--- /dev/null
+From f0c4b8d653f5ee091fb8d4d02ed7eaad397491bb Mon Sep 17 00:00:00 2001
+From: Will Deacon <will.deacon@arm.com>
+Date: Fri, 20 Apr 2012 17:20:08 +0100
+Subject: ARM: 7396/1: errata: only handle ARM erratum #326103 on affected cores
+
+From: Will Deacon <will.deacon@arm.com>
+
+commit f0c4b8d653f5ee091fb8d4d02ed7eaad397491bb upstream.
+
+Erratum #326103 ("FSR write bit incorrect on a SWP to read-only memory")
+only affects the ARM 1136 core prior to r1p0. The workaround
+disassembles the faulting instruction to determine whether it was a read
+or write access on all v6 cores.
+
+An issue has been reported on the ARM 11MPCore whereby loading the
+faulting instruction may happen in parallel with that page being
+unmapped, resulting in a deadlock due to the lack of TLB broadcasting
+in hardware:
+
+http://lists.infradead.org/pipermail/linux-arm-kernel/2012-March/091561.html
+
+This patch limits the workaround so that it is only used on affected
+cores, which are known to be UP only. Other v6 cores can rely on the
+FSR to indicate the access type correctly.
+
+Signed-off-by: Will Deacon <will.deacon@arm.com>
+Signed-off-by: Russell King <rmk+kernel@arm.linux.org.uk>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ arch/arm/Kconfig | 9 +++++++++
+ arch/arm/mm/abort-ev6.S | 17 +++++++++++------
+ 2 files changed, 20 insertions(+), 6 deletions(-)
+
+--- a/arch/arm/Kconfig
++++ b/arch/arm/Kconfig
+@@ -1163,6 +1163,15 @@ if !MMU
+ source "arch/arm/Kconfig-nommu"
+ endif
+
++config ARM_ERRATA_326103
++ bool "ARM errata: FSR write bit incorrect on a SWP to read-only memory"
++ depends on CPU_V6
++ help
++ Executing a SWP instruction to read-only memory does not set bit 11
++ of the FSR on the ARM 1136 prior to r1p0. This causes the kernel to
++ treat the access as a read, preventing a COW from occurring and
++ causing the faulting task to livelock.
++
+ config ARM_ERRATA_411920
+ bool "ARM errata: Invalidation of the Instruction Cache operation can fail"
+ depends on CPU_V6 || CPU_V6K
+--- a/arch/arm/mm/abort-ev6.S
++++ b/arch/arm/mm/abort-ev6.S
+@@ -26,18 +26,23 @@ ENTRY(v6_early_abort)
+ mrc p15, 0, r1, c5, c0, 0 @ get FSR
+ mrc p15, 0, r0, c6, c0, 0 @ get FAR
+ /*
+- * Faulty SWP instruction on 1136 doesn't set bit 11 in DFSR (erratum 326103).
+- * The test below covers all the write situations, including Java bytecodes
++ * Faulty SWP instruction on 1136 doesn't set bit 11 in DFSR.
+ */
+- bic r1, r1, #1 << 11 @ clear bit 11 of FSR
++#ifdef CONFIG_ARM_ERRATA_326103
++ ldr ip, =0x4107b36
++ mrc p15, 0, r3, c0, c0, 0 @ get processor id
++ teq ip, r3, lsr #4 @ r0 ARM1136?
++ bne do_DataAbort
+ tst r5, #PSR_J_BIT @ Java?
++ tsteq r5, #PSR_T_BIT @ Thumb?
+ bne do_DataAbort
+- do_thumb_abort fsr=r1, pc=r4, psr=r5, tmp=r3
+- ldreq r3, [r4] @ read aborted ARM instruction
++ bic r1, r1, #1 << 11 @ clear bit 11 of FSR
++ ldr r3, [r4] @ read aborted ARM instruction
+ #ifdef CONFIG_CPU_ENDIAN_BE8
+- reveq r3, r3
++ rev r3, r3
+ #endif
+ do_ldrd_abort tmp=ip, insn=r3
+ tst r3, #1 << 20 @ L = 0 -> write
+ orreq r1, r1, #1 << 11 @ yes.
++#endif
+ b do_DataAbort
--- /dev/null
+From 6a1c53124aa161eb624ce7b1e40ade728186d34c Mon Sep 17 00:00:00 2001
+From: Will Deacon <will.deacon@arm.com>
+Date: Fri, 27 Apr 2012 12:45:07 +0100
+Subject: ARM: 7403/1: tls: remove covert channel via TPIDRURW
+
+From: Will Deacon <will.deacon@arm.com>
+
+commit 6a1c53124aa161eb624ce7b1e40ade728186d34c upstream.
+
+TPIDRURW is a user read/write register forming part of the group of
+thread registers in more recent versions of the ARM architecture (~v6+).
+
+Currently, the kernel does not touch this register, which allows tasks
+to communicate covertly by reading and writing to the register without
+context-switching affecting its contents.
+
+This patch clears TPIDRURW when TPIDRURO is updated via the set_tls
+macro, which is called directly from __switch_to. Since the current
+behaviour makes the register useless to userspace as far as thread
+pointers are concerned, simply clearing the register (rather than saving
+and restoring it) will not cause any problems to userspace.
+
+Signed-off-by: Will Deacon <will.deacon@arm.com>
+Signed-off-by: Russell King <rmk+kernel@arm.linux.org.uk>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ arch/arm/include/asm/tls.h | 4 ++++
+ 1 file changed, 4 insertions(+)
+
+--- a/arch/arm/include/asm/tls.h
++++ b/arch/arm/include/asm/tls.h
+@@ -7,6 +7,8 @@
+
+ .macro set_tls_v6k, tp, tmp1, tmp2
+ mcr p15, 0, \tp, c13, c0, 3 @ set TLS register
++ mov \tmp1, #0
++ mcr p15, 0, \tmp1, c13, c0, 2 @ clear user r/w TLS register
+ .endm
+
+ .macro set_tls_v6, tp, tmp1, tmp2
+@@ -15,6 +17,8 @@
+ mov \tmp2, #0xffff0fff
+ tst \tmp1, #HWCAP_TLS @ hardware TLS available?
+ mcrne p15, 0, \tp, c13, c0, 3 @ yes, set TLS register
++ movne \tmp1, #0
++ mcrne p15, 0, \tmp1, c13, c0, 2 @ clear user r/w TLS register
+ streq \tp, [\tmp2, #-15] @ set TLS value at 0xffff0ff0
+ .endm
+
--- /dev/null
+From 5e7371ded05adfcfcee44a8bc070bfc37979b8f2 Mon Sep 17 00:00:00 2001
+From: Will Deacon <will.deacon@arm.com>
+Date: Fri, 27 Apr 2012 12:56:24 +0100
+Subject: ARM: 7406/1: hotplug: copy the affinity mask when forcefully migrating IRQs
+
+From: Will Deacon <will.deacon@arm.com>
+
+commit 5e7371ded05adfcfcee44a8bc070bfc37979b8f2 upstream.
+
+When a CPU is hotplugged off, we migrate any IRQs currently affine to it
+away and onto another online CPU by calling the irq_set_affinity
+function of the relevant interrupt controller chip. This function
+returns either IRQ_SET_MASK_OK or IRQ_SET_MASK_OK_NOCOPY, to indicate
+whether irq_data.affinity was updated.
+
+If we are forcefully migrating an interrupt (because the affinity mask
+no longer identifies any online CPUs) then we should update the IRQ
+affinity mask to reflect the new CPU set. Failure to do so can
+potentially leave /proc/irq/n/smp_affinity identifying only offline
+CPUs, which may confuse userspace IRQ balancing daemons.
+
+This patch updates migrate_one_irq to copy the affinity mask when
+the interrupt chip returns IRQ_SET_MASK_OK after forcefully changing the
+affinity of an interrupt.
+
+Reported-by: Leif Lindholm <leif.lindholm@arm.com>
+Signed-off-by: Will Deacon <will.deacon@arm.com>
+Signed-off-by: Russell King <rmk+kernel@arm.linux.org.uk>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ arch/arm/kernel/irq.c | 6 +++---
+ 1 file changed, 3 insertions(+), 3 deletions(-)
+
+--- a/arch/arm/kernel/irq.c
++++ b/arch/arm/kernel/irq.c
+@@ -156,10 +156,10 @@ static bool migrate_one_irq(struct irq_d
+ }
+
+ c = irq_data_get_irq_chip(d);
+- if (c->irq_set_affinity)
+- c->irq_set_affinity(d, affinity, true);
+- else
++ if (!c->irq_set_affinity)
+ pr_debug("IRQ%u: unable to set affinity\n", d->irq);
++ else if (c->irq_set_affinity(d, affinity, true) == IRQ_SET_MASK_OK && ret)
++ cpumask_copy(d->affinity, affinity);
+
+ return ret;
+ }
--- /dev/null
+From 41b3254c93acc56adc3c4477fef7c9512d47659e Mon Sep 17 00:00:00 2001
+From: Matthew Garrett <mjg@redhat.com>
+Date: Mon, 30 Apr 2012 16:11:29 -0400
+Subject: efi: Add new variable attributes
+
+From: Matthew Garrett <mjg@redhat.com>
+
+commit 41b3254c93acc56adc3c4477fef7c9512d47659e upstream.
+
+More recent versions of the UEFI spec have added new attributes for
+variables. Add them.
+
+Signed-off-by: Matthew Garrett <mjg@redhat.com>
+Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ include/linux/efi.h | 11 +++++++++++
+ 1 file changed, 11 insertions(+)
+
+--- a/include/linux/efi.h
++++ b/include/linux/efi.h
+@@ -510,7 +510,18 @@ extern int __init efi_setup_pcdp_console
+ #define EFI_VARIABLE_NON_VOLATILE 0x0000000000000001
+ #define EFI_VARIABLE_BOOTSERVICE_ACCESS 0x0000000000000002
+ #define EFI_VARIABLE_RUNTIME_ACCESS 0x0000000000000004
++#define EFI_VARIABLE_HARDWARE_ERROR_RECORD 0x0000000000000008
++#define EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS 0x0000000000000010
++#define EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS 0x0000000000000020
++#define EFI_VARIABLE_APPEND_WRITE 0x0000000000000040
+
++#define EFI_VARIABLE_MASK (EFI_VARIABLE_NON_VOLATILE | \
++ EFI_VARIABLE_BOOTSERVICE_ACCESS | \
++ EFI_VARIABLE_RUNTIME_ACCESS | \
++ EFI_VARIABLE_HARDWARE_ERROR_RECORD | \
++ EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS | \
++ EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS | \
++ EFI_VARIABLE_APPEND_WRITE)
+ /*
+ * The type of search to perform when calling boottime->locate_handle
+ */
--- /dev/null
+From fec6c20b570bcf541e581fc97f2e0cbdb9725b98 Mon Sep 17 00:00:00 2001
+From: Matthew Garrett <mjg@redhat.com>
+Date: Mon, 30 Apr 2012 16:11:30 -0400
+Subject: efi: Validate UEFI boot variables
+
+From: Matthew Garrett <mjg@redhat.com>
+
+commit fec6c20b570bcf541e581fc97f2e0cbdb9725b98 upstream.
+
+A common flaw in UEFI systems is a refusal to POST triggered by a malformed
+boot variable. Once in this state, machines may only be restored by
+reflashing their firmware with an external hardware device. While this is
+obviously a firmware bug, the serious nature of the outcome suggests that
+operating systems should filter their variable writes in order to prevent
+a malicious user from rendering the machine unusable.
+
+Signed-off-by: Matthew Garrett <mjg@redhat.com>
+Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ drivers/firmware/efivars.c | 182 +++++++++++++++++++++++++++++++++++++++++++++
+ 1 file changed, 182 insertions(+)
+
+--- a/drivers/firmware/efivars.c
++++ b/drivers/firmware/efivars.c
+@@ -191,6 +191,176 @@ utf16_strncmp(const efi_char16_t *a, con
+ }
+ }
+
++static bool
++validate_device_path(struct efi_variable *var, int match, u8 *buffer, int len)
++{
++ struct efi_generic_dev_path *node;
++ int offset = 0;
++
++ node = (struct efi_generic_dev_path *)buffer;
++
++ while (offset < len) {
++ offset += node->length;
++
++ if (offset > len)
++ return false;
++
++ if ((node->type == EFI_DEV_END_PATH ||
++ node->type == EFI_DEV_END_PATH2) &&
++ node->sub_type == EFI_DEV_END_ENTIRE)
++ return true;
++
++ node = (struct efi_generic_dev_path *)(buffer + offset);
++ }
++
++ /*
++ * If we're here then either node->length pointed past the end
++ * of the buffer or we reached the end of the buffer without
++ * finding a device path end node.
++ */
++ return false;
++}
++
++static bool
++validate_boot_order(struct efi_variable *var, int match, u8 *buffer, int len)
++{
++ /* An array of 16-bit integers */
++ if ((len % 2) != 0)
++ return false;
++
++ return true;
++}
++
++static bool
++validate_load_option(struct efi_variable *var, int match, u8 *buffer, int len)
++{
++ u16 filepathlength;
++ int i, desclength = 0;
++
++ /* Either "Boot" or "Driver" followed by four digits of hex */
++ for (i = match; i < match+4; i++) {
++ if (hex_to_bin(var->VariableName[i] & 0xff) < 0)
++ return true;
++ }
++
++ /* A valid entry must be at least 6 bytes */
++ if (len < 6)
++ return false;
++
++ filepathlength = buffer[4] | buffer[5] << 8;
++
++ /*
++ * There's no stored length for the description, so it has to be
++ * found by hand
++ */
++ desclength = utf16_strsize((efi_char16_t *)(buffer + 6), len) + 2;
++
++ /* Each boot entry must have a descriptor */
++ if (!desclength)
++ return false;
++
++ /*
++ * If the sum of the length of the description, the claimed filepath
++ * length and the original header are greater than the length of the
++ * variable, it's malformed
++ */
++ if ((desclength + filepathlength + 6) > len)
++ return false;
++
++ /*
++ * And, finally, check the filepath
++ */
++ return validate_device_path(var, match, buffer + desclength + 6,
++ filepathlength);
++}
++
++static bool
++validate_uint16(struct efi_variable *var, int match, u8 *buffer, int len)
++{
++ /* A single 16-bit integer */
++ if (len != 2)
++ return false;
++
++ return true;
++}
++
++static bool
++validate_ascii_string(struct efi_variable *var, int match, u8 *buffer, int len)
++{
++ int i;
++
++ for (i = 0; i < len; i++) {
++ if (buffer[i] > 127)
++ return false;
++
++ if (buffer[i] == 0)
++ return true;
++ }
++
++ return false;
++}
++
++struct variable_validate {
++ char *name;
++ bool (*validate)(struct efi_variable *var, int match, u8 *data,
++ int len);
++};
++
++static const struct variable_validate variable_validate[] = {
++ { "BootNext", validate_uint16 },
++ { "BootOrder", validate_boot_order },
++ { "DriverOrder", validate_boot_order },
++ { "Boot*", validate_load_option },
++ { "Driver*", validate_load_option },
++ { "ConIn", validate_device_path },
++ { "ConInDev", validate_device_path },
++ { "ConOut", validate_device_path },
++ { "ConOutDev", validate_device_path },
++ { "ErrOut", validate_device_path },
++ { "ErrOutDev", validate_device_path },
++ { "Timeout", validate_uint16 },
++ { "Lang", validate_ascii_string },
++ { "PlatformLang", validate_ascii_string },
++ { "", NULL },
++};
++
++static bool
++validate_var(struct efi_variable *var, u8 *data, int len)
++{
++ int i;
++ u16 *unicode_name = var->VariableName;
++
++ for (i = 0; variable_validate[i].validate != NULL; i++) {
++ const char *name = variable_validate[i].name;
++ int match;
++
++ for (match = 0; ; match++) {
++ char c = name[match];
++ u16 u = unicode_name[match];
++
++ /* All special variables are plain ascii */
++ if (u > 127)
++ return true;
++
++ /* Wildcard in the matching name means we've matched */
++ if (c == '*')
++ return variable_validate[i].validate(var,
++ match, data, len);
++
++ /* Case sensitive match */
++ if (c != u)
++ break;
++
++ /* Reached the end of the string while matching */
++ if (!c)
++ return variable_validate[i].validate(var,
++ match, data, len);
++ }
++ }
++
++ return true;
++}
++
+ static efi_status_t
+ get_var_data_locked(struct efivars *efivars, struct efi_variable *var)
+ {
+@@ -324,6 +494,12 @@ efivar_store_raw(struct efivar_entry *en
+ return -EINVAL;
+ }
+
++ if ((new_var->Attributes & ~EFI_VARIABLE_MASK) != 0 ||
++ validate_var(new_var, new_var->Data, new_var->DataSize) == false) {
++ printk(KERN_ERR "efivars: Malformed variable content\n");
++ return -EINVAL;
++ }
++
+ spin_lock(&efivars->lock);
+ status = efivars->ops->set_variable(new_var->VariableName,
+ &new_var->VendorGuid,
+@@ -626,6 +802,12 @@ static ssize_t efivar_create(struct file
+ if (!capable(CAP_SYS_ADMIN))
+ return -EACCES;
+
++ if ((new_var->Attributes & ~EFI_VARIABLE_MASK) != 0 ||
++ validate_var(new_var, new_var->Data, new_var->DataSize) == false) {
++ printk(KERN_ERR "efivars: Malformed variable content\n");
++ return -EINVAL;
++ }
++
+ spin_lock(&efivars->lock);
+
+ /*
--- /dev/null
+From de14ca6ae2c592d66db88f1e5596b26f7f011384 Mon Sep 17 00:00:00 2001
+From: Gabor Juhos <juhosg@openwrt.org>
+Date: Wed, 14 Mar 2012 10:28:35 +0100
+Subject: MIPS: ath79: fix AR933X WMAC reset code
+
+From: Gabor Juhos <juhosg@openwrt.org>
+
+commit de14ca6ae2c592d66db88f1e5596b26f7f011384 upstream.
+
+The current code puts the built-in WMAC device of the
+AR933X SoCs into reset instead of starting it. This
+causes a hard lock on AR933X based boards when the
+wireless driver tries to access the device.
+
+Signed-off-by: Gabor Juhos <juhosg@openwrt.org>
+Cc: linux-mips@linux-mips.org
+Patchwork: https://patchwork.linux-mips.org/patch/3484/
+Signed-off-by: Ralf Baechle <ralf@linux-mips.org>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ arch/mips/ath79/dev-wmac.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+--- a/arch/mips/ath79/dev-wmac.c
++++ b/arch/mips/ath79/dev-wmac.c
+@@ -58,8 +58,8 @@ static void __init ar913x_wmac_setup(voi
+
+ static int ar933x_wmac_reset(void)
+ {
+- ath79_device_reset_clear(AR933X_RESET_WMAC);
+ ath79_device_reset_set(AR933X_RESET_WMAC);
++ ath79_device_reset_clear(AR933X_RESET_WMAC);
+
+ return 0;
+ }
--- /dev/null
+From 7d1d865181185bdf1316d236b1b4bd02c9020729 Mon Sep 17 00:00:00 2001
+From: Dan Williams <dan.j.williams@intel.com>
+Date: Tue, 20 Mar 2012 10:50:27 -0700
+Subject: SCSI: libsas: fix false positive 'device attached' conditions
+
+From: Dan Williams <dan.j.williams@intel.com>
+
+commit 7d1d865181185bdf1316d236b1b4bd02c9020729 upstream.
+
+Normalize phy->attached_sas_addr to return a zero-address in the case
+when device-type == NO_DEVICE or the linkrate is invalid to handle
+expanders that put non-zero sas addresses in the discovery response:
+
+ sas: ex 5001b4da000f903f phy02:U:0 attached: 0100000000000000 (no device)
+ sas: ex 5001b4da000f903f phy01:U:0 attached: 0100000000000000 (no device)
+ sas: ex 5001b4da000f903f phy03:U:0 attached: 0100000000000000 (no device)
+ sas: ex 5001b4da000f903f phy00:U:0 attached: 0100000000000000 (no device)
+
+Reported-by: Andrzej Jakowski <andrzej.jakowski@intel.com>
+Signed-off-by: Dan Williams <dan.j.williams@intel.com>
+Signed-off-by: James Bottomley <JBottomley@Parallels.com>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ drivers/scsi/libsas/sas_expander.c | 9 ++++++++-
+ 1 file changed, 8 insertions(+), 1 deletion(-)
+
+--- a/drivers/scsi/libsas/sas_expander.c
++++ b/drivers/scsi/libsas/sas_expander.c
+@@ -192,7 +192,14 @@ static void sas_set_ex_phy(struct domain
+ phy->attached_sata_ps = dr->attached_sata_ps;
+ phy->attached_iproto = dr->iproto << 1;
+ phy->attached_tproto = dr->tproto << 1;
+- memcpy(phy->attached_sas_addr, dr->attached_sas_addr, SAS_ADDR_SIZE);
++ /* help some expanders that fail to zero sas_address in the 'no
++ * device' case
++ */
++ if (phy->attached_dev_type == NO_DEVICE ||
++ phy->linkrate < SAS_LINK_RATE_1_5_GBPS)
++ memset(phy->attached_sas_addr, 0, SAS_ADDR_SIZE);
++ else
++ memcpy(phy->attached_sas_addr, dr->attached_sas_addr, SAS_ADDR_SIZE);
+ phy->attached_phy_id = dr->attached_phy_id;
+ phy->phy_change_count = dr->change_count;
+ phy->routing_attr = dr->routing_attr;
--- /dev/null
+From 1699490db339e2c6b3037ea8e7dcd6b2755b688e Mon Sep 17 00:00:00 2001
+From: Thomas Jackson <thomas.p.jackson@intel.com>
+Date: Fri, 17 Feb 2012 18:33:10 -0800
+Subject: SCSI: libsas: fix sas_find_bcast_phy() in the presence of 'vacant' phys
+
+From: Thomas Jackson <thomas.p.jackson@intel.com>
+
+commit 1699490db339e2c6b3037ea8e7dcd6b2755b688e upstream.
+
+If an expander reports 'PHY VACANT' for a phy index prior to the one
+that generated a BCN libsas fails rediscovery. Since a vacant phy is
+defined as a valid phy index that will never have an attached device
+just continue the search.
+
+Signed-off-by: Thomas Jackson <thomas.p.jackson@intel.com>
+Signed-off-by: Dan Williams <dan.j.williams@intel.com>
+Signed-off-by: James Bottomley <JBottomley@Parallels.com>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ drivers/scsi/libsas/sas_expander.c | 17 ++++++++++++-----
+ 1 file changed, 12 insertions(+), 5 deletions(-)
+
+--- a/drivers/scsi/libsas/sas_expander.c
++++ b/drivers/scsi/libsas/sas_expander.c
+@@ -1643,9 +1643,17 @@ static int sas_find_bcast_phy(struct dom
+ int phy_change_count = 0;
+
+ res = sas_get_phy_change_count(dev, i, &phy_change_count);
+- if (res)
+- goto out;
+- else if (phy_change_count != ex->ex_phy[i].phy_change_count) {
++ switch (res) {
++ case SMP_RESP_PHY_VACANT:
++ case SMP_RESP_NO_PHY:
++ continue;
++ case SMP_RESP_FUNC_ACC:
++ break;
++ default:
++ return res;
++ }
++
++ if (phy_change_count != ex->ex_phy[i].phy_change_count) {
+ if (update)
+ ex->ex_phy[i].phy_change_count =
+ phy_change_count;
+@@ -1653,8 +1661,7 @@ static int sas_find_bcast_phy(struct dom
+ return 0;
+ }
+ }
+-out:
+- return res;
++ return 0;
+ }
+
+ static int sas_get_ex_change_count(struct domain_device *dev, int *ecc)
autofs-make-the-autofsv5-packet-file-descriptor-use-a-packetized-pipe.patch
crypto-talitos-properly-lock-access-to-global-talitos-registers.patch
input-synaptics-fix-regression-with-image-sensor-trackpads.patch
+usb-ehci-tegra-remove-redundant-gpio_set_value.patch
+arm-7396-1-errata-only-handle-arm-erratum-326103-on-affected-cores.patch
+arm-7403-1-tls-remove-covert-channel-via-tpidrurw.patch
+arm-7406-1-hotplug-copy-the-affinity-mask-when-forcefully-migrating-irqs.patch
+mips-ath79-fix-ar933x-wmac-reset-code.patch
+scsi-libsas-fix-sas_find_bcast_phy-in-the-presence-of-vacant-phys.patch
+scsi-libsas-fix-false-positive-device-attached-conditions.patch
+efi-add-new-variable-attributes.patch
+efi-validate-uefi-boot-variables.patch
--- /dev/null
+From 04c235c92ce8474e9f2b358bd97f013a500385f2 Mon Sep 17 00:00:00 2001
+From: Stephen Warren <swarren@nvidia.com>
+Date: Mon, 30 Apr 2012 17:24:10 -0600
+Subject: USB: ehci-tegra: remove redundant gpio_set_value
+
+From: Stephen Warren <swarren@nvidia.com>
+
+commit 04c235c92ce8474e9f2b358bd97f013a500385f2 upstream.
+
+The immediately preceding gpio_direction_output() already set the value,
+so there's no need to repeat it. This also prevents gpio_set_value() from
+WARNing when the GPIO is sleepable (e.g. is on an I2C expander); the set
+direction API is always sleepable, but plain set_value isn't.
+
+Signed-off-by: Stephen Warren <swarren@nvidia.com>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ drivers/usb/host/ehci-tegra.c | 1 -
+ 1 file changed, 1 deletion(-)
+
+--- a/drivers/usb/host/ehci-tegra.c
++++ b/drivers/usb/host/ehci-tegra.c
+@@ -601,7 +601,6 @@ static int setup_vbus_gpio(struct platfo
+ dev_err(&pdev->dev, "can't enable vbus\n");
+ return err;
+ }
+- gpio_set_value(gpio, 1);
+
+ return err;
+ }
projects / thirdparty / kernel / stable-queue.git / commitdiff
