--- /dev/null
+From 7b4d469228a92a00e412675817cedd60133de38a Mon Sep 17 00:00:00 2001
+From: Alexey Starikovskiy <astarikovskiy@suse.de>
+Date: Thu, 13 Nov 2008 12:00:03 +0300
+Subject: ACPI: EC: count interrupts only if called from interrupt handler.
+
+From: Alexey Starikovskiy <astarikovskiy@suse.de>
+
+commit 7b4d469228a92a00e412675817cedd60133de38a upstream.
+
+fix 2.6.28 EC interrupt storm regression
+
+Signed-off-by: Alexey Starikovskiy <astarikovskiy@suse.de>
+Signed-off-by: Len Brown <len.brown@intel.com>
+Cc: Alan Jenkins <alan-jenkins@tuffmail.co.uk>
+Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
+
+---
+ drivers/acpi/ec.c | 3 ++-
+ 1 file changed, 2 insertions(+), 1 deletion(-)
+
+--- a/drivers/acpi/ec.c
++++ b/drivers/acpi/ec.c
+@@ -219,7 +219,8 @@ static void gpe_transaction(struct acpi_
+ goto unlock;
+ err:
+ /* false interrupt, state didn't change */
+- ++ec->curr->irq_count;
++ if (in_interrupt())
++ ++ec->curr->irq_count;
+ unlock:
+ spin_unlock_irqrestore(&ec->curr_lock, flags);
+ }
--- /dev/null
+From sjayaraman@suse.de Wed Dec 3 08:52:01 2008
+From: Steve French <sfrench@us.ibm.com>
+Date: Fri, 21 Nov 2008 12:58:52 +0530
+Subject: cifs: Fix error in smb_send2
+To: stable@kernel.org
+Cc: Steve French <smfrench@gmail.com>, Shirish S Pargaonkar <shirishp@us.ibm.com>, Jeff Layton <jlayton@redhat.com>
+Message-ID: <49266334.7040901@suse.de>
+
+From: Steve French <sfrench@us.ibm.com>
+
+Backport of upstream commit 61de800d33af585cb7e6f27b5cdd51029c6855cb
+for -stable.
+
+[CIFS] fix error in smb_send2
+
+smb_send2 exit logic was strange, and with the previous change
+could cause us to fail large
+smb writes when all of the smb was not sent as one chunk.
+
+Acked-by: Jeff Layton <jlayton@redhat.com>
+Signed-off-by: Steve French <sfrench@us.ibm.com>
+Cc: Suresh Jayaraman <sjayaraman@suse.de>
+Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
+
+---
+ fs/cifs/cifssmb.c | 2 +-
+ fs/cifs/file.c | 2 +-
+ fs/cifs/transport.c | 7 +++++--
+ 3 files changed, 7 insertions(+), 4 deletions(-)
+
+--- a/fs/cifs/cifssmb.c
++++ b/fs/cifs/cifssmb.c
+@@ -1534,7 +1534,7 @@ CIFSSMBWrite(const int xid, struct cifsT
+ __u32 bytes_sent;
+ __u16 byte_count;
+
+- /* cFYI(1,("write at %lld %d bytes",offset,count));*/
++ /* cFYI(1, ("write at %lld %d bytes",offset,count));*/
+ if (tcon->ses == NULL)
+ return -ECONNABORTED;
+
+--- a/fs/cifs/file.c
++++ b/fs/cifs/file.c
+@@ -1813,7 +1813,7 @@ static int cifs_readpages(struct file *f
+ pTcon = cifs_sb->tcon;
+
+ pagevec_init(&lru_pvec, 0);
+- cFYI(DBG2, ("rpages: num pages %d", num_pages));
++ cFYI(DBG2, ("rpages: num pages %d", num_pages));
+ for (i = 0; i < num_pages; ) {
+ unsigned contig_pages;
+ struct page *tmp_page;
+--- a/fs/cifs/transport.c
++++ b/fs/cifs/transport.c
+@@ -291,8 +291,11 @@ smb_send2(struct TCP_Server_Info *server
+ if (rc < 0)
+ break;
+
+- if (rc >= total_len) {
+- WARN_ON(rc > total_len);
++ if (rc == total_len) {
++ total_len = 0;
++ break;
++ } else if (rc > total_len) {
++ cERROR(1, ("sent %d requested %d", rc, total_len));
+ break;
+ }
+ if (rc == 0) {
--- /dev/null
+From sjayaraman@suse.de Wed Dec 3 08:51:11 2008
+From: Steve French <sfrench@us.ibm.com>
+Date: Fri, 21 Nov 2008 12:58:40 +0530
+Subject: cifs: Reduce number of socket retries in large write path
+To: stable@kernel.org
+Cc: Steve French <smfrench@gmail.com>, Jeff Layton <jlayton@redhat.com>, Shirish S Pargaonkar <shirishp@us.ibm.com>
+Message-ID: <49266328.4000409@suse.de>
+
+From: Steve French <sfrench@us.ibm.com>
+
+Backport of upstream commit edf1ae403896cb7750800508b14996ba6be39a53
+for -stable.
+
+[CIFS] Reduce number of socket retries in large write path
+
+CIFS in some heavy stress conditions cifs could get EAGAIN
+repeatedly in smb_send2 which led to repeated retries and eventually
+failure of large writes which could lead to data corruption.
+
+There are three changes that were suggested by various network
+developers:
+
+1) convert cifs from non-blocking to blocking tcp sendmsg
+(we left in the retry on failure)
+2) change cifs to not set sendbuf and rcvbuf size for the socket
+(let tcp autotune the buffer sizes since that works much better
+in the TCP stack now)
+3) if we have a partial frame sent in smb_send2, mark the tcp
+session as invalid (close the socket and reconnect) so we do
+not corrupt the remaining part of the SMB with the beginning
+of the next SMB.
+
+This does not appear to hurt performance measurably and has
+been run in various scenarios, but it definately removes
+a corruption that we were seeing in some high stress
+test cases.
+
+Acked-by: Shirish Pargaonkar <shirishp@us.ibm.com>
+Signed-off-by: Steve French <sfrench@us.ibm.com>
+Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
+
+---
+ fs/cifs/cifsglob.h | 2 +
+ fs/cifs/cifsproto.h | 2 -
+ fs/cifs/connect.c | 58 ++++++++++++++++++++++++++++++++++++++--------------
+ fs/cifs/transport.c | 41 +++++++++++++++++++++++++++---------
+ 4 files changed, 77 insertions(+), 26 deletions(-)
+
+--- a/fs/cifs/cifsglob.h
++++ b/fs/cifs/cifsglob.h
+@@ -141,6 +141,8 @@ struct TCP_Server_Info {
+ char versionMajor;
+ char versionMinor;
+ bool svlocal:1; /* local server or remote */
++ bool noblocksnd; /* use blocking sendmsg */
++ bool noautotune; /* do not autotune send buf sizes */
+ atomic_t socketUseCount; /* number of open cifs sessions on socket */
+ atomic_t inFlight; /* number of requests on the wire to server */
+ #ifdef CONFIG_CIFS_STATS2
+--- a/fs/cifs/cifsproto.h
++++ b/fs/cifs/cifsproto.h
+@@ -36,7 +36,7 @@ extern void cifs_buf_release(void *);
+ extern struct smb_hdr *cifs_small_buf_get(void);
+ extern void cifs_small_buf_release(void *);
+ extern int smb_send(struct socket *, struct smb_hdr *,
+- unsigned int /* length */ , struct sockaddr *);
++ unsigned int /* length */ , struct sockaddr *, bool);
+ extern unsigned int _GetXid(void);
+ extern void _FreeXid(unsigned int);
+ #define GetXid() (int)_GetXid(); cFYI(1,("CIFS VFS: in %s as Xid: %d with uid: %d",__func__, xid,current->fsuid));
+--- a/fs/cifs/connect.c
++++ b/fs/cifs/connect.c
+@@ -90,6 +90,8 @@ struct smb_vol {
+ bool nocase:1; /* request case insensitive filenames */
+ bool nobrl:1; /* disable sending byte range locks to srv */
+ bool seal:1; /* request transport encryption on share */
++ bool noblocksnd:1;
++ bool noautotune:1;
+ unsigned int rsize;
+ unsigned int wsize;
+ unsigned int sockopt;
+@@ -100,9 +102,11 @@ struct smb_vol {
+ static int ipv4_connect(struct sockaddr_in *psin_server,
+ struct socket **csocket,
+ char *netb_name,
+- char *server_netb_name);
++ char *server_netb_name,
++ bool noblocksnd,
++ bool nosndbuf); /* ipv6 never set sndbuf size */
+ static int ipv6_connect(struct sockaddr_in6 *psin_server,
+- struct socket **csocket);
++ struct socket **csocket, bool noblocksnd);
+
+
+ /*
+@@ -188,12 +192,13 @@ cifs_reconnect(struct TCP_Server_Info *s
+ try_to_freeze();
+ if (server->protocolType == IPV6) {
+ rc = ipv6_connect(&server->addr.sockAddr6,
+- &server->ssocket);
++ &server->ssocket, server->noautotune);
+ } else {
+ rc = ipv4_connect(&server->addr.sockAddr,
+ &server->ssocket,
+ server->workstation_RFC1001_name,
+- server->server_RFC1001_name);
++ server->server_RFC1001_name,
++ server->noblocksnd, server->noautotune);
+ }
+ if (rc) {
+ cFYI(1, ("reconnect error %d", rc));
+@@ -409,8 +414,14 @@ incomplete_rcv:
+ msleep(1); /* minimum sleep to prevent looping
+ allowing socket to clear and app threads to set
+ tcpStatus CifsNeedReconnect if server hung */
+- if (pdu_length < 4)
++ if (pdu_length < 4) {
++ iov.iov_base = (4 - pdu_length) +
++ (char *)smb_buffer;
++ iov.iov_len = pdu_length;
++ smb_msg.msg_control = NULL;
++ smb_msg.msg_controllen = 0;
+ goto incomplete_rcv;
++ }
+ else
+ continue;
+ } else if (length <= 0) {
+@@ -1186,6 +1197,10 @@ cifs_parse_mount_options(char *options,
+ /* ignore */
+ } else if (strnicmp(data, "rw", 2) == 0) {
+ vol->rw = true;
++ } else if (strnicmp(data, "noblocksnd", 11) == 0) {
++ vol->noblocksnd = true;
++ } else if (strnicmp(data, "noautotune", 10) == 0) {
++ vol->noautotune = true;
+ } else if ((strnicmp(data, "suid", 4) == 0) ||
+ (strnicmp(data, "nosuid", 6) == 0) ||
+ (strnicmp(data, "exec", 4) == 0) ||
+@@ -1506,7 +1521,8 @@ static void rfc1002mangle(char *target,
+
+ static int
+ ipv4_connect(struct sockaddr_in *psin_server, struct socket **csocket,
+- char *netbios_name, char *target_name)
++ char *netbios_name, char *target_name,
++ bool noblocksnd, bool noautotune)
+ {
+ int rc = 0;
+ int connected = 0;
+@@ -1578,11 +1594,15 @@ ipv4_connect(struct sockaddr_in *psin_se
+ (*csocket)->sk->sk_sndbuf,
+ (*csocket)->sk->sk_rcvbuf, (*csocket)->sk->sk_rcvtimeo));
+ (*csocket)->sk->sk_rcvtimeo = 7 * HZ;
++ if (!noblocksnd)
++ (*csocket)->sk->sk_sndtimeo = 3 * HZ;
+ /* make the bufsizes depend on wsize/rsize and max requests */
+- if ((*csocket)->sk->sk_sndbuf < (200 * 1024))
+- (*csocket)->sk->sk_sndbuf = 200 * 1024;
+- if ((*csocket)->sk->sk_rcvbuf < (140 * 1024))
+- (*csocket)->sk->sk_rcvbuf = 140 * 1024;
++ if (noautotune) {
++ if ((*csocket)->sk->sk_sndbuf < (200 * 1024))
++ (*csocket)->sk->sk_sndbuf = 200 * 1024;
++ if ((*csocket)->sk->sk_rcvbuf < (140 * 1024))
++ (*csocket)->sk->sk_rcvbuf = 140 * 1024;
++ }
+
+ /* send RFC1001 sessinit */
+ if (psin_server->sin_port == htons(RFC1001_PORT)) {
+@@ -1619,7 +1639,7 @@ ipv4_connect(struct sockaddr_in *psin_se
+ /* sizeof RFC1002_SESSION_REQUEST with no scope */
+ smb_buf->smb_buf_length = 0x81000044;
+ rc = smb_send(*csocket, smb_buf, 0x44,
+- (struct sockaddr *)psin_server);
++ (struct sockaddr *)psin_server, noblocksnd);
+ kfree(ses_init_buf);
+ msleep(1); /* RFC1001 layer in at least one server
+ requires very short break before negprot
+@@ -1639,7 +1659,8 @@ ipv4_connect(struct sockaddr_in *psin_se
+ }
+
+ static int
+-ipv6_connect(struct sockaddr_in6 *psin_server, struct socket **csocket)
++ipv6_connect(struct sockaddr_in6 *psin_server, struct socket **csocket,
++ bool noblocksnd)
+ {
+ int rc = 0;
+ int connected = 0;
+@@ -1708,6 +1729,8 @@ ipv6_connect(struct sockaddr_in6 *psin_s
+ the default. sock_setsockopt not used because it expects
+ user space buffer */
+ (*csocket)->sk->sk_rcvtimeo = 7 * HZ;
++ if (!noblocksnd)
++ (*csocket)->sk->sk_sndtimeo = 3 * HZ;
+
+ return rc;
+ }
+@@ -1961,11 +1984,14 @@ cifs_mount(struct super_block *sb, struc
+ cFYI(1, ("attempting ipv6 connect"));
+ /* BB should we allow ipv6 on port 139? */
+ /* other OS never observed in Wild doing 139 with v6 */
+- rc = ipv6_connect(&sin_server6, &csocket);
++ rc = ipv6_connect(&sin_server6, &csocket,
++ volume_info.noblocksnd);
+ } else
+ rc = ipv4_connect(&sin_server, &csocket,
+- volume_info.source_rfc1001_name,
+- volume_info.target_rfc1001_name);
++ volume_info.source_rfc1001_name,
++ volume_info.target_rfc1001_name,
++ volume_info.noblocksnd,
++ volume_info.noautotune);
+ if (rc < 0) {
+ cERROR(1, ("Error connecting to IPv4 socket. "
+ "Aborting operation"));
+@@ -1980,6 +2006,8 @@ cifs_mount(struct super_block *sb, struc
+ sock_release(csocket);
+ goto out;
+ } else {
++ srvTcp->noblocksnd = volume_info.noblocksnd;
++ srvTcp->noautotune = volume_info.noautotune;
+ memcpy(&srvTcp->addr.sockAddr, &sin_server,
+ sizeof(struct sockaddr_in));
+ atomic_set(&srvTcp->inFlight, 0);
+--- a/fs/cifs/transport.c
++++ b/fs/cifs/transport.c
+@@ -162,7 +162,7 @@ void DeleteTconOplockQEntries(struct cif
+
+ int
+ smb_send(struct socket *ssocket, struct smb_hdr *smb_buffer,
+- unsigned int smb_buf_length, struct sockaddr *sin)
++ unsigned int smb_buf_length, struct sockaddr *sin, bool noblocksnd)
+ {
+ int rc = 0;
+ int i = 0;
+@@ -179,7 +179,10 @@ smb_send(struct socket *ssocket, struct
+ smb_msg.msg_namelen = sizeof(struct sockaddr);
+ smb_msg.msg_control = NULL;
+ smb_msg.msg_controllen = 0;
+- smb_msg.msg_flags = MSG_DONTWAIT + MSG_NOSIGNAL; /* BB add more flags?*/
++ if (noblocksnd)
++ smb_msg.msg_flags = MSG_DONTWAIT + MSG_NOSIGNAL;
++ else
++ smb_msg.msg_flags = MSG_NOSIGNAL;
+
+ /* smb header is converted in header_assemble. bcc and rest of SMB word
+ area, and byte area if necessary, is converted to littleendian in
+@@ -230,8 +233,8 @@ smb_send(struct socket *ssocket, struct
+ }
+
+ static int
+-smb_send2(struct socket *ssocket, struct kvec *iov, int n_vec,
+- struct sockaddr *sin)
++smb_send2(struct TCP_Server_Info *server, struct kvec *iov, int n_vec,
++ struct sockaddr *sin, bool noblocksnd)
+ {
+ int rc = 0;
+ int i = 0;
+@@ -241,6 +244,7 @@ smb_send2(struct socket *ssocket, struct
+ unsigned int total_len;
+ int first_vec = 0;
+ unsigned int smb_buf_length = smb_buffer->smb_buf_length;
++ struct socket *ssocket = server->ssocket;
+
+ if (ssocket == NULL)
+ return -ENOTSOCK; /* BB eventually add reconnect code here */
+@@ -249,7 +253,10 @@ smb_send2(struct socket *ssocket, struct
+ smb_msg.msg_namelen = sizeof(struct sockaddr);
+ smb_msg.msg_control = NULL;
+ smb_msg.msg_controllen = 0;
+- smb_msg.msg_flags = MSG_DONTWAIT + MSG_NOSIGNAL; /* BB add more flags?*/
++ if (noblocksnd)
++ smb_msg.msg_flags = MSG_DONTWAIT + MSG_NOSIGNAL;
++ else
++ smb_msg.msg_flags = MSG_NOSIGNAL;
+
+ /* smb header is converted in header_assemble. bcc and rest of SMB word
+ area, and byte area if necessary, is converted to littleendian in
+@@ -313,6 +320,16 @@ smb_send2(struct socket *ssocket, struct
+ i = 0; /* in case we get ENOSPC on the next send */
+ }
+
++ if ((total_len > 0) && (total_len != smb_buf_length + 4)) {
++ cFYI(1, ("partial send (%d remaining), terminating session",
++ total_len));
++ /* If we have only sent part of an SMB then the next SMB
++ could be taken as the remainder of this one. We need
++ to kill the socket so the server throws away the partial
++ SMB */
++ server->tcpStatus = CifsNeedReconnect;
++ }
++
+ if (rc < 0) {
+ cERROR(1, ("Error %d sending data on socket to server", rc));
+ } else
+@@ -519,8 +536,9 @@ SendReceive2(const unsigned int xid, str
+ #ifdef CONFIG_CIFS_STATS2
+ atomic_inc(&ses->server->inSend);
+ #endif
+- rc = smb_send2(ses->server->ssocket, iov, n_vec,
+- (struct sockaddr *) &(ses->server->addr.sockAddr));
++ rc = smb_send2(ses->server, iov, n_vec,
++ (struct sockaddr *) &(ses->server->addr.sockAddr),
++ ses->server->noblocksnd);
+ #ifdef CONFIG_CIFS_STATS2
+ atomic_dec(&ses->server->inSend);
+ midQ->when_sent = jiffies;
+@@ -712,7 +730,8 @@ SendReceive(const unsigned int xid, stru
+ atomic_inc(&ses->server->inSend);
+ #endif
+ rc = smb_send(ses->server->ssocket, in_buf, in_buf->smb_buf_length,
+- (struct sockaddr *) &(ses->server->addr.sockAddr));
++ (struct sockaddr *) &(ses->server->addr.sockAddr),
++ ses->server->noblocksnd);
+ #ifdef CONFIG_CIFS_STATS2
+ atomic_dec(&ses->server->inSend);
+ midQ->when_sent = jiffies;
+@@ -852,7 +871,8 @@ send_nt_cancel(struct cifsTconInfo *tcon
+ return rc;
+ }
+ rc = smb_send(ses->server->ssocket, in_buf, in_buf->smb_buf_length,
+- (struct sockaddr *) &(ses->server->addr.sockAddr));
++ (struct sockaddr *) &(ses->server->addr.sockAddr),
++ ses->server->noblocksnd);
+ up(&ses->server->tcpSem);
+ return rc;
+ }
+@@ -942,7 +962,8 @@ SendReceiveBlockingLock(const unsigned i
+ atomic_inc(&ses->server->inSend);
+ #endif
+ rc = smb_send(ses->server->ssocket, in_buf, in_buf->smb_buf_length,
+- (struct sockaddr *) &(ses->server->addr.sockAddr));
++ (struct sockaddr *) &(ses->server->addr.sockAddr),
++ ses->server->noblocksnd);
+ #ifdef CONFIG_CIFS_STATS2
+ atomic_dec(&ses->server->inSend);
+ midQ->when_sent = jiffies;
--- /dev/null
+From stefanr@s5r6.in-berlin.de Wed Dec 3 09:10:11 2008
+From: Stefan Richter <stefanr@s5r6.in-berlin.de>
+Date: Mon, 1 Dec 2008 21:19:52 +0100 (CET)
+Subject: firewire: fw-sbp2: another iPod mini quirk entry
+To: stable@kernel.org
+Message-ID: <tkrat.59c027a3f5936168@s5r6.in-berlin.de>
+
+From: Stefan Richter <stefanr@s5r6.in-berlin.de>
+
+commit 031bb27c4bf77c2f60b3f3dea8cce63ef0d1fba9 upstream.
+
+Add another model ID of a broken firmware to prevent early I/O errors
+by acesses at the end of the disk. Reported at linux1394-user,
+http://marc.info/?t=122670842900002
+
+Signed-off-by: Stefan Richter <stefanr@s5r6.in-berlin.de>
+Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
+
+---
+ drivers/firewire/fw-sbp2.c | 5 +++++
+ 1 file changed, 5 insertions(+)
+
+--- a/drivers/firewire/fw-sbp2.c
++++ b/drivers/firewire/fw-sbp2.c
+@@ -365,6 +365,11 @@ static const struct {
+ },
+ /* iPod mini */ {
+ .firmware_revision = 0x0a2700,
++ .model = 0x000022,
++ .workarounds = SBP2_WORKAROUND_FIX_CAPACITY,
++ },
++ /* iPod mini */ {
++ .firmware_revision = 0x0a2700,
+ .model = 0x000023,
+ .workarounds = SBP2_WORKAROUND_FIX_CAPACITY,
+ },
--- /dev/null
+From rdreier@cisco.com Wed Dec 3 09:10:56 2008
+From: Jack Morgenstein <jackm@dev.mellanox.co.il>
+Date: Mon, 01 Dec 2008 20:58:01 -0800
+Subject: IB/mlx4: Fix MTT leakage in resize CQ
+To: stable@kernel.org
+Cc: Jack Morgenstein <jackm@dev.mellanox.co.il>
+Message-ID: <adaoczv9ns6.fsf@cisco.com>
+
+
+From: Jack Morgenstein <jackm@dev.mellanox.co.il>
+
+commit 42ab01c31526ac1d06d193f81a498bf3cf2acfe4 upstream.
+
+When resizing a CQ, MTTs associated with the old CQE buffer were not
+freed. As a result, if any app used resize CQ repeatedly, all MTTs
+were eventually exhausted, which led to all memory registration
+operations failing until the driver is reloaded.
+
+Once the RESIZE_CQ command returns successfully from FW, FW no longer
+accesses the old CQ buffer, so it is safe to deallocate the MTT
+entries used by the old CQ buffer.
+
+Finally, if the RESIZE_CQ command fails, the MTTs allocated for the
+new CQEs buffer also need to be de-allocated.
+
+This fixes <https://bugs.openfabrics.org/show_bug.cgi?id=1416>.
+
+Signed-off-by: Jack Morgenstein <jackm@dev.mellanox.co.il>
+Signed-off-by: Roland Dreier <rolandd@cisco.com>
+Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
+
+---
+ drivers/infiniband/hw/mlx4/cq.c | 5 +++++
+ 1 file changed, 5 insertions(+)
+
+--- a/drivers/infiniband/hw/mlx4/cq.c
++++ b/drivers/infiniband/hw/mlx4/cq.c
+@@ -343,6 +343,7 @@ int mlx4_ib_resize_cq(struct ib_cq *ibcq
+ {
+ struct mlx4_ib_dev *dev = to_mdev(ibcq->device);
+ struct mlx4_ib_cq *cq = to_mcq(ibcq);
++ struct mlx4_mtt mtt;
+ int outst_cqe;
+ int err;
+
+@@ -376,10 +377,13 @@ int mlx4_ib_resize_cq(struct ib_cq *ibcq
+ goto out;
+ }
+
++ mtt = cq->buf.mtt;
++
+ err = mlx4_cq_resize(dev->dev, &cq->mcq, entries, &cq->resize_buf->buf.mtt);
+ if (err)
+ goto err_buf;
+
++ mlx4_mtt_cleanup(dev->dev, &mtt);
+ if (ibcq->uobject) {
+ cq->buf = cq->resize_buf->buf;
+ cq->ibcq.cqe = cq->resize_buf->cqe;
+@@ -406,6 +410,7 @@ int mlx4_ib_resize_cq(struct ib_cq *ibcq
+ goto out;
+
+ err_buf:
++ mlx4_mtt_cleanup(dev->dev, &cq->resize_buf->buf.mtt);
+ if (!ibcq->uobject)
+ mlx4_ib_free_cq_buf(dev, &cq->resize_buf->buf,
+ cq->resize_buf->cqe);
--- /dev/null
+From stefanr@s5r6.in-berlin.de Wed Dec 3 09:09:46 2008
+From: Stefan Richter <stefanr@s5r6.in-berlin.de>
+Date: Mon, 1 Dec 2008 21:18:48 +0100 (CET)
+Subject: ieee1394: sbp2: another iPod mini quirk entry
+To: stable@kernel.org
+Message-ID: <tkrat.2a2aa2994c862f9e@s5r6.in-berlin.de>
+
+From: Stefan Richter <stefanr@s5r6.in-berlin.de>
+
+commit 9e0de91011ef6fe6eb3bb63f7ea15f586955660a upstream.
+
+Add another model ID of a broken firmware to prevent early I/O errors
+by acesses at the end of the disk. Reported at linux1394-user,
+http://marc.info/?t=122670842900002
+
+Signed-off-by: Stefan Richter <stefanr@s5r6.in-berlin.de>
+Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
+
+---
+ drivers/ieee1394/sbp2.c | 5 +++++
+ 1 file changed, 5 insertions(+)
+
+--- a/drivers/ieee1394/sbp2.c
++++ b/drivers/ieee1394/sbp2.c
+@@ -402,6 +402,11 @@ static const struct {
+ },
+ /* iPod mini */ {
+ .firmware_revision = 0x0a2700,
++ .model_id = 0x000022,
++ .workarounds = SBP2_WORKAROUND_FIX_CAPACITY,
++ },
++ /* iPod mini */ {
++ .firmware_revision = 0x0a2700,
+ .model_id = 0x000023,
+ .workarounds = SBP2_WORKAROUND_FIX_CAPACITY,
+ },
--- /dev/null
+From 6a6b97d360702b98c02c7fca4c4e088dcf3a2985 Mon Sep 17 00:00:00 2001
+From: Tejun Heo <tj@kernel.org>
+Date: Thu, 13 Nov 2008 10:04:46 +0900
+Subject: libata: improve phantom device detection
+
+From: Tejun Heo <tj@kernel.org>
+
+commit 6a6b97d360702b98c02c7fca4c4e088dcf3a2985 upstream.
+
+Currently libata uses four methods to detect device presence.
+
+1. PHY status if available.
+2. TF register R/W test (only promotes presence, never demotes)
+3. device signature after reset
+4. IDENTIFY failure detection in SFF state machine
+
+Combination of the above works well in most cases but recently there
+have been a few reports where a phantom device causes unnecessary
+delay during probe. In both cases, PHY status wasn't available. In
+one case, it passed #2 and #3 and failed IDENTIFY with ATA_ERR which
+didn't qualify as #4. The other failed #2 but as it passed #3 and #4,
+it still caused failure.
+
+In both cases, phantom device reported diagnostic failure, so these
+cases can be safely worked around by considering any !ATA_DRQ IDENTIFY
+failure as NODEV_HINT if diagnostic failure is set.
+
+Signed-off-by: Tejun Heo <tj@kernel.org>
+Signed-off-by: Jeff Garzik <jgarzik@redhat.com>
+Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
+
+---
+ drivers/ata/libata-sff.c | 13 +++++++++++--
+ 1 file changed, 11 insertions(+), 2 deletions(-)
+
+--- a/drivers/ata/libata-sff.c
++++ b/drivers/ata/libata-sff.c
+@@ -1227,10 +1227,19 @@ fsm_start:
+ /* ATA PIO protocol */
+ if (unlikely((status & ATA_DRQ) == 0)) {
+ /* handle BSY=0, DRQ=0 as error */
+- if (likely(status & (ATA_ERR | ATA_DF)))
++ if (likely(status & (ATA_ERR | ATA_DF))) {
+ /* device stops HSM for abort/error */
+ qc->err_mask |= AC_ERR_DEV;
+- else {
++
++ /* If diagnostic failed and this is
++ * IDENTIFY, it's likely a phantom
++ * device. Mark hint.
++ */
++ if (qc->dev->horkage &
++ ATA_HORKAGE_DIAGNOSTIC)
++ qc->err_mask |=
++ AC_ERR_NODEV_HINT;
++ } else {
+ /* HSM violation. Let EH handle this.
+ * Phantom devices also trigger this
+ * condition. Mark hint.
--- /dev/null
+From 5f23b734963ec7eaa3ebcd9050da0c9b7d143dd3 Mon Sep 17 00:00:00 2001
+From: dann frazier <dannf@hp.com>
+Date: Wed, 26 Nov 2008 15:32:27 -0800
+Subject: net: Fix soft lockups/OOM issues w/ unix garbage collector (CVE-2008-5300)
+
+From: dann frazier <dannf@hp.com>
+
+commit 5f23b734963ec7eaa3ebcd9050da0c9b7d143dd3 upstream.
+
+This is an implementation of David Miller's suggested fix in:
+ https://bugzilla.redhat.com/show_bug.cgi?id=470201
+
+It has been updated to use wait_event() instead of
+wait_event_interruptible().
+
+Paraphrasing the description from the above report, it makes sendmsg()
+block while UNIX garbage collection is in progress. This avoids a
+situation where child processes continue to queue new FDs over a
+AF_UNIX socket to a parent which is in the exit path and running
+garbage collection on these FDs. This contention can result in soft
+lockups and oom-killing of unrelated processes.
+
+Signed-off-by: dann frazier <dannf@hp.com>
+Signed-off-by: David S. Miller <davem@davemloft.net>
+Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
+
+---
+ include/net/af_unix.h | 1 +
+ net/unix/af_unix.c | 2 ++
+ net/unix/garbage.c | 13 ++++++++++---
+ 3 files changed, 13 insertions(+), 3 deletions(-)
+
+--- a/include/net/af_unix.h
++++ b/include/net/af_unix.h
+@@ -9,6 +9,7 @@
+ extern void unix_inflight(struct file *fp);
+ extern void unix_notinflight(struct file *fp);
+ extern void unix_gc(void);
++extern void wait_for_unix_gc(void);
+
+ #define UNIX_HASH_SIZE 256
+
+--- a/net/unix/af_unix.c
++++ b/net/unix/af_unix.c
+@@ -1341,6 +1341,7 @@ static int unix_dgram_sendmsg(struct kio
+
+ if (NULL == siocb->scm)
+ siocb->scm = &tmp_scm;
++ wait_for_unix_gc();
+ err = scm_send(sock, msg, siocb->scm);
+ if (err < 0)
+ return err;
+@@ -1491,6 +1492,7 @@ static int unix_stream_sendmsg(struct ki
+
+ if (NULL == siocb->scm)
+ siocb->scm = &tmp_scm;
++ wait_for_unix_gc();
+ err = scm_send(sock, msg, siocb->scm);
+ if (err < 0)
+ return err;
+--- a/net/unix/garbage.c
++++ b/net/unix/garbage.c
+@@ -80,6 +80,7 @@
+ #include <linux/file.h>
+ #include <linux/proc_fs.h>
+ #include <linux/mutex.h>
++#include <linux/wait.h>
+
+ #include <net/sock.h>
+ #include <net/af_unix.h>
+@@ -91,6 +92,7 @@
+ static LIST_HEAD(gc_inflight_list);
+ static LIST_HEAD(gc_candidates);
+ static DEFINE_SPINLOCK(unix_gc_lock);
++static DECLARE_WAIT_QUEUE_HEAD(unix_gc_wait);
+
+ unsigned int unix_tot_inflight;
+
+@@ -266,12 +268,16 @@ static void inc_inflight_move_tail(struc
+ list_move_tail(&u->link, &gc_candidates);
+ }
+
+-/* The external entry point: unix_gc() */
++static bool gc_in_progress = false;
+
+-void unix_gc(void)
++void wait_for_unix_gc(void)
+ {
+- static bool gc_in_progress = false;
++ wait_event(unix_gc_wait, gc_in_progress == false);
++}
+
++/* The external entry point: unix_gc() */
++void unix_gc(void)
++{
+ struct unix_sock *u;
+ struct unix_sock *next;
+ struct sk_buff_head hitlist;
+@@ -376,6 +382,7 @@ void unix_gc(void)
+ /* All candidates should have been detached by now. */
+ BUG_ON(!list_empty(&gc_candidates));
+ gc_in_progress = false;
++ wake_up(&unix_gc_wait);
+
+ out:
+ spin_unlock(&unix_gc_lock);
--- /dev/null
+From 6747c2ee8abf749e63fee8cd01a9ee293e6a4247 Mon Sep 17 00:00:00 2001
+From: Kou Ishizaki <kou.ishizaki@toshiba.co.jp>
+Date: Thu, 9 Oct 2008 10:45:49 +1100
+Subject: powerpc/spufs: add a missing mutex_unlock
+
+From: Kou Ishizaki <kou.ishizaki@toshiba.co.jp>
+
+commit 6747c2ee8abf749e63fee8cd01a9ee293e6a4247 upstream.
+
+A mutex_unlock(&gang->aff_mutex) in spufs_create_context() is missing
+in case spufs_context_open() fails. As a result, spu_create syscall
+and spu_get_idle() may block.
+
+This patch adds the mutex_unlock.
+
+Signed-off-by: Kou Ishizaki <kou.ishizaki@toshiba.co.jp>
+Signed-off-by: Jeremy Kerr <jk@ozlabs.org>
+Acked-by: Andre Detsch <adetsch@br.ibm.com>
+Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
+
+---
+ arch/powerpc/platforms/cell/spufs/inode.c | 2 ++
+ 1 file changed, 2 insertions(+)
+
+--- a/arch/powerpc/platforms/cell/spufs/inode.c
++++ b/arch/powerpc/platforms/cell/spufs/inode.c
+@@ -496,6 +496,8 @@ spufs_create_context(struct inode *inode
+ ret = spufs_context_open(dget(dentry), mntget(mnt));
+ if (ret < 0) {
+ WARN_ON(spufs_rmdir(inode, dentry));
++ if (affinity)
++ mutex_unlock(&gang->aff_mutex);
+ mutex_unlock(&inode->i_mutex);
+ spu_forget(SPUFS_I(dentry->d_inode)->i_ctx);
+ goto out;
--- /dev/null
+From 606572634c3faa5b32a8fc430266e6e9d78d2179 Mon Sep 17 00:00:00 2001
+From: Jeremy Kerr <jk@ozlabs.org>
+Date: Tue, 11 Nov 2008 10:22:22 +1100
+Subject: powerpc/spufs: Fix spinning in spufs_ps_fault on signal
+
+From: Jeremy Kerr <jk@ozlabs.org>
+
+commit 606572634c3faa5b32a8fc430266e6e9d78d2179 upstream.
+
+Currently, we can end up in an infinite loop if we get a signal
+while the kernel has faulted in spufs_ps_fault. Eg:
+
+ alarm(1);
+
+ write(fd, some_spu_psmap_register_address, 4);
+
+- the write's copy_from_user will fault on the ps mapping, and
+signal_pending will be non-zero. Because returning from the fault
+handler will never clear TIF_SIGPENDING, so we'll just keep faulting,
+resulting in an unkillable process using 100% of CPU.
+
+This change returns VM_FAULT_SIGBUS if there's a fatal signal pending,
+letting us escape the loop.
+
+Signed-off-by: Jeremy Kerr <jk@ozlabs.org>
+Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
+
+---
+ arch/powerpc/platforms/cell/spufs/file.c | 3 +++
+ 1 file changed, 3 insertions(+)
+
+--- a/arch/powerpc/platforms/cell/spufs/file.c
++++ b/arch/powerpc/platforms/cell/spufs/file.c
+@@ -390,6 +390,9 @@ static int spufs_ps_fault(struct vm_area
+ if (offset >= ps_size)
+ return VM_FAULT_SIGBUS;
+
++ if (fatal_signal_pending(current))
++ return VM_FAULT_SIGBUS;
++
+ /*
+ * Because we release the mmap_sem, the context may be destroyed while
+ * we're in spu_wait. Grab an extra reference so it isn't destroyed
--- /dev/null
+From galak@kernel.crashing.org Wed Dec 3 09:03:52 2008
+From: Kumar Gala <galak@kernel.crashing.org>
+Date: Tue, 18 Nov 2008 07:17:24 -0600 (CST)
+Subject: Remove -mno-spe flags as they dont belong
+To: Greg KH <greg@kroah.com>
+Cc: stable@kernel.org
+Message-ID: <Pine.LNX.4.64.0811180717180.28154@blarg.am.freescale.net>
+
+From: Kumar Gala <galak@kernel.crashing.org>
+
+commit 65ecc14a30ad21bed9aabdfd6a2ae1a1aaaa6a00 upstream, tweaked to get
+it to apply to 2.6.27
+
+For some unknown reason at Steven Rostedt added in disabling of the SPE
+instruction generation for e500 based PPC cores in commit
+6ec562328fda585be2d7f472cfac99d3b44d362a.
+
+We are removing it because:
+
+1. It generates e500 kernels that don't work
+2. its not the correct set of flags to do this
+3. we handle this in the arch/powerpc/Makefile already
+4. its unknown in talking to Steven why he did this
+
+Signed-off-by: Kumar Gala <galak@kernel.crashing.org>
+Tested-and-Acked-by: Steven Rostedt <srostedt@redhat.com>
+Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
+Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
+
+---
+ kernel/Makefile | 4 +---
+ 1 file changed, 1 insertion(+), 3 deletions(-)
+
+--- a/kernel/Makefile
++++ b/kernel/Makefile
+@@ -11,8 +11,6 @@ obj-y = sched.o fork.o exec_domain.o
+ hrtimer.o rwsem.o nsproxy.o srcu.o semaphore.o \
+ notifier.o ksysfs.o pm_qos_params.o sched_clock.o
+
+-CFLAGS_REMOVE_sched.o = -mno-spe
+-
+ ifdef CONFIG_FTRACE
+ # Do not trace debug files and internal ftrace files
+ CFLAGS_REMOVE_lockdep.o = -pg
+@@ -21,7 +19,7 @@ CFLAGS_REMOVE_mutex-debug.o = -pg
+ CFLAGS_REMOVE_rtmutex-debug.o = -pg
+ CFLAGS_REMOVE_cgroup-debug.o = -pg
+ CFLAGS_REMOVE_sched_clock.o = -pg
+-CFLAGS_REMOVE_sched.o = -mno-spe -pg
++CFLAGS_REMOVE_sched.o = -pg
+ endif
+
+ obj-$(CONFIG_PROFILING) += profile.o
libata-blacklist-seagate-drives-which-time-out-flush_cache-when-used-with-ncq.patch
rtl8187-add-device-id-0bda-8198.patch
rtl8187-add-usb-id-for-belkin-f5d7050-with-rtl8187b-chip.patch
+cifs-reduce-number-of-socket-retries-in-large-write-path.patch
+cifs-fix-error-in-smb_send2.patch
+powerpc-spufs-fix-spinning-in-spufs_ps_fault-on-signal.patch
+powerpc-spufs-add-a-missing-mutex_unlock.patch
+watchdog-hpwdt-set-the-mapped-bios-address-space-as-executable.patch
+watchdog-hpwdt-fix-kdump-when-using-hpwdt.patch
+remove-mno-spe-flags-as-they-dont-belong.patch
+acpi-ec-count-interrupts-only-if-called-from-interrupt-handler.patch
+ieee1394-sbp2-another-ipod-mini-quirk-entry.patch
+firewire-fw-sbp2-another-ipod-mini-quirk-entry.patch
+ib-mlx4-fix-mtt-leakage-in-resize-cq.patch
+net-fix-soft-lockups-oom-issues-w-unix-garbage-collector.patch
+libata-improve-phantom-device-detection.patch
--- /dev/null
+From 290172e79036fc25a22aaf3da4835ee634886183 Mon Sep 17 00:00:00 2001
+From: Bernhard Walle <bwalle@suse.de>
+Date: Sun, 26 Oct 2008 15:59:37 +0100
+Subject: WATCHDOG: hpwdt: Fix kdump when using hpwdt
+
+From: Bernhard Walle <bwalle@suse.de>
+
+commit 290172e79036fc25a22aaf3da4835ee634886183 upstream.
+
+When the "hpwdt" module is loaded (even if the /dev/watchdog device is not
+opened), then kdump does not work. The panic kernel either does not start at
+all or crash in various places.
+
+The problem is that hpwdt_pretimeout is registered with register_die_notifier()
+with the highest possible priority. Because it returns NOTIFY_STOP, the
+crash_nmi_callback which is also registered with register_die_notifier()
+is never executed. This causes the shutdown of other CPUs to fail.
+
+Reverting the order is no option: The crash_nmi_callback executes HLT
+and so never returns normally. Because of that, it must be executed as
+last notifier, which currently is done.
+
+So, that patch returns NOTIFY_OK to keep the crash_nmi_callback executed.
+
+Signed-off-by: Bernhard Walle <bwalle@suse.de>
+Signed-off-by: Wim Van Sebroeck <wim@iguana.be>
+Signed-off-by: Thomas Mingarelli <thomas.mingarelli@hp.com>
+Cc: Vivek Goyal <vgoyal@redhat.com>
+Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
+
+---
+ drivers/watchdog/hpwdt.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+--- a/drivers/watchdog/hpwdt.c
++++ b/drivers/watchdog/hpwdt.c
+@@ -485,7 +485,7 @@ static int hpwdt_pretimeout(struct notif
+ "Management Log for details.\n");
+ }
+
+- return NOTIFY_STOP;
++ return NOTIFY_OK;
+ }
+
+ /*
--- /dev/null
+From 060264133b946786b4b28a1ba79e6725eaf258f3 Mon Sep 17 00:00:00 2001
+From: Bernhard Walle <bwalle@suse.de>
+Date: Fri, 14 Nov 2008 15:47:03 +0100
+Subject: WATCHDOG: hpwdt: set the mapped BIOS address space as executable
+
+From: Bernhard Walle <bwalle@suse.de>
+
+commit 060264133b946786b4b28a1ba79e6725eaf258f3 upstream.
+
+The address provided by the SMBIOS/DMI CRU information is mapped via
+ioremap() in the virtual address space. However, since the address is
+executed (i.e. call'd), we need to set that pages as executable.
+
+Without that, I get following oops on a HP ProLiant DL385 G2
+machine with BIOS from 05/29/2008 when I trigger crashdump:
+
+ BUG: unable to handle kernel paging request at ffffc20011090c00
+ IP: [<ffffc20011090c00>] 0xffffc20011090c00
+ PGD 12f813067 PUD 7fe6a067 PMD 7effe067 PTE 80000000fffd3173
+ Oops: 0011 [1] SMP
+ last sysfs file: /sys/devices/system/cpu/cpu3/cache/index2/shared_cpu_map
+ CPU 1
+ Modules linked in: autofs4 ipv6 af_packet cpufreq_conservative cpufreq_userspace
+ cpufreq_powersave powernow_k8 fuse loop dm_mod rtc_cmos ipmi_si sg rtc_core i2c
+ _piix4 ipmi_msghandler bnx2 sr_mod container button i2c_core hpilo joydev pcspkr
+ rtc_lib shpchp hpwdt cdrom pci_hotplug usbhid hid ff_memless ohci_hcd ehci_hcd
+ uhci_hcd usbcore edd ext3 mbcache jbd fan ide_pci_generic serverworks ide_core p
+ ata_serverworks pata_acpi cciss ata_generic libata scsi_mod dock thermal process
+ or thermal_sys hwmon
+ Supported: Yes
+ Pid: 0, comm: swapper Not tainted 2.6.27.5-HEAD_20081111100657-default #1
+ RIP: 0010:[<ffffc20011090c00>] [<ffffc20011090c00>] 0xffffc20011090c00
+ RSP: 0018:ffff88012f6f9e68 EFLAGS: 00010046
+ RAX: 0000000000000d02 RBX: 0000000000000000 RCX: 0000000000000000
+ RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
+ RBP: ffff88012f6f9e98 R08: 666666666666660a R09: ffffffffa1006fc0
+ R10: 0000000000000000 R11: ffff88012f6f3ea8 R12: ffffc20011090c00
+ R13: ffff88012f6f9ee8 R14: 000000000000000e R15: 0000000000000000
+ FS: 00007ff70b29a6f0(0000) GS:ffff88012f6512c0(0000) knlGS:0000000000000000
+ CS: 0010 DS: 0018 ES: 0018 CR0: 000000008005003b
+ CR2: ffffc20011090c00 CR3: 0000000000201000 CR4: 00000000000006e0
+ DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
+ DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000400
+ Process swapper (pid: 0, threadinfo ffff88012f6f2000, task ffff88007fa8a1c0)
+ Stack: ffffffffa0f8502b 0000000000000002 ffffffff80738d50 0000000000000000
+ 0000000000000046 0000000000000046 00000000fffffffe ffffffffa0f852ec
+ 0000000000000000 ffffffff804ad9a6 0000000000000000 0000000000000000
+ Call Trace:
+ Inexact backtrace:
+
+ <NMI> [<ffffffffa0f8502b>] ? asminline_call+0x2b/0x55 [hpwdt]
+ [<ffffffffa0f852ec>] hpwdt_pretimeout+0x3c/0xa0 [hpwdt]
+ [<ffffffff804ad9a6>] ? notifier_call_chain+0x29/0x4c
+ [<ffffffff802587e4>] ? notify_die+0x2d/0x32
+ [<ffffffff804abbdc>] ? default_do_nmi+0x53/0x1d9
+ [<ffffffff804abd90>] ? do_nmi+0x2e/0x43
+ [<ffffffff804ab552>] ? nmi+0xa2/0xd0
+ [<ffffffff80221ef9>] ? native_safe_halt+0x2/0x3
+ <<EOE>> [<ffffffff8021345d>] ? default_idle+0x38/0x54
+ [<ffffffff8021359a>] ? c1e_idle+0x118/0x11c
+ [<ffffffff8020b3b5>] ? cpu_idle+0xa9/0xf1
+
+ Code: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff <55> 50 e8 00 00 00 00 58 48 2d 07 10 40 00 48 8b e8 58 e9 68 02
+ RIP [<ffffc20011090c00>] 0xffffc20011090c00
+ RSP <ffff88012f6f9e68>
+ CR2: ffffc20011090c00
+ Kernel panic - not syncing: Fatal exception
+
+Signed-off-by: Bernhard Walle <bwalle@suse.de>
+Signed-off-by: Wim Van Sebroeck <wim@iguana.be>
+Cc: Ingo Molnar <mingo@elte.hu>
+Acked-by: "H. Peter Anvin" <hpa@zytor.com>
+Signed-off-by: Thomas Mingarelli <Thomas.Mingarelli@hp.com>
+Cc: Alan Cox <alan@redhat.com>
+Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
+Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
+
+---
+ drivers/watchdog/hpwdt.c | 3 +++
+ 1 file changed, 3 insertions(+)
+
+--- a/drivers/watchdog/hpwdt.c
++++ b/drivers/watchdog/hpwdt.c
+@@ -40,6 +40,7 @@
+ #include <linux/bootmem.h>
+ #include <linux/slab.h>
+ #include <asm/desc.h>
++#include <asm/cacheflush.h>
+
+ #define PCI_BIOS32_SD_VALUE 0x5F32335F /* "_32_" */
+ #define CRU_BIOS_SIGNATURE_VALUE 0x55524324
+@@ -394,6 +395,8 @@ static void __devinit dmi_find_cru(const
+ smbios_cru64_ptr->double_offset;
+ cru_rom_addr = ioremap(cru_physical_address,
+ smbios_cru64_ptr->double_length);
++ set_memory_x((unsigned long)cru_rom_addr & PAGE_MASK,
++ smbios_cru64_ptr->double_length >> PAGE_SHIFT);
+ }
+ }
+ }
projects / thirdparty / kernel / stable-queue.git / commitdiff
