--- /dev/null
+From f3f80a9205da74fa56d613f4c14b88b6e4e6caa8 Mon Sep 17 00:00:00 2001
+From: Takashi Iwai <tiwai@suse.de>
+Date: Thu, 8 Jan 2009 15:32:56 +0100
+Subject: ALSA: caiaq - Fix Oops with MIDI
+
+From: Takashi Iwai <tiwai@suse.de>
+
+commit f3f80a9205da74fa56d613f4c14b88b6e4e6caa8 upstream.
+
+The snd-usb-caiaq driver causes Oops occasionally when accessing MIDI
+devices. This patch fixes the Oops and invalid URB submission errors
+as well.
+
+Signed-off-by: Takashi Iwai <tiwai@suse.de>
+Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
+
+---
+ sound/usb/caiaq/caiaq-device.h | 1 +
+ sound/usb/caiaq/caiaq-midi.c | 32 ++++++++++++++++++--------------
+ 2 files changed, 19 insertions(+), 14 deletions(-)
+
+--- a/sound/usb/caiaq/caiaq-device.h
++++ b/sound/usb/caiaq/caiaq-device.h
+@@ -75,6 +75,7 @@ struct snd_usb_caiaqdev {
+ wait_queue_head_t ep1_wait_queue;
+ wait_queue_head_t prepare_wait_queue;
+ int spec_received, audio_parm_answer;
++ int midi_out_active;
+
+ char vendor_name[CAIAQ_USB_STR_LEN];
+ char product_name[CAIAQ_USB_STR_LEN];
+--- a/sound/usb/caiaq/caiaq-midi.c
++++ b/sound/usb/caiaq/caiaq-midi.c
+@@ -59,6 +59,11 @@ static int snd_usb_caiaq_midi_output_ope
+
+ static int snd_usb_caiaq_midi_output_close(struct snd_rawmidi_substream *substream)
+ {
++ struct snd_usb_caiaqdev *dev = substream->rmidi->private_data;
++ if (dev->midi_out_active) {
++ usb_kill_urb(&dev->midi_out_urb);
++ dev->midi_out_active = 0;
++ }
+ return 0;
+ }
+
+@@ -69,7 +74,8 @@ static void snd_usb_caiaq_midi_send(stru
+
+ dev->midi_out_buf[0] = EP1_CMD_MIDI_WRITE;
+ dev->midi_out_buf[1] = 0; /* port */
+- len = snd_rawmidi_transmit_peek(substream, dev->midi_out_buf+3, EP1_BUFSIZE-3);
++ len = snd_rawmidi_transmit(substream, dev->midi_out_buf + 3,
++ EP1_BUFSIZE - 3);
+
+ if (len <= 0)
+ return;
+@@ -79,24 +85,24 @@ static void snd_usb_caiaq_midi_send(stru
+
+ ret = usb_submit_urb(&dev->midi_out_urb, GFP_ATOMIC);
+ if (ret < 0)
+- log("snd_usb_caiaq_midi_send(%p): usb_submit_urb() failed, %d\n",
+- substream, ret);
++ log("snd_usb_caiaq_midi_send(%p): usb_submit_urb() failed,"
++ "ret=%d, len=%d\n",
++ substream, ret, len);
++ else
++ dev->midi_out_active = 1;
+ }
+
+ static void snd_usb_caiaq_midi_output_trigger(struct snd_rawmidi_substream *substream, int up)
+ {
+ struct snd_usb_caiaqdev *dev = substream->rmidi->private_data;
+
+- if (dev->midi_out_substream != NULL)
+- return;
+-
+- if (!up) {
++ if (up) {
++ dev->midi_out_substream = substream;
++ if (!dev->midi_out_active)
++ snd_usb_caiaq_midi_send(dev, substream);
++ } else {
+ dev->midi_out_substream = NULL;
+- return;
+ }
+-
+- dev->midi_out_substream = substream;
+- snd_usb_caiaq_midi_send(dev, substream);
+ }
+
+
+@@ -161,16 +167,14 @@ int snd_usb_caiaq_midi_init(struct snd_u
+ void snd_usb_caiaq_midi_output_done(struct urb* urb)
+ {
+ struct snd_usb_caiaqdev *dev = urb->context;
+- char *buf = urb->transfer_buffer;
+
++ dev->midi_out_active = 0;
+ if (urb->status != 0)
+ return;
+
+ if (!dev->midi_out_substream)
+ return;
+
+- snd_rawmidi_transmit_ack(dev->midi_out_substream, buf[2]);
+- dev->midi_out_substream = NULL;
+ snd_usb_caiaq_midi_send(dev, dev->midi_out_substream);
+ }
+
--- /dev/null
+From 69dfaefee4a2dfdfee3488a306403fe1e51f0be5 Mon Sep 17 00:00:00 2001
+From: Takashi Iwai <tiwai@suse.de>
+Date: Sat, 20 Dec 2008 16:57:50 +0100
+Subject: ALSA: hda - Add quirk for another HP dv7
+
+From: Takashi Iwai <tiwai@suse.de>
+
+commit 69dfaefee4a2dfdfee3488a306403fe1e51f0be5 upstream.
+
+Added the model=hp-m4 quirk for another HP dv7 (103c:30fc) with IDT
+92HD71b* codec.
+
+Reference: Novell bnc#461108
+ https://bugzilla.novell.com/show_bug.cgi?id=461108
+
+Signed-off-by: Takashi Iwai <tiwai@suse.de>
+Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
+
+---
+ sound/pci/hda/patch_sigmatel.c | 2 ++
+ 1 file changed, 2 insertions(+)
+
+--- a/sound/pci/hda/patch_sigmatel.c
++++ b/sound/pci/hda/patch_sigmatel.c
+@@ -1720,6 +1720,8 @@ static struct snd_pci_quirk stac92hd71bx
+ "HP dv5", STAC_HP_M4),
+ SND_PCI_QUIRK(PCI_VENDOR_ID_HP, 0x30f4,
+ "HP dv7", STAC_HP_M4),
++ SND_PCI_QUIRK(PCI_VENDOR_ID_HP, 0x30fc,
++ "HP dv7", STAC_HP_M4),
+ SND_PCI_QUIRK(PCI_VENDOR_ID_HP, 0x361a,
+ "unknown HP", STAC_HP_M4),
+ SND_PCI_QUIRK(PCI_VENDOR_ID_DELL, 0x0233,
--- /dev/null
+From 11d518e07d700eeb5bcec36bfd5f501e405230dd Mon Sep 17 00:00:00 2001
+From: Takashi Iwai <tiwai@suse.de>
+Date: Wed, 10 Dec 2008 10:37:33 +0100
+Subject: ALSA: hda - Add quirk for HP6730B laptop
+
+From: Takashi Iwai <tiwai@suse.de>
+
+commit 11d518e07d700eeb5bcec36bfd5f501e405230dd upstream.
+
+Added model=laptop for HP 6730B laptop with AD1984A codec.
+Reference: Novell bnc#457909
+ https://bugzilla.novell.com/show_bug.cgi?id=457909
+
+Signed-off-by: Takashi Iwai <tiwai@suse.de>
+Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
+
+---
+ sound/pci/hda/patch_analog.c | 1 +
+ 1 file changed, 1 insertion(+)
+
+--- a/sound/pci/hda/patch_analog.c
++++ b/sound/pci/hda/patch_analog.c
+@@ -3861,6 +3861,7 @@ static const char *ad1884a_models[AD1884
+ static struct snd_pci_quirk ad1884a_cfg_tbl[] = {
+ SND_PCI_QUIRK(0x103c, 0x3030, "HP", AD1884A_MOBILE),
+ SND_PCI_QUIRK(0x103c, 0x3056, "HP", AD1884A_MOBILE),
++ SND_PCI_QUIRK(0x103c, 0x30e6, "HP 6730b", AD1884A_LAPTOP),
+ SND_PCI_QUIRK(0x103c, 0x30e7, "HP EliteBook 8530p", AD1884A_LAPTOP),
+ SND_PCI_QUIRK(0x103c, 0x3614, "HP 6730s", AD1884A_LAPTOP),
+ SND_PCI_QUIRK(0x17aa, 0x20ac, "Thinkpad X300", AD1884A_THINKPAD),
--- /dev/null
+From c247ed6f5205f9feebd276c4cbe45018b10f19fa Mon Sep 17 00:00:00 2001
+From: Clemens Fruhwirth <clemens@endorphin.org>
+Date: Wed, 7 Jan 2009 11:43:48 +0100
+Subject: ALSA: hda - Fix typos for AD1882 codecs
+
+From: Clemens Fruhwirth <clemens@endorphin.org>
+
+commit c247ed6f5205f9feebd276c4cbe45018b10f19fa upstream.
+
+Fixed typos of codec-id checks for AD1882/AD1882A.
+
+Signed-off-by: Takashi Iwai <tiwai@suse.de>
+Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
+
+---
+ sound/pci/hda/patch_analog.c | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+--- a/sound/pci/hda/patch_analog.c
++++ b/sound/pci/hda/patch_analog.c
+@@ -4222,13 +4222,13 @@ static int patch_ad1882(struct hda_codec
+ spec->num_adc_nids = ARRAY_SIZE(ad1882_adc_nids);
+ spec->adc_nids = ad1882_adc_nids;
+ spec->capsrc_nids = ad1882_capsrc_nids;
+- if (codec->vendor_id == 0x11d1882)
++ if (codec->vendor_id == 0x11d41882)
+ spec->input_mux = &ad1882_capture_source;
+ else
+ spec->input_mux = &ad1882a_capture_source;
+ spec->num_mixers = 2;
+ spec->mixers[0] = ad1882_base_mixers;
+- if (codec->vendor_id == 0x11d1882)
++ if (codec->vendor_id == 0x11d41882)
+ spec->mixers[1] = ad1882_loopback_mixers;
+ else
+ spec->mixers[1] = ad1882a_loopback_mixers;
--- /dev/null
+From c6fbba0546d3ead18d4a623e76e28bcbaa66a325 Mon Sep 17 00:00:00 2001
+From: Steve French <sfrench@us.ibm.com>
+Date: Thu, 18 Dec 2008 01:41:20 +0000
+Subject: CIFS: make sure that DFS pathnames are properly formed
+
+From: Steve French <sfrench@us.ibm.com>
+
+commit c6fbba0546d3ead18d4a623e76e28bcbaa66a325 upstream.
+
+The paths in a DFS request are supposed to only have a single preceding
+backslash, but we are sending them with a double backslash. This is
+exposing a bug in Windows where it also sends a path in the response
+that has a double backslash.
+
+The existing code that builds the mount option string however expects a
+double backslash prefix in a couple of places when it tries to use the
+path returned by build_path_from_dentry. Fix compose_mount_options to
+expect properly formed DFS paths (single backslash at front).
+
+Also clean up error handling in that function. There was a possible
+NULL pointer dereference and situations where a partially built option
+string would be returned.
+
+Tested against Samba 3.0.28-ish server and Samba 3.3 and Win2k8.
+
+Signed-off-by: Jeff Layton <jlayton@redhat.com>
+Signed-off-by: Steve French <sfrench@us.ibm.com>
+Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
+
+---
+ fs/cifs/cifs_dfs_ref.c | 48 ++++++++++++++++++++++++++++++++++++------------
+ 1 file changed, 36 insertions(+), 12 deletions(-)
+
+--- a/fs/cifs/cifs_dfs_ref.c
++++ b/fs/cifs/cifs_dfs_ref.c
+@@ -122,7 +122,7 @@ static char *compose_mount_options(const
+ char **devname)
+ {
+ int rc;
+- char *mountdata;
++ char *mountdata = NULL;
+ int md_len;
+ char *tkn_e;
+ char *srvIP = NULL;
+@@ -136,10 +136,9 @@ static char *compose_mount_options(const
+ *devname = cifs_get_share_name(ref->node_name);
+ rc = dns_resolve_server_name_to_ip(*devname, &srvIP);
+ if (rc != 0) {
+- cERROR(1, ("%s: Failed to resolve server part of %s to IP",
+- __func__, *devname));
+- mountdata = ERR_PTR(rc);
+- goto compose_mount_options_out;
++ cERROR(1, ("%s: Failed to resolve server part of %s to IP: %d",
++ __func__, *devname, rc));;
++ goto compose_mount_options_err;
+ }
+ /* md_len = strlen(...) + 12 for 'sep+prefixpath='
+ * assuming that we have 'unc=' and 'ip=' in
+@@ -149,8 +148,8 @@ static char *compose_mount_options(const
+ strlen(ref->node_name) + 12;
+ mountdata = kzalloc(md_len+1, GFP_KERNEL);
+ if (mountdata == NULL) {
+- mountdata = ERR_PTR(-ENOMEM);
+- goto compose_mount_options_out;
++ rc = -ENOMEM;
++ goto compose_mount_options_err;
+ }
+
+ /* copy all options except of unc,ip,prefixpath */
+@@ -197,18 +196,32 @@ static char *compose_mount_options(const
+
+ /* find & copy prefixpath */
+ tkn_e = strchr(ref->node_name + 2, '\\');
+- if (tkn_e == NULL) /* invalid unc, missing share name*/
+- goto compose_mount_options_out;
++ if (tkn_e == NULL) {
++ /* invalid unc, missing share name*/
++ rc = -EINVAL;
++ goto compose_mount_options_err;
++ }
+
++ /*
++ * this function gives us a path with a double backslash prefix. We
++ * require a single backslash for DFS. Temporarily increment fullpath
++ * to put it in the proper form and decrement before freeing it.
++ */
+ fullpath = build_path_from_dentry(dentry);
++ if (!fullpath) {
++ rc = -ENOMEM;
++ goto compose_mount_options_err;
++ }
++ ++fullpath;
+ tkn_e = strchr(tkn_e + 1, '\\');
+- if (tkn_e || strlen(fullpath) - (ref->path_consumed)) {
++ if (tkn_e || (strlen(fullpath) - ref->path_consumed)) {
+ strncat(mountdata, &sep, 1);
+ strcat(mountdata, "prefixpath=");
+ if (tkn_e)
+ strcat(mountdata, tkn_e + 1);
+- strcat(mountdata, fullpath + (ref->path_consumed));
++ strcat(mountdata, fullpath + ref->path_consumed);
+ }
++ --fullpath;
+ kfree(fullpath);
+
+ /*cFYI(1,("%s: parent mountdata: %s", __func__,sb_mountdata));*/
+@@ -217,6 +230,11 @@ static char *compose_mount_options(const
+ compose_mount_options_out:
+ kfree(srvIP);
+ return mountdata;
++
++compose_mount_options_err:
++ kfree(mountdata);
++ mountdata = ERR_PTR(rc);
++ goto compose_mount_options_out;
+ }
+
+
+@@ -309,13 +327,19 @@ cifs_dfs_follow_mountpoint(struct dentry
+ goto out_err;
+ }
+
++ /*
++ * The MSDFS spec states that paths in DFS referral requests and
++ * responses must be prefixed by a single '\' character instead of
++ * the double backslashes usually used in the UNC. This function
++ * gives us the latter, so we must adjust the result.
++ */
+ full_path = build_path_from_dentry(dentry);
+ if (full_path == NULL) {
+ rc = -ENOMEM;
+ goto out_err;
+ }
+
+- rc = get_dfs_path(xid, ses , full_path, cifs_sb->local_nls,
++ rc = get_dfs_path(xid, ses , full_path + 1, cifs_sb->local_nls,
+ &num_referrals, &referrals,
+ cifs_sb->mnt_cifs_flags & CIFS_MOUNT_MAP_SPECIAL_CHR);
+
--- /dev/null
+From f1bc4ac61f2c08515afd80c6dc3962aa6d0b138b Mon Sep 17 00:00:00 2001
+From: Zhu Yi <yi.zhu@intel.com>
+Date: Wed, 17 Dec 2008 16:52:33 +0800
+Subject: iwlwifi: use GFP_KERNEL to allocate Rx SKB memory
+
+From: Zhu Yi <yi.zhu@intel.com>
+
+commit f1bc4ac61f2c08515afd80c6dc3962aa6d0b138b upstream.
+
+Previously we allocate Rx SKB with GFP_ATOMIC flag. This is because we need
+to hold a spinlock to protect the two rx_used and rx_free lists operation
+in the rxq.
+
+ spin_lock();
+ ...
+ element = rxq->rx_used.next;
+ element->skb = alloc_skb(..., GFP_ATOMIC);
+ list_del(element);
+ list_add_tail(&element->list, &rxq->rx_free);
+ ...
+ spin_unlock();
+
+After spliting the rx_used delete and rx_free insert into two operations,
+we don't require the skb allocation in an atomic context any more (the
+function itself is scheduled in a workqueue).
+
+ spin_lock();
+ ...
+ element = rxq->rx_used.next;
+ list_del(element);
+ ...
+ spin_unlock();
+ ...
+ element->skb = alloc_skb(..., GFP_KERNEL);
+ ...
+ spin_lock()
+ ...
+ list_add_tail(&element->list, &rxq->rx_free);
+ ...
+ spin_unlock();
+
+This patch should fix the "iwlagn: Can not allocate SKB buffers" warning
+we see recently.
+
+Signed-off-by: Zhu Yi <yi.zhu@intel.com>
+Acked-by: Tomas Winkler <tomas.winkler@intel.com>
+Signed-off-by: John W. Linville <linville@tuxdriver.com>
+Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
+
+---
+ drivers/net/wireless/iwlwifi/iwl-agn.c | 12 +-----------
+ drivers/net/wireless/iwlwifi/iwl-rx.c | 29 +++++++++++++++++++----------
+ 2 files changed, 20 insertions(+), 21 deletions(-)
+
+--- a/drivers/net/wireless/iwlwifi/iwl-agn.c
++++ b/drivers/net/wireless/iwlwifi/iwl-agn.c
+@@ -1334,16 +1334,6 @@ static void iwl_setup_rx_handlers(struct
+ priv->cfg->ops->lib->rx_handler_setup(priv);
+ }
+
+-/*
+- * this should be called while priv->lock is locked
+-*/
+-static void __iwl_rx_replenish(struct iwl_priv *priv)
+-{
+- iwl_rx_allocate(priv);
+- iwl_rx_queue_restock(priv);
+-}
+-
+-
+ /**
+ * iwl_rx_handle - Main entry function for receiving responses from uCode
+ *
+@@ -1451,7 +1441,7 @@ void iwl_rx_handle(struct iwl_priv *priv
+ count++;
+ if (count >= 8) {
+ priv->rxq.read = i;
+- __iwl_rx_replenish(priv);
++ iwl_rx_queue_restock(priv);
+ count = 0;
+ }
+ }
+--- a/drivers/net/wireless/iwlwifi/iwl-rx.c
++++ b/drivers/net/wireless/iwlwifi/iwl-rx.c
+@@ -245,25 +245,31 @@ void iwl_rx_allocate(struct iwl_priv *pr
+ struct list_head *element;
+ struct iwl_rx_mem_buffer *rxb;
+ unsigned long flags;
+- spin_lock_irqsave(&rxq->lock, flags);
+- while (!list_empty(&rxq->rx_used)) {
++
++ while (1) {
++ spin_lock_irqsave(&rxq->lock, flags);
++
++ if (list_empty(&rxq->rx_used)) {
++ spin_unlock_irqrestore(&rxq->lock, flags);
++ return;
++ }
+ element = rxq->rx_used.next;
+ rxb = list_entry(element, struct iwl_rx_mem_buffer, list);
++ list_del(element);
++
++ spin_unlock_irqrestore(&rxq->lock, flags);
+
+ /* Alloc a new receive buffer */
+ rxb->skb = alloc_skb(priv->hw_params.rx_buf_size + 256,
+- __GFP_NOWARN | GFP_ATOMIC);
++ GFP_KERNEL);
+ if (!rxb->skb) {
+- if (net_ratelimit())
+- printk(KERN_CRIT DRV_NAME
+- ": Can not allocate SKB buffers\n");
++ printk(KERN_CRIT DRV_NAME
++ "Can not allocate SKB buffers\n");
+ /* We don't reschedule replenish work here -- we will
+ * call the restock method and if it still needs
+ * more buffers it will schedule replenish */
+ break;
+ }
+- priv->alloc_rxb_skb++;
+- list_del(element);
+
+ /* Get physical address of RB/SKB */
+ rxb->real_dma_addr = pci_map_single(
+@@ -277,12 +283,15 @@ void iwl_rx_allocate(struct iwl_priv *pr
+ rxb->aligned_dma_addr = ALIGN(rxb->real_dma_addr, 256);
+ skb_reserve(rxb->skb, rxb->aligned_dma_addr - rxb->real_dma_addr);
+
++ spin_lock_irqsave(&rxq->lock, flags);
++
+ list_add_tail(&rxb->list, &rxq->rx_free);
+ rxq->free_count++;
++ priv->alloc_rxb_skb++;
++
++ spin_unlock_irqrestore(&rxq->lock, flags);
+ }
+- spin_unlock_irqrestore(&rxq->lock, flags);
+ }
+-EXPORT_SYMBOL(iwl_rx_allocate);
+
+ void iwl_rx_replenish(struct iwl_priv *priv)
+ {
--- /dev/null
+From a8ccf1d6f60e3e6ae63122e02378cd4d40dd4aac Mon Sep 17 00:00:00 2001
+From: Steven Rostedt <srostedt@redhat.com>
+Date: Tue, 23 Dec 2008 11:32:24 -0500
+Subject: ring-buffer: fix dangling commit race
+
+From: Steven Rostedt <srostedt@redhat.com>
+
+commit a8ccf1d6f60e3e6ae63122e02378cd4d40dd4aac upstream.
+
+Impact: fix stuck trace-buffers
+
+If an interrupt comes in during the rb_set_commit_to_write and
+pushes the tail page forward just at the right time, the commit
+updates will miss the adding of the interrupt data. This will
+cause the commit pointer to cease from moving forward.
+
+Thanks to Jiaying Zhang for finding this race.
+
+Reported-by: Jiaying Zhang <jiayingz@google.com>
+Signed-off-by: Steven Rostedt <srostedt@redhat.com>
+Signed-off-by: Ingo Molnar <mingo@elte.hu>
+Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
+
+---
+ kernel/trace/ring_buffer.c | 12 ++++++++++++
+ 1 file changed, 12 insertions(+)
+
+--- a/kernel/trace/ring_buffer.c
++++ b/kernel/trace/ring_buffer.c
+@@ -769,6 +769,7 @@ rb_set_commit_to_write(struct ring_buffe
+ * back to us). This allows us to do a simple loop to
+ * assign the commit to the tail.
+ */
++ again:
+ while (cpu_buffer->commit_page != cpu_buffer->tail_page) {
+ cpu_buffer->commit_page->commit =
+ cpu_buffer->commit_page->write;
+@@ -783,6 +784,17 @@ rb_set_commit_to_write(struct ring_buffe
+ cpu_buffer->commit_page->write;
+ barrier();
+ }
++
++ /* again, keep gcc from optimizing */
++ barrier();
++
++ /*
++ * If an interrupt came in just after the first while loop
++ * and pushed the tail page forward, we will be left with
++ * a dangling commit that will never go forward.
++ */
++ if (unlikely(cpu_buffer->commit_page != cpu_buffer->tail_page))
++ goto again;
+ }
+
+ static void rb_reset_reader_page(struct ring_buffer_per_cpu *cpu_buffer)
--- /dev/null
+From 98db8df777438e16ad0f44a0fba05ebbdb73db8d Mon Sep 17 00:00:00 2001
+From: Steven Rostedt <srostedt@redhat.com>
+Date: Tue, 23 Dec 2008 11:32:25 -0500
+Subject: ring-buffer: prevent false positive warning
+
+From: Steven Rostedt <srostedt@redhat.com>
+
+commit 98db8df777438e16ad0f44a0fba05ebbdb73db8d upstream.
+
+Impact: eliminate false WARN_ON message
+
+If an interrupt goes off after the setting of the local variable
+tail_page and before incrementing the write index of that page,
+the interrupt could push the commit forward to the next page.
+
+Later a check is made to see if interrupts pushed the buffer around
+the entire ring buffer by comparing the next page to the last commited
+page. This can produce a false positive if the interrupt had pushed
+the commit page forward as stated above.
+
+Thanks to Jiaying Zhang for finding this race.
+
+Reported-by: Jiaying Zhang <jiayingz@google.com>
+Signed-off-by: Steven Rostedt <srostedt@redhat.com>
+Signed-off-by: Ingo Molnar <mingo@elte.hu>
+Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
+
+---
+ kernel/trace/ring_buffer.c | 7 +++++--
+ 1 file changed, 5 insertions(+), 2 deletions(-)
+
+--- a/kernel/trace/ring_buffer.c
++++ b/kernel/trace/ring_buffer.c
+@@ -880,12 +880,15 @@ static struct ring_buffer_event *
+ __rb_reserve_next(struct ring_buffer_per_cpu *cpu_buffer,
+ unsigned type, unsigned long length, u64 *ts)
+ {
+- struct buffer_page *tail_page, *head_page, *reader_page;
++ struct buffer_page *tail_page, *head_page, *reader_page, *commit_page;
+ unsigned long tail, write;
+ struct ring_buffer *buffer = cpu_buffer->buffer;
+ struct ring_buffer_event *event;
+ unsigned long flags;
+
++ commit_page = cpu_buffer->commit_page;
++ /* we just need to protect against interrupts */
++ barrier();
+ tail_page = cpu_buffer->tail_page;
+ write = local_add_return(length, &tail_page->write);
+ tail = write - length;
+@@ -909,7 +912,7 @@ __rb_reserve_next(struct ring_buffer_per
+ * it all the way around the buffer, bail, and warn
+ * about it.
+ */
+- if (unlikely(next_page == cpu_buffer->commit_page)) {
++ if (unlikely(next_page == commit_page)) {
+ WARN_ON_ONCE(1);
+ goto out_unlock;
+ }
--- /dev/null
+alsa-hda-add-quirk-for-another-hp-dv7.patch
+alsa-hda-add-quirk-for-hp6730b-laptop.patch
+alsa-caiaq-fix-oops-with-midi.patch
+alsa-hda-fix-typos-for-ad1882-codecs.patch
+x86-fix-intel-x86_64-llc_shared_map-cpu_llc_id-anomolies.patch
+x86-default-to-swiotlb-y-on-x86_64.patch
+cifs-make-sure-that-dfs-pathnames-are-properly-formed.patch
+ring-buffer-prevent-false-positive-warning.patch
+ring-buffer-fix-dangling-commit-race.patch
+iwlwifi-use-gfp_kernel-to-allocate-rx-skb-memory.patch
--- /dev/null
+From a1afd01c175324656d0e8f1c82ea94b474953c04 Mon Sep 17 00:00:00 2001
+From: Joerg Roedel <joerg.roedel@amd.com>
+Date: Tue, 18 Nov 2008 12:44:21 +0100
+Subject: x86: default to SWIOTLB=y on x86_64
+
+From: Joerg Roedel <joerg.roedel@amd.com>
+
+commit a1afd01c175324656d0e8f1c82ea94b474953c04 upstream.
+
+Impact: fixes korg bugzilla 11980
+
+A kernel for a 64bit x86 system should always contain the swiotlb code
+in case it is booted on a machine without any hardware IOMMU supported
+by the kernel and more than 4GB of RAM. This patch changes Kconfig to
+always compile swiotlb into the kernel for x86_64.
+
+Signed-off-by: Joerg Roedel <joerg.roedel@amd.com>
+Signed-off-by: Ingo Molnar <mingo@elte.hu>
+Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
+
+---
+ arch/x86/Kconfig | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+--- a/arch/x86/Kconfig
++++ b/arch/x86/Kconfig
+@@ -569,7 +569,7 @@ config AMD_IOMMU
+
+ # need this always selected by IOMMU for the VIA workaround
+ config SWIOTLB
+- bool
++ def_bool y if X86_64
+ help
+ Support for software bounce buffers used on x86-64 systems
+ which don't have a hardware IOMMU (e.g. the current generation
--- /dev/null
+From 345077cd98ff5532b2d1158013c3fec7b1ae85ec Mon Sep 17 00:00:00 2001
+From: Suresh Siddha <suresh.b.siddha@intel.com>
+Date: Thu, 18 Dec 2008 18:09:21 -0800
+Subject: x86: fix intel x86_64 llc_shared_map/cpu_llc_id anomolies
+
+From: Suresh Siddha <suresh.b.siddha@intel.com>
+
+commit 345077cd98ff5532b2d1158013c3fec7b1ae85ec upstream.
+
+Impact: fix wrong cache sharing detection on platforms supporting > 8 bit apicid's
+
+In the presence of extended topology eumeration leaf 0xb provided
+by cpuid, 32bit extended initial_apicid in cpuinfo_x86 struct will be
+updated by detect_extended_topology(). At this instance, we should also
+reinit the apicid (which could also potentially be extended to 32bit).
+
+With out this there will potentially be duplicate apicid's populated in the
+per cpu's cpuinfo_x86 struct, resulting in wrong cache sharing topology etc
+detected by init_intel_cacheinfo().
+
+Reported-by: Dimitri Sivanich <sivanich@sgi.com>
+Signed-off-by: Suresh Siddha <suresh.b.siddha@intel.com>
+Acked-by: Dimitri Sivanich <sivanich@sgi.com>
+Signed-off-by: Ingo Molnar <mingo@elte.hu>
+Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
+
+---
+ arch/x86/kernel/cpu/addon_cpuid_features.c | 8 ++++++++
+ arch/x86/kernel/cpu/intel.c | 8 +++++++-
+ 2 files changed, 15 insertions(+), 1 deletion(-)
+
+--- a/arch/x86/kernel/cpu/addon_cpuid_features.c
++++ b/arch/x86/kernel/cpu/addon_cpuid_features.c
+@@ -120,9 +120,17 @@ void __cpuinit detect_extended_topology(
+ c->cpu_core_id = phys_pkg_id(c->initial_apicid, ht_mask_width)
+ & core_select_mask;
+ c->phys_proc_id = phys_pkg_id(c->initial_apicid, core_plus_mask_width);
++ /*
++ * Reinit the apicid, now that we have extended initial_apicid.
++ */
++ c->apicid = phys_pkg_id(c->initial_apicid, 0);
+ #else
+ c->cpu_core_id = phys_pkg_id(ht_mask_width) & core_select_mask;
+ c->phys_proc_id = phys_pkg_id(core_plus_mask_width);
++ /*
++ * Reinit the apicid, now that we have extended initial_apicid.
++ */
++ c->apicid = phys_pkg_id(0);
+ #endif
+ c->x86_max_cores = (core_level_siblings / smp_num_siblings);
+
+--- a/arch/x86/kernel/cpu/intel.c
++++ b/arch/x86/kernel/cpu/intel.c
+@@ -242,6 +242,13 @@ static void __cpuinit init_intel(struct
+
+ intel_workarounds(c);
+
++ /*
++ * Detect the extended topology information if available. This
++ * will reinitialise the initial_apicid which will be used
++ * in init_intel_cacheinfo()
++ */
++ detect_extended_topology(c);
++
+ l2 = init_intel_cacheinfo(c);
+ if (c->cpuid_level > 9) {
+ unsigned eax = cpuid_eax(10);
+@@ -313,7 +320,6 @@ static void __cpuinit init_intel(struct
+
+ #endif
+
+- detect_extended_topology(c);
+ if (!cpu_has(c, X86_FEATURE_XTOPOLOGY)) {
+ /*
+ * let's use the legacy cpuid vector 0x1 and 0x4 for topology
projects / thirdparty / kernel / stable-queue.git / commitdiff
