Update Docker to latest version and containerd to latest version from the 1.7
line. Runc updated to v1.2.5 with rebased patchset from the outstanding PR.
* buildroot 257ddc70ce...b4df362187 (4):
> package/runc: bump version to v1.2.5
> package/docker-cli: bump version to v28.0.1
> package/docker-engine: bump version to v28.0.1
> package/containerd: bump version to v1.7.25
Disable downstream option for linux-firmware compression. With #3877 it's not
needed for x86 anymore and other boards don't need it. Eventually the higher
EROFS compression for firmwares and modules can be enabled for other targets as
well.
Patch added in #3843 is not necessary anymore, as the missing reset names have
been added to DTS includes of the 6.12.y branch as patch
6c9cd0a70ccea8a505471062a85de5626ad07cec (released in v6.12.14).
When RPi is booted in the tryboot state and the set-state operation is called
for the second time, the tryboot files don't exists anymore and the handler
exits with an error code, printing an error in the Supervisor logs. Fix
handling of this case and add few more checks to make the handler a bit more
robust/traceable.
As we don't have the info utility in HAOS, it's worthless to preserve info
pages. While there are currently some files in /share/info (coming from GRUB2
tools install), /usr/share/info was added pre-emptively.
Because the OTA hooks interact with GRUB environment using grub-editenv, we
have BR2_TARGET_GRUB2_INSTALL_TOOLS enabled. However, that brings massive bloat
of files that are never used in HAOS, as it also installs many other binaries,
GRUB modules and translations.
As it's not possible to configure what gets installed in grub2 package, remove
the undesired files in the post-build function. This brings savings of ~8.5MB
of space in the root partition.
Use auditd so logs from AppArmor and other audit events are processed by that
instead of printed to the Systemd journal. This will reduce the log spam from
BPF usually present in host logs and still preserve the audit logs for
debugging.
The default configs seems to be sane for our purpose, rotating up to 5 files of
8MiB each. The difference is that /var/log/audit will be now on tmpfs but given
how AppArmor is used on typical HA setup, we don't need to preserve the logs
over reboots.
Removal of the e2scrub binary is not needed anymore, as it's not installed and
only BR2_PACKAGE_E2FSPROGS_E2IMAGE is enabled. Moreover, it's been probably
wrong since the very beginning, as the TARGET_DIR prefix was missing, possibly
leading to removal of the binary from the host/builder.
Allow configuration of the swap size via /etc/default/haos-swapfile file. By
setting the SWAPSIZE variable in this file, swapfile get recreated on the next
reboot to the defined size. Size can be either in bytes or with optional units
(B/K/M/G, accepting some variations but always interpreted as power of 10). The
size is then rounded to 4k block size. If no override is defined or the value
can't be parsed, it falls back to previously used 33% of system RAM.
Fixes#968
* Refresh fileenv patch for U-Boot 2025.01
* Update Tinker to U-Boot 2025.01
Needs minor patch adjustment, also fixed patch numbering.
* Update ODROID-N2 to U-Boot 2025.01, move eMMC patch
Move the patch for eMMC so it's applied only for N2 specifically and update it
for 2025.01.
* Update ODROID-C/XU to U-Boot 2025.01
No changes in patches necessary after moving the N2 patch.
* Update RPi boards to U-Boot 2025.01
Changes needed in bcmstb PCIe driver due to upstream refactoring, rest only
refreshed. All patches now target the same version, so we can drop one of the
series.
* Update VIM3 to U-Boot 2025.01
No patches here, just version bump.
* Update Green to U-Boot 2025.01
Updated and refreshed patches, added a patch to disable OF_UPSTREAM which is
now needed.
* Update ODROID-M1 to U-Boot 2025.01
Drop patch that has been mostly merged upstream. The change is that HS400 would
stay enabled but let's get back to what upstream does.
* Update ODROID-M1 to U-Boot 2025.01
Drop all patches as M1S support should be now merged to U-Boot and DTS taken
from upstream.
* Disable DFU and mkeficapsule to fix build
mkeficapsule requires gnutls to be built first but it's not among dependencies.
Since we don't need the tool, we can disable it.
DFU is also not used on HAOS and it implies EFI_LOADER that we already disable.
Moreover, that also sets SET_DFU_ALT_INFO and leads to linker failure on some
platforms where it's not implemented.
* fixup! Update Green to U-Boot 2025.01
There were more changes needed in the Green config to use correct memory layout
due to upstream changes, otherwise we'll have malloc failures in U-Boot proper.
* Move N2 eMMC patch to more generic patches-meson
To stay on the safe side, move the eMMC hack to more generic folder that's used
for all targets using the meson_gx eMMC driver (i.e. C2, C4 and N2). This is
still better than keeping it in hardkernel/patches which is applied only to
some hardkernel boards (like it was before bump to U-Boot 20205.01).
Instead of using per-file ZSTD compression, compress firmware (and newly also
kernel modules) using LZMA within EROFS image. LZMA was picked because ZSTD
support in EROFS is still experimental and due to some limitations in the
implementation, the compression takes significantly more time.
This change gives us more control over compression of the files and with the
proposed settings, saves a bit of the space (~10 MiB) in the resulting image.
In theory, even higher savings could be achieved through compressing other
runtime binaries, but this would need to be thoroughly tested whether it
doesn't have any detrimental effects. For firmware and modules, the overhead
should be minimal, as they are usually touched only once per boot and are
rather small before decompression.
* buildroot 74994c4f32...92fab35fed (6):
> fs/erofs: add custom compression option with optional compress-hints file
> package/erofs-utils: bump to version 1.8.5
> package/erofs-utils: bump to version 1.8.3
> package/erofs-utils: bump to version 1.8.2
> package/erofs-utils: bump to version 1.8.1
> package/erofs-utils: add libdeflate and zlib optional dependencies
* RaspberryPi: Update kernel to 6.6.74 - stable_20250127
* Bump buildroot to update rpi-firmware
* buildroot 71cba6c610...014c3fad50 (1):
> package/rpi-firmware: bump to version 1.20250127 for kernel 6.6.74
* Update patch for disabling CQE on CM5
The bool has been changed to a cell, adding the possibility to change the value
via sd_cqe dt_param both on CM5 and Pi5. Set it to disabled by default on CM5.
Because of refactoring/code quality improvements in upstream, IPv6 reachability
patch no longer applied on 6.12 kernel. We added two versions of the patch to
address this initially, however, this requires updating of the patch directory
name on every kernel bump. Backport the patch causing collision instead to RPi
kernel, so we can carry only one version of the patch.
This also requires swapping of the patching order - now we first apply
board-specific patches, then the global ones. Unless there are collisions,
these operations should be idempontent, so at this point it shouldn't have any
side-effects.
* Remove USB stack patches working around obsoleted Z-Wave devices issues
In #3224 we've introduced a patch reverting some changes in the USB stack that
was supposed to work around issues with some USB devices. Later discussions
revealed these devices are obsoleted by the manufacturer and there is no
official way of fixing those in newer Linux kernels. However, carrying the
patches makes us diverge from upstream and can eventually trigger other
problems not present upstream we'll have to handle.
Drop these patches now to be part of the upcoming OS 15 release, rather than
needing to drop them later in any of the patch revisions later.
* Also remove the patch from board/raspberrypi patches
* Upgrade Rockchip platforms to Linux 6.12
Upgrade all Rockchip boards to latest 6.12. Patches for M1S can be dropped, its
DTS has been merged. Same goes for the Rockchip TRNG, it only had to be enabled
in the Green DTS. Patch for broken combphy has been updated for 6.12.y.
* Remove deprecated and nonsense symbols from Rockchip defconfig
Many symbols have been removed between 6.6 and 6.12. Most of them have no use
in Rockchip defconfig, or should be set by other kernel fragments anyway.
Remove all of them, with the exception of USB_ONBOARD_HUB (which was renamed to
USB_ONBOARD_DEV) and FSCACHE (which was changed from tristate to bool).
* Update generic-aarch64 to Linux 6.12
* Update Amlogic-based ODROID boards to Linux 6.12
Removed couple of deprecated/unrelated kernel options.
* Update VIM3 to Linux 6.12
Cleaned up symbols unrelated/deprecated in 6.12 from defconfig.
* Update ODROID-XU4 to Linux 6.12
The usual defconfigs suspects had to been removed and the regulator patch for
ethernet needed a minor update after refactoring in upstream.
* Update Tinker to Linux 6.12
Needed defconfig cleanup for 6.12, otherwise no changes.
* Update x86 and OVA to latest 6.12 release
This way the extra patches directory can be removed too.
* Remove 6.6.73 patches
* Refresh all linux patch series against 6.12.11 sources
* Reenable HW RNG on M1S to speed up boot
The TRNG on RK3566 supposedly [1] has low quality, that's why it's disabled in
upstream for this SoC. We had it enabled in the past and without it, the boot
is delayed by quite a lot. Enable it again for now and investigate the RNG
issues later.
[1] https://patchew.org/linux/cover.1722355365.git.daniel@makrotopia.org/
* Also remove CACHEFILES module from Rockchip config
It was only enabled for Rockchip and Tinker, and to my knowledge there is no
cachefiles daemon or anything other in the userspace that's using it.
* Remove unused 6.6.y fragments
Since we only have 6.6.y for Raspberry Pi now, it doesn't need the Rockchip and
wireless PCI fragments.
Revert the patch changing phy reset behavior, requiring also changes in the
device tree that are missing in the stable backport. The issue was reported to
the regressions mailing list and hopefully future patch release should contain
a proper fix.
The patch is added to the patches-rockchip directory, potentially affecting
Green as well, although the broken peripherals are not used there.
Fixes#3837, fixes#3841
Probably since home-assistant/supervisor#5276 introduced in Supervisor
2024.9.0, RAUC bootloader handler for tryboot can set the tryboot flag also
when the tryboot file is not present, causing the Pi to become stuck in
bootloader, trying to load the tryboot file.
This happens when the device is already in the tryboot state, in that case the
tryboot files and flag are created by set-primary and in turn the files are
removed in set-state, while the flag is persisted, causing the bootloader to
attempt loading non-existing file.
To avoid unnecessary juggling with tryboot/config files, only create them and
set the flag if the boot slot is different than the current one. Also, make
sure that the flag is reboot parameter is cleared when the tryboot files are
removed by the handler.
Fixes#3740
* Linux: Update kernel to 6.12.6
* Linux 6.12
* https://github.com/home-assistant/operating-system/pull/3767#discussion_r1899169881
* https://github.com/home-assistant/operating-system/pull/3767#discussion_r1899170543
* Add patch descriptions, kernel ver conditionals
Signed-off-by: Nick Venenga <nick@venenga.com>
* Remove extra zram compression algos
* Undo fragment files config change
...for platforms that didn't receive kernel updates
* Sort Dockerfile apt packages
* Add Upstream refs to patches
* Re-enable TC
* Restore v6.6.y kernel fragments
* Update buildroot to rebased branch
* Apply 6.12 migration only to generic-x86-64
* package/eq3_char_loop: port patch from RaspberryMatic by @jens-maus
* package/generic_raw_uart: port patch from RaspberryMatic by @jens-maus
* Restore buildroot-external/board/pc/patches/linux
It's used in ova and generic-aarch64 defconfigs. Keep the path removed from
generic-x86-64 defconfig.
* Split linux patches to be version-specific
The IPv6 reachability patch needs different context on 6.6.y and 6.12.y -
introduce version-specific linux directories. To avoid the need for extra
directory for version used in RPi, copy those patches to its patches directory.
* Replace removed Intel Skylake audio driver with Intel AVS
The Skylake driver was removed and should be now replaced either by Intel HD
Audio or Intel AVS. Remove the old options and enable AVS.
SND_SOC_INTEL_SKYLAKE=m not found (defined in /build/buildroot-external/board/pc/generic-x86-64/kernel.config:63)
SND_SOC_INTEL_SKL=m not found (defined in /build/buildroot-external/board/pc/generic-x86-64/kernel.config:64)
SND_SOC_INTEL_APL=m not found (defined in /build/buildroot-external/board/pc/generic-x86-64/kernel.config:65)
SND_SOC_INTEL_KBL=m not found (defined in /build/buildroot-external/board/pc/generic-x86-64/kernel.config:66)
SND_SOC_INTEL_GLK=m not found (defined in /build/buildroot-external/board/pc/generic-x86-64/kernel.config:67)
SND_SOC_INTEL_CNL=m not found (defined in /build/buildroot-external/board/pc/generic-x86-64/kernel.config:68)
SND_SOC_INTEL_CFL=m not found (defined in /build/buildroot-external/board/pc/generic-x86-64/kernel.config:69)
SND_SOC_INTEL_CML_H=m not found (defined in /build/buildroot-external/board/pc/generic-x86-64/kernel.config:70)
SND_SOC_INTEL_CML_LP=m not found (defined in /build/buildroot-external/board/pc/generic-x86-64/kernel.config:71)
SND_SOC_INTEL_SKYLAKE_FAMILY=m not found (defined in /build/buildroot-external/board/pc/generic-x86-64/kernel.config:72)
SND_SOC_INTEL_SKYLAKE_HDAUDIO_CODEC=y not found (defined in /build/buildroot-external/board/pc/generic-x86-64/kernel.config:73)
SND_SOC_INTEL_SKYLAKE_COMMON=m not found (defined in /build/buildroot-external/board/pc/generic-x86-64/kernel.config:74)
-> a882f4d750
SND_SOC_INTEL_SST=m requested, actual = n (defined in /build/buildroot-external/board/pc/generic-x86-64/kernel.config:58)
-> 970d299b0a
* Remove I2C_COMPAT option
I2C_COMPAT=y not found (defined in /build/buildroot-external/board/pc/generic-x86-64/kernel.config:163)
-> 7e722083fc
* Correctly disable module compression after Kconfig change
The Kconfig structure was changed, there's now a top-level bool:
c7ff693fa2
---------
Signed-off-by: Nick Venenga <nick@venenga.com>
Co-authored-by: Jan Čermák <sairon@sairon.cz>
On Kria KD240 slg7xl45106 device is handling reset for USB hub which is
providing access to SD card (USB/SD converter). Access to this device is
done via i2c which needs to be also enabled in the kernel as built-in
driver not as module when rootfs is mounted.
Also change ZYNQ_GPIO to be built-in driver because i2c is using gpio for
bus recovery that's why it should be also enabled to probe i2c driver
properly.
v6.6 kernel doesn't have support for usb5744 driver that's why disable it
but add TODO to enable it once v6.12 upgrade is done.
* Move rauc.db to boot partition
The RAUC metadata file contains information that is tightly related to the
system and kernel partitions. With the possibility to migrate data disk, the
rauc.db can contain bogus information when moved to a different system. Removal
of the file on "device wipe" is also not desirable, because the information
about slot status is lost.
Relocate the rauc.db to the boot partition after a system upgrade (as this
can't be handled by RAUC hooks, because it needs to be executed after all slots
and metadata is written) and adjust the script for recreating it. The downside
is that its content in /mnt/data would be recreated if the boot slot is changed
or system downgraded but this should be handled quite gracefully.
Also remove the raucdb-first-boot service which is no longer necessary
with the file not present in the data partition.
* Fix shellcheck and mount path
* Enable USB-SD convertor on AMD/Xilinx Kria KD240 platform
Kria KD240 board is using SD card but SD is connected via onboard USB HUB.
USB controller is DWC3 with Xilinx glue logic. Both of these options are
enabled but board is using slg7xl45106 for driving usb-hub reset (PCA9570
driver) and USB3.0 requires initialization via PHY_XILINX_ZYNQMP driver.
All options should be enabled (=y) and can't be kernel modules because
provide access to rootfs.
* Add a note for config symbol change in 6.12
Changed in mainline commit 31e7f6c015d9eb35e77ae9868801c53ab0ff19ac
---------
Co-authored-by: Jan Čermák <sairon@users.noreply.github.com>
The /etc/usb_modeswitch.d is present and empty but it can't be written to allow
user modification. Bind-mount it like other /etc folders to make it possible to
adjust usb_modeswitch config.
Fixes#3785
Zynq GPIO driver is used on AMD/Xilinx Kria platform for ETH phy reset.
Macb and PHY drivers are already enabled.
1 wire IP can be used for reading sensors via PMOD connector.
Similarly to #3705, enabled CQE triggers I/O freezes usually on the first boot
when the swapfile is being created. While we disabled it for Yellow, with #3782
the issue started to appear on generic CM5 targets with the rpi5-64 image.
In the meantime it was discovered that there seems to be some relation with the
ext4lazyinit task, which happens as a result of data partition resize, yet it's
still unclear if the pattern of the access triggered by the concurrent FS
initialization is somehow responsible, or if another factor comes in play.
Disabling CQE yet makes the issue go away and serves as an acceptable
workaround.
RPi 5 images container only device tree for Pi 5 Model B. Add the other
remaining BCM2712 device trees to enable running on CM5 and other variants
supported upstream.
Fixes#3766
With "cgroup: Use kernel command line to disable memory cgroup" merged to RPi
kernel as 86099de [1], the device tree now contains "cgroup_disable=memory"
parameter. The parameters are parsed in the order defined in the cmdline and
with the previous order, the memory CG ends up disabled. Switching the order
fixes that and makes the order similar to what we get with standard bootloader
and parameters in cmdline.txt only.
The possible downside is that it won't be possible to override parameters from
hardcoded bootargs_hassos using cmdline.txt anymore, however, it's unlikely any
of these parameters will need to be adjusted by users.
Fixes#3765
[1] 86099deff5
The z3fold allocator was deprecated with the reasoning explained in [1] and
this patch was backported to stable 6.6.y as well. We enable zsmalloc in shared
hassos.config and the enabled option in the Tinker config was probably just
some remnant from the past.
[1] https://lore.kernel.org/linux-mm/20240904233343.933462-1-yosryahmed@google.com/
