From: Stephen Smalley <sds@epoch.ncsc.mil>

This patch changes the security_inode_permission hook to also take a
nameidata parameter in addition to the existing inode and mask parameters. 

A nameidata is already passed (although sometimes NULL) to
fs/namei.c:permission(), and the patch changes exec_permission_lite() to
also take a nameidata parameter so that it can pass it along to the
security hook.

The patch includes corresponding changes to the SELinux module to use the
nameidata information when it is available; this allows SELinux to include
pathname information in audit messages when a nameidata structure was
supplied.