From: Eric Dumazet Date: Wed, 12 Dec 2007 19:11:28 +0000 (-0800) Subject: [NETFILTER]: xt_hashlimit should use time_after_eq() X-Git-Url: https://git.stricted.de/?a=commitdiff_plain;h=cbebc51f7b77d26ec23145d6ef22ac2b209f7955;p=GitHub%2Fexynos8895%2Fandroid_kernel_samsung_universal8895.git [NETFILTER]: xt_hashlimit should use time_after_eq() In order to avoid jiffies wraparound and its effect, special care must be taken when doing comparisons ... Signed-off-by: Eric Dumazet Acked-by: Patrick McHardy Signed-off-by: David S. Miller --- diff --git a/net/netfilter/xt_hashlimit.c b/net/netfilter/xt_hashlimit.c index 19103678bf20..2ef44d8560c1 100644 --- a/net/netfilter/xt_hashlimit.c +++ b/net/netfilter/xt_hashlimit.c @@ -240,7 +240,7 @@ static bool select_all(const struct xt_hashlimit_htable *ht, static bool select_gc(const struct xt_hashlimit_htable *ht, const struct dsthash_ent *he) { - return jiffies >= he->expires; + return time_after_eq(jiffies, he->expires); } static void htable_selective_cleanup(struct xt_hashlimit_htable *ht,