1 files changed, 2 insertions, 2 deletions
diff --git a/security/yama/yama_lsm.c b/security/yama/yama_lsm.c
index c852f7472ad0..83554ee8a587 100644
--- a/security/yama/yama_lsm.c
+++ b/security/yama/yama_lsm.c
@@ -264,11 +264,11 @@ static int yama_ptrace_access_check(struct task_struct *child,
                case YAMA_SCOPE_RELATIONAL:
                        if (!task_is_descendant(current, child) &&
                            !ptracer_exception_found(current, child) &&
-                            !capable(CAP_SYS_PTRACE))
+                            !ns_capable(task_user_ns(child), CAP_SYS_PTRACE))
                                rc = -EPERM;
                        break;
                case YAMA_SCOPE_CAPABILITY:
-                        if (!capable(CAP_SYS_PTRACE))
+                        if (!ns_capable(task_user_ns(child), CAP_SYS_PTRACE))
                                rc = -EPERM;
                        break;
                case YAMA_SCOPE_NO_ATTACH:

diff --git a/security/yama/yama_lsm.c b/security/yama/yama_lsm.c index c852f7472ad0..83554ee8a587 100644 --- a/security/yama/yama_lsm.c +++ b/security/yama/yama_lsm.c
@@ -264,11 +264,11 @@ static int yama_ptrace_access_check(struct task_struct *child,
264	case YAMA_SCOPE_RELATIONAL:	264	case YAMA_SCOPE_RELATIONAL:
265	if (!task_is_descendant(current, child) &&	265	if (!task_is_descendant(current, child) &&
266	!ptracer_exception_found(current, child) &&	266	!ptracer_exception_found(current, child) &&
267	!capable(CAP_SYS_PTRACE))	267	!ns_capable(task_user_ns(child), CAP_SYS_PTRACE))
268	rc = -EPERM;	268	rc = -EPERM;
269	break;	269	break;
270	case YAMA_SCOPE_CAPABILITY:	270	case YAMA_SCOPE_CAPABILITY:
271	if (!capable(CAP_SYS_PTRACE))	271	if (!ns_capable(task_user_ns(child), CAP_SYS_PTRACE))
272	rc = -EPERM;	272	rc = -EPERM;
273	break;	273	break;
274	case YAMA_SCOPE_NO_ATTACH:	274	case YAMA_SCOPE_NO_ATTACH: