GET

Patch Detail

get:
Show a patch.

patch:
Update a patch.

put:
Update a patch.

GET /api/patches/2219064/?format=api
HTTP 200 OK
Allow: GET, PUT, PATCH, HEAD, OPTIONS
Content-Type: application/json
Vary: Accept

{
    "id": 2219064,
    "url": "http://patchwork.ozlabs.org/api/patches/2219064/?format=api",
    "web_url": "http://patchwork.ozlabs.org/project/netfilter-devel/patch/tencent_CA2C1C219C99D315086BE55E8654AF7E6009@qq.com/",
    "project": {
        "id": 26,
        "url": "http://patchwork.ozlabs.org/api/projects/26/?format=api",
        "name": "Netfilter Development",
        "link_name": "netfilter-devel",
        "list_id": "netfilter-devel.vger.kernel.org",
        "list_email": "netfilter-devel@vger.kernel.org",
        "web_url": null,
        "scm_url": null,
        "webscm_url": null,
        "list_archive_url": "",
        "list_archive_url_format": "",
        "commit_url_format": ""
    },
    "msgid": "<tencent_CA2C1C219C99D315086BE55E8654AF7E6009@qq.com>",
    "list_archive_url": null,
    "date": "2026-04-02T12:09:00",
    "name": "[net,v2] ipvs: fix MTU check for GSO packets in tunnel mode",
    "commit_ref": null,
    "pull_url": null,
    "state": "changes-requested",
    "archived": true,
    "hash": "d21e30254612521594fbef02010b2368a3787852",
    "submitter": {
        "id": 93032,
        "url": "http://patchwork.ozlabs.org/api/people/93032/?format=api",
        "name": "Yingnan Zhang",
        "email": "342144303@qq.com"
    },
    "delegate": null,
    "mbox": "http://patchwork.ozlabs.org/project/netfilter-devel/patch/tencent_CA2C1C219C99D315086BE55E8654AF7E6009@qq.com/mbox/",
    "series": [
        {
            "id": 498472,
            "url": "http://patchwork.ozlabs.org/api/series/498472/?format=api",
            "web_url": "http://patchwork.ozlabs.org/project/netfilter-devel/list/?series=498472",
            "date": "2026-04-02T12:09:00",
            "name": "[net,v2] ipvs: fix MTU check for GSO packets in tunnel mode",
            "version": 2,
            "mbox": "http://patchwork.ozlabs.org/series/498472/mbox/"
        }
    ],
    "comments": "http://patchwork.ozlabs.org/api/patches/2219064/comments/",
    "check": "pending",
    "checks": "http://patchwork.ozlabs.org/api/patches/2219064/checks/",
    "tags": {},
    "related": [],
    "headers": {
        "Return-Path": "\n <netfilter-devel+bounces-11585-incoming=patchwork.ozlabs.org@vger.kernel.org>",
        "X-Original-To": [
            "incoming@patchwork.ozlabs.org",
            "netfilter-devel@vger.kernel.org"
        ],
        "Delivered-To": "patchwork-incoming@legolas.ozlabs.org",
        "Authentication-Results": [
            "legolas.ozlabs.org;\n\tdkim=pass (1024-bit key;\n unprotected) header.d=qq.com header.i=@qq.com header.a=rsa-sha256\n header.s=s201512 header.b=GdvER3tJ;\n\tdkim-atps=neutral",
            "legolas.ozlabs.org;\n spf=pass (sender SPF authorized) smtp.mailfrom=vger.kernel.org\n (client-ip=2600:3c09:e001:a7::12fc:5321; helo=sto.lore.kernel.org;\n envelope-from=netfilter-devel+bounces-11585-incoming=patchwork.ozlabs.org@vger.kernel.org;\n receiver=patchwork.ozlabs.org)",
            "smtp.subspace.kernel.org;\n\tdkim=pass (1024-bit key) header.d=qq.com header.i=@qq.com header.b=\"GdvER3tJ\"",
            "smtp.subspace.kernel.org;\n arc=none smtp.client-ip=162.62.57.64",
            "smtp.subspace.kernel.org;\n dmarc=pass (p=quarantine dis=none) header.from=qq.com",
            "smtp.subspace.kernel.org;\n spf=pass smtp.mailfrom=qq.com"
        ],
        "Received": [
            "from sto.lore.kernel.org (sto.lore.kernel.org\n [IPv6:2600:3c09:e001:a7::12fc:5321])\n\t(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)\n\t key-exchange x25519)\n\t(No client certificate requested)\n\tby legolas.ozlabs.org (Postfix) with ESMTPS id 4fmgdn2lSdz1xtJ\n\tfor <incoming@patchwork.ozlabs.org>; Thu, 02 Apr 2026 23:09:49 +1100 (AEDT)",
            "from smtp.subspace.kernel.org (conduit.subspace.kernel.org\n [100.90.174.1])\n\tby sto.lore.kernel.org (Postfix) with ESMTP id 1F34B3004D19\n\tfor <incoming@patchwork.ozlabs.org>; Thu,  2 Apr 2026 12:09:41 +0000 (UTC)",
            "from localhost.localdomain (localhost.localdomain [127.0.0.1])\n\tby smtp.subspace.kernel.org (Postfix) with ESMTP id 4FA2A3DD51F;\n\tThu,  2 Apr 2026 12:09:34 +0000 (UTC)",
            "from out162-62-57-64.mail.qq.com (out162-62-57-64.mail.qq.com\n [162.62.57.64])\n\t(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))\n\t(No client certificate requested)\n\tby smtp.subspace.kernel.org (Postfix) with ESMTPS id 2EB11363C58;\n\tThu,  2 Apr 2026 12:09:29 +0000 (UTC)",
            "from CGG7X9MGDG.corp.ebay.com ([216.113.165.51])\n\tby newxmesmtplogicsvrsza63-0.qq.com (NewEsmtp) with SMTP\n\tid 2451F248; Thu, 02 Apr 2026 20:09:05 +0800"
        ],
        "ARC-Seal": "i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116;\n\tt=1775131773; cv=none;\n b=BbVNZbX3hkFE/z3K+EsOecvpButU2FoMb5FuD5sB6oVTDqxmJ89Xtgs8PzsMWKVFFgotF4bpBMTkP6z1vhfvGdpMXCGD+pjRcoAM36dJyPq8jKFdXkW3bWyuIDvhq3dp6IHo0Mc/qyMvW6OCTRoyw2n/v4C/6r3bLy3LsVWo7Qw=",
        "ARC-Message-Signature": "i=1; a=rsa-sha256; d=subspace.kernel.org;\n\ts=arc-20240116; t=1775131773; c=relaxed/simple;\n\tbh=b+9L5LQLOhav8R2arLAKnEpdDRfvsoNAdIw1w5wHpFQ=;\n\th=Message-ID:From:To:Cc:Subject:Date:MIME-Version;\n b=f/bvwD0wGtjg2oHR90Y/I96isCgGwklABA53JR0jpmZ3L/qtH3Qz+eFqJwzKZrKKdrLwsorStjMN9r+ljEVceX+eLSHyUZjNC+KY35DPcVQHk72H4Vo8xVRHbX3rfgDYuPSEnvOyTLUM4xZONbdpkkop8lEHvu4U0/T9GmRnWHo=",
        "ARC-Authentication-Results": "i=1; smtp.subspace.kernel.org;\n dmarc=pass (p=quarantine dis=none) header.from=qq.com;\n spf=pass smtp.mailfrom=qq.com;\n dkim=pass (1024-bit key) header.d=qq.com header.i=@qq.com header.b=GdvER3tJ;\n arc=none smtp.client-ip=162.62.57.64",
        "DKIM-Signature": "v=1; a=rsa-sha256; c=relaxed/relaxed; d=qq.com; s=s201512;\n\tt=1775131760; bh=RmtlHvZOwAie1YTRTwuhFcaBQSJO8/cIioGvkZTYkAQ=;\n\th=From:To:Cc:Subject:Date;\n\tb=GdvER3tJgPktadJ/C2Sj+6nvGUyjpkj3uBQFCOa38PFOV5/m6rqCsCuMBf8PDK4Qj\n\t fcGXumyqbdEH9onzKy93+EOH5u+Tf5yXydAyg0NE6dpzyUe2rYHsMGIZUoQGp3z+cB\n\t 8a0P9j+LegJPdPAB4SH4gvyrOI7FYlb31DWfDrEs=",
        "X-QQ-mid": "xmsmtpt1775131745trvi87vni",
        "Message-ID": "<tencent_CA2C1C219C99D315086BE55E8654AF7E6009@qq.com>",
        "X-QQ-XMAILINFO": "NnBlO8MsmACrsUteY4DPMPgKLxLK4Dw2HrnUpXbtSd7EXOMYELykBPLuHvPjEV\n\t j8GwAHDEnuRMlN6+iZksg0YafnLCSCySK+qzG4anB4atJxpkFZlY583XRANwLvOSLkgEteAvggsG\n\t 9fSg1rlwaN5NROtov1xdVfTDs5SsS4/zjtXuPY+uoilTfqt6s/utfVcZgHoFMp0IoAzCr4lVqqxq\n\t 1/q/rehsUM2l2dkdy8RA2WEHH+OT7qhj0MbhzSrGH+W3reQQNRLvav5JvMBiXLzWKeF0fw2bY/jq\n\t CGW3goyp/BExnzwfMZCQMcVzTBmdesTYRQ+0Fs5t/vrsj8lEPa30ycyB7uHV6Tkg4xO4BrEqlcw7\n\t sn1L4f7gJ78dz0eivC28rygpoHo9WBLCurJZ1ZpXmDoGDEjmia5OKYzThKKP8Eb5NwCVreBMqoU9\n\t 6zngNP4T3wZZkDagZKSJg8uQt6xGCJr5VJN9+32rrRlbcAjmEt5RX9AtPIbS1v214RNqEZDy9BOc\n\t /jSCu1kecUYW2tr2Ya6vuXC32e2Ld0+2PgGW1vpJKx6zvuMLnoAxK0tWXSTOVgRX6UVpXyfyOyas\n\t nOX8e3cwJ3rf2lTxHNnpq4CQ08tht+/1ZyNZq6Fqy8gNy1YUGZAvWA9OvM5Dz/a4AHwhGvzuT8UH\n\t Eq+c9+wZN4epZ4kJjhiPKCfGeqSmgkB+gyVnGTYA2pna8w9E+egCt+3Wsnwh4Lo7pfwVdmYum4vx\n\t tnWZ+i4cSTlWdyLXXRjoGOz5Fe/QgKkUKEenqYoGpfDZ61A7gJKeQZU7X7lzQKrLC+c0An0Mb2Fl\n\t 28Qd8NrCeZF0d8ThMV+1SkLulrshHZN/hlBarcVGKBx0u7GtHxo+52a0mihv/rwNVQMJGaiJ73Un\n\t lNBHEwrGPiwMA40fhY9ieX38/15ZfN+t/Gz9SwO8/kwmsOYD0hj/0XKqzSZKNWvGvHNenCwgK3hH\n\t 9zs3ZgzYu3qF0duukiH2q5cE0lhg/tMBIr9lUUDbe0q+cjZhbeWi1W/oF+pKoipAjjuWhLvJZMOE\n\t d3Jp6son2bbPAEl5MqpBQu0DHL5H7EUGuD+E+OIQ==",
        "X-QQ-XMRINFO": "Nq+8W0+stu50tPAe92KXseR0ZZmBTk3gLg==",
        "From": "Yingnan Zhang <342144303@qq.com>",
        "To": "horms@verge.net.au,\n\tja@ssi.bg",
        "Cc": "pablo@netfilter.org,\n\tfw@strlen.de,\n\tphil@nwl.cc,\n\tdavem@davemloft.net,\n\tedumazet@google.com,\n\tkuba@kernel.org,\n\tpabeni@redhat.com,\n\tnetdev@vger.kernel.org,\n\tlvs-devel@vger.kernel.org,\n\tnetfilter-devel@vger.kernel.org,\n\tcoreteam@netfilter.org,\n\tlinux-kernel@vger.kernel.org,\n\tYingnan Zhang <342144303@qq.com>",
        "Subject": "[PATCH net v2] ipvs: fix MTU check for GSO packets in tunnel mode",
        "Date": "Thu,  2 Apr 2026 20:09:00 +0800",
        "X-OQ-MSGID": "<20260402120900.49778-1-342144303@qq.com>",
        "X-Mailer": "git-send-email 2.51.0",
        "Precedence": "bulk",
        "X-Mailing-List": "netfilter-devel@vger.kernel.org",
        "List-Id": "<netfilter-devel.vger.kernel.org>",
        "List-Subscribe": "<mailto:netfilter-devel+subscribe@vger.kernel.org>",
        "List-Unsubscribe": "<mailto:netfilter-devel+unsubscribe@vger.kernel.org>",
        "MIME-Version": "1.0",
        "Content-Transfer-Encoding": "8bit"
    },
    "content": "Currently, IPVS skips MTU checks for GSO packets by excluding them with\nthe !skb_is_gso(skb) condition in both IPv4 and IPv6 code paths. This\ncreates problems when IPVS tunnel mode encapsulates GSO packets with\nIPIP or IPv6 tunnel headers.\n\nThe issue manifests in two ways:\n\n1. MTU violation after encapsulation:\n   When a GSO packet passes through IPVS tunnel mode, the original MTU\n   check is bypassed. After adding the tunnel header, the packet size\n   may exceed the outgoing interface MTU, leading to unexpected\n   fragmentation at the IP layer.\n\n2. Fragmentation with problematic IP IDs:\n   When net.ipv4.vs.pmtu_disc=1 and a GSO packet with multiple segments\n   is fragmented after encapsulation, each segment gets a sequentially\n   incremented IP ID (0, 1, 2, ...). This happens because:\n\n   a) The GSO packet bypasses MTU check and gets encapsulated\n   b) At __ip_finish_output, the oversized GSO packet is split into\n      separate SKBs (one per segment), with IP IDs incrementing\n   c) Each SKB is then fragmented again based on the actual MTU\n\n   This sequential IP ID allocation differs from the expected behavior\n   and can cause issues with fragment reassembly and packet tracking.\n\nFix this by removing the GSO packet exception from the MTU check in both\nIPv4 and IPv6 paths, and properly validating GSO packets using\nskb_gso_validate_network_len(). The condition is refactored to avoid\ncode duplication.\n\nFixes: 4cdd34084d53 (\"netfilter: nf_conntrack_ipv6: improve fragmentation handling\")\nSigned-off-by: Yingnan Zhang <342144303@qq.com>\n---\nChanges in v2:\n- Added IPv6 fix in __mtu_check_toobig_v6() per Julian's review\n- Refactored to avoid code duplication per Julian's suggestion\n- Applied same validation pattern to both IPv4 and IPv6 paths\n\nv1: https://lore.kernel.org/netdev/20260401152228.31190-1-342144303@qq.com/\n\n net/netfilter/ipvs/ip_vs_xmit.c | 8 +++++---\n 1 file changed, 5 insertions(+), 3 deletions(-)",
    "diff": "diff --git a/net/netfilter/ipvs/ip_vs_xmit.c b/net/netfilter/ipvs/ip_vs_xmit.c\nindex 3601eb86d..ac2ad7518 100644\n--- a/net/netfilter/ipvs/ip_vs_xmit.c\n+++ b/net/netfilter/ipvs/ip_vs_xmit.c\n@@ -112,7 +112,8 @@ __mtu_check_toobig_v6(const struct sk_buff *skb, u32 mtu)\n \t\tif (IP6CB(skb)->frag_max_size > mtu)\n \t\t\treturn true; /* largest fragment violate MTU */\n \t}\n-\telse if (skb->len > mtu && !skb_is_gso(skb)) {\n+\t} else if (skb->len > mtu &&\n+\t\t   !(skb_is_gso(skb) && skb_gso_validate_network_len(skb, mtu))) {\n \t\treturn true; /* Packet size violate MTU size */\n \t}\n \treturn false;\n@@ -232,8 +233,9 @@ static inline bool ensure_mtu_is_adequate(struct netns_ipvs *ipvs, int skb_af,\n \t\t\treturn true;\n \n \t\tif (unlikely(ip_hdr(skb)->frag_off & htons(IP_DF) &&\n-\t\t\t     skb->len > mtu && !skb_is_gso(skb) &&\n-\t\t\t     !ip_vs_iph_icmp(ipvsh))) {\n+\t\t     skb->len > mtu && !ip_vs_iph_icmp(ipvsh) &&\n+\t\t     !(skb_is_gso(skb) &&\n+\t\t       skb_gso_validate_network_len(skb, mtu)))) {\n \t\t\ticmp_send(skb, ICMP_DEST_UNREACH, ICMP_FRAG_NEEDED,\n \t\t\t\t  htonl(mtu));\n \t\t\tIP_VS_DBG(1, \"frag needed for %pI4\\n\",\n",
    "prefixes": [
        "net",
        "v2"
    ]
}