Recent changes in nss-clients enabled unconditional evaluation
of the `qca-nss-drv-dtlsmgr` and `qca-nss-drv-tlsmgr` packages,
which always pulled in their dependencies, including `qca-nss-cfi`
and `qca-nss-crypto`, even if these packages were not selected.
This caused build failures due to missing symbols when the
required NSS crypto components were not enabled.
This commit updates the Makefiles for `qca-nss-crypto` and `qca-nss-cfi`
to ensure that their build and install steps are only executed
if the corresponding package is selected.
Signed-off-by: Sean Khan <datapronix@protonmail.com>
"@" symbol implies "CONFIG_SOME_SYMBOL" whereas without implies
"CONFIG_PACKAGE_some-package". The later is what we want here since
nss-eip-firmware is a package.
Signed-off-by: Sean Khan <datapronix@protonmail.com>
commit 7a0c508 `treewide: rework handling platform specific features`
accidently set tun6rd and tlsmgr to 'y' vs. 'm' causing them to be built
if selected.
Signed-off-by: Sean Khan <datapronix@protonmail.com>
Overhaul the way platform-specific requirements are handled since
IPQ60xx and IPQ50xx don't support all the same features as IPQ807x.
Signed-off-by: Sean Khan <datapronix@protonmail.com>
GCC 15 has stricter checks for header macros where
mismatches between `#ifndef` and `#define` are flagged as errors.
Signed-off-by: Sean Khan <datapronix@protonmail.com>
First attempt at backporting the 12.5 ipq50xx fixes to 11.4.
Fixes compilation errors, but not tested on hardware yet.
Signed-off-by: Sean Khan <datapronix@protonmail.com>
can`t compile qca-nss-ecm packages in case 'l2tp' I got issue that there is no ppp_generic package.
So, this change will fix building for l2tp case and will not broke pppoe case
EDIT: Fix whitespace
The previous refactor (32dd47ec) attempted to use a common definition
block (`nss-firmware-common`) for package metadata and builds.
However, the way it was referenced (`$(nss-firmware-common)`) didn't
work for inheriting properties like TITLE, SECTION, CATEGORY, or
the install logic via `$(call ...)` within the sub-package definitions.
This resulted in the platform-specific packages
(`ipq807x`, `ipq60xx`, `ipq50xx`) being built without any firmwares
leading to empty `.ipk` files and failure to boot.
Signed-off-by: Sean Khan <datapronix@protonmail.com>
- Added proper CONFLICTS which should allow building multiple
firmwares in the same build tree.
- Updated version string for 11.4 (it was 5 when it's been 6 for a while)
- Adjusted nss-eip-firmware dependency to match IPQ807x/IPQ60xx since
'TARGET_qualcommax` included IPQ50xx which does not have EIP hardware.
- PKG_RELEASE bumped to 2
Signed-off-by: Sean Khan <datapronix@protonmail.com>
Remove '-Wno-enum-conversion -Wno-unused-variable -Wno-int-conversion' from CFLAGS
and instead patch the code to fix the warnings.
Signed-off-by: Sean Khan <datapronix@protonmail.com>
This commit updates 12.5 version of the nss-drv from:
1bcef16 -> 51be82d (2024-07-08)
Bringing in the following changes:
```
2024-07-08 - 26ed7e6 - [qca-nss-clients] Added a flag to check if HW UDP checksum is supported
2024-06-16 - 5514683 - [nss-qdisc] Replace add_timer() to mod_timer()
2024-06-11 - 3a567e0 - [qca-nss-clients] udp_st: Add a new mode to handle unsynchronized time
```
Signed-off-by: Sean Khan <datapronix@protonmail.com>
Mostly cosmetic changes, but also:
* Extend kernel version handling so kernels 6.1–6.14
are supported (untested on > 6.6)
* Replace various `NSS_SUCCESS`/`NSS_FAILURE` return codes with
`NSS_TX_SUCCESS`/`NSS_TX_FAILURE`
* Change di_data.response initialization in the dynamic interface
to use NSS_CMN_RESPONSE_ACK.
Primary affects `0016-nss-drv-add-support-for-kernel-6.6.patch`, while
other patches were refreshed.
Signed-off-by: Sean Khan <datapronix@protonmail.com>
In Linux kernel 6.6, the sysctl infrastructure changed
how it handles user/kernel memory boundaries.
The sysctl handlers now take a regular void *buffer instead
of void __user *buffer because the sysctl core now handles
the user-to-kernel copy/validation automatically.
Signed-off-by: Sean Khan <datapronix@protonmail.com>
Only build frontend based on selected acceleration engine.
ECM can build frontends for NSS/SFE/PPE, but for now only include option
for NSS.
Signed-off-by: Sean Khan <datapronix@protonmail.com>
Brings in the following commits from 12.5 branch:
2024-11-06 - 30fbfa4 - Fix for null dev entries in emesh-sawf.
2024-08-28 - 0718f48 - Add interface num to identify vlan device
Signed-off-by: Sean Khan <datapronix@protonmail.com>
This commit fixes two issues with how ECM module options are configured:
1. `/etc/modules.conf` was modified on every ECM start/restart,
even when no changes were needed.
2. If any other ECM parameters were set in `/etc/modules.conf` it would
overwrite them as the entire line was replaced.
The solution extracts configuration logic into a dedicated function that
only modifies what's necessary, properly handling all cases (updating existing
parameters, appending to existing options, or creating new options).
Signed-off-by: Sean Khan <datapronix@protonmail.com>
Bump to latest 12.5 branch to bring in the following:
* Flush the mdb tables in the event of NETDEV_DOWN
Signed-off-by: Sean Khan <datapronix@protonmail.com>
When building NSS GRE feature for non IPQ807x targets, the GRE `stats_ctx`
was not being properly defined.
Signed-off-by: Sean Khan <datapronix@protonmail.com>
This commit updates 12.5 version of the nss-drv from:
30fbfa4 -> 4dfab93
Bringing in the following changes:
```
2024-11-13 - d5ee67b - Add support for clearing N2H stats
2024-11-13 - 4850be3 - Add support for clearing DRV stats
2024-11-13 - 3d7c16d - Add support for clearing capwap stats
2024-11-13 - 163fbf4 - Add support clearing Crypto CMN stats
2024-11-13 - 084b475 - Add support for clearing DTLS CMN stats
2024-11-13 - e32f844 - Add support clearing PVxLAN stats
2024-11-13 - 2f54141 - Add support for clearing ipv6 stats
2024-11-13 - 702b14c - Add support for clearing C2C TX stats
2024-11-13 - 201dbc5 - Add support for clearing ipv4 stats
2024-11-13 - 24b6f1a - Add support for clearing eth_rx stats
2024-11-05 - 6e242de - Add support for clearing C2C RX stats
2024-11-05 - 942593c - Added a flag to identify if HW UDP checksum is supported for udp_st
2024-11-05 - e11eb4e - Add support for clearing Trustsec TX stats
2024-11-05 - 4f01399 - Add support for clearing EDMA Lite stats
2024-11-05 - 45b9a31 - Add support for clearing Trustsec RX stats
2024-11-05 - 57b338d - Add baseline stats write functionality
2024-10-16 - b671190 - Fix dtsi parameter that controls enabling UBI
2024-10-08 - 9514a99 - Enabling qca-nss-drv on 6.6 kernel
2024-07-16 - e96972f - udp_st: Add a new mode to handle unsynchronized time.
2024-05-16 - 1db9e55 - Add missing error code for wifili pkg.
```
Stats can be cleared by echoing `0` to the corresponding stats file.
For example, to clear the N2H stats, you can run:
```
echo 0 > /sys/kernel/debug/qca-nss-drv/stats/n2h
```
Previous change was reloading ECM on client DHCP requests causing
temporary packet loss. Change reload trigger to instead just disable
packet steering (the original intent of this feature).
Signed-off-by: Sean Khan <datapronix@protonmail.com>
Converted ecm init to PROCD service and added a function ensure packet steering
is always disabled when loading.
Added additional firewall/network/packet_steering triggers in case user
changes to packet steering are made in the web interface.
Signed-off-by: Sean Khan <datapronix@protonmail.com>
* qca-nss-drv: add ipq5018 support
* qca-nss-clients: add ipq5018 support
* qca-nss-crypto: add ipq5018 support
* qca-nss-cfi: add ipq5018 support
* qca-nss-macsec: add ipq5018 support
Revert the changes I made in a previous commit as it broke Virtual Interface creation for modems using RMNET/QMAP aggregation that have the parent wwan0 device split into wwan0_1, wwan0_2, etc the script should now correctly set up the Virtual Interface for both aggregated and non aggregated.
QMAP aggregation can be set up by:
rmmod qmi_wwan_q
insmod qmi_wwan_q qmap_mode=N
N being the number of sub devices created from the parent wwan0 device. I tried it out with my Quectel EG12-EA modem and had constant resets/crashes with the router often locking up.
The virtual device is created targeting a non existent parent device. Changed virtual device creation "json_add_string device $ifname6" and "$ifname4" to "json_add_string ifname @$interface" to create the virtual dhcp/dhcpv6 interface as an alias of the parent quectel interface.
`tx-checksumming` breaks multicast traffic over mesh interfaces.
Add a check in hotplug script to see if interface is mesh interface
and automatically disable `tx-checksumming`.
mac80211 is built inside of the main openwrt fork, so it will always
generate a more up to date `/etc/ipq_release` when being packaged.
Signed-off-by: Sean Khan <datapronix@protonmail.com>
Replace showing `gro` (Generic Recieve Offload) with
`rx-gro-list` (GRO Fraglist) as that is the more problematic
feature known to cause issues.
Signed-off-by: Sean Khan <datapronix@protonmail.com>
New option added to ecm config: `disable_gro_list`
This config option defaults to '1' (AKA disable rx-gro-list)
`rx-gro-list` is enabled by default in mainline OpenWrt, however it
is very bug prone, and causes various issues related to
UDP traffic (i.e DHCP, WireGuard, DNS, etc.)
This option is not explicitly required. If a user sets this to '0', a
warning will be shown in the logs everytime ECM is started.
Signed-off-by: Sean Khan <datapronix@protonmail.com>
This is meant to ease debugging when asking for support. Just run the
command "nss_diag" and include in your issues/forum posts.
Example of output
```
MODEL: Linksys MX5300
OPENWRT: r27608+169-3f98f68573
IPQ BRANCH: qualcommax-6.x-nss-mx4300-6.11
IPQ COMMIT: 2153dceb34
IPQ DATE: 2024-10-03
NSS FW: NSS.HK.11.4.0.5-6-R
MAC80211: v6.11-0-g98f7e32f20d2
ATH11K FW: WLAN.HK.2.12-01368-QCAHKSWPL_SILICONZ-1
GRO: wan : on
br-lan : on
lan1 : on
lan2 : on
lan3 : on
lan4 : on
phy0-mesh0 : on
phy1-ap0 : on
phy2-ap0 : on
NSS PKGS: kmod-qca-nss-cfi-cryptoapi - 6.6.53.12.5.2022.12.15~5cd07ce-r3
kmod-qca-nss-crypto - 6.6.53.12.5.2022.12.15~3c5a574-r3
kmod-qca-nss-dp - 6.6.53.2024.04.16~5bf8b91e-r1
kmod-qca-nss-drv - 6.6.53.11.4.0.5.2021.09.13~53e5863-r13
kmod-qca-nss-drv-bridge-mgr - 6.6.53.11.4.0.5.2021.08.17~c4049d1-r7
kmod-qca-nss-drv-igs - 6.6.53.11.4.0.5.2021.08.17~c4049d1-r7
kmod-qca-nss-drv-qdisc - 6.6.53.11.4.0.5.2021.08.17~c4049d1-r7
kmod-qca-nss-drv-vlan-mgr - 6.6.53.11.4.0.5.2021.08.17~c4049d1-r7
kmod-qca-nss-drv-wifi-meshmgr - 6.6.53.11.4.0.5.2021.08.17~c4049d1-r7
kmod-qca-nss-ecm - 6.6.53.12.5.5.2024.09.02~bd5057b-r1
nss-eip-firmware - 2.5.7-r3
nss-firmware-default - 2024.08.04~794fe373-r1
nss-firmware-ipq8074 - 2024.08.04~794fe373-r1
```
Signed-off-by: Sean Khan <datapronix@protonmail.com>
