lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:   Sat, 5 Dec 2020 17:02:26 +0100
From:   Rasmus Villemoes <>
To:     Russell King - ARM Linux admin <>
Cc:     Vladimir Oltean <>,
        Network Development <>,
        Florian Fainelli <>
Subject: Re: vlan_filtering=1 breaks all traffic

On 05/12/2020 16.45, Russell King - ARM Linux admin wrote:
> On Sat, Dec 05, 2020 at 03:49:02PM +0100, Rasmus Villemoes wrote:
>> So, I found out that the problem disappers when I disable
>> vlan_filtering, and googling then led me to Russell's patches from
>> around March
>> (
>> But, unlike from what I gather from Russell's description, the problem
>> is there whether or not the bridge is created with vlan_filtering
>> enabled from the outset or not.
> No. My problem is where the bridge is created _without_ vlan_filtering
> enabled, and is subsequently enabled. That caused traffic to stop as
> soon as vlan_filtering was enabled.
> Note that if the bridge were created with vlan_filtering enabled from
> the start, there would be no problem.

That was what I was trying to say: I see the problem whether or not
vlan_filtering is enabled from the beginning (hence the "unlike..."). So
since disabling vlan_filtering (or never enabling it in the first place)
makes traffic flow, the symptoms look similar to the problem you
described (and that was what led me to those patches).

>> Also, cherry-picking 517648c8d1 to
>> 5.9.12 doesn't help. The problem also exists on 5.4.80, and (somewhat
>> naively) backporting 54a0ed0df496 as well as 517648c8d1 doesn't change that.
> I'm not sure what 517648c8d1 is - this isn't a mainline or net-next
> commit ID.

Sorry, I mistakenly took the sha1 from the 5.4 branch I cherry-picked it
to - I did indeed mean your subsequent 1fb74191988f setting the flag for

> You will, however, find that the problem was subsequently fixed by
> 1fb74191988f on top of 54a0ed0df496, 

Unfortunately not. So either it's simply some completely different
underlying issue, or there's something else going on in my setup that
prevents the configure_vlan_while_not_filtering patches from fixing it.


Powered by blists - more mailing lists