GET

Patch Detail

get:
Show a patch.

patch:
Update a patch.

put:
Update a patch.

GET /api/1.1/patches/2224693/?format=api
HTTP 200 OK
Allow: GET, PUT, PATCH, HEAD, OPTIONS
Content-Type: application/json
Vary: Accept

{
    "id": 2224693,
    "url": "http://patchwork.ozlabs.org/api/1.1/patches/2224693/?format=api",
    "web_url": "http://patchwork.ozlabs.org/project/netfilter-devel/patch/20260417183433.4739-4-fmancera@suse.de/",
    "project": {
        "id": 26,
        "url": "http://patchwork.ozlabs.org/api/1.1/projects/26/?format=api",
        "name": "Netfilter Development",
        "link_name": "netfilter-devel",
        "list_id": "netfilter-devel.vger.kernel.org",
        "list_email": "netfilter-devel@vger.kernel.org",
        "web_url": null,
        "scm_url": null,
        "webscm_url": null
    },
    "msgid": "<20260417183433.4739-4-fmancera@suse.de>",
    "date": "2026-04-17T18:34:33",
    "name": "[3/4,nf] netfilter: nft_osf: skip evaluation for non-first fragments",
    "commit_ref": null,
    "pull_url": null,
    "state": "changes-requested",
    "archived": false,
    "hash": "3eab8c6ec70c4267a39c6ef107c64569cb0ff6b2",
    "submitter": {
        "id": 90904,
        "url": "http://patchwork.ozlabs.org/api/1.1/people/90904/?format=api",
        "name": "Fernando Fernandez Mancera",
        "email": "fmancera@suse.de"
    },
    "delegate": null,
    "mbox": "http://patchwork.ozlabs.org/project/netfilter-devel/patch/20260417183433.4739-4-fmancera@suse.de/mbox/",
    "series": [
        {
            "id": 500386,
            "url": "http://patchwork.ozlabs.org/api/1.1/series/500386/?format=api",
            "web_url": "http://patchwork.ozlabs.org/project/netfilter-devel/list/?series=500386",
            "date": "2026-04-17T18:34:31",
            "name": "[1/4,nf] netfilter: nft_exthdr: skip SCTP chunk evaluation for non-first fragments",
            "version": 1,
            "mbox": "http://patchwork.ozlabs.org/series/500386/mbox/"
        }
    ],
    "comments": "http://patchwork.ozlabs.org/api/patches/2224693/comments/",
    "check": "pending",
    "checks": "http://patchwork.ozlabs.org/api/patches/2224693/checks/",
    "tags": {},
    "headers": {
        "Return-Path": "\n <netfilter-devel+bounces-12006-incoming=patchwork.ozlabs.org@vger.kernel.org>",
        "X-Original-To": [
            "incoming@patchwork.ozlabs.org",
            "netfilter-devel@vger.kernel.org"
        ],
        "Delivered-To": "patchwork-incoming@legolas.ozlabs.org",
        "Authentication-Results": [
            "legolas.ozlabs.org;\n\tdkim=pass (1024-bit key;\n unprotected) header.d=suse.de header.i=@suse.de header.a=rsa-sha256\n header.s=susede2_rsa header.b=VcHAp0rA;\n\tdkim=pass header.d=suse.de header.i=@suse.de header.a=ed25519-sha256\n header.s=susede2_ed25519 header.b=uQzgWfgV;\n\tdkim=pass (1024-bit key) header.d=suse.de header.i=@suse.de\n header.a=rsa-sha256 header.s=susede2_rsa header.b=VcHAp0rA;\n\tdkim=neutral header.d=suse.de header.i=@suse.de header.a=ed25519-sha256\n header.s=susede2_ed25519 header.b=uQzgWfgV;\n\tdkim-atps=neutral",
            "legolas.ozlabs.org;\n spf=pass (sender SPF authorized) smtp.mailfrom=vger.kernel.org\n (client-ip=2600:3c0a:e001:db::12fc:5321; helo=sea.lore.kernel.org;\n envelope-from=netfilter-devel+bounces-12006-incoming=patchwork.ozlabs.org@vger.kernel.org;\n receiver=patchwork.ozlabs.org)",
            "smtp.subspace.kernel.org;\n\tdkim=pass (1024-bit key) header.d=suse.de header.i=@suse.de\n header.b=\"VcHAp0rA\";\n\tdkim=permerror (0-bit key) header.d=suse.de header.i=@suse.de\n header.b=\"uQzgWfgV\";\n\tdkim=pass (1024-bit key) header.d=suse.de header.i=@suse.de\n header.b=\"VcHAp0rA\";\n\tdkim=permerror (0-bit key) header.d=suse.de header.i=@suse.de\n header.b=\"uQzgWfgV\"",
            "smtp.subspace.kernel.org;\n arc=none smtp.client-ip=195.135.223.131",
            "smtp.subspace.kernel.org;\n dmarc=pass (p=none dis=none) header.from=suse.de",
            "smtp.subspace.kernel.org;\n spf=pass smtp.mailfrom=suse.de",
            "smtp-out2.suse.de;\n\tdkim=pass header.d=suse.de header.s=susede2_rsa header.b=VcHAp0rA;\n\tdkim=pass header.d=suse.de header.s=susede2_ed25519 header.b=uQzgWfgV"
        ],
        "Received": [
            "from sea.lore.kernel.org (sea.lore.kernel.org\n [IPv6:2600:3c0a:e001:db::12fc:5321])\n\t(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)\n\t key-exchange x25519 server-signature ECDSA (secp384r1) server-digest SHA384)\n\t(No client certificate requested)\n\tby legolas.ozlabs.org (Postfix) with ESMTPS id 4fy3W51YNzz1yCv\n\tfor <incoming@patchwork.ozlabs.org>; Sat, 18 Apr 2026 04:36:33 +1000 (AEST)",
            "from smtp.subspace.kernel.org (conduit.subspace.kernel.org\n [100.90.174.1])\n\tby sea.lore.kernel.org (Postfix) with ESMTP id 3B6683037897\n\tfor <incoming@patchwork.ozlabs.org>; Fri, 17 Apr 2026 18:35:15 +0000 (UTC)",
            "from localhost.localdomain (localhost.localdomain [127.0.0.1])\n\tby smtp.subspace.kernel.org (Postfix) with ESMTP id 67EFD364950;\n\tFri, 17 Apr 2026 18:35:14 +0000 (UTC)",
            "from smtp-out2.suse.de (smtp-out2.suse.de [195.135.223.131])\n\t(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))\n\t(No client certificate requested)\n\tby smtp.subspace.kernel.org (Postfix) with ESMTPS id C602826E142\n\tfor <netfilter-devel@vger.kernel.org>; Fri, 17 Apr 2026 18:35:12 +0000 (UTC)",
            "from imap1.dmz-prg2.suse.org (imap1.dmz-prg2.suse.org\n [IPv6:2a07:de40:b281:104:10:150:64:97])\n\t(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)\n\t key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest\n SHA256)\n\t(No client certificate requested)\n\tby smtp-out2.suse.de (Postfix) with ESMTPS id 1F0605BD6D;\n\tFri, 17 Apr 2026 18:35:11 +0000 (UTC)",
            "from imap1.dmz-prg2.suse.org (localhost [127.0.0.1])\n\t(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)\n\t key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest\n SHA256)\n\t(No client certificate requested)\n\tby imap1.dmz-prg2.suse.org (Postfix) with ESMTPS id A9866593AE;\n\tFri, 17 Apr 2026 18:35:10 +0000 (UTC)",
            "from dovecot-director2.suse.de ([2a07:de40:b281:106:10:150:64:167])\n\tby imap1.dmz-prg2.suse.org with ESMTPSA\n\tid 4OaeJl594mmFFQAAD6G6ig\n\t(envelope-from <fmancera@suse.de>); Fri, 17 Apr 2026 18:35:10 +0000"
        ],
        "ARC-Seal": "i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116;\n\tt=1776450914; cv=none;\n b=fEsjqduEQO2dVPNj8/6I8foS3LznXkBumeoepA1HhmWPqnrR1jYvsbUuZ06RZjncMzRUMgc1APncL/s1oHl28NR+Mp7H6405kuynJpx4PEsQagx9hRLewpWymltprX4Mv4pBt0URj0lTKS+ZbZ04EZKSIKanuTD0B7wKES65IV4=",
        "ARC-Message-Signature": "i=1; a=rsa-sha256; d=subspace.kernel.org;\n\ts=arc-20240116; t=1776450914; c=relaxed/simple;\n\tbh=OsNYKBXPI1nUZB+sgsghKh4fzbsOq2gggETk7M3a6ks=;\n\th=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References:\n\t MIME-Version;\n b=k0XCbUtb4wAQxs/JCooPDkLJCC2GbciD98ZWFdICQauSkNtmiptH4vneVDC6ppUmJ4/+OUeVcaj34flxIwjCBXC/NBM0QykOfioGnVFtO38SiHqRtmH5Wg7bKgNwRD/XpKPbVNVH2wQNJR/hwnPF2NfkJuCYElwLvbGI1aC/RtI=",
        "ARC-Authentication-Results": "i=1; smtp.subspace.kernel.org;\n dmarc=pass (p=none dis=none) header.from=suse.de;\n spf=pass smtp.mailfrom=suse.de;\n dkim=pass (1024-bit key) header.d=suse.de header.i=@suse.de\n header.b=VcHAp0rA;\n dkim=permerror (0-bit key) header.d=suse.de header.i=@suse.de\n header.b=uQzgWfgV;\n dkim=pass (1024-bit key) header.d=suse.de header.i=@suse.de\n header.b=VcHAp0rA;\n dkim=permerror (0-bit key) header.d=suse.de header.i=@suse.de\n header.b=uQzgWfgV; arc=none smtp.client-ip=195.135.223.131",
        "DKIM-Signature": [
            "v=1; a=rsa-sha256; c=relaxed/relaxed; d=suse.de;\n s=susede2_rsa;\n\tt=1776450911;\n h=from:from:reply-to:date:date:message-id:message-id:to:to:cc:cc:\n\t mime-version:mime-version:\n\t content-transfer-encoding:content-transfer-encoding:\n\t in-reply-to:in-reply-to:references:references;\n\tbh=4tRw78NnQ8r63dxdxGlbEvc/S4kLNyqmm0kBi2Ao9WM=;\n\tb=VcHAp0rAYyGTwJQ4f6CF2VaucNlupqSoUCWnS5gK5RhUCbSxkOmjDDc8mmjD39avciTsFK\n\tKFRMCHtkytW6ssVBI/6g1VxVJx6cmQ2dx9TZ3+Ly1kbkL/xFgsWxR4JNKhcGpCUvbuWxso\n\te6ELKcdepp4yDm0oT/KHUWo8ZHs5BIo=",
            "v=1; a=ed25519-sha256; c=relaxed/relaxed; d=suse.de;\n\ts=susede2_ed25519; t=1776450911;\n\th=from:from:reply-to:date:date:message-id:message-id:to:to:cc:cc:\n\t mime-version:mime-version:\n\t content-transfer-encoding:content-transfer-encoding:\n\t in-reply-to:in-reply-to:references:references;\n\tbh=4tRw78NnQ8r63dxdxGlbEvc/S4kLNyqmm0kBi2Ao9WM=;\n\tb=uQzgWfgVTYxfb0hTd2s7x9qcfoV+mZUkFjhjb5CFpUlFXlZyWpNfSewKHnU+ceJx5OIWNa\n\tfSsZHGAw7agoceCQ==",
            "v=1; a=rsa-sha256; c=relaxed/relaxed; d=suse.de;\n s=susede2_rsa;\n\tt=1776450911;\n h=from:from:reply-to:date:date:message-id:message-id:to:to:cc:cc:\n\t mime-version:mime-version:\n\t content-transfer-encoding:content-transfer-encoding:\n\t in-reply-to:in-reply-to:references:references;\n\tbh=4tRw78NnQ8r63dxdxGlbEvc/S4kLNyqmm0kBi2Ao9WM=;\n\tb=VcHAp0rAYyGTwJQ4f6CF2VaucNlupqSoUCWnS5gK5RhUCbSxkOmjDDc8mmjD39avciTsFK\n\tKFRMCHtkytW6ssVBI/6g1VxVJx6cmQ2dx9TZ3+Ly1kbkL/xFgsWxR4JNKhcGpCUvbuWxso\n\te6ELKcdepp4yDm0oT/KHUWo8ZHs5BIo=",
            "v=1; a=ed25519-sha256; c=relaxed/relaxed; d=suse.de;\n\ts=susede2_ed25519; t=1776450911;\n\th=from:from:reply-to:date:date:message-id:message-id:to:to:cc:cc:\n\t mime-version:mime-version:\n\t content-transfer-encoding:content-transfer-encoding:\n\t in-reply-to:in-reply-to:references:references;\n\tbh=4tRw78NnQ8r63dxdxGlbEvc/S4kLNyqmm0kBi2Ao9WM=;\n\tb=uQzgWfgVTYxfb0hTd2s7x9qcfoV+mZUkFjhjb5CFpUlFXlZyWpNfSewKHnU+ceJx5OIWNa\n\tfSsZHGAw7agoceCQ=="
        ],
        "From": "Fernando Fernandez Mancera <fmancera@suse.de>",
        "To": "netfilter-devel@vger.kernel.org",
        "Cc": "netdev@vger.kernel.org,\n\tcoreteam@netfilter.org,\n\tpablo@netfilter.org,\n\tfw@strlen.de,\n\tphil@nwl.cc,\n\tFernando Fernandez Mancera <fmancera@suse.de>",
        "Subject": "[PATCH 3/4 nf] netfilter: nft_osf: skip evaluation for non-first\n fragments",
        "Date": "Fri, 17 Apr 2026 20:34:33 +0200",
        "Message-ID": "<20260417183433.4739-4-fmancera@suse.de>",
        "X-Mailer": "git-send-email 2.51.0",
        "In-Reply-To": "<20260417183433.4739-1-fmancera@suse.de>",
        "References": "<20260417183433.4739-1-fmancera@suse.de>",
        "Precedence": "bulk",
        "X-Mailing-List": "netfilter-devel@vger.kernel.org",
        "List-Id": "<netfilter-devel.vger.kernel.org>",
        "List-Subscribe": "<mailto:netfilter-devel+subscribe@vger.kernel.org>",
        "List-Unsubscribe": "<mailto:netfilter-devel+unsubscribe@vger.kernel.org>",
        "MIME-Version": "1.0",
        "Content-Transfer-Encoding": "8bit",
        "X-Rspamd-Action": "no action",
        "X-Rspamd-Server": "rspamd2.dmz-prg2.suse.org",
        "X-Spamd-Result": "default: False [-3.01 / 50.00];\n\tBAYES_HAM(-3.00)[100.00%];\n\tMID_CONTAINS_FROM(1.00)[];\n\tNEURAL_HAM_LONG(-1.00)[-1.000];\n\tR_MISSING_CHARSET(0.50)[];\n\tR_DKIM_ALLOW(-0.20)[suse.de:s=susede2_rsa,suse.de:s=susede2_ed25519];\n\tNEURAL_HAM_SHORT(-0.20)[-1.000];\n\tMIME_GOOD(-0.10)[text/plain];\n\tMX_GOOD(-0.01)[];\n\tDBL_BLOCKED_OPENRESOLVER(0.00)[suse.de:dkim,suse.de:mid,suse.de:email];\n\tRCVD_VIA_SMTP_AUTH(0.00)[];\n\tFUZZY_RATELIMITED(0.00)[rspamd.com];\n\tARC_NA(0.00)[];\n\tMIME_TRACE(0.00)[0:+];\n\tFROM_HAS_DN(0.00)[];\n\tTO_MATCH_ENVRCPT_ALL(0.00)[];\n\tFROM_EQ_ENVFROM(0.00)[];\n\tRCPT_COUNT_SEVEN(0.00)[7];\n\tDKIM_SIGNED(0.00)[suse.de:s=susede2_rsa,suse.de:s=susede2_ed25519];\n\tRECEIVED_SPAMHAUS_BLOCKED_OPENRESOLVER(0.00)[2a07:de40:b281:106:10:150:64:167:received];\n\tRCVD_COUNT_TWO(0.00)[2];\n\tRCVD_TLS_ALL(0.00)[];\n\tTO_DN_SOME(0.00)[];\n\tDKIM_TRACE(0.00)[suse.de:+]",
        "X-Rspamd-Queue-Id": "1F0605BD6D",
        "X-Spam-Flag": "NO",
        "X-Spam-Score": "-3.01",
        "X-Spam-Level": ""
    },
    "content": "The osf expression extracts TCP options to match them against\nfingerprints. For fragmented packets, every fragment carries the\ntransport protocol used but only the first fragment contains the TCP\nheader.\n\nAs nftables is not evaluating chain priority, a osf expression could be\nattached to a PREROUTING chain with a priority lower than -400. This\nwould bypass defragmentation. In addition, nft_osf should be able to\nwork in stateless environments, therefore it can be use in situation\nwhen defragmentation is not being performed.\n\nAdd a check for pkt->fragoff to ensure osf only evaluates unfragmented\npackets or the first fragment in the stream.\n\nFixes: b96af92d6eaf (\"netfilter: nf_tables: implement Passive OS fingerprint module in nft_osf\")\nSigned-off-by: Fernando Fernandez Mancera <fmancera@suse.de>\n---\n net/netfilter/nft_osf.c | 2 +-\n 1 file changed, 1 insertion(+), 1 deletion(-)",
    "diff": "diff --git a/net/netfilter/nft_osf.c b/net/netfilter/nft_osf.c\nindex 1c0b493ef0a9..ceca87e405eb 100644\n--- a/net/netfilter/nft_osf.c\n+++ b/net/netfilter/nft_osf.c\n@@ -28,7 +28,7 @@ static void nft_osf_eval(const struct nft_expr *expr, struct nft_regs *regs,\n \tstruct nf_osf_data data;\n \tstruct tcphdr _tcph;\n \n-\tif (pkt->tprot != IPPROTO_TCP) {\n+\tif (pkt->tprot != IPPROTO_TCP || pkt->fragoff) {\n \t\tregs->verdict.code = NFT_BREAK;\n \t\treturn;\n \t}\n",
    "prefixes": [
        "3/4",
        "nf"
    ]
}