commit 3f3ed15762e959843793763db4aac37cc9bd9644 Author: Greg Kroah-Hartman Date: Tue Aug 10 11:37:31 2010 -0700 Linux 2.6.35.1 commit 4060b482bfb832715e43695e124031bede63be75 Author: Chris Wilson Date: Mon Jul 12 19:35:38 2010 +0100 drm/i915: Check overlay stride errata for i830 and i845 commit a1efd14a99483a4fb9308902397ed86b69454c99 upstream. Apparently i830 and i845 cannot handle any stride that is not a multiple of 256, unlike their brethren which do support 64 byte aligned strides. Signed-off-by: Chris Wilson Signed-off-by: Eric Anholt Signed-off-by: Greg Kroah-Hartman commit 5078304217e1e87bc7ffe8d7a4076e4cb0c0a318 Author: Chris Wilson Date: Fri Jul 9 08:45:04 2010 +0100 drm/i915: Unset cursor if out-of-bounds upon mode change (v4) commit cda4b7d3a5b1dcbc0d8e7bad52134347798e9047 upstream. The docs warn that to position the cursor such that no part of it is visible on the pipe is an undefined operation. Avoid such circumstances upon changing the mode, or at any other time, by unsetting the cursor if it moves out of bounds. "For normal high resolution display modes, the cursor must have at least a single pixel positioned over the active screen.” (p143, p148 of the hardware registers docs). Fixes: Bug 24748 - [965G] Graphics crashes when resolution is changed with KMS enabled https://bugs.freedesktop.org/show_bug.cgi?id=24748 v2: Only update the cursor registers if they change. v3: Fix the unsigned comparision of x,y against width,height. v4: Always set CUR.BASE or else the cursor may become corrupt. Signed-off-by: Chris Wilson Reported-by: Christian Eggers Cc: Christopher James Halse Rogers Signed-off-by: Eric Anholt Signed-off-by: Greg Kroah-Hartman commit c1899005b1dc135bf42198ce65cfb52c22f5bdf9 Author: Alex Deucher Date: Mon Aug 2 12:13:46 2010 -0400 drm/radeon/kms: handle the case of no active displays properly in the bandwidth code commit e06b14ee91a2ddefc9a67443a6cd8ee0fa800115 upstream. Logic was: if (mode0 && mode1) else if (mode0) else Should be: if (mode0 && mode1) else if (mode0) else if (mode1) Otherwise we may end up calculating the priority regs with unitialized values. Fixes: https://bugzilla.kernel.org/show_bug.cgi?id=16492 Signed-off-by: Alex Deucher Signed-off-by: Dave Airlie Signed-off-by: Greg Kroah-Hartman commit 44437579efca258e3c4a09f59838c8f933611990 Author: Alex Deucher Date: Mon Jul 26 18:51:53 2010 -0400 drm/radeon/kms/r7xx: add workaround for hw issue with HDP flush commit 812d046915f48236657f02c06d7dc47140e9ceda upstream. Use of HDP_*_COHERENCY_FLUSH_CNTL can cause a hang in certain situations. Add workaround. Signed-off-by: Alex Deucher Signed-off-by: Dave Airlie Signed-off-by: Greg Kroah-Hartman commit 1e4966cc558d6aac892abeed6434591348103dff Author: Michel Dänzer Date: Thu Jul 8 12:43:28 2010 +1000 drm/radeon: fall back to GTT if bo creation/validation in VRAM fails. commit e376573f7267390f4e1bdc552564b6fb913bce76 upstream. This fixes a problem where on low VRAM cards we'd run out of space for validation. [airlied: Tested on my M7, Thinkpad T42, compiz works with no problems.] Signed-off-by: Michel Dänzer Signed-off-by: Dave Airlie Signed-off-by: Greg Kroah-Hartman commit 37aa5ce0ed1e1535c22fc3d37f36e39dd82e80b1 Author: Alex Deucher Date: Wed Aug 4 11:40:00 2010 -0400 drm/radeon: add new pci ids commit 1297c05a8dfb568c689f057d51a65eebe5ddc86f upstream. New evergreen and r7xx ids. Signed-off-by: Alex Deucher Signed-off-by: Dave Airlie Signed-off-by: Greg Kroah-Hartman commit a1e0ea5d94314a56340859097442673890b04ef5 Author: Jeremy Fitzhardinge Date: Mon Jul 12 11:49:59 2010 -0700 xen: drop xen_sched_clock in favour of using plain wallclock time commit 8a22b9996b001c88f2bfb54c6de6a05fc39e177a upstream. xen_sched_clock only counts unstolen time. In principle this should be useful to the Linux scheduler so that it knows how much time a process actually consumed. But in practice this doesn't work very well as the scheduler expects the sched_clock time to be synchronized between cpus. It also uses sched_clock to measure the time a task spends sleeping, in which case "unstolen time" isn't meaningful. So just use plain xen_clocksource_read to return wallclock nanoseconds for sched_clock. Signed-off-by: Jeremy Fitzhardinge Signed-off-by: Greg Kroah-Hartman commit efe5d7f1ad582cafc68624f39ba720e12bcddb20 Author: James Bottomley Date: Fri Mar 12 16:14:42 2010 -0600 SCSI: enclosure: fix error path - actually return ERR_PTR() on error commit a91c1be21704113b023919826c6d531da46656ef upstream. we also need to clean up and free the cdev. Reported-by: Jani Nikula Signed-off-by: James Bottomley Signed-off-by: Greg Kroah-Hartman commit 5232dfac1ac008b5a4df815a5256776913dfa025 Author: David Howells Date: Wed Aug 4 16:59:14 2010 +0100 CRED: Fix RCU warning due to previous patch fixing __task_cred()'s checks commit 694f690d27dadccc8cb9d90532e76593b61fe098 upstream. Commit 8f92054e7ca1 ("CRED: Fix __task_cred()'s lockdep check and banner comment") fixed the lockdep checks on __task_cred(). This has shown up a place in the signalling code where a lock should be held - namely that check_kill_permission() requires its callers to hold the RCU lock. Fix group_send_sig_info() to get the RCU read lock around its call to check_kill_permission(). Without this patch, the following warning can occur: =================================================== [ INFO: suspicious rcu_dereference_check() usage. ] --------------------------------------------------- kernel/signal.c:660 invoked rcu_dereference_check() without protection! ... Reported-by: Tetsuo Handa Signed-off-by: David Howells Acked-by: Oleg Nesterov Signed-off-by: Linus Torvalds Signed-off-by: Greg Kroah-Hartman commit 1a0528f57734493e588229266130c247a8e26ac2 Author: John W. Linville Date: Mon Jun 21 17:14:07 2010 -0400 mac80211: avoid scheduling while atomic in mesh_rx_plink_frame commit c937019761a758f2749b1f3a032b7a91fb044753 upstream. While mesh_rx_plink_frame holds sta->lock... mesh_rx_plink_frame -> mesh_plink_inc_estab_count -> ieee80211_bss_info_change_notify ...but ieee80211_bss_info_change_notify is allowed to sleep. A driver taking advantage of that allowance can cause a scheduling while atomic bug. Similar paths exist for mesh_plink_dec_estab_count, so work around those as well. http://bugzilla.kernel.org/show_bug.cgi?id=16099 Also, correct a minor kerneldoc comment error (mismatched function names). Signed-off-by: John W. Linville Signed-off-by: Greg Kroah-Hartman commit bfcd88d2b16638f74957a78c787e0284d7080284 Author: Johannes Berg Date: Tue Jul 13 10:55:38 2010 +0200 cfg80211: don't get expired BSSes commit ccb6c1360f8dd43303c659db718e7e0b24175db5 upstream. When kernel-internal users use cfg80211_get_bss() to get a reference to a BSS struct, they may end up getting one that would have been removed from the list if there had been any userspace access to the list. This leads to inconsistencies and problems. Fix it by making cfg80211_get_bss() ignore BSSes that cfg80211_bss_expire() would remove. Fixes http://bugzilla.intellinuxwireless.org/show_bug.cgi?id=2180 Reported-by: Jiajia Zheng Tested-by: Jiajia Zheng Signed-off-by: Johannes Berg Signed-off-by: John W. Linville Signed-off-by: Greg Kroah-Hartman commit 89b15fbbcb5e77845ea1d8e96e0973caa0749fed Author: Johannes Berg Date: Mon Jul 12 14:46:43 2010 +0200 cfg80211: ignore spurious deauth commit 643f82e32f14faf0d0944c804203a6681b6b0a1e upstream. Ever since mac80211/drivers are no longer fully in charge of keeping track of the auth status, trying to make them do so will fail. Instead of warning and reporting the deauthentication to userspace, cfg80211 must simply ignore it so that spurious deauthentications, e.g. before starting authentication, aren't seen by userspace as actual deauthentications. Reported-by: Paul Stewart Signed-off-by: Johannes Berg Signed-off-by: John W. Linville Signed-off-by: Greg Kroah-Hartman commit 433a64e4233a9dd3775b1e248a01d88a3a038592 Author: Larry Finger Date: Fri May 14 22:08:58 2010 -0500 ssb: Handle alternate SSPROM location commit 9d1ac34ec3a67713308ae0883c3359c557f14d17 upstream. In kernel Bugzilla #15825 (2 users), in a wireless mailing list thread (http://lists.infradead.org/pipermail/b43-dev/2010-May/000124.html), and on a netbook owned by John Linville (http://marc.info/?l=linux-wireless&m=127230751408818&w=4), there are reports of ssb failing to detect an SPROM at the normal location. After studying the MMIO trace dump for the Broadcom wl driver, it was determined that the affected boxes had a relocated SPROM. This patch fixes all systems that have reported this problem. Signed-off-by: Larry Finger Signed-off-by: John W. Linville Signed-off-by: Greg Kroah-Hartman commit 5806c0444a387eb4cfecaec74660427f15dfd570 Author: Stanislaw Gruszka Date: Thu Jul 29 11:37:41 2010 +0200 iwlwifi: fix scan abort commit d28232b461b8d54b09e59325dbac8b0913ce2049 upstream. Fix possible double priv->mutex lock introduced by commit a69b03e941abae00380fc6bc1877fb797a1b31e6 "iwlwifi: cancel scan watchdog in iwl_bg_abort_scan" . We can not call cancel_delayed_work_sync(&priv->scan_check) with priv->mutex locked because workqueue function iwl_bg_scan_check() take that lock internally. We do not need to synchronize when canceling priv->scan_check work. We can avoid races (sending double abort command or send no command at all) using STATUS_SCAN_ABORT bit. Moreover current iwl_bg_scan_check() code seems to be broken, as we should not send abort commands when currently aborting. Signed-off-by: Stanislaw Gruszka Signed-off-by: John W. Linville Signed-off-by: Greg Kroah-Hartman commit 50c144185e4bc848ecdc58cc80113bc48beefdc4 Author: Felix Fietkau Date: Sun Jul 11 12:48:39 2010 +0200 ath9k_hw: fix antenna diversity on AR9285 commit 601e0cb165e65dc185b31fe7ebd2c0169ea47306 upstream. On AR9285, the antenna switch configuration register uses more than just 16 bits. Because of an arbitrary mask applied to the EEPROM value that stores this configuration, diversity was broken in some cases, leading to a significant degradation in signal strength. Fix this by changing the callback to return a 32 bit value and remove the arbitrary mask. Signed-off-by: Felix Fietkau Signed-off-by: John W. Linville Signed-off-by: Greg Kroah-Hartman commit b2ca8ba2791b986a96a5d008ea96dc026837b474 Author: Felix Fietkau Date: Fri Jul 23 03:53:16 2010 +0200 ath9k: fix yet another buffer leak in the tx aggregation code commit 4cee78614cfa046a26c4fbf313d5bbacb3ad8efc upstream. When an aggregation session is being cleaned up, while the tx status for some frames is being processed, the TID is flushed and its buffers are sent out. Unfortunately that left the pending un-acked frames unprocessed, thus leaking buffers. Fix this by reordering the code so that those frames are processed first, before the TID is flushed. Signed-off-by: Felix Fietkau Signed-off-by: John W. Linville Signed-off-by: Greg Kroah-Hartman commit 98757bba345d5acde19e736023733cf130675998 Author: Felix Fietkau Date: Wed Jun 30 02:07:48 2010 +0200 ath9k: fix TSF after reset on AR913x commit f860d526eb2939a1c37128900b5af2b6f3ff7f20 upstream. When issuing a reset, the TSF value is lost in the hardware because of the 913x specific cold reset. As with some AR9280 cards, the TSF needs to be preserved in software here. Additionally, there's an issue that frequently prevents a successful TSF write directly after the chip reset. In this case, repeating the TSF write after the initval-writes usually works. This patch detects failed TSF writes and recovers from them, taking into account the delay caused by the initval writes. Signed-off-by: Felix Fietkau Reported-by: Björn Smedman Signed-off-by: John W. Linville Signed-off-by: Greg Kroah-Hartman commit 793efc368f083e58093fe88e4001375a38cc9a3e Author: Felix Fietkau Date: Mon Jul 12 23:16:34 2010 +0200 ath9k: another fix for the A-MPDU buffer leak commit 31e79a5954b78fbed15de2c8974d5a2b6019199a upstream. The patch 'ath9k: fix a buffer leak in A-MPDU completion' addressed the issue of running out of buffers/descriptors in the tx path if a STA is deleted while tx status feedback is still pending. The remaining issue is that the skbs of the buffers are not reclaimed, leaving a memory leak. This patch fixes this issue by running the buffers through ath_tx_complete_buf(), ensuring that the pending frames counter is also updated. Signed-off-by: Felix Fietkau Signed-off-by: John W. Linville Signed-off-by: Greg Kroah-Hartman commit caaec883ca2702445d84ff3ee94fe149aeaa95fe Author: Felix Fietkau Date: Wed Jul 7 19:42:09 2010 +0200 ath9k: fix a buffer leak in A-MPDU completion commit 73e194639d90594d06d0c10019c0ab4638869135 upstream. When ath_tx_complete_aggr() is called, it's responsible for returning all buffers in the linked list. This was not done when the STA lookup failed, leading to a race condition that could leak a few buffers when a STA just disconnected. Fix this by immediately returning all buffers to the free list in this case. Signed-off-by: Felix Fietkau Signed-off-by: John W. Linville Signed-off-by: Greg Kroah-Hartman commit a9328d5065468169355a70246bb8ea41d9fc25ef Author: Felix Fietkau Date: Fri Jun 25 01:26:16 2010 +0200 ath9k: fix retry count for A-MPDU rate control status reports commit 78c4653a2274479547e259e1f416d2b3d04c42a8 upstream. The 'bf_retries' field of the ath_buf structure was used for both software retries (AMPDU subframes) and hardware retries (legacy frames). This led to a wrong retry count being reported for the A-MPDU rate control stats. This patch changes the code to no longer use bf_retries for reporting retry counts, but instead always using the real on-chip retry count from the ath_tx_status. Additionally, if the first subframe of an A-MPDU was not acked, the tx status report is submitted along with the first acked subframe, which may not contain the correct rates in the tx info. This is easily corrected by saving the tx rate info before looping over subframes, and then copying it back once the A-MPDU status report is submitted. In my tests this change improves throughput visibly. Signed-off-by: Felix Fietkau Reported-by: Björn Smedman Signed-off-by: John W. Linville Signed-off-by: Greg Kroah-Hartman commit 6554c27728a0b89c6aa5ba78601cd55000b2cc1b Author: Felix Fietkau Date: Sun Jul 11 12:48:41 2010 +0200 ath9k_hw: fix an off-by-one error in the PDADC boundaries calculation commit 03b4776c408d2f4bf3a5d204e223724d154716d1 upstream. PDADC values were only generated for values surrounding the target index, however not for the target index itself, leading to a minor error in the generated curve. Signed-off-by: Felix Fietkau Signed-off-by: John W. Linville Signed-off-by: Greg Kroah-Hartman commit 52166187243a4887bf3ed3aa2cd0452feb307e87 Author: Felix Fietkau Date: Sun Jul 11 12:48:40 2010 +0200 ath9k_hw: fix a sign error in the IQ calibration code commit 23399016d9583d799ca98ce443a1410b13c3e96e upstream. Signed-off-by: Felix Fietkau Signed-off-by: John W. Linville Signed-off-by: Greg Kroah-Hartman commit 5776fe6ec7296d5f89b8979d6f6958e1be8fd706 Author: Felix Fietkau Date: Sun Jul 11 12:48:42 2010 +0200 ath9k_hw: prevent a fast channel change after a rx DMA stuck issue commit 9cc2f3e881dcda5466c55ffe8dd0a9d1433469cb upstream. If the receive path gets stuck, a full hardware reset is necessary to recover from it. If this happens during a scan, the whole scan might fail, as each channel change bypasses the full reset sequence. Fix this by resetting the fast channel change flag if stopping the receive path fails. This will reduce the number of error messages that look like this: ath: DMA failed to stop in 10 ms AR_CR=0x00000024 AR_DIAG_SW=0x40000020 Signed-off-by: Felix Fietkau Signed-off-by: John W. Linville Signed-off-by: Greg Kroah-Hartman commit 94230128c1fb1eb2fa607875804bc1d5d111c98c Author: Felix Fietkau Date: Wed Jul 7 19:42:08 2010 +0200 ath9k: fix a potential buffer leak in the STA teardown path commit 2b40994cabd2f545d5c11d3a65dcee6f6f9155f8 upstream. It looks like it might be possible for a TID to be paused, while still holding some queued buffers, however ath_tx_node_cleanup currently only iterates over active TIDs. Fix this by always checking every allocated TID for the STA that is being cleaned up. Signed-off-by: Felix Fietkau Signed-off-by: John W. Linville Signed-off-by: Greg Kroah-Hartman commit 8e5ad4d847e303d1d523c87566edfc58a67e05c0 Author: John W. Linville Date: Wed Jul 28 10:06:35 2010 -0400 ath9k: enable serialize_regmode for non-PCIE AR9160 commit 4c85ab11ca56da1aa59b58c80cc6a356515cc645 upstream. https://bugzilla.kernel.org/show_bug.cgi?id=16476 Signed-off-by: John W. Linville Acked-by: Luis R. Rodriguez Signed-off-by: Greg Kroah-Hartman commit 21b2bf38c8c49bd8a2b41676f51be82ab228d711 Author: Greg Rose Date: Thu Jul 1 13:38:16 2010 +0000 igb: Use only a single Tx queue in SR-IOV mode commit 5fa8517f038d51d571981fb495206cc30ed91b06 upstream. The 82576 expects the second rx queue in any pool to receive L2 switch loop back packets sent from the second tx queue in another pool. The 82576 VF driver does not enable the second rx queue so if the PF driver sends packets destined to a VF from its second tx queue then the VF driver will never see them. In SR-IOV mode limit the number of tx queues used by the PF driver to one. This patch fixes a bug reported in which the PF cannot communciate with the VF and should be considered for 2.6.34 stable. Signed-off-by: Greg Rose Tested-by: Jeff Pieper Signed-off-by: Jeff Kirsher Signed-off-by: David S. Miller Signed-off-by: Greg Kroah-Hartman commit edea2aceac3068aab66f0fe748ffc1c3125587da Author: Dan Carpenter Date: Fri Jul 9 23:51:54 2010 +0000 9p: strlen() doesn't count the terminator commit 5c4bfa17f3ec46becec4b23d12323f7605ebd696 upstream. This is an off by one bug because strlen() doesn't count the NULL terminator. We strcpy() addr into a fixed length array of size UNIX_PATH_MAX later on. The addr variable is the name of the device being mounted. Signed-off-by: Dan Carpenter Signed-off-by: David S. Miller Signed-off-by: Greg Kroah-Hartman commit 0c41742f8b41c3fd81f96bffc8c65bbb1f0a0d8b Author: Bruce Allan Date: Tue Jul 27 12:28:46 2010 +0000 e1000e: 82577/82578 PHY register access issues commit ff847ac2d3e90edd94674c28bade25ae1e6a2e49 upstream. The MAC-PHY interconnect on 82577/82578 uses a power management feature (called K1) which must be disabled when in 1Gbps due to a hardware issue on these parts. The #define bit setting used to enable/disable K1 is incorrect and can cause PHY register accesses to stop working altogether until the next device reset. This patch sets the register correctly. This issue is present in kernels since 2.6.32. Signed-off-by: Bruce Allan Tested-by: Jeff Pieper Signed-off-by: Jeff Kirsher Signed-off-by: David S. Miller Signed-off-by: Greg Kroah-Hartman commit a436d816e9abf39ecc1cf3df6c99457caf94453d Author: Dean Nelson Date: Tue Jun 29 18:12:05 2010 +0000 e1000e: don't inadvertently re-set INTX_DISABLE commit 36f2407fe52c55566221f8c68c8fb808abffd2f5 upstream. Should e1000_test_msi() fail to see an msi interrupt, it attempts to fallback to legacy INTx interrupts. But an error in the code may prevent this from happening correctly. Before calling e1000_test_msi_interrupt(), e1000_test_msi() disables SERR by clearing the SERR bit from the just read PCI_COMMAND bits as it writes them back out. Upon return from calling e1000_test_msi_interrupt(), it re-enables SERR by writing out the version of PCI_COMMAND it had previously read. The problem with this is that e1000_test_msi_interrupt() calls pci_disable_msi(), which eventually ends up in pci_intx(). And because pci_intx() was called with enable set to 1, the INTX_DISABLE bit gets cleared from PCI_COMMAND, which is what we want. But when we get back to e1000_test_msi(), the INTX_DISABLE bit gets inadvertently re-set because of the attempt by e1000_test_msi() to re-enable SERR. The solution is to have e1000_test_msi() re-read the PCI_COMMAND bits as part of its attempt to re-enable SERR. During debugging/testing of this issue I found that not all the systems I ran on had the SERR bit set to begin with. And on some of the systems the same could be said for the INTX_DISABLE bit. Needless to say these latter systems didn't have a problem falling back to legacy INTx interrupts with the code as is. Signed-off-by: Dean Nelson Tested-by: Emil Tantilov Signed-off-by: Jeff Kirsher Signed-off-by: David S. Miller Signed-off-by: Greg Kroah-Hartman commit 2d8acc42551e9c1e184a741d39ad29014b5223a4 Author: Ian Campbell Date: Wed May 26 00:09:43 2010 +0000 xen: netfront: explicitly generate arp_notify event after migration. commit 592970675c9522bde588b945388c7995c8b51328 upstream. Use newly introduced netif_notify_peers() method to ensure a gratuitous ARP is generated after a migration. Signed-off-by: Ian Campbell Cc: Stephen Hemminger Cc: Jeremy Fitzhardinge Cc: David S. Miller Cc: netdev@vger.kernel.org Cc: xen-devel@lists.xensource.com Signed-off-by: David S. Miller Signed-off-by: Greg Kroah-Hartman commit 9bfcb1f838ee0825bed898ff34aee2010763499a Author: Ian Campbell Date: Wed May 26 00:09:42 2010 +0000 arp_notify: allow drivers to explicitly request a notification event. commit 06c4648d46d1b757d6b9591a86810be79818b60c upstream. Currently such notifications are only generated when the device comes up or the address changes. However one use case for these notifications is to enable faster network recovery after a virtual machine migration (by causing switches to relearn their MAC tables). A migration appears to the network stack as a temporary loss of carrier and therefore does not trigger either of the current conditions. Rather than adding carrier up as a trigger (which can cause issues when interfaces a flapping) simply add an interface which the driver can use to explicitly trigger the notification. Signed-off-by: Ian Campbell Cc: Stephen Hemminger Cc: Jeremy Fitzhardinge Cc: David S. Miller Cc: netdev@vger.kernel.org Signed-off-by: David S. Miller Signed-off-by: Greg Kroah-Hartman commit 69e18d28ab99ba499e2afba725f16a22f7424a4e Author: Borislav Petkov Date: Tue Aug 3 16:51:28 2010 +0200 amd64_edac: Fix operator precendence error commit 962b70a1eb22c467b95756a290c694e73da17f41 upstream. The bitwise AND is of higher precedence, make that explicit. Signed-off-by: Borislav Petkov Signed-off-by: Greg Kroah-Hartman commit 1c628740e807234af95f299975fda2c3e0115547 Author: Borislav Petkov Date: Fri May 21 21:25:03 2010 +0200 amd64_edac: Correct scrub rate setting commit bc57117856cf1e581135810b37d3b75f9d1749f5 upstream. Exit early when setting scrub rate on unknown/unsupported families. Signed-off-by: Borislav Petkov Acked-by: Doug Thompson Signed-off-by: Greg Kroah-Hartman commit 8566b8f5bc2fe3f7f179621512ad4805e45bccc1 Author: Borislav Petkov Date: Mon Mar 8 18:29:35 2010 +0100 amd64_edac: Fix DCT base address selector commit 9975a5f22a4fcc8d08035c65439900a983f891ad upstream. The correct check is to verify whether in high range we're below 4GB and not to extract the DctSelBaseAddr again. See "2.8.5 Routing DRAM Requests" in the F10h BKDG. Signed-off-by: Borislav Petkov Acked-by: Doug Thompson Signed-off-by: Greg Kroah-Hartman commit 5a8477871f0b45664eedfa352c3942093408a169 Author: Kyle McMartin Date: Tue Aug 3 20:38:08 2010 -0400 parisc: pass through '\t' to early (iodc) console commit d9b68e5e88248bb24fd4e455588bea1d56108fd6 upstream. The firmware handles '\t' internally, so stop trying to emulate it (which, incidentally, had a bug in it.) Fixes a really weird hang at bootup in rcu_bootup_announce, which, as far as I can tell, is the first printk in the core kernel to use a tab as the first character. Signed-off-by: Kyle McMartin Signed-off-by: Linus Torvalds Signed-off-by: Greg Kroah-Hartman commit acdc70839d626fa98417b8905bfa1e88087f3097 Author: Tejun Heo Date: Wed Aug 4 17:59:39 2010 +0200 block_dev: always serialize exclusive open attempts commit e75aa85892b2ee78c79edac720868cbef16e62eb upstream. bd_prepare_to_claim() incorrectly allowed multiple attempts for exclusive open to progress in parallel if the attempting holders are identical. This triggered BUG_ON() as reported in the following bug. https://bugzilla.kernel.org/show_bug.cgi?id=16393 __bd_abort_claiming() is used to finish claiming blocks and doesn't work if multiple openers are inside a claiming block. Allowing multiple parallel open attempts to continue doesn't gain anything as those are serialized down in the call chain anyway. Fix it by always allowing only single open attempt in a claiming block. This problem can easily be reproduced by adding a delay after bd_prepare_to_claim() and attempting to mount two partitions of a disk. Signed-off-by: Tejun Heo Reported-by: Markus Trippelsdorf Signed-off-by: Linus Torvalds Signed-off-by: Greg Kroah-Hartman commit 2812c8f70ec3a6c5abd0305a42366c880a18a85a Author: Baruch Siach Date: Tue Jul 6 14:03:22 2010 +0300 arm/imx/gpio: add spinlock protection commit 14cb0deb66fcfca8fdbef75da8c84b5405a8c767 upstream. The GPIO registers need protection from concurrent access for operations that are not atomic. Cc: Juergen Beisert Cc: Daniel Mack Reported-by: rpkamiak@rockwellcollins.com Signed-off-by: Baruch Siach Signed-off-by: Sascha Hauer Signed-off-by: Greg Kroah-Hartman commit 01212f0b3d3f13d263cf157128f836496b78b113 Author: Helge Deller Date: Mon Aug 2 22:46:41 2010 +0200 PARISC: led.c - fix potential stack overflow in led_proc_write() commit 4b4fd27c0b5ec638a1f06ced9226fd95229dbbf0 upstream. avoid potential stack overflow by correctly checking count parameter Reported-by: Ilja Signed-off-by: Helge Deller Acked-by: Kyle McMartin Cc: James E.J. Bottomley Signed-off-by: Linus Torvalds Signed-off-by: Greg Kroah-Hartman