This mouse, when asked about the battery, ceases to report movements and
clicks. So just don't ask.
Signed-off-by: NAlexander E. Patrakov <patrakov@gmail.com>
Signed-off-by: NJiri Kosina <jkosina@suse.cz>

The critical section protected by usbhid->lock in hid_ctrl() is too
big and because of this it causes a recursive deadlock. "Too big" means
the case statement and the call to hid_input_report() do not need to be
protected by the spinlock (no URB operations are done inside them).

The deadlock happens because in certain rare cases drivers try to grab
the lock while handling the ctrl irq which grabs the lock before them
as described above. For example newer wacom tablets like 056a:033c try
to reschedule proximity reads from wacom_intuos_schedule_prox_event()
calling hid_hw_request() -> usbhid_request() -> usbhid_submit_report()
which tries to grab the usbhid lock already held by hid_ctrl().

There are two ways to get out of this deadlock:
    1. Make the drivers work "around" the ctrl critical region, in the
    wacom case for ex. by delaying the scheduling of the proximity read
    request itself to a workqueue.
    2. Shrink the critical region so the usbhid lock protects only the
    instructions which modify usbhid state, calling hid_input_report()
    with the spinlock unlocked, allowing the device driver to grab the
    lock first, finish and then grab the lock afterwards in hid_ctrl().

This patch implements the 2nd solution.
Signed-off-by: NIoan-Adrian Ratiu <adi@adirat.com>
Signed-off-by: NJiri Kosina <jkosina@suse.cz>

The code in hid_debug_event() causes horrible code generation. First,
we do a strlen() call for every byte we copy (we're doing a store to
global memory, so gcc has no way of proving that strlen(buf) doesn't
change). Second, since both i, list->tail and HID_DEBUG_BUFSIZE have
signed type, the modulo computation has to take into account the
possibility that list->tail+i is negative, so it's not just a simple
and.

Fix the former by simply not doing strlen() at all (we have to load
buf[i] anyway, so testing it is almost free) and the latter by
changing i to unsigned. This cuts 29% (69 bytes) of the size of the
function.
Signed-off-by: NRasmus Villemoes <linux@rasmusvillemoes.dk>
Signed-off-by: NJiri Kosina <jkosina@suse.cz>

If an event is discarded the device stays idle.  Just reverse the order of
check and marking busy.

Found by code inspection.
Signed-off-by: NOliver Neukum <oneukum@suse.com>
Signed-off-by: NJiri Kosina <jkosina@suse.cz>

scnprintf() exists to provide these semantics, so we might as well use
it.
Signed-off-by: NRasmus Villemoes <linux@rasmusvillemoes.dk>
Signed-off-by: NJiri Kosina <jkosina@suse.cz>

Currently the sysfs report_descriptor attribute is only available if the device
is claimed.  We have the descriptor before we even create the device node, so
just instantiate report_descriptor statically.
Signed-off-by: NAndy Lutomirski <luto@kernel.org>
Signed-off-by: NJiri Kosina <jkosina@suse.cz>

The NOLINK state will poll the phy once a second to see if the link
has come up. If the phy has an interrupt line, this polling can be
skipped, since the phy should interrupt when the link returns.
Signed-off-by: NAndrew Lunn <andrew@lunn.ch>
Signed-off-by: NDavid S. Miller <davem@davemloft.net>

The 88E1540 can be found embedded in the Marvell 88E6352 switch.  It
is compatible with the 88E1510, so add support for it, using the
88E1510 specific functions.
Signed-off-by: NAndrew Lunn <andrew@lunn.ch>
Signed-off-by: NDavid S. Miller <davem@davemloft.net>

Reset pskb in macvlan_handle_frame in case skb_share_check returned a
clone.

Fixes: 8a4eb573 ("net: introduce rx_handler results and logic around that")
Signed-off-by: NSabrina Dubroca <sd@queasysnail.net>
Signed-off-by: NDavid S. Miller <davem@davemloft.net>

ipvlan_handle_frame is a rx_handler, and when it returns a value other
than RX_HANDLER_CONSUMED (here, NET_RX_DROP aka RX_HANDLER_ANOTHER),
__netif_receive_skb_core expects that the skb still exists and will
process it further, but we just freed it.

Fixes: 2ad7bf36 ("ipvlan: Initial check-in of the IPVLAN driver.")
Signed-off-by: NSabrina Dubroca <sd@queasysnail.net>
Signed-off-by: NDavid S. Miller <davem@davemloft.net>

Pass a **skb to ipvlan_rcv_frame so that if skb_share_check returns a
new skb, we actually use it during further processing.

It's safe to ignore the new skb in the ipvlan_xmit_* functions, because
they call ipvlan_rcv_frame with local == true, so that dev_forward_skb
is called and always takes ownership of the skb.

Fixes: 2ad7bf36 ("ipvlan: Initial check-in of the IPVLAN driver.")
Signed-off-by: NSabrina Dubroca <sd@queasysnail.net>
Signed-off-by: NDavid S. Miller <davem@davemloft.net>

By default the driver allowed incorrect frames to be received. What is
worse the code does not handle very short frames correctly. The FCS
length is unconditionally subtracted, and the underflow can cause
skb_put to be called with large number after implicit cast to unsigned.
And indeed, an skb_over_panic() was observed with via-velocity.

This removes the module parameter as it does not work in it's
current state, and should be implemented via NETIF_F_RXALL if needed.
Suggested-by: NFrancois Romieu <romieu@fr.zoreil.com>
Signed-off-by: NTimo Teräs <timo.teras@iki.fi>
Signed-off-by: NDavid S. Miller <davem@davemloft.net>

Given that INTUOSHT < BAMBOO_PT

	features->type >= INTUOSHT || features->type <= BAMBOO_PT

condition is always true, and therefore device_type is under certain
circumstances wrongly set with WACOM_DEVICETYPE_PAD bit set.

Fix the condition so that it actually represents the range as intended.
Reported-by: NDavid Binderman <dcb314@hotmail.com>
Signed-off-by: NJiri Kosina <jkosina@suse.cz>

Now that IP1000A chips are supported by dl2k driver, the buggy ipg
driver can be removed.
Signed-off-by: NOndrej Zary <linux@rainbow-software.org>
Signed-off-by: NDavid S. Miller <davem@davemloft.net>

Add support for IP1000A chips to dl2k driver.
IP1000A chip looks like a TC9020 with integrated PHY.

This allows IP1000A chips to work reliably because the ipg driver is
buggy - it loses packets under load and then completely stops
transmitting data.

Tested with Asus NX1101 v2.0 at 10, 100 and 1000Mbps:
vendor=0x13f0 device=0x1023 (rev 0x41)
subsystem vendor=0x1043 device=0x8180

MAC address registers access needed to be changed from 8-bit to 16-bit
because 8-bit does not work on IP1000A. 8-bit access is not even
allowed in the TC9020 datasheet (although it worked). 16-bit access
works on both.

Tested that it does not break D-Link DGE-550T (DL-2000 chip, probably
a rebranded TC9020):
vendor=0x1186 device=0x4000 (rev 0x0c)
subsystem vendor=0x1186 device=0x4000
Signed-off-by: NOndrej Zary <linux@rainbow-software.org>
Reviewed-by: NAndy Shevchenko <andy.shevchenko@gmail.com>
Signed-off-by: NDavid S. Miller <davem@davemloft.net>

In some cases the crash is caused by nicvf_remove() being called from
outside. For example, if we try to feed the device to vfio after the
probe has failed for some reason. So, move the check to better place.
Signed-off-by: NPavel Fedin <p.fedin@samsung.com>
Signed-off-by: NDavid S. Miller <davem@davemloft.net>

Commit 05cc5a39 "bnx2x: add vlan filtering offload" introduced
a regression in regard for vlans for 57710, 57711 adapters -
Loading 8021q module on a machine with such an adapter would cause
a null pointer dereference, as the driver mistakenly publishes it
has capabilities for vlan CTAG filtering.
Reported-by: NOtto Sabart <osabart@redhat.com>
Signed-off-by: NYuval Mintz <Yuval.Mintz@qlogic.com>
Signed-off-by: NAriel Elior <Ariel.Elior@qlogic.com>
Signed-off-by: NDavid S. Miller <davem@davemloft.net>

This driver does not handle the AVB-DMAC Receive FIFO Warning interrupt
now, so the interrupt should not be enabled.
Signed-off-by: NMasaru Nagai <masaru.nagai.vx@renesas.com>
Signed-off-by: NYoshihiro Kaneko <ykaneko0929@gmail.com>
Signed-off-by: NDavid S. Miller <davem@davemloft.net>

This pci_error_handlers structure is never modified, like all the other
pci_error_handlers structures, so declare it as const.

Done with the help of Coccinelle.
Signed-off-by: NJulia Lawall <Julia.Lawall@lip6.fr>
Signed-off-by: NDavid S. Miller <davem@davemloft.net>

This pci_error_handlers structure is never modified, like all the other
pci_error_handlers structures, so declare it as const.

Done with the help of Coccinelle.
Signed-off-by: NJulia Lawall <Julia.Lawall@lip6.fr>
Signed-off-by: NDavid S. Miller <davem@davemloft.net>

Signed-off-by: NShrikrishna Khare <skhare@vmware.com>
Reported-by: NMasao Uebayashi <uebayasi@gmail.com>
Signed-off-by: NBhavesh Davda <bhavesh@vmware.com>
Signed-off-by: NDavid S. Miller <davem@davemloft.net>

Since Dell DW5580 is a 3G modem, this patch adds the device as a
mobile broadband adapter
Signed-off-by: NDaniele Palmas <dnlplm@gmail.com>
Signed-off-by: NDavid S. Miller <davem@davemloft.net>

Signed-off-by: NIvan Vecera <ivecera@redhat.com>
Signed-off-by: NDavid S. Miller <davem@davemloft.net>

Remove rsstable array and its initialization from be_set_rss_hash_opts().
The array became unused after "e2557877 be2net: Support for configurable
RSS hash key". The initial RSS table is now filled and stored for later
usage during Rx queue creation.
Signed-off-by: NIvan Vecera <ivecera@redhat.com>
Acked-by: NSathya Perla <sathya.perla@avagotech.com>
Signed-off-by: NDavid S. Miller <davem@davemloft.net>

When RX/TX interrupt for Network Control queue and Best Effort queue
is issued at the same time, the interrupt mask of Network Control
queue will be reset when the mask of Best Effort queue is set.
This patch fixes this problem.
Signed-off-by: NMasaru Nagai <masaru.nagai.vx@renesas.com>
Signed-off-by: NYoshihiro Kaneko <ykaneko0929@gmail.com>
Acked-by: NGeert Uytterhoeven <geert+renesas@glider.be>
Acked-by: NSimon Horman <horms+renesas@verge.net.au>
Signed-off-by: NDavid S. Miller <davem@davemloft.net>

On certain hardware after software reboot the chip may get stuck and fail
to reinitialize during reset. This can be fixed by ensuring that PHY is
reset too.

Old PHY resetting method required operational MDIO interface, therefore
the chip should have been already set up. In order to be able to function
during probe, it is changed to use PMT_CTRL register.

The problem could be observed on SMDK5410 board.
Signed-off-by: NPavel Fedin <p.fedin@samsung.com>
Signed-off-by: NDavid S. Miller <davem@davemloft.net>

This adds support for the Vitesse VSC8601 PHY. Generic functions are
used for everything except interrupt handling.
Signed-off-by: NMans Rullgard <mans@mansr.com>
Reviewed-by: NFlorian Fainelli <f.fainelli@gmail.com>
Signed-off-by: NDavid S. Miller <davem@davemloft.net>

Commit 77a99394 "phy/at8031: enable at8031 to work on interrupt mode"
added interrupt support for the 8031 PHY but left out the other two
chips supported by this driver.

This patch sets the .ack_interrupt and .config_intr functions for the
8030 and 8035 drivers as well.
Signed-off-by: NMans Rullgard <mans@mansr.com>
Reviewed-by: NFlorian Fainelli <f.fainelli@gmail.com>
Signed-off-by: NDavid S. Miller <davem@davemloft.net>

Currently it's assumed that firmware exports only the class of sensors
supported by the driver. However with newer firmware or SCPI protocol
revision, support for newer classes of sensors can be present.

The driver fails to probe with the following warning if an unsupported
class of sensor is encountered in the firmware.

sysfs: cannot create duplicate filename
	'/devices/platform/scpi/scpi:sensors/hwmon/hwmon0/'
------------[ cut here ]------------
WARNING: at fs/sysfs/dir.c:31
Modules linked in:

CPU: 0 PID: 6 Comm: kworker/u12:0 Not tainted 4.3.0-rc7 #137
Hardware name: ARM Juno development board (r0) (DT)
Workqueue: deferwq deferred_probe_work_func
PC is at sysfs_warn_dup+0x54/0x78
LR is at sysfs_warn_dup+0x54/0x78

This patch fixes the above issue by skipping through the unsupported
class of SCPI sensors.

Fixes: 68acc77a ("hwmon: Support thermal zones registration for SCP temperature sensors")
Fixes: ea98b29a ("hwmon: Support sensors exported via ARM SCP interface")
Cc: Guenter Roeck <linux@roeck-us.net>
Reviewed-by: NPunit Agrawal <punit.agrawal@arm.com>
Signed-off-by: NSudeep Holla <sudeep.holla@arm.com>
Signed-off-by: NGuenter Roeck <linux@roeck-us.net>

The newly added scpi thermal support is broken when the scpi driver
is built-in but the thermal driver is a loadable module:

drivers/built-in.o: In function `scpi_hwmon_probe':
(.text+0x444d70): undefined reference to `thermal_zone_of_sensor_unregister'
(.text+0x444d94): undefined reference to `thermal_zone_of_sensor_register'
drivers/built-in.o: In function `scpi_hwmon_remove':
(text+0x444e6c): undefined reference to `thermal_zone_of_sensor_unregister'

This uses the same Kconfig trick that we have in a couple of other
drivers already to ensure we can only select the driver in valid
configurations when either THERMAL_OF is disabled, or when with a
dependency on CONFIG_THERMAL that can force SCPI to be a loadable
module in the case I was hitting.
Signed-off-by: NArnd Bergmann <arnd@arndb.de>
Fixes: 68acc77a ("hwmon: Support thermal zones registration for SCP temperature sensors")
Signed-off-by: NGuenter Roeck <linux@roeck-us.net>

Fix the following "maybe used uninitialized" warnings by
initializing the variables to keep the compiler quiet.
There is no "used uninitialized" in this case.

  CC [M]  drivers/hwmon/applesmc.o
drivers/hwmon/applesmc.c: In function ‘applesmc_init_smcreg’:
drivers/hwmon/applesmc.c:595:43: warning: ‘right_light_sensor’
may be used uninitialized in this function [-Wmaybe-uninitialized]
  s->num_light_sensors = left_light_sensor + right_light_sensor;
                                           ^
drivers/hwmon/applesmc.c:540:26: note: ‘right_light_sensor’ was
declared here
  bool left_light_sensor, right_light_sensor;
                          ^
drivers/hwmon/applesmc.c:595:43: warning: ‘left_light_sensor’ may
be used uninitialized in this function [-Wmaybe-uninitialized]
  s->num_light_sensors = left_light_sensor + right_light_sensor;
                                           ^
drivers/hwmon/applesmc.c:540:7: note: ‘left_light_sensor’ was
declared here
  bool left_light_sensor, right_light_sensor;
       ^
Signed-off-by: NShuah Khan <shuahkh@osg.samsung.com>
Signed-off-by: NGuenter Roeck <linux@roeck-us.net>

Since a0de56c8 ("hwmon: (ina2xx) convert driver to using regmap")
the driver requires REGMAP_I2C to build.  Select it by default
in Kconfig.
Reported-by: NGuo Chunrong <B40290@freescale.com>
Cc: Marc Titinger <mtitinger@baylibre.com>
Signed-off-by: NLi Yang <leoli@freescale.com>
Fixes: a0de56c8 ("hwmon: (ina2xx) convert driver to using regmap")
Signed-off-by: NGuenter Roeck <linux@roeck-us.net>

To align with the mv88e6xxx code, use the register defines to
access all the register addresses and bit fields.
Acked-by: NAndrew Lunn <andrew@lunn.ch>
Signed-off-by: NNeil Armstrong <narmstrong@baylibre.com>
Signed-off-by: NDavid S. Miller <davem@davemloft.net>

To align with the mv88e6xxx code, add a similar header file
with all the register defines.
The file is based on the mv88e6xxx header for coherency.
Acked-by: NAndrew Lunn <andrew@lunn.ch>
Signed-off-by: NNeil Armstrong <narmstrong@baylibre.com>
Acked-by: NVivien Didelot <vivien.didelot@savoirfairelinux.com>
Signed-off-by: NDavid S. Miller <davem@davemloft.net>

According to the mv88e6060 datasheet, the first mac byte must
be at position 9 instead of 8 since the bit 8 is used to select
if the mac address must differ for each port for Pause frames.
Use the correct shift and set the same mac address for all port.
Acked-by: NAndrew Lunn <andrew@lunn.ch>
Signed-off-by: NNeil Armstrong <narmstrong@baylibre.com>
Signed-off-by: NDavid S. Miller <davem@davemloft.net>

According to the mv88e6060 datasheet, the MaxFrameSize bit position
is 10 instead of 11 which is reserved.
Use the bit correctly to setup max frame size to 1536.
Acked-by: NAndrew Lunn <andrew@lunn.ch>
Signed-off-by: NNeil Armstrong <narmstrong@baylibre.com>
Signed-off-by: NDavid S. Miller <davem@davemloft.net>

According to the mv88e6060 datasheet, the InitReady bit position
is 11 and the polarity is inverted.
Use the bit correctly to detect the end of initialization.
Acked-by: NAndrew Lunn <andrew@lunn.ch>
Signed-off-by: NNeil Armstrong <narmstrong@baylibre.com>
Acked-by: NVivien Didelot <vivien.didelot@savoirfairelinux.com>
Signed-off-by: NDavid S. Miller <davem@davemloft.net>

As of mv88e6xxx remove the poll_link callback since the link
state change polling is now handled by the phylib.

Tested on a mv88e6060 B0 device with a TI DM816X SoC.
Suggested-by: NAndrew Lunn <andrew@lunn.ch>
Acked-by: NAndrew Lunn <andrew@lunn.ch>
Signed-off-by: NNeil Armstrong <narmstrong@baylibre.com>
Signed-off-by: NDavid S. Miller <davem@davemloft.net>

The err variable wasn't set with the correct error value in some cases.

Fixes: 47605df9 ('mlx4: Modify proxy/tunnel QP mechanism [..]')
Signed-off-by: NNoa Osherovich <noaos@mellanox.com>
Signed-off-by: NOr Gerlitz <ogerlitz@mellanox.com>
Signed-off-by: NDavid S. Miller <davem@davemloft.net>

When cleaning slave's counter resources, we hold a spinlock that
protects the slave's counters list. As part of the clean, we call
__mlx4_clear_if_stat which calls mlx4_alloc_cmd_mailbox which is a
sleepable function.

In order to fix this issue, hold the spinlock, and copy all counter
indices into a temporary array, and release the spinlock. Afterwards,
iterate over this array and free every counter. Repeat this scenario
until the original list is empty (a new counter might have been added
while releasing the counters from the temporary array).

Fixes: b72ca7e9 ("net/mlx4_core: Reset counters data when freed")
Reported-by: NMoni Shoua <monis@mellanox.com>
Tested-by: NMoni Shoua <monis@mellanox.com>
Signed-off-by: NJack Morgenstein <jackm@dev.mellanox.co.il>
Signed-off-by: NEran Ben Elisha <eranbe@mellanox.com>
Signed-off-by: NOr Gerlitz <ogerlitz@mellanox.com>
Signed-off-by: NDavid S. Miller <davem@davemloft.net>