From: Patrick McHardy <kaber@trash.net>
To: "David S. Miller" <davem@davemloft.net>
Cc: Netfilter Development Mailinglist <netfilter-devel@lists.netfilter.org>
Subject: [NETFILTER 2.6.18 3/3]: hashlimit match: fix random initialization
Date: Thu, 08 Jun 2006 09:12:01 +0200 [thread overview]
Message-ID: <4487CDC1.5060806@trash.net> (raw)
[-- Attachment #1: 03.diff --]
[-- Type: text/plain, Size: 1758 bytes --]
[NETFILTER]: hashlimit match: fix random initialization
hashlimit does:
if (!ht->rnd)
get_random_bytes(&ht->rnd, 4);
ignoring that 0 is also a valid random number.
Signed-off-by: Patrick McHardy <kaber@trash.net>
---
commit f42a39846047e78d30c913270125bed2e0c5a0da
tree a875d2fb478ecaa405810a020ee4af61fa5c42f1
parent b010cc3184ce7cb65a9865ae52ec2ce6f3fe4c9d
author Patrick McHardy <kaber@trash.net> Thu, 01 Jun 2006 20:43:40 +0200
committer Patrick McHardy <kaber@trash.net> Thu, 01 Jun 2006 20:43:40 +0200
net/ipv4/netfilter/ipt_hashlimit.c | 7 +++++--
1 files changed, 5 insertions(+), 2 deletions(-)
diff --git a/net/ipv4/netfilter/ipt_hashlimit.c b/net/ipv4/netfilter/ipt_hashlimit.c
index 85edfb7..92980ab 100644
--- a/net/ipv4/netfilter/ipt_hashlimit.c
+++ b/net/ipv4/netfilter/ipt_hashlimit.c
@@ -80,6 +80,7 @@ struct ipt_hashlimit_htable {
/* used internally */
spinlock_t lock; /* lock for list_head */
u_int32_t rnd; /* random seed for hash */
+ int rnd_initialized;
struct timer_list timer; /* timer for gc */
atomic_t count; /* number entries in table */
@@ -134,8 +135,10 @@ __dsthash_alloc_init(struct ipt_hashlimi
/* initialize hash with random val at the time we allocate
* the first hashtable entry */
- if (!ht->rnd)
+ if (!ht->rnd_initialized) {
get_random_bytes(&ht->rnd, 4);
+ ht->rnd_initialized = 1;
+ }
if (ht->cfg.max &&
atomic_read(&ht->count) >= ht->cfg.max) {
@@ -214,7 +217,7 @@ static int htable_create(struct ipt_hash
atomic_set(&hinfo->count, 0);
atomic_set(&hinfo->use, 1);
- hinfo->rnd = 0;
+ hinfo->rnd_initialized = 0;
spin_lock_init(&hinfo->lock);
hinfo->pde = create_proc_entry(minfo->name, 0, hashlimit_procdir);
if (!hinfo->pde) {
reply other threads:[~2006-06-08 7:12 UTC|newest]
Thread overview: [no followups] expand[flat|nested] mbox.gz Atom feed
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=4487CDC1.5060806@trash.net \
--to=kaber@trash.net \
--cc=davem@davemloft.net \
--cc=netfilter-devel@lists.netfilter.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.