From: Daniel Borkmann <dan...@iogearbox.net>
Date: Fri, 4 Nov 2016 00:56:31 +0100
> In map_create(), we first find and create the map, then once that
> suceeded, we charge it to the user's RLIMIT_MEMLOCK, and then fetch
> a new anon fd through anon_inode_getfd(). The problem is, once the
> latter fails f.e. due to RLIMIT_NOFILE limit, then we only destruct
> the map via map->ops->map_free(), but without uncharging the previously
> locked memory first. That means that the user_struct allocation is
> leaked as well as the accounted RLIMIT_MEMLOCK memory not released.
> Make the label names in the fix consistent with bpf_prog_load().
>
> Fixes: aaac3ba95e4c ("bpf: charge user for creation of BPF maps and programs")
> Signed-off-by: Daniel Borkmann <dan...@iogearbox.net>
> Acked-by: Alexei Starovoitov <a...@kernel.org>
Applied and queued up for -stable.
