security: remove the security_netlink_recv hook as it is equivalent to capable()

[linux-flexiantxendom0-3.2.10.git] / net / netfilter / nfnetlink.c

diff --git a/net/netfilter/nfnetlink.c b/net/netfilter/nfnetlink.c
index 1905976..e6c2b8f 100644 (file)
--- a/net/netfilter/nfnetlink.c
+++ b/net/netfilter/nfnetlink.c
@@ -130,7 +130,7 @@ static int nfnetlink_rcv_msg(struct sk_buff *skb, struct nlmsghdr *nlh)
        const struct nfnetlink_subsystem *ss;
        int type, err;
 
-       if (security_netlink_recv(skb, CAP_NET_ADMIN))
+       if (!capable(CAP_NET_ADMIN))
                return -EPERM;
 
        /* All the messages must at least contain nfgenmsg */