From: Stephen Smalley <sds@epoch.ncsc.mil>

This patch updates the selinux_task_setscheduler hook function to use the
standard helper for task permission checks since it is now safe to audit from
this hook (due to the upstream change to setscheduler() to not hold the
runqueue lock during the security hook call).

Signed-off-by:  Stephen Smalley <sds@epoch.ncsc.mil>
Signed-off-by:  James Morris <jmorris@redhat.com>
Signed-off-by: Andrew Morton <akpm@osdl.org>
---

 25-akpm/security/selinux/hooks.c |   11 +----------
 1 files changed, 1 insertion(+), 10 deletions(-)

diff -puN security/selinux/hooks.c~selinux-update-selinux_task_setscheduler security/selinux/hooks.c
--- 25/security/selinux/hooks.c~selinux-update-selinux_task_setscheduler	Thu Dec  2 13:02:50 2004
+++ 25-akpm/security/selinux/hooks.c	Thu Dec  2 13:02:50 2004
@@ -2692,16 +2692,7 @@ static int selinux_task_setrlimit(unsign
 
 static int selinux_task_setscheduler(struct task_struct *p, int policy, struct sched_param *lp)
 {
-	struct task_security_struct *tsec1, *tsec2;
-
-	tsec1 = current->security;
-	tsec2 = p->security;
-
-	/* No auditing from the setscheduler hook, since the runqueue lock
-	   is held and the system will deadlock if we try to log an audit
-	   message. */
-	return avc_has_perm_noaudit(tsec1->sid, tsec2->sid,
-				    SECCLASS_PROCESS, PROCESS__SETSCHED, NULL);
+	return task_has_perm(current, p, PROCESS__SETSCHED);
 }
 
 static int selinux_task_getscheduler(struct task_struct *p)
_