1 files changed, 22 insertions, 4 deletions
diff --git a/security/security.c b/security/security.c
index 678d4d07b852..c3586c0d97e2 100644
--- a/security/security.c
+++ b/security/security.c
@@ -154,14 +154,32 @@ int security_capset(struct cred *new, const struct cred *old,
                                    effective, inheritable, permitted);
 }
-int security_capable(struct task_struct *tsk, int cap)
+int security_capable(int cap)
 {
-        return security_ops->capable(tsk, cap, SECURITY_CAP_AUDIT);
+        return security_ops->capable(current, current_cred(), cap,
+                                     SECURITY_CAP_AUDIT);
 }
-int security_capable_noaudit(struct task_struct *tsk, int cap)
+int security_real_capable(struct task_struct *tsk, int cap)
 {
-        return security_ops->capable(tsk, cap, SECURITY_CAP_NOAUDIT);
+        const struct cred *cred;
+        int ret;
+        cred = get_task_cred(tsk);
+        ret = security_ops->capable(tsk, cred, cap, SECURITY_CAP_AUDIT);
+        put_cred(cred);
+        return ret;
+}
+int security_real_capable_noaudit(struct task_struct *tsk, int cap)
+{
+        const struct cred *cred;
+        int ret;
+        cred = get_task_cred(tsk);
+        ret = security_ops->capable(tsk, cred, cap, SECURITY_CAP_NOAUDIT);
+        put_cred(cred);
+        return ret;
 }
 int security_acct(struct file *file)

diff --git a/security/security.c b/security/security.c index 678d4d07b852..c3586c0d97e2 100644 --- a/security/security.c +++ b/security/security.c
@@ -154,14 +154,32 @@ int security_capset(struct cred new, const struct cred old,
154	effective, inheritable, permitted);	154	effective, inheritable, permitted);
155	}	155	}
156		156
157	int security_capable(struct task_struct *tsk, int cap)	157	int security_capable(int cap)
158	{	158	{
159	return security_ops->capable(tsk, cap, SECURITY_CAP_AUDIT);	159	return security_ops->capable(current, current_cred(), cap,
		160	SECURITY_CAP_AUDIT);
160	}	161	}
161		162
162	int security_capable_noaudit(struct task_struct *tsk, int cap)	163	int security_real_capable(struct task_struct *tsk, int cap)
163	{	164	{
164	return security_ops->capable(tsk, cap, SECURITY_CAP_NOAUDIT);	165	const struct cred *cred;
		166	int ret;
		167
		168	cred = get_task_cred(tsk);
		169	ret = security_ops->capable(tsk, cred, cap, SECURITY_CAP_AUDIT);
		170	put_cred(cred);
		171	return ret;
		172	}
		173
		174	int security_real_capable_noaudit(struct task_struct *tsk, int cap)
		175	{
		176	const struct cred *cred;
		177	int ret;
		178
		179	cred = get_task_cred(tsk);
		180	ret = security_ops->capable(tsk, cred, cap, SECURITY_CAP_NOAUDIT);
		181	put_cred(cred);
		182	return ret;
165	}	183	}
166		184
167	int security_acct(struct file *file)	185	int security_acct(struct file *file)