Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/rusty/linux-2.6-cpumask into merge-rr-cpumask

Conflicts:
	arch/x86/kernel/io_apic.c
	kernel/rcuclassic.c
	kernel/sched.c
	kernel/time/tick-sched.c

Signed-off-by: Mike Travis <travis@sgi.com>
[ mingo@elte.hu: backmerged typo fix for io_apic.c ]
Signed-off-by: Ingo Molnar <mingo@elte.hu>

148 files changed, 4560 insertions, 4041 deletions

diff --git a/arch/x86/Kconfig b/arch/x86/Kconfig
index 0ca2eb7573cd..249d1e0824b5 100644
--- a/arch/x86/Kconfig
+++ b/arch/x86/Kconfig
@@ -19,6 +19,8 @@ config X86_64
 config X86
         def_bool y
         select HAVE_AOUT if X86_32
+        select HAVE_READQ
+        select HAVE_WRITEQ
         select HAVE_UNSTABLE_SCHED_CLOCK
         select HAVE_IDE
         select HAVE_OPROFILE
@@ -90,6 +92,10 @@ config GENERIC_IOMAP
 config GENERIC_BUG
         def_bool y
         depends on BUG
+        select GENERIC_BUG_RELATIVE_POINTERS if X86_64
+
+config GENERIC_BUG_RELATIVE_POINTERS
+        bool
 
 config GENERIC_HWEIGHT
         def_bool y
@@ -244,16 +250,19 @@ config X86_HAS_BOOT_CPU_ID
 config SPARSE_IRQ
         bool "Support sparse irq numbering"
         depends on PCI_MSI || HT_IRQ
-        default y
         help
-          This enables support for sparse irq, esp for msi/msi-x. You may need
-          if you have lots of cards supports msi-x installed.
+          This enables support for sparse irqs. This is useful for distro
+          kernels that want to define a high CONFIG_NR_CPUS value but still
+          want to have low kernel memory footprint on smaller machines.
 
-          If you don't know what to do here, say Y.
+          ( Sparse IRQs can also be beneficial on NUMA boxes, as they spread
+            out the irq_desc[] array in a more NUMA-friendly way. )
+
+          If you don't know what to do here, say N.
 
 config NUMA_MIGRATE_IRQ_DESC
         bool "Move irq desc when changing irq smp_affinity"
-        depends on SPARSE_IRQ && SMP
+        depends on SPARSE_IRQ && NUMA
         default n
         help
           This enables moving irq_desc to cpu/node that irq will use handled.
@@ -264,21 +273,13 @@ config X86_FIND_SMP_CONFIG
         def_bool y
         depends on X86_MPPARSE || X86_VOYAGER
 
-if ACPI
 config X86_MPPARSE
-        def_bool y
-        bool "Enable MPS table"
+        bool "Enable MPS table" if ACPI
+        default y
         depends on X86_LOCAL_APIC
         help
           For old smp systems that do not have proper acpi support. Newer systems
           (esp with 64bit cpus) with acpi support, MADT and DSDT will override it
-endif
-
-if !ACPI
-config X86_MPPARSE
-        def_bool y
-        depends on X86_LOCAL_APIC
-endif
 
 choice
         prompt "Subarchitecture Type"
@@ -500,7 +501,7 @@ config HPET_TIMER
          The HPET provides a stable time base on SMP
          systems, unlike the TSC, but it is more expensive to access,
          as it is off-chip.  You can find the HPET spec at
-         <http://www.intel.com/hardwaredesign/hpetspec.htm>.
+         <http://www.intel.com/hardwaredesign/hpetspec_1.pdf>.
 
          You can safely choose Y here.  However, HPET will only be
          activated if the platform and the BIOS support this feature.
@@ -587,7 +588,7 @@ config AMD_IOMMU
 
 # need this always selected by IOMMU for the VIA workaround
 config SWIOTLB
-        bool
+        def_bool y if X86_64
         help
           Support for software bounce buffers used on x86-64 systems
           which don't have a hardware IOMMU (e.g. the current generation
@@ -679,6 +680,30 @@ config X86_VISWS_APIC
         def_bool y
         depends on X86_32 && X86_VISWS
 
+config X86_REROUTE_FOR_BROKEN_BOOT_IRQS
+        bool "Reroute for broken boot IRQs"
+        default n
+        depends on X86_IO_APIC
+        help
+          This option enables a workaround that fixes a source of
+          spurious interrupts. This is recommended when threaded
+          interrupt handling is used on systems where the generation of
+          superfluous "boot interrupts" cannot be disabled.
+
+          Some chipsets generate a legacy INTx "boot IRQ" when the IRQ
+          entry in the chipset's IO-APIC is masked (as, e.g. the RT
+          kernel does during interrupt handling). On chipsets where this
+          boot IRQ generation cannot be disabled, this workaround keeps
+          the original IRQ line masked so that only the equivalent "boot
+          IRQ" is delivered to the CPUs. The workaround also tells the
+          kernel to set up the IRQ handler on the boot IRQ line. In this
+          way only one interrupt is delivered to the kernel. Otherwise
+          the spurious second interrupt may cause the kernel to bring
+          down (vital) interrupt lines.
+
+          Only affects "broken" chipsets. Interrupt sharing may be
+          increased on these systems.
+
 config X86_MCE
         bool "Machine Check Exception"
         depends on !X86_VOYAGER
@@ -975,24 +1000,37 @@ config X86_PAE
 config ARCH_PHYS_ADDR_T_64BIT
        def_bool X86_64 || X86_PAE
 
+config DIRECT_GBPAGES
+        bool "Enable 1GB pages for kernel pagetables" if EMBEDDED
+        default y
+        depends on X86_64
+        help
+          Allow the kernel linear mapping to use 1GB pages on CPUs that
+          support it. This can improve the kernel's performance a tiny bit by
+          reducing TLB pressure. If in doubt, say "Y".
+
 # Common NUMA Features
 config NUMA
-        bool "Numa Memory Allocation and Scheduler Support (EXPERIMENTAL)"
+        bool "Numa Memory Allocation and Scheduler Support"
         depends on SMP
         depends on X86_64 || (X86_32 && HIGHMEM64G && (X86_NUMAQ || X86_BIGSMP || X86_SUMMIT && ACPI) && EXPERIMENTAL)
         default n if X86_PC
         default y if (X86_NUMAQ || X86_SUMMIT || X86_BIGSMP)
         help
           Enable NUMA (Non Uniform Memory Access) support.
+
           The kernel will try to allocate memory used by a CPU on the
           local memory controller of the CPU and add some more
           NUMA awareness to the kernel.
 
-          For 32-bit this is currently highly experimental and should be only
-          used for kernel development. It might also cause boot failures.
-          For 64-bit this is recommended on all multiprocessor Opteron systems.
-          If the system is EM64T, you should say N unless your system is
-          EM64T NUMA.
+          For 64-bit this is recommended if the system is Intel Core i7
+          (or later), AMD Opteron, or EM64T NUMA.
+
+          For 32-bit this is only needed on (rare) 32-bit-only platforms
+          that support NUMA topologies, such as NUMAQ / Summit, or if you
+          boot a 32-bit kernel on a 64-bit NUMA platform.
+
+          Otherwise, you should say N.
 
 comment "NUMA (Summit) requires SMP, 64GB highmem support, ACPI"
         depends on X86_32 && X86_SUMMIT && (!HIGHMEM64G || !ACPI)
@@ -1512,6 +1550,10 @@ config ARCH_ENABLE_MEMORY_HOTPLUG
         def_bool y
         depends on X86_64 || (X86_32 && HIGHMEM)
 
+config ARCH_ENABLE_MEMORY_HOTREMOVE
+        def_bool y
+        depends on MEMORY_HOTPLUG
+
 config HAVE_ARCH_EARLY_PFN_TO_NID
         def_bool X86_64
         depends on NUMA
diff --git a/arch/x86/Kconfig.debug b/arch/x86/Kconfig.debug
index fa013f529b74..10d6cc3fd052 100644
--- a/arch/x86/Kconfig.debug
+++ b/arch/x86/Kconfig.debug
@@ -114,18 +114,6 @@ config DEBUG_RODATA
           data. This is recommended so that we can catch kernel bugs sooner.
           If in doubt, say "Y".
 
-config DIRECT_GBPAGES
-        bool "Enable gbpages-mapped kernel pagetables"
-        depends on DEBUG_KERNEL && EXPERIMENTAL && X86_64
-        help
-          Enable gigabyte pages support (if the CPU supports it). This can
-          improve the kernel's performance a tiny bit by reducing TLB
-          pressure.
-
-          This is experimental code.
-
-          If in doubt, say "N".
-
 config DEBUG_RODATA_TEST
         bool "Testcase for the DEBUG_RODATA feature"
         depends on DEBUG_RODATA
@@ -303,10 +291,10 @@ config OPTIMIZE_INLINING
           developers have marked 'inline'. Doing so takes away freedom from gcc to
           do what it thinks is best, which is desirable for the gcc 3.x series of
           compilers. The gcc 4.x series have a rewritten inlining algorithm and
-          disabling this option will generate a smaller kernel there. Hopefully
-          this algorithm is so good that allowing gcc4 to make the decision can
-          become the default in the future, until then this option is there to
-          test gcc for this.
+          enabling this option will generate a smaller kernel there. Hopefully
+          this algorithm is so good that allowing gcc 4.x and above to make the
+          decision will become the default in the future. Until then this option
+          is there to test gcc for this.
 
           If unsure, say N.
 
diff --git a/arch/x86/boot/video-vga.c b/arch/x86/boot/video-vga.c
index b939cb476dec..5d4742ed4aa2 100644
--- a/arch/x86/boot/video-vga.c
+++ b/arch/x86/boot/video-vga.c
@@ -34,7 +34,7 @@ static struct mode_info cga_modes[] = {
         { VIDEO_80x25,  80, 25, 0 },
 };
 
-__videocard video_vga;
+static __videocard video_vga;
 
 /* Set basic 80x25 mode */
 static u8 vga_set_basic_mode(void)
@@ -259,7 +259,7 @@ static int vga_probe(void)
         return mode_count[adapter];
 }
 
-__videocard video_vga = {
+static __videocard video_vga = {
         .card_name      = "VGA",
         .probe          = vga_probe,
         .set_mode       = vga_set_mode,
diff --git a/arch/x86/boot/video.c b/arch/x86/boot/video.c
index 83598b23093a..3bef2c1febe9 100644
--- a/arch/x86/boot/video.c
+++ b/arch/x86/boot/video.c
@@ -226,7 +226,7 @@ static unsigned int mode_menu(void)
 
 #ifdef CONFIG_VIDEO_RETAIN
 /* Save screen content to the heap */
-struct saved_screen {
+static struct saved_screen {
         int x, y;
         int curx, cury;
         u16 *data;
diff --git a/arch/x86/configs/i386_defconfig b/arch/x86/configs/i386_defconfig
index 13b8c86ae985..b30a08ed8eb4 100644
--- a/arch/x86/configs/i386_defconfig
+++ b/arch/x86/configs/i386_defconfig
@@ -77,7 +77,7 @@ CONFIG_AUDIT=y
 CONFIG_AUDITSYSCALL=y
 CONFIG_AUDIT_TREE=y
 # CONFIG_IKCONFIG is not set
-CONFIG_LOG_BUF_SHIFT=17
+CONFIG_LOG_BUF_SHIFT=18
 CONFIG_CGROUPS=y
 # CONFIG_CGROUP_DEBUG is not set
 CONFIG_CGROUP_NS=y
@@ -298,7 +298,7 @@ CONFIG_KEXEC=y
 CONFIG_CRASH_DUMP=y
 # CONFIG_KEXEC_JUMP is not set
 CONFIG_PHYSICAL_START=0x1000000
-CONFIG_RELOCATABLE=y
+# CONFIG_RELOCATABLE is not set
 CONFIG_PHYSICAL_ALIGN=0x200000
 CONFIG_HOTPLUG_CPU=y
 # CONFIG_COMPAT_VDSO is not set
diff --git a/arch/x86/configs/x86_64_defconfig b/arch/x86/configs/x86_64_defconfig
index f0a03d7a7d63..0e7dbc0a3e46 100644
--- a/arch/x86/configs/x86_64_defconfig
+++ b/arch/x86/configs/x86_64_defconfig
@@ -77,7 +77,7 @@ CONFIG_AUDIT=y
 CONFIG_AUDITSYSCALL=y
 CONFIG_AUDIT_TREE=y
 # CONFIG_IKCONFIG is not set
-CONFIG_LOG_BUF_SHIFT=17
+CONFIG_LOG_BUF_SHIFT=18
 CONFIG_CGROUPS=y
 # CONFIG_CGROUP_DEBUG is not set
 CONFIG_CGROUP_NS=y
@@ -298,7 +298,7 @@ CONFIG_SCHED_HRTICK=y
 CONFIG_KEXEC=y
 CONFIG_CRASH_DUMP=y
 CONFIG_PHYSICAL_START=0x1000000
-CONFIG_RELOCATABLE=y
+# CONFIG_RELOCATABLE is not set
 CONFIG_PHYSICAL_ALIGN=0x200000
 CONFIG_HOTPLUG_CPU=y
 # CONFIG_COMPAT_VDSO is not set
diff --git a/arch/x86/crypto/crc32c-intel.c b/arch/x86/crypto/crc32c-intel.c
index 070afc5b6c94..b9d00261703c 100644
--- a/arch/x86/crypto/crc32c-intel.c
+++ b/arch/x86/crypto/crc32c-intel.c
@@ -6,13 +6,22 @@
  * Intel(R) 64 and IA-32 Architectures Software Developer's Manual
  * Volume 2A: Instruction Set Reference, A-M
  *
- * Copyright (c) 2008 Austin Zhang <austin_zhang@linux.intel.com>
- * Copyright (c) 2008 Kent Liu <kent.liu@intel.com>
+ * Copyright (C) 2008 Intel Corporation
+ * Authors: Austin Zhang <austin_zhang@linux.intel.com>
+ *          Kent Liu <kent.liu@intel.com>
  *
  * This program is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License as published by the Free
- * Software Foundation; either version 2 of the License, or (at your option)
- * any later version.
+ * under the terms and conditions of the GNU General Public License,
+ * version 2, as published by the Free Software Foundation.
+ *
+ * This program is distributed in the hope it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License for
+ * more details.
+ *
+ * You should have received a copy of the GNU General Public License along with
+ * this program; if not, write to the Free Software Foundation, Inc.,
+ * 51 Franklin St - Fifth Floor, Boston, MA 02110-1301 USA.
  *
  */
 #include <linux/init.h>
@@ -75,99 +84,92 @@ static u32 __pure crc32c_intel_le_hw(u32 crc, unsigned char const *p, size_t len
  * If your algorithm starts with ~0, then XOR with ~0 before you set
  * the seed.
  */
-static int crc32c_intel_setkey(struct crypto_ahash *hash, const u8 *key,
+static int crc32c_intel_setkey(struct crypto_shash *hash, const u8 *key,
                         unsigned int keylen)
 {
-        u32 *mctx = crypto_ahash_ctx(hash);
+        u32 *mctx = crypto_shash_ctx(hash);
 
         if (keylen != sizeof(u32)) {
-                crypto_ahash_set_flags(hash, CRYPTO_TFM_RES_BAD_KEY_LEN);
+                crypto_shash_set_flags(hash, CRYPTO_TFM_RES_BAD_KEY_LEN);
                 return -EINVAL;
         }
         *mctx = le32_to_cpup((__le32 *)key);
         return 0;
 }
 
-static int crc32c_intel_init(struct ahash_request *req)
+static int crc32c_intel_init(struct shash_desc *desc)
 {
-        u32 *mctx = crypto_ahash_ctx(crypto_ahash_reqtfm(req));
-        u32 *crcp = ahash_request_ctx(req);
+        u32 *mctx = crypto_shash_ctx(desc->tfm);
+        u32 *crcp = shash_desc_ctx(desc);
 
         *crcp = *mctx;
 
         return 0;
 }
 
-static int crc32c_intel_update(struct ahash_request *req)
+static int crc32c_intel_update(struct shash_desc *desc, const u8 *data,
+                               unsigned int len)
 {
-        struct crypto_hash_walk walk;
-        u32 *crcp = ahash_request_ctx(req);
-        u32 crc = *crcp;
-        int nbytes;
-
-        for (nbytes = crypto_hash_walk_first(req, &walk); nbytes;
-           nbytes = crypto_hash_walk_done(&walk, 0))
-        crc = crc32c_intel_le_hw(crc, walk.data, nbytes);
+        u32 *crcp = shash_desc_ctx(desc);
 
-        *crcp = crc;
+        *crcp = crc32c_intel_le_hw(*crcp, data, len);
         return 0;
 }
 
-static int crc32c_intel_final(struct ahash_request *req)
+static int __crc32c_intel_finup(u32 *crcp, const u8 *data, unsigned int len,
+                                u8 *out)
 {
-        u32 *crcp = ahash_request_ctx(req);
-
-        *(__le32 *)req->result = ~cpu_to_le32p(crcp);
+        *(__le32 *)out = ~cpu_to_le32(crc32c_intel_le_hw(*crcp, data, len));
         return 0;
 }
 
-static int crc32c_intel_digest(struct ahash_request *req)
+static int crc32c_intel_finup(struct shash_desc *desc, const u8 *data,
+                              unsigned int len, u8 *out)
 {
-        struct crypto_hash_walk walk;
-        u32 *mctx = crypto_ahash_ctx(crypto_ahash_reqtfm(req));
-        u32 crc = *mctx;
-        int nbytes;
+        return __crc32c_intel_finup(shash_desc_ctx(desc), data, len, out);
+}
 
-        for (nbytes = crypto_hash_walk_first(req, &walk); nbytes;
-           nbytes = crypto_hash_walk_done(&walk, 0))
-                crc = crc32c_intel_le_hw(crc, walk.data, nbytes);
+static int crc32c_intel_final(struct shash_desc *desc, u8 *out)
+{
+        u32 *crcp = shash_desc_ctx(desc);
 
-        *(__le32 *)req->result = ~cpu_to_le32(crc);
+        *(__le32 *)out = ~cpu_to_le32p(crcp);
         return 0;
 }
 
+static int crc32c_intel_digest(struct shash_desc *desc, const u8 *data,
+                               unsigned int len, u8 *out)
+{
+        return __crc32c_intel_finup(crypto_shash_ctx(desc->tfm), data, len,
+                                    out);
+}
+
 static int crc32c_intel_cra_init(struct crypto_tfm *tfm)
 {
         u32 *key = crypto_tfm_ctx(tfm);
 
         *key = ~0;
 
-        tfm->crt_ahash.reqsize = sizeof(u32);
-
         return 0;
 }
 
-static struct crypto_alg alg = {
-        .cra_name               =       "crc32c",
-        .cra_driver_name        =       "crc32c-intel",
-        .cra_priority           =       200,
-        .cra_flags              =       CRYPTO_ALG_TYPE_AHASH,
-        .cra_blocksize          =       CHKSUM_BLOCK_SIZE,
-        .cra_alignmask          =       3,
-        .cra_ctxsize            =       sizeof(u32),
-        .cra_module             =       THIS_MODULE,
-        .cra_list               =       LIST_HEAD_INIT(alg.cra_list),
-        .cra_init               =       crc32c_intel_cra_init,
-        .cra_type               =       &crypto_ahash_type,
-        .cra_u                  =       {
-                .ahash = {
-                        .digestsize    =       CHKSUM_DIGEST_SIZE,
-                        .setkey        =       crc32c_intel_setkey,
-                        .init          =       crc32c_intel_init,
-                        .update        =       crc32c_intel_update,
-                        .final         =       crc32c_intel_final,
-                        .digest        =       crc32c_intel_digest,
-                }
+static struct shash_alg alg = {
+        .setkey                 =       crc32c_intel_setkey,
+        .init                   =       crc32c_intel_init,
+        .update                 =       crc32c_intel_update,
+        .final                  =       crc32c_intel_final,
+        .finup                  =       crc32c_intel_finup,
+        .digest                 =       crc32c_intel_digest,
+        .descsize               =       sizeof(u32),
+        .digestsize             =       CHKSUM_DIGEST_SIZE,
+        .base                   =       {
+                .cra_name               =       "crc32c",
+                .cra_driver_name        =       "crc32c-intel",
+                .cra_priority           =       200,
+                .cra_blocksize          =       CHKSUM_BLOCK_SIZE,
+                .cra_ctxsize            =       sizeof(u32),
+                .cra_module             =       THIS_MODULE,
+                .cra_init               =       crc32c_intel_cra_init,
         }
 };
 
@@ -175,14 +177,14 @@ static struct crypto_alg alg = {
 static int __init crc32c_intel_mod_init(void)
 {
         if (cpu_has_xmm4_2)
-                return crypto_register_alg(&alg);
+                return crypto_register_shash(&alg);
         else
                 return -ENODEV;
 }
 
 static void __exit crc32c_intel_mod_fini(void)
 {
-        crypto_unregister_alg(&alg);
+        crypto_unregister_shash(&alg);
 }
 
 module_init(crc32c_intel_mod_init);
@@ -194,4 +196,3 @@ MODULE_LICENSE("GPL");
 
 MODULE_ALIAS("crc32c");
 MODULE_ALIAS("crc32c-intel");
-
diff --git a/arch/x86/ia32/ia32_aout.c b/arch/x86/ia32/ia32_aout.c
index 127ec3f07214..2a4d073d2cf1 100644
--- a/arch/x86/ia32/ia32_aout.c
+++ b/arch/x86/ia32/ia32_aout.c
@@ -327,7 +327,7 @@ static int load_aout_binary(struct linux_binprm *bprm, struct pt_regs *regs)
         current->mm->cached_hole_size = 0;
 
         current->mm->mmap = NULL;
-        compute_creds(bprm);
+        install_exec_creds(bprm);
         current->flags &= ~PF_FORKNOEXEC;
 
         if (N_MAGIC(ex) == OMAGIC) {
diff --git a/arch/x86/ia32/ia32_signal.c b/arch/x86/ia32/ia32_signal.c
index 4bc02b23674b..b195f85526e3 100644
--- a/arch/x86/ia32/ia32_signal.c
+++ b/arch/x86/ia32/ia32_signal.c
@@ -32,6 +32,8 @@
 #include <asm/proto.h>
 #include <asm/vdso.h>
 
+#include <asm/sigframe.h>
+
 #define DEBUG_SIG 0
 
 #define _BLOCKABLE (~(sigmask(SIGKILL) | sigmask(SIGSTOP)))
@@ -41,7 +43,6 @@
                          X86_EFLAGS_ZF | X86_EFLAGS_AF | X86_EFLAGS_PF | \
                          X86_EFLAGS_CF)
 
-asmlinkage int do_signal(struct pt_regs *regs, sigset_t *oldset);
 void signal_fault(struct pt_regs *regs, void __user *frame, char *where);
 
 int copy_siginfo_to_user32(compat_siginfo_t __user *to, siginfo_t *from)
@@ -173,47 +174,28 @@ asmlinkage long sys32_sigaltstack(const stack_ia32_t __user *uss_ptr,
 /*
  * Do a signal return; undo the signal stack.
  */
+#define COPY(x)                 {               \
+        err |= __get_user(regs->x, &sc->x);     \
+}
 
-struct sigframe
-{
-        u32 pretcode;
-        int sig;
-        struct sigcontext_ia32 sc;
-        struct _fpstate_ia32 fpstate_unused; /* look at kernel/sigframe.h */
-        unsigned int extramask[_COMPAT_NSIG_WORDS-1];
-        char retcode[8];
-        /* fp state follows here */
-};
-
-struct rt_sigframe
-{
-        u32 pretcode;
-        int sig;
-        u32 pinfo;
-        u32 puc;
-        compat_siginfo_t info;
-        struct ucontext_ia32 uc;
-        char retcode[8];
-        /* fp state follows here */
-};
-
-#define COPY(x)         {               \
-        unsigned int reg;               \
-        err |= __get_user(reg, &sc->x); \
-        regs->x = reg;                  \
+#define COPY_SEG_CPL3(seg)      {                       \
+                unsigned short tmp;                     \
+                err |= __get_user(tmp, &sc->seg);       \
+                regs->seg = tmp | 3;                    \
 }
 
-#define RELOAD_SEG(seg,mask)                                            \
-        { unsigned int cur;                                             \
-          unsigned short pre;                                           \
-          err |= __get_user(pre, &sc->seg);                             \
-          savesegment(seg, cur);                                        \
-          pre |= mask;                                                  \
-          if (pre != cur) loadsegment(seg, pre); }
+#define RELOAD_SEG(seg)         {               \
+        unsigned int cur, pre;                  \
+        err |= __get_user(pre, &sc->seg);       \
+        savesegment(seg, cur);                  \
+        pre |= 3;                               \
+        if (pre != cur)                         \
+                loadsegment(seg, pre);          \
+}
 
 static int ia32_restore_sigcontext(struct pt_regs *regs,
                                    struct sigcontext_ia32 __user *sc,
-                                   unsigned int *peax)
+                                   unsigned int *pax)
 {
         unsigned int tmpflags, gs, oldgs, err = 0;
         void __user *buf;
@@ -240,18 +222,16 @@ static int ia32_restore_sigcontext(struct pt_regs *regs,
         if (gs != oldgs)
                 load_gs_index(gs);
 
-        RELOAD_SEG(fs, 3);
-        RELOAD_SEG(ds, 3);
-        RELOAD_SEG(es, 3);
+        RELOAD_SEG(fs);
+        RELOAD_SEG(ds);
+        RELOAD_SEG(es);
 
         COPY(di); COPY(si); COPY(bp); COPY(sp); COPY(bx);
         COPY(dx); COPY(cx); COPY(ip);
         /* Don't touch extended registers */
 
-        err |= __get_user(regs->cs, &sc->cs);
-        regs->cs |= 3;
-        err |= __get_user(regs->ss, &sc->ss);
-        regs->ss |= 3;
+        COPY_SEG_CPL3(cs);
+        COPY_SEG_CPL3(ss);
 
         err |= __get_user(tmpflags, &sc->flags);
         regs->flags = (regs->flags & ~FIX_EFLAGS) | (tmpflags & FIX_EFLAGS);
@@ -262,15 +242,13 @@ static int ia32_restore_sigcontext(struct pt_regs *regs,
         buf = compat_ptr(tmp);
         err |= restore_i387_xstate_ia32(buf);
 
-        err |= __get_user(tmp, &sc->ax);
-        *peax = tmp;
-
+        err |= __get_user(*pax, &sc->ax);
         return err;
 }
 
 asmlinkage long sys32_sigreturn(struct pt_regs *regs)
 {
-        struct sigframe __user *frame = (struct sigframe __user *)(regs->sp-8);
+        struct sigframe_ia32 __user *frame = (struct sigframe_ia32 __user *)(regs->sp-8);
         sigset_t set;
         unsigned int ax;
 
@@ -300,12 +278,12 @@ badframe:
 
 asmlinkage long sys32_rt_sigreturn(struct pt_regs *regs)
 {
-        struct rt_sigframe __user *frame;
+        struct rt_sigframe_ia32 __user *frame;
         sigset_t set;
         unsigned int ax;
         struct pt_regs tregs;
 
-        frame = (struct rt_sigframe __user *)(regs->sp - 4);
+        frame = (struct rt_sigframe_ia32 __user *)(regs->sp - 4);
 
         if (!access_ok(VERIFY_READ, frame, sizeof(*frame)))
                 goto badframe;
@@ -359,20 +337,15 @@ static int ia32_setup_sigcontext(struct sigcontext_ia32 __user *sc,
         err |= __put_user(regs->dx, &sc->dx);
         err |= __put_user(regs->cx, &sc->cx);
         err |= __put_user(regs->ax, &sc->ax);
-        err |= __put_user(regs->cs, &sc->cs);
-        err |= __put_user(regs->ss, &sc->ss);
         err |= __put_user(current->thread.trap_no, &sc->trapno);
         err |= __put_user(current->thread.error_code, &sc->err);
         err |= __put_user(regs->ip, &sc->ip);
+        err |= __put_user(regs->cs, (unsigned int __user *)&sc->cs);
         err |= __put_user(regs->flags, &sc->flags);
         err |= __put_user(regs->sp, &sc->sp_at_signal);
+        err |= __put_user(regs->ss, (unsigned int __user *)&sc->ss);
 
-        tmp = save_i387_xstate_ia32(fpstate);
-        if (tmp < 0)
-                err = -EFAULT;
-        else
-                err |= __put_user(ptr_to_compat(tmp ? fpstate : NULL),
-                                        &sc->fpstate);
+        err |= __put_user(ptr_to_compat(fpstate), &sc->fpstate);
 
         /* non-iBCS2 extensions.. */
         err |= __put_user(mask, &sc->oldmask);
@@ -400,7 +373,7 @@ static void __user *get_sigframe(struct k_sigaction *ka, struct pt_regs *regs,
         }
 
         /* This is the legacy signal stack switching. */
-        else if ((regs->ss & 0xffff) != __USER_DS &&
+        else if ((regs->ss & 0xffff) != __USER32_DS &&
                 !(ka->sa.sa_flags & SA_RESTORER) &&
                  ka->sa.sa_restorer)
                 sp = (unsigned long) ka->sa.sa_restorer;
@@ -408,6 +381,8 @@ static void __user *get_sigframe(struct k_sigaction *ka, struct pt_regs *regs,
         if (used_math()) {
                 sp = sp - sig_xstate_ia32_size;
                 *fpstate = (struct _fpstate_ia32 *) sp;
+                if (save_i387_xstate_ia32(*fpstate) < 0)
+                        return (void __user *) -1L;
         }
 
         sp -= frame_size;
@@ -420,7 +395,7 @@ static void __user *get_sigframe(struct k_sigaction *ka, struct pt_regs *regs,
 int ia32_setup_frame(int sig, struct k_sigaction *ka,
                      compat_sigset_t *set, struct pt_regs *regs)
 {
-        struct sigframe __user *frame;
+        struct sigframe_ia32 __user *frame;
         void __user *restorer;
         int err = 0;
         void __user *fpstate = NULL;
@@ -430,12 +405,10 @@ int ia32_setup_frame(int sig, struct k_sigaction *ka,
                 u16 poplmovl;
                 u32 val;
                 u16 int80;
-                u16 pad;
         } __attribute__((packed)) code = {
                 0xb858,          /* popl %eax ; movl $...,%eax */
                 __NR_ia32_sigreturn,
                 0x80cd,         /* int $0x80 */
-                0,
         };
 
         frame = get_sigframe(ka, regs, sizeof(*frame), &fpstate);
@@ -471,7 +444,7 @@ int ia32_setup_frame(int sig, struct k_sigaction *ka,
          * These are actually not used anymore, but left because some
          * gdb versions depend on them as a marker.
          */
-        err |= __copy_to_user(frame->retcode, &code, 8);
+        err |= __put_user(*((u64 *)&code), (u64 *)frame->retcode);
         if (err)
                 return -EFAULT;
 
@@ -501,7 +474,7 @@ int ia32_setup_frame(int sig, struct k_sigaction *ka,
 int ia32_setup_rt_frame(int sig, struct k_sigaction *ka, siginfo_t *info,
                         compat_sigset_t *set, struct pt_regs *regs)
 {
-        struct rt_sigframe __user *frame;
+        struct rt_sigframe_ia32 __user *frame;
         void __user *restorer;
         int err = 0;
         void __user *fpstate = NULL;
@@ -511,8 +484,7 @@ int ia32_setup_rt_frame(int sig, struct k_sigaction *ka, siginfo_t *info,
                 u8 movl;
                 u32 val;
                 u16 int80;
-                u16 pad;
-                u8  pad2;
+                u8  pad;
         } __attribute__((packed)) code = {
                 0xb8,
                 __NR_ia32_rt_sigreturn,
@@ -559,7 +531,7 @@ int ia32_setup_rt_frame(int sig, struct k_sigaction *ka, siginfo_t *info,
          * Not actually used anymore, but left because some gdb
          * versions need it.
          */
-        err |= __copy_to_user(frame->retcode, &code, 8);
+        err |= __put_user(*((u64 *)&code), (u64 *)frame->retcode);
         if (err)
                 return -EFAULT;
 
@@ -572,11 +544,6 @@ int ia32_setup_rt_frame(int sig, struct k_sigaction *ka, siginfo_t *info,
         regs->dx = (unsigned long) &frame->info;
         regs->cx = (unsigned long) &frame->uc;
 
-        /* Make -mregparm=3 work */
-        regs->ax = sig;
-        regs->dx = (unsigned long) &frame->info;
-        regs->cx = (unsigned long) &frame->uc;
-
         loadsegment(ds, __USER32_DS);
         loadsegment(es, __USER32_DS);
 
diff --git a/arch/x86/include/asm/bitops.h b/arch/x86/include/asm/bitops.h
index 360010322711..9fa9dcdf344b 100644
--- a/arch/x86/include/asm/bitops.h
+++ b/arch/x86/include/asm/bitops.h
@@ -168,7 +168,15 @@ static inline void __change_bit(int nr, volatile unsigned long *addr)
  */
 static inline void change_bit(int nr, volatile unsigned long *addr)
 {
-        asm volatile(LOCK_PREFIX "btc %1,%0" : ADDR : "Ir" (nr));
+        if (IS_IMMEDIATE(nr)) {
+                asm volatile(LOCK_PREFIX "xorb %1,%0"
+                        : CONST_MASK_ADDR(nr, addr)
+                        : "iq" ((u8)CONST_MASK(nr)));
+        } else {
+                asm volatile(LOCK_PREFIX "btc %1,%0"
+                        : BITOP_ADDR(addr)
+                        : "Ir" (nr));
+        }
 }
 
 /**
diff --git a/arch/x86/include/asm/bug.h b/arch/x86/include/asm/bug.h
index 3def2065fcea..d9cf1cd156d2 100644
--- a/arch/x86/include/asm/bug.h
+++ b/arch/x86/include/asm/bug.h
@@ -9,7 +9,7 @@
 #ifdef CONFIG_X86_32
 # define __BUG_C0       "2:\t.long 1b, %c0\n"
 #else
-# define __BUG_C0       "2:\t.quad 1b, %c0\n"
+# define __BUG_C0       "2:\t.long 1b - 2b, %c0 - 2b\n"
 #endif
 
 #define BUG()                                                   \
diff --git a/arch/x86/include/asm/byteorder.h b/arch/x86/include/asm/byteorder.h
index e02ae2d89acf..f110ad417df3 100644
--- a/arch/x86/include/asm/byteorder.h
+++ b/arch/x86/include/asm/byteorder.h
@@ -4,26 +4,33 @@
 #include <asm/types.h>
 #include <linux/compiler.h>
 
-#ifdef __GNUC__
+#define __LITTLE_ENDIAN
 
-#ifdef __i386__
-
-static inline __attribute_const__ __u32 ___arch__swab32(__u32 x)
+static inline __attribute_const__ __u32 __arch_swab32(__u32 val)
 {
-#ifdef CONFIG_X86_BSWAP
-        asm("bswap %0" : "=r" (x) : "0" (x));
-#else
+#ifdef __i386__
+# ifdef CONFIG_X86_BSWAP
+        asm("bswap %0" : "=r" (val) : "0" (val));
+# else
         asm("xchgb %b0,%h0\n\t" /* swap lower bytes     */
             "rorl $16,%0\n\t"   /* swap words           */
             "xchgb %b0,%h0"     /* swap higher bytes    */
-            : "=q" (x)
-            : "0" (x));
+            : "=q" (val)
+            : "0" (val));
+# endif
+
+#else /* __i386__ */
+        asm("bswapl %0"
+            : "=r" (val)
+            : "0" (val));
 #endif
-        return x;
+        return val;
 }
+#define __arch_swab32 __arch_swab32
 
-static inline __attribute_const__ __u64 ___arch__swab64(__u64 val)
+static inline __attribute_const__ __u64 __arch_swab64(__u64 val)
 {
+#ifdef __i386__
         union {
                 struct {
                         __u32 a;
@@ -32,50 +39,27 @@ static inline __attribute_const__ __u64 ___arch__swab64(__u64 val)
                 __u64 u;
         } v;
         v.u = val;
-#ifdef CONFIG_X86_BSWAP
+# ifdef CONFIG_X86_BSWAP
         asm("bswapl %0 ; bswapl %1 ; xchgl %0,%1"
             : "=r" (v.s.a), "=r" (v.s.b)
             : "0" (v.s.a), "1" (v.s.b));
-#else
-        v.s.a = ___arch__swab32(v.s.a);
-        v.s.b = ___arch__swab32(v.s.b);
+# else
+        v.s.a = __arch_swab32(v.s.a);
+        v.s.b = __arch_swab32(v.s.b);
         asm("xchgl %0,%1"
             : "=r" (v.s.a), "=r" (v.s.b)
             : "0" (v.s.a), "1" (v.s.b));
-#endif
+# endif
         return v.u;
-}
-
 #else /* __i386__ */
-
-static inline __attribute_const__ __u64 ___arch__swab64(__u64 x)
-{
         asm("bswapq %0"
-            : "=r" (x)
-            : "0" (x));
-        return x;
-}
-
-static inline __attribute_const__ __u32 ___arch__swab32(__u32 x)
-{
-        asm("bswapl %0"
-            : "=r" (x)
-            : "0" (x));
-        return x;
-}
-
+            : "=r" (val)
+            : "0" (val));
+        return val;
 #endif
+}
+#define __arch_swab64 __arch_swab64
 
-/* Do not define swab16.  Gcc is smart enough to recognize "C" version and
-   convert it into rotation or exhange.  */
-
-#define __arch__swab64(x) ___arch__swab64(x)
-#define __arch__swab32(x) ___arch__swab32(x)
-
-#define __BYTEORDER_HAS_U64__
-
-#endif /* __GNUC__ */
-
-#include <linux/byteorder/little_endian.h>
+#include <linux/byteorder.h>
 
 #endif /* _ASM_X86_BYTEORDER_H */
diff --git a/arch/x86/include/asm/cpufeature.h b/arch/x86/include/asm/cpufeature.h
index cfdf8c2c5c31..ea408dcba513 100644
--- a/arch/x86/include/asm/cpufeature.h
+++ b/arch/x86/include/asm/cpufeature.h
@@ -80,7 +80,6 @@
 #define X86_FEATURE_UP          (3*32+ 9) /* smp kernel running on up */
 #define X86_FEATURE_FXSAVE_LEAK (3*32+10) /* "" FXSAVE leaks FOP/FIP/FOP */
 #define X86_FEATURE_ARCH_PERFMON (3*32+11) /* Intel Architectural PerfMon */
-#define X86_FEATURE_NOPL        (3*32+20) /* The NOPL (0F 1F) instructions */
 #define X86_FEATURE_PEBS        (3*32+12) /* Precise-Event Based Sampling */
 #define X86_FEATURE_BTS         (3*32+13) /* Branch Trace Store */
 #define X86_FEATURE_SYSCALL32   (3*32+14) /* "" syscall in ia32 userspace */
@@ -92,6 +91,8 @@
 #define X86_FEATURE_NOPL        (3*32+20) /* The NOPL (0F 1F) instructions */
 #define X86_FEATURE_AMDC1E      (3*32+21) /* AMD C1E detected */
 #define X86_FEATURE_XTOPOLOGY   (3*32+22) /* cpu topology enum extensions */
+#define X86_FEATURE_TSC_RELIABLE (3*32+23) /* TSC is known to be reliable */
+#define X86_FEATURE_NONSTOP_TSC (3*32+24) /* TSC does not stop in C states */
 
 /* Intel-defined CPU features, CPUID level 0x00000001 (ecx), word 4 */
 #define X86_FEATURE_XMM3        (4*32+ 0) /* "pni" SSE-3 */
@@ -117,6 +118,7 @@
 #define X86_FEATURE_XSAVE       (4*32+26) /* XSAVE/XRSTOR/XSETBV/XGETBV */
 #define X86_FEATURE_OSXSAVE     (4*32+27) /* "" XSAVE enabled in the OS */
 #define X86_FEATURE_AVX         (4*32+28) /* Advanced Vector Extensions */
+#define X86_FEATURE_HYPERVISOR  (4*32+31) /* Running on a hypervisor */
 
 /* VIA/Cyrix/Centaur-defined CPU features, CPUID level 0xC0000001, word 5 */
 #define X86_FEATURE_XSTORE      (5*32+ 2) /* "rng" RNG present (xstore) */
@@ -237,6 +239,7 @@ extern const char * const x86_power_flags[32];
 #define cpu_has_xmm4_2          boot_cpu_has(X86_FEATURE_XMM4_2)
 #define cpu_has_x2apic          boot_cpu_has(X86_FEATURE_X2APIC)
 #define cpu_has_xsave           boot_cpu_has(X86_FEATURE_XSAVE)
+#define cpu_has_hypervisor      boot_cpu_has(X86_FEATURE_HYPERVISOR)
 
 #if defined(CONFIG_X86_INVLPG) || defined(CONFIG_X86_64)
 # define cpu_has_invlpg         1
diff --git a/arch/x86/include/asm/dma-mapping.h b/arch/x86/include/asm/dma-mapping.h
index 097794ff6b79..4035357f5b9d 100644
--- a/arch/x86/include/asm/dma-mapping.h
+++ b/arch/x86/include/asm/dma-mapping.h
@@ -65,18 +65,16 @@ static inline struct dma_mapping_ops *get_dma_ops(struct device *dev)
                 return dma_ops;
         else
                 return dev->archdata.dma_ops;
-#endif /* _ASM_X86_DMA_MAPPING_H */
+#endif
 }
 
 /* Make sure we keep the same behaviour */
 static inline int dma_mapping_error(struct device *dev, dma_addr_t dma_addr)
 {
-#ifdef CONFIG_X86_64
         struct dma_mapping_ops *ops = get_dma_ops(dev);
         if (ops->mapping_error)
                 return ops->mapping_error(dev, dma_addr);
 
-#endif
         return (dma_addr == bad_dma_address);
 }
 
diff --git a/arch/x86/include/asm/ds.h b/arch/x86/include/asm/ds.h
index 99b6c39774a4..a8f672ba100c 100644
--- a/arch/x86/include/asm/ds.h
+++ b/arch/x86/include/asm/ds.h
@@ -6,13 +6,13 @@
  * precise-event based sampling (PEBS).
  *
  * It manages:
- * - per-thread and per-cpu allocation of BTS and PEBS
+ * - DS and BTS hardware configuration
  * - buffer overflow handling (to be done)
  * - buffer access
  *
- * It assumes:
- * - get_task_struct on all traced tasks
- * - current is allowed to trace tasks
+ * It does not do:
+ * - security checking (is the caller allowed to trace the task)
+ * - buffer allocation (memory accounting)
  *
  *
  * Copyright (C) 2007-2008 Intel Corporation.
@@ -31,6 +31,7 @@
 #ifdef CONFIG_X86_DS
 
 struct task_struct;
+struct ds_context;
 struct ds_tracer;
 struct bts_tracer;
 struct pebs_tracer;
@@ -38,6 +39,38 @@ struct pebs_tracer;
 typedef void (*bts_ovfl_callback_t)(struct bts_tracer *);
 typedef void (*pebs_ovfl_callback_t)(struct pebs_tracer *);
 
+
+/*
+ * A list of features plus corresponding macros to talk about them in
+ * the ds_request function's flags parameter.
+ *
+ * We use the enum to index an array of corresponding control bits;
+ * we use the macro to index a flags bit-vector.
+ */
+enum ds_feature {
+        dsf_bts = 0,
+        dsf_bts_kernel,
+#define BTS_KERNEL (1 << dsf_bts_kernel)
+        /* trace kernel-mode branches */
+
+        dsf_bts_user,
+#define BTS_USER (1 << dsf_bts_user)
+        /* trace user-mode branches */
+
+        dsf_bts_overflow,
+        dsf_bts_max,
+        dsf_pebs = dsf_bts_max,
+
+        dsf_pebs_max,
+        dsf_ctl_max = dsf_pebs_max,
+        dsf_bts_timestamps = dsf_ctl_max,
+#define BTS_TIMESTAMPS (1 << dsf_bts_timestamps)
+        /* add timestamps into BTS trace */
+
+#define BTS_USER_FLAGS (BTS_KERNEL | BTS_USER | BTS_TIMESTAMPS)
+};
+
+
 /*
  * Request BTS or PEBS
  *
@@ -58,92 +91,135 @@ typedef void (*pebs_ovfl_callback_t)(struct pebs_tracer *);
  *       NULL if cyclic buffer requested
  * th: the interrupt threshold in records from the end of the buffer;
  *     -1 if no interrupt threshold is requested.
+ * flags: a bit-mask of the above flags
  */
 extern struct bts_tracer *ds_request_bts(struct task_struct *task,
                                          void *base, size_t size,
-                                         bts_ovfl_callback_t ovfl, size_t th);
+                                         bts_ovfl_callback_t ovfl,
+                                         size_t th, unsigned int flags);
 extern struct pebs_tracer *ds_request_pebs(struct task_struct *task,
                                            void *base, size_t size,
                                            pebs_ovfl_callback_t ovfl,
-                                           size_t th);
+                                           size_t th, unsigned int flags);
 
 /*
  * Release BTS or PEBS resources
- *
- * Returns 0 on success; -Eerrno otherwise
+ * Suspend and resume BTS or PEBS tracing
  *
  * tracer: the tracer handle returned from ds_request_~()
  */
-extern int ds_release_bts(struct bts_tracer *tracer);
-extern int ds_release_pebs(struct pebs_tracer *tracer);
+extern void ds_release_bts(struct bts_tracer *tracer);
+extern void ds_suspend_bts(struct bts_tracer *tracer);
+extern void ds_resume_bts(struct bts_tracer *tracer);
+extern void ds_release_pebs(struct pebs_tracer *tracer);
+extern void ds_suspend_pebs(struct pebs_tracer *tracer);
+extern void ds_resume_pebs(struct pebs_tracer *tracer);
+
 
 /*
- * Get the (array) index of the write pointer.
- * (assuming an array of BTS/PEBS records)
- *
- * Returns 0 on success; -Eerrno on error
+ * The raw DS buffer state as it is used for BTS and PEBS recording.
  *
- * tracer: the tracer handle returned from ds_request_~()
- * pos (out): will hold the result
+ * This is the low-level, arch-dependent interface for working
+ * directly on the raw trace data.
  */
-extern int ds_get_bts_index(struct bts_tracer *tracer, size_t *pos);
-extern int ds_get_pebs_index(struct pebs_tracer *tracer, size_t *pos);
+struct ds_trace {
+        /* the number of bts/pebs records */
+        size_t n;
+        /* the size of a bts/pebs record in bytes */
+        size_t size;
+        /* pointers into the raw buffer:
+           - to the first entry */
+        void *begin;
+        /* - one beyond the last entry */
+        void *end;
+        /* - one beyond the newest entry */
+        void *top;
+        /* - the interrupt threshold */
+        void *ith;
+        /* flags given on ds_request() */
+        unsigned int flags;
+};
 
 /*
- * Get the (array) index one record beyond the end of the array.
- * (assuming an array of BTS/PEBS records)
- *
- * Returns 0 on success; -Eerrno on error
- *
- * tracer: the tracer handle returned from ds_request_~()
- * pos (out): will hold the result
+ * An arch-independent view on branch trace data.
  */
-extern int ds_get_bts_end(struct bts_tracer *tracer, size_t *pos);
-extern int ds_get_pebs_end(struct pebs_tracer *tracer, size_t *pos);
+enum bts_qualifier {
+        bts_invalid,
+#define BTS_INVALID bts_invalid
+
+        bts_branch,
+#define BTS_BRANCH bts_branch
+
+        bts_task_arrives,
+#define BTS_TASK_ARRIVES bts_task_arrives
+
+        bts_task_departs,
+#define BTS_TASK_DEPARTS bts_task_departs
+
+        bts_qual_bit_size = 4,
+        bts_qual_max = (1 << bts_qual_bit_size),
+};
+
+struct bts_struct {
+        __u64 qualifier;
+        union {
+                /* BTS_BRANCH */
+                struct {
+                        __u64 from;
+                        __u64 to;
+                } lbr;
+                /* BTS_TASK_ARRIVES or BTS_TASK_DEPARTS */
+                struct {
+                        __u64 jiffies;
+                        pid_t pid;
+                } timestamp;
+        } variant;
+};
+
 
 /*
- * Provide a pointer to the BTS/PEBS record at parameter index.
- * (assuming an array of BTS/PEBS records)
- *
- * The pointer points directly into the buffer. The user is
- * responsible for copying the record.
+ * The BTS state.
  *
- * Returns the size of a single record on success; -Eerrno on error
- *
- * tracer: the tracer handle returned from ds_request_~()
- * index: the index of the requested record
- * record (out): pointer to the requested record
+ * This gives access to the raw DS state and adds functions to provide
+ * an arch-independent view of the BTS data.
  */
-extern int ds_access_bts(struct bts_tracer *tracer,
-                         size_t index, const void **record);
-extern int ds_access_pebs(struct pebs_tracer *tracer,
-                          size_t index, const void **record);
+struct bts_trace {
+        struct ds_trace ds;
+
+        int (*read)(struct bts_tracer *tracer, const void *at,
+                    struct bts_struct *out);
+        int (*write)(struct bts_tracer *tracer, const struct bts_struct *in);
+};
+
 
 /*
- * Write one or more BTS/PEBS records at the write pointer index and
- * advance the write pointer.
- *
- * If size is not a multiple of the record size, trailing bytes are
- * zeroed out.
+ * The PEBS state.
  *
- * May result in one or more overflow notifications.
- *
- * If called during overflow handling, that is, with index >=
- * interrupt threshold, the write will wrap around.
+ * This gives access to the raw DS state and the PEBS-specific counter
+ * reset value.
+ */
+struct pebs_trace {
+        struct ds_trace ds;
+
+        /* the PEBS reset value */
+        unsigned long long reset_value;
+};
+
+
+/*
+ * Read the BTS or PEBS trace.
  *
- * An overflow notification is given if and when the interrupt
- * threshold is reached during or after the write.
+ * Returns a view on the trace collected for the parameter tracer.
  *
- * Returns the number of bytes written or -Eerrno.
+ * The view remains valid as long as the traced task is not running or
+ * the tracer is suspended.
+ * Writes into the trace buffer are not reflected.
  *
  * tracer: the tracer handle returned from ds_request_~()
- * buffer: the buffer to write
- * size: the size of the buffer
  */
-extern int ds_write_bts(struct bts_tracer *tracer,
-                        const void *buffer, size_t size);
-extern int ds_write_pebs(struct pebs_tracer *tracer,
-                         const void *buffer, size_t size);
+extern const struct bts_trace *ds_read_bts(struct bts_tracer *tracer);
+extern const struct pebs_trace *ds_read_pebs(struct pebs_tracer *tracer);
+
 
 /*
  * Reset the write pointer of the BTS/PEBS buffer.
@@ -156,27 +232,6 @@ extern int ds_reset_bts(struct bts_tracer *tracer);
 extern int ds_reset_pebs(struct pebs_tracer *tracer);
 
 /*
- * Clear the BTS/PEBS buffer and reset the write pointer.
- * The entire buffer will be zeroed out.
- *
- * Returns 0 on success; -Eerrno on error
- *
- * tracer: the tracer handle returned from ds_request_~()
- */
-extern int ds_clear_bts(struct bts_tracer *tracer);
-extern int ds_clear_pebs(struct pebs_tracer *tracer);
-
-/*
- * Provide the PEBS counter reset value.
- *
- * Returns 0 on success; -Eerrno on error
- *
- * tracer: the tracer handle returned from ds_request_pebs()
- * value (out): the counter reset value
- */
-extern int ds_get_pebs_reset(struct pebs_tracer *tracer, u64 *value);
-
-/*
  * Set the PEBS counter reset value.
  *
  * Returns 0 on success; -Eerrno on error
@@ -192,35 +247,26 @@ extern int ds_set_pebs_reset(struct pebs_tracer *tracer, u64 value);
 struct cpuinfo_x86;
 extern void __cpuinit ds_init_intel(struct cpuinfo_x86 *);
 
-
-
 /*
- * The DS context - part of struct thread_struct.
+ * Context switch work
  */
-#define MAX_SIZEOF_DS (12 * 8)
-
-struct ds_context {
-        /* pointer to the DS configuration; goes into MSR_IA32_DS_AREA */
-        unsigned char ds[MAX_SIZEOF_DS];
-        /* the owner of the BTS and PEBS configuration, respectively */
-        struct ds_tracer  *owner[2];
-        /* use count */
-        unsigned long count;
-        /* a pointer to the context location inside the thread_struct
-         * or the per_cpu context array */
-        struct ds_context **this;
-        /* a pointer to the task owning this context, or NULL, if the
-         * context is owned by a cpu */
-        struct task_struct *task;
-};
+extern void ds_switch_to(struct task_struct *prev, struct task_struct *next);
 
-/* called by exit_thread() to free leftover contexts */
-extern void ds_free(struct ds_context *context);
+/*
+ * Task clone/init and cleanup work
+ */
+extern void ds_copy_thread(struct task_struct *tsk, struct task_struct *father);
+extern void ds_exit_thread(struct task_struct *tsk);
 
 #else /* CONFIG_X86_DS */
 
 struct cpuinfo_x86;
 static inline void __cpuinit ds_init_intel(struct cpuinfo_x86 *ignored) {}
+static inline void ds_switch_to(struct task_struct *prev,
+                                struct task_struct *next) {}
+static inline void ds_copy_thread(struct task_struct *tsk,
+                                  struct task_struct *father) {}
+static inline void ds_exit_thread(struct task_struct *tsk) {}
 
 #endif /* CONFIG_X86_DS */
 #endif /* _ASM_X86_DS_H */
diff --git a/arch/x86/include/asm/dwarf2.h b/arch/x86/include/asm/dwarf2.h
index 804b6e6be929..3afc5e87cfdd 100644
--- a/arch/x86/include/asm/dwarf2.h
+++ b/arch/x86/include/asm/dwarf2.h
@@ -6,56 +6,91 @@
 #endif
 
 /*
-   Macros for dwarf2 CFI unwind table entries.
-   See "as.info" for details on these pseudo ops. Unfortunately
-   they are only supported in very new binutils, so define them
-   away for older version.
+ * Macros for dwarf2 CFI unwind table entries.
+ * See "as.info" for details on these pseudo ops. Unfortunately
+ * they are only supported in very new binutils, so define them
+ * away for older version.
  */
 
 #ifdef CONFIG_AS_CFI
 
-#define CFI_STARTPROC .cfi_startproc
-#define CFI_ENDPROC .cfi_endproc
-#define CFI_DEF_CFA .cfi_def_cfa
-#define CFI_DEF_CFA_REGISTER .cfi_def_cfa_register
-#define CFI_DEF_CFA_OFFSET .cfi_def_cfa_offset
-#define CFI_ADJUST_CFA_OFFSET .cfi_adjust_cfa_offset
-#define CFI_OFFSET .cfi_offset
-#define CFI_REL_OFFSET .cfi_rel_offset
-#define CFI_REGISTER .cfi_register
-#define CFI_RESTORE .cfi_restore
-#define CFI_REMEMBER_STATE .cfi_remember_state
-#define CFI_RESTORE_STATE .cfi_restore_state
-#define CFI_UNDEFINED .cfi_undefined
+#define CFI_STARTPROC           .cfi_startproc
+#define CFI_ENDPROC             .cfi_endproc
+#define CFI_DEF_CFA             .cfi_def_cfa
+#define CFI_DEF_CFA_REGISTER    .cfi_def_cfa_register
+#define CFI_DEF_CFA_OFFSET      .cfi_def_cfa_offset
+#define CFI_ADJUST_CFA_OFFSET   .cfi_adjust_cfa_offset
+#define CFI_OFFSET              .cfi_offset
+#define CFI_REL_OFFSET          .cfi_rel_offset
+#define CFI_REGISTER            .cfi_register
+#define CFI_RESTORE             .cfi_restore
+#define CFI_REMEMBER_STATE      .cfi_remember_state
+#define CFI_RESTORE_STATE       .cfi_restore_state
+#define CFI_UNDEFINED           .cfi_undefined
 
 #ifdef CONFIG_AS_CFI_SIGNAL_FRAME
-#define CFI_SIGNAL_FRAME .cfi_signal_frame
+#define CFI_SIGNAL_FRAME        .cfi_signal_frame
 #else
 #define CFI_SIGNAL_FRAME
 #endif
 
 #else
 
-/* Due to the structure of pre-exisiting code, don't use assembler line
-   comment character # to ignore the arguments. Instead, use a dummy macro. */
+/*
+ * Due to the structure of pre-exisiting code, don't use assembler line
+ * comment character # to ignore the arguments. Instead, use a dummy macro.
+ */
 .macro cfi_ignore a=0, b=0, c=0, d=0
 .endm
 
-#define CFI_STARTPROC   cfi_ignore
-#define CFI_ENDPROC     cfi_ignore
-#define CFI_DEF_CFA     cfi_ignore
+#define CFI_STARTPROC           cfi_ignore
+#define CFI_ENDPROC             cfi_ignore
+#define CFI_DEF_CFA             cfi_ignore
 #define CFI_DEF_CFA_REGISTER    cfi_ignore
 #define CFI_DEF_CFA_OFFSET      cfi_ignore
 #define CFI_ADJUST_CFA_OFFSET   cfi_ignore
-#define CFI_OFFSET      cfi_ignore
-#define CFI_REL_OFFSET  cfi_ignore
-#define CFI_REGISTER    cfi_ignore
-#define CFI_RESTORE     cfi_ignore
-#define CFI_REMEMBER_STATE cfi_ignore
-#define CFI_RESTORE_STATE cfi_ignore
-#define CFI_UNDEFINED cfi_ignore
-#define CFI_SIGNAL_FRAME cfi_ignore
+#define CFI_OFFSET              cfi_ignore
+#define CFI_REL_OFFSET          cfi_ignore
+#define CFI_REGISTER            cfi_ignore
+#define CFI_RESTORE             cfi_ignore
+#define CFI_REMEMBER_STATE      cfi_ignore
+#define CFI_RESTORE_STATE       cfi_ignore
+#define CFI_UNDEFINED           cfi_ignore
+#define CFI_SIGNAL_FRAME        cfi_ignore
 
 #endif
 
+/*
+ * An attempt to make CFI annotations more or less
+ * correct and shorter. It is implied that you know
+ * what you're doing if you use them.
+ */
+#ifdef __ASSEMBLY__
+#ifdef CONFIG_X86_64
+        .macro pushq_cfi reg
+        pushq \reg
+        CFI_ADJUST_CFA_OFFSET 8
+        .endm
+
+        .macro popq_cfi reg
+        popq \reg
+        CFI_ADJUST_CFA_OFFSET -8
+        .endm
+
+        .macro movq_cfi reg offset=0
+        movq %\reg, \offset(%rsp)
+        CFI_REL_OFFSET \reg, \offset
+        .endm
+
+        .macro movq_cfi_restore offset reg
+        movq \offset(%rsp), %\reg
+        CFI_RESTORE \reg
+        .endm
+#else /*!CONFIG_X86_64*/
+
+        /* 32bit defenitions are missed yet */
+
+#endif /*!CONFIG_X86_64*/
+#endif /*__ASSEMBLY__*/
+
 #endif /* _ASM_X86_DWARF2_H */
diff --git a/arch/x86/include/asm/elf.h b/arch/x86/include/asm/elf.h
index 40ca1bea7916..f51a3ddde01a 100644
--- a/arch/x86/include/asm/elf.h
+++ b/arch/x86/include/asm/elf.h
@@ -325,7 +325,7 @@ struct linux_binprm;
 
 #define ARCH_HAS_SETUP_ADDITIONAL_PAGES 1
 extern int arch_setup_additional_pages(struct linux_binprm *bprm,
-                                       int executable_stack);
+                                       int uses_interp);
 
 extern int syscall32_setup_pages(struct linux_binprm *, int exstack);
 #define compat_arch_setup_additional_pages      syscall32_setup_pages
diff --git a/arch/x86/include/asm/ftrace.h b/arch/x86/include/asm/ftrace.h
index 7e61b4ceb9a4..b55b4a7fbefd 100644
--- a/arch/x86/include/asm/ftrace.h
+++ b/arch/x86/include/asm/ftrace.h
@@ -1,6 +1,33 @@
 #ifndef _ASM_X86_FTRACE_H
 #define _ASM_X86_FTRACE_H
 
+#ifdef __ASSEMBLY__
+
+        .macro MCOUNT_SAVE_FRAME
+        /* taken from glibc */
+        subq $0x38, %rsp
+        movq %rax, (%rsp)
+        movq %rcx, 8(%rsp)
+        movq %rdx, 16(%rsp)
+        movq %rsi, 24(%rsp)
+        movq %rdi, 32(%rsp)
+        movq %r8, 40(%rsp)
+        movq %r9, 48(%rsp)
+        .endm
+
+        .macro MCOUNT_RESTORE_FRAME
+        movq 48(%rsp), %r9
+        movq 40(%rsp), %r8
+        movq 32(%rsp), %rdi
+        movq 24(%rsp), %rsi
+        movq 16(%rsp), %rdx
+        movq 8(%rsp), %rcx
+        movq (%rsp), %rax
+        addq $0x38, %rsp
+        .endm
+
+#endif
+
 #ifdef CONFIG_FUNCTION_TRACER
 #define MCOUNT_ADDR             ((long)(mcount))
 #define MCOUNT_INSN_SIZE        5 /* sizeof mcount call */
@@ -46,7 +73,7 @@ struct ftrace_ret_stack {
 /*
  * Primary handler of a function return.
  * It relays on ftrace_return_to_handler.
- * Defined in entry32.S
+ * Defined in entry_32/64.S
  */
 extern void return_to_handler(void);
 
diff --git a/arch/x86/include/asm/gart.h b/arch/x86/include/asm/gart.h
index 74252264433d..6cfdafa409d8 100644
--- a/arch/x86/include/asm/gart.h
+++ b/arch/x86/include/asm/gart.h
@@ -29,6 +29,39 @@ extern int fix_aperture;
 #define AMD64_GARTCACHECTL      0x9c
 #define AMD64_GARTEN            (1<<0)
 
+#ifdef CONFIG_GART_IOMMU
+extern int gart_iommu_aperture;
+extern int gart_iommu_aperture_allowed;
+extern int gart_iommu_aperture_disabled;
+
+extern void early_gart_iommu_check(void);
+extern void gart_iommu_init(void);
+extern void gart_iommu_shutdown(void);
+extern void __init gart_parse_options(char *);
+extern void gart_iommu_hole_init(void);
+
+#else
+#define gart_iommu_aperture            0
+#define gart_iommu_aperture_allowed    0
+#define gart_iommu_aperture_disabled   1
+
+static inline void early_gart_iommu_check(void)
+{
+}
+static inline void gart_iommu_init(void)
+{
+}
+static inline void gart_iommu_shutdown(void)
+{
+}
+static inline void gart_parse_options(char *options)
+{
+}
+static inline void gart_iommu_hole_init(void)
+{
+}
+#endif
+
 extern int agp_amd64_init(void);
 
 static inline void enable_gart_translation(struct pci_dev *dev, u64 addr)
diff --git a/arch/x86/include/asm/hardirq_32.h b/arch/x86/include/asm/hardirq_32.h
index 5ca135e72f2b..cf7954d1405f 100644
--- a/arch/x86/include/asm/hardirq_32.h
+++ b/arch/x86/include/asm/hardirq_32.h
@@ -22,6 +22,8 @@ DECLARE_PER_CPU(irq_cpustat_t, irq_stat);
 #define __ARCH_IRQ_STAT
 #define __IRQ_STAT(cpu, member) (per_cpu(irq_stat, cpu).member)
 
+#define inc_irq_stat(member)    (__get_cpu_var(irq_stat).member++)
+
 void ack_bad_irq(unsigned int irq);
 #include <linux/irq_cpustat.h>
 
diff --git a/arch/x86/include/asm/hardirq_64.h b/arch/x86/include/asm/hardirq_64.h
index 1ba381fc51d3..b5a6b5d56704 100644
--- a/arch/x86/include/asm/hardirq_64.h
+++ b/arch/x86/include/asm/hardirq_64.h
@@ -11,6 +11,8 @@
 
 #define __ARCH_IRQ_STAT 1
 
+#define inc_irq_stat(member)    add_pda(member, 1)
+
 #define local_softirq_pending() read_pda(__softirq_pending)
 
 #define __ARCH_SET_SOFTIRQ_PENDING 1
diff --git a/arch/x86/include/asm/hw_irq.h b/arch/x86/include/asm/hw_irq.h
index b97aecb0b61d..8de644b6b959 100644
--- a/arch/x86/include/asm/hw_irq.h
+++ b/arch/x86/include/asm/hw_irq.h
@@ -109,9 +109,7 @@ extern asmlinkage void smp_invalidate_interrupt(struct pt_regs *);
 #endif
 #endif
 
-#ifdef CONFIG_X86_32
-extern void (*const interrupt[NR_VECTORS])(void);
-#endif
+extern void (*__initconst interrupt[NR_VECTORS-FIRST_EXTERNAL_VECTOR])(void);
 
 typedef int vector_irq_t[NR_VECTORS];
 DECLARE_PER_CPU(vector_irq_t, vector_irq);
diff --git a/arch/x86/include/asm/hypervisor.h b/arch/x86/include/asm/hypervisor.h
new file mode 100644
index 000000000000..369f5c5d09a1
--- /dev/null
+++ b/arch/x86/include/asm/hypervisor.h
@@ -0,0 +1,26 @@
+/*
+ * Copyright (C) 2008, VMware, Inc.
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE, GOOD TITLE or
+ * NON INFRINGEMENT.  See the GNU General Public License for more
+ * details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ */
+#ifndef ASM_X86__HYPERVISOR_H
+#define ASM_X86__HYPERVISOR_H
+
+extern unsigned long get_hypervisor_tsc_freq(void);
+extern void init_hypervisor(struct cpuinfo_x86 *c);
+
+#endif
diff --git a/arch/x86/include/asm/ia32.h b/arch/x86/include/asm/ia32.h
index 97989c0e534c..50ca486fd88c 100644
--- a/arch/x86/include/asm/ia32.h
+++ b/arch/x86/include/asm/ia32.h
@@ -129,24 +129,6 @@ typedef struct compat_siginfo {
         } _sifields;
 } compat_siginfo_t;
 
-struct sigframe32 {
-        u32 pretcode;
-        int sig;
-        struct sigcontext_ia32 sc;
-        struct _fpstate_ia32 fpstate;
-        unsigned int extramask[_COMPAT_NSIG_WORDS-1];
-};
-
-struct rt_sigframe32 {
-        u32 pretcode;
-        int sig;
-        u32 pinfo;
-        u32 puc;
-        compat_siginfo_t info;
-        struct ucontext_ia32 uc;
-        struct _fpstate_ia32 fpstate;
-};
-
 struct ustat32 {
         __u32                   f_tfree;
         compat_ino_t            f_tinode;
diff --git a/arch/x86/include/asm/idle.h b/arch/x86/include/asm/idle.h
index 44c89c3a23e9..38d87379e270 100644
--- a/arch/x86/include/asm/idle.h
+++ b/arch/x86/include/asm/idle.h
@@ -8,8 +8,13 @@ struct notifier_block;
 void idle_notifier_register(struct notifier_block *n);
 void idle_notifier_unregister(struct notifier_block *n);
 
+#ifdef CONFIG_X86_64
 void enter_idle(void);
 void exit_idle(void);
+#else /* !CONFIG_X86_64 */
+static inline void enter_idle(void) { }
+static inline void exit_idle(void) { }
+#endif /* CONFIG_X86_64 */
 
 void c1e_remove_cpu(int cpu);
 
diff --git a/arch/x86/include/asm/io.h b/arch/x86/include/asm/io.h
index ac2abc88cd95..05cfed4485fa 100644
--- a/arch/x86/include/asm/io.h
+++ b/arch/x86/include/asm/io.h
@@ -4,6 +4,7 @@
 #define ARCH_HAS_IOREMAP_WC
 
 #include <linux/compiler.h>
+#include <asm-generic/int-ll64.h>
 
 #define build_mmio_read(name, size, type, reg, barrier) \
 static inline type name(const volatile void __iomem *addr) \
@@ -45,21 +46,39 @@ build_mmio_write(__writel, "l", unsigned int, "r", )
 #define mmiowb() barrier()
 
 #ifdef CONFIG_X86_64
+
 build_mmio_read(readq, "q", unsigned long, "=r", :"memory")
-build_mmio_read(__readq, "q", unsigned long, "=r", )
 build_mmio_write(writeq, "q", unsigned long, "r", :"memory")
-build_mmio_write(__writeq, "q", unsigned long, "r", )
 
-#define readq_relaxed(a) __readq(a)
-#define __raw_readq __readq
-#define __raw_writeq writeq
+#else
+
+static inline __u64 readq(const volatile void __iomem *addr)
+{
+        const volatile u32 __iomem *p = addr;
+        u32 low, high;
+
+        low = readl(p);
+        high = readl(p + 1);
+
+        return low + ((u64)high << 32);
+}
+
+static inline void writeq(__u64 val, volatile void __iomem *addr)
+{
+        writel(val, addr);
+        writel(val >> 32, addr+4);
+}
 
-/* Let people know we have them */
-#define readq readq
-#define writeq writeq
 #endif
 
-extern int iommu_bio_merge;
+#define readq_relaxed(a)        readq(a)
+
+#define __raw_readq(a)          readq(a)
+#define __raw_writeq(val, addr) writeq(val, addr)
+
+/* Let people know that we have them */
+#define readq                   readq
+#define writeq                  writeq
 
 #ifdef CONFIG_X86_32
 # include "io_32.h"
diff --git a/arch/x86/include/asm/io_64.h b/arch/x86/include/asm/io_64.h
index fea325a1122f..563c16270ba6 100644
--- a/arch/x86/include/asm/io_64.h
+++ b/arch/x86/include/asm/io_64.h
@@ -232,8 +232,6 @@ void memset_io(volatile void __iomem *a, int b, size_t c);
 
 #define flush_write_buffers()
 
-#define BIO_VMERGE_BOUNDARY iommu_bio_merge
-
 /*
  * Convert a virtual cached pointer to an uncached pointer
  */
diff --git a/arch/x86/include/asm/io_apic.h b/arch/x86/include/asm/io_apic.h
index 25d527ca1362..7a1f44ac1f17 100644
--- a/arch/x86/include/asm/io_apic.h
+++ b/arch/x86/include/asm/io_apic.h
@@ -156,11 +156,21 @@ extern int sis_apic_bug;
 /* 1 if "noapic" boot option passed */
 extern int skip_ioapic_setup;
 
+/* 1 if "noapic" boot option passed */
+extern int noioapicquirk;
+
+/* -1 if "noapic" boot option passed */
+extern int noioapicreroute;
+
 /* 1 if the timer IRQ uses the '8259A Virtual Wire' mode */
 extern int timer_through_8259;
 
 static inline void disable_ioapic_setup(void)
 {
+#ifdef CONFIG_PCI
+        noioapicquirk = 1;
+        noioapicreroute = -1;
+#endif
         skip_ioapic_setup = 1;
 }
 
diff --git a/arch/x86/include/asm/iommu.h b/arch/x86/include/asm/iommu.h
index 0b500c5b6446..a6ee9e6f530f 100644
--- a/arch/x86/include/asm/iommu.h
+++ b/arch/x86/include/asm/iommu.h
@@ -7,42 +7,7 @@ extern struct dma_mapping_ops nommu_dma_ops;
 extern int force_iommu, no_iommu;
 extern int iommu_detected;
 
-extern unsigned long iommu_nr_pages(unsigned long addr, unsigned long len);
-
 /* 10 seconds */
 #define DMAR_OPERATION_TIMEOUT ((cycles_t) tsc_khz*10*1000)
 
-#ifdef CONFIG_GART_IOMMU
-extern int gart_iommu_aperture;
-extern int gart_iommu_aperture_allowed;
-extern int gart_iommu_aperture_disabled;
-
-extern void early_gart_iommu_check(void);
-extern void gart_iommu_init(void);
-extern void gart_iommu_shutdown(void);
-extern void __init gart_parse_options(char *);
-extern void gart_iommu_hole_init(void);
-
-#else
-#define gart_iommu_aperture            0
-#define gart_iommu_aperture_allowed    0
-#define gart_iommu_aperture_disabled   1
-
-static inline void early_gart_iommu_check(void)
-{
-}
-static inline void gart_iommu_init(void)
-{
-}
-static inline void gart_iommu_shutdown(void)
-{
-}
-static inline void gart_parse_options(char *options)
-{
-}
-static inline void gart_iommu_hole_init(void)
-{
-}
-#endif
-
 #endif /* _ASM_X86_IOMMU_H */
diff --git a/arch/x86/include/asm/irq.h b/arch/x86/include/asm/irq.h
index 4bb732e45a85..592688ed04d3 100644
--- a/arch/x86/include/asm/irq.h
+++ b/arch/x86/include/asm/irq.h
@@ -31,10 +31,6 @@ static inline int irq_canonicalize(int irq)
 # endif
 #endif
 
-#ifdef CONFIG_IRQBALANCE
-extern int irqbalance_disable(char *str);
-#endif
-
 #ifdef CONFIG_HOTPLUG_CPU
 #include <linux/cpumask.h>
 extern void fixup_irqs(void);
diff --git a/arch/x86/include/asm/irq_regs_32.h b/arch/x86/include/asm/irq_regs_32.h
index af2f02d27fc7..86afd7473457 100644
--- a/arch/x86/include/asm/irq_regs_32.h
+++ b/arch/x86/include/asm/irq_regs_32.h
@@ -9,6 +9,8 @@
 
 #include <asm/percpu.h>
 
+#define ARCH_HAS_OWN_IRQ_REGS
+
 DECLARE_PER_CPU(struct pt_regs *, irq_regs);
 
 static inline struct pt_regs *get_irq_regs(void)
diff --git a/arch/x86/include/asm/linkage.h b/arch/x86/include/asm/linkage.h
index f61ee8f937e4..5d98d0b68ffc 100644
--- a/arch/x86/include/asm/linkage.h
+++ b/arch/x86/include/asm/linkage.h
@@ -57,5 +57,65 @@
 #define __ALIGN_STR ".align 16,0x90"
 #endif
 
+/*
+ * to check ENTRY_X86/END_X86 and
+ * KPROBE_ENTRY_X86/KPROBE_END_X86
+ * unbalanced-missed-mixed appearance
+ */
+#define __set_entry_x86         .set ENTRY_X86_IN, 0
+#define __unset_entry_x86       .set ENTRY_X86_IN, 1
+#define __set_kprobe_x86        .set KPROBE_X86_IN, 0
+#define __unset_kprobe_x86      .set KPROBE_X86_IN, 1
+
+#define __macro_err_x86 .error "ENTRY_X86/KPROBE_X86 unbalanced,missed,mixed"
+
+#define __check_entry_x86       \
+        .ifdef ENTRY_X86_IN;    \
+        .ifeq ENTRY_X86_IN;     \
+        __macro_err_x86;        \
+        .abort;                 \
+        .endif;                 \
+        .endif
+
+#define __check_kprobe_x86      \
+        .ifdef KPROBE_X86_IN;   \
+        .ifeq KPROBE_X86_IN;    \
+        __macro_err_x86;        \
+        .abort;                 \
+        .endif;                 \
+        .endif
+
+#define __check_entry_kprobe_x86        \
+        __check_entry_x86;              \
+        __check_kprobe_x86
+
+#define ENTRY_KPROBE_FINAL_X86 __check_entry_kprobe_x86
+
+#define ENTRY_X86(name)                 \
+        __check_entry_kprobe_x86;       \
+        __set_entry_x86;                \
+        .globl name;                    \
+        __ALIGN;                        \
+        name:
+
+#define END_X86(name)                   \
+        __unset_entry_x86;              \
+        __check_entry_kprobe_x86;       \
+        .size name, .-name
+
+#define KPROBE_ENTRY_X86(name)          \
+        __check_entry_kprobe_x86;       \
+        __set_kprobe_x86;               \
+        .pushsection .kprobes.text, "ax"; \
+        .globl name;                    \
+        __ALIGN;                        \
+        name:
+
+#define KPROBE_END_X86(name)            \
+        __unset_kprobe_x86;             \
+        __check_entry_kprobe_x86;       \
+        .size name, .-name;             \
+        .popsection
+
 #endif /* _ASM_X86_LINKAGE_H */
 
diff --git a/arch/x86/include/asm/mmu_context_32.h b/arch/x86/include/asm/mmu_context_32.h
index 8e10015781fb..7e98ce1d2c0e 100644
--- a/arch/x86/include/asm/mmu_context_32.h
+++ b/arch/x86/include/asm/mmu_context_32.h
@@ -4,9 +4,8 @@
 static inline void enter_lazy_tlb(struct mm_struct *mm, struct task_struct *tsk)
 {
 #ifdef CONFIG_SMP
-        unsigned cpu = smp_processor_id();
-        if (per_cpu(cpu_tlbstate, cpu).state == TLBSTATE_OK)
-                per_cpu(cpu_tlbstate, cpu).state = TLBSTATE_LAZY;
+        if (x86_read_percpu(cpu_tlbstate.state) == TLBSTATE_OK)
+                x86_write_percpu(cpu_tlbstate.state, TLBSTATE_LAZY);
 #endif
 }
 
@@ -20,8 +19,8 @@ static inline void switch_mm(struct mm_struct *prev,
                 /* stop flush ipis for the previous mm */
                 cpu_clear(cpu, prev->cpu_vm_mask);
 #ifdef CONFIG_SMP
-                per_cpu(cpu_tlbstate, cpu).state = TLBSTATE_OK;
-                per_cpu(cpu_tlbstate, cpu).active_mm = next;
+                x86_write_percpu(cpu_tlbstate.state, TLBSTATE_OK);
+                x86_write_percpu(cpu_tlbstate.active_mm, next);
 #endif
                 cpu_set(cpu, next->cpu_vm_mask);
 
@@ -36,8 +35,8 @@ static inline void switch_mm(struct mm_struct *prev,
         }
 #ifdef CONFIG_SMP
         else {
-                per_cpu(cpu_tlbstate, cpu).state = TLBSTATE_OK;
-                BUG_ON(per_cpu(cpu_tlbstate, cpu).active_mm != next);
+                x86_write_percpu(cpu_tlbstate.state, TLBSTATE_OK);
+                BUG_ON(x86_read_percpu(cpu_tlbstate.active_mm) != next);
 
                 if (!cpu_test_and_set(cpu, next->cpu_vm_mask)) {
                         /* We were in lazy tlb mode and leave_mm disabled
diff --git a/arch/x86/include/asm/msr-index.h b/arch/x86/include/asm/msr-index.h
index e38859d577a1..cb58643947b9 100644
--- a/arch/x86/include/asm/msr-index.h
+++ b/arch/x86/include/asm/msr-index.h
@@ -85,7 +85,9 @@
 /* AMD64 MSRs. Not complete. See the architecture manual for a more
    complete list. */
 
+#define MSR_AMD64_PATCH_LEVEL           0x0000008b
 #define MSR_AMD64_NB_CFG                0xc001001f
+#define MSR_AMD64_PATCH_LOADER          0xc0010020
 #define MSR_AMD64_IBSFETCHCTL           0xc0011030
 #define MSR_AMD64_IBSFETCHLINAD         0xc0011031
 #define MSR_AMD64_IBSFETCHPHYSAD        0xc0011032
diff --git a/arch/x86/include/asm/msr.h b/arch/x86/include/asm/msr.h
index c2a812ebde89..638bf6241807 100644
--- a/arch/x86/include/asm/msr.h
+++ b/arch/x86/include/asm/msr.h
@@ -22,10 +22,10 @@ static inline unsigned long long native_read_tscp(unsigned int *aux)
 }
 
 /*
- * i386 calling convention returns 64-bit value in edx:eax, while
- * x86_64 returns at rax. Also, the "A" constraint does not really
- * mean rdx:rax in x86_64, so we need specialized behaviour for each
- * architecture
+ * both i386 and x86_64 returns 64-bit value in edx:eax, but gcc's "A"
+ * constraint has different meanings. For i386, "A" means exactly
+ * edx:eax, while for x86_64 it doesn't mean rdx:rax or edx:eax. Instead,
+ * it means rax *or* rdx.
  */
 #ifdef CONFIG_X86_64
 #define DECLARE_ARGS(val, low, high)    unsigned low, high
@@ -85,7 +85,8 @@ static inline void native_write_msr(unsigned int msr,
         asm volatile("wrmsr" : : "c" (msr), "a"(low), "d" (high) : "memory");
 }
 
-static inline int native_write_msr_safe(unsigned int msr,
+/* Can be uninlined because referenced by paravirt */
+notrace static inline int native_write_msr_safe(unsigned int msr,
                                         unsigned low, unsigned high)
 {
         int err;
@@ -181,10 +182,10 @@ static inline int rdmsrl_amd_safe(unsigned msr, unsigned long long *p)
 }
 
 #define rdtscl(low)                                             \
-        ((low) = (u32)native_read_tsc())
+        ((low) = (u32)__native_read_tsc())
 
 #define rdtscll(val)                                            \
-        ((val) = native_read_tsc())
+        ((val) = __native_read_tsc())
 
 #define rdpmc(counter, low, high)                       \
 do {                                                    \
diff --git a/arch/x86/include/asm/pci.h b/arch/x86/include/asm/pci.h
index 875b38edf193..a977de23cb4d 100644
--- a/arch/x86/include/asm/pci.h
+++ b/arch/x86/include/asm/pci.h
@@ -19,6 +19,8 @@ struct pci_sysdata {
 };
 
 extern int pci_routeirq;
+extern int noioapicquirk;
+extern int noioapicreroute;
 
 /* scan a bus after allocating a pci_sysdata for it */
 extern struct pci_bus *pci_scan_bus_on_node(int busno, struct pci_ops *ops,
@@ -82,6 +84,8 @@ static inline void pci_dma_burst_advice(struct pci_dev *pdev,
 static inline void early_quirks(void) { }
 #endif
 
+extern void pci_iommu_alloc(void);
+
 #endif  /* __KERNEL__ */
 
 #ifdef CONFIG_X86_32
@@ -98,9 +102,9 @@ static inline void early_quirks(void) { }
 
 #ifdef CONFIG_NUMA
 /* Returns the node based on pci bus */
-static inline int __pcibus_to_node(struct pci_bus *bus)
+static inline int __pcibus_to_node(const struct pci_bus *bus)
 {
-        struct pci_sysdata *sd = bus->sysdata;
+        const struct pci_sysdata *sd = bus->sysdata;
 
         return sd->node;
 }
@@ -109,6 +113,12 @@ static inline cpumask_t __pcibus_to_cpumask(struct pci_bus *bus)
 {
         return node_to_cpumask(__pcibus_to_node(bus));
 }
+
+static inline const struct cpumask *
+cpumask_of_pcibus(const struct pci_bus *bus)
+{
+        return cpumask_of_node(__pcibus_to_node(bus));
+}
 #endif
 
 #endif /* _ASM_X86_PCI_H */
diff --git a/arch/x86/include/asm/pci_64.h b/arch/x86/include/asm/pci_64.h
index d02d936840a3..4da207982777 100644
--- a/arch/x86/include/asm/pci_64.h
+++ b/arch/x86/include/asm/pci_64.h
@@ -23,7 +23,6 @@ extern int (*pci_config_write)(int seg, int bus, int dev, int fn,
                                int reg, int len, u32 value);
 
 extern void dma32_reserve_bootmem(void);
-extern void pci_iommu_alloc(void);
 
 /* The PCI address space does equal the physical memory
  * address space.  The networking and block device layers use
diff --git a/arch/x86/include/asm/pgtable-2level.h b/arch/x86/include/asm/pgtable-2level.h
index b17edfd23628..e0d199fe1d83 100644
--- a/arch/x86/include/asm/pgtable-2level.h
+++ b/arch/x86/include/asm/pgtable-2level.h
@@ -56,23 +56,55 @@ static inline pte_t native_ptep_get_and_clear(pte_t *xp)
 #define pte_none(x)             (!(x).pte_low)
 
 /*
- * Bits 0, 6 and 7 are taken, split up the 29 bits of offset
- * into this range:
+ * Bits _PAGE_BIT_PRESENT, _PAGE_BIT_FILE and _PAGE_BIT_PROTNONE are taken,
+ * split up the 29 bits of offset into this range:
  */
 #define PTE_FILE_MAX_BITS       29
+#define PTE_FILE_SHIFT1         (_PAGE_BIT_PRESENT + 1)
+#if _PAGE_BIT_FILE < _PAGE_BIT_PROTNONE
+#define PTE_FILE_SHIFT2         (_PAGE_BIT_FILE + 1)
+#define PTE_FILE_SHIFT3         (_PAGE_BIT_PROTNONE + 1)
+#else
+#define PTE_FILE_SHIFT2         (_PAGE_BIT_PROTNONE + 1)
+#define PTE_FILE_SHIFT3         (_PAGE_BIT_FILE + 1)
+#endif
+#define PTE_FILE_BITS1          (PTE_FILE_SHIFT2 - PTE_FILE_SHIFT1 - 1)
+#define PTE_FILE_BITS2          (PTE_FILE_SHIFT3 - PTE_FILE_SHIFT2 - 1)
 
 #define pte_to_pgoff(pte)                                               \
-        ((((pte).pte_low >> 1) & 0x1f) + (((pte).pte_low >> 8) << 5))
+        ((((pte).pte_low >> PTE_FILE_SHIFT1)                            \
+          & ((1U << PTE_FILE_BITS1) - 1))                               \
+         + ((((pte).pte_low >> PTE_FILE_SHIFT2)                         \
+             & ((1U << PTE_FILE_BITS2) - 1)) << PTE_FILE_BITS1)         \
+         + (((pte).pte_low >> PTE_FILE_SHIFT3)                          \
+            << (PTE_FILE_BITS1 + PTE_FILE_BITS2)))
 
 #define pgoff_to_pte(off)                                               \
-        ((pte_t) { .pte_low = (((off) & 0x1f) << 1) +                   \
-                        (((off) >> 5) << 8) + _PAGE_FILE })
+        ((pte_t) { .pte_low =                                           \
+         (((off) & ((1U << PTE_FILE_BITS1) - 1)) << PTE_FILE_SHIFT1)    \
+         + ((((off) >> PTE_FILE_BITS1) & ((1U << PTE_FILE_BITS2) - 1))  \
+            << PTE_FILE_SHIFT2)                                         \
+         + (((off) >> (PTE_FILE_BITS1 + PTE_FILE_BITS2))                \
+            << PTE_FILE_SHIFT3)                                         \
+         + _PAGE_FILE })
 
 /* Encode and de-code a swap entry */
-#define __swp_type(x)                   (((x).val >> 1) & 0x1f)
-#define __swp_offset(x)                 ((x).val >> 8)
-#define __swp_entry(type, offset)                               \
-        ((swp_entry_t) { ((type) << 1) | ((offset) << 8) })
+#if _PAGE_BIT_FILE < _PAGE_BIT_PROTNONE
+#define SWP_TYPE_BITS (_PAGE_BIT_FILE - _PAGE_BIT_PRESENT - 1)
+#define SWP_OFFSET_SHIFT (_PAGE_BIT_PROTNONE + 1)
+#else
+#define SWP_TYPE_BITS (_PAGE_BIT_PROTNONE - _PAGE_BIT_PRESENT - 1)
+#define SWP_OFFSET_SHIFT (_PAGE_BIT_FILE + 1)
+#endif
+
+#define MAX_SWAPFILES_CHECK() BUILD_BUG_ON(MAX_SWAPFILES_SHIFT > SWP_TYPE_BITS)
+
+#define __swp_type(x)                   (((x).val >> (_PAGE_BIT_PRESENT + 1)) \
+                                         & ((1U << SWP_TYPE_BITS) - 1))
+#define __swp_offset(x)                 ((x).val >> SWP_OFFSET_SHIFT)
+#define __swp_entry(type, offset)       ((swp_entry_t) { \
+                                         ((type) << (_PAGE_BIT_PRESENT + 1)) \
+                                         | ((offset) << SWP_OFFSET_SHIFT) })
 #define __pte_to_swp_entry(pte)         ((swp_entry_t) { (pte).pte_low })
 #define __swp_entry_to_pte(x)           ((pte_t) { .pte = (x).val })
 
diff --git a/arch/x86/include/asm/pgtable-3level.h b/arch/x86/include/asm/pgtable-3level.h
index 52597aeadfff..447da43cddb3 100644
--- a/arch/x86/include/asm/pgtable-3level.h
+++ b/arch/x86/include/asm/pgtable-3level.h
@@ -166,6 +166,7 @@ static inline int pte_none(pte_t pte)
 #define PTE_FILE_MAX_BITS       32
 
 /* Encode and de-code a swap entry */
+#define MAX_SWAPFILES_CHECK() BUILD_BUG_ON(MAX_SWAPFILES_SHIFT > 5)
 #define __swp_type(x)                   (((x).val) & 0x1f)
 #define __swp_offset(x)                 ((x).val >> 5)
 #define __swp_entry(type, offset)       ((swp_entry_t){(type) | (offset) << 5})
diff --git a/arch/x86/include/asm/pgtable.h b/arch/x86/include/asm/pgtable.h
index c012f3b11671..83e69f4a37f0 100644
--- a/arch/x86/include/asm/pgtable.h
+++ b/arch/x86/include/asm/pgtable.h
@@ -10,7 +10,6 @@
 #define _PAGE_BIT_PCD           4       /* page cache disabled */
 #define _PAGE_BIT_ACCESSED      5       /* was accessed (raised by CPU) */
 #define _PAGE_BIT_DIRTY         6       /* was written to (raised by CPU) */
-#define _PAGE_BIT_FILE          6
 #define _PAGE_BIT_PSE           7       /* 4 MB (or 2MB) page */
 #define _PAGE_BIT_PAT           7       /* on 4KB pages */
 #define _PAGE_BIT_GLOBAL        8       /* Global TLB entry PPro+ */
@@ -22,6 +21,12 @@
 #define _PAGE_BIT_CPA_TEST      _PAGE_BIT_UNUSED1
 #define _PAGE_BIT_NX           63       /* No execute: only valid after cpuid check */
 
+/* If _PAGE_BIT_PRESENT is clear, we use these: */
+/* - if the user mapped it with PROT_NONE; pte_present gives true */
+#define _PAGE_BIT_PROTNONE      _PAGE_BIT_GLOBAL
+/* - set: nonlinear file mapping, saved PTE; unset:swap */
+#define _PAGE_BIT_FILE          _PAGE_BIT_DIRTY
+
 #define _PAGE_PRESENT   (_AT(pteval_t, 1) << _PAGE_BIT_PRESENT)
 #define _PAGE_RW        (_AT(pteval_t, 1) << _PAGE_BIT_RW)
 #define _PAGE_USER      (_AT(pteval_t, 1) << _PAGE_BIT_USER)
@@ -46,11 +51,8 @@
 #define _PAGE_NX        (_AT(pteval_t, 0))
 #endif
 
-/* If _PAGE_PRESENT is clear, we use these: */
-#define _PAGE_FILE      _PAGE_DIRTY     /* nonlinear file mapping,
-                                         * saved PTE; unset:swap */
-#define _PAGE_PROTNONE  _PAGE_PSE       /* if the user mapped it with PROT_NONE;
-                                           pte_present gives true */
+#define _PAGE_FILE      (_AT(pteval_t, 1) << _PAGE_BIT_FILE)
+#define _PAGE_PROTNONE  (_AT(pteval_t, 1) << _PAGE_BIT_PROTNONE)
 
 #define _PAGE_TABLE     (_PAGE_PRESENT | _PAGE_RW | _PAGE_USER |        \
                          _PAGE_ACCESSED | _PAGE_DIRTY)
@@ -158,8 +160,19 @@
 #define PGD_IDENT_ATTR   0x001          /* PRESENT (no other attributes) */
 #endif
 
+/*
+ * Macro to mark a page protection value as UC-
+ */
+#define pgprot_noncached(prot)                                  \
+        ((boot_cpu_data.x86 > 3)                                \
+         ? (__pgprot(pgprot_val(prot) | _PAGE_CACHE_UC_MINUS))  \
+         : (prot))
+
 #ifndef __ASSEMBLY__
 
+#define pgprot_writecombine     pgprot_writecombine
+extern pgprot_t pgprot_writecombine(pgprot_t prot);
+
 /*
  * ZERO_PAGE is a global shared page that is always zero: used
  * for zero-mapped memory areas etc..
@@ -329,6 +342,9 @@ static inline pgprot_t pgprot_modify(pgprot_t oldprot, pgprot_t newprot)
 #define canon_pgprot(p) __pgprot(pgprot_val(p) & __supported_pte_mask)
 
 #ifndef __ASSEMBLY__
+/* Indicate that x86 has its own track and untrack pfn vma functions */
+#define __HAVE_PFNMAP_TRACKING
+
 #define __HAVE_PHYS_MEM_ACCESS_PROT
 struct file;
 pgprot_t phys_mem_access_prot(struct file *file, unsigned long pfn,
diff --git a/arch/x86/include/asm/pgtable_32.h b/arch/x86/include/asm/pgtable_32.h
index f9d5889b336b..72b020deb46b 100644
--- a/arch/x86/include/asm/pgtable_32.h
+++ b/arch/x86/include/asm/pgtable_32.h
@@ -101,15 +101,6 @@ extern unsigned long pg0[];
 #endif
 
 /*
- * Macro to mark a page protection value as "uncacheable".
- * On processors which do not support it, this is a no-op.
- */
-#define pgprot_noncached(prot)                                  \
-        ((boot_cpu_data.x86 > 3)                                \
-         ? (__pgprot(pgprot_val(prot) | _PAGE_PCD | _PAGE_PWT)) \
-         : (prot))
-
-/*
  * Conversion functions: convert a page and protection to a page entry,
  * and a page entry and page directory to the page they refer to.
  */
diff --git a/arch/x86/include/asm/pgtable_64.h b/arch/x86/include/asm/pgtable_64.h
index 545a0e042bb2..ba09289accaa 100644
--- a/arch/x86/include/asm/pgtable_64.h
+++ b/arch/x86/include/asm/pgtable_64.h
@@ -146,7 +146,7 @@ static inline void native_pgd_clear(pgd_t *pgd)
 #define PGDIR_MASK      (~(PGDIR_SIZE - 1))
 
 
-#define MAXMEM           _AC(0x00003fffffffffff, UL)
+#define MAXMEM           _AC(__AC(1, UL) << MAX_PHYSMEM_BITS, UL)
 #define VMALLOC_START    _AC(0xffffc20000000000, UL)
 #define VMALLOC_END      _AC(0xffffe1ffffffffff, UL)
 #define VMEMMAP_START    _AC(0xffffe20000000000, UL)
@@ -177,12 +177,6 @@ static inline int pmd_bad(pmd_t pmd)
 #define pages_to_mb(x)  ((x) >> (20 - PAGE_SHIFT))   /* FIXME: is this right? */
 
 /*
- * Macro to mark a page protection value as "uncacheable".
- */
-#define pgprot_noncached(prot)                                  \
-        (__pgprot(pgprot_val((prot)) | _PAGE_PCD | _PAGE_PWT))
-
-/*
  * Conversion functions: convert a page and protection to a page entry,
  * and a page entry and page directory to the page they refer to.
  */
@@ -250,10 +244,22 @@ static inline int pud_large(pud_t pte)
 extern int direct_gbpages;
 
 /* Encode and de-code a swap entry */
-#define __swp_type(x)                   (((x).val >> 1) & 0x3f)
-#define __swp_offset(x)                 ((x).val >> 8)
-#define __swp_entry(type, offset)       ((swp_entry_t) { ((type) << 1) | \
-                                                         ((offset) << 8) })
+#if _PAGE_BIT_FILE < _PAGE_BIT_PROTNONE
+#define SWP_TYPE_BITS (_PAGE_BIT_FILE - _PAGE_BIT_PRESENT - 1)
+#define SWP_OFFSET_SHIFT (_PAGE_BIT_PROTNONE + 1)
+#else
+#define SWP_TYPE_BITS (_PAGE_BIT_PROTNONE - _PAGE_BIT_PRESENT - 1)
+#define SWP_OFFSET_SHIFT (_PAGE_BIT_FILE + 1)
+#endif
+
+#define MAX_SWAPFILES_CHECK() BUILD_BUG_ON(MAX_SWAPFILES_SHIFT > SWP_TYPE_BITS)
+
+#define __swp_type(x)                   (((x).val >> (_PAGE_BIT_PRESENT + 1)) \
+                                         & ((1U << SWP_TYPE_BITS) - 1))
+#define __swp_offset(x)                 ((x).val >> SWP_OFFSET_SHIFT)
+#define __swp_entry(type, offset)       ((swp_entry_t) { \
+                                         ((type) << (_PAGE_BIT_PRESENT + 1)) \
+                                         | ((offset) << SWP_OFFSET_SHIFT) })
 #define __pte_to_swp_entry(pte)         ((swp_entry_t) { pte_val((pte)) })
 #define __swp_entry_to_pte(x)           ((pte_t) { .pte = (x).val })
 
diff --git a/arch/x86/include/asm/prctl.h b/arch/x86/include/asm/prctl.h
index fe681147a4f7..a8894647dd9a 100644
--- a/arch/x86/include/asm/prctl.h
+++ b/arch/x86/include/asm/prctl.h
@@ -6,5 +6,8 @@
 #define ARCH_GET_FS 0x1003
 #define ARCH_GET_GS 0x1004
 
+#ifdef CONFIG_X86_64
+extern long sys_arch_prctl(int, unsigned long);
+#endif /* CONFIG_X86_64 */
 
 #endif /* _ASM_X86_PRCTL_H */
diff --git a/arch/x86/include/asm/processor.h b/arch/x86/include/asm/processor.h
index 5ca01e383269..091cd8855f2e 100644
--- a/arch/x86/include/asm/processor.h
+++ b/arch/x86/include/asm/processor.h
@@ -110,6 +110,7 @@ struct cpuinfo_x86 {
         /* Index into per_cpu list: */
         u16                     cpu_index;
 #endif
+        unsigned int            x86_hyper_vendor;
 } __attribute__((__aligned__(SMP_CACHE_BYTES)));
 
 #define X86_VENDOR_INTEL        0
@@ -123,6 +124,9 @@ struct cpuinfo_x86 {
 
 #define X86_VENDOR_UNKNOWN      0xff
 
+#define X86_HYPER_VENDOR_NONE  0
+#define X86_HYPER_VENDOR_VMWARE 1
+
 /*
  * capabilities of CPUs
  */
@@ -752,6 +756,19 @@ extern void switch_to_new_gdt(void);
 extern void cpu_init(void);
 extern void init_gdt(int cpu);
 
+static inline unsigned long get_debugctlmsr(void)
+{
+    unsigned long debugctlmsr = 0;
+
+#ifndef CONFIG_X86_DEBUGCTLMSR
+        if (boot_cpu_data.x86 < 6)
+                return 0;
+#endif
+        rdmsrl(MSR_IA32_DEBUGCTLMSR, debugctlmsr);
+
+    return debugctlmsr;
+}
+
 static inline void update_debugctlmsr(unsigned long debugctlmsr)
 {
 #ifndef CONFIG_X86_DEBUGCTLMSR
diff --git a/arch/x86/include/asm/ptrace.h b/arch/x86/include/asm/ptrace.h
index eefb0594b058..6d34d954c228 100644
--- a/arch/x86/include/asm/ptrace.h
+++ b/arch/x86/include/asm/ptrace.h
@@ -6,7 +6,6 @@
 #include <asm/processor-flags.h>
 
 #ifdef __KERNEL__
-#include <asm/ds.h>             /* the DS BTS struct is used for ptrace too */
 #include <asm/segment.h>
 #endif
 
@@ -128,34 +127,6 @@ struct pt_regs {
 #endif /* !__i386__ */
 
 
-#ifdef CONFIG_X86_PTRACE_BTS
-/* a branch trace record entry
- *
- * In order to unify the interface between various processor versions,
- * we use the below data structure for all processors.
- */
-enum bts_qualifier {
-        BTS_INVALID = 0,
-        BTS_BRANCH,
-        BTS_TASK_ARRIVES,
-        BTS_TASK_DEPARTS
-};
-
-struct bts_struct {
-        __u64 qualifier;
-        union {
-                /* BTS_BRANCH */
-                struct {
-                        __u64 from_ip;
-                        __u64 to_ip;
-                } lbr;
-                /* BTS_TASK_ARRIVES or
-                   BTS_TASK_DEPARTS */
-                __u64 jiffies;
-        } variant;
-};
-#endif /* CONFIG_X86_PTRACE_BTS */
-
 #ifdef __KERNEL__
 
 #include <linux/init.h>
@@ -163,13 +134,6 @@ struct bts_struct {
 struct cpuinfo_x86;
 struct task_struct;
 
-#ifdef CONFIG_X86_PTRACE_BTS
-extern void __cpuinit ptrace_bts_init_intel(struct cpuinfo_x86 *);
-extern void ptrace_bts_take_timestamp(struct task_struct *, enum bts_qualifier);
-#else
-#define ptrace_bts_init_intel(config) do {} while (0)
-#endif /* CONFIG_X86_PTRACE_BTS */
-
 extern unsigned long profile_pc(struct pt_regs *regs);
 
 extern unsigned long
@@ -271,6 +235,13 @@ extern int do_get_thread_area(struct task_struct *p, int idx,
 extern int do_set_thread_area(struct task_struct *p, int idx,
                               struct user_desc __user *info, int can_allocate);
 
+extern void x86_ptrace_untrace(struct task_struct *);
+extern void x86_ptrace_fork(struct task_struct *child,
+                            unsigned long clone_flags);
+
+#define arch_ptrace_untrace(tsk) x86_ptrace_untrace(tsk)
+#define arch_ptrace_fork(child, flags) x86_ptrace_fork(child, flags)
+
 #endif /* __KERNEL__ */
 
 #endif /* !__ASSEMBLY__ */
diff --git a/arch/x86/include/asm/setup.h b/arch/x86/include/asm/setup.h
index 294daeb3a006..4fcd53fd5f43 100644
--- a/arch/x86/include/asm/setup.h
+++ b/arch/x86/include/asm/setup.h
@@ -8,6 +8,10 @@
 /* Interrupt control for vSMPowered x86_64 systems */
 void vsmp_init(void);
 
+
+void setup_bios_corruption_check(void);
+
+
 #ifdef CONFIG_X86_VISWS
 extern void visws_early_detect(void);
 extern int is_visws_box(void);
diff --git a/arch/x86/include/asm/sigframe.h b/arch/x86/include/asm/sigframe.h
new file mode 100644
index 000000000000..4e0fe26d27d3
--- /dev/null
+++ b/arch/x86/include/asm/sigframe.h
@@ -0,0 +1,70 @@
+#ifndef _ASM_X86_SIGFRAME_H
+#define _ASM_X86_SIGFRAME_H
+
+#include <asm/sigcontext.h>
+#include <asm/siginfo.h>
+#include <asm/ucontext.h>
+
+#ifdef CONFIG_X86_32
+#define sigframe_ia32           sigframe
+#define rt_sigframe_ia32        rt_sigframe
+#define sigcontext_ia32         sigcontext
+#define _fpstate_ia32           _fpstate
+#define ucontext_ia32           ucontext
+#else /* !CONFIG_X86_32 */
+
+#ifdef CONFIG_IA32_EMULATION
+#include <asm/ia32.h>
+#endif /* CONFIG_IA32_EMULATION */
+
+#endif /* CONFIG_X86_32 */
+
+#if defined(CONFIG_X86_32) || defined(CONFIG_IA32_EMULATION)
+struct sigframe_ia32 {
+        u32 pretcode;
+        int sig;
+        struct sigcontext_ia32 sc;
+        /*
+         * fpstate is unused. fpstate is moved/allocated after
+         * retcode[] below. This movement allows to have the FP state and the
+         * future state extensions (xsave) stay together.
+         * And at the same time retaining the unused fpstate, prevents changing
+         * the offset of extramask[] in the sigframe and thus prevent any
+         * legacy application accessing/modifying it.
+         */
+        struct _fpstate_ia32 fpstate_unused;
+#ifdef CONFIG_IA32_EMULATION
+        unsigned int extramask[_COMPAT_NSIG_WORDS-1];
+#else /* !CONFIG_IA32_EMULATION */
+        unsigned long extramask[_NSIG_WORDS-1];
+#endif /* CONFIG_IA32_EMULATION */
+        char retcode[8];
+        /* fp state follows here */
+};
+
+struct rt_sigframe_ia32 {
+        u32 pretcode;
+        int sig;
+        u32 pinfo;
+        u32 puc;
+#ifdef CONFIG_IA32_EMULATION
+        compat_siginfo_t info;
+#else /* !CONFIG_IA32_EMULATION */
+        struct siginfo info;
+#endif /* CONFIG_IA32_EMULATION */
+        struct ucontext_ia32 uc;
+        char retcode[8];
+        /* fp state follows here */
+};
+#endif /* defined(CONFIG_X86_32) || defined(CONFIG_IA32_EMULATION) */
+
+#ifdef CONFIG_X86_64
+struct rt_sigframe {
+        char __user *pretcode;
+        struct ucontext uc;
+        struct siginfo info;
+        /* fp state follows here */
+};
+#endif /* CONFIG_X86_64 */
+
+#endif /* _ASM_X86_SIGFRAME_H */
diff --git a/arch/x86/include/asm/signal.h b/arch/x86/include/asm/signal.h
index 96ac44f275da..7761a5d554bb 100644
--- a/arch/x86/include/asm/signal.h
+++ b/arch/x86/include/asm/signal.h
@@ -121,6 +121,10 @@ typedef unsigned long sigset_t;
 
 #ifndef __ASSEMBLY__
 
+# ifdef __KERNEL__
+extern void do_notify_resume(struct pt_regs *, void *, __u32);
+# endif /* __KERNEL__ */
+
 #ifdef __i386__
 # ifdef __KERNEL__
 struct old_sigaction {
@@ -141,8 +145,6 @@ struct k_sigaction {
         struct sigaction sa;
 };
 
-extern void do_notify_resume(struct pt_regs *, void *, __u32);
-
 # else /* __KERNEL__ */
 /* Here we must cater to libcs that poke about in kernel headers.  */
 
diff --git a/arch/x86/include/asm/sparsemem.h b/arch/x86/include/asm/sparsemem.h
index be44f7dab395..e3cc3c063ec5 100644
--- a/arch/x86/include/asm/sparsemem.h
+++ b/arch/x86/include/asm/sparsemem.h
@@ -27,7 +27,7 @@
 #else /* CONFIG_X86_32 */
 # define SECTION_SIZE_BITS      27 /* matt - 128 is convenient right now */
 # define MAX_PHYSADDR_BITS      44
-# define MAX_PHYSMEM_BITS       44
+# define MAX_PHYSMEM_BITS       44 /* Can be max 45 bits */
 #endif
 
 #endif /* CONFIG_SPARSEMEM */
diff --git a/arch/x86/include/asm/syscalls.h b/arch/x86/include/asm/syscalls.h
index 87803da44010..9c6797c3e56c 100644
--- a/arch/x86/include/asm/syscalls.h
+++ b/arch/x86/include/asm/syscalls.h
@@ -19,6 +19,13 @@
 /* kernel/ioport.c */
 asmlinkage long sys_ioperm(unsigned long, unsigned long, int);
 
+/* kernel/ldt.c */
+asmlinkage int sys_modify_ldt(int, void __user *, unsigned long);
+
+/* kernel/tls.c */
+asmlinkage int sys_set_thread_area(struct user_desc __user *);
+asmlinkage int sys_get_thread_area(struct user_desc __user *);
+
 /* X86_32 only */
 #ifdef CONFIG_X86_32
 /* kernel/process_32.c */
@@ -33,14 +40,11 @@ asmlinkage int sys_sigaction(int, const struct old_sigaction __user *,
                              struct old_sigaction __user *);
 asmlinkage int sys_sigaltstack(unsigned long);
 asmlinkage unsigned long sys_sigreturn(unsigned long);
-asmlinkage int sys_rt_sigreturn(unsigned long);
+asmlinkage int sys_rt_sigreturn(struct pt_regs);
 
 /* kernel/ioport.c */
 asmlinkage long sys_iopl(unsigned long);
 
-/* kernel/ldt.c */
-asmlinkage int sys_modify_ldt(int, void __user *, unsigned long);
-
 /* kernel/sys_i386_32.c */
 asmlinkage long sys_mmap2(unsigned long, unsigned long, unsigned long,
                           unsigned long, unsigned long, unsigned long);
@@ -54,10 +58,6 @@ asmlinkage int sys_uname(struct old_utsname __user *);
 struct oldold_utsname;
 asmlinkage int sys_olduname(struct oldold_utsname __user *);
 
-/* kernel/tls.c */
-asmlinkage int sys_set_thread_area(struct user_desc __user *);
-asmlinkage int sys_get_thread_area(struct user_desc __user *);
-
 /* kernel/vm86_32.c */
 asmlinkage int sys_vm86old(struct pt_regs);
 asmlinkage int sys_vm86(struct pt_regs);
diff --git a/arch/x86/include/asm/system.h b/arch/x86/include/asm/system.h
index 07c3e4048991..8e626ea33a1a 100644
--- a/arch/x86/include/asm/system.h
+++ b/arch/x86/include/asm/system.h
@@ -17,12 +17,12 @@
 # define AT_VECTOR_SIZE_ARCH 1
 #endif
 
-#ifdef CONFIG_X86_32
-
 struct task_struct; /* one of the stranger aspects of C forward declarations */
 struct task_struct *__switch_to(struct task_struct *prev,
                                 struct task_struct *next);
 
+#ifdef CONFIG_X86_32
+
 /*
  * Saving eflags is important. It switches not only IOPL between tasks,
  * it also protects other tasks from NT leaking through sysenter etc.
diff --git a/arch/x86/include/asm/thread_info.h b/arch/x86/include/asm/thread_info.h
index 0921b4018c11..98789647baa9 100644
--- a/arch/x86/include/asm/thread_info.h
+++ b/arch/x86/include/asm/thread_info.h
@@ -26,7 +26,7 @@ struct exec_domain;
 struct thread_info {
         struct task_struct      *task;          /* main task structure */
         struct exec_domain      *exec_domain;   /* execution domain */
-        unsigned long           flags;          /* low level flags */
+        __u32                   flags;          /* low level flags */
         __u32                   status;         /* thread synchronous flags */
         __u32                   cpu;            /* current CPU */
         int                     preempt_count;  /* 0 => preemptable,
@@ -93,7 +93,6 @@ struct thread_info {
 #define TIF_FORCED_TF           24      /* true if TF in eflags artificially */
 #define TIF_DEBUGCTLMSR         25      /* uses thread_struct.debugctlmsr */
 #define TIF_DS_AREA_MSR         26      /* uses thread_struct.ds_area_msr */
-#define TIF_BTS_TRACE_TS        27      /* record scheduling event timestamps */
 
 #define _TIF_SYSCALL_TRACE      (1 << TIF_SYSCALL_TRACE)
 #define _TIF_NOTIFY_RESUME      (1 << TIF_NOTIFY_RESUME)
@@ -115,7 +114,6 @@ struct thread_info {
 #define _TIF_FORCED_TF          (1 << TIF_FORCED_TF)
 #define _TIF_DEBUGCTLMSR        (1 << TIF_DEBUGCTLMSR)
 #define _TIF_DS_AREA_MSR        (1 << TIF_DS_AREA_MSR)
-#define _TIF_BTS_TRACE_TS       (1 << TIF_BTS_TRACE_TS)
 
 /* work to do in syscall_trace_enter() */
 #define _TIF_WORK_SYSCALL_ENTRY \
@@ -141,8 +139,7 @@ struct thread_info {
 
 /* flags to check in __switch_to() */
 #define _TIF_WORK_CTXSW                                                 \
-        (_TIF_IO_BITMAP|_TIF_DEBUGCTLMSR|_TIF_DS_AREA_MSR|_TIF_BTS_TRACE_TS| \
-                                                                _TIF_NOTSC)
+        (_TIF_IO_BITMAP|_TIF_DEBUGCTLMSR|_TIF_DS_AREA_MSR|_TIF_NOTSC)
 
 #define _TIF_WORK_CTXSW_PREV _TIF_WORK_CTXSW
 #define _TIF_WORK_CTXSW_NEXT (_TIF_WORK_CTXSW|_TIF_DEBUG)
diff --git a/arch/x86/include/asm/topology.h b/arch/x86/include/asm/topology.h
index 79e31e9dcdda..4e2f2e0aab27 100644
--- a/arch/x86/include/asm/topology.h
+++ b/arch/x86/include/asm/topology.h
@@ -61,13 +61,19 @@ static inline int cpu_to_node(int cpu)
  *
  * Side note: this function creates the returned cpumask on the stack
  * so with a high NR_CPUS count, excessive stack space is used.  The
- * node_to_cpumask_ptr function should be used whenever possible.
+ * cpumask_of_node function should be used whenever possible.
  */
 static inline cpumask_t node_to_cpumask(int node)
 {
         return node_to_cpumask_map[node];
 }
 
+/* Returns a bitmask of CPUs on Node 'node'. */
+static inline const struct cpumask *cpumask_of_node(int node)
+{
+        return &node_to_cpumask_map[node];
+}
+
 #else /* CONFIG_X86_64 */
 
 /* Mappings between node number and cpus on that node. */
@@ -82,7 +88,7 @@ DECLARE_EARLY_PER_CPU(int, x86_cpu_to_node_map);
 #ifdef CONFIG_DEBUG_PER_CPU_MAPS
 extern int cpu_to_node(int cpu);
 extern int early_cpu_to_node(int cpu);
-extern const cpumask_t *_node_to_cpumask_ptr(int node);
+extern const cpumask_t *cpumask_of_node(int node);
 extern cpumask_t node_to_cpumask(int node);
 
 #else   /* !CONFIG_DEBUG_PER_CPU_MAPS */
@@ -103,7 +109,7 @@ static inline int early_cpu_to_node(int cpu)
 }
 
 /* Returns a pointer to the cpumask of CPUs on Node 'node'. */
-static inline const cpumask_t *_node_to_cpumask_ptr(int node)
+static inline const cpumask_t *cpumask_of_node(int node)
 {
         return &node_to_cpumask_map[node];
 }
@@ -116,12 +122,15 @@ static inline cpumask_t node_to_cpumask(int node)
 
 #endif /* !CONFIG_DEBUG_PER_CPU_MAPS */
 
-/* Replace default node_to_cpumask_ptr with optimized version */
+/*
+ * Replace default node_to_cpumask_ptr with optimized version
+ * Deprecated: use "const struct cpumask *mask = cpumask_of_node(node)"
+ */
 #define node_to_cpumask_ptr(v, node)            \
-                const cpumask_t *v = _node_to_cpumask_ptr(node)
+                const cpumask_t *v = cpumask_of_node(node)
 
 #define node_to_cpumask_ptr_next(v, node)       \
-                           v = _node_to_cpumask_ptr(node)
+                           v = cpumask_of_node(node)
 
 #endif /* CONFIG_X86_64 */
 
@@ -187,7 +196,7 @@ extern int __node_distance(int, int);
 #define cpu_to_node(cpu)        0
 #define early_cpu_to_node(cpu)  0
 
-static inline const cpumask_t *_node_to_cpumask_ptr(int node)
+static inline const cpumask_t *cpumask_of_node(int node)
 {
         return &cpu_online_map;
 }
@@ -200,12 +209,15 @@ static inline int node_to_first_cpu(int node)
         return first_cpu(cpu_online_map);
 }
 
-/* Replace default node_to_cpumask_ptr with optimized version */
+/*
+ * Replace default node_to_cpumask_ptr with optimized version
+ * Deprecated: use "const struct cpumask *mask = cpumask_of_node(node)"
+ */
 #define node_to_cpumask_ptr(v, node)            \
-                const cpumask_t *v = _node_to_cpumask_ptr(node)
+                const cpumask_t *v = cpumask_of_node(node)
 
 #define node_to_cpumask_ptr_next(v, node)       \
-                           v = _node_to_cpumask_ptr(node)
+                           v = cpumask_of_node(node)
 #endif
 
 #include <asm-generic/topology.h>
@@ -214,12 +226,12 @@ static inline int node_to_first_cpu(int node)
 /* Returns the number of the first CPU on Node 'node'. */
 static inline int node_to_first_cpu(int node)
 {
-        node_to_cpumask_ptr(mask, node);
-        return first_cpu(*mask);
+        return cpumask_first(cpumask_of_node(node));
 }
 #endif
 
 extern cpumask_t cpu_coregroup_map(int cpu);
+extern const struct cpumask *cpu_coregroup_mask(int cpu);
 
 #ifdef ENABLE_TOPO_DEFINES
 #define topology_physical_package_id(cpu)       (cpu_data(cpu).phys_proc_id)
diff --git a/arch/x86/include/asm/trampoline.h b/arch/x86/include/asm/trampoline.h
index fa0d79facdbc..780ba0ab94f9 100644
--- a/arch/x86/include/asm/trampoline.h
+++ b/arch/x86/include/asm/trampoline.h
@@ -3,6 +3,7 @@
 
 #ifndef __ASSEMBLY__
 
+#ifdef CONFIG_X86_TRAMPOLINE
 /*
  * Trampoline 80x86 program as an array.
  */
@@ -13,8 +14,14 @@ extern unsigned char *trampoline_base;
 extern unsigned long init_rsp;
 extern unsigned long initial_code;
 
+#define TRAMPOLINE_SIZE roundup(trampoline_end - trampoline_data, PAGE_SIZE)
 #define TRAMPOLINE_BASE 0x6000
+
 extern unsigned long setup_trampoline(void);
+extern void __init reserve_trampoline_memory(void);
+#else
+static inline void reserve_trampoline_memory(void) {};
+#endif /* CONFIG_X86_TRAMPOLINE */
 
 #endif /* __ASSEMBLY__ */
 
diff --git a/arch/x86/include/asm/traps.h b/arch/x86/include/asm/traps.h
index 45dee286e45c..2ee0a3bceedf 100644
--- a/arch/x86/include/asm/traps.h
+++ b/arch/x86/include/asm/traps.h
@@ -46,6 +46,10 @@ dotraplinkage void do_coprocessor_segment_overrun(struct pt_regs *, long);
 dotraplinkage void do_invalid_TSS(struct pt_regs *, long);
 dotraplinkage void do_segment_not_present(struct pt_regs *, long);
 dotraplinkage void do_stack_segment(struct pt_regs *, long);
+#ifdef CONFIG_X86_64
+dotraplinkage void do_double_fault(struct pt_regs *, long);
+asmlinkage __kprobes struct pt_regs *sync_regs(struct pt_regs *);
+#endif
 dotraplinkage void do_general_protection(struct pt_regs *, long);
 dotraplinkage void do_page_fault(struct pt_regs *, unsigned long);
 dotraplinkage void do_spurious_interrupt_bug(struct pt_regs *, long);
@@ -72,10 +76,13 @@ static inline int get_si_code(unsigned long condition)
 extern int panic_on_unrecovered_nmi;
 extern int kstack_depth_to_print;
 
-#ifdef CONFIG_X86_32
 void math_error(void __user *);
-unsigned long patch_espfix_desc(unsigned long, unsigned long);
 asmlinkage void math_emulate(long);
+#ifdef CONFIG_X86_32
+unsigned long patch_espfix_desc(unsigned long, unsigned long);
+#else
+asmlinkage void smp_thermal_interrupt(void);
+asmlinkage void mce_threshold_interrupt(void);
 #endif
 
 #endif /* _ASM_X86_TRAPS_H */
diff --git a/arch/x86/include/asm/tsc.h b/arch/x86/include/asm/tsc.h
index 9cd83a8e40d5..38ae163cc91b 100644
--- a/arch/x86/include/asm/tsc.h
+++ b/arch/x86/include/asm/tsc.h
@@ -34,8 +34,6 @@ static inline cycles_t get_cycles(void)
 
 static __always_inline cycles_t vget_cycles(void)
 {
-        cycles_t cycles;
-
         /*
          * We only do VDSOs on TSC capable CPUs, so this shouldnt
          * access boot_cpu_data (which is not VDSO-safe):
@@ -44,11 +42,7 @@ static __always_inline cycles_t vget_cycles(void)
         if (!cpu_has_tsc)
                 return 0;
 #endif
-        rdtsc_barrier();
-        cycles = (cycles_t)__native_read_tsc();
-        rdtsc_barrier();
-
-        return cycles;
+        return (cycles_t)__native_read_tsc();
 }
 
 extern void tsc_init(void);
diff --git a/arch/x86/include/asm/uaccess.h b/arch/x86/include/asm/uaccess.h
index 99192bb55a53..4340055b7559 100644
--- a/arch/x86/include/asm/uaccess.h
+++ b/arch/x86/include/asm/uaccess.h
@@ -352,14 +352,14 @@ do {									\
 
 #define __put_user_nocheck(x, ptr, size)                        \
 ({                                                              \
-        long __pu_err;                                          \
+        int __pu_err;                                           \
         __put_user_size((x), (ptr), (size), __pu_err, -EFAULT); \
         __pu_err;                                               \
 })
 
 #define __get_user_nocheck(x, ptr, size)                                \
 ({                                                                      \
-        long __gu_err;                                                  \
+        int __gu_err;                                                   \
         unsigned long __gu_val;                                         \
         __get_user_size(__gu_val, (ptr), (size), __gu_err, -EFAULT);    \
         (x) = (__force __typeof__(*(ptr)))__gu_val;                     \
diff --git a/arch/x86/include/asm/uv/bios.h b/arch/x86/include/asm/uv/bios.h
index d931d3b7e6f7..7ed17ff502b9 100644
--- a/arch/x86/include/asm/uv/bios.h
+++ b/arch/x86/include/asm/uv/bios.h
@@ -32,13 +32,18 @@
 enum uv_bios_cmd {
         UV_BIOS_COMMON,
         UV_BIOS_GET_SN_INFO,
-        UV_BIOS_FREQ_BASE
+        UV_BIOS_FREQ_BASE,
+        UV_BIOS_WATCHLIST_ALLOC,
+        UV_BIOS_WATCHLIST_FREE,
+        UV_BIOS_MEMPROTECT,
+        UV_BIOS_GET_PARTITION_ADDR
 };
 
 /*
  * Status values returned from a BIOS call.
  */
 enum {
+        BIOS_STATUS_MORE_PASSES         =  1,
         BIOS_STATUS_SUCCESS             =  0,
         BIOS_STATUS_UNIMPLEMENTED       = -ENOSYS,
         BIOS_STATUS_EINVAL              = -EINVAL,
@@ -71,6 +76,21 @@ union partition_info_u {
         };
 };
 
+union uv_watchlist_u {
+        u64     val;
+        struct {
+                u64     blade   : 16,
+                        size    : 32,
+                        filler  : 16;
+        };
+};
+
+enum uv_memprotect {
+        UV_MEMPROT_RESTRICT_ACCESS,
+        UV_MEMPROT_ALLOW_AMO,
+        UV_MEMPROT_ALLOW_RW
+};
+
 /*
  * bios calls have 6 parameters
  */
@@ -80,14 +100,20 @@ extern s64 uv_bios_call_reentrant(enum uv_bios_cmd, u64, u64, u64, u64, u64);
 
 extern s64 uv_bios_get_sn_info(int, int *, long *, long *, long *);
 extern s64 uv_bios_freq_base(u64, u64 *);
+extern int uv_bios_mq_watchlist_alloc(int, unsigned long, unsigned int,
+                                        unsigned long *);
+extern int uv_bios_mq_watchlist_free(int, int);
+extern s64 uv_bios_change_memprotect(u64, u64, enum uv_memprotect);
+extern s64 uv_bios_reserved_page_pa(u64, u64 *, u64 *, u64 *);
 
 extern void uv_bios_init(void);
 
+extern unsigned long sn_rtc_cycles_per_second;
 extern int uv_type;
 extern long sn_partition_id;
-extern long uv_coherency_id;
-extern long uv_region_size;
-#define partition_coherence_id()        (uv_coherency_id)
+extern long sn_coherency_id;
+extern long sn_region_size;
+#define partition_coherence_id()        (sn_coherency_id)
 
 extern struct kobject *sgi_uv_kobj;     /* /sys/firmware/sgi_uv */
 
diff --git a/arch/x86/include/asm/uv/uv_hub.h b/arch/x86/include/asm/uv/uv_hub.h
index 7a5782610b2b..777327ef05c1 100644
--- a/arch/x86/include/asm/uv/uv_hub.h
+++ b/arch/x86/include/asm/uv/uv_hub.h
@@ -113,25 +113,37 @@
  */
 #define UV_MAX_NASID_VALUE      (UV_MAX_NUMALINK_NODES * 2)
 
+struct uv_scir_s {
+        struct timer_list timer;
+        unsigned long   offset;
+        unsigned long   last;
+        unsigned long   idle_on;
+        unsigned long   idle_off;
+        unsigned char   state;
+        unsigned char   enabled;
+};
+
 /*
  * The following defines attributes of the HUB chip. These attributes are
  * frequently referenced and are kept in the per-cpu data areas of each cpu.
  * They are kept together in a struct to minimize cache misses.
  */
 struct uv_hub_info_s {
-        unsigned long   global_mmr_base;
-        unsigned long   gpa_mask;
-        unsigned long   gnode_upper;
-        unsigned long   lowmem_remap_top;
-        unsigned long   lowmem_remap_base;
-        unsigned short  pnode;
-        unsigned short  pnode_mask;
-        unsigned short  coherency_domain_number;
-        unsigned short  numa_blade_id;
-        unsigned char   blade_processor_id;
-        unsigned char   m_val;
-        unsigned char   n_val;
+        unsigned long           global_mmr_base;
+        unsigned long           gpa_mask;
+        unsigned long           gnode_upper;
+        unsigned long           lowmem_remap_top;
+        unsigned long           lowmem_remap_base;
+        unsigned short          pnode;
+        unsigned short          pnode_mask;
+        unsigned short          coherency_domain_number;
+        unsigned short          numa_blade_id;
+        unsigned char           blade_processor_id;
+        unsigned char           m_val;
+        unsigned char           n_val;
+        struct uv_scir_s        scir;
 };
+
 DECLARE_PER_CPU(struct uv_hub_info_s, __uv_hub_info);
 #define uv_hub_info             (&__get_cpu_var(__uv_hub_info))
 #define uv_cpu_hub_info(cpu)    (&per_cpu(__uv_hub_info, cpu))
@@ -163,6 +175,30 @@ DECLARE_PER_CPU(struct uv_hub_info_s, __uv_hub_info);
 
 #define UV_APIC_PNODE_SHIFT     6
 
+/* Local Bus from cpu's perspective */
+#define LOCAL_BUS_BASE          0x1c00000
+#define LOCAL_BUS_SIZE          (4 * 1024 * 1024)
+
+/*
+ * System Controller Interface Reg
+ *
+ * Note there are NO leds on a UV system.  This register is only
+ * used by the system controller to monitor system-wide operation.
+ * There are 64 regs per node.  With Nahelem cpus (2 cores per node,
+ * 8 cpus per core, 2 threads per cpu) there are 32 cpu threads on
+ * a node.
+ *
+ * The window is located at top of ACPI MMR space
+ */
+#define SCIR_WINDOW_COUNT       64
+#define SCIR_LOCAL_MMR_BASE     (LOCAL_BUS_BASE + \
+                                 LOCAL_BUS_SIZE - \
+                                 SCIR_WINDOW_COUNT)
+
+#define SCIR_CPU_HEARTBEAT      0x01    /* timer interrupt */
+#define SCIR_CPU_ACTIVITY       0x02    /* not idle */
+#define SCIR_CPU_HB_INTERVAL    (HZ)    /* once per second */
+
 /*
  * Macros for converting between kernel virtual addresses, socket local physical
  * addresses, and UV global physical addresses.
@@ -174,7 +210,7 @@ DECLARE_PER_CPU(struct uv_hub_info_s, __uv_hub_info);
 static inline unsigned long uv_soc_phys_ram_to_gpa(unsigned long paddr)
 {
         if (paddr < uv_hub_info->lowmem_remap_top)
-                paddr += uv_hub_info->lowmem_remap_base;
+                paddr |= uv_hub_info->lowmem_remap_base;
         return paddr | uv_hub_info->gnode_upper;
 }
 
@@ -182,19 +218,7 @@ static inline unsigned long uv_soc_phys_ram_to_gpa(unsigned long paddr)
 /* socket virtual --> UV global physical address */
 static inline unsigned long uv_gpa(void *v)
 {
-        return __pa(v) | uv_hub_info->gnode_upper;
-}
-
-/* socket virtual --> UV global physical address */
-static inline void *uv_vgpa(void *v)
-{
-        return (void *)uv_gpa(v);
-}
-
-/* UV global physical address --> socket virtual */
-static inline void *uv_va(unsigned long gpa)
-{
-        return __va(gpa & uv_hub_info->gpa_mask);
+        return uv_soc_phys_ram_to_gpa(__pa(v));
 }
 
 /* pnode, offset --> socket virtual */
@@ -277,6 +301,16 @@ static inline void uv_write_local_mmr(unsigned long offset, unsigned long val)
         *uv_local_mmr_address(offset) = val;
 }
 
+static inline unsigned char uv_read_local_mmr8(unsigned long offset)
+{
+        return *((unsigned char *)uv_local_mmr_address(offset));
+}
+
+static inline void uv_write_local_mmr8(unsigned long offset, unsigned char val)
+{
+        *((unsigned char *)uv_local_mmr_address(offset)) = val;
+}
+
 /*
  * Structures and definitions for converting between cpu, node, pnode, and blade
  * numbers.
@@ -351,5 +385,20 @@ static inline int uv_num_possible_blades(void)
         return uv_possible_blades;
 }
 
-#endif /* _ASM_X86_UV_UV_HUB_H */
+/* Update SCIR state */
+static inline void uv_set_scir_bits(unsigned char value)
+{
+        if (uv_hub_info->scir.state != value) {
+                uv_hub_info->scir.state = value;
+                uv_write_local_mmr8(uv_hub_info->scir.offset, value);
+        }
+}
+static inline void uv_set_cpu_scir_bits(int cpu, unsigned char value)
+{
+        if (uv_cpu_hub_info(cpu)->scir.state != value) {
+                uv_cpu_hub_info(cpu)->scir.state = value;
+                uv_write_local_mmr8(uv_cpu_hub_info(cpu)->scir.offset, value);
+        }
+}
 
+#endif /* _ASM_X86_UV_UV_HUB_H */
diff --git a/arch/x86/include/asm/vmware.h b/arch/x86/include/asm/vmware.h
new file mode 100644
index 000000000000..c11b7e100d83
--- /dev/null
+++ b/arch/x86/include/asm/vmware.h
@@ -0,0 +1,27 @@
+/*
+ * Copyright (C) 2008, VMware, Inc.
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE, GOOD TITLE or
+ * NON INFRINGEMENT.  See the GNU General Public License for more
+ * details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ */
+#ifndef ASM_X86__VMWARE_H
+#define ASM_X86__VMWARE_H
+
+extern unsigned long vmware_get_tsc_khz(void);
+extern int vmware_platform(void);
+extern void vmware_set_feature_bits(struct cpuinfo_x86 *c);
+
+#endif
diff --git a/arch/x86/include/asm/xen/hypercall.h b/arch/x86/include/asm/xen/hypercall.h
index 3f6000d95fe2..5e79ca694326 100644
--- a/arch/x86/include/asm/xen/hypercall.h
+++ b/arch/x86/include/asm/xen/hypercall.h
@@ -33,8 +33,14 @@
 #ifndef _ASM_X86_XEN_HYPERCALL_H
 #define _ASM_X86_XEN_HYPERCALL_H
 
+#include <linux/kernel.h>
+#include <linux/spinlock.h>
 #include <linux/errno.h>
 #include <linux/string.h>
+#include <linux/types.h>
+
+#include <asm/page.h>
+#include <asm/pgtable.h>
 
 #include <xen/interface/xen.h>
 #include <xen/interface/sched.h>
diff --git a/arch/x86/include/asm/xen/hypervisor.h b/arch/x86/include/asm/xen/hypervisor.h
index a38d25ac87d2..81fbd735aec4 100644
--- a/arch/x86/include/asm/xen/hypervisor.h
+++ b/arch/x86/include/asm/xen/hypervisor.h
@@ -33,39 +33,10 @@
 #ifndef _ASM_X86_XEN_HYPERVISOR_H
 #define _ASM_X86_XEN_HYPERVISOR_H
 
-#include <linux/types.h>
-#include <linux/kernel.h>
-
-#include <xen/interface/xen.h>
-#include <xen/interface/version.h>
-
-#include <asm/ptrace.h>
-#include <asm/page.h>
-#include <asm/desc.h>
-#if defined(__i386__)
-#  ifdef CONFIG_X86_PAE
-#   include <asm-generic/pgtable-nopud.h>
-#  else
-#   include <asm-generic/pgtable-nopmd.h>
-#  endif
-#endif
-#include <asm/xen/hypercall.h>
-
 /* arch/i386/kernel/setup.c */
 extern struct shared_info *HYPERVISOR_shared_info;
 extern struct start_info *xen_start_info;
 
-/* arch/i386/mach-xen/evtchn.c */
-/* Force a proper event-channel callback from Xen. */
-extern void force_evtchn_callback(void);
-
-/* Turn jiffies into Xen system time. */
-u64 jiffies_to_st(unsigned long jiffies);
-
-
-#define MULTI_UVMFLAGS_INDEX 3
-#define MULTI_UVMDOMID_INDEX 4
-
 enum xen_domain_type {
         XEN_NATIVE,
         XEN_PV_DOMAIN,
@@ -74,9 +45,15 @@ enum xen_domain_type {
 
 extern enum xen_domain_type xen_domain_type;
 
+#ifdef CONFIG_XEN
 #define xen_domain()            (xen_domain_type != XEN_NATIVE)
-#define xen_pv_domain()         (xen_domain_type == XEN_PV_DOMAIN)
+#else
+#define xen_domain()            (0)
+#endif
+
+#define xen_pv_domain()         (xen_domain() && xen_domain_type == XEN_PV_DOMAIN)
+#define xen_hvm_domain()        (xen_domain() && xen_domain_type == XEN_HVM_DOMAIN)
+
 #define xen_initial_domain()    (xen_pv_domain() && xen_start_info->flags & SIF_INITDOMAIN)
-#define xen_hvm_domain()        (xen_domain_type == XEN_HVM_DOMAIN)
 
 #endif /* _ASM_X86_XEN_HYPERVISOR_H */
diff --git a/arch/x86/include/asm/xen/page.h b/arch/x86/include/asm/xen/page.h
index bc628998a1b9..7ef617ef1df3 100644
--- a/arch/x86/include/asm/xen/page.h
+++ b/arch/x86/include/asm/xen/page.h
@@ -1,11 +1,16 @@
 #ifndef _ASM_X86_XEN_PAGE_H
 #define _ASM_X86_XEN_PAGE_H
 
+#include <linux/kernel.h>
+#include <linux/types.h>
+#include <linux/spinlock.h>
 #include <linux/pfn.h>
 
 #include <asm/uaccess.h>
+#include <asm/page.h>
 #include <asm/pgtable.h>
 
+#include <xen/interface/xen.h>
 #include <xen/features.h>
 
 /* Xen machine address */
diff --git a/arch/x86/kernel/Makefile b/arch/x86/kernel/Makefile
index 1cad9318d217..d364df03c1d6 100644
--- a/arch/x86/kernel/Makefile
+++ b/arch/x86/kernel/Makefile
@@ -12,6 +12,7 @@ CFLAGS_REMOVE_tsc.o = -pg
 CFLAGS_REMOVE_rtc.o = -pg
 CFLAGS_REMOVE_paravirt-spinlocks.o = -pg
 CFLAGS_REMOVE_ftrace.o = -pg
+CFLAGS_REMOVE_early_printk.o = -pg
 endif
 
 #
@@ -23,7 +24,7 @@ CFLAGS_vsyscall_64.o	:= $(PROFILING) -g0 $(nostackp)
 CFLAGS_hpet.o           := $(nostackp)
 CFLAGS_tsc.o            := $(nostackp)
 
-obj-y                   := process_$(BITS).o signal_$(BITS).o entry_$(BITS).o
+obj-y                   := process_$(BITS).o signal.o entry_$(BITS).o
 obj-y                   += traps.o irq.o irq_$(BITS).o dumpstack_$(BITS).o
 obj-y                   += time_$(BITS).o ioport.o ldt.o dumpstack.o
 obj-y                   += setup.o i8259.o irqinit_$(BITS).o setup_percpu.o
@@ -106,6 +107,10 @@ microcode-$(CONFIG_MICROCODE_INTEL)	+= microcode_intel.o
 microcode-$(CONFIG_MICROCODE_AMD)       += microcode_amd.o
 obj-$(CONFIG_MICROCODE)                 += microcode.o
 
+obj-$(CONFIG_X86_CHECK_BIOS_CORRUPTION) += check.o
+
+obj-$(CONFIG_SWIOTLB)                   += pci-swiotlb_64.o # NB rename without _64
+
 ###
 # 64 bit specific files
 ifeq ($(CONFIG_X86_64),y)
@@ -119,7 +124,6 @@ ifeq ($(CONFIG_X86_64),y)
         obj-$(CONFIG_GART_IOMMU)        += pci-gart_64.o aperture_64.o
         obj-$(CONFIG_CALGARY_IOMMU)     += pci-calgary_64.o tce_64.o
         obj-$(CONFIG_AMD_IOMMU)         += amd_iommu_init.o amd_iommu.o
-        obj-$(CONFIG_SWIOTLB)           += pci-swiotlb_64.o
 
         obj-$(CONFIG_PCI_MMCONFIG)      += mmconf-fam10h_64.o
 endif
diff --git a/arch/x86/kernel/amd_iommu.c b/arch/x86/kernel/amd_iommu.c
index a7b6dec6fc3f..2e2da717b350 100644
--- a/arch/x86/kernel/amd_iommu.c
+++ b/arch/x86/kernel/amd_iommu.c
@@ -24,6 +24,7 @@
 #include <linux/iommu-helper.h>
 #include <asm/proto.h>
 #include <asm/iommu.h>
+#include <asm/gart.h>
 #include <asm/amd_iommu_types.h>
 #include <asm/amd_iommu.h>
 
@@ -235,8 +236,9 @@ static int iommu_completion_wait(struct amd_iommu *iommu)
         status &= ~MMIO_STATUS_COM_WAIT_INT_MASK;
         writel(status, iommu->mmio_base + MMIO_STATUS_OFFSET);
 
-        if (unlikely((i == EXIT_LOOP_COUNT) && printk_ratelimit()))
-                printk(KERN_WARNING "AMD IOMMU: Completion wait loop failed\n");
+        if (unlikely(i == EXIT_LOOP_COUNT))
+                panic("AMD IOMMU: Completion wait loop failed\n");
+
 out:
         spin_unlock_irqrestore(&iommu->lock, flags);
 
diff --git a/arch/x86/kernel/amd_iommu_init.c b/arch/x86/kernel/amd_iommu_init.c
index 30ae2701b3df..c625800c55ca 100644
--- a/arch/x86/kernel/amd_iommu_init.c
+++ b/arch/x86/kernel/amd_iommu_init.c
@@ -28,6 +28,7 @@
 #include <asm/amd_iommu_types.h>
 #include <asm/amd_iommu.h>
 #include <asm/iommu.h>
+#include <asm/gart.h>
 
 /*
  * definitions for the ACPI scanning code
@@ -427,6 +428,10 @@ static u8 * __init alloc_command_buffer(struct amd_iommu *iommu)
         memcpy_toio(iommu->mmio_base + MMIO_CMD_BUF_OFFSET,
                         &entry, sizeof(entry));
 
+        /* set head and tail to zero manually */
+        writel(0x00, iommu->mmio_base + MMIO_CMD_HEAD_OFFSET);
+        writel(0x00, iommu->mmio_base + MMIO_CMD_TAIL_OFFSET);
+
         iommu_feature_enable(iommu, CONTROL_CMDBUF_EN);
 
         return cmd_buf;
@@ -1074,7 +1079,8 @@ int __init amd_iommu_init(void)
                 goto free;
 
         /* IOMMU rlookup table - find the IOMMU for a specific device */
-        amd_iommu_rlookup_table = (void *)__get_free_pages(GFP_KERNEL,
+        amd_iommu_rlookup_table = (void *)__get_free_pages(
+                        GFP_KERNEL | __GFP_ZERO,
                         get_order(rlookup_table_size));
         if (amd_iommu_rlookup_table == NULL)
                 goto free;
diff --git a/arch/x86/kernel/aperture_64.c b/arch/x86/kernel/aperture_64.c
index 9a32b37ee2ee..676debfc1702 100644
--- a/arch/x86/kernel/aperture_64.c
+++ b/arch/x86/kernel/aperture_64.c
@@ -1,8 +1,9 @@
 /*
  * Firmware replacement code.
  *
- * Work around broken BIOSes that don't set an aperture or only set the
- * aperture in the AGP bridge.
+ * Work around broken BIOSes that don't set an aperture, only set the
+ * aperture in the AGP bridge, or set too small aperture.
+ *
  * If all fails map the aperture over some low memory.  This is cheaper than
  * doing bounce buffering. The memory is lost. This is done at early boot
  * because only the bootmem allocator can allocate 32+MB.
diff --git a/arch/x86/kernel/apic.c b/arch/x86/kernel/apic.c
index b9019271af62..6b7f824db160 100644
--- a/arch/x86/kernel/apic.c
+++ b/arch/x86/kernel/apic.c
@@ -30,6 +30,7 @@
 #include <linux/module.h>
 #include <linux/dmi.h>
 #include <linux/dmar.h>
+#include <linux/ftrace.h>
 
 #include <asm/atomic.h>
 #include <asm/smp.h>
@@ -775,11 +776,7 @@ static void local_apic_timer_interrupt(void)
         /*
          * the NMI deadlock-detector uses this.
          */
-#ifdef CONFIG_X86_64
-        add_pda(apic_timer_irqs, 1);
-#else
-        per_cpu(irq_stat, cpu).apic_timer_irqs++;
-#endif
+        inc_irq_stat(apic_timer_irqs);
 
         evt->event_handler(evt);
 }
@@ -792,7 +789,7 @@ static void local_apic_timer_interrupt(void)
  * [ if a single-CPU system runs an SMP kernel then we call the local
  *   interrupt as well. Thus we cannot inline the local irq ... ]
  */
-void smp_apic_timer_interrupt(struct pt_regs *regs)
+void __irq_entry smp_apic_timer_interrupt(struct pt_regs *regs)
 {
         struct pt_regs *old_regs = set_irq_regs(regs);
 
@@ -806,9 +803,7 @@ void smp_apic_timer_interrupt(struct pt_regs *regs)
          * Besides, if we don't timer interrupts ignore the global
          * interrupt lock, which is the WrongThing (tm) to do.
          */
-#ifdef CONFIG_X86_64
         exit_idle();
-#endif
         irq_enter();
         local_apic_timer_interrupt();
         irq_exit();
@@ -1666,9 +1661,7 @@ void smp_spurious_interrupt(struct pt_regs *regs)
 {
         u32 v;
 
-#ifdef CONFIG_X86_64
         exit_idle();
-#endif
         irq_enter();
         /*
          * Check if this really is a spurious interrupt and ACK it
@@ -1679,14 +1672,11 @@ void smp_spurious_interrupt(struct pt_regs *regs)
         if (v & (1 << (SPURIOUS_APIC_VECTOR & 0x1f)))
                 ack_APIC_irq();
 
-#ifdef CONFIG_X86_64
-        add_pda(irq_spurious_count, 1);
-#else
+        inc_irq_stat(irq_spurious_count);
+
         /* see sw-dev-man vol 3, chapter 7.4.13.5 */
         pr_info("spurious APIC interrupt on CPU#%d, "
                 "should never happen.\n", smp_processor_id());
-        __get_cpu_var(irq_stat).irq_spurious_count++;
-#endif
         irq_exit();
 }
 
@@ -1697,9 +1687,7 @@ void smp_error_interrupt(struct pt_regs *regs)
 {
         u32 v, v1;
 
-#ifdef CONFIG_X86_64
         exit_idle();
-#endif
         irq_enter();
         /* First tickle the hardware, only then report what went on. -- REW */
         v = apic_read(APIC_ESR);
diff --git a/arch/x86/kernel/asm-offsets_32.c b/arch/x86/kernel/asm-offsets_32.c
index 6649d09ad88f..ee4df08feee6 100644
--- a/arch/x86/kernel/asm-offsets_32.c
+++ b/arch/x86/kernel/asm-offsets_32.c
@@ -11,7 +11,7 @@
 #include <linux/suspend.h>
 #include <linux/kbuild.h>
 #include <asm/ucontext.h>
-#include "sigframe.h"
+#include <asm/sigframe.h>
 #include <asm/pgtable.h>
 #include <asm/fixmap.h>
 #include <asm/processor.h>
diff --git a/arch/x86/kernel/asm-offsets_64.c b/arch/x86/kernel/asm-offsets_64.c
index 7fcf63d22f8b..1d41d3f1edbc 100644
--- a/arch/x86/kernel/asm-offsets_64.c
+++ b/arch/x86/kernel/asm-offsets_64.c
@@ -20,6 +20,8 @@
 
 #include <xen/interface/xen.h>
 
+#include <asm/sigframe.h>
+
 #define __NO_STUBS 1
 #undef __SYSCALL
 #undef _ASM_X86_UNISTD_64_H
@@ -87,7 +89,7 @@ int main(void)
         BLANK();
 #undef ENTRY
         DEFINE(IA32_RT_SIGFRAME_sigcontext,
-               offsetof (struct rt_sigframe32, uc.uc_mcontext));
+               offsetof (struct rt_sigframe_ia32, uc.uc_mcontext));
         BLANK();
 #endif
         DEFINE(pbe_address, offsetof(struct pbe, address));
diff --git a/arch/x86/kernel/bios_uv.c b/arch/x86/kernel/bios_uv.c
index f0dfe6f17e7e..2a0a2a3cac26 100644
--- a/arch/x86/kernel/bios_uv.c
+++ b/arch/x86/kernel/bios_uv.c
@@ -69,10 +69,10 @@ s64 uv_bios_call_reentrant(enum uv_bios_cmd which, u64 a1, u64 a2, u64 a3,
 
 long sn_partition_id;
 EXPORT_SYMBOL_GPL(sn_partition_id);
-long uv_coherency_id;
-EXPORT_SYMBOL_GPL(uv_coherency_id);
-long uv_region_size;
-EXPORT_SYMBOL_GPL(uv_region_size);
+long sn_coherency_id;
+EXPORT_SYMBOL_GPL(sn_coherency_id);
+long sn_region_size;
+EXPORT_SYMBOL_GPL(sn_region_size);
 int uv_type;
 
 
@@ -100,6 +100,56 @@ s64 uv_bios_get_sn_info(int fc, int *uvtype, long *partid, long *coher,
         return ret;
 }
 
+int
+uv_bios_mq_watchlist_alloc(int blade, unsigned long addr, unsigned int mq_size,
+                           unsigned long *intr_mmr_offset)
+{
+        union uv_watchlist_u size_blade;
+        u64 watchlist;
+        s64 ret;
+
+        size_blade.size = mq_size;
+        size_blade.blade = blade;
+
+        /*
+         * bios returns watchlist number or negative error number.
+         */
+        ret = (int)uv_bios_call_irqsave(UV_BIOS_WATCHLIST_ALLOC, addr,
+                        size_blade.val, (u64)intr_mmr_offset,
+                        (u64)&watchlist, 0);
+        if (ret < BIOS_STATUS_SUCCESS)
+                return ret;
+
+        return watchlist;
+}
+EXPORT_SYMBOL_GPL(uv_bios_mq_watchlist_alloc);
+
+int
+uv_bios_mq_watchlist_free(int blade, int watchlist_num)
+{
+        return (int)uv_bios_call_irqsave(UV_BIOS_WATCHLIST_FREE,
+                                blade, watchlist_num, 0, 0, 0);
+}
+EXPORT_SYMBOL_GPL(uv_bios_mq_watchlist_free);
+
+s64
+uv_bios_change_memprotect(u64 paddr, u64 len, enum uv_memprotect perms)
+{
+        return uv_bios_call_irqsave(UV_BIOS_MEMPROTECT, paddr, len,
+                                        perms, 0, 0);
+}
+EXPORT_SYMBOL_GPL(uv_bios_change_memprotect);
+
+s64
+uv_bios_reserved_page_pa(u64 buf, u64 *cookie, u64 *addr, u64 *len)
+{
+        s64 ret;
+
+        ret = uv_bios_call_irqsave(UV_BIOS_GET_PARTITION_ADDR, (u64)cookie,
+                                        (u64)addr, buf, (u64)len, 0);
+        return ret;
+}
+EXPORT_SYMBOL_GPL(uv_bios_reserved_page_pa);
 
 s64 uv_bios_freq_base(u64 clock_type, u64 *ticks_per_second)
 {
diff --git a/arch/x86/kernel/check.c b/arch/x86/kernel/check.c
new file mode 100644
index 000000000000..2ac0ab71412a
--- /dev/null
+++ b/arch/x86/kernel/check.c
@@ -0,0 +1,161 @@
+#include <linux/module.h>
+#include <linux/sched.h>
+#include <linux/kthread.h>
+#include <linux/workqueue.h>
+#include <asm/e820.h>
+#include <asm/proto.h>
+
+/*
+ * Some BIOSes seem to corrupt the low 64k of memory during events
+ * like suspend/resume and unplugging an HDMI cable.  Reserve all
+ * remaining free memory in that area and fill it with a distinct
+ * pattern.
+ */
+#define MAX_SCAN_AREAS  8
+
+static int __read_mostly memory_corruption_check = -1;
+
+static unsigned __read_mostly corruption_check_size = 64*1024;
+static unsigned __read_mostly corruption_check_period = 60; /* seconds */
+
+static struct e820entry scan_areas[MAX_SCAN_AREAS];
+static int num_scan_areas;
+
+
+static __init int set_corruption_check(char *arg)
+{
+        char *end;
+
+        memory_corruption_check = simple_strtol(arg, &end, 10);
+
+        return (*end == 0) ? 0 : -EINVAL;
+}
+early_param("memory_corruption_check", set_corruption_check);
+
+static __init int set_corruption_check_period(char *arg)
+{
+        char *end;
+
+        corruption_check_period = simple_strtoul(arg, &end, 10);
+
+        return (*end == 0) ? 0 : -EINVAL;
+}
+early_param("memory_corruption_check_period", set_corruption_check_period);
+
+static __init int set_corruption_check_size(char *arg)
+{
+        char *end;
+        unsigned size;
+
+        size = memparse(arg, &end);
+
+        if (*end == '\0')
+                corruption_check_size = size;
+
+        return (size == corruption_check_size) ? 0 : -EINVAL;
+}
+early_param("memory_corruption_check_size", set_corruption_check_size);
+
+
+void __init setup_bios_corruption_check(void)
+{
+        u64 addr = PAGE_SIZE;   /* assume first page is reserved anyway */
+
+        if (memory_corruption_check == -1) {
+                memory_corruption_check =
+#ifdef CONFIG_X86_BOOTPARAM_MEMORY_CORRUPTION_CHECK
+                        1
+#else
+                        0
+#endif
+                        ;
+        }
+
+        if (corruption_check_size == 0)
+                memory_corruption_check = 0;
+
+        if (!memory_corruption_check)
+                return;
+
+        corruption_check_size = round_up(corruption_check_size, PAGE_SIZE);
+
+        while (addr < corruption_check_size && num_scan_areas < MAX_SCAN_AREAS) {
+                u64 size;
+                addr = find_e820_area_size(addr, &size, PAGE_SIZE);
+
+                if (addr == 0)
+                        break;
+
+                if ((addr + size) > corruption_check_size)
+                        size = corruption_check_size - addr;
+
+                if (size == 0)
+                        break;
+
+                e820_update_range(addr, size, E820_RAM, E820_RESERVED);
+                scan_areas[num_scan_areas].addr = addr;
+                scan_areas[num_scan_areas].size = size;
+                num_scan_areas++;
+
+                /* Assume we've already mapped this early memory */
+                memset(__va(addr), 0, size);
+
+                addr += size;
+        }
+
+        printk(KERN_INFO "Scanning %d areas for low memory corruption\n",
+               num_scan_areas);
+        update_e820();
+}
+
+
+void check_for_bios_corruption(void)
+{
+        int i;
+        int corruption = 0;
+
+        if (!memory_corruption_check)
+                return;
+
+        for (i = 0; i < num_scan_areas; i++) {
+                unsigned long *addr = __va(scan_areas[i].addr);
+                unsigned long size = scan_areas[i].size;
+
+                for (; size; addr++, size -= sizeof(unsigned long)) {
+                        if (!*addr)
+                                continue;
+                        printk(KERN_ERR "Corrupted low memory at %p (%lx phys) = %08lx\n",
+                               addr, __pa(addr), *addr);
+                        corruption = 1;
+                        *addr = 0;
+                }
+        }
+
+        WARN_ONCE(corruption, KERN_ERR "Memory corruption detected in low memory\n");
+}
+
+static void check_corruption(struct work_struct *dummy);
+static DECLARE_DELAYED_WORK(bios_check_work, check_corruption);
+
+static void check_corruption(struct work_struct *dummy)
+{
+        check_for_bios_corruption();
+        schedule_delayed_work(&bios_check_work,
+                round_jiffies_relative(corruption_check_period*HZ)); 
+}
+
+static int start_periodic_check_for_corruption(void)
+{
+        if (!memory_corruption_check || corruption_check_period == 0)
+                return 0;
+
+        printk(KERN_INFO "Scanning for low memory corruption every %d seconds\n",
+               corruption_check_period);
+
+        /* First time we run the checks right away */
+        schedule_delayed_work(&bios_check_work, 0);
+        return 0;
+}
+
+module_init(start_periodic_check_for_corruption);
+
diff --git a/arch/x86/kernel/cpu/Makefile b/arch/x86/kernel/cpu/Makefile
index 82ec6075c057..82db7f45e2de 100644
--- a/arch/x86/kernel/cpu/Makefile
+++ b/arch/x86/kernel/cpu/Makefile
@@ -2,8 +2,14 @@
 # Makefile for x86-compatible CPU details and quirks
 #
 
+# Don't trace early stages of a secondary CPU boot
+ifdef CONFIG_FUNCTION_TRACER
+CFLAGS_REMOVE_common.o = -pg
+endif
+
 obj-y                   := intel_cacheinfo.o addon_cpuid_features.o
 obj-y                   += proc.o capflags.o powerflags.o common.o
+obj-y                   += vmware.o hypervisor.o
 
 obj-$(CONFIG_X86_32)    += bugs.o cmpxchg.o
 obj-$(CONFIG_X86_64)    += bugs_64.o
diff --git a/arch/x86/kernel/cpu/addon_cpuid_features.c b/arch/x86/kernel/cpu/addon_cpuid_features.c
index ef8f831af823..2cf23634b6d9 100644
--- a/arch/x86/kernel/cpu/addon_cpuid_features.c
+++ b/arch/x86/kernel/cpu/addon_cpuid_features.c
@@ -120,9 +120,17 @@ void __cpuinit detect_extended_topology(struct cpuinfo_x86 *c)
         c->cpu_core_id = phys_pkg_id(c->initial_apicid, ht_mask_width)
                                                  & core_select_mask;
         c->phys_proc_id = phys_pkg_id(c->initial_apicid, core_plus_mask_width);
+        /*
+         * Reinit the apicid, now that we have extended initial_apicid.
+         */
+        c->apicid = phys_pkg_id(c->initial_apicid, 0);
 #else
         c->cpu_core_id = phys_pkg_id(ht_mask_width) & core_select_mask;
         c->phys_proc_id = phys_pkg_id(core_plus_mask_width);
+        /*
+         * Reinit the apicid, now that we have extended initial_apicid.
+         */
+        c->apicid = phys_pkg_id(0);
 #endif
         c->x86_max_cores = (core_level_siblings / smp_num_siblings);
 
diff --git a/arch/x86/kernel/cpu/amd.c b/arch/x86/kernel/cpu/amd.c
index 8f1e31db2ad5..7c878f6aa919 100644
--- a/arch/x86/kernel/cpu/amd.c
+++ b/arch/x86/kernel/cpu/amd.c
@@ -283,9 +283,14 @@ static void __cpuinit early_init_amd(struct cpuinfo_x86 *c)
 {
         early_init_amd_mc(c);
 
-        /* c->x86_power is 8000_0007 edx. Bit 8 is constant TSC */
-        if (c->x86_power & (1<<8))
+        /*
+         * c->x86_power is 8000_0007 edx. Bit 8 is TSC runs at constant rate
+         * with P/T states and does not stop in deep C-states
+         */
+        if (c->x86_power & (1 << 8)) {
                 set_cpu_cap(c, X86_FEATURE_CONSTANT_TSC);
+                set_cpu_cap(c, X86_FEATURE_NONSTOP_TSC);
+        }
 
 #ifdef CONFIG_X86_64
         set_cpu_cap(c, X86_FEATURE_SYSCALL32);
diff --git a/arch/x86/kernel/cpu/common.c b/arch/x86/kernel/cpu/common.c
index b9c9ea0217a9..42e0853030cb 100644
--- a/arch/x86/kernel/cpu/common.c
+++ b/arch/x86/kernel/cpu/common.c
@@ -36,6 +36,7 @@
 #include <asm/proto.h>
 #include <asm/sections.h>
 #include <asm/setup.h>
+#include <asm/hypervisor.h>
 
 #include "cpu.h"
 
@@ -703,6 +704,7 @@ static void __cpuinit identify_cpu(struct cpuinfo_x86 *c)
         detect_ht(c);
 #endif
 
+        init_hypervisor(c);
         /*
          * On SMP, boot_cpu_data holds the common feature set between
          * all CPUs; so make sure that we indicate which features are
@@ -862,7 +864,7 @@ EXPORT_SYMBOL(_cpu_pda);
 
 struct desc_ptr idt_descr = { 256 * 16 - 1, (unsigned long) idt_table };
 
-char boot_cpu_stack[IRQSTACKSIZE] __page_aligned_bss;
+static char boot_cpu_stack[IRQSTACKSIZE] __page_aligned_bss;
 
 void __cpuinit pda_init(int cpu)
 {
@@ -903,8 +905,8 @@ void __cpuinit pda_init(int cpu)
         }
 }
 
-char boot_exception_stacks[(N_EXCEPTION_STACKS - 1) * EXCEPTION_STKSZ +
-                           DEBUG_STKSZ] __page_aligned_bss;
+static char boot_exception_stacks[(N_EXCEPTION_STACKS - 1) * EXCEPTION_STKSZ +
+                                  DEBUG_STKSZ] __page_aligned_bss;
 
 extern asmlinkage void ignore_sysret(void);
 
diff --git a/arch/x86/kernel/cpu/hypervisor.c b/arch/x86/kernel/cpu/hypervisor.c
new file mode 100644
index 000000000000..fb5b86af0b01
--- /dev/null
+++ b/arch/x86/kernel/cpu/hypervisor.c
@@ -0,0 +1,58 @@
+/*
+ * Common hypervisor code
+ *
+ * Copyright (C) 2008, VMware, Inc.
+ * Author : Alok N Kataria <akataria@vmware.com>
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE, GOOD TITLE or
+ * NON INFRINGEMENT.  See the GNU General Public License for more
+ * details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ */
+
+#include <asm/processor.h>
+#include <asm/vmware.h>
+#include <asm/hypervisor.h>
+
+static inline void __cpuinit
+detect_hypervisor_vendor(struct cpuinfo_x86 *c)
+{
+        if (vmware_platform()) {
+                c->x86_hyper_vendor = X86_HYPER_VENDOR_VMWARE;
+        } else {
+                c->x86_hyper_vendor = X86_HYPER_VENDOR_NONE;
+        }
+}
+
+unsigned long get_hypervisor_tsc_freq(void)
+{
+        if (boot_cpu_data.x86_hyper_vendor == X86_HYPER_VENDOR_VMWARE)
+                return vmware_get_tsc_khz();
+        return 0;
+}
+
+static inline void __cpuinit
+hypervisor_set_feature_bits(struct cpuinfo_x86 *c)
+{
+        if (boot_cpu_data.x86_hyper_vendor == X86_HYPER_VENDOR_VMWARE) {
+                vmware_set_feature_bits(c);
+                return;
+        }
+}
+
+void __cpuinit init_hypervisor(struct cpuinfo_x86 *c)
+{
+        detect_hypervisor_vendor(c);
+        hypervisor_set_feature_bits(c);
+}
diff --git a/arch/x86/kernel/cpu/intel.c b/arch/x86/kernel/cpu/intel.c
index 816f27f289b1..8ea6929e974c 100644
--- a/arch/x86/kernel/cpu/intel.c
+++ b/arch/x86/kernel/cpu/intel.c
@@ -11,7 +11,6 @@
 #include <asm/pgtable.h>
 #include <asm/msr.h>
 #include <asm/uaccess.h>
-#include <asm/ptrace.h>
 #include <asm/ds.h>
 #include <asm/bugs.h>
 
@@ -41,6 +40,16 @@ static void __cpuinit early_init_intel(struct cpuinfo_x86 *c)
         if (c->x86 == 15 && c->x86_cache_alignment == 64)
                 c->x86_cache_alignment = 128;
 #endif
+
+        /*
+         * c->x86_power is 8000_0007 edx. Bit 8 is TSC runs at constant rate
+         * with P/T states and does not stop in deep C-states
+         */
+        if (c->x86_power & (1 << 8)) {
+                set_cpu_cap(c, X86_FEATURE_CONSTANT_TSC);
+                set_cpu_cap(c, X86_FEATURE_NONSTOP_TSC);
+        }
+
 }
 
 #ifdef CONFIG_X86_32
@@ -242,6 +251,13 @@ static void __cpuinit init_intel(struct cpuinfo_x86 *c)
 
         intel_workarounds(c);
 
+        /*
+         * Detect the extended topology information if available. This
+         * will reinitialise the initial_apicid which will be used
+         * in init_intel_cacheinfo()
+         */
+        detect_extended_topology(c);
+
         l2 = init_intel_cacheinfo(c);
         if (c->cpuid_level > 9) {
                 unsigned eax = cpuid_eax(10);
@@ -309,10 +325,6 @@ static void __cpuinit init_intel(struct cpuinfo_x86 *c)
                 set_cpu_cap(c, X86_FEATURE_P3);
 #endif
 
-        if (cpu_has_bts)
-                ptrace_bts_init_intel(c);
-
-        detect_extended_topology(c);
         if (!cpu_has(c, X86_FEATURE_XTOPOLOGY)) {
                 /*
                  * let's use the legacy cpuid vector 0x1 and 0x4 for topology
diff --git a/arch/x86/kernel/cpu/intel_cacheinfo.c b/arch/x86/kernel/cpu/intel_cacheinfo.c
index 7bd00a565672..48533d77be78 100644
--- a/arch/x86/kernel/cpu/intel_cacheinfo.c
+++ b/arch/x86/kernel/cpu/intel_cacheinfo.c
@@ -641,20 +641,17 @@ static inline ssize_t show_shared_cpu_list(struct _cpuid4_info *leaf, char *buf)
         return show_shared_cpu_map_func(leaf, 1, buf);
 }
 
-static ssize_t show_type(struct _cpuid4_info *this_leaf, char *buf) {
-        switch(this_leaf->eax.split.type) {
-            case CACHE_TYPE_DATA:
+static ssize_t show_type(struct _cpuid4_info *this_leaf, char *buf)
+{
+        switch (this_leaf->eax.split.type) {
+        case CACHE_TYPE_DATA:
                 return sprintf(buf, "Data\n");
-                break;
-            case CACHE_TYPE_INST:
+        case CACHE_TYPE_INST:
                 return sprintf(buf, "Instruction\n");
-                break;
-            case CACHE_TYPE_UNIFIED:
+        case CACHE_TYPE_UNIFIED:
                 return sprintf(buf, "Unified\n");
-                break;
-            default:
+        default:
                 return sprintf(buf, "Unknown\n");
-                break;
         }
 }
 
diff --git a/arch/x86/kernel/cpu/mcheck/mce_64.c b/arch/x86/kernel/cpu/mcheck/mce_64.c
index 4b031a4ac856..1c838032fd37 100644
--- a/arch/x86/kernel/cpu/mcheck/mce_64.c
+++ b/arch/x86/kernel/cpu/mcheck/mce_64.c
@@ -510,12 +510,9 @@ static void __cpuinit mce_cpu_features(struct cpuinfo_x86 *c)
  */
 void __cpuinit mcheck_init(struct cpuinfo_x86 *c)
 {
-        static cpumask_t mce_cpus = CPU_MASK_NONE;
-
         mce_cpu_quirks(c);
 
         if (mce_dont_init ||
-            cpu_test_and_set(smp_processor_id(), mce_cpus) ||
             !mce_available(c))
                 return;
 
diff --git a/arch/x86/kernel/cpu/mcheck/mce_amd_64.c b/arch/x86/kernel/cpu/mcheck/mce_amd_64.c
index a1de80f368f1..a5a5e0530370 100644
--- a/arch/x86/kernel/cpu/mcheck/mce_amd_64.c
+++ b/arch/x86/kernel/cpu/mcheck/mce_amd_64.c
@@ -248,7 +248,7 @@ asmlinkage void mce_threshold_interrupt(void)
                 }
         }
 out:
-        add_pda(irq_threshold_count, 1);
+        inc_irq_stat(irq_threshold_count);
         irq_exit();
 }
 
diff --git a/arch/x86/kernel/cpu/mcheck/mce_intel_64.c b/arch/x86/kernel/cpu/mcheck/mce_intel_64.c
index c17eaf5dd6dd..4b48f251fd39 100644
--- a/arch/x86/kernel/cpu/mcheck/mce_intel_64.c
+++ b/arch/x86/kernel/cpu/mcheck/mce_intel_64.c
@@ -26,7 +26,7 @@ asmlinkage void smp_thermal_interrupt(void)
         if (therm_throt_process(msr_val & 1))
                 mce_log_therm_throt_event(smp_processor_id(), msr_val);
 
-        add_pda(irq_thermal_count, 1);
+        inc_irq_stat(irq_thermal_count);
         irq_exit();
 }
 
diff --git a/arch/x86/kernel/cpu/mtrr/main.c b/arch/x86/kernel/cpu/mtrr/main.c
index c78c04821ea1..1159e269e596 100644
--- a/arch/x86/kernel/cpu/mtrr/main.c
+++ b/arch/x86/kernel/cpu/mtrr/main.c
@@ -803,6 +803,7 @@ x86_get_mtrr_mem_range(struct res_range *range, int nr_range,
 }
 
 static struct res_range __initdata range[RANGE_NUM];
+static int __initdata nr_range;
 
 #ifdef CONFIG_MTRR_SANITIZER
 
@@ -1206,39 +1207,43 @@ struct mtrr_cleanup_result {
 #define PSHIFT          (PAGE_SHIFT - 10)
 
 static struct mtrr_cleanup_result __initdata result[NUM_RESULT];
-static struct res_range __initdata range_new[RANGE_NUM];
 static unsigned long __initdata min_loss_pfn[RANGE_NUM];
 
-static int __init mtrr_cleanup(unsigned address_bits)
+static void __init print_out_mtrr_range_state(void)
 {
-        unsigned long extra_remove_base, extra_remove_size;
-        unsigned long base, size, def, dummy;
-        mtrr_type type;
-        int nr_range, nr_range_new;
-        u64 chunk_size, gran_size;
-        unsigned long range_sums, range_sums_new;
-        int index_good;
-        int num_reg_good;
         int i;
+        char start_factor = 'K', size_factor = 'K';
+        unsigned long start_base, size_base;
+        mtrr_type type;
 
-        /* extra one for all 0 */
-        int num[MTRR_NUM_TYPES + 1];
+        for (i = 0; i < num_var_ranges; i++) {
 
-        if (!is_cpu(INTEL) || enable_mtrr_cleanup < 1)
-                return 0;
-        rdmsr(MTRRdefType_MSR, def, dummy);
-        def &= 0xff;
-        if (def != MTRR_TYPE_UNCACHABLE)
-                return 0;
+                size_base = range_state[i].size_pfn << (PAGE_SHIFT - 10);
+                if (!size_base)
+                        continue;
 
-        /* get it and store it aside */
-        memset(range_state, 0, sizeof(range_state));
-        for (i = 0; i < num_var_ranges; i++) {
-                mtrr_if->get(i, &base, &size, &type);
-                range_state[i].base_pfn = base;
-                range_state[i].size_pfn = size;
-                range_state[i].type = type;
+                size_base = to_size_factor(size_base, &size_factor),
+                start_base = range_state[i].base_pfn << (PAGE_SHIFT - 10);
+                start_base = to_size_factor(start_base, &start_factor),
+                type = range_state[i].type;
+
+                printk(KERN_DEBUG "reg %d, base: %ld%cB, range: %ld%cB, type %s\n",
+                        i, start_base, start_factor,
+                        size_base, size_factor,
+                        (type == MTRR_TYPE_UNCACHABLE) ? "UC" :
+                            ((type == MTRR_TYPE_WRPROT) ? "WP" :
+                             ((type == MTRR_TYPE_WRBACK) ? "WB" : "Other"))
+                        );
         }
+}
+
+static int __init mtrr_need_cleanup(void)
+{
+        int i;
+        mtrr_type type;
+        unsigned long size;
+        /* extra one for all 0 */
+        int num[MTRR_NUM_TYPES + 1];
 
         /* check entries number */
         memset(num, 0, sizeof(num));
@@ -1263,29 +1268,133 @@ static int __init mtrr_cleanup(unsigned address_bits)
                 num_var_ranges - num[MTRR_NUM_TYPES])
                 return 0;
 
-        /* print original var MTRRs at first, for debugging: */
-        printk(KERN_DEBUG "original variable MTRRs\n");
-        for (i = 0; i < num_var_ranges; i++) {
-                char start_factor = 'K', size_factor = 'K';
-                unsigned long start_base, size_base;
+        return 1;
+}
 
-                size_base = range_state[i].size_pfn << (PAGE_SHIFT - 10);
-                if (!size_base)
-                        continue;
+static unsigned long __initdata range_sums;
+static void __init mtrr_calc_range_state(u64 chunk_size, u64 gran_size,
+                                         unsigned long extra_remove_base,
+                                         unsigned long extra_remove_size,
+                                         int i)
+{
+        int num_reg;
+        static struct res_range range_new[RANGE_NUM];
+        static int nr_range_new;
+        unsigned long range_sums_new;
+
+        /* convert ranges to var ranges state */
+        num_reg = x86_setup_var_mtrrs(range, nr_range,
+                                                chunk_size, gran_size);
+
+        /* we got new setting in range_state, check it */
+        memset(range_new, 0, sizeof(range_new));
+        nr_range_new = x86_get_mtrr_mem_range(range_new, 0,
+                                extra_remove_base, extra_remove_size);
+        range_sums_new = sum_ranges(range_new, nr_range_new);
+
+        result[i].chunk_sizek = chunk_size >> 10;
+        result[i].gran_sizek = gran_size >> 10;
+        result[i].num_reg = num_reg;
+        if (range_sums < range_sums_new) {
+                result[i].lose_cover_sizek =
+                        (range_sums_new - range_sums) << PSHIFT;
+                result[i].bad = 1;
+        } else
+                result[i].lose_cover_sizek =
+                        (range_sums - range_sums_new) << PSHIFT;
 
-                size_base = to_size_factor(size_base, &size_factor),
-                start_base = range_state[i].base_pfn << (PAGE_SHIFT - 10);
-                start_base = to_size_factor(start_base, &start_factor),
-                type = range_state[i].type;
+        /* double check it */
+        if (!result[i].bad && !result[i].lose_cover_sizek) {
+                if (nr_range_new != nr_range ||
+                        memcmp(range, range_new, sizeof(range)))
+                                result[i].bad = 1;
+        }
 
-                printk(KERN_DEBUG "reg %d, base: %ld%cB, range: %ld%cB, type %s\n",
-                        i, start_base, start_factor,
-                        size_base, size_factor,
-                        (type == MTRR_TYPE_UNCACHABLE) ? "UC" :
-                            ((type == MTRR_TYPE_WRPROT) ? "WP" :
-                             ((type == MTRR_TYPE_WRBACK) ? "WB" : "Other"))
-                        );
+        if (!result[i].bad && (range_sums - range_sums_new <
+                                min_loss_pfn[num_reg])) {
+                min_loss_pfn[num_reg] =
+                        range_sums - range_sums_new;
         }
+}
+
+static void __init mtrr_print_out_one_result(int i)
+{
+        char gran_factor, chunk_factor, lose_factor;
+        unsigned long gran_base, chunk_base, lose_base;
+
+        gran_base = to_size_factor(result[i].gran_sizek, &gran_factor),
+        chunk_base = to_size_factor(result[i].chunk_sizek, &chunk_factor),
+        lose_base = to_size_factor(result[i].lose_cover_sizek, &lose_factor),
+        printk(KERN_INFO "%sgran_size: %ld%c \tchunk_size: %ld%c \t",
+                        result[i].bad ? "*BAD*" : " ",
+                        gran_base, gran_factor, chunk_base, chunk_factor);
+        printk(KERN_CONT "num_reg: %d  \tlose cover RAM: %s%ld%c\n",
+                        result[i].num_reg, result[i].bad ? "-" : "",
+                        lose_base, lose_factor);
+}
+
+static int __init mtrr_search_optimal_index(void)
+{
+        int i;
+        int num_reg_good;
+        int index_good;
+
+        if (nr_mtrr_spare_reg >= num_var_ranges)
+                nr_mtrr_spare_reg = num_var_ranges - 1;
+        num_reg_good = -1;
+        for (i = num_var_ranges - nr_mtrr_spare_reg; i > 0; i--) {
+                if (!min_loss_pfn[i])
+                        num_reg_good = i;
+        }
+
+        index_good = -1;
+        if (num_reg_good != -1) {
+                for (i = 0; i < NUM_RESULT; i++) {
+                        if (!result[i].bad &&
+                            result[i].num_reg == num_reg_good &&
+                            !result[i].lose_cover_sizek) {
+                                index_good = i;
+                                break;
+                        }
+                }
+        }
+
+        return index_good;
+}
+
+
+static int __init mtrr_cleanup(unsigned address_bits)
+{
+        unsigned long extra_remove_base, extra_remove_size;
+        unsigned long base, size, def, dummy;
+        mtrr_type type;
+        u64 chunk_size, gran_size;
+        int index_good;
+        int i;
+
+        if (!is_cpu(INTEL) || enable_mtrr_cleanup < 1)
+                return 0;
+        rdmsr(MTRRdefType_MSR, def, dummy);
+        def &= 0xff;
+        if (def != MTRR_TYPE_UNCACHABLE)
+                return 0;
+
+        /* get it and store it aside */
+        memset(range_state, 0, sizeof(range_state));
+        for (i = 0; i < num_var_ranges; i++) {
+                mtrr_if->get(i, &base, &size, &type);
+                range_state[i].base_pfn = base;
+                range_state[i].size_pfn = size;
+                range_state[i].type = type;
+        }
+
+        /* check if we need handle it and can handle it */
+        if (!mtrr_need_cleanup())
+                return 0;
+
+        /* print original var MTRRs at first, for debugging: */
+        printk(KERN_DEBUG "original variable MTRRs\n");
+        print_out_mtrr_range_state();
 
         memset(range, 0, sizeof(range));
         extra_remove_size = 0;
@@ -1309,176 +1418,64 @@ static int __init mtrr_cleanup(unsigned address_bits)
                range_sums >> (20 - PAGE_SHIFT));
 
         if (mtrr_chunk_size && mtrr_gran_size) {
-                int num_reg;
-                char gran_factor, chunk_factor, lose_factor;
-                unsigned long gran_base, chunk_base, lose_base;
-
-                debug_print++;
-                /* convert ranges to var ranges state */
-                num_reg = x86_setup_var_mtrrs(range, nr_range, mtrr_chunk_size,
-                                              mtrr_gran_size);
+                i = 0;
+                mtrr_calc_range_state(mtrr_chunk_size, mtrr_gran_size,
+                                      extra_remove_base, extra_remove_size, i);
 
-                /* we got new setting in range_state, check it */
-                memset(range_new, 0, sizeof(range_new));
-                nr_range_new = x86_get_mtrr_mem_range(range_new, 0,
-                                                      extra_remove_base,
-                                                      extra_remove_size);
-                range_sums_new = sum_ranges(range_new, nr_range_new);
+                mtrr_print_out_one_result(i);
 
-                i = 0;
-                result[i].chunk_sizek = mtrr_chunk_size >> 10;
-                result[i].gran_sizek = mtrr_gran_size >> 10;
-                result[i].num_reg = num_reg;
-                if (range_sums < range_sums_new) {
-                        result[i].lose_cover_sizek =
-                                (range_sums_new - range_sums) << PSHIFT;
-                        result[i].bad = 1;
-                } else
-                        result[i].lose_cover_sizek =
-                                (range_sums - range_sums_new) << PSHIFT;
-
-                gran_base = to_size_factor(result[i].gran_sizek, &gran_factor),
-                chunk_base = to_size_factor(result[i].chunk_sizek, &chunk_factor),
-                lose_base = to_size_factor(result[i].lose_cover_sizek, &lose_factor),
-                printk(KERN_INFO "%sgran_size: %ld%c \tchunk_size: %ld%c \t",
-                         result[i].bad?"*BAD*":" ",
-                         gran_base, gran_factor, chunk_base, chunk_factor);
-                printk(KERN_CONT "num_reg: %d  \tlose cover RAM: %s%ld%c\n",
-                         result[i].num_reg, result[i].bad?"-":"",
-                         lose_base, lose_factor);
                 if (!result[i].bad) {
                         set_var_mtrr_all(address_bits);
                         return 1;
                 }
                 printk(KERN_INFO "invalid mtrr_gran_size or mtrr_chunk_size, "
                        "will find optimal one\n");
-                debug_print--;
-                memset(result, 0, sizeof(result[0]));
         }
 
         i = 0;
         memset(min_loss_pfn, 0xff, sizeof(min_loss_pfn));
         memset(result, 0, sizeof(result));
         for (gran_size = (1ULL<<16); gran_size < (1ULL<<32); gran_size <<= 1) {
-                char gran_factor;
-                unsigned long gran_base;
-
-                if (debug_print)
-                        gran_base = to_size_factor(gran_size >> 10, &gran_factor);
 
                 for (chunk_size = gran_size; chunk_size < (1ULL<<32);
                      chunk_size <<= 1) {
-                        int num_reg;
 
-                        if (debug_print) {
-                                char chunk_factor;
-                                unsigned long chunk_base;
-
-                                chunk_base = to_size_factor(chunk_size>>10, &chunk_factor),
-                                printk(KERN_INFO "\n");
-                                printk(KERN_INFO "gran_size: %ld%c   chunk_size: %ld%c \n",
-                                       gran_base, gran_factor, chunk_base, chunk_factor);
-                        }
                         if (i >= NUM_RESULT)
                                 continue;
 
-                        /* convert ranges to var ranges state */
-                        num_reg = x86_setup_var_mtrrs(range, nr_range,
-                                                         chunk_size, gran_size);
-
-                        /* we got new setting in range_state, check it */
-                        memset(range_new, 0, sizeof(range_new));
-                        nr_range_new = x86_get_mtrr_mem_range(range_new, 0,
-                                         extra_remove_base, extra_remove_size);
-                        range_sums_new = sum_ranges(range_new, nr_range_new);
-
-                        result[i].chunk_sizek = chunk_size >> 10;
-                        result[i].gran_sizek = gran_size >> 10;
-                        result[i].num_reg = num_reg;
-                        if (range_sums < range_sums_new) {
-                                result[i].lose_cover_sizek =
-                                        (range_sums_new - range_sums) << PSHIFT;
-                                result[i].bad = 1;
-                        } else
-                                result[i].lose_cover_sizek =
-                                        (range_sums - range_sums_new) << PSHIFT;
-
-                        /* double check it */
-                        if (!result[i].bad && !result[i].lose_cover_sizek) {
-                                if (nr_range_new != nr_range ||
-                                        memcmp(range, range_new, sizeof(range)))
-                                                result[i].bad = 1;
+                        mtrr_calc_range_state(chunk_size, gran_size,
+                                      extra_remove_base, extra_remove_size, i);
+                        if (debug_print) {
+                                mtrr_print_out_one_result(i);
+                                printk(KERN_INFO "\n");
                         }
 
-                        if (!result[i].bad && (range_sums - range_sums_new <
-                                               min_loss_pfn[num_reg])) {
-                                min_loss_pfn[num_reg] =
-                                        range_sums - range_sums_new;
-                        }
                         i++;
                 }
         }
 
-        /* print out all */
-        for (i = 0; i < NUM_RESULT; i++) {
-                char gran_factor, chunk_factor, lose_factor;
-                unsigned long gran_base, chunk_base, lose_base;
-
-                gran_base = to_size_factor(result[i].gran_sizek, &gran_factor),
-                chunk_base = to_size_factor(result[i].chunk_sizek, &chunk_factor),
-                lose_base = to_size_factor(result[i].lose_cover_sizek, &lose_factor),
-                printk(KERN_INFO "%sgran_size: %ld%c \tchunk_size: %ld%c \t",
-                         result[i].bad?"*BAD*":" ",
-                         gran_base, gran_factor, chunk_base, chunk_factor);
-                printk(KERN_CONT "num_reg: %d  \tlose cover RAM: %s%ld%c\n",
-                         result[i].num_reg, result[i].bad?"-":"",
-                         lose_base, lose_factor);
-        }
-
         /* try to find the optimal index */
-        if (nr_mtrr_spare_reg >= num_var_ranges)
-                nr_mtrr_spare_reg = num_var_ranges - 1;
-        num_reg_good = -1;
-        for (i = num_var_ranges - nr_mtrr_spare_reg; i > 0; i--) {
-                if (!min_loss_pfn[i])
-                        num_reg_good = i;
-        }
-
-        index_good = -1;
-        if (num_reg_good != -1) {
-                for (i = 0; i < NUM_RESULT; i++) {
-                        if (!result[i].bad &&
-                            result[i].num_reg == num_reg_good &&
-                            !result[i].lose_cover_sizek) {
-                                index_good = i;
-                                break;
-                        }
-                }
-        }
+        index_good = mtrr_search_optimal_index();
 
         if (index_good != -1) {
-                char gran_factor, chunk_factor, lose_factor;
-                unsigned long gran_base, chunk_base, lose_base;
-
                 printk(KERN_INFO "Found optimal setting for mtrr clean up\n");
                 i = index_good;
-                gran_base = to_size_factor(result[i].gran_sizek, &gran_factor),
-                chunk_base = to_size_factor(result[i].chunk_sizek, &chunk_factor),
-                lose_base = to_size_factor(result[i].lose_cover_sizek, &lose_factor),
-                printk(KERN_INFO "gran_size: %ld%c \tchunk_size: %ld%c \t",
-                         gran_base, gran_factor, chunk_base, chunk_factor);
-                printk(KERN_CONT "num_reg: %d  \tlose RAM: %ld%c\n",
-                         result[i].num_reg, lose_base, lose_factor);
+                mtrr_print_out_one_result(i);
+
                 /* convert ranges to var ranges state */
                 chunk_size = result[i].chunk_sizek;
                 chunk_size <<= 10;
                 gran_size = result[i].gran_sizek;
                 gran_size <<= 10;
-                debug_print++;
                 x86_setup_var_mtrrs(range, nr_range, chunk_size, gran_size);
-                debug_print--;
                 set_var_mtrr_all(address_bits);
+                printk(KERN_DEBUG "New variable MTRRs\n");
+                print_out_mtrr_range_state();
                 return 1;
+        } else {
+                /* print out all */
+                for (i = 0; i < NUM_RESULT; i++)
+                        mtrr_print_out_one_result(i);
         }
 
         printk(KERN_INFO "mtrr_cleanup: can not find optimal value\n");
@@ -1562,7 +1559,6 @@ int __init mtrr_trim_uncached_memory(unsigned long end_pfn)
 {
         unsigned long i, base, size, highest_pfn = 0, def, dummy;
         mtrr_type type;
-        int nr_range;
         u64 total_trim_size;
 
         /* extra one for all 0 */
diff --git a/arch/x86/kernel/cpu/vmware.c b/arch/x86/kernel/cpu/vmware.c
new file mode 100644
index 000000000000..284c399e3234
--- /dev/null
+++ b/arch/x86/kernel/cpu/vmware.c
@@ -0,0 +1,112 @@
+/*
+ * VMware Detection code.
+ *
+ * Copyright (C) 2008, VMware, Inc.
+ * Author : Alok N Kataria <akataria@vmware.com>
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE, GOOD TITLE or
+ * NON INFRINGEMENT.  See the GNU General Public License for more
+ * details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ */
+
+#include <linux/dmi.h>
+#include <asm/div64.h>
+#include <asm/vmware.h>
+
+#define CPUID_VMWARE_INFO_LEAF  0x40000000
+#define VMWARE_HYPERVISOR_MAGIC 0x564D5868
+#define VMWARE_HYPERVISOR_PORT  0x5658
+
+#define VMWARE_PORT_CMD_GETVERSION      10
+#define VMWARE_PORT_CMD_GETHZ           45
+
+#define VMWARE_PORT(cmd, eax, ebx, ecx, edx)                            \
+        __asm__("inl (%%dx)" :                                          \
+                        "=a"(eax), "=c"(ecx), "=d"(edx), "=b"(ebx) :    \
+                        "0"(VMWARE_HYPERVISOR_MAGIC),                   \
+                        "1"(VMWARE_PORT_CMD_##cmd),                     \
+                        "2"(VMWARE_HYPERVISOR_PORT), "3"(UINT_MAX) :    \
+                        "memory");
+
+static inline int __vmware_platform(void)
+{
+        uint32_t eax, ebx, ecx, edx;
+        VMWARE_PORT(GETVERSION, eax, ebx, ecx, edx);
+        return eax != (uint32_t)-1 && ebx == VMWARE_HYPERVISOR_MAGIC;
+}
+
+static unsigned long __vmware_get_tsc_khz(void)
+{
+        uint64_t tsc_hz;
+        uint32_t eax, ebx, ecx, edx;
+
+        VMWARE_PORT(GETHZ, eax, ebx, ecx, edx);
+
+        if (ebx == UINT_MAX)
+                return 0;
+        tsc_hz = eax | (((uint64_t)ebx) << 32);
+        do_div(tsc_hz, 1000);
+        BUG_ON(tsc_hz >> 32);
+        return tsc_hz;
+}
+
+/*
+ * While checking the dmi string infomation, just checking the product
+ * serial key should be enough, as this will always have a VMware
+ * specific string when running under VMware hypervisor.
+ */
+int vmware_platform(void)
+{
+        if (cpu_has_hypervisor) {
+                unsigned int eax, ebx, ecx, edx;
+                char hyper_vendor_id[13];
+
+                cpuid(CPUID_VMWARE_INFO_LEAF, &eax, &ebx, &ecx, &edx);
+                memcpy(hyper_vendor_id + 0, &ebx, 4);
+                memcpy(hyper_vendor_id + 4, &ecx, 4);
+                memcpy(hyper_vendor_id + 8, &edx, 4);
+                hyper_vendor_id[12] = '\0';
+                if (!strcmp(hyper_vendor_id, "VMwareVMware"))
+                        return 1;
+        } else if (dmi_available && dmi_name_in_serial("VMware") &&
+                   __vmware_platform())
+                return 1;
+
+        return 0;
+}
+
+unsigned long vmware_get_tsc_khz(void)
+{
+        BUG_ON(!vmware_platform());
+        return __vmware_get_tsc_khz();
+}
+
+/*
+ * VMware hypervisor takes care of exporting a reliable TSC to the guest.
+ * Still, due to timing difference when running on virtual cpus, the TSC can
+ * be marked as unstable in some cases. For example, the TSC sync check at
+ * bootup can fail due to a marginal offset between vcpus' TSCs (though the
+ * TSCs do not drift from each other).  Also, the ACPI PM timer clocksource
+ * is not suitable as a watchdog when running on a hypervisor because the
+ * kernel may miss a wrap of the counter if the vcpu is descheduled for a
+ * long time. To skip these checks at runtime we set these capability bits,
+ * so that the kernel could just trust the hypervisor with providing a
+ * reliable virtual TSC that is suitable for timekeeping.
+ */
+void __cpuinit vmware_set_feature_bits(struct cpuinfo_x86 *c)
+{
+        set_cpu_cap(c, X86_FEATURE_CONSTANT_TSC);
+        set_cpu_cap(c, X86_FEATURE_TSC_RELIABLE);
+}
diff --git a/arch/x86/kernel/ds.c b/arch/x86/kernel/ds.c
index 19a8c2c0389f..da91701a2348 100644
--- a/arch/x86/kernel/ds.c
+++ b/arch/x86/kernel/ds.c
@@ -6,13 +6,13 @@
  * precise-event based sampling (PEBS).
  *
  * It manages:
- * - per-thread and per-cpu allocation of BTS and PEBS
+ * - DS and BTS hardware configuration
  * - buffer overflow handling (to be done)
  * - buffer access
  *
- * It assumes:
- * - get_task_struct on all traced tasks
- * - current is allowed to trace tasks
+ * It does not do:
+ * - security checking (is the caller allowed to trace the task)
+ * - buffer allocation (memory accounting)
  *
  *
  * Copyright (C) 2007-2008 Intel Corporation.
@@ -34,15 +34,30 @@
  * The configuration for a particular DS hardware implementation.
  */
 struct ds_configuration {
-        /* the size of the DS structure in bytes */
-        unsigned char  sizeof_ds;
-        /* the size of one pointer-typed field in the DS structure in bytes;
-           this covers the first 8 fields related to buffer management. */
+        /* the name of the configuration */
+        const char *name;
+        /* the size of one pointer-typed field in the DS structure and
+           in the BTS and PEBS buffers in bytes;
+           this covers the first 8 DS fields related to buffer management. */
         unsigned char  sizeof_field;
         /* the size of a BTS/PEBS record in bytes */
         unsigned char  sizeof_rec[2];
+        /* a series of bit-masks to control various features indexed
+         * by enum ds_feature */
+        unsigned long ctl[dsf_ctl_max];
 };
-static struct ds_configuration ds_cfg;
+static DEFINE_PER_CPU(struct ds_configuration, ds_cfg_array);
+
+#define ds_cfg per_cpu(ds_cfg_array, smp_processor_id())
+
+#define MAX_SIZEOF_DS (12 * 8)  /* maximal size of a DS configuration */
+#define MAX_SIZEOF_BTS (3 * 8)  /* maximal size of a BTS record */
+#define DS_ALIGNMENT (1 << 3)   /* BTS and PEBS buffer alignment */
+
+#define BTS_CONTROL \
+ (ds_cfg.ctl[dsf_bts] | ds_cfg.ctl[dsf_bts_kernel] | ds_cfg.ctl[dsf_bts_user] |\
+  ds_cfg.ctl[dsf_bts_overflow])
+
 
 /*
  * A BTS or PEBS tracer.
@@ -61,6 +76,8 @@ struct ds_tracer {
 struct bts_tracer {
         /* the common DS part */
         struct ds_tracer ds;
+        /* the trace including the DS configuration */
+        struct bts_trace trace;
         /* buffer overflow notification function */
         bts_ovfl_callback_t ovfl;
 };
@@ -68,6 +85,8 @@ struct bts_tracer {
 struct pebs_tracer {
         /* the common DS part */
         struct ds_tracer ds;
+        /* the trace including the DS configuration */
+        struct pebs_trace trace;
         /* buffer overflow notification function */
         pebs_ovfl_callback_t ovfl;
 };
@@ -134,13 +153,11 @@ static inline void ds_set(unsigned char *base, enum ds_qualifier qual,
         (*(unsigned long *)base) = value;
 }
 
-#define DS_ALIGNMENT (1 << 3)   /* BTS and PEBS buffer alignment */
-
 
 /*
  * Locking is done only for allocating BTS or PEBS resources.
  */
-static spinlock_t ds_lock = __SPIN_LOCK_UNLOCKED(ds_lock);
+static DEFINE_SPINLOCK(ds_lock);
 
 
 /*
@@ -156,27 +173,32 @@ static spinlock_t ds_lock = __SPIN_LOCK_UNLOCKED(ds_lock);
  *   >0  number of per-thread tracers
  *   <0  number of per-cpu tracers
  *
- * The below functions to get and put tracers and to check the
- * allocation type require the ds_lock to be held by the caller.
- *
  * Tracers essentially gives the number of ds contexts for a certain
  * type of allocation.
  */
-static long tracers;
+static atomic_t tracers = ATOMIC_INIT(0);
 
 static inline void get_tracer(struct task_struct *task)
 {
-        tracers += (task ? 1 : -1);
+        if (task)
+                atomic_inc(&tracers);
+        else
+                atomic_dec(&tracers);
 }
 
 static inline void put_tracer(struct task_struct *task)
 {
-        tracers -= (task ? 1 : -1);
+        if (task)
+                atomic_dec(&tracers);
+        else
+                atomic_inc(&tracers);
 }
 
 static inline int check_tracer(struct task_struct *task)
 {
-        return (task ? (tracers >= 0) : (tracers <= 0));
+        return task ?
+                (atomic_read(&tracers) >= 0) :
+                (atomic_read(&tracers) <= 0);
 }
 
 
@@ -190,46 +212,66 @@ static inline int check_tracer(struct task_struct *task)
  * Contexts are use-counted. They are allocated on first access and
  * deallocated when the last user puts the context.
  */
-static DEFINE_PER_CPU(struct ds_context *, system_context);
+struct ds_context {
+        /* pointer to the DS configuration; goes into MSR_IA32_DS_AREA */
+        unsigned char ds[MAX_SIZEOF_DS];
+        /* the owner of the BTS and PEBS configuration, respectively */
+        struct bts_tracer *bts_master;
+        struct pebs_tracer *pebs_master;
+        /* use count */
+        unsigned long count;
+        /* a pointer to the context location inside the thread_struct
+         * or the per_cpu context array */
+        struct ds_context **this;
+        /* a pointer to the task owning this context, or NULL, if the
+         * context is owned by a cpu */
+        struct task_struct *task;
+};
+
+static DEFINE_PER_CPU(struct ds_context *, system_context_array);
+
+#define system_context per_cpu(system_context_array, smp_processor_id())
 
-#define this_system_context per_cpu(system_context, smp_processor_id())
 
 static inline struct ds_context *ds_get_context(struct task_struct *task)
 {
         struct ds_context **p_context =
-                (task ? &task->thread.ds_ctx : &this_system_context);
-        struct ds_context *context = *p_context;
+                (task ? &task->thread.ds_ctx : &system_context);
+        struct ds_context *context = NULL;
+        struct ds_context *new_context = NULL;
         unsigned long irq;
 
-        if (!context) {
-                context = kzalloc(sizeof(*context), GFP_KERNEL);
-                if (!context)
-                        return NULL;
+        /* Chances are small that we already have a context. */
+        new_context = kzalloc(sizeof(*new_context), GFP_KERNEL);
+        if (!new_context)
+                return NULL;
 
-                spin_lock_irqsave(&ds_lock, irq);
+        spin_lock_irqsave(&ds_lock, irq);
 
-                if (*p_context) {
-                        kfree(context);
+        context = *p_context;
+        if (!context) {
+                context = new_context;
 
-                        context = *p_context;
-                } else {
-                        *p_context = context;
+                context->this = p_context;
+                context->task = task;
+                context->count = 0;
 
-                        context->this = p_context;
-                        context->task = task;
+                if (task)
+                        set_tsk_thread_flag(task, TIF_DS_AREA_MSR);
 
-                        if (task)
-                                set_tsk_thread_flag(task, TIF_DS_AREA_MSR);
+                if (!task || (task == current))
+                        wrmsrl(MSR_IA32_DS_AREA, (unsigned long)context->ds);
 
-                        if (!task || (task == current))
-                                wrmsrl(MSR_IA32_DS_AREA,
-                                       (unsigned long)context->ds);
-                }
-                spin_unlock_irqrestore(&ds_lock, irq);
+                *p_context = context;
         }
 
         context->count++;
 
+        spin_unlock_irqrestore(&ds_lock, irq);
+
+        if (context != new_context)
+                kfree(new_context);
+
         return context;
 }
 
@@ -242,8 +284,10 @@ static inline void ds_put_context(struct ds_context *context)
 
         spin_lock_irqsave(&ds_lock, irq);
 
-        if (--context->count)
-                goto out;
+        if (--context->count) {
+                spin_unlock_irqrestore(&ds_lock, irq);
+                return;
+        }
 
         *(context->this) = NULL;
 
@@ -253,14 +297,14 @@ static inline void ds_put_context(struct ds_context *context)
         if (!context->task || (context->task == current))
                 wrmsrl(MSR_IA32_DS_AREA, 0);
 
-        kfree(context);
- out:
         spin_unlock_irqrestore(&ds_lock, irq);
+
+        kfree(context);
 }
 
 
 /*
- * Handle a buffer overflow
+ * Call the tracer's callback on a buffer overflow.
  *
  * context: the ds context
  * qual: the buffer type
@@ -268,30 +312,247 @@ static inline void ds_put_context(struct ds_context *context)
 static void ds_overflow(struct ds_context *context, enum ds_qualifier qual)
 {
         switch (qual) {
-        case ds_bts: {
-                struct bts_tracer *tracer =
-                        container_of(context->owner[qual],
-                                     struct bts_tracer, ds);
-                if (tracer->ovfl)
-                        tracer->ovfl(tracer);
-        }
+        case ds_bts:
+                if (context->bts_master &&
+                    context->bts_master->ovfl)
+                        context->bts_master->ovfl(context->bts_master);
                 break;
-        case ds_pebs: {
-                struct pebs_tracer *tracer =
-                        container_of(context->owner[qual],
-                                     struct pebs_tracer, ds);
-                if (tracer->ovfl)
-                        tracer->ovfl(tracer);
+        case ds_pebs:
+                if (context->pebs_master &&
+                    context->pebs_master->ovfl)
+                        context->pebs_master->ovfl(context->pebs_master);
+                break;
+        }
+}
+
+
+/*
+ * Write raw data into the BTS or PEBS buffer.
+ *
+ * The remainder of any partially written record is zeroed out.
+ *
+ * context: the DS context
+ * qual: the buffer type
+ * record: the data to write
+ * size: the size of the data
+ */
+static int ds_write(struct ds_context *context, enum ds_qualifier qual,
+                    const void *record, size_t size)
+{
+        int bytes_written = 0;
+
+        if (!record)
+                return -EINVAL;
+
+        while (size) {
+                unsigned long base, index, end, write_end, int_th;
+                unsigned long write_size, adj_write_size;
+
+                /*
+                 * write as much as possible without producing an
+                 * overflow interrupt.
+                 *
+                 * interrupt_threshold must either be
+                 * - bigger than absolute_maximum or
+                 * - point to a record between buffer_base and absolute_maximum
+                 *
+                 * index points to a valid record.
+                 */
+                base   = ds_get(context->ds, qual, ds_buffer_base);
+                index  = ds_get(context->ds, qual, ds_index);
+                end    = ds_get(context->ds, qual, ds_absolute_maximum);
+                int_th = ds_get(context->ds, qual, ds_interrupt_threshold);
+
+                write_end = min(end, int_th);
+
+                /* if we are already beyond the interrupt threshold,
+                 * we fill the entire buffer */
+                if (write_end <= index)
+                        write_end = end;
+
+                if (write_end <= index)
+                        break;
+
+                write_size = min((unsigned long) size, write_end - index);
+                memcpy((void *)index, record, write_size);
+
+                record = (const char *)record + write_size;
+                size -= write_size;
+                bytes_written += write_size;
+
+                adj_write_size = write_size / ds_cfg.sizeof_rec[qual];
+                adj_write_size *= ds_cfg.sizeof_rec[qual];
+
+                /* zero out trailing bytes */
+                memset((char *)index + write_size, 0,
+                       adj_write_size - write_size);
+                index += adj_write_size;
+
+                if (index >= end)
+                        index = base;
+                ds_set(context->ds, qual, ds_index, index);
+
+                if (index >= int_th)
+                        ds_overflow(context, qual);
+        }
+
+        return bytes_written;
+}
+
+
+/*
+ * Branch Trace Store (BTS) uses the following format. Different
+ * architectures vary in the size of those fields.
+ * - source linear address
+ * - destination linear address
+ * - flags
+ *
+ * Later architectures use 64bit pointers throughout, whereas earlier
+ * architectures use 32bit pointers in 32bit mode.
+ *
+ * We compute the base address for the first 8 fields based on:
+ * - the field size stored in the DS configuration
+ * - the relative field position
+ *
+ * In order to store additional information in the BTS buffer, we use
+ * a special source address to indicate that the record requires
+ * special interpretation.
+ *
+ * Netburst indicated via a bit in the flags field whether the branch
+ * was predicted; this is ignored.
+ *
+ * We use two levels of abstraction:
+ * - the raw data level defined here
+ * - an arch-independent level defined in ds.h
+ */
+
+enum bts_field {
+        bts_from,
+        bts_to,
+        bts_flags,
+
+        bts_qual = bts_from,
+        bts_jiffies = bts_to,
+        bts_pid = bts_flags,
+
+        bts_qual_mask = (bts_qual_max - 1),
+        bts_escape = ((unsigned long)-1 & ~bts_qual_mask)
+};
+
+static inline unsigned long bts_get(const char *base, enum bts_field field)
+{
+        base += (ds_cfg.sizeof_field * field);
+        return *(unsigned long *)base;
+}
+
+static inline void bts_set(char *base, enum bts_field field, unsigned long val)
+{
+        base += (ds_cfg.sizeof_field * field);;
+        (*(unsigned long *)base) = val;
+}
+
+
+/*
+ * The raw BTS data is architecture dependent.
+ *
+ * For higher-level users, we give an arch-independent view.
+ * - ds.h defines struct bts_struct
+ * - bts_read translates one raw bts record into a bts_struct
+ * - bts_write translates one bts_struct into the raw format and
+ *   writes it into the top of the parameter tracer's buffer.
+ *
+ * return: bytes read/written on success; -Eerrno, otherwise
+ */
+static int bts_read(struct bts_tracer *tracer, const void *at,
+                    struct bts_struct *out)
+{
+        if (!tracer)
+                return -EINVAL;
+
+        if (at < tracer->trace.ds.begin)
+                return -EINVAL;
+
+        if (tracer->trace.ds.end < (at + tracer->trace.ds.size))
+                return -EINVAL;
+
+        memset(out, 0, sizeof(*out));
+        if ((bts_get(at, bts_qual) & ~bts_qual_mask) == bts_escape) {
+                out->qualifier = (bts_get(at, bts_qual) & bts_qual_mask);
+                out->variant.timestamp.jiffies = bts_get(at, bts_jiffies);
+                out->variant.timestamp.pid = bts_get(at, bts_pid);
+        } else {
+                out->qualifier = bts_branch;
+                out->variant.lbr.from = bts_get(at, bts_from);
+                out->variant.lbr.to   = bts_get(at, bts_to);
+
+                if (!out->variant.lbr.from && !out->variant.lbr.to)
+                        out->qualifier = bts_invalid;
         }
+
+        return ds_cfg.sizeof_rec[ds_bts];
+}
+
+static int bts_write(struct bts_tracer *tracer, const struct bts_struct *in)
+{
+        unsigned char raw[MAX_SIZEOF_BTS];
+
+        if (!tracer)
+                return -EINVAL;
+
+        if (MAX_SIZEOF_BTS < ds_cfg.sizeof_rec[ds_bts])
+                return -EOVERFLOW;
+
+        switch (in->qualifier) {
+        case bts_invalid:
+                bts_set(raw, bts_from, 0);
+                bts_set(raw, bts_to, 0);
+                bts_set(raw, bts_flags, 0);
+                break;
+        case bts_branch:
+                bts_set(raw, bts_from, in->variant.lbr.from);
+                bts_set(raw, bts_to,   in->variant.lbr.to);
+                bts_set(raw, bts_flags, 0);
                 break;
+        case bts_task_arrives:
+        case bts_task_departs:
+                bts_set(raw, bts_qual, (bts_escape | in->qualifier));
+                bts_set(raw, bts_jiffies, in->variant.timestamp.jiffies);
+                bts_set(raw, bts_pid, in->variant.timestamp.pid);
+                break;
+        default:
+                return -EINVAL;
         }
+
+        return ds_write(tracer->ds.context, ds_bts, raw,
+                        ds_cfg.sizeof_rec[ds_bts]);
 }
 
 
-static void ds_install_ds_config(struct ds_context *context,
-                                 enum ds_qualifier qual,
-                                 void *base, size_t size, size_t ith)
+static void ds_write_config(struct ds_context *context,
+                            struct ds_trace *cfg, enum ds_qualifier qual)
 {
+        unsigned char *ds = context->ds;
+
+        ds_set(ds, qual, ds_buffer_base, (unsigned long)cfg->begin);
+        ds_set(ds, qual, ds_index, (unsigned long)cfg->top);
+        ds_set(ds, qual, ds_absolute_maximum, (unsigned long)cfg->end);
+        ds_set(ds, qual, ds_interrupt_threshold, (unsigned long)cfg->ith);
+}
+
+static void ds_read_config(struct ds_context *context,
+                           struct ds_trace *cfg, enum ds_qualifier qual)
+{
+        unsigned char *ds = context->ds;
+
+        cfg->begin = (void *)ds_get(ds, qual, ds_buffer_base);
+        cfg->top = (void *)ds_get(ds, qual, ds_index);
+        cfg->end = (void *)ds_get(ds, qual, ds_absolute_maximum);
+        cfg->ith = (void *)ds_get(ds, qual, ds_interrupt_threshold);
+}
+
+static void ds_init_ds_trace(struct ds_trace *trace, enum ds_qualifier qual,
+                             void *base, size_t size, size_t ith,
+                             unsigned int flags) {
         unsigned long buffer, adj;
 
         /* adjust the buffer address and size to meet alignment
@@ -308,32 +569,30 @@ static void ds_install_ds_config(struct ds_context *context,
         buffer += adj;
         size   -= adj;
 
-        size /= ds_cfg.sizeof_rec[qual];
-        size *= ds_cfg.sizeof_rec[qual];
+        trace->n = size / ds_cfg.sizeof_rec[qual];
+        trace->size = ds_cfg.sizeof_rec[qual];
 
-        ds_set(context->ds, qual, ds_buffer_base, buffer);
-        ds_set(context->ds, qual, ds_index, buffer);
-        ds_set(context->ds, qual, ds_absolute_maximum, buffer + size);
+        size = (trace->n * trace->size);
 
+        trace->begin = (void *)buffer;
+        trace->top = trace->begin;
+        trace->end = (void *)(buffer + size);
         /* The value for 'no threshold' is -1, which will set the
          * threshold outside of the buffer, just like we want it.
          */
-        ds_set(context->ds, qual,
-               ds_interrupt_threshold, buffer + size - ith);
+        trace->ith = (void *)(buffer + size - ith);
+
+        trace->flags = flags;
 }
 
-static int ds_request(struct ds_tracer *tracer, enum ds_qualifier qual,
-                      struct task_struct *task,
-                      void *base, size_t size, size_t th)
+
+static int ds_request(struct ds_tracer *tracer, struct ds_trace *trace,
+                      enum ds_qualifier qual, struct task_struct *task,
+                      void *base, size_t size, size_t th, unsigned int flags)
 {
         struct ds_context *context;
-        unsigned long irq;
         int error;
 
-        error = -EOPNOTSUPP;
-        if (!ds_cfg.sizeof_ds)
-                goto out;
-
         error = -EINVAL;
         if (!base)
                 goto out;
@@ -360,43 +619,26 @@ static int ds_request(struct ds_tracer *tracer, enum ds_qualifier qual,
                 goto out;
         tracer->context = context;
 
+        ds_init_ds_trace(trace, qual, base, size, th, flags);
 
-        spin_lock_irqsave(&ds_lock, irq);
-
-        error = -EPERM;
-        if (!check_tracer(task))
-                goto out_unlock;
-        get_tracer(task);
-
-        error = -EPERM;
-        if (context->owner[qual])
-                goto out_put_tracer;
-        context->owner[qual] = tracer;
-
-        spin_unlock_irqrestore(&ds_lock, irq);
-
-
-        ds_install_ds_config(context, qual, base, size, th);
-
-        return 0;
-
- out_put_tracer:
-        put_tracer(task);
- out_unlock:
-        spin_unlock_irqrestore(&ds_lock, irq);
-        ds_put_context(context);
-        tracer->context = NULL;
+        error = 0;
  out:
         return error;
 }
 
 struct bts_tracer *ds_request_bts(struct task_struct *task,
                                   void *base, size_t size,
-                                  bts_ovfl_callback_t ovfl, size_t th)
+                                  bts_ovfl_callback_t ovfl, size_t th,
+                                  unsigned int flags)
 {
         struct bts_tracer *tracer;
+        unsigned long irq;
         int error;
 
+        error = -EOPNOTSUPP;
+        if (!ds_cfg.ctl[dsf_bts])
+                goto out;
+
         /* buffer overflow notification is not yet implemented */
         error = -EOPNOTSUPP;
         if (ovfl)
@@ -408,12 +650,40 @@ struct bts_tracer *ds_request_bts(struct task_struct *task,
                 goto out;
         tracer->ovfl = ovfl;
 
-        error = ds_request(&tracer->ds, ds_bts, task, base, size, th);
+        error = ds_request(&tracer->ds, &tracer->trace.ds,
+                           ds_bts, task, base, size, th, flags);
         if (error < 0)
                 goto out_tracer;
 
+
+        spin_lock_irqsave(&ds_lock, irq);
+
+        error = -EPERM;
+        if (!check_tracer(task))
+                goto out_unlock;
+        get_tracer(task);
+
+        error = -EPERM;
+        if (tracer->ds.context->bts_master)
+                goto out_put_tracer;
+        tracer->ds.context->bts_master = tracer;
+
+        spin_unlock_irqrestore(&ds_lock, irq);
+
+
+        tracer->trace.read  = bts_read;
+        tracer->trace.write = bts_write;
+
+        ds_write_config(tracer->ds.context, &tracer->trace.ds, ds_bts);
+        ds_resume_bts(tracer);
+
         return tracer;
 
+ out_put_tracer:
+        put_tracer(task);
+ out_unlock:
+        spin_unlock_irqrestore(&ds_lock, irq);
+        ds_put_context(tracer->ds.context);
  out_tracer:
         kfree(tracer);
  out:
@@ -422,9 +692,11 @@ struct bts_tracer *ds_request_bts(struct task_struct *task,
 
 struct pebs_tracer *ds_request_pebs(struct task_struct *task,
                                     void *base, size_t size,
-                                    pebs_ovfl_callback_t ovfl, size_t th)
+                                    pebs_ovfl_callback_t ovfl, size_t th,
+                                    unsigned int flags)
 {
         struct pebs_tracer *tracer;
+        unsigned long irq;
         int error;
 
         /* buffer overflow notification is not yet implemented */
@@ -438,300 +710,171 @@ struct pebs_tracer *ds_request_pebs(struct task_struct *task,
                 goto out;
         tracer->ovfl = ovfl;
 
-        error = ds_request(&tracer->ds, ds_pebs, task, base, size, th);
+        error = ds_request(&tracer->ds, &tracer->trace.ds,
+                           ds_pebs, task, base, size, th, flags);
         if (error < 0)
                 goto out_tracer;
 
+        spin_lock_irqsave(&ds_lock, irq);
+
+        error = -EPERM;
+        if (!check_tracer(task))
+                goto out_unlock;
+        get_tracer(task);
+
+        error = -EPERM;
+        if (tracer->ds.context->pebs_master)
+                goto out_put_tracer;
+        tracer->ds.context->pebs_master = tracer;
+
+        spin_unlock_irqrestore(&ds_lock, irq);
+
+        ds_write_config(tracer->ds.context, &tracer->trace.ds, ds_bts);
+        ds_resume_pebs(tracer);
+
         return tracer;
 
+ out_put_tracer:
+        put_tracer(task);
+ out_unlock:
+        spin_unlock_irqrestore(&ds_lock, irq);
+        ds_put_context(tracer->ds.context);
  out_tracer:
         kfree(tracer);
  out:
         return ERR_PTR(error);
 }
 
-static void ds_release(struct ds_tracer *tracer, enum ds_qualifier qual)
-{
-        BUG_ON(tracer->context->owner[qual] != tracer);
-        tracer->context->owner[qual] = NULL;
-
-        put_tracer(tracer->context->task);
-        ds_put_context(tracer->context);
-}
-
-int ds_release_bts(struct bts_tracer *tracer)
+void ds_release_bts(struct bts_tracer *tracer)
 {
         if (!tracer)
-                return -EINVAL;
+                return;
 
-        ds_release(&tracer->ds, ds_bts);
-        kfree(tracer);
+        ds_suspend_bts(tracer);
 
-        return 0;
-}
+        WARN_ON_ONCE(tracer->ds.context->bts_master != tracer);
+        tracer->ds.context->bts_master = NULL;
 
-int ds_release_pebs(struct pebs_tracer *tracer)
-{
-        if (!tracer)
-                return -EINVAL;
+        put_tracer(tracer->ds.context->task);
+        ds_put_context(tracer->ds.context);
 
-        ds_release(&tracer->ds, ds_pebs);
         kfree(tracer);
-
-        return 0;
 }
 
-static size_t ds_get_index(struct ds_context *context, enum ds_qualifier qual)
+void ds_suspend_bts(struct bts_tracer *tracer)
 {
-        unsigned long base, index;
-
-        base  = ds_get(context->ds, qual, ds_buffer_base);
-        index = ds_get(context->ds, qual, ds_index);
-
-        return (index - base) / ds_cfg.sizeof_rec[qual];
-}
+        struct task_struct *task;
 
-int ds_get_bts_index(struct bts_tracer *tracer, size_t *pos)
-{
         if (!tracer)
-                return -EINVAL;
-
-        if (!pos)
-                return -EINVAL;
-
-        *pos = ds_get_index(tracer->ds.context, ds_bts);
-
-        return 0;
-}
+                return;
 
-int ds_get_pebs_index(struct pebs_tracer *tracer, size_t *pos)
-{
-        if (!tracer)
-                return -EINVAL;
+        task = tracer->ds.context->task;
 
-        if (!pos)
-                return -EINVAL;
+        if (!task || (task == current))
+                update_debugctlmsr(get_debugctlmsr() & ~BTS_CONTROL);
 
-        *pos = ds_get_index(tracer->ds.context, ds_pebs);
+        if (task) {
+                task->thread.debugctlmsr &= ~BTS_CONTROL;
 
-        return 0;
+                if (!task->thread.debugctlmsr)
+                        clear_tsk_thread_flag(task, TIF_DEBUGCTLMSR);
+        }
 }
 
-static size_t ds_get_end(struct ds_context *context, enum ds_qualifier qual)
+void ds_resume_bts(struct bts_tracer *tracer)
 {
-        unsigned long base, max;
+        struct task_struct *task;
+        unsigned long control;
 
-        base = ds_get(context->ds, qual, ds_buffer_base);
-        max  = ds_get(context->ds, qual, ds_absolute_maximum);
-
-        return (max - base) / ds_cfg.sizeof_rec[qual];
-}
-
-int ds_get_bts_end(struct bts_tracer *tracer, size_t *pos)
-{
         if (!tracer)
-                return -EINVAL;
-
-        if (!pos)
-                return -EINVAL;
-
-        *pos = ds_get_end(tracer->ds.context, ds_bts);
-
-        return 0;
-}
-
-int ds_get_pebs_end(struct pebs_tracer *tracer, size_t *pos)
-{
-        if (!tracer)
-                return -EINVAL;
-
-        if (!pos)
-                return -EINVAL;
-
-        *pos = ds_get_end(tracer->ds.context, ds_pebs);
-
-        return 0;
-}
-
-static int ds_access(struct ds_context *context, enum ds_qualifier qual,
-                     size_t index, const void **record)
-{
-        unsigned long base, idx;
-
-        if (!record)
-                return -EINVAL;
-
-        base = ds_get(context->ds, qual, ds_buffer_base);
-        idx = base + (index * ds_cfg.sizeof_rec[qual]);
-
-        if (idx > ds_get(context->ds, qual, ds_absolute_maximum))
-                return -EINVAL;
+                return;
 
-        *record = (const void *)idx;
+        task = tracer->ds.context->task;
 
-        return ds_cfg.sizeof_rec[qual];
-}
+        control = ds_cfg.ctl[dsf_bts];
+        if (!(tracer->trace.ds.flags & BTS_KERNEL))
+                control |= ds_cfg.ctl[dsf_bts_kernel];
+        if (!(tracer->trace.ds.flags & BTS_USER))
+                control |= ds_cfg.ctl[dsf_bts_user];
 
-int ds_access_bts(struct bts_tracer *tracer, size_t index,
-                  const void **record)
-{
-        if (!tracer)
-                return -EINVAL;
+        if (task) {
+                task->thread.debugctlmsr |= control;
+                set_tsk_thread_flag(task, TIF_DEBUGCTLMSR);
+        }
 
-        return ds_access(tracer->ds.context, ds_bts, index, record);
+        if (!task || (task == current))
+                update_debugctlmsr(get_debugctlmsr() | control);
 }
 
-int ds_access_pebs(struct pebs_tracer *tracer, size_t index,
-                   const void **record)
+void ds_release_pebs(struct pebs_tracer *tracer)
 {
         if (!tracer)
-                return -EINVAL;
-
-        return ds_access(tracer->ds.context, ds_pebs, index, record);
-}
-
-static int ds_write(struct ds_context *context, enum ds_qualifier qual,
-                    const void *record, size_t size)
-{
-        int bytes_written = 0;
-
-        if (!record)
-                return -EINVAL;
-
-        while (size) {
-                unsigned long base, index, end, write_end, int_th;
-                unsigned long write_size, adj_write_size;
-
-                /*
-                 * write as much as possible without producing an
-                 * overflow interrupt.
-                 *
-                 * interrupt_threshold must either be
-                 * - bigger than absolute_maximum or
-                 * - point to a record between buffer_base and absolute_maximum
-                 *
-                 * index points to a valid record.
-                 */
-                base   = ds_get(context->ds, qual, ds_buffer_base);
-                index  = ds_get(context->ds, qual, ds_index);
-                end    = ds_get(context->ds, qual, ds_absolute_maximum);
-                int_th = ds_get(context->ds, qual, ds_interrupt_threshold);
-
-                write_end = min(end, int_th);
-
-                /* if we are already beyond the interrupt threshold,
-                 * we fill the entire buffer */
-                if (write_end <= index)
-                        write_end = end;
-
-                if (write_end <= index)
-                        break;
-
-                write_size = min((unsigned long) size, write_end - index);
-                memcpy((void *)index, record, write_size);
-
-                record = (const char *)record + write_size;
-                size -= write_size;
-                bytes_written += write_size;
-
-                adj_write_size = write_size / ds_cfg.sizeof_rec[qual];
-                adj_write_size *= ds_cfg.sizeof_rec[qual];
-
-                /* zero out trailing bytes */
-                memset((char *)index + write_size, 0,
-                       adj_write_size - write_size);
-                index += adj_write_size;
-
-                if (index >= end)
-                        index = base;
-                ds_set(context->ds, qual, ds_index, index);
+                return;
 
-                if (index >= int_th)
-                        ds_overflow(context, qual);
-        }
+        ds_suspend_pebs(tracer);
 
-        return bytes_written;
-}
+        WARN_ON_ONCE(tracer->ds.context->pebs_master != tracer);
+        tracer->ds.context->pebs_master = NULL;
 
-int ds_write_bts(struct bts_tracer *tracer, const void *record, size_t size)
-{
-        if (!tracer)
-                return -EINVAL;
+        put_tracer(tracer->ds.context->task);
+        ds_put_context(tracer->ds.context);
 
-        return ds_write(tracer->ds.context, ds_bts, record, size);
+        kfree(tracer);
 }
 
-int ds_write_pebs(struct pebs_tracer *tracer, const void *record, size_t size)
+void ds_suspend_pebs(struct pebs_tracer *tracer)
 {
-        if (!tracer)
-                return -EINVAL;
 
-        return ds_write(tracer->ds.context, ds_pebs, record, size);
 }
 
-static void ds_reset_or_clear(struct ds_context *context,
-                              enum ds_qualifier qual, int clear)
+void ds_resume_pebs(struct pebs_tracer *tracer)
 {
-        unsigned long base, end;
-
-        base = ds_get(context->ds, qual, ds_buffer_base);
-        end  = ds_get(context->ds, qual, ds_absolute_maximum);
 
-        if (clear)
-                memset((void *)base, 0, end - base);
-
-        ds_set(context->ds, qual, ds_index, base);
 }
 
-int ds_reset_bts(struct bts_tracer *tracer)
+const struct bts_trace *ds_read_bts(struct bts_tracer *tracer)
 {
         if (!tracer)
-                return -EINVAL;
+                return NULL;
 
-        ds_reset_or_clear(tracer->ds.context, ds_bts, /* clear = */ 0);
-
-        return 0;
+        ds_read_config(tracer->ds.context, &tracer->trace.ds, ds_bts);
+        return &tracer->trace;
 }
 
-int ds_reset_pebs(struct pebs_tracer *tracer)
+const struct pebs_trace *ds_read_pebs(struct pebs_tracer *tracer)
 {
         if (!tracer)
-                return -EINVAL;
+                return NULL;
 
-        ds_reset_or_clear(tracer->ds.context, ds_pebs, /* clear = */ 0);
+        ds_read_config(tracer->ds.context, &tracer->trace.ds, ds_pebs);
+        tracer->trace.reset_value =
+                *(u64 *)(tracer->ds.context->ds + (ds_cfg.sizeof_field * 8));
 
-        return 0;
+        return &tracer->trace;
 }
 
-int ds_clear_bts(struct bts_tracer *tracer)
+int ds_reset_bts(struct bts_tracer *tracer)
 {
         if (!tracer)
                 return -EINVAL;
 
-        ds_reset_or_clear(tracer->ds.context, ds_bts, /* clear = */ 1);
-
-        return 0;
-}
-
-int ds_clear_pebs(struct pebs_tracer *tracer)
-{
-        if (!tracer)
-                return -EINVAL;
+        tracer->trace.ds.top = tracer->trace.ds.begin;
 
-        ds_reset_or_clear(tracer->ds.context, ds_pebs, /* clear = */ 1);
+        ds_set(tracer->ds.context->ds, ds_bts, ds_index,
+               (unsigned long)tracer->trace.ds.top);
 
         return 0;
 }
 
-int ds_get_pebs_reset(struct pebs_tracer *tracer, u64 *value)
+int ds_reset_pebs(struct pebs_tracer *tracer)
 {
         if (!tracer)
                 return -EINVAL;
 
-        if (!value)
-                return -EINVAL;
+        tracer->trace.ds.top = tracer->trace.ds.begin;
 
-        *value = *(u64 *)(tracer->ds.context->ds + (ds_cfg.sizeof_field * 8));
+        ds_set(tracer->ds.context->ds, ds_bts, ds_index,
+               (unsigned long)tracer->trace.ds.top);
 
         return 0;
 }
@@ -746,35 +889,59 @@ int ds_set_pebs_reset(struct pebs_tracer *tracer, u64 value)
         return 0;
 }
 
-static const struct ds_configuration ds_cfg_var = {
-        .sizeof_ds    = sizeof(long) * 12,
-        .sizeof_field = sizeof(long),
-        .sizeof_rec[ds_bts]   = sizeof(long) * 3,
+static const struct ds_configuration ds_cfg_netburst = {
+        .name = "netburst",
+        .ctl[dsf_bts]           = (1 << 2) | (1 << 3),
+        .ctl[dsf_bts_kernel]    = (1 << 5),
+        .ctl[dsf_bts_user]      = (1 << 6),
+
+        .sizeof_field           = sizeof(long),
+        .sizeof_rec[ds_bts]     = sizeof(long) * 3,
 #ifdef __i386__
-        .sizeof_rec[ds_pebs]  = sizeof(long) * 10
+        .sizeof_rec[ds_pebs]    = sizeof(long) * 10,
 #else
-        .sizeof_rec[ds_pebs]  = sizeof(long) * 18
+        .sizeof_rec[ds_pebs]    = sizeof(long) * 18,
 #endif
 };
-static const struct ds_configuration ds_cfg_64 = {
-        .sizeof_ds    = 8 * 12,
-        .sizeof_field = 8,
-        .sizeof_rec[ds_bts]   = 8 * 3,
+static const struct ds_configuration ds_cfg_pentium_m = {
+        .name = "pentium m",
+        .ctl[dsf_bts]           = (1 << 6) | (1 << 7),
+
+        .sizeof_field           = sizeof(long),
+        .sizeof_rec[ds_bts]     = sizeof(long) * 3,
 #ifdef __i386__
-        .sizeof_rec[ds_pebs]  = 8 * 10
+        .sizeof_rec[ds_pebs]    = sizeof(long) * 10,
 #else
-        .sizeof_rec[ds_pebs]  = 8 * 18
+        .sizeof_rec[ds_pebs]    = sizeof(long) * 18,
 #endif
 };
+static const struct ds_configuration ds_cfg_core2 = {
+        .name = "core 2",
+        .ctl[dsf_bts]           = (1 << 6) | (1 << 7),
+        .ctl[dsf_bts_kernel]    = (1 << 9),
+        .ctl[dsf_bts_user]      = (1 << 10),
+
+        .sizeof_field           = 8,
+        .sizeof_rec[ds_bts]     = 8 * 3,
+        .sizeof_rec[ds_pebs]    = 8 * 18,
+};
 
-static inline void
+static void
 ds_configure(const struct ds_configuration *cfg)
 {
+        memset(&ds_cfg, 0, sizeof(ds_cfg));
         ds_cfg = *cfg;
 
-        printk(KERN_INFO "DS available\n");
+        printk(KERN_INFO "[ds] using %s configuration\n", ds_cfg.name);
+
+        if (!cpu_has_bts) {
+                ds_cfg.ctl[dsf_bts] = 0;
+                printk(KERN_INFO "[ds] bts not available\n");
+        }
+        if (!cpu_has_pebs)
+                printk(KERN_INFO "[ds] pebs not available\n");
 
-        BUG_ON(MAX_SIZEOF_DS < ds_cfg.sizeof_ds);
+        WARN_ON_ONCE(MAX_SIZEOF_DS < (12 * ds_cfg.sizeof_field));
 }
 
 void __cpuinit ds_init_intel(struct cpuinfo_x86 *c)
@@ -787,10 +954,10 @@ void __cpuinit ds_init_intel(struct cpuinfo_x86 *c)
                         break;
                 case 0xD:
                 case 0xE: /* Pentium M */
-                        ds_configure(&ds_cfg_var);
+                        ds_configure(&ds_cfg_pentium_m);
                         break;
                 default: /* Core2, Atom, ... */
-                        ds_configure(&ds_cfg_64);
+                        ds_configure(&ds_cfg_core2);
                         break;
                 }
                 break;
@@ -799,7 +966,7 @@ void __cpuinit ds_init_intel(struct cpuinfo_x86 *c)
                 case 0x0:
                 case 0x1:
                 case 0x2: /* Netburst */
-                        ds_configure(&ds_cfg_var);
+                        ds_configure(&ds_cfg_netburst);
                         break;
                 default:
                         /* sorry, don't know about them */
@@ -812,14 +979,52 @@ void __cpuinit ds_init_intel(struct cpuinfo_x86 *c)
         }
 }
 
-void ds_free(struct ds_context *context)
+/*
+ * Change the DS configuration from tracing prev to tracing next.
+ */
+void ds_switch_to(struct task_struct *prev, struct task_struct *next)
 {
-        /* This is called when the task owning the parameter context
-         * is dying. There should not be any user of that context left
-         * to disturb us, anymore. */
-        unsigned long leftovers = context->count;
-        while (leftovers--) {
-                put_tracer(context->task);
-                ds_put_context(context);
+        struct ds_context *prev_ctx = prev->thread.ds_ctx;
+        struct ds_context *next_ctx = next->thread.ds_ctx;
+
+        if (prev_ctx) {
+                update_debugctlmsr(0);
+
+                if (prev_ctx->bts_master &&
+                    (prev_ctx->bts_master->trace.ds.flags & BTS_TIMESTAMPS)) {
+                        struct bts_struct ts = {
+                                .qualifier = bts_task_departs,
+                                .variant.timestamp.jiffies = jiffies_64,
+                                .variant.timestamp.pid = prev->pid
+                        };
+                        bts_write(prev_ctx->bts_master, &ts);
+                }
+        }
+
+        if (next_ctx) {
+                if (next_ctx->bts_master &&
+                    (next_ctx->bts_master->trace.ds.flags & BTS_TIMESTAMPS)) {
+                        struct bts_struct ts = {
+                                .qualifier = bts_task_arrives,
+                                .variant.timestamp.jiffies = jiffies_64,
+                                .variant.timestamp.pid = next->pid
+                        };
+                        bts_write(next_ctx->bts_master, &ts);
+                }
+
+                wrmsrl(MSR_IA32_DS_AREA, (unsigned long)next_ctx->ds);
         }
+
+        update_debugctlmsr(next->thread.debugctlmsr);
+}
+
+void ds_copy_thread(struct task_struct *tsk, struct task_struct *father)
+{
+        clear_tsk_thread_flag(tsk, TIF_DS_AREA_MSR);
+        tsk->thread.ds_ctx = NULL;
+}
+
+void ds_exit_thread(struct task_struct *tsk)
+{
+        WARN_ON(tsk->thread.ds_ctx);
 }
diff --git a/arch/x86/kernel/e820.c b/arch/x86/kernel/e820.c
index 7aafeb5263ef..65a13943e098 100644
--- a/arch/x86/kernel/e820.c
+++ b/arch/x86/kernel/e820.c
@@ -677,22 +677,6 @@ struct early_res {
 };
 static struct early_res early_res[MAX_EARLY_RES] __initdata = {
         { 0, PAGE_SIZE, "BIOS data page" },     /* BIOS data page */
-#if defined(CONFIG_X86_64) && defined(CONFIG_X86_TRAMPOLINE)
-        { TRAMPOLINE_BASE, TRAMPOLINE_BASE + 2 * PAGE_SIZE, "TRAMPOLINE" },
-#endif
-#if defined(CONFIG_X86_32) && defined(CONFIG_SMP)
-        /*
-         * But first pinch a few for the stack/trampoline stuff
-         * FIXME: Don't need the extra page at 4K, but need to fix
-         * trampoline before removing it. (see the GDT stuff)
-         */
-        { PAGE_SIZE, PAGE_SIZE + PAGE_SIZE, "EX TRAMPOLINE" },
-        /*
-         * Has to be in very low memory so we can execute
-         * real-mode AP code.
-         */
-        { TRAMPOLINE_BASE, TRAMPOLINE_BASE + PAGE_SIZE, "TRAMPOLINE" },
-#endif
         {}
 };
 
diff --git a/arch/x86/kernel/early-quirks.c b/arch/x86/kernel/early-quirks.c
index 1b894b72c0f5..744aa7fc49d5 100644
--- a/arch/x86/kernel/early-quirks.c
+++ b/arch/x86/kernel/early-quirks.c
@@ -17,6 +17,7 @@
 #include <asm/io_apic.h>
 #include <asm/apic.h>
 #include <asm/iommu.h>
+#include <asm/gart.h>
 
 static void __init fix_hypertransport_config(int num, int slot, int func)
 {
diff --git a/arch/x86/kernel/early_printk.c b/arch/x86/kernel/early_printk.c
index 34ad997d3834..23b138e31e9c 100644
--- a/arch/x86/kernel/early_printk.c
+++ b/arch/x86/kernel/early_printk.c
@@ -875,49 +875,6 @@ static struct console early_dbgp_console = {
 };
 #endif
 
-/* Console interface to a host file on AMD's SimNow! */
-
-static int simnow_fd;
-
-enum {
-        MAGIC1 = 0xBACCD00A,
-        MAGIC2 = 0xCA110000,
-        XOPEN = 5,
-        XWRITE = 4,
-};
-
-static noinline long simnow(long cmd, long a, long b, long c)
-{
-        long ret;
-
-        asm volatile("cpuid" :
-                     "=a" (ret) :
-                     "b" (a), "c" (b), "d" (c), "0" (MAGIC1), "D" (cmd + MAGIC2));
-        return ret;
-}
-
-static void __init simnow_init(char *str)
-{
-        char *fn = "klog";
-
-        if (*str == '=')
-                fn = ++str;
-        /* error ignored */
-        simnow_fd = simnow(XOPEN, (unsigned long)fn, O_WRONLY|O_APPEND|O_CREAT, 0644);
-}
-
-static void simnow_write(struct console *con, const char *s, unsigned n)
-{
-        simnow(XWRITE, simnow_fd, (unsigned long)s, n);
-}
-
-static struct console simnow_console = {
-        .name =         "simnow",
-        .write =        simnow_write,
-        .flags =        CON_PRINTBUFFER,
-        .index =        -1,
-};
-
 /* Direct interface for emergencies */
 static struct console *early_console = &early_vga_console;
 static int __initdata early_console_initialized;
@@ -960,10 +917,6 @@ static int __init setup_early_printk(char *buf)
                 max_ypos = boot_params.screen_info.orig_video_lines;
                 current_ypos = boot_params.screen_info.orig_y;
                 early_console = &early_vga_console;
-        } else if (!strncmp(buf, "simnow", 6)) {
-                simnow_init(buf + 6);
-                early_console = &simnow_console;
-                keep_early = 1;
 #ifdef CONFIG_EARLY_PRINTK_DBGP
         } else if (!strncmp(buf, "dbgp", 4)) {
                 if (early_dbgp_init(buf+4) < 0)
diff --git a/arch/x86/kernel/entry_32.S b/arch/x86/kernel/entry_32.S
index 43ceb3f454bf..d6f0490a7391 100644
--- a/arch/x86/kernel/entry_32.S
+++ b/arch/x86/kernel/entry_32.S
@@ -619,28 +619,37 @@ END(syscall_badsys)
 27:;
 
 /*
- * Build the entry stubs and pointer table with
- * some assembler magic.
+ * Build the entry stubs and pointer table with some assembler magic.
+ * We pack 7 stubs into a single 32-byte chunk, which will fit in a
+ * single cache line on all modern x86 implementations.
  */
-.section .rodata,"a"
+.section .init.rodata,"a"
 ENTRY(interrupt)
 .text
-
+        .p2align 5
+        .p2align CONFIG_X86_L1_CACHE_SHIFT
 ENTRY(irq_entries_start)
         RING0_INT_FRAME
-vector=0
-.rept NR_VECTORS
-        ALIGN
- .if vector
+vector=FIRST_EXTERNAL_VECTOR
+.rept (NR_VECTORS-FIRST_EXTERNAL_VECTOR+6)/7
+        .balign 32
+  .rept 7
+    .if vector < NR_VECTORS
+      .if vector <> FIRST_EXTERNAL_VECTOR
         CFI_ADJUST_CFA_OFFSET -4
- .endif
-1:      pushl $~(vector)
+      .endif
+1:      pushl $(~vector+0x80)   /* Note: always in signed byte range */
         CFI_ADJUST_CFA_OFFSET 4
-        jmp common_interrupt
- .previous
+      .if ((vector-FIRST_EXTERNAL_VECTOR)%7) <> 6
+        jmp 2f
+      .endif
+      .previous
         .long 1b
- .text
+      .text
 vector=vector+1
+    .endif
+  .endr
+2:      jmp common_interrupt
 .endr
 END(irq_entries_start)
 
@@ -652,8 +661,9 @@ END(interrupt)
  * the CPU automatically disables interrupts when executing an IRQ vector,
  * so IRQ-flags tracing has to follow that:
  */
-        ALIGN
+        .p2align CONFIG_X86_L1_CACHE_SHIFT
 common_interrupt:
+        addl $-0x80,(%esp)      /* Adjust vector into the [-256,-1] range */
         SAVE_ALL
         TRACE_IRQS_OFF
         movl %esp,%eax
@@ -678,65 +688,6 @@ ENDPROC(name)
 /* The include is where all of the SMP etc. interrupts come from */
 #include "entry_arch.h"
 
-KPROBE_ENTRY(page_fault)
-        RING0_EC_FRAME
-        pushl $do_page_fault
-        CFI_ADJUST_CFA_OFFSET 4
-        ALIGN
-error_code:
-        /* the function address is in %fs's slot on the stack */
-        pushl %es
-        CFI_ADJUST_CFA_OFFSET 4
-        /*CFI_REL_OFFSET es, 0*/
-        pushl %ds
-        CFI_ADJUST_CFA_OFFSET 4
-        /*CFI_REL_OFFSET ds, 0*/
-        pushl %eax
-        CFI_ADJUST_CFA_OFFSET 4
-        CFI_REL_OFFSET eax, 0
-        pushl %ebp
-        CFI_ADJUST_CFA_OFFSET 4
-        CFI_REL_OFFSET ebp, 0
-        pushl %edi
-        CFI_ADJUST_CFA_OFFSET 4
-        CFI_REL_OFFSET edi, 0
-        pushl %esi
-        CFI_ADJUST_CFA_OFFSET 4
-        CFI_REL_OFFSET esi, 0
-        pushl %edx
-        CFI_ADJUST_CFA_OFFSET 4
-        CFI_REL_OFFSET edx, 0
-        pushl %ecx
-        CFI_ADJUST_CFA_OFFSET 4
-        CFI_REL_OFFSET ecx, 0
-        pushl %ebx
-        CFI_ADJUST_CFA_OFFSET 4
-        CFI_REL_OFFSET ebx, 0
-        cld
-        pushl %fs
-        CFI_ADJUST_CFA_OFFSET 4
-        /*CFI_REL_OFFSET fs, 0*/
-        movl $(__KERNEL_PERCPU), %ecx
-        movl %ecx, %fs
-        UNWIND_ESPFIX_STACK
-        popl %ecx
-        CFI_ADJUST_CFA_OFFSET -4
-        /*CFI_REGISTER es, ecx*/
-        movl PT_FS(%esp), %edi          # get the function address
-        movl PT_ORIG_EAX(%esp), %edx    # get the error code
-        movl $-1, PT_ORIG_EAX(%esp)     # no syscall to restart
-        mov  %ecx, PT_FS(%esp)
-        /*CFI_REL_OFFSET fs, ES*/
-        movl $(__USER_DS), %ecx
-        movl %ecx, %ds
-        movl %ecx, %es
-        TRACE_IRQS_OFF
-        movl %esp,%eax                  # pt_regs pointer
-        call *%edi
-        jmp ret_from_exception
-        CFI_ENDPROC
-KPROBE_END(page_fault)
-
 ENTRY(coprocessor_error)
         RING0_INT_FRAME
         pushl $0
@@ -767,140 +718,6 @@ ENTRY(device_not_available)
         CFI_ENDPROC
 END(device_not_available)
 
-/*
- * Debug traps and NMI can happen at the one SYSENTER instruction
- * that sets up the real kernel stack. Check here, since we can't
- * allow the wrong stack to be used.
- *
- * "TSS_sysenter_sp0+12" is because the NMI/debug handler will have
- * already pushed 3 words if it hits on the sysenter instruction:
- * eflags, cs and eip.
- *
- * We just load the right stack, and push the three (known) values
- * by hand onto the new stack - while updating the return eip past
- * the instruction that would have done it for sysenter.
- */
-#define FIX_STACK(offset, ok, label)            \
-        cmpw $__KERNEL_CS,4(%esp);              \
-        jne ok;                                 \
-label:                                          \
-        movl TSS_sysenter_sp0+offset(%esp),%esp;        \
-        CFI_DEF_CFA esp, 0;                     \
-        CFI_UNDEFINED eip;                      \
-        pushfl;                                 \
-        CFI_ADJUST_CFA_OFFSET 4;                \
-        pushl $__KERNEL_CS;                     \
-        CFI_ADJUST_CFA_OFFSET 4;                \
-        pushl $sysenter_past_esp;               \
-        CFI_ADJUST_CFA_OFFSET 4;                \
-        CFI_REL_OFFSET eip, 0
-
-KPROBE_ENTRY(debug)
-        RING0_INT_FRAME
-        cmpl $ia32_sysenter_target,(%esp)
-        jne debug_stack_correct
-        FIX_STACK(12, debug_stack_correct, debug_esp_fix_insn)
-debug_stack_correct:
-        pushl $-1                       # mark this as an int
-        CFI_ADJUST_CFA_OFFSET 4
-        SAVE_ALL
-        TRACE_IRQS_OFF
-        xorl %edx,%edx                  # error code 0
-        movl %esp,%eax                  # pt_regs pointer
-        call do_debug
-        jmp ret_from_exception
-        CFI_ENDPROC
-KPROBE_END(debug)
-
-/*
- * NMI is doubly nasty. It can happen _while_ we're handling
- * a debug fault, and the debug fault hasn't yet been able to
- * clear up the stack. So we first check whether we got  an
- * NMI on the sysenter entry path, but after that we need to
- * check whether we got an NMI on the debug path where the debug
- * fault happened on the sysenter path.
- */
-KPROBE_ENTRY(nmi)
-        RING0_INT_FRAME
-        pushl %eax
-        CFI_ADJUST_CFA_OFFSET 4
-        movl %ss, %eax
-        cmpw $__ESPFIX_SS, %ax
-        popl %eax
-        CFI_ADJUST_CFA_OFFSET -4
-        je nmi_espfix_stack
-        cmpl $ia32_sysenter_target,(%esp)
-        je nmi_stack_fixup
-        pushl %eax
-        CFI_ADJUST_CFA_OFFSET 4
-        movl %esp,%eax
-        /* Do not access memory above the end of our stack page,
-         * it might not exist.
-         */
-        andl $(THREAD_SIZE-1),%eax
-        cmpl $(THREAD_SIZE-20),%eax
-        popl %eax
-        CFI_ADJUST_CFA_OFFSET -4
-        jae nmi_stack_correct
-        cmpl $ia32_sysenter_target,12(%esp)
-        je nmi_debug_stack_check
-nmi_stack_correct:
-        /* We have a RING0_INT_FRAME here */
-        pushl %eax
-        CFI_ADJUST_CFA_OFFSET 4
-        SAVE_ALL
-        TRACE_IRQS_OFF
-        xorl %edx,%edx          # zero error code
-        movl %esp,%eax          # pt_regs pointer
-        call do_nmi
-        jmp restore_nocheck_notrace
-        CFI_ENDPROC
-
-nmi_stack_fixup:
-        RING0_INT_FRAME
-        FIX_STACK(12,nmi_stack_correct, 1)
-        jmp nmi_stack_correct
-
-nmi_debug_stack_check:
-        /* We have a RING0_INT_FRAME here */
-        cmpw $__KERNEL_CS,16(%esp)
-        jne nmi_stack_correct
-        cmpl $debug,(%esp)
-        jb nmi_stack_correct
-        cmpl $debug_esp_fix_insn,(%esp)
-        ja nmi_stack_correct
-        FIX_STACK(24,nmi_stack_correct, 1)
-        jmp nmi_stack_correct
-
-nmi_espfix_stack:
-        /* We have a RING0_INT_FRAME here.
-         *
-         * create the pointer to lss back
-         */
-        pushl %ss
-        CFI_ADJUST_CFA_OFFSET 4
-        pushl %esp
-        CFI_ADJUST_CFA_OFFSET 4
-        addw $4, (%esp)
-        /* copy the iret frame of 12 bytes */
-        .rept 3
-        pushl 16(%esp)
-        CFI_ADJUST_CFA_OFFSET 4
-        .endr
-        pushl %eax
-        CFI_ADJUST_CFA_OFFSET 4
-        SAVE_ALL
-        TRACE_IRQS_OFF
-        FIXUP_ESPFIX_STACK              # %eax == %esp
-        xorl %edx,%edx                  # zero error code
-        call do_nmi
-        RESTORE_REGS
-        lss 12+4(%esp), %esp            # back to espfix stack
-        CFI_ADJUST_CFA_OFFSET -24
-        jmp irq_return
-        CFI_ENDPROC
-KPROBE_END(nmi)
-
 #ifdef CONFIG_PARAVIRT
 ENTRY(native_iret)
         iret
@@ -916,19 +733,6 @@ ENTRY(native_irq_enable_sysexit)
 END(native_irq_enable_sysexit)
 #endif
 
-KPROBE_ENTRY(int3)
-        RING0_INT_FRAME
-        pushl $-1                       # mark this as an int
-        CFI_ADJUST_CFA_OFFSET 4
-        SAVE_ALL
-        TRACE_IRQS_OFF
-        xorl %edx,%edx          # zero error code
-        movl %esp,%eax          # pt_regs pointer
-        call do_int3
-        jmp ret_from_exception
-        CFI_ENDPROC
-KPROBE_END(int3)
-
 ENTRY(overflow)
         RING0_INT_FRAME
         pushl $0
@@ -993,14 +797,6 @@ ENTRY(stack_segment)
         CFI_ENDPROC
 END(stack_segment)
 
-KPROBE_ENTRY(general_protection)
-        RING0_EC_FRAME
-        pushl $do_general_protection
-        CFI_ADJUST_CFA_OFFSET 4
-        jmp error_code
-        CFI_ENDPROC
-KPROBE_END(general_protection)
-
 ENTRY(alignment_check)
         RING0_EC_FRAME
         pushl $do_alignment_check
@@ -1051,6 +847,7 @@ ENTRY(kernel_thread_helper)
         push %eax
         CFI_ADJUST_CFA_OFFSET 4
         call do_exit
+        ud2                     # padding for call trace
         CFI_ENDPROC
 ENDPROC(kernel_thread_helper)
 
@@ -1259,3 +1056,227 @@ return_to_handler:
 #include "syscall_table_32.S"
 
 syscall_table_size=(.-sys_call_table)
+
+/*
+ * Some functions should be protected against kprobes
+ */
+        .pushsection .kprobes.text, "ax"
+
+ENTRY(page_fault)
+        RING0_EC_FRAME
+        pushl $do_page_fault
+        CFI_ADJUST_CFA_OFFSET 4
+        ALIGN
+error_code:
+        /* the function address is in %fs's slot on the stack */
+        pushl %es
+        CFI_ADJUST_CFA_OFFSET 4
+        /*CFI_REL_OFFSET es, 0*/
+        pushl %ds
+        CFI_ADJUST_CFA_OFFSET 4
+        /*CFI_REL_OFFSET ds, 0*/
+        pushl %eax
+        CFI_ADJUST_CFA_OFFSET 4
+        CFI_REL_OFFSET eax, 0
+        pushl %ebp
+        CFI_ADJUST_CFA_OFFSET 4
+        CFI_REL_OFFSET ebp, 0
+        pushl %edi
+        CFI_ADJUST_CFA_OFFSET 4
+        CFI_REL_OFFSET edi, 0
+        pushl %esi
+        CFI_ADJUST_CFA_OFFSET 4
+        CFI_REL_OFFSET esi, 0
+        pushl %edx
+        CFI_ADJUST_CFA_OFFSET 4
+        CFI_REL_OFFSET edx, 0
+        pushl %ecx
+        CFI_ADJUST_CFA_OFFSET 4
+        CFI_REL_OFFSET ecx, 0
+        pushl %ebx
+        CFI_ADJUST_CFA_OFFSET 4
+        CFI_REL_OFFSET ebx, 0
+        cld
+        pushl %fs
+        CFI_ADJUST_CFA_OFFSET 4
+        /*CFI_REL_OFFSET fs, 0*/
+        movl $(__KERNEL_PERCPU), %ecx
+        movl %ecx, %fs
+        UNWIND_ESPFIX_STACK
+        popl %ecx
+        CFI_ADJUST_CFA_OFFSET -4
+        /*CFI_REGISTER es, ecx*/
+        movl PT_FS(%esp), %edi          # get the function address
+        movl PT_ORIG_EAX(%esp), %edx    # get the error code
+        movl $-1, PT_ORIG_EAX(%esp)     # no syscall to restart
+        mov  %ecx, PT_FS(%esp)
+        /*CFI_REL_OFFSET fs, ES*/
+        movl $(__USER_DS), %ecx
+        movl %ecx, %ds
+        movl %ecx, %es
+        TRACE_IRQS_OFF
+        movl %esp,%eax                  # pt_regs pointer
+        call *%edi
+        jmp ret_from_exception
+        CFI_ENDPROC
+END(page_fault)
+
+/*
+ * Debug traps and NMI can happen at the one SYSENTER instruction
+ * that sets up the real kernel stack. Check here, since we can't
+ * allow the wrong stack to be used.
+ *
+ * "TSS_sysenter_sp0+12" is because the NMI/debug handler will have
+ * already pushed 3 words if it hits on the sysenter instruction:
+ * eflags, cs and eip.
+ *
+ * We just load the right stack, and push the three (known) values
+ * by hand onto the new stack - while updating the return eip past
+ * the instruction that would have done it for sysenter.
+ */
+#define FIX_STACK(offset, ok, label)            \
+        cmpw $__KERNEL_CS,4(%esp);              \
+        jne ok;                                 \
+label:                                          \
+        movl TSS_sysenter_sp0+offset(%esp),%esp;        \
+        CFI_DEF_CFA esp, 0;                     \
+        CFI_UNDEFINED eip;                      \
+        pushfl;                                 \
+        CFI_ADJUST_CFA_OFFSET 4;                \
+        pushl $__KERNEL_CS;                     \
+        CFI_ADJUST_CFA_OFFSET 4;                \
+        pushl $sysenter_past_esp;               \
+        CFI_ADJUST_CFA_OFFSET 4;                \
+        CFI_REL_OFFSET eip, 0
+
+ENTRY(debug)
+        RING0_INT_FRAME
+        cmpl $ia32_sysenter_target,(%esp)
+        jne debug_stack_correct
+        FIX_STACK(12, debug_stack_correct, debug_esp_fix_insn)
+debug_stack_correct:
+        pushl $-1                       # mark this as an int
+        CFI_ADJUST_CFA_OFFSET 4
+        SAVE_ALL
+        TRACE_IRQS_OFF
+        xorl %edx,%edx                  # error code 0
+        movl %esp,%eax                  # pt_regs pointer
+        call do_debug
+        jmp ret_from_exception
+        CFI_ENDPROC
+END(debug)
+
+/*
+ * NMI is doubly nasty. It can happen _while_ we're handling
+ * a debug fault, and the debug fault hasn't yet been able to
+ * clear up the stack. So we first check whether we got  an
+ * NMI on the sysenter entry path, but after that we need to
+ * check whether we got an NMI on the debug path where the debug
+ * fault happened on the sysenter path.
+ */
+ENTRY(nmi)
+        RING0_INT_FRAME
+        pushl %eax
+        CFI_ADJUST_CFA_OFFSET 4
+        movl %ss, %eax
+        cmpw $__ESPFIX_SS, %ax
+        popl %eax
+        CFI_ADJUST_CFA_OFFSET -4
+        je nmi_espfix_stack
+        cmpl $ia32_sysenter_target,(%esp)
+        je nmi_stack_fixup
+        pushl %eax
+        CFI_ADJUST_CFA_OFFSET 4
+        movl %esp,%eax
+        /* Do not access memory above the end of our stack page,
+         * it might not exist.
+         */
+        andl $(THREAD_SIZE-1),%eax
+        cmpl $(THREAD_SIZE-20),%eax
+        popl %eax
+        CFI_ADJUST_CFA_OFFSET -4
+        jae nmi_stack_correct
+        cmpl $ia32_sysenter_target,12(%esp)
+        je nmi_debug_stack_check
+nmi_stack_correct:
+        /* We have a RING0_INT_FRAME here */
+        pushl %eax
+        CFI_ADJUST_CFA_OFFSET 4
+        SAVE_ALL
+        TRACE_IRQS_OFF
+        xorl %edx,%edx          # zero error code
+        movl %esp,%eax          # pt_regs pointer
+        call do_nmi
+        jmp restore_nocheck_notrace
+        CFI_ENDPROC
+
+nmi_stack_fixup:
+        RING0_INT_FRAME
+        FIX_STACK(12,nmi_stack_correct, 1)
+        jmp nmi_stack_correct
+
+nmi_debug_stack_check:
+        /* We have a RING0_INT_FRAME here */
+        cmpw $__KERNEL_CS,16(%esp)
+        jne nmi_stack_correct
+        cmpl $debug,(%esp)
+        jb nmi_stack_correct
+        cmpl $debug_esp_fix_insn,(%esp)
+        ja nmi_stack_correct
+        FIX_STACK(24,nmi_stack_correct, 1)
+        jmp nmi_stack_correct
+
+nmi_espfix_stack:
+        /* We have a RING0_INT_FRAME here.
+         *
+         * create the pointer to lss back
+         */
+        pushl %ss
+        CFI_ADJUST_CFA_OFFSET 4
+        pushl %esp
+        CFI_ADJUST_CFA_OFFSET 4
+        addw $4, (%esp)
+        /* copy the iret frame of 12 bytes */
+        .rept 3
+        pushl 16(%esp)
+        CFI_ADJUST_CFA_OFFSET 4
+        .endr
+        pushl %eax
+        CFI_ADJUST_CFA_OFFSET 4
+        SAVE_ALL
+        TRACE_IRQS_OFF
+        FIXUP_ESPFIX_STACK              # %eax == %esp
+        xorl %edx,%edx                  # zero error code
+        call do_nmi
+        RESTORE_REGS
+        lss 12+4(%esp), %esp            # back to espfix stack
+        CFI_ADJUST_CFA_OFFSET -24
+        jmp irq_return
+        CFI_ENDPROC
+END(nmi)
+
+ENTRY(int3)
+        RING0_INT_FRAME
+        pushl $-1                       # mark this as an int
+        CFI_ADJUST_CFA_OFFSET 4
+        SAVE_ALL
+        TRACE_IRQS_OFF
+        xorl %edx,%edx          # zero error code
+        movl %esp,%eax          # pt_regs pointer
+        call do_int3
+        jmp ret_from_exception
+        CFI_ENDPROC
+END(int3)
+
+ENTRY(general_protection)
+        RING0_EC_FRAME
+        pushl $do_general_protection
+        CFI_ADJUST_CFA_OFFSET 4
+        jmp error_code
+        CFI_ENDPROC
+END(general_protection)
+
+/*
+ * End of kprobes section
+ */
+        .popsection
diff --git a/arch/x86/kernel/entry_64.S b/arch/x86/kernel/entry_64.S
index 54e0bbdccb99..e28c7a987793 100644
--- a/arch/x86/kernel/entry_64.S
+++ b/arch/x86/kernel/entry_64.S
@@ -11,15 +11,15 @@
  *
  * NOTE: This code handles signal-recognition, which happens every time
  * after an interrupt and after each system call.
- * 
- * Normal syscalls and interrupts don't save a full stack frame, this is 
+ *
+ * Normal syscalls and interrupts don't save a full stack frame, this is
  * only done for syscall tracing, signals or fork/exec et.al.
- * 
- * A note on terminology:        
- * - top of stack: Architecture defined interrupt frame from SS to RIP 
- * at the top of the kernel process stack.      
+ *
+ * A note on terminology:
+ * - top of stack: Architecture defined interrupt frame from SS to RIP
+ * at the top of the kernel process stack.
  * - partial stack frame: partially saved registers upto R11.
- * - full stack frame: Like partial stack frame, but all register saved. 
+ * - full stack frame: Like partial stack frame, but all register saved.
  *
  * Some macro usage:
  * - CFI macros are used to generate dwarf2 unwind information for better
@@ -60,7 +60,6 @@
 #define __AUDIT_ARCH_LE    0x40000000
 
         .code64
-
 #ifdef CONFIG_FUNCTION_TRACER
 #ifdef CONFIG_DYNAMIC_FTRACE
 ENTRY(mcount)
@@ -71,15 +70,7 @@ ENTRY(ftrace_caller)
         cmpl $0, function_trace_stop
         jne  ftrace_stub
 
-        /* taken from glibc */
-        subq $0x38, %rsp
-        movq %rax, (%rsp)
-        movq %rcx, 8(%rsp)
-        movq %rdx, 16(%rsp)
-        movq %rsi, 24(%rsp)
-        movq %rdi, 32(%rsp)
-        movq %r8, 40(%rsp)
-        movq %r9, 48(%rsp)
+        MCOUNT_SAVE_FRAME
 
         movq 0x38(%rsp), %rdi
         movq 8(%rbp), %rsi
@@ -89,14 +80,7 @@ ENTRY(ftrace_caller)
 ftrace_call:
         call ftrace_stub
 
-        movq 48(%rsp), %r9
-        movq 40(%rsp), %r8
-        movq 32(%rsp), %rdi
-        movq 24(%rsp), %rsi
-        movq 16(%rsp), %rdx
-        movq 8(%rsp), %rcx
-        movq (%rsp), %rax
-        addq $0x38, %rsp
+        MCOUNT_RESTORE_FRAME
 
 #ifdef CONFIG_FUNCTION_GRAPH_TRACER
 .globl ftrace_graph_call
@@ -130,15 +114,7 @@ ftrace_stub:
         retq
 
 trace:
-        /* taken from glibc */
-        subq $0x38, %rsp
-        movq %rax, (%rsp)
-        movq %rcx, 8(%rsp)
-        movq %rdx, 16(%rsp)
-        movq %rsi, 24(%rsp)
-        movq %rdi, 32(%rsp)
-        movq %r8, 40(%rsp)
-        movq %r9, 48(%rsp)
+        MCOUNT_SAVE_FRAME
 
         movq 0x38(%rsp), %rdi
         movq 8(%rbp), %rsi
@@ -146,14 +122,7 @@ trace:
 
         call   *ftrace_trace_function
 
-        movq 48(%rsp), %r9
-        movq 40(%rsp), %r8
-        movq 32(%rsp), %rdi
-        movq 24(%rsp), %rsi
-        movq 16(%rsp), %rdx
-        movq 8(%rsp), %rcx
-        movq (%rsp), %rax
-        addq $0x38, %rsp
+        MCOUNT_RESTORE_FRAME
 
         jmp ftrace_stub
 END(mcount)
@@ -165,14 +134,7 @@ ENTRY(ftrace_graph_caller)
         cmpl $0, function_trace_stop
         jne ftrace_stub
 
-        subq $0x38, %rsp
-        movq %rax, (%rsp)
-        movq %rcx, 8(%rsp)
-        movq %rdx, 16(%rsp)
-        movq %rsi, 24(%rsp)
-        movq %rdi, 32(%rsp)
-        movq %r8, 40(%rsp)
-        movq %r9, 48(%rsp)
+        MCOUNT_SAVE_FRAME
 
         leaq 8(%rbp), %rdi
         movq 0x38(%rsp), %rsi
@@ -180,14 +142,8 @@ ENTRY(ftrace_graph_caller)
 
         call    prepare_ftrace_return
 
-        movq 48(%rsp), %r9
-        movq 40(%rsp), %r8
-        movq 32(%rsp), %rdi
-        movq 24(%rsp), %rsi
-        movq 16(%rsp), %rdx
-        movq 8(%rsp), %rcx
-        movq (%rsp), %rax
-        addq $0x38, %rsp
+        MCOUNT_RESTORE_FRAME
+
         retq
 END(ftrace_graph_caller)
 
@@ -225,7 +181,7 @@ return_to_handler:
 
 #ifndef CONFIG_PREEMPT
 #define retint_kernel retint_restore_args
-#endif  
+#endif
 
 #ifdef CONFIG_PARAVIRT
 ENTRY(native_usergs_sysret64)
@@ -244,29 +200,29 @@ ENTRY(native_usergs_sysret64)
 .endm
 
 /*
- * C code is not supposed to know about undefined top of stack. Every time 
- * a C function with an pt_regs argument is called from the SYSCALL based 
+ * C code is not supposed to know about undefined top of stack. Every time
+ * a C function with an pt_regs argument is called from the SYSCALL based
  * fast path FIXUP_TOP_OF_STACK is needed.
  * RESTORE_TOP_OF_STACK syncs the syscall state after any possible ptregs
  * manipulation.
- */             
-                
-        /* %rsp:at FRAMEEND */ 
-        .macro FIXUP_TOP_OF_STACK tmp
-        movq    %gs:pda_oldrsp,\tmp
-        movq    \tmp,RSP(%rsp)
-        movq    $__USER_DS,SS(%rsp)
-        movq    $__USER_CS,CS(%rsp)
-        movq    $-1,RCX(%rsp)
-        movq    R11(%rsp),\tmp  /* get eflags */
-        movq    \tmp,EFLAGS(%rsp)
+ */
+
+        /* %rsp:at FRAMEEND */
+        .macro FIXUP_TOP_OF_STACK tmp offset=0
+        movq %gs:pda_oldrsp,\tmp
+        movq \tmp,RSP+\offset(%rsp)
+        movq $__USER_DS,SS+\offset(%rsp)
+        movq $__USER_CS,CS+\offset(%rsp)
+        movq $-1,RCX+\offset(%rsp)
+        movq R11+\offset(%rsp),\tmp  /* get eflags */
+        movq \tmp,EFLAGS+\offset(%rsp)
         .endm
 
-        .macro RESTORE_TOP_OF_STACK tmp,offset=0
-        movq   RSP-\offset(%rsp),\tmp
-        movq   \tmp,%gs:pda_oldrsp
-        movq   EFLAGS-\offset(%rsp),\tmp
-        movq   \tmp,R11-\offset(%rsp)
+        .macro RESTORE_TOP_OF_STACK tmp offset=0
+        movq RSP+\offset(%rsp),\tmp
+        movq \tmp,%gs:pda_oldrsp
+        movq EFLAGS+\offset(%rsp),\tmp
+        movq \tmp,R11+\offset(%rsp)
         .endm
 
         .macro FAKE_STACK_FRAME child_rip
@@ -278,7 +234,7 @@ ENTRY(native_usergs_sysret64)
         pushq %rax /* rsp */
         CFI_ADJUST_CFA_OFFSET   8
         CFI_REL_OFFSET  rsp,0
-        pushq $(1<<9) /* eflags - interrupts on */
+        pushq $X86_EFLAGS_IF /* eflags - interrupts on */
         CFI_ADJUST_CFA_OFFSET   8
         /*CFI_REL_OFFSET        rflags,0*/
         pushq $__KERNEL_CS /* cs */
@@ -296,62 +252,184 @@ ENTRY(native_usergs_sysret64)
         CFI_ADJUST_CFA_OFFSET   -(6*8)
         .endm
 
-        .macro  CFI_DEFAULT_STACK start=1
+/*
+ * initial frame state for interrupts (and exceptions without error code)
+ */
+        .macro EMPTY_FRAME start=1 offset=0
         .if \start
-        CFI_STARTPROC   simple
+        CFI_STARTPROC simple
         CFI_SIGNAL_FRAME
-        CFI_DEF_CFA     rsp,SS+8
+        CFI_DEF_CFA rsp,8+\offset
         .else
-        CFI_DEF_CFA_OFFSET SS+8
+        CFI_DEF_CFA_OFFSET 8+\offset
         .endif
-        CFI_REL_OFFSET  r15,R15
-        CFI_REL_OFFSET  r14,R14
-        CFI_REL_OFFSET  r13,R13
-        CFI_REL_OFFSET  r12,R12
-        CFI_REL_OFFSET  rbp,RBP
-        CFI_REL_OFFSET  rbx,RBX
-        CFI_REL_OFFSET  r11,R11
-        CFI_REL_OFFSET  r10,R10
-        CFI_REL_OFFSET  r9,R9
-        CFI_REL_OFFSET  r8,R8
-        CFI_REL_OFFSET  rax,RAX
-        CFI_REL_OFFSET  rcx,RCX
-        CFI_REL_OFFSET  rdx,RDX
-        CFI_REL_OFFSET  rsi,RSI
-        CFI_REL_OFFSET  rdi,RDI
-        CFI_REL_OFFSET  rip,RIP
-        /*CFI_REL_OFFSET        cs,CS*/
-        /*CFI_REL_OFFSET        rflags,EFLAGS*/
-        CFI_REL_OFFSET  rsp,RSP
-        /*CFI_REL_OFFSET        ss,SS*/
         .endm
+
 /*
- * A newly forked process directly context switches into this.
- */     
-/* rdi: prev */ 
+ * initial frame state for interrupts (and exceptions without error code)
+ */
+        .macro INTR_FRAME start=1 offset=0
+        EMPTY_FRAME \start, SS+8+\offset-RIP
+        /*CFI_REL_OFFSET ss, SS+\offset-RIP*/
+        CFI_REL_OFFSET rsp, RSP+\offset-RIP
+        /*CFI_REL_OFFSET rflags, EFLAGS+\offset-RIP*/
+        /*CFI_REL_OFFSET cs, CS+\offset-RIP*/
+        CFI_REL_OFFSET rip, RIP+\offset-RIP
+        .endm
+
+/*
+ * initial frame state for exceptions with error code (and interrupts
+ * with vector already pushed)
+ */
+        .macro XCPT_FRAME start=1 offset=0
+        INTR_FRAME \start, RIP+\offset-ORIG_RAX
+        /*CFI_REL_OFFSET orig_rax, ORIG_RAX-ORIG_RAX*/
+        .endm
+
+/*
+ * frame that enables calling into C.
+ */
+        .macro PARTIAL_FRAME start=1 offset=0
+        XCPT_FRAME \start, ORIG_RAX+\offset-ARGOFFSET
+        CFI_REL_OFFSET rdi, RDI+\offset-ARGOFFSET
+        CFI_REL_OFFSET rsi, RSI+\offset-ARGOFFSET
+        CFI_REL_OFFSET rdx, RDX+\offset-ARGOFFSET
+        CFI_REL_OFFSET rcx, RCX+\offset-ARGOFFSET
+        CFI_REL_OFFSET rax, RAX+\offset-ARGOFFSET
+        CFI_REL_OFFSET r8, R8+\offset-ARGOFFSET
+        CFI_REL_OFFSET r9, R9+\offset-ARGOFFSET
+        CFI_REL_OFFSET r10, R10+\offset-ARGOFFSET
+        CFI_REL_OFFSET r11, R11+\offset-ARGOFFSET
+        .endm
+
+/*
+ * frame that enables passing a complete pt_regs to a C function.
+ */
+        .macro DEFAULT_FRAME start=1 offset=0
+        PARTIAL_FRAME \start, R11+\offset-R15
+        CFI_REL_OFFSET rbx, RBX+\offset
+        CFI_REL_OFFSET rbp, RBP+\offset
+        CFI_REL_OFFSET r12, R12+\offset
+        CFI_REL_OFFSET r13, R13+\offset
+        CFI_REL_OFFSET r14, R14+\offset
+        CFI_REL_OFFSET r15, R15+\offset
+        .endm
+
+/* save partial stack frame */
+ENTRY(save_args)
+        XCPT_FRAME
+        cld
+        movq_cfi rdi, RDI+16-ARGOFFSET
+        movq_cfi rsi, RSI+16-ARGOFFSET
+        movq_cfi rdx, RDX+16-ARGOFFSET
+        movq_cfi rcx, RCX+16-ARGOFFSET
+        movq_cfi rax, RAX+16-ARGOFFSET
+        movq_cfi  r8,  R8+16-ARGOFFSET
+        movq_cfi  r9,  R9+16-ARGOFFSET
+        movq_cfi r10, R10+16-ARGOFFSET
+        movq_cfi r11, R11+16-ARGOFFSET
+
+        leaq -ARGOFFSET+16(%rsp),%rdi   /* arg1 for handler */
+        movq_cfi rbp, 8         /* push %rbp */
+        leaq 8(%rsp), %rbp              /* mov %rsp, %ebp */
+        testl $3, CS(%rdi)
+        je 1f
+        SWAPGS
+        /*
+         * irqcount is used to check if a CPU is already on an interrupt stack
+         * or not. While this is essentially redundant with preempt_count it is
+         * a little cheaper to use a separate counter in the PDA (short of
+         * moving irq_enter into assembly, which would be too much work)
+         */
+1:      incl %gs:pda_irqcount
+        jne 2f
+        popq_cfi %rax                   /* move return address... */
+        mov %gs:pda_irqstackptr,%rsp
+        EMPTY_FRAME 0
+        pushq_cfi %rax                  /* ... to the new stack */
+        /*
+         * We entered an interrupt context - irqs are off:
+         */
+2:      TRACE_IRQS_OFF
+        ret
+        CFI_ENDPROC
+END(save_args)
+
+ENTRY(save_rest)
+        PARTIAL_FRAME 1 REST_SKIP+8
+        movq 5*8+16(%rsp), %r11 /* save return address */
+        movq_cfi rbx, RBX+16
+        movq_cfi rbp, RBP+16
+        movq_cfi r12, R12+16
+        movq_cfi r13, R13+16
+        movq_cfi r14, R14+16
+        movq_cfi r15, R15+16
+        movq %r11, 8(%rsp)      /* return address */
+        FIXUP_TOP_OF_STACK %r11, 16
+        ret
+        CFI_ENDPROC
+END(save_rest)
+
+/* save complete stack frame */
+ENTRY(save_paranoid)
+        XCPT_FRAME 1 RDI+8
+        cld
+        movq_cfi rdi, RDI+8
+        movq_cfi rsi, RSI+8
+        movq_cfi rdx, RDX+8
+        movq_cfi rcx, RCX+8
+        movq_cfi rax, RAX+8
+        movq_cfi r8, R8+8
+        movq_cfi r9, R9+8
+        movq_cfi r10, R10+8
+        movq_cfi r11, R11+8
+        movq_cfi rbx, RBX+8
+        movq_cfi rbp, RBP+8
+        movq_cfi r12, R12+8
+        movq_cfi r13, R13+8
+        movq_cfi r14, R14+8
+        movq_cfi r15, R15+8
+        movl $1,%ebx
+        movl $MSR_GS_BASE,%ecx
+        rdmsr
+        testl %edx,%edx
+        js 1f   /* negative -> in kernel */
+        SWAPGS
+        xorl %ebx,%ebx
+1:      ret
+        CFI_ENDPROC
+END(save_paranoid)
+
+/*
+ * A newly forked process directly context switches into this address.
+ *
+ * rdi: prev task we switched from
+ */
 ENTRY(ret_from_fork)
-        CFI_DEFAULT_STACK
+        DEFAULT_FRAME
+
         push kernel_eflags(%rip)
         CFI_ADJUST_CFA_OFFSET 8
-        popf                            # reset kernel eflags
+        popf                                    # reset kernel eflags
         CFI_ADJUST_CFA_OFFSET -8
-        call schedule_tail
+
+        call schedule_tail                      # rdi: 'prev' task parameter
+
         GET_THREAD_INFO(%rcx)
-        testl $(_TIF_SYSCALL_TRACE|_TIF_SYSCALL_AUDIT),TI_flags(%rcx)
-        jnz rff_trace
-rff_action:     
+
+        CFI_REMEMBER_STATE
         RESTORE_REST
-        testl $3,CS-ARGOFFSET(%rsp)     # from kernel_thread?
+
+        testl $3, CS-ARGOFFSET(%rsp)            # from kernel_thread?
         je   int_ret_from_sys_call
-        testl $_TIF_IA32,TI_flags(%rcx)
+
+        testl $_TIF_IA32, TI_flags(%rcx)        # 32-bit compat task needs IRET
         jnz  int_ret_from_sys_call
-        RESTORE_TOP_OF_STACK %rdi,ARGOFFSET
-        jmp ret_from_sys_call
-rff_trace:
-        movq %rsp,%rdi
-        call syscall_trace_leave
-        GET_THREAD_INFO(%rcx)   
-        jmp rff_action
+
+        RESTORE_TOP_OF_STACK %rdi, -ARGOFFSET
+        jmp ret_from_sys_call                   # go to the SYSRET fastpath
+
+        CFI_RESTORE_STATE
         CFI_ENDPROC
 END(ret_from_fork)
 
@@ -361,20 +439,20 @@ END(ret_from_fork)
  * SYSCALL does not save anything on the stack and does not change the
  * stack pointer.
  */
-                
+
 /*
- * Register setup:      
+ * Register setup:
  * rax  system call number
  * rdi  arg0
- * rcx  return address for syscall/sysret, C arg3 
+ * rcx  return address for syscall/sysret, C arg3
  * rsi  arg1
- * rdx  arg2    
+ * rdx  arg2
  * r10  arg3    (--> moved to rcx for C)
  * r8   arg4
  * r9   arg5
  * r11  eflags for syscall/sysret, temporary for C
- * r12-r15,rbp,rbx saved by C code, not touched.                
- * 
+ * r12-r15,rbp,rbx saved by C code, not touched.
+ *
  * Interrupts are off on entry.
  * Only called from user space.
  *
@@ -384,7 +462,7 @@ END(ret_from_fork)
  * When user can change the frames always force IRET. That is because
  * it deals with uncanonical addresses better. SYSRET has trouble
  * with them due to bugs in both AMD and Intel CPUs.
- */                                     
+ */
 
 ENTRY(system_call)
         CFI_STARTPROC   simple
@@ -400,7 +478,7 @@ ENTRY(system_call)
          */
 ENTRY(system_call_after_swapgs)
 
-        movq    %rsp,%gs:pda_oldrsp 
+        movq    %rsp,%gs:pda_oldrsp
         movq    %gs:pda_kernelstack,%rsp
         /*
          * No need to follow this irqs off/on section - it's straight
@@ -408,7 +486,7 @@ ENTRY(system_call_after_swapgs)
          */
         ENABLE_INTERRUPTS(CLBR_NONE)
         SAVE_ARGS 8,1
-        movq  %rax,ORIG_RAX-ARGOFFSET(%rsp) 
+        movq  %rax,ORIG_RAX-ARGOFFSET(%rsp)
         movq  %rcx,RIP-ARGOFFSET(%rsp)
         CFI_REL_OFFSET rip,RIP-ARGOFFSET
         GET_THREAD_INFO(%rcx)
@@ -422,19 +500,19 @@ system_call_fastpath:
         movq %rax,RAX-ARGOFFSET(%rsp)
 /*
  * Syscall return path ending with SYSRET (fast path)
- * Has incomplete stack frame and undefined top of stack. 
- */             
+ * Has incomplete stack frame and undefined top of stack.
+ */
 ret_from_sys_call:
         movl $_TIF_ALLWORK_MASK,%edi
         /* edi: flagmask */
-sysret_check:           
+sysret_check:
         LOCKDEP_SYS_EXIT
         GET_THREAD_INFO(%rcx)
         DISABLE_INTERRUPTS(CLBR_NONE)
         TRACE_IRQS_OFF
         movl TI_flags(%rcx),%edx
         andl %edi,%edx
-        jnz  sysret_careful 
+        jnz  sysret_careful
         CFI_REMEMBER_STATE
         /*
          * sysretq will re-enable interrupts:
@@ -449,7 +527,7 @@ sysret_check:
 
         CFI_RESTORE_STATE
         /* Handle reschedules */
-        /* edx: work, edi: workmask */  
+        /* edx: work, edi: workmask */
 sysret_careful:
         bt $TIF_NEED_RESCHED,%edx
         jnc sysret_signal
@@ -462,7 +540,7 @@ sysret_careful:
         CFI_ADJUST_CFA_OFFSET -8
         jmp sysret_check
 
-        /* Handle a signal */ 
+        /* Handle a signal */
 sysret_signal:
         TRACE_IRQS_ON
         ENABLE_INTERRUPTS(CLBR_NONE)
@@ -471,17 +549,20 @@ sysret_signal:
         jc sysret_audit
 #endif
         /* edx: work flags (arg3) */
-        leaq do_notify_resume(%rip),%rax
         leaq -ARGOFFSET(%rsp),%rdi # &pt_regs -> arg1
         xorl %esi,%esi # oldset -> arg2
-        call ptregscall_common
+        SAVE_REST
+        FIXUP_TOP_OF_STACK %r11
+        call do_notify_resume
+        RESTORE_TOP_OF_STACK %r11
+        RESTORE_REST
         movl $_TIF_WORK_MASK,%edi
         /* Use IRET because user could have changed frame. This
            works because ptregscall_common has called FIXUP_TOP_OF_STACK. */
         DISABLE_INTERRUPTS(CLBR_NONE)
         TRACE_IRQS_OFF
         jmp int_with_check
-        
+
 badsys:
         movq $-ENOSYS,RAX-ARGOFFSET(%rsp)
         jmp ret_from_sys_call
@@ -520,7 +601,7 @@ sysret_audit:
 #endif  /* CONFIG_AUDITSYSCALL */
 
         /* Do syscall tracing */
-tracesys:                        
+tracesys:
 #ifdef CONFIG_AUDITSYSCALL
         testl $(_TIF_WORK_SYSCALL_ENTRY & ~_TIF_SYSCALL_AUDIT),TI_flags(%rcx)
         jz auditsys
@@ -543,8 +624,8 @@ tracesys:
         call *sys_call_table(,%rax,8)
         movq %rax,RAX-ARGOFFSET(%rsp)
         /* Use IRET because user could have changed frame */
-                
-/* 
+
+/*
  * Syscall return path ending with IRET.
  * Has correct top of stack, but partial stack frame.
  */
@@ -588,18 +669,18 @@ int_very_careful:
         TRACE_IRQS_ON
         ENABLE_INTERRUPTS(CLBR_NONE)
         SAVE_REST
-        /* Check for syscall exit trace */      
+        /* Check for syscall exit trace */
         testl $_TIF_WORK_SYSCALL_EXIT,%edx
         jz int_signal
         pushq %rdi
         CFI_ADJUST_CFA_OFFSET 8
-        leaq 8(%rsp),%rdi       # &ptregs -> arg1       
+        leaq 8(%rsp),%rdi       # &ptregs -> arg1
         call syscall_trace_leave
         popq %rdi
         CFI_ADJUST_CFA_OFFSET -8
         andl $~(_TIF_WORK_SYSCALL_EXIT|_TIF_SYSCALL_EMU),%edi
         jmp int_restore_rest
-        
+
 int_signal:
         testl $_TIF_DO_NOTIFY_MASK,%edx
         jz 1f
@@ -614,22 +695,24 @@ int_restore_rest:
         jmp int_with_check
         CFI_ENDPROC
 END(system_call)
-                
-/* 
+
+/*
  * Certain special system calls that need to save a complete full stack frame.
- */                                                             
-        
+ */
         .macro PTREGSCALL label,func,arg
-        .globl \label
-\label:
-        leaq    \func(%rip),%rax
-        leaq    -ARGOFFSET+8(%rsp),\arg /* 8 for return address */
-        jmp     ptregscall_common
+ENTRY(\label)
+        PARTIAL_FRAME 1 8               /* offset 8: return address */
+        subq $REST_SKIP, %rsp
+        CFI_ADJUST_CFA_OFFSET REST_SKIP
+        call save_rest
+        DEFAULT_FRAME 0 8               /* offset 8: return address */
+        leaq 8(%rsp), \arg      /* pt_regs pointer */
+        call \func
+        jmp ptregscall_common
+        CFI_ENDPROC
 END(\label)
         .endm
 
-        CFI_STARTPROC
-
         PTREGSCALL stub_clone, sys_clone, %r8
         PTREGSCALL stub_fork, sys_fork, %rdi
         PTREGSCALL stub_vfork, sys_vfork, %rdi
@@ -637,25 +720,18 @@ END(\label)
         PTREGSCALL stub_iopl, sys_iopl, %rsi
 
 ENTRY(ptregscall_common)
-        popq %r11
-        CFI_ADJUST_CFA_OFFSET -8
-        CFI_REGISTER rip, r11
-        SAVE_REST
-        movq %r11, %r15
-        CFI_REGISTER rip, r15
-        FIXUP_TOP_OF_STACK %r11
-        call *%rax
-        RESTORE_TOP_OF_STACK %r11
-        movq %r15, %r11
-        CFI_REGISTER rip, r11
-        RESTORE_REST
-        pushq %r11
-        CFI_ADJUST_CFA_OFFSET 8
-        CFI_REL_OFFSET rip, 0
-        ret
+        DEFAULT_FRAME 1 8       /* offset 8: return address */
+        RESTORE_TOP_OF_STACK %r11, 8
+        movq_cfi_restore R15+8, r15
+        movq_cfi_restore R14+8, r14
+        movq_cfi_restore R13+8, r13
+        movq_cfi_restore R12+8, r12
+        movq_cfi_restore RBP+8, rbp
+        movq_cfi_restore RBX+8, rbx
+        ret $REST_SKIP          /* pop extended registers */
         CFI_ENDPROC
 END(ptregscall_common)
-        
+
 ENTRY(stub_execve)
         CFI_STARTPROC
         popq %r11
@@ -671,11 +747,11 @@ ENTRY(stub_execve)
         jmp int_ret_from_sys_call
         CFI_ENDPROC
 END(stub_execve)
-        
+
 /*
  * sigreturn is special because it needs to restore all registers on return.
  * This cannot be done with SYSRET, so use the IRET return path instead.
- */                
+ */
 ENTRY(stub_rt_sigreturn)
         CFI_STARTPROC
         addq $8, %rsp
@@ -691,70 +767,70 @@ ENTRY(stub_rt_sigreturn)
 END(stub_rt_sigreturn)
 
 /*
- * initial frame state for interrupts and exceptions
+ * Build the entry stubs and pointer table with some assembler magic.
+ * We pack 7 stubs into a single 32-byte chunk, which will fit in a
+ * single cache line on all modern x86 implementations.
  */
-        .macro _frame ref
-        CFI_STARTPROC simple
-        CFI_SIGNAL_FRAME
-        CFI_DEF_CFA rsp,SS+8-\ref
-        /*CFI_REL_OFFSET ss,SS-\ref*/
-        CFI_REL_OFFSET rsp,RSP-\ref
-        /*CFI_REL_OFFSET rflags,EFLAGS-\ref*/
-        /*CFI_REL_OFFSET cs,CS-\ref*/
-        CFI_REL_OFFSET rip,RIP-\ref
-        .endm
+        .section .init.rodata,"a"
+ENTRY(interrupt)
+        .text
+        .p2align 5
+        .p2align CONFIG_X86_L1_CACHE_SHIFT
+ENTRY(irq_entries_start)
+        INTR_FRAME
+vector=FIRST_EXTERNAL_VECTOR
+.rept (NR_VECTORS-FIRST_EXTERNAL_VECTOR+6)/7
+        .balign 32
+  .rept 7
+    .if vector < NR_VECTORS
+      .if vector <> FIRST_EXTERNAL_VECTOR
+        CFI_ADJUST_CFA_OFFSET -8
+      .endif
+1:      pushq $(~vector+0x80)   /* Note: always in signed byte range */
+        CFI_ADJUST_CFA_OFFSET 8
+      .if ((vector-FIRST_EXTERNAL_VECTOR)%7) <> 6
+        jmp 2f
+      .endif
+      .previous
+        .quad 1b
+      .text
+vector=vector+1
+    .endif
+  .endr
+2:      jmp common_interrupt
+.endr
+        CFI_ENDPROC
+END(irq_entries_start)
 
-/* initial frame state for interrupts (and exceptions without error code) */
-#define INTR_FRAME _frame RIP
-/* initial frame state for exceptions with error code (and interrupts with
-   vector already pushed) */
-#define XCPT_FRAME _frame ORIG_RAX
+.previous
+END(interrupt)
+.previous
 
-/* 
+/*
  * Interrupt entry/exit.
  *
  * Interrupt entry points save only callee clobbered registers in fast path.
- *      
- * Entry runs with interrupts off.      
- */ 
+ *
+ * Entry runs with interrupts off.
+ */
 
-/* 0(%rsp): interrupt number */ 
+/* 0(%rsp): ~(interrupt number) */
         .macro interrupt func
-        cld
-        SAVE_ARGS
-        leaq -ARGOFFSET(%rsp),%rdi      # arg1 for handler
-        pushq %rbp
-        /*
-         * Save rbp twice: One is for marking the stack frame, as usual, and the
-         * other, to fill pt_regs properly. This is because bx comes right
-         * before the last saved register in that structure, and not bp. If the
-         * base pointer were in the place bx is today, this would not be needed.
-         */
-        movq %rbp, -8(%rsp)
-        CFI_ADJUST_CFA_OFFSET   8
-        CFI_REL_OFFSET          rbp, 0
-        movq %rsp,%rbp
-        CFI_DEF_CFA_REGISTER    rbp
-        testl $3,CS(%rdi)
-        je 1f
-        SWAPGS
-        /* irqcount is used to check if a CPU is already on an interrupt
-           stack or not. While this is essentially redundant with preempt_count
-           it is a little cheaper to use a separate counter in the PDA
-           (short of moving irq_enter into assembly, which would be too
-            much work) */
-1:      incl    %gs:pda_irqcount
-        cmoveq %gs:pda_irqstackptr,%rsp
-        push    %rbp                    # backlink for old unwinder
-        /*
-         * We entered an interrupt context - irqs are off:
-         */
-        TRACE_IRQS_OFF
+        subq $10*8, %rsp
+        CFI_ADJUST_CFA_OFFSET 10*8
+        call save_args
+        PARTIAL_FRAME 0
         call \func
         .endm
 
-ENTRY(common_interrupt)
+        /*
+         * The interrupt stubs push (~vector+0x80) onto the stack and
+         * then jump to common_interrupt.
+         */
+        .p2align CONFIG_X86_L1_CACHE_SHIFT
+common_interrupt:
         XCPT_FRAME
+        addq $-0x80,(%rsp)              /* Adjust vector to [-256,-1] range */
         interrupt do_IRQ
         /* 0(%rsp): oldrsp-ARGOFFSET */
 ret_from_intr:
@@ -768,12 +844,12 @@ exit_intr:
         GET_THREAD_INFO(%rcx)
         testl $3,CS-ARGOFFSET(%rsp)
         je retint_kernel
-        
+
         /* Interrupt came from user space */
         /*
          * Has a correct top of stack, but a partial stack frame
          * %rcx: thread info. Interrupts off.
-         */             
+         */
 retint_with_reschedule:
         movl $_TIF_WORK_MASK,%edi
 retint_check:
@@ -846,20 +922,20 @@ retint_careful:
         pushq %rdi
         CFI_ADJUST_CFA_OFFSET   8
         call  schedule
-        popq %rdi               
+        popq %rdi
         CFI_ADJUST_CFA_OFFSET   -8
         GET_THREAD_INFO(%rcx)
         DISABLE_INTERRUPTS(CLBR_NONE)
         TRACE_IRQS_OFF
         jmp retint_check
-        
+
 retint_signal:
         testl $_TIF_DO_NOTIFY_MASK,%edx
         jz    retint_swapgs
         TRACE_IRQS_ON
         ENABLE_INTERRUPTS(CLBR_NONE)
         SAVE_REST
-        movq $-1,ORIG_RAX(%rsp)                         
+        movq $-1,ORIG_RAX(%rsp)
         xorl %esi,%esi          # oldset
         movq %rsp,%rdi          # &pt_regs
         call do_notify_resume
@@ -881,324 +957,211 @@ ENTRY(retint_kernel)
         jnc  retint_restore_args
         call preempt_schedule_irq
         jmp exit_intr
-#endif  
+#endif
 
         CFI_ENDPROC
 END(common_interrupt)
-        
+
 /*
  * APIC interrupts.
- */             
-        .macro apicinterrupt num,func
+ */
+.macro apicinterrupt num sym do_sym
+ENTRY(\sym)
         INTR_FRAME
         pushq $~(\num)
         CFI_ADJUST_CFA_OFFSET 8
-        interrupt \func
+        interrupt \do_sym
         jmp ret_from_intr
         CFI_ENDPROC
-        .endm
-
-ENTRY(thermal_interrupt)
-        apicinterrupt THERMAL_APIC_VECTOR,smp_thermal_interrupt
-END(thermal_interrupt)
-
-ENTRY(threshold_interrupt)
-        apicinterrupt THRESHOLD_APIC_VECTOR,mce_threshold_interrupt
-END(threshold_interrupt)
-
-#ifdef CONFIG_SMP       
-ENTRY(reschedule_interrupt)
-        apicinterrupt RESCHEDULE_VECTOR,smp_reschedule_interrupt
-END(reschedule_interrupt)
-
-        .macro INVALIDATE_ENTRY num
-ENTRY(invalidate_interrupt\num)
-        apicinterrupt INVALIDATE_TLB_VECTOR_START+\num,smp_invalidate_interrupt 
-END(invalidate_interrupt\num)
-        .endm
+END(\sym)
+.endm
 
-        INVALIDATE_ENTRY 0
-        INVALIDATE_ENTRY 1
-        INVALIDATE_ENTRY 2
-        INVALIDATE_ENTRY 3
-        INVALIDATE_ENTRY 4
-        INVALIDATE_ENTRY 5
-        INVALIDATE_ENTRY 6
-        INVALIDATE_ENTRY 7
-
-ENTRY(call_function_interrupt)
-        apicinterrupt CALL_FUNCTION_VECTOR,smp_call_function_interrupt
-END(call_function_interrupt)
-ENTRY(call_function_single_interrupt)
-        apicinterrupt CALL_FUNCTION_SINGLE_VECTOR,smp_call_function_single_interrupt
-END(call_function_single_interrupt)
-ENTRY(irq_move_cleanup_interrupt)
-        apicinterrupt IRQ_MOVE_CLEANUP_VECTOR,smp_irq_move_cleanup_interrupt
-END(irq_move_cleanup_interrupt)
+#ifdef CONFIG_SMP
+apicinterrupt IRQ_MOVE_CLEANUP_VECTOR \
+        irq_move_cleanup_interrupt smp_irq_move_cleanup_interrupt
 #endif
 
-ENTRY(apic_timer_interrupt)
-        apicinterrupt LOCAL_TIMER_VECTOR,smp_apic_timer_interrupt
-END(apic_timer_interrupt)
+apicinterrupt UV_BAU_MESSAGE \
+        uv_bau_message_intr1 uv_bau_message_interrupt
+apicinterrupt LOCAL_TIMER_VECTOR \
+        apic_timer_interrupt smp_apic_timer_interrupt
+
+#ifdef CONFIG_SMP
+apicinterrupt INVALIDATE_TLB_VECTOR_START+0 \
+        invalidate_interrupt0 smp_invalidate_interrupt
+apicinterrupt INVALIDATE_TLB_VECTOR_START+1 \
+        invalidate_interrupt1 smp_invalidate_interrupt
+apicinterrupt INVALIDATE_TLB_VECTOR_START+2 \
+        invalidate_interrupt2 smp_invalidate_interrupt
+apicinterrupt INVALIDATE_TLB_VECTOR_START+3 \
+        invalidate_interrupt3 smp_invalidate_interrupt
+apicinterrupt INVALIDATE_TLB_VECTOR_START+4 \
+        invalidate_interrupt4 smp_invalidate_interrupt
+apicinterrupt INVALIDATE_TLB_VECTOR_START+5 \
+        invalidate_interrupt5 smp_invalidate_interrupt
+apicinterrupt INVALIDATE_TLB_VECTOR_START+6 \
+        invalidate_interrupt6 smp_invalidate_interrupt
+apicinterrupt INVALIDATE_TLB_VECTOR_START+7 \
+        invalidate_interrupt7 smp_invalidate_interrupt
+#endif
 
-ENTRY(uv_bau_message_intr1)
-        apicinterrupt 220,uv_bau_message_interrupt
-END(uv_bau_message_intr1)
+apicinterrupt THRESHOLD_APIC_VECTOR \
+        threshold_interrupt mce_threshold_interrupt
+apicinterrupt THERMAL_APIC_VECTOR \
+        thermal_interrupt smp_thermal_interrupt
+
+#ifdef CONFIG_SMP
+apicinterrupt CALL_FUNCTION_SINGLE_VECTOR \
+        call_function_single_interrupt smp_call_function_single_interrupt
+apicinterrupt CALL_FUNCTION_VECTOR \
+        call_function_interrupt smp_call_function_interrupt
+apicinterrupt RESCHEDULE_VECTOR \
+        reschedule_interrupt smp_reschedule_interrupt
+#endif
 
-ENTRY(error_interrupt)
-        apicinterrupt ERROR_APIC_VECTOR,smp_error_interrupt
-END(error_interrupt)
+apicinterrupt ERROR_APIC_VECTOR \
+        error_interrupt smp_error_interrupt
+apicinterrupt SPURIOUS_APIC_VECTOR \
+        spurious_interrupt smp_spurious_interrupt
 
-ENTRY(spurious_interrupt)
-        apicinterrupt SPURIOUS_APIC_VECTOR,smp_spurious_interrupt
-END(spurious_interrupt)
-                                
 /*
  * Exception entry points.
- */             
-        .macro zeroentry sym
+ */
+.macro zeroentry sym do_sym
+ENTRY(\sym)
         INTR_FRAME
         PARAVIRT_ADJUST_EXCEPTION_FRAME
-        pushq $0        /* push error code/oldrax */ 
-        CFI_ADJUST_CFA_OFFSET 8
-        pushq %rax      /* push real oldrax to the rdi slot */ 
-        CFI_ADJUST_CFA_OFFSET 8
-        CFI_REL_OFFSET rax,0
-        leaq  \sym(%rip),%rax
-        jmp error_entry
+        pushq_cfi $-1           /* ORIG_RAX: no syscall to restart */
+        subq $15*8,%rsp
+        CFI_ADJUST_CFA_OFFSET 15*8
+        call error_entry
+        DEFAULT_FRAME 0
+        movq %rsp,%rdi          /* pt_regs pointer */
+        xorl %esi,%esi          /* no error code */
+        call \do_sym
+        jmp error_exit          /* %ebx: no swapgs flag */
         CFI_ENDPROC
-        .endm   
+END(\sym)
+.endm
 
-        .macro errorentry sym
-        XCPT_FRAME
+.macro paranoidzeroentry sym do_sym
+ENTRY(\sym)
+        INTR_FRAME
         PARAVIRT_ADJUST_EXCEPTION_FRAME
-        pushq %rax
+        pushq $-1               /* ORIG_RAX: no syscall to restart */
         CFI_ADJUST_CFA_OFFSET 8
-        CFI_REL_OFFSET rax,0
-        leaq  \sym(%rip),%rax
-        jmp error_entry
+        subq $15*8, %rsp
+        call save_paranoid
+        TRACE_IRQS_OFF
+        movq %rsp,%rdi          /* pt_regs pointer */
+        xorl %esi,%esi          /* no error code */
+        call \do_sym
+        jmp paranoid_exit       /* %ebx: no swapgs flag */
         CFI_ENDPROC
-        .endm
+END(\sym)
+.endm
 
-        /* error code is on the stack already */
-        /* handle NMI like exceptions that can happen everywhere */
-        .macro paranoidentry sym, ist=0, irqtrace=1
-        SAVE_ALL
-        cld
-        movl $1,%ebx
-        movl  $MSR_GS_BASE,%ecx
-        rdmsr
-        testl %edx,%edx
-        js    1f
-        SWAPGS
-        xorl  %ebx,%ebx
-1:
-        .if \ist
-        movq    %gs:pda_data_offset, %rbp
-        .endif
-        .if \irqtrace
-        TRACE_IRQS_OFF
-        .endif
-        movq %rsp,%rdi
-        movq ORIG_RAX(%rsp),%rsi
-        movq $-1,ORIG_RAX(%rsp)
-        .if \ist
-        subq    $EXCEPTION_STKSZ, per_cpu__init_tss + TSS_ist + (\ist - 1) * 8(%rbp)
-        .endif
-        call \sym
-        .if \ist
-        addq    $EXCEPTION_STKSZ, per_cpu__init_tss + TSS_ist + (\ist - 1) * 8(%rbp)
-        .endif
-        DISABLE_INTERRUPTS(CLBR_NONE)
-        .if \irqtrace
+.macro paranoidzeroentry_ist sym do_sym ist
+ENTRY(\sym)
+        INTR_FRAME
+        PARAVIRT_ADJUST_EXCEPTION_FRAME
+        pushq $-1               /* ORIG_RAX: no syscall to restart */
+        CFI_ADJUST_CFA_OFFSET 8
+        subq $15*8, %rsp
+        call save_paranoid
         TRACE_IRQS_OFF
-        .endif
-        .endm
+        movq %rsp,%rdi          /* pt_regs pointer */
+        xorl %esi,%esi          /* no error code */
+        movq %gs:pda_data_offset, %rbp
+        subq $EXCEPTION_STKSZ, per_cpu__init_tss + TSS_ist + (\ist - 1) * 8(%rbp)
+        call \do_sym
+        addq $EXCEPTION_STKSZ, per_cpu__init_tss + TSS_ist + (\ist - 1) * 8(%rbp)
+        jmp paranoid_exit       /* %ebx: no swapgs flag */
+        CFI_ENDPROC
+END(\sym)
+.endm
 
-        /*
-         * "Paranoid" exit path from exception stack.
-         * Paranoid because this is used by NMIs and cannot take
-         * any kernel state for granted.
-         * We don't do kernel preemption checks here, because only
-         * NMI should be common and it does not enable IRQs and
-         * cannot get reschedule ticks.
-         *
-         * "trace" is 0 for the NMI handler only, because irq-tracing
-         * is fundamentally NMI-unsafe. (we cannot change the soft and
-         * hard flags at once, atomically)
-         */
-        .macro paranoidexit trace=1
-        /* ebx: no swapgs flag */
-paranoid_exit\trace:
-        testl %ebx,%ebx                         /* swapgs needed? */
-        jnz paranoid_restore\trace
-        testl $3,CS(%rsp)
-        jnz   paranoid_userspace\trace
-paranoid_swapgs\trace:
-        .if \trace
-        TRACE_IRQS_IRETQ 0
-        .endif
-        SWAPGS_UNSAFE_STACK
-paranoid_restore\trace:
-        RESTORE_ALL 8
-        jmp irq_return
-paranoid_userspace\trace:
-        GET_THREAD_INFO(%rcx)
-        movl TI_flags(%rcx),%ebx
-        andl $_TIF_WORK_MASK,%ebx
-        jz paranoid_swapgs\trace
-        movq %rsp,%rdi                  /* &pt_regs */
-        call sync_regs
-        movq %rax,%rsp                  /* switch stack for scheduling */
-        testl $_TIF_NEED_RESCHED,%ebx
-        jnz paranoid_schedule\trace
-        movl %ebx,%edx                  /* arg3: thread flags */
-        .if \trace
-        TRACE_IRQS_ON
-        .endif
-        ENABLE_INTERRUPTS(CLBR_NONE)
-        xorl %esi,%esi                  /* arg2: oldset */
-        movq %rsp,%rdi                  /* arg1: &pt_regs */
-        call do_notify_resume
-        DISABLE_INTERRUPTS(CLBR_NONE)
-        .if \trace
-        TRACE_IRQS_OFF
-        .endif
-        jmp paranoid_userspace\trace
-paranoid_schedule\trace:
-        .if \trace
-        TRACE_IRQS_ON
-        .endif
-        ENABLE_INTERRUPTS(CLBR_ANY)
-        call schedule
-        DISABLE_INTERRUPTS(CLBR_ANY)
-        .if \trace
-        TRACE_IRQS_OFF
-        .endif
-        jmp paranoid_userspace\trace
+.macro errorentry sym do_sym
+ENTRY(\sym)
+        XCPT_FRAME
+        PARAVIRT_ADJUST_EXCEPTION_FRAME
+        subq $15*8,%rsp
+        CFI_ADJUST_CFA_OFFSET 15*8
+        call error_entry
+        DEFAULT_FRAME 0
+        movq %rsp,%rdi                  /* pt_regs pointer */
+        movq ORIG_RAX(%rsp),%rsi        /* get error code */
+        movq $-1,ORIG_RAX(%rsp)         /* no syscall to restart */
+        call \do_sym
+        jmp error_exit                  /* %ebx: no swapgs flag */
         CFI_ENDPROC
-        .endm
+END(\sym)
+.endm
 
-/*
- * Exception entry point. This expects an error code/orig_rax on the stack
- * and the exception handler in %rax.   
- */                                             
-KPROBE_ENTRY(error_entry)
-        _frame RDI
-        CFI_REL_OFFSET rax,0
-        /* rdi slot contains rax, oldrax contains error code */
-        cld     
-        subq  $14*8,%rsp
-        CFI_ADJUST_CFA_OFFSET   (14*8)
-        movq %rsi,13*8(%rsp)
-        CFI_REL_OFFSET  rsi,RSI
-        movq 14*8(%rsp),%rsi    /* load rax from rdi slot */
-        CFI_REGISTER    rax,rsi
-        movq %rdx,12*8(%rsp)
-        CFI_REL_OFFSET  rdx,RDX
-        movq %rcx,11*8(%rsp)
-        CFI_REL_OFFSET  rcx,RCX
-        movq %rsi,10*8(%rsp)    /* store rax */ 
-        CFI_REL_OFFSET  rax,RAX
-        movq %r8, 9*8(%rsp)
-        CFI_REL_OFFSET  r8,R8
-        movq %r9, 8*8(%rsp)
-        CFI_REL_OFFSET  r9,R9
-        movq %r10,7*8(%rsp)
-        CFI_REL_OFFSET  r10,R10
-        movq %r11,6*8(%rsp)
-        CFI_REL_OFFSET  r11,R11
-        movq %rbx,5*8(%rsp) 
-        CFI_REL_OFFSET  rbx,RBX
-        movq %rbp,4*8(%rsp) 
-        CFI_REL_OFFSET  rbp,RBP
-        movq %r12,3*8(%rsp) 
-        CFI_REL_OFFSET  r12,R12
-        movq %r13,2*8(%rsp) 
-        CFI_REL_OFFSET  r13,R13
-        movq %r14,1*8(%rsp) 
-        CFI_REL_OFFSET  r14,R14
-        movq %r15,(%rsp) 
-        CFI_REL_OFFSET  r15,R15
-        xorl %ebx,%ebx  
-        testl $3,CS(%rsp)
-        je  error_kernelspace
-error_swapgs:   
-        SWAPGS
-error_sti:
-        TRACE_IRQS_OFF
-        movq %rdi,RDI(%rsp)     
-        CFI_REL_OFFSET  rdi,RDI
-        movq %rsp,%rdi
-        movq ORIG_RAX(%rsp),%rsi        /* get error code */ 
-        movq $-1,ORIG_RAX(%rsp)
-        call *%rax
-        /* ebx: no swapgs flag (1: don't need swapgs, 0: need it) */
-error_exit:
-        movl %ebx,%eax
-        RESTORE_REST
-        DISABLE_INTERRUPTS(CLBR_NONE)
+        /* error code is on the stack already */
+.macro paranoiderrorentry sym do_sym
+ENTRY(\sym)
+        XCPT_FRAME
+        PARAVIRT_ADJUST_EXCEPTION_FRAME
+        subq $15*8,%rsp
+        CFI_ADJUST_CFA_OFFSET 15*8
+        call save_paranoid
+        DEFAULT_FRAME 0
         TRACE_IRQS_OFF
-        GET_THREAD_INFO(%rcx)   
-        testl %eax,%eax
-        jne  retint_kernel
-        LOCKDEP_SYS_EXIT_IRQ
-        movl  TI_flags(%rcx),%edx
-        movl  $_TIF_WORK_MASK,%edi
-        andl  %edi,%edx
-        jnz  retint_careful
-        jmp retint_swapgs
+        movq %rsp,%rdi                  /* pt_regs pointer */
+        movq ORIG_RAX(%rsp),%rsi        /* get error code */
+        movq $-1,ORIG_RAX(%rsp)         /* no syscall to restart */
+        call \do_sym
+        jmp paranoid_exit               /* %ebx: no swapgs flag */
         CFI_ENDPROC
+END(\sym)
+.endm
 
-error_kernelspace:
-        incl %ebx
-       /* There are two places in the kernel that can potentially fault with
-          usergs. Handle them here. The exception handlers after
-           iret run with kernel gs again, so don't set the user space flag.
-           B stepping K8s sometimes report an truncated RIP for IRET 
-           exceptions returning to compat mode. Check for these here too. */
-        leaq irq_return(%rip),%rcx
-        cmpq %rcx,RIP(%rsp)
-        je   error_swapgs
-        movl %ecx,%ecx  /* zero extend */
-        cmpq %rcx,RIP(%rsp)
-        je   error_swapgs
-        cmpq $gs_change,RIP(%rsp)
-        je   error_swapgs
-        jmp  error_sti
-KPROBE_END(error_entry)
-        
-       /* Reload gs selector with exception handling */
-       /* edi:  new selector */ 
+zeroentry divide_error do_divide_error
+zeroentry overflow do_overflow
+zeroentry bounds do_bounds
+zeroentry invalid_op do_invalid_op
+zeroentry device_not_available do_device_not_available
+paranoiderrorentry double_fault do_double_fault
+zeroentry coprocessor_segment_overrun do_coprocessor_segment_overrun
+errorentry invalid_TSS do_invalid_TSS
+errorentry segment_not_present do_segment_not_present
+zeroentry spurious_interrupt_bug do_spurious_interrupt_bug
+zeroentry coprocessor_error do_coprocessor_error
+errorentry alignment_check do_alignment_check
+zeroentry simd_coprocessor_error do_simd_coprocessor_error
+
+        /* Reload gs selector with exception handling */
+        /* edi:  new selector */
 ENTRY(native_load_gs_index)
         CFI_STARTPROC
         pushf
         CFI_ADJUST_CFA_OFFSET 8
         DISABLE_INTERRUPTS(CLBR_ANY | ~(CLBR_RDI))
-        SWAPGS
-gs_change:     
-        movl %edi,%gs   
+        SWAPGS
+gs_change:
+        movl %edi,%gs
 2:      mfence          /* workaround */
         SWAPGS
-        popf
+        popf
         CFI_ADJUST_CFA_OFFSET -8
-        ret
+        ret
         CFI_ENDPROC
-ENDPROC(native_load_gs_index)
-       
-        .section __ex_table,"a"
-        .align 8
-        .quad gs_change,bad_gs
-        .previous
-        .section .fixup,"ax"
+END(native_load_gs_index)
+
+        .section __ex_table,"a"
+        .align 8
+        .quad gs_change,bad_gs
+        .previous
+        .section .fixup,"ax"
         /* running with kernelgs */
-bad_gs: 
+bad_gs:
         SWAPGS                  /* switch back to user gs */
         xorl %eax,%eax
-        movl %eax,%gs
-        jmp  2b
-        .previous       
-        
+        movl %eax,%gs
+        jmp  2b
+        .previous
+
 /*
  * Create a kernel thread.
  *
@@ -1221,7 +1184,7 @@ ENTRY(kernel_thread)
 
         xorl %r8d,%r8d
         xorl %r9d,%r9d
-        
+
         # clone now
         call do_fork
         movq %rax,RAX(%rsp)
@@ -1232,15 +1195,15 @@ ENTRY(kernel_thread)
          * so internally to the x86_64 port you can rely on kernel_thread()
          * not to reschedule the child before returning, this avoids the need
          * of hacks for example to fork off the per-CPU idle tasks.
-         * [Hopefully no generic code relies on the reschedule -AK]     
+         * [Hopefully no generic code relies on the reschedule -AK]
          */
         RESTORE_ALL
         UNFAKE_STACK_FRAME
         ret
         CFI_ENDPROC
-ENDPROC(kernel_thread)
-        
-child_rip:
+END(kernel_thread)
+
+ENTRY(child_rip)
         pushq $0                # fake return address
         CFI_STARTPROC
         /*
@@ -1253,8 +1216,9 @@ child_rip:
         # exit
         mov %eax, %edi
         call do_exit
+        ud2                     # padding for call trace
         CFI_ENDPROC
-ENDPROC(child_rip)
+END(child_rip)
 
 /*
  * execve(). This function needs to use IRET, not SYSRET, to set up all state properly.
@@ -1274,10 +1238,10 @@ ENDPROC(child_rip)
 ENTRY(kernel_execve)
         CFI_STARTPROC
         FAKE_STACK_FRAME $0
-        SAVE_ALL        
+        SAVE_ALL
         movq %rsp,%rcx
         call sys_execve
-        movq %rax, RAX(%rsp)    
+        movq %rax, RAX(%rsp)
         RESTORE_REST
         testq %rax,%rax
         je int_ret_from_sys_call
@@ -1285,129 +1249,7 @@ ENTRY(kernel_execve)
         UNFAKE_STACK_FRAME
         ret
         CFI_ENDPROC
-ENDPROC(kernel_execve)
-
-KPROBE_ENTRY(page_fault)
-        errorentry do_page_fault
-KPROBE_END(page_fault)
-
-ENTRY(coprocessor_error)
-        zeroentry do_coprocessor_error
-END(coprocessor_error)
-
-ENTRY(simd_coprocessor_error)
-        zeroentry do_simd_coprocessor_error     
-END(simd_coprocessor_error)
-
-ENTRY(device_not_available)
-        zeroentry do_device_not_available
-END(device_not_available)
-
-        /* runs on exception stack */
-KPROBE_ENTRY(debug)
-        INTR_FRAME
-        PARAVIRT_ADJUST_EXCEPTION_FRAME
-        pushq $0
-        CFI_ADJUST_CFA_OFFSET 8         
-        paranoidentry do_debug, DEBUG_STACK
-        paranoidexit
-KPROBE_END(debug)
-
-        /* runs on exception stack */   
-KPROBE_ENTRY(nmi)
-        INTR_FRAME
-        PARAVIRT_ADJUST_EXCEPTION_FRAME
-        pushq $-1
-        CFI_ADJUST_CFA_OFFSET 8
-        paranoidentry do_nmi, 0, 0
-#ifdef CONFIG_TRACE_IRQFLAGS
-        paranoidexit 0
-#else
-        jmp paranoid_exit1
-        CFI_ENDPROC
-#endif
-KPROBE_END(nmi)
-
-KPROBE_ENTRY(int3)
-        INTR_FRAME
-        PARAVIRT_ADJUST_EXCEPTION_FRAME
-        pushq $0
-        CFI_ADJUST_CFA_OFFSET 8
-        paranoidentry do_int3, DEBUG_STACK
-        jmp paranoid_exit1
-        CFI_ENDPROC
-KPROBE_END(int3)
-
-ENTRY(overflow)
-        zeroentry do_overflow
-END(overflow)
-
-ENTRY(bounds)
-        zeroentry do_bounds
-END(bounds)
-
-ENTRY(invalid_op)
-        zeroentry do_invalid_op 
-END(invalid_op)
-
-ENTRY(coprocessor_segment_overrun)
-        zeroentry do_coprocessor_segment_overrun
-END(coprocessor_segment_overrun)
-
-        /* runs on exception stack */
-ENTRY(double_fault)
-        XCPT_FRAME
-        PARAVIRT_ADJUST_EXCEPTION_FRAME
-        paranoidentry do_double_fault
-        jmp paranoid_exit1
-        CFI_ENDPROC
-END(double_fault)
-
-ENTRY(invalid_TSS)
-        errorentry do_invalid_TSS
-END(invalid_TSS)
-
-ENTRY(segment_not_present)
-        errorentry do_segment_not_present
-END(segment_not_present)
-
-        /* runs on exception stack */
-ENTRY(stack_segment)
-        XCPT_FRAME
-        PARAVIRT_ADJUST_EXCEPTION_FRAME
-        paranoidentry do_stack_segment
-        jmp paranoid_exit1
-        CFI_ENDPROC
-END(stack_segment)
-
-KPROBE_ENTRY(general_protection)
-        errorentry do_general_protection
-KPROBE_END(general_protection)
-
-ENTRY(alignment_check)
-        errorentry do_alignment_check
-END(alignment_check)
-
-ENTRY(divide_error)
-        zeroentry do_divide_error
-END(divide_error)
-
-ENTRY(spurious_interrupt_bug)
-        zeroentry do_spurious_interrupt_bug
-END(spurious_interrupt_bug)
-
-#ifdef CONFIG_X86_MCE
-        /* runs on exception stack */
-ENTRY(machine_check)
-        INTR_FRAME
-        PARAVIRT_ADJUST_EXCEPTION_FRAME
-        pushq $0
-        CFI_ADJUST_CFA_OFFSET 8 
-        paranoidentry do_machine_check
-        jmp paranoid_exit1
-        CFI_ENDPROC
-END(machine_check)
-#endif
+END(kernel_execve)
 
 /* Call softirq on interrupt stack. Interrupts are off. */
 ENTRY(call_softirq)
@@ -1427,40 +1269,33 @@ ENTRY(call_softirq)
         decl %gs:pda_irqcount
         ret
         CFI_ENDPROC
-ENDPROC(call_softirq)
-
-KPROBE_ENTRY(ignore_sysret)
-        CFI_STARTPROC
-        mov $-ENOSYS,%eax
-        sysret
-        CFI_ENDPROC
-ENDPROC(ignore_sysret)
+END(call_softirq)
 
 #ifdef CONFIG_XEN
-ENTRY(xen_hypervisor_callback)
-        zeroentry xen_do_hypervisor_callback
-END(xen_hypervisor_callback)
+zeroentry xen_hypervisor_callback xen_do_hypervisor_callback
 
 /*
-# A note on the "critical region" in our callback handler.
-# We want to avoid stacking callback handlers due to events occurring
-# during handling of the last event. To do this, we keep events disabled
-# until we've done all processing. HOWEVER, we must enable events before
-# popping the stack frame (can't be done atomically) and so it would still
-# be possible to get enough handler activations to overflow the stack.
-# Although unlikely, bugs of that kind are hard to track down, so we'd
-# like to avoid the possibility.
-# So, on entry to the handler we detect whether we interrupted an
-# existing activation in its critical region -- if so, we pop the current
-# activation and restart the handler using the previous one.
-*/
+ * A note on the "critical region" in our callback handler.
+ * We want to avoid stacking callback handlers due to events occurring
+ * during handling of the last event. To do this, we keep events disabled
+ * until we've done all processing. HOWEVER, we must enable events before
+ * popping the stack frame (can't be done atomically) and so it would still
+ * be possible to get enough handler activations to overflow the stack.
+ * Although unlikely, bugs of that kind are hard to track down, so we'd
+ * like to avoid the possibility.
+ * So, on entry to the handler we detect whether we interrupted an
+ * existing activation in its critical region -- if so, we pop the current
+ * activation and restart the handler using the previous one.
+ */
 ENTRY(xen_do_hypervisor_callback)   # do_hypervisor_callback(struct *pt_regs)
         CFI_STARTPROC
-/* Since we don't modify %rdi, evtchn_do_upall(struct *pt_regs) will
-   see the correct pointer to the pt_regs */
+/*
+ * Since we don't modify %rdi, evtchn_do_upall(struct *pt_regs) will
+ * see the correct pointer to the pt_regs
+ */
         movq %rdi, %rsp            # we don't return, adjust the stack frame
         CFI_ENDPROC
-        CFI_DEFAULT_STACK
+        DEFAULT_FRAME
 11:     incl %gs:pda_irqcount
         movq %rsp,%rbp
         CFI_DEF_CFA_REGISTER rbp
@@ -1475,23 +1310,26 @@ ENTRY(xen_do_hypervisor_callback)   # do_hypervisor_callback(struct *pt_regs)
 END(do_hypervisor_callback)
 
 /*
-# Hypervisor uses this for application faults while it executes.
-# We get here for two reasons:
-#  1. Fault while reloading DS, ES, FS or GS
-#  2. Fault while executing IRET
-# Category 1 we do not need to fix up as Xen has already reloaded all segment
-# registers that could be reloaded and zeroed the others.
-# Category 2 we fix up by killing the current process. We cannot use the
-# normal Linux return path in this case because if we use the IRET hypercall
-# to pop the stack frame we end up in an infinite loop of failsafe callbacks.
-# We distinguish between categories by comparing each saved segment register
-# with its current contents: any discrepancy means we in category 1.
-*/
+ * Hypervisor uses this for application faults while it executes.
+ * We get here for two reasons:
+ *  1. Fault while reloading DS, ES, FS or GS
+ *  2. Fault while executing IRET
+ * Category 1 we do not need to fix up as Xen has already reloaded all segment
+ * registers that could be reloaded and zeroed the others.
+ * Category 2 we fix up by killing the current process. We cannot use the
+ * normal Linux return path in this case because if we use the IRET hypercall
+ * to pop the stack frame we end up in an infinite loop of failsafe callbacks.
+ * We distinguish between categories by comparing each saved segment register
+ * with its current contents: any discrepancy means we in category 1.
+ */
 ENTRY(xen_failsafe_callback)
-        framesz = (RIP-0x30)    /* workaround buggy gas */
-        _frame framesz
-        CFI_REL_OFFSET rcx, 0
-        CFI_REL_OFFSET r11, 8
+        INTR_FRAME 1 (6*8)
+        /*CFI_REL_OFFSET gs,GS*/
+        /*CFI_REL_OFFSET fs,FS*/
+        /*CFI_REL_OFFSET es,ES*/
+        /*CFI_REL_OFFSET ds,DS*/
+        CFI_REL_OFFSET r11,8
+        CFI_REL_OFFSET rcx,0
         movw %ds,%cx
         cmpw %cx,0x10(%rsp)
         CFI_REMEMBER_STATE
@@ -1512,12 +1350,9 @@ ENTRY(xen_failsafe_callback)
         CFI_RESTORE r11
         addq $0x30,%rsp
         CFI_ADJUST_CFA_OFFSET -0x30
-        pushq $0
-        CFI_ADJUST_CFA_OFFSET 8
-        pushq %r11
-        CFI_ADJUST_CFA_OFFSET 8
-        pushq %rcx
-        CFI_ADJUST_CFA_OFFSET 8
+        pushq_cfi $0    /* RIP */
+        pushq_cfi %r11
+        pushq_cfi %rcx
         jmp general_protection
         CFI_RESTORE_STATE
 1:      /* Segment mismatch => Category 1 (Bad segment). Retry the IRET. */
@@ -1527,11 +1362,223 @@ ENTRY(xen_failsafe_callback)
         CFI_RESTORE r11
         addq $0x30,%rsp
         CFI_ADJUST_CFA_OFFSET -0x30
-        pushq $0
-        CFI_ADJUST_CFA_OFFSET 8
+        pushq_cfi $0
         SAVE_ALL
         jmp error_exit
         CFI_ENDPROC
 END(xen_failsafe_callback)
 
 #endif /* CONFIG_XEN */
+
+/*
+ * Some functions should be protected against kprobes
+ */
+        .pushsection .kprobes.text, "ax"
+
+paranoidzeroentry_ist debug do_debug DEBUG_STACK
+paranoidzeroentry_ist int3 do_int3 DEBUG_STACK
+paranoiderrorentry stack_segment do_stack_segment
+errorentry general_protection do_general_protection
+errorentry page_fault do_page_fault
+#ifdef CONFIG_X86_MCE
+paranoidzeroentry machine_check do_machine_check
+#endif
+
+        /*
+         * "Paranoid" exit path from exception stack.
+         * Paranoid because this is used by NMIs and cannot take
+         * any kernel state for granted.
+         * We don't do kernel preemption checks here, because only
+         * NMI should be common and it does not enable IRQs and
+         * cannot get reschedule ticks.
+         *
+         * "trace" is 0 for the NMI handler only, because irq-tracing
+         * is fundamentally NMI-unsafe. (we cannot change the soft and
+         * hard flags at once, atomically)
+         */
+
+        /* ebx: no swapgs flag */
+ENTRY(paranoid_exit)
+        INTR_FRAME
+        DISABLE_INTERRUPTS(CLBR_NONE)
+        TRACE_IRQS_OFF
+        testl %ebx,%ebx                         /* swapgs needed? */
+        jnz paranoid_restore
+        testl $3,CS(%rsp)
+        jnz   paranoid_userspace
+paranoid_swapgs:
+        TRACE_IRQS_IRETQ 0
+        SWAPGS_UNSAFE_STACK
+paranoid_restore:
+        RESTORE_ALL 8
+        jmp irq_return
+paranoid_userspace:
+        GET_THREAD_INFO(%rcx)
+        movl TI_flags(%rcx),%ebx
+        andl $_TIF_WORK_MASK,%ebx
+        jz paranoid_swapgs
+        movq %rsp,%rdi                  /* &pt_regs */
+        call sync_regs
+        movq %rax,%rsp                  /* switch stack for scheduling */
+        testl $_TIF_NEED_RESCHED,%ebx
+        jnz paranoid_schedule
+        movl %ebx,%edx                  /* arg3: thread flags */
+        TRACE_IRQS_ON
+        ENABLE_INTERRUPTS(CLBR_NONE)
+        xorl %esi,%esi                  /* arg2: oldset */
+        movq %rsp,%rdi                  /* arg1: &pt_regs */
+        call do_notify_resume
+        DISABLE_INTERRUPTS(CLBR_NONE)
+        TRACE_IRQS_OFF
+        jmp paranoid_userspace
+paranoid_schedule:
+        TRACE_IRQS_ON
+        ENABLE_INTERRUPTS(CLBR_ANY)
+        call schedule
+        DISABLE_INTERRUPTS(CLBR_ANY)
+        TRACE_IRQS_OFF
+        jmp paranoid_userspace
+        CFI_ENDPROC
+END(paranoid_exit)
+
+/*
+ * Exception entry point. This expects an error code/orig_rax on the stack.
+ * returns in "no swapgs flag" in %ebx.
+ */
+ENTRY(error_entry)
+        XCPT_FRAME
+        CFI_ADJUST_CFA_OFFSET 15*8
+        /* oldrax contains error code */
+        cld
+        movq_cfi rdi, RDI+8
+        movq_cfi rsi, RSI+8
+        movq_cfi rdx, RDX+8
+        movq_cfi rcx, RCX+8
+        movq_cfi rax, RAX+8
+        movq_cfi  r8,  R8+8
+        movq_cfi  r9,  R9+8
+        movq_cfi r10, R10+8
+        movq_cfi r11, R11+8
+        movq_cfi rbx, RBX+8
+        movq_cfi rbp, RBP+8
+        movq_cfi r12, R12+8
+        movq_cfi r13, R13+8
+        movq_cfi r14, R14+8
+        movq_cfi r15, R15+8
+        xorl %ebx,%ebx
+        testl $3,CS+8(%rsp)
+        je error_kernelspace
+error_swapgs:
+        SWAPGS
+error_sti:
+        TRACE_IRQS_OFF
+        ret
+        CFI_ENDPROC
+
+/*
+ * There are two places in the kernel that can potentially fault with
+ * usergs. Handle them here. The exception handlers after iret run with
+ * kernel gs again, so don't set the user space flag. B stepping K8s
+ * sometimes report an truncated RIP for IRET exceptions returning to
+ * compat mode. Check for these here too.
+ */
+error_kernelspace:
+        incl %ebx
+        leaq irq_return(%rip),%rcx
+        cmpq %rcx,RIP+8(%rsp)
+        je error_swapgs
+        movl %ecx,%ecx  /* zero extend */
+        cmpq %rcx,RIP+8(%rsp)
+        je error_swapgs
+        cmpq $gs_change,RIP+8(%rsp)
+        je error_swapgs
+        jmp error_sti
+END(error_entry)
+
+
+/* ebx: no swapgs flag (1: don't need swapgs, 0: need it) */
+ENTRY(error_exit)
+        DEFAULT_FRAME
+        movl %ebx,%eax
+        RESTORE_REST
+        DISABLE_INTERRUPTS(CLBR_NONE)
+        TRACE_IRQS_OFF
+        GET_THREAD_INFO(%rcx)
+        testl %eax,%eax
+        jne retint_kernel
+        LOCKDEP_SYS_EXIT_IRQ
+        movl TI_flags(%rcx),%edx
+        movl $_TIF_WORK_MASK,%edi
+        andl %edi,%edx
+        jnz retint_careful
+        jmp retint_swapgs
+        CFI_ENDPROC
+END(error_exit)
+
+
+        /* runs on exception stack */
+ENTRY(nmi)
+        INTR_FRAME
+        PARAVIRT_ADJUST_EXCEPTION_FRAME
+        pushq_cfi $-1
+        subq $15*8, %rsp
+        CFI_ADJUST_CFA_OFFSET 15*8
+        call save_paranoid
+        DEFAULT_FRAME 0
+        /* paranoidentry do_nmi, 0; without TRACE_IRQS_OFF */
+        movq %rsp,%rdi
+        movq $-1,%rsi
+        call do_nmi
+#ifdef CONFIG_TRACE_IRQFLAGS
+        /* paranoidexit; without TRACE_IRQS_OFF */
+        /* ebx: no swapgs flag */
+        DISABLE_INTERRUPTS(CLBR_NONE)
+        testl %ebx,%ebx                         /* swapgs needed? */
+        jnz nmi_restore
+        testl $3,CS(%rsp)
+        jnz nmi_userspace
+nmi_swapgs:
+        SWAPGS_UNSAFE_STACK
+nmi_restore:
+        RESTORE_ALL 8
+        jmp irq_return
+nmi_userspace:
+        GET_THREAD_INFO(%rcx)
+        movl TI_flags(%rcx),%ebx
+        andl $_TIF_WORK_MASK,%ebx
+        jz nmi_swapgs
+        movq %rsp,%rdi                  /* &pt_regs */
+        call sync_regs
+        movq %rax,%rsp                  /* switch stack for scheduling */
+        testl $_TIF_NEED_RESCHED,%ebx
+        jnz nmi_schedule
+        movl %ebx,%edx                  /* arg3: thread flags */
+        ENABLE_INTERRUPTS(CLBR_NONE)
+        xorl %esi,%esi                  /* arg2: oldset */
+        movq %rsp,%rdi                  /* arg1: &pt_regs */
+        call do_notify_resume
+        DISABLE_INTERRUPTS(CLBR_NONE)
+        jmp nmi_userspace
+nmi_schedule:
+        ENABLE_INTERRUPTS(CLBR_ANY)
+        call schedule
+        DISABLE_INTERRUPTS(CLBR_ANY)
+        jmp nmi_userspace
+        CFI_ENDPROC
+#else
+        jmp paranoid_exit
+        CFI_ENDPROC
+#endif
+END(nmi)
+
+ENTRY(ignore_sysret)
+        CFI_STARTPROC
+        mov $-ENOSYS,%eax
+        sysret
+        CFI_ENDPROC
+END(ignore_sysret)
+
+/*
+ * End of kprobes section
+ */
+        .popsection
diff --git a/arch/x86/kernel/genx2apic_uv_x.c b/arch/x86/kernel/genx2apic_uv_x.c
index 0e88be11227d..b193e082f6ce 100644
--- a/arch/x86/kernel/genx2apic_uv_x.c
+++ b/arch/x86/kernel/genx2apic_uv_x.c
@@ -10,6 +10,7 @@
 
 #include <linux/kernel.h>
 #include <linux/threads.h>
+#include <linux/cpu.h>
 #include <linux/cpumask.h>
 #include <linux/string.h>
 #include <linux/ctype.h>
@@ -17,6 +18,9 @@
 #include <linux/sched.h>
 #include <linux/module.h>
 #include <linux/hardirq.h>
+#include <linux/timer.h>
+#include <linux/proc_fs.h>
+#include <asm/current.h>
 #include <asm/smp.h>
 #include <asm/ipi.h>
 #include <asm/genapic.h>
@@ -383,6 +387,103 @@ static __init void uv_rtc_init(void)
 }
 
 /*
+ * percpu heartbeat timer
+ */
+static void uv_heartbeat(unsigned long ignored)
+{
+        struct timer_list *timer = &uv_hub_info->scir.timer;
+        unsigned char bits = uv_hub_info->scir.state;
+
+        /* flip heartbeat bit */
+        bits ^= SCIR_CPU_HEARTBEAT;
+
+        /* is this cpu idle? */
+        if (idle_cpu(raw_smp_processor_id()))
+                bits &= ~SCIR_CPU_ACTIVITY;
+        else
+                bits |= SCIR_CPU_ACTIVITY;
+
+        /* update system controller interface reg */
+        uv_set_scir_bits(bits);
+
+        /* enable next timer period */
+        mod_timer(timer, jiffies + SCIR_CPU_HB_INTERVAL);
+}
+
+static void __cpuinit uv_heartbeat_enable(int cpu)
+{
+        if (!uv_cpu_hub_info(cpu)->scir.enabled) {
+                struct timer_list *timer = &uv_cpu_hub_info(cpu)->scir.timer;
+
+                uv_set_cpu_scir_bits(cpu, SCIR_CPU_HEARTBEAT|SCIR_CPU_ACTIVITY);
+                setup_timer(timer, uv_heartbeat, cpu);
+                timer->expires = jiffies + SCIR_CPU_HB_INTERVAL;
+                add_timer_on(timer, cpu);
+                uv_cpu_hub_info(cpu)->scir.enabled = 1;
+        }
+
+        /* check boot cpu */
+        if (!uv_cpu_hub_info(0)->scir.enabled)
+                uv_heartbeat_enable(0);
+}
+
+#ifdef CONFIG_HOTPLUG_CPU
+static void __cpuinit uv_heartbeat_disable(int cpu)
+{
+        if (uv_cpu_hub_info(cpu)->scir.enabled) {
+                uv_cpu_hub_info(cpu)->scir.enabled = 0;
+                del_timer(&uv_cpu_hub_info(cpu)->scir.timer);
+        }
+        uv_set_cpu_scir_bits(cpu, 0xff);
+}
+
+/*
+ * cpu hotplug notifier
+ */
+static __cpuinit int uv_scir_cpu_notify(struct notifier_block *self,
+                                       unsigned long action, void *hcpu)
+{
+        long cpu = (long)hcpu;
+
+        switch (action) {
+        case CPU_ONLINE:
+                uv_heartbeat_enable(cpu);
+                break;
+        case CPU_DOWN_PREPARE:
+                uv_heartbeat_disable(cpu);
+                break;
+        default:
+                break;
+        }
+        return NOTIFY_OK;
+}
+
+static __init void uv_scir_register_cpu_notifier(void)
+{
+        hotcpu_notifier(uv_scir_cpu_notify, 0);
+}
+
+#else /* !CONFIG_HOTPLUG_CPU */
+
+static __init void uv_scir_register_cpu_notifier(void)
+{
+}
+
+static __init int uv_init_heartbeat(void)
+{
+        int cpu;
+
+        if (is_uv_system())
+                for_each_online_cpu(cpu)
+                        uv_heartbeat_enable(cpu);
+        return 0;
+}
+
+late_initcall(uv_init_heartbeat);
+
+#endif /* !CONFIG_HOTPLUG_CPU */
+
+/*
  * Called on each cpu to initialize the per_cpu UV data area.
  *      ZZZ hotplug not supported yet
  */
@@ -455,7 +556,7 @@ void __init uv_system_init(void)
 
         uv_bios_init();
         uv_bios_get_sn_info(0, &uv_type, &sn_partition_id,
-                            &uv_coherency_id, &uv_region_size);
+                            &sn_coherency_id, &sn_region_size);
         uv_rtc_init();
 
         for_each_present_cpu(cpu) {
@@ -466,8 +567,7 @@ void __init uv_system_init(void)
                 uv_blade_info[blade].nr_possible_cpus++;
 
                 uv_cpu_hub_info(cpu)->lowmem_remap_base = lowmem_redir_base;
-                uv_cpu_hub_info(cpu)->lowmem_remap_top =
-                                        lowmem_redir_base + lowmem_redir_size;
+                uv_cpu_hub_info(cpu)->lowmem_remap_top = lowmem_redir_size;
                 uv_cpu_hub_info(cpu)->m_val = m_val;
                 uv_cpu_hub_info(cpu)->n_val = m_val;
                 uv_cpu_hub_info(cpu)->numa_blade_id = blade;
@@ -477,7 +577,8 @@ void __init uv_system_init(void)
                 uv_cpu_hub_info(cpu)->gpa_mask = (1 << (m_val + n_val)) - 1;
                 uv_cpu_hub_info(cpu)->gnode_upper = gnode_upper;
                 uv_cpu_hub_info(cpu)->global_mmr_base = mmr_base;
-                uv_cpu_hub_info(cpu)->coherency_domain_number = uv_coherency_id;
+                uv_cpu_hub_info(cpu)->coherency_domain_number = sn_coherency_id;
+                uv_cpu_hub_info(cpu)->scir.offset = SCIR_LOCAL_MMR_BASE + lcpu;
                 uv_node_to_blade[nid] = blade;
                 uv_cpu_to_blade[cpu] = blade;
                 max_pnode = max(pnode, max_pnode);
@@ -494,4 +595,6 @@ void __init uv_system_init(void)
         map_mmioh_high(max_pnode);
 
         uv_cpu_init();
+        uv_scir_register_cpu_notifier();
+        proc_mkdir("sgi_uv", NULL);
 }
diff --git a/arch/x86/kernel/head.c b/arch/x86/kernel/head.c
index 1dcb0f13897e..3e66bd364a9d 100644
--- a/arch/x86/kernel/head.c
+++ b/arch/x86/kernel/head.c
@@ -35,7 +35,6 @@ void __init reserve_ebda_region(void)
 
         /* start of EBDA area */
         ebda_addr = get_bios_ebda();
-        printk(KERN_INFO "BIOS EBDA/lowmem at: %08x/%08x\n", ebda_addr, lowmem);
 
         /* Fixup: bios puts an EBDA in the top 64K segment */
         /* of conventional memory, but does not adjust lowmem. */
diff --git a/arch/x86/kernel/head32.c b/arch/x86/kernel/head32.c
index fa1d25dd83e3..ac108d1fe182 100644
--- a/arch/x86/kernel/head32.c
+++ b/arch/x86/kernel/head32.c
@@ -12,9 +12,12 @@
 #include <asm/sections.h>
 #include <asm/e820.h>
 #include <asm/bios_ebda.h>
+#include <asm/trampoline.h>
 
 void __init i386_start_kernel(void)
 {
+        reserve_trampoline_memory();
+
         reserve_early(__pa_symbol(&_text), __pa_symbol(&_end), "TEXT DATA BSS");
 
 #ifdef CONFIG_BLK_DEV_INITRD
diff --git a/arch/x86/kernel/head64.c b/arch/x86/kernel/head64.c
index d16084f90649..388e05a5fc17 100644
--- a/arch/x86/kernel/head64.c
+++ b/arch/x86/kernel/head64.c
@@ -24,6 +24,7 @@
 #include <asm/kdebug.h>
 #include <asm/e820.h>
 #include <asm/bios_ebda.h>
+#include <asm/trampoline.h>
 
 /* boot cpu pda */
 static struct x8664_pda _boot_cpu_pda __read_mostly;
@@ -120,6 +121,8 @@ void __init x86_64_start_reservations(char *real_mode_data)
 {
         copy_bootdata(__va(real_mode_data));
 
+        reserve_trampoline_memory();
+
         reserve_early(__pa_symbol(&_text), __pa_symbol(&_end), "TEXT DATA BSS");
 
 #ifdef CONFIG_BLK_DEV_INITRD
diff --git a/arch/x86/kernel/hpet.c b/arch/x86/kernel/hpet.c
index e76d7e272974..cd759ad90690 100644
--- a/arch/x86/kernel/hpet.c
+++ b/arch/x86/kernel/hpet.c
@@ -33,7 +33,9 @@
  * HPET address is set in acpi/boot.c, when an ACPI entry exists
  */
 unsigned long                           hpet_address;
-unsigned long                           hpet_num_timers;
+#ifdef CONFIG_PCI_MSI
+static unsigned long                    hpet_num_timers;
+#endif
 static void __iomem                     *hpet_virt_address;
 
 struct hpet_dev {
@@ -811,7 +813,7 @@ int __init hpet_enable(void)
 
 out_nohpet:
         hpet_clear_mapping();
-        boot_hpet_disable = 1;
+        hpet_address = 0;
         return 0;
 }
 
@@ -834,10 +836,11 @@ static __init int hpet_late_init(void)
 
                 hpet_address = force_hpet_address;
                 hpet_enable();
-                if (!hpet_virt_address)
-                        return -ENODEV;
         }
 
+        if (!hpet_virt_address)
+                return -ENODEV;
+
         hpet_reserve_platform_timers(hpet_readl(HPET_ID));
 
         for_each_online_cpu(cpu) {
diff --git a/arch/x86/kernel/init_task.c b/arch/x86/kernel/init_task.c
index a4f93b4120c1..d39918076bb4 100644
--- a/arch/x86/kernel/init_task.c
+++ b/arch/x86/kernel/init_task.c
@@ -14,7 +14,6 @@ static struct fs_struct init_fs = INIT_FS;
 static struct signal_struct init_signals = INIT_SIGNALS(init_signals);
 static struct sighand_struct init_sighand = INIT_SIGHAND(init_sighand);
 struct mm_struct init_mm = INIT_MM(init_mm);
-EXPORT_UNUSED_SYMBOL(init_mm); /* will be removed in 2.6.26 */
 
 /*
  * Initial thread structure.
diff --git a/arch/x86/kernel/io_apic.c b/arch/x86/kernel/io_apic.c
index 1cbf7c8d46e0..3e070bb961d7 100644
--- a/arch/x86/kernel/io_apic.c
+++ b/arch/x86/kernel/io_apic.c
@@ -2472,10 +2472,9 @@ static void set_ir_ioapic_affinity_irq(unsigned int irq,
 asmlinkage void smp_irq_move_cleanup_interrupt(void)
 {
         unsigned vector, me;
+
         ack_APIC_irq();
-#ifdef CONFIG_X86_64
         exit_idle();
-#endif
         irq_enter();
 
         me = smp_processor_id();
@@ -2520,7 +2519,7 @@ static void irq_complete_move(struct irq_desc **descp)
                 if (likely(!cfg->move_desc_pending))
                         return;
 
-                /* domain is not change, but affinity is changed */
+                /* domain has not changed, but affinity did */
                 me = smp_processor_id();
                 if (cpu_isset(me, desc->affinity)) {
                         *descp = desc = move_irq_desc(desc, me);
diff --git a/arch/x86/kernel/irq_64.c b/arch/x86/kernel/irq_64.c
index fca2991443f5..6383d50f82ea 100644
--- a/arch/x86/kernel/irq_64.c
+++ b/arch/x86/kernel/irq_64.c
@@ -13,12 +13,12 @@
 #include <linux/seq_file.h>
 #include <linux/module.h>
 #include <linux/delay.h>
+#include <linux/ftrace.h>
 #include <asm/uaccess.h>
 #include <asm/io_apic.h>
 #include <asm/idle.h>
 #include <asm/smp.h>
 
-#ifdef CONFIG_DEBUG_STACKOVERFLOW
 /*
  * Probabilistic stack overflow check:
  *
@@ -28,26 +28,25 @@
  */
 static inline void stack_overflow_check(struct pt_regs *regs)
 {
+#ifdef CONFIG_DEBUG_STACKOVERFLOW
         u64 curbase = (u64)task_stack_page(current);
-        static unsigned long warned = -60*HZ;
-
-        if (regs->sp >= curbase && regs->sp <= curbase + THREAD_SIZE &&
-            regs->sp <  curbase + sizeof(struct thread_info) + 128 &&
-            time_after(jiffies, warned + 60*HZ)) {
-                printk("do_IRQ: %s near stack overflow (cur:%Lx,sp:%lx)\n",
-                       current->comm, curbase, regs->sp);
-                show_stack(NULL,NULL);
-                warned = jiffies;
-        }
-}
+
+        WARN_ONCE(regs->sp >= curbase &&
+                  regs->sp <= curbase + THREAD_SIZE &&
+                  regs->sp <  curbase + sizeof(struct thread_info) +
+                                        sizeof(struct pt_regs) + 128,
+
+                  "do_IRQ: %s near stack overflow (cur:%Lx,sp:%lx)\n",
+                        current->comm, curbase, regs->sp);
 #endif
+}
 
 /*
  * do_IRQ handles all normal device IRQ's (the special
  * SMP cross-CPU interrupts have their own specific
  * handlers).
  */
-asmlinkage unsigned int do_IRQ(struct pt_regs *regs)
+asmlinkage unsigned int __irq_entry do_IRQ(struct pt_regs *regs)
 {
         struct pt_regs *old_regs = set_irq_regs(regs);
         struct irq_desc *desc;
@@ -60,9 +59,7 @@ asmlinkage unsigned int do_IRQ(struct pt_regs *regs)
         irq_enter();
         irq = __get_cpu_var(vector_irq)[vector];
 
-#ifdef CONFIG_DEBUG_STACKOVERFLOW
         stack_overflow_check(regs);
-#endif
 
         desc = irq_to_desc(irq);
         if (likely(desc))
diff --git a/arch/x86/kernel/irqinit_32.c b/arch/x86/kernel/irqinit_32.c
index 61aa2a1004b5..84723295f88a 100644
--- a/arch/x86/kernel/irqinit_32.c
+++ b/arch/x86/kernel/irqinit_32.c
@@ -140,7 +140,7 @@ void __init native_init_IRQ(void)
         for (i =  FIRST_EXTERNAL_VECTOR; i < NR_VECTORS; i++) {
                 /* SYSCALL_VECTOR was reserved in trap_init. */
                 if (i != SYSCALL_VECTOR)
-                        set_intr_gate(i, interrupt[i]);
+                        set_intr_gate(i, interrupt[i-FIRST_EXTERNAL_VECTOR]);
         }
 
 
diff --git a/arch/x86/kernel/irqinit_64.c b/arch/x86/kernel/irqinit_64.c
index 1020919efe1c..31ebfe38e96c 100644
--- a/arch/x86/kernel/irqinit_64.c
+++ b/arch/x86/kernel/irqinit_64.c
@@ -24,41 +24,6 @@
 #include <asm/i8259.h>
 
 /*
- * Common place to define all x86 IRQ vectors
- *
- * This builds up the IRQ handler stubs using some ugly macros in irq.h
- *
- * These macros create the low-level assembly IRQ routines that save
- * register context and call do_IRQ(). do_IRQ() then does all the
- * operations that are needed to keep the AT (or SMP IOAPIC)
- * interrupt-controller happy.
- */
-
-#define IRQ_NAME2(nr) nr##_interrupt(void)
-#define IRQ_NAME(nr) IRQ_NAME2(IRQ##nr)
-
-/*
- *      SMP has a few special interrupts for IPI messages
- */
-
-#define BUILD_IRQ(nr)                           \
-        asmlinkage void IRQ_NAME(nr);           \
-        asm("\n.text\n.p2align\n"               \
-            "IRQ" #nr "_interrupt:\n\t"         \
-            "push $~(" #nr ") ; "               \
-            "jmp common_interrupt\n"            \
-            ".previous");
-
-#define BI(x,y) \
-        BUILD_IRQ(x##y)
-
-#define BUILD_16_IRQS(x) \
-        BI(x,0) BI(x,1) BI(x,2) BI(x,3) \
-        BI(x,4) BI(x,5) BI(x,6) BI(x,7) \
-        BI(x,8) BI(x,9) BI(x,a) BI(x,b) \
-        BI(x,c) BI(x,d) BI(x,e) BI(x,f)
-
-/*
  * ISA PIC or low IO-APIC triggered (INTA-cycle or APIC) interrupts:
  * (these are usually mapped to vectors 0x30-0x3f)
  */
@@ -73,37 +38,6 @@
  *
  * (these are usually mapped into the 0x30-0xff vector range)
  */
-                                      BUILD_16_IRQS(0x2) BUILD_16_IRQS(0x3)
-BUILD_16_IRQS(0x4) BUILD_16_IRQS(0x5) BUILD_16_IRQS(0x6) BUILD_16_IRQS(0x7)
-BUILD_16_IRQS(0x8) BUILD_16_IRQS(0x9) BUILD_16_IRQS(0xa) BUILD_16_IRQS(0xb)
-BUILD_16_IRQS(0xc) BUILD_16_IRQS(0xd) BUILD_16_IRQS(0xe) BUILD_16_IRQS(0xf)
-
-#undef BUILD_16_IRQS
-#undef BI
-
-
-#define IRQ(x,y) \
-        IRQ##x##y##_interrupt
-
-#define IRQLIST_16(x) \
-        IRQ(x,0), IRQ(x,1), IRQ(x,2), IRQ(x,3), \
-        IRQ(x,4), IRQ(x,5), IRQ(x,6), IRQ(x,7), \
-        IRQ(x,8), IRQ(x,9), IRQ(x,a), IRQ(x,b), \
-        IRQ(x,c), IRQ(x,d), IRQ(x,e), IRQ(x,f)
-
-/* for the irq vectors */
-static void (*__initdata interrupt[NR_VECTORS - FIRST_EXTERNAL_VECTOR])(void) = {
-                                          IRQLIST_16(0x2), IRQLIST_16(0x3),
-        IRQLIST_16(0x4), IRQLIST_16(0x5), IRQLIST_16(0x6), IRQLIST_16(0x7),
-        IRQLIST_16(0x8), IRQLIST_16(0x9), IRQLIST_16(0xa), IRQLIST_16(0xb),
-        IRQLIST_16(0xc), IRQLIST_16(0xd), IRQLIST_16(0xe), IRQLIST_16(0xf)
-};
-
-#undef IRQ
-#undef IRQLIST_16
-
-
-
 
 /*
  * IRQ2 is cascade interrupt to second interrupt controller
diff --git a/arch/x86/kernel/microcode_amd.c b/arch/x86/kernel/microcode_amd.c
index 5f8e5d75a254..c25fdb382292 100644
--- a/arch/x86/kernel/microcode_amd.c
+++ b/arch/x86/kernel/microcode_amd.c
@@ -10,7 +10,7 @@
  *  This driver allows to upgrade microcode on AMD
  *  family 0x10 and 0x11 processors.
  *
- *  Licensed unter the terms of the GNU General Public
+ *  Licensed under the terms of the GNU General Public
  *  License version 2. See file COPYING for details.
 */
 
@@ -32,9 +32,9 @@
 #include <linux/platform_device.h>
 #include <linux/pci.h>
 #include <linux/pci_ids.h>
+#include <linux/uaccess.h>
 
 #include <asm/msr.h>
-#include <asm/uaccess.h>
 #include <asm/processor.h>
 #include <asm/microcode.h>
 
@@ -47,43 +47,38 @@ MODULE_LICENSE("GPL v2");
 #define UCODE_UCODE_TYPE           0x00000001
 
 struct equiv_cpu_entry {
-        unsigned int installed_cpu;
-        unsigned int fixed_errata_mask;
-        unsigned int fixed_errata_compare;
-        unsigned int equiv_cpu;
-};
+        u32     installed_cpu;
+        u32     fixed_errata_mask;
+        u32     fixed_errata_compare;
+        u16     equiv_cpu;
+        u16     res;
+} __attribute__((packed));
 
 struct microcode_header_amd {
-        unsigned int  data_code;
-        unsigned int  patch_id;
-        unsigned char mc_patch_data_id[2];
-        unsigned char mc_patch_data_len;
-        unsigned char init_flag;
-        unsigned int  mc_patch_data_checksum;
-        unsigned int  nb_dev_id;
-        unsigned int  sb_dev_id;
-        unsigned char processor_rev_id[2];
-        unsigned char nb_rev_id;
-        unsigned char sb_rev_id;
-        unsigned char bios_api_rev;
-        unsigned char reserved1[3];
-        unsigned int  match_reg[8];
-};
+        u32     data_code;
+        u32     patch_id;
+        u16     mc_patch_data_id;
+        u8      mc_patch_data_len;
+        u8      init_flag;
+        u32     mc_patch_data_checksum;
+        u32     nb_dev_id;
+        u32     sb_dev_id;
+        u16     processor_rev_id;
+        u8      nb_rev_id;
+        u8      sb_rev_id;
+        u8      bios_api_rev;
+        u8      reserved1[3];
+        u32     match_reg[8];
+} __attribute__((packed));
 
 struct microcode_amd {
         struct microcode_header_amd hdr;
         unsigned int mpb[0];
 };
 
-#define UCODE_MAX_SIZE          (2048)
-#define DEFAULT_UCODE_DATASIZE  (896)
-#define MC_HEADER_SIZE          (sizeof(struct microcode_header_amd))
-#define DEFAULT_UCODE_TOTALSIZE (DEFAULT_UCODE_DATASIZE + MC_HEADER_SIZE)
-#define DWSIZE                  (sizeof(u32))
-/* For now we support a fixed ucode total size only */
-#define get_totalsize(mc) \
-        ((((struct microcode_amd *)mc)->hdr.mc_patch_data_len * 28) \
-         + MC_HEADER_SIZE)
+#define UCODE_MAX_SIZE                  2048
+#define UCODE_CONTAINER_SECTION_HDR     8
+#define UCODE_CONTAINER_HEADER_SIZE     12
 
 /* serialize access to the physical write */
 static DEFINE_SPINLOCK(microcode_update_lock);
@@ -93,31 +88,24 @@ static struct equiv_cpu_entry *equiv_cpu_table;
 static int collect_cpu_info_amd(int cpu, struct cpu_signature *csig)
 {
         struct cpuinfo_x86 *c = &cpu_data(cpu);
+        u32 dummy;
 
         memset(csig, 0, sizeof(*csig));
-
         if (c->x86_vendor != X86_VENDOR_AMD || c->x86 < 0x10) {
-                printk(KERN_ERR "microcode: CPU%d not a capable AMD processor\n",
-                       cpu);
+                printk(KERN_WARNING "microcode: CPU%d: AMD CPU family 0x%x not "
+                       "supported\n", cpu, c->x86);
                 return -1;
         }
-
-        asm volatile("movl %1, %%ecx; rdmsr"
-                     : "=a" (csig->rev)
-                     : "i" (0x0000008B) : "ecx");
-
-        printk(KERN_INFO "microcode: collect_cpu_info_amd : patch_id=0x%x\n",
-                csig->rev);
-
+        rdmsr(MSR_AMD64_PATCH_LEVEL, csig->rev, dummy);
+        printk(KERN_INFO "microcode: CPU%d: patch_level=0x%x\n", cpu, csig->rev);
         return 0;
 }
 
 static int get_matching_microcode(int cpu, void *mc, int rev)
 {
         struct microcode_header_amd *mc_header = mc;
-        struct pci_dev *nb_pci_dev, *sb_pci_dev;
         unsigned int current_cpu_id;
-        unsigned int equiv_cpu_id = 0x00;
+        u16 equiv_cpu_id = 0;
         unsigned int i = 0;
 
         BUG_ON(equiv_cpu_table == NULL);
@@ -132,57 +120,25 @@ static int get_matching_microcode(int cpu, void *mc, int rev)
         }
 
         if (!equiv_cpu_id) {
-                printk(KERN_ERR "microcode: CPU%d cpu_id "
-                       "not found in equivalent cpu table \n", cpu);
+                printk(KERN_WARNING "microcode: CPU%d: cpu revision "
+                       "not listed in equivalent cpu table\n", cpu);
                 return 0;
         }
 
-        if ((mc_header->processor_rev_id[0]) != (equiv_cpu_id & 0xff)) {
-                printk(KERN_ERR
-                        "microcode: CPU%d patch does not match "
-                        "(patch is %x, cpu extended is %x) \n",
-                        cpu, mc_header->processor_rev_id[0],
-                        (equiv_cpu_id & 0xff));
+        if (mc_header->processor_rev_id != equiv_cpu_id) {
+                printk(KERN_ERR "microcode: CPU%d: patch mismatch "
+                       "(processor_rev_id: %x, equiv_cpu_id: %x)\n",
+                       cpu, mc_header->processor_rev_id, equiv_cpu_id);
                 return 0;
         }
 
-        if ((mc_header->processor_rev_id[1]) != ((equiv_cpu_id >> 16) & 0xff)) {
-                printk(KERN_ERR "microcode: CPU%d patch does not match "
-                        "(patch is %x, cpu base id is %x) \n",
-                        cpu, mc_header->processor_rev_id[1],
-                        ((equiv_cpu_id >> 16) & 0xff));
-
+        /* ucode might be chipset specific -- currently we don't support this */
+        if (mc_header->nb_dev_id || mc_header->sb_dev_id) {
+                printk(KERN_ERR "microcode: CPU%d: loading of chipset "
+                       "specific code not yet supported\n", cpu);
                 return 0;
         }
 
-        /* ucode may be northbridge specific */
-        if (mc_header->nb_dev_id) {
-                nb_pci_dev = pci_get_device(PCI_VENDOR_ID_AMD,
-                                            (mc_header->nb_dev_id & 0xff),
-                                            NULL);
-                if ((!nb_pci_dev) ||
-                    (mc_header->nb_rev_id != nb_pci_dev->revision)) {
-                        printk(KERN_ERR "microcode: CPU%d NB mismatch \n", cpu);
-                        pci_dev_put(nb_pci_dev);
-                        return 0;
-                }
-                pci_dev_put(nb_pci_dev);
-        }
-
-        /* ucode may be southbridge specific */
-        if (mc_header->sb_dev_id) {
-                sb_pci_dev = pci_get_device(PCI_VENDOR_ID_AMD,
-                                            (mc_header->sb_dev_id & 0xff),
-                                            NULL);
-                if ((!sb_pci_dev) ||
-                    (mc_header->sb_rev_id != sb_pci_dev->revision)) {
-                        printk(KERN_ERR "microcode: CPU%d SB mismatch \n", cpu);
-                        pci_dev_put(sb_pci_dev);
-                        return 0;
-                }
-                pci_dev_put(sb_pci_dev);
-        }
-
         if (mc_header->patch_id <= rev)
                 return 0;
 
@@ -192,12 +148,10 @@ static int get_matching_microcode(int cpu, void *mc, int rev)
 static void apply_microcode_amd(int cpu)
 {
         unsigned long flags;
-        unsigned int eax, edx;
-        unsigned int rev;
+        u32 rev, dummy;
         int cpu_num = raw_smp_processor_id();
         struct ucode_cpu_info *uci = ucode_cpu_info + cpu_num;
         struct microcode_amd *mc_amd = uci->mc;
-        unsigned long addr;
 
         /* We should bind the task to the CPU */
         BUG_ON(cpu_num != cpu);
@@ -206,42 +160,34 @@ static void apply_microcode_amd(int cpu)
                 return;
 
         spin_lock_irqsave(&microcode_update_lock, flags);
-
-        addr = (unsigned long)&mc_amd->hdr.data_code;
-        edx = (unsigned int)(((unsigned long)upper_32_bits(addr)));
-        eax = (unsigned int)(((unsigned long)lower_32_bits(addr)));
-
-        asm volatile("movl %0, %%ecx; wrmsr" :
-                     : "i" (0xc0010020), "a" (eax), "d" (edx) : "ecx");
-
+        wrmsrl(MSR_AMD64_PATCH_LOADER, (u64)(long)&mc_amd->hdr.data_code);
         /* get patch id after patching */
-        asm volatile("movl %1, %%ecx; rdmsr"
-                     : "=a" (rev)
-                     : "i" (0x0000008B) : "ecx");
-
+        rdmsr(MSR_AMD64_PATCH_LEVEL, rev, dummy);
         spin_unlock_irqrestore(&microcode_update_lock, flags);
 
         /* check current patch id and patch's id for match */
         if (rev != mc_amd->hdr.patch_id) {
-                printk(KERN_ERR "microcode: CPU%d update from revision "
-                       "0x%x to 0x%x failed\n", cpu_num,
-                       mc_amd->hdr.patch_id, rev);
+                printk(KERN_ERR "microcode: CPU%d: update failed "
+                       "(for patch_level=0x%x)\n", cpu, mc_amd->hdr.patch_id);
                 return;
         }
 
-        printk(KERN_INFO "microcode: CPU%d updated from revision "
-               "0x%x to 0x%x \n",
-               cpu_num, uci->cpu_sig.rev, mc_amd->hdr.patch_id);
+        printk(KERN_INFO "microcode: CPU%d: updated (new patch_level=0x%x)\n",
+               cpu, rev);
 
         uci->cpu_sig.rev = rev;
 }
 
-static void * get_next_ucode(u8 *buf, unsigned int size,
-                        int (*get_ucode_data)(void *, const void *, size_t),
-                        unsigned int *mc_size)
+static int get_ucode_data(void *to, const u8 *from, size_t n)
+{
+        memcpy(to, from, n);
+        return 0;
+}
+
+static void *get_next_ucode(const u8 *buf, unsigned int size,
+                            unsigned int *mc_size)
 {
         unsigned int total_size;
-#define UCODE_CONTAINER_SECTION_HDR     8
         u8 section_hdr[UCODE_CONTAINER_SECTION_HDR];
         void *mc;
 
@@ -249,39 +195,37 @@ static void * get_next_ucode(u8 *buf, unsigned int size,
                 return NULL;
 
         if (section_hdr[0] != UCODE_UCODE_TYPE) {
-                printk(KERN_ERR "microcode: error! "
-                       "Wrong microcode payload type field\n");
+                printk(KERN_ERR "microcode: error: invalid type field in "
+                       "container file section header\n");
                 return NULL;
         }
 
         total_size = (unsigned long) (section_hdr[4] + (section_hdr[5] << 8));
 
-        printk(KERN_INFO "microcode: size %u, total_size %u\n",
-                size, total_size);
+        printk(KERN_DEBUG "microcode: size %u, total_size %u\n",
+               size, total_size);
 
         if (total_size > size || total_size > UCODE_MAX_SIZE) {
-                printk(KERN_ERR "microcode: error! Bad data in microcode data file\n");
+                printk(KERN_ERR "microcode: error: size mismatch\n");
                 return NULL;
         }
 
         mc = vmalloc(UCODE_MAX_SIZE);
         if (mc) {
                 memset(mc, 0, UCODE_MAX_SIZE);
-                if (get_ucode_data(mc, buf + UCODE_CONTAINER_SECTION_HDR, total_size)) {
+                if (get_ucode_data(mc, buf + UCODE_CONTAINER_SECTION_HDR,
+                                   total_size)) {
                         vfree(mc);
                         mc = NULL;
                 } else
                         *mc_size = total_size + UCODE_CONTAINER_SECTION_HDR;
         }
-#undef UCODE_CONTAINER_SECTION_HDR
         return mc;
 }
 
 
-static int install_equiv_cpu_table(u8 *buf,
-                int (*get_ucode_data)(void *, const void *, size_t))
+static int install_equiv_cpu_table(const u8 *buf)
 {
-#define UCODE_CONTAINER_HEADER_SIZE     12
         u8 *container_hdr[UCODE_CONTAINER_HEADER_SIZE];
         unsigned int *buf_pos = (unsigned int *)container_hdr;
         unsigned long size;
@@ -292,14 +236,15 @@ static int install_equiv_cpu_table(u8 *buf,
         size = buf_pos[2];
 
         if (buf_pos[1] != UCODE_EQUIV_CPU_TABLE_TYPE || !size) {
-                printk(KERN_ERR "microcode: error! "
-                       "Wrong microcode equivalnet cpu table\n");
+                printk(KERN_ERR "microcode: error: invalid type field in "
+                       "container file section header\n");
                 return 0;
         }
 
         equiv_cpu_table = (struct equiv_cpu_entry *) vmalloc(size);
         if (!equiv_cpu_table) {
-                printk(KERN_ERR "microcode: error, can't allocate memory for equiv CPU table\n");
+                printk(KERN_ERR "microcode: failed to allocate "
+                       "equivalent CPU table\n");
                 return 0;
         }
 
@@ -310,7 +255,6 @@ static int install_equiv_cpu_table(u8 *buf,
         }
 
         return size + UCODE_CONTAINER_HEADER_SIZE; /* add header length */
-#undef UCODE_CONTAINER_HEADER_SIZE
 }
 
 static void free_equiv_cpu_table(void)
@@ -321,18 +265,20 @@ static void free_equiv_cpu_table(void)
         }
 }
 
-static int generic_load_microcode(int cpu, void *data, size_t size,
-                int (*get_ucode_data)(void *, const void *, size_t))
+static int generic_load_microcode(int cpu, const u8 *data, size_t size)
 {
         struct ucode_cpu_info *uci = ucode_cpu_info + cpu;
-        u8 *ucode_ptr = data, *new_mc = NULL, *mc;
+        const u8 *ucode_ptr = data;
+        void *new_mc = NULL;
+        void *mc;
         int new_rev = uci->cpu_sig.rev;
         unsigned int leftover;
         unsigned long offset;
 
-        offset = install_equiv_cpu_table(ucode_ptr, get_ucode_data);
+        offset = install_equiv_cpu_table(ucode_ptr);
         if (!offset) {
-                printk(KERN_ERR "microcode: installing equivalent cpu table failed\n");
+                printk(KERN_ERR "microcode: failed to create "
+                       "equivalent cpu table\n");
                 return -EINVAL;
         }
 
@@ -343,7 +289,7 @@ static int generic_load_microcode(int cpu, void *data, size_t size,
                 unsigned int uninitialized_var(mc_size);
                 struct microcode_header_amd *mc_header;
 
-                mc = get_next_ucode(ucode_ptr, leftover, get_ucode_data, &mc_size);
+                mc = get_next_ucode(ucode_ptr, leftover, &mc_size);
                 if (!mc)
                         break;
 
@@ -353,7 +299,7 @@ static int generic_load_microcode(int cpu, void *data, size_t size,
                                 vfree(new_mc);
                         new_rev = mc_header->patch_id;
                         new_mc  = mc;
-                } else 
+                } else
                         vfree(mc);
 
                 ucode_ptr += mc_size;
@@ -365,9 +311,9 @@ static int generic_load_microcode(int cpu, void *data, size_t size,
                         if (uci->mc)
                                 vfree(uci->mc);
                         uci->mc = new_mc;
-                        pr_debug("microcode: CPU%d found a matching microcode update with"
-                                " version 0x%x (current=0x%x)\n",
-                                cpu, new_rev, uci->cpu_sig.rev);
+                        pr_debug("microcode: CPU%d found a matching microcode "
+                                 "update with version 0x%x (current=0x%x)\n",
+                                 cpu, new_rev, uci->cpu_sig.rev);
                 } else
                         vfree(new_mc);
         }
@@ -377,12 +323,6 @@ static int generic_load_microcode(int cpu, void *data, size_t size,
         return (int)leftover;
 }
 
-static int get_ucode_fw(void *to, const void *from, size_t n)
-{
-        memcpy(to, from, n);
-        return 0;
-}
-
 static int request_microcode_fw(int cpu, struct device *device)
 {
         const char *fw_name = "amd-ucode/microcode_amd.bin";
@@ -394,12 +334,11 @@ static int request_microcode_fw(int cpu, struct device *device)
 
         ret = request_firmware(&firmware, fw_name, device);
         if (ret) {
-                printk(KERN_ERR "microcode: ucode data file %s load failed\n", fw_name);
+                printk(KERN_ERR "microcode: failed to load file %s\n", fw_name);
                 return ret;
         }
 
-        ret = generic_load_microcode(cpu, (void*)firmware->data, firmware->size,
-                        &get_ucode_fw);
+        ret = generic_load_microcode(cpu, firmware->data, firmware->size);
 
         release_firmware(firmware);
 
@@ -408,8 +347,8 @@ static int request_microcode_fw(int cpu, struct device *device)
 
 static int request_microcode_user(int cpu, const void __user *buf, size_t size)
 {
-        printk(KERN_WARNING "microcode: AMD microcode update via /dev/cpu/microcode"
-                        "is not supported\n");
+        printk(KERN_INFO "microcode: AMD microcode update via "
+               "/dev/cpu/microcode not supported\n");
         return -1;
 }
 
@@ -433,3 +372,4 @@ struct microcode_ops * __init init_amd_microcode(void)
 {
         return &microcode_amd_ops;
 }
+
diff --git a/arch/x86/kernel/microcode_core.c b/arch/x86/kernel/microcode_core.c
index 82fb2809ce32..c9b721ba968c 100644
--- a/arch/x86/kernel/microcode_core.c
+++ b/arch/x86/kernel/microcode_core.c
@@ -99,7 +99,7 @@ MODULE_LICENSE("GPL");
 
 #define MICROCODE_VERSION       "2.00"
 
-struct microcode_ops *microcode_ops;
+static struct microcode_ops *microcode_ops;
 
 /* no concurrent ->write()s are allowed on /dev/cpu/microcode */
 static DEFINE_MUTEX(microcode_mutex);
@@ -203,7 +203,7 @@ MODULE_ALIAS_MISCDEV(MICROCODE_MINOR);
 #endif
 
 /* fake device for request_firmware */
-struct platform_device *microcode_pdev;
+static struct platform_device *microcode_pdev;
 
 static ssize_t reload_store(struct sys_device *dev,
                             struct sysdev_attribute *attr,
@@ -272,13 +272,18 @@ static struct attribute_group mc_attr_group = {
         .name = "microcode",
 };
 
-static void microcode_fini_cpu(int cpu)
+static void __microcode_fini_cpu(int cpu)
 {
         struct ucode_cpu_info *uci = ucode_cpu_info + cpu;
 
-        mutex_lock(&microcode_mutex);
         microcode_ops->microcode_fini_cpu(cpu);
         uci->valid = 0;
+}
+
+static void microcode_fini_cpu(int cpu)
+{
+        mutex_lock(&microcode_mutex);
+        __microcode_fini_cpu(cpu);
         mutex_unlock(&microcode_mutex);
 }
 
@@ -306,12 +311,16 @@ static int microcode_resume_cpu(int cpu)
          * to this cpu (a bit of paranoia):
          */
         if (microcode_ops->collect_cpu_info(cpu, &nsig)) {
-                microcode_fini_cpu(cpu);
+                __microcode_fini_cpu(cpu);
+                printk(KERN_ERR "failed to collect_cpu_info for resuming cpu #%d\n",
+                                cpu);
                 return -1;
         }
 
-        if (memcmp(&nsig, &uci->cpu_sig, sizeof(nsig))) {
-                microcode_fini_cpu(cpu);
+        if ((nsig.sig != uci->cpu_sig.sig) || (nsig.pf != uci->cpu_sig.pf)) {
+                __microcode_fini_cpu(cpu);
+                printk(KERN_ERR "cached ucode doesn't match the resuming cpu #%d\n",
+                                cpu);
                 /* Should we look for a new ucode here? */
                 return 1;
         }
@@ -319,7 +328,7 @@ static int microcode_resume_cpu(int cpu)
         return 0;
 }
 
-void microcode_update_cpu(int cpu)
+static void microcode_update_cpu(int cpu)
 {
         struct ucode_cpu_info *uci = ucode_cpu_info + cpu;
         int err = 0;
diff --git a/arch/x86/kernel/microcode_intel.c b/arch/x86/kernel/microcode_intel.c
index 622dc4a21784..b7f4c929e615 100644
--- a/arch/x86/kernel/microcode_intel.c
+++ b/arch/x86/kernel/microcode_intel.c
@@ -155,6 +155,7 @@ static DEFINE_SPINLOCK(microcode_update_lock);
 static int collect_cpu_info(int cpu_num, struct cpu_signature *csig)
 {
         struct cpuinfo_x86 *c = &cpu_data(cpu_num);
+        unsigned long flags;
         unsigned int val[2];
 
         memset(csig, 0, sizeof(*csig));
@@ -174,11 +175,16 @@ static int collect_cpu_info(int cpu_num, struct cpu_signature *csig)
                 csig->pf = 1 << ((val[1] >> 18) & 7);
         }
 
+        /* serialize access to the physical write to MSR 0x79 */
+        spin_lock_irqsave(&microcode_update_lock, flags);
+
         wrmsr(MSR_IA32_UCODE_REV, 0, 0);
         /* see notes above for revision 1.07.  Apparent chip bug */
         sync_core();
         /* get the current revision from MSR 0x8B */
         rdmsr(MSR_IA32_UCODE_REV, val[0], csig->rev);
+        spin_unlock_irqrestore(&microcode_update_lock, flags);
+
         pr_debug("microcode: collect_cpu_info : sig=0x%x, pf=0x%x, rev=0x%x\n",
                         csig->sig, csig->pf, csig->rev);
 
@@ -465,7 +471,7 @@ static void microcode_fini_cpu(int cpu)
         uci->mc = NULL;
 }
 
-struct microcode_ops microcode_intel_ops = {
+static struct microcode_ops microcode_intel_ops = {
         .request_microcode_user           = request_microcode_user,
         .request_microcode_fw             = request_microcode_fw,
         .collect_cpu_info                 = collect_cpu_info,
diff --git a/arch/x86/kernel/nmi.c b/arch/x86/kernel/nmi.c
index 13316cf57cdb..8bd1bf9622a7 100644
--- a/arch/x86/kernel/nmi.c
+++ b/arch/x86/kernel/nmi.c
@@ -208,12 +208,17 @@ static int __init setup_nmi_watchdog(char *str)
                 ++str;
         }
 
-        get_option(&str, &nmi);
-
-        if (nmi >= NMI_INVALID)
-                return 0;
+        if (!strncmp(str, "lapic", 5))
+                nmi_watchdog = NMI_LOCAL_APIC;
+        else if (!strncmp(str, "ioapic", 6))
+                nmi_watchdog = NMI_IO_APIC;
+        else {
+                get_option(&str, &nmi);
+                if (nmi >= NMI_INVALID)
+                        return 0;
+                nmi_watchdog = nmi;
+        }
 
-        nmi_watchdog = nmi;
         return 1;
 }
 __setup("nmi_watchdog=", setup_nmi_watchdog);
diff --git a/arch/x86/kernel/pci-dma.c b/arch/x86/kernel/pci-dma.c
index 192624820217..19a1044a0cd9 100644
--- a/arch/x86/kernel/pci-dma.c
+++ b/arch/x86/kernel/pci-dma.c
@@ -6,6 +6,7 @@
 #include <asm/proto.h>
 #include <asm/dma.h>
 #include <asm/iommu.h>
+#include <asm/gart.h>
 #include <asm/calgary.h>
 #include <asm/amd_iommu.h>
 
@@ -30,11 +31,6 @@ int no_iommu __read_mostly;
 /* Set this to 1 if there is a HW IOMMU in the system */
 int iommu_detected __read_mostly = 0;
 
-/* This tells the BIO block layer to assume merging. Default to off
-   because we cannot guarantee merging later. */
-int iommu_bio_merge __read_mostly = 0;
-EXPORT_SYMBOL(iommu_bio_merge);
-
 dma_addr_t bad_dma_address __read_mostly = 0;
 EXPORT_SYMBOL(bad_dma_address);
 
@@ -105,11 +101,15 @@ static void __init dma32_free_bootmem(void)
         dma32_bootmem_ptr = NULL;
         dma32_bootmem_size = 0;
 }
+#endif
 
 void __init pci_iommu_alloc(void)
 {
+#ifdef CONFIG_X86_64
         /* free the range so iommu could get some range less than 4G */
         dma32_free_bootmem();
+#endif
+
         /*
          * The order of these functions is important for
          * fall-back/fail-over reasons
@@ -125,15 +125,6 @@ void __init pci_iommu_alloc(void)
         pci_swiotlb_init();
 }
 
-unsigned long iommu_nr_pages(unsigned long addr, unsigned long len)
-{
-        unsigned long size = roundup((addr & ~PAGE_MASK) + len, PAGE_SIZE);
-
-        return size >> PAGE_SHIFT;
-}
-EXPORT_SYMBOL(iommu_nr_pages);
-#endif
-
 void *dma_generic_alloc_coherent(struct device *dev, size_t size,
                                  dma_addr_t *dma_addr, gfp_t flag)
 {
@@ -188,7 +179,6 @@ static __init int iommu_setup(char *p)
                 }
 
                 if (!strncmp(p, "biomerge", 8)) {
-                        iommu_bio_merge = 4096;
                         iommu_merge = 1;
                         force_iommu = 1;
                 }
@@ -300,8 +290,8 @@ fs_initcall(pci_iommu_init);
 static __devinit void via_no_dac(struct pci_dev *dev)
 {
         if ((dev->class >> 8) == PCI_CLASS_BRIDGE_PCI && forbid_dac == 0) {
-                printk(KERN_INFO "PCI: VIA PCI bridge detected."
-                                 "Disabling DAC.\n");
+                printk(KERN_INFO
+                        "PCI: VIA PCI bridge detected. Disabling DAC.\n");
                 forbid_dac = 1;
         }
 }
diff --git a/arch/x86/kernel/pci-gart_64.c b/arch/x86/kernel/pci-gart_64.c
index ba7ad83e20a8..a35eaa379ff6 100644
--- a/arch/x86/kernel/pci-gart_64.c
+++ b/arch/x86/kernel/pci-gart_64.c
@@ -745,10 +745,8 @@ void __init gart_iommu_init(void)
         unsigned long scratch;
         long i;
 
-        if (cache_k8_northbridges() < 0 || num_k8_northbridges == 0) {
-                printk(KERN_INFO "PCI-GART: No AMD GART found.\n");
+        if (cache_k8_northbridges() < 0 || num_k8_northbridges == 0)
                 return;
-        }
 
 #ifndef CONFIG_AGP_AMD64
         no_agp = 1;
diff --git a/arch/x86/kernel/pci-swiotlb_64.c b/arch/x86/kernel/pci-swiotlb_64.c
index 3c539d111abb..242c3440687f 100644
--- a/arch/x86/kernel/pci-swiotlb_64.c
+++ b/arch/x86/kernel/pci-swiotlb_64.c
@@ -3,6 +3,8 @@
 #include <linux/pci.h>
 #include <linux/cache.h>
 #include <linux/module.h>
+#include <linux/swiotlb.h>
+#include <linux/bootmem.h>
 #include <linux/dma-mapping.h>
 
 #include <asm/iommu.h>
@@ -11,6 +13,31 @@
 
 int swiotlb __read_mostly;
 
+void *swiotlb_alloc_boot(size_t size, unsigned long nslabs)
+{
+        return alloc_bootmem_low_pages(size);
+}
+
+void *swiotlb_alloc(unsigned order, unsigned long nslabs)
+{
+        return (void *)__get_free_pages(GFP_DMA | __GFP_NOWARN, order);
+}
+
+dma_addr_t swiotlb_phys_to_bus(phys_addr_t paddr)
+{
+        return paddr;
+}
+
+phys_addr_t swiotlb_bus_to_phys(dma_addr_t baddr)
+{
+        return baddr;
+}
+
+int __weak swiotlb_arch_range_needs_mapping(void *ptr, size_t size)
+{
+        return 0;
+}
+
 static dma_addr_t
 swiotlb_map_single_phys(struct device *hwdev, phys_addr_t paddr, size_t size,
                         int direction)
@@ -50,8 +77,10 @@ struct dma_mapping_ops swiotlb_dma_ops = {
 void __init pci_swiotlb_init(void)
 {
         /* don't initialize swiotlb if iommu=off (no_iommu=1) */
+#ifdef CONFIG_X86_64
         if (!iommu_detected && !no_iommu && max_pfn > MAX_DMA32_PFN)
                swiotlb = 1;
+#endif
         if (swiotlb_force)
                 swiotlb = 1;
         if (swiotlb) {
diff --git a/arch/x86/kernel/process.c b/arch/x86/kernel/process.c
index 95d811a9594f..e68bb9e30864 100644
--- a/arch/x86/kernel/process.c
+++ b/arch/x86/kernel/process.c
@@ -1,6 +1,7 @@
 #include <linux/errno.h>
 #include <linux/kernel.h>
 #include <linux/mm.h>
+#include <asm/idle.h>
 #include <linux/smp.h>
 #include <linux/slab.h>
 #include <linux/sched.h>
@@ -302,7 +303,7 @@ static void c1e_idle(void)
                 rdmsr(MSR_K8_INT_PENDING_MSG, lo, hi);
                 if (lo & K8_INTP_C1E_ACTIVE_MASK) {
                         c1e_detected = 1;
-                        if (!boot_cpu_has(X86_FEATURE_CONSTANT_TSC))
+                        if (!boot_cpu_has(X86_FEATURE_NONSTOP_TSC))
                                 mark_tsc_unstable("TSC halt in AMD C1E");
                         printk(KERN_INFO "System has AMD C1E enabled\n");
                         set_cpu_cap(&boot_cpu_data, X86_FEATURE_AMDC1E);
diff --git a/arch/x86/kernel/process_32.c b/arch/x86/kernel/process_32.c
index 24c2276aa453..3ba155d24884 100644
--- a/arch/x86/kernel/process_32.c
+++ b/arch/x86/kernel/process_32.c
@@ -60,6 +60,7 @@
 #include <asm/idle.h>
 #include <asm/syscalls.h>
 #include <asm/smp.h>
+#include <asm/ds.h>
 
 asmlinkage void ret_from_fork(void) __asm__("ret_from_fork");
 
@@ -251,14 +252,8 @@ void exit_thread(void)
                 tss->x86_tss.io_bitmap_base = INVALID_IO_BITMAP_OFFSET;
                 put_cpu();
         }
-#ifdef CONFIG_X86_DS
-        /* Free any DS contexts that have not been properly released. */
-        if (unlikely(current->thread.ds_ctx)) {
-                /* we clear debugctl to make sure DS is not used. */
-                update_debugctlmsr(0);
-                ds_free(current->thread.ds_ctx);
-        }
-#endif /* CONFIG_X86_DS */
+
+        ds_exit_thread(current);
 }
 
 void flush_thread(void)
@@ -340,6 +335,12 @@ int copy_thread(int nr, unsigned long clone_flags, unsigned long sp,
                 kfree(p->thread.io_bitmap_ptr);
                 p->thread.io_bitmap_max = 0;
         }
+
+        ds_copy_thread(p, current);
+
+        clear_tsk_thread_flag(p, TIF_DEBUGCTLMSR);
+        p->thread.debugctlmsr = 0;
+
         return err;
 }
 
@@ -420,48 +421,19 @@ int set_tsc_mode(unsigned int val)
         return 0;
 }
 
-#ifdef CONFIG_X86_DS
-static int update_debugctl(struct thread_struct *prev,
-                        struct thread_struct *next, unsigned long debugctl)
-{
-        unsigned long ds_prev = 0;
-        unsigned long ds_next = 0;
-
-        if (prev->ds_ctx)
-                ds_prev = (unsigned long)prev->ds_ctx->ds;
-        if (next->ds_ctx)
-                ds_next = (unsigned long)next->ds_ctx->ds;
-
-        if (ds_next != ds_prev) {
-                /* we clear debugctl to make sure DS
-                 * is not in use when we change it */
-                debugctl = 0;
-                update_debugctlmsr(0);
-                wrmsr(MSR_IA32_DS_AREA, ds_next, 0);
-        }
-        return debugctl;
-}
-#else
-static int update_debugctl(struct thread_struct *prev,
-                        struct thread_struct *next, unsigned long debugctl)
-{
-        return debugctl;
-}
-#endif /* CONFIG_X86_DS */
-
 static noinline void
 __switch_to_xtra(struct task_struct *prev_p, struct task_struct *next_p,
                  struct tss_struct *tss)
 {
         struct thread_struct *prev, *next;
-        unsigned long debugctl;
 
         prev = &prev_p->thread;
         next = &next_p->thread;
 
-        debugctl = update_debugctl(prev, next, prev->debugctlmsr);
-
-        if (next->debugctlmsr != debugctl)
+        if (test_tsk_thread_flag(next_p, TIF_DS_AREA_MSR) ||
+            test_tsk_thread_flag(prev_p, TIF_DS_AREA_MSR))
+                ds_switch_to(prev_p, next_p);
+        else if (next->debugctlmsr != prev->debugctlmsr)
                 update_debugctlmsr(next->debugctlmsr);
 
         if (test_tsk_thread_flag(next_p, TIF_DEBUG)) {
@@ -483,15 +455,6 @@ __switch_to_xtra(struct task_struct *prev_p, struct task_struct *next_p,
                         hard_enable_TSC();
         }
 
-#ifdef CONFIG_X86_PTRACE_BTS
-        if (test_tsk_thread_flag(prev_p, TIF_BTS_TRACE_TS))
-                ptrace_bts_take_timestamp(prev_p, BTS_TASK_DEPARTS);
-
-        if (test_tsk_thread_flag(next_p, TIF_BTS_TRACE_TS))
-                ptrace_bts_take_timestamp(next_p, BTS_TASK_ARRIVES);
-#endif /* CONFIG_X86_PTRACE_BTS */
-
-
         if (!test_tsk_thread_flag(next_p, TIF_IO_BITMAP)) {
                 /*
                  * Disable the bitmap via an invalid offset. We still cache
diff --git a/arch/x86/kernel/process_64.c b/arch/x86/kernel/process_64.c
index fbb321d53d34..416fb9282f4f 100644
--- a/arch/x86/kernel/process_64.c
+++ b/arch/x86/kernel/process_64.c
@@ -53,6 +53,7 @@
 #include <asm/ia32.h>
 #include <asm/idle.h>
 #include <asm/syscalls.h>
+#include <asm/ds.h>
 
 asmlinkage extern void ret_from_fork(void);
 
@@ -236,14 +237,8 @@ void exit_thread(void)
                 t->io_bitmap_max = 0;
                 put_cpu();
         }
-#ifdef CONFIG_X86_DS
-        /* Free any DS contexts that have not been properly released. */
-        if (unlikely(t->ds_ctx)) {
-                /* we clear debugctl to make sure DS is not used. */
-                update_debugctlmsr(0);
-                ds_free(t->ds_ctx);
-        }
-#endif /* CONFIG_X86_DS */
+
+        ds_exit_thread(current);
 }
 
 void flush_thread(void)
@@ -373,6 +368,12 @@ int copy_thread(int nr, unsigned long clone_flags, unsigned long sp,
                 if (err)
                         goto out;
         }
+
+        ds_copy_thread(p, me);
+
+        clear_tsk_thread_flag(p, TIF_DEBUGCTLMSR);
+        p->thread.debugctlmsr = 0;
+
         err = 0;
 out:
         if (err && p->thread.io_bitmap_ptr) {
@@ -471,35 +472,14 @@ static inline void __switch_to_xtra(struct task_struct *prev_p,
                                     struct tss_struct *tss)
 {
         struct thread_struct *prev, *next;
-        unsigned long debugctl;
 
         prev = &prev_p->thread,
         next = &next_p->thread;
 
-        debugctl = prev->debugctlmsr;
-
-#ifdef CONFIG_X86_DS
-        {
-                unsigned long ds_prev = 0, ds_next = 0;
-
-                if (prev->ds_ctx)
-                        ds_prev = (unsigned long)prev->ds_ctx->ds;
-                if (next->ds_ctx)
-                        ds_next = (unsigned long)next->ds_ctx->ds;
-
-                if (ds_next != ds_prev) {
-                        /*
-                         * We clear debugctl to make sure DS
-                         * is not in use when we change it:
-                         */
-                        debugctl = 0;
-                        update_debugctlmsr(0);
-                        wrmsrl(MSR_IA32_DS_AREA, ds_next);
-                }
-        }
-#endif /* CONFIG_X86_DS */
-
-        if (next->debugctlmsr != debugctl)
+        if (test_tsk_thread_flag(next_p, TIF_DS_AREA_MSR) ||
+            test_tsk_thread_flag(prev_p, TIF_DS_AREA_MSR))
+                ds_switch_to(prev_p, next_p);
+        else if (next->debugctlmsr != prev->debugctlmsr)
                 update_debugctlmsr(next->debugctlmsr);
 
         if (test_tsk_thread_flag(next_p, TIF_DEBUG)) {
@@ -534,14 +514,6 @@ static inline void __switch_to_xtra(struct task_struct *prev_p,
                  */
                 memset(tss->io_bitmap, 0xff, prev->io_bitmap_max);
         }
-
-#ifdef CONFIG_X86_PTRACE_BTS
-        if (test_tsk_thread_flag(prev_p, TIF_BTS_TRACE_TS))
-                ptrace_bts_take_timestamp(prev_p, BTS_TASK_DEPARTS);
-
-        if (test_tsk_thread_flag(next_p, TIF_BTS_TRACE_TS))
-                ptrace_bts_take_timestamp(next_p, BTS_TASK_ARRIVES);
-#endif /* CONFIG_X86_PTRACE_BTS */
 }
 
 /*
diff --git a/arch/x86/kernel/ptrace.c b/arch/x86/kernel/ptrace.c
index 2c8ec1ba75e6..0a5df5f82fb9 100644
--- a/arch/x86/kernel/ptrace.c
+++ b/arch/x86/kernel/ptrace.c
@@ -581,153 +581,91 @@ static int ioperm_get(struct task_struct *target,
 }
 
 #ifdef CONFIG_X86_PTRACE_BTS
-/*
- * The configuration for a particular BTS hardware implementation.
- */
-struct bts_configuration {
-        /* the size of a BTS record in bytes; at most BTS_MAX_RECORD_SIZE */
-        unsigned char  sizeof_bts;
-        /* the size of a field in the BTS record in bytes */
-        unsigned char  sizeof_field;
-        /* a bitmask to enable/disable BTS in DEBUGCTL MSR */
-        unsigned long debugctl_mask;
-};
-static struct bts_configuration bts_cfg;
-
-#define BTS_MAX_RECORD_SIZE (8 * 3)
-
-
-/*
- * Branch Trace Store (BTS) uses the following format. Different
- * architectures vary in the size of those fields.
- * - source linear address
- * - destination linear address
- * - flags
- *
- * Later architectures use 64bit pointers throughout, whereas earlier
- * architectures use 32bit pointers in 32bit mode.
- *
- * We compute the base address for the first 8 fields based on:
- * - the field size stored in the DS configuration
- * - the relative field position
- *
- * In order to store additional information in the BTS buffer, we use
- * a special source address to indicate that the record requires
- * special interpretation.
- *
- * Netburst indicated via a bit in the flags field whether the branch
- * was predicted; this is ignored.
- */
-
-enum bts_field {
-        bts_from = 0,
-        bts_to,
-        bts_flags,
-
-        bts_escape = (unsigned long)-1,
-        bts_qual = bts_to,
-        bts_jiffies = bts_flags
-};
-
-static inline unsigned long bts_get(const char *base, enum bts_field field)
-{
-        base += (bts_cfg.sizeof_field * field);
-        return *(unsigned long *)base;
-}
-
-static inline void bts_set(char *base, enum bts_field field, unsigned long val)
-{
-        base += (bts_cfg.sizeof_field * field);;
-        (*(unsigned long *)base) = val;
-}
-
-/*
- * Translate a BTS record from the raw format into the bts_struct format
- *
- * out (out): bts_struct interpretation
- * raw: raw BTS record
- */
-static void ptrace_bts_translate_record(struct bts_struct *out, const void *raw)
-{
-        memset(out, 0, sizeof(*out));
-        if (bts_get(raw, bts_from) == bts_escape) {
-                out->qualifier       = bts_get(raw, bts_qual);
-                out->variant.jiffies = bts_get(raw, bts_jiffies);
-        } else {
-                out->qualifier = BTS_BRANCH;
-                out->variant.lbr.from_ip = bts_get(raw, bts_from);
-                out->variant.lbr.to_ip   = bts_get(raw, bts_to);
-        }
-}
-
 static int ptrace_bts_read_record(struct task_struct *child, size_t index,
                                   struct bts_struct __user *out)
 {
-        struct bts_struct ret;
-        const void *bts_record;
-        size_t bts_index, bts_end;
+        const struct bts_trace *trace;
+        struct bts_struct bts;
+        const unsigned char *at;
         int error;
 
-        error = ds_get_bts_end(child->bts, &bts_end);
-        if (error < 0)
-                return error;
+        trace = ds_read_bts(child->bts);
+        if (!trace)
+                return -EPERM;
 
-        if (bts_end <= index)
-                return -EINVAL;
+        at = trace->ds.top - ((index + 1) * trace->ds.size);
+        if ((void *)at < trace->ds.begin)
+                at += (trace->ds.n * trace->ds.size);
 
-        error = ds_get_bts_index(child->bts, &bts_index);
-        if (error < 0)
-                return error;
-
-        /* translate the ptrace bts index into the ds bts index */
-        bts_index += bts_end - (index + 1);
-        if (bts_end <= bts_index)
-                bts_index -= bts_end;
+        if (!trace->read)
+                return -EOPNOTSUPP;
 
-        error = ds_access_bts(child->bts, bts_index, &bts_record);
+        error = trace->read(child->bts, at, &bts);
         if (error < 0)
                 return error;
 
-        ptrace_bts_translate_record(&ret, bts_record);
-
-        if (copy_to_user(out, &ret, sizeof(ret)))
+        if (copy_to_user(out, &bts, sizeof(bts)))
                 return -EFAULT;
 
-        return sizeof(ret);
+        return sizeof(bts);
 }
 
 static int ptrace_bts_drain(struct task_struct *child,
                             long size,
                             struct bts_struct __user *out)
 {
-        struct bts_struct ret;
-        const unsigned char *raw;
-        size_t end, i;
-        int error;
+        const struct bts_trace *trace;
+        const unsigned char *at;
+        int error, drained = 0;
 
-        error = ds_get_bts_index(child->bts, &end);
-        if (error < 0)
-                return error;
+        trace = ds_read_bts(child->bts);
+        if (!trace)
+                return -EPERM;
 
-        if (size < (end * sizeof(struct bts_struct)))
+        if (!trace->read)
+                return -EOPNOTSUPP;
+
+        if (size < (trace->ds.top - trace->ds.begin))
                 return -EIO;
 
-        error = ds_access_bts(child->bts, 0, (const void **)&raw);
-        if (error < 0)
-                return error;
+        for (at = trace->ds.begin; (void *)at < trace->ds.top;
+             out++, drained++, at += trace->ds.size) {
+                struct bts_struct bts;
+                int error;
 
-        for (i = 0; i < end; i++, out++, raw += bts_cfg.sizeof_bts) {
-                ptrace_bts_translate_record(&ret, raw);
+                error = trace->read(child->bts, at, &bts);
+                if (error < 0)
+                        return error;
 
-                if (copy_to_user(out, &ret, sizeof(ret)))
+                if (copy_to_user(out, &bts, sizeof(bts)))
                         return -EFAULT;
         }
 
-        error = ds_clear_bts(child->bts);
+        memset(trace->ds.begin, 0, trace->ds.n * trace->ds.size);
+
+        error = ds_reset_bts(child->bts);
         if (error < 0)
                 return error;
 
-        return end;
+        return drained;
+}
+
+static int ptrace_bts_allocate_buffer(struct task_struct *child, size_t size)
+{
+        child->bts_buffer = alloc_locked_buffer(size);
+        if (!child->bts_buffer)
+                return -ENOMEM;
+
+        child->bts_size = size;
+
+        return 0;
+}
+
+static void ptrace_bts_free_buffer(struct task_struct *child)
+{
+        free_locked_buffer(child->bts_buffer, child->bts_size);
+        child->bts_buffer = NULL;
+        child->bts_size = 0;
 }
 
 static int ptrace_bts_config(struct task_struct *child,
@@ -735,136 +673,86 @@ static int ptrace_bts_config(struct task_struct *child,
                              const struct ptrace_bts_config __user *ucfg)
 {
         struct ptrace_bts_config cfg;
-        int error = 0;
-
-        error = -EOPNOTSUPP;
-        if (!bts_cfg.sizeof_bts)
-                goto errout;
+        unsigned int flags = 0;
 
-        error = -EIO;
         if (cfg_size < sizeof(cfg))
-                goto errout;
+                return -EIO;
 
-        error = -EFAULT;
         if (copy_from_user(&cfg, ucfg, sizeof(cfg)))
-                goto errout;
-
-        error = -EINVAL;
-        if ((cfg.flags & PTRACE_BTS_O_SIGNAL) &&
-            !(cfg.flags & PTRACE_BTS_O_ALLOC))
-                goto errout;
-
-        if (cfg.flags & PTRACE_BTS_O_ALLOC) {
-                bts_ovfl_callback_t ovfl = NULL;
-                unsigned int sig = 0;
-
-                error = -EINVAL;
-                if (cfg.size < (10 * bts_cfg.sizeof_bts))
-                        goto errout;
+                return -EFAULT;
 
-                if (cfg.flags & PTRACE_BTS_O_SIGNAL) {
-                        if (!cfg.signal)
-                                goto errout;
+        if (child->bts) {
+                ds_release_bts(child->bts);
+                child->bts = NULL;
+        }
 
-                        error = -EOPNOTSUPP;
-                        goto errout;
+        if (cfg.flags & PTRACE_BTS_O_SIGNAL) {
+                if (!cfg.signal)
+                        return -EINVAL;
 
-                        sig  = cfg.signal;
-                }
+                return -EOPNOTSUPP;
 
-                if (child->bts) {
-                        (void)ds_release_bts(child->bts);
-                        kfree(child->bts_buffer);
+                child->thread.bts_ovfl_signal = cfg.signal;
+        }
 
-                        child->bts = NULL;
-                        child->bts_buffer = NULL;
-                }
+        if ((cfg.flags & PTRACE_BTS_O_ALLOC) &&
+            (cfg.size != child->bts_size)) {
+                int error;
 
-                error = -ENOMEM;
-                child->bts_buffer = kzalloc(cfg.size, GFP_KERNEL);
-                if (!child->bts_buffer)
-                        goto errout;
-
-                child->bts = ds_request_bts(child, child->bts_buffer, cfg.size,
-                                            ovfl, /* th = */ (size_t)-1);
-                if (IS_ERR(child->bts)) {
-                        error = PTR_ERR(child->bts);
-                        kfree(child->bts_buffer);
-                        child->bts = NULL;
-                        child->bts_buffer = NULL;
-                        goto errout;
-                }
+                ptrace_bts_free_buffer(child);
 
-                child->thread.bts_ovfl_signal = sig;
+                error = ptrace_bts_allocate_buffer(child, cfg.size);
+                if (error < 0)
+                        return error;
         }
 
-        error = -EINVAL;
-        if (!child->thread.ds_ctx && cfg.flags)
-                goto errout;
-
         if (cfg.flags & PTRACE_BTS_O_TRACE)
-                child->thread.debugctlmsr |= bts_cfg.debugctl_mask;
-        else
-                child->thread.debugctlmsr &= ~bts_cfg.debugctl_mask;
+                flags |= BTS_USER;
 
         if (cfg.flags & PTRACE_BTS_O_SCHED)
-                set_tsk_thread_flag(child, TIF_BTS_TRACE_TS);
-        else
-                clear_tsk_thread_flag(child, TIF_BTS_TRACE_TS);
+                flags |= BTS_TIMESTAMPS;
 
-        error = sizeof(cfg);
+        child->bts = ds_request_bts(child, child->bts_buffer, child->bts_size,
+                                    /* ovfl = */ NULL, /* th = */ (size_t)-1,
+                                    flags);
+        if (IS_ERR(child->bts)) {
+                int error = PTR_ERR(child->bts);
 
-out:
-        if (child->thread.debugctlmsr)
-                set_tsk_thread_flag(child, TIF_DEBUGCTLMSR);
-        else
-                clear_tsk_thread_flag(child, TIF_DEBUGCTLMSR);
+                ptrace_bts_free_buffer(child);
+                child->bts = NULL;
 
-        return error;
+                return error;
+        }
 
-errout:
-        child->thread.debugctlmsr &= ~bts_cfg.debugctl_mask;
-        clear_tsk_thread_flag(child, TIF_BTS_TRACE_TS);
-        goto out;
+        return sizeof(cfg);
 }
 
 static int ptrace_bts_status(struct task_struct *child,
                              long cfg_size,
                              struct ptrace_bts_config __user *ucfg)
 {
+        const struct bts_trace *trace;
         struct ptrace_bts_config cfg;
-        size_t end;
-        const void *base, *max;
-        int error;
 
         if (cfg_size < sizeof(cfg))
                 return -EIO;
 
-        error = ds_get_bts_end(child->bts, &end);
-        if (error < 0)
-                return error;
-
-        error = ds_access_bts(child->bts, /* index = */ 0, &base);
-        if (error < 0)
-                return error;
-
-        error = ds_access_bts(child->bts, /* index = */ end, &max);
-        if (error < 0)
-                return error;
+        trace = ds_read_bts(child->bts);
+        if (!trace)
+                return -EPERM;
 
         memset(&cfg, 0, sizeof(cfg));
-        cfg.size = (max - base);
+        cfg.size = trace->ds.end - trace->ds.begin;
         cfg.signal = child->thread.bts_ovfl_signal;
         cfg.bts_size = sizeof(struct bts_struct);
 
         if (cfg.signal)
                 cfg.flags |= PTRACE_BTS_O_SIGNAL;
 
-        if (test_tsk_thread_flag(child, TIF_DEBUGCTLMSR) &&
-            child->thread.debugctlmsr & bts_cfg.debugctl_mask)
+        if (trace->ds.flags & BTS_USER)
                 cfg.flags |= PTRACE_BTS_O_TRACE;
 
-        if (test_tsk_thread_flag(child, TIF_BTS_TRACE_TS))
+        if (trace->ds.flags & BTS_TIMESTAMPS)
                 cfg.flags |= PTRACE_BTS_O_SCHED;
 
         if (copy_to_user(ucfg, &cfg, sizeof(cfg)))
@@ -873,106 +761,77 @@ static int ptrace_bts_status(struct task_struct *child,
         return sizeof(cfg);
 }
 
-static int ptrace_bts_write_record(struct task_struct *child,
-                                   const struct bts_struct *in)
+static int ptrace_bts_clear(struct task_struct *child)
 {
-        unsigned char bts_record[BTS_MAX_RECORD_SIZE];
+        const struct bts_trace *trace;
 
-        BUG_ON(BTS_MAX_RECORD_SIZE < bts_cfg.sizeof_bts);
+        trace = ds_read_bts(child->bts);
+        if (!trace)
+                return -EPERM;
 
-        memset(bts_record, 0, bts_cfg.sizeof_bts);
-        switch (in->qualifier) {
-        case BTS_INVALID:
-                break;
+        memset(trace->ds.begin, 0, trace->ds.n * trace->ds.size);
 
-        case BTS_BRANCH:
-                bts_set(bts_record, bts_from, in->variant.lbr.from_ip);
-                bts_set(bts_record, bts_to,   in->variant.lbr.to_ip);
-                break;
+        return ds_reset_bts(child->bts);
+}
 
-        case BTS_TASK_ARRIVES:
-        case BTS_TASK_DEPARTS:
-                bts_set(bts_record, bts_from,    bts_escape);
-                bts_set(bts_record, bts_qual,    in->qualifier);
-                bts_set(bts_record, bts_jiffies, in->variant.jiffies);
-                break;
+static int ptrace_bts_size(struct task_struct *child)
+{
+        const struct bts_trace *trace;
 
-        default:
-                return -EINVAL;
-        }
+        trace = ds_read_bts(child->bts);
+        if (!trace)
+                return -EPERM;
 
-        return ds_write_bts(child->bts, bts_record, bts_cfg.sizeof_bts);
+        return (trace->ds.top - trace->ds.begin) / trace->ds.size;
 }
 
-void ptrace_bts_take_timestamp(struct task_struct *tsk,
-                               enum bts_qualifier qualifier)
+static void ptrace_bts_fork(struct task_struct *tsk)
 {
-        struct bts_struct rec = {
-                .qualifier = qualifier,
-                .variant.jiffies = jiffies_64
-        };
-
-        ptrace_bts_write_record(tsk, &rec);
+        tsk->bts = NULL;
+        tsk->bts_buffer = NULL;
+        tsk->bts_size = 0;
+        tsk->thread.bts_ovfl_signal = 0;
 }
 
-static const struct bts_configuration bts_cfg_netburst = {
-        .sizeof_bts    = sizeof(long) * 3,
-        .sizeof_field  = sizeof(long),
-        .debugctl_mask = (1<<2)|(1<<3)|(1<<5)
-};
+static void ptrace_bts_untrace(struct task_struct *child)
+{
+        if (unlikely(child->bts)) {
+                ds_release_bts(child->bts);
+                child->bts = NULL;
 
-static const struct bts_configuration bts_cfg_pentium_m = {
-        .sizeof_bts    = sizeof(long) * 3,
-        .sizeof_field  = sizeof(long),
-        .debugctl_mask = (1<<6)|(1<<7)
-};
+                /* We cannot update total_vm and locked_vm since
+                   child's mm is already gone. But we can reclaim the
+                   memory. */
+                kfree(child->bts_buffer);
+                child->bts_buffer = NULL;
+                child->bts_size = 0;
+        }
+}
 
-static const struct bts_configuration bts_cfg_core2 = {
-        .sizeof_bts    = 8 * 3,
-        .sizeof_field  = 8,
-        .debugctl_mask = (1<<6)|(1<<7)|(1<<9)
-};
+static void ptrace_bts_detach(struct task_struct *child)
+{
+        if (unlikely(child->bts)) {
+                ds_release_bts(child->bts);
+                child->bts = NULL;
 
-static inline void bts_configure(const struct bts_configuration *cfg)
+                ptrace_bts_free_buffer(child);
+        }
+}
+#else
+static inline void ptrace_bts_fork(struct task_struct *tsk) {}
+static inline void ptrace_bts_detach(struct task_struct *child) {}
+static inline void ptrace_bts_untrace(struct task_struct *child) {}
+#endif /* CONFIG_X86_PTRACE_BTS */
+
+void x86_ptrace_fork(struct task_struct *child, unsigned long clone_flags)
 {
-        bts_cfg = *cfg;
+        ptrace_bts_fork(child);
 }
 
-void __cpuinit ptrace_bts_init_intel(struct cpuinfo_x86 *c)
+void x86_ptrace_untrace(struct task_struct *child)
 {
-        switch (c->x86) {
-        case 0x6:
-                switch (c->x86_model) {
-                case 0 ... 0xC:
-                        /* sorry, don't know about them */
-                        break;
-                case 0xD:
-                case 0xE: /* Pentium M */
-                        bts_configure(&bts_cfg_pentium_m);
-                        break;
-                default: /* Core2, Atom, ... */
-                        bts_configure(&bts_cfg_core2);
-                        break;
-                }
-                break;
-        case 0xF:
-                switch (c->x86_model) {
-                case 0x0:
-                case 0x1:
-                case 0x2: /* Netburst */
-                        bts_configure(&bts_cfg_netburst);
-                        break;
-                default:
-                        /* sorry, don't know about them */
-                        break;
-                }
-                break;
-        default:
-                /* sorry, don't know about them */
-                break;
-        }
+        ptrace_bts_untrace(child);
 }
-#endif /* CONFIG_X86_PTRACE_BTS */
 
 /*
  * Called by kernel/ptrace.c when detaching..
@@ -985,19 +844,7 @@ void ptrace_disable(struct task_struct *child)
 #ifdef TIF_SYSCALL_EMU
         clear_tsk_thread_flag(child, TIF_SYSCALL_EMU);
 #endif
-#ifdef CONFIG_X86_PTRACE_BTS
-        if (child->bts) {
-                (void)ds_release_bts(child->bts);
-                kfree(child->bts_buffer);
-                child->bts_buffer = NULL;
-
-                child->thread.debugctlmsr &= ~bts_cfg.debugctl_mask;
-                if (!child->thread.debugctlmsr)
-                        clear_tsk_thread_flag(child, TIF_DEBUGCTLMSR);
-
-                clear_tsk_thread_flag(child, TIF_BTS_TRACE_TS);
-        }
-#endif /* CONFIG_X86_PTRACE_BTS */
+        ptrace_bts_detach(child);
 }
 
 #if defined CONFIG_X86_32 || defined CONFIG_IA32_EMULATION
@@ -1128,16 +975,9 @@ long arch_ptrace(struct task_struct *child, long request, long addr, long data)
                         (child, data, (struct ptrace_bts_config __user *)addr);
                 break;
 
-        case PTRACE_BTS_SIZE: {
-                size_t size;
-
-                ret = ds_get_bts_index(child->bts, &size);
-                if (ret == 0) {
-                        BUG_ON(size != (int) size);
-                        ret = (int) size;
-                }
+        case PTRACE_BTS_SIZE:
+                ret = ptrace_bts_size(child);
                 break;
-        }
 
         case PTRACE_BTS_GET:
                 ret = ptrace_bts_read_record
@@ -1145,7 +985,7 @@ long arch_ptrace(struct task_struct *child, long request, long addr, long data)
                 break;
 
         case PTRACE_BTS_CLEAR:
-                ret = ds_clear_bts(child->bts);
+                ret = ptrace_bts_clear(child);
                 break;
 
         case PTRACE_BTS_DRAIN:
@@ -1408,6 +1248,14 @@ long compat_arch_ptrace(struct task_struct *child, compat_long_t request,
 
         case PTRACE_GET_THREAD_AREA:
         case PTRACE_SET_THREAD_AREA:
+#ifdef CONFIG_X86_PTRACE_BTS
+        case PTRACE_BTS_CONFIG:
+        case PTRACE_BTS_STATUS:
+        case PTRACE_BTS_SIZE:
+        case PTRACE_BTS_GET:
+        case PTRACE_BTS_CLEAR:
+        case PTRACE_BTS_DRAIN:
+#endif /* CONFIG_X86_PTRACE_BTS */
                 return arch_ptrace(child, request, addr, data);
 
         default:
diff --git a/arch/x86/kernel/quirks.c b/arch/x86/kernel/quirks.c
index 67465ed89310..309949e9e1c1 100644
--- a/arch/x86/kernel/quirks.c
+++ b/arch/x86/kernel/quirks.c
@@ -168,6 +168,8 @@ DECLARE_PCI_FIXUP_HEADER(PCI_VENDOR_ID_INTEL, PCI_DEVICE_ID_INTEL_ICH7_31,
                          ich_force_enable_hpet);
 DECLARE_PCI_FIXUP_HEADER(PCI_VENDOR_ID_INTEL, PCI_DEVICE_ID_INTEL_ICH8_1,
                          ich_force_enable_hpet);
+DECLARE_PCI_FIXUP_HEADER(PCI_VENDOR_ID_INTEL, PCI_DEVICE_ID_INTEL_ICH8_4,
+                         ich_force_enable_hpet);
 DECLARE_PCI_FIXUP_HEADER(PCI_VENDOR_ID_INTEL, PCI_DEVICE_ID_INTEL_ICH9_7,
                          ich_force_enable_hpet);
 
diff --git a/arch/x86/kernel/setup.c b/arch/x86/kernel/setup.c
index 32fe42f26e79..ae0d8042cf69 100644
--- a/arch/x86/kernel/setup.c
+++ b/arch/x86/kernel/setup.c
@@ -93,11 +93,13 @@
 #include <asm/desc.h>
 #include <asm/dma.h>
 #include <asm/iommu.h>
+#include <asm/gart.h>
 #include <asm/mmu_context.h>
 #include <asm/proto.h>
 
 #include <mach_apic.h>
 #include <asm/paravirt.h>
+#include <asm/hypervisor.h>
 
 #include <asm/percpu.h>
 #include <asm/topology.h>
@@ -448,6 +450,7 @@ static void __init reserve_early_setup_data(void)
  * @size: Size of the crashkernel memory to reserve.
  * Returns the base address on success, and -1ULL on failure.
  */
+static
 unsigned long long __init find_and_reserve_crashkernel(unsigned long long size)
 {
         const unsigned long long alignment = 16<<20;    /* 16M */
@@ -600,157 +603,7 @@ static struct x86_quirks default_x86_quirks __initdata = {
 
 struct x86_quirks *x86_quirks __initdata = &default_x86_quirks;
 
-/*
- * Some BIOSes seem to corrupt the low 64k of memory during events
- * like suspend/resume and unplugging an HDMI cable.  Reserve all
- * remaining free memory in that area and fill it with a distinct
- * pattern.
- */
-#ifdef CONFIG_X86_CHECK_BIOS_CORRUPTION
-#define MAX_SCAN_AREAS  8
-
-static int __read_mostly memory_corruption_check = -1;
-
-static unsigned __read_mostly corruption_check_size = 64*1024;
-static unsigned __read_mostly corruption_check_period = 60; /* seconds */
-
-static struct e820entry scan_areas[MAX_SCAN_AREAS];
-static int num_scan_areas;
-
-
-static int set_corruption_check(char *arg)
-{
-        char *end;
-
-        memory_corruption_check = simple_strtol(arg, &end, 10);
-
-        return (*end == 0) ? 0 : -EINVAL;
-}
-early_param("memory_corruption_check", set_corruption_check);
-
-static int set_corruption_check_period(char *arg)
-{
-        char *end;
-
-        corruption_check_period = simple_strtoul(arg, &end, 10);
-
-        return (*end == 0) ? 0 : -EINVAL;
-}
-early_param("memory_corruption_check_period", set_corruption_check_period);
-
-static int set_corruption_check_size(char *arg)
-{
-        char *end;
-        unsigned size;
-
-        size = memparse(arg, &end);
-
-        if (*end == '\0')
-                corruption_check_size = size;
-
-        return (size == corruption_check_size) ? 0 : -EINVAL;
-}
-early_param("memory_corruption_check_size", set_corruption_check_size);
-
-
-static void __init setup_bios_corruption_check(void)
-{
-        u64 addr = PAGE_SIZE;   /* assume first page is reserved anyway */
-
-        if (memory_corruption_check == -1) {
-                memory_corruption_check =
-#ifdef CONFIG_X86_BOOTPARAM_MEMORY_CORRUPTION_CHECK
-                        1
-#else
-                        0
-#endif
-                        ;
-        }
-
-        if (corruption_check_size == 0)
-                memory_corruption_check = 0;
-
-        if (!memory_corruption_check)
-                return;
-
-        corruption_check_size = round_up(corruption_check_size, PAGE_SIZE);
-
-        while(addr < corruption_check_size && num_scan_areas < MAX_SCAN_AREAS) {
-                u64 size;
-                addr = find_e820_area_size(addr, &size, PAGE_SIZE);
-
-                if (addr == 0)
-                        break;
-
-                if ((addr + size) > corruption_check_size)
-                        size = corruption_check_size - addr;
-
-                if (size == 0)
-                        break;
-
-                e820_update_range(addr, size, E820_RAM, E820_RESERVED);
-                scan_areas[num_scan_areas].addr = addr;
-                scan_areas[num_scan_areas].size = size;
-                num_scan_areas++;
-
-                /* Assume we've already mapped this early memory */
-                memset(__va(addr), 0, size);
-
-                addr += size;
-        }
-
-        printk(KERN_INFO "Scanning %d areas for low memory corruption\n",
-               num_scan_areas);
-        update_e820();
-}
-
-static struct timer_list periodic_check_timer;
-
-void check_for_bios_corruption(void)
-{
-        int i;
-        int corruption = 0;
-
-        if (!memory_corruption_check)
-                return;
-
-        for(i = 0; i < num_scan_areas; i++) {
-                unsigned long *addr = __va(scan_areas[i].addr);
-                unsigned long size = scan_areas[i].size;
-
-                for(; size; addr++, size -= sizeof(unsigned long)) {
-                        if (!*addr)
-                                continue;
-                        printk(KERN_ERR "Corrupted low memory at %p (%lx phys) = %08lx\n",
-                               addr, __pa(addr), *addr);
-                        corruption = 1;
-                        *addr = 0;
-                }
-        }
-
-        WARN(corruption, KERN_ERR "Memory corruption detected in low memory\n");
-}
-
-static void periodic_check_for_corruption(unsigned long data)
-{
-        check_for_bios_corruption();
-        mod_timer(&periodic_check_timer, round_jiffies(jiffies + corruption_check_period*HZ));
-}
-
-void start_periodic_check_for_corruption(void)
-{
-        if (!memory_corruption_check || corruption_check_period == 0)
-                return;
-
-        printk(KERN_INFO "Scanning for low memory corruption every %d seconds\n",
-               corruption_check_period);
-
-        init_timer(&periodic_check_timer);
-        periodic_check_timer.function = &periodic_check_for_corruption;
-        periodic_check_for_corruption(0);
-}
-#endif
-
+#ifdef CONFIG_X86_RESERVE_LOW_64K
 static int __init dmi_low_memory_corruption(const struct dmi_system_id *d)
 {
         printk(KERN_NOTICE
@@ -762,6 +615,7 @@ static int __init dmi_low_memory_corruption(const struct dmi_system_id *d)
 
         return 0;
 }
+#endif
 
 /* List of systems that have known low memory corruption BIOS problems */
 static struct dmi_system_id __initdata bad_bios_dmi_table[] = {
@@ -920,6 +774,12 @@ void __init setup_arch(char **cmdline_p)
 
         dmi_check_system(bad_bios_dmi_table);
 
+        /*
+         * VMware detection requires dmi to be available, so this
+         * needs to be done after dmi_scan_machine, for the BP.
+         */
+        init_hypervisor(&boot_cpu_data);
+
 #ifdef CONFIG_X86_32
         probe_roms();
 #endif
diff --git a/arch/x86/kernel/setup_percpu.c b/arch/x86/kernel/setup_percpu.c
index 0b63b08e7530..49f3f709ee1f 100644
--- a/arch/x86/kernel/setup_percpu.c
+++ b/arch/x86/kernel/setup_percpu.c
@@ -339,25 +339,25 @@ static const cpumask_t cpu_mask_none;
 /*
  * Returns a pointer to the bitmask of CPUs on Node 'node'.
  */
-const cpumask_t *_node_to_cpumask_ptr(int node)
+const cpumask_t *cpumask_of_node(int node)
 {
         if (node_to_cpumask_map == NULL) {
                 printk(KERN_WARNING
-                        "_node_to_cpumask_ptr(%d): no node_to_cpumask_map!\n",
+                        "cpumask_of_node(%d): no node_to_cpumask_map!\n",
                         node);
                 dump_stack();
                 return (const cpumask_t *)&cpu_online_map;
         }
         if (node >= nr_node_ids) {
                 printk(KERN_WARNING
-                        "_node_to_cpumask_ptr(%d): node > nr_node_ids(%d)\n",
+                        "cpumask_of_node(%d): node > nr_node_ids(%d)\n",
                         node, nr_node_ids);
                 dump_stack();
                 return &cpu_mask_none;
         }
         return &node_to_cpumask_map[node];
 }
-EXPORT_SYMBOL(_node_to_cpumask_ptr);
+EXPORT_SYMBOL(cpumask_of_node);
 
 /*
  * Returns a bitmask of CPUs on Node 'node'.
diff --git a/arch/x86/kernel/sigframe.h b/arch/x86/kernel/sigframe.h
deleted file mode 100644
index cc673aa55ce4..000000000000
--- a/arch/x86/kernel/sigframe.h
+++ /dev/null
@@ -1,42 +0,0 @@
-#ifdef CONFIG_X86_32
-struct sigframe {
-        char __user *pretcode;
-        int sig;
-        struct sigcontext sc;
-        /*
-         * fpstate is unused. fpstate is moved/allocated after
-         * retcode[] below. This movement allows to have the FP state and the
-         * future state extensions (xsave) stay together.
-         * And at the same time retaining the unused fpstate, prevents changing
-         * the offset of extramask[] in the sigframe and thus prevent any
-         * legacy application accessing/modifying it.
-         */
-        struct _fpstate fpstate_unused;
-        unsigned long extramask[_NSIG_WORDS-1];
-        char retcode[8];
-        /* fp state follows here */
-};
-
-struct rt_sigframe {
-        char __user *pretcode;
-        int sig;
-        struct siginfo __user *pinfo;
-        void __user *puc;
-        struct siginfo info;
-        struct ucontext uc;
-        char retcode[8];
-        /* fp state follows here */
-};
-#else
-struct rt_sigframe {
-        char __user *pretcode;
-        struct ucontext uc;
-        struct siginfo info;
-        /* fp state follows here */
-};
-
-int ia32_setup_rt_frame(int sig, struct k_sigaction *ka, siginfo_t *info,
-                sigset_t *set, struct pt_regs *regs);
-int ia32_setup_frame(int sig, struct k_sigaction *ka,
-                sigset_t *set, struct pt_regs *regs);
-#endif
diff --git a/arch/x86/kernel/signal_32.c b/arch/x86/kernel/signal.c
index d6dd057d0f22..89bb7668041d 100644
--- a/arch/x86/kernel/signal_32.c
+++ b/arch/x86/kernel/signal.c
@@ -1,36 +1,41 @@
 /*
  *  Copyright (C) 1991, 1992  Linus Torvalds
+ *  Copyright (C) 2000, 2001, 2002 Andi Kleen SuSE Labs
  *
  *  1997-11-28  Modified for POSIX.1b signals by Richard Henderson
  *  2000-06-20  Pentium III FXSR, SSE support by Gareth Hughes
+ *  2000-2002   x86-64 support by Andi Kleen
  */
-#include <linux/list.h>
 
-#include <linux/personality.h>
-#include <linux/binfmts.h>
-#include <linux/suspend.h>
+#include <linux/sched.h>
+#include <linux/mm.h>
+#include <linux/smp.h>
 #include <linux/kernel.h>
-#include <linux/ptrace.h>
 #include <linux/signal.h>
-#include <linux/stddef.h>
-#include <linux/unistd.h>
 #include <linux/errno.h>
-#include <linux/sched.h>
 #include <linux/wait.h>
+#include <linux/ptrace.h>
 #include <linux/tracehook.h>
-#include <linux/elf.h>
-#include <linux/smp.h>
-#include <linux/mm.h>
+#include <linux/unistd.h>
+#include <linux/stddef.h>
+#include <linux/personality.h>
+#include <linux/uaccess.h>
 
 #include <asm/processor.h>
 #include <asm/ucontext.h>
-#include <asm/uaccess.h>
 #include <asm/i387.h>
 #include <asm/vdso.h>
+
+#ifdef CONFIG_X86_64
+#include <asm/proto.h>
+#include <asm/ia32_unistd.h>
+#include <asm/mce.h>
+#endif /* CONFIG_X86_64 */
+
 #include <asm/syscall.h>
 #include <asm/syscalls.h>
 
-#include "sigframe.h"
+#include <asm/sigframe.h>
 
 #define _BLOCKABLE (~(sigmask(SIGKILL) | sigmask(SIGSTOP)))
 
@@ -45,74 +50,6 @@
 # define FIX_EFLAGS     __FIX_EFLAGS
 #endif
 
-/*
- * Atomically swap in the new signal mask, and wait for a signal.
- */
-asmlinkage int
-sys_sigsuspend(int history0, int history1, old_sigset_t mask)
-{
-        mask &= _BLOCKABLE;
-        spin_lock_irq(&current->sighand->siglock);
-        current->saved_sigmask = current->blocked;
-        siginitset(&current->blocked, mask);
-        recalc_sigpending();
-        spin_unlock_irq(&current->sighand->siglock);
-
-        current->state = TASK_INTERRUPTIBLE;
-        schedule();
-        set_restore_sigmask();
-
-        return -ERESTARTNOHAND;
-}
-
-asmlinkage int
-sys_sigaction(int sig, const struct old_sigaction __user *act,
-              struct old_sigaction __user *oact)
-{
-        struct k_sigaction new_ka, old_ka;
-        int ret;
-
-        if (act) {
-                old_sigset_t mask;
-
-                if (!access_ok(VERIFY_READ, act, sizeof(*act)) ||
-                    __get_user(new_ka.sa.sa_handler, &act->sa_handler) ||
-                    __get_user(new_ka.sa.sa_restorer, &act->sa_restorer))
-                        return -EFAULT;
-
-                __get_user(new_ka.sa.sa_flags, &act->sa_flags);
-                __get_user(mask, &act->sa_mask);
-                siginitset(&new_ka.sa.sa_mask, mask);
-        }
-
-        ret = do_sigaction(sig, act ? &new_ka : NULL, oact ? &old_ka : NULL);
-
-        if (!ret && oact) {
-                if (!access_ok(VERIFY_WRITE, oact, sizeof(*oact)) ||
-                    __put_user(old_ka.sa.sa_handler, &oact->sa_handler) ||
-                    __put_user(old_ka.sa.sa_restorer, &oact->sa_restorer))
-                        return -EFAULT;
-
-                __put_user(old_ka.sa.sa_flags, &oact->sa_flags);
-                __put_user(old_ka.sa.sa_mask.sig[0], &oact->sa_mask);
-        }
-
-        return ret;
-}
-
-asmlinkage int sys_sigaltstack(unsigned long bx)
-{
-        /*
-         * This is needed to make gcc realize it doesn't own the
-         * "struct pt_regs"
-         */
-        struct pt_regs *regs = (struct pt_regs *)&bx;
-        const stack_t __user *uss = (const stack_t __user *)bx;
-        stack_t __user *uoss = (stack_t __user *)regs->cx;
-
-        return do_sigaltstack(uss, uoss, regs->sp);
-}
-
 #define COPY(x)                 {               \
         err |= __get_user(regs->x, &sc->x);     \
 }
@@ -123,7 +60,7 @@ asmlinkage int sys_sigaltstack(unsigned long bx)
                 regs->seg = tmp;                        \
 }
 
-#define COPY_SEG_STRICT(seg)    {                       \
+#define COPY_SEG_CPL3(seg)      {                       \
                 unsigned short tmp;                     \
                 err |= __get_user(tmp, &sc->seg);       \
                 regs->seg = tmp | 3;                    \
@@ -135,9 +72,6 @@ asmlinkage int sys_sigaltstack(unsigned long bx)
                 loadsegment(seg, tmp);                  \
 }
 
-/*
- * Do a signal return; undo the signal stack.
- */
 static int
 restore_sigcontext(struct pt_regs *regs, struct sigcontext __user *sc,
                    unsigned long *pax)
@@ -149,14 +83,36 @@ restore_sigcontext(struct pt_regs *regs, struct sigcontext __user *sc,
         /* Always make any pending restarted system calls return -EINTR */
         current_thread_info()->restart_block.fn = do_no_restart_syscall;
 
+#ifdef CONFIG_X86_32
         GET_SEG(gs);
         COPY_SEG(fs);
         COPY_SEG(es);
         COPY_SEG(ds);
+#endif /* CONFIG_X86_32 */
+
         COPY(di); COPY(si); COPY(bp); COPY(sp); COPY(bx);
         COPY(dx); COPY(cx); COPY(ip);
-        COPY_SEG_STRICT(cs);
-        COPY_SEG_STRICT(ss);
+
+#ifdef CONFIG_X86_64
+        COPY(r8);
+        COPY(r9);
+        COPY(r10);
+        COPY(r11);
+        COPY(r12);
+        COPY(r13);
+        COPY(r14);
+        COPY(r15);
+#endif /* CONFIG_X86_64 */
+
+#ifdef CONFIG_X86_32
+        COPY_SEG_CPL3(cs);
+        COPY_SEG_CPL3(ss);
+#else /* !CONFIG_X86_32 */
+        /* Kernel saves and restores only the CS segment register on signals,
+         * which is the bare minimum needed to allow mixed 32/64-bit code.
+         * App's signal handler can save/restore other segments if needed. */
+        COPY_SEG_CPL3(cs);
+#endif /* CONFIG_X86_32 */
 
         err |= __get_user(tmpflags, &sc->flags);
         regs->flags = (regs->flags & ~FIX_EFLAGS) | (tmpflags & FIX_EFLAGS);
@@ -169,102 +125,24 @@ restore_sigcontext(struct pt_regs *regs, struct sigcontext __user *sc,
         return err;
 }
 
-asmlinkage unsigned long sys_sigreturn(unsigned long __unused)
-{
-        struct sigframe __user *frame;
-        struct pt_regs *regs;
-        unsigned long ax;
-        sigset_t set;
-
-        regs = (struct pt_regs *) &__unused;
-        frame = (struct sigframe __user *)(regs->sp - 8);
-
-        if (!access_ok(VERIFY_READ, frame, sizeof(*frame)))
-                goto badframe;
-        if (__get_user(set.sig[0], &frame->sc.oldmask) || (_NSIG_WORDS > 1
-                && __copy_from_user(&set.sig[1], &frame->extramask,
-                                    sizeof(frame->extramask))))
-                goto badframe;
-
-        sigdelsetmask(&set, ~_BLOCKABLE);
-        spin_lock_irq(&current->sighand->siglock);
-        current->blocked = set;
-        recalc_sigpending();
-        spin_unlock_irq(&current->sighand->siglock);
-
-        if (restore_sigcontext(regs, &frame->sc, &ax))
-                goto badframe;
-        return ax;
-
-badframe:
-        if (show_unhandled_signals && printk_ratelimit()) {
-                printk("%s%s[%d] bad frame in sigreturn frame:"
-                        "%p ip:%lx sp:%lx oeax:%lx",
-                    task_pid_nr(current) > 1 ? KERN_INFO : KERN_EMERG,
-                    current->comm, task_pid_nr(current), frame, regs->ip,
-                    regs->sp, regs->orig_ax);
-                print_vma_addr(" in ", regs->ip);
-                printk(KERN_CONT "\n");
-        }
-
-        force_sig(SIGSEGV, current);
-
-        return 0;
-}
-
-static long do_rt_sigreturn(struct pt_regs *regs)
-{
-        struct rt_sigframe __user *frame;
-        unsigned long ax;
-        sigset_t set;
-
-        frame = (struct rt_sigframe __user *)(regs->sp - sizeof(long));
-        if (!access_ok(VERIFY_READ, frame, sizeof(*frame)))
-                goto badframe;
-        if (__copy_from_user(&set, &frame->uc.uc_sigmask, sizeof(set)))
-                goto badframe;
-
-        sigdelsetmask(&set, ~_BLOCKABLE);
-        spin_lock_irq(&current->sighand->siglock);
-        current->blocked = set;
-        recalc_sigpending();
-        spin_unlock_irq(&current->sighand->siglock);
-
-        if (restore_sigcontext(regs, &frame->uc.uc_mcontext, &ax))
-                goto badframe;
-
-        if (do_sigaltstack(&frame->uc.uc_stack, NULL, regs->sp) == -EFAULT)
-                goto badframe;
-
-        return ax;
-
-badframe:
-        signal_fault(regs, frame, "rt_sigreturn");
-        return 0;
-}
-
-asmlinkage int sys_rt_sigreturn(unsigned long __unused)
-{
-        struct pt_regs *regs = (struct pt_regs *)&__unused;
-
-        return do_rt_sigreturn(regs);
-}
-
-/*
- * Set up a signal frame.
- */
 static int
 setup_sigcontext(struct sigcontext __user *sc, void __user *fpstate,
                  struct pt_regs *regs, unsigned long mask)
 {
-        int tmp, err = 0;
+        int err = 0;
 
-        err |= __put_user(regs->fs, (unsigned int __user *)&sc->fs);
-        savesegment(gs, tmp);
-        err |= __put_user(tmp, (unsigned int __user *)&sc->gs);
+#ifdef CONFIG_X86_32
+        {
+                unsigned int tmp;
 
+                savesegment(gs, tmp);
+                err |= __put_user(tmp, (unsigned int __user *)&sc->gs);
+        }
+        err |= __put_user(regs->fs, (unsigned int __user *)&sc->fs);
         err |= __put_user(regs->es, (unsigned int __user *)&sc->es);
         err |= __put_user(regs->ds, (unsigned int __user *)&sc->ds);
+#endif /* CONFIG_X86_32 */
+
         err |= __put_user(regs->di, &sc->di);
         err |= __put_user(regs->si, &sc->si);
         err |= __put_user(regs->bp, &sc->bp);
@@ -273,19 +151,33 @@ setup_sigcontext(struct sigcontext __user *sc, void __user *fpstate,
         err |= __put_user(regs->dx, &sc->dx);
         err |= __put_user(regs->cx, &sc->cx);
         err |= __put_user(regs->ax, &sc->ax);
+#ifdef CONFIG_X86_64
+        err |= __put_user(regs->r8, &sc->r8);
+        err |= __put_user(regs->r9, &sc->r9);
+        err |= __put_user(regs->r10, &sc->r10);
+        err |= __put_user(regs->r11, &sc->r11);
+        err |= __put_user(regs->r12, &sc->r12);
+        err |= __put_user(regs->r13, &sc->r13);
+        err |= __put_user(regs->r14, &sc->r14);
+        err |= __put_user(regs->r15, &sc->r15);
+#endif /* CONFIG_X86_64 */
+
         err |= __put_user(current->thread.trap_no, &sc->trapno);
         err |= __put_user(current->thread.error_code, &sc->err);
         err |= __put_user(regs->ip, &sc->ip);
+#ifdef CONFIG_X86_32
         err |= __put_user(regs->cs, (unsigned int __user *)&sc->cs);
         err |= __put_user(regs->flags, &sc->flags);
         err |= __put_user(regs->sp, &sc->sp_at_signal);
         err |= __put_user(regs->ss, (unsigned int __user *)&sc->ss);
+#else /* !CONFIG_X86_32 */
+        err |= __put_user(regs->flags, &sc->flags);
+        err |= __put_user(regs->cs, &sc->cs);
+        err |= __put_user(0, &sc->gs);
+        err |= __put_user(0, &sc->fs);
+#endif /* CONFIG_X86_32 */
 
-        tmp = save_i387_xstate(fpstate);
-        if (tmp < 0)
-                err = 1;
-        else
-                err |= __put_user(tmp ? fpstate : NULL, &sc->fpstate);
+        err |= __put_user(fpstate, &sc->fpstate);
 
         /* non-iBCS2 extensions.. */
         err |= __put_user(mask, &sc->oldmask);
@@ -295,6 +187,32 @@ setup_sigcontext(struct sigcontext __user *sc, void __user *fpstate,
 }
 
 /*
+ * Set up a signal frame.
+ */
+#ifdef CONFIG_X86_32
+static const struct {
+        u16 poplmovl;
+        u32 val;
+        u16 int80;
+} __attribute__((packed)) retcode = {
+        0xb858,         /* popl %eax; movl $..., %eax */
+        __NR_sigreturn,
+        0x80cd,         /* int $0x80 */
+};
+
+static const struct {
+        u8  movl;
+        u32 val;
+        u16 int80;
+        u8  pad;
+} __attribute__((packed)) rt_retcode = {
+        0xb8,           /* movl $..., %eax */
+        __NR_rt_sigreturn,
+        0x80cd,         /* int $0x80 */
+        0
+};
+
+/*
  * Determine which stack to use..
  */
 static inline void __user *
@@ -328,6 +246,8 @@ get_sigframe(struct k_sigaction *ka, struct pt_regs *regs, size_t frame_size,
         if (used_math()) {
                 sp = sp - sig_xstate_size;
                 *fpstate = (struct _fpstate *) sp;
+                if (save_i387_xstate(*fpstate) < 0)
+                        return (void __user *)-1L;
         }
 
         sp -= frame_size;
@@ -383,9 +303,7 @@ __setup_frame(int sig, struct k_sigaction *ka, sigset_t *set,
          * reasons and because gdb uses it as a signature to notice
          * signal handler stack frames.
          */
-        err |= __put_user(0xb858, (short __user *)(frame->retcode+0));
-        err |= __put_user(__NR_sigreturn, (int __user *)(frame->retcode+2));
-        err |= __put_user(0x80cd, (short __user *)(frame->retcode+6));
+        err |= __put_user(*((u64 *)&retcode), (u64 *)frame->retcode);
 
         if (err)
                 return -EFAULT;
@@ -454,9 +372,7 @@ static int __setup_rt_frame(int sig, struct k_sigaction *ka, siginfo_t *info,
          * reasons and because gdb uses it as a signature to notice
          * signal handler stack frames.
          */
-        err |= __put_user(0xb8, (char __user *)(frame->retcode+0));
-        err |= __put_user(__NR_rt_sigreturn, (int __user *)(frame->retcode+1));
-        err |= __put_user(0x80cd, (short __user *)(frame->retcode+5));
+        err |= __put_user(*((u64 *)&rt_retcode), (u64 *)frame->retcode);
 
         if (err)
                 return -EFAULT;
@@ -475,23 +391,293 @@ static int __setup_rt_frame(int sig, struct k_sigaction *ka, siginfo_t *info,
 
         return 0;
 }
+#else /* !CONFIG_X86_32 */
+/*
+ * Determine which stack to use..
+ */
+static void __user *
+get_stack(struct k_sigaction *ka, unsigned long sp, unsigned long size)
+{
+        /* Default to using normal stack - redzone*/
+        sp -= 128;
+
+        /* This is the X/Open sanctioned signal stack switching.  */
+        if (ka->sa.sa_flags & SA_ONSTACK) {
+                if (sas_ss_flags(sp) == 0)
+                        sp = current->sas_ss_sp + current->sas_ss_size;
+        }
+
+        return (void __user *)round_down(sp - size, 64);
+}
+
+static int __setup_rt_frame(int sig, struct k_sigaction *ka, siginfo_t *info,
+                            sigset_t *set, struct pt_regs *regs)
+{
+        struct rt_sigframe __user *frame;
+        void __user *fp = NULL;
+        int err = 0;
+        struct task_struct *me = current;
+
+        if (used_math()) {
+                fp = get_stack(ka, regs->sp, sig_xstate_size);
+                frame = (void __user *)round_down(
+                        (unsigned long)fp - sizeof(struct rt_sigframe), 16) - 8;
+
+                if (save_i387_xstate(fp) < 0)
+                        return -EFAULT;
+        } else
+                frame = get_stack(ka, regs->sp, sizeof(struct rt_sigframe)) - 8;
+
+        if (!access_ok(VERIFY_WRITE, frame, sizeof(*frame)))
+                return -EFAULT;
+
+        if (ka->sa.sa_flags & SA_SIGINFO) {
+                if (copy_siginfo_to_user(&frame->info, info))
+                        return -EFAULT;
+        }
+
+        /* Create the ucontext.  */
+        if (cpu_has_xsave)
+                err |= __put_user(UC_FP_XSTATE, &frame->uc.uc_flags);
+        else
+                err |= __put_user(0, &frame->uc.uc_flags);
+        err |= __put_user(0, &frame->uc.uc_link);
+        err |= __put_user(me->sas_ss_sp, &frame->uc.uc_stack.ss_sp);
+        err |= __put_user(sas_ss_flags(regs->sp),
+                          &frame->uc.uc_stack.ss_flags);
+        err |= __put_user(me->sas_ss_size, &frame->uc.uc_stack.ss_size);
+        err |= setup_sigcontext(&frame->uc.uc_mcontext, fp, regs, set->sig[0]);
+        err |= __copy_to_user(&frame->uc.uc_sigmask, set, sizeof(*set));
+
+        /* Set up to return from userspace.  If provided, use a stub
+           already in userspace.  */
+        /* x86-64 should always use SA_RESTORER. */
+        if (ka->sa.sa_flags & SA_RESTORER) {
+                err |= __put_user(ka->sa.sa_restorer, &frame->pretcode);
+        } else {
+                /* could use a vstub here */
+                return -EFAULT;
+        }
+
+        if (err)
+                return -EFAULT;
+
+        /* Set up registers for signal handler */
+        regs->di = sig;
+        /* In case the signal handler was declared without prototypes */
+        regs->ax = 0;
+
+        /* This also works for non SA_SIGINFO handlers because they expect the
+           next argument after the signal number on the stack. */
+        regs->si = (unsigned long)&frame->info;
+        regs->dx = (unsigned long)&frame->uc;
+        regs->ip = (unsigned long) ka->sa.sa_handler;
+
+        regs->sp = (unsigned long)frame;
+
+        /* Set up the CS register to run signal handlers in 64-bit mode,
+           even if the handler happens to be interrupting 32-bit code. */
+        regs->cs = __USER_CS;
+
+        return 0;
+}
+#endif /* CONFIG_X86_32 */
+
+#ifdef CONFIG_X86_32
+/*
+ * Atomically swap in the new signal mask, and wait for a signal.
+ */
+asmlinkage int
+sys_sigsuspend(int history0, int history1, old_sigset_t mask)
+{
+        mask &= _BLOCKABLE;
+        spin_lock_irq(&current->sighand->siglock);
+        current->saved_sigmask = current->blocked;
+        siginitset(&current->blocked, mask);
+        recalc_sigpending();
+        spin_unlock_irq(&current->sighand->siglock);
+
+        current->state = TASK_INTERRUPTIBLE;
+        schedule();
+        set_restore_sigmask();
+
+        return -ERESTARTNOHAND;
+}
+
+asmlinkage int
+sys_sigaction(int sig, const struct old_sigaction __user *act,
+              struct old_sigaction __user *oact)
+{
+        struct k_sigaction new_ka, old_ka;
+        int ret;
+
+        if (act) {
+                old_sigset_t mask;
+
+                if (!access_ok(VERIFY_READ, act, sizeof(*act)) ||
+                    __get_user(new_ka.sa.sa_handler, &act->sa_handler) ||
+                    __get_user(new_ka.sa.sa_restorer, &act->sa_restorer))
+                        return -EFAULT;
+
+                __get_user(new_ka.sa.sa_flags, &act->sa_flags);
+                __get_user(mask, &act->sa_mask);
+                siginitset(&new_ka.sa.sa_mask, mask);
+        }
+
+        ret = do_sigaction(sig, act ? &new_ka : NULL, oact ? &old_ka : NULL);
+
+        if (!ret && oact) {
+                if (!access_ok(VERIFY_WRITE, oact, sizeof(*oact)) ||
+                    __put_user(old_ka.sa.sa_handler, &oact->sa_handler) ||
+                    __put_user(old_ka.sa.sa_restorer, &oact->sa_restorer))
+                        return -EFAULT;
+
+                __put_user(old_ka.sa.sa_flags, &oact->sa_flags);
+                __put_user(old_ka.sa.sa_mask.sig[0], &oact->sa_mask);
+        }
+
+        return ret;
+}
+#endif /* CONFIG_X86_32 */
+
+#ifdef CONFIG_X86_32
+asmlinkage int sys_sigaltstack(unsigned long bx)
+{
+        /*
+         * This is needed to make gcc realize it doesn't own the
+         * "struct pt_regs"
+         */
+        struct pt_regs *regs = (struct pt_regs *)&bx;
+        const stack_t __user *uss = (const stack_t __user *)bx;
+        stack_t __user *uoss = (stack_t __user *)regs->cx;
+
+        return do_sigaltstack(uss, uoss, regs->sp);
+}
+#else /* !CONFIG_X86_32 */
+asmlinkage long
+sys_sigaltstack(const stack_t __user *uss, stack_t __user *uoss,
+                struct pt_regs *regs)
+{
+        return do_sigaltstack(uss, uoss, regs->sp);
+}
+#endif /* CONFIG_X86_32 */
+
+/*
+ * Do a signal return; undo the signal stack.
+ */
+#ifdef CONFIG_X86_32
+asmlinkage unsigned long sys_sigreturn(unsigned long __unused)
+{
+        struct sigframe __user *frame;
+        struct pt_regs *regs;
+        unsigned long ax;
+        sigset_t set;
+
+        regs = (struct pt_regs *) &__unused;
+        frame = (struct sigframe __user *)(regs->sp - 8);
+
+        if (!access_ok(VERIFY_READ, frame, sizeof(*frame)))
+                goto badframe;
+        if (__get_user(set.sig[0], &frame->sc.oldmask) || (_NSIG_WORDS > 1
+                && __copy_from_user(&set.sig[1], &frame->extramask,
+                                    sizeof(frame->extramask))))
+                goto badframe;
+
+        sigdelsetmask(&set, ~_BLOCKABLE);
+        spin_lock_irq(&current->sighand->siglock);
+        current->blocked = set;
+        recalc_sigpending();
+        spin_unlock_irq(&current->sighand->siglock);
+
+        if (restore_sigcontext(regs, &frame->sc, &ax))
+                goto badframe;
+        return ax;
+
+badframe:
+        signal_fault(regs, frame, "sigreturn");
+
+        return 0;
+}
+#endif /* CONFIG_X86_32 */
+
+static long do_rt_sigreturn(struct pt_regs *regs)
+{
+        struct rt_sigframe __user *frame;
+        unsigned long ax;
+        sigset_t set;
+
+        frame = (struct rt_sigframe __user *)(regs->sp - sizeof(long));
+        if (!access_ok(VERIFY_READ, frame, sizeof(*frame)))
+                goto badframe;
+        if (__copy_from_user(&set, &frame->uc.uc_sigmask, sizeof(set)))
+                goto badframe;
+
+        sigdelsetmask(&set, ~_BLOCKABLE);
+        spin_lock_irq(&current->sighand->siglock);
+        current->blocked = set;
+        recalc_sigpending();
+        spin_unlock_irq(&current->sighand->siglock);
+
+        if (restore_sigcontext(regs, &frame->uc.uc_mcontext, &ax))
+                goto badframe;
+
+        if (do_sigaltstack(&frame->uc.uc_stack, NULL, regs->sp) == -EFAULT)
+                goto badframe;
+
+        return ax;
+
+badframe:
+        signal_fault(regs, frame, "rt_sigreturn");
+        return 0;
+}
+
+#ifdef CONFIG_X86_32
+asmlinkage int sys_rt_sigreturn(struct pt_regs regs)
+{
+        return do_rt_sigreturn(&regs);
+}
+#else /* !CONFIG_X86_32 */
+asmlinkage long sys_rt_sigreturn(struct pt_regs *regs)
+{
+        return do_rt_sigreturn(regs);
+}
+#endif /* CONFIG_X86_32 */
 
 /*
  * OK, we're invoking a handler:
  */
 static int signr_convert(int sig)
 {
+#ifdef CONFIG_X86_32
         struct thread_info *info = current_thread_info();
 
         if (info->exec_domain && info->exec_domain->signal_invmap && sig < 32)
                 return info->exec_domain->signal_invmap[sig];
+#endif /* CONFIG_X86_32 */
         return sig;
 }
 
+#ifdef CONFIG_X86_32
+
 #define is_ia32 1
 #define ia32_setup_frame        __setup_frame
 #define ia32_setup_rt_frame     __setup_rt_frame
 
+#else /* !CONFIG_X86_32 */
+
+#ifdef CONFIG_IA32_EMULATION
+#define is_ia32 test_thread_flag(TIF_IA32)
+#else /* !CONFIG_IA32_EMULATION */
+#define is_ia32 0
+#endif /* CONFIG_IA32_EMULATION */
+
+int ia32_setup_rt_frame(int sig, struct k_sigaction *ka, siginfo_t *info,
+                sigset_t *set, struct pt_regs *regs);
+int ia32_setup_frame(int sig, struct k_sigaction *ka,
+                sigset_t *set, struct pt_regs *regs);
+
+#endif /* CONFIG_X86_32 */
+
 static int
 setup_rt_frame(int sig, struct k_sigaction *ka, siginfo_t *info,
                sigset_t *set, struct pt_regs *regs)
@@ -592,7 +778,13 @@ handle_signal(unsigned long sig, siginfo_t *info, struct k_sigaction *ka,
         return 0;
 }
 
+#ifdef CONFIG_X86_32
 #define NR_restart_syscall      __NR_restart_syscall
+#else /* !CONFIG_X86_32 */
+#define NR_restart_syscall      \
+        test_thread_flag(TIF_IA32) ? __NR_ia32_restart_syscall : __NR_restart_syscall
+#endif /* CONFIG_X86_32 */
+
 /*
  * Note that 'init' is a special process: it doesn't get signals it doesn't
  * want to handle. Thus you cannot kill init even with a SIGKILL even by
@@ -704,8 +896,9 @@ void signal_fault(struct pt_regs *regs, void __user *frame, char *where)
         struct task_struct *me = current;
 
         if (show_unhandled_signals && printk_ratelimit()) {
-                printk(KERN_INFO
+                printk("%s"
                        "%s[%d] bad frame in %s frame:%p ip:%lx sp:%lx orax:%lx",
+                       task_pid_nr(current) > 1 ? KERN_INFO : KERN_EMERG,
                        me->comm, me->pid, where, frame,
                        regs->ip, regs->sp, regs->orig_ax);
                 print_vma_addr(" in ", regs->ip);
diff --git a/arch/x86/kernel/signal_64.c b/arch/x86/kernel/signal_64.c
deleted file mode 100644
index a5c9627f4db9..000000000000
--- a/arch/x86/kernel/signal_64.c
+++ /dev/null
@@ -1,516 +0,0 @@
-/*
- *  Copyright (C) 1991, 1992  Linus Torvalds
- *  Copyright (C) 2000, 2001, 2002 Andi Kleen SuSE Labs
- *
- *  1997-11-28  Modified for POSIX.1b signals by Richard Henderson
- *  2000-06-20  Pentium III FXSR, SSE support by Gareth Hughes
- *  2000-2002   x86-64 support by Andi Kleen
- */
-
-#include <linux/sched.h>
-#include <linux/mm.h>
-#include <linux/smp.h>
-#include <linux/kernel.h>
-#include <linux/signal.h>
-#include <linux/errno.h>
-#include <linux/wait.h>
-#include <linux/ptrace.h>
-#include <linux/tracehook.h>
-#include <linux/unistd.h>
-#include <linux/stddef.h>
-#include <linux/personality.h>
-#include <linux/compiler.h>
-#include <linux/uaccess.h>
-
-#include <asm/processor.h>
-#include <asm/ucontext.h>
-#include <asm/i387.h>
-#include <asm/proto.h>
-#include <asm/ia32_unistd.h>
-#include <asm/mce.h>
-#include <asm/syscall.h>
-#include <asm/syscalls.h>
-#include "sigframe.h"
-
-#define _BLOCKABLE (~(sigmask(SIGKILL) | sigmask(SIGSTOP)))
-
-#define __FIX_EFLAGS    (X86_EFLAGS_AC | X86_EFLAGS_OF | \
-                         X86_EFLAGS_DF | X86_EFLAGS_TF | X86_EFLAGS_SF | \
-                         X86_EFLAGS_ZF | X86_EFLAGS_AF | X86_EFLAGS_PF | \
-                         X86_EFLAGS_CF)
-
-#ifdef CONFIG_X86_32
-# define FIX_EFLAGS     (__FIX_EFLAGS | X86_EFLAGS_RF)
-#else
-# define FIX_EFLAGS     __FIX_EFLAGS
-#endif
-
-asmlinkage long
-sys_sigaltstack(const stack_t __user *uss, stack_t __user *uoss,
-                struct pt_regs *regs)
-{
-        return do_sigaltstack(uss, uoss, regs->sp);
-}
-
-#define COPY(x)                 {               \
-        err |= __get_user(regs->x, &sc->x);     \
-}
-
-#define COPY_SEG_STRICT(seg)    {                       \
-                unsigned short tmp;                     \
-                err |= __get_user(tmp, &sc->seg);       \
-                regs->seg = tmp | 3;                    \
-}
-
-/*
- * Do a signal return; undo the signal stack.
- */
-static int
-restore_sigcontext(struct pt_regs *regs, struct sigcontext __user *sc,
-                   unsigned long *pax)
-{
-        void __user *buf;
-        unsigned int tmpflags;
-        unsigned int err = 0;
-
-        /* Always make any pending restarted system calls return -EINTR */
-        current_thread_info()->restart_block.fn = do_no_restart_syscall;
-
-        COPY(di); COPY(si); COPY(bp); COPY(sp); COPY(bx);
-        COPY(dx); COPY(cx); COPY(ip);
-        COPY(r8);
-        COPY(r9);
-        COPY(r10);
-        COPY(r11);
-        COPY(r12);
-        COPY(r13);
-        COPY(r14);
-        COPY(r15);
-
-        /* Kernel saves and restores only the CS segment register on signals,
-         * which is the bare minimum needed to allow mixed 32/64-bit code.
-         * App's signal handler can save/restore other segments if needed. */
-        COPY_SEG_STRICT(cs);
-
-        err |= __get_user(tmpflags, &sc->flags);
-        regs->flags = (regs->flags & ~FIX_EFLAGS) | (tmpflags & FIX_EFLAGS);
-        regs->orig_ax = -1;             /* disable syscall checks */
-
-        err |= __get_user(buf, &sc->fpstate);
-        err |= restore_i387_xstate(buf);
-
-        err |= __get_user(*pax, &sc->ax);
-        return err;
-}
-
-static long do_rt_sigreturn(struct pt_regs *regs)
-{
-        struct rt_sigframe __user *frame;
-        unsigned long ax;
-        sigset_t set;
-
-        frame = (struct rt_sigframe __user *)(regs->sp - sizeof(long));
-        if (!access_ok(VERIFY_READ, frame, sizeof(*frame)))
-                goto badframe;
-        if (__copy_from_user(&set, &frame->uc.uc_sigmask, sizeof(set)))
-                goto badframe;
-
-        sigdelsetmask(&set, ~_BLOCKABLE);
-        spin_lock_irq(&current->sighand->siglock);
-        current->blocked = set;
-        recalc_sigpending();
-        spin_unlock_irq(&current->sighand->siglock);
-
-        if (restore_sigcontext(regs, &frame->uc.uc_mcontext, &ax))
-                goto badframe;
-
-        if (do_sigaltstack(&frame->uc.uc_stack, NULL, regs->sp) == -EFAULT)
-                goto badframe;
-
-        return ax;
-
-badframe:
-        signal_fault(regs, frame, "rt_sigreturn");
-        return 0;
-}
-
-asmlinkage long sys_rt_sigreturn(struct pt_regs *regs)
-{
-        return do_rt_sigreturn(regs);
-}
-
-/*
- * Set up a signal frame.
- */
-
-static inline int
-setup_sigcontext(struct sigcontext __user *sc, struct pt_regs *regs,
-                unsigned long mask, struct task_struct *me)
-{
-        int err = 0;
-
-        err |= __put_user(regs->cs, &sc->cs);
-        err |= __put_user(0, &sc->gs);
-        err |= __put_user(0, &sc->fs);
-
-        err |= __put_user(regs->di, &sc->di);
-        err |= __put_user(regs->si, &sc->si);
-        err |= __put_user(regs->bp, &sc->bp);
-        err |= __put_user(regs->sp, &sc->sp);
-        err |= __put_user(regs->bx, &sc->bx);
-        err |= __put_user(regs->dx, &sc->dx);
-        err |= __put_user(regs->cx, &sc->cx);
-        err |= __put_user(regs->ax, &sc->ax);
-        err |= __put_user(regs->r8, &sc->r8);
-        err |= __put_user(regs->r9, &sc->r9);
-        err |= __put_user(regs->r10, &sc->r10);
-        err |= __put_user(regs->r11, &sc->r11);
-        err |= __put_user(regs->r12, &sc->r12);
-        err |= __put_user(regs->r13, &sc->r13);
-        err |= __put_user(regs->r14, &sc->r14);
-        err |= __put_user(regs->r15, &sc->r15);
-        err |= __put_user(me->thread.trap_no, &sc->trapno);
-        err |= __put_user(me->thread.error_code, &sc->err);
-        err |= __put_user(regs->ip, &sc->ip);
-        err |= __put_user(regs->flags, &sc->flags);
-        err |= __put_user(mask, &sc->oldmask);
-        err |= __put_user(me->thread.cr2, &sc->cr2);
-
-        return err;
-}
-
-/*
- * Determine which stack to use..
- */
-
-static void __user *
-get_stack(struct k_sigaction *ka, struct pt_regs *regs, unsigned long size)
-{
-        unsigned long sp;
-
-        /* Default to using normal stack - redzone*/
-        sp = regs->sp - 128;
-
-        /* This is the X/Open sanctioned signal stack switching.  */
-        if (ka->sa.sa_flags & SA_ONSTACK) {
-                if (sas_ss_flags(sp) == 0)
-                        sp = current->sas_ss_sp + current->sas_ss_size;
-        }
-
-        return (void __user *)round_down(sp - size, 64);
-}
-
-static int __setup_rt_frame(int sig, struct k_sigaction *ka, siginfo_t *info,
-                            sigset_t *set, struct pt_regs *regs)
-{
-        struct rt_sigframe __user *frame;
-        void __user *fp = NULL;
-        int err = 0;
-        struct task_struct *me = current;
-
-        if (used_math()) {
-                fp = get_stack(ka, regs, sig_xstate_size);
-                frame = (void __user *)round_down(
-                        (unsigned long)fp - sizeof(struct rt_sigframe), 16) - 8;
-
-                if (save_i387_xstate(fp) < 0)
-                        return -EFAULT;
-        } else
-                frame = get_stack(ka, regs, sizeof(struct rt_sigframe)) - 8;
-
-        if (!access_ok(VERIFY_WRITE, frame, sizeof(*frame)))
-                return -EFAULT;
-
-        if (ka->sa.sa_flags & SA_SIGINFO) {
-                if (copy_siginfo_to_user(&frame->info, info))
-                        return -EFAULT;
-        }
-
-        /* Create the ucontext.  */
-        if (cpu_has_xsave)
-                err |= __put_user(UC_FP_XSTATE, &frame->uc.uc_flags);
-        else
-                err |= __put_user(0, &frame->uc.uc_flags);
-        err |= __put_user(0, &frame->uc.uc_link);
-        err |= __put_user(me->sas_ss_sp, &frame->uc.uc_stack.ss_sp);
-        err |= __put_user(sas_ss_flags(regs->sp),
-                          &frame->uc.uc_stack.ss_flags);
-        err |= __put_user(me->sas_ss_size, &frame->uc.uc_stack.ss_size);
-        err |= setup_sigcontext(&frame->uc.uc_mcontext, regs, set->sig[0], me);
-        err |= __put_user(fp, &frame->uc.uc_mcontext.fpstate);
-        if (sizeof(*set) == 16) {
-                __put_user(set->sig[0], &frame->uc.uc_sigmask.sig[0]);
-                __put_user(set->sig[1], &frame->uc.uc_sigmask.sig[1]);
-        } else
-                err |= __copy_to_user(&frame->uc.uc_sigmask, set, sizeof(*set));
-
-        /* Set up to return from userspace.  If provided, use a stub
-           already in userspace.  */
-        /* x86-64 should always use SA_RESTORER. */
-        if (ka->sa.sa_flags & SA_RESTORER) {
-                err |= __put_user(ka->sa.sa_restorer, &frame->pretcode);
-        } else {
-                /* could use a vstub here */
-                return -EFAULT;
-        }
-
-        if (err)
-                return -EFAULT;
-
-        /* Set up registers for signal handler */
-        regs->di = sig;
-        /* In case the signal handler was declared without prototypes */
-        regs->ax = 0;
-
-        /* This also works for non SA_SIGINFO handlers because they expect the
-           next argument after the signal number on the stack. */
-        regs->si = (unsigned long)&frame->info;
-        regs->dx = (unsigned long)&frame->uc;
-        regs->ip = (unsigned long) ka->sa.sa_handler;
-
-        regs->sp = (unsigned long)frame;
-
-        /* Set up the CS register to run signal handlers in 64-bit mode,
-           even if the handler happens to be interrupting 32-bit code. */
-        regs->cs = __USER_CS;
-
-        return 0;
-}
-
-/*
- * OK, we're invoking a handler
- */
-static int signr_convert(int sig)
-{
-        return sig;
-}
-
-#ifdef CONFIG_IA32_EMULATION
-#define is_ia32 test_thread_flag(TIF_IA32)
-#else
-#define is_ia32 0
-#endif
-
-static int
-setup_rt_frame(int sig, struct k_sigaction *ka, siginfo_t *info,
-               sigset_t *set, struct pt_regs *regs)
-{
-        int usig = signr_convert(sig);
-        int ret;
-
-        /* Set up the stack frame */
-        if (is_ia32) {
-                if (ka->sa.sa_flags & SA_SIGINFO)
-                        ret = ia32_setup_rt_frame(usig, ka, info, set, regs);
-                else
-                        ret = ia32_setup_frame(usig, ka, set, regs);
-        } else
-                ret = __setup_rt_frame(sig, ka, info, set, regs);
-
-        if (ret) {
-                force_sigsegv(sig, current);
-                return -EFAULT;
-        }
-
-        return ret;
-}
-
-static int
-handle_signal(unsigned long sig, siginfo_t *info, struct k_sigaction *ka,
-              sigset_t *oldset, struct pt_regs *regs)
-{
-        int ret;
-
-        /* Are we from a system call? */
-        if (syscall_get_nr(current, regs) >= 0) {
-                /* If so, check system call restarting.. */
-                switch (syscall_get_error(current, regs)) {
-                case -ERESTART_RESTARTBLOCK:
-                case -ERESTARTNOHAND:
-                        regs->ax = -EINTR;
-                        break;
-
-                case -ERESTARTSYS:
-                        if (!(ka->sa.sa_flags & SA_RESTART)) {
-                                regs->ax = -EINTR;
-                                break;
-                        }
-                /* fallthrough */
-                case -ERESTARTNOINTR:
-                        regs->ax = regs->orig_ax;
-                        regs->ip -= 2;
-                        break;
-                }
-        }
-
-        /*
-         * If TF is set due to a debugger (TIF_FORCED_TF), clear the TF
-         * flag so that register information in the sigcontext is correct.
-         */
-        if (unlikely(regs->flags & X86_EFLAGS_TF) &&
-            likely(test_and_clear_thread_flag(TIF_FORCED_TF)))
-                regs->flags &= ~X86_EFLAGS_TF;
-
-        ret = setup_rt_frame(sig, ka, info, oldset, regs);
-
-        if (ret)
-                return ret;
-
-#ifdef CONFIG_X86_64
-        /*
-         * This has nothing to do with segment registers,
-         * despite the name.  This magic affects uaccess.h
-         * macros' behavior.  Reset it to the normal setting.
-         */
-        set_fs(USER_DS);
-#endif
-
-        /*
-         * Clear the direction flag as per the ABI for function entry.
-         */
-        regs->flags &= ~X86_EFLAGS_DF;
-
-        /*
-         * Clear TF when entering the signal handler, but
-         * notify any tracer that was single-stepping it.
-         * The tracer may want to single-step inside the
-         * handler too.
-         */
-        regs->flags &= ~X86_EFLAGS_TF;
-
-        spin_lock_irq(&current->sighand->siglock);
-        sigorsets(&current->blocked, &current->blocked, &ka->sa.sa_mask);
-        if (!(ka->sa.sa_flags & SA_NODEFER))
-                sigaddset(&current->blocked, sig);
-        recalc_sigpending();
-        spin_unlock_irq(&current->sighand->siglock);
-
-        tracehook_signal_handler(sig, info, ka, regs,
-                                 test_thread_flag(TIF_SINGLESTEP));
-
-        return 0;
-}
-
-#define NR_restart_syscall      \
-        test_thread_flag(TIF_IA32) ? __NR_ia32_restart_syscall : __NR_restart_syscall
-/*
- * Note that 'init' is a special process: it doesn't get signals it doesn't
- * want to handle. Thus you cannot kill init even with a SIGKILL even by
- * mistake.
- */
-static void do_signal(struct pt_regs *regs)
-{
-        struct k_sigaction ka;
-        siginfo_t info;
-        int signr;
-        sigset_t *oldset;
-
-        /*
-         * We want the common case to go fast, which is why we may in certain
-         * cases get here from kernel mode. Just return without doing anything
-         * if so.
-         * X86_32: vm86 regs switched out by assembly code before reaching
-         * here, so testing against kernel CS suffices.
-         */
-        if (!user_mode(regs))
-                return;
-
-        if (current_thread_info()->status & TS_RESTORE_SIGMASK)
-                oldset = &current->saved_sigmask;
-        else
-                oldset = &current->blocked;
-
-        signr = get_signal_to_deliver(&info, &ka, regs, NULL);
-        if (signr > 0) {
-                /*
-                 * Re-enable any watchpoints before delivering the
-                 * signal to user space. The processor register will
-                 * have been cleared if the watchpoint triggered
-                 * inside the kernel.
-                 */
-                if (current->thread.debugreg7)
-                        set_debugreg(current->thread.debugreg7, 7);
-
-                /* Whee! Actually deliver the signal.  */
-                if (handle_signal(signr, &info, &ka, oldset, regs) == 0) {
-                        /*
-                         * A signal was successfully delivered; the saved
-                         * sigmask will have been stored in the signal frame,
-                         * and will be restored by sigreturn, so we can simply
-                         * clear the TS_RESTORE_SIGMASK flag.
-                         */
-                        current_thread_info()->status &= ~TS_RESTORE_SIGMASK;
-                }
-                return;
-        }
-
-        /* Did we come from a system call? */
-        if (syscall_get_nr(current, regs) >= 0) {
-                /* Restart the system call - no handlers present */
-                switch (syscall_get_error(current, regs)) {
-                case -ERESTARTNOHAND:
-                case -ERESTARTSYS:
-                case -ERESTARTNOINTR:
-                        regs->ax = regs->orig_ax;
-                        regs->ip -= 2;
-                        break;
-
-                case -ERESTART_RESTARTBLOCK:
-                        regs->ax = NR_restart_syscall;
-                        regs->ip -= 2;
-                        break;
-                }
-        }
-
-        /*
-         * If there's no signal to deliver, we just put the saved sigmask
-         * back.
-         */
-        if (current_thread_info()->status & TS_RESTORE_SIGMASK) {
-                current_thread_info()->status &= ~TS_RESTORE_SIGMASK;
-                sigprocmask(SIG_SETMASK, &current->saved_sigmask, NULL);
-        }
-}
-
-/*
- * notification of userspace execution resumption
- * - triggered by the TIF_WORK_MASK flags
- */
-void
-do_notify_resume(struct pt_regs *regs, void *unused, __u32 thread_info_flags)
-{
-#if defined(CONFIG_X86_64) && defined(CONFIG_X86_MCE)
-        /* notify userspace of pending MCEs */
-        if (thread_info_flags & _TIF_MCE_NOTIFY)
-                mce_notify_user();
-#endif /* CONFIG_X86_64 && CONFIG_X86_MCE */
-
-        /* deal with pending signal delivery */
-        if (thread_info_flags & _TIF_SIGPENDING)
-                do_signal(regs);
-
-        if (thread_info_flags & _TIF_NOTIFY_RESUME) {
-                clear_thread_flag(TIF_NOTIFY_RESUME);
-                tracehook_notify_resume(regs);
-        }
-
-#ifdef CONFIG_X86_32
-        clear_thread_flag(TIF_IRET);
-#endif /* CONFIG_X86_32 */
-}
-
-void signal_fault(struct pt_regs *regs, void __user *frame, char *where)
-{
-        struct task_struct *me = current;
-
-        if (show_unhandled_signals && printk_ratelimit()) {
-                printk(KERN_INFO
-                       "%s[%d] bad frame in %s frame:%p ip:%lx sp:%lx orax:%lx",
-                       me->comm, me->pid, where, frame,
-                       regs->ip, regs->sp, regs->orig_ax);
-                print_vma_addr(" in ", regs->ip);
-                printk(KERN_CONT "\n");
-        }
-
-        force_sig(SIGSEGV, me);
-}
diff --git a/arch/x86/kernel/smp.c b/arch/x86/kernel/smp.c
index 49ed667b06f3..beea2649a240 100644
--- a/arch/x86/kernel/smp.c
+++ b/arch/x86/kernel/smp.c
@@ -165,11 +165,7 @@ static void native_smp_send_stop(void)
 void smp_reschedule_interrupt(struct pt_regs *regs)
 {
         ack_APIC_irq();
-#ifdef CONFIG_X86_32
-        __get_cpu_var(irq_stat).irq_resched_count++;
-#else
-        add_pda(irq_resched_count, 1);
-#endif
+        inc_irq_stat(irq_resched_count);
 }
 
 void smp_call_function_interrupt(struct pt_regs *regs)
@@ -177,11 +173,7 @@ void smp_call_function_interrupt(struct pt_regs *regs)
         ack_APIC_irq();
         irq_enter();
         generic_smp_call_function_interrupt();
-#ifdef CONFIG_X86_32
-        __get_cpu_var(irq_stat).irq_call_count++;
-#else
-        add_pda(irq_call_count, 1);
-#endif
+        inc_irq_stat(irq_call_count);
         irq_exit();
 }
 
@@ -190,11 +182,7 @@ void smp_call_function_single_interrupt(struct pt_regs *regs)
         ack_APIC_irq();
         irq_enter();
         generic_smp_call_function_single_interrupt();
-#ifdef CONFIG_X86_32
-        __get_cpu_var(irq_stat).irq_call_count++;
-#else
-        add_pda(irq_call_count, 1);
-#endif
+        inc_irq_stat(irq_call_count);
         irq_exit();
 }
 
diff --git a/arch/x86/kernel/smpboot.c b/arch/x86/kernel/smpboot.c
index 1a9941b11150..9e177a4077ee 100644
--- a/arch/x86/kernel/smpboot.c
+++ b/arch/x86/kernel/smpboot.c
@@ -282,7 +282,7 @@ static int __cpuinitdata unsafe_smp;
 /*
  * Activate a secondary processor.
  */
-static void __cpuinit start_secondary(void *unused)
+notrace static void __cpuinit start_secondary(void *unused)
 {
         /*
          * Don't put *anything* before cpu_init(), SMP booting is too
@@ -496,7 +496,7 @@ void __cpuinit set_cpu_sibling_map(int cpu)
 }
 
 /* maps the cpu to the sched domain representing multi-core */
-cpumask_t cpu_coregroup_map(int cpu)
+const struct cpumask *cpu_coregroup_mask(int cpu)
 {
         struct cpuinfo_x86 *c = &cpu_data(cpu);
         /*
@@ -504,9 +504,14 @@ cpumask_t cpu_coregroup_map(int cpu)
          * And for power savings, we return cpu_core_map
          */
         if (sched_mc_power_savings || sched_smt_power_savings)
-                return per_cpu(cpu_core_map, cpu);
+                return &per_cpu(cpu_core_map, cpu);
         else
-                return c->llc_shared_map;
+                return &c->llc_shared_map;
+}
+
+cpumask_t cpu_coregroup_map(int cpu)
+{
+        return *cpu_coregroup_mask(cpu);
 }
 
 static void impress_friends(void)
@@ -1075,8 +1080,10 @@ static int __init smp_sanity_check(unsigned max_cpus)
 #endif
 
         if (!physid_isset(hard_smp_processor_id(), phys_cpu_present_map)) {
-                printk(KERN_WARNING "weird, boot CPU (#%d) not listed"
-                                    "by the BIOS.\n", hard_smp_processor_id());
+                printk(KERN_WARNING
+                        "weird, boot CPU (#%d) not listed by the BIOS.\n",
+                        hard_smp_processor_id());
+
                 physid_set(hard_smp_processor_id(), phys_cpu_present_map);
         }
 
diff --git a/arch/x86/kernel/time_32.c b/arch/x86/kernel/time_32.c
index 77b400f06ea2..65309e4cb1c0 100644
--- a/arch/x86/kernel/time_32.c
+++ b/arch/x86/kernel/time_32.c
@@ -75,7 +75,7 @@ EXPORT_SYMBOL(profile_pc);
 irqreturn_t timer_interrupt(int irq, void *dev_id)
 {
         /* Keep nmi watchdog up to date */
-        per_cpu(irq_stat, smp_processor_id()).irq0_irqs++;
+        inc_irq_stat(irq0_irqs);
 
 #ifdef CONFIG_X86_IO_APIC
         if (timer_ack) {
diff --git a/arch/x86/kernel/time_64.c b/arch/x86/kernel/time_64.c
index cb19d650c216..891e7a7c4334 100644
--- a/arch/x86/kernel/time_64.c
+++ b/arch/x86/kernel/time_64.c
@@ -49,9 +49,9 @@ unsigned long profile_pc(struct pt_regs *regs)
 }
 EXPORT_SYMBOL(profile_pc);
 
-irqreturn_t timer_interrupt(int irq, void *dev_id)
+static irqreturn_t timer_interrupt(int irq, void *dev_id)
 {
-        add_pda(irq0_irqs, 1);
+        inc_irq_stat(irq0_irqs);
 
         global_clock_event->event_handler(global_clock_event);
 
@@ -80,6 +80,8 @@ unsigned long __init calibrate_cpu(void)
                         break;
         no_ctr_free = (i == 4);
         if (no_ctr_free) {
+                WARN(1, KERN_WARNING "Warning: AMD perfctrs busy ... "
+                     "cpu_khz value may be incorrect.\n");
                 i = 3;
                 rdmsrl(MSR_K7_EVNTSEL3, evntsel3);
                 wrmsrl(MSR_K7_EVNTSEL3, 0);
diff --git a/arch/x86/kernel/tlb_32.c b/arch/x86/kernel/tlb_32.c
index 174ea90d1cbd..ce5054642247 100644
--- a/arch/x86/kernel/tlb_32.c
+++ b/arch/x86/kernel/tlb_32.c
@@ -34,9 +34,8 @@ static DEFINE_SPINLOCK(tlbstate_lock);
  */
 void leave_mm(int cpu)
 {
-        if (per_cpu(cpu_tlbstate, cpu).state == TLBSTATE_OK)
-                BUG();
-        cpu_clear(cpu, per_cpu(cpu_tlbstate, cpu).active_mm->cpu_vm_mask);
+        BUG_ON(x86_read_percpu(cpu_tlbstate.state) == TLBSTATE_OK);
+        cpu_clear(cpu, x86_read_percpu(cpu_tlbstate.active_mm)->cpu_vm_mask);
         load_cr3(swapper_pg_dir);
 }
 EXPORT_SYMBOL_GPL(leave_mm);
@@ -104,8 +103,8 @@ void smp_invalidate_interrupt(struct pt_regs *regs)
                  * BUG();
                  */
 
-        if (flush_mm == per_cpu(cpu_tlbstate, cpu).active_mm) {
-                if (per_cpu(cpu_tlbstate, cpu).state == TLBSTATE_OK) {
+        if (flush_mm == x86_read_percpu(cpu_tlbstate.active_mm)) {
+                if (x86_read_percpu(cpu_tlbstate.state) == TLBSTATE_OK) {
                         if (flush_va == TLB_FLUSH_ALL)
                                 local_flush_tlb();
                         else
@@ -119,7 +118,7 @@ void smp_invalidate_interrupt(struct pt_regs *regs)
         smp_mb__after_clear_bit();
 out:
         put_cpu_no_resched();
-        __get_cpu_var(irq_stat).irq_tlb_count++;
+        inc_irq_stat(irq_tlb_count);
 }
 
 void native_flush_tlb_others(const cpumask_t *cpumaskp, struct mm_struct *mm,
@@ -238,7 +237,7 @@ static void do_flush_tlb_all(void *info)
         unsigned long cpu = smp_processor_id();
 
         __flush_tlb_all();
-        if (per_cpu(cpu_tlbstate, cpu).state == TLBSTATE_LAZY)
+        if (x86_read_percpu(cpu_tlbstate.state) == TLBSTATE_LAZY)
                 leave_mm(cpu);
 }
 
diff --git a/arch/x86/kernel/tlb_64.c b/arch/x86/kernel/tlb_64.c
index de6f1bda0c50..f8be6f1d2e48 100644
--- a/arch/x86/kernel/tlb_64.c
+++ b/arch/x86/kernel/tlb_64.c
@@ -154,7 +154,7 @@ asmlinkage void smp_invalidate_interrupt(struct pt_regs *regs)
 out:
         ack_APIC_irq();
         cpu_clear(cpu, f->flush_cpumask);
-        add_pda(irq_tlb_count, 1);
+        inc_irq_stat(irq_tlb_count);
 }
 
 void native_flush_tlb_others(const cpumask_t *cpumaskp, struct mm_struct *mm,
diff --git a/arch/x86/kernel/tlb_uv.c b/arch/x86/kernel/tlb_uv.c
index 04431f34fd16..6a00e5faaa74 100644
--- a/arch/x86/kernel/tlb_uv.c
+++ b/arch/x86/kernel/tlb_uv.c
@@ -566,14 +566,10 @@ static int __init uv_ptc_init(void)
         if (!is_uv_system())
                 return 0;
 
-        if (!proc_mkdir("sgi_uv", NULL))
-                return -EINVAL;
-
         proc_uv_ptc = create_proc_entry(UV_PTC_BASENAME, 0444, NULL);
         if (!proc_uv_ptc) {
                 printk(KERN_ERR "unable to create %s proc entry\n",
                        UV_PTC_BASENAME);
-                remove_proc_entry("sgi_uv", NULL);
                 return -EINVAL;
         }
         proc_uv_ptc->proc_fops = &proc_uv_ptc_operations;
diff --git a/arch/x86/kernel/trampoline.c b/arch/x86/kernel/trampoline.c
index 1106fac6024d..808031a5ba19 100644
--- a/arch/x86/kernel/trampoline.c
+++ b/arch/x86/kernel/trampoline.c
@@ -1,10 +1,26 @@
 #include <linux/io.h>
 
 #include <asm/trampoline.h>
+#include <asm/e820.h>
 
 /* ready for x86_64 and x86 */
 unsigned char *trampoline_base = __va(TRAMPOLINE_BASE);
 
+void __init reserve_trampoline_memory(void)
+{
+#ifdef CONFIG_X86_32
+        /*
+         * But first pinch a few for the stack/trampoline stuff
+         * FIXME: Don't need the extra page at 4K, but need to fix
+         * trampoline before removing it. (see the GDT stuff)
+         */
+        reserve_early(PAGE_SIZE, PAGE_SIZE + PAGE_SIZE, "EX TRAMPOLINE");
+#endif
+        /* Has to be in very low memory so we can execute real-mode AP code. */
+        reserve_early(TRAMPOLINE_BASE, TRAMPOLINE_BASE + TRAMPOLINE_SIZE,
+                        "TRAMPOLINE");
+}
+
 /*
  * Currently trivial. Write the real->protected mode
  * bootstrap into the page concerned. The caller
@@ -12,7 +28,6 @@ unsigned char *trampoline_base = __va(TRAMPOLINE_BASE);
  */
 unsigned long setup_trampoline(void)
 {
-        memcpy(trampoline_base, trampoline_data,
-               trampoline_end - trampoline_data);
+        memcpy(trampoline_base, trampoline_data, TRAMPOLINE_SIZE);
         return virt_to_phys(trampoline_base);
 }
diff --git a/arch/x86/kernel/traps.c b/arch/x86/kernel/traps.c
index 4a6dff39a470..2d1f4c7e4052 100644
--- a/arch/x86/kernel/traps.c
+++ b/arch/x86/kernel/traps.c
@@ -481,11 +481,7 @@ do_nmi(struct pt_regs *regs, long error_code)
 {
         nmi_enter();
 
-#ifdef CONFIG_X86_32
-        { int cpu; cpu = smp_processor_id(); ++nmi_count(cpu); }
-#else
-        add_pda(__nmi_count, 1);
-#endif
+        inc_irq_stat(__nmi_count);
 
         if (!ignore_nmis)
                 default_do_nmi(regs);
@@ -664,7 +660,7 @@ void math_error(void __user *ip)
 {
         struct task_struct *task;
         siginfo_t info;
-        unsigned short cwd, swd;
+        unsigned short cwd, swd, err;
 
         /*
          * Save the info for the exception handler and clear the error.
@@ -675,7 +671,6 @@ void math_error(void __user *ip)
         task->thread.error_code = 0;
         info.si_signo = SIGFPE;
         info.si_errno = 0;
-        info.si_code = __SI_FAULT;
         info.si_addr = ip;
         /*
          * (~cwd & swd) will mask out exceptions that are not set to unmasked
@@ -689,34 +684,31 @@ void math_error(void __user *ip)
          */
         cwd = get_fpu_cwd(task);
         swd = get_fpu_swd(task);
-        switch (swd & ~cwd & 0x3f) {
-        case 0x000: /* No unmasked exception */
+
+        err = swd & ~cwd & 0x3f;
+
 #ifdef CONFIG_X86_32
+        if (!err)
                 return;
 #endif
-        default: /* Multiple exceptions */
-                break;
-        case 0x001: /* Invalid Op */
+
+        if (err & 0x001) {      /* Invalid op */
                 /*
                  * swd & 0x240 == 0x040: Stack Underflow
                  * swd & 0x240 == 0x240: Stack Overflow
                  * User must clear the SF bit (0x40) if set
                  */
                 info.si_code = FPE_FLTINV;
-                break;
-        case 0x002: /* Denormalize */
-        case 0x010: /* Underflow */
-                info.si_code = FPE_FLTUND;
-                break;
-        case 0x004: /* Zero Divide */
+        } else if (err & 0x004) { /* Divide by Zero */
                 info.si_code = FPE_FLTDIV;
-                break;
-        case 0x008: /* Overflow */
+        } else if (err & 0x008) { /* Overflow */
                 info.si_code = FPE_FLTOVF;
-                break;
-        case 0x020: /* Precision */
+        } else if (err & 0x012) { /* Denormal, Underflow */
+                info.si_code = FPE_FLTUND;
+        } else if (err & 0x020) { /* Precision */
                 info.si_code = FPE_FLTRES;
-                break;
+        } else {
+                info.si_code = __SI_FAULT|SI_KERNEL; /* WTF? */
         }
         force_sig_info(SIGFPE, &info, task);
 }
diff --git a/arch/x86/kernel/tsc.c b/arch/x86/kernel/tsc.c
index 424093b157d3..599e58168631 100644
--- a/arch/x86/kernel/tsc.c
+++ b/arch/x86/kernel/tsc.c
@@ -15,6 +15,7 @@
 #include <asm/vgtod.h>
 #include <asm/time.h>
 #include <asm/delay.h>
+#include <asm/hypervisor.h>
 
 unsigned int cpu_khz;           /* TSC clocks / usec, not used here */
 EXPORT_SYMBOL(cpu_khz);
@@ -31,6 +32,7 @@ static int tsc_unstable;
    erroneous rdtsc usage on !cpu_has_tsc processors */
 static int tsc_disabled = -1;
 
+static int tsc_clocksource_reliable;
 /*
  * Scheduler clock - returns current time in nanosec units.
  */
@@ -98,6 +100,15 @@ int __init notsc_setup(char *str)
 
 __setup("notsc", notsc_setup);
 
+static int __init tsc_setup(char *str)
+{
+        if (!strcmp(str, "reliable"))
+                tsc_clocksource_reliable = 1;
+        return 1;
+}
+
+__setup("tsc=", tsc_setup);
+
 #define MAX_RETRIES     5
 #define SMI_TRESHOLD    50000
 
@@ -352,9 +363,15 @@ unsigned long native_calibrate_tsc(void)
 {
         u64 tsc1, tsc2, delta, ref1, ref2;
         unsigned long tsc_pit_min = ULONG_MAX, tsc_ref_min = ULONG_MAX;
-        unsigned long flags, latch, ms, fast_calibrate;
+        unsigned long flags, latch, ms, fast_calibrate, tsc_khz;
         int hpet = is_hpet_enabled(), i, loopmin;
 
+        tsc_khz = get_hypervisor_tsc_freq();
+        if (tsc_khz) {
+                printk(KERN_INFO "TSC: Frequency read from the hypervisor\n");
+                return tsc_khz;
+        }
+
         local_irq_save(flags);
         fast_calibrate = quick_pit_calibrate();
         local_irq_restore(flags);
@@ -731,24 +748,21 @@ static struct dmi_system_id __initdata bad_tsc_dmi_table[] = {
         {}
 };
 
-/*
- * Geode_LX - the OLPC CPU has a possibly a very reliable TSC
- */
+static void __init check_system_tsc_reliable(void)
+{
 #ifdef CONFIG_MGEODE_LX
-/* RTSC counts during suspend */
+        /* RTSC counts during suspend */
 #define RTSC_SUSP 0x100
-
-static void __init check_geode_tsc_reliable(void)
-{
         unsigned long res_low, res_high;
 
         rdmsr_safe(MSR_GEODE_BUSCONT_CONF0, &res_low, &res_high);
+        /* Geode_LX - the OLPC CPU has a possibly a very reliable TSC */
         if (res_low & RTSC_SUSP)
-                clocksource_tsc.flags &= ~CLOCK_SOURCE_MUST_VERIFY;
-}
-#else
-static inline void check_geode_tsc_reliable(void) { }
+                tsc_clocksource_reliable = 1;
 #endif
+        if (boot_cpu_has(X86_FEATURE_TSC_RELIABLE))
+                tsc_clocksource_reliable = 1;
+}
 
 /*
  * Make an educated guess if the TSC is trustworthy and synchronized
@@ -783,6 +797,8 @@ static void __init init_tsc_clocksource(void)
 {
         clocksource_tsc.mult = clocksource_khz2mult(tsc_khz,
                         clocksource_tsc.shift);
+        if (tsc_clocksource_reliable)
+                clocksource_tsc.flags &= ~CLOCK_SOURCE_MUST_VERIFY;
         /* lower the rating if we already know its unstable: */
         if (check_tsc_unstable()) {
                 clocksource_tsc.rating = 0;
@@ -843,7 +859,7 @@ void __init tsc_init(void)
         if (unsynchronized_tsc())
                 mark_tsc_unstable("TSCs unsynchronized");
 
-        check_geode_tsc_reliable();
+        check_system_tsc_reliable();
         init_tsc_clocksource();
 }
 
diff --git a/arch/x86/kernel/tsc_sync.c b/arch/x86/kernel/tsc_sync.c
index 1c0dfbca87c1..bf36328f6ef9 100644
--- a/arch/x86/kernel/tsc_sync.c
+++ b/arch/x86/kernel/tsc_sync.c
@@ -112,6 +112,12 @@ void __cpuinit check_tsc_sync_source(int cpu)
         if (unsynchronized_tsc())
                 return;
 
+        if (boot_cpu_has(X86_FEATURE_TSC_RELIABLE)) {
+                printk(KERN_INFO
+                       "Skipping synchronization checks as TSC is reliable.\n");
+                return;
+        }
+
         printk(KERN_INFO "checking TSC synchronization [CPU#%d -> CPU#%d]:",
                           smp_processor_id(), cpu);
 
@@ -165,7 +171,7 @@ void __cpuinit check_tsc_sync_target(void)
 {
         int cpus = 2;
 
-        if (unsynchronized_tsc())
+        if (unsynchronized_tsc() || boot_cpu_has(X86_FEATURE_TSC_RELIABLE))
                 return;
 
         /*
diff --git a/arch/x86/kernel/vmi_32.c b/arch/x86/kernel/vmi_32.c
index 22fd6577156a..23206ba16874 100644
--- a/arch/x86/kernel/vmi_32.c
+++ b/arch/x86/kernel/vmi_32.c
@@ -266,109 +266,6 @@ static void vmi_nop(void)
 {
 }
 
-#ifdef CONFIG_DEBUG_PAGE_TYPE
-
-#ifdef CONFIG_X86_PAE
-#define MAX_BOOT_PTS (2048+4+1)
-#else
-#define MAX_BOOT_PTS (1024+1)
-#endif
-
-/*
- * During boot, mem_map is not yet available in paging_init, so stash
- * all the boot page allocations here.
- */
-static struct {
-        u32 pfn;
-        int type;
-} boot_page_allocations[MAX_BOOT_PTS];
-static int num_boot_page_allocations;
-static int boot_allocations_applied;
-
-void vmi_apply_boot_page_allocations(void)
-{
-        int i;
-        BUG_ON(!mem_map);
-        for (i = 0; i < num_boot_page_allocations; i++) {
-                struct page *page = pfn_to_page(boot_page_allocations[i].pfn);
-                page->type = boot_page_allocations[i].type;
-                page->type = boot_page_allocations[i].type &
-                                ~(VMI_PAGE_ZEROED | VMI_PAGE_CLONE);
-        }
-        boot_allocations_applied = 1;
-}
-
-static void record_page_type(u32 pfn, int type)
-{
-        BUG_ON(num_boot_page_allocations >= MAX_BOOT_PTS);
-        boot_page_allocations[num_boot_page_allocations].pfn = pfn;
-        boot_page_allocations[num_boot_page_allocations].type = type;
-        num_boot_page_allocations++;
-}
-
-static void check_zeroed_page(u32 pfn, int type, struct page *page)
-{
-        u32 *ptr;
-        int i;
-        int limit = PAGE_SIZE / sizeof(int);
-
-        if (page_address(page))
-                ptr = (u32 *)page_address(page);
-        else
-                ptr = (u32 *)__va(pfn << PAGE_SHIFT);
-        /*
-         * When cloning the root in non-PAE mode, only the userspace
-         * pdes need to be zeroed.
-         */
-        if (type & VMI_PAGE_CLONE)
-                limit = KERNEL_PGD_BOUNDARY;
-        for (i = 0; i < limit; i++)
-                BUG_ON(ptr[i]);
-}
-
-/*
- * We stash the page type into struct page so we can verify the page
- * types are used properly.
- */
-static void vmi_set_page_type(u32 pfn, int type)
-{
-        /* PAE can have multiple roots per page - don't track */
-        if (PTRS_PER_PMD > 1 && (type & VMI_PAGE_PDP))
-                return;
-
-        if (boot_allocations_applied) {
-                struct page *page = pfn_to_page(pfn);
-                if (type != VMI_PAGE_NORMAL)
-                        BUG_ON(page->type);
-                else
-                        BUG_ON(page->type == VMI_PAGE_NORMAL);
-                page->type = type & ~(VMI_PAGE_ZEROED | VMI_PAGE_CLONE);
-                if (type & VMI_PAGE_ZEROED)
-                        check_zeroed_page(pfn, type, page);
-        } else {
-                record_page_type(pfn, type);
-        }
-}
-
-static void vmi_check_page_type(u32 pfn, int type)
-{
-        /* PAE can have multiple roots per page - skip checks */
-        if (PTRS_PER_PMD > 1 && (type & VMI_PAGE_PDP))
-                return;
-
-        type &= ~(VMI_PAGE_ZEROED | VMI_PAGE_CLONE);
-        if (boot_allocations_applied) {
-                struct page *page = pfn_to_page(pfn);
-                BUG_ON((page->type ^ type) & VMI_PAGE_PAE);
-                BUG_ON(type == VMI_PAGE_NORMAL && page->type);
-                BUG_ON((type & page->type) == 0);
-        }
-}
-#else
-#define vmi_set_page_type(p,t) do { } while (0)
-#define vmi_check_page_type(p,t) do { } while (0)
-#endif
-
 #ifdef CONFIG_HIGHPTE
 static void *vmi_kmap_atomic_pte(struct page *page, enum km_type type)
 {
@@ -395,7 +292,6 @@ static void *vmi_kmap_atomic_pte(struct page *page, enum km_type type)
 
 static void vmi_allocate_pte(struct mm_struct *mm, unsigned long pfn)
 {
-        vmi_set_page_type(pfn, VMI_PAGE_L1);
         vmi_ops.allocate_page(pfn, VMI_PAGE_L1, 0, 0, 0);
 }
 
@@ -406,27 +302,22 @@ static void vmi_allocate_pmd(struct mm_struct *mm, unsigned long pfn)
          * It is called only for swapper_pg_dir, which already has
          * data on it.
          */
-        vmi_set_page_type(pfn, VMI_PAGE_L2);
         vmi_ops.allocate_page(pfn, VMI_PAGE_L2, 0, 0, 0);
 }
 
 static void vmi_allocate_pmd_clone(unsigned long pfn, unsigned long clonepfn, unsigned long start, unsigned long count)
 {
-        vmi_set_page_type(pfn, VMI_PAGE_L2 | VMI_PAGE_CLONE);
-        vmi_check_page_type(clonepfn, VMI_PAGE_L2);
         vmi_ops.allocate_page(pfn, VMI_PAGE_L2 | VMI_PAGE_CLONE, clonepfn, start, count);
 }
 
 static void vmi_release_pte(unsigned long pfn)
 {
         vmi_ops.release_page(pfn, VMI_PAGE_L1);
-        vmi_set_page_type(pfn, VMI_PAGE_NORMAL);
 }
 
 static void vmi_release_pmd(unsigned long pfn)
 {
         vmi_ops.release_page(pfn, VMI_PAGE_L2);
-        vmi_set_page_type(pfn, VMI_PAGE_NORMAL);
 }
 
 /*
@@ -450,26 +341,22 @@ static void vmi_release_pmd(unsigned long pfn)
 
 static void vmi_update_pte(struct mm_struct *mm, unsigned long addr, pte_t *ptep)
 {
-        vmi_check_page_type(__pa(ptep) >> PAGE_SHIFT, VMI_PAGE_PTE);
         vmi_ops.update_pte(ptep, vmi_flags_addr(mm, addr, VMI_PAGE_PT, 0));
 }
 
 static void vmi_update_pte_defer(struct mm_struct *mm, unsigned long addr, pte_t *ptep)
 {
-        vmi_check_page_type(__pa(ptep) >> PAGE_SHIFT, VMI_PAGE_PTE);
         vmi_ops.update_pte(ptep, vmi_flags_addr_defer(mm, addr, VMI_PAGE_PT, 0));
 }
 
 static void vmi_set_pte(pte_t *ptep, pte_t pte)
 {
         /* XXX because of set_pmd_pte, this can be called on PT or PD layers */
-        vmi_check_page_type(__pa(ptep) >> PAGE_SHIFT, VMI_PAGE_PTE | VMI_PAGE_PD);
         vmi_ops.set_pte(pte, ptep, VMI_PAGE_PT);
 }
 
 static void vmi_set_pte_at(struct mm_struct *mm, unsigned long addr, pte_t *ptep, pte_t pte)
 {
-        vmi_check_page_type(__pa(ptep) >> PAGE_SHIFT, VMI_PAGE_PTE);
         vmi_ops.set_pte(pte, ptep, vmi_flags_addr(mm, addr, VMI_PAGE_PT, 0));
 }
 
@@ -477,10 +364,8 @@ static void vmi_set_pmd(pmd_t *pmdp, pmd_t pmdval)
 {
 #ifdef CONFIG_X86_PAE
         const pte_t pte = { .pte = pmdval.pmd };
-        vmi_check_page_type(__pa(pmdp) >> PAGE_SHIFT, VMI_PAGE_PMD);
 #else
         const pte_t pte = { pmdval.pud.pgd.pgd };
-        vmi_check_page_type(__pa(pmdp) >> PAGE_SHIFT, VMI_PAGE_PGD);
 #endif
         vmi_ops.set_pte(pte, (pte_t *)pmdp, VMI_PAGE_PD);
 }
@@ -502,7 +387,6 @@ static void vmi_set_pte_atomic(pte_t *ptep, pte_t pteval)
 
 static void vmi_set_pte_present(struct mm_struct *mm, unsigned long addr, pte_t *ptep, pte_t pte)
 {
-        vmi_check_page_type(__pa(ptep) >> PAGE_SHIFT, VMI_PAGE_PTE);
         vmi_ops.set_pte(pte, ptep, vmi_flags_addr_defer(mm, addr, VMI_PAGE_PT, 1));
 }
 
@@ -510,21 +394,18 @@ static void vmi_set_pud(pud_t *pudp, pud_t pudval)
 {
         /* Um, eww */
         const pte_t pte = { .pte = pudval.pgd.pgd };
-        vmi_check_page_type(__pa(pudp) >> PAGE_SHIFT, VMI_PAGE_PGD);
         vmi_ops.set_pte(pte, (pte_t *)pudp, VMI_PAGE_PDP);
 }
 
 static void vmi_pte_clear(struct mm_struct *mm, unsigned long addr, pte_t *ptep)
 {
         const pte_t pte = { .pte = 0 };
-        vmi_check_page_type(__pa(ptep) >> PAGE_SHIFT, VMI_PAGE_PTE);
         vmi_ops.set_pte(pte, ptep, vmi_flags_addr(mm, addr, VMI_PAGE_PT, 0));
 }
 
 static void vmi_pmd_clear(pmd_t *pmd)
 {
         const pte_t pte = { .pte = 0 };
-        vmi_check_page_type(__pa(pmd) >> PAGE_SHIFT, VMI_PAGE_PMD);
         vmi_ops.set_pte(pte, (pte_t *)pmd, VMI_PAGE_PD);
 }
 #endif
diff --git a/arch/x86/kernel/vmlinux_32.lds.S b/arch/x86/kernel/vmlinux_32.lds.S
index a9b8560adbc2..82c67559dde7 100644
--- a/arch/x86/kernel/vmlinux_32.lds.S
+++ b/arch/x86/kernel/vmlinux_32.lds.S
@@ -44,6 +44,7 @@ SECTIONS
         SCHED_TEXT
         LOCK_TEXT
         KPROBES_TEXT
+        IRQENTRY_TEXT
         *(.fixup)
         *(.gnu.warning)
         _etext = .;                     /* End of text section */
diff --git a/arch/x86/kernel/vmlinux_64.lds.S b/arch/x86/kernel/vmlinux_64.lds.S
index 46e05447405b..1a614c0e6bef 100644
--- a/arch/x86/kernel/vmlinux_64.lds.S
+++ b/arch/x86/kernel/vmlinux_64.lds.S
@@ -35,6 +35,7 @@ SECTIONS
         SCHED_TEXT
         LOCK_TEXT
         KPROBES_TEXT
+        IRQENTRY_TEXT
         *(.fixup)
         *(.gnu.warning)
         _etext = .;             /* End of text section */
diff --git a/arch/x86/kernel/vsyscall_64.c b/arch/x86/kernel/vsyscall_64.c
index 6f3d3d4cd973..44153afc9067 100644
--- a/arch/x86/kernel/vsyscall_64.c
+++ b/arch/x86/kernel/vsyscall_64.c
@@ -131,7 +131,16 @@ static __always_inline void do_vgettimeofday(struct timeval * tv)
                         gettimeofday(tv,NULL);
                         return;
                 }
+
+                /*
+                 * Surround the RDTSC by barriers, to make sure it's not
+                 * speculated to outside the seqlock critical section and
+                 * does not cause time warps:
+                 */
+                rdtsc_barrier();
                 now = vread();
+                rdtsc_barrier();
+
                 base = __vsyscall_gtod_data.clock.cycle_last;
                 mask = __vsyscall_gtod_data.clock.mask;
                 mult = __vsyscall_gtod_data.clock.mult;
diff --git a/arch/x86/lguest/boot.c b/arch/x86/lguest/boot.c
index 104c8220a383..a7ed208f81e3 100644
--- a/arch/x86/lguest/boot.c
+++ b/arch/x86/lguest/boot.c
@@ -590,7 +590,8 @@ static void __init lguest_init_IRQ(void)
                  * a straightforward 1 to 1 mapping, so force that here. */
                 __get_cpu_var(vector_irq)[vector] = i;
                 if (vector != SYSCALL_VECTOR) {
-                        set_intr_gate(vector, interrupt[vector]);
+                        set_intr_gate(vector,
+                                      interrupt[vector-FIRST_EXTERNAL_VECTOR]);
                         set_irq_chip_and_handler_name(i, &lguest_irq_controller,
                                                       handle_level_irq,
                                                       "level");
diff --git a/arch/x86/lguest/i386_head.S b/arch/x86/lguest/i386_head.S
index 5c7cef34c9e7..10b9bd35a8ff 100644
--- a/arch/x86/lguest/i386_head.S
+++ b/arch/x86/lguest/i386_head.S
@@ -30,21 +30,6 @@ ENTRY(lguest_entry)
         movl $lguest_data - __PAGE_OFFSET, %edx
         int $LGUEST_TRAP_ENTRY
 
-        /* The Host put the toplevel pagetable in lguest_data.pgdir.  The movsl
-         * instruction uses %esi implicitly as the source for the copy we're
-         * about to do. */
-        movl lguest_data - __PAGE_OFFSET + LGUEST_DATA_pgdir, %esi
-
-        /* Copy first 32 entries of page directory to __PAGE_OFFSET entries.
-         * This means the first 128M of kernel memory will be mapped at
-         * PAGE_OFFSET where the kernel expects to run.  This will get it far
-         * enough through boot to switch to its own pagetables. */
-        movl $32, %ecx
-        movl %esi, %edi
-        addl $((__PAGE_OFFSET >> 22) * 4), %edi
-        rep
-        movsl
-
         /* Set up the initial stack so we can run C code. */
         movl $(init_thread_union+THREAD_SIZE),%esp
 
diff --git a/arch/x86/mm/fault.c b/arch/x86/mm/fault.c
index 21e996a70d68..57ec8c86a877 100644
--- a/arch/x86/mm/fault.c
+++ b/arch/x86/mm/fault.c
@@ -393,7 +393,7 @@ static void show_fault_oops(struct pt_regs *regs, unsigned long error_code,
                 if (pte && pte_present(*pte) && !pte_exec(*pte))
                         printk(KERN_CRIT "kernel tried to execute "
                                 "NX-protected page - exploit attempt? "
-                                "(uid: %d)\n", current->uid);
+                                "(uid: %d)\n", current_uid());
         }
 #endif
 
diff --git a/arch/x86/mm/init_32.c b/arch/x86/mm/init_32.c
index c483f4242079..8655b5bb0963 100644
--- a/arch/x86/mm/init_32.c
+++ b/arch/x86/mm/init_32.c
@@ -21,6 +21,7 @@
 #include <linux/init.h>
 #include <linux/highmem.h>
 #include <linux/pagemap.h>
+#include <linux/pci.h>
 #include <linux/pfn.h>
 #include <linux/poison.h>
 #include <linux/bootmem.h>
@@ -67,7 +68,7 @@ static unsigned long __meminitdata table_top;
 
 static int __initdata after_init_bootmem;
 
-static __init void *alloc_low_page(unsigned long *phys)
+static __init void *alloc_low_page(void)
 {
         unsigned long pfn = table_end++;
         void *adr;
@@ -77,7 +78,6 @@ static __init void *alloc_low_page(unsigned long *phys)
 
         adr = __va(pfn * PAGE_SIZE);
         memset(adr, 0, PAGE_SIZE);
-        *phys  = pfn * PAGE_SIZE;
         return adr;
 }
 
@@ -92,16 +92,17 @@ static pmd_t * __init one_md_table_init(pgd_t *pgd)
         pmd_t *pmd_table;
 
 #ifdef CONFIG_X86_PAE
-        unsigned long phys;
         if (!(pgd_val(*pgd) & _PAGE_PRESENT)) {
                 if (after_init_bootmem)
                         pmd_table = (pmd_t *)alloc_bootmem_low_pages(PAGE_SIZE);
                 else
-                        pmd_table = (pmd_t *)alloc_low_page(&phys);
+                        pmd_table = (pmd_t *)alloc_low_page();
                 paravirt_alloc_pmd(&init_mm, __pa(pmd_table) >> PAGE_SHIFT);
                 set_pgd(pgd, __pgd(__pa(pmd_table) | _PAGE_PRESENT));
                 pud = pud_offset(pgd, 0);
                 BUG_ON(pmd_table != pmd_offset(pud, 0));
+
+                return pmd_table;
         }
 #endif
         pud = pud_offset(pgd, 0);
@@ -126,10 +127,8 @@ static pte_t * __init one_page_table_init(pmd_t *pmd)
                         if (!page_table)
                                 page_table =
                                 (pte_t *)alloc_bootmem_low_pages(PAGE_SIZE);
-                } else {
-                        unsigned long phys;
-                        page_table = (pte_t *)alloc_low_page(&phys);
-                }
+                } else
+                        page_table = (pte_t *)alloc_low_page();
 
                 paravirt_alloc_pte(&init_mm, __pa(page_table) >> PAGE_SHIFT);
                 set_pmd(pmd, __pmd(__pa(page_table) | _PAGE_TABLE));
@@ -969,7 +968,7 @@ void __init mem_init(void)
         int codesize, reservedpages, datasize, initsize;
         int tmp;
 
-        start_periodic_check_for_corruption();
+        pci_iommu_alloc();
 
 #ifdef CONFIG_FLATMEM
         BUG_ON(!mem_map);
@@ -1040,11 +1039,25 @@ void __init mem_init(void)
                 (unsigned long)&_text, (unsigned long)&_etext,
                 ((unsigned long)&_etext - (unsigned long)&_text) >> 10);
 
+        /*
+         * Check boundaries twice: Some fundamental inconsistencies can
+         * be detected at build time already.
+         */
+#define __FIXADDR_TOP (-PAGE_SIZE)
+#ifdef CONFIG_HIGHMEM
+        BUILD_BUG_ON(PKMAP_BASE + LAST_PKMAP*PAGE_SIZE  > FIXADDR_START);
+        BUILD_BUG_ON(VMALLOC_END                        > PKMAP_BASE);
+#endif
+#define high_memory (-128UL << 20)
+        BUILD_BUG_ON(VMALLOC_START                      >= VMALLOC_END);
+#undef high_memory
+#undef __FIXADDR_TOP
+
 #ifdef CONFIG_HIGHMEM
         BUG_ON(PKMAP_BASE + LAST_PKMAP*PAGE_SIZE        > FIXADDR_START);
         BUG_ON(VMALLOC_END                              > PKMAP_BASE);
 #endif
-        BUG_ON(VMALLOC_START                            > VMALLOC_END);
+        BUG_ON(VMALLOC_START                            >= VMALLOC_END);
         BUG_ON((unsigned long)high_memory               > VMALLOC_START);
 
         if (boot_cpu_data.wp_works_ok < 0)
diff --git a/arch/x86/mm/init_64.c b/arch/x86/mm/init_64.c
index 9db01db6e3cd..9f7a0d24d42a 100644
--- a/arch/x86/mm/init_64.c
+++ b/arch/x86/mm/init_64.c
@@ -902,8 +902,6 @@ void __init mem_init(void)
         long codesize, reservedpages, datasize, initsize;
         unsigned long absent_pages;
 
-        start_periodic_check_for_corruption();
-
         pci_iommu_alloc();
 
         /* clear_bss() already clear the empty_zero_page */
diff --git a/arch/x86/mm/ioremap.c b/arch/x86/mm/ioremap.c
index d4c4307ff3e0..bd85d42819e1 100644
--- a/arch/x86/mm/ioremap.c
+++ b/arch/x86/mm/ioremap.c
@@ -223,7 +223,8 @@ static void __iomem *__ioremap_caller(resource_size_t phys_addr,
          * Check if the request spans more than any BAR in the iomem resource
          * tree.
          */
-        WARN_ON(iomem_map_sanity_check(phys_addr, size));
+        WARN_ONCE(iomem_map_sanity_check(phys_addr, size),
+                  KERN_INFO "Info: mapping multiple BARs. Your kernel is fine.");
 
         /*
          * Don't allow anybody to remap normal RAM that we're using..
diff --git a/arch/x86/mm/pat.c b/arch/x86/mm/pat.c
index eb1bf000d12e..85cbd3cd3723 100644
--- a/arch/x86/mm/pat.c
+++ b/arch/x86/mm/pat.c
@@ -596,6 +596,242 @@ void unmap_devmem(unsigned long pfn, unsigned long size, pgprot_t vma_prot)
         free_memtype(addr, addr + size);
 }
 
+/*
+ * Internal interface to reserve a range of physical memory with prot.
+ * Reserved non RAM regions only and after successful reserve_memtype,
+ * this func also keeps identity mapping (if any) in sync with this new prot.
+ */
+static int reserve_pfn_range(u64 paddr, unsigned long size, pgprot_t vma_prot)
+{
+        int is_ram = 0;
+        int id_sz, ret;
+        unsigned long flags;
+        unsigned long want_flags = (pgprot_val(vma_prot) & _PAGE_CACHE_MASK);
+
+        is_ram = pagerange_is_ram(paddr, paddr + size);
+
+        if (is_ram != 0) {
+                /*
+                 * For mapping RAM pages, drivers need to call
+                 * set_memory_[uc|wc|wb] directly, for reserve and free, before
+                 * setting up the PTE.
+                 */
+                WARN_ON_ONCE(1);
+                return 0;
+        }
+
+        ret = reserve_memtype(paddr, paddr + size, want_flags, &flags);
+        if (ret)
+                return ret;
+
+        if (flags != want_flags) {
+                free_memtype(paddr, paddr + size);
+                printk(KERN_ERR
+                "%s:%d map pfn expected mapping type %s for %Lx-%Lx, got %s\n",
+                        current->comm, current->pid,
+                        cattr_name(want_flags),
+                        (unsigned long long)paddr,
+                        (unsigned long long)(paddr + size),
+                        cattr_name(flags));
+                return -EINVAL;
+        }
+
+        /* Need to keep identity mapping in sync */
+        if (paddr >= __pa(high_memory))
+                return 0;
+
+        id_sz = (__pa(high_memory) < paddr + size) ?
+                                __pa(high_memory) - paddr :
+                                size;
+
+        if (ioremap_change_attr((unsigned long)__va(paddr), id_sz, flags) < 0) {
+                free_memtype(paddr, paddr + size);
+                printk(KERN_ERR
+                        "%s:%d reserve_pfn_range ioremap_change_attr failed %s "
+                        "for %Lx-%Lx\n",
+                        current->comm, current->pid,
+                        cattr_name(flags),
+                        (unsigned long long)paddr,
+                        (unsigned long long)(paddr + size));
+                return -EINVAL;
+        }
+        return 0;
+}
+
+/*
+ * Internal interface to free a range of physical memory.
+ * Frees non RAM regions only.
+ */
+static void free_pfn_range(u64 paddr, unsigned long size)
+{
+        int is_ram;
+
+        is_ram = pagerange_is_ram(paddr, paddr + size);
+        if (is_ram == 0)
+                free_memtype(paddr, paddr + size);
+}
+
+/*
+ * track_pfn_vma_copy is called when vma that is covering the pfnmap gets
+ * copied through copy_page_range().
+ *
+ * If the vma has a linear pfn mapping for the entire range, we get the prot
+ * from pte and reserve the entire vma range with single reserve_pfn_range call.
+ * Otherwise, we reserve the entire vma range, my ging through the PTEs page
+ * by page to get physical address and protection.
+ */
+int track_pfn_vma_copy(struct vm_area_struct *vma)
+{
+        int retval = 0;
+        unsigned long i, j;
+        resource_size_t paddr;
+        unsigned long prot;
+        unsigned long vma_start = vma->vm_start;
+        unsigned long vma_end = vma->vm_end;
+        unsigned long vma_size = vma_end - vma_start;
+
+        if (!pat_enabled)
+                return 0;
+
+        if (is_linear_pfn_mapping(vma)) {
+                /*
+                 * reserve the whole chunk covered by vma. We need the
+                 * starting address and protection from pte.
+                 */
+                if (follow_phys(vma, vma_start, 0, &prot, &paddr)) {
+                        WARN_ON_ONCE(1);
+                        return -EINVAL;
+                }
+                return reserve_pfn_range(paddr, vma_size, __pgprot(prot));
+        }
+
+        /* reserve entire vma page by page, using pfn and prot from pte */
+        for (i = 0; i < vma_size; i += PAGE_SIZE) {
+                if (follow_phys(vma, vma_start + i, 0, &prot, &paddr))
+                        continue;
+
+                retval = reserve_pfn_range(paddr, PAGE_SIZE, __pgprot(prot));
+                if (retval)
+                        goto cleanup_ret;
+        }
+        return 0;
+
+cleanup_ret:
+        /* Reserve error: Cleanup partial reservation and return error */
+        for (j = 0; j < i; j += PAGE_SIZE) {
+                if (follow_phys(vma, vma_start + j, 0, &prot, &paddr))
+                        continue;
+
+                free_pfn_range(paddr, PAGE_SIZE);
+        }
+
+        return retval;
+}
+
+/*
+ * track_pfn_vma_new is called when a _new_ pfn mapping is being established
+ * for physical range indicated by pfn and size.
+ *
+ * prot is passed in as a parameter for the new mapping. If the vma has a
+ * linear pfn mapping for the entire range reserve the entire vma range with
+ * single reserve_pfn_range call.
+ * Otherwise, we look t the pfn and size and reserve only the specified range
+ * page by page.
+ *
+ * Note that this function can be called with caller trying to map only a
+ * subrange/page inside the vma.
+ */
+int track_pfn_vma_new(struct vm_area_struct *vma, pgprot_t prot,
+                        unsigned long pfn, unsigned long size)
+{
+        int retval = 0;
+        unsigned long i, j;
+        resource_size_t base_paddr;
+        resource_size_t paddr;
+        unsigned long vma_start = vma->vm_start;
+        unsigned long vma_end = vma->vm_end;
+        unsigned long vma_size = vma_end - vma_start;
+
+        if (!pat_enabled)
+                return 0;
+
+        if (is_linear_pfn_mapping(vma)) {
+                /* reserve the whole chunk starting from vm_pgoff */
+                paddr = (resource_size_t)vma->vm_pgoff << PAGE_SHIFT;
+                return reserve_pfn_range(paddr, vma_size, prot);
+        }
+
+        /* reserve page by page using pfn and size */
+        base_paddr = (resource_size_t)pfn << PAGE_SHIFT;
+        for (i = 0; i < size; i += PAGE_SIZE) {
+                paddr = base_paddr + i;
+                retval = reserve_pfn_range(paddr, PAGE_SIZE, prot);
+                if (retval)
+                        goto cleanup_ret;
+        }
+        return 0;
+
+cleanup_ret:
+        /* Reserve error: Cleanup partial reservation and return error */
+        for (j = 0; j < i; j += PAGE_SIZE) {
+                paddr = base_paddr + j;
+                free_pfn_range(paddr, PAGE_SIZE);
+        }
+
+        return retval;
+}
+
+/*
+ * untrack_pfn_vma is called while unmapping a pfnmap for a region.
+ * untrack can be called for a specific region indicated by pfn and size or
+ * can be for the entire vma (in which case size can be zero).
+ */
+void untrack_pfn_vma(struct vm_area_struct *vma, unsigned long pfn,
+                        unsigned long size)
+{
+        unsigned long i;
+        resource_size_t paddr;
+        unsigned long prot;
+        unsigned long vma_start = vma->vm_start;
+        unsigned long vma_end = vma->vm_end;
+        unsigned long vma_size = vma_end - vma_start;
+
+        if (!pat_enabled)
+                return;
+
+        if (is_linear_pfn_mapping(vma)) {
+                /* free the whole chunk starting from vm_pgoff */
+                paddr = (resource_size_t)vma->vm_pgoff << PAGE_SHIFT;
+                free_pfn_range(paddr, vma_size);
+                return;
+        }
+
+        if (size != 0 && size != vma_size) {
+                /* free page by page, using pfn and size */
+                paddr = (resource_size_t)pfn << PAGE_SHIFT;
+                for (i = 0; i < size; i += PAGE_SIZE) {
+                        paddr = paddr + i;
+                        free_pfn_range(paddr, PAGE_SIZE);
+                }
+        } else {
+                /* free entire vma, page by page, using the pfn from pte */
+                for (i = 0; i < vma_size; i += PAGE_SIZE) {
+                        if (follow_phys(vma, vma_start + i, 0, &prot, &paddr))
+                                continue;
+
+                        free_pfn_range(paddr, PAGE_SIZE);
+                }
+        }
+}
+
+pgprot_t pgprot_writecombine(pgprot_t prot)
+{
+        if (pat_enabled)
+                return __pgprot(pgprot_val(prot) | _PAGE_CACHE_WC);
+        else
+                return pgprot_noncached(prot);
+}
+
 #if defined(CONFIG_DEBUG_FS) && defined(CONFIG_X86_PAT)
 
 /* get Nth element of the linked list */
diff --git a/arch/x86/oprofile/op_model_amd.c b/arch/x86/oprofile/op_model_amd.c
index 509513760a6e..98658f25f542 100644
--- a/arch/x86/oprofile/op_model_amd.c
+++ b/arch/x86/oprofile/op_model_amd.c
@@ -65,11 +65,13 @@ static unsigned long reset_value[NUM_COUNTERS];
 #define IBS_FETCH_BEGIN 3
 #define IBS_OP_BEGIN    4
 
-/* The function interface needs to be fixed, something like add
-   data. Should then be added to linux/oprofile.h. */
+/*
+ * The function interface needs to be fixed, something like add
+ * data. Should then be added to linux/oprofile.h.
+ */
 extern void
-oprofile_add_ibs_sample(struct pt_regs *const regs,
-                        unsigned int *const ibs_sample, int ibs_code);
+oprofile_add_ibs_sample(struct pt_regs * const regs,
+                        unsigned int * const ibs_sample, int ibs_code);
 
 struct ibs_fetch_sample {
         /* MSRC001_1031 IBS Fetch Linear Address Register */
@@ -104,11 +106,6 @@ struct ibs_op_sample {
         unsigned int ibs_dc_phys_high;
 };
 
-/*
- * unitialize the APIC for the IBS interrupts if needed on AMD Family10h+
-*/
-static void clear_ibs_nmi(void);
-
 static int ibs_allowed; /* AMD Family10h and later */
 
 struct op_ibs_config {
@@ -223,7 +220,7 @@ op_amd_handle_ibs(struct pt_regs * const regs,
                                                 (unsigned int *)&ibs_fetch,
                                                 IBS_FETCH_BEGIN);
 
-                        /*reenable the IRQ */
+                        /* reenable the IRQ */
                         rdmsr(MSR_AMD64_IBSFETCHCTL, low, high);
                         high &= ~IBS_FETCH_HIGH_VALID_BIT;
                         high |= IBS_FETCH_HIGH_ENABLE;
@@ -331,8 +328,10 @@ static void op_amd_stop(struct op_msrs const * const msrs)
         unsigned int low, high;
         int i;
 
-        /* Subtle: stop on all counters to avoid race with
-         * setting our pm callback */
+        /*
+         * Subtle: stop on all counters to avoid race with setting our
+         * pm callback
+         */
         for (i = 0 ; i < NUM_COUNTERS ; ++i) {
                 if (!reset_value[i])
                         continue;
@@ -343,13 +342,15 @@ static void op_amd_stop(struct op_msrs const * const msrs)
 
 #ifdef CONFIG_OPROFILE_IBS
         if (ibs_allowed && ibs_config.fetch_enabled) {
-                low = 0;                /* clear max count and enable */
+                /* clear max count and enable */
+                low = 0;
                 high = 0;
                 wrmsr(MSR_AMD64_IBSFETCHCTL, low, high);
         }
 
         if (ibs_allowed && ibs_config.op_enabled) {
-                low = 0;                /* clear max count and enable */
+                /* clear max count and enable */
+                low = 0;
                 high = 0;
                 wrmsr(MSR_AMD64_IBSOPCTL, low, high);
         }
@@ -370,18 +371,7 @@ static void op_amd_shutdown(struct op_msrs const * const msrs)
         }
 }
 
-#ifndef CONFIG_OPROFILE_IBS
-
-/* no IBS support */
-
-static int op_amd_init(struct oprofile_operations *ops)
-{
-        return 0;
-}
-
-static void op_amd_exit(void) {}
-
-#else
+#ifdef CONFIG_OPROFILE_IBS
 
 static u8 ibs_eilvt_off;
 
@@ -395,7 +385,7 @@ static inline void apic_clear_ibs_nmi_per_cpu(void *arg)
         setup_APIC_eilvt_ibs(0, APIC_EILVT_MSG_FIX, 1);
 }
 
-static int pfm_amd64_setup_eilvt(void)
+static int init_ibs_nmi(void)
 {
 #define IBSCTL_LVTOFFSETVAL             (1 << 8)
 #define IBSCTL                          0x1cc
@@ -443,18 +433,22 @@ static int pfm_amd64_setup_eilvt(void)
         return 0;
 }
 
-/*
- * initialize the APIC for the IBS interrupts
- * if available (AMD Family10h rev B0 and later)
- */
-static void setup_ibs(void)
+/* uninitialize the APIC for the IBS interrupts if needed */
+static void clear_ibs_nmi(void)
+{
+        if (ibs_allowed)
+                on_each_cpu(apic_clear_ibs_nmi_per_cpu, NULL, 1);
+}
+
+/* initialize the APIC for the IBS interrupts if available */
+static void ibs_init(void)
 {
         ibs_allowed = boot_cpu_has(X86_FEATURE_IBS);
 
         if (!ibs_allowed)
                 return;
 
-        if (pfm_amd64_setup_eilvt()) {
+        if (init_ibs_nmi()) {
                 ibs_allowed = 0;
                 return;
         }
@@ -462,14 +456,12 @@ static void setup_ibs(void)
         printk(KERN_INFO "oprofile: AMD IBS detected\n");
 }
 
-
-/*
- * unitialize the APIC for the IBS interrupts if needed on AMD Family10h
- * rev B0 and later */
-static void clear_ibs_nmi(void)
+static void ibs_exit(void)
 {
-        if (ibs_allowed)
-                on_each_cpu(apic_clear_ibs_nmi_per_cpu, NULL, 1);
+        if (!ibs_allowed)
+                return;
+
+        clear_ibs_nmi();
 }
 
 static int (*create_arch_files)(struct super_block *sb, struct dentry *root);
@@ -519,7 +511,7 @@ static int setup_ibs_files(struct super_block *sb, struct dentry *root)
 
 static int op_amd_init(struct oprofile_operations *ops)
 {
-        setup_ibs();
+        ibs_init();
         create_arch_files = ops->create_files;
         ops->create_files = setup_ibs_files;
         return 0;
@@ -527,10 +519,21 @@ static int op_amd_init(struct oprofile_operations *ops)
 
 static void op_amd_exit(void)
 {
-        clear_ibs_nmi();
+        ibs_exit();
 }
 
-#endif
+#else
+
+/* no IBS support */
+
+static int op_amd_init(struct oprofile_operations *ops)
+{
+        return 0;
+}
+
+static void op_amd_exit(void) {}
+
+#endif /* CONFIG_OPROFILE_IBS */
 
 struct op_x86_model_spec const op_amd_spec = {
         .init                   = op_amd_init,
diff --git a/arch/x86/pci/common.c b/arch/x86/pci/common.c
index b67732bbb85a..bb1a01f089e2 100644
--- a/arch/x86/pci/common.c
+++ b/arch/x86/pci/common.c
@@ -23,6 +23,12 @@ unsigned int pci_probe = PCI_PROBE_BIOS | PCI_PROBE_CONF1 | PCI_PROBE_CONF2 |
 unsigned int pci_early_dump_regs;
 static int pci_bf_sort;
 int pci_routeirq;
+int noioapicquirk;
+#ifdef CONFIG_X86_REROUTE_FOR_BROKEN_BOOT_IRQS
+int noioapicreroute = 0;
+#else
+int noioapicreroute = 1;
+#endif
 int pcibios_last_bus = -1;
 unsigned long pirq_table_addr;
 struct pci_bus *pci_root_bus;
@@ -519,6 +525,17 @@ char * __devinit  pcibios_setup(char *str)
         } else if (!strcmp(str, "skip_isa_align")) {
                 pci_probe |= PCI_CAN_SKIP_ISA_ALIGN;
                 return NULL;
+        } else if (!strcmp(str, "noioapicquirk")) {
+                noioapicquirk = 1;
+                return NULL;
+        } else if (!strcmp(str, "ioapicreroute")) {
+                if (noioapicreroute != -1)
+                        noioapicreroute = 0;
+                return NULL;
+        } else if (!strcmp(str, "noioapicreroute")) {
+                if (noioapicreroute != -1)
+                        noioapicreroute = 1;
+                return NULL;
         }
         return str;
 }
diff --git a/arch/x86/scripts/strip-symbols b/arch/x86/scripts/strip-symbols
new file mode 100644
index 000000000000..a2f1ccb827c7
--- /dev/null
+++ b/arch/x86/scripts/strip-symbols
@@ -0,0 +1 @@
+__cpu_vendor_dev_X86_VENDOR_*
diff --git a/arch/x86/vdso/vdso32-setup.c b/arch/x86/vdso/vdso32-setup.c
index 513f330c5832..1241f118ab56 100644
--- a/arch/x86/vdso/vdso32-setup.c
+++ b/arch/x86/vdso/vdso32-setup.c
@@ -310,7 +310,7 @@ int __init sysenter_setup(void)
 }
 
 /* Setup a VMA at program startup for the vsyscall page */
-int arch_setup_additional_pages(struct linux_binprm *bprm, int exstack)
+int arch_setup_additional_pages(struct linux_binprm *bprm, int uses_interp)
 {
         struct mm_struct *mm = current->mm;
         unsigned long addr;
diff --git a/arch/x86/vdso/vma.c b/arch/x86/vdso/vma.c
index 257ba4a10abf..9c98cc6ba978 100644
--- a/arch/x86/vdso/vma.c
+++ b/arch/x86/vdso/vma.c
@@ -98,7 +98,7 @@ static unsigned long vdso_addr(unsigned long start, unsigned len)
 
 /* Setup a VMA at program startup for the vsyscall page.
    Not called for compat tasks */
-int arch_setup_additional_pages(struct linux_binprm *bprm, int exstack)
+int arch_setup_additional_pages(struct linux_binprm *bprm, int uses_interp)
 {
         struct mm_struct *mm = current->mm;
         unsigned long addr;
diff --git a/arch/x86/xen/enlighten.c b/arch/x86/xen/enlighten.c
index 5e4686d70f62..bea215230b20 100644
--- a/arch/x86/xen/enlighten.c
+++ b/arch/x86/xen/enlighten.c
@@ -28,6 +28,7 @@
 #include <linux/console.h>
 
 #include <xen/interface/xen.h>
+#include <xen/interface/version.h>
 #include <xen/interface/physdev.h>
 #include <xen/interface/vcpu.h>
 #include <xen/features.h>
@@ -793,7 +794,7 @@ static int xen_write_msr_safe(unsigned int msr, unsigned low, unsigned high)
 
         ret = 0;
 
-        switch(msr) {
+        switch (msr) {
 #ifdef CONFIG_X86_64
                 unsigned which;
                 u64 base;
@@ -1453,7 +1454,7 @@ static __init void xen_map_identity_early(pmd_t *pmd, unsigned long max_pfn)
 
         ident_pte = 0;
         pfn = 0;
-        for(pmdidx = 0; pmdidx < PTRS_PER_PMD && pfn < max_pfn; pmdidx++) {
+        for (pmdidx = 0; pmdidx < PTRS_PER_PMD && pfn < max_pfn; pmdidx++) {
                 pte_t *pte_page;
 
                 /* Reuse or allocate a page of ptes */
@@ -1471,7 +1472,7 @@ static __init void xen_map_identity_early(pmd_t *pmd, unsigned long max_pfn)
                 }
 
                 /* Install mappings */
-                for(pteidx = 0; pteidx < PTRS_PER_PTE; pteidx++, pfn++) {
+                for (pteidx = 0; pteidx < PTRS_PER_PTE; pteidx++, pfn++) {
                         pte_t pte;
 
                         if (pfn > max_pfn_mapped)
@@ -1485,7 +1486,7 @@ static __init void xen_map_identity_early(pmd_t *pmd, unsigned long max_pfn)
                 }
         }
 
-        for(pteidx = 0; pteidx < ident_pte; pteidx += PTRS_PER_PTE)
+        for (pteidx = 0; pteidx < ident_pte; pteidx += PTRS_PER_PTE)
                 set_page_prot(&level1_ident_pgt[pteidx], PAGE_KERNEL_RO);
 
         set_page_prot(pmd, PAGE_KERNEL_RO);
@@ -1499,7 +1500,7 @@ static void convert_pfn_mfn(void *v)
 
         /* All levels are converted the same way, so just treat them
            as ptes. */
-        for(i = 0; i < PTRS_PER_PTE; i++)
+        for (i = 0; i < PTRS_PER_PTE; i++)
                 pte[i] = xen_make_pte(pte[i].pte);
 }
 
@@ -1514,7 +1515,8 @@ static void convert_pfn_mfn(void *v)
  * of the physical mapping once some sort of allocator has been set
  * up.
  */
-static __init pgd_t *xen_setup_kernel_pagetable(pgd_t *pgd, unsigned long max_pfn)
+static __init pgd_t *xen_setup_kernel_pagetable(pgd_t *pgd,
+                                                unsigned long max_pfn)
 {
         pud_t *l3;
         pmd_t *l2;
@@ -1577,7 +1579,8 @@ static __init pgd_t *xen_setup_kernel_pagetable(pgd_t *pgd, unsigned long max_pf
 #else   /* !CONFIG_X86_64 */
 static pmd_t level2_kernel_pgt[PTRS_PER_PMD] __page_aligned_bss;
 
-static __init pgd_t *xen_setup_kernel_pagetable(pgd_t *pgd, unsigned long max_pfn)
+static __init pgd_t *xen_setup_kernel_pagetable(pgd_t *pgd,
+                                                unsigned long max_pfn)
 {
         pmd_t *kernel_pmd;
 
diff --git a/arch/x86/xen/mmu.c b/arch/x86/xen/mmu.c
index e59e53b11e2b..503c240e26c7 100644
--- a/arch/x86/xen/mmu.c
+++ b/arch/x86/xen/mmu.c
@@ -154,13 +154,13 @@ void xen_setup_mfn_list_list(void)
 {
         unsigned pfn, idx;
 
-        for(pfn = 0; pfn < MAX_DOMAIN_PAGES; pfn += P2M_ENTRIES_PER_PAGE) {
+        for (pfn = 0; pfn < MAX_DOMAIN_PAGES; pfn += P2M_ENTRIES_PER_PAGE) {
                 unsigned topidx = p2m_top_index(pfn);
 
                 p2m_top_mfn[topidx] = virt_to_mfn(p2m_top[topidx]);
         }
 
-        for(idx = 0; idx < ARRAY_SIZE(p2m_top_mfn_list); idx++) {
+        for (idx = 0; idx < ARRAY_SIZE(p2m_top_mfn_list); idx++) {
                 unsigned topidx = idx * P2M_ENTRIES_PER_PAGE;
                 p2m_top_mfn_list[idx] = virt_to_mfn(&p2m_top_mfn[topidx]);
         }
@@ -179,7 +179,7 @@ void __init xen_build_dynamic_phys_to_machine(void)
         unsigned long max_pfn = min(MAX_DOMAIN_PAGES, xen_start_info->nr_pages);
         unsigned pfn;
 
-        for(pfn = 0; pfn < max_pfn; pfn += P2M_ENTRIES_PER_PAGE) {
+        for (pfn = 0; pfn < max_pfn; pfn += P2M_ENTRIES_PER_PAGE) {
                 unsigned topidx = p2m_top_index(pfn);
 
                 p2m_top[topidx] = &mfn_list[pfn];
@@ -207,7 +207,7 @@ static void alloc_p2m(unsigned long **pp, unsigned long *mfnp)
         p = (void *)__get_free_page(GFP_KERNEL | __GFP_NOFAIL);
         BUG_ON(p == NULL);
 
-        for(i = 0; i < P2M_ENTRIES_PER_PAGE; i++)
+        for (i = 0; i < P2M_ENTRIES_PER_PAGE; i++)
                 p[i] = INVALID_P2M_ENTRY;
 
         if (cmpxchg(pp, p2m_missing, p) != p2m_missing)
@@ -407,7 +407,8 @@ out:
                 preempt_enable();
 }
 
-pte_t xen_ptep_modify_prot_start(struct mm_struct *mm, unsigned long addr, pte_t *ptep)
+pte_t xen_ptep_modify_prot_start(struct mm_struct *mm,
+                                 unsigned long addr, pte_t *ptep)
 {
         /* Just return the pte as-is.  We preserve the bits on commit */
         return *ptep;
@@ -878,7 +879,8 @@ static void __xen_pgd_pin(struct mm_struct *mm, pgd_t *pgd)
 
                 if (user_pgd) {
                         xen_pin_page(mm, virt_to_page(user_pgd), PT_PGD);
-                        xen_do_pin(MMUEXT_PIN_L4_TABLE, PFN_DOWN(__pa(user_pgd)));
+                        xen_do_pin(MMUEXT_PIN_L4_TABLE,
+                                   PFN_DOWN(__pa(user_pgd)));
                 }
         }
 #else /* CONFIG_X86_32 */
@@ -993,7 +995,8 @@ static void __xen_pgd_unpin(struct mm_struct *mm, pgd_t *pgd)
                 pgd_t *user_pgd = xen_get_user_pgd(pgd);
 
                 if (user_pgd) {
-                        xen_do_pin(MMUEXT_UNPIN_TABLE, PFN_DOWN(__pa(user_pgd)));
+                        xen_do_pin(MMUEXT_UNPIN_TABLE,
+                                   PFN_DOWN(__pa(user_pgd)));
                         xen_unpin_page(mm, virt_to_page(user_pgd), PT_PGD);
                 }
         }
diff --git a/arch/x86/xen/multicalls.c b/arch/x86/xen/multicalls.c
index 8ea8a0d0b0de..c738644b5435 100644
--- a/arch/x86/xen/multicalls.c
+++ b/arch/x86/xen/multicalls.c
@@ -154,7 +154,7 @@ void xen_mc_flush(void)
                                ret, smp_processor_id());
                         dump_stack();
                         for (i = 0; i < b->mcidx; i++) {
-                                printk("  call %2d/%d: op=%lu arg=[%lx] result=%ld\n",
+                                printk(KERN_DEBUG "  call %2d/%d: op=%lu arg=[%lx] result=%ld\n",
                                        i+1, b->mcidx,
                                        b->debug[i].op,
                                        b->debug[i].args[0],
diff --git a/arch/x86/xen/setup.c b/arch/x86/xen/setup.c
index d67901083888..15c6c68db6a2 100644
--- a/arch/x86/xen/setup.c
+++ b/arch/x86/xen/setup.c
@@ -28,6 +28,9 @@
 /* These are code, but not functions.  Defined in entry.S */
 extern const char xen_hypervisor_callback[];
 extern const char xen_failsafe_callback[];
+extern void xen_sysenter_target(void);
+extern void xen_syscall_target(void);
+extern void xen_syscall32_target(void);
 
 
 /**
@@ -110,7 +113,6 @@ static __cpuinit int register_callback(unsigned type, const void *func)
 
 void __cpuinit xen_enable_sysenter(void)
 {
-        extern void xen_sysenter_target(void);
         int ret;
         unsigned sysenter_feature;
 
@@ -132,8 +134,6 @@ void __cpuinit xen_enable_syscall(void)
 {
 #ifdef CONFIG_X86_64
         int ret;
-        extern void xen_syscall_target(void);
-        extern void xen_syscall32_target(void);
 
         ret = register_callback(CALLBACKTYPE_syscall, xen_syscall_target);
         if (ret != 0) {
@@ -160,7 +160,8 @@ void __init xen_arch_setup(void)
         HYPERVISOR_vm_assist(VMASST_CMD_enable, VMASST_TYPE_writable_pagetables);
 
         if (!xen_feature(XENFEAT_auto_translated_physmap))
-                HYPERVISOR_vm_assist(VMASST_CMD_enable, VMASST_TYPE_pae_extended_cr3);
+                HYPERVISOR_vm_assist(VMASST_CMD_enable,
+                                     VMASST_TYPE_pae_extended_cr3);
 
         if (register_callback(CALLBACKTYPE_event, xen_hypervisor_callback) ||
             register_callback(CALLBACKTYPE_failsafe, xen_failsafe_callback))