update ABI file for 5.19.17-2-pve

(generated with debian/scripts/abi-generate) Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
bump version to 5.19.17-2
2023-01-28 16:55:50 +01:00 · 2023-01-28 16:55:47 +01:00 · 2023-01-28 16:38:52 +01:00 · 2023-01-28 16:38:25 +01:00 · 2023-01-28 16:26:32 +01:00 · 2023-01-28 16:23:39 +01:00
34 changed files with 28629 additions and 29619 deletions
@@ -1,12 +1,12 @@
 # also bump pve-kernel-meta if either of MAJ.MIN, PATCHLEVEL or KREL change
-KERNEL_MAJ=6
-KERNEL_MIN=2
-KERNEL_PATCHLEVEL=6
+KERNEL_MAJ=5
+KERNEL_MIN=19
+KERNEL_PATCHLEVEL=17
 # increment KREL if the ABI changes (abicheck target in debian/rules)
 # rebuild packages with new KREL and run 'make abiupdate'
 KREL=2

-PKGREL=2~secureboot1
+PKGREL=2

 KERNEL_MAJMIN=$(KERNEL_MAJ).$(KERNEL_MIN)
 KERNEL_VER=$(KERNEL_MAJMIN).$(KERNEL_PATCHLEVEL)
@@ -50,7 +50,7 @@ USR_HDR_DEB=pve-kernel-libc-dev_${KERNEL_VER}-${PKGREL}_${ARCH}.deb
 LINUX_TOOLS_DEB=linux-tools-$(KERNEL_MAJMIN)_${KERNEL_VER}-${PKGREL}_${ARCH}.deb
 LINUX_TOOLS_DBG_DEB=linux-tools-$(KERNEL_MAJMIN)-dbgsym_${KERNEL_VER}-${PKGREL}_${ARCH}.deb

-DEBS=${DST_DEB} ${HDR_DEB} ${LINUX_TOOLS_DEB} ${LINUX_TOOLS_DBG_DEB} # ${USR_HDR_DEB}
+DEBS=${DST_DEB} ${HDR_DEB} ${USR_HDR_DEB} ${LINUX_TOOLS_DEB} ${LINUX_TOOLS_DBG_DEB}

 all: deb
 deb: ${DEBS}
@@ -84,7 +84,7 @@ ${KERNEL_SRC}.prepared: ${KERNEL_SRC_SUBMODULE} | submodule
 	mkdir -p ${BUILD_DIR}
 	cp -a ${KERNEL_SRC_SUBMODULE} ${BUILD_DIR}/${KERNEL_SRC}
 # TODO: split for archs, track and diff in our repository?
-	cd ${BUILD_DIR}/${KERNEL_SRC}; python3 debian/scripts/misc/annotations --arch amd64 --export >../../${KERNEL_CFG_ORG}
+	cat ${BUILD_DIR}/${KERNEL_SRC}/debian.master/config/config.common.ubuntu ${BUILD_DIR}/${KERNEL_SRC}/debian.master/config/${ARCH}/config.common.${ARCH} ${BUILD_DIR}/${KERNEL_SRC}/debian.master/config/${ARCH}/config.flavour.generic > ${KERNEL_CFG_ORG}
 	cp ${KERNEL_CFG_ORG} ${BUILD_DIR}/${KERNEL_SRC}/.config
 	sed -i ${BUILD_DIR}/${KERNEL_SRC}/Makefile -e 's/^EXTRAVERSION.*$$/EXTRAVERSION=${EXTRAVERSION}/'
 	rm -rf ${BUILD_DIR}/${KERNEL_SRC}/debian ${BUILD_DIR}/${KERNEL_SRC}/debian.master
@@ -1,9 +1,9 @@
 KERNEL SOURCE:
 ==============

-We currently use the Ubuntu kernel sources, available from our mirror:
+We currently use the Ubuntu kernel sources, available from:

- https://git.proxmox.com/?p=mirror_ubuntu-kernels.git;a=summary
+ http://kernel.ubuntu.com/git/ubuntu/ubuntu-jammy.git/

 Ubuntu will maintain those kernels till:

@@ -35,7 +35,7 @@ get applied with the `patch` tool. From a git point-of-view, the copied
 directory remains clean even with extra patches applied since it does not
 contain a .git directory, but a reference to the (still pristine) submodule:

-$ cat build/ubuntu-kernel/.git
+$ cat build/ubuntu-jammy/.git

 If you mistakenly cloned the upstream repo as "normal" clone (not via the
 submodule mechanics) this means that you have a real .git directory with its
@@ -63,7 +63,7 @@ git clone git://git.proxmox.com/git/proxmox-ve.git
 pve-kernel-meta
 ---------------

-Depends on latest kernel and header package within a certain kernel series,
+depends on latest kernel and header package within a certain kernel series,
 e.g., pve-kernel-5.15 / pve-headers-5.15

 git clone git://git.proxmox.com/git/pve-kernel-meta.git
@@ -71,7 +71,7 @@ git clone git://git.proxmox.com/git/pve-kernel-meta.git
 pve-firmware
 ------------

-Contains the firmware for all released PVE kernels.
+contains the firmware for all released PVE kernels.

 git clone git://git.proxmox.com/git/pve-firmware.git

@@ -1,37 +0,0 @@
-----BEGIN CERTIFICATE-----
-MIIGbjCCBFagAwIBAgIUTVo8veNlt0qzt14J+H2mhEB2SNUwDQYJKoZIhvcNAQEL
-BQAwgZMxCzAJBgNVBAYTAkFUMQ8wDQYDVQQIDAZWaWVubmExDzANBgNVBAcMBlZp
-ZW5uYTEmMCQGA1UECgwdUHJveG1veCBTZXJ2ZXIgU29sdXRpb25zIEdtYkgxFzAV
-BgNVBAMMDlNlY3VyZSBCb290IENBMSEwHwYJKoZIhvcNAQkBFhJvZmZpY2VAcHJv
-eG1veC5jb20wHhcNMjMwMzA2MTM1MTM0WhcNMzMwMzAzMTM1MTM0WjCBkzELMAkG
-A1UEBhMCQVQxDzANBgNVBAgMBlZpZW5uYTEPMA0GA1UEBwwGVmllbm5hMSYwJAYD
-VQQKDB1Qcm94bW94IFNlcnZlciBTb2x1dGlvbnMgR21iSDEXMBUGA1UEAwwOU2Vj
-dXJlIEJvb3QgQ0ExITAfBgkqhkiG9w0BCQEWEm9mZmljZUBwcm94bW94LmNvbTCC
-AiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAJ59mP8gRLqsA6P53ejy0wMk
-0qLlICtDkPXsJoi4QRHjlPErxXv5zsZ4WqSG2bQ8EW95FAf8EOF6ge+G17neYt1w
-DmlvHzLBfqTJj5EBRgVjdWOjX3AkS/elOyzHdq4rKOteUSpQlMP4ub2cAUdy/8rp
-ouTbduttNv8mymAO89/kbXCEmKFiRS+av+hykFFyXH/KTRa2QnvLVadMEkmtA+vm
-+yQhYWCTD8hdisa1o3dKM0Z2l8LyzfIOsVXcwHHB7AhtR4tbLR9Tz2p/m9Gz//vj
-82dBaChh6kxIMZ8kACP28dA561R2P6ZcjzLSJ0Tq5e4tiW9SNEzuTYKTRvFeQoQh
-4usDdSF3ifXDuimShpv8Yaf4fntyIaUfnm6H5tvNr9b9Rw6ZL200LV5VugQ1EpfE
-F0+c3LQfurwT7svISgXSY62Fe/TiHFANOVXM5j3/Dr2ktKyce7BUGN4ewpWPvP99
-io+rdd4bTReuDh8j0nhsSdYKfvuOmvQpgL8Smzno54/hdpuO6cv+slCr1ApDexl8
-gAPPwCZRsH7aPc92g+YPzDm3k77RqkCXPA19KKQLYKvL7a+H3rnqgO81CdGFPHOz
-I5UruKLLeDGAWR0bo0JqDMEL8/oPh9IvGo8lFcTros0NEof6A7p8SGmxM2NodTo9
-spDVs84xDPlp4yX4u8A9AgMBAAGjgbcwgbQwDwYDVR0TAQH/BAUwAwEB/zAOBgNV
-HQ8BAf8EBAMCAYYwEwYDVR0lBAwwCgYIKwYBBQUHAwMwHQYDVR0OBBYEFLXxsR5I
-LbWGkynLl1qjUgX4cs16MB8GA1UdIwQYMBaAFLXxsR5ILbWGkynLl1qjUgX4cs16
-MB0GA1UdEQQWMBSBEm9mZmljZUBwcm94bW94LmNvbTAdBgNVHRIEFjAUgRJvZmZp
-Y2VAcHJveG1veC5jb20wDQYJKoZIhvcNAQELBQADggIBAAUGWTt792ibVtE9yKgq
-9YtmybKGWjDHdMKl5AcnxLD60z7cEgcUBpEXaUbTzic5rz7fYhUM29LZkF8NIA2a
-rzrF0w+J1zZZKG2VvTWmdgynNNKQ/iTRbhgSZ94hEWOwumlEW4O6HwUN+VYFx8wf
-jvyWc1K6cdCc70IeC5POjYTlXKPoDq8ysPMLhxm7dsk7DDWcR0siMbYqGLLK5cJB
-lZE+9Q3Nj/q4m3odjK1ILrDGKqWWJgxopE21e903Ej+TNw+TduXygHqwVloEXUi4
-clmMMwCfhEBI9Vuy0+QSLxvrHKbwYpWd59RBQEsUubi8sT8Oh7njgmEd/Pf9uD7U
-1Rd9I+1MkNOZXyoyvaJQl9NZ9RpyG+ZbeQoFcL2CeCy0jJQQSilI5k4RtiDrGn6R
-GxlRL/FTvGWBkQGNwvoeFwD6i7zYainf1Z7f1Dh83MxKarxpAwX61K+rHpvAvjN/
-Hd4dslj5C+p188FnGaqiFlFAgVcF//F+yZFGYu1sTIQJ5f0C3LiFLeQYi3SPTf0L
-wk78eHgo6x1cIOM3/Ct4mflHBxnrfOJ9YdEAn2MklpDT5dif+9+zpN1myCQn4HoW
-OgoWIacSuvuFczHTQf2IX4ZEEE5SZwE31f7E0cqjgXmwbz1a81UMZHzvr71rDeWi
-oRgE3Pe1htzpOmw5Ygvjtn8k
-----END CERTIFICATE-----
@@ -1,37 +0,0 @@
-----BEGIN CERTIFICATE-----
-MIIGbzCCBFegAwIBAgIUakjebPHbd0vTEj9dEa3OF+gioGMwDQYJKoZIhvcNAQEL
-BQAwgZMxCzAJBgNVBAYTAkFUMQ8wDQYDVQQIDAZWaWVubmExDzANBgNVBAcMBlZp
-ZW5uYTEmMCQGA1UECgwdUHJveG1veCBTZXJ2ZXIgU29sdXRpb25zIEdtYkgxFzAV
-BgNVBAMMDlNlY3VyZSBCb290IENBMSEwHwYJKoZIhvcNAQkBFhJvZmZpY2VAcHJv
-eG1veC5jb20wHhcNMjMwMzA2MTQwNTI1WhcNMjcwNDE0MTQwNTI1WjCBmjELMAkG
-A1UEBhMCQVQxDzANBgNVBAgMBlZpZW5uYTEPMA0GA1UEBwwGVmllbm5hMSYwJAYD
-VQQKDB1Qcm94bW94IFNlcnZlciBTb2x1dGlvbnMgR21iSDEeMBwGA1UEAwwVU2Vj
-dXJlIEJvb3QgU2lnbiAyMDIzMSEwHwYJKoZIhvcNAQkBFhJvZmZpY2VAcHJveG1v
-eC5jb20wggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDJGReH5i3aihb/
-frdbzzNueHBt7DC9W2/GXYf0wfl8izCXz2SYM/UIZavbpzF2uhgxli3Dj4M0FyR2
-oTKRseWyy+YMiwuhQcqCw0KRS6uOUiGjOtPHsEqDFO6DP8d1gNjYkF0jzY/CNf0N
-5Sc+w8jknQJgZ9G1RGcC2ihZATx2pgG9nYA30Op8qHyhcF2KrUmh8wpXky21u0Ja
-0/whsNFNSfQrvosgUroxLd2TvBdcBJu3SXt0B15jfY4Qssjmwgfs/oU8YGaAYnIp
-PLJRqzho/kpDA3PH2lsgxv5BJHQgDuODLj3Q3dx09C71Qdb3FlQ6z9hIdFUoPrvC
-kUpZ5lEwGUyvFZtJJQvGm/1BpDj1G7P8lqODyfkJ4c77XoH7M9z945HmxrfAyjP7
-9Jk8NXA9bSy+ygPHPHlTLEc10HKvk/SRg/sGGUveTr9C6rObfP8EmvXogpS46xSn
-W9s2vFSVFyOBvLpdIhU91McBFinvQaqY0r2XTNrsU3Zp5YG3z6hh6BOLCpD/pixc
-BQyfT8wGeI59dobVSSrWqt+1vNxO02I5t7Mlam687Ix1e3C/nk7+i44WMcmB8n+x
-Dq/v/L+UJlQ75u2dsaAiYUrGcsHQWAZ34oIAfec9qCgG+OLTwobwXXiOlaWiO51n
-0xCQ4ePK+vZuDxRHaXL7hOxFCe3iKwIDAQABo4GxMIGuMB0GA1UdDgQWBBRr/2t+
-Hu0KTVTbNhd31p7aJH15IjAfBgNVHSMEGDAWgBS18bEeSC21hpMpy5dao1IF+HLN
-ejAdBgNVHREEFjAUgRJvZmZpY2VAcHJveG1veC5jb20wHQYDVR0SBBYwFIESb2Zm
-aWNlQHByb3htb3guY29tMAwGA1UdEwEB/wQCMAAwEwYDVR0lBAwwCgYIKwYBBQUH
-AwMwCwYDVR0PBAQDAgbAMA0GCSqGSIb3DQEBCwUAA4ICAQBYmLgWPJSK/pP/CkZE
-iYttW1Vd0Wm4DeZVSyUh2c9AI+A+IT5otEXjCflU8sYU4vm0eEtNwhmGdVf8oZe4
-tS/2eFawDAqEQ8xMsinbMJoqvcYx9uEZPiOOo3GS2YjfUy03Q3BAOV3rMFOjP4y+
-dfYF3IWnKQxvUV0wapRyDbT62plKt4UCtBagUPcm838YRD6ax+4yK/5sojMQM1IW
-2yGgEz8jeCyPI19Ots2RBZTJU2BZ1QqRPLybvLfsENtKgKqOE14BEp6WqtYBaj89
-QZD4tbP9Mqcmnj8AfG89pb1Fj6tq0MLZsboF6i0J7uuQ6CKkb5ksQhLODLMwAZi1
-1EAgWk5btwj6ZvoOHFOjAXGJ13tmUeYt/Zipyy/ie+5LSEdFevQ+zmZzsglfX3QK
-6skoBpHs3kLcuPsoe8uhCvn/b22lHkFdYYkIwIUQFPJgdvBzD8LYHnD8P60UdsQO
-vSSt9qzsq04DCEjwhmNJUeddL9ESGNL8vgpB9GvNjFEq6QMncELkdXDoAeqGFolE
-/dj+8sVq+34plRsvD1GDDx70UWk0ZtQlvhqDJ0kxeT+yYASrwLoujK44SLq8cMJr
-JYxDoxFOy5MSw+EzEXTP9LLkYNdPv/nzPbEz3lEctczyOgBWr22272Kdv3QCHBdP
-v4+vFbHnrXmu8cC9T45r2aX3rQ==
-----END CERTIFICATE-----
@@ -1,68 +1,12 @@
-pve-kernel (6.2.6-2~secureboot1) bullseye; urgency=medium
+pve-kernel (5.19.17-2) bullseye; urgency=medium

-  * test build with lockdown, trusted key and module signing
+  * update submodule to Ubuntu-5.19.0-31.32

- -- Proxmox Support Team <support@proxmox.com>  Thu, 16 Mar 2023 14:56:01 +0100
+  * bump ABI to 5.19.17-2

-pve-kernel (6.2.6-1) bullseye; urgency=medium
+  * note that this is likely the last release for Proxmox's 5.19 based kernel

-  * update to Ubuntu-6.2.0-17.17 based on 6.2.6
-
- -- Proxmox Support Team <support@proxmox.com>  Tue, 14 Mar 2023 18:08:23 +0100
-
-pve-kernel (6.2.2-1) bullseye; urgency=medium
-
-  * update to Ubuntu-6.2.0-1.1
-
- -- Proxmox Support Team <support@proxmox.com>  Mon, 13 Mar 2023 17:57:00 +0100
-
-pve-kernel (6.1.15-1) bullseye; urgency=medium
-
-  * update to Proxmox-6.1.15-1
-
-  * backport patch to fix issue with large IO requests
-
- -- Proxmox Support Team <support@proxmox.com>  Wed, 08 Mar 2023 09:53:18 +0100
-
-pve-kernel (6.1.14-1) bullseye; urgency=medium
-
-  * update to Proxmox-6.1.14-1
-
- -- Proxmox Support Team <support@proxmox.com>  Mon, 27 Feb 2023 18:09:47 +0100
-
-pve-kernel (6.1.10-1) bullseye; urgency=medium
-
-  * update to Proxmox-6.1.10-1
-
- -- Proxmox Support Team <support@proxmox.com>  Tue, 07 Feb 2023 14:10:10 +0100
-
-pve-kernel (6.1.6-1) bullseye; urgency=medium
-
-  * update ZFS to 2.1.9
-
-  * update to Ubuntu-6.1.0-14.14 based on upstream 6.1.6
-
- -- Proxmox Support Team <support@proxmox.com>  Sat, 28 Jan 2023 15:05:09 +0100
-
-pve-kernel (6.1.2-1) bullseye; urgency=medium
-
-  * backport ZFS compat fixes for Linux 6.1 w.r.t. a OTMPFILE open syscall
-
-  * update to Ubuntu-6.1.0-12.12
-
-  * backport a few newer fixes-of-fixes from 6.1.4
-
-  * bump ABI to 6.1.2-1
-
- -- Proxmox Support Team <support@proxmox.com>  Sat, 07 Jan 2023 14:56:01 +0100
-
-pve-kernel (6.1.0-1) bullseye; urgency=medium
-
-  * update to Ubuntu-6.1.0-1.1 based on upstram v6.1
-
-  * update ZFS to 2.1.7
-
- -- Proxmox Support Team <support@proxmox.com>  Tue, 13 Dec 2022 15:08:53 +0100
+ -- Proxmox Support Team <support@proxmox.com>  Sat, 28 Jan 2023 16:40:25 +0100

 pve-kernel (5.19.17-1) bullseye; urgency=medium

@@ -62,7 +62,7 @@ Priority: optional
 Architecture: any
 Provides: linux-image-@KVNAME@-amd64
 Suggests: pve-firmware
-Depends: busybox, initramfs-tools | linux-initramfs-tool
+Depends: busybox, initramfs-tools
 Recommends: grub-pc | grub-efi-amd64 | grub-efi-ia32 | grub-efi-arm64
 Description: Proxmox Kernel Image
 This package contains the linux kernel and initial ramdisk used for booting
@@ -80,13 +80,6 @@ Description: Proxmox Kernel debug image
 to analyze kernel crashes. This package also contains the pve-kernel modules
 in their unstripped version.

-Package: pve-kernel-@KVNAME@-signed-template
-Architecture: amd64
-Depends: ${shlibs:Depends}, ${misc:Depends}, make | build-essential | dpkg-dev
-Description: Template for signed kernel package
- This package is used to control code signing by the Proxmox signing
- service.
-
 Package: pve-kernel-libc-dev
 Section: devel
 Priority: optional
@@ -12,14 +12,11 @@ include debian/rules.d/env.mk
 include debian/rules.d/${DEB_BUILD_ARCH}.mk

 CHANGELOG_DATE:=$(shell dpkg-parsechangelog -SDate)
-CHANGELOG_DATE_UTC_ISO := $(shell date -u -d '$(CHANGELOG_DATE)' +%Y-%m-%dT%H:%MZ)

 PVE_KERNEL_PKG=pve-kernel-${KVNAME}
 PVE_DEBUG_KERNEL_PKG=pve-kernel-${KVNAME}-dbgsym
 PVE_HEADER_PKG=pve-headers-${KVNAME}
 PVE_USR_HEADER_PKG=pve-kernel-libc-dev
-PVE_KERNEL_SIGNING_TEMPLATE_PKG=pve-kernel-${KVNAME}-signed-template
-PVE_KERNEL_SIGNED_VERSION := $(shell echo ${DEB_VERSION} | sed -e 's/-/+/')
 LINUX_TOOLS_PKG=linux-tools-${KERNEL_MAJMIN}
 KERNEL_SRC_COPY=${KERNEL_SRC}_tmp

@@ -32,7 +29,6 @@ PVE_CONFIG_OPTS= \
 -m CONFIG_CEPH_FS \
 -m CONFIG_BLK_DEV_NBD \
 -m CONFIG_BLK_DEV_RBD \
-m CONFIG_BLK_DEV_UBLK \
 -d CONFIG_SND_PCSP \
 -m CONFIG_BCACHE \
 -m CONFIG_JFS_FS \
@@ -53,13 +49,7 @@ PVE_CONFIG_OPTS= \
 -e CONFIG_CPU_FREQ_DEFAULT_GOV_PERFORMANCE \
 -e CONFIG_SYSFB_SIMPLEFB \
 -e CONFIG_DRM_SIMPLEDRM \
-e CONFIG_MODULE_SIG \
-e CONFIG_MODULE_SIG_ALL \
-e CONFIG_MODULE_SIG_FORMAT \
--set-str CONFIG_MODULE_SIG_HASH sha512 \
--set-str CONFIG_MODULE_SIG_KEY certs/signing_key.pem \
-e CONFIG_MODULE_SIG_KEY_TYPE_RSA \
-e CONFIG_MODULE_SIG_SHA512 \
+-d CONFIG_MODULE_SIG \
 -d CONFIG_MEMCG_DISABLED \
 -e CONFIG_MEMCG_SWAP_ENABLED \
 -e CONFIG_HYPERV \
@@ -82,19 +72,17 @@ PVE_CONFIG_OPTS= \
 -d CONFIG_DEFAULT_CFQ \
 -e CONFIG_DEFAULT_DEADLINE \
 -e CONFIG_MODVERSIONS \
-e CONFIG_ZSTD_COMPRESS \
 -d CONFIG_DEFAULT_SECURITY_DAC \
 -e CONFIG_DEFAULT_SECURITY_APPARMOR \
 --set-str CONFIG_DEFAULT_SECURITY apparmor \
-e CONFIG_MODULE_ALLOW_BTF_MISMATCH \
 -d CONFIG_UNWINDER_ORC \
 -d CONFIG_UNWINDER_GUESS \
 -e CONFIG_UNWINDER_FRAME_POINTER \
--set-str CONFIG_SYSTEM_TRUSTED_KEYS "../debian/certs/combined.pem"\
+--set-str CONFIG_SYSTEM_TRUSTED_KEYS ""\
 --set-str CONFIG_SYSTEM_REVOCATION_KEYS ""\
-e CONFIG_SECURITY_LOCKDOWN_LSM \
-e CONFIG_SECURITY_LOCKDOWN_LSM_EARLY \
--set-str CONFIG_LSM lockdown,yama,integrity,apparmor \
+-d CONFIG_SECURITY_LOCKDOWN_LSM \
+-d CONFIG_SECURITY_LOCKDOWN_LSM_EARLY \
+--set-str CONFIG_LSM yama,integrity,apparmor \
 -e CONFIG_PAGE_TABLE_ISOLATION

 debian/control: $(wildcard debian/*.in)
@@ -108,20 +96,6 @@ debian/control: $(wildcard debian/*.in)
 	chmod +x debian/${PVE_HEADER_PKG}.postinst
 	sed -e 's/@KVNAME@/${KVNAME}/g' -e 's/@KVMAJMIN@/${KERNEL_MAJMIN}/g' < debian/control.in > debian/control

-	# combine trusted certificates
-	cat debian/certs/*.pem > debian/certs/combined.pem
-
-	# signing-template
-	sed -e '1 s/pve-kernel/pve-kernel-signed/' -e '1 s/${DEB_VERSION}/${PVE_KERNEL_SIGNED_VERSION}/' < debian/changelog > debian/signing-template/changelog
-	sed -e 's/@KVNAME@/${KVNAME}/g' -e 's/@UNSIGNED_VERSION@/${DEB_VERSION}/g' < debian/signing-template/control.in > debian/signing-template/control
-	sed -e 's/@KVNAME@/${KVNAME}/g' < debian/signing-template/files.json.in > debian/signing-template/files.json
-	sed -e 's/@KVNAME@/${KVNAME}/g' -e 's/@PKG_VERSION@/${DEB_VERSION}/' < debian/signing-template/rules.in > debian/signing-template/rules
-	sed -e 's/@@KVNAME@@/${KVNAME}/g' < debian/pve-kernel.prerm.in > debian/signing-template/prerm
-	sed -e 's/@@KVNAME@@/${KVNAME}/g' < debian/pve-kernel.postrm.in > debian/signing-template/postrm
-	sed -e 's/@@KVNAME@@/${KVNAME}/g' < debian/pve-kernel.postinst.in > debian/signing-template/postinst
-	rm debian/signing-template/*.in
-	cp debian/SOURCE debian/signing-template/
-
 build: .compile_mark .tools_compile_mark .modules_compile_mark

 install: .install_mark .tools_install_mark .headers_install_mark .usr_headers_install_mark
@@ -151,7 +125,7 @@ binary: install
 	touch $@

 .compile_mark: .config_mark
-	${MAKE} -C ${KERNEL_SRC} KBUILD_BUILD_VERSION_TIMESTAMP="PVE ${DEB_VERSION} (${CHANGELOG_DATE_UTC_ISO})"
+	${MAKE} -C ${KERNEL_SRC} KBUILD_BUILD_VERSION_TIMESTAMP="PVE ${DEB_VERSION} (${CHANGELOG_DATE})"
 	touch $@

 .install_mark: .compile_mark .modules_compile_mark
@@ -183,14 +157,6 @@ endif

 	# strip debug info
 	find debian/${PVE_KERNEL_PKG}/lib/modules -name \*.ko -print | while read f ; do strip --strip-debug "$$f"; done
-
-	# sign modules using ephemeral, embedded key
-	if grep -q CONFIG_MODULE_SIG=y ubuntu-kernel/.config ; then \
-		find debian/${PVE_KERNEL_PKG}/lib/modules -name \*.ko -print | while read f ; do \
-			./ubuntu-kernel/scripts/sign-file sha512 ./ubuntu-kernel/certs/signing_key.pem ubuntu-kernel/certs/signing_key.x509 "$$f" ; \
-		done; \
-		rm ./ubuntu-kernel/certs/signing_key.pem ; \
-	fi
 	# finalize
 	/sbin/depmod -b debian/${PVE_KERNEL_PKG}/ ${KVNAME}
 	# Autogenerate blacklist for watchdog devices (see README)
@@ -200,22 +166,6 @@ endif
 	cat watchdog-blacklist.tmp|sed -e 's/^/blacklist /' -e 's/.ko$$//'|sort -u > debian/${PVE_KERNEL_PKG}/lib/modprobe.d/blacklist_${PVE_KERNEL_PKG}.conf
 	rm -f debian/${PVE_KERNEL_PKG}/lib/modules/${KVNAME}/source
 	rm -f debian/${PVE_KERNEL_PKG}/lib/modules/${KVNAME}/build
-
-	# copy signing template contents
-	rm -rf debian/${PVE_KERNEL_SIGNING_TEMPLATE_PKG}
-	mkdir -p debian/${PVE_KERNEL_SIGNING_TEMPLATE_PKG}/usr/share/code-signing/${PVE_KERNEL_SIGNING_TEMPLATE_PKG}/source-template/debian
-	cp -R debian/copyright \
-		debian/signing-template/rules \
-		debian/signing-template/control \
-		debian/signing-template/source \
-		debian/signing-template/changelog \
-		debian/signing-template/prerm \
-		debian/signing-template/postrm \
-		debian/signing-template/postinst \
-		debian/signing-template/SOURCE \
-		debian/${PVE_KERNEL_SIGNING_TEMPLATE_PKG}/usr/share/code-signing/${PVE_KERNEL_SIGNING_TEMPLATE_PKG}/source-template/debian
-	cp debian/signing-template/files.json debian/${PVE_KERNEL_SIGNING_TEMPLATE_PKG}/usr/share/code-signing/${PVE_KERNEL_SIGNING_TEMPLATE_PKG}/
-
 	touch $@

 .tools_compile_mark: .compile_mark
@@ -1,25 +0,0 @@
-Source: pve-kernel-signed
-Section: kernel
-Priority: optional
-Maintainer: Proxmox Support Team <support@proxmox.com>
-Standards-Version: 4.2.0
-Build-Depends: debhelper-compat (= 12), dh-exec, python3:any, rsync, sbsigntool, pve-kernel-@KVNAME@ (= @UNSIGNED_VERSION@)
-Rules-Requires-Root: no
-Vcs-Git: git://git.proxmox.com/git/pve-kernel
-Vcs-Browser: https://git.proxmox.com/?p=pve-kernel.git
-
-Package: pve-kernel-@KVNAME@-signed
-Section: admin
-Priority: optional
-Architecture: any
-Provides: linux-image-@KVNAME@-amd64, pve-kernel-@KVNAME@
-Depends: ${unsigned:Depends}, ${misc:Depends}
-Recommends: ${unsigned:Recommends}
-Suggests: ${unsigned:Suggests}
-Breaks: ${unsigned:Breaks}
-Conflicts: pve-kernel-@KVNAME@
-Replaces: pve-kernel-@KVNAME@
-Description: ${unsigned:DescriptionShort} (signed)
- ${unsigned:DescriptionLong}
- .
- This package contains the kernel image signed by the Proxmox Secure Boot CA.
@@ -1,13 +0,0 @@
-{
-	"packages": {
-		"pve-kernel-@KVNAME@": {
-			"trusted_certs": [],
-			"files": [
-				{
-					"sig_type": "efi",
-					"file": "boot/vmlinuz-@KVNAME@"
-				}
-			]
-		}
-	}
-}
@@ -1,58 +0,0 @@
-#!/usr/bin/make -f
-
-SHELL := bash -e
-
-export DH_OPTIONS
-
-include /usr/share/dpkg/architecture.mk
-
-KERNEL_VERSION=@KVNAME@
-IMAGE_PACKAGE_NAME=pve-kernel-$(KERNEL_VERSION)
-PACKAGE_NAME=$(IMAGE_PACKAGE_NAME)-signed
-PACKAGE_VERSION=@PKG_VERSION@
-PACKAGE_DIR=debian/$(PACKAGE_NAME)
-SIGNATURE_DIR=debian/signatures/${IMAGE_PACKAGE_NAME}
-
-build: build-arch build-indep
-build-arch:
-build-indep:
-
-clean:
-	dh_testdir
-	dh_clean
-
-binary: binary-arch binary-indep
-binary-arch:
-	dh_testdir
-	mkdir -p $(PACKAGE_DIR)/boot
-	rsync -a $(patsubst %,/boot/%-$(KERNEL_VERSION),config System.map vmlinuz) $(PACKAGE_DIR)/boot/
-	if [ -f $(SIGNATURE_DIR)/boot/vmlinuz-$(KERNEL_VERSION).sig ]; then \
-		sbattach --attach $(SIGNATURE_DIR)/boot/vmlinuz-$(KERNEL_VERSION).sig \
-			$(PACKAGE_DIR)/boot/vmlinuz-$(KERNEL_VERSION); \
-	else \
-		echo "No signature for image 'vmlinuz-$(KERNEL_VERSION)' found in '$(SIGNATURE_DIR)'"; \
-		false; \
-	fi
-	mkdir -p $(PACKAGE_DIR)/lib/modules/$(KERNEL_VERSION)
-	rsync -ar /lib/modules/$(KERNEL_VERSION)/ $(PACKAGE_DIR)/lib/modules/$(KERNEL_VERSION)/
-	mkdir -p $(PACKAGE_DIR)/lib/modprobe.d/
-	cp /lib/modprobe.d/blacklist_$(IMAGE_PACKAGE_NAME).conf $(PACKAGE_DIR)/lib/modprobe.d/
-	dh_install
-	dh_installchangelogs
-	dh_installdocs -A debian/copyright debian/SOURCE
-	dh_lintian
-	dh_compress
-	dh_fixperms
-	dh_installdeb
-	# Copy most package relations and description from unsigned package
-	for field in Depends Suggests Recommends Breaks; do \
-		echo >> debian/$(PACKAGE_NAME).substvars "unsigned:$$field=$$(dpkg-query -f '$${'$$field'}' -W $(IMAGE_PACKAGE_NAME))"; \
-	done
-	echo >> debian/$(PACKAGE_NAME).substvars "unsigned:DescriptionShort=$$(dpkg-query -f '$${Description}' -W $(IMAGE_PACKAGE_NAME) | head -n 1)"
-	echo >> debian/$(PACKAGE_NAME).substvars "unsigned:DescriptionLong=$$(dpkg-query -f '$${Description}' -W $(IMAGE_PACKAGE_NAME) | tail -n +2 | sed -rz 's/\$$/$${}/g; s/^ //; s/\n \.?/$${Newline}/g')"
-	dh_gencontrol -- -v$(PACKAGE_VERSION)
-	dh_md5sums
-	dh_builddeb
-binary-indep:
-
-.PHONY: build build-arch build-indep clean binary binary-arch binary-indep
@@ -1 +0,0 @@
-3.0 (native)
@@ -22,8 +22,6 @@ amdgpu/aldebaran_mec2.bin kernel/drivers/gpu/drm/amd/amdgpu/amdgpu.ko
 amdgpu/aldebaran_mec.bin kernel/drivers/gpu/drm/amd/amdgpu/amdgpu.ko
 amdgpu/aldebaran_rlc.bin kernel/drivers/gpu/drm/amd/amdgpu/amdgpu.ko
 amdgpu/aldebaran_sdma.bin kernel/drivers/gpu/drm/amd/amdgpu/amdgpu.ko
-amdgpu/aldebaran_sjt_mec2.bin kernel/drivers/gpu/drm/amd/amdgpu/amdgpu.ko
-amdgpu/aldebaran_sjt_mec.bin kernel/drivers/gpu/drm/amd/amdgpu/amdgpu.ko
 amdgpu/aldebaran_smc.bin kernel/drivers/gpu/drm/amd/amdgpu/amdgpu.ko
 amdgpu/aldebaran_sos.bin kernel/drivers/gpu/drm/amd/amdgpu/amdgpu.ko
 amdgpu/aldebaran_ta.bin kernel/drivers/gpu/drm/amd/amdgpu/amdgpu.ko
@@ -80,11 +78,8 @@ amdgpu/cyan_skillfish2_pfp.bin kernel/drivers/gpu/drm/amd/amdgpu/amdgpu.ko
 amdgpu/cyan_skillfish2_rlc.bin kernel/drivers/gpu/drm/amd/amdgpu/amdgpu.ko
 amdgpu/cyan_skillfish2_sdma1.bin kernel/drivers/gpu/drm/amd/amdgpu/amdgpu.ko
 amdgpu/cyan_skillfish2_sdma.bin kernel/drivers/gpu/drm/amd/amdgpu/amdgpu.ko
-amdgpu/dcn_3_1_4_dmcub.bin kernel/drivers/gpu/drm/amd/amdgpu/amdgpu.ko
 amdgpu/dcn_3_1_5_dmcub.bin kernel/drivers/gpu/drm/amd/amdgpu/amdgpu.ko
 amdgpu/dcn_3_1_6_dmcub.bin kernel/drivers/gpu/drm/amd/amdgpu/amdgpu.ko
-amdgpu/dcn_3_2_0_dmcub.bin kernel/drivers/gpu/drm/amd/amdgpu/amdgpu.ko
-amdgpu/dcn_3_2_1_dmcub.bin kernel/drivers/gpu/drm/amd/amdgpu/amdgpu.ko
 amdgpu/dimgrey_cavefish_ce.bin kernel/drivers/gpu/drm/amd/amdgpu/amdgpu.ko
 amdgpu/dimgrey_cavefish_dmcub.bin kernel/drivers/gpu/drm/amd/amdgpu/amdgpu.ko
 amdgpu/dimgrey_cavefish_me.bin kernel/drivers/gpu/drm/amd/amdgpu/amdgpu.ko
@@ -142,20 +137,6 @@ amdgpu/gc_11_0_2_mes1.bin kernel/drivers/gpu/drm/amd/amdgpu/amdgpu.ko
 amdgpu/gc_11_0_2_mes.bin kernel/drivers/gpu/drm/amd/amdgpu/amdgpu.ko
 amdgpu/gc_11_0_2_pfp.bin kernel/drivers/gpu/drm/amd/amdgpu/amdgpu.ko
 amdgpu/gc_11_0_2_rlc.bin kernel/drivers/gpu/drm/amd/amdgpu/amdgpu.ko
-amdgpu/gc_11_0_3_imu.bin kernel/drivers/gpu/drm/amd/amdgpu/amdgpu.ko
-amdgpu/gc_11_0_3_me.bin kernel/drivers/gpu/drm/amd/amdgpu/amdgpu.ko
-amdgpu/gc_11_0_3_mec.bin kernel/drivers/gpu/drm/amd/amdgpu/amdgpu.ko
-amdgpu/gc_11_0_3_mes1.bin kernel/drivers/gpu/drm/amd/amdgpu/amdgpu.ko
-amdgpu/gc_11_0_3_mes.bin kernel/drivers/gpu/drm/amd/amdgpu/amdgpu.ko
-amdgpu/gc_11_0_3_pfp.bin kernel/drivers/gpu/drm/amd/amdgpu/amdgpu.ko
-amdgpu/gc_11_0_3_rlc.bin kernel/drivers/gpu/drm/amd/amdgpu/amdgpu.ko
-amdgpu/gc_11_0_4_imu.bin kernel/drivers/gpu/drm/amd/amdgpu/amdgpu.ko
-amdgpu/gc_11_0_4_me.bin kernel/drivers/gpu/drm/amd/amdgpu/amdgpu.ko
-amdgpu/gc_11_0_4_mec.bin kernel/drivers/gpu/drm/amd/amdgpu/amdgpu.ko
-amdgpu/gc_11_0_4_mes1.bin kernel/drivers/gpu/drm/amd/amdgpu/amdgpu.ko
-amdgpu/gc_11_0_4_mes.bin kernel/drivers/gpu/drm/amd/amdgpu/amdgpu.ko
-amdgpu/gc_11_0_4_pfp.bin kernel/drivers/gpu/drm/amd/amdgpu/amdgpu.ko
-amdgpu/gc_11_0_4_rlc.bin kernel/drivers/gpu/drm/amd/amdgpu/amdgpu.ko
 amdgpu/green_sardine_asd.bin kernel/drivers/gpu/drm/amd/amdgpu/amdgpu.ko
 amdgpu/green_sardine_ce.bin kernel/drivers/gpu/drm/amd/amdgpu/amdgpu.ko
 amdgpu/green_sardine_dmcub.bin kernel/drivers/gpu/drm/amd/amdgpu/amdgpu.ko
@@ -366,17 +347,9 @@ amdgpu/polaris12_smc.bin kernel/drivers/gpu/drm/amd/amdgpu/amdgpu.ko
 amdgpu/polaris12_uvd.bin kernel/drivers/gpu/drm/amd/amdgpu/amdgpu.ko
 amdgpu/polaris12_vce.bin kernel/drivers/gpu/drm/amd/amdgpu/amdgpu.ko
 amdgpu/psp_13_0_0_sos.bin kernel/drivers/gpu/drm/amd/amdgpu/amdgpu.ko
-amdgpu/psp_13_0_0_ta.bin kernel/drivers/gpu/drm/amd/amdgpu/amdgpu.ko
-amdgpu/psp_13_0_10_sos.bin kernel/drivers/gpu/drm/amd/amdgpu/amdgpu.ko
-amdgpu/psp_13_0_10_ta.bin kernel/drivers/gpu/drm/amd/amdgpu/amdgpu.ko
-amdgpu/psp_13_0_11_ta.bin kernel/drivers/gpu/drm/amd/amdgpu/amdgpu.ko
-amdgpu/psp_13_0_11_toc.bin kernel/drivers/gpu/drm/amd/amdgpu/amdgpu.ko
-amdgpu/psp_13_0_4_ta.bin kernel/drivers/gpu/drm/amd/amdgpu/amdgpu.ko
-amdgpu/psp_13_0_4_toc.bin kernel/drivers/gpu/drm/amd/amdgpu/amdgpu.ko
 amdgpu/psp_13_0_5_ta.bin kernel/drivers/gpu/drm/amd/amdgpu/amdgpu.ko
 amdgpu/psp_13_0_5_toc.bin kernel/drivers/gpu/drm/amd/amdgpu/amdgpu.ko
 amdgpu/psp_13_0_7_sos.bin kernel/drivers/gpu/drm/amd/amdgpu/amdgpu.ko
-amdgpu/psp_13_0_7_ta.bin kernel/drivers/gpu/drm/amd/amdgpu/amdgpu.ko
 amdgpu/psp_13_0_8_ta.bin kernel/drivers/gpu/drm/amd/amdgpu/amdgpu.ko
 amdgpu/psp_13_0_8_toc.bin kernel/drivers/gpu/drm/amd/amdgpu/amdgpu.ko
 amdgpu/raven2_asd.bin kernel/drivers/gpu/drm/amd/amdgpu/amdgpu.ko
@@ -418,7 +391,6 @@ amdgpu/sdma_5_2_7.bin kernel/drivers/gpu/drm/amd/amdgpu/amdgpu.ko
 amdgpu/sdma_6_0_0.bin kernel/drivers/gpu/drm/amd/amdgpu/amdgpu.ko
 amdgpu/sdma_6_0_1.bin kernel/drivers/gpu/drm/amd/amdgpu/amdgpu.ko
 amdgpu/sdma_6_0_2.bin kernel/drivers/gpu/drm/amd/amdgpu/amdgpu.ko
-amdgpu/sdma_6_0_3.bin kernel/drivers/gpu/drm/amd/amdgpu/amdgpu.ko
 amdgpu/si58_mc.bin kernel/drivers/gpu/drm/amd/amdgpu/amdgpu.ko
 amdgpu/sienna_cichlid_cap.bin kernel/drivers/gpu/drm/amd/amdgpu/amdgpu.ko
 amdgpu/sienna_cichlid_ce.bin kernel/drivers/gpu/drm/amd/amdgpu/amdgpu.ko
@@ -436,7 +408,6 @@ amdgpu/sienna_cichlid_sos.bin kernel/drivers/gpu/drm/amd/amdgpu/amdgpu.ko
 amdgpu/sienna_cichlid_ta.bin kernel/drivers/gpu/drm/amd/amdgpu/amdgpu.ko
 amdgpu/sienna_cichlid_vcn.bin kernel/drivers/gpu/drm/amd/amdgpu/amdgpu.ko
 amdgpu/smu_13_0_0.bin kernel/drivers/gpu/drm/amd/amdgpu/amdgpu.ko
-amdgpu/smu_13_0_10.bin kernel/drivers/gpu/drm/amd/amdgpu/amdgpu.ko
 amdgpu/smu_13_0_7.bin kernel/drivers/gpu/drm/amd/amdgpu/amdgpu.ko
 amdgpu/stoney_ce.bin kernel/drivers/gpu/drm/amd/amdgpu/amdgpu.ko
 amdgpu/stoney_me.bin kernel/drivers/gpu/drm/amd/amdgpu/amdgpu.ko
@@ -489,7 +460,6 @@ amdgpu/vangogh_toc.bin kernel/drivers/gpu/drm/amd/amdgpu/amdgpu.ko
 amdgpu/vangogh_vcn.bin kernel/drivers/gpu/drm/amd/amdgpu/amdgpu.ko
 amdgpu/vcn_3_1_2.bin kernel/drivers/gpu/drm/amd/amdgpu/amdgpu.ko
 amdgpu/vcn_4_0_0.bin kernel/drivers/gpu/drm/amd/amdgpu/amdgpu.ko
-amdgpu/vcn_4_0_2.bin kernel/drivers/gpu/drm/amd/amdgpu/amdgpu.ko
 amdgpu/vcn_4_0_4.bin kernel/drivers/gpu/drm/amd/amdgpu/amdgpu.ko
 amdgpu/vega10_acg_smc.bin kernel/drivers/gpu/drm/amd/amdgpu/amdgpu.ko
 amdgpu/vega10_asd.bin kernel/drivers/gpu/drm/amd/amdgpu/amdgpu.ko
@@ -654,6 +624,7 @@ atmel_at76c506.bin kernel/drivers/net/wireless/atmel/atmel.ko
 atmel_at76c506-wpa.bin kernel/drivers/net/wireless/atmel/atmel.ko
 atmel/wilc1000_wifi_firmware-1.bin kernel/drivers/net/wireless/microchip/wilc1000/wilc1000.ko
 atsc_denver.inp kernel/drivers/media/common/siano/smsmdtv.ko
+av7110/bootcode.bin kernel/drivers/staging/media/av7110/dvb-ttpci.ko
 b43legacy/ucode2.fw kernel/drivers/net/wireless/broadcom/b43legacy/b43legacy.ko
 b43legacy/ucode4.fw kernel/drivers/net/wireless/broadcom/b43legacy/b43legacy.ko
 b43/ucode11.fw kernel/drivers/net/wireless/broadcom/b43/b43.ko
@@ -689,12 +660,6 @@ bnx2x/bnx2x-e2-7.13.15.0.fw kernel/drivers/net/ethernet/broadcom/bnx2x/bnx2x.ko
 bnx2x/bnx2x-e2-7.13.21.0.fw kernel/drivers/net/ethernet/broadcom/bnx2x/bnx2x.ko
 brcm/bcm43xx-0.fw kernel/drivers/net/wireless/broadcom/brcm80211/brcmsmac/brcmsmac.ko
 brcm/bcm43xx_hdr-0.fw kernel/drivers/net/wireless/broadcom/brcm80211/brcmsmac/brcmsmac.ko
-brcm/brcmbt4377*.bin kernel/drivers/bluetooth/hci_bcm4377.ko
-brcm/brcmbt4377*.ptb kernel/drivers/bluetooth/hci_bcm4377.ko
-brcm/brcmbt4378*.bin kernel/drivers/bluetooth/hci_bcm4377.ko
-brcm/brcmbt4378*.ptb kernel/drivers/bluetooth/hci_bcm4377.ko
-brcm/brcmbt4387*.bin kernel/drivers/bluetooth/hci_bcm4377.ko
-brcm/brcmbt4387*.ptb kernel/drivers/bluetooth/hci_bcm4377.ko
 brcm/brcmfmac43012-sdio.bin kernel/drivers/net/wireless/broadcom/brcm80211/brcmfmac/brcmfmac.ko
 brcm/brcmfmac43012-sdio.clm_blob kernel/drivers/net/wireless/broadcom/brcm80211/brcmfmac/brcmfmac.ko
 brcm/brcmfmac43143.bin kernel/drivers/net/wireless/broadcom/brcm80211/brcmfmac/brcmfmac.ko
@@ -715,8 +680,6 @@ brcm/brcmfmac43430a0-sdio.bin kernel/drivers/net/wireless/broadcom/brcm80211/brc
 brcm/brcmfmac43430b0-sdio.bin kernel/drivers/net/wireless/broadcom/brcm80211/brcmfmac/brcmfmac.ko
 brcm/brcmfmac43430-sdio.bin kernel/drivers/net/wireless/broadcom/brcm80211/brcmfmac/brcmfmac.ko
 brcm/brcmfmac43430-sdio.clm_blob kernel/drivers/net/wireless/broadcom/brcm80211/brcmfmac/brcmfmac.ko
-brcm/brcmfmac43439-sdio.bin kernel/drivers/net/wireless/broadcom/brcm80211/brcmfmac/brcmfmac.ko
-brcm/brcmfmac43439-sdio.clm_blob kernel/drivers/net/wireless/broadcom/brcm80211/brcmfmac/brcmfmac.ko
 brcm/brcmfmac43455-sdio.bin kernel/drivers/net/wireless/broadcom/brcm80211/brcmfmac/brcmfmac.ko
 brcm/brcmfmac43455-sdio.clm_blob kernel/drivers/net/wireless/broadcom/brcm80211/brcmfmac/brcmfmac.ko
 brcm/brcmfmac43456-sdio.bin kernel/drivers/net/wireless/broadcom/brcm80211/brcmfmac/brcmfmac.ko
@@ -724,10 +687,6 @@ brcm/brcmfmac4350c2-pcie.bin kernel/drivers/net/wireless/broadcom/brcm80211/brcm
 brcm/brcmfmac4350-pcie.bin kernel/drivers/net/wireless/broadcom/brcm80211/brcmfmac/brcmfmac.ko
 brcm/brcmfmac4354-sdio.bin kernel/drivers/net/wireless/broadcom/brcm80211/brcmfmac/brcmfmac.ko
 brcm/brcmfmac4354-sdio.clm_blob kernel/drivers/net/wireless/broadcom/brcm80211/brcmfmac/brcmfmac.ko
-brcm/brcmfmac4355c1-pcie.bin kernel/drivers/net/wireless/broadcom/brcm80211/brcmfmac/brcmfmac.ko
-brcm/brcmfmac4355c1-pcie.clm_blob kernel/drivers/net/wireless/broadcom/brcm80211/brcmfmac/brcmfmac.ko
-brcm/brcmfmac4355-pcie.bin kernel/drivers/net/wireless/broadcom/brcm80211/brcmfmac/brcmfmac.ko
-brcm/brcmfmac4355-pcie.clm_blob kernel/drivers/net/wireless/broadcom/brcm80211/brcmfmac/brcmfmac.ko
 brcm/brcmfmac43569.bin kernel/drivers/net/wireless/broadcom/brcm80211/brcmfmac/brcmfmac.ko
 brcm/brcmfmac4356-pcie.bin kernel/drivers/net/wireless/broadcom/brcm80211/brcmfmac/brcmfmac.ko
 brcm/brcmfmac4356-pcie.clm_blob kernel/drivers/net/wireless/broadcom/brcm80211/brcmfmac/brcmfmac.ko
@@ -739,10 +698,7 @@ brcm/brcmfmac4358-pcie.bin kernel/drivers/net/wireless/broadcom/brcm80211/brcmfm
 brcm/brcmfmac4359-pcie.bin kernel/drivers/net/wireless/broadcom/brcm80211/brcmfmac/brcmfmac.ko
 brcm/brcmfmac4359-sdio.bin kernel/drivers/net/wireless/broadcom/brcm80211/brcmfmac/brcmfmac.ko
 brcm/brcmfmac43602-pcie.bin kernel/drivers/net/wireless/broadcom/brcm80211/brcmfmac/brcmfmac.ko
-brcm/brcmfmac4364b2-pcie.bin kernel/drivers/net/wireless/broadcom/brcm80211/brcmfmac/brcmfmac.ko
-brcm/brcmfmac4364b2-pcie.clm_blob kernel/drivers/net/wireless/broadcom/brcm80211/brcmfmac/brcmfmac.ko
-brcm/brcmfmac4364b3-pcie.bin kernel/drivers/net/wireless/broadcom/brcm80211/brcmfmac/brcmfmac.ko
-brcm/brcmfmac4364b3-pcie.clm_blob kernel/drivers/net/wireless/broadcom/brcm80211/brcmfmac/brcmfmac.ko
+brcm/brcmfmac4364-pcie.bin kernel/drivers/net/wireless/broadcom/brcm80211/brcmfmac/brcmfmac.ko
 brcm/brcmfmac4365b-pcie.bin kernel/drivers/net/wireless/broadcom/brcm80211/brcmfmac/brcmfmac.ko
 brcm/brcmfmac4365c-pcie.bin kernel/drivers/net/wireless/broadcom/brcm80211/brcmfmac/brcmfmac.ko
 brcm/brcmfmac4366b-pcie.bin kernel/drivers/net/wireless/broadcom/brcm80211/brcmfmac/brcmfmac.ko
@@ -753,12 +709,7 @@ brcm/brcmfmac4373-sdio.bin kernel/drivers/net/wireless/broadcom/brcm80211/brcmfm
 brcm/brcmfmac4373-sdio.clm_blob kernel/drivers/net/wireless/broadcom/brcm80211/brcmfmac/brcmfmac.ko
 brcm/brcmfmac43752-sdio.bin kernel/drivers/net/wireless/broadcom/brcm80211/brcmfmac/brcmfmac.ko
 brcm/brcmfmac43752-sdio.clm_blob kernel/drivers/net/wireless/broadcom/brcm80211/brcmfmac/brcmfmac.ko
-brcm/brcmfmac4377b3-pcie.bin kernel/drivers/net/wireless/broadcom/brcm80211/brcmfmac/brcmfmac.ko
-brcm/brcmfmac4377b3-pcie.clm_blob kernel/drivers/net/wireless/broadcom/brcm80211/brcmfmac/brcmfmac.ko
-brcm/brcmfmac4378b1-pcie.bin kernel/drivers/net/wireless/broadcom/brcm80211/brcmfmac/brcmfmac.ko
-brcm/brcmfmac4378b1-pcie.clm_blob kernel/drivers/net/wireless/broadcom/brcm80211/brcmfmac/brcmfmac.ko
 brcm/brcmfmac*-pcie.*.bin kernel/drivers/net/wireless/broadcom/brcm80211/brcmfmac/brcmfmac.ko
-brcm/brcmfmac*-pcie.*.clm_blob kernel/drivers/net/wireless/broadcom/brcm80211/brcmfmac/brcmfmac.ko
 brcm/brcmfmac*-pcie.*.txt kernel/drivers/net/wireless/broadcom/brcm80211/brcmfmac/brcmfmac.ko
 brcm/brcmfmac*-pcie.txt kernel/drivers/net/wireless/broadcom/brcm80211/brcmfmac/brcmfmac.ko
 brcm/brcmfmac*-sdio.*.bin kernel/drivers/net/wireless/broadcom/brcm80211/brcmfmac/brcmfmac.ko
@@ -792,6 +743,7 @@ cmmb_vega_12mhz.inp kernel/drivers/media/common/siano/smsmdtv.ko
 cmmb_venice_12mhz.inp kernel/drivers/media/common/siano/smsmdtv.ko
 comedi/jr3pci.idm kernel/drivers/comedi/drivers/jr3_pci.ko
 cp204unx.cod kernel/drivers/tty/moxa.ko
+cpia2/stv0672_vp4.bin kernel/drivers/media/usb/cpia2/cpia2.ko
 cs46xx/cwc4630 kernel/sound/pci/cs46xx/snd-cs46xx.ko
 cs46xx/cwcasync kernel/sound/pci/cs46xx/snd-cs46xx.ko
 cs46xx/cwcbinhack kernel/sound/pci/cs46xx/snd-cs46xx.ko
@@ -964,7 +916,6 @@ hfi1_sbus.fw kernel/drivers/infiniband/hw/hfi1/hfi1.ko
 i915/adlp_dmc_ver2_16.bin kernel/drivers/gpu/drm/i915/i915.ko
 i915/adlp_guc_69.0.3.bin kernel/drivers/gpu/drm/i915/i915.ko
 i915/adlp_guc_70.1.1.bin kernel/drivers/gpu/drm/i915/i915.ko
-i915/adlp_guc_70.bin kernel/drivers/gpu/drm/i915/i915.ko
 i915/adls_dmc_ver2_01.bin kernel/drivers/gpu/drm/i915/i915.ko
 i915/bxt_dmc_ver1_07.bin kernel/drivers/gpu/drm/i915/i915.ko
 i915/bxt_guc_70.1.1.bin kernel/drivers/gpu/drm/i915/i915.ko
@@ -972,11 +923,9 @@ i915/bxt_huc_2.0.0.bin kernel/drivers/gpu/drm/i915/i915.ko
 i915/cml_guc_70.1.1.bin kernel/drivers/gpu/drm/i915/i915.ko
 i915/cml_huc_4.0.0.bin kernel/drivers/gpu/drm/i915/i915.ko
 i915/dg1_dmc_ver2_02.bin kernel/drivers/gpu/drm/i915/i915.ko
-i915/dg1_guc_70.bin kernel/drivers/gpu/drm/i915/i915.ko
-i915/dg1_huc.bin kernel/drivers/gpu/drm/i915/i915.ko
-i915/dg2_dmc_ver2_08.bin kernel/drivers/gpu/drm/i915/i915.ko
-i915/dg2_guc_70.bin kernel/drivers/gpu/drm/i915/i915.ko
-i915/dg2_huc_gsc.bin kernel/drivers/gpu/drm/i915/i915.ko
+i915/dg1_guc_70.1.1.bin kernel/drivers/gpu/drm/i915/i915.ko
+i915/dg1_huc_7.9.3.bin kernel/drivers/gpu/drm/i915/i915.ko
+i915/dg2_guc_70.1.2.bin kernel/drivers/gpu/drm/i915/i915.ko
 i915/ehl_guc_70.1.1.bin kernel/drivers/gpu/drm/i915/i915.ko
 i915/ehl_huc_9.0.0.bin kernel/drivers/gpu/drm/i915/i915.ko
 i915/glk_dmc_ver1_04.bin kernel/drivers/gpu/drm/i915/i915.ko
@@ -995,9 +944,7 @@ i915/skl_huc_2.0.0.bin kernel/drivers/gpu/drm/i915/i915.ko
 i915/tgl_dmc_ver2_12.bin kernel/drivers/gpu/drm/i915/i915.ko
 i915/tgl_guc_69.0.3.bin kernel/drivers/gpu/drm/i915/i915.ko
 i915/tgl_guc_70.1.1.bin kernel/drivers/gpu/drm/i915/i915.ko
-i915/tgl_guc_70.bin kernel/drivers/gpu/drm/i915/i915.ko
 i915/tgl_huc_7.9.3.bin kernel/drivers/gpu/drm/i915/i915.ko
-i915/tgl_huc.bin kernel/drivers/gpu/drm/i915/i915.ko
 idt82p33xxx.bin kernel/drivers/ptp/ptp_idt82p33.ko
 ifpp.bin kernel/drivers/crypto/inside-secure/crypto_safexcel.ko
 inside-secure/eip197b/ifpp.bin kernel/drivers/crypto/inside-secure/crypto_safexcel.ko
@@ -1051,7 +998,6 @@ iwlwifi-8000C-36.ucode kernel/drivers/net/wireless/intel/iwlwifi/iwlwifi.ko
 iwlwifi-8265-36.ucode kernel/drivers/net/wireless/intel/iwlwifi/iwlwifi.ko
 iwlwifi-9000-pu-b0-jf-b0-46.ucode kernel/drivers/net/wireless/intel/iwlwifi/iwlwifi.ko
 iwlwifi-9260-th-b0-jf-b0-46.ucode kernel/drivers/net/wireless/intel/iwlwifi/iwlwifi.ko
-iwlwifi-bz-a0-fm4-a0-72.ucode kernel/drivers/net/wireless/intel/iwlwifi/iwlwifi.ko
 iwlwifi-bz-a0-fm-a0-72.ucode kernel/drivers/net/wireless/intel/iwlwifi/iwlwifi.ko
 iwlwifi-bz-a0-gf4-a0-72.ucode kernel/drivers/net/wireless/intel/iwlwifi/iwlwifi.ko
 iwlwifi-bz-a0-gf-a0-72.ucode kernel/drivers/net/wireless/intel/iwlwifi/iwlwifi.ko
@@ -1062,10 +1008,8 @@ iwlwifi-BzBnj-a0-fm-a0-72.ucode kernel/drivers/net/wireless/intel/iwlwifi/iwlwif
 iwlwifi-BzBnj-a0-gf4-a0-72.ucode kernel/drivers/net/wireless/intel/iwlwifi/iwlwifi.ko
 iwlwifi-BzBnj-a0-gf-a0-72.ucode kernel/drivers/net/wireless/intel/iwlwifi/iwlwifi.ko
 iwlwifi-BzBnj-a0-hr-b0-72.ucode kernel/drivers/net/wireless/intel/iwlwifi/iwlwifi.ko
-iwlwifi-BzBnj-b0-fm-b0-72.ucode kernel/drivers/net/wireless/intel/iwlwifi/iwlwifi.ko
 iwlwifi-cc-a0-72.ucode kernel/drivers/net/wireless/intel/iwlwifi/iwlwifi.ko
 iwlwifi-gl-a0-fm-a0-72.ucode kernel/drivers/net/wireless/intel/iwlwifi/iwlwifi.ko
-iwlwifi-gl-b0-fm-b0-72.ucode kernel/drivers/net/wireless/intel/iwlwifi/iwlwifi.ko
 iwlwifi-ma-a0-fm-a0-72.ucode kernel/drivers/net/wireless/intel/iwlwifi/iwlwifi.ko
 iwlwifi-ma-a0-gf4-a0-72.ucode kernel/drivers/net/wireless/intel/iwlwifi/iwlwifi.ko
 iwlwifi-ma-a0-gf-a0-72.ucode kernel/drivers/net/wireless/intel/iwlwifi/iwlwifi.ko
@@ -1179,9 +1123,6 @@ mediatek/mt7915_wm.bin kernel/drivers/net/wireless/mediatek/mt76/mt7915/mt7915e.
 mediatek/mt7916_rom_patch.bin kernel/drivers/net/wireless/mediatek/mt76/mt7915/mt7915e.ko
 mediatek/mt7916_wa.bin kernel/drivers/net/wireless/mediatek/mt76/mt7915/mt7915e.ko
 mediatek/mt7916_wm.bin kernel/drivers/net/wireless/mediatek/mt76/mt7915/mt7915e.ko
-mediatek/mt7996/mt7996_rom_patch.bin kernel/drivers/net/wireless/mediatek/mt76/mt7996/mt7996e.ko
-mediatek/mt7996/mt7996_wa.bin kernel/drivers/net/wireless/mediatek/mt76/mt7996/mt7996e.ko
-mediatek/mt7996/mt7996_wm.bin kernel/drivers/net/wireless/mediatek/mt76/mt7996/mt7996e.ko
 mediatek/WIFI_MT7922_patch_mcu_1_1_hdr.bin kernel/drivers/net/wireless/mediatek/mt76/mt7921/mt7921e.ko
 mediatek/WIFI_MT7961_patch_mcu_1_2_hdr.bin kernel/drivers/net/wireless/mediatek/mt76/mt7921/mt7921e.ko
 mediatek/WIFI_MT7961_patch_mcu_1_2_hdr.bin kernel/drivers/net/wireless/mediatek/mt76/mt7921/mt7921s.ko
@@ -1267,71 +1208,6 @@ netronome/nic_AMDA0099-0001_2x25.nffw kernel/drivers/net/ethernet/netronome/nfp/
 ni6534a.bin kernel/drivers/comedi/drivers/ni_pcidio.ko
 niscrb01.bin kernel/drivers/comedi/drivers/ni_pcidio.ko
 niscrb02.bin kernel/drivers/comedi/drivers/ni_pcidio.ko
-nvidia/ga102/acr/ucode_ahesasc.bin kernel/drivers/gpu/drm/nouveau/nouveau.ko
-nvidia/ga102/acr/ucode_asb.bin kernel/drivers/gpu/drm/nouveau/nouveau.ko
-nvidia/ga102/acr/ucode_unload.bin kernel/drivers/gpu/drm/nouveau/nouveau.ko
-nvidia/ga102/gr/fecs_bl.bin kernel/drivers/gpu/drm/nouveau/nouveau.ko
-nvidia/ga102/gr/fecs_sig.bin kernel/drivers/gpu/drm/nouveau/nouveau.ko
-nvidia/ga102/gr/gpccs_bl.bin kernel/drivers/gpu/drm/nouveau/nouveau.ko
-nvidia/ga102/gr/gpccs_sig.bin kernel/drivers/gpu/drm/nouveau/nouveau.ko
-nvidia/ga102/gr/NET_img.bin kernel/drivers/gpu/drm/nouveau/nouveau.ko
-nvidia/ga102/nvdec/scrubber.bin kernel/drivers/gpu/drm/nouveau/nouveau.ko
-nvidia/ga102/sec2/desc.bin kernel/drivers/gpu/drm/nouveau/nouveau.ko
-nvidia/ga102/sec2/hs_bl_sig.bin kernel/drivers/gpu/drm/nouveau/nouveau.ko
-nvidia/ga102/sec2/image.bin kernel/drivers/gpu/drm/nouveau/nouveau.ko
-nvidia/ga102/sec2/sig.bin kernel/drivers/gpu/drm/nouveau/nouveau.ko
-nvidia/ga103/acr/ucode_ahesasc.bin kernel/drivers/gpu/drm/nouveau/nouveau.ko
-nvidia/ga103/acr/ucode_asb.bin kernel/drivers/gpu/drm/nouveau/nouveau.ko
-nvidia/ga103/acr/ucode_unload.bin kernel/drivers/gpu/drm/nouveau/nouveau.ko
-nvidia/ga103/gr/fecs_bl.bin kernel/drivers/gpu/drm/nouveau/nouveau.ko
-nvidia/ga103/gr/fecs_sig.bin kernel/drivers/gpu/drm/nouveau/nouveau.ko
-nvidia/ga103/gr/gpccs_bl.bin kernel/drivers/gpu/drm/nouveau/nouveau.ko
-nvidia/ga103/gr/gpccs_sig.bin kernel/drivers/gpu/drm/nouveau/nouveau.ko
-nvidia/ga103/gr/NET_img.bin kernel/drivers/gpu/drm/nouveau/nouveau.ko
-nvidia/ga103/nvdec/scrubber.bin kernel/drivers/gpu/drm/nouveau/nouveau.ko
-nvidia/ga103/sec2/desc.bin kernel/drivers/gpu/drm/nouveau/nouveau.ko
-nvidia/ga103/sec2/hs_bl_sig.bin kernel/drivers/gpu/drm/nouveau/nouveau.ko
-nvidia/ga103/sec2/image.bin kernel/drivers/gpu/drm/nouveau/nouveau.ko
-nvidia/ga103/sec2/sig.bin kernel/drivers/gpu/drm/nouveau/nouveau.ko
-nvidia/ga104/acr/ucode_ahesasc.bin kernel/drivers/gpu/drm/nouveau/nouveau.ko
-nvidia/ga104/acr/ucode_asb.bin kernel/drivers/gpu/drm/nouveau/nouveau.ko
-nvidia/ga104/acr/ucode_unload.bin kernel/drivers/gpu/drm/nouveau/nouveau.ko
-nvidia/ga104/gr/fecs_bl.bin kernel/drivers/gpu/drm/nouveau/nouveau.ko
-nvidia/ga104/gr/fecs_sig.bin kernel/drivers/gpu/drm/nouveau/nouveau.ko
-nvidia/ga104/gr/gpccs_bl.bin kernel/drivers/gpu/drm/nouveau/nouveau.ko
-nvidia/ga104/gr/gpccs_sig.bin kernel/drivers/gpu/drm/nouveau/nouveau.ko
-nvidia/ga104/gr/NET_img.bin kernel/drivers/gpu/drm/nouveau/nouveau.ko
-nvidia/ga104/nvdec/scrubber.bin kernel/drivers/gpu/drm/nouveau/nouveau.ko
-nvidia/ga104/sec2/desc.bin kernel/drivers/gpu/drm/nouveau/nouveau.ko
-nvidia/ga104/sec2/hs_bl_sig.bin kernel/drivers/gpu/drm/nouveau/nouveau.ko
-nvidia/ga104/sec2/image.bin kernel/drivers/gpu/drm/nouveau/nouveau.ko
-nvidia/ga104/sec2/sig.bin kernel/drivers/gpu/drm/nouveau/nouveau.ko
-nvidia/ga106/acr/ucode_ahesasc.bin kernel/drivers/gpu/drm/nouveau/nouveau.ko
-nvidia/ga106/acr/ucode_asb.bin kernel/drivers/gpu/drm/nouveau/nouveau.ko
-nvidia/ga106/acr/ucode_unload.bin kernel/drivers/gpu/drm/nouveau/nouveau.ko
-nvidia/ga106/gr/fecs_bl.bin kernel/drivers/gpu/drm/nouveau/nouveau.ko
-nvidia/ga106/gr/fecs_sig.bin kernel/drivers/gpu/drm/nouveau/nouveau.ko
-nvidia/ga106/gr/gpccs_bl.bin kernel/drivers/gpu/drm/nouveau/nouveau.ko
-nvidia/ga106/gr/gpccs_sig.bin kernel/drivers/gpu/drm/nouveau/nouveau.ko
-nvidia/ga106/gr/NET_img.bin kernel/drivers/gpu/drm/nouveau/nouveau.ko
-nvidia/ga106/nvdec/scrubber.bin kernel/drivers/gpu/drm/nouveau/nouveau.ko
-nvidia/ga106/sec2/desc.bin kernel/drivers/gpu/drm/nouveau/nouveau.ko
-nvidia/ga106/sec2/hs_bl_sig.bin kernel/drivers/gpu/drm/nouveau/nouveau.ko
-nvidia/ga106/sec2/image.bin kernel/drivers/gpu/drm/nouveau/nouveau.ko
-nvidia/ga106/sec2/sig.bin kernel/drivers/gpu/drm/nouveau/nouveau.ko
-nvidia/ga107/acr/ucode_ahesasc.bin kernel/drivers/gpu/drm/nouveau/nouveau.ko
-nvidia/ga107/acr/ucode_asb.bin kernel/drivers/gpu/drm/nouveau/nouveau.ko
-nvidia/ga107/acr/ucode_unload.bin kernel/drivers/gpu/drm/nouveau/nouveau.ko
-nvidia/ga107/gr/fecs_bl.bin kernel/drivers/gpu/drm/nouveau/nouveau.ko
-nvidia/ga107/gr/fecs_sig.bin kernel/drivers/gpu/drm/nouveau/nouveau.ko
-nvidia/ga107/gr/gpccs_bl.bin kernel/drivers/gpu/drm/nouveau/nouveau.ko
-nvidia/ga107/gr/gpccs_sig.bin kernel/drivers/gpu/drm/nouveau/nouveau.ko
-nvidia/ga107/gr/NET_img.bin kernel/drivers/gpu/drm/nouveau/nouveau.ko
-nvidia/ga107/nvdec/scrubber.bin kernel/drivers/gpu/drm/nouveau/nouveau.ko
-nvidia/ga107/sec2/desc.bin kernel/drivers/gpu/drm/nouveau/nouveau.ko
-nvidia/ga107/sec2/hs_bl_sig.bin kernel/drivers/gpu/drm/nouveau/nouveau.ko
-nvidia/ga107/sec2/image.bin kernel/drivers/gpu/drm/nouveau/nouveau.ko
-nvidia/ga107/sec2/sig.bin kernel/drivers/gpu/drm/nouveau/nouveau.ko
 nvidia/gm200/acr/bl.bin kernel/drivers/gpu/drm/nouveau/nouveau.ko
 nvidia/gm200/acr/ucode_load.bin kernel/drivers/gpu/drm/nouveau/nouveau.ko
 nvidia/gm200/acr/ucode_unload.bin kernel/drivers/gpu/drm/nouveau/nouveau.ko
@@ -1541,7 +1417,6 @@ nvidia/tu102/gr/sw_bundle_init.bin kernel/drivers/gpu/drm/nouveau/nouveau.ko
 nvidia/tu102/gr/sw_ctx.bin kernel/drivers/gpu/drm/nouveau/nouveau.ko
 nvidia/tu102/gr/sw_method_init.bin kernel/drivers/gpu/drm/nouveau/nouveau.ko
 nvidia/tu102/gr/sw_nonctx.bin kernel/drivers/gpu/drm/nouveau/nouveau.ko
-nvidia/tu102/gr/sw_veid_bundle_init.bin kernel/drivers/gpu/drm/nouveau/nouveau.ko
 nvidia/tu102/nvdec/scrubber.bin kernel/drivers/gpu/drm/nouveau/nouveau.ko
 nvidia/tu102/sec2/desc.bin kernel/drivers/gpu/drm/nouveau/nouveau.ko
 nvidia/tu102/sec2/image.bin kernel/drivers/gpu/drm/nouveau/nouveau.ko
@@ -1563,7 +1438,6 @@ nvidia/tu104/gr/sw_bundle_init.bin kernel/drivers/gpu/drm/nouveau/nouveau.ko
 nvidia/tu104/gr/sw_ctx.bin kernel/drivers/gpu/drm/nouveau/nouveau.ko
 nvidia/tu104/gr/sw_method_init.bin kernel/drivers/gpu/drm/nouveau/nouveau.ko
 nvidia/tu104/gr/sw_nonctx.bin kernel/drivers/gpu/drm/nouveau/nouveau.ko
-nvidia/tu104/gr/sw_veid_bundle_init.bin kernel/drivers/gpu/drm/nouveau/nouveau.ko
 nvidia/tu104/nvdec/scrubber.bin kernel/drivers/gpu/drm/nouveau/nouveau.ko
 nvidia/tu104/sec2/desc.bin kernel/drivers/gpu/drm/nouveau/nouveau.ko
 nvidia/tu104/sec2/image.bin kernel/drivers/gpu/drm/nouveau/nouveau.ko
@@ -1585,7 +1459,6 @@ nvidia/tu106/gr/sw_bundle_init.bin kernel/drivers/gpu/drm/nouveau/nouveau.ko
 nvidia/tu106/gr/sw_ctx.bin kernel/drivers/gpu/drm/nouveau/nouveau.ko
 nvidia/tu106/gr/sw_method_init.bin kernel/drivers/gpu/drm/nouveau/nouveau.ko
 nvidia/tu106/gr/sw_nonctx.bin kernel/drivers/gpu/drm/nouveau/nouveau.ko
-nvidia/tu106/gr/sw_veid_bundle_init.bin kernel/drivers/gpu/drm/nouveau/nouveau.ko
 nvidia/tu106/nvdec/scrubber.bin kernel/drivers/gpu/drm/nouveau/nouveau.ko
 nvidia/tu106/sec2/desc.bin kernel/drivers/gpu/drm/nouveau/nouveau.ko
 nvidia/tu106/sec2/image.bin kernel/drivers/gpu/drm/nouveau/nouveau.ko
@@ -1607,7 +1480,6 @@ nvidia/tu116/gr/sw_bundle_init.bin kernel/drivers/gpu/drm/nouveau/nouveau.ko
 nvidia/tu116/gr/sw_ctx.bin kernel/drivers/gpu/drm/nouveau/nouveau.ko
 nvidia/tu116/gr/sw_method_init.bin kernel/drivers/gpu/drm/nouveau/nouveau.ko
 nvidia/tu116/gr/sw_nonctx.bin kernel/drivers/gpu/drm/nouveau/nouveau.ko
-nvidia/tu116/gr/sw_veid_bundle_init.bin kernel/drivers/gpu/drm/nouveau/nouveau.ko
 nvidia/tu116/nvdec/scrubber.bin kernel/drivers/gpu/drm/nouveau/nouveau.ko
 nvidia/tu116/sec2/desc.bin kernel/drivers/gpu/drm/nouveau/nouveau.ko
 nvidia/tu116/sec2/image.bin kernel/drivers/gpu/drm/nouveau/nouveau.ko
@@ -1629,7 +1501,6 @@ nvidia/tu117/gr/sw_bundle_init.bin kernel/drivers/gpu/drm/nouveau/nouveau.ko
 nvidia/tu117/gr/sw_ctx.bin kernel/drivers/gpu/drm/nouveau/nouveau.ko
 nvidia/tu117/gr/sw_method_init.bin kernel/drivers/gpu/drm/nouveau/nouveau.ko
 nvidia/tu117/gr/sw_nonctx.bin kernel/drivers/gpu/drm/nouveau/nouveau.ko
-nvidia/tu117/gr/sw_veid_bundle_init.bin kernel/drivers/gpu/drm/nouveau/nouveau.ko
 nvidia/tu117/nvdec/scrubber.bin kernel/drivers/gpu/drm/nouveau/nouveau.ko
 nvidia/tu117/sec2/desc.bin kernel/drivers/gpu/drm/nouveau/nouveau.ko
 nvidia/tu117/sec2/image.bin kernel/drivers/gpu/drm/nouveau/nouveau.ko
@@ -1953,6 +1824,7 @@ rtl_bt/rtl8852cu_fw.bin kernel/drivers/bluetooth/btrtl.ko
 rtl_nic/rtl8105e-1.fw kernel/drivers/net/ethernet/realtek/r8169.ko
 rtl_nic/rtl8106e-1.fw kernel/drivers/net/ethernet/realtek/r8169.ko
 rtl_nic/rtl8106e-2.fw kernel/drivers/net/ethernet/realtek/r8169.ko
+rtl_nic/rtl8107e-1.fw kernel/drivers/net/ethernet/realtek/r8169.ko
 rtl_nic/rtl8107e-2.fw kernel/drivers/net/ethernet/realtek/r8169.ko
 rtl_nic/rtl8125a-3.fw kernel/drivers/net/ethernet/realtek/r8169.ko
 rtl_nic/rtl8125b-2.fw kernel/drivers/net/ethernet/realtek/r8169.ko
@@ -1973,13 +1845,13 @@ rtl_nic/rtl8168f-2.fw kernel/drivers/net/ethernet/realtek/r8169.ko
 rtl_nic/rtl8168fp-3.fw kernel/drivers/net/ethernet/realtek/r8169.ko
 rtl_nic/rtl8168g-2.fw kernel/drivers/net/ethernet/realtek/r8169.ko
 rtl_nic/rtl8168g-3.fw kernel/drivers/net/ethernet/realtek/r8169.ko
+rtl_nic/rtl8168h-1.fw kernel/drivers/net/ethernet/realtek/r8169.ko
 rtl_nic/rtl8168h-2.fw kernel/drivers/net/ethernet/realtek/r8169.ko
 rtl_nic/rtl8402-1.fw kernel/drivers/net/ethernet/realtek/r8169.ko
 rtl_nic/rtl8411-1.fw kernel/drivers/net/ethernet/realtek/r8169.ko
 rtl_nic/rtl8411-2.fw kernel/drivers/net/ethernet/realtek/r8169.ko
 rtlwifi/rtl8188efw.bin kernel/drivers/net/wireless/realtek/rtlwifi/rtl8188ee/rtl8188ee.ko
 rtlwifi/rtl8188eufw.bin kernel/drivers/staging/r8188eu/r8188eu.ko
-rtlwifi/rtl8188fufw.bin kernel/drivers/net/wireless/realtek/rtl8xxxu/rtl8xxxu.ko
 rtlwifi/rtl8192cfw.bin kernel/drivers/net/wireless/realtek/rtlwifi/rtl8192ce/rtl8192ce.ko
 rtlwifi/rtl8192cfwU_B.bin kernel/drivers/net/wireless/realtek/rtlwifi/rtl8192ce/rtl8192ce.ko
 rtlwifi/rtl8192cfwU.bin kernel/drivers/net/wireless/realtek/rtlwifi/rtl8192ce/rtl8192ce.ko
@@ -2011,8 +1883,8 @@ rtw88/rtw8822b_fw.bin kernel/drivers/net/wireless/realtek/rtw88/rtw88_8822b.ko
 rtw88/rtw8822c_fw.bin kernel/drivers/net/wireless/realtek/rtw88/rtw88_8822c.ko
 rtw88/rtw8822c_wow_fw.bin kernel/drivers/net/wireless/realtek/rtw88/rtw88_8822c.ko
 rtw89/rtw8852a_fw.bin kernel/drivers/net/wireless/realtek/rtw89/rtw89_8852a.ko
-rtw89/rtw8852b_fw.bin kernel/drivers/net/wireless/realtek/rtw89/rtw89_8852b.ko
 rtw89/rtw8852c_fw.bin kernel/drivers/net/wireless/realtek/rtw89/rtw89_8852c.ko
+s5k4ecgx.bin kernel/drivers/media/i2c/s5k4ecgx.ko
 sd8385.bin kernel/drivers/net/wireless/marvell/libertas/libertas_sdio.ko
 sd8385_helper.bin kernel/drivers/net/wireless/marvell/libertas/libertas_sdio.ko
 sd8686.bin kernel/drivers/net/wireless/marvell/libertas/libertas_sdio.ko
@@ -2110,6 +1982,8 @@ vx/bd563s3.boot kernel/sound/drivers/vx/snd-vx-lib.ko
 vx/bd563v2.boot kernel/sound/drivers/vx/snd-vx-lib.ko
 vx/bx_1_vp4.b56 kernel/sound/drivers/vx/snd-vx-lib.ko
 vx/bx_1_vxp.b56 kernel/sound/drivers/vx/snd-vx-lib.ko
+vxge/X3fw.ncf kernel/drivers/net/ethernet/neterion/vxge/vxge.ko
+vxge/X3fw-pxe.ncf kernel/drivers/net/ethernet/neterion/vxge/vxge.ko
 vx/l_1_v22.d56 kernel/sound/drivers/vx/snd-vx-lib.ko
 vx/l_1_vp4.d56 kernel/sound/drivers/vx/snd-vx-lib.ko
 vx/l_1_vx2.d56 kernel/sound/drivers/vx/snd-vx-lib.ko
@@ -17,19 +17,28 @@ $KBUILD_BUILD_TIMESTAMP.
 Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
 Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
 ---
- init/Makefile | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
+ scripts/mkcompile_h | 10 +++++++---
+ 1 file changed, 7 insertions(+), 3 deletions(-)

-diff --git a/init/Makefile b/init/Makefile
-index 26de459006c4..3157d9c79901 100644
--- a/init/Makefile
-+++ b/init/Makefile
-@@ -29,7 +29,7 @@ preempt-flag-$(CONFIG_PREEMPT_DYNAMIC)	:= PREEMPT_DYNAMIC
- preempt-flag-$(CONFIG_PREEMPT_RT)	:= PREEMPT_RT
+diff --git a/scripts/mkcompile_h b/scripts/mkcompile_h
+index ca40a5258c87..6ae930a732f0 100755
+--- a/scripts/mkcompile_h
+++ b/scripts/mkcompile_h
+@@ -23,10 +23,14 @@ else
+ 	VERSION=$KBUILD_BUILD_VERSION
+ fi
 
- build-version = $(or $(KBUILD_BUILD_VERSION), $(build-version-auto))
-build-timestamp = $(or $(KBUILD_BUILD_TIMESTAMP), $(build-timestamp-auto))
-+build-timestamp = $(or $(KBUILD_BUILD_VERSION_TIMESTAMP), $(KBUILD_BUILD_TIMESTAMP), $(build-timestamp-auto))
- 
- # Maximum length of UTS_VERSION is 64 chars
- filechk_uts_version = \
+-if [ -z "$KBUILD_BUILD_TIMESTAMP" ]; then
+-	TIMESTAMP=`date`
+if [ -z "$KBUILD_BUILD_VERSION_TIMESTAMP" ]; then
+	if [ -z "$KBUILD_BUILD_TIMESTAMP" ]; then
+		TIMESTAMP=`date`
+	else
+		TIMESTAMP=$KBUILD_BUILD_TIMESTAMP
+	fi
+ else
+-	TIMESTAMP=$KBUILD_BUILD_TIMESTAMP
+	TIMESTAMP=$KBUILD_BUILD_VERSION_TIMESTAMP
+ fi
+ if test -z "$KBUILD_BUILD_USER"; then
+ 	LINUX_COMPILE_BY=$(whoami | sed 's/\\/\\\\/')
@@ -55,10 +55,10 @@ Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
 2 files changed, 111 insertions(+)

 diff --git a/Documentation/admin-guide/kernel-parameters.txt b/Documentation/admin-guide/kernel-parameters.txt
-index 2e77ecc12692..eae6fdc4c683 100644
+index 364f1d6f4be4..02df36670b1f 100644
 --- a/Documentation/admin-guide/kernel-parameters.txt
 +++ b/Documentation/admin-guide/kernel-parameters.txt
-@@ -4188,6 +4188,15 @@
+@@ -4098,6 +4098,15 @@
 				Also, it enforces the PCI Local Bus spec
 				rule that those bits should be 0 in system reset
 				events (useful for kexec/kdump cases).
@@ -75,7 +75,7 @@ index 2e77ecc12692..eae6fdc4c683 100644
 				Safety option to keep boot IRQs enabled. This
 				should never be necessary.
 diff --git a/drivers/pci/quirks.c b/drivers/pci/quirks.c
-index 267e6002e29f..fac76ca1d16a 100644
+index acf45f1f7264..7ab01acebf99 100644
 --- a/drivers/pci/quirks.c
 +++ b/drivers/pci/quirks.c
@@ -194,6 +194,106 @@ static int __init pci_apply_final_quirks(void)
@@ -185,7 +185,7 @@ index 267e6002e29f..fac76ca1d16a 100644
 /*
  * Decoding should be disabled for a PCI device during BAR sizing to avoid
  * conflict. But doing so may cause problems on host bridge and perhaps other
-@@ -4959,6 +5059,8 @@ static const struct pci_dev_acs_enabled {
+@@ -4928,6 +5028,8 @@ static const struct pci_dev_acs_enabled {
 	{ PCI_VENDOR_ID_CAVIUM, 0xA060, pci_quirk_mf_endpoint_acs },
 	/* APM X-Gene */
 	{ PCI_VENDOR_ID_AMCC, 0xE004, pci_quirk_xgene_acs },
@@ -13,7 +13,7 @@ Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
 1 file changed, 1 insertion(+), 1 deletion(-)

 diff --git a/virt/kvm/kvm_main.c b/virt/kvm/kvm_main.c
-index 07aae60288f9..949b7204cf52 100644
+index 27712d129f61..b609a08f1f52 100644
 --- a/virt/kvm/kvm_main.c
 +++ b/virt/kvm/kvm_main.c
@@ -79,7 +79,7 @@ module_param(halt_poll_ns, uint, 0644);
@@ -3,21 +3,17 @@ From: Thomas Lamprecht <t.lamprecht@proxmox.com>
 Date: Wed, 7 Oct 2020 17:18:28 +0200
 Subject: [PATCH] net: core: downgrade unregister_netdevice refcount leak from
 emergency to error
-MIME-Version: 1.0
-Content-Type: text/plain; charset=UTF-8
-Content-Transfer-Encoding: 8bit

 Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
-Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
 ---
 net/core/dev.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

 diff --git a/net/core/dev.c b/net/core/dev.c
-index fce980d531bd..5079a3851798 100644
+index 887e44dc2f2e..08578ddbb60e 100644
 --- a/net/core/dev.c
 +++ b/net/core/dev.c
-@@ -10257,7 +10257,7 @@ static struct net_device *netdev_wait_allrefs_any(struct list_head *list)
+@@ -10272,7 +10272,7 @@ static struct net_device *netdev_wait_allrefs_any(struct list_head *list)
 		if (time_after(jiffies, warning_time +
 			       READ_ONCE(netdev_unregister_timeout_secs) * HZ)) {
 			list_for_each_entry(dev, list, todo_list) {
@@ -0,0 +1,28 @@
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Fabian=20Gr=C3=BCnbichler?= <f.gruenbichler@proxmox.com>
+Date: Thu, 14 Sep 2017 11:09:58 +0200
+Subject: [PATCH] do not generate split BTF type info per default
+
+This reverts commit a8ed1a0607cfa5478ff6009539f44790c4d0956d.
+
+It breaks ZFS sometimes:
+https://github.com/openzfs/zfs/issues/12301#issuecomment-873303739
+
+Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
+---
+ lib/Kconfig.debug | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/lib/Kconfig.debug b/lib/Kconfig.debug
+index 8c31c98f0bfc..470b78cd0134 100644
+--- a/lib/Kconfig.debug
+++ b/lib/Kconfig.debug
+@@ -365,7 +365,7 @@ config PAHOLE_HAS_BTF_TAG
+ 	  these attributes, so make the config depend on CC_IS_CLANG.
+ 
+ config DEBUG_INFO_BTF_MODULES
+-	def_bool y
+	def_bool n
+ 	depends on DEBUG_INFO_BTF && MODULES && PAHOLE_HAS_SPLIT_BTF
+ 	help
+ 	  Generate compact split BTF type information for kernel modules.
@@ -1,72 +0,0 @@
-From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
-From: Thomas Lamprecht <t.lamprecht@proxmox.com>
-Date: Sat, 7 Jan 2023 13:48:41 +0100
-Subject: [PATCH] Revert "RDMA/irdma: Report the correct link speed"
-MIME-Version: 1.0
-Content-Type: text/plain; charset=UTF-8
-Content-Transfer-Encoding: 8bit
-
-seem to cause a regression with some NICs:
-https://lore.kernel.org/netdev/CAK8fFZ6A_Gphw_3-QMGKEFQk=sfCw1Qmq0TVZK3rtAi7vb621A@mail.gmail.com/
-
-This reverts commit e8553504e366c8a47d1f6156c30d6eb9778cda13.
-
-Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
-Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
---
- drivers/infiniband/hw/irdma/verbs.c | 35 ++++++++++++++++++++++++++---
- 1 file changed, 32 insertions(+), 3 deletions(-)
-
-diff --git a/drivers/infiniband/hw/irdma/verbs.c b/drivers/infiniband/hw/irdma/verbs.c
-index f6973ea55eda..132fe91bb799 100644
--- a/drivers/infiniband/hw/irdma/verbs.c
-+++ b/drivers/infiniband/hw/irdma/verbs.c
-@@ -63,6 +63,36 @@ static int irdma_query_device(struct ib_device *ibdev,
- 	return 0;
- }
- 
-+/**
-+ * irdma_get_eth_speed_and_width - Get IB port speed and width from netdev speed
-+ * @link_speed: netdev phy link speed
-+ * @active_speed: IB port speed
-+ * @active_width: IB port width
-+ */
-+static void irdma_get_eth_speed_and_width(u32 link_speed, u16 *active_speed,
-+					  u8 *active_width)
-+{
-+	if (link_speed <= SPEED_1000) {
-+		*active_width = IB_WIDTH_1X;
-+		*active_speed = IB_SPEED_SDR;
-+	} else if (link_speed <= SPEED_10000) {
-+		*active_width = IB_WIDTH_1X;
-+		*active_speed = IB_SPEED_FDR10;
-+	} else if (link_speed <= SPEED_20000) {
-+		*active_width = IB_WIDTH_4X;
-+		*active_speed = IB_SPEED_DDR;
-+	} else if (link_speed <= SPEED_25000) {
-+		*active_width = IB_WIDTH_1X;
-+		*active_speed = IB_SPEED_EDR;
-+	} else if (link_speed <= SPEED_40000) {
-+		*active_width = IB_WIDTH_4X;
-+		*active_speed = IB_SPEED_FDR10;
-+	} else {
-+		*active_width = IB_WIDTH_4X;
-+		*active_speed = IB_SPEED_EDR;
-+	}
-+}
-+
- /**
-  * irdma_query_port - get port attributes
-  * @ibdev: device pointer from stack
-@@ -90,9 +120,8 @@ static int irdma_query_port(struct ib_device *ibdev, u32 port,
- 		props->state = IB_PORT_DOWN;
- 		props->phys_state = IB_PORT_PHYS_STATE_DISABLED;
- 	}
-
-	ib_get_eth_speed(ibdev, port, &props->active_speed,
-			 &props->active_width);
-+	irdma_get_eth_speed_and_width(SPEED_100000, &props->active_speed,
-+				      &props->active_width);
- 
- 	if (rdma_protocol_roce(ibdev, 1)) {
- 		props->gid_tbl_len = 32;
@@ -0,0 +1,31 @@
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
+From: Thomas Lamprecht <t.lamprecht@proxmox.com>
+Date: Sat, 12 Mar 2022 16:19:10 +0100
+Subject: [PATCH] Ubuntu: remove leftover reference to ubuntu/hio driver
+
+A single reference to the hio driver was forgotten when it was removed
+recently. While this reference is not a problem for the build itself, it
+breaks the __clean target from 'scripts/Makefile.clean' here, as make
+cannot enter the "ubuntu/hio" folder for cleaning due to ENOENT.
+
+Fixes: 4ea6dd9afa0a0d ("UBUNTU: Remove ubuntu/hio driver")
+Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
+---
+ ubuntu/Makefile | 4 ----
+ 1 file changed, 4 deletions(-)
+
+diff --git a/ubuntu/Makefile b/ubuntu/Makefile
+index 27fa95ba242a..3bfc4494c069 100644
+--- a/ubuntu/Makefile
+++ b/ubuntu/Makefile
+@@ -15,10 +15,6 @@
+ ##
+ ##
+ ##
+-obj-$(CONFIG_HIO)             += hio/
+-##
+-##
+-##
+ obj-$(CONFIG_UBUNTU_HOST)      += ubuntu-host/
+ ##
+ ##
@@ -1,29 +0,0 @@
-From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
-From: Thomas Lamprecht <t.lamprecht@proxmox.com>
-Date: Tue, 10 Jan 2023 08:52:40 +0100
-Subject: [PATCH] Revert "fortify: Do not cast to "unsigned char""
-MIME-Version: 1.0
-Content-Type: text/plain; charset=UTF-8
-Content-Transfer-Encoding: 8bit
-
-This reverts commit 106b7a61c488d2022f44e3531ce33461c7c0685f.
-
-Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
-Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
---
- include/linux/fortify-string.h | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/include/linux/fortify-string.h b/include/linux/fortify-string.h
-index 7cad8bb031e9..acc24887db3e 100644
--- a/include/linux/fortify-string.h
-+++ b/include/linux/fortify-string.h
-@@ -18,7 +18,7 @@ void __write_overflow_field(size_t avail, size_t wanted) __compiletime_warning("
- 
- #define __compiletime_strlen(p)					\
- ({								\
-	char *__p = (char *)(p);				\
-+	unsigned char *__p = (unsigned char *)(p);		\
- 	size_t __ret = SIZE_MAX;				\
- 	size_t __p_size = __member_size(p);			\
- 	if (__p_size != SIZE_MAX &&				\
@@ -0,0 +1,53 @@
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
+From: Maxim Levitsky <mlevitsk@redhat.com>
+Date: Wed, 3 Aug 2022 18:49:59 +0300
+Subject: [PATCH] bug: introduce ASSERT_STRUCT_OFFSET
+
+ASSERT_STRUCT_OFFSET allows to assert during the build of
+the kernel that a field in a struct have an expected offset.
+
+KVM used to have such macro, but there is almost nothing KVM specific
+in it so move it to build_bug.h, so that it can be used in other
+places in KVM.
+
+Signed-off-by: Maxim Levitsky <mlevitsk@redhat.com>
+Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
+---
+ arch/x86/kvm/vmx/vmcs12.h | 5 ++---
+ include/linux/build_bug.h | 9 +++++++++
+ 2 files changed, 11 insertions(+), 3 deletions(-)
+
+diff --git a/arch/x86/kvm/vmx/vmcs12.h b/arch/x86/kvm/vmx/vmcs12.h
+index 746129ddd5ae..01936013428b 100644
+--- a/arch/x86/kvm/vmx/vmcs12.h
+++ b/arch/x86/kvm/vmx/vmcs12.h
+@@ -208,9 +208,8 @@ struct __packed vmcs12 {
+ /*
+  * For save/restore compatibility, the vmcs12 field offsets must not change.
+  */
+-#define CHECK_OFFSET(field, loc)				\
+-	BUILD_BUG_ON_MSG(offsetof(struct vmcs12, field) != (loc),	\
+-		"Offset of " #field " in struct vmcs12 has changed.")
+#define CHECK_OFFSET(field, loc) \
+	ASSERT_STRUCT_OFFSET(struct vmcs12, field, loc)
+ 
+ static inline void vmx_check_vmcs12_offsets(void)
+ {
+diff --git a/include/linux/build_bug.h b/include/linux/build_bug.h
+index e3a0be2c90ad..3aa3640f8c18 100644
+--- a/include/linux/build_bug.h
+++ b/include/linux/build_bug.h
+@@ -77,4 +77,13 @@
+ #define static_assert(expr, ...) __static_assert(expr, ##__VA_ARGS__, #expr)
+ #define __static_assert(expr, msg, ...) _Static_assert(expr, msg)
+ 
+
+/*
+ * Compile time check that field has an expected offset
+ */
+#define ASSERT_STRUCT_OFFSET(type, field, expected_offset)	\
+	BUILD_BUG_ON_MSG(offsetof(type, field) != (expected_offset),	\
+		"Offset of " #field " in " #type " has changed.")
+
+
+ #endif	/* _LINUX_BUILD_BUG_H */
@@ -0,0 +1,34 @@
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
+From: Maxim Levitsky <mlevitsk@redhat.com>
+Date: Wed, 3 Aug 2022 18:50:02 +0300
+Subject: [PATCH] KVM: x86: emulator: update the emulation mode after rsm
+
+This ensures that RIP will be correctly written back,
+because the RSM instruction can switch the CPU mode from
+32 bit (or less) to 64 bit.
+
+This fixes a guest crash in case the #SMI is received
+while the guest runs a code from an address > 32 bit.
+
+Signed-off-by: Maxim Levitsky <mlevitsk@redhat.com>
+Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
+---
+ arch/x86/kvm/emulate.c | 5 +++++
+ 1 file changed, 5 insertions(+)
+
+diff --git a/arch/x86/kvm/emulate.c b/arch/x86/kvm/emulate.c
+index 533203fc424f..c19e782ecc54 100644
+--- a/arch/x86/kvm/emulate.c
+++ b/arch/x86/kvm/emulate.c
+@@ -2654,6 +2654,11 @@ static int em_rsm(struct x86_emulate_ctxt *ctxt)
+ 	if (ret != X86EMUL_CONTINUE)
+ 		goto emulate_shutdown;
+ 
+
+	ret = emulator_recalc_and_set_mode(ctxt);
+	if (ret != X86EMUL_CONTINUE)
+		goto emulate_shutdown;
+
+ 	/*
+ 	 * Note, the ctxt->ops callbacks are responsible for handling side
+ 	 * effects when writing MSRs and CRs, e.g. MMU context resets, CPUID
@@ -0,0 +1,280 @@
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
+From: Maxim Levitsky <mlevitsk@redhat.com>
+Date: Wed, 3 Aug 2022 18:50:05 +0300
+Subject: [PATCH] KVM: x86: emulator/smm: add structs for KVM's smram layout
+
+Those structs will be used to read/write the smram state image.
+
+Also document the differences between KVM's SMRAM layout and SMRAM
+layout that is used by real Intel/AMD cpus.
+
+Signed-off-by: Maxim Levitsky <mlevitsk@redhat.com>
+Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
+---
+ arch/x86/kvm/emulate.c     |   6 +
+ arch/x86/kvm/kvm_emulate.h | 218 +++++++++++++++++++++++++++++++++++++
+ arch/x86/kvm/x86.c         |   1 +
+ 3 files changed, 225 insertions(+)
+
+diff --git a/arch/x86/kvm/emulate.c b/arch/x86/kvm/emulate.c
+index c19e782ecc54..48173cb63f7a 100644
+--- a/arch/x86/kvm/emulate.c
+++ b/arch/x86/kvm/emulate.c
+@@ -5856,3 +5856,9 @@ bool emulator_can_use_gpa(struct x86_emulate_ctxt *ctxt)
+ 
+ 	return true;
+ }
+
+void  __init kvm_emulator_init(void)
+{
+	__check_smram32_offsets();
+	__check_smram64_offsets();
+}
+diff --git a/arch/x86/kvm/kvm_emulate.h b/arch/x86/kvm/kvm_emulate.h
+index 8dff25d267b7..0eb13204bbc2 100644
+--- a/arch/x86/kvm/kvm_emulate.h
+++ b/arch/x86/kvm/kvm_emulate.h
+@@ -13,6 +13,7 @@
+ #define _ASM_X86_KVM_X86_EMULATE_H
+ 
+ #include <asm/desc_defs.h>
+#include <linux/build_bug.h>
+ #include "fpu.h"
+ 
+ struct x86_emulate_ctxt;
+@@ -481,6 +482,223 @@ enum x86_intercept {
+ 	nr_x86_intercepts
+ };
+ 
+
+/* 32 bit KVM's emulated SMM layout. Loosely based on Intel's layout */
+
+struct kvm_smm_seg_state_32 {
+	u32 flags;
+	u32 limit;
+	u32 base;
+} __packed;
+
+struct kvm_smram_state_32 {
+	u32 reserved1[62];
+	u32 smbase;
+	u32 smm_revision;
+	u32 reserved2[5];
+	u32 cr4; /* CR4 is not present in Intel/AMD SMRAM image */
+	u32 reserved3[5];
+
+	/*
+	 * Segment state is not present/documented in the Intel/AMD SMRAM image
+	 * Instead this area on Intel/AMD contains IO/HLT restart flags.
+	 */
+	struct kvm_smm_seg_state_32 ds;
+	struct kvm_smm_seg_state_32 fs;
+	struct kvm_smm_seg_state_32 gs;
+	struct kvm_smm_seg_state_32 idtr; /* IDTR has only base and limit */
+	struct kvm_smm_seg_state_32 tr;
+	u32 reserved;
+	struct kvm_smm_seg_state_32 gdtr; /* GDTR has only base and limit */
+	struct kvm_smm_seg_state_32 ldtr;
+	struct kvm_smm_seg_state_32 es;
+	struct kvm_smm_seg_state_32 cs;
+	struct kvm_smm_seg_state_32 ss;
+
+	u32 es_sel;
+	u32 cs_sel;
+	u32 ss_sel;
+	u32 ds_sel;
+	u32 fs_sel;
+	u32 gs_sel;
+	u32 ldtr_sel;
+	u32 tr_sel;
+
+	u32 dr7;
+	u32 dr6;
+	u32 gprs[8]; /* GPRS in the "natural" X86 order (EAX/ECX/EDX.../EDI) */
+	u32 eip;
+	u32 eflags;
+	u32 cr3;
+	u32 cr0;
+} __packed;
+
+
+static inline void __check_smram32_offsets(void)
+{
+#define __CHECK_SMRAM32_OFFSET(field, offset) \
+	ASSERT_STRUCT_OFFSET(struct kvm_smram_state_32, field, offset - 0xFE00)
+
+	__CHECK_SMRAM32_OFFSET(reserved1,	0xFE00);
+	__CHECK_SMRAM32_OFFSET(smbase,		0xFEF8);
+	__CHECK_SMRAM32_OFFSET(smm_revision,	0xFEFC);
+	__CHECK_SMRAM32_OFFSET(reserved2,	0xFF00);
+	__CHECK_SMRAM32_OFFSET(cr4,		0xFF14);
+	__CHECK_SMRAM32_OFFSET(reserved3,	0xFF18);
+	__CHECK_SMRAM32_OFFSET(ds,		0xFF2C);
+	__CHECK_SMRAM32_OFFSET(fs,		0xFF38);
+	__CHECK_SMRAM32_OFFSET(gs,		0xFF44);
+	__CHECK_SMRAM32_OFFSET(idtr,		0xFF50);
+	__CHECK_SMRAM32_OFFSET(tr,		0xFF5C);
+	__CHECK_SMRAM32_OFFSET(gdtr,		0xFF6C);
+	__CHECK_SMRAM32_OFFSET(ldtr,		0xFF78);
+	__CHECK_SMRAM32_OFFSET(es,		0xFF84);
+	__CHECK_SMRAM32_OFFSET(cs,		0xFF90);
+	__CHECK_SMRAM32_OFFSET(ss,		0xFF9C);
+	__CHECK_SMRAM32_OFFSET(es_sel,		0xFFA8);
+	__CHECK_SMRAM32_OFFSET(cs_sel,		0xFFAC);
+	__CHECK_SMRAM32_OFFSET(ss_sel,		0xFFB0);
+	__CHECK_SMRAM32_OFFSET(ds_sel,		0xFFB4);
+	__CHECK_SMRAM32_OFFSET(fs_sel,		0xFFB8);
+	__CHECK_SMRAM32_OFFSET(gs_sel,		0xFFBC);
+	__CHECK_SMRAM32_OFFSET(ldtr_sel,	0xFFC0);
+	__CHECK_SMRAM32_OFFSET(tr_sel,		0xFFC4);
+	__CHECK_SMRAM32_OFFSET(dr7,		0xFFC8);
+	__CHECK_SMRAM32_OFFSET(dr6,		0xFFCC);
+	__CHECK_SMRAM32_OFFSET(gprs,		0xFFD0);
+	__CHECK_SMRAM32_OFFSET(eip,		0xFFF0);
+	__CHECK_SMRAM32_OFFSET(eflags,		0xFFF4);
+	__CHECK_SMRAM32_OFFSET(cr3,		0xFFF8);
+	__CHECK_SMRAM32_OFFSET(cr0,		0xFFFC);
+#undef __CHECK_SMRAM32_OFFSET
+}
+
+
+/* 64 bit KVM's emulated SMM layout. Based on AMD64 layout */
+
+struct kvm_smm_seg_state_64 {
+	u16 selector;
+	u16 attributes;
+	u32 limit;
+	u64 base;
+};
+
+struct kvm_smram_state_64 {
+
+	struct kvm_smm_seg_state_64 es;
+	struct kvm_smm_seg_state_64 cs;
+	struct kvm_smm_seg_state_64 ss;
+	struct kvm_smm_seg_state_64 ds;
+	struct kvm_smm_seg_state_64 fs;
+	struct kvm_smm_seg_state_64 gs;
+	struct kvm_smm_seg_state_64 gdtr; /* GDTR has only base and limit*/
+	struct kvm_smm_seg_state_64 ldtr;
+	struct kvm_smm_seg_state_64 idtr; /* IDTR has only base and limit*/
+	struct kvm_smm_seg_state_64 tr;
+
+	/* I/O restart and auto halt restart are not implemented by KVM */
+	u64 io_restart_rip;
+	u64 io_restart_rcx;
+	u64 io_restart_rsi;
+	u64 io_restart_rdi;
+	u32 io_restart_dword;
+	u32 reserved1;
+	u8 io_inst_restart;
+	u8 auto_hlt_restart;
+	u8 reserved2[6];
+
+	u64 efer;
+
+	/*
+	 * Two fields below are implemented on AMD only, to store
+	 * SVM guest vmcb address if the #SMI was received while in the guest mode.
+	 */
+	u64 svm_guest_flag;
+	u64 svm_guest_vmcb_gpa;
+	u64 svm_guest_virtual_int; /* unknown purpose, not implemented */
+
+	u32 reserved3[3];
+	u32 smm_revison;
+	u32 smbase;
+	u32 reserved4[5];
+
+	/* ssp and svm_* fields below are not implemented by KVM */
+	u64 ssp;
+	u64 svm_guest_pat;
+	u64 svm_host_efer;
+	u64 svm_host_cr4;
+	u64 svm_host_cr3;
+	u64 svm_host_cr0;
+
+	u64 cr4;
+	u64 cr3;
+	u64 cr0;
+	u64 dr7;
+	u64 dr6;
+	u64 rflags;
+	u64 rip;
+	u64 gprs[16]; /* GPRS in a reversed "natural" X86 order (R15/R14/../RCX/RAX.) */
+};
+
+
+static inline void __check_smram64_offsets(void)
+{
+#define __CHECK_SMRAM64_OFFSET(field, offset) \
+	ASSERT_STRUCT_OFFSET(struct kvm_smram_state_64, field, offset - 0xFE00)
+
+	__CHECK_SMRAM64_OFFSET(es,			0xFE00);
+	__CHECK_SMRAM64_OFFSET(cs,			0xFE10);
+	__CHECK_SMRAM64_OFFSET(ss,			0xFE20);
+	__CHECK_SMRAM64_OFFSET(ds,			0xFE30);
+	__CHECK_SMRAM64_OFFSET(fs,			0xFE40);
+	__CHECK_SMRAM64_OFFSET(gs,			0xFE50);
+	__CHECK_SMRAM64_OFFSET(gdtr,			0xFE60);
+	__CHECK_SMRAM64_OFFSET(ldtr,			0xFE70);
+	__CHECK_SMRAM64_OFFSET(idtr,			0xFE80);
+	__CHECK_SMRAM64_OFFSET(tr,			0xFE90);
+	__CHECK_SMRAM64_OFFSET(io_restart_rip,		0xFEA0);
+	__CHECK_SMRAM64_OFFSET(io_restart_rcx,		0xFEA8);
+	__CHECK_SMRAM64_OFFSET(io_restart_rsi,		0xFEB0);
+	__CHECK_SMRAM64_OFFSET(io_restart_rdi,		0xFEB8);
+	__CHECK_SMRAM64_OFFSET(io_restart_dword,	0xFEC0);
+	__CHECK_SMRAM64_OFFSET(reserved1,		0xFEC4);
+	__CHECK_SMRAM64_OFFSET(io_inst_restart,		0xFEC8);
+	__CHECK_SMRAM64_OFFSET(auto_hlt_restart,	0xFEC9);
+	__CHECK_SMRAM64_OFFSET(reserved2,		0xFECA);
+	__CHECK_SMRAM64_OFFSET(efer,			0xFED0);
+	__CHECK_SMRAM64_OFFSET(svm_guest_flag,		0xFED8);
+	__CHECK_SMRAM64_OFFSET(svm_guest_vmcb_gpa,	0xFEE0);
+	__CHECK_SMRAM64_OFFSET(svm_guest_virtual_int,	0xFEE8);
+	__CHECK_SMRAM64_OFFSET(reserved3,		0xFEF0);
+	__CHECK_SMRAM64_OFFSET(smm_revison,		0xFEFC);
+	__CHECK_SMRAM64_OFFSET(smbase,			0xFF00);
+	__CHECK_SMRAM64_OFFSET(reserved4,		0xFF04);
+	__CHECK_SMRAM64_OFFSET(ssp,			0xFF18);
+	__CHECK_SMRAM64_OFFSET(svm_guest_pat,		0xFF20);
+	__CHECK_SMRAM64_OFFSET(svm_host_efer,		0xFF28);
+	__CHECK_SMRAM64_OFFSET(svm_host_cr4,		0xFF30);
+	__CHECK_SMRAM64_OFFSET(svm_host_cr3,		0xFF38);
+	__CHECK_SMRAM64_OFFSET(svm_host_cr0,		0xFF40);
+	__CHECK_SMRAM64_OFFSET(cr4,			0xFF48);
+	__CHECK_SMRAM64_OFFSET(cr3,			0xFF50);
+	__CHECK_SMRAM64_OFFSET(cr0,			0xFF58);
+	__CHECK_SMRAM64_OFFSET(dr7,			0xFF60);
+	__CHECK_SMRAM64_OFFSET(dr6,			0xFF68);
+	__CHECK_SMRAM64_OFFSET(rflags,			0xFF70);
+	__CHECK_SMRAM64_OFFSET(rip,			0xFF78);
+	__CHECK_SMRAM64_OFFSET(gprs,			0xFF80);
+#undef __CHECK_SMRAM64_OFFSET
+}
+
+union kvm_smram {
+	struct kvm_smram_state_64 smram64;
+	struct kvm_smram_state_32 smram32;
+	u8 bytes[512];
+};
+
+void  __init kvm_emulator_init(void);
+
+
+ /* Host execution mode. */
+ #if defined(CONFIG_X86_32)
+ #define X86EMUL_MODE_HOST X86EMUL_MODE_PROT32
+diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c
+index b3e72a86184e..8e6e85720242 100644
+--- a/arch/x86/kvm/x86.c
+++ b/arch/x86/kvm/x86.c
+@@ -13273,6 +13273,7 @@ EXPORT_TRACEPOINT_SYMBOL_GPL(kvm_vmgexit_msr_protocol_exit);
+ static int __init kvm_x86_init(void)
+ {
+ 	kvm_mmu_x86_module_init();
+	kvm_emulator_init();
+ 	return 0;
+ }
+ module_init(kvm_x86_init);
@@ -0,0 +1,214 @@
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
+From: Maxim Levitsky <mlevitsk@redhat.com>
+Date: Wed, 3 Aug 2022 18:50:06 +0300
+Subject: [PATCH] KVM: x86: emulator/smm: use smram structs in the common code
+
+Switch from using a raw array to 'union kvm_smram'.
+
+Signed-off-by: Maxim Levitsky <mlevitsk@redhat.com>
+Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
+---
+ arch/x86/include/asm/kvm_host.h |  5 +++--
+ arch/x86/kvm/emulate.c          | 12 +++++++-----
+ arch/x86/kvm/kvm_emulate.h      |  3 ++-
+ arch/x86/kvm/svm/svm.c          |  8 ++++++--
+ arch/x86/kvm/vmx/vmx.c          |  4 ++--
+ arch/x86/kvm/x86.c              | 16 ++++++++--------
+ 6 files changed, 28 insertions(+), 20 deletions(-)
+
+diff --git a/arch/x86/include/asm/kvm_host.h b/arch/x86/include/asm/kvm_host.h
+index 19c04412f6e1..cff765545738 100644
+--- a/arch/x86/include/asm/kvm_host.h
+++ b/arch/x86/include/asm/kvm_host.h
+@@ -202,6 +202,7 @@ typedef enum exit_fastpath_completion fastpath_t;
+ 
+ struct x86_emulate_ctxt;
+ struct x86_exception;
+union kvm_smram;
+ enum x86_intercept;
+ enum x86_intercept_stage;
+ 
+@@ -1552,8 +1553,8 @@ struct kvm_x86_ops {
+ 	void (*setup_mce)(struct kvm_vcpu *vcpu);
+ 
+ 	int (*smi_allowed)(struct kvm_vcpu *vcpu, bool for_injection);
+-	int (*enter_smm)(struct kvm_vcpu *vcpu, char *smstate);
+-	int (*leave_smm)(struct kvm_vcpu *vcpu, const char *smstate);
+	int (*enter_smm)(struct kvm_vcpu *vcpu, union kvm_smram *smram);
+	int (*leave_smm)(struct kvm_vcpu *vcpu, const union kvm_smram *smram);
+ 	void (*enable_smi_window)(struct kvm_vcpu *vcpu);
+ 
+ 	int (*mem_enc_ioctl)(struct kvm *kvm, void __user *argp);
+diff --git a/arch/x86/kvm/emulate.c b/arch/x86/kvm/emulate.c
+index 48173cb63f7a..66fb9420842c 100644
+--- a/arch/x86/kvm/emulate.c
+++ b/arch/x86/kvm/emulate.c
+@@ -2582,16 +2582,18 @@ static int rsm_load_state_64(struct x86_emulate_ctxt *ctxt,
+ static int em_rsm(struct x86_emulate_ctxt *ctxt)
+ {
+ 	unsigned long cr0, cr4, efer;
+-	char buf[512];
+	const union kvm_smram smram;
+ 	u64 smbase;
+ 	int ret;
+ 
+	BUILD_BUG_ON(sizeof(smram) != 512);
+
+ 	if ((ctxt->ops->get_hflags(ctxt) & X86EMUL_SMM_MASK) == 0)
+ 		return emulate_ud(ctxt);
+ 
+ 	smbase = ctxt->ops->get_smbase(ctxt);
+ 
+-	ret = ctxt->ops->read_phys(ctxt, smbase + 0xfe00, buf, sizeof(buf));
+	ret = ctxt->ops->read_phys(ctxt, smbase + 0xfe00, (void *)&smram, sizeof(smram));
+ 	if (ret != X86EMUL_CONTINUE)
+ 		return X86EMUL_UNHANDLEABLE;
+ 
+@@ -2641,15 +2643,15 @@ static int em_rsm(struct x86_emulate_ctxt *ctxt)
+ 	 * state (e.g. enter guest mode) before loading state from the SMM
+ 	 * state-save area.
+ 	 */
+-	if (ctxt->ops->leave_smm(ctxt, buf))
+	if (ctxt->ops->leave_smm(ctxt, &smram))
+ 		goto emulate_shutdown;
+ 
+ #ifdef CONFIG_X86_64
+ 	if (emulator_has_longmode(ctxt))
+-		ret = rsm_load_state_64(ctxt, buf);
+		ret = rsm_load_state_64(ctxt, (const char *)&smram);
+ 	else
+ #endif
+-		ret = rsm_load_state_32(ctxt, buf);
+		ret = rsm_load_state_32(ctxt, (const char *)&smram);
+ 
+ 	if (ret != X86EMUL_CONTINUE)
+ 		goto emulate_shutdown;
+diff --git a/arch/x86/kvm/kvm_emulate.h b/arch/x86/kvm/kvm_emulate.h
+index 0eb13204bbc2..04ac0cef8b57 100644
+--- a/arch/x86/kvm/kvm_emulate.h
+++ b/arch/x86/kvm/kvm_emulate.h
+@@ -19,6 +19,7 @@
+ struct x86_emulate_ctxt;
+ enum x86_intercept;
+ enum x86_intercept_stage;
+union kvm_smram;
+ 
+ struct x86_exception {
+ 	u8 vector;
+@@ -235,7 +236,7 @@ struct x86_emulate_ops {
+ 
+ 	unsigned (*get_hflags)(struct x86_emulate_ctxt *ctxt);
+ 	void (*exiting_smm)(struct x86_emulate_ctxt *ctxt);
+-	int (*leave_smm)(struct x86_emulate_ctxt *ctxt, const char *smstate);
+	int (*leave_smm)(struct x86_emulate_ctxt *ctxt, const union kvm_smram *smram);
+ 	void (*triple_fault)(struct x86_emulate_ctxt *ctxt);
+ 	int (*set_xcr)(struct x86_emulate_ctxt *ctxt, u32 index, u64 xcr);
+ };
+diff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c
+index 92b30b4937fc..f7f58c4cf341 100644
+--- a/arch/x86/kvm/svm/svm.c
+++ b/arch/x86/kvm/svm/svm.c
+@@ -4308,12 +4308,14 @@ static int svm_smi_allowed(struct kvm_vcpu *vcpu, bool for_injection)
+ 	return 1;
+ }
+ 
+-static int svm_enter_smm(struct kvm_vcpu *vcpu, char *smstate)
+static int svm_enter_smm(struct kvm_vcpu *vcpu, union kvm_smram *smram)
+ {
+ 	struct vcpu_svm *svm = to_svm(vcpu);
+ 	struct kvm_host_map map_save;
+ 	int ret;
+ 
+	char *smstate = (char *)smram;
+
+ 	if (!is_guest_mode(vcpu))
+ 		return 0;
+ 
+@@ -4355,7 +4357,7 @@ static int svm_enter_smm(struct kvm_vcpu *vcpu, char *smstate)
+ 	return 0;
+ }
+ 
+-static int svm_leave_smm(struct kvm_vcpu *vcpu, const char *smstate)
+static int svm_leave_smm(struct kvm_vcpu *vcpu, const union kvm_smram *smram)
+ {
+ 	struct vcpu_svm *svm = to_svm(vcpu);
+ 	struct kvm_host_map map, map_save;
+@@ -4363,6 +4365,8 @@ static int svm_leave_smm(struct kvm_vcpu *vcpu, const char *smstate)
+ 	struct vmcb *vmcb12;
+ 	int ret;
+ 
+	const char *smstate = (const char *)smram;
+
+ 	if (!guest_cpuid_has(vcpu, X86_FEATURE_LM))
+ 		return 0;
+ 
+diff --git a/arch/x86/kvm/vmx/vmx.c b/arch/x86/kvm/vmx/vmx.c
+index eecf8a45446d..017fe8873620 100644
+--- a/arch/x86/kvm/vmx/vmx.c
+++ b/arch/x86/kvm/vmx/vmx.c
+@@ -7738,7 +7738,7 @@ static int vmx_smi_allowed(struct kvm_vcpu *vcpu, bool for_injection)
+ 	return !is_smm(vcpu);
+ }
+ 
+-static int vmx_enter_smm(struct kvm_vcpu *vcpu, char *smstate)
+static int vmx_enter_smm(struct kvm_vcpu *vcpu, union kvm_smram *smram)
+ {
+ 	struct vcpu_vmx *vmx = to_vmx(vcpu);
+ 
+@@ -7752,7 +7752,7 @@ static int vmx_enter_smm(struct kvm_vcpu *vcpu, char *smstate)
+ 	return 0;
+ }
+ 
+-static int vmx_leave_smm(struct kvm_vcpu *vcpu, const char *smstate)
+static int vmx_leave_smm(struct kvm_vcpu *vcpu, const union kvm_smram *smram)
+ {
+ 	struct vcpu_vmx *vmx = to_vmx(vcpu);
+ 	int ret;
+diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c
+index 8e6e85720242..ebd4315080cd 100644
+--- a/arch/x86/kvm/x86.c
+++ b/arch/x86/kvm/x86.c
+@@ -7943,9 +7943,9 @@ static void emulator_exiting_smm(struct x86_emulate_ctxt *ctxt)
+ }
+ 
+ static int emulator_leave_smm(struct x86_emulate_ctxt *ctxt,
+-				  const char *smstate)
+			      const union kvm_smram *smram)
+ {
+-	return static_call(kvm_x86_leave_smm)(emul_to_vcpu(ctxt), smstate);
+	return static_call(kvm_x86_leave_smm)(emul_to_vcpu(ctxt), smram);
+ }
+ 
+ static void emulator_triple_fault(struct x86_emulate_ctxt *ctxt)
+@@ -9872,25 +9872,25 @@ static void enter_smm(struct kvm_vcpu *vcpu)
+ 	struct kvm_segment cs, ds;
+ 	struct desc_ptr dt;
+ 	unsigned long cr0;
+-	char buf[512];
+	union kvm_smram smram;
+ 
+-	memset(buf, 0, 512);
+	memset(smram.bytes, 0, sizeof(smram.bytes));
+ #ifdef CONFIG_X86_64
+ 	if (guest_cpuid_has(vcpu, X86_FEATURE_LM))
+-		enter_smm_save_state_64(vcpu, buf);
+		enter_smm_save_state_64(vcpu, (char *)&smram);
+ 	else
+ #endif
+-		enter_smm_save_state_32(vcpu, buf);
+		enter_smm_save_state_32(vcpu, (char *)&smram);
+ 
+ 	/*
+ 	 * Give enter_smm() a chance to make ISA-specific changes to the vCPU
+ 	 * state (e.g. leave guest mode) after we've saved the state into the
+ 	 * SMM state-save area.
+ 	 */
+-	static_call(kvm_x86_enter_smm)(vcpu, buf);
+	static_call(kvm_x86_enter_smm)(vcpu, &smram);
+ 
+ 	kvm_smm_changed(vcpu, true);
+-	kvm_vcpu_write_guest(vcpu, vcpu->arch.smbase + 0xfe00, buf, sizeof(buf));
+	kvm_vcpu_write_guest(vcpu, vcpu->arch.smbase + 0xfe00, &smram, sizeof(smram));
+ 
+ 	if (static_call(kvm_x86_get_nmi_mask)(vcpu))
+ 		vcpu->arch.hflags |= HF_SMM_INSIDE_NMI_MASK;
@@ -0,0 +1,268 @@
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
+From: Maxim Levitsky <mlevitsk@redhat.com>
+Date: Wed, 3 Aug 2022 18:50:07 +0300
+Subject: [PATCH] KVM: x86: emulator/smm: use smram struct for 32 bit smram
+ load/restore
+
+Use kvm_smram_state_32 struct to save/restore 32 bit SMM state
+(used when X86_FEATURE_LM is not present in the guest CPUID).
+
+Signed-off-by: Maxim Levitsky <mlevitsk@redhat.com>
+Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
+---
+ arch/x86/kvm/emulate.c | 81 +++++++++++++++---------------------------
+ arch/x86/kvm/x86.c     | 75 +++++++++++++++++---------------------
+ 2 files changed, 60 insertions(+), 96 deletions(-)
+
+diff --git a/arch/x86/kvm/emulate.c b/arch/x86/kvm/emulate.c
+index 66fb9420842c..aa60533d9d29 100644
+--- a/arch/x86/kvm/emulate.c
+++ b/arch/x86/kvm/emulate.c
+@@ -2359,25 +2359,17 @@ static void rsm_set_desc_flags(struct desc_struct *desc, u32 flags)
+ 	desc->type = (flags >>  8) & 15;
+ }
+ 
+-static int rsm_load_seg_32(struct x86_emulate_ctxt *ctxt, const char *smstate,
+static void rsm_load_seg_32(struct x86_emulate_ctxt *ctxt,
+			   const struct kvm_smm_seg_state_32 *state,
+			   u16 selector,
+ 			   int n)
+ {
+ 	struct desc_struct desc;
+-	int offset;
+-	u16 selector;
+-
+-	selector = GET_SMSTATE(u32, smstate, 0x7fa8 + n * 4);
+-
+-	if (n < 3)
+-		offset = 0x7f84 + n * 12;
+-	else
+-		offset = 0x7f2c + (n - 3) * 12;
+ 
+-	set_desc_base(&desc,      GET_SMSTATE(u32, smstate, offset + 8));
+-	set_desc_limit(&desc,     GET_SMSTATE(u32, smstate, offset + 4));
+-	rsm_set_desc_flags(&desc, GET_SMSTATE(u32, smstate, offset));
+	set_desc_base(&desc,      state->base);
+	set_desc_limit(&desc,     state->limit);
+	rsm_set_desc_flags(&desc, state->flags);
+ 	ctxt->ops->set_segment(ctxt, selector, &desc, 0, n);
+-	return X86EMUL_CONTINUE;
+ }
+ 
+ #ifdef CONFIG_X86_64
+@@ -2448,63 +2440,46 @@ static int rsm_enter_protected_mode(struct x86_emulate_ctxt *ctxt,
+ }
+ 
+ static int rsm_load_state_32(struct x86_emulate_ctxt *ctxt,
+-			     const char *smstate)
+			     const struct kvm_smram_state_32 *smstate)
+ {
+-	struct desc_struct desc;
+ 	struct desc_ptr dt;
+-	u16 selector;
+-	u32 val, cr0, cr3, cr4;
+ 	int i;
+ 
+-	cr0 =                      GET_SMSTATE(u32, smstate, 0x7ffc);
+-	cr3 =                      GET_SMSTATE(u32, smstate, 0x7ff8);
+-	ctxt->eflags =             GET_SMSTATE(u32, smstate, 0x7ff4) | X86_EFLAGS_FIXED;
+-	ctxt->_eip =               GET_SMSTATE(u32, smstate, 0x7ff0);
+	ctxt->eflags =  smstate->eflags | X86_EFLAGS_FIXED;
+	ctxt->_eip =  smstate->eip;
+ 
+ 	for (i = 0; i < 8; i++)
+-		*reg_write(ctxt, i) = GET_SMSTATE(u32, smstate, 0x7fd0 + i * 4);
+-
+-	val = GET_SMSTATE(u32, smstate, 0x7fcc);
+		*reg_write(ctxt, i) = smstate->gprs[i];
+ 
+-	if (ctxt->ops->set_dr(ctxt, 6, val))
+	if (ctxt->ops->set_dr(ctxt, 6, smstate->dr6))
+ 		return X86EMUL_UNHANDLEABLE;
+-
+-	val = GET_SMSTATE(u32, smstate, 0x7fc8);
+-
+-	if (ctxt->ops->set_dr(ctxt, 7, val))
+	if (ctxt->ops->set_dr(ctxt, 7, smstate->dr7))
+ 		return X86EMUL_UNHANDLEABLE;
+ 
+-	selector =                 GET_SMSTATE(u32, smstate, 0x7fc4);
+-	set_desc_base(&desc,       GET_SMSTATE(u32, smstate, 0x7f64));
+-	set_desc_limit(&desc,      GET_SMSTATE(u32, smstate, 0x7f60));
+-	rsm_set_desc_flags(&desc,  GET_SMSTATE(u32, smstate, 0x7f5c));
+-	ctxt->ops->set_segment(ctxt, selector, &desc, 0, VCPU_SREG_TR);
+	rsm_load_seg_32(ctxt, &smstate->tr, smstate->tr_sel, VCPU_SREG_TR);
+	rsm_load_seg_32(ctxt, &smstate->ldtr, smstate->ldtr_sel, VCPU_SREG_LDTR);
+ 
+-	selector =                 GET_SMSTATE(u32, smstate, 0x7fc0);
+-	set_desc_base(&desc,       GET_SMSTATE(u32, smstate, 0x7f80));
+-	set_desc_limit(&desc,      GET_SMSTATE(u32, smstate, 0x7f7c));
+-	rsm_set_desc_flags(&desc,  GET_SMSTATE(u32, smstate, 0x7f78));
+-	ctxt->ops->set_segment(ctxt, selector, &desc, 0, VCPU_SREG_LDTR);
+ 
+-	dt.address =               GET_SMSTATE(u32, smstate, 0x7f74);
+-	dt.size =                  GET_SMSTATE(u32, smstate, 0x7f70);
+	dt.address =               smstate->gdtr.base;
+	dt.size =                  smstate->gdtr.limit;
+ 	ctxt->ops->set_gdt(ctxt, &dt);
+ 
+-	dt.address =               GET_SMSTATE(u32, smstate, 0x7f58);
+-	dt.size =                  GET_SMSTATE(u32, smstate, 0x7f54);
+	dt.address =               smstate->idtr.base;
+	dt.size =                  smstate->idtr.limit;
+ 	ctxt->ops->set_idt(ctxt, &dt);
+ 
+-	for (i = 0; i < 6; i++) {
+-		int r = rsm_load_seg_32(ctxt, smstate, i);
+-		if (r != X86EMUL_CONTINUE)
+-			return r;
+-	}
+	rsm_load_seg_32(ctxt, &smstate->es, smstate->es_sel, VCPU_SREG_ES);
+	rsm_load_seg_32(ctxt, &smstate->cs, smstate->cs_sel, VCPU_SREG_CS);
+	rsm_load_seg_32(ctxt, &smstate->ss, smstate->ss_sel, VCPU_SREG_SS);
+ 
+-	cr4 = GET_SMSTATE(u32, smstate, 0x7f14);
+	rsm_load_seg_32(ctxt, &smstate->ds, smstate->ds_sel, VCPU_SREG_DS);
+	rsm_load_seg_32(ctxt, &smstate->fs, smstate->fs_sel, VCPU_SREG_FS);
+	rsm_load_seg_32(ctxt, &smstate->gs, smstate->gs_sel, VCPU_SREG_GS);
+ 
+-	ctxt->ops->set_smbase(ctxt, GET_SMSTATE(u32, smstate, 0x7ef8));
+	ctxt->ops->set_smbase(ctxt, smstate->smbase);
+ 
+-	return rsm_enter_protected_mode(ctxt, cr0, cr3, cr4);
+	return rsm_enter_protected_mode(ctxt, smstate->cr0,
+					smstate->cr3, smstate->cr4);
+ }
+ 
+ #ifdef CONFIG_X86_64
+@@ -2651,7 +2626,7 @@ static int em_rsm(struct x86_emulate_ctxt *ctxt)
+ 		ret = rsm_load_state_64(ctxt, (const char *)&smram);
+ 	else
+ #endif
+-		ret = rsm_load_state_32(ctxt, (const char *)&smram);
+		ret = rsm_load_state_32(ctxt, &smram.smram32);
+ 
+ 	if (ret != X86EMUL_CONTINUE)
+ 		goto emulate_shutdown;
+diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c
+index ebd4315080cd..87c8021e542c 100644
+--- a/arch/x86/kvm/x86.c
+++ b/arch/x86/kvm/x86.c
+@@ -9726,22 +9726,18 @@ static u32 enter_smm_get_segment_flags(struct kvm_segment *seg)
+ 	return flags;
+ }
+ 
+-static void enter_smm_save_seg_32(struct kvm_vcpu *vcpu, char *buf, int n)
+static void enter_smm_save_seg_32(struct kvm_vcpu *vcpu,
+					 struct kvm_smm_seg_state_32 *state,
+					 u32 *selector,
+					 int n)
+ {
+ 	struct kvm_segment seg;
+-	int offset;
+ 
+ 	kvm_get_segment(vcpu, &seg, n);
+-	put_smstate(u32, buf, 0x7fa8 + n * 4, seg.selector);
+-
+-	if (n < 3)
+-		offset = 0x7f84 + n * 12;
+-	else
+-		offset = 0x7f2c + (n - 3) * 12;
+-
+-	put_smstate(u32, buf, offset + 8, seg.base);
+-	put_smstate(u32, buf, offset + 4, seg.limit);
+-	put_smstate(u32, buf, offset, enter_smm_get_segment_flags(&seg));
+	*selector = seg.selector;
+	state->base = seg.base;
+	state->limit = seg.limit;
+	state->flags = enter_smm_get_segment_flags(&seg);
+ }
+ 
+ #ifdef CONFIG_X86_64
+@@ -9762,54 +9758,47 @@ static void enter_smm_save_seg_64(struct kvm_vcpu *vcpu, char *buf, int n)
+ }
+ #endif
+ 
+-static void enter_smm_save_state_32(struct kvm_vcpu *vcpu, char *buf)
+static void enter_smm_save_state_32(struct kvm_vcpu *vcpu, struct kvm_smram_state_32 *smram)
+ {
+ 	struct desc_ptr dt;
+-	struct kvm_segment seg;
+ 	unsigned long val;
+ 	int i;
+ 
+-	put_smstate(u32, buf, 0x7ffc, kvm_read_cr0(vcpu));
+-	put_smstate(u32, buf, 0x7ff8, kvm_read_cr3(vcpu));
+-	put_smstate(u32, buf, 0x7ff4, kvm_get_rflags(vcpu));
+-	put_smstate(u32, buf, 0x7ff0, kvm_rip_read(vcpu));
+	smram->cr0     = kvm_read_cr0(vcpu);
+	smram->cr3     = kvm_read_cr3(vcpu);
+	smram->eflags  = kvm_get_rflags(vcpu);
+	smram->eip     = kvm_rip_read(vcpu);
+ 
+ 	for (i = 0; i < 8; i++)
+-		put_smstate(u32, buf, 0x7fd0 + i * 4, kvm_register_read_raw(vcpu, i));
+		smram->gprs[i] = kvm_register_read_raw(vcpu, i);
+ 
+ 	kvm_get_dr(vcpu, 6, &val);
+-	put_smstate(u32, buf, 0x7fcc, (u32)val);
+	smram->dr6     = (u32)val;
+ 	kvm_get_dr(vcpu, 7, &val);
+-	put_smstate(u32, buf, 0x7fc8, (u32)val);
+	smram->dr7     = (u32)val;
+ 
+-	kvm_get_segment(vcpu, &seg, VCPU_SREG_TR);
+-	put_smstate(u32, buf, 0x7fc4, seg.selector);
+-	put_smstate(u32, buf, 0x7f64, seg.base);
+-	put_smstate(u32, buf, 0x7f60, seg.limit);
+-	put_smstate(u32, buf, 0x7f5c, enter_smm_get_segment_flags(&seg));
+-
+-	kvm_get_segment(vcpu, &seg, VCPU_SREG_LDTR);
+-	put_smstate(u32, buf, 0x7fc0, seg.selector);
+-	put_smstate(u32, buf, 0x7f80, seg.base);
+-	put_smstate(u32, buf, 0x7f7c, seg.limit);
+-	put_smstate(u32, buf, 0x7f78, enter_smm_get_segment_flags(&seg));
+	enter_smm_save_seg_32(vcpu, &smram->tr, &smram->tr_sel, VCPU_SREG_TR);
+	enter_smm_save_seg_32(vcpu, &smram->ldtr, &smram->ldtr_sel, VCPU_SREG_LDTR);
+ 
+ 	static_call(kvm_x86_get_gdt)(vcpu, &dt);
+-	put_smstate(u32, buf, 0x7f74, dt.address);
+-	put_smstate(u32, buf, 0x7f70, dt.size);
+	smram->gdtr.base = dt.address;
+	smram->gdtr.limit = dt.size;
+ 
+ 	static_call(kvm_x86_get_idt)(vcpu, &dt);
+-	put_smstate(u32, buf, 0x7f58, dt.address);
+-	put_smstate(u32, buf, 0x7f54, dt.size);
+	smram->idtr.base = dt.address;
+	smram->idtr.limit = dt.size;
+ 
+-	for (i = 0; i < 6; i++)
+-		enter_smm_save_seg_32(vcpu, buf, i);
+	enter_smm_save_seg_32(vcpu, &smram->es, &smram->es_sel, VCPU_SREG_ES);
+	enter_smm_save_seg_32(vcpu, &smram->cs, &smram->cs_sel, VCPU_SREG_CS);
+	enter_smm_save_seg_32(vcpu, &smram->ss, &smram->ss_sel, VCPU_SREG_SS);
+ 
+-	put_smstate(u32, buf, 0x7f14, kvm_read_cr4(vcpu));
+	enter_smm_save_seg_32(vcpu, &smram->ds, &smram->ds_sel, VCPU_SREG_DS);
+	enter_smm_save_seg_32(vcpu, &smram->fs, &smram->fs_sel, VCPU_SREG_FS);
+	enter_smm_save_seg_32(vcpu, &smram->gs, &smram->gs_sel, VCPU_SREG_GS);
+ 
+-	/* revision id */
+-	put_smstate(u32, buf, 0x7efc, 0x00020000);
+-	put_smstate(u32, buf, 0x7ef8, vcpu->arch.smbase);
+	smram->cr4 = kvm_read_cr4(vcpu);
+	smram->smm_revision = 0x00020000;
+	smram->smbase = vcpu->arch.smbase;
+ }
+ 
+ #ifdef CONFIG_X86_64
+@@ -9880,7 +9869,7 @@ static void enter_smm(struct kvm_vcpu *vcpu)
+ 		enter_smm_save_state_64(vcpu, (char *)&smram);
+ 	else
+ #endif
+-		enter_smm_save_state_32(vcpu, (char *)&smram);
+		enter_smm_save_state_32(vcpu, &smram.smram32);
+ 
+ 	/*
+ 	 * Give enter_smm() a chance to make ISA-specific changes to the vCPU
@@ -0,0 +1,279 @@
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
+From: Maxim Levitsky <mlevitsk@redhat.com>
+Date: Wed, 3 Aug 2022 18:50:08 +0300
+Subject: [PATCH] KVM: x86: emulator/smm: use smram struct for 64 bit smram
+ load/restore
+
+Use kvm_smram_state_64 struct to save/restore the 64 bit SMM state
+(used when X86_FEATURE_LM is present in the guest CPUID,
+regardless of 32-bitness of the guest).
+
+Signed-off-by: Maxim Levitsky <mlevitsk@redhat.com>
+Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
+---
+ arch/x86/kvm/emulate.c | 88 ++++++++++++++----------------------------
+ arch/x86/kvm/x86.c     | 75 ++++++++++++++++-------------------
+ 2 files changed, 62 insertions(+), 101 deletions(-)
+
+diff --git a/arch/x86/kvm/emulate.c b/arch/x86/kvm/emulate.c
+index aa60533d9d29..5480b23112e3 100644
+--- a/arch/x86/kvm/emulate.c
+++ b/arch/x86/kvm/emulate.c
+@@ -2373,24 +2373,16 @@ static void rsm_load_seg_32(struct x86_emulate_ctxt *ctxt,
+ }
+ 
+ #ifdef CONFIG_X86_64
+-static int rsm_load_seg_64(struct x86_emulate_ctxt *ctxt, const char *smstate,
+-			   int n)
+static void rsm_load_seg_64(struct x86_emulate_ctxt *ctxt,
+			    const struct kvm_smm_seg_state_64 *state,
+			    int n)
+ {
+ 	struct desc_struct desc;
+-	int offset;
+-	u16 selector;
+-	u32 base3;
+-
+-	offset = 0x7e00 + n * 16;
+-
+-	selector =                GET_SMSTATE(u16, smstate, offset);
+-	rsm_set_desc_flags(&desc, GET_SMSTATE(u16, smstate, offset + 2) << 8);
+-	set_desc_limit(&desc,     GET_SMSTATE(u32, smstate, offset + 4));
+-	set_desc_base(&desc,      GET_SMSTATE(u32, smstate, offset + 8));
+-	base3 =                   GET_SMSTATE(u32, smstate, offset + 12);
+ 
+-	ctxt->ops->set_segment(ctxt, selector, &desc, base3, n);
+-	return X86EMUL_CONTINUE;
+	rsm_set_desc_flags(&desc, state->attributes << 8);
+	set_desc_limit(&desc,     state->limit);
+	set_desc_base(&desc,      (u32)state->base);
+	ctxt->ops->set_segment(ctxt, state->selector, &desc, state->base >> 32, n);
+ }
+ #endif
+ 
+@@ -2484,71 +2476,49 @@ static int rsm_load_state_32(struct x86_emulate_ctxt *ctxt,
+ 
+ #ifdef CONFIG_X86_64
+ static int rsm_load_state_64(struct x86_emulate_ctxt *ctxt,
+-			     const char *smstate)
+			     const struct kvm_smram_state_64 *smstate)
+ {
+-	struct desc_struct desc;
+ 	struct desc_ptr dt;
+-	u64 val, cr0, cr3, cr4;
+-	u32 base3;
+-	u16 selector;
+ 	int i, r;
+ 
+ 	for (i = 0; i < 16; i++)
+-		*reg_write(ctxt, i) = GET_SMSTATE(u64, smstate, 0x7ff8 - i * 8);
+		*reg_write(ctxt, i) = smstate->gprs[15 - i];
+ 
+-	ctxt->_eip   = GET_SMSTATE(u64, smstate, 0x7f78);
+-	ctxt->eflags = GET_SMSTATE(u32, smstate, 0x7f70) | X86_EFLAGS_FIXED;
+	ctxt->_eip   = smstate->rip;
+	ctxt->eflags = smstate->rflags | X86_EFLAGS_FIXED;
+ 
+-	val = GET_SMSTATE(u64, smstate, 0x7f68);
+-
+-	if (ctxt->ops->set_dr(ctxt, 6, val))
+	if (ctxt->ops->set_dr(ctxt, 6, smstate->dr6))
+ 		return X86EMUL_UNHANDLEABLE;
+-
+-	val = GET_SMSTATE(u64, smstate, 0x7f60);
+-
+-	if (ctxt->ops->set_dr(ctxt, 7, val))
+	if (ctxt->ops->set_dr(ctxt, 7, smstate->dr7))
+ 		return X86EMUL_UNHANDLEABLE;
+ 
+-	cr0 =                       GET_SMSTATE(u64, smstate, 0x7f58);
+-	cr3 =                       GET_SMSTATE(u64, smstate, 0x7f50);
+-	cr4 =                       GET_SMSTATE(u64, smstate, 0x7f48);
+-	ctxt->ops->set_smbase(ctxt, GET_SMSTATE(u32, smstate, 0x7f00));
+-	val =                       GET_SMSTATE(u64, smstate, 0x7ed0);
+	ctxt->ops->set_smbase(ctxt, smstate->smbase);
+ 
+-	if (ctxt->ops->set_msr(ctxt, MSR_EFER, val & ~EFER_LMA))
+	if (ctxt->ops->set_msr(ctxt, MSR_EFER, smstate->efer & ~EFER_LMA))
+ 		return X86EMUL_UNHANDLEABLE;
+ 
+-	selector =                  GET_SMSTATE(u32, smstate, 0x7e90);
+-	rsm_set_desc_flags(&desc,   GET_SMSTATE(u32, smstate, 0x7e92) << 8);
+-	set_desc_limit(&desc,       GET_SMSTATE(u32, smstate, 0x7e94));
+-	set_desc_base(&desc,        GET_SMSTATE(u32, smstate, 0x7e98));
+-	base3 =                     GET_SMSTATE(u32, smstate, 0x7e9c);
+-	ctxt->ops->set_segment(ctxt, selector, &desc, base3, VCPU_SREG_TR);
+	rsm_load_seg_64(ctxt, &smstate->tr, VCPU_SREG_TR);
+ 
+-	dt.size =                   GET_SMSTATE(u32, smstate, 0x7e84);
+-	dt.address =                GET_SMSTATE(u64, smstate, 0x7e88);
+	dt.size =                   smstate->idtr.limit;
+	dt.address =                smstate->idtr.base;
+ 	ctxt->ops->set_idt(ctxt, &dt);
+ 
+-	selector =                  GET_SMSTATE(u32, smstate, 0x7e70);
+-	rsm_set_desc_flags(&desc,   GET_SMSTATE(u32, smstate, 0x7e72) << 8);
+-	set_desc_limit(&desc,       GET_SMSTATE(u32, smstate, 0x7e74));
+-	set_desc_base(&desc,        GET_SMSTATE(u32, smstate, 0x7e78));
+-	base3 =                     GET_SMSTATE(u32, smstate, 0x7e7c);
+-	ctxt->ops->set_segment(ctxt, selector, &desc, base3, VCPU_SREG_LDTR);
+	rsm_load_seg_64(ctxt, &smstate->ldtr, VCPU_SREG_LDTR);
+ 
+-	dt.size =                   GET_SMSTATE(u32, smstate, 0x7e64);
+-	dt.address =                GET_SMSTATE(u64, smstate, 0x7e68);
+	dt.size =                   smstate->gdtr.limit;
+	dt.address =                smstate->gdtr.base;
+ 	ctxt->ops->set_gdt(ctxt, &dt);
+ 
+-	r = rsm_enter_protected_mode(ctxt, cr0, cr3, cr4);
+	r = rsm_enter_protected_mode(ctxt, smstate->cr0, smstate->cr3, smstate->cr4);
+ 	if (r != X86EMUL_CONTINUE)
+ 		return r;
+ 
+-	for (i = 0; i < 6; i++) {
+-		r = rsm_load_seg_64(ctxt, smstate, i);
+-		if (r != X86EMUL_CONTINUE)
+-			return r;
+-	}
+	rsm_load_seg_64(ctxt, &smstate->es, VCPU_SREG_ES);
+	rsm_load_seg_64(ctxt, &smstate->cs, VCPU_SREG_CS);
+	rsm_load_seg_64(ctxt, &smstate->ss, VCPU_SREG_SS);
+	rsm_load_seg_64(ctxt, &smstate->ds, VCPU_SREG_DS);
+	rsm_load_seg_64(ctxt, &smstate->fs, VCPU_SREG_FS);
+	rsm_load_seg_64(ctxt, &smstate->gs, VCPU_SREG_GS);
+ 
+ 	return X86EMUL_CONTINUE;
+ }
+@@ -2623,7 +2593,7 @@ static int em_rsm(struct x86_emulate_ctxt *ctxt)
+ 
+ #ifdef CONFIG_X86_64
+ 	if (emulator_has_longmode(ctxt))
+-		ret = rsm_load_state_64(ctxt, (const char *)&smram);
+		ret = rsm_load_state_64(ctxt, &smram.smram64);
+ 	else
+ #endif
+ 		ret = rsm_load_state_32(ctxt, &smram.smram32);
+diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c
+index 87c8021e542c..ada063ab8ae9 100644
+--- a/arch/x86/kvm/x86.c
+++ b/arch/x86/kvm/x86.c
+@@ -9741,20 +9741,17 @@ static void enter_smm_save_seg_32(struct kvm_vcpu *vcpu,
+ }
+ 
+ #ifdef CONFIG_X86_64
+-static void enter_smm_save_seg_64(struct kvm_vcpu *vcpu, char *buf, int n)
+static void enter_smm_save_seg_64(struct kvm_vcpu *vcpu,
+				  struct kvm_smm_seg_state_64 *state,
+				  int n)
+ {
+ 	struct kvm_segment seg;
+-	int offset;
+-	u16 flags;
+ 
+ 	kvm_get_segment(vcpu, &seg, n);
+-	offset = 0x7e00 + n * 16;
+-
+-	flags = enter_smm_get_segment_flags(&seg) >> 8;
+-	put_smstate(u16, buf, offset, seg.selector);
+-	put_smstate(u16, buf, offset + 2, flags);
+-	put_smstate(u32, buf, offset + 4, seg.limit);
+-	put_smstate(u64, buf, offset + 8, seg.base);
+	state->selector = seg.selector;
+	state->attributes = enter_smm_get_segment_flags(&seg) >> 8;
+	state->limit = seg.limit;
+	state->base = seg.base;
+ }
+ #endif
+ 
+@@ -9802,57 +9799,51 @@ static void enter_smm_save_state_32(struct kvm_vcpu *vcpu, struct kvm_smram_stat
+ }
+ 
+ #ifdef CONFIG_X86_64
+-static void enter_smm_save_state_64(struct kvm_vcpu *vcpu, char *buf)
+static void enter_smm_save_state_64(struct kvm_vcpu *vcpu, struct kvm_smram_state_64 *smram)
+ {
+ 	struct desc_ptr dt;
+-	struct kvm_segment seg;
+ 	unsigned long val;
+ 	int i;
+ 
+ 	for (i = 0; i < 16; i++)
+-		put_smstate(u64, buf, 0x7ff8 - i * 8, kvm_register_read_raw(vcpu, i));
+		smram->gprs[15 - i] = kvm_register_read_raw(vcpu, i);
+
+	smram->rip    = kvm_rip_read(vcpu);
+	smram->rflags = kvm_get_rflags(vcpu);
+ 
+-	put_smstate(u64, buf, 0x7f78, kvm_rip_read(vcpu));
+-	put_smstate(u32, buf, 0x7f70, kvm_get_rflags(vcpu));
+ 
+ 	kvm_get_dr(vcpu, 6, &val);
+-	put_smstate(u64, buf, 0x7f68, val);
+	smram->dr6 = val;
+ 	kvm_get_dr(vcpu, 7, &val);
+-	put_smstate(u64, buf, 0x7f60, val);
+-
+-	put_smstate(u64, buf, 0x7f58, kvm_read_cr0(vcpu));
+-	put_smstate(u64, buf, 0x7f50, kvm_read_cr3(vcpu));
+-	put_smstate(u64, buf, 0x7f48, kvm_read_cr4(vcpu));
+	smram->dr7 = val;
+ 
+-	put_smstate(u32, buf, 0x7f00, vcpu->arch.smbase);
+	smram->cr0 = kvm_read_cr0(vcpu);
+	smram->cr3 = kvm_read_cr3(vcpu);
+	smram->cr4 = kvm_read_cr4(vcpu);
+ 
+-	/* revision id */
+-	put_smstate(u32, buf, 0x7efc, 0x00020064);
+	smram->smbase = vcpu->arch.smbase;
+	smram->smm_revison = 0x00020064;
+ 
+-	put_smstate(u64, buf, 0x7ed0, vcpu->arch.efer);
+	smram->efer = vcpu->arch.efer;
+ 
+-	kvm_get_segment(vcpu, &seg, VCPU_SREG_TR);
+-	put_smstate(u16, buf, 0x7e90, seg.selector);
+-	put_smstate(u16, buf, 0x7e92, enter_smm_get_segment_flags(&seg) >> 8);
+-	put_smstate(u32, buf, 0x7e94, seg.limit);
+-	put_smstate(u64, buf, 0x7e98, seg.base);
+	enter_smm_save_seg_64(vcpu, &smram->tr, VCPU_SREG_TR);
+ 
+ 	static_call(kvm_x86_get_idt)(vcpu, &dt);
+-	put_smstate(u32, buf, 0x7e84, dt.size);
+-	put_smstate(u64, buf, 0x7e88, dt.address);
+	smram->idtr.limit = dt.size;
+	smram->idtr.base = dt.address;
+ 
+-	kvm_get_segment(vcpu, &seg, VCPU_SREG_LDTR);
+-	put_smstate(u16, buf, 0x7e70, seg.selector);
+-	put_smstate(u16, buf, 0x7e72, enter_smm_get_segment_flags(&seg) >> 8);
+-	put_smstate(u32, buf, 0x7e74, seg.limit);
+-	put_smstate(u64, buf, 0x7e78, seg.base);
+	enter_smm_save_seg_64(vcpu, &smram->ldtr, VCPU_SREG_LDTR);
+ 
+ 	static_call(kvm_x86_get_gdt)(vcpu, &dt);
+-	put_smstate(u32, buf, 0x7e64, dt.size);
+-	put_smstate(u64, buf, 0x7e68, dt.address);
+	smram->gdtr.limit = dt.size;
+	smram->gdtr.base = dt.address;
+ 
+-	for (i = 0; i < 6; i++)
+-		enter_smm_save_seg_64(vcpu, buf, i);
+	enter_smm_save_seg_64(vcpu, &smram->es, VCPU_SREG_ES);
+	enter_smm_save_seg_64(vcpu, &smram->cs, VCPU_SREG_CS);
+	enter_smm_save_seg_64(vcpu, &smram->ss, VCPU_SREG_SS);
+	enter_smm_save_seg_64(vcpu, &smram->ds, VCPU_SREG_DS);
+	enter_smm_save_seg_64(vcpu, &smram->fs, VCPU_SREG_FS);
+	enter_smm_save_seg_64(vcpu, &smram->gs, VCPU_SREG_GS);
+ }
+ #endif
+ 
+@@ -9866,7 +9857,7 @@ static void enter_smm(struct kvm_vcpu *vcpu)
+ 	memset(smram.bytes, 0, sizeof(smram.bytes));
+ #ifdef CONFIG_X86_64
+ 	if (guest_cpuid_has(vcpu, X86_FEATURE_LM))
+-		enter_smm_save_state_64(vcpu, (char *)&smram);
+		enter_smm_save_state_64(vcpu, &smram.smram64);
+ 	else
+ #endif
+ 		enter_smm_save_state_32(vcpu, &smram.smram32);
@@ -0,0 +1,98 @@
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
+From: Maxim Levitsky <mlevitsk@redhat.com>
+Date: Wed, 3 Aug 2022 18:50:09 +0300
+Subject: [PATCH] KVM: x86: SVM: use smram structs
+
+This removes the last user of put_smstate/GET_SMSTATE so
+remove these functions as well.
+
+Also add a sanity check that we don't attempt to enter the SMM
+on non long mode capable guest CPU with a running nested guest.
+
+Signed-off-by: Maxim Levitsky <mlevitsk@redhat.com>
+Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
+---
+ arch/x86/include/asm/kvm_host.h |  6 ------
+ arch/x86/kvm/svm/svm.c          | 21 ++++++---------------
+ 2 files changed, 6 insertions(+), 21 deletions(-)
+
+diff --git a/arch/x86/include/asm/kvm_host.h b/arch/x86/include/asm/kvm_host.h
+index cff765545738..143cd0b5d593 100644
+--- a/arch/x86/include/asm/kvm_host.h
+++ b/arch/x86/include/asm/kvm_host.h
+@@ -2044,12 +2044,6 @@ static inline int kvm_cpu_get_apicid(int mps_cpu)
+ #endif
+ }
+ 
+-#define put_smstate(type, buf, offset, val)                      \
+-	*(type *)((buf) + (offset) - 0x7e00) = val
+-
+-#define GET_SMSTATE(type, buf, offset)		\
+-	(*(type *)((buf) + (offset) - 0x7e00))
+-
+ int kvm_cpu_dirty_log_size(void);
+ 
+ int memslot_rmap_alloc(struct kvm_memory_slot *slot, unsigned long npages);
+diff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c
+index f7f58c4cf341..20f90c596d6a 100644
+--- a/arch/x86/kvm/svm/svm.c
+++ b/arch/x86/kvm/svm/svm.c
+@@ -4314,15 +4314,11 @@ static int svm_enter_smm(struct kvm_vcpu *vcpu, union kvm_smram *smram)
+ 	struct kvm_host_map map_save;
+ 	int ret;
+ 
+-	char *smstate = (char *)smram;
+-
+ 	if (!is_guest_mode(vcpu))
+ 		return 0;
+ 
+-	/* FED8h - SVM Guest */
+-	put_smstate(u64, smstate, 0x7ed8, 1);
+-	/* FEE0h - SVM Guest VMCB Physical Address */
+-	put_smstate(u64, smstate, 0x7ee0, svm->nested.vmcb12_gpa);
+	smram->smram64.svm_guest_flag = 1;
+	smram->smram64.svm_guest_vmcb_gpa = svm->nested.vmcb12_gpa;
+ 
+ 	svm->vmcb->save.rax = vcpu->arch.regs[VCPU_REGS_RAX];
+ 	svm->vmcb->save.rsp = vcpu->arch.regs[VCPU_REGS_RSP];
+@@ -4361,28 +4357,23 @@ static int svm_leave_smm(struct kvm_vcpu *vcpu, const union kvm_smram *smram)
+ {
+ 	struct vcpu_svm *svm = to_svm(vcpu);
+ 	struct kvm_host_map map, map_save;
+-	u64 saved_efer, vmcb12_gpa;
+ 	struct vmcb *vmcb12;
+ 	int ret;
+ 
+-	const char *smstate = (const char *)smram;
+-
+ 	if (!guest_cpuid_has(vcpu, X86_FEATURE_LM))
+ 		return 0;
+ 
+ 	/* Non-zero if SMI arrived while vCPU was in guest mode. */
+-	if (!GET_SMSTATE(u64, smstate, 0x7ed8))
+	if (!smram->smram64.svm_guest_flag)
+ 		return 0;
+ 
+ 	if (!guest_cpuid_has(vcpu, X86_FEATURE_SVM))
+ 		return 1;
+ 
+-	saved_efer = GET_SMSTATE(u64, smstate, 0x7ed0);
+-	if (!(saved_efer & EFER_SVME))
+	if (!(smram->smram64.efer & EFER_SVME))
+ 		return 1;
+ 
+-	vmcb12_gpa = GET_SMSTATE(u64, smstate, 0x7ee0);
+-	if (kvm_vcpu_map(vcpu, gpa_to_gfn(vmcb12_gpa), &map) == -EINVAL)
+	if (kvm_vcpu_map(vcpu, gpa_to_gfn(smram->smram64.svm_guest_vmcb_gpa), &map) == -EINVAL)
+ 		return 1;
+ 
+ 	ret = 1;
+@@ -4408,7 +4399,7 @@ static int svm_leave_smm(struct kvm_vcpu *vcpu, const union kvm_smram *smram)
+ 	vmcb12 = map.hva;
+ 	nested_copy_vmcb_control_to_cache(svm, &vmcb12->control);
+ 	nested_copy_vmcb_save_to_cache(svm, &vmcb12->save);
+-	ret = enter_svm_guest_mode(vcpu, vmcb12_gpa, vmcb12, false);
+	ret = enter_svm_guest_mode(vcpu, smram->smram64.svm_guest_vmcb_gpa, vmcb12, false);
+ 
+ 	if (ret)
+ 		goto unmap_save;
@@ -0,0 +1,40 @@
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
+From: Maxim Levitsky <mlevitsk@redhat.com>
+Date: Wed, 3 Aug 2022 18:50:10 +0300
+Subject: [PATCH] KVM: x86: SVM: don't save SVM state to SMRAM when VM is not
+ long mode capable
+
+When the guest CPUID doesn't have support for long mode, 32 bit SMRAM
+layout is used and it has no support for preserving EFER and/or SVM
+state.
+
+Note that this isn't relevant to running 32 bit guests on VM which is
+long mode capable - such VM can still run 32 bit guests in compatibility
+mode.
+
+Signed-off-by: Maxim Levitsky <mlevitsk@redhat.com>
+Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
+---
+ arch/x86/kvm/svm/svm.c | 9 +++++++++
+ 1 file changed, 9 insertions(+)
+
+diff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c
+index 20f90c596d6a..c816783737b0 100644
+--- a/arch/x86/kvm/svm/svm.c
+++ b/arch/x86/kvm/svm/svm.c
+@@ -4317,6 +4317,15 @@ static int svm_enter_smm(struct kvm_vcpu *vcpu, union kvm_smram *smram)
+ 	if (!is_guest_mode(vcpu))
+ 		return 0;
+ 
+	/*
+	 * 32 bit SMRAM format doesn't preserve EFER and SVM state.
+	 * SVM should not be enabled by the userspace without marking
+	 * the CPU as at least long mode capable.
+	 */
+
+	if (!guest_cpuid_has(vcpu, X86_FEATURE_LM))
+		return 1;
+
+ 	smram->smram64.svm_guest_flag = 1;
+ 	smram->smram64.svm_guest_vmcb_gpa = svm->nested.vmcb12_gpa;
+ 
@@ -0,0 +1,180 @@
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
+From: Maxim Levitsky <mlevitsk@redhat.com>
+Date: Wed, 3 Aug 2022 18:50:11 +0300
+Subject: [PATCH] KVM: x86: emulator/smm: preserve interrupt shadow in SMRAM
+
+When #SMI is asserted, the CPU can be in interrupt shadow
+due to sti or mov ss.
+
+It is not mandatory in  Intel/AMD prm to have the #SMI
+blocked during the shadow, and on top of
+that, since neither SVM nor VMX has true support for SMI
+window, waiting for one instruction would mean single stepping
+the guest.
+
+Instead, allow #SMI in this case, but both reset the interrupt
+window and stash its value in SMRAM to restore it on exit
+from SMM.
+
+This fixes rare failures seen mostly on windows guests on VMX,
+when #SMI falls on the sti instruction which mainfest in
+VM entry failure due to EFLAGS.IF not being set, but STI interrupt
+window still being set in the VMCS.
+
+Signed-off-by: Maxim Levitsky <mlevitsk@redhat.com>
+Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
+---
+ arch/x86/kvm/emulate.c     | 17 ++++++++++++++---
+ arch/x86/kvm/kvm_emulate.h | 10 ++++++----
+ arch/x86/kvm/x86.c         | 12 ++++++++++++
+ 3 files changed, 32 insertions(+), 7 deletions(-)
+
+diff --git a/arch/x86/kvm/emulate.c b/arch/x86/kvm/emulate.c
+index 5480b23112e3..4c9c9844d38f 100644
+--- a/arch/x86/kvm/emulate.c
+++ b/arch/x86/kvm/emulate.c
+@@ -2435,7 +2435,7 @@ static int rsm_load_state_32(struct x86_emulate_ctxt *ctxt,
+ 			     const struct kvm_smram_state_32 *smstate)
+ {
+ 	struct desc_ptr dt;
+-	int i;
+	int i, r;
+ 
+ 	ctxt->eflags =  smstate->eflags | X86_EFLAGS_FIXED;
+ 	ctxt->_eip =  smstate->eip;
+@@ -2470,8 +2470,16 @@ static int rsm_load_state_32(struct x86_emulate_ctxt *ctxt,
+ 
+ 	ctxt->ops->set_smbase(ctxt, smstate->smbase);
+ 
+-	return rsm_enter_protected_mode(ctxt, smstate->cr0,
+-					smstate->cr3, smstate->cr4);
+	r = rsm_enter_protected_mode(ctxt, smstate->cr0,
+				     smstate->cr3, smstate->cr4);
+
+	if (r != X86EMUL_CONTINUE)
+		return r;
+
+	ctxt->ops->set_int_shadow(ctxt, 0);
+	ctxt->interruptibility = (u8)smstate->int_shadow;
+
+	return X86EMUL_CONTINUE;
+ }
+ 
+ #ifdef CONFIG_X86_64
+@@ -2520,6 +2528,9 @@ static int rsm_load_state_64(struct x86_emulate_ctxt *ctxt,
+ 	rsm_load_seg_64(ctxt, &smstate->fs, VCPU_SREG_FS);
+ 	rsm_load_seg_64(ctxt, &smstate->gs, VCPU_SREG_GS);
+ 
+	ctxt->ops->set_int_shadow(ctxt, 0);
+	ctxt->interruptibility = (u8)smstate->int_shadow;
+
+ 	return X86EMUL_CONTINUE;
+ }
+ #endif
+diff --git a/arch/x86/kvm/kvm_emulate.h b/arch/x86/kvm/kvm_emulate.h
+index 04ac0cef8b57..d5707b3f254c 100644
+--- a/arch/x86/kvm/kvm_emulate.h
+++ b/arch/x86/kvm/kvm_emulate.h
+@@ -233,6 +233,7 @@ struct x86_emulate_ops {
+ 	bool (*guest_has_rdpid)(struct x86_emulate_ctxt *ctxt);
+ 
+ 	void (*set_nmi_mask)(struct x86_emulate_ctxt *ctxt, bool masked);
+	void (*set_int_shadow)(struct x86_emulate_ctxt *ctxt, u8 shadow);
+ 
+ 	unsigned (*get_hflags)(struct x86_emulate_ctxt *ctxt);
+ 	void (*exiting_smm)(struct x86_emulate_ctxt *ctxt);
+@@ -496,7 +497,8 @@ struct kvm_smram_state_32 {
+ 	u32 reserved1[62];
+ 	u32 smbase;
+ 	u32 smm_revision;
+-	u32 reserved2[5];
+	u32 reserved2[4];
+	u32 int_shadow; /* KVM extension */
+ 	u32 cr4; /* CR4 is not present in Intel/AMD SMRAM image */
+ 	u32 reserved3[5];
+ 
+@@ -544,6 +546,7 @@ static inline void __check_smram32_offsets(void)
+ 	__CHECK_SMRAM32_OFFSET(smbase,		0xFEF8);
+ 	__CHECK_SMRAM32_OFFSET(smm_revision,	0xFEFC);
+ 	__CHECK_SMRAM32_OFFSET(reserved2,	0xFF00);
+	__CHECK_SMRAM32_OFFSET(int_shadow,	0xFF10);
+ 	__CHECK_SMRAM32_OFFSET(cr4,		0xFF14);
+ 	__CHECK_SMRAM32_OFFSET(reserved3,	0xFF18);
+ 	__CHECK_SMRAM32_OFFSET(ds,		0xFF2C);
+@@ -603,7 +606,7 @@ struct kvm_smram_state_64 {
+ 	u64 io_restart_rsi;
+ 	u64 io_restart_rdi;
+ 	u32 io_restart_dword;
+-	u32 reserved1;
+	u32 int_shadow;
+ 	u8 io_inst_restart;
+ 	u8 auto_hlt_restart;
+ 	u8 reserved2[6];
+@@ -641,7 +644,6 @@ struct kvm_smram_state_64 {
+ 	u64 gprs[16]; /* GPRS in a reversed "natural" X86 order (R15/R14/../RCX/RAX.) */
+ };
+ 
+-
+ static inline void __check_smram64_offsets(void)
+ {
+ #define __CHECK_SMRAM64_OFFSET(field, offset) \
+@@ -662,7 +664,7 @@ static inline void __check_smram64_offsets(void)
+ 	__CHECK_SMRAM64_OFFSET(io_restart_rsi,		0xFEB0);
+ 	__CHECK_SMRAM64_OFFSET(io_restart_rdi,		0xFEB8);
+ 	__CHECK_SMRAM64_OFFSET(io_restart_dword,	0xFEC0);
+-	__CHECK_SMRAM64_OFFSET(reserved1,		0xFEC4);
+	__CHECK_SMRAM64_OFFSET(int_shadow,		0xFEC4);
+ 	__CHECK_SMRAM64_OFFSET(io_inst_restart,		0xFEC8);
+ 	__CHECK_SMRAM64_OFFSET(auto_hlt_restart,	0xFEC9);
+ 	__CHECK_SMRAM64_OFFSET(reserved2,		0xFECA);
+diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c
+index ada063ab8ae9..4050b34806ac 100644
+--- a/arch/x86/kvm/x86.c
+++ b/arch/x86/kvm/x86.c
+@@ -7930,6 +7930,11 @@ static void emulator_set_nmi_mask(struct x86_emulate_ctxt *ctxt, bool masked)
+ 	static_call(kvm_x86_set_nmi_mask)(emul_to_vcpu(ctxt), masked);
+ }
+ 
+static void emulator_set_int_shadow(struct x86_emulate_ctxt *ctxt, u8 shadow)
+{
+	 static_call(kvm_x86_set_interrupt_shadow)(emul_to_vcpu(ctxt), shadow);
+}
+
+ static unsigned emulator_get_hflags(struct x86_emulate_ctxt *ctxt)
+ {
+ 	return emul_to_vcpu(ctxt)->arch.hflags;
+@@ -8001,6 +8006,7 @@ static const struct x86_emulate_ops emulate_ops = {
+ 	.guest_has_fxsr      = emulator_guest_has_fxsr,
+ 	.guest_has_rdpid     = emulator_guest_has_rdpid,
+ 	.set_nmi_mask        = emulator_set_nmi_mask,
+	.set_int_shadow      = emulator_set_int_shadow,
+ 	.get_hflags          = emulator_get_hflags,
+ 	.exiting_smm         = emulator_exiting_smm,
+ 	.leave_smm           = emulator_leave_smm,
+@@ -9796,6 +9802,8 @@ static void enter_smm_save_state_32(struct kvm_vcpu *vcpu, struct kvm_smram_stat
+ 	smram->cr4 = kvm_read_cr4(vcpu);
+ 	smram->smm_revision = 0x00020000;
+ 	smram->smbase = vcpu->arch.smbase;
+
+	smram->int_shadow = static_call(kvm_x86_get_interrupt_shadow)(vcpu);
+ }
+ 
+ #ifdef CONFIG_X86_64
+@@ -9844,6 +9852,8 @@ static void enter_smm_save_state_64(struct kvm_vcpu *vcpu, struct kvm_smram_stat
+ 	enter_smm_save_seg_64(vcpu, &smram->ds, VCPU_SREG_DS);
+ 	enter_smm_save_seg_64(vcpu, &smram->fs, VCPU_SREG_FS);
+ 	enter_smm_save_seg_64(vcpu, &smram->gs, VCPU_SREG_GS);
+
+	smram->int_shadow = static_call(kvm_x86_get_interrupt_shadow)(vcpu);
+ }
+ #endif
+ 
+@@ -9880,6 +9890,8 @@ static void enter_smm(struct kvm_vcpu *vcpu)
+ 	kvm_set_rflags(vcpu, X86_EFLAGS_FIXED);
+ 	kvm_rip_write(vcpu, 0x8000);
+ 
+	static_call(kvm_x86_set_interrupt_shadow)(vcpu, 0);
+
+ 	cr0 = vcpu->arch.cr0 & ~(X86_CR0_PE | X86_CR0_EM | X86_CR0_TS | X86_CR0_PG);
+ 	static_call(kvm_x86_set_cr0)(vcpu, cr0);
+ 	vcpu->arch.cr0 = cr0;
Author	SHA1	Message	Date
Thomas Lamprecht	35fcdb4df4	update ABI file for 5.19.17-2-pve (generated with debian/scripts/abi-generate) Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>	2023-01-28 16:55:50 +01:00
Thomas Lamprecht	d9c8122ccc	bump version to 5.19.17-2 Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>	2023-01-28 16:55:47 +01:00
Thomas Lamprecht	1d6ab3c1ca	update to Ubuntu-5.19.0-31.32 Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>	2023-01-28 16:38:52 +01:00
Thomas Lamprecht	16f4d03eb4	update patches for Ubuntu-5.19.0-31.32 Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>	2023-01-28 16:38:25 +01:00
Thomas Lamprecht	0141ea157c	make submodule name itself also generic Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>	2023-01-28 16:26:32 +01:00
Thomas Lamprecht	0ffb6ba51a	update ZFS to 2.1.9 Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>	2023-01-28 16:23:39 +01:00