Merge branch 'fuse_2_9_bugfix' of git://github.com/libfuse/libfuse into cm-14.0staging/lineage-15.1lineage-15.1lineage-15.0cm-14.1cm-14.0

Change-Id: I9e541e90baa225c25f3ca21050e406a42983f114

17 files changed, 245 insertions, 872 deletions

diff --git a/AUTHORS b/AUTHORS
index 8c1e88f..3aae1ac 100644
--- a/AUTHORS
+++ b/AUTHORS
@@ -1,9 +1,59 @@
-FUSE
-----
+Current Maintainer
+------------------
 
-Miklos Szeredi <miklos@szeredi.hu>
+Nikolaus Rath <Nikolaus@rath.org>
+
+
+Past Maintainers
+----------------
+
+Miklos Szeredi <miklos@szeredi.hu> (until 12/2015)
 
-CUSE
-----
 
-Tejun Heo <teheo@suse.de>
+Contributors
+------------
+
+CUSE has been written by Tejun Heo <teheo@suse.de>. Furthermore, the
+following people have contributed patches (autogenerated list):
+
+Anatol Pomozov <anatol.pomozov@gmail.com>
+Antonio SJ Musumeci <trapexit@spawn.link>
+Christopher Harrison <ch12@sanger.ac.uk>
+Csaba Henk <csaba.henk@creo.hu>
+cvs2git <>
+Dalvik Khertel <khertel@outlook.com>
+Daniel Thau <danthau@bedrocklinux.org>
+David McNab <david@rebirthing.co.nz>
+David Sheets <sheets@alum.mit.edu>
+Emmanuel Dreyfus <manu@netbsd.org>
+Enke Chen <enkechen@yahoo.com>
+Eric Engestrom <eric@engestrom.ch>
+Eric Wong <normalperson@yhbt.net>
+Fabrice Bauzac <fbauzac@amadeus.com>
+Feng Shuo <steve.shuo.feng@gmail.com>
+Hendrik Brueckner <brueckner@linux.vnet.ibm.com>
+Ikey Doherty <michael.i.doherty@intel.com>
+Jan Blumschein <jan@jan-blumschein.de>
+Joachim Schiele <joachim.schiele@daimler.com>
+Joachim Schiele <js@lastlog.de>
+John Muir <john@jmuir.com>
+Laszlo Papp <ext-laszlo.papp@nokia.com>
+Madan Valluri <mvalluri@cumulus-systems.com>
+Mark Glines <mark@glines.org>
+Max Krasnyansky <maxk@kernel.org>
+Michael Grigoriev <mag@luminal.org>
+Miklos Szeredi <miklos@szeredi.hu>
+Miklos Szeredi <mszeredi@suse.cz>
+mkmm@gmx-topmail.de <mkmm@gmx-topmail.de>
+Natanael Copa <ncopa@alpinelinux.org>
+Nikolaus Rath <Nikolaus@rath.org>
+Olivier Blin <olivier.blin@softathome.com>
+Ratna_Bolla@dell.com <Ratna_Bolla@dell.com>
+Reuben Hawkins <reubenhwk@gmail.com>
+Richard W.M. Jones <rjones@redhat.com>
+Riku Voipio <riku.voipio@linaro.org>
+Roland Bauerschmidt <rb@debian.org>
+Sam Stuewe <halosghost@archlinux.info>
+Sebastian Pipping <sebastian@pipping.org>
+therealneworld@gmail.com <therealneworld@gmail.com>
+Winfried Koehler <w_scan@gmx-topmail.de>
diff --git a/ChangeLog b/ChangeLog
index f2e5d02..8371584 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,45 +1,57 @@
-2015-05-22  Miklos Szeredi <miklos@szeredi.hu>
+FUSE 2.9.7 (2016-06-20)
+=======================
 
-	* Released 2.9.4
+* Added SELinux support.
+* Fixed race-condition when session is terminated right after starting
+  a FUSE file system.
 
-2015-05-22  Miklos Szeredi <miklos@szeredi.hu>
+FUSE 2.9.6 (2016-04-23)
+=======================
 
-	* libfuse: fix exec environment for mount and umount.  Found by
-	Tavis Ormandy (CVE-2015-3202).
+* Tarball now includes documentation.
+* Shared-object version has now been bumped correctly.
 
-2015-02-26  Miklos Szeredi <miklos@szeredi.hu>
+FUSE 2.9.5 (2016-01-14)
+=======================
 
-	* libfuse: fix fuse_remove_signal_handlers() to properly restore
-	the default signal handler.  Reported by: Chris Johnson
+* New maintainer: Nikolaus Rath <Nikolaus@rath.org>. Many thanks to
+  Miklos Szeredi <miklos@szeredi.hu> for bringing FUSE to where it is
+  now!
 
-2014-07-21  Miklos Szeredi <miklos@szeredi.hu>
+* fix warning in mount.c:receive_fd().  Reported by Albert Berger
 
-	* libfuse: highlevel API: fix directory file handle passed to
-	ioctl() method.  Reported by Eric Biggers
+* fix possible memory leak.  Reported by Jose R. Guzman
 
-2014-07-15  Miklos Szeredi <miklos@szeredi.hu>
+FUSE 2.9.4 (2015-05-22)
+=======================
 
-	* libfuse: document deadlock avoidance for
-	fuse_notify_inval_entry() and fuse_notify_delete()
+* fix exec environment for mount and umount.  Found by Tavis Ormandy
+  (CVE-2015-3202).
 
-	* fusermount, libfuse: send value as unsigned in "user_id=" and
-	"group_id=" options.  Uids/gids larger than 2147483647 would
-	result in EINVAL when mounting the filesystem.  This also needs a
-	fix in the kernel.
+* fix fuse_remove_signal_handlers() to properly restore the default
+  signal handler.  Reported by: Chris Johnson
 
-2014-03-26  Miklos Szeredi <miklos@szeredi.hu>
+* highlevel API: fix directory file handle passed to ioctl() method.
+  Reported by Eric Biggers
 
-	* Initilaize stat buffer passed to ->getattr() and ->fgetattr() to
-	zero in all cases.  Reported by Daniel Iwan
+* libfuse: document deadlock avoidance for fuse_notify_inval_entry()
+  and fuse_notify_delete()
 
-2013-08-26  Miklos Szeredi <miklos@szeredi.hu>
+* fusermount, libfuse: send value as unsigned in "user_id=" and
+  "group_id=" options.  Uids/gids larger than 2147483647 would result
+  in EINVAL when mounting the filesystem.  This also needs a fix in
+  the kernel.
 
-	* libfuse: Add missing includes.  This allows compiling fuse with
-	musl.  Patch by Daniel Thau
+* Initilaize stat buffer passed to ->getattr() and ->fgetattr() to
+  zero in all cases.  Reported by Daniel Iwan
 
-2013-07-01  Miklos Szeredi <miklos@szeredi.hu>
+* libfuse: Add missing includes.  This allows compiling fuse with
+  musl.  Patch by Daniel Thau
+
+
+Older Versions (before 2013-01-01)
+==================================
 
-	* Released 2.9.3
 
 2013-06-20  Miklos Szeredi <miklos@szeredi.hu>
 
diff --git a/FAQ b/FAQ
deleted file mode 100644
index 038fb4b..0000000
--- a/FAQ
+++ /dev/null
@@ -1,419 +0,0 @@
-This was generated on 2006/10/17 from
-
-  http://sourceforge.net/apps/mediawiki/fuse/index.php?title=FAQ
-
-For an up to date version please see the above page.  You can also add
-new entries there.
-
-General
-=======
-
-How can I umount a filesystem?
-------------------------------
-
-FUSE filesystems can be unmounted either with:
-
-  umount mountpoint
-
-or
-
-  fusermount -u mountpoint
-
-The later does not need root privileges if the filesystem was mounted by the
-user doing the unmounting.
-
-What's the difference between FUSE and LUFS?
---------------------------------------------
-
-The main difference between them is that in LUFS the filesystem is a
-shared object (.so) which is loaded by lufsmount, and in FUSE the
-filesystem is a separate executable, which uses the fuse library.  The
-actual API is very similar, and there's a translator, that can load
-LUFS modules and run them using the FUSE kernel module (see the lufis
-package on the FUSE page).
-
-Another difference is that LUFS does some caching of directories and
-file attributes.  FUSE does not do this, so it provides a 'thinner'
-interface.
-
-By now LUFS development seems to have completely ceased.
-
-Why is it called FUSE? There's a ZX Spectrum emulator called Fuse too.
-----------------------------------------------------------------------
-
-At the time of christening it, the author of FUSE (the filesystem)
-hadn't heard of Fuse (the Speccy emulator).  Which is ironic, since he
-knew Philip Kendall, the author of that other Fuse from earlier times.
-Btw. the author of FUSE (the filesystem) also created a Speccy
-emulator called Spectemu.
-
-The name wanted to be a clever acronym for "Filesystem in USErspace",
-but it turned out to be an unfortunate choice.  The author has since
-vowed never to name a project after a common term, not even anything
-found more than a handful of times on Google.
-
-Is it possible to mount a fuse filesystem from fstab?
------------------------------------------------------
-
-Yes, from version 2.4.0 this is possible.  The filesystem must adhere
-to some rules about command line options to be able to work this way.
-Here's an example of mounting an sshfs filesystem:
-
-sshfs#user@host:/    /mnt/host    fuse    defaults    0 0
-
-The mounting is performed by the /sbin/mount.fuse helper script.  In
-this example the FUSE-linked binary must be called sshfs and must
-reside somewhere in $PATH.
-
-Licensing issues
-~~~~~~~~~~~~~~~~
-
-Under what license is FUSE released?
-------------------------------------
-
-The kernel part is released under the GNU GPL.
-
-Libfuse is released under the GNU LGPLv2.
-
-All other parts (examples, fusermount, etc) are released under the GNU
-GPL.
-
-Under what conditions may I modify or distribute FUSE?
-------------------------------------------------------
-
-See the files COPYING and COPYING.LIB in the distribution.
-
-More information can be found at http://www.gnu.org/licenses/
-
-Under what conditions may I distribute a filesystem which uses libfuse?
------------------------------------------------------------------------
-
-See COPYING.LIB in the distribution.
-
-In simple terms as long as you are linking dynamically (the default)
-there are no limitations on linking with libfuse.  For example you may
-distribute the filesystem itself in binary form, without source code,
-under any proprietary license.
-
-Under what conditions may I distribute a filesystem that uses the raw
----------------------------------------------------------------------
-kernel interface of FUSE?
--------------------------
-
-There are no restrictions whatsoever for using the raw kernel interface.
-
-API
-===
-
-Which method is called on the close() system call?
---------------------------------------------------
-
-flush() and possibly release().  For details see the documentation of
-these methods in <fuse.h>
-
-Wouldn't it be simpler if there were a single close() method?
--------------------------------------------------------------
-
-No, because the relationship between the close() system call and the
-release of the file (the opposite of open) is not as simple as people
-tend to imagine.  UNIX allows open files to acquire multiple
-references
-
-    * after fork() two processes refer to the same open file
-
-    * dup() and dup2() make another file descriptor refer to the same
-      file
-
-    * mmap() makes a memory mapping refer to an open file
-
-This means, that for a single open() system call, there could be more
-than one close() and possibly munmap() calls until the open file is
-finally released.
-
-Can I return an error from release()?
--------------------------------------
-
-No, it's not possible.
-
-If you need to return errors on close, you must do that from flush().
-
-How do I know which is the last flush() before release()?
----------------------------------------------------------
-
-You can't.  All flush() calls should be treated equally.  Anyway it
-wouldn't be worth optimizing away non-final flushes, since it's fairly
-rare to have multiple write-flush sequences on an open file.
-
-Why doesn't FUSE forward ioctl() calls to the filesystem?
----------------------------------------------------------
-
-Because it's not possible: data passed to ioctl() doesn't have a well
-defined length and structure like read() and write().  Consider using
-getxattr() and setxattr() instead.
-
-Is there a way to know the uid, gid or pid of the process performing
---------------------------------------------------------------------
-the operation?
---------------
-
-Yes: fuse_get_context()->uid, etc.
-
-How should threads be started?
-------------------------------
-
-Miscellaneous threads should be started from the init() method.
-Threads started before fuse_main() will exit when the process goes
-into the background.
-
-Is it possible to store a pointer to private data in the
---------------------------------------------------------
-fuse_file_info structure?
--------------------------
-
-Yes, the 'fh' filed is for this purpose.  This filed may be set in the
-open() and create() methods, and is available in all other methods
-having a struct fuse_file_info parameter.  Note, that changing the
-value of 'fh' in any other method as open() or create() will have no
-affect.
-
-Since the type of 'fh' is unsigned long, you need to use casts when
-storing and retrieving a pointer.  Under Linux (and most other
-architectures) an unsigned long will be able to hold a pointer.
-
-This could have been done with a union of 'void *' and 'unsigned long'
-but that would not have been any more type safe as having to use
-explicit casts.  The recommended type safe solution is to write a
-small inline function that retrieves the pointer from the
-fuse_file_info structure.
-
-Problems
-========
-
-Version problems
-~~~~~~~~~~~~~~~~
-
-Why do I get Connection Refused after mounting?
------------------------------------------------
-
-Library is too old (< 2.3.0)
-
-You can check which version of the library is being used by foofs by
-doing 'ldd path_to_foofs'.  It will return something like this
-
-        libfuse.so.2 => /usr/local/lib/libfuse.so.2 (0xb7fc9000)
-        libpthread.so.0 => /lib/tls/libpthread.so.0 (0xb7fb9000)
-        libglib-2.0.so.0 => /usr/lib/libglib-2.0.so.0 (0xb7f39000)
-        libc.so.6 => /lib/tls/libc.so.6 (0xb7e04000)
-
-Then do 'ls -l path_to_libfuse'
-
-> ls -l /usr/local/lib/libfuse.so.2
-lrwxrwxrwx  1 root root 16 Sep 26 13:41 /usr/local/lib/libfuse.so.2 -> libfuse.so.2.2.1
-
-Why does fusermount fail with an Unknown option error?
-------------------------------------------------------
-
-Errors like 'fusermount: Unknown option -o' or 'fusermount: Unknown
-option --' mean, that an old version of fusermount is being used.  You
-can check by doing 'which fusermount'.
-
-If you installed FUSE from source, then this is probably because there
-exists a binary package on your system which also contains a
-fusermount program, and is found first in the path, e.g. in
-/usr/bin/fusermount.
-
-The solution is to remove the binary package.
-
-Installation problems
-~~~~~~~~~~~~~~~~~~~~~
-
-Why is there an error loading shared libraries?
------------------------------------------------
-
-If you get the following error when starting a FUSE-based filesystem:
-
-   foofs: error while loading shared libraries: libfuse.so.2:
-   cannot open shared object file: No such file or directory
-
-check /etc/ld.so.conf for a line containing '/usr/local/lib'.  If it's
-missing, add it, and run ldconfig afterwards.
-
-Why doesn't mounting as user work if installing FUSE from a package?
---------------------------------------------------------------------
-
-Distributions often package 'fusermount' without the suid bit, or only
-executable to the 'fuse' group.
-
-This results in the following message, when trying to mount a
-filesystem as an unprivileged user:
-
-   fusermount: mount failed: Operation not permitted
-
-The simplest solution is to change the mode of 'fusermount':
-
-   chmod 4755 /usr/bin/fusermount
-
-Note, you may have to do this after each upgrade.
-
-Other problems
-~~~~~~~~~~~~~~
-
-Why are some bytes zeroed when reading a file?
-----------------------------------------------
-
-This happens if the filesystem returns a short count from the read()
-method.  If the file wasn't opened in direct I/O mode, the read()
-method must return exactly the requested number of bytes, unless it's
-the end of the file.
-
-If the file was opened in direct I/O mode (with direct_io mount
-option, or by setting the direct_io field of fuse_file_info at open)
-the read can return a smaller value than requested.  In this case the
-end of file can be signalled by returning zero.
-
-What do I do if /dev/fuse does not exist?
------------------------------------------
-
-Maybe the FUSE module is not loaded. As root, try:
-
-    modprobe fuse
-
-If nothing changes, as root run:
-
-    mknod /dev/fuse c 10 229
-
-What do I do if you don't have access to /dev/fuse?
----------------------------------------------------
-
-As root run:
-
-    chmod o+rw /dev/fuse
-
-Remember that this will allow ordinary users to mount their own user
-space filesystems.
-
-If that's not what you want then use different permissions.
-
-Why does cp return operation not permitted when copying a file with no
-----------------------------------------------------------------------
-write permissions for the owner?
---------------------------------
-
-"cp" calls open(2) with read-only permissions and O_CREAT, the purpose
-being to atomically obtain a read/write file handle and make the file
-read-only.  Unfortunately, this does not work very well in fuse, since
-you first get a mknod, and then an open call.  At the time of open,
-you can't distinguish easily whether this is the first open issued by
-cp, or another process trying to write a read-only file.
-
-Defining the 'create' method solves this problem, however this
-requires a Linux kernel version of at least 2.6.15 and libfuse version
-2.5 or greater (on FreeBSD you'll need fuse4bsd-0.3.0-pre1 or newer
-for this).
-
-There can be other workarounds, however the easy one is to use the
-"default_permissions" mount option, and to avoid checking permissions
-on open.  If you store files on a filesystem, this can get tricky
-because you will have to change the file mode to allow writing.  Using
-the stateful API (i.e. returning an handle on open) will simplify
-things.  In this case, and using "-o default_permissions", when
-implementing the open call you have to:
-
-1. check if the open is in write mode (i.e. mode has O_RDWR or
-   O_WRONLY)
-
-2. in that case (in mutual exclusion with other open, getattr
-   etc. calls on the same file) change the mode from "M" to "M OR
-   0o200"
-
-3. open the file, change back the mode even in case of errors, and
-   return the obtained handle
-
-Why doesn't find work on my filesystem?
----------------------------------------
-
-The st_nlink member must be set correctly for directories to make find
-work.  If it's not set correctly the -noleaf option of find can be
-used to make it ignore the hard link count (see man find).
-
-The correct value of st_nlink for directories is NSUB + 2.  Where NSUB
-is the number of subdirectories.  NOTE: regular-file/symlink/etc
-entries do not count into NSUB, only directories.
-
-If calculating NSUB is hard, the filesystem can set st_nlink of
-directories to 1, and find will still work.  This is not documented
-behavior of find, and it's not clear whether this is intended or just
-by accident.  But for example the NTFS filesysem relies on this, so
-it's unlikely that this "feature" will go away.
-
-What is the reason for IO errors?
----------------------------------
-
-The kernel part of FUSE returns the EIO error value, whenever the
-userspace filesystem sends a "bad" reply.  Sometimes these are
-unavoidable, and not necessarily a fault of the filesystem.  Possible
-causes of this are (non-exhaustive)
-
-    * the filesystem returned a short count on write()
-
-    * the type of the file has changed (e.g. a directory suddenly
-      became a symlink)
-
-    * a directory entry contained a filename that was too long (no,
-      ENAMETOOLONG is not the right error here)
-
-    * the same node ID value was used for two different directories
-      (i.e. hard-linked directories are not allowed)
-
-    * In the GETATTR function, st_mode needs to have a valid filetype
-      bit set, like S_IFREG or S_IFDIR, see the stat manual for more
-
-    * You are running a 64 bit kernel but using a 32 bit libfuse. In this case
-      you will need to install a 64 bit version of the FUSE userspace library,
-      64 bit versions of all of the FUSE filesystems or language bindings that
-      link to it, and 64 bit versions of all of their dependencies. Your
-      distribution may provide 64 bit versions of the basic dependencies like
-      libc even in its 32 bit environment
-
-Misc
-====
-
-Can the filesystem ask a question on the terminal of the user?
---------------------------------------------------------------
-
-It would not be possible generally speaking, since it might not be an
-interactive program but rather a daemon, or a GUI program doing the
-operation.  However you should be able to get the PID for the caller,
-and by looking in /proc you should be able to find the process tty or
-something similar.
-
-But this is not recommended.  You should rather think about solving
-this another way.
-
-If a filesystem is mounted over a directory, how can I access the old
----------------------------------------------------------------------
-contents?
----------
-
-There are two possibilities:
-
-The first is to use 'mount --bind DIR TMPDIR' to create a copy of the
-namespace under DIR.  After mounting the FUSE filesystem over DIR,
-files can still be accessed through TMDIR.  This needs root privileges.
-
-The second is to set the working directory to DIR after mounting the FUSE
-filesystem.  For example before fuse_main() do
-
-     save_dir = open(DIR, O_RDONLY);
-
-And from the init() method do
-
-     fchdir(save_dir);
-     close(save_dir);
-
-Then access the files with relative paths (with newer LIBC versions
-the *at() functions may also be used instead of changing the CWD).
-
-This method doesn't need root privileges, but only works on Linux
-(FreeBSD does path resolving in a different way), and it's not even
-guaranteed to work on future Linux versions.
diff --git a/Filesystems b/Filesystems
deleted file mode 100644
index e96942b..0000000
--- a/Filesystems
+++ /dev/null
@@ -1,5 +0,0 @@
-Please see the following links:
-
-http://sourceforge.net/apps/mediawiki/fuse/index.php?title=FileSystems
-http://sourceforge.net/apps/mediawiki/fuse/index.php?title=LanguageBindings
-http://sourceforge.net/apps/mediawiki/fuse/index.php?title=OperatingSystems
diff --git a/Makefile.am b/Makefile.am
index 8bb0781..691b1bc 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -3,12 +3,11 @@
 ACLOCAL_AMFLAGS = -I m4
 
 SUBDIRS = @subdirs2@ doc
+AUTOMAKE_OPTIONS = subdir-objects
 
 EXTRA_DIST =			\
 	fuse.pc.in		\
-	README*			\
-	Filesystems		\
-	FAQ
+	README*
 
 pkgconfigdir = @pkgconfigdir@
 pkgconfig_DATA = fuse.pc
diff --git a/README b/README
deleted file mode 100644
index 398dd65..0000000
--- a/README
+++ /dev/null
@@ -1,380 +0,0 @@
-General Information
-===================
-
-FUSE (Filesystem in Userspace) is a simple interface for userspace
-programs to export a virtual filesystem to the Linux kernel.  FUSE
-also aims to provide a secure method for non privileged users to
-create and mount their own filesystem implementations.
-
-You can download the source code releases from
-
-  http://sourceforge.net/projects/fuse
-
-or alternatively you can use CVS to get the very latest development
-version:
-
-  cvs -d :pserver:anonymous@fuse.cvs.sourceforge.net:/cvsroot/fuse co fuse
-
-
-Dependencies
-============
-
-Linux kernel version 2.6.X where X >= 9.
-
-Alternatively a kernel module from FUSE release 2.5.* can be used with
-this release, which supports kernels >= 2.4.21.
-
-Installation
-============
-
-./configure
-make
-make install
-modprobe fuse
-
-You may also need to add '/usr/local/lib' to '/etc/ld.so.conf' and/or
-run ldconfig.
-
-You'll also need a fuse kernel module, Linux kernels 2.6.14 or later
-contain FUSE support.
-
-For more details see the file 'INSTALL'
-
-How To Use
-==========
-
-FUSE is made up of three main parts:
-
- - A kernel filesystem module
-
- - A userspace library
-
- - A mount/unmount program
-
-
-Here's how to create your very own virtual filesystem in five easy
-steps (after installing FUSE):
-
-  1) Edit the file example/fusexmp.c to do whatever you want...
-
-  2) Build the fusexmp program
-
-  3) run 'example/fusexmp /mnt/fuse -d'
-
-  4) ls -al /mnt/fuse
-
-  5) Be glad
-
-If it doesn't work out, please ask!  Also see the file 'include/fuse.h' for
-detailed documentation of the library interface.
-
-Security
-========
-
-If you run 'make install', the fusermount program is installed
-set-user-id to root.  This is done to allow normal users to mount
-their own filesystem implementations.
-
-There must however be some limitations, in order to prevent Bad User from
-doing nasty things.  Currently those limitations are:
-
-  - The user can only mount on a mountpoint, for which it has write
-    permission
-
-  - The mountpoint is not a sticky directory which isn't owned by the
-    user (like /tmp usually is)
-
-  - No other user (including root) can access the contents of the mounted
-    filesystem.
-
-Configuration
-=============
-
-Some options regarding mount policy can be set in the file
-'/etc/fuse.conf'
-
-Currently these options are:
-
-mount_max = NNN
-
-  Set the maximum number of FUSE mounts allowed to non-root users.
-  The default is 1000.
-
-user_allow_other
-
-  Allow non-root users to specify the 'allow_other' or 'allow_root'
-  mount options.
-
-
-Mount options
-=============
-
-Most of the generic mount options described in 'man mount' are
-supported (ro, rw, suid, nosuid, dev, nodev, exec, noexec, atime,
-noatime, sync async, dirsync).  Filesystems are mounted with
-'-onodev,nosuid' by default, which can only be overridden by a
-privileged user.
-
-These are FUSE specific mount options that can be specified for all
-filesystems:
-
-default_permissions
-
-  By default FUSE doesn't check file access permissions, the
-  filesystem is free to implement it's access policy or leave it to
-  the underlying file access mechanism (e.g. in case of network
-  filesystems).  This option enables permission checking, restricting
-  access based on file mode.  This is option is usually useful
-  together with the 'allow_other' mount option.
-
-allow_other
-
-  This option overrides the security measure restricting file access
-  to the user mounting the filesystem.  So all users (including root)
-  can access the files.  This option is by default only allowed to
-  root, but this restriction can be removed with a configuration
-  option described in the previous section.
-
-allow_root
-
-  This option is similar to 'allow_other' but file access is limited
-  to the user mounting the filesystem and root.  This option and
-  'allow_other' are mutually exclusive.
-
-kernel_cache
-
-  This option disables flushing the cache of the file contents on
-  every open().  This should only be enabled on filesystems, where the
-  file data is never changed externally (not through the mounted FUSE
-  filesystem).  Thus it is not suitable for network filesystems and
-  other "intermediate" filesystems.
-
-  NOTE: if this option is not specified (and neither 'direct_io') data
-  is still cached after the open(), so a read() system call will not
-  always initiate a read operation.
-
-auto_cache
-
-  This option enables automatic flushing of the data cache on open().
-  The cache will only be flushed if the modification time or the size
-  of the file has changed.
-
-large_read
-
-  Issue large read requests.  This can improve performance for some
-  filesystems, but can also degrade performance.  This option is only
-  useful on 2.4.X kernels, as on 2.6 kernels requests size is
-  automatically determined for optimum performance.
-
-direct_io
-
-  This option disables the use of page cache (file content cache) in
-  the kernel for this filesystem.  This has several affects:
-
-     - Each read() or write() system call will initiate one or more
-       read or write operations, data will not be cached in the
-       kernel.
-
-     - The return value of the read() and write() system calls will
-       correspond to the return values of the read and write
-       operations.  This is useful for example if the file size is not
-       known in advance (before reading it).
-
-max_read=N
-
-  With this option the maximum size of read operations can be set.
-  The default is infinite.  Note that the size of read requests is
-  limited anyway to 32 pages (which is 128kbyte on i386).
-
-max_readahead=N
-
-  Set the maximum number of bytes to read-ahead.  The default is
-  determined by the kernel.  On linux-2.6.22 or earlier it's 131072
-  (128kbytes)
-
-max_write=N
-
-  Set the maximum number of bytes in a single write operation.  The
-  default is 128kbytes.  Note, that due to various limitations, the
-  size of write requests can be much smaller (4kbytes).  This
-  limitation will be removed in the future.
-
-async_read
-
-  Perform reads asynchronously. This is the default
-
-sync_read
-
-  Perform all reads (even read-ahead) synchronously.
-
-hard_remove
-
-  The default behavior is that if an open file is deleted, the file is
-  renamed to a hidden file (.fuse_hiddenXXX), and only removed when
-  the file is finally released.  This relieves the filesystem
-  implementation of having to deal with this problem.  This option
-  disables the hiding behavior, and files are removed immediately in
-  an unlink operation (or in a rename operation which overwrites an
-  existing file).
-
-  It is recommended that you not use the hard_remove option. When
-  hard_remove is set, the following libc functions fail on unlinked
-  files (returning errno of ENOENT):
-     - read()
-     - write()
-     - fsync()
-     - close()
-     - f*xattr()
-     - ftruncate()
-     - fstat()
-     - fchmod()
-     - fchown()
-
-debug
-
-  Turns on debug information printing by the library.
-
-fsname=NAME
-
-  Sets the filesystem source (first field in /etc/mtab).  The default
-  is the program name.
-
-subtype=TYPE
-
-  Sets the filesystem type (third field in /etc/mtab).  The default is
-  the program name.
-
-  If the kernel suppports it, /etc/mtab and /proc/mounts will show the
-  filesystem type as "fuse.TYPE"
-
-  If the kernel doesn't support subtypes, the source filed will be
-  "TYPE#NAME", or if fsname option is not specified, just "TYPE".
-
-use_ino
-
-  Honor the 'st_ino' field in getattr() and fill_dir().  This value is
-  used to fill in the 'st_ino' field in the stat()/lstat()/fstat()
-  functions and the 'd_ino' field in the readdir() function.  The
-  filesystem does not have to guarantee uniqueness, however some
-  applications rely on this value being unique for the whole
-  filesystem.
-
-readdir_ino
-
-  If 'use_ino' option is not given, still try to fill in the 'd_ino'
-  field in readdir().  If the name was previously looked up, and is
-  still in the cache, the inode number found there will be used.
-  Otherwise it will be set to '-1'.  If 'use_ino' option is given,
-  this option is ignored.
-
-nonempty
-
-  Allows mounts over a non-empty file or directory.  By default these
-  mounts are rejected (from version 2.3.1) to prevent accidental
-  covering up of data, which could for example prevent automatic
-  backup.
-
-umask=M
-
-  Override the permission bits in 'st_mode' set by the filesystem.
-  The resulting permission bits are the ones missing from the given
-  umask value.  The value is given in octal representation.
-
-uid=N
-
-  Override the 'st_uid' field set by the filesystem.
-
-gid=N
-
-  Override the 'st_gid' field set by the filesystem.
-
-blkdev
-
-  Mount a filesystem backed by a block device.  This is a privileged
-  option.  The device must be specified with the 'fsname=NAME' option.
-
-entry_timeout=T
-
-  The timeout in seconds for which name lookups will be cached. The
-  default is 1.0 second.  For all the timeout options, it is possible
-  to give fractions of a second as well (e.g. "-oentry_timeout=2.8")
-
-negative_timeout=T
-
-  The timeout in seconds for which a negative lookup will be cached.
-  This means, that if file did not exist (lookup retuned ENOENT), the
-  lookup will only be redone after the timeout, and the file/directory
-  will be assumed to not exist until then.  The default is 0.0 second,
-  meaning that caching negative lookups are disabled.
-
-attr_timeout=T
-
-  The timeout in seconds for which file/directory attributes are
-  cached.  The default is 1.0 second.
-
-ac_attr_timeout=T
-
-  The timeout in seconds for which file attributes are cached for the
-  purpose of checking if "auto_cache" should flush the file data on
-  open.   The default is the value of 'attr_timeout'
-
-intr
-
-  Allow requests to be interrupted.  Turning on this option may result
-  in unexpected behavior, if the filesystem does not support request
-  interruption.
-
-intr_signal=NUM
-
-  Specify which signal number to send to the filesystem when a request
-  is interrupted.  The default is 10 (USR1).
-
-modules=M1[:M2...]
-
-  Add modules to the filesystem stack.  Modules are pushed in the
-  order they are specified, with the original filesystem being on the
-  bottom of the stack.
-
-
-Modules distributed with fuse
------------------------------
-
-iconv
-`````
-Perform file name character set conversion.  Options are:
-
-from_code=CHARSET
-
-  Character set to convert from (see iconv -l for a list of possible
-  values).  Default is UTF-8.
-
-to_code=CHARSET
-
-  Character set to convert to.  Default is determined by the current
-  locale.
-
-
-subdir
-``````
-Prepend a given directory to each path. Options are:
-
-subdir=DIR
-
-  Directory to prepend to all paths.  This option is mandatory.
-
-rellinks
-
-  Transform absolute symlinks into relative
-
-norellinks
-
-  Do not transform absolute symlinks into relative.  This is the default.
-
-
-Reporting bugs
-==============
-
-Please send bug reports to the <fuse-devel@lists.sourceforge.net>
-mailing list.
-
-The list is open, you need not be subscribed to post.
diff --git a/README.md b/README.md
new file mode 100644
index 0000000..2243a12
--- /dev/null
+++ b/README.md
@@ -0,0 +1,108 @@
+libfuse
+=======
+
+Warning: unresolved security issue
+----------------------------------
+
+Be aware that FUSE has an unresolved security bug
+([bug #15](https://github.com/libfuse/libfuse/issues/15)): the
+permission check for accessing a cached directory is only done once
+when the directory entry is first loaded into the cache. Subsequent
+accesses will re-use the results of the first check, even if the
+directory permissions have since changed, and even if the subsequent
+access is made by a different user.
+
+This bug needs to be fixed in the Linux kernel and has been known
+since 2006 but unfortunately no fix has been applied yet. If you
+depend on correct permission handling for FUSE file systems, the only
+workaround is to completely disable caching of directory
+entries. Alternatively, the severity of the bug can be somewhat
+reduced by not using the `allow_other` mount option.
+
+
+About
+-----
+
+FUSE (Filesystem in Userspace) is an interface for userspace programs
+to export a filesystem to the Linux kernel. The FUSE project consists
+of two components: the *fuse* kernel module (maintained in the regular
+kernel repositories) and the *libfuse* userspace library (maintained
+in this repository). libfuse provides the reference implementation
+for communicating with the FUSE kernel module.
+
+A FUSE file system is typically implemented as a standalone
+application that links with libfuse. libfuse provides functions to
+mount the file system, unmount it, read requests from the kernel, and
+send responses back. libfuse offers two APIs: a "high-level",
+synchronous API, and a "low-level" asynchronous API. In both cases,
+incoming requests from the kernel are passed to the main program using
+callbacks. When using the high-level API, the callbacks may work with
+file names and paths instead of inodes, and processing of a request
+finishes when the callback function returns. When using the low-level
+API, the callbacks must work with inodes and responses must be sent
+explicitly using a separate set of API functions.
+
+
+Installation
+------------
+
+    ./configure
+    make -j8
+    make install
+
+You may also need to add `/usr/local/lib` to `/etc/ld.so.conf` and/or
+run *ldconfig*. If you're building from the git repository (instead of
+using a release tarball), you also need to run `./makeconf.sh` to
+create the `configure` script.
+
+You'll also need a fuse kernel module (Linux kernels 2.6.14 or later
+contain FUSE support).
+
+For more details see the file `INSTALL`
+
+Security implications
+---------------------
+
+If you run `make install`, the *fusermount* program is installed
+set-user-id to root.  This is done to allow normal users to mount
+their own filesystem implementations.
+
+There must however be some limitations, in order to prevent Bad User from
+doing nasty things.  Currently those limitations are:
+
+  - The user can only mount on a mountpoint, for which it has write
+    permission
+
+  - The mountpoint is not a sticky directory which isn't owned by the
+    user (like /tmp usually is)
+
+  - No other user (including root) can access the contents of the
+    mounted filesystem (though this can be relaxed by allowing the use
+    of the `allow_other` and `allow_root` mount options in `fuse.conf`)
+
+
+Building your own filesystem
+------------------------------
+
+FUSE comes with several example file systems in the `examples`
+directory. For example, the *fusexmp* example mirrors the contents of
+the root directory under the mountpoint. Start from there and adapt
+the code!
+
+The documentation of the API functions and necessary callbacks is
+mostly contained in the files `include/fuse.h` (for the high-level
+API) and `include/fuse_lowlevel.h` (for the low-level API). An
+autogenerated html version of the API is available in the `doc/html`
+directory and at http://libfuse.github.io/doxygen.
+
+
+Getting Help
+------------
+
+If you need help, please ask on the <fuse-devel@lists.sourceforge.net>
+mailing list (subscribe at
+https://lists.sourceforge.net/lists/listinfo/fuse-devel).
+
+Please report any bugs on the GitHub issue tracker at
+https://github.com/libfuse/main/issues.
+
diff --git a/configure.ac b/configure.ac
index eff1dd8..8f1a63a 100644
--- a/configure.ac
+++ b/configure.ac
@@ -1,9 +1,9 @@
-AC_INIT(fuse, 2.9.4)
+AC_INIT(fuse, 2.9.7)
 
 AC_PREREQ(2.59d)
 AC_CONFIG_MACRO_DIR([m4])
 AC_CANONICAL_TARGET
-AM_INIT_AUTOMAKE
+AM_INIT_AUTOMAKE([foreign])
 m4_ifdef([AM_SILENT_RULES], [AM_SILENT_RULES(yes)])
 AC_CONFIG_HEADERS(include/config.h)
 
diff --git a/doc/.gitignore b/doc/.gitignore
new file mode 100644
index 0000000..1b0a5aa
--- /dev/null
+++ b/doc/.gitignore
@@ -0,0 +1,2 @@
+doxygen_sqlite3.db
+html/
diff --git a/doc/Makefile.am b/doc/Makefile.am
index ebc9679..1d38e48 100644
--- a/doc/Makefile.am
+++ b/doc/Makefile.am
@@ -2,4 +2,4 @@
 
 dist_man_MANS = fusermount.1 mount.fuse.8 ulockmgr_server.1
 
-EXTRA_DIST = how-fuse-works kernel.txt Doxyfile
+EXTRA_DIST = how-fuse-works kernel.txt Doxyfile html
diff --git a/include/fuse_lowlevel.h b/include/fuse_lowlevel.h
index 6971f73..26dc429 100644
--- a/include/fuse_lowlevel.h
+++ b/include/fuse_lowlevel.h
@@ -927,6 +927,11 @@ struct fuse_lowlevel_ops {
 	 * kernel supports splicing from the fuse device, then the
 	 * data will be made available in pipe for supporting zero
 	 * copy data transfer.
+         *
+         * buf->count is guaranteed to be one (and thus buf->idx is
+         * always zero). The write_buf handler must ensure that
+         * bufv->off is correctly updated (reflecting the number of
+         * bytes read from bufv->buf[0]).
 	 *
 	 * Introduced in version 2.9
 	 *
diff --git a/lib/Makefile.am b/lib/Makefile.am
index 8b43ffe..b0f195e 100644
--- a/lib/Makefile.am
+++ b/lib/Makefile.am
@@ -1,5 +1,6 @@
 ## Process this file with automake to produce Makefile.in
 
+AUTOMAKE_OPTIONS = subdir-objects
 AM_CPPFLAGS = -I$(top_srcdir)/include -DFUSERMOUNT_DIR=\"$(bindir)\" \
  -D_FILE_OFFSET_BITS=64 -D_REENTRANT -DFUSE_USE_VERSION=26
 
@@ -36,7 +37,7 @@ libfuse_la_SOURCES = 		\
 	$(iconv_source)		\
 	$(mount_source)
 
-libfuse_la_LDFLAGS = -pthread @libfuse_libs@ -version-number 2:9:4 \
+libfuse_la_LDFLAGS = -pthread @libfuse_libs@ -version-number 2:9:7 \
 	-Wl,--version-script,$(srcdir)/fuse_versionscript
 
 if NETBSD
diff --git a/lib/fuse_lowlevel.c b/lib/fuse_lowlevel.c
index 97dd678..232956c 100644
--- a/lib/fuse_lowlevel.c
+++ b/lib/fuse_lowlevel.c
@@ -688,11 +688,11 @@ static int fuse_send_data_iov(struct fuse_ll *f, struct fuse_chan *ch,
 				goto clear_pipe;
 			}
 			res = read_back(llp->pipe[0], tmpbuf, headerlen);
+			free(tmpbuf);
 			if (res != 0) {
 				free(mbuf);
 				goto clear_pipe;
 			}
-			free(tmpbuf);
 			res = read_back(llp->pipe[0], mbuf, now_len);
 			if (res != 0) {
 				free(mbuf);
@@ -2087,6 +2087,7 @@ int fuse_lowlevel_notify_store(struct fuse_chan *ch, fuse_ino_t ino,
 	outarg.nodeid = ino;
 	outarg.offset = offset;
 	outarg.size = size;
+	outarg.padding = 0;
 
 	iov[0].iov_base = &out;
 	iov[0].iov_len = sizeof(out);
diff --git a/lib/helper.c b/lib/helper.c
index c5349bf..1f13c87 100644
--- a/lib/helper.c
+++ b/lib/helper.c
@@ -181,6 +181,13 @@ int fuse_daemonize(int foreground)
 {
 	if (!foreground) {
 		int nullfd;
+		int waiter[2];
+		char completed;
+
+		if (pipe(waiter)) {
+			perror("fuse_daemonize: pipe");
+			return -1;
+		}
 
 		/*
 		 * demonize current process by forking it and killing the
@@ -193,6 +200,7 @@ int fuse_daemonize(int foreground)
 		case 0:
 			break;
 		default:
+			read(waiter[0], &completed, sizeof(completed));
 			_exit(0);
 		}
 
@@ -211,6 +219,12 @@ int fuse_daemonize(int foreground)
 			if (nullfd > 2)
 				close(nullfd);
 		}
+
+		/* Propagate completion of daemon initializatation */
+		completed = 1;
+		write(waiter[1], &completed, sizeof(completed));
+		close(waiter[0]);
+		close(waiter[1]);
 	}
 	return 0;
 }
diff --git a/lib/mount.c b/lib/mount.c
index eb0bb17..7a629f1 100644
--- a/lib/mount.c
+++ b/lib/mount.c
@@ -102,6 +102,10 @@ static const struct fuse_opt fuse_mount_opts[] = {
 	FUSE_OPT_KEY("large_read",		KEY_KERN_OPT),
 	FUSE_OPT_KEY("blksize=",		KEY_KERN_OPT),
 	FUSE_OPT_KEY("default_permissions",	KEY_KERN_OPT),
+	FUSE_OPT_KEY("context=",		KEY_KERN_OPT),
+	FUSE_OPT_KEY("fscontext=",		KEY_KERN_OPT),
+	FUSE_OPT_KEY("defcontext=",		KEY_KERN_OPT),
+	FUSE_OPT_KEY("rootcontext=",		KEY_KERN_OPT),
 	FUSE_OPT_KEY("max_read=",		KEY_KERN_OPT),
 	FUSE_OPT_KEY("max_read=",		FUSE_OPT_KEY_KEEP),
 	FUSE_OPT_KEY("user=",			KEY_MTAB_OPT),
@@ -282,7 +286,7 @@ static int receive_fd(int fd)
 	}
 
 	cmsg = CMSG_FIRSTHDR(&msg);
-	if (!cmsg->cmsg_type == SCM_RIGHTS) {
+	if (cmsg->cmsg_type != SCM_RIGHTS) {
 		fprintf(stderr, "got control message of unknown type %d\n",
 			cmsg->cmsg_type);
 		return -1;
diff --git a/makeconf.sh b/makeconf.sh
index 6678bdd..3388390 100755
--- a/makeconf.sh
+++ b/makeconf.sh
@@ -1,8 +1,10 @@
 #! /bin/sh
 
-echo Running libtoolize...
-libtoolize --automake -c -f
+echo "Running libtoolize..."
+libtoolize -c
 
+# We use iconv directly rather than via gettext, so
+# we need to manually copy config.rpath.
 CONFIG_RPATH=/usr/share/gettext/config.rpath
 if ! [ -f $CONFIG_RPATH ]; then
     CONFIG_RPATH=/usr/local/share/gettext/config.rpath
@@ -11,7 +13,7 @@ if ! [ -f $CONFIG_RPATH ]; then
     if  [ -f config.rpath ]; then
         CONFIG_RPATH=
     else
-        echo "config.rpath not found!" >&2
+        echo "config.rpath not found! - is gettext installed?" >&2
         exit 1
     fi
 fi
@@ -19,27 +21,6 @@ if ! [ -z "$CONFIG_RPATH" ]; then
     cp "$CONFIG_RPATH" .
 fi
 
-if test ! -z "`which autoreconf`"; then
-    echo Running autoreconf...
-    autoreconf -i -f
-else
-    echo Running aclocal...
-    aclocal
-    echo Running autoheader...
-    autoheader
-    echo Running autoconf...
-    autoconf
-    echo Running automake...
-    automake -a -c
-    (
-	echo Entering directory: kernel
-	cd kernel
-	echo Running autoheader...
-	autoheader
-	echo Running autoconf...
-	autoconf
-    )
-fi
+echo "Running autoreconf..."
+autoreconf -i
 
-rm -f config.cache config.status
-echo "To compile run './configure', and then 'make'."
diff --git a/util/ulockmgr_server.c b/util/ulockmgr_server.c
index baef45d..273c7d9 100644
--- a/util/ulockmgr_server.c
+++ b/util/ulockmgr_server.c
@@ -92,7 +92,7 @@ static int receive_message(int sock, void *buf, size_t buflen, int *fdp,
 
 	cmsg = CMSG_FIRSTHDR(&msg);
 	if (cmsg) {
-		if (!cmsg->cmsg_type == SCM_RIGHTS) {
+		if (cmsg->cmsg_type != SCM_RIGHTS) {
 			fprintf(stderr,
 				"ulockmgr_server: unknown control message %d\n",
 				cmsg->cmsg_type);