diff options
| author | Eric Dumazet <dada1@cosmosbay.com> | 2007-12-12 14:11:28 -0500 |
|---|---|---|
| committer | David S. Miller <davem@sunset.davemloft.net> | 2007-12-14 16:54:36 -0500 |
| commit | cbebc51f7b77d26ec23145d6ef22ac2b209f7955 (patch) | |
| tree | ddbe440a884612cf1c957602749fb8994b1c3e87 /net | |
| parent | 9ab4c954ce2b2b3c485bee7e425fda05946893be (diff) | |
[NETFILTER]: xt_hashlimit should use time_after_eq()
In order to avoid jiffies wraparound and its effect, special care must
be taken
when doing comparisons ...
Signed-off-by: Eric Dumazet <dada1@cosmosbay.com>
Acked-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'net')
| -rw-r--r-- | net/netfilter/xt_hashlimit.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/net/netfilter/xt_hashlimit.c b/net/netfilter/xt_hashlimit.c index 19103678bf20..2ef44d8560c1 100644 --- a/net/netfilter/xt_hashlimit.c +++ b/net/netfilter/xt_hashlimit.c | |||
| @@ -240,7 +240,7 @@ static bool select_all(const struct xt_hashlimit_htable *ht, | |||
| 240 | static bool select_gc(const struct xt_hashlimit_htable *ht, | 240 | static bool select_gc(const struct xt_hashlimit_htable *ht, |
| 241 | const struct dsthash_ent *he) | 241 | const struct dsthash_ent *he) |
| 242 | { | 242 | { |
| 243 | return jiffies >= he->expires; | 243 | return time_after_eq(jiffies, he->expires); |
| 244 | } | 244 | } |
| 245 | 245 | ||
| 246 | static void htable_selective_cleanup(struct xt_hashlimit_htable *ht, | 246 | static void htable_selective_cleanup(struct xt_hashlimit_htable *ht, |