[NETFILTER]: xt_hashlimit should use time_after_eq()

In order to avoid jiffies wraparound and its effect, special care must be taken when doing comparisons ... Signed-off-by: Eric Dumazet <dada1@cosmosbay.com> Acked-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net>

[NETFILTER]: xt_hashlimit should use time_after_eq()
In order to avoid jiffies wraparound and its effect, special care must be taken when doing comparisons ... Signed-off-by: Eric Dumazet <dada1@cosmosbay.com> Acked-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net>
Eric Dumazet · David S. Miller
1 parent 9ab4c954ce
Showing 1 changed file with 1 additions and 1 deletions Side-by-side Diff
net/netfilter/xt_hashlimit.c
@@ -240,7 +240,7 @@
 static bool select_gc(const struct xt_hashlimit_htable *ht,
 		      const struct dsthash_ent *he)
 {
-	return jiffies >= he->expires;
+	return time_after_eq(jiffies, he->expires);
 }
  
 static void htable_selective_cleanup(struct xt_hashlimit_htable *ht,
...	...	@@ -240,7 +240,7 @@
240	240	static bool select_gc(const struct xt_hashlimit_htable *ht,
241	241	const struct dsthash_ent *he)
242	242	{
243		- return jiffies >= he->expires;
	243	+ return time_after_eq(jiffies, he->expires);
244	244	}
245	245
246	246	static void htable_selective_cleanup(struct xt_hashlimit_htable *ht,