From: 黄涛 <huangtao@rock-chips.com>
Date: Sat, 30 Jul 2011 14:44:43 +0000 (+0800)
Subject: Revert "security: Add AID_NET_RAW and AID_NET_ADMIN capability check in cap_capable()."
X-Git-Tag: firefly_0821_release~9943
X-Git-Url: http://demsky.eecs.uci.edu/git/?a=commitdiff_plain;h=5f0dc84d54c0884d200179be2a1d8c1970271c78;p=firefly-linux-kernel-4.4.55.git

Revert "security: Add AID_NET_RAW and AID_NET_ADMIN capability check in cap_capable()."

This reverts commit c30cd45aad4538d9433d691e62635ef8e2bcffaa.
---

diff --git a/include/linux/android_aid.h b/include/linux/android_aid.h
index 7f16a14c0fe7..d22723afbca1 100644
--- a/include/linux/android_aid.h
+++ b/include/linux/android_aid.h
@@ -21,6 +21,5 @@
 #define AID_NET_BT       3002
 #define AID_INET         3003
 #define AID_NET_RAW      3004
-#define AID_NET_ADMIN    3005
 
 #endif
diff --git a/security/commoncap.c b/security/commoncap.c
index ea768866f700..fe30751a6cd9 100644
--- a/security/commoncap.c
+++ b/security/commoncap.c
@@ -28,10 +28,6 @@
 #include <linux/prctl.h>
 #include <linux/securebits.h>
 
-#ifdef CONFIG_ANDROID_PARANOID_NETWORK
-#include <linux/android_aid.h>
-#endif
-
 /*
  * If a non-root user executes a setuid-root binary in
  * !secure(SECURE_NOROOT) mode, then we raise capabilities.
@@ -86,12 +82,6 @@ EXPORT_SYMBOL(cap_netlink_recv);
 int cap_capable(struct task_struct *tsk, const struct cred *cred, int cap,
 		int audit)
 {
-#ifdef CONFIG_ANDROID_PARANOID_NETWORK
-	if (cap == CAP_NET_RAW && in_egroup_p(AID_NET_RAW))
-		return 0;
-	if (cap == CAP_NET_ADMIN && in_egroup_p(AID_NET_ADMIN))
-		return 0;
-#endif
 	return cap_raised(cred->cap_effective, cap) ? 0 : -EPERM;
 }