The idea that "newer" NSS firmware = "better" is not always true.
Especially given that 11.4 is the only firmware known to work with mesh,
among other issues like WDS/rmnet_nss being broken on 12.5 releases.
Add option to allow building for all known and available NSS firmwares.
The following are now supported NSS firmwares:
1.) 11.4.0.5-5
2.) 12.1
3.) 12.2
4.) 12.5
Users should start with 11.4 as that seems to be the one with the most
enabled features. It is now also the default version.
Signed-off-by: Sean Khan <datapronix@protonmail.com>
This script is meant to set various skb_recycler settings. There is a
similar version in QSDK, but it's packaged in the main repo, rather than
an external package like 'qca-nss-drv'. To avoid making too many changes
in the main repo, introduce this script in `qca-nss-drv`.
This script will read the following config:
/etc/config/skb_recycler
```
config skb_recycler 'opt'
option max_skbs '1024'
option max_spare_skbs '256'
option enable '1'
```
Users are encouraged to experiment disabling `skb_recycler` to see if
memory leaks are still occuring, especially on 512M boards. There are issues
currently where skb_recycler corrupts skbs during times of high traffic, but there
wasn't a way to completely disable it.
Signed-off-by: Sean Khan <datapronix@protonmail.com>
`NSS_IPV4_RULE_CREATE_RAWIP_VALID` is only available in NSS FW
version 12.5, which is not publically availiable.
Signed-off-by: Sean Khan <datapronix@protonmail.com>
* Cleaned up backports patch to only bring in header changes if they are
not tied directly to NSS firmware API. Because the API for NSS
firmware has strict structure and ordering, it ends up messing with
driver calls.
Signed-off-by: Sean Khan <datapronix@protonmail.com>
These were accidently configured as 'y' when it was supposed to be 'm'
Should resolve the following build errors:
```
qca-nss-tun6rd.ko' is missing.
```
Signed-off-by: Sean Khan <datapronix@protonmail.com>
`0012-Makefile-modularize-driver.patch` mistakenly added 'wifi_mesh_init'
when it was already in 'nss_init.c'.
The patch following `0013-backport-12.4.patch` would then
clean up the "duplicated" entries.
Signed-off-by: Sean Khan <datapronix@protonmail.com>
Added a custom function to show NSS firmware version during boot.
```
[Mon Jul 8 07:45:21 2024] qca-nss 39000000.nss: NSS FW Version: NSS.FW.12.1-022-HK.R
```
And
```
[Mon Jul 8 07:21:12 2024] qca-nss 39000000.nss: NSS FW Version: NSS.HK.11.4.0.5-5-R
```
Not sure why Qualcomm never included this ability in their drivers, since
it's clearly there in every firmware.
Signed-off-by: Sean Khan <datapronix@protonmail.com>
When using `nft insert rule` the rule is inserted on top of the
`forward_wan` chain, which bypasses any filtering in place. Instead,
append the rule to the end of the chain.
Other changes include renaming chain `RATE-LIMIT` to `ECM-RATE-LIMIT`
for better rule classification, and `shellformat` formatting.
Signed-off-by: Sean Khan <datapronix@protonmail.com>
`lo` and `bonding_masters` interfaces are not managed by ethtool, so
should be skipped when disabling any interface features.
Signed-off-by: Sean Khan <datapronix@protonmail.com>
Cleaned up formatting and changed the way console messages are printed.
The message will now properly show up in dmesg output with color, and
date formatting rather than a non descriptive message like the following:
Before:
```
/lib/firmware/qca-nss0-retail.bin 33
/lib/firmware/qca-nss1-retail.bin 33
```
After:
```
[Mon Jul 8 07:21:12 2024] hotplug: symlinking /lib/firmware/qca-nss0.bin to /lib/firmware/qca-nss0-retail.bin
[Mon Jul 8 07:21:12 2024] hotplug: symlinking /lib/firmware/qca-nss1.bin to /lib/firmware/qca-nss1-retail.bin
```
Signed-off-by: Sean Khan <datapronix@protonmail.com>
This is mostly a cosmetic change and meant to make it easier to see
the to see history of commits.
The currently published NSS FW on QUIC's repo is:
NSS.HK.11.4.0.5-5-R which is on branch caf_migration/NHSS.QSDK.11.4.0.5
However, it's not the latest of the `11.4.0.5` release which is
NSS.HK.11.4.0.5-6-R which is on branch `origin/NSS_11.4.0.5`
Although the versions look to be minor releases. NSS driver shows
significant changes in the headers files concerning `wifi` and `wifi
mesh`.
When doing a diff between the 2 releases, it was hard to tell exactly
what changed because most of it seemed to be non-functional changes,
formatting, etc. This patch is only meant to make the files visually
similiar between the two releases, to better show functional changes.
Signed-off-by: Sean Khan <datapronix@protonmail.com>
commit 1bcef1647804d08e3d00b6f651086878786494e0 (HEAD, origin/NHSS.QSDK.12.5)
Author: Manish Verma <quic_maniverm@quicinc.com>
AuthorDate: Wed Jun 12 18:05:27 2024 +0530
Commit: Manish Verma <quic_maniverm@quicinc.com>
CommitDate: Mon Jun 24 22:04:14 2024 -0700
[nss-qdisc] Replace add_timer() to mod_timer()
For the unserialized modification of the timer's timerout, mod_timer()
API seems to be better suited as compared to the add_timer() API
Change-Id: I53fbb6174b975571dd3cc5cdd4ac3561903e178b
Signed-off-by: Manish Verma <quic_maniverm@quicinc.com>
(cherry picked from commit 55146834637d55f081f843e7330d4f1e7fe886dc)
Signed-off-by: Sean Khan <datapronix@protonmail.com>
refactored the logic in `__nss_hal_request_irq` to use case statements,
with a single call to `netif_napi_add_weight` and `request_irq`.
Signed-off-by: Sean Khan <datapronix@protonmail.com>
Reworked flawed smp_affinity logic. It was assumed that all 'nss_*' IRQs
needed to be equally balanced across all CPUs. However, what ends up
happening most of the time is messing with scheduling, thrashing, missed
cache and high context switching.
For each core:
1. nss_empty_buf_sos
2. nss_empty_buf_queue
3. nss_queue0
The IRQs should be kept on the same CPU. Doing so allows NSS cores to
properly feed and empty the queues.
Signed-off-by: Sean Khan <datapronix@protonmail.com>
This allows specifiying `CONFIG_NSS_FIRMWARE_VERSION_.*` on
the command line without having to set in .config. This is helpful if
needing to build/test both version quickly.
Signed-off-by: Sean Khan <datapronix@protonmail.com>
iptables based bridge filtering is incompatible with nftables (fw4), and
causes just causes NAT loopback issues.
This is only required for systems using legacy iptables (fw3) as the
primary firewalling. nftables doesn't need explicit enablement of bridge filtering.
Signed-off-by: Sean Khan <datapronix@protonmail.com>
Update to comply with APK's `pkgver` format.
Rather than stick with the same convention as upstream `qca-ssdk` and
`qca-nss-dp` which uses:
```
$(PKG_NAME)-$(PKG_SOURCE_DATE)~$(PKG_SOURCE_VERSION)
```
i.e. `qca-ssdk-2024.06.13~c451136b.tar.zst`
Add in the QSDK version as part of the release since we
have options to build for both 11.4 and 12.5. This makes it easier to
debug build related issues, by knowing exactly which QSDK version is
being built against.
Example:
```
qca-nss-drv-11.4.0.5.2021.06.24~dc14ca2.tar.zst
qca-nss-drv-12.5.2024.04.06~53a0dc1.tar.zst
qca-nss-clients-11.4.0.5.2021.08.17~153998d.tar.zst
qca-nss-clients-12.5.2024.03.05~9a53b18.tar.zst
```
Signed-off-by: Sean Khan <datapronix@protonmail.com>
allow users to specify specific metric to view, rather than
everything
Available stats objects:
cpu
crypto_cmn
dma
drv
dynamic_if
edma
eth_rx
ipv4
ipv6
n2h
unaligned
virt_if
wifi_ext_vdev
wifi
mesh
Usage: nss_stats obj1 obj2 ...
Default with no parameters shows all
Signed-off-by: Sean Khan <datapronix@protonmail.com>
Remove the $(NSS_ARCHIVE) variable that conflicts with building for
platforms other than IPQ807X. NSS_ARCHIVE is getting evaluated on very first
platform, rather than each platform.
This was primarily meant for externally hosted NSS firmware, but was mostly used internally.
Can be safely removed.
Reported-by: Shi Jiay (shi05275@gmail.com)
Signed-off-by: Sean Khan <datapronix@protonmail.com>
Because of the way these modules will hook into the kernel certain
applications that use devcrypto will try to offload to it. This just
kernel panics and user confusion.
These modules are broken on IPQ807x and there has been no work upstream
to fix it in over 3 years. Luckily these modules aren't required to get
offloading for over 95% of use cases (mostly just affects
IPSec/OpenVPN).
Rather than removing, I'm disabling these modules from showing up
in default build options when "@BROKEN" isn't explicitly enabled.
Signed-off-by: Sean Khan <datapronix@protonmail.com>
note: qca-nss-crypto, and qca-nss-cfi are non-code change releases, but
align with naming scheme upstream anyways.
Signed-off-by: Sean Khan <datapronix@protonmail.com>
kernel 6.6.29 added an additional parameter to `br_pass_frame_up` (bool
promisc). Add a check for it and handle accordingly.
Signed-off-by: Sean Khan <datapronix@protonmail.com>
