2 * IP multicast routing support for mrouted 3.6/3.8
4 * (c) 1995 Alan Cox, <alan@redhat.com>
5 * Linux Consultancy and Custom Driver Development
7 * This program is free software; you can redistribute it and/or
8 * modify it under the terms of the GNU General Public License
9 * as published by the Free Software Foundation; either version
10 * 2 of the License, or (at your option) any later version.
12 * Version: $Id: ipmr.c,v 1.65 2001/10/31 21:55:54 davem Exp $
15 * Michael Chastain : Incorrect size of copying.
16 * Alan Cox : Added the cache manager code
17 * Alan Cox : Fixed the clone/copy bug and device race.
18 * Mike McLagan : Routing by source
19 * Malcolm Beattie : Buffer handling fixes.
20 * Alexey Kuznetsov : Double buffer free and other fixes.
21 * SVR Anand : Fixed several multicast bugs and problems.
22 * Alexey Kuznetsov : Status, optimisations and more.
23 * Brad Parker : Better behaviour on mrouted upcall
25 * Carlos Picoto : PIMv1 Support
26 * Pavlin Ivanov Radoslavov: PIMv2 Registers must checksum only PIM header
27 * Relax this requrement to work with older peers.
31 #include <asm/system.h>
32 #include <asm/uaccess.h>
33 #include <linux/types.h>
34 #include <linux/sched.h>
35 #include <linux/capability.h>
36 #include <linux/errno.h>
37 #include <linux/timer.h>
39 #include <linux/kernel.h>
40 #include <linux/fcntl.h>
41 #include <linux/stat.h>
42 #include <linux/socket.h>
44 #include <linux/inet.h>
45 #include <linux/netdevice.h>
46 #include <linux/inetdevice.h>
47 #include <linux/igmp.h>
48 #include <linux/proc_fs.h>
49 #include <linux/seq_file.h>
50 #include <linux/mroute.h>
51 #include <linux/init.h>
52 #include <linux/if_ether.h>
54 #include <net/protocol.h>
55 #include <linux/skbuff.h>
56 #include <net/route.h>
61 #include <linux/notifier.h>
62 #include <linux/if_arp.h>
63 #include <linux/netfilter_ipv4.h>
65 #include <net/checksum.h>
67 #if defined(CONFIG_IP_PIMSM_V1) || defined(CONFIG_IP_PIMSM_V2)
68 #define CONFIG_IP_PIMSM 1
71 static struct sock *mroute_socket;
74 /* Big lock, protecting vif table, mrt cache and mroute socket state.
75 Note that the changes are semaphored via rtnl_lock.
78 static DEFINE_RWLOCK(mrt_lock);
81 * Multicast router control variables
84 static struct vif_device vif_table[MAXVIFS]; /* Devices */
87 #define VIF_EXISTS(idx) (vif_table[idx].dev != NULL)
89 static int mroute_do_assert; /* Set in PIM assert */
90 static int mroute_do_pim;
92 static struct mfc_cache *mfc_cache_array[MFC_LINES]; /* Forwarding cache */
94 static struct mfc_cache *mfc_unres_queue; /* Queue of unresolved entries */
95 static atomic_t cache_resolve_queue_len; /* Size of unresolved */
97 /* Special spinlock for queue of unresolved entries */
98 static DEFINE_SPINLOCK(mfc_unres_lock);
100 /* We return to original Alan's scheme. Hash table of resolved
101 entries is changed only in process context and protected
102 with weak lock mrt_lock. Queue of unresolved entries is protected
103 with strong spinlock mfc_unres_lock.
105 In this case data path is free of exclusive locks at all.
108 static struct kmem_cache *mrt_cachep __read_mostly;
110 static int ip_mr_forward(struct sk_buff *skb, struct mfc_cache *cache, int local);
111 static int ipmr_cache_report(struct sk_buff *pkt, vifi_t vifi, int assert);
112 static int ipmr_fill_mroute(struct sk_buff *skb, struct mfc_cache *c, struct rtmsg *rtm);
114 #ifdef CONFIG_IP_PIMSM_V2
115 static struct net_protocol pim_protocol;
118 static struct timer_list ipmr_expire_timer;
120 /* Service routines creating virtual interfaces: DVMRP tunnels and PIMREG */
123 struct net_device *ipmr_new_tunnel(struct vifctl *v)
125 struct net_device *dev;
127 dev = __dev_get_by_name("tunl0");
133 struct ip_tunnel_parm p;
134 struct in_device *in_dev;
136 memset(&p, 0, sizeof(p));
137 p.iph.daddr = v->vifc_rmt_addr.s_addr;
138 p.iph.saddr = v->vifc_lcl_addr.s_addr;
141 p.iph.protocol = IPPROTO_IPIP;
142 sprintf(p.name, "dvmrp%d", v->vifc_vifi);
143 ifr.ifr_ifru.ifru_data = (void*)&p;
145 oldfs = get_fs(); set_fs(KERNEL_DS);
146 err = dev->do_ioctl(dev, &ifr, SIOCADDTUNNEL);
151 if (err == 0 && (dev = __dev_get_by_name(p.name)) != NULL) {
152 dev->flags |= IFF_MULTICAST;
154 in_dev = __in_dev_get_rtnl(dev);
155 if (in_dev == NULL && (in_dev = inetdev_init(dev)) == NULL)
157 in_dev->cnf.rp_filter = 0;
166 /* allow the register to be completed before unregistering. */
170 unregister_netdevice(dev);
174 #ifdef CONFIG_IP_PIMSM
176 static int reg_vif_num = -1;
178 static int reg_vif_xmit(struct sk_buff *skb, struct net_device *dev)
180 read_lock(&mrt_lock);
181 ((struct net_device_stats*)netdev_priv(dev))->tx_bytes += skb->len;
182 ((struct net_device_stats*)netdev_priv(dev))->tx_packets++;
183 ipmr_cache_report(skb, reg_vif_num, IGMPMSG_WHOLEPKT);
184 read_unlock(&mrt_lock);
189 static struct net_device_stats *reg_vif_get_stats(struct net_device *dev)
191 return (struct net_device_stats*)netdev_priv(dev);
194 static void reg_vif_setup(struct net_device *dev)
196 dev->type = ARPHRD_PIMREG;
197 dev->mtu = ETH_DATA_LEN - sizeof(struct iphdr) - 8;
198 dev->flags = IFF_NOARP;
199 dev->hard_start_xmit = reg_vif_xmit;
200 dev->get_stats = reg_vif_get_stats;
201 dev->destructor = free_netdev;
204 static struct net_device *ipmr_reg_vif(void)
206 struct net_device *dev;
207 struct in_device *in_dev;
209 dev = alloc_netdev(sizeof(struct net_device_stats), "pimreg",
215 if (register_netdevice(dev)) {
221 if ((in_dev = inetdev_init(dev)) == NULL)
224 in_dev->cnf.rp_filter = 0;
232 /* allow the register to be completed before unregistering. */
236 unregister_netdevice(dev);
245 static int vif_delete(int vifi)
247 struct vif_device *v;
248 struct net_device *dev;
249 struct in_device *in_dev;
251 if (vifi < 0 || vifi >= maxvif)
252 return -EADDRNOTAVAIL;
254 v = &vif_table[vifi];
256 write_lock_bh(&mrt_lock);
261 write_unlock_bh(&mrt_lock);
262 return -EADDRNOTAVAIL;
265 #ifdef CONFIG_IP_PIMSM
266 if (vifi == reg_vif_num)
270 if (vifi+1 == maxvif) {
272 for (tmp=vifi-1; tmp>=0; tmp--) {
279 write_unlock_bh(&mrt_lock);
281 dev_set_allmulti(dev, -1);
283 if ((in_dev = __in_dev_get_rtnl(dev)) != NULL) {
284 in_dev->cnf.mc_forwarding--;
285 ip_rt_multicast_event(in_dev);
288 if (v->flags&(VIFF_TUNNEL|VIFF_REGISTER))
289 unregister_netdevice(dev);
295 /* Destroy an unresolved cache entry, killing queued skbs
296 and reporting error to netlink readers.
299 static void ipmr_destroy_unres(struct mfc_cache *c)
304 atomic_dec(&cache_resolve_queue_len);
306 while((skb=skb_dequeue(&c->mfc_un.unres.unresolved))) {
307 if (skb->nh.iph->version == 0) {
308 struct nlmsghdr *nlh = (struct nlmsghdr *)skb_pull(skb, sizeof(struct iphdr));
309 nlh->nlmsg_type = NLMSG_ERROR;
310 nlh->nlmsg_len = NLMSG_LENGTH(sizeof(struct nlmsgerr));
311 skb_trim(skb, nlh->nlmsg_len);
313 e->error = -ETIMEDOUT;
314 memset(&e->msg, 0, sizeof(e->msg));
316 rtnl_unicast(skb, NETLINK_CB(skb).pid);
321 kmem_cache_free(mrt_cachep, c);
325 /* Single timer process for all the unresolved queue. */
327 static void ipmr_expire_process(unsigned long dummy)
330 unsigned long expires;
331 struct mfc_cache *c, **cp;
333 if (!spin_trylock(&mfc_unres_lock)) {
334 mod_timer(&ipmr_expire_timer, jiffies+HZ/10);
338 if (atomic_read(&cache_resolve_queue_len) == 0)
343 cp = &mfc_unres_queue;
345 while ((c=*cp) != NULL) {
346 if (time_after(c->mfc_un.unres.expires, now)) {
347 unsigned long interval = c->mfc_un.unres.expires - now;
348 if (interval < expires)
356 ipmr_destroy_unres(c);
359 if (atomic_read(&cache_resolve_queue_len))
360 mod_timer(&ipmr_expire_timer, jiffies + expires);
363 spin_unlock(&mfc_unres_lock);
366 /* Fill oifs list. It is called under write locked mrt_lock. */
368 static void ipmr_update_thresholds(struct mfc_cache *cache, unsigned char *ttls)
372 cache->mfc_un.res.minvif = MAXVIFS;
373 cache->mfc_un.res.maxvif = 0;
374 memset(cache->mfc_un.res.ttls, 255, MAXVIFS);
376 for (vifi=0; vifi<maxvif; vifi++) {
377 if (VIF_EXISTS(vifi) && ttls[vifi] && ttls[vifi] < 255) {
378 cache->mfc_un.res.ttls[vifi] = ttls[vifi];
379 if (cache->mfc_un.res.minvif > vifi)
380 cache->mfc_un.res.minvif = vifi;
381 if (cache->mfc_un.res.maxvif <= vifi)
382 cache->mfc_un.res.maxvif = vifi + 1;
387 static int vif_add(struct vifctl *vifc, int mrtsock)
389 int vifi = vifc->vifc_vifi;
390 struct vif_device *v = &vif_table[vifi];
391 struct net_device *dev;
392 struct in_device *in_dev;
395 if (VIF_EXISTS(vifi))
398 switch (vifc->vifc_flags) {
399 #ifdef CONFIG_IP_PIMSM
402 * Special Purpose VIF in PIM
403 * All the packets will be sent to the daemon
405 if (reg_vif_num >= 0)
407 dev = ipmr_reg_vif();
413 dev = ipmr_new_tunnel(vifc);
418 dev = ip_dev_find(vifc->vifc_lcl_addr.s_addr);
420 return -EADDRNOTAVAIL;
427 if ((in_dev = __in_dev_get_rtnl(dev)) == NULL)
428 return -EADDRNOTAVAIL;
429 in_dev->cnf.mc_forwarding++;
430 dev_set_allmulti(dev, +1);
431 ip_rt_multicast_event(in_dev);
434 * Fill in the VIF structures
436 v->rate_limit=vifc->vifc_rate_limit;
437 v->local=vifc->vifc_lcl_addr.s_addr;
438 v->remote=vifc->vifc_rmt_addr.s_addr;
439 v->flags=vifc->vifc_flags;
441 v->flags |= VIFF_STATIC;
442 v->threshold=vifc->vifc_threshold;
447 v->link = dev->ifindex;
448 if (v->flags&(VIFF_TUNNEL|VIFF_REGISTER))
449 v->link = dev->iflink;
451 /* And finish update writing critical data */
452 write_lock_bh(&mrt_lock);
455 #ifdef CONFIG_IP_PIMSM
456 if (v->flags&VIFF_REGISTER)
461 write_unlock_bh(&mrt_lock);
465 static struct mfc_cache *ipmr_cache_find(__be32 origin, __be32 mcastgrp)
467 int line=MFC_HASH(mcastgrp,origin);
470 for (c=mfc_cache_array[line]; c; c = c->next) {
471 if (c->mfc_origin==origin && c->mfc_mcastgrp==mcastgrp)
478 * Allocate a multicast cache entry
480 static struct mfc_cache *ipmr_cache_alloc(void)
482 struct mfc_cache *c=kmem_cache_zalloc(mrt_cachep, GFP_KERNEL);
485 c->mfc_un.res.minvif = MAXVIFS;
489 static struct mfc_cache *ipmr_cache_alloc_unres(void)
491 struct mfc_cache *c=kmem_cache_zalloc(mrt_cachep, GFP_ATOMIC);
494 skb_queue_head_init(&c->mfc_un.unres.unresolved);
495 c->mfc_un.unres.expires = jiffies + 10*HZ;
500 * A cache entry has gone into a resolved state from queued
503 static void ipmr_cache_resolve(struct mfc_cache *uc, struct mfc_cache *c)
509 * Play the pending entries through our router
512 while((skb=__skb_dequeue(&uc->mfc_un.unres.unresolved))) {
513 if (skb->nh.iph->version == 0) {
514 struct nlmsghdr *nlh = (struct nlmsghdr *)skb_pull(skb, sizeof(struct iphdr));
516 if (ipmr_fill_mroute(skb, c, NLMSG_DATA(nlh)) > 0) {
517 nlh->nlmsg_len = skb->tail - (u8*)nlh;
519 nlh->nlmsg_type = NLMSG_ERROR;
520 nlh->nlmsg_len = NLMSG_LENGTH(sizeof(struct nlmsgerr));
521 skb_trim(skb, nlh->nlmsg_len);
523 e->error = -EMSGSIZE;
524 memset(&e->msg, 0, sizeof(e->msg));
527 rtnl_unicast(skb, NETLINK_CB(skb).pid);
529 ip_mr_forward(skb, c, 0);
534 * Bounce a cache query up to mrouted. We could use netlink for this but mrouted
535 * expects the following bizarre scheme.
537 * Called under mrt_lock.
540 static int ipmr_cache_report(struct sk_buff *pkt, vifi_t vifi, int assert)
543 int ihl = pkt->nh.iph->ihl<<2;
544 struct igmphdr *igmp;
548 #ifdef CONFIG_IP_PIMSM
549 if (assert == IGMPMSG_WHOLEPKT)
550 skb = skb_realloc_headroom(pkt, sizeof(struct iphdr));
553 skb = alloc_skb(128, GFP_ATOMIC);
558 #ifdef CONFIG_IP_PIMSM
559 if (assert == IGMPMSG_WHOLEPKT) {
560 /* Ugly, but we have no choice with this interface.
561 Duplicate old header, fix ihl, length etc.
562 And all this only to mangle msg->im_msgtype and
563 to set msg->im_mbz to "mbz" :-)
565 msg = (struct igmpmsg*)skb_push(skb, sizeof(struct iphdr));
566 skb->nh.raw = skb->h.raw = (u8*)msg;
567 memcpy(msg, pkt->nh.raw, sizeof(struct iphdr));
568 msg->im_msgtype = IGMPMSG_WHOLEPKT;
570 msg->im_vif = reg_vif_num;
571 skb->nh.iph->ihl = sizeof(struct iphdr) >> 2;
572 skb->nh.iph->tot_len = htons(ntohs(pkt->nh.iph->tot_len) + sizeof(struct iphdr));
581 skb->nh.iph = (struct iphdr *)skb_put(skb, ihl);
582 memcpy(skb->data,pkt->data,ihl);
583 skb->nh.iph->protocol = 0; /* Flag to the kernel this is a route add */
584 msg = (struct igmpmsg*)skb->nh.iph;
586 skb->dst = dst_clone(pkt->dst);
592 igmp=(struct igmphdr *)skb_put(skb,sizeof(struct igmphdr));
594 msg->im_msgtype = assert;
596 skb->nh.iph->tot_len=htons(skb->len); /* Fix the length */
597 skb->h.raw = skb->nh.raw;
600 if (mroute_socket == NULL) {
608 if ((ret=sock_queue_rcv_skb(mroute_socket,skb))<0) {
610 printk(KERN_WARNING "mroute: pending queue full, dropping entries.\n");
618 * Queue a packet for resolution. It gets locked cache entry!
622 ipmr_cache_unresolved(vifi_t vifi, struct sk_buff *skb)
627 spin_lock_bh(&mfc_unres_lock);
628 for (c=mfc_unres_queue; c; c=c->next) {
629 if (c->mfc_mcastgrp == skb->nh.iph->daddr &&
630 c->mfc_origin == skb->nh.iph->saddr)
636 * Create a new entry if allowable
639 if (atomic_read(&cache_resolve_queue_len)>=10 ||
640 (c=ipmr_cache_alloc_unres())==NULL) {
641 spin_unlock_bh(&mfc_unres_lock);
648 * Fill in the new cache entry
651 c->mfc_origin=skb->nh.iph->saddr;
652 c->mfc_mcastgrp=skb->nh.iph->daddr;
655 * Reflect first query at mrouted.
657 if ((err = ipmr_cache_report(skb, vifi, IGMPMSG_NOCACHE))<0) {
658 /* If the report failed throw the cache entry
661 spin_unlock_bh(&mfc_unres_lock);
663 kmem_cache_free(mrt_cachep, c);
668 atomic_inc(&cache_resolve_queue_len);
669 c->next = mfc_unres_queue;
672 mod_timer(&ipmr_expire_timer, c->mfc_un.unres.expires);
676 * See if we can append the packet
678 if (c->mfc_un.unres.unresolved.qlen>3) {
682 skb_queue_tail(&c->mfc_un.unres.unresolved,skb);
686 spin_unlock_bh(&mfc_unres_lock);
691 * MFC cache manipulation by user space mroute daemon
694 static int ipmr_mfc_delete(struct mfcctl *mfc)
697 struct mfc_cache *c, **cp;
699 line=MFC_HASH(mfc->mfcc_mcastgrp.s_addr, mfc->mfcc_origin.s_addr);
701 for (cp=&mfc_cache_array[line]; (c=*cp) != NULL; cp = &c->next) {
702 if (c->mfc_origin == mfc->mfcc_origin.s_addr &&
703 c->mfc_mcastgrp == mfc->mfcc_mcastgrp.s_addr) {
704 write_lock_bh(&mrt_lock);
706 write_unlock_bh(&mrt_lock);
708 kmem_cache_free(mrt_cachep, c);
715 static int ipmr_mfc_add(struct mfcctl *mfc, int mrtsock)
718 struct mfc_cache *uc, *c, **cp;
720 line=MFC_HASH(mfc->mfcc_mcastgrp.s_addr, mfc->mfcc_origin.s_addr);
722 for (cp=&mfc_cache_array[line]; (c=*cp) != NULL; cp = &c->next) {
723 if (c->mfc_origin == mfc->mfcc_origin.s_addr &&
724 c->mfc_mcastgrp == mfc->mfcc_mcastgrp.s_addr)
729 write_lock_bh(&mrt_lock);
730 c->mfc_parent = mfc->mfcc_parent;
731 ipmr_update_thresholds(c, mfc->mfcc_ttls);
733 c->mfc_flags |= MFC_STATIC;
734 write_unlock_bh(&mrt_lock);
738 if(!MULTICAST(mfc->mfcc_mcastgrp.s_addr))
741 c=ipmr_cache_alloc();
745 c->mfc_origin=mfc->mfcc_origin.s_addr;
746 c->mfc_mcastgrp=mfc->mfcc_mcastgrp.s_addr;
747 c->mfc_parent=mfc->mfcc_parent;
748 ipmr_update_thresholds(c, mfc->mfcc_ttls);
750 c->mfc_flags |= MFC_STATIC;
752 write_lock_bh(&mrt_lock);
753 c->next = mfc_cache_array[line];
754 mfc_cache_array[line] = c;
755 write_unlock_bh(&mrt_lock);
758 * Check to see if we resolved a queued list. If so we
759 * need to send on the frames and tidy up.
761 spin_lock_bh(&mfc_unres_lock);
762 for (cp = &mfc_unres_queue; (uc=*cp) != NULL;
764 if (uc->mfc_origin == c->mfc_origin &&
765 uc->mfc_mcastgrp == c->mfc_mcastgrp) {
767 if (atomic_dec_and_test(&cache_resolve_queue_len))
768 del_timer(&ipmr_expire_timer);
772 spin_unlock_bh(&mfc_unres_lock);
775 ipmr_cache_resolve(uc, c);
776 kmem_cache_free(mrt_cachep, uc);
782 * Close the multicast socket, and clear the vif tables etc
785 static void mroute_clean_tables(struct sock *sk)
790 * Shut down all active vif entries
792 for(i=0; i<maxvif; i++) {
793 if (!(vif_table[i].flags&VIFF_STATIC))
800 for (i=0;i<MFC_LINES;i++) {
801 struct mfc_cache *c, **cp;
803 cp = &mfc_cache_array[i];
804 while ((c = *cp) != NULL) {
805 if (c->mfc_flags&MFC_STATIC) {
809 write_lock_bh(&mrt_lock);
811 write_unlock_bh(&mrt_lock);
813 kmem_cache_free(mrt_cachep, c);
817 if (atomic_read(&cache_resolve_queue_len) != 0) {
820 spin_lock_bh(&mfc_unres_lock);
821 while (mfc_unres_queue != NULL) {
823 mfc_unres_queue = c->next;
824 spin_unlock_bh(&mfc_unres_lock);
826 ipmr_destroy_unres(c);
828 spin_lock_bh(&mfc_unres_lock);
830 spin_unlock_bh(&mfc_unres_lock);
834 static void mrtsock_destruct(struct sock *sk)
837 if (sk == mroute_socket) {
838 ipv4_devconf.mc_forwarding--;
840 write_lock_bh(&mrt_lock);
842 write_unlock_bh(&mrt_lock);
844 mroute_clean_tables(sk);
850 * Socket options and virtual interface manipulation. The whole
851 * virtual interface system is a complete heap, but unfortunately
852 * that's how BSD mrouted happens to think. Maybe one day with a proper
853 * MOSPF/PIM router set up we can clean this up.
856 int ip_mroute_setsockopt(struct sock *sk,int optname,char __user *optval,int optlen)
862 if(optname!=MRT_INIT)
864 if(sk!=mroute_socket && !capable(CAP_NET_ADMIN))
871 if (sk->sk_type != SOCK_RAW ||
872 inet_sk(sk)->num != IPPROTO_IGMP)
874 if(optlen!=sizeof(int))
883 ret = ip_ra_control(sk, 1, mrtsock_destruct);
885 write_lock_bh(&mrt_lock);
887 write_unlock_bh(&mrt_lock);
889 ipv4_devconf.mc_forwarding++;
894 if (sk!=mroute_socket)
896 return ip_ra_control(sk, 0, NULL);
899 if(optlen!=sizeof(vif))
901 if (copy_from_user(&vif,optval,sizeof(vif)))
903 if(vif.vifc_vifi >= MAXVIFS)
906 if (optname==MRT_ADD_VIF) {
907 ret = vif_add(&vif, sk==mroute_socket);
909 ret = vif_delete(vif.vifc_vifi);
915 * Manipulate the forwarding caches. These live
916 * in a sort of kernel/user symbiosis.
920 if(optlen!=sizeof(mfc))
922 if (copy_from_user(&mfc,optval, sizeof(mfc)))
925 if (optname==MRT_DEL_MFC)
926 ret = ipmr_mfc_delete(&mfc);
928 ret = ipmr_mfc_add(&mfc, sk==mroute_socket);
932 * Control PIM assert.
937 if(get_user(v,(int __user *)optval))
939 mroute_do_assert=(v)?1:0;
942 #ifdef CONFIG_IP_PIMSM
946 if(get_user(v,(int __user *)optval))
951 if (v != mroute_do_pim) {
953 mroute_do_assert = v;
954 #ifdef CONFIG_IP_PIMSM_V2
956 ret = inet_add_protocol(&pim_protocol,
959 ret = inet_del_protocol(&pim_protocol,
970 * Spurious command, or MRT_VERSION which you cannot
979 * Getsock opt support for the multicast routing system.
982 int ip_mroute_getsockopt(struct sock *sk,int optname,char __user *optval,int __user *optlen)
987 if(optname!=MRT_VERSION &&
988 #ifdef CONFIG_IP_PIMSM
994 if (get_user(olr, optlen))
997 olr = min_t(unsigned int, olr, sizeof(int));
1001 if(put_user(olr,optlen))
1003 if(optname==MRT_VERSION)
1005 #ifdef CONFIG_IP_PIMSM
1006 else if(optname==MRT_PIM)
1010 val=mroute_do_assert;
1011 if(copy_to_user(optval,&val,olr))
1017 * The IP multicast ioctl support routines.
1020 int ipmr_ioctl(struct sock *sk, int cmd, void __user *arg)
1022 struct sioc_sg_req sr;
1023 struct sioc_vif_req vr;
1024 struct vif_device *vif;
1025 struct mfc_cache *c;
1030 if (copy_from_user(&vr,arg,sizeof(vr)))
1034 read_lock(&mrt_lock);
1035 vif=&vif_table[vr.vifi];
1036 if(VIF_EXISTS(vr.vifi)) {
1037 vr.icount=vif->pkt_in;
1038 vr.ocount=vif->pkt_out;
1039 vr.ibytes=vif->bytes_in;
1040 vr.obytes=vif->bytes_out;
1041 read_unlock(&mrt_lock);
1043 if (copy_to_user(arg,&vr,sizeof(vr)))
1047 read_unlock(&mrt_lock);
1048 return -EADDRNOTAVAIL;
1050 if (copy_from_user(&sr,arg,sizeof(sr)))
1053 read_lock(&mrt_lock);
1054 c = ipmr_cache_find(sr.src.s_addr, sr.grp.s_addr);
1056 sr.pktcnt = c->mfc_un.res.pkt;
1057 sr.bytecnt = c->mfc_un.res.bytes;
1058 sr.wrong_if = c->mfc_un.res.wrong_if;
1059 read_unlock(&mrt_lock);
1061 if (copy_to_user(arg,&sr,sizeof(sr)))
1065 read_unlock(&mrt_lock);
1066 return -EADDRNOTAVAIL;
1068 return -ENOIOCTLCMD;
1073 static int ipmr_device_event(struct notifier_block *this, unsigned long event, void *ptr)
1075 struct vif_device *v;
1077 if (event != NETDEV_UNREGISTER)
1080 for(ct=0;ct<maxvif;ct++,v++) {
1088 static struct notifier_block ip_mr_notifier={
1089 .notifier_call = ipmr_device_event,
1093 * Encapsulate a packet by attaching a valid IPIP header to it.
1094 * This avoids tunnel drivers and other mess and gives us the speed so
1095 * important for multicast video.
1098 static void ip_encap(struct sk_buff *skb, __be32 saddr, __be32 daddr)
1100 struct iphdr *iph = (struct iphdr *)skb_push(skb,sizeof(struct iphdr));
1103 iph->tos = skb->nh.iph->tos;
1104 iph->ttl = skb->nh.iph->ttl;
1108 iph->protocol = IPPROTO_IPIP;
1110 iph->tot_len = htons(skb->len);
1111 ip_select_ident(iph, skb->dst, NULL);
1114 skb->h.ipiph = skb->nh.iph;
1116 memset(&(IPCB(skb)->opt), 0, sizeof(IPCB(skb)->opt));
1120 static inline int ipmr_forward_finish(struct sk_buff *skb)
1122 struct ip_options * opt = &(IPCB(skb)->opt);
1124 IP_INC_STATS_BH(IPSTATS_MIB_OUTFORWDATAGRAMS);
1126 if (unlikely(opt->optlen))
1127 ip_forward_options(skb);
1129 return dst_output(skb);
1133 * Processing handlers for ipmr_forward
1136 static void ipmr_queue_xmit(struct sk_buff *skb, struct mfc_cache *c, int vifi)
1138 struct iphdr *iph = skb->nh.iph;
1139 struct vif_device *vif = &vif_table[vifi];
1140 struct net_device *dev;
1144 if (vif->dev == NULL)
1147 #ifdef CONFIG_IP_PIMSM
1148 if (vif->flags & VIFF_REGISTER) {
1150 vif->bytes_out+=skb->len;
1151 ((struct net_device_stats*)netdev_priv(vif->dev))->tx_bytes += skb->len;
1152 ((struct net_device_stats*)netdev_priv(vif->dev))->tx_packets++;
1153 ipmr_cache_report(skb, vifi, IGMPMSG_WHOLEPKT);
1159 if (vif->flags&VIFF_TUNNEL) {
1160 struct flowi fl = { .oif = vif->link,
1162 { .daddr = vif->remote,
1163 .saddr = vif->local,
1164 .tos = RT_TOS(iph->tos) } },
1165 .proto = IPPROTO_IPIP };
1166 if (ip_route_output_key(&rt, &fl))
1168 encap = sizeof(struct iphdr);
1170 struct flowi fl = { .oif = vif->link,
1172 { .daddr = iph->daddr,
1173 .tos = RT_TOS(iph->tos) } },
1174 .proto = IPPROTO_IPIP };
1175 if (ip_route_output_key(&rt, &fl))
1179 dev = rt->u.dst.dev;
1181 if (skb->len+encap > dst_mtu(&rt->u.dst) && (ntohs(iph->frag_off) & IP_DF)) {
1182 /* Do not fragment multicasts. Alas, IPv4 does not
1183 allow to send ICMP, so that packets will disappear
1187 IP_INC_STATS_BH(IPSTATS_MIB_FRAGFAILS);
1192 encap += LL_RESERVED_SPACE(dev) + rt->u.dst.header_len;
1194 if (skb_cow(skb, encap)) {
1200 vif->bytes_out+=skb->len;
1202 dst_release(skb->dst);
1203 skb->dst = &rt->u.dst;
1205 ip_decrease_ttl(iph);
1207 /* FIXME: forward and output firewalls used to be called here.
1208 * What do we do with netfilter? -- RR */
1209 if (vif->flags & VIFF_TUNNEL) {
1210 ip_encap(skb, vif->local, vif->remote);
1211 /* FIXME: extra output firewall step used to be here. --RR */
1212 ((struct ip_tunnel *)netdev_priv(vif->dev))->stat.tx_packets++;
1213 ((struct ip_tunnel *)netdev_priv(vif->dev))->stat.tx_bytes+=skb->len;
1216 IPCB(skb)->flags |= IPSKB_FORWARDED;
1219 * RFC1584 teaches, that DVMRP/PIM router must deliver packets locally
1220 * not only before forwarding, but after forwarding on all output
1221 * interfaces. It is clear, if mrouter runs a multicasting
1222 * program, it should receive packets not depending to what interface
1223 * program is joined.
1224 * If we will not make it, the program will have to join on all
1225 * interfaces. On the other hand, multihoming host (or router, but
1226 * not mrouter) cannot join to more than one interface - it will
1227 * result in receiving multiple packets.
1229 NF_HOOK(PF_INET, NF_IP_FORWARD, skb, skb->dev, dev,
1230 ipmr_forward_finish);
1238 static int ipmr_find_vif(struct net_device *dev)
1241 for (ct=maxvif-1; ct>=0; ct--) {
1242 if (vif_table[ct].dev == dev)
1248 /* "local" means that we should preserve one skb (for local delivery) */
1250 static int ip_mr_forward(struct sk_buff *skb, struct mfc_cache *cache, int local)
1255 vif = cache->mfc_parent;
1256 cache->mfc_un.res.pkt++;
1257 cache->mfc_un.res.bytes += skb->len;
1260 * Wrong interface: drop packet and (maybe) send PIM assert.
1262 if (vif_table[vif].dev != skb->dev) {
1265 if (((struct rtable*)skb->dst)->fl.iif == 0) {
1266 /* It is our own packet, looped back.
1267 Very complicated situation...
1269 The best workaround until routing daemons will be
1270 fixed is not to redistribute packet, if it was
1271 send through wrong interface. It means, that
1272 multicast applications WILL NOT work for
1273 (S,G), which have default multicast route pointing
1274 to wrong oif. In any case, it is not a good
1275 idea to use multicasting applications on router.
1280 cache->mfc_un.res.wrong_if++;
1281 true_vifi = ipmr_find_vif(skb->dev);
1283 if (true_vifi >= 0 && mroute_do_assert &&
1284 /* pimsm uses asserts, when switching from RPT to SPT,
1285 so that we cannot check that packet arrived on an oif.
1286 It is bad, but otherwise we would need to move pretty
1287 large chunk of pimd to kernel. Ough... --ANK
1289 (mroute_do_pim || cache->mfc_un.res.ttls[true_vifi] < 255) &&
1291 cache->mfc_un.res.last_assert + MFC_ASSERT_THRESH)) {
1292 cache->mfc_un.res.last_assert = jiffies;
1293 ipmr_cache_report(skb, true_vifi, IGMPMSG_WRONGVIF);
1298 vif_table[vif].pkt_in++;
1299 vif_table[vif].bytes_in+=skb->len;
1304 for (ct = cache->mfc_un.res.maxvif-1; ct >= cache->mfc_un.res.minvif; ct--) {
1305 if (skb->nh.iph->ttl > cache->mfc_un.res.ttls[ct]) {
1307 struct sk_buff *skb2 = skb_clone(skb, GFP_ATOMIC);
1309 ipmr_queue_xmit(skb2, cache, psend);
1316 struct sk_buff *skb2 = skb_clone(skb, GFP_ATOMIC);
1318 ipmr_queue_xmit(skb2, cache, psend);
1320 ipmr_queue_xmit(skb, cache, psend);
1333 * Multicast packets for forwarding arrive here
1336 int ip_mr_input(struct sk_buff *skb)
1338 struct mfc_cache *cache;
1339 int local = ((struct rtable*)skb->dst)->rt_flags&RTCF_LOCAL;
1341 /* Packet is looped back after forward, it should not be
1342 forwarded second time, but still can be delivered locally.
1344 if (IPCB(skb)->flags&IPSKB_FORWARDED)
1348 if (IPCB(skb)->opt.router_alert) {
1349 if (ip_call_ra_chain(skb))
1351 } else if (skb->nh.iph->protocol == IPPROTO_IGMP){
1352 /* IGMPv1 (and broken IGMPv2 implementations sort of
1353 Cisco IOS <= 11.2(8)) do not put router alert
1354 option to IGMP packets destined to routable
1355 groups. It is very bad, because it means
1356 that we can forward NO IGMP messages.
1358 read_lock(&mrt_lock);
1359 if (mroute_socket) {
1361 raw_rcv(mroute_socket, skb);
1362 read_unlock(&mrt_lock);
1365 read_unlock(&mrt_lock);
1369 read_lock(&mrt_lock);
1370 cache = ipmr_cache_find(skb->nh.iph->saddr, skb->nh.iph->daddr);
1373 * No usable cache entry
1379 struct sk_buff *skb2 = skb_clone(skb, GFP_ATOMIC);
1380 ip_local_deliver(skb);
1382 read_unlock(&mrt_lock);
1388 vif = ipmr_find_vif(skb->dev);
1390 int err = ipmr_cache_unresolved(vif, skb);
1391 read_unlock(&mrt_lock);
1395 read_unlock(&mrt_lock);
1400 ip_mr_forward(skb, cache, local);
1402 read_unlock(&mrt_lock);
1405 return ip_local_deliver(skb);
1411 return ip_local_deliver(skb);
1416 #ifdef CONFIG_IP_PIMSM_V1
1418 * Handle IGMP messages of PIMv1
1421 int pim_rcv_v1(struct sk_buff * skb)
1423 struct igmphdr *pim;
1424 struct iphdr *encap;
1425 struct net_device *reg_dev = NULL;
1427 if (!pskb_may_pull(skb, sizeof(*pim) + sizeof(*encap)))
1430 pim = (struct igmphdr*)skb->h.raw;
1432 if (!mroute_do_pim ||
1433 skb->len < sizeof(*pim) + sizeof(*encap) ||
1434 pim->group != PIM_V1_VERSION || pim->code != PIM_V1_REGISTER)
1437 encap = (struct iphdr*)(skb->h.raw + sizeof(struct igmphdr));
1440 a. packet is really destinted to a multicast group
1441 b. packet is not a NULL-REGISTER
1442 c. packet is not truncated
1444 if (!MULTICAST(encap->daddr) ||
1445 encap->tot_len == 0 ||
1446 ntohs(encap->tot_len) + sizeof(*pim) > skb->len)
1449 read_lock(&mrt_lock);
1450 if (reg_vif_num >= 0)
1451 reg_dev = vif_table[reg_vif_num].dev;
1454 read_unlock(&mrt_lock);
1456 if (reg_dev == NULL)
1459 skb->mac.raw = skb->nh.raw;
1460 skb_pull(skb, (u8*)encap - skb->data);
1461 skb->nh.iph = (struct iphdr *)skb->data;
1463 skb->protocol = htons(ETH_P_IP);
1465 skb->pkt_type = PACKET_HOST;
1466 dst_release(skb->dst);
1468 ((struct net_device_stats*)netdev_priv(reg_dev))->rx_bytes += skb->len;
1469 ((struct net_device_stats*)netdev_priv(reg_dev))->rx_packets++;
1480 #ifdef CONFIG_IP_PIMSM_V2
1481 static int pim_rcv(struct sk_buff * skb)
1483 struct pimreghdr *pim;
1484 struct iphdr *encap;
1485 struct net_device *reg_dev = NULL;
1487 if (!pskb_may_pull(skb, sizeof(*pim) + sizeof(*encap)))
1490 pim = (struct pimreghdr*)skb->h.raw;
1491 if (pim->type != ((PIM_VERSION<<4)|(PIM_REGISTER)) ||
1492 (pim->flags&PIM_NULL_REGISTER) ||
1493 (ip_compute_csum((void *)pim, sizeof(*pim)) != 0 &&
1494 csum_fold(skb_checksum(skb, 0, skb->len, 0))))
1497 /* check if the inner packet is destined to mcast group */
1498 encap = (struct iphdr*)(skb->h.raw + sizeof(struct pimreghdr));
1499 if (!MULTICAST(encap->daddr) ||
1500 encap->tot_len == 0 ||
1501 ntohs(encap->tot_len) + sizeof(*pim) > skb->len)
1504 read_lock(&mrt_lock);
1505 if (reg_vif_num >= 0)
1506 reg_dev = vif_table[reg_vif_num].dev;
1509 read_unlock(&mrt_lock);
1511 if (reg_dev == NULL)
1514 skb->mac.raw = skb->nh.raw;
1515 skb_pull(skb, (u8*)encap - skb->data);
1516 skb->nh.iph = (struct iphdr *)skb->data;
1518 skb->protocol = htons(ETH_P_IP);
1520 skb->pkt_type = PACKET_HOST;
1521 dst_release(skb->dst);
1522 ((struct net_device_stats*)netdev_priv(reg_dev))->rx_bytes += skb->len;
1523 ((struct net_device_stats*)netdev_priv(reg_dev))->rx_packets++;
1536 ipmr_fill_mroute(struct sk_buff *skb, struct mfc_cache *c, struct rtmsg *rtm)
1539 struct rtnexthop *nhp;
1540 struct net_device *dev = vif_table[c->mfc_parent].dev;
1542 struct rtattr *mp_head;
1545 RTA_PUT(skb, RTA_IIF, 4, &dev->ifindex);
1547 mp_head = (struct rtattr*)skb_put(skb, RTA_LENGTH(0));
1549 for (ct = c->mfc_un.res.minvif; ct < c->mfc_un.res.maxvif; ct++) {
1550 if (c->mfc_un.res.ttls[ct] < 255) {
1551 if (skb_tailroom(skb) < RTA_ALIGN(RTA_ALIGN(sizeof(*nhp)) + 4))
1552 goto rtattr_failure;
1553 nhp = (struct rtnexthop*)skb_put(skb, RTA_ALIGN(sizeof(*nhp)));
1554 nhp->rtnh_flags = 0;
1555 nhp->rtnh_hops = c->mfc_un.res.ttls[ct];
1556 nhp->rtnh_ifindex = vif_table[ct].dev->ifindex;
1557 nhp->rtnh_len = sizeof(*nhp);
1560 mp_head->rta_type = RTA_MULTIPATH;
1561 mp_head->rta_len = skb->tail - (u8*)mp_head;
1562 rtm->rtm_type = RTN_MULTICAST;
1566 skb_trim(skb, b - skb->data);
1570 int ipmr_get_route(struct sk_buff *skb, struct rtmsg *rtm, int nowait)
1573 struct mfc_cache *cache;
1574 struct rtable *rt = (struct rtable*)skb->dst;
1576 read_lock(&mrt_lock);
1577 cache = ipmr_cache_find(rt->rt_src, rt->rt_dst);
1580 struct sk_buff *skb2;
1581 struct net_device *dev;
1585 read_unlock(&mrt_lock);
1590 if (dev == NULL || (vif = ipmr_find_vif(dev)) < 0) {
1591 read_unlock(&mrt_lock);
1594 skb2 = skb_clone(skb, GFP_ATOMIC);
1596 read_unlock(&mrt_lock);
1600 skb2->nh.raw = skb_push(skb2, sizeof(struct iphdr));
1601 skb2->nh.iph->ihl = sizeof(struct iphdr)>>2;
1602 skb2->nh.iph->saddr = rt->rt_src;
1603 skb2->nh.iph->daddr = rt->rt_dst;
1604 skb2->nh.iph->version = 0;
1605 err = ipmr_cache_unresolved(vif, skb2);
1606 read_unlock(&mrt_lock);
1610 if (!nowait && (rtm->rtm_flags&RTM_F_NOTIFY))
1611 cache->mfc_flags |= MFC_NOTIFY;
1612 err = ipmr_fill_mroute(skb, cache, rtm);
1613 read_unlock(&mrt_lock);
1617 #ifdef CONFIG_PROC_FS
1619 * The /proc interfaces to multicast routing /proc/ip_mr_cache /proc/ip_mr_vif
1621 struct ipmr_vif_iter {
1625 static struct vif_device *ipmr_vif_seq_idx(struct ipmr_vif_iter *iter,
1628 for (iter->ct = 0; iter->ct < maxvif; ++iter->ct) {
1629 if(!VIF_EXISTS(iter->ct))
1632 return &vif_table[iter->ct];
1637 static void *ipmr_vif_seq_start(struct seq_file *seq, loff_t *pos)
1639 read_lock(&mrt_lock);
1640 return *pos ? ipmr_vif_seq_idx(seq->private, *pos - 1)
1644 static void *ipmr_vif_seq_next(struct seq_file *seq, void *v, loff_t *pos)
1646 struct ipmr_vif_iter *iter = seq->private;
1649 if (v == SEQ_START_TOKEN)
1650 return ipmr_vif_seq_idx(iter, 0);
1652 while (++iter->ct < maxvif) {
1653 if(!VIF_EXISTS(iter->ct))
1655 return &vif_table[iter->ct];
1660 static void ipmr_vif_seq_stop(struct seq_file *seq, void *v)
1662 read_unlock(&mrt_lock);
1665 static int ipmr_vif_seq_show(struct seq_file *seq, void *v)
1667 if (v == SEQ_START_TOKEN) {
1669 "Interface BytesIn PktsIn BytesOut PktsOut Flags Local Remote\n");
1671 const struct vif_device *vif = v;
1672 const char *name = vif->dev ? vif->dev->name : "none";
1675 "%2Zd %-10s %8ld %7ld %8ld %7ld %05X %08X %08X\n",
1677 name, vif->bytes_in, vif->pkt_in,
1678 vif->bytes_out, vif->pkt_out,
1679 vif->flags, vif->local, vif->remote);
1684 static struct seq_operations ipmr_vif_seq_ops = {
1685 .start = ipmr_vif_seq_start,
1686 .next = ipmr_vif_seq_next,
1687 .stop = ipmr_vif_seq_stop,
1688 .show = ipmr_vif_seq_show,
1691 static int ipmr_vif_open(struct inode *inode, struct file *file)
1693 struct seq_file *seq;
1695 struct ipmr_vif_iter *s = kmalloc(sizeof(*s), GFP_KERNEL);
1700 rc = seq_open(file, &ipmr_vif_seq_ops);
1705 seq = file->private_data;
1715 static struct file_operations ipmr_vif_fops = {
1716 .owner = THIS_MODULE,
1717 .open = ipmr_vif_open,
1719 .llseek = seq_lseek,
1720 .release = seq_release_private,
1723 struct ipmr_mfc_iter {
1724 struct mfc_cache **cache;
1729 static struct mfc_cache *ipmr_mfc_seq_idx(struct ipmr_mfc_iter *it, loff_t pos)
1731 struct mfc_cache *mfc;
1733 it->cache = mfc_cache_array;
1734 read_lock(&mrt_lock);
1735 for (it->ct = 0; it->ct < MFC_LINES; it->ct++)
1736 for(mfc = mfc_cache_array[it->ct]; mfc; mfc = mfc->next)
1739 read_unlock(&mrt_lock);
1741 it->cache = &mfc_unres_queue;
1742 spin_lock_bh(&mfc_unres_lock);
1743 for(mfc = mfc_unres_queue; mfc; mfc = mfc->next)
1746 spin_unlock_bh(&mfc_unres_lock);
1753 static void *ipmr_mfc_seq_start(struct seq_file *seq, loff_t *pos)
1755 struct ipmr_mfc_iter *it = seq->private;
1758 return *pos ? ipmr_mfc_seq_idx(seq->private, *pos - 1)
1762 static void *ipmr_mfc_seq_next(struct seq_file *seq, void *v, loff_t *pos)
1764 struct mfc_cache *mfc = v;
1765 struct ipmr_mfc_iter *it = seq->private;
1769 if (v == SEQ_START_TOKEN)
1770 return ipmr_mfc_seq_idx(seq->private, 0);
1775 if (it->cache == &mfc_unres_queue)
1778 BUG_ON(it->cache != mfc_cache_array);
1780 while (++it->ct < MFC_LINES) {
1781 mfc = mfc_cache_array[it->ct];
1786 /* exhausted cache_array, show unresolved */
1787 read_unlock(&mrt_lock);
1788 it->cache = &mfc_unres_queue;
1791 spin_lock_bh(&mfc_unres_lock);
1792 mfc = mfc_unres_queue;
1797 spin_unlock_bh(&mfc_unres_lock);
1803 static void ipmr_mfc_seq_stop(struct seq_file *seq, void *v)
1805 struct ipmr_mfc_iter *it = seq->private;
1807 if (it->cache == &mfc_unres_queue)
1808 spin_unlock_bh(&mfc_unres_lock);
1809 else if (it->cache == mfc_cache_array)
1810 read_unlock(&mrt_lock);
1813 static int ipmr_mfc_seq_show(struct seq_file *seq, void *v)
1817 if (v == SEQ_START_TOKEN) {
1819 "Group Origin Iif Pkts Bytes Wrong Oifs\n");
1821 const struct mfc_cache *mfc = v;
1822 const struct ipmr_mfc_iter *it = seq->private;
1824 seq_printf(seq, "%08lX %08lX %-3d %8ld %8ld %8ld",
1825 (unsigned long) mfc->mfc_mcastgrp,
1826 (unsigned long) mfc->mfc_origin,
1828 mfc->mfc_un.res.pkt,
1829 mfc->mfc_un.res.bytes,
1830 mfc->mfc_un.res.wrong_if);
1832 if (it->cache != &mfc_unres_queue) {
1833 for(n = mfc->mfc_un.res.minvif;
1834 n < mfc->mfc_un.res.maxvif; n++ ) {
1836 && mfc->mfc_un.res.ttls[n] < 255)
1839 n, mfc->mfc_un.res.ttls[n]);
1842 seq_putc(seq, '\n');
1847 static struct seq_operations ipmr_mfc_seq_ops = {
1848 .start = ipmr_mfc_seq_start,
1849 .next = ipmr_mfc_seq_next,
1850 .stop = ipmr_mfc_seq_stop,
1851 .show = ipmr_mfc_seq_show,
1854 static int ipmr_mfc_open(struct inode *inode, struct file *file)
1856 struct seq_file *seq;
1858 struct ipmr_mfc_iter *s = kmalloc(sizeof(*s), GFP_KERNEL);
1863 rc = seq_open(file, &ipmr_mfc_seq_ops);
1867 seq = file->private_data;
1877 static struct file_operations ipmr_mfc_fops = {
1878 .owner = THIS_MODULE,
1879 .open = ipmr_mfc_open,
1881 .llseek = seq_lseek,
1882 .release = seq_release_private,
1886 #ifdef CONFIG_IP_PIMSM_V2
1887 static struct net_protocol pim_protocol = {
1894 * Setup for IP multicast routing
1897 void __init ip_mr_init(void)
1899 mrt_cachep = kmem_cache_create("ip_mrt_cache",
1900 sizeof(struct mfc_cache),
1901 0, SLAB_HWCACHE_ALIGN|SLAB_PANIC,
1903 init_timer(&ipmr_expire_timer);
1904 ipmr_expire_timer.function=ipmr_expire_process;
1905 register_netdevice_notifier(&ip_mr_notifier);
1906 #ifdef CONFIG_PROC_FS
1907 proc_net_fops_create("ip_mr_vif", 0, &ipmr_vif_fops);
1908 proc_net_fops_create("ip_mr_cache", 0, &ipmr_mfc_fops);
git.openpandora.org / pandora-kernel.git / blob