This commit refines the kernel networking configuration modernization alignment for AArch64 devices (H700, RK3326, RK3399, RK3566, RK3588, S922X, SDM845, SM8250, SM8550, SM8650). It builds upon the standardization and modernization patches merged in PR #2213, prioritizing "gaming-first" resources and boot speed while ensuring minimal bloat by removing uneeded existing modules and built in's to a validated set required for core use cases.
Detailed Justification of Changes:
Native Legacy Iptables Path & Future NFT Alignment
Change: Set CONFIG_IP_NF_IPTABLES=y and disabled CONFIG_NFT_COMPAT.
ROCKNIX Use Case: Userspace tools currently rely on legacy iptables. Disabling the NFT_COMPAT translation layer forces the kernel to use the native legacy code path, eliminating the CPU overhead of translating rules to nftables bytecode. This ensures maximal performance on limited hardware now, while paving the way for a future userspace transition to native nft tooling (aligning with upstream LibreELEC is moving towards) without the technical debt/potential perf regression of the compatibility layer on low end targets.
Built-in Netfilter & Conntrack (Reliability for Netplay/Tools)
Change: Moved Core Netfilter, Connection Tracking, and NAT to built-in (=y).
ROCKNIX Use Case: Features like Netplay, Scrapers, and Wi-Fi tethering rely on robust connection tracking. Baking this into the kernel prevents race conditions during boot where network services might fail because modules weren't loaded yet. It ensures consistent network behavior immediately upon boot without waiting for disk I/O to load modules. This is especially critical for devices where the NIC driver is built-in, ensuring the firewall stack is active the moment the network interface initializes.
Modularized Bridging & STP (Bloat Reduction)
Change: Moved CONFIG_BRIDGE, CONFIG_STP, and LLC to modules (=m).
ROCKNIX Use Case: These devices predominantly act as Wi-Fi clients, not network switches. There is no need to keep the Spanning Tree Protocol or Bridge logic resident in the static kernel image, consuming RAM and increasing kernel size. This change reduces the uncompressed image size, contributing to faster boot times.
On-Demand Drivers (RAM Optimization)
Change: Modularized CONFIG_TUN (VPNs), CONFIG_VETH (Containers), and CONFIG_NET_DSA (Switching).
ROCKNIX Use Case: Most users launch emulators immediately. VPNs and Docker containers are niche use cases. By modularizing these, we save RAM for the actual games and emulators. These drivers will now only load if the user explicitly enables a VPN or launches a container.
System Script Support
Change: Enabled CONFIG_NF_CONNTRACK_PROCFS=y.
ROCKNIX Use Case: The availability of standard procfs interfaces enabled by this option is critical for various system scripts (e.g., USBGadget configuration) to function correctly during boot and runtime operations.
Devices affected:
H700, RK3326, RK3399, RK3566, RK3588
S922X, SDM845, SM8250, SM8550, SM8650
