Posts by chewitt

If you use the default PIA config with the problem CRL certs on LE13 and newer (with new OpenSSL) the problems will exist. If you run LE12 the problem should not exist (as older OpenSSL is used). On LE13 and newer if you remove the problem CRL bits from the default PIA config the problem is worked-around and the config will work. On this topic I think we reached the "You can lead a horse to water, but you can't make it drink" point. The workaround requires 30-seconds' worth of effort. It's up to you though.

On a deeper technical level WireGuard is quite different to OpenVPN but from a high-level user perspective they achieve the same thing and most commercial services support both. If you want to explore that there are setup instructions in the wiki. I'm going to pass on the opportunity to spoon-feed instructions or debate that further though.

echo 'options usb-storage quirks=152d:0583:u' > /storage/.config/modprobe.d/usb-storage.conf
reboot

There are quite a few reports of "device won't mount" on a range of distros for the "JMS583Gen 2 to PCIe Gen3x2 Bridge" adapter so run that ^ over SSH and see if it mounts correctly now?

Quote from TheAmorphous

I can run the stable release of 12.02 (non-legacy) and get video and audio just fine over HDMI now.

Some companies ship 'honest' release notes. Others never admit to their mistakes. At least it's fixed and there's an explanation of sorts

Quote from mglae

There is no i965 mesa driver any more in LE

I'm a bit behind on x86 matters (about a decade)

I was thinking to expense an N100 box to attempt tracking down the known audio issue (and to see how things are these days) but there are so many devices to choose from on Amazon I keep deferring the idea. It would be better if someone with a bigger interest in Intel matters would do it.

One of them replied .. delayed response due to some public festival/holiday in China. It'll be enough to get things in-motion.

Increase the "wait for network" timeout in LE settings to 30-seconds; it will exit the wait loop earlier if the connection is found/active earlier. Then the network is always up before Kodi starts and time (via NTP) will always be correct. There's no way to make drivers load and probe hardware faster.

NB: If you need a static address it usually easier to leave devices on DHCP but add a static reservation against the interface MAC in the router so it's always dynamically assigned the same address.

Done

LE(13) and RPiOS use the same Linux 6.12.y LTS kernel source so you shouldn't need to touch that. All the mesa patches are long upstreamed by Igalia (on behalf of RPi devs) so just use a recent version. Kodi and ffmpeg still requires downstream patches, as you'll find in our repo. The various build options are in the package.mk files, as you found. Beyond that, I've little experience with compiling Kodi outside our buildsystem so I can't really advise.

popcornmix does RPiOS not have an appropriately patched Kodi (and ffmpeg) version to use out-of-box?

Ahh. Sorry to hear that but glad there's a logical explanation for the erratic network behaviour!

Quote from Reddirt

I can cd /storage but doesn't seem to do anything.

The root user's home folder is /storage so when you login, this is where you are. If you then "cd /storage" you change directory to the same one you are already in. Hence it (correctly) doesn't seem to do anything.

I was originally suspecting a power issue; especially if the drive is being powered from the USB bus, but when power draw is the issue I'd expect to see spurious errors in the log; mount failures or USB errors or .. something to indicate the device probed then trying/failing/trying/failing to mount and then eventually succeeding. Instead the log looks clean, as if the device is probed (once) and then mounts cleanly and correctly (once).

If the device is USB bus powered, is it a 'single' USB cable or a 'dual' (Y) cable that takes power from multiple USB ports. SSD drives might be small but that doesn't necessarily mean they use little/less power - they can be hungry devices.

Just for info, please run "lsusb -tv | paste" and "lsmod | paste" when the drive is connected.

Benchmarks focus on "Which is fastest?" when the better question(s) are "Which is fast-enough for a good experience?" and "Which is best supported?" so they are not telling the whole story.

e.g. RK3588 wins all current ARM SoC benchmarks but is only borderline usable due to incomplete software, whereas comparatively slow RPi5 is more than fast-enough and exceptionally well supported. Intel based hardware also scores big numbers but has been a lottery in recent years due to the never-ending drama from by LSPCON chips (and firmware) in the display chain.

In short: Speed != Value

<?xml version="1.0" encoding="utf-8" ?>
<advancedsettings version="1.0">
  <!-- enable debug logging -->
  <loglevel hide="false">1</loglevel>
</advancedsettings>

First, create /storage/.kodi/userdata/advancedsettings.xml with that ^ content so Kodi is in debug mode for logs.

Second, run "vainfo | paste" and share the URL.

Now two things to experiment with:

a) Force the HDMI connector colourspace profile to Broadcast RGB:

systemctl stop kodi
kmstest -c HDMI-A-3 -P "Broadcast RGB=1" < /dev/null
systemctl start kodi

Any different? - run "pastekodi" and share the URL again.

b) Force Kodi to use the i965 driver profile:

MESA_LOADER_DRIVER_OVERRIDE=i965
LIBVA_DRIVER_NAME=i965

Create /storage/.config/kodi.conf with that ^ content, then reboot and run "pastekodi" and share the URL again. Also run "vainfo |paste" and share the URL.

I'm not expecting to acomplish anything .. but we'll have more information to review.

EDIT: 3rd thing: Do you have a DP to HDMI connector? .. i.e. connect to the DP socket not an HDMI socket. It would be interesting to see if that changes anything. I'm also wondering if the board has native HDMI connectors or internally they are DP with an LSPCON chip providing HDMI .. in which case have you ever updated the BIOS and/or LSPCON firmware?

PROJECT=RPi DEVICE=RPi5 ARCH=aarch64 make image

Or if you really do need to build an image .. start by building the current HEAD commit for either LE12 or master (LE13) branches. It all works. There is no need to muck about with package versions and patches.

Given that RPi5 is now a fully supported device, is there any reason you are not simply using the latest release or nightly image?

WireGuard does not depend on OpenSSL so it will not have the same issue with bad CRL certs (as they are not used). If it has issues they will be entirely WireGuard issues.

warning <general>: [display-info] EDID parser warnings:
warning <general>: [display-info] ----------------------------------------------
warning <general>: [display-info] Block 0, Base EDID:
warning <general>: [display-info]   Some but not all primaries coordinates are unset.
warning <general>: [display-info] 
warning <general>: [display-info] Block 1, CTA-861 Extension Block:
warning <general>: [display-info]   Video Capability Data Block: Set Selectable RGB Quantization to avoid interop issues.
warning <general>: [display-info] 
warning <general>: [display-info] ----------------------------------------------
info <general>: [display-info] make: 'AccuScene Corporation Ltd' model: 'ASLFHD'
info <general>: Found resolution 1920x1080 with 1920x1080 @ 60.000000 Hz
info <general>: Found resolution 1920x1080 with 1920x1080 @ 59.940063 Hz
info <general>: Found resolution 1280x720 with 1280x720 @ 60.000000 Hz
info <general>: Found resolution 1280x720 with 1280x720 @ 59.940063 Hz
info <general>: Found resolution 640x480 with 640x480 @ 60.000000 Hz

The limited number of resolutions/modes suggests to me that you're hooked up to a monitor? .. which is flagging some warnings about EDID data. Most devices flag some kind of EDID warning, but this is showing unusual ones for primaries/quantization which are related to colour .. and you're reporting weird colours.

If you connect the device to another HDMI device (ideally a normal TV) is anything different?

Quote from Grasshopper

How does invalid date get updated/corrected in crl?

It cannot be, hence the problem. The only way to avoid this is not fcuking up your certs with incorrect dates in the first place; then if or when you need to revoke them in the future the revoked certs have valid dates.

Thus the suggested workaround is to remove/disable the CRL function in the OpenVPN config. It's a bad workaround because CRLs have security purpose, but you have no alternative.