From: Serge E. Hallyn <serue@us.ibm.com>

capabilities-implement-per-process-securebits.patch introduced
cap_task_prctl() and moved the handling of capability-related prctl into it. 
So when !CONFIG_SECURITY, the default security_task_prctl() needs to call
cap_task_prctl() the way other default hooks call capability helpers when they
exist.

This fixes a slew of userspace breakages when CONFIG_SECURITY=n.

Signed-off-by: Serge E. Hallyn <serue@us.ibm.com>
Tested-by: Jiri Slaby <jirislaby@gmail.com>
Acked-by: Andrew G. Morgan <morgan@kernel.org>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
---

 include/linux/security.h |    2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff -puN include/linux/security.h~capabilities-implement-per-process-securebits-fix include/linux/security.h
--- a/include/linux/security.h~capabilities-implement-per-process-securebits-fix
+++ a/include/linux/security.h
@@ -2276,7 +2276,7 @@ static inline int security_task_prctl (i
 				       unsigned long arg4,
 				       unsigned long arg5, long *rc_p)
 {
-	return 0;
+	return cap_task_prctl(option, arg2, arg3, arg3, arg5, rc_p);
 }
 
 static inline void security_task_reparent_to_init (struct task_struct *p)
_