Merge branch 'master' into next

Conflicts:
	fs/namei.c

Manually merged per:

diff --cc fs/namei.c
index 734f2b5,bbc15c2..0000000
--- a/fs/namei.c
+++ b/fs/namei.c
@@@ -860,9 -848,8 +849,10 @@@ static int __link_path_walk(const char
  		nd->flags |= LOOKUP_CONTINUE;
  		err = exec_permission_lite(inode);
  		if (err == -EAGAIN)
- 			err = vfs_permission(nd, MAY_EXEC);
+ 			err = inode_permission(nd->path.dentry->d_inode,
+ 					       MAY_EXEC);
 +		if (!err)
 +			err = ima_path_check(&nd->path, MAY_EXEC);
   		if (err)
  			break;

@@@ -1525,14 -1506,9 +1509,14 @@@ int may_open(struct path *path, int acc
  		flag &= ~O_TRUNC;
  	}

- 	error = vfs_permission(nd, acc_mode);
+ 	error = inode_permission(inode, acc_mode);
  	if (error)
  		return error;
 +
- 	error = ima_path_check(&nd->path,
++	error = ima_path_check(path,
 +			       acc_mode & (MAY_READ | MAY_WRITE | MAY_EXEC));
 +	if (error)
 +		return error;
  	/*
  	 * An append-only file must be opened in append mode for writing.
  	 */

Signed-off-by: James Morris <jmorris@namei.org>

diff --cc Documentation/kernel-parameters.txt
Simple merge

diff --cc MAINTAINERS
Simple merge

diff --cc fs/exec.c
index 9c789a525cc419fbadad01e192821878f57d9d14,0dd60a01f1b4eabcd6ff2717ad2faffe099f8f61..febfd8ed6ad178ba31b5d858a8f371b3958ab388
--- 1/fs/exec.c
--- 2/fs/exec.c
+++ b/fs/exec.c
@@@ -128,12 -123,10 +124,13 @@@ SYSCALL_DEFINE1(uselib, const char __us
        if (nd.path.mnt->mnt_flags & MNT_NOEXEC)
                goto exit;
  
-       error = vfs_permission(&nd, MAY_READ | MAY_EXEC | MAY_OPEN);
+       error = inode_permission(nd.path.dentry->d_inode,
+                                MAY_READ | MAY_EXEC | MAY_OPEN);
        if (error)
                goto exit;
 +      error = ima_path_check(&nd.path, MAY_READ | MAY_EXEC | MAY_OPEN);
 +      if (error)
 +              goto exit;
  
        file = nameidata_to_filp(&nd, O_RDONLY|O_LARGEFILE);
        error = PTR_ERR(file);
@@@ -684,10 -671,7 +675,10 @@@ struct file *open_exec(const char *name
        if (nd.path.mnt->mnt_flags & MNT_NOEXEC)
                goto out_path_put;
  
-       err = vfs_permission(&nd, MAY_EXEC | MAY_OPEN);
+       err = inode_permission(nd.path.dentry->d_inode, MAY_EXEC | MAY_OPEN);
 +      if (err)
 +              goto out_path_put;
 +      err = ima_path_check(&nd.path, MAY_EXEC | MAY_OPEN);
        if (err)
                goto out_path_put;
  
@@@ -1178,45 -1164,8 +1171,11 @@@ int search_binary_handler(struct linux_
        unsigned int depth = bprm->recursion_depth;
        int try,retval;
        struct linux_binfmt *fmt;
- #ifdef __alpha__
-       /* handle /sbin/loader.. */
-       {
-           struct exec * eh = (struct exec *) bprm->buf;
- 
-           if (!bprm->loader && eh->fh.f_magic == 0x183 &&
-               (eh->fh.f_flags & 0x3000) == 0x3000)
-           {
-               struct file * file;
-               unsigned long loader;
  
-               allow_write_access(bprm->file);
-               fput(bprm->file);
-               bprm->file = NULL;
- 
-               loader = bprm->vma->vm_end - sizeof(void *);
- 
-               file = open_exec("/sbin/loader");
-               retval = PTR_ERR(file);
-               if (IS_ERR(file))
-                       return retval;
- 
-               /* Remember if the application is TASO.  */
-               bprm->taso = eh->ah.entry < 0x100000000UL;
- 
-               bprm->file = file;
-               bprm->loader = loader;
-               retval = prepare_binprm(bprm);
-               if (retval<0)
-                       return retval;
-               /* should call search_binary_handler recursively here,
-                  but it does not matter */
-           }
-       }
- #endif
        retval = security_bprm_check(bprm);
 +      if (retval)
 +              return retval;
 +      retval = ima_bprm_check(bprm);
        if (retval)
                return retval;
  

diff --cc fs/file_table.c
Simple merge

diff --cc fs/inode.c
Simple merge

diff --cc fs/namei.c
index 734f2b5591bf9758aedc875381a9456fe7853929,bbc15c237558f82c7fbe2b661e55ee8fa1b9849d..199317642ad6d731f47dd61693a2374145f99337
--- 1/fs/namei.c
--- 2/fs/namei.c
+++ b/fs/namei.c
@@@ -860,9 -848,8 +849,10 @@@ static int __link_path_walk(const char 
                nd->flags |= LOOKUP_CONTINUE;
                err = exec_permission_lite(inode);
                if (err == -EAGAIN)
-                       err = vfs_permission(nd, MAY_EXEC);
+                       err = inode_permission(nd->path.dentry->d_inode,
+                                              MAY_EXEC);
 +              if (!err)
 +                      err = ima_path_check(&nd->path, MAY_EXEC);
                if (err)
                        break;
  
@@@ -1525,14 -1506,9 +1509,14 @@@ int may_open(struct path *path, int acc
                flag &= ~O_TRUNC;
        }
  
-       error = vfs_permission(nd, acc_mode);
+       error = inode_permission(inode, acc_mode);
        if (error)
                return error;
-       error = ima_path_check(&nd->path,
 +
++      error = ima_path_check(path,
 +                             acc_mode & (MAY_READ | MAY_WRITE | MAY_EXEC));
 +      if (error)
 +              return error;
        /*
         * An append-only file must be opened in append mode for writing.
         */

diff --cc include/linux/audit.h
Simple merge

diff --cc ipc/shm.c
Simple merge

diff --cc mm/mmap.c
Simple merge

diff --cc mm/shmem.c
Simple merge

diff --cc security/Kconfig
Simple merge

diff --cc security/inode.c
Simple merge