Fix compilation when ANDROID_PARANOID_NET is disabled

Signed-off-by: Markus Lehtonen <markus.lehtonen@linux.intel.com>

diff --git a/security/commoncap.c b/security/commoncap.c
index 1322b6a..e508e2b 100644 (file)
--- a/security/commoncap.c
+++ b/security/commoncap.c
@@ -87,11 +87,12 @@ EXPORT_SYMBOL(cap_netlink_recv);
 int cap_capable(struct task_struct *tsk, const struct cred *cred,
                struct user_namespace *targ_ns, int cap, int audit)
 {
+#ifdef CONFIG_ANDROID_PARANOID_NETWORK
        if (cap == CAP_NET_RAW && in_egroup_p(AID_NET_RAW))
                return 0;
        if (cap == CAP_NET_ADMIN && in_egroup_p(AID_NET_ADMIN))
                return 0;
-
+#endif
        for (;;) {
                /* The creator of the user namespace has all caps. */
                if (targ_ns != &init_user_ns && targ_ns->creator == cred->user)