Merge branch 'patches_for_2.6.38rc' of git://git.pwsan.com/linux-2.6 into devel-fixes

2 files changed, 7 insertions, 4 deletions

diff --git a/security/security.c b/security/security.c
index 739e40362f44..7b7308ace8c5 100644
--- a/security/security.c
+++ b/security/security.c
@@ -154,10 +154,9 @@ int security_capset(struct cred *new, const struct cred *old,
                                     effective, inheritable, permitted);
 }
 
-int security_capable(int cap)
+int security_capable(const struct cred *cred, int cap)
 {
-        return security_ops->capable(current, current_cred(), cap,
-                                     SECURITY_CAP_AUDIT);
+        return security_ops->capable(current, cred, cap, SECURITY_CAP_AUDIT);
 }
 
 int security_real_capable(struct task_struct *tsk, int cap)
diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c
index e276eb468536..c8d699270687 100644
--- a/security/selinux/hooks.c
+++ b/security/selinux/hooks.c
@@ -3198,7 +3198,11 @@ static void selinux_cred_free(struct cred *cred)
 {
         struct task_security_struct *tsec = cred->security;
 
-        BUG_ON((unsigned long) cred->security < PAGE_SIZE);
+        /*
+         * cred->security == NULL if security_cred_alloc_blank() or
+         * security_prepare_creds() returned an error.
+         */
+        BUG_ON(cred->security && (unsigned long) cred->security < PAGE_SIZE);
         cred->security = (void *) 0x7UL;
         kfree(tsec);
 }