>dev))) { ... } - This ensures redirection also when `!netif_running()` (administratively down). - The reason blackholing occurs without this patch: - On STP port disable, FDB entries are not flushed if a backup port is configured: - net/bridge/br_stp_if.c:116 if (!rcu_access_pointer(p->backup_port)) br_fdb_delete_by_port(br, p, 0, 0); - This optimization (commit 8dc350202d32, “optimize backup_port fdb convergence”) intentionally keeps FDB entries to enable seamless redirection, but br_forward() fails to redirect when the port is admin down, causing drops. - Risk assessment - Minimal regression risk: Checks only `netif_running(to->dev)` in a path that already conditionally redirects; `should_deliver()` still gates actual forwarding on the backup port’s state and policy. - No new features, no data structure changes, no timing-sensitive logic added. - Behavior remains unchanged unless a backup port is configured, and then only in the admin-down case, which is the intended failover scenario. - Backport considerations - Applicable to stable series that include backup port support and the FDB-retention optimization (e.g., post-2018/2019 kernels). It will not apply to trees that predate `backup_port`. - The change is a clean one-liner in `br_forward()`; no dependencies beyond existing `netif_running()` and `netif_carrier_ok()`. Conclusion: This is a clear bugfix to prevent data-plane blackholes in a supported configuration with minimal risk. It should be backported to stable kernels that have bridge backup-port support. net/bridge/br_forward.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/net/bridge/br_forward.c b/net/bridge/br_forward.c index 29097e984b4f7..870bdf2e082c4 100644 --- a/net/bridge/br_forward.c +++ b/net/bridge/br_forward.c @@ -148,7 +148,8 @@ void br_forward(const struct net_bridge_port *to, goto out; /* redirect to backup link if the destination port is down */ - if (rcu_access_pointer(to->backup_port) && !netif_carrier_ok(to->dev)) { + if (rcu_access_pointer(to->backup_port) && + (!netif_carrier_ok(to->dev) || !netif_running(to->dev))) { struct net_bridge_port *backup_port; backup_port = rcu_dereference(to->backup_port); -- 2.51.0[PATCH AUTOSEL 6.17-5.4] bridge: Redirect to backup port when port is administratively downSasha Levin undefinedpatches@lists.linux.dev, stable@vger.kernel.org undefined undefined undefined undefined undefined undefined undefined undefinedl