From: "Serge E. Hallyn" <serue@us.ibm.com>

With the introduction of per-process securebits, the capabilities-related
prctl callbacks were moved into cap_task_prctl().  Have smack use
cap_task_prctl() so that PR_SET_KEEPCAPS is defined.

Signed-off-by: Serge E. Hallyn <serue@us.ibm.com>
Acked-by: Casey Schaufler <casey@schaufler-ca.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
---

 security/smack/smack_lsm.c |    1 +
 1 file changed, 1 insertion(+)

diff -puN security/smack/smack_lsm.c~smack-use-cap_task_prctl security/smack/smack_lsm.c
--- a/security/smack/smack_lsm.c~smack-use-cap_task_prctl
+++ a/security/smack/smack_lsm.c
@@ -2495,6 +2495,7 @@ struct security_operations smack_ops = {
 	.task_wait = 			smack_task_wait,
 	.task_reparent_to_init =	cap_task_reparent_to_init,
 	.task_to_inode = 		smack_task_to_inode,
+	.task_prctl =			cap_task_prctl,
 
 	.ipc_permission = 		smack_ipc_permission,
 
_