There's logic in __rfcomm_dlc_close:
	rfcomm_dlc_lock(d);
	d->state = BT_CLOSED;
	d->state_changed(d, err);
	rfcomm_dlc_unlock(d);

In rfcomm_dev_state_change, it's possible that rfcomm_dev_put try to
take the dlc lock, then we will deadlock.

Here fixed it by unlock dlc before rfcomm_dev_get in
rfcomm_dev_state_change.

why not unlock just before rfcomm_dev_put? it's because there's
another problem.  rfcomm_dev_get/rfcomm_dev_del will take
rfcomm_dev_lock, but in rfcomm_dev_add the lock order is :
rfcomm_dev_lock --> dlc lock

so I unlock dlc before the taken of rfcomm_dev_lock.

Actually it's a regression caused by commit
1905f6c7 ("bluetooth :
__rfcomm_dlc_close lock fix"), the dlc state_change could be two
callbacks : rfcomm_sk_state_change and rfcomm_dev_state_change. I
missed the rfcomm_sk_state_change that time.

Thanks Arjan van de Ven <arjan@linux.intel.com> for the effort in
commit 4c8411f8 ("bluetooth: fix
locking bug in the rfcomm socket cleanup handling") but he missed the
rfcomm_dev_state_change lock issue.
Signed-off-by: Dave Young <hidave.darkstar@gmail.com>
Acked-by: Marcel Holtmann <marcel@holtmann.org>
Signed-off-by: David S. Miller <davem@davemloft.net>

* git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6:
  [CRYPTO] cts: Init SG tables

* 'upstream-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/mfasheh/ocfs2:
  [PATCH 3/3] ocfs2/net: Silence build warnings
  [PATCH 2/3] ocfs2/dlm: Silence build warnings
  [PATCH 1/3] ocfs2/net: Silence build warnings
  ocfs2: Rename 'user_stack' plugin structure to 'ocfs2_user_plugin'

Since mmc_spi.h uses irqreturn_t type, it should include appropriate
header, otherwise build will break if users didn't include it (some of
them do not use interrupts).
Signed-off-by: Anton Vorontsov <avorontsov@ru.mvista.com>
Signed-off-by: Pierre Ossman <drzeus@drzeus.cx>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>

* git://git.kernel.org/pub/scm/linux/kernel/git/sam/kbuild-fixes:
  kbuild: fix $(src) assignmnet with external modules

* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/cooloney/blackfin-2.6:
  8250 Serial Driver: revert extra IRQ flag definition patch
  Blackfin arch: update anomaly headers from toolchain trunk
  Blackfin arch: Remove bad and usless code
  Blackfin arch: Fix bug - set corret SSEL and IRQ to enable AD7877 on BF527
  Blackfin arch: Fix typo. it should be _outsw_8
  Blackfin arch: Cleanup no functional changes

* 'merge' of git://git.kernel.org/pub/scm/linux/kernel/git/paulus/powerpc:
  [POWERPC] Fix DMA nodes in the MPC8610 HPCD device tree
  [POWERPC] Export empty_zero_page and copy_page in arch/ppc
  [POWERPC] Add "memory" clobber to MMIO accessors
  [POWERPC] pasemi: update pasemi_defconfig, enable electra_cf
  electra_cf: Add MODULE_DEVICE_TABLE()

Steps to reproduce:

	modprobe tcrypt		# with CONFIG_DEBUG_SG=y

testing cts(cbc(aes)) encryption
test 1 (128 bit key):
------------[ cut here ]------------
kernel BUG at include/linux/scatterlist.h:65!
invalid opcode: 0000 [1] PREEMPT SMP DEBUG_PAGEALLOC
CPU 0 
Modules linked in: tea xts twofish twofish_common tcrypt(+) [maaaany]
Pid: 16151, comm: modprobe Not tainted 2.6.26-rc4-fat #7
RIP: 0010:[<ffffffffa0bf032e>]  [<ffffffffa0bf032e>] :cts:cts_cbc_encrypt+0x151/0x355
RSP: 0018:ffff81016f497a88  EFLAGS: 00010286
RAX: ffffe20009535d58 RBX: ffff81016f497af0 RCX: 0000000087654321
RDX: ffff8100010d4f28 RSI: ffff81016f497ee8 RDI: ffff81016f497ac0
RBP: ffff81016f497c38 R08: 0000000000000000 R09: 0000000000000011
R10: ffffffff00000008 R11: ffff8100010d4f28 R12: ffff81016f497ac0
R13: ffff81016f497b30 R14: 0000000000000010 R15: 0000000000000010
FS:  00007fac6fa276f0(0000) GS:ffffffff8060e000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 000000008005003b
CR2: 00007f12ca7cc000 CR3: 000000016f441000 CR4: 00000000000026e0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000ffff4ff0 DR7: 0000000000000400
Process modprobe (pid: 16151, threadinfo ffff81016f496000, task ffff8101755b4ae0)
Stack:  0000000000000001 ffff81016f496000 ffffffff80719f78 0000000000000001
 0000000000000001 ffffffff8020c87c ffff81016f99c918 20646c756f772049
 65687420656b696c 0000000000000020 0000000000000000 0000000033341102
Call Trace:
 [<ffffffff8020c87c>] ? restore_args+0x0/0x30
 [<ffffffffa04aa311>] ? :aes_generic:crypto_aes_expand_key+0x311/0x369
 [<ffffffff802ab453>] ? check_object+0x15a/0x213
 [<ffffffff802aad22>] ? init_object+0x6e/0x76
 [<ffffffff802ac3ae>] ? __slab_free+0xfc/0x371
 [<ffffffffa0bf05ed>] :cts:crypto_cts_encrypt+0xbb/0xca
 [<ffffffffa07108de>] ? :crypto_blkcipher:setkey+0xc7/0xec
 [<ffffffffa07110b8>] :crypto_blkcipher:async_encrypt+0x38/0x3a
 [<ffffffffa2ce9341>] :tcrypt:test_cipher+0x261/0x7c6
 [<ffffffffa2cfd9df>] :tcrypt:tcrypt_mod_init+0x9df/0x1b30
 [<ffffffff80261e35>] sys_init_module+0x9e/0x1b2
 [<ffffffff8020c15a>] system_call_after_swapgs+0x8a/0x8f
Code: 45 c0 e8 aa 24 63 df 48 c1 e8 0c 48 b9 00 00 00 00 00 e2 ff ff 48 8b 55 88 48 6b c0 68 48 01 c8 b9 21 43 65 87 48 39 4d 80 74 04 <0f> 0b eb fe f6 c2 01 74 04 0f 0b eb fe 83 e2 03 4c 89 ef 44 89 
RIP  [<ffffffffa0bf032e>] :cts:cts_cbc_encrypt+0x151/0x355
 RSP <ffff81016f497a88>
---[ end trace e8bahiarjand37fd ]---
Signed-off-by: Alexey Dobriyan <adobriyan@gmail.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>

When we introduced support for KBUILD_EXTRA_SYMBOLS
we started to include the externam module's kbuild
file when doing the final modpost step.

As external modules often do:
ccflags-y := -I$(src)

We had problems because $(src) was unassinged and
gcc then used the next parameter for -I resulting in
strange build failures.

Fix is to assign $(src) and $(obj) when building
external modules.

This fixes: http://bugzilla.kernel.org/show_bug.cgi?id=10798Signed-off-by: Sam Ravnborg <sam@ravnborg.org>
Cc: Tvrtko <tvrtko.ursulin@sophos.com>
Cc: Andrea Arcangeli <andrea@qumranet.com>
Cc: "Rafael J. Wysocki" <rjw@sisk.pl>

As Russell pointed out, original patch will break some serial configurations
because of the dependency of the <asm/serial.h> header file.

Revert it first and try to find out other solution later

Cc: Javier Herrero <jherrero@hvsistemas.es>
Cc: Alan Cox <alan@lxorguk.ukuu.org.uk>
Cc: Russell King <rmk+lkml@arm.linux.org.uk>
Signed-off-by: Bryan Wu <cooloney@kernel.org>

Signed-off-by: Mike Frysinger <vapier.adi@gmail.com>
Signed-off-by: Bryan Wu <cooloney@kernel.org>

Signed-off-by: Michael Hennerich <michael.hennerich@analog.com>
Signed-off-by: Bryan Wu <cooloney@kernel.org>

AD7877 use SSEL_2 (P9.9) and IRQ_PF8 (P9.14) on BF527

 - populating JP3 to enable STAMP
 - disable SW11.2 to disconnect SSEL_2/PF12 from Rotary NAND
 - disable SW18.1 to disconnect SSEL_2 from MAX1233 touchscreen chip
Signed-off-by: Bryan Wu <cooloney@kernel.org>

The node for DMA2 in the MPC8610 HPCD device tree has the wrong compatible
properties.  This breaks the DMA driver and the sound driver.
Signed-off-by: Timur Tabi <timur@freescale.com>
Signed-off-by: Paul Mackerras <paulus@samba.org>

Currently ext4 and fuse fail to link if modular:
ERROR: "copy_page" [fs/fuse/fuse.ko] undefined!
ERROR: "empty_zero_page" [fs/ext4/ext4dev.ko] undefined!
make[3]: *** [__modpost] Error 1
make[2]: *** [modules] Error 2
make[1]: *** [sub-make] Error 2

While arch ppc exists it may as well compile, so this exports those
symbols (which are already exported in arch/powerpc).
Signed-off-by: Tony Breeds <tony@bakeyournoodle.com>
Signed-off-by: Paul Mackerras <paulus@samba.org>

Gcc might re-order MMIO accessors vs. surrounding consistent
memory accesses, which is a "bad thing", and could break drivers.
This fixes it by adding a "memory" clobber to the MMIO accessors,
which should prevent gcc from doing that reordering.
Signed-off-by: Benjamin Herrenschmidt <benh@kernel.crashing.org>
Signed-off-by: Paul Mackerras <paulus@samba.org>

* 'upstream-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jgarzik/libata-dev:
  ahci: change the Device IDs of nvidia MCP7B AHCI controller in ahci.c
  [libata] sata_fsl: Fix broken driver, add port multiplier (PMP) support
  libata: SRST can't be trusted on PMP sil3726
  libata: fix libata-scsi kernel-doc notation
  ata: Convert to static DEFINE_SPINLOCK(lock)
  ata_piix: fix macbook ich8m problems
  sata_mv: implement SoC guideline SATA_S11
  sata_mv: workaround for 60x1 errata sata13
  sata_mv: nuke unreleased GenIIe revisions
  sata_mv: PHY_MODEx errata fixes
  sata_mv: move SOC_FLAG to hpriv

This patch silences the build warnings concerning o2net_init_nst()
and friends when building without CONFIG_DEBUG_FS enabled.
Signed-off-by: Sunil Mushran <sunil.mushran@oracle.com>
Signed-off-by: Mark Fasheh <mfasheh@suse.com>

This patch silences the build warnings concerning dlm_debug_init()
and friends when building without CONFIG_DEBUG_FS enabled.
Signed-off-by: Sunil Mushran <sunil.mushran@oracle.com>
Signed-off-by: Mark Fasheh <mfasheh@suse.com>

This patch silences the build warnings concerning o2net_debugfs_init()
and friends when building without CONFIG_DEBUG_FS enabled.
Signed-off-by: Sunil Mushran <sunil.mushran@oracle.com>
Signed-off-by: Mark Fasheh <mfasheh@suse.com>

The static structure describing the userspace cluster plugin for ocfs2
was named 'user_stack', which is a real pain when people are grep(1)ing
the tree for the program stack object 'user_stack'.  Change the name to
something distinct and namespaced.
Signed-off-by: Joel Becker <joel.becker@oracle.com>
Signed-off-by: Mark Fasheh <mfasheh@suse.com>

.. because it is.
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>

* git://git.kernel.org/pub/scm/linux/kernel/git/rusty/linux-2.6-for-linus:
  lguest: notify on empty
  virtio: force callback on empty.
  virtio_blk: fix endianess annotations
  virtio_config: fix len calculation of config elements
  virtio_net: another race with virtio_net and enable_cb
  virtio: An entropy device, as suggested by hpa.
  virtio_blk: allow read-only disks
  lguest: fix ugly <NULL> in /proc/interrupts
  virtio: set device index in common code.
  virtio: virtio_pci should not set bus_id.
  virtio: bus_id for devices should contain 'virtio'
  Fix crash in virtio_blk during modprobe ; rmmod ; modprobe
  lguest: use ioremap_cache, not ioremap

* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jbarnes/pci-2.6:
  PCI: fix rpadlpar pci hotplug driver sysfs usage

* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/dtor/input:
  Input: rename SW_RADIO to SW_RFKILL_ALL
  Input: gtco - fix double kfree in error handling path
  Input: pxa27x_keypad - miscellaneous fixes
  Input: atkbd - mark keyboard as disabled when suspending/unloading
  Input: apanel - remove duplicate include
  Input: wm9713 - support five wire panels
  Input: wm97xx-core - fix race on PHY init
  Input: wm97xx-core - fix driver name
  Input: wm97xx-core - report a phys for WM97xx touchscreens
  Input: i8042 - make sure Dritek quirk is invoked at resume
  Input: i8042 - add Dritek quirk for Acer TravelMate 660

* Wim Van Sebroeck <wim@iguana.be> wrote:

> Author: Jordan Crouse <jordan.crouse@amd.com>
> Date:   Mon Jan 21 10:07:00 2008 -0700
>
>     [WATCHDOG] Add a watchdog driver based on the CS5535/CS5536 MFGPT timers

-tip testing found the following build failure on latest -git:

  drivers/watchdog/geodewdt.c: In function 'geodewdt_probe':
  drivers/watchdog/geodewdt.c:225: error: too many arguments to function 'geode_mfgpt_alloc_timer'
  make[1]: *** [drivers/watchdog/geodewdt.o] Error 1
  make: *** [drivers/watchdog/geodewdt.o] Error 2

with this config:

  http://redhat.com/~mingo/misc/config-Fri_May_30_15_19_52_CEST_2008.bad

find the fix below.
Signed-off-by: Ingo Molnar <mingo@elte.hu>
Acked-by: Jordan Crouse <jordan.crouse@amd.com>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>

When Greg "fixed" the sysfs usage of that driver a while back, he seem
to have introduced a bug where the quotes are added around the name of
our specific sysfs files, thus breaking the user space tool.

This fixes it. Tested DLPAR operations on a POWER6 machine successfully.
Signed-off-by: Benjamin Herrenschmidt <benh@kernel.crashing.org>
Signed-off-by: Jesse Barnes <jbarnes@virtuousgeek.org>

Change the partial Device IDs of nvidia MCP7B AHCI controller in ahci.c,
as the actual PCI IDs deployed in the field differed from the forecasted ones
preemptively placed in the driver.
Signed-off-by: Peer Chen <peerchen@gmail.com>
Signed-off-by: Jeff Garzik <jgarzik@redhat.com>

The following commit (4c9bf4e7):
libata: replace tf_read with qc_fill_rtf for non-SFF drivers

Broke the sata_fsl.c driver in 2.6.26-rc.  I know the following patch fixes
the issue, it clearly also adds port multipler support.  The current
2.6.26-rc driver is broken.

On boot with debug enabled we get something like (w/o this patch):

spurious interrupt!!, CC = 0x1
interrupt status 0x1
xx_scr_read, reg_in = 1
spurious interrupt!!, CC = 0x1
interrupt status 0x1
xx_scr_read, reg_in = 1
spurious interrupt!!, CC = 0x1
interrupt status 0x1
xx_scr_read, reg_in = 1

.. continues for ever.

This change fixes this as a side effect of adding port multiplier support.
Signed-off-by: Ashish Kalra <ashish.kalra@freescale.com>
Signed-off-by: Jeff Garzik <jgarzik@redhat.com>

As in sil4726, SRST can't be trusted on sil3726 causing detection
problems under certain configuraitons.  I thought it was from the
Config Disk device but apparently not.
Signed-off-by: Tejun Heo <htejun@gmail.com>
Signed-off-by: Jeff Garzik <jgarzik@redhat.com>

Fix libata-scsi kernel-doc notation:

Warning(linux-2.6.25-git15//drivers/ata/libata-scsi.c:1659): No description found for parameter 'cmd'
Warning(linux-2.6.25-git15//drivers/ata/libata-scsi.c:1971): No description found for parameter 'buf'
Signed-off-by: Randy Dunlap <randy.dunlap@oracle.com>
Signed-off-by: Jeff Garzik <jgarzik@redhat.com>

Replace deprecated static spinlock_t instance to static DEFINE_SPINLOCK(lock).
Signed-off-by: Pradeep Singh <rautelap@gmail.com>
Signed-off-by: Jeff Garzik <jgarzik@redhat.com>

ICH8M on macbooks are peculiar in that some of them lock up when the
second port is enabled, some return bogus values on SIDPR access while
yet others hang on SIDPR access.  Also, the ich8m_apple_sata entry was
wrongly added below generic ich8m entry making it virtually useless.

This patch works around macbook ich8m problems by

* moving ich8m_apple_sata entry above generic ich8m entry
* dropping PIIX_FLAG_SIDPR from ich8m_apple_sata
* adding subsystem 106b:00a1 as ich8m_apple_sata

Reported and tested by MATSUBAYASHI.
Signed-off-by: Tejun Heo <htejun@gmail.com>
Cc: MATSUBAYASHI 'Shaolin' Kohji <shaolin@rhythmaning.org>
Signed-off-by: Jeff Garzik <jgarzik@redhat.com>

The 5182 System-On-Chip (SOC) variant wants certain lower
bits to be cleared on any write to the PHY_MODE3 register.

If/when support is added for other SOC variants, we'll need
some way to uniquely identify the 5182, and not perform this
workaround for the others.

But for now, it is the only SOC variant we support here.
Signed-off-by: Mark Lord <mlord@pobox.com>
Signed-off-by: Jeff Garzik <jgarzik@redhat.com>

The "B2" variant of the 6041/6081 (genII) chips requires
that the PHY_MODE3 register be rewritten after any write
to PHY_MODE4.

This fixes a regression introduced by an earlier patch.
Signed-off-by: Mark Lord <mlord@pobox.com>
Signed-off-by: Jeff Garzik <jgarzik@redhat.com>

The only public release of the 6042/7042 chips was/is revision "B0".
Remove code that attempted to deal with earlier, non-released revs.
This matches the logic of the current Marvell "proprietary" driver.

Also, bump up the sata_mv version number, to reflect this batch of erratas.
Signed-off-by: Mark Lord <mlord@pobox.com>
Signed-off-by: Jeff Garzik <jgarzik@redhat.com>

Fix and update the errata handling for the PHY_MODEx registers.
This improves receiver noise tolerance, among other things.
Signed-off-by: Mark Lord <mlord@pobox.com>
Signed-off-by: Jeff Garzik <jgarzik@redhat.com>

Convert the System-on-Chip flag from a host flag to an hpriv flag,
for better consistency with other chip-rev flags, and for easier use
in errata fixes etc.

Also change the related "HAS_PCI()" into "!IS_SOC()" for better consistency
of naming/use (everything else SOC-related already uses "SOC").

There are no functionality changes in this patch.
Signed-off-by: Mark Lord <mlord@pobox.com>
Signed-off-by: Jeff Garzik <jgarzik@redhat.com>

* git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-2.6: (26 commits)
  llc: Fix double accounting of received packets
  netfilter: nf_conntrack_expect: fix error path unwind in nf_conntrack_expect_init()
  bluetooth: fix locking bug in the rfcomm socket cleanup handling
  mac80211: fix alignment issue with compare_ether_addr()
  mac80211: Fix for NULL pointer dereference in sta_info_get()
  mac80211: fix a typo in ieee80211_handle_filtered_frame comment
  rndis_wlan: add missing range check for power_output modparam
  iwlwifi: fix rate scale TLC column selection bug
  iwlwifi: fix exit from stay_in_table state
  rndis_wlan: Make connections to TKIP PSK networks work
  mac80211 : Fixes the status message for iwconfig
  rt2x00: Use atomic interface iteration in irq context
  rt2x00: Reset antenna RSSI after switch
  rt2x00: Don't count retries as failure
  rt2x00: Fix memleak in tx() path
  mac80211: reorder channel and freq reporting in wext scan report
  b43: Fix controller restart crash
  mac80211: fix ieee80211_rx_bss_put/get imbalance
  net/mac80211: always true conditionals
  b43: Upload both beacon templates on initial load
  ...

* 'for-linus' of git://git390.osdl.marist.edu/pub/scm/linux-2.6:
  [S390] Update default configuration.
  [S390] disassembler: fix idte instruction format.
  [S390] tape: fix race with stack local wait_queue_head_t.
  [S390] 3270: fix race with stack local wait_queue_head_t.
  [S390] dasd: use a generic wait_queue for sleep_on
  [S390] sclp_vt220: fix scheduling while atomic bug.
  [S390] showmem: Only walk spanned pages.
  [S390] appldata: prevent cpu hotplug when walking cpu_online_map.
  [S390] Fix section mismatch warnings.
  [S390] s390 types: make dma_addr_t 64 bit capable
  [S390] tape: Fix race condition in tape block device driver
  [S390] fix sparsemem related compile error with allnoconfig on s390