Initial commit

.gitignore

@@ -0,0 +1,3 @@
+repo
+!repo/PLACEHOLDER
+upload.sh

build-inner.sh

@@ -0,0 +1,8 @@
+#!/usr/bin/env bash
+
+set -e
+
+source PKGBUILD
+pacman -Syu --noconfirm --needed --asdeps "${makedepends[@]}" "${depends[@]}"
+
+exec su builder -- makepkg -c

build-pkg.sh

@@ -0,0 +1,10 @@
+#!/usr/bin/env bash
+
+PKG="$1"
+
+sudo podman run --platform linux/arm64 --net host --rm -v $PWD/build-inner.sh:/build-inner.sh -v $PWD/pkgs/"$PKG":/"$PKG" alarm-builder /usr/bin/bash -c "cd $PKG && /build-inner.sh"
+
+for file in $(find "$PWD/pkgs/$PKG" -name '*.pkg.tar.*'); do
+    mv "$file" ./repo/aarch64
+    repo-add -R ./repo/aarch64/petercxy.db.tar.gz ./repo/aarch64/"$(basename "$file")"
+done

builder/Dockerfile

@@ -0,0 +1,12 @@
+# Build with --platform linux/arm64
+FROM docker.io/menci/archlinuxarm:base-devel
+
+RUN pacman -Syu --noconfirm
+
+RUN pacman -S --noconfirm distcc
+
+RUN groupadd -g 1000 builder && useradd -m -u 1000 -g 1000 builder
+
+RUN echo "MAKEFLAGS=-j12" >> /etc/makepkg.conf
+RUN echo "DISTCC_HOSTS=\"127.0.0.1/12:3636\"" >> /etc/makepkg.conf
+RUN echo "BUILDENV=(distcc fakeroot color !ccache check !sign)" >> /etc/makepkg.conf

builder/build.sh

@@ -0,0 +1,3 @@
+#!/usr/bin/env bash
+
+podman build --platform linux/arm64 . -t alarm-builder

pkgs/light/.SRCINFO

@@ -0,0 +1,23 @@
+pkgbase = light
+	pkgdesc = A program to control backlights (and other hardware lights)
+	pkgver = 1.2.2
+	pkgrel = 5
+	url = https://gitlab.com/dpeukert/light
+	install = light.install
+	arch = x86_64
+	arch = i486
+	arch = i686
+	arch = pentium4
+	arch = armv7h
+	arch = aarch64
+	license = GPL-3.0-only
+	source = light-1.2.2-5.tar.gz::https://gitlab.com/dpeukert/light/-/archive/2a54078cbe3814105ee4f565f451b1b5947fbde0/light-2a54078cbe3814105ee4f565f451b1b5947fbde0.tar.gz
+	source = fix-global-var.diff
+	source = namespace-udev-rule.diff
+	source = update-manpage.diff
+	sha512sums = 343bffdf7d007066fb82b4305fe961b70b74c206e0f8c1fb3d2d184a09fee9f02491a3fbe01515663a90ec40c20cf2a3dccb8a252597b907ab8ad0b6e33b5238
+	sha512sums = e020deaca76f65a032f6f694f07b43af6318d46f52e0e16554a883d54c43c5519c7bbb3ecbc6e8f39d2828fbebe73d37aa82d4051b2cc652a1775286188b6ded
+	sha512sums = 1cee6c3f10a6534e03bdf6874b95e699fdf8900f7cb9d86df6f8b99f0f77ff2b80d515eb3f4e43602f5ae19fa3009db63301ff862f1d02b8a17f3282ea063232
+	sha512sums = 36cad74b303c206035dd6941269209278c0661358820444ce97b6ef383761e258ccf56d12c80590278972db0e1be98fae3632269cbababc49690726a61fc1708
+
+pkgname = light

pkgs/light/.editorconfig

@@ -0,0 +1,8 @@
+root = true
+
+[*]
+charset = utf-8
+end_of_line = lf
+insert_final_newline = true
+indent_style = tab
+tab_width = 4

pkgs/light/.gitignore

@@ -0,0 +1,14 @@
+# Only exclude files from the root of the package repo, as some AUR helpers download sources into the directory of the repo,
+# which causes the gitignore file to apply to them too, which breaks some builds
+# Based on https://github.com/github/gitignore/blob/main/ArchLinuxPackages.gitignore
+/*.tar
+/*.tar.*
+/*.rpm
+/*.jar
+/*.exe
+/*.msi
+/*.zip
+/*.tgz
+/*.log
+/*.log.*
+/*.sig

pkgs/light/PKGBUILD

@@ -0,0 +1,53 @@
+# Maintainer: Daniel Peukert <daniel@peukert.cc>
+# Contributor: Maxim Baz <archlinux at maximbaz dot com>
+# Contributor: Fredrik Haikarainen <fredrik.haikarainen@gmail.com>
+# Contributor: Marcin (CTRL) Wieczorek <marcin@marcin.co>
+pkgname='light'
+pkgver='1.2.2'
+_commit='2a54078cbe3814105ee4f565f451b1b5947fbde0'
+pkgrel='5'
+pkgdesc='A program to control backlights (and other hardware lights)'
+arch=('x86_64' 'i486' 'i686' 'pentium4' 'armv7h' 'aarch64')
+url="https://gitlab.com/dpeukert/$pkgname"
+license=('GPL-3.0-only')
+install="$pkgname.install"
+source=(
+	# $pkgrel added to make sure our cached source file doesn't get used, as the previous pkgrel used a different upstream
+	"$pkgname-$pkgver-$pkgrel.tar.gz::$url/-/archive/$_commit/$pkgname-$_commit.tar.gz"
+	'fix-global-var.diff'
+	'namespace-udev-rule.diff'
+	'update-manpage.diff'
+)
+sha512sums=('343bffdf7d007066fb82b4305fe961b70b74c206e0f8c1fb3d2d184a09fee9f02491a3fbe01515663a90ec40c20cf2a3dccb8a252597b907ab8ad0b6e33b5238'
+            'e020deaca76f65a032f6f694f07b43af6318d46f52e0e16554a883d54c43c5519c7bbb3ecbc6e8f39d2828fbebe73d37aa82d4051b2cc652a1775286188b6ded'
+            '1cee6c3f10a6534e03bdf6874b95e699fdf8900f7cb9d86df6f8b99f0f77ff2b80d515eb3f4e43602f5ae19fa3009db63301ff862f1d02b8a17f3282ea063232'
+            '36cad74b303c206035dd6941269209278c0661358820444ce97b6ef383761e258ccf56d12c80590278972db0e1be98fae3632269cbababc49690726a61fc1708')
+
+_sourcedirectory="$pkgname-$_commit"
+
+prepare() {
+	cd "$srcdir/$_sourcedirectory/"
+
+	patch --forward -p1 < '../fix-global-var.diff'
+	patch --forward -p1 < '../namespace-udev-rule.diff'
+	patch --forward -p1 < '../update-manpage.diff'
+}
+
+build() {
+	cd "$srcdir/$_sourcedirectory/"
+	./autogen.sh
+	./configure --prefix='/usr' --with-udev
+	make
+}
+
+check() {
+	# Not using -V, as it doesn't match the real version
+	_checkoutput="$("$srcdir/$_sourcedirectory/src/$pkgname" -h)"
+	printf '%s\n' "$_checkoutput"
+	printf '%s\n' "$_checkoutput" | grep -q 'Increase brightness by value$'
+}
+
+package() {
+	cd "$srcdir/$_sourcedirectory/"
+	make install DESTDIR="$pkgdir" PREFIX='/usr'
+}

pkgs/light/fix-global-var.diff

@@ -0,0 +1,25 @@
+diff --git a/src/helpers.c b/src/helpers.c
+index c7bc4de..00e6098 100644
+--- a/src/helpers.c
++++ b/src/helpers.c
+@@ -9,6 +9,7 @@
+ #include <errno.h> // errno
+ #include <libgen.h> // dirname 
+ 
++light_loglevel_t light_loglevel;
+ 
+ bool light_file_read_uint64(char const *filename, uint64_t *val)
+ {
+diff --git a/src/helpers.h b/src/helpers.h
+index f73714b..4a92753 100644
+--- a/src/helpers.h
++++ b/src/helpers.h
+@@ -21,7 +21,7 @@ typedef enum {
+     LIGHT_NOTE_LEVEL
+ } light_loglevel_t;
+ 
+-light_loglevel_t light_loglevel;
++extern light_loglevel_t light_loglevel;
+ 
+ #define LIGHT_LOG(lvl, fp, fmt, args...)\
+     if(light_loglevel >= lvl)\

pkgs/light/light.install

@@ -0,0 +1,9 @@
+post_install() {
+	echo '==> Make sure to add your user to the video group.'
+}
+
+post_upgrade() {
+	if [ "$(vercmp "$2" '1.2-3')" -lt 0 ]; then
+		post_install
+	fi
+}

pkgs/light/namespace-udev-rule.diff

@@ -0,0 +1,55 @@
+diff --git a/90-backlight.rules b/90-light-backlight.rules
+similarity index 100%
+rename from 90-backlight.rules
+rename to 90-light-backlight.rules
+diff --git a/Makefile.am b/Makefile.am
+index 6979328..b0f5f18 100644
+--- a/Makefile.am
++++ b/Makefile.am
+@@ -4,8 +4,8 @@ doc_DATA       = README.md COPYING ChangeLog.md
+ EXTRA_DIST     = README.md COPYING ChangeLog.md
+ 
+ if UDEV
+-udev_DATA      = 90-backlight.rules
+-EXTRA_DIST    += $(top_srcdir)/90-backlight.rules
++udev_DATA      = 90-light-backlight.rules
++EXTRA_DIST    += $(top_srcdir)/90-light-backlight.rules
+ endif
+ 
+ # lintian --profile debian -i -I --show-overrides ../$PKG.changes
+diff --git a/README.md b/README.md
+index caf3c77..bacb682 100644
+--- a/README.md
++++ b/README.md
+@@ -167,7 +167,7 @@ Optionally, instead of the classic SUID root mode of operation, udev rules can b
+     ./configure --with-udev && make
+     sudo make install
+ 
+-This installs the `90-backlight.rules` into `/usr/lib/udev/rules.d/`.
++This installs the `90-light-backlight.rules` into `/usr/lib/udev/rules.d/`.
+ If your udev rules are located elsewhere, use `--with-udev=PATH`.
+ 
+ **Note:** make sure that your user is part of the `video` group, otherwise you will not get access to the devices.
+diff --git a/debian/light.postinst b/debian/light.postinst
+index 18cc3e9..f3dbf0c 100644
+--- a/debian/light.postinst
++++ b/debian/light.postinst
+@@ -9,4 +9,4 @@ udevadm trigger --subsystem-match=backlight --subsystem-match=leds --action=chan
+ 
+ # Reset udev rule action back to 'add', it was set to 'change' during
+ # dh_auto_configure to make sure they are effective right away.
+-sed -i 's/^ACTION=="change"/ACTION=="add"/g' /usr/lib/udev/rules.d/90-backlight.rules
++sed -i 's/^ACTION=="change"/ACTION=="add"/g' /usr/lib/udev/rules.d/90-light-backlight.rules
+diff --git a/debian/rules b/debian/rules
+index 80e58e4..3f38174 100755
+--- a/debian/rules
++++ b/debian/rules
+@@ -9,7 +9,7 @@ override_dh_auto_configure:
+ 	dh_auto_configure -- --with-udev
+ 	# Change action type of udev rules to make it effective after
+ 	# installation, they are reset back with the poinst script.
+-	sed -i 's/^ACTION=="add"/ACTION=="change"/g' 90-backlight.rules
++	sed -i 's/^ACTION=="add"/ACTION=="change"/g' 90-light-backlight.rules
+ 
+ override_dh_installchangelogs:
+ 	dh_installchangelogs ChangeLog.md

pkgs/light/update-manpage.diff

@@ -0,0 +1,13 @@
+diff --git a/light.1 b/light.1
+index e3481e7..fecd4de 100644
+--- a/light.1
++++ b/light.1
+@@ -38,6 +38,8 @@ List available devices
+ Increase brightness by value
+ .It Fl U
+ Decrease brightness by value
++.It Fl T
++Multiply brightness by value (can be non-integer)
+ .It Fl S
+ Set brightness to value
+ .It Fl G

pkgs/linux-clockworkpi-git/.gitignore

@@ -0,0 +1,3 @@
+linux-clockworkpi
+*.tar
+*.tar.*

pkgs/linux-clockworkpi-git/PKGBUILD

@@ -0,0 +1,177 @@
+# Kernel intended for ClockworkPi from ak-rex
+
+buildarch=8
+
+pkgbase=linux-clockworkpi-git
+_srcname=linux-clockworkpi
+_kernelname=${pkgbase#linux}
+_desc="for ClockworkPi uConsole / DevTerm, ak-rex source tree"
+_pkgver_base=6.12
+pkgver=6.12.r1316375.199335f
+pkgrel=2
+arch=('aarch64')
+url="http://www.kernel.org/"
+license=('GPL2')
+makedepends=('xmlto' 'docbook-xsl' 'kmod' 'inetutils' 'bc' 'git' 'dtc')
+options=('!strip')
+source=("$_srcname::git+https://github.com/ak-rex/ClockworkPi-linux#branch=rpi-$_pkgver_base.y"
+        'config'
+        'linux.preset')
+md5sums=('SKIP'
+         'adf27584d48d52103548c0ff680c9454'
+         '4b6d890230b6751e375ed7d2e34cdb56')
+
+pkgver() {
+  cd "$srcdir/$_srcname"
+  printf "%s.r%s.%s" "$_pkgver_base" "$(git rev-list --count HEAD)" "$(git rev-parse --short=7 HEAD)"
+}
+
+prepare() {
+  cd $_srcname
+
+  cat "${srcdir}/config" > ./.config
+
+  echo "Setting version..."
+  echo "-$pkgrel" > localversion.10-pkgrel
+  echo "${pkgbase#linux}" > localversion.20-pkgname
+}
+
+build() {
+  cd ${_srcname}
+
+  # get kernel version
+  make prepare
+  make -s kernelrelease > version
+
+  # build!
+  unset LDFLAGS
+  make ${MAKEFLAGS} Image modules
+  # Generate device tree blobs with symbols to support applying device tree overlays in U-Boot
+  make ${MAKEFLAGS} DTC_FLAGS="-@" dtbs
+}
+
+_package() {
+  pkgdesc="The Linux Kernel and modules - ${_desc}"
+  depends=('coreutils' 'linux-firmware' 'kmod' 'mkinitcpio>=0.7')
+  optdepends=('wireless-regdb: to set the correct wireless channels of your country')
+  provides=("linux=${pkgver}" "KSMBD-MODULE" "WIREGUARD-MODULE")
+  conflicts=('linux')
+  install=${pkgname}.install
+
+  cd $_srcname
+  local kernver="$(<version)"
+  local modulesdir="$pkgdir/usr/lib/modules/$kernver"
+
+  echo "Installing boot image and dtbs..."
+  install -Dm644 arch/arm64/boot/Image "${pkgdir}/boot/vmlinuz-${pkgbase}"
+  make INSTALL_DTBS_PATH="${pkgdir}/boot/" dtbs_install
+  find "${pkgdir}/boot/broadcom" -type f -print0 | xargs -0 mv -t "${pkgdir}/boot"
+  rm -rf "${pkgdir}/boot/broadcom"
+
+  echo "Installing modules..."
+  make INSTALL_MOD_PATH="$pkgdir/usr" INSTALL_MOD_STRIP=1 DEPMOD=/doesnt/exist modules_install
+
+  # remove build link
+  rm "$modulesdir"/build
+
+  # sed expression for following substitutions
+  local _subst="
+    s|%PKGBASE%|${pkgbase}|g
+    s|%KERNVER%|${kernver}|g
+  "
+
+  # install mkinitcpio preset file
+  sed "${_subst}" ../linux.preset |
+    install -Dm644 /dev/stdin "${pkgdir}/etc/mkinitcpio.d/${pkgbase}.preset"
+
+  # rather than use another hook (90-linux.hook) rely on mkinitcpio's 90-mkinitcpio-install.hook
+  # which avoids a double run of mkinitcpio that can occur
+  install -d "${pkgdir}/usr/lib/initcpio/"
+  echo "dummy file to trigger mkinitcpio to run" > "${pkgdir}/usr/lib/initcpio/$(<version)"
+}
+
+_package-headers() {
+  pkgdesc="Header files and scripts for building modules for linux kernel - ${_desc}"
+  provides=("linux-headers=${pkgver}")
+  conflicts=('linux-headers')
+
+  cd $_srcname
+  local builddir="$pkgdir/usr/lib/modules/$(<version)/build"
+
+  echo "Installing build files..."
+  install -Dt "$builddir" -m644 .config Makefile Module.symvers System.map \
+    localversion.* version vmlinux
+  install -Dt "$builddir/kernel" -m644 kernel/Makefile
+  install -Dt "$builddir/arch/arm64" -m644 arch/arm64/Makefile
+  cp -t "$builddir" -a scripts
+
+  # add xfs and shmem for aufs building
+  mkdir -p "$builddir"/{fs/xfs,mm}
+
+  echo "Installing headers..."
+  cp -t "$builddir" -a include
+  cp -t "$builddir/arch/arm64" -a arch/arm64/include
+  install -Dt "$builddir/arch/arm64/kernel" -m644 arch/arm64/kernel/asm-offsets.s
+  mkdir -p "$builddir/arch/arm"
+  cp -t "$builddir/arch/arm" -a arch/arm/include
+
+  install -Dt "$builddir/drivers/md" -m644 drivers/md/*.h
+  install -Dt "$builddir/net/mac80211" -m644 net/mac80211/*.h
+
+  # https://bugs.archlinux.org/task/13146
+  install -Dt "$builddir/drivers/media/i2c" -m644 drivers/media/i2c/msp3400-driver.h
+
+  # https://bugs.archlinux.org/task/20402
+  install -Dt "$builddir/drivers/media/usb/dvb-usb" -m644 drivers/media/usb/dvb-usb/*.h
+  install -Dt "$builddir/drivers/media/dvb-frontends" -m644 drivers/media/dvb-frontends/*.h
+  install -Dt "$builddir/drivers/media/tuners" -m644 drivers/media/tuners/*.h
+
+  # https://bugs.archlinux.org/task/71392
+  install -Dt "$builddir/drivers/iio/common/hid-sensors" -m644 drivers/iio/common/hid-sensors/*.h
+
+  echo "Installing KConfig files..."
+  find . -name 'Kconfig*' -exec install -Dm644 {} "$builddir/{}" \;
+
+  echo "Removing unneeded architectures..."
+  local arch
+  for arch in "$builddir"/arch/*/; do
+    [[ $arch = */arm64/ || $arch == */arm/ ]] && continue
+    echo "Removing $(basename "$arch")"
+    rm -r "$arch"
+  done
+
+  echo "Removing documentation..."
+  rm -r "$builddir/Documentation"
+
+  echo "Removing broken symlinks..."
+  find -L "$builddir" -type l -printf 'Removing %P\n' -delete
+
+  echo "Removing loose objects..."
+  find "$builddir" -type f -name '*.o' -printf 'Removing %P\n' -delete
+
+  echo "Stripping build tools..."
+  local file
+  while read -rd '' file; do
+    case "$(file -bi "$file")" in
+      application/x-sharedlib\;*)      # Libraries (.so)
+        strip -v $STRIP_SHARED "$file" ;;
+      application/x-archive\;*)        # Libraries (.a)
+        strip -v $STRIP_STATIC "$file" ;;
+      application/x-executable\;*)     # Binaries
+        strip -v $STRIP_BINARIES "$file" ;;
+      application/x-pie-executable\;*) # Relocatable binaries
+        strip -v $STRIP_SHARED "$file" ;;
+    esac
+  done < <(find "$builddir" -type f -perm -u+x ! -name vmlinux -print0)
+
+  echo "Adding symlink..."
+  mkdir -p "$pkgdir/usr/src"
+  ln -sr "$builddir" "$pkgdir/usr/src/$pkgbase"
+}
+
+pkgname=("${pkgbase}" "${pkgbase}-headers")
+for _p in ${pkgname[@]}; do
+  eval "package_${_p}() {
+    _package${_p#${pkgbase}}
+  }"
+done

pkgs/linux-clockworkpi-git/linux-clockworkpi-git.install

@@ -0,0 +1,10 @@
+post_upgrade() {
+  if findmnt --fstab -uno SOURCE /boot &>/dev/null && ! mountpoint -q /boot; then
+    echo "WARNING: /boot appears to be a separate partition but is not mounted."
+  fi
+}
+
+post_remove() {
+  rm -f boot/initramfs-linux-clockworkpi-git.img
+  rm -f boot/initramfs-linux-clockworkpi-git-fallback.img
+}

pkgs/linux-clockworkpi-git/linux.preset

@@ -0,0 +1,14 @@
+# mkinitcpio preset file for the '%PKGBASE%' package
+
+#ALL_config="/etc/mkinitcpio.conf"
+ALL_kver="%KERNVER%"
+
+PRESETS=('default' 'fallback')
+
+#default_config="/etc/mkinitcpio.conf"
+default_image="/boot/initramfs-linux-clockworkpi-git.img"
+#default_options=""
+
+#fallback_config="/etc/mkinitcpio.conf"
+fallback_image="/boot/initramfs-linux-clockworkpi-git-fallback.img"
+fallback_options="-S autodetect"

pkgs/wpa_supplicant-raspberrypi-git/.SRCINFO

@@ -0,0 +1,23 @@
+pkgbase = wpa_supplicant-git
+	pkgdesc = A daemon program controlling the wireless connection
+	pkgver = 2.10.r1120.gcc8a09a48
+	pkgrel = 1
+	url = https://w1.fi/wpa_supplicant/
+	arch = i686
+	arch = x86_64
+	license = BSD
+	makedepends = git
+	depends = glibc
+	depends = openssl
+	depends = libdbus
+	depends = libnl
+	depends = readline
+	optdepends = wpa_supplicant_gui: GUI frontend
+	provides = wpa_supplicant=2.10.r1120.gcc8a09a48
+	conflicts = wpa_supplicant
+	source = git+https://w1.fi/hostap.git
+	source = config::https://gitlab.archlinux.org/archlinux/packaging/packages/wpa_supplicant/-/raw/main/wpa_supplicant_config
+	sha256sums = SKIP
+	sha256sums = SKIP
+
+pkgname = wpa_supplicant-git

pkgs/wpa_supplicant-raspberrypi-git/.gitignore

@@ -0,0 +1,3 @@
+hostap
+*.tar
+*.tar.*

pkgs/wpa_supplicant-raspberrypi-git/0001-Revert-Mark-authorization-completed-on-driver-indica.patch

@@ -0,0 +1,50 @@
+From ffc5780986fb86ac77cafb633d79d14e01b84393 Mon Sep 17 00:00:00 2001
+From: Peter Cai <peter@typeblog.net>
+Date: Thu, 27 Mar 2025 21:57:33 -0400
+Subject: [PATCH] Revert "Mark authorization completed on driver indication
+ during 4-way HS offload"
+
+This reverts commit 41638606054a09867fe3f9a2b5523aa4678cbfa5.
+---
+ wpa_supplicant/events.c | 25 ++++++++-----------------
+ 1 file changed, 8 insertions(+), 17 deletions(-)
+
+diff --git a/wpa_supplicant/events.c b/wpa_supplicant/events.c
+index 6f6e94c55..375da99ef 100644
+--- a/wpa_supplicant/events.c
++++ b/wpa_supplicant/events.c
+@@ -4476,23 +4476,14 @@ static void wpa_supplicant_event_assoc(struct wpa_supplicant *wpa_s,
+ 		eapol_sm_notify_eap_success(wpa_s->eapol, true);
+ 	} else if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE_PSK) &&
+ 		   wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt)) {
+-		if (already_authorized) {
+-			/*
+-			 * We are done; the driver will take care of RSN 4-way
+-			 * handshake.
+-			 */
+-			wpa_supplicant_cancel_auth_timeout(wpa_s);
+-			wpa_supplicant_set_state(wpa_s, WPA_COMPLETED);
+-			eapol_sm_notify_portValid(wpa_s->eapol, true);
+-			eapol_sm_notify_eap_success(wpa_s->eapol, true);
+-		} else {
+-			/* Update port, WPA_COMPLETED state from the
+-			 * EVENT_PORT_AUTHORIZED handler when the driver is done
+-			 * with the 4-way handshake.
+-			 */
+-			wpa_msg(wpa_s, MSG_DEBUG,
+-				"ASSOC INFO: wait for driver port authorized indication");
+-		}
++		/*
++		 * We are done; the driver will take care of RSN 4-way
++		 * handshake.
++		 */
++		wpa_supplicant_cancel_auth_timeout(wpa_s);
++		wpa_supplicant_set_state(wpa_s, WPA_COMPLETED);
++		eapol_sm_notify_portValid(wpa_s->eapol, true);
++		eapol_sm_notify_eap_success(wpa_s->eapol, true);
+ 	} else if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE_8021X) &&
+ 		   wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt)) {
+ 		/*
+-- 
+2.48.1
+

pkgs/wpa_supplicant-raspberrypi-git/PKGBUILD

@@ -0,0 +1,70 @@
+# Maintainer: Peter Cai <peter AT typeblog DOT net>
+# Contributor: Chocobo1 <chocobo1 AT archlinux DOT net>
+
+pkgname=wpa_supplicant-raspberrypi-git
+pkgver=2.11.r798.gce80c6464
+pkgrel=1
+pkgdesc="A daemon program controlling the wireless connection, patched for Raspberry Pi"
+arch=('aarch64')
+url="https://w1.fi/wpa_supplicant/"
+license=('BSD')
+depends=('glibc' 'openssl' 'libdbus' 'libnl' 'readline' 'pcsclite')
+optdepends=('wpa_supplicant_gui: GUI frontend')
+makedepends=('git')
+provides=("wpa_supplicant=$pkgver")
+conflicts=('wpa_supplicant')
+source=("git+https://w1.fi/hostap.git"
+        "config::https://gitlab.archlinux.org/archlinux/packaging/packages/wpa_supplicant/-/raw/main/wpa_supplicant_config"
+        "0001-Revert-Mark-authorization-completed-on-driver-indica.patch")
+sha256sums=('SKIP'
+            '1e32af4a1a147ee75358fd0b5636fb41332a7b91ec7a904292178256f735e9d2'
+            'bc21fa6bbbdf6f206a7cfea3d17ca6e6f9bf0b7933ec18376dae626e80787e5d')
+
+
+prepare() {
+  cd "$srcdir"
+
+  cp "config" "hostap/wpa_supplicant/.config"
+
+  cd "hostap"
+
+  git apply ../0001-Revert-Mark-authorization-completed-on-driver-indica.patch
+}
+
+pkgver() {
+  cd "hostap/wpa_supplicant"
+
+  git describe --long --tags | sed 's/^hostap_//;s/\([^-]*-g\)/r\1/;s/[_-]/./g'
+}
+
+build() {
+  cd "hostap/wpa_supplicant"
+
+  export CFLAGS="$CPPFLAGS $CFLAGS"
+  make \
+    LIBDIR="/usr/lib" \
+    BINDIR="/usr/bin"
+  make \
+    LIBDIR="/usr/lib" \
+    BINDIR="/usr/bin" \
+    eapol_test
+}
+
+package() {
+  cd "hostap/wpa_supplicant"
+
+  make \
+    LIBDIR="/usr/lib" \
+    BINDIR="/usr/bin" \
+    DESTDIR="$pkgdir" \
+    install
+
+  install -Dm755 "eapol_test" -t "$pkgdir/usr/bin"
+  install -Dm644 "wpa_supplicant.conf" -t "$pkgdir/usr/share/doc/wpa_supplicant"
+  install -Dm644 "dbus/fi.w1.wpa_supplicant1.service" -t "$pkgdir/usr/share/dbus-1/system-services"
+  install -Dm644 "dbus/dbus-wpa_supplicant.conf" "$pkgdir/etc/dbus-1/system.d/wpa_supplicant.conf"
+  install -Dm644 "systemd"/*.service -t "$pkgdir/usr/lib/systemd/system"
+
+  sed -n '/This software may/,/OF SUCH DAMAGE./p' "README" > "COPYING"
+  install -Dm644 "COPYING" -t "$pkgdir/usr/share/licenses/wpa_supplicant"
+}

pkgs/wpa_supplicant-raspberrypi-git/config

@@ -0,0 +1,649 @@
+# Arch Linux wpa_supplicant build time configuration
+#
+# This file lists the configuration options that are used when building the
+# wpa_supplicant binary. All lines starting with # are ignored. Configuration
+# option lines must be commented out complete, if they are not to be included,
+# i.e., just setting VARIABLE=n is not disabling that variable.
+#
+# This file is included in Makefile, so variables like CFLAGS and LIBS can also
+# be modified from here. In most cases, these lines should use += in order not
+# to override previous values of the variables.
+
+
+# Uncomment following two lines and fix the paths if you have installed OpenSSL
+# or GnuTLS in non-default location
+#CFLAGS += -I/usr/local/openssl/include
+#LIBS += -L/usr/local/openssl/lib
+
+# Some Red Hat versions seem to include kerberos header files from OpenSSL, but
+# the kerberos files are not in the default include path. Following line can be
+# used to fix build issues on such systems (krb5.h not found).
+#CFLAGS += -I/usr/include/kerberos
+
+# Driver interface for generic Linux wireless extensions
+# Note: WEXT is deprecated in the current Linux kernel version and no new
+# functionality is added to it. nl80211-based interface is the new
+# replacement for WEXT and its use allows wpa_supplicant to properly control
+# the driver to improve existing functionality like roaming and to support new
+# functionality.
+CONFIG_DRIVER_WEXT=y
+
+# Driver interface for Linux drivers using the nl80211 kernel interface
+CONFIG_DRIVER_NL80211=y
+
+# QCA vendor extensions to nl80211
+CONFIG_DRIVER_NL80211_QCA=y
+
+# driver_nl80211.c requires libnl. If you are compiling it yourself
+# you may need to point hostapd to your version of libnl.
+#
+#CFLAGS += -I$<path to libnl include files>
+#LIBS += -L$<path to libnl library files>
+
+# Use libnl v2.0 (or 3.0) libraries.
+#CONFIG_LIBNL20=y
+
+# Use libnl 3.2 libraries (if this is selected, CONFIG_LIBNL20 is ignored)
+CONFIG_LIBNL32=y
+
+
+# Driver interface for FreeBSD net80211 layer (e.g., Atheros driver)
+#CONFIG_DRIVER_BSD=y
+#CFLAGS += -I/usr/local/include
+#LIBS += -L/usr/local/lib
+#LIBS_p += -L/usr/local/lib
+#LIBS_c += -L/usr/local/lib
+
+# Driver interface for Windows NDIS
+#CONFIG_DRIVER_NDIS=y
+#CFLAGS += -I/usr/include/w32api/ddk
+#LIBS += -L/usr/local/lib
+# For native build using mingw
+#CONFIG_NATIVE_WINDOWS=y
+# Additional directories for cross-compilation on Linux host for mingw target
+#CFLAGS += -I/opt/mingw/mingw32/include/ddk
+#LIBS += -L/opt/mingw/mingw32/lib
+#CC=mingw32-gcc
+# By default, driver_ndis uses WinPcap for low-level operations. This can be
+# replaced with the following option which replaces WinPcap calls with NDISUIO.
+# However, this requires that WZC is disabled (net stop wzcsvc) before starting
+# wpa_supplicant.
+# CONFIG_USE_NDISUIO=y
+
+# Driver interface for wired Ethernet drivers
+CONFIG_DRIVER_WIRED=y
+
+# Driver interface for MACsec capable Qualcomm Atheros drivers
+#CONFIG_DRIVER_MACSEC_QCA=y
+
+# Driver interface for Linux MACsec drivers
+CONFIG_DRIVER_MACSEC_LINUX=y
+
+# Driver interface for the Broadcom RoboSwitch family
+#CONFIG_DRIVER_ROBOSWITCH=y
+
+# Driver interface for no driver (e.g., WPS ER only)
+CONFIG_DRIVER_NONE=y
+
+# Solaris libraries
+#LIBS += -lsocket -ldlpi -lnsl
+#LIBS_c += -lsocket
+
+# Enable IEEE 802.1X Supplicant (automatically included if any EAP method or
+# MACsec is included)
+CONFIG_IEEE8021X_EAPOL=y
+
+# EAP-MD5
+CONFIG_EAP_MD5=y
+
+# EAP-MSCHAPv2
+CONFIG_EAP_MSCHAPV2=y
+
+# EAP-TLS
+CONFIG_EAP_TLS=y
+
+# EAL-PEAP
+CONFIG_EAP_PEAP=y
+
+# EAP-TTLS
+CONFIG_EAP_TTLS=y
+
+# EAP-FAST
+CONFIG_EAP_FAST=y
+
+# EAP-TEAP
+# Note: The current EAP-TEAP implementation is experimental and should not be
+# enabled for production use. The IETF RFC 7170 that defines EAP-TEAP has number
+# of conflicting statements and missing details and the implementation has
+# vendor specific workarounds for those and as such, may not interoperate with
+# any other implementation. This should not be used for anything else than
+# experimentation and interoperability testing until those issues has been
+# resolved.
+#CONFIG_EAP_TEAP=y
+
+# EAP-GTC
+CONFIG_EAP_GTC=y
+
+# EAP-OTP
+CONFIG_EAP_OTP=y
+
+# EAP-SIM (enable CONFIG_PCSC, if EAP-SIM is used)
+CONFIG_EAP_SIM=y
+
+# Enable SIM simulator (Milenage) for EAP-SIM
+#CONFIG_SIM_SIMULATOR=y
+
+# EAP-PSK (experimental; this is _not_ needed for WPA-PSK)
+CONFIG_EAP_PSK=y
+
+# EAP-pwd (secure authentication using only a password)
+CONFIG_EAP_PWD=y
+
+# EAP-PAX
+CONFIG_EAP_PAX=y
+
+# LEAP
+CONFIG_EAP_LEAP=y
+
+# EAP-AKA (enable CONFIG_PCSC, if EAP-AKA is used)
+CONFIG_EAP_AKA=y
+
+# EAP-AKA' (enable CONFIG_PCSC, if EAP-AKA' is used).
+# This requires CONFIG_EAP_AKA to be enabled, too.
+CONFIG_EAP_AKA_PRIME=y
+
+# Enable USIM simulator (Milenage) for EAP-AKA
+#CONFIG_USIM_SIMULATOR=y
+
+# EAP-SAKE
+CONFIG_EAP_SAKE=y
+
+# EAP-GPSK
+CONFIG_EAP_GPSK=y
+# Include support for optional SHA256 cipher suite in EAP-GPSK
+CONFIG_EAP_GPSK_SHA256=y
+
+# EAP-TNC and related Trusted Network Connect support (experimental)
+CONFIG_EAP_TNC=y
+
+# Wi-Fi Protected Setup (WPS)
+CONFIG_WPS=y
+# Enable WPS external registrar functionality
+CONFIG_WPS_ER=y
+# Disable credentials for an open network by default when acting as a WPS
+# registrar.
+CONFIG_WPS_REG_DISABLE_OPEN=y
+# Enable WPS support with NFC config method
+CONFIG_WPS_NFC=y
+
+# EAP-IKEv2
+CONFIG_EAP_IKEV2=y
+
+# EAP-EKE
+CONFIG_EAP_EKE=y
+
+# MACsec
+CONFIG_MACSEC=y
+
+# PKCS#12 (PFX) support (used to read private key and certificate file from
+# a file that usually has extension .p12 or .pfx)
+CONFIG_PKCS12=y
+
+# Smartcard support (i.e., private key on a smartcard), e.g., with openssl
+# engine.
+CONFIG_SMARTCARD=y
+
+# PC/SC interface for smartcards (USIM, GSM SIM)
+# Enable this if EAP-SIM or EAP-AKA is included
+CONFIG_PCSC=y
+
+# Support HT overrides (disable HT/HT40, mask MCS rates, etc.)
+CONFIG_HT_OVERRIDES=y
+
+# Support VHT overrides (disable VHT, mask MCS rates, etc.)
+CONFIG_VHT_OVERRIDES=y
+
+# Development testing
+CONFIG_EAPOL_TEST=y
+
+# Select control interface backend for external programs, e.g, wpa_cli:
+# unix = UNIX domain sockets (default for Linux/*BSD)
+# udp = UDP sockets using localhost (127.0.0.1)
+# udp6 = UDP IPv6 sockets using localhost (::1)
+# named_pipe = Windows Named Pipe (default for Windows)
+# udp-remote = UDP sockets with remote access (only for tests systems/purpose)
+# udp6-remote = UDP IPv6 sockets with remote access (only for tests purpose)
+# y = use default (backwards compatibility)
+# If this option is commented out, control interface is not included in the
+# build.
+CONFIG_CTRL_IFACE=y
+
+# Include support for GNU Readline and History Libraries in wpa_cli.
+# When building a wpa_cli binary for distribution, please note that these
+# libraries are licensed under GPL and as such, BSD license may not apply for
+# the resulting binary.
+CONFIG_READLINE=y
+
+# Include internal line edit mode in wpa_cli. This can be used as a replacement
+# for GNU Readline to provide limited command line editing and history support.
+#CONFIG_WPA_CLI_EDIT=y
+
+# Remove debugging code that is printing out debug message to stdout.
+# This can be used to reduce the size of the wpa_supplicant considerably
+# if debugging code is not needed. The size reduction can be around 35%
+# (e.g., 90 kB).
+#CONFIG_NO_STDOUT_DEBUG=y
+
+# Remove WPA support, e.g., for wired-only IEEE 802.1X supplicant, to save
+# 35-50 kB in code size.
+#CONFIG_NO_WPA=y
+
+# Remove IEEE 802.11i/WPA-Personal ASCII passphrase support
+# This option can be used to reduce code size by removing support for
+# converting ASCII passphrases into PSK. If this functionality is removed, the
+# PSK can only be configured as the 64-octet hexstring (e.g., from
+# wpa_passphrase). This saves about 0.5 kB in code size.
+#CONFIG_NO_WPA_PASSPHRASE=y
+
+# Simultaneous Authentication of Equals (SAE), WPA3-Personal
+CONFIG_SAE=y
+
+# Disable scan result processing (ap_scan=1) to save code size by about 1 kB.
+# This can be used if ap_scan=1 mode is never enabled.
+#CONFIG_NO_SCAN_PROCESSING=y
+
+# Select configuration backend:
+# file = text file (e.g., wpa_supplicant.conf; note: the configuration file
+#	path is given on command line, not here; this option is just used to
+#	select the backend that allows configuration files to be used)
+# winreg = Windows registry (see win_example.reg for an example)
+CONFIG_BACKEND=file
+
+# Remove configuration write functionality (i.e., to allow the configuration
+# file to be updated based on runtime configuration changes). The runtime
+# configuration can still be changed, the changes are just not going to be
+# persistent over restarts. This option can be used to reduce code size by
+# about 3.5 kB.
+#CONFIG_NO_CONFIG_WRITE=y
+
+# Remove support for configuration blobs to reduce code size by about 1.5 kB.
+#CONFIG_NO_CONFIG_BLOBS=y
+
+# Select program entry point implementation:
+# main = UNIX/POSIX like main() function (default)
+# main_winsvc = Windows service (read parameters from registry)
+# main_none = Very basic example (development use only)
+CONFIG_MAIN=main
+
+# Select wrapper for operating system and C library specific functions
+# unix = UNIX/POSIX like systems (default)
+# win32 = Windows systems
+# none = Empty template
+CONFIG_OS=unix
+
+# Select event loop implementation
+# eloop = select() loop (default)
+# eloop_win = Windows events and WaitForMultipleObject() loop
+CONFIG_ELOOP=eloop
+
+# Should we use poll instead of select? Select is used by default.
+#CONFIG_ELOOP_POLL=y
+
+# Should we use epoll instead of select? Select is used by default.
+#CONFIG_ELOOP_EPOLL=y
+
+# Should we use kqueue instead of select? Select is used by default.
+#CONFIG_ELOOP_KQUEUE=y
+
+# Select layer 2 packet implementation
+# linux = Linux packet socket (default)
+# pcap = libpcap/libdnet/WinPcap
+# freebsd = FreeBSD libpcap
+# winpcap = WinPcap with receive thread
+# ndis = Windows NDISUIO (note: requires CONFIG_USE_NDISUIO=y)
+# none = Empty template
+CONFIG_L2_PACKET=linux
+
+# Disable Linux packet socket workaround applicable for station interface
+# in a bridge for EAPOL frames. This should be uncommented only if the kernel
+# is known to not have the regression issue in packet socket behavior with
+# bridge interfaces (commit 'bridge: respect RFC2863 operational state')').
+#CONFIG_NO_LINUX_PACKET_SOCKET_WAR=y
+
+# Support Operating Channel Validation
+CONFIG_OCV=y
+
+# Select TLS implementation
+# openssl = OpenSSL (default)
+# gnutls = GnuTLS
+# internal = Internal TLSv1 implementation (experimental)
+# linux = Linux kernel AF_ALG and internal TLSv1 implementation (experimental)
+# none = Empty template
+CONFIG_TLS=openssl
+
+# TLS-based EAP methods require at least TLS v1.0. Newer version of TLS (v1.1)
+# can be enabled to get a stronger construction of messages when block ciphers
+# are used. It should be noted that some existing TLS v1.0 -based
+# implementation may not be compatible with TLS v1.1 message (ClientHello is
+# sent prior to negotiating which version will be used)
+CONFIG_TLSV11=y
+
+# TLS-based EAP methods require at least TLS v1.0. Newer version of TLS (v1.2)
+# can be enabled to enable use of stronger crypto algorithms. It should be
+# noted that some existing TLS v1.0 -based implementation may not be compatible
+# with TLS v1.2 message (ClientHello is sent prior to negotiating which version
+# will be used)
+CONFIG_TLSV12=y
+
+# Select which ciphers to use by default with OpenSSL if the user does not
+# specify them.
+CONFIG_TLS_DEFAULT_CIPHERS="DEFAULT@SECLEVEL=1"
+
+# If CONFIG_TLS=internal is used, additional library and include paths are
+# needed for LibTomMath. Alternatively, an integrated, minimal version of
+# LibTomMath can be used. See beginning of libtommath.c for details on benefits
+# and drawbacks of this option.
+#CONFIG_INTERNAL_LIBTOMMATH=y
+#ifndef CONFIG_INTERNAL_LIBTOMMATH
+#LTM_PATH=/usr/src/libtommath-0.39
+#CFLAGS += -I$(LTM_PATH)
+#LIBS += -L$(LTM_PATH)
+#LIBS_p += -L$(LTM_PATH)
+#endif
+# At the cost of about 4 kB of additional binary size, the internal LibTomMath
+# can be configured to include faster routines for exptmod, sqr, and div to
+# speed up DH and RSA calculation considerably
+#CONFIG_INTERNAL_LIBTOMMATH_FAST=y
+
+# Include NDIS event processing through WMI into wpa_supplicant/wpasvc.
+# This is only for Windows builds and requires WMI-related header files and
+# WbemUuid.Lib from Platform SDK even when building with MinGW.
+#CONFIG_NDIS_EVENTS_INTEGRATED=y
+#PLATFORMSDKLIB="/opt/Program Files/Microsoft Platform SDK/Lib"
+
+# Add support for new DBus control interface
+# (fi.w1.wpa_supplicant1)
+CONFIG_CTRL_IFACE_DBUS_NEW=y
+
+# Add introspection support for new DBus control interface
+CONFIG_CTRL_IFACE_DBUS_INTRO=y
+
+# Add support for loading EAP methods dynamically as shared libraries.
+# When this option is enabled, each EAP method can be either included
+# statically (CONFIG_EAP_<method>=y) or dynamically (CONFIG_EAP_<method>=dyn).
+# Dynamic EAP methods are build as shared objects (eap_*.so) and they need to
+# be loaded in the beginning of the wpa_supplicant configuration file
+# (see load_dynamic_eap parameter in the example file) before being used in
+# the network blocks.
+#
+# Note that some shared parts of EAP methods are included in the main program
+# and in order to be able to use dynamic EAP methods using these parts, the
+# main program must have been build with the EAP method enabled (=y or =dyn).
+# This means that EAP-TLS/PEAP/TTLS/FAST cannot be added as dynamic libraries
+# unless at least one of them was included in the main build to force inclusion
+# of the shared code. Similarly, at least one of EAP-SIM/AKA must be included
+# in the main build to be able to load these methods dynamically.
+#
+# Please also note that using dynamic libraries will increase the total binary
+# size. Thus, it may not be the best option for targets that have limited
+# amount of memory/flash.
+#CONFIG_DYNAMIC_EAP_METHODS=y
+
+# IEEE Std 802.11r-2008 (Fast BSS Transition) for station mode
+CONFIG_IEEE80211R=y
+
+# Add support for writing debug log to a file (/tmp/wpa_supplicant-log-#.txt)
+CONFIG_DEBUG_FILE=y
+
+# Send debug messages to syslog instead of stdout
+CONFIG_DEBUG_SYSLOG=y
+# Set syslog facility for debug messages
+CONFIG_DEBUG_SYSLOG_FACILITY=LOG_DAEMON
+
+# Add support for sending all debug messages (regardless of debug verbosity)
+# to the Linux kernel tracing facility. This helps debug the entire stack by
+# making it easy to record everything happening from the driver up into the
+# same file, e.g., using trace-cmd.
+CONFIG_DEBUG_LINUX_TRACING=y
+
+# Add support for writing debug log to Android logcat instead of standard
+# output
+#CONFIG_ANDROID_LOG=y
+
+# Enable privilege separation (see README 'Privilege separation' for details)
+#CONFIG_PRIVSEP=y
+
+# Enable mitigation against certain attacks against TKIP by delaying Michael
+# MIC error reports by a random amount of time between 0 and 60 seconds
+CONFIG_DELAYED_MIC_ERROR_REPORT=y
+
+# Enable tracing code for developer debugging
+# This tracks use of memory allocations and other registrations and reports
+# incorrect use with a backtrace of call (or allocation) location.
+#CONFIG_WPA_TRACE=y
+# For BSD, uncomment these.
+#LIBS += -lexecinfo
+#LIBS_p += -lexecinfo
+#LIBS_c += -lexecinfo
+
+# Use libbfd to get more details for developer debugging
+# This enables use of libbfd to get more detailed symbols for the backtraces
+# generated by CONFIG_WPA_TRACE=y.
+#CONFIG_WPA_TRACE_BFD=y
+# For BSD, uncomment these.
+#LIBS += -lbfd -liberty -lz
+#LIBS_p += -lbfd -liberty -lz
+#LIBS_c += -lbfd -liberty -lz
+
+# wpa_supplicant depends on strong random number generation being available
+# from the operating system. os_get_random() function is used to fetch random
+# data when needed, e.g., for key generation. On Linux and BSD systems, this
+# works by reading /dev/urandom. It should be noted that the OS entropy pool
+# needs to be properly initialized before wpa_supplicant is started. This is
+# important especially on embedded devices that do not have a hardware random
+# number generator and may by default start up with minimal entropy available
+# for random number generation.
+#
+# As a safety net, wpa_supplicant is by default trying to internally collect
+# additional entropy for generating random data to mix in with the data fetched
+# from the OS. This by itself is not considered to be very strong, but it may
+# help in cases where the system pool is not initialized properly. However, it
+# is very strongly recommended that the system pool is initialized with enough
+# entropy either by using hardware assisted random number generator or by
+# storing state over device reboots.
+#
+# wpa_supplicant can be configured to maintain its own entropy store over
+# restarts to enhance random number generation. This is not perfect, but it is
+# much more secure than using the same sequence of random numbers after every
+# reboot. This can be enabled with -e<entropy file> command line option. The
+# specified file needs to be readable and writable by wpa_supplicant.
+#
+# If the os_get_random() is known to provide strong random data (e.g., on
+# Linux/BSD, the board in question is known to have reliable source of random
+# data from /dev/urandom), the internal wpa_supplicant random pool can be
+# disabled. This will save some in binary size and CPU use. However, this
+# should only be considered for builds that are known to be used on devices
+# that meet the requirements described above.
+CONFIG_NO_RANDOM_POOL=y
+
+# Should we attempt to use the getrandom(2) call that provides more reliable
+# yet secure randomness source than /dev/random on Linux 3.17 and newer.
+# Requires glibc 2.25 to build, falls back to /dev/random if unavailable.
+CONFIG_GETRANDOM=y
+
+# IEEE 802.11ac (Very High Throughput) support (mainly for AP mode)
+CONFIG_IEEE80211AC=y
+
+# Wireless Network Management (IEEE Std 802.11v-2011)
+# Note: This is experimental and not complete implementation.
+CONFIG_WNM=y
+
+# Interworking (IEEE 802.11u)
+# This can be used to enable functionality to improve interworking with
+# external networks (GAS/ANQP to learn more about the networks and network
+# selection based on available credentials).
+CONFIG_INTERWORKING=y
+
+# Hotspot 2.0
+CONFIG_HS20=y
+
+# Enable interface matching in wpa_supplicant
+#CONFIG_MATCH_IFACE=y
+
+# Disable roaming in wpa_supplicant
+#CONFIG_NO_ROAMING=y
+
+# AP mode operations with wpa_supplicant
+# This can be used for controlling AP mode operations with wpa_supplicant. It
+# should be noted that this is mainly aimed at simple cases like
+# WPA2-Personal while more complex configurations like WPA2-Enterprise with an
+# external RADIUS server can be supported with hostapd.
+CONFIG_AP=y
+
+# P2P (Wi-Fi Direct)
+# This can be used to enable P2P support in wpa_supplicant. See README-P2P for
+# more information on P2P operations.
+CONFIG_P2P=y
+
+# Enable TDLS support
+CONFIG_TDLS=y
+
+# Wi-Fi Display
+# This can be used to enable Wi-Fi Display extensions for P2P using an external
+# program to control the additional information exchanges in the messages.
+CONFIG_WIFI_DISPLAY=y
+
+# Autoscan
+# This can be used to enable automatic scan support in wpa_supplicant.
+# See wpa_supplicant.conf for more information on autoscan usage.
+#
+# Enabling directly a module will enable autoscan support.
+# For exponential module:
+CONFIG_AUTOSCAN_EXPONENTIAL=y
+# For periodic module:
+CONFIG_AUTOSCAN_PERIODIC=y
+
+# Password (and passphrase, etc.) backend for external storage
+# These optional mechanisms can be used to add support for storing passwords
+# and other secrets in external (to wpa_supplicant) location. This allows, for
+# example, operating system specific key storage to be used
+#
+# External password backend for testing purposes (developer use)
+#CONFIG_EXT_PASSWORD_TEST=y
+# File-based backend to read passwords from an external file.
+#CONFIG_EXT_PASSWORD_FILE=y
+
+# Enable Fast Session Transfer (FST)
+CONFIG_FST=y
+
+# Enable CLI commands for FST testing
+#CONFIG_FST_TEST=y
+
+# OS X builds. This is only for building eapol_test.
+#CONFIG_OSX=y
+
+# Automatic Channel Selection
+# This will allow wpa_supplicant to pick the channel automatically when channel
+# is set to "0".
+#
+# TODO: Extend parser to be able to parse "channel=acs_survey" as an alternative
+# to "channel=0". This would enable us to eventually add other ACS algorithms in
+# similar way.
+#
+# Automatic selection is currently only done through initialization, later on
+# we hope to do background checks to keep us moving to more ideal channels as
+# time goes by. ACS is currently only supported through the nl80211 driver and
+# your driver must have survey dump capability that is filled by the driver
+# during scanning.
+#
+# TODO: In analogy to hostapd be able to customize the ACS survey algorithm with
+# a newly to create wpa_supplicant.conf variable acs_num_scans.
+#
+# Supported ACS drivers:
+# * ath9k
+# * ath5k
+# * ath10k
+#
+# For more details refer to:
+# http://wireless.kernel.org/en/users/Documentation/acs
+CONFIG_ACS=y
+
+# Support Multi Band Operation
+CONFIG_MBO=y
+
+# Fast Initial Link Setup (FILS) (IEEE 802.11ai)
+CONFIG_FILS=y
+# FILS shared key authentication with PFS
+CONFIG_FILS_SK_PFS=y
+
+# Support RSN on IBSS networks
+# This is needed to be able to use mode=1 network profile with proto=RSN and
+# key_mgmt=WPA-PSK (i.e., full key management instead of WPA-None).
+CONFIG_IBSS_RSN=y
+
+# External PMKSA cache control
+# This can be used to enable control interface commands that allow the current
+# PMKSA cache entries to be fetched and new entries to be added.
+CONFIG_PMKSA_CACHE_EXTERNAL=y
+
+# Mesh Networking (IEEE 802.11s)
+CONFIG_MESH=y
+
+# Background scanning modules
+# These can be used to request wpa_supplicant to perform background scanning
+# operations for roaming within an ESS (same SSID). See the bgscan parameter in
+# the wpa_supplicant.conf file for more details.
+# Periodic background scans based on signal strength
+CONFIG_BGSCAN_SIMPLE=y
+# Learn channels used by the network and try to avoid bgscans on other
+# channels (experimental)
+CONFIG_BGSCAN_LEARN=y
+
+# Opportunistic Wireless Encryption (OWE)
+# Experimental implementation of draft-harkins-owe-07.txt
+CONFIG_OWE=y
+
+# Device Provisioning Protocol (DPP) (also known as Wi-Fi Easy Connect)
+CONFIG_DPP=y
+# DPP version 2 support
+CONFIG_DPP2=y
+# DPP version 3 support (experimental and still changing; do not enable for
+# production use)
+#CONFIG_DPP3=y
+
+# Wired equivalent privacy (WEP)
+# WEP is an obsolete cryptographic data confidentiality algorithm that is not
+# considered secure. It should not be used for anything anymore. The
+# functionality needed to use WEP is available in the current wpa_supplicant
+# release under this optional build parameter. This functionality is subject to
+# be completely removed in a future release.
+#CONFIG_WEP=y
+
+# Remove all TKIP functionality
+# TKIP is an old cryptographic data confidentiality algorithm that is not
+# considered secure. It should not be used anymore for anything else than a
+# backwards compatibility option as a group cipher when connecting to APs that
+# use WPA+WPA2 mixed mode. For now, the default wpa_supplicant build includes
+# support for this by default, but that functionality is subject to be removed
+# in the future.
+#CONFIG_NO_TKIP=y
+
+# Pre-Association Security Negotiation (PASN)
+# Experimental implementation based on IEEE P802.11z/D2.6 and the protocol
+# design is still subject to change. As such, this should not yet be enabled in
+# production use.
+#CONFIG_PASN=y
+
+# WPA3-Enterprise (SuiteB-192)
+CONFIG_SUITEB=y
+
+CONFIG_SUITEB192=y
+
+# Driver support is also needed for IEEE 802.11w.
+CONFIG_IEEE80211W=y
+
+# IEEE 802.11n (High Throughput) support (mainly for AP mode)
+CONFIG_IEEE80211N=y
+
+# Used by eapol_test only, see https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=985912
+CONFIG_IPV6=y