From c22663ab75e77a397b2a16082429905d2e84325d Mon Sep 17 00:00:00 2001
From: Chris Wright <chrisw@sous-sol.org>
Date: Wed, 9 Feb 2011 22:11:51 -0800
Subject: [PATCH] --- yaml --- r: 233159 b: refs/heads/master c:
 6037b715d6fab139742c3df8851db4c823081561 h: refs/heads/master i:   233157:
 f33045687b12339a4c4629cdc76d230401f71f38   233155:
 df562bdc053103c64ef1e268b8b25120a21f857f   233151:
 a820dee5b9b353582142419d39c0929f2bc43ef5 v: v3

---
 [refs]                         | 2 +-
 trunk/include/linux/security.h | 6 +++---
 trunk/kernel/capability.c      | 2 +-
 trunk/security/security.c      | 5 ++---
 4 files changed, 7 insertions(+), 8 deletions(-)

diff --git a/[refs] b/[refs]
index 2c28012e3262..aaa07844e14c 100644
--- a/[refs]
+++ b/[refs]
@@ -1,2 +1,2 @@
 ---
-refs/heads/master: deabb19ba4bd8c06ae69bc262e3594b515e3a459
+refs/heads/master: 6037b715d6fab139742c3df8851db4c823081561
diff --git a/trunk/include/linux/security.h b/trunk/include/linux/security.h
index c642bb8b8f5a..b2b7f9749f5e 100644
--- a/trunk/include/linux/security.h
+++ b/trunk/include/linux/security.h
@@ -1662,7 +1662,7 @@ int security_capset(struct cred *new, const struct cred *old,
 		    const kernel_cap_t *effective,
 		    const kernel_cap_t *inheritable,
 		    const kernel_cap_t *permitted);
-int security_capable(int cap);
+int security_capable(const struct cred *cred, int cap);
 int security_real_capable(struct task_struct *tsk, int cap);
 int security_real_capable_noaudit(struct task_struct *tsk, int cap);
 int security_sysctl(struct ctl_table *table, int op);
@@ -1856,9 +1856,9 @@ static inline int security_capset(struct cred *new,
 	return cap_capset(new, old, effective, inheritable, permitted);
 }
 
-static inline int security_capable(int cap)
+static inline int security_capable(const struct cred *cred, int cap)
 {
-	return cap_capable(current, current_cred(), cap, SECURITY_CAP_AUDIT);
+	return cap_capable(current, cred, cap, SECURITY_CAP_AUDIT);
 }
 
 static inline int security_real_capable(struct task_struct *tsk, int cap)
diff --git a/trunk/kernel/capability.c b/trunk/kernel/capability.c
index 2f05303715a5..9e9385f132c8 100644
--- a/trunk/kernel/capability.c
+++ b/trunk/kernel/capability.c
@@ -306,7 +306,7 @@ int capable(int cap)
 		BUG();
 	}
 
-	if (security_capable(cap) == 0) {
+	if (security_capable(current_cred(), cap) == 0) {
 		current->flags |= PF_SUPERPRIV;
 		return 1;
 	}
diff --git a/trunk/security/security.c b/trunk/security/security.c
index 739e40362f44..7b7308ace8c5 100644
--- a/trunk/security/security.c
+++ b/trunk/security/security.c
@@ -154,10 +154,9 @@ int security_capset(struct cred *new, const struct cred *old,
 				    effective, inheritable, permitted);
 }
 
-int security_capable(int cap)
+int security_capable(const struct cred *cred, int cap)
 {
-	return security_ops->capable(current, current_cred(), cap,
-				     SECURITY_CAP_AUDIT);
+	return security_ops->capable(current, cred, cap, SECURITY_CAP_AUDIT);
 }
 
 int security_real_capable(struct task_struct *tsk, int cap)