netfilter: nfnetlink_queue: remove locking in nfqnl_get_sk_secctx

We don't need the cb lock here.
Also, if skb was NULL we'd have crashed already.

Signed-off-by: Florian Westphal <fw@strlen.de>

diff --git a/net/netfilter/nfnetlink_queue.c b/net/netfilter/nfnetlink_queue.c
index 27300d3663dad6d635acf60fa137ffb5ac29294c..5379d8ff39c0e37a5aabef2662f53ca2f7227261 100644 (file)
--- a/net/netfilter/nfnetlink_queue.c
+++ b/net/netfilter/nfnetlink_queue.c
@@ -592,15 +592,8 @@ static int nfqnl_get_sk_secctx(struct sk_buff *skb, struct lsm_context *ctx)
 {
        int seclen = 0;
 #if IS_ENABLED(CONFIG_NETWORK_SECMARK)
-
-       if (!skb || !sk_fullsock(skb->sk))
-               return 0;
-
-       read_lock_bh(&skb->sk->sk_callback_lock);
-
        if (skb->secmark)
                seclen = security_secid_to_secctx(skb->secmark, ctx);
-       read_unlock_bh(&skb->sk->sk_callback_lock);
 #endif
        return seclen;
 }