Skip over the first part of __vermagic in modversioning is on: otherwise
you'll have to force it when changing from 2.6.0 to 2.6.1.

Fix the case where no CRCs are supplied (OK, but taints kernel), and
only print one tainted message (otherwise --force gives hundreds of them).

We generated the intermediate files that contain checksums for
unresolved symbols in .tmp_versions, which had the disadvantage
that is obscured what's going on during the build. Just
generate them as .ver.[co] right next to the actual objects in the
object tree.

CONFIG_MODVERSIONING was a temporary name introduced to distinguish
between the old and new module version implementation. Since the
traces of the old implementation are now gone from the build system,
we rename the config option back in order to not confuse users more
than necessary in 2.6.
 
Also, remove some historic modversions cruft throughout the tree.

After disabling files that wouldn't build, there were 2 (in-kernel)
modules that referenced _init or _exit code sections when they
shouldn't.

This fixes those modules.

into home.transmeta.com:/home/torvalds/v2.5/linux

into raven.il.steeleye.com:/home/jejb/BK/scsi-for-linus-2.5

into raven.il.steeleye.com:/home/jejb/BK/scsi-for-linus-2.5

into redhat.com:/garz/repo/net-drivers-2.5

into home.transmeta.com:/home/torvalds/v2.5/linux

Certain support files are shared between various ARM machine classes.
In other to sanely support these, we place the shared files in
arch/arm/common instead of the individual machine class directories.

Patch from Russell King <rmk@arm.linux.org.uk>

show_task() attempts to calculate the amount of free space which hasn't been
written to on the kernel stack by reading from the base of the kernel stack
upwards.

However, it mistakenly uses the task_struct pointer as the base of the stack,
which it isn't, and this can cause an oops.

Here is a patch which uses the task thread pointer instead, which should be
located at the bottom of the kernel stack.  It appears this was missed when
the thread structure was introduced.

The recent exit_mmap() changes broke PPC64 when 64-bit applications exec
32-bit ones.  ia32-on-ia64 was broken as well

What is happening is that load_elf_binary() sets TIF_32BIT (via
SET_PERSONALITY) _before_ running exit_mmap().  So when we're unmapping the
vma's of the old image, we are running under the new image's personality.

This causes PPC64 to pass a 32-bit TASK_SIZE to unmap_vmas(), even when the
execing process had a 64-bit image.  Because unmap_vmas() is not provided
with the correct virtual address span it does not unmap all the old image's
vma's and we go BUG_ON(mm->map_count) in exit_mmap().

The early SET_PERSONALITY() is required before we look up the interpreter
because the lookup of the executable has to happen under the alternate root
which SET_PERSONALITY() may set.

Unfortunately this means that we're running flush_old_exec() under the new
exec's personality.  Hence this bug.

So what the patch does is to simply pass ~0UL into unmap_vmas(), which tells
it to unmap everything regardless of current personality.  Which is what the
old open-coded VMA killer was doing.

There remains the problem that some architectures are sometimes passing the
incorrect TASK_SIZE into tlb_finish_mmu().  They've always been doing that.

We cannot clear VM_MAYWRITE in there - it turns writeable MAP_PRIVATE
mappings into readonly ones.

So change it back to the 2.4 form - disallow a writeable MAP_SHARED mapping
against filesystems which do not implement ->writepage().

Patch from: Petr Vandrovec <vandrove@vc.cvut.cz>

soundcore is trying to perform kernel syscalls to load firmware, but falls
afoul of missing `errno'.  Convert it to use VFS API functions.

redo_fd_request() needs to take the queue lock around the call to
elv_next_request().

Patch from "Andres Salomon" <dilinger@voxel.net>

Fix compilation of atyfb_base.c

__wait_on_buffer() needs to use io_schedule(), so processes in there are
accounted as being in I/O wait.

pcmcia timer initialisation fixes from Anton Blanchard

Patch from William Lee Irwin III <wli@holomorphy.com>

PAE's pte_none() and pte_pfn() evaluate their arguments twice;
analogous fixes have been made to other things; c.f. pgtable.h's long
list of one-line inlines with parentheses still around their args.

Patch from: Rusty Russell <rusty@rustcorp.com.au>

Mikael Pettersson points out that "-s" gets mangled to "_s" on the
kernel command line, even though it turns out not to be a
parameter.

Patch from William Lee Irwin III <wli@holomorphy.com>

pgd_index() doesn't parenthesize its argument.  This is a bad idea for
macros, since it's legitimate to pass expressions to them that will get
misinterpreted given operator precedence and the shift.

Patch from Rusty Russell <rusty@rustcorp.com.au>

Make symbol_get() use undefined weak symbols if !CONFIG_MODULE.
Many thanks to RTH for introducing undef weak symbols to me.

Patch from William Lee Irwin III <wli@holomorphy.com>

BLK_BOUNCE_HIGH and BLK_BOUNCE_ANY are compared against 64-bit quantities.
Cast these unsigned long quantities to avoid overflow.

Patch from Manfred Spraul <manfred@colorfullife.com>

cache_alloc_refill() forgets to disable interrupts again on an error path.
This exposes us to slab corruption and it makes slab debugging go BUG (it
expects local irqs to be disabled).

Patch from William Lee Irwin III <wli@holomorphy.com>

struct thread_info is shared with the stack, not struct task_struct.
False positives have been seen.

Random semicolon makes the whole thing a no-op.

It _did_ work.  I must have broken it between testing and sending :(

Patch from: jak@rudolph.ccur.com (Joe Korty)

The new, preemptable spin_lock() spins on an atomic bus-locking read/write
instead of an ordinary read, as the original spin_lock implementation did.
Perhaps that is the source of the inefficiency being seen.

Attached sample code compiles but is untested and incomplete (present
only to illustrate the idea).

The second quota locking fix.  Sorry, I seem to have misplaced the
changelog.

Quota locking fix from Jan Kara.

Spotted by Andries Brouwer.  There's one place where slab is calling
check_poison_obj() but not reporting on any detected failure.

We used to go BUG() in there.  Convert it over to the kinder, gentler
slab_error() regime.

There have been sporadic sightings of ext3 causing little blips of 100,000
context switches per second when under load.

At the start of do_get_write_access() we have this logic:

	repeat:
		lock_buffer(jh->bh);
		...
		unlock_buffer(jh->bh);
		...
		if (jh->j_list == BJ_Shadow) {
			sleep_on_buffer(jh->bh);
			goto repeat;
		}

The problem is that the unlock_buffer() will wake up anyone who is sleeping
in the sleep_on_buffer().

So if task A is asleep in sleep_on_buffer() and task B now runs
do_get_write_access(), task B will wake task A by accident.  Task B will then
sleep on the buffer and task A will loop, will run unlock_buffer() and then
wake task B.

This state will continue until I/O completes against the buffer and kjournal
changes jh->j_list.

Unless task A and task B happen to both have realtime scheduling policy - if
they do then kjournald will never run.  The state is never cleared and your
box locks up.


The fix is to not do the `goto repeat;' until the buffer has been taken of
the shadow list.  So we don't go and wake up the other waiter(s) until they
can actually proceed to use the buffer.

The patch removes the exported sleep_on_buffer() function and simply exports
an existing function which provides access to a buffer_head's waitqueue
pointer.  Which is a better interface anyway, because it permits the use of
wait_event().

This bug was introduced introduced into 2.4.20-pre5 and was faithfully ported
up.

The general error logic handling in there is:

	*errp = -EFOO;
	<lots of code>
	if (some_error)
		goto out;

this is fragile and unmaintainable, because the setting of the error code is
"far away" from the site where the error was detected.

And the code was actually wrong - we're returning ENOSPC in places where fs
metadata inconsistency was detected.  We traditionally return -EIO in this
case.

So change it all to do, effectively:

	if (some_error) {
		*errp = -EFOO;
		goto out;
	}

Patch from: Hugh Dickins <hugh@veritas.com>

For almost a year (since 2.5.4) ext2_new_block has tended to set err 0
instead of -ENOSPC or -EIO.  This manifested variously (typically depends on
what's stale in ext2_get_block's chain[4] array): sometimes __brelse free
free buffer backtraces, sometimes release_pages oops, usually
generic_make_request beyond end of device messages, followed by further ext2
errors.

[Insert lecture on dangers of using goto for unwind :-]

Forward port of a 2.4 patch by Christoph Hellwig.

See http://cert.uni-stuttgart.de/archive/bugtraq/2002/03/msg00384.html
for the security implications.

Patch from Manfred Spraul <manfred@colorfullife.com>

exec of setuid apps and ptrace must be synchronized, to ensure that a normal
user cannot ptrace a setuid app across exec.  ptrace_attach acquires the
task_lock around the uid checks, compute_creds acquires the BLK.  The patch
converts compute_creds to the task_lock.  Additionally, it removes the
do_unlock variable: the task_lock is not heaviliy used, there is no need to
avoid the spinlock by adding branches.

The patch is a cleanup patch, not a fix for a security problem: AFAICS the
sys_ptrace in every arch acquires the BKL before calling ptrace_attach.

Patch from "Ph. Marek" <philipp.marek@bmlv.gv.at>

Compile fix in sound/oss/maestro.c