diff --git a/[refs] b/[refs]
index 5735c226eff9..06e20d98943c 100644
--- a/[refs]
+++ b/[refs]
@@ -1,2 +1,2 @@
 ---
-refs/heads/master: aedb60a67c10a0861af179725d060765262ba0fb
+refs/heads/master: eec25fa7f98f8707eb84fede96f10496adf5047f
diff --git a/trunk/drivers/media/video/saa7134/saa7134-cards.c b/trunk/drivers/media/video/saa7134/saa7134-cards.c
index 262830da08c8..6f5744286e8c 100644
--- a/trunk/drivers/media/video/saa7134/saa7134-cards.c
+++ b/trunk/drivers/media/video/saa7134/saa7134-cards.c
@@ -2484,27 +2484,28 @@ struct saa7134_board saa7134_boards[] = {
 		.tuner_addr     = ADDR_UNSET,
 		.radio_addr     = ADDR_UNSET,
 		.gpiomask       = 0x080200000,
-		.inputs         = {{
-			  .name = name_tv,
-			  .vmux = 4,
-			  .amux = TV,
-			  .tv   = 1,
-		},{
-			  .name = name_comp1,
-			  .vmux = 1,
-			 .amux = LINE2,
-	       },{
-			 .name = name_comp2,
-			 .vmux = 0,
-			  .amux = LINE2,
-		},{
-			  .name = name_svideo,
-			  .vmux = 8,
-			  .amux = LINE2,
-		}},
+		.inputs         = { {
+			.name = name_tv,
+			.vmux = 4,
+			.amux = TV,
+			.tv   = 1,
+		}, {
+			.name = name_comp1,
+			.vmux = 1,
+			.amux = LINE2,
+		}, {
+			.name = name_comp2,
+			.vmux = 0,
+			.amux = LINE2,
+		}, {
+			.name = name_svideo,
+			.vmux = 8,
+			.amux = LINE2,
+		} },
 		.radio = {
-			  .name = name_radio,
-			  .amux = LINE1,
+			.name = name_radio,
+			.amux = TV,
+			.gpio = 0x0200000,
 		},
 	},
 	[SAA7134_BOARD_ASUSTeK_P7131_DUAL] = {
diff --git a/trunk/include/linux/security.h b/trunk/include/linux/security.h
index c673dfd4dffc..b07357ca2137 100644
--- a/trunk/include/linux/security.h
+++ b/trunk/include/linux/security.h
@@ -57,6 +57,7 @@ extern int cap_inode_need_killpriv(struct dentry *dentry);
 extern int cap_inode_killpriv(struct dentry *dentry);
 extern int cap_task_post_setuid (uid_t old_ruid, uid_t old_euid, uid_t old_suid, int flags);
 extern void cap_task_reparent_to_init (struct task_struct *p);
+extern int cap_task_kill(struct task_struct *p, struct siginfo *info, int sig, u32 secid);
 extern int cap_task_setscheduler (struct task_struct *p, int policy, struct sched_param *lp);
 extern int cap_task_setioprio (struct task_struct *p, int ioprio);
 extern int cap_task_setnice (struct task_struct *p, int nice);
@@ -2186,7 +2187,7 @@ static inline int security_task_kill (struct task_struct *p,
 				      struct siginfo *info, int sig,
 				      u32 secid)
 {
-	return 0;
+	return cap_task_kill(p, info, sig, secid);
 }
 
 static inline int security_task_wait (struct task_struct *p)
diff --git a/trunk/security/capability.c b/trunk/security/capability.c
index 2c6e06d18fab..9e99f36a8b5c 100644
--- a/trunk/security/capability.c
+++ b/trunk/security/capability.c
@@ -40,6 +40,7 @@ static struct security_operations capability_ops = {
 	.inode_need_killpriv =		cap_inode_need_killpriv,
 	.inode_killpriv =		cap_inode_killpriv,
 
+	.task_kill =			cap_task_kill,
 	.task_setscheduler =		cap_task_setscheduler,
 	.task_setioprio =		cap_task_setioprio,
 	.task_setnice =			cap_task_setnice,
diff --git a/trunk/security/commoncap.c b/trunk/security/commoncap.c
index 06d5c9469ba3..bb0c095f5761 100644
--- a/trunk/security/commoncap.c
+++ b/trunk/security/commoncap.c
@@ -540,6 +540,41 @@ int cap_task_setnice (struct task_struct *p, int nice)
 	return cap_safe_nice(p);
 }
 
+int cap_task_kill(struct task_struct *p, struct siginfo *info,
+				int sig, u32 secid)
+{
+	if (info != SEND_SIG_NOINFO && (is_si_special(info) || SI_FROMKERNEL(info)))
+		return 0;
+
+	/*
+	 * Running a setuid root program raises your capabilities.
+	 * Killing your own setuid root processes was previously
+	 * allowed.
+	 * We must preserve legacy signal behavior in this case.
+	 */
+	if (p->uid == current->uid)
+		return 0;
+
+	/* sigcont is permitted within same session */
+	if (sig == SIGCONT && (task_session_nr(current) == task_session_nr(p)))
+		return 0;
+
+	if (secid)
+		/*
+		 * Signal sent as a particular user.
+		 * Capabilities are ignored.  May be wrong, but it's the
+		 * only thing we can do at the moment.
+		 * Used only by usb drivers?
+		 */
+		return 0;
+	if (cap_issubset(p->cap_permitted, current->cap_permitted))
+		return 0;
+	if (capable(CAP_KILL))
+		return 0;
+
+	return -EPERM;
+}
+
 /*
  * called from kernel/sys.c for prctl(PR_CABSET_DROP)
  * done without task_capability_lock() because it introduces
@@ -570,6 +605,11 @@ int cap_task_setnice (struct task_struct *p, int nice)
 {
 	return 0;
 }
+int cap_task_kill(struct task_struct *p, struct siginfo *info,
+				int sig, u32 secid)
+{
+	return 0;
+}
 #endif
 
 void cap_task_reparent_to_init (struct task_struct *p)
diff --git a/trunk/security/smack/smack_lsm.c b/trunk/security/smack/smack_lsm.c
index 732ba27923c4..38d707593b31 100644
--- a/trunk/security/smack/smack_lsm.c
+++ b/trunk/security/smack/smack_lsm.c
@@ -1117,6 +1117,11 @@ static int smack_task_movememory(struct task_struct *p)
 static int smack_task_kill(struct task_struct *p, struct siginfo *info,
 			   int sig, u32 secid)
 {
+	int rc;
+
+	rc = cap_task_kill(p, info, sig, secid);
+	if (rc != 0)
+		return rc;
 	/*
 	 * Special cases where signals really ought to go through
 	 * in spite of policy. Stephen Smalley suggests it may