summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorEric Dumazet <dada1@cosmosbay.com>2007-12-12 20:11:28 +0100
committerDavid S. Miller <davem@sunset.davemloft.net>2007-12-14 22:54:36 +0100
commitcbebc51f7b77d26ec23145d6ef22ac2b209f7955 (patch)
treeddbe440a884612cf1c957602749fb8994b1c3e87
parent[XFRM]: Display the audited SPI value in host byte order. (diff)
downloadlinux-cbebc51f7b77d26ec23145d6ef22ac2b209f7955.tar.xz
linux-cbebc51f7b77d26ec23145d6ef22ac2b209f7955.zip
[NETFILTER]: xt_hashlimit should use time_after_eq()
In order to avoid jiffies wraparound and its effect, special care must be taken when doing comparisons ... Signed-off-by: Eric Dumazet <dada1@cosmosbay.com> Acked-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net>
-rw-r--r--net/netfilter/xt_hashlimit.c2
1 files changed, 1 insertions, 1 deletions
diff --git a/net/netfilter/xt_hashlimit.c b/net/netfilter/xt_hashlimit.c
index 19103678bf20..2ef44d8560c1 100644
--- a/net/netfilter/xt_hashlimit.c
+++ b/net/netfilter/xt_hashlimit.c
@@ -240,7 +240,7 @@ static bool select_all(const struct xt_hashlimit_htable *ht,
static bool select_gc(const struct xt_hashlimit_htable *ht,
const struct dsthash_ent *he)
{
- return jiffies >= he->expires;
+ return time_after_eq(jiffies, he->expires);
}
static void htable_selective_cleanup(struct xt_hashlimit_htable *ht,