From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Date: Mon, 7 Mar 2016 20:54:15 +0000 (-0800)
Subject: 3.14-stable patches
X-Git-Tag: v3.10.100~8
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=517f79e6d2e071e739d4f9a9c66750cabe885c16;p=thirdparty%2Fkernel%2Fstable-queue.git

3.14-stable patches

added patches:
	mips-traps-fix-sigfpe-information-leak-from-do_ov-and-do_trap_or_bp.patch
	ubi-fix-out-of-bounds-write-in-volume-update-code.patch
	usb-chipidea-otg-change-workqueue-ci_otg-as-freezable.patch
	usb-cp210x-add-id-for-parrot-nmea-gps-flight-recorder.patch
	usb-serial-option-add-support-for-quectel-uc20.patch
	usb-serial-option-add-support-for-telit-le922-pid-0x1045.patch
---

diff --git a/queue-3.14/mips-traps-fix-sigfpe-information-leak-from-do_ov-and-do_trap_or_bp.patch b/queue-3.14/mips-traps-fix-sigfpe-information-leak-from-do_ov-and-do_trap_or_bp.patch
new file mode 100644
index 00000000000..4cae048f02a
--- /dev/null
+++ b/queue-3.14/mips-traps-fix-sigfpe-information-leak-from-do_ov-and-do_trap_or_bp.patch
@@ -0,0 +1,61 @@
+From e723e3f7f9591b79e8c56b3d7c5a204a9c571b55 Mon Sep 17 00:00:00 2001
+From: "Maciej W. Rozycki" <macro@imgtec.com>
+Date: Fri, 4 Mar 2016 01:42:49 +0000
+Subject: MIPS: traps: Fix SIGFPE information leak from `do_ov' and `do_trap_or_bp'
+
+From: Maciej W. Rozycki <macro@imgtec.com>
+
+commit e723e3f7f9591b79e8c56b3d7c5a204a9c571b55 upstream.
+
+Avoid sending a partially initialised `siginfo_t' structure along SIGFPE
+signals issued from `do_ov' and `do_trap_or_bp', leading to information
+leaking from the kernel stack.
+
+Signed-off-by: Maciej W. Rozycki <macro@imgtec.com>
+Signed-off-by: Ralf Baechle <ralf@linux-mips.org>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ arch/mips/kernel/traps.c |   13 ++++++-------
+ 1 file changed, 6 insertions(+), 7 deletions(-)
+
+--- a/arch/mips/kernel/traps.c
++++ b/arch/mips/kernel/traps.c
+@@ -688,15 +688,15 @@ static int simulate_sync(struct pt_regs
+ asmlinkage void do_ov(struct pt_regs *regs)
+ {
+ 	enum ctx_state prev_state;
+-	siginfo_t info;
++	siginfo_t info = {
++		.si_signo = SIGFPE,
++		.si_code = FPE_INTOVF,
++		.si_addr = (void __user *)regs->cp0_epc,
++	};
+ 
+ 	prev_state = exception_enter();
+ 	die_if_kernel("Integer overflow", regs);
+ 
+-	info.si_code = FPE_INTOVF;
+-	info.si_signo = SIGFPE;
+-	info.si_errno = 0;
+-	info.si_addr = (void __user *) regs->cp0_epc;
+ 	force_sig_info(SIGFPE, &info, current);
+ 	exception_exit(prev_state);
+ }
+@@ -797,7 +797,7 @@ out:
+ static void do_trap_or_bp(struct pt_regs *regs, unsigned int code,
+ 	const char *str)
+ {
+-	siginfo_t info;
++	siginfo_t info = { 0 };
+ 	char b[40];
+ 
+ #ifdef CONFIG_KGDB_LOW_LEVEL_TRAP
+@@ -825,7 +825,6 @@ static void do_trap_or_bp(struct pt_regs
+ 		else
+ 			info.si_code = FPE_INTOVF;
+ 		info.si_signo = SIGFPE;
+-		info.si_errno = 0;
+ 		info.si_addr = (void __user *) regs->cp0_epc;
+ 		force_sig_info(SIGFPE, &info, current);
+ 		break;
diff --git a/queue-3.14/series b/queue-3.14/series
index 61a4601adcb..94fbb9cd717 100644
--- a/queue-3.14/series
+++ b/queue-3.14/series
@@ -20,3 +20,9 @@ alsa-hdspm-fix-wrong-boolean-ctl-value-accesses.patch
 alsa-hdsp-fix-wrong-boolean-ctl-value-accesses.patch
 alsa-hdspm-fix-zero-division.patch
 alsa-timer-fix-broken-compat-timer-user-status-ioctl.patch
+usb-chipidea-otg-change-workqueue-ci_otg-as-freezable.patch
+usb-cp210x-add-id-for-parrot-nmea-gps-flight-recorder.patch
+usb-serial-option-add-support-for-telit-le922-pid-0x1045.patch
+usb-serial-option-add-support-for-quectel-uc20.patch
+mips-traps-fix-sigfpe-information-leak-from-do_ov-and-do_trap_or_bp.patch
+ubi-fix-out-of-bounds-write-in-volume-update-code.patch
diff --git a/queue-3.14/ubi-fix-out-of-bounds-write-in-volume-update-code.patch b/queue-3.14/ubi-fix-out-of-bounds-write-in-volume-update-code.patch
new file mode 100644
index 00000000000..5e550bdd43c
--- /dev/null
+++ b/queue-3.14/ubi-fix-out-of-bounds-write-in-volume-update-code.patch
@@ -0,0 +1,32 @@
+From e4f6daac20332448529b11f09388f1d55ef2084c Mon Sep 17 00:00:00 2001
+From: Richard Weinberger <richard@nod.at>
+Date: Sun, 21 Feb 2016 10:53:03 +0100
+Subject: ubi: Fix out of bounds write in volume update code
+
+From: Richard Weinberger <richard@nod.at>
+
+commit e4f6daac20332448529b11f09388f1d55ef2084c upstream.
+
+ubi_start_leb_change() allocates too few bytes.
+ubi_more_leb_change_data() will write up to req->upd_bytes +
+ubi->min_io_size bytes.
+
+Signed-off-by: Richard Weinberger <richard@nod.at>
+Reviewed-by: Boris Brezillon <boris.brezillon@free-electrons.com>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ drivers/mtd/ubi/upd.c |    2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+--- a/drivers/mtd/ubi/upd.c
++++ b/drivers/mtd/ubi/upd.c
+@@ -193,7 +193,7 @@ int ubi_start_leb_change(struct ubi_devi
+ 	vol->changing_leb = 1;
+ 	vol->ch_lnum = req->lnum;
+ 
+-	vol->upd_buf = vmalloc(req->bytes);
++	vol->upd_buf = vmalloc(ALIGN((int)req->bytes, ubi->min_io_size));
+ 	if (!vol->upd_buf)
+ 		return -ENOMEM;
+ 
diff --git a/queue-3.14/usb-chipidea-otg-change-workqueue-ci_otg-as-freezable.patch b/queue-3.14/usb-chipidea-otg-change-workqueue-ci_otg-as-freezable.patch
new file mode 100644
index 00000000000..404e662ab40
--- /dev/null
+++ b/queue-3.14/usb-chipidea-otg-change-workqueue-ci_otg-as-freezable.patch
@@ -0,0 +1,144 @@
+From d144dfea8af7108f613139623e63952ed7e69c0c Mon Sep 17 00:00:00 2001
+From: Peter Chen <peter.chen@nxp.com>
+Date: Wed, 24 Feb 2016 11:05:25 +0800
+Subject: usb: chipidea: otg: change workqueue ci_otg as freezable
+
+From: Peter Chen <peter.chen@nxp.com>
+
+commit d144dfea8af7108f613139623e63952ed7e69c0c upstream.
+
+If we use USB ID pin as wakeup source, and there is a USB block
+device on this USB OTG (ID) cable, the system will be deadlock
+after system resume.
+
+The root cause for this problem is: the workqueue ci_otg may try
+to remove hcd before the driver resume has finished, and hcd will
+disconnect the device on it, then, it will call device_release_driver,
+and holds the device lock "dev->mutex", but it is never unlocked since
+it waits workqueue writeback to run to flush the block information, but
+the workqueue writeback is freezable, it is not thawed before driver
+resume has finished.
+
+When the driver (device: sd 0:0:0:0:) resume goes to dpm_complete, it
+tries to get its device lock "dev->mutex", but it can't get it forever,
+then the deadlock occurs. Below call stacks show the situation.
+
+So, in order to fix this problem, we need to change workqueue ci_otg
+as freezable, then the work item in this workqueue will be run after
+driver's resume, this workqueue will not be blocked forever like above
+case since the workqueue writeback has been thawed too.
+
+Tested at: i.mx6qdl-sabresd and i.mx6sx-sdb.
+
+[  555.178869] kworker/u2:13   D c07de74c     0   826      2 0x00000000
+[  555.185310] Workqueue: ci_otg ci_otg_work
+[  555.189353] Backtrace:
+[  555.191849] [<c07de4fc>] (__schedule) from [<c07dec6c>] (schedule+0x48/0xa0)
+[  555.198912]  r10:ee471ba0 r9:00000000 r8:00000000 r7:00000002 r6:ee470000 r5:ee471ba4
+[  555.206867]  r4:ee470000
+[  555.209453] [<c07dec24>] (schedule) from [<c07e2fc4>] (schedule_timeout+0x15c/0x1e0)
+[  555.217212]  r4:7fffffff r3:edc2b000
+[  555.220862] [<c07e2e68>] (schedule_timeout) from [<c07df6c8>] (wait_for_common+0x94/0x144)
+[  555.229140]  r8:00000000 r7:00000002 r6:ee470000 r5:ee471ba4 r4:7fffffff
+[  555.235980] [<c07df634>] (wait_for_common) from [<c07df790>] (wait_for_completion+0x18/0x1c)
+[  555.244430]  r10:00000001 r9:c0b5563c r8:c0042e48 r7:ef086000 r6:eea4372c r5:ef131b00
+[  555.252383]  r4:00000000
+[  555.254970] [<c07df778>] (wait_for_completion) from [<c0043cb8>] (flush_work+0x19c/0x234)
+[  555.263177] [<c0043b1c>] (flush_work) from [<c0043fac>] (flush_delayed_work+0x48/0x4c)
+[  555.271106]  r8:ed5b5000 r7:c0b38a3c r6:eea439cc r5:eea4372c r4:eea4372c
+[  555.277958] [<c0043f64>] (flush_delayed_work) from [<c00eae18>] (bdi_unregister+0x84/0xec)
+[  555.286236]  r4:eea43520 r3:20000153
+[  555.289885] [<c00ead94>] (bdi_unregister) from [<c02c2154>] (blk_cleanup_queue+0x180/0x29c)
+[  555.298250]  r5:eea43808 r4:eea43400
+[  555.301909] [<c02c1fd4>] (blk_cleanup_queue) from [<c0417914>] (__scsi_remove_device+0x48/0xb8)
+[  555.310623]  r7:00000000 r6:20000153 r5:ededa950 r4:ededa800
+[  555.316403] [<c04178cc>] (__scsi_remove_device) from [<c0415e90>] (scsi_forget_host+0x64/0x68)
+[  555.325028]  r5:ededa800 r4:ed5b5000
+[  555.328689] [<c0415e2c>] (scsi_forget_host) from [<c0409828>] (scsi_remove_host+0x78/0x104)
+[  555.337054]  r5:ed5b5068 r4:ed5b5000
+[  555.340709] [<c04097b0>] (scsi_remove_host) from [<c04cdfcc>] (usb_stor_disconnect+0x50/0xb4)
+[  555.349247]  r6:ed5b56e4 r5:ed5b5818 r4:ed5b5690 r3:00000008
+[  555.355025] [<c04cdf7c>] (usb_stor_disconnect) from [<c04b3bc8>] (usb_unbind_interface+0x78/0x25c)
+[  555.363997]  r8:c13919b4 r7:edd3c000 r6:edd3c020 r5:ee551c68 r4:ee551c00 r3:c04cdf7c
+[  555.371892] [<c04b3b50>] (usb_unbind_interface) from [<c03dc248>] (__device_release_driver+0x8c/0x118)
+[  555.381213]  r10:00000001 r9:edd90c00 r8:c13919b4 r7:ee551c68 r6:c0b546e0 r5:c0b5563c
+[  555.389167]  r4:edd3c020
+[  555.391752] [<c03dc1bc>] (__device_release_driver) from [<c03dc2fc>] (device_release_driver+0x28/0x34)
+[  555.401071]  r5:edd3c020 r4:edd3c054
+[  555.404721] [<c03dc2d4>] (device_release_driver) from [<c03db304>] (bus_remove_device+0xe0/0x110)
+[  555.413607]  r5:edd3c020 r4:ef17f04c
+[  555.417253] [<c03db224>] (bus_remove_device) from [<c03d8128>] (device_del+0x114/0x21c)
+[  555.425270]  r6:edd3c028 r5:edd3c020 r4:ee551c00 r3:00000000
+[  555.431045] [<c03d8014>] (device_del) from [<c04b1560>] (usb_disable_device+0xa4/0x1e8)
+[  555.439061]  r8:edd3c000 r7:eded8000 r6:00000000 r5:00000001 r4:ee551c00
+[  555.445906] [<c04b14bc>] (usb_disable_device) from [<c04a8e54>] (usb_disconnect+0x74/0x224)
+[  555.454271]  r9:edd90c00 r8:ee551000 r7:ee551c68 r6:ee551c9c r5:ee551c00 r4:00000001
+[  555.462156] [<c04a8de0>] (usb_disconnect) from [<c04a8fb8>] (usb_disconnect+0x1d8/0x224)
+[  555.470259]  r10:00000001 r9:edd90000 r8:ee471e2c r7:ee551468 r6:ee55149c r5:ee551400
+[  555.478213]  r4:00000001
+[  555.480797] [<c04a8de0>] (usb_disconnect) from [<c04ae5ec>] (usb_remove_hcd+0xa0/0x1ac)
+[  555.488813]  r10:00000001 r9:ee471eb0 r8:00000000 r7:ef3d9500 r6:eded810c r5:eded80b0
+[  555.496765]  r4:eded8000
+[  555.499351] [<c04ae54c>] (usb_remove_hcd) from [<c04d4158>] (host_stop+0x28/0x64)
+[  555.506847]  r6:eeb50010 r5:eded8000 r4:eeb51010
+[  555.511563] [<c04d4130>] (host_stop) from [<c04d09b8>] (ci_otg_work+0xc4/0x124)
+[  555.518885]  r6:00000001 r5:eeb50010 r4:eeb502a0 r3:c04d4130
+[  555.524665] [<c04d08f4>] (ci_otg_work) from [<c00454f0>] (process_one_work+0x194/0x420)
+[  555.532682]  r6:ef086000 r5:eeb502a0 r4:edc44480
+[  555.537393] [<c004535c>] (process_one_work) from [<c00457b0>] (worker_thread+0x34/0x514)
+[  555.545496]  r10:edc44480 r9:ef086000 r8:c0b1a100 r7:ef086034 r6:00000088 r5:edc44498
+[  555.553450]  r4:ef086000
+[  555.556032] [<c004577c>] (worker_thread) from [<c004bab4>] (kthread+0xdc/0xf8)
+[  555.563268]  r10:00000000 r9:00000000 r8:00000000 r7:c004577c r6:edc44480 r5:eddc15c0
+[  555.571221]  r4:00000000
+[  555.573804] [<c004b9d8>] (kthread) from [<c000fef0>] (ret_from_fork+0x14/0x24)
+[  555.581040]  r7:00000000 r6:00000000 r5:c004b9d8 r4:eddc15c0
+
+[  553.429383] sh              D c07de74c     0   694    691 0x00000000
+[  553.435801] Backtrace:
+[  553.438295] [<c07de4fc>] (__schedule) from [<c07dec6c>] (schedule+0x48/0xa0)
+[  553.445358]  r10:edd3c054 r9:edd3c078 r8:edddbd50 r7:edcbbc00 r6:c1377c34 r5:60000153
+[  553.453313]  r4:eddda000
+[  553.455896] [<c07dec24>] (schedule) from [<c07deff8>] (schedule_preempt_disabled+0x10/0x14)
+[  553.464261]  r4:edd3c058 r3:0000000a
+[  553.467910] [<c07defe8>] (schedule_preempt_disabled) from [<c07e0bbc>] (mutex_lock_nested+0x1a0/0x3e8)
+[  553.477254] [<c07e0a1c>] (mutex_lock_nested) from [<c03e927c>] (dpm_complete+0xc0/0x1b0)
+[  553.485358]  r10:00561408 r9:edd3c054 r8:c0b4863c r7:edddbd90 r6:c0b485d8 r5:edd3c020
+[  553.493313]  r4:edd3c0d0
+[  553.495896] [<c03e91bc>] (dpm_complete) from [<c03e9388>] (dpm_resume_end+0x1c/0x20)
+[  553.503652]  r9:00000000 r8:c0b1a9d0 r7:c1334ec0 r6:c1334edc r5:00000003 r4:00000010
+[  553.511544] [<c03e936c>] (dpm_resume_end) from [<c0079894>] (suspend_devices_and_enter+0x158/0x504)
+[  553.520604]  r4:00000000 r3:c1334efc
+[  553.524250] [<c007973c>] (suspend_devices_and_enter) from [<c0079e74>] (pm_suspend+0x234/0x2cc)
+[  553.532961]  r10:00561408 r9:ed6b7300 r8:00000004 r7:c1334eec r6:00000000 r5:c1334ee8
+[  553.540914]  r4:00000003
+[  553.543493] [<c0079c40>] (pm_suspend) from [<c0078a6c>] (state_store+0x6c/0xc0)
+
+[  555.703684] 7 locks held by kworker/u2:13/826:
+[  555.708140]  #0:  ("%s""ci_otg"){++++.+}, at: [<c0045484>] process_one_work+0x128/0x420
+[  555.716277]  #1:  ((&ci->work)){+.+.+.}, at: [<c0045484>] process_one_work+0x128/0x420
+[  555.724317]  #2:  (usb_bus_list_lock){+.+.+.}, at: [<c04ae5e4>] usb_remove_hcd+0x98/0x1ac
+[  555.732626]  #3:  (&dev->mutex){......}, at: [<c04a8e28>] usb_disconnect+0x48/0x224
+[  555.740403]  #4:  (&dev->mutex){......}, at: [<c04a8e28>] usb_disconnect+0x48/0x224
+[  555.748179]  #5:  (&dev->mutex){......}, at: [<c03dc2f4>] device_release_driver+0x20/0x34
+[  555.756487]  #6:  (&shost->scan_mutex){+.+.+.}, at: [<c04097d0>] scsi_remove_host+0x20/0x104
+
+Cc: Jun Li <jun.li@nxp.com>
+Signed-off-by: Peter Chen <peter.chen@nxp.com>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ drivers/usb/chipidea/otg.c |    2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+--- a/drivers/usb/chipidea/otg.c
++++ b/drivers/usb/chipidea/otg.c
+@@ -96,7 +96,7 @@ static void ci_otg_work(struct work_stru
+ int ci_hdrc_otg_init(struct ci_hdrc *ci)
+ {
+ 	INIT_WORK(&ci->work, ci_otg_work);
+-	ci->wq = create_singlethread_workqueue("ci_otg");
++	ci->wq = create_freezable_workqueue("ci_otg");
+ 	if (!ci->wq) {
+ 		dev_err(ci->dev, "can't create workqueue\n");
+ 		return -ENODEV;
diff --git a/queue-3.14/usb-cp210x-add-id-for-parrot-nmea-gps-flight-recorder.patch b/queue-3.14/usb-cp210x-add-id-for-parrot-nmea-gps-flight-recorder.patch
new file mode 100644
index 00000000000..f807e273b8a
--- /dev/null
+++ b/queue-3.14/usb-cp210x-add-id-for-parrot-nmea-gps-flight-recorder.patch
@@ -0,0 +1,34 @@
+From 3c4c615d70c8cbdc8ba8c79ed702640930652a79 Mon Sep 17 00:00:00 2001
+From: Vittorio Alfieri <vittorio88@gmail.com>
+Date: Sun, 28 Feb 2016 14:40:24 +0100
+Subject: USB: cp210x: Add ID for Parrot NMEA GPS Flight Recorder
+
+From: Vittorio Alfieri <vittorio88@gmail.com>
+
+commit 3c4c615d70c8cbdc8ba8c79ed702640930652a79 upstream.
+
+The Parrot NMEA GPS Flight Recorder is a USB composite device
+consisting of hub, flash storage, and cp210x usb to serial chip.
+It is an accessory to the mass-produced Parrot AR Drone 2.
+The device emits standard NMEA messages which make the it compatible
+with NMEA compatible software. It was tested using gpsd version 3.11-3
+as an NMEA interpreter and using the official Parrot Flight Recorder.
+
+Signed-off-by: Vittorio Alfieri <vittorio88@gmail.com>
+Signed-off-by: Johan Hovold <johan@kernel.org>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ drivers/usb/serial/cp210x.c |    1 +
+ 1 file changed, 1 insertion(+)
+
+--- a/drivers/usb/serial/cp210x.c
++++ b/drivers/usb/serial/cp210x.c
+@@ -164,6 +164,7 @@ static const struct usb_device_id id_tab
+ 	{ USB_DEVICE(0x18EF, 0xE025) }, /* ELV Marble Sound Board 1 */
+ 	{ USB_DEVICE(0x1901, 0x0190) }, /* GE B850 CP2105 Recorder interface */
+ 	{ USB_DEVICE(0x1901, 0x0193) }, /* GE B650 CP2104 PMC interface */
++	{ USB_DEVICE(0x19CF, 0x3000) }, /* Parrot NMEA GPS Flight Recorder */
+ 	{ USB_DEVICE(0x1ADB, 0x0001) }, /* Schweitzer Engineering C662 Cable */
+ 	{ USB_DEVICE(0x1B1C, 0x1C00) }, /* Corsair USB Dongle */
+ 	{ USB_DEVICE(0x1BA4, 0x0002) },	/* Silicon Labs 358x factory default */
diff --git a/queue-3.14/usb-serial-option-add-support-for-quectel-uc20.patch b/queue-3.14/usb-serial-option-add-support-for-quectel-uc20.patch
new file mode 100644
index 00000000000..c3fa8dcd573
--- /dev/null
+++ b/queue-3.14/usb-serial-option-add-support-for-quectel-uc20.patch
@@ -0,0 +1,31 @@
+From c0992d0f54847d0d1d85c60fcaa054f175ab1ccd Mon Sep 17 00:00:00 2001
+From: Yegor Yefremov <yegorslists@googlemail.com>
+Date: Mon, 29 Feb 2016 16:39:57 +0100
+Subject: USB: serial: option: add support for Quectel UC20
+
+From: Yegor Yefremov <yegorslists@googlemail.com>
+
+commit c0992d0f54847d0d1d85c60fcaa054f175ab1ccd upstream.
+
+Add support for Quectel UC20 and blacklist the QMI interface.
+
+Signed-off-by: Yegor Yefremov <yegorslists@googlemail.com>
+[johan: amend commit message ]
+Signed-off-by: Johan Hovold <johan@kernel.org>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ drivers/usb/serial/option.c |    2 ++
+ 1 file changed, 2 insertions(+)
+
+--- a/drivers/usb/serial/option.c
++++ b/drivers/usb/serial/option.c
+@@ -1141,6 +1141,8 @@ static const struct usb_device_id option
+ 	{ USB_DEVICE(QUALCOMM_VENDOR_ID, 0x6613)}, /* Onda H600/ZTE MF330 */
+ 	{ USB_DEVICE(QUALCOMM_VENDOR_ID, 0x0023)}, /* ONYX 3G device */
+ 	{ USB_DEVICE(QUALCOMM_VENDOR_ID, 0x9000)}, /* SIMCom SIM5218 */
++	{ USB_DEVICE(QUALCOMM_VENDOR_ID, 0x9003), /* Quectel UC20 */
++	  .driver_info = (kernel_ulong_t)&net_intf4_blacklist },
+ 	{ USB_DEVICE(CMOTECH_VENDOR_ID, CMOTECH_PRODUCT_6001) },
+ 	{ USB_DEVICE(CMOTECH_VENDOR_ID, CMOTECH_PRODUCT_CMU_300) },
+ 	{ USB_DEVICE(CMOTECH_VENDOR_ID, CMOTECH_PRODUCT_6003),
diff --git a/queue-3.14/usb-serial-option-add-support-for-telit-le922-pid-0x1045.patch b/queue-3.14/usb-serial-option-add-support-for-telit-le922-pid-0x1045.patch
new file mode 100644
index 00000000000..633a699b283
--- /dev/null
+++ b/queue-3.14/usb-serial-option-add-support-for-telit-le922-pid-0x1045.patch
@@ -0,0 +1,38 @@
+From 5deef5551c77e488922cc4bf4bc76df63be650d0 Mon Sep 17 00:00:00 2001
+From: Daniele Palmas <dnlplm@gmail.com>
+Date: Mon, 29 Feb 2016 15:36:11 +0100
+Subject: USB: serial: option: add support for Telit LE922 PID 0x1045
+
+From: Daniele Palmas <dnlplm@gmail.com>
+
+commit 5deef5551c77e488922cc4bf4bc76df63be650d0 upstream.
+
+This patch adds support for 0x1045 PID of Telit LE922.
+
+Signed-off-by: Daniele Palmas <dnlplm@gmail.com>
+Signed-off-by: Johan Hovold <johan@kernel.org>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ drivers/usb/serial/option.c |    3 +++
+ 1 file changed, 3 insertions(+)
+
+--- a/drivers/usb/serial/option.c
++++ b/drivers/usb/serial/option.c
+@@ -271,6 +271,7 @@ static void option_instat_callback(struc
+ #define TELIT_PRODUCT_UE910_V2			0x1012
+ #define TELIT_PRODUCT_LE922_USBCFG0		0x1042
+ #define TELIT_PRODUCT_LE922_USBCFG3		0x1043
++#define TELIT_PRODUCT_LE922_USBCFG5		0x1045
+ #define TELIT_PRODUCT_LE920			0x1200
+ #define TELIT_PRODUCT_LE910			0x1201
+ 
+@@ -1191,6 +1192,8 @@ static const struct usb_device_id option
+ 		.driver_info = (kernel_ulong_t)&telit_le922_blacklist_usbcfg0 },
+ 	{ USB_DEVICE(TELIT_VENDOR_ID, TELIT_PRODUCT_LE922_USBCFG3),
+ 		.driver_info = (kernel_ulong_t)&telit_le922_blacklist_usbcfg3 },
++	{ USB_DEVICE_INTERFACE_CLASS(TELIT_VENDOR_ID, TELIT_PRODUCT_LE922_USBCFG5, 0xff),
++		.driver_info = (kernel_ulong_t)&telit_le922_blacklist_usbcfg0 },
+ 	{ USB_DEVICE(TELIT_VENDOR_ID, TELIT_PRODUCT_LE910),
+ 		.driver_info = (kernel_ulong_t)&telit_le910_blacklist },
+ 	{ USB_DEVICE(TELIT_VENDOR_ID, TELIT_PRODUCT_LE920),