When user capability sets are modified (through linsec_usr) and the modifications are fed to running kernel (through /proc interface) two actions are performed by LinSec:
It might be the case that no process is currently running under ownership of the user whose settings have been changed so that corresponding struct user_struct does not exist in kernel buffers. In this case the second action is skipped. Update of linsec_usr capability related fields is done, in the latter event, while holding appropriate spinlocks (Section 5.6). The effects of the changes done to linsec_usr will be observable on the next execution of the Capability Inheritance Algorithm (Subsection 5.8.4) for the user.