{"id":2229770,"url":"http://patchwork.ozlabs.org/api/1.1/patches/2229770/?format=json","web_url":"http://patchwork.ozlabs.org/project/netfilter-devel/patch/20260428173803.14100-1-fw@strlen.de/","project":{"id":26,"url":"http://patchwork.ozlabs.org/api/1.1/projects/26/?format=json","name":"Netfilter Development","link_name":"netfilter-devel","list_id":"netfilter-devel.vger.kernel.org","list_email":"netfilter-devel@vger.kernel.org","web_url":null,"scm_url":null,"webscm_url":null},"msgid":"<20260428173803.14100-1-fw@strlen.de>","date":"2026-04-28T17:37:57","name":"[nf] netfilter: xt_CT: fix usersize for v1 and v2 revision","commit_ref":null,"pull_url":null,"state":"new","archived":false,"hash":"32dcd2d1174b34b37d7b68431026609e9ee46353","submitter":{"id":1025,"url":"http://patchwork.ozlabs.org/api/1.1/people/1025/?format=json","name":"Florian Westphal","email":"fw@strlen.de"},"delegate":null,"mbox":"http://patchwork.ozlabs.org/project/netfilter-devel/patch/20260428173803.14100-1-fw@strlen.de/mbox/","series":[{"id":501911,"url":"http://patchwork.ozlabs.org/api/1.1/series/501911/?format=json","web_url":"http://patchwork.ozlabs.org/project/netfilter-devel/list/?series=501911","date":"2026-04-28T17:37:57","name":"[nf] netfilter: xt_CT: fix usersize for v1 and v2 revision","version":1,"mbox":"http://patchwork.ozlabs.org/series/501911/mbox/"}],"comments":"http://patchwork.ozlabs.org/api/patches/2229770/comments/","check":"pending","checks":"http://patchwork.ozlabs.org/api/patches/2229770/checks/","tags":{},"headers":{"Return-Path":"\n <netfilter-devel+bounces-12263-incoming=patchwork.ozlabs.org@vger.kernel.org>","X-Original-To":["incoming@patchwork.ozlabs.org","netfilter-devel@vger.kernel.org"],"Delivered-To":"patchwork-incoming@legolas.ozlabs.org","Authentication-Results":["legolas.ozlabs.org;\n spf=pass (sender SPF authorized) smtp.mailfrom=vger.kernel.org\n (client-ip=2600:3c0a:e001:db::12fc:5321; helo=sea.lore.kernel.org;\n envelope-from=netfilter-devel+bounces-12263-incoming=patchwork.ozlabs.org@vger.kernel.org;\n receiver=patchwork.ozlabs.org)","smtp.subspace.kernel.org;\n arc=none smtp.client-ip=91.216.245.30","smtp.subspace.kernel.org;\n dmarc=none (p=none dis=none) header.from=strlen.de","smtp.subspace.kernel.org;\n spf=pass smtp.mailfrom=Chamillionaire.breakpoint.cc"],"Received":["from sea.lore.kernel.org (sea.lore.kernel.org\n [IPv6:2600:3c0a:e001:db::12fc:5321])\n\t(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)\n\t key-exchange x25519)\n\t(No client certificate requested)\n\tby legolas.ozlabs.org (Postfix) with ESMTPS id 4g4nk41hTdz1xrS\n\tfor <incoming@patchwork.ozlabs.org>; Wed, 29 Apr 2026 03:39:24 +1000 (AEST)","from smtp.subspace.kernel.org (conduit.subspace.kernel.org\n [100.90.174.1])\n\tby sea.lore.kernel.org (Postfix) with ESMTP id 0CA71301951F\n\tfor <incoming@patchwork.ozlabs.org>; Tue, 28 Apr 2026 17:38:43 +0000 (UTC)","from localhost.localdomain (localhost.localdomain [127.0.0.1])\n\tby smtp.subspace.kernel.org (Postfix) with ESMTP id 6264A44CF25;\n\tTue, 28 Apr 2026 17:38:42 +0000 (UTC)","from Chamillionaire.breakpoint.cc (Chamillionaire.breakpoint.cc\n [91.216.245.30])\n\t(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))\n\t(No client certificate requested)\n\tby smtp.subspace.kernel.org (Postfix) with ESMTPS id 198D2328B71\n\tfor <netfilter-devel@vger.kernel.org>; Tue, 28 Apr 2026 17:38:37 +0000 (UTC)","by Chamillionaire.breakpoint.cc (Postfix, from userid 1003)\n\tid C857460420; Tue, 28 Apr 2026 19:38:29 +0200 (CEST)"],"ARC-Seal":"i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116;\n\tt=1777397922; cv=none;\n b=osBPsQIifrjSG7p7I4C4EGNg97Oz9SJt8qZ3s775AXWhXIqX4ZjJ1qQty1vOS0oNUx5DCHbKt/FgfzOi9ayJVBW5kY5eyjkeICZ6AYbwv/xjfdeQ+3h8DQEgvjKs35bjzpa1mzR79GjOnIy4rScKa3dT+7GqAHqnnukUIdii0N4=","ARC-Message-Signature":"i=1; a=rsa-sha256; d=subspace.kernel.org;\n\ts=arc-20240116; t=1777397922; c=relaxed/simple;\n\tbh=PKbfCDOi3rxVdzhMcSLz7Lur94PMNKTcygmMMeCbFXQ=;\n\th=From:To:Cc:Subject:Date:Message-ID:MIME-Version;\n b=RifeReswJ08t47b7gj7suvKS/keC1uGUA0to4cxLSPNgQ/H1fbexMU1CRZ3zm6BpJpwsEkjfCDVrlai6q35m8GuH/FboQwucdU/uSek9RggAdDaSdbBq4TO/FOgps5BI6/YZW3ep2jhqsLfIHE3++qn4EY3mifC3f6eDhJpYwOY=","ARC-Authentication-Results":"i=1; smtp.subspace.kernel.org;\n dmarc=none (p=none dis=none) header.from=strlen.de;\n spf=pass smtp.mailfrom=Chamillionaire.breakpoint.cc;\n arc=none smtp.client-ip=91.216.245.30","From":"Florian Westphal <fw@strlen.de>","To":"<netfilter-devel@vger.kernel.org>","Cc":"Florian Westphal <fw@strlen.de>","Subject":"[PATCH nf] netfilter: xt_CT: fix usersize for v1 and v2 revision","Date":"Tue, 28 Apr 2026 19:37:57 +0200","Message-ID":"<20260428173803.14100-1-fw@strlen.de>","X-Mailer":"git-send-email 2.53.0","Precedence":"bulk","X-Mailing-List":"netfilter-devel@vger.kernel.org","List-Id":"<netfilter-devel.vger.kernel.org>","List-Subscribe":"<mailto:netfilter-devel+subscribe@vger.kernel.org>","List-Unsubscribe":"<mailto:netfilter-devel+unsubscribe@vger.kernel.org>","MIME-Version":"1.0","Content-Transfer-Encoding":"8bit"},"content":"While resurrecting the conntrack-tool test cases I found following bug:\nIn:\niptables -I OUTPUT -t raw -p 13 -j CT --timeout test-generic\nOut:\n[0:0] -A OUTPUT -p 13 -j CT --timeout test\n\nData after first four bytes of the timeout policy name is never\ncopied to userspace because its treated as kernel-only.\n\nFixes: ec2318904965 (\"xtables: extend matches and targets with .usersize\")\nSigned-off-by: Florian Westphal <fw@strlen.de>\n---\n net/netfilter/xt_CT.c | 8 ++++----\n 1 file changed, 4 insertions(+), 4 deletions(-)","diff":"diff --git a/net/netfilter/xt_CT.c b/net/netfilter/xt_CT.c\nindex 498f5871c84a..d2aeacf94230 100644\n--- a/net/netfilter/xt_CT.c\n+++ b/net/netfilter/xt_CT.c\n@@ -354,7 +354,7 @@ static struct xt_target xt_ct_tg_reg[] __read_mostly = {\n \t\t.family\t\t= NFPROTO_IPV4,\n \t\t.revision\t= 1,\n \t\t.targetsize\t= sizeof(struct xt_ct_target_info_v1),\n-\t\t.usersize\t= offsetof(struct xt_ct_target_info, ct),\n+\t\t.usersize\t= offsetof(struct xt_ct_target_info_v1, ct),\n \t\t.checkentry\t= xt_ct_tg_check_v1,\n \t\t.destroy\t= xt_ct_tg_destroy_v1,\n \t\t.target\t\t= xt_ct_target_v1,\n@@ -366,7 +366,7 @@ static struct xt_target xt_ct_tg_reg[] __read_mostly = {\n \t\t.family\t\t= NFPROTO_IPV4,\n \t\t.revision\t= 2,\n \t\t.targetsize\t= sizeof(struct xt_ct_target_info_v1),\n-\t\t.usersize\t= offsetof(struct xt_ct_target_info, ct),\n+\t\t.usersize\t= offsetof(struct xt_ct_target_info_v1, ct),\n \t\t.checkentry\t= xt_ct_tg_check_v2,\n \t\t.destroy\t= xt_ct_tg_destroy_v1,\n \t\t.target\t\t= xt_ct_target_v1,\n@@ -398,7 +398,7 @@ static struct xt_target xt_ct_tg_reg[] __read_mostly = {\n \t\t.family\t\t= NFPROTO_IPV6,\n \t\t.revision\t= 1,\n \t\t.targetsize\t= sizeof(struct xt_ct_target_info_v1),\n-\t\t.usersize\t= offsetof(struct xt_ct_target_info, ct),\n+\t\t.usersize\t= offsetof(struct xt_ct_target_info_v1, ct),\n \t\t.checkentry\t= xt_ct_tg_check_v1,\n \t\t.destroy\t= xt_ct_tg_destroy_v1,\n \t\t.target\t\t= xt_ct_target_v1,\n@@ -410,7 +410,7 @@ static struct xt_target xt_ct_tg_reg[] __read_mostly = {\n \t\t.family\t\t= NFPROTO_IPV6,\n \t\t.revision\t= 2,\n \t\t.targetsize\t= sizeof(struct xt_ct_target_info_v1),\n-\t\t.usersize\t= offsetof(struct xt_ct_target_info, ct),\n+\t\t.usersize\t= offsetof(struct xt_ct_target_info_v1, ct),\n \t\t.checkentry\t= xt_ct_tg_check_v2,\n \t\t.destroy\t= xt_ct_tg_destroy_v1,\n \t\t.target\t\t= xt_ct_target_v1,\n","prefixes":["nf"]}