~amjoseph/ownerboot

am1i: update linux.config, use CONFIG_RADEON instead of CONFIG_AMDGPU

The amdgpu module has bloated to an extraordinary size in kernel 6.6, and no
longer fits within the bootflash.  Fortunately on Kabini we can switch back to
the older, slimmer CONFIG_RADEON DRM driver, which this commit does.
Revert "am1i: roll back to kernel 5.10.x temporarily"

This reverts commit 61416b811aff3fd3d2c4186db4ff879aa38b548a.
six-initrd: bump submodule
kgpe: drop unnecessary CONFIG_EXTRA_FIRMWARE_DIR line
kgpe: reduce size of kernel image
kgpe, am1i: deduplicate code

The fmap generator for kgpe and am1i is now identical (previously, it was
not), so this commit lifts that routine into `common/amd64.nix`, so fixes
won't need to be applied in two places.
am1i: fix typo in 8mbyte single-image case

This commit fixes a typo which would cause the am1i image to fail to build in
the single-image (`--arg flash-chip-size-in-mbytes 8`) case.
am1i: roll back to kernel 5.10.x temporarily

On am1i, kernel 6.6 busts the 8mbyte limit.  This patch rolls back only that
platform to 5.10.x in order to allow am1i to work with 8mbyte chips.
README.md: update roadmap
src/main: log bootflash updates to /nix/var/nix/profiles/bootflash-*

This commit causes all bootflash update attempts performed by the
`flash-write-*.sh` scripts to be logged as generations in one or
both of these profiles:

  /nix/var/nix/profiles/bootflash-{normal,fallback}

Specifically, the profile acquires a new generation which is set to
the outpath (`$out`) of the derivation containing the script; this
outpath contains a symlink (and therefore a reference) to the
outpath of the bootflash image for which a write was attempted.
This is similar to how each NixOS configuration is logged as a
generation in `/nix/var/nix/profiles/system` when you "switch" to
it.

The generations in these profiles should be interpreted as logs of
*attempts* to write to the bootflash, rather than successful write
completions.  The purpose of these generations is not to indicate
the current state of the bootflash, but rather to prevent the
bootflash image from being garbage collected out of /nix/store
without an explicit `nix profile wipe-history` invocation to clear
these profiles.

If you want to determine precisely how the currently-booted
bootflash was built, you should:

1. Readback the flash image (`flashrom -r`).

2. Use `strings | grep /nix/store` to find the image outpath.  All
   builds after commit ef4f1846871a2d81964fc6ec63e03005786d7815 will
   contain their own outpath in uncompressed, unencrypted form.

   If the image was written using a `flash-write-*.script` built at
   or after this commit, the outpath containing that script will
   have been logged to one or both bootflash-* profiles.  Unless
   `nix profile wipe-history` or equivalent has been used, the
   logged outpath will not be garbage collected.  That outpath
   refers to the image outpath, so it too will also not be garbage
   collected.

3. Use `nix-store -qd` on the image outpath to find its deriver.

   Builds after 07664e909cc663da18e6d405c56ebec6e2aa94c8 cause the
   derivation containing `flash-write-*.script` to include a symlink
   to the deriver of the image outpath (unless explicitly disabled
   with `add-image-deriver-as-dependency = false`).  Therefore the
   outpath logging performed as a result of this commit will ensure
   that not only the bootflash image, *but also its deriver's entire
   derivation tree* will be preserved until explicitly deleted with
   `nix profile wipe-history` or equivalent.
src/main: add add-image-deriver-as-dependency?true

This commit adds a new option `add-image-deriver-as-dependency`.
When enabled (it is by default), a symlink `$out/etc/image.drv` will
be created, pointing to the *deriver* of `$out/coreboot.rom`.

The symlink guarantees that:

1. The derivations used to build `$out/coreboot.rom` will not be
   garbage collected as long as `$out` is referenced.

2. Whenever `$out` is copied to a store, the derivations used to
   build `$out/coreboot.rom` will also be copied.

The Nix option `keep-derivers` (which defaults to `true`) provides
the first guarantee, but does not provide the second guarantee.

If a bootflash image is copied into /nix/store from a substituter
rather than as a result of being built, its deriver will not be in
/nix/store.  This is a very unfortunate situation, since bootflash
image updates very infrequent events.  It is extremely useful to be
able to find out exactly how the bootflash image on a machine was
built.

For motivation, see the following commit, which logs each attempted
bootflash write to a profile.  Without
add-image-deriver-as-dependency, this logging would not preserve the
deriver of the bootflash image in situations where the bootflash is
built and written on different machines.  If the bootflash is never
written on the machine that built it (which might not even be
possible!) its deriver would exist in the store of only the build
machine, and would be eligible for garbage collection immediately.
src/coreboot: set env.KERNELVERSION to $out

The coreboot source describes `KERNELVERSION` as "misleadingly
named, this is the coreboot version".

We set this to $out, so that you can always find the outpath a
machine's current bootflash image by simply reading the image back
(`flashrom -r`) and running `strings | grep /nix/store` on the
result.
src/coreboot: set env.BUILD_TIMELESS=1

This environment variable inhibits coreboot from writing the
(impure) current system time into the images it produces.
src/kernel: add pasthru.config

This commit causes the kernel-building derivation to export the
`.config` file in a `passthru` attribute.
src/kernel: add TODO

Add a note-to-self that ownerboot's pre-kexec kernel should set
MODPROBE_PATH to something useful.
kevin/linux.config: disable CONFIG_ROCKCHIP_CDN_DP

This feature spams dmesg with annoying requests for firmware blobs.
Continuously.  It never stops.
kevin/linux.config: comments explaining importance of CONFIG_ARM_DMA_USE_IOMMU

If `CONFIG_ARM_DMA_USE_IOMMU` is not enabled, the `panfrost` driver
will fail to create several of the /dev/dri nodes.  The failure mode
this induces on wlroots-based compositors is extremely painful and
difficult to troubleshoot; wlroots gives you absolutely no clue
what's gone wrong.
kevin/linux.config: turn off a few debug configs (dmesg spam)
src/kernel: 5.10.148 -> 6.6.21
src/kernel: remove unnecessary `echo >> .config`

This commit eliminates the shell script lines that explicitly
concatenated lines into the kernel `.config` file.  This is part of
an attempt to move towards more structured, nix-oriented management
of the kernel configuration.
Next