| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 18 May 2021 14:39:43 +0200
From: Greg Kroah-Hartman <gregkh@...uxfoundation.org>
To: Rudi Heitbaum <rudi@...tbaum.com>
Cc: linux-kernel@...r.kernel.org, stable@...r.kernel.org,
Florian Fainelli <f.fainelli@...il.com>,
Vladimir Oltean <vladimir.oltean@....com>,
"David S. Miller" <davem@...emloft.net>,
Sasha Levin <sashal@...nel.org>
Subject: Re: [PATCH 5.12 081/363] net: bridge: propagate error code and
extack from br_mc_disabled_update
On Tue, May 18, 2021 at 12:24:57PM +0000, Rudi Heitbaum wrote:
> On Mon, May 17, 2021 at 03:59:07PM +0200, Greg Kroah-Hartman wrote:
> > From: Florian Fainelli <f.fainelli@...il.com>
> >
> > [ Upstream commit ae1ea84b33dab45c7b6c1754231ebda5959b504c ]
> >
> > Some Ethernet switches might only be able to support disabling multicast
> > snooping globally, which is an issue for example when several bridges
> > span the same physical device and request contradictory settings.
> >
> > Propagate the return value of br_mc_disabled_update() such that this
> > limitation is transmitted correctly to user-space.
> >
> > Signed-off-by: Florian Fainelli <f.fainelli@...il.com>
> > Signed-off-by: Vladimir Oltean <vladimir.oltean@....com>
> > Signed-off-by: David S. Miller <davem@...emloft.net>
> > Signed-off-by: Sasha Levin <sashal@...nel.org>
> > ---
> > net/bridge/br_multicast.c | 28 +++++++++++++++++++++-------
> > net/bridge/br_netlink.c | 4 +++-
> > net/bridge/br_private.h | 3 ++-
> > net/bridge/br_sysfs_br.c | 8 +-------
> > 4 files changed, 27 insertions(+), 16 deletions(-)
>
> This patch results in docker failing to start, and a regression between
> 5.12.4 and 5.12.5-rc1
>
> A working dmesg output is like:
>
> [ 11.545255] device eth0 entered promiscuous mode
> [ 11.693848] process 'docker/tmp/qemu-check643160757/check' started with executable stack
> [ 17.233059] br-92020c7e3aea: port 1(veth17a0552) entered blocking state
> [ 17.233065] br-92020c7e3aea: port 1(veth17a0552) entered disabled state
> [ 17.233098] device veth17a0552 entered promiscuous mode
> [ 17.292839] docker0: port 2(veth9d227f5) entered blocking state
> [ 17.292848] docker0: port 2(veth9d227f5) entered disabled state
> [ 17.292946] device veth9d227f5 entered promiscuous mode
> [ 17.293070] docker0: port 2(veth9d227f5) entered blocking state
> [ 17.293075] docker0: port 2(veth9d227f5) entered forwarding state
>
> with this patch "device veth17a0552 entered promiscuous mode" never
> shows up.
>
> the docker error itself is:
>
> docker: Error response from daemon: failed to create endpoint
> sleepy_dijkstra on network bridge: adding interface veth8cbd8f9 to
> bridge docker0 failed: operation not supported.
Ick.
Does 5.13-rc1 also show this same problem?
And thanks for testing!
greg k-h
Powered by blists - more mailing lists