Patch "bridge: Add extack warning when enabling STP in netns." has been added to the 5.15-stable tree

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



This is a note to let you know that I've just added the patch titled

    bridge: Add extack warning when enabling STP in netns.

to the 5.15-stable tree which can be found at:
    http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary

The filename of the patch is:
     bridge-add-extack-warning-when-enabling-stp-in-netns.patch
and it can be found in the queue-5.15 subdirectory.

If you, or anyone else, feels it should not be added to the stable tree,
please let <stable@xxxxxxxxxxxxxxx> know about it.



commit 03d3dddbbcfa6e8eebf8989e2fda7ab701b7ee4c
Author: Kuniyuki Iwashima <kuniyu@xxxxxxxxxx>
Date:   Wed Jul 12 08:44:49 2023 -0700

    bridge: Add extack warning when enabling STP in netns.
    
    [ Upstream commit 56a16035bb6effb37177867cea94c13a8382f745 ]
    
    When we create an L2 loop on a bridge in netns, we will see packets storm
    even if STP is enabled.
    
      # unshare -n
      # ip link add br0 type bridge
      # ip link add veth0 type veth peer name veth1
      # ip link set veth0 master br0 up
      # ip link set veth1 master br0 up
      # ip link set br0 type bridge stp_state 1
      # ip link set br0 up
      # sleep 30
      # ip -s link show br0
      2: br0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP mode DEFAULT group default qlen 1000
          link/ether b6:61:98:1c:1c:b5 brd ff:ff:ff:ff:ff:ff
          RX: bytes  packets  errors  dropped missed  mcast
          956553768  12861249 0       0       0       12861249  <-. Keep
          TX: bytes  packets  errors  dropped carrier collsns     |  increasing
          1027834    11951    0       0       0       0         <-'   rapidly
    
    This is because llc_rcv() drops all packets in non-root netns and BPDU
    is dropped.
    
    Let's add extack warning when enabling STP in netns.
    
      # unshare -n
      # ip link add br0 type bridge
      # ip link set br0 type bridge stp_state 1
      Warning: bridge: STP does not work in non-root netns.
    
    Note this commit will be reverted later when we namespacify the whole LLC
    infra.
    
    Fixes: e730c15519d0 ("[NET]: Make packet reception network namespace safe")
    Suggested-by: Harry Coin <hcoin@xxxxxxxxxxxxxxxxx>
    Link: https://lore.kernel.org/netdev/0f531295-e289-022d-5add-5ceffa0df9bc@xxxxxxxxxxxxxxxxx/
    Suggested-by: Ido Schimmel <idosch@xxxxxxxxxx>
    Signed-off-by: Kuniyuki Iwashima <kuniyu@xxxxxxxxxx>
    Acked-by: Nikolay Aleksandrov <razor@xxxxxxxxxxxxx>
    Reviewed-by: Ido Schimmel <idosch@xxxxxxxxxx>
    Signed-off-by: David S. Miller <davem@xxxxxxxxxxxxx>
    Signed-off-by: Sasha Levin <sashal@xxxxxxxxxx>

diff --git a/net/bridge/br_stp_if.c b/net/bridge/br_stp_if.c
index ba55851fe132c..3326dfced68ab 100644
--- a/net/bridge/br_stp_if.c
+++ b/net/bridge/br_stp_if.c
@@ -201,6 +201,9 @@ int br_stp_set_enabled(struct net_bridge *br, unsigned long val,
 {
 	ASSERT_RTNL();
 
+	if (!net_eq(dev_net(br->dev), &init_net))
+		NL_SET_ERR_MSG_MOD(extack, "STP does not work in non-root netns");
+
 	if (br_mrp_enabled(br)) {
 		NL_SET_ERR_MSG_MOD(extack,
 				   "STP can't be enabled if MRP is already enabled");



[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [Linux USB Devel]     [Linux Audio Users]     [Yosemite News]     [Linux Kernel]     [Linux SCSI]

  Powered by Linux