1 files changed, 9 insertions, 9 deletions

diff --git a/security/device_cgroup.c b/security/device_cgroup.c
index 7bd296cca041..46f23971f7e4 100644
--- a/security/device_cgroup.c
+++ b/security/device_cgroup.c
@@ -508,12 +508,11 @@ int devcgroup_inode_permission(struct inode *inode, int mask)
                 return 0;
         if (!S_ISBLK(inode->i_mode) && !S_ISCHR(inode->i_mode))
                 return 0;
-        dev_cgroup = css_to_devcgroup(task_subsys_state(current,
-                                devices_subsys_id));
-        if (!dev_cgroup)
-                return 0;
 
         rcu_read_lock();
+
+        dev_cgroup = task_devcgroup(current);
+
         list_for_each_entry_rcu(wh, &dev_cgroup->whitelist, list) {
                 if (wh->type & DEV_ALL)
                         goto acc_check;
@@ -533,6 +532,7 @@ acc_check:
                 rcu_read_unlock();
                 return 0;
         }
+
         rcu_read_unlock();
 
         return -EPERM;
@@ -543,12 +543,10 @@ int devcgroup_inode_mknod(int mode, dev_t dev)
         struct dev_cgroup *dev_cgroup;
         struct dev_whitelist_item *wh;
 
-        dev_cgroup = css_to_devcgroup(task_subsys_state(current,
-                                devices_subsys_id));
-        if (!dev_cgroup)
-                return 0;
-
         rcu_read_lock();
+
+        dev_cgroup = task_devcgroup(current);
+
         list_for_each_entry(wh, &dev_cgroup->whitelist, list) {
                 if (wh->type & DEV_ALL)
                         goto acc_check;
@@ -566,6 +564,8 @@ acc_check:
                 rcu_read_unlock();
                 return 0;
         }
+
         rcu_read_unlock();
+
         return -EPERM;
 }