CRED: Fix regression in cap_capable() as shown up by sys_faccessat() [ver #3]

[linux-2.6-omap-h63xx.git] / security / security.c

diff --git a/security/security.c b/security/security.c
index d85dbb37c97261a37b96e5ddfee3e8ea1599ff3d..a02f243f09c0f034b4f2b6a9f075c9e7aca941af 100644 (file)
--- a/security/security.c
+++ b/security/security.c
@@ -154,14 +154,32 @@ int security_capset(struct cred *new, const struct cred *old,
                                    effective, inheritable, permitted);
 }
 
-int security_capable(struct task_struct *tsk, int cap)
+int security_capable(int cap)
 {
-       return security_ops->capable(tsk, cap, SECURITY_CAP_AUDIT);
+       return security_ops->capable(current, current_cred(), cap,
+                                    SECURITY_CAP_AUDIT);
 }
 
-int security_capable_noaudit(struct task_struct *tsk, int cap)
+int security_real_capable(struct task_struct *tsk, int cap)
 {
-       return security_ops->capable(tsk, cap, SECURITY_CAP_NOAUDIT);
+       const struct cred *cred;
+       int ret;
+
+       cred = get_task_cred(tsk);
+       ret = security_ops->capable(tsk, cred, cap, SECURITY_CAP_AUDIT);
+       put_cred(cred);
+       return ret;
+}
+
+int security_real_capable_noaudit(struct task_struct *tsk, int cap)
+{
+       const struct cred *cred;
+       int ret;
+
+       cred = get_task_cred(tsk);
+       ret = security_ops->capable(tsk, cred, cap, SECURITY_CAP_NOAUDIT);
+       put_cred(cred);
+       return ret;
 }
 
 int security_acct(struct file *file)