diff --git a/.github/dependabot.yml b/.github/dependabot.yml
index 23e7efeba..625d6d590 100644
--- a/.github/dependabot.yml
+++ b/.github/dependabot.yml
@@ -49,6 +49,18 @@ updates:
     labels:
       - rebase
       - ci/skip/e2e
+      - ci/skip/multi-arch-build
+    commit-message:
+      prefix: "rebase"
+  - package-ecosystem: "gomod"
+    directory: "/api"
+    schedule:
+      interval: "weekly"
+    rebase-strategy: "disabled"
+    labels:
+      - rebase
+      - ci/skip/e2e
+      - ci/skip/multi-arch-build
     commit-message:
       prefix: "rebase"
   - package-ecosystem: "github-actions"
diff --git a/.github/workflows/commitlint.yaml b/.github/workflows/commitlint.yaml
index 05338adac..bc637a600 100644
--- a/.github/workflows/commitlint.yaml
+++ b/.github/workflows/commitlint.yaml
@@ -11,7 +11,7 @@ permissions:
 jobs:
   commitlint:
     name: commitlint
-    if: ${{ github.actor != 'dependabot[bot]' }}
+    if: ${{ github.event.pull_request.user.login != 'dependabot[bot]' }}
     runs-on: ubuntu-latest
     steps:
       - uses: actions/checkout@v3
diff --git a/.github/workflows/pull-request-commentor.yaml b/.github/workflows/pull-request-commentor.yaml
index f9084fa25..eaf85e44b 100644
--- a/.github/workflows/pull-request-commentor.yaml
+++ b/.github/workflows/pull-request-commentor.yaml
@@ -113,3 +113,14 @@ jobs:
           issue-number: ${{ github.event.pull_request.number }}
           body: |
             /test ci/centos/upgrade-tests-rbd
+
+      - name: remove ok-to-test-label after commenting
+        uses: actions/github-script@v6
+        with:
+          script: |
+            github.rest.issues.removeLabel({
+              issue_number: context.issue.number,
+              owner: context.repo.owner,
+              repo: context.repo.repo,
+              name: ["ok-to-test"]
+            })
diff --git a/.github/workflows/test-retest-action.yaml b/.github/workflows/test-retest-action.yaml
index 3d732370d..08bbb735a 100644
--- a/.github/workflows/test-retest-action.yaml
+++ b/.github/workflows/test-retest-action.yaml
@@ -4,6 +4,9 @@ name: test-retest-action
 on:
   pull_request:
     branches: [devel]
+    paths:
+      - 'actions/retest/**'
+      - '.github/workflows/test-retest-action.yaml'
 
 permissions:
   contents: read
diff --git a/.mergify.yml b/.mergify.yml
index edb5e9ea3..9b5a2281a 100644
--- a/.mergify.yml
+++ b/.mergify.yml
@@ -50,6 +50,8 @@ pull_request_rules:
     conditions:
       - base~=^(devel)|(release-.+)$
       - "check-pending=Queue: Embarked in merge train"
+      - not:
+          check-pending~=^ci/centos
     actions:
       label:
         add:
@@ -73,9 +75,6 @@ pull_request_rules:
         message: "This pull request now has conflicts with the target branch.
         Could you please resolve conflicts and force push the corrected
         changes? 🙏"
-      label:
-        remove:
-          - ok-to-test
 
   - name: update dependencies by dependabot (skip commitlint)
     conditions:
@@ -108,9 +107,6 @@ pull_request_rules:
       queue:
         name: default
       delete_head_branch: {}
-      label:
-        remove:
-          - ok-to-test
 
   - name: dismiss review of merged pull request
     conditions:
@@ -118,9 +114,6 @@ pull_request_rules:
       - merged
     actions:
       dismiss_reviews: {}
-      label:
-        remove:
-          - ok-to-test
 
   - name: automatic merge
     conditions:
@@ -153,9 +146,6 @@ pull_request_rules:
       queue:
         name: default
       delete_head_branch: {}
-      label:
-        remove:
-          - ok-to-test
 
   - name: automatic merge PR having ready-to-merge label
     conditions:
@@ -187,9 +177,6 @@ pull_request_rules:
       queue:
         name: default
       delete_head_branch: {}
-      label:
-        remove:
-          - ok-to-test
 
   - name: backport patches to release-v3.6 branch
     conditions:
@@ -247,9 +234,6 @@ pull_request_rules:
       queue:
         name: default
       delete_head_branch: {}
-      label:
-        remove:
-          - ok-to-test
 
   ##
   ## Automatically set/remove labels
diff --git a/actions/retest/go.mod b/actions/retest/go.mod
index ba68adbb7..5b82e919b 100644
--- a/actions/retest/go.mod
+++ b/actions/retest/go.mod
@@ -4,13 +4,13 @@ go 1.18
 
 require (
 	github.com/google/go-github v17.0.0+incompatible
-	golang.org/x/oauth2 v0.4.0
+	golang.org/x/oauth2 v0.5.0
 )
 
 require (
 	github.com/golang/protobuf v1.5.2 // indirect
 	github.com/google/go-querystring v1.1.0 // indirect
-	golang.org/x/net v0.5.0 // indirect
+	golang.org/x/net v0.7.0 // indirect
 	google.golang.org/appengine v1.6.7 // indirect
 	google.golang.org/protobuf v1.28.1 // indirect
 )
diff --git a/actions/retest/go.sum b/actions/retest/go.sum
index 5138e091b..fa57cc2b0 100644
--- a/actions/retest/go.sum
+++ b/actions/retest/go.sum
@@ -11,10 +11,10 @@ github.com/google/go-querystring v1.1.0 h1:AnCroh3fv4ZBgVIf1Iwtovgjaw/GiKJo8M8yD
 github.com/google/go-querystring v1.1.0/go.mod h1:Kcdr2DB4koayq7X8pmAG4sNG59So17icRSOU623lUBU=
 golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
 golang.org/x/net v0.0.0-20190603091049-60506f45cf65/go.mod h1:HSz+uSET+XFnRR8LxR5pz3Of3rY3CfYBVs4xY44aLks=
-golang.org/x/net v0.5.0 h1:GyT4nK/YDHSqa1c4753ouYCDajOYKTja9Xb/OHtgvSw=
-golang.org/x/net v0.5.0/go.mod h1:DivGGAXEgPSlEBzxGzZI+ZLohi+xUj054jfeKui00ws=
-golang.org/x/oauth2 v0.4.0 h1:NF0gk8LVPg1Ml7SSbGyySuoxdsXitj7TvgvuRxIMc/M=
-golang.org/x/oauth2 v0.4.0/go.mod h1:RznEsdpjGAINPTOF0UH/t+xJ75L18YO3Ho6Pyn+uRec=
+golang.org/x/net v0.7.0 h1:rJrUqqhjsgNp7KqAIc25s9pZnjU7TUcSY7HcVZjdn1g=
+golang.org/x/net v0.7.0/go.mod h1:2Tu9+aMcznHK/AK1HMvgo6xiTLG5rD5rZLDS+rp2Bjs=
+golang.org/x/oauth2 v0.5.0 h1:HuArIo48skDwlrvM3sEdHXElYslAMsf3KwRkkW4MC4s=
+golang.org/x/oauth2 v0.5.0/go.mod h1:9/XBHVqLaWO3/BRHs5jbpYCnOZVjj5V0ndyaAM7KB4I=
 golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
 golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
 golang.org/x/text v0.3.2/go.mod h1:bEr9sfX3Q8Zfm5fL9x+3itogRgK3+ptLWKqgva+5dAk=
diff --git a/actions/retest/vendor/golang.org/x/net/context/ctxhttp/ctxhttp.go b/actions/retest/vendor/golang.org/x/net/context/ctxhttp/ctxhttp.go
deleted file mode 100644
index 37dc0cfdb..000000000
--- a/actions/retest/vendor/golang.org/x/net/context/ctxhttp/ctxhttp.go
+++ /dev/null
@@ -1,71 +0,0 @@
-// Copyright 2016 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-// Package ctxhttp provides helper functions for performing context-aware HTTP requests.
-package ctxhttp // import "golang.org/x/net/context/ctxhttp"
-
-import (
-	"context"
-	"io"
-	"net/http"
-	"net/url"
-	"strings"
-)
-
-// Do sends an HTTP request with the provided http.Client and returns
-// an HTTP response.
-//
-// If the client is nil, http.DefaultClient is used.
-//
-// The provided ctx must be non-nil. If it is canceled or times out,
-// ctx.Err() will be returned.
-func Do(ctx context.Context, client *http.Client, req *http.Request) (*http.Response, error) {
-	if client == nil {
-		client = http.DefaultClient
-	}
-	resp, err := client.Do(req.WithContext(ctx))
-	// If we got an error, and the context has been canceled,
-	// the context's error is probably more useful.
-	if err != nil {
-		select {
-		case <-ctx.Done():
-			err = ctx.Err()
-		default:
-		}
-	}
-	return resp, err
-}
-
-// Get issues a GET request via the Do function.
-func Get(ctx context.Context, client *http.Client, url string) (*http.Response, error) {
-	req, err := http.NewRequest("GET", url, nil)
-	if err != nil {
-		return nil, err
-	}
-	return Do(ctx, client, req)
-}
-
-// Head issues a HEAD request via the Do function.
-func Head(ctx context.Context, client *http.Client, url string) (*http.Response, error) {
-	req, err := http.NewRequest("HEAD", url, nil)
-	if err != nil {
-		return nil, err
-	}
-	return Do(ctx, client, req)
-}
-
-// Post issues a POST request via the Do function.
-func Post(ctx context.Context, client *http.Client, url string, bodyType string, body io.Reader) (*http.Response, error) {
-	req, err := http.NewRequest("POST", url, body)
-	if err != nil {
-		return nil, err
-	}
-	req.Header.Set("Content-Type", bodyType)
-	return Do(ctx, client, req)
-}
-
-// PostForm issues a POST request via the Do function.
-func PostForm(ctx context.Context, client *http.Client, url string, data url.Values) (*http.Response, error) {
-	return Post(ctx, client, url, "application/x-www-form-urlencoded", strings.NewReader(data.Encode()))
-}
diff --git a/actions/retest/vendor/golang.org/x/oauth2/internal/token.go b/actions/retest/vendor/golang.org/x/oauth2/internal/token.go
index 355c38696..b4723fcac 100644
--- a/actions/retest/vendor/golang.org/x/oauth2/internal/token.go
+++ b/actions/retest/vendor/golang.org/x/oauth2/internal/token.go
@@ -19,8 +19,6 @@ import (
 	"strings"
 	"sync"
 	"time"
-
-	"golang.org/x/net/context/ctxhttp"
 )
 
 // Token represents the credentials used to authorize
@@ -229,7 +227,7 @@ func RetrieveToken(ctx context.Context, clientID, clientSecret, tokenURL string,
 }
 
 func doTokenRoundTrip(ctx context.Context, req *http.Request) (*Token, error) {
-	r, err := ctxhttp.Do(ctx, ContextClient(ctx), req)
+	r, err := ContextClient(ctx).Do(req.WithContext(ctx))
 	if err != nil {
 		return nil, err
 	}
diff --git a/actions/retest/vendor/modules.txt b/actions/retest/vendor/modules.txt
index 3f715538b..3776cef19 100644
--- a/actions/retest/vendor/modules.txt
+++ b/actions/retest/vendor/modules.txt
@@ -7,11 +7,10 @@ github.com/google/go-github/github
 # github.com/google/go-querystring v1.1.0
 ## explicit; go 1.10
 github.com/google/go-querystring/query
-# golang.org/x/net v0.5.0
+# golang.org/x/net v0.7.0
 ## explicit; go 1.17
 golang.org/x/net/context
-golang.org/x/net/context/ctxhttp
-# golang.org/x/oauth2 v0.4.0
+# golang.org/x/oauth2 v0.5.0
 ## explicit; go 1.17
 golang.org/x/oauth2
 golang.org/x/oauth2/internal
diff --git a/api/go.mod b/api/go.mod
index 6290ce72c..18ab6fe78 100644
--- a/api/go.mod
+++ b/api/go.mod
@@ -5,26 +5,25 @@ go 1.18
 require (
 	github.com/ghodss/yaml v1.0.0
 	github.com/openshift/api v0.0.0-20210927171657-636513e97fda
-	github.com/stretchr/testify v1.8.0
-	k8s.io/api v0.25.4
+	github.com/stretchr/testify v1.8.1
+	k8s.io/api v0.26.1
 )
 
 require (
 	github.com/davecgh/go-spew v1.1.1 // indirect
 	github.com/go-logr/logr v1.2.3 // indirect
 	github.com/gogo/protobuf v1.3.2 // indirect
-	github.com/google/go-cmp v0.5.9 // indirect
 	github.com/google/gofuzz v1.2.0 // indirect
 	github.com/json-iterator/go v1.1.12 // indirect
 	github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd // indirect
 	github.com/modern-go/reflect2 v1.0.2 // indirect
 	github.com/pmezard/go-difflib v1.0.0 // indirect
-	golang.org/x/net v0.2.0 // indirect
-	golang.org/x/text v0.4.0 // indirect
+	golang.org/x/net v0.7.0 // indirect
+	golang.org/x/text v0.7.0 // indirect
 	gopkg.in/inf.v0 v0.9.1 // indirect
 	gopkg.in/yaml.v2 v2.4.0 // indirect
 	gopkg.in/yaml.v3 v3.0.1 // indirect
-	k8s.io/apimachinery v0.25.4 // indirect
+	k8s.io/apimachinery v0.26.1 // indirect
 	k8s.io/klog/v2 v2.80.1 // indirect
 	k8s.io/utils v0.0.0-20221108210102-8e77b1f39fe2 // indirect
 	sigs.k8s.io/json v0.0.0-20220713155537-f223a00ba0e2 // indirect
diff --git a/api/go.sum b/api/go.sum
index aced971e5..9d6511527 100644
--- a/api/go.sum
+++ b/api/go.sum
@@ -59,7 +59,6 @@ github.com/google/go-cmp v0.3.1/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMyw
 github.com/google/go-cmp v0.4.0/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
 github.com/google/go-cmp v0.5.5/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
 github.com/google/go-cmp v0.5.9 h1:O2Tfq5qg4qc4AmwVlvv0oLiVAGB7enBSJ2x2DqQFi38=
-github.com/google/go-cmp v0.5.9/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY=
 github.com/google/gofuzz v1.0.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg=
 github.com/google/gofuzz v1.1.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg=
 github.com/google/gofuzz v1.2.0 h1:xRy4A+RhZaiKjJ1bPfwQ8sedCA+YS2YcCHW6ec7JMi0=
@@ -123,13 +122,15 @@ github.com/spf13/pflag v1.0.5/go.mod h1:McXfInJRrz4CZXVZOBLb0bTZqETkiAhM9Iw0y3An
 github.com/stoewer/go-strcase v1.2.0/go.mod h1:IBiWB2sKIp3wVVQ3Y035++gc+knqhUQag1KpM8ahLw8=
 github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
 github.com/stretchr/objx v0.4.0/go.mod h1:YvHI0jy2hoMjB+UWwv71VJQ9isScKT/TqJzVSSt89Yw=
+github.com/stretchr/objx v0.5.0/go.mod h1:Yh+to48EsGEfYuaHDzXPcE3xhTkx73EhmCGUpEOglKo=
 github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI=
 github.com/stretchr/testify v1.5.1/go.mod h1:5W2xD1RspED5o8YsWQXVCued0rvSQ+mT+I5cxcmMvtA=
 github.com/stretchr/testify v1.6.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
 github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
 github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
-github.com/stretchr/testify v1.8.0 h1:pSgiaMZlXftHpm5L7V1+rVB+AZJydKsMxsQBIJw4PKk=
 github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU=
+github.com/stretchr/testify v1.8.1 h1:w7B6lhMri9wdJUVmEZPGGhZzrYTPvgJArz7wNPgYKsk=
+github.com/stretchr/testify v1.8.1/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4=
 github.com/yuin/goldmark v1.1.27/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74=
 github.com/yuin/goldmark v1.2.1/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74=
 github.com/yuin/goldmark v1.3.5/go.mod h1:mwnBkeHKe2W/ZEtQ+71ViKU8L12m81fl3OWwC1Zlc8k=
@@ -158,8 +159,8 @@ golang.org/x/net v0.0.0-20200520004742-59133d7f0dd7/go.mod h1:qpuaurCH72eLCgpAm/
 golang.org/x/net v0.0.0-20201021035429-f5854403a974/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU=
 golang.org/x/net v0.0.0-20210405180319-a5a99cb37ef4/go.mod h1:p54w0d4576C0XHj96bSt6lcn1PtDYWL6XObtHCRCNQM=
 golang.org/x/net v0.0.0-20210520170846-37e1c6afe023/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y=
-golang.org/x/net v0.2.0 h1:sZfSu1wtKLGlWI4ZZayP0ck9Y73K1ynO6gqzTdBVdPU=
-golang.org/x/net v0.2.0/go.mod h1:KqCZLdyyvdV855qA2rE3GC2aiw5xGR5TEjj8smXukLY=
+golang.org/x/net v0.7.0 h1:rJrUqqhjsgNp7KqAIc25s9pZnjU7TUcSY7HcVZjdn1g=
+golang.org/x/net v0.7.0/go.mod h1:2Tu9+aMcznHK/AK1HMvgo6xiTLG5rD5rZLDS+rp2Bjs=
 golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U=
 golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sync v0.0.0-20181108010431-42b317875d0f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
@@ -188,8 +189,8 @@ golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
 golang.org/x/text v0.3.2/go.mod h1:bEr9sfX3Q8Zfm5fL9x+3itogRgK3+ptLWKqgva+5dAk=
 golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
 golang.org/x/text v0.3.6/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
-golang.org/x/text v0.4.0 h1:BrVqGRd7+k1DiOgtnFvAkoQEWQvBc25ouMJM6429SFg=
-golang.org/x/text v0.4.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8=
+golang.org/x/text v0.7.0 h1:4BRB4x83lYWy72KwLD/qYDuTu7q9PjSagHvijDw7cLo=
+golang.org/x/text v0.7.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8=
 golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
 golang.org/x/tools v0.0.0-20190114222345-bf090417da8b/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
 golang.org/x/tools v0.0.0-20190226205152-f727befe758c/go.mod h1:9Yl7xja0Znq3iFh3HoIrodX9oNMXvdceNzlUR8zjMvY=
@@ -250,11 +251,11 @@ gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
 honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4=
 honnef.co/go/tools v0.0.0-20190523083050-ea95bdfd59fc/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4=
 k8s.io/api v0.22.1/go.mod h1:bh13rkTp3F1XEaLGykbyRD2QaTTzPm0e/BMd8ptFONY=
-k8s.io/api v0.25.4 h1:3YO8J4RtmG7elEgaWMb4HgmpS2CfY1QlaOz9nwB+ZSs=
-k8s.io/api v0.25.4/go.mod h1:IG2+RzyPQLllQxnhzD8KQNEu4c4YvyDTpSMztf4A0OQ=
+k8s.io/api v0.26.1 h1:f+SWYiPd/GsiWwVRz+NbFyCgvv75Pk9NK6dlkZgpCRQ=
+k8s.io/api v0.26.1/go.mod h1:xd/GBNgR0f707+ATNyPmQ1oyKSgndzXij81FzWGsejg=
 k8s.io/apimachinery v0.22.1/go.mod h1:O3oNtNadZdeOMxHFVxOreoznohCpy0z6mocxbZr7oJ0=
-k8s.io/apimachinery v0.25.4 h1:CtXsuaitMESSu339tfhVXhQrPET+EiWnIY1rcurKnAc=
-k8s.io/apimachinery v0.25.4/go.mod h1:jaF9C/iPNM1FuLl7Zuy5b9v+n35HGSh6AQ4HYRkCqwo=
+k8s.io/apimachinery v0.26.1 h1:8EZ/eGJL+hY/MYCNwhmDzVqq2lPl3N3Bo8rvweJwXUQ=
+k8s.io/apimachinery v0.26.1/go.mod h1:tnPmbONNJ7ByJNz9+n9kMjNP8ON+1qoAIIC70lztu74=
 k8s.io/code-generator v0.22.1/go.mod h1:eV77Y09IopzeXOJzndrDyCI88UBok2h6WxAlBwpxa+o=
 k8s.io/gengo v0.0.0-20200413195148-3a45101e95ac/go.mod h1:ezvh/TsK7cY6rbqRK0oQQ8IAqLxYwwyPxAX1Pzy0ii0=
 k8s.io/gengo v0.0.0-20201214224949-b6c5ce23f027/go.mod h1:FiNAH4ZV3gBg2Kwh89tzAEV2be7d5xI0vBa/VySYy3E=
@@ -272,5 +273,5 @@ sigs.k8s.io/structured-merge-diff/v4 v4.0.2/go.mod h1:bJZC9H9iH24zzfZ/41RGcq60oK
 sigs.k8s.io/structured-merge-diff/v4 v4.1.2/go.mod h1:j/nl6xW8vLS49O8YvXW1ocPhZawJtm+Yrr7PPRQ0Vg4=
 sigs.k8s.io/structured-merge-diff/v4 v4.2.3 h1:PRbqxJClWWYMNV1dhaG4NsibJbArud9kFxnAMREiWFE=
 sigs.k8s.io/structured-merge-diff/v4 v4.2.3/go.mod h1:qjx8mGObPmV2aSZepjQjbmb2ihdVs8cGKBraizNC69E=
-sigs.k8s.io/yaml v1.2.0 h1:kr/MCeFWJWTwyaHoR9c8EjH9OumOmoF9YGiZd7lFm/Q=
 sigs.k8s.io/yaml v1.2.0/go.mod h1:yfXDCHCao9+ENCvLSE62v9VSji2MKu5jeNfTrofGhJc=
+sigs.k8s.io/yaml v1.3.0 h1:a2VclLzOGrwOHDiV8EfBGhvjHvP46CtW5j6POvhYGGo=
diff --git a/docs/deploy-cephfs.md b/docs/deploy-cephfs.md
index d90fcec2d..8f2bca2a2 100644
--- a/docs/deploy-cephfs.md
+++ b/docs/deploy-cephfs.md
@@ -70,7 +70,7 @@ you're running it inside a k8s cluster and find the config itself).
 | `pool`                                                                                              | no             | Ceph pool into which volume data shall be stored                                                                                                                                                                        |
 | `volumeNamePrefix`                                                                                  | no             | Prefix to use for naming subvolumes (defaults to `csi-vol-`).                                                                                                                                                           |
 | `snapshotNamePrefix`                                                                                | no             | Prefix to use for naming snapshots (defaults to `csi-snap-`)                                                                                                                                                            |
-| `backingSnapshot`                                                                                   | no             | Boolean value. The PVC shall be backed by the CephFS snapshot specified in its data source. `pool` parameter must not be specified. (defaults to `false`)                                                               |
+| `backingSnapshot`                                                                                   | no             | Boolean value. The PVC shall be backed by the CephFS snapshot specified in its data source. `pool` parameter must not be specified. (defaults to `true`)                                                               |
 | `kernelMountOptions`                                                                                | no             | Comma separated string of mount options accepted by cephfs kernel mounter, by default no options are passed. Check man mount.ceph for options.                                                                          |
 | `fuseMountOptions`                                                                                  | no             | Comma separated string of mount options accepted by ceph-fuse mounter, by default no options are passed.                                                                                                                |
 | `csi.storage.k8s.io/provisioner-secret-name`, `csi.storage.k8s.io/node-stage-secret-name`           | for Kubernetes | Name of the Kubernetes Secret object containing Ceph client credentials. Both parameters should have the same value                                                                                                     |
diff --git a/e2e/cephfs.go b/e2e/cephfs.go
index 8311b76e1..37a09b85f 100644
--- a/e2e/cephfs.go
+++ b/e2e/cephfs.go
@@ -1617,8 +1617,8 @@ var _ = Describe(cephfsType, func() {
 						if err != nil {
 							framework.Failf("failed to delete CephFS storageclass: %v", err)
 						}
+
 						err = createCephfsStorageClass(f.ClientSet, f, false, map[string]string{
-							"backingSnapshot": "true",
 							"encrypted":       "true",
 							"encryptionKMSID": kmsID,
 						})
@@ -1759,17 +1759,6 @@ var _ = Describe(cephfsType, func() {
 					framework.Failf("failed to get SHA512 sum for file: %v", err)
 				}
 
-				err = deleteResource(cephFSExamplePath + "storageclass.yaml")
-				if err != nil {
-					framework.Failf("failed to delete CephFS storageclass: %v", err)
-				}
-				err = createCephfsStorageClass(f.ClientSet, f, false, map[string]string{
-					"backingSnapshot": "true",
-				})
-				if err != nil {
-					framework.Failf("failed to create CephFS storageclass: %v", err)
-				}
-
 				pvcClone, err := loadPVC(pvcClonePath)
 				if err != nil {
 					framework.Failf("failed to load PVC: %v", err)
@@ -1838,6 +1827,141 @@ var _ = Describe(cephfsType, func() {
 				}
 			})
 
+			By("checking snapshot-backed volume by backing snapshot as false", func() {
+				pvc, err := loadPVC(pvcPath)
+				if err != nil {
+					framework.Failf("failed to load PVC: %v", err)
+				}
+				pvc.Namespace = f.UniqueName
+				err = createPVCAndvalidatePV(f.ClientSet, pvc, deployTimeout)
+				if err != nil {
+					framework.Failf("failed to create PVC: %v", err)
+				}
+
+				_, pv, err := getPVCAndPV(f.ClientSet, pvc.Name, pvc.Namespace)
+				if err != nil {
+					framework.Failf("failed to get PV object for %s: %v", pvc.Name, err)
+				}
+
+				app, err := loadApp(appPath)
+				if err != nil {
+					framework.Failf("failed to load application: %v", err)
+				}
+				app.Namespace = f.UniqueName
+				app.Spec.Volumes[0].PersistentVolumeClaim.ClaimName = pvc.Name
+				appLabels := map[string]string{
+					appKey: appLabel,
+				}
+				app.Labels = appLabels
+				optApp := metav1.ListOptions{
+					LabelSelector: fmt.Sprintf("%s=%s", appKey, appLabels[appKey]),
+				}
+				err = writeDataInPod(app, &optApp, f)
+				if err != nil {
+					framework.Failf("failed to write data: %v", err)
+				}
+
+				appTestFilePath := app.Spec.Containers[0].VolumeMounts[0].MountPath + "/test"
+
+				snap := getSnapshot(snapshotPath)
+				snap.Namespace = f.UniqueName
+				snap.Spec.Source.PersistentVolumeClaimName = &pvc.Name
+				err = createSnapshot(&snap, deployTimeout)
+				if err != nil {
+					framework.Failf("failed to create snapshot: %v", err)
+				}
+				validateCephFSSnapshotCount(f, 1, subvolumegroup, pv)
+
+				err = appendToFileInContainer(f, app, appTestFilePath, "hello", &optApp)
+				if err != nil {
+					framework.Failf("failed to append data: %v", err)
+				}
+
+				parentFileSum, err := calculateSHA512sum(f, app, appTestFilePath, &optApp)
+				if err != nil {
+					framework.Failf("failed to get SHA512 sum for file: %v", err)
+				}
+
+				err = deleteResource(cephFSExamplePath + "storageclass.yaml")
+				if err != nil {
+					framework.Failf("failed to delete CephFS storageclass: %v", err)
+				}
+
+				err = createCephfsStorageClass(f.ClientSet, f, false, map[string]string{
+					"backingSnapshot": "false",
+				})
+				if err != nil {
+					framework.Failf("failed to create CephFS storageclass: %v", err)
+				}
+
+				pvcClone, err := loadPVC(pvcClonePath)
+				if err != nil {
+					framework.Failf("failed to load PVC: %v", err)
+				}
+				// Snapshot-backed volumes support read-only access modes only.
+				pvcClone.Spec.AccessModes = []v1.PersistentVolumeAccessMode{v1.ReadOnlyMany}
+				appClone, err := loadApp(appClonePath)
+				if err != nil {
+					framework.Failf("failed to load application: %v", err)
+				}
+				appCloneLabels := map[string]string{
+					appKey: appCloneLabel,
+				}
+				appClone.Labels = appCloneLabels
+				optAppClone := metav1.ListOptions{
+					LabelSelector: fmt.Sprintf("%s=%s", appKey, appCloneLabels[appKey]),
+				}
+				pvcClone.Namespace = f.UniqueName
+				appClone.Namespace = f.UniqueName
+				err = createPVCAndApp("", f, pvcClone, appClone, deployTimeout)
+				if err != nil {
+					framework.Failf("failed to create PVC and app: %v", err)
+				}
+
+				validateSubvolumeCount(f, 2, fileSystemName, subvolumegroup)
+
+				// Deleting snapshot before deleting pvcClone should succeed. It will be
+				// deleted once all volumes that are backed by this snapshot are gone.
+				err = deleteSnapshot(&snap, deployTimeout)
+				if err != nil {
+					framework.Failf("failed to delete snapshot: %v", err)
+				}
+				validateCephFSSnapshotCount(f, 0, subvolumegroup, pv)
+
+				appCloneTestFilePath := appClone.Spec.Containers[0].VolumeMounts[0].MountPath + "/test"
+
+				snapFileSum, err := calculateSHA512sum(f, appClone, appCloneTestFilePath, &optAppClone)
+				if err != nil {
+					framework.Failf("failed to get SHA512 sum for file: %v", err)
+				}
+
+				if parentFileSum == snapFileSum {
+					framework.Failf("SHA512 sums of files in parent subvol and snapshot should differ")
+				}
+
+				err = deletePVCAndApp("", f, pvcClone, appClone)
+				if err != nil {
+					framework.Failf("failed to delete PVC or application: %v", err)
+				}
+
+				validateCephFSSnapshotCount(f, 0, subvolumegroup, pv)
+
+				err = deletePVCAndApp("", f, pvc, app)
+				if err != nil {
+					framework.Failf("failed to delete PVC or application: %v", err)
+				}
+
+				err = deleteResource(cephFSExamplePath + "storageclass.yaml")
+				if err != nil {
+					framework.Failf("failed to delete CephFS storageclass: %v", err)
+				}
+
+				err = createCephfsStorageClass(f.ClientSet, f, false, nil)
+				if err != nil {
+					framework.Failf("failed to create CephFS storageclass: %v", err)
+				}
+			})
+
 			if testCephFSFscrypt {
 				kmsToTest := map[string]kmsConfig{
 					"secrets-metadata-test": secretsMetadataKMS,
diff --git a/examples/cephfs/storageclass.yaml b/examples/cephfs/storageclass.yaml
index 4dab9ea2d..4c16bc2e7 100644
--- a/examples/cephfs/storageclass.yaml
+++ b/examples/cephfs/storageclass.yaml
@@ -49,8 +49,8 @@ parameters:
 
   # (optional) Boolean value. The PVC shall be backed by the CephFS snapshot
   # specified in its data source. `pool` parameter must not be specified.
-  # (defaults to `false`)
-  # backingSnapshot: "true"
+  # (defaults to `true`)
+  # backingSnapshot: "false"
 
   # (optional) Instruct the plugin it has to encrypt the volume
   # By default it is disabled. Valid values are "true" or "false".
diff --git a/go.mod b/go.mod
index 3df37c29a..40f20834b 100644
--- a/go.mod
+++ b/go.mod
@@ -8,7 +8,7 @@ require (
 	github.com/aws/aws-sdk-go-v2/service/sts v1.18.3
 	github.com/ceph/ceph-csi/api v0.0.0-00010101000000-000000000000
 	// TODO: API for managing subvolume metadata and snapshot metadata requires `ceph_ci_untested` build-tag
-	github.com/ceph/go-ceph v0.19.0
+	github.com/ceph/go-ceph v0.20.0
 	github.com/container-storage-interface/spec v1.7.0
 	github.com/csi-addons/replication-lib-utils v0.2.0
 	github.com/csi-addons/spec v0.1.2-0.20221101132540-98eff76b0ff8
@@ -19,17 +19,17 @@ require (
 	github.com/grpc-ecosystem/go-grpc-middleware v1.3.0
 	github.com/grpc-ecosystem/go-grpc-prometheus v1.2.0
 	github.com/hashicorp/vault/api v1.9.0
-	github.com/kubernetes-csi/csi-lib-utils v0.11.0
+	github.com/kubernetes-csi/csi-lib-utils v0.13.0
 	github.com/kubernetes-csi/external-snapshotter/client/v6 v6.2.0
 	github.com/libopenstorage/secrets v0.0.0-20210908194121-a1d19aa9713a
-	github.com/onsi/ginkgo/v2 v2.8.0
-	github.com/onsi/gomega v1.26.0
+	github.com/onsi/ginkgo/v2 v2.8.1
+	github.com/onsi/gomega v1.27.1
 	github.com/pkg/xattr v0.4.9
 	github.com/prometheus/client_golang v1.14.0
 	github.com/stretchr/testify v1.8.1
-	golang.org/x/crypto v0.5.0
-	golang.org/x/net v0.5.0
-	golang.org/x/sys v0.4.0
+	golang.org/x/crypto v0.6.0
+	golang.org/x/net v0.7.0
+	golang.org/x/sys v0.5.0
 	google.golang.org/grpc v1.53.0
 	google.golang.org/protobuf v1.28.1
 	k8s.io/api v0.26.1
@@ -138,8 +138,8 @@ require (
 	go.uber.org/multierr v1.8.0 // indirect
 	go.uber.org/zap v1.24.0 // indirect
 	golang.org/x/oauth2 v0.4.0 // indirect
-	golang.org/x/term v0.4.0 // indirect
-	golang.org/x/text v0.6.0 // indirect
+	golang.org/x/term v0.5.0 // indirect
+	golang.org/x/text v0.7.0 // indirect
 	golang.org/x/time v0.3.0 // indirect
 	gomodules.xyz/jsonpatch/v2 v2.2.0 // indirect
 	google.golang.org/appengine v1.6.7 // indirect
diff --git a/go.sum b/go.sum
index 754cfc50e..3ab1f0098 100644
--- a/go.sum
+++ b/go.sum
@@ -171,8 +171,8 @@ github.com/cenkalti/backoff/v4 v4.1.3 h1:cFAlzYUlVYDysBEH2T5hyJZMh3+5+WCBvSnK6Q8
 github.com/cenkalti/backoff/v4 v4.1.3/go.mod h1:scbssz8iZGpm3xbr14ovlUdkxfGXNInqkPWOWmG2CLw=
 github.com/census-instrumentation/opencensus-proto v0.2.1/go.mod h1:f6KPmirojxKA12rnyqOA5BBL4O983OfeGPqjHWSTneU=
 github.com/centrify/cloud-golang-sdk v0.0.0-20190214225812-119110094d0f/go.mod h1:C0rtzmGXgN78pYR0tGJFhtHgkbAs0lIbHwkB81VxDQE=
-github.com/ceph/go-ceph v0.19.0 h1:cl5apHt98pCWSoUStiLdl7Mlk3ke8fUGF4HI66Nxy/A=
-github.com/ceph/go-ceph v0.19.0/go.mod h1:sdTcqdDeIPWX3TaR5HCi5YtT+BliI6fFvvWP6Io7VQE=
+github.com/ceph/go-ceph v0.20.0 h1:weYE7zoVrIBk9bIVq8jS9z3RukGlnZwFGCth7Tu1ssU=
+github.com/ceph/go-ceph v0.20.0/go.mod h1:/4iZyaN5wTpIFMEKO6GU3xX3vHnyvd2Fcdf05n9VuD0=
 github.com/certifi/gocertifi v0.0.0-20191021191039-0944d244cd40/go.mod h1:sGbDF6GwGcLpkNXPUTkMRoywsNa/ol15pxFe6ERfguA=
 github.com/certifi/gocertifi v0.0.0-20200922220541-2c3bb06c6054/go.mod h1:sGbDF6GwGcLpkNXPUTkMRoywsNa/ol15pxFe6ERfguA=
 github.com/cespare/xxhash v1.1.0/go.mod h1:XrSqR1VqqWfGrhpAt58auRo0WTKS1nRRg3ghfAqPWnc=
@@ -205,7 +205,6 @@ github.com/cockroachdb/datadriven v0.0.0-20200714090401-bf6692d28da5/go.mod h1:h
 github.com/cockroachdb/errors v1.2.4/go.mod h1:rQD95gz6FARkaKkQXUksEje/d9a6wBJoCr5oaCLELYA=
 github.com/cockroachdb/logtags v0.0.0-20190617123548-eb05cc24525f/go.mod h1:i/u985jwjWRlyHXQbwatDASoW0RMlZ/3i9yJHE2xLkI=
 github.com/codegangsta/inject v0.0.0-20150114235600-33e0aa1cb7c0/go.mod h1:4Zcjuz89kmFXt9morQgcfYZAYZ5n8WHjt81YYWIwtTM=
-github.com/container-storage-interface/spec v1.5.0/go.mod h1:8K96oQNkJ7pFcC2R9Z1ynGGBB1I93kcS6PGg3SsOk8s=
 github.com/container-storage-interface/spec v1.7.0 h1:gW8eyFQUZWWrMWa8p1seJ28gwDoN5CVJ4uAbQ+Hdycw=
 github.com/container-storage-interface/spec v1.7.0/go.mod h1:JYuzLqr9VVNoDJl44xp/8fmCOvWPDKzuGTwCoklhuqk=
 github.com/containerd/continuity v0.0.0-20190426062206-aaeac12a7ffc/go.mod h1:GL3xCUCBDV3CZiTSEKksMWbLE66hEyuu9qyDOOqM47Y=
@@ -364,7 +363,7 @@ github.com/go-test/deep v1.0.2/go.mod h1:wGDj63lr65AM2AQyKZd/NYHGb0R+1RLqB8NKt3a
 github.com/go-yaml/yaml v2.1.0+incompatible/go.mod h1:w2MrLa16VYP0jy6N7M5kHaCkaLENm+P+Tv+MfurjSw0=
 github.com/gocql/gocql v0.0.0-20190402132108-0e1d5de854df/go.mod h1:4Fw1eo5iaEhDUs8XyuhSVCVy52Jq3L+/3GJgYkwc+/0=
 github.com/godbus/dbus/v5 v5.0.4/go.mod h1:xhWf0FNVPg57R7Z0UbKHbJfkEywrmjJnf7w5xrFpKfA=
-github.com/gofrs/uuid v4.3.1+incompatible h1:0/KbAdpx3UXAx1kEOWHJeOkpbgRFGHVgv+CFIY7dBJI=
+github.com/gofrs/uuid v4.4.0+incompatible h1:3qXRTX8/NbyulANqlc0lchS1gqAVxRgsuW1YrTJupqA=
 github.com/gogo/protobuf v1.1.1/go.mod h1:r8qH/GZQm5c6nD/R0oafs1akxWv10x8SbQlK7atdtwQ=
 github.com/gogo/protobuf v1.2.0/go.mod h1:r8qH/GZQm5c6nD/R0oafs1akxWv10x8SbQlK7atdtwQ=
 github.com/gogo/protobuf v1.2.1/go.mod h1:hp+jE20tsWTFYpLwKvXlhS1hjn+gTNwPg2I6zVXpSg4=
@@ -722,8 +721,8 @@ github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ=
 github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI=
 github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY=
 github.com/kr/text v0.2.0/go.mod h1:eLer722TekiGuMkidMxC/pM04lWEeraHUUmBw8l2grE=
-github.com/kubernetes-csi/csi-lib-utils v0.11.0 h1:FHWOBtAZBA/hVk7v/qaXgG9Sxv0/n06DebPFuDwumqg=
-github.com/kubernetes-csi/csi-lib-utils v0.11.0/go.mod h1:BmGZZB16L18+9+Lgg9YWwBKfNEHIDdgGfAyuW6p2NV0=
+github.com/kubernetes-csi/csi-lib-utils v0.13.0 h1:QrTdZVZbHlaSUBN9ReayBPnnF1N0edFIpUKBwVIBW3w=
+github.com/kubernetes-csi/csi-lib-utils v0.13.0/go.mod h1:JS9eDIZmSjx4F9o0bLTVK/qfhIIOifdjEfVXzxWapfE=
 github.com/kubernetes-csi/external-snapshotter/client/v4 v4.0.0/go.mod h1:YBCo4DoEeDndqvAn6eeu0vWM7QdXmHEeI9cFWplmBys=
 github.com/kubernetes-csi/external-snapshotter/client/v6 v6.2.0 h1:cMM5AB37e9aRGjErygVT6EuBPB6s5a+l95OPERmSlVM=
 github.com/kubernetes-csi/external-snapshotter/client/v6 v6.2.0/go.mod h1:VQVLCPGDX5l6V5PezjlDXLa+SpCbWSVU7B16cFWVVeE=
@@ -834,8 +833,8 @@ github.com/onsi/gomega v1.5.0/go.mod h1:ex+gbHU/CVuBBDIJjb2X0qEXbFg53c61hWP/1Cpa
 github.com/onsi/gomega v1.19.0/go.mod h1:LY+I3pBVzYsTBU1AnDwOSxaYi9WoWiqgwooUqq9yPro=
 github.com/onsi/gomega v1.22.1/go.mod h1:x6n7VNe4hw0vkyYUM4mjIXx3JbLiPaBPNgB7PRQ1tuM=
 github.com/onsi/gomega v1.23.0/go.mod h1:Z/NWtiqwBrwUt4/2loMmHL63EDLnYHmVbuBpDr2vQAg=
-github.com/onsi/gomega v1.26.0 h1:03cDLK28U6hWvCAns6NeydX3zIm4SF3ci69ulidS32Q=
-github.com/onsi/gomega v1.26.0/go.mod h1:r+zV744Re+DiYCIPRlYOTxn0YkOLcAnW8k1xXdMPGhM=
+github.com/onsi/gomega v1.27.1 h1:rfztXRbg6nv/5f+Raen9RcGoSecHIFgBBLQK3Wdj754=
+github.com/onsi/gomega v1.27.1/go.mod h1:aHX5xOykVYzWOV4WqQy0sy8BQptgukenXpCXfadcIAw=
 github.com/opencontainers/go-digest v1.0.0-rc1/go.mod h1:cMLVZDEM3+U2I4VmLI6N8jQYUd2OVphdqWwCJHrFt2s=
 github.com/opencontainers/go-digest v1.0.0 h1:apOUWs51W5PlhuyGyz9FCeeBIOUDA/6nW8Oi/yOhh5U=
 github.com/opencontainers/go-digest v1.0.0/go.mod h1:0JzlMkj0TRzQZfJkVvzbP0HBR3IKzErnv2BNG4W4MAM=
@@ -1117,8 +1116,8 @@ golang.org/x/crypto v0.0.0-20201208171446-5f87f3452ae9/go.mod h1:jdWPYTVW3xRLrWP
 golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc=
 golang.org/x/crypto v0.0.0-20220411220226-7b82a4e95df4/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4=
 golang.org/x/crypto v0.1.0/go.mod h1:RecgLatLF4+eUMCP1PoPZQb+cVrJcOPbHkTkbkB9sbw=
-golang.org/x/crypto v0.5.0 h1:U/0M97KRkSFvyD/3FSmdP5W5swImpNgle/EHFhOsQPE=
-golang.org/x/crypto v0.5.0/go.mod h1:NK/OQwhpMQP3MwtdjgLlYHnH9ebylxKWv3e0fK+mkQU=
+golang.org/x/crypto v0.6.0 h1:qfktjS5LUO+fFKeJXZ+ikTRijMmljikvG68fpMMruSc=
+golang.org/x/crypto v0.6.0/go.mod h1:OFC/31mSvZgRz0V1QTNCzfAI1aIRzbiufJtkMIlEp58=
 golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
 golang.org/x/exp v0.0.0-20190306152737-a1d7652674e8/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
 golang.org/x/exp v0.0.0-20190510132918-efd6b22b2522/go.mod h1:ZjyILWgesfNpC6sMxTJOJm9Kp84zZh5NQWvqDGG3Qr8=
@@ -1207,7 +1206,6 @@ golang.org/x/net v0.0.0-20210226172049-e18ecbb05110/go.mod h1:m0MpNAwzfU5UDzcl9v
 golang.org/x/net v0.0.0-20210316092652-d523dce5a7f4/go.mod h1:RBQZq4jEuRlivfhVLdyRGr576XBO4/greRjx4P4O3yc=
 golang.org/x/net v0.0.0-20210405180319-a5a99cb37ef4/go.mod h1:p54w0d4576C0XHj96bSt6lcn1PtDYWL6XObtHCRCNQM=
 golang.org/x/net v0.0.0-20210503060351-7fd8e65b6420/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y=
-golang.org/x/net v0.0.0-20210520170846-37e1c6afe023/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y=
 golang.org/x/net v0.0.0-20210525063256-abc453219eb5/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y=
 golang.org/x/net v0.0.0-20210805182204-aaa1db679c0d/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y=
 golang.org/x/net v0.0.0-20211015210444-4f30a5c0130f/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y=
@@ -1217,8 +1215,8 @@ golang.org/x/net v0.0.0-20220225172249-27dd8689420f/go.mod h1:CfG3xpIq0wQ8r1q4Su
 golang.org/x/net v0.0.0-20220722155237-a158d28d115b/go.mod h1:XRhObCWvk6IyKnWLug+ECip1KBveYUHfp+8e9klMJ9c=
 golang.org/x/net v0.1.0/go.mod h1:Cx3nUiGt4eDBEyega/BKRp+/AlGL8hYe7U9odMt2Cco=
 golang.org/x/net v0.3.1-0.20221206200815-1e63c2f08a10/go.mod h1:MBQ8lrhLObU/6UmLb4fmbmk5OcyYmqtbGd/9yIeKjEE=
-golang.org/x/net v0.5.0 h1:GyT4nK/YDHSqa1c4753ouYCDajOYKTja9Xb/OHtgvSw=
-golang.org/x/net v0.5.0/go.mod h1:DivGGAXEgPSlEBzxGzZI+ZLohi+xUj054jfeKui00ws=
+golang.org/x/net v0.7.0 h1:rJrUqqhjsgNp7KqAIc25s9pZnjU7TUcSY7HcVZjdn1g=
+golang.org/x/net v0.7.0/go.mod h1:2Tu9+aMcznHK/AK1HMvgo6xiTLG5rD5rZLDS+rp2Bjs=
 golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U=
 golang.org/x/oauth2 v0.0.0-20181203162652-d668ce993890/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U=
 golang.org/x/oauth2 v0.0.0-20190130055435-99b60b757ec1/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw=
@@ -1341,16 +1339,16 @@ golang.org/x/sys v0.0.0-20220811171246-fbc7d0a398ab/go.mod h1:oPkhp1MJrh7nUepCBc
 golang.org/x/sys v0.0.0-20220908164124-27713097b956/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.1.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.3.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
-golang.org/x/sys v0.4.0 h1:Zr2JFtRQNX3BCZ8YtxRE9hNJYC8J6I1MVbMg6owUp18=
-golang.org/x/sys v0.4.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+golang.org/x/sys v0.5.0 h1:MUK/U/4lj1t1oPg0HfuXDN/Z1wv31ZJ/YcPiGccS4DU=
+golang.org/x/sys v0.5.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/term v0.0.0-20201117132131-f5c789dd3221/go.mod h1:Nr5EML6q2oocZ2LXRh80K7BxOlk5/8JxuGnuhpl+muw=
 golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
 golang.org/x/term v0.0.0-20210422114643-f5beecf764ed/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
 golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8=
 golang.org/x/term v0.1.0/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8=
 golang.org/x/term v0.3.0/go.mod h1:q750SLmJuPmVoN1blW3UFBPREJfb1KmY3vwxfr+nFDA=
-golang.org/x/term v0.4.0 h1:O7UWfv5+A2qiuulQk30kVinPoMtoIPeVaKLEgLpVkvg=
-golang.org/x/term v0.4.0/go.mod h1:9P2UbLfCdcvo3p/nzKvsmas4TnlujnuoV9hGgYzW1lQ=
+golang.org/x/term v0.5.0 h1:n2a8QNdAb0sZNpU9R1ALUXBbY+w51fCQDN+7EdxNBsY=
+golang.org/x/term v0.5.0/go.mod h1:jMB1sMXY+tzblOD4FWmEbocvup2/aLOaQEp7JmGp78k=
 golang.org/x/text v0.0.0-20170915032832-14c0d48ead0c/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
 golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
 golang.org/x/text v0.3.1-0.20180807135948-17ff2d5776d2/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
@@ -1363,8 +1361,8 @@ golang.org/x/text v0.3.6/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
 golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ=
 golang.org/x/text v0.4.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8=
 golang.org/x/text v0.5.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8=
-golang.org/x/text v0.6.0 h1:3XmdazWV+ubf7QgHSTWeykHOci5oeekaGJBLkrkaw4k=
-golang.org/x/text v0.6.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8=
+golang.org/x/text v0.7.0 h1:4BRB4x83lYWy72KwLD/qYDuTu7q9PjSagHvijDw7cLo=
+golang.org/x/text v0.7.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8=
 golang.org/x/time v0.0.0-20180412165947-fbb02b2291d2/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
 golang.org/x/time v0.0.0-20181108054448-85acf8d2951c/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
 golang.org/x/time v0.0.0-20190308202827-9d24e82272b4/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
diff --git a/internal/cephfs/controllerserver.go b/internal/cephfs/controllerserver.go
index 0544d2585..966416908 100644
--- a/internal/cephfs/controllerserver.go
+++ b/internal/cephfs/controllerserver.go
@@ -230,12 +230,9 @@ func checkValidCreateVolumeRequest(
 	case sID != nil:
 		if vol.BackingSnapshot {
 			volCaps := req.GetVolumeCapabilities()
-			for _, volCap := range volCaps {
-				mode := volCap.AccessMode.Mode
-				if mode != csi.VolumeCapability_AccessMode_MULTI_NODE_READER_ONLY &&
-					mode != csi.VolumeCapability_AccessMode_SINGLE_NODE_READER_ONLY {
-					return errors.New("backingSnapshot may be used only with read-only access modes")
-				}
+			isRO := store.IsVolumeCreateRO(volCaps)
+			if !isRO {
+				return errors.New("backingSnapshot may be used only with read-only access modes")
 			}
 		}
 	}
diff --git a/internal/cephfs/store/volumeoptions.go b/internal/cephfs/store/volumeoptions.go
index 24e96655c..8ff10cbf5 100644
--- a/internal/cephfs/store/volumeoptions.go
+++ b/internal/cephfs/store/volumeoptions.go
@@ -235,6 +235,7 @@ func NewVolumeOptions(
 	opts.Monitors = strings.Join(clusterData.Monitors, ",")
 	opts.SubvolumeGroup = clusterData.CephFS.SubvolumeGroup
 	opts.Owner = k8s.GetOwner(volOptions)
+	opts.BackingSnapshot = IsShallowVolumeSupported(req)
 
 	if err = extractOptionalOption(&opts.Pool, "pool", volOptions); err != nil {
 		return nil, err
@@ -323,6 +324,28 @@ func NewVolumeOptions(
 	return &opts, nil
 }
 
+// IsShallowVolumeSupported returns true only for ReadOnly volume requests
+// with datasource as snapshot.
+func IsShallowVolumeSupported(req *csi.CreateVolumeRequest) bool {
+	isRO := IsVolumeCreateRO(req.VolumeCapabilities)
+
+	return isRO && (req.GetVolumeContentSource() != nil && req.GetVolumeContentSource().GetSnapshot() != nil)
+}
+
+func IsVolumeCreateRO(caps []*csi.VolumeCapability) bool {
+	for _, cap := range caps {
+		if cap.AccessMode != nil {
+			switch cap.AccessMode.Mode { //nolint:exhaustive // only check what we want
+			case csi.VolumeCapability_AccessMode_MULTI_NODE_READER_ONLY,
+				csi.VolumeCapability_AccessMode_SINGLE_NODE_READER_ONLY:
+				return true
+			}
+		}
+	}
+
+	return false
+}
+
 // newVolumeOptionsFromVolID generates a new instance of volumeOptions and VolumeIdentifier
 // from the provided CSI VolumeID.
 // nolint:gocyclo,cyclop // TODO: reduce complexity
diff --git a/internal/cephfs/store/volumeoptions_test.go b/internal/cephfs/store/volumeoptions_test.go
new file mode 100644
index 000000000..fb08ed3d6
--- /dev/null
+++ b/internal/cephfs/store/volumeoptions_test.go
@@ -0,0 +1,222 @@
+/*
+Copyright 2023 The Ceph-CSI Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package store
+
+import (
+	"testing"
+
+	"github.com/container-storage-interface/spec/lib/go/csi"
+)
+
+func TestIsVolumeCreateRO(t *testing.T) {
+	t.Parallel()
+	tests := []struct {
+		name string
+		caps []*csi.VolumeCapability
+		isRO bool
+	}{
+		{
+			name: "valid access mode",
+			caps: []*csi.VolumeCapability{
+				{
+					AccessMode: &csi.VolumeCapability_AccessMode{
+						Mode: csi.VolumeCapability_AccessMode_MULTI_NODE_READER_ONLY,
+					},
+				},
+			},
+			isRO: true,
+		},
+		{
+			name: "Invalid access mode",
+			caps: []*csi.VolumeCapability{
+				{
+					AccessMode: &csi.VolumeCapability_AccessMode{
+						Mode: csi.VolumeCapability_AccessMode_SINGLE_NODE_MULTI_WRITER,
+					},
+				},
+			},
+			isRO: false,
+		},
+		{
+			name: "valid access mode",
+			caps: []*csi.VolumeCapability{
+				{
+					AccessMode: &csi.VolumeCapability_AccessMode{
+						Mode: csi.VolumeCapability_AccessMode_SINGLE_NODE_READER_ONLY,
+					},
+				},
+			},
+			isRO: true,
+		},
+		{
+			name: "Invalid access mode",
+			caps: []*csi.VolumeCapability{
+				{
+					AccessMode: &csi.VolumeCapability_AccessMode{
+						Mode: csi.VolumeCapability_AccessMode_MULTI_NODE_MULTI_WRITER,
+					},
+				},
+			},
+			isRO: false,
+		},
+		{
+			name: "Invalid access mode",
+			caps: []*csi.VolumeCapability{
+				{
+					AccessMode: &csi.VolumeCapability_AccessMode{
+						Mode: csi.VolumeCapability_AccessMode_SINGLE_NODE_SINGLE_WRITER,
+					},
+				},
+			},
+			isRO: false,
+		},
+	}
+	for _, tt := range tests {
+		newtt := tt
+		t.Run(newtt.name, func(t *testing.T) {
+			t.Parallel()
+			wantErr := IsVolumeCreateRO(newtt.caps)
+			if wantErr != newtt.isRO {
+				t.Errorf("isVolumeCreateRO() wantErr = %v, isRO %v", wantErr, newtt.isRO)
+			}
+		})
+	}
+}
+
+func TestIsShallowVolumeSupported(t *testing.T) {
+	t.Parallel()
+	type args struct {
+		req *csi.CreateVolumeRequest
+	}
+	tests := []struct {
+		name string
+		args args
+		want bool
+	}{
+		{
+			name: "Invalid request",
+			args: args{
+				req: &csi.CreateVolumeRequest{
+					Name: "",
+					VolumeCapabilities: []*csi.VolumeCapability{
+						{
+							AccessType: &csi.VolumeCapability_Block{},
+							AccessMode: &csi.VolumeCapability_AccessMode{
+								Mode: csi.VolumeCapability_AccessMode_SINGLE_NODE_MULTI_WRITER,
+							},
+						},
+					},
+
+					VolumeContentSource: &csi.VolumeContentSource{
+						Type: &csi.VolumeContentSource_Volume{
+							Volume: &csi.VolumeContentSource_VolumeSource{
+								VolumeId: "vol",
+							},
+						},
+					},
+				},
+			},
+			want: false,
+		},
+		{
+			name: "Invalid request",
+			args: args{
+				req: &csi.CreateVolumeRequest{
+					Name: "",
+					VolumeCapabilities: []*csi.VolumeCapability{
+						{
+							AccessType: &csi.VolumeCapability_Block{},
+							AccessMode: &csi.VolumeCapability_AccessMode{
+								Mode: csi.VolumeCapability_AccessMode_SINGLE_NODE_READER_ONLY,
+							},
+						},
+					},
+
+					VolumeContentSource: &csi.VolumeContentSource{
+						Type: &csi.VolumeContentSource_Volume{
+							Volume: &csi.VolumeContentSource_VolumeSource{
+								VolumeId: "vol",
+							},
+						},
+					},
+				},
+			},
+			want: false,
+		},
+		{
+			name: "Invalid request",
+			args: args{
+				req: &csi.CreateVolumeRequest{
+					Name: "",
+					VolumeCapabilities: []*csi.VolumeCapability{
+						{
+							AccessType: &csi.VolumeCapability_Block{},
+							AccessMode: &csi.VolumeCapability_AccessMode{
+								Mode: csi.VolumeCapability_AccessMode_MULTI_NODE_MULTI_WRITER,
+							},
+						},
+					},
+
+					VolumeContentSource: &csi.VolumeContentSource{
+						Type: &csi.VolumeContentSource_Snapshot{
+							Snapshot: &csi.VolumeContentSource_SnapshotSource{
+								SnapshotId: "snap",
+							},
+						},
+					},
+				},
+			},
+			want: false,
+		},
+		{
+			name: "valid request",
+			args: args{
+				req: &csi.CreateVolumeRequest{
+					Name: "",
+					VolumeCapabilities: []*csi.VolumeCapability{
+						{
+							AccessType: &csi.VolumeCapability_Block{},
+							AccessMode: &csi.VolumeCapability_AccessMode{
+								Mode: csi.VolumeCapability_AccessMode_SINGLE_NODE_READER_ONLY,
+							},
+						},
+					},
+
+					VolumeContentSource: &csi.VolumeContentSource{
+						Type: &csi.VolumeContentSource_Snapshot{
+							Snapshot: &csi.VolumeContentSource_SnapshotSource{
+								SnapshotId: "snap",
+							},
+						},
+					},
+				},
+			},
+			want: true,
+		},
+	}
+	for _, tt := range tests {
+		newtt := tt
+		t.Run(newtt.name, func(t *testing.T) {
+			t.Log(newtt.args.req.GetVolumeContentSource().GetSnapshot())
+			t.Log(IsVolumeCreateRO(newtt.args.req.GetVolumeCapabilities()))
+			t.Parallel()
+			if got := IsShallowVolumeSupported(newtt.args.req); got != newtt.want {
+				t.Errorf("IsShallowVolumeSupported() = %v, want %v", got, newtt.want)
+			}
+		})
+	}
+}
diff --git a/internal/nfs/controller/controllerserver.go b/internal/nfs/controller/controllerserver.go
index 0b3b8c61d..36a55a9bd 100644
--- a/internal/nfs/controller/controllerserver.go
+++ b/internal/nfs/controller/controllerserver.go
@@ -77,6 +77,8 @@ func (cs *Server) CreateVolume(
 	ctx context.Context,
 	req *csi.CreateVolumeRequest,
 ) (*csi.CreateVolumeResponse, error) {
+	// nfs does not supports shallow snapshots
+	req.Parameters["backingSnapshot"] = "false"
 	res, err := cs.backendServer.CreateVolume(ctx, req)
 	if err != nil {
 		return nil, err
diff --git a/vendor/github.com/ceph/go-ceph/cephfs/admin/metadata.go b/vendor/github.com/ceph/go-ceph/cephfs/admin/metadata.go
index 7eabc71db..29444cb9a 100644
--- a/vendor/github.com/ceph/go-ceph/cephfs/admin/metadata.go
+++ b/vendor/github.com/ceph/go-ceph/cephfs/admin/metadata.go
@@ -1,5 +1,5 @@
-//go:build !(nautilus || octopus) && ceph_preview && ceph_pre_quincy
-// +build !nautilus,!octopus,ceph_preview,ceph_pre_quincy
+//go:build !(nautilus || octopus || pacific) && ceph_preview
+// +build !nautilus,!octopus,!pacific,ceph_preview
 
 package admin
 
diff --git a/vendor/github.com/ceph/go-ceph/cephfs/admin/snapshot_metadata.go b/vendor/github.com/ceph/go-ceph/cephfs/admin/snapshot_metadata.go
index 6f1c60f9b..e4c641cb0 100644
--- a/vendor/github.com/ceph/go-ceph/cephfs/admin/snapshot_metadata.go
+++ b/vendor/github.com/ceph/go-ceph/cephfs/admin/snapshot_metadata.go
@@ -1,5 +1,5 @@
-//go:build !(nautilus || octopus) && ceph_preview && ceph_pre_quincy
-// +build !nautilus,!octopus,ceph_preview,ceph_pre_quincy
+//go:build !(nautilus || octopus || pacific) && ceph_preview
+// +build !nautilus,!octopus,!pacific,ceph_preview
 
 package admin
 
diff --git a/vendor/github.com/ceph/go-ceph/common/admin/nfs/export.go b/vendor/github.com/ceph/go-ceph/common/admin/nfs/export.go
index 6b981b724..9b29761d0 100644
--- a/vendor/github.com/ceph/go-ceph/common/admin/nfs/export.go
+++ b/vendor/github.com/ceph/go-ceph/common/admin/nfs/export.go
@@ -4,6 +4,8 @@
 package nfs
 
 import (
+	"errors"
+
 	"github.com/ceph/go-ceph/internal/commands"
 )
 
@@ -26,6 +28,10 @@ const (
 	Unspecifiedquash SquashMode = ""
 )
 
+var (
+	errNoExportInfo = errors.New("No export info found")
+)
+
 // SecType indicates the kind of security/authentication to be used by an export.
 type SecType string
 
@@ -115,6 +121,11 @@ func parseExportsList(res commands.Response) ([]ExportInfo, error) {
 
 func parseExportInfo(res commands.Response) (ExportInfo, error) {
 	i := ExportInfo{}
+	// different versions of ceph may return nothing or empty json.
+	// detect these cases and return a specific error
+	if res.NoStatus().EmptyBody().Ok() {
+		return i, errNoExportInfo
+	}
 	if err := res.NoStatus().Unmarshal(&i).End(); err != nil {
 		return i, err
 	}
diff --git a/vendor/github.com/ceph/go-ceph/rados/alloc_hint_flags.go b/vendor/github.com/ceph/go-ceph/rados/alloc_hint_flags.go
index dd468da20..1fd51cdb6 100644
--- a/vendor/github.com/ceph/go-ceph/rados/alloc_hint_flags.go
+++ b/vendor/github.com/ceph/go-ceph/rados/alloc_hint_flags.go
@@ -1,6 +1,3 @@
-//go:build ceph_preview
-// +build ceph_preview
-
 package rados
 
 // #cgo LDFLAGS: -lrados
diff --git a/vendor/github.com/ceph/go-ceph/rbd/migration.go b/vendor/github.com/ceph/go-ceph/rbd/migration.go
new file mode 100644
index 000000000..f7c13031a
--- /dev/null
+++ b/vendor/github.com/ceph/go-ceph/rbd/migration.go
@@ -0,0 +1,219 @@
+//go:build !(octopus || nautilus) && ceph_preview
+// +build !octopus,!nautilus,ceph_preview
+
+package rbd
+
+// #cgo LDFLAGS: -lrbd
+// #include <stdlib.h>
+// #include <rados/librados.h>
+// #include <rbd/librbd.h>
+import "C"
+
+import (
+	"unsafe"
+
+	"github.com/ceph/go-ceph/rados"
+)
+
+// MigrationImageState denotes the current migration status of a given image.
+type MigrationImageState int
+
+const (
+	// MigrationImageUnknown is the representation of
+	// RBD_IMAGE_MIGRATION_STATE_UNKNOWN from librbd.
+	MigrationImageUnknown = MigrationImageState(C.RBD_IMAGE_MIGRATION_STATE_UNKNOWN)
+	// MigrationImageError is the representation of
+	// RBD_IMAGE_MIGRATION_STATE_ERROR from librbd.
+	MigrationImageError = MigrationImageState(C.RBD_IMAGE_MIGRATION_STATE_ERROR)
+	// MigrationImagePreparing is the representation of
+	// RBD_IMAGE_MIGRATION_STATE_PREPARING from librbd.
+	MigrationImagePreparing = MigrationImageState(C.RBD_IMAGE_MIGRATION_STATE_PREPARING)
+	// MigrationImagePrepared is the representation of
+	// RBD_IMAGE_MIGRATION_STATE_PREPARED from librbd.
+	MigrationImagePrepared = MigrationImageState(C.RBD_IMAGE_MIGRATION_STATE_PREPARED)
+	// MigrationImageExecuting is the representation of
+	// RBD_IMAGE_MIGRATION_STATE_EXECUTING from librbd.
+	MigrationImageExecuting = MigrationImageState(C.RBD_IMAGE_MIGRATION_STATE_EXECUTING)
+	// MigrationImageExecuted is the representation of
+	// RBD_IMAGE_MIGRATION_STATE_EXECUTED from librbd.
+	MigrationImageExecuted = MigrationImageState(C.RBD_IMAGE_MIGRATION_STATE_EXECUTED)
+	// MigrationImageAborting is the representation of
+	// RBD_IMAGE_MIGRATION_STATE_ABORTING from librbd.
+	MigrationImageAborting = MigrationImageState(C.RBD_IMAGE_MIGRATION_STATE_ABORTING)
+)
+
+// MigrationImageStatus provides information about the
+// live migration progress of an image.
+type MigrationImageStatus struct {
+	SourcePoolID        int
+	SourcePoolNamespace string
+	SourceImageName     string
+	SourceImageID       string
+	DestPoolID          int
+	DestPoolNamespace   string
+	DestImageName       string
+	DestImageID         string
+	State               MigrationImageState
+	StateDescription    string
+}
+
+// MigrationPrepare prepares a migration
+// creating a target image with a link
+// to source and making source read-only.
+//
+// Implements:
+//  int rbd_migration_prepare(rados_ioctx_t ioctx,
+//                            const char *image_name,
+//                            rados_ioctx_t dest_ioctx,
+//                            const char *dest_image_name,
+//                            rbd_image_options_t opts);
+//
+func MigrationPrepare(ioctx *rados.IOContext, sourceImageName string, destIoctx *rados.IOContext, destImageName string, rio *ImageOptions) error {
+	cSourceImageName := C.CString(sourceImageName)
+	cDestImageName := C.CString(destImageName)
+	defer func() {
+		C.free(unsafe.Pointer(cSourceImageName))
+		C.free(unsafe.Pointer(cDestImageName))
+	}()
+
+	ret := C.rbd_migration_prepare(
+		cephIoctx(ioctx),
+		cSourceImageName,
+		cephIoctx(destIoctx),
+		cDestImageName,
+		C.rbd_image_options_t(rio.options))
+
+	return getError(ret)
+}
+
+// MigrationPrepareImport prepares a migration for import
+// from a specified source to a new target image.
+//
+// Implements:
+//  int rbd_migration_prepare_import(const char *source_spec,
+//                                   rados_ioctx_t dest_ioctx,
+//                                   const char *dest_image_name,
+//                                   rbd_image_options_t opts);
+//
+func MigrationPrepareImport(sourceSpec string, ioctx *rados.IOContext, destImageName string, rio *ImageOptions) error {
+	cSourceSpec := C.CString(sourceSpec)
+	cDestImageName := C.CString(destImageName)
+	defer func() {
+		C.free(unsafe.Pointer(cSourceSpec))
+		C.free(unsafe.Pointer(cDestImageName))
+	}()
+
+	ret := C.rbd_migration_prepare_import(
+		cSourceSpec,
+		cephIoctx(ioctx),
+		cDestImageName,
+		C.rbd_image_options_t(rio.options))
+
+	return getError(ret)
+}
+
+// MigrationExecute starts copying the image blocks
+// from the source image to the target image.
+//
+// Implements:
+//  int rbd_migration_execute(rados_ioctx_t ioctx,
+//                            const char *image_name);
+//
+func MigrationExecute(ioctx *rados.IOContext, name string) error {
+	cName := C.CString(name)
+
+	defer func() {
+		C.free(unsafe.Pointer(cName))
+	}()
+
+	ret := C.rbd_migration_execute(
+		cephIoctx(ioctx),
+		cName)
+	return getError(ret)
+}
+
+// MigrationCommit commits a migration after execution
+// breaking the relationship of image to the source.
+//
+// Implements:
+//  int rbd_migration_commit(rados_ioctx_t ioctx,
+//                           const char *image_name);
+//
+func MigrationCommit(ioctx *rados.IOContext, name string) error {
+	cName := C.CString(name)
+
+	defer func() {
+		C.free(unsafe.Pointer(cName))
+	}()
+
+	ret := C.rbd_migration_commit(
+		cephIoctx(ioctx),
+		cName)
+	return getError(ret)
+}
+
+// MigrationAbort aborts a migration in progress
+// breaking the relationship of image to the source.
+//
+// Implements:
+//  int rbd_migration_abort(rados_ioctx_t ioctx,
+//                          const char *image_name);
+//
+func MigrationAbort(ioctx *rados.IOContext, name string) error {
+	cName := C.CString(name)
+
+	defer func() {
+		C.free(unsafe.Pointer(cName))
+	}()
+
+	ret := C.rbd_migration_abort(
+		cephIoctx(ioctx),
+		cName)
+	return getError(ret)
+}
+
+// MigrationStatus retrieve status of a live migration
+// for the specified image.
+//
+// Implements:
+//  int rbd_migration_status(rados_ioctx_t ioctx,
+//                           const char *image_name,
+//                           rbd_image_migration_status_t *status,
+//                           size_t status_size);
+//
+func MigrationStatus(ioctx *rados.IOContext, name string) (*MigrationImageStatus, error) {
+	cName := C.CString(name)
+
+	defer func() {
+		C.free(unsafe.Pointer(cName))
+	}()
+
+	var status C.rbd_image_migration_status_t
+	ret := C.rbd_migration_status(
+		cephIoctx(ioctx),
+		cName,
+		&status,
+		C.sizeof_rbd_image_migration_status_t)
+
+	if ret != 0 {
+		return nil, getError(ret)
+	}
+
+	defer func() {
+		C.rbd_migration_status_cleanup(&status)
+	}()
+
+	return &MigrationImageStatus{
+		SourcePoolID:        int(status.source_pool_id),
+		SourcePoolNamespace: C.GoString(status.source_pool_namespace),
+		SourceImageName:     C.GoString(status.source_image_name),
+		SourceImageID:       C.GoString(status.source_image_id),
+		DestPoolID:          int(status.dest_pool_id),
+		DestPoolNamespace:   C.GoString(status.dest_pool_namespace),
+		DestImageName:       C.GoString(status.dest_image_name),
+		DestImageID:         C.GoString(status.dest_image_id),
+		State:               MigrationImageState(status.state),
+		StateDescription:    C.GoString(status.state_description),
+	}, nil
+
+}
diff --git a/vendor/github.com/kubernetes-csi/csi-lib-utils/connection/connection.go b/vendor/github.com/kubernetes-csi/csi-lib-utils/connection/connection.go
index ad37321e8..9f8a48f90 100644
--- a/vendor/github.com/kubernetes-csi/csi-lib-utils/connection/connection.go
+++ b/vendor/github.com/kubernetes-csi/csi-lib-utils/connection/connection.go
@@ -19,6 +19,7 @@ package connection
 import (
 	"context"
 	"errors"
+	"fmt"
 	"io/ioutil"
 	"net"
 	"strings"
@@ -40,6 +41,15 @@ const (
 
 const terminationLogPath = "/dev/termination-log"
 
+var maxLogChar int = -1
+
+// SetMaxGRPCLogLength set the maximum character count for GRPC logging.
+// If characterCount is set to anything smaller than or equal to 0 then there's no limit on log length.
+// The default log length limit is unlimited.
+func SetMaxGRPCLogLength(characterCount int) {
+	maxLogChar = characterCount
+}
+
 // Connect opens insecure gRPC connection to a CSI driver. Address must be either absolute path to UNIX domain socket
 // file or have format '<protocol>://', following gRPC name resolution mechanism at
 // https://github.com/grpc/grpc/blob/master/doc/naming.md.
@@ -183,7 +193,11 @@ func LogGRPC(ctx context.Context, method string, req, reply interface{}, cc *grp
 	klog.V(5).Infof("GRPC call: %s", method)
 	klog.V(5).Infof("GRPC request: %s", protosanitizer.StripSecrets(req))
 	err := invoker(ctx, method, req, reply, cc, opts...)
-	klog.V(5).Infof("GRPC response: %s", protosanitizer.StripSecrets(reply))
+	cappedStr := fmt.Sprintf("%s", protosanitizer.StripSecrets(reply))
+	if maxLogChar > 0 && len(cappedStr) > maxLogChar {
+		cappedStr = cappedStr[:maxLogChar] + fmt.Sprintf(" [response body too large, log capped to %d chars]", maxLogChar)
+	}
+	klog.V(5).Infof("GRPC response: %s", cappedStr)
 	klog.V(5).Infof("GRPC error: %v", err)
 	return err
 }
diff --git a/vendor/github.com/kubernetes-csi/csi-lib-utils/metrics/metrics.go b/vendor/github.com/kubernetes-csi/csi-lib-utils/metrics/metrics.go
index 3baab8ca7..b641fffcb 100644
--- a/vendor/github.com/kubernetes-csi/csi-lib-utils/metrics/metrics.go
+++ b/vendor/github.com/kubernetes-csi/csi-lib-utils/metrics/metrics.go
@@ -179,12 +179,20 @@ func WithProcessStartTime(registerProcessStartTime bool) MetricsManagerOption {
 	}
 }
 
+// WithCustomRegistry allow user to use custom pre-created registry instead of a new created one.
+func WithCustomRegistry(registry metrics.KubeRegistry) MetricsManagerOption {
+	return func(cmm *csiMetricsManager) {
+		cmm.registry = registry
+	}
+}
+
 // NewCSIMetricsManagerForSidecar creates and registers metrics for CSI Sidecars and
 // returns an object that can be used to trigger the metrics. It uses "csi_sidecar"
 // as subsystem.
 //
 // driverName - Name of the CSI driver against which this operation was executed.
-//              If unknown, leave empty, and use SetDriverName method to update later.
+//
+//	If unknown, leave empty, and use SetDriverName method to update later.
 func NewCSIMetricsManagerForSidecar(driverName string) CSIMetricsManager {
 	return NewCSIMetricsManagerWithOptions(driverName)
 }
@@ -197,7 +205,8 @@ var NewCSIMetricsManager = NewCSIMetricsManagerForSidecar
 // as subsystem.
 //
 // driverName - Name of the CSI driver against which this operation was executed.
-//              If unknown, leave empty, and use SetDriverName method to update later.
+//
+//	If unknown, leave empty, and use SetDriverName method to update later.
 func NewCSIMetricsManagerForPlugin(driverName string) CSIMetricsManager {
 	return NewCSIMetricsManagerWithOptions(driverName,
 		WithSubsystem(SubsystemPlugin),
@@ -208,7 +217,8 @@ func NewCSIMetricsManagerForPlugin(driverName string) CSIMetricsManager {
 // if there are special needs like changing the default subsystems.
 //
 // driverName - Name of the CSI driver against which this operation was executed.
-//              If unknown, leave empty, and use SetDriverName method to update later.
+//
+//	If unknown, leave empty, and use SetDriverName method to update later.
 func NewCSIMetricsManagerWithOptions(driverName string, options ...MetricsManagerOption) CSIMetricsManager {
 	cmm := csiMetricsManager{
 		registry:                 metrics.NewKubeRegistry(),
diff --git a/vendor/github.com/onsi/gomega/CHANGELOG.md b/vendor/github.com/onsi/gomega/CHANGELOG.md
index 830467e4d..99ea94078 100644
--- a/vendor/github.com/onsi/gomega/CHANGELOG.md
+++ b/vendor/github.com/onsi/gomega/CHANGELOG.md
@@ -1,3 +1,25 @@
+## 1.27.1
+
+### Maintenance
+
+- Bump golang.org/x/net from 0.6.0 to 0.7.0 (#640) [bc686cd]
+
+## 1.27.0
+
+### Features
+- Add HaveExactElements matcher (#634) [9d50783]
+- update Gomega docs to discuss GinkgoHelper() [be32774]
+
+### Maintenance
+- Bump github.com/onsi/ginkgo/v2 from 2.8.0 to 2.8.1 (#639) [296a68b]
+- Bump golang.org/x/net from 0.5.0 to 0.6.0 (#638) [c2b098b]
+- Bump github-pages from 227 to 228 in /docs (#636) [a9069ab]
+- test: update matrix for Go 1.20 (#635) [6bd25c8]
+- Bump github.com/onsi/ginkgo/v2 from 2.7.0 to 2.8.0 (#631) [5445f8b]
+- Bump webrick from 1.7.0 to 1.8.1 in /docs (#630) [03e93bb]
+- codeql: add ruby language (#626) [63c7d21]
+- dependabot: add bundler package-ecosystem for docs (#625) [d92f963]
+
 ## 1.26.0
 
 ### Features
diff --git a/vendor/github.com/onsi/gomega/gomega_dsl.go b/vendor/github.com/onsi/gomega/gomega_dsl.go
index 93d33c137..4405c0682 100644
--- a/vendor/github.com/onsi/gomega/gomega_dsl.go
+++ b/vendor/github.com/onsi/gomega/gomega_dsl.go
@@ -22,7 +22,7 @@ import (
 	"github.com/onsi/gomega/types"
 )
 
-const GOMEGA_VERSION = "1.26.0"
+const GOMEGA_VERSION = "1.27.1"
 
 const nilGomegaPanic = `You are trying to make an assertion, but haven't registered Gomega's fail handler.
 If you're using Ginkgo then you probably forgot to put your assertion in an It().
diff --git a/vendor/github.com/onsi/gomega/matchers.go b/vendor/github.com/onsi/gomega/matchers.go
index 857586a91..44056ad64 100644
--- a/vendor/github.com/onsi/gomega/matchers.go
+++ b/vendor/github.com/onsi/gomega/matchers.go
@@ -349,6 +349,20 @@ func ConsistOf(elements ...interface{}) types.GomegaMatcher {
 	}
 }
 
+// HaveExactElemets succeeds if actual contains elements that precisely match the elemets passed into the matcher. The ordering of the elements does matter.
+// By default HaveExactElements() uses Equal() to match the elements, however custom matchers can be passed in instead.  Here are some examples:
+//
+//	Expect([]string{"Foo", "FooBar"}).Should(HaveExactElements("Foo", "FooBar"))
+//	Expect([]string{"Foo", "FooBar"}).Should(HaveExactElements("Foo", ContainSubstring("Bar")))
+//	Expect([]string{"Foo", "FooBar"}).Should(HaveExactElements(ContainSubstring("Foo"), ContainSubstring("Foo")))
+//
+// Actual must be an array or slice.
+func HaveExactElements(elements ...interface{}) types.GomegaMatcher {
+	return &matchers.HaveExactElementsMatcher{
+		Elements: elements,
+	}
+}
+
 // ContainElements succeeds if actual contains the passed in elements. The ordering of the elements does not matter.
 // By default ContainElements() uses Equal() to match the elements, however custom matchers can be passed in instead. Here are some examples:
 //
diff --git a/vendor/github.com/onsi/gomega/matchers/have_exact_elements.go b/vendor/github.com/onsi/gomega/matchers/have_exact_elements.go
new file mode 100644
index 000000000..19d8f3d1d
--- /dev/null
+++ b/vendor/github.com/onsi/gomega/matchers/have_exact_elements.go
@@ -0,0 +1,75 @@
+package matchers
+
+import (
+	"fmt"
+
+	"github.com/onsi/gomega/format"
+)
+
+type mismatchFailure struct {
+	failure string
+	index   int
+}
+
+type HaveExactElementsMatcher struct {
+	Elements         []interface{}
+	mismatchFailures []mismatchFailure
+	missingIndex     int
+	extraIndex       int
+}
+
+func (matcher *HaveExactElementsMatcher) Match(actual interface{}) (success bool, err error) {
+	if isMap(actual) {
+		return false, fmt.Errorf("error")
+	}
+
+	matchers := matchers(matcher.Elements)
+	values := valuesOf(actual)
+
+	lenMatchers := len(matchers)
+	lenValues := len(values)
+
+	for i := 0; i < lenMatchers || i < lenValues; i++ {
+		if i >= lenMatchers {
+			matcher.extraIndex = i
+			continue
+		}
+
+		if i >= lenValues {
+			matcher.missingIndex = i
+			return
+		}
+
+		elemMatcher := matchers[i].(omegaMatcher)
+		match, err := elemMatcher.Match(values[i])
+		if err != nil || !match {
+			matcher.mismatchFailures = append(matcher.mismatchFailures, mismatchFailure{
+				index:   i,
+				failure: elemMatcher.FailureMessage(values[i]),
+			})
+		}
+	}
+
+	return matcher.missingIndex+matcher.extraIndex+len(matcher.mismatchFailures) == 0, nil
+}
+
+func (matcher *HaveExactElementsMatcher) FailureMessage(actual interface{}) (message string) {
+	message = format.Message(actual, "to have exact elements with", presentable(matcher.Elements))
+	if matcher.missingIndex > 0 {
+		message = fmt.Sprintf("%s\nthe missing elements start from index %d", message, matcher.missingIndex)
+	}
+	if matcher.extraIndex > 0 {
+		message = fmt.Sprintf("%s\nthe extra elements start from index %d", message, matcher.extraIndex)
+	}
+	if len(matcher.mismatchFailures) != 0 {
+		message = fmt.Sprintf("%s\nthe mismatch indexes were:", message)
+	}
+	for _, mismatch := range matcher.mismatchFailures {
+		message = fmt.Sprintf("%s\n%d: %s", message, mismatch.index, mismatch.failure)
+	}
+	return
+}
+
+func (matcher *HaveExactElementsMatcher) NegatedFailureMessage(actual interface{}) (message string) {
+	return format.Message(actual, "not to contain elements", presentable(matcher.Elements))
+}
diff --git a/vendor/golang.org/x/crypto/curve25519/internal/field/fe_generic.go b/vendor/golang.org/x/crypto/curve25519/internal/field/fe_generic.go
index 7b5b78cbd..2671217da 100644
--- a/vendor/golang.org/x/crypto/curve25519/internal/field/fe_generic.go
+++ b/vendor/golang.org/x/crypto/curve25519/internal/field/fe_generic.go
@@ -245,7 +245,7 @@ func feSquareGeneric(v, a *Element) {
 	v.carryPropagate()
 }
 
-// carryPropagate brings the limbs below 52 bits by applying the reduction
+// carryPropagateGeneric brings the limbs below 52 bits by applying the reduction
 // identity (a * 2²⁵⁵ + b = a * 19 + b) to the l4 carry. TODO inline
 func (v *Element) carryPropagateGeneric() *Element {
 	c0 := v.l0 >> 51
diff --git a/vendor/golang.org/x/net/html/parse.go b/vendor/golang.org/x/net/html/parse.go
index 291c91908..46a89eda6 100644
--- a/vendor/golang.org/x/net/html/parse.go
+++ b/vendor/golang.org/x/net/html/parse.go
@@ -184,7 +184,7 @@ func (p *parser) clearStackToContext(s scope) {
 	}
 }
 
-// parseGenericRawTextElements implements the generic raw text element parsing
+// parseGenericRawTextElement implements the generic raw text element parsing
 // algorithm defined in 12.2.6.2.
 // https://html.spec.whatwg.org/multipage/parsing.html#parsing-elements-that-contain-only-text
 // TODO: Since both RAWTEXT and RCDATA states are treated as tokenizer's part
diff --git a/vendor/golang.org/x/net/html/token.go b/vendor/golang.org/x/net/html/token.go
index ae24a6fdf..50f7c6aac 100644
--- a/vendor/golang.org/x/net/html/token.go
+++ b/vendor/golang.org/x/net/html/token.go
@@ -598,6 +598,11 @@ scriptDataDoubleEscapeEnd:
 // readComment reads the next comment token starting with "<!--". The opening
 // "<!--" has already been consumed.
 func (z *Tokenizer) readComment() {
+	// When modifying this function, consider manually increasing the suffixLen
+	// constant in func TestComments, from 6 to e.g. 9 or more. That increase
+	// should only be temporary, not committed, as it exponentially affects the
+	// test running time.
+
 	z.data.start = z.raw.end
 	defer func() {
 		if z.data.end < z.data.start {
@@ -611,11 +616,7 @@ func (z *Tokenizer) readComment() {
 	for {
 		c := z.readByte()
 		if z.err != nil {
-			// Ignore up to two dashes at EOF.
-			if dashCount > 2 {
-				dashCount = 2
-			}
-			z.data.end = z.raw.end - dashCount
+			z.data.end = z.calculateAbruptCommentDataEnd()
 			return
 		}
 		switch c {
@@ -631,12 +632,15 @@ func (z *Tokenizer) readComment() {
 			if dashCount >= 2 {
 				c = z.readByte()
 				if z.err != nil {
-					z.data.end = z.raw.end
+					z.data.end = z.calculateAbruptCommentDataEnd()
 					return
-				}
-				if c == '>' {
+				} else if c == '>' {
 					z.data.end = z.raw.end - len("--!>")
 					return
+				} else if c == '-' {
+					dashCount = 1
+					beginning = false
+					continue
 				}
 			}
 		}
@@ -645,6 +649,35 @@ func (z *Tokenizer) readComment() {
 	}
 }
 
+func (z *Tokenizer) calculateAbruptCommentDataEnd() int {
+	raw := z.Raw()
+	const prefixLen = len("<!--")
+	if len(raw) >= prefixLen {
+		raw = raw[prefixLen:]
+		if hasSuffix(raw, "--!") {
+			return z.raw.end - 3
+		} else if hasSuffix(raw, "--") {
+			return z.raw.end - 2
+		} else if hasSuffix(raw, "-") {
+			return z.raw.end - 1
+		}
+	}
+	return z.raw.end
+}
+
+func hasSuffix(b []byte, suffix string) bool {
+	if len(b) < len(suffix) {
+		return false
+	}
+	b = b[len(b)-len(suffix):]
+	for i := range b {
+		if b[i] != suffix[i] {
+			return false
+		}
+	}
+	return true
+}
+
 // readUntilCloseAngle reads until the next ">".
 func (z *Tokenizer) readUntilCloseAngle() {
 	z.data.start = z.raw.end
diff --git a/vendor/golang.org/x/net/http2/flow.go b/vendor/golang.org/x/net/http2/flow.go
index 750ac52f2..b7dbd1869 100644
--- a/vendor/golang.org/x/net/http2/flow.go
+++ b/vendor/golang.org/x/net/http2/flow.go
@@ -18,7 +18,7 @@ type inflow struct {
 	unsent int32
 }
 
-// set sets the initial window.
+// init sets the initial window.
 func (f *inflow) init(n int32) {
 	f.avail = n
 }
diff --git a/vendor/golang.org/x/net/http2/frame.go b/vendor/golang.org/x/net/http2/frame.go
index 184ac45fe..c1f6b90dc 100644
--- a/vendor/golang.org/x/net/http2/frame.go
+++ b/vendor/golang.org/x/net/http2/frame.go
@@ -662,6 +662,15 @@ func (f *Framer) WriteData(streamID uint32, endStream bool, data []byte) error {
 // It is the caller's responsibility not to violate the maximum frame size
 // and to not call other Write methods concurrently.
 func (f *Framer) WriteDataPadded(streamID uint32, endStream bool, data, pad []byte) error {
+	if err := f.startWriteDataPadded(streamID, endStream, data, pad); err != nil {
+		return err
+	}
+	return f.endWrite()
+}
+
+// startWriteDataPadded is WriteDataPadded, but only writes the frame to the Framer's internal buffer.
+// The caller should call endWrite to flush the frame to the underlying writer.
+func (f *Framer) startWriteDataPadded(streamID uint32, endStream bool, data, pad []byte) error {
 	if !validStreamID(streamID) && !f.AllowIllegalWrites {
 		return errStreamID
 	}
@@ -691,7 +700,7 @@ func (f *Framer) WriteDataPadded(streamID uint32, endStream bool, data, pad []by
 	}
 	f.wbuf = append(f.wbuf, data...)
 	f.wbuf = append(f.wbuf, pad...)
-	return f.endWrite()
+	return nil
 }
 
 // A SettingsFrame conveys configuration parameters that affect how
diff --git a/vendor/golang.org/x/net/http2/hpack/hpack.go b/vendor/golang.org/x/net/http2/hpack/hpack.go
index ebdfbee96..7a1d97669 100644
--- a/vendor/golang.org/x/net/http2/hpack/hpack.go
+++ b/vendor/golang.org/x/net/http2/hpack/hpack.go
@@ -211,7 +211,7 @@ func (d *Decoder) at(i uint64) (hf HeaderField, ok bool) {
 	return dt.ents[dt.len()-(int(i)-staticTable.len())], true
 }
 
-// Decode decodes an entire block.
+// DecodeFull decodes an entire block.
 //
 // TODO: remove this method and make it incremental later? This is
 // easier for debugging now.
@@ -359,6 +359,7 @@ func (d *Decoder) parseFieldLiteral(n uint8, it indexType) error {
 
 	var hf HeaderField
 	wantStr := d.emitEnabled || it.indexed()
+	var undecodedName undecodedString
 	if nameIdx > 0 {
 		ihf, ok := d.at(nameIdx)
 		if !ok {
@@ -366,15 +367,27 @@ func (d *Decoder) parseFieldLiteral(n uint8, it indexType) error {
 		}
 		hf.Name = ihf.Name
 	} else {
-		hf.Name, buf, err = d.readString(buf, wantStr)
+		undecodedName, buf, err = d.readString(buf)
 		if err != nil {
 			return err
 		}
 	}
-	hf.Value, buf, err = d.readString(buf, wantStr)
+	undecodedValue, buf, err := d.readString(buf)
 	if err != nil {
 		return err
 	}
+	if wantStr {
+		if nameIdx <= 0 {
+			hf.Name, err = d.decodeString(undecodedName)
+			if err != nil {
+				return err
+			}
+		}
+		hf.Value, err = d.decodeString(undecodedValue)
+		if err != nil {
+			return err
+		}
+	}
 	d.buf = buf
 	if it.indexed() {
 		d.dynTab.add(hf)
@@ -459,46 +472,52 @@ func readVarInt(n byte, p []byte) (i uint64, remain []byte, err error) {
 	return 0, origP, errNeedMore
 }
 
-// readString decodes an hpack string from p.
+// readString reads an hpack string from p.
 //
-// wantStr is whether s will be used. If false, decompression and
-// []byte->string garbage are skipped if s will be ignored
-// anyway. This does mean that huffman decoding errors for non-indexed
-// strings past the MAX_HEADER_LIST_SIZE are ignored, but the server
-// is returning an error anyway, and because they're not indexed, the error
-// won't affect the decoding state.
-func (d *Decoder) readString(p []byte, wantStr bool) (s string, remain []byte, err error) {
+// It returns a reference to the encoded string data to permit deferring decode costs
+// until after the caller verifies all data is present.
+func (d *Decoder) readString(p []byte) (u undecodedString, remain []byte, err error) {
 	if len(p) == 0 {
-		return "", p, errNeedMore
+		return u, p, errNeedMore
 	}
 	isHuff := p[0]&128 != 0
 	strLen, p, err := readVarInt(7, p)
 	if err != nil {
-		return "", p, err
+		return u, p, err
 	}
 	if d.maxStrLen != 0 && strLen > uint64(d.maxStrLen) {
-		return "", nil, ErrStringLength
+		// Returning an error here means Huffman decoding errors
+		// for non-indexed strings past the maximum string length
+		// are ignored, but the server is returning an error anyway
+		// and because the string is not indexed the error will not
+		// affect the decoding state.
+		return u, nil, ErrStringLength
 	}
 	if uint64(len(p)) < strLen {
-		return "", p, errNeedMore
+		return u, p, errNeedMore
 	}
-	if !isHuff {
-		if wantStr {
-			s = string(p[:strLen])
-		}
-		return s, p[strLen:], nil
-	}
-
-	if wantStr {
-		buf := bufPool.Get().(*bytes.Buffer)
-		buf.Reset() // don't trust others
-		defer bufPool.Put(buf)
-		if err := huffmanDecode(buf, d.maxStrLen, p[:strLen]); err != nil {
-			buf.Reset()
-			return "", nil, err
-		}
-		s = buf.String()
-		buf.Reset() // be nice to GC
-	}
-	return s, p[strLen:], nil
+	u.isHuff = isHuff
+	u.b = p[:strLen]
+	return u, p[strLen:], nil
+}
+
+type undecodedString struct {
+	isHuff bool
+	b      []byte
+}
+
+func (d *Decoder) decodeString(u undecodedString) (string, error) {
+	if !u.isHuff {
+		return string(u.b), nil
+	}
+	buf := bufPool.Get().(*bytes.Buffer)
+	buf.Reset() // don't trust others
+	var s string
+	err := huffmanDecode(buf, d.maxStrLen, u.b)
+	if err == nil {
+		s = buf.String()
+	}
+	buf.Reset() // be nice to GC
+	bufPool.Put(buf)
+	return s, err
 }
diff --git a/vendor/golang.org/x/net/http2/server.go b/vendor/golang.org/x/net/http2/server.go
index b624dc0a7..8cb14f3c9 100644
--- a/vendor/golang.org/x/net/http2/server.go
+++ b/vendor/golang.org/x/net/http2/server.go
@@ -843,8 +843,13 @@ type frameWriteResult struct {
 // and then reports when it's done.
 // At most one goroutine can be running writeFrameAsync at a time per
 // serverConn.
-func (sc *serverConn) writeFrameAsync(wr FrameWriteRequest) {
-	err := wr.write.writeFrame(sc)
+func (sc *serverConn) writeFrameAsync(wr FrameWriteRequest, wd *writeData) {
+	var err error
+	if wd == nil {
+		err = wr.write.writeFrame(sc)
+	} else {
+		err = sc.framer.endWrite()
+	}
 	sc.wroteFrameCh <- frameWriteResult{wr: wr, err: err}
 }
 
@@ -1251,9 +1256,16 @@ func (sc *serverConn) startFrameWrite(wr FrameWriteRequest) {
 		sc.writingFrameAsync = false
 		err := wr.write.writeFrame(sc)
 		sc.wroteFrame(frameWriteResult{wr: wr, err: err})
+	} else if wd, ok := wr.write.(*writeData); ok {
+		// Encode the frame in the serve goroutine, to ensure we don't have
+		// any lingering asynchronous references to data passed to Write.
+		// See https://go.dev/issue/58446.
+		sc.framer.startWriteDataPadded(wd.streamID, wd.endStream, wd.p, nil)
+		sc.writingFrameAsync = true
+		go sc.writeFrameAsync(wr, wd)
 	} else {
 		sc.writingFrameAsync = true
-		go sc.writeFrameAsync(wr)
+		go sc.writeFrameAsync(wr, nil)
 	}
 }
 
@@ -2192,7 +2204,7 @@ func (sc *serverConn) newWriterAndRequestNoBody(st *stream, rp requestParam) (*r
 		tlsState = sc.tlsState
 	}
 
-	needsContinue := rp.header.Get("Expect") == "100-continue"
+	needsContinue := httpguts.HeaderValuesContainsToken(rp.header["Expect"], "100-continue")
 	if needsContinue {
 		rp.header.Del("Expect")
 	}
diff --git a/vendor/golang.org/x/net/http2/transport.go b/vendor/golang.org/x/net/http2/transport.go
index b43ec10cf..05ba23d3d 100644
--- a/vendor/golang.org/x/net/http2/transport.go
+++ b/vendor/golang.org/x/net/http2/transport.go
@@ -1569,7 +1569,7 @@ func (cs *clientStream) cleanupWriteRequest(err error) {
 	close(cs.donec)
 }
 
-// awaitOpenSlotForStream waits until len(streams) < maxConcurrentStreams.
+// awaitOpenSlotForStreamLocked waits until len(streams) < maxConcurrentStreams.
 // Must hold cc.mu.
 func (cc *ClientConn) awaitOpenSlotForStreamLocked(cs *clientStream) error {
 	for {
diff --git a/vendor/golang.org/x/net/trace/histogram.go b/vendor/golang.org/x/net/trace/histogram.go
index 9bf4286c7..d6c71101e 100644
--- a/vendor/golang.org/x/net/trace/histogram.go
+++ b/vendor/golang.org/x/net/trace/histogram.go
@@ -32,7 +32,7 @@ type histogram struct {
 	valueCount   int64   // number of values recorded for single value
 }
 
-// AddMeasurement records a value measurement observation to the histogram.
+// addMeasurement records a value measurement observation to the histogram.
 func (h *histogram) addMeasurement(value int64) {
 	// TODO: assert invariant
 	h.sum += value
diff --git a/vendor/golang.org/x/sys/cpu/cpu_gccgo_x86.c b/vendor/golang.org/x/sys/cpu/cpu_gccgo_x86.c
index a4605e6d1..6cc73109f 100644
--- a/vendor/golang.org/x/sys/cpu/cpu_gccgo_x86.c
+++ b/vendor/golang.org/x/sys/cpu/cpu_gccgo_x86.c
@@ -2,6 +2,7 @@
 // Use of this source code is governed by a BSD-style
 // license that can be found in the LICENSE file.
 
+//go:build (386 || amd64 || amd64p32) && gccgo
 // +build 386 amd64 amd64p32
 // +build gccgo
 
diff --git a/vendor/golang.org/x/sys/cpu/endian_big.go b/vendor/golang.org/x/sys/cpu/endian_big.go
new file mode 100644
index 000000000..93ce03a34
--- /dev/null
+++ b/vendor/golang.org/x/sys/cpu/endian_big.go
@@ -0,0 +1,11 @@
+// Copyright 2023 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+//go:build armbe || arm64be || m68k || mips || mips64 || mips64p32 || ppc || ppc64 || s390 || s390x || shbe || sparc || sparc64
+// +build armbe arm64be m68k mips mips64 mips64p32 ppc ppc64 s390 s390x shbe sparc sparc64
+
+package cpu
+
+// IsBigEndian records whether the GOARCH's byte order is big endian.
+const IsBigEndian = true
diff --git a/vendor/golang.org/x/sys/cpu/endian_little.go b/vendor/golang.org/x/sys/cpu/endian_little.go
new file mode 100644
index 000000000..fe545966b
--- /dev/null
+++ b/vendor/golang.org/x/sys/cpu/endian_little.go
@@ -0,0 +1,11 @@
+// Copyright 2023 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+//go:build 386 || amd64 || amd64p32 || alpha || arm || arm64 || loong64 || mipsle || mips64le || mips64p32le || nios2 || ppc64le || riscv || riscv64 || sh
+// +build 386 amd64 amd64p32 alpha arm arm64 loong64 mipsle mips64le mips64p32le nios2 ppc64le riscv riscv64 sh
+
+package cpu
+
+// IsBigEndian records whether the GOARCH's byte order is big endian.
+const IsBigEndian = false
diff --git a/vendor/golang.org/x/sys/unix/gccgo_c.c b/vendor/golang.org/x/sys/unix/gccgo_c.c
index c4fce0e70..f98a1c542 100644
--- a/vendor/golang.org/x/sys/unix/gccgo_c.c
+++ b/vendor/golang.org/x/sys/unix/gccgo_c.c
@@ -2,8 +2,8 @@
 // Use of this source code is governed by a BSD-style
 // license that can be found in the LICENSE file.
 
-// +build gccgo,!hurd
-// +build !aix,!hurd
+//go:build gccgo && !aix && !hurd
+// +build gccgo,!aix,!hurd
 
 #include <errno.h>
 #include <stdint.h>
diff --git a/vendor/golang.org/x/sys/unix/syscall_darwin.go b/vendor/golang.org/x/sys/unix/syscall_darwin.go
index 1f6338218..192b071b3 100644
--- a/vendor/golang.org/x/sys/unix/syscall_darwin.go
+++ b/vendor/golang.org/x/sys/unix/syscall_darwin.go
@@ -230,6 +230,7 @@ func direntNamlen(buf []byte) (uint64, bool) {
 
 func PtraceAttach(pid int) (err error) { return ptrace(PT_ATTACH, pid, 0, 0) }
 func PtraceDetach(pid int) (err error) { return ptrace(PT_DETACH, pid, 0, 0) }
+func PtraceDenyAttach() (err error)    { return ptrace(PT_DENY_ATTACH, 0, 0, 0) }
 
 //sysnb	pipe(p *[2]int32) (err error)
 
diff --git a/vendor/golang.org/x/sys/unix/syscall_freebsd_386.go b/vendor/golang.org/x/sys/unix/syscall_freebsd_386.go
index b11ede89a..6a91d471d 100644
--- a/vendor/golang.org/x/sys/unix/syscall_freebsd_386.go
+++ b/vendor/golang.org/x/sys/unix/syscall_freebsd_386.go
@@ -60,8 +60,13 @@ func PtraceGetFsBase(pid int, fsbase *int64) (err error) {
 	return ptrace(PT_GETFSBASE, pid, uintptr(unsafe.Pointer(fsbase)), 0)
 }
 
-func PtraceIO(req int, pid int, addr uintptr, out []byte, countin int) (count int, err error) {
-	ioDesc := PtraceIoDesc{Op: int32(req), Offs: uintptr(unsafe.Pointer(addr)), Addr: uintptr(unsafe.Pointer(&out[0])), Len: uint32(countin)}
+func PtraceIO(req int, pid int, offs uintptr, out []byte, countin int) (count int, err error) {
+	ioDesc := PtraceIoDesc{
+		Op:   int32(req),
+		Offs: offs,
+		Addr: uintptr(unsafe.Pointer(&out[0])), // TODO(#58351): this is not safe.
+		Len:  uint32(countin),
+	}
 	err = ptrace(PT_IO, pid, uintptr(unsafe.Pointer(&ioDesc)), 0)
 	return int(ioDesc.Len), err
 }
diff --git a/vendor/golang.org/x/sys/unix/syscall_freebsd_amd64.go b/vendor/golang.org/x/sys/unix/syscall_freebsd_amd64.go
index 9ed8eec6c..48110a0ab 100644
--- a/vendor/golang.org/x/sys/unix/syscall_freebsd_amd64.go
+++ b/vendor/golang.org/x/sys/unix/syscall_freebsd_amd64.go
@@ -60,8 +60,13 @@ func PtraceGetFsBase(pid int, fsbase *int64) (err error) {
 	return ptrace(PT_GETFSBASE, pid, uintptr(unsafe.Pointer(fsbase)), 0)
 }
 
-func PtraceIO(req int, pid int, addr uintptr, out []byte, countin int) (count int, err error) {
-	ioDesc := PtraceIoDesc{Op: int32(req), Offs: uintptr(unsafe.Pointer(addr)), Addr: uintptr(unsafe.Pointer(&out[0])), Len: uint64(countin)}
+func PtraceIO(req int, pid int, offs uintptr, out []byte, countin int) (count int, err error) {
+	ioDesc := PtraceIoDesc{
+		Op:   int32(req),
+		Offs: offs,
+		Addr: uintptr(unsafe.Pointer(&out[0])), // TODO(#58351): this is not safe.
+		Len:  uint64(countin),
+	}
 	err = ptrace(PT_IO, pid, uintptr(unsafe.Pointer(&ioDesc)), 0)
 	return int(ioDesc.Len), err
 }
diff --git a/vendor/golang.org/x/sys/unix/syscall_freebsd_arm.go b/vendor/golang.org/x/sys/unix/syscall_freebsd_arm.go
index f8ac98247..52f1d4b75 100644
--- a/vendor/golang.org/x/sys/unix/syscall_freebsd_arm.go
+++ b/vendor/golang.org/x/sys/unix/syscall_freebsd_arm.go
@@ -56,8 +56,13 @@ func sendfile(outfd int, infd int, offset *int64, count int) (written int, err e
 
 func Syscall9(num, a1, a2, a3, a4, a5, a6, a7, a8, a9 uintptr) (r1, r2 uintptr, err syscall.Errno)
 
-func PtraceIO(req int, pid int, addr uintptr, out []byte, countin int) (count int, err error) {
-	ioDesc := PtraceIoDesc{Op: int32(req), Offs: uintptr(unsafe.Pointer(addr)), Addr: uintptr(unsafe.Pointer(&out[0])), Len: uint32(countin)}
+func PtraceIO(req int, pid int, offs uintptr, out []byte, countin int) (count int, err error) {
+	ioDesc := PtraceIoDesc{
+		Op:   int32(req),
+		Offs: offs,
+		Addr: uintptr(unsafe.Pointer(&out[0])), // TODO(#58351): this is not safe.
+		Len:  uint32(countin),
+	}
 	err = ptrace(PT_IO, pid, uintptr(unsafe.Pointer(&ioDesc)), 0)
 	return int(ioDesc.Len), err
 }
diff --git a/vendor/golang.org/x/sys/unix/syscall_freebsd_arm64.go b/vendor/golang.org/x/sys/unix/syscall_freebsd_arm64.go
index 8e932036e..5537ee4f2 100644
--- a/vendor/golang.org/x/sys/unix/syscall_freebsd_arm64.go
+++ b/vendor/golang.org/x/sys/unix/syscall_freebsd_arm64.go
@@ -56,8 +56,13 @@ func sendfile(outfd int, infd int, offset *int64, count int) (written int, err e
 
 func Syscall9(num, a1, a2, a3, a4, a5, a6, a7, a8, a9 uintptr) (r1, r2 uintptr, err syscall.Errno)
 
-func PtraceIO(req int, pid int, addr uintptr, out []byte, countin int) (count int, err error) {
-	ioDesc := PtraceIoDesc{Op: int32(req), Offs: uintptr(unsafe.Pointer(addr)), Addr: uintptr(unsafe.Pointer(&out[0])), Len: uint64(countin)}
+func PtraceIO(req int, pid int, offs uintptr, out []byte, countin int) (count int, err error) {
+	ioDesc := PtraceIoDesc{
+		Op:   int32(req),
+		Offs: offs,
+		Addr: uintptr(unsafe.Pointer(&out[0])), // TODO(#58351): this is not safe.
+		Len:  uint64(countin),
+	}
 	err = ptrace(PT_IO, pid, uintptr(unsafe.Pointer(&ioDesc)), 0)
 	return int(ioDesc.Len), err
 }
diff --git a/vendor/golang.org/x/sys/unix/syscall_freebsd_riscv64.go b/vendor/golang.org/x/sys/unix/syscall_freebsd_riscv64.go
index cbe122278..164abd5d2 100644
--- a/vendor/golang.org/x/sys/unix/syscall_freebsd_riscv64.go
+++ b/vendor/golang.org/x/sys/unix/syscall_freebsd_riscv64.go
@@ -56,8 +56,13 @@ func sendfile(outfd int, infd int, offset *int64, count int) (written int, err e
 
 func Syscall9(num, a1, a2, a3, a4, a5, a6, a7, a8, a9 uintptr) (r1, r2 uintptr, err syscall.Errno)
 
-func PtraceIO(req int, pid int, addr uintptr, out []byte, countin int) (count int, err error) {
-	ioDesc := PtraceIoDesc{Op: int32(req), Offs: uintptr(unsafe.Pointer(addr)), Addr: uintptr(unsafe.Pointer(&out[0])), Len: uint64(countin)}
+func PtraceIO(req int, pid int, offs uintptr, out []byte, countin int) (count int, err error) {
+	ioDesc := PtraceIoDesc{
+		Op:   int32(req),
+		Offs: offs,
+		Addr: uintptr(unsafe.Pointer(&out[0])), // TODO(#58351): this is not safe.
+		Len:  uint64(countin),
+	}
 	err = ptrace(PT_IO, pid, uintptr(unsafe.Pointer(&ioDesc)), 0)
 	return int(ioDesc.Len), err
 }
diff --git a/vendor/golang.org/x/sys/unix/syscall_linux.go b/vendor/golang.org/x/sys/unix/syscall_linux.go
index d839962e6..5443dddd4 100644
--- a/vendor/golang.org/x/sys/unix/syscall_linux.go
+++ b/vendor/golang.org/x/sys/unix/syscall_linux.go
@@ -1800,6 +1800,7 @@ func Sendfile(outfd int, infd int, offset *int64, count int) (written int, err e
 //sysnb	Capset(hdr *CapUserHeader, data *CapUserData) (err error)
 //sys	Chdir(path string) (err error)
 //sys	Chroot(path string) (err error)
+//sys	ClockAdjtime(clockid int32, buf *Timex) (state int, err error)
 //sys	ClockGetres(clockid int32, res *Timespec) (err error)
 //sys	ClockGettime(clockid int32, time *Timespec) (err error)
 //sys	ClockNanosleep(clockid int32, flags int, request *Timespec, remain *Timespec) (err error)
@@ -1999,7 +2000,7 @@ func appendBytes(vecs []Iovec, bs [][]byte) []Iovec {
 // offs2lohi splits offs into its low and high order bits.
 func offs2lohi(offs int64) (lo, hi uintptr) {
 	const longBits = SizeofLong * 8
-	return uintptr(offs), uintptr(uint64(offs) >> longBits)
+	return uintptr(offs), uintptr(uint64(offs) >> (longBits - 1) >> 1) // two shifts to avoid false positive in vet
 }
 
 func Readv(fd int, iovs [][]byte) (n int, err error) {
diff --git a/vendor/golang.org/x/sys/unix/syscall_unix.go b/vendor/golang.org/x/sys/unix/syscall_unix.go
index a386f8897..00f0aa375 100644
--- a/vendor/golang.org/x/sys/unix/syscall_unix.go
+++ b/vendor/golang.org/x/sys/unix/syscall_unix.go
@@ -578,7 +578,7 @@ func Lutimes(path string, tv []Timeval) error {
 	return UtimesNanoAt(AT_FDCWD, path, ts, AT_SYMLINK_NOFOLLOW)
 }
 
-// emptyIovec reports whether there are no bytes in the slice of Iovec.
+// emptyIovecs reports whether there are no bytes in the slice of Iovec.
 func emptyIovecs(iov []Iovec) bool {
 	for i := range iov {
 		if iov[i].Len > 0 {
diff --git a/vendor/golang.org/x/sys/unix/timestruct.go b/vendor/golang.org/x/sys/unix/timestruct.go
index 3d8930405..616b1b284 100644
--- a/vendor/golang.org/x/sys/unix/timestruct.go
+++ b/vendor/golang.org/x/sys/unix/timestruct.go
@@ -9,7 +9,7 @@ package unix
 
 import "time"
 
-// TimespecToNSec returns the time stored in ts as nanoseconds.
+// TimespecToNsec returns the time stored in ts as nanoseconds.
 func TimespecToNsec(ts Timespec) int64 { return ts.Nano() }
 
 // NsecToTimespec converts a number of nanoseconds into a Timespec.
diff --git a/vendor/golang.org/x/sys/unix/xattr_bsd.go b/vendor/golang.org/x/sys/unix/xattr_bsd.go
index 663b3779d..f5f8e9f36 100644
--- a/vendor/golang.org/x/sys/unix/xattr_bsd.go
+++ b/vendor/golang.org/x/sys/unix/xattr_bsd.go
@@ -36,9 +36,14 @@ func xattrnamespace(fullattr string) (ns int, attr string, err error) {
 func initxattrdest(dest []byte, idx int) (d unsafe.Pointer) {
 	if len(dest) > idx {
 		return unsafe.Pointer(&dest[idx])
-	} else {
-		return unsafe.Pointer(_zero)
 	}
+	if dest != nil {
+		// extattr_get_file and extattr_list_file treat NULL differently from
+		// a non-NULL pointer of length zero. Preserve the property of nilness,
+		// even if we can't use dest directly.
+		return unsafe.Pointer(&_zero)
+	}
+	return nil
 }
 
 // FreeBSD and NetBSD implement their own syscalls to handle extended attributes
diff --git a/vendor/golang.org/x/sys/unix/zerrors_linux.go b/vendor/golang.org/x/sys/unix/zerrors_linux.go
index 785d693eb..e174685ad 100644
--- a/vendor/golang.org/x/sys/unix/zerrors_linux.go
+++ b/vendor/golang.org/x/sys/unix/zerrors_linux.go
@@ -457,7 +457,6 @@ const (
 	B600                                        = 0x8
 	B75                                         = 0x2
 	B9600                                       = 0xd
-	BALLOON_KVM_MAGIC                           = 0x13661366
 	BDEVFS_MAGIC                                = 0x62646576
 	BINDERFS_SUPER_MAGIC                        = 0x6c6f6f70
 	BINFMTFS_MAGIC                              = 0x42494e4d
@@ -563,6 +562,7 @@ const (
 	BUS_USB                                     = 0x3
 	BUS_VIRTUAL                                 = 0x6
 	CAN_BCM                                     = 0x2
+	CAN_BUS_OFF_THRESHOLD                       = 0x100
 	CAN_CTRLMODE_3_SAMPLES                      = 0x4
 	CAN_CTRLMODE_BERR_REPORTING                 = 0x10
 	CAN_CTRLMODE_CC_LEN8_DLC                    = 0x100
@@ -577,9 +577,12 @@ const (
 	CAN_EFF_FLAG                                = 0x80000000
 	CAN_EFF_ID_BITS                             = 0x1d
 	CAN_EFF_MASK                                = 0x1fffffff
+	CAN_ERROR_PASSIVE_THRESHOLD                 = 0x80
+	CAN_ERROR_WARNING_THRESHOLD                 = 0x60
 	CAN_ERR_ACK                                 = 0x20
 	CAN_ERR_BUSERROR                            = 0x80
 	CAN_ERR_BUSOFF                              = 0x40
+	CAN_ERR_CNT                                 = 0x200
 	CAN_ERR_CRTL                                = 0x4
 	CAN_ERR_CRTL_ACTIVE                         = 0x40
 	CAN_ERR_CRTL_RX_OVERFLOW                    = 0x1
@@ -820,9 +823,9 @@ const (
 	DM_UUID_FLAG                                = 0x4000
 	DM_UUID_LEN                                 = 0x81
 	DM_VERSION                                  = 0xc138fd00
-	DM_VERSION_EXTRA                            = "-ioctl (2022-02-22)"
+	DM_VERSION_EXTRA                            = "-ioctl (2022-07-28)"
 	DM_VERSION_MAJOR                            = 0x4
-	DM_VERSION_MINOR                            = 0x2e
+	DM_VERSION_MINOR                            = 0x2f
 	DM_VERSION_PATCHLEVEL                       = 0x0
 	DT_BLK                                      = 0x6
 	DT_CHR                                      = 0x2
@@ -1049,6 +1052,7 @@ const (
 	ETH_P_CAIF                                  = 0xf7
 	ETH_P_CAN                                   = 0xc
 	ETH_P_CANFD                                 = 0xd
+	ETH_P_CANXL                                 = 0xe
 	ETH_P_CFM                                   = 0x8902
 	ETH_P_CONTROL                               = 0x16
 	ETH_P_CUST                                  = 0x6006
@@ -1060,6 +1064,7 @@ const (
 	ETH_P_DNA_RT                                = 0x6003
 	ETH_P_DSA                                   = 0x1b
 	ETH_P_DSA_8021Q                             = 0xdadb
+	ETH_P_DSA_A5PSW                             = 0xe001
 	ETH_P_ECONET                                = 0x18
 	ETH_P_EDSA                                  = 0xdada
 	ETH_P_ERSPAN                                = 0x88be
@@ -1194,8 +1199,10 @@ const (
 	FAN_MARK_EVICTABLE                          = 0x200
 	FAN_MARK_FILESYSTEM                         = 0x100
 	FAN_MARK_FLUSH                              = 0x80
+	FAN_MARK_IGNORE                             = 0x400
 	FAN_MARK_IGNORED_MASK                       = 0x20
 	FAN_MARK_IGNORED_SURV_MODIFY                = 0x40
+	FAN_MARK_IGNORE_SURV                        = 0x440
 	FAN_MARK_INODE                              = 0x0
 	FAN_MARK_MOUNT                              = 0x10
 	FAN_MARK_ONLYDIR                            = 0x8
@@ -1253,6 +1260,7 @@ const (
 	FSCRYPT_MODE_AES_128_CBC                    = 0x5
 	FSCRYPT_MODE_AES_128_CTS                    = 0x6
 	FSCRYPT_MODE_AES_256_CTS                    = 0x4
+	FSCRYPT_MODE_AES_256_HCTR2                  = 0xa
 	FSCRYPT_MODE_AES_256_XTS                    = 0x1
 	FSCRYPT_POLICY_FLAGS_PAD_16                 = 0x2
 	FSCRYPT_POLICY_FLAGS_PAD_32                 = 0x3
@@ -1430,6 +1438,7 @@ const (
 	IFF_NOARP                                   = 0x80
 	IFF_NOFILTER                                = 0x1000
 	IFF_NOTRAILERS                              = 0x20
+	IFF_NO_CARRIER                              = 0x40
 	IFF_NO_PI                                   = 0x1000
 	IFF_ONE_QUEUE                               = 0x2000
 	IFF_PERSIST                                 = 0x800
@@ -1805,6 +1814,7 @@ const (
 	MADV_DONTDUMP                               = 0x10
 	MADV_DONTFORK                               = 0xa
 	MADV_DONTNEED                               = 0x4
+	MADV_DONTNEED_LOCKED                        = 0x18
 	MADV_FREE                                   = 0x8
 	MADV_HUGEPAGE                               = 0xe
 	MADV_HWPOISON                               = 0x64
@@ -1846,7 +1856,7 @@ const (
 	MFD_ALLOW_SEALING                           = 0x2
 	MFD_CLOEXEC                                 = 0x1
 	MFD_HUGETLB                                 = 0x4
-	MFD_HUGE_16GB                               = -0x78000000
+	MFD_HUGE_16GB                               = 0x88000000
 	MFD_HUGE_16MB                               = 0x60000000
 	MFD_HUGE_1GB                                = 0x78000000
 	MFD_HUGE_1MB                                = 0x50000000
@@ -2212,6 +2222,11 @@ const (
 	PERF_AUX_FLAG_PARTIAL                       = 0x4
 	PERF_AUX_FLAG_PMU_FORMAT_TYPE_MASK          = 0xff00
 	PERF_AUX_FLAG_TRUNCATED                     = 0x1
+	PERF_BR_ARM64_DEBUG_DATA                    = 0x7
+	PERF_BR_ARM64_DEBUG_EXIT                    = 0x5
+	PERF_BR_ARM64_DEBUG_HALT                    = 0x4
+	PERF_BR_ARM64_DEBUG_INST                    = 0x6
+	PERF_BR_ARM64_FIQ                           = 0x3
 	PERF_FLAG_FD_CLOEXEC                        = 0x8
 	PERF_FLAG_FD_NO_GROUP                       = 0x1
 	PERF_FLAG_FD_OUTPUT                         = 0x2
@@ -2232,6 +2247,8 @@ const (
 	PERF_MEM_LOCK_NA                            = 0x1
 	PERF_MEM_LOCK_SHIFT                         = 0x18
 	PERF_MEM_LVLNUM_ANY_CACHE                   = 0xb
+	PERF_MEM_LVLNUM_CXL                         = 0x9
+	PERF_MEM_LVLNUM_IO                          = 0xa
 	PERF_MEM_LVLNUM_L1                          = 0x1
 	PERF_MEM_LVLNUM_L2                          = 0x2
 	PERF_MEM_LVLNUM_L3                          = 0x3
@@ -2265,6 +2282,7 @@ const (
 	PERF_MEM_REMOTE_REMOTE                      = 0x1
 	PERF_MEM_REMOTE_SHIFT                       = 0x25
 	PERF_MEM_SNOOPX_FWD                         = 0x1
+	PERF_MEM_SNOOPX_PEER                        = 0x2
 	PERF_MEM_SNOOPX_SHIFT                       = 0x26
 	PERF_MEM_SNOOP_HIT                          = 0x4
 	PERF_MEM_SNOOP_HITM                         = 0x10
@@ -2301,7 +2319,6 @@ const (
 	PERF_SAMPLE_BRANCH_PLM_ALL                  = 0x7
 	PERF_SAMPLE_WEIGHT_TYPE                     = 0x1004000
 	PIPEFS_MAGIC                                = 0x50495045
-	PPC_CMM_MAGIC                               = 0xc7571590
 	PPPIOCGNPMODE                               = 0xc008744c
 	PPPIOCNEWUNIT                               = 0xc004743e
 	PRIO_PGRP                                   = 0x1
@@ -2999,6 +3016,7 @@ const (
 	STATX_BLOCKS                                = 0x400
 	STATX_BTIME                                 = 0x800
 	STATX_CTIME                                 = 0x80
+	STATX_DIOALIGN                              = 0x2000
 	STATX_GID                                   = 0x10
 	STATX_INO                                   = 0x100
 	STATX_MNT_ID                                = 0x1000
@@ -3392,9 +3410,7 @@ const (
 	XDP_ZEROCOPY                                = 0x4
 	XENFS_SUPER_MAGIC                           = 0xabba1974
 	XFS_SUPER_MAGIC                             = 0x58465342
-	Z3FOLD_MAGIC                                = 0x33
 	ZONEFS_MAGIC                                = 0x5a4f4653
-	ZSMALLOC_MAGIC                              = 0x58295829
 	_HIDIOCGRAWNAME_LEN                         = 0x80
 	_HIDIOCGRAWPHYS_LEN                         = 0x40
 	_HIDIOCGRAWUNIQ_LEN                         = 0x40
diff --git a/vendor/golang.org/x/sys/unix/zerrors_linux_386.go b/vendor/golang.org/x/sys/unix/zerrors_linux_386.go
index 36c0dfc7c..a46df0f1e 100644
--- a/vendor/golang.org/x/sys/unix/zerrors_linux_386.go
+++ b/vendor/golang.org/x/sys/unix/zerrors_linux_386.go
@@ -133,6 +133,7 @@ const (
 	MEMGETREGIONCOUNT                = 0x80044d07
 	MEMISLOCKED                      = 0x80084d17
 	MEMLOCK                          = 0x40084d05
+	MEMREAD                          = 0xc03c4d1a
 	MEMREADOOB                       = 0xc00c4d04
 	MEMSETBADBLOCK                   = 0x40084d0c
 	MEMUNLOCK                        = 0x40084d06
diff --git a/vendor/golang.org/x/sys/unix/zerrors_linux_amd64.go b/vendor/golang.org/x/sys/unix/zerrors_linux_amd64.go
index 4ff942703..6cd4a3ea9 100644
--- a/vendor/golang.org/x/sys/unix/zerrors_linux_amd64.go
+++ b/vendor/golang.org/x/sys/unix/zerrors_linux_amd64.go
@@ -133,6 +133,7 @@ const (
 	MEMGETREGIONCOUNT                = 0x80044d07
 	MEMISLOCKED                      = 0x80084d17
 	MEMLOCK                          = 0x40084d05
+	MEMREAD                          = 0xc0404d1a
 	MEMREADOOB                       = 0xc0104d04
 	MEMSETBADBLOCK                   = 0x40084d0c
 	MEMUNLOCK                        = 0x40084d06
diff --git a/vendor/golang.org/x/sys/unix/zerrors_linux_arm.go b/vendor/golang.org/x/sys/unix/zerrors_linux_arm.go
index 3eaa0fb78..c7ebee24d 100644
--- a/vendor/golang.org/x/sys/unix/zerrors_linux_arm.go
+++ b/vendor/golang.org/x/sys/unix/zerrors_linux_arm.go
@@ -131,6 +131,7 @@ const (
 	MEMGETREGIONCOUNT                = 0x80044d07
 	MEMISLOCKED                      = 0x80084d17
 	MEMLOCK                          = 0x40084d05
+	MEMREAD                          = 0xc0404d1a
 	MEMREADOOB                       = 0xc00c4d04
 	MEMSETBADBLOCK                   = 0x40084d0c
 	MEMUNLOCK                        = 0x40084d06
diff --git a/vendor/golang.org/x/sys/unix/zerrors_linux_arm64.go b/vendor/golang.org/x/sys/unix/zerrors_linux_arm64.go
index d7995bdc3..9d5352c3e 100644
--- a/vendor/golang.org/x/sys/unix/zerrors_linux_arm64.go
+++ b/vendor/golang.org/x/sys/unix/zerrors_linux_arm64.go
@@ -134,6 +134,7 @@ const (
 	MEMGETREGIONCOUNT                = 0x80044d07
 	MEMISLOCKED                      = 0x80084d17
 	MEMLOCK                          = 0x40084d05
+	MEMREAD                          = 0xc0404d1a
 	MEMREADOOB                       = 0xc0104d04
 	MEMSETBADBLOCK                   = 0x40084d0c
 	MEMUNLOCK                        = 0x40084d06
diff --git a/vendor/golang.org/x/sys/unix/zerrors_linux_loong64.go b/vendor/golang.org/x/sys/unix/zerrors_linux_loong64.go
index 928e24c20..f26a164f4 100644
--- a/vendor/golang.org/x/sys/unix/zerrors_linux_loong64.go
+++ b/vendor/golang.org/x/sys/unix/zerrors_linux_loong64.go
@@ -132,6 +132,7 @@ const (
 	MEMGETREGIONCOUNT                = 0x80044d07
 	MEMISLOCKED                      = 0x80084d17
 	MEMLOCK                          = 0x40084d05
+	MEMREAD                          = 0xc0404d1a
 	MEMREADOOB                       = 0xc0104d04
 	MEMSETBADBLOCK                   = 0x40084d0c
 	MEMUNLOCK                        = 0x40084d06
diff --git a/vendor/golang.org/x/sys/unix/zerrors_linux_mips.go b/vendor/golang.org/x/sys/unix/zerrors_linux_mips.go
index 179bffb47..890bc3c9b 100644
--- a/vendor/golang.org/x/sys/unix/zerrors_linux_mips.go
+++ b/vendor/golang.org/x/sys/unix/zerrors_linux_mips.go
@@ -131,6 +131,7 @@ const (
 	MEMGETREGIONCOUNT                = 0x40044d07
 	MEMISLOCKED                      = 0x40084d17
 	MEMLOCK                          = 0x80084d05
+	MEMREAD                          = 0xc0404d1a
 	MEMREADOOB                       = 0xc00c4d04
 	MEMSETBADBLOCK                   = 0x80084d0c
 	MEMUNLOCK                        = 0x80084d06
diff --git a/vendor/golang.org/x/sys/unix/zerrors_linux_mips64.go b/vendor/golang.org/x/sys/unix/zerrors_linux_mips64.go
index 1fba17bd7..549f26ac6 100644
--- a/vendor/golang.org/x/sys/unix/zerrors_linux_mips64.go
+++ b/vendor/golang.org/x/sys/unix/zerrors_linux_mips64.go
@@ -131,6 +131,7 @@ const (
 	MEMGETREGIONCOUNT                = 0x40044d07
 	MEMISLOCKED                      = 0x40084d17
 	MEMLOCK                          = 0x80084d05
+	MEMREAD                          = 0xc0404d1a
 	MEMREADOOB                       = 0xc0104d04
 	MEMSETBADBLOCK                   = 0x80084d0c
 	MEMUNLOCK                        = 0x80084d06
diff --git a/vendor/golang.org/x/sys/unix/zerrors_linux_mips64le.go b/vendor/golang.org/x/sys/unix/zerrors_linux_mips64le.go
index b77dde315..e0365e32c 100644
--- a/vendor/golang.org/x/sys/unix/zerrors_linux_mips64le.go
+++ b/vendor/golang.org/x/sys/unix/zerrors_linux_mips64le.go
@@ -131,6 +131,7 @@ const (
 	MEMGETREGIONCOUNT                = 0x40044d07
 	MEMISLOCKED                      = 0x40084d17
 	MEMLOCK                          = 0x80084d05
+	MEMREAD                          = 0xc0404d1a
 	MEMREADOOB                       = 0xc0104d04
 	MEMSETBADBLOCK                   = 0x80084d0c
 	MEMUNLOCK                        = 0x80084d06
diff --git a/vendor/golang.org/x/sys/unix/zerrors_linux_mipsle.go b/vendor/golang.org/x/sys/unix/zerrors_linux_mipsle.go
index 78c6c751b..fdccce15c 100644
--- a/vendor/golang.org/x/sys/unix/zerrors_linux_mipsle.go
+++ b/vendor/golang.org/x/sys/unix/zerrors_linux_mipsle.go
@@ -131,6 +131,7 @@ const (
 	MEMGETREGIONCOUNT                = 0x40044d07
 	MEMISLOCKED                      = 0x40084d17
 	MEMLOCK                          = 0x80084d05
+	MEMREAD                          = 0xc0404d1a
 	MEMREADOOB                       = 0xc00c4d04
 	MEMSETBADBLOCK                   = 0x80084d0c
 	MEMUNLOCK                        = 0x80084d06
diff --git a/vendor/golang.org/x/sys/unix/zerrors_linux_ppc.go b/vendor/golang.org/x/sys/unix/zerrors_linux_ppc.go
index 1c0d31f0b..b2205c83f 100644
--- a/vendor/golang.org/x/sys/unix/zerrors_linux_ppc.go
+++ b/vendor/golang.org/x/sys/unix/zerrors_linux_ppc.go
@@ -131,6 +131,7 @@ const (
 	MEMGETREGIONCOUNT                = 0x40044d07
 	MEMISLOCKED                      = 0x40084d17
 	MEMLOCK                          = 0x80084d05
+	MEMREAD                          = 0xc0404d1a
 	MEMREADOOB                       = 0xc00c4d04
 	MEMSETBADBLOCK                   = 0x80084d0c
 	MEMUNLOCK                        = 0x80084d06
diff --git a/vendor/golang.org/x/sys/unix/zerrors_linux_ppc64.go b/vendor/golang.org/x/sys/unix/zerrors_linux_ppc64.go
index 959dd9bb8..81aa5ad0f 100644
--- a/vendor/golang.org/x/sys/unix/zerrors_linux_ppc64.go
+++ b/vendor/golang.org/x/sys/unix/zerrors_linux_ppc64.go
@@ -131,6 +131,7 @@ const (
 	MEMGETREGIONCOUNT                = 0x40044d07
 	MEMISLOCKED                      = 0x40084d17
 	MEMLOCK                          = 0x80084d05
+	MEMREAD                          = 0xc0404d1a
 	MEMREADOOB                       = 0xc0104d04
 	MEMSETBADBLOCK                   = 0x80084d0c
 	MEMUNLOCK                        = 0x80084d06
diff --git a/vendor/golang.org/x/sys/unix/zerrors_linux_ppc64le.go b/vendor/golang.org/x/sys/unix/zerrors_linux_ppc64le.go
index 5a873cdbc..76807a1fd 100644
--- a/vendor/golang.org/x/sys/unix/zerrors_linux_ppc64le.go
+++ b/vendor/golang.org/x/sys/unix/zerrors_linux_ppc64le.go
@@ -131,6 +131,7 @@ const (
 	MEMGETREGIONCOUNT                = 0x40044d07
 	MEMISLOCKED                      = 0x40084d17
 	MEMLOCK                          = 0x80084d05
+	MEMREAD                          = 0xc0404d1a
 	MEMREADOOB                       = 0xc0104d04
 	MEMSETBADBLOCK                   = 0x80084d0c
 	MEMUNLOCK                        = 0x80084d06
diff --git a/vendor/golang.org/x/sys/unix/zerrors_linux_riscv64.go b/vendor/golang.org/x/sys/unix/zerrors_linux_riscv64.go
index e336d141e..d4a5ab9e4 100644
--- a/vendor/golang.org/x/sys/unix/zerrors_linux_riscv64.go
+++ b/vendor/golang.org/x/sys/unix/zerrors_linux_riscv64.go
@@ -131,6 +131,7 @@ const (
 	MEMGETREGIONCOUNT                = 0x80044d07
 	MEMISLOCKED                      = 0x80084d17
 	MEMLOCK                          = 0x40084d05
+	MEMREAD                          = 0xc0404d1a
 	MEMREADOOB                       = 0xc0104d04
 	MEMSETBADBLOCK                   = 0x40084d0c
 	MEMUNLOCK                        = 0x40084d06
diff --git a/vendor/golang.org/x/sys/unix/zerrors_linux_s390x.go b/vendor/golang.org/x/sys/unix/zerrors_linux_s390x.go
index 390c01d92..66e65db95 100644
--- a/vendor/golang.org/x/sys/unix/zerrors_linux_s390x.go
+++ b/vendor/golang.org/x/sys/unix/zerrors_linux_s390x.go
@@ -131,6 +131,7 @@ const (
 	MEMGETREGIONCOUNT                = 0x80044d07
 	MEMISLOCKED                      = 0x80084d17
 	MEMLOCK                          = 0x40084d05
+	MEMREAD                          = 0xc0404d1a
 	MEMREADOOB                       = 0xc0104d04
 	MEMSETBADBLOCK                   = 0x40084d0c
 	MEMUNLOCK                        = 0x40084d06
diff --git a/vendor/golang.org/x/sys/unix/zerrors_linux_sparc64.go b/vendor/golang.org/x/sys/unix/zerrors_linux_sparc64.go
index 98a6e5f11..f61925269 100644
--- a/vendor/golang.org/x/sys/unix/zerrors_linux_sparc64.go
+++ b/vendor/golang.org/x/sys/unix/zerrors_linux_sparc64.go
@@ -136,6 +136,7 @@ const (
 	MEMGETREGIONCOUNT                = 0x40044d07
 	MEMISLOCKED                      = 0x40084d17
 	MEMLOCK                          = 0x80084d05
+	MEMREAD                          = 0xc0404d1a
 	MEMREADOOB                       = 0xc0104d04
 	MEMSETBADBLOCK                   = 0x80084d0c
 	MEMUNLOCK                        = 0x80084d06
diff --git a/vendor/golang.org/x/sys/unix/zsyscall_linux.go b/vendor/golang.org/x/sys/unix/zsyscall_linux.go
index 293cf3680..36ea3a55b 100644
--- a/vendor/golang.org/x/sys/unix/zsyscall_linux.go
+++ b/vendor/golang.org/x/sys/unix/zsyscall_linux.go
@@ -537,6 +537,17 @@ func Chroot(path string) (err error) {
 
 // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
 
+func ClockAdjtime(clockid int32, buf *Timex) (state int, err error) {
+	r0, _, e1 := Syscall(SYS_CLOCK_ADJTIME, uintptr(clockid), uintptr(unsafe.Pointer(buf)), 0)
+	state = int(r0)
+	if e1 != 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
 func ClockGetres(clockid int32, res *Timespec) (err error) {
 	_, _, e1 := Syscall(SYS_CLOCK_GETRES, uintptr(clockid), uintptr(unsafe.Pointer(res)), 0)
 	if e1 != 0 {
diff --git a/vendor/golang.org/x/sys/unix/ztypes_linux.go b/vendor/golang.org/x/sys/unix/ztypes_linux.go
index ff6881167..7d9fc8f1c 100644
--- a/vendor/golang.org/x/sys/unix/ztypes_linux.go
+++ b/vendor/golang.org/x/sys/unix/ztypes_linux.go
@@ -29,6 +29,41 @@ type Itimerval struct {
 	Value    Timeval
 }
 
+const (
+	ADJ_OFFSET            = 0x1
+	ADJ_FREQUENCY         = 0x2
+	ADJ_MAXERROR          = 0x4
+	ADJ_ESTERROR          = 0x8
+	ADJ_STATUS            = 0x10
+	ADJ_TIMECONST         = 0x20
+	ADJ_TAI               = 0x80
+	ADJ_SETOFFSET         = 0x100
+	ADJ_MICRO             = 0x1000
+	ADJ_NANO              = 0x2000
+	ADJ_TICK              = 0x4000
+	ADJ_OFFSET_SINGLESHOT = 0x8001
+	ADJ_OFFSET_SS_READ    = 0xa001
+)
+
+const (
+	STA_PLL       = 0x1
+	STA_PPSFREQ   = 0x2
+	STA_PPSTIME   = 0x4
+	STA_FLL       = 0x8
+	STA_INS       = 0x10
+	STA_DEL       = 0x20
+	STA_UNSYNC    = 0x40
+	STA_FREQHOLD  = 0x80
+	STA_PPSSIGNAL = 0x100
+	STA_PPSJITTER = 0x200
+	STA_PPSWANDER = 0x400
+	STA_PPSERROR  = 0x800
+	STA_CLOCKERR  = 0x1000
+	STA_NANO      = 0x2000
+	STA_MODE      = 0x4000
+	STA_CLK       = 0x8000
+)
+
 const (
 	TIME_OK    = 0x0
 	TIME_INS   = 0x1
@@ -53,29 +88,30 @@ type StatxTimestamp struct {
 }
 
 type Statx_t struct {
-	Mask            uint32
-	Blksize         uint32
-	Attributes      uint64
-	Nlink           uint32
-	Uid             uint32
-	Gid             uint32
-	Mode            uint16
-	_               [1]uint16
-	Ino             uint64
-	Size            uint64
-	Blocks          uint64
-	Attributes_mask uint64
-	Atime           StatxTimestamp
-	Btime           StatxTimestamp
-	Ctime           StatxTimestamp
-	Mtime           StatxTimestamp
-	Rdev_major      uint32
-	Rdev_minor      uint32
-	Dev_major       uint32
-	Dev_minor       uint32
-	Mnt_id          uint64
-	_               uint64
-	_               [12]uint64
+	Mask             uint32
+	Blksize          uint32
+	Attributes       uint64
+	Nlink            uint32
+	Uid              uint32
+	Gid              uint32
+	Mode             uint16
+	_                [1]uint16
+	Ino              uint64
+	Size             uint64
+	Blocks           uint64
+	Attributes_mask  uint64
+	Atime            StatxTimestamp
+	Btime            StatxTimestamp
+	Ctime            StatxTimestamp
+	Mtime            StatxTimestamp
+	Rdev_major       uint32
+	Rdev_minor       uint32
+	Dev_major        uint32
+	Dev_minor        uint32
+	Mnt_id           uint64
+	Dio_mem_align    uint32
+	Dio_offset_align uint32
+	_                [12]uint64
 }
 
 type Fsid struct {
@@ -1099,7 +1135,8 @@ const (
 	PERF_SAMPLE_BRANCH_NO_CYCLES_SHIFT    = 0xf
 	PERF_SAMPLE_BRANCH_TYPE_SAVE_SHIFT    = 0x10
 	PERF_SAMPLE_BRANCH_HW_INDEX_SHIFT     = 0x11
-	PERF_SAMPLE_BRANCH_MAX_SHIFT          = 0x12
+	PERF_SAMPLE_BRANCH_PRIV_SAVE_SHIFT    = 0x12
+	PERF_SAMPLE_BRANCH_MAX_SHIFT          = 0x13
 	PERF_SAMPLE_BRANCH_USER               = 0x1
 	PERF_SAMPLE_BRANCH_KERNEL             = 0x2
 	PERF_SAMPLE_BRANCH_HV                 = 0x4
@@ -1118,7 +1155,8 @@ const (
 	PERF_SAMPLE_BRANCH_NO_CYCLES          = 0x8000
 	PERF_SAMPLE_BRANCH_TYPE_SAVE          = 0x10000
 	PERF_SAMPLE_BRANCH_HW_INDEX           = 0x20000
-	PERF_SAMPLE_BRANCH_MAX                = 0x40000
+	PERF_SAMPLE_BRANCH_PRIV_SAVE          = 0x40000
+	PERF_SAMPLE_BRANCH_MAX                = 0x80000
 	PERF_BR_UNKNOWN                       = 0x0
 	PERF_BR_COND                          = 0x1
 	PERF_BR_UNCOND                        = 0x2
@@ -1132,7 +1170,10 @@ const (
 	PERF_BR_COND_RET                      = 0xa
 	PERF_BR_ERET                          = 0xb
 	PERF_BR_IRQ                           = 0xc
-	PERF_BR_MAX                           = 0xd
+	PERF_BR_SERROR                        = 0xd
+	PERF_BR_NO_TX                         = 0xe
+	PERF_BR_EXTEND_ABI                    = 0xf
+	PERF_BR_MAX                           = 0x10
 	PERF_SAMPLE_REGS_ABI_NONE             = 0x0
 	PERF_SAMPLE_REGS_ABI_32               = 0x1
 	PERF_SAMPLE_REGS_ABI_64               = 0x2
@@ -1151,7 +1192,8 @@ const (
 	PERF_FORMAT_TOTAL_TIME_RUNNING        = 0x2
 	PERF_FORMAT_ID                        = 0x4
 	PERF_FORMAT_GROUP                     = 0x8
-	PERF_FORMAT_MAX                       = 0x10
+	PERF_FORMAT_LOST                      = 0x10
+	PERF_FORMAT_MAX                       = 0x20
 	PERF_IOC_FLAG_GROUP                   = 0x1
 	PERF_RECORD_MMAP                      = 0x1
 	PERF_RECORD_LOST                      = 0x2
@@ -2979,7 +3021,16 @@ const (
 	DEVLINK_CMD_TRAP_POLICER_NEW                       = 0x47
 	DEVLINK_CMD_TRAP_POLICER_DEL                       = 0x48
 	DEVLINK_CMD_HEALTH_REPORTER_TEST                   = 0x49
-	DEVLINK_CMD_MAX                                    = 0x51
+	DEVLINK_CMD_RATE_GET                               = 0x4a
+	DEVLINK_CMD_RATE_SET                               = 0x4b
+	DEVLINK_CMD_RATE_NEW                               = 0x4c
+	DEVLINK_CMD_RATE_DEL                               = 0x4d
+	DEVLINK_CMD_LINECARD_GET                           = 0x4e
+	DEVLINK_CMD_LINECARD_SET                           = 0x4f
+	DEVLINK_CMD_LINECARD_NEW                           = 0x50
+	DEVLINK_CMD_LINECARD_DEL                           = 0x51
+	DEVLINK_CMD_SELFTESTS_GET                          = 0x52
+	DEVLINK_CMD_MAX                                    = 0x53
 	DEVLINK_PORT_TYPE_NOTSET                           = 0x0
 	DEVLINK_PORT_TYPE_AUTO                             = 0x1
 	DEVLINK_PORT_TYPE_ETH                              = 0x2
@@ -3208,7 +3259,13 @@ const (
 	DEVLINK_ATTR_RATE_NODE_NAME                        = 0xa8
 	DEVLINK_ATTR_RATE_PARENT_NODE_NAME                 = 0xa9
 	DEVLINK_ATTR_REGION_MAX_SNAPSHOTS                  = 0xaa
-	DEVLINK_ATTR_MAX                                   = 0xae
+	DEVLINK_ATTR_LINECARD_INDEX                        = 0xab
+	DEVLINK_ATTR_LINECARD_STATE                        = 0xac
+	DEVLINK_ATTR_LINECARD_TYPE                         = 0xad
+	DEVLINK_ATTR_LINECARD_SUPPORTED_TYPES              = 0xae
+	DEVLINK_ATTR_NESTED_DEVLINK                        = 0xaf
+	DEVLINK_ATTR_SELFTESTS                             = 0xb0
+	DEVLINK_ATTR_MAX                                   = 0xb0
 	DEVLINK_DPIPE_FIELD_MAPPING_TYPE_NONE              = 0x0
 	DEVLINK_DPIPE_FIELD_MAPPING_TYPE_IFINDEX           = 0x1
 	DEVLINK_DPIPE_MATCH_TYPE_FIELD_EXACT               = 0x0
@@ -3317,7 +3374,8 @@ const (
 	LWTUNNEL_ENCAP_SEG6_LOCAL = 0x7
 	LWTUNNEL_ENCAP_RPL        = 0x8
 	LWTUNNEL_ENCAP_IOAM6      = 0x9
-	LWTUNNEL_ENCAP_MAX        = 0x9
+	LWTUNNEL_ENCAP_XFRM       = 0xa
+	LWTUNNEL_ENCAP_MAX        = 0xa
 
 	MPLS_IPTUNNEL_UNSPEC = 0x0
 	MPLS_IPTUNNEL_DST    = 0x1
@@ -3512,7 +3570,9 @@ const (
 	ETHTOOL_MSG_PHC_VCLOCKS_GET               = 0x21
 	ETHTOOL_MSG_MODULE_GET                    = 0x22
 	ETHTOOL_MSG_MODULE_SET                    = 0x23
-	ETHTOOL_MSG_USER_MAX                      = 0x23
+	ETHTOOL_MSG_PSE_GET                       = 0x24
+	ETHTOOL_MSG_PSE_SET                       = 0x25
+	ETHTOOL_MSG_USER_MAX                      = 0x25
 	ETHTOOL_MSG_KERNEL_NONE                   = 0x0
 	ETHTOOL_MSG_STRSET_GET_REPLY              = 0x1
 	ETHTOOL_MSG_LINKINFO_GET_REPLY            = 0x2
@@ -3550,7 +3610,8 @@ const (
 	ETHTOOL_MSG_PHC_VCLOCKS_GET_REPLY         = 0x22
 	ETHTOOL_MSG_MODULE_GET_REPLY              = 0x23
 	ETHTOOL_MSG_MODULE_NTF                    = 0x24
-	ETHTOOL_MSG_KERNEL_MAX                    = 0x24
+	ETHTOOL_MSG_PSE_GET_REPLY                 = 0x25
+	ETHTOOL_MSG_KERNEL_MAX                    = 0x25
 	ETHTOOL_A_HEADER_UNSPEC                   = 0x0
 	ETHTOOL_A_HEADER_DEV_INDEX                = 0x1
 	ETHTOOL_A_HEADER_DEV_NAME                 = 0x2
@@ -3609,7 +3670,8 @@ const (
 	ETHTOOL_A_LINKMODES_MASTER_SLAVE_CFG      = 0x7
 	ETHTOOL_A_LINKMODES_MASTER_SLAVE_STATE    = 0x8
 	ETHTOOL_A_LINKMODES_LANES                 = 0x9
-	ETHTOOL_A_LINKMODES_MAX                   = 0x9
+	ETHTOOL_A_LINKMODES_RATE_MATCHING         = 0xa
+	ETHTOOL_A_LINKMODES_MAX                   = 0xa
 	ETHTOOL_A_LINKSTATE_UNSPEC                = 0x0
 	ETHTOOL_A_LINKSTATE_HEADER                = 0x1
 	ETHTOOL_A_LINKSTATE_LINK                  = 0x2
@@ -4201,6 +4263,9 @@ const (
 	NL80211_ACL_POLICY_DENY_UNLESS_LISTED                   = 0x1
 	NL80211_AC_VI                                           = 0x1
 	NL80211_AC_VO                                           = 0x0
+	NL80211_AP_SETTINGS_EXTERNAL_AUTH_SUPPORT               = 0x1
+	NL80211_AP_SETTINGS_SA_QUERY_OFFLOAD_SUPPORT            = 0x2
+	NL80211_AP_SME_SA_QUERY_OFFLOAD                         = 0x1
 	NL80211_ATTR_4ADDR                                      = 0x53
 	NL80211_ATTR_ACK                                        = 0x5c
 	NL80211_ATTR_ACK_SIGNAL                                 = 0x107
@@ -4209,6 +4274,7 @@ const (
 	NL80211_ATTR_AIRTIME_WEIGHT                             = 0x112
 	NL80211_ATTR_AKM_SUITES                                 = 0x4c
 	NL80211_ATTR_AP_ISOLATE                                 = 0x60
+	NL80211_ATTR_AP_SETTINGS_FLAGS                          = 0x135
 	NL80211_ATTR_AUTH_DATA                                  = 0x9c
 	NL80211_ATTR_AUTH_TYPE                                  = 0x35
 	NL80211_ATTR_BANDS                                      = 0xef
@@ -4240,6 +4306,9 @@ const (
 	NL80211_ATTR_COALESCE_RULE_DELAY                        = 0x1
 	NL80211_ATTR_COALESCE_RULE_MAX                          = 0x3
 	NL80211_ATTR_COALESCE_RULE_PKT_PATTERN                  = 0x3
+	NL80211_ATTR_COLOR_CHANGE_COLOR                         = 0x130
+	NL80211_ATTR_COLOR_CHANGE_COUNT                         = 0x12f
+	NL80211_ATTR_COLOR_CHANGE_ELEMS                         = 0x131
 	NL80211_ATTR_CONN_FAILED_REASON                         = 0x9b
 	NL80211_ATTR_CONTROL_PORT                               = 0x44
 	NL80211_ATTR_CONTROL_PORT_ETHERTYPE                     = 0x66
@@ -4266,6 +4335,7 @@ const (
 	NL80211_ATTR_DEVICE_AP_SME                              = 0x8d
 	NL80211_ATTR_DFS_CAC_TIME                               = 0x7
 	NL80211_ATTR_DFS_REGION                                 = 0x92
+	NL80211_ATTR_DISABLE_EHT                                = 0x137
 	NL80211_ATTR_DISABLE_HE                                 = 0x12d
 	NL80211_ATTR_DISABLE_HT                                 = 0x93
 	NL80211_ATTR_DISABLE_VHT                                = 0xaf
@@ -4273,6 +4343,8 @@ const (
 	NL80211_ATTR_DONT_WAIT_FOR_ACK                          = 0x8e
 	NL80211_ATTR_DTIM_PERIOD                                = 0xd
 	NL80211_ATTR_DURATION                                   = 0x57
+	NL80211_ATTR_EHT_CAPABILITY                             = 0x136
+	NL80211_ATTR_EML_CAPABILITY                             = 0x13d
 	NL80211_ATTR_EXT_CAPA                                   = 0xa9
 	NL80211_ATTR_EXT_CAPA_MASK                              = 0xaa
 	NL80211_ATTR_EXTERNAL_AUTH_ACTION                       = 0x104
@@ -4337,10 +4409,11 @@ const (
 	NL80211_ATTR_MAC_HINT                                   = 0xc8
 	NL80211_ATTR_MAC_MASK                                   = 0xd7
 	NL80211_ATTR_MAX_AP_ASSOC_STA                           = 0xca
-	NL80211_ATTR_MAX                                        = 0x137
+	NL80211_ATTR_MAX                                        = 0x140
 	NL80211_ATTR_MAX_CRIT_PROT_DURATION                     = 0xb4
 	NL80211_ATTR_MAX_CSA_COUNTERS                           = 0xce
 	NL80211_ATTR_MAX_MATCH_SETS                             = 0x85
+	NL80211_ATTR_MAX_NUM_AKM_SUITES                         = 0x13c
 	NL80211_ATTR_MAX_NUM_PMKIDS                             = 0x56
 	NL80211_ATTR_MAX_NUM_SCAN_SSIDS                         = 0x2b
 	NL80211_ATTR_MAX_NUM_SCHED_SCAN_PLANS                   = 0xde
@@ -4350,6 +4423,8 @@ const (
 	NL80211_ATTR_MAX_SCAN_PLAN_INTERVAL                     = 0xdf
 	NL80211_ATTR_MAX_SCAN_PLAN_ITERATIONS                   = 0xe0
 	NL80211_ATTR_MAX_SCHED_SCAN_IE_LEN                      = 0x7c
+	NL80211_ATTR_MBSSID_CONFIG                              = 0x132
+	NL80211_ATTR_MBSSID_ELEMS                               = 0x133
 	NL80211_ATTR_MCAST_RATE                                 = 0x6b
 	NL80211_ATTR_MDID                                       = 0xb1
 	NL80211_ATTR_MEASUREMENT_DURATION                       = 0xeb
@@ -4359,6 +4434,11 @@ const (
 	NL80211_ATTR_MESH_PEER_AID                              = 0xed
 	NL80211_ATTR_MESH_SETUP                                 = 0x70
 	NL80211_ATTR_MGMT_SUBTYPE                               = 0x29
+	NL80211_ATTR_MLD_ADDR                                   = 0x13a
+	NL80211_ATTR_MLD_CAPA_AND_OPS                           = 0x13e
+	NL80211_ATTR_MLO_LINK_ID                                = 0x139
+	NL80211_ATTR_MLO_LINKS                                  = 0x138
+	NL80211_ATTR_MLO_SUPPORT                                = 0x13b
 	NL80211_ATTR_MNTR_FLAGS                                 = 0x17
 	NL80211_ATTR_MPATH_INFO                                 = 0x1b
 	NL80211_ATTR_MPATH_NEXT_HOP                             = 0x1a
@@ -4371,6 +4451,7 @@ const (
 	NL80211_ATTR_NETNS_FD                                   = 0xdb
 	NL80211_ATTR_NOACK_MAP                                  = 0x95
 	NL80211_ATTR_NSS                                        = 0x106
+	NL80211_ATTR_OBSS_COLOR_BITMAP                          = 0x12e
 	NL80211_ATTR_OFFCHANNEL_TX_OK                           = 0x6c
 	NL80211_ATTR_OPER_CLASS                                 = 0xd6
 	NL80211_ATTR_OPMODE_NOTIF                               = 0xc2
@@ -4397,6 +4478,7 @@ const (
 	NL80211_ATTR_PROTOCOL_FEATURES                          = 0xad
 	NL80211_ATTR_PS_STATE                                   = 0x5d
 	NL80211_ATTR_QOS_MAP                                    = 0xc7
+	NL80211_ATTR_RADAR_BACKGROUND                           = 0x134
 	NL80211_ATTR_RADAR_EVENT                                = 0xa8
 	NL80211_ATTR_REASON_CODE                                = 0x36
 	NL80211_ATTR_RECEIVE_MULTICAST                          = 0x121
@@ -4412,6 +4494,7 @@ const (
 	NL80211_ATTR_RESP_IE                                    = 0x4e
 	NL80211_ATTR_ROAM_SUPPORT                               = 0x83
 	NL80211_ATTR_RX_FRAME_TYPES                             = 0x64
+	NL80211_ATTR_RX_HW_TIMESTAMP                            = 0x140
 	NL80211_ATTR_RXMGMT_FLAGS                               = 0xbc
 	NL80211_ATTR_RX_SIGNAL_DBM                              = 0x97
 	NL80211_ATTR_S1G_CAPABILITY                             = 0x128
@@ -4484,6 +4567,7 @@ const (
 	NL80211_ATTR_TSID                                       = 0xd2
 	NL80211_ATTR_TWT_RESPONDER                              = 0x116
 	NL80211_ATTR_TX_FRAME_TYPES                             = 0x63
+	NL80211_ATTR_TX_HW_TIMESTAMP                            = 0x13f
 	NL80211_ATTR_TX_NO_CCK_RATE                             = 0x87
 	NL80211_ATTR_TXQ_LIMIT                                  = 0x10a
 	NL80211_ATTR_TXQ_MEMORY_LIMIT                           = 0x10b
@@ -4557,6 +4641,10 @@ const (
 	NL80211_BAND_ATTR_RATES                                 = 0x2
 	NL80211_BAND_ATTR_VHT_CAPA                              = 0x8
 	NL80211_BAND_ATTR_VHT_MCS_SET                           = 0x7
+	NL80211_BAND_IFTYPE_ATTR_EHT_CAP_MAC                    = 0x8
+	NL80211_BAND_IFTYPE_ATTR_EHT_CAP_MCS_SET                = 0xa
+	NL80211_BAND_IFTYPE_ATTR_EHT_CAP_PHY                    = 0x9
+	NL80211_BAND_IFTYPE_ATTR_EHT_CAP_PPE                    = 0xb
 	NL80211_BAND_IFTYPE_ATTR_HE_6GHZ_CAPA                   = 0x6
 	NL80211_BAND_IFTYPE_ATTR_HE_CAP_MAC                     = 0x2
 	NL80211_BAND_IFTYPE_ATTR_HE_CAP_MCS_SET                 = 0x4
@@ -4564,6 +4652,8 @@ const (
 	NL80211_BAND_IFTYPE_ATTR_HE_CAP_PPE                     = 0x5
 	NL80211_BAND_IFTYPE_ATTR_IFTYPES                        = 0x1
 	NL80211_BAND_IFTYPE_ATTR_MAX                            = 0xb
+	NL80211_BAND_IFTYPE_ATTR_VENDOR_ELEMS                   = 0x7
+	NL80211_BAND_LC                                         = 0x5
 	NL80211_BAND_S1GHZ                                      = 0x4
 	NL80211_BITRATE_ATTR_2GHZ_SHORTPREAMBLE                 = 0x2
 	NL80211_BITRATE_ATTR_MAX                                = 0x2
@@ -4584,7 +4674,9 @@ const (
 	NL80211_BSS_FREQUENCY_OFFSET                            = 0x14
 	NL80211_BSS_INFORMATION_ELEMENTS                        = 0x6
 	NL80211_BSS_LAST_SEEN_BOOTTIME                          = 0xf
-	NL80211_BSS_MAX                                         = 0x14
+	NL80211_BSS_MAX                                         = 0x16
+	NL80211_BSS_MLD_ADDR                                    = 0x16
+	NL80211_BSS_MLO_LINK_ID                                 = 0x15
 	NL80211_BSS_PAD                                         = 0x10
 	NL80211_BSS_PARENT_BSSID                                = 0x12
 	NL80211_BSS_PARENT_TSF                                  = 0x11
@@ -4612,6 +4704,7 @@ const (
 	NL80211_CHAN_WIDTH_20                                   = 0x1
 	NL80211_CHAN_WIDTH_20_NOHT                              = 0x0
 	NL80211_CHAN_WIDTH_2                                    = 0x9
+	NL80211_CHAN_WIDTH_320                                  = 0xd
 	NL80211_CHAN_WIDTH_40                                   = 0x2
 	NL80211_CHAN_WIDTH_4                                    = 0xa
 	NL80211_CHAN_WIDTH_5                                    = 0x6
@@ -4621,8 +4714,11 @@ const (
 	NL80211_CMD_ABORT_SCAN                                  = 0x72
 	NL80211_CMD_ACTION                                      = 0x3b
 	NL80211_CMD_ACTION_TX_STATUS                            = 0x3c
+	NL80211_CMD_ADD_LINK                                    = 0x94
+	NL80211_CMD_ADD_LINK_STA                                = 0x96
 	NL80211_CMD_ADD_NAN_FUNCTION                            = 0x75
 	NL80211_CMD_ADD_TX_TS                                   = 0x69
+	NL80211_CMD_ASSOC_COMEBACK                              = 0x93
 	NL80211_CMD_ASSOCIATE                                   = 0x26
 	NL80211_CMD_AUTHENTICATE                                = 0x25
 	NL80211_CMD_CANCEL_REMAIN_ON_CHANNEL                    = 0x38
@@ -4630,6 +4726,10 @@ const (
 	NL80211_CMD_CHANNEL_SWITCH                              = 0x66
 	NL80211_CMD_CH_SWITCH_NOTIFY                            = 0x58
 	NL80211_CMD_CH_SWITCH_STARTED_NOTIFY                    = 0x6e
+	NL80211_CMD_COLOR_CHANGE_ABORTED                        = 0x90
+	NL80211_CMD_COLOR_CHANGE_COMPLETED                      = 0x91
+	NL80211_CMD_COLOR_CHANGE_REQUEST                        = 0x8e
+	NL80211_CMD_COLOR_CHANGE_STARTED                        = 0x8f
 	NL80211_CMD_CONNECT                                     = 0x2e
 	NL80211_CMD_CONN_FAILED                                 = 0x5b
 	NL80211_CMD_CONTROL_PORT_FRAME                          = 0x81
@@ -4678,8 +4778,9 @@ const (
 	NL80211_CMD_LEAVE_IBSS                                  = 0x2c
 	NL80211_CMD_LEAVE_MESH                                  = 0x45
 	NL80211_CMD_LEAVE_OCB                                   = 0x6d
-	NL80211_CMD_MAX                                         = 0x93
+	NL80211_CMD_MAX                                         = 0x98
 	NL80211_CMD_MICHAEL_MIC_FAILURE                         = 0x29
+	NL80211_CMD_MODIFY_LINK_STA                             = 0x97
 	NL80211_CMD_NAN_MATCH                                   = 0x78
 	NL80211_CMD_NEW_BEACON                                  = 0xf
 	NL80211_CMD_NEW_INTERFACE                               = 0x7
@@ -4692,6 +4793,7 @@ const (
 	NL80211_CMD_NEW_WIPHY                                   = 0x3
 	NL80211_CMD_NOTIFY_CQM                                  = 0x40
 	NL80211_CMD_NOTIFY_RADAR                                = 0x86
+	NL80211_CMD_OBSS_COLOR_COLLISION                        = 0x8d
 	NL80211_CMD_PEER_MEASUREMENT_COMPLETE                   = 0x85
 	NL80211_CMD_PEER_MEASUREMENT_RESULT                     = 0x84
 	NL80211_CMD_PEER_MEASUREMENT_START                      = 0x83
@@ -4707,6 +4809,8 @@ const (
 	NL80211_CMD_REGISTER_FRAME                              = 0x3a
 	NL80211_CMD_RELOAD_REGDB                                = 0x7e
 	NL80211_CMD_REMAIN_ON_CHANNEL                           = 0x37
+	NL80211_CMD_REMOVE_LINK                                 = 0x95
+	NL80211_CMD_REMOVE_LINK_STA                             = 0x98
 	NL80211_CMD_REQ_SET_REG                                 = 0x1b
 	NL80211_CMD_ROAM                                        = 0x2f
 	NL80211_CMD_SCAN_ABORTED                                = 0x23
@@ -4717,6 +4821,7 @@ const (
 	NL80211_CMD_SET_CHANNEL                                 = 0x41
 	NL80211_CMD_SET_COALESCE                                = 0x65
 	NL80211_CMD_SET_CQM                                     = 0x3f
+	NL80211_CMD_SET_FILS_AAD                                = 0x92
 	NL80211_CMD_SET_INTERFACE                               = 0x6
 	NL80211_CMD_SET_KEY                                     = 0xa
 	NL80211_CMD_SET_MAC_ACL                                 = 0x5d
@@ -4791,6 +4896,8 @@ const (
 	NL80211_EDMG_BW_CONFIG_MIN                              = 0x4
 	NL80211_EDMG_CHANNELS_MAX                               = 0x3c
 	NL80211_EDMG_CHANNELS_MIN                               = 0x1
+	NL80211_EHT_MAX_CAPABILITY_LEN                          = 0x33
+	NL80211_EHT_MIN_CAPABILITY_LEN                          = 0xd
 	NL80211_EXTERNAL_AUTH_ABORT                             = 0x1
 	NL80211_EXTERNAL_AUTH_START                             = 0x0
 	NL80211_EXT_FEATURE_4WAY_HANDSHAKE_AP_PSK               = 0x32
@@ -4807,6 +4914,7 @@ const (
 	NL80211_EXT_FEATURE_BEACON_RATE_HT                      = 0x7
 	NL80211_EXT_FEATURE_BEACON_RATE_LEGACY                  = 0x6
 	NL80211_EXT_FEATURE_BEACON_RATE_VHT                     = 0x8
+	NL80211_EXT_FEATURE_BSS_COLOR                           = 0x3a
 	NL80211_EXT_FEATURE_BSS_PARENT_TSF                      = 0x4
 	NL80211_EXT_FEATURE_CAN_REPLACE_PTK0                    = 0x1f
 	NL80211_EXT_FEATURE_CONTROL_PORT_NO_PREAUTH             = 0x2a
@@ -4818,6 +4926,7 @@ const (
 	NL80211_EXT_FEATURE_DFS_OFFLOAD                         = 0x19
 	NL80211_EXT_FEATURE_ENABLE_FTM_RESPONDER                = 0x20
 	NL80211_EXT_FEATURE_EXT_KEY_ID                          = 0x24
+	NL80211_EXT_FEATURE_FILS_CRYPTO_OFFLOAD                 = 0x3b
 	NL80211_EXT_FEATURE_FILS_DISCOVERY                      = 0x34
 	NL80211_EXT_FEATURE_FILS_MAX_CHANNEL_TIME               = 0x11
 	NL80211_EXT_FEATURE_FILS_SK_OFFLOAD                     = 0xe
@@ -4833,8 +4942,10 @@ const (
 	NL80211_EXT_FEATURE_OCE_PROBE_REQ_DEFERRAL_SUPPRESSION  = 0x14
 	NL80211_EXT_FEATURE_OCE_PROBE_REQ_HIGH_TX_RATE          = 0x13
 	NL80211_EXT_FEATURE_OPERATING_CHANNEL_VALIDATION        = 0x31
+	NL80211_EXT_FEATURE_POWERED_ADDR_CHANGE                 = 0x3d
 	NL80211_EXT_FEATURE_PROTECTED_TWT                       = 0x2b
 	NL80211_EXT_FEATURE_PROT_RANGE_NEGO_AND_MEASURE         = 0x39
+	NL80211_EXT_FEATURE_RADAR_BACKGROUND                    = 0x3c
 	NL80211_EXT_FEATURE_RRM                                 = 0x1
 	NL80211_EXT_FEATURE_SAE_OFFLOAD_AP                      = 0x33
 	NL80211_EXT_FEATURE_SAE_OFFLOAD                         = 0x26
@@ -4906,7 +5017,9 @@ const (
 	NL80211_FREQUENCY_ATTR_NO_10MHZ                         = 0x11
 	NL80211_FREQUENCY_ATTR_NO_160MHZ                        = 0xc
 	NL80211_FREQUENCY_ATTR_NO_20MHZ                         = 0x10
+	NL80211_FREQUENCY_ATTR_NO_320MHZ                        = 0x1a
 	NL80211_FREQUENCY_ATTR_NO_80MHZ                         = 0xb
+	NL80211_FREQUENCY_ATTR_NO_EHT                           = 0x1b
 	NL80211_FREQUENCY_ATTR_NO_HE                            = 0x13
 	NL80211_FREQUENCY_ATTR_NO_HT40_MINUS                    = 0x9
 	NL80211_FREQUENCY_ATTR_NO_HT40_PLUS                     = 0xa
@@ -5006,6 +5119,12 @@ const (
 	NL80211_MAX_SUPP_HT_RATES                               = 0x4d
 	NL80211_MAX_SUPP_RATES                                  = 0x20
 	NL80211_MAX_SUPP_REG_RULES                              = 0x80
+	NL80211_MBSSID_CONFIG_ATTR_EMA                          = 0x5
+	NL80211_MBSSID_CONFIG_ATTR_INDEX                        = 0x3
+	NL80211_MBSSID_CONFIG_ATTR_MAX                          = 0x5
+	NL80211_MBSSID_CONFIG_ATTR_MAX_EMA_PROFILE_PERIODICITY  = 0x2
+	NL80211_MBSSID_CONFIG_ATTR_MAX_INTERFACES               = 0x1
+	NL80211_MBSSID_CONFIG_ATTR_TX_IFINDEX                   = 0x4
 	NL80211_MESHCONF_ATTR_MAX                               = 0x1f
 	NL80211_MESHCONF_AUTO_OPEN_PLINKS                       = 0x7
 	NL80211_MESHCONF_AWAKE_WINDOW                           = 0x1b
@@ -5168,6 +5287,7 @@ const (
 	NL80211_PMSR_FTM_FAILURE_UNSPECIFIED                    = 0x0
 	NL80211_PMSR_FTM_FAILURE_WRONG_CHANNEL                  = 0x3
 	NL80211_PMSR_FTM_REQ_ATTR_ASAP                          = 0x1
+	NL80211_PMSR_FTM_REQ_ATTR_BSS_COLOR                     = 0xd
 	NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION                = 0x5
 	NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD                  = 0x4
 	NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST                = 0x6
@@ -5244,12 +5364,36 @@ const (
 	NL80211_RADAR_PRE_CAC_EXPIRED                           = 0x4
 	NL80211_RATE_INFO_10_MHZ_WIDTH                          = 0xb
 	NL80211_RATE_INFO_160_MHZ_WIDTH                         = 0xa
+	NL80211_RATE_INFO_320_MHZ_WIDTH                         = 0x12
 	NL80211_RATE_INFO_40_MHZ_WIDTH                          = 0x3
 	NL80211_RATE_INFO_5_MHZ_WIDTH                           = 0xc
 	NL80211_RATE_INFO_80_MHZ_WIDTH                          = 0x8
 	NL80211_RATE_INFO_80P80_MHZ_WIDTH                       = 0x9
 	NL80211_RATE_INFO_BITRATE32                             = 0x5
 	NL80211_RATE_INFO_BITRATE                               = 0x1
+	NL80211_RATE_INFO_EHT_GI_0_8                            = 0x0
+	NL80211_RATE_INFO_EHT_GI_1_6                            = 0x1
+	NL80211_RATE_INFO_EHT_GI_3_2                            = 0x2
+	NL80211_RATE_INFO_EHT_GI                                = 0x15
+	NL80211_RATE_INFO_EHT_MCS                               = 0x13
+	NL80211_RATE_INFO_EHT_NSS                               = 0x14
+	NL80211_RATE_INFO_EHT_RU_ALLOC_106                      = 0x3
+	NL80211_RATE_INFO_EHT_RU_ALLOC_106P26                   = 0x4
+	NL80211_RATE_INFO_EHT_RU_ALLOC_242                      = 0x5
+	NL80211_RATE_INFO_EHT_RU_ALLOC_26                       = 0x0
+	NL80211_RATE_INFO_EHT_RU_ALLOC_2x996                    = 0xb
+	NL80211_RATE_INFO_EHT_RU_ALLOC_2x996P484                = 0xc
+	NL80211_RATE_INFO_EHT_RU_ALLOC_3x996                    = 0xd
+	NL80211_RATE_INFO_EHT_RU_ALLOC_3x996P484                = 0xe
+	NL80211_RATE_INFO_EHT_RU_ALLOC_484                      = 0x6
+	NL80211_RATE_INFO_EHT_RU_ALLOC_484P242                  = 0x7
+	NL80211_RATE_INFO_EHT_RU_ALLOC_4x996                    = 0xf
+	NL80211_RATE_INFO_EHT_RU_ALLOC_52                       = 0x1
+	NL80211_RATE_INFO_EHT_RU_ALLOC_52P26                    = 0x2
+	NL80211_RATE_INFO_EHT_RU_ALLOC_996                      = 0x8
+	NL80211_RATE_INFO_EHT_RU_ALLOC_996P484                  = 0x9
+	NL80211_RATE_INFO_EHT_RU_ALLOC_996P484P242              = 0xa
+	NL80211_RATE_INFO_EHT_RU_ALLOC                          = 0x16
 	NL80211_RATE_INFO_HE_1XLTF                              = 0x0
 	NL80211_RATE_INFO_HE_2XLTF                              = 0x1
 	NL80211_RATE_INFO_HE_4XLTF                              = 0x2
@@ -5292,6 +5436,7 @@ const (
 	NL80211_RRF_GO_CONCURRENT                               = 0x1000
 	NL80211_RRF_IR_CONCURRENT                               = 0x1000
 	NL80211_RRF_NO_160MHZ                                   = 0x10000
+	NL80211_RRF_NO_320MHZ                                   = 0x40000
 	NL80211_RRF_NO_80MHZ                                    = 0x8000
 	NL80211_RRF_NO_CCK                                      = 0x2
 	NL80211_RRF_NO_HE                                       = 0x20000
diff --git a/vendor/golang.org/x/sys/windows/syscall_windows.go b/vendor/golang.org/x/sys/windows/syscall_windows.go
index a49853e9d..41cb3c01f 100644
--- a/vendor/golang.org/x/sys/windows/syscall_windows.go
+++ b/vendor/golang.org/x/sys/windows/syscall_windows.go
@@ -10,7 +10,6 @@ import (
 	errorspkg "errors"
 	"fmt"
 	"runtime"
-	"strings"
 	"sync"
 	"syscall"
 	"time"
@@ -87,22 +86,13 @@ func StringToUTF16(s string) []uint16 {
 // s, with a terminating NUL added. If s contains a NUL byte at any
 // location, it returns (nil, syscall.EINVAL).
 func UTF16FromString(s string) ([]uint16, error) {
-	if strings.IndexByte(s, 0) != -1 {
-		return nil, syscall.EINVAL
-	}
-	return utf16.Encode([]rune(s + "\x00")), nil
+	return syscall.UTF16FromString(s)
 }
 
 // UTF16ToString returns the UTF-8 encoding of the UTF-16 sequence s,
 // with a terminating NUL and any bytes after the NUL removed.
 func UTF16ToString(s []uint16) string {
-	for i, v := range s {
-		if v == 0 {
-			s = s[:i]
-			break
-		}
-	}
-	return string(utf16.Decode(s))
+	return syscall.UTF16ToString(s)
 }
 
 // StringToUTF16Ptr is deprecated. Use UTF16PtrFromString instead.
diff --git a/vendor/golang.org/x/text/internal/language/compact/language.go b/vendor/golang.org/x/text/internal/language/compact/language.go
index 83816a72a..8c1b6666f 100644
--- a/vendor/golang.org/x/text/internal/language/compact/language.go
+++ b/vendor/golang.org/x/text/internal/language/compact/language.go
@@ -118,7 +118,7 @@ func (t Tag) Parent() Tag {
 	return Tag{language: lang, locale: lang}
 }
 
-// returns token t and the rest of the string.
+// nextToken returns token t and the rest of the string.
 func nextToken(s string) (t, tail string) {
 	p := strings.Index(s[1:], "-")
 	if p == -1 {
diff --git a/vendor/golang.org/x/text/internal/language/language.go b/vendor/golang.org/x/text/internal/language/language.go
index 6105bc7fa..09d41c736 100644
--- a/vendor/golang.org/x/text/internal/language/language.go
+++ b/vendor/golang.org/x/text/internal/language/language.go
@@ -409,7 +409,7 @@ func (t Tag) SetTypeForKey(key, value string) (Tag, error) {
 	return t, nil
 }
 
-// findKeyAndType returns the start and end position for the type corresponding
+// findTypeForKey returns the start and end position for the type corresponding
 // to key or the point at which to insert the key-value pair if the type
 // wasn't found. The hasExt return value reports whether an -u extension was present.
 // Note: the extensions are typically very small and are likely to contain
diff --git a/vendor/golang.org/x/text/language/language.go b/vendor/golang.org/x/text/language/language.go
index 289b3a36d..4d9c66121 100644
--- a/vendor/golang.org/x/text/language/language.go
+++ b/vendor/golang.org/x/text/language/language.go
@@ -344,7 +344,7 @@ func (t Tag) Parent() Tag {
 	return Tag(compact.Tag(t).Parent())
 }
 
-// returns token t and the rest of the string.
+// nextToken returns token t and the rest of the string.
 func nextToken(s string) (t, tail string) {
 	p := strings.Index(s[1:], "-")
 	if p == -1 {
diff --git a/vendor/modules.txt b/vendor/modules.txt
index 8525ee86e..a9454736c 100644
--- a/vendor/modules.txt
+++ b/vendor/modules.txt
@@ -119,7 +119,7 @@ github.com/cenkalti/backoff/v4
 github.com/ceph/ceph-csi/api/deploy/kubernetes/nfs
 github.com/ceph/ceph-csi/api/deploy/kubernetes/rbd
 github.com/ceph/ceph-csi/api/deploy/ocp
-# github.com/ceph/go-ceph v0.19.0
+# github.com/ceph/go-ceph v0.20.0
 ## explicit; go 1.17
 github.com/ceph/go-ceph/cephfs/admin
 github.com/ceph/go-ceph/common/admin/manager
@@ -335,8 +335,8 @@ github.com/josharian/intern
 github.com/json-iterator/go
 # github.com/kr/pretty v0.2.1
 ## explicit; go 1.12
-# github.com/kubernetes-csi/csi-lib-utils v0.11.0
-## explicit; go 1.16
+# github.com/kubernetes-csi/csi-lib-utils v0.13.0
+## explicit; go 1.18
 github.com/kubernetes-csi/csi-lib-utils/connection
 github.com/kubernetes-csi/csi-lib-utils/metrics
 github.com/kubernetes-csi/csi-lib-utils/protosanitizer
@@ -390,7 +390,7 @@ github.com/modern-go/reflect2
 # github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822
 ## explicit
 github.com/munnerz/goautoneg
-# github.com/onsi/ginkgo/v2 v2.8.0 => github.com/onsi/ginkgo/v2 v2.4.0
+# github.com/onsi/ginkgo/v2 v2.8.1 => github.com/onsi/ginkgo/v2 v2.4.0
 ## explicit; go 1.18
 github.com/onsi/ginkgo/v2
 github.com/onsi/ginkgo/v2/config
@@ -402,7 +402,7 @@ github.com/onsi/ginkgo/v2/internal/parallel_support
 github.com/onsi/ginkgo/v2/internal/testingtproxy
 github.com/onsi/ginkgo/v2/reporters
 github.com/onsi/ginkgo/v2/types
-# github.com/onsi/gomega v1.26.0
+# github.com/onsi/gomega v1.27.1
 ## explicit; go 1.18
 github.com/onsi/gomega
 github.com/onsi/gomega/format
@@ -543,7 +543,7 @@ go.uber.org/zap/internal/bufferpool
 go.uber.org/zap/internal/color
 go.uber.org/zap/internal/exit
 go.uber.org/zap/zapcore
-# golang.org/x/crypto v0.5.0
+# golang.org/x/crypto v0.6.0
 ## explicit; go 1.17
 golang.org/x/crypto/argon2
 golang.org/x/crypto/blake2b
@@ -559,7 +559,7 @@ golang.org/x/crypto/pbkdf2
 golang.org/x/crypto/scrypt
 golang.org/x/crypto/ssh
 golang.org/x/crypto/ssh/internal/bcrypt_pbkdf
-# golang.org/x/net v0.5.0
+# golang.org/x/net v0.7.0
 ## explicit; go 1.17
 golang.org/x/net/context
 golang.org/x/net/context/ctxhttp
@@ -578,7 +578,7 @@ golang.org/x/net/trace
 ## explicit; go 1.17
 golang.org/x/oauth2
 golang.org/x/oauth2/internal
-# golang.org/x/sys v0.4.0
+# golang.org/x/sys v0.5.0
 ## explicit; go 1.17
 golang.org/x/sys/cpu
 golang.org/x/sys/internal/unsafeheader
@@ -586,10 +586,10 @@ golang.org/x/sys/plan9
 golang.org/x/sys/unix
 golang.org/x/sys/windows
 golang.org/x/sys/windows/registry
-# golang.org/x/term v0.4.0
+# golang.org/x/term v0.5.0
 ## explicit; go 1.17
 golang.org/x/term
-# golang.org/x/text v0.6.0
+# golang.org/x/text v0.7.0
 ## explicit; go 1.17
 golang.org/x/text/cases
 golang.org/x/text/encoding