diff --git a/.gitignore b/.gitignore
index 32870cd..ebcc216 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1,3 +1,4 @@
 libica-2.0.3.tar.gz
 /libica-2.0.4.tar.gz
 /libica-2.0.6.tar.gz
+/libica-2.1.0.tar.gz
diff --git a/libica-2.0.3-remove-sigill.patch b/libica-2.0.3-remove-sigill.patch
deleted file mode 100644
index ca97f90..0000000
--- a/libica-2.0.3-remove-sigill.patch
+++ /dev/null
@@ -1,275 +0,0 @@
-[Bug 67452]: Do not use sigill to wrap all HW instructions.
-
-From: Felix Beck <felix.beck@de.ibm.com>
-
-As described in Bugzilla 67452 there is a performance problem using
-libica. This results from extensive usage of the signall handler to
-catch illegal signals from hw functions. This wrapping mechanism is
-removed. Instead we trust in the switches which are set during
-library initialization. This is enough to protect us from using
-illegal instructions.
-The performance impact of the former signal handler usage was
-dramatic.
-
-Signed-off-by: Felix Beck <felix.beck@de.ibm.com>
-
-diff -up libica-2/src/s390_aes.c.remove-sigill libica-2/src/s390_aes.c
---- libica-2/src/s390_aes.c.remove-sigill	2009-02-04 16:19:22.000000000 +0100
-+++ libica-2/src/s390_aes.c	2011-01-04 11:53:08.000000000 +0100
-@@ -24,23 +24,13 @@ static int s390_aes_ecb_hw(unsigned int 
- 			   unsigned char *input_data, unsigned char *keys,
- 			   unsigned char *output_data)
- {
--	struct sigaction oldact;
--	sigset_t oldset;
--
- 	int rc = 0;
--	if ((rc = begin_sigill_section(&oldact, &oldset)) == 0) {
--
--		rc = s390_km(function_code, keys, output_data, input_data,
--			     input_length);
--
--		end_sigill_section(&oldact, &oldset);
--
--		if (rc >= 0)
--			return 0;
--		else
--			return EIO;
--	}
--	return rc;
-+	rc = s390_km(function_code, keys, output_data, input_data,
-+		     input_length);
-+	if (rc >= 0)
-+		return 0;
-+	else
-+		return EIO;
- }
- 
- static int s390_aes_ecb_sw(unsigned int function_code, unsigned int input_length,
-@@ -73,8 +63,6 @@ static int s390_aes_cbc_hw(unsigned int 
- 			   unsigned char *input_data, ica_aes_vector_t *iv,
- 			   unsigned char *keys, unsigned char *output_data)
- {
--	struct sigaction oldact;
--	sigset_t oldset;
- 	struct {
- 		ica_aes_vector_t iv;
- 		ica_aes_key_len_256_t keys;
-@@ -87,12 +75,8 @@ static int s390_aes_cbc_hw(unsigned int 
- 	memcpy(&key_buffer.keys, keys, key_size);
- 
- 	int rc = 0;
--	if ((rc = begin_sigill_section(&oldact, &oldset)) != 0)
--		return rc;
--
- 	rc = s390_kmc(function_code, &key_buffer,
- 		      output_data, input_data, input_length);
--	end_sigill_section(&oldact, &oldset);
- 
- 	if (rc >= 0) {
- 		memcpy(iv, &key_buffer.iv, sizeof(ica_aes_vector_t));
-diff -up libica-2/src/s390_des.c.remove-sigill libica-2/src/s390_des.c
---- libica-2/src/s390_des.c.remove-sigill	2009-02-05 16:53:00.000000000 +0100
-+++ libica-2/src/s390_des.c	2011-01-04 11:53:08.000000000 +0100
-@@ -25,20 +25,13 @@ int s390_des_ecb_hw(unsigned int functio
- 		    unsigned char *output_data)
- {
- 	int rc = 0;
--	struct sigaction oldact;
--	sigset_t oldset;
--	if ((rc = begin_sigill_section(&oldact, &oldset)) == 0) {
--		rc = s390_km(function_code, keys, output_data, input_data,
--			     input_length);
--
--		end_sigill_section(&oldact, &oldset);
--		
--		if (rc >= 0)
--			return 0;
--		else
--			return EIO;
--	}
--	return rc;
-+	rc = s390_km(function_code, keys, output_data, input_data,
-+		     input_length);
-+
-+	if (rc >= 0)
-+		return 0;
-+	else
-+		return EIO;
- }
- 
- 
-@@ -109,8 +102,6 @@ static int s390_des_cbc_hw(unsigned int 
- 			   unsigned char *input_data, ica_des_vector_t *iv,
- 			   unsigned char *keys, unsigned char *output_data)
- {
--	struct sigaction oldact;
--	sigset_t oldset;
- 	struct {
- 		ica_des_vector_t iv;
- 		ica_des_key_triple_t keys;
-@@ -122,17 +113,13 @@ static int s390_des_cbc_hw(unsigned int 
- 	memcpy(&key_buffer.iv, iv, sizeof(ica_des_vector_t));
- 	memcpy(&key_buffer.keys, keys, key_size);
- 
--	if ((rc = begin_sigill_section(&oldact, &oldset)) == 0) {
--		rc = s390_kmc(function_code, &key_buffer, output_data, input_data,
--			      input_length);
--		end_sigill_section(&oldact, &oldset);
--		if (rc >= 0) {
--			memcpy(iv, &key_buffer.iv, sizeof(ica_des_vector_t));
--			return 0;
--		} else
--			rc = EIO;
--	}
--	return rc;
-+	rc = s390_kmc(function_code, &key_buffer, output_data, input_data,
-+		      input_length);
-+	if (rc >= 0) {
-+		memcpy(iv, &key_buffer.iv, sizeof(ica_des_vector_t));
-+		return 0;
-+	} else
-+		rc = EIO;
- }
- 
- 
-diff -up libica-2/src/s390_prng.c.remove-sigill libica-2/src/s390_prng.c
---- libica-2/src/s390_prng.c.remove-sigill	2011-01-04 11:53:08.000000000 +0100
-+++ libica-2/src/s390_prng.c	2011-01-04 11:53:08.000000000 +0100
-@@ -67,27 +67,22 @@ int s390_prng_init(void)
- {
- 	sem_init(&semaphore, 0, 1);
- 
--	struct sigaction oldact;
--	sigset_t oldset;
- 	int rc = -1;
--	if (begin_sigill_section(&oldact, &oldset) == 0) {
--		int handle;
--		unsigned char seed[16];
--		handle = open("/dev/hwrng", O_RDONLY);
--		if (!handle)
--			handle = open("/dev/urandom", O_RDONLY);
--		if (handle) {
--			rc = read(handle, seed, sizeof(seed));
--		        if (rc != -1)
--				rc = s390_prng_seed(seed, sizeof(seed) /
--						    sizeof(long long));
--			close(handle);
--		} else
--			rc = ENODEV;
-+	int handle;
-+	unsigned char seed[16];
-+	handle = open("/dev/hwrng", O_RDONLY);
-+	if (!handle)
-+		handle = open("/dev/urandom", O_RDONLY);
-+	if (handle) {
-+		rc = read(handle, seed, sizeof(seed));
-+	        if (rc != -1)
-+			rc = s390_prng_seed(seed, sizeof(seed) /
-+					    sizeof(long long));
-+		close(handle);
-+	} else
-+		rc = ENODEV;
- 	// If the original seeding failed, we should try to stir in some
- 	// entropy anyway (since we already put out a message).
--	}
--	end_sigill_section(&oldact, &oldset);
- 	s390_byte_count = 0;
- 
- 	if (rc < 0)
-@@ -107,11 +102,9 @@ static int s390_add_entropy(void)
- 	unsigned char entropy[4 * STCK_BUFFER];
- 	unsigned int K;
- 	int rc = 0;
--	struct sigaction oldact;
--	sigset_t oldset;
- 
--	if (begin_sigill_section(&oldact, &oldset) != 0)
--		return errno;
-+	if (!prng_switch)
-+		return ENOTSUP;
- 
- 	for (K = 0; K < 16; K++) {
- 		if ((s390_stck(entropy + 0 * STCK_BUFFER)) ||
-@@ -145,7 +138,6 @@ out:
- 		rc = 0;
- 	else
- 		rc = EIO;
--	end_sigill_section(&oldact, &oldset);
- 	return rc;
- }
- 
-@@ -190,12 +182,6 @@ static int s390_prng_hw(unsigned char *r
- 	unsigned char last_dw[STCK_BUFFER];
- 	int rc = 0;
- 
--	struct sigaction oldact;
--	sigset_t oldset;
--
--	if ((rc = begin_sigill_section(&oldact, &oldset)) != 0)
--		return rc;
--
- 	sem_wait(&semaphore);
- 
- 	/* Add some additional entropy when the byte count is reached.*/
-@@ -239,7 +225,6 @@ static int s390_prng_hw(unsigned char *r
- 			return EIO;
- 
- 	}
--	end_sigill_section(&oldact, &oldset);
- 	sem_post(&semaphore);
- 
- 	return rc;
-@@ -252,10 +237,8 @@ static int s390_prng_hw(unsigned char *r
-  */
- static int s390_prng_seed(void *srv, unsigned int count)
- {
--	struct sigaction oldact;
--	sigset_t oldset;
--	if (begin_sigill_section(&oldact, &oldset) != 0)
--		return errno;
-+	if (!prng_switch)
-+		return ENOTSUP;
- 
- 	unsigned int i;
- 	int rc;
-@@ -269,6 +252,5 @@ static int s390_prng_seed(void *srv, uns
- 	// Stir one last time.
- 	rc = s390_add_entropy();
- 
--	end_sigill_section(&oldact, &oldset);
- 	return rc;
- }
-diff -up libica-2/src/s390_sha.c.remove-sigill libica-2/src/s390_sha.c
---- libica-2/src/s390_sha.c.remove-sigill	2009-02-04 16:19:22.000000000 +0100
-+++ libica-2/src/s390_sha.c	2011-01-04 11:53:08.000000000 +0100
-@@ -79,9 +79,6 @@ static int s390_sha_hw(unsigned char *iv
- 	 * this can be at most 128 byte for the hash plus 16 byte for the
- 	 * stream length. */
-         unsigned char shabuff[128 + 16];
--	struct sigaction oldact;
--        sigset_t oldset;
--
- 	unsigned char *default_iv = sha_constants[sha_function].default_iv;
- 	unsigned int hash_length = sha_constants[sha_function].hash_length;
- 	unsigned int vector_length = sha_constants[sha_function].vector_length;
-@@ -111,10 +108,6 @@ static int s390_sha_hw(unsigned char *iv
- 	     message_part == SHA_MSG_PART_MIDDLE) && (remnant != 0))
-                 return EINVAL;
- 
--        rc = begin_sigill_section(&oldact, &oldset);
--        if (rc)
--                return rc;
--
- 	unsigned int hw_function_code;
- 	hw_function_code = sha_constants[sha_function].hw_function_code;
-         if (complete_blocks_length) {
-@@ -154,8 +147,6 @@ static int s390_sha_hw(unsigned char *iv
- 			rc = 0;
-         }
- 
--        end_sigill_section(&oldact, &oldset);
--
-         if (rc == 0) {
-                 memcpy((void *)output_data, shabuff, hash_length);
-                 if (message_part != SHA_MSG_PART_FINAL &&
diff --git a/libica-2.1-version.patch b/libica-2.1-version.patch
new file mode 100644
index 0000000..7ea01a6
--- /dev/null
+++ b/libica-2.1-version.patch
@@ -0,0 +1,40 @@
+From 40d49d04da662c8ef27959fd50af51aa606e8046 Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Dan=20Hor=C3=A1k?= <dan@danny.cz>
+Date: Mon, 4 Jul 2011 17:19:28 +0200
+Subject: [PATCH] use a new variable for tracking the API version
+
+---
+ configure.in    |    3 +++
+ src/Makefile.am |    2 +-
+ 2 files changed, 4 insertions(+), 1 deletions(-)
+
+diff --git a/configure.in b/configure.in
+index fc67245..663075f 100644
+--- a/configure.in
++++ b/configure.in
+@@ -3,6 +3,9 @@
+ 
+ AC_INIT(libica, 2.1.0, hd@linux.vnet.ibm.com)
+ 
++LIBICA_API=2.0
++AC_SUBST(LIBICA_API)
++
+ cmdline_CFLAGS="$CFLAGS"
+ 
+ # Compute $target
+diff --git a/src/Makefile.am b/src/Makefile.am
+index f1873b3..5903f27 100644
+--- a/src/Makefile.am
++++ b/src/Makefile.am
+@@ -2,7 +2,7 @@ INCLUDES = -I ./include -I ../include
+ 
+ lib_LTLIBRARIES = libica.la
+ 
+-libica_la_LDFLAGS = -release $(PACKAGE_VERSION) -lrt -lcrypto
++libica_la_LDFLAGS = -release $(LIBICA_API) -lrt -lcrypto
+ 
+ libica_la_SOURCES = icalinux.c ica_api.c init.c icastats_shared.c \
+ 		    s390_rsa.c s390_crypto.c s390_des.c \
+-- 
+1.7.4.4
+
diff --git a/libica.spec b/libica.spec
index e106a04..0790b7e 100644
--- a/libica.spec
+++ b/libica.spec
@@ -1,13 +1,13 @@
 Summary: Library for accessing ICA hardware crypto on IBM zSeries
 Name: libica
-Version: 2.0.6
+Version: 2.1.0
 Release: 1%{?dist}
 License: CPL
 Group: System Environment/Libraries
 URL: http://sourceforge.net/projects/opencryptoki/
 Source0: http://downloads.sourceforge.net/opencryptoki/%{name}-%{version}.tar.gz
-# https://bugzilla.redhat.com/show_bug.cgi?id=624005
-Patch1: %{name}-2.0.3-tests.patch
+# soname backwards compatibility
+Patch0: %{name}-2.1-version.patch
 Buildroot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
 BuildRequires: openssl-devel
 BuildRequires: autoconf automake libtool
@@ -33,16 +33,13 @@ IBM zSeries.
 
 
 %prep
-%setup -q -n %{name}-2.0
+%setup -q -n %{name}-2.1
 
-%patch1 -p1 -b .tests
+%patch0 -p1 -b .version
 
 # fix EOLs
 sed -i -e 's/\r//g' LICENSE
 
-# update the version used in library name
-sed -i -e 's/2\.0\.6/2\.0/' configure.in
-
 sh ./bootstrap.sh
 
 
@@ -82,6 +79,9 @@ rm -rf $RPM_BUILD_ROOT
 
 
 %changelog
+* Thu Jul 07 2011 Dan Horák <dan[at]danny.cz> - 2.1.0-1
+- updated to 2.1.0 with soname set back to 2.0
+
 * Mon Apr 11 2011 Dan Horák <dan[at]danny.cz> - 2.0.6-1
 - updated to 2.0.6
 
diff --git a/sources b/sources
index 7edeb34..3ecaabc 100644
--- a/sources
+++ b/sources
@@ -1 +1 @@
-a65988fd7e58b3e98989d188ea5fa9ae  libica-2.0.6.tar.gz
+53a350f038877a58f8f6a3c02a6c2715  libica-2.1.0.tar.gz