netfilter: xt_hashlimit: fix race that results in duplicated entries
authorPablo Neira Ayuso <pablo@netfilter.org>
Mon, 24 Dec 2012 12:09:25 +0000 (13:09 +0100)
committerGreg Kroah-Hartman <gregkh@linuxfoundation.org>
Mon, 4 Feb 2013 00:27:07 +0000 (18:27 -0600)
commite9be8ff2dc372797024d2ddf92c7218d75fe2f82
tree0936a287cff84222afb08789e7d6c08fe0bf2a22
parent30eb9ef340b168fda569ad288404cc82ba7da90c
netfilter: xt_hashlimit: fix race that results in duplicated entries

commit 09181842b000344b1205801df3aa5b726c03cc62 upstream.

Two packets may race to create the same entry in the hashtable,
double check if this packet lost race. This double checking only
happens in the path of the packet that creates the hashtable for
first time.

Note that, with this patch, no packet drops occur if the race happens.

Reported-by: Feng Gao <gfree.wind@gmail.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
net/netfilter/xt_hashlimit.c