Hi. It turns out you should use a `linux-libre` kernel same as you would in x64. If you’re running arm64 then it will still build and have all the features you expect.  I forgot I filed a bug for this but it’s resolved on my end now. Best, Elais On May 22, 2024 at 05:36 -0700, Richard Sent , wrote: > elais@fastmail.com writes: > > > Right now wireguard and nftable services are broken on the aarch64 > > kernel due to their respective kernel config parameters not being > > added as modules or compiled into the kernel. I'm hesitant to call > > this a bug but it does mean wireguard and nftables are unavailable. A > > good chunk of iptables operations are missing as well. I don't have > > much experience configuring a kernel but perhaps there's a way to > > insure feature parity between the x86_64 and aarch64 kernels? > > I ran into this issue myself when using linux-libre-arm64-generic so > it's still around. It can cause boot problems too depending on what > exactly is missing. > > qemu-binfmt-service-type adds a file-system dependency on > /proc/sys/fs/binfmt_misc, and requires the kernel to have > CONFIG_BINFMT_MISC set. The 6.8-arm64.conf file does have > CONFIG_BINFMT_MISC=m, but in the compiled kernel that option is unset. > Ergo the file-system doesn't exist and Shepherd fails to finish > initializing file systems. > > Seeing as how certain config changes are made to > linux-libre-arm64-generic to improve device compatibility, I hope the > differences can be minimized between the "vanilla" linux-libre and > customized linux-libre-arm64-generic outside of device compatibility > changes to reduce surprises like this. > > -- > Take it easy, > Richard Sent > Making my computer weirder one commit at a time.