security: fix compilation errors when CONFIG_ANDROID_PARANOID_NETWORK=n Compilation fails when CONFIG_ANDROID_PARANOID_NETWORK is not defined since AID_NET_RAW and AID_NET_ADMIN don't exist. Since these group checks are only valid for Android configurations, remove the checks when CONFIG_ANDROID_PARANOID_NETWORK is disabled. Signed-off-by: Bryan Huntsman <bryanh@codeaurora.org>

commit: 524ef312152c4c8a012b3c0fa0b03520b30bb534 [log] [tgz]
author: Bryan Huntsman <bryanh@codeaurora.org> Tue Sep 13 17:47:05 2011 -0700
committer: Bryan Huntsman <bryanh@codeaurora.org> Mon Oct 03 09:58:56 2011 -0700
tree: 4f451291fc3d1570560c940cb917495b836819fc
parent: e3e897cb7d91db7eab1105b6352d64c40c5e9501 [diff] [blame]
diff --git a/security/commoncap.c b/security/commoncap.c
index 1322b6a..da21e7c 100644
--- a/security/commoncap.c
+++ b/security/commoncap.c

@@ -87,10 +87,12 @@
 int cap_capable(struct task_struct *tsk, const struct cred *cred,
 		struct user_namespace *targ_ns, int cap, int audit)
 {
+#ifdef CONFIG_ANDROID_PARANOID_NETWORK
 	if (cap == CAP_NET_RAW && in_egroup_p(AID_NET_RAW))
 		return 0;
 	if (cap == CAP_NET_ADMIN && in_egroup_p(AID_NET_ADMIN))
 		return 0;
+#endif
 
 	for (;;) {
 		/* The creator of the user namespace has all caps. */
commit	524ef312152c4c8a012b3c0fa0b03520b30bb534	[log] [tgz]
author	Bryan Huntsman <bryanh@codeaurora.org>	Tue Sep 13 17:47:05 2011 -0700
committer	Bryan Huntsman <bryanh@codeaurora.org>	Mon Oct 03 09:58:56 2011 -0700
tree	4f451291fc3d1570560c940cb917495b836819fc
parent	e3e897cb7d91db7eab1105b6352d64c40c5e9501 [diff] [blame]