3.8.2-204.fc18.gnu

10 files changed, 1230 insertions, 58 deletions

diff --git a/freed-ora/current/f18/0001-drivers-crypto-nx-fix-init-race-alignmasks-and-GCM-b.patch b/freed-ora/current/f18/0001-drivers-crypto-nx-fix-init-race-alignmasks-and-GCM-b.patch
new file mode 100644
index 000000000..c8d30455e
--- /dev/null
+++ b/freed-ora/current/f18/0001-drivers-crypto-nx-fix-init-race-alignmasks-and-GCM-b.patch
@@ -0,0 +1,83 @@
+From b05ceba560e094d27ff716f6df1e2d5ef670d4d3 Mon Sep 17 00:00:00 2001
+From: Kent Yoder <key@linux.vnet.ibm.com>
+Date: Wed, 27 Feb 2013 15:50:27 -0600
+Subject: [PATCH] drivers/crypto/nx: fix init race, alignmasks and GCM bug
+
+  Fixes a race on driver init with registering algorithms where the
+driver status flag wasn't being set before self testing started.
+
+  Added the cra_alignmask field for CBC and ECB modes.
+
+  Fixed a bug in GCM where AES block size was being used instead of
+authsize.
+
+Signed-off-by: Kent Yoder <key@linux.vnet.ibm.com>
+---
+ drivers/crypto/nx/nx-aes-cbc.c | 1 +
+ drivers/crypto/nx/nx-aes-ecb.c | 1 +
+ drivers/crypto/nx/nx-aes-gcm.c | 2 +-
+ drivers/crypto/nx/nx.c         | 4 ++--
+ 4 files changed, 5 insertions(+), 3 deletions(-)
+
+diff --git a/drivers/crypto/nx/nx-aes-cbc.c b/drivers/crypto/nx/nx-aes-cbc.c
+index a76d4c4..35d483f 100644
+--- a/drivers/crypto/nx/nx-aes-cbc.c
++++ b/drivers/crypto/nx/nx-aes-cbc.c
+@@ -126,6 +126,7 @@ struct crypto_alg nx_cbc_aes_alg = {
+ 	.cra_blocksize   = AES_BLOCK_SIZE,
+ 	.cra_ctxsize     = sizeof(struct nx_crypto_ctx),
+ 	.cra_type        = &crypto_blkcipher_type,
++	.cra_alignmask   = 0xf,
+ 	.cra_module      = THIS_MODULE,
+ 	.cra_init        = nx_crypto_ctx_aes_cbc_init,
+ 	.cra_exit        = nx_crypto_ctx_exit,
+diff --git a/drivers/crypto/nx/nx-aes-ecb.c b/drivers/crypto/nx/nx-aes-ecb.c
+index ba5f161..7bbc9a8 100644
+--- a/drivers/crypto/nx/nx-aes-ecb.c
++++ b/drivers/crypto/nx/nx-aes-ecb.c
+@@ -123,6 +123,7 @@ struct crypto_alg nx_ecb_aes_alg = {
+ 	.cra_priority    = 300,
+ 	.cra_flags       = CRYPTO_ALG_TYPE_BLKCIPHER,
+ 	.cra_blocksize   = AES_BLOCK_SIZE,
++	.cra_alignmask   = 0xf,
+ 	.cra_ctxsize     = sizeof(struct nx_crypto_ctx),
+ 	.cra_type        = &crypto_blkcipher_type,
+ 	.cra_module      = THIS_MODULE,
+diff --git a/drivers/crypto/nx/nx-aes-gcm.c b/drivers/crypto/nx/nx-aes-gcm.c
+index c8109ed..6cca6c3 100644
+--- a/drivers/crypto/nx/nx-aes-gcm.c
++++ b/drivers/crypto/nx/nx-aes-gcm.c
+@@ -219,7 +219,7 @@ static int gcm_aes_nx_crypt(struct aead_request *req, int enc)
+ 	if (enc)
+ 		NX_CPB_FDM(csbcpb) |= NX_FDM_ENDE_ENCRYPT;
+ 	else
+-		nbytes -= AES_BLOCK_SIZE;
++		nbytes -= crypto_aead_authsize(crypto_aead_reqtfm(req));
+ 
+ 	csbcpb->cpb.aes_gcm.bit_length_data = nbytes * 8;
+ 
+diff --git a/drivers/crypto/nx/nx.c b/drivers/crypto/nx/nx.c
+index c767f23..7621d05 100644
+--- a/drivers/crypto/nx/nx.c
++++ b/drivers/crypto/nx/nx.c
+@@ -454,6 +454,8 @@ static int nx_register_algs(void)
+ 	if (rc)
+ 		goto out;
+ 
++	nx_driver.of.status = NX_OKAY;
++
+ 	rc = crypto_register_alg(&nx_ecb_aes_alg);
+ 	if (rc)
+ 		goto out;
+@@ -498,8 +500,6 @@ static int nx_register_algs(void)
+ 	if (rc)
+ 		goto out_unreg_s512;
+ 
+-	nx_driver.of.status = NX_OKAY;
+-
+ 	goto out;
+ 
+ out_unreg_s512:
+-- 
+1.7.11.7
+
diff --git a/freed-ora/current/f18/config-arm-omap b/freed-ora/current/f18/config-arm-omap
index 976d4381d..38a73b4b1 100644
--- a/freed-ora/current/f18/config-arm-omap
+++ b/freed-ora/current/f18/config-arm-omap
@@ -6,8 +6,6 @@ CONFIG_ARCH_OMAP2PLUS=y
 #
 # OMAP Feature Selections
 #
-CONFIG_OMAP_SMARTREFLEX=y
-CONFIG_OMAP_SMARTREFLEX_CLASS3=y
 CONFIG_OMAP_RESET_CLOCKS=y
 CONFIG_OMAP_MUX=y
 # CONFIG_OMAP_MUX_DEBUG is not set
@@ -28,8 +26,6 @@ CONFIG_HWSPINLOCK_OMAP=m
 CONFIG_DMA_OMAP=y
 # CONFIG_DMADEVICES_VDEBUG is not set
 
-CONFIG_ARM_OMAP2PLUS_CPUFREQ=y
-
 #
 # TI OMAP2/3/4 Specific Features
 #
@@ -146,6 +142,13 @@ CONFIG_OMAP_BANDGAP=y
 CONFIG_OMAP4_THERMAL=y
 CONFIG_OMAP5_THERMAL=y
 
+# OMAP3 thermal/power
+CONFIG_POWER_AVS=y
+CONFIG_POWER_AVS_OMAP=y
+CONFIG_POWER_AVS_OMAP_CLASS3=y
+
+CONFIG_ARM_OMAP2PLUS_CPUFREQ=y
+
 #
 # OMAP Hardware
 #
@@ -211,10 +214,15 @@ CONFIG_REGULATOR_TPS65910=y
 CONFIG_MEDIA_CONTROLLER=y
 CONFIG_VIDEO_V4L2_SUBDEV_API=y
 CONFIG_V4L_PLATFORM_DRIVERS=y
-CONFIG_VIDEO_VPFE_CAPTURE=m
 CONFIG_VIDEO_OMAP2_VOUT=m
-CONFIG_VIDEO_DM6446_CCDC=m
-# CONFIG_VIDEO_OMAP3 is not set
+CONFIG_VIDEO_OMAP3=m
+CONFIG_VIDEO_VPFE_CAPTURE=m
+# The ones below are for TI Davinci
+# CONFIG_VIDEO_VPSS_SYSTEM is not set
+# CONFIG_VIDEO_DM6446_CCDC is not set
+# CONFIG_VIDEO_DM644X_VPBE is not set
+# CONFIG_VIDEO_DM355_CCDC is not set
+# CONFIG_VIDEO_ISIF is not set
 # Also enable vivi driver - useful for testing a full kernelspace V4L2 driver
 CONFIG_V4L_TEST_DRIVERS=y
 CONFIG_VIDEO_VIVI=m
diff --git a/freed-ora/current/f18/config-armv7 b/freed-ora/current/f18/config-armv7
index cc9307422..0f8477544 100644
--- a/freed-ora/current/f18/config-armv7
+++ b/freed-ora/current/f18/config-armv7
@@ -138,8 +138,10 @@ CONFIG_EARLY_PRINTK=y
 CONFIG_LBDAF=y
 
 CONFIG_COMMON_CLK=y
+CONFIG_REGULATOR=y
 
 # Versatile and highbank
+CONFIG_VEXPRESS_CONFIG=y
 CONFIG_ARM_TIMER_SP804=y
 
 CONFIG_SERIO_AMBAKMI=m
@@ -177,6 +179,7 @@ CONFIG_I2C_VERSATILE=m
 CONFIG_OC_ETM=y
 CONFIG_ARCH_VEXPRESS_CORTEX_A5_A9_ERRATA=y
 CONFIG_SENSORS_VEXPRESS=m
+CONFIG_REGULATOR_VEXPRESS=m
 
 # unknown and needs review
 CONFIG_ARM_AMBA=y
@@ -367,6 +370,26 @@ CONFIG_FB_SSD1307=m
 
 # Regulator drivers
 CONFIG_REGULATOR_FAN53555=m
+# CONFIG_CHARGER_MANAGER is not set
+# CONFIG_REGULATOR_DUMMY is not set
+# CONFIG_REGULATOR_VIRTUAL_CONSUMER is not set
+# CONFIG_REGULATOR_USERSPACE_CONSUMER is not set
+CONFIG_RFKILL_REGULATOR=m
+CONFIG_REGULATOR_GPIO=m
+CONFIG_REGULATOR_AD5398=m
+CONFIG_REGULATOR_ISL6271A=m
+CONFIG_REGULATOR_MAX1586=m
+CONFIG_REGULATOR_MAX8649=m
+CONFIG_REGULATOR_MAX8660=m
+CONFIG_REGULATOR_MAX8952=m
+CONFIG_REGULATOR_MAX8973=m
+CONFIG_REGULATOR_LP3971=m
+CONFIG_REGULATOR_LP3972=m
+CONFIG_REGULATOR_TPS51632=m
+CONFIG_REGULATOR_TPS62360=m
+CONFIG_REGULATOR_TPS65023=m
+CONFIG_REGULATOR_TPS6507X=m
+
 # Needs work/investigation
 
 # CONFIG_ARM_CHARLCD is not set
diff --git a/freed-ora/current/f18/config-generic b/freed-ora/current/f18/config-generic
index adfeb30a4..de1d05289 100644
--- a/freed-ora/current/f18/config-generic
+++ b/freed-ora/current/f18/config-generic
@@ -926,7 +926,7 @@ CONFIG_IP6_NF_TARGET_LOG=m
 CONFIG_IP6_NF_TARGET_REJECT=m
 CONFIG_IP6_NF_TARGET_HL=m
 CONFIG_NF_NAT_IPV6=m
-# CONFIG_IP6_NF_TARGET_MASQUERADE is not set
+CONFIG_IP6_NF_TARGET_MASQUERADE=m
 # CONFIG_IP6_NF_TARGET_NPT is not set
 
 #
diff --git a/freed-ora/current/f18/crypto-user-fix-info-leaks-in-report-API.patch b/freed-ora/current/f18/crypto-user-fix-info-leaks-in-report-API.patch
new file mode 100644
index 000000000..1b64e1844
--- /dev/null
+++ b/freed-ora/current/f18/crypto-user-fix-info-leaks-in-report-API.patch
@@ -0,0 +1,223 @@
+From 9a5467bf7b6e9e02ec9c3da4e23747c05faeaac6 Mon Sep 17 00:00:00 2001
+From: Mathias Krause <minipli@googlemail.com>
+Date: Tue, 5 Feb 2013 18:19:13 +0100
+Subject: [PATCH] crypto: user - fix info leaks in report API
+
+Three errors resulting in kernel memory disclosure:
+
+1/ The structures used for the netlink based crypto algorithm report API
+are located on the stack. As snprintf() does not fill the remainder of
+the buffer with null bytes, those stack bytes will be disclosed to users
+of the API. Switch to strncpy() to fix this.
+
+2/ crypto_report_one() does not initialize all field of struct
+crypto_user_alg. Fix this to fix the heap info leak.
+
+3/ For the module name we should copy only as many bytes as
+module_name() returns -- not as much as the destination buffer could
+hold. But the current code does not and therefore copies random data
+from behind the end of the module name, as the module name is always
+shorter than CRYPTO_MAX_ALG_NAME.
+
+Also switch to use strncpy() to copy the algorithm's name and
+driver_name. They are strings, after all.
+
+Signed-off-by: Mathias Krause <minipli@googlemail.com>
+Cc: Steffen Klassert <steffen.klassert@secunet.com>
+Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
+---
+ crypto/ablkcipher.c  | 12 ++++++------
+ crypto/aead.c        |  9 ++++-----
+ crypto/ahash.c       |  2 +-
+ crypto/blkcipher.c   |  6 +++---
+ crypto/crypto_user.c | 22 +++++++++++-----------
+ crypto/pcompress.c   |  3 +--
+ crypto/rng.c         |  2 +-
+ crypto/shash.c       |  3 ++-
+ 8 files changed, 29 insertions(+), 30 deletions(-)
+
+diff --git a/crypto/ablkcipher.c b/crypto/ablkcipher.c
+index 533de95..7d4a8d2 100644
+--- a/crypto/ablkcipher.c
++++ b/crypto/ablkcipher.c
+@@ -388,9 +388,9 @@ static int crypto_ablkcipher_report(struct sk_buff *skb, struct crypto_alg *alg)
+ {
+ 	struct crypto_report_blkcipher rblkcipher;
+ 
+-	snprintf(rblkcipher.type, CRYPTO_MAX_ALG_NAME, "%s", "ablkcipher");
+-	snprintf(rblkcipher.geniv, CRYPTO_MAX_ALG_NAME, "%s",
+-		 alg->cra_ablkcipher.geniv ?: "<default>");
++	strncpy(rblkcipher.type, "ablkcipher", sizeof(rblkcipher.type));
++	strncpy(rblkcipher.geniv, alg->cra_ablkcipher.geniv ?: "<default>",
++		sizeof(rblkcipher.geniv));
+ 
+ 	rblkcipher.blocksize = alg->cra_blocksize;
+ 	rblkcipher.min_keysize = alg->cra_ablkcipher.min_keysize;
+@@ -469,9 +469,9 @@ static int crypto_givcipher_report(struct sk_buff *skb, struct crypto_alg *alg)
+ {
+ 	struct crypto_report_blkcipher rblkcipher;
+ 
+-	snprintf(rblkcipher.type, CRYPTO_MAX_ALG_NAME, "%s", "givcipher");
+-	snprintf(rblkcipher.geniv, CRYPTO_MAX_ALG_NAME, "%s",
+-		 alg->cra_ablkcipher.geniv ?: "<built-in>");
++	strncpy(rblkcipher.type, "givcipher", sizeof(rblkcipher.type));
++	strncpy(rblkcipher.geniv, alg->cra_ablkcipher.geniv ?: "<built-in>",
++		sizeof(rblkcipher.geniv));
+ 
+ 	rblkcipher.blocksize = alg->cra_blocksize;
+ 	rblkcipher.min_keysize = alg->cra_ablkcipher.min_keysize;
+diff --git a/crypto/aead.c b/crypto/aead.c
+index 4d04e12..547491e 100644
+--- a/crypto/aead.c
++++ b/crypto/aead.c
+@@ -117,9 +117,8 @@ static int crypto_aead_report(struct sk_buff *skb, struct crypto_alg *alg)
+ 	struct crypto_report_aead raead;
+ 	struct aead_alg *aead = &alg->cra_aead;
+ 
+-	snprintf(raead.type, CRYPTO_MAX_ALG_NAME, "%s", "aead");
+-	snprintf(raead.geniv, CRYPTO_MAX_ALG_NAME, "%s",
+-		 aead->geniv ?: "<built-in>");
++	strncpy(raead.type, "aead", sizeof(raead.type));
++	strncpy(raead.geniv, aead->geniv ?: "<built-in>", sizeof(raead.geniv));
+ 
+ 	raead.blocksize = alg->cra_blocksize;
+ 	raead.maxauthsize = aead->maxauthsize;
+@@ -203,8 +202,8 @@ static int crypto_nivaead_report(struct sk_buff *skb, struct crypto_alg *alg)
+ 	struct crypto_report_aead raead;
+ 	struct aead_alg *aead = &alg->cra_aead;
+ 
+-	snprintf(raead.type, CRYPTO_MAX_ALG_NAME, "%s", "nivaead");
+-	snprintf(raead.geniv, CRYPTO_MAX_ALG_NAME, "%s", aead->geniv);
++	strncpy(raead.type, "nivaead", sizeof(raead.type));
++	strncpy(raead.geniv, aead->geniv, sizeof(raead.geniv));
+ 
+ 	raead.blocksize = alg->cra_blocksize;
+ 	raead.maxauthsize = aead->maxauthsize;
+diff --git a/crypto/ahash.c b/crypto/ahash.c
+index 3887856..793a27f 100644
+--- a/crypto/ahash.c
++++ b/crypto/ahash.c
+@@ -404,7 +404,7 @@ static int crypto_ahash_report(struct sk_buff *skb, struct crypto_alg *alg)
+ {
+ 	struct crypto_report_hash rhash;
+ 
+-	snprintf(rhash.type, CRYPTO_MAX_ALG_NAME, "%s", "ahash");
++	strncpy(rhash.type, "ahash", sizeof(rhash.type));
+ 
+ 	rhash.blocksize = alg->cra_blocksize;
+ 	rhash.digestsize = __crypto_hash_alg_common(alg)->digestsize;
+diff --git a/crypto/blkcipher.c b/crypto/blkcipher.c
+index e9e7244..a79e7e9 100644
+--- a/crypto/blkcipher.c
++++ b/crypto/blkcipher.c
+@@ -499,9 +499,9 @@ static int crypto_blkcipher_report(struct sk_buff *skb, struct crypto_alg *alg)
+ {
+ 	struct crypto_report_blkcipher rblkcipher;
+ 
+-	snprintf(rblkcipher.type, CRYPTO_MAX_ALG_NAME, "%s", "blkcipher");
+-	snprintf(rblkcipher.geniv, CRYPTO_MAX_ALG_NAME, "%s",
+-		 alg->cra_blkcipher.geniv ?: "<default>");
++	strncpy(rblkcipher.type, "blkcipher", sizeof(rblkcipher.type));
++	strncpy(rblkcipher.geniv, alg->cra_blkcipher.geniv ?: "<default>",
++		sizeof(rblkcipher.geniv));
+ 
+ 	rblkcipher.blocksize = alg->cra_blocksize;
+ 	rblkcipher.min_keysize = alg->cra_blkcipher.min_keysize;
+diff --git a/crypto/crypto_user.c b/crypto/crypto_user.c
+index 35d700a..f6d9baf 100644
+--- a/crypto/crypto_user.c
++++ b/crypto/crypto_user.c
+@@ -75,7 +75,7 @@ static int crypto_report_cipher(struct sk_buff *skb, struct crypto_alg *alg)
+ {
+ 	struct crypto_report_cipher rcipher;
+ 
+-	snprintf(rcipher.type, CRYPTO_MAX_ALG_NAME, "%s", "cipher");
++	strncpy(rcipher.type, "cipher", sizeof(rcipher.type));
+ 
+ 	rcipher.blocksize = alg->cra_blocksize;
+ 	rcipher.min_keysize = alg->cra_cipher.cia_min_keysize;
+@@ -94,8 +94,7 @@ static int crypto_report_comp(struct sk_buff *skb, struct crypto_alg *alg)
+ {
+ 	struct crypto_report_comp rcomp;
+ 
+-	snprintf(rcomp.type, CRYPTO_MAX_ALG_NAME, "%s", "compression");
+-
++	strncpy(rcomp.type, "compression", sizeof(rcomp.type));
+ 	if (nla_put(skb, CRYPTOCFGA_REPORT_COMPRESS,
+ 		    sizeof(struct crypto_report_comp), &rcomp))
+ 		goto nla_put_failure;
+@@ -108,12 +107,14 @@ nla_put_failure:
+ static int crypto_report_one(struct crypto_alg *alg,
+ 			     struct crypto_user_alg *ualg, struct sk_buff *skb)
+ {
+-	memcpy(&ualg->cru_name, &alg->cra_name, sizeof(ualg->cru_name));
+-	memcpy(&ualg->cru_driver_name, &alg->cra_driver_name,
+-	       sizeof(ualg->cru_driver_name));
+-	memcpy(&ualg->cru_module_name, module_name(alg->cra_module),
+-	       CRYPTO_MAX_ALG_NAME);
+-
++	strncpy(ualg->cru_name, alg->cra_name, sizeof(ualg->cru_name));
++	strncpy(ualg->cru_driver_name, alg->cra_driver_name,
++		sizeof(ualg->cru_driver_name));
++	strncpy(ualg->cru_module_name, module_name(alg->cra_module),
++		sizeof(ualg->cru_module_name));
++
++	ualg->cru_type = 0;
++	ualg->cru_mask = 0;
+ 	ualg->cru_flags = alg->cra_flags;
+ 	ualg->cru_refcnt = atomic_read(&alg->cra_refcnt);
+ 
+@@ -122,8 +123,7 @@ static int crypto_report_one(struct crypto_alg *alg,
+ 	if (alg->cra_flags & CRYPTO_ALG_LARVAL) {
+ 		struct crypto_report_larval rl;
+ 
+-		snprintf(rl.type, CRYPTO_MAX_ALG_NAME, "%s", "larval");
+-
++		strncpy(rl.type, "larval", sizeof(rl.type));
+ 		if (nla_put(skb, CRYPTOCFGA_REPORT_LARVAL,
+ 			    sizeof(struct crypto_report_larval), &rl))
+ 			goto nla_put_failure;
+diff --git a/crypto/pcompress.c b/crypto/pcompress.c
+index 04e083f..7140fe7 100644
+--- a/crypto/pcompress.c
++++ b/crypto/pcompress.c
+@@ -53,8 +53,7 @@ static int crypto_pcomp_report(struct sk_buff *skb, struct crypto_alg *alg)
+ {
+ 	struct crypto_report_comp rpcomp;
+ 
+-	snprintf(rpcomp.type, CRYPTO_MAX_ALG_NAME, "%s", "pcomp");
+-
++	strncpy(rpcomp.type, "pcomp", sizeof(rpcomp.type));
+ 	if (nla_put(skb, CRYPTOCFGA_REPORT_COMPRESS,
+ 		    sizeof(struct crypto_report_comp), &rpcomp))
+ 		goto nla_put_failure;
+diff --git a/crypto/rng.c b/crypto/rng.c
+index f3b7894..e0a25c2 100644
+--- a/crypto/rng.c
++++ b/crypto/rng.c
+@@ -65,7 +65,7 @@ static int crypto_rng_report(struct sk_buff *skb, struct crypto_alg *alg)
+ {
+ 	struct crypto_report_rng rrng;
+ 
+-	snprintf(rrng.type, CRYPTO_MAX_ALG_NAME, "%s", "rng");
++	strncpy(rrng.type, "rng", sizeof(rrng.type));
+ 
+ 	rrng.seedsize = alg->cra_rng.seedsize;
+ 
+diff --git a/crypto/shash.c b/crypto/shash.c
+index f426330f..929058a 100644
+--- a/crypto/shash.c
++++ b/crypto/shash.c
+@@ -530,7 +530,8 @@ static int crypto_shash_report(struct sk_buff *skb, struct crypto_alg *alg)
+ 	struct crypto_report_hash rhash;
+ 	struct shash_alg *salg = __crypto_shash_alg(alg);
+ 
+-	snprintf(rhash.type, CRYPTO_MAX_ALG_NAME, "%s", "shash");
++	strncpy(rhash.type, "shash", sizeof(rhash.type));
++
+ 	rhash.blocksize = alg->cra_blocksize;
+ 	rhash.digestsize = salg->digestsize;
+ 
+-- 
+1.8.1.2
+
diff --git a/freed-ora/current/f18/dmar-disable-when-ricoh-multifunction.patch b/freed-ora/current/f18/dmar-disable-when-ricoh-multifunction.patch
deleted file mode 100644
index 839db5940..000000000
--- a/freed-ora/current/f18/dmar-disable-when-ricoh-multifunction.patch
+++ /dev/null
@@ -1,33 +0,0 @@
-From da7662784dcced04a5b7a3a5b2bbb8276d699522 Mon Sep 17 00:00:00 2001
-From: Kyle McMartin <kyle@mcmartin.ca>
-Date: Sun, 17 Oct 2010 15:55:32 -0400
-Subject: [PATCH] dmar: disable if ricoh multifunction detected
-
----
- drivers/pci/intel-iommu.c |   10 ++++++++++
- 1 files changed, 10 insertions(+), 0 deletions(-)
-
-diff --git a/drivers/pci/intel-iommu.c b/drivers/pci/intel-iommu.c
-index 4789f8e..5923914 100644
---- a/drivers/iommu/intel-iommu.c
-+++ b/drivers/iommu/intel-iommu.c
-@@ -3784,6 +3784,16 @@ DECLARE_PCI_FIXUP_HEADER(PCI_VENDOR_ID_INTEL, 0x0044, quirk_calpella_no_shadow_g
- DECLARE_PCI_FIXUP_HEADER(PCI_VENDOR_ID_INTEL, 0x0062, quirk_calpella_no_shadow_gtt);
- DECLARE_PCI_FIXUP_HEADER(PCI_VENDOR_ID_INTEL, 0x006a, quirk_calpella_no_shadow_gtt);
- 
-+/* https://bugzilla.redhat.com/show_bug.cgi?id=605888 */
-+static void quirk_ricoh_multifunction(struct pci_dev *dev)
-+{
-+	dmar_disabled = 1;
-+}
-+DECLARE_PCI_FIXUP_HEADER(0x1180, 0xe822, quirk_ricoh_multifunction);
-+DECLARE_PCI_FIXUP_HEADER(0x1180, 0xe230, quirk_ricoh_multifunction);
-+DECLARE_PCI_FIXUP_HEADER(0x1180, 0xe832, quirk_ricoh_multifunction);
-+DECLARE_PCI_FIXUP_HEADER(0x1180, 0xe476, quirk_ricoh_multifunction);
-+
- /* On Tylersburg chipsets, some BIOSes have been known to enable the
-    ISOCH DMAR unit for the Azalia sound device, but not give it any
-    TLB entries, which causes it to deadlock. Check for that.  We do
--- 
-1.7.3.1
-
diff --git a/freed-ora/current/f18/efi-fixes-3.8.patch b/freed-ora/current/f18/efi-fixes-3.8.patch
new file mode 100644
index 000000000..f53dac078
--- /dev/null
+++ b/freed-ora/current/f18/efi-fixes-3.8.patch
@@ -0,0 +1,736 @@
+From 27857f8a3240e35c61dedb88cbdbfbaabbd8ad2b Mon Sep 17 00:00:00 2001
+From: Seiji Aguchi <seiji.aguchi@hds.com>
+Date: Tue, 12 Feb 2013 12:59:07 -0800
+Subject: [PATCH 1/4] efivars: Disable external interrupt while holding
+ efivars->lock
+
+[Problem]
+There is a scenario which efi_pstore fails to log messages in a panic case.
+
+ - CPUA holds an efi_var->lock in either efivarfs parts
+   or efi_pstore with interrupt enabled.
+ - CPUB panics and sends IPI to CPUA in smp_send_stop().
+ - CPUA stops with holding the lock.
+ - CPUB kicks efi_pstore_write() via kmsg_dump(KSMG_DUMP_PANIC)
+   but it returns without logging messages.
+
+[Patch Description]
+This patch disables an external interruption while holding efivars->lock
+as follows.
+
+In efi_pstore_write() and get_var_data(), spin_lock/spin_unlock is
+replaced by spin_lock_irqsave/spin_unlock_irqrestore because they may
+be called in an interrupt context.
+
+In other functions, they are replaced by spin_lock_irq/spin_unlock_irq.
+because they are all called from a process context.
+
+By applying this patch, we can avoid the problem above with
+a following senario.
+
+ - CPUA holds an efi_var->lock with interrupt disabled.
+ - CPUB panics and sends IPI to CPUA in smp_send_stop().
+ - CPUA receives the IPI after releasing the lock because it is
+   disabling interrupt while holding the lock.
+ - CPUB waits for one sec until CPUA releases the lock.
+ - CPUB kicks efi_pstore_write() via kmsg_dump(KSMG_DUMP_PANIC)
+   And it can hold the lock successfully.
+
+Signed-off-by: Seiji Aguchi <seiji.aguchi@hds.com>
+Acked-by: Mike Waychison <mikew@google.com>
+Acked-by: Matt Fleming <matt.fleming@intel.com>
+Signed-off-by: Tony Luck <tony.luck@intel.com>
+---
+ drivers/firmware/efivars.c | 84 ++++++++++++++++++++++++----------------------
+ 1 file changed, 43 insertions(+), 41 deletions(-)
+
+diff --git a/drivers/firmware/efivars.c b/drivers/firmware/efivars.c
+index bcb201c..a9277cc 100644
+--- a/drivers/firmware/efivars.c
++++ b/drivers/firmware/efivars.c
+@@ -406,10 +406,11 @@ static efi_status_t
+ get_var_data(struct efivars *efivars, struct efi_variable *var)
+ {
+ 	efi_status_t status;
++	unsigned long flags;
+ 
+-	spin_lock(&efivars->lock);
++	spin_lock_irqsave(&efivars->lock, flags);
+ 	status = get_var_data_locked(efivars, var);
+-	spin_unlock(&efivars->lock);
++	spin_unlock_irqrestore(&efivars->lock, flags);
+ 
+ 	if (status != EFI_SUCCESS) {
+ 		printk(KERN_WARNING "efivars: get_variable() failed 0x%lx!\n",
+@@ -538,14 +539,14 @@ efivar_store_raw(struct efivar_entry *entry, const char *buf, size_t count)
+ 		return -EINVAL;
+ 	}
+ 
+-	spin_lock(&efivars->lock);
++	spin_lock_irq(&efivars->lock);
+ 	status = efivars->ops->set_variable(new_var->VariableName,
+ 					    &new_var->VendorGuid,
+ 					    new_var->Attributes,
+ 					    new_var->DataSize,
+ 					    new_var->Data);
+ 
+-	spin_unlock(&efivars->lock);
++	spin_unlock_irq(&efivars->lock);
+ 
+ 	if (status != EFI_SUCCESS) {
+ 		printk(KERN_WARNING "efivars: set_variable() failed: status=%lx\n",
+@@ -714,7 +715,7 @@ static ssize_t efivarfs_file_write(struct file *file,
+ 	 * amounts of memory. Pick a default size of 64K if
+ 	 * QueryVariableInfo() isn't supported by the firmware.
+ 	 */
+-	spin_lock(&efivars->lock);
++	spin_lock_irq(&efivars->lock);
+ 
+ 	if (!efivars->ops->query_variable_info)
+ 		status = EFI_UNSUPPORTED;
+@@ -724,7 +725,7 @@ static ssize_t efivarfs_file_write(struct file *file,
+ 						   &remaining_size, &max_size);
+ 	}
+ 
+-	spin_unlock(&efivars->lock);
++	spin_unlock_irq(&efivars->lock);
+ 
+ 	if (status != EFI_SUCCESS) {
+ 		if (status != EFI_UNSUPPORTED)
+@@ -755,7 +756,7 @@ static ssize_t efivarfs_file_write(struct file *file,
+ 	 * set_variable call, and removal of the variable from the efivars
+ 	 * list (in the case of an authenticated delete).
+ 	 */
+-	spin_lock(&efivars->lock);
++	spin_lock_irq(&efivars->lock);
+ 
+ 	status = efivars->ops->set_variable(var->var.VariableName,
+ 					    &var->var.VendorGuid,
+@@ -763,7 +764,7 @@ static ssize_t efivarfs_file_write(struct file *file,
+ 					    data);
+ 
+ 	if (status != EFI_SUCCESS) {
+-		spin_unlock(&efivars->lock);
++		spin_unlock_irq(&efivars->lock);
+ 		kfree(data);
+ 
+ 		return efi_status_to_err(status);
+@@ -784,21 +785,21 @@ static ssize_t efivarfs_file_write(struct file *file,
+ 					    NULL);
+ 
+ 	if (status == EFI_BUFFER_TOO_SMALL) {
+-		spin_unlock(&efivars->lock);
++		spin_unlock_irq(&efivars->lock);
+ 		mutex_lock(&inode->i_mutex);
+ 		i_size_write(inode, newdatasize + sizeof(attributes));
+ 		mutex_unlock(&inode->i_mutex);
+ 
+ 	} else if (status == EFI_NOT_FOUND) {
+ 		list_del(&var->list);
+-		spin_unlock(&efivars->lock);
++		spin_unlock_irq(&efivars->lock);
+ 		efivar_unregister(var);
+ 		drop_nlink(inode);
+ 		d_delete(file->f_dentry);
+ 		dput(file->f_dentry);
+ 
+ 	} else {
+-		spin_unlock(&efivars->lock);
++		spin_unlock_irq(&efivars->lock);
+ 		pr_warn("efivarfs: inconsistent EFI variable implementation? "
+ 				"status = %lx\n", status);
+ 	}
+@@ -820,11 +821,11 @@ static ssize_t efivarfs_file_read(struct file *file, char __user *userbuf,
+ 	void *data;
+ 	ssize_t size = 0;
+ 
+-	spin_lock(&efivars->lock);
++	spin_lock_irq(&efivars->lock);
+ 	status = efivars->ops->get_variable(var->var.VariableName,
+ 					    &var->var.VendorGuid,
+ 					    &attributes, &datasize, NULL);
+-	spin_unlock(&efivars->lock);
++	spin_unlock_irq(&efivars->lock);
+ 
+ 	if (status != EFI_BUFFER_TOO_SMALL)
+ 		return efi_status_to_err(status);
+@@ -834,12 +835,12 @@ static ssize_t efivarfs_file_read(struct file *file, char __user *userbuf,
+ 	if (!data)
+ 		return -ENOMEM;
+ 
+-	spin_lock(&efivars->lock);
++	spin_lock_irq(&efivars->lock);
+ 	status = efivars->ops->get_variable(var->var.VariableName,
+ 					    &var->var.VendorGuid,
+ 					    &attributes, &datasize,
+ 					    (data + sizeof(attributes)));
+-	spin_unlock(&efivars->lock);
++	spin_unlock_irq(&efivars->lock);
+ 
+ 	if (status != EFI_SUCCESS) {
+ 		size = efi_status_to_err(status);
+@@ -1005,9 +1006,9 @@ static int efivarfs_create(struct inode *dir, struct dentry *dentry,
+ 		goto out;
+ 
+ 	kobject_uevent(&var->kobj, KOBJ_ADD);
+-	spin_lock(&efivars->lock);
++	spin_lock_irq(&efivars->lock);
+ 	list_add(&var->list, &efivars->list);
+-	spin_unlock(&efivars->lock);
++	spin_unlock_irq(&efivars->lock);
+ 	d_instantiate(dentry, inode);
+ 	dget(dentry);
+ out:
+@@ -1024,7 +1025,7 @@ static int efivarfs_unlink(struct inode *dir, struct dentry *dentry)
+ 	struct efivars *efivars = var->efivars;
+ 	efi_status_t status;
+ 
+-	spin_lock(&efivars->lock);
++	spin_lock_irq(&efivars->lock);
+ 
+ 	status = efivars->ops->set_variable(var->var.VariableName,
+ 					    &var->var.VendorGuid,
+@@ -1032,14 +1033,14 @@ static int efivarfs_unlink(struct inode *dir, struct dentry *dentry)
+ 
+ 	if (status == EFI_SUCCESS || status == EFI_NOT_FOUND) {
+ 		list_del(&var->list);
+-		spin_unlock(&efivars->lock);
++		spin_unlock_irq(&efivars->lock);
+ 		efivar_unregister(var);
+ 		drop_nlink(dentry->d_inode);
+ 		dput(dentry);
+ 		return 0;
+ 	}
+ 
+-	spin_unlock(&efivars->lock);
++	spin_unlock_irq(&efivars->lock);
+ 	return -EINVAL;
+ };
+ 
+@@ -1184,13 +1185,13 @@ static int efivarfs_fill_super(struct super_block *sb, void *data, int silent)
+ 		/* copied by the above to local storage in the dentry. */
+ 		kfree(name);
+ 
+-		spin_lock(&efivars->lock);
++		spin_lock_irq(&efivars->lock);
+ 		efivars->ops->get_variable(entry->var.VariableName,
+ 					   &entry->var.VendorGuid,
+ 					   &entry->var.Attributes,
+ 					   &size,
+ 					   NULL);
+-		spin_unlock(&efivars->lock);
++		spin_unlock_irq(&efivars->lock);
+ 
+ 		mutex_lock(&inode->i_mutex);
+ 		inode->i_private = entry;
+@@ -1253,7 +1254,7 @@ static int efi_pstore_open(struct pstore_info *psi)
+ {
+ 	struct efivars *efivars = psi->data;
+ 
+-	spin_lock(&efivars->lock);
++	spin_lock_irq(&efivars->lock);
+ 	efivars->walk_entry = list_first_entry(&efivars->list,
+ 					       struct efivar_entry, list);
+ 	return 0;
+@@ -1263,7 +1264,7 @@ static int efi_pstore_close(struct pstore_info *psi)
+ {
+ 	struct efivars *efivars = psi->data;
+ 
+-	spin_unlock(&efivars->lock);
++	spin_unlock_irq(&efivars->lock);
+ 	return 0;
+ }
+ 
+@@ -1339,8 +1340,9 @@ static int efi_pstore_write(enum pstore_type_id type,
+ 	int i, ret = 0;
+ 	u64 storage_space, remaining_space, max_variable_size;
+ 	efi_status_t status = EFI_NOT_FOUND;
++	unsigned long flags;
+ 
+-	spin_lock(&efivars->lock);
++	spin_lock_irqsave(&efivars->lock, flags);
+ 
+ 	/*
+ 	 * Check if there is a space enough to log.
+@@ -1352,7 +1354,7 @@ static int efi_pstore_write(enum pstore_type_id type,
+ 						   &remaining_space,
+ 						   &max_variable_size);
+ 	if (status || remaining_space < size + DUMP_NAME_LEN * 2) {
+-		spin_unlock(&efivars->lock);
++		spin_unlock_irqrestore(&efivars->lock, flags);
+ 		*id = part;
+ 		return -ENOSPC;
+ 	}
+@@ -1366,7 +1368,7 @@ static int efi_pstore_write(enum pstore_type_id type,
+ 	efivars->ops->set_variable(efi_name, &vendor, PSTORE_EFI_ATTRIBUTES,
+ 				   size, psi->buf);
+ 
+-	spin_unlock(&efivars->lock);
++	spin_unlock_irqrestore(&efivars->lock, flags);
+ 
+ 	if (size)
+ 		ret = efivar_create_sysfs_entry(efivars,
+@@ -1393,7 +1395,7 @@ static int efi_pstore_erase(enum pstore_type_id type, u64 id, int count,
+ 	sprintf(name, "dump-type%u-%u-%d-%lu", type, (unsigned int)id, count,
+ 		time.tv_sec);
+ 
+-	spin_lock(&efivars->lock);
++	spin_lock_irq(&efivars->lock);
+ 
+ 	for (i = 0; i < DUMP_NAME_LEN; i++)
+ 		efi_name[i] = name[i];
+@@ -1437,7 +1439,7 @@ static int efi_pstore_erase(enum pstore_type_id type, u64 id, int count,
+ 	if (found)
+ 		list_del(&found->list);
+ 
+-	spin_unlock(&efivars->lock);
++	spin_unlock_irq(&efivars->lock);
+ 
+ 	if (found)
+ 		efivar_unregister(found);
+@@ -1507,7 +1509,7 @@ static ssize_t efivar_create(struct file *filp, struct kobject *kobj,
+ 		return -EINVAL;
+ 	}
+ 
+-	spin_lock(&efivars->lock);
++	spin_lock_irq(&efivars->lock);
+ 
+ 	/*
+ 	 * Does this variable already exist?
+@@ -1525,7 +1527,7 @@ static ssize_t efivar_create(struct file *filp, struct kobject *kobj,
+ 		}
+ 	}
+ 	if (found) {
+-		spin_unlock(&efivars->lock);
++		spin_unlock_irq(&efivars->lock);
+ 		return -EINVAL;
+ 	}
+ 
+@@ -1539,10 +1541,10 @@ static ssize_t efivar_create(struct file *filp, struct kobject *kobj,
+ 	if (status != EFI_SUCCESS) {
+ 		printk(KERN_WARNING "efivars: set_variable() failed: status=%lx\n",
+ 			status);
+-		spin_unlock(&efivars->lock);
++		spin_unlock_irq(&efivars->lock);
+ 		return -EIO;
+ 	}
+-	spin_unlock(&efivars->lock);
++	spin_unlock_irq(&efivars->lock);
+ 
+ 	/* Create the entry in sysfs.  Locking is not required here */
+ 	status = efivar_create_sysfs_entry(efivars,
+@@ -1570,7 +1572,7 @@ static ssize_t efivar_delete(struct file *filp, struct kobject *kobj,
+ 	if (!capable(CAP_SYS_ADMIN))
+ 		return -EACCES;
+ 
+-	spin_lock(&efivars->lock);
++	spin_lock_irq(&efivars->lock);
+ 
+ 	/*
+ 	 * Does this variable already exist?
+@@ -1588,7 +1590,7 @@ static ssize_t efivar_delete(struct file *filp, struct kobject *kobj,
+ 		}
+ 	}
+ 	if (!found) {
+-		spin_unlock(&efivars->lock);
++		spin_unlock_irq(&efivars->lock);
+ 		return -EINVAL;
+ 	}
+ 	/* force the Attributes/DataSize to 0 to ensure deletion */
+@@ -1604,12 +1606,12 @@ static ssize_t efivar_delete(struct file *filp, struct kobject *kobj,
+ 	if (status != EFI_SUCCESS) {
+ 		printk(KERN_WARNING "efivars: set_variable() failed: status=%lx\n",
+ 			status);
+-		spin_unlock(&efivars->lock);
++		spin_unlock_irq(&efivars->lock);
+ 		return -EIO;
+ 	}
+ 	list_del(&search_efivar->list);
+ 	/* We need to release this lock before unregistering. */
+-	spin_unlock(&efivars->lock);
++	spin_unlock_irq(&efivars->lock);
+ 	efivar_unregister(search_efivar);
+ 
+ 	/* It's dead Jim.... */
+@@ -1724,9 +1726,9 @@ efivar_create_sysfs_entry(struct efivars *efivars,
+ 	kfree(short_name);
+ 	short_name = NULL;
+ 
+-	spin_lock(&efivars->lock);
++	spin_lock_irq(&efivars->lock);
+ 	list_add(&new_efivar->list, &efivars->list);
+-	spin_unlock(&efivars->lock);
++	spin_unlock_irq(&efivars->lock);
+ 
+ 	return 0;
+ }
+@@ -1795,9 +1797,9 @@ void unregister_efivars(struct efivars *efivars)
+ 	struct efivar_entry *entry, *n;
+ 
+ 	list_for_each_entry_safe(entry, n, &efivars->list, list) {
+-		spin_lock(&efivars->lock);
++		spin_lock_irq(&efivars->lock);
+ 		list_del(&entry->list);
+-		spin_unlock(&efivars->lock);
++		spin_unlock_irq(&efivars->lock);
+ 		efivar_unregister(entry);
+ 	}
+ 	if (efivars->new_var)
+-- 
+1.8.1.2
+
+
+From 19adc04301476eaa15e035b66e92cb333223c352 Mon Sep 17 00:00:00 2001
+From: Matthew Garrett <matthew.garrett@nebula.com>
+Date: Sat, 2 Mar 2013 19:40:17 -0500
+Subject: [PATCH 2/4] efi: be more paranoid about available space when creating
+ variables
+
+UEFI variables are typically stored in flash. For various reasons, avaiable
+space is typically not reclaimed immediately upon the deletion of a
+variable - instead, the system will garbage collect during initialisation
+after a reboot.
+
+Some systems appear to handle this garbage collection extremely poorly,
+failing if more than 50% of the system flash is in use. This can result in
+the machine refusing to boot. The safest thing to do for the moment is to
+forbid writes if they'd end up using more than half of the storage space.
+We can make this more finegrained later if we come up with a method for
+identifying the broken machines.
+
+Signed-off-by: Matthew Garrett <matthew.garrett@nebula.com>
+Cc: <stable@vger.kernel.org>
+Signed-off-by: Matt Fleming <matt.fleming@intel.com>
+---
+ drivers/firmware/efivars.c | 106 +++++++++++++++++++++++++++++++++------------
+ 1 file changed, 79 insertions(+), 27 deletions(-)
+
+diff --git a/drivers/firmware/efivars.c b/drivers/firmware/efivars.c
+index a9277cc..919862b 100644
+--- a/drivers/firmware/efivars.c
++++ b/drivers/firmware/efivars.c
+@@ -419,6 +419,44 @@ get_var_data(struct efivars *efivars, struct efi_variable *var)
+ 	return status;
+ }
+ 
++static efi_status_t
++check_var_size_locked(struct efivars *efivars, u32 attributes,
++			unsigned long size)
++{
++	u64 storage_size, remaining_size, max_size;
++	efi_status_t status;
++	const struct efivar_operations *fops = efivars->ops;
++
++	if (!efivars->ops->query_variable_info)
++		return EFI_UNSUPPORTED;
++
++	status = fops->query_variable_info(attributes, &storage_size,
++					   &remaining_size, &max_size);
++
++	if (status != EFI_SUCCESS)
++		return status;
++
++	if (!storage_size || size > remaining_size || size > max_size ||
++	    (remaining_size - size) < (storage_size / 2))
++		return EFI_OUT_OF_RESOURCES;
++
++	return status;
++}
++
++
++static efi_status_t
++check_var_size(struct efivars *efivars, u32 attributes, unsigned long size)
++{
++	efi_status_t status;
++	unsigned long flags;
++
++	spin_lock_irqsave(&efivars->lock, flags);
++	status = check_var_size_locked(efivars, attributes, size);
++	spin_unlock_irqrestore(&efivars->lock, flags);
++
++	return status;
++}
++
+ static ssize_t
+ efivar_guid_read(struct efivar_entry *entry, char *buf)
+ {
+@@ -540,11 +578,16 @@ efivar_store_raw(struct efivar_entry *entry, const char *buf, size_t count)
+ 	}
+ 
+ 	spin_lock_irq(&efivars->lock);
+-	status = efivars->ops->set_variable(new_var->VariableName,
+-					    &new_var->VendorGuid,
+-					    new_var->Attributes,
+-					    new_var->DataSize,
+-					    new_var->Data);
++
++	status = check_var_size_locked(efivars, new_var->Attributes,
++	       new_var->DataSize + utf16_strsize(new_var->VariableName, 1024));
++
++	if (status == EFI_SUCCESS || status == EFI_UNSUPPORTED)
++		status = efivars->ops->set_variable(new_var->VariableName,
++						    &new_var->VendorGuid,
++						    new_var->Attributes,
++						    new_var->DataSize,
++						    new_var->Data);
+ 
+ 	spin_unlock_irq(&efivars->lock);
+ 
+@@ -695,8 +738,7 @@ static ssize_t efivarfs_file_write(struct file *file,
+ 	u32 attributes;
+ 	struct inode *inode = file->f_mapping->host;
+ 	unsigned long datasize = count - sizeof(attributes);
+-	unsigned long newdatasize;
+-	u64 storage_size, remaining_size, max_size;
++	unsigned long newdatasize, varsize;
+ 	ssize_t bytes = 0;
+ 
+ 	if (count < sizeof(attributes))
+@@ -715,28 +757,18 @@ static ssize_t efivarfs_file_write(struct file *file,
+ 	 * amounts of memory. Pick a default size of 64K if
+ 	 * QueryVariableInfo() isn't supported by the firmware.
+ 	 */
+-	spin_lock_irq(&efivars->lock);
+ 
+-	if (!efivars->ops->query_variable_info)
+-		status = EFI_UNSUPPORTED;
+-	else {
+-		const struct efivar_operations *fops = efivars->ops;
+-		status = fops->query_variable_info(attributes, &storage_size,
+-						   &remaining_size, &max_size);
+-	}
+-
+-	spin_unlock_irq(&efivars->lock);
++	varsize = datasize + utf16_strsize(var->var.VariableName, 1024);
++	status = check_var_size(efivars, attributes, varsize);
+ 
+ 	if (status != EFI_SUCCESS) {
+ 		if (status != EFI_UNSUPPORTED)
+ 			return efi_status_to_err(status);
+ 
+-		remaining_size = 65536;
++		if (datasize > 65536)
++			return -ENOSPC;
+ 	}
+ 
+-	if (datasize > remaining_size)
+-		return -ENOSPC;
+-
+ 	data = kmalloc(datasize, GFP_KERNEL);
+ 	if (!data)
+ 		return -ENOMEM;
+@@ -758,6 +790,19 @@ static ssize_t efivarfs_file_write(struct file *file,
+ 	 */
+ 	spin_lock_irq(&efivars->lock);
+ 
++	/*
++	 * Ensure that the available space hasn't shrunk below the safe level
++	 */
++
++	status = check_var_size_locked(efivars, attributes, varsize);
++
++	if (status != EFI_SUCCESS && status != EFI_UNSUPPORTED) {
++		spin_unlock_irq(&efivars->lock);
++		kfree(data);
++
++		return efi_status_to_err(status);
++	}
++
+ 	status = efivars->ops->set_variable(var->var.VariableName,
+ 					    &var->var.VendorGuid,
+ 					    attributes, datasize,
+@@ -1338,7 +1383,6 @@ static int efi_pstore_write(enum pstore_type_id type,
+ 	efi_guid_t vendor = LINUX_EFI_CRASH_GUID;
+ 	struct efivars *efivars = psi->data;
+ 	int i, ret = 0;
+-	u64 storage_space, remaining_space, max_variable_size;
+ 	efi_status_t status = EFI_NOT_FOUND;
+ 	unsigned long flags;
+ 
+@@ -1349,11 +1393,11 @@ static int efi_pstore_write(enum pstore_type_id type,
+ 	 * size: a size of logging data
+ 	 * DUMP_NAME_LEN * 2: a maximum size of variable name
+ 	 */
+-	status = efivars->ops->query_variable_info(PSTORE_EFI_ATTRIBUTES,
+-						   &storage_space,
+-						   &remaining_space,
+-						   &max_variable_size);
+-	if (status || remaining_space < size + DUMP_NAME_LEN * 2) {
++
++	status = check_var_size_locked(efivars, PSTORE_EFI_ATTRIBUTES,
++					 size + DUMP_NAME_LEN * 2);
++
++	if (status) {
+ 		spin_unlock_irqrestore(&efivars->lock, flags);
+ 		*id = part;
+ 		return -ENOSPC;
+@@ -1531,6 +1575,14 @@ static ssize_t efivar_create(struct file *filp, struct kobject *kobj,
+ 		return -EINVAL;
+ 	}
+ 
++	status = check_var_size_locked(efivars, new_var->Attributes,
++	       new_var->DataSize + utf16_strsize(new_var->VariableName, 1024));
++
++	if (status && status != EFI_UNSUPPORTED) {
++		spin_unlock_irq(&efivars->lock);
++		return efi_status_to_err(status);
++	}
++
+ 	/* now *really* create the variable via EFI */
+ 	status = efivars->ops->set_variable(new_var->VariableName,
+ 					    &new_var->VendorGuid,
+-- 
+1.8.1.2
+
+
+From 46b6e1db3a81203deaf4615637616a0266a2e6e6 Mon Sep 17 00:00:00 2001
+From: Matt Fleming <matt.fleming@intel.com>
+Date: Tue, 5 Mar 2013 07:40:16 +0000
+Subject: [PATCH 3/4] efivars: efivarfs_valid_name() should handle pstore
+ syntax
+
+Stricter validation was introduced with commit da27a24383b2b
+("efivarfs: guid part of filenames are case-insensitive") and commit
+47f531e8ba3b ("efivarfs: Validate filenames much more aggressively"),
+which is necessary for the guid portion of efivarfs filenames, but we
+don't need to be so strict with the first part, the variable name. The
+UEFI specification doesn't impose any constraints on variable names
+other than they be a NULL-terminated string.
+
+The above commits caused a regression that resulted in users seeing
+the following message,
+
+  $ sudo mount -v /sys/firmware/efi/efivars mount: Cannot allocate memory
+
+whenever pstore EFI variables were present in the variable store,
+since their variable names failed to pass the following check,
+
+    /* GUID should be right after the first '-' */
+    if (s - 1 != strchr(str, '-'))
+
+as a typical pstore filename is of the form, dump-type0-10-1-<guid>.
+The fix is trivial since the guid portion of the filename is GUID_LEN
+bytes, we can use (len - GUID_LEN) to ensure the '-' character is
+where we expect it to be.
+
+(The bogus ENOMEM error value will be fixed in a separate patch.)
+
+Reported-by: Joseph Yasi <joe.yasi@gmail.com>
+Reported-by: Lingzhu Xiang <lxiang@redhat.com>
+Cc: Josh Boyer <jwboyer@redhat.com>
+Cc: Jeremy Kerr <jk@ozlabs.org>
+Cc: Matthew Garrett <mjg59@srcf.ucam.org>
+Cc: <stable@vger.kernel.org>
+Signed-off-by: Matt Fleming <matt.fleming@intel.com>
+---
+ drivers/firmware/efivars.c | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/drivers/firmware/efivars.c b/drivers/firmware/efivars.c
+index 919862b..fc54ddd 100644
+--- a/drivers/firmware/efivars.c
++++ b/drivers/firmware/efivars.c
+@@ -967,8 +967,8 @@ static bool efivarfs_valid_name(const char *str, int len)
+ 	if (len < GUID_LEN + 2)
+ 		return false;
+ 
+-	/* GUID should be right after the first '-' */
+-	if (s - 1 != strchr(str, '-'))
++	/* GUID must be preceded by a '-' */
++	if (*(s - 1) != '-')
+ 		return false;
+ 
+ 	/*
+-- 
+1.8.1.2
+
+
+From f751b6c973fe5a480ff12c97df4b8ac4e9a666a7 Mon Sep 17 00:00:00 2001
+From: Matt Fleming <matt.fleming@intel.com>
+Date: Tue, 5 Mar 2013 12:46:30 +0000
+Subject: [PATCH 4/4] efivarfs: return accurate error code in
+ efivarfs_fill_super()
+
+Joseph was hitting a failure case when mounting efivarfs which
+resulted in an incorrect error message,
+
+  $ sudo mount -v /sys/firmware/efi/efivars mount: Cannot allocate memory
+
+triggered when efivarfs_valid_name() returned -EINVAL.
+
+Make sure we pass accurate return values up the stack if
+efivarfs_fill_super() fails to build inodes for EFI variables.
+
+Reported-by: Joseph Yasi <joe.yasi@gmail.com>
+Reported-by: Lingzhu Xiang <lxiang@redhat.com>
+Cc: Josh Boyer <jwboyer@redhat.com>
+Cc: Jeremy Kerr <jk@ozlabs.org>
+Cc: Matthew Garrett <mjg59@srcf.ucam.org>
+Cc: <stable@vger.kernel.org>
+Signed-off-by: Matt Fleming <matt.fleming@intel.com>
+---
+ drivers/firmware/efivars.c | 20 +++++++++++++++-----
+ 1 file changed, 15 insertions(+), 5 deletions(-)
+
+diff --git a/drivers/firmware/efivars.c b/drivers/firmware/efivars.c
+index fc54ddd..2a2e145 100644
+--- a/drivers/firmware/efivars.c
++++ b/drivers/firmware/efivars.c
+@@ -1156,15 +1156,22 @@ static struct dentry_operations efivarfs_d_ops = {
+ 
+ static struct dentry *efivarfs_alloc_dentry(struct dentry *parent, char *name)
+ {
++	struct dentry *d;
+ 	struct qstr q;
++	int err;
+ 
+ 	q.name = name;
+ 	q.len = strlen(name);
+ 
+-	if (efivarfs_d_hash(NULL, NULL, &q))
+-		return NULL;
++	err = efivarfs_d_hash(NULL, NULL, &q);
++	if (err)
++		return ERR_PTR(err);
++
++	d = d_alloc(parent, &q);
++	if (d)
++		return d;
+ 
+-	return d_alloc(parent, &q);
++	return ERR_PTR(-ENOMEM);
+ }
+ 
+ static int efivarfs_fill_super(struct super_block *sb, void *data, int silent)
+@@ -1174,6 +1181,7 @@ static int efivarfs_fill_super(struct super_block *sb, void *data, int silent)
+ 	struct efivar_entry *entry, *n;
+ 	struct efivars *efivars = &__efivars;
+ 	char *name;
++	int err = -ENOMEM;
+ 
+ 	efivarfs_sb = sb;
+ 
+@@ -1224,8 +1232,10 @@ static int efivarfs_fill_super(struct super_block *sb, void *data, int silent)
+ 			goto fail_name;
+ 
+ 		dentry = efivarfs_alloc_dentry(root, name);
+-		if (!dentry)
++		if (IS_ERR(dentry)) {
++			err = PTR_ERR(dentry);
+ 			goto fail_inode;
++		}
+ 
+ 		/* copied by the above to local storage in the dentry. */
+ 		kfree(name);
+@@ -1252,7 +1262,7 @@ fail_inode:
+ fail_name:
+ 	kfree(name);
+ fail:
+-	return -ENOMEM;
++	return err;
+ }
+ 
+ static struct dentry *efivarfs_mount(struct file_system_type *fs_type,
+-- 
+1.8.1.2
+
diff --git a/freed-ora/current/f18/fix-destroy_conntrack-GPF.patch b/freed-ora/current/f18/fix-destroy_conntrack-GPF.patch
new file mode 100644
index 000000000..35ffa581d
--- /dev/null
+++ b/freed-ora/current/f18/fix-destroy_conntrack-GPF.patch
@@ -0,0 +1,92 @@
+On Wed, 2013-03-06 at 10:59 -0500, Dave Jones wrote:
+> I know 3.7.9 is EOL, but this code doesn't look like it's changed in current.
+> (unless the cause/fix was in code unrelated to these paths)
+> 
+> A user reported the following GPF..
+> 
+> general protection fault: 0000 [#1] SMP 
+> Modules linked in: ipheth fuse ebtable_nat xt_CHECKSUM bridge stp llc ip6t_REJECT iptable_mangle nf_conntrack(-) ebtable_filter ebtables snd_hda_codec_realtek snd_hda_intel snd_hda_codec snd_hwdep snd_seq snd_seq_device snd_pcm snd_page_alloc hp_wmi snd_timer coretemp iTCO_wdt tg3 snd sparse_keymap rfkill soundcore iTCO_vendor_support lpc_ich i7core_edac edac_core serio_raw microcode mfd_core vhost_net tun macvtap macvlan kvm_intel kvm binfmt_misc uinput nouveau mxm_wmi crc32c_intel video i2c_algo_bit drm_kms_helper ttm firewire_ohci firewire_core drm crc_itu_t i2c_core wmi [last unloaded: xt_conntrack]
+> CPU 2 
+> Pid: 25407, comm: qemu-kvm Not tainted 3.7.9-205.fc18.x86_64 #1 Hewlett-Packard HP Z400 Workstation/0B4Ch
+> RIP: 0010:[<ffffffffa0399bd5>]  [<ffffffffa0399bd5>] destroy_conntrack+0x35/0x120 [nf_conntrack]
+> RSP: 0018:ffff880276913d78  EFLAGS: 00010206
+> RAX: 50626b6b7876376c RBX: ffff88026e530d68 RCX: ffff88028d158e00
+> RDX: ffff88026d0d5470 RSI: 0000000000000011 RDI: 0000000000000002
+> RBP: ffff880276913d88 R08: 0000000000000000 R09: ffff880295002900
+> R10: 0000000000000000 R11: 0000000000000003 R12: ffffffff81ca3b40
+> R13: ffffffff8151a8e0 R14: ffff880270875000 R15: 0000000000000002
+> FS:  00007ff3bce38a00(0000) GS:ffff88029fc40000(0000) knlGS:0000000000000000
+> CS:  0010 DS: 0000 ES: 0000 CR0: 000000008005003b
+> CR2: 00007fd1430bd000 CR3: 000000027042b000 CR4: 00000000000027e0
+> DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
+> DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000400
+> Process qemu-kvm (pid: 25407, threadinfo ffff880276912000, task ffff88028c369720)
+> Stack:
+>  ffff880156f59100 ffff880156f59100 ffff880276913d98 ffffffff815534f7
+>  ffff880276913db8 ffffffff8151a74b ffff880270875000 ffff880156f59100
+>  ffff880276913dd8 ffffffff8151a5a6 ffff880276913dd8 ffff88026d0d5470
+> Call Trace:
+>  [<ffffffff815534f7>] nf_conntrack_destroy+0x17/0x20
+>  [<ffffffff8151a74b>] skb_release_head_state+0x7b/0x100
+>  [<ffffffff8151a5a6>] __kfree_skb+0x16/0xa0
+>  [<ffffffff8151a666>] kfree_skb+0x36/0xa0
+>  [<ffffffff8151a8e0>] skb_queue_purge+0x20/0x40
+>  [<ffffffffa02205f7>] __tun_detach+0x117/0x140 [tun]
+>  [<ffffffffa022184c>] tun_chr_close+0x3c/0xd0 [tun]
+>  [<ffffffff8119669c>] __fput+0xec/0x240
+>  [<ffffffff811967fe>] ____fput+0xe/0x10
+>  [<ffffffff8107eb27>] task_work_run+0xa7/0xe0
+>  [<ffffffff810149e1>] do_notify_resume+0x71/0xb0
+>  [<ffffffff81640152>] int_signal+0x12/0x17
+> Code: 00 00 04 48 89 e5 41 54 53 48 89 fb 4c 8b a7 e8 00 00 00 0f 85 de 00 00 00 0f b6 73 3e 0f b7 7b 2a e8 10 40 00 00 48 85 c0 74 0e <48> 8b 40 28 48 85 c0 74 05 48 89 df ff d0 48 c7 c7 08 6a 3a a0 
+> RIP  [<ffffffffa0399bd5>] destroy_conntrack+0x35/0x120 [nf_conntrack]
+>  RSP <ffff880276913d78>
+> 
+> 
+> 
+>         /* To make sure we don't get any weird locking issues here:
+>          * destroy_conntrack() MUST NOT be called with a write lock
+>          * to nf_conntrack_lock!!! -HW */
+>         rcu_read_lock();
+>         l4proto = __nf_ct_l4proto_find(nf_ct_l3num(ct), nf_ct_protonum(ct));
+>     1378:       0f b6 b3 86 00 00 00    movzbl 0x86(%rbx),%esi
+>     137f:       0f b7 7b 72             movzwl 0x72(%rbx),%edi
+>     1383:       e8 00 00 00 00          callq  1388 <destroy_conntrack+0x78>
+>         if (l4proto && l4proto->destroy)
+>     1388:       48 85 c0                test   %rax,%rax
+>     138b:       74 0e                   je     139b <destroy_conntrack+0x8b>
+>     138d:       48 8b 40 28             mov    0x28(%rax),%rax    <-----  HERE
+>     1391:       48 85 c0                test   %rax,%rax
+>     1394:       74 05                   je     139b <destroy_conntrack+0x8b>
+>                 l4proto->destroy(ct);
+>     1396:       48 89 df                mov    %rbx,%rdi
+>     1399:       ff d0                   callq  *%rax
+> 
+> 
+> l4proto (%rax) is garbage (0x50626b6b7876376c) which looks a little like ascii,
+> but P>kkxv7l doesn't mean much to me.
+> 
+> https://bugzilla.redhat.com/show_bug.cgi?id=917792 is the original report, but
+> there aren't any further details yet.
+> 
+> 	Dave
+> 
+
+tun driver lacks a nf_reset(skb) call
+
+I would try :
+
+diff --git a/drivers/net/tun.c b/drivers/net/tun.c
+index 2c6a22e..b7c457a 100644
+--- a/drivers/net/tun.c
++++ b/drivers/net/tun.c
+@@ -747,6 +747,8 @@ static netdev_tx_t tun_net_xmit(struct sk_buff *skb, struct net_device *dev)
+ 		goto drop;
+ 	skb_orphan(skb);
+ 
++	nf_reset(skb);
++
+ 	/* Enqueue packet */
+ 	skb_queue_tail(&tfile->socket.sk->sk_receive_queue, skb);
+ 
+
diff --git a/freed-ora/current/f18/kernel.spec b/freed-ora/current/f18/kernel.spec
index 7366f9f46..a6cf44383 100644
--- a/freed-ora/current/f18/kernel.spec
+++ b/freed-ora/current/f18/kernel.spec
@@ -62,7 +62,7 @@ Summary: The Linux kernel
 # For non-released -rc kernels, this will be appended after the rcX and
 # gitX tags, so a 3 here would become part of release "0.rcX.gitX.3"
 #
-%global baserelease 201
+%global baserelease 204
 %global fedora_build %{baserelease}
 
 # base_sublevel is the kernel version we're starting with and patching
@@ -727,7 +727,7 @@ Patch541: silence-tty-null.patch
 Patch800: crash-driver.patch
 
 # secure boot
-Patch1000: secure-boot-20130218.patch
+Patch1000: secure-boot-20130219.patch
 
 # virt + ksm patches
 
@@ -761,8 +761,6 @@ Patch10000: fs-proc-devtree-remove_proc_entry.patch
 
 Patch12016: disable-i8042-check-on-apple-mac.patch
 
-Patch12303: dmar-disable-when-ricoh-multifunction.patch
-
 Patch13003: efi-dont-map-boot-services-on-32bit.patch
 
 Patch14000: hibernate-freeze-filesystems.patch
@@ -810,11 +808,23 @@ Patch22261: 0001-kmsg-Honor-dmesg_restrict-sysctl-on-dev-kmsg.patch
 #rhbz 914737
 Patch22262: x86-mm-Fix-vmalloc_fault-oops-during-lazy-MMU-updates.patch
 
+#rhbz 916544
+Patch22263: 0001-drivers-crypto-nx-fix-init-race-alignmasks-and-GCM-b.patch
+
+#rhbz 917984
+Patch22264: efi-fixes-3.8.patch
+
+#rhbz 918512 918521
+Patch22265: crypto-user-fix-info-leaks-in-report-API.patch
+
 #rhbz 812111
 Patch24000: alps.patch
 
 Patch24100: userns-avoid-recursion-in-put_user_ns.patch
 
+#rhbz 859346
+Patch24101: fix-destroy_conntrack-GPF.patch
+
 
 # END OF PATCH DEFINITIONS
 
@@ -1514,7 +1524,7 @@ ApplyPatch silence-tty-null.patch
 ApplyPatch crash-driver.patch
 
 # secure boot
-ApplyPatch secure-boot-20130218.patch
+ApplyPatch secure-boot-20130219.patch
 
 # Assorted Virt Fixes
 
@@ -1544,9 +1554,6 @@ ApplyPatch fs-proc-devtree-remove_proc_entry.patch
 
 ApplyPatch disable-i8042-check-on-apple-mac.patch
 
-# rhbz#605888
-ApplyPatch dmar-disable-when-ricoh-multifunction.patch
-
 ApplyPatch efi-dont-map-boot-services-on-32bit.patch
 
 # FIXME: REBASE
@@ -1584,8 +1591,19 @@ ApplyPatch 0001-kmsg-Honor-dmesg_restrict-sysctl-on-dev-kmsg.patch
 #rhbz 914737
 ApplyPatch x86-mm-Fix-vmalloc_fault-oops-during-lazy-MMU-updates.patch
 
+#rhbz 916544
+ApplyPatch 0001-drivers-crypto-nx-fix-init-race-alignmasks-and-GCM-b.patch
+
+#rhbz 917984
+ApplyPatch efi-fixes-3.8.patch
+
+#rhbz 918512 918521
+ApplyPatch crypto-user-fix-info-leaks-in-report-API.patch
+
 ApplyPatch userns-avoid-recursion-in-put_user_ns.patch
 
+#rhbz 859346
+ApplyPatch fix-destroy_conntrack-GPF.patch
 
 
 # END OF PATCH APPLICATIONS
@@ -1719,6 +1737,7 @@ BuildKernel() {
     make -s ARCH=$Arch V=1 dtbs
     mkdir -p $RPM_BUILD_ROOT/%{image_install_path}/dtb-$KernelVer
     install -m 644 arch/arm/boot/dts/*.dtb $RPM_BUILD_ROOT/boot/dtb-$KernelVer/
+    rm -f arch/arm/boot/dts/*.dtb
 %else
     make -s ARCH=$Arch V=1 %{?_smp_mflags} $MakeTarget %{?sparse_mflags}
 %endif
@@ -2455,6 +2474,24 @@ fi
 #                 ||----w |
 #                 ||     ||
 %changelog
+* Wed Mar 06 2013 Justin M. Forbes <jforbes@redhat.com>
+- Remove Ricoh multifunction DMAR patch as it's no longer needed (rhbz 880051)
+- Fix destroy_conntrack GPF (rhbz 859346)
+
+* Wed Mar 06 2013 Josh Boyer <jwboyer@redhat.com>
+- Fix regression in secure-boot acpi_rsdp patch (rhbz 906225)
+- crypto: info leaks in report API (rhbz 918512 918521)
+
+* Tue Mar  5 2013 Peter Robinson <pbrobinson@fedoraproject.org>
+- Fix Beagle (omap), update vexpress
+
+* Tue Mar 05 2013 Josh Boyer <jwboyer@redhat.com>
+- Backport 4 fixes for efivarfs (rhbz 917984)
+- Enable CONFIG_IP6_NF_TARGET_MASQUERADE
+
+* Mon Mar 04 2013 Josh Boyer <jwboyer@redhat.com>
+- Fix issues in nx crypto driver from Kent Yoder (rhbz 916544)
+
 * Mon Mar  4 2013 Alexandre Oliva <lxoliva@fsfla.org> -libre
 * GNU Linux-libre 3.8.2-gnu.
 
diff --git a/freed-ora/current/f18/secure-boot-20130218.patch b/freed-ora/current/f18/secure-boot-20130219.patch
index 29ac46cd9..368cfed17 100644
--- a/freed-ora/current/f18/secure-boot-20130218.patch
+++ b/freed-ora/current/f18/secure-boot-20130219.patch
@@ -1092,7 +1092,7 @@ index fc28099..b5df7a8 100644
 1.8.1.2
 
 
-From fe27dd192ef250abcbaba973a14d43b21d7be497 Mon Sep 17 00:00:00 2001
+From 19640bebdcabe48ce1789ce7a6a0d0d5b925f0b5 Mon Sep 17 00:00:00 2001
 From: Josh Boyer <jwboyer@redhat.com>
 Date: Thu, 20 Sep 2012 10:41:04 -0400
 Subject: [PATCH 14/19] acpi: Ignore acpi_rsdp kernel parameter in a secure
@@ -1100,7 +1100,10 @@ Subject: [PATCH 14/19] acpi: Ignore acpi_rsdp kernel parameter in a secure
 
 This option allows userspace to pass the RSDP address to the kernel.  This
 could potentially be used to circumvent the secure boot trust model.
-We ignore the setting if we don't have the CAP_COMPROMISE_KERNEL capability.
+This is setup through the setup_arch function, which is called before the
+security_init function sets up the security_ops, so we cannot use a
+capable call here.  We ignore the setting if we are booted in Secure Boot
+mode.
 
 Signed-off-by: Josh Boyer <jwboyer@redhat.com>
 ---
@@ -1108,7 +1111,7 @@ Signed-off-by: Josh Boyer <jwboyer@redhat.com>
  1 file changed, 1 insertion(+), 1 deletion(-)
 
 diff --git a/drivers/acpi/osl.c b/drivers/acpi/osl.c
-index bd22f86..88251d2 100644
+index bd22f86..d68c04f 100644
 --- a/drivers/acpi/osl.c
 +++ b/drivers/acpi/osl.c
 @@ -246,7 +246,7 @@ early_param("acpi_rsdp", setup_acpi_rsdp);
@@ -1116,7 +1119,7 @@ index bd22f86..88251d2 100644
  {
  #ifdef CONFIG_KEXEC
 -	if (acpi_rsdp)
-+	if (acpi_rsdp && capable(CAP_COMPROMISE_KERNEL))
++	if (acpi_rsdp && !efi_enabled(EFI_SECURE_BOOT))
  		return acpi_rsdp;
  #endif
  
@@ -1124,7 +1127,7 @@ index bd22f86..88251d2 100644
 1.8.1.2
 
 
-From c937b2c8e179bfdadb6617c0028f558e4d701e46 Mon Sep 17 00:00:00 2001
+From b9ab9c0b3356d9cde36f3ef3a0719623df2ee2d3 Mon Sep 17 00:00:00 2001
 From: Matthew Garrett <mjg@redhat.com>
 Date: Tue, 4 Sep 2012 11:55:13 -0400
 Subject: [PATCH 15/19] kexec: Disable in a secure boot environment
@@ -1156,7 +1159,7 @@ index 5e4bd78..dd464e0 100644
 1.8.1.2
 
 
-From f08e390045266d53543a55afa16ca4be5a1c6316 Mon Sep 17 00:00:00 2001
+From 23e0646e1df8a0b4c31333b71796294801355032 Mon Sep 17 00:00:00 2001
 From: Josh Boyer <jwboyer@redhat.com>
 Date: Fri, 5 Oct 2012 10:12:48 -0400
 Subject: [PATCH 16/19] MODSIGN: Always enforce module signing in a Secure Boot
@@ -1218,7 +1221,7 @@ index eab0827..93a16dc 100644
 1.8.1.2
 
 
-From 54ba1eec5847d964b1d458a240b50271b9a356a4 Mon Sep 17 00:00:00 2001
+From 833c54471c85e70e46d76f9f7ffa30197b9f135d Mon Sep 17 00:00:00 2001
 From: Josh Boyer <jwboyer@redhat.com>
 Date: Fri, 26 Oct 2012 14:02:09 -0400
 Subject: [PATCH 17/19] hibernate: Disable in a Secure Boot environment
@@ -1332,7 +1335,7 @@ index 4ed81e7..b11a0f4 100644
 1.8.1.2
 
 
-From 686090054f6c3784218b318c7adcc3c1f0ca5069 Mon Sep 17 00:00:00 2001
+From 1a9afaa05489b817ebe84c61d22e958856aa0737 Mon Sep 17 00:00:00 2001
 From: Josh Boyer <jwboyer@redhat.com>
 Date: Tue, 5 Feb 2013 19:25:05 -0500
 Subject: [PATCH 18/19] efi: Disable secure boot if shim is in insecure mode
@@ -1391,7 +1394,7 @@ index 96bd86b..6e1331c 100644
 1.8.1.2
 
 
-From df607d2d5061b04f8a686cd74edd72c1f2836d8c Mon Sep 17 00:00:00 2001
+From 763f18d6a1e2d5f4d84ce3382ef91434240c80d6 Mon Sep 17 00:00:00 2001
 From: Kees Cook <keescook@chromium.org>
 Date: Fri, 8 Feb 2013 11:12:13 -0800
 Subject: [PATCH 19/19] x86: Lock down MSR writing in secure boot