Signed-off-by: Andrew Morton <akpm@osdl.org>
---

 25-akpm/kernel/audit.c           |   38 ++++++++++++++++++--------------------
 25-akpm/security/selinux/hooks.c |    2 +-
 2 files changed, 19 insertions(+), 21 deletions(-)

diff -puN kernel/audit.c~fix-audit-control-message-checks-tidy kernel/audit.c
--- 25/kernel/audit.c~fix-audit-control-message-checks-tidy	Tue Jan 18 14:30:28 2005
+++ 25-akpm/kernel/audit.c	Tue Jan 18 14:30:28 2005
@@ -304,28 +304,26 @@ nlmsg_failure:			/* Used by NLMSG_PUT */
  * Check for appropriate CAP_AUDIT_ capabilities on incoming audit
  * control messages.
  */
-int audit_netlink_ok(kernel_cap_t eff_cap, u16 msg_type)
+static int audit_netlink_ok(kernel_cap_t eff_cap, u16 msg_type)
 {
 	int err = 0;
 
-	switch(msg_type) {
-		case AUDIT_GET:
-		case AUDIT_LIST:
-		case AUDIT_SET:
-		case AUDIT_LOGIN:
-		case AUDIT_ADD:
-		case AUDIT_DEL:
-			if (!cap_raised(eff_cap, CAP_AUDIT_CONTROL))
-				err = -EPERM;
-			break;
-
-		case AUDIT_USER:
-			if (!cap_raised(eff_cap, CAP_AUDIT_WRITE))
-				err = -EPERM;
-			break;
-
-		default:  /* bad msg */
-			err = -EINVAL;
+	switch (msg_type) {
+	case AUDIT_GET:
+	case AUDIT_LIST:
+	case AUDIT_SET:
+	case AUDIT_LOGIN:
+	case AUDIT_ADD:
+	case AUDIT_DEL:
+		if (!cap_raised(eff_cap, CAP_AUDIT_CONTROL))
+			err = -EPERM;
+		break;
+	case AUDIT_USER:
+		if (!cap_raised(eff_cap, CAP_AUDIT_WRITE))
+			err = -EPERM;
+		break;
+	default:  /* bad msg */
+		err = -EINVAL;
 	}
 
 	return err;
@@ -341,7 +339,7 @@ static int audit_receive_msg(struct sk_b
 	struct audit_buffer	*ab;
 	u16			msg_type = nlh->nlmsg_type;
 
-	err = audit_netlink_ok (NETLINK_CB(skb).eff_cap, msg_type);
+	err = audit_netlink_ok(NETLINK_CB(skb).eff_cap, msg_type);
 	if (err)
 		return err;
 
diff -puN security/selinux/hooks.c~fix-audit-control-message-checks-tidy security/selinux/hooks.c
--- 25/security/selinux/hooks.c~fix-audit-control-message-checks-tidy	Tue Jan 18 14:30:28 2005
+++ 25-akpm/security/selinux/hooks.c	Tue Jan 18 14:30:28 2005
@@ -3513,7 +3513,7 @@ static int selinux_netlink_send(struct s
 	tsec = current->security;
 
 	avd.allowed = 0;
-	(void)avc_has_perm_noaudit(tsec->sid, tsec->sid,
+	avc_has_perm_noaudit(tsec->sid, tsec->sid,
 				SECCLASS_CAPABILITY, ~0, &avd);
 	cap_mask(NETLINK_CB(skb).eff_cap, avd.allowed);
 
_