From 5f0dc84d54c0884d200179be2a1d8c1970271c78 Mon Sep 17 00:00:00 2001
From: =?utf8?q?=E9=BB=84=E6=B6=9B?= <huangtao@rock-chips.com>
Date: Sat, 30 Jul 2011 22:44:43 +0800
Subject: [PATCH] Revert "security: Add AID_NET_RAW and AID_NET_ADMIN
 capability check in cap_capable()."

This reverts commit c30cd45aad4538d9433d691e62635ef8e2bcffaa.
---
 include/linux/android_aid.h |  1 -
 security/commoncap.c        | 10 ----------
 2 files changed, 11 deletions(-)

diff --git a/include/linux/android_aid.h b/include/linux/android_aid.h
index 7f16a14c0fe7..d22723afbca1 100644
--- a/include/linux/android_aid.h
+++ b/include/linux/android_aid.h
@@ -21,6 +21,5 @@
 #define AID_NET_BT       3002
 #define AID_INET         3003
 #define AID_NET_RAW      3004
-#define AID_NET_ADMIN    3005
 
 #endif
diff --git a/security/commoncap.c b/security/commoncap.c
index ea768866f700..fe30751a6cd9 100644
--- a/security/commoncap.c
+++ b/security/commoncap.c
@@ -28,10 +28,6 @@
 #include <linux/prctl.h>
 #include <linux/securebits.h>
 
-#ifdef CONFIG_ANDROID_PARANOID_NETWORK
-#include <linux/android_aid.h>
-#endif
-
 /*
  * If a non-root user executes a setuid-root binary in
  * !secure(SECURE_NOROOT) mode, then we raise capabilities.
@@ -86,12 +82,6 @@ EXPORT_SYMBOL(cap_netlink_recv);
 int cap_capable(struct task_struct *tsk, const struct cred *cred, int cap,
 		int audit)
 {
-#ifdef CONFIG_ANDROID_PARANOID_NETWORK
-	if (cap == CAP_NET_RAW && in_egroup_p(AID_NET_RAW))
-		return 0;
-	if (cap == CAP_NET_ADMIN && in_egroup_p(AID_NET_ADMIN))
-		return 0;
-#endif
 	return cap_raised(cred->cap_effective, cap) ? 0 : -EPERM;
 }
 
-- 
2.34.1