netfilter: nft_last: copy content when cloning expression

ummakynes · ummakynes · commit 860e874290fb · 2023-03-01T17:23:23.000+01:00
If the ruleset contains last timestamps, restore them accordingly. Otherwise, listing after restoration shows never used items. Fixes: 33a24de ("netfilter: nft_last: move stateful fields out of expression data") Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
diff --git a/net/netfilter/nft_last.c b/net/netfilter/nft_last.c
@@ -105,11 +105,15 @@ static void nft_last_destroy(const struct nft_ctx *ctx,
 static int nft_last_clone(struct nft_expr *dst, const struct nft_expr *src)
 {
 	struct nft_last_priv *priv_dst = nft_expr_priv(dst);
+	struct nft_last_priv *priv_src = nft_expr_priv(src);
 
 	priv_dst->last = kzalloc(sizeof(*priv_dst->last), GFP_ATOMIC);
 	if (!priv_dst->last)
 		return -ENOMEM;
 
+	priv_dst->last->set = priv_src->last->set;
+	priv_dst->last->jiffies = priv_src->last->jiffies;
+
 	return 0;
 }
 

Original file line number	Diff line number	Diff line change
`@@ -105,11 +105,15 @@ static void nft_last_destroy(const struct nft_ctx *ctx,`
`105`	`105`	`static int nft_last_clone(struct nft_expr dst, const struct nft_expr src)`
`106`	`106`	`{`
`107`	`107`	`struct nft_last_priv *priv_dst = nft_expr_priv(dst);`
	`108`	`+ struct nft_last_priv *priv_src = nft_expr_priv(src);`
`108`	`109`
`109`	`110`	`priv_dst->last = kzalloc(sizeof(*priv_dst->last), GFP_ATOMIC);`
`110`	`111`	`if (!priv_dst->last)`
`111`	`112`	`return -ENOMEM;`
`112`	`113`
	`114`	`+ priv_dst->last->set = priv_src->last->set;`
	`115`	`+ priv_dst->last->jiffies = priv_src->last->jiffies;`
	`116`	`+`
`113`	`117`	`return 0;`
`114`	`118`	`}`
`115`	`119`