diff options
Diffstat (limited to 'security')
| -rw-r--r-- | security/security.c | 5 | ||||
| -rw-r--r-- | security/selinux/hooks.c | 6 |
2 files changed, 7 insertions, 4 deletions
diff --git a/security/security.c b/security/security.c index 739e40362f44..7b7308ace8c5 100644 --- a/security/security.c +++ b/security/security.c | |||
| @@ -154,10 +154,9 @@ int security_capset(struct cred *new, const struct cred *old, | |||
| 154 | effective, inheritable, permitted); | 154 | effective, inheritable, permitted); |
| 155 | } | 155 | } |
| 156 | 156 | ||
| 157 | int security_capable(int cap) | 157 | int security_capable(const struct cred *cred, int cap) |
| 158 | { | 158 | { |
| 159 | return security_ops->capable(current, current_cred(), cap, | 159 | return security_ops->capable(current, cred, cap, SECURITY_CAP_AUDIT); |
| 160 | SECURITY_CAP_AUDIT); | ||
| 161 | } | 160 | } |
| 162 | 161 | ||
| 163 | int security_real_capable(struct task_struct *tsk, int cap) | 162 | int security_real_capable(struct task_struct *tsk, int cap) |
diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c index e276eb468536..c8d699270687 100644 --- a/security/selinux/hooks.c +++ b/security/selinux/hooks.c | |||
| @@ -3198,7 +3198,11 @@ static void selinux_cred_free(struct cred *cred) | |||
| 3198 | { | 3198 | { |
| 3199 | struct task_security_struct *tsec = cred->security; | 3199 | struct task_security_struct *tsec = cred->security; |
| 3200 | 3200 | ||
| 3201 | BUG_ON((unsigned long) cred->security < PAGE_SIZE); | 3201 | /* |
| 3202 | * cred->security == NULL if security_cred_alloc_blank() or | ||
| 3203 | * security_prepare_creds() returned an error. | ||
| 3204 | */ | ||
| 3205 | BUG_ON(cred->security && (unsigned long) cred->security < PAGE_SIZE); | ||
| 3202 | cred->security = (void *) 0x7UL; | 3206 | cred->security = (void *) 0x7UL; |
| 3203 | kfree(tsec); | 3207 | kfree(tsec); |
| 3204 | } | 3208 | } |