* Cleaned up backports patch to only bring in header changes if they are
not tied directly to NSS firmware API. Because the API for NSS
firmware has strict structure and ordering, it ends up messing with
driver calls.
Signed-off-by: Sean Khan <datapronix@protonmail.com>
These were accidently configured as 'y' when it was supposed to be 'm'
Should resolve the following build errors:
```
qca-nss-tun6rd.ko' is missing.
```
Signed-off-by: Sean Khan <datapronix@protonmail.com>
`0012-Makefile-modularize-driver.patch` mistakenly added 'wifi_mesh_init'
when it was already in 'nss_init.c'.
The patch following `0013-backport-12.4.patch` would then
clean up the "duplicated" entries.
Signed-off-by: Sean Khan <datapronix@protonmail.com>
Added a custom function to show NSS firmware version during boot.
```
[Mon Jul 8 07:45:21 2024] qca-nss 39000000.nss: NSS FW Version: NSS.FW.12.1-022-HK.R
```
And
```
[Mon Jul 8 07:21:12 2024] qca-nss 39000000.nss: NSS FW Version: NSS.HK.11.4.0.5-5-R
```
Not sure why Qualcomm never included this ability in their drivers, since
it's clearly there in every firmware.
Signed-off-by: Sean Khan <datapronix@protonmail.com>
When using `nft insert rule` the rule is inserted on top of the
`forward_wan` chain, which bypasses any filtering in place. Instead,
append the rule to the end of the chain.
Other changes include renaming chain `RATE-LIMIT` to `ECM-RATE-LIMIT`
for better rule classification, and `shellformat` formatting.
Signed-off-by: Sean Khan <datapronix@protonmail.com>
`lo` and `bonding_masters` interfaces are not managed by ethtool, so
should be skipped when disabling any interface features.
Signed-off-by: Sean Khan <datapronix@protonmail.com>
Cleaned up formatting and changed the way console messages are printed.
The message will now properly show up in dmesg output with color, and
date formatting rather than a non descriptive message like the following:
Before:
```
/lib/firmware/qca-nss0-retail.bin 33
/lib/firmware/qca-nss1-retail.bin 33
```
After:
```
[Mon Jul 8 07:21:12 2024] hotplug: symlinking /lib/firmware/qca-nss0.bin to /lib/firmware/qca-nss0-retail.bin
[Mon Jul 8 07:21:12 2024] hotplug: symlinking /lib/firmware/qca-nss1.bin to /lib/firmware/qca-nss1-retail.bin
```
Signed-off-by: Sean Khan <datapronix@protonmail.com>
This is mostly a cosmetic change and meant to make it easier to see
the to see history of commits.
The currently published NSS FW on QUIC's repo is:
NSS.HK.11.4.0.5-5-R which is on branch caf_migration/NHSS.QSDK.11.4.0.5
However, it's not the latest of the `11.4.0.5` release which is
NSS.HK.11.4.0.5-6-R which is on branch `origin/NSS_11.4.0.5`
Although the versions look to be minor releases. NSS driver shows
significant changes in the headers files concerning `wifi` and `wifi
mesh`.
When doing a diff between the 2 releases, it was hard to tell exactly
what changed because most of it seemed to be non-functional changes,
formatting, etc. This patch is only meant to make the files visually
similiar between the two releases, to better show functional changes.
Signed-off-by: Sean Khan <datapronix@protonmail.com>
commit 1bcef1647804d08e3d00b6f651086878786494e0 (HEAD, origin/NHSS.QSDK.12.5)
Author: Manish Verma <quic_maniverm@quicinc.com>
AuthorDate: Wed Jun 12 18:05:27 2024 +0530
Commit: Manish Verma <quic_maniverm@quicinc.com>
CommitDate: Mon Jun 24 22:04:14 2024 -0700
[nss-qdisc] Replace add_timer() to mod_timer()
For the unserialized modification of the timer's timerout, mod_timer()
API seems to be better suited as compared to the add_timer() API
Change-Id: I53fbb6174b975571dd3cc5cdd4ac3561903e178b
Signed-off-by: Manish Verma <quic_maniverm@quicinc.com>
(cherry picked from commit 55146834637d55f081f843e7330d4f1e7fe886dc)
Signed-off-by: Sean Khan <datapronix@protonmail.com>
refactored the logic in `__nss_hal_request_irq` to use case statements,
with a single call to `netif_napi_add_weight` and `request_irq`.
Signed-off-by: Sean Khan <datapronix@protonmail.com>
Reworked flawed smp_affinity logic. It was assumed that all 'nss_*' IRQs
needed to be equally balanced across all CPUs. However, what ends up
happening most of the time is messing with scheduling, thrashing, missed
cache and high context switching.
For each core:
1. nss_empty_buf_sos
2. nss_empty_buf_queue
3. nss_queue0
The IRQs should be kept on the same CPU. Doing so allows NSS cores to
properly feed and empty the queues.
Signed-off-by: Sean Khan <datapronix@protonmail.com>
This allows specifiying `CONFIG_NSS_FIRMWARE_VERSION_.*` on
the command line without having to set in .config. This is helpful if
needing to build/test both version quickly.
Signed-off-by: Sean Khan <datapronix@protonmail.com>
iptables based bridge filtering is incompatible with nftables (fw4), and
causes just causes NAT loopback issues.
This is only required for systems using legacy iptables (fw3) as the
primary firewalling. nftables doesn't need explicit enablement of bridge filtering.
Signed-off-by: Sean Khan <datapronix@protonmail.com>
Update to comply with APK's `pkgver` format.
Rather than stick with the same convention as upstream `qca-ssdk` and
`qca-nss-dp` which uses:
```
$(PKG_NAME)-$(PKG_SOURCE_DATE)~$(PKG_SOURCE_VERSION)
```
i.e. `qca-ssdk-2024.06.13~c451136b.tar.zst`
Add in the QSDK version as part of the release since we
have options to build for both 11.4 and 12.5. This makes it easier to
debug build related issues, by knowing exactly which QSDK version is
being built against.
Example:
```
qca-nss-drv-11.4.0.5.2021.06.24~dc14ca2.tar.zst
qca-nss-drv-12.5.2024.04.06~53a0dc1.tar.zst
qca-nss-clients-11.4.0.5.2021.08.17~153998d.tar.zst
qca-nss-clients-12.5.2024.03.05~9a53b18.tar.zst
```
Signed-off-by: Sean Khan <datapronix@protonmail.com>
allow users to specify specific metric to view, rather than
everything
Available stats objects:
cpu
crypto_cmn
dma
drv
dynamic_if
edma
eth_rx
ipv4
ipv6
n2h
unaligned
virt_if
wifi_ext_vdev
wifi
mesh
Usage: nss_stats obj1 obj2 ...
Default with no parameters shows all
Signed-off-by: Sean Khan <datapronix@protonmail.com>
Remove the $(NSS_ARCHIVE) variable that conflicts with building for
platforms other than IPQ807X. NSS_ARCHIVE is getting evaluated on very first
platform, rather than each platform.
This was primarily meant for externally hosted NSS firmware, but was mostly used internally.
Can be safely removed.
Reported-by: Shi Jiay (shi05275@gmail.com)
Signed-off-by: Sean Khan <datapronix@protonmail.com>
Because of the way these modules will hook into the kernel certain
applications that use devcrypto will try to offload to it. This just
kernel panics and user confusion.
These modules are broken on IPQ807x and there has been no work upstream
to fix it in over 3 years. Luckily these modules aren't required to get
offloading for over 95% of use cases (mostly just affects
IPSec/OpenVPN).
Rather than removing, I'm disabling these modules from showing up
in default build options when "@BROKEN" isn't explicitly enabled.
Signed-off-by: Sean Khan <datapronix@protonmail.com>
note: qca-nss-crypto, and qca-nss-cfi are non-code change releases, but
align with naming scheme upstream anyways.
Signed-off-by: Sean Khan <datapronix@protonmail.com>
kernel 6.6.29 added an additional parameter to `br_pass_frame_up` (bool
promisc). Add a check for it and handle accordingly.
Signed-off-by: Sean Khan <datapronix@protonmail.com>
The way ECM uci config is handled is pretty ugly due to it not specifying a
named section for 'general'.
Current:
```
➤ uci show ecm
ecm.global=ecm
ecm.global.acceleration_engine='nss'
ecm.@general[0]=general
ecm.@general[0].enable_bridge_filtering='0'
ecm.@general[0].disable_offloads='0'
ecm.@general[0].disable_flow_control='0'
ecm.@general[0].disable_interrupt_moderation='0'
ecm.@general[0].disable_gro='0'
```
None of the options require the use of unnamed sections
(like /etc/config/dhcp does when defining configs for multiple hosts)
With this change the config would produce:
```
ecm.global=ecm
ecm.global.acceleration_engine='nss'
ecm.general=ecm
ecm.general.enable_bridge_filtering='0'
ecm.general.disable_offloads='0'
ecm.general.disable_flow_control='0'
ecm.general.disable_interrupt_moderation='0'
ecm.general.disable_gro='0'
```
Which is a lot easier to read, and access programmatically.
We can also merge `global` and `general` into a single section as it
doesn't really make sense why we need global/general when it's
technically "ALL" globally applied.
For now, to ease users on the change, let's just stick to 2 sections.
**PLEASE NOTE: For users building their own images, and storing their**
**configs in 'files/etc/config/ecm' you will need to manually update the**
**config before compiling.**
For users using **sysupgrade** or installing without custom config at build
time 'files/etc/config/ecm' should be OK.
The following can be run manually on the config file 'ecm'
```sh
conf=/etc/config/ecm
uci -q show ecm.general || {
echo "Converting 'ECM' config to new format."
sed -i "s/config.*general.*/config ecm 'general'/g" "$conf"
}
```
Signed-off-by: Sean Khan <datapronix@protonmail.com>
1.) Rather than modify upstream `smp_affinity` script, move changes into
this init script.
Primarily: "xhci-hcd:usb1", "ppdu-end-interrupts-mac1", "ppdu-end-interrupts-mac2"
2.) Move logging into separate function, and better account for NSS core
specific output.
3.) Set the defaults for `enable_rps` and `enable_log` to true ('1').
4.) Change startup to sequence to `94` [after `smp_affinity` (93)]
Signed-off-by: Qosmio <datapronix@protonmail.com>
Using the previous version, not all nss related interrupts were being balanced across the available CPU cores.
This makes sure they are as well as moving a bit more off cpu0.
1.) Moved `set_affinity` function outside of `enable_rps`
2.) Added 2 new functions `bitmask_to_cpus` and `cpus_to_bitmask`
a.) bitmask_to_cpus - Takes a bitmask of CPUs and returns a
list of CPU numbers. (i.e. `bitmask_to_cpus "f"` -> 0,1,2,3)
b.) cpus_to_bitmask - Takes a comma/space or range list of CPUs and returns
a bitmask. (i.e. `cpus_to_bitmask "2,3"` -> c)
3.) Changed logic of `set_affinity` to now use physical CPUs rather than
knowing the bitmask. This should make it more straight forward when
testing changes
4.) Added an UCI option `enable_log` to enable/disable logging output to
`logger`. Default is `1` (on)
5.) Removed unused UCI options `nss_firmware *`
6.) Changed the way UCI options are retrieved to account for missing
options.
7.) Moved '/lib/debug/qca-nss-drv' to '/usr/bin/nss_stats' so it's in
$PATH and has a more intuitive name
Using the previous version, not all nss related interrupts were being balanced across the available CPU cores.
This makes sure they are as well as moving a bit more off cpu0.
