kunmap_atomic() takes a kernel-virtual address, not a pageframe address.

(Very common problem.  We really should make the atomic kmap functions
type-safe).

into home.osdl.org:/home/torvalds/v2.5/linux

There's a fencepost error in the GART IOMMU handling on x86_64
in the unmap path.  When testing to see if the bus address is
within the IOMMU window and needs to be unmapped, the start of
the first page *beyond* the window also passes the test.  This
can cause the first doubleword of the next page beyond the gatt
table to be smashed to zero, with unpredictable results depending
on what that page is used for.

into nuts.davemloft.net:/disk1/BK/nf-2.6

The attached trivial patch should fix the "i1-dig" build failure reported
on this page:

	http://www.gelato.unsw.edu.au/kerncomp/

and should make it easier to build a properly configured ia64 kernel.

This is a cleaned-up version of a mremap() fix for "move_one_page()"
by Rajesh Venkatasubramanian <vrajesh@umich.edu>. We could use a NULL
"src" pointer.

Because while we do hold the MM semaphore over the whole sequence, the
destination page table allocation will possibly drop the page table
spinlock.  That in turn can cause a clean source page to be stolen by
page reclaim, causing the source-side "get_one_pte_map_nested()" to
return NULL the second time around even if it didn't on the first case.

So we just check "src" again, and get rid of the bogus TLB invalidate
while we're at it.

into home.osdl.org:/home/torvalds/v2.5/linux

My "__ide_dma_off()" cleanup uncovered some code that shouldn't be compiled
when CONFIG_BLK_DEV_IDEDMA=n.  Fix it and kill a warning in setup-pci.c.

Noticed by Martin Diehl <lists@mdiehl.de>.

Bug discovered by Olaf Kirch.

into nuts.davemloft.net:/disk1/BK/sparc-2.6

into debian.org:/usr/src/kernel/sparc-2.6

The platinum framebuffer is repeated twice. Removed one of them.

There's an incorrect redefinition extern/static in prep_pci.

Just remove it.

From: Tom Rini <trini@kernel.crashing.org>

Hello.  The following patch is all that is required to get current 2.6 to
compile and work on MPC82xx platforms.

From: Tom Rini <trini@kernel.crashing.org>

Replace MSR_, which is gone now, with the value it used to be.  Required to
get the MPC82xx platforms compiling again.

This fixes the build of "allyesconfig", old and new radeonfb's would
collide on some symbols.

It results in serial console getting initialised really late and the
suggested workaround is broken according to Keith. 

Cset exclude: akpm@osdl.org|ChangeSet|20040213234712|28554

The rtasd kernel thread would exit before daemoniz'ing itself if
RTAS wasn't present (or if allocation of the buffer failed), thus
leaving a zombie. This patch fixes it (and remove #if 0'ed code)

Move ide-dma.c:__ide_dma_off() outside of #ifdef CONFIG_BLK_DEV_IDEDMA_PCI,
so it can be used for all DMA capable hosts.  Remove ide_hwif_t->ide_dma_off.

->ide_dma_count() was introduced in kernel 2.5.35 and was meant to add support
for host FIFO counters (for VDMA), but is only a wrapper for ->ide_dma_begin()
(even for siimage.c b/c SIIMAGE_VIRTUAL_DMAPIO is undefined).

Moreover it should be possible to add VDMA code directly to ->ide_dma_begin().

Use __ide_dma_{good,bad}_drive() directly and remove these wrappers.

I see only pros of removing OnStream support:
 - SCSI osst.c driver is actively maintained by Willem Riede <wrlk@riede.org>
 - there is no functionality loss (OnStream IDE drives don't support DSC)
 - ide-tape.c driver is too ugly & complicated even without OnStream support
 - long term benefits (2.7.x plans on unifying storage drivers)

From: Willem Riede <wrlk@riede.org>

From: Glenn Wurster <gwurster@scs.carleton.ca>

This fixes a small merge error in aty128fb resulting in a compile
failure. 

From: James Morris <jmorris@redhat.com>

The patch below fixes an error handling flaw, where we need to return a
Netfilter verdict from the function rather than a standard error code.

From: James Morris <jmorris@redhat.com>

The avc_init function is only called during kernel init, so it can be
marked with __init.

From: Stephen Smalley <sds@epoch.ncsc.mil>

This patch changes the mode bits on the selinuxfs enforce node so that
non-root processes can read it.  This is necessary to allow non-root
userspace policy enforcers to check the enforcing flag upon a permission
failure as well.  A process must still have the appropriate SELinux
permission in order to read the node.

From: James Morris <jmorris@redhat.com>

devfs is passing an empty string to do_mount when it expects a page.

From: James Morris <jmorris@redhat.com>

This patch implements context mount support within SELinux.

Three new mount options are provided:

context=%s
  Label the entire filesystem with the specified security context during
  mount and change the labeling behavior to 'mountpoint labeling'.  The
  /proc/self/attr/fscreate attribute will be ignored for file creation on
  the filesystem, although policy-specified transitions will still work
  normally.  This also sets the aggregate filesystem security context.

fscontext=%s
  Set the label of the aggregate filesystem to the specified security
  context, so that SELinux policy controls over the filesystem itself may
  be reinstated.  Only works for filesystems without EA labeling support,
  and is not valid if 'context' has been specified.

defcontext=%s
  Set the default security context for files created in this filesystem to
  the specified security context (as opposed to the current global default).
  Only works for filesystems without EA labeling support, and is not
  valid if 'context' has been specified.

To set the context or fscontext options, the security policy must specify
appropriate permissions for the filesystem relabelfrom and filesystem
relabelto controls.  For the defcontext option, the filesystem relablefrom
and filesystem assoicate controls are invoked.

The security mount options are parsed out and stripped from the normal
mount option data so that no normal filesystems need to be aware of them.

Filesystems with binary mount option data (e.g. NFS, SMBFS, AFS, Coda)
need to be handled as special cases: only NFS is supprted at this stage
per the previous patch.

From: James Morris <jmorris@redhat.com>

This patch modifies the kernel's NFS mount data structure to include SELinux
context mount data.  It allows NFS fileystems to be labeled on a
per-mountpoint basis, and should not affect existing versions of userspace
mount.

(A patch to the userspace mount code is available at
http://people.redhat.com/jmorris/selinux/context_mounts/)

From: James Morris <jmorris@redhat.com>

This series of patches adds support for SELinux 'context mounts', which
allows filesystems to be assigned security context information at mount time.
 For example, some filesystems do not support extended attributes (e.g.  NFS,
vfat), and this feature allows security contexts to be assigned to them on a
per-mountpoint basis.  It is also useful when the existing labeling on a
filesystem is untrusted or unwanted for some reason (e.g.  removable media),
and needs to be overridden with a safe default.

The first patch below consists of infrastructure changes to the kernel:

- A new LSM hook has been added, sb_copy_data, which allows the security
  module to copy security-specific mount data once the superblock has been
  setup by the filesystem.

- The sb_kern_mount hook has been modified to take this security data as a
  parameter, and would typically be used at that point to configure the
  security parameters of the filesystem being mounted.

- Allocation and freeing of the security data has been implemented in the
  core fs code as it is cleaner than trying to do it purely via LSM hooks,
  and should make maintenance easier.  This code will be compiled away if LSM
  is not enabled.

This fixes pSeries LPAR (logical partitioned) machines.  We weren't
initialising the pci_dma_ops stuff.

This updates the PowerMac-only platinumfb driver to use the new mac-io
device infrastructure.  It also switch allocation to the new
framebuffer_alloc/release and fix a couple of bugs.