2 files changed, 13 insertions, 3 deletions

diff --git a/sys/kern/vfs_vnops.c b/sys/kern/vfs_vnops.c
index cfc6eaf36d6fa..f8acb22feb0e6 100644
--- a/sys/kern/vfs_vnops.c
+++ b/sys/kern/vfs_vnops.c
@@ -1635,14 +1635,14 @@ vn_poll(struct file *fp, int events, struct ucred *active_cred,
 	int error;
 
 	vp = fp->f_vnode;
-#ifdef MAC
+#if defined(MAC) || defined(AUDIT)
 	vn_lock(vp, LK_EXCLUSIVE | LK_RETRY);
 	AUDIT_ARG_VNODE1(vp);
 	error = mac_vnode_check_poll(active_cred, fp->f_cred, vp);
 	VOP_UNLOCK(vp);
-	if (!error)
+	if (error != 0)
+		return (error);
 #endif
-
 	error = VOP_POLL(vp, events, fp->f_cred, td);
 	return (error);
 }
diff --git a/sys/security/mac/mac_framework.h b/sys/security/mac/mac_framework.h
index 66f0ab90b293b..866ada8ee6e83 100644
--- a/sys/security/mac/mac_framework.h
+++ b/sys/security/mac/mac_framework.h
@@ -463,8 +463,18 @@ mac_vnode_check_open(struct ucred *cred, struct vnode *vp,
 
 int	mac_vnode_check_mprotect(struct ucred *cred, struct vnode *vp,
 	    int prot);
+#ifdef MAC
 int	mac_vnode_check_poll(struct ucred *active_cred,
 	    struct ucred *file_cred, struct vnode *vp);
+#else
+static inline int
+mac_vnode_check_poll(struct ucred *active_cred, struct ucred *file_cred,
+    struct vnode *vp)
+{
+
+	return (0);
+}
+#endif
 int	mac_vnode_check_readdir(struct ucred *cred, struct vnode *vp);
 int	mac_vnode_check_readlink(struct ucred *cred, struct vnode *vp);
 int	mac_vnode_check_rename_from(struct ucred *cred, struct vnode *dvp,