[PATCH] net: macvlan: fix multicast delivery to bridge ports with shared source MAC

[Kibaek Yoo <psykibaek@gmail.com>]

When a macvlan interface in bridge mode shares its MAC address with an
external source (e.g., VRRP virtual MAC), incoming multicast frames
from that external source are incorrectly identified as locally
originated. macvlan_hash_lookup() matches the source MAC to a local
macvlan, causing macvlan_multicast_rx() to skip delivery to bridge
ports under the assumption they already received the frame during
transmission.

This assumption fails for protocols like VRRP where multiple hosts
legitimately share the same virtual MAC address. The local macvlan
never transmitted the frame, so bridge ports never saw it, yet the
multicast is not delivered to them.

Fix this by passing NULL as the source device and including
MACVLAN_MODE_BRIDGE in the mode mask for the else branch of
macvlan_multicast_rx(). This ensures all VEPA and bridge mode macvlan
interfaces receive incoming multicast regardless of source MAC
matching. The trade-off is that looped-back locally-originated
multicasts may be delivered to bridge ports a second time, but
multicast consumers already handle duplicate frames.

Signed-off-by: Kibaek Yoo <psykibaek@gmail.com>
---
 drivers/net/macvlan.c | 12 ++++++++----
 1 file changed, 8 insertions(+), 4 deletions(-)

diff --git a/drivers/net/macvlan.c b/drivers/net/macvlan.c
index a71f058ec..ea22909cb 100644
--- a/drivers/net/macvlan.c
+++ b/drivers/net/macvlan.c
@@ -313,11 +313,15 @@ static void macvlan_multicast_rx(const struct macvlan_port *port,
 				  MACVLAN_MODE_BRIDGE);
 	else
 		/*
-		 * flood only to VEPA ports, bridge ports
-		 * already saw the frame on the way out.
+		 * Flood to VEPA and bridge ports. We cannot distinguish
+		 * a looped-back locally-originated multicast from one
+		 * sent by an external source sharing the same source MAC
+		 * (e.g., VRRP virtual MAC), so deliver to bridge ports
+		 * as well to ensure correct reception in all cases.
 		 */
-		macvlan_broadcast(skb, port, src->dev,
-				  MACVLAN_MODE_VEPA);
+		macvlan_broadcast(skb, port, NULL,
+				  MACVLAN_MODE_VEPA |
+				  MACVLAN_MODE_BRIDGE);
 }
 
 static void macvlan_process_broadcast(struct work_struct *w)
-- 
2.50.1 (Apple Git-155)