ let start = self.as_mut_ptr(); ++ while first_duplicate_idx != len { ++ let found_duplicate = unsafe { ++ // SAFETY: first_duplicate always in range [1..len) ++ // Note that we start iteration from 1 so we never overflow. ++ let prev = start.add(first_duplicate_idx.wrapping_sub(1)); ++ let current = start.add(first_duplicate_idx); ++ // We explicitly say in docs that references are reversed. ++ same_bucket(&mut *current, &mut *prev) ++ }; ++ if found_duplicate { ++ break; ++ } ++ first_duplicate_idx += 1; ++ } ++ // Don't need to remove anything. ++ // We cannot get bigger than len. ++ if first_duplicate_idx == len { ++ return; ++ } ++ ++ /* INVARIANT: vec.len() > read > write > write-1 >= 0 */ + struct FillGapOnDrop<'a, T, A: core::alloc::Allocator> { + /* Offset of the element we want to check if it is duplicate */ + read: usize, +@@ -1883,31 +1909,39 @@ fn drop(&mut self) { + } + } + +- let mut gap = FillGapOnDrop { read: 1, write: 1, vec: self }; +- let ptr = gap.vec.as_mut_ptr(); +- + /* Drop items while going through Vec, it should be more efficient than + * doing slice partition_dedup + truncate */ + ++ // Construct gap first and then drop item to avoid memory corruption if `T::drop` panics. ++ let mut gap = ++ FillGapOnDrop { read: first_duplicate_idx + 1, write: first_duplicate_idx, vec: self }; ++ unsafe { ++ // SAFETY: we checked that first_duplicate_idx in bounds before. ++ // If drop panics, `gap` would remove this item without drop. ++ ptr::drop_in_place(start.add(first_duplicate_idx)); ++ } ++ + /* SAFETY: Because of the invariant, read_ptr, prev_ptr and write_ptr + * are always in-bounds and read_ptr never aliases prev_ptr */ + unsafe { + while gap.read < len { +- let read_ptr = ptr.add(gap.read); +- let prev_ptr = ptr.add(gap.write.wrapping_sub(1)); ++ let read_ptr = start.add(gap.read); ++ let prev_ptr = start.add(gap.write.wrapping_sub(1)); + +- if same_bucket(&mut *read_ptr, &mut *prev_ptr) { ++ // We explicitly say in docs that references are reversed. ++ let found_duplicate = same_bucket(&mut *read_ptr, &mut *prev_ptr); ++ if found_duplicate { + // Increase `gap.read` now since the drop may panic. + gap.read += 1; + /* We have found duplicate, drop it in-place */ + ptr::drop_in_place(read_ptr); + } else { +- let write_ptr = ptr.add(gap.write); ++ let write_ptr = start.add(gap.write); + +- /* Because `read_ptr` can be equal to `write_ptr`, we either +- * have to use `copy` or conditional `copy_nonoverlapping`. +- * Looks like the first option is faster. */ +- ptr::copy(read_ptr, write_ptr, 1); ++ /* read_ptr cannot be equal to write_ptr because at this point ++ * we guaranteed to skip at least one element (before loop starts). ++ */ ++ ptr::copy_nonoverlapping(read_ptr, write_ptr, 1); + + /* We have filled that place, so go further */ + gap.write += 1; +@@ -2802,6 +2836,7 @@ pub fn from_elem_in<T: Clone, A: Allocator>(elem: T, n: usize, alloc: A) -> Vec< + <T as SpecFromElem>::from_elem(elem, n, alloc) + } + ++#[cfg(not(no_global_oom_handling))] + trait ExtendFromWithinSpec { + /// # Safety + /// +@@ -2810,6 +2845,7 @@ trait ExtendFromWithinSpec { + unsafe fn spec_extend_from_within(&mut self, src: Range<usize>); + } + ++#[cfg(not(no_global_oom_handling))] + impl<T: Clone, A: Allocator> ExtendFromWithinSpec for Vec<T, A> { + default unsafe fn spec_extend_from_within(&mut self, src: Range<usize>) { + // SAFETY: +@@ -2829,6 +2865,7 @@ impl<T: Clone, A: Allocator> ExtendFromWithinSpec for Vec<T, A> { + } + } + ++#[cfg(not(no_global_oom_handling))] + impl<T: Copy, A: Allocator> ExtendFromWithinSpec for Vec<T, A> { + unsafe fn spec_extend_from_within(&mut self, src: Range<usize>) { + let count = src.len(); +@@ -2909,7 +2946,7 @@ fn clone_from(&mut self, other: &Self) { + /// ``` + /// use std::hash::BuildHasher; + /// +-/// let b = std::collections::hash_map::RandomState::new(); ++/// let b = std::hash::RandomState::new(); + /// let v: Vec<u8> = vec![0xa8, 0x3c, 0x09]; + /// let s: &[u8] = &[0xa8, 0x3c, 0x09]; + /// assert_eq!(b.hash_one(v), b.hash_one(s)); diff --git a/modules/nixos-apple-silicon/apple-silicon-support/packages/m1n1/default.nix b/modules/nixos-apple-silicon/apple-silicon-support/packages/m1n1/default.nix new file mode 100644 index 000000000000..86a8bcdf8bc8 --- /dev/null +++ b/modules/nixos-apple-silicon/apple-silicon-support/packages/m1n1/default.nix @@ -0,0 +1,101 @@ +{ stdenv +, buildPackages +, lib +, fetchFromGitHub +, python3 +, dtc +, imagemagick +, isRelease ? false +, withTools ? true +, withChainloading ? false +, rust-bin ? null +, customLogo ? null +}: + +assert withChainloading -> rust-bin != null; + +let + pyenv = python3.withPackages (p: with p; [ + construct + pyserial + ]); + + rustenv = rust-bin.selectLatestNightlyWith (toolchain: toolchain.minimal.override { + targets = [ "aarch64-unknown-none-softfloat" ]; + }); +in stdenv.mkDerivation rec { + pname = "m1n1"; + version = "1.4.11"; + + src = fetchFromGitHub { + # tracking: https://src.fedoraproject.org/rpms/m1n1 + owner = "AsahiLinux"; + repo = "m1n1"; + rev = "v${version}"; + hash = "sha256-1lWI9tcOxgrcfaPfdSF+xRE9qofhNR3SQiA4h86VVeE="; + fetchSubmodules = true; + }; + + makeFlags = [ "ARCH=${stdenv.cc.targetPrefix}" ] + ++ lib.optional isRelease "RELEASE=1" + ++ lib.optional withChainloading "CHAINLOADING=1"; + + nativeBuildInputs = [ + dtc + buildPackages.gcc + ] ++ lib.optional withChainloading rustenv + ++ lib.optional (customLogo != null) imagemagick; + + postPatch = '' + substituteInPlace proxyclient/m1n1/asm.py \ + --replace 'aarch64-linux-gnu-' 'aarch64-unknown-linux-gnu-' \ + --replace 'TOOLCHAIN = ""' 'TOOLCHAIN = "'$out'/toolchain-bin/"' + ''; + + preConfigure = lib.optionalString (customLogo != null) '' + pushd data &>/dev/null + ln -fs ${customLogo} bootlogo_256.png + if [[ "$(magick identify bootlogo_256.png)" != 'bootlogo_256.png PNG 256x256'* ]]; then + echo "Custom logo is not a 256x256 PNG" + exit 1 + fi + + rm bootlogo_128.png + convert bootlogo_256.png -resize 128x128 bootlogo_128.png + patchShebangs --build ./makelogo.sh + ./makelogo.sh + popd &>/dev/null + ''; + + installPhase = '' + runHook preInstall + + mkdir -p $out/build + cp build/m1n1.bin $out/build + '' + (lib.optionalString withTools '' + mkdir -p $out/{bin,script,toolchain-bin} + cp -r proxyclient $out/script + cp -r tools $out/script + + for toolpath in $out/script/proxyclient/tools/*.py; do + tool=$(basename $toolpath .py) + script=$out/bin/m1n1-$tool + cat > $script <<EOF +#!/bin/sh +${pyenv}/bin/python $toolpath "\$@" +EOF + chmod +x $script + done + + GCC=${buildPackages.gcc} + BINUTILS=${buildPackages.binutils-unwrapped} + + ln -s $GCC/bin/${stdenv.cc.targetPrefix}gcc $out/toolchain-bin/ + ln -s $GCC/bin/${stdenv.cc.targetPrefix}ld $out/toolchain-bin/ + ln -s $BINUTILS/bin/${stdenv.cc.targetPrefix}objcopy $out/toolchain-bin/ + ln -s $BINUTILS/bin/${stdenv.cc.targetPrefix}objdump $out/toolchain-bin/ + ln -s $GCC/bin/${stdenv.cc.targetPrefix}nm $out/toolchain-bin/ + '') + '' + runHook postInstall + ''; +} diff --git a/modules/nixos-apple-silicon/apple-silicon-support/packages/mesa-asahi-edge/default.nix b/modules/nixos-apple-silicon/apple-silicon-support/packages/mesa-asahi-edge/default.nix new file mode 100644 index 000000000000..703dfb3711a7 --- /dev/null +++ b/modules/nixos-apple-silicon/apple-silicon-support/packages/mesa-asahi-edge/default.nix @@ -0,0 +1,49 @@ +{ lib +, fetchFromGitLab +, mesa +, meson +, llvmPackages +}: + +(mesa.override { + galliumDrivers = [ "swrast" "asahi" ]; + vulkanDrivers = [ "swrast" ]; + enableGalliumNine = false; + # libclc and other OpenCL components are needed for geometry shader support on Apple Silicon + enableOpenCL = true; +}).overrideAttrs (oldAttrs: { + # version must be the same length (i.e. no unstable or date) + # so that system.replaceRuntimeDependencies can work + version = "24.1.0"; + src = fetchFromGitLab { + # tracking: https://pagure.io/fedora-asahi/mesa/commits/asahi + domain = "gitlab.freedesktop.org"; + owner = "asahi"; + repo = "mesa"; + rev = "asahi-20240228"; + hash = "sha256-wOFJyYfoN6yxE9HaHXLP/0MhjyRvmlb+jPPUke0sbbE="; + }; + + mesonFlags = + # remove flag to configure xvmc functionality as having it + # breaks the build because that no longer exists in Mesa 23 + (lib.filter (x: !(lib.hasPrefix "-Dxvmc-libs-path=" x)) oldAttrs.mesonFlags) ++ [ + # we do not build any graphics drivers these features can be enabled for + "-Dgallium-va=disabled" + "-Dgallium-vdpau=disabled" + "-Dgallium-xa=disabled" + # does not make any sense + "-Dandroid-libbacktrace=disabled" + # do not want to add the dependencies + "-Dlibunwind=disabled" + "-Dlmsensors=disabled" + ] ++ ( # does not compile on nixpkgs stable, doesn't seem mandatory + lib.optional (lib.versionOlder meson.version "1.3.1") + "-Dgallium-rusticl=false"); + + # replace patches with ones tweaked slightly to apply to this version + patches = [ + ./disk_cache-include-dri-driver-path-in-cache-key.patch + ./opencl.patch + ]; +}) diff --git a/modules/nixos-apple-silicon/apple-silicon-support/packages/mesa-asahi-edge/disk_cache-include-dri-driver-path-in-cache-key.patch b/modules/nixos-apple-silicon/apple-silicon-support/packages/mesa-asahi-edge/disk_cache-include-dri-driver-path-in-cache-key.patch new file mode 100644 index 000000000000..9d23a8dc99a6 --- /dev/null +++ b/modules/nixos-apple-silicon/apple-silicon-support/packages/mesa-asahi-edge/disk_cache-include-dri-driver-path-in-cache-key.patch @@ -0,0 +1,67 @@ +Author: David McFarland <corngood@gmail.com> +Date: Mon Aug 6 15:52:11 2018 -0300 + + [PATCH] disk_cache: include dri driver path in cache key + + This fixes invalid cache hits on NixOS where all shared library + timestamps in /nix/store are zero. + +diff --git a/meson_options.txt b/meson_options.txt +index 512e05d..93001da 100644 +--- a/meson_options.txt ++++ b/meson_options.txt +@@ -513,6 +513,13 @@ option( + description : 'Enable direct rendering in GLX and EGL for DRI', + ) + ++option( ++ 'disk-cache-key', ++ type : 'string', ++ value : '', ++ description : 'Mesa cache key.' ++) ++ + option('egl-lib-suffix', + type : 'string', + value : '', +diff --git a/src/util/disk_cache.c b/src/util/disk_cache.c +index 8298f9d..e622133 100644 +--- a/src/util/disk_cache.c ++++ b/src/util/disk_cache.c +@@ -226,8 +226,10 @@ disk_cache_type_create(const char *gpu_name, + + /* Create driver id keys */ + size_t id_size = strlen(driver_id) + 1; ++ size_t key_size = strlen(DISK_CACHE_KEY) + 1; + size_t gpu_name_size = strlen(gpu_name) + 1; + cache->driver_keys_blob_size += id_size; ++ cache->driver_keys_blob_size += key_size; + cache->driver_keys_blob_size += gpu_name_size; + + /* We sometimes store entire structs that contains a pointers in the cache, +@@ -248,6 +250,7 @@ disk_cache_type_create(const char *gpu_name, + uint8_t *drv_key_blob = cache->driver_keys_blob; + DRV_KEY_CPY(drv_key_blob, &cache_version, cv_size) + DRV_KEY_CPY(drv_key_blob, driver_id, id_size) ++ DRV_KEY_CPY(drv_key_blob, DISK_CACHE_KEY, key_size) + DRV_KEY_CPY(drv_key_blob, gpu_name, gpu_name_size) + DRV_KEY_CPY(drv_key_blob, &ptr_size, ptr_size_size) + DRV_KEY_CPY(drv_key_blob, &driver_flags, driver_flags_size) +diff --git a/src/util/meson.build b/src/util/meson.build +index c0c1b9d..442163c 100644 +--- a/src/util/meson.build ++++ b/src/util/meson.build +@@ -268,7 +268,12 @@ _libmesa_util = static_library( + include_directories : [inc_util, include_directories('format')], + dependencies : deps_for_libmesa_util, + link_with: [libmesa_util_sse41], +- c_args : [c_msvc_compat_args], ++ c_args : [ ++ c_msvc_compat_args, ++ '-DDISK_CACHE_KEY="@0@"'.format( ++ get_option('disk-cache-key') ++ ), ++ ], + gnu_symbol_visibility : 'hidden', + build_by_default : false + ) diff --git a/modules/nixos-apple-silicon/apple-silicon-support/packages/mesa-asahi-edge/opencl.patch b/modules/nixos-apple-silicon/apple-silicon-support/packages/mesa-asahi-edge/opencl.patch new file mode 100644 index 000000000000..2957bb987854 --- /dev/null +++ b/modules/nixos-apple-silicon/apple-silicon-support/packages/mesa-asahi-edge/opencl.patch @@ -0,0 +1,84 @@ +From bbd0f154183e4d26a14bb005f6afc636629c201e Mon Sep 17 00:00:00 2001 +From: Thomas Watson <twatson52@icloud.com> +Date: Sat, 16 Dec 2023 20:46:51 -0600 +Subject: [PATCH] opencl.patch from nixpkgs + f416128e90ac75bec060e8b9435fe9c38423c036 + +--- + meson.build | 2 +- + meson_options.txt | 6 ++++++ + src/gallium/targets/opencl/meson.build | 6 +++--- + src/gallium/targets/rusticl/meson.build | 3 +-- + 4 files changed, 11 insertions(+), 6 deletions(-) + +diff --git a/meson.build b/meson.build +index 552ff196aa8..9e10156b875 100644 +--- a/meson.build ++++ b/meson.build +@@ -1829,7 +1829,7 @@ endif + + dep_clang = null_dep + if with_clc +- llvm_libdir = dep_llvm.get_variable(cmake : 'LLVM_LIBRARY_DIR', configtool: 'libdir') ++ llvm_libdir = get_option('clang-libdir') + + dep_clang = cpp.find_library('clang-cpp', dirs : llvm_libdir, required : false) + +diff --git a/meson_options.txt b/meson_options.txt +index c76fa6d3382..d2021f55634 100644 +--- a/meson_options.txt ++++ b/meson_options.txt +@@ -1,6 +1,12 @@ + # Copyright © 2017-2019 Intel Corporation + # SPDX-License-Identifier: MIT + ++option( ++ 'clang-libdir', ++ type : 'string', ++ value : '', ++ description : 'Locations to search for clang libraries.' ++) + option( + 'platforms', + type : 'array', +diff --git a/src/gallium/targets/opencl/meson.build b/src/gallium/targets/opencl/meson.build +index 7c14135898e..cbcd67cc443 100644 +--- a/src/gallium/targets/opencl/meson.build ++++ b/src/gallium/targets/opencl/meson.build +@@ -39,7 +39,8 @@ if dep_llvm.version().version_compare('>=10.0.0') + polly_isl_dep = cpp.find_library('PollyISL', dirs : llvm_libdir, required : false) + endif + +-dep_clang = cpp.find_library('clang-cpp', dirs : llvm_libdir, required : false) ++clang_libdir = get_option('clang-libdir') ++dep_clang = cpp.find_library('clang-cpp', dirs : clang_libdir, required : false) + + # meson will return clang-cpp from system dirs if it's not found in llvm_libdir + linker_rpath_arg = '-Wl,--rpath=@0@'.format(llvm_libdir) +@@ -123,8 +124,7 @@ if with_opencl_icd + configuration : _config, + input : 'mesa.icd.in', + output : 'mesa.icd', +- install : true, +- install_tag : 'runtime', ++ install : false, + install_dir : join_paths(get_option('sysconfdir'), 'OpenCL', 'vendors'), + ) + +diff --git a/src/gallium/targets/rusticl/meson.build b/src/gallium/targets/rusticl/meson.build +index b2963fe6dfa..2f784bdccd4 100644 +--- a/src/gallium/targets/rusticl/meson.build ++++ b/src/gallium/targets/rusticl/meson.build +@@ -76,8 +76,7 @@ configure_file( + configuration : _config, + input : 'rusticl.icd.in', + output : 'rusticl.icd', +- install : true, +- install_tag : 'runtime', ++ install : false, + install_dir : join_paths(get_option('sysconfdir'), 'OpenCL', 'vendors'), + ) + +-- +2.40.1 + diff --git a/modules/nixos-apple-silicon/apple-silicon-support/packages/overlay.nix b/modules/nixos-apple-silicon/apple-silicon-support/packages/overlay.nix new file mode 100644 index 000000000000..3d9d5ff79c35 --- /dev/null +++ b/modules/nixos-apple-silicon/apple-silicon-support/packages/overlay.nix @@ -0,0 +1,11 @@ +final: prev: { + linux-asahi = final.callPackage ./linux-asahi { }; + m1n1 = final.callPackage ./m1n1 { }; + uboot-asahi = final.callPackage ./uboot-asahi { }; + asahi-fwextract = final.callPackage ./asahi-fwextract { }; + mesa-asahi-edge = final.callPackage ./mesa-asahi-edge { inherit (prev) mesa; }; + alsa-ucm-conf-asahi = final.callPackage ./alsa-ucm-conf-asahi { inherit (prev) alsa-ucm-conf; }; + speakersafetyd = final.callPackage ./speakersafetyd { }; + bankstown-lv2 = final.callPackage ./bankstown-lv2 { }; + asahi-audio = final.callPackage ./asahi-audio { }; +} diff --git a/modules/nixos-apple-silicon/apple-silicon-support/packages/speakersafetyd/default.nix b/modules/nixos-apple-silicon/apple-silicon-support/packages/speakersafetyd/default.nix new file mode 100644 index 000000000000..bce0af1162f9 --- /dev/null +++ b/modules/nixos-apple-silicon/apple-silicon-support/packages/speakersafetyd/default.nix @@ -0,0 +1,36 @@ +{ rustPlatform +, stdenv +, rust +, fetchCrate +, pkg-config +, alsa-lib +}: + +rustPlatform.buildRustPackage rec { + pname = "speakersafetyd"; + # tracking: https://src.fedoraproject.org/rpms/rust-speakersafetyd + version = "0.1.9"; + + nativeBuildInputs = [ pkg-config ]; + buildInputs = [ alsa-lib ]; + + src = fetchCrate { + inherit pname version; + hash = "sha256-I1fL1U4vqKxPS1t6vujMTdi/JAAOCcPkvUqv6FqkId4="; + }; + cargoHash = "sha256-Adwct+qFhUsOIao8XqNK2zcn13DBlQNA+X4aRFeIAXM="; + + postPatch = '' + substituteInPlace speakersafetyd.service --replace "/usr" "$out" + substituteInPlace Makefile --replace "target/release" "target/${rust.lib.toRustTargetSpec stdenv.hostPlatform}/$cargoBuildType" + ''; + + installFlags = [ + "DESTDIR=${placeholder "out"}" + "BINDIR=/bin" + "SHAREDIR=/share" + "TMPFILESDIR=/lib/tmpfiles.d" + ]; + + dontCargoInstall = true; +} diff --git a/modules/nixos-apple-silicon/apple-silicon-support/packages/uboot-asahi/default.nix b/modules/nixos-apple-silicon/apple-silicon-support/packages/uboot-asahi/default.nix new file mode 100644 index 000000000000..02075891677d --- /dev/null +++ b/modules/nixos-apple-silicon/apple-silicon-support/packages/uboot-asahi/default.nix @@ -0,0 +1,43 @@ +{ lib +, fetchFromGitHub +, buildUBoot +, m1n1 +}: + +(buildUBoot rec { + src = fetchFromGitHub { + # tracking: https://pagure.io/fedora-asahi/uboot-tools/commits/main + owner = "AsahiLinux"; + repo = "u-boot"; + rev = "asahi-v2023.07.02-4"; + hash = "sha256-M4qkEyNgwV2AKSr5VzPGfhHo1kGy8Tw8TfyP36cgYjc="; + }; + version = "2023.07.02.asahi4-1"; + + defconfig = "apple_m1_defconfig"; + extraMeta.platforms = [ "aarch64-linux" ]; + filesToInstall = [ + "u-boot-nodtb.bin.gz" + "m1n1-u-boot.bin" + ]; + extraConfig = '' + CONFIG_IDENT_STRING=" ${version}" + CONFIG_VIDEO_FONT_4X6=n + CONFIG_VIDEO_FONT_8X16=n + CONFIG_VIDEO_FONT_SUN12X22=n + CONFIG_VIDEO_FONT_16X32=y + ''; +}).overrideAttrs (o: { + # nixos's downstream patches are not applicable + patches = [ + ]; + + # DTC= flag somehow breaks DTC compilation so we remove it + makeFlags = builtins.filter (s: (!(lib.strings.hasPrefix "DTC=" s))) o.makeFlags; + + preInstall = '' + # compress so that m1n1 knows U-Boot's size and can find things after it + gzip -n u-boot-nodtb.bin + cat ${m1n1}/build/m1n1.bin arch/arm/dts/t[68]*.dtb u-boot-nodtb.bin.gz > m1n1-u-boot.bin + ''; +}) diff --git a/modules/nixos-apple-silicon/default.nix b/modules/nixos-apple-silicon/default.nix new file mode 100644 index 000000000000..6bf30b1f907c --- /dev/null +++ b/modules/nixos-apple-silicon/default.nix @@ -0,0 +1,15 @@ +# This file provides backward compatibility to nix < 2.4 clients +{ system ? builtins.currentSystem }: +let + lock = builtins.fromJSON (builtins.readFile ./flake.lock); + + inherit (lock.nodes.flake-compat.locked) owner repo rev narHash; + + flake-compat = fetchTarball { + url = "https://github.com/${owner}/${repo}/archive/${rev}.tar.gz"; + sha256 = narHash; + }; + + flake = import flake-compat { inherit system; src = ./.; }; +in +flake.defaultNix diff --git a/modules/nixos-apple-silicon/docs/release-notes.md b/modules/nixos-apple-silicon/docs/release-notes.md new file mode 100644 index 000000000000..0f59c9277b7d --- /dev/null +++ b/modules/nixos-apple-silicon/docs/release-notes.md @@ -0,0 +1,431 @@ +# Release Notes + +This file contains important information for each release. + +## 2024-03-11 + +This release updates nixpkgs. + +This release includes patches to correct building of the kernel with Rust 1.76.0 +and fixes for building U-Boot with the latest nixpkgs. Thanks to bkchr for +these patches. + +This release also introduces a `hardware.asahi.enable` configuration option, +which defaults to true. Setting this option to false disables all effects of +the Apple Silicon support module (including ignoring all other options), which +may be useful for multi-system configurations. + +## 2024-03-05 + +This release updates nixpkgs and Mesa. + +This release also includes a patch so that Mesa can build again on NixOS 23.11 +and older nixpkgs versions. + +Support for stable NixOS releases is neither tested nor guaranteed, but patches +to address specific issues are welcome. + +## 2024-02-29 + +This release updates nixpkgs. + +This release corrects a few minor issues: +* Resolves an error that flakes were not enabled when running `nixos-install` +* Updates to avoid using a nixpkgs version that was not from the nixos-unstable + channel +* Restored compatibility for the sound module with older versions of nixpkgs. + +## 2024-02-26 + +This release updates nixpkgs, the kernel, and Mesa. Thanks to oliverbestmann for +the updates. + +This release also includes a patch to fix random boot hangs with recent versions +of nixpkgs. + +The kernel and Mesa are now upgraded to OpenGL 4.6 compatibility. Restructurings +and upgrades have been made in the sound support as well (in particular an +upgrade to the `bankstown-lv2` bass enhancer), and quality should be improved. + +The GPU acceleration and sound upgrades require packages and features present +only in the latest nixpkgs unstable releases. If you are using NixOS 23.11, +please remain on an older release. This may be addressed in the future; +contributions are welcome. + +Upgrading nixpkgs brings GCC 13.2 as the default system compiler. + +## 2024-01-17 + +This release updates nixpkgs. + +This release includes patches and fixes to correct building of the kernel with +Rust 1.75.0 and adjustments to accommodate Mesa changes in the latest nixpkgs. +Thanks once again to yu-re-ka. + +## 2023-12-24 + +This release updates nixpkgs. + +This release changes how the Asahi configurations are loaded into PipeWire and +WirePlumber, thus making it possible for users to install other configurations +in parallel for e.g. Bluetooth (or override the Asahi configurations, though +this is likely a bad idea). Thanks to cid-chan for reporting this problem. + +## 2023-12-23 + +This release does not update any packages. + +This release corrects an oversight in the sound support which resulted in the +Asahi configurations not being loaded properly into PipeWire and WirePlumber. +This is now fixed, and audio quality and behavior should be at the +upstream-intended standard. Thanks to ivabus for reporting this oversight. + +Additionally, rtkit is enabled by default to allow the audio components to run +at real-time priority and so reduce glitches. + +## 2023-12-22 + +This release updates nixpkgs and includes the necessary components for full +sound support, namely speakersafetyd, bankstown-lv2, and asahi-audio. + +New features and fixes: +* Full speaker and headphone support is finally here! (on supported machines and + nixpkgs versions) + * You will need at least `sound.enable = true;` in your configuration. + * Sound support relies on PipeWire, which is automatically enabled by the + apple-silicon-support module. You must remove any + `hardware.pulseaudio.enable = true;` from your configuration, or building + it will fail. PipeWire's PulseAudio compatibility module is enabled by + default. + * Thanks to yu-re-ka and diamondburned for helping with this support. +* Kernel config is now synced with and will track Fedora Asahi Remix's Apple + Silicon-specific changes + * This fixes a missing option which broke GPU acceleration on M2 hardware. + +## 2023-12-19 + +This release updates nixpkgs, m1n1, U-Boot, the kernel, and Mesa. + +With the official announcement of the Fedora Asahi Remix, nixos-apple-silicon is +now tracking package versions and capabilities as they appear in Fedora, in +order to offer the upstream intended user experience. + +Updating nixpkgs brings us past the 23.11 release and on the path to 24.05. +Other updates bring HDMI support for supported machines and firmware versions. +Don't expect this to work if you installed before August 2023; workarounds will +be made available shortly, and a long-term solution will hopefully be +implemented by Asahi and incorporated here as well. + +Speaker support will be added in the next release once safe implementation and +testing is completed. Thanks for the patience and understanding. + +## 2023-11-19 + +This release updates nixpkgs. + +In particular, nixpkgs is updated to fix issues with compilation of wolfssl, +and some regressions in systemd-boot. + +This release also adds patches to the kernel to support compilation with Rust +1.73.0. Thanks again to yu-re-ka for this contribution. + +Speaker support will be added in an upcoming release. + +## 2023-10-21 + +This release updates nixpkgs, m1n1, U-Boot, and the kernel. + +Some exciting new features are now available: +* ALSA configuration module to enable the headphone jack on supported devices + * You will need at least `sound.enable = true;` and + `hardware.pulseaudio.enable = true;` in your configuration.nix to enable + sound for the system. + * Speakers will still not be enabled. + * Thanks to IonAgorria and yusefnapora for this contribution. +* Built-in webcam support for supported devices + * The webcam should work without additional configuration in applications like + Firefox or desktop camera viewers. + * To avoid an overly-dark image and other image quality issues, the ISP + firmware needs to be added to `all_firmware.tar.gz` within the peripheral + firmware directory. This can be done by inserting + `/usr/sbin/appleh13camerad` from macOS into the archive's root. Stub + partitions created with the Asahi installer after this release should + already have the file but older installations must be upgraded manually. + This will hopefully be done automatically in a future release. +* Official support for M2-series devices + * Please leave feedback if issues are encountered. I don't have any way to + test this support with NixOS. + +## 2023-09-17 + +This release updates nixpkgs. + +In particular, nixpkgs is updated to fix regressions in cross-compilation. + +## 2023-09-08 + +This release updates nixpkgs, m1n1, the kernel, and Mesa. + +This release also adds patches to the kernel to support compilation with Rust +1.72.0. Thanks again to yu-re-ka for this contribution. + +## 2023-08-26 + +This release updates nixpkgs. + +This release also removes obsolete Rust patches that were no longer needed and +prevented building in the latest stable nixpkgs release. Thanks to autrimpo for +noticing this issue and testing the fix. + +## 2023-08-25 + +This release updates nixpkgs, m1n1, the kernel, and Mesa. + +Thanks to yu-re-ka, Lucus16, and Enzime for help with these updates. + +## 2023-08-19 + +This release updates nixpkgs and Mesa. + +In particular, nixpkgs is updated to fix a regression in cross-compilation +and a non-deterministic build failure of GRUB. + +## 2023-08-08 + +This release does not update any software. + +This release includes a patch to allow building with Rust 1.71.0 in the +latest nixpkgs releases. Nixpkgs itself is not yet updated due to a +regression in cross-compilation. + +## 2023-07-26 + +This release updates nixpkgs, the Asahi kernel, and Mesa. + +## 2023-07-12 + +This release does not update any software. + +This release corrects an issue where the kernel would not build with Rust +support when using the latest stable nixpkgs release due to a patch that was +applied when it should not have been. Thanks to natsukagami for noticing and +correcting the issue. + +Support for stable nixpkgs releases is neither tested nor guaranteed, but +patches to address specific issues are welcome. + +## 2023-07-11 + +This release updates nixpkgs, the Asahi kernel, and Mesa. + +This release adds the ability to build the installer and packages when not using +flakes through the inclusion of flake-compat. Thanks to flokli for this +contribution. + +## 2023-06-25 + +This release updates nixpkgs. There have been no changes to Asahi's stable +package versions since the last release. + +This release corrects problems building the Linux kernel Rust graphics driver +using recent nixpkgs releases. Thanks to yu-re-ka and the Asahi team for +patches. + +This release also finally eliminates IFD when building the kernel. + +## 2023-06-15 + +This release updates nixpkgs, the Asahi kernel, and Mesa. + +Updating nixpkgs fixes an issue uncovered by the last release which would cause +`nixos-generate-config` to generate a hardware configuration which would build +for the wrong system type. + +Updating the Asahi packages fixes some graphics issues using the experimental +GPU driver. + +## 2023-06-07 + +This release updates nixpkgs and all Asahi package versions, including the +kernel, m1n1, U-Boot, and Mesa. + +Updating nixpkgs brings us past the 23.05 release and on the path to 23.11. + +Updating m1n1 fixes some issues with virtualization. + +Updating U-Boot fixes issues with certain USB devices causing U-Boot to crash +and allows use of all USB ports on all Macs (IIUC). + +Due to a quirk in the new version of U-Boot, a revised command is required to +boot off a flash drive when a system is already installed on the internal disk. +This command is as follows: `env set boot_efi_bootmgr ; run bootcmd_usb0`. +Hopefully this quirk will be addressed in a future release. + +## 2023-05-06 + +This release updates nixpkgs. There have been no changes to Asahi's stable +package versions since the last release. + +This release corrects problems building the Linux kernel Rust graphics driver +using recent nixpkgs releases. Thanks to yu-re-ka and QuentinI for patches. + +This release also reduces the amount of IFD involved in building the kernel. +Thanks again to QuentinI for this contribution. + +## 2023-03-21 + +This release updates nixpkgs and the Asahi packages, including the kernel, m1n1, +U-Boot, and Mesa. + +Updating nixpkgs finally brings GCC 12 as the default compiler. + +## 2023-02-23 + +This release updates nixpkgs. There have been no changes to Asahi's stable +package versions since the last release. + +This release corrects build failures of the Linux kernel using either the latest +NixOS unstable or NixOS 22.11 versions of the Rust compiler. + +## 2023-01-31 + +**This release reorganizes the project substantially. Please follow the +directions below or the upgrade might not take effect.** + +This release updates nixpkgs and reorganizes the project. There have been no +changes to Asahi's stable package versions since the last release. + +To upgrade (assuming you used the standard installation instructions): +* Remove `/etc/nixos/m1-support` +* Procure the `apple-silicon-support` directory from the repo and place it in + `/etc/nixos/apple-silicon-support` +* Change the `./m1-support` include path in your configuration.nix to + `./apple-silicon-support`. + +Thanks primarily to the hard work of oati, the project has been reorganized to +cleanly separate the Nixpkgs package definitions and overlay, the NixOS +modules, and the custom bootstrap installer configuration. This will make +development and customization more straightforward. The project has also been +renamed to emphasize compatibility with all generations of Apple Silicon Macs +(though be mindful that support of a particular machine by this project cannot +come until Asahi Linux does the hard parts!). + +Flakes support is now required to build the installer. The installer ISO and +development versions of m1n1 and U-Boot are now available as outputs of this +repository's flake. The overlay and NixOS modules are also available as outputs +for the convenience of system flakes users. + +## 2023-01-18 + +This release updates nixpkgs. There have been no changes to Asahi's +stable package versions since the last release. + +This release corrects build failures when the kernel is built with Rust support. +These were a result of Nixpkgs' upgrade to Rust 1.66. + +This release also adds an option `hardware.asahi.experimentalGPUInstallMode` to +select the way in which the experimental GPU driver is installed. +There are three choices: +* `driver`: install only as a driver, do not replace system Mesa. Causes issues + with certain programs like Plasma Wayland. +* `replace` (the default): use `system.replaceRuntimeDependencies` to replace + system Mesa with Asahi Mesa. Does not work in pure evaluation context (i.e. in + flakes by default). +* `overlay`: overlay system Mesa with Asahi Mesa. Requires rebuilding the + world. + +## 2023-01-16 + +This release updates nixpkgs. There have been no changes to Asahi's +stable package versions since the last release. + +This release also solves an issue where Plasma Wayland sessions would +not launch when using experimental GPU support due to mismatched Mesa +versions. (Thanks bkchr!) + +## 2022-12-26 + +This release updates upstream dependencies, including nixpkgs and Mesa. + +Updating nixpkgs in particular resolves an issue which broke reproducibility of +the installer ISO when building on some filesystems, like ZFS. + +The curl, wget, and +[wormhole-william](https://github.com/psanford/wormhole-william) utilities are +now included in the installer image to ease file transfer and initial setup. +wormhole-william is interoperable with the +[Magic Wormhole](https://magic-wormhole.readthedocs.io/en/latest/) utility. +(Thanks zzywysm!) + +U-Boot is now built with a double-size font so that its console can be +practically read on Retina displays. (Thanks again zzywysm!) + +## 2022-12-18 + +This release updates upstream dependencies including nixpkgs, the kernel, +and m1n1. + +Updating nixpkgs resolves an issue that might have caused NetworkManager's GUI +to crash after entering a Wi-Fi password. + +Support for Rust in the kernel, the Asahi edge kernel config, and the +experimental Mesa driver are now included as NixOS options. + +* Enable the option `hardware.asahi.withRust` to build the kernel with the +Rust toolchain present. GCC is still used for the kernel's C code. +* Enable the option `hardware.asahi.addEdgeKernelConfig` to add the official +Asahi edge kernel configuration options. This implies the previous option. +* Enable the option `hardware.asahi.useExperimentalGPUDriver` to switch the +system version of Mesa to the Asahi project's fork which includes experimental +support for the Apple Silicon GPU. This implies the previous two options. + +Please note that, as outlined in the +[official blog post](https://asahilinux.org/2022/12/gpu-drivers-now-in-asahi-linux/), +there are likely to be issues with many applications using the experimental +GPU drivers. **Do not report any GPU driver issues encountered under NixOS to +the Asahi project. Replicate your issue and gather relevant information as +described in the post using the official distro instead!** + +The GPU drivers have been tested and verified functional under NixOS on an +M1 Max MacBook Pro 16" with X11, Xfce, SuperTuxKart, and WebGL under Firefox. + +## 2022-12-06 + +This release updates upstream dependencies including nixpkgs, the kernel, +and m1n1. Nixpkgs is now officially 23.05pre. + +The `boot.kernelPackages` NixOS option is now respected properly by the +manual kernel builder. (Thanks natsukagami!) + +## 2022-11-29 + +This release corrects an issue which would cause booting off a USB flash +drive from a boot environment with the latest device trees to fail with +the message "An error occurred in stage 1 of the boot process." + +The cause was new functionality in new kernel modules which was required +for the USB ports to work. These modules were made available in the +initrd so the system can mount the USB flash drive and continue booting. + +The fix has been verified on a MacBook Pro M1 Max 16". + +## 2022-11-24 + +This release updates to the latest Asahi kernel and other stuff. Currently only +the non-edge config is supported. + +Sound is not yet fully supported. Work remains to integrate the ALSA UCM +configurations into NixOS. This will be addressed in the future. + +The 4K patch no longer applies so this kernel only operates in 16K mode for now. +This is not planned to be addressed. PRs are welcome for an updated patch. + +Due to a change in the device trees, booting old kernels with the latest trees, +i.e. switching to an older generation using the bootloader, may leave you with +broken USB support. Once booted into the generation, you can run +`/run/current-system/bin/switch-to-configuration switch` then reboot to force +the bootloader and the correct version of U-Boot/m1n1/the device trees to be +reinstalled and loaded. + +The edge config and a prototype of the GPU driver will be addressed in the +future. diff --git a/modules/nixos-apple-silicon/docs/uefi-standalone.md b/modules/nixos-apple-silicon/docs/uefi-standalone.md new file mode 100644 index 000000000000..9b2f6125661e --- /dev/null +++ b/modules/nixos-apple-silicon/docs/uefi-standalone.md @@ -0,0 +1,499 @@ +# UEFI Boot Standalone NixOS (2024-03-11) + +This guide will build and was tested with the following software: +* Asahi Linux kernel version 6.6.0-asahi15 +* Asahi Linux's Mesa version 24.1.0_asahi-20240228-1 +* m1n1 version v1.4.11 +* Asahi Linux's U-Boot version 2023.07.02.asahi4-1 +* Nixpkgs, as of 2024-03-08 +* macOS stub 12.3 + +NOTE: The latest version of this guide will always be [at its home](https://github.com/tpwrules/nixos-apple-silicon/blob/main/docs/uefi-standalone.md). For more general information about Linux on Apple Silicon Macs, refer to the [Asahi Linux project](https://asahilinux.org/) and [alpha installer release](https://asahilinux.org/2022/03/asahi-linux-alpha-release/). + +## Introduction + +This guide will explain how to install NixOS on the internal NVMe drive of an Apple Silicon Mac using a customized version of the official NixOS install ISO, then boot it without the help of another computer. Aside from the Apple Silicon support module and AArch64 CPU, the resulting installation can be configured and operated like any other NixOS system. Your macOS install will still work normally, and you can easily switch between booting both macOS and NixOS. + +Perusing this guide might also be useful to users of other distros. Most of the hard work, including the kernel and boot software, was done by the [Asahi Linux project](https://asahilinux.org/). + +#### Warning + +Damage to the macOS recovery partitions or the partition table could result in the Mac becoming unbootable and loss of all data on the internal NVMe drive. In this circumstance, a suitable USB cable and another computer which can run [idevicerestore](https://github.com/libimobiledevice/idevicerestore) will be required to perform a DFU upgrade and restore normal operation. Backups are always wise. + +While you will end up with a reasonably usable computer, the exact hardware features you want [may not be ready yet](https://github.com/AsahiLinux/docs/wiki/%22When-will-Asahi-Linux-be-done%3F%22). Please consult the [Asahi Linux Feature Support page](https://github.com/AsahiLinux/docs/wiki/Feature-Support) for information. Any features marked with a kernel version or `linux-asahi` should be supported by NixOS too. + +#### Prerequisites + +The following items are required to get started: +* Apple Silicon Mac [supported by Asahi Linux](https://github.com/AsahiLinux/docs/wiki/Feature-Support#table-of-contents) with macOS 12.3 or later and an admin account +* For Mac mini users: tested and working HDMI monitor. Many do not work properly; if it shows the Asahi Linux logo and console when m1n1 is running, it's fine. +* USB flash drive which is at least 512MB and can be fully erased +* Familiarity with the command line and installers without GUIs +* Optional: an x86_64 or aarch64 Linux PC or VM (any distro is fine) + +#### Overview + +* [Software Preparation](#software-preparation): build the customized NixOS installer ISO and Asahi Linux components +* [UEFI Preparation](#uefi-preparation): use the Asahi Linux installer to set up a standard UEFI boot environment +* [Installation](#installation): boot the NixOS installer and use it to set up and install NixOS +* [Maintenance](#maintenance): repair and upgrade NixOS and the Asahi Linux components +* [Removal](#removal): restore the system to the stock state + + +## Software Preparation + +#### Nix + +This setup takes advantage of the Nix package manager, which handles downloading and compiling everything. You must first install it on your Linux host PC if it doesn't run NixOS. Most distros are compatible, and installation (and uninstallation) is simple. Instructions are available on the [NixOS website](https://nixos.org/download.html#nix-quick-install). + +If you cannot or do not wish to install Nix and/or build these components yourself, installation ISOs are automatically built and made available from the [GitHub Releases page](https://github.com/tpwrules/nixos-apple-silicon/releases). Download the latest one, use `dd` or similar to transfer it to your USB flash drive, then skip down to the section on [UEFI Preparation](#uefi-preparation). Programs like `unetbootin` are not supported. These ISOs are fully reproducible; that is, the ISO you download will be (or should be...) bit-identical to the one you will get by following these preparation instructions. + +#### nixos-apple-silicon + +Clone this repository to a suitable location on the host PC. In the future, you can update this repository using `git pull` and re-run the `nix build` commands to update things. + +``` +$ git clone https://github.com/tpwrules/nixos-apple-silicon/ +$ cd nixos-apple-silicon +``` + +#### m1n1 + +The Asahi Linux project has developed m1n1 as a bridge between Apple's boot firmware and the Linux world. m1n1 is installed as a faux macOS kernel into a stub macOS installation. In addition to booting Linux (or U-Boot), m1n1 also sets up the hardware and allows remote control and debugging over USB. + +Change directories to the repository, then use Nix to build m1n1 and symlink the result to `m1n1`: + +``` +nixos-apple-silicon$ nix build --extra-experimental-features 'nix-command flakes' .#m1n1 -o m1n1 +``` + +m1n1 has been built and the build products are now in `m1n1/build/`. You can also run m1n1's scripts such as `chainload.py` using a command like `m1n1/bin/m1n1-chainload`. + +#### U-Boot + +In the default installation, m1n1 loads U-Boot and U-Boot is used to set up a standard UEFI environment from which GRUB or systemd-boot or whatever can be booted. Due to the limitations of the Apple boot picker, there must be one EFI system partition per installed OS. + +Use Nix to build U-Boot along with m1n1 and the device trees: + +``` +nixos-apple-silicon$ nix build --extra-experimental-features 'nix-command flakes' .#uboot-asahi -o u-boot +``` + +The `.bin` file with m1n1, the device trees, and U-Boot joined together is now in `u-boot/`. + +#### Kernel and Bootstrap Installer + +The bootstrap NixOS installer ISO contains UEFI-compatible GRUB, the Asahi Linux kernel, its initrd, and enough packages and drivers to allow connection to the Internet in order to download and install a full NixOS system. + +Building the image requires downloading of a large amount of data and compilation of a number of packages, including the kernel. On my six core Xeon laptop, building it took about 11 minutes (90 CPU minutes). Your mileage may vary. You can use the `-j` option to specify the number of packages to build in parallel. Each is allowed to use all cores, but for this build, most do not use more than one. Therefore, it is recommended to set it to less than the number of physical cores in your machine. You can also use the `-L` option to view detailed build logs. + +``` +nixos-apple-silicon$ nix build --extra-experimental-features 'nix-command flakes' .#installer-bootstrap -o installer -j4 -L +``` + +The installer ISO is now available as `installer/iso/nixos-*.iso`. Use `dd` or similar to transfer it to your USB flash drive. Programs like `unetbootin` are not supported. + +## UEFI Preparation + +This setup uses the alpha Asahi Linux installer to install a stub macOS and standard UEFI boot environment from which the NixOS installer and installed OS will run. These steps must be run from Terminal.app in macOS. You must also be logged into an administrator account. + +#### Asahi Linux Installation + +Download and run the alpha installer with the following command: +``` +% curl https://alx.sh | sh +``` + +Choose the following options to get started: +* Enter your administrator password +* Do not enable expert mode + +Resize your existing macOS install: +* Resize an existing partition to make space for a new OS (`r`) +* Enter the new size of the macOS install. It should be at least 20GB less than its current size to make room for NixOS with a GUI (note that here 1GB = 1,000,000,000 bytes) +* Confirm the resize operation +* Wait patiently while the partition is resized; it will take several minutes. Do not attempt to use the machine while this is in progress. +* Press enter when finished + +Install UEFI environment: +* Install an OS into free space (`f`) +* UEFI environment only +* Name it NixOS (this is what shows up in the firmware boot picker) +* Wait while the installation proceeds and enter your password when prompted +* Wait for the default boot volume to be set (this may take several seconds) +* Read the final advice, then press enter to shut down the machine + +Boot into recovery mode by holding the power button down as directed and select the new NixOS option in the boot picker. Follow the prompts and enter your administrator password. The local policy update will take several seconds to complete. Once complete, select that you want to set a custom boot object and put your system to permissive security mode, enter your administrator username (the same one you put in the password for earlier) and password, then reboot when prompted. + +If everything went well, you will restart into U-Boot with the Asahi Linux and U-Boot logos on-screen. Shut the system down by holding the power button, then proceed to the next step. + +## Installation + +#### Booting the Installer + +Shut down the machine fully. Connect the flash drive with the installer ISO to a USB port. If not using Wi-Fi, connect the Ethernet cable to the network port or adapter as well. + +Start the Mac, and U-Boot should start booting from the USB drive automatically. If you've already installed something to the internal NVMe drive, U-Boot will try to boot it first. To instead boot from USB, hit a key to stop autoboot when prompted, then run the command `env set boot_efi_bootmgr ; run bootcmd_usb0`. GRUB will start, then the NixOS installer after a short delay (the default GRUB option is fine). + +<details> + <summary>If "mounting `/dev/root` on `/mnt-root/iso` failed: No such file or directory" during boot…</summary> + + 1. Was the ISO transferred to your flash drive correctly as described above? `dd` is the only correct way to do this. The ISO must be transferred to the drive block device itself, not a partition on the drive. + 2. There is sometimes a [race condition](https://github.com/tpwrules/nixos-apple-silicon/issues/60) which causes booting to fail. Reboot the machine and try again. + 3. Some flash drives have quirks. Try a different drive, or use the following steps: + + 1. Attempt to start the installer normally + 1. When the boot fails and you are prompted, hit i to start a shell + 1. Unplug your flash drive, plug it into a different port, then wait 30 seconds + 1. Run the command `mount -t iso9660 /dev/root /mnt-root/iso` + 1. Exit the shell by running `exit` to continue the boot process +</details> + +You will get a console prompt once booting completes. Run the command `sudo su` to get a root prompt in the installer. If the console font is too small, run the command `setfont ter-v32n` to increase the size. + +#### Partitioning and Formatting + +**DANGER: Damage to the GPT partition table, first partition (`iBootSystemContainer`), or the last partition (`RecoveryOSContainer`) could result in the loss of all data and render the Mac unbootable and unrecoverable without assistance from another computer! Do not use your distro's automated partitioner or partitioning instructions!** + +We will add a root partition to the remaining free space and format it as ext4. Alternative partition layouts and filesystems, including LUKS encryption, are possible, but not covered by this guide. + +Create the root partition to fill up the free space: +``` +nixos# sgdisk /dev/nvme0n1 -n 0:0 -s +[...] +The operation has completed successfully. +``` + +Identify the number of the new root partition (type code 8300, typically second to last): +``` +nixos# sgdisk /dev/nvme0n1 -p +Disk /dev/nvme0n1: 244276265 sectors, 931.8 GiB +Model: APPLE SSD AP1024Q +Sector size (logical/physical): 4096/4096 bytes +Disk identifier (GUID): 27054D2E-307A-41AA-9A8C-3864D56FAF6B +Partition table holds up to 128 entries +Main partition table begins at sector 2 and ends at sector 5 +First usable sector is 6, last usable sector is 244276259 +Partitions will be aligned on 1-sector boundaries +Total free space is 0 sectors (0 bytes) + +Number Start (sector) End (sector) Size Code Name + 1 6 128005 500.0 MiB FFFF iBootSystemContainer + 2 128006 219854567 838.2 GiB AF0A Container + 3 219854568 220465127 2.3 GiB AF0A + 4 220465128 220590311 489.0 MiB EF00 + 5 220590312 242965550 85.4 GiB 8300 + 6 242965551 244276259 5.0 GiB FFFF RecoveryOSContainer +``` + +Format the new root partition: +``` +nixos# mkfs.ext4 -L nixos /dev/nvme0n1p5 +``` + +#### NixOS Configuration + +The subsequent steps in this section will help you install NixOS onto your new partitions. More information is available in the Installing section of the [NixOS manual](https://nixos.org/manual/nixos/stable/index.html#sec-installation-installing). Some changes to the configuration procedure as described in that manual are needed for NixOS on Apple Silicon to work properly. + +Mount the root partition, then the EFI system partition that was created by the Asahi Linux installer specifically for NixOS: +``` +nixos# mount /dev/disk/by-label/nixos /mnt +nixos# mkdir -p /mnt/boot +nixos# mount /dev/disk/by-partuuid/`cat /proc/device-tree/chosen/asahi,efi-system-partition` /mnt/boot +``` + +Create a default configuration for the new system, then copy the Apple Silicon support module into it: +``` +nixos# nixos-generate-config --root /mnt +nixos# cp -r /etc/nixos/apple-silicon-support /mnt/etc/nixos/ +nixos# chmod -R +w /mnt/etc/nixos/ +``` + +Use Nano to edit the configuration of the new system to include the Apple Silicon support module. Be aware that other editors and most documentation has been left out of the bootstrap installer to save space and time. +``` +nixos# nano /mnt/etc/nixos/configuration.nix +``` + +Add the `./apple-silicon-support` directory to the imports list and switch off the `canTouchEfiVariables` option. That portion of the file should look like this: +``` + imports = + [ # Include the results of the hardware scan. + ./hardware-configuration.nix + # Include the necessary packages and configuration for Apple Silicon support. + ./apple-silicon-support + ]; + + # Use the systemd-boot EFI boot loader. + boot.loader.systemd-boot.enable = true; + boot.loader.efi.canTouchEfiVariables = false; +``` + +The configuration above is the minimum required to produce a bootable system, but you can further edit the file as desired to perform additional configuration. Uncomment the relevant options and change their values as explained in the file. Note that some advertised features may not work properly at this time. Refer to the [NixOS installation manual](https://nixos.org/manual/nixos/stable/index.html#ch-configuration) for further guidance. + +Various non-free non-redistributable peripheral firmware files are required to use system hardware like Wi-Fi. The Asahi Linux installer grabs these from macOS and stores them on the EFI system partition when it is created. The NixOS installer loads them from there while booting so that all hardware is available during installation. By default, the Apple Silicon support module will automatically reference the files in the EFI system partition and incorporate them into your configuration to be managed by the normal NixOS mechanisms. + +Currently, the only supported way to update the peripheral firmware files is to destroy and re-create the EFI system partition, so they will not change unexpectedly. If you do not want the impurity of referencing them (or are using flakes where this is prohibited), copy them off the EFI system partition (e.g. on the installation ISO `mkdir -p /mnt/etc/nixos/firmware && cp /mnt/boot/asahi/{all_firmware.tar.gz,kernelcache*} /mnt/etc/nixos/firmware`) and specify this path in your configuration: +``` + # Specify path to peripheral firmware files. + hardware.asahi.peripheralFirmwareDirectory = ./firmware; + # Or disable extraction and management of them completely. + # hardware.asahi.extractPeripheralFirmware = false; +``` + +If you want to install a desktop environment, you will have to uncomment the option to enable X11 and NetworkManager, then add an option to include your favorite desktop environment. You may also wish to include graphical packages such as `firefox` in `environment.systemPackages`. For example, to install Xfce: +``` + # Enable the X11 windowing system. + services.xserver.enable = true; + services.xserver.desktopManager.xfce.enable = true; +``` + +Some keyboard layouts are not detected correctly. On some devices, the \` key is swapped with `<`, and `~` with `>`. The layout can be fixed by setting options in `boot.extraModprobeConfig`. Which option needs to be set depends on your hardware keyboard's layout (see: [Arch Wiki - Apple Keyboard](https://wiki.archlinux.org/title/Apple_Keyboard)). + ``` + # For ` to < and ~ to > (for those with US keyboards) + boot.extraModprobeConfig = '' + options hid_apple iso_layout=0 + ''; + ``` + +`iwd` is recommended for WiFi on most systems: +``` +networking.wireless.iwd = { + enable = true; + settings.General.EnableNetworkConfiguration = true; +}; +``` + +#### NixOS Installation + +Once you are happy with your initial configuration, you may install the system. This will have to download a large amount of data. + +We use iwd instead of wpa_supplicant because the latter [does not support WPA3 on broadcom chips](https://www.reddit.com/r/AsahiLinux/comments/12igyoa/comment/jftvl3c) (which are installed on macs) and in general iwd is more modern, easy to use and maintained then wpa_supplicant.<br> +You can configure WiFi in the installer using `iwctl`: +``` +nixos# iwctl +NetworkConfigurationEnabled: enabled +StateDirectory: /var/lib/iwd +Version: 2.4 +[iwd]# station wlan0 connect <SSID> +Type the network passphrase for <SSID> psk. +Passphrase: <your passphrase> +[iwd]# station wlan0 show +[...] +[iwd] exit +``` + + +Once the network is set up, ensure the time is set correctly, then install the system. You will be asked to set a root password as the final step: +``` +nixos# systemctl restart systemd-timesyncd +nixos# nixos-install +[...] +setting root password... +New password: *** +Retype new password: *** +passwd: password updated successfully +installation finished! +``` + +If there are any errors, or you mess up entering the root password, you can edit the configuration and safely re-run the command. + +Once complete, reboot the system: +``` +nixos# reboot +``` + +When the system reboots, the bootloader will come up and boot the default configuration after a short delay. Once NixOS boots, log in with the root password, and create your account, or set your user account password if you created your account in the configuration. To learn more about NixOS's configuration system, read the section in the manual on [changing the configuration](https://nixos.org/manual/nixos/stable/index.html#sec-changing-config). + +#### Dual Booting + +The machine is now set up to boot NixOS by default when turned on. To access the boot picker, turn off the machine, then hold the power button to turn the machine on instead of just pressing it. Let go once the options come up. To boot a particular OS once, click on it, then click Continue underneath it. To switch the default OS, click on the desired default, hold Option (Alt), then click Always Use underneath it. + +#### Hypervisor Boot + +By selecting the appropriate menu option in the Asahi Linux installer, you can also choose to install m1n1 without U-Boot and run U-Boot, the bootloader, and the OS under m1n1's hypervisor. + +To run U-Boot under the hypervisor, start m1n1 and attach the Mac to the host PC using an appropriate USB cable, change directories to the repo, then run: + +``` +nixos-apple-silicon$ m1n1/bin/m1n1-run_guest --raw u-boot/m1n1-u-boot.bin +``` + +To access the serial console, in a separate terminal run: + +``` +$ nix-shell -p picocom --run 'picocom /dev/ttyACM1' +``` + +Downloading the kernel over USB using m1n1 is not supported. + +## Maintenance + +#### Rescue + +If something goes wrong and NixOS doesn't boot or is otherwise unusable, you can first try rolling back to a previous generation. Instead of selecting the default bootloader option, choose another configuration that worked previously. + +If something is seriously wrong and the bootloader does not work (or you don't have any other generations), you will want to get back into the installer. To start the installer with a system installed on the internal disk, shut down the computer, re-insert the USB drive with the installer, start it up again, hit a key in U-Boot when prompted to stop autoboot, then run the command `env set boot_efi_bootmgr ; run bootcmd_usb0`. + +Once in the installer, you can re-mount your root partition and EFI system partition without reformatting them. Depending on what exactly went wrong, you might need to edit your configuration, copy over the latest Apple Silicon support module, or update U-Boot using the latest installer. + +Rerunning the installer will create a new generation but not touch any user data. This means you can "undo" the installation by selecting a previous generation in the bootloader. To redo the installation without changing your root password or changing the version of Nixpkgs, run: +``` +# nixos-install --no-root-password --no-channel-copy +``` + +In extreme circumstances, you can delete the EFI system partition and stub macOS install and rerun the Asahi Linux installer, then follow the steps above to reinstall NixOS's bootloader menu. You will need to regenerate the hardware configuration using `nixos-generate-config --root /mnt` because the EFI system partition's ID will change. This shouldn't modify your root partition or other NixOS configuration, but of course it's always smart to have a backup. You might also wish to re-copy the peripheral firmware files. + +#### NixOS Updates + +NixOS itself can be updated like any other NixOS system. In brief, this is as follows: +``` +$ sudo nix-channel --update +$ sudo nixos-rebuild switch +``` + +You may have to reboot after updating in some cases. If something goes wrong, you can boot a previous generation and roll back the channel update. For more details, consult the [Upgrading section](https://nixos.org/manual/nixos/stable/index.html#sec-upgrading) of the NixOS manual. + +#### Apple Silicon Support Updates + +To update the Apple Silicon support module, including the Asahi kernel, U-Boot, and m1n1, you can simply download newer files from this repo under `apple-silicon-support` and place them under `/etc/nixos/apple-silicon-support`. Any changes will require a configuration rebuild and reboot to take effect. If you wish to customize your kernel, you can edit the kernel config in `/etc/nixos/apple-silicon-support/kernel/config`. Consult the comments in `/etc/nixos/apple-silicon-support/kernel/default.nix` and `/etc/nixos/apple-silicon-support/kernel/package.nix` for more details. Note that if the kernel device trees change, U-Boot will need to be updated too. + +U-Boot and m1n1 are automatically managed by NixOS' bootloader system. If you roll back to a previous generation and things do not work properly due to a device tree incompatibility, you can run `/run/current-system/bin/switch-to-configuration switch` then reboot to force the bootloader and the correct version of U-Boot/m1n1 to be reinstalled and loaded. + +If you want the Apple Silicon support module to be upgraded in tandem with NixOS instead of manually downloading new files, you can add it as a channel with the following command: +``` +$ sudo nix-channel --add https://github.com/tpwrules/nixos-apple-silicon/archive/main.tar.gz apple-silicon-support +``` + +Modify your `/etc/nixos/configuration.nix` to reference the channel instead of the local files: +``` + imports = + [ # Include the results of the hardware scan. + ./hardware-configuration.nix + # Include the necessary packages and configuration for Apple Silicon support. + <apple-silicon-support/apple-silicon-support> + ]; +``` + +You can now update NixOS as normal. Note that Apple Silicon support module updates will generally require reboots to load new kernels and other boot components: +``` +$ sudo nix-channel --update +$ sudo nixos-rebuild switch +$ sudo reboot +``` + +#### Recovering from Boot Failure with `idevicerestore` + +In extremely extreme circumstances (i.e. something messed up the firmware partition, recovery partition, or partition table), your Mac may fail to boot. On the Mac mini (and presumably Mac Studio), this state is identifiable by a flashing orange power light indicating the Morse code for SOS. On a Mac laptop, this state is identifiable by an illustration of an exclamation point in a circle on the screen with a link to Apple's website. + +To make the Mac bootable again, you can use [idevicerestore](https://github.com/libimobiledevice/idevicerestore) from another Mac or Linux x86_64 or aarch64 VM or computer that has an Internet connection. You will need a USB cable with at least one USB-C end. This procedure has been tested with Mac and Linux hosts restoring a Mac mini with macOS 12.4. + +Please note that this procedure may require you to unrecoverably destroy all data on the Mac's internal drive. If erasing is necessary, you will be clearly warned and asked to confirm before it happens. The drive will end up zeroed and its encryption keys (probably) regenerated, so not even the NSA will be able to save you. If you haven't made backups, make peace with yourself now. + +You'll need to build `idevicerestore` from source to get a version capable of restoring Apple Silicon Macs. If Nix is already installed on your second computer, an appropriate version is already packaged in recent `nixpkgs-unstable`. Check out and build both `idevicerestore` and `usbmuxd` (if on Linux): + +``` +# git clone https://github.com/NixOS/nixpkgs/ +# cd nixpkgs +# nix-build -A pkgs.idevicerestore -o idevicerestore +# nix-build -A pkgs.usbmuxd -o usbmuxd # if on Linux +``` + +To start the procedure, hook up the appropriate port on your unbootable Mac to the second computer and invoke DFU mode. This process is covered by Steps 1 and 2 of [Apple's documentation](https://support.apple.com/guide/apple-configurator-mac/revive-or-restore-a-mac-with-apple-silicon-apdd5f3c75ad/mac). We will first try what Apple calls a "revive" where the disk is not erased, although both we and `idevicerestore` still call it a "restore". + +If DFU mode was started correctly, the unbootable Mac will show up on your second computer as an `Apple, Inc. Mobile Device (DFU Mode)` in `lsusb` on Linux or System Information on macOS. If you see `Apple, Inc. Apple Mobile Device [Recovery Mode]` instead (or nothing), the procedure was not followed correctly and you need to try again. + +Open a terminal on your second computer and, if you are on Linux and didn't install the udev rules (which Nix did not), start `usbmuxd` in the background by running it without any arguments. Then, ask `idevicerestore` to restore the firmware by using the `--latest` flag. If you wish to erase the disk either because the revive didn't work or because you want to start with a clean slate, use the `--erase` flag also. + +``` +# sudo usbmuxd/bin/usbmuxd # Linux only +# sudo idevicerestore/bin/idevicerestore --latest +idevicerestore 1.0.0-unstable-2022-05-22 +Found device in DFU mode +Identified device as j274ap, Macmini9,1 +The following firmwares are currently being signed for Macmini9,1: +[...] +Select the firmware you want to restore: +``` + +Once `idevicerestore` detects the unbootable Mac, select the desired firmware (usually number `1`) and wait patiently while the firmware is downloaded; it's about 13GiB. If `idevicerestore` doesn't detect the unbootable Mac, make sure that your cables are hooked up correctly, that you used `sudo`, and that you are using a suitably recent version. + +The restore process will automatically start once the firmware is downloaded and verified. If `idevicerestore` fails with the message `ERROR: Device did not disconnect. Possibly invalid iBEC. Reset device and try again.`, the unbootable Mac is likely not in DFU mode, or there is something wrong with your system's udev related to hotplug events. Check that you followed Apple's procedure correctly and that the appropriate USB device is detected. + +After 30 or so seconds of messages and status updates, you should see the Apple logo on the unbootable Mac's screen with a progress bar and `idevicerestore` will tell you that it is `Waiting for device to enter restore mode...`. If the unbootable Mac resets after a couple minutes and you get the message `ERROR: Device failed to enter restore mode. Please make sure that usbmuxd is running.`, then `usbmuxd` is likely not running. Start it and try again. + +Once the restore process starts, the progress bar will start moving and `idevicerestore` will spam lots of information about the process. If it fails with `ERROR: Unable to restore device`, your only choice may be to restart the process, but this time pass the `--erase` flag to `idevicerestore` and destroy all data on the unbootable Mac's internal drive. + +Otherwise, wait patiently while the restore proceeds. Expect it to take 20 or 30 minutes. Eventually `idevicerestore` will say `DONE` and the formerly-unbootable Mac will reboot and start recovery mode (if erasing was not necessary) or the out-of-the-box wizard (if the disk was erased) and you can use it again. + +Finally, shut down `usbmuxd` if on Linux and you started it manually. To clean up your second computer, remove the downloaded firmware, the `idevicerestore` and `usbmuxd` GC roots, and run the Nix garbage collector: +``` +# sudo killall usbmuxd # if on Linux +# sudo rm -rf *.ipsw* UniversalMac* +# rm -f result* usbmuxd idevicerestore +# nix-collect-garbage +``` + +## Removal + +#### Host PC Cleanup + +To recover the space on the host PC, change directories into the repo, remove the built symlinks (removing just the installer will recover almost all the space), then run the garbage collector: + +``` +nixos-apple-silicon$ rm m1n1 u-boot installer result +nixos-apple-silicon$ nix-collect-garbage +``` + +#### NixOS Uninstallation + +NixOS can be completely uninstalled by deleting the stub partition, EFI system partition, and root partition off the disk. + +Boot back into macOS by shutting down the machine fully, then pressing and holding the power button until the boot picker comes up. Select the macOS installation, then click Continue to boot it. Log into an administrator account and open Terminal.app. + +Identify the partitions to remove. In this example, `disk0s3` is the stub because of its small size. `disk0s4` is the EFI system partition and `disk0s5` is the root partition: +``` +% diskutil list disk0 +/dev/disk0 (internal): + #: TYPE NAME SIZE IDENTIFIER + 0: GUID_partition_scheme 1.0 TB disk0 + 1: Apple_APFS_ISC 524.3 MB disk0s1 + 2: Apple_APFS Container disk4 900.0 GB disk0s2 + 3: Apple_APFS Container disk3 2.5 GB disk0s3 + 4: EFI EFI - NIXOS 512.8 MB disk0s4 + 5: Linux Filesystem 91.6 GB disk0s5 + 6: Apple_APFS_Recovery 5.4 GB disk0s6 +``` + +WARNING: Unlike Linux, on macOS each partition's identifier does not necessarily equal its partition index. Double check the identifiers of your own system! + +Remove the EFI system partition and root partition: +``` +% diskutil eraseVolume free free disk0s4 +Started erase on disk0s4 (EFI - NIXOS) +Unmounting disk +Finished erase on disk0 +% diskutil eraseVolume free free disk0s5 +Started erase on disk0s5 +Unmounting disk +Finished erase on disk0 +``` + +Remove the stub partition: +``` +% diskutil apfs deleteContainer disk0s3 +Started APFS operation on disk3 +Deleting APFS Container with all of its APFS Volumes +[...] +Removing disk0s3 from partition map +``` + +Expand the main macOS partition to use the resulting free space. This command will take a few minutes to run; do not attempt to use the machine while it is in progress: +``` +% diskutil apfs resizeContainer disk0s2 0 +Started APFS operation +Aligning grow delta to 94,662,586,368 bytes and targeting a new physical store size of 994,662,584,320 bytes +[...] +Finished APFS operation +``` + +To complete the uninstallation, open the Startup Disk pane of System Preferences and select your macOS installation as the startup disk. If this is not done, the next boot will fail, and you will be asked to select another OS to boot from. diff --git a/modules/nixos-apple-silicon/flake.lock b/modules/nixos-apple-silicon/flake.lock new file mode 100644 index 000000000000..b65ab5cac056 --- /dev/null +++ b/modules/nixos-apple-silicon/flake.lock @@ -0,0 +1,60 @@ +{ + "nodes": { + "flake-compat": { + "locked": { + "lastModified": 1688025799, + "narHash": "sha256-ktpB4dRtnksm9F5WawoIkEneh1nrEvuxb5lJFt1iOyw=", + "owner": "nix-community", + "repo": "flake-compat", + "rev": "8bf105319d44f6b9f0d764efa4fdef9f1cc9ba1c", + "type": "github" + }, + "original": { + "owner": "nix-community", + "repo": "flake-compat", + "type": "github" + } + }, + "nixpkgs": { + "locked": { + "lastModified": 1709961763, + "narHash": "sha256-6H95HGJHhEZtyYA3rIQpvamMKAGoa8Yh2rFV29QnuGw=", + "owner": "nixos", + "repo": "nixpkgs", + "rev": "3030f185ba6a4bf4f18b87f345f104e6a6961f34", + "type": "github" + }, + "original": { + "owner": "nixos", + "repo": "nixpkgs", + "rev": "3030f185ba6a4bf4f18b87f345f104e6a6961f34", + "type": "github" + } + }, + "root": { + "inputs": { + "flake-compat": "flake-compat", + "nixpkgs": "nixpkgs", + "rust-overlay": "rust-overlay" + } + }, + "rust-overlay": { + "flake": false, + "locked": { + "lastModified": 1686795910, + "narHash": "sha256-jDa40qRZ0GRQtP9EMZdf+uCbvzuLnJglTUI2JoHfWDc=", + "owner": "oxalica", + "repo": "rust-overlay", + "rev": "5c2b97c0a9bc5217fc3dfb1555aae0fb756d99f9", + "type": "github" + }, + "original": { + "owner": "oxalica", + "repo": "rust-overlay", + "type": "github" + } + } + }, + "root": "root", + "version": 7 +} diff --git a/modules/nixos-apple-silicon/flake.nix b/modules/nixos-apple-silicon/flake.nix new file mode 100644 index 000000000000..55cda17aa8bd --- /dev/null +++ b/modules/nixos-apple-silicon/flake.nix @@ -0,0 +1,81 @@ +{ + description = "Apple Silicon support for NixOS"; + + inputs = { + nixpkgs = { + # https://hydra.nixos.org/jobset/mobile-nixos/unstable/evals + # these evals have a cross-compiled stdenv available + url = "github:nixos/nixpkgs/3030f185ba6a4bf4f18b87f345f104e6a6961f34"; + }; + + rust-overlay = { + url = "github:oxalica/rust-overlay"; + flake = false; + }; + + flake-compat.url = "github:nix-community/flake-compat"; + }; + + outputs = { self, ... }@inputs: + let + # build platforms supported for uboot in nixpkgs + systems = [ "aarch64-linux" "x86_64-linux" ]; # "i686-linux" omitted + + forAllSystems = inputs.nixpkgs.lib.genAttrs systems; + in + { + overlays = rec { + apple-silicon-overlay = import ./apple-silicon-support/packages/overlay.nix; + default = apple-silicon-overlay; + }; + + nixosModules = rec { + apple-silicon-support = ./apple-silicon-support; + default = apple-silicon-support; + }; + + packages = forAllSystems (system: + let + pkgs = import inputs.nixpkgs { + crossSystem.system = "aarch64-linux"; + localSystem.system = system; + overlays = [ + (import inputs.rust-overlay) + self.overlays.default + ]; + }; + in { + inherit (pkgs) m1n1 uboot-asahi linux-asahi asahi-fwextract mesa-asahi-edge; + inherit (pkgs) speakersafetyd bankstown-lv2 asahi-audio; + + installer-bootstrap = + let + installer-system = inputs.nixpkgs.lib.nixosSystem { + inherit system; + + # make sure this matches the post-install + # `hardware.asahi.pkgsSystem` + pkgs = import inputs.nixpkgs { + crossSystem.system = "aarch64-linux"; + localSystem.system = system; + overlays = [ self.overlays.default ]; + }; + + specialArgs = { + modulesPath = inputs.nixpkgs + "/nixos/modules"; + }; + + modules = [ + ./iso-configuration + { hardware.asahi.pkgsSystem = system; } + ]; + }; + + config = installer-system.config; + in (config.system.build.isoImage.overrideAttrs (old: { + # add ability to access the whole config from the command line + passthru = (old.passthru or {}) // { inherit config; }; + })); + }); + }; +} diff --git a/modules/nixos-apple-silicon/iso-configuration/default.nix b/modules/nixos-apple-silicon/iso-configuration/default.nix new file mode 100644 index 000000000000..b5700cbf3c66 --- /dev/null +++ b/modules/nixos-apple-silicon/iso-configuration/default.nix @@ -0,0 +1,25 @@ +# configuration that is specific to the ISO +{ config, pkgs, lib, ... }: +{ + imports = [ + ./installer-configuration.nix + ../apple-silicon-support + ]; + + # include those modules so the user can rebuild the install iso. that's not + # especially useful at this point, but the user will need the apple-silicon-support + # directory for their own config. + installer.cloneConfigIncludes = [ + "./installer-configuration.nix" + "./apple-silicon-support" + ]; + + # copy the apple-silicon-support and installer configs into the iso + boot.postBootCommands = lib.optionalString config.installer.cloneConfig '' + if ! [ -e /etc/nixos/apple-silicon-support ]; then + mkdir -p /etc/nixos + cp ${./installer-configuration.nix} /etc/nixos/installer-configuration.nix + cp -r ${../apple-silicon-support} /etc/nixos/apple-silicon-support + fi + ''; +} diff --git a/modules/nixos-apple-silicon/iso-configuration/installer-configuration.nix b/modules/nixos-apple-silicon/iso-configuration/installer-configuration.nix new file mode 100644 index 000000000000..7cd6c59a8d57 --- /dev/null +++ b/modules/nixos-apple-silicon/iso-configuration/installer-configuration.nix @@ -0,0 +1,132 @@ +# this configuration is intended to have just enough stuff to get the disk, +# display, USB input, and network up so the user can build a real config. +# in the future we will just use the standard NixOS iso + +# based vaguely on +# https://github.com/samueldr/cross-system/blob/master/configuration.nix + +{ config, pkgs, lib, modulesPath, ... }: + +{ + imports = [ + (modulesPath + "/profiles/minimal.nix") + (modulesPath + "/profiles/installation-device.nix") + (modulesPath + "/installer/cd-dvd/iso-image.nix") + ]; + + # Adds terminus_font for people with HiDPI displays + console.packages = [ pkgs.terminus_font ]; + + # ISO naming. + isoImage.isoName = "${config.isoImage.isoBaseName}-${config.system.nixos.label}-${pkgs.stdenv.hostPlatform.system}.iso"; + + # EFI booting + isoImage.makeEfiBootable = true; + + # An installation media cannot tolerate a host config defined file + # system layout on a fresh machine, before it has been formatted. + swapDevices = lib.mkOverride 60 [ ]; + fileSystems = lib.mkOverride 60 config.lib.isoFileSystems; + + boot.postBootCommands = let + inherit (config.hardware.asahi.pkgs) asahi-fwextract; + in '' + for o in $(</proc/cmdline); do + case "$o" in + live.nixos.passwd=*) + set -- $(IFS==; echo $o) + echo "nixos:$2" | ${pkgs.shadow}/bin/chpasswd + ;; + esac + done + + echo Extracting Asahi firmware... + mkdir -p /tmp/.fwsetup/{esp,extracted} + + mount /dev/disk/by-partuuid/`cat /proc/device-tree/chosen/asahi,efi-system-partition` /tmp/.fwsetup/esp + ${asahi-fwextract}/bin/asahi-fwextract /tmp/.fwsetup/esp/asahi /tmp/.fwsetup/extracted + umount /tmp/.fwsetup/esp + + pushd /tmp/.fwsetup/ + cat /tmp/.fwsetup/extracted/firmware.cpio | ${pkgs.cpio}/bin/cpio -id --quiet --no-absolute-filenames + mkdir -p /lib/firmware + mv vendorfw/* /lib/firmware + popd + rm -rf /tmp/.fwsetup + ''; + + # can't legally be incorporated into the installer image + # (and is automatically extracted at boot above) + hardware.asahi.extractPeripheralFirmware = false; + + isoImage.squashfsCompression = "zstd -Xcompression-level 6"; + + environment.systemPackages = with pkgs; [ + gptfdisk + parted + cryptsetup + curl + wget + wormhole-william + ]; + + # save space and compilation time. might revise? + hardware.enableAllFirmware = lib.mkForce false; + hardware.enableRedistributableFirmware = lib.mkForce false; + sound.enable = false; + # avoid including non-reproducible dbus docs + documentation.doc.enable = false; + documentation.info.enable = lib.mkForce false; + documentation.nixos.enable = lib.mkOverride 49 false; + system.extraDependencies = lib.mkForce [ ]; + + # Disable wpa_supplicant because it can't use WPA3-SAE on broadcom chips that are used on macs and it is harder to use and less mainained than iwd in general + networking.wireless.enable = false; + # Enable iwd + networking.wireless.iwd = { + enable = true; + settings.General.EnableNetworkConfiguration = true; + }; + + + nixpkgs.overlays = [ + (final: prev: { + # disabling pcsclite avoids the need to cross-compile gobject + # introspection stuff which works now but is slow and unnecessary + libfido2 = prev.libfido2.override { + withPcsclite = false; + }; + openssh = prev.openssh.overrideAttrs (old: { + # we have to cross compile openssh ourselves for whatever reason + # but the tests take quite a long time to run + doCheck = false; + }); + + # avoids having to compile a bunch of big things (like texlive) to + # compute translations + util-linux = prev.util-linux.override { + translateManpages = false; + }; + }) + ]; + + # avoids the need to cross-compile gobject introspection stuff which works + # now but is slow and unnecessary + security.polkit.enable = lib.mkForce false; + + # bootspec generation is currently broken under cross-compilation + boot.bootspec.enable = false; + + # get rid of warning about non-ideal mdam config file + # (we want to keep it enabled in case someone needs to use it) + boot.swraid.mdadmConf = '' + PROGRAM ${pkgs.coreutils}/bin/true + ''; + + # avoid error that flakes must be enabled when nixos-install uses <nixpkgs> + nixpkgs.flake.setNixPath = false; + nixpkgs.flake.setFlakeRegistry = false; + + # get rid of warning that stateVersion is unset + system.stateVersion = lib.mkDefault lib.trivial.release; +} diff --git a/modules/nixos-hardware/.github/dependabot.yml b/modules/nixos-hardware/.github/dependabot.yml new file mode 100644 index 000000000000..5ace4600a1f2 --- /dev/null +++ b/modules/nixos-hardware/.github/dependabot.yml @@ -0,0 +1,6 @@ +version: 2 +updates: + - package-ecosystem: "github-actions" + directory: "/" + schedule: + interval: "weekly" diff --git a/modules/nixos-hardware/.github/workflows/test.yml b/modules/nixos-hardware/.github/workflows/test.yml new file mode 100644 index 000000000000..82c79e720c8d --- /dev/null +++ b/modules/nixos-hardware/.github/workflows/test.yml @@ -0,0 +1,15 @@ +name: "Test" +on: + pull_request: + push: +jobs: + tests: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v2 + - uses: cachix/install-nix-action@v12 + with: + nix_path: nixpkgs=channel:nixos-unstable + - name: Show nixpkgs version + run: nix-instantiate --eval -E '(import <nixpkgs> {}).lib.version' + - run: ./tests/run.py diff --git a/modules/nixos-hardware/.gitignore b/modules/nixos-hardware/.gitignore new file mode 100644 index 000000000000..2151b35ff51e --- /dev/null +++ b/modules/nixos-hardware/.gitignore @@ -0,0 +1,9 @@ +*~ +,* +.*.swp +.*.swo +result +result-* +.version-suffix + +.DS_Store diff --git a/modules/nixos-hardware/CODEOWNERS b/modules/nixos-hardware/CODEOWNERS new file mode 100644 index 000000000000..4f2bb2cc6463 --- /dev/null +++ b/modules/nixos-hardware/CODEOWNERS @@ -0,0 +1,7 @@ +beagleboard/pocketbeagle @yegortimoshenko +dell/xps/13-9370 @moredread +dell/xps/13-9380 @kalbasit +lenovo/thinkpad/x230 @makefu @yegortimoshenko +lenovo/thinkpad/x250 @Mic92 +pcengines/apu @yegortimoshenko +purism/librem/13v3 @yegortimoshenko diff --git a/modules/nixos-hardware/CONTRIBUTING.md b/modules/nixos-hardware/CONTRIBUTING.md new file mode 100644 index 000000000000..ea468923ae10 --- /dev/null +++ b/modules/nixos-hardware/CONTRIBUTING.md @@ -0,0 +1,31 @@ +# Writing profiles + +When setting an option, use `lib.mkDefault` unless: +- The option *must* be set and the user should get an error if they try to override it. +- The setting should merge with the user's settings (typical for list or set options). + +For example: + +```nix +{ lib }: { + # Using mkDefault, because the user might want to disable tlp + services.tlp.enable = lib.mkDefault true; + # No need to use mkDefault, because the setting will merge with the user's setting + boot.kernelModules = [ "tmp_smapi" ]; +} +``` + +Try to avoid "opinionated" settings relating to optional features like sound, bluetooth, choice of bootloader etc. + +Where possible, use module imports to share code between similar hardware variants. + +# Performance + +Profiles should favor usability and stability, so performance improvements should either be conservative or +be guarded behind additional NixOS module options. + +If it makes sense to have a performance-focussed config, it can be declared in a separate profile. + +# Testing + +Because profiles can only be tested with the appropriate hardware, quality assurance is up to *you*. diff --git a/modules/nixos-hardware/COPYING b/modules/nixos-hardware/COPYING new file mode 100644 index 000000000000..47c6e27d1700 --- /dev/null +++ b/modules/nixos-hardware/COPYING @@ -0,0 +1,111 @@ +Statement of Purpose + +The laws of most jurisdictions throughout the world automatically confer +exclusive Copyright and Related Rights (defined below) upon the creator and +subsequent owner(s) (each and all, an "owner") of an original work of +authorship and/or a database (each, a "Work"). + +Certain owners wish to permanently relinquish those rights to a Work for the +purpose of contributing to a commons of creative, cultural and scientific +works ("Commons") that the public can reliably and without fear of later +claims of infringement build upon, modify, incorporate in other works, reuse +and redistribute as freely as possible in any form whatsoever and for any +purposes, including without limitation commercial purposes. These owners may +contribute to the Commons to promote the ideal of a free culture and the +further production of creative, cultural and scientific works, or to gain +reputation or greater distribution for their Work in part through the use and +efforts of others. + +For these and/or other purposes and motivations, and without any expectation +of additional consideration or compensation, the person associating CC0 with a +Work (the "Affirmer"), to the extent that he or she is an owner of Copyright +and Related Rights in the Work, voluntarily elects to apply CC0 to the Work +and publicly distribute the Work under its terms, with knowledge of his or her +Copyright and Related Rights in the Work and the meaning and intended legal +effect of CC0 on those rights. + +1. Copyright and Related Rights. A Work made available under CC0 may be +protected by copyright and related or neighboring rights ("Copyright and +Related Rights"). Copyright and Related Rights include, but are not limited +to, the following: + + i. the right to reproduce, adapt, distribute, perform, display, communicate, + and translate a Work; + + ii. moral rights retained by the original author(s) and/or performer(s); + + iii. publicity and privacy rights pertaining to a person's image or likeness + depicted in a Work; + + iv. rights protecting against unfair competition in regards to a Work, + subject to the limitations in paragraph 4(a), below; + + v. rights protecting the extraction, dissemination, use and reuse of data in + a Work; + + vi. database rights (such as those arising under Directive 96/9/EC of the + European Parliament and of the Council of 11 March 1996 on the legal + protection of databases, and under any national implementation thereof, + including any amended or successor version of such directive); and + + vii. other similar, equivalent or corresponding rights throughout the world + based on applicable law or treaty, and any national implementations thereof. + +2. Waiver. To the greatest extent permitted by, but not in contravention of, +applicable law, Affirmer hereby overtly, fully, permanently, irrevocably and +unconditionally waives, abandons, and surrenders all of Affirmer's Copyright +and Related Rights and associated claims and causes of action, whether now +known or unknown (including existing as well as future claims and causes of +action), in the Work (i) in all territories worldwide, (ii) for the maximum +duration provided by applicable law or treaty (including future time +extensions), (iii) in any current or future medium and for any number of +copies, and (iv) for any purpose whatsoever, including without limitation +commercial, advertising or promotional purposes (the "Waiver"). Affirmer makes +the Waiver for the benefit of each member of the public at large and to the +detriment of Affirmer's heirs and successors, fully intending that such Waiver +shall not be subject to revocation, rescission, cancellation, termination, or +any other legal or equitable action to disrupt the quiet enjoyment of the Work +by the public as contemplated by Affirmer's express Statement of Purpose. + +3. Public License Fallback. Should any part of the Waiver for any reason be +judged legally invalid or ineffective under applicable law, then the Waiver +shall be preserved to the maximum extent permitted taking into account +Affirmer's express Statement of Purpose. In addition, to the extent the Waiver +is so judged Affirmer hereby grants to each affected person a royalty-free, +non transferable, non sublicensable, non exclusive, irrevocable and +unconditional license to exercise Affirmer's Copyright and Related Rights in +the Work (i) in all territories worldwide, (ii) for the maximum duration +provided by applicable law or treaty (including future time extensions), (iii) +in any current or future medium and for any number of copies, and (iv) for any +purpose whatsoever, including without limitation commercial, advertising or +promotional purposes (the "License"). The License shall be deemed effective as +of the date CC0 was applied by Affirmer to the Work. Should any part of the +License for any reason be judged legally invalid or ineffective under +applicable law, such partial invalidity or ineffectiveness shall not +invalidate the remainder of the License, and in such case Affirmer hereby +affirms that he or she will not (i) exercise any of his or her remaining +Copyright and Related Rights in the Work or (ii) assert any associated claims +and causes of action with respect to the Work, in either case contrary to +Affirmer's express Statement of Purpose. + +4. Limitations and Disclaimers. + + a. No trademark or patent rights held by Affirmer are waived, abandoned, + surrendered, licensed or otherwise affected by this document. + + b. Affirmer offers the Work as-is and makes no representations or warranties + of any kind concerning the Work, express, implied, statutory or otherwise, + including without limitation warranties of title, merchantability, fitness + for a particular purpose, non infringement, or the absence of latent or + other defects, accuracy, or the present or absence of errors, whether or not + discoverable, all to the greatest extent permissible under applicable law. + + c. Affirmer disclaims responsibility for clearing rights of other persons + that may apply to the Work or any use thereof, including without limitation + any person's Copyright and Related Rights in the Work. Further, Affirmer + disclaims responsibility for obtaining any necessary consents, permissions + or other rights required for any use of the Work. + + d. Affirmer understands and acknowledges that Creative Commons is not a + party to this document and has no duty or obligation with respect to this + CC0 or use of the Work. diff --git a/modules/nixos-hardware/README.md b/modules/nixos-hardware/README.md new file mode 100644 index 000000000000..12a25e05d1da --- /dev/null +++ b/modules/nixos-hardware/README.md @@ -0,0 +1,175 @@ +NixOS profiles to optimize settings for different hardware. + +## Setup + +### Using channels + +Add and update `nixos-hardware` channel: + +``` +$ sudo nix-channel --add https://github.com/NixOS/nixos-hardware/archive/master.tar.gz nixos-hardware +$ sudo nix-channel --update +``` + +Then import an appropriate profile path from the table below. For example, to +enable ThinkPad X220 profile, your `imports` in `/etc/nixos/configuration.nix` +should look like: + +``` +imports = [ + <nixos-hardware/lenovo/thinkpad/x220> + ./hardware-configuration.nix +]; +``` + +New updates to the expressions here will be fetched when you update the channel. + +## Using nix flakes support + +There is also experimental flake support. In your `/etc/nixos/flake.nix` add the following: + +```nix +{ + description = "NixOS configuration with flakes"; + inputs.nixos-hardware.url = github:NixOS/nixos-hardware/master; + + outputs = { self, nixpkgs, nixos-hardware }: { + # replace <your-hostname> with your actual hostname + nixosConfigurations.<your-hostname> = nixpkgs.lib.nixosSystem { + # ... + modules = [ + # ... + # add your model from this list: https://github.com/NixOS/nixos-hardware/blob/master/flake.nix + nixos-hardware.nixosModules.dell-xps-13-9380 + ]; + }; + }; +} +``` + + +### Using fetchGit + +You can fetch the git repository directly: + +```nix +imports = [ + "${builtins.fetchGit { url = "https://github.com/NixOS/nixos-hardware.git"; }}/lenovo/thinkpad/x220" +]; +``` + +Unlike the channel, this will update the git repository on a rebuild. However, +you can easily pin to a particular revision if you desire more stability. + +## List of Profiles + +See code for all available configurations. + +| Model | Path | +| --------------------------------- | -------------------------------------------------- | +| [Acer Aspire 4810T][] | `<nixos-hardware/acer/aspire/4810t>` | +| Airis N990 | `<nixos-hardware/airis/n990>` | +| Apple MacBook Air 3,X | `<nixos-hardware/apple/macbook-air/3>` | +| Apple MacBook Air 4,X | `<nixos-hardware/apple/macbook-air/4>` | +| Apple MacBook Air 6,X | `<nixos-hardware/apple/macbook-air/6>` | +| [Apple MacBook Pro 10,1][] | `<nixos-hardware/apple/macbook-pro/10-1>` | +| Apple MacBook Pro 12,1 | `<nixos-hardware/apple/macbook-pro/12-1>` | +| Asus TUF FX504GD | `<nixos-hardware/asus/fx504gd>` | +| BeagleBoard PocketBeagle | `<nixos-hardware/beagleboard/pocketbeagle>` | +| [Dell G3 3779][] | `<nixos-hardware/dell/g3/3779>` | +| Dell Latitude 3480 | `<nixos-hardware/dell/latitude/3480>` | +| Dell Precision 5530 | `<nixos-hardware/dell/precision/5530>` | +| [Dell XPS E7240][] | `<nixos-hardware/dell/e7240>` | +| [Dell XPS 13 7390][] | `<nixos-hardware/dell/xps/13-7390>` | +| [Dell XPS 13 9343][] | `<nixos-hardware/dell/xps/13-9343>` | +| [Dell XPS 13 9360][] | `<nixos-hardware/dell/xps/13-9360>` | +| [Dell XPS 13 9370][] | `<nixos-hardware/dell/xps/13-9370>` | +| [Dell XPS 13 9380][] | `<nixos-hardware/dell/xps/13-9380>` | +| [Dell XPS 15 7590][] | `<nixos-hardware/dell/xps/15-7590>` | +| [Dell XPS 15 9550][] | `<nixos-hardware/dell/xps/15-9550>` | +| [Dell XPS 15 9550, nvidia][] | `<nixos-hardware/dell/xps/15-9550/nvidia>` | +| [Dell XPS 15 9560][] | `<nixos-hardware/dell/xps/15-9560>` | +| [Dell XPS 15 9560, intel only][] | `<nixos-hardware/dell/xps/15-9560/intel>` | +| [Dell XPS 15 9560, nvidia only][] | `<nixos-hardware/dell/xps/15-9560/nvidia>` | +| [Dell XPS 15 9500][] | `<nixos-hardware/dell/xps/15-9500>` | +| [Dell XPS 15 9500, nvidia][] | `<nixos-hardware/dell/xps/15-9500/nvidia>` | +| [Google Pixelbook][] | `<nixos-hardware/google/pixelbook>` | +| [Inverse Path USB armory][] | `<nixos-hardware/inversepath/usbarmory>` | +| Lenovo IdeaPad Z510 | `<nixos-hardware/lenovo/ideapad/z510>` | +| Lenovo ThinkPad E470 | `<nixos-hardware/lenovo/thinkpad/e470>` | +| Lenovo ThinkPad E495 | `<nixos-hardware/lenovo/thinkpad/e495>` | +| Lenovo ThinkPad L13 | `<nixos-hardware/lenovo/thinkpad/l13>` | +| Lenovo ThinkPad L14 (Intel) | `<nixos-hardware/lenovo/thinkpad/l14/intel> | +| Lenovo ThinkPad L14 (AMD) | `<nixos-hardware/lenovo/thinkpad/l14/amd> | +| Lenovo ThinkPad P53 | `<nixos-hardware/lenovo/thinkpad/p53>` | +| Lenovo ThinkPad T14 | `<nixos-hardware/lenovo/thinkpad/t14>` | +| Lenovo ThinkPad T14 AMD Gen 1 | `<nixos-hardware/lenovo/thinkpad/t14/amd/gen1>` | +| Lenovo ThinkPad T14s | `<nixos-hardware/lenovo/thinkpad/t14s>` | +| Lenovo ThinkPad T14s AMD Gen 1 | `<nixos-hardware/lenovo/thinkpad/t14s/amd/gen1>` | +| Lenovo ThinkPad T410 | `<nixos-hardware/lenovo/thinkpad/t410>` | +| Lenovo ThinkPad T420 | `<nixos-hardware/lenovo/thinkpad/t420>` | +| Lenovo ThinkPad T430 | `<nixos-hardware/lenovo/thinkpad/t430>` | +| Lenovo ThinkPad T440s | `<nixos-hardware/lenovo/thinkpad/t440s>` | +| Lenovo ThinkPad T440p | `<nixos-hardware/lenovo/thinkpad/t440p>` | +| Lenovo ThinkPad T450s | `<nixos-hardware/lenovo/thinkpad/t450s>` | +| Lenovo ThinkPad T460s | `<nixos-hardware/lenovo/thinkpad/t460s>` | +| Lenovo ThinkPad T470s | `<nixos-hardware/lenovo/thinkpad/t470s>` | +| Lenovo ThinkPad T480s | `<nixos-hardware/lenovo/thinkpad/t480s>` | +| Lenovo ThinkPad T490 | `<nixos-hardware/lenovo/thinkpad/t490>` | +| Lenovo ThinkPad T495 | `<nixos-hardware/lenovo/thinkpad/t495>` | +| Lenovo ThinkPad X113 Yoga | `<nixos-hardware/lenovo/thinkpad/x13-yoga>` | +| Lenovo ThinkPad X140e | `<nixos-hardware/lenovo/thinkpad/x140e>` | +| Lenovo ThinkPad X220 | `<nixos-hardware/lenovo/thinkpad/x220>` | +| Lenovo ThinkPad X230 | `<nixos-hardware/lenovo/thinkpad/x230>` | +| Lenovo ThinkPad X250 | `<nixos-hardware/lenovo/thinkpad/x250>` | +| [Lenovo ThinkPad X260][] | `<nixos-hardware/lenovo/thinkpad/x260>` | +| Lenovo ThinkPad X270 | `<nixos-hardware/lenovo/thinkpad/x270>` | +| Lenovo ThinkPad X280 | `<nixos-hardware/lenovo/thinkpad/x280>` | +| [Lenovo ThinkPad X1 (6th Gen)][] | `<nixos-hardware/lenovo/thinkpad/x1/6th-gen>` | +| [Lenovo ThinkPad X1 (7th Gen)][] | `<nixos-hardware/lenovo/thinkpad/x1/7th-gen>` | +| Lenovo ThinkPad X1 Extreme Gen 2 | `<nixos-hardware/lenovo/thinkpad/x1-extreme/gen2>` | +| [Microsoft Surface Pro 3][] | `<nixos-hardware/microsoft/surface-pro/3>` | +| PC Engines APU | `<nixos-hardware/pcengines/apu>` | +| [Raspberry Pi 2][] | `<nixos-hardware/raspberry-pi/2>` | +| [Samsung Series 9 NP900X3C][] | `<nixos-hardware/samsung/np900x3c>` | +| [Purism Librem 13v3][] | `<nixos-hardware/purism/librem/13v3>` | +| [Purism Librem 15v3][] | `<nixos-hardware/purism/librem/15v3>` | +| Supermicro A1SRi-2758F | `<nixos-hardware/supermicro/a1sri-2758f>` | +| Supermicro X10SLL-F | `<nixos-hardware/supermicro/x10sll-f>` | +| [Toshiba Chromebook 2 `swanky`][] | `<nixos-hardware/toshiba/swanky>` | +| [Tuxedo InfinityBook v4][] | `<nixos-hardware/tuxedo/infinitybook/v4>` | + +[Acer Aspire 4810T]: acer/aspire/4810t +[Asus TUF FX504GD]: asus/fx504gd +[Apple MacBook Pro 10,1]: apple/macbook-pro/10-1 +[Dell G3 3779]: dell/g3/3779 +[Dell XPS E7240]: dell/e7240 +[Dell XPS 13 7390]: dell/xps/13-7390 +[Dell XPS 13 9343]: dell/xps/13-9343 +[Dell XPS 13 9360]: dell/xps/13-9360 +[Dell XPS 13 9370]: dell/xps/13-9370 +[Dell XPS 13 9380]: dell/xps/13-9380 +[Dell XPS 15 7590]: dell/xps/15-7590 +[Dell XPS 15 9550]: dell/xps/15-9550 +[Dell XPS 15 9560]: dell/xps/15-9560 +[Dell XPS 15 9560, intel only]: dell/xps/15-9560/intel +[Dell XPS 15 9560, nvidia only]: dell/xps/15-9560/nvidia +[Google Pixelbook]: google/pixelbook +[Inverse Path USB armory]: inversepath/usbarmory +[Lenovo ThinkPad X1 (6th Gen)]: lenovo/thinkpad/x1/6th-gen +[Lenovo ThinkPad X1 (7th Gen)]: lenovo/thinkpad/x1/7th-gen +[Lenovo ThinkPad X13 Yoga]: lenovo/thinkpad/x13-yoga +[Lenovo ThinkPad X260]: lenovo/thinkpad/x260 +[Microsoft Surface Pro 3]: microsoft/surface-pro/3 +[Raspberry Pi 2]: raspberry-pi/2 +[Samsung Series 9 NP900X3C]: samsung/np900x3c +[Purism Librem 13v3]: purism/librem/13v3 +[Purism Librem 15v5]: purism/librem/15v5 +[Toshiba Chromebook 2 `swanky`]: toshiba/swanky +[Tuxedo InfinityBook v4]: nixos-hardware/tuxedo/infinitybook/v4 + +## How to contribute a new device profile + +1. Add your device profile expression in the appropriate directory +2. Link it in the table in README.md and in flake.nix +3. Run ./tests/run.py to test it. The test script script will parse all the profiles from the README.md diff --git a/modules/nixos-hardware/acer/aspire/4810t/README.wiki b/modules/nixos-hardware/acer/aspire/4810t/README.wiki new file mode 100644 index 000000000000..0b045b6e4da8 --- /dev/null +++ b/modules/nixos-hardware/acer/aspire/4810t/README.wiki @@ -0,0 +1,110 @@ += Overview = +* CPU: Intel Core 2 Solo U3500 @ 1.40GHz (speeds: 0.8, 1.2 and 1.4GHz), 3MB L2 +* Screen: 1366x768 LED + += BIOS versions = +* 1.10 - average ACPI temperature around 34°C, good GL playing +* 1.20 - average ACPI temperature around 39°C, good GL playing +* 1.31 - big slowdown in X windows from time to time, GL games with annoying slowdowns regularly + +The most recent BIOS updates (1.20 onwards) come with a DOS flasher; older come only with a windows flasher. I used a [http://www.pcengines.ch/freedos.htm freedos image] stored in a USB flash memory to boot freedos and flash the BIOS. + += Drivers = +All provided in linux 2.6.32 kernels. + +Linux 2.6.29 has problems at least with the wire ethernet card (Attansic Technology Corp. Device 1063). Loading and unloading the ethernet card driver module (atl1c) helps getting a working link, although it will change from eth0 to eth1, eth2, or another interface name. + +== lspci == + 00:00.0 Host bridge: Intel Corporation Mobile 4 Series Chipset Memory Controller Hub (rev 07) + 00:02.0 VGA compatible controller: Intel Corporation Mobile 4 Series Chipset Integrated Graphics Controller (rev 07) + 00:02.1 Display controller: Intel Corporation Mobile 4 Series Chipset Integrated Graphics Controller (rev 07) + 00:1a.0 USB Controller: Intel Corporation 82801I (ICH9 Family) USB UHCI Controller #4 (rev 03) + 00:1a.1 USB Controller: Intel Corporation 82801I (ICH9 Family) USB UHCI Controller #5 (rev 03) + 00:1a.7 USB Controller: Intel Corporation 82801I (ICH9 Family) USB2 EHCI Controller #2 (rev 03) + 00:1b.0 Audio device: Intel Corporation 82801I (ICH9 Family) HD Audio Controller (rev 03) + 00:1c.0 PCI bridge: Intel Corporation 82801I (ICH9 Family) PCI Express Port 1 (rev 03) + 00:1c.1 PCI bridge: Intel Corporation 82801I (ICH9 Family) PCI Express Port 2 (rev 03) + 00:1d.0 USB Controller: Intel Corporation 82801I (ICH9 Family) USB UHCI Controller #1 (rev 03) + 00:1d.1 USB Controller: Intel Corporation 82801I (ICH9 Family) USB UHCI Controller #2 (rev 03) + 00:1d.2 USB Controller: Intel Corporation 82801I (ICH9 Family) USB UHCI Controller #3 (rev 03) + 00:1d.3 USB Controller: Intel Corporation 82801I (ICH9 Family) USB UHCI Controller #6 (rev 03) + 00:1d.7 USB Controller: Intel Corporation 82801I (ICH9 Family) USB2 EHCI Controller #1 (rev 03) + 00:1e.0 PCI bridge: Intel Corporation 82801 Mobile PCI Bridge (rev 93) + 00:1f.0 ISA bridge: Intel Corporation ICH9M-E LPC Interface Controller (rev 03) + 00:1f.2 IDE interface: Intel Corporation ICH9M/M-E 2 port SATA IDE Controller (rev 03) + 00:1f.3 SMBus: Intel Corporation 82801I (ICH9 Family) SMBus Controller (rev 03) + 00:1f.5 IDE interface: Intel Corporation ICH9M/M-E 2 port SATA IDE Controller (rev 03) + 00:1f.6 Signal processing controller: Intel Corporation 82801I (ICH9 Family) Thermal Subsystem (rev 03) + 01:00.0 Ethernet controller: Attansic Technology Corp. Device 1063 (rev c0) + 02:00.0 Network controller: Intel Corporation Wireless WiFi Link 5100 + += Configuration = + + { + # Make te network WLAN card (wlan0) firmware available + require = [ ./nixos/modules/hardware/network/intel-5000.nix ]; + + boot = rec { + initrd = { + kernelModules = [ "ata_piix" "reiserfs" ]; + }; + kernelParams = [ + "selinux=0" + "apm=on" + "acpi=on" + "vga=0x317" + "console=tty1" + "video=vesafb:ywrap" + # Important, to disable Kernel Mode Setting for the graphics card + # This will allow backlight regulation + "nomodeset" + ]; + kernelModules = [ + "acpi-cpufreq" + "cpufreq-ondemand" # not autoloaded in 2.6.32.2 + "kvm-intel" + ]; + resumeDevice = "8:2"; + extraKernelParams = ["resume=/dev/sda2"]; + kernelPackages = pkgs.kernelPackages_2_6_32; + postBootCommands = '' + echo ondemand > /sys/devices/system/cpu/cpu0/cpufreq/scaling_governor + ''; + }; + + services = { + xserver = { + enable = true; + defaultDepth = 24; + videoDriver = "intel"; + exportConfiguration = true; + enableTCP = true; + autorun = true; + driSupport = false; + synaptics = { + enable = true; + dev = "/dev/input/event8"; + }; + }; + }; + += X settings = + +== Backlight == +Having disabled Kernel Mode Setting for the i915 kernel drm module (kernel parameter ''nomodeset''), use ''xrandr'' to set: + xrandr --output LVDS --set BACKLIGHT_CONTROL combination + xrandr --output LVDS --set BACKLIGHT 300 # ~1000, max light. + +If those steps make your mouse cursor not appear, switch to another VT, and then back to X, and it will come. + +== Synaptics pad == +I like the pad speed set by: + synclient MaxTapTime=0 MaxSpeed=1.12 MinSpeed=0.6 AccelFactor=0.001 VertEdgeScroll=1 +Install the ''xf86-input-synaptics-1.2.0'' for ''synclient'' to be in your PATH. + += Suspending and hibernating = +Usual pm-utils work, with pm-suspend and pm-hibernate. + +[[Category:Installation]] +[[Category:Hardware]] +[[Category:Laptops]] diff --git a/modules/nixos-hardware/acer/aspire/4810t/default.nix b/modules/nixos-hardware/acer/aspire/4810t/default.nix new file mode 100644 index 000000000000..d40b454b3aa4 --- /dev/null +++ b/modules/nixos-hardware/acer/aspire/4810t/default.nix @@ -0,0 +1,29 @@ +{ lib, ... }: + +{ + imports = [ + ../../../common/cpu/intel + ../../../common/pc/laptop + ]; + + boot = { + initrd.kernelModules = [ "ata_piix" ]; + kernelParams = [ + "apm=on" + "acpi=on" + "vga=0x317" + "video=vesafb:ywrap" + + # Important, disable KMS to fix backlight regulation: + "nomodeset" + ]; + }; + + # TODO: reverse compat + hardware.opengl.driSupport = false; + + # TODO: reverse compat + services.xserver = { + defaultDepth = lib.mkDefault 24; + }; +} diff --git a/modules/nixos-hardware/airis/n990/default.nix b/modules/nixos-hardware/airis/n990/default.nix new file mode 100644 index 000000000000..ae06813131a8 --- /dev/null +++ b/modules/nixos-hardware/airis/n990/default.nix @@ -0,0 +1,21 @@ +{ lib, pkgs, ... }: + +{ + imports = [ ../../common/pc/laptop ]; + + boot = { + initrd.kernelModules = [ "pata_via" ]; + + kernelParams = [ + "apm=on" + "acpi=on" + "vga=0x317" # 1024x768 + "console=tty1" + "video=vesafb:ywrap" # Faster scroll + ]; + }; + + hardware.firmware = with pkgs; [ intel2200BGFirmware ]; + + services.xserver.videoDrivers = [ "openchrome" ]; +} diff --git a/modules/nixos-hardware/apple/README.md b/modules/nixos-hardware/apple/README.md new file mode 100644 index 000000000000..c25d9499f425 --- /dev/null +++ b/modules/nixos-hardware/apple/README.md @@ -0,0 +1,11 @@ +## Switching Cmd and Alt/AltGr + +This will switch the left Alt and Cmd key as well as the right Alt/AltGr and Cmd key. + +```nix +boot.kernelParams = [ + "hid_apple.swap_opt_cmd=1" +]; +``` + +Reference: https://wiki.archlinux.org/index.php/Apple_Keyboard#Switching_Cmd_and_Alt/AltGr diff --git a/modules/nixos-hardware/apple/default.nix b/modules/nixos-hardware/apple/default.nix new file mode 100644 index 000000000000..a2ee26230aaa --- /dev/null +++ b/modules/nixos-hardware/apple/default.nix @@ -0,0 +1,12 @@ +{ config, lib, ... }: + +{ + boot.kernelParams = [ + "hid_apple.iso_layout=0" + ]; + + hardware.facetimehd.enable = lib.mkDefault + (config.nixpkgs.config.allowUnfree or false); + + services.mbpfan.enable = lib.mkDefault true; +} diff --git a/modules/nixos-hardware/apple/macbook-air/3/default.nix b/modules/nixos-hardware/apple/macbook-air/3/default.nix new file mode 100644 index 000000000000..03221edcd0b0 --- /dev/null +++ b/modules/nixos-hardware/apple/macbook-air/3/default.nix @@ -0,0 +1,15 @@ +{ config, lib, ... }: + +{ + imports = [ + ../../. + ../../../common/pc/laptop + ../../../common/pc/ssd + ]; + + # Built-in iSight is recognized by the generic uvcvideo kernel module + hardware.facetimehd.enable = false; + + hardware.cpu.intel.updateMicrocode = + lib.mkDefault config.hardware.enableRedistributableFirmware; +} diff --git a/modules/nixos-hardware/apple/macbook-air/4/default.nix b/modules/nixos-hardware/apple/macbook-air/4/default.nix new file mode 100644 index 000000000000..181a099799a1 --- /dev/null +++ b/modules/nixos-hardware/apple/macbook-air/4/default.nix @@ -0,0 +1,16 @@ +{ lib, ... }: + +{ + imports = [ + ../. + ../../../common/cpu/intel/sandy-bridge + ]; + + boot.kernelParams = [ + "acpi_backlight=vendor" + ]; + + services.xserver.deviceSection = lib.mkDefault '' + Option "TearFree" "true" + ''; +} diff --git a/modules/nixos-hardware/apple/macbook-air/6/default.nix b/modules/nixos-hardware/apple/macbook-air/6/default.nix new file mode 100644 index 000000000000..555d70418b85 --- /dev/null +++ b/modules/nixos-hardware/apple/macbook-air/6/default.nix @@ -0,0 +1,18 @@ +{ config, lib, ... }: + +{ + imports = [ ../. ]; + + boot = { + extraModulePackages = with config.boot.kernelPackages; [ mba6x_bl ]; + kernelModules = [ "mba6x_bl" ]; + + # Divides power consumption by two. + kernelParams = [ "acpi_osi=" ]; + }; + + services.xserver.deviceSection = lib.mkDefault '' + Option "Backlight" "mba6x_backlight" + Option "TearFree" "true" + ''; +} diff --git a/modules/nixos-hardware/apple/macbook-air/default.nix b/modules/nixos-hardware/apple/macbook-air/default.nix new file mode 100644 index 000000000000..ea15175d0319 --- /dev/null +++ b/modules/nixos-hardware/apple/macbook-air/default.nix @@ -0,0 +1,8 @@ +{ + imports = [ + ../. + ../../common/cpu/intel + ../../common/pc/laptop + ../../common/pc/laptop/ssd + ]; +} diff --git a/modules/nixos-hardware/apple/macbook-pro/10-1/README.wiki b/modules/nixos-hardware/apple/macbook-pro/10-1/README.wiki new file mode 100644 index 000000000000..149b30e6ed22 --- /dev/null +++ b/modules/nixos-hardware/apple/macbook-pro/10-1/README.wiki @@ -0,0 +1,9 @@ += Apple MacBook Pro 10,1 = + +I presume the associated configuration also will work with to other 10,x models. + +If you don't have an Ethernet adapter, make sure your NixOS installer has a sufficiently modern kernel or you will be stuck without internet and unable to installer. + +Note that (with NixPkgs circa late October 2016) Linux 4.8.1 does not work: everything will boot through X, but then manually-run commands accessing peripherals (nmcli, lspci, etc) will hang inexplicably. + +Thankfully no tweaking of the BIOS or similar was needed. Do note that if your MacOS partition is encrypted, you will have an easier time shrinking it from within MacOS, but this is standard advice. diff --git a/modules/nixos-hardware/apple/macbook-pro/10-1/default.nix b/modules/nixos-hardware/apple/macbook-pro/10-1/default.nix new file mode 100644 index 000000000000..e029ef21ecac --- /dev/null +++ b/modules/nixos-hardware/apple/macbook-pro/10-1/default.nix @@ -0,0 +1,21 @@ +{ lib, pkgs, ... }: + +{ + imports = [ + ../. + ../../../common/pc/laptop/ssd + ]; + + # TODO: boot loader + boot.loader.systemd-boot.enable = true; + boot.loader.efi.canTouchEfiVariables = true; + + # TODO: reverse compat + hardware.opengl.driSupport32Bit = true; + + services.xserver = { + # TODO: we should not enable unfree drivers + # when there is an alternative (i.e. nouveau) + videoDrivers = [ "nvidia" ]; + }; +} diff --git a/modules/nixos-hardware/apple/macbook-pro/11-5/README.md b/modules/nixos-hardware/apple/macbook-pro/11-5/README.md new file mode 100644 index 000000000000..17e5ef1d36e0 --- /dev/null +++ b/modules/nixos-hardware/apple/macbook-pro/11-5/README.md @@ -0,0 +1,32 @@ +# Apple MacBook Pro 11,5 + +This configuration will **not** work with MacBook Pro 11,2 or 11,3 models. + +## Notable features + +* Prevent intermittent USB 3.0 controller wakeup signal when the lid is closed. Without this fix your laptop may get very hot and drain the battery after waking up in your laptop bag. + + You can see for yourself which devices are allowed to wake up your laptop using the command: + + ```shell + cat /proc/acpi/wakeup + ``` + + This fix works for Linux kernel 3.13 and above. + + Sources: + + * [Fix unwanted laptop resume after lid is closed](https://medium.com/@laurynas.karvelis_95228/install-arch-linux-on-macbook-pro-11-2-retina-install-guide-for-year-2017-2034ceed4cb2#66ba) + * [Arch wiki: MacBookPro11,x Suspend](https://wiki.archlinux.org/index.php/MacBookPro11,x#Suspend) + * [simonvandel/dotfiles (nix config)](https://github.com/simonvandel/dotfiles/blob/f254a4a607257faee295ce798ed215273c342850/nixos/vandel-macair/configuration.nix#L45) + +## Graphics + +The [MacBookPro11,4 and MacBookPro11,5](https://support.apple.com/kb/SP719) models ship with a discrete ATI graphics card (whereas MacBookPro11,2 and MacBookPro11,3 ship with NVidia cards). This is alongside the usual integrated Intel GPU. + +You may wish to look into dynamic switching between integrated and discrete graphics, but this config doesn't attempt it. + +## Additional resources + +* Arch linux wiki: [MacBookPro11,x](https://wiki.archlinux.org/index.php/MacBookPro11,x) +* Kernel patches: [MacBookPro11,x](https://bugzilla.kernel.org/buglist.cgi?quicksearch=macbookpro11) diff --git a/modules/nixos-hardware/apple/macbook-pro/11-5/default.nix b/modules/nixos-hardware/apple/macbook-pro/11-5/default.nix new file mode 100644 index 000000000000..a53b5d8adeb4 --- /dev/null +++ b/modules/nixos-hardware/apple/macbook-pro/11-5/default.nix @@ -0,0 +1,27 @@ +{ lib, config, pkgs, ... }: + +let + + kernelPackages = config.boot.kernelPackages; + +in + +{ + imports = [ + ../. + ../../../common/pc/laptop/ssd + <nixpkgs/nixos/modules/hardware/network/broadcom-43xx.nix> + ]; + + # Apparently this is currently only supported by ati_unfree drivers, not ati + hardware.opengl.driSupport32Bit = false; + + services.xserver.videoDrivers = [ "ati" ]; + + services.udev.extraRules = + # Disable XHC1 wakeup signal to avoid resume getting triggered some time + # after suspend. Reboot required for this to take effect. + lib.optionalString + (lib.versionAtLeast kernelPackages.kernel.version "3.13") + ''SUBSYSTEM=="pci", KERNEL=="0000:00:14.0", ATTR{power/wakeup}="disabled"''; +} diff --git a/modules/nixos-hardware/apple/macbook-pro/12-1/README.md b/modules/nixos-hardware/apple/macbook-pro/12-1/README.md new file mode 100644 index 000000000000..6618dc9e5723 --- /dev/null +++ b/modules/nixos-hardware/apple/macbook-pro/12-1/README.md @@ -0,0 +1,15 @@ +# MacBook Pro 12,1 + +## Wireless won't get reconnected after resume/hibernate + +The wifi driver is unloaded before suspend/hibernate to workaround driver issues. +This means it might be required to restart your wifi deamon i.e. wpa_supplicant: + +```nix +powerManagement.powerUpCommands = '' + ${pkgs.systemd}/bin/systemctl restart wpa_supplicant.service +''; +}; +``` + +You can apply this to your network management software of choice. diff --git a/modules/nixos-hardware/apple/macbook-pro/12-1/default.nix b/modules/nixos-hardware/apple/macbook-pro/12-1/default.nix new file mode 100644 index 000000000000..a28ea82f8f95 --- /dev/null +++ b/modules/nixos-hardware/apple/macbook-pro/12-1/default.nix @@ -0,0 +1,26 @@ +{ lib, pkgs, ... }: + +{ + imports = [ + ../. + ../../../common/pc/laptop/ssd + <nixpkgs/nixos/modules/hardware/network/broadcom-43xx.nix> + ]; + + powerManagement = { + # Enable gradually increasing/decreasing CPU frequency, rather than using + # "powersave", which would keep CPU frequency at 0.8GHz. + cpuFreqGovernor = lib.mkDefault "conservative"; + + # brcmfmac being loaded during hibernation would not let a successful resume + # https://bugzilla.kernel.org/show_bug.cgi?id=101681#c116. + # Also brcmfmac could randomly crash on resume from sleep. + powerUpCommands = lib.mkBefore "${pkgs.kmod}/bin/modprobe brcmfmac"; + powerDownCommands = lib.mkBefore "${pkgs.kmod}/bin/rmmod brcmfmac"; + }; + + # USB subsystem wakes up MBP right after suspend unless we disable it. + services.udev.extraRules = lib.mkDefault '' + SUBSYSTEM=="pci", KERNEL=="0000:00:14.0", ATTR{power/wakeup}="disabled" + ''; +} diff --git a/modules/nixos-hardware/apple/macbook-pro/default.nix b/modules/nixos-hardware/apple/macbook-pro/default.nix new file mode 100644 index 000000000000..4ced65a382e0 --- /dev/null +++ b/modules/nixos-hardware/apple/macbook-pro/default.nix @@ -0,0 +1,7 @@ +{ + imports = [ + ../. + ../../common/cpu/intel + ../../common/pc/laptop + ]; +} diff --git a/modules/nixos-hardware/asus/fx504gd/default.nix b/modules/nixos-hardware/asus/fx504gd/default.nix new file mode 100644 index 000000000000..4513250982f8 --- /dev/null +++ b/modules/nixos-hardware/asus/fx504gd/default.nix @@ -0,0 +1,10 @@ +{ ... }: +{ + imports = [ + ../../common/cpu/intel + ../../common/pc/laptop + ]; + + #Nouveau doesn't work at all on this model. + boot.kernelParams = [ "nouveau.modeset=0" ]; +} diff --git a/modules/nixos-hardware/asus/wireless-ac1300.nix b/modules/nixos-hardware/asus/wireless-ac1300.nix new file mode 100644 index 000000000000..6e9b815a0eb0 --- /dev/null +++ b/modules/nixos-hardware/asus/wireless-ac1300.nix @@ -0,0 +1,6 @@ +{ config, ... }: + +{ + boot.extraModulePackages = with config.boot.kernelPackages; [ rtl8812au ]; + boot.kernelModules = [ "8812au" ]; +} diff --git a/modules/nixos-hardware/audio-gd/compass2.nix b/modules/nixos-hardware/audio-gd/compass2.nix new file mode 100644 index 000000000000..5268c1dab8d1 --- /dev/null +++ b/modules/nixos-hardware/audio-gd/compass2.nix @@ -0,0 +1,7 @@ +{ + boot = { + extraModprobeConfig = lib.mkDefault '' + options snd slots=snd_usb_audio,snd-hda-intel + ''; + }; +} diff --git a/modules/nixos-hardware/beagleboard/pocketbeagle/default.nix b/modules/nixos-hardware/beagleboard/pocketbeagle/default.nix new file mode 100644 index 000000000000..bc426300f458 --- /dev/null +++ b/modules/nixos-hardware/beagleboard/pocketbeagle/default.nix @@ -0,0 +1,10 @@ +{ lib, ... }: + +{ + boot.kernelParams = [ "console=ttyO0,115200n8" ]; + + boot.loader = { + generic-extlinux-compatible.enable = lib.mkDefault true; + grub.enable = lib.mkDefault false; + }; +} diff --git a/modules/nixos-hardware/common/cpu/amd/default.nix b/modules/nixos-hardware/common/cpu/amd/default.nix new file mode 100644 index 000000000000..d8c48a263081 --- /dev/null +++ b/modules/nixos-hardware/common/cpu/amd/default.nix @@ -0,0 +1,6 @@ +{ config, lib, ... }: + +{ + hardware.cpu.amd.updateMicrocode = + lib.mkDefault config.hardware.enableRedistributableFirmware; +} diff --git a/modules/nixos-hardware/common/cpu/intel/default.nix b/modules/nixos-hardware/common/cpu/intel/default.nix new file mode 100644 index 000000000000..ad945f394a6c --- /dev/null +++ b/modules/nixos-hardware/common/cpu/intel/default.nix @@ -0,0 +1,15 @@ +{ config, lib, pkgs, ... }: + +{ + boot.initrd.kernelModules = [ "i915" ]; + + hardware.cpu.intel.updateMicrocode = + lib.mkDefault config.hardware.enableRedistributableFirmware; + + hardware.opengl.extraPackages = with pkgs; [ + vaapiIntel + vaapiVdpau + libvdpau-va-gl + intel-media-driver + ]; +} diff --git a/modules/nixos-hardware/common/cpu/intel/kaby-lake/default.nix b/modules/nixos-hardware/common/cpu/intel/kaby-lake/default.nix new file mode 100644 index 000000000000..e6a2d1ce8e6e --- /dev/null +++ b/modules/nixos-hardware/common/cpu/intel/kaby-lake/default.nix @@ -0,0 +1,8 @@ +{ + imports = [ ../. ]; + + boot.kernelParams = [ + "i915.enable_fbc=1" + "i915.enable_psr=2" + ]; +} diff --git a/modules/nixos-hardware/common/cpu/intel/sandy-bridge/default.nix b/modules/nixos-hardware/common/cpu/intel/sandy-bridge/default.nix new file mode 100644 index 000000000000..682815cee473 --- /dev/null +++ b/modules/nixos-hardware/common/cpu/intel/sandy-bridge/default.nix @@ -0,0 +1,9 @@ +{ + imports = [ ../. ]; + + # Enables RC6, RC6p and RC6pp. + # Last two are only available on Sandy Bridge CPUs (circa 2011). + boot.kernelParams = [ + "i915.enable_rc6=7" + ]; +} diff --git a/modules/nixos-hardware/common/gpu/nvidia.nix b/modules/nixos-hardware/common/gpu/nvidia.nix new file mode 100644 index 000000000000..fed9fa98724c --- /dev/null +++ b/modules/nixos-hardware/common/gpu/nvidia.nix @@ -0,0 +1,22 @@ +{ lib, pkgs, ... }: + +# This creates a new 'nvidia-offload' program that runs the application passed to it on the GPU +# As per https://nixos.wiki/wiki/Nvidia +let + nvidia-offload = pkgs.writeShellScriptBin "nvidia-offload" '' + export __NV_PRIME_RENDER_OFFLOAD=1 + export __NV_PRIME_RENDER_OFFLOAD_PROVIDER=NVIDIA-G0 + export __GLX_VENDOR_LIBRARY_NAME=nvidia + export __VK_LAYER_NV_optimus=NVIDIA_only + exec -a "$0" "$@" + ''; +in +{ + services.xserver.videoDrivers = lib.mkDefault [ "nvidia" ]; + environment.systemPackages = [ nvidia-offload ]; + + hardware.nvidia.prime = { + offload.enable = lib.mkDefault true; + # Hardware should specify the bus ID for intel/nvidia devices + }; +} diff --git a/modules/nixos-hardware/common/pc/default.nix b/modules/nixos-hardware/common/pc/default.nix new file mode 100644 index 000000000000..8864de1c416a --- /dev/null +++ b/modules/nixos-hardware/common/pc/default.nix @@ -0,0 +1,9 @@ +{ config, lib, ... }: + +{ + boot.blacklistedKernelModules = lib.optionals (!config.hardware.enableRedistributableFirmware) [ + "ath3k" + ]; + + services.xserver.libinput.enable = lib.mkDefault true; +} diff --git a/modules/nixos-hardware/common/pc/hdd/default.nix b/modules/nixos-hardware/common/pc/hdd/default.nix new file mode 100644 index 000000000000..8cc5ada0deb9 --- /dev/null +++ b/modules/nixos-hardware/common/pc/hdd/default.nix @@ -0,0 +1,7 @@ +{ lib, ... }: + +{ + boot.kernel.sysctl = { + "vm.swappiness" = lib.mkDefault 10; + }; +} diff --git a/modules/nixos-hardware/common/pc/laptop/acpi_call.nix b/modules/nixos-hardware/common/pc/laptop/acpi_call.nix new file mode 100644 index 000000000000..f8c17dcc4901 --- /dev/null +++ b/modules/nixos-hardware/common/pc/laptop/acpi_call.nix @@ -0,0 +1,10 @@ +# acpi_call makes tlp work for newer thinkpads + +{ config, ... }: + +{ + boot = { + kernelModules = [ "acpi_call" ]; + extraModulePackages = with config.boot.kernelPackages; [ acpi_call ]; + }; +} diff --git a/modules/nixos-hardware/common/pc/laptop/default.nix b/modules/nixos-hardware/common/pc/laptop/default.nix new file mode 100644 index 000000000000..946d066d04d5 --- /dev/null +++ b/modules/nixos-hardware/common/pc/laptop/default.nix @@ -0,0 +1,7 @@ +{ config, lib, ... }: + +{ + imports = [ ../. ]; + + services.tlp.enable = lib.mkDefault true; +} diff --git a/modules/nixos-hardware/common/pc/laptop/hdd/default.nix b/modules/nixos-hardware/common/pc/laptop/hdd/default.nix new file mode 100644 index 000000000000..63f29d458c29 --- /dev/null +++ b/modules/nixos-hardware/common/pc/laptop/hdd/default.nix @@ -0,0 +1,8 @@ +{ lib, ... }: + +{ + imports = [ ../../hdd ]; + + # Hard disk protection if the laptop falls: + services.hdapsd.enable = lib.mkDefault true; +} diff --git a/modules/nixos-hardware/common/pc/laptop/ssd b/modules/nixos-hardware/common/pc/laptop/ssd new file mode 120000 index 000000000000..e313834a4372 --- /dev/null +++ b/modules/nixos-hardware/common/pc/laptop/ssd @@ -0,0 +1 @@ +../ssd \ No newline at end of file diff --git a/modules/nixos-hardware/common/pc/ssd/default.nix b/modules/nixos-hardware/common/pc/ssd/default.nix new file mode 100644 index 000000000000..00922e649938 --- /dev/null +++ b/modules/nixos-hardware/common/pc/ssd/default.nix @@ -0,0 +1,9 @@ +{ lib, ... }: + +{ + boot.kernel.sysctl = { + "vm.swappiness" = lib.mkDefault 1; + }; + + services.fstrim.enable = lib.mkDefault true; +} diff --git a/modules/nixos-hardware/default.nix b/modules/nixos-hardware/default.nix new file mode 100644 index 000000000000..fbb5b77061ff --- /dev/null +++ b/modules/nixos-hardware/default.nix @@ -0,0 +1,3 @@ +# This file is necessary so nix-env -qa does not break, +# when nixos-hardware is used as a channel +{} diff --git a/modules/nixos-hardware/dell/e7240/README.md b/modules/nixos-hardware/dell/e7240/README.md new file mode 100644 index 000000000000..b712f4d2bc25 --- /dev/null +++ b/modules/nixos-hardware/dell/e7240/README.md @@ -0,0 +1,8 @@ +On some kernel versions user ashgillman has experiences suspend issues +(see https://bugzilla.redhat.com/show_bug.cgi?id=1597481). + +Try: + +```nix +boot.kernelPackages = pkgs.linuxPackages_4_14; +``` diff --git a/modules/nixos-hardware/dell/e7240/default.nix b/modules/nixos-hardware/dell/e7240/default.nix new file mode 100644 index 000000000000..3334a745f8c3 --- /dev/null +++ b/modules/nixos-hardware/dell/e7240/default.nix @@ -0,0 +1,8 @@ +{ lib, pkgs, ... }: + +{ + imports = [ + ../../common/cpu/intel + ../../common/pc/laptop + ]; +} diff --git a/modules/nixos-hardware/dell/g3/3779/default.nix b/modules/nixos-hardware/dell/g3/3779/default.nix new file mode 100644 index 000000000000..8c9b3d328bd0 --- /dev/null +++ b/modules/nixos-hardware/dell/g3/3779/default.nix @@ -0,0 +1,24 @@ +{ lib, pkgs, ... }: + +{ + imports = [ + ../../../common/cpu/intel + ../../../common/gpu/nvidia.nix + ../../../common/pc/laptop + ../../../common/pc/laptop/ssd + ]; + + # Specify bus id of Nvidia and Intel graphics + hardware.nvidia.prime = { + intelBusId = "PCI:0:2:0"; + nvidiaBusId = "PCI:1:0:0"; + }; + + # Cooling management + services.thermald.enable = lib.mkDefault true; + + # Use same ACPI identifier as Dell Ubuntu + boot.kernelParams = [ + "acpi_osi=Linux-Dell-Video" + ]; +} diff --git a/modules/nixos-hardware/dell/latitude/3480/default.nix b/modules/nixos-hardware/dell/latitude/3480/default.nix new file mode 100644 index 000000000000..86be458a1d96 --- /dev/null +++ b/modules/nixos-hardware/dell/latitude/3480/default.nix @@ -0,0 +1,14 @@ +{ lib, pkgs, ... }: + +{ + imports = [ + ../../../common/cpu/intel + ../../../common/pc/laptop + ../../../common/pc/laptop/ssd + ]; + + # touchpad goes over i2c + boot.blacklistedKernelModules = [ "psmouse" ]; + + services.xserver.videoDrivers = lib.mkDefault [ "intel" ]; +} diff --git a/modules/nixos-hardware/dell/precision/5530/default.nix b/modules/nixos-hardware/dell/precision/5530/default.nix new file mode 100644 index 000000000000..52e0dd555425 --- /dev/null +++ b/modules/nixos-hardware/dell/precision/5530/default.nix @@ -0,0 +1,22 @@ +{ lib, pkgs, ... }: + +{ + imports = [ + ../../../common/cpu/intel + ../../../common/pc/laptop + ../../../common/pc/laptop/ssd + ]; + + # https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1803179/comments/149 + # fix lspci hanging with nouveau + boot.kernelParams = [ + "acpi_rev_override=1" + "acpi_osi=Linux" + "nouveau.modeset=0" + "pcie_aspm=force" + "drm.vblankoffdelay=1" + "scsi_mod.use_blk_mq=1" + "nouveau.runpm=0" + "mem_sleep_default=deep" + ]; +} diff --git a/modules/nixos-hardware/dell/xps/13-7390/README.wiki b/modules/nixos-hardware/dell/xps/13-7390/README.wiki new file mode 100644 index 000000000000..6ec37d0f4476 --- /dev/null +++ b/modules/nixos-hardware/dell/xps/13-7390/README.wiki @@ -0,0 +1,16 @@ += Dell XPS 13 7390 = + +== Installation == + +You need to disable RAID and use AHCI instead as described [https://wiki.ubuntu.com/Dell/XPS/XPS-13-7390-2-in-1 here]. + +== Firmware upgrades == + +Note that this device is supported by [https://fwupd.org/ fwupd]. +To perform firmware upgrades just activate the service + +<code> +services.fwupd.enable = true; +</code> + +Then use <code>fwupdmgr</code> to perform updates. diff --git a/modules/nixos-hardware/dell/xps/13-7390/default.nix b/modules/nixos-hardware/dell/xps/13-7390/default.nix new file mode 100644 index 000000000000..1aa0c4bcd3dd --- /dev/null +++ b/modules/nixos-hardware/dell/xps/13-7390/default.nix @@ -0,0 +1,17 @@ +{ lib, pkgs, ... }: + +{ + imports = [ + ../../../common/cpu/intel + ../../../common/pc/laptop + ../../../common/pc/laptop/ssd + ]; + + boot.kernelParams = [ "mem_sleep_default=deep" ]; + + # older version break wifi: + # - https://github.com/NixOS/nixos-hardware/issues/173 + boot.kernelPackages = lib.mkIf (lib.versionOlder pkgs.linux.version "5.6") pkgs.linuxPackages_latest; + + services.thermald.enable = true; +} diff --git a/modules/nixos-hardware/dell/xps/13-9343/default.nix b/modules/nixos-hardware/dell/xps/13-9343/default.nix new file mode 100644 index 000000000000..2904a773c7b4 --- /dev/null +++ b/modules/nixos-hardware/dell/xps/13-9343/default.nix @@ -0,0 +1,12 @@ +{ lib, ... }: + +{ + imports = [ + ../../../common/cpu/intel + ../../../common/pc/laptop + ../../../common/pc/laptop/ssd + ]; + + # This will save you money and possibly your life! + services.thermald.enable = lib.mkDefault true; +} diff --git a/modules/nixos-hardware/dell/xps/13-9360/default.nix b/modules/nixos-hardware/dell/xps/13-9360/default.nix new file mode 100644 index 000000000000..68eedc8c57f5 --- /dev/null +++ b/modules/nixos-hardware/dell/xps/13-9360/default.nix @@ -0,0 +1,19 @@ +{ lib, pkgs, ... }: + +{ + imports = [ + ../../../common/cpu/intel/kaby-lake + ../../../common/pc/laptop + ]; + + boot.blacklistedKernelModules = [ "psmouse" ]; # touchpad goes over i2c + + # TODO: decide on boot loader policy + boot.loader = { + efi.canTouchEfiVariables = lib.mkDefault true; + systemd-boot.enable = lib.mkDefault true; + }; + + # This will save you money and possibly your life! + services.thermald.enable = true; +} diff --git a/modules/nixos-hardware/dell/xps/13-9370/README.wiki b/modules/nixos-hardware/dell/xps/13-9370/README.wiki new file mode 100644 index 000000000000..57b5e08d3850 --- /dev/null +++ b/modules/nixos-hardware/dell/xps/13-9370/README.wiki @@ -0,0 +1,16 @@ += Dell XPS 13 9370 = + +== Battery drain when sleeping == + +The laptop uses the S2 sleep mode by default instead of S3, which leads to +draining a lot of battery during sleep. + +Though this is intentional by the manufacturer and might cause lockups when +forced I - @moredread - never had any issues with it. + +See https://wiki.archlinux.org/index.php/Dell_XPS_13_(9370)#Power_Management +and https://bugzilla.kernel.org/show_bug.cgi?id=199689#c3 for reference + +== Additional resources == + +* Arch linux wiki: [https://wiki.archlinux.org/index.php/Dell_XPS_13_(9370) Dell XPS 13 9370] diff --git a/modules/nixos-hardware/dell/xps/13-9370/default.nix b/modules/nixos-hardware/dell/xps/13-9370/default.nix new file mode 100644 index 000000000000..dbe852f0c27f --- /dev/null +++ b/modules/nixos-hardware/dell/xps/13-9370/default.nix @@ -0,0 +1,20 @@ +{ lib, pkgs, ... }: + +{ + imports = [ + ../../../common/cpu/intel/kaby-lake + ../../../common/pc/laptop + ../../../common/pc/laptop/acpi_call.nix + ]; + + # Force S3 sleep mode. See README.wiki for details. + boot.kernelParams = [ "mem_sleep_default=deep" ]; + + # touchpad goes over i2c + boot.blacklistedKernelModules = [ "psmouse" ]; + + services.throttled.enable = lib.mkDefault true; + + # This will save you money and possibly your life! + services.thermald.enable = true; +} diff --git a/modules/nixos-hardware/dell/xps/13-9380/README.wiki b/modules/nixos-hardware/dell/xps/13-9380/README.wiki new file mode 100644 index 000000000000..c5ad61e3fd63 --- /dev/null +++ b/modules/nixos-hardware/dell/xps/13-9380/README.wiki @@ -0,0 +1,20 @@ += Dell XPS 13 9380 = + +== Firmware upgrades == + +Note that this device is supported by [https://fwupd.org/ fwupd]. +To perform firmware upgrades just activate the service + +<code> +services.fwupd.enable = true; +</code> + +Then use <code>fwupdmgr</code> to perform updates. + +== Battery drain when sleeping == + +The laptop uses the S2 sleep mode by default instead of S3, which leads to +draining a lot of battery during sleep. + +See https://wiki.archlinux.org/index.php/Dell_XPS_13_(9370)#Power_Management +and https://bugzilla.kernel.org/show_bug.cgi?id=199689#c3 for reference diff --git a/modules/nixos-hardware/dell/xps/13-9380/default.nix b/modules/nixos-hardware/dell/xps/13-9380/default.nix new file mode 100644 index 000000000000..162cc2618eb1 --- /dev/null +++ b/modules/nixos-hardware/dell/xps/13-9380/default.nix @@ -0,0 +1,18 @@ +{ lib, pkgs, ... }: + +{ + imports = [ + ../../../common/cpu/intel + ../../../common/pc/laptop + ../../../common/pc/laptop/acpi_call.nix + ]; + + # Force S3 sleep mode. See README.wiki for details. + boot.kernelParams = [ "mem_sleep_default=deep" ]; + + # touchpad goes over i2c + boot.blacklistedKernelModules = [ "psmouse" ]; + + # This will save you money and possibly your life! + services.thermald.enable = true; +} diff --git a/modules/nixos-hardware/dell/xps/15-7590/README.wiki b/modules/nixos-hardware/dell/xps/15-7590/README.wiki new file mode 100644 index 000000000000..052df2911f1b --- /dev/null +++ b/modules/nixos-hardware/dell/xps/15-7590/README.wiki @@ -0,0 +1,54 @@ += Dell XPS 15 7590 = +*Mostly copied from 15-9550 + +== Tested Hardware == + +* CPU: Intel(R) Core(TM) i9-9980HK +* RAM: 32 GB +* HDD: 1 TiB SSD +* Screen: 15" 4k (3840✕2160) +* Input: Touchscreen and trackpad. + +== Firmware Configuration == + +Not much tweaking of NixOS itself was needed. But we currently cannot automate the firmware setup, so this must be done by hand. + +=== Before installation === + +These settings are needed both for booting the final install, and installer itself. Therefore, they must be done first. + +* ''Disable Secure Boot (but keep UEFI Boot).'' Thankfully doing so is as easy as changing any other simple setting. + +* ''Disable Intel hardware RAID and use AHCI instead.'' Intel doesn't seem to provide a working linux driver for this. (If you just have SSD it's pointless and just slows things down needlessly anyways.) + +=== Wifi === +~~Wifi does not work with kernels older than 5.1 (firmware not present) or newer~~ (https://bbs.archlinux.org/viewtopic.php?id=247705) + +Update: The 48.ucode causes the Killer wifi card to crash. The iwlfwifi-cc-a0-46.ucode works perfectly. +default.nix contains an overlay that removes the offending ucode from the linux-firmware bundle. +To use it one also needs to enable unfree firmware in their own configuration (<code>hardware.enableRedistributableFirmware = true;</code>) + +``` + # Use the systemd-boot EFI boot loader. + boot.loader.systemd-boot.enable = true; + boot.loader.grub = { + device = "nodev"; + efiSupport = true; + efiInstallAsRemovable = true; + }; + boot.loader.efi.canTouchEfiVariables = true; + boot.kernelPackages = pkgs.linuxPackages_5_1; +``` +Disable the `canTouchEfiVariables` after a boot or two to prevent NVRAM wearout. + + +=== After installation === + +* ''Add systemd-boot to UEFI boot list.'' The (uneditable anyways) settings mapping drive UUIDs to HD* work fine. + +=== Optional === + +* ''Update BIOS.'' According to Reddit, this helps with battery life. + +=== Troubleshooting === + diff --git a/modules/nixos-hardware/dell/xps/15-7590/default.nix b/modules/nixos-hardware/dell/xps/15-7590/default.nix new file mode 100644 index 000000000000..eeb69e204ee9 --- /dev/null +++ b/modules/nixos-hardware/dell/xps/15-7590/default.nix @@ -0,0 +1,51 @@ +{ lib, ... }: +# Earlier font-size setup. +# Virtual console options were renamed in 20.03; use the right option depending +# on the OS version; keep this here at least until 20.03 is stable. +lib.recursiveUpdate +(if lib.versionAtLeast (lib.versions.majorMinor lib.version) "20.03" then { + console.earlySetup = true; +} else { + boot.earlyVconsoleSetup = true; +}) { + imports = [ + ../../../common/cpu/intel + ../../../common/pc/laptop + ../../../common/pc/ssd + ]; + + # Set to true for just the first run, then disable it. + # boot.loader.efi.canTouchEfiVariables = lib.mkDefault true; + + # Load GPU drivers. + # hardware.bumblebee.enable = lib.mkDefault true; + + # High DPI for X users. 175 "looks reasonable" but I didn't do the actual DPI + # calculation. + # services.xserver.dpi = lib.mkDefault 175; + + # Earlier font-size setup + console.earlySetup = true; + + # Prevent small EFI partiion from filling up + boot.loader.grub.configurationLimit = 10; + + # The 48.ucode causes the Killer wifi card to crash. + # The iwlfwifi-cc-a0-46.ucode works perfectly + nixpkgs.overlays = [ + (self: super: { + firmwareLinuxNonfree = super.firmwareLinuxNonfree.overrideAttrs (old: { + src = super.fetchgit { + url = + "https://git.kernel.org/pub/scm/linux/kernel/git/firmware/linux-firmware.git"; + rev = "bf13a71b18af229b4c900b321ef1f8443028ded8"; + sha256 = "1dcaqdqyffxiadx420pg20157wqidz0c0ca5mrgyfxgrbh6a4mdj"; + }; + postInstall = '' + rm $out/lib/firmware/iwlwifi-cc-a0-48.ucode + ''; + outputHash = "0dq48i1cr8f0qx3nyq50l9w9915vhgpwmwiw3b4yhisbc3afyay4"; + }); + }) + ]; +} diff --git a/modules/nixos-hardware/dell/xps/15-9500/README.wiki b/modules/nixos-hardware/dell/xps/15-9500/README.wiki new file mode 100644 index 000000000000..ebcb5e315396 --- /dev/null +++ b/modules/nixos-hardware/dell/xps/15-9500/README.wiki @@ -0,0 +1,22 @@ += Dell XPS 15 9550 = + +== Tested Hardware == + +* CPU: Intel(R) Core(TM) i7-10875H CPU @ 2.30GHz +* RAM: 64 GB +* HDD: 1 TiB SSD +* Screen: 15" 4k (3840✕2160) +* Graphics: NVIDIA Corporation TU117M [GeForce GTX 1650 Ti Mobile], with Intel Graphics too. +* Input: Touchscreen and trackpad. + +== Notes == + +Also tested with Dell WD19TB Thunderbolt Dock. + +== NVIDIA Offload == + +In order to run a program on the NVIDIA gpu, you can use the `nvidia-offload` function, for example: +``` +nvidia-offload `nix-shell -p glxinfo --run 'glxgears'` +``` +This is a short bash script that sets the proper environment variables and calls your command. diff --git a/modules/nixos-hardware/dell/xps/15-9500/default.nix b/modules/nixos-hardware/dell/xps/15-9500/default.nix new file mode 100644 index 000000000000..c7beda4d558e --- /dev/null +++ b/modules/nixos-hardware/dell/xps/15-9500/default.nix @@ -0,0 +1,21 @@ +{ lib, ... }: +let + thermald-conf = ./thermald-conf.xml; +in +{ + imports = [ + ../../../common/cpu/intel + ../../../common/pc/laptop + ../../../common/pc/laptop/ssd + ]; + + # Boot loader + boot.kernelParams = lib.mkDefault [ "acpi_rev_override" ]; + + # This will save you money and possibly your life! + services.thermald.enable = lib.mkDefault true; + + # Thermald doesn't have a default config for the 9500 yet, the one in this repo + # was generated with dptfxtract-static (https://github.com/intel/dptfxtract) + services.thermald.configFile = lib.mkDefault thermald-conf; +} diff --git a/modules/nixos-hardware/dell/xps/15-9500/nvidia/default.nix b/modules/nixos-hardware/dell/xps/15-9500/nvidia/default.nix new file mode 100644 index 000000000000..451b6eb75315 --- /dev/null +++ b/modules/nixos-hardware/dell/xps/15-9500/nvidia/default.nix @@ -0,0 +1,15 @@ +{ lib, pkgs, ... }: +{ + imports = [ + ../default.nix + ../../../../common/gpu/nvidia.nix + ]; + + hardware.nvidia.prime = { + # Bus ID of the Intel GPU. + intelBusId = lib.mkDefault "PCI:0:2:0"; + + # Bus ID of the NVIDIA GPU. + nvidiaBusId = lib.mkDefault "PCI:1:0:0"; + }; +} diff --git a/modules/nixos-hardware/dell/xps/15-9500/thermald-conf.xml b/modules/nixos-hardware/dell/xps/15-9500/thermald-conf.xml new file mode 100644 index 000000000000..bc13d3541dcb --- /dev/null +++ b/modules/nixos-hardware/dell/xps/15-9500/thermald-conf.xml @@ -0,0 +1,205 @@ +<?xml version="1.0"?> + <!-- BEGIN --> + <ThermalConfiguration> + <Platform> + <Name> Auto generated </Name> + <ProductName>XPS 15 9500</ProductName> + <Preference>QUIET</Preference> + <PPCC> + <PowerLimitIndex>0</PowerLimitIndex> + <PowerLimitMinimum>10000</PowerLimitMinimum> + <PowerLimitMaximum>68000</PowerLimitMaximum> + <TimeWindowMinimum>56000</TimeWindowMinimum> + <TimeWindowMaximum>56000</TimeWindowMaximum> + <StepSize>250</StepSize> + </PPCC> + <ThermalZones> + <ThermalZone> + <Type>auto_zone_0</Type> + <TripPoints> + <TripPoint> + <SensorType>SEN2</SensorType> + <Temperature>55000</Temperature> + <Type>Passive</Type> + <CoolingDevice> + <Type>B0D4</Type> + <SamplingPeriod>1</SamplingPeriod> + <TargetState>45000000</TargetState> + </CoolingDevice> + </TripPoint> + <TripPoint> + <SensorType>SEN2</SensorType> + <Temperature>57000</Temperature> + <Type>Passive</Type> + <CoolingDevice> + <Type>B0D4</Type> + <SamplingPeriod>1</SamplingPeriod> + <TargetState>40000000</TargetState> + </CoolingDevice> + </TripPoint> + <TripPoint> + <SensorType>SEN2</SensorType> + <Temperature>60000</Temperature> + <Type>Passive</Type> + <CoolingDevice> + <Type>B0D4</Type> + <SamplingPeriod>1</SamplingPeriod> + <TargetState>35000000</TargetState> + </CoolingDevice> + </TripPoint> + <TripPoint> + <SensorType>SEN2</SensorType> + <Temperature>64000</Temperature> + <Type>Passive</Type> + <CoolingDevice> + <Type>B0D4</Type> + <SamplingPeriod>3</SamplingPeriod> + <TargetState>35000000</TargetState> + </CoolingDevice> + </TripPoint> + <TripPoint> + <SensorType>SEN2</SensorType> + <Temperature>68000</Temperature> + <Type>Passive</Type> + <CoolingDevice> + <Type>B0D4</Type> + <SamplingPeriod>3</SamplingPeriod> + <TargetState>20000000</TargetState> + </CoolingDevice> + </TripPoint> + <TripPoint> + <SensorType>SEN2</SensorType> + <Temperature>70000</Temperature> + <Type>Passive</Type> + <CoolingDevice> + <Type>B0D4</Type> + <SamplingPeriod>3</SamplingPeriod> + <TargetState>15000000</TargetState> + </CoolingDevice> + </TripPoint> + </TripPoints> + </ThermalZone> + <ThermalZone> + <Type>auto_zone_1</Type> + <TripPoints> + <TripPoint> + <SensorType>SEN5</SensorType> + <Temperature>38000</Temperature> + <Type>Passive</Type> + <CoolingDevice> + <Type>B0D4</Type> + <SamplingPeriod>1</SamplingPeriod> + <TargetState>22000000</TargetState> + </CoolingDevice> + </TripPoint> + <TripPoint> + <SensorType>SEN5</SensorType> + <Temperature>39000</Temperature> + <Type>Passive</Type> + <CoolingDevice> + <Type>B0D4</Type> + <SamplingPeriod>1</SamplingPeriod> + <TargetState>17000000</TargetState> + </CoolingDevice> + </TripPoint> + <TripPoint> + <SensorType>SEN5</SensorType> + <Temperature>40000</Temperature> + <Type>Passive</Type> + <CoolingDevice> + <Type>B0D4</Type> + <SamplingPeriod>3</SamplingPeriod> + <TargetState>12000000</TargetState> + </CoolingDevice> + </TripPoint> + <TripPoint> + <SensorType>SEN5</SensorType> + <Temperature>41000</Temperature> + <Type>Passive</Type> + <CoolingDevice> + <Type>B0D4</Type> + <SamplingPeriod>3</SamplingPeriod> + </CoolingDevice> + </TripPoint> + </TripPoints> + </ThermalZone> + <ThermalZone> + <Type>auto_zone_2</Type> + <TripPoints> + <TripPoint> + <SensorType>VIR1</SensorType> + <Temperature>57000</Temperature> + <Type>Passive</Type> + <CoolingDevice> + <Type>B0D4</Type> + <SamplingPeriod>3</SamplingPeriod> + <TargetState>15000000</TargetState> + </CoolingDevice> + </TripPoint> + <TripPoint> + <SensorType>VIR1</SensorType> + <Temperature>60000</Temperature> + <Type>Passive</Type> + <CoolingDevice> + <Type>B0D4</Type> + <SamplingPeriod>3</SamplingPeriod> + </CoolingDevice> + </TripPoint> + </TripPoints> + </ThermalZone> + <ThermalZone> + <Type>auto_zone_3</Type> + <TripPoints> + <TripPoint> + <SensorType>VIR2</SensorType> + <Temperature>76000</Temperature> + <Type>Passive</Type> + <CoolingDevice> + <Type>B0D4</Type> + <SamplingPeriod>1</SamplingPeriod> + </CoolingDevice> + </TripPoint> + </TripPoints> + </ThermalZone> + <ThermalZone> + <Type>auto_zone_4</Type> + <TripPoints> + <TripPoint> + <SensorType>WRLS</SensorType> + <Temperature>80000</Temperature> + <Type>Passive</Type> + <CoolingDevice> + <Type>B0D4</Type> + <SamplingPeriod>1</SamplingPeriod> + </CoolingDevice> + </TripPoint> + </TripPoints> + </ThermalZone> + <ThermalZone> + <Type>auto_zone_5</Type> + <TripPoints> + <TripPoint> + <SensorType>STG1</SensorType> + <Temperature>66000</Temperature> + <Type>Passive</Type> + <CoolingDevice> + <Type>B0D4</Type> + <SamplingPeriod>1</SamplingPeriod> + <TargetState>19000000</TargetState> + </CoolingDevice> + </TripPoint> + <TripPoint> + <SensorType>STG1</SensorType> + <Temperature>90000</Temperature> + <Type>Passive</Type> + <CoolingDevice> + <Type>B0D4</Type> + <SamplingPeriod>1</SamplingPeriod> + </CoolingDevice> + </TripPoint> + </TripPoints> + </ThermalZone> + </ThermalZones> +</Platform> +</ThermalConfiguration> +<!-- END --> diff --git a/modules/nixos-hardware/dell/xps/15-9550/README.wiki b/modules/nixos-hardware/dell/xps/15-9550/README.wiki new file mode 100644 index 000000000000..93d33ab9c6f7 --- /dev/null +++ b/modules/nixos-hardware/dell/xps/15-9550/README.wiki @@ -0,0 +1,59 @@ += Dell XPS 15 9550 = + +Most of this I presume also applies to the XPS 13 1530, the 13" variant. + +== Tested Hardware == + +* CPU: Intel(R) Core(TM) i7-6700HQ CPU @ 2.60GHz +* RAM: 32 GB +* HDD: 512 GiB SSD +* Screen: 15" 4k (3840✕2160) +* Graphics: NVIDIA Corporation GM107M, with Intel Graphics too. +* Input: Touchscreen and trackpad. + +== NVIDIA Offload == + +In order to run a program on the NVIDIA gpu, you can use the `nvidia-offload` function, for example: +``` +nvidia-offload `nix-shell -p glxinfo --run 'glxgears'` +``` +This is a short bash script that sets the proper environment variables and calls your command. + +== Firmware Configuration == + +Not much tweaking of NixOS itself was needed. But we currently cannot automate the firmware setup, so this must be done by hand. + +=== Before installation === + +These settings are needed both for booting the final install, and installer itself. Therefore, they must be done first. + +* ''Disable Secure Boot (but keep UEFI Boot).'' Thakfully doing so is as easy as changing any other simple setting. + +* ''Disable Intel hardware RAID and use AHCI instead.'' Intel doesn't seem to provide a working linux driver for this. (If you just have SSD it's pointless and just slows things down needlessly anyways.) + + +=== After installation === + +* ''Add systemd-boot to UEFI boot list.'' The (uneditable anyways) settings mapping drive UUIDs to HD* work fine. + +=== Optional === + +* ''Disable C-States.'' This is a processor idling thing. It seems to cause random crashes (Blank screen, no normal panic debug dump). Unfortunately, without it, the computer cannot be suspended. On the other hand, it doesn't seem to affect acpi's estimation of battery life when the computer is running with minimal load, but I haven't tested battery life in practice. I list it as optional as there's a tradeoff, and the crashes are rare enough one can probably get through installation just fine. + +* ''Update BIOS.'' According to Reddit, this helps with battery life. + +* ''Update Intel's Thunderbolt firmware.'' Without this, the Thunderbolt port will only work as power source, and not transfer data. + +=== Troubleshooting === + +==== rcu_sched freezing problems ==== + +After a recent update my machine became unstable. X couldn't start and even running `lspci` would lock the machine. I'm not sure what the root cause was, but I found the fix here: https://wiki.archlinux.org/index.php/Dell_XPS_15_9560#Troubleshooting + +TL;DR I added this line: + +``` +boot.kernelParams = [ "acpi_rev_override=1" "pcie_aspm=off" "nouveau.modeset=0" ]; +``` + +Some more detail about the problem can be found here: https://bbs.archlinux.org/viewtopic.php?id=223056 diff --git a/modules/nixos-hardware/dell/xps/15-9550/default.nix b/modules/nixos-hardware/dell/xps/15-9550/default.nix new file mode 100644 index 000000000000..9677972a6b70 --- /dev/null +++ b/modules/nixos-hardware/dell/xps/15-9550/default.nix @@ -0,0 +1,18 @@ +{ lib, ... }: + +{ + imports = [ + ../../../common/cpu/intel + ../../../common/pc/laptop + ]; + + # TODO: boot loader + boot.loader.systemd-boot.enable = lib.mkDefault true; + boot.loader.efi.canTouchEfiVariables = lib.mkDefault true; + + # This will save you money and possibly your life! + services.thermald.enable = true; + + # To just use Intel integrated graphics with Intel's open source driver + # hardware.nvidiaOptimus.disable = true; +} diff --git a/modules/nixos-hardware/dell/xps/15-9550/nvidia/default.nix b/modules/nixos-hardware/dell/xps/15-9550/nvidia/default.nix new file mode 100644 index 000000000000..451b6eb75315 --- /dev/null +++ b/modules/nixos-hardware/dell/xps/15-9550/nvidia/default.nix @@ -0,0 +1,15 @@ +{ lib, pkgs, ... }: +{ + imports = [ + ../default.nix + ../../../../common/gpu/nvidia.nix + ]; + + hardware.nvidia.prime = { + # Bus ID of the Intel GPU. + intelBusId = lib.mkDefault "PCI:0:2:0"; + + # Bus ID of the NVIDIA GPU. + nvidiaBusId = lib.mkDefault "PCI:1:0:0"; + }; +} diff --git a/modules/nixos-hardware/dell/xps/15-9560/README.wiki b/modules/nixos-hardware/dell/xps/15-9560/README.wiki new file mode 100644 index 000000000000..faf4ced8bec2 --- /dev/null +++ b/modules/nixos-hardware/dell/xps/15-9560/README.wiki @@ -0,0 +1,54 @@ += Dell XPS 15 9560 = + +== Tested Hardware == + +* CPU: Intel(R) Core(TM) i7-7700HQ CPU @ 2.80GHz +* RAM: 16 GB +* HDD: 512 GiB SSD +* Screen: 15.6" FHD(1920x1080) InfinityEdge +* Graphics: NVIDIA Corporation GTX1050 4GB GDDR5, with Intel Graphics too. +* Input: trackpad + + +== Firmware Configuration == + +Not much tweaking of NixOS itself was needed. But we currently cannot automate the firmware setup, so this must be done by hand. + +=== Before installation === + +These settings are needed both for booting the final install, and installer itself. Therefore, they must be done first. + +* ''Disable Secure Boot (but keep UEFI Boot).'' Thakfully doing so is as easy as changing any other simple setting. + +* ''Disable Intel hardware RAID and use AHCI instead.'' Intel doesn't seem to provide a working linux driver for this. (If you just have SSD it's pointless and just slows things down needlessly anyways.) + + +=== After installation === + +* ''Add systemd-boot to UEFI boot list.'' The (uneditable anyways) settings mapping drive UUIDs to HD* work fine. + +=== Optional === + +* ''Disable C-States.'' This is a processor idling thing. It seems to cause random crashes (Blank screen, no normal panic debug dump). Unfortunately, without it, the computer cannot be suspended. On the other hand, it doesn't seem to affect acpi's estimation of battery life when the computer is running with minimal load, but I haven't tested battery life in practice. I list it as optional as there's a tradeoff, and the crashes are rare enough one can probably get through installation just fine. + +* ''Update BIOS.'' According to Reddit, this helps with battery life. + +* ''Update Intel's Thunderbolt firmware.'' Without this, the Thunderbolt port will only work as power source, and not transfer data. + +=== Troubleshooting === + +==== rcu_sched freezing problems ==== + +After a recent update my machine became unstable. X couldn't start and even running `lspci` would lock the machine. I'm not sure what the root cause was, but I found the fix here: https://wiki.archlinux.org/index.php/Dell_XPS_15_9560#Troubleshooting + +TL;DR I added this line: + I am leaving these params here, I haven't test these so use on your own risk. + I am using different method to disable nvidia. + ("acpi_rev_override=1" param is save and I have been using it for a while now, + no crashes.) + +``` +boot.kernelParams = [ "acpi_rev_override=1" "pcie_aspm=off" "nouveau.modeset=0" ]; +``` + +Some more detail about the problem can be found here: https://bbs.archlinux.org/viewtopic.php?id=223056 diff --git a/modules/nixos-hardware/dell/xps/15-9560/default.nix b/modules/nixos-hardware/dell/xps/15-9560/default.nix new file mode 100644 index 000000000000..e7ec6c29d53e --- /dev/null +++ b/modules/nixos-hardware/dell/xps/15-9560/default.nix @@ -0,0 +1,24 @@ +{ lib, pkgs, ... }: + +{ + imports = [ + ../../../common/cpu/intel + ../../../common/pc/laptop + ./xps-common.nix + ]; + + # This configuration makes intel default and optionaly applications could run nvidia with optirun. + # To Optimize for your use case import intel or nvidia only configuration instead + # xps-9560/intel + # or + # xps-9560/nvidia + + + ##### bumblebee working, needs reboot to take affect and to use it run: optirun "<application>" + services.xserver.videoDrivers = lib.mkDefault [ "intel" "nvidia" ]; + boot.blacklistedKernelModules = lib.mkDefault [ "nouveau" "bbswitch" ]; + boot.extraModulePackages = lib.mkDefault [ pkgs.linuxPackages.nvidia_x11 ]; + hardware.bumblebee.enable = lib.mkDefault true; + hardware.bumblebee.pmMethod = lib.mkDefault "none"; + +} diff --git a/modules/nixos-hardware/dell/xps/15-9560/intel/default.nix b/modules/nixos-hardware/dell/xps/15-9560/intel/default.nix new file mode 100644 index 000000000000..f20379786ddb --- /dev/null +++ b/modules/nixos-hardware/dell/xps/15-9560/intel/default.nix @@ -0,0 +1,18 @@ +{ lib, pkgs, ... }: + +{ + imports = [ + ../../../../common/cpu/intel + ../../../../common/pc/laptop + ../xps-common.nix + ]; + + + # This runs only Intel and nvidia does not drain power. + + ##### disable nvidia, very nice battery life. + hardware.nvidiaOptimus.disable = lib.mkDefault true; + boot.blacklistedKernelModules = lib.mkDefault [ "nouveau" "nvidia" ]; + services.xserver.videoDrivers = lib.mkDefault [ "intel" ]; + +} diff --git a/modules/nixos-hardware/dell/xps/15-9560/nvidia/default.nix b/modules/nixos-hardware/dell/xps/15-9560/nvidia/default.nix new file mode 100644 index 000000000000..2cd5d1b158dc --- /dev/null +++ b/modules/nixos-hardware/dell/xps/15-9560/nvidia/default.nix @@ -0,0 +1,20 @@ +{ lib, pkgs, ... }: + +{ + imports = [ + ../../../../common/cpu/intel + ../../../../common/pc/laptop + ../xps-common.nix + ]; + + + # This runs only nvidia, great for games or heavy use of render applications + + ##### disable intel, run nvidia only and as default + services.xserver.videoDrivers = lib.mkDefault ["nvidia"]; + hardware.nvidia.modesetting.enable = lib.mkDefault true; + hardware.nvidia.optimus_prime.enable = lib.mkDefault true; + hardware.nvidia.optimus_prime.nvidiaBusId = lib.mkDefault "PCI:1:0:0"; + hardware.nvidia.optimus_prime.intelBusId = lib.mkDefault "PCI:0:2:0"; + +} diff --git a/modules/nixos-hardware/dell/xps/15-9560/xps-common.nix b/modules/nixos-hardware/dell/xps/15-9560/xps-common.nix new file mode 100644 index 000000000000..62aae078545d --- /dev/null +++ b/modules/nixos-hardware/dell/xps/15-9560/xps-common.nix @@ -0,0 +1,12 @@ +{ lib, ... }: + +{ + + # Boot loader + boot.loader.systemd-boot.enable = lib.mkDefault true; + boot.loader.efi.canTouchEfiVariables = lib.mkDefault true; + boot.kernelParams = lib.mkDefault [ "acpi_rev_override" ]; + + # This will save you money and possibly your life! + services.thermald.enable = lib.mkDefault true; +} diff --git a/modules/nixos-hardware/flake.nix b/modules/nixos-hardware/flake.nix new file mode 100644 index 000000000000..f0d24bf41700 --- /dev/null +++ b/modules/nixos-hardware/flake.nix @@ -0,0 +1,91 @@ +{ + description = "nixos-hardware"; + + outputs = { self }: { + nixosModules = { + dell-aspire-4810t = import ./acer/aspire/4810t; + asus-fx504gd = import ./asus/fx504gd; + apple-macbook-air-3 = import ./apple/macbook-air/3; + apple-macbook-air-4 = import apple/macbook-air/4; + apple-macbook-air-6 = import apple/macbook-air/6; + apple-macbook-pro-10-1 = import ./apple/macbook-pro/10-1; + apple-macbook-pro-12-1 = import ./apple/macbook-pro/12-1; + beagleboard-pocketbeagle = import ./beagleboard/pocketbeagle; + dell-g3-3779 = import ./dell/g3/3779; + dell-latitude-3480 = import ./dell/latitude/3480; + dell-precision-5530 = import ./dell/precision/5530; + dell-e7240 = import ./dell/e7240; + dell-xps-13-7390 = import ./dell/xps/13-7390; + dell-xps-13-9343 = import ./dell/xps/13-9343; + dell-xps-13-9360 = import ./dell/xps/13-9360; + dell-xps-13-9370 = import ./dell/xps/13-9370; + dell-xps-13-9380 = import ./dell/xps/13-9380; + dell-xps-15-7590 = import ./dell/xps/15-7590; + dell-xps-15-9550 = import ./dell/xps/15-9550; + dell-xps-15-9550-nvidia = import ./dell/xps/15-9550/nvidia; + dell-xps-15-9560 = import ./dell/xps/15-9560; + dell-xps-15-9560-intel = import ./dell/xps/15-9560/intel; + dell-xps-15-9560-nvidia = import ./dell/xps/15-9560/nvidia; + dell-xps-15-9500 = import ./dell/xps/15-9500; + dell-xps-15-9500-nvidia = import ./dell/xps/15-9500/nvidia; + google-pixelbook = import ./google/pixelbook; + inversepath-usbarmory = import ./inversepath/usbarmory; + lenovo-ideapad-z510 = import ./lenovo/ideapad/z510; + lenovo-thinkpad-e470 = import ./lenovo/thinkpad/e470; + lenovo-thinkpad-e495 = import ./lenovo/thinkpad/e495; + lenovo-thinkpad-l13 = import ./lenovo/thinkpad/l13; + lenovo-thinkpad-l14-intel = import ./lenovo/thinkpad/l14/intel; + lenovo-thinkpad-l14-amd = import ./lenovo/thinkpad/l14/amd; + lenovo-thinkpad-p53 = import ./lenovo/thinkpad/p53; + lenovo-thinkpad-t14 = import ./lenovo/thinkpad/t14; + lenovo-thinkpad-t14-amd-gen1 = import ./lenovo/thinkpad/t14/amd/gen1; + lenovo-thinkpad-t14s = import ./lenovo/thinkpad/t14s; + lenovo-thinkpad-t14s-amd-gen1 = import ./lenovo/thinkpad/t14s/amd/gen1; + lenovo-thinkpad-t410 = import ./lenovo/thinkpad/t410; + lenovo-thinkpad-t420 = import ./lenovo/thinkpad/t420; + lenovo-thinkpad-t430 = import ./lenovo/thinkpad/t430; + lenovo-thinkpad-t440s = import ./lenovo/thinkpad/t440s; + lenovo-thinkpad-t440p = import ./lenovo/thinkpad/t440p; + lenovo-thinkpad-t450s = import ./lenovo/thinkpad/t450s; + lenovo-thinkpad-t460s = import ./lenovo/thinkpad/t460s; + lenovo-thinkpad-t470s = import ./lenovo/thinkpad/t470s; + lenovo-thinkpad-t480s = import ./lenovo/thinkpad/t480s; + lenovo-thinkpad-t490 = import ./lenovo/thinkpad/t490; + lenovo-thinkpad-t495 = import ./lenovo/thinkpad/t495; + lenovo-thinkpad-x140e = import ./lenovo/thinkpad/x140e; + lenovo-thinkpad-x220 = import ./lenovo/thinkpad/x220; + lenovo-thinkpad-x230 = import ./lenovo/thinkpad/x230; + lenovo-thinkpad-x250 = import ./lenovo/thinkpad/x250; + lenovo-thinkpad-x260 = import ./lenovo/thinkpad/x260; + lenovo-thinkpad-x270 = import ./lenovo/thinkpad/x270; + lenovo-thinkpad-x280 = import ./lenovo/thinkpad/x280; + lenovo-thinkpad-x1-6th-gen = import ./lenovo/thinkpad/x1/6th-gen; + lenovo-thinkpad-x1-7th-gen = import ./lenovo/thinkpad/x1/7th-gen; + lenovo-thinkpad-x1-extreme = import ./lenovo/thinkpad/x1-extreme; + lenovo-thinkpad-x13-yoga = import ./lenovo/thinkpad/x13-yoga; + microsoft-surface = import ./microsoft/surface; + microsoft-surface-pro-3 = import ./microsoft/surface-pro/3; + pcengines-apu = import ./pcengines/apu; + raspberry-pi-2 = import ./raspberry-pi/2; + samsung-np900x3c = import ./samsung/np900x3c; + purism-librem-13v3 = import ./purism/librem/13v3; + purism-librem-15v3 = import ./purism/librem/15v3; + supermicro-a1sri-2758f = import ./supermicro/a1sri-2758f; + supermicro-x10sll-f = import ./supermicro/x10sll-f; + thoshiba-swanky = import ./toshiba/swanky; + tuxedo-infinitybook-v4 = import ./tuxedo/infinitybook/v4; + common-cpu-amd = import ./common/cpu/amd; + common-cpu-intel = import ./common/cpu/intel; + common-cpu-intel-kaby-lake = import ./common/cpu/intel/kaby-lake; + common-cpu-intel-sandy-bridge = import ./common/cpu/intel/sandy-bridge; + common-gpu-nvidia = import ./common/gpu/nvidia.nix; + common-pc-hdd = import ./common/pc/hdd; + common-pc-laptop-hdd = import ./common/pc/laptop/hdd; + common-pc-laptop-ssd = import ./common/pc/ssd; + common-pc-laptop-acpi_call = import ./common/pc/laptop/acpi_call.nix; + common-pc-laptop = import ./common/pc/laptop; + common-pc-ssd = import ./common/pc/ssd; + common-pc = import ./common/pc; + }; + }; +} diff --git a/modules/nixos-hardware/google/pixelbook/default.nix b/modules/nixos-hardware/google/pixelbook/default.nix new file mode 100644 index 000000000000..1ea4c7afdbdd --- /dev/null +++ b/modules/nixos-hardware/google/pixelbook/default.nix @@ -0,0 +1,9 @@ +{ ... }: + +{ + imports = [ + ../../common/pc/laptop + ../../common/pc/laptop/ssd + ../../common/cpu/intel/kaby-lake + ]; +} diff --git a/modules/nixos-hardware/inversepath/usbarmory/README.txt b/modules/nixos-hardware/inversepath/usbarmory/README.txt new file mode 100644 index 000000000000..31922a8d7519 --- /dev/null +++ b/modules/nixos-hardware/inversepath/usbarmory/README.txt @@ -0,0 +1,6 @@ +USB Armory network interface support + +- rename the Armory USB network interface +- set Armory inteface ip to 10.0.0.2/24 +- enable NAT and forward Armory interface +- add the name 'armory' to /etc/hosts diff --git a/modules/nixos-hardware/inversepath/usbarmory/default.nix b/modules/nixos-hardware/inversepath/usbarmory/default.nix new file mode 100644 index 000000000000..5c329f8286d3 --- /dev/null +++ b/modules/nixos-hardware/inversepath/usbarmory/default.nix @@ -0,0 +1,46 @@ +{ config, lib, pkgs, ... }: + +{ + boot = { + extraModprobeConfig = lib.mkDefault '' + options g_ether use_eem=0 dev_addr=1a:55:89:a2:69:41 host_addr=1a:55:89:a2:69:42 + ''; + + kernelModules = [ "ledtrig_heartbeat" "ci_hdrc_imx" "g_ether" ]; + kernelPackages = lib.mkDefault pkgs.linuxPackages_usbarmory; + kernelParams = [ "console=ttymxc0,115200" ]; + + loader.generic-extlinux-compatible.enable = lib.mkDefault true; + }; + + networking = { + defaultGateway = "172.16.0.1"; + firewall.enable = lib.mkDefault false; + hostName = "usbarmory"; + + interfaces.usb0.ip4 = [ + { address = "172.16.0.2"; prefixLength = 24; } + ]; + + nameservers = [ "8.8.8.8" ]; + }; + + nix = { + binaryCaches = [ "http://nixos-arm.dezgeg.me/channel" ]; + binaryCachePublicKeys = [ "nixos-arm.dezgeg.me-1:xBaUKS3n17BZPKeyxL4JfbTqECsT+ysbDJz29kLFRW0=%" ]; + }; + + nixpkgs.overlays = [(final: previous: { + linuxPackages_usbarmory = final.recurseIntoAttrs + (final.linuxPackagesFor (import ./kernel.nix { + inherit (final) stdenv buildLinux fetchurl; + })); + })]; + + sound.enable = lib.mkDefault false; + + services = { + openssh.enable = lib.mkDefault true; + openssh.permitRootLogin = lib.mkDefault "without-password"; + }; +} diff --git a/modules/nixos-hardware/inversepath/usbarmory/host.nix b/modules/nixos-hardware/inversepath/usbarmory/host.nix new file mode 100644 index 000000000000..42cef490c6f8 --- /dev/null +++ b/modules/nixos-hardware/inversepath/usbarmory/host.nix @@ -0,0 +1,19 @@ +{ dev ? "armory0" }: + +{ + services.udev.extraRules = '' + SUBSYSTEM=="net", ACTION=="add", ATTRS{idVendor}=="0525", ATTRS{idProduct}=="a4a2", NAME="${staticDevName}" + ''; + + networking = { + interfaces."${staticDevName}".ip4 = [{ + address = "10.0.0.2"; + prefixLength = 24; + }]; + nat = { + enable = true; + internalInterfaces = [ dev ]; + }; + extraHosts = "10.0.0.1 armory"; + }; +} diff --git a/modules/nixos-hardware/inversepath/usbarmory/kernel.config b/modules/nixos-hardware/inversepath/usbarmory/kernel.config new file mode 100644 index 000000000000..e2fa29737937 --- /dev/null +++ b/modules/nixos-hardware/inversepath/usbarmory/kernel.config @@ -0,0 +1,995 @@ +CONFIG_ARM=y +CONFIG_ARM_HAS_SG_CHAIN=y +CONFIG_MIGHT_HAVE_PCI=y +CONFIG_SYS_SUPPORTS_APM_EMULATION=y +CONFIG_HAVE_PROC_CPU=y +CONFIG_STACKTRACE_SUPPORT=y +CONFIG_HAVE_LATENCYTOP_SUPPORT=y +CONFIG_LOCKDEP_SUPPORT=y +CONFIG_TRACE_IRQFLAGS_SUPPORT=y +CONFIG_RWSEM_XCHGADD_ALGORITHM=y +CONFIG_FIX_EARLYCON_MEM=y +CONFIG_GENERIC_HWEIGHT=y +CONFIG_GENERIC_CALIBRATE_DELAY=y +CONFIG_NEED_DMA_MAP_STATE=y +CONFIG_ARCH_SUPPORTS_UPROBES=y +CONFIG_VECTORS_BASE=0xffff0000 +CONFIG_ARM_PATCH_PHYS_VIRT=y +CONFIG_GENERIC_BUG=y +CONFIG_PGTABLE_LEVELS=2 +CONFIG_DEFCONFIG_LIST="/lib/modules/$UNAME_RELEASE/.config" +CONFIG_IRQ_WORK=y +CONFIG_BUILDTIME_EXTABLE_SORT=y +CONFIG_DMIID=y +CONFIG_BROKEN_ON_SMP=y +CONFIG_INIT_ENV_ARG_LIMIT=32 +CONFIG_CROSS_COMPILE="" +CONFIG_LOCALVERSION="" +CONFIG_LOCALVERSION_AUTO=y +CONFIG_HAVE_KERNEL_GZIP=y +CONFIG_HAVE_KERNEL_LZMA=y +CONFIG_HAVE_KERNEL_XZ=y +CONFIG_HAVE_KERNEL_LZO=y +CONFIG_HAVE_KERNEL_LZ4=y +CONFIG_KERNEL_GZIP=y +CONFIG_DEFAULT_HOSTNAME="usbarmory" +CONFIG_SWAP=y +CONFIG_SYSVIPC=y +CONFIG_SYSVIPC_SYSCTL=y +CONFIG_CROSS_MEMORY_ATTACH=y +CONFIG_FHANDLE=y +CONFIG_USELIB=y +CONFIG_AUDIT=y +CONFIG_HAVE_ARCH_AUDITSYSCALL=y +CONFIG_GENERIC_IRQ_PROBE=y +CONFIG_GENERIC_IRQ_SHOW=y +CONFIG_GENERIC_IRQ_SHOW_LEVEL=y +CONFIG_HARDIRQS_SW_RESEND=y +CONFIG_GENERIC_IRQ_CHIP=y +CONFIG_IRQ_DOMAIN=y +CONFIG_HANDLE_DOMAIN_IRQ=y +CONFIG_IRQ_FORCED_THREADING=y +CONFIG_SPARSE_IRQ=y +CONFIG_GENERIC_CLOCKEVENTS=y +CONFIG_TICK_ONESHOT=y +CONFIG_NO_HZ_COMMON=y +CONFIG_NO_HZ_IDLE=y +CONFIG_NO_HZ=y +CONFIG_HIGH_RES_TIMERS=y +CONFIG_TICK_CPU_ACCOUNTING=y +CONFIG_PREEMPT_RCU=y +CONFIG_SRCU=y +CONFIG_RCU_STALL_COMMON=y +CONFIG_BUILD_BIN2C=y +CONFIG_IKCONFIG=m +CONFIG_IKCONFIG_PROC=y +CONFIG_LOG_BUF_SHIFT=14 +CONFIG_GENERIC_SCHED_CLOCK=y +CONFIG_CGROUPS=y +CONFIG_NAMESPACES=y +CONFIG_UTS_NS=y +CONFIG_IPC_NS=y +CONFIG_PID_NS=y +CONFIG_NET_NS=y +CONFIG_BLK_DEV_INITRD=y +CONFIG_INITRAMFS_SOURCE="" +CONFIG_RD_GZIP=y +CONFIG_CC_OPTIMIZE_FOR_SIZE=y +CONFIG_SYSCTL=y +CONFIG_ANON_INODES=y +CONFIG_HAVE_UID16=y +CONFIG_BPF=y +CONFIG_EXPERT=y +CONFIG_UID16=y +CONFIG_MULTIUSER=y +CONFIG_SYSFS_SYSCALL=y +CONFIG_SYSCTL_SYSCALL=y +CONFIG_KALLSYMS=y +CONFIG_PRINTK=y +CONFIG_BUG=y +CONFIG_ELF_CORE=y +CONFIG_BASE_FULL=y +CONFIG_FUTEX=y +CONFIG_EPOLL=y +CONFIG_SIGNALFD=y +CONFIG_TIMERFD=y +CONFIG_EVENTFD=y +CONFIG_SHMEM=y +CONFIG_AIO=y +CONFIG_ADVISE_SYSCALLS=y +CONFIG_MEMBARRIER=y +CONFIG_EMBEDDED=y +CONFIG_HAVE_PERF_EVENTS=y +CONFIG_PERF_USE_VMALLOC=y +CONFIG_VM_EVENT_COUNTERS=y +CONFIG_COMPAT_BRK=y +CONFIG_SLUB=y +CONFIG_HAVE_OPROFILE=y +CONFIG_JUMP_LABEL=y +CONFIG_HAVE_EFFICIENT_UNALIGNED_ACCESS=y +CONFIG_ARCH_USE_BUILTIN_BSWAP=y +CONFIG_HAVE_KPROBES=y +CONFIG_HAVE_KRETPROBES=y +CONFIG_HAVE_OPTPROBES=y +CONFIG_HAVE_ARCH_TRACEHOOK=y +CONFIG_HAVE_DMA_ATTRS=y +CONFIG_HAVE_DMA_CONTIGUOUS=y +CONFIG_GENERIC_SMP_IDLE_THREAD=y +CONFIG_GENERIC_IDLE_POLL_SETUP=y +CONFIG_HAVE_REGS_AND_STACK_ACCESS_API=y +CONFIG_HAVE_CLK=y +CONFIG_HAVE_DMA_API_DEBUG=y +CONFIG_HAVE_PERF_REGS=y +CONFIG_HAVE_PERF_USER_STACK_DUMP=y +CONFIG_HAVE_ARCH_JUMP_LABEL=y +CONFIG_ARCH_WANT_IPC_PARSE_VERSION=y +CONFIG_HAVE_ARCH_SECCOMP_FILTER=y +CONFIG_SECCOMP_FILTER=y +CONFIG_HAVE_CC_STACKPROTECTOR=y +CONFIG_CC_STACKPROTECTOR_NONE=y +CONFIG_HAVE_CONTEXT_TRACKING=y +CONFIG_HAVE_VIRT_CPU_ACCOUNTING_GEN=y +CONFIG_HAVE_IRQ_TIME_ACCOUNTING=y +CONFIG_HAVE_MOD_ARCH_SPECIFIC=y +CONFIG_MODULES_USE_ELF_REL=y +CONFIG_ARCH_HAS_ELF_RANDOMIZE=y +CONFIG_CLONE_BACKWARDS=y +CONFIG_OLD_SIGSUSPEND3=y +CONFIG_OLD_SIGACTION=y +CONFIG_ARCH_HAS_GCOV_PROFILE_ALL=y +CONFIG_HAVE_GENERIC_DMA_COHERENT=y +CONFIG_RT_MUTEXES=y +CONFIG_BASE_SMALL=0 +CONFIG_MODULES=y +CONFIG_MODULE_UNLOAD=y +CONFIG_MODULE_FORCE_UNLOAD=y +CONFIG_MODVERSIONS=y +CONFIG_BLOCK=y +CONFIG_LBDAF=y +CONFIG_BLK_CMDLINE_PARSER=y +CONFIG_PARTITION_ADVANCED=y +CONFIG_MSDOS_PARTITION=y +CONFIG_EFI_PARTITION=y +CONFIG_EFI_STUB=y +CONFIG_CMDLINE_PARTITION=y +CONFIG_IOSCHED_NOOP=y +CONFIG_IOSCHED_DEADLINE=m +CONFIG_IOSCHED_CFQ=m +CONFIG_DEFAULT_NOOP=y +CONFIG_DEFAULT_IOSCHED="noop" +CONFIG_ASN1=m +CONFIG_UNINLINE_SPIN_UNLOCK=y +CONFIG_ARCH_SUPPORTS_ATOMIC_RMW=y +CONFIG_FREEZER=y +CONFIG_MMU=y +CONFIG_ARCH_MULTIPLATFORM=y +CONFIG_ARCH_MULTI_V7=y +CONFIG_ARCH_MULTI_V6_V7=y +CONFIG_ARCH_MXC=y +CONFIG_MXC_TZIC=y +CONFIG_HAVE_IMX_SRC=y +CONFIG_SOC_IMX5=y +CONFIG_SOC_IMX53=y +CONFIG_CPU_V7=y +CONFIG_CPU_32v6K=y +CONFIG_CPU_32v7=y +CONFIG_CPU_ABRT_EV7=y +CONFIG_CPU_PABRT_V7=y +CONFIG_CPU_CACHE_V7=y +CONFIG_CPU_CACHE_VIPT=y +CONFIG_CPU_COPY_V6=y +CONFIG_CPU_TLB_V7=y +CONFIG_CPU_HAS_ASID=y +CONFIG_CPU_CP15=y +CONFIG_CPU_CP15_MMU=y +CONFIG_ARM_THUMB=y +CONFIG_ARM_VIRT_EXT=y +CONFIG_KUSER_HELPERS=y +CONFIG_OUTER_CACHE=y +CONFIG_OUTER_CACHE_SYNC=y +CONFIG_MIGHT_HAVE_CACHE_L2X0=y +CONFIG_CACHE_L2X0=y +CONFIG_ARM_L1_CACHE_SHIFT_6=y +CONFIG_ARM_L1_CACHE_SHIFT=6 +CONFIG_ARM_DMA_MEM_BUFFERABLE=y +CONFIG_ARM_HEAVY_MB=y +CONFIG_MULTI_IRQ_HANDLER=y +CONFIG_HAVE_SMP=y +CONFIG_VMSPLIT_2G=y +CONFIG_PAGE_OFFSET=0x80000000 +CONFIG_ARCH_NR_GPIO=0 +CONFIG_PREEMPT=y +CONFIG_PREEMPT_COUNT=y +CONFIG_HZ_FIXED=0 +CONFIG_HZ_100=y +CONFIG_HZ=100 +CONFIG_SCHED_HRTICK=y +CONFIG_AEABI=y +CONFIG_HAVE_ARCH_PFN_VALID=y +CONFIG_CPU_SW_DOMAIN_PAN=y +CONFIG_ARCH_WANT_GENERAL_HUGETLB=y +CONFIG_FLATMEM=y +CONFIG_FLAT_NODE_MEM_MAP=y +CONFIG_HAVE_MEMBLOCK=y +CONFIG_NO_BOOTMEM=y +CONFIG_SPLIT_PTLOCK_CPUS=4 +CONFIG_COMPACTION=y +CONFIG_MIGRATION=y +CONFIG_ZONE_DMA_FLAG=0 +CONFIG_KSM=y +CONFIG_DEFAULT_MMAP_MIN_ADDR=4096 +CONFIG_NEED_PER_CPU_KM=y +CONFIG_CLEANCACHE=y +CONFIG_ZPOOL=m +CONFIG_ZBUD=m +CONFIG_ZSMALLOC=m +CONFIG_FORCE_MAX_ZONEORDER=11 +CONFIG_ALIGNMENT_TRAP=y +CONFIG_SECCOMP=y +CONFIG_SWIOTLB=y +CONFIG_IOMMU_HELPER=y +CONFIG_USE_OF=y +CONFIG_ATAGS=y +CONFIG_ZBOOT_ROM_TEXT=0x0 +CONFIG_ZBOOT_ROM_BSS=0x0 +CONFIG_CMDLINE="noinitrd console=ttymxc0,115200 root=/dev/mmcblk0p1 rw rootfstype=ext4 ip=off" +CONFIG_CMDLINE_FROM_BOOTLOADER=y +CONFIG_AUTO_ZRELADDR=y +CONFIG_CPU_FREQ=y +CONFIG_CPU_FREQ_GOV_COMMON=y +CONFIG_CPU_FREQ_STAT=m +CONFIG_CPU_FREQ_DEFAULT_GOV_ONDEMAND=y +CONFIG_CPU_FREQ_GOV_PERFORMANCE=y +CONFIG_CPU_FREQ_GOV_POWERSAVE=m +CONFIG_CPU_FREQ_GOV_USERSPACE=m +CONFIG_CPU_FREQ_GOV_ONDEMAND=y +CONFIG_CPU_FREQ_GOV_CONSERVATIVE=m +CONFIG_CPUFREQ_DT=y +CONFIG_CPU_IDLE=y +CONFIG_CPU_IDLE_GOV_LADDER=y +CONFIG_CPU_IDLE_GOV_MENU=y +CONFIG_VFP=y +CONFIG_VFPv3=y +CONFIG_NEON=y +CONFIG_BINFMT_ELF=y +CONFIG_BINFMT_SCRIPT=y +CONFIG_COREDUMP=y +CONFIG_HIBERNATE_CALLBACKS=y +CONFIG_HIBERNATION=y +CONFIG_PM_STD_PARTITION="" +CONFIG_PM_SLEEP=y +CONFIG_PM=y +CONFIG_PM_OPP=y +CONFIG_PM_CLK=y +CONFIG_CPU_PM=y +CONFIG_ARCH_SUSPEND_POSSIBLE=y +CONFIG_ARM_CPU_SUSPEND=y +CONFIG_ARCH_HIBERNATION_POSSIBLE=y +CONFIG_NET=y +CONFIG_NET_INGRESS=y +CONFIG_PACKET=y +CONFIG_UNIX=y +CONFIG_XFRM=y +CONFIG_XFRM_ALGO=m +CONFIG_XFRM_USER=m +CONFIG_XFRM_SUB_POLICY=y +CONFIG_XFRM_MIGRATE=y +CONFIG_XFRM_STATISTICS=y +CONFIG_XFRM_IPCOMP=m +CONFIG_NET_KEY=m +CONFIG_NET_KEY_MIGRATE=y +CONFIG_INET=y +CONFIG_IP_MULTICAST=y +CONFIG_IP_ADVANCED_ROUTER=y +CONFIG_IP_MULTIPLE_TABLES=y +CONFIG_NET_IPIP=m +CONFIG_NET_IPGRE_DEMUX=m +CONFIG_NET_IP_TUNNEL=m +CONFIG_NET_IPGRE=m +CONFIG_NET_IPGRE_BROADCAST=y +CONFIG_SYN_COOKIES=y +CONFIG_NET_IPVTI=m +CONFIG_NET_UDP_TUNNEL=m +CONFIG_NET_FOU=m +CONFIG_NET_FOU_IP_TUNNELS=y +CONFIG_INET_AH=m +CONFIG_INET_ESP=m +CONFIG_INET_IPCOMP=m +CONFIG_INET_XFRM_TUNNEL=m +CONFIG_INET_TUNNEL=m +CONFIG_INET_XFRM_MODE_TRANSPORT=m +CONFIG_INET_XFRM_MODE_TUNNEL=m +CONFIG_INET_XFRM_MODE_BEET=m +CONFIG_INET_DIAG=y +CONFIG_INET_TCP_DIAG=y +CONFIG_INET_UDP_DIAG=m +CONFIG_TCP_CONG_ADVANCED=y +CONFIG_TCP_CONG_BIC=m +CONFIG_TCP_CONG_CUBIC=y +CONFIG_TCP_CONG_WESTWOOD=m +CONFIG_TCP_CONG_HTCP=m +CONFIG_TCP_CONG_HSTCP=m +CONFIG_TCP_CONG_HYBLA=m +CONFIG_TCP_CONG_VEGAS=m +CONFIG_TCP_CONG_SCALABLE=m +CONFIG_TCP_CONG_LP=m +CONFIG_TCP_CONG_VENO=m +CONFIG_TCP_CONG_YEAH=m +CONFIG_TCP_CONG_ILLINOIS=m +CONFIG_DEFAULT_CUBIC=y +CONFIG_DEFAULT_TCP_CONG="cubic" +CONFIG_TCP_MD5SIG=y +CONFIG_IPV6=m +CONFIG_IPV6_ROUTER_PREF=y +CONFIG_IPV6_ROUTE_INFO=y +CONFIG_IPV6_OPTIMISTIC_DAD=y +CONFIG_INET6_AH=m +CONFIG_INET6_ESP=m +CONFIG_INET6_IPCOMP=m +CONFIG_IPV6_MIP6=m +CONFIG_INET6_XFRM_TUNNEL=m +CONFIG_INET6_TUNNEL=m +CONFIG_INET6_XFRM_MODE_TRANSPORT=m +CONFIG_INET6_XFRM_MODE_TUNNEL=m +CONFIG_INET6_XFRM_MODE_BEET=m +CONFIG_INET6_XFRM_MODE_ROUTEOPTIMIZATION=m +CONFIG_IPV6_VTI=m +CONFIG_IPV6_SIT=m +CONFIG_IPV6_SIT_6RD=y +CONFIG_IPV6_NDISC_NODETYPE=y +CONFIG_IPV6_TUNNEL=m +CONFIG_IPV6_GRE=m +CONFIG_IPV6_MULTIPLE_TABLES=y +CONFIG_IPV6_SUBTREES=y +CONFIG_IPV6_MROUTE=y +CONFIG_NETFILTER=y +CONFIG_NETFILTER_ADVANCED=y +CONFIG_BRIDGE_NETFILTER=m +CONFIG_NETFILTER_INGRESS=y +CONFIG_NETFILTER_NETLINK=m +CONFIG_NF_CONNTRACK=m +CONFIG_NF_LOG_COMMON=m +CONFIG_NF_CONNTRACK_MARK=y +CONFIG_NF_CONNTRACK_PROCFS=y +CONFIG_NF_CT_PROTO_GRE=m +CONFIG_NF_CONNTRACK_FTP=m +CONFIG_NF_CONNTRACK_H323=m +CONFIG_NF_CONNTRACK_IRC=m +CONFIG_NF_CONNTRACK_BROADCAST=m +CONFIG_NF_CONNTRACK_NETBIOS_NS=m +CONFIG_NF_CONNTRACK_SNMP=m +CONFIG_NF_CONNTRACK_PPTP=m +CONFIG_NF_CONNTRACK_SANE=m +CONFIG_NF_CONNTRACK_SIP=m +CONFIG_NF_CONNTRACK_TFTP=m +CONFIG_NF_CT_NETLINK=m +CONFIG_NF_CT_NETLINK_TIMEOUT=m +CONFIG_NF_NAT=m +CONFIG_NF_NAT_NEEDED=y +CONFIG_NF_NAT_FTP=m +CONFIG_NF_NAT_IRC=m +CONFIG_NF_NAT_SIP=m +CONFIG_NF_NAT_TFTP=m +CONFIG_NF_NAT_REDIRECT=m +CONFIG_NETFILTER_SYNPROXY=m +CONFIG_NETFILTER_XTABLES=m +CONFIG_NETFILTER_XT_TARGET_HL=m +CONFIG_NETFILTER_XT_TARGET_LED=m +CONFIG_NETFILTER_XT_NAT=m +CONFIG_NETFILTER_XT_TARGET_NETMAP=m +CONFIG_NETFILTER_XT_TARGET_REDIRECT=m +CONFIG_NETFILTER_XT_TARGET_TEE=m +CONFIG_NETFILTER_XT_TARGET_TPROXY=m +CONFIG_NETFILTER_XT_TARGET_TCPMSS=m +CONFIG_NETFILTER_XT_MATCH_BPF=m +CONFIG_NETFILTER_XT_MATCH_CGROUP=m +CONFIG_NETFILTER_XT_MATCH_ECN=m +CONFIG_NETFILTER_XT_MATCH_ESP=m +CONFIG_NETFILTER_XT_MATCH_HL=m +CONFIG_NETFILTER_XT_MATCH_IPRANGE=m +CONFIG_NETFILTER_XT_MATCH_LENGTH=m +CONFIG_NETFILTER_XT_MATCH_MAC=m +CONFIG_NETFILTER_XT_MATCH_MULTIPORT=m +CONFIG_NETFILTER_XT_MATCH_OWNER=m +CONFIG_NETFILTER_XT_MATCH_POLICY=m +CONFIG_NETFILTER_XT_MATCH_PKTTYPE=m +CONFIG_NETFILTER_XT_MATCH_STATE=m +CONFIG_NETFILTER_XT_MATCH_STATISTIC=m +CONFIG_NETFILTER_XT_MATCH_STRING=m +CONFIG_NETFILTER_XT_MATCH_TCPMSS=m +CONFIG_NETFILTER_XT_MATCH_TIME=m +CONFIG_NETFILTER_XT_MATCH_U32=m +CONFIG_NF_DEFRAG_IPV4=m +CONFIG_NF_CONNTRACK_IPV4=m +CONFIG_NF_CONNTRACK_PROC_COMPAT=y +CONFIG_NF_DUP_IPV4=m +CONFIG_NF_LOG_ARP=m +CONFIG_NF_LOG_IPV4=m +CONFIG_NF_REJECT_IPV4=m +CONFIG_NF_NAT_IPV4=m +CONFIG_NF_NAT_MASQUERADE_IPV4=m +CONFIG_NF_NAT_SNMP_BASIC=m +CONFIG_NF_NAT_PROTO_GRE=m +CONFIG_NF_NAT_PPTP=m +CONFIG_NF_NAT_H323=m +CONFIG_IP_NF_IPTABLES=m +CONFIG_IP_NF_MATCH_AH=m +CONFIG_IP_NF_MATCH_ECN=m +CONFIG_IP_NF_MATCH_RPFILTER=m +CONFIG_IP_NF_MATCH_TTL=m +CONFIG_IP_NF_FILTER=m +CONFIG_IP_NF_TARGET_REJECT=m +CONFIG_IP_NF_TARGET_SYNPROXY=m +CONFIG_IP_NF_NAT=m +CONFIG_IP_NF_TARGET_MASQUERADE=m +CONFIG_IP_NF_TARGET_NETMAP=m +CONFIG_IP_NF_TARGET_REDIRECT=m +CONFIG_IP_NF_MANGLE=m +CONFIG_IP_NF_TARGET_CLUSTERIP=m +CONFIG_IP_NF_TARGET_ECN=m +CONFIG_IP_NF_TARGET_TTL=m +CONFIG_IP_NF_RAW=m +CONFIG_IP_NF_ARPTABLES=m +CONFIG_IP_NF_ARPFILTER=m +CONFIG_IP_NF_ARP_MANGLE=m +CONFIG_NF_DEFRAG_IPV6=m +CONFIG_NF_CONNTRACK_IPV6=m +CONFIG_NF_DUP_IPV6=m +CONFIG_NF_REJECT_IPV6=m +CONFIG_NF_LOG_IPV6=m +CONFIG_NF_NAT_IPV6=m +CONFIG_NF_NAT_MASQUERADE_IPV6=m +CONFIG_IP6_NF_IPTABLES=m +CONFIG_IP6_NF_MATCH_AH=m +CONFIG_IP6_NF_MATCH_EUI64=m +CONFIG_IP6_NF_MATCH_FRAG=m +CONFIG_IP6_NF_MATCH_OPTS=m +CONFIG_IP6_NF_MATCH_HL=m +CONFIG_IP6_NF_MATCH_IPV6HEADER=m +CONFIG_IP6_NF_MATCH_MH=m +CONFIG_IP6_NF_MATCH_RT=m +CONFIG_IP6_NF_FILTER=m +CONFIG_IP6_NF_TARGET_REJECT=m +CONFIG_IP6_NF_TARGET_SYNPROXY=m +CONFIG_IP6_NF_MANGLE=m +CONFIG_IP6_NF_RAW=m +CONFIG_IP6_NF_NAT=m +CONFIG_IP6_NF_TARGET_MASQUERADE=m +CONFIG_IP6_NF_TARGET_NPT=m +CONFIG_L2TP=m +CONFIG_STP=m +CONFIG_BRIDGE=m +CONFIG_BRIDGE_IGMP_SNOOPING=y +CONFIG_HAVE_NET_DSA=y +CONFIG_VLAN_8021Q=m +CONFIG_LLC=m +CONFIG_NET_SCHED=y +CONFIG_NET_SCH_CBQ=m +CONFIG_NET_SCH_HTB=m +CONFIG_NET_SCH_HFSC=m +CONFIG_NET_SCH_RED=m +CONFIG_NET_SCH_NETEM=m +CONFIG_NET_CLS=y +CONFIG_NET_CLS_FW=m +CONFIG_NET_CLS_CGROUP=m +CONFIG_NET_CLS_BPF=m +CONFIG_NET_SCH_FIFO=y +CONFIG_CGROUP_NET_CLASSID=y +CONFIG_NET_RX_BUSY_POLL=y +CONFIG_BQL=y +CONFIG_BPF_JIT=y +CONFIG_FIB_RULES=y +CONFIG_WIRELESS=y +CONFIG_WEXT_CORE=y +CONFIG_WEXT_PROC=y +CONFIG_CFG80211=m +CONFIG_CFG80211_DEFAULT_PS=y +CONFIG_CFG80211_CRDA_SUPPORT=y +CONFIG_CFG80211_WEXT=y +CONFIG_MAC80211=m +CONFIG_MAC80211_HAS_RC=y +CONFIG_MAC80211_RC_MINSTREL=y +CONFIG_MAC80211_RC_MINSTREL_HT=y +CONFIG_MAC80211_RC_DEFAULT_MINSTREL=y +CONFIG_MAC80211_RC_DEFAULT="minstrel_ht" +CONFIG_MAC80211_STA_HASH_MAX_SIZE=0 +CONFIG_HAVE_BPF_JIT=y +CONFIG_UEVENT_HELPER=y +CONFIG_UEVENT_HELPER_PATH="" +CONFIG_DEVTMPFS=y +CONFIG_DEVTMPFS_MOUNT=y +CONFIG_FW_LOADER=m +CONFIG_FIRMWARE_IN_KERNEL=y +CONFIG_EXTRA_FIRMWARE="" +CONFIG_SOC_BUS=y +CONFIG_REGMAP=y +CONFIG_REGMAP_I2C=m +CONFIG_REGMAP_MMIO=m +CONFIG_MTD=m +CONFIG_MTD_OF_PARTS=m +CONFIG_MTD_MAP_BANK_WIDTH_1=y +CONFIG_MTD_MAP_BANK_WIDTH_2=y +CONFIG_MTD_MAP_BANK_WIDTH_4=y +CONFIG_MTD_CFI_I1=y +CONFIG_MTD_CFI_I2=y +CONFIG_MTD_M25P80=m +CONFIG_MTD_BLOCK2MTD=m +CONFIG_MTD_SPI_NOR=m +CONFIG_MTD_SPI_NOR_USE_4K_SECTORS=y +CONFIG_DTC=y +CONFIG_OF=y +CONFIG_OF_FLATTREE=y +CONFIG_OF_EARLY_FLATTREE=y +CONFIG_OF_ADDRESS=y +CONFIG_OF_IRQ=y +CONFIG_OF_NET=y +CONFIG_OF_MTD=y +CONFIG_OF_RESERVED_MEM=y +CONFIG_ARCH_MIGHT_HAVE_PC_PARPORT=y +CONFIG_BLK_DEV=y +CONFIG_BLK_DEV_LOOP=y +CONFIG_BLK_DEV_LOOP_MIN_COUNT=8 +CONFIG_SRAM=y +CONFIG_EEPROM_93CX6=m +CONFIG_SCSI_MOD=m +CONFIG_SCSI=m +CONFIG_SCSI_DMA=y +CONFIG_SCSI_PROC_FS=y +CONFIG_BLK_DEV_SD=m +CONFIG_SCSI_LOWLEVEL=y +CONFIG_MD=y +CONFIG_BLK_DEV_DM_BUILTIN=y +CONFIG_BLK_DEV_DM=y +CONFIG_DM_BUFIO=y +CONFIG_DM_CRYPT=y +CONFIG_DM_VERITY=y +CONFIG_NETDEVICES=y +CONFIG_NET_CORE=y +CONFIG_DUMMY=m +CONFIG_VXLAN=m +CONFIG_TUN=m +CONFIG_VETH=m +CONFIG_PPP=m +CONFIG_PPP_BSDCOMP=m +CONFIG_PPP_DEFLATE=m +CONFIG_PPP_FILTER=y +CONFIG_PPP_MPPE=m +CONFIG_PPPOE=m +CONFIG_PPPOL2TP=m +CONFIG_SLHC=m +CONFIG_USB_NET_DRIVERS=m +CONFIG_WLAN=y +CONFIG_RTL8187=m +CONFIG_RT2X00=m +CONFIG_RT2500USB=m +CONFIG_RT73USB=m +CONFIG_RT2800USB=m +CONFIG_RT2800USB_RT33XX=y +CONFIG_RT2800USB_RT35XX=y +CONFIG_RT2800USB_RT3573=y +CONFIG_RT2800USB_RT53XX=y +CONFIG_RT2800USB_RT55XX=y +CONFIG_RT2800USB_UNKNOWN=y +CONFIG_RT2800_LIB=m +CONFIG_RT2X00_LIB_USB=m +CONFIG_RT2X00_LIB=m +CONFIG_RT2X00_LIB_FIRMWARE=y +CONFIG_RT2X00_LIB_CRYPTO=y +CONFIG_RT2X00_LIB_LEDS=y +CONFIG_RT2X00_DEBUG=y +CONFIG_RTL_CARDS=m +CONFIG_RTL8192CU=m +CONFIG_RTLWIFI=m +CONFIG_RTLWIFI_USB=m +CONFIG_RTLWIFI_DEBUG=y +CONFIG_RTL8192C_COMMON=m +CONFIG_RTL8XXXU=m +CONFIG_INPUT=y +CONFIG_INPUT_LEDS=m +CONFIG_INPUT_MOUSEDEV=m +CONFIG_INPUT_MOUSEDEV_PSAUX=y +CONFIG_INPUT_MOUSEDEV_SCREEN_X=1024 +CONFIG_INPUT_MOUSEDEV_SCREEN_Y=768 +CONFIG_INPUT_EVDEV=m +CONFIG_INPUT_KEYBOARD=y +CONFIG_KEYBOARD_ATKBD=y +CONFIG_INPUT_MOUSE=y +CONFIG_MOUSE_PS2=m +CONFIG_MOUSE_PS2_FOCALTECH=y +CONFIG_MOUSE_SERIAL=m +CONFIG_MOUSE_SYNAPTICS_USB=m +CONFIG_INPUT_TOUCHSCREEN=y +CONFIG_TOUCHSCREEN_PROPERTIES=y +CONFIG_TOUCHSCREEN_USB_COMPOSITE=m +CONFIG_TOUCHSCREEN_USB_E2I=y +CONFIG_SERIO=y +CONFIG_SERIO_SERPORT=y +CONFIG_SERIO_LIBPS2=y +CONFIG_TTY=y +CONFIG_VT=y +CONFIG_CONSOLE_TRANSLATIONS=y +CONFIG_VT_CONSOLE=y +CONFIG_VT_CONSOLE_SLEEP=y +CONFIG_HW_CONSOLE=y +CONFIG_VT_HW_CONSOLE_BINDING=y +CONFIG_UNIX98_PTYS=y +CONFIG_LEGACY_PTYS=y +CONFIG_LEGACY_PTY_COUNT=256 +CONFIG_DEVMEM=y +CONFIG_DEVKMEM=y +CONFIG_SERIAL_EARLYCON=y +CONFIG_SERIAL_IMX=y +CONFIG_SERIAL_IMX_CONSOLE=y +CONFIG_SERIAL_CORE=y +CONFIG_SERIAL_CORE_CONSOLE=y +CONFIG_HW_RANDOM=m +CONFIG_I2C=m +CONFIG_I2C_BOARDINFO=y +CONFIG_I2C_CHARDEV=m +CONFIG_I2C_HELPER_AUTO=y +CONFIG_I2C_IMX=m +CONFIG_SPI=y +CONFIG_SPI_DEBUG=y +CONFIG_SPI_MASTER=y +CONFIG_SPI_BITBANG=m +CONFIG_SPI_IMX=m +CONFIG_SPI_SPIDEV=m +CONFIG_PPS=y +CONFIG_PINCTRL=y +CONFIG_PINMUX=y +CONFIG_PINCONF=y +CONFIG_PINCTRL_IMX=y +CONFIG_PINCTRL_IMX53=y +CONFIG_ARCH_HAVE_CUSTOM_GPIO_H=y +CONFIG_ARCH_WANT_OPTIONAL_GPIOLIB=y +CONFIG_ARCH_REQUIRE_GPIOLIB=y +CONFIG_GPIOLIB=y +CONFIG_GPIO_DEVRES=y +CONFIG_OF_GPIO=y +CONFIG_GPIO_SYSFS=y +CONFIG_GPIO_GENERIC=y +CONFIG_GPIO_GENERIC_PLATFORM=y +CONFIG_GPIO_MXC=y +CONFIG_POWER_SUPPLY=y +CONFIG_POWER_AVS=y +CONFIG_WATCHDOG=y +CONFIG_WATCHDOG_CORE=y +CONFIG_SOFT_WATCHDOG=m +CONFIG_GPIO_WATCHDOG=m +CONFIG_IMX2_WDT=m +CONFIG_SSB_POSSIBLE=y +CONFIG_BCMA_POSSIBLE=y +CONFIG_REGULATOR=y +CONFIG_REGULATOR_LTC3589=m +CONFIG_DUMMY_CONSOLE=y +CONFIG_HID=y +CONFIG_HID_GENERIC=m +CONFIG_USB_HID=m +CONFIG_USB_HIDDEV=y +CONFIG_USB_KBD=m +CONFIG_USB_MOUSE=m +CONFIG_USB_OHCI_LITTLE_ENDIAN=y +CONFIG_USB_SUPPORT=y +CONFIG_USB_COMMON=m +CONFIG_USB_ARCH_HAS_HCD=y +CONFIG_USB=m +CONFIG_USB_DEFAULT_PERSIST=y +CONFIG_USB_OTG=y +CONFIG_USB_EHCI_HCD=m +CONFIG_USB_EHCI_ROOT_HUB_TT=y +CONFIG_USB_EHCI_TT_NEWSCHED=y +CONFIG_USB_STORAGE=m +CONFIG_USB_CHIPIDEA=m +CONFIG_USB_CHIPIDEA_OF=m +CONFIG_USB_CHIPIDEA_UDC=y +CONFIG_USB_CHIPIDEA_HOST=y +CONFIG_USB_CHIPIDEA_DEBUG=y +CONFIG_USB_PHY=y +CONFIG_NOP_USB_XCEIV=y +CONFIG_USB_GADGET=m +CONFIG_USB_GADGET_DEBUG_FS=y +CONFIG_USB_GADGET_VBUS_DRAW=500 +CONFIG_USB_GADGET_STORAGE_NUM_BUFFERS=2 +CONFIG_USB_LIBCOMPOSITE=m +CONFIG_USB_F_ACM=m +CONFIG_USB_F_SS_LB=m +CONFIG_USB_U_SERIAL=m +CONFIG_USB_U_ETHER=m +CONFIG_USB_F_SERIAL=m +CONFIG_USB_F_OBEX=m +CONFIG_USB_F_NCM=m +CONFIG_USB_F_ECM=m +CONFIG_USB_F_EEM=m +CONFIG_USB_F_SUBSET=m +CONFIG_USB_F_RNDIS=m +CONFIG_USB_F_MASS_STORAGE=m +CONFIG_USB_F_FS=m +CONFIG_USB_F_HID=m +CONFIG_USB_F_PRINTER=m +CONFIG_USB_CONFIGFS=m +CONFIG_USB_CONFIGFS_SERIAL=y +CONFIG_USB_CONFIGFS_ACM=y +CONFIG_USB_CONFIGFS_OBEX=y +CONFIG_USB_CONFIGFS_NCM=y +CONFIG_USB_CONFIGFS_ECM=y +CONFIG_USB_CONFIGFS_ECM_SUBSET=y +CONFIG_USB_CONFIGFS_RNDIS=y +CONFIG_USB_CONFIGFS_EEM=y +CONFIG_USB_CONFIGFS_MASS_STORAGE=y +CONFIG_USB_CONFIGFS_F_LB_SS=y +CONFIG_USB_CONFIGFS_F_FS=y +CONFIG_USB_CONFIGFS_F_HID=y +CONFIG_USB_CONFIGFS_F_PRINTER=y +CONFIG_USB_ZERO=m +CONFIG_USB_ETH=m +CONFIG_USB_ETH_RNDIS=y +CONFIG_USB_ETH_EEM=y +CONFIG_USB_G_NCM=m +CONFIG_USB_GADGETFS=m +CONFIG_USB_FUNCTIONFS=m +CONFIG_USB_FUNCTIONFS_ETH=y +CONFIG_USB_FUNCTIONFS_RNDIS=y +CONFIG_USB_FUNCTIONFS_GENERIC=y +CONFIG_USB_MASS_STORAGE=m +CONFIG_USB_G_SERIAL=m +CONFIG_USB_G_PRINTER=m +CONFIG_USB_CDC_COMPOSITE=m +CONFIG_USB_G_ACM_MS=m +CONFIG_USB_G_MULTI=m +CONFIG_USB_G_MULTI_RNDIS=y +CONFIG_USB_G_MULTI_CDC=y +CONFIG_USB_G_HID=m +CONFIG_MMC=y +CONFIG_MMC_BLOCK=y +CONFIG_MMC_BLOCK_MINORS=8 +CONFIG_MMC_BLOCK_BOUNCE=y +CONFIG_MMC_SDHCI=y +CONFIG_MMC_SDHCI_IO_ACCESSORS=y +CONFIG_MMC_SDHCI_PLTFM=y +CONFIG_MMC_SDHCI_ESDHC_IMX=y +CONFIG_NEW_LEDS=y +CONFIG_LEDS_CLASS=m +CONFIG_LEDS_GPIO=m +CONFIG_LEDS_TRIGGERS=y +CONFIG_LEDS_TRIGGER_TIMER=m +CONFIG_LEDS_TRIGGER_ONESHOT=m +CONFIG_LEDS_TRIGGER_HEARTBEAT=m +CONFIG_LEDS_TRIGGER_BACKLIGHT=m +CONFIG_LEDS_TRIGGER_CPU=y +CONFIG_LEDS_TRIGGER_GPIO=m +CONFIG_LEDS_TRIGGER_DEFAULT_ON=m +CONFIG_LEDS_TRIGGER_TRANSIENT=m +CONFIG_EDAC_ATOMIC_SCRUB=y +CONFIG_EDAC_SUPPORT=y +CONFIG_RTC_LIB=y +CONFIG_RTC_CLASS=y +CONFIG_RTC_HCTOSYS=y +CONFIG_RTC_HCTOSYS_DEVICE="rtc0" +CONFIG_RTC_SYSTOHC=y +CONFIG_RTC_SYSTOHC_DEVICE="rtc0" +CONFIG_RTC_INTF_SYSFS=y +CONFIG_RTC_INTF_PROC=y +CONFIG_RTC_INTF_DEV=y +CONFIG_RTC_INTF_DEV_UIE_EMUL=y +CONFIG_RTC_DRV_IMXDI=y +CONFIG_RTC_DRV_MXC=y +CONFIG_DMADEVICES=y +CONFIG_DMA_ENGINE=y +CONFIG_DMA_OF=y +CONFIG_IMX_SDMA=m +CONFIG_CLKDEV_LOOKUP=y +CONFIG_HAVE_CLK_PREPARE=y +CONFIG_COMMON_CLK=y +CONFIG_CLKSRC_OF=y +CONFIG_CLKSRC_PROBE=y +CONFIG_CLKSRC_MMIO=y +CONFIG_CLKSRC_IMX_GPT=y +CONFIG_IOMMU_SUPPORT=y +CONFIG_EXTCON=m +CONFIG_IRQCHIP=y +CONFIG_ARCH_HAS_RESET_CONTROLLER=y +CONFIG_DCACHE_WORD_ACCESS=y +CONFIG_EXT4_FS=y +CONFIG_EXT4_USE_FOR_EXT2=y +CONFIG_JBD2=y +CONFIG_FS_MBCACHE=y +CONFIG_EXPORTFS=y +CONFIG_FILE_LOCKING=y +CONFIG_FSNOTIFY=y +CONFIG_DNOTIFY=y +CONFIG_INOTIFY_USER=y +CONFIG_AUTOFS4_FS=y +CONFIG_FUSE_FS=m +CONFIG_OVERLAY_FS=y +CONFIG_FAT_FS=m +CONFIG_MSDOS_FS=m +CONFIG_VFAT_FS=m +CONFIG_FAT_DEFAULT_CODEPAGE=437 +CONFIG_FAT_DEFAULT_IOCHARSET="iso8859-1" +CONFIG_NTFS_FS=m +CONFIG_NTFS_RW=y +CONFIG_PROC_FS=y +CONFIG_PROC_SYSCTL=y +CONFIG_PROC_PAGE_MONITOR=y +CONFIG_KERNFS=y +CONFIG_SYSFS=y +CONFIG_TMPFS=y +CONFIG_TMPFS_POSIX_ACL=y +CONFIG_TMPFS_XATTR=y +CONFIG_CONFIGFS_FS=y +CONFIG_MISC_FILESYSTEMS=y +CONFIG_ECRYPT_FS=m +CONFIG_ECRYPT_FS_MESSAGING=y +CONFIG_JFFS2_FS=m +CONFIG_JFFS2_FS_DEBUG=0 +CONFIG_JFFS2_FS_WRITEBUFFER=y +CONFIG_JFFS2_ZLIB=y +CONFIG_JFFS2_RTIME=y +CONFIG_SQUASHFS=y +CONFIG_SQUASHFS_FILE_DIRECT=y +CONFIG_SQUASHFS_DECOMP_SINGLE=y +CONFIG_SQUASHFS_ZLIB=y +CONFIG_SQUASHFS_LZ4=y +CONFIG_SQUASHFS_FRAGMENT_CACHE_SIZE=3 +CONFIG_NETWORK_FILESYSTEMS=y +CONFIG_NFS_FS=m +CONFIG_NFS_V2=m +CONFIG_NFS_V3=m +CONFIG_NFSD=m +CONFIG_NFSD_V3=y +CONFIG_GRACE_PERIOD=m +CONFIG_LOCKD=m +CONFIG_LOCKD_V4=y +CONFIG_NFS_COMMON=y +CONFIG_SUNRPC=m +CONFIG_CIFS=m +CONFIG_NLS=y +CONFIG_NLS_DEFAULT="iso8859-1" +CONFIG_NLS_CODEPAGE_437=y +CONFIG_NLS_ASCII=y +CONFIG_NLS_ISO8859_1=y +CONFIG_NLS_UTF8=y +CONFIG_MESSAGE_LOGLEVEL_DEFAULT=4 +CONFIG_ENABLE_WARN_DEPRECATED=y +CONFIG_ENABLE_MUST_CHECK=y +CONFIG_FRAME_WARN=1024 +CONFIG_DEBUG_FS=y +CONFIG_SECTION_MISMATCH_WARN_ONLY=y +CONFIG_DEBUG_KERNEL=y +CONFIG_HAVE_DEBUG_KMEMLEAK=y +CONFIG_LOCKUP_DETECTOR=y +CONFIG_BOOTPARAM_SOFTLOCKUP_PANIC=y +CONFIG_BOOTPARAM_SOFTLOCKUP_PANIC_VALUE=1 +CONFIG_DETECT_HUNG_TASK=y +CONFIG_DEFAULT_HUNG_TASK_TIMEOUT=0 +CONFIG_BOOTPARAM_HUNG_TASK_PANIC=y +CONFIG_BOOTPARAM_HUNG_TASK_PANIC_VALUE=1 +CONFIG_PANIC_ON_OOPS_VALUE=0 +CONFIG_PANIC_TIMEOUT=5 +CONFIG_SCHED_DEBUG=y +CONFIG_DEBUG_BUGVERBOSE=y +CONFIG_RCU_CPU_STALL_TIMEOUT=21 +CONFIG_HAVE_FUNCTION_TRACER=y +CONFIG_HAVE_FUNCTION_GRAPH_TRACER=y +CONFIG_HAVE_DYNAMIC_FTRACE=y +CONFIG_HAVE_FTRACE_MCOUNT_RECORD=y +CONFIG_HAVE_SYSCALL_TRACEPOINTS=y +CONFIG_HAVE_C_RECORDMCOUNT=y +CONFIG_TRACING_SUPPORT=y +CONFIG_LKDTM=m +CONFIG_HAVE_ARCH_KGDB=y +CONFIG_STRICT_DEVMEM=y +CONFIG_ARM_UNWIND=y +CONFIG_DEBUG_IMX_UART_PORT=1 +CONFIG_DEBUG_LL_INCLUDE="mach/debug-macro.S" +CONFIG_UNCOMPRESS_INCLUDE="debug/uncompress.h" +CONFIG_KEYS=y +CONFIG_ENCRYPTED_KEYS=m +CONFIG_SECURITY=y +CONFIG_SECURITYFS=y +CONFIG_INTEGRITY=y +CONFIG_DEFAULT_SECURITY_DAC=y +CONFIG_DEFAULT_SECURITY="" +CONFIG_CRYPTO=y +CONFIG_CRYPTO_ALGAPI=y +CONFIG_CRYPTO_ALGAPI2=y +CONFIG_CRYPTO_AEAD=m +CONFIG_CRYPTO_AEAD2=y +CONFIG_CRYPTO_BLKCIPHER=y +CONFIG_CRYPTO_BLKCIPHER2=y +CONFIG_CRYPTO_HASH=y +CONFIG_CRYPTO_HASH2=y +CONFIG_CRYPTO_RNG=m +CONFIG_CRYPTO_RNG2=y +CONFIG_CRYPTO_RNG_DEFAULT=m +CONFIG_CRYPTO_PCOMP=m +CONFIG_CRYPTO_PCOMP2=y +CONFIG_CRYPTO_AKCIPHER2=y +CONFIG_CRYPTO_MANAGER=y +CONFIG_CRYPTO_MANAGER2=y +CONFIG_CRYPTO_USER=m +CONFIG_CRYPTO_MANAGER_DISABLE_TESTS=y +CONFIG_CRYPTO_GF128MUL=y +CONFIG_CRYPTO_NULL=m +CONFIG_CRYPTO_NULL2=y +CONFIG_CRYPTO_WORKQUEUE=y +CONFIG_CRYPTO_AUTHENC=m +CONFIG_CRYPTO_TEST=m +CONFIG_CRYPTO_CCM=m +CONFIG_CRYPTO_GCM=m +CONFIG_CRYPTO_SEQIV=m +CONFIG_CRYPTO_ECHAINIV=m +CONFIG_CRYPTO_CBC=y +CONFIG_CRYPTO_CTR=m +CONFIG_CRYPTO_ECB=y +CONFIG_CRYPTO_XTS=y +CONFIG_CRYPTO_CMAC=m +CONFIG_CRYPTO_HMAC=m +CONFIG_CRYPTO_CRC32C=y +CONFIG_CRYPTO_GHASH=m +CONFIG_CRYPTO_MD4=m +CONFIG_CRYPTO_MD5=y +CONFIG_CRYPTO_SHA1=m +CONFIG_CRYPTO_SHA256=y +CONFIG_CRYPTO_AES=y +CONFIG_CRYPTO_ARC4=m +CONFIG_CRYPTO_DES=m +CONFIG_CRYPTO_DEFLATE=y +CONFIG_CRYPTO_ZLIB=m +CONFIG_CRYPTO_LZO=m +CONFIG_CRYPTO_ANSI_CPRNG=m +CONFIG_CRYPTO_DRBG_MENU=m +CONFIG_CRYPTO_DRBG_HMAC=y +CONFIG_CRYPTO_DRBG_HASH=y +CONFIG_CRYPTO_DRBG_CTR=y +CONFIG_CRYPTO_DRBG=m +CONFIG_CRYPTO_JITTERENTROPY=m +CONFIG_CRYPTO_USER_API=m +CONFIG_CRYPTO_USER_API_HASH=m +CONFIG_CRYPTO_USER_API_SKCIPHER=m +CONFIG_CRYPTO_USER_API_RNG=m +CONFIG_CRYPTO_HASH_INFO=y +CONFIG_CRYPTO_HW=y +CONFIG_CRYPTO_DEV_SAHARA=y +CONFIG_ASYMMETRIC_KEY_TYPE=m +CONFIG_ASYMMETRIC_PUBLIC_KEY_SUBTYPE=m +CONFIG_PUBLIC_KEY_ALGO_RSA=m +CONFIG_X509_CERTIFICATE_PARSER=m +CONFIG_PKCS7_MESSAGE_PARSER=m +CONFIG_BITREVERSE=y +CONFIG_HAVE_ARCH_BITREVERSE=y +CONFIG_RATIONAL=y +CONFIG_GENERIC_STRNCPY_FROM_USER=y +CONFIG_GENERIC_STRNLEN_USER=y +CONFIG_GENERIC_NET_UTILS=y +CONFIG_GENERIC_PCI_IOMAP=y +CONFIG_GENERIC_IO=y +CONFIG_ARCH_USE_CMPXCHG_LOCKREF=y +CONFIG_CRC_CCITT=m +CONFIG_CRC16=y +CONFIG_CRC_ITU_T=m +CONFIG_CRC32=y +CONFIG_CRC32_SLICEBY8=y +CONFIG_ZLIB_INFLATE=y +CONFIG_ZLIB_DEFLATE=y +CONFIG_LZO_COMPRESS=y +CONFIG_LZO_DECOMPRESS=y +CONFIG_LZ4_DECOMPRESS=y +CONFIG_DECOMPRESS_GZIP=y +CONFIG_GENERIC_ALLOCATOR=y +CONFIG_TEXTSEARCH=y +CONFIG_TEXTSEARCH_KMP=m +CONFIG_TEXTSEARCH_BM=m +CONFIG_TEXTSEARCH_FSM=m +CONFIG_ASSOCIATIVE_ARRAY=y +CONFIG_HAS_IOMEM=y +CONFIG_HAS_IOPORT_MAP=y +CONFIG_HAS_DMA=y +CONFIG_DQL=y +CONFIG_NLATTR=y +CONFIG_ARCH_HAS_ATOMIC64_DEC_IF_POSITIVE=y +CONFIG_CLZ_TAB=y +CONFIG_MPILIB=m +CONFIG_LIBFDT=y +CONFIG_OID_REGISTRY=m +CONFIG_ARCH_HAS_SG_CHAIN=y diff --git a/modules/nixos-hardware/inversepath/usbarmory/kernel.nix b/modules/nixos-hardware/inversepath/usbarmory/kernel.nix new file mode 100644 index 000000000000..4cf6fd7fdb8a --- /dev/null +++ b/modules/nixos-hardware/inversepath/usbarmory/kernel.nix @@ -0,0 +1,20 @@ +{ stdenv, buildLinux, fetchurl }: + +buildLinux { + inherit stdenv; + version = "4.4.0"; + + src = fetchurl { + url = "mirror://kernel/linux/kernel/v4.x/linux-4.4.tar.xz"; + sha256 = "401d7c8fef594999a460d10c72c5a94e9c2e1022f16795ec51746b0d165418b2"; + }; + + configfile = ./kernel.config; + + kernelPatches = [{ + patch = ./usbarmory-dts.patch; + name = "usbarmory-dts"; + }]; + + allowImportFromDerivation = true; +} diff --git a/modules/nixos-hardware/inversepath/usbarmory/usbarmory-dts.patch b/modules/nixos-hardware/inversepath/usbarmory/usbarmory-dts.patch new file mode 100644 index 000000000000..e29c6dd331db --- /dev/null +++ b/modules/nixos-hardware/inversepath/usbarmory/usbarmory-dts.patch @@ -0,0 +1,418 @@ +diff -Nru linux-4.4-orig/arch/arm/boot/dts/imx53-usbarmory-common.dtsi linux-4.4/arch/arm/boot/dts/imx53-usbarmory-common.dtsi +--- linux-4.4-orig/arch/arm/boot/dts/imx53-usbarmory-common.dtsi 1969-12-31 18:00:00.000000000 -0600 ++++ linux-4.4/arch/arm/boot/dts/imx53-usbarmory-common.dtsi 2016-02-04 08:31:38.730794858 -0600 +@@ -0,0 +1,241 @@ ++/* ++ * USB armory MkI device tree include file ++ * https://inversepath.com/usbarmory ++ * ++ * Copyright (C) 2015, Inverse Path ++ * Andrej Rosano <andrej@inversepath.com> ++ * ++ * Licensed under GPLv2 ++ */ ++ ++#include "imx53.dtsi" ++ ++/ { ++ model = "Inverse Path USB armory"; ++ compatible = "inversepath,imx53-usbarmory", "fsl,imx53"; ++}; ++ ++/ { ++ chosen { ++ stdout-path = &uart1; ++ }; ++ ++ memory { ++ reg = <0x70000000 0x20000000>; ++ }; ++ ++ leds { ++ compatible = "gpio-leds"; ++ pinctrl-names = "default"; ++ pinctrl-0 = <&led_pin_gpio4_27>; ++ ++ user { ++ label = "LED"; ++ gpios = <&gpio4 27 0>; ++ linux,default-trigger = "heartbeat"; ++ }; ++ }; ++ ++ soc { ++ aips@60000000 { ++ sahara: crypto@63ff8000 { ++ compatible = "fsl,imx53-sahara"; ++ reg = <0x63ff8000 0x4000>; ++ interrupts = <19 20>; ++ clocks = <&clks IMX5_CLK_SAHARA_IPG_GATE>, ++ <&clks IMX5_CLK_SAHARA_IPG_GATE>; ++ clock-names = "ipg", "ahb"; ++ }; ++ }; ++ }; ++}; ++ ++&cpu0 { ++ device_type = "cpu"; ++ compatible = "arm,cortex-a8"; ++ reg = <0x0>; ++ clocks = <&clks IMX5_CLK_ARM>; ++ clock-latency = <61036>; ++ voltage-tolerance = <5>; ++ operating-points = < ++ /* kHz */ ++ 166666 850000 ++ 400000 900000 ++ 800000 1050000 ++ >; ++}; ++ ++&esdhc1 { ++ pinctrl-names = "default"; ++ pinctrl-0 = <&pinctrl_esdhc1>; ++ status = "okay"; ++}; ++ ++&iomuxc { ++ pinctrl-names = "default"; ++ ++ imx53-usbarmory { ++ led_pin_gpio4_27: led_gpio4_27@0 { ++ fsl,pins = < ++ MX53_PAD_DISP0_DAT6__GPIO4_27 0x80000000 ++ >; ++ }; ++ ++ pinctrl_esdhc1: esdhc1grp { ++ fsl,pins = < ++ MX53_PAD_SD1_DATA0__ESDHC1_DAT0 0x1d5 ++ MX53_PAD_SD1_DATA1__ESDHC1_DAT1 0x1d5 ++ MX53_PAD_SD1_DATA2__ESDHC1_DAT2 0x1d5 ++ MX53_PAD_SD1_DATA3__ESDHC1_DAT3 0x1d5 ++ MX53_PAD_SD1_CMD__ESDHC1_CMD 0x1d5 ++ MX53_PAD_SD1_CLK__ESDHC1_CLK 0x1d5 ++ >; ++ }; ++ ++ pinctrl_i2c1_pmic: i2c1grp_pmic { ++ fsl,pins = < ++ MX53_PAD_EIM_D21__I2C1_SCL 0xc0000000 ++ MX53_PAD_EIM_D28__I2C1_SDA 0xc0000000 ++ >; ++ }; ++ ++ /* ++ UART mode pin header configration: ++ pin number: 1 2 3 4 5 6 7 ++ function: GND 5V ? ? TX RX ? ++ */ ++ pinctrl_uart1: uart1grp { ++ fsl,pins = < ++ MX53_PAD_CSI0_DAT10__UART1_TXD_MUX 0x1e4 ++ MX53_PAD_CSI0_DAT11__UART1_RXD_MUX 0x1e4 ++ >; ++ }; ++ ++ /* ++ GPIO mode pin header configuration: ++ 1 2 3 4 5 6 7 ++ GND 5V GPIO5[26] GPIO5[27] GPIO5[28] GPIO5[29] GPIO5[30] ++ */ ++ pinctrl_gpio5: gpio5grp { ++ fsl,pins = < ++ MX53_PAD_CSI0_DAT8__GPIO5_26 0xc0 ++ MX53_PAD_CSI0_DAT9__GPIO5_27 0xc0 ++ MX53_PAD_CSI0_DAT10__GPIO5_28 0xc0 ++ MX53_PAD_CSI0_DAT11__GPIO5_29 0xc0 ++ MX53_PAD_CSI0_DAT12__GPIO5_30 0xc0 ++ >; ++ }; ++ ++ /* ++ SPI mode pin header configuration: ++ 1 2 3 4 5 6 7 ++ GND 5V SCLK MOSI MISO /SS0 /SS1 ++ */ ++ pinctrl_ecspi2: ecspi2grp { ++ fsl,pins = < ++ MX53_PAD_CSI0_DAT8__ECSPI2_SCLK 0x80000000 ++ MX53_PAD_CSI0_DAT9__ECSPI2_MOSI 0x80000000 ++ MX53_PAD_CSI0_DAT10__ECSPI2_MISO 0x80000000 ++ MX53_PAD_CSI0_DAT11__GPIO5_29 0x80000000 ++ MX53_PAD_CSI0_DAT12__GPIO5_30 0x80000000 ++ >; ++ }; ++ ++ /* ++ I2C mode pin header configuration: ++ 1 2 3 4 5 6 7 ++ GND 5V SDA SCL GPIO5[28] GPIO5[29] GPIO5[30] ++ */ ++ pinctrl_i2c1_pinheader: i2c1grp_pinheader { ++ fsl,pins = < ++ MX53_PAD_CSI0_DAT8__I2C1_SDA 0xc0000000 ++ MX53_PAD_CSI0_DAT9__I2C1_SCL 0xc0000000 ++ MX53_PAD_CSI0_DAT10__GPIO5_28 0x80000000 ++ MX53_PAD_CSI0_DAT11__GPIO5_29 0x80000000 ++ MX53_PAD_CSI0_DAT12__GPIO5_30 0x80000000 ++ >; ++ }; ++ }; ++}; ++ ++&uart1 { ++ pinctrl-names = "default"; ++ pinctrl-0 = <&pinctrl_uart1>; ++ status = "okay"; ++}; ++ ++&vpu { ++ status = "okay"; ++}; ++ ++&i2c1 { ++ pinctrl-0 = <&pinctrl_i2c1_pmic>; ++ status = "okay"; ++ ltc3589: pmic@34 { ++ compatible = "lltc,ltc3589-2"; ++ reg = <0x34>; ++ regulators { ++ sw1_reg: sw1 { ++ regulator-min-microvolt = <591930>; ++ regulator-max-microvolt = <1224671>; ++ lltc,fb-voltage-divider = <100000 158000>; ++ regulator-ramp-delay = <7000>; ++ regulator-boot-on; ++ regulator-always-on; ++ }; ++ ++ sw2_reg: sw2 { ++ regulator-min-microvolt = <704123>; ++ regulator-max-microvolt = <1456803>; ++ lltc,fb-voltage-divider = <180000 191000>; ++ regulator-ramp-delay = <7000>; ++ regulator-boot-on; ++ regulator-always-on; ++ }; ++ ++ sw3_reg: sw3 { ++ regulator-min-microvolt = <1341250>; ++ regulator-max-microvolt = <2775000>; ++ lltc,fb-voltage-divider = <270000 100000>; ++ regulator-ramp-delay = <7000>; ++ regulator-boot-on; ++ regulator-always-on; ++ }; ++ ++ bb_out_reg: bb-out { ++ regulator-min-microvolt = <3387341>; ++ regulator-max-microvolt = <3387341>; ++ lltc,fb-voltage-divider = <511000 158000>; ++ regulator-boot-on; ++ regulator-always-on; ++ }; ++ ldo1_reg: ldo1 { ++ regulator-min-microvolt = <1306329>; ++ regulator-max-microvolt = <1306329>; ++ lltc,fb-voltage-divider = <100000 158000>; ++ regulator-boot-on; ++ regulator-always-on; ++ }; ++ ++ ldo2_reg: ldo2 { ++ regulator-min-microvolt = <704123>; ++ regulator-max-microvolt = <1456806>; ++ lltc,fb-voltage-divider = <180000 191000>; ++ regulator-ramp-delay = <7000>; ++ regulator-boot-on; ++ regulator-always-on; ++ }; ++ ++ ldo3_reg: ldo3 { ++ regulator-min-microvolt = <2800000>; ++ regulator-max-microvolt = <2800000>; ++ regulator-boot-on; ++ }; ++ ++ ldo4_reg: ldo4 { ++ regulator-min-microvolt = <1200000>; ++ regulator-max-microvolt = <3200000>; ++ }; ++ }; ++ }; ++}; +diff -Nru linux-4.4-orig/arch/arm/boot/dts/imx53-usbarmory.dts linux-4.4/arch/arm/boot/dts/imx53-usbarmory.dts +--- linux-4.4-orig/arch/arm/boot/dts/imx53-usbarmory.dts 1969-12-31 18:00:00.000000000 -0600 ++++ linux-4.4/arch/arm/boot/dts/imx53-usbarmory.dts 2016-02-04 08:31:38.730794858 -0600 +@@ -0,0 +1,18 @@ ++/* ++ * USB armory MkI device mode device tree file ++ * https://inversepath.com/usbarmory ++ * ++ * Copyright (C) 2015, Inverse Path ++ * Andrej Rosano <andrej@inversepath.com> ++ * ++ * Licensed under GPLv2 ++ */ ++ ++/dts-v1/; ++ ++#include "imx53-usbarmory-common.dtsi" ++ ++&usbotg { ++ dr_mode = "peripheral"; ++ status = "okay"; ++}; +diff -Nru linux-4.4-orig/arch/arm/boot/dts/imx53-usbarmory-gpio.dts linux-4.4/arch/arm/boot/dts/imx53-usbarmory-gpio.dts +--- linux-4.4-orig/arch/arm/boot/dts/imx53-usbarmory-gpio.dts 1969-12-31 18:00:00.000000000 -0600 ++++ linux-4.4/arch/arm/boot/dts/imx53-usbarmory-gpio.dts 2016-02-04 08:31:38.730794858 -0600 +@@ -0,0 +1,26 @@ ++/* ++ * USB armory MkI device mode device tree file ++ * https://inversepath.com/usbarmory ++ * ++ * Copyright (C) 2015, Inverse Path ++ * Andrej Rosano <andrej@inversepath.com> ++ * ++ * Licensed under GPLv2 ++ */ ++ ++/dts-v1/; ++ ++#include "imx53-usbarmory-common.dtsi" ++ ++&usbotg { ++ dr_mode = "peripheral"; ++ status = "okay"; ++}; ++ ++&iomuxc { ++ pinctrl-0 = <&pinctrl_gpio5>; ++}; ++ ++&uart1 { ++ status = "disabled"; ++}; +diff -Nru linux-4.4-orig/arch/arm/boot/dts/imx53-usbarmory-host.dts linux-4.4/arch/arm/boot/dts/imx53-usbarmory-host.dts +--- linux-4.4-orig/arch/arm/boot/dts/imx53-usbarmory-host.dts 1969-12-31 18:00:00.000000000 -0600 ++++ linux-4.4/arch/arm/boot/dts/imx53-usbarmory-host.dts 2016-02-04 08:31:38.730794858 -0600 +@@ -0,0 +1,18 @@ ++/* ++ * USB armory MkI host mode device tree file ++ * https://inversepath.com/usbarmory ++ * ++ * Copyright (C) 2015, Inverse Path ++ * Andrej Rosano <andrej@inversepath.com> ++ * ++ * Licensed under GPLv2 ++ */ ++ ++/dts-v1/; ++ ++#include "imx53-usbarmory-common.dtsi" ++ ++&usbotg { ++ dr_mode = "host"; ++ status = "okay"; ++}; +diff -Nru linux-4.4-orig/arch/arm/boot/dts/imx53-usbarmory-i2c.dts linux-4.4/arch/arm/boot/dts/imx53-usbarmory-i2c.dts +--- linux-4.4-orig/arch/arm/boot/dts/imx53-usbarmory-i2c.dts 1969-12-31 18:00:00.000000000 -0600 ++++ linux-4.4/arch/arm/boot/dts/imx53-usbarmory-i2c.dts 2016-02-04 08:31:38.730794858 -0600 +@@ -0,0 +1,32 @@ ++/* ++ * USB armory MkI device mode device tree file ++ * https://inversepath.com/usbarmory ++ * ++ * Copyright (C) 2015, Inverse Path ++ * Andrej Rosano <andrej@inversepath.com> ++ * ++ * Licensed under GPLv2 ++ */ ++ ++/dts-v1/; ++ ++#include "imx53-usbarmory-common.dtsi" ++ ++&usbotg { ++ dr_mode = "peripheral"; ++ status = "okay"; ++}; ++ ++&uart1 { ++ status = "disabled"; ++}; ++ ++&iomuxc { ++ pinctrl-0 = <&pinctrl_i2c1_pinheader>; ++}; ++ ++&i2c1 { ++ ltc3589: pmic@34 { ++ status = "disabled"; ++ }; ++}; +diff -Nru linux-4.4-orig/arch/arm/boot/dts/imx53-usbarmory-spi.dts linux-4.4/arch/arm/boot/dts/imx53-usbarmory-spi.dts +--- linux-4.4-orig/arch/arm/boot/dts/imx53-usbarmory-spi.dts 1969-12-31 18:00:00.000000000 -0600 ++++ linux-4.4/arch/arm/boot/dts/imx53-usbarmory-spi.dts 2016-02-04 08:31:38.730794858 -0600 +@@ -0,0 +1,45 @@ ++/* ++ * USB armory MkI device mode device tree file ++ * https://inversepath.com/usbarmory ++ * ++ * Copyright (C) 2015, Inverse Path ++ * Andrej Rosano <andrej@inversepath.com> ++ * ++ * Licensed under GPLv2 ++ */ ++ ++/dts-v1/; ++ ++#include "imx53-usbarmory-common.dtsi" ++ ++&usbotg { ++ dr_mode = "peripheral"; ++ status = "okay"; ++}; ++ ++&uart1 { ++ status = "disabled"; ++}; ++ ++&iomuxc { ++ pinctrl-0 = <&pinctrl_ecspi2>; ++}; ++ ++&ecspi2 { ++ fsl,spi-num-chipselects = <2>; ++ cs-gpios = <&gpio5 29 0>, <&gpio5 30 0>; ++ status = "okay"; ++ ++ flash: m25p40@0 { ++ #address-cells = <1>; ++ #size-cells = <1>; ++ compatible = "st,m25p40", "st,m25p"; ++ spi-max-frequency = <20000000>; ++ reg = <0>; ++ ++ partition@0 { ++ label = "test-partition"; ++ reg = <0x0 0x80000>; ++ }; ++ }; ++}; +diff -Nru linux-4.4-orig/arch/arm/boot/dts/Makefile linux-4.4/arch/arm/boot/dts/Makefile +--- linux-4.4-orig/arch/arm/boot/dts/Makefile 2016-02-04 13:29:20.880919101 -0600 ++++ linux-4.4/arch/arm/boot/dts/Makefile 2016-02-04 13:27:10.733849955 -0600 +@@ -278,6 +278,10 @@ + imx53-smd.dtb \ + imx53-tx53-x03x.dtb \ + imx53-tx53-x13x.dtb \ ++ imx53-usbarmory.dtb \ ++ imx53-usbarmory-host.dtb \ ++ imx53-usbarmory-i2c.dtb \ ++ imx53-usbarmory-gpio.dtb \ + imx53-voipac-bsb.dtb + dtb-$(CONFIG_SOC_IMX6Q) += \ + imx6dl-apf6dev.dtb \ diff --git a/modules/nixos-hardware/lenovo/ideapad/default.nix b/modules/nixos-hardware/lenovo/ideapad/default.nix new file mode 100644 index 000000000000..d774ba3793af --- /dev/null +++ b/modules/nixos-hardware/lenovo/ideapad/default.nix @@ -0,0 +1,3 @@ +{ + imports = [ ../../common/pc/laptop ]; +} diff --git a/modules/nixos-hardware/lenovo/ideapad/z510/default.nix b/modules/nixos-hardware/lenovo/ideapad/z510/default.nix new file mode 100644 index 000000000000..83f656806854 --- /dev/null +++ b/modules/nixos-hardware/lenovo/ideapad/z510/default.nix @@ -0,0 +1,11 @@ +{ lib, ... }: + +{ + imports = [ + ../. + ../../../common/cpu/intel + ]; + + # https://github.com/NixOS/nixpkgs/issues/18356 + boot.blacklistedKernelModules = [ "nouveau" ]; +} diff --git a/modules/nixos-hardware/lenovo/thinkpad/default.nix b/modules/nixos-hardware/lenovo/thinkpad/default.nix new file mode 100644 index 000000000000..99d4937e49c7 --- /dev/null +++ b/modules/nixos-hardware/lenovo/thinkpad/default.nix @@ -0,0 +1,11 @@ +{ config, lib, pkgs, ... }: + +{ + imports = [ ../../common/pc/laptop ]; + + hardware.trackpoint.enable = lib.mkDefault true; + hardware.trackpoint.emulateWheel = lib.mkDefault config.hardware.trackpoint.enable; + + # Fingerprint reader: login and unlock with fingerprint (if you add one with `fprintd-enroll`) + # services.fprintd.enable = true; +} diff --git a/modules/nixos-hardware/lenovo/thinkpad/e470/default.nix b/modules/nixos-hardware/lenovo/thinkpad/e470/default.nix new file mode 100644 index 000000000000..c9bf8331b050 --- /dev/null +++ b/modules/nixos-hardware/lenovo/thinkpad/e470/default.nix @@ -0,0 +1,19 @@ +{ config, lib, pkgs, ... }: + +{ + imports = [ + ../. + ../../../common/cpu/intel/kaby-lake + ../../../common/gpu/nvidia.nix + ]; + + hardware.nvidia.prime = { + # Bus ID of the Intel GPU. + intelBusId = lib.mkDefault "PCI:0:2:0"; + + # Bus ID of the NVIDIA GPU. + nvidiaBusId = lib.mkDefault "PCI:1:0:0"; + }; + + boot.kernelPackages = lib.mkIf (lib.versionOlder pkgs.linux.version "5.6") pkgs.linuxPackages_latest; +} diff --git a/modules/nixos-hardware/lenovo/thinkpad/e495/default.nix b/modules/nixos-hardware/lenovo/thinkpad/e495/default.nix new file mode 100644 index 000000000000..51ddb5cfd010 --- /dev/null +++ b/modules/nixos-hardware/lenovo/thinkpad/e495/default.nix @@ -0,0 +1,11 @@ +{ config, lib, pkgs, ... }: + +{ + imports = [ + ../. + ../../../common/cpu/amd + ]; + + # see https://github.com/NixOS/nixpkgs/issues/69289 + boot.kernelPackages = lib.mkIf (lib.versionOlder pkgs.linux.version "5.2") pkgs.linuxPackages_latest; +} diff --git a/modules/nixos-hardware/lenovo/thinkpad/l13/default.nix b/modules/nixos-hardware/lenovo/thinkpad/l13/default.nix new file mode 100644 index 000000000000..3c09f5091ed8 --- /dev/null +++ b/modules/nixos-hardware/lenovo/thinkpad/l13/default.nix @@ -0,0 +1,10 @@ +{ nixos, lib, pkgs, config, stdenv, ... }: +{ + imports = [ + ../../../common/cpu/intel + ../../../common/pc/laptop/acpi_call.nix + ../. + ]; + + services.throttled.enable = lib.mkDefault true; +} diff --git a/modules/nixos-hardware/lenovo/thinkpad/l14/amd/default.nix b/modules/nixos-hardware/lenovo/thinkpad/l14/amd/default.nix new file mode 100644 index 000000000000..c2d1534fd178 --- /dev/null +++ b/modules/nixos-hardware/lenovo/thinkpad/l14/amd/default.nix @@ -0,0 +1,23 @@ +{ config, lib, pkgs, ... }: + +{ + imports = [ + ../. + ../../../../common/cpu/amd + ]; + + boot.kernelParams = [ + # With BIOS version 1.12 and the IOMMU enabled, the amdgpu driver + # either crashes or is not able to attach to the GPU depending on + # the kernel version. I've seen no issues with the IOMMU disabled. + # + # BIOS version 1.13 claims to fix IOMMU issues, but we leave the + # IOMMU off to avoid a sad experience for those people that drew + # the short straw when they bought their laptop. + "iommu=off" + ]; + + # As of writing this, Linux 5.8 is the oldest kernel that is still + # supported and has decent Renoir support. + boot.kernelPackages = lib.mkIf (lib.versionOlder pkgs.linux.version "5.8") pkgs.linuxPackages_latest; +} diff --git a/modules/nixos-hardware/lenovo/thinkpad/l14/default.nix b/modules/nixos-hardware/lenovo/thinkpad/l14/default.nix new file mode 100644 index 000000000000..e014b7d0fa68 --- /dev/null +++ b/modules/nixos-hardware/lenovo/thinkpad/l14/default.nix @@ -0,0 +1,14 @@ +{ config, lib, pkgs, ... }: + +{ + imports = [ + ../. + ../../../common/pc/laptop/acpi_call.nix + ]; + + boot.kernelParams = [ + # Force use of the thinkpad_acpi driver for backlight control. + # This allows the backlight save/load systemd service to work. + "acpi_backlight=native" + ]; +} diff --git a/modules/nixos-hardware/lenovo/thinkpad/l14/intel/default.nix b/modules/nixos-hardware/lenovo/thinkpad/l14/intel/default.nix new file mode 100644 index 000000000000..088289f37c19 --- /dev/null +++ b/modules/nixos-hardware/lenovo/thinkpad/l14/intel/default.nix @@ -0,0 +1,10 @@ +{ config, lib, pkgs, ... }: + +{ + imports = [ + ../. + ../../../../common/cpu/intel + ]; + + services.throttled.enable = lib.mkDefault true; +} diff --git a/modules/nixos-hardware/lenovo/thinkpad/p53/default.nix b/modules/nixos-hardware/lenovo/thinkpad/p53/default.nix new file mode 100644 index 000000000000..a499d5c2d51e --- /dev/null +++ b/modules/nixos-hardware/lenovo/thinkpad/p53/default.nix @@ -0,0 +1,10 @@ +{ nixos, pkgs, lib, config, stdenv, ... }: +{ + imports = [ + ../../../common/cpu/intel + ../../../common/pc/laptop/acpi_call.nix + ../. + ]; + + services.throttled.enable = lib.mkDefault true; +} diff --git a/modules/nixos-hardware/lenovo/thinkpad/t14 b/modules/nixos-hardware/lenovo/thinkpad/t14 new file mode 120000 index 000000000000..7be5dd832dad --- /dev/null +++ b/modules/nixos-hardware/lenovo/thinkpad/t14 @@ -0,0 +1 @@ +t14s/ \ No newline at end of file diff --git a/modules/nixos-hardware/lenovo/thinkpad/t14s/amd/default.nix b/modules/nixos-hardware/lenovo/thinkpad/t14s/amd/default.nix new file mode 100644 index 000000000000..2b860e847d65 --- /dev/null +++ b/modules/nixos-hardware/lenovo/thinkpad/t14s/amd/default.nix @@ -0,0 +1,11 @@ +{ config, lib, pkgs, ... }: + +{ + imports = [ + ../. + ../../../../common/cpu/amd + ]; + + # For support of newer AMD GPUs, backlight and internal microphone + boot.kernelPackages = lib.mkIf (lib.versionOlder pkgs.linux.version "5.8") pkgs.linuxPackages_latest; +} diff --git a/modules/nixos-hardware/lenovo/thinkpad/t14s/amd/gen1/default.nix b/modules/nixos-hardware/lenovo/thinkpad/t14s/amd/gen1/default.nix new file mode 100644 index 000000000000..cb1ec7d81b76 --- /dev/null +++ b/modules/nixos-hardware/lenovo/thinkpad/t14s/amd/gen1/default.nix @@ -0,0 +1,8 @@ + +{ config, lib, pkgs, ... }: + +{ + imports = [ + ../. + ]; +} diff --git a/modules/nixos-hardware/lenovo/thinkpad/t14s/default.nix b/modules/nixos-hardware/lenovo/thinkpad/t14s/default.nix new file mode 100644 index 000000000000..d783b21a8594 --- /dev/null +++ b/modules/nixos-hardware/lenovo/thinkpad/t14s/default.nix @@ -0,0 +1,20 @@ +{ config, lib, pkgs, ... }: + +{ + imports = [ + ../. + ../../../common/pc/laptop/acpi_call.nix + ]; + + # For suspending to RAM to work, set Config -> Power -> Sleep State to "Linux" in EFI. + # See https://wiki.archlinux.org/index.php/Lenovo_ThinkPad_X1_Carbon_(Gen_6)#Suspend_issues + + # Fingerprint sensor requires a firmware-update to work. + + # Force use of the thinkpad_acpi driver for backlight control. + # This allows the backlight save/load systemd service to work. + boot.kernelParams = [ "acpi_backlight=native" ]; + + # see https://github.com/NixOS/nixpkgs/issues/69289 + boot.kernelPackages = lib.mkIf (lib.versionOlder pkgs.linux.version "5.2") pkgs.linuxPackages_latest; +} diff --git a/modules/nixos-hardware/lenovo/thinkpad/t410/default.nix b/modules/nixos-hardware/lenovo/thinkpad/t410/default.nix new file mode 100644 index 000000000000..c40801ffc0bc --- /dev/null +++ b/modules/nixos-hardware/lenovo/thinkpad/t410/default.nix @@ -0,0 +1,36 @@ +{ config, lib, pkgs, ... }: + +{ + imports = [ + ../. + ../tp-smapi.nix + ../../../common/cpu/intel + ]; + + boot = { + # TODO: this configuration seems to be very aggressive. + # Ask @peti if it's stable or not. + kernelParams = [ + "drm.debug=0" + "drm.vblankoffdelay=1" + "i915.semaphores=1" + "i915.modeset=1" + "i915.use_mmio_flip=1" + "i915.powersave=1" + "i915.enable_ips=1" + "i915.disable_power_well=1" + "i915.enable_hangcheck=1" + "i915.enable_cmd_parser=1" + "i915.fastboot=0" + "i915.enable_ppgtt=1" + "i915.reset=0" + "i915.lvds_use_ssc=0" + "i915.enable_psr=0" + "vblank_mode=0" + "i915.i915_enable_rc6=1" + ]; + blacklistedKernelModules = [ + "sierra_net" "cdc_mbim" "cdc_ncm" "btusb" + ]; + }; +} diff --git a/modules/nixos-hardware/lenovo/thinkpad/t420/default.nix b/modules/nixos-hardware/lenovo/thinkpad/t420/default.nix new file mode 100644 index 000000000000..5d3efe831c96 --- /dev/null +++ b/modules/nixos-hardware/lenovo/thinkpad/t420/default.nix @@ -0,0 +1,9 @@ +{ config, lib, pkgs, ... }: + +{ + imports = [ + ../. + ../../../common/cpu/intel + ../../../common/pc/laptop/acpi_call.nix + ]; +} diff --git a/modules/nixos-hardware/lenovo/thinkpad/t430/default.nix b/modules/nixos-hardware/lenovo/thinkpad/t430/default.nix new file mode 100644 index 000000000000..bdad1be9878a --- /dev/null +++ b/modules/nixos-hardware/lenovo/thinkpad/t430/default.nix @@ -0,0 +1,16 @@ +{ config, lib, pkgs, ... }: + +{ + imports = [ + ../. + ../../../common/cpu/intel + ../../../common/pc/laptop/acpi_call.nix + ]; + + boot = { + kernelParams = [ + # fixes brightness keys, see https://wiki.archlinux.org/index.php/Lenovo_ThinkPad_T430s + "acpi_osi\='!Windows 2012'" + ]; + }; +} diff --git a/modules/nixos-hardware/lenovo/thinkpad/t440p/default.nix b/modules/nixos-hardware/lenovo/thinkpad/t440p/default.nix new file mode 100644 index 000000000000..4dd4085794fa --- /dev/null +++ b/modules/nixos-hardware/lenovo/thinkpad/t440p/default.nix @@ -0,0 +1,16 @@ +{ config, lib, pkgs, ... }: + +{ + imports = [ + ../. + ../../../common/cpu/intel + ]; + + boot = { + extraModprobeConfig = lib.mkDefault '' + options bbswitch use_acpi_to_detect_card_state=1 + ''; + # TODO: probably enable tcsd? Is this line necessary? + kernelModules = [ "tpm-rng" ]; + }; +} diff --git a/modules/nixos-hardware/lenovo/thinkpad/t440s/default.nix b/modules/nixos-hardware/lenovo/thinkpad/t440s/default.nix new file mode 100644 index 000000000000..c40ad90f9b3d --- /dev/null +++ b/modules/nixos-hardware/lenovo/thinkpad/t440s/default.nix @@ -0,0 +1,14 @@ +{ config, lib, pkgs, ... }: + +{ + imports = [ + ../. + ../../../common/cpu/intel + ../../../common/pc/laptop/acpi_call.nix + ]; + + boot = { + # TODO: probably enable tcsd? Is this line necessary? + kernelModules = [ "tpm-rng" ]; + }; +} diff --git a/modules/nixos-hardware/lenovo/thinkpad/t450s/default.nix b/modules/nixos-hardware/lenovo/thinkpad/t450s/default.nix new file mode 100644 index 000000000000..e62337171b9a --- /dev/null +++ b/modules/nixos-hardware/lenovo/thinkpad/t450s/default.nix @@ -0,0 +1,9 @@ +{ config, lib, pkgs, ... }: + +{ + imports = [ + ../../../common/cpu/intel + ../../../common/pc/laptop/acpi_call.nix + ../. + ]; +} diff --git a/modules/nixos-hardware/lenovo/thinkpad/t460s/default.nix b/modules/nixos-hardware/lenovo/thinkpad/t460s/default.nix new file mode 100644 index 000000000000..e62337171b9a --- /dev/null +++ b/modules/nixos-hardware/lenovo/thinkpad/t460s/default.nix @@ -0,0 +1,9 @@ +{ config, lib, pkgs, ... }: + +{ + imports = [ + ../../../common/cpu/intel + ../../../common/pc/laptop/acpi_call.nix + ../. + ]; +} diff --git a/modules/nixos-hardware/lenovo/thinkpad/t470s/default.nix b/modules/nixos-hardware/lenovo/thinkpad/t470s/default.nix new file mode 100644 index 000000000000..e62337171b9a --- /dev/null +++ b/modules/nixos-hardware/lenovo/thinkpad/t470s/default.nix @@ -0,0 +1,9 @@ +{ config, lib, pkgs, ... }: + +{ + imports = [ + ../../../common/cpu/intel + ../../../common/pc/laptop/acpi_call.nix + ../. + ]; +} diff --git a/modules/nixos-hardware/lenovo/thinkpad/t480s/default.nix b/modules/nixos-hardware/lenovo/thinkpad/t480s/default.nix new file mode 100644 index 000000000000..1a14afa6b5e4 --- /dev/null +++ b/modules/nixos-hardware/lenovo/thinkpad/t480s/default.nix @@ -0,0 +1,11 @@ +{ config, lib, pkgs, ... }: + +{ + imports = [ + ../../../common/cpu/intel + ../../../common/pc/laptop/acpi_call.nix + ../. + ]; + + services.throttled.enable = lib.mkDefault true; +} diff --git a/modules/nixos-hardware/lenovo/thinkpad/t490/default.nix b/modules/nixos-hardware/lenovo/thinkpad/t490/default.nix new file mode 100644 index 000000000000..3578da66c73d --- /dev/null +++ b/modules/nixos-hardware/lenovo/thinkpad/t490/default.nix @@ -0,0 +1,31 @@ +{ nixos, lib, pkgs, config, stdenv, ... }: +{ + imports = [ + ../../../common/cpu/intel + ../../../common/pc/laptop/acpi_call.nix + ../. + ]; + + services = { + # This fixes the pulseaudio profiles of the Thinkpad T490. + # The laptop contains a single audio card with 5 sub-devices. Default pulseaudio only offers a single sink + # which can only be switched between speaker/HDMI via a manual profile change. + # This configures a profile set for pulseaudio which offers multiple sinks corresponding to the + # speaker + 4 HDMI ports. This allows the user to play audio streams on the speaker and any of the 4 HDMI/USB-C + # ports at the same time. + udev.extraRules = let + t490ProfileSet = ./t490-profile-set.conf; + in '' + SUBSYSTEM!="sound", GOTO="pulseaudio_end" + ACTION!="change", GOTO="pulseaudio_end" + KERNEL!="card*", GOTO="pulseaudio_end" + + # Lenovo T490 + ATTRS{vendor}=="0x8086" ATTRS{device}=="0x9dc8" ATTRS{subsystem_vendor}=="0x17aa", ATTRS{subsystem_device}=="0x2279", ENV{PULSE_PROFILE_SET}="${t490ProfileSet}" + + LABEL="pulseaudio_end" + ''; + + throttled.enable = lib.mkDefault true; + }; +} diff --git a/modules/nixos-hardware/lenovo/thinkpad/t490/t490-profile-set.conf b/modules/nixos-hardware/lenovo/thinkpad/t490/t490-profile-set.conf new file mode 100644 index 000000000000..98f8f0318de1 --- /dev/null +++ b/modules/nixos-hardware/lenovo/thinkpad/t490/t490-profile-set.conf @@ -0,0 +1,107 @@ +[Profile speaker+hdmi-stereo] +description = Speaker + HDMI Stereo +output-mappings = analog-stereo hdmi-stereo hdmi-stereo-extra1 hdmi-stereo-extra2 +input-mappings = analog-stereo + +[Mapping analog-stereo] +device-strings = front:%f +channel-map = left,right +paths-output = analog-output analog-output-lineout analog-output-speaker analog-output-headphones analog-output-headphones-2 +paths-input = analog-input-front-mic analog-input-rear-mic analog-input-internal-mic analog-input-dock-mic analog-input analog-input-mic analog-input-linein analog-input-aux analog-input-video analog-input-tvtuner analog-input-fm analog-input-mic-line analog-input-headphone-mic analog-input-headset-mic +priority = 15 + +[Mapping hdmi-stereo] +description = Stereo (HDMI) +device-strings = hdmi:%f +paths-output = hdmi-output-0 +channel-map = left,right +priority = 6 +direction = output + +[Mapping hdmi-stereo-extra1] +description = Stereo (HDMI 2) +device-strings = hdmi:%f,1 +paths-output = hdmi-output-1 +channel-map = left,right +priority = 8 +direction = output + +[Mapping hdmi-stereo-extra2] +description = Stereo (HDMI 3) +device-strings = hdmi:%f,2 +paths-output = hdmi-output-2 +channel-map = left,right +priority = 6 +direction = output + +[Profile speaker+hdmi-surround] +description = Speaker + HDMI 5.1 +output-mappings = analog-stereo hdmi-surround hdmi-surround-extra1 hdmi-surround-extra2 +input-mappings = analog-stereo + +[Mapping analog-stereo] +device-strings = front:%f +channel-map = left,right +paths-output = analog-output analog-output-lineout analog-output-speaker analog-output-headphones analog-output-headphones-2 +paths-input = analog-input-front-mic analog-input-rear-mic analog-input-internal-mic analog-input-dock-mic analog-input analog-input-mic analog-input-linein analog-input-aux analog-input-video analog-input-tvtuner analog-input-fm analog-input-mic-line analog-input-headphone-mic analog-input-headset-mic +priority = 15 + +[Mapping hdmi-surround] +description = Digital Surround 5.1 (HDMI) +device-strings = hdmi:%f +paths-output = hdmi-output-0 +channel-map = front-left,front-right,rear-left,rear-right,front-center,lfe +priority = 6 +direction = output + +[Mapping hdmi-surround-extra1] +description = Digital Surround 5.1 (HDMI 2) +device-strings = hdmi:%f,1 +paths-output = hdmi-output-1 +channel-map = front-left,front-right,rear-left,rear-right,front-center,lfe +priority = 8 +direction = output + +[Mapping hdmi-surround-extra2] +description = Digital Surround 5.1 (HDMI 3) +device-strings = hdmi:%f,2 +paths-output = hdmi-output-2 +channel-map = front-left,front-right,rear-left,rear-right,front-center,lfe +priority = 6 +direction = output + +[Profile speaker+hdmi-surround71] +description = Speaker + HDMI 7.1 +output-mappings = analog-stereo hdmi-surround71 hdmi-surround71-extra1 hdmi-surround71-extra2 +input-mappings = analog-stereo + +[Mapping analog-stereo] +device-strings = front:%f +channel-map = left,right +paths-output = analog-output analog-output-lineout analog-output-speaker analog-output-headphones analog-output-headphones-2 +paths-input = analog-input-front-mic analog-input-rear-mic analog-input-internal-mic analog-input-dock-mic analog-input analog-input-mic analog-input-linein analog-input-aux analog-input-video analog-input-tvtuner analog-input-fm analog-input-mic-line analog-input-headphone-mic analog-input-headset-mic +priority = 15 + +[Mapping hdmi-surround71] +description = Digital Surround 7.1 (HDMI) +device-strings = hdmi:%f +paths-output = hdmi-output-0 +channel-map = front-left,front-right,rear-left,rear-right,front-center,lfe,side-left,side-right +priority = 6 +direction = output + +[Mapping hdmi-surround71-extra1] +description = Digital Surround 7.1 (HDMI 2) +device-strings = hdmi:%f,1 +paths-output = hdmi-output-1 +channel-map = front-left,front-right,rear-left,rear-right,front-center,lfe,side-left,side-right +priority = 8 +direction = output + +[Mapping hdmi-surround71-extra2] +description = Digital Surround 7.1 (HDMI 3) +device-strings = hdmi:%f,2 +paths-output = hdmi-output-2 +channel-map = front-left,front-right,rear-left,rear-right,front-center,lfe,side-left,side-right +priority = 6 +direction = output diff --git a/modules/nixos-hardware/lenovo/thinkpad/t495/default.nix b/modules/nixos-hardware/lenovo/thinkpad/t495/default.nix new file mode 100644 index 000000000000..64957e6e06c7 --- /dev/null +++ b/modules/nixos-hardware/lenovo/thinkpad/t495/default.nix @@ -0,0 +1,16 @@ +{ config, lib, pkgs, ... }: + +{ + imports = [ + ../. + ../../../common/cpu/amd + ../../../common/pc/laptop/acpi_call.nix + ]; + + # Force use of the thinkpad_acpi driver for backlight control. + # This allows the backlight save/load systemd service to work. + boot.kernelParams = [ "acpi_backlight=native" ]; + + # see https://github.com/NixOS/nixpkgs/issues/69289 + boot.kernelPackages = lib.mkIf (lib.versionOlder pkgs.linux.version "5.2") pkgs.linuxPackages_latest; +} diff --git a/modules/nixos-hardware/lenovo/thinkpad/tp-smapi.nix b/modules/nixos-hardware/lenovo/thinkpad/tp-smapi.nix new file mode 100644 index 000000000000..451dd28ece03 --- /dev/null +++ b/modules/nixos-hardware/lenovo/thinkpad/tp-smapi.nix @@ -0,0 +1,11 @@ +# tp_smapi works on ThinkPads made before 2013. See compat table: +# https://www.thinkwiki.org/wiki/Tp_smapi#Model-specific_status + +{ config, ... }: + +{ + boot = { + kernelModules = [ "tp_smapi" ]; + extraModulePackages = with config.boot.kernelPackages; [ tp_smapi ]; + }; +} diff --git a/modules/nixos-hardware/lenovo/thinkpad/x1-extreme/default.nix b/modules/nixos-hardware/lenovo/thinkpad/x1-extreme/default.nix new file mode 100644 index 000000000000..09a0ec1700a5 --- /dev/null +++ b/modules/nixos-hardware/lenovo/thinkpad/x1-extreme/default.nix @@ -0,0 +1,8 @@ +{ + imports = [ + ../. + ../../../common/cpu/intel + ../../../common/pc/laptop/acpi_call.nix + ../../../common/pc/laptop/ssd + ]; +} diff --git a/modules/nixos-hardware/lenovo/thinkpad/x1-extreme/gen2/default.nix b/modules/nixos-hardware/lenovo/thinkpad/x1-extreme/gen2/default.nix new file mode 100644 index 000000000000..6b0ebbd5d1e3 --- /dev/null +++ b/modules/nixos-hardware/lenovo/thinkpad/x1-extreme/gen2/default.nix @@ -0,0 +1,48 @@ +{ config, lib, ... }: + +with lib; + +{ + imports = [ + ../. + ]; + + # Fixes an issue with incorrect battery reporting. See + # https://wiki.archlinux.org/index.php/Lenovo_ThinkPad_X1_Extreme_(Gen_2)#Invalid_Stats_Workaround + boot.initrd.availableKernelModules = [ "battery" ]; + + # New ThinkPads have a different TrackPoint manufacturer/name. + # See also https://certification.ubuntu.com/catalog/component/input/5313/input%3ATPPS/2ElanTrackPoint/ + hardware.trackpoint.device = "TPPS/2 Elan TrackPoint"; + + # Since the HDMI port is connected to the NVIDIA card. + hardware.bumblebee.connectDisplay = true; + + nixpkgs.overlays = [ + (self: super: { + bumblebee = super.bumblebee.override { + extraNvidiaDeviceOptions = '' + Option "AllowEmptyInitialConfiguration" + ''; + }; + }) + ]; + + services.xserver = mkMerge [ + { + # Set the right DPI. xdpyinfo says the screen is 508×285 mm but + # it actually is 344×193 mm. + monitorSection = '' + DisplaySize 344 193 + ''; + } + + # To support intel-virtual-output when using Bumblebee. + (mkIf config.hardware.bumblebee.enable { + deviceSection = ''Option "VirtualHeads" "1"''; + videoDrivers = [ "intel" ]; + }) + ]; + + services.throttled.enable = lib.mkDefault true; +} diff --git a/modules/nixos-hardware/lenovo/thinkpad/x1/6th-gen/QHD/default.nix b/modules/nixos-hardware/lenovo/thinkpad/x1/6th-gen/QHD/default.nix new file mode 100644 index 000000000000..0b8555fbfb08 --- /dev/null +++ b/modules/nixos-hardware/lenovo/thinkpad/x1/6th-gen/QHD/default.nix @@ -0,0 +1,36 @@ +# X1 6th generation with a QHD (2560x1440px) display +{ config, lib, pkgs, ... }: + +{ + imports = [ + ../. + ]; + + # Fix font sizes in X + services.xserver.dpi = 210; + fonts.fontconfig.dpi = 210; + + # Fix sizes of GTK/GNOME ui elements + environment.variables = { + GDK_SCALE = lib.mkDefault "2"; + GDK_DPI_SCALE= lib.mkDefault "0.5"; + }; + # Enable readable font on console. The example configuration that + # follows is taliored towards western languages. To see how to + # configure the font download the source tarball from + # http://terminus-font.sourceforge.net/ and read the README file on + # the root dir + + # i18n = { + # # this means ISO8859-1 or ISO8859-15 or Windows-1252 codepages + # # (ter-1), 16x32 px (32), normal font weight (n) + # consoleFont = "ter-132n"; + # consoleKeyMap = "us"; + # defaultLocale = "en_US.UTF-8"; + # consolePackages = [ pkgs.terminus_font ]; + # }; + + # Early configure the console to make the font readable from the + # start + # boot.earlyVconsoleSetup = true; +} diff --git a/modules/nixos-hardware/lenovo/thinkpad/x1/6th-gen/default.nix b/modules/nixos-hardware/lenovo/thinkpad/x1/6th-gen/default.nix new file mode 100644 index 000000000000..00446b8c278b --- /dev/null +++ b/modules/nixos-hardware/lenovo/thinkpad/x1/6th-gen/default.nix @@ -0,0 +1,20 @@ +# A good source of information about how to fix the issues still +# standing with kernel 4.6.11 is the following wiki page: +# https://wiki.archlinux.org/index.php/Lenovo_ThinkPad_X1_Carbon_(Gen_6). The +# TrackPoint and TouchPad issues there seem to have been fixed already. +# +# Enable the lower-power S3 suspend state by upgrading the BIOS to version >= 1.30, +# then manually selecting Linux in the power management section. +{ config, pkgs, lib, ... }: +{ + imports = [ + ../. + ../../../../common/pc/laptop/acpi_call.nix + ]; + + # New ThinkPads have a different TrackPoint manufacturer/name. + # See also https://certification.ubuntu.com/catalog/component/input/5313/input%3ATPPS/2ElanTrackPoint/ + hardware.trackpoint.device = "TPPS/2 Elan TrackPoint"; + + services.throttled.enable = lib.mkDefault true; +} diff --git a/modules/nixos-hardware/lenovo/thinkpad/x1/7th-gen/audio.nix b/modules/nixos-hardware/lenovo/thinkpad/x1/7th-gen/audio.nix new file mode 100644 index 000000000000..f6ecf58aa337 --- /dev/null +++ b/modules/nixos-hardware/lenovo/thinkpad/x1/7th-gen/audio.nix @@ -0,0 +1,15 @@ +{ lib, pkgs, ... }: +{ + # This can be removed when the default kernel is at least version 5.6 + # https://github.com/NixOS/nixpkgs/pull/86168 + boot.kernelPackages = lib.mkIf + (lib.versionOlder pkgs.linux.version "5.6") + (lib.mkDefault pkgs.linuxPackages_latest); + + # This can be removed when PulseAudio is at least version 14 + # https://wiki.archlinux.org/index.php/Lenovo_ThinkPad_X1_Carbon_(Gen_7)#Audio + hardware.pulseaudio.extraConfig = '' + load-module module-alsa-sink device=hw:0,0 channels=4 + load-module module-alsa-source device=hw:0,6 channels=4 + ''; +} diff --git a/modules/nixos-hardware/lenovo/thinkpad/x1/7th-gen/default.nix b/modules/nixos-hardware/lenovo/thinkpad/x1/7th-gen/default.nix new file mode 100644 index 000000000000..8349d05678a2 --- /dev/null +++ b/modules/nixos-hardware/lenovo/thinkpad/x1/7th-gen/default.nix @@ -0,0 +1,7 @@ +{ + imports = [ + ../. + ../../../../common/pc/laptop/acpi_call.nix + ./audio.nix + ]; +} diff --git a/modules/nixos-hardware/lenovo/thinkpad/x1/default.nix b/modules/nixos-hardware/lenovo/thinkpad/x1/default.nix new file mode 100644 index 000000000000..870d9a857742 --- /dev/null +++ b/modules/nixos-hardware/lenovo/thinkpad/x1/default.nix @@ -0,0 +1,6 @@ +{ + imports = [ + ../. + ../../../common/cpu/intel + ]; +} diff --git a/modules/nixos-hardware/lenovo/thinkpad/x13-yoga/default.nix b/modules/nixos-hardware/lenovo/thinkpad/x13-yoga/default.nix new file mode 100644 index 000000000000..2653910d44b4 --- /dev/null +++ b/modules/nixos-hardware/lenovo/thinkpad/x13-yoga/default.nix @@ -0,0 +1,13 @@ +{ config, lib, ... }: { + imports = [ + ../. + ../../../common/cpu/intel + ../../../common/pc/laptop/acpi_call.nix + ../../../common/pc/laptop/ssd + ]; + + # automatic screen orientation + hardware.sensor.iio.enable = true; + + services.xserver.wacom.enable = lib.mkDefault config.services.xserver.enable; +} diff --git a/modules/nixos-hardware/lenovo/thinkpad/x140e/default.nix b/modules/nixos-hardware/lenovo/thinkpad/x140e/default.nix new file mode 100644 index 000000000000..c03410e936e2 --- /dev/null +++ b/modules/nixos-hardware/lenovo/thinkpad/x140e/default.nix @@ -0,0 +1,14 @@ +{ config, lib, pkgs, ... }: + +{ + imports = [ + ../. + ../../../common/cpu/amd + ]; + + boot.extraModprobeConfig = lib.mkDefault '' + options snd_hda_intel enable=0,1 + ''; + + services.xserver.videoDrivers = [ "ati" ]; +} diff --git a/modules/nixos-hardware/lenovo/thinkpad/x220/default.nix b/modules/nixos-hardware/lenovo/thinkpad/x220/default.nix new file mode 100644 index 000000000000..b28e27845b0b --- /dev/null +++ b/modules/nixos-hardware/lenovo/thinkpad/x220/default.nix @@ -0,0 +1,10 @@ +{ config, lib, pkgs, ... }: + +{ + imports = [ + ../. + ../../../common/cpu/intel/sandy-bridge + ../../../common/pc/laptop/hdd # TODO: reverse compat + ../tp-smapi.nix + ]; +} diff --git a/modules/nixos-hardware/lenovo/thinkpad/x230/default.nix b/modules/nixos-hardware/lenovo/thinkpad/x230/default.nix new file mode 100644 index 000000000000..58b09f4c5d5f --- /dev/null +++ b/modules/nixos-hardware/lenovo/thinkpad/x230/default.nix @@ -0,0 +1,19 @@ +{ config, lib, pkgs, ... }: + +{ + imports = [ + ../. + ../../../common/cpu/intel + ../../../common/pc/laptop/acpi_call.nix + ]; + + boot = { + kernelModules = [ + "tpm-rng" + ]; + }; + + services.xserver.deviceSection = lib.mkDefault '' + Option "TearFree" "true" + ''; +} diff --git a/modules/nixos-hardware/lenovo/thinkpad/x250/default.nix b/modules/nixos-hardware/lenovo/thinkpad/x250/default.nix new file mode 100644 index 000000000000..55ae2096342e --- /dev/null +++ b/modules/nixos-hardware/lenovo/thinkpad/x250/default.nix @@ -0,0 +1,7 @@ +{ + imports = [ + ../. + ../../../common/cpu/intel + ../../../common/pc/laptop/acpi_call.nix + ]; +} diff --git a/modules/nixos-hardware/lenovo/thinkpad/x260/default.nix b/modules/nixos-hardware/lenovo/thinkpad/x260/default.nix new file mode 100644 index 000000000000..c11ef98f79e0 --- /dev/null +++ b/modules/nixos-hardware/lenovo/thinkpad/x260/default.nix @@ -0,0 +1,17 @@ +{ + imports = [ + ../. + ../../../common/cpu/intel + ../../../common/pc/laptop/acpi_call.nix + ]; + + boot.kernelParams = [ + # https://wiki.archlinux.org/index.php/Lenovo_ThinkPad_X260#Thinkpad_X260 + "i915.enable_psr=0" + ]; + + # https://wiki.archlinux.org/index.php/TLP#Btrfs + services.tlp.settings = { + SATA_LINKPWR_ON_BAT = "med_power_with_dipm"; + }; +} diff --git a/modules/nixos-hardware/lenovo/thinkpad/x270/default.nix b/modules/nixos-hardware/lenovo/thinkpad/x270/default.nix new file mode 100644 index 000000000000..870d9a857742 --- /dev/null +++ b/modules/nixos-hardware/lenovo/thinkpad/x270/default.nix @@ -0,0 +1,6 @@ +{ + imports = [ + ../. + ../../../common/cpu/intel + ]; +} diff --git a/modules/nixos-hardware/lenovo/thinkpad/x280/default.nix b/modules/nixos-hardware/lenovo/thinkpad/x280/default.nix new file mode 100644 index 000000000000..a9423e547321 --- /dev/null +++ b/modules/nixos-hardware/lenovo/thinkpad/x280/default.nix @@ -0,0 +1,12 @@ +{ config, pkgs, lib, ... }: + +{ + imports = [ + ../. + ../../../common/cpu/intel + ../../../common/pc/laptop/acpi_call.nix + ../../../common/pc/laptop/ssd/default.nix + ]; + + services.throttled.enable = lib.mkDefault true; +} diff --git a/modules/nixos-hardware/microsoft/hyper-v/README.md b/modules/nixos-hardware/microsoft/hyper-v/README.md new file mode 100644 index 000000000000..f396214e09fd --- /dev/null +++ b/modules/nixos-hardware/microsoft/hyper-v/README.md @@ -0,0 +1,63 @@ +This is a setup for installing NixOS in Hyper-V as a guest. + +I don't have details handy anymore on the detailed steps I had to do on the Windows host +(there's no NixWindows yet, unfortunately...), so you'll have to try googling that yourself, e.g. something like +"linux on hyper-v" or "ubuntu on hyper-v". (You're welcome to send PRs with improvements of this guide.) +Below, I'm providing only the info with what to do on the NixOS side of things. + +## Installation ## + +I basically followed the [guide for NixOS on VirtualBox](https://nixos.org/wiki/Installing_NixOS_in_a_VirtualBox_guest). +However, some additional changes in `/etc/nixos/configuration.nix` were required to really make it work +(I don't include them as a .nix file, as they must be done **before `nixos-install`**, and I'm not sure how to proceed +with cloning the nixos-hardware repo at this stage): + + # REQUIRED - see: https://github.com/nixos/nixpkgs/issues/9899 + boot.initrd.kernelModules = ["hv_vmbus" "hv_storvsc"]; + + # RECOMMENDED + # - use 800x600 resolution for text console, to make it easy to fit on screen + boot.kernelParams = ["video=hyperv_fb:800x600"]; # https://askubuntu.com/a/399960 + # - avoid a problem with `nix-env -i` running out of memory + boot.kernel.sysctl."vm.overcommit_memory" = "1"; # https://github.com/NixOS/nix/issues/421 + + # UNKNOWN - not sure if below are needed; were suggested for VirtualBox and I used them + boot.loader.grub.device = "/dev/sda"; + boot.initrd.checkJournalingFS = false; + +## Shared folder ## + +To share a folder between Windows host and Linux/NixOS guest, the typical solution seems to be to make a folder "shared" +on Windows, then access it via Samba from NixOS. +On the Windows host, I had to make an additional virtual switch in Hyper-V Manager, with mode "internal". +Then in properties of the virtual network card on Windows host (attached to the virtual switch), I +changed the IP to a fixed 10.0.0.100 (mask 255.255.255.240). I also added a special purpose user on the host, with some +long randomly generated password, to act as Samba credentials for NixOS. +To test that it works, I used the following commands: + + $ nix-env -iA nixos.samba + $ smbclient -L //10.0.0.100 -U shares-guest%ReplaceWithSomeLongRandomlyGeneratedPassword + Domain=[DESKTOP-ABCD123] OS=[Windows 10 Pro 14393] Server=[Windows 10 Pro 6.3] + + Sharename Type Comment + --------- ---- ------- + ADMIN$ Disk Administracja zdalna + C$ Disk Domyślny udział + IPC$ IPC Zdalne wywołanie IPC + shared-space Disk + Connection to 10.0.0.100 failed (Error NT_STATUS_RESOURCE_NAME_NOT_FOUND) + NetBIOS over TCP disabled -- no workgroup available + + $ nix-env -e samba + +Then I added the following lines in `/etc/nixos/configuration.nix`: + + # Client for shared folder on Windows Hyper-V host + # Based on: nixpkgs.git/nixos/tests/samba.nix + fileSystems."/vm-share" = { + fsType = "cifs"; + device = "//10.0.0.100/shared-space"; + options = [ "username=shares-guest" "password=ReplaceWithSomeLongRandomlyGeneratedPassword" ]; + }; + networking.interfaces.eth1.ip4 = [{address="10.0.0.101"; prefixLength=28;}]; + diff --git a/modules/nixos-hardware/microsoft/surface-pro/3/README.wiki b/modules/nixos-hardware/microsoft/surface-pro/3/README.wiki new file mode 100644 index 000000000000..9ffdc559e183 --- /dev/null +++ b/modules/nixos-hardware/microsoft/surface-pro/3/README.wiki @@ -0,0 +1,41 @@ +Work in progress. This is the setup for a dual-boot windows/NixOS. + +== Installation == + +Current requirements: +* USB stick +* Latest unstable minimal installation iso, I used [[https://nixos.org/releases/nixos/unstable/nixos-15.05pre61665.4c01e6d/nixos-minimal-15.05pre61665.4c01e6d-x86_64-linux.iso the 15.06-pre one]] +* (maybe) USB keyboard and therefore a USB hub +* WiFi SSID and password + +In the current installation iso, the kernel doesn't support the MS Type cover yet, so you need a USB keyboard for the initial install. Also note that at one point the keyboard wasn't working, and I couldn't see it in lsusb output. After a cold boot it worked fine. + +=== Steps === + +Preparation: +* Copy the ISO to the USB stick as explained [[https://nixos.org/nixos/manual/sec-installation.html#sec-booting-from-usb in the manual]]. Note that if you just dd the image onto the USB stick, it will boot without changes +* With Windows Disk Management, shrink the windows disk so you have room for your installation. Use the free space to create a new partition without a filesystem or drive letter. +* Check out [[https://github.com/cransom/surface-pro-3-nixos this expression and set of patches]] and add it to support newer versions of the Type Cover as well as enable the touch screen. + +* Reboot the Surface and furiously tap Esc until you end up in the BIOS screen. There, turn off secure boot (don't delete the keys), and change the boot order to USB + SSD. Save. +* You should now be in the NixOS installer +* Attach the USB stick and keyboard if the Type Cover doesn't work. The NixOS manual is at alt+F8 + +Installation: +* Using gdisk, print your partition table to find the empty partition you created. Find the EFI partition number (1 for me) and your new partition number (5 for me). +* Create your filesystem of choice on the partition, I picked btrfs: `mkfs.btrfs -L root /dev/disk/by-id/xxx-5` (xxx is the samsung ssd). Mount it on /mnt. +** With btrfs it's wise to put the nix store in its own subvolume: `btrfs subvol create /mnt/nix; btrfs subvol create /mnt/nix/store` +* We'll be using Gummiboot, which needs to access the EFI partition. `mkdir /mnt/boot; mount /dev/disk/by-id/xxx-1` +* Initialize your hardware configuration: `nixos-generate-config --root /mnt` +* Create your wifi credentials: `wpa_passphrase SSID PASS > /etc/wpa_supplicant.conf; cp /etc/wpa_supplicant.conf /mnt/etc`. Check that ifconfig gets an ip address. +* Edit /mnt/etc/configuration.nix, making sure that you have at least: + <nowiki>networking.wireless.enable = true; # Enables wireless support via wpa_supplicant. + + boot.kernelPackages = pkgs.linuxPackages_latest; + # be able to use the type cover in the initrd + boot.kernelModules = [ "hid-microsoft" ];</nowiki> +* Install: `nixos-install` + +If this completes successfully, you should be able to reboot, remove the USB stick, and NixOS should come up. + +'''Note''': If using the hid-multitouch patch, you can boot windows as well as other profiles of NixOS without using a usb keyboard. diff --git a/modules/nixos-hardware/microsoft/surface-pro/3/default.nix b/modules/nixos-hardware/microsoft/surface-pro/3/default.nix new file mode 100644 index 000000000000..4fa8f79a4135 --- /dev/null +++ b/modules/nixos-hardware/microsoft/surface-pro/3/default.nix @@ -0,0 +1,4 @@ +{ lib, ... }: +{ + imports = [ ../../surface ]; +} diff --git a/modules/nixos-hardware/microsoft/surface/README.md b/modules/nixos-hardware/microsoft/surface/README.md new file mode 100644 index 000000000000..d67a91e9a161 --- /dev/null +++ b/modules/nixos-hardware/microsoft/surface/README.md @@ -0,0 +1,73 @@ +# Derivatives for Microsoft Surface notebooks + +These derivatives use the patches from the [linux-surface repo](https://github.com/linux-surface/linux-surface/tree/master/patches). + +## Kernel + +The kernel needs several patches to make it work correctly with some of the hardware on various +Surface models, e.g. keyboard/trackpad, camera, wifi. + +Not all hardware is fully supported, but the +[linux-surface feature matrix](https://github.com/linux-surface/linux-surface/wiki/Supported-Devices-and-Features#feature-matrix) +provides details on which devices are supported on which types of machine. + +The kernel-specific derivations are under the `kernel/` sub-directory. +In order to simplify maintenance of the Nix code, only the most-recent kernel patch-set is expected +to be maintained in this repo. + +_*NOTE:*_Some built-in Kernel config items need to be set, that aren't set by default: +- https://github.com/linux-surface/surface-aggregator-module/wiki/Testing-and-Installing + +## Firmware, Drivers and Support Tools + +### WiFi + +For the Surface Go, please see the "Issues" sections below. + +### IPTS + +IPTS is used on most of the Surface range, except for Surface Go and Surface Laptop 3 (AMD version). + +Older kernels used specialised firmware which used a method that's no longer supported by the +more-recent kernels. + +Newer kernels use the kernel-space `intel-precise-touch` driver and user-space `ipstd` daemon. + +The `iptsd` daemon works with the `intel-precise-touch` driver to convert raw touch data from the +kernel-space driver into events for the HID / input sub-system. + +- https://github.com/linux-surface/iptsd +- https://github.com/linux-surface/intel-precise-touch + - _*NOTE:*_ The patches from this repo are included in the above kernel patches, already. + +### DTX, `surface-control` + +*TODO* + +# ToDo's Not Done + +See: [TODO.org](./TODO.org) + +# Issues + +## TLP daemon + +TLP is known to cause problems on Surface unless correctly configured. +See: https://github.com/linux-surface/linux-surface/blob/master/README.md + +## Wifi Firmware for Surface Go + +On the Surface Go, the standard firmware from the official Linux Firmware repo has issues with the +`ath10k` QCA6174 Wifi device. +You will see messages like "Can't ping firmware" *TODO - Copy messages from console* + +The most effective fix to-date is to remove the `board-2.bin` file or replace it with a copy of the +`board.bin` file. + +References: +- https://github.com/jakeday/linux-surface/issues/441 +- https://www.reddit.com/r/SurfaceLinux/comments/e8quqg/surface_go_official_wifi_fix/ +- https://hackmd.io/@dasgeek/ryA5i5Dor +- https://github.com/thebitstick/surfacego-wifi +- https://git.kernel.org/pub/scm/linux/kernel/git/firmware/linux-firmware.git/tree/ath10k +- https://wireless.wiki.kernel.org/en/users/drivers/ath10k/firmware diff --git a/modules/nixos-hardware/microsoft/surface/TODO.org b/modules/nixos-hardware/microsoft/surface/TODO.org new file mode 100644 index 000000000000..7db7ea42d23d --- /dev/null +++ b/modules/nixos-hardware/microsoft/surface/TODO.org @@ -0,0 +1,38 @@ +* Kernel Patching +** DONE Create derivative to patch kernel 5.10.2 + - Latest from linux-surface + - [X] Download github.com/linux-surface/linux-surface kernel patches + - [X] Build kernel using downloaded patches +** TODO Create a function for selecting preferred kernel +** DONE Fix how Keyboard & Trackpad are not being enabled on SL3 + - https://github.com/linux-surface/surface-aggregator-module/wiki/Testing-and-Installing +* Firmware +** DONE Remove old firmware binaries + - Looks like the ath10k files aren't needed, any more +** DONE Create derivative for `ipts` firmware + - [X] Download github.com/linux-surface/surface-ipts-firmware firmware + - [X] Install the binaries +** DONE Remove `ipts` firmware derivative + - This is only needed on the 4.19 kernel +** TODO Investigate problem with ath10k wifi firmware on Surface Go +*** TODO README entry explaining problem(s) with nonfree firmware on Surface Go +*** TODO Create derivative for `ath10k` firmware on Surface Go + - [X] Download github.com/kvalo/ath10k-firmware ? + - [X] Download kernel.org linux-firmware? + - [ ] Download `board.bin` from Killer Networks? + - [ ] Install ath10k firmware fix for Surface Go + - `board-2.bin` needs to be removed / replaced with `board.bin` +* Support Tools +** TODO Incorporate @hpfr's function(s) from this commit: + - https://github.com/hpfr/system/commit/03fa1b0a83f8a336e812910d0d50f5247a8a630c +** TODO Create derivative for `iptsd` touch-screen daemon + - [ ] Download + - [ ] Install binary + - [ ] Enable via systemd +** TODO Create derivative to patch and rebuild libwacom + - github.com/linux-surface/libwacom-surface + - The plan is to do this in a separate PR against `nixpkgs` instead of `nixos-hardware` +** TODO Create derivative to install `surface-control` + - Download github.com/linux-surface/surface-control +** TODO Create derivative to install `surface-dtx-daemon` + - Download github.com/linux-surface/surface-dtx-daemon diff --git a/modules/nixos-hardware/microsoft/surface/default.nix b/modules/nixos-hardware/microsoft/surface/default.nix new file mode 100644 index 000000000000..7a49d08f945b --- /dev/null +++ b/modules/nixos-hardware/microsoft/surface/default.nix @@ -0,0 +1,8 @@ +{ config, lib, pkgs, ... }: +{ + imports = [ + ./kernel + ./firmware + ./hardware_configuration.nix + ]; +} diff --git a/modules/nixos-hardware/microsoft/surface/firmware/default.nix b/modules/nixos-hardware/microsoft/surface/firmware/default.nix new file mode 100644 index 000000000000..67f2ce229214 --- /dev/null +++ b/modules/nixos-hardware/microsoft/surface/firmware/default.nix @@ -0,0 +1,6 @@ +{ config, lib, pkgs, ... }: +{ + hardware.enableAllFirmware = true; + hardware.firmware = [ + ]; +} diff --git a/modules/nixos-hardware/microsoft/surface/hardware_configuration.nix b/modules/nixos-hardware/microsoft/surface/hardware_configuration.nix new file mode 100644 index 000000000000..2053b01acd49 --- /dev/null +++ b/modules/nixos-hardware/microsoft/surface/hardware_configuration.nix @@ -0,0 +1,18 @@ +{ config, lib, pkgs, ... }: +{ + boot.extraModprobeConfig = lib.mkDefault '' + options i915 enable_fbc=1 enable_rc6=1 modeset=1 + options snd_hda_intel power_save=1 + options snd_ac97_codec power_save=1 + options iwlwifi power_save=Y + options iwldvm force_cam=N + options ath10k_core skip_otp=Y + ''; + + boot.kernelParams = [ "mem_sleep_default=deep" ]; + + # NOTE: Check the README before enabling TLP: + services.tlp.enable = lib.mkDefault false; + + hardware.sensor.iio.enable = lib.mkDefault true; +} diff --git a/modules/nixos-hardware/microsoft/surface/kernel/default.nix b/modules/nixos-hardware/microsoft/surface/kernel/default.nix new file mode 100644 index 000000000000..b280f2d9941c --- /dev/null +++ b/modules/nixos-hardware/microsoft/surface/kernel/default.nix @@ -0,0 +1,5 @@ +{ config, lib, pkgs, ... }: + +{ + boot.kernelPackages = pkgs.callPackage ./linux-5.10.2 {}; +} diff --git a/modules/nixos-hardware/microsoft/surface/kernel/linux-5.10.2/default.nix b/modules/nixos-hardware/microsoft/surface/kernel/linux-5.10.2/default.nix new file mode 100644 index 000000000000..d4f6eb4eb9d8 --- /dev/null +++ b/modules/nixos-hardware/microsoft/surface/kernel/linux-5.10.2/default.nix @@ -0,0 +1,112 @@ +{ config, lib, pkgs, ... }: +let + repos = (pkgs.callPackage ../../repos.nix {}); + # TODO: Can I append the path ./patches instead of a string? + patches = repos.linux-surface + "/patches"; + surface_kernelPatches = [ + { name = "microsoft-surface-patches-linux-5.10.2"; + patch = null; + extraConfig = '' + # + # Surface Aggregator Module + # + SURFACE_AGGREGATOR m + SURFACE_AGGREGATOR_ERROR_INJECTION n + SURFACE_AGGREGATOR_BUS y + SURFACE_AGGREGATOR_CDEV m + SURFACE_AGGREGATOR_REGISTRY m + SURFACE_ACPI_NOTIFY m + SURFACE_BATTERY m + SURFACE_DTX m + SURFACE_HID m + SURFACE_PERFMODE m + + # + # These built-in modules are required for the Surface Aggregator Module + # See: https://github.com/linux-surface/surface-aggregator-module/wiki/Testing-and-Installing + # + SERIAL_DEV_BUS y + SERIAL_DEV_CTRL_TTYPORT y + + # + # Surface Hotplug + # + SURFACE_HOTPLUG m + + # + # IPTS touchscreen + # + # This only enables the user interface for IPTS data. + # For the touchscreen to work, you need to install iptsd. + # + MISC_IPTS m + + # + # Cameras: IPU3 + # + ## TODO: Fix for kernel 5.10.2: + ##VIDEO_IPU3_IMGU m + VIDEO_IPU3_CIO2 m + CIO2_BRIDGE y + INT3472 m + + # + # Cameras: Sensor drivers + # + VIDEO_OV5693 m + ## TODO: Fix for kernel 5.10.2: + ##VIDEO_OV8865 m + + # + # Other Drivers + # + INPUT_SOC_BUTTON_ARRAY m + SURFACE_3_BUTTON m + SURFACE_3_POWER_OPREGION m + SURFACE_PRO3_BUTTON m + SURFACE_GPE m + SURFACE_BOOK1_DGPU_SWITCH m + ''; + } + { + name = "ms-surface/0001-surface3-oemb"; + patch = patches + "/5.10/0001-surface3-oemb.patch"; + } + { + name = "ms-surface/0002-wifi"; + patch = patches + "/5.10/0002-wifi.patch"; + } + { + name = "ms-surface/0003-ipts"; + patch = patches + "/5.10/0003-ipts.patch"; + } + { + name = "ms-surface/0004-surface-gpe"; + patch = patches + "/5.10/0004-surface-gpe.patch"; + } + { + name = "ms-surface/0005-surface-sam-over-hid"; + patch = patches + "/5.10/0005-surface-sam-over-hid.patch"; + } + { + name = "ms-surface/0006-surface-sam"; + patch = patches + "/5.10/0006-surface-sam.patch"; + } + { + name = "ms-surface/0007-surface-hotplug"; + patch = patches + "/5.10/0007-surface-hotplug.patch"; + } + { + name = "ms-surface/0008-surface-typecover"; + patch = patches + "/5.10/0008-surface-typecover.patch"; + } + { + name = "ms-surface/0009-cameras"; + patch = patches + "/5.10/0009-cameras.patch"; + } + ]; +in (with pkgs; recurseIntoAttrs (linuxPackagesFor ( + callPackage ./linux-5.10.2.nix { + kernelPatches = surface_kernelPatches; + } + ))) diff --git a/modules/nixos-hardware/microsoft/surface/kernel/linux-5.10.2/linux-5.10.2.nix b/modules/nixos-hardware/microsoft/surface/kernel/linux-5.10.2/linux-5.10.2.nix new file mode 100644 index 000000000000..411a88d92934 --- /dev/null +++ b/modules/nixos-hardware/microsoft/surface/kernel/linux-5.10.2/linux-5.10.2.nix @@ -0,0 +1,18 @@ +{ stdenv, buildPackages, fetchurl, perl, buildLinux, modDirVersionArg ? null, ... } @ args: + +with stdenv.lib; + +buildLinux (args // rec { + version = "5.10.2"; + + # modDirVersion needs to be x.y.z, will automatically add .0 if needed + modDirVersion = if (modDirVersionArg == null) then concatStringsSep "." (take 3 (splitVersion "${version}.0")) else modDirVersionArg; + + # branchVersion needs to be x.y + extraMeta.branch = versions.majorMinor version; + + src = fetchurl { + url = "mirror://kernel/linux/kernel/v5.x/linux-${version}.tar.xz"; + sha256 = "18l1ywp99inm90434fm74w8rjfl4yl974kfcpizg2sp2p8xf311v"; + }; +} // (args.argsOverride or {})) diff --git a/modules/nixos-hardware/microsoft/surface/repos.nix b/modules/nixos-hardware/microsoft/surface/repos.nix new file mode 100644 index 000000000000..86424162e399 --- /dev/null +++ b/modules/nixos-hardware/microsoft/surface/repos.nix @@ -0,0 +1,8 @@ +{ lib, pkgs, fetchgit }: +{ + linux-surface = fetchgit { + url="https://github.com/linux-surface/linux-surface.git"; + rev="25ab2cf75e5eda5ab9739db1907300010c06dacf"; + sha256="0h8624d7ix1p6ysw9bllmnnwnv164z8xkx56zj3vdczn91vmqcf9"; + }; +} diff --git a/modules/nixos-hardware/pcengines/apu/default.nix b/modules/nixos-hardware/pcengines/apu/default.nix new file mode 100644 index 000000000000..521887fe600b --- /dev/null +++ b/modules/nixos-hardware/pcengines/apu/default.nix @@ -0,0 +1,8 @@ +{ + boot.kernelParams = [ "console=ttyS0,115200n8" ]; + boot.loader.grub.extraConfig = " + serial --speed=115200 --unit=0 --word=8 --parity=no --stop=1 + terminal_input serial + terminal_output serial + "; +} diff --git a/modules/nixos-hardware/purism/librem/13v3/README.md b/modules/nixos-hardware/purism/librem/13v3/README.md new file mode 100644 index 000000000000..b4bae0b2f886 --- /dev/null +++ b/modules/nixos-hardware/purism/librem/13v3/README.md @@ -0,0 +1,87 @@ +This config is for [Librem 13v3](https://puri.sm/products/librem-13/) and [15v3](https://puri.sm/products/librem-15/) Laptops from Purism. + + +Librem comes with Coreboot + SeaBIOS payload. That means EFI boot is not +possible. Use `fdisk` to partition hard drive, and GRUB as a bootloader: + +```nix +{ + boot.loader.grub = { + enable = true; + device = "/dev/sda"; + version = 2; + }; +} +``` + +## Adding a PureOS partition to the GRUB menu + +I first assume that `boot.loader.grub.useOSProber = true;` should be sufficient. +However GRUB was not able to identify the disks correctly and it took me several +reinstallation till setting `boot.loader.grub.fsIdentifier= "provided";` and using +boot.loader.grub.extraEntries allowed me to dual boot NixOS and PureOS. + +Be aware that each time the PureOS updates the /boot/grub/grub.cfg you will be unable +to boot into NixOS unless you patch grub.cfg manually again. + +Therefore: If you want to be able to boot into your old PureOS distribution +add the following lines, assuming that you have a separate boot partition +Adapt linux version and the UUID to your disk!! + + +```nix +{ + boot.loader.grub.useOSProber = false; + boot.loader.grub.fsIdentifier= "provided"; + boot.loader.grub.extraEntries = '' + menuentry "PureOS with linux 4.19.0-5-amd64 on /dev/sdb2 " { + insmod gzio + if [ x$grub_platform = xxen ]; then insmod xzio; insmod lzopio; fi + insmod part_msdos + insmod ext2 + set root='hd0,msdos1' + if [ x$feature_platform_search_hint = xy ]; then + search --no-floppy --fs-uuid --set=root --hint-bios=hd0,msdos1 --hint-efi=hd0,msdos1 --hint-baremetal=ahci0,msdos1 ef7a4dcf-8cc4-4870-b860-3ed64906f9b9 + else + search --no-floppy --fs-uuid --set=root ef7a4dcf-8cc4-4870-b860-3ed64906f9b9 + fi + linux /vmlinuz-4.19.0-5-amd64 root=UUID=43899f26-04f2-4ccb-b52a-c9441f1a1a6d ro quiet splash resume=UUID=923317f8-d8bb-4e1f-bca3-f36a556de609 # $vt_handoff + initrd /initrd.img-4.19.0-5-amd64 + }; +} +``` + +## Automatically lock the desktop when removing the librem key + +The [instructions](https://docs.puri.sm/Librem_Key/Getting_Started/User_Manual.html#automatically-lock-the-desktop-when-removing-the-librem-key) to lock the screen after unplugging the [Librem Key](https://puri.sm/products/librem-key/#overview) don't work under NixOS. + +This snippet works on my Librem 15v3 laptop running KDE without wayland and is using the xlock from the package xlockmore. + +```nix +{ pkgs, services , systemd, ... }: +let + libremScreenSaver = pkgs.writeScriptBin "libremScreenSaver" '' + #!${pkgs.bash}/bin/bash + user=`ps aux | egrep "start_kdeinit|gdm-(wayland|x)-session"| head -n 1 | awk '{print $1}'` + if [ -n "$user" ]; then + sudo -u $user DISPLAY=:0 xlock 2>&1 | logger lockScreen for user $user + else + logger libremScreenSaver failed to find a user. Not running KDE? + fi + ''; + +in { + services.udev.path = [ pkgs.procps pkgs.logger pkgs.gawk pkgs.xlockmore ]; + services.udev.extraRules = '' + ACTION=="remove", ENV{PRODUCT}=="316d/4c4b/101" RUN+="${pkgs.systemd}/bin/systemctl --no-block start lockScreen@%k.service" + ''; + systemd.services."lockScreen@" = { + bindsTo = [ "dev-%i.device"] ; + path = [ pkgs.procps pkgs.logger pkgs.sudo pkgs.xlockmore pkgs.gawk ] ; + serviceConfig = { + Type = "oneshot"; # was simple + ExecStart = "${libremScreenSaver}/bin/libremScreenSaver %I"; + }; + }; +} +``` diff --git a/modules/nixos-hardware/purism/librem/13v3/default.nix b/modules/nixos-hardware/purism/librem/13v3/default.nix new file mode 100644 index 000000000000..89ae07e4e693 --- /dev/null +++ b/modules/nixos-hardware/purism/librem/13v3/default.nix @@ -0,0 +1,13 @@ +{ + imports = [ + ../../../common/cpu/intel + ../../../common/pc/laptop + ]; + + # https://github.com/systemd/systemd/pull/9318 + services.udev.extraHwdb = '' + # Purism Librem 13 V3 + evdev:atkbd:dmi:bvn*:bvr*:bd*:svnPurism*:pn*Librem13v3*:pvr* + KEYBOARD_KEY_56=backslash + ''; +} diff --git a/modules/nixos-hardware/purism/librem/15v3 b/modules/nixos-hardware/purism/librem/15v3 new file mode 120000 index 000000000000..feb0d06fafda --- /dev/null +++ b/modules/nixos-hardware/purism/librem/15v3 @@ -0,0 +1 @@ +13v3/ \ No newline at end of file diff --git a/modules/nixos-hardware/raspberry-pi/2/README.org b/modules/nixos-hardware/raspberry-pi/2/README.org new file mode 100644 index 000000000000..842919b1acf4 --- /dev/null +++ b/modules/nixos-hardware/raspberry-pi/2/README.org @@ -0,0 +1,23 @@ +** Status + +The code in master as of June 2015 should be able to prepare a bootable NixOS +for Raspberry PI 2. + +There are still some drawbacks: + +NixOS does not provide a /boot/config.txt (the FAT32 partition). Making NixOS +work in the Raspberry PI 2 is mainly the result of the recent work of ambro718, +Dezgeg and viric (#nixos@irc.freenode.net). + +** Download + +If you want to test, you can flash this 4GB SD image (DOS partition table + +fat32 + ext4 rootfs): + +magnet:?xt=urn:btih:0def3f6acb3bceddb22cb24098f58e40e2853ec2&dn=rpi2-nixos-4b09501f2-img.xz&tr=udp%3A%2F%2Fopen.demonii.com%3A1337&tr=udp%3A%2F%2Ftracker.openbittorrent.com%3A80 + +Then you should be able to nixos-rebuild any configuration.nix changes. + +The image is the result of a "nixos-install" alone. No root password has been +set, and it does not include a nixpkgs checkout or channel. In fact I (viric) +created the FS into a NBD, not a real SD, to create this image. diff --git a/modules/nixos-hardware/raspberry-pi/2/default.nix b/modules/nixos-hardware/raspberry-pi/2/default.nix new file mode 100644 index 000000000000..4774c15fe84f --- /dev/null +++ b/modules/nixos-hardware/raspberry-pi/2/default.nix @@ -0,0 +1,31 @@ +{ lib, pkgs, ...}: + +{ + boot = { + consoleLogLevel = lib.mkDefault 7; + kernelPackages = lib.mkDefault pkgs.linuxPackages_rpi2; + kernelParams = [ + "dwc_otg.lpm_enable=0" + "console=ttyAMA0,115200" + "rootwait" + "elevator=deadline" + ]; + loader = { + grub.enable = lib.mkDefault false; + generationsDir.enable = lib.mkDefault false; + raspberryPi = { + enable = lib.mkDefault true; + version = lib.mkDefault 2; + }; + }; + }; + + nix.buildCores = 4; + + nixpkgs.config.platform = lib.systems.platforms.raspberrypi2; + + # cpufrequtils doesn't build on ARM + powerManagement.enable = lib.mkDefault false; + + services.openssh.enable = lib.mkDefault true; +} diff --git a/modules/nixos-hardware/samsung/np900x3c/README.wiki b/modules/nixos-hardware/samsung/np900x3c/README.wiki new file mode 100644 index 000000000000..e9fc58b8613b --- /dev/null +++ b/modules/nixos-hardware/samsung/np900x3c/README.wiki @@ -0,0 +1,94 @@ += Overview = + +Most of the features seem to be working with Linux >= 3.9 + +== Hardware == + +* CPU Intel(R) Core(TM) i5-3317U CPU @ 1.70GHz +* RAM 4 GB +* HDD 128GB SSD +* Screen 13.3-Inch Screen +* Graphics Intel HD Graphics 4000, Ivy bridge + += Configuration = + +Full configurations is in my +[https://raw.github.com/grwlf/nixpkgs/local/machines/samsung-np900x3c-v2.nix nixpkgs branch]. Note, it requires several local packages. + +=== Touchpad === + +Touchpad is detected as 'ETPS/2 Elantech Touchpad'. xf86-input-synaptics handles +it well. Corresponding config lines: + +<pre> + services.xserver = { + synaptics = { + enable = true; + accelFactor = "0.05"; + maxSpeed = "10"; + twoFingerScroll = true; + additionalOptions = + '' + MatchProduct "ETPS" + Option "FingerLow" "3" + Option "FingerHigh" "5" + Option "FingerPress" "30" + Option "MaxTapTime" "100" + Option "MaxDoubleTapTime" "150" + Option "FastTaps" "1" + Option "VertTwoFingerScroll" "1" + Option "HorizTwoFingerScroll" "1" + Option "TrackstickSpeed" "0" + Option "LTCornerButton" "3" + Option "LBCornerButton" "2" + Option "CoastingFriction" "20" + ''; + }; + }; +</pre> + +=== Wireless === + +System requires iwlwifi-6000g2b-6.ucode in order to work. I've extracted the +file from some debian package and placed it into /root/firmware. Corresponding +config settings: + +<pre> + hardware.firmware = [ "/root/firmware" ]; +</pre> + += Problems = +There are some. See + +* [http://ubuntuforums.org/showthread.php?t=1737086 Ubuntu thread] +* [http://bugzilla.kernel.org/show_bug.cgi?id=44161 Kernel.org bug] +* [http://jablonskis.org/2012/linux-and-samsung-series-laptop-9-fn-keys/ jablonskis.org] + +=== BIOS problems === +I had to disable SSD boot completely in order to boot from USB. Just changing boot priority didn't help. + +Fix: Update BIOS up to recent version + +=== Battery === +Battery charging/discharging indicator doesn't work good. + +Fix: Update BIOS up to recent version + +=== Lid === +Acpi thinks lid is always open +<pre> +[ierton@greyblade:~]$ cat /proc/acpi/button/lid/LID0/state +state: open +</pre> + +Related [https://bugzilla.kernel.org/show_bug.cgi?id=44161 Kernel bug #44161] + +=== Multimedia keys === +* rfkill/fanless don't work +* volume up/down don't work +* brightness up/down work, but release is broken +* touchpad disable works + +Related discussion on +[http://jablonskis.org/2012/linux-and-samsung-series-laptop-9-fn-keys/ jablonskis.org] + diff --git a/modules/nixos-hardware/samsung/np900x3c/default.nix b/modules/nixos-hardware/samsung/np900x3c/default.nix new file mode 100644 index 000000000000..ced3d7013dd8 --- /dev/null +++ b/modules/nixos-hardware/samsung/np900x3c/default.nix @@ -0,0 +1,7 @@ +# TODO: use ../../common/pc/laptop + +{ lib, ... }: + +{ + services.xserver.synaptics.enable = lib.mkDefault true; +} diff --git a/modules/nixos-hardware/supermicro/a1sri-2758f/default.nix b/modules/nixos-hardware/supermicro/a1sri-2758f/default.nix new file mode 100644 index 000000000000..3ffdc0c6e6d2 --- /dev/null +++ b/modules/nixos-hardware/supermicro/a1sri-2758f/default.nix @@ -0,0 +1,9 @@ +# http://www.supermicro.com/products/motherboard/Atom/X10/A1SRi-2758F.cfm +# This board contains a TPM header, but you must supply your own module. + +{ pkgs, ... }: + +{ + boot.kernelModules = [ "ipmi_devintf" "ipmi_si" ]; + environment.systemPackages = [ pkgs.ipmitool ]; +} diff --git a/modules/nixos-hardware/supermicro/x10sll-f/default.nix b/modules/nixos-hardware/supermicro/x10sll-f/default.nix new file mode 100644 index 000000000000..10c6cc016035 --- /dev/null +++ b/modules/nixos-hardware/supermicro/x10sll-f/default.nix @@ -0,0 +1,12 @@ +{ config, pkgs, ... }: + +{ + environment.systemPackages = with pkgs; [ ipmitool ]; + + boot.kernelModules = [ "jc42" "ipmi_devintf" "ipmi_si" "tpm_rng" ]; + + # services.cron.systemCronJobs = [ + # # Reset 5-minute watchdog timer every minute + # "* * * * * ${pkgs.ipmitool}/bin/ipmitool raw 0x30 0x97 1 5" + # ]; +} diff --git a/modules/nixos-hardware/tests/build-profile.nix b/modules/nixos-hardware/tests/build-profile.nix new file mode 100644 index 000000000000..c4509d36ad33 --- /dev/null +++ b/modules/nixos-hardware/tests/build-profile.nix @@ -0,0 +1,19 @@ +{ profile }: + +let + shim = { + boot.loader.systemd-boot.enable = true; + + fileSystems."/" = { + device = "/dev/disk/by-uuid/00000000-0000-0000-0000-000000000000"; + fsType = "btrfs"; + }; + + nixpkgs.config = { + allowBroken = true; + allowUnfree = true; + }; + }; +in (import <nixpkgs/nixos> { + configuration.imports = [ profile shim ]; +}).system diff --git a/modules/nixos-hardware/tests/run.py b/modules/nixos-hardware/tests/run.py new file mode 100755 index 000000000000..2f514d128907 --- /dev/null +++ b/modules/nixos-hardware/tests/run.py @@ -0,0 +1,116 @@ +#!/usr/bin/env nix-shell +#!nix-shell --quiet -p nix -p python3 -i python + +import argparse +import multiprocessing +import re +import subprocess +import sys +from functools import partial +from pathlib import Path +from typing import List, Tuple + +TEST_ROOT = Path(__file__).resolve().parent +ROOT = TEST_ROOT.parent + +GREEN = "\033[92m" +RED = "\033[91m" +RESET = "\033[0m" + + +def parse_readme() -> List[str]: + profiles = set() + with open(ROOT.joinpath("README.md")) as f: + for line in f: + results = re.findall(r"<nixos-hardware/[^>]+>", line) + profiles.update(results) + return list(profiles) + + +def build_profile( + profile: str, verbose: bool +) -> Tuple[str, subprocess.CompletedProcess]: + # Hard-code this for now until we have enough other architectures to care about this. + system = "x86_64-linux" + if "raspberry-pi/2" in profile: + system = "armv7l-linux" + + cmd = [ + "nix", + "build", + "-f", + "build-profile.nix", + "-I", + f"nixos-hardware={ROOT}", + "--show-trace", + "--system", + system, + "--arg", + "profile", + profile, + ] + + # uses import from derivation + if profile != "<nixos-hardware/toshiba/swanky>": + cmd += ["--dry-run"] + if verbose: + print(f"$ {' '.join(cmd)}") + res = subprocess.run( + cmd, cwd=TEST_ROOT, stdout=subprocess.PIPE, stderr=subprocess.PIPE, text=True, + ) + return (profile, res) + + +def parse_args() -> argparse.Namespace: + parser = argparse.ArgumentParser(description="Run hardware tests") + parser.add_argument( + "--jobs", + type=int, + default=multiprocessing.cpu_count(), + help="Number of parallel evaluations." + "If set to 1 it disable multi processing (suitable for debugging)", + ) + parser.add_argument( + "--verbose", action="store_true", help="Print evaluation commands executed", + ) + parser.add_argument("profiles", nargs="*") + return parser.parse_args() + + +def main() -> None: + args = parse_args() + if len(args.profiles) == 0: + profiles = parse_readme() + else: + profiles = args.profiles + + failed_profiles = [] + + def eval_finished(args: Tuple[str, subprocess.CompletedProcess]) -> None: + profile, res = args + if res.returncode == 0: + print(f"{GREEN}OK {profile}{RESET}") + else: + print(f"{RED}FAIL {profile}:{RESET}", file=sys.stderr) + if res.stdout != "": + print(f"{RED}{res.stdout.rstrip()}{RESET}", file=sys.stderr) + print(f"{RED}{res.stderr.rstrip()}{RESET}", file=sys.stderr) + failed_profiles.append(profile) + + build = partial(build_profile, verbose=args.verbose) + if len(profiles) == 0 or args.jobs == 1: + for profile in profiles: + eval_finished(build(profile)) + else: + pool = multiprocessing.Pool(processes=args.jobs) + for r in pool.imap(build, profiles): + eval_finished(r) + if len(failed_profiles) > 0: + print(f"\n{RED}The following {len(failed_profiles)} test(s) failed:{RESET}") + for profile in failed_profiles: + print(f"{sys.argv[0]} '{profile}'") + sys.exit(1) + + +if __name__ == "__main__": + main() diff --git a/modules/nixos-hardware/toshiba/swanky/README.md b/modules/nixos-hardware/toshiba/swanky/README.md new file mode 100644 index 000000000000..ab4c072c6b09 --- /dev/null +++ b/modules/nixos-hardware/toshiba/swanky/README.md @@ -0,0 +1,66 @@ +# Toshiba Chromebook 2 `swanky` + +There might be a way to install NixOS without hardware modifications (via +enabled developer mode and SeaBIOS boot on Ctrl+L), however I'd highly +recommend replacing Google's Coreboot payload with Tianocore: that allows for +proper virtualization, suspend, removes annoying developer mode screen, and +generally just works much better. + +These instructions carry some risk of bricking your device, since you'll be +reflashing BIOS. Risk is rather low, but please for the love of god make a BIOS +backup and store it someplace safe. That's the only way to reinstall ChromeOS +back after this procedure (BIOS image has licensing info), and it's much easier +to use a known good state to unbrick the laptop if things go wrong. + +If you ever get unlucky, you can unbrick your device using Raspberry Pi, +some cables and a SOIC clip, see: +http://sicarul.com/how-to-un-brick-your-toshiba-chromebook-2-gandof-without-invoking-any-demons/ + +## Enable developer mode + +This will wipe all user data and settings from the laptop. + +Power off, then hold ESC + Refresh (F3) and abruptly press power button. You +should see "Chrome OS is missing or damaged" message. Press Ctrl+D. Press enter +at the next screen, then press Ctrl+D again. Wait until the laptop boots into +ChromeOS, then power it off. + +## Disable hardware-backed BIOS write protection + +Follow the first part of the guide at: +https://github.com/brendenyule/NativeToshibaCB2Guide/wiki/Remove-Write-Protect + +Ignore SeaBIOS section. I also used some ductape over #5 to make sure that +metallic motherboard shield would not re-enable write protection. + +## Flash Coreboot + Tianocore BIOS + +Prepare a FAT32-formatted flash drive for BIOS backup in advance. + +Go through ChromeOS installation dialogues until you have network access and +are able to log into a guest session. Open Chrome, press Ctrl+Alt+T to open +`crosh`, type in `shell` to get a real shell. Then, run: + +``` +$ cd ~ +$ curl -LO https://mrchromebox.tech/firmware-util.sh +$ sudo bash firmware-util.sh +``` + +Choose "Install/Update Full ROM Firmware" option and follow instructions. +Do not skip BIOS backup! + +Documentation: https://mrchromebox.tech/#fwscript + +## Enable hardware-backed BIOS write protection + +This is a cool security feature, so after flashing Coreboot + Tianocore BIOS +and making sure new BIOS works, consider re-enabling BIOS protection. Just put +in the missing screw #5. + +## Install NixOS + +`dd` an image on a flash drive, partition the drive, etc. On some later models, +you can swap SSD with any other 2242 M.2 SATA SSD, but on `swanky`, you have +to live with what you have (16GB eMMC). I recommend `256MB` for EFI partition, +and the rest for `/`. diff --git a/modules/nixos-hardware/toshiba/swanky/default.nix b/modules/nixos-hardware/toshiba/swanky/default.nix new file mode 100644 index 000000000000..8361df66e53f --- /dev/null +++ b/modules/nixos-hardware/toshiba/swanky/default.nix @@ -0,0 +1,27 @@ +{ lib, pkgs, ... }: + +let + ucm = pkgs.fetchzip { + url = "https://github.com/plbossart/UCM/archive/2050ca78a4d1a853d1ba050b591f42e6f97adfc0.tar.gz"; + sha256 = "1rs4mpz3b965nmz0yhy6j4ga3fdz320qnpkd7d61nvpv9c3i6zwj"; + }; +in + +{ + imports = [ + ../../common/cpu/intel + ../../common/pc/laptop + ]; + + # Required for screen brightness control: + boot.kernelParams = [ "acpi_backlight=vendor" ]; + + # Sound requires a custom UCM config: + system.replaceRuntimeDependencies = [{ + original = pkgs.alsaLib; + + replacement = pkgs.alsaLib.overrideAttrs (super: { + postFixup = "cp -r ${ucm}/chtmax98090 $out/share/alsa/ucm"; + }); + }]; +} diff --git a/modules/nixos-hardware/tuxedo/infinitybook/v4/default.nix b/modules/nixos-hardware/tuxedo/infinitybook/v4/default.nix new file mode 100644 index 000000000000..36450bf52680 --- /dev/null +++ b/modules/nixos-hardware/tuxedo/infinitybook/v4/default.nix @@ -0,0 +1,5 @@ +{ + boot.kernelParams = [ + "i8042.reset" + ]; +} diff --git a/modules/persistence/bluetooth/default.nix b/modules/persistence/bluetooth/default.nix new file mode 100644 index 000000000000..ddb4d7da706b --- /dev/null +++ b/modules/persistence/bluetooth/default.nix @@ -0,0 +1,14 @@ +{ config, lib, ... }: + +{ + config = lib.mkIf config.hardware.bluetooth.enable { + fileSystems."/var/lib/bluetooth" = { + device = "/persist/safe/var/lib/bluetooth"; + options = [ "bind" ]; + }; + + systemd.tmpfiles.rules = [ + "d /persist/safe/var/lib/bluetooth 0700" + ]; + }; +} diff --git a/modules/persistence/default.nix b/modules/persistence/default.nix new file mode 100644 index 000000000000..d5fbed56c08c --- /dev/null +++ b/modules/persistence/default.nix @@ -0,0 +1,7 @@ +{ ... }: + +{ + imports = [ + ./bluetooth ./networkmanager ./nixos ./postfix ./restic ./systemd + ]; +} diff --git a/modules/persistence/networkmanager/default.nix b/modules/persistence/networkmanager/default.nix new file mode 100644 index 000000000000..6d857559992f --- /dev/null +++ b/modules/persistence/networkmanager/default.nix @@ -0,0 +1,18 @@ +{ config, lib, ... }: + +{ + config = lib.mkIf config.networking.networkmanager.enable { + environment.etc."NetworkManager/system-connections".source = + "/persist/safe/etc/NetworkManager/system-connections"; + + fileSystems."/var/lib/NetworkManager" = { + device = "/persist/safe/var/lib/NetworkManager"; + options = [ "bind" ]; + }; + + systemd.tmpfiles.rules = [ + "d /persist/safe/etc/NetworkManager/system-connections 0700" + "d /persist/safe/var/lib/NetworkManager 0700" + ]; + }; +} diff --git a/modules/persistence/nixos/default.nix b/modules/persistence/nixos/default.nix new file mode 100644 index 000000000000..9c2acb6bb19f --- /dev/null +++ b/modules/persistence/nixos/default.nix @@ -0,0 +1,7 @@ +{ ... }: + +{ + systemd.tmpfiles.rules = [ + "L+ /var/lib/nixos - - - - /persist/safe/var/lib/nixos" + ]; +} diff --git a/modules/persistence/postfix/default.nix b/modules/persistence/postfix/default.nix new file mode 100644 index 000000000000..fd64608ec9c7 --- /dev/null +++ b/modules/persistence/postfix/default.nix @@ -0,0 +1,9 @@ +{ config, lib, ... }: + +{ + config = lib.mkIf (with config.services.postfix; enable && mapFiles ? sasl_passwd) { + systemd.tmpfiles.rules = [ + "L+ /var/lib/postfix - - - - /persist/safe/var/lib/postfix" + ]; + }; +} diff --git a/modules/persistence/restic/default.nix b/modules/persistence/restic/default.nix new file mode 100644 index 000000000000..5c06e4046959 --- /dev/null +++ b/modules/persistence/restic/default.nix @@ -0,0 +1,16 @@ +{ ... }: + +{ + systemd.tmpfiles.rules = [ + "L+ /etc/restic - - - - /persist/safe/etc/restic" + ]; + + services.restic.backups = { + scaleway = { + repository = "s3:https://s3.nl-ams.scw.cloud/swipe-stammer"; + passwordFile = "/etc/restic/scaleway/password"; + environmentFile = "/etc/restic/scaleway/env"; + paths = [ "/persist/safe" ]; + }; + }; +} diff --git a/modules/persistence/systemd/default.nix b/modules/persistence/systemd/default.nix new file mode 100644 index 000000000000..ac0c53a05535 --- /dev/null +++ b/modules/persistence/systemd/default.nix @@ -0,0 +1,14 @@ +{ ... }: + +{ + fileSystems."/etc/machine-id" = { + device = "/persist/safe/etc/machine-id"; + options = [ "bind" ]; + neededForBoot = true; + }; + + fileSystems."/var/log/journal" = { + device = "/persist/safe/var/log/journal"; + options = [ "bind" ]; + }; +} diff --git a/modules/server/acme/default.nix b/modules/server/acme/default.nix new file mode 100644 index 000000000000..38f92c865ea2 --- /dev/null +++ b/modules/server/acme/default.nix @@ -0,0 +1,8 @@ +{ ... }: + +{ + security.acme.acceptTerms = true; + + # TODO: email to root? + security.acme.defaults.email = "hi@alyssa.is"; +} diff --git a/modules/server/bitfolk/default.nix b/modules/server/bitfolk/default.nix new file mode 100644 index 000000000000..d5b54109fa05 --- /dev/null +++ b/modules/server/bitfolk/default.nix @@ -0,0 +1,15 @@ +{ ... }: + +{ + boot.initrd.availableKernelModules = [ "xen_blkfront" ]; + + systemd.enableEmergencyMode = false; + + # Bitfolk provides its own GRUB, so we need to give it a grub.cfg + # but don't need to actually install GRUB anywhere. + boot.loader.grub.enable = true; + boot.loader.grub.device = "nodev"; + + networking.dhcpcd.enable = false; +} + diff --git a/modules/server/cgit/default.nix b/modules/server/cgit/default.nix new file mode 100644 index 000000000000..aba0d1b54c5d --- /dev/null +++ b/modules/server/cgit/default.nix @@ -0,0 +1,133 @@ +{ lib, pkgs, config, ... }: + +let + inherit (builtins) split; + inherit (lib) flip foldr groupBy head literalExpression mapAttrs + mapAttrs' mapAttrsToList mdDoc mkOption nameValuePair optionalAttrs types; + + cfg = config.services.cgit-qyliss; + + instancesByVhost = groupBy ({ value, ... }: value.vhost) + (mapAttrsToList nameValuePair cfg.instances); + + vhostConfigs = mapAttrs (vhost: instances: + foldr (l: r: l // r) {} (map ({ name, value }: let + unslashedPath = head (split "/+$" value.path); + # We'll be dealing almost exclusively with paths ending in /, + # since otherwise Nginx likes to do simple prefix matching. + path = "${unslashedPath}/"; + in { + locations = { + ${path} = { + alias = "${value.package}/cgit/"; + tryFiles = "$uri @${name}-cgit"; + }; + "@${name}-cgit" = { + proxyPass = "http://unix:/run/cgit/${name}.sock"; + }; + } // optionalAttrs (unslashedPath != "") { + ${unslashedPath} = { + return = "301 ${path}"; + }; + }; + + extraConfig = '' + if ($http_user_agent = "my-tiny-bot") { + return 429; + } + if ($http_user_agent = "thesis-research-bot") { + return 429; + } + ''; + }) instances) + ) instancesByVhost; +in + +{ + options.services.cgit-qyliss = { + instances = mkOption { + type = types.attrsOf (types.submodule { + options = { + vhost = mkOption { + type = types.str; + example = "spectrum-os.org"; + description = mdDoc "Nginx vhost for the cgit"; + }; + + path = mkOption { + type = types.strMatching "/(.*[^/])?"; + default = "/"; + example = "/git"; + description = mdDoc '' + Path to be appended to all cgit URLs. + + Leading slashes are mandatory; trailing slashes are forbidden. + ''; + }; + + package = mkOption { + type = types.package; + default = pkgs.cgit; + defaultText = literalExpression "pkgs.cgit"; + description = mdDoc "cgit package to use"; + }; + + config = mkOption { + type = types.package; + description = mdDoc '' + Configuration file for cgit. See + <citerefentry><refentrytitle>cgitrc</refentrytitle> + <manvolnum>5</manvolnum></citerefentry>. + ''; + }; + }; + }); + default = {}; + description = mdDoc "List of cgit instances to run"; + }; + }; + + config = { + services.nginx.virtualHosts = vhostConfigs; + + systemd.services = flip mapAttrs' cfg.instances (name: instance: { + name = "lighttpd-${name}@"; + value = { + unitConfig.CollectMode = "inactive-or-failed"; + serviceConfig.StandardInput = "socket"; + serviceConfig.StandardOutput = "socket"; + serviceConfig.StandardError = "journal"; + serviceConfig.DynamicUser = true; + serviceConfig.Type = "oneshot"; + serviceConfig.TimeoutSec = "30"; + serviceConfig.ExecStart = "${lib.getExe pkgs.lighttpd} -1 -f ${pkgs.writeText "lighttpd-${name}.conf" '' + server.modules = ( "mod_alias", "mod_setenv", "mod_cgi" ) + + server.document-root = "/var/empty" + + alias.url = ( + "${if instance.path == "/" then "" else instance.path}" => + "${instance.package}/cgit/cgit.cgi" + ) + + cgi.assign = ( + "cgit.cgi" => "${instance.package}/cgit/cgit.cgi" + ) + + setenv.add-environment = ( + "CGIT_CONFIG" => "${instance.config}" + ) + ''}"; + }; + }); + + systemd.sockets = flip mapAttrs' cfg.instances (name: instance: { + name = "lighttpd-${name}"; + value = { + wantedBy = [ "sockets.target" ]; + socketConfig.ListenStream = "/run/cgit/${name}.sock"; + socketConfig.Accept = "yes"; + }; + }); + }; +} diff --git a/modules/server/default.nix b/modules/server/default.nix new file mode 100644 index 000000000000..f59ea9662667 --- /dev/null +++ b/modules/server/default.nix @@ -0,0 +1,13 @@ +{ pkgs, ... }: + +{ + imports = [ ../nix ../ssh ../users ]; + + security.sudo.wheelNeedsPassword = false; + + networking.firewall.logRefusedConnections = false; + + i18n.defaultLocale = "C.UTF-8"; + + environment.systemPackages = with pkgs; [ htop ncdu ]; +} diff --git a/modules/server/dns/default.nix b/modules/server/dns/default.nix new file mode 100644 index 000000000000..ae36f06a2f80 --- /dev/null +++ b/modules/server/dns/default.nix @@ -0,0 +1,7 @@ +{ ... }: + +{ + networking.nameservers = [ "127.0.0.1" ]; + + services.unbound.enable = true; +} diff --git a/modules/server/ftp/default.nix b/modules/server/ftp/default.nix new file mode 100644 index 000000000000..5fbf3f82877c --- /dev/null +++ b/modules/server/ftp/default.nix @@ -0,0 +1,49 @@ +{ pkgs, lib, config, ... }: + +with lib; + +let + cfg = config.ftp; +in + +{ + options = { + ftp = { + files = mkOption { + default = {}; + type = with types; attrsOf path; + description = mdDoc '' + Files to serve on https://ftp.qyliss.net/ + ''; + example = literalExample '' + { + "foo/bar.txt" = pkgs.writeText "bar.txt" '''' + Hello, world! + ''''; + } + ''; + }; + }; + }; + + config = { + services.nginx.virtualHosts."ftp.qyliss.net" = { + forceSSL = true; + useACMEHost = "qyliss.net"; + + root = pkgs.runCommand "ftp.qyliss.net" {} '' + mkdir $out + ${concatStrings (mapAttrsToList (httpPath: diskPath: '' + mkdir -p "$out/$(dirname ${escapeShellArg httpPath})" + ln -s ${escapeShellArg diskPath} $out/${escapeShellArg httpPath} + '') cfg.files)} + ''; + + extraConfig = '' + autoindex on; + ''; + }; + + security.acme.certs."qyliss.net".extraDomainNames = [ "ftp.qyliss.net" ]; + }; +} diff --git a/modules/server/git-http-backend/default.nix b/modules/server/git-http-backend/default.nix new file mode 100644 index 000000000000..32e20e603e61 --- /dev/null +++ b/modules/server/git-http-backend/default.nix @@ -0,0 +1,106 @@ +{ lib, pkgs, config, ... }: + +let + inherit (builtins) split; + inherit (lib) flip foldr groupBy head literalExpression mapAttrs mapAttrs' + mapAttrsToList mdDoc mkOption nameValuePair optionalAttrs types; + + cfg = config.services.git-http-backend; + + instancesByVhost = groupBy ({ value, ... }: value.vhost) + (mapAttrsToList nameValuePair cfg.instances); + + vhostConfigs = mapAttrs (vhost: instances: + foldr (l: r: l // r) {} (map ({ name, value }: let + path = head (split "/+$" value.path); + pathRegex = + "^${path}/.*?(\.git)?/(HEAD|info/refs|git-(upload|receive)-pack)$"; + in { + locations = { + "~ ${pathRegex}" = { + proxyPass = "http://unix:/run/cgiserver/git-http-backend/${name}.sock"; + + extraConfig = '' + client_max_body_size 0; + proxy_read_timeout 3600; + proxy_send_timeout 3600; + ''; + }; + }; + }) instances) + ) instancesByVhost; +in + +{ + options.services.git-http-backend = { + package = mkOption { + type = types.package; + default = pkgs.gitMinimal; + description = mdDoc "git package to use"; + }; + + instances = mkOption { + type = types.attrsOf (types.submodule { + options = { + vhost = mkOption { + type = types.str; + example = "spectrum-os.org"; + description = mdDoc "Nginx vhost for the git server"; + }; + + path = mkOption { + type = types.strMatching "/(.*[^/])?"; + default = "/"; + example = "/git"; + description = mdDoc '' + Path to be prepended to all clone URLs. + + Leading slashes are mandatory; trailing slashes are forbidden. + ''; + }; + + cgiserver = mkOption { + type = types.package; + default = pkgs.cgiserver; + defaultText = literalExpression "pkgs.cgiserver"; + description = mdDoc "cgiserver package to use"; + }; + + projectRoot = mkOption { + type = types.strMatching "/(.*[^/])?"; + example = "/var/www/git"; + description = mdDoc '' + Directory in which to look for git repositories. + + Leading slashes are mandatory; trailing slashes are forbidden. + ''; + }; + }; + }); + default = {}; + description = mdDoc "List of git-http-backend instances to run"; + }; + }; + + config = { + services.nginx.virtualHosts = vhostConfigs; + + systemd.services = flip mapAttrs' cfg.instances (name: instance: { + name = "git-http-backend-${name}"; + value = { + environment.GIT_HTTP_EXPORT_ALL = ""; + environment.GIT_PROJECT_ROOT = instance.projectRoot; + serviceConfig.DynamicUser = true; + serviceConfig.ExecStart = "${instance.cgiserver}/bin/cgiserver -r ${instance.path} ${cfg.package}/bin/git-http-backend"; + }; + }); + + systemd.sockets = flip mapAttrs' cfg.instances (name: instance: { + name = "git-http-backend-${name}"; + value = { + wantedBy = [ "sockets.target" ]; + socketConfig.ListenStream = "/run/cgiserver/git-http-backend/${name}.sock"; + }; + }); + }; +} diff --git a/modules/server/git/default.nix b/modules/server/git/default.nix new file mode 100644 index 000000000000..523715a363d9 --- /dev/null +++ b/modules/server/git/default.nix @@ -0,0 +1,73 @@ +# SPDX-FileCopyrightText: V <v@unfathomable.blue> +# SPDX-FileCopyrightText: 2022 Alyssa Ross <hi@alyssa.is> +# SPDX-License-Identifier: OSL-3.0 + +# Adapted from https://src.unfathomable.blue/nixos-config/tree/modules/declarative-git.nix + +{ config, lib, pkgs, ... }: + +with lib; + +let + cfg = config.declarative-git; + + repoOpts = { config, ... }: { + options = { + branch = mkOption { + default = "main"; + description = mdDoc "Branch to be the repository's HEAD"; + type = types.str; + }; + + description = mkOption { + description = mdDoc "Description of the repository."; + type = types.str; + }; + + config = mkOption { + description = mdDoc "Git configuration for the repository."; + type = types.attrs; + default = {}; + }; + + hooks = mkOption { + description = mdDoc "Git hooks for the repository."; + type = with types; attrsOf (listOf path); + default = {}; + }; + + owner = mkOption { + description = mdDoc "Name of the user to own the git repository."; + type = types.str; + default = "-"; + }; + + group = mkOption { + description = mdDoc "Name of the group for the git repository."; + type = types.str; + default = "-"; + }; + }; + }; +in { + options.declarative-git = { + repositories = mkOption { + description = mdDoc "Repositories to manage declaratively."; + type = types.attrsOf (types.submodule repoOpts); + default = {}; + }; + + hooks = mkOption { + description = mdDoc "Git hooks to apply to all declarative repositories."; + type = with types; attrsOf (listOf path); + default = {}; + }; + }; + + config.systemd.tmpfiles.packages = mapAttrsToList (path: config: + pkgs.declarative-git-repository { + inherit path; + inherit (config) branch config description owner group; + hooks = zipAttrsWith (_: concatLists) [ cfg.hooks config.hooks ]; + }) cfg.repositories; +} diff --git a/modules/server/git/nixpkgs/default.nix b/modules/server/git/nixpkgs/default.nix new file mode 100644 index 000000000000..95788318a334 --- /dev/null +++ b/modules/server/git/nixpkgs/default.nix @@ -0,0 +1,58 @@ +{ lib, pkgs, ... }: + +let + inherit (pkgs) writeText; + toGitConfig = lib.generators.toINI { listsAsDuplicateKeys = true; }; +in + +{ + users.groups.nixpkgs = {}; + + environment.etc.gitconfig.text = '' + [safe] + directory = /var/lib/git/nixpkgs.git + ''; + + systemd.tmpfiles.rules = [ + "L+ /var/lib/git/nixpkgs.git/HEAD - - - - refs/heads/master" + "L+ /var/lib/git/nixpkgs.git/config - - - - ${writeText "config" (toGitConfig { + core.repositoryformatversion = 0; + core.filemode = true; + core.bare = true; + core.sharedRepository = "world"; + "remote \"origin\"" = { + url = "https://github.com/NixOS/nixpkgs"; + fetch = [ + "+refs/heads/master:refs/remotes/origin/master" + "+refs/heads/staging:refs/remotes/origin/staging" + "+refs/heads/staging-*:refs/remotes/origin/staging-*" + "+refs/heads/nixos-*:refs/remotes/origin/nixos-*" + "+refs/heads/nixpkgs-unstable:refs/remotes/origin/nixpkgs-unstable" + "+refs/heads/nixpkgs-*-darwin:refs/remotes/origin/nixpkgs-*-darwin" + "+refs/heads/release-*:refs/remotes/origin/release-*" + ]; + }; + })}" + "d /var/lib/git/nixpkgs.git 2775 - nixpkgs" + "d /var/lib/git/nixpkgs.git/refs 2775 - nixpkgs" + "d /var/lib/git/nixpkgs.git/objects 2775 - nixpkgs" + "d /var/lib/git/nixpkgs.git/objects/pack 2775 - nixpkgs" + ]; + + systemd.services.git-fetch-nixpkgs = { + after = [ "network-online.target" ]; + requires = [ "network-online.target" ]; + serviceConfig.DynamicUser = true; + serviceConfig.Group = "nixpkgs"; + serviceConfig.ReadWritePaths = "/var/lib/git/nixpkgs.git"; + serviceConfig.ExecStart = "${pkgs.gitMinimal}/bin/git --git-dir /var/lib/git/nixpkgs.git fetch"; + serviceConfig.Type = "oneshot"; + serviceConfig.UMask = "0002"; + }; + + systemd.timers.git-fetch-nixpkgs = { + wantedBy = [ "timers.target" ]; + timerConfig.OnActiveSec = 0; + timerConfig.OnUnitActiveSec = 300; + }; +} diff --git a/modules/server/irc/default.nix b/modules/server/irc/default.nix new file mode 100644 index 000000000000..81a039ae420b --- /dev/null +++ b/modules/server/irc/default.nix @@ -0,0 +1,5 @@ +{ ... }: + +{ + imports = [ ./soju ./znc ]; +} diff --git a/modules/server/irc/soju/default.nix b/modules/server/irc/soju/default.nix new file mode 100644 index 000000000000..8e8a1dce502b --- /dev/null +++ b/modules/server/irc/soju/default.nix @@ -0,0 +1,47 @@ +{ config, lib, ... }: + +{ + networking.firewall.allowedTCPPorts = [ 6698 ]; + + services.postgresql.enable = true; + services.postgresql.ensureDatabases = [ "soju" ]; + services.postgresql.ensureUsers = [ + { + name = "soju"; + ensureDBOwnership = true; + } + ]; + + services.soju.enable = true; + services.soju.hostName = "${config.networking.hostName}.${config.networking.domain}"; + services.soju.extraConfig = '' + db postgres "dbname=soju host=/run/postgresql sslmode=disable" + message-store db + ''; + services.soju.listen = [ + "unix:///run/soju/soju.sock" + "unix+admin://" + ]; + + services.nginx.streamConfig = '' + server { + listen [::]:6698 ssl ipv6only=off; + ssl_certificate /var/lib/acme/${config.networking.domain}/fullchain.pem; + ssl_certificate_key /var/lib/acme/${config.networking.domain}/key.pem; + proxy_pass unix:/run/soju/soju.sock; + } + ''; + + systemd.services.soju.serviceConfig.DynamicUser = lib.mkForce false; + systemd.services.soju.serviceConfig.Group = "soju"; + systemd.services.soju.serviceConfig.RuntimeDirectory = "soju"; + systemd.services.soju.serviceConfig.UMask = "0007"; + systemd.services.soju.serviceConfig.User = "soju"; + + users.users.nginx.extraGroups = [ "soju" ]; + users.users.soju = { + isNormalUser = true; + group = "soju"; + }; + users.groups.soju = {}; +} diff --git a/modules/server/irc/znc/default.nix b/modules/server/irc/znc/default.nix new file mode 100644 index 000000000000..65ba8d087d83 --- /dev/null +++ b/modules/server/irc/znc/default.nix @@ -0,0 +1,31 @@ +{ config, pkgs, ... }: + +{ + services.znc.enable = true; + services.znc.useLegacyConfig = false; + services.znc.modulePackages = with pkgs; [ zncModules.playback ]; + + services.nginx.virtualHosts."znc.${config.networking.domain}" = { + forceSSL = true; + useACMEHost = "qyliss.net"; + + locations = { + "/" = { + proxyPass = "http://127.0.0.1:6667/"; + }; + }; + }; + + services.nginx.streamConfig = '' + server { + listen [::]:6697 ssl ipv6only=off; + ssl_certificate /var/lib/acme/${config.networking.domain}/fullchain.pem; + ssl_certificate_key /var/lib/acme/${config.networking.domain}/key.pem; + proxy_pass 127.0.0.1:6667; + } + ''; + + security.acme.certs."qyliss.net".extraDomainNames = [ "znc.qyliss.net" ]; + + networking.firewall.allowedTCPPorts = [ 6697 ]; +} diff --git a/modules/server/mail/default.nix b/modules/server/mail/default.nix new file mode 100644 index 000000000000..cebc16dfabe1 --- /dev/null +++ b/modules/server/mail/default.nix @@ -0,0 +1,79 @@ +{ lib, pkgs, config, ... }: + +let + inherit (pkgs) runCommand; + + mailmanCfg = config.services.mailman; +in + +{ + services.postgresql.enable = true; + services.postgresql.ensureDatabases = [ "mailman" ]; + services.postgresql.ensureUsers = [ + { + name = "mailman"; + ensureDBOwnership = true; + } + ]; + + services.mailman.enable = true; + + services.mailman.siteOwner = "postmaster@spectrum-os.org"; + services.mailman.webHosts = [ "spectrum-os.org" ]; + services.mailman.hyperkitty.enable = true; + services.mailman.hyperkitty.baseUrl = "http://localhost:18507/lists/hyperkitty/"; + services.mailman.settings.database.class = "mailman.database.postgresql.PostgreSQLDatabase"; + services.mailman.settings.database.url = "postgresql:///mailman"; + services.mailman.extraConfig = '' + + [antispam] + header_checks: + X-Spam-Flag: YES + + [logging.template] + level: debug + ''; + + services.mailman.webSettings.ADMINS = [ [ "Alyssa Ross" "hi@alyssa.is" ] ]; + services.mailman.webSettings.ALLOWED_HOSTS = [ "localhost" "127.0.0.1" "spectrum-os.org" ]; + services.mailman.webSettings.INSTALLED_APPS = [ + "hyperkitty" + "postorius" + "django_mailman3" + "django.contrib.admin" + "django.contrib.auth" + "django.contrib.contenttypes" + "django.contrib.sessions" + "django.contrib.sites" + "django.contrib.messages" + "django.contrib.staticfiles" + "rest_framework" + "django_gravatar" + "compressor" + "haystack" + "django_extensions" + "django_q" + "allauth" + "allauth.account" + "allauth.socialaccount" + ]; + services.mailman.webSettings.USE_X_FORWARDED_HOST = true; + services.mailman.webSettings.SECURE_PROXY_SSL_HEADER = [ "HTTP_X_FORWARDED_SCHEME" "https" ]; + services.mailman.webSettings.SESSION_COOKIE_SECURE = true; + services.mailman.webSettings.SECURE_CONTENT_TYPE_NOSNIFF = true; + services.mailman.webSettings.SECURE_BROWSER_XSS_FILTER = true; + services.mailman.webSettings.CSRF_COOKIE_SECURE = true; + services.mailman.webSettings.CSRF_COOKIE_HTTPONLY = true; + services.mailman.webSettings.LANGUAGE_CODE = "en-gb"; + services.mailman.webSettings.STATIC_URL = "/lists/static/"; + services.mailman.webSettings.DEFAULT_FROM_EMAIL = "postmaster@spectrum-os.org"; + services.mailman.webSettings.SERVER_EMAIL = "postmaster@spectrum-os.org"; + services.mailman.webSettings.SOCIALACCOUNT_PROVIDERS = {}; + services.mailman.webSettings.COMPRESS_CSS_HASHING_METHOD = "content"; + services.mailman.webSettings.FILTER_VHOST = true; + + systemd.services.mailman.after = [ "postgresql.service" ]; + + services.mailman.serve.enable = true; + services.mailman.serve.virtualRoot = "/lists"; +} diff --git a/modules/server/mail/public-inbox/default.nix b/modules/server/mail/public-inbox/default.nix new file mode 100644 index 000000000000..d533f98d03b9 --- /dev/null +++ b/modules/server/mail/public-inbox/default.nix @@ -0,0 +1,62 @@ +{ config, pkgs, lib, ... }: + +let + public-inbox = config.services.public-inbox.package; + + public-inbox-src = pkgs.stdenv.mkDerivation { + name = "public-inbox-${public-inbox.version}-qyliss.tar.gz"; + + inherit (public-inbox) src patches; + + doBuild = false; + + installPhase = '' + cd $NIX_BUILD_TOP + mv $sourceRoot public-inbox-${public-inbox.version}-qyliss + tar cf $out public-inbox-${public-inbox.version}-qyliss + ''; + }; + + hash = with lib; + # Safe because we're just using the hash as a file name, and don't + # need the file name itself to have a dependency on the src. + builtins.unsafeDiscardStringContext + (head (splitString "-" + (last (splitString "/" public-inbox-src.outPath)))); + + tarballName = "public-inbox-${public-inbox.version}-qyliss-${hash}.tar.gz"; +in + +{ + services.public-inbox.enable = true; + services.public-inbox.mda.enable = true; + services.public-inbox.http.enable = true; + services.public-inbox.nntp.enable = true; + + services.public-inbox.mda.args = [ "--no-precheck" ]; + services.public-inbox.http.port = "/run/public-inbox-httpd.sock"; + services.public-inbox.postfix.enable = true; + services.public-inbox.settings.publicinbox.wwwlisting = "match=domain"; + + services.public-inbox.nntp.port = null; + systemd.sockets.public-inbox-nntpd.listenStreams = [ "0.0.0.0:119" "0.0.0.0:563" ]; + systemd.services.public-inbox-nntpd.serviceConfig.SupplementaryGroups = [ "public-inbox" "acme" ]; + + services.public-inbox.settings.publicinbox.css = + [ "href=https://spectrum-os.org/lists/archives/public-inbox.css" ]; + + services.public-inbox.settings.publicinbox.sourceinfo = + let + url = "https://ftp.qyliss.net/public-inbox/${tarballName}"; + in (pkgs.writeText "public-inbox-source-info.html" '' + <a href="${url}" download>${url}</a> + '').outPath; + + ftp.files."public-inbox/${tarballName}" = public-inbox-src; + + services.spamassassin.enable = true; + environment.etc."mail/spamassassin/public-inbox.pre".source = + "${public-inbox.sa_config}/root/etc/spamassassin/public-inbox.pre"; + + networking.firewall.allowedTCPPorts = [ 119 563 ]; +} diff --git a/modules/server/nginx/default.nix b/modules/server/nginx/default.nix new file mode 100644 index 000000000000..d60b1aa30c56 --- /dev/null +++ b/modules/server/nginx/default.nix @@ -0,0 +1,22 @@ +{ pkgs, ... }: + +{ + services.nginx.enable = true; + services.nginx.package = pkgs.nginxMainline; + + services.nginx.recommendedOptimisation = true; + services.nginx.recommendedTlsSettings = true; + services.nginx.recommendedGzipSettings = true; + services.nginx.recommendedProxySettings = true; + + services.nginx.commonHttpConfig = '' + log_format privacy '[$time_local] $request_method ' + '$scheme://$host$request_uri $status $body_bytes_sent ' + '($upstream_response_time seconds)'; + + # systemd catches syslog, and access_log doesn't support stdout/stderr. + access_log syslog:server=unix:/dev/log privacy; + ''; + + networking.firewall.allowedTCPPorts = [ 80 443 ]; +} diff --git a/modules/server/nixpk.gs/acme/default.nix b/modules/server/nixpk.gs/acme/default.nix new file mode 100644 index 000000000000..4c3c8f446602 --- /dev/null +++ b/modules/server/nixpk.gs/acme/default.nix @@ -0,0 +1,7 @@ +{ config, lib, ... }: + +{ + security.acme.certs."nixpk.gs" = { + webroot = "/var/lib/acme/acme-challenge"; + }; +} diff --git a/modules/server/nixpk.gs/default.nix b/modules/server/nixpk.gs/default.nix new file mode 100644 index 000000000000..7ed0e4b4f7d4 --- /dev/null +++ b/modules/server/nixpk.gs/default.nix @@ -0,0 +1,5 @@ +{ ... }: + +{ + imports = [ ./acme ./nginx ./pr-tracker ]; +} diff --git a/modules/server/nixpk.gs/nginx/default.nix b/modules/server/nixpk.gs/nginx/default.nix new file mode 100644 index 000000000000..cd02a70be0c7 --- /dev/null +++ b/modules/server/nixpk.gs/nginx/default.nix @@ -0,0 +1,13 @@ +{ pkgs, ... }: + +{ + services.nginx.virtualHosts."nixpk.gs" = { + forceSSL = true; + useACMEHost = "nixpk.gs"; + + locations."/".root = pkgs.runCommand "index.html" {} '' + mkdir -p $out + cp ${./index.html} $out/index.html + ''; + }; +} diff --git a/modules/server/nixpk.gs/nginx/index.html b/modules/server/nixpk.gs/nginx/index.html new file mode 100644 index 000000000000..0c4e94022447 --- /dev/null +++ b/modules/server/nixpk.gs/nginx/index.html @@ -0,0 +1,12 @@ +<!doctype html> +<html lang="en"> + <title>nixpk.gs</title> + <meta charset="utf-8"> + <meta name="viewport" content="width=device-width,initial-scale=1"> + + <h1>nixpk.gs</h1> + + <ul> + <li><a href="/pr-tracker.html">Pull request tracker</a> + </ul> +</html> diff --git a/modules/server/nixpk.gs/pr-tracker/default.nix b/modules/server/nixpk.gs/pr-tracker/default.nix new file mode 100644 index 000000000000..e3b00c433455 --- /dev/null +++ b/modules/server/nixpk.gs/pr-tracker/default.nix @@ -0,0 +1,28 @@ +{ pkgs, ... }: + +{ + imports = [ ../../git/nixpkgs ]; + + services.nginx.virtualHosts."nixpk.gs".locations."/pr-tracker.html" = { + proxyPass = "http://unix:/run/pr-tracker.sock:/pr-tracker.html"; + extraConfig = '' + proxy_http_version 1.1; + ''; + }; + + systemd.services.pr-tracker = { + requires = [ "pr-tracker.socket" ]; + serviceConfig.ExecStart = "${pkgs.pr-tracker}/bin/pr-tracker --path /var/lib/git/nixpkgs.git --remote origin --user-agent 'pr-tracker by alyssais' --source-url https://git.qyliss.net/pr-tracker --mount pr-tracker.html"; + serviceConfig.StandardInput = "file:/etc/pr-tracker/token"; + serviceConfig.DynamicUser = true; + serviceConfig.SupplementaryGroups = "nixpkgs"; + serviceConfig.UMask = "0002"; + serviceConfig.ReadWritePaths = "/var/lib/git/nixpkgs.git"; + }; + + systemd.sockets.pr-tracker = { + wantedBy = [ "sockets.target" ]; + before = [ "nginx.service" ]; + socketConfig.ListenStream = "/run/pr-tracker.sock"; + }; +} diff --git a/modules/server/spectrum/acme/default.nix b/modules/server/spectrum/acme/default.nix new file mode 100644 index 000000000000..6a60f52d2456 --- /dev/null +++ b/modules/server/spectrum/acme/default.nix @@ -0,0 +1,7 @@ +{ ... }: + +{ + security.acme.certs."spectrum-os.org" = { + webroot = "/var/lib/acme/acme-challenge"; + }; +} diff --git a/modules/server/spectrum/cgit/default.nix b/modules/server/spectrum/cgit/default.nix new file mode 100644 index 000000000000..e691d438a840 --- /dev/null +++ b/modules/server/spectrum/cgit/default.nix @@ -0,0 +1,57 @@ +{ pkgs, ... }: + +let + + spectrumReadme = pkgs.writeText "about.html" '' + <article> + + <h1>Contributing to Spectrum</h1> + + <p> + Want to contribute to Spectrum? We'd love to have you. + Have a look at the <a href="/contributing.html">online + documentation</a>. + + </article> + ''; + + sourceFilter = pkgs.runCommand "source-filter" { + nativeBuildInputs = with pkgs; with python3.pkgs; [ wrapPython ]; + } '' + mkdir -p $out/bin + sed s/pastie/friendly/g >$out/bin/syntax-highlighting.py \ + <${pkgs.cgit-pink}/lib/cgit/filters/.syntax-highlighting.py-wrapped + chmod +x $out/bin/syntax-highlighting.py + wrapPythonPrograms + ''; +in + +{ + imports = [ ../../cgit ]; + + services.cgit-qyliss.instances.spectrum = { + package = pkgs.cgit-pink; + vhost = "spectrum-os.org"; + path = "/git"; + config = pkgs.writeText "cgit.conf" '' + clone-prefix=https://spectrum-os.org/git + css=/git/cgit.css + enable-blame=1 + enable-commit-graph=1 + enable-follow-links=1 + enable-git-config=1 + enable-index-owner=0 + favicon=https://spectrum-os.org/logo/logo_html.svg + logo= + remove-suffix=1 + root-desc=Web interface for Spectrum source code + root-readme=${spectrumReadme} + root-title=Spectrum Git Repository Browser + snapshots=all + about-filter=${pkgs.cgit-pink}/lib/cgit/filters/about-formatting.sh + source-filter=${sourceFilter}/bin/syntax-highlighting.py + + scan-path=/home/spectrum/git + ''; + }; +} diff --git a/modules/server/spectrum/default.nix b/modules/server/spectrum/default.nix new file mode 100644 index 000000000000..d6c2eaa57d0e --- /dev/null +++ b/modules/server/spectrum/default.nix @@ -0,0 +1,14 @@ +{ ... }: + +{ + imports = [ + ./acme ./cgit ./git ./git-http-backend ./nginx ./patch-refs ./postfix + ./public-inbox ./spectrumbot ./vultr-mon + ]; + + nix.settings.substituters = [ "https://cache.dataaturservice.se/spectrum/" ]; + nix.settings.trusted-public-keys = [ + "cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY=" + "spectrum-os.org-1:rnnSumz3+Dbs5uewPlwZSTP0k3g/5SRG4hD7Wbr9YuQ=" + ]; +} diff --git a/modules/server/spectrum/git-http-backend/default.nix b/modules/server/spectrum/git-http-backend/default.nix new file mode 100644 index 000000000000..e7a3b003f190 --- /dev/null +++ b/modules/server/spectrum/git-http-backend/default.nix @@ -0,0 +1,11 @@ +{ ... }: + +{ + imports = [ ../../git-http-backend ]; + + services.git-http-backend.instances.spectrum = { + vhost = "spectrum-os.org"; + path = "/git"; + projectRoot = "/home/spectrum/git"; + }; +} diff --git a/modules/server/spectrum/git/default.nix b/modules/server/spectrum/git/default.nix new file mode 100644 index 000000000000..beb61b78dd89 --- /dev/null +++ b/modules/server/spectrum/git/default.nix @@ -0,0 +1,110 @@ +{ pkgs, ... }: + +{ + imports = [ ../../git ]; + + declarative-git.repositories."/home/spectrum/git/crosvm.git" = { + branch = "master"; + description = "Downstream crosvm tree for Spectrum"; + group = "spectrum"; + config.cgit.section = "obsolete"; + }; + + declarative-git.repositories."/home/spectrum/git/doc.git" = { + branch = "master"; + description = "Old manuals for Spectrum"; + hooks.post-update = [ + (pkgs.writeShellScript "post-update.sh" '' + nix-build --tarball-ttl 0 --out-link built --cores 1 -j1 -E " + let src = builtins.fetchGit ./.; + in (import src).overrideAttrs ({ ... }: { inherit src; }) + " + '') + ]; + group = "spectrum"; + config.cgit.section = "obsolete"; + }; + + declarative-git.repositories."/home/spectrum/git/nixpkgs.git" = { + branch = "rootfs"; + description = "Downstream nixpkgs tree for Spectrum"; + group = "spectrum"; + config.cgit.defBranch = "rootfs"; + config.cgit.section = "obsolete"; + config.core.sharedrepository = "0644"; + }; + + declarative-git.repositories."/home/spectrum/git/mktuntap.git" = { + branch = "master"; + description = "Utility program for creating TUN and TAP devices on file descriptors"; + group = "spectrum"; + config.cgit.readme = ":README"; + config.core.sharedrepository = "0644"; + config.receive.denyNonFastforwards = true; + }; + + declarative-git.repositories."/home/spectrum/git/spectrum.git" = { + description = "A compartmentalized operating system"; + group = "spectrum"; + config.cgit.defBranch = "main"; + hooks.post-receive = with pkgs; [ + (writeShellScript "send-email.sh" '' + set -ueo pipefail + export PATH=${lib.makeBinPath [ coreutils curl gitMinimal gnused mailutils ]} + + repo_url=https://spectrum-os.org/git/spectrum + inbox_url=https://spectrum-os.org/lists/archives/spectrum-devel + + while read oldrev newrev refname; do + [ "$refname" = "refs/heads/main" ] || continue + + git log --reverse --format=%H "$oldrev..$newrev" | while read commit; do + message_id="$(git log -1 --format=%B "$commit" | + git interpret-trailers --parse | + sed -n 's/^Message-Id: <\(.*\)>$/\1/Ip' | head -n 1)" + + [ -n "$message_id" ] || continue + + url="$inbox_url/$message_id/raw" + path="$(mktemp)" + curl -LSfso "$path" "$url" + mail -E "file $path" -E "reply" -E "quit" <<EOF + This patch has been committed as $commit, + which can be viewed online at + $repo_url/commit/?id=$commit. + + This is an automated message. Send comments/questions/requests to: + Alyssa Ross <hi@alyssa.is> + EOF + rm "$path" + done + done + '') + (writeShellScript "build-documentation.sh" '' + nix-build --tarball-ttl 0 --out-link /home/spectrum/Documentation -E ' + import "''${builtins.fetchGit { url = ./.; ref = "main"; }}/Documentation" {} + ' + '') + ]; + }; + + declarative-git.repositories."/home/spectrum/git/ucspi-vsock.git" = { + branch = "master"; + description = "UCSPI-1996 implementation for Linux AF_VSOCK sockets"; + group = "spectrum"; + config.cgit.section = "obsolete"; + }; + + declarative-git.repositories."/home/spectrum/git/www.git" = { + branch = "master"; + description = "Static source files for the Spectrum website"; + group = "spectrum"; + config.cgit.readme = ":README"; + config.core.bare = false; + config.core.logallrefupdates = true; + config.core.sharedrepository = 1; + config.core.worktree = "../../www"; + config.receive.denyCurrentBranch = "updateInstead"; + config.receive.denyNonFastforwards = true; + }; +} diff --git a/modules/server/spectrum/nginx/default.nix b/modules/server/spectrum/nginx/default.nix new file mode 100644 index 000000000000..edb4a8f855f1 --- /dev/null +++ b/modules/server/spectrum/nginx/default.nix @@ -0,0 +1,41 @@ +{ lib, ... }: + +let + inherit (lib) head tail; + + redirectDomains = [ + "spectrum-os.com" + "spectrumos.org" + "www.spectrum-os.com" + "www.spectrum-os.org" + "www.spectrumos.org" + ]; +in + +{ + services.nginx.virtualHosts."spectrum-redirects" = { + serverName = head redirectDomains; + serverAliases = tail redirectDomains; + addSSL = true; + useACMEHost = "spectrum-os.org"; + globalRedirect = "spectrum-os.org"; + }; + + services.nginx.virtualHosts."spectrum-os.org".locations."= /participating.html".return = + "301 /doc/contributing/communication.html"; + + services.nginx.virtualHosts."spectrum-os.org".locations."= /doc".return = + "301 /doc/"; + services.nginx.virtualHosts."spectrum-os.org".locations."/doc/".alias = + "/home/spectrum/Documentation/"; + + # TODO: some sort of robots.txt generation module might be nice. + services.nginx.virtualHosts."spectrum-os.org".locations."= /robots.txt" = { + alias = ./robots.txt; + }; + + security.acme.certs."spectrum-os.org".extraDomainNames = redirectDomains; + + # The Spectrum website lives in /home/spectrum/www + systemd.services.nginx.serviceConfig.ProtectHome = false; +} diff --git a/modules/server/spectrum/nginx/robots.txt b/modules/server/spectrum/nginx/robots.txt new file mode 100644 index 000000000000..b2d1429a929b --- /dev/null +++ b/modules/server/spectrum/nginx/robots.txt @@ -0,0 +1,5 @@ +User-agent: * +# Wildcards are not supported in the robots.txt spec, +# but let's hope they work anyway. +Disallow: /git/*/snapshot/ +Crawl-delay: 5 diff --git a/modules/server/spectrum/patch-refs/default.nix b/modules/server/spectrum/patch-refs/default.nix new file mode 100644 index 000000000000..8e608c5201d2 --- /dev/null +++ b/modules/server/spectrum/patch-refs/default.nix @@ -0,0 +1,46 @@ +{ lib, pkgs, ... }: + +{ + users.users.patch-refs = { + description = "spectrum-devel patch monitor"; + group = "spectrum"; + isSystemUser = true; + }; + + services.postfix.virtual = '' + patch-refs@spectrum-os.org patch-refs@spectrum-os.org + ''; + + services.postfix.transport = '' + patch-refs@spectrum-os.org patch-refs: + ''; + + services.postfix.masterConfig.patch-refs = { + type = "unix"; + command = "pipe"; + privileged = true; + args = [ + "flags=X" + "user=patch-refs" + "argv=${with pkgs; toString [ + "${execline}/bin/export" "PATH" + (lib.makeBinPath [ + b4 coreutils findutils gitMinimal strace + + (mblaze.overrideAttrs ({ patches ? [], ... }: { + patches = patches ++ [ + (fetchpatch { + url = "https://inbox.vuxu.org/mblaze/20220523170921.2623516-1-hi@alyssa.is/raw"; + sha256 = "1fwnr6277fjdrv0lvjrzyxjd1p94c6jg2nl6cd4lh9aizmfbjiq0"; + }) + ]; + })) + ]) + "${execline}/bin/execlineb" + "-S1" + (copyPathToStore ./mda.elb) + "$client_address" + ]}" + ]; + }; +} diff --git a/modules/server/spectrum/patch-refs/mda.elb b/modules/server/spectrum/patch-refs/mda.elb new file mode 100644 index 000000000000..c613d0529f88 --- /dev/null +++ b/modules/server/spectrum/patch-refs/mda.elb @@ -0,0 +1,36 @@ +foreground { echo "Mail from " $1 } +if -x 77 { test $1 = IPv6:::1 } + +backtick message_id { mhdr -h Message-Id - } +backtick dir { mktemp -d } + +multisubstitute { + importas -i message_id message_id + importas -i dir dir + define origin /home/spectrum/git/spectrum.git +} + +foreground { + if { mkdir ${dir}/git } + cd ${dir}/git + export GIT_CONFIG_COUNT 2 + export GIT_CONFIG_KEY_0 am.messageid + export GIT_CONFIG_VALUE_0 true + export GIT_CONFIG_KEY_1 b4.midmask + export GIT_CONFIG_VALUE_1 https://spectrum-os.org/lists/archives/spectrum-test/%s + export XDG_CACHE_HOME ${dir}/cache + export XDG_DATA_HOME ${dir}/data + if { git clone -n --single-branch --reference $origin $origin . } + if -x 75 { b4 shazam -CH $message_id } + pipeline { + git log -z --format=%H:refs/patches/%(trailers:key=Message-Id,valueonly) + HEAD..FETCH_HEAD + } + pipeline { tr -d <> } + redirfd -w 2 /tmp/err + xargs -tr0 + git push origin --dry-run +} +importas -iu exit ? +if { rm -rf $dir } +exit $exit diff --git a/modules/server/spectrum/postfix/default.nix b/modules/server/spectrum/postfix/default.nix new file mode 100644 index 000000000000..978cb47726e6 --- /dev/null +++ b/modules/server/spectrum/postfix/default.nix @@ -0,0 +1,71 @@ +{ pkgs, ... }: + +{ + services.postfix.enable = true; + services.postfix.enableSubmission = true; + services.postfix.hostname = "atuin.qyliss.net"; + services.postfix.config.smtp_tls_loglevel = "1"; + services.postfix.config.smtpd_forbid_bare_newline = true; + services.postfix.config.disable_mime_output_conversion = true; + services.postfix.sslCert = "/var/lib/acme/spectrum-os.org/fullchain.pem"; + services.postfix.sslKey = "/var/lib/acme/spectrum-os.org/key.pem"; + services.postfix.rootAlias = "hi@alyssa.is"; + services.postfix.relayDomains = [ "hash:/var/lib/mailman/data/postfix_domains" ]; + services.postfix.config.transport_maps = [ "hash:/var/lib/mailman/data/postfix_lmtp" ]; + services.postfix.localRecipients = []; # empty array causes NixOS to add $alias_maps + services.postfix.config.mailbox_command = "${pkgs.coreutils}/bin/false"; + services.postfix.config.local_recipient_maps = + [ "proxy:unix:passwd.byname" "hash:/var/lib/mailman/data/postfix_lmtp" ]; + + services.postfix.destination = + [ "atuin.qyliss.net" "qyliss.net" "spectrumos.org" "spectrum-os.org" ]; + services.postfix.extraAliases = '' + abuse: root + noc: root + security: root + hostmaster: root + usenet: root + news: root + webmaster: root + www: root + uucp: root + ftp: root + ''; + + services.postfix.enableHeaderChecks = true; + + # Local mail can be submitted without being filtered through SpamAssassin. + services.postfix.masterConfig."::1:smtp" = { + type = "inet"; + private = false; + command = "smtpd"; + }; + + services.postfix.masterConfig.smtp_inet.args = + [ "-o" "content_filter=spamassassin" ]; + + services.postfix.masterConfig.spamassassin = { + privileged = true; + chroot = false; + command = "pipe"; + args = [ + "user=postfix-spamc" + "argv=${pkgs.spamassassin}/bin/spamc" + "-f" + "-e" + "/run/wrappers/bin/sendmail" + "-oi" + "-f" + "\${sender}" + "\${recipient}" + ]; + }; + + networking.firewall.allowedTCPPorts = [ 25 ]; + + users.groups.postfix-spamc = {}; + users.users.postfix-spamc = { + group = "postfix-spamc"; + isSystemUser = true; + }; +} diff --git a/modules/server/spectrum/public-inbox/default.nix b/modules/server/spectrum/public-inbox/default.nix new file mode 100644 index 000000000000..2c5aed09631b --- /dev/null +++ b/modules/server/spectrum/public-inbox/default.nix @@ -0,0 +1,70 @@ +{ config, lib, ... }: + +let + repos = [ "crosvm" "doc" "mktuntap" "nixpkgs" "spectrum" "ucspi-vsock" "www" ]; +in + +{ + imports = [ ../../mail/public-inbox ]; + + services.public-inbox.http.mounts = + [ "https://spectrum-os.org/lists/archives" ]; + services.public-inbox.nntp.cert = + "/var/lib/acme/spectrum-os.org/fullchain.pem"; + services.public-inbox.nntp.key = "/var/lib/acme/spectrum-os.org/key.pem"; + services.public-inbox.settings.publicinbox.nntpserver = + [ "nntps://spectrum-os.org" "nntp://spectrum-os.org" ]; + + systemd.services.public-inbox-httpd.serviceConfig.ProtectHome = "tmpfs"; + systemd.services.public-inbox-httpd.serviceConfig.BindReadOnlyPaths = + map (c: c.dir) (lib.attrValues config.services.public-inbox.settings.coderepo); + + services.public-inbox.settings.coderepo = lib.genAttrs repos (name: { + dir = "/home/spectrum/git/${name}.git"; + cgitUrl = "https://spectrum-os.org/git/${name}"; + }); + + services.public-inbox.inboxes.spectrum-announce = { + address = [ + "public-inbox+spectrum-announce@spectrum-os.org" + "announce@spectrum-os.org" + ]; + description = "announcements from the spectrum developers"; + url = "https://spectrum-os.org/lists/archives/spectrum-announce"; + newsgroup = "inbox.comp.spectrum.announce"; + }; + + services.public-inbox.inboxes.spectrum-discuss = { + address = [ + "public-inbox+spectrum-discuss@spectrum-os.org" + "discuss@spectrum-os.org" + ]; + description = "general high-level discussion about spectrum"; + filter = "PublicInbox::Filter::Mirror"; + url = "https://spectrum-os.org/lists/archives/spectrum-discuss"; + newsgroup = "inbox.comp.spectrum.discuss"; + }; + + services.public-inbox.inboxes.spectrum-devel = { + address = [ + "public-inbox+spectrum-devel@spectrum-os.org" + "devel@spectrum-os.org" + ]; + description = "patches and low-level development discussion"; + filter = "PublicInbox::Filter::Mirror"; + url = "https://spectrum-os.org/lists/archives/spectrum-devel"; + newsgroup = "inbox.comp.spectrum.devel"; + coderepo = repos; + }; + + services.public-inbox.inboxes.spectrum-test = { + address = [ + "public-inbox+spectrum-test@spectrum-os.org" + "test@spectrum-os.org" + ]; + description = "test list for spectrum infrastructure"; + url = "https://spectrum-os.org/lists/archives/spectrum-test"; + newsgroup = "inbox.comp.spectrum.test"; + hide = [ "www" ]; + }; +} diff --git a/modules/server/spectrum/spectrumbot/default.nix b/modules/server/spectrum/spectrumbot/default.nix new file mode 100644 index 000000000000..bef02077a3af --- /dev/null +++ b/modules/server/spectrum/spectrumbot/default.nix @@ -0,0 +1,5 @@ +{ config, lib, pkgs, ... }: + +{ + imports = [ ./irccat ./postfix ]; +} diff --git a/modules/server/spectrum/spectrumbot/irccat/default.nix b/modules/server/spectrum/spectrumbot/irccat/default.nix new file mode 100644 index 000000000000..f4efd3828703 --- /dev/null +++ b/modules/server/spectrum/spectrumbot/irccat/default.nix @@ -0,0 +1,53 @@ +{ config, pkgs, ... }: + +{ + environment.etc."irccat.json".text = builtins.toJSON { + tcp.listen = "[::1]:18770"; + + irc.server = "irc.libera.chat:6697"; + irc.tls = true; + irc.nick = "spectrumbot"; + irc.realname = "#spectrum bot"; + irc.channels = [ "#spectrum" ]; + irc.keys = {}; + + irc.sasl_external = true; + irc.tls_client_cert = "/var/lib/irccat/tls.pem"; + + commands = {}; + }; + + systemd.services.irccat = { + after = [ "network-online.target" ]; + requires = [ "network-online.target" ]; + restartTriggers = [ config.environment.etc."irccat.json".source ]; + serviceConfig.StateDirectory = "irccat"; + serviceConfig.StateDirectoryMode = "0700"; + serviceConfig.ExecStart = "${pkgs.irccat}/bin/irccat"; + serviceConfig.Restart = "always"; + serviceConfig.RestartSec = 60; + wantedBy = [ "multi-user.target" ]; + + serviceConfig.CapabilityBoundingSet = ""; + serviceConfig.DynamicUser = true; + serviceConfig.LockPersonality = true; + serviceConfig.MemoryDenyWriteExecute = true; + serviceConfig.PrivateDevices = true; + serviceConfig.PrivateUsers = true; + serviceConfig.ProcSubset = "pid"; + serviceConfig.ProtectClock = true; + serviceConfig.ProtectControlGroups = true; + serviceConfig.ProtectHome = true; + serviceConfig.ProtectHostname = true; + serviceConfig.ProtectKernelLogs = true; + serviceConfig.ProtectKernelModules = true; + serviceConfig.ProtectKernelTunables = true; + serviceConfig.ProtectProc = "invisible"; + serviceConfig.RestrictAddressFamilies = [ "AF_INET" "AF_INET6" ]; + serviceConfig.RestrictNamespaces = true; + serviceConfig.RestrictRealtime = true; + serviceConfig.SystemCallArchitectures = "native"; + serviceConfig.SystemCallFilter = [ "@system-service" "~@privileged" ]; + serviceConfig.UMask = "0077"; + }; +} diff --git a/modules/server/spectrum/spectrumbot/postfix/default.nix b/modules/server/spectrum/spectrumbot/postfix/default.nix new file mode 100644 index 000000000000..3430107a59be --- /dev/null +++ b/modules/server/spectrum/spectrumbot/postfix/default.nix @@ -0,0 +1,39 @@ +{ lib, pkgs, ... }: + +{ + users.groups.irccat-mail = {}; + users.users.irccat-mail = { + isSystemUser = true; + group = "irccat-mail"; + }; + + services.postfix.virtual = '' + irccat@spectrum-os.org irccat@spectrum-os.org + ''; + + services.postfix.transport = '' + irccat@spectrum-os.org irccat: + ''; + + services.postfix.masterConfig.irccat = { + type = "unix"; + maxproc = 1; + command = "pipe"; + privileged = true; + args = [ + "flags=X" + "user=irccat-mail" + "argv=${with pkgs; toString [ + "${execline}/bin/export" "PATH" + (lib.makeBinPath [ coreutils gnused libressl.nc mblaze ]) + "${execline}/bin/execlineb" + "-S1" + (copyPathToStore ./mda.elb) + "$client_address" + ]}" + ]; + }; + + systemd.services.postfix.wants = [ "irccat.service" ]; +} + diff --git a/modules/server/spectrum/spectrumbot/postfix/mda.elb b/modules/server/spectrum/spectrumbot/postfix/mda.elb new file mode 100644 index 000000000000..05b111cf59a5 --- /dev/null +++ b/modules/server/spectrum/spectrumbot/postfix/mda.elb @@ -0,0 +1,26 @@ +backtick -E path { mktemp } +if { redirfd -w 1 $path cat } +foreground { echo "Mail from " $1 } +if -x 77 { test $1 = IPv6:::1 } + +foreground { + pipeline -w { nc -N ::1 18770 } + pipeline -w { if { tr -d "\n" } echo } + backtick list { + pipeline { mhdr -h List-Id $path } + sed "s/.*<\\([^.>]*\\)[.>].*/\\1/" + } + if { printf "📨 #ORANGE" } + if { printenv list } + if { printf "@ #GREEN" } + if { maddr -dh from $path } + if { printf " #NORMAL#BOLD" } + if { mhdr -h Subject $path } + if { printf " #NORMAL#BLUE#UNDERLINEhttps://spectrum-os.org/lists/archives/spectrum-" } + if { printenv list } + pipeline { mhdr -h Message-Id $path } + sed "s,.*<\\([^>]*\\)>.*,/\\1/," +} +importas -iu exit ? +if { rm $path } +exit $exit diff --git a/modules/server/spectrum/vultr-mon/default.nix b/modules/server/spectrum/vultr-mon/default.nix new file mode 100644 index 000000000000..50890d68ccbb --- /dev/null +++ b/modules/server/spectrum/vultr-mon/default.nix @@ -0,0 +1,24 @@ +{ pkgs, ... }: + +{ + systemd.services.vultr-mon = { + after = [ "network-online.target" ]; + requires = [ "network-online.target" ]; + path = with pkgs; [ coreutils curl findutils jq ]; + script = '' + api_base=https://api.vultr.com/v2 + curl -fsLSH @/var/lib/vultr-mon/key $api_base/instances | + jq -r '.instances[] | select(.date_created < $date) | .id' --arg date "$(date -uIseconds -d '24 hours ago')" | + xargs -rtd '\n' -I% curl -fsLSX DELETE -H @/var/lib/vultr-mon/key $api_base/instances/% + ''; + serviceConfig.DynamicUser = true; + serviceConfig.StateDirectory = "vultr-mon"; + serviceConfig.Type = "oneshot"; + }; + + systemd.timers.vultr-mon = { + wantedBy = [ "timers.target" ]; + timerConfig.OnActiveSec = 0; + timerConfig.OnUnitActiveSec = 3600; + }; +} diff --git a/modules/server/tor/default.nix b/modules/server/tor/default.nix new file mode 100644 index 000000000000..3e93309835b6 --- /dev/null +++ b/modules/server/tor/default.nix @@ -0,0 +1,19 @@ +{ lib, config, ... }: + +{ + networking.firewall.allowedTCPPorts = [ 143 ]; + + services.tor.enable = true; + + services.tor.settings.AccountingMax = + lib.mkDefault (throw "Set tor accountingMax!!"); + + services.tor.settings.AccountingStart = + lib.mkDefault (throw "Set tor accountingStart!!"); + + services.tor.relay.enable = true; + services.tor.relay.role = "relay"; + services.tor.settings.ContactInfo = "hi@alyssa.is"; + services.tor.settings.Nickname = lib.mkDefault config.networking.hostName; + services.tor.settings.ORPort = [ 143 ]; +} diff --git a/modules/server/xmpp/default.nix b/modules/server/xmpp/default.nix new file mode 100644 index 000000000000..dcd3dba8000f --- /dev/null +++ b/modules/server/xmpp/default.nix @@ -0,0 +1,30 @@ +{ pkgs, ... }: + +{ + networking.firewall.allowedTCPPorts = [ 5222 5269 5281 ]; + + security.acme.certs."qyliss.net".extraDomainNames = + [ "muc.qyliss.net" "upload.qyliss.net" ]; + + services.prosody.enable = true; + services.prosody.modules.http_files = true; + services.prosody.modules.mam = true; + services.prosody.s2sSecureAuth = true; + services.prosody.muc = [ + { domain = "muc.qyliss.net"; } + ]; + services.prosody.package = pkgs.prosody.override { + withCommunityModules = [ "smacks" "csi" ]; + }; + services.prosody.ssl.key = "/var/lib/acme/qyliss.net/key.pem"; + services.prosody.ssl.cert = "/var/lib/acme/qyliss.net/fullchain.pem"; + services.prosody.uploadHttp.domain = "upload.qyliss.net"; + services.prosody.virtualHosts."qyliss.net" = { + domain = "qyliss.net"; + enabled = true; + ssl.key = "/var/lib/acme/qyliss.net/key.pem"; + ssl.cert = "/var/lib/acme/qyliss.net/fullchain.pem"; + }; + + users.users.prosody.extraGroups = [ "acme" ]; +} diff --git a/modules/shell/cargo/default.nix b/modules/shell/cargo/default.nix new file mode 100644 index 000000000000..523d2f992a78 --- /dev/null +++ b/modules/shell/cargo/default.nix @@ -0,0 +1,7 @@ +{ ... }: + +{ + environment.extraInit = '' + export CARGO_HOME="$HOME/state/cargo" + ''; +} diff --git a/modules/shell/cmake/default.nix b/modules/shell/cmake/default.nix new file mode 100644 index 000000000000..055d82cd368d --- /dev/null +++ b/modules/shell/cmake/default.nix @@ -0,0 +1,5 @@ +{ ... }: + +{ + environment.variables.CMAKE_EXPORT_COMPILE_COMMANDS = "1"; +} diff --git a/modules/shell/default.nix b/modules/shell/default.nix new file mode 100644 index 000000000000..2f161f472b14 --- /dev/null +++ b/modules/shell/default.nix @@ -0,0 +1,67 @@ +{ pkgs, ... }: + +{ + imports = [ + ./cargo ./cmake ./git ./kakoune ./less ./lynx ./pass ./screen + ./tmux ./units ./zsh + ]; + + environment.systemPackages = with pkgs; [ + (aspellWithDicts (dicts: with dicts; [ en en-computers en-science eo ])) + bind.dnsutils + binutils + coreutils-prefixed + curl + direnv + execline + file + finger_bsd + ffsend + fzf + gdb + gnused + gotop + htop + httpie + jq + libarchive + lsof + moreutils + ncdu + neovim + nix-diff + nix-output-monitor + nix-top + nmap + openssh + pciutils + pv + ranger + restic + silver-searcher + socat + traceroute + tree + unixtools.watch + unzip + wget + whois + + (busybox.override { + enableMinimal = true; + extraConfig = '' + CONFIG_PSTREE y + ''; + }) + ] ++ lib.optional stdenv.isDarwin pinentry_mac; + + environment.variables.CLICOLOR = "1"; + environment.variables.EDITOR = "kak"; + environment.variables.EMAIL = "hi@alyssa.is"; + environment.variables.GOPATH = "$XDG_DATA_HOME/go"; + + security.sudo.package = pkgs.sudo.override { withInsults = true; }; + security.sudo.extraConfig = '' + Defaults insults + ''; +} diff --git a/modules/shell/git/attributes b/modules/shell/git/attributes new file mode 100644 index 000000000000..57ea092a232a --- /dev/null +++ b/modules/shell/git/attributes @@ -0,0 +1,2 @@ +*.json diff=json +*.json.mozlz4 diff=mozlz4 diff --git a/modules/shell/git/config.in b/modules/shell/git/config.in new file mode 100644 index 000000000000..138ab59124ce --- /dev/null +++ b/modules/shell/git/config.in @@ -0,0 +1,81 @@ +[absorb] + maxStack = 100 +[alias] + ignore = "!gi() { curl -L -s https://www.gitignore.io/api/$@ ;}; gi" + unbranch = "!git branch --sort -HEAD --merged | sed 1d | xargs git branch -d" +[am] + messageid = true + threeWay = true +[branch] + autosetuprebase = always +[color "branch"] + current = yellow reverse + local = yellow + remote = green +[color "diff"] + frag = magenta bold + meta = yellow bold + new = green bold + old = red bold +[color "status"] + added = yellow + changed = green + untracked = cyan +[commit] + gpgsign = true + verbose = true +[core] + attributesfile = @attributesfile@ + excludesfile = @ignorefile@ +[credential] + helper = osxkeychain +[diff] + algorithm = histogram + compactionHeuristic = true + mnemonicPrefix = true + renameLimit = 0 + renames = copy + submodule = diff + wsErrorHighlight = all +[diff "mozlz4"] + textconv = @mozlz4_textconv@ +[fetch] + parallel = 0 +[filter "lfs"] + clean = git-lfs clean -- %f + required = true + smudge = git-lfs smudge -- %f +[github] + user = alyssais +[grep] + fallbackToNoIndex = true + lineNumber = true + patternType = perl +[help] + autocorrect = 1 +[hub] + protocol = ssh +[init] + defaultBranch = main +[merge] + conflictstyle = diff3 + tool = opendiff +[pull] + rebase = true +[push] + default = upstream +[rebase] + autoSquash = true + autoStash = true + rescheduleFailedExec = true + stat = true +[rerere] + enable = true +[sendemail] + assume8bitEncoding = UTF-8 + confirm = always + envelopeSender = auto +[stash] + showPatch = true +[submodule] + fetchJobs = 0 diff --git a/modules/shell/git/default.nix b/modules/shell/git/default.nix new file mode 100644 index 000000000000..94a89b316275 --- /dev/null +++ b/modules/shell/git/default.nix @@ -0,0 +1,32 @@ +{ pkgs, ... }: + +let + mozlz4_textconv = pkgs.substituteAll { + src = diff/mozlz4.in; + isExecutable = true; + + inherit (pkgs) execline mozlz4a; + }; + + config = pkgs.substituteAll { + src = ./config.in; + + inherit mozlz4_textconv; + python = pkgs.python3; + attributesfile = ./attributes; + ignorefile = ./ignore; + preferLocalBuild = true; + }; + +in +{ + imports = [ ../../xdg ]; + + environment.systemPackages = with pkgs; with gitAndTools; [ + (git.override { svnSupport = true; sendEmailSupport = true; }) + git-absorb + git-remote-hg + ]; + + users.users.qyliss.xdg.config.paths."git/config" = config; +} diff --git a/modules/shell/git/diff/mozlz4.in b/modules/shell/git/diff/mozlz4.in new file mode 100644 index 000000000000..4377e69526c7 --- /dev/null +++ b/modules/shell/git/diff/mozlz4.in @@ -0,0 +1,4 @@ +#! @execline@/bin/execlineb -S1 + +pipeline { @mozlz4a@/bin/mozlz4a -d $1 /dev/stdout } +@python@/bin/python -m json.tool diff --git a/modules/shell/git/ignore b/modules/shell/git/ignore new file mode 100644 index 000000000000..c5887a0fb636 --- /dev/null +++ b/modules/shell/git/ignore @@ -0,0 +1,31 @@ +# macOS +.DS_Store + +# Kakoune +*.kak.* + +# Sublime Text +sublime-project +sublime-workspace + +# IntelliJ IDEA +.idea +*.iml + +# Bundler +gem_graph.png + +# Direnv +.envrc + +# ctags +/tags + +# Emacs +*~ +\#*\# +.\#* + +# clangd +compile_commands.json +.cache/clangd diff --git a/modules/shell/kakoune/default.nix b/modules/shell/kakoune/default.nix new file mode 100644 index 000000000000..8831d628f2b8 --- /dev/null +++ b/modules/shell/kakoune/default.nix @@ -0,0 +1,7 @@ +{ pkgs, ... }: + +{ + environment.systemPackages = with pkgs; [ kakoune ]; + + users.users.qyliss.xdg.config.paths."kak/kakrc" = pkgs.copyPathToStore ./kakrc; +} diff --git a/modules/shell/kakoune/kakrc b/modules/shell/kakoune/kakrc new file mode 100644 index 000000000000..33b6535ac2a9 --- /dev/null +++ b/modules/shell/kakoune/kakrc @@ -0,0 +1,86 @@ +# Highlight any files whose names start with "zsh" as sh +hook global BufCreate (.*/)?\.?zsh.* %{ + set-option buffer filetype sh +} + +# Highlight files ending in .conf as ini +# (Will probably be close enough) +hook global BufCreate .*\.conf %{ + set-option buffer filetype ini +} + +# Highlight files ending in .html.erb as html +hook global BufCreate .*\.html.erb %{ + set-option buffer filetype html +} + +# Strip trailing whitespace on save +hook global BufWritePre .*(?<!\.diff)(?<!\.patch)$ %{ + try %{execute-keys -draft %{%s\h+$<ret>d}} + echo +} + +hook global WinSetOption filetype=mail %{ + set-option buffer autowrap_column 72 + autowrap-enable +} + +define-command -docstring "import from the system clipboard" clipboard-import %{ + set-register dquote %sh{pbpaste} + echo -markup "{Information}imported system clipboard to register """ +} + +define-command -docstring "export to the system clipboard" clipboard-export %{ + nop %sh{ printf "%s" "$kak_main_reg_dquote" | pbcopy } + echo -markup "{Information}exported register "" to system clipboard" +} + +define-command -docstring "open a file using fzf" open %{ + edit %sh{git ls-files -oc --exclude-standard | choose} +} +alias global o open + +define-command -params 1.. -docstring "change file modes" chmod %{ + nop %sh{ chmod $@ "$kak_buffile" } +} + +define-command mkdirp %{ + nop %sh{mkdir -p "$(dirname "$kak_buffile")"} +} + +define-command mkdirpw %{ + mkdirp + write +} + +map global normal <a-Y> :clipboard-import<ret> +map global normal <a-y> :clipboard-export<ret> + +map global normal / /(?i) + +# Allow indenting from any position in the line, with the correct indentation. +map global insert <tab> '<a-;><a-gt>' +map global insert <s-tab> '<a-;><lt>' + +map -docstring "Remove Symbol hashrockets" global user \ + <gt> 's:\S+<space>+=<gt><ret>;<a-?><space>+<ret>c:<esc>h<a-/>:<ret>d' + +map -docstring "Convert single quotes to double quotes" global user \ + %{'} %{s'<ret>r"} + +map -docstring "Toggle line comments" global user \ + %{#} %{:comment-line<ret>} + +declare-user-mode bookmarks +map -docstring "Edit bookmarked file" global user b \ + %{:enter-user-mode bookmarks<ret>} + +map -docstring "wiki" global bookmarks w %{:edit-wiki-index<ret>} + +set-option global indentwidth 2 +set-option global ui_options ncurses_assistant=none +set-option global scrolloff 5,5 +set-option global autoreload yes + +add-highlighter global/ number-lines -hlcursor -separator "│" +add-highlighter global/ show-matching diff --git a/modules/shell/less/default.nix b/modules/shell/less/default.nix new file mode 100644 index 000000000000..0803cfaf2755 --- /dev/null +++ b/modules/shell/less/default.nix @@ -0,0 +1,8 @@ +{ pkgs, ... }: + +{ + environment.systemPackages = with pkgs; [ less ]; + + # Use whole terminal, use smart case in search, color, don't wrap. + environment.variables.LESS = "ciRS"; +} diff --git a/modules/shell/lynx/default.nix b/modules/shell/lynx/default.nix new file mode 100644 index 000000000000..0e1262b07a7d --- /dev/null +++ b/modules/shell/lynx/default.nix @@ -0,0 +1,16 @@ +{ pkgs, ... }: + +{ + environment.extraInit = '' + export LYNX_CFG="/etc/xdg/nixos/per-user/$USER/lynx/lynx.cfg" + export LYNX_LSS="/etc/xdg/nixos/per-user/$USER/lynx/lynx.lss" + ''; + + environment.systemPackages = with pkgs; [ lynx ]; + + users.users.qyliss.xdg.config.paths."lynx/lynx.cfg" = + pkgs.copyPathToStore ./lynx.cfg; + + users.users.qyliss.xdg.config.paths."lynx/lynx.lss" = + pkgs.copyPathToStore ./lynx.lss; +} diff --git a/modules/shell/lynx/lynx.cfg b/modules/shell/lynx/lynx.cfg new file mode 100644 index 000000000000..3359b95ce9af --- /dev/null +++ b/modules/shell/lynx/lynx.cfg @@ -0,0 +1,17 @@ +STARTFILE:https://search.weho.st/ +DEFAULT_INDEX_FILE:https://search.weho.st/ +SAVE_SPACE:/tmp +URL_DOMAIN_PREFIXES: +URL_DOMAIN_SUFFIXES: +SHOW_CURSOR:TRUE +UNDERLINE_LINKS:TRUE +SOURCE_CACHE:MEMORY +FORCE_SSL_COOKIES_SECURE:TRUE +SYSTEM_MAIL:neomutt +VI_KEYS_ALWAYS_ON:TRUE +DEFAULT_KEYPAD_MODE:LINKS_AND_FIELDS_ARE_NUMBERED +MAKE_LINKS_FOR_ALL_IMAGES:TRUE +XLOADIMAGE_COMMAND:imv %s & +EXTERNAL:mailto:neomutt %s:TRUE:TRUE +TEXTFIELDS_NEED_ACTIVATION:TRUE +CHARACTER_SET:utf-8 diff --git a/modules/shell/lynx/lynx.lss b/modules/shell/lynx/lynx.lss new file mode 100644 index 000000000000..cf0d3265e00c --- /dev/null +++ b/modules/shell/lynx/lynx.lss @@ -0,0 +1,105 @@ +# Normal type styles correspond to HTML tags. +# +# The next line (beginning with "em") means: use bold if mono, otherwise +# brightblue on <defaultbackground> +em: bold: brightblue +strong: bold: brightred +b: bold: red +i: bold: brightblue +a: bold: green +img: dim: brown +fig: normal: gray +caption: reverse: brown +hr: normal: yellow +blockquote: normal: brightblue +ul: normal: brown +address: normal: magenta +title: normal: magenta +tt: dim: brightmagenta: black +h1: bold: yellow: blue +label: normal: magenta +q: normal: yellow: magenta +small: dim: default +big: bold: yellow +sup: bold: yellow +sub: dim: gray +li: normal: magenta +code: normal: cyan +cite: normal: cyan + +table: normal: brightcyan +tr: bold: brown +td: normal: default +br: normal: default + +# Special styles - not corresponding directly to HTML tags +# alert - status bar, when message begins "Alert". +# alink - active link +# normal - default attributes +# status - status bar +# whereis - whereis search target +# +#normal:normal:default:blue +alink: reverse: yellow: black +status: reverse: yellow: blue +alert: bold: yellow: red +whereis: reverse+underline: magenta: cyan +# currently not used +#value:normal:green + +menu.bg: normal: black: lightgray +menu.frame: normal: black: lightgray +menu.entry: normal: lightgray: black +menu.n: normal: red: gray +menu.active: normal: yellow: black +menu.sb: normal: brightred: lightgray + +forwbackw.arrow:reverse +hot.paste: normal: brightred: gray + +# Styles with classes - <ul class=red> etc. +ul.red: underline: brightred +ul.blue: bold: brightblue +li.red: reverse: red: yellow +li.blue: bold: blue +strong.a: bold: black: red +em.a: reverse: black: blue +strong.b: bold: white: red +em.b: reverse: white: blue +strong.debug: reverse: green +font.letter: normal: white: blue +input.submit: normal: cyan +tr.baone: bold: yellow +tr.batwo: bold: green +tr.bathree: bold: red +# +# Special handling for link. +link: normal: white +link.green: bold: brightgreen +link.red: bold: black: red +link.blue: bold: white: blue +link.toc: bold: black: white +# Special cases for link - the rel or title is appended after the class. +# <link rel=next class=red href="1"> +link.red.next: bold: red +link.red.prev: bold: yellow: red +link.blue.prev: bold: yellow: blue +link.blue.next: bold: blue +link.green.toc: bold: white: green +# +# Define styles that will be used when syntax highlighting is requested +# (commandline option -prettysrc). +span.htmlsrc_comment:normal: white +span.htmlsrc_tag:normal: white +#If you don't like that the tag name and attribute name are displayed +#in different colors, comment the following line. +span.htmlsrc_attrib:normal: cyan +span.htmlsrc_attrval:normal: magenta +span.htmlsrc_abracket:normal: white +span.htmlsrc_entity:normal: white +##span.htmlsrc_href: +##span.htmlsrc_entire: +span.htmlsrc_badseq:normal: red +span.htmlsrc_badtag:normal: red +span.htmlsrc_badattr:normal: red +span.htmlsrc_sgmlspecial:normal: yellow diff --git a/modules/shell/pass/default.nix b/modules/shell/pass/default.nix new file mode 100644 index 000000000000..0e4dff5eb928 --- /dev/null +++ b/modules/shell/pass/default.nix @@ -0,0 +1,11 @@ +{ pkgs, ... }: + +{ + environment.systemPackages = [ + (pkgs.pass.withExtensions (es: with es; [ pass-otp ])) + ]; + + environment.extraInit = '' + export PASSWORD_STORE_DIR="$HOME/state/pass" + ''; +} diff --git a/modules/shell/screen/default.nix b/modules/shell/screen/default.nix new file mode 100644 index 000000000000..e2ee4d793890 --- /dev/null +++ b/modules/shell/screen/default.nix @@ -0,0 +1,7 @@ +{ ... }: + +{ + environment.extraInit = '' + export SCREENDIR="$XDG_RUNTIME_DIR/screen" + ''; +} diff --git a/modules/shell/tmux/config.nix b/modules/shell/tmux/config.nix new file mode 100644 index 000000000000..d62a472bc1d8 --- /dev/null +++ b/modules/shell/tmux/config.nix @@ -0,0 +1,90 @@ +{ stdenv, writeText, writeShellScriptBin +, coreutils, extract_url, reattach-to-user-namespace, ruby, tmux, zsh }: + +'' +set -gw activity-action none +set -g allow-rename off +set -g base-index 1 +${if stdenv.isDarwin then '' + set -g default-command "${reattach-to-user-namespace}/bin/reattach-to-user-namespace -l ${zsh}/bin/zsh" +'' else '' + set -g default-command "${zsh}/bin/zsh -l" +''} +set -gs default-terminal screen-256color +set -s escape-time 0 +set -gw mode-keys vi +set -gw monitor-activity on +set -g mouse on +set -gw pane-active-border-style fg=default,bright +set -gw pane-base-index 1 +set -gw pane-border-format ' #{pane_current_command} ' +set -gw pane-border-status top +set -g prefix C-a +set -g renumber-windows on +set -g status-left "" +set -g status-position top +set -g status-right "" +set -ga status-right " #{?client_prefix, #[bright]#{prefix}#[nobright] ,}" +# set -ga status-right ' #(cd #{pane_current_path} && zsh -c "print -P %%~") ' +# set -ga status-right '#(head="$(git -C #{pane_current_path} rev-parse --abbrev-ref HEAD 2>/dev/null)" && echo " $head ")' +# set -ga status-right ' #(pmset -g batt | grep -o \\d*%%) ' +set -ga status-right " %d-%b-%y %H:%M" +set -g status-right-length 200 +set -g status-style bg=default,fg=default +set -gw window-status-style fg=default +set -gw window-status-activity-style fg=default,underscore +set -gw window-status-bell-style fg=brightcyan +set -gw window-status-current-format '#W' +set -gw window-status-current-style bright +set -gw window-status-format '#W' +set -gw window-status-separator ' ' + +bind -n F1 select-window -t :1 +bind -n F2 select-window -t :2 +bind -n F3 select-window -t :3 +bind -n F4 select-window -t :4 +bind -n F5 select-window -t :5 +bind -n F6 select-window -t :6 +bind -n F7 select-window -t :7 +bind -n F8 select-window -t :8 +bind -n F9 select-window -t :9 +bind -n F10 select-window -t :10 +bind -n F11 select-window -t :11 +bind -n F12 select-window -t :12 +bind -n S-F1 select-window -t :13 +bind -n S-F2 select-window -t :14 +bind -n S-F3 select-window -t :15 +bind -n S-F4 select-window -t :16 +bind -n S-F5 select-window -t :17 +bind -n S-F6 select-window -t :18 +bind -n S-F7 select-window -t :19 +bind -n S-F8 select-window -t :20 + +bind -n C-l send-keys C-l \; run-shell "sleep 0.3" \; clear-history +bind C-l send-keys -R \; clear-history + +bind '"' split-window -v -c '#{pane_current_path}' +bind % split-window -h -c '#{pane_current_path}' + +bind C-a send-prefix + +unbind C-b + +set-hook -g after-select-pane "refresh-client -S" +set-hook -g alert-activity "refresh-client -S" + +bind u run ${writeShellScriptBin "tmux-url" '' +set -ue +buffer="$(mktemp -t tmux-buffer)" +open=${writeText "tmux-open-url.rb" '' +#!${ruby}/bin/ruby +require "cgi" +exec "/usr/bin/open", CGI.unescape(ARGV[0]), *ARGV[1..-1] +''} +${tmux}/bin/tmux capture-pane -J +${tmux}/bin/tmux save-buffer "$buffer" +${tmux}/bin/tmux split-window -l 10 -f "${coreutils}/bin/tac $buffer | BROWSER=\"$open\"i ${extract_url}/bin/extract_url" +''}/bin/tmux-url + +# bind u run "~/.config/tmux/url.sh" +'' diff --git a/modules/shell/tmux/default.nix b/modules/shell/tmux/default.nix new file mode 100644 index 000000000000..e1abecae0664 --- /dev/null +++ b/modules/shell/tmux/default.nix @@ -0,0 +1,8 @@ +{ pkgs, ... }: + +{ + users.users.qyliss.xdg.config.paths."tmux/tmux.conf" = + with pkgs; writeText "tmux.conf" (callPackage ./config.nix { }); + + environment.systemPackages = with pkgs; [ tmux ]; +} diff --git a/modules/shell/units/default.nix b/modules/shell/units/default.nix new file mode 100644 index 000000000000..6add834711fb --- /dev/null +++ b/modules/shell/units/default.nix @@ -0,0 +1,9 @@ +{ config, pkgs, ... }: + +{ + environment.systemPackages = with pkgs; [ units ]; + + systemd.tmpfiles.rules = [ + "d ${config.users.users.qyliss.home}/state/units 0700 qyliss qyliss" + ]; +} diff --git a/modules/shell/zsh/default.nix b/modules/shell/zsh/default.nix new file mode 100644 index 000000000000..95d7b38cf6ca --- /dev/null +++ b/modules/shell/zsh/default.nix @@ -0,0 +1,18 @@ +{ pkgs, config, ... }: + +{ + environment.extraInit = '' + export ZDOTDIR="/etc/xdg/nixos/per-user/$USER/zsh" + ''; + + programs.zsh.enable = true; + + systemd.tmpfiles.rules = [ + "d ${config.users.users.qyliss.home}/state/zsh 0700 qyliss qyliss" + ]; + + users.users.qyliss.shell = pkgs.zsh; + + users.users.qyliss.xdg.config.paths."zsh/.zshrc" = + with pkgs; writeText "zshrc" (callPackage ./zshrc.nix {}); +} diff --git a/modules/shell/zsh/zshrc.nix b/modules/shell/zsh/zshrc.nix new file mode 100644 index 000000000000..a5cd68b480be --- /dev/null +++ b/modules/shell/zsh/zshrc.nix @@ -0,0 +1,226 @@ +{ stdenv, lib +, any-nix-shell +, direnv +, zsh-autosuggestions +, zsh-history-substring-search +, zsh-syntax-highlighting +}: + +let + options = { + # Completion + always_to_end = true; + auto_name_dirs = true; + complete_in_word = true; + list_packed = true; + + # Expansion and Globbing + bad_pattern = true; + brace_ccl = true; + extended_glob = true; + equals = true; + glob_star_short = true; + magic_equal_subst = true; + rc_expand_param = true; + rematch_pcre = true; + + # Input/Output + correct = true; + mail_warning = true; + rc_quotes = true; + rm_star_wait = true; + short_loops = true; + + # History + share_history = false; + bang_hist = true; + hist_allow_clobber = true; + hist_beep = true; + hist_expire_dups_first = true; + hist_ignore_dups = true; + hist_ignore_space = true; + hist_no_store = true; + hist_reduce_blanks = true; + + # Prompting + prompt_sp = true; + + # Scripts and Functions + c_bases = true; + c_precedences = true; + octal_zeroes = true; + }; + + enabledOptions = lib.attrNames (lib.filterAttrs (_: lib.id) options); + disabledOptions = lib.attrNames (lib.filterAttrs (_: v: !v) options); + +in '' + +. ${../../../nixpkgs/nixos/modules/programs/zsh/zinputrc} + +# Disable silver searcher numbers when piped or redirected. +ag() { + if ! [ -t 1 ]; then + command ag --no-numbers "$@" + else + command ag "$@" + fi +} + +fzf_ctrl_t() { + if git rev-parse >/dev/null 2>&1; then + git ls-files -co --exclude-standard + else + find . -type f | sed 's/^\.\///g' + fi +} + +HISTFILE=~/state/zsh/history +HISTSIZE=10000 +REPORTTIME=5 +SAVEHIST=9000 +ZSH_HIGHLIGHT_HIGHLIGHTERS=(main brackets) + +${lib.optionalString (enabledOptions != []) + "setopt ${lib.concatStringsSep " " enabledOptions}"} + +${lib.optionalString (disabledOptions != []) + "unsetopt ${lib.concatStringsSep " " disabledOptions}"} + +autoload -Uz colors && colors + +zstyle ':completion::complete:*' use-cache on +zstyle ':completion::complete:*' cache-path "$XDG_CACHE_DIR/zsh/zcompcache" +zstyle ':completion:*' auto-description '%d' +zstyle ':completion:*' completer _expand _complete _ignored _match _correct \ + _approximate _prefix +zstyle ':completion:*' expand suffix +zstyle ':completion:*' group-name ''' +zstyle ':completion:*' insert-unambiguous true +zstyle ':completion:*' list-colors ''' +zstyle ':completion:*' list-suffixes true +zstyle ':completion:*' matcher-list \ + 'm:{[:lower:]}={[:upper:]}' 'm:{[:lower:][:upper:]}={[:upper:][:lower:]}' \ + 'r:|[._-/]=* r:|=*' 'l:|=* r:|=*' +zstyle ':completion:*' menu select=1 +zstyle ':completion:*' original false +zstyle ':completion:*' preserve-prefix '//[^/]##/' +zstyle ':completion:*' select-prompt \ + %SScrolling active: current selection at %p%s +zstyle ':completion:*' squeeze-slashes true +zstyle ':completion:*' use-compctl true +zstyle ':completion:*' verbose true + +autoload -U url-quote-magic +zle -N self-insert url-quote-magic + +autoload -Uz compinit +compinit -d "$XDG_CACHE_HOME/zsh/zcompdump" + +eval "$(${any-nix-shell}/bin/any-nix-shell zsh --info-right)" +eval "$(${direnv}/bin/direnv hook zsh)" + +source ${zsh-syntax-highlighting}/share/zsh-syntax-highlighting/zsh-syntax-highlighting.zsh +source ${zsh-history-substring-search}/share/zsh-history-substring-search/zsh-history-substring-search.zsh +source ${zsh-autosuggestions}/share/zsh-autosuggestions/zsh-autosuggestions.zsh + +zmodload zsh/complist +bindkey -M menuselect "^[[Z" reverse-menu-complete + +zmodload zsh/terminfo +bindkey "^[[A" history-substring-search-up +bindkey "^[[B" history-substring-search-down + +bindkey "^[[3~" delete-char +bindkey "^[[F" end-of-line +bindkey "^[[H" beginning-of-line +bindkey "^[[1~" beginning-of-line +bindkey "^[[4~" end-of-line +bindkey "^[^[[C" forward-word +bindkey "^[^[[D" backward-word + +if [ -n "$TMUX" ]; then + tmux-page-up() { tmux copy-mode -ue } + tmux-page-down() { tmux send-keys -X page-down 2>/dev/null } + zle -N tmux-page-up + zle -N tmux-page-down + bindkey "^[[5~" tmux-page-up + bindkey "^[[6~" tmux-page-down +fi + +autoload -U edit-command-line +zle -N edit-command-line +bindkey "^x^e" edit-command-line + +if [[ -v TMUX ]]; then + _tmux_hook() { + local exit_status="$?" + tmux set-environment "last_exit_status_$(tmux display-message -p '#D')" "$exit_status" + tmux refresh-client -S + } + + typeset -ag precmd_functions; + if [[ -z ''${precmd_functions[(r)_tmux_hook]} ]]; then + precmd_functions+=_tmux_hook; + fi +fi + +${lib.optionalString stdenv.isDarwin '' + # Load SSH passphrases from the Keychain. + # Use an explicit path because upstream OpenSSH + # doesn't have the keychain functionality. + (/usr/bin/ssh-add -A &) 2> /dev/null +''} + +if command -v fzf-share >/dev/null; then + source "$(fzf-share)/key-bindings.zsh" +fi + +# Aliases +alias beep='printf "\a"' +alias df='df -h' +alias gdb='gdb -q' +alias ip='ip -c=auto' +alias ls=${lib.escapeShellArg (if stdenv.isDarwin then + "ls -AFh" + else + "ls -AF --si --color=auto")} +alias tree='tree -aRF -I .git' +alias units='units -H $XDG_DATA_HOME/units/history' +alias vim=nvim + +for command in cargo curl dig find git mutt ri wget; do + alias "$command=noglob $command" +done + +# Prompt +PS1="%F{yellow}%1(j.&%j .)%f%# " + +if tput hs +then + _tsl="$(tput tsl)" + _fsl="$(tput fsl)" + set_title() { + echo -n "$_tsl$1$_fsl" + } +else + set_title() {} +fi + +preexec() { + show_exit=1 + + set_title "$([ -n "$SSH_TTY" ] && hostname && printf ": ")$TTY: $2" +} + +precmd() { + local ex="$?" + if [[ -n "$show_exit" && "$ex" -ne 0 ]] + then echo -e "\r\e[33m[exit $ex]\e[0m" + fi + unset show_exit + + set_title "$TTY: $ZSH_NAME" +} + +'' diff --git a/modules/ssh/default.nix b/modules/ssh/default.nix new file mode 100644 index 000000000000..7ca30149f2b0 --- /dev/null +++ b/modules/ssh/default.nix @@ -0,0 +1,87 @@ +{ config, pkgs, lib, ... }: + +let + inherit (lib) concatStringsSep; + + mkDefault = lib.mkOverride ((lib.mkDefault null).priority - 1); + + # SSL added and removed here ;-) + bannedAlgorithms = [ + "ecdsa-sha2-nistp256-cert-v01@openssh.com" + "ecdsa-sha2-nistp384-cert-v01@openssh.com" + "ecdsa-sha2-nistp521-cert-v01@openssh.com" + "ecdsa-sha2-nistp256" + "ecdsa-sha2-nistp384" + "ecdsa-sha2-nistp521" + ]; +in + +{ + programs.mosh.enable = mkDefault config.services.openssh.enable; + + programs.ssh.extraConfig = '' + CASignatureAlgorithms -${concatStringsSep "," bannedAlgorithms} + HostKeyAlgorithms -${concatStringsSep "," bannedAlgorithms} + VerifyHostKeyDNS ask + + Host spock + HostName %h.edef.eu + + Host hyperion + HostName %h.kookie.space + + Host atuin + HostName %h.qyliss.net + + Host codeberg + HostName %h.org + + Host github gitlab + HostName %h.com + + Host gitlab.fd.o + HostName gitlab.freedesktop.org + + Host invent + HostName %h.kde.org + + Host cl.tvl + HostName %h.fyi + Port 29418 + + Host salsa + HostName %h.debian.org + + Host whitby + HostName %h.tvl.fyi + + Match host gitlab.freedesktop.org,salsa.debian.org + VerifyHostKeyDNS yes + + Match host codeberg.org,github.com,gitlab.*,invent.kde.org,salsa.debian.org + User git + ''; + + services.openssh.enable = true; + services.openssh.authorizedKeysFiles = [ "${./keys}/%u.keys" ]; + services.openssh.settings.PasswordAuthentication = false; + services.openssh.settings.StrictModes = false; + + users.users.root.openssh.authorizedKeys.keyFiles = [ ./keys/qyliss.keys ]; + + programs.ssh.knownHostsFiles = [ + ./keys/aarch64.nixos.community.keys + ./keys/atuin.keys + ./keys/cl.tvl.keys + ./keys/codeberg.keys + ./keys/edef.keys + ./keys/github.keys + ./keys/gitlab.fd.o.keys + ./keys/gitlab.gnome.org.keys + ./keys/gitlab.keys + ./keys/hyperion.keys + ./keys/invent.keys + ./keys/salsa.keys + ./keys/whitby.keys + ]; +} diff --git a/modules/ssh/keys/aarch64.nixos.community.keys b/modules/ssh/keys/aarch64.nixos.community.keys new file mode 100644 index 000000000000..554892c604b4 --- /dev/null +++ b/modules/ssh/keys/aarch64.nixos.community.keys @@ -0,0 +1 @@ +aarch64.nixos.community ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMUTz5i9u5H2FHNAmZJyoJfIGyUm/HfGhfwnc142L3ds diff --git a/modules/ssh/keys/atuin.keys b/modules/ssh/keys/atuin.keys new file mode 100644 index 000000000000..9fd675202a57 --- /dev/null +++ b/modules/ssh/keys/atuin.keys @@ -0,0 +1,2 @@ +atuin.qyliss.net ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDDV7EHU524u9CnTh1858PXtNjtU64ViIHO07SAtGWHJPwsxO8Gk2WZK1bl9uowfdPAtGFRkND4RZMuv7F6xSZrNeQgsw1HLjikixIWh5acS8b6em04L23p6B9wtUWYhgRrEOZaItMl7xCrWeCPC8FmX8rb3MLUh/WP2gZrzEPP7Uc1mtZjBJKhqvuqV5xr/dZUeAQMBKB5y+J3D2HPm5/m2TvGkBns8I3GrygLfgrMV65/YHtNSfvbkEU2hoTjbruucLMgOi2yD9Ze33lsvLB1MvF9ISbWYIHB76cRCq/0+OQROBowRib0GKaXYXOhyLaA20bqACiwmOyRDRwDK4/VFJqZu53SQFWLkSObe58UGRUBOglhlPjPCwQfuxw9gezfDf5lnn0D1nWSYqxTMJwd3R9qqzaaxjo+bGevnrOkkX9brpAqjg38ggxqL8Z6eQp8pXcujRsvZ5c6NJfQXpJSINBn7vWkV4v0R9do+sbYNkBLbwcK7MBLo9g7mO7WXcHy6lY9ytymGpJy/qGWd38jkd8zqGKY4Ghz6oy6UGbe3AoW7tRR26UMfZmPCMdBSu02UlnoiVzcrkH3LlVdkYtKXRrKLRpaWvHCX6oYZUP/XWIC367jgn4tBxziVrwYKT+oCxtkVXWOtyRuw7GJHjxMELb4BJXXxesuRZ0azaGJEQ== +atuin.qyliss.net ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINo1PGuMkugEVi6DlvnOJH0gRbOUW6NSB7zhngxq+RqW diff --git a/modules/ssh/keys/cl.tvl.keys b/modules/ssh/keys/cl.tvl.keys new file mode 100644 index 000000000000..05a9fed3e4b2 --- /dev/null +++ b/modules/ssh/keys/cl.tvl.keys @@ -0,0 +1,2 @@ +[cl.tvl.fyi]:29418 ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFQ2QhzqIcH9VaCs5le5QP5L/WeuCUwGdAKWcVgqOVzf +[cl.tvl.fyi]:29418 ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDVw4EmrXCexwA4p2zN0P8CgDLi91OWY2DNlcaWLOOtoLpiOoYUGxAydsPYuPeXNtOfvg76fLECXdBZHyQxdYJEXCfdCkmjC7+RPjlRPRSDsynt2LSz2/Z2diWFWZVr0AOKWNLdrzOhx7EWOMHrXFA5m+E/u6Bfaai5+ceGfs7fQGvlP+VBQl2wHrNn8AAMKp8W9I198xt6IfuxfDr+sQIaeC8bXnW4cnu6JlyWY4P6wRxmQrQ4nA3lSVuAzhce6adaj1FZtU3AsYFhKuecLrHT5epRALIt45oH0AArGoPYEGxu3PaAoL5c/Po0e7lXrsg0UP2e5+W9zW/eqU2R4YSPXhqrWUVulsQCD9hNa4p4fUAU9v6QF5gYEhkW3KJMlporMBikbIxeRj/ooViDEuvT+o0IR/Wpuh68QTlLgM5Onhi7yw5E0vHNiAZJEbh29KiWyIkIpY4iZhL2X8PzevNVbw6TazjVplZYqnBS9S32uYQSUqyUQXTGUtULXywY9OE= diff --git a/modules/ssh/keys/codeberg.keys b/modules/ssh/keys/codeberg.keys new file mode 100644 index 000000000000..549ca4cdc801 --- /dev/null +++ b/modules/ssh/keys/codeberg.keys @@ -0,0 +1,2 @@ +codeberg.org ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC8hZi7K1/2E2uBX8gwPRJAHvRAob+3Sn+y2hxiEhN0buv1igjYFTgFO2qQD8vLfU/HT/P/rqvEeTvaDfY1y/vcvQ8+YuUYyTwE2UaVU5aJv89y6PEZBYycaJCPdGIfZlLMmjilh/Sk8IWSEK6dQr+g686lu5cSWrFW60ixWpHpEVB26eRWin3lKYWSQGMwwKv4LwmW3ouqqs4Z4vsqRFqXJ/eCi3yhpT+nOjljXvZKiYTpYajqUC48IHAxTWugrKe1vXWOPxVXXMQEPsaIRc2hpK+v1LmfB7GnEGvF1UAKnEZbUuiD9PBEeD5a1MZQIzcoPWCrTxipEpuXQ5Tni4mN +codeberg.org ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIVIC02vnjFyL+I4RHfvIGNtOgJMe769VTF1VR4EB3ZB diff --git a/modules/ssh/keys/edef.keys b/modules/ssh/keys/edef.keys new file mode 100644 index 000000000000..d1f622dc9f6b --- /dev/null +++ b/modules/ssh/keys/edef.keys @@ -0,0 +1 @@ +@cert-authority edef.eu,*.edef.eu ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCvb/7ojfcbKvHIyjnrNUOOgzy44tCkgXY9HLuyFta1jQOE9pFIK19B4dR9bOglPKf145CCL0mSFJNNqmNwwavU2uRn+TQrW+U1dQAk8Gt+gh3O49YE854hwwyMU+xD6bIuUdfxPr+r5al/Ov5Km28ZMlHOs3FoAP0hInK+eAibioxL5rVJOtgicrOVCkGoXEgnuG+LRbOYTwzdClhRUxiPjK8alCbcJQ53AeZHO4G6w9wTr+W5ILCfvW4OmUXCX01sKzaBiQuuFCF6M/H4LlnsPWLMra2twXxkOIhZblwC+lncps9lQaUgiD4koZeOCORvHW00G0L39ilFbbnVcL6Itp/m8RRWm/xRxS4RMnsdV/AhvpRLrhL3lfQ7E2oCeSM36v1S9rdg6a47zcnpL+ahG76Gz39Y7KmVRQciNx7ezbwxj3Q5lZtFykgdfGIAN+bT8ijXMO6m68g60i9Bz4IoMZGkiJGqMYLTxMQ+oRgR3Ro5lbj7E11YBHyeimoBYXYGHMkiuxopQZ7lIj3plxIzhmUlXJBA4jMw9KGHdYaLhaicIYhvQmCTAjrkt2HvxEe6lU8iws2Qv+pB6tAGundN36RVVWAckeQPZ4ZsgDP8V2FfibZ1nsrQ+zBKqaslYMAHs01Cf0Hm0PnCqagf230xaobu0iooNuXx44QKoDnB+w== openpgp:0x803010E7 diff --git a/modules/ssh/keys/github.keys b/modules/ssh/keys/github.keys new file mode 100644 index 000000000000..5296017f009f --- /dev/null +++ b/modules/ssh/keys/github.keys @@ -0,0 +1,2 @@ +github.com ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCj7ndNxQowgcQnjshcLrqPEiiphnt+VTTvDP6mHBL9j1aNUkY4Ue1gvwnGLVlOhGeYrnZaMgRK6+PKCUXaDbC7qtbW8gIkhL7aGCsOr/C56SJMy/BCZfxd1nWzAOxSDPgVsmerOBYfNqltV9/hWCqBywINIR+5dIg6JTJ72pcEpEjcYgXkE2YEFXV1JHnsKgbLWNlhScqb2UmyRkQyytRLtL+38TGxkxCflmO+5Z8CSSNY7GidjMIZ7Q4zMjA2n1nGrlTDkzwDCsw+wqFPGQA179cnfGWOWRVruj16z6XyvxvjJwbz0wQZ75XK5tKSb7FNyeIEs4TT4jk+S4dhPeAUC5y+bDYirYgM4GC7uEnztnZyaVWQ7B381AK4Qdrwt51ZqExKbQpTUNn+EjqoTwvqNj4kqx5QUCI0ThS/YkOxJCXmPUWZbhjpCg56i+2aB6CmK2JGhn57K5mj0MNdBXA4/WnwH6XoPWJzK5Nyu2zB3nAZp+S5hpQs+p1vN1/wsjk= +github.com ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOMqqnkVzrm0SdG6UOoqKLsabgH5C9okWi0dh2l9GKJl diff --git a/modules/ssh/keys/gitlab.fd.o.keys b/modules/ssh/keys/gitlab.fd.o.keys new file mode 100644 index 000000000000..61b52b3810b3 --- /dev/null +++ b/modules/ssh/keys/gitlab.fd.o.keys @@ -0,0 +1,2 @@ +gitlab.freedesktop.org ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCnmcNjS2U54OfP08LVhP0f/WhSOdlQkRUtHwyupPMk01tybSlXbrQgHnCzToxu/ncLkVc52Tu6ers0C9eSqQmB70sn8b6UKSgfQDcHiFyWecN80kCj9xov/cJKeXgV2aKpxbuzGN4ACXCAHiA06cmQ/44yv6L3d8LkCJn9gqRmeP6n4RGZt1+mXJWZXZIOggFhwQZa21ebpB5ljZyHEaKow7xNKlGhbHVOOdNWYexcF0tO8MQoCayPNBqq40G0IaG9BSaEjqaccOu2O0v1cznomFetXv36nOgSGnTBNW2Io47vluqbq06fzH/6XfoFQF3tvzvrylbk3mGsRXQKpCHV +gitlab.freedesktop.org ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOzdNH/aTnOOINO/iGupQ/rYnmKF40ESCrkRg+5JkLVN diff --git a/modules/ssh/keys/gitlab.gnome.org.keys b/modules/ssh/keys/gitlab.gnome.org.keys new file mode 100644 index 000000000000..ffd0a7bea4ab --- /dev/null +++ b/modules/ssh/keys/gitlab.gnome.org.keys @@ -0,0 +1,3 @@ +gitlab.gnome.org ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDOP8crC85BOcyc2EjHrGZZ3PbyU0GAQInE2hBi65aYDLRPWXr4kElR+EgwQ/mU4b/W6kAFxzrZ1Jt79TS3CnRCEaFFY4AsxAmFSl3PASCqYVGks9G9xLswJ1GQwzpoVSOckn98NCxahlDsUjT63/8pdP1ngFf3oFFB0RGjum/P2MZviewm0YSz3ya0wER1DDTOqmoR7ygz9EtpSKkbI4vpZ4LoRvLVKXL5XUFiRKs/ynhKDcO76SJqytW9u4mIm9BBdGh58vbV5JjfwKZmpELEnSdWLdpQBThT4WJuC82rb/ROKHeX781hVWWtcNgpp+gTqkbGTWxR4lz4Zp9gZMEb +gitlab.gnome.org ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBOfWUbO2WB8qArojiGnj+Ad51kDIza+4M7VL3VCXAt//fhqHKvbYQBcWaVw2mLg1+wRIxM5zDl9ssDhNrvkEN10= +gitlab.gnome.org ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILea/LjYthan6borZjKls7BD3xcicNP+uK1hZMFkGAbm diff --git a/modules/ssh/keys/gitlab.keys b/modules/ssh/keys/gitlab.keys new file mode 100644 index 000000000000..91a781168a11 --- /dev/null +++ b/modules/ssh/keys/gitlab.keys @@ -0,0 +1,2 @@ +gitlab.com ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAfuCHKVTjquxvt6CM6tdG4SLp1Btn/nOeHHE5UOzRdf +gitlab.com ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCsj2bNKTBSpIYDEGk9KxsGh3mySTRgMtXL583qmBpzeQ+jqCMRgBqB98u3z++J1sKlXHWfM9dyhSevkMwSbhoR8XIq/U0tCNyokEi/ueaBMCvbcTHhO7FcwzY92WK4Yt0aGROY5qX2UKSeOvuP4D6TPqKF1onrSzH9bx9XUf2lEdWT/ia1NEKjunUqu1xOB/StKDHMoX4/OKyIzuS0q/T1zOATthvasJFoPrAjkohTyaDUz2LN5JoH839hViyEG82yB+MjcFV5MU3N1l1QL3cVUCh93xSaua1N85qivl+siMkPGbO5xR/En4iEY6K2XPASUEMaieWVNTRCtJ4S8H+9 diff --git a/modules/ssh/keys/hyperion.keys b/modules/ssh/keys/hyperion.keys new file mode 100644 index 000000000000..f2ac3585bbc0 --- /dev/null +++ b/modules/ssh/keys/hyperion.keys @@ -0,0 +1,2 @@ +hyperion.kookie.space ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDBGAJLXL/GogrONeHV9HJIIzWmKzUPC9nglOPtpcxnAGGgM5AnIrAYKt7Oa0vUPMDdK+BNsFuLvq3DMRBH7yZqK/Y4mQcsOvkiXzHjRoECVLYu7hqYAEiugXwAnlK8esPu/O/jOThuT9w0OVHaZy4K0Q56k1M7u3chVfLFmhjrblAlladfDcOKSLOe52RARgz+afzwWEFz1Dkq6/zfrmjC1LScWfxtnujKliQPfQgexuJWBPhQhtEiiw8iOP+CFoNhoeRViEXSNCGNeBv5wV2fxZjX0a/7R+etip2GBNv1Boc7btAIZz6Yqg158Wn2h7nCJALHRhw3ZP/iw4Fq2bxcVAGhKgKU5qmcY2qAFApcAOqFDMOcAGpkZcSL/a9RZDXFlIwgJIOWiHdNF6CZLOB8p5UQerW28lOmrMeXvK5n+AusFZBlxkcxu5HVm71ep8dGO83i/LHNrsIVFoddTrC4IBl9kYgWJL6s2JmZdMxNLBOijiJTjK4ddVpONffn+Tq45GG6klfmtUkCwTQeAZ8Ng5SKOAvRAU7TpxAnmllfwaJc5feTNSLfJXLLnupdjItOmyFqPkZTsZ9C8ef9/i7RGYc9vMPJKwOJg01w8tL2Uj9GhHKM0GCpSDPF/Lt4++Kfxk6if7ERsqaCN/8eQB5HpGqsJcgWepuwuoc4mxYcBQ== +hyperion.kookie.space ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIBtAT+47hSPp0k3x/9++FH/Jui1pK359pGTpM0ZIFmT diff --git a/modules/ssh/keys/invent.keys b/modules/ssh/keys/invent.keys new file mode 100644 index 000000000000..a69b06b3237e --- /dev/null +++ b/modules/ssh/keys/invent.keys @@ -0,0 +1,2 @@ +invent.kde.org ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCvvywZ0SNVmhy2MRC4v0iTPjxRxaY1NATlUNoluJZ8K6DIiO3hQN99QaqyduIwCvI3EfdFqqw/QzyWAuAZdUC5eZrzhYO09NcgHkK9PsCjutIZHzeE+8WXLQNBNKA41r6JLliRpCe5aCPGl5KWuCdP+T8caA6GHPImPXcwziFaYk7l6NPa8M7raDxBlcRqqYvfyeSQAkefN/PVw5boeqXDBTzU/x9DG0BdawrSg0jBqIjmznkaSOIWNNDxFryfXiVIfegeqXanJM194wrSD3wWs6gPGDXGa36/1F+12KjzZp3XieOMxHoxyqznaK7NjOxca4N20NFfDritYrqjM+bP +invent.kde.org ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINACoE8znFN7FaS2CMK74trAPOehGoftawOjathkZFf6 diff --git a/modules/ssh/keys/qyliss.keys b/modules/ssh/keys/qyliss.keys new file mode 100644 index 000000000000..68956b69b7ba --- /dev/null +++ b/modules/ssh/keys/qyliss.keys @@ -0,0 +1,4 @@ +ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDLw1dxoV+AAHEHvpKBteVYKCcaAYvdy8696tssKcp2UBazTcVLhNRlpkSv+3JJrf4dvpr6m2wG9HR1/Pmlq76yKSbPX5FBYI6MccZhowpu9Mtx95UlBZxof/YhMdtNZ7VHztJySLuDdt7YAL1LGLaiGAY6ADGQ7KrAcu45AhwQGonnVc1rZrBifqBCQI0N5rs3VJdP+v+BSZHrZutgTgnHGMpJj/YAQPZ3LVDc597KOmlv8Z732RzS6iu9oIT8UO/9gDUDxR9n5l5FM342A8ACD/mqVSUr1bwT7zQ9RwB9vio5yZJljDKF/1OCEW0++njKzWrr4DkcCDS7I8ba/0w+O2OUd+Zy6FEwU1+kJINp1R0Gui6w3jlf1yycNn03t651I5Fs1xMuCtyjyC44xzI3Y4xxoVlY0CYrTvKQnrC2tBjZ+VZiBt24sjQQb8uZdFAhbvm75IxdFmLbRD0JZjkstLWFImkizd2LuCiblNXTMxaPjkAdx4zQ1xwyHrYQADKlxzcW2wfS/MEVMyBHY58aHYNQbrvnjk72sRhoS7ipGbPRGRkhQAhlxKhTQU+iFRtJHX0c9cYZa+RP0AdxH2i0Dg3+I3R6NkbVO4vLxSPcfWvt4+aQn3fL4NqMYffm1WT7JT8VEX0BiXSVnVgc9j8QxHgeBQxVO5+uUPyZtrO4Lw== +ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDgBBzMNio/v3M0QibrJ+im/j/JvNKtni0uSXDNNMX/5gaoZbCSj6am/kAlmo37MJAm9WW7m1eDg/rDOmyit2PZm3WPgdrhyhQqbHa48gsNWjLCLuG/drRLwmRd6NKqaGS2eJQ6AZa/wX90mqZEh2lUnVSLItUVWPpvGNGGO3i20HCA0q+kfIQRmIL9lACPX8/WNN8LJ7mRljLAgiNbXKKQOtdE8DvHgNX/Pe+7zl7q+w+Fk1t8dWdj4UPv+aLYQV6k7zP7j9zeyVmtUAzxM8wCeUuEwUuEV3x5HiwRGYsS+A2k8Tp+IJbDuOrE75MwoxDFz+3fa+eOiUzqHruXvc9rz2b8LTADTL54IbJh7nezU5Fer5Bwik7iKTuoKVJygkpNsCQsQAbPD1XqwdAii+EBUU34sI3O8QW1XHYQ6fZd+hKj5K7CG1pqThnITUHNA1nUzN/8TWujtdhRTBE7NEtu5ekvpf7QLbAVUfKjwYl9hCrudoPGLICzspxxq+0aSieP7idhlf0M2wXkdTV3lNEnpip9YDU9wGPAf5u55HnxZb3lWZNeYyigEspuMnjGXpvwwAFSRoG7tce+Q0LDhUTuAfwME+0UB5g6vhGbvkTCsvoJTQujj5+I4Z0Ghb2aJBW65VXzFp1gxmice7oNyHhVulL0/VXk+XZ4QCLn7Dz79Q== +ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDO11Pr7jKaRZ2It1yB312SKFN8mCV7aVYdry16LNwtnA6EDgFxyshG4Zmhl9asxQ9wa1lT3tdKB6ArA+VKxXMZB0zm15jYSLKpHQxMT7T3SqtTluJQpJD9zRtWeHbW/e1mtgn3tPYTHERB4HVGKIeGk97eOR2YOdXPHOIWhOXpogDtUlyt1bmWl0gyRHbWhViLeReHYhsu0KbZlo+ntN9aN7lPVkDfa7gUARv6IeGE5hAYHPRWmQ3VJCDaQnzsTtesLPFiNmV6Pq7qtWbHVNOG9XQLXJhD/305+yDZ2y/+KuBEQCroiWF8fPY/8gutfkZ0ZLjdGbXl38j5v+yRjreh+wjcN5MYWCWM18hMdutpoMd9D7PXaZz90V2vS+mRC81t3zXKrAy3Ke+LQBmlWSWxmKWdDoOTGOHjyPuCC/q+In7Q8hetB9/b9WUXTwEaaE3lUsa7y5JHAekNmdSoN3WD10nGYVUMvRRPGAlyqZTQdvxhn+6Pyu2piwIv/TMmC1CwiHr+fLbHxXQF745sOBQNmrdfiOzqDsKleybNB6i0AdDm5UZcYRcMLuxmryxN8O8qNUdMjMGoCeFcGwAIieqM+0xkPiByKr8ky2yV2lwOaZ4jrp/3j5GsGoQlvNKIPdCA/GQFad6vuqvhlbWcbdfiNpawrppLcJBsGB2NVjGbNQ== + diff --git a/modules/ssh/keys/salsa.keys b/modules/ssh/keys/salsa.keys new file mode 100644 index 000000000000..b168922c833c --- /dev/null +++ b/modules/ssh/keys/salsa.keys @@ -0,0 +1,3 @@ +# https://salsa.debian.org/help/instance_configuration#ssh-host-keys-fingerprints +salsa.debian.org ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCr4ClEmJjUlngh9cG1T9zuD60DaN1Rw/53hhz4njq86PzAo/qT88RuYEltzYrXD33nVOAhJZZkdKGiosS6bQBJhvClOC0pi6lJbbhQDaV95L/fCjXCDWZXqv3zaccE64RigqTDqtbMbJks1SOBW3wwuC4tBUldELITWusavr5mCoVRNT5INejI7nHDnfV1Fa+VNW1S27CPg0GOD1coTMfRIgXXnoCrHQ5g8h8Q6rWspNoxN5jJV5e10KCAk/DiocA4aq2UVtErH+ASjR6Zk7jQ3BVQk1cIjVER22Q3BA7zXxyKnn8Bc/Gc+HeSon4dWtDyVVlDBrCbxJW48AiWc/z9 +salsa.debian.org ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKXSHb3wNeJC/stGkU/0vCAGpw4A0Zm2bfClmK+zkZWr diff --git a/modules/ssh/keys/whitby.keys b/modules/ssh/keys/whitby.keys new file mode 100644 index 000000000000..bcfb0efedd19 --- /dev/null +++ b/modules/ssh/keys/whitby.keys @@ -0,0 +1,2 @@ +*.tvl.fyi ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDWJTBEmsmm70E56lg1KdfWTuR9ZsM3NZDBg2k7MNuMOsCLvzGeUahOD/Aw0KHgK1bpz8SH7z6e0wrz7ZbBWXdXfs/RTC4EM3P+S/4ZNkKYlsuR5c+9K4txkeuTeeDfAcfDfaeT2h/ChJsZw9ey9ezS9uesMhHqBt0wyaG9JbG1n1bEmXgJ9JnpYxOSXYwNfUOttvtRV6fCm9B8BySnSdNk1+ayKljMO1V50J0BJ1TgD2wSqLQCFOs9MpL5NL5DIoGhhV9ypgkaErx9e0yudqQBnQsYX7KTPZBZKemM8krHPOdwvPsIZKTTn2kMZ5EVVsRRilSxVvMHgZoFxAXyWup4yX5ScCz6yMi9iYUTYtN+rf67N03MN0eclatCusRmvFCSou0JU/6y5d/25EHoISBIGnCzvO1C7/U96UXYoigSYQ06FIttOccD01VsoaR66H7WZQYeJ94cDeWn/j6vk3wa8ddchkgA/nWTXAjjfI9uPlDWlb7qWCOveegwsli1vnssCHEdzMXgFJl2TbzT9nGelVG+uxX0qEDquJQlJDN9gil+ZeoKDYxQnl3k1FTMg5x4pIVy4AuHFPubooOkHM2Lbx+5OpyrgXX2gxSXigsr8/TSDf/pejWQFSg7cPOHKE8dZMRfZDllAmUmwwWj/kvd8p6NRHiGdBS5+0WGzbLpyw== +*.tvl.fyi ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILNh/w4BSKov0jdz3gKBc98tpoLta5bb87fQXWBhAl2I diff --git a/modules/users/default.nix b/modules/users/default.nix new file mode 100644 index 000000000000..cce724aa1a95 --- /dev/null +++ b/modules/users/default.nix @@ -0,0 +1,26 @@ +{ config, lib, pkgs, ... }: + +let + # These defaults should override the NixOS defaults, + # but still themselves be overridable at the default priority. + mkDefault = lib.mkOverride ((lib.mkDefault null).priority - 1); + +in { + users.mutableUsers = false; + users.groups.qyliss = {}; + users.users.qyliss = { + isNormalUser = true; + createHome = false; + description = "Alyssa Ross"; + uid = mkDefault 1000; + group = "qyliss"; + extraGroups = [ "wheel" ]; + useDefaultShell = false; + shell = lib.mkDefault pkgs.bash; + }; + + systemd.tmpfiles.rules = [ + "d ${config.users.users.qyliss.home} 0555 qyliss qyliss" + "d ${config.users.users.qyliss.home}/state 0700 qyliss qyliss" + ]; +} diff --git a/modules/workstation/audio/default.nix b/modules/workstation/audio/default.nix new file mode 100644 index 000000000000..46b22655f50b --- /dev/null +++ b/modules/workstation/audio/default.nix @@ -0,0 +1,9 @@ +{ pkgs, ... }: + +{ + environment.systemPackages = with pkgs; [ pavucontrol ]; + + services.pipewire.enable = true; + services.pipewire.jack.enable = true; + services.pipewire.pulse.enable = true; +} diff --git a/modules/workstation/default.nix b/modules/workstation/default.nix new file mode 100644 index 000000000000..d1b4ae4da0da --- /dev/null +++ b/modules/workstation/default.nix @@ -0,0 +1,27 @@ +{ lib, pkgs, ... }: + +{ + imports = [ + ../nix ../shell ../users ../ssh + ./documentation ./windowing ./fonts ./gh ./hardware ./locale + ./dict ./emacs ./gnupg ./lorri ./mail ./mpv ./weechat + ]; + + boot.kernelParams = [ "preempt=full" ]; + + environment.systemPackages = with pkgs; [ + dino ffmpeg mosh mpv nix-index qemu youtube-dl + ]; + + services.getty.autologinUser = "qyliss"; + services.getty.loginOptions = "-- \\u"; + services.locate.enable = true; + + time.timeZone = "Europe/Berlin"; + + virtualisation.podman.enable = true; + + programs.system-config-printer.enable = true; + services.printing.enable = true; + services.printing.drivers = with pkgs; [ foo2zjs ]; +} diff --git a/modules/workstation/dict/default.nix b/modules/workstation/dict/default.nix new file mode 100644 index 000000000000..92a619e75d23 --- /dev/null +++ b/modules/workstation/dict/default.nix @@ -0,0 +1,6 @@ +{ pkgs, ... }: + +{ + services.dictd.enable = true; + services.dictd.DBs = with pkgs.dictdDBs; [ wiktionary ]; +} diff --git a/modules/workstation/documentation/default.nix b/modules/workstation/documentation/default.nix new file mode 100644 index 000000000000..590da0e7329b --- /dev/null +++ b/modules/workstation/documentation/default.nix @@ -0,0 +1,14 @@ +{ pkgs, ... }: + +{ + environment.systemPackages = with pkgs; [ + autoconf.doc gcc.info glibcInfo gnumake.info gnused.info groff.doc + groff.man libbsd man-pages posix_man_pages (lowPrio mandoc) + wayland.man + ]; + + documentation.man.generateCaches = true; + documentation.man.extraConfig = '' + SECTION 1 n l 8 3 0 2 3p 3am 5 4 9 6 7 + ''; +} diff --git a/modules/workstation/emacs/default.nix b/modules/workstation/emacs/default.nix new file mode 100644 index 000000000000..fa26e98ce64e --- /dev/null +++ b/modules/workstation/emacs/default.nix @@ -0,0 +1,82 @@ +{ config, pkgs, ... }: + +let + emacs = ((with pkgs; emacsPackagesFor (emacs29-pgtk.overrideAttrs ( + { patches ? [], ... }: + { + patches = patches ++ [ + (fetchpatch { + url = "https://git.savannah.gnu.org/cgit/emacs.git/patch/?id=e4e89e2cb663c730fd563d89228fe3a9a34e63e5"; + hash = "sha256-/7vWMFXjmmmTg6nNvEPOM3LkZ+j3IVV9W127anx5deI="; + }) + ]; + } + ))).emacsWithPackages (epkgs: with epkgs; [ + adoc-mode + cmake-mode + code-review + csharp-mode + d-mode + direnv + dockerfile-mode + dts-mode + ebuild-mode + editorconfig + eglot + elpher + execline + forge + gn-mode + gnuplot-mode + go-mode + graphql-mode + graphviz-dot-mode + groovy-mode + haskell-mode + jam-mode + just-mode + kotlin-mode + lua-mode + magit + markdown-mode + meson-mode + monokai-theme + mutt-mode + ninja-mode + nix-mode + notmuch + org-roam + pass + pod-mode + protobuf-mode + rainbow-delimiters + rust-mode + sdlang-mode + sort-words + toml-mode + tuareg + typescript-mode + udev-mode + vala-mode + yaml-mode + zig-mode + ])); +in + +{ + environment.systemPackages = [ emacs ]; + + systemd.tmpfiles.rules = [ + "d ${config.users.users.qyliss.home}/notes 0700 qyliss qyliss" + ]; + + users.users.qyliss.xdg.config.paths."emacs" = pkgs.runCommand ".emacs.d" { + nativeBuildInputs = [ emacs ]; + } '' + cp ${./early-init.el} early-init.el + cp ${./init.el} init.el + emacs -L . --batch -f batch-byte-compile *.el + install -d $out + install *.el *.elc $out + ''; +} diff --git a/modules/workstation/emacs/early-init.el b/modules/workstation/emacs/early-init.el new file mode 100644 index 000000000000..8cac0647dd4e --- /dev/null +++ b/modules/workstation/emacs/early-init.el @@ -0,0 +1,4 @@ +;; This defaults to XDG_CONFIG_HOME, which is bad because lots of +;; state gets written to it. +(setq user-emacs-directory + (concat (file-name-as-directory (getenv "XDG_DATA_HOME")) "emacs")) diff --git a/modules/workstation/emacs/init.el b/modules/workstation/emacs/init.el new file mode 100644 index 000000000000..8370fe153fd7 --- /dev/null +++ b/modules/workstation/emacs/init.el @@ -0,0 +1,284 @@ +;; -*- lexical-binding: t -*- + +;;; UI customization ;;; +(column-number-mode) +(electric-pair-mode) +(global-so-long-mode) +(menu-bar-mode -1) +(scroll-bar-mode -1) +(show-paren-mode) +(tool-bar-mode -1) + +(setq frame-title-format "%b — Emacs") +(setq uniquify-buffer-name-style 'forward) +(setq-default truncate-lines t) + +(load-theme 'monokai t) + +;; <102 or >109 will make Ioveska look squished rather than tall, +;; narrow, and beautiful. +(set-face-attribute 'default nil :height 104) + +;; Disabling bidirectional text will make Emacs less slow with very +;; long lines. +(setq bidi-paragraph-direction 'left-to-right) +(setq bidi-inhibit-bpa t) + +;;; Utility functions ;;; + +;; Set an environment variable value for a single buffer. +(defun setenv-local (variable &optional value substitute-env-vars) + ;; If process-environment is the global one, make a copy of it. + (when (eq process-environment (default-value 'process-environment)) + (make-local-variable 'process-environment) + (setq process-environment (mapcar 'concat process-environment))) + (setenv variable value substitute-env-vars)) + +(defun enable-ansi-color () + (setenv-local "TERM" "dumb-emacs-ansi")) + +;;; Major modes ;;; +(add-to-list 'auto-mode-alist '("\\.adoc\\'" . adoc-mode)) +(add-to-list 'auto-mode-alist '("\\.quirks\\'" . conf-unix-mode)) +(add-to-list 'auto-mode-alist '("\\.gni?\\'" . gn-mode)) +(add-to-list 'auto-mode-alist '("/muttrc\\'" . mutt-mode)) +(add-to-list 'auto-mode-alist '("\\.tmac\\'" . nroff-mode)) +(add-to-list 'auto-mode-alist '("/Cargo\\.lock\\'" . toml-mode)) +(add-to-list 'auto-mode-alist '("/\\.clang-format\\'" . yaml-mode)) +(add-to-list 'auto-mode-alist '("/up\\'" . execline-mode)) +(add-to-list 'auto-mode-alist '("/down\\'" . execline-mode)) + +;;; auth-source ;;; +(auth-source-pass-enable) + +;;; Backups ;;; +(let ((backup-dir + (concat (file-name-as-directory user-emacs-directory) "backups"))) + (make-directory backup-dir t) + (setq backup-directory-alist `(("." . ,backup-dir))) + (setq message-auto-save-directory backup-dir)) + +;;; CC Mode ;;; +(with-eval-after-load 'cc-styles + ;; Default to kernel style. + (add-to-list 'c-default-style '(other . "linux"))) + +;;; Comint ;;; +;; This relies on an Emacs patch to apply to async-shell-command. +(setq comint-terminfo-terminal "dumb-emacs-ansi") + +;;; Diff Mode ;;; +;; Unbind M-DEL from scroll-down-command, so it does the same thing as +;; in the rest of Emacs (backward-kill-word). +(with-eval-after-load 'diff-mode + (define-key diff-mode-map (kbd "M-DEL") nil)) + +;;; Dired ;;; +(with-eval-after-load 'dired + ;; Use human-readable sizes. + (setq dired-listing-switches + (combine-and-quote-strings `(,dired-listing-switches "-h"))) + + ;; Don't open new windows when clicking directory entries. + (define-key dired-mode-map [mouse-2] 'dired-find-file)) + +;;; Direnv ;;; +(direnv-mode) +(global-set-key (kbd "C-c d") #'direnv-update-environment) + +;;; Ediff ;;; +;; Don't make a new frame for Ediff controls. +(setq ediff-window-setup-function 'ediff-setup-windows-plain) + +;;; EditorConfig ;;; +(editorconfig-mode) + +;;; Eglot ;;; +(with-eval-after-load 'eglot + ;; Override default LSPs for languages. + (add-to-list 'eglot-server-programs '((c++-mode c-mode) "clangd")) + (add-to-list 'eglot-server-programs '(rust-mode "rust-analyzer")) + (add-to-list 'eglot-server-programs '(nix-mode "rnix-lsp")) + + ;; Underline all occurrences of the symbol at point in the current + ;; buffer (default is to bold instead). + (set-face-attribute 'eglot-highlight-symbol-face nil :inherit 'underline) + + ;; Add keybindings for eglot actions. + (define-key eglot-mode-map (kbd "C-c e a") #'eglot-code-actions) + (define-key eglot-mode-map (kbd "C-c e r") #'eglot-rename)) + +;; Tell rust-analyzer not to allow colons inside Rust import. +(setq-default eglot-workspace-configuration + '((:rust-analyzer . (:assist (:importMergeBehaviour "last"))))) + +;;; Environment ;;; + +;; Provide a way to turn paging back on for modes like terminal emulators. +(let ((pager (getenv "PAGER"))) + (defun enable-pager () + (setenv-local "PAGER" pager))) + +;; Set PAGER to the empty string, which Git and journalctl will +;; interpret as an explicit opt-out of paging. +(setenv "PAGER" "") + +;;; Eshell ;;; +(add-hook 'eshell-mode-hook #'enable-ansi-color) + +;;; gdb-mi ;;; +(with-eval-after-load "gdb-mi" + ;; Hide all the copyright and documentation messages at gdb startup. + (setq gud-gdb-command-name (concat gud-gdb-command-name " -q"))) + +;;; Ibuffer ;;; +;; Open ibuffer in other window, to match behaviour of the default +;; list-buffers. +(global-set-key (kbd "C-x C-b") (lambda () (interactive) (ibuffer t))) + +;;; ispell ;;; +;; System locale is Esperanto, but I write in English much more, and +;; spelling in Esperanto is easy anyway. ;) +(setq ispell-dictionary "english") + +;;; Magit ;;; +(setq magit-delete-by-moving-to-trash delete-by-moving-to-trash) +(setq magit-repository-directories + `((,(expand-file-name "~/src") . 1))) +(global-set-key (kbd "C-x g") #'magit-status) +(global-set-key (kbd "C-x M-g") #'magit-dispatch) +(with-eval-after-load "git-commit" + (add-to-list 'git-commit-trailers "Change-Id") + (add-to-list 'git-commit-trailers "Fixes") + (add-to-list 'git-commit-trailers "Message-Id")) + +;; Don't open a second window with a diff when committing. I have +;; commit.verbose set in git, so the diff is shown below the commit +;; anyway, and it's annoying to have magit take over the whole frame +;; because it means I can't refer to something else, like an email +;; thread discussing the commit. And sometimes the diff shown by +;; magit doesn't agree with the diff shown by git (and git is always +;; in the right when this happens). +(setq magit-commit-show-diff nil) + +(defun git-commit-message-pretty-ref (commit) + "Generate a reference to git COMMIT in the format used in the +Linux kernel (`SHORT-HASH (\"SHORT-MESSAGE\")') and insert it at +point." + (interactive + (list (or (nreverse (magit-region-values 'commit)) + (magit-read-other-branch-or-commit "Reference commit")))) + (call-process (magit-git-executable) nil t nil + "show" "--no-patch" "--pretty=format:%h (\"%s\")" commit)) + +(with-eval-after-load "magit" + (define-key magit-process-mode-map (kbd "k") #'magit-process-kill) + + ;; Add a --no-gpg-sign option to Magit. This is only useful with + ;; commit.gpgsign=true. It would be nice if commit.gpgsign=true just + ;; meant that Magit showed the --gpg-sign option as enabled by + ;; default, and disabling it would make Magit pass --no-gpg-sign to + ;; git, but that's not currently the case, so we need a seperate + ;; option for --no-gpg-sign. See + ;; <https://github.com/magit/magit/issues/3832>. + (dolist (command '(magit-commit magit-merge magit-cherry-pick + magit-revert magit-am magit-rebase)) + (transient-append-suffix command ["-S"] + '("=S" "Don't sign using gpg" "--no-gpg-sign")))) + +;;; Markdown ;;; +(setq-default markdown-hide-markup t) + +;;; Man ;;; +;; Open man pages in the current window. I don't really care what +;; happens when I do M-x man, but I don't want my whole frame to be +;; taken over with man buffers if I'm following a bunch of +;; cross-references. +(setq Man-notify-method 'pushy) + +;;; MML ;;; +(setq mml-secure-openpgp-encrypt-to-self t) +(setq mml-secure-openpgp-signers '("757356D779BBB888773E415E736CCDF9EF51BD97")) +(add-hook 'message-setup-hook 'mml-secure-message-sign-pgpmime) + +;;; Nix support ;;; +(defun browse-url-nixpkgs (attr) + "Open a browser to the homepage for the Nixpkgs attribute ATTR." + (interactive "sAttribute: ") + (let* ((full-attr-quoted (shell-quote-argument (concat attr ".meta.homepage"))) + (command (concat "nix --extra-experimental-features nix-command eval --raw -f '<nixpkgs>' " full-attr-quoted)) + (homepage (shell-command-to-string command))) + (browse-url homepage))) + +;;; notmuch ;;; +(setq notmuch-search-oldest-first nil) +(setq notmuch-fcc-dirs "Sent") +(setq notmuch-draft-folder "Drafts") +(setq notmuch-saved-searches + `((:name "direct" :query ,(concat "-tag:done -folder:Spam -from:discourse@discourse.nixos.org to:" (getenv "EMAIL")) :key "d") + (:name "github" :query "-tag:done -to:your_activity@noreply.github.com from:notifications@github.com" :key "g") + (:name "lists" :query "-tag:done to:afra@afra-berlin.de OR to:@list.skarnet.org OR wayland-devel@lists.freedesktop.org OR to:distributions@lists.linux.dev OR to:virglrenderer-devel@lists.freedesktop.org OR to:config-patches@gnu.org OR to:linux-kernel-announce@vger.kernel.org" :key "l"))) +(setq notmuch-tagging-keys '(("d" ("+done") "done"))) + +;;; mail ;;; +; This has to go after we set the notmuch settings, for some reason, +; or they are not applied. +(require 'notmuch-mua) +(setq mail-user-agent 'notmuch-user-agent) + +;;; Org-mode ;;; +(setq org-id-locations-file (concat user-emacs-directory "/org-id-locations")) + +;;; Org-roam ;;; +(setq org-roam-directory "~/notes") +(setq org-roam-v2-ack t) +(org-roam-db-autosync-mode) +(global-set-key (kbd "C-c o c") #'org-roam-capture) +(global-set-key (kbd "C-c o f") #'org-roam-node-find) +(define-key org-mode-map (kbd "C-c o i") #'org-roam-node-insert) +(define-key org-mode-map (kbd "C-c o r") #'org-roam-ref-add) + +;;; Rainbow Delimiters ;;; +(add-hook 'prog-mode-hook #'rainbow-delimiters-mode) + +;;; Revert buffers ;;; +(global-set-key (kbd "C-c r") #'revert-buffer) + +;;; Ruby ;;; +(setq ruby-align-to-stmt-keywords t) + +;;; Rust ;;; +;; Indent with spaces in Rust code. +(add-hook 'rust-mode-hook (lambda () (setq indent-tabs-mode nil))) + +(with-eval-after-load 'rust-mode + ;; Cargo keybindings + (define-key rust-mode-map (kbd "C-c c b") 'rust-compile) + (define-key rust-mode-map (kbd "C-c c c") 'rust-check) + (define-key rust-mode-map (kbd "C-c c r") 'rust-run) + (define-key rust-mode-map (kbd "C-c c t") 'rust-test)) + +;;; save-some-buffers ;;; +;; Allow reverting buffers directly from the "Save file ...?" message. +(add-to-list 'save-some-buffers-action-alist + `(?r ,(lambda (buf) (with-current-buffer buf (revert-buffer t t))) + ,(purecopy "revert this buffer"))) + +;;; sendmail ;;; +;; Use the system "sendmail" program to send mail. +(setq mail-envelope-from 'header) +(setq mail-specify-envelope-from t) +(setq send-mail-function 'sendmail-send-it) + +;;; Term ;;; +(add-hook 'term-mode-hook #'enable-pager) + +;;; Transient ;;; +;; Make all Magit options available, even those that are disabled by +;; default because they're too obscure. +(setq transient-default-level 7) + +;;; with-editor ;;; +(add-hook 'eshell-mode-hook 'with-editor-export-editor) +(add-hook 'shell-mode-hook 'with-editor-export-editor) +(add-hook 'term-exec-hook 'with-editor-export-editor) diff --git a/modules/workstation/fonts/default.nix b/modules/workstation/fonts/default.nix new file mode 100644 index 000000000000..309a863cd826 --- /dev/null +++ b/modules/workstation/fonts/default.nix @@ -0,0 +1,9 @@ +{ pkgs, ... }: + +{ + fonts.packages = with pkgs; [ + ccsymbols fira iosevka twemoji-color-font noto-fonts-cjk + ]; + fonts.fontconfig.allowBitmaps = false; + fonts.fontconfig.defaultFonts.monospace = [ "Iosevka" ]; +} diff --git a/modules/workstation/gh/default.nix b/modules/workstation/gh/default.nix new file mode 100644 index 000000000000..b3dc60ed9407 --- /dev/null +++ b/modules/workstation/gh/default.nix @@ -0,0 +1,21 @@ +{ lib, pkgs, ... }: + +let + wrapper = with pkgs; writeScriptBin "gh" '' + #! ${execline}/bin/execlineb -s0 + + fdmove 3 0 + pipeline { ${pass}/bin/pass show api.github.com } + fdswap 0 3 + export GH_TOKEN_FD 3 + + importas -i config_home XDG_CONFIG_HOME + export GH_CONFIG_DIR ''${config_home}/gh + + ${pkgs.gh}/bin/gh $@ + ''; +in + +{ + environment.systemPackages = [ pkgs.gh (lib.hiPrio wrapper) ]; +} diff --git a/modules/workstation/gnupg/default.nix b/modules/workstation/gnupg/default.nix new file mode 100644 index 000000000000..eda898314258 --- /dev/null +++ b/modules/workstation/gnupg/default.nix @@ -0,0 +1,38 @@ +{ config, pkgs, ... }: + +let + gnupgHome = "${config.users.users.qyliss.home}/state/gnupg"; + + pinentryProgram = + if pkgs.stdenv.isDarwin then + "/Applications/pinentry-mac.app/Contents/MacOS/pinentry-mac" + else + "${pkgs.pinentry.qt}/bin/pinentry"; + + gpg-agent-conf = pkgs.writeText "gpg-agent.conf" '' + pinentry-program ${pinentryProgram} + ''; +in + +{ + systemd.tmpfiles.rules = [ + "d ${gnupgHome} 0700 qyliss qyliss" + "L+ ${gnupgHome}/dirmngr.conf - - - - ${./dirmngr.conf}" + "L+ ${gnupgHome}/gpg.conf - - - - ${./gpg.conf}" + "L+ ${gnupgHome}/gpg-agent.conf - - - - ${gpg-agent-conf}" + ]; + + environment.systemPackages = with pkgs; [ gnupg pinentry ]; + + environment.extraInit = '' + export GNUPGHOME="$HOME/state/gnupg" + + if [ -z "$SSH_AUTH_SOCK" ]; then + export SSH_AUTH_SOCK="$(gpgconf --list-dirs agent-ssh-socket)" + fi + ''; + + programs.sway.extraConfig = '' + exec gpg-connect-agent /bye + ''; +} diff --git a/modules/workstation/gnupg/dirmngr.conf b/modules/workstation/gnupg/dirmngr.conf new file mode 100644 index 000000000000..14114144cc9d --- /dev/null +++ b/modules/workstation/gnupg/dirmngr.conf @@ -0,0 +1 @@ +keyserver hkps://keys.openpgp.org diff --git a/modules/workstation/gnupg/gpg.conf b/modules/workstation/gnupg/gpg.conf new file mode 100644 index 000000000000..ab999bfbc32a --- /dev/null +++ b/modules/workstation/gnupg/gpg.conf @@ -0,0 +1,3 @@ +ask-cert-level +auto-key-retrieve +trust-model tofu+pgp diff --git a/modules/workstation/hardware/bluetooth/default.nix b/modules/workstation/hardware/bluetooth/default.nix new file mode 100644 index 000000000000..fb6a06a03e5f --- /dev/null +++ b/modules/workstation/hardware/bluetooth/default.nix @@ -0,0 +1,5 @@ +{ ... }: + +{ + hardware.bluetooth.enable = true; +} diff --git a/modules/workstation/hardware/default.nix b/modules/workstation/hardware/default.nix new file mode 100644 index 000000000000..64e06aecf363 --- /dev/null +++ b/modules/workstation/hardware/default.nix @@ -0,0 +1,11 @@ +{ pkgs, ... }: + +{ + imports = [ ./keyboard ./libinput ./yubikey ]; + + environment.systemPackages = with pkgs; [ brightnessctl ddrescue usbutils ]; + + hardware.sane.enable = true; + + sound.enable = true; +} diff --git a/modules/workstation/hardware/keyboard/default.nix b/modules/workstation/hardware/keyboard/default.nix new file mode 100644 index 000000000000..3bd9dc4280db --- /dev/null +++ b/modules/workstation/hardware/keyboard/default.nix @@ -0,0 +1,15 @@ +{ pkgs, config, ... }: + +let + xcfg = config.services.xserver; + +in +{ + console.useXkbConfig = true; + services.xserver.xkb.variant = "dvorak"; + services.xserver.xkb.options = "caps:escape,compose:menu,compose:prsc"; + + environment.variables.XKB_DEFAULT_LAYOUT = xcfg.xkb.layout; + environment.variables.XKB_DEFAULT_VARIANT = xcfg.xkb.variant; + environment.variables.XKB_DEFAULT_OPTIONS = xcfg.xkb.options; +} diff --git a/modules/workstation/hardware/libinput/default.nix b/modules/workstation/hardware/libinput/default.nix new file mode 100644 index 000000000000..c3a56e22feb7 --- /dev/null +++ b/modules/workstation/hardware/libinput/default.nix @@ -0,0 +1,13 @@ +{ ... }: + +{ + environment.etc."libinput/local-overrides.quirks".text = '' + [Google Chromebook Eve] + MatchUdevType=touchpad + MatchName=ACPI0C50:00 18D1:5028 + MatchDMIModalias=dmi:*svnGoogle:pnEve* + ModelChromebook=1 + AttrPressureRange=6:4 + AttrThumbPressureThreshold=45 + ''; +} diff --git a/modules/workstation/hardware/pixelbook/default.nix b/modules/workstation/hardware/pixelbook/default.nix new file mode 100644 index 000000000000..b708abc85a3d --- /dev/null +++ b/modules/workstation/hardware/pixelbook/default.nix @@ -0,0 +1,17 @@ +{ ... }: + +{ + imports = [ ../../../nixos-hardware/google/pixelbook ]; + + boot.postBootCommands = '' + # Remap Google Assistant to left super. + /run/current-system/sw/bin/setkeycodes e058 125 + + # Remap menu to compose. + /run/current-system/sw/bin/setkeycodes 5d 127 + ''; + + services.logind.extraConfig = '' + HandlePowerKey=suspend + ''; +} diff --git a/modules/workstation/hardware/yubikey/default.nix b/modules/workstation/hardware/yubikey/default.nix new file mode 100644 index 000000000000..0f2d63e742b9 --- /dev/null +++ b/modules/workstation/hardware/yubikey/default.nix @@ -0,0 +1,14 @@ +{ pkgs, ... }: + +{ + services.udev.packages = with pkgs; [ yubikey-personalization ]; + + security.pam.services.sudo.u2fAuth = true; + security.sudo.extraConfig = '' + Defaults timestamp_timeout=0 + ''; + + security.pam.u2f.appId = "pam://qyliss.net"; + security.pam.u2f.cue = true; + security.pam.u2f.authFile = pkgs.copyPathToStore ./u2f_keys; +} diff --git a/modules/workstation/hardware/yubikey/u2f_keys b/modules/workstation/hardware/yubikey/u2f_keys new file mode 100644 index 000000000000..1bb4f2f4c3a4 --- /dev/null +++ b/modules/workstation/hardware/yubikey/u2f_keys @@ -0,0 +1 @@ +qyliss:xEFvYinTZARyMSapx3wLN6U0w5oy7he66DM9Ww1EIUwr1eEsdEVX6JTayiol+XyGkThCMCRPJcEvTqR8cgXd8A==,0gl+uRidS5Dhx1S54aniQhJE+anN6hhTelZ8DncvpM2Z6MLfc/QUotFFE0cCBEA6KbQOIK9+WtgabFGOqBmljw==,es256,+presence diff --git a/modules/workstation/locale/default.nix b/modules/workstation/locale/default.nix new file mode 100644 index 000000000000..c079ab19bc88 --- /dev/null +++ b/modules/workstation/locale/default.nix @@ -0,0 +1,12 @@ +{ ... }: + +{ + i18n.defaultLocale = "eo"; + i18n.extraLocaleSettings.LC_ADDRESS = "de_DE.UTF-8"; + i18n.extraLocaleSettings.LC_CTYPE = "de_DE.UTF-8"; + i18n.extraLocaleSettings.LC_NAME = "en_GB.UTF-8"; + + # Like Germany, but uses thin spaces as thousands separators. + i18n.extraLocaleSettings.LC_MONETARY = "fr_FR.UTF-8"; + i18n.extraLocaleSettings.LC_NUMERIC = "fr_FR.UTF-8"; +} diff --git a/modules/workstation/lorri/default.nix b/modules/workstation/lorri/default.nix new file mode 100644 index 000000000000..602fac6106f7 --- /dev/null +++ b/modules/workstation/lorri/default.nix @@ -0,0 +1,9 @@ +{ config, ... }: + +{ + services.lorri.enable = true; + + # FIXME: systemd should have this set globally. + systemd.user.services.lorri.environment.XDG_CACHE_HOME = + "${config.users.users.qyliss.home}/state/cache"; +} diff --git a/modules/workstation/mail/default.nix b/modules/workstation/mail/default.nix new file mode 100644 index 000000000000..ff34fab8b98e --- /dev/null +++ b/modules/workstation/mail/default.nix @@ -0,0 +1,11 @@ +{ pkgs, config, ... }: + +{ + imports = [ ./isync ./mutt ./notmuch ./postfix ./rss2email ]; + + environment.systemPackages = with pkgs; [ isync ]; + + systemd.tmpfiles.rules = [ + "d ${config.users.users.qyliss.home}/mail 0770 qyliss qyliss" + ]; +} diff --git a/modules/workstation/mail/isync/default.nix b/modules/workstation/mail/isync/default.nix new file mode 100644 index 000000000000..22d64e45b1ba --- /dev/null +++ b/modules/workstation/mail/isync/default.nix @@ -0,0 +1,27 @@ +{ config, pkgs, ... }: + +let + maildir = "${config.users.users.qyliss.home}/mail"; + mbsyncrc = pkgs.substituteAll { inherit maildir; src = ./mbsyncrc.in; }; +in + +{ + systemd.services.mbsync = { + serviceConfig.Type = "oneshot"; + after = [ "network-online.target" ]; + before = [ "notmuch.service" ]; + requires = [ "network-online.target" ]; + wants = [ "notmuch.service" ]; + serviceConfig.ExecStart = "${pkgs.isync}/bin/mbsync -a -V -c ${mbsyncrc}"; + serviceConfig.User = "qyliss"; + unitConfig.ConditionPathExists = "${maildir}/imappass"; + }; + + systemd.timers.mbsync = { + timerConfig.OnCalendar = "*:0/5"; + timerConfig.Persistent = true; + after = [ "network-online.target" ]; + requires = [ "network-online.target" ]; + wantedBy = [ "timers.target" ]; + }; +} diff --git a/modules/workstation/mail/isync/mbsyncrc.in b/modules/workstation/mail/isync/mbsyncrc.in new file mode 100644 index 000000000000..4c44891acb46 --- /dev/null +++ b/modules/workstation/mail/isync/mbsyncrc.in @@ -0,0 +1,22 @@ +Create Both + +MaildirStore local + Path @maildir@/ + Inbox @maildir@/INBOX + Subfolders Verbatim + +IMAPAccount fastmail + Host imap.fastmail.com + User alyssa@fastmail.com + PassCmd "cat ~/mail/imappass" + SSLType IMAPS + SSLVersions TLSv1.3 + +IMAPStore fastmail-remote + Account fastmail + +Channel fastmail + Far :fastmail-remote: + Near :local: + Patterns * + SyncState * diff --git a/modules/workstation/mail/mutt/default.nix b/modules/workstation/mail/mutt/default.nix new file mode 100644 index 000000000000..96c0e6867545 --- /dev/null +++ b/modules/workstation/mail/mutt/default.nix @@ -0,0 +1,16 @@ +{ config, pkgs, ... }: + +let + stateDir = "${config.users.users.qyliss.home}/state/mutt"; +in + +{ + environment.systemPackages = with pkgs; [ neomutt ]; + + users.users.qyliss.xdg.config.paths."mutt/muttrc" = pkgs.copyPathToStore ./muttrc; + + systemd.tmpfiles.rules = [ + "d ${stateDir} 0700 qyliss qyliss" + "d ${stateDir}/header_cache 0700 qyliss qyliss" + ]; +} diff --git a/modules/workstation/mail/mutt/muttrc b/modules/workstation/mail/mutt/muttrc new file mode 100644 index 000000000000..6d80aced3bef --- /dev/null +++ b/modules/workstation/mail/mutt/muttrc @@ -0,0 +1,64 @@ +color index red default ~P + +alternates alyssa\.ross@unikie\.com +alternates @alyssa\.is @hi\.alyssa\.is + +unignore List-Id: +unignore Message-Id: +ignore User-Agent: + +set beep = no +set beep_new = yes +set edit_headers = yes +set fast_reply = yes +set folder = ~/mail +set header_cache = ~/state/mutt/header_cache +set help = no +set mark_old = no +set mime_forward = ask-no +set quit = ask-yes +set reverse_name = yes +set sort = last-date-received +set sort_browser = new +set strict_threads = yes +set use_envelope_from = yes +set use_threads = yes +set user_agent = no + +set newsrc = $XDG_DATA_HOME/mutt/newsrc +set nntp_context = 32767 + +unset prompt_after + +set spoolfile = +INBOX + +# set record = "=[Gmail]/Sent Mail" +# set postponed = "=[Gmail]/Drafts" +mailboxes `cd ~/mail; find . -name cur -print0 | sed -z -e 's|^\./||' -e 's|/cur$||' -e 's/\\/\\\\/' -e 's/"/\\"/g' -e 's/^/"=/' -e 's/$/"/' | xargs -0` +set record = "=Sent" +set trash = "=Archive" +set postponed = "=Drafts" +set sendmail = "sendmail" + +set pgp_use_gpg_agent = yes +set crypt_autosign = yes +set crypt_opportunistic_encrypt = yes +set postpone_encrypt = yes + +# Required for postpone_encrypt to work +set pgp_default_key = 757356D779BBB888773E415E736CCDF9EF51BD97 + +set pgp_decode_command = "gpg --status-fd=2 %?p?--pinentry-mode loopback --passphrase-fd 0? --no-verbose --quiet --batch --output - %f" +set pgp_verify_command = "gpg --status-fd=2 --no-verbose --quiet --batch --output - --verify %s %f" +set pgp_decrypt_command = "gpg --status-fd=2 %?p?--pinentry-mode loopback --passphrase-fd 0? --no-verbose --quiet --batch --output - --decrypt %f" +set pgp_sign_command = "gpg %?p?--pinentry-mode loopback --passphrase-fd 0? --no-verbose --batch --quiet --output - --armor --textmode %?a?--local-user %a? --detach-sign %f" +set pgp_clearsign_command = "gpg %?p?--pinentry-mode loopback --passphrase-fd 0? --no-verbose --batch --quiet --output - --armor --textmode %?a?--local-user %a? --clearsign %f" +set pgp_encrypt_only_command = "pgpewrap gpg --trust-model always --batch --quiet --no-verbose --output - --textmode --armor --encrypt -- --recipient %r -- %f" +set pgp_encrypt_sign_command = "pgpewrap gpg %?p?--pinentry-mode loopback --passphrase-fd 0? --trust-model always --batch --quiet --no-verbose --textmode --output - %?a?--local-user %a? --armor --sign --encrypt -- --recipient %r -- %f" +set pgp_import_command = "gpg --no-verbose --import %f" +set pgp_export_command = "gpg --no-verbose --armor --export %r" +set pgp_verify_key_command = "gpg --verbose --batch --fingerprint --check-sigs %r" +set pgp_list_pubring_command = "gpg --no-verbose --batch --quiet --with-colons --with-fingerprint --with-fingerprint --list-keys %r" +set pgp_list_secring_command = "gpg --no-verbose --batch --quiet --with-colons --with-fingerprint --with-fingerprint --list-secret-keys %r" +set pgp_good_sign = "^\\[GNUPG:\\] GOODSIG" +set pgp_decryption_okay = "^\\[GNUPG:\\] DECRYPTION_OKAY" diff --git a/modules/workstation/mail/notmuch/config b/modules/workstation/mail/notmuch/config new file mode 100644 index 000000000000..12b4435f10a2 --- /dev/null +++ b/modules/workstation/mail/notmuch/config @@ -0,0 +1,12 @@ +[user] +other_email=alyssa.ross@freeagent.com;alyssa.ross@unikie.com; + +[new] +tags=unread;inbox; +ignore=.uidvalidity;.mbsyncstate;.mbsyncstate.new;.mbsyncstate.journal; + +[search] +exclude_tags= + +[maildir] +synchronize_flags=true \ No newline at end of file diff --git a/modules/workstation/mail/notmuch/default.nix b/modules/workstation/mail/notmuch/default.nix new file mode 100644 index 000000000000..cb7ccd877950 --- /dev/null +++ b/modules/workstation/mail/notmuch/default.nix @@ -0,0 +1,21 @@ +{ pkgs, ... }: + +{ + environment.extraInit = '' + export NOTMUCH_CONFIG="/etc/xdg/nixos/per-user/$USER/notmuch/config" + ''; + + environment.systemPackages = with pkgs; [ notmuch ]; + + users.users.qyliss.xdg.config.paths."notmuch/config" = + pkgs.copyPathToStore ./config; + + systemd.services.notmuch = { + serviceConfig.Type = "oneshot"; + environment.NOTMUCH_CONFIG = "/etc/xdg/nixos/per-user/qyliss/notmuch/config"; + serviceConfig.ExecStart = "${pkgs.notmuch}/bin/notmuch new"; + serviceConfig.IOSchedulingClass = "idle"; + serviceConfig.Nice = 1; + serviceConfig.User = "qyliss"; + }; +} diff --git a/modules/workstation/mail/postfix/default.nix b/modules/workstation/mail/postfix/default.nix new file mode 100644 index 000000000000..db16bced3a5e --- /dev/null +++ b/modules/workstation/mail/postfix/default.nix @@ -0,0 +1,43 @@ +{ pkgs, lib, config, ... }: + +{ + services.postfix.enable = true; + + services.postfix.hostname = with lib; with config.networking; + concatStringsSep "." (filter (x: x != null) [ hostName domain ]); + + services.postfix.relayHost = "smtp.fastmail.com"; + services.postfix.relayPort = 465; + + services.postfix.recipientDelimiter = "+"; + services.postfix.config.home_mailbox = "mail/INBOX/"; + services.postfix.canonical = '' + qyliss hi@alyssa.is + ''; + services.postfix.virtual = '' + hi@alyssa.is qyliss + ''; + + # NixOS links /var/lib/postfix/conf to /etc/postfix, but + # postfix.service deletes /var/lib/postfix in an ExecStartPre, so we + # can't keep files there without adding them to the store. + # + # Work around this with a layer of symlink indirection. + services.postfix.mapFiles.sasl_passwd = pkgs.runCommand "sasl_passwd" {} '' + ln -s /var/lib/postfix/sasl_passwd $out + ''; + services.postfix.config.smtp_sasl_password_maps = "hash:/etc/postfix/sasl_passwd"; + + services.postfix.config.sender_dependent_relayhost_maps = "hash:/etc/postfix/sender_dependent_relayhost"; + services.postfix.mapFiles.sender_dependent_relayhost = pkgs.writeText "sender_dependent_relayhost" '' + @unikie.com [smtp.gmail.com]:465 + ''; + + services.postfix.config.smtp_sasl_auth_enable = true; + services.postfix.config.smtp_sasl_tls_security_options = "noanonymous"; + services.postfix.config.smtp_tls_security_level = "encrypt"; + services.postfix.config.smtp_tls_wrappermode = true; + + systemd.services.postfix-setup.unitConfig.ConditionPathExists = "/var/lib/postfix/sasl_passwd"; + systemd.services.postfix.unitConfig.ConditionPathExists = "/var/lib/postfix/sasl_passwd"; +} diff --git a/modules/workstation/mail/rss2email/default.nix b/modules/workstation/mail/rss2email/default.nix new file mode 100644 index 000000000000..614b7f9c0cb0 --- /dev/null +++ b/modules/workstation/mail/rss2email/default.nix @@ -0,0 +1,17 @@ +{ config, ... }: + +{ + services.rss2email.enable = true; + services.rss2email.to = "hi+rss2email@alyssa.is"; + services.rss2email.config.date-header = true; + services.rss2email.config.from = + "rss2email@${config.services.postfix.hostname}"; + + services.rss2email.feeds = { + fading-memories = { url = "https://valdyas.org/fading/feed/"; }; + flak = { url = "https://flak.tedunangst.com/rss"; }; + wandering-thoughts = + { url = "https://utcc.utoronto.ca/~cks/space/blog/?atom"; }; + repology = { url = "https://repology.org/maintainer/hi%40alyssa.is/feed-for-repo/nix_unstable/atom"; }; + }; +} diff --git a/modules/workstation/mpv/default.nix b/modules/workstation/mpv/default.nix new file mode 100644 index 000000000000..4e41f6566ecf --- /dev/null +++ b/modules/workstation/mpv/default.nix @@ -0,0 +1,15 @@ +{ pkgs, ... }: + +{ + environment.systemPackages = with pkgs; [ mpv ]; + + users.users.qyliss.xdg.config.paths."mpv/input.conf" = + pkgs.writeText "input.conf" '' + F11 cycle fullscreen + ''; + + users.users.qyliss.xdg.config.paths."mpv/mpv.conf" = + pkgs.writeText "mpv.conf" '' + audio-display=no + ''; +} diff --git a/modules/workstation/networking/castnow/default.nix b/modules/workstation/networking/castnow/default.nix new file mode 100644 index 000000000000..19f09723ad7e --- /dev/null +++ b/modules/workstation/networking/castnow/default.nix @@ -0,0 +1,8 @@ +{ pkgs, ... }: + +{ + environment.systemPackages = with pkgs; [ castnow ]; + + networking.firewall.allowedUDPPorts = [ 5353 ]; + networking.firewall.allowedTCPPortRanges = [ { from = 4100; to = 4105; } ]; +} diff --git a/modules/workstation/networking/default.nix b/modules/workstation/networking/default.nix new file mode 100644 index 000000000000..56703070ae64 --- /dev/null +++ b/modules/workstation/networking/default.nix @@ -0,0 +1,30 @@ +{ config, ... }: + +{ + imports = [ ../../hosts ./castnow ]; + + services.avahi.enable = true; + services.resolved.enable = true; + + networking.domain = "qyliss.net"; + networking.hosts = with config.networking; + { "127.0.1.1" = [ "${hostName}.${domain}" ]; }; + + networking.networkmanager.enable = true; + networking.networkmanager.wifi.backend = "iwd"; + + users.users.qyliss.extraGroups = [ "networkmanager" ]; + + # Plausible MAC randomization + networking.networkmanager.ethernet.macAddress = "random"; + networking.networkmanager.wifi.macAddress = "random"; + networking.networkmanager.extraConfig = '' + [connection-extra] + ethernet.generate-mac-address-mask=FE:FF:FF:00:00:00 + wifi.generate-mac-address-mask=FE:FF:FF:00:00:00 + ''; + + networking.nameservers = [ "::1" ]; + + programs.mtr.enable = true; +} diff --git a/modules/workstation/physical/default.nix b/modules/workstation/physical/default.nix new file mode 100644 index 000000000000..fc5cad3b2787 --- /dev/null +++ b/modules/workstation/physical/default.nix @@ -0,0 +1,9 @@ +{ ... }: + +{ + imports = [ ../. ../networking ]; + + programs.swayidle.enable = true; + + zramSwap.enable = true; +} diff --git a/modules/workstation/weechat/default.nix b/modules/workstation/weechat/default.nix new file mode 100644 index 000000000000..95ba03c1ecdc --- /dev/null +++ b/modules/workstation/weechat/default.nix @@ -0,0 +1,152 @@ +{ config, pkgs, lib, ... }: + +with lib; + +let + scripts = with pkgs.weechatScripts; + [ colorize_nicks weechat-go weechat-matrix zncplayback ]; + + networks = [ + "blitzed" "gnome" "hackint" "indymedia" "ircnet" "libera" + "oftc" "pissnet" "tilde" + ]; + + matrixServers = { fairydust = "fairydust.space"; }; + + toWeeChat = value: + /**/ if value == true then "on" + else if value == false then "off" + else if isList value then concatStringsSep "," value + else toString value; + + sec = [ "znc.username" "znc.password" ]; + + ignores = [ + "osmbot-test oftc #osm-gb" + ]; + + cfgin = { + alias.cmd.B = "buffer"; + alias.cmd.ZNC = "quote znc"; + irc.look.buffer_switch_autojoin = false; + irc.look.color_nicks_in_nicklist = true; + irc.look.display_join_message = false; + irc.look.server_buffer = "independent"; + irc.look.temporary_servers = true; + + irc.server_default = { + addresses = "znc.qyliss.net/6697"; + autoconnect = true; + capabilities = [ "account-notify" "away-notify" "cap-notify" "multi-prefix" "server-time" "znc.in/server-time-iso" "znc.in/self-message" "znc.in/playback" ]; + nicks = "qyliss"; + password = "\\\${sec.data.znc.password}"; + ssl = true; + username = "\\\${sec.data.znc.username}"; + }; + + irc.server = genAttrs networks (s: + { username = "'\\\${sec.data.znc.username}/${s}'"; }); + plugins.var.python.zncplayback.servers = networks; + + logger.color.backlog_end = "*default"; + logger.look.backlog = 200; + + matrix.look.human_buffer_names = true; + matrix.server = flip mapAttrs matrixServers (name: _: { + autoconnect = true; + device_name = "WeeChat (${config.networking.hostName})"; + username = "qyliss"; + password = "\\\${sec.data.fairydust.password}"; + }); + + script.look.sort = "p,n"; + + weechat.bar.buflist.hidden = true; + weechat.bar.fset.items = "fset"; + weechat.bar.input.items = "[mode_indicator]+ [input_prompt]+(away),[input_search],[input_paste],input_text"; + weechat.bar.nicklist.size_max = 12; + weechat.bar.status.color_bg = 53; + weechat.bar.status.items = "[otr],[buffer_plugin],buffer_name+(buffer_modes)+{buffer_nicklist_count}+buffer_zoom+buffer_filter,[matrix_typing_notice],scroll,[lag],[hotlist],completion"; + weechat.bar.title.color_bg = 53; + + weechat.color.chat_nick_colors = [ "cyan" "magenta" "green" "brown" "lightblue" "lightcyan" "lightmagenta" "lightgreen" "blue" ]; + weechat.color.chat_nick_self = "default"; + weechat.color.status_count_other = "white"; + weechat.color.status_data_other = "white"; + weechat.color.status_nicklist_count = "white"; + weechat.color.status_time = "white"; + + weechat.completion.default_template = "%(nicks)|%(irc_channels)|%(emoji)"; + weechat.completion.nick_completer = ":"; + + weechat.look.buffer_notify_default = "message"; + weechat.look.highlight = [ + "spectrum" "spectrumos" "pr-tracker" "crosvm" + "qyliss" "alyssa*" "*dntmissher" "*@alyssa" + ]; + weechat.look.hotlist_names_count = 10; + weechat.look.hotlist_names_level = 14; + weechat.look.mouse = true; + weechat.look.prefix_align_max = 12; + weechat.look.save_config_on_exit = false; + weechat.look.window_title = "WeeChat \\\${info:version}"; + }; + + commands = + map (n: "/server add ${n} ${cfgin.irc.server_default.addresses}") networks ++ + [ "/matrix server delete matrix_org" ] ++ + mapAttrsToList (n: d: "/matrix server add ${n} ${d}") matrixServers ++ + map (i: "/ignore add ${i}") ignores ++ + mapAttrsToList (name: value: "/set ${name} ${toWeeChat value}") + (flattenAttrs cfgin); + + flattenAttrs' = sep: attrs: + listToAttrs (concatLists (flip mapAttrsToList attrs (k: v: + if isAttrs v then mapAttrsToList (k': nameValuePair "${k}${sep}${k'}") (flattenAttrs' sep v) + else [ (nameValuePair k v) ]))); + + flattenAttrs = flattenAttrs' "."; + + # If we were to pass --run-command ourselves, it would get forwarded + # to WeeChat before the /script loads, so scripts wouldn't be + # available and we wouldn't be able to do stuff like set up Matrix. + cfg = pkgs.runCommand "weechat-config" {} '' + LC_ALL=C.UTF-8 ${pkgs.weechat.override { + configure = { ... }: { + inherit scripts; + init = concatStringsSep ";" (commands ++ [ "/save" "/exit" ]); + }; + }}/bin/weechat-headless -d $out + ''; + + weechatHome = "${config.users.users.qyliss.home}/state/weechat"; + +in + +{ + environment.extraInit = '' + export WEECHAT_HOME="$HOME/state/weechat" + ''; + + environment.systemPackages = with pkgs; [ + (weechat.override { + configure = { ...}: { + inherit scripts; + }; + }) + + weechatScripts.weechat-matrix # for helper scripts + ]; + + systemd.tmpfiles.packages = [ (pkgs.runCommand "weechat-tmpfiles" {} '' + conf=$out/lib/tmpfiles.d/weechat.conf + mkdir -p $(dirname $conf) + echo "d ${weechatHome} 0700 qyliss qyliss" > $conf + for file in ${cfg}/*.conf + do + if [ "$file" != ${cfg}/sec.conf ] + then echo "L+ ${weechatHome}/$(basename "$file") - - - - $file" >> $conf + fi + done + '') ]; +} diff --git a/modules/workstation/windowing/default.nix b/modules/workstation/windowing/default.nix new file mode 100644 index 000000000000..f7ff2b8a4272 --- /dev/null +++ b/modules/workstation/windowing/default.nix @@ -0,0 +1,13 @@ +{ pkgs, ... }: + +{ + imports = [ + ./firefox ./foot ./gtk ./sway + ]; + + environment.systemPackages = with pkgs; [ + breeze-icons gnome3.adwaita-icon-theme gnome3.gnome-mines + gnome-podcasts hicolor-icon-theme imv libreoffice okular pinball + playerctl wf-recorder + ]; +} diff --git a/modules/workstation/windowing/firefox/default.nix b/modules/workstation/windowing/firefox/default.nix new file mode 100644 index 000000000000..ccd9afd87843 --- /dev/null +++ b/modules/workstation/windowing/firefox/default.nix @@ -0,0 +1,19 @@ +{ pkgs, ... }: + +{ + environment.systemPackages = with pkgs; [ + (wrapFirefox firefox-unwrapped { + extraPolicies = { + DefaultDownloadDirectory = "/tmp"; + DisablePocket = true; + FirefoxHome = { + TopSites = false; + SponsoredTopSites = false; + SponsoredPocket = false; + }; + }; + }) + ]; + + environment.variables.BROWSER = "firefox"; +} diff --git a/modules/workstation/windowing/foot/default.nix b/modules/workstation/windowing/foot/default.nix new file mode 100644 index 000000000000..5c66f18eb03f --- /dev/null +++ b/modules/workstation/windowing/foot/default.nix @@ -0,0 +1,7 @@ +{ pkgs, ... }: + +{ + users.users.qyliss.xdg.config.paths."foot/foot.ini" = ./foot.ini; + + environment.systemPackages = with pkgs; [ foot ]; +} diff --git a/modules/workstation/windowing/foot/foot.ini b/modules/workstation/windowing/foot/foot.ini new file mode 100644 index 000000000000..d041f42bceac --- /dev/null +++ b/modules/workstation/windowing/foot/foot.ini @@ -0,0 +1,2 @@ +[main] +font = monospace:size=12 diff --git a/modules/workstation/windowing/gtk/default.nix b/modules/workstation/windowing/gtk/default.nix new file mode 100644 index 000000000000..df66f8fbb72d --- /dev/null +++ b/modules/workstation/windowing/gtk/default.nix @@ -0,0 +1,9 @@ +{ pkgs, ... }: + +{ + users.users.qyliss.xdg.config.paths."gtk-3.0/settings.ini" = + pkgs.copyPathToStore ./settings.ini; + + # Needed for Dino to not draw its title bar. + environment.variables.GTK_CSD = "0"; +} diff --git a/modules/workstation/windowing/gtk/settings.ini b/modules/workstation/windowing/gtk/settings.ini new file mode 100644 index 000000000000..29322c1b3a0d --- /dev/null +++ b/modules/workstation/windowing/gtk/settings.ini @@ -0,0 +1,2 @@ +[Settings] +gtk-application-prefer-dark-theme=1 diff --git a/modules/workstation/windowing/streaming/default.nix b/modules/workstation/windowing/streaming/default.nix new file mode 100644 index 000000000000..d6d5451ca6ff --- /dev/null +++ b/modules/workstation/windowing/streaming/default.nix @@ -0,0 +1,30 @@ +{ config, pkgs, ... }: + +let + obsStateDir = "${config.users.users.qyliss.home}/state/obs-studio"; +in + +{ + environment.systemPackages = with pkgs; [ carla obs-studio qpwgraph ]; + + environment.variables.LV2_PATH = with pkgs; lib.makeSearchPathOutput "out" "lib/lv2" [ + calf + dragonfly-reverb + lsp-plugins + x42-plugins + + # Workaround for https://github.com/werman/noise-suppression-for-voice/issues/158 + (runCommand "rrnoise-plugin-mono-lv2" {} '' + mkdir $out + cd ${rnnoise-plugin} + cp -R --parents lib/lv2/rnnoise_mono.lv2 $out + '') + ]; + + systemd.tmpfiles.rules = [ + "d ${obsStateDir} 0700 qyliss qyliss" + ]; + + users.users.qyliss.xdg.config.paths."obs-studio" = + pkgs.runCommand "obs-studio" {} "ln -s ${obsStateDir} $out"; +} diff --git a/modules/workstation/windowing/sway/choose_workspace.nix b/modules/workstation/windowing/sway/choose_workspace.nix new file mode 100644 index 000000000000..fc162d627b60 --- /dev/null +++ b/modules/workstation/windowing/sway/choose_workspace.nix @@ -0,0 +1,9 @@ +{ substituteAll, bemenu, jq }: + +substituteAll { + dir = "bin"; + name = "choose_workspace"; + src = ./choose_workspace.sh.in; + isExecutable = true; + inherit bemenu jq; +} diff --git a/modules/workstation/windowing/sway/choose_workspace.sh.in b/modules/workstation/windowing/sway/choose_workspace.sh.in new file mode 100644 index 000000000000..963746e0c810 --- /dev/null +++ b/modules/workstation/windowing/sway/choose_workspace.sh.in @@ -0,0 +1,17 @@ +#! @shell@ -ue +swaymsg -t get_workspaces | + @jq@/bin/jq -r \ + '(to_entries | map(select(.value.focused)) | .[0].key), .[].name' | + ( + read index + exec @bemenu@/bin/bemenu \ + -p workspace \ + -I "$index" \ + -H 24 \ + --fn 'monospace 10' \ + --nf '#777777' \ + --hb '#285577' \ + --hf '#ffffff' \ + --tf '#777777' \ + --ff '#ffffff' + ) diff --git a/modules/workstation/windowing/sway/config.in b/modules/workstation/windowing/sway/config.in new file mode 100644 index 000000000000..52efc1fa90e3 --- /dev/null +++ b/modules/workstation/windowing/sway/config.in @@ -0,0 +1,125 @@ +set $mod Mod4 +set $left h +set $down j +set $up k +set $right l + +default_border pixel +default_floating_border normal + +client.focused_inactive #333333 #5f676a #ffffff #484e50 #5f676a00 +client.unfocused #333333 #222222 #888888 #292d2e #22222200 + +for_window [app_id="float"] floating enable +for_window [app_id="firefox" title="Picture-in-Picture"] floating enable +for_window [class="Tor Browser"] floating enable +for_window [class="XDvi"] floating enable +for_window [instance="xdvi"] floating enable +for_window [class="XDvi" instance="xdvi"] floating disable +for_window [app_id="firefox" title="NoScript.*"] floating enable + +# Stop the Firefox sharing indicator (that appears when on an +# audio/video call) tiling, or appearing in the center of the display, +# or being focused. +no_focus [title="(Firefox|Nightly) . Sharing Indicator"] +for_window [title="(Firefox|Nightly) . Sharing Indicator"] { + floating enable + sticky enable + + # I'd really like this to be at the top, horizontally centered. + # Or maybe at the bottom right. But there's not really a way to + # do that in sway configuration, as far as I can tell. I think + # I'd need to exec a program that would measure the display size + # and compute the coordinates or something. That sounds horrible + # and fragile, so top left it is. + move position 0 0 +} + +input * natural_scroll enabled + +bindsym $mod+Return exec foot +bindsym $mod+backslash exec firefox +bindsym $mod+BackSpace kill +bindsym $mod+d exec swaymsg exec "$(choosebin --tiebreak=begin,length,index)" + +# Brightness control +bindsym $mod+F5 exec brightnessctl s 10%- +bindsym $mod+F6 exec brightnessctl s 10%+ + +# MPRIS +bindsym $mod+F7 exec playerctl play-pause + +# PulseAudio +bindsym $mod+F8 exec pactl set-sink-mute @DEFAULT_SINK@ toggle +bindsym $mod+F9 exec pactl set-sink-volume @DEFAULT_SINK@ -5% +bindsym $mod+F10 exec pactl set-sink-volume @DEFAULT_SINK@ +5% +bindsym XF86AudioLowerVolume exec pactl set-sink-volume @DEFAULT_SINK@ -5% +bindsym XF86AudioRaiseVolume exec pactl set-sink-volume @DEFAULT_SINK@ +5% + +# Drag floating windows by holding down $mod and left mouse button. +# Resize them with right mouse button + $mod. +# Despite the name, also works for non-floating windows. +# Change normal to inverse to use left mouse button for resizing and right +# mouse button for dragging. +floating_modifier $mod normal + +# reload the configuration file +bindsym $mod+Shift+c reload + +# exit sway (logs you out of your Wayland session) +bindsym $mod+Shift+e exec swaynag -t warning -m 'You pressed the exit shortcut. Do you really want to exit sway? This will end your Wayland session.' -b 'Yes, exit sway' 'swaymsg exit' + +bindsym $mod+$left focus left +bindsym $mod+$down focus down +bindsym $mod+$up focus up +bindsym $mod+$right focus right + +bindsym $mod+Shift+$left move left +bindsym $mod+Shift+$down move down +bindsym $mod+Shift+$up move up +bindsym $mod+Shift+$right move right + +bindsym $mod+g exec swaymsg workspace "$(@choose_workspace@)" +bindsym $mod+Shift+g exec swaymsg move container to workspace "$(@choose_workspace@)" + +bindsym $mod+b splith +bindsym $mod+v splitv + +bindsym $mod+s layout stacking +bindsym $mod+w layout tabbed +bindsym $mod+e layout toggle split + +bindsym $mod+f fullscreen + +bindsym $mod+Shift+space floating toggle +bindsym $mod+space focus mode_toggle + +bindsym $mod+a focus parent + +bindsym $mod+Shift+minus move scratchpad +bindsym $mod+minus scratchpad show + +mode "resize" { + bindsym $left resize shrink width 10px + bindsym $down resize grow height 10px + bindsym $up resize shrink height 10px + bindsym $right resize grow width 10px + + bindsym Return mode "default" + bindsym Escape mode "default" +} +bindsym $mod+r mode "resize" + +bar { + position top + + status_command @status_command@ + + colors { + statusline #ffffff + background #00000077 + inactive_workspace #33333377 #00000077 #FFFFFF77 + } +} + +@extraConfig@ diff --git a/modules/workstation/windowing/sway/default.nix b/modules/workstation/windowing/sway/default.nix new file mode 100644 index 000000000000..675ef8dbc031 --- /dev/null +++ b/modules/workstation/windowing/sway/default.nix @@ -0,0 +1,49 @@ +{ pkgs, lib, config, ... }: + +let + inherit (lib) mdDoc mkOption optionalString; + inherit (lib.types) lines nullOr path; + inherit (pkgs) callPackage substituteAll; + + cfg = config.programs.sway; +in + +{ + imports = [ ./swayidle ./swaylock ./wlsunset ./xdg-desktop-portal-wlr ]; + + options = { + programs.sway.extraConfig = mkOption { + type = lines; + description = mdDoc "Lines to append to sway's config file"; + default = ""; + }; + + programs.sway.wallpaper = mkOption { + type = nullOr path; + description = mdDoc "Path to wallpaper for sway and swaylock"; + default = null; + }; + }; + + config = { + environment.systemPackages = with pkgs; [ bemenu choose swayidle ]; + + programs.sway.enable = true; + programs.sway.wallpaper = callPackage ./wallpaper.nix { }; + programs.sway.extraPackages = []; # extra packages can go in systemPackages. + + programs.swayidle.enable = true; + + users.users.qyliss.xdg.config.paths."sway/config" = substituteAll { + src = ./config.in; + choose_workspace = + "${callPackage ./choose_workspace.nix { }}/bin/choose_workspace"; + status_command = "${callPackage ./status.nix { }}/bin/status"; + extraConfig = cfg.extraConfig + optionalString (cfg.wallpaper != null) '' + output * bg ${cfg.wallpaper} fill + ''; + }; + + xdg.portal.extraPortals = with pkgs; [ xdg-desktop-portal-gtk ]; + }; +} diff --git a/modules/workstation/windowing/sway/status.cpp b/modules/workstation/windowing/sway/status.cpp new file mode 100644 index 000000000000..1f73458d86b2 --- /dev/null +++ b/modules/workstation/windowing/sway/status.cpp @@ -0,0 +1,201 @@ +// SPDX-License-Identifier: GPL-3.0-or-later + +// Copyright 2020 Alyssa Ross +// +// This program is free software: you can redistribute it and/or modify +// it under the terms of the GNU General Public License as published by +// the Free Software Foundation, either version 3 of the License, or +// (at your option) any later version. +// +// This program is distributed in the hope that it will be useful, +// but WITHOUT ANY WARRANTY; without even the implied warranty of +// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +// GNU General Public License for more details. +// +// You should have received a copy of the GNU General Public License +// along with this program. If not, see <https://www.gnu.org/licenses/>. + +#include <chrono> +#include <fcntl.h> +#include <filesystem> +#include <iostream> +#include <thread> +#include <unistd.h> + +namespace fs = std::filesystem; + +using fs::directory_iterator; +using std::chrono::seconds; +using std::generic_category; +using std::put_time; +using std::stoi; +using std::string; +using std::stringstream; +using std::system_error; +using std::this_thread::sleep_for; +using std::time; + +enum BatteryStatus { + Unknown, + Charging, + Discharging, + NotCharging, + Full, +}; + +class Battery { +public: + Battery(string name); + + string name() { return m_name; } + fs::path path(); + BatteryStatus status(); + int capacity(); + int charge_now(); + +private: + string m_name; + string attr(string name); +}; + +Battery::Battery(string name) +{ + m_name = name; +} + +fs::path Battery::path() +{ + static fs::path base = "/sys/class/power_supply"; + return base / name(); +} + +BatteryStatus Battery::status() +{ + auto status = attr("status"); + + if (status == "Charging") + return Charging; + if (status == "Discharging") + return Discharging; + if (status == "Not charging") + return NotCharging; + if (status == "Full") + return Full; + + return Unknown; +} + +int Battery::capacity() +{ + return stoi(attr("capacity")); +} + +int Battery::charge_now() +{ + return stoi(attr("charge_now")); +} + +string Battery::attr(string name) +{ + // Use read() to make sure this is done in a single read syscall, + // because sysfs doesn't like multiple reads. + int fd = open((path() / name).c_str(), O_RDONLY); + if (fd == -1) + throw system_error(errno, generic_category()); + char buf[13]; + int len = read(fd, &buf, 13); + if (len == -1) + throw system_error(errno, generic_category()); + close(fd); + string value (buf, len); + if (value.back() == '\n') + value.pop_back(); + return value; +} + +int main(void) +{ + while (true) { + // Buffer output so it can be done all at once in a single write(), + // because of <https://github.com/swaywm/sway/issues/3857>. + stringstream out; + + for (const auto& entry : directory_iterator("/sys/class/power_supply")) { + auto name = entry.path().filename().string(); + + Battery battery (name); + auto batdisplay = false; + + try { + switch (battery.status()) { + case Charging: + out << "↑"; + break; + case Discharging: + out << "↓"; + break; + default: + out << " "; + } + batdisplay = true; + } catch (const system_error& ex) { + switch (ex.code().value()) { + case ENOENT: + break; + case ENODEV: + out << "? "; + batdisplay = true; + break; + default: + throw ex; + } + } + + try { + int capacity = battery.capacity(); + out << capacity << "%"; + batdisplay = true; + } catch (const system_error& ex) { + switch (ex.code().value()) { + case ENOENT: + break; + case ENODEV: + out << "??%"; + batdisplay = true; + break; + default: + throw ex; + } + + try { + int charge_now = battery.charge_now(); + out << charge_now; + batdisplay = true; + } catch (const system_error& ex) { + switch (ex.code().value()) { + case ENOENT: + break; + case ENODEV: + out << "??????"; + batdisplay = true; + break; + default: + throw ex; + } + } + } + + if (batdisplay) + out << " "; + } + + auto t = time(nullptr); + out << put_time(localtime(&t), "%F %T") << "\n"; + + auto buf = out.str(); + if (write(STDOUT_FILENO, buf.c_str(), buf.length()) == -1) + perror("write"); + + sleep_for(seconds(1)); + } +} diff --git a/modules/workstation/windowing/sway/status.nix b/modules/workstation/windowing/sway/status.nix new file mode 100644 index 000000000000..2697317d7611 --- /dev/null +++ b/modules/workstation/windowing/sway/status.nix @@ -0,0 +1,6 @@ +{ runCommandCC }: + +runCommandCC "status" {} '' + mkdir -p $out/bin + c++ -std=c++17 -o $out/bin/status ${./status.cpp} +'' diff --git a/modules/workstation/windowing/sway/swayidle/default.nix b/modules/workstation/windowing/sway/swayidle/default.nix new file mode 100644 index 000000000000..8e5f264b5038 --- /dev/null +++ b/modules/workstation/windowing/sway/swayidle/default.nix @@ -0,0 +1,23 @@ +{ lib, config, ... }: + +let + cfg = config.programs.swayidle; +in + +with lib; + +{ + options = { + programs.swayidle.enable = mkEnableOption "swayidle"; + }; + + config = mkIf cfg.enable { + programs.sway.extraConfig = '' + exec swayidle \ + timeout 300 'swaylock -c 000000' \ + timeout 600 'swaymsg "output * dpms off"' \ + resume 'swaymsg "output * dpms on"' \ + before-sleep 'swaylock -c 000000' + ''; + }; +} diff --git a/modules/workstation/windowing/sway/swaylock/config.in b/modules/workstation/windowing/sway/swaylock/config.in new file mode 100644 index 000000000000..c6f280aa8f5b --- /dev/null +++ b/modules/workstation/windowing/sway/swaylock/config.in @@ -0,0 +1,3 @@ +image=@wallpaper@ +indicator-idle-visible +show-failed-attempts diff --git a/modules/workstation/windowing/sway/swaylock/default.nix b/modules/workstation/windowing/sway/swaylock/default.nix new file mode 100644 index 000000000000..be15c87ade32 --- /dev/null +++ b/modules/workstation/windowing/sway/swaylock/default.nix @@ -0,0 +1,12 @@ +{ pkgs, config, ... }: + +{ + imports = [ ../../../../xdg ]; + + environment.systemPackages = with pkgs; [ swaylock ]; + + users.users.qyliss.xdg.config.paths."swaylock/config" = pkgs.substituteAll { + src = ./config.in; + wallpaper = config.programs.sway.wallpaper; + }; +} diff --git a/modules/workstation/windowing/sway/wallpaper.nix b/modules/workstation/windowing/sway/wallpaper.nix new file mode 100644 index 000000000000..bed6bbe33a6b --- /dev/null +++ b/modules/workstation/windowing/sway/wallpaper.nix @@ -0,0 +1,10 @@ +{ fetchurl }: + +fetchurl { + url = "https://mir-s3-cdn-cf.behance.net/project_modules/2800_opt_1/36731876964505.5c793fa788b5d.jpg"; + sha256 = "1c6camdipng8ws41sgpcxzrxb96crgip3wirqjgf2ajn60qg3v64"; + + meta = { + homepage = "https://www.behance.net/gallery/76964505/IQOO-style-frame-and-scene-design"; + }; +} diff --git a/modules/workstation/windowing/sway/wlsunset/default.nix b/modules/workstation/windowing/sway/wlsunset/default.nix new file mode 100644 index 000000000000..ba954f3cd3bd --- /dev/null +++ b/modules/workstation/windowing/sway/wlsunset/default.nix @@ -0,0 +1,9 @@ +{ pkgs, ... }: + +{ + environment.systemPackages = with pkgs; [ wlsunset ]; + + programs.sway.extraConfig = '' + exec wlsunset -l 51.5 -L 13.6 + ''; +} diff --git a/modules/workstation/windowing/sway/xdg-desktop-portal-wlr/default.nix b/modules/workstation/windowing/sway/xdg-desktop-portal-wlr/default.nix new file mode 100644 index 000000000000..892e6a280d4c --- /dev/null +++ b/modules/workstation/windowing/sway/xdg-desktop-portal-wlr/default.nix @@ -0,0 +1,13 @@ +{ pkgs, ... }: + +{ + xdg.portal.wlr.enable = true; + + programs.sway.extraConfig = '' + exec ${pkgs.writeShellScript "sway-portal-environment" '' + set -e + dbus-update-activation-environment --systemd WAYLAND_DISPLAY XDG_CURRENT_DESKTOP + systemctl --user stop pipewire xdg-desktop-portal xdg-desktop-portal-wlr + ''} + ''; +} diff --git a/modules/xdg/default.nix b/modules/xdg/default.nix new file mode 100644 index 000000000000..b24b18f4db08 --- /dev/null +++ b/modules/xdg/default.nix @@ -0,0 +1,42 @@ +{ lib, pkgs, config, ... }: + +let + inherit (lib) filterAttrs mapAttrsToList mkOption; + inherit (lib.types) loaOf attrsOf path submodule; + inherit (pkgs) linkFarm; + + userOptions = { + options.xdg.config.paths = mkOption { + default = {}; + type = attrsOf path; + }; + }; + +in + { + options = { + users.users = mkOption { + type = loaOf (submodule userOptions); + }; + }; + + config = { + environment.etc."xdg/nixos/per-user".source = + linkFarm "xdg-config-users" + (mapAttrsToList (user: { xdg, ... }: { + name = user; + path = linkFarm "${user}-xdg-config-home" + (mapAttrsToList + (name: path: { inherit name path; }) + xdg.config.paths); + }) (filterAttrs (_: { xdg, ... }: xdg.config.paths != {}) + config.users.users)); + + environment.sessionVariables = { + XDG_CONFIG_HOME = "/run/current-system/etc/xdg/nixos/per-user/$USER"; + XDG_DATA_HOME = "$HOME/state"; + XDG_CACHE_HOME = "$HOME/state/cache"; + XDG_STATE_HOME = "$HOME/state"; + }; + }; + } |