Cover Letter Detail – Django REST framework

Show a cover letter.

GET /api/1.1/covers/2233370/?format=api

HTTP 200 OK
Allow: GET, HEAD, OPTIONS
Content-Type: application/json
Vary: Accept

{
    "id": 2233370,
    "url": "http://patchwork.ozlabs.org/api/1.1/covers/2233370/?format=api",
    "web_url": "http://patchwork.ozlabs.org/project/netfilter-devel/cover/20260506100728.2664-1-fw@strlen.de/",
    "project": {
        "id": 26,
        "url": "http://patchwork.ozlabs.org/api/1.1/projects/26/?format=api",
        "name": "Netfilter Development",
        "link_name": "netfilter-devel",
        "list_id": "netfilter-devel.vger.kernel.org",
        "list_email": "netfilter-devel@vger.kernel.org",
        "web_url": null,
        "scm_url": null,
        "webscm_url": null
    },
    "msgid": "<20260506100728.2664-1-fw@strlen.de>",
    "date": "2026-05-06T10:07:12",
    "name": "[v3,nf,0/8] netfilter: xtables: fix module load and teardown races",
    "submitter": {
        "id": 1025,
        "url": "http://patchwork.ozlabs.org/api/1.1/people/1025/?format=api",
        "name": "Florian Westphal",
        "email": "fw@strlen.de"
    },
    "mbox": "http://patchwork.ozlabs.org/project/netfilter-devel/cover/20260506100728.2664-1-fw@strlen.de/mbox/",
    "series": [
        {
            "id": 502948,
            "url": "http://patchwork.ozlabs.org/api/1.1/series/502948/?format=api",
            "web_url": "http://patchwork.ozlabs.org/project/netfilter-devel/list/?series=502948",
            "date": "2026-05-06T10:07:14",
            "name": "netfilter: xtables: fix module load and teardown races",
            "version": 3,
            "mbox": "http://patchwork.ozlabs.org/series/502948/mbox/"
        }
    ],
    "comments": "http://patchwork.ozlabs.org/api/covers/2233370/comments/",
    "headers": {
        "Return-Path": "\n <netfilter-devel+bounces-12451-incoming=patchwork.ozlabs.org@vger.kernel.org>",
        "X-Original-To": [
            "incoming@patchwork.ozlabs.org",
            "netfilter-devel@vger.kernel.org"
        ],
        "Delivered-To": "patchwork-incoming@legolas.ozlabs.org",
        "Authentication-Results": [
            "legolas.ozlabs.org;\n spf=pass (sender SPF authorized) smtp.mailfrom=vger.kernel.org\n (client-ip=2600:3c04:e001:36c::12fc:5321; helo=tor.lore.kernel.org;\n envelope-from=netfilter-devel+bounces-12451-incoming=patchwork.ozlabs.org@vger.kernel.org;\n receiver=patchwork.ozlabs.org)",
            "smtp.subspace.kernel.org;\n arc=none smtp.client-ip=91.216.245.30",
            "smtp.subspace.kernel.org;\n dmarc=none (p=none dis=none) header.from=strlen.de",
            "smtp.subspace.kernel.org;\n spf=pass smtp.mailfrom=Chamillionaire.breakpoint.cc"
        ],
        "Received": [
            "from tor.lore.kernel.org (tor.lore.kernel.org\n [IPv6:2600:3c04:e001:36c::12fc:5321])\n\t(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)\n\t key-exchange x25519)\n\t(No client certificate requested)\n\tby legolas.ozlabs.org (Postfix) with ESMTPS id 4g9WTC2cFBz1yJq\n\tfor <incoming@patchwork.ozlabs.org>; Wed, 06 May 2026 20:14:39 +1000 (AEST)",
            "from smtp.subspace.kernel.org (conduit.subspace.kernel.org\n [100.90.174.1])\n\tby tor.lore.kernel.org (Postfix) with ESMTP id A98CE30714C9\n\tfor <incoming@patchwork.ozlabs.org>; Wed,  6 May 2026 10:07:44 +0000 (UTC)",
            "from localhost.localdomain (localhost.localdomain [127.0.0.1])\n\tby smtp.subspace.kernel.org (Postfix) with ESMTP id 6266D3F2111;\n\tWed,  6 May 2026 10:07:44 +0000 (UTC)",
            "from Chamillionaire.breakpoint.cc (Chamillionaire.breakpoint.cc\n [91.216.245.30])\n\t(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))\n\t(No client certificate requested)\n\tby smtp.subspace.kernel.org (Postfix) with ESMTPS id 7A5073ECBEA\n\tfor <netfilter-devel@vger.kernel.org>; Wed,  6 May 2026 10:07:37 +0000 (UTC)",
            "by Chamillionaire.breakpoint.cc (Postfix, from userid 1003)\n\tid 278AF605F3; Wed, 06 May 2026 12:07:34 +0200 (CEST)"
        ],
        "ARC-Seal": "i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116;\n\tt=1778062061; cv=none;\n b=VvuPE+WaQaLORKVkl4tvJk/jsyKb2mHUIN3Yln10iOU//OulL++ITNvxPiYIMl66H0wgwxAZ5hHXvPeGkgKTtBpLrTV+G8Ob6tuF4nu3Q6kC0kJN0v3sEYiQgJ/Dsa+1eIixJcIctfDQVAJf9T9NXgw7EI7f8jDnOK1W85BYifQ=",
        "ARC-Message-Signature": "i=1; a=rsa-sha256; d=subspace.kernel.org;\n\ts=arc-20240116; t=1778062061; c=relaxed/simple;\n\tbh=cUVsyQ+CPii9GgDPNBfUJk8Yd+wAcu6Xo9FUYbCsgSM=;\n\th=From:To:Cc:Subject:Date:Message-ID:MIME-Version;\n b=JZ2ztMjwMnU9efw82GsNuPbjO2QkdFo/ZB8XguK3/JaHGuDwE/6c6G4D6QRdrfdkrs1SWE2911Dn1owjJ5B7KXmZESOjNEhh/fI61nmz0G5dphB4GtGAKVyP627YhmClLgsIv3o2mqwoEkAhNEn3hCbQu0C/gki320eaeOkgsXY=",
        "ARC-Authentication-Results": "i=1; smtp.subspace.kernel.org;\n dmarc=none (p=none dis=none) header.from=strlen.de;\n spf=pass smtp.mailfrom=Chamillionaire.breakpoint.cc;\n arc=none smtp.client-ip=91.216.245.30",
        "From": "Florian Westphal <fw@strlen.de>",
        "To": "<netfilter-devel@vger.kernel.org>",
        "Cc": "tristan@talencesecurity.com,\n\tFlorian Westphal <fw@strlen.de>",
        "Subject": "[PATCH v3 nf 0/8] netfilter: xtables: fix module load and teardown\n races",
        "Date": "Wed,  6 May 2026 12:07:12 +0200",
        "Message-ID": "<20260506100728.2664-1-fw@strlen.de>",
        "X-Mailer": "git-send-email 2.53.0",
        "Precedence": "bulk",
        "X-Mailing-List": "netfilter-devel@vger.kernel.org",
        "List-Id": "<netfilter-devel.vger.kernel.org>",
        "List-Subscribe": "<mailto:netfilter-devel+subscribe@vger.kernel.org>",
        "List-Unsubscribe": "<mailto:netfilter-devel+unsubscribe@vger.kernel.org>",
        "MIME-Version": "1.0",
        "Content-Transfer-Encoding": "8bit"
    },
    "content": "v3:\n- sashiko spotted a wrong error unwind in iptable_nat.c in last patch.\n- alter Reported-by tag for Tristan Madani as requested\n- no other changes.\n\n1) Allow initial x_tables table replacement without emitting an audit log\nmessage. Delay the register message until after hooks are wired up to\navoid unnecessary unregister logs during error unwinding.\n\n2) Fix a NULL dereference by allocating hook ops before adding the table to\nthe per-netns list. Use `synchronize_rcu()` during error unwinding to\nensure the table stops processing packets before teardown. Defer audit log\nregister message until all operations succeed.\n\n3) Refactor xtables to use a single `xt_unregister_table_pre_exit` function.\nEliminate code duplication by centralizing table unregistration logic\nwithin the xtables core. ebtables cannot be changed due to incompatibility.\n\n4) Unregister xtables templates before module removal. This prevents\na race condition where userspace instantiates a new table after the pernet\nunreg removed the current table.\n\n5) Add `xtables_unregister_table_exit` to fully unregister netfilter tables\nduring module removal. Unlink the table from dying lists, then free hook\noperations.\n\n6) Implement a two-stage removal scheme for ebtables following the x_tables\npattern. Assign table->ops while holding the ebt mutex to prevent exposing\npartially-filled structures.\n\n7) Fix ebtables module initialization race. Register the template last in\ntable initialization functions. Prevent table instantiation before pernet\noperations are available.\n\n8) Fix a race condition in x_tables module initialization. Ensure pernet ops\nare fully set up before exposing the table to userspace.\n\nFlorian Westphal (8):\n  netfilter: x_tables: allow initial table replace without emitting\n    audit log message\n  netfilter: xtables: allocate hook ops while under mutex\n  netfilter: x_tables: add and use xt_unregister_table_pre_exit\n  netfilter: x_tables: unregister the templates first\n  netfilter: x_tables: add and use xtables_unregister_table_exit\n  netfilter: ebtables: move to two-stage removal scheme\n  netfilter: ebtables: close dangling table module init race\n  netfilter: x_tables: close dangling table module init race\n\n include/linux/netfilter/x_tables.h        |   4 +-\n include/linux/netfilter_arp/arp_tables.h  |   1 -\n include/linux/netfilter_ipv4/ip_tables.h  |   1 -\n include/linux/netfilter_ipv6/ip6_tables.h |   1 -\n net/bridge/netfilter/ebtable_broute.c     |  14 +-\n net/bridge/netfilter/ebtable_filter.c     |  14 +-\n net/bridge/netfilter/ebtable_nat.c        |  12 +-\n net/bridge/netfilter/ebtables.c           |  60 +++++---\n net/ipv4/netfilter/arp_tables.c           |  53 +------\n net/ipv4/netfilter/arptable_filter.c      |  27 ++--\n net/ipv4/netfilter/ip_tables.c            |  59 +-------\n net/ipv4/netfilter/iptable_filter.c       |  27 ++--\n net/ipv4/netfilter/iptable_mangle.c       |  29 ++--\n net/ipv4/netfilter/iptable_nat.c          |   6 +-\n net/ipv4/netfilter/iptable_raw.c          |  26 ++--\n net/ipv4/netfilter/iptable_security.c     |  27 ++--\n net/ipv6/netfilter/ip6_tables.c           |  56 +------\n net/ipv6/netfilter/ip6table_filter.c      |  26 ++--\n net/ipv6/netfilter/ip6table_mangle.c      |  27 ++--\n net/ipv6/netfilter/ip6table_nat.c         |   6 +-\n net/ipv6/netfilter/ip6table_raw.c         |  24 +--\n net/ipv6/netfilter/ip6table_security.c    |  27 ++--\n net/netfilter/x_tables.c                  | 177 ++++++++++++++++++----\n 23 files changed, 361 insertions(+), 343 deletions(-)"
}