Move to d_path fix backport from -mm tree (which is where our patch was merged).

2025-09-03 07:45:50 +00:00 · 2007-04-03 12:04:05 +00:00
parent 026eb0b136
commit 72fba9803d
33 changed files with 245 additions and 225 deletions
--- a/kernel-patches/for-mainline/fix-__d_path-for-lazy-unmounts-and-make-it-unambiguous.patch
+++ b/kernel-patches/for-mainline/fix-__d_path-for-lazy-unmounts-and-make-it-unambiguous.patch
@@ -1,41 +1,57 @@
-Fix __d_path() for lazy unmounts and make it unambiguous
+From: Andreas Gruenbacher <agruen@suse.de>
-First, when d_path() hits a lazily unmounted mount point, it tries to
+Fix __d_path() for lazy unmounts and make it unambiguous; exclude unreachable
-prepend the name of the lazily unmounted dentry to the path name. It
+mount points from /proc/mounts
 gets this wrong, and also overwrites the slash that separates the name
 from the following pathname component.
-Second, it isn't always possible to tell from the __d_path result
+First, when d_path() hits a lazily unmounted mount point, it tries to prepend
-whether the specified root and rootmnt (i.e., the chroot) was reached:
+the name of the lazily unmounted dentry to the path name.  It gets this wrong,
-lazy unmounts of bind mounts will produce a path that does start with a
+and also overwrites the slash that separates the name from the following
-non-slash so we can tell from that, but other lazy unmounts will produce
+pathname component.
 a path that starts with a slash, just like "ordinary" paths.
-Third, sys_getcwd() shouldn't return disconnected paths. The patch
+Second, it isn't always possible to tell from the __d_path result whether the
-checks for that, and makes it fail with -ENOENT in that case.
+specified root and rootmnt (i.e., the chroot) was reached: lazy unmounts of
 bind mounts will produce a path that does start with a non-slash so we can
 tell from that, but other lazy unmounts will produce a path that starts with a
 slash, just like "ordinary" paths.
 Third, sys_getcwd() shouldn't return disconnected paths.  The patch checks for
 that, and makes it fail with -ENOENT in that case.
 Fourth, this now allows us to tell unreachable mount points from reachable
 ones when generating the /proc/mounts and /proc/$pid/mountstats files. 
 Unreachable mount points are not interesting to processes (they can't get
 there, anyway), so we hide unreachable mounts.  In particular, ordinary
 processes also will no longer see the rootfs mount (it is unreachable, after
 all).  The rootfs mount point will still be reachable to processes like the
 initial initrd init process, and so those processes will continue to see this
 mount point.
 The attached patch cleans up __d_path() to fix the bug with overlapping
-pathname components. It also adds a @fail_deleted argument, which allows
+pathname components.  It also adds a @fail_deleted argument, which allows to
-to get rid of some of the mess in sys_getcwd(). We make sure that paths
+get rid of some of the mess in sys_getcwd().  We make sure that paths will
-will only start with a slash if the path leads all the way up to the
+only start with a slash if the path leads all the way up to the root.  If the
-root. If the resulting path would otherwise be empty, we return "."
+resulting path would otherwise be empty, we return "." instead so that some
-instead so that some users of seq_path for files in /proc won't break.
+users of seq_path for files in /proc won't break.
-The @fail_deleted argument allows sys_getcwd() to be simplified.
+The @fail_deleted argument allows sys_getcwd() to be simplified.  Grabbing the
-Grabbing the dcache_lock can be moved into __d_path().
+dcache_lock can be moved into __d_path().
 The @fail_deleted argument could be added to d_path() as well: this would
 allow callers to recognize deleted files without having to resort to the
-ambiguous check for the " (deleted)" string at the end of the pathnames.
+ambiguous check for the " (deleted)" string at the end of the pathnames.  This
-This is not currently done, but it might be worthwhile.
+is not currently done, but it might be worthwhile.
 This patch also removes some code duplication between mounts_open() and
 mountstats_open().
 Signed-off-by: Andreas Gruenbacher <agruen@suse.de>
 Reviewed-by: NeilBrown <neilb@suse.de>
 Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
-Index: b/fs/dcache.c
+Index: linux-2.6-apparmor/fs/dcache.c
 ===================================================================
--- a/fs/dcache.c
+--- linux-2.6-apparmor.orig/fs/dcache.c
-+++ b/fs/dcache.c
+++ linux-2.6-apparmor/fs/dcache.c
@@ -1732,52 +1732,51 @@ shouldnt_be_hashed:
 }
@@ -262,3 +278,168 @@ Index: b/fs/dcache.c
 out:
 	dput(pwd);
 Index: linux-2.6-apparmor/fs/namespace.c
 ===================================================================
 --- linux-2.6-apparmor.orig/fs/namespace.c
 +++ linux-2.6-apparmor/fs/namespace.c
@@ -348,8 +348,16 @@ static inline void mangle(struct seq_fil
 	seq_escape(m, s, " \t\n\\");
 }
 +/* Keep in sync with fs/proc/base.c! */
 +struct proc_mounts {
 +        struct seq_file m;
 +        void *page;
 +        int event;
 +};
 +
 static int show_vfsmnt(struct seq_file *m, void *v)
 {
 +	void *page = container_of(m, struct proc_mounts, m)->page;
 	struct vfsmount *mnt = v;
 	int err = 0;
 	static struct proc_fs_info {
@@ -371,10 +379,15 @@ static int show_vfsmnt(struct seq_file *
 		{ 0, NULL }
 	};
 	struct proc_fs_info *fs_infop;
 +	char *path;
 +
 +	path = d_path(mnt->mnt_root, mnt, page, PAGE_SIZE);
 +	if (IS_ERR(path) || *path != '/')
 +		return err;
 	mangle(m, mnt->mnt_devname ? mnt->mnt_devname : "none");
 	seq_putc(m, ' ');
 -	seq_path(m, mnt, mnt->mnt_root, " \t\n\\");
 +	mangle(m, path);
 	seq_putc(m, ' ');
 	mangle(m, mnt->mnt_sb->s_type->name);
 	seq_puts(m, mnt->mnt_sb->s_flags & MS_RDONLY ? " ro" : " rw");
@@ -401,8 +414,14 @@ struct seq_operations mounts_op = {
 static int show_vfsstat(struct seq_file *m, void *v)
 {
 +	void *page = container_of(m, struct proc_mounts, m)->page;
 	struct vfsmount *mnt = v;
 	int err = 0;
 +	char *path;
 +
 +	path = d_path(mnt->mnt_root, mnt, page, PAGE_SIZE);
 +	if (IS_ERR(path) || *path != '/')
 +		return err; /* error or path unreachable from chroot */
 	/* device */
 	if (mnt->mnt_devname) {
@@ -413,7 +432,7 @@ static int show_vfsstat(struct seq_file 
 	/* mount point */
 	seq_puts(m, " mounted on ");
 -	seq_path(m, mnt, mnt->mnt_root, " \t\n\\");
 +	mangle(m, path);
 	seq_putc(m, ' ');
 	/* file system type */
 Index: linux-2.6-apparmor/fs/proc/base.c
 ===================================================================
 --- linux-2.6-apparmor.orig/fs/proc/base.c
 +++ linux-2.6-apparmor/fs/proc/base.c
@@ -353,13 +353,16 @@ static const struct inode_operations pro
 	.setattr	= proc_setattr,
 };
 +/* Keep in sync with fs/namespace.c! */
 extern struct seq_operations mounts_op;
 struct proc_mounts {
 	struct seq_file m;
 +	void *page;
 	int event;
 };
 -static int mounts_open(struct inode *inode, struct file *file)
 +static int __mounts_open(struct inode *inode, struct file *file,
 +			 struct seq_operations *seq_ops)
 {
 	struct task_struct *task = get_proc_task(inode);
 	struct mnt_namespace *ns = NULL;
@@ -382,12 +385,16 @@ static int mounts_open(struct inode *ino
 		p = kmalloc(sizeof(struct proc_mounts), GFP_KERNEL);
 		if (p) {
 			file->private_data = &p->m;
 -			ret = seq_open(file, &mounts_op);
 +			p->page = (void *)__get_free_page(GFP_KERNEL);
 +			if (p->page)
 +				ret = seq_open(file, seq_ops);
 			if (!ret) {
 				p->m.private = ns;
 				p->event = ns->event;
 				return 0;
 			}
 +			if (p->page)
 +				free_page((unsigned long)p->page);
 			kfree(p);
 		}
 		put_mnt_ns(ns);
@@ -395,17 +402,26 @@ static int mounts_open(struct inode *ino
 	return ret;
 }
 +static int mounts_open(struct inode *inode, struct file *file)
 +{
 +	return __mounts_open(inode, file, &mounts_op);
 +}
 +
 static int mounts_release(struct inode *inode, struct file *file)
 {
 -	struct seq_file *m = file->private_data;
 -	struct mnt_namespace *ns = m->private;
 +	struct proc_mounts *p =
 +		container_of(file->private_data, struct proc_mounts, m);
 +	struct mnt_namespace *ns = p->m.private;
 +
 +	free_page((unsigned long)p->page);
 	put_mnt_ns(ns);
 	return seq_release(inode, file);
 }
 static unsigned mounts_poll(struct file *file, poll_table *wait)
 {
 -	struct proc_mounts *p = file->private_data;
 +	struct proc_mounts *p =
 +		container_of(file->private_data, struct proc_mounts, m);
 	struct mnt_namespace *ns = p->m.private;
 	unsigned res = 0;
@@ -432,31 +448,7 @@ static const struct file_operations proc
 extern struct seq_operations mountstats_op;
 static int mountstats_open(struct inode *inode, struct file *file)
 {
 -	int ret = seq_open(file, &mountstats_op);
 -
 -	if (!ret) {
 -		struct seq_file *m = file->private_data;
 -		struct mnt_namespace *mnt_ns = NULL;
 -		struct task_struct *task = get_proc_task(inode);
 -
 -		if (task) {
 -			task_lock(task);
 -			if (task->nsproxy)
 -				mnt_ns = task->nsproxy->mnt_ns;
 -			if (mnt_ns)
 -				get_mnt_ns(mnt_ns);
 -			task_unlock(task);
 -			put_task_struct(task);
 -		}
 -
 -		if (mnt_ns)
 -			m->private = mnt_ns;
 -		else {
 -			seq_release(inode, file);
 -			ret = -EINVAL;
 -		}
 -	}
 -	return ret;
 +	return __mounts_open(inode, file, &mountstats_op);
 }
 static const struct file_operations proc_mountstats_operations = {
--- a/kernel-patches/for-mainline/fix-vfs_rmdir.diff
+++ b/kernel-patches/for-mainline/fix-vfs_rmdir.diff
@@ -1,7 +1,9 @@
-vfs_rmdir: call lsm hook before unhashing dentry
+vfs_rmdir(): call lsm hook before unhashing dentry
 If we unhash the dentry before calling the security_inode_rmdir hook,
-we cannot compute the file's pathname in the hook anymore.
+we cannot compute the file's pathname in the hook anymore. AppArmor
 needs to know the filename in order to decide whether a file may be
 deleted, though.
 Signed-off-by: John Johansen <jjohansen@suse.de>
 Signed-off-by: Andreas Gruenbacher <agruen@suse.de>
--- a/kernel-patches/for-mainline/no-unreachable-paths.diff
+++ b/kernel-patches/for-mainline/no-unreachable-paths.diff
@@ -1,181 +0,0 @@
 Hide unreachable mount points in /proc/mounts and /proc/$PID/mountstats
 What's mounted on unreachable mount points isn't interesting to
 processes: they can't get there in the first place. This patch hides
 unreachable mounts from processes.
 Processes living in the root namespace whill still see all mounts they
 were seeing before except for the rootfs mount, which is never reachable
 from an "ordinary" process.
 Only the initial initrd init process will actually have access to the
 rootfs mount. For this process that mount *is* reachable, and so it will
 show in.
 This patch also removes some code duplication between mounts_open() and
 mountstats_open().
 Signed-off-by: Andreas Gruenbacher <agruen@suse.de>
 Index: b/fs/namespace.c
 ===================================================================
 --- a/fs/namespace.c
 +++ b/fs/namespace.c
@@ -348,8 +348,16 @@ static inline void mangle(struct seq_fil
 	seq_escape(m, s, " \t\n\\");
 }
 +/* Keep in sync with fs/proc/base.c! */
 +struct proc_mounts {
 +        struct seq_file m;
 +        void *page;
 +        int event;
 +};
 +
 static int show_vfsmnt(struct seq_file *m, void *v)
 {
 +	void *page = container_of(m, struct proc_mounts, m)->page;
 	struct vfsmount *mnt = v;
 	int err = 0;
 	static struct proc_fs_info {
@@ -372,9 +380,13 @@ static int show_vfsmnt(struct seq_file *
 	};
 	struct proc_fs_info *fs_infop;
 +	char *path = d_path(mnt->mnt_root, mnt, page, PAGE_SIZE);
 +	if (IS_ERR(path) || *path != '/')
 +		return err;
 +
 	mangle(m, mnt->mnt_devname ? mnt->mnt_devname : "none");
 	seq_putc(m, ' ');
 -	seq_path(m, mnt, mnt->mnt_root, " \t\n\\");
 +	mangle(m, path);
 	seq_putc(m, ' ');
 	mangle(m, mnt->mnt_sb->s_type->name);
 	seq_puts(m, mnt->mnt_sb->s_flags & MS_RDONLY ? " ro" : " rw");
@@ -401,9 +413,14 @@ struct seq_operations mounts_op = {
 static int show_vfsstat(struct seq_file *m, void *v)
 {
 +	void *page = container_of(m, struct proc_mounts, m)->page;
 	struct vfsmount *mnt = v;
 	int err = 0;
 +	char *path = d_path(mnt->mnt_root, mnt, page, PAGE_SIZE);
 +	if (IS_ERR(path) || *path != '/')
 +		return err; /* error or path unreachable from chroot */
 +
 	/* device */
 	if (mnt->mnt_devname) {
 		seq_puts(m, "device ");
@@ -413,7 +430,7 @@ static int show_vfsstat(struct seq_file 
 	/* mount point */
 	seq_puts(m, " mounted on ");
 -	seq_path(m, mnt, mnt->mnt_root, " \t\n\\");
 +	mangle(m, path);
 	seq_putc(m, ' ');
 	/* file system type */
 Index: b/fs/proc/base.c
 ===================================================================
 --- a/fs/proc/base.c
 +++ b/fs/proc/base.c
@@ -353,13 +353,16 @@ static const struct inode_operations pro
 	.setattr	= proc_setattr,
 };
 +/* Keep in sync with fs/namespace.c! */
 extern struct seq_operations mounts_op;
 struct proc_mounts {
 	struct seq_file m;
 +	void *page;
 	int event;
 };
 -static int mounts_open(struct inode *inode, struct file *file)
 +static int __mounts_open(struct inode *inode, struct file *file,
 +			 struct seq_operations *seq_ops)
 {
 	struct task_struct *task = get_proc_task(inode);
 	struct mnt_namespace *ns = NULL;
@@ -382,12 +385,16 @@ static int mounts_open(struct inode *ino
 		p = kmalloc(sizeof(struct proc_mounts), GFP_KERNEL);
 		if (p) {
 			file->private_data = &p->m;
 -			ret = seq_open(file, &mounts_op);
 +			p->page = (void *)__get_free_page(GFP_KERNEL);
 +			if (p->page)
 +				ret = seq_open(file, seq_ops);
 			if (!ret) {
 				p->m.private = ns;
 				p->event = ns->event;
 				return 0;
 			}
 +			if (p->page)
 +				free_page((unsigned long)p->page);
 			kfree(p);
 		}
 		put_mnt_ns(ns);
@@ -395,17 +402,25 @@ static int mounts_open(struct inode *ino
 	return ret;
 }
 +static int mounts_open(struct inode *inode, struct file *file)
 +{
 +	return __mounts_open(inode, file, &mounts_op);
 +}
 +
 static int mounts_release(struct inode *inode, struct file *file)
 {
 -	struct seq_file *m = file->private_data;
 -	struct mnt_namespace *ns = m->private;
 +	struct proc_mounts *p =
 +		container_of(file->private_data, struct proc_mounts, m);
 +	struct mnt_namespace *ns = p->m.private;
 +	free_page((unsigned long)p->page);
 	put_mnt_ns(ns);
 	return seq_release(inode, file);
 }
 static unsigned mounts_poll(struct file *file, poll_table *wait)
 {
 -	struct proc_mounts *p = file->private_data;
 +	struct proc_mounts *p =
 +		container_of(file->private_data, struct proc_mounts, m);
 	struct mnt_namespace *ns = p->m.private;
 	unsigned res = 0;
@@ -432,31 +447,7 @@ static const struct file_operations proc
 extern struct seq_operations mountstats_op;
 static int mountstats_open(struct inode *inode, struct file *file)
 {
 -	int ret = seq_open(file, &mountstats_op);
 -
 -	if (!ret) {
 -		struct seq_file *m = file->private_data;
 -		struct mnt_namespace *mnt_ns = NULL;
 -		struct task_struct *task = get_proc_task(inode);
 -
 -		if (task) {
 -			task_lock(task);
 -			if (task->nsproxy)
 -				mnt_ns = task->nsproxy->mnt_ns;
 -			if (mnt_ns)
 -				get_mnt_ns(mnt_ns);
 -			task_unlock(task);
 -			put_task_struct(task);
 -		}
 -
 -		if (mnt_ns)
 -			m->private = mnt_ns;
 -		else {
 -			seq_release(inode, file);
 -			ret = -EINVAL;
 -		}
 -	}
 -	return ret;
 +	return __mounts_open(inode, file, &mountstats_op);
 }
 static const struct file_operations proc_mountstats_operations = {
--- a/kernel-patches/for-mainline/proc_setattr.diff
+++ b/kernel-patches/for-mainline/proc_setattr.diff
@@ -5,6 +5,7 @@ calling iop->setattr.
 Signed-off-by: Tony Jones <tonyj@suse.de>
 Signed-off-by: Andreas Gruenbacher <agruen@suse.de>
 Signed-off-by: John Johansen <jjohansen@suse.de>
 Index: b/fs/proc/base.c
 ===================================================================
--- a/kernel-patches/for-mainline/proc_sys_setattr.diff
+++ b/kernel-patches/for-mainline/proc_sys_setattr.diff
@@ -1,13 +1,11 @@
-Remove redundant check from proc_sys_setattr(), similar to recent fixup
+Remove redundant check from proc_sys_setattr()
 in proc_setattr().
-notify_change() already calls security_inode_setattr() before
+This is similar to a recent fixup in proc_setattr(): notify_change()
-calling iop->setattr.
+already calls security_inode_setattr() before calling iop->setattr.
 Signed-off-by: Steve Beattie <sbeattie@suse.de>
---
+Signed-off-by: Andreas Gruenbacher <agruen@suse.de>
- fs/proc/proc_sysctl.c |    7 ++-----
+Signed-off-by: John Johansen <jjohansen@suse.de>
 1 file changed, 2 insertions(+), 5 deletions(-)
 Index: b/fs/proc/proc_sysctl.c
 ===================================================================
--- a/kernel-patches/for-mainline/remove_suid.diff
+++ b/kernel-patches/for-mainline/remove_suid.diff
@@ -6,6 +6,7 @@ vfsmount parameter to notify_change().
 Signed-off-by: Tony Jones <tonyj@suse.de>
 Signed-off-by: Andreas Gruenbacher <agruen@suse.de>
 Signed-off-by: John Johansen <jjohansen@suse.de>
 Index: b/mm/filemap.c
 ===================================================================
--- a/kernel-patches/for-mainline/security-create.diff
+++ b/kernel-patches/for-mainline/security-create.diff
@@ -1,7 +1,8 @@
-Pass struct vfsmount to the inode_create LSM hook.
+Pass struct vfsmount to the inode_create LSM hook
 Signed-off-by: Tony Jones <tonyj@suse.de>
 Signed-off-by: Andreas Gruenbacher <agruen@suse.de>
 Signed-off-by: John Johansen <jjohansen@suse.de>
 Index: b/fs/namei.c
 ===================================================================
--- a/kernel-patches/for-mainline/security-getxattr.diff
+++ b/kernel-patches/for-mainline/security-getxattr.diff
@@ -2,6 +2,7 @@ Pass struct vfsmount to the inode_getxattr LSM hook
 Signed-off-by: Tony Jones <tonyj@suse.de>
 Signed-off-by: Andreas Gruenbacher <agruen@suse.de>
 Signed-off-by: John Johansen <jjohansen@suse.de>
 Index: b/fs/xattr.c
 ===================================================================
--- a/kernel-patches/for-mainline/security-link.diff
+++ b/kernel-patches/for-mainline/security-link.diff
@@ -2,6 +2,7 @@ Pass the struct vfsmounts to the inode_link LSM hook
 Signed-off-by: Tony Jones <tonyj@suse.de>
 Signed-off-by: Andreas Gruenbacher <agruen@suse.de>
 Signed-off-by: John Johansen <jjohansen@suse.de>
 Index: b/fs/namei.c
 ===================================================================
--- a/kernel-patches/for-mainline/security-listxattr.diff
+++ b/kernel-patches/for-mainline/security-listxattr.diff
@@ -2,6 +2,7 @@ Pass struct vfsmount to the inode_listxattr LSM hook
 Signed-off-by: Tony Jones <tonyj@suse.de>
 Signed-off-by: Andreas Gruenbacher <agruen@suse.de>
 Signed-off-by: John Johansen <jjohansen@suse.de>
 Index: b/fs/xattr.c
 ===================================================================
--- a/kernel-patches/for-mainline/security-mkdir.diff
+++ b/kernel-patches/for-mainline/security-mkdir.diff
@@ -2,6 +2,7 @@ Pass struct vfsmount to the inode_mkdir LSM hook
 Signed-off-by: Tony Jones <tonyj@suse.de>
 Signed-off-by: Andreas Gruenbacher <agruen@suse.de>
 Signed-off-by: John Johansen <jjohansen@suse.de>
 Index: b/fs/namei.c
 ===================================================================
--- a/kernel-patches/for-mainline/security-mknod.diff
+++ b/kernel-patches/for-mainline/security-mknod.diff
@@ -2,6 +2,7 @@ Pass struct vfsmount to the inode_mknod LSM hook
 Signed-off-by: Tony Jones <tonyj@suse.de>
 Signed-off-by: Andreas Gruenbacher <agruen@suse.de>
 Signed-off-by: John Johansen <jjohansen@suse.de>
 Index: b/fs/namei.c
 ===================================================================
--- a/kernel-patches/for-mainline/security-readlink.diff
+++ b/kernel-patches/for-mainline/security-readlink.diff
@@ -2,6 +2,7 @@ Pass struct vfsmount to the inode_readlink LSM hook
 Signed-off-by: Tony Jones <tonyj@suse.de>
 Signed-off-by: Andreas Gruenbacher <agruen@suse.de>
 Signed-off-by: John Johansen <jjohansen@suse.de>
 Index: b/fs/stat.c
 ===================================================================
--- a/kernel-patches/for-mainline/security-removexattr.diff
+++ b/kernel-patches/for-mainline/security-removexattr.diff
@@ -2,6 +2,7 @@ Pass struct vfsmount to the inode_removexattr LSM hook
 Signed-off-by: Tony Jones <tonyj@suse.de>
 Signed-off-by: Andreas Gruenbacher <agruen@suse.de>
 Signed-off-by: John Johansen <jjohansen@suse.de>
 Index: b/fs/xattr.c
 ===================================================================
--- a/kernel-patches/for-mainline/security-rename.diff
+++ b/kernel-patches/for-mainline/security-rename.diff
@@ -2,6 +2,7 @@ Pass struct vfsmount to the inode_rename LSM hook
 Signed-off-by: Tony Jones <tonyj@suse.de>
 Signed-off-by: Andreas Gruenbacher <agruen@suse.de>
 Signed-off-by: John Johansen <jjohansen@suse.de>
 Index: b/fs/namei.c
 ===================================================================
--- a/kernel-patches/for-mainline/security-rmdir.diff
+++ b/kernel-patches/for-mainline/security-rmdir.diff
@@ -2,6 +2,7 @@ Pass struct vfsmount to the inode_rmdir LSM hook
 Signed-off-by: Tony Jones <tonyj@suse.de>
 Signed-off-by: Andreas Gruenbacher <agruen@suse.de>
 Signed-off-by: John Johansen <jjohansen@suse.de>
 Index: b/fs/namei.c
 ===================================================================
--- a/kernel-patches/for-mainline/security-setattr.diff
+++ b/kernel-patches/for-mainline/security-setattr.diff
@@ -2,6 +2,7 @@ Pass struct vfsmount to the inode_setattr LSM hook
 Signed-off-by: Tony Jones <tonyj@suse.de>
 Signed-off-by: Andreas Gruenbacher <agruen@suse.de>
 Signed-off-by: John Johansen <jjohansen@suse.de>
 Index: b/fs/attr.c
 ===================================================================
--- a/kernel-patches/for-mainline/security-setxattr.diff
+++ b/kernel-patches/for-mainline/security-setxattr.diff
@@ -2,6 +2,7 @@ Pass struct vfsmount to the inode_setxattr LSM hook
 Signed-off-by: Tony Jones <tonyj@suse.de>
 Signed-off-by: Andreas Gruenbacher <agruen@suse.de>
 Signed-off-by: John Johansen <jjohansen@suse.de>
 Index: b/include/linux/security.h
 ===================================================================
--- a/kernel-patches/for-mainline/security-symlink.diff
+++ b/kernel-patches/for-mainline/security-symlink.diff
@@ -1,7 +1,8 @@
-Pass struct vfsmount to the inode_symlink LSM hook.
+Pass struct vfsmount to the inode_symlink LSM hook
 Signed-off-by: Tony Jones <tonyj@suse.de>
 Signed-off-by: Andreas Gruenbacher <agruen@suse.de>
 Signed-off-by: John Johansen <jjohansen@suse.de>
 Index: b/fs/namei.c
 ===================================================================
--- a/kernel-patches/for-mainline/security-unlink.diff
+++ b/kernel-patches/for-mainline/security-unlink.diff
@@ -2,6 +2,7 @@ Pass struct vfsmount to the inode_unlink LSM hook
 Signed-off-by: Tony Jones <tonyj@suse.de>
 Signed-off-by: Andreas Gruenbacher <agruen@suse.de>
 Signed-off-by: John Johansen <jjohansen@suse.de>
 Index: b/fs/namei.c
 ===================================================================
--- a/kernel-patches/for-mainline/series
+++ b/kernel-patches/for-mainline/series
@@ -28,8 +28,7 @@ vfs-listxattr.diff
 security-listxattr.diff
 vfs-removexattr.diff
 security-removexattr.diff
-d_path-lazy-unmounts.diff
+fix-__d_path-for-lazy-unmounts-and-make-it-unambiguous.patch
 no-unreachable-paths.diff
 mount-consistent-d_path.diff
 # security_chroot.diff
 d_namespace_path.diff
@@ -39,4 +38,3 @@ apparmor-audit.diff
 apparmor.diff
 apparmor-intree.diff
 # complain-to-learn.diff
--- a/kernel-patches/for-mainline/vfs-getxattr.diff
+++ b/kernel-patches/for-mainline/vfs-getxattr.diff
@@ -2,6 +2,7 @@ Add a struct vfsmount parameter to vfs_getxattr()
 Signed-off-by: Tony Jones <tonyj@suse.de>
 Signed-off-by: Andreas Gruenbacher <agruen@suse.de>
 Signed-off-by: John Johansen <jjohansen@suse.de>
 Index: b/fs/nfsd/vfs.c
 ===================================================================
--- a/kernel-patches/for-mainline/vfs-link.diff
+++ b/kernel-patches/for-mainline/vfs-link.diff
@@ -2,6 +2,7 @@ Add struct vfsmount parameters to vfs_link()
 Signed-off-by: Tony Jones <tonyj@suse.de>
 Signed-off-by: Andreas Gruenbacher <agruen@suse.de>
 Signed-off-by: John Johansen <jjohansen@suse.de>
 Index: b/fs/namei.c
 ===================================================================
--- a/kernel-patches/for-mainline/vfs-listxattr.diff
+++ b/kernel-patches/for-mainline/vfs-listxattr.diff
@@ -2,6 +2,7 @@ Add a struct vfsmount parameter to vfs_listxattr()
 Signed-off-by: Tony Jones <tonyj@suse.de>
 Signed-off-by: Andreas Gruenbacher <agruen@suse.de>
 Signed-off-by: John Johansen <jjohansen@suse.de>
 Index: b/fs/xattr.c
 ===================================================================
--- a/kernel-patches/for-mainline/vfs-mkdir.diff
+++ b/kernel-patches/for-mainline/vfs-mkdir.diff
@@ -2,6 +2,7 @@ Add struct vfsmount parameter to vfs_mkdir()
 Signed-off-by: Tony Jones <tonyj@suse.de>
 Signed-off-by: Andreas Gruenbacher <agruen@suse.de>
 Signed-off-by: John Johansen <jjohansen@suse.de>
 Index: b/fs/ecryptfs/inode.c
 ===================================================================
--- a/kernel-patches/for-mainline/vfs-mknod.diff
+++ b/kernel-patches/for-mainline/vfs-mknod.diff
@@ -2,6 +2,7 @@ Add a struct vfsmount parameter to vfs_mknod()
 Signed-off-by: Tony Jones <tonyj@suse.de>
 Signed-off-by: Andreas Gruenbacher <agruen@suse.de>
 Signed-off-by: John Johansen <jjohansen@suse.de>
 Index: b/fs/ecryptfs/inode.c
 ===================================================================
--- a/kernel-patches/for-mainline/vfs-notify_change.diff
+++ b/kernel-patches/for-mainline/vfs-notify_change.diff
@@ -4,14 +4,9 @@ The vfsmount parameter must be set appropriately for files visibile
 outside the kernel. Files that are only used in a filesystem (e.g.,
 reiserfs xattr files) will have a NULL vfsmount.
 The kernel nfsd also doesn't have the necessary context for client
 requests. We cannot put it under any pathname based policy, and
 also set vfsmount to NULL there.
 The next patch passes the vfsmount to the inode_setattr LSM hook.
 Signed-off-by: Tony Jones <tonyj@suse.de>
 Signed-off-by: Andreas Gruenbacher <agruen@suse.de>
 Signed-off-by: John Johansen <jjohansen@suse.de>
 Index: b/fs/attr.c
 ===================================================================
--- a/kernel-patches/for-mainline/vfs-removexattr.diff
+++ b/kernel-patches/for-mainline/vfs-removexattr.diff
@@ -2,6 +2,7 @@ Add a struct vfsmount parameter to vfs_removexattr()
 Signed-off-by: Tony Jones <tonyj@suse.de>
 Signed-off-by: Andreas Gruenbacher <agruen@suse.de>
 Signed-off-by: John Johansen <jjohansen@suse.de>
 Index: b/fs/nfsd/vfs.c
 ===================================================================
--- a/kernel-patches/for-mainline/vfs-rename.diff
+++ b/kernel-patches/for-mainline/vfs-rename.diff
@@ -2,6 +2,7 @@ Add struct vfsmount parameters to vfs_rename()
 Signed-off-by: Tony Jones <tonyj@suse.de>
 Signed-off-by: Andreas Gruenbacher <agruen@suse.de>
 Signed-off-by: John Johansen <jjohansen@suse.de>
 Index: b/fs/ecryptfs/inode.c
 ===================================================================
--- a/kernel-patches/for-mainline/vfs-rmdir.diff
+++ b/kernel-patches/for-mainline/vfs-rmdir.diff
@@ -2,6 +2,7 @@ Add a struct vfsmount parameter to vfs_rmdir()
 Signed-off-by: Tony Jones <tonyj@suse.de>
 Signed-off-by: Andreas Gruenbacher <agruen@suse.de>
 Signed-off-by: John Johansen <jjohansen@suse.de>
 Index: b/fs/ecryptfs/inode.c
 ===================================================================
--- a/kernel-patches/for-mainline/vfs-setxattr.diff
+++ b/kernel-patches/for-mainline/vfs-setxattr.diff
@@ -2,6 +2,7 @@ Add a struct vfsmount parameter to vfs_setxattr()
 Signed-off-by: Tony Jones <tonyj@suse.de>
 Signed-off-by: Andreas Gruenbacher <agruen@suse.de>
 Signed-off-by: John Johansen <jjohansen@suse.de>
 Index: b/fs/nfsd/vfs.c
 ===================================================================
--- a/kernel-patches/for-mainline/vfs-symlink.diff
+++ b/kernel-patches/for-mainline/vfs-symlink.diff
@@ -2,6 +2,7 @@ Add a struct vfsmount parameter to vfs_symlink()
 Signed-off-by: Tony Jones <tonyj@suse.de>
 Signed-off-by: Andreas Gruenbacher <agruen@suse.de>
 Signed-off-by: John Johansen <jjohansen@suse.de>
 Index: b/fs/ecryptfs/inode.c
 ===================================================================
--- a/kernel-patches/for-mainline/vfs-unlink.diff
+++ b/kernel-patches/for-mainline/vfs-unlink.diff
@@ -2,6 +2,7 @@ Add a struct vfsmount parameter to vfs_unlink()
 Signed-off-by: Tony Jones <tonyj@suse.de>
 Signed-off-by: Andreas Gruenbacher <agruen@suse.de>
 Signed-off-by: John Johansen <jjohansen@suse.de>
 Index: b/fs/ecryptfs/inode.c
 ===================================================================