diff --git a/kernel-patches/for-mainline/leaf.diff b/kernel-patches/for-mainline/leaf.diff
index 67f5eaf6e..950591cfd 100644
--- a/kernel-patches/for-mainline/leaf.diff
+++ b/kernel-patches/for-mainline/leaf.diff
@@ -1,15 +1,13 @@
 ---
  fs/namei.c                   |    6 ++++++
  security/apparmor/apparmor.h |    7 +++----
- security/apparmor/lsm.c      |   17 ++++++++---------
+ security/apparmor/lsm.c      |   25 +++++++++++++------------
  security/apparmor/main.c     |   14 +-------------
- 4 files changed, 18 insertions(+), 26 deletions(-)
+ 4 files changed, 23 insertions(+), 29 deletions(-)
 
-Index: b/fs/namei.c
-===================================================================
 --- a/fs/namei.c
 +++ b/fs/namei.c
-@@ -1428,6 +1428,10 @@ static int may_delete(struct inode *dir,
+@@ -1396,6 +1396,10 @@ static int may_delete(struct inode *dir,
  	BUG_ON(victim->d_parent->d_inode != dir);
  	audit_inode_child(victim->d_name.name, victim->d_inode, dir);
  
@@ -20,7 +18,7 @@ Index: b/fs/namei.c
  	error = permission(dir,MAY_WRITE | MAY_EXEC, NULL);
  	if (error)
  		return error;
-@@ -1465,6 +1469,8 @@ static inline int may_create(struct inod
+@@ -1433,6 +1437,8 @@ static inline int may_create(struct inod
  		return -EEXIST;
  	if (IS_DEADDIR(dir))
  		return -ENOENT;
@@ -29,8 +27,6 @@ Index: b/fs/namei.c
  	return permission(dir,MAY_WRITE | MAY_EXEC, nd);
  }
  
-Index: b/security/apparmor/apparmor.h
-===================================================================
 --- a/security/apparmor/apparmor.h
 +++ b/security/apparmor/apparmor.h
 @@ -181,10 +181,9 @@ struct aa_audit {
@@ -47,8 +43,6 @@ Index: b/security/apparmor/apparmor.h
  
  /* main.c */
  extern int alloc_null_complain_profile(void);
-Index: b/security/apparmor/lsm.c
-===================================================================
 --- a/security/apparmor/lsm.c
 +++ b/security/apparmor/lsm.c
 @@ -291,7 +291,7 @@ static int aa_permission(struct inode *i
@@ -94,22 +88,27 @@ Index: b/security/apparmor/lsm.c
  
  		if (inode && S_ISDIR(inode->i_mode))
  			check |= AA_CHECK_DIR;
-@@ -381,13 +381,12 @@ static int apparmor_inode_permission(str
+@@ -381,13 +381,14 @@ static int apparmor_inode_permission(str
  {
  	int check = 0;
  
 -	if (!nd)
 +	if (!nd || nd->flags & (LOOKUP_PARENT | LOOKUP_CONTINUE))
  		return 0;
- 	if (S_ISDIR(inode->i_mode))
- 		check |= AA_CHECK_DIR;
+-	if (S_ISDIR(inode->i_mode))
+-		check |= AA_CHECK_DIR;
  	mask &= (MAY_READ | MAY_WRITE | MAY_EXEC);
- 
+-
 -	/* Assume we are not checking a leaf directory. */
++	if (S_ISDIR(inode->i_mode)) {
++		check |= AA_CHECK_DIR;
++		/* allow traverse accesses to directories */
++		mask &= ~MAY_EXEC;
++	}
  	return aa_permission(inode, nd->dentry, nd->mnt, mask, check);
  }
  
-@@ -481,7 +480,7 @@ static int apparmor_file_permission(stru
+@@ -481,7 +482,7 @@ static int apparmor_file_permission(stru
  		struct dentry *dentry = file->f_dentry;
  		struct vfsmount *mnt = file->f_vfsmnt;
  		struct inode *inode = dentry->d_inode;
@@ -118,7 +117,7 @@ Index: b/security/apparmor/lsm.c
  
  		/*
  		 * FIXME: We should remember which profiles we revalidated
-@@ -536,7 +535,7 @@ static inline int aa_mmap(struct file *f
+@@ -536,7 +537,7 @@ static inline int aa_mmap(struct file *f
  
  	dentry = file->f_dentry;
  	return aa_permission(dentry->d_inode, dentry, file->f_vfsmnt, mask,
@@ -127,8 +126,6 @@ Index: b/security/apparmor/lsm.c
  }
  
  static int apparmor_file_mmap(struct file *file, unsigned long reqprot,
-Index: b/security/apparmor/main.c
-===================================================================
 --- a/security/apparmor/main.c
 +++ b/security/apparmor/main.c
 @@ -656,17 +656,6 @@ int aa_perm(struct aa_profile *profile, 
diff --git a/kernel-patches/for-mainline/remove_suid.diff b/kernel-patches/for-mainline/remove_suid.diff
index 97cfbcaa2..76d9cf71f 100644
--- a/kernel-patches/for-mainline/remove_suid.diff
+++ b/kernel-patches/for-mainline/remove_suid.diff
@@ -34,7 +34,7 @@ Signed-off-by: John Johansen <jjohansen@suse.de>
  	file_update_time(file);
 --- a/fs/ocfs2/file.c
 +++ b/fs/ocfs2/file.c
-@@ -1157,14 +1157,14 @@ out:
+@@ -1035,13 +1035,13 @@ out:
  	return ret;
  }
  
@@ -42,8 +42,7 @@ Signed-off-by: John Johansen <jjohansen@suse.de>
 +static int ocfs2_prepare_inode_for_write(struct path *path,
  					 loff_t *ppos,
  					 size_t count,
- 					 int appending,
- 					 int *direct_io)
+ 					 int appending)
  {
  	int ret = 0, meta_level = appending;
 -	struct inode *inode = dentry->d_inode;
@@ -51,7 +50,7 @@ Signed-off-by: John Johansen <jjohansen@suse.de>
  	u32 clusters;
  	loff_t newsize, saved_pos;
  
-@@ -1190,7 +1190,7 @@ static int ocfs2_prepare_inode_for_write
+@@ -1067,7 +1067,7 @@ static int ocfs2_prepare_inode_for_write
  		 * inode. There's also the dinode i_size state which
  		 * can be lost via setattr during extending writes (we
  		 * set inode->i_size at the end of a write. */
@@ -60,24 +59,24 @@ Signed-off-by: John Johansen <jjohansen@suse.de>
  			if (meta_level == 0) {
  				ocfs2_meta_unlock(inode, meta_level);
  				meta_level = 1;
-@@ -1498,7 +1498,7 @@ relock:
- 	}
- 
- 	can_do_direct = direct_io;
--	ret = ocfs2_prepare_inode_for_write(file->f_path.dentry, ppos,
-+	ret = ocfs2_prepare_inode_for_write(&file->f_path, ppos,
- 					    iocb->ki_left, appending,
- 					    &can_do_direct);
- 	if (ret < 0) {
-@@ -1703,7 +1703,7 @@ static ssize_t ocfs2_file_splice_write(s
+@@ -1176,7 +1176,7 @@ static ssize_t ocfs2_file_aio_write(stru
  		goto out;
  	}
  
--	ret = ocfs2_prepare_inode_for_write(out->f_path.dentry, ppos, len, 0,
-+	ret = ocfs2_prepare_inode_for_write(&out->f_path, ppos, len, 0,
- 					    NULL);
+-	ret = ocfs2_prepare_inode_for_write(filp->f_path.dentry, &iocb->ki_pos,
++	ret = ocfs2_prepare_inode_for_write(&filp->f_path, &iocb->ki_pos,
+ 					    iocb->ki_left, appending);
  	if (ret < 0) {
  		mlog_errno(ret);
+@@ -1239,7 +1239,7 @@ static ssize_t ocfs2_file_splice_write(s
+ 		goto out;
+ 	}
+ 
+-	ret = ocfs2_prepare_inode_for_write(out->f_path.dentry, ppos, len, 0);
++	ret = ocfs2_prepare_inode_for_write(&out->f_path, ppos, len, 0);
+ 	if (ret < 0) {
+ 		mlog_errno(ret);
+ 		goto out_unlock;
 --- a/fs/reiserfs/file.c
 +++ b/fs/reiserfs/file.c
 @@ -1353,7 +1353,7 @@ static ssize_t reiserfs_file_write(struc
@@ -126,7 +125,7 @@ Signed-off-by: John Johansen <jjohansen@suse.de>
  			goto out_unlock_mutex;
 --- a/include/linux/fs.h
 +++ b/include/linux/fs.h
-@@ -1690,9 +1690,9 @@ extern void __iget(struct inode * inode)
+@@ -1685,9 +1685,9 @@ extern void __iget(struct inode * inode)
  extern void clear_inode(struct inode *);
  extern void destroy_inode(struct inode *);
  extern struct inode *new_inode(struct super_block *);
diff --git a/kernel-patches/for-mainline/series b/kernel-patches/for-mainline/series
index 61254e2bf..78ab5baad 100644
--- a/kernel-patches/for-mainline/series
+++ b/kernel-patches/for-mainline/series
@@ -54,7 +54,6 @@ file_permission-nameidata.diff
 apparmorfs_dentry_refcount_fix
 # NOT YET
 leaf.diff
-fix_leaf.diff
 nfsd_permission-nameidata.diff
 ecryptfs-d_revalidate.diff
 # statvfs.diff