From 01c1d512ab2cbb7e0ed31148012ccb2a3f330931 Mon Sep 17 00:00:00 2001
From: Stephen Smalley <sds@tycho.nsa.gov>
Date: Tue, 2 Feb 2010 11:31:51 -0500
Subject: [PATCH] --- yaml --- r: 184906 b: refs/heads/master c:
 b6cac5a30b325e14cda425670bb3568d3cad0aa8 h: refs/heads/master v: v3

---
 [refs]                       |  2 +-
 trunk/security/selinux/avc.c | 17 +++++++----------
 2 files changed, 8 insertions(+), 11 deletions(-)

diff --git a/[refs] b/[refs]
index a2f3863baab0..eede0c75fdd7 100644
--- a/[refs]
+++ b/[refs]
@@ -1,2 +1,2 @@
 ---
-refs/heads/master: 8e2d39a1665e680c095545993aac2fcac6916eb9
+refs/heads/master: b6cac5a30b325e14cda425670bb3568d3cad0aa8
diff --git a/trunk/security/selinux/avc.c b/trunk/security/selinux/avc.c
index 3ee9b6a8beb6..db0fd9f33499 100644
--- a/trunk/security/selinux/avc.c
+++ b/trunk/security/selinux/avc.c
@@ -489,17 +489,14 @@ void avc_audit(u32 ssid, u32 tsid,
 	struct common_audit_data stack_data;
 	u32 denied, audited;
 	denied = requested & ~avd->allowed;
-	if (denied) {
-		audited = denied;
-		if (!(audited & avd->auditdeny))
-			return;
-	} else if (result) {
+	if (denied)
+		audited = denied & avd->auditdeny;
+	else if (result)
 		audited = denied = requested;
-	} else {
-		audited = requested;
-		if (!(audited & avd->auditallow))
-			return;
-	}
+	else
+		audited = requested & avd->auditallow;
+	if (!audited)
+		return;
 	if (!a) {
 		a = &stack_data;
 		memset(a, 0, sizeof(*a));