Kernel missing some capabilities

[WhyNotHugo]

Trying to use wifi with iwd, turns out some options are missing in the kernel:

CONFIG_CRYPTO_USER_API_SKCIPHER
CONFIG_KEY_DH_OPERATIONS
CONFIG_CRYPTO_ECB
CONFIG_CRYPTO_CBC
CONFIG_CRYPTO_DES
CONFIG_CRYPTO_AES

Turning them on would be quick fix, but I think it would make sense to try and base the config on the upstream Nix config, and only override the values specifically needed for running on the M1. Otherwise there will always be more small differences that will break things in unexpected ways. This approach should also reduce the burden of eventually up-streaming the work done here.

The problem is, right now, it's not very clear which flags must change for M1. I'm going to try and diff the asahi kernel config with the defaults and see if the diff is rather small or not.

[tpwrules]

Did you get any interesting results from this? I think some options are changing to more sensible defaults and there was a new Asahi kernel release just recently which I will try to incorporate soon. But moving to a stock NixOS kernel config is definitely the best long-term option, I just don't really know how to do it effectively.

[WhyNotHugo]

Nothing useful. Asahi is based on ArchLinuxARM, but the Asahi kernel's config is entirely different from ALARM's config (thousands of different values), so that didn't help figure answer "what flags do we need to change for the M1 build".

I also created a new kernel config from scratch and compared that one -- the result was the same.

I do admit that this is not my area of expertise either; my approach is the one of someone who's building but doesn't really know about kernel development.

[zzywysm]

I think most of this will be addressed with pull request #10. I didn't enable DES because it's so ancient and broken.

[psanford]

For what its worth, i wrote a script to merge the asahi arch kernel config with the one in this repo to produce a more fully enabled kernel. The config is available here: https://gist.github.com/psanford/84dd1bbffc1d6a81ca8d088551e2dd43

[tpwrules]

The latest release now uses a 99% unmodified config from the Asahi reference distro which looks to have the options you mention. The big obstacle to getting it to boot was figuring out which modules needed to go in the initrd, but I found that out and everything works nicely now.

Still am not sure about moving to a NixOS-generated kernel config just because they are rather bloated. The kernel took about 6 minutes (on my x86 machine) to compile with the cut down config, 12 minutes with the reference distro config, and 50 minutes with a NixOS-generated config (which I didn't try to boot). There's a decent chance GitHub Actions won't give me enough time to build that config and kind of time is annoying during development for me and for users just upgrading their systems.