netfilter: nft_limit: Clone packet limits' cost value

When cloning a packet-based limit expression, copy the cost value as well. Otherwise the new limit is not functional anymore. Fixes: 3b9e2ea ("netfilter: nft_limit: move stateful fields out of expression data") Signed-off-by: Phil Sutter <[email protected]> Signed-off-by: Pablo Neira Ayuso <[email protected]>
skryvets · May 26, 2022 · 558254b · 558254b
1 parent 5207780
commit 558254b
Showing 1 changed file with 2 additions and 0 deletions.
diff --git a/net/netfilter/nft_limit.c b/net/netfilter/nft_limit.c
@@ -213,6 +213,8 @@ static int nft_limit_pkts_clone(struct nft_expr *dst, const struct nft_expr *src
 	struct nft_limit_priv_pkts *priv_dst = nft_expr_priv(dst);
 	struct nft_limit_priv_pkts *priv_src = nft_expr_priv(src);
 
+	priv_dst->cost = priv_src->cost;
+
 	return nft_limit_clone(&priv_dst->limit, &priv_src->limit);
 }