summaryrefslogtreecommitdiffstats
path: root/security/commoncap.c
diff options
context:
space:
mode:
authorEric Paris <eparis@redhat.com>2012-01-03 18:25:16 +0100
committerEric Paris <eparis@redhat.com>2012-01-06 00:53:01 +0100
commitfd778461524849afd035679030ae8e8873c72b81 (patch)
tree32a5849c1879413fce0307af304e372eaa8225b4 /security/commoncap.c
parentptrace: do not audit capability check when outputing /proc/pid/stat (diff)
downloadlinux-fd778461524849afd035679030ae8e8873c72b81.tar.xz
linux-fd778461524849afd035679030ae8e8873c72b81.zip
security: remove the security_netlink_recv hook as it is equivalent to capable()
Once upon a time netlink was not sync and we had to get the effective capabilities from the skb that was being received. Today we instead get the capabilities from the current task. This has rendered the entire purpose of the hook moot as it is now functionally equivalent to the capable() call. Signed-off-by: Eric Paris <eparis@redhat.com>
Diffstat (limited to 'security/commoncap.c')
-rw-r--r--security/commoncap.c8
1 files changed, 0 insertions, 8 deletions
diff --git a/security/commoncap.c b/security/commoncap.c
index 89f02ff66af9..7817a763444d 100644
--- a/security/commoncap.c
+++ b/security/commoncap.c
@@ -56,14 +56,6 @@ int cap_netlink_send(struct sock *sk, struct sk_buff *skb)
return 0;
}
-int cap_netlink_recv(struct sk_buff *skb, int cap)
-{
- if (!cap_raised(current_cap(), cap))
- return -EPERM;
- return 0;
-}
-EXPORT_SYMBOL(cap_netlink_recv);
-
/**
* cap_capable - Determine whether a task has a particular effective capability
* @cred: The credentials to use