fold in fix-named-transitions, update d_path-keep connected to not use MS_NOUSER

kernel-patches/for-mainline/apparmor-main.diff

@@ -941,7 +941,7 @@ Signed-off-by: Andreas Gruenbacher <agruen@suse.de>
 +	default:
 +		/* all other indexes are named transitions */
 +		index = AA_EXEC_INDEX(xmode);
-+		if (index - 4 > profile->exec_table_size) {
++		if (index - 4 >= profile->exec_table_size) {
 +			sa->info = "invalid named transition - exec failed";
 +			sa->error_code = -EACCES;
 +			new_profile = ERR_PTR(-EACCES);

kernel-patches/for-mainline/apparmor-module_interface.diff

@@ -10,8 +10,8 @@ Signed-off-by: Andreas Gruenbacher <agruen@suse.de>
 ---
  security/apparmor/match.c            |  364 ++++++++++++++
  security/apparmor/match.h            |   87 +++
- security/apparmor/module_interface.c |  874 +++++++++++++++++++++++++++++++++++
- 3 files changed, 1325 insertions(+)
+ security/apparmor/module_interface.c |  875 +++++++++++++++++++++++++++++++++++
+ 3 files changed, 1326 insertions(+)
 
 --- /dev/null
 +++ b/security/apparmor/match.c
@@ -472,7 +472,7 @@ Signed-off-by: Andreas Gruenbacher <agruen@suse.de>
 +#endif /* __MATCH_H */
 --- /dev/null
 +++ b/security/apparmor/module_interface.c
-@@ -0,0 +1,874 @@
+@@ -0,0 +1,875 @@
 +/*
 + *	Copyright (C) 1998-2007 Novell/SUSE
 + *
@@ -778,6 +778,7 @@ Signed-off-by: Andreas Gruenbacher <agruen@suse.de>
 +			goto fail;
 +		if (!aa_is_nameX(e, AA_STRUCTEND, NULL))
 +			goto fail;
++		profile->exec_table_size = size;
 +	}
 +	return 1;
 +

kernel-patches/for-mainline/series

@@ -115,9 +115,9 @@ apparmor-network.diff
 #fix-net.diff
 apparmor-rlimits.diff
 audit-log-type-in-syslog.diff
-fix-named-transitions.diff
-apparmor-xmods-accept-entry.diff
-apparmor-split-audit-deny.diff
-apparmor-cond-uid.diff
-apparmor-quiet-control.diff
-apparmor-direct-complain.diff
+#fix-named-transitions.diff
+#apparmor-xmods-accept-entry.diff
+#apparmor-split-audit-deny.diff
+#apparmor-cond-uid.diff
+#apparmor-quiet-control.diff
+#apparmor-direct-complain.diff