Skip to content

Commit

Permalink
initial extension for RK3588 and kernel modules
Browse files Browse the repository at this point in the history
  • Loading branch information
@nberlee @pl4nty
nberlee authored and pl4nty committed Feb 23, 2024
1 parent fbbd46c commit 8e1ed41
Show file tree
Hide file tree
Showing 7 changed files with 98 additions and 43 deletions.
62 changes: 19 additions & 43 deletions README.md
View file
Original file line number Diff line number Diff line change
@@ -1,3 +1,9 @@
# Friendy fork

This is a friendly fork, only here as the Turing RK1 has a different kernel, therefor it needs different extensions for kernel module drivers.
Also please use the *rk3588* extension and make sure to add `rockchip-cpufreq` to the `machine.kernel.modules` in your machine config.
See: [rk3588](sbcs/rk3588) extension

# Talos Linux System Extensions

This repo serves as a central place for publishing supported extensions to Talos Linux.
Expand All @@ -17,107 +23,77 @@ The extension image is composed of a `manifest.yaml` file that provides informat
In order to find a container reference for a system extension compatible with your Talos Linux version, you can use the following command:

```bash
crane export ghcr.io/siderolabs/extensions:v<talos-version> | tar x -O image-digests | grep <extension-name>
crane export ghcr.io/nberlee/extensions:v<talos-version> | tar x -O image-digests | grep <extension-name>
```

For example, to find a compatible version of the `gasket-driver` extension for Talos v1.5.3, you can run:

```bash
$ crane export ghcr.io/siderolabs/extensions:v1.5.3 | tar x -O image-digests | grep gasket-driver
ghcr.io/siderolabs/gasket-driver:97aeba58-v1.5.3@sha256:c786edb356edae3b451cb82d5322f94e54ea0710195181b93ae37ccc8e7ba908
$ crane export ghcr.io/nberlee/extensions:v1.5.3 | tar x -O image-digests | grep gasket-driver
ghcr.io/nberlee/gasket-driver:97aeba58-v1.5.3@sha256:c786edb356edae3b451cb82d5322f94e54ea0710195181b93ae37ccc8e7ba908
```

Please always use the pinned digest when referencing an extension image.

All extensions are signed with Google Accounts OIDC issuer matching `@siderolabs.com` domain, so the image signatures can be verified, for example:

```bash
cosign verify --certificate-identity-regexp '@siderolabs\.com$' --certificate-oidc-issuer https://accounts.google.com ghcr.io/siderolabs/extensions:v1.5.3
cosign verify --certificate-identity-regexp '@siderolabs\.com$' --certificate-oidc-issuer https://accounts.google.com ghcr.io/siderolabs/gasket-driver:97aeba58-v1.5.3@sha256:c786edb356edae3b451cb82d5322f94e54ea0710195181b93ae37ccc8e7ba908
```

## Extension Catalog

### Container Runtimes

| Name | Image | Description | Version Format |
| ----------------------------------- | ------------------------------------------------------------------------------------------- | ----------------------------------------------- | ---------------------------------- |
| [gvisor](container-runtime/gvisor/) | [ghcr.io/siderolabs/gvisor](https://github.com/siderolabs/extensions/pkgs/container/gvisor) | [gVisor](https://gvisor.dev/) container runtime | `upstream version`-`talos version` |
| [stargz-snapshotter](container-runtime/stargz-snapshotter/) | [ghcr.io/siderolabs/stargz-snapshotter](https://github.com/siderolabs/extensions/pkgs/container/stargz-snapshotter) | [Stargz Snapshotter](https://github.com/containerd/stargz-snapshotter) container runtime | `upstream version`-`talos version` |
| [ecr-credential-provider](container-runtime/ecr-credential-provider) | [ghcr.io/siderolabs/ecr-credential-provider](https://github.com/siderolabs/extensions/pkgs/container/ecr-credential-provider) | [ECR Credential Provider](https://github.com/kubernetes/cloud-provider-aws/tree/master/cmd/ecr-credential-provider) kubelet plugin | `upstream version` |

### Firmware

| Name | Image | Description | Version Format |
| -------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------- | --------------------------- | ------------------------ |
| [amd-ucode](firmware/amd-ucode/) | [ghcr.io/siderolabs/amd-ucode](https://github.com/siderolabs/extensions/pkgs/container/amd-ucode) | AMD CPU microcode updates | `linux firmware version` |
| [amdgpu-firmware](firmware/amdgpu-firmware/) | [ghcr.io/siderolabs/amdgpu-firmware](https://github.com/siderolabs/extensions/pkgs/container/amdgpu-firmware) | AMD GPU firmware | `linux firmware version` |
| [bnx2-bnx2x](firmware/bnx2-bnx2x/) | [ghcr.io/siderolabs/bnx2-bnx2x](https://github.com/siderolabs/extensions/pkgs/container/bnx2-bnx2x) | Broadcom NetXtreme firmware | `linux firmware version` |
| [chelsio-firmware](firmware/chelsio-firmware/) | [ghcr.io/siderolabs/chelsio-firmware](https://github.com/siderolabs/extensions/pkgs/container/chelsio-firmware) | Chelsio NIC firmware | `linux firmware version` |
| [i915-ucode](firmware/i915-ucode/) | [ghcr.io/siderolabs/i915-ucode](https://github.com/siderolabs/extensions/pkgs/container/i915-ucode) | Intel GPU firmware | `linux firmware version` |
| [intel-ice-firmware](firmware/intel-ice-firmware/) | [ghcr.io/siderolabs/intel-ice-firmware](https://github.com/siderolabs/extensions/pkgs/container/intel-ice-firmware) | Intel ICE NIC firmware | `linux firmware version` |
| [intel-ucode](firmware/intel-ucode/) | [ghcr.io/siderolabs/intel-ucode](https://github.com/siderolabs/extensions/pkgs/container/intel-ucode) | Intel CPU microcode updates | `upstream version` |
| [qlogic-firmware](firmware/qlogic-firmware/) | [ghcr.io/siderolabs/qlogic-firmware](https://github.com/siderolabs/extensions/pkgs/container/qlogic-firmware) | Qlogic firmware | `linux firmware version` |
| [realtek-firmware](firmware/realtek-firmware/) | [ghcr.io/siderolabs/realtek-firmware](https://github.com/siderolabs/extensions/pkgs/container/realtek-firmware) | Realtek firmware | `linux firmware version` |

### Drivers

| Name | Image | Description | Version Format |
| ------------------------------------ | ------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------ | ----------------------------------------------------- |
| [chelsio](drivers/chelsio/) | [ghcr.io/siderolabs/chelsio-drivers](https://github.com/siderolabs/extensions/pkgs/container/chelsio-drivers) | Chelsio NIC drivers | `talos version` |
| [gasket](drivers/gasket/) | [ghcr.io/siderolabs/gasket-driver](https://github.com/siderolabs/extensions/pkgs/container/gasket-driver) | Driver for Google Coral PCIe devices | `gasket driver upstream short commit`-`talos version` |
| [nvidia](nvidia-gpu/nvidia-modules/) | [ghcr.io/siderolabs/nvidia-open-gpu-kernel-modules](https://github.com/siderolabs/extensions/pkgs/container/nvidia-open-gpu-kernel-modules) | NVIDIA OSS Driver | `nvidia driver upstream version`-`talos version` |
| [thunderbolt](drivers/thunderbolt/) | [ghcr.io/siderolabs/thunderbolt](https://github.com/siderolabs/extensions/pkgs/container/thunderbolt) | Thunderbolt drivers | `talos version` |
| [usb-modem](drivers/usb-modem/) | [ghcr.io/siderolabs/usb-modem-drivers](https://github.com/siderolabs/extensions/pkgs/container/usb-modem-drivers) | USB Modem drivers | `talos version` |
| Name | Image | Description | Version Format |
| ------------------------------------ | ----------------------------------------------------------------------------------------------------------- | ------------------------------------ | ----------------------------------------------------- |
| [usb-modem](drivers/usb-modem/) | [ghcr.io/nberlee/usb-modem-drivers](https://github.com/nberlee/extensions/pkgs/container/usb-modem-drivers) | USB Modem drivers | `talos version` |

### Miscellaneous

| Name | Image | Description | Version Format |
| ------------------------------- | ------------------------------------------------------------------------------------------------- | ---------------------------------- | ------------------ |
| [binfmt-misc](misc/binfmt-misc) | [ghcr.io/siderolabs/binfmt-misc](https://github.com/siderolabs/extensions/pkgs/container/binfmt-misc) | Miscellaneous Binary Format | `talos version` |
| [binfmt-misc](misc/binfmt-misc) | [ghcr.io/nberlee/binfmt-misc](https://github.com/nberlee/extensions/pkgs/container/binfmt-misc) | Miscellaneous Binary Format | `talos version` |

### Network

| Name | Image | Description | Version Format |
| ------------------------------- | ------------------------------------------------------------------------------------------------- | ---------------------------------- | ------------------ |
| [tailscale](network/tailscale/) | [ghcr.io/siderolabs/tailscale](https://github.com/siderolabs/extensions/pkgs/container/tailscale) | [Tailscale](https://tailscale.com) | `upstream version` |

### SBCs
| Name | Image | Description | Version Format |
| --------------------- | -------------------------------------------------------------- | --------------------------------- | ------------------ |
| [rk3588](sbcs/rk3588) | [ghcr.io/nberlee/rk3588](https://github.com/nberlee/extensions | Support modules for RK3588 boards | `talos version` |


### Storage

| Name | Image | Description | Version Format |
| ----------------------------------- | ----------------------------------------------------------------------------------------------------- | ------------------- | ---------------------------------- |
| [iscsi-tools](storage/iscsi-tools/) | [ghcr.io/siderolabs/iscsi-tools](https://github.com/siderolabs/extensions/pkgs/container/iscsi-tools) | Open iSCSI tools | `v0.1.0` |
| [mdadm](storage/mdadm/) | [ghcr.io/siderolabs/mdadm](https://github.com/siderolabs/extensions/pkgs/container/mdadm) | manage MD devices tool | `upstream version`-`talos version` |
| [drbd](storage/drbd/) | [ghcr.io/siderolabs/drbd](https://github.com/siderolabs/extensions/pkgs/container/drbd) | DRBD driver module | `upstream version`-`talos version` |
| [zfs](storage/zfs/) | [ghcr.io/siderolabs/zfs](https://github.com/siderolabs/extensions/pkgs/container/zfs) | ZFS driver module | `upstream version`-`talos version` |
| [btrfs](storage/btrfs/) | [ghcr.io/siderolabs/btrfs](https://github.com/siderolabs/extensions/pkgs/container/btrfs) | BTRFS driver module | `talos version` |

### Power

| Name | Image | Description | Version Format |
| ------------------------------- | --------------------------------------------------------------------------------------------------------- | -------------------------------------------------------------- | ---------------------------------- |
| [nut-client](power/nut-client/) | [ghcr.io/siderolabs/nut-client](https://github.com/siderolabs/talos-extensions/pkgs/container/nut-client) | [Network UPS Tools](https://networkupstools.org) upsmon client | `upstream version`-`talos version` |

### Guest Agents

| Name | Image | Description | Version Format |
| ------------------------------------------------------ | ------------------------------------------------------------------------------------------------------------------------- | ---------------------------------------------------------------------- | ------------------ |
| [qemu-guest-agent](guest-agents/qemu-guest-agent/) | [ghcr.io/siderolabs/qemu-guest-agent](https://github.com/siderolabs/talos-extensions/pkgs/container/qemu-guest-agent) | [QEMU Guest Agent](https://wiki.qemu.org/Features/GuestAgent) | `upstream version` |
| [xe-guest-utilities](guest-agents/xe-guest-utilities/) | [ghcr.io/siderolabs/xe-guest-utilities](https://github.com/siderolabs/talos-extensions/pkgs/container/xe-guest-utilities) | [xe-guest-utilities](https://github.com/xenserver/xe-guest-utilitiest) | `upstream version` |

### NVIDIA GPU

| Name | Description | Version Format |
| ---------------------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------- | ---------------------------------- |
| [nvidia-container-toolkit](nvidia-gpu/nvidia-container-toolkit/) | Tools to run [NVIDIA GPU workloads](https://docs.nvidia.com/datacenter/cloud-native/container-toolkit/overview.html) in containers | `driver version`-`toolkit version` |
| [nvidia-fabricmanager](nvidia-gpu/nvidia-fabricmanager/) | [NVIDIA fabric manager](https://docs.nvidia.com/datacenter/tesla/pdf/fabric-manager-user-guide.pdf) support for GPU workloads | `driver version` |
| [nvidia-open-gpu-kernel-modules](nvidia-gpu/nvidia-modules/) | NVIDIA driver kernel modules | `driver version`-`talos version` |

#### Tools

| Name | Description | Version Format |
| ------------------------------------- | ---------------------------------- | --------------- |
| [util-linux-tools](tools/util-linux/) | Util Linux tools (only fstrim now) | `talos version` |

## Building Extensions

Expand Down
29 changes: 29 additions & 0 deletions sbcs/rk3588/README.md
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,29 @@
# RK3588 extension

## Installation

See [Installing Extensions](https://github.com/siderolabs/extensions#installing-extensions).

## Usage

The following modules to to loaded manually, so add this to the talos config:
```yaml
machine:
kernel:
modules:
- name: rockchip-cpufreq
```
The rest is automatically detected and loaded based on the device-tree.
Provides:
* `rockchip-cpufreq`: his module is responsible for CPU frequency scaling on Rockchip processors. It manages the CPU's operating frequency and voltage to balance performance and power consumption.
* `rk_crypto2`: A cryptographic driver module for Rockchip SoCs, providing hardware acceleration for cryptographic operations like encryption and decryption, enhancing performance in cryptographic tasks. Currently only hashes are supported.
* `phy-rockchip-naneng-combphy`: Enable this to support the Rockchip PCIe/USB3.0/SATA/QSGMII combo PHY with NaNeng IP block.
* `phy-rockchip-snps-pcie3`: A PHY driver module for Rockchip's Synopsys PCIe3, it manages the physical layer interface for PCI Express 3.0, ensuring reliable and efficient data transmission over PCIe connections.
* `rk808-regulator`: This module controls voltage regulators in the RK808 chip. It's used for managing power supply to various components of the system, ensuring stable operation and power efficiency.
* `rk8xx-core`: A core driver for the RK8xx series of Multi-Function Devices (MFD). This module provides support and interfaces for various integrated functions like power management and others within RK8xx chips.
* `rk8xx-spi`: This module is specifically for SPI (Serial Peripheral Interface) support in RK8xx series chips. It facilitates communication with devices connected via SPI, a common interface used in embedded systems.
* `sm3_generic`: A generic implementation of the SM3 cryptographic hash algorithm. This module provides functionality for generating secure hash values, commonly used in data integrity checks and digital signatures. Need for `rk_crypto2`.
* `rockchip-rng`: A hardware random number generator module for Rockchip SoCs. It provides high-quality random numbers, crucial for cryptographic applications and ensuring system security.
10 changes: 10 additions & 0 deletions sbcs/rk3588/files/modules.txt
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,10 @@
modules.order
modules.builtin
modules.builtin.modinfo
kernel/drivers/cpufreq/rockchip-cpufreq.ko
kernel/drivers/crypto/rockchip/rk_crypto2.ko
kernel/drivers/regulator/rk808-regulator.ko
kernel/drivers/mfd/rk8xx-core.ko
kernel/drivers/mfd/rk8xx-spi.ko
kernel/crypto/sm3_generic.ko
kernel/drivers/char/hw_random/rockchip-rng.ko
10 changes: 10 additions & 0 deletions sbcs/rk3588/manifest.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,10 @@
version: v1alpha1
metadata:
name: rk3588-drivers
version: "$VERSION"
author: Nico Berlee
description: |
This system extension provides drivers needed for RK3588 boards.
compatibility:
talos:
version: ">= v1.6.0"
29 changes: 29 additions & 0 deletions sbcs/rk3588/pkg.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,29 @@
name: rk3588
variant: scratch
shell: /toolchain/bin/bash
dependencies:
- stage: base
# The pkgs version for a particular release of Talos as defined in
# https://github.com/siderolabs/talos/blob/<talos version>/pkg/machinery/gendata/data/pkgs
- image: "{{ .BUILD_ARG_PKGS_PREFIX }}/kernel:{{ .BUILD_ARG_PKGS }}"
steps:
- prepare:
- |
sed -i 's#$VERSION#{{ .VERSION }}#' /pkg/manifest.yaml
- install:
- |
export KERNELRELEASE=$(find /lib/modules -type d -name "*-talos" -exec basename {} \+)
mkdir -p /rootfs
xargs -a /pkg/files/modules.txt -I {} install -D /lib/modules/${KERNELRELEASE}/{} /rootfs/lib/modules/${KERNELRELEASE}/{}
depmod -b /rootfs ${KERNELRELEASE}
- test:
- |
# https://www.kernel.org/doc/html/v4.15/admin-guide/module-signing.html#signed-modules-and-stripping
find /rootfs/lib/modules -name '*.ko' -exec grep -FL '~Module signature appended~' {} \+
finalize:
- from: /rootfs
to: /rootfs
- from: /pkg/manifest.yaml
to: /
1 change: 1 addition & 0 deletions sbcs/rk3588/vars.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
VERSION: "{{ .BUILD_ARG_TAG }}"
Empty file added sbcs/vars.yaml
View file
Empty file.

0 comments on commit 8e1ed41

Please sign in to comment.