This short-circuit path in sysret_signal looks wrong to me.
AFAICT, in practice the branch is never taken--and if it were,
it would go wrong.  To wit, try loading a module whose init
function does set_thread_flag(TIF_IRET), and see insmod crash
(presumably with a wrong user stack pointer).

This is because the FIXUP_TOP_OF_STACK work hasn't been done yet
when we jump around the call to ptregscall_common and get to
int_with_check--where it expects the user RSP,SS,CS and EFLAGS to
have been stored by FIXUP_TOP_OF_STACK.

I don't think it's normally possible to get to sysret_signal with no
_TIF_DO_NOTIFY_MASK bits set anyway, so these two instructions are
already superfluous.  If it ever did happen, it is harmless to call
do_notify_resume with nothing for it to do.
Signed-off-by: Roland McGrath <roland@redhat.com>

* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/drzeus/mmc:
  sdhci: highmem capable PIO routines
  sg: reimplement sg mapping iterator
  mmc_test: print message when attaching to card
  mmc: Remove Russell as primecell mci maintainer
  mmc_block: bounce buffer highmem support
  sdhci: fix bad warning from commit c8b3e02e
  sdhci: add warnings for bad buffers in ADMA path
  mmc_test: test oversized sg lists
  mmc_test: highmem tests
  s3cmci: ensure host stopped on machine shutdown
  au1xmmc: suspend/resume implementation
  s3cmci: fixes for section mismatch warnings
  pxamci: trivial fix of DMA alignment register bit clearing

* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/djbw/async_tx: (24 commits)
  I/OAT: I/OAT version 3.0 support
  I/OAT: tcp_dma_copybreak default value dependent on I/OAT version
  I/OAT: Add watchdog/reset functionality to ioatdma
  iop_adma: cleanup iop_chan_xor_slot_count
  iop_adma: document how to calculate the minimum descriptor pool size
  iop_adma: directly reclaim descriptors on allocation failure
  async_tx: make async_tx_test_ack a boolean routine
  async_tx: remove depend_tx from async_tx_sync_epilog
  async_tx: export async_tx_quiesce
  async_tx: fix handling of the "out of descriptor" condition in async_xor
  async_tx: ensure the xor destination buffer remains dma-mapped
  async_tx: list_for_each_entry_rcu() cleanup
  dmaengine: Driver for the Synopsys DesignWare DMA controller
  dmaengine: Add slave DMA interface
  dmaengine: add DMA_COMPL_SKIP_{SRC,DEST}_UNMAP flags to control dma unmap
  dmaengine: Add dma_client parameter to device_alloc_chan_resources
  dmatest: Simple DMA memcpy test client
  dmaengine: DMA engine driver for Marvell XOR engine
  iop-adma: fix platform driver hotplug/coldplug
  dmaengine: track the number of clients using a channel
  ...

Fixed up conflict in drivers/dca/dca-sysfs.c manually

* 'for_linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jwessel/linux-2.6-kgdb:
  kgdb: kgdboc console poll hooks for mpsc uart
  kgdb: kgdboc console poll hooks for cpm uart
  kgdb, powerpc: arch specific powerpc kgdb support
  kgdb: support for ARCH=arm
  kgdb: remove unused HAVE_ARCH_KGDB_SHADOW_INFO config variable

* git://git.kernel.org/pub/scm/linux/kernel/git/bart/ide-2.6: (60 commits)
  ide: small whitespace fixes
  ide: ide-cd_ioctl.c fix sparse integer as NULL pointer warnings
  ide: ide-cd.c fix sparse endianness warnings
  ide-cd: convert to using the new atapi_flags
  ide: remove unused PC_FLAG_DRQ_INTERRUPT
  ide-scsi: convert to using the new atapi_flags
  ide-tape: convert to using the new atapi_flags
  ide-floppy: convert to using the new atapi_flags (take 2)
  ide: add per-device flags
  ide: use rq->cmd instead of pc->c in atapi common code
  ide-scsi: pass packet command in rq->cmd
  ide-tape: pass packet command in rq->cmd
  ide-tape: make room for packet command ids in rq->cmd
  ide-floppy: pass packet command in rq->cmd
  ide: remove pc->callback member from ide_atapi_pc
  ide-scsi: use drive->pc_callback instead of pc->callback
  ide-tape: use drive->pc_callback instead of pc->callback
  ide-floppy: use drive->pc_callback instead of pc->callback
  ide: push pc callback pointer into the ide_drive_t structure
  drivers/ide/ide-tape.c: remove double kfree
  ...

Small whitespace fixes for drivers/ide.
Signed-off-by: Pavel Machek <pavel@suse.cz>
Signed-off-by: Bartlomiej Zolnierkiewicz <bzolnier@gmail.com>

The function ide_cd_queue_pc should be checked as the bufflen arg is
dereferenced and lots of callers are passing in NULL.

drivers/ide/ide-cd_ioctl.c:124:46: warning: Using plain integer as NULL pointer
drivers/ide/ide-cd_ioctl.c:149:47: warning: Using plain integer as NULL pointer
drivers/ide/ide-cd_ioctl.c:231:46: warning: Using plain integer as NULL pointer
drivers/ide/ide-cd_ioctl.c:374:46: warning: Using plain integer as NULL pointer
Signed-off-by: Harvey Harrison <harvey.harrison@gmail.com>
Cc: Andrew Morton <akpm@linux-foundation.org>
Acked-by: Borislav Petkov <petkovbb@gmail.com>
Signed-off-by: Bartlomiej Zolnierkiewicz <bzolnier@gmail.com>

drivers/ide/ide-cd.c:1276:46: warning: Using plain integer as NULL pointer
drivers/ide/ide-cd.c:1298:19: warning: cast to restricted __be32
drivers/ide/ide-cd.c:1300:4: warning: cast to restricted __be32
drivers/ide/ide-cd.c:1522:14: warning: cast to restricted __le16
drivers/ide/ide-cd.c:1523:14: warning: cast to restricted __le16
drivers/ide/ide-cd.c:1525:14: warning: cast to restricted __be16
drivers/ide/ide-cd.c:1526:14: warning: cast to restricted __be16
drivers/ide/ide-cd.c:1667:37: warning: cast to restricted __be16
Signed-off-by: Harvey Harrison <harvey.harrison@gmail.com>
Cc: Andrew Morton <akpm@linux-foundation.org>
Acked-off-by: Borislav Petkov <petkovbb@gmail.com>
Signed-off-by: Bartlomiej Zolnierkiewicz <bzolnier@gmail.com>

There should be no functionality change resulting from this patch.

[bart: IDE_FLAG_* -> IDE_AFLAG_*, dev_flags -> atapi_flags]
Signed-off-by: Borislav Petkov <petkovbb@gmail.com>
Signed-off-by: Bartlomiej Zolnierkiewicz <bzolnier@gmail.com>

There should be no functionality change resulting from this patch.
Signed-off-by: Borislav Petkov <petkovbb@gmail.com>
Signed-off-by: Bartlomiej Zolnierkiewicz <bzolnier@gmail.com>

Remove unused IDESCSI_PC_RQ while at it.

There should be no functionality change resulting from this patch.

[bart: IDE_FLAG_* -> IDE_AFLAG_*, dev_flags -> atapi_flags]
Signed-off-by: Borislav Petkov <petkovbb@gmail.com>
Signed-off-by: Bartlomiej Zolnierkiewicz <bzolnier@gmail.com>

There should be no functionality change resulting from this patch.

[bart: IDE_FLAG_* -> IDE_AFLAG_*, dev_flags -> atapi_flags]
Signed-off-by: Borislav Petkov <petkovbb@gmail.com>
Signed-off-by: Bartlomiej Zolnierkiewicz <bzolnier@gmail.com>

while at it, remove PC_FLAG_ZIP_DRIVE from the packed command flags altogether
and query the drive type through drive->atapi_flags.

v2:
ide-floppy fix.

There should be no functionality change resulting from this patch.

[bart: IDE_FLAG_* -> IDE_AFLAG_*, dev_flags -> atapi_flags]
Signed-off-by: Borislav Petkov <petkovbb@gmail.com>
Signed-off-by: Bartlomiej Zolnierkiewicz <bzolnier@gmail.com>

Push device flags up into ide_drive_t.

There should be no functionality change resulting from this patch.

[bart: IDE_FLAG_* -> IDE_AFLAG_*, dev_flags -> atapi_flags]
Signed-off-by: Borislav Petkov <petkovbb@gmail.com>
Signed-off-by: Bartlomiej Zolnierkiewicz <bzolnier@gmail.com>

There should be no functionality change resulting from this patch.

[bart: s/HWGROUP(drive)/hwif->hwgroup/]
Signed-off-by: Borislav Petkov <petkovbb@gmail.com>
Signed-off-by: Bartlomiej Zolnierkiewicz <bzolnier@gmail.com>

Make a redundant copy of the packet command bits into rq->cmd.
Later, after all drivers have been converted, it'll be
switched to use that in the common code instead of pc->c.

There should be no functionality change resulting from this patch.
Signed-off-by: Borislav Petkov <petkovbb@gmail.com>
Signed-off-by: Bartlomiej Zolnierkiewicz <bzolnier@gmail.com>

Make a redundant copy of the packet command bits into rq->cmd. Later, after
all drivers have been converted, it'll be switched to use that in the
common code instead of pc->c. While at it, simplify ide_tape_create_rw_cmd.

There should be no functionality change resulting from this patch.
Signed-off-by: Borislav Petkov <petkovbb@gmail.com>
Signed-off-by: Bartlomiej Zolnierkiewicz <bzolnier@gmail.com>

ide-tape uses rq->cmd for special commands from the chrdev interface so move
those to byte 13 (BLK_MAX_CDB = 16) since a packet cmd is max 12 bytes.

There should be no functionality change resulting from this patch.
Signed-off-by: Borislav Petkov <petkovbb@gmail.com>
Signed-off-by: Bartlomiej Zolnierkiewicz <bzolnier@gmail.com>

Make a redundant copy of the packet command bits into rq->cmd.
Later, after all drivers have been converted, it'll be
switched to use that in the common code instead of pc->c.

There should be no functionality change resulting from this patch.
Signed-off-by: Borislav Petkov <petkovbb@gmail.com>
Signed-off-by: Bartlomiej Zolnierkiewicz <bzolnier@gmail.com>

There should be no functionality change resulting from this patch.
Signed-off-by: Borislav Petkov <petkovbb@gmail.com>
Signed-off-by: Bartlomiej Zolnierkiewicz <bzolnier@gmail.com>

There should be no functionality change resulting from this patch.
Signed-off-by: Borislav Petkov <petkovbb@gmail.com>
Signed-off-by: Bartlomiej Zolnierkiewicz <bzolnier@gmail.com>

The if-else block in the IRQ handler is only temporary so that bisect searches
don't break and it'll be removed after converting the remainder of the drivers.

There should be no functionality change resulting from this patch.
Signed-off-by: Borislav Petkov <petkovbb@gmail.com>
Signed-off-by: Bartlomiej Zolnierkiewicz <bzolnier@gmail.com>

It is important that drive->pc_callback is set prior to enabling IRQs on the
device since this is called from the IRQ handler. Otherwise it hurts as I learnt
the hard way from the several "Kernel panic - not synching: Fatal exception in
interrupt" during the weekend :).

The if-else block in the IRQ handler is only temporary so that bisect searches
don't break and it'll be removed after converting the remainder of the drivers.

There should be no functionality change resulting from this patch.
Signed-off-by: Borislav Petkov <petkovbb@gmail.com>
Signed-off-by: Bartlomiej Zolnierkiewicz <bzolnier@gmail.com>

Refrain from carrying the callback ptr with every packet command since the
callback function is only one anyways. ide_drive_t is probably not the most
suitable place for it right now but is the more sane solution. Besides, these
structs are going to be reorganized anyways during the generic ide rewrite.
Signed-off-by: Borislav Petkov <petkovbb@gmail.com>
Signed-off-by: Bartlomiej Zolnierkiewicz <bzolnier@gmail.com>

Coverity CID: 2336 USE_AFTER_FREE

drivers/ide/ide-tape.c ide_tape_kfree_buffer() double free's a pointer
(hint freed by an alias in first outer loop).

This patch simply removes the superfluous kfree().
Signed-off-by: Darren Jenkins <darrenrjenkins@gmailcom>
Acked-by: Borislav Petkov <petkovbb@gmail.com>
Cc: gadio@netvision.net.il
Signed-off-by: Bartlomiej Zolnierkiewicz <bzolnier@gmail.com>

* Add ide_host_free() helper and convert ide_host_remove() to use it.

* Fix handling of ide_host_register() failure in ide_host_add(),
  icside.c, ide-generic.c, falconide.c and sgiioc4.c.

While at it:

* Fix handling of ide_host_alloc_all() failure in ide-generic.c.

* Fix handling of ide_host_alloc() failure in falconide.c
  (also return the correct error value if no device is found).

v2:
* falconide build fix. (From Stephen Rothwell)
Signed-off-by: Bartlomiej Zolnierkiewicz <bzolnier@gmail.com>

* Allocate ide_hwif_t instances dynamically and remove ide_hwifs[].

  This cuts almost ~14kB from ide-probe.o (x86-32, MAX_HWIFS == 10):

   text    data     bss     dec     hex filename
   9140      40   14084   23264    5ae0 drivers/ide/ide-probe.o.before
   9169      40      44    9253    2425 drivers/ide/ide-probe.o.after

* Remove no longer needed ide_init_port_data() call from ide_unregister().
Signed-off-by: Bartlomiej Zolnierkiewicz <bzolnier@gmail.com>

* Add ide_ports[] table keeping pointers to all initialized ports.

* Set ide_ports[] entry for a given port in init_irq() and clear it
  ide_remove_port_from_hwgroup().

* Convert init_irq() to use ide_ports[] instead of ide_hwifs[] for
  grouping ports into hwgroup.
Signed-off-by: Bartlomiej Zolnierkiewicz <bzolnier@gmail.com>

Signed-off-by: Bartlomiej Zolnierkiewicz <bzolnier@gmail.com>

* Make ide_find_port_slot() return port slot index.

* Add ide_free_port_slot() helper.

* Move ide_init_port_data() call and error printk() from
  ide_find_port_slot() to ide_host_alloc_all().

* Make ide_{find,free}_port_slot() take ide_cfg_mtx mutex
  and convert them use ide_indexes bitmap to keep track of
  reserved port slots.

* Don't set hwif->chipset in ide_host_alloc_all() as it is
  no longer necessary.

v2:
* Pass the correct slot index to ide_init_port_data().
Signed-off-by: Bartlomiej Zolnierkiewicz <bzolnier@gmail.com>

Fix ide_host_register() to fail only if all ports cannot be registered.

While at it:

* Use host->ports[] instead of ide_hwifs[] and remove idx[].

There should be no functional changes caused by this patch.
Signed-off-by: Bartlomiej Zolnierkiewicz <bzolnier@gmail.com>

Add ide_host_add() helper which does ide_host_alloc()+ide_host_register(),
then convert ide_setup_pci_device[s](), ide_legacy_device_add() and some
host drivers to use it.

While at it:

* Fix ide_setup_pci_device[s](), ide_arm.c, gayle.c, ide-4drives.c,
  macide.c, q40ide.c, cmd640.c and cs5520.c to return correct error value.

* -ENOENT -> -ENOMEM in rapide.c, ide-h8300.c, ide-generic.c, au1xxx-ide.c
  and pmac.c

* -ENODEV -> -ENOMEM in palm_bk3710.c, ide_platform.c and delkin_cb.c

* -1 -> -ENOMEM in ide-pnp.c
Signed-off-by: Bartlomiej Zolnierkiewicz <bzolnier@gmail.com>

* Add struct ide_host which keeps pointers to host's ports.

* Add ide_host_alloc[_all]() and ide_host_remove() helpers.

* Pass 'struct ide_host *host' instead of 'u8 *idx' to
  ide_device_add[_all]() and rename it to ide_host_register[_all]().

* Convert host drivers and core code to use struct ide_host.

* Remove no longer needed ide_find_port().

* Make ide_find_port_slot() static.

* Unexport ide_unregister().

v2:
* Add missing 'struct ide_host *host' to macide.c.

v3:
* Fix build problem in pmac.c (s/ide_alloc_host/ide_host_alloc/)
  (Noticed by Stephen Rothwell).
Signed-off-by: Bartlomiej Zolnierkiewicz <bzolnier@gmail.com>

* Add struct ide_tp_ops for transport methods.

* Add 'const struct ide_tp_ops *tp_ops' to struct ide_port_info
  and ide_hwif_t.

* Set the default hwif->tp_ops in ide_init_port_data().

* Set host driver specific hwif->tp_ops in ide_init_port().

* Export ide_exec_command(), ide_read_status(), ide_read_altstatus(),
  ide_read_sff_dma_status(), ide_set_irq(), ide_tf_{load,read}()
  and ata_{in,out}put_data().

* Convert host drivers and core code to use struct ide_tp_ops.

* Remove no longer needed default_hwif_transport().

* Cleanup ide_hwif_t from methods that are now in struct ide_tp_ops.

While at it:

* Use struct ide_port_info in falconide.c and q40ide.c.

* Rename ata_{in,out}put_data() to ide_{in,out}put_data().

v2:

* Fix missing convertion in ns87415.c.

There should be no functional changes caused by this patch.
Signed-off-by: Bartlomiej Zolnierkiewicz <bzolnier@gmail.com>

Add 'config' field to hw_regs_t and use it to set hwif->config_data in
ide_init_port_hw(), then convert ide_legacy_init_one() to use hw->config.

There should be no functional changes caused by this patch.
Signed-off-by: Bartlomiej Zolnierkiewicz <bzolnier@gmail.com>

* Don't skip probing IDE port if the corresponding ide_hwifs[] slot
  is already occupied.

* Remove duplicate idx[i] assignment.
Signed-off-by: Bartlomiej Zolnierkiewicz <bzolnier@gmail.com>

* Reserve memory resources for all IDE ports at once by moving
  request_mem_region() out of 'for ()' loop and always defining
  GAYLE_IDEREG_SIZE to 0x2000.

* Keep memory resources even if no free IDE slots can be found
  (this driver is unloadable currently).

Cc: Geert Uytterhoeven <geert@linux-m68k.org>
Signed-off-by: Bartlomiej Zolnierkiewicz <bzolnier@gmail.com>

* Filter out "default" transfer mode values (0x00 - default PIO mode,
  0x01 - default PIO mode w/ IORDY disabled) in write handler for obsoleted
  /proc/ide/hd?/settings:current_speed setting.

  Allowing "default" transfer mode values is a dangerous thing to do as
  we don't support programming controller to the "default" transfer mode
  and devices often use different values for the default and maximum PIO
  mode (i.e. PIO2 default and PIO4 maximum) so the controller will stay
  programmed for higher PIO mode while device will use the lower PIO mode.

  There is no functionality loss as by using special IOCTLs device can
  still be programmed to "default" transfer modes (it is only useful for
  debugging/testing purposes anyway).

* Remove no longer needed IDE_HFLAG_ABUSE_SET_DMA_MODE host flag, it was
  previously used by few host drivers to program the controller to PIO0
  timings for "default" transfer mode == 0x01 (although some host drivers
  would program invalid PIO timings instead).

* Cleanup ide_set_xfer_rate() and add BUG_ON().
Suggested-by: Sergei Shtylyov <sshtylyov@ru.mvista.com>
Signed-off-by: Bartlomiej Zolnierkiewicz <bzolnier@gmail.com>

Filter out invalid transfer mode values (0x02-0x07) in write handler
for obsoleted /proc/ide/hd?/settings:current_speed setting.

While at it:

* Use XFER_UDMA_6 define.
Suggested-by: Sergei Shtylyov <sshtylyov@ru.mvista.com>
Signed-off-by: Bartlomiej Zolnierkiewicz <bzolnier@gmail.com>

Lets remove dead Virtual DMA support for now so it doesn't clutter
core IDE code (it can be bring back when there is a need for it):

* Remove IDE_HFLAG_VDMA host flag.

* Remove ide_drive_t.vdma flag.

* cs5520.c: remove stale FIXMEs, cs5520_dma_host_set() and cs5520_dma_ops
  (also there is no longer a need to set IDE_HFLAG_NO_ATAPI_DMA).

There should be no functional changes caused by this patch.

Cc: TAKADA Yoshihito <takada@mbf.nifty.com>
Signed-off-by: Bartlomiej Zolnierkiewicz <bzolnier@gmail.com>