diff -NurpP --minimal linux-2.6.16.11-vs2.1.1-rc18.1/fs/proc/array.c linux-2.6.16.11-vs2.1.1-rc18.2/fs/proc/array.c
--- linux-2.6.16.11-vs2.1.1-rc18.1/fs/proc/array.c	2006-04-27 19:25:29 +0200
+++ linux-2.6.16.11-vs2.1.1-rc18.2/fs/proc/array.c	2006-04-27 19:27:19 +0200
@@ -295,12 +295,15 @@ static inline char * task_sig(struct tas
 
 static inline char *task_cap(struct task_struct *p, char *buffer)
 {
-    return buffer + sprintf(buffer, "CapInh:\t%016x\n"
-			    "CapPrm:\t%016x\n"
-			    "CapEff:\t%016x\n",
-			    cap_t(p->cap_inheritable),
-			    cap_t(p->cap_permitted),
-			    cap_t(p->cap_effective));
+	struct vx_info *vxi = p->vx_info;
+
+	return buffer + sprintf(buffer,
+		"CapInh:\t%016x\n"
+		"CapPrm:\t%016x\n"
+		"CapEff:\t%016x\n",
+		(unsigned)vx_info_mbcap(vxi, p->cap_inheritable),
+		(unsigned)vx_info_mbcap(vxi, p->cap_permitted),
+		(unsigned)vx_info_mbcap(vxi, p->cap_effective));
 }
 
 int proc_pid_status(struct task_struct *task, char * buffer)
diff -NurpP --minimal linux-2.6.16.11-vs2.1.1-rc18.1/include/linux/vs_base.h linux-2.6.16.11-vs2.1.1-rc18.2/include/linux/vs_base.h
--- linux-2.6.16.11-vs2.1.1-rc18.1/include/linux/vs_base.h	2006-04-27 19:26:39 +0200
+++ linux-2.6.16.11-vs2.1.1-rc18.2/include/linux/vs_base.h	2006-04-27 19:27:19 +0200
@@ -104,6 +104,20 @@ static inline int __vx_check(xid_t cid, 
 #define vx_current_cap_bset()	vx_info_cap_bset(current->vx_info)
 
 
+#define __vx_info_mbcap(v,b) \
+	(!vx_info_flags(v, VXF_STATE_SETUP, 0) ? \
+	vx_info_bcaps(v, b) : (b))
+
+#define vx_info_mbcap(v,b)	__vx_info_mbcap(v,cap_t(b))
+
+#define task_vx_mbcap(t,b) \
+	vx_info_mbcap((t)->vx_info, (t)->b)
+
+#define vx_mbcap(b)	task_vx_mbcap(current,b)
+
+#define vx_cap_raised(v,c,f)	(vx_info_mbcap(v,c) & CAP_TO_MASK(f))
+
+
 #define vx_current_initpid(n) \
 	(current->vx_info && \
 	(current->vx_info->vx_initpid == (n)))
diff -NurpP --minimal linux-2.6.16.11-vs2.1.1-rc18.1/kernel/sys.c linux-2.6.16.11-vs2.1.1-rc18.2/kernel/sys.c
--- linux-2.6.16.11-vs2.1.1-rc18.1/kernel/sys.c	2006-04-27 19:25:29 +0200
+++ linux-2.6.16.11-vs2.1.1-rc18.2/kernel/sys.c	2006-04-27 19:27:19 +0200
@@ -232,7 +232,7 @@ int capable(int cap)
 {
 	if (vx_check_bit(VXC_CAP_MASK, cap) && !vx_mcaps(1L << cap))
 		return 0;
-        if (cap_raised(current->cap_effective, cap)) {
+	if (vx_cap_raised(current->vx_info, current->cap_effective, cap)) {
 	       current->flags |= PF_SUPERPRIV;
 	       return 1;
         }
diff -NurpP --minimal linux-2.6.16.11-vs2.1.1-rc18.1/security/commoncap.c linux-2.6.16.11-vs2.1.1-rc18.2/security/commoncap.c
--- linux-2.6.16.11-vs2.1.1-rc18.1/security/commoncap.c	2006-04-27 19:26:39 +0200
+++ linux-2.6.16.11-vs2.1.1-rc18.2/security/commoncap.c	2006-04-27 19:32:32 +0200
@@ -45,7 +45,7 @@ EXPORT_SYMBOL(cap_netlink_recv);
 int cap_capable (struct task_struct *tsk, int cap)
 {
 	/* Derived from include/linux/sched.h:capable. */
-	if (cap_raised(tsk->cap_effective, cap))
+       if (vx_cap_raised(tsk->vx_info, tsk->cap_effective, cap))
 		return 0;
 	return -EPERM;
 }
diff -NurpP --minimal linux-2.6.16.11-vs2.1.1-rc18.1/security/dummy.c linux-2.6.16.11-vs2.1.1-rc18.2/security/dummy.c
--- linux-2.6.16.11-vs2.1.1-rc18.1/security/dummy.c	2006-04-27 19:25:29 +0200
+++ linux-2.6.16.11-vs2.1.1-rc18.2/security/dummy.c	2006-04-27 19:27:19 +0200
@@ -656,7 +656,7 @@ static int dummy_sem_semop (struct sem_a
 
 static int dummy_netlink_send (struct sock *sk, struct sk_buff *skb)
 {
-	NETLINK_CB(skb).eff_cap = current->cap_effective;
+	cap_t(NETLINK_CB(skb).eff_cap) = vx_mbcap(cap_effective);
 	return 0;
 }