import PULS_20160108

[GitHub/mt8127/android_kernel_alcatel_ttab.git] / security / apparmor / domain.c

diff --git a/security/apparmor/domain.c b/security/apparmor/domain.c
index 859abdaac1eafb62fddb202eb6fcdf3777e9daa2..9aaa4e72cc1fc602afada0596a0f69c6c4d08eee 100644 (file)
--- a/security/apparmor/domain.c
+++ b/security/apparmor/domain.c
@@ -629,7 +629,7 @@ int aa_change_hat(const char *hats[], int count, u64 token, bool permtest)
         * There is no exception for unconfined as change_hat is not
         * available.
         */
-       if (current->no_new_privs)
+       if (task_no_new_privs(current))
                return -EPERM;
 
        /* released below */
@@ -780,7 +780,7 @@ int aa_change_profile(const char *ns_name, const char *hname, bool onexec,
         * no_new_privs is set because this aways results in a reduction
         * of permissions.
         */
-       if (current->no_new_privs && !unconfined(profile)) {
+       if (task_no_new_privs(current) && !unconfined(profile)) {
                put_cred(cred);
                return -EPERM;
        }