18 files changed, 310 insertions, 35 deletions
diff --git a/include/linux/audit.h b/include/linux/audit.h
index 36abf2aa7e68..12367cbadfe1 100644
--- a/include/linux/audit.h
+++ b/include/linux/audit.h
@@ -442,6 +442,8 @@ struct audit_krule {
 struct audit_field {
        u32                             type;
        u32                             val;
+        kuid_t                          uid;
+        kgid_t                          gid;
        u32                             op;
        char                            *lsm_str;
        void                            *lsm_rule;
@@ -525,7 +527,7 @@ static inline void audit_ptrace(struct task_struct *t)
 extern unsigned int audit_serial(void);
 extern int auditsc_get_stamp(struct audit_context *ctx,
                              struct timespec *t, unsigned int *serial);
-extern int  audit_set_loginuid(uid_t loginuid);
+extern int  audit_set_loginuid(kuid_t loginuid);
 #define audit_get_loginuid(t) ((t)->loginuid)
 #define audit_get_sessionid(t) ((t)->sessionid)
 extern void audit_log_task_context(struct audit_buffer *ab);
@@ -637,7 +639,7 @@ extern int audit_signals;
 #define audit_core_dumps(i) do { ; } while (0)
 #define audit_seccomp(i,s,c) do { ; } while (0)
 #define auditsc_get_stamp(c,t,s) (0)
-#define audit_get_loginuid(t) (-1)
+#define audit_get_loginuid(t) (INVALID_UID)
 #define audit_get_sessionid(t) (-1)
 #define audit_log_task_context(b) do { ; } while (0)
 #define audit_ipc_obj(i) ((void)0)
@@ -700,10 +702,10 @@ extern void 		    audit_log_secctx(struct audit_buffer *ab, u32 secid);
 extern int                  audit_update_lsm_rules(void);
                                /* Private API (for audit.c only) */
-extern int audit_filter_user(struct netlink_skb_parms *cb);
+extern int audit_filter_user(void);
 extern int audit_filter_type(int type);
-extern int  audit_receive_filter(int type, int pid, int uid, int seq,
+extern int  audit_receive_filter(int type, int pid, int seq,
-                                void *data, size_t datasz, uid_t loginuid,
+                                void *data, size_t datasz, kuid_t loginuid,
                                u32 sessionid, u32 sid);
 extern int audit_enabled;
 #else
diff --git a/include/linux/inet_diag.h b/include/linux/inet_diag.h
index f1362b5447fc..e788c186ed3a 100644
--- a/include/linux/inet_diag.h
+++ b/include/linux/inet_diag.h
@@ -159,6 +159,7 @@ struct inet_diag_handler {
 struct inet_connection_sock;
 int inet_sk_diag_fill(struct sock *sk, struct inet_connection_sock *icsk,
                              struct sk_buff *skb, struct inet_diag_req_v2 *req,
+                              struct user_namespace *user_ns,
                              u32 pid, u32 seq, u16 nlmsg_flags,
                              const struct nlmsghdr *unlh);
 void inet_diag_dump_icsk(struct inet_hashinfo *h, struct sk_buff *skb,
diff --git a/include/linux/init_task.h b/include/linux/init_task.h
index 89f1cb1056f0..6d087c5f57f7 100644
--- a/include/linux/init_task.h
+++ b/include/linux/init_task.h
@@ -92,7 +92,7 @@ extern struct group_info init_groups;
 #ifdef CONFIG_AUDITSYSCALL
 #define INIT_IDS \
-        .loginuid = -1, \
+        .loginuid = INVALID_UID, \
        .sessionid = -1,
 #else
 #define INIT_IDS
diff --git a/include/linux/ipc.h b/include/linux/ipc.h
index 30e816148df4..ca833fdc3138 100644
--- a/include/linux/ipc.h
+++ b/include/linux/ipc.h
@@ -79,6 +79,7 @@ struct ipc_kludge {
 #ifdef __KERNEL__
 #include <linux/spinlock.h>
+#include <linux/uidgid.h>
 #define IPCMNI 32768  /* <= MAX_INT limit for ipc arrays (including sysctl changes) */
@@ -89,10 +90,10 @@ struct kern_ipc_perm
        int             deleted;
        int             id;
        key_t           key;
-        uid_t           uid;
+        kuid_t          uid;
-        gid_t           gid;
+        kgid_t          gid;
-        uid_t           cuid;
+        kuid_t          cuid;
-        gid_t           cgid;
+        kgid_t          cgid;
        umode_t         mode; 
        unsigned long   seq;
        void            *security;
diff --git a/include/linux/key.h b/include/linux/key.h
index cef3b315ba7c..2393b1c040b6 100644
--- a/include/linux/key.h
+++ b/include/linux/key.h
@@ -24,6 +24,7 @@
 #include <linux/atomic.h>
 #ifdef __KERNEL__
+#include <linux/uidgid.h>
 /* key handle serial number */
 typedef int32_t key_serial_t;
@@ -137,8 +138,8 @@ struct key {
                time_t          revoked_at;     /* time at which key was revoked */
        };
        time_t                  last_used_at;   /* last time used for LRU keyring discard */
-        uid_t                   uid;
+        kuid_t                  uid;
-        gid_t                   gid;
+        kgid_t                  gid;
        key_perm_t              perm;           /* access permissions */
        unsigned short          quotalen;       /* length added to quota */
        unsigned short          datalen;        /* payload data length
@@ -193,7 +194,7 @@ struct key {
 extern struct key *key_alloc(struct key_type *type,
                             const char *desc,
-                             uid_t uid, gid_t gid,
+                             kuid_t uid, kgid_t gid,
                             const struct cred *cred,
                             key_perm_t perm,
                             unsigned long flags);
@@ -262,7 +263,7 @@ extern int key_link(struct key *keyring,
 extern int key_unlink(struct key *keyring,
                      struct key *key);
-extern struct key *keyring_alloc(const char *description, uid_t uid, gid_t gid,
+extern struct key *keyring_alloc(const char *description, kuid_t uid, kgid_t gid,
                                 const struct cred *cred,
                                 unsigned long flags,
                                 struct key *dest);
diff --git a/include/linux/loop.h b/include/linux/loop.h
index 11a41a8f08eb..9635116dd830 100644
--- a/include/linux/loop.h
+++ b/include/linux/loop.h
@@ -44,7 +44,7 @@ struct loop_device {
        int             lo_encrypt_key_size;
        struct loop_func_table *lo_encryption;
        __u32           lo_init[2];
-        uid_t           lo_key_owner;   /* Who set the key */
+        kuid_t          lo_key_owner;   /* Who set the key */
        int             (*ioctl)(struct loop_device *, int cmd, 
                                 unsigned long arg); 
diff --git a/include/linux/netlink.h b/include/linux/netlink.h
index f74dd133788f..c9fdde2bc73f 100644
--- a/include/linux/netlink.h
+++ b/include/linux/netlink.h
@@ -165,6 +165,7 @@ struct netlink_skb_parms {
        struct ucred            creds;          /* Skb credentials      */
        __u32                   pid;
        __u32                   dst_group;
+        struct sock             *ssk;
 };
 #define NETLINK_CB(skb)         (*(struct netlink_skb_parms*)&((skb)->cb))
diff --git a/include/linux/posix_acl.h b/include/linux/posix_acl.h
index 11bad91c4433..7931efe71175 100644
--- a/include/linux/posix_acl.h
+++ b/include/linux/posix_acl.h
@@ -36,7 +36,13 @@
 struct posix_acl_entry {
        short                   e_tag;
        unsigned short          e_perm;
-        unsigned int            e_id;
+        union {
+                kuid_t          e_uid;
+                kgid_t          e_gid;
+#ifndef CONFIG_UIDGID_STRICT_TYPE_CHECKS
+                unsigned int    e_id;
+#endif
+        };
 };
 struct posix_acl {
diff --git a/include/linux/posix_acl_xattr.h b/include/linux/posix_acl_xattr.h
index 6e53c34035cd..ad93ad0f1db0 100644
--- a/include/linux/posix_acl_xattr.h
+++ b/include/linux/posix_acl_xattr.h
@@ -52,7 +52,21 @@ posix_acl_xattr_count(size_t size)
        return size / sizeof(posix_acl_xattr_entry);
 }
-struct posix_acl *posix_acl_from_xattr(const void *value, size_t size);
+#ifdef CONFIG_FS_POSIX_ACL
-int posix_acl_to_xattr(const struct posix_acl *acl, void *buffer, size_t size);
+void posix_acl_fix_xattr_from_user(void *value, size_t size);
+void posix_acl_fix_xattr_to_user(void *value, size_t size);
+#else
+static inline void posix_acl_fix_xattr_from_user(void *value, size_t size)
+{
+}
+static inline void posix_acl_fix_xattr_to_user(void *value, size_t size)
+{
+}
+#endif
+struct posix_acl *posix_acl_from_xattr(struct user_namespace *user_ns, 
+                                       const void *value, size_t size);
+int posix_acl_to_xattr(struct user_namespace *user_ns,
+                       const struct posix_acl *acl, void *buffer, size_t size);
 #endif  /* _POSIX_ACL_XATTR_H */
diff --git a/include/linux/projid.h b/include/linux/projid.h
new file mode 100644
index 000000000000..36517b95be5c
--- /dev/null
+++ b/include/linux/projid.h
@@ -0,0 +1,104 @@
+#ifndef _LINUX_PROJID_H
+#define _LINUX_PROJID_H
+/*
+ * A set of types for the internal kernel types representing project ids.
+ *
+ * The types defined in this header allow distinguishing which project ids in
+ * the kernel are values used by userspace and which project id values are
+ * the internal kernel values.  With the addition of user namespaces the values
+ * can be different.  Using the type system makes it possible for the compiler
+ * to detect when we overlook these differences.
+ *
+ */
+#include <linux/types.h>
+struct user_namespace;
+extern struct user_namespace init_user_ns;
+typedef __kernel_uid32_t projid_t;
+#ifdef CONFIG_UIDGID_STRICT_TYPE_CHECKS
+typedef struct {
+        projid_t val;
+} kprojid_t;
+static inline projid_t __kprojid_val(kprojid_t projid)
+{
+        return projid.val;
+}
+#define KPROJIDT_INIT(value) (kprojid_t){ value }
+#else
+typedef projid_t kprojid_t;
+static inline projid_t __kprojid_val(kprojid_t projid)
+{
+        return projid;
+}
+#define KPROJIDT_INIT(value) ((kprojid_t) value )
+#endif
+#define INVALID_PROJID KPROJIDT_INIT(-1)
+#define OVERFLOW_PROJID 65534
+static inline bool projid_eq(kprojid_t left, kprojid_t right)
+{
+        return __kprojid_val(left) == __kprojid_val(right);
+}
+static inline bool projid_lt(kprojid_t left, kprojid_t right)
+{
+        return __kprojid_val(left) < __kprojid_val(right);
+}
+static inline bool projid_valid(kprojid_t projid)
+{
+        return !projid_eq(projid, INVALID_PROJID);
+}
+#ifdef CONFIG_USER_NS
+extern kprojid_t make_kprojid(struct user_namespace *from, projid_t projid);
+extern projid_t from_kprojid(struct user_namespace *to, kprojid_t projid);
+extern projid_t from_kprojid_munged(struct user_namespace *to, kprojid_t projid);
+static inline bool kprojid_has_mapping(struct user_namespace *ns, kprojid_t projid)
+{
+        return from_kprojid(ns, projid) != (projid_t)-1;
+}
+#else
+static inline kprojid_t make_kprojid(struct user_namespace *from, projid_t projid)
+{
+        return KPROJIDT_INIT(projid);
+}
+static inline projid_t from_kprojid(struct user_namespace *to, kprojid_t kprojid)
+{
+        return __kprojid_val(kprojid);
+}
+static inline projid_t from_kprojid_munged(struct user_namespace *to, kprojid_t kprojid)
+{
+        projid_t projid = from_kprojid(to, kprojid);
+        if (projid == (projid_t)-1)
+                projid = OVERFLOW_PROJID;
+        return projid;
+}
+static inline bool kprojid_has_mapping(struct user_namespace *ns, kprojid_t projid)
+{
+        return true;
+}
+#endif /* CONFIG_USER_NS */
+#endif /* _LINUX_PROJID_H */
diff --git a/include/linux/quota.h b/include/linux/quota.h
index 524ede8a160a..dcd5721e626d 100644
--- a/include/linux/quota.h
+++ b/include/linux/quota.h
@@ -181,10 +181,135 @@ enum {
 #include <linux/dqblk_v2.h>
 #include <linux/atomic.h>
+#include <linux/uidgid.h>
+#include <linux/projid.h>
+#undef USRQUOTA
+#undef GRPQUOTA
+enum quota_type {
+        USRQUOTA = 0,           /* element used for user quotas */
+        GRPQUOTA = 1,           /* element used for group quotas */
+        PRJQUOTA = 2,           /* element used for project quotas */
+};
 typedef __kernel_uid32_t qid_t; /* Type in which we store ids in memory */
 typedef long long qsize_t;      /* Type in which we store sizes */
+struct kqid {                   /* Type in which we store the quota identifier */
+        union {
+                kuid_t uid;
+                kgid_t gid;
+                kprojid_t projid;
+        };
+        enum quota_type type;  /* USRQUOTA (uid) or GRPQUOTA (gid) or PRJQUOTA (projid) */
+};
+extern bool qid_eq(struct kqid left, struct kqid right);
+extern bool qid_lt(struct kqid left, struct kqid right);
+extern qid_t from_kqid(struct user_namespace *to, struct kqid qid);
+extern qid_t from_kqid_munged(struct user_namespace *to, struct kqid qid);
+extern bool qid_valid(struct kqid qid);
+/**
+ *      make_kqid - Map a user-namespace, type, qid tuple into a kqid.
+ *      @from: User namespace that the qid is in
+ *      @type: The type of quota
+ *      @qid: Quota identifier
+ *
+ *      Maps a user-namespace, type qid tuple into a kernel internal
+ *      kqid, and returns that kqid.
+ *
+ *      When there is no mapping defined for the user-namespace, type,
+ *      qid tuple an invalid kqid is returned.  Callers are expected to
+ *      test for and handle handle invalid kqids being returned.
+ *      Invalid kqids may be tested for using qid_valid().
+ */
+static inline struct kqid make_kqid(struct user_namespace *from,
+                                    enum quota_type type, qid_t qid)
+{
+        struct kqid kqid;
+        kqid.type = type;
+        switch (type) {
+        case USRQUOTA:
+                kqid.uid = make_kuid(from, qid);
+                break;
+        case GRPQUOTA:
+                kqid.gid = make_kgid(from, qid);
+                break;
+        case PRJQUOTA:
+                kqid.projid = make_kprojid(from, qid);
+                break;
+        default:
+                BUG();
+        }
+        return kqid;
+}
+/**
+ *      make_kqid_invalid - Explicitly make an invalid kqid
+ *      @type: The type of quota identifier
+ *
+ *      Returns an invalid kqid with the specified type.
+ */
+static inline struct kqid make_kqid_invalid(enum quota_type type)
+{
+        struct kqid kqid;
+        kqid.type = type;
+        switch (type) {
+        case USRQUOTA:
+                kqid.uid = INVALID_UID;
+                break;
+        case GRPQUOTA:
+                kqid.gid = INVALID_GID;
+                break;
+        case PRJQUOTA:
+                kqid.projid = INVALID_PROJID;
+                break;
+        default:
+                BUG();
+        }
+        return kqid;
+}
+/**
+ *      make_kqid_uid - Make a kqid from a kuid
+ *      @uid: The kuid to make the quota identifier from
+ */
+static inline struct kqid make_kqid_uid(kuid_t uid)
+{
+        struct kqid kqid;
+        kqid.type = USRQUOTA;
+        kqid.uid = uid;
+        return kqid;
+}
+/**
+ *      make_kqid_gid - Make a kqid from a kgid
+ *      @gid: The kgid to make the quota identifier from
+ */
+static inline struct kqid make_kqid_gid(kgid_t gid)
+{
+        struct kqid kqid;
+        kqid.type = GRPQUOTA;
+        kqid.gid = gid;
+        return kqid;
+}
+/**
+ *      make_kqid_projid - Make a kqid from a projid
+ *      @projid: The kprojid to make the quota identifier from
+ */
+static inline struct kqid make_kqid_projid(kprojid_t projid)
+{
+        struct kqid kqid;
+        kqid.type = PRJQUOTA;
+        kqid.projid = projid;
+        return kqid;
+}
 extern spinlock_t dq_data_lock;
 /* Maximal numbers of writes for quota operation (insert/delete/update)
@@ -294,10 +419,9 @@ struct dquot {
        atomic_t dq_count;              /* Use count */
        wait_queue_head_t dq_wait_unused;       /* Wait queue for dquot to become unused */
        struct super_block *dq_sb;      /* superblock this applies to */
-        unsigned int dq_id;             /* ID this applies to (uid, gid) */
+        struct kqid dq_id;              /* ID this applies to (uid, gid, projid) */
        loff_t dq_off;                  /* Offset of dquot on disk */
        unsigned long dq_flags;         /* See DQ_* */
-        short dq_type;                  /* Type of quota */
        struct mem_dqblk dq_dqb;        /* Diskquota usage */
 };
@@ -336,8 +460,8 @@ struct quotactl_ops {
        int (*quota_sync)(struct super_block *, int);
        int (*get_info)(struct super_block *, int, struct if_dqinfo *);
        int (*set_info)(struct super_block *, int, struct if_dqinfo *);
-        int (*get_dqblk)(struct super_block *, int, qid_t, struct fs_disk_quota *);
+        int (*get_dqblk)(struct super_block *, struct kqid, struct fs_disk_quota *);
-        int (*set_dqblk)(struct super_block *, int, qid_t, struct fs_disk_quota *);
+        int (*set_dqblk)(struct super_block *, struct kqid, struct fs_disk_quota *);
        int (*get_xstate)(struct super_block *, struct fs_quota_stat *);
        int (*set_xstate)(struct super_block *, unsigned int, int);
 };
@@ -386,10 +510,10 @@ static inline unsigned int dquot_generic_flag(unsigned int flags, int type)
 }
 #ifdef CONFIG_QUOTA_NETLINK_INTERFACE
-extern void quota_send_warning(short type, unsigned int id, dev_t dev,
+extern void quota_send_warning(struct kqid qid, dev_t dev,
                               const char warntype);
 #else
-static inline void quota_send_warning(short type, unsigned int id, dev_t dev,
+static inline void quota_send_warning(struct kqid qid, dev_t dev,
                                      const char warntype)
 {
        return;
diff --git a/include/linux/quotaops.h b/include/linux/quotaops.h
index ec6b65feaaba..1c50093ae656 100644
--- a/include/linux/quotaops.h
+++ b/include/linux/quotaops.h
@@ -44,7 +44,7 @@ void inode_sub_rsv_space(struct inode *inode, qsize_t number);
 void dquot_initialize(struct inode *inode);
 void dquot_drop(struct inode *inode);
-struct dquot *dqget(struct super_block *sb, unsigned int id, int type);
+struct dquot *dqget(struct super_block *sb, struct kqid qid);
 void dqput(struct dquot *dquot);
 int dquot_scan_active(struct super_block *sb,
                      int (*fn)(struct dquot *dquot, unsigned long priv),
@@ -87,9 +87,9 @@ int dquot_writeback_dquots(struct super_block *sb, int type);
 int dquot_quota_sync(struct super_block *sb, int type);
 int dquot_get_dqinfo(struct super_block *sb, int type, struct if_dqinfo *ii);
 int dquot_set_dqinfo(struct super_block *sb, int type, struct if_dqinfo *ii);
-int dquot_get_dqblk(struct super_block *sb, int type, qid_t id,
+int dquot_get_dqblk(struct super_block *sb, struct kqid id,
                struct fs_disk_quota *di);
-int dquot_set_dqblk(struct super_block *sb, int type, qid_t id,
+int dquot_set_dqblk(struct super_block *sb, struct kqid id,
                struct fs_disk_quota *di);
 int __dquot_transfer(struct inode *inode, struct dquot **transfer_to);
diff --git a/include/linux/sched.h b/include/linux/sched.h
index 765dffbb085e..d23ca6245d54 100644
--- a/include/linux/sched.h
+++ b/include/linux/sched.h
@@ -1414,7 +1414,7 @@ struct task_struct {
        struct audit_context *audit_context;
 #ifdef CONFIG_AUDITSYSCALL
-        uid_t loginuid;
+        kuid_t loginuid;
        unsigned int sessionid;
 #endif
        struct seccomp seccomp;
diff --git a/include/linux/security.h b/include/linux/security.h
index d143b8e01954..145accee9236 100644
--- a/include/linux/security.h
+++ b/include/linux/security.h
@@ -1436,7 +1436,7 @@ struct security_operations {
        int (*path_rename) (struct path *old_dir, struct dentry *old_dentry,
                            struct path *new_dir, struct dentry *new_dentry);
        int (*path_chmod) (struct path *path, umode_t mode);
-        int (*path_chown) (struct path *path, uid_t uid, gid_t gid);
+        int (*path_chown) (struct path *path, kuid_t uid, kgid_t gid);
        int (*path_chroot) (struct path *path);
 #endif
@@ -2831,7 +2831,7 @@ int security_path_link(struct dentry *old_dentry, struct path *new_dir,
 int security_path_rename(struct path *old_dir, struct dentry *old_dentry,
                         struct path *new_dir, struct dentry *new_dentry);
 int security_path_chmod(struct path *path, umode_t mode);
-int security_path_chown(struct path *path, uid_t uid, gid_t gid);
+int security_path_chown(struct path *path, kuid_t uid, kgid_t gid);
 int security_path_chroot(struct path *path);
 #else   /* CONFIG_SECURITY_PATH */
 static inline int security_path_unlink(struct path *dir, struct dentry *dentry)
@@ -2887,7 +2887,7 @@ static inline int security_path_chmod(struct path *path, umode_t mode)
        return 0;
 }
-static inline int security_path_chown(struct path *path, uid_t uid, gid_t gid)
+static inline int security_path_chown(struct path *path, kuid_t uid, kgid_t gid)
 {
        return 0;
 }
diff --git a/include/linux/seq_file.h b/include/linux/seq_file.h
index 83c44eefe698..68a04a343cad 100644
--- a/include/linux/seq_file.h
+++ b/include/linux/seq_file.h
@@ -13,6 +13,7 @@ struct file;
 struct path;
 struct inode;
 struct dentry;
+struct user_namespace;
 struct seq_file {
        char *buf;
@@ -25,6 +26,9 @@ struct seq_file {
        struct mutex lock;
        const struct seq_operations *op;
        int poll_event;
+#ifdef CONFIG_USER_NS
+        struct user_namespace *user_ns;
+#endif
        void *private;
 };
@@ -128,6 +132,16 @@ int seq_put_decimal_ull(struct seq_file *m, char delimiter,
 int seq_put_decimal_ll(struct seq_file *m, char delimiter,
                        long long num);
+static inline struct user_namespace *seq_user_ns(struct seq_file *seq)
+{
+#ifdef CONFIG_USER_NS
+        return seq->user_ns;
+#else
+        extern struct user_namespace init_user_ns;
+        return &init_user_ns;
+#endif
+}
 #define SEQ_START_TOKEN ((void *)1)
 /*
 * Helpers for iteration over list_head-s in seq_files
diff --git a/include/linux/tsacct_kern.h b/include/linux/tsacct_kern.h
index 7e50ac795b0b..44893e5ec8f7 100644
--- a/include/linux/tsacct_kern.h
+++ b/include/linux/tsacct_kern.h
@@ -10,9 +10,13 @@
 #include <linux/taskstats.h>
 #ifdef CONFIG_TASKSTATS
-extern void bacct_add_tsk(struct taskstats *stats, struct task_struct *tsk);
+extern void bacct_add_tsk(struct user_namespace *user_ns,
+                          struct pid_namespace *pid_ns,
+                          struct taskstats *stats, struct task_struct *tsk);
 #else
-static inline void bacct_add_tsk(struct taskstats *stats, struct task_struct *tsk)
+static inline void bacct_add_tsk(struct user_namespace *user_ns,
+                                 struct pid_namespace *pid_ns,
+                                 struct taskstats *stats, struct task_struct *tsk)
 {}
 #endif /* CONFIG_TASKSTATS */
diff --git a/include/linux/tty.h b/include/linux/tty.h
index 1509b86825d8..4f6c59a5fb79 100644
--- a/include/linux/tty.h
+++ b/include/linux/tty.h
@@ -575,7 +575,7 @@ extern void tty_audit_fork(struct signal_struct *sig);
 extern void tty_audit_tiocsti(struct tty_struct *tty, char ch);
 extern void tty_audit_push(struct tty_struct *tty);
 extern int tty_audit_push_task(struct task_struct *tsk,
-                               uid_t loginuid, u32 sessionid);
+                               kuid_t loginuid, u32 sessionid);
 #else
 static inline void tty_audit_add_data(struct tty_struct *tty,
                                      unsigned char *data, size_t size)
@@ -594,7 +594,7 @@ static inline void tty_audit_push(struct tty_struct *tty)
 {
 }
 static inline int tty_audit_push_task(struct task_struct *tsk,
-                                      uid_t loginuid, u32 sessionid)
+                                      kuid_t loginuid, u32 sessionid)
 {
        return 0;
 }
diff --git a/include/linux/user_namespace.h b/include/linux/user_namespace.h
index 4e72922e5a75..95142cae446a 100644
--- a/include/linux/user_namespace.h
+++ b/include/linux/user_namespace.h
@@ -20,6 +20,7 @@ struct uid_gid_map {	/* 64 bytes -- 1 cache line */
 struct user_namespace {
        struct uid_gid_map      uid_map;
        struct uid_gid_map      gid_map;
+        struct uid_gid_map      projid_map;
        struct kref             kref;
        struct user_namespace   *parent;
        kuid_t                  owner;
@@ -49,8 +50,10 @@ static inline void put_user_ns(struct user_namespace *ns)
 struct seq_operations;
 extern struct seq_operations proc_uid_seq_operations;
 extern struct seq_operations proc_gid_seq_operations;
+extern struct seq_operations proc_projid_seq_operations;
 extern ssize_t proc_uid_map_write(struct file *, const char __user *, size_t, loff_t *);
 extern ssize_t proc_gid_map_write(struct file *, const char __user *, size_t, loff_t *);
+extern ssize_t proc_projid_map_write(struct file *, const char __user *, size_t, loff_t *);
 #else
 static inline struct user_namespace *get_user_ns(struct user_namespace *ns)