GET

Patch Detail

get:
Show a patch.

patch:
Update a patch.

put:
Update a patch.

GET /api/patches/2217685/?format=api
HTTP 200 OK
Allow: GET, PUT, PATCH, HEAD, OPTIONS
Content-Type: application/json
Vary: Accept

{
    "id": 2217685,
    "url": "http://patchwork.ozlabs.org/api/patches/2217685/?format=api",
    "web_url": "http://patchwork.ozlabs.org/project/netfilter-devel/patch/20260330113509.23990-1-yiche@redhat.com/",
    "project": {
        "id": 26,
        "url": "http://patchwork.ozlabs.org/api/projects/26/?format=api",
        "name": "Netfilter Development",
        "link_name": "netfilter-devel",
        "list_id": "netfilter-devel.vger.kernel.org",
        "list_email": "netfilter-devel@vger.kernel.org",
        "web_url": null,
        "scm_url": null,
        "webscm_url": null,
        "list_archive_url": "",
        "list_archive_url_format": "",
        "commit_url_format": ""
    },
    "msgid": "<20260330113509.23990-1-yiche@redhat.com>",
    "list_archive_url": null,
    "date": "2026-03-30T11:35:09",
    "name": "selftests: netfilter: conntrack_sctp_collision.sh: Introduce SCTP INIT collision test",
    "commit_ref": null,
    "pull_url": null,
    "state": "new",
    "archived": false,
    "hash": "1a141f1ad35fe113659ad796e82e1f8c40429541",
    "submitter": {
        "id": 87889,
        "url": "http://patchwork.ozlabs.org/api/people/87889/?format=api",
        "name": "Yi Chen",
        "email": "yiche@redhat.com"
    },
    "delegate": null,
    "mbox": "http://patchwork.ozlabs.org/project/netfilter-devel/patch/20260330113509.23990-1-yiche@redhat.com/mbox/",
    "series": [
        {
            "id": 498003,
            "url": "http://patchwork.ozlabs.org/api/series/498003/?format=api",
            "web_url": "http://patchwork.ozlabs.org/project/netfilter-devel/list/?series=498003",
            "date": "2026-03-30T11:35:09",
            "name": "selftests: netfilter: conntrack_sctp_collision.sh: Introduce SCTP INIT collision test",
            "version": 1,
            "mbox": "http://patchwork.ozlabs.org/series/498003/mbox/"
        }
    ],
    "comments": "http://patchwork.ozlabs.org/api/patches/2217685/comments/",
    "check": "pending",
    "checks": "http://patchwork.ozlabs.org/api/patches/2217685/checks/",
    "tags": {},
    "related": [],
    "headers": {
        "Return-Path": "\n <netfilter-devel+bounces-11488-incoming=patchwork.ozlabs.org@vger.kernel.org>",
        "X-Original-To": [
            "incoming@patchwork.ozlabs.org",
            "netfilter-devel@vger.kernel.org"
        ],
        "Delivered-To": "patchwork-incoming@legolas.ozlabs.org",
        "Authentication-Results": [
            "legolas.ozlabs.org;\n\tdkim=pass (1024-bit key;\n unprotected) header.d=redhat.com header.i=@redhat.com header.a=rsa-sha256\n header.s=mimecast20190719 header.b=UsmlFwPT;\n\tdkim-atps=neutral",
            "legolas.ozlabs.org;\n spf=pass (sender SPF authorized) smtp.mailfrom=vger.kernel.org\n (client-ip=2600:3c0a:e001:db::12fc:5321; helo=sea.lore.kernel.org;\n envelope-from=netfilter-devel+bounces-11488-incoming=patchwork.ozlabs.org@vger.kernel.org;\n receiver=patchwork.ozlabs.org)",
            "smtp.subspace.kernel.org;\n\tdkim=pass (1024-bit key) header.d=redhat.com header.i=@redhat.com\n header.b=\"UsmlFwPT\"",
            "smtp.subspace.kernel.org;\n arc=none smtp.client-ip=170.10.133.124",
            "smtp.subspace.kernel.org;\n dmarc=pass (p=quarantine dis=none) header.from=redhat.com",
            "smtp.subspace.kernel.org;\n spf=pass smtp.mailfrom=redhat.com"
        ],
        "Received": [
            "from sea.lore.kernel.org (sea.lore.kernel.org\n [IPv6:2600:3c0a:e001:db::12fc:5321])\n\t(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)\n\t key-exchange x25519 server-signature ECDSA (secp384r1) server-digest SHA384)\n\t(No client certificate requested)\n\tby legolas.ozlabs.org (Postfix) with ESMTPS id 4fkq9908mWz1xrn\n\tfor <incoming@patchwork.ozlabs.org>; Mon, 30 Mar 2026 22:42:05 +1100 (AEDT)",
            "from smtp.subspace.kernel.org (conduit.subspace.kernel.org\n [100.90.174.1])\n\tby sea.lore.kernel.org (Postfix) with ESMTP id A0EC03011F23\n\tfor <incoming@patchwork.ozlabs.org>; Mon, 30 Mar 2026 11:35:29 +0000 (UTC)",
            "from localhost.localdomain (localhost.localdomain [127.0.0.1])\n\tby smtp.subspace.kernel.org (Postfix) with ESMTP id EF36C3BED32;\n\tMon, 30 Mar 2026 11:35:28 +0000 (UTC)",
            "from us-smtp-delivery-124.mimecast.com\n (us-smtp-delivery-124.mimecast.com [170.10.133.124])\n\t(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))\n\t(No client certificate requested)\n\tby smtp.subspace.kernel.org (Postfix) with ESMTPS id 3628A3B5307\n\tfor <netfilter-devel@vger.kernel.org>; Mon, 30 Mar 2026 11:35:27 +0000 (UTC)",
            "from mx-prod-mc-01.mail-002.prod.us-west-2.aws.redhat.com\n (ec2-54-186-198-63.us-west-2.compute.amazonaws.com [54.186.198.63]) by\n relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3,\n cipher=TLS_AES_256_GCM_SHA384) id us-mta-128-oMNhOeO0MPygyrTPLK-6HQ-1; Mon,\n 30 Mar 2026 07:35:23 -0400",
            "from mx-prod-int-05.mail-002.prod.us-west-2.aws.redhat.com\n (mx-prod-int-05.mail-002.prod.us-west-2.aws.redhat.com [10.30.177.17])\n\t(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)\n\t key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest\n SHA256)\n\t(No client certificate requested)\n\tby mx-prod-mc-01.mail-002.prod.us-west-2.aws.redhat.com (Postfix) with ESMTPS\n id 5EDEC19560B1;\n\tMon, 30 Mar 2026 11:35:20 +0000 (UTC)",
            "from yiche-laptop.redhat.com (unknown [10.72.112.165])\n\tby mx-prod-int-05.mail-002.prod.us-west-2.aws.redhat.com (Postfix) with ESMTP\n id 627951955D84;\n\tMon, 30 Mar 2026 11:35:12 +0000 (UTC)"
        ],
        "ARC-Seal": "i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116;\n\tt=1774870528; cv=none;\n b=dTiv/SqfTyTXFEqorCsyobSA9q8yZFNGBSZGO3E0fUPKq3MSdUTpKaGFIVg3gEW/HUD4THzR6PEjvsq5p4sq/fD8nsqDIJGRcox0qT9jUvlAHwJJw8SVDj5VWvhnD/g4OLEGOW0loaJyaSws3RCbNULfg+cWUB5n5yyh9yBEllU=",
        "ARC-Message-Signature": "i=1; a=rsa-sha256; d=subspace.kernel.org;\n\ts=arc-20240116; t=1774870528; c=relaxed/simple;\n\tbh=s0GYGHG3bHHnLSUpuw3XwU4YANaEchmaJvsIJazD/8g=;\n\th=From:To:Cc:Subject:Date:Message-ID:MIME-Version;\n b=o5scdnM0Uv28ZRq25jjcFEEoa/Cpu2+Y4vrKqjgo2bUpmS94lRQZaKDWy/twmC1+LEtJb87JIll+iU92E93u+18g/o/2PG4d8qK2KtJ2sjxU2mtb1gikfEwPLOmt5YiYbIPjJdFj2BRGNqD4u3n9yFrvvtoFY28KGaiNkzDoNQw=",
        "ARC-Authentication-Results": "i=1; smtp.subspace.kernel.org;\n dmarc=pass (p=quarantine dis=none) header.from=redhat.com;\n spf=pass smtp.mailfrom=redhat.com;\n dkim=pass (1024-bit key) header.d=redhat.com header.i=@redhat.com\n header.b=UsmlFwPT; arc=none smtp.client-ip=170.10.133.124",
        "DKIM-Signature": "v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com;\n\ts=mimecast20190719; t=1774870526;\n\th=from:from:reply-to:subject:subject:date:date:message-id:message-id:\n\t to:to:cc:cc:mime-version:mime-version:\n\t content-transfer-encoding:content-transfer-encoding;\n\tbh=FiZviYo8L2f9R9HpzuBCyEjwLeRZJHeIjS+87uHF2Oc=;\n\tb=UsmlFwPTcLMgi+/8FN73y/QCb4qAEXZuov0rDmY/mAkuOEaKMC3+3W5QUQSjAl+wVRCRoR\n\tSD1ERDL8YWpzTMtM4qFAE/ua+cpepdfUWpmZ+7ScUeJqES/6Va7cnK1XBH0nyivk97xvtZ\n\tkWeXA8iOOgy2trCE3hu95Sea2A1XcGk=",
        "X-MC-Unique": "oMNhOeO0MPygyrTPLK-6HQ-1",
        "X-Mimecast-MFC-AGG-ID": "oMNhOeO0MPygyrTPLK-6HQ_1774870521",
        "From": "Yi Chen <yiche@redhat.com>",
        "To": "Chen Yi <yiche@redhat.com>,\n\tPablo Neira Ayuso <pablo@netfilter.org>,\n\tFlorian Westphal <fw@strlen.de>,\n\tPhil Sutter <phil@nwl.cc>,\n\tLong Xin <lxin@redhat.com>,\n\t\"David S . Miller\" <davem@davemloft.net>,\n\tJakub Kicinski <kuba@kernel.org>,\n\tEric Dumazet <edumazet@google.com>,\n\tPaolo Abeni <pabeni@redhat.com>,\n\tSimon Horman <horms@kernel.org>,\n\tShuah Khan <shuah@kernel.org>",
        "Cc": "coreteam@netfilter.org,\n\tnetfilter-devel@vger.kernel.org,\n\tlinux-kselftest@vger.kernel.org,\n\tlinux-kernel@vger.kernel.org,\n\tnetdev@vger.kernel.org",
        "Subject": "[PATCH] selftests: netfilter: conntrack_sctp_collision.sh: Introduce\n SCTP INIT collision test",
        "Date": "Mon, 30 Mar 2026 19:35:09 +0800",
        "Message-ID": "<20260330113509.23990-1-yiche@redhat.com>",
        "Precedence": "bulk",
        "X-Mailing-List": "netfilter-devel@vger.kernel.org",
        "List-Id": "<netfilter-devel.vger.kernel.org>",
        "List-Subscribe": "<mailto:netfilter-devel+subscribe@vger.kernel.org>",
        "List-Unsubscribe": "<mailto:netfilter-devel+unsubscribe@vger.kernel.org>",
        "MIME-Version": "1.0",
        "Content-Transfer-Encoding": "8bit",
        "X-Scanned-By": "MIMEDefang 3.0 on 10.30.177.17"
    },
    "content": "The existing test covered a scenario where a delayed INIT_ACK chunk\nupdates the vtag in conntrack after the association has already been\nestablished.\n\nA similar issue can occur with a delayed SCTP INIT chunk.\n\nAdd a new simultaneous-open test case where the client's INIT is\ndelayed, allowing conntrack to establish the association based on\nthe server-initiated handshake.\n\nWhen the stale INIT arrives later, it may overwirte the vtag in\nconntrack, causing subsequent SCTP DATA chunks to be considered\nas invalid and then dropped by nft rules matching on ct state invalid.\n\nThis test verifies such stale INIT chunks do not corrupt conntrack\nstate.\n\nSigned-off-by: Yi Chen <yiche@redhat.com>\n---\n .../net/netfilter/conntrack_sctp_collision.sh | 84 ++++++++++++++-----\n 1 file changed, 65 insertions(+), 19 deletions(-)",
    "diff": "diff --git a/tools/testing/selftests/net/netfilter/conntrack_sctp_collision.sh b/tools/testing/selftests/net/netfilter/conntrack_sctp_collision.sh\nindex d860f7d9744b..7f8f1b6b746a 100755\n--- a/tools/testing/selftests/net/netfilter/conntrack_sctp_collision.sh\n+++ b/tools/testing/selftests/net/netfilter/conntrack_sctp_collision.sh\n@@ -23,8 +23,19 @@ SERVER_PORT=1234\n CLIENT_GW=\"198.51.200.2\"\n SERVER_GW=\"198.51.100.2\"\n \n+assert_pass()\n+{\n+\tlocal ret=$?\n+\tif [ $ret != 0 ]; then\n+\t\techo \"FAIL: ${@}\"\n+\t\texit $ksft_fail\n+\telse\n+\t\techo \"PASS: ${@}\"\n+\tfi\n+}\n+\n # setup the topo\n-setup() {\n+topo_setup() {\n \tsetup_ns CLIENT_NS SERVER_NS ROUTER_NS\n \tip -n \"$SERVER_NS\" link add link0 type veth peer name link1 netns \"$ROUTER_NS\"\n \tip -n \"$CLIENT_NS\" link add link3 type veth peer name link2 netns \"$ROUTER_NS\"\n@@ -42,21 +53,51 @@ setup() {\n \tip -n \"$CLIENT_NS\" link set link3 up\n \tip -n \"$CLIENT_NS\" addr add $CLIENT_IP/24 dev link3\n \tip -n \"$CLIENT_NS\" route add $SERVER_IP dev link3 via $CLIENT_GW\n+}\n \n-\t# simulate the delay on OVS upcall by setting up a delay for INIT_ACK with\n-\t# tc on $SERVER_NS side\n-\ttc -n \"$SERVER_NS\" qdisc add dev link0 root handle 1: htb r2q 64\n-\ttc -n \"$SERVER_NS\" class add dev link0 parent 1: classid 1:1 htb rate 100mbit\n-\ttc -n \"$SERVER_NS\" filter add dev link0 parent 1: protocol ip u32 match ip protocol 132 \\\n-\t\t0xff match u8 2 0xff at 32 flowid 1:1\n-\tif ! tc -n \"$SERVER_NS\" qdisc add dev link0 parent 1:1 handle 10: netem delay 1200ms; then\n-\t\techo \"SKIP: Cannot add netem qdisc\"\n-\t\texit $ksft_skip\n-\tfi\n+conf_delay()\n+{\n+\t# simulate the delay on OVS upcall by setting up a delay for INIT_ACK/INIT with\n+\tcase $1 in\n+\t\"INIT\") chunk_type=1\n+\t\t# tc on $CLIENT_NS side\n+\t\ttc -n \"$CLIENT_NS\" qdisc add dev link3 root handle 1: htb r2q 64\n+\t\ttc -n \"$CLIENT_NS\" class add dev link3 parent 1: classid 1:1 htb rate 100mbit\n+\t\ttc -n \"$CLIENT_NS\" filter add dev link3 parent 1: protocol ip \\\n+\t\t\tu32 match ip protocol 132 0xff match u8 $chunk_type 0xff at 32 flowid 1:1\n+\t\tif ! tc -n \"$CLIENT_NS\" qdisc add dev link3 parent 1:1 handle 10: \\\n+\t\t\tnetem delay 1200ms; then\n+\t\t\techo \"SKIP: Cannot add netem qdisc\"\n+\t\t\texit $ksft_skip\n+\t\tfi\n+\t\t;;\n+\t\"INIT_ACK\") chunk_type=2\n+\t\t# tc on $SERVER_NS side\n+\t\ttc -n \"$SERVER_NS\" qdisc add dev link0 root handle 1: htb r2q 64\n+\t\ttc -n \"$SERVER_NS\" class add dev link0 parent 1: classid 1:1 htb rate 100mbit\n+\t\ttc -n \"$SERVER_NS\" filter add dev link0 parent 1: protocol ip \\\n+\t\t\tu32 match ip protocol 132 0xff match u8 $chunk_type 0xff at 32 flowid 1:1\n+\t\tif ! tc -n \"$SERVER_NS\" qdisc add dev link0 parent 1:1 handle 10: \\\n+\t\t\tnetem delay 1200ms; then\n+\t\t\techo \"SKIP: Cannot add netem qdisc\"\n+\t\t\texit $ksft_skip\n+\t\tfi\n+\t\t;;\n+\tesac\n \n \t# simulate the ctstate check on OVS nf_conntrack\n-\tip net exec \"$ROUTER_NS\" iptables -A FORWARD -m state --state INVALID,UNTRACKED -j DROP\n-\tip net exec \"$ROUTER_NS\" iptables -A INPUT -p sctp -j DROP\n+\tip net exec \"$ROUTER_NS\" nft -f - <<-EOF\n+\ttable ip t {\n+\t        chain forward {\n+\t                type filter hook forward priority filter; policy accept;\n+\t                meta l4proto { icmp, icmpv6 } accept\n+\t                ct state new counter accept\n+\t                ct state established,related counter accept\n+\t                ct state invalid log flags all counter drop\n+\t                counter\n+\t        }\n+\t}\n+\tEOF\n \n \t# use a smaller number for assoc's max_retrans to reproduce the issue\n \tmodprobe -q sctp\n@@ -64,8 +105,6 @@ setup() {\n }\n \n cleanup() {\n-\tip net exec \"$CLIENT_NS\" pkill sctp_collision >/dev/null 2>&1\n-\tip net exec \"$SERVER_NS\" pkill sctp_collision >/dev/null 2>&1\n \tcleanup_all_ns\n }\n \n@@ -81,7 +120,14 @@ do_test() {\n \n # run the test case\n trap cleanup EXIT\n-setup && \\\n-echo \"Test for SCTP Collision in nf_conntrack:\" && \\\n-do_test && echo \"PASS!\"\n-exit $?\n+\n+echo \"Test for SCTP INIT_ACK Collision in nf_conntrack:\"\n+topo_setup && conf_delay INIT_ACK\n+do_test\n+assert_pass \"The delayed INIT_ACK chunk did not disrupt sctp ct tracking.\"\n+\n+echo \"Test for SCTP INIT Collision in nf_conntrack:\"\n+\n+topo_setup && conf_delay INIT\n+do_test\n+assert_pass \"The delayed INIT chunk did not disrupt sctp ct tracking.\"\n",
    "prefixes": []
}