GET

Patch Detail

get:
Show a patch.

patch:
Update a patch.

put:
Update a patch.

GET /api/patches/2003665/?format=api
HTTP 200 OK
Allow: GET, PUT, PATCH, HEAD, OPTIONS
Content-Type: application/json
Vary: Accept

{
    "id": 2003665,
    "url": "http://patchwork.ozlabs.org/api/patches/2003665/?format=api",
    "web_url": "http://patchwork.ozlabs.org/project/openvswitch/patch/20241029101608.2991596-6-i.maximets@ovn.org/",
    "project": {
        "id": 47,
        "url": "http://patchwork.ozlabs.org/api/projects/47/?format=api",
        "name": "Open vSwitch",
        "link_name": "openvswitch",
        "list_id": "ovs-dev.openvswitch.org",
        "list_email": "ovs-dev@openvswitch.org",
        "web_url": "http://openvswitch.org/",
        "scm_url": "git@github.com:openvswitch/ovs.git",
        "webscm_url": "https://github.com/openvswitch/ovs",
        "list_archive_url": "",
        "list_archive_url_format": "",
        "commit_url_format": ""
    },
    "msgid": "<20241029101608.2991596-6-i.maximets@ovn.org>",
    "list_archive_url": null,
    "date": "2024-10-29T10:15:03",
    "name": "[ovs-dev,5/9] ipsec: libreswan: Avoid monitor hanging on stuck ipsec commands.",
    "commit_ref": null,
    "pull_url": null,
    "state": "changes-requested",
    "archived": false,
    "hash": "0122fcfb65bfe25819b403f0770fed8741b8bd13",
    "submitter": {
        "id": 76798,
        "url": "http://patchwork.ozlabs.org/api/people/76798/?format=api",
        "name": "Ilya Maximets",
        "email": "i.maximets@ovn.org"
    },
    "delegate": null,
    "mbox": "http://patchwork.ozlabs.org/project/openvswitch/patch/20241029101608.2991596-6-i.maximets@ovn.org/mbox/",
    "series": [
        {
            "id": 430270,
            "url": "http://patchwork.ozlabs.org/api/series/430270/?format=api",
            "web_url": "http://patchwork.ozlabs.org/project/openvswitch/list/?series=430270",
            "date": "2024-10-29T10:14:58",
            "name": "ipsec: Resiliency to Libreswan failures.",
            "version": 1,
            "mbox": "http://patchwork.ozlabs.org/series/430270/mbox/"
        }
    ],
    "comments": "http://patchwork.ozlabs.org/api/patches/2003665/comments/",
    "check": "success",
    "checks": "http://patchwork.ozlabs.org/api/patches/2003665/checks/",
    "tags": {},
    "related": [],
    "headers": {
        "Return-Path": "<ovs-dev-bounces@openvswitch.org>",
        "X-Original-To": [
            "incoming@patchwork.ozlabs.org",
            "ovs-dev@openvswitch.org"
        ],
        "Delivered-To": [
            "patchwork-incoming@legolas.ozlabs.org",
            "ovs-dev@lists.linuxfoundation.org"
        ],
        "Authentication-Results": [
            "legolas.ozlabs.org;\n spf=pass (sender SPF authorized) smtp.mailfrom=openvswitch.org\n (client-ip=2605:bc80:3010::138; helo=smtp1.osuosl.org;\n envelope-from=ovs-dev-bounces@openvswitch.org; receiver=patchwork.ozlabs.org)",
            "smtp2.osuosl.org;\n dmarc=none (p=none dis=none) header.from=ovn.org"
        ],
        "Received": [
            "from smtp1.osuosl.org (smtp1.osuosl.org [IPv6:2605:bc80:3010::138])\n\t(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)\n\t key-exchange X25519 server-signature ECDSA (secp384r1) server-digest SHA384)\n\t(No client certificate requested)\n\tby legolas.ozlabs.org (Postfix) with ESMTPS id 4Xd5l90nrqz1xwn\n\tfor <incoming@patchwork.ozlabs.org>; Tue, 29 Oct 2024 21:16:37 +1100 (AEDT)",
            "from localhost (localhost [127.0.0.1])\n\tby smtp1.osuosl.org (Postfix) with ESMTP id 7F5C98121F;\n\tTue, 29 Oct 2024 10:16:35 +0000 (UTC)",
            "from smtp1.osuosl.org ([127.0.0.1])\n by localhost (smtp1.osuosl.org [127.0.0.1]) (amavis, port 10024) with ESMTP\n id WfUkbkX8hGgn; Tue, 29 Oct 2024 10:16:32 +0000 (UTC)",
            "from lists.linuxfoundation.org (lf-lists.osuosl.org [140.211.9.56])\n\tby smtp1.osuosl.org (Postfix) with ESMTPS id 3E84581224;\n\tTue, 29 Oct 2024 10:16:32 +0000 (UTC)",
            "from lf-lists.osuosl.org (localhost [127.0.0.1])\n\tby lists.linuxfoundation.org (Postfix) with ESMTP id F072EC08A6;\n\tTue, 29 Oct 2024 10:16:31 +0000 (UTC)",
            "from smtp2.osuosl.org (smtp2.osuosl.org [140.211.166.133])\n by lists.linuxfoundation.org (Postfix) with ESMTP id 3C316C08B4\n for <ovs-dev@openvswitch.org>; Tue, 29 Oct 2024 10:16:30 +0000 (UTC)",
            "from localhost (localhost [127.0.0.1])\n by smtp2.osuosl.org (Postfix) with ESMTP id CD7D940AF6\n for <ovs-dev@openvswitch.org>; Tue, 29 Oct 2024 10:16:28 +0000 (UTC)",
            "from smtp2.osuosl.org ([127.0.0.1])\n by localhost (smtp2.osuosl.org [127.0.0.1]) (amavis, port 10024) with ESMTP\n id jw-deEy3zn4o for <ovs-dev@openvswitch.org>;\n Tue, 29 Oct 2024 10:16:27 +0000 (UTC)",
            "from mail-lf1-f65.google.com (mail-lf1-f65.google.com\n [209.85.167.65])\n by smtp2.osuosl.org (Postfix) with ESMTPS id 6E34340B01\n for <ovs-dev@openvswitch.org>; Tue, 29 Oct 2024 10:16:27 +0000 (UTC)",
            "by mail-lf1-f65.google.com with SMTP id\n 2adb3069b0e04-539f84907caso5596280e87.3\n for <ovs-dev@openvswitch.org>; Tue, 29 Oct 2024 03:16:27 -0700 (PDT)",
            "from im-t490s.redhat.com (ip-86-49-44-151.bb.vodafone.cz.\n [86.49.44.151]) by smtp.gmail.com with ESMTPSA id\n 5b1f17b1804b1-431b4594ec3sm20279685e9.1.2024.10.29.03.16.23\n (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);\n Tue, 29 Oct 2024 03:16:24 -0700 (PDT)"
        ],
        "X-Virus-Scanned": [
            "amavis at osuosl.org",
            "amavis at osuosl.org"
        ],
        "X-Comment": "SPF check N/A for local connections - client-ip=140.211.9.56;\n helo=lists.linuxfoundation.org;\n envelope-from=ovs-dev-bounces@openvswitch.org; receiver=<UNKNOWN> ",
        "DKIM-Filter": [
            "OpenDKIM Filter v2.11.0 smtp1.osuosl.org 3E84581224",
            "OpenDKIM Filter v2.11.0 smtp2.osuosl.org 6E34340B01"
        ],
        "Received-SPF": "Pass (mailfrom) identity=mailfrom; client-ip=209.85.167.65;\n helo=mail-lf1-f65.google.com; envelope-from=i.maximets.ovn@gmail.com;\n receiver=<UNKNOWN>",
        "DMARC-Filter": "OpenDMARC Filter v1.4.2 smtp2.osuosl.org 6E34340B01",
        "X-Google-DKIM-Signature": "v=1; a=rsa-sha256; c=relaxed/relaxed;\n d=1e100.net; s=20230601; t=1730196985; x=1730801785;\n h=content-transfer-encoding:mime-version:references:in-reply-to\n :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc\n :subject:date:message-id:reply-to;\n bh=ruUEmioI/vAPH/6Effwwy/4loMD2TIqW+V7yCVR/9Nk=;\n b=nsDkCm2e6slSGK/gJUodD7smuK7Q8cvnVmZbgeMW23XS6zZqXsZhhRyBmgjEwBKF9t\n M5QBiOsDZ/qaInXYpj9hyjM6WHSz7Ds4Ezsq6tvyPVZT1OyHVXGDxHdzEk+CHSgcxaSn\n xlK9JLKbgkz/xlk53CAaHlS+ZGo6QO3UM8VWIK5smRLOL5/lu+DJRqiCjN0JA3fc3j1T\n IGASB+fqzHOzwFwFuq3yZpZ+QWIjM/2ThvbD28Nh5/iw91ttBU0WVq2V044WekKKGwD3\n opNOZbsIjlUQ2YBZ/pJ1ChweeFOsL4wK8uDnA6iXEMTqexu0NMTtEpaBYZdRLayXdJmp\n 03Tg==",
        "X-Gm-Message-State": "AOJu0YwL/76r0pYne4pDgmd/roHkTdrulIcxRpnCtdPpN+Q7cSfUsuBR\n 1e9OfbVLLZ1y3WGjyj7h0++YadSTdIhMAn+22d0Ltfkezx0zh0TJ75IE2tAt",
        "X-Google-Smtp-Source": "\n AGHT+IGttqMo9aOxiNhWuJTdeTi0GBqKFN1PPTRnP/yOQTAPnAUMYzgxt8vp4TCr4U0iQOk9ubIc5Q==",
        "X-Received": "by 2002:a05:6512:3e26:b0:53b:2114:92a7 with SMTP id\n 2adb3069b0e04-53b34c8e61fmr5778743e87.52.1730196984488;\n Tue, 29 Oct 2024 03:16:24 -0700 (PDT)",
        "From": "Ilya Maximets <i.maximets@ovn.org>",
        "To": "ovs-dev@openvswitch.org",
        "Date": "Tue, 29 Oct 2024 11:15:03 +0100",
        "Message-ID": "<20241029101608.2991596-6-i.maximets@ovn.org>",
        "X-Mailer": "git-send-email 2.46.0",
        "In-Reply-To": "<20241029101608.2991596-1-i.maximets@ovn.org>",
        "References": "<20241029101608.2991596-1-i.maximets@ovn.org>",
        "MIME-Version": "1.0",
        "Subject": "[ovs-dev] [PATCH 5/9] ipsec: libreswan: Avoid monitor hanging on\n stuck ipsec commands.",
        "X-BeenThere": "ovs-dev@openvswitch.org",
        "X-Mailman-Version": "2.1.30",
        "Precedence": "list",
        "List-Id": "<ovs-dev.openvswitch.org>",
        "List-Unsubscribe": "<https://mail.openvswitch.org/mailman/options/ovs-dev>,\n <mailto:ovs-dev-request@openvswitch.org?subject=unsubscribe>",
        "List-Archive": "<http://mail.openvswitch.org/pipermail/ovs-dev/>",
        "List-Post": "<mailto:ovs-dev@openvswitch.org>",
        "List-Help": "<mailto:ovs-dev-request@openvswitch.org?subject=help>",
        "List-Subscribe": "<https://mail.openvswitch.org/mailman/listinfo/ovs-dev>,\n <mailto:ovs-dev-request@openvswitch.org?subject=subscribe>",
        "Cc": "Ilya Maximets <i.maximets@ovn.org>",
        "Content-Type": "text/plain; charset=\"us-ascii\"",
        "Content-Transfer-Encoding": "7bit",
        "Errors-To": "ovs-dev-bounces@openvswitch.org",
        "Sender": "\"dev\" <ovs-dev-bounces@openvswitch.org>"
    },
    "content": "Multiple versions of Libreswan have an issue where ipsec --start\ncommand may get stuck forever.  This issue affects many popular\nversions of Libreswan from 4.5 to 4.15, which are shipped in most\nmodern distributions.\n\nWhen ipsec --start gets stuck, ovs-monitor-ipsec hangs and can't do\nanything else, so not olny this one but all other tunnels are also\nnot being started.\n\nAdd a timeout to the subprocess call, so we do not wait forever.  Just\nintroduced reconciliation process will clean things up and will try to\nre-add this connection later.\n\nPluto may take a lot of time to process the --start request.  Notably,\nthe time depends on the retransmission timeout, which is 60 seconds by\ndefault.  However, even at high scale, it doesn't take much more than\nthat in tests.  So, 120 second timeout should be a reasonable default\nvalue.\n\nNote: it is observed in practice that the process doesn't actually\nterminate for a long time, so we can't afford waiting for it.\nThat's the main reason why we're not using the subprocess.run() with\na timeout option here (it would wait).  But also, because we'd had to\ncatch the exception anyway.\n\nReported-at: https://issues.redhat.com/browse/FDP-846\nSigned-off-by: Ilya Maximets <i.maximets@ovn.org>\n---\n ipsec/ovs-monitor-ipsec.in | 14 ++++++++++++--\n 1 file changed, 12 insertions(+), 2 deletions(-)",
    "diff": "diff --git a/ipsec/ovs-monitor-ipsec.in b/ipsec/ovs-monitor-ipsec.in\nindex 3b2057389..264b055e6 100755\n--- a/ipsec/ovs-monitor-ipsec.in\n+++ b/ipsec/ovs-monitor-ipsec.in\n@@ -82,6 +82,7 @@ vlog = ovs.vlog.Vlog(\"ovs-monitor-ipsec\")\n exiting = False\n monitor = None\n xfrm = None\n+TIEMOUT_EXPIRED = 37\n \n \n def run_command(args, description=None):\n@@ -94,7 +95,16 @@ def run_command(args, description=None):\n     vlog.dbg(\"Running %s\" % args)\n     proc = subprocess.Popen(args, stdout=subprocess.PIPE,\n                             stderr=subprocess.PIPE)\n-    pout, perr = proc.communicate()\n+    try:\n+        pout, perr = proc.communicate(timeout=120)\n+        ret = proc.returncode\n+    except subprocess.TimeoutExpired:\n+        vlog.warn(\"Command timed out trying to %s.\" % description)\n+        pout, perr = b'', b''\n+        # Just kill the process here.  We can't afford waiting for it,\n+        # as it may be stuck and may not actually be terminated.\n+        proc.kill()\n+        ret = TIEMOUT_EXPIRED\n \n     if proc.returncode or len(perr):\n         vlog.warn(\"Failed to %s; exit code: %d\"\n@@ -103,7 +113,7 @@ def run_command(args, description=None):\n         vlog.warn(\"stderr: %s\" % perr)\n         vlog.warn(\"stdout: %s\" % pout)\n \n-    return proc.returncode, pout or b'', perr or b''\n+    return ret, pout or b'', perr or b''\n \n \n class XFRM(object):\n",
    "prefixes": [
        "ovs-dev",
        "5/9"
    ]
}