--- /dev/null
+From 7a401a972df8e184b3d1a3fc958c0a4ddee8d312 Mon Sep 17 00:00:00 2001
+From: Rabin Vincent <rabin.vincent@stericsson.com>
+Date: Fri, 11 Nov 2011 13:29:04 +0100
+Subject: backing-dev: ensure wakeup_timer is deleted
+
+From: Rabin Vincent <rabin.vincent@stericsson.com>
+
+commit 7a401a972df8e184b3d1a3fc958c0a4ddee8d312 upstream.
+
+bdi_prune_sb() in bdi_unregister() attempts to removes the bdi links
+from all super_blocks and then del_timer_sync() the writeback timer.
+
+However, this can race with __mark_inode_dirty(), leading to
+bdi_wakeup_thread_delayed() rearming the writeback timer on the bdi
+we're unregistering, after we've called del_timer_sync().
+
+This can end up with the bdi being freed with an active timer inside it,
+as in the case of the following dump after the removal of an SD card.
+
+Fix this by redoing the del_timer_sync() in bdi_destory().
+
+ ------------[ cut here ]------------
+ WARNING: at /home/rabin/kernel/arm/lib/debugobjects.c:262 debug_print_object+0x9c/0xc8()
+ ODEBUG: free active (active state 0) object type: timer_list hint: wakeup_timer_fn+0x0/0x180
+ Modules linked in:
+ Backtrace:
+ [<c00109dc>] (dump_backtrace+0x0/0x110) from [<c0236e4c>] (dump_stack+0x18/0x1c)
+ r6:c02bc638 r5:00000106 r4:c79f5d18 r3:00000000
+ [<c0236e34>] (dump_stack+0x0/0x1c) from [<c0025e6c>] (warn_slowpath_common+0x54/0x6c)
+ [<c0025e18>] (warn_slowpath_common+0x0/0x6c) from [<c0025f28>] (warn_slowpath_fmt+0x38/0x40)
+ r8:20000013 r7:c780c6f0 r6:c031613c r5:c780c6f0 r4:c02b1b29
+ r3:00000009
+ [<c0025ef0>] (warn_slowpath_fmt+0x0/0x40) from [<c015eb4c>] (debug_print_object+0x9c/0xc8)
+ r3:c02b1b29 r2:c02bc662
+ [<c015eab0>] (debug_print_object+0x0/0xc8) from [<c015f574>] (debug_check_no_obj_freed+0xac/0x1dc)
+ r6:c7964000 r5:00000001 r4:c7964000
+ [<c015f4c8>] (debug_check_no_obj_freed+0x0/0x1dc) from [<c00a9e38>] (kmem_cache_free+0x88/0x1f8)
+ [<c00a9db0>] (kmem_cache_free+0x0/0x1f8) from [<c014286c>] (blk_release_queue+0x70/0x78)
+ [<c01427fc>] (blk_release_queue+0x0/0x78) from [<c015290c>] (kobject_release+0x70/0x84)
+ r5:c79641f0 r4:c796420c
+ [<c015289c>] (kobject_release+0x0/0x84) from [<c0153ce4>] (kref_put+0x68/0x80)
+ r7:00000083 r6:c74083d0 r5:c015289c r4:c796420c
+ [<c0153c7c>] (kref_put+0x0/0x80) from [<c01527d0>] (kobject_put+0x48/0x5c)
+ r5:c79643b4 r4:c79641f0
+ [<c0152788>] (kobject_put+0x0/0x5c) from [<c013ddd8>] (blk_cleanup_queue+0x68/0x74)
+ r4:c7964000
+ [<c013dd70>] (blk_cleanup_queue+0x0/0x74) from [<c01a6370>] (mmc_blk_put+0x78/0xe8)
+ r5:00000000 r4:c794c400
+ [<c01a62f8>] (mmc_blk_put+0x0/0xe8) from [<c01a64b4>] (mmc_blk_release+0x24/0x38)
+ r5:c794c400 r4:c0322824
+ [<c01a6490>] (mmc_blk_release+0x0/0x38) from [<c00de11c>] (__blkdev_put+0xe8/0x170)
+ r5:c78d5e00 r4:c74083c0
+ [<c00de034>] (__blkdev_put+0x0/0x170) from [<c00de2c0>] (blkdev_put+0x11c/0x12c)
+ r8:c79f5f70 r7:00000001 r6:c74083d0 r5:00000083 r4:c74083c0
+ r3:00000000
+ [<c00de1a4>] (blkdev_put+0x0/0x12c) from [<c00b0724>] (kill_block_super+0x60/0x6c)
+ r7:c7942300 r6:c79f4000 r5:00000083 r4:c74083c0
+ [<c00b06c4>] (kill_block_super+0x0/0x6c) from [<c00b0a94>] (deactivate_locked_super+0x44/0x70)
+ r6:c79f4000 r5:c031af64 r4:c794dc00 r3:c00b06c4
+ [<c00b0a50>] (deactivate_locked_super+0x0/0x70) from [<c00b1358>] (deactivate_super+0x6c/0x70)
+ r5:c794dc00 r4:c794dc00
+ [<c00b12ec>] (deactivate_super+0x0/0x70) from [<c00c88b0>] (mntput_no_expire+0x188/0x194)
+ r5:c794dc00 r4:c7942300
+ [<c00c8728>] (mntput_no_expire+0x0/0x194) from [<c00c95e0>] (sys_umount+0x2e4/0x310)
+ r6:c7942300 r5:00000000 r4:00000000 r3:00000000
+ [<c00c92fc>] (sys_umount+0x0/0x310) from [<c000d940>] (ret_fast_syscall+0x0/0x30)
+ ---[ end trace e5c83c92ada51c76 ]---
+
+Signed-off-by: Rabin Vincent <rabin.vincent@stericsson.com>
+Signed-off-by: Linus Walleij <linus.walleij@linaro.org>
+Signed-off-by: Jens Axboe <axboe@kernel.dk>
+Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
+
+---
+ mm/backing-dev.c | 8 ++++++++
+ 1 file changed, 8 insertions(+)
+
+--- a/mm/backing-dev.c
++++ b/mm/backing-dev.c
+@@ -720,6 +720,14 @@ void bdi_destroy(struct backing_dev_info
+
+ bdi_unregister(bdi);
+
++ /*
++ * If bdi_unregister() had already been called earlier, the
++ * wakeup_timer could still be armed because bdi_prune_sb()
++ * can race with the bdi_wakeup_thread_delayed() calls from
++ * __mark_inode_dirty().
++ */
++ del_timer_sync(&bdi->wb.wakeup_timer);
++
+ for (i = 0; i < NR_BDI_STAT_ITEMS; i++)
+ percpu_counter_destroy(&bdi->bdi_stat[i]);
+
--- /dev/null
+From 6b76106d8ef31111d6fc469564b83b5f5542794f Mon Sep 17 00:00:00 2001
+From: Ben Hutchings <ben@decadent.org.uk>
+Date: Sun, 13 Nov 2011 19:58:09 +0100
+Subject: block: Always check length of all iov entries in blk_rq_map_user_iov()
+
+From: Ben Hutchings <ben@decadent.org.uk>
+
+commit 6b76106d8ef31111d6fc469564b83b5f5542794f upstream.
+
+Even after commit 5478755616ae2ef1ce144dded589b62b2a50d575
+("block: check for proper length of iov entries earlier ...")
+we still won't check for zero-length entries after an unaligned
+entry. Remove the break-statement, so all entries are checked.
+
+Signed-off-by: Ben Hutchings <ben@decadent.org.uk>
+Signed-off-by: Jens Axboe <axboe@kernel.dk>
+Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
+
+---
+ block/blk-map.c | 7 ++++---
+ 1 file changed, 4 insertions(+), 3 deletions(-)
+
+--- a/block/blk-map.c
++++ b/block/blk-map.c
+@@ -204,10 +204,11 @@ int blk_rq_map_user_iov(struct request_q
+ if (!iov[i].iov_len)
+ return -EINVAL;
+
+- if (uaddr & queue_dma_alignment(q)) {
++ /*
++ * Keep going so we check length of all segments
++ */
++ if (uaddr & queue_dma_alignment(q))
+ unaligned = 1;
+- break;
+- }
+ }
+
+ if (unaligned || (q->dma_pad_mask & len) || map_data)
--- /dev/null
+From de1d9248eadd27539eba449b4d09428252e80c04 Mon Sep 17 00:00:00 2001
+From: Michael Neuling <mikey@neuling.org>
+Date: Wed, 9 Nov 2011 20:39:49 +0000
+Subject: powerpc: Add hvcall.h include to book3s_hv.c
+
+From: Michael Neuling <mikey@neuling.org>
+
+commit de1d9248eadd27539eba449b4d09428252e80c04 upstream.
+
+If you build with KVM and UP it fails with the following due to a
+missing include.
+
+/arch/powerpc/kvm/book3s_hv.c: In function 'do_h_register_vpa':
+arch/powerpc/kvm/book3s_hv.c:156:10: error: 'H_PARAMETER' undeclared (first use in this function)
+arch/powerpc/kvm/book3s_hv.c:156:10: note: each undeclared identifier is reported only once for each function it appears in
+arch/powerpc/kvm/book3s_hv.c:192:12: error: 'H_RESOURCE' undeclared (first use in this function)
+arch/powerpc/kvm/book3s_hv.c:222:9: error: 'H_SUCCESS' undeclared (first use in this function)
+arch/powerpc/kvm/book3s_hv.c: In function 'kvmppc_pseries_do_hcall':
+arch/powerpc/kvm/book3s_hv.c:228:30: error: 'H_SUCCESS' undeclared (first use in this function)
+arch/powerpc/kvm/book3s_hv.c:232:7: error: 'H_CEDE' undeclared (first use in this function)
+arch/powerpc/kvm/book3s_hv.c:234:7: error: 'H_PROD' undeclared (first use in this function)
+arch/powerpc/kvm/book3s_hv.c:238:10: error: 'H_PARAMETER' undeclared (first use in this function)
+arch/powerpc/kvm/book3s_hv.c:250:7: error: 'H_CONFER' undeclared (first use in this function)
+arch/powerpc/kvm/book3s_hv.c:252:7: error: 'H_REGISTER_VPA' undeclared (first use in this function)
+make[2]: *** [arch/powerpc/kvm/book3s_hv.o] Error 1
+
+Signed-off-by: Michael Neuling <mikey@neuling.org>
+Signed-off-by: Benjamin Herrenschmidt <benh@kernel.crashing.org>
+Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
+
+---
+ arch/powerpc/kvm/book3s_hv.c | 1 +
+ 1 file changed, 1 insertion(+)
+
+--- a/arch/powerpc/kvm/book3s_hv.c
++++ b/arch/powerpc/kvm/book3s_hv.c
+@@ -43,6 +43,7 @@
+ #include <asm/processor.h>
+ #include <asm/cputhreads.h>
+ #include <asm/page.h>
++#include <asm/hvcall.h>
+ #include <linux/gfp.h>
+ #include <linux/sched.h>
+ #include <linux/vmalloc.h>
--- /dev/null
+From d715e433b7ad19c02fc4becf0d5e9a59f97925de Mon Sep 17 00:00:00 2001
+From: Anton Blanchard <anton@samba.org>
+Date: Mon, 14 Nov 2011 12:54:47 +0000
+Subject: powerpc: Copy down exception vectors after feature fixups
+
+From: Anton Blanchard <anton@samba.org>
+
+commit d715e433b7ad19c02fc4becf0d5e9a59f97925de upstream.
+
+kdump fails because we try to execute an HV only instruction. Feature
+fixups are being applied after we copy the exception vectors down to 0
+so they miss out on any updates.
+
+We have always had this issue but it only became critical in v3.0
+when we added CFAR support (breaks POWER5) and v3.1 when we added
+POWERNV (breaks everyone).
+
+Signed-off-by: Anton Blanchard <anton@samba.org>
+Signed-off-by: Benjamin Herrenschmidt <benh@kernel.crashing.org>
+Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
+
+---
+ arch/powerpc/include/asm/sections.h | 2 +-
+ arch/powerpc/include/asm/synch.h | 1 +
+ arch/powerpc/kernel/kvm.c | 1 -
+ arch/powerpc/kernel/setup_32.c | 2 ++
+ arch/powerpc/kernel/setup_64.c | 1 +
+ arch/powerpc/lib/feature-fixups.c | 23 +++++++++++++++++++++++
+ 6 files changed, 28 insertions(+), 2 deletions(-)
+
+--- a/arch/powerpc/include/asm/sections.h
++++ b/arch/powerpc/include/asm/sections.h
+@@ -8,7 +8,7 @@
+
+ #ifdef __powerpc64__
+
+-extern char _end[];
++extern char __end_interrupts[];
+
+ static inline int in_kernel_text(unsigned long addr)
+ {
+--- a/arch/powerpc/include/asm/synch.h
++++ b/arch/powerpc/include/asm/synch.h
+@@ -13,6 +13,7 @@
+ extern unsigned int __start___lwsync_fixup, __stop___lwsync_fixup;
+ extern void do_lwsync_fixups(unsigned long value, void *fixup_start,
+ void *fixup_end);
++extern void do_final_fixups(void);
+
+ static inline void eieio(void)
+ {
+--- a/arch/powerpc/kernel/kvm.c
++++ b/arch/powerpc/kernel/kvm.c
+@@ -131,7 +131,6 @@ static void kvm_patch_ins_b(u32 *inst, i
+ /* On relocatable kernels interrupts handlers and our code
+ can be in different regions, so we don't patch them */
+
+- extern u32 __end_interrupts;
+ if ((ulong)inst < (ulong)&__end_interrupts)
+ return;
+ #endif
+--- a/arch/powerpc/kernel/setup_32.c
++++ b/arch/powerpc/kernel/setup_32.c
+@@ -107,6 +107,8 @@ notrace unsigned long __init early_init(
+ PTRRELOC(&__start___lwsync_fixup),
+ PTRRELOC(&__stop___lwsync_fixup));
+
++ do_final_fixups();
++
+ return KERNELBASE + offset;
+ }
+
+--- a/arch/powerpc/kernel/setup_64.c
++++ b/arch/powerpc/kernel/setup_64.c
+@@ -353,6 +353,7 @@ void __init setup_system(void)
+ &__start___fw_ftr_fixup, &__stop___fw_ftr_fixup);
+ do_lwsync_fixups(cur_cpu_spec->cpu_features,
+ &__start___lwsync_fixup, &__stop___lwsync_fixup);
++ do_final_fixups();
+
+ /*
+ * Unflatten the device-tree passed by prom_init or kexec
+--- a/arch/powerpc/lib/feature-fixups.c
++++ b/arch/powerpc/lib/feature-fixups.c
+@@ -18,6 +18,8 @@
+ #include <linux/init.h>
+ #include <asm/cputable.h>
+ #include <asm/code-patching.h>
++#include <asm/page.h>
++#include <asm/sections.h>
+
+
+ struct fixup_entry {
+@@ -128,6 +130,27 @@ void do_lwsync_fixups(unsigned long valu
+ }
+ }
+
++void do_final_fixups(void)
++{
++#if defined(CONFIG_PPC64) && defined(CONFIG_RELOCATABLE)
++ int *src, *dest;
++ unsigned long length;
++
++ if (PHYSICAL_START == 0)
++ return;
++
++ src = (int *)(KERNELBASE + PHYSICAL_START);
++ dest = (int *)KERNELBASE;
++ length = (__end_interrupts - _stext) / sizeof(int);
++
++ while (length--) {
++ patch_instruction(dest, *src);
++ src++;
++ dest++;
++ }
++#endif
++}
++
+ #ifdef CONFIG_FTR_FIXUP_SELFTEST
+
+ #define check(x) \
--- /dev/null
+From 72f3bea075287785ed32b777b6dd2636aa7002e8 Mon Sep 17 00:00:00 2001
+From: Geoff Levand <geoff@infradead.org>
+Date: Tue, 8 Nov 2011 12:37:26 +0000
+Subject: powerpc/ps3: Fix lost SMP IPIs
+
+From: Geoff Levand <geoff@infradead.org>
+
+commit 72f3bea075287785ed32b777b6dd2636aa7002e8 upstream.
+
+Fixes the PS3 bootup hang introduced in 3.0-rc1 by:
+
+ commit 317f394160e9beb97d19a84c39b7e5eb3d7815a
+ sched: Move the second half of ttwu() to the remote cpu
+
+Move the PS3's LV1 EOI call lv1_end_of_interrupt_ext() from ps3_chip_eoi()
+to ps3_get_irq() for IPI messages.
+
+If lv1_send_event_locally() is called between a previous call to
+lv1_send_event_locally() and the coresponding call to
+lv1_end_of_interrupt_ext() the second event will not be delivered to the
+target cpu.
+
+The PS3's SMP IPIs are implemented using lv1_send_event_locally(), so if two
+IPI messages of the same type are sent to the same target in a relatively
+short period of time the second IPI event can become lost when
+lv1_end_of_interrupt_ext() is called from ps3_chip_eoi().
+
+Signed-off-by: Geoff Levand <geoff@infradead.org>
+Signed-off-by: Benjamin Herrenschmidt <benh@kernel.crashing.org>
+Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
+
+---
+ arch/powerpc/platforms/ps3/interrupt.c | 23 ++++++++++++++++++++++-
+ arch/powerpc/platforms/ps3/platform.h | 1 +
+ arch/powerpc/platforms/ps3/smp.c | 2 ++
+ 3 files changed, 25 insertions(+), 1 deletion(-)
+
+--- a/arch/powerpc/platforms/ps3/interrupt.c
++++ b/arch/powerpc/platforms/ps3/interrupt.c
+@@ -88,6 +88,7 @@ struct ps3_private {
+ struct ps3_bmp bmp __attribute__ ((aligned (PS3_BMP_MINALIGN)));
+ u64 ppe_id;
+ u64 thread_id;
++ unsigned long ipi_mask;
+ };
+
+ static DEFINE_PER_CPU(struct ps3_private, ps3_private);
+@@ -144,7 +145,11 @@ static void ps3_chip_unmask(struct irq_d
+ static void ps3_chip_eoi(struct irq_data *d)
+ {
+ const struct ps3_private *pd = irq_data_get_irq_chip_data(d);
+- lv1_end_of_interrupt_ext(pd->ppe_id, pd->thread_id, d->irq);
++
++ /* non-IPIs are EOIed here. */
++
++ if (!test_bit(63 - d->irq, &pd->ipi_mask))
++ lv1_end_of_interrupt_ext(pd->ppe_id, pd->thread_id, d->irq);
+ }
+
+ /**
+@@ -691,6 +696,16 @@ void __init ps3_register_ipi_debug_brk(u
+ cpu, virq, pd->bmp.ipi_debug_brk_mask);
+ }
+
++void __init ps3_register_ipi_irq(unsigned int cpu, unsigned int virq)
++{
++ struct ps3_private *pd = &per_cpu(ps3_private, cpu);
++
++ set_bit(63 - virq, &pd->ipi_mask);
++
++ DBG("%s:%d: cpu %u, virq %u, ipi_mask %lxh\n", __func__, __LINE__,
++ cpu, virq, pd->ipi_mask);
++}
++
+ static unsigned int ps3_get_irq(void)
+ {
+ struct ps3_private *pd = &__get_cpu_var(ps3_private);
+@@ -720,6 +735,12 @@ static unsigned int ps3_get_irq(void)
+ BUG();
+ }
+ #endif
++
++ /* IPIs are EOIed here. */
++
++ if (test_bit(63 - plug, &pd->ipi_mask))
++ lv1_end_of_interrupt_ext(pd->ppe_id, pd->thread_id, plug);
++
+ return plug;
+ }
+
+--- a/arch/powerpc/platforms/ps3/platform.h
++++ b/arch/powerpc/platforms/ps3/platform.h
+@@ -43,6 +43,7 @@ void ps3_mm_shutdown(void);
+ void ps3_init_IRQ(void);
+ void ps3_shutdown_IRQ(int cpu);
+ void __init ps3_register_ipi_debug_brk(unsigned int cpu, unsigned int virq);
++void __init ps3_register_ipi_irq(unsigned int cpu, unsigned int virq);
+
+ /* smp */
+
+--- a/arch/powerpc/platforms/ps3/smp.c
++++ b/arch/powerpc/platforms/ps3/smp.c
+@@ -94,6 +94,8 @@ static void __init ps3_smp_setup_cpu(int
+
+ if (result)
+ virqs[i] = NO_IRQ;
++ else
++ ps3_register_ipi_irq(cpu, virqs[i]);
+ }
+
+ ps3_register_ipi_debug_brk(cpu, virqs[PPC_MSG_DEBUGGER_BREAK]);
staging-brcm80211-fill-in-proper-rx-rate-in-mac80211-rx-status.patch
b43-refuse-to-load-unsupported-firmware.patch
mfd-fix-twl4030-dependencies-for-audio-codec.patch
+xen-pvhvm-enable-pvhvm-vcpu-placement-when-using-more-than-32-cpus.patch
+xen-gntalloc-integer-overflow-in-gntalloc_ioctl_alloc.patch
+xen-gntalloc-signedness-bug-in-add_grefs.patch
+powerpc-ps3-fix-lost-smp-ipis.patch
+powerpc-add-hvcall.h-include-to-book3s_hv.c.patch
+powerpc-copy-down-exception-vectors-after-feature-fixups.patch
+backing-dev-ensure-wakeup_timer-is-deleted.patch
+block-always-check-length-of-all-iov-entries-in.patch
--- /dev/null
+From 21643e69a4c06f7ef155fbc70e3fba13fba4a756 Mon Sep 17 00:00:00 2001
+From: Dan Carpenter <dan.carpenter@oracle.com>
+Date: Fri, 4 Nov 2011 21:24:08 +0300
+Subject: xen-gntalloc: integer overflow in gntalloc_ioctl_alloc()
+
+From: Dan Carpenter <dan.carpenter@oracle.com>
+
+commit 21643e69a4c06f7ef155fbc70e3fba13fba4a756 upstream.
+
+On 32 bit systems a high value of op.count could lead to an integer
+overflow in the kzalloc() and gref_ids would be smaller than
+expected. If the you triggered another integer overflow in
+"if (gref_size + op.count > limit)" then you'd probably get memory
+corruption inside add_grefs().
+
+Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com>
+Signed-off-by: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
+Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
+
+---
+ drivers/xen/gntalloc.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+--- a/drivers/xen/gntalloc.c
++++ b/drivers/xen/gntalloc.c
+@@ -280,7 +280,7 @@ static long gntalloc_ioctl_alloc(struct
+ goto out;
+ }
+
+- gref_ids = kzalloc(sizeof(gref_ids[0]) * op.count, GFP_TEMPORARY);
++ gref_ids = kcalloc(op.count, sizeof(gref_ids[0]), GFP_TEMPORARY);
+ if (!gref_ids) {
+ rc = -ENOMEM;
+ goto out;
--- /dev/null
+From 99cb2ddcc617f43917e94a4147aa3ccdb2bcd77e Mon Sep 17 00:00:00 2001
+From: Dan Carpenter <dan.carpenter@oracle.com>
+Date: Fri, 4 Nov 2011 21:24:36 +0300
+Subject: xen-gntalloc: signedness bug in add_grefs()
+
+From: Dan Carpenter <dan.carpenter@oracle.com>
+
+commit 99cb2ddcc617f43917e94a4147aa3ccdb2bcd77e upstream.
+
+gref->gref_id is unsigned so the error handling didn't work.
+gnttab_grant_foreign_access() returns an int type, so we can add a
+cast here, and it doesn't cause any problems.
+gnttab_grant_foreign_access() can return a variety of errors
+including -ENOSPC, -ENOSYS and -ENOMEM.
+
+Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com>
+Signed-off-by: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
+Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
+
+---
+ drivers/xen/gntalloc.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+--- a/drivers/xen/gntalloc.c
++++ b/drivers/xen/gntalloc.c
+@@ -135,7 +135,7 @@ static int add_grefs(struct ioctl_gntall
+ /* Grant foreign access to the page. */
+ gref->gref_id = gnttab_grant_foreign_access(op->domid,
+ pfn_to_mfn(page_to_pfn(gref->page)), readonly);
+- if (gref->gref_id < 0) {
++ if ((int)gref->gref_id < 0) {
+ rc = gref->gref_id;
+ goto undo;
+ }
--- /dev/null
+From 90d4f5534d14815bd94c10e8ceccc57287657ecc Mon Sep 17 00:00:00 2001
+From: Zhenzhong Duan <zhenzhong.duan@oracle.com>
+Date: Thu, 27 Oct 2011 22:28:59 -0700
+Subject: xen:pvhvm: enable PVHVM VCPU placement when using more than 32 CPUs.
+
+From: Zhenzhong Duan <zhenzhong.duan@oracle.com>
+
+commit 90d4f5534d14815bd94c10e8ceccc57287657ecc upstream.
+
+PVHVM running with more than 32 vcpus and pv_irq/pv_time enabled
+need VCPU placement to work, or else it will softlockup.
+
+Acked-by: Stefano Stabellini <stefano.stabellini@eu.citrix.com>
+Signed-off-by: Zhenzhong Duan <zhenzhong.duan@oracle.com>
+Signed-off-by: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
+Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
+
+---
+ arch/x86/xen/enlighten.c | 3 +--
+ 1 file changed, 1 insertion(+), 2 deletions(-)
+
+--- a/arch/x86/xen/enlighten.c
++++ b/arch/x86/xen/enlighten.c
+@@ -1355,7 +1355,7 @@ static int __cpuinit xen_hvm_cpu_notify(
+ int cpu = (long)hcpu;
+ switch (action) {
+ case CPU_UP_PREPARE:
+- per_cpu(xen_vcpu, cpu) = &HYPERVISOR_shared_info->vcpu_info[cpu];
++ xen_vcpu_setup(cpu);
+ if (xen_have_vector_callback)
+ xen_init_lock_cpu(cpu);
+ break;
+@@ -1385,7 +1385,6 @@ static void __init xen_hvm_guest_init(vo
+ xen_hvm_smp_init();
+ register_cpu_notifier(&xen_hvm_cpu_notifier);
+ xen_unplug_emulated_devices();
+- have_vcpu_info_placement = 0;
+ x86_init.irqs.intr_init = xen_init_IRQ;
+ xen_hvm_init_time_ops();
+ xen_hvm_init_mmu_ops();
projects / thirdparty / kernel / stable-queue.git / commitdiff
