From: Chris Wright <chrisw@osdl.org>

With this we're back to the times when changing skbuff.h only triggers
rebuild of _net_ related stuff 8)

This uncovered a bug in rmap.h, that was not including mm.h to get the
definition of struct vm_area_struct, working by luck.

Signed-off-by: Arnaldo Carvalho de Melo <acme@conectiva.com.br>
Signed-off-by: Chris Wright <chrisw@osdl.org>
Signed-off-by: Andrew Morton <akpm@osdl.org>
---

 25-akpm/include/linux/rmap.h     |    1 +
 25-akpm/include/linux/security.h |   25 +++++++------------------
 25-akpm/security/commoncap.c     |   17 +++++++++++++++++
 3 files changed, 25 insertions(+), 18 deletions(-)

diff -puN include/linux/rmap.h~lsm-remove-net-related-includes-from-securityh include/linux/rmap.h
--- 25/include/linux/rmap.h~lsm-remove-net-related-includes-from-securityh	2004-10-21 20:58:59.862638320 -0700
+++ 25-akpm/include/linux/rmap.h	2004-10-21 20:58:59.869637256 -0700
@@ -7,6 +7,7 @@
 #include <linux/config.h>
 #include <linux/list.h>
 #include <linux/slab.h>
+#include <linux/mm.h>
 #include <linux/spinlock.h>
 
 /*
diff -puN include/linux/security.h~lsm-remove-net-related-includes-from-securityh include/linux/security.h
--- 25/include/linux/security.h~lsm-remove-net-related-includes-from-securityh	2004-10-21 20:58:59.863638168 -0700
+++ 25-akpm/include/linux/security.h	2004-10-21 20:58:59.871636952 -0700
@@ -30,8 +30,6 @@
 #include <linux/shm.h>
 #include <linux/msg.h>
 #include <linux/sched.h>
-#include <linux/skbuff.h>
-#include <linux/netlink.h>
 
 struct ctl_table;
 
@@ -55,18 +53,14 @@ extern void cap_task_reparent_to_init (s
 extern int cap_syslog (int type);
 extern int cap_vm_enough_memory (long pages);
 
-static inline int cap_netlink_send (struct sock *sk, struct sk_buff *skb)
-{
-	NETLINK_CB (skb).eff_cap = current->cap_effective;
-	return 0;
-}
+struct msghdr;
+struct sk_buff;
+struct sock;
+struct sockaddr;
+struct socket;
 
-static inline int cap_netlink_recv (struct sk_buff *skb)
-{
-	if (!cap_raised (NETLINK_CB (skb).eff_cap, CAP_NET_ADMIN))
-		return -EPERM;
-	return 0;
-}
+extern int cap_netlink_send(struct sock *sk, struct sk_buff *skb);
+extern int cap_netlink_recv(struct sk_buff *skb);
 
 /*
  * Values used in the task_security_ops calls
@@ -2518,11 +2512,6 @@ static inline int security_setprocattr(s
 	return -EINVAL;
 }
 
-/*
- * The netlink capability defaults need to be used inline by default
- * (rather than hooking into the capability module) to reduce overhead
- * in the networking code.
- */
 static inline int security_netlink_send (struct sock *sk, struct sk_buff *skb)
 {
 	return cap_netlink_send (sk, skb);
diff -puN security/commoncap.c~lsm-remove-net-related-includes-from-securityh security/commoncap.c
--- 25/security/commoncap.c~lsm-remove-net-related-includes-from-securityh	2004-10-21 20:58:59.865637864 -0700
+++ 25-akpm/security/commoncap.c	2004-10-21 20:58:59.872636800 -0700
@@ -24,6 +24,23 @@
 #include <linux/xattr.h>
 #include <linux/hugetlb.h>
 
+int cap_netlink_send(struct sock *sk, struct sk_buff *skb)
+{
+	NETLINK_CB(skb).eff_cap = current->cap_effective;
+	return 0;
+}
+
+EXPORT_SYMBOL(cap_netlink_send);
+
+int cap_netlink_recv(struct sk_buff *skb)
+{
+	if (!cap_raised(NETLINK_CB(skb).eff_cap, CAP_NET_ADMIN))
+		return -EPERM;
+	return 0;
+}
+
+EXPORT_SYMBOL(cap_netlink_recv);
+
 int cap_capable (struct task_struct *tsk, int cap)
 {
 	/* Derived from include/linux/sched.h:capable. */
_