The locking policy is such that the erase_complete_block spinlock is
nested within the alloc_sem mutex.  This fixes a case in which the
acquisition order was erroneously reversed.  This issue was caught by
the following lockdep splat:

   =======================================================
   [ INFO: possible circular locking dependency detected ]
   3.0.5 #1
   -------------------------------------------------------
   jffs2_gcd_mtd6/299 is trying to acquire lock:
    (&c->alloc_sem){+.+.+.}, at: [<c01f7714>] jffs2_garbage_collect_pass+0x314/0x890

   but task is already holding lock:
    (&(&c->erase_completion_lock)->rlock){+.+...}, at: [<c01f7708>] jffs2_garbage_collect_pass+0x308/0x890

   which lock already depends on the new lock.

   the existing dependency chain (in reverse order) is:

   -> #1 (&(&c->erase_completion_lock)->rlock){+.+...}:
          [<c008bec4>] validate_chain+0xe6c/0x10bc
          [<c008c660>] __lock_acquire+0x54c/0xba4
          [<c008d240>] lock_acquire+0xa4/0x114
          [<c046780c>] _raw_spin_lock+0x3c/0x4c
          [<c01f744c>] jffs2_garbage_collect_pass+0x4c/0x890
          [<c01f937c>] jffs2_garbage_collect_thread+0x1b4/0x1cc
          [<c0071a68>] kthread+0x98/0xa0
          [<c000f264>] kernel_thread_exit+0x0/0x8

   -> #0 (&c->alloc_sem){+.+.+.}:
          [<c008ad2c>] print_circular_bug+0x70/0x2c4
          [<c008c08c>] validate_chain+0x1034/0x10bc
          [<c008c660>] __lock_acquire+0x54c/0xba4
          [<c008d240>] lock_acquire+0xa4/0x114
          [<c0466628>] mutex_lock_nested+0x74/0x33c
          [<c01f7714>] jffs2_garbage_collect_pass+0x314/0x890
          [<c01f937c>] jffs2_garbage_collect_thread+0x1b4/0x1cc
          [<c0071a68>] kthread+0x98/0xa0
          [<c000f264>] kernel_thread_exit+0x0/0x8

   other info that might help us debug this:

    Possible unsafe locking scenario:

          CPU0                    CPU1
          ----                    ----
     lock(&(&c->erase_completion_lock)->rlock);
                                  lock(&c->alloc_sem);
                                  lock(&(&c->erase_completion_lock)->rlock);
     lock(&c->alloc_sem);

    *** DEADLOCK ***

   1 lock held by jffs2_gcd_mtd6/299:
    #0:  (&(&c->erase_completion_lock)->rlock){+.+...}, at: [<c01f7708>] jffs2_garbage_collect_pass+0x308/0x890

   stack backtrace:
   [<c00155dc>] (unwind_backtrace+0x0/0x100) from [<c0463dc0>] (dump_stack+0x20/0x24)
   [<c0463dc0>] (dump_stack+0x20/0x24) from [<c008ae84>] (print_circular_bug+0x1c8/0x2c4)
   [<c008ae84>] (print_circular_bug+0x1c8/0x2c4) from [<c008c08c>] (validate_chain+0x1034/0x10bc)
   [<c008c08c>] (validate_chain+0x1034/0x10bc) from [<c008c660>] (__lock_acquire+0x54c/0xba4)
   [<c008c660>] (__lock_acquire+0x54c/0xba4) from [<c008d240>] (lock_acquire+0xa4/0x114)
   [<c008d240>] (lock_acquire+0xa4/0x114) from [<c0466628>] (mutex_lock_nested+0x74/0x33c)
   [<c0466628>] (mutex_lock_nested+0x74/0x33c) from [<c01f7714>] (jffs2_garbage_collect_pass+0x314/0x890)
   [<c01f7714>] (jffs2_garbage_collect_pass+0x314/0x890) from [<c01f937c>] (jffs2_garbage_collect_thread+0x1b4/0x1cc)
   [<c01f937c>] (jffs2_garbage_collect_thread+0x1b4/0x1cc) from [<c0071a68>] (kthread+0x98/0xa0)
   [<c0071a68>] (kthread+0x98/0xa0) from [<c000f264>] (kernel_thread_exit+0x0/0x8)

This was introduce in '81cfc9f1 jffs2: Fix serious write stall due to erase'.

Cc: stable@kernel.org [2.6.37+]
Signed-off-by: Josh Cartwright <joshc@linux.com>
Signed-off-by: Artem Bityutskiy <artem.bityutskiy@linux.intel.com>
Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

I'm seeing an oops in mtd_dataflash.c with Linux 3.3. What appears to
be happening is that otp_select_filemode calls mtd_read_fact_prot_reg
with -1 for offset and length and a NULL buffer to test if OTP
operations are supported. This finds its way down to otp_read in
mtd_dataflash.c and causes an oops when memcpying the returned data
into the NULL buf.

None of the checks in otp_read catches the negative length and offset.
Changing the length of the dummy read to 0 prevents the oops.

Cc: stable@kernel.org [3.3+]
Signed-off-by: Artem Bityutskiy <artem.bityutskiy@linux.intel.com>
Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

Otherwise cpu_active_mask will not set, which lead to other issue.
Signed-off-by: Yong Zhang <yong.zhang0@gmail.com>
Signed-off-by: Konrad Eisele <konrad@gaisler.com>
Reviewed-by: Srivatsa S. Bhat <srivatsa.bhat@linux.vnet.ibm.com>
Signed-off-by: David S. Miller <davem@davemloft.net>

Pull "ARM: SoC fixes" from Olof Johansson:
 * at91, ux500, imx, omap and bcmring:
  - at91 fixes for =m driver build issues, irqdomain fixes and config
    dependency fixes
  - ux500 kconfig dependency fixes and a  smp wakeup bugfix
  - imx idle bugfix and build fix due to irq domain changes
  - omap uart pinmux fixes, softreset regression revert and misc fixes
  - bcmring build error regression fix

 * ux500 and imx had some small defconfig updates in this branch

* tag 'fixes-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/arm/arm-soc: (27 commits)
  ARM: bcmring: fix UART declarations
  ARM: imx: Fix imx5 idle logic bug
  ARM: imx27-dt: Fix build due to removal of irq_domain_add_simple()
  ARM: imx_v4_v5_defconfig: Add support for CONFIG_REGULATOR_FIXED_VOLTAGE
  ARM: OMAP1: DMTIMER: fix broken timer clock source selection
  ARM: OMAP: serial: Fix the ocp smart idlemode handling bug
  ARM: OMAP2+: UART: Fix incorrect population of default uart pads
  ARM: OMAP: sram: fix BUG in dpll code for !PM case
  dmaengine: Kconfig: fix Atmel at_hdmac entry
  USB: gadget/at91_udc: add gpio_to_irq() function to vbus interrupt
  USB: ohci-at91: change annotations for probe/remove functions
  leds-atmel-pwm.c: Make pwmled_probe() __devinit
  ARM: at91: fix at91sam9261ek Ethernet dm9000 irq
  ARM: at91: fix rm9200ek flash size
  ARM: at91: remove empty at91_init_serial function
  ARM: at91: fix typo in at91_pmc_base assembly declaration
  ARM: at91: Export at91_matrix_base
  ARM: at91: Export at91_pmc_base
  ARM: at91: Export at91_ramc_base
  ARM: at91: Export at91_st_base
  ...

Pull MMC fixes from Chris Ball:
 - Build fix for omap_hsmmc with OF against 3.4-rc1.
 - Fix CONFIG_MMC_UNSAFE_RESUME semantics regression against 3.3, which
   broke hotplug card detection when UNSAFE_RESUME is set.
 - Fix a race condition in omap_hsmmc with runtime PM.
 - Fix two libertas SDIO-powered-resume regressions.
 - Small fixes for discard/sanitize, dw_mmc, cd-gpio and esdhc-imx.

* tag 'mmc-fixes-for-3.4-rc4' of git://git.kernel.org/pub/scm/linux/kernel/git/cjb/mmc:
  mmc: core: Do not pre-claim host in suspend
  mmc: dw_mmc: prevent NULL dereference for dma_ops
  mmc: unbreak sdhci-esdhc-imx on i.MX25
  mmc: cd-gpio: Include header to pickup exported symbol prototypes
  mmc: sdhci: refine non-removable card checking for card detection
  mmc: dw_mmc: Fix switch from DMA to PIO
  mmc: remove MMC bus legacy suspend/resume method
  mmc: omap_hsmmc: Get rid of of_have_populated_dt() usage
  mmc: omap_hsmmc: build fix for CONFIG_OF=y and CONFIG_MMC_OMAP_HS=m
  mmc: fixes for eMMC v4.5 sanitize operation
  mmc: fixes for eMMC v4.5 discard operation

Pull media fixes from Mauro Carvalho Chehab:
 - Fixes a regression at DVB core when switching from DVB-S2 to DVB-S on
   Kaffeine (Fedora 16 Bugzilla #812895);
 - Fixes a mutex unlock at an error condition at drx-k;
 - Fix winbond-cir set mode;
 - mt9m032: Fix a compilation breakage with some random Kconfig;
 - mt9m032: fix two dead locks;
 - xc5000: don't require an special firmware (that won't be provided by
   the vendor) just because the xtal frequency is different;
 - V4L DocBook: fix some typos at multi-plane formats description.

* 'v4l_for_linus' of git://git.kernel.org/pub/scm/linux/kernel/git/mchehab/linux-media:
  [media] xc5000: support 32MHz & 31.875MHz xtal using the 41.024.5 firmware
  [media] V4L: mt9m032: fix compilation breakage
  [media] V4L: DocBook: Fix typos in the multi-plane formats description
  [media] V4L: mt9m032: fix two dead-locks
  [media] rc-core: set mode for winbond-cir
  [media] drxk: Does not unlock mutex if sanity check failed in scu_command()
  [media] dvb_frontend: Fix a regression when switching back to DVB-S

Pull MFD fixes from Samuel Ortiz:
 "We have 3 build fixes, a OMAP USB host PHY reset fix and the twl6040
  conversion to an i2c driver.  The latter may not sound like a fix but
  the twl6040 MFD driver won't probe without it, triggering an OMAP4
  audio regression."

* tag 'mfd-for-linus-3.4' of git://git.kernel.org/pub/scm/linux/kernel/git/sameo/mfd-2.6:
  mfd: Fix modular builds of rc5t583 regulator support
  mfd: Fix asic3_gpio_to_irq
  ARM: OMAP3: USB: Fix the EHCI ULPI PHY reset issue
  mfd: Convert twl6040 to i2c driver, and separate it from twl core
  mfd : Fix dbx500 compilation error

it's always current->mm
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>

pfm_vm_munmap() is simply vm_munmap() and pfm_remove_smpl_mapping()
always get current as the first argument.
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>

... since exit_mmap() is coming and it will munmap() everything anyway.
In all other cases aio_free_ring() has ctx->mm == current->mm; moreover,
all other callers of vm_munmap() have mm == current->mm, so this will
allow us to get rid of mm argument of vm_munmap().
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>

Since SDIO drivers may want to do some SDIO operations in their suspend
callback functions, we must not keep the host claimed when calling them.

Daniel Drake reported that libertas_sdio encountered a deadlock in its
suspend function.
Signed-off-by: Ulf Hansson <ulf.hansson@stericsson.com>
Tested-by: Daniel Drake <dsd@laptop.org>
[stable@: please apply to 3.2-stable and 3.3-stable]
Cc: stable <stable@vger.kernel.org>
Signed-off-by: Chris Ball <cjb@laptop.org>

Now, dma_ops is assumed that use the IDMAC.  But if dma_ops is assigned
the pdata->dma_ops, we didn't ensure that callback function is defined.

If the callback isn't defined, then we should run in PIO mode.
Signed-off-by: Jaehoon Chung <jh80.chung@samsung.com>
Signed-off-by: Kyungmin Park <kyungmin.park@samsung.com>
Acked-by: Will Newton <will.newton@imgtec.com>
Signed-off-by: Chris Ball <cjb@laptop.org>

This was broken by me in 37865fe9
("mmc: sdhci-esdhc-imx: fix timeout on i.MX's sdhci") where more
extensive tests would have shown that read or write of data to the
card were failing (even if the partition table was correctly read).
Signed-off-by: Eric Bénard <eric@eukrea.com>
Acked-by: Wolfram Sang <w.sang@pengutronix.de>
Cc: stable <stable@vger.kernel.org>
Signed-off-by: Chris Ball <cjb@laptop.org>

Include the linux/mmc/cd-gpio.h header to pickup the prototypes
for the two exported symbols.

This quiets the sparse warnings:

warning: symbol 'mmc_cd_gpio_request' was not declared. Should it be static?
warning: symbol 'mmc_cd_gpio_free' was not declared. Should it be static?
Signed-off-by: H Hartley Sweeten <hsweeten@visionengravers.com>
Acked-by: Guennadi Liakhovetski <g.liakhovetski@gmx.de>
Acked-by: Venkatraman S <svenkatr@ti.com>
Signed-off-by: Chris Ball <cjb@laptop.org>

Commit c79396c1 ("mmc: sdhci: prevent card detection activity
for non-removable cards") disables card detection where the cards
are marked as non-removable.

This makes sense, but the implementation detail of calling
mmc_card_is_removable() causes some problems, because
mmc_card_is_removable() is overloaded with CONFIG_MMC_UNSAFE_RESUME
semantics.

In the OLPC XO case, we need CONFIG_MMC_UNSAFE_RESUME because our root
filesystem is stored on SD, but we also have external SD card slots
where we want automatic card detection.

Refine the check to only apply to hosts marked as MMC_CAP_NONREMOVABLE,
which is defined to mean that the card is *really* nonremovable. This
could be revisited in future if we find a way to improve
CONFIG_MMC_UNSAFE_RESUME semantics.
Signed-off-by: Daniel Drake <dsd@laptop.org>
Acked-by: Chuanxiao Dong <chuanxiao.dong@intel.com>
[stable@: please apply to 3.3-stable]
Cc: stable <stable@vger.kernel.org>
Signed-off-by: Chris Ball <cjb@laptop.org>

When dw_mci_pre_dma_transfer returns failure in some reasons,
dw_mci_submit_data will prepare to switch the PIO mode from DMA.
After switching to PIO mode, DMA(IDMAC in particular) is still
enabled. This makes the corruption in handling interrupt and
the driver lock-up.
Signed-off-by: Seungwon Jeon <tgih.jun@samsung.com>
Acked-by: Will Newton <will.newton@imgtec.com>
Signed-off-by: Chris Ball <cjb@laptop.org>

MMC bus is using legacy suspend/resume method, which is not compatible if
runtime pm callbacks are used. In this scenario, MMC bus suspend/resume
callbacks cannot be called when system entering S3. So change to use the
new defined dev_pm_ops for system sleeping mode.

Tested on AM335x Platform. Solves major issue/crash reported at
http://www.mail-archive.com/linux-omap@vger.kernel.org/msg65425.htmlSigned-off-by: Chuanxiao Dong <chuanxiao.dong@intel.com>
Tested-by: Hebbar, Gururaja <gururaja.hebbar@ti.com>
Acked-by: Linus Walleij <linus.walleij@linaro.org>
Acked-by: Ulf Hansson <ulf.hansson@stericsson.com>
Signed-off-by: Chris Ball <cjb@laptop.org>

This continues the theme started with vm_brk() and vm_munmap():
vm_mmap() does the same thing as do_mmap(), but additionally does the
required VM locking.

This uninlines (and rewrites it to be clearer) do_mmap(), which sadly
duplicates it in mm/mmap.c and mm/nommu.c.  But that way we don't have
to export our internal do_mmap_pgoff() function.

Some day we hopefully don't have to export do_mmap() either, if all
modular users can become the simpler vm_mmap() instead.  We're actually
very close to that already, with the notable exception of the (broken)
use in i810, and a couple of stragglers in binfmt_elf.
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>

Like the vm_brk() function, this is the same as "do_munmap()", except it
does the VM locking for the caller.
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>

of_have_populated_dt() is not expected to be used in drivers but
instead only in early platform init code.
Drivers on the other hand should rely on dev->of_node or of_match_device().
Besides usage of of_have_populated_dt() also throws up build error as below
which was reported by Balaji TK, when omap_hsmmc is built as a module.

ERROR: "allnodes" [drivers/mmc/host/omap_hsmmc.ko] undefined!
make[1]: *** [__modpost] Error 1
make: *** [modules] Error 2

So get rid of all of_have_populated_dt() usage in omap_hsmmc driver and
instead use dev->of_node to make the same dicisions as earlier.
Signed-off-by: Rajendra Nayak <rnayak@ti.com>
Reported-by: Benoit Cousson <b-cousson@ti.com>
Cc: Sebastian Andrzej Siewior <bigeasy@linutronix.de>
Acked-by: Rob Herring <rob.herring@calxeda.com>
Reviewed-by: Balaji T K <balajitk@ti.com>
Signed-off-by: Chris Ball <cjb@laptop.org>

Commit 46856a68 ("mmc: omap_hsmmc: Convert hsmmc driver to use device tree")
introduced in 3.4-rc1 has a missing semi-colon, causing:

drivers/mmc/host/omap_hsmmc.c:1745: error: expected ',' or ';' before 'extern'
Reported-by: Russell King <linux@arm.linux.org.uk>
Signed-off-by: Chris Ball <cjb@laptop.org>

eMMC v4.5 sanitize operation erases all copies of unmapped
data.  However trim or erase operations must be used first
to unmap the required sectors.  That was not being done.

Fixes apply to linux 3.2 on.
Signed-off-by: Adrian Hunter <adrian.hunter@intel.com>
Cc: <stable@vger.kernel.org>
Acked-by: Jaehoon Chung <jh80.chung@samsung.com>
Acked-by: Linus Walleij <linus.walleij@linaro.org>
Signed-off-by: Chris Ball <cjb@laptop.org>

eMMC v4.5 discard operation is significantly different from the
existing trim operation because it is not guaranteed to work with
the new sanitize operation.  Consequently mmc_can_trim() is
separated from mmc_can_discard().

Also the new discard operation does not result in the sectors being
set to all-zeros, so discard_zeroes_data must not be set.

In addition, the new discard has the same timeout as trim, but from
v4.5 trim is defined to use the hc timeout.  The timeout calculation
is adjusted accordingly.

Fixes apply to linux 3.2 on.
Signed-off-by: Adrian Hunter <adrian.hunter@intel.com>
Cc: <stable@vger.kernel.org>
Acked-by: Jaehoon Chung <jh80.chung@samsung.com>
Acked-by: Linus Walleij <linus.walleij@linaro.org>
Signed-off-by: Chris Ball <cjb@laptop.org>

It does the same thing as "do_brk()", except it handles the VM locking
too.

It turns out that all external callers want that anyway, so we can make
do_brk() static to just mm/mmap.c while at it.
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>

Merge tag 'for-torvalds-20120418' of git://git.kernel.org/pub/scm/linux/kernel/git/linusw/linux-pinctrl

Pull pinctrl fixes from Linus Walleij:
 - Fixed compilation errors and warnings
 - Stricter checks on the ops vtable

* tag 'for-torvalds-20120418' of git://git.kernel.org/pub/scm/linux/kernel/git/linusw/linux-pinctrl:
  pinctrl: implement pinctrl_check_ops
  pinctrl: include <linux/bug.h> to prevent compile errors
  pinctrl: fix compile error if not select PINMUX support

Pull 3 tiny tty bugfixes from Greg Kroah-Hartman.

* tag 'tty-3.4-rc4' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/tty:
  drivers/tty/amiserial.c: add missing tty_unlock
  pch_uart: Fix dma channel unallocated issue
  ARM: clps711x: serial driver hungs are a result of call disable_irq within ISR

Pull USB fixes from Greg Kroah-Hartman:
 "Here are a number of tiny USB fixes for 3.4-rc4.

  Most of them are in the USB gadget area, but a few other minor USB
  driver and core fixes are here as well.

  Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>"

* tag 'usb-3.4-rc4' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb: (36 commits)
  USB: serial: cp210x: Fixed usb_control_msg timeout values
  USB: ehci-tegra: don't call set_irq_flags(IRQF_VALID)
  USB: yurex: Fix missing URB_NO_TRANSFER_DMA_MAP flag in urb
  USB: yurex: Remove allocation of coherent buffer for setup-packet buffer
  drivers/usb/misc/usbtest.c: add kfrees
  USB: ehci-fsl: Fix kernel crash on mpc5121e
  uwb: fix error handling
  uwb: fix use of del_timer_sync() in interrupt
  EHCI: always clear the STS_FLR status bit
  EHCI: fix criterion for resuming the root hub
  USB: sierra: avoid QMI/wwan interface on MC77xx
  usb: usbtest: avoid integer overflow in alloc_sglist()
  usb: usbtest: avoid integer overflow in test_ctrl_queue()
  USB: fix deadlock in bConfigurationValue attribute method
  usb: gadget: eliminate NULL pointer dereference (bugfix)
  usb: gadget: uvc: Remove non-required locking from 'uvc_queue_next_buffer' routine
  usb: gadget: rndis: fix Missing req->context assignment
  usb: musb: omap: fix the error check for pm_runtime_get_sync
  usb: gadget: udc-core: fix asymmetric calls in remove_driver
  usb: musb: omap: fix crash when musb glue (omap) gets initialized
  ...

Merge tag 'stable/for-linus-3.4-rc3-tag' of git://git.kernel.org/pub/scm/linux/kernel/git/konrad/xen

Pull xen fixes from Konrad Rzeszutek Wilk:
 - mechanism to work with misconfigured backends (where they are
   advertised but in reality don't exist).
 - two tiny compile warning fixes.
 - proper error handling in gnttab_resume
 - Not using VM_PFNMAP anymore to allow backends in the same domain.

* tag 'stable/for-linus-3.4-rc3-tag' of git://git.kernel.org/pub/scm/linux/kernel/git/konrad/xen:
  Revert "xen/p2m: m2p_find_override: use list_for_each_entry_safe"
  xen/resume: Fix compile warnings.
  xen/xenbus: Add quirk to deal with misconfigured backends.
  xen/blkback: Fix warning error.
  xen/p2m: m2p_find_override: use list_for_each_entry_safe
  xen/gntdev: do not set VM_PFNMAP
  xen/grant-table: add error-handling code on failure of gnttab_resume

This reverts commit cf450136.

It breaks reboot on at least one Thinkpad T43, as reported by Jörg Otte:
 "On reboot it shuts down as normal.
  The last lines displayed are:

  >Unmounting temporary filesystems.. [OK]
  >Deactivating swap...               [OK]
  >Unmounting local filesystems...    [OK]
  >Will now restart
  >    Restarting system

  Then I hear it accessing the cd-drive, but then it's being stuck."

Jörg bisected the regression to this commit.

That commit fixes another machine (see

  https://bugzilla.kernel.org/show_bug.cgi?id=11533

for details) that has a BIOS bug and doesn't support ACPI reset.
However, at least one of those other reporters no longer even has the
machine in question, and had a different workaround to begin with.
Besides, it clearly was a buggy BIOS.  Let's not break the correct case
to fix that case.
Reported-and-bisected-by: Jörg Otte <jrg.otte@googlemail.com>
Cc: linux-acpi@vger.kernel.org
Cc: Len Brown <lenb@kernel.org>
Cc: Peter Anvin <hpa@zytor.com>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>

Commit 24aa0788 ("memblock, x86: Replace memblock_x86_reserve/
free_range() with generic ones") replaced x86 specific memblock
operations with the generic ones; unfortunately, it lost zero length
operation handling in the process making the kernel panic if somebody
tries to reserve zero length area.

There isn't much to be gained by being cranky to zero length operations
and panicking is almost the worst response.  Drop the BUG_ON() in
memblock_reserve() and update memblock_add_region/isolate_range() so
that all zero length operations are handled as noops.
Signed-off-by: Tejun Heo <tj@kernel.org>
Cc: stable@vger.kernel.org
Reported-by: Valere Monseur <valere.monseur@ymail.com>
Bisected-by: Joseph Freeman <jfree143dev@gmail.com>
Tested-by: Joseph Freeman <jfree143dev@gmail.com>
Bugzilla: https://bugzilla.kernel.org/show_bug.cgi?id=43098Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>

Pyll hwmon fixes from Guenter Roeck:
 "Two patches: Fix build warning in ads1015 driver, and fix bogus power
  values with current BIOSes in fam15h_power driver."

* tag 'hwmon-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/groeck/linux-staging:
  hwmon: (ads1015) Fix build warning
  hwmon: fam15h_power: fix bogus values with current BIOSes

Pull crypto fixes from Herbert Xu:
 - Locking fix for talitos driver
 - Fix 64-bit counter overflow in SHA-512
 - Build fix for ixp4xx.

* git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6:
  crypto: talitos - properly lock access to global talitos registers
  crypto: ixp4xx - include fix
  crypto: sha512 - Fix byte counter overflow in SHA-512

Pull sound fixes from Takashi Iwai:
 "Fixes for a few regressions of HD-audio, originated partly from 3.4
  and partly 3.3.

  The fixes for ThinkPad docking-station are for 3.3 kernels, thus they
  are based on 3.3 then merged back to 3.4, so that they can be merged
  to stable tree cleanly.  The non-trivial merge conflicts are because
  of this action.

  In addition, a couple of trivial fixes for documentation and a long-
  standing issue in the listing of built-in sound driver at boot time."

* tag 'sound-3.4' of git://git.kernel.org/pub/scm/linux/kernel/git/tiwai/sound:
  ALSA: hda/conexant - Set up the missing docking-station pins
  ALSA: hda/conexant - Don't set HP pin-control bit unconditionally
  ALSA: workaround: change the timing of alsa_sound_last_init()
  ALSA: hda/sigmatel - Fix inverted mute LED
  ALSA: hda/realtek - Fix regression on Quanta/Gericom KN1
  ALSA: fix core/vmaster.c kernel-doc warning

Pull HID fixes from Jiri Kosina:
 "Fix for one particular device (bluetooth Tivo Slide) and change of
  'default y' -> 'default n' for CONFIG_HID_BATTERY_STRENGTH which I
  overlooked in the initial merge of the battery support"

* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jikos/hid:
  HID: default HID_BATTERY_STRENGTH to no
  HID: tivo: fix support for bluetooth version of tivo Slide

Pull m68k arch fixes from Greg Ungerer:
 "This contains four fixes for 3.4.  Two fix and clean up compilation
  for the nommu 68x328 CPU targets.  The other two fix the platform
  definition and multi-function pin setup of the second eth interface
  on the ColdFire 5275 SoC."

* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/gerg/m68knommu:
  m68knommu: make sure 2nd FEC eth interface pins are enabled on 5275 ColdFire
  m68knommu: fix id number for second eth device on 5275 ColdFire
  m68knommu: move and fix the 68VZ328 platform bootlogo.h
  m68knommu: remove the unused bootlogo.h processing for 68EZ328 and 68VZ328

This reverts commit b960d6c4.

If we have another thread (very likely) touched the list, we
end up hitting a problem "that the next element is wrong because
we should be able to cope with that. The problem is that the
next->next pointer would be set LIST_POISON1. " (Stefano's
comment on the patch).

Reverting for now.
Suggested-by: Dan Carpenter <dan.carpenter@oracle.com>
Acked-by: Stefano Stabellini <stefano.stabellini@eu.citrix.com>
Signed-off-by: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>

Fixed too small hardcoded timeout values for usb_control_msg
in driver for SiliconLabs cp210x-based usb-to-serial adapters.
Replaced with USB_CTRL_GET_TIMEOUT/USB_CTRL_SET_TIMEOUT.
Signed-off-by: Yuri Matylitski <ym@tekinsoft.com>
Acked-by: Kirill A. Shutemov <kirill@shutemov.name>
Cc: stable <stable@vger.kernel.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>

tty_unlock is used on all other exits from the function.
Signed-off-by: Julia Lawall <Julia.Lawall@lip6.fr>
Acked-by: Jiri Slaby <jslaby@suse.cz>
Cc: stable <stable@vger.kernel.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>

Pull nfsd bugfixes from J. Bruce Fields:
 "One bugfix, and one minor header fix from Jeff Layton while we're
  here"

* 'for-3.4' of git://linux-nfs.org/~bfields/linux:
  nfsd: include cld.h in the headers_install target
  nfsd: don't fail unchecked creates of non-special files