The NID 0x11 on HP dc5750 with ALC260 should be a speaker although BIOS
gives it as a line-out.  This patch adds a quirk to fix the pin config
so that the real line-out is used properly.

Reference: bnc#624118
	https://bugzilla.novell.com/show_bug.cgi?id=624118Signed-off-by: Takashi Iwai <tiwai@suse.de>

In patch_alc269(), we initialize the primary capsrc so that the device
works from the beginning.  It issues CONNECT_SEL verb no matter which
widget is although some widget (e.g. 0x23) has no connection selection
but a mixer, which requires unmuting instead.

This patch fixes the initialization of capsrc by re-using the code as
a helper function.
Signed-off-by: Takashi Iwai <tiwai@suse.de>

An Intel board needs a white-list entry to enable PC-beep.
Otherwise the driver misdetects (due to bogus BIOS info) and ignores
the PC-beep on 2.6.35.
Reported-and-tested-by: Leandro Lucarella <luca@llucax.com.ar>
Cc: <stable@kernel.org>
Signed-off-by: Takashi Iwai <tiwai@suse.de>

Since the pending periods are often bogus and take long time until
actually processed, it often results in a high CPU usage of the hd-audio
workq.  Overall it's better to have low CPU consumption by avoiding a
too tight loop rather than the wake-up timing accuracy.
Signed-off-by: Takashi Iwai <tiwai@suse.de>

Define constants for the HD-audio stream format bits, and replace the
magic numbers in codes.
Signed-off-by: Takashi Iwai <tiwai@suse.de>

Fix HDA beep frequency on IDT 92HD73xx and 92HD71Bxx codecs.
These codecs use the standard beep frequency calculation although the
datasheet says it's linear frequency.

Other IDT/STAC codecs might have the same problem.  They should be
fixed individually later.
Signed-off-by: Daniel J Blueman <daniel.blueman@gmail.com>
Signed-off-by: Takashi Iwai <tiwai@suse.de>

Passing IEC 61937 encapsulated compressed audio at bitrates over 6.144
Mbps (i.e. more than a single 2-channel 16-bit 192kHz IEC 60958 link)
over HDMI requires the use of HBR Audio Stream Packets instead of Audio
Sample Packets.

Enable HBR mode when the stream has 8 channels and the Non-PCM bit is
set.

If the audio converter is not connected to any HBR-capable pins, return
-EINVAL in prepare().
Signed-off-by: Anssi Hannula <anssi.hannula@iki.fi>
Signed-off-by: Takashi Iwai <tiwai@suse.de>

Set bit 15 (Stream Type) of HDA Stream Format to 1 (Non-PCM) when IEC958
channel status bit 1 (AES0 & 0x02) is set to 1 (non-audio).

This is a prequisite for HDMI HBR passthrough.
Signed-off-by: Anssi Hannula <anssi.hannula@iki.fi>
Signed-off-by: Takashi Iwai <tiwai@suse.de>

Just as with the X301. The X300 does not have a way to do SPDIF either.
It does not have a dock connector, nor does it have the SPDIF through
the headphone jack.

This patch fixes it so X300 does not show SPDIF, since it cannot do it.

To add all Lenovo Thinkpads had different codec subsytem IDs:

X300:
http://launchpadlibrarian.net/34862838/Card0.Codecs.codec.0.txtSigned-off-by: Jerone Young <jerone.young@canonical.com>
Signed-off-by: Takashi Iwai <tiwai@suse.de>

ALSA: hda - FIX to not expose SPDIF on Thinkpad X301, since it does not have the ability to use SPDIF

The Lenovo X301 does not have the ability to connect to a docking
station to use the SPDIF port. It also does not have the ability to do
SPDIF though the headphone jack or Display Port jacks.

This patch fixes it so this is not exposed for the X301 and users do
think it has the ability to do SPDIF.

I tested both headphone & display port jacks and it is not there. I have
tested this patch and it works great.

Also to add the other Thinkpads have different subsystem codec IDs.
Here are examples:

X301:
http://launchpadlibrarian.net/31561902/Card0.Codecs.codec.0.txt

X200:
http://launchpadlibrarian.net/49055036/Card0.Codecs.codec.0.txt

W500:
http://launchpadlibrarian.net/36276057/Card0.Codecs.codec.0.txtSigned-off-by: Jerone Young <jerone.young@canonical.com>
Signed-off-by: Takashi Iwai <tiwai@suse.de>

Signed-off-by: David Henningsson <david.henningsson@canonical.com>
Signed-off-by: Takashi Iwai <tiwai@suse.de>

nfs_commit_inode() needs to be defined irrespectively of whether or not
we are supporting NFSv3 and NFSv4.

Allow the compiler to optimise away code in the NFSv2-only case by
converting it into an inlined stub function.
Reported-and-tested-by: Ingo Molnar <mingo@elte.hu>
Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>

* master.kernel.org:/home/rmk/linux-2.6-arm:
  cyber2000fb: fix console in truecolor modes
  cyber2000fb: fix machine hang on module load
  SA1111: Eliminate use after free
  ARM: Fix Versatile/Realview/VExpress MMC card detection sense
  ARM: 6279/1: highmem: fix SMP preemption bug in kmap_high_l1_vipt
  ARM: Add barriers to io{read,write}{8,16,32} accessors as well
  ARM: 6273/1: Add barriers to the I/O accessors if ARM_DMA_MEM_BUFFERABLE
  ARM: 6272/1: Convert L2x0 to use the IO relaxed operations
  ARM: 6271/1: Introduce *_relaxed() I/O accessors
  ARM: 6275/1: ux500: don't use writeb() in uncompress.h
  ARM: 6270/1: clean files in arch/arm/boot/compressed/
  ARM: Fix csum_partial_copy_from_user()

* 'bugfixes' of git://git.linux-nfs.org/projects/trondmy/nfs-2.6:
  NFS: Ensure that writepage respects the nonblock flag
  NFS: kswapd must not block in nfs_release_page
  nfs: include space for the NUL in root path

* 'drm-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/airlied/drm-2.6:
  drm/edid: Fix the HDTV hack sync adjustment
  drm/radeon/kms: fix radeon mid power profile reporting

Debian's ia64 autobuilders have been seeing kernel freeze or reboot
when running the gdb testsuite (Debian bug 588574): dannf bisected to
2.6.32 62eede62 "mm: ZERO_PAGE without
PTE_SPECIAL"; and reproduced it with gdb's gcore on a simple target.

I'd missed updating the gate_vma handling in __get_user_pages(): that
happens to use vm_normal_page() (nowadays failing on the zero page),
yet reported success even when it failed to get a page - boom when
access_process_vm() tried to copy that to its intermediate buffer.

Fix this, resisting cleanups: in particular, leave it for now reporting
success when not asked to get any pages - very probably safe to change,
but let's not risk it without testing exposure.

Why did ia64 crash with 16kB pages, but succeed with 64kB pages?
Because setup_gate() pads each 64kB of its gate area with zero pages.
Reported-by: Andreas Barth <aba@not.so.argh.org>
Bisected-by: dann frazier <dannf@debian.org>
Signed-off-by: Hugh Dickins <hughd@google.com>
Tested-by: dann frazier <dannf@dannf.org>
Cc: stable@kernel.org
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>

Remove the __exit mark from cifs_exit_dns_resolver() as it's called by the
module init routine in case of error, and so may have been discarded during
linkage.
Signed-off-by: David Howells <dhowells@redhat.com>
Acked-by: Jeff Layton <jlayton@redhat.com>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>

Return value was not set to 0 in setcolreg() with truecolor modes. This causes
fb_set_cmap() to abort after first color, resulting in blank palette - and
blank console in 24bpp and 32bpp modes.
Signed-off-by: Ondrej Zary <linux@rainbow-software.org>
Signed-off-by: Russell King <rmk+kernel@arm.linux.org.uk>

I was testing two CyberPro 2000 based PCI cards on x86 and the machine always
hanged completely when the cyber2000fb module was loaded. It seems that the
card hangs when some registers are accessed too quickly after writing RAMDAC
control register. With this patch, both card work.

Add delay after RAMDAC control register write to prevent hangs on module load.
Signed-off-by: Ondrej Zary <linux@rainbow-software.org>
Signed-off-by: Russell King <rmk+kernel@arm.linux.org.uk>

__sa1111_remove always frees its argument, so the subsequent reference to
sachip->saved_state represents a use after free.  __sa1111_remove does not
appear to use the saved_state field, so the patch simply frees it first.

A simplified version of the semantic patch that finds this problem is as
follows: (http://coccinelle.lip6.fr/)

// <smpl>
@@
expression E,E2;
@@

__sa1111_remove(E)
...
(
  E = E2
|
* E
)
// </smpl>
Signed-off-by: Julia Lawall <julia@diku.dk>
Signed-off-by: Russell King <rmk+kernel@arm.linux.org.uk>

The MMC card detection sense has become really confused with negations
at various levels, leading to some platforms not detecting inserted
cards.  Fix this by converting everything to positive logic throughout,
thereby getting rid of these negations.
Signed-off-by: Russell King <rmk+kernel@arm.linux.org.uk>

smp_processor_id() must not be called from a preemptible context (this
is checked by CONFIG_DEBUG_PREEMPT).  kmap_high_l1_vipt() was doing so.
This lead to a problem where the wrong per_cpu kmap_high_l1_vipt_depth
could be incremented, causing a BUG_ON(*depth <= 0); in
kunmap_high_l1_vipt().

The solution is to move the call to smp_processor_id() after the call
to preempt_disable().

Originally by: Andrew Howe <ahowe@nvidia.com>
Signed-off-by: Gary King <gking@nvidia.com>
Acked-by: Nicolas Pitre <nico.as.pitre@linaro.org>
Signed-off-by: Russell King <rmk+kernel@arm.linux.org.uk>

Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>

See https://bugzilla.kernel.org/show_bug.cgi?id=16056

If other processes are blocked waiting for kswapd to free up some memory so
that they can make progress, then we cannot allow kswapd to block on those
processes.
Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
Cc: stable@kernel.org

In root_nfs_name() it does the following:

        if (strlen(buf) + strlen(cp) > NFS_MAXPATHLEN) {
                printk(KERN_ERR "Root-NFS: Pathname for remote directory too long.\n");
                return -1;
        }
        sprintf(nfs_export_path, buf, cp);

In the original code if (strlen(buf) + strlen(cp) == NFS_MAXPATHLEN)
then the sprintf() would lead to an overflow.  Generally the rest of the
code assumes that the path can have NFS_MAXPATHLEN (1024) characters and
a NUL terminator so the fix is to add space to the nfs_export_path[]
buffer.
Signed-off-by: Dan Carpenter <error27@gmail.com>
Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>

The current ALC259/268/269 parser ignores some pins as unhandled,
but user won't notice what goes wrong.  So, added a warning message
for the ignored pins as a hint.
Signed-off-by: Takashi Iwai <tiwai@suse.de>

The pin NID 0x1a should be handled as well as NID 0x1b.
Also added comments.
Signed-off-by: Takashi Iwai <tiwai@suse.de>

Call snd_hda_shutup_pins() for power-saving and reboot-notifier in
patch_conexant.c as well as other codecs.  This will reduce the pop
noise in power-save mode.

Reference: bnc#624896
	https://bugzilla.novell.com/show_bug.cgi?id=624896Signed-off-by: Takashi Iwai <tiwai@suse.de>

If BIOS sets up the input pin as VREF 50, use the value as is instead of
overriding forcibly to VREF 80.  This fixes the quality of inputs on
some devices like Packard-Bell M5210.
Signed-off-by: Takashi Iwai <tiwai@suse.de>

Since ALC259/269 use the same parser of ALC268, the pin 0x1b was ignored
as an invalid widget.  Just add this NID to handle properly.
This will add the missing mixer controls for some devices.
Signed-off-by: Takashi Iwai <tiwai@suse.de>

Make a helper function to parse the digital I/Os of all Realtek codecs
to simplify the code and to ensure the setups.
Also, initialize digital I/O pins properly in init callbacks.  Some BIOS
seem to leave pins uninitialized.
Signed-off-by: Takashi Iwai <tiwai@suse.de>

Some ALC662-compatible codecs like ALC892 may have more than 4
connections for the input source.  Use HDA_MAX_CONNECTIONS instead of
the fixed magic number 4.
Signed-off-by: Takashi Iwai <tiwai@suse.de>

Add a prefix and more information for error messages regarding the
connection-list in hda_codec.c.
Signed-off-by: Takashi Iwai <tiwai@suse.de>

* 'for-linus' of git://git390.marist.edu/pub/scm/linux-2.6:
  [S390] etr: fix clock synchronization race
  [S390] Fix IRQ tracing in case of PER

* git://git.kernel.org/pub/scm/linux/kernel/git/wim/linux-2.6-watchdog:
  watchdog: update MAINTAINERS entry

* 'fix/hda' of git://git.kernel.org/pub/scm/linux/kernel/git/tiwai/sound-2.6:
  ALSA: hda - Add a PC-beep workaround for ASUS P5-V
  ALSA: hda - Assume PC-beep as default for Realtek
  ALSA: hda - Don't register beep input device when no beep is available
  ALSA: hda - Fix pin-detection of Nvidia HDMI

Fix __task_cred()'s lockdep check by removing the following validation
condition:

	lockdep_tasklist_lock_is_held()

as commit_creds() does not take the tasklist_lock, and nor do most of the
functions that call it, so this check is pointless and it can prevent
detection of the RCU lock not being held if the tasklist_lock is held.

Instead, add the following validation condition:

	task->exit_state >= 0

to permit the access if the target task is dead and therefore unable to change
its own credentials.

Fix __task_cred()'s comment to:

 (1) discard the bit that says that the caller must prevent the target task
     from being deleted.  That shouldn't need saying.

 (2) Add a comment indicating the result of __task_cred() should not be passed
     directly to get_cred(), but rather than get_task_cred() should be used
     instead.

Also put a note into the documentation to enforce this point there too.
Signed-off-by: David Howells <dhowells@redhat.com>
Acked-by: Jiri Olsa <jolsa@redhat.com>
Cc: Paul E. McKenney <paulmck@linux.vnet.ibm.com>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>

It's possible for get_task_cred() as it currently stands to 'corrupt' a set of
credentials by incrementing their usage count after their replacement by the
task being accessed.

What happens is that get_task_cred() can race with commit_creds():

	TASK_1			TASK_2			RCU_CLEANER
	-->get_task_cred(TASK_2)
	rcu_read_lock()
	__cred = __task_cred(TASK_2)
				-->commit_creds()
				old_cred = TASK_2->real_cred
				TASK_2->real_cred = ...
				put_cred(old_cred)
				  call_rcu(old_cred)
		[__cred->usage == 0]
	get_cred(__cred)
		[__cred->usage == 1]
	rcu_read_unlock()
							-->put_cred_rcu()
							[__cred->usage == 1]
							panic()

However, since a tasks credentials are generally not changed very often, we can
reasonably make use of a loop involving reading the creds pointer and using
atomic_inc_not_zero() to attempt to increment it if it hasn't already hit zero.

If successful, we can safely return the credentials in the knowledge that, even
if the task we're accessing has released them, they haven't gone to the RCU
cleanup code.

We then change task_state() in procfs to use get_task_cred() rather than
calling get_cred() on the result of __task_cred(), as that suffers from the
same problem.

Without this change, a BUG_ON in __put_cred() or in put_cred_rcu() can be
tripped when it is noticed that the usage count is not zero as it ought to be,
for example:

kernel BUG at kernel/cred.c:168!
invalid opcode: 0000 [#1] SMP
last sysfs file: /sys/kernel/mm/ksm/run
CPU 0
Pid: 2436, comm: master Not tainted 2.6.33.3-85.fc13.x86_64 #1 0HR330/OptiPlex
745
RIP: 0010:[<ffffffff81069881>]  [<ffffffff81069881>] __put_cred+0xc/0x45
RSP: 0018:ffff88019e7e9eb8  EFLAGS: 00010202
RAX: 0000000000000001 RBX: ffff880161514480 RCX: 00000000ffffffff
RDX: 00000000ffffffff RSI: ffff880140c690c0 RDI: ffff880140c690c0
RBP: ffff88019e7e9eb8 R08: 00000000000000d0 R09: 0000000000000000
R10: 0000000000000001 R11: 0000000000000040 R12: ffff880140c690c0
R13: ffff88019e77aea0 R14: 00007fff336b0a5c R15: 0000000000000001
FS:  00007f12f50d97c0(0000) GS:ffff880007400000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007f8f461bc000 CR3: 00000001b26ce000 CR4: 00000000000006f0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000400
Process master (pid: 2436, threadinfo ffff88019e7e8000, task ffff88019e77aea0)
Stack:
 ffff88019e7e9ec8 ffffffff810698cd ffff88019e7e9ef8 ffffffff81069b45
<0> ffff880161514180 ffff880161514480 ffff880161514180 0000000000000000
<0> ffff88019e7e9f28 ffffffff8106aace 0000000000000001 0000000000000246
Call Trace:
 [<ffffffff810698cd>] put_cred+0x13/0x15
 [<ffffffff81069b45>] commit_creds+0x16b/0x175
 [<ffffffff8106aace>] set_current_groups+0x47/0x4e
 [<ffffffff8106ac89>] sys_setgroups+0xf6/0x105
 [<ffffffff81009b02>] system_call_fastpath+0x16/0x1b
Code: 48 8d 71 ff e8 7e 4e 15 00 85 c0 78 0b 8b 75 ec 48 89 df e8 ef 4a 15 00
48 83 c4 18 5b c9 c3 55 8b 07 8b 07 48 89 e5 85 c0 74 04 <0f> 0b eb fe 65 48 8b
04 25 00 cc 00 00 48 3b b8 58 04 00 00 75
RIP  [<ffffffff81069881>] __put_cred+0xc/0x45
 RSP <ffff88019e7e9eb8>
---[ end trace df391256a100ebdd ]---
Signed-off-by: David Howells <dhowells@redhat.com>
Acked-by: Jiri Olsa <jolsa@redhat.com>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>