Access Domain Inheritance algorithm was implemented in full ( do_ad_inh function, kernel/linsec_exec.c) according to the specification in Chapter 4 (Subsection 4.3.8). The inheritance algorithm is triggered by a new binary being loaded for execution (from do_execve function, fs/exec.c) to reflect privileges of the executable file in linsec_task structure. When ownership of a process changes (sys_setXuid family of functions, kernel/sys.c), there is no need to perform the inheritance algorithm explicitly as the replacement of linsec_usr itself (Section 5.5) achieves the desired shift in privileges for the process.
During testing it arose that no AD inheritance should take place if process ownership change occurred before a call to do_execve (fs/exec.c). For example, shell program should not inherit AD settings from login program that executed it. Therefore on call to one of sys_setXuid functions (kernel/sys.c), linsec_do_suid, among other things, sets a flag (implemented by LinSec) in struct task_struct to denote ownership change for the process. When Access Domain Inheritance algorithm executes it checks the flag for current process and if it is set no inheritance takes place and the flag is cleared.