him411/nss-packages-qosmio
1
0
Fork 0
mirror of https://github.com/qosmio/nss-packages.git synced 2025-12-16 16:21:53 +00:00
Code Issues Packages Projects Releases Wiki Activity

treewide: mark various qca-nss modules as BROKEN

Browse Source 
Several QCA NSS modules compile successfully but do not
function properly at runtime. This is due to either faulty
implementation or deliberate disabling of certain features in the NSS
firmware by Qualcomm.

Based on extensive testing with NSS firmware 11.4:
- Only 22 out of 64 dynamic interface types succeed in creation.
- All others return NACK, indicating lack of support or broken
  implementation.

Modules affected include DTLS, IPSEC, TLS, CAPWAP, GRE redirect paths,
VXLAN, CLMAP and more.

OpenVPN support is partially enabled on crypto core, but requires patching
userspace OpenVPN to function — outside scope here. Wireguard is preferred
as it already achieves line-rate performance without relying on NSS offload.

Marking these kernel packages as BROKEN to prevent false expectations
and discourage their use, though they're available should Qualcomm
ever release a firmware that supports them. (NOT GOING TO HAPPEN...)

Signed-off-by: Sean Khan <datapronix@protonmail.com>
This commit is contained in:
Sean Khan 2025-04-30 03:18:00 -04:00
parent df691901d4
commit 2ffd5034a6
2 changed files with 34 additions and 23 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

48
qca-nss-clients/Makefile
View File

@ -111,7 +111,8 @@ define KernelPackage/qca-nss-drv-dtlsmgr
DEPENDS:=@(TARGET_qualcommax_ipq807x||TARGET_qualcommax_ipq60xx) \ DEPENDS:=@(TARGET_qualcommax_ipq807x||TARGET_qualcommax_ipq60xx) \
+kmod-qca-nss-drv \ +kmod-qca-nss-drv \
+@NSS_DRV_DTLS_ENABLE \ +@NSS_DRV_DTLS_ENABLE \
+kmod-qca-nss-cfi-cryptoapi +kmod-qca-nss-cfi-cryptoapi \
@BROKEN
FILES:=$(PKG_BUILD_DIR)/dtls/$(DTLSMGR_DIR)/qca-nss-dtlsmgr.ko FILES:=$(PKG_BUILD_DIR)/dtls/$(DTLSMGR_DIR)/qca-nss-dtlsmgr.ko
endef endef
@ -127,7 +128,8 @@ define KernelPackage/qca-nss-drv-tlsmgr
DEPENDS:=@(TARGET_qualcommax_ipq807x||TARGET_qualcommax_ipq60xx) \ DEPENDS:=@(TARGET_qualcommax_ipq807x||TARGET_qualcommax_ipq60xx) \
+kmod-qca-nss-drv \ +kmod-qca-nss-drv \
+@NSS_DRV_TLS_ENABLE \ +@NSS_DRV_TLS_ENABLE \
+kmod-qca-nss-cfi-cryptoapi +kmod-qca-nss-cfi-cryptoapi \
@BROKEN
FILES:=$(PKG_BUILD_DIR)/tls/qca-nss-tlsmgr.ko FILES:=$(PKG_BUILD_DIR)/tls/qca-nss-tlsmgr.ko
endef endef
@ -247,9 +249,9 @@ define KernelPackage/qca-nss-drv-profile
SECTION:=kernel SECTION:=kernel
CATEGORY:=Kernel modules CATEGORY:=Kernel modules
SUBMENU:=Network Devices SUBMENU:=Network Devices
TITLE:=Profiler for QCA NSS driver (IPQ806x)
DEPENDS:=@TARGET_ipq806x \ DEPENDS:=@TARGET_ipq806x \
+kmod-qca-nss-drv +kmod-qca-nss-drv
TITLE:=Profiler for QCA NSS driver (IPQ806x)
FILES:=$(PKG_BUILD_DIR)/profiler/qca-nss-profile-drv.ko FILES:=$(PKG_BUILD_DIR)/profiler/qca-nss-profile-drv.ko
endef endef
@ -266,7 +268,8 @@ define KernelPackage/qca-nss-drv-ipsecmgr
+kmod-qca-nss-drv \ +kmod-qca-nss-drv \
+@NSS_DRV_IPSEC_ENABLE \ +@NSS_DRV_IPSEC_ENABLE \
+kmod-qca-nss-cfi-cryptoapi \ +kmod-qca-nss-cfi-cryptoapi \
+PACKAGE_kmod-qca-nss-drv-l2tpv2:kmod-qca-nss-drv-l2tpv2 +PACKAGE_kmod-qca-nss-drv-l2tpv2:kmod-qca-nss-drv-l2tpv2 \
@BROKEN
FILES:=$(PKG_BUILD_DIR)/ipsecmgr/$(IPSECMGR_DIR)/qca-nss-ipsecmgr.ko FILES:=$(PKG_BUILD_DIR)/ipsecmgr/$(IPSECMGR_DIR)/qca-nss-ipsecmgr.ko
AUTOLOAD:=$(call AutoLoad,60,qca-nss-ipsecmgr) AUTOLOAD:=$(call AutoLoad,60,qca-nss-ipsecmgr)
endef endef
@ -284,7 +287,8 @@ define KernelPackage/qca-nss-drv-ipsecmgr-klips
@LINUX_5_4 \ @LINUX_5_4 \
+kmod-qca-nss-drv-ipsecmgr \ +kmod-qca-nss-drv-ipsecmgr \
+kmod-qca-nss-cfi-cryptoapi \ +kmod-qca-nss-cfi-cryptoapi \
+PACKAGE_kmod-qca-nss-drv-vxlanmgr:kmod-qca-nss-drv-vxlanmgr +PACKAGE_kmod-qca-nss-drv-vxlanmgr:kmod-qca-nss-drv-vxlanmgr \
@BROKEN
FILES:=$(PKG_BUILD_DIR)/ipsecmgr/$(IPSECMGR_DIR)/plugins/klips/qca-nss-ipsec-klips.ko FILES:=$(PKG_BUILD_DIR)/ipsecmgr/$(IPSECMGR_DIR)/plugins/klips/qca-nss-ipsec-klips.ko
endef endef
@ -301,7 +305,8 @@ define KernelPackage/qca-nss-drv-ipsecmgr-xfrm
+kmod-qca-nss-drv-ipsecmgr \ +kmod-qca-nss-drv-ipsecmgr \
+kmod-qca-nss-ecm \ +kmod-qca-nss-ecm \
+PACKAGE_kmod-qca-nss-drv-vxlanmgr:kmod-qca-nss-drv-vxlanmgr \ +PACKAGE_kmod-qca-nss-drv-vxlanmgr:kmod-qca-nss-drv-vxlanmgr \
+kmod-ipsec +kmod-ipsec \
@BROKEN
FILES:=$(PKG_BUILD_DIR)/ipsecmgr/$(IPSECMGR_DIR)/plugins/xfrm/qca-nss-ipsec-xfrm.ko FILES:=$(PKG_BUILD_DIR)/ipsecmgr/$(IPSECMGR_DIR)/plugins/xfrm/qca-nss-ipsec-xfrm.ko
endef endef
@ -313,11 +318,12 @@ define KernelPackage/qca-nss-drv-capwapmgr
SECTION:=kernel SECTION:=kernel
CATEGORY:=Kernel modules CATEGORY:=Kernel modules
SUBMENU:=Network Devices SUBMENU:=Network Devices
TITLE:=NSS CAPWAP manager for QCA NSS
DEPENDS:=@(TARGET_qualcommax_ipq807x||TARGET_qualcommax_ipq60xx) \ DEPENDS:=@(TARGET_qualcommax_ipq807x||TARGET_qualcommax_ipq60xx) \
+kmod-qca-nss-drv \ +kmod-qca-nss-drv \
+kmod-qca-nss-drv-dtlsmgr \ +kmod-qca-nss-drv-dtlsmgr \
+@NSS_DRV_TRUSTSEC_ENABLE +@NSS_DRV_TRUSTSEC_ENABLE \
TITLE:=NSS CAPWAP manager for QCA NSS @BROKEN
FILES:=$(PKG_BUILD_DIR)/capwapmgr/qca-nss-capwapmgr.ko FILES:=$(PKG_BUILD_DIR)/capwapmgr/qca-nss-capwapmgr.ko
endef endef
@ -422,6 +428,7 @@ define KernelPackage/qca-nss-drv-netlink
SECTION:=kernel SECTION:=kernel
CATEGORY:=Kernel modules CATEGORY:=Kernel modules
SUBMENU:=Network Devices SUBMENU:=Network Devices
TITLE:=NSS NETLINK manager for QCA NSS driver
DEPENDS:=@TARGET_qualcommax \ DEPENDS:=@TARGET_qualcommax \
+kmod-qca-nss-drv \ +kmod-qca-nss-drv \
+@NSS_DRV_IPV6_ENABLE \ +@NSS_DRV_IPV6_ENABLE \
@ -445,7 +452,6 @@ define KernelPackage/qca-nss-drv-netlink
+PACKAGE_kmod-qca-nss-drv-tunipip6:kmod-qca-nss-drv-tunipip6 \ +PACKAGE_kmod-qca-nss-drv-tunipip6:kmod-qca-nss-drv-tunipip6 \
+PACKAGE_kmod-qca-nss-drv-vxlanmgr:kmod-qca-nss-drv-vxlanmgr \ +PACKAGE_kmod-qca-nss-drv-vxlanmgr:kmod-qca-nss-drv-vxlanmgr \
+@(PACKAGE_kmod-qca-nss-drv-gre):NSS_DRV_GRE_REDIR_ENABLE +@(PACKAGE_kmod-qca-nss-drv-gre):NSS_DRV_GRE_REDIR_ENABLE
TITLE:=NSS NETLINK manager for QCA NSS driver
FILES:=$(PKG_BUILD_DIR)/netlink/qca-nss-netlink.ko FILES:=$(PKG_BUILD_DIR)/netlink/qca-nss-netlink.ko
endef endef
@ -463,7 +469,8 @@ define KernelPackage/qca-nss-drv-ovpn-mgr
+@NSS_DRV_QVPN_ENABLE \ +@NSS_DRV_QVPN_ENABLE \
+kmod-qca-nss-cfi-cryptoapi \ +kmod-qca-nss-cfi-cryptoapi \
+kmod-ipt-conntrack \ +kmod-ipt-conntrack \
+kmod-tun +kmod-tun \
@BROKEN
FILES:=$(PKG_BUILD_DIR)/openvpn/src/qca-nss-ovpn-mgr.ko FILES:=$(PKG_BUILD_DIR)/openvpn/src/qca-nss-ovpn-mgr.ko
endef endef
@ -478,7 +485,8 @@ define KernelPackage/qca-nss-drv-ovpn-link
TITLE:=Kernel driver for interfacing NSS OpenVPN manager with ECM TITLE:=Kernel driver for interfacing NSS OpenVPN manager with ECM
DEPENDS:=@(TARGET_qualcommax_ipq807x||TARGET_qualcommax_ipq60xx) \ DEPENDS:=@(TARGET_qualcommax_ipq807x||TARGET_qualcommax_ipq60xx) \
+kmod-qca-nss-drv-ovpn-mgr \ +kmod-qca-nss-drv-ovpn-mgr \
+kmod-qca-nss-ecm +kmod-qca-nss-ecm \
@BROKEN
FILES:=$(PKG_BUILD_DIR)/openvpn/plugins/qca-nss-ovpn-link.ko FILES:=$(PKG_BUILD_DIR)/openvpn/plugins/qca-nss-ovpn-link.ko
endef endef
@ -490,11 +498,12 @@ define KernelPackage/qca-nss-drv-pvxlanmgr
SECTION:=kernel SECTION:=kernel
CATEGORY:=Kernel modules CATEGORY:=Kernel modules
SUBMENU:=Network Devices SUBMENU:=Network Devices
TITLE:=NSS connection manager for PVxLANs
DEPENDS:=@TARGET_qualcommax \ DEPENDS:=@TARGET_qualcommax \
+kmod-qca-nss-drv \ +kmod-qca-nss-drv \
+@NSS_DRV_PVXLAN_ENABLE \ +@NSS_DRV_PVXLAN_ENABLE \
+kmod-vxlan +kmod-vxlan \
TITLE:=NSS connection manager for PVxLANs @BROKEN
FILES:=$(PKG_BUILD_DIR)/pvxlanmgr/qca-nss-pvxlanmgr.ko FILES:=$(PKG_BUILD_DIR)/pvxlanmgr/qca-nss-pvxlanmgr.ko
endef endef
@ -506,10 +515,10 @@ define KernelPackage/qca-nss-drv-eogremgr
SECTION:=kernel SECTION:=kernel
CATEGORY:=Kernel modules CATEGORY:=Kernel modules
SUBMENU:=Network Devices SUBMENU:=Network Devices
TITLE:=NSS EOGRE manager for QCA NSS driver
DEPENDS:=@TARGET_qualcommax \ DEPENDS:=@TARGET_qualcommax \
+kmod-qca-nss-drv \ +kmod-qca-nss-drv \
+kmod-qca-nss-drv-gre +kmod-qca-nss-drv-gre
TITLE:=NSS EOGRE manager for QCA NSS driver
FILES:=$(PKG_BUILD_DIR)/eogremgr/qca-nss-eogremgr.ko FILES:=$(PKG_BUILD_DIR)/eogremgr/qca-nss-eogremgr.ko
endef endef
@ -521,11 +530,12 @@ define KernelPackage/qca-nss-drv-clmapmgr
SECTION:=kernel SECTION:=kernel
CATEGORY:=Kernel modules CATEGORY:=Kernel modules
SUBMENU:=Network Devices SUBMENU:=Network Devices
TITLE:=NSS clmap manager for QCA NSS driver
DEPENDS:=@TARGET_qualcommax \ DEPENDS:=@TARGET_qualcommax \
+kmod-qca-nss-drv \ +kmod-qca-nss-drv \
+@NSS_DRV_CLMAP_ENABLE \ +@NSS_DRV_CLMAP_ENABLE \
+kmod-qca-nss-drv-eogremgr +kmod-qca-nss-drv-eogremgr \
TITLE:=NSS clmap manager for QCA NSS driver @BROKEN
FILES:=$(PKG_BUILD_DIR)/clmapmgr/qca-nss-clmapmgr.ko FILES:=$(PKG_BUILD_DIR)/clmapmgr/qca-nss-clmapmgr.ko
endef endef
@ -537,11 +547,11 @@ define KernelPackage/qca-nss-drv-vxlanmgr
SECTION:=kernel SECTION:=kernel
CATEGORY:=Kernel modules CATEGORY:=Kernel modules
SUBMENU:=Network Devices SUBMENU:=Network Devices
TITLE:=NSS VxLAN manager for QCA NSS driver
DEPENDS:=@TARGET_qualcommax \ DEPENDS:=@TARGET_qualcommax \
+kmod-qca-nss-drv \ +kmod-qca-nss-drv \
+@NSS_DRV_VXLAN_ENABLE \ +@NSS_DRV_VXLAN_ENABLE \
+kmod-vxlan +kmod-vxlan
TITLE:=NSS VxLAN manager for QCA NSS driver
FILES:=$(PKG_BUILD_DIR)/vxlanmgr/qca-nss-vxlanmgr.ko FILES:=$(PKG_BUILD_DIR)/vxlanmgr/qca-nss-vxlanmgr.ko
AUTOLOAD:=$(call AutoLoad,51,qca-nss-vxlanmgr) AUTOLOAD:=$(call AutoLoad,51,qca-nss-vxlanmgr)
endef endef
@ -554,11 +564,11 @@ define KernelPackage/qca-nss-drv-match
SECTION:=kernel SECTION:=kernel
CATEGORY:=Kernel modules CATEGORY:=Kernel modules
SUBMENU:=Network Devices SUBMENU:=Network Devices
TITLE:=NSS Match for QCA NSS driver
DEPENDS:=@TARGET_qualcommax \ DEPENDS:=@TARGET_qualcommax \
+kmod-qca-nss-drv \ +kmod-qca-nss-drv \
+@NSS_DRV_MATCH_ENABLE \ +@NSS_DRV_MATCH_ENABLE \
+@NSS_DRV_WIFIOFFLOAD_ENABLE +@NSS_DRV_WIFIOFFLOAD_ENABLE
TITLE:=NSS Match for QCA NSS driver
FILES:=$(PKG_BUILD_DIR)/match/qca-nss-match.ko FILES:=$(PKG_BUILD_DIR)/match/qca-nss-match.ko
endef endef
@ -600,10 +610,10 @@ define KernelPackage/qca-nss-drv-wifi-meshmgr
SECTION:=kernel SECTION:=kernel
CATEGORY:=Kernel modules CATEGORY:=Kernel modules
SUBMENU:=Network Devices SUBMENU:=Network Devices
TITLE:=NSS WiFi-Mesh manager for QCA NSS driver
DEPENDS:=@TARGET_qualcommax \ DEPENDS:=@TARGET_qualcommax \
+kmod-qca-nss-drv \ +kmod-qca-nss-drv \
+@NSS_DRV_WIFI_MESH_ENABLE +@NSS_DRV_WIFI_MESH_ENABLE
TITLE:=NSS WiFi-Mesh manager for QCA NSS driver
FILES:=$(PKG_BUILD_DIR)/wifi_meshmgr/qca-nss-wifi-meshmgr.ko FILES:=$(PKG_BUILD_DIR)/wifi_meshmgr/qca-nss-wifi-meshmgr.ko
AUTOLOAD:=$(call AutoLoad,51,qca-nss-wifi-meshmgr) AUTOLOAD:=$(call AutoLoad,51,qca-nss-wifi-meshmgr)
endef endef

9
qca-nss-macsec/Makefile
View File

@ -20,8 +20,9 @@ define KernelPackage/qca-nss-macsec
SECTION:=kernel SECTION:=kernel
CATEGORY:=Kernel modules CATEGORY:=Kernel modules
SUBMENU:=Network Devices SUBMENU:=Network Devices
DEPENDS:=@(TARGET_qualcommax||TARGET_ipq60xx) \ DEPENDS:=@(TARGET_qualcommax_ipq807x||TARGET_ipq60xx) \
+libc +libc \
@BROKEN
TITLE:=Kernel driver for NSS macsec TITLE:=Kernel driver for NSS macsec
FILES:=$(PKG_BUILD_DIR)/qca-nss-macsec.ko FILES:=$(PKG_BUILD_DIR)/qca-nss-macsec.ko
AUTOLOAD:=$(call AutoLoad,52,qca-nss-macsec) AUTOLOAD:=$(call AutoLoad,52,qca-nss-macsec)
@ -35,8 +36,8 @@ QCA_NSS_MACSEC_CONFIG_OPTS+= TOOL_PATH=$(TOOLCHAIN_DIR)/bin/ \
SYS_PATH=$(LINUX_DIR) \ SYS_PATH=$(LINUX_DIR) \
TOOLPREFIX=$(TARGET_CROSS) \ TOOLPREFIX=$(TARGET_CROSS) \
KVER=$(LINUX_VERSION) \ KVER=$(LINUX_VERSION) \
CFLAGS="$(TARGET_CFLAGS)" \ CFLAGS="$(TARGET_CFLAGS)" \
LDFLAGS="$(TARGET_LDFLAGS)" \ LDFLAGS="$(TARGET_LDFLAGS)" \
ARCH=$(LINUX_KARCH) ARCH=$(LINUX_KARCH)
define Build/InstallDev define Build/InstallDev