diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c
index e07cf7fcdce2aa55183f34125dc4e117fb19fac2..4a176b4687192df1360df8b006071c06990f1ebe 100644
--- a/security/selinux/hooks.c
+++ b/security/selinux/hooks.c
@@ -2097,9 +2097,6 @@ static int selinux_bprm_secureexec(struct linux_binprm *bprm)
 	return (atsecure || cap_bprm_secureexec(bprm));
 }
 
-extern struct vfsmount *selinuxfs_mount;
-extern struct dentry *selinux_null;
-
 /* Derived from fs/exec.c:flush_old_files. */
 static inline void flush_unauthorized_files(const struct cred *cred,
 					    struct files_struct *files)
@@ -5803,8 +5800,6 @@ static int selinux_disabled;
 
 int selinux_disable(void)
 {
-	extern void exit_sel_fs(void);
-
 	if (ss_initialized) {
 		/* Not permitted after initial policy load. */
 		return -EINVAL;
diff --git a/security/selinux/include/security.h b/security/selinux/include/security.h
index 30002c43436f374110557815b2d547156c5c7b5f..13b626352f0bdf6197ff4e0f710237a4d530fe47 100644
--- a/security/selinux/include/security.h
+++ b/security/selinux/include/security.h
@@ -218,6 +218,9 @@ extern void selinux_status_update_setenforce(int enforcing);
 extern void selinux_status_update_policyload(int seqno);
 extern void selinux_complete_init(void);
 extern int selinux_disable(void);
+extern void exit_sel_fs(void);
+extern struct dentry *selinux_null;
+extern struct vfsmount *selinuxfs_mount;
 
 #endif /* _SELINUX_SECURITY_H_ */
 
diff --git a/security/selinux/selinuxfs.c b/security/selinux/selinuxfs.c
index d3677c6c12c63450db101a3db6909ed0298c60eb..ba2ada5f16a946e365a2e0ae8008891adbe5b84f 100644
--- a/security/selinux/selinuxfs.c
+++ b/security/selinux/selinuxfs.c
@@ -477,7 +477,7 @@ static struct vm_operations_struct sel_mmap_policy_ops = {
 	.page_mkwrite = sel_mmap_policy_fault,
 };
 
-int sel_mmap_policy(struct file *filp, struct vm_area_struct *vma)
+static int sel_mmap_policy(struct file *filp, struct vm_area_struct *vma)
 {
 	if (vma->vm_flags & VM_SHARED) {
 		/* do not allow mprotect to make mapping writable */