tjh.dev / kernel
Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel os linux
fork atom

netfilter: nft_limit: Clone packet limits' cost value

When cloning a packet-based limit expression, copy the cost value as
well. Otherwise the new limit is not functional anymore.

Fixes: 3b9e2ea6c11bf ("netfilter: nft_limit: move stateful fields out of expression data")
Signed-off-by: Phil Sutter <phil@nwl.cc>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>

authored by

Phil Sutter and committed by
Pablo Neira Ayuso 558254b0 52077804

+2
+2
net/netfilter/nft_limit.c
··· 213 213 struct nft_limit_priv_pkts *priv_dst = nft_expr_priv(dst); 214 214 struct nft_limit_priv_pkts *priv_src = nft_expr_priv(src); 215 215 216 + priv_dst->cost = priv_src->cost; 217 + 216 218 return nft_limit_clone(&priv_dst->limit, &priv_src->limit); 217 219 } 218 220