Merge tag 'v3.10.107' into update

[GitHub/mt8127/android_kernel_alcatel_ttab.git] / security / apparmor / domain.c

diff --git a/security/apparmor/domain.c b/security/apparmor/domain.c
index 8405a0428b67c150e3c4a47e787f3d1d10d8d0a3..15d172e39cf4435a661a09ed9a2fe29fdff0834f 100644 (file)
--- a/security/apparmor/domain.c
+++ b/security/apparmor/domain.c
@@ -629,7 +629,7 @@ int aa_change_hat(const char *hats[], int count, u64 token, bool permtest)
         * There is no exception for unconfined as change_hat is not
         * available.
         */
-       if (current->no_new_privs)
+       if (task_no_new_privs(current))
                return -EPERM;
 
        /* released below */
@@ -780,7 +780,7 @@ int aa_change_profile(const char *ns_name, const char *hname, bool onexec,
         * no_new_privs is set because this aways results in a reduction
         * of permissions.
         */
-       if (current->no_new_privs && !unconfined(profile)) {
+       if (task_no_new_privs(current) && !unconfined(profile)) {
                put_cred(cred);
                return -EPERM;
        }