On hosts without the XSAVE support unprivileged local user can trigger
oops similar to the one below by setting X86_CR4_OSXSAVE bit in guest
cr4 register using KVM_SET_SREGS ioctl and later issuing KVM_RUN
ioctl.

invalid opcode: 0000 [#2] SMP
Modules linked in: tun ip6table_filter ip6_tables ebtable_nat ebtables
...
Pid: 24935, comm: zoog_kvm_monito Tainted: G      D      3.2.0-3-686-pae
EIP: 0060:[<f8b9550c>] EFLAGS: 00210246 CPU: 0
EIP is at kvm_arch_vcpu_ioctl_run+0x92a/0xd13 [kvm]
EAX: 00000001 EBX: 000f387e ECX: 00000000 EDX: 00000000
ESI: 00000000 EDI: 00000000 EBP: ef5a0060 ESP: d7c63e70
 DS: 007b ES: 007b FS: 00d8 GS: 00e0 SS: 0068
Process zoog_kvm_monito (pid: 24935, ti=d7c62000 task=ed84a0c0
task.ti=d7c62000)
Stack:
 00000001 f70a1200 f8b940a9 ef5a0060 00000000 00200202 f8769009 00000000
 ef5a0060 000f387e eda5c020 8722f9c8 00015bae 00000000 ed84a0c0 ed84a0c0
 c12bf02d 0000ae80 ef7f8740 fffffffb f359b740 ef5a0060 f8b85dc1 0000ae80
Call Trace:
 [<f8b940a9>] ? kvm_arch_vcpu_ioctl_set_sregs+0x2fe/0x308 [kvm]
...
 [<c12bfb44>] ? syscall_call+0x7/0xb
Code: 89 e8 e8 14 ee ff ff ba 00 00 04 00 89 e8 e8 98 48 ff ff 85 c0 74
1e 83 7d 48 00 75 18 8b 85 08 07 00 00 31 c9 8b 95 0c 07 00 00 <0f> 01
d1 c7 45 48 01 00 00 00 c7 45 1c 01 00 00 00 0f ae f0 89
EIP: [<f8b9550c>] kvm_arch_vcpu_ioctl_run+0x92a/0xd13 [kvm] SS:ESP
0068:d7c63e70

QEMU first retrieves the supported features via KVM_GET_SUPPORTED_CPUID
and then sets them later. So guest's X86_FEATURE_XSAVE should be masked
out on hosts without X86_FEATURE_XSAVE, making kvm_set_cr4 with
X86_CR4_OSXSAVE fail. Userspaces that allow specifying guest cpuid with
X86_FEATURE_XSAVE even on hosts that do not support it, might be
susceptible to this attack from inside the guest as well.

Allow setting X86_CR4_OSXSAVE bit only if host has XSAVE support.

Signed-off-by: Petr Matousek <pmatouse@redhat.com>
Signed-off-by: Marcelo Tosatti <mtosatti@redhat.com>

Pull KVM fix from Marcelo Tosatti.

* git://git.kernel.org/pub/scm/virt/kvm/kvm:
  KVM: x86: fix vcpu->mmio_fragments overflow

Pull scsi target fixes from Nicholas Bellinger:
 "These are the current target pending fixes headed for v3.7-rc4 code.
  This includes the following highlights:

   - Fix long-standing qla2xxx target bug where certain fc_port_t state
     transitions could cause the internal session b-tree list to become
     out-of-sync.  (Roland)
   - Fix task management double free of se_cmd descriptor in exception
     path for users of target_submit_tmr().  (nab)
   - Re-introduce simple NOP emulation of REZERO_UNIT, SEEK_6, and
     SEEK_10 SCSI-2 commands in order to support legacy initiators that
     still require them.  (Bernhard)

  Note these three patches are also CC'ed to stable.

  Also, there a couple of outstanding (external) regressions that are
  still being tracked down for tcm_fc(FCoE) and tcm_vhost fabrics for
  v3.7.0 code, so please expect another PULL as these issues identified
  -> resolved."

* git://git.kernel.org/pub/scm/linux/kernel/git/nab/target-pending:
  target: reintroduce some obsolete SCSI-2 commands
  target: Fix double-free of se_cmd in target_complete_tmr_failure
  qla2xxx: Update target lookup session tables when a target session changes
  tcm_qla2xxx: Format VPD page 83h SCSI name string according to SPC
  qla2xxx: Add missing ->vport_slock while calling qlt_update_vp_map

Pull nouveau fixes from Dave Airlie:
 "Just a nouveau set, since we have a couple of reports on lkml and
  dri-devel of regressions that this should fix I sent it along on its
  own."

* 'drm-fixes' of git://people.freedesktop.org/~airlied/linux:
  drm/nouveau: headless mode by default if pci class != vga display
  drm/nouveau: resurrect headless mode since rework
  drm/nv50/fb: prevent oops on chipsets without compression tags
  drm/nouveau: allow creation of zero-sized mm
  drm/nouveau/i2c: fix typo when checking nvio i2c port validity
  drm/nouveau: silence modesetting spam on pre-gf8 chipsets

Pull HID updates from Jiri Kosina:
 "This contains fixes for two devices by Jiri Slaby and Xianhan Yu, new
  device IDs for MacBook Pro 10,2 from Dirk Hohndel and generic
  multitouch code fix from Alan Cox."

* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jikos/hid:
  HID: Add support for the MacBook Pro 10,2 keyboard / touchpad
  HID: multitouch: fix maxcontacts problem on GeneralTouch
  HID: multitouch: put the case in the right switch statement
  HID: microsoft: fix invalid rdesc for 3k kbd

Pull sound fixes from Takashi Iwai:
 "This contains unexpectedly many changes in a wide range due to the
  fixes for races at disconnection of USB audio devices.  In the end, we
  end up covering fairly core parts of sound subsystem.

  Other than that, just a few usual small fixes."

* tag 'sound-3.7' of git://git.kernel.org/pub/scm/linux/kernel/git/tiwai/sound:
  ALSA: ice1724: Fix rate setup after resume
  ALSA: Avoid endless sleep after disconnect
  ALSA: Add a reference counter to card instance
  ALSA: usb-audio: Fix races at disconnection in mixer_quirks.c
  ALSA: usb-audio: Use rwsem for disconnect protection
  ALSA: usb-audio: Fix races at disconnection
  ALSA: PCM: Fix some races at disconnection
  ASoC: omap-dmic: Correct functional clock name
  ASoC: zoom2: Fix compile error by including correct header files
  ALSA: hda - Fix mute-LED setup for HP dv5 laptop

After commit b3356bf0 (KVM: emulator: optimize "rep ins" handling),
the pieces of io data can be collected and write them to the guest memory
or MMIO together

Unfortunately, kvm splits the mmio access into 8 bytes and store them to
vcpu->mmio_fragments. If the guest uses "rep ins" to move large data, it
will cause vcpu->mmio_fragments overflow

The bug can be exposed by isapc (-M isapc):

[23154.818733] general protection fault: 0000 [#1] SMP DEBUG_PAGEALLOC
[ ......]
[23154.858083] Call Trace:
[23154.859874]  [<ffffffffa04f0e17>] kvm_get_cr8+0x1d/0x28 [kvm]
[23154.861677]  [<ffffffffa04fa6d4>] kvm_arch_vcpu_ioctl_run+0xcda/0xe45 [kvm]
[23154.863604]  [<ffffffffa04f5a1a>] ? kvm_arch_vcpu_load+0x17b/0x180 [kvm]

Actually, we can use one mmio_fragment to store a large mmio access then
split it when we pass the mmio-exit-info to userspace. After that, we only
need two entries to store mmio info for the cross-mmio pages access

Signed-off-by: Xiao Guangrong <xiaoguangrong@linux.vnet.ibm.com>
Signed-off-by: Marcelo Tosatti <mtosatti@redhat.com>

This enables the existing drivers for keyboard and touchpad with the new
USB IDs found on the MBP 13" Reasonable Resolution (also known as the
Retina Display).

Added entries to both keyboard and mouse ignore lists.

Signed-off-by: Dirk Hohndel <dirk@hohndel.org>
Signed-off-by: Jiri Kosina <jkosina@suse.cz>

Fix maxcontacts problem for PWT GeneralTouch multi-touchscreen.

Our device didn't contain HID_DG_CONTACTMAX usage. This usage use to describe
touchscreen's maxcontacts for hid-multitouch.c to get maxcontacts automatic. We
fix the device that driver can get maxcontact from our device, hence it doesn't
need .maxcontact=10. Now there is just one device class can fix all our PWT
touchscreen.

Signed-off-by: Xianhan Yu <aroundight77@gmail.com>
Signed-off-by: Jiri Kosina <jkosina@suse.cz>

Signed-off-by: Alan Cox <alan@linux.intel.com>
Acked-by: Benjamin Tissoires <benjamin.tissoires@gmail.com>
Signed-off-by: Jiri Kosina <jkosina@suse.cz>

Microsoft Digital Media Keyboard 3000 has two interfaces, and the
second one has a report descriptor with a bug. The second collection
says:
05 01 -- global; usage page -- 01 -- Generic Desktop Controls
09 80 -- local; usage -- 80 -- System Control
a1 01 -- main; collection -- 01 -- application

85 03 -- global; report ID -- 03
19 00 -- local; Usage Minimum -- 00
29 ff -- local; Usage Maximum -- ff
15 00 -- global; Logical Minimum -- 0
26 ff 00 -- global; Logical Maximum -- ff
81 00 -- main; input

c0 -- main; End Collection

I.e. it makes us think that there are all kinds of usages of system
control. That the keyboard is a not only a keyboard, but also a
joystick, mouse, gamepad, keypad, etc. The same as for the Wireless
Desktop Receiver, this should be Physical Min/Max. So fix that
appropriately.

References: https://bugzilla.novell.com/show_bug.cgi?id=776834


Cc: <stable@vger.kernel.org>
Signed-off-by: Jiri Slaby <jslaby@suse.cz>
Signed-off-by: Jiri Kosina <jkosina@suse.cz>

The rate isn't restored properly after resume since it's only set up
in hw_params, and not in prepare callback.  For fixing it, put the
corresponding call to resume callback as well.

Reported-and-tested-by: Ondrej Zary <linux@rainbow-software.org>
Signed-off-by: Takashi Iwai <tiwai@suse.de>

Jack Lin reports that the error return from dup3() for the RLIMIT_NOFILE
case changed incorrectly after 3.6.

The culprit is commit f33ff992 ("take rlimit check to callers of
expand_files()") which when it moved the "return -EMFILE" out to the
caller, didn't notice that the dup3() had special code to turn the
EMFILE return into EBADF.

The replace_fd() helper that got added later then inherited the bug too.

Reported-by: Jack Lin <linliangjie@huawei.com>
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
[ Noted more bugs, wrote proper changelog, fixed up typos - Linus ]
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>

Merge branch 'drm-nouveau-fixes' of git://people.freedesktop.org/git/nouveau/linux-2.6 into drm-fixes

This covers all known nouveau regressions at the moment, along with a fix
to not steal the console on headless GPUs.

* 'drm-nouveau-fixes' of git://people.freedesktop.org/git/nouveau/linux-2.6:
  drm/nouveau: headless mode by default if pci class != vga display
  drm/nouveau: resurrect headless mode since rework
  drm/nv50/fb: prevent oops on chipsets without compression tags
  drm/nouveau: allow creation of zero-sized mm
  drm/nouveau/i2c: fix typo when checking nvio i2c port validity
  drm/nouveau: silence modesetting spam on pre-gf8 chipsets

This is to prevent nouveau from taking over the console on headless boards
such as Tesla.

Signed-off-by: Ben Skeggs <bskeggs@redhat.com>

Pull md fixes from NeilBrown:
 "Some fixes for md in 3.7
   - one recently introduced crash for dm-raid10 with discard
   - one bug in new functionality that has been around for a few
     releases.
   - minor bug in md's 'faulty' personality

  and UAPI disintegration for md."

* tag 'md-3.7-fixes' of git://neil.brown.name/md:
  MD RAID10: Fix oops when creating RAID10 arrays via dm-raid.c
  md/raid1: Fix assembling of arrays containing Replacements.
  md faulty: use disk_stack_limits()
  UAPI: (Scripted) Disintegrate include/linux/raid

Signed-off-by: Ben Skeggs <bskeggs@redhat.com>

Unconditionally create the tagram mm, even if there's zero tags.

Signed-off-by: Ben Skeggs <bskeggs@redhat.com>

Useful for places where a given chipset may or may not have a given
resource, and we want to avoid having to spray checks for the mm's
existance around everywhere.

Signed-off-by: Ben Skeggs <bskeggs@redhat.com>

Reported-by: Mathieu Chouquet-Stringer <mathieu@csetco.com>
Tested-by: Mathieu Chouquet-Stringer <mathieu@csetco.com>
Signed-off-by: Ben Skeggs <bskeggs@redhat.com>

Signed-off-by: Ben Skeggs <bskeggs@redhat.com>

Commit 2863b9eb didn't take into account the changes to add TRIM support to
RAID10 (commit 532a2a3f).  That is, when using dm-raid.c to create the
RAID10 arrays, there is no mddev->gendisk or mddev->queue.  The code added
to support TRIM simply assumes that mddev->queue is available without
checking.  The result is an oops any time dm-raid.c attempts to create a
RAID10 device.

Signed-off-by: Jonathan Brassow <jbrassow@redhat.com>
Signed-off-by: NeilBrown <neilb@suse.de>

setup_conf in raid1.c uses conf->raid_disks before assigning
a value.  It is used when including 'Replacement' devices.

The consequence is that assembling an array which contains a
replacement will misbehave and either not include the replacement, or
not include the device being replaced.

Though this doesn't lead directly to data corruption, it could lead to
reduced data safety.

So use mddev->raid_disks, which is initialised, instead.

Bug was introduced by commit c19d5798
      md/raid1: recognise replacements when assembling arrays.

in 3.3, so fix is suitable for 3.3.y thru 3.6.y.

Cc: stable@vger.kernel.org
Signed-off-by: NeilBrown <neilb@suse.de>

Pull GPIO fixes from Linus Walleij:
 - Fix a potential bit wrap issue in the Timberdale driver
 - Fix up the buffer allocation size in the 74x164 driver
 - Set the value in direction_output() right in the mvebu driver
 - Return proper error codes for invalid GPIOs
 - Fix an off-mode bug for the OMAP
 - Don't initialize the mask_cach on the mvebu driver

* tag 'gpio-fixes-v3.7-rc4' of git://git.kernel.org/pub/scm/linux/kernel/git/linusw/linux-gpio:
  GPIO: mvebu-gpio: Don't initialize the mask_cache
  gpio/omap: fix off-mode bug: clear debounce settings on free/reset
  gpiolib: Don't return -EPROBE_DEFER to sysfs, or for invalid gpios
  gpio: mvebu: correctly set the value in direction_output()
  gpio-74x164: Fix buffer allocation size
  gpio-timberdale: fix a potential wrapping issue

Pull ext4 bugfix from Ted Ts'o:
 "This fixes the root cause of the ext4 data corruption bug which raised
  a ruckus on LWN, Phoronix, and Slashdot.

  This bug only showed up when non-standard mount options
  (journal_async_commit and/or journal_checksum) were enabled, and when
  the file system was not cleanly unmounted, but the root cause was the
  inode bitmap modifications was not being properly journaled.

  This could potentially lead to minor file system corruptions (pass 5
  complaints with the inode allocation bitmap) after an unclean shutdown
  under the wrong/unlucky workloads, but it turned into major failure if
  the journal_checksum and/or jouaral_async_commit was enabled."

* tag 'ext4_for_linus_stable' of git://git.kernel.org/pub/scm/linux/kernel/git/tytso/ext4:
  ext4: fix unjournaled inode bitmap modification

Pull block driver update from Jens Axboe:
 "Distilled down variant, the rest will pass over to 3.8.  I pulled it
  into the for-linus branch I had waiting for a pull request as well, in
  case you are wondering why there are new entries in here too.  This
  also got rid of two reverts and the ones of the mtip32xx patches that
  went in later in the 3.6 cycle, so the series looks a bit cleaner."

* 'for-linus' of git://git.kernel.dk/linux-block:
  loop: Make explicit loop device destruction lazy
  mtip32xx:Added appropriate timeout value for secure erase
  xen/blkback: Change xen_vbd's flush_support and discard_secure to have type unsigned int, rather than bool
  cciss: select CONFIG_CHECK_SIGNATURE
  cciss: remove unneeded memset()
  xen/blkback: use kmem_cache_zalloc instead of kmem_cache_alloc/memset
  pktcdvd: update MAINTAINERS
  floppy: remove dr, reuse drive on do_floppy_init
  floppy: use common function to check if floppies can be registered
  floppy: properly handle failure on add_disk loop
  floppy: do put_disk on current dr if blk_init_queue fails
  floppy: don't call alloc_ordered_workqueue inside the alloc_disk loop
  xen/blkback: Fix compile warning
  block: Add blk_rq_pos(rq) to sort rq when plushing
  drivers/block: remove CONFIG_EXPERIMENTAL
  block: remove CONFIG_EXPERIMENTAL
  vfs: fix: don't increase bio_slab_max if krealloc() fails
  blkcg: stop iteration early if root_rl is the only request list
  blkcg: Fix use-after-free of q->root_blkg and q->root_rl.blkg

Due to the SMP nature of some of the chips, which have per CPU
registers, the driver does not use the generic irq_gc_mask_set_bit() &
irq_gc_mask_clr_bit() functions, which only support a single register.
The driver has its own implementation of these functions, which can
pick the correct register depending on the CPU being used. The
functions do however use the gc->mask_cache value.

The call to irq_setup_generic_chip() was passing
IRQ_GC_INIT_MASK_CACHE, which caused the gc->mask_cache to be
initialized to the contents of some random register. This resulted in
unexpected interrupts been delivered from random GPIO lines.

Signed-off-by: Andrew Lunn <andrew@lunn.ch>
Tested-by: Jamie Lentin <jm@lentin.co.uk>
Acked-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Tested-by: Michael Walle <michael@walle.cc>
Signed-off-by: Linus Walleij <linus.walleij@linaro.org>

When disconnect callback is called, each component should wake up
sleepers and check card->shutdown flag for avoiding the endless sleep
blocking the proper resource release.

Cc: <stable@vger.kernel.org>
Signed-off-by: Takashi Iwai <tiwai@suse.de>

For more strict protection for wild disconnections, a refcount is
introduced to the card instance, and let it up/down when an object is
referred via snd_lookup_*() in the open ops.

The free-after-last-close check is also changed to check this refcount
instead of the empty list, too.

Reported-by: Matthieu CASTET <matthieu.castet@parrot.com>
Cc: <stable@vger.kernel.org>
Signed-off-by: Takashi Iwai <tiwai@suse.de>

Similar like the previous commit, cover with chip->shutdown_rwsem
and chip->shutdown checks.

Reported-by: Matthieu CASTET <matthieu.castet@parrot.com>
Cc: <stable@vger.kernel.org>
Signed-off-by: Takashi Iwai <tiwai@suse.de>

Replace mutex with rwsem for codec->shutdown protection so that
concurrent accesses are allowed.

Also add the protection to snd_usb_autosuspend() and
snd_usb_autoresume(), too.

Reported-by: Matthieu CASTET <matthieu.castet@parrot.com>
Cc: <stable@vger.kernel.org>
Signed-off-by: Takashi Iwai <tiwai@suse.de>

Close some races at disconnection of a USB audio device by adding the
chip->shutdown_mutex and chip->shutdown check at appropriate places.

The spots to put bandaids are:
- PCM prepare, hw_params and hw_free
- where the usb device is accessed for communication or get speed, in
 mixer.c and others; the device speed is now cached in subs->speed
 instead of accessing to chip->dev

The accesses in PCM open and close don't need the mutex protection
because these are already handled in the core PCM disconnection code.

The autosuspend/autoresume codes are still uncovered by this patch
because of possible mutex deadlocks.  They'll be covered by the
upcoming change to rwsem.

Also the mixer codes are untouched, too.  These will be fixed in
another patch, too.

Reported-by: Matthieu CASTET <matthieu.castet@parrot.com>
Cc: <stable@vger.kernel.org>
Signed-off-by: Takashi Iwai <tiwai@suse.de>

Fix races at PCM disconnection:
- while a PCM device is being opened or closed
- while the PCM state is being changed without lock in prepare,
  hw_params, hw_free ops

Reported-by: Matthieu CASTET <matthieu.castet@parrot.com>
Cc: <stable@vger.kernel.org>
Signed-off-by: Takashi Iwai <tiwai@suse.de>

xfstests has always had random failures of tests due to loop devices
failing to be torn down and hence leaving filesytems that cannot be
unmounted. This causes test runs to immediately stop.

Over the past 6 or 7 years we've added hacks like explicit unmount
-d commands for loop mounts, losetup -d after unmount -d fails, etc,
but still the problems persist.  Recently, the frequency of loop
related failures increased again to the point that xfstests 259 will
reliably fail with a stray loop device that was not torn down.

That is despite the fact the test is above as simple as it gets -
loop 5 or 6 times running mkfs.xfs with different paramters:

        lofile=$(losetup -f)
        losetup $lofile "$testfile"
        "$MKFS_XFS_PROG" -b size=512 $lofile >/dev/null || echo "mkfs failed!"
        sync
        losetup -d $lofile

And losteup -d $lofile is failing with EBUSY on 1-3 of these loops
every time the test is run.

Turns out that blkid is running simultaneously with losetup -d, and
so it sees an elevated reference count and returns EBUSY.  But why
is blkid running? It's obvious, isn't it? udev has decided to try
and find out what is on the block device as a result of a creation
notification. And it is racing with mkfs, so might still be scanning
the device when mkfs finishes and we try to tear it down.

So, make losetup -d force autoremove behaviour. That is, when the
last reference goes away, tear down the device. xfstests wants it
*gone*, not causing random teardown failures when we know that all
the operations the tests have specifically run on the device have
completed and are no longer referencing the loop device.

Signed-off-by: Dave Chinner <dchinner@redhat.com>
Signed-off-by: Jens Axboe <axboe@kernel.dk>

Added appropriate timeout value for secure erase based on identify device data

Signed-off-by: Asai Thambi S P <asamymuthupa@micron.com>
Signed-off-by: Selvan Mani <smani@micron.com>
Signed-off-by: Jens Axboe <axboe@kernel.dk>

xen/blkback: Change xen_vbd's flush_support and discard_secure to have type unsigned int, rather than bool

Changing the type of bdev parameters to be unsigned int :1, rather than bool.
This is more consistent with the types of other features in the block drivers.

Signed-off-by: Oliver Chick <oliver.chick@citrix.com>
Signed-off-by: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
Signed-off-by: Jens Axboe <axboe@kernel.dk>

The patch cciss-use-check_signature.patch in -mm tree introduced
a build error:

drivers/built-in.o: In function `CISS_signature_present':
drivers/block/cciss.c:4270: undefined reference to `check_signature'

Add missing CONFIG_CHECK_SIGNATURE to fix this issue.

Reported-by: Fengguang Wu <wfg@linux.intel.com>
Signed-off-by: Akinobu Mita <akinobu.mita@gmail.com>
Cc: Fengguang Wu <wfg@linux.intel.com>
Cc: Mike Miller <mike.miller@hp.com>
Cc: Jens Axboe <axboe@kernel.dk>
Acked-by: "Stephen M. Cameron" <scameron@beardog.cce.hp.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Jens Axboe <axboe@kernel.dk>

The memory return by kzalloc() or kmem_cache_zalloc() has already be set
to zero, so remove useless memset(0).

spatch with a semantic match is used to found this problem.
(http://coccinelle.lip6.fr/

)

Signed-off-by: Wei Yongjun <yongjun_wei@trendmicro.com.cn>
Cc: Mike Miller <mike.miller@hp.com>
Cc: Jens Axboe <axboe@kernel.dk>
Cc: Stephen M. Cameron <scameron@beardog.cce.hp.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Jens Axboe <axboe@kernel.dk>

Using kmem_cache_zalloc() instead of kmem_cache_alloc() and memset().

spatch with a semantic match is used to found this problem.
(http://coccinelle.lip6.fr/

)

Signed-off-by: Wei Yongjun <yongjun_wei@trendmicro.com.cn>
Signed-off-by: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>

Peter is not going to maintain the driver any more. I have the
hardware.

Acked-by: Peter Osterlund <petero2@telia.com>
Signed-off-by: Jiri Kosina <jkosina@suse.cz>