From 962ea4f047b3b4b4360446be4289c4e4deb29551 Mon Sep 17 00:00:00 2001
From: "Justin M. Forbes" <jforbes@redhat.com>
Date: Wed, 14 Dec 2016 12:50:48 -0600
Subject: [PATCH] Linux v4.9-7150-gcdb98c2

---
 ACPI-Limit-access-to-custom_method.patch      |   31 -
 Add-EFI-signature-data-types.patch            |    2 +-
 Add-secure_modules-call.patch                 |   63 -
 ...q-option-to-disable-secure-boot-mode.patch |  246 --
 ...R-access-when-module-security-is-ena.patch |  118 -
 ...-and-dev-kmem-when-module-loading-is.patch |   42 -
 ..._rsdp-kernel-parameter-when-module-l.patch |   39 -
 arm64-ACPI-parse-SPCR-table.patch             |  101 -
 ...t-debugfs-interface-when-module-load.patch |   54 -
 baseconfig/CONFIG_ABP060MG                    |    1 +
 baseconfig/CONFIG_AD7766                      |    1 +
 baseconfig/CONFIG_ARM64_SW_TTBR0_PAN          |    1 +
 baseconfig/CONFIG_BCM2835_VCHIQ               |    1 +
 baseconfig/CONFIG_BLK_DEV_ZONED               |    1 +
 baseconfig/CONFIG_BLK_WBT                     |    1 +
 baseconfig/CONFIG_BLK_WBT_MQ                  |    1 +
 baseconfig/CONFIG_BLK_WBT_SQ                  |    1 +
 baseconfig/CONFIG_COMMON_CLK_HI3516CV300      |    1 +
 baseconfig/CONFIG_COMMON_CLK_HI3798CV200      |    1 +
 baseconfig/CONFIG_COMMON_CLK_MT2701           |    1 +
 baseconfig/CONFIG_COMMON_CLK_MT2701_BDPSYS    |    1 +
 baseconfig/CONFIG_COMMON_CLK_MT2701_ETHSYS    |    1 +
 baseconfig/CONFIG_COMMON_CLK_MT2701_HIFSYS    |    1 +
 baseconfig/CONFIG_COMMON_CLK_MT2701_IMGSYS    |    1 +
 baseconfig/CONFIG_COMMON_CLK_MT2701_MMSYS     |    1 +
 baseconfig/CONFIG_COMMON_CLK_MT2701_VDECSYS   |    1 +
 baseconfig/CONFIG_DA280                       |    1 +
 baseconfig/CONFIG_DA311                       |    1 +
 baseconfig/CONFIG_DMARD10                     |    1 +
 baseconfig/CONFIG_DMA_FENCE_TRACE             |    1 +
 baseconfig/CONFIG_DPOT_DAC                    |    1 +
 baseconfig/CONFIG_DRM_DW_HDMI_I2S_AUDIO       |    1 +
 baseconfig/CONFIG_DRM_HISI_HIBMC              |    1 +
 baseconfig/CONFIG_DRM_I2C_ADV7511_AUDIO       |    1 +
 baseconfig/CONFIG_DRM_I915_ALPHA_SUPPORT      |    1 +
 baseconfig/CONFIG_DRM_I915_CAPTURE_ERROR      |    1 +
 baseconfig/CONFIG_DRM_I915_COMPRESS_ERROR     |    1 +
 baseconfig/CONFIG_DRM_I915_GVT_KVMGT          |    1 +
 .../CONFIG_DRM_I915_PRELIMINARY_HW_SUPPORT    |    1 -
 baseconfig/CONFIG_DRM_MXSFB                   |    1 +
 baseconfig/CONFIG_DRM_SIL_SII8620             |    1 +
 baseconfig/CONFIG_DRM_TI_TFP410               |    1 +
 baseconfig/CONFIG_EFI_ALLOW_SECURE_BOOT_EXIT  |    1 +
 baseconfig/CONFIG_EFI_SECURE_BOOT_LOCK_DOWN   |    1 +
 baseconfig/CONFIG_ENVELOPE_DETECTOR           |    1 +
 baseconfig/CONFIG_FENCE_TRACE                 |    1 -
 baseconfig/CONFIG_HT16K33                     |    1 +
 baseconfig/CONFIG_HTS221                      |    1 +
 baseconfig/CONFIG_IIO_CROS_EC_SENSORS         |    1 +
 baseconfig/CONFIG_IIO_CROS_EC_SENSORS_COR     |    1 +
 baseconfig/CONFIG_IIO_CROS_EC_SENSORS_CORE    |    1 +
 baseconfig/CONFIG_INPUT_PM8XXX_VIBRATOR       |    1 +
 baseconfig/CONFIG_INPUT_PMIC8XXX_PWRKEY       |    1 +
 baseconfig/CONFIG_KEYBOARD_PMIC8XXX           |    1 +
 baseconfig/CONFIG_LEDS_NIC78BX                |    1 +
 baseconfig/CONFIG_LEDS_USER                   |    1 +
 baseconfig/CONFIG_LMP91000                    |    1 +
 baseconfig/CONFIG_LOCK_DOWN_KERNEL            |    1 +
 baseconfig/CONFIG_MFD_PM8XXX                  |    1 +
 baseconfig/CONFIG_MMC_SDHCI_CADENCE           |    1 +
 baseconfig/CONFIG_MPU3050_I2C                 |    1 +
 baseconfig/CONFIG_MSM_GCC_8994                |    1 +
 baseconfig/CONFIG_NVME_FC                     |    1 +
 baseconfig/CONFIG_NVME_TARGET_FC              |    1 +
 baseconfig/CONFIG_NVME_TARGET_FCLOOP          |    1 +
 baseconfig/CONFIG_PINCTRL_MSM8994             |    1 +
 baseconfig/CONFIG_PINCTRL_SX150X              |    1 +
 baseconfig/CONFIG_QCOM_ADSP_PIL               |    1 +
 baseconfig/CONFIG_QCOM_CLK_RPM                |    1 +
 baseconfig/CONFIG_QCOM_CLK_SMD_RPM            |    1 +
 baseconfig/CONFIG_REMOTEPROC                  |    1 +
 baseconfig/CONFIG_RTC_DRV_PM8XXX              |    1 +
 baseconfig/CONFIG_SCR24X                      |    1 +
 baseconfig/CONFIG_SENSORS_TC654               |    1 +
 baseconfig/CONFIG_SENSORS_TMP108              |    1 +
 baseconfig/CONFIG_SPI_ARMADA_3700             |    1 +
 baseconfig/CONFIG_SPI_FSL_LPSPI               |    1 +
 baseconfig/CONFIG_SUN50I_A64_CCU              |    1 +
 baseconfig/CONFIG_TEST_ASYNC_DRIVER_PROBE     |    1 +
 baseconfig/CONFIG_UIO_HV_GENERIC              |    1 +
 baseconfig/CONFIG_USB_SERIAL_F8153X           |    1 +
 baseconfig/CONFIG_VFIO_MDEV                   |    1 +
 baseconfig/CONFIG_VFIO_MDEV_DEVICE            |    1 +
 baseconfig/arm/arm64/CONFIG_ACPI_APEI         |    1 +
 baseconfig/arm/arm64/CONFIG_ACPI_APEI_EINJ    |    1 +
 .../arm/arm64/CONFIG_ACPI_APEI_ERST_DEBUG     |    1 +
 baseconfig/arm/arm64/CONFIG_ACPI_APEI_GHES    |    1 +
 baseconfig/arm/arm64/CONFIG_ACPI_APEI_PCIEAER |    1 +
 .../arm/arm64/CONFIG_ARM64_PTDUMP_DEBUGFS     |    1 +
 baseconfig/arm/arm64/CONFIG_DEBUG_WX          |    1 +
 baseconfig/x86/CONFIG_AMD_XGBE                |    1 +
 baseconfig/x86/CONFIG_AMD_XGBE_DCB            |    1 +
 baseconfig/x86/CONFIG_APPLE_PROPERTIES        |    1 +
 .../x86/CONFIG_EFI_ALLOW_SECURE_BOOT_EXIT     |    1 +
 .../x86/CONFIG_EFI_SECURE_BOOT_LOCK_DOWN      |    1 +
 baseconfig/x86/CONFIG_LOCK_DOWN_KERNEL        |    1 +
 baseconfig/x86/CONFIG_SCHED_MC_PRIO           |    1 +
 bcm283x-vc4-fixes.patch                       |   43 -
 drm-i915-hush-check-crtc-state.patch          |    2 +-
 efi-lockdown.patch                            | 2159 +++++++++++++++++
 gitrev                                        |    2 +-
 ...able-in-a-signed-modules-environment.patch |   39 -
 kernel-aarch64-debug.config                   |   80 +-
 kernel-aarch64.config                         |   80 +-
 kernel-armv7hl-debug.config                   |   68 +-
 kernel-armv7hl-lpae-debug.config              |   74 +-
 kernel-armv7hl-lpae.config                    |   74 +-
 kernel-armv7hl.config                         |   68 +-
 kernel-i686-PAE.config                        |   74 +-
 kernel-i686-PAEdebug.config                   |   74 +-
 kernel-i686-debug.config                      |   74 +-
 kernel-i686.config                            |   74 +-
 kernel-ppc64-debug.config                     |   74 +-
 kernel-ppc64.config                           |   74 +-
 kernel-ppc64le-debug.config                   |   74 +-
 kernel-ppc64le.config                         |   74 +-
 kernel-ppc64p7-debug.config                   |   74 +-
 kernel-ppc64p7.config                         |   74 +-
 kernel-s390x-debug.config                     |   74 +-
 kernel-s390x.config                           |   74 +-
 kernel-x86_64-debug.config                    |   74 +-
 kernel-x86_64.config                          |   74 +-
 kernel.spec                                   |   44 +-
 ...-runtime-if-the-kernel-enforces-modu.patch |   44 -
 ...copy-secure_boot-flag-in-boot-params.patch |   30 -
 ...validate_disk-prevent-NULL-ptr-deref.patch |    2 +-
 sources                                       |    2 +-
 ...-port-access-when-module-security-is.patch |   72 -
 ...-access-when-module-loading-is-restr.patch |   44 -
 129 files changed, 3696 insertions(+), 1051 deletions(-)
 delete mode 100644 ACPI-Limit-access-to-custom_method.patch
 delete mode 100644 Add-secure_modules-call.patch
 delete mode 100644 Add-sysrq-option-to-disable-secure-boot-mode.patch
 delete mode 100644 PCI-Lock-down-BAR-access-when-module-security-is-ena.patch
 delete mode 100644 Restrict-dev-mem-and-dev-kmem-when-module-loading-is.patch
 delete mode 100644 acpi-Ignore-acpi_rsdp-kernel-parameter-when-module-l.patch
 delete mode 100644 arm64-ACPI-parse-SPCR-table.patch
 delete mode 100644 asus-wmi-Restrict-debugfs-interface-when-module-load.patch
 create mode 100644 baseconfig/CONFIG_ABP060MG
 create mode 100644 baseconfig/CONFIG_AD7766
 create mode 100644 baseconfig/CONFIG_ARM64_SW_TTBR0_PAN
 create mode 100644 baseconfig/CONFIG_BCM2835_VCHIQ
 create mode 100644 baseconfig/CONFIG_BLK_DEV_ZONED
 create mode 100644 baseconfig/CONFIG_BLK_WBT
 create mode 100644 baseconfig/CONFIG_BLK_WBT_MQ
 create mode 100644 baseconfig/CONFIG_BLK_WBT_SQ
 create mode 100644 baseconfig/CONFIG_COMMON_CLK_HI3516CV300
 create mode 100644 baseconfig/CONFIG_COMMON_CLK_HI3798CV200
 create mode 100644 baseconfig/CONFIG_COMMON_CLK_MT2701
 create mode 100644 baseconfig/CONFIG_COMMON_CLK_MT2701_BDPSYS
 create mode 100644 baseconfig/CONFIG_COMMON_CLK_MT2701_ETHSYS
 create mode 100644 baseconfig/CONFIG_COMMON_CLK_MT2701_HIFSYS
 create mode 100644 baseconfig/CONFIG_COMMON_CLK_MT2701_IMGSYS
 create mode 100644 baseconfig/CONFIG_COMMON_CLK_MT2701_MMSYS
 create mode 100644 baseconfig/CONFIG_COMMON_CLK_MT2701_VDECSYS
 create mode 100644 baseconfig/CONFIG_DA280
 create mode 100644 baseconfig/CONFIG_DA311
 create mode 100644 baseconfig/CONFIG_DMARD10
 create mode 100644 baseconfig/CONFIG_DMA_FENCE_TRACE
 create mode 100644 baseconfig/CONFIG_DPOT_DAC
 create mode 100644 baseconfig/CONFIG_DRM_DW_HDMI_I2S_AUDIO
 create mode 100644 baseconfig/CONFIG_DRM_HISI_HIBMC
 create mode 100644 baseconfig/CONFIG_DRM_I2C_ADV7511_AUDIO
 create mode 100644 baseconfig/CONFIG_DRM_I915_ALPHA_SUPPORT
 create mode 100644 baseconfig/CONFIG_DRM_I915_CAPTURE_ERROR
 create mode 100644 baseconfig/CONFIG_DRM_I915_COMPRESS_ERROR
 create mode 100644 baseconfig/CONFIG_DRM_I915_GVT_KVMGT
 delete mode 100644 baseconfig/CONFIG_DRM_I915_PRELIMINARY_HW_SUPPORT
 create mode 100644 baseconfig/CONFIG_DRM_MXSFB
 create mode 100644 baseconfig/CONFIG_DRM_SIL_SII8620
 create mode 100644 baseconfig/CONFIG_DRM_TI_TFP410
 create mode 100644 baseconfig/CONFIG_EFI_ALLOW_SECURE_BOOT_EXIT
 create mode 100644 baseconfig/CONFIG_EFI_SECURE_BOOT_LOCK_DOWN
 create mode 100644 baseconfig/CONFIG_ENVELOPE_DETECTOR
 delete mode 100644 baseconfig/CONFIG_FENCE_TRACE
 create mode 100644 baseconfig/CONFIG_HT16K33
 create mode 100644 baseconfig/CONFIG_HTS221
 create mode 100644 baseconfig/CONFIG_IIO_CROS_EC_SENSORS
 create mode 100644 baseconfig/CONFIG_IIO_CROS_EC_SENSORS_COR
 create mode 100644 baseconfig/CONFIG_IIO_CROS_EC_SENSORS_CORE
 create mode 100644 baseconfig/CONFIG_INPUT_PM8XXX_VIBRATOR
 create mode 100644 baseconfig/CONFIG_INPUT_PMIC8XXX_PWRKEY
 create mode 100644 baseconfig/CONFIG_KEYBOARD_PMIC8XXX
 create mode 100644 baseconfig/CONFIG_LEDS_NIC78BX
 create mode 100644 baseconfig/CONFIG_LEDS_USER
 create mode 100644 baseconfig/CONFIG_LMP91000
 create mode 100644 baseconfig/CONFIG_LOCK_DOWN_KERNEL
 create mode 100644 baseconfig/CONFIG_MFD_PM8XXX
 create mode 100644 baseconfig/CONFIG_MMC_SDHCI_CADENCE
 create mode 100644 baseconfig/CONFIG_MPU3050_I2C
 create mode 100644 baseconfig/CONFIG_MSM_GCC_8994
 create mode 100644 baseconfig/CONFIG_NVME_FC
 create mode 100644 baseconfig/CONFIG_NVME_TARGET_FC
 create mode 100644 baseconfig/CONFIG_NVME_TARGET_FCLOOP
 create mode 100644 baseconfig/CONFIG_PINCTRL_MSM8994
 create mode 100644 baseconfig/CONFIG_PINCTRL_SX150X
 create mode 100644 baseconfig/CONFIG_QCOM_ADSP_PIL
 create mode 100644 baseconfig/CONFIG_QCOM_CLK_RPM
 create mode 100644 baseconfig/CONFIG_QCOM_CLK_SMD_RPM
 create mode 100644 baseconfig/CONFIG_REMOTEPROC
 create mode 100644 baseconfig/CONFIG_RTC_DRV_PM8XXX
 create mode 100644 baseconfig/CONFIG_SCR24X
 create mode 100644 baseconfig/CONFIG_SENSORS_TC654
 create mode 100644 baseconfig/CONFIG_SENSORS_TMP108
 create mode 100644 baseconfig/CONFIG_SPI_ARMADA_3700
 create mode 100644 baseconfig/CONFIG_SPI_FSL_LPSPI
 create mode 100644 baseconfig/CONFIG_SUN50I_A64_CCU
 create mode 100644 baseconfig/CONFIG_TEST_ASYNC_DRIVER_PROBE
 create mode 100644 baseconfig/CONFIG_UIO_HV_GENERIC
 create mode 100644 baseconfig/CONFIG_USB_SERIAL_F8153X
 create mode 100644 baseconfig/CONFIG_VFIO_MDEV
 create mode 100644 baseconfig/CONFIG_VFIO_MDEV_DEVICE
 create mode 100644 baseconfig/arm/arm64/CONFIG_ACPI_APEI
 create mode 100644 baseconfig/arm/arm64/CONFIG_ACPI_APEI_EINJ
 create mode 100644 baseconfig/arm/arm64/CONFIG_ACPI_APEI_ERST_DEBUG
 create mode 100644 baseconfig/arm/arm64/CONFIG_ACPI_APEI_GHES
 create mode 100644 baseconfig/arm/arm64/CONFIG_ACPI_APEI_PCIEAER
 create mode 100644 baseconfig/arm/arm64/CONFIG_ARM64_PTDUMP_DEBUGFS
 create mode 100644 baseconfig/arm/arm64/CONFIG_DEBUG_WX
 create mode 100644 baseconfig/x86/CONFIG_AMD_XGBE
 create mode 100644 baseconfig/x86/CONFIG_AMD_XGBE_DCB
 create mode 100644 baseconfig/x86/CONFIG_APPLE_PROPERTIES
 create mode 100644 baseconfig/x86/CONFIG_EFI_ALLOW_SECURE_BOOT_EXIT
 create mode 100644 baseconfig/x86/CONFIG_EFI_SECURE_BOOT_LOCK_DOWN
 create mode 100644 baseconfig/x86/CONFIG_LOCK_DOWN_KERNEL
 create mode 100644 baseconfig/x86/CONFIG_SCHED_MC_PRIO
 delete mode 100644 bcm283x-vc4-fixes.patch
 create mode 100644 efi-lockdown.patch
 delete mode 100644 hibernate-Disable-in-a-signed-modules-environment.patch
 delete mode 100644 kexec-Disable-at-runtime-if-the-kernel-enforces-modu.patch
 delete mode 100644 kexec-uefi-copy-secure_boot-flag-in-boot-params.patch
 delete mode 100644 x86-Lock-down-IO-port-access-when-module-security-is.patch
 delete mode 100644 x86-Restrict-MSR-access-when-module-loading-is-restr.patch

diff --git a/ACPI-Limit-access-to-custom_method.patch b/ACPI-Limit-access-to-custom_method.patch
deleted file mode 100644
index 44d2a004d..000000000
--- a/ACPI-Limit-access-to-custom_method.patch
+++ /dev/null
@@ -1,31 +0,0 @@
-From 36d02761fc952f8190fca75bb4b81c2c7b7ddf68 Mon Sep 17 00:00:00 2001
-From: Matthew Garrett <matthew.garrett@nebula.com>
-Date: Fri, 9 Mar 2012 08:39:37 -0500
-Subject: [PATCH 04/20] ACPI: Limit access to custom_method
-
-custom_method effectively allows arbitrary access to system memory, making
-it possible for an attacker to circumvent restrictions on module loading.
-Disable it if any such restrictions have been enabled.
-
-Signed-off-by: Matthew Garrett <matthew.garrett@nebula.com>
----
- drivers/acpi/custom_method.c | 3 +++
- 1 file changed, 3 insertions(+)
-
-diff --git a/drivers/acpi/custom_method.c b/drivers/acpi/custom_method.c
-index c68e72414a67..4277938af700 100644
---- a/drivers/acpi/custom_method.c
-+++ b/drivers/acpi/custom_method.c
-@@ -29,6 +29,9 @@ static ssize_t cm_write(struct file *file, const char __user * user_buf,
- 	struct acpi_table_header table;
- 	acpi_status status;
- 
-+	if (secure_modules())
-+		return -EPERM;
-+
- 	if (!(*ppos)) {
- 		/* parse the table header to get the table length */
- 		if (count <= sizeof(struct acpi_table_header))
--- 
-2.9.3
-
diff --git a/Add-EFI-signature-data-types.patch b/Add-EFI-signature-data-types.patch
index c376c48b3..40d14f949 100644
--- a/Add-EFI-signature-data-types.patch
+++ b/Add-EFI-signature-data-types.patch
@@ -19,8 +19,8 @@ index 5af91b58afae..190858d62fe3 100644
 --- a/include/linux/efi.h
 +++ b/include/linux/efi.h
 @@ -603,6 +603,9 @@ void efi_native_runtime_setup(void);
- #define LINUX_EFI_ARM_SCREEN_INFO_TABLE_GUID	EFI_GUID(0xe03fc20a, 0x85dc, 0x406e,  0xb9, 0x0e, 0x4a, 0xb5, 0x02, 0x37, 0x1d, 0x95)
  #define LINUX_EFI_LOADER_ENTRY_GUID		EFI_GUID(0x4a67b082, 0x0a4c, 0x41cf,  0xb6, 0xc7, 0x44, 0x0b, 0x29, 0xbb, 0x8c, 0x4f)
+ #define LINUX_EFI_RANDOM_SEED_TABLE_GUID	EFI_GUID(0x1ce1e5bc, 0x7ceb, 0x42f2,  0x81, 0xe5, 0x8a, 0xad, 0xf1, 0x80, 0xf5, 0x7b)
  
 +#define EFI_CERT_SHA256_GUID			EFI_GUID(0xc1c41626, 0x504c, 0x4092,  0xac, 0xa9, 0x41, 0xf9, 0x36, 0x93, 0x43, 0x28)
 +#define EFI_CERT_X509_GUID			EFI_GUID(0xa5c059a1, 0x94e4, 0x4aa7,  0x87, 0xb5, 0xab, 0x15, 0x5c, 0x2b, 0xf0, 0x72)
diff --git a/Add-secure_modules-call.patch b/Add-secure_modules-call.patch
deleted file mode 100644
index 99d04c43e..000000000
--- a/Add-secure_modules-call.patch
+++ /dev/null
@@ -1,63 +0,0 @@
-From 80d2d273b36b33d46820ab128c7a5b068389f643 Mon Sep 17 00:00:00 2001
-From: Matthew Garrett <matthew.garrett@nebula.com>
-Date: Fri, 9 Aug 2013 17:58:15 -0400
-Subject: [PATCH 01/20] Add secure_modules() call
-
-Provide a single call to allow kernel code to determine whether the system
-has been configured to either disable module loading entirely or to load
-only modules signed with a trusted key.
-
-Bugzilla: N/A
-Upstream-status: Fedora mustard.  Replaced by securelevels, but that was nak'd
-
-Signed-off-by: Matthew Garrett <matthew.garrett@nebula.com>
----
- include/linux/module.h |  6 ++++++
- kernel/module.c        | 10 ++++++++++
- 2 files changed, 16 insertions(+)
-
-diff --git a/include/linux/module.h b/include/linux/module.h
-index 0c3207d26ac0..05bd6c989a0c 100644
---- a/include/linux/module.h
-+++ b/include/linux/module.h
-@@ -641,6 +641,8 @@ static inline bool is_livepatch_module(struct module *mod)
- }
- #endif /* CONFIG_LIVEPATCH */
- 
-+extern bool secure_modules(void);
-+
- #else /* !CONFIG_MODULES... */
- 
- static inline struct module *__module_address(unsigned long addr)
-@@ -750,6 +752,10 @@ static inline bool module_requested_async_probing(struct module *module)
- 	return false;
- }
- 
-+static inline bool secure_modules(void)
-+{
-+	return false;
-+}
- #endif /* CONFIG_MODULES */
- 
- #ifdef CONFIG_SYSFS
-diff --git a/kernel/module.c b/kernel/module.c
-index f57dd63186e6..cb864505d020 100644
---- a/kernel/module.c
-+++ b/kernel/module.c
-@@ -4284,3 +4284,13 @@ void module_layout(struct module *mod,
- }
- EXPORT_SYMBOL(module_layout);
- #endif
-+
-+bool secure_modules(void)
-+{
-+#ifdef CONFIG_MODULE_SIG
-+	return (sig_enforce || modules_disabled);
-+#else
-+	return modules_disabled;
-+#endif
-+}
-+EXPORT_SYMBOL(secure_modules);
--- 
-2.9.3
-
diff --git a/Add-sysrq-option-to-disable-secure-boot-mode.patch b/Add-sysrq-option-to-disable-secure-boot-mode.patch
deleted file mode 100644
index edd6039f9..000000000
--- a/Add-sysrq-option-to-disable-secure-boot-mode.patch
+++ /dev/null
@@ -1,246 +0,0 @@
-From d9e0379e8d3cb51efe4e2b1a5a60c52c2c40bdfb Mon Sep 17 00:00:00 2001
-From: Kyle McMartin <kyle@redhat.com>
-Date: Fri, 30 Aug 2013 09:28:51 -0400
-Subject: [PATCH 20/20] Add sysrq option to disable secure boot mode
-
-Bugzilla: N/A
-Upstream-status: Fedora mustard
----
- arch/x86/kernel/setup.c     | 36 ++++++++++++++++++++++++++++++++++++
- drivers/input/misc/uinput.c |  1 +
- drivers/tty/sysrq.c         | 19 +++++++++++++------
- include/linux/input.h       |  5 +++++
- include/linux/sysrq.h       |  8 +++++++-
- kernel/debug/kdb/kdb_main.c |  2 +-
- kernel/module.c             |  2 +-
- 7 files changed, 64 insertions(+), 9 deletions(-)
-
-diff --git a/arch/x86/kernel/setup.c b/arch/x86/kernel/setup.c
-index b93183336674..dab2882927c2 100644
---- a/arch/x86/kernel/setup.c
-+++ b/arch/x86/kernel/setup.c
-@@ -70,6 +70,11 @@
- #include <linux/tboot.h>
- #include <linux/jiffies.h>
- 
-+#include <linux/fips.h>
-+#include <linux/cred.h>
-+#include <linux/sysrq.h>
-+#include <linux/init_task.h>
-+
- #include <video/edid.h>
- 
- #include <asm/mtrr.h>
-@@ -1286,6 +1291,37 @@ void __init i386_reserve_resources(void)
- 
- #endif /* CONFIG_X86_32 */
- 
-+#ifdef CONFIG_MAGIC_SYSRQ
-+#ifdef CONFIG_MODULE_SIG
-+extern bool sig_enforce;
-+#endif
-+
-+static void sysrq_handle_secure_boot(int key)
-+{
-+	if (!efi_enabled(EFI_SECURE_BOOT))
-+		return;
-+
-+	pr_info("Secure boot disabled\n");
-+#ifdef CONFIG_MODULE_SIG
-+	sig_enforce = fips_enabled;
-+#endif
-+}
-+static struct sysrq_key_op secure_boot_sysrq_op = {
-+	.handler	=	sysrq_handle_secure_boot,
-+	.help_msg	=	"unSB(x)",
-+	.action_msg	=	"Disabling Secure Boot restrictions",
-+	.enable_mask	=	SYSRQ_DISABLE_USERSPACE,
-+};
-+static int __init secure_boot_sysrq(void)
-+{
-+	if (efi_enabled(EFI_SECURE_BOOT))
-+		register_sysrq_key('x', &secure_boot_sysrq_op);
-+	return 0;
-+}
-+late_initcall(secure_boot_sysrq);
-+#endif /*CONFIG_MAGIC_SYSRQ*/
-+
-+
- static struct notifier_block kernel_offset_notifier = {
- 	.notifier_call = dump_kernel_offset
- };
-diff --git a/drivers/input/misc/uinput.c b/drivers/input/misc/uinput.c
-index 92595b98e7ed..894ed3f74f04 100644
---- a/drivers/input/misc/uinput.c
-+++ b/drivers/input/misc/uinput.c
-@@ -379,6 +379,7 @@ static int uinput_allocate_device(struct uinput_device *udev)
- 	if (!udev->dev)
- 		return -ENOMEM;
- 
-+	udev->dev->flags |= INPUTDEV_FLAGS_SYNTHETIC;
- 	udev->dev->event = uinput_dev_event;
- 	input_set_drvdata(udev->dev, udev);
- 
-diff --git a/drivers/tty/sysrq.c b/drivers/tty/sysrq.c
-index 52bbd27e93ae..594bd731253a 100644
---- a/drivers/tty/sysrq.c
-+++ b/drivers/tty/sysrq.c
-@@ -479,6 +479,7 @@ static struct sysrq_key_op *sysrq_key_table[36] = {
- 	/* x: May be registered on mips for TLB dump */
- 	/* x: May be registered on ppc/powerpc for xmon */
- 	/* x: May be registered on sparc64 for global PMU dump */
-+	/* x: May be registered on x86_64 for disabling secure boot */
- 	NULL,				/* x */
- 	/* y: May be registered on sparc64 for global register dump */
- 	NULL,				/* y */
-@@ -522,7 +523,7 @@ static void __sysrq_put_key_op(int key, struct sysrq_key_op *op_p)
-                 sysrq_key_table[i] = op_p;
- }
- 
--void __handle_sysrq(int key, bool check_mask)
-+void __handle_sysrq(int key, int from)
- {
- 	struct sysrq_key_op *op_p;
- 	int orig_log_level;
-@@ -542,11 +543,15 @@ void __handle_sysrq(int key, bool check_mask)
- 
-         op_p = __sysrq_get_key_op(key);
-         if (op_p) {
-+		/* Ban synthetic events from some sysrq functionality */
-+		if ((from == SYSRQ_FROM_PROC || from == SYSRQ_FROM_SYNTHETIC) &&
-+		    op_p->enable_mask & SYSRQ_DISABLE_USERSPACE)
-+			printk("This sysrq operation is disabled from userspace.\n");
- 		/*
- 		 * Should we check for enabled operations (/proc/sysrq-trigger
- 		 * should not) and is the invoked operation enabled?
- 		 */
--		if (!check_mask || sysrq_on_mask(op_p->enable_mask)) {
-+		if (from == SYSRQ_FROM_KERNEL || sysrq_on_mask(op_p->enable_mask)) {
- 			pr_cont("%s\n", op_p->action_msg);
- 			console_loglevel = orig_log_level;
- 			op_p->handler(key);
-@@ -578,7 +583,7 @@ void __handle_sysrq(int key, bool check_mask)
- void handle_sysrq(int key)
- {
- 	if (sysrq_on())
--		__handle_sysrq(key, true);
-+		__handle_sysrq(key, SYSRQ_FROM_KERNEL);
- }
- EXPORT_SYMBOL(handle_sysrq);
- 
-@@ -659,7 +664,7 @@ static void sysrq_do_reset(unsigned long _state)
- static void sysrq_handle_reset_request(struct sysrq_state *state)
- {
- 	if (state->reset_requested)
--		__handle_sysrq(sysrq_xlate[KEY_B], false);
-+		__handle_sysrq(sysrq_xlate[KEY_B], SYSRQ_FROM_KERNEL);
- 
- 	if (sysrq_reset_downtime_ms)
- 		mod_timer(&state->keyreset_timer,
-@@ -810,8 +815,10 @@ static bool sysrq_handle_keypress(struct sysrq_state *sysrq,
- 
- 	default:
- 		if (sysrq->active && value && value != 2) {
-+			int from = sysrq->handle.dev->flags & INPUTDEV_FLAGS_SYNTHETIC ?
-+					SYSRQ_FROM_SYNTHETIC : 0;
- 			sysrq->need_reinject = false;
--			__handle_sysrq(sysrq_xlate[code], true);
-+			__handle_sysrq(sysrq_xlate[code], from);
- 		}
- 		break;
- 	}
-@@ -1095,7 +1102,7 @@ static ssize_t write_sysrq_trigger(struct file *file, const char __user *buf,
- 
- 		if (get_user(c, buf))
- 			return -EFAULT;
--		__handle_sysrq(c, false);
-+		__handle_sysrq(c, SYSRQ_FROM_PROC);
- 	}
- 
- 	return count;
-diff --git a/include/linux/input.h b/include/linux/input.h
-index a65e3b24fb18..8b0357175049 100644
---- a/include/linux/input.h
-+++ b/include/linux/input.h
-@@ -42,6 +42,7 @@ struct input_value {
-  * @phys: physical path to the device in the system hierarchy
-  * @uniq: unique identification code for the device (if device has it)
-  * @id: id of the device (struct input_id)
-+ * @flags: input device flags (SYNTHETIC, etc.)
-  * @propbit: bitmap of device properties and quirks
-  * @evbit: bitmap of types of events supported by the device (EV_KEY,
-  *	EV_REL, etc.)
-@@ -124,6 +125,8 @@ struct input_dev {
- 	const char *uniq;
- 	struct input_id id;
- 
-+	unsigned int flags;
-+
- 	unsigned long propbit[BITS_TO_LONGS(INPUT_PROP_CNT)];
- 
- 	unsigned long evbit[BITS_TO_LONGS(EV_CNT)];
-@@ -190,6 +193,8 @@ struct input_dev {
- };
- #define to_input_dev(d) container_of(d, struct input_dev, dev)
- 
-+#define	INPUTDEV_FLAGS_SYNTHETIC	0x000000001
-+
- /*
-  * Verify that we are in sync with input_device_id mod_devicetable.h #defines
-  */
-diff --git a/include/linux/sysrq.h b/include/linux/sysrq.h
-index 387fa7d05c98..4b07e30b3279 100644
---- a/include/linux/sysrq.h
-+++ b/include/linux/sysrq.h
-@@ -28,6 +28,8 @@
- #define SYSRQ_ENABLE_BOOT	0x0080
- #define SYSRQ_ENABLE_RTNICE	0x0100
- 
-+#define SYSRQ_DISABLE_USERSPACE	0x00010000
-+
- struct sysrq_key_op {
- 	void (*handler)(int);
- 	char *help_msg;
-@@ -42,8 +44,12 @@ struct sysrq_key_op {
-  * are available -- else NULL's).
-  */
- 
-+#define SYSRQ_FROM_KERNEL	0x0001
-+#define SYSRQ_FROM_PROC		0x0002
-+#define SYSRQ_FROM_SYNTHETIC	0x0004
-+
- void handle_sysrq(int key);
--void __handle_sysrq(int key, bool check_mask);
-+void __handle_sysrq(int key, int from);
- int register_sysrq_key(int key, struct sysrq_key_op *op);
- int unregister_sysrq_key(int key, struct sysrq_key_op *op);
- struct sysrq_key_op *__sysrq_get_key_op(int key);
-diff --git a/kernel/debug/kdb/kdb_main.c b/kernel/debug/kdb/kdb_main.c
-index 2a20c0dfdafc..3d17205dab77 100644
---- a/kernel/debug/kdb/kdb_main.c
-+++ b/kernel/debug/kdb/kdb_main.c
-@@ -1968,7 +1968,7 @@ static int kdb_sr(int argc, const char **argv)
- 		return KDB_ARGCOUNT;
- 
- 	kdb_trap_printk++;
--	__handle_sysrq(*argv[1], check_mask);
-+	__handle_sysrq(*argv[1], check_mask & SYSRQ_FROM_KERNEL);
- 	kdb_trap_printk--;
- 
- 	return 0;
-diff --git a/kernel/module.c b/kernel/module.c
-index cb1f1da69bf4..5933c27ba19e 100644
---- a/kernel/module.c
-+++ b/kernel/module.c
-@@ -270,7 +270,7 @@ static void module_assert_mutex_or_preempt(void)
- #endif
- }
- 
--static bool sig_enforce = IS_ENABLED(CONFIG_MODULE_SIG_FORCE);
-+bool sig_enforce = IS_ENABLED(CONFIG_MODULE_SIG_FORCE);
- #ifndef CONFIG_MODULE_SIG_FORCE
- module_param(sig_enforce, bool_enable_only, 0644);
- #endif /* !CONFIG_MODULE_SIG_FORCE */
--- 
-2.9.3
-
diff --git a/PCI-Lock-down-BAR-access-when-module-security-is-ena.patch b/PCI-Lock-down-BAR-access-when-module-security-is-ena.patch
deleted file mode 100644
index e30b337c1..000000000
--- a/PCI-Lock-down-BAR-access-when-module-security-is-ena.patch
+++ /dev/null
@@ -1,118 +0,0 @@
-From 03a4ad09f20944e1917abfd24d1d0e5f107a2861 Mon Sep 17 00:00:00 2001
-From: Matthew Garrett <matthew.garrett@nebula.com>
-Date: Thu, 8 Mar 2012 10:10:38 -0500
-Subject: [PATCH 02/20] PCI: Lock down BAR access when module security is
- enabled
-
-Any hardware that can potentially generate DMA has to be locked down from
-userspace in order to avoid it being possible for an attacker to modify
-kernel code, allowing them to circumvent disabled module loading or module
-signing. Default to paranoid - in future we can potentially relax this for
-sufficiently IOMMU-isolated devices.
-
-Signed-off-by: Matthew Garrett <matthew.garrett@nebula.com>
----
- drivers/pci/pci-sysfs.c | 10 ++++++++++
- drivers/pci/proc.c      |  8 +++++++-
- drivers/pci/syscall.c   |  3 ++-
- 3 files changed, 19 insertions(+), 2 deletions(-)
-
-diff --git a/drivers/pci/pci-sysfs.c b/drivers/pci/pci-sysfs.c
-index bcd10c795284..a950301496f3 100644
---- a/drivers/pci/pci-sysfs.c
-+++ b/drivers/pci/pci-sysfs.c
-@@ -30,6 +30,7 @@
- #include <linux/vgaarb.h>
- #include <linux/pm_runtime.h>
- #include <linux/of.h>
-+#include <linux/module.h>
- #include "pci.h"
- 
- static int sysfs_initialized;	/* = 0 */
-@@ -716,6 +717,9 @@ static ssize_t pci_write_config(struct file *filp, struct kobject *kobj,
- 	loff_t init_off = off;
- 	u8 *data = (u8 *) buf;
- 
-+	if (secure_modules())
-+		return -EPERM;
-+
- 	if (off > dev->cfg_size)
- 		return 0;
- 	if (off + count > dev->cfg_size) {
-@@ -1007,6 +1011,9 @@ static int pci_mmap_resource(struct kobject *kobj, struct bin_attribute *attr,
- 	resource_size_t start, end;
- 	int i;
- 
-+	if (secure_modules())
-+		return -EPERM;
-+
- 	for (i = 0; i < PCI_ROM_RESOURCE; i++)
- 		if (res == &pdev->resource[i])
- 			break;
-@@ -1106,6 +1113,9 @@ static ssize_t pci_write_resource_io(struct file *filp, struct kobject *kobj,
- 				     struct bin_attribute *attr, char *buf,
- 				     loff_t off, size_t count)
- {
-+	if (secure_modules())
-+		return -EPERM;
-+
- 	return pci_resource_io(filp, kobj, attr, buf, off, count, true);
- }
- 
-diff --git a/drivers/pci/proc.c b/drivers/pci/proc.c
-index 2408abe4ee8c..59f321c56c18 100644
---- a/drivers/pci/proc.c
-+++ b/drivers/pci/proc.c
-@@ -116,6 +116,9 @@ static ssize_t proc_bus_pci_write(struct file *file, const char __user *buf,
- 	int size = dev->cfg_size;
- 	int cnt;
- 
-+	if (secure_modules())
-+		return -EPERM;
-+
- 	if (pos >= size)
- 		return 0;
- 	if (nbytes >= size)
-@@ -195,6 +198,9 @@ static long proc_bus_pci_ioctl(struct file *file, unsigned int cmd,
- #endif /* HAVE_PCI_MMAP */
- 	int ret = 0;
- 
-+	if (secure_modules())
-+		return -EPERM;
-+
- 	switch (cmd) {
- 	case PCIIOC_CONTROLLER:
- 		ret = pci_domain_nr(dev->bus);
-@@ -233,7 +239,7 @@ static int proc_bus_pci_mmap(struct file *file, struct vm_area_struct *vma)
- 	struct pci_filp_private *fpriv = file->private_data;
- 	int i, ret, write_combine;
- 
--	if (!capable(CAP_SYS_RAWIO))
-+	if (!capable(CAP_SYS_RAWIO) || secure_modules())
- 		return -EPERM;
- 
- 	/* Make sure the caller is mapping a real resource for this device */
-diff --git a/drivers/pci/syscall.c b/drivers/pci/syscall.c
-index b91c4da68365..98f5637304d1 100644
---- a/drivers/pci/syscall.c
-+++ b/drivers/pci/syscall.c
-@@ -10,6 +10,7 @@
- #include <linux/errno.h>
- #include <linux/pci.h>
- #include <linux/syscalls.h>
-+#include <linux/module.h>
- #include <asm/uaccess.h>
- #include "pci.h"
- 
-@@ -92,7 +93,7 @@ SYSCALL_DEFINE5(pciconfig_write, unsigned long, bus, unsigned long, dfn,
- 	u32 dword;
- 	int err = 0;
- 
--	if (!capable(CAP_SYS_ADMIN))
-+	if (!capable(CAP_SYS_ADMIN) || secure_modules())
- 		return -EPERM;
- 
- 	dev = pci_get_bus_and_slot(bus, dfn);
--- 
-2.9.3
-
diff --git a/Restrict-dev-mem-and-dev-kmem-when-module-loading-is.patch b/Restrict-dev-mem-and-dev-kmem-when-module-loading-is.patch
deleted file mode 100644
index 24f1d5b5d..000000000
--- a/Restrict-dev-mem-and-dev-kmem-when-module-loading-is.patch
+++ /dev/null
@@ -1,42 +0,0 @@
-From 9f31204f829da97f99f7aacf30f0ddc26e456df7 Mon Sep 17 00:00:00 2001
-From: Matthew Garrett <matthew.garrett@nebula.com>
-Date: Fri, 9 Mar 2012 09:28:15 -0500
-Subject: [PATCH 06/20] Restrict /dev/mem and /dev/kmem when module loading is
- restricted
-
-Allowing users to write to address space makes it possible for the kernel
-to be subverted, avoiding module loading restrictions. Prevent this when
-any restrictions have been imposed on loading modules.
-
-Signed-off-by: Matthew Garrett <matthew.garrett@nebula.com>
----
- drivers/char/mem.c | 6 ++++++
- 1 file changed, 6 insertions(+)
-
-diff --git a/drivers/char/mem.c b/drivers/char/mem.c
-index 7f1a7ab5850d..d6a6f05fbc1c 100644
---- a/drivers/char/mem.c
-+++ b/drivers/char/mem.c
-@@ -164,6 +164,9 @@ static ssize_t write_mem(struct file *file, const char __user *buf,
- 	if (p != *ppos)
- 		return -EFBIG;
- 
-+	if (secure_modules())
-+		return -EPERM;
-+
- 	if (!valid_phys_addr_range(p, count))
- 		return -EFAULT;
- 
-@@ -516,6 +519,9 @@ static ssize_t write_kmem(struct file *file, const char __user *buf,
- 	if (!pfn_valid(PFN_DOWN(p)))
- 		return -EIO;
- 
-+	if (secure_modules())
-+		return -EPERM;
-+
- 	if (p < (unsigned long) high_memory) {
- 		unsigned long to_write = min_t(unsigned long, count,
- 					       (unsigned long)high_memory - p);
--- 
-2.9.3
-
diff --git a/acpi-Ignore-acpi_rsdp-kernel-parameter-when-module-l.patch b/acpi-Ignore-acpi_rsdp-kernel-parameter-when-module-l.patch
deleted file mode 100644
index 89d59424b..000000000
--- a/acpi-Ignore-acpi_rsdp-kernel-parameter-when-module-l.patch
+++ /dev/null
@@ -1,39 +0,0 @@
-From ee880324686af8bb212fc088495ea528e3042cd6 Mon Sep 17 00:00:00 2001
-From: Josh Boyer <jwboyer@redhat.com>
-Date: Mon, 25 Jun 2012 19:57:30 -0400
-Subject: [PATCH 07/20] acpi: Ignore acpi_rsdp kernel parameter when module
- loading is restricted
-
-This option allows userspace to pass the RSDP address to the kernel, which
-makes it possible for a user to circumvent any restrictions imposed on
-loading modules. Disable it in that case.
-
-Signed-off-by: Josh Boyer <jwboyer@redhat.com>
----
- drivers/acpi/osl.c | 3 ++-
- 1 file changed, 2 insertions(+), 1 deletion(-)
-
-diff --git a/drivers/acpi/osl.c b/drivers/acpi/osl.c
-index 416953a42510..4887e343c7fd 100644
---- a/drivers/acpi/osl.c
-+++ b/drivers/acpi/osl.c
-@@ -40,6 +40,7 @@
- #include <linux/list.h>
- #include <linux/jiffies.h>
- #include <linux/semaphore.h>
-+#include <linux/module.h>
- 
- #include <asm/io.h>
- #include <asm/uaccess.h>
-@@ -191,7 +192,7 @@ early_param("acpi_rsdp", setup_acpi_rsdp);
- acpi_physical_address __init acpi_os_get_root_pointer(void)
- {
- #ifdef CONFIG_KEXEC
--	if (acpi_rsdp)
-+	if (acpi_rsdp && !secure_modules())
- 		return acpi_rsdp;
- #endif
- 
--- 
-2.9.3
-
diff --git a/arm64-ACPI-parse-SPCR-table.patch b/arm64-ACPI-parse-SPCR-table.patch
deleted file mode 100644
index ad85b0214..000000000
--- a/arm64-ACPI-parse-SPCR-table.patch
+++ /dev/null
@@ -1,101 +0,0 @@
-From 10879ae5f12e9cab3c4e8e9504c1aaa8a033bde7 Mon Sep 17 00:00:00 2001
-From: Aleksey Makarov <aleksey.makarov@linaro.org>
-Date: Tue, 4 Oct 2016 10:15:32 +0300
-Subject: serial: pl011: add console matching function
-
-This patch adds function pl011_console_match() that implements
-method match of struct console.  It allows to match consoles against
-data specified in a string, for example taken from command line or
-compiled by ACPI SPCR table handler.
-
-This patch was merged to tty-next but then reverted because of
-conflict with
-
-commit 46e36683f433 ("serial: earlycon: Extend earlycon command line option to support 64-bit addresses")
-
-Now it is fixed.
-
-Signed-off-by: Aleksey Makarov <aleksey.makarov@linaro.org>
-Reviewed-by: Peter Hurley <peter@hurleysoftware.com>
-Acked-by: Russell King <rmk+kernel@armlinux.org.uk>
-Tested-by: Christopher Covington <cov@codeaurora.org>
-Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
----
- drivers/tty/serial/amba-pl011.c | 55 +++++++++++++++++++++++++++++++++++++++++
- 1 file changed, 55 insertions(+)
-
-diff --git a/drivers/tty/serial/amba-pl011.c b/drivers/tty/serial/amba-pl011.c
-index e2c33b9..c00ab22 100644
---- a/drivers/tty/serial/amba-pl011.c
-+++ b/drivers/tty/serial/amba-pl011.c
-@@ -2315,12 +2315,67 @@ static int __init pl011_console_setup(struct console *co, char *options)
- 	return uart_set_options(&uap->port, co, baud, parity, bits, flow);
- }
- 
-+/**
-+ *	pl011_console_match - non-standard console matching
-+ *	@co:	  registering console
-+ *	@name:	  name from console command line
-+ *	@idx:	  index from console command line
-+ *	@options: ptr to option string from console command line
-+ *
-+ *	Only attempts to match console command lines of the form:
-+ *	    console=pl011,mmio|mmio32,<addr>[,<options>]
-+ *	    console=pl011,0x<addr>[,<options>]
-+ *	This form is used to register an initial earlycon boot console and
-+ *	replace it with the amba_console at pl011 driver init.
-+ *
-+ *	Performs console setup for a match (as required by interface)
-+ *	If no <options> are specified, then assume the h/w is already setup.
-+ *
-+ *	Returns 0 if console matches; otherwise non-zero to use default matching
-+ */
-+static int __init pl011_console_match(struct console *co, char *name, int idx,
-+				      char *options)
-+{
-+	unsigned char iotype;
-+	resource_size_t addr;
-+	int i;
-+
-+	if (strcmp(name, "pl011") != 0)
-+		return -ENODEV;
-+
-+	if (uart_parse_earlycon(options, &iotype, &addr, &options))
-+		return -ENODEV;
-+
-+	if (iotype != UPIO_MEM && iotype != UPIO_MEM32)
-+		return -ENODEV;
-+
-+	/* try to match the port specified on the command line */
-+	for (i = 0; i < ARRAY_SIZE(amba_ports); i++) {
-+		struct uart_port *port;
-+
-+		if (!amba_ports[i])
-+			continue;
-+
-+		port = &amba_ports[i]->port;
-+
-+		if (port->mapbase != addr)
-+			continue;
-+
-+		co->index = i;
-+		port->cons = co;
-+		return pl011_console_setup(co, options);
-+	}
-+
-+	return -ENODEV;
-+}
-+
- static struct uart_driver amba_reg;
- static struct console amba_console = {
- 	.name		= "ttyAMA",
- 	.write		= pl011_console_write,
- 	.device		= uart_console_device,
- 	.setup		= pl011_console_setup,
-+	.match		= pl011_console_match,
- 	.flags		= CON_PRINTBUFFER,
- 	.index		= -1,
- 	.data		= &amba_reg,
--- 
-cgit v0.12
-
diff --git a/asus-wmi-Restrict-debugfs-interface-when-module-load.patch b/asus-wmi-Restrict-debugfs-interface-when-module-load.patch
deleted file mode 100644
index 7e70e4f1a..000000000
--- a/asus-wmi-Restrict-debugfs-interface-when-module-load.patch
+++ /dev/null
@@ -1,54 +0,0 @@
-From ebbd8d01acdf472594f7e43e9a4274745c402e8e Mon Sep 17 00:00:00 2001
-From: Matthew Garrett <matthew.garrett@nebula.com>
-Date: Fri, 9 Mar 2012 08:46:50 -0500
-Subject: [PATCH 05/20] asus-wmi: Restrict debugfs interface when module
- loading is restricted
-
-We have no way of validating what all of the Asus WMI methods do on a
-given machine, and there's a risk that some will allow hardware state to
-be manipulated in such a way that arbitrary code can be executed in the
-kernel, circumventing module loading restrictions. Prevent that if any of
-these features are enabled.
-
-Signed-off-by: Matthew Garrett <matthew.garrett@nebula.com>
----
- drivers/platform/x86/asus-wmi.c | 9 +++++++++
- 1 file changed, 9 insertions(+)
-
-diff --git a/drivers/platform/x86/asus-wmi.c b/drivers/platform/x86/asus-wmi.c
-index ce6ca31a2d09..55d23994d6a2 100644
---- a/drivers/platform/x86/asus-wmi.c
-+++ b/drivers/platform/x86/asus-wmi.c
-@@ -1872,6 +1872,9 @@ static int show_dsts(struct seq_file *m, void *data)
- 	int err;
- 	u32 retval = -1;
- 
-+	if (secure_modules())
-+		return -EPERM;
-+
- 	err = asus_wmi_get_devstate(asus, asus->debug.dev_id, &retval);
- 
- 	if (err < 0)
-@@ -1888,6 +1891,9 @@ static int show_devs(struct seq_file *m, void *data)
- 	int err;
- 	u32 retval = -1;
- 
-+	if (secure_modules())
-+		return -EPERM;
-+
- 	err = asus_wmi_set_devstate(asus->debug.dev_id, asus->debug.ctrl_param,
- 				    &retval);
- 
-@@ -1912,6 +1918,9 @@ static int show_call(struct seq_file *m, void *data)
- 	union acpi_object *obj;
- 	acpi_status status;
- 
-+	if (secure_modules())
-+		return -EPERM;
-+
- 	status = wmi_evaluate_method(ASUS_WMI_MGMT_GUID,
- 				     1, asus->debug.method_id,
- 				     &input, &output);
--- 
-2.9.3
-
diff --git a/baseconfig/CONFIG_ABP060MG b/baseconfig/CONFIG_ABP060MG
new file mode 100644
index 000000000..23ef37890
--- /dev/null
+++ b/baseconfig/CONFIG_ABP060MG
@@ -0,0 +1 @@
+CONFIG_ABP060MG=m
diff --git a/baseconfig/CONFIG_AD7766 b/baseconfig/CONFIG_AD7766
new file mode 100644
index 000000000..a0d9775d2
--- /dev/null
+++ b/baseconfig/CONFIG_AD7766
@@ -0,0 +1 @@
+CONFIG_AD7766=m
diff --git a/baseconfig/CONFIG_ARM64_SW_TTBR0_PAN b/baseconfig/CONFIG_ARM64_SW_TTBR0_PAN
new file mode 100644
index 000000000..3b878e832
--- /dev/null
+++ b/baseconfig/CONFIG_ARM64_SW_TTBR0_PAN
@@ -0,0 +1 @@
+# CONFIG_ARM64_SW_TTBR0_PAN is not set
diff --git a/baseconfig/CONFIG_BCM2835_VCHIQ b/baseconfig/CONFIG_BCM2835_VCHIQ
new file mode 100644
index 000000000..0f1da7edd
--- /dev/null
+++ b/baseconfig/CONFIG_BCM2835_VCHIQ
@@ -0,0 +1 @@
+# CONFIG_BCM2835_VCHIQ is not set
diff --git a/baseconfig/CONFIG_BLK_DEV_ZONED b/baseconfig/CONFIG_BLK_DEV_ZONED
new file mode 100644
index 000000000..529b0b105
--- /dev/null
+++ b/baseconfig/CONFIG_BLK_DEV_ZONED
@@ -0,0 +1 @@
+CONFIG_BLK_DEV_ZONED=y
diff --git a/baseconfig/CONFIG_BLK_WBT b/baseconfig/CONFIG_BLK_WBT
new file mode 100644
index 000000000..66627cb1a
--- /dev/null
+++ b/baseconfig/CONFIG_BLK_WBT
@@ -0,0 +1 @@
+CONFIG_BLK_WBT=y
diff --git a/baseconfig/CONFIG_BLK_WBT_MQ b/baseconfig/CONFIG_BLK_WBT_MQ
new file mode 100644
index 000000000..2f4475f63
--- /dev/null
+++ b/baseconfig/CONFIG_BLK_WBT_MQ
@@ -0,0 +1 @@
+CONFIG_BLK_WBT_MQ=y
diff --git a/baseconfig/CONFIG_BLK_WBT_SQ b/baseconfig/CONFIG_BLK_WBT_SQ
new file mode 100644
index 000000000..155d4b2bf
--- /dev/null
+++ b/baseconfig/CONFIG_BLK_WBT_SQ
@@ -0,0 +1 @@
+# CONFIG_BLK_WBT_SQ is not set
diff --git a/baseconfig/CONFIG_COMMON_CLK_HI3516CV300 b/baseconfig/CONFIG_COMMON_CLK_HI3516CV300
new file mode 100644
index 000000000..2c50858a5
--- /dev/null
+++ b/baseconfig/CONFIG_COMMON_CLK_HI3516CV300
@@ -0,0 +1 @@
+# CONFIG_COMMON_CLK_HI3516CV300 is not set
diff --git a/baseconfig/CONFIG_COMMON_CLK_HI3798CV200 b/baseconfig/CONFIG_COMMON_CLK_HI3798CV200
new file mode 100644
index 000000000..8d91e10e1
--- /dev/null
+++ b/baseconfig/CONFIG_COMMON_CLK_HI3798CV200
@@ -0,0 +1 @@
+# CONFIG_COMMON_CLK_HI3798CV200 is not set
diff --git a/baseconfig/CONFIG_COMMON_CLK_MT2701 b/baseconfig/CONFIG_COMMON_CLK_MT2701
new file mode 100644
index 000000000..1f4db7eb4
--- /dev/null
+++ b/baseconfig/CONFIG_COMMON_CLK_MT2701
@@ -0,0 +1 @@
+# CONFIG_COMMON_CLK_MT2701 is not set
diff --git a/baseconfig/CONFIG_COMMON_CLK_MT2701_BDPSYS b/baseconfig/CONFIG_COMMON_CLK_MT2701_BDPSYS
new file mode 100644
index 000000000..8836cfeb2
--- /dev/null
+++ b/baseconfig/CONFIG_COMMON_CLK_MT2701_BDPSYS
@@ -0,0 +1 @@
+# CONFIG_COMMON_CLK_MT2701_BDPSYS is not set
diff --git a/baseconfig/CONFIG_COMMON_CLK_MT2701_ETHSYS b/baseconfig/CONFIG_COMMON_CLK_MT2701_ETHSYS
new file mode 100644
index 000000000..ce71bcaf3
--- /dev/null
+++ b/baseconfig/CONFIG_COMMON_CLK_MT2701_ETHSYS
@@ -0,0 +1 @@
+# CONFIG_COMMON_CLK_MT2701_ETHSYS is not set
diff --git a/baseconfig/CONFIG_COMMON_CLK_MT2701_HIFSYS b/baseconfig/CONFIG_COMMON_CLK_MT2701_HIFSYS
new file mode 100644
index 000000000..687287f1a
--- /dev/null
+++ b/baseconfig/CONFIG_COMMON_CLK_MT2701_HIFSYS
@@ -0,0 +1 @@
+# CONFIG_COMMON_CLK_MT2701_HIFSYS is not set
diff --git a/baseconfig/CONFIG_COMMON_CLK_MT2701_IMGSYS b/baseconfig/CONFIG_COMMON_CLK_MT2701_IMGSYS
new file mode 100644
index 000000000..f50109f52
--- /dev/null
+++ b/baseconfig/CONFIG_COMMON_CLK_MT2701_IMGSYS
@@ -0,0 +1 @@
+# CONFIG_COMMON_CLK_MT2701_IMGSYS is not set
diff --git a/baseconfig/CONFIG_COMMON_CLK_MT2701_MMSYS b/baseconfig/CONFIG_COMMON_CLK_MT2701_MMSYS
new file mode 100644
index 000000000..a28dde4dd
--- /dev/null
+++ b/baseconfig/CONFIG_COMMON_CLK_MT2701_MMSYS
@@ -0,0 +1 @@
+# CONFIG_COMMON_CLK_MT2701_MMSYS is not set
diff --git a/baseconfig/CONFIG_COMMON_CLK_MT2701_VDECSYS b/baseconfig/CONFIG_COMMON_CLK_MT2701_VDECSYS
new file mode 100644
index 000000000..2fffe9756
--- /dev/null
+++ b/baseconfig/CONFIG_COMMON_CLK_MT2701_VDECSYS
@@ -0,0 +1 @@
+# CONFIG_COMMON_CLK_MT2701_VDECSYS is not set
diff --git a/baseconfig/CONFIG_DA280 b/baseconfig/CONFIG_DA280
new file mode 100644
index 000000000..1bd6a460e
--- /dev/null
+++ b/baseconfig/CONFIG_DA280
@@ -0,0 +1 @@
+CONFIG_DA280=m
diff --git a/baseconfig/CONFIG_DA311 b/baseconfig/CONFIG_DA311
new file mode 100644
index 000000000..7cfaaba5d
--- /dev/null
+++ b/baseconfig/CONFIG_DA311
@@ -0,0 +1 @@
+CONFIG_DA311=m
diff --git a/baseconfig/CONFIG_DMARD10 b/baseconfig/CONFIG_DMARD10
new file mode 100644
index 000000000..3041c81a5
--- /dev/null
+++ b/baseconfig/CONFIG_DMARD10
@@ -0,0 +1 @@
+CONFIG_DMARD10=m
diff --git a/baseconfig/CONFIG_DMA_FENCE_TRACE b/baseconfig/CONFIG_DMA_FENCE_TRACE
new file mode 100644
index 000000000..bb21d9c52
--- /dev/null
+++ b/baseconfig/CONFIG_DMA_FENCE_TRACE
@@ -0,0 +1 @@
+# CONFIG_DMA_FENCE_TRACE is not set
diff --git a/baseconfig/CONFIG_DPOT_DAC b/baseconfig/CONFIG_DPOT_DAC
new file mode 100644
index 000000000..ed36b1e16
--- /dev/null
+++ b/baseconfig/CONFIG_DPOT_DAC
@@ -0,0 +1 @@
+CONFIG_DPOT_DAC=m
diff --git a/baseconfig/CONFIG_DRM_DW_HDMI_I2S_AUDIO b/baseconfig/CONFIG_DRM_DW_HDMI_I2S_AUDIO
new file mode 100644
index 000000000..34ecaf242
--- /dev/null
+++ b/baseconfig/CONFIG_DRM_DW_HDMI_I2S_AUDIO
@@ -0,0 +1 @@
+CONFIG_DRM_DW_HDMI_I2S_AUDIO=m
diff --git a/baseconfig/CONFIG_DRM_HISI_HIBMC b/baseconfig/CONFIG_DRM_HISI_HIBMC
new file mode 100644
index 000000000..3138ee3c9
--- /dev/null
+++ b/baseconfig/CONFIG_DRM_HISI_HIBMC
@@ -0,0 +1 @@
+CONFIG_DRM_HISI_HIBMC=m
diff --git a/baseconfig/CONFIG_DRM_I2C_ADV7511_AUDIO b/baseconfig/CONFIG_DRM_I2C_ADV7511_AUDIO
new file mode 100644
index 000000000..da69ce940
--- /dev/null
+++ b/baseconfig/CONFIG_DRM_I2C_ADV7511_AUDIO
@@ -0,0 +1 @@
+CONFIG_DRM_I2C_ADV7511_AUDIO=y
diff --git a/baseconfig/CONFIG_DRM_I915_ALPHA_SUPPORT b/baseconfig/CONFIG_DRM_I915_ALPHA_SUPPORT
new file mode 100644
index 000000000..49c76cb99
--- /dev/null
+++ b/baseconfig/CONFIG_DRM_I915_ALPHA_SUPPORT
@@ -0,0 +1 @@
+# CONFIG_DRM_I915_ALPHA_SUPPORT is not set
diff --git a/baseconfig/CONFIG_DRM_I915_CAPTURE_ERROR b/baseconfig/CONFIG_DRM_I915_CAPTURE_ERROR
new file mode 100644
index 000000000..d85c72035
--- /dev/null
+++ b/baseconfig/CONFIG_DRM_I915_CAPTURE_ERROR
@@ -0,0 +1 @@
+CONFIG_DRM_I915_CAPTURE_ERROR=y
diff --git a/baseconfig/CONFIG_DRM_I915_COMPRESS_ERROR b/baseconfig/CONFIG_DRM_I915_COMPRESS_ERROR
new file mode 100644
index 000000000..6d6c129f5
--- /dev/null
+++ b/baseconfig/CONFIG_DRM_I915_COMPRESS_ERROR
@@ -0,0 +1 @@
+CONFIG_DRM_I915_COMPRESS_ERROR=y
diff --git a/baseconfig/CONFIG_DRM_I915_GVT_KVMGT b/baseconfig/CONFIG_DRM_I915_GVT_KVMGT
new file mode 100644
index 000000000..016a41e8a
--- /dev/null
+++ b/baseconfig/CONFIG_DRM_I915_GVT_KVMGT
@@ -0,0 +1 @@
+CONFIG_DRM_I915_GVT_KVMGT=m
diff --git a/baseconfig/CONFIG_DRM_I915_PRELIMINARY_HW_SUPPORT b/baseconfig/CONFIG_DRM_I915_PRELIMINARY_HW_SUPPORT
deleted file mode 100644
index a27b1ec28..000000000
--- a/baseconfig/CONFIG_DRM_I915_PRELIMINARY_HW_SUPPORT
+++ /dev/null
@@ -1 +0,0 @@
-# CONFIG_DRM_I915_PRELIMINARY_HW_SUPPORT is not set
diff --git a/baseconfig/CONFIG_DRM_MXSFB b/baseconfig/CONFIG_DRM_MXSFB
new file mode 100644
index 000000000..e24a8952c
--- /dev/null
+++ b/baseconfig/CONFIG_DRM_MXSFB
@@ -0,0 +1 @@
+CONFIG_DRM_MXSFB=m
diff --git a/baseconfig/CONFIG_DRM_SIL_SII8620 b/baseconfig/CONFIG_DRM_SIL_SII8620
new file mode 100644
index 000000000..9aa2a3752
--- /dev/null
+++ b/baseconfig/CONFIG_DRM_SIL_SII8620
@@ -0,0 +1 @@
+CONFIG_DRM_SIL_SII8620=m
diff --git a/baseconfig/CONFIG_DRM_TI_TFP410 b/baseconfig/CONFIG_DRM_TI_TFP410
new file mode 100644
index 000000000..9d9bec99c
--- /dev/null
+++ b/baseconfig/CONFIG_DRM_TI_TFP410
@@ -0,0 +1 @@
+CONFIG_DRM_TI_TFP410=m
diff --git a/baseconfig/CONFIG_EFI_ALLOW_SECURE_BOOT_EXIT b/baseconfig/CONFIG_EFI_ALLOW_SECURE_BOOT_EXIT
new file mode 100644
index 000000000..652a5bca1
--- /dev/null
+++ b/baseconfig/CONFIG_EFI_ALLOW_SECURE_BOOT_EXIT
@@ -0,0 +1 @@
+# CONFIG_EFI_ALLOW_SECURE_BOOT_EXIT is not set
diff --git a/baseconfig/CONFIG_EFI_SECURE_BOOT_LOCK_DOWN b/baseconfig/CONFIG_EFI_SECURE_BOOT_LOCK_DOWN
new file mode 100644
index 000000000..5d8c2fb51
--- /dev/null
+++ b/baseconfig/CONFIG_EFI_SECURE_BOOT_LOCK_DOWN
@@ -0,0 +1 @@
+# CONFIG_EFI_SECURE_BOOT_LOCK_DOWN is not set
diff --git a/baseconfig/CONFIG_ENVELOPE_DETECTOR b/baseconfig/CONFIG_ENVELOPE_DETECTOR
new file mode 100644
index 000000000..9e523aaef
--- /dev/null
+++ b/baseconfig/CONFIG_ENVELOPE_DETECTOR
@@ -0,0 +1 @@
+CONFIG_ENVELOPE_DETECTOR=m
diff --git a/baseconfig/CONFIG_FENCE_TRACE b/baseconfig/CONFIG_FENCE_TRACE
deleted file mode 100644
index d4949a1bf..000000000
--- a/baseconfig/CONFIG_FENCE_TRACE
+++ /dev/null
@@ -1 +0,0 @@
-# CONFIG_FENCE_TRACE is not set
diff --git a/baseconfig/CONFIG_HT16K33 b/baseconfig/CONFIG_HT16K33
new file mode 100644
index 000000000..be3d45ca3
--- /dev/null
+++ b/baseconfig/CONFIG_HT16K33
@@ -0,0 +1 @@
+CONFIG_HT16K33=m
diff --git a/baseconfig/CONFIG_HTS221 b/baseconfig/CONFIG_HTS221
new file mode 100644
index 000000000..5833fcbfb
--- /dev/null
+++ b/baseconfig/CONFIG_HTS221
@@ -0,0 +1 @@
+CONFIG_HTS221=m
diff --git a/baseconfig/CONFIG_IIO_CROS_EC_SENSORS b/baseconfig/CONFIG_IIO_CROS_EC_SENSORS
new file mode 100644
index 000000000..e93e4c8f0
--- /dev/null
+++ b/baseconfig/CONFIG_IIO_CROS_EC_SENSORS
@@ -0,0 +1 @@
+CONFIG_IIO_CROS_EC_SENSORS=m
diff --git a/baseconfig/CONFIG_IIO_CROS_EC_SENSORS_COR b/baseconfig/CONFIG_IIO_CROS_EC_SENSORS_COR
new file mode 100644
index 000000000..f3d54f70e
--- /dev/null
+++ b/baseconfig/CONFIG_IIO_CROS_EC_SENSORS_COR
@@ -0,0 +1 @@
+CONFIG_IIO_CROS_EC_SENSORS_COR=m
diff --git a/baseconfig/CONFIG_IIO_CROS_EC_SENSORS_CORE b/baseconfig/CONFIG_IIO_CROS_EC_SENSORS_CORE
new file mode 100644
index 000000000..baf78d1ad
--- /dev/null
+++ b/baseconfig/CONFIG_IIO_CROS_EC_SENSORS_CORE
@@ -0,0 +1 @@
+CONFIG_IIO_CROS_EC_SENSORS_CORE=m
diff --git a/baseconfig/CONFIG_INPUT_PM8XXX_VIBRATOR b/baseconfig/CONFIG_INPUT_PM8XXX_VIBRATOR
new file mode 100644
index 000000000..2a1af2b4e
--- /dev/null
+++ b/baseconfig/CONFIG_INPUT_PM8XXX_VIBRATOR
@@ -0,0 +1 @@
+CONFIG_INPUT_PM8XXX_VIBRATOR=m
diff --git a/baseconfig/CONFIG_INPUT_PMIC8XXX_PWRKEY b/baseconfig/CONFIG_INPUT_PMIC8XXX_PWRKEY
new file mode 100644
index 000000000..f14705e77
--- /dev/null
+++ b/baseconfig/CONFIG_INPUT_PMIC8XXX_PWRKEY
@@ -0,0 +1 @@
+CONFIG_INPUT_PMIC8XXX_PWRKEY=m
diff --git a/baseconfig/CONFIG_KEYBOARD_PMIC8XXX b/baseconfig/CONFIG_KEYBOARD_PMIC8XXX
new file mode 100644
index 000000000..6f1ac5483
--- /dev/null
+++ b/baseconfig/CONFIG_KEYBOARD_PMIC8XXX
@@ -0,0 +1 @@
+CONFIG_KEYBOARD_PMIC8XXX=m
diff --git a/baseconfig/CONFIG_LEDS_NIC78BX b/baseconfig/CONFIG_LEDS_NIC78BX
new file mode 100644
index 000000000..40b1f7bc2
--- /dev/null
+++ b/baseconfig/CONFIG_LEDS_NIC78BX
@@ -0,0 +1 @@
+CONFIG_LEDS_NIC78BX=m
diff --git a/baseconfig/CONFIG_LEDS_USER b/baseconfig/CONFIG_LEDS_USER
new file mode 100644
index 000000000..04615335c
--- /dev/null
+++ b/baseconfig/CONFIG_LEDS_USER
@@ -0,0 +1 @@
+CONFIG_LEDS_USER=m
diff --git a/baseconfig/CONFIG_LMP91000 b/baseconfig/CONFIG_LMP91000
new file mode 100644
index 000000000..e8bf3de70
--- /dev/null
+++ b/baseconfig/CONFIG_LMP91000
@@ -0,0 +1 @@
+CONFIG_LMP91000=m
diff --git a/baseconfig/CONFIG_LOCK_DOWN_KERNEL b/baseconfig/CONFIG_LOCK_DOWN_KERNEL
new file mode 100644
index 000000000..c22c35ff2
--- /dev/null
+++ b/baseconfig/CONFIG_LOCK_DOWN_KERNEL
@@ -0,0 +1 @@
+# CONFIG_LOCK_DOWN_KERNEL is not set
diff --git a/baseconfig/CONFIG_MFD_PM8XXX b/baseconfig/CONFIG_MFD_PM8XXX
new file mode 100644
index 000000000..c20d0cb19
--- /dev/null
+++ b/baseconfig/CONFIG_MFD_PM8XXX
@@ -0,0 +1 @@
+CONFIG_MFD_PM8XXX=m
diff --git a/baseconfig/CONFIG_MMC_SDHCI_CADENCE b/baseconfig/CONFIG_MMC_SDHCI_CADENCE
new file mode 100644
index 000000000..a73c6b8f9
--- /dev/null
+++ b/baseconfig/CONFIG_MMC_SDHCI_CADENCE
@@ -0,0 +1 @@
+CONFIG_MMC_SDHCI_CADENCE=m
diff --git a/baseconfig/CONFIG_MPU3050_I2C b/baseconfig/CONFIG_MPU3050_I2C
new file mode 100644
index 000000000..92e6cbf51
--- /dev/null
+++ b/baseconfig/CONFIG_MPU3050_I2C
@@ -0,0 +1 @@
+# CONFIG_MPU3050_I2C is not set
diff --git a/baseconfig/CONFIG_MSM_GCC_8994 b/baseconfig/CONFIG_MSM_GCC_8994
new file mode 100644
index 000000000..b4515acea
--- /dev/null
+++ b/baseconfig/CONFIG_MSM_GCC_8994
@@ -0,0 +1 @@
+# CONFIG_MSM_GCC_8994 is not set
diff --git a/baseconfig/CONFIG_NVME_FC b/baseconfig/CONFIG_NVME_FC
new file mode 100644
index 000000000..2152575d9
--- /dev/null
+++ b/baseconfig/CONFIG_NVME_FC
@@ -0,0 +1 @@
+CONFIG_NVME_FC=m
diff --git a/baseconfig/CONFIG_NVME_TARGET_FC b/baseconfig/CONFIG_NVME_TARGET_FC
new file mode 100644
index 000000000..5d264040c
--- /dev/null
+++ b/baseconfig/CONFIG_NVME_TARGET_FC
@@ -0,0 +1 @@
+CONFIG_NVME_TARGET_FC=m
diff --git a/baseconfig/CONFIG_NVME_TARGET_FCLOOP b/baseconfig/CONFIG_NVME_TARGET_FCLOOP
new file mode 100644
index 000000000..7334e95ad
--- /dev/null
+++ b/baseconfig/CONFIG_NVME_TARGET_FCLOOP
@@ -0,0 +1 @@
+CONFIG_NVME_TARGET_FCLOOP=m
diff --git a/baseconfig/CONFIG_PINCTRL_MSM8994 b/baseconfig/CONFIG_PINCTRL_MSM8994
new file mode 100644
index 000000000..5dd58e746
--- /dev/null
+++ b/baseconfig/CONFIG_PINCTRL_MSM8994
@@ -0,0 +1 @@
+CONFIG_PINCTRL_MSM8994=m
diff --git a/baseconfig/CONFIG_PINCTRL_SX150X b/baseconfig/CONFIG_PINCTRL_SX150X
new file mode 100644
index 000000000..4416b9f36
--- /dev/null
+++ b/baseconfig/CONFIG_PINCTRL_SX150X
@@ -0,0 +1 @@
+# CONFIG_PINCTRL_SX150X is not set
diff --git a/baseconfig/CONFIG_QCOM_ADSP_PIL b/baseconfig/CONFIG_QCOM_ADSP_PIL
new file mode 100644
index 000000000..0aa258124
--- /dev/null
+++ b/baseconfig/CONFIG_QCOM_ADSP_PIL
@@ -0,0 +1 @@
+CONFIG_QCOM_ADSP_PIL=m
diff --git a/baseconfig/CONFIG_QCOM_CLK_RPM b/baseconfig/CONFIG_QCOM_CLK_RPM
new file mode 100644
index 000000000..49d6fe218
--- /dev/null
+++ b/baseconfig/CONFIG_QCOM_CLK_RPM
@@ -0,0 +1 @@
+# CONFIG_QCOM_CLK_RPM is not set
diff --git a/baseconfig/CONFIG_QCOM_CLK_SMD_RPM b/baseconfig/CONFIG_QCOM_CLK_SMD_RPM
new file mode 100644
index 000000000..f84e24848
--- /dev/null
+++ b/baseconfig/CONFIG_QCOM_CLK_SMD_RPM
@@ -0,0 +1 @@
+# CONFIG_QCOM_CLK_SMD_RPM is not set
diff --git a/baseconfig/CONFIG_REMOTEPROC b/baseconfig/CONFIG_REMOTEPROC
new file mode 100644
index 000000000..5a1f9df99
--- /dev/null
+++ b/baseconfig/CONFIG_REMOTEPROC
@@ -0,0 +1 @@
+CONFIG_REMOTEPROC=m
diff --git a/baseconfig/CONFIG_RTC_DRV_PM8XXX b/baseconfig/CONFIG_RTC_DRV_PM8XXX
new file mode 100644
index 000000000..adc778ea4
--- /dev/null
+++ b/baseconfig/CONFIG_RTC_DRV_PM8XXX
@@ -0,0 +1 @@
+CONFIG_RTC_DRV_PM8XXX=m
diff --git a/baseconfig/CONFIG_SCR24X b/baseconfig/CONFIG_SCR24X
new file mode 100644
index 000000000..de80aaf3e
--- /dev/null
+++ b/baseconfig/CONFIG_SCR24X
@@ -0,0 +1 @@
+# CONFIG_SCR24X is not set
diff --git a/baseconfig/CONFIG_SENSORS_TC654 b/baseconfig/CONFIG_SENSORS_TC654
new file mode 100644
index 000000000..96736a73a
--- /dev/null
+++ b/baseconfig/CONFIG_SENSORS_TC654
@@ -0,0 +1 @@
+CONFIG_SENSORS_TC654=m
diff --git a/baseconfig/CONFIG_SENSORS_TMP108 b/baseconfig/CONFIG_SENSORS_TMP108
new file mode 100644
index 000000000..3a5133c23
--- /dev/null
+++ b/baseconfig/CONFIG_SENSORS_TMP108
@@ -0,0 +1 @@
+CONFIG_SENSORS_TMP108=m
diff --git a/baseconfig/CONFIG_SPI_ARMADA_3700 b/baseconfig/CONFIG_SPI_ARMADA_3700
new file mode 100644
index 000000000..f245ed398
--- /dev/null
+++ b/baseconfig/CONFIG_SPI_ARMADA_3700
@@ -0,0 +1 @@
+CONFIG_SPI_ARMADA_3700=m
diff --git a/baseconfig/CONFIG_SPI_FSL_LPSPI b/baseconfig/CONFIG_SPI_FSL_LPSPI
new file mode 100644
index 000000000..347930b05
--- /dev/null
+++ b/baseconfig/CONFIG_SPI_FSL_LPSPI
@@ -0,0 +1 @@
+CONFIG_SPI_FSL_LPSPI=m
diff --git a/baseconfig/CONFIG_SUN50I_A64_CCU b/baseconfig/CONFIG_SUN50I_A64_CCU
new file mode 100644
index 000000000..9ce6c792a
--- /dev/null
+++ b/baseconfig/CONFIG_SUN50I_A64_CCU
@@ -0,0 +1 @@
+# CONFIG_SUN50I_A64_CCU is not set
diff --git a/baseconfig/CONFIG_TEST_ASYNC_DRIVER_PROBE b/baseconfig/CONFIG_TEST_ASYNC_DRIVER_PROBE
new file mode 100644
index 000000000..40f4a33e8
--- /dev/null
+++ b/baseconfig/CONFIG_TEST_ASYNC_DRIVER_PROBE
@@ -0,0 +1 @@
+CONFIG_TEST_ASYNC_DRIVER_PROBE=m
diff --git a/baseconfig/CONFIG_UIO_HV_GENERIC b/baseconfig/CONFIG_UIO_HV_GENERIC
new file mode 100644
index 000000000..12f0b2b2a
--- /dev/null
+++ b/baseconfig/CONFIG_UIO_HV_GENERIC
@@ -0,0 +1 @@
+CONFIG_UIO_HV_GENERIC=m
diff --git a/baseconfig/CONFIG_USB_SERIAL_F8153X b/baseconfig/CONFIG_USB_SERIAL_F8153X
new file mode 100644
index 000000000..94dd9f277
--- /dev/null
+++ b/baseconfig/CONFIG_USB_SERIAL_F8153X
@@ -0,0 +1 @@
+CONFIG_USB_SERIAL_F8153X=m
diff --git a/baseconfig/CONFIG_VFIO_MDEV b/baseconfig/CONFIG_VFIO_MDEV
new file mode 100644
index 000000000..6657966d9
--- /dev/null
+++ b/baseconfig/CONFIG_VFIO_MDEV
@@ -0,0 +1 @@
+CONFIG_VFIO_MDEV=m
diff --git a/baseconfig/CONFIG_VFIO_MDEV_DEVICE b/baseconfig/CONFIG_VFIO_MDEV_DEVICE
new file mode 100644
index 000000000..5030e7f1e
--- /dev/null
+++ b/baseconfig/CONFIG_VFIO_MDEV_DEVICE
@@ -0,0 +1 @@
+CONFIG_VFIO_MDEV_DEVICE=m
diff --git a/baseconfig/arm/arm64/CONFIG_ACPI_APEI b/baseconfig/arm/arm64/CONFIG_ACPI_APEI
new file mode 100644
index 000000000..9ab33facf
--- /dev/null
+++ b/baseconfig/arm/arm64/CONFIG_ACPI_APEI
@@ -0,0 +1 @@
+CONFIG_ACPI_APEI=y
diff --git a/baseconfig/arm/arm64/CONFIG_ACPI_APEI_EINJ b/baseconfig/arm/arm64/CONFIG_ACPI_APEI_EINJ
new file mode 100644
index 000000000..2d03b69a1
--- /dev/null
+++ b/baseconfig/arm/arm64/CONFIG_ACPI_APEI_EINJ
@@ -0,0 +1 @@
+# CONFIG_ACPI_APEI_EINJ is not set
diff --git a/baseconfig/arm/arm64/CONFIG_ACPI_APEI_ERST_DEBUG b/baseconfig/arm/arm64/CONFIG_ACPI_APEI_ERST_DEBUG
new file mode 100644
index 000000000..235760d40
--- /dev/null
+++ b/baseconfig/arm/arm64/CONFIG_ACPI_APEI_ERST_DEBUG
@@ -0,0 +1 @@
+# CONFIG_ACPI_APEI_ERST_DEBUG is not set
diff --git a/baseconfig/arm/arm64/CONFIG_ACPI_APEI_GHES b/baseconfig/arm/arm64/CONFIG_ACPI_APEI_GHES
new file mode 100644
index 000000000..8fd037d8f
--- /dev/null
+++ b/baseconfig/arm/arm64/CONFIG_ACPI_APEI_GHES
@@ -0,0 +1 @@
+CONFIG_ACPI_APEI_GHES=y
diff --git a/baseconfig/arm/arm64/CONFIG_ACPI_APEI_PCIEAER b/baseconfig/arm/arm64/CONFIG_ACPI_APEI_PCIEAER
new file mode 100644
index 000000000..26f3e9129
--- /dev/null
+++ b/baseconfig/arm/arm64/CONFIG_ACPI_APEI_PCIEAER
@@ -0,0 +1 @@
+CONFIG_ACPI_APEI_PCIEAER=y
diff --git a/baseconfig/arm/arm64/CONFIG_ARM64_PTDUMP_DEBUGFS b/baseconfig/arm/arm64/CONFIG_ARM64_PTDUMP_DEBUGFS
new file mode 100644
index 000000000..2d698a99e
--- /dev/null
+++ b/baseconfig/arm/arm64/CONFIG_ARM64_PTDUMP_DEBUGFS
@@ -0,0 +1 @@
+CONFIG_ARM64_PTDUMP_DEBUGFS=y
diff --git a/baseconfig/arm/arm64/CONFIG_DEBUG_WX b/baseconfig/arm/arm64/CONFIG_DEBUG_WX
new file mode 100644
index 000000000..95e08f44b
--- /dev/null
+++ b/baseconfig/arm/arm64/CONFIG_DEBUG_WX
@@ -0,0 +1 @@
+CONFIG_DEBUG_WX=y
diff --git a/baseconfig/x86/CONFIG_AMD_XGBE b/baseconfig/x86/CONFIG_AMD_XGBE
new file mode 100644
index 000000000..27be1a7ee
--- /dev/null
+++ b/baseconfig/x86/CONFIG_AMD_XGBE
@@ -0,0 +1 @@
+CONFIG_AMD_XGBE=m
diff --git a/baseconfig/x86/CONFIG_AMD_XGBE_DCB b/baseconfig/x86/CONFIG_AMD_XGBE_DCB
new file mode 100644
index 000000000..f3cdcca89
--- /dev/null
+++ b/baseconfig/x86/CONFIG_AMD_XGBE_DCB
@@ -0,0 +1 @@
+CONFIG_AMD_XGBE_DCB=y
diff --git a/baseconfig/x86/CONFIG_APPLE_PROPERTIES b/baseconfig/x86/CONFIG_APPLE_PROPERTIES
new file mode 100644
index 000000000..536ecf6bf
--- /dev/null
+++ b/baseconfig/x86/CONFIG_APPLE_PROPERTIES
@@ -0,0 +1 @@
+CONFIG_APPLE_PROPERTIES=y
diff --git a/baseconfig/x86/CONFIG_EFI_ALLOW_SECURE_BOOT_EXIT b/baseconfig/x86/CONFIG_EFI_ALLOW_SECURE_BOOT_EXIT
new file mode 100644
index 000000000..9a27fcc5a
--- /dev/null
+++ b/baseconfig/x86/CONFIG_EFI_ALLOW_SECURE_BOOT_EXIT
@@ -0,0 +1 @@
+CONFIG_EFI_ALLOW_SECURE_BOOT_EXIT=y
diff --git a/baseconfig/x86/CONFIG_EFI_SECURE_BOOT_LOCK_DOWN b/baseconfig/x86/CONFIG_EFI_SECURE_BOOT_LOCK_DOWN
new file mode 100644
index 000000000..a8b3307f2
--- /dev/null
+++ b/baseconfig/x86/CONFIG_EFI_SECURE_BOOT_LOCK_DOWN
@@ -0,0 +1 @@
+CONFIG_EFI_SECURE_BOOT_LOCK_DOWN=y
diff --git a/baseconfig/x86/CONFIG_LOCK_DOWN_KERNEL b/baseconfig/x86/CONFIG_LOCK_DOWN_KERNEL
new file mode 100644
index 000000000..e99bff22d
--- /dev/null
+++ b/baseconfig/x86/CONFIG_LOCK_DOWN_KERNEL
@@ -0,0 +1 @@
+CONFIG_LOCK_DOWN_KERNEL=y
diff --git a/baseconfig/x86/CONFIG_SCHED_MC_PRIO b/baseconfig/x86/CONFIG_SCHED_MC_PRIO
new file mode 100644
index 000000000..893581e34
--- /dev/null
+++ b/baseconfig/x86/CONFIG_SCHED_MC_PRIO
@@ -0,0 +1 @@
+CONFIG_SCHED_MC_PRIO=y
diff --git a/bcm283x-vc4-fixes.patch b/bcm283x-vc4-fixes.patch
deleted file mode 100644
index d42ceb62a..000000000
--- a/bcm283x-vc4-fixes.patch
+++ /dev/null
@@ -1,43 +0,0 @@
-From 30772942cc1095c3129eecfa182e2c568e566b9d Mon Sep 17 00:00:00 2001
-From: Dan Carpenter <dan.carpenter@oracle.com>
-Date: Thu, 13 Oct 2016 11:54:31 +0300
-Subject: [PATCH] drm/vc4: Fix a couple error codes in vc4_cl_lookup_bos()
-
-If the allocation fails the current code returns success.  If
-copy_from_user() fails it returns the number of bytes remaining instead
-of -EFAULT.
-
-Fixes: d5b1a78a772f ("drm/vc4: Add support for drawing 3D frames.")
-Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com>
-Reviewed-by: Eric Anholt <eric@anholt.net>
----
- drivers/gpu/drm/vc4/vc4_gem.c | 9 +++++----
- 1 file changed, 5 insertions(+), 4 deletions(-)
-
-diff --git a/drivers/gpu/drm/vc4/vc4_gem.c b/drivers/gpu/drm/vc4/vc4_gem.c
-index ae1609e..4050540 100644
---- a/drivers/gpu/drm/vc4/vc4_gem.c
-+++ b/drivers/gpu/drm/vc4/vc4_gem.c
-@@ -548,14 +548,15 @@ vc4_cl_lookup_bos(struct drm_device *dev,
- 
- 	handles = drm_malloc_ab(exec->bo_count, sizeof(uint32_t));
- 	if (!handles) {
-+		ret = -ENOMEM;
- 		DRM_ERROR("Failed to allocate incoming GEM handles\n");
- 		goto fail;
- 	}
- 
--	ret = copy_from_user(handles,
--			     (void __user *)(uintptr_t)args->bo_handles,
--			     exec->bo_count * sizeof(uint32_t));
--	if (ret) {
-+	if (copy_from_user(handles,
-+			   (void __user *)(uintptr_t)args->bo_handles,
-+			   exec->bo_count * sizeof(uint32_t))) {
-+		ret = -EFAULT;
- 		DRM_ERROR("Failed to copy in GEM handles\n");
- 		goto fail;
- 	}
--- 
-2.9.3
-
diff --git a/drm-i915-hush-check-crtc-state.patch b/drm-i915-hush-check-crtc-state.patch
index acf05056c..79deab178 100644
--- a/drm-i915-hush-check-crtc-state.patch
+++ b/drm-i915-hush-check-crtc-state.patch
@@ -20,7 +20,7 @@ index 46f9be3ad5a2..ad2e62e4cdba 100644
 +++ b/drivers/gpu/drm/i915/intel_display.c
 @@ -12970,7 +12970,7 @@ verify_crtc_state(struct drm_crtc *crtc,
  	sw_config = to_intel_crtc_state(crtc->state);
- 	if (!intel_pipe_config_compare(dev, sw_config,
+ 	if (!intel_pipe_config_compare(dev_priv, sw_config,
  				       pipe_config, false)) {
 -		I915_STATE_WARN(1, "pipe state doesn't match!\n");
 +		DRM_DEBUG_KMS("pipe state doesn't match!\n");
diff --git a/efi-lockdown.patch b/efi-lockdown.patch
new file mode 100644
index 000000000..b848ee1a6
--- /dev/null
+++ b/efi-lockdown.patch
@@ -0,0 +1,2159 @@
+From d1d5053106cd1f8b2ae52fb6ffb2962f76053bf0 Mon Sep 17 00:00:00 2001
+From: Ard Biesheuvel <ard.biesheuvel@linaro.org>
+Date: Wed, 23 Nov 2016 10:42:44 +0000
+Subject: [PATCH 01/32] efi: use typed function pointers for runtime services
+ table
+
+Instead of using void pointers, and casting them to correctly typed
+function pointers upon use, declare the runtime services pointers
+as function pointers using their respective prototypes, for which
+typedefs are already available.
+
+Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
+Signed-off-by: David Howells <dhowells@redhat.com>
+---
+ include/linux/efi.h | 36 ++++++++++++++++++------------------
+ 1 file changed, 18 insertions(+), 18 deletions(-)
+
+diff --git a/include/linux/efi.h b/include/linux/efi.h
+index a07a476..93a82de 100644
+--- a/include/linux/efi.h
++++ b/include/linux/efi.h
+@@ -508,24 +508,6 @@ typedef struct {
+ 	u64 query_variable_info;
+ } efi_runtime_services_64_t;
+
+-typedef struct {
+-	efi_table_hdr_t hdr;
+-	void *get_time;
+-	void *set_time;
+-	void *get_wakeup_time;
+-	void *set_wakeup_time;
+-	void *set_virtual_address_map;
+-	void *convert_pointer;
+-	void *get_variable;
+-	void *get_next_variable;
+-	void *set_variable;
+-	void *get_next_high_mono_count;
+-	void *reset_system;
+-	void *update_capsule;
+-	void *query_capsule_caps;
+-	void *query_variable_info;
+-} efi_runtime_services_t;
+-
+ typedef efi_status_t efi_get_time_t (efi_time_t *tm, efi_time_cap_t *tc);
+ typedef efi_status_t efi_set_time_t (efi_time_t *tm);
+ typedef efi_status_t efi_get_wakeup_time_t (efi_bool_t *enabled, efi_bool_t *pending,
+@@ -560,6 +542,24 @@ typedef efi_status_t efi_query_variable_store_t(u32 attributes,
+ 						unsigned long size,
+ 						bool nonblocking);
+
++typedef struct {
++	efi_table_hdr_t			hdr;
++	efi_get_time_t			*get_time;
++	efi_set_time_t			*set_time;
++	efi_get_wakeup_time_t		*get_wakeup_time;
++	efi_set_wakeup_time_t		*set_wakeup_time;
++	efi_set_virtual_address_map_t	*set_virtual_address_map;
++	void				*convert_pointer;
++	efi_get_variable_t		*get_variable;
++	efi_get_next_variable_t		*get_next_variable;
++	efi_set_variable_t		*set_variable;
++	efi_get_next_high_mono_count_t	*get_next_high_mono_count;
++	efi_reset_system_t		*reset_system;
++	efi_update_capsule_t		*update_capsule;
++	efi_query_capsule_caps_t	*query_capsule_caps;
++	efi_query_variable_info_t	*query_variable_info;
++} efi_runtime_services_t;
++
+ void efi_native_runtime_setup(void);
+
+ /*
+-- 
+2.9.3
+
+From 150ebd38630a3ac558b8ab839a7c7e5fd41cc5a8 Mon Sep 17 00:00:00 2001
+From: David Howells <dhowells@redhat.com>
+Date: Mon, 21 Nov 2016 23:36:31 +0000
+Subject: [PATCH 02/32] x86/efi: Allow invocation of arbitrary runtime services
+
+Provide the ability to perform mixed-mode runtime service calls for x86 in
+the same way that commit 0a637ee61247bd4bed9b2a07568ef7a1cfc76187
+("x86/efi: Allow invocation of arbitrary boot services") provides the
+ability to invoke arbitrary boot services.
+
+Suggested-by: Lukas Wunner <lukas@wunner.de>
+Signed-off-by: David Howells <dhowells@redhat.com>
+---
+ arch/x86/boot/compressed/eboot.c   | 1 +
+ arch/x86/boot/compressed/head_32.S | 6 +++---
+ arch/x86/boot/compressed/head_64.S | 8 ++++----
+ arch/x86/include/asm/efi.h         | 5 +++++
+ 4 files changed, 13 insertions(+), 7 deletions(-)
+
+diff --git a/arch/x86/boot/compressed/eboot.c b/arch/x86/boot/compressed/eboot.c
+index ff01c8f..c8c32eb 100644
+--- a/arch/x86/boot/compressed/eboot.c
++++ b/arch/x86/boot/compressed/eboot.c
+@@ -32,6 +32,7 @@ static void setup_boot_services##bits(struct efi_config *c)		\
+ 									\
+ 	table = (typeof(table))sys_table;				\
+ 									\
++	c->runtime_services = table->runtime;				\
+ 	c->boot_services = table->boottime;				\
+ 	c->text_output = table->con_out;				\
+ }
+diff --git a/arch/x86/boot/compressed/head_32.S b/arch/x86/boot/compressed/head_32.S
+index fd0b6a2..d85b962 100644
+--- a/arch/x86/boot/compressed/head_32.S
++++ b/arch/x86/boot/compressed/head_32.S
+@@ -82,7 +82,7 @@ ENTRY(efi_pe_entry)
+
+ 	/* Relocate efi_config->call() */
+ 	leal	efi32_config(%esi), %eax
+-	add	%esi, 32(%eax)
++	add	%esi, 40(%eax)
+ 	pushl	%eax
+
+ 	call	make_boot_params
+@@ -108,7 +108,7 @@ ENTRY(efi32_stub_entry)
+
+ 	/* Relocate efi_config->call() */
+ 	leal	efi32_config(%esi), %eax
+-	add	%esi, 32(%eax)
++	add	%esi, 40(%eax)
+ 	pushl	%eax
+ 2:
+ 	call	efi_main
+@@ -264,7 +264,7 @@ relocated:
+ #ifdef CONFIG_EFI_STUB
+ 	.data
+ efi32_config:
+-	.fill 4,8,0
++	.fill 5,8,0
+ 	.long efi_call_phys
+ 	.long 0
+ 	.byte 0
+diff --git a/arch/x86/boot/compressed/head_64.S b/arch/x86/boot/compressed/head_64.S
+index efdfba2..beab832 100644
+--- a/arch/x86/boot/compressed/head_64.S
++++ b/arch/x86/boot/compressed/head_64.S
+@@ -265,7 +265,7 @@ ENTRY(efi_pe_entry)
+ 	/*
+ 	 * Relocate efi_config->call().
+ 	 */
+-	addq	%rbp, efi64_config+32(%rip)
++	addq	%rbp, efi64_config+40(%rip)
+
+ 	movq	%rax, %rdi
+ 	call	make_boot_params
+@@ -285,7 +285,7 @@ handover_entry:
+ 	 * Relocate efi_config->call().
+ 	 */
+ 	movq	efi_config(%rip), %rax
+-	addq	%rbp, 32(%rax)
++	addq	%rbp, 40(%rax)
+ 2:
+ 	movq	efi_config(%rip), %rdi
+ 	call	efi_main
+@@ -457,14 +457,14 @@ efi_config:
+ #ifdef CONFIG_EFI_MIXED
+ 	.global efi32_config
+ efi32_config:
+-	.fill	4,8,0
++	.fill	5,8,0
+ 	.quad	efi64_thunk
+ 	.byte	0
+ #endif
+
+ 	.global efi64_config
+ efi64_config:
+-	.fill	4,8,0
++	.fill	5,8,0
+ 	.quad	efi_call
+ 	.byte	1
+ #endif /* CONFIG_EFI_STUB */
+diff --git a/arch/x86/include/asm/efi.h b/arch/x86/include/asm/efi.h
+index e99675b..2f77bce 100644
+--- a/arch/x86/include/asm/efi.h
++++ b/arch/x86/include/asm/efi.h
+@@ -191,6 +191,7 @@ static inline efi_status_t efi_thunk_set_virtual_address_map(
+ struct efi_config {
+ 	u64 image_handle;
+ 	u64 table;
++	u64 runtime_services;
+ 	u64 boot_services;
+ 	u64 text_output;
+ 	efi_status_t (*call)(unsigned long, ...);
+@@ -226,6 +227,10 @@ static inline bool efi_is_64bit(void)
+ #define __efi_call_early(f, ...)					\
+ 	__efi_early()->call((unsigned long)f, __VA_ARGS__);
+
++#define efi_call_runtime(f, ...)					\
++	__efi_early()->call(efi_table_attr(efi_runtime_services, f,	\
++		__efi_early()->runtime_services), __VA_ARGS__)
++
+ extern bool efi_reboot_required(void);
+
+ #else
+-- 
+2.9.3
+
+From 1342301133b5619b79f3288acf7e39450f8ba34f Mon Sep 17 00:00:00 2001
+From: David Howells <dhowells@redhat.com>
+Date: Tue, 22 Nov 2016 00:20:00 +0000
+Subject: [PATCH 03/32] arm/efi: Allow invocation of arbitrary runtime services
+
+efi_call_runtime() is provided for x86 to be able abstract mixed mode
+support.  Provide this for ARM also so that common code work in mixed mode
+also.
+
+Suggested-by: Lukas Wunner <lukas@wunner.de>
+Signed-off-by: David Howells <dhowells@redhat.com>
+---
+ arch/arm/include/asm/efi.h   | 1 +
+ arch/arm64/include/asm/efi.h | 1 +
+ 2 files changed, 2 insertions(+)
+
+diff --git a/arch/arm/include/asm/efi.h b/arch/arm/include/asm/efi.h
+index 0b06f53..e4e6a9d6 100644
+--- a/arch/arm/include/asm/efi.h
++++ b/arch/arm/include/asm/efi.h
+@@ -55,6 +55,7 @@ void efi_virtmap_unload(void);
+
+ #define efi_call_early(f, ...)		sys_table_arg->boottime->f(__VA_ARGS__)
+ #define __efi_call_early(f, ...)	f(__VA_ARGS__)
++#define efi_call_runtime(f, ...)	sys_table_arg->runtime->f(__VA_ARGS__)
+ #define efi_is_64bit()			(false)
+
+ #define efi_call_proto(protocol, f, instance, ...)			\
+diff --git a/arch/arm64/include/asm/efi.h b/arch/arm64/include/asm/efi.h
+index 771b3f0..d74ae22 100644
+--- a/arch/arm64/include/asm/efi.h
++++ b/arch/arm64/include/asm/efi.h
+@@ -49,6 +49,7 @@ int efi_set_mapping_permissions(struct mm_struct *mm, efi_memory_desc_t *md);
+
+ #define efi_call_early(f, ...)		sys_table_arg->boottime->f(__VA_ARGS__)
+ #define __efi_call_early(f, ...)	f(__VA_ARGS__)
++#define efi_call_runtime(f, ...)	sys_table_arg->runtime->f(__VA_ARGS__)
+ #define efi_is_64bit()			(true)
+
+ #define efi_call_proto(protocol, f, instance, ...)			\
+-- 
+2.9.3
+
+From 2e25c5beef2a97abbb660e707bced77c0eb0ace9 Mon Sep 17 00:00:00 2001
+From: David Howells <dhowells@redhat.com>
+Date: Tue, 22 Nov 2016 00:10:55 +0000
+Subject: [PATCH 04/32] efi: Add SHIM and image security database GUID
+ definitions
+
+Add the definitions for shim and image security database, both of which
+are used widely in various Linux distros.
+
+Signed-off-by: Josh Boyer <jwboyer@fedoraproject.org>
+Signed-off-by: David Howells <dhowells@redhat.com>
+Reviewed-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
+---
+ include/linux/efi.h | 3 +++
+ 1 file changed, 3 insertions(+)
+
+diff --git a/include/linux/efi.h b/include/linux/efi.h
+index 93a82de..c790455 100644
+--- a/include/linux/efi.h
++++ b/include/linux/efi.h
+@@ -610,6 +610,9 @@ void efi_native_runtime_setup(void);
+ #define EFI_CONSOLE_OUT_DEVICE_GUID		EFI_GUID(0xd3b36f2c, 0xd551, 0x11d4,  0x9a, 0x46, 0x00, 0x90, 0x27, 0x3f, 0xc1, 0x4d)
+ #define APPLE_PROPERTIES_PROTOCOL_GUID		EFI_GUID(0x91bd12fe, 0xf6c3, 0x44fb,  0xa5, 0xb7, 0x51, 0x22, 0xab, 0x30, 0x3a, 0xe0)
+
++#define EFI_IMAGE_SECURITY_DATABASE_GUID	EFI_GUID(0xd719b2cb, 0x3d3a, 0x4596, 0xa3, 0xbc, 0xda, 0xd0, 0x0e, 0x67, 0x65, 0x6f)
++#define EFI_SHIM_LOCK_GUID			EFI_GUID(0x605dab50, 0xe046, 0x4300, 0xab, 0xb6, 0x3d, 0xd8, 0x10, 0xdd, 0x8b, 0x23)
++
+ /*
+  * This GUID is used to pass to the kernel proper the struct screen_info
+  * structure that was populated by the stub based on the GOP protocol instance
+-- 
+2.9.3
+
+From 820d2f84670080c406bad4c8469e80e1e5f8a191 Mon Sep 17 00:00:00 2001
+From: David Howells <dhowells@redhat.com>
+Date: Mon, 21 Nov 2016 23:55:55 +0000
+Subject: [PATCH 05/32] efi: Get the secure boot status
+
+Get the firmware's secure-boot status in the kernel boot wrapper and stash
+it somewhere that the main kernel image can find.
+
+The efi_get_secureboot() function is extracted from the arm stub and (a)
+generalised so that it can be called from x86 and (b) made to use
+efi_call_runtime() so that it can be run in mixed-mode.
+
+Suggested-by: Lukas Wunner <lukas@wunner.de>
+Signed-off-by: David Howells <dhowells@redhat.com>
+---
+ Documentation/x86/zero-page.txt           |  2 +
+ arch/x86/boot/compressed/eboot.c          |  2 +
+ arch/x86/boot/compressed/head_32.S        |  1 +
+ arch/x86/boot/compressed/head_64.S        |  1 +
+ arch/x86/include/asm/bootparam_utils.h    |  5 ++-
+ arch/x86/include/uapi/asm/bootparam.h     |  3 +-
+ arch/x86/kernel/asm-offsets.c             |  1 +
+ drivers/firmware/efi/libstub/Makefile     |  2 +-
+ drivers/firmware/efi/libstub/arm-stub.c   | 58 ++-------------------------
+ drivers/firmware/efi/libstub/secureboot.c | 66 +++++++++++++++++++++++++++++++
+ include/linux/efi.h                       |  8 ++++
+ 11 files changed, 90 insertions(+), 59 deletions(-)
+ create mode 100644 drivers/firmware/efi/libstub/secureboot.c
+
+diff --git a/Documentation/x86/zero-page.txt b/Documentation/x86/zero-page.txt
+index 95a4d34..b8527c6 100644
+--- a/Documentation/x86/zero-page.txt
++++ b/Documentation/x86/zero-page.txt
+@@ -31,6 +31,8 @@ Offset	Proto	Name		Meaning
+ 1E9/001	ALL	eddbuf_entries	Number of entries in eddbuf (below)
+ 1EA/001	ALL	edd_mbr_sig_buf_entries	Number of entries in edd_mbr_sig_buffer
+ 				(below)
++1EB/001	ALL     kbd_status      Numlock is enabled
++1EC/001	ALL     secure_boot	Secure boot is enabled in the firmware
+ 1EF/001	ALL	sentinel	Used to detect broken bootloaders
+ 290/040	ALL	edd_mbr_sig_buffer EDD MBR signatures
+ 2D0/A00	ALL	e820_map	E820 memory map table
+diff --git a/arch/x86/boot/compressed/eboot.c b/arch/x86/boot/compressed/eboot.c
+index c8c32eb..5b151c2 100644
+--- a/arch/x86/boot/compressed/eboot.c
++++ b/arch/x86/boot/compressed/eboot.c
+@@ -1158,6 +1158,8 @@ struct boot_params *efi_main(struct efi_config *c,
+ 	else
+ 		setup_boot_services32(efi_early);
+
++	boot_params->secure_boot = efi_get_secureboot(sys_table);
++
+ 	setup_graphics(boot_params);
+
+ 	setup_efi_pci(boot_params);
+diff --git a/arch/x86/boot/compressed/head_32.S b/arch/x86/boot/compressed/head_32.S
+index d85b962..c635f7e 100644
+--- a/arch/x86/boot/compressed/head_32.S
++++ b/arch/x86/boot/compressed/head_32.S
+@@ -61,6 +61,7 @@
+
+ 	__HEAD
+ ENTRY(startup_32)
++	movb	$0, BP_secure_boot(%esi)
+ #ifdef CONFIG_EFI_STUB
+ 	jmp	preferred_addr
+
+diff --git a/arch/x86/boot/compressed/head_64.S b/arch/x86/boot/compressed/head_64.S
+index beab832..ccd2c74 100644
+--- a/arch/x86/boot/compressed/head_64.S
++++ b/arch/x86/boot/compressed/head_64.S
+@@ -244,6 +244,7 @@ ENTRY(startup_64)
+ 	 * that maps our entire kernel(text+data+bss+brk), zero page
+ 	 * and command line.
+ 	 */
++	movb	$0, BP_secure_boot(%rsi)
+ #ifdef CONFIG_EFI_STUB
+ 	/*
+ 	 * The entry point for the PE/COFF executable is efi_pe_entry, so
+diff --git a/arch/x86/include/asm/bootparam_utils.h b/arch/x86/include/asm/bootparam_utils.h
+index 4a8cb8d..7e16d53 100644
+--- a/arch/x86/include/asm/bootparam_utils.h
++++ b/arch/x86/include/asm/bootparam_utils.h
+@@ -38,9 +38,10 @@ static void sanitize_boot_params(struct boot_params *boot_params)
+ 		memset(&boot_params->ext_ramdisk_image, 0,
+ 		       (char *)&boot_params->efi_info -
+ 			(char *)&boot_params->ext_ramdisk_image);
+-		memset(&boot_params->kbd_status, 0,
++		boot_params->kbd_status = 0;
++		memset(&boot_params->_pad5, 0,
+ 		       (char *)&boot_params->hdr -
+-		       (char *)&boot_params->kbd_status);
++		       (char *)&boot_params->_pad5);
+ 		memset(&boot_params->_pad7[0], 0,
+ 		       (char *)&boot_params->edd_mbr_sig_buffer[0] -
+ 			(char *)&boot_params->_pad7[0]);
+diff --git a/arch/x86/include/uapi/asm/bootparam.h b/arch/x86/include/uapi/asm/bootparam.h
+index b10bf31..5138dac 100644
+--- a/arch/x86/include/uapi/asm/bootparam.h
++++ b/arch/x86/include/uapi/asm/bootparam.h
+@@ -135,7 +135,8 @@ struct boot_params {
+ 	__u8  eddbuf_entries;				/* 0x1e9 */
+ 	__u8  edd_mbr_sig_buf_entries;			/* 0x1ea */
+ 	__u8  kbd_status;				/* 0x1eb */
+-	__u8  _pad5[3];					/* 0x1ec */
++	__u8  secure_boot;				/* 0x1ec */
++	__u8  _pad5[2];					/* 0x1ed */
+ 	/*
+ 	 * The sentinel is set to a nonzero value (0xff) in header.S.
+ 	 *
+diff --git a/arch/x86/kernel/asm-offsets.c b/arch/x86/kernel/asm-offsets.c
+index c62e015..de827d6 100644
+--- a/arch/x86/kernel/asm-offsets.c
++++ b/arch/x86/kernel/asm-offsets.c
+@@ -81,6 +81,7 @@ void common(void) {
+
+ 	BLANK();
+ 	OFFSET(BP_scratch, boot_params, scratch);
++	OFFSET(BP_secure_boot, boot_params, secure_boot);
+ 	OFFSET(BP_loadflags, boot_params, hdr.loadflags);
+ 	OFFSET(BP_hardware_subarch, boot_params, hdr.hardware_subarch);
+ 	OFFSET(BP_version, boot_params, hdr.version);
+diff --git a/drivers/firmware/efi/libstub/Makefile b/drivers/firmware/efi/libstub/Makefile
+index 6621b13..9af9668 100644
+--- a/drivers/firmware/efi/libstub/Makefile
++++ b/drivers/firmware/efi/libstub/Makefile
+@@ -28,7 +28,7 @@ OBJECT_FILES_NON_STANDARD	:= y
+ # Prevents link failures: __sanitizer_cov_trace_pc() is not linked in.
+ KCOV_INSTRUMENT			:= n
+
+-lib-y				:= efi-stub-helper.o gop.o
++lib-y				:= efi-stub-helper.o gop.o secureboot.o
+
+ # include the stub's generic dependencies from lib/ when building for ARM/arm64
+ arm-deps := fdt_rw.c fdt_ro.c fdt_wip.c fdt.c fdt_empty_tree.c fdt_sw.c sort.c
+diff --git a/drivers/firmware/efi/libstub/arm-stub.c b/drivers/firmware/efi/libstub/arm-stub.c
+index b4f7d78..06d5034 100644
+--- a/drivers/firmware/efi/libstub/arm-stub.c
++++ b/drivers/firmware/efi/libstub/arm-stub.c
+@@ -20,52 +20,6 @@
+
+ bool __nokaslr;
+
+-static int efi_get_secureboot(efi_system_table_t *sys_table_arg)
+-{
+-	static efi_char16_t const sb_var_name[] = {
+-		'S', 'e', 'c', 'u', 'r', 'e', 'B', 'o', 'o', 't', 0 };
+-	static efi_char16_t const sm_var_name[] = {
+-		'S', 'e', 't', 'u', 'p', 'M', 'o', 'd', 'e', 0 };
+-
+-	efi_guid_t var_guid = EFI_GLOBAL_VARIABLE_GUID;
+-	efi_get_variable_t *f_getvar = sys_table_arg->runtime->get_variable;
+-	u8 val;
+-	unsigned long size = sizeof(val);
+-	efi_status_t status;
+-
+-	status = f_getvar((efi_char16_t *)sb_var_name, (efi_guid_t *)&var_guid,
+-			  NULL, &size, &val);
+-
+-	if (status != EFI_SUCCESS)
+-		goto out_efi_err;
+-
+-	if (val == 0)
+-		return 0;
+-
+-	status = f_getvar((efi_char16_t *)sm_var_name, (efi_guid_t *)&var_guid,
+-			  NULL, &size, &val);
+-
+-	if (status != EFI_SUCCESS)
+-		goto out_efi_err;
+-
+-	if (val == 1)
+-		return 0;
+-
+-	return 1;
+-
+-out_efi_err:
+-	switch (status) {
+-	case EFI_NOT_FOUND:
+-		return 0;
+-	case EFI_DEVICE_ERROR:
+-		return -EIO;
+-	case EFI_SECURITY_VIOLATION:
+-		return -EACCES;
+-	default:
+-		return -EINVAL;
+-	}
+-}
+-
+ efi_status_t efi_open_volume(efi_system_table_t *sys_table_arg,
+ 			     void *__image, void **__fh)
+ {
+@@ -226,7 +180,7 @@ unsigned long efi_entry(void *handle, efi_system_table_t *sys_table,
+ 	efi_guid_t loaded_image_proto = LOADED_IMAGE_PROTOCOL_GUID;
+ 	unsigned long reserve_addr = 0;
+ 	unsigned long reserve_size = 0;
+-	int secure_boot = 0;
++	enum efi_secureboot_mode secure_boot = efi_secureboot_mode_unknown;
+ 	struct screen_info *si;
+
+ 	/* Check if we were booted by the EFI firmware */
+@@ -296,19 +250,13 @@ unsigned long efi_entry(void *handle, efi_system_table_t *sys_table,
+ 		pr_efi_err(sys_table, "Failed to parse EFI cmdline options\n");
+
+ 	secure_boot = efi_get_secureboot(sys_table);
+-	if (secure_boot > 0)
+-		pr_efi(sys_table, "UEFI Secure Boot is enabled.\n");
+-
+-	if (secure_boot < 0) {
+-		pr_efi_err(sys_table,
+-			"could not determine UEFI Secure Boot status.\n");
+-	}
+
+ 	/*
+ 	 * Unauthenticated device tree data is a security hazard, so
+ 	 * ignore 'dtb=' unless UEFI Secure Boot is disabled.
+ 	 */
+-	if (secure_boot != 0 && strstr(cmdline_ptr, "dtb=")) {
++	if (secure_boot != efi_secureboot_mode_disabled &&
++	    strstr(cmdline_ptr, "dtb=")) {
+ 		pr_efi(sys_table, "Ignoring DTB from command line.\n");
+ 	} else {
+ 		status = handle_cmdline_files(sys_table, image, cmdline_ptr,
+diff --git a/drivers/firmware/efi/libstub/secureboot.c b/drivers/firmware/efi/libstub/secureboot.c
+new file mode 100644
+index 0000000..70e2a36
+--- /dev/null
++++ b/drivers/firmware/efi/libstub/secureboot.c
+@@ -0,0 +1,66 @@
++/*
++ * Secure boot handling.
++ *
++ * Copyright (C) 2013,2014 Linaro Limited
++ *     Roy Franz <roy.franz@linaro.org
++ * Copyright (C) 2013 Red Hat, Inc.
++ *     Mark Salter <msalter@redhat.com>
++ *
++ * This file is part of the Linux kernel, and is made available under the
++ * terms of the GNU General Public License version 2.
++ *
++ */
++
++#include <linux/efi.h>
++#include <asm/efi.h>
++
++/* BIOS variables */
++static const efi_guid_t efi_variable_guid = EFI_GLOBAL_VARIABLE_GUID;
++static const efi_char16_t const efi_SecureBoot_name[] = {
++	'S', 'e', 'c', 'u', 'r', 'e', 'B', 'o', 'o', 't', 0
++};
++static const efi_char16_t const efi_SetupMode_name[] = {
++	'S', 'e', 't', 'u', 'p', 'M', 'o', 'd', 'e', 0
++};
++
++#define get_efi_var(name, vendor, ...) \
++	efi_call_runtime(get_variable, \
++			 (efi_char16_t *)(name), (efi_guid_t *)(vendor), \
++			 __VA_ARGS__);
++
++/*
++ * Determine whether we're in secure boot mode.  We return:
++ */
++enum efi_secureboot_mode efi_get_secureboot(efi_system_table_t *sys_table_arg)
++{
++	u8 secboot, setupmode;
++	unsigned long size;
++	efi_status_t status;
++
++	size = sizeof(secboot);
++	status = get_efi_var(efi_SecureBoot_name, &efi_variable_guid,
++			     NULL, &size, &secboot);
++	if (status != EFI_SUCCESS)
++		goto out_efi_err;
++
++	size = sizeof(setupmode);
++	status = get_efi_var(efi_SetupMode_name, &efi_variable_guid,
++			     NULL, &size, &setupmode);
++	if (status != EFI_SUCCESS)
++		goto out_efi_err;
++
++	if (secboot == 0 || setupmode == 1)
++		goto secure_boot_disabled;
++
++	pr_efi(sys_table_arg, "UEFI Secure Boot is enabled.\n");
++	return efi_secureboot_mode_enabled;
++
++secure_boot_disabled:
++	return efi_secureboot_mode_disabled;
++
++out_efi_err:
++	pr_efi_err(sys_table_arg, "Could not determine UEFI Secure Boot status.\n");
++	if (status == EFI_NOT_FOUND)
++		goto secure_boot_disabled;
++	return efi_secureboot_mode_unknown;
++}
+diff --git a/include/linux/efi.h b/include/linux/efi.h
+index c790455..92e23f0 100644
+--- a/include/linux/efi.h
++++ b/include/linux/efi.h
+@@ -1477,6 +1477,14 @@ efi_status_t efi_setup_gop(efi_system_table_t *sys_table_arg,
+ bool efi_runtime_disabled(void);
+ extern void efi_call_virt_check_flags(unsigned long flags, const char *call);
+
++enum efi_secureboot_mode {
++	efi_secureboot_mode_unset,
++	efi_secureboot_mode_unknown,
++	efi_secureboot_mode_disabled,
++	efi_secureboot_mode_enabled,
++};
++enum efi_secureboot_mode efi_get_secureboot(efi_system_table_t *sys_table);
++
+ /*
+  * Arch code can implement the following three template macros, avoiding
+  * reptition for the void/non-void return cases of {__,}efi_call_virt():
+-- 
+2.9.3
+
+From baa6cdc01e6017c6bd798b1af89458359e13155e Mon Sep 17 00:00:00 2001
+From: Josh Boyer <jwboyer@fedoraproject.org>
+Date: Mon, 21 Nov 2016 23:55:55 +0000
+Subject: [PATCH 06/32] efi: Disable secure boot if shim is in insecure mode
+
+A user can manually tell the shim boot loader to disable validation of
+images it loads.  When a user does this, it creates a UEFI variable called
+MokSBState that does not have the runtime attribute set.  Given that the
+user explicitly disabled validation, we can honor that and not enable
+secure boot mode if that variable is set.
+
+Signed-off-by: Josh Boyer <jwboyer@fedoraproject.org>
+Signed-off-by: David Howells <dhowells@redhat.com>
+---
+ drivers/firmware/efi/libstub/secureboot.c | 24 +++++++++++++++++++++++-
+ 1 file changed, 23 insertions(+), 1 deletion(-)
+
+diff --git a/drivers/firmware/efi/libstub/secureboot.c b/drivers/firmware/efi/libstub/secureboot.c
+index 70e2a36..ba6ef71 100644
+--- a/drivers/firmware/efi/libstub/secureboot.c
++++ b/drivers/firmware/efi/libstub/secureboot.c
+@@ -23,6 +23,12 @@ static const efi_char16_t const efi_SetupMode_name[] = {
+ 	'S', 'e', 't', 'u', 'p', 'M', 'o', 'd', 'e', 0
+ };
+
++/* SHIM variables */
++static const efi_guid_t shim_guid = EFI_SHIM_LOCK_GUID;
++static efi_char16_t const shim_MokSBState_name[] = {
++	'M', 'o', 'k', 'S', 'B', 'S', 't', 'a', 't', 'e', 0
++};
++
+ #define get_efi_var(name, vendor, ...) \
+ 	efi_call_runtime(get_variable, \
+ 			 (efi_char16_t *)(name), (efi_guid_t *)(vendor), \
+@@ -33,7 +39,8 @@ static const efi_char16_t const efi_SetupMode_name[] = {
+  */
+ enum efi_secureboot_mode efi_get_secureboot(efi_system_table_t *sys_table_arg)
+ {
+-	u8 secboot, setupmode;
++	u32 attr;
++	u8 secboot, setupmode, moksbstate;
+ 	unsigned long size;
+ 	efi_status_t status;
+
+@@ -52,6 +59,21 @@ enum efi_secureboot_mode efi_get_secureboot(efi_system_table_t *sys_table_arg)
+ 	if (secboot == 0 || setupmode == 1)
+ 		goto secure_boot_disabled;
+
++	/* See if a user has put shim into insecure mode.  If so, and if the
++	 * variable doesn't have the runtime attribute set, we might as well
++	 * honor that.
++	 */
++	size = sizeof(moksbstate);
++	status = get_efi_var(shim_MokSBState_name, &shim_guid,
++			     &attr, &size, &moksbstate);
++
++	/* If it fails, we don't care why.  Default to secure */
++	if (status != EFI_SUCCESS)
++		goto secure_boot_enabled;
++	if (!(attr & EFI_VARIABLE_RUNTIME_ACCESS) && moksbstate == 1)
++		goto secure_boot_disabled;
++
++secure_boot_enabled:
+ 	pr_efi(sys_table_arg, "UEFI Secure Boot is enabled.\n");
+ 	return efi_secureboot_mode_enabled;
+
+-- 
+2.9.3
+
+From 9079547f4808ea5c8cd844bf40d3895994bd175e Mon Sep 17 00:00:00 2001
+From: Josh Boyer <jwboyer@fedoraproject.org>
+Date: Mon, 21 Nov 2016 23:55:55 +0000
+Subject: [PATCH 07/32] efi: Add EFI_SECURE_BOOT bit
+
+UEFI machines can be booted in Secure Boot mode.  Add a EFI_SECURE_BOOT bit
+that can be passed to efi_enabled() to find out whether secure boot is
+enabled.
+
+This will be used by the SysRq+x handler, registered by the x86 arch, to find
+out whether secure boot mode is enabled so that it can be disabled.
+
+Signed-off-by: Josh Boyer <jwboyer@fedoraproject.org>
+Signed-off-by: David Howells <dhowells@redhat.com>
+---
+ arch/x86/kernel/setup.c | 15 +++++++++++++++
+ include/linux/efi.h     |  1 +
+ 2 files changed, 16 insertions(+)
+
+diff --git a/arch/x86/kernel/setup.c b/arch/x86/kernel/setup.c
+index 9c337b0..d8972ec 100644
+--- a/arch/x86/kernel/setup.c
++++ b/arch/x86/kernel/setup.c
+@@ -1152,6 +1152,21 @@ void __init setup_arch(char **cmdline_p)
+ 	/* Allocate bigger log buffer */
+ 	setup_log_buf(1);
+
++	if (IS_ENABLED(CONFIG_EFI)) {
++		switch (boot_params.secure_boot) {
++		case efi_secureboot_mode_disabled:
++			pr_info("Secure boot disabled\n");
++			break;
++		case efi_secureboot_mode_enabled:
++			set_bit(EFI_SECURE_BOOT, &efi.flags);
++			pr_info("Secure boot enabled\n");
++			break;
++		default:
++			pr_info("Secure boot could not be determined\n");
++			break;
++		}
++	}
++
+ 	reserve_initrd();
+
+ 	acpi_table_upgrade();
+diff --git a/include/linux/efi.h b/include/linux/efi.h
+index 92e23f0..135ca9c 100644
+--- a/include/linux/efi.h
++++ b/include/linux/efi.h
+@@ -1066,6 +1066,7 @@ extern int __init efi_setup_pcdp_console(char *);
+ #define EFI_ARCH_1		7	/* First arch-specific bit */
+ #define EFI_DBG			8	/* Print additional debug info at runtime */
+ #define EFI_NX_PE_DATA		9	/* Can runtime data regions be mapped non-executable? */
++#define EFI_SECURE_BOOT		10	/* Are we in Secure Boot mode? */
+
+ #ifdef CONFIG_EFI
+ /*
+-- 
+2.9.3
+
+From eada0243f0b8fc21588a21c564187219dee03e3c Mon Sep 17 00:00:00 2001
+From: David Howells <dhowells@redhat.com>
+Date: Fri, 25 Nov 2016 11:52:05 +0000
+Subject: [PATCH 08/32] efi: Handle secure boot from UEFI-2.6
+
+UEFI-2.6 adds a new variable, DeployedMode.  If it exists, this must be 1
+if we're to engage lockdown mode.
+
+Reported-by: James Bottomley <James.Bottomley@HansenPartnership.com>
+Signed-off-by: David Howells <dhowells@redhat.com>
+---
+ drivers/firmware/efi/libstub/secureboot.c | 16 +++++++++++++++-
+ include/linux/efi.h                       |  4 ++++
+ 2 files changed, 19 insertions(+), 1 deletion(-)
+
+diff --git a/drivers/firmware/efi/libstub/secureboot.c b/drivers/firmware/efi/libstub/secureboot.c
+index ba6ef71..333b159 100644
+--- a/drivers/firmware/efi/libstub/secureboot.c
++++ b/drivers/firmware/efi/libstub/secureboot.c
+@@ -22,6 +22,9 @@ static const efi_char16_t const efi_SecureBoot_name[] = {
+ static const efi_char16_t const efi_SetupMode_name[] = {
+ 	'S', 'e', 't', 'u', 'p', 'M', 'o', 'd', 'e', 0
+ };
++static const efi_char16_t const efi_DeployedMode_name[] = {
++	'D', 'e', 'p', 'l', 'o', 'y', 'e', 'd', 'M', 'o', 'd', 'e', 0
++};
+
+ /* SHIM variables */
+ static const efi_guid_t shim_guid = EFI_SHIM_LOCK_GUID;
+@@ -40,7 +43,7 @@ static efi_char16_t const shim_MokSBState_name[] = {
+ enum efi_secureboot_mode efi_get_secureboot(efi_system_table_t *sys_table_arg)
+ {
+ 	u32 attr;
+-	u8 secboot, setupmode, moksbstate;
++	u8 secboot, setupmode, deployedmode, moksbstate;
+ 	unsigned long size;
+ 	efi_status_t status;
+
+@@ -59,6 +62,17 @@ enum efi_secureboot_mode efi_get_secureboot(efi_system_table_t *sys_table_arg)
+ 	if (secboot == 0 || setupmode == 1)
+ 		goto secure_boot_disabled;
+
++	/* UEFI-2.6 requires DeployedMode to be 1. */
++	if (sys_table_arg->hdr.revision >= EFI_2_60_SYSTEM_TABLE_REVISION) {
++		size = sizeof(deployedmode);
++		status = get_efi_var(efi_DeployedMode_name, &efi_variable_guid,
++				     NULL, &size, &deployedmode);
++		if (status != EFI_SUCCESS)
++			goto out_efi_err;
++		if (deployedmode == 0)
++			goto secure_boot_disabled;
++	}
++
+ 	/* See if a user has put shim into insecure mode.  If so, and if the
+ 	 * variable doesn't have the runtime attribute set, we might as well
+ 	 * honor that.
+diff --git a/include/linux/efi.h b/include/linux/efi.h
+index 135ca9c..e1893f5 100644
+--- a/include/linux/efi.h
++++ b/include/linux/efi.h
+@@ -645,6 +645,10 @@ typedef struct {
+
+ #define EFI_SYSTEM_TABLE_SIGNATURE ((u64)0x5453595320494249ULL)
+
++#define EFI_2_60_SYSTEM_TABLE_REVISION  ((2 << 16) | (60))
++#define EFI_2_50_SYSTEM_TABLE_REVISION  ((2 << 16) | (50))
++#define EFI_2_40_SYSTEM_TABLE_REVISION  ((2 << 16) | (40))
++#define EFI_2_31_SYSTEM_TABLE_REVISION  ((2 << 16) | (31))
+ #define EFI_2_30_SYSTEM_TABLE_REVISION  ((2 << 16) | (30))
+ #define EFI_2_20_SYSTEM_TABLE_REVISION  ((2 << 16) | (20))
+ #define EFI_2_10_SYSTEM_TABLE_REVISION  ((2 << 16) | (10))
+-- 
+2.9.3
+
+From 3b0695eda22ad712a2b9be9bb70979d875a37816 Mon Sep 17 00:00:00 2001
+From: David Howells <dhowells@redhat.com>
+Date: Mon, 21 Nov 2016 23:36:17 +0000
+Subject: [PATCH 09/32] Add the ability to lock down access to the running
+ kernel image
+
+Provide a single call to allow kernel code to determine whether the system
+should be locked down, thereby disallowing various accesses that might
+allow the running kernel image to be changed including the loading of
+modules that aren't validly signed with a key we recognise, fiddling with
+MSR registers and disallowing hibernation,
+
+Signed-off-by: David Howells <dhowells@redhat.com>
+---
+ include/linux/kernel.h   |  9 +++++++++
+ include/linux/security.h | 11 +++++++++++
+ security/Kconfig         | 15 +++++++++++++++
+ security/Makefile        |  3 +++
+ security/lock_down.c     | 40 ++++++++++++++++++++++++++++++++++++++++
+ 5 files changed, 78 insertions(+)
+ create mode 100644 security/lock_down.c
+
+diff --git a/include/linux/kernel.h b/include/linux/kernel.h
+index bc6ed52..8ab309d 100644
+--- a/include/linux/kernel.h
++++ b/include/linux/kernel.h
+@@ -268,6 +268,15 @@ extern int oops_may_print(void);
+ void do_exit(long error_code) __noreturn;
+ void complete_and_exit(struct completion *, long) __noreturn;
+
++#ifdef CONFIG_LOCK_DOWN_KERNEL
++extern bool kernel_is_locked_down(void);
++#else
++static inline bool kernel_is_locked_down(void)
++{
++	return false;
++}
++#endif
++
+ /* Internal, do not use. */
+ int __must_check _kstrtoul(const char *s, unsigned int base, unsigned long *res);
+ int __must_check _kstrtol(const char *s, unsigned int base, long *res);
+diff --git a/include/linux/security.h b/include/linux/security.h
+index c2125e9..41a7325 100644
+--- a/include/linux/security.h
++++ b/include/linux/security.h
+@@ -1685,5 +1685,16 @@ static inline void free_secdata(void *secdata)
+ { }
+ #endif /* CONFIG_SECURITY */
+
++#ifdef CONFIG_LOCK_DOWN_KERNEL
++extern void lock_kernel_down(void);
++#ifdef CONFIG_ALLOW_LOCKDOWN_LIFT
++extern void lift_kernel_lockdown(void);
++#endif
++#else
++static inline void lock_kernel_down(void)
++{
++}
++#endif
++
+ #endif /* ! __LINUX_SECURITY_H */
+
+diff --git a/security/Kconfig b/security/Kconfig
+index 118f454..fa1a678 100644
+--- a/security/Kconfig
++++ b/security/Kconfig
+@@ -158,6 +158,21 @@ config HARDENED_USERCOPY_PAGESPAN
+ 	  been removed. This config is intended to be used only while
+ 	  trying to find such users.
+
++config LOCK_DOWN_KERNEL
++	bool "Allow the kernel to be 'locked down'"
++	help
++	  Allow the kernel to be locked down under certain circumstances, for
++	  instance if UEFI secure boot is enabled.  Locking down the kernel
++	  turns off various features that might otherwise allow access to the
++	  kernel image (eg. setting MSR registers).
++
++config ALLOW_LOCKDOWN_LIFT
++	bool
++	help
++	  Allow the lockdown on a kernel to be lifted, thereby restoring the
++	  ability of userspace to access the kernel image (eg. by SysRq+x under
++	  x86).
++
+ source security/selinux/Kconfig
+ source security/smack/Kconfig
+ source security/tomoyo/Kconfig
+diff --git a/security/Makefile b/security/Makefile
+index f2d71cd..8c4a43e 100644
+--- a/security/Makefile
++++ b/security/Makefile
+@@ -29,3 +29,6 @@ obj-$(CONFIG_CGROUP_DEVICE)		+= device_cgroup.o
+ # Object integrity file lists
+ subdir-$(CONFIG_INTEGRITY)		+= integrity
+ obj-$(CONFIG_INTEGRITY)			+= integrity/
++
++# Allow the kernel to be locked down
++obj-$(CONFIG_LOCK_DOWN_KERNEL)		+= lock_down.o
+diff --git a/security/lock_down.c b/security/lock_down.c
+new file mode 100644
+index 0000000..5788c60
+--- /dev/null
++++ b/security/lock_down.c
+@@ -0,0 +1,40 @@
++/* Lock down the kernel
++ *
++ * Copyright (C) 2016 Red Hat, Inc. All Rights Reserved.
++ * Written by David Howells (dhowells@redhat.com)
++ *
++ * This program is free software; you can redistribute it and/or
++ * modify it under the terms of the GNU General Public Licence
++ * as published by the Free Software Foundation; either version
++ * 2 of the Licence, or (at your option) any later version.
++ */
++
++#include <linux/security.h>
++#include <linux/export.h>
++
++static __read_mostly bool kernel_locked_down;
++
++/*
++ * Put the kernel into lock-down mode.
++ */
++void lock_kernel_down(void)
++{
++	kernel_locked_down = true;
++}
++
++/*
++ * Take the kernel out of lockdown mode.
++ */
++void lift_kernel_lockdown(void)
++{
++	kernel_locked_down = false;
++}
++
++/**
++ * kernel_is_locked_down - Find out if the kernel is locked down
++ */
++bool kernel_is_locked_down(void)
++{
++	return kernel_locked_down;
++}
++EXPORT_SYMBOL(kernel_is_locked_down);
+-- 
+2.9.3
+
+From c1cc643f82e1c9efee123eb81befb58e41b87310 Mon Sep 17 00:00:00 2001
+From: David Howells <dhowells@redhat.com>
+Date: Mon, 21 Nov 2016 23:55:55 +0000
+Subject: [PATCH 10/32] efi: Lock down the kernel if booted in secure boot mode
+
+UEFI Secure Boot provides a mechanism for ensuring that the firmware will
+only load signed bootloaders and kernels.  Certain use cases may also
+require that all kernel modules also be signed.  Add a configuration option
+that to lock down the kernel - which includes requiring validly signed
+modules - if the kernel is secure-booted.
+
+Signed-off-by: David Howells <dhowells@redhat.com>
+---
+ arch/x86/Kconfig        | 12 ++++++++++++
+ arch/x86/kernel/setup.c |  8 +++++++-
+ 2 files changed, 19 insertions(+), 1 deletion(-)
+
+diff --git a/arch/x86/Kconfig b/arch/x86/Kconfig
+index bada636..5b19997 100644
+--- a/arch/x86/Kconfig
++++ b/arch/x86/Kconfig
+@@ -1786,6 +1786,18 @@ config EFI_MIXED
+
+ 	   If unsure, say N.
+
++config EFI_SECURE_BOOT_LOCK_DOWN
++	def_bool n
++	depends on EFI
++	prompt "Lock down the kernel when UEFI Secure Boot is enabled"
++	---help---
++	  UEFI Secure Boot provides a mechanism for ensuring that the firmware
++	  will only load signed bootloaders and kernels.  Certain use cases may
++	  also require that all kernel modules also be signed and that
++	  userspace is prevented from directly changing the running kernel
++	  image.  Say Y here to automatically lock down the kernel when a
++	  system boots with UEFI Secure Boot enabled.
++
+ config SECCOMP
+ 	def_bool y
+ 	prompt "Enable seccomp to safely compute untrusted bytecode"
+diff --git a/arch/x86/kernel/setup.c b/arch/x86/kernel/setup.c
+index d8972ec..facaeb9 100644
+--- a/arch/x86/kernel/setup.c
++++ b/arch/x86/kernel/setup.c
+@@ -69,6 +69,7 @@
+ #include <linux/crash_dump.h>
+ #include <linux/tboot.h>
+ #include <linux/jiffies.h>
++#include <linux/security.h>
+
+ #include <video/edid.h>
+
+@@ -1159,7 +1160,12 @@ void __init setup_arch(char **cmdline_p)
+ 			break;
+ 		case efi_secureboot_mode_enabled:
+ 			set_bit(EFI_SECURE_BOOT, &efi.flags);
+-			pr_info("Secure boot enabled\n");
++			if (IS_ENABLED(CONFIG_EFI_SECURE_BOOT_LOCK_DOWN)) {
++				lock_kernel_down();
++				pr_info("Secure boot enabled and kernel locked down\n");
++			} else {
++				pr_info("Secure boot enabled\n");
++			}
+ 			break;
+ 		default:
+ 			pr_info("Secure boot could not be determined\n");
+-- 
+2.9.3
+
+From 03ff1bcf82c3acc3df8e8fd1badbbc9f6a27a2e6 Mon Sep 17 00:00:00 2001
+From: David Howells <dhowells@redhat.com>
+Date: Wed, 23 Nov 2016 13:22:22 +0000
+Subject: [PATCH 11/32] Enforce module signatures if the kernel is locked down
+
+If the kernel is locked down, require that all modules have valid
+signatures that we can verify.
+
+Signed-off-by: David Howells <dhowells@redhat.com>
+---
+ kernel/module.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/kernel/module.c b/kernel/module.c
+index f57dd63..2a021c3 100644
+--- a/kernel/module.c
++++ b/kernel/module.c
+@@ -2744,7 +2744,7 @@ static int module_sig_check(struct load_info *info, int flags)
+ 	}
+
+ 	/* Not having a signature is only an error if we're strict. */
+-	if (err == -ENOKEY && !sig_enforce)
++	if (err == -ENOKEY && !sig_enforce && !kernel_is_locked_down())
+ 		err = 0;
+
+ 	return err;
+-- 
+2.9.3
+
+From 328104a3a9859084a25240ea031572e0d20ceaf4 Mon Sep 17 00:00:00 2001
+From: Matthew Garrett <matthew.garrett@nebula.com>
+Date: Tue, 22 Nov 2016 08:46:16 +0000
+Subject: [PATCH 12/32] Restrict /dev/mem and /dev/kmem when the kernel is
+ locked down
+
+Allowing users to write to address space makes it possible for the kernel to
+be subverted, avoiding module loading restrictions.  Prevent this when the
+kernel has been locked down.
+
+Signed-off-by: Matthew Garrett <matthew.garrett@nebula.com>
+Signed-off-by: David Howells <dhowells@redhat.com>
+---
+ drivers/char/mem.c | 6 ++++++
+ 1 file changed, 6 insertions(+)
+
+diff --git a/drivers/char/mem.c b/drivers/char/mem.c
+index 5bb1985..6441d21 100644
+--- a/drivers/char/mem.c
++++ b/drivers/char/mem.c
+@@ -163,6 +163,9 @@ static ssize_t write_mem(struct file *file, const char __user *buf,
+ 	if (p != *ppos)
+ 		return -EFBIG;
+
++	if (kernel_is_locked_down())
++		return -EPERM;
++
+ 	if (!valid_phys_addr_range(p, count))
+ 		return -EFAULT;
+
+@@ -515,6 +518,9 @@ static ssize_t write_kmem(struct file *file, const char __user *buf,
+ 	if (!pfn_valid(PFN_DOWN(p)))
+ 		return -EIO;
+
++	if (kernel_is_locked_down())
++		return -EPERM;
++
+ 	if (p < (unsigned long) high_memory) {
+ 		unsigned long to_write = min_t(unsigned long, count,
+ 					       (unsigned long)high_memory - p);
+-- 
+2.9.3
+
+From 2cfe484bdc7e42b42be4887f2b4d23ac9de79593 Mon Sep 17 00:00:00 2001
+From: Kyle McMartin <kyle@redhat.com>
+Date: Mon, 21 Nov 2016 23:55:56 +0000
+Subject: [PATCH 13/32] Add a sysrq option to exit secure boot mode
+
+Make sysrq+x exit secure boot mode on x86_64, thereby allowing the running
+kernel image to be modified.  This lifts the lockdown.
+
+Signed-off-by: David Howells <dhowells@redhat.com>
+---
+ arch/x86/Kconfig            | 10 ++++++++++
+ arch/x86/kernel/setup.c     | 31 +++++++++++++++++++++++++++++++
+ drivers/input/misc/uinput.c |  1 +
+ drivers/tty/sysrq.c         | 19 +++++++++++++------
+ include/linux/input.h       |  5 +++++
+ include/linux/sysrq.h       |  8 +++++++-
+ kernel/debug/kdb/kdb_main.c |  2 +-
+ 7 files changed, 68 insertions(+), 8 deletions(-)
+
+diff --git a/arch/x86/Kconfig b/arch/x86/Kconfig
+index 5b19997..c2b481b 100644
+--- a/arch/x86/Kconfig
++++ b/arch/x86/Kconfig
+@@ -1798,6 +1798,16 @@ config EFI_SECURE_BOOT_LOCK_DOWN
+ 	  image.  Say Y here to automatically lock down the kernel when a
+ 	  system boots with UEFI Secure Boot enabled.
+
++config EFI_ALLOW_SECURE_BOOT_EXIT
++	def_bool n
++	depends on EFI_SECURE_BOOT_LOCK_DOWN && MAGIC_SYSRQ
++	select ALLOW_LOCKDOWN_LIFT
++	prompt "Allow secure boot mode to be exited with SysRq+x on a keyboard"
++	---help---
++	  Allow secure boot mode to be exited and the kernel lockdown lifted by
++	  typing SysRq+x on a keyboard attached to the system (not permitted
++	  through procfs).
++
+ config SECCOMP
+ 	def_bool y
+ 	prompt "Enable seccomp to safely compute untrusted bytecode"
+diff --git a/arch/x86/kernel/setup.c b/arch/x86/kernel/setup.c
+index facaeb9..de24041 100644
+--- a/arch/x86/kernel/setup.c
++++ b/arch/x86/kernel/setup.c
+@@ -71,6 +71,11 @@
+ #include <linux/jiffies.h>
+ #include <linux/security.h>
+
++#include <linux/fips.h>
++#include <linux/cred.h>
++#include <linux/sysrq.h>
++#include <linux/init_task.h>
++
+ #include <video/edid.h>
+
+ #include <asm/mtrr.h>
+@@ -1304,6 +1309,32 @@ void __init i386_reserve_resources(void)
+
+ #endif /* CONFIG_X86_32 */
+
++#ifdef CONFIG_EFI_ALLOW_SECURE_BOOT_EXIT
++
++static void sysrq_handle_secure_boot(int key)
++{
++	if (!efi_enabled(EFI_SECURE_BOOT))
++		return;
++
++	pr_info("Secure boot disabled\n");
++	lift_kernel_lockdown();
++}
++static struct sysrq_key_op secure_boot_sysrq_op = {
++	.handler	=	sysrq_handle_secure_boot,
++	.help_msg	=	"unSB(x)",
++	.action_msg	=	"Disabling Secure Boot restrictions",
++	.enable_mask	=	SYSRQ_DISABLE_USERSPACE,
++};
++static int __init secure_boot_sysrq(void)
++{
++	if (efi_enabled(EFI_SECURE_BOOT))
++		register_sysrq_key('x', &secure_boot_sysrq_op);
++	return 0;
++}
++late_initcall(secure_boot_sysrq);
++#endif /*CONFIG_EFI_ALLOW_SECURE_BOOT_EXIT*/
++
++
+ static struct notifier_block kernel_offset_notifier = {
+ 	.notifier_call = dump_kernel_offset
+ };
+diff --git a/drivers/input/misc/uinput.c b/drivers/input/misc/uinput.c
+index 92595b9..894ed3f 100644
+--- a/drivers/input/misc/uinput.c
++++ b/drivers/input/misc/uinput.c
+@@ -379,6 +379,7 @@ static int uinput_allocate_device(struct uinput_device *udev)
+ 	if (!udev->dev)
+ 		return -ENOMEM;
+
++	udev->dev->flags |= INPUTDEV_FLAGS_SYNTHETIC;
+ 	udev->dev->event = uinput_dev_event;
+ 	input_set_drvdata(udev->dev, udev);
+
+diff --git a/drivers/tty/sysrq.c b/drivers/tty/sysrq.c
+index 52bbd27..72f46a1 100644
+--- a/drivers/tty/sysrq.c
++++ b/drivers/tty/sysrq.c
+@@ -479,6 +479,7 @@ static struct sysrq_key_op *sysrq_key_table[36] = {
+ 	/* x: May be registered on mips for TLB dump */
+ 	/* x: May be registered on ppc/powerpc for xmon */
+ 	/* x: May be registered on sparc64 for global PMU dump */
++	/* x: May be registered on x86_64 for disabling secure boot */
+ 	NULL,				/* x */
+ 	/* y: May be registered on sparc64 for global register dump */
+ 	NULL,				/* y */
+@@ -522,7 +523,7 @@ static void __sysrq_put_key_op(int key, struct sysrq_key_op *op_p)
+                 sysrq_key_table[i] = op_p;
+ }
+
+-void __handle_sysrq(int key, bool check_mask)
++void __handle_sysrq(int key, unsigned int from)
+ {
+ 	struct sysrq_key_op *op_p;
+ 	int orig_log_level;
+@@ -542,11 +543,15 @@ void __handle_sysrq(int key, bool check_mask)
+
+         op_p = __sysrq_get_key_op(key);
+         if (op_p) {
++		/* Ban synthetic events from some sysrq functionality */
++		if ((from == SYSRQ_FROM_PROC || from == SYSRQ_FROM_SYNTHETIC) &&
++		    op_p->enable_mask & SYSRQ_DISABLE_USERSPACE)
++			printk("This sysrq operation is disabled from userspace.\n");
+ 		/*
+ 		 * Should we check for enabled operations (/proc/sysrq-trigger
+ 		 * should not) and is the invoked operation enabled?
+ 		 */
+-		if (!check_mask || sysrq_on_mask(op_p->enable_mask)) {
++		if (from == SYSRQ_FROM_KERNEL || sysrq_on_mask(op_p->enable_mask)) {
+ 			pr_cont("%s\n", op_p->action_msg);
+ 			console_loglevel = orig_log_level;
+ 			op_p->handler(key);
+@@ -578,7 +583,7 @@ void __handle_sysrq(int key, bool check_mask)
+ void handle_sysrq(int key)
+ {
+ 	if (sysrq_on())
+-		__handle_sysrq(key, true);
++		__handle_sysrq(key, SYSRQ_FROM_KERNEL);
+ }
+ EXPORT_SYMBOL(handle_sysrq);
+
+@@ -659,7 +664,7 @@ static void sysrq_do_reset(unsigned long _state)
+ static void sysrq_handle_reset_request(struct sysrq_state *state)
+ {
+ 	if (state->reset_requested)
+-		__handle_sysrq(sysrq_xlate[KEY_B], false);
++		__handle_sysrq(sysrq_xlate[KEY_B], SYSRQ_FROM_KERNEL);
+
+ 	if (sysrq_reset_downtime_ms)
+ 		mod_timer(&state->keyreset_timer,
+@@ -810,8 +815,10 @@ static bool sysrq_handle_keypress(struct sysrq_state *sysrq,
+
+ 	default:
+ 		if (sysrq->active && value && value != 2) {
++			int from = sysrq->handle.dev->flags & INPUTDEV_FLAGS_SYNTHETIC ?
++					SYSRQ_FROM_SYNTHETIC : 0;
+ 			sysrq->need_reinject = false;
+-			__handle_sysrq(sysrq_xlate[code], true);
++			__handle_sysrq(sysrq_xlate[code], from);
+ 		}
+ 		break;
+ 	}
+@@ -1095,7 +1102,7 @@ static ssize_t write_sysrq_trigger(struct file *file, const char __user *buf,
+
+ 		if (get_user(c, buf))
+ 			return -EFAULT;
+-		__handle_sysrq(c, false);
++		__handle_sysrq(c, SYSRQ_FROM_PROC);
+ 	}
+
+ 	return count;
+diff --git a/include/linux/input.h b/include/linux/input.h
+index a65e3b2..8b03571 100644
+--- a/include/linux/input.h
++++ b/include/linux/input.h
+@@ -42,6 +42,7 @@ struct input_value {
+  * @phys: physical path to the device in the system hierarchy
+  * @uniq: unique identification code for the device (if device has it)
+  * @id: id of the device (struct input_id)
++ * @flags: input device flags (SYNTHETIC, etc.)
+  * @propbit: bitmap of device properties and quirks
+  * @evbit: bitmap of types of events supported by the device (EV_KEY,
+  *	EV_REL, etc.)
+@@ -124,6 +125,8 @@ struct input_dev {
+ 	const char *uniq;
+ 	struct input_id id;
+
++	unsigned int flags;
++
+ 	unsigned long propbit[BITS_TO_LONGS(INPUT_PROP_CNT)];
+
+ 	unsigned long evbit[BITS_TO_LONGS(EV_CNT)];
+@@ -190,6 +193,8 @@ struct input_dev {
+ };
+ #define to_input_dev(d) container_of(d, struct input_dev, dev)
+
++#define	INPUTDEV_FLAGS_SYNTHETIC	0x000000001
++
+ /*
+  * Verify that we are in sync with input_device_id mod_devicetable.h #defines
+  */
+diff --git a/include/linux/sysrq.h b/include/linux/sysrq.h
+index 387fa7d..f7c52a9 100644
+--- a/include/linux/sysrq.h
++++ b/include/linux/sysrq.h
+@@ -28,6 +28,8 @@
+ #define SYSRQ_ENABLE_BOOT	0x0080
+ #define SYSRQ_ENABLE_RTNICE	0x0100
+
++#define SYSRQ_DISABLE_USERSPACE	0x00010000
++
+ struct sysrq_key_op {
+ 	void (*handler)(int);
+ 	char *help_msg;
+@@ -42,8 +44,12 @@ struct sysrq_key_op {
+  * are available -- else NULL's).
+  */
+
++#define SYSRQ_FROM_KERNEL	0x0001
++#define SYSRQ_FROM_PROC		0x0002
++#define SYSRQ_FROM_SYNTHETIC	0x0004
++
+ void handle_sysrq(int key);
+-void __handle_sysrq(int key, bool check_mask);
++void __handle_sysrq(int key, unsigned int from);
+ int register_sysrq_key(int key, struct sysrq_key_op *op);
+ int unregister_sysrq_key(int key, struct sysrq_key_op *op);
+ struct sysrq_key_op *__sysrq_get_key_op(int key);
+diff --git a/kernel/debug/kdb/kdb_main.c b/kernel/debug/kdb/kdb_main.c
+index 2a20c0d..d46d2e1 100644
+--- a/kernel/debug/kdb/kdb_main.c
++++ b/kernel/debug/kdb/kdb_main.c
+@@ -1968,7 +1968,7 @@ static int kdb_sr(int argc, const char **argv)
+ 		return KDB_ARGCOUNT;
+
+ 	kdb_trap_printk++;
+-	__handle_sysrq(*argv[1], check_mask);
++	__handle_sysrq(*argv[1], check_mask ? SYSRQ_FROM_KERNEL : 0);
+ 	kdb_trap_printk--;
+
+ 	return 0;
+-- 
+2.9.3
+
+From a82fdfceffac8e9cdc0287d874a8ba1b9d875e70 Mon Sep 17 00:00:00 2001
+From: Matthew Garrett <matthew.garrett@nebula.com>
+Date: Tue, 22 Nov 2016 08:46:15 +0000
+Subject: [PATCH 14/32] kexec: Disable at runtime if the kernel is locked down
+
+kexec permits the loading and execution of arbitrary code in ring 0, which
+is something that lock-down is meant to prevent. It makes sense to disable
+kexec in this situation.
+
+This does not affect kexec_file_load() which can check for a signature on the
+image to be booted.
+
+Signed-off-by: Matthew Garrett <matthew.garrett@nebula.com>
+Signed-off-by: David Howells <dhowells@redhat.com>
+---
+ kernel/kexec.c | 7 +++++++
+ 1 file changed, 7 insertions(+)
+
+diff --git a/kernel/kexec.c b/kernel/kexec.c
+index 980936a..46de8e6 100644
+--- a/kernel/kexec.c
++++ b/kernel/kexec.c
+@@ -194,6 +194,13 @@ SYSCALL_DEFINE4(kexec_load, unsigned long, entry, unsigned long, nr_segments,
+ 		return -EPERM;
+
+ 	/*
++	 * kexec can be used to circumvent module loading restrictions, so
++	 * prevent loading in that case
++	 */
++	if (kernel_is_locked_down())
++		return -EPERM;
++
++	/*
+ 	 * Verify we have a legal set of flags
+ 	 * This leaves us room for future extensions.
+ 	 */
+-- 
+2.9.3
+
+From 43d4cec4b9acbe2954afb355cc32dbd456ca77bd Mon Sep 17 00:00:00 2001
+From: Dave Young <dyoung@redhat.com>
+Date: Tue, 22 Nov 2016 08:46:15 +0000
+Subject: [PATCH 15/32] Copy secure_boot flag in boot params across kexec
+ reboot
+
+Kexec reboot in case secure boot being enabled does not keep the secure
+boot mode in new kernel, so later one can load unsigned kernel via legacy
+kexec_load.  In this state, the system is missing the protections provided
+by secure boot.
+
+Adding a patch to fix this by retain the secure_boot flag in original
+kernel.
+
+secure_boot flag in boot_params is set in EFI stub, but kexec bypasses the
+stub.  Fixing this issue by copying secure_boot flag across kexec reboot.
+
+Signed-off-by: Dave Young <dyoung@redhat.com>
+Signed-off-by: David Howells <dhowells@redhat.com>
+---
+ arch/x86/kernel/kexec-bzimage64.c | 1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git a/arch/x86/kernel/kexec-bzimage64.c b/arch/x86/kernel/kexec-bzimage64.c
+index 3407b14..b843a4e 100644
+--- a/arch/x86/kernel/kexec-bzimage64.c
++++ b/arch/x86/kernel/kexec-bzimage64.c
+@@ -179,6 +179,7 @@ setup_efi_state(struct boot_params *params, unsigned long params_load_addr,
+ 	if (efi_enabled(EFI_OLD_MEMMAP))
+ 		return 0;
+
++	params->secure_boot = boot_params.secure_boot;
+ 	ei->efi_loader_signature = current_ei->efi_loader_signature;
+ 	ei->efi_systab = current_ei->efi_systab;
+ 	ei->efi_systab_hi = current_ei->efi_systab_hi;
+-- 
+2.9.3
+
+From 7f303a867209a3641d3da378d914967314b60254 Mon Sep 17 00:00:00 2001
+From: "Lee, Chun-Yi" <joeyli.kernel@gmail.com>
+Date: Wed, 23 Nov 2016 13:49:19 +0000
+Subject: [PATCH 16/32] kexec_file: Disable at runtime if securelevel has been
+ set
+
+When KEXEC_VERIFY_SIG is not enabled, kernel should not loads image
+through kexec_file systemcall if securelevel has been set.
+
+This code was showed in Matthew's patch but not in git:
+https://lkml.org/lkml/2015/3/13/778
+
+Cc: Matthew Garrett <mjg59@srcf.ucam.org>
+Signed-off-by: Lee, Chun-Yi <jlee@suse.com>
+Signed-off-by: David Howells <dhowells@redhat.com>
+---
+ kernel/kexec_file.c | 6 ++++++
+ 1 file changed, 6 insertions(+)
+
+diff --git a/kernel/kexec_file.c b/kernel/kexec_file.c
+index 037c321..04f48f2 100644
+--- a/kernel/kexec_file.c
++++ b/kernel/kexec_file.c
+@@ -264,6 +264,12 @@ SYSCALL_DEFINE5(kexec_file_load, int, kernel_fd, int, initrd_fd,
+ 	if (!capable(CAP_SYS_BOOT) || kexec_load_disabled)
+ 		return -EPERM;
+
++	/* Don't permit images to be loaded into trusted kernels if we're not
++	 * going to verify the signature on them
++	 */
++	if (!IS_ENABLED(CONFIG_KEXEC_VERIFY_SIG) && kernel_is_locked_down())
++		return -EPERM;
++
+ 	/* Make sure we have a legal set of flags */
+ 	if (flags != (flags & KEXEC_FILE_FLAGS))
+ 		return -EINVAL;
+-- 
+2.9.3
+
+From 7b42e60e328109fc2a04434c3cfedeb53eae6426 Mon Sep 17 00:00:00 2001
+From: Josh Boyer <jwboyer@fedoraproject.org>
+Date: Tue, 22 Nov 2016 08:46:15 +0000
+Subject: [PATCH 17/32] hibernate: Disable when the kernel is locked down
+
+There is currently no way to verify the resume image when returning
+from hibernate.  This might compromise the signed modules trust model,
+so until we can work with signed hibernate images we disable it when the
+kernel is locked down.
+
+Signed-off-by: Josh Boyer <jwboyer@fedoraproject.org>
+Signed-off-by: David Howells <dhowells@redhat.com>
+---
+ kernel/power/hibernate.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/kernel/power/hibernate.c b/kernel/power/hibernate.c
+index b26dbc4..3732187 100644
+--- a/kernel/power/hibernate.c
++++ b/kernel/power/hibernate.c
+@@ -67,7 +67,7 @@ static const struct platform_hibernation_ops *hibernation_ops;
+
+ bool hibernation_available(void)
+ {
+-	return (nohibernate == 0);
++	return nohibernate == 0 && !kernel_is_locked_down();
+ }
+
+ /**
+-- 
+2.9.3
+
+From a2a550718c501375c22f5afdead9d25225abdcd3 Mon Sep 17 00:00:00 2001
+From: Matthew Garrett <mjg59@srcf.ucam.org>
+Date: Wed, 23 Nov 2016 13:28:17 +0000
+Subject: [PATCH 18/32] uswsusp: Disable when the kernel is locked down
+
+uswsusp allows a user process to dump and then restore kernel state, which
+makes it possible to modify the running kernel.  Disable this if the kernel
+is locked down.
+
+Signed-off-by: Matthew Garrett <mjg59@srcf.ucam.org>
+Signed-off-by: David Howells <dhowells@redhat.com>
+---
+ kernel/power/user.c | 3 +++
+ 1 file changed, 3 insertions(+)
+
+diff --git a/kernel/power/user.c b/kernel/power/user.c
+index 35310b6..c9ef5e1 100644
+--- a/kernel/power/user.c
++++ b/kernel/power/user.c
+@@ -52,6 +52,9 @@ static int snapshot_open(struct inode *inode, struct file *filp)
+ 	if (!hibernation_available())
+ 		return -EPERM;
+
++	if (kernel_is_locked_down())
++		return -EPERM;
++
+ 	lock_system_sleep();
+
+ 	if (!atomic_add_unless(&snapshot_device_available, -1, 0)) {
+-- 
+2.9.3
+
+From 81204660ab5d1914cb59fb246f103288ecf9a177 Mon Sep 17 00:00:00 2001
+From: Matthew Garrett <matthew.garrett@nebula.com>
+Date: Tue, 22 Nov 2016 08:46:15 +0000
+Subject: [PATCH 19/32] PCI: Lock down BAR access when the kernel is locked
+ down
+
+Any hardware that can potentially generate DMA has to be locked down in
+order to avoid it being possible for an attacker to modify kernel code,
+allowing them to circumvent disabled module loading or module signing.
+Default to paranoid - in future we can potentially relax this for
+sufficiently IOMMU-isolated devices.
+
+Signed-off-by: Matthew Garrett <matthew.garrett@nebula.com>
+Signed-off-by: David Howells <dhowells@redhat.com>
+---
+ drivers/pci/pci-sysfs.c | 9 +++++++++
+ drivers/pci/proc.c      | 8 +++++++-
+ drivers/pci/syscall.c   | 2 +-
+ 3 files changed, 17 insertions(+), 2 deletions(-)
+
+diff --git a/drivers/pci/pci-sysfs.c b/drivers/pci/pci-sysfs.c
+index bcd10c7..02b9c9e 100644
+--- a/drivers/pci/pci-sysfs.c
++++ b/drivers/pci/pci-sysfs.c
+@@ -716,6 +716,9 @@ static ssize_t pci_write_config(struct file *filp, struct kobject *kobj,
+ 	loff_t init_off = off;
+ 	u8 *data = (u8 *) buf;
+
++	if (kernel_is_locked_down())
++		return -EPERM;
++
+ 	if (off > dev->cfg_size)
+ 		return 0;
+ 	if (off + count > dev->cfg_size) {
+@@ -1007,6 +1010,9 @@ static int pci_mmap_resource(struct kobject *kobj, struct bin_attribute *attr,
+ 	resource_size_t start, end;
+ 	int i;
+
++	if (kernel_is_locked_down())
++		return -EPERM;
++
+ 	for (i = 0; i < PCI_ROM_RESOURCE; i++)
+ 		if (res == &pdev->resource[i])
+ 			break;
+@@ -1106,6 +1112,9 @@ static ssize_t pci_write_resource_io(struct file *filp, struct kobject *kobj,
+ 				     struct bin_attribute *attr, char *buf,
+ 				     loff_t off, size_t count)
+ {
++	if (kernel_is_locked_down())
++		return -EPERM;
++
+ 	return pci_resource_io(filp, kobj, attr, buf, off, count, true);
+ }
+
+diff --git a/drivers/pci/proc.c b/drivers/pci/proc.c
+index 2408abe..eaccf9b 100644
+--- a/drivers/pci/proc.c
++++ b/drivers/pci/proc.c
+@@ -116,6 +116,9 @@ static ssize_t proc_bus_pci_write(struct file *file, const char __user *buf,
+ 	int size = dev->cfg_size;
+ 	int cnt;
+
++	if (kernel_is_locked_down())
++		return -EPERM;
++
+ 	if (pos >= size)
+ 		return 0;
+ 	if (nbytes >= size)
+@@ -195,6 +198,9 @@ static long proc_bus_pci_ioctl(struct file *file, unsigned int cmd,
+ #endif /* HAVE_PCI_MMAP */
+ 	int ret = 0;
+
++	if (kernel_is_locked_down())
++		return -EPERM;
++
+ 	switch (cmd) {
+ 	case PCIIOC_CONTROLLER:
+ 		ret = pci_domain_nr(dev->bus);
+@@ -233,7 +239,7 @@ static int proc_bus_pci_mmap(struct file *file, struct vm_area_struct *vma)
+ 	struct pci_filp_private *fpriv = file->private_data;
+ 	int i, ret, write_combine;
+
+-	if (!capable(CAP_SYS_RAWIO))
++	if (!capable(CAP_SYS_RAWIO) || kernel_is_locked_down())
+ 		return -EPERM;
+
+ 	/* Make sure the caller is mapping a real resource for this device */
+diff --git a/drivers/pci/syscall.c b/drivers/pci/syscall.c
+index b91c4da..81544dc 100644
+--- a/drivers/pci/syscall.c
++++ b/drivers/pci/syscall.c
+@@ -92,7 +92,7 @@ SYSCALL_DEFINE5(pciconfig_write, unsigned long, bus, unsigned long, dfn,
+ 	u32 dword;
+ 	int err = 0;
+
+-	if (!capable(CAP_SYS_ADMIN))
++	if (!capable(CAP_SYS_ADMIN) || kernel_is_locked_down())
+ 		return -EPERM;
+
+ 	dev = pci_get_bus_and_slot(bus, dfn);
+-- 
+2.9.3
+
+From 18f4177e0a147adccbbacb1fa95e340352228db3 Mon Sep 17 00:00:00 2001
+From: Matthew Garrett <matthew.garrett@nebula.com>
+Date: Tue, 22 Nov 2016 08:46:16 +0000
+Subject: [PATCH 20/32] x86: Lock down IO port access when the kernel is locked
+ down
+
+IO port access would permit users to gain access to PCI configuration
+registers, which in turn (on a lot of hardware) give access to MMIO
+register space. This would potentially permit root to trigger arbitrary
+DMA, so lock it down by default.
+
+This also implicitly locks down the KDADDIO, KDDELIO, KDENABIO and
+KDDISABIO console ioctls.
+
+Signed-off-by: Matthew Garrett <matthew.garrett@nebula.com>
+Signed-off-by: David Howells <dhowells@redhat.com>
+---
+ arch/x86/kernel/ioport.c | 4 ++--
+ drivers/char/mem.c       | 2 ++
+ 2 files changed, 4 insertions(+), 2 deletions(-)
+
+diff --git a/arch/x86/kernel/ioport.c b/arch/x86/kernel/ioport.c
+index 589b319..f0789ab 100644
+--- a/arch/x86/kernel/ioport.c
++++ b/arch/x86/kernel/ioport.c
+@@ -28,7 +28,7 @@ asmlinkage long sys_ioperm(unsigned long from, unsigned long num, int turn_on)
+
+ 	if ((from + num <= from) || (from + num > IO_BITMAP_BITS))
+ 		return -EINVAL;
+-	if (turn_on && !capable(CAP_SYS_RAWIO))
++	if (turn_on && (!capable(CAP_SYS_RAWIO) || kernel_is_locked_down()))
+ 		return -EPERM;
+
+ 	/*
+@@ -108,7 +108,7 @@ SYSCALL_DEFINE1(iopl, unsigned int, level)
+ 		return -EINVAL;
+ 	/* Trying to gain more privileges? */
+ 	if (level > old) {
+-		if (!capable(CAP_SYS_RAWIO))
++		if (!capable(CAP_SYS_RAWIO) || kernel_is_locked_down())
+ 			return -EPERM;
+ 	}
+ 	regs->flags = (regs->flags & ~X86_EFLAGS_IOPL) |
+diff --git a/drivers/char/mem.c b/drivers/char/mem.c
+index 6441d21..f653c36 100644
+--- a/drivers/char/mem.c
++++ b/drivers/char/mem.c
+@@ -743,6 +743,8 @@ static loff_t memory_lseek(struct file *file, loff_t offset, int orig)
+
+ static int open_port(struct inode *inode, struct file *filp)
+ {
++	if (kernel_is_locked_down())
++		return -EPERM;
+ 	return capable(CAP_SYS_RAWIO) ? 0 : -EPERM;
+ }
+
+-- 
+2.9.3
+
+From bdd2ae6c0c8ce5a4dadaa41019a6e065e9aa9128 Mon Sep 17 00:00:00 2001
+From: Matthew Garrett <matthew.garrett@nebula.com>
+Date: Tue, 22 Nov 2016 08:46:17 +0000
+Subject: [PATCH 21/32] x86: Restrict MSR access when the kernel is locked down
+
+Writing to MSRs should not be allowed if the kernel is locked down, since
+it could lead to execution of arbitrary code in kernel mode.  Based on a
+patch by Kees Cook.
+
+Cc: Kees Cook <keescook@chromium.org>
+Signed-off-by: Matthew Garrett <matthew.garrett@nebula.com>
+Signed-off-by: David Howells <dhowells@redhat.com>
+---
+ arch/x86/kernel/msr.c | 7 +++++++
+ 1 file changed, 7 insertions(+)
+
+diff --git a/arch/x86/kernel/msr.c b/arch/x86/kernel/msr.c
+index 7f3550a..90cddc1 100644
+--- a/arch/x86/kernel/msr.c
++++ b/arch/x86/kernel/msr.c
+@@ -83,6 +83,9 @@ static ssize_t msr_write(struct file *file, const char __user *buf,
+ 	int err = 0;
+ 	ssize_t bytes = 0;
+
++	if (kernel_is_locked_down())
++		return -EPERM;
++
+ 	if (count % 8)
+ 		return -EINVAL;	/* Invalid chunk size */
+
+@@ -130,6 +133,10 @@ static long msr_ioctl(struct file *file, unsigned int ioc, unsigned long arg)
+ 			err = -EBADF;
+ 			break;
+ 		}
++		if (kernel_is_locked_down()) {
++			err = -EPERM;
++			break;
++		}
+ 		if (copy_from_user(&regs, uregs, sizeof regs)) {
+ 			err = -EFAULT;
+ 			break;
+-- 
+2.9.3
+
+From 50d0b2fd4e13f1da62d7bfabe7559cdaaceee06b Mon Sep 17 00:00:00 2001
+From: Matthew Garrett <matthew.garrett@nebula.com>
+Date: Tue, 22 Nov 2016 08:46:16 +0000
+Subject: [PATCH 22/32] asus-wmi: Restrict debugfs interface when the kernel is
+ locked down
+
+We have no way of validating what all of the Asus WMI methods do on a given
+machine - and there's a risk that some will allow hardware state to be
+manipulated in such a way that arbitrary code can be executed in the
+kernel, circumventing module loading restrictions.  Prevent that if the
+kernel is locked down.
+
+Signed-off-by: Matthew Garrett <matthew.garrett@nebula.com>
+Signed-off-by: David Howells <dhowells@redhat.com>
+---
+ drivers/platform/x86/asus-wmi.c | 9 +++++++++
+ 1 file changed, 9 insertions(+)
+
+diff --git a/drivers/platform/x86/asus-wmi.c b/drivers/platform/x86/asus-wmi.c
+index ce6ca31..d860017 100644
+--- a/drivers/platform/x86/asus-wmi.c
++++ b/drivers/platform/x86/asus-wmi.c
+@@ -1872,6 +1872,9 @@ static int show_dsts(struct seq_file *m, void *data)
+ 	int err;
+ 	u32 retval = -1;
+
++	if (kernel_is_locked_down())
++		return -EPERM;
++
+ 	err = asus_wmi_get_devstate(asus, asus->debug.dev_id, &retval);
+
+ 	if (err < 0)
+@@ -1888,6 +1891,9 @@ static int show_devs(struct seq_file *m, void *data)
+ 	int err;
+ 	u32 retval = -1;
+
++	if (kernel_is_locked_down())
++		return -EPERM;
++
+ 	err = asus_wmi_set_devstate(asus->debug.dev_id, asus->debug.ctrl_param,
+ 				    &retval);
+
+@@ -1912,6 +1918,9 @@ static int show_call(struct seq_file *m, void *data)
+ 	union acpi_object *obj;
+ 	acpi_status status;
+
++	if (kernel_is_locked_down())
++		return -EPERM;
++
+ 	status = wmi_evaluate_method(ASUS_WMI_MGMT_GUID,
+ 				     1, asus->debug.method_id,
+ 				     &input, &output);
+-- 
+2.9.3
+
+From 88156357adede0ba4060adb0934d08e75afb6e9d Mon Sep 17 00:00:00 2001
+From: Matthew Garrett <matthew.garrett@nebula.com>
+Date: Tue, 22 Nov 2016 08:46:16 +0000
+Subject: [PATCH 23/32] ACPI: Limit access to custom_method when the kernel is
+ locked down
+
+custom_method effectively allows arbitrary access to system memory, making
+it possible for an attacker to circumvent restrictions on module loading.
+Disable it if the kernel is locked down.
+
+Signed-off-by: Matthew Garrett <matthew.garrett@nebula.com>
+Signed-off-by: David Howells <dhowells@redhat.com>
+---
+ drivers/acpi/custom_method.c | 3 +++
+ 1 file changed, 3 insertions(+)
+
+diff --git a/drivers/acpi/custom_method.c b/drivers/acpi/custom_method.c
+index c68e724..e4d721c 100644
+--- a/drivers/acpi/custom_method.c
++++ b/drivers/acpi/custom_method.c
+@@ -29,6 +29,9 @@ static ssize_t cm_write(struct file *file, const char __user * user_buf,
+ 	struct acpi_table_header table;
+ 	acpi_status status;
+
++	if (kernel_is_locked_down())
++		return -EPERM;
++
+ 	if (!(*ppos)) {
+ 		/* parse the table header to get the table length */
+ 		if (count <= sizeof(struct acpi_table_header))
+-- 
+2.9.3
+
+From 960205f64271826552eec6d7ba34144b1615c376 Mon Sep 17 00:00:00 2001
+From: Josh Boyer <jwboyer@redhat.com>
+Date: Tue, 22 Nov 2016 08:46:16 +0000
+Subject: [PATCH 24/32] acpi: Ignore acpi_rsdp kernel param when the kernel has
+ been locked down
+
+This option allows userspace to pass the RSDP address to the kernel, which
+makes it possible for a user to circumvent any restrictions imposed on
+loading modules.  Ignore the option when the kernel is locked down.
+
+Signed-off-by: Josh Boyer <jwboyer@redhat.com>
+Signed-off-by: David Howells <dhowells@redhat.com>
+---
+ drivers/acpi/osl.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/drivers/acpi/osl.c b/drivers/acpi/osl.c
+index 416953a..79f3d03 100644
+--- a/drivers/acpi/osl.c
++++ b/drivers/acpi/osl.c
+@@ -191,7 +191,7 @@ early_param("acpi_rsdp", setup_acpi_rsdp);
+ 	acpi_physical_address pa = 0;
+ 
+ #ifdef CONFIG_KEXEC
+-	if (acpi_rsdp)
++	if (acpi_rsdp && !kernel_is_locked_down())
+ 		return acpi_rsdp;
+ #endif
+
+-- 
+2.9.3
+
+From 2f200d295a041b154f3938940c2d8aa1742f1379 Mon Sep 17 00:00:00 2001
+From: Linn Crosetto <linn@hpe.com>
+Date: Wed, 23 Nov 2016 13:32:27 +0000
+Subject: [PATCH 25/32] acpi: Disable ACPI table override if the kernel is
+ locked down
+
+From the kernel documentation (initrd_table_override.txt):
+
+  If the ACPI_INITRD_TABLE_OVERRIDE compile option is true, it is possible
+  to override nearly any ACPI table provided by the BIOS with an
+  instrumented, modified one.
+
+When securelevel is set, the kernel should disallow any unauthenticated
+changes to kernel space.  ACPI tables contain code invoked by the kernel,
+so do not allow ACPI tables to be overridden if the kernel is locked down.
+
+Signed-off-by: Linn Crosetto <linn@hpe.com>
+Signed-off-by: David Howells <dhowells@redhat.com>
+---
+ drivers/acpi/tables.c | 5 +++++
+ 1 file changed, 5 insertions(+)
+
+diff --git a/drivers/acpi/tables.c b/drivers/acpi/tables.c
+index cdd56c4..c657c08 100644
+--- a/drivers/acpi/tables.c
++++ b/drivers/acpi/tables.c
+@@ -545,6 +545,11 @@ void __init acpi_table_upgrade(void)
+ 	if (table_nr == 0)
+ 		return;
+
++	if (kernel_is_locked_down()) {
++		pr_notice("kernel is locked down, ignoring table override\n");
++		return;
++	}
++
+ 	acpi_tables_addr =
+ 		memblock_find_in_range(0, ACPI_TABLE_UPGRADE_MAX_PHYS,
+ 				       all_tables_size, PAGE_SIZE);
+-- 
+2.9.3
+
+From 6244dff831988f59797add76cee80c73961d5ac5 Mon Sep 17 00:00:00 2001
+From: Linn Crosetto <linn@hpe.com>
+Date: Wed, 23 Nov 2016 13:39:41 +0000
+Subject: [PATCH 26/32] acpi: Disable APEI error injection if the kernel is
+ locked down
+
+ACPI provides an error injection mechanism, EINJ, for debugging and testing
+the ACPI Platform Error Interface (APEI) and other RAS features.  If
+supported by the firmware, ACPI specification 5.0 and later provide for a
+way to specify a physical memory address to which to inject the error.
+
+Injecting errors through EINJ can produce errors which to the platform are
+indistinguishable from real hardware errors.  This can have undesirable
+side-effects, such as causing the platform to mark hardware as needing
+replacement.
+
+While it does not provide a method to load unauthenticated privileged code,
+the effect of these errors may persist across reboots and affect trust in
+the underlying hardware, so disable error injection through EINJ if
+the kernel is locked down.
+
+Signed-off-by: Linn Crosetto <linn@hpe.com>
+Signed-off-by: David Howells <dhowells@redhat.com>
+---
+ drivers/acpi/apei/einj.c | 3 +++
+ 1 file changed, 3 insertions(+)
+
+diff --git a/drivers/acpi/apei/einj.c b/drivers/acpi/apei/einj.c
+index eebb7e3..e4f126a 100644
+--- a/drivers/acpi/apei/einj.c
++++ b/drivers/acpi/apei/einj.c
+@@ -518,6 +518,9 @@ static int einj_error_inject(u32 type, u32 flags, u64 param1, u64 param2,
+ 	int rc;
+ 	u64 base_addr, size;
+
++	if (kernel_is_locked_down())
++		return -EPERM;
++
+ 	/* If user manually set "flags", make sure it is legal */
+ 	if (flags && (flags &
+ 		~(SETWA_FLAGS_APICID|SETWA_FLAGS_MEM|SETWA_FLAGS_PCIE_SBDF)))
+-- 
+2.9.3
+
+From a17a541d1af379c3d6ff21924c212f9e2e38c1c8 Mon Sep 17 00:00:00 2001
+From: Matthew Garrett <mjg59@coreos.com>
+Date: Wed, 23 Nov 2016 13:41:23 +0000
+Subject: [PATCH 27/32] Enable cold boot attack mitigation
+
+---
+ arch/x86/boot/compressed/eboot.c | 28 ++++++++++++++++++++++++++++
+ 1 file changed, 28 insertions(+)
+
+diff --git a/arch/x86/boot/compressed/eboot.c b/arch/x86/boot/compressed/eboot.c
+index 5b151c2..5093a76 100644
+--- a/arch/x86/boot/compressed/eboot.c
++++ b/arch/x86/boot/compressed/eboot.c
+@@ -774,6 +774,31 @@ void setup_graphics(struct boot_params *boot_params)
+ 	}
+ }
+
++#define MEMORY_ONLY_RESET_CONTROL_GUID \
++	EFI_GUID (0xe20939be, 0x32d4, 0x41be, 0xa1, 0x50, 0x89, 0x7f, 0x85, 0xd4, 0x98, 0x29)
++
++static void enable_reset_attack_mitigation(void)
++{
++	static const efi_guid_t var_guid = MEMORY_ONLY_RESET_CONTROL_GUID;
++	static const efi_char16_t MemoryOverwriteRequestControl_name[] = {
++		'M', 'e', 'm', 'o', 'r', 'y',
++		'O', 'v', 'e', 'r', 'w', 'r', 'i', 't', 'e',
++		'R', 'e', 'q', 'u', 'e', 's', 't',
++		'C', 'o', 'n', 't', 'r', 'o', 'l',
++		0
++	};
++	u8 val = 1;
++
++	/* Ignore the return value here - there's not really a lot we can do */
++	efi_call_runtime(set_variable,
++			(efi_char16_t *)MemoryOverwriteRequestControl_name,
++			(efi_guid_t *)&var_guid,
++			EFI_VARIABLE_NON_VOLATILE |
++			EFI_VARIABLE_BOOTSERVICE_ACCESS |
++			EFI_VARIABLE_RUNTIME_ACCESS,
++			sizeof(val), val);
++}
++
+ /*
+  * Because the x86 boot code expects to be passed a boot_params we
+  * need to create one ourselves (usually the bootloader would create
+@@ -1158,6 +1183,9 @@ struct boot_params *efi_main(struct efi_config *c,
+ 	else
+ 		setup_boot_services32(efi_early);
+
++	/* Ask the firmware to clear memory if we don't have a clean shutdown */
++	enable_reset_attack_mitigation();
++
+ 	boot_params->secure_boot = efi_get_secureboot(sys_table);
+
+ 	setup_graphics(boot_params);
+-- 
+2.9.3
+
+From c9c34942d873f7a09b9c7211bda3063354ff5706 Mon Sep 17 00:00:00 2001
+From: "Lee, Chun-Yi" <jlee@suse.com>
+Date: Wed, 23 Nov 2016 13:52:16 +0000
+Subject: [PATCH 28/32] bpf: Restrict kernel image access functions when the
+ kernel is locked down
+
+There are some bpf functions can be used to read kernel memory:
+bpf_probe_read, bpf_probe_write_user and bpf_trace_printk.  These allow
+private keys in kernel memory (e.g. the hibernation image signing key) to
+be read by an eBPF program.  Prohibit those functions when the kernel is
+locked down.
+
+Signed-off-by: Lee, Chun-Yi <jlee@suse.com>
+Signed-off-by: David Howells <dhowells@redhat.com>
+---
+ kernel/trace/bpf_trace.c | 11 +++++++++++
+ 1 file changed, 11 insertions(+)
+
+diff --git a/kernel/trace/bpf_trace.c b/kernel/trace/bpf_trace.c
+index 5dcb992..474e001 100644
+--- a/kernel/trace/bpf_trace.c
++++ b/kernel/trace/bpf_trace.c
+@@ -65,6 +65,11 @@ BPF_CALL_3(bpf_probe_read, void *, dst, u32, size, const void *, unsafe_ptr)
+ {
+ 	int ret;
+
++	if (kernel_is_locked_down()) {
++		memset(dst, 0, size);
++		return -EPERM;
++	}
++
+ 	ret = probe_kernel_read(dst, unsafe_ptr, size);
+ 	if (unlikely(ret < 0))
+ 		memset(dst, 0, size);
+@@ -84,6 +89,9 @@ static const struct bpf_func_proto bpf_probe_read_proto = {
+ BPF_CALL_3(bpf_probe_write_user, void *, unsafe_ptr, const void *, src,
+ 	   u32, size)
+ {
++	if (kernel_is_locked_down())
++		return -EPERM;
++
+ 	/*
+ 	 * Ensure we're in user context which is safe for the helper to
+ 	 * run. This helper has no business in a kthread.
+@@ -143,6 +151,9 @@ BPF_CALL_5(bpf_trace_printk, char *, fmt, u32, fmt_size, u64, arg1,
+ 	if (fmt[--fmt_size] != 0)
+ 		return -EINVAL;
+
++	if (kernel_is_locked_down())
++		return __trace_printk(1, fmt, 0, 0, 0);
++
+ 	/* check format string for allowed specifiers */
+ 	for (i = 0; i < fmt_size; i++) {
+ 		if ((!isprint(fmt[i]) && !isspace(fmt[i])) || !isascii(fmt[i]))
+-- 
+2.9.3
+
+From 04485aa7865dc340f38e32ad29793c625167acf3 Mon Sep 17 00:00:00 2001
+From: David Howells <dhowells@redhat.com>
+Date: Tue, 22 Nov 2016 10:10:34 +0000
+Subject: [PATCH 29/32] scsi: Lock down the eata driver
+
+When the kernel is running in secure boot mode, we lock down the kernel to
+prevent userspace from modifying the running kernel image.  Whilst this
+includes prohibiting access to things like /dev/mem, it must also prevent
+access by means of configuring driver modules in such a way as to cause a
+device to access or modify the kernel image.
+
+The eata driver takes a single string parameter that contains a slew of
+settings, including hardware resource configuration.  Prohibit use of the
+parameter if the kernel is locked down.
+
+Suggested-by: One Thousand Gnomes <gnomes@lxorguk.ukuu.org.uk>
+Signed-off-by: David Howells <dhowells@redhat.com>
+cc: Dario Ballabio <ballabio_dario@emc.com>
+cc: "James E.J. Bottomley" <jejb@linux.vnet.ibm.com>
+cc: "Martin K. Petersen" <martin.petersen@oracle.com>
+cc: linux-scsi@vger.kernel.org
+---
+ drivers/scsi/eata.c | 7 ++++++-
+ 1 file changed, 6 insertions(+), 1 deletion(-)
+
+diff --git a/drivers/scsi/eata.c b/drivers/scsi/eata.c
+index 227dd2c..5c036d1 100644
+--- a/drivers/scsi/eata.c
++++ b/drivers/scsi/eata.c
+@@ -1552,8 +1552,13 @@ static int eata2x_detect(struct scsi_host_template *tpnt)
+
+ 	tpnt->proc_name = "eata2x";
+
+-	if (strlen(boot_options))
++	if (strlen(boot_options)) {
++		if (kernel_is_locked_down()) {
++			pr_err("Command line-specified device addresses, irqs and dma channels are not permitted when the kernel is locked down\n");
++			return -EPERM;
++		}
+ 		option_setup(boot_options);
++	}
+
+ #if defined(MODULE)
+ 	/* io_port could have been modified when loading as a module */
+-- 
+2.9.3
+
+From b1e8f012b7b17e0146f8e63de51f6f45819c859e Mon Sep 17 00:00:00 2001
+From: David Howells <dhowells@redhat.com>
+Date: Fri, 25 Nov 2016 14:37:45 +0000
+Subject: [PATCH 30/32] Prohibit PCMCIA CIS storage when the kernel is locked
+ down
+
+Prohibit replacement of the PCMCIA Card Information Structure when the
+kernel is locked down.
+
+Signed-off-by: David Howells <dhowells@redhat.com>
+---
+ drivers/pcmcia/cistpl.c | 5 +++++
+ 1 file changed, 5 insertions(+)
+
+diff --git a/drivers/pcmcia/cistpl.c b/drivers/pcmcia/cistpl.c
+index 55ef7d1..193e4f7 100644
+--- a/drivers/pcmcia/cistpl.c
++++ b/drivers/pcmcia/cistpl.c
+@@ -1578,6 +1578,11 @@ static ssize_t pccard_store_cis(struct file *filp, struct kobject *kobj,
+ 	struct pcmcia_socket *s;
+ 	int error;
+
++	if (kernel_is_locked_down()) {
++		pr_err("Direct CIS storage isn't permitted when the kernel is locked down\n");
++		return -EPERM;
++	}
++
+ 	s = to_socket(container_of(kobj, struct device, kobj));
+
+ 	if (off)
+-- 
+2.9.3
+
+From 66d9c09b9427719e3c6a34132e9ca0724cb1e3a8 Mon Sep 17 00:00:00 2001
+From: David Howells <dhowells@redhat.com>
+Date: Wed, 7 Dec 2016 10:28:39 +0000
+Subject: [PATCH 31/32] Lock down TIOCSSERIAL
+
+Lock down TIOCSSERIAL as that can be used to change the ioport and irq
+settings on a serial port.  This only appears to be an issue for the serial
+drivers that use the core serial code.  All other drivers seem to either
+ignore attempts to change port/irq or give an error.
+
+Reported-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+Signed-off-by: David Howells <dhowells@redhat.com>
+---
+ drivers/tty/serial/serial_core.c | 6 ++++++
+ 1 file changed, 6 insertions(+)
+
+diff --git a/drivers/tty/serial/serial_core.c b/drivers/tty/serial/serial_core.c
+index f2303f3..f2c07fa 100644
+--- a/drivers/tty/serial/serial_core.c
++++ b/drivers/tty/serial/serial_core.c
+@@ -819,6 +819,12 @@ static int uart_set_info(struct tty_struct *tty, struct tty_port *port,
+ 	new_flags = new_info->flags;
+ 	old_custom_divisor = uport->custom_divisor;
+
++	if ((change_port || change_irq) && kernel_is_locked_down()) {
++		pr_err("Using TIOCSSERIAL to change device addresses, irqs and dma channels is not permitted when the kernel is locked down\n");
++		retval = -EPERM;
++		goto exit;
++	}
++
+ 	if (!capable(CAP_SYS_ADMIN)) {
+ 		retval = -EPERM;
+ 		if (change_irq || change_port ||
+-- 
+2.9.3
diff --git a/gitrev b/gitrev
index 883ce8645..11f63e20b 100644
--- a/gitrev
+++ b/gitrev
@@ -1 +1 @@
-e7aa8c2eb11ba69b1b69099c3c7bd6be3087b0ba
+cdb98c2698b4af287925abcba4d77d92af82a0c3
diff --git a/hibernate-Disable-in-a-signed-modules-environment.patch b/hibernate-Disable-in-a-signed-modules-environment.patch
deleted file mode 100644
index 0cbf94137..000000000
--- a/hibernate-Disable-in-a-signed-modules-environment.patch
+++ /dev/null
@@ -1,39 +0,0 @@
-From 6c56c15ec618a508b0eca98571780a8b7114cb92 Mon Sep 17 00:00:00 2001
-From: Josh Boyer <jwboyer@fedoraproject.org>
-Date: Fri, 20 Jun 2014 08:53:24 -0400
-Subject: [PATCH 14/20] hibernate: Disable in a signed modules environment
-
-There is currently no way to verify the resume image when returning
-from hibernate.  This might compromise the signed modules trust model,
-so until we can work with signed hibernate images we disable it in
-a secure modules environment.
-
-Signed-off-by: Josh Boyer <jwboyer@fedoraproject.org>
----
- kernel/power/hibernate.c | 3 ++-
- 1 file changed, 2 insertions(+), 1 deletion(-)
-
-diff --git a/kernel/power/hibernate.c b/kernel/power/hibernate.c
-index b26dbc48c75b..ab187ad3fc61 100644
---- a/kernel/power/hibernate.c
-+++ b/kernel/power/hibernate.c
-@@ -29,6 +29,7 @@
- #include <linux/ctype.h>
- #include <linux/genhd.h>
- #include <linux/ktime.h>
-+#include <linux/module.h>
- #include <trace/events/power.h>
- 
- #include "power.h"
-@@ -67,7 +68,7 @@ static const struct platform_hibernation_ops *hibernation_ops;
- 
- bool hibernation_available(void)
- {
--	return (nohibernate == 0);
-+	return ((nohibernate == 0) && !secure_modules());
- }
- 
- /**
--- 
-2.9.3
-
diff --git a/kernel-aarch64-debug.config b/kernel-aarch64-debug.config
index b7728ad7f..e583d6640 100644
--- a/kernel-aarch64-debug.config
+++ b/kernel-aarch64-debug.config
@@ -33,12 +33,18 @@ CONFIG_9P_FS_SECURITY=y
 CONFIG_A11Y_BRAILLE_CONSOLE=y
 # CONFIG_AB3100_CORE is not set
 # CONFIG_AB3100_OTP is not set
+CONFIG_ABP060MG=m
 # CONFIG_ABX500_CORE is not set
 CONFIG_ACCESSIBILITY=y
 CONFIG_ACENIC=m
 # CONFIG_ACENIC_OMIT_TIGON_I is not set
 # CONFIG_ACORN_PARTITION is not set
 CONFIG_ACPI_ALS=m
+# CONFIG_ACPI_APEI_EINJ is not set
+# CONFIG_ACPI_APEI_ERST_DEBUG is not set
+CONFIG_ACPI_APEI_GHES=y
+CONFIG_ACPI_APEI_PCIEAER=y
+CONFIG_ACPI_APEI=y
 CONFIG_ACPI_BUTTON=m
 CONFIG_ACPI_CONFIGFS=m
 CONFIG_ACPI_CONTAINER=y
@@ -95,6 +101,7 @@ CONFIG_ACTISYS_DONGLE=m
 # CONFIG_AD7476 is not set
 # CONFIG_AD7606 is not set
 # CONFIG_AD7746 is not set
+CONFIG_AD7766=m
 # CONFIG_AD7780 is not set
 # CONFIG_AD7791 is not set
 # CONFIG_AD7793 is not set
@@ -252,8 +259,10 @@ CONFIG_ARM64_ERRATUM_843419=y
 CONFIG_ARM64_HW_AFDBM=y
 CONFIG_ARM64_LSE_ATOMICS=y
 CONFIG_ARM64_PAN=y
+CONFIG_ARM64_PTDUMP_DEBUGFS=y
 CONFIG_ARM64_PTDUMP=y
 # CONFIG_ARM64_RANDOMIZE_TEXT_OFFSET is not set
+# CONFIG_ARM64_SW_TTBR0_PAN is not set
 CONFIG_ARM64_UAO=y
 CONFIG_ARM64_VA_BITS=48
 CONFIG_ARM64_VA_BITS_48=y
@@ -461,6 +470,7 @@ CONFIG_BAYCOM_SER_HDX=m
 # CONFIG_BCACHE_DEBUG is not set
 CONFIG_BCACHE=m
 CONFIG_BCM2835_MBOX=y
+# CONFIG_BCM2835_VCHIQ is not set
 CONFIG_BCM2835_WDT=m
 CONFIG_BCM63XX_PHY=m
 # CONFIG_BCM7038_WDT is not set
@@ -533,6 +543,10 @@ CONFIG_BLK_DEV_THROTTLING=y
 # CONFIG_BLK_DEV_UB is not set
 CONFIG_BLK_DEV_UMEM=m
 CONFIG_BLK_DEV=y
+CONFIG_BLK_DEV_ZONED=y
+CONFIG_BLK_WBT_MQ=y
+# CONFIG_BLK_WBT_SQ is not set
+CONFIG_BLK_WBT=y
 # CONFIG_BMA180 is not set
 # CONFIG_BMA220 is not set
 CONFIG_BMC150_ACCEL=m
@@ -828,8 +842,17 @@ CONFIG_CNIC=m
 # CONFIG_COMMON_CLK_CDCE706 is not set
 # CONFIG_COMMON_CLK_CDCE925 is not set
 # CONFIG_COMMON_CLK_CS2000_CP is not set
+# CONFIG_COMMON_CLK_HI3516CV300 is not set
 # CONFIG_COMMON_CLK_HI3519 is not set
+# CONFIG_COMMON_CLK_HI3798CV200 is not set
 CONFIG_COMMON_CLK_HI6220=y
+# CONFIG_COMMON_CLK_MT2701_BDPSYS is not set
+# CONFIG_COMMON_CLK_MT2701_ETHSYS is not set
+# CONFIG_COMMON_CLK_MT2701_HIFSYS is not set
+# CONFIG_COMMON_CLK_MT2701_IMGSYS is not set
+# CONFIG_COMMON_CLK_MT2701 is not set
+# CONFIG_COMMON_CLK_MT2701_MMSYS is not set
+# CONFIG_COMMON_CLK_MT2701_VDECSYS is not set
 # CONFIG_COMMON_CLK_MT8135 is not set
 # CONFIG_COMMON_CLK_MT8173 is not set
 # CONFIG_COMMON_CLK_OXNAS is not set
@@ -1004,6 +1027,8 @@ CONFIG_CW1200_WLAN_SPI=m
 # CONFIG_CX_ECAT is not set
 CONFIG_CYCLADES=m
 # CONFIG_CYZ_INTR is not set
+CONFIG_DA280=m
+CONFIG_DA311=m
 CONFIG_DAVICOM_PHY=m
 CONFIG_DCB=y
 # CONFIG_DDR is not set
@@ -1075,6 +1100,7 @@ CONFIG_DEBUG_VM_PGFLAGS=y
 CONFIG_DEBUG_VM=y
 # CONFIG_DEBUG_WQ_FORCE_RR_CPU is not set
 # CONFIG_DEBUG_WW_MUTEX_SLOWPATH is not set
+CONFIG_DEBUG_WX=y
 # CONFIG_DECNET is not set
 CONFIG_DEFAULT_CFQ=y
 CONFIG_DEFAULT_HOSTNAME="(none)"
@@ -1108,9 +1134,11 @@ CONFIG_DMADEVICES_DEBUG=y
 # CONFIG_DMADEVICES_VDEBUG is not set
 CONFIG_DMADEVICES=y
 CONFIG_DMA_ENGINE=y
+# CONFIG_DMA_FENCE_TRACE is not set
 CONFIG_DMA_OF=y
 # CONFIG_DMARD06 is not set
 # CONFIG_DMARD09 is not set
+CONFIG_DMARD10=m
 # CONFIG_DMATEST is not set
 CONFIG_DMA_VIRTUAL_CHANNELS=y
 CONFIG_DM_CACHE_CLEANER=m
@@ -1148,6 +1176,7 @@ CONFIG_DP83640_PHY=m
 CONFIG_DP83848_PHY=m
 CONFIG_DP83867_PHY=m
 # CONFIG_DPM_WATCHDOG is not set # revisit this in debug
+CONFIG_DPOT_DAC=m
 CONFIG_DRAGONRISE_FF=y
 CONFIG_DRBD_FAULT_INJECTION=y
 CONFIG_DRM_AMD_ACP=y
@@ -1166,19 +1195,25 @@ CONFIG_DRM_BOCHS=m
 CONFIG_DRM_CIRRUS_QEMU=m # do not enable on f17 or older
 CONFIG_DRM_DP_AUX_CHARDEV=y
 # CONFIG_DRM_DUMB_VGA_DAC is not set
+CONFIG_DRM_DW_HDMI_I2S_AUDIO=m
 CONFIG_DRM_FBDEV_EMULATION=y
 CONFIG_DRM_HDLCD=m
 # CONFIG_DRM_HDLCD_SHOW_UNDERRUN is not set
+CONFIG_DRM_HISI_HIBMC=m
 CONFIG_DRM_HISI_KIRIN=m
+CONFIG_DRM_I2C_ADV7511_AUDIO=y
 CONFIG_DRM_I2C_ADV7511=m
 # CONFIG_DRM_I2C_ADV7533 is not set
 CONFIG_DRM_I2C_CH7006=m
 CONFIG_DRM_I2C_NXP_TDA998X=m
 CONFIG_DRM_I2C_SIL164=m
 # CONFIG_DRM_I810 is not set
+# CONFIG_DRM_I915_ALPHA_SUPPORT is not set
+CONFIG_DRM_I915_CAPTURE_ERROR=y
+CONFIG_DRM_I915_COMPRESS_ERROR=y
+CONFIG_DRM_I915_GVT_KVMGT=m
 CONFIG_DRM_I915_GVT=y
 CONFIG_DRM_I915=m
-# CONFIG_DRM_I915_PRELIMINARY_HW_SUPPORT is not set
 CONFIG_DRM_I915_USERPTR=y
 # CONFIG_DRM_LEGACY is not set
 CONFIG_DRM_LOAD_EDID_FIRMWARE=y
@@ -1190,6 +1225,7 @@ CONFIG_DRM_MGAG200=m # do not enable on f17 or older
 CONFIG_DRM_MSM_HDMI_HDCP=y
 CONFIG_DRM_MSM=m
 # CONFIG_DRM_MSM_REGISTER_LOGGING is not set
+CONFIG_DRM_MXSFB=m
 CONFIG_DRM_NOUVEAU_BACKLIGHT=y
 CONFIG_DRM_NOUVEAU=m
 # CONFIG_DRM_NXP_PTN3460 is not set
@@ -1210,11 +1246,13 @@ CONFIG_DRM_RADEON_USERPTR=y
 CONFIG_DRM_ROCKCHIP=m
 # CONFIG_DRM_SAVAGE is not set
 # CONFIG_DRM_SII902X is not set
+CONFIG_DRM_SIL_SII8620=m
 # CONFIG_DRM_SIS is not set
 # CONFIG_DRM_TDFX is not set
 # CONFIG_DRM_TEGRA_DEBUG is not set
 CONFIG_DRM_TEGRA=m
 CONFIG_DRM_TEGRA_STAGING=y
+CONFIG_DRM_TI_TFP410=m
 # CONFIG_DRM_TOSHIBA_TC358767 is not set
 CONFIG_DRM_UDL=m
 CONFIG_DRM_VC4=m
@@ -1339,10 +1377,12 @@ CONFIG_EEPROM_AT24=m
 # CONFIG_EEPROM_AT25 is not set
 CONFIG_EEPROM_LEGACY=m
 CONFIG_EEPROM_MAX6875=m
+# CONFIG_EFI_ALLOW_SECURE_BOOT_EXIT is not set
 # CONFIG_EFI_BOOTLOADER_CONTROL is not set
 # CONFIG_EFI_CAPSULE_LOADER is not set
 CONFIG_EFI_PARTITION=y
 CONFIG_EFI_PGT_DUMP=y
+# CONFIG_EFI_SECURE_BOOT_LOCK_DOWN is not set
 # CONFIG_EFI_SIGNATURE_LIST_PARSER is not set
 # CONFIG_EFI_TEST is not set
 CONFIG_EFIVAR_FS=y
@@ -1359,6 +1399,7 @@ CONFIG_ENABLE_MUST_CHECK=y
 CONFIG_ENCLOSURE_SERVICES=m
 CONFIG_ENCRYPTED_KEYS=m
 CONFIG_ENIC=m
+CONFIG_ENVELOPE_DETECTOR=m
 CONFIG_EPIC100=m
 CONFIG_EPOLL=y
 CONFIG_EQUALIZER=m
@@ -1506,7 +1547,6 @@ CONFIG_FCOE_FNIC=m
 CONFIG_FCOE=m
 # CONFIG_FDDI is not set
 CONFIG_FEALNX=m
-# CONFIG_FENCE_TRACE is not set
 CONFIG_FHANDLE=y
 # CONFIG_FIREWIRE is not set
 CONFIG_FIREWIRE_NET=m
@@ -1821,10 +1861,12 @@ CONFIG_HOTPLUG=y
 # CONFIG_HSR is not set
 # CONFIG_HSU_DMA is not set
 # CONFIG_HSU_DMA_PCI is not set
+CONFIG_HT16K33=m
 # CONFIG_HTC_EGPIO is not set
 # CONFIG_HTC_I2CPLD is not set
 # CONFIG_HTC_PASIC3 is not set
 CONFIG_HT_IRQ=y
+CONFIG_HTS221=m
 # CONFIG_HTU21 is not set
 CONFIG_HUGETLBFS=y
 CONFIG_HUGETLB_PAGE=y
@@ -1960,6 +2002,9 @@ CONFIG_IIO_BUFFER_CB=y
 CONFIG_IIO_BUFFER=y
 CONFIG_IIO_CONFIGFS=m
 CONFIG_IIO_CONSUMERS_PER_TRIGGER=2
+CONFIG_IIO_CROS_EC_SENSORS_CORE=m
+CONFIG_IIO_CROS_EC_SENSORS_COR=m
+CONFIG_IIO_CROS_EC_SENSORS=m
 # CONFIG_IIO_HRTIMER_TRIGGER is not set
 CONFIG_IIO_INTERRUPT_TRIGGER=m
 # CONFIG_IIO_KFIFO_BUF is not set
@@ -2084,6 +2129,8 @@ CONFIG_INPUT_PCF50633_PMU=m
 # CONFIG_INPUT_PCF8574 is not set
 CONFIG_INPUT_PCSPKR=m
 # CONFIG_INPUT_PM8941_PWRKEY is not set
+CONFIG_INPUT_PM8XXX_VIBRATOR=m
+CONFIG_INPUT_PMIC8XXX_PWRKEY=m
 CONFIG_INPUT_POLLDEV=m
 CONFIG_INPUT_POWERMATE=m
 CONFIG_INPUT_PWM_BEEPER=m
@@ -2436,6 +2483,7 @@ CONFIG_KEYBOARD_GPIO_POLLED=m
 # CONFIG_KEYBOARD_NEWTON is not set
 # CONFIG_KEYBOARD_OMAP4 is not set
 # CONFIG_KEYBOARD_OPENCORES is not set
+CONFIG_KEYBOARD_PMIC8XXX=m
 # CONFIG_KEYBOARD_QT1070 is not set
 # CONFIG_KEYBOARD_QT2160 is not set
 # CONFIG_KEYBOARD_SAMSUNG is not set
@@ -2529,6 +2577,7 @@ CONFIG_LEDS_LP3952=m
 CONFIG_LEDS_LT3593=m
 CONFIG_LEDS_MLXCPLD=m
 # CONFIG_LEDS_NET48XX is not set
+CONFIG_LEDS_NIC78BX=m
 # CONFIG_LEDS_OT200 is not set
 # CONFIG_LEDS_PCA9532 is not set
 # CONFIG_LEDS_PCA955X is not set
@@ -2553,6 +2602,7 @@ CONFIG_LEDS_TRIGGER_PANIC=y
 CONFIG_LEDS_TRIGGERS=y
 CONFIG_LEDS_TRIGGER_TIMER=m
 CONFIG_LEDS_TRIGGER_TRANSIENT=m
+CONFIG_LEDS_USER=m
 CONFIG_LEDS_WM831X_STATUS=m
 CONFIG_LEDS_WM8350=m
 CONFIG_LED_TRIGGER_PHY=y
@@ -2593,10 +2643,12 @@ CONFIG_LITELINK_DONGLE=m
 # CONFIG_LKDTM is not set
 # CONFIG_LLC2 is not set
 CONFIG_LLC=m
+CONFIG_LMP91000=m
 # CONFIG_LNET is not set
 CONFIG_LOCALVERSION=""
 # CONFIG_LOCALVERSION_AUTO is not set
 CONFIG_LOCKD=m
+# CONFIG_LOCK_DOWN_KERNEL is not set
 CONFIG_LOCKD_V4=y
 # CONFIG_LOCK_STAT is not set
 CONFIG_LOCK_TORTURE_TEST=m
@@ -2781,6 +2833,7 @@ CONFIG_MFD_MAX77620=y
 # CONFIG_MFD_NVEC is not set
 # CONFIG_MFD_PALMAS is not set
 # CONFIG_MFD_PCF50633 is not set
+CONFIG_MFD_PM8XXX=m
 CONFIG_MFD_QCOM_RPM=m
 # CONFIG_MFD_RDC321X is not set
 # CONFIG_MFD_RETU is not set
@@ -2891,6 +2944,7 @@ CONFIG_MMC_REALTEK_PCI=m
 CONFIG_MMC_REALTEK_USB=m
 CONFIG_MMC_RICOH_MMC=y
 CONFIG_MMC_SDHCI_ACPI=m
+CONFIG_MMC_SDHCI_CADENCE=m
 # CONFIG_MMC_SDHCI_F_SDH30 is not set
 CONFIG_MMC_SDHCI_IPROC=m
 CONFIG_MMC_SDHCI=m
@@ -2957,6 +3011,7 @@ CONFIG_MOVABLE_NODE=y
 # CONFIG_MPL3115 is not set
 CONFIG_MPLS_IPTUNNEL=m
 CONFIG_MPLS_ROUTING=m
+# CONFIG_MPU3050_I2C is not set
 # CONFIG_MS5611 is not set
 # CONFIG_MS5637 is not set
 # CONFIG_MS_BLOCK is not set
@@ -2966,6 +3021,7 @@ CONFIG_MSM_GCC_8660=m
 # CONFIG_MSM_GCC_8916 is not set
 CONFIG_MSM_GCC_8960=m
 CONFIG_MSM_GCC_8974=m
+# CONFIG_MSM_GCC_8994 is not set
 CONFIG_MSM_GCC_8996=m
 # CONFIG_MSM_LCC_8960 is not set
 CONFIG_MSM_MMCC_8960=m
@@ -3562,9 +3618,12 @@ CONFIG_NTP_PPS=y
 CONFIG_NUMA_BALANCING_DEFAULT_ENABLED=y
 CONFIG_NUMA_BALANCING=y
 CONFIG_NUMA=y
+CONFIG_NVME_FC=m
 CONFIG_NVMEM=m
 CONFIG_NVMEM_SUNXI_SID=m
 CONFIG_NVME_RDMA=m
+CONFIG_NVME_TARGET_FCLOOP=m
+CONFIG_NVME_TARGET_FC=m
 CONFIG_NVME_TARGET_LOOP=m
 CONFIG_NVME_TARGET=m
 CONFIG_NVME_TARGET_RDMA=m
@@ -3786,6 +3845,7 @@ CONFIG_PINCTRL_MAX77620=m
 # CONFIG_PINCTRL_MSM8660 is not set
 CONFIG_PINCTRL_MSM8916=y
 # CONFIG_PINCTRL_MSM8960 is not set
+CONFIG_PINCTRL_MSM8994=m
 CONFIG_PINCTRL_MSM8996=y
 # CONFIG_PINCTRL_MSM8X74 is not set
 CONFIG_PINCTRL_MSM=y
@@ -3795,6 +3855,7 @@ CONFIG_PINCTRL_QCOM_SPMI_PMIC=m
 # CONFIG_PINCTRL_QDF2XXX is not set
 CONFIG_PINCTRL_SINGLE=y
 # CONFIG_PINCTRL_SUNRISEPOINT is not set
+# CONFIG_PINCTRL_SX150X is not set
 CONFIG_PINCTRL=y
 CONFIG_PINMUX=y
 CONFIG_PKCS7_MESSAGE_PARSER=y
@@ -3897,7 +3958,10 @@ CONFIG_PWM_TEGRA=m
 CONFIG_PWM=y
 # CONFIG_PWRSEQ_EMMC is not set
 # CONFIG_PWRSEQ_SIMPLE is not set
+CONFIG_QCOM_ADSP_PIL=m
 CONFIG_QCOM_BAM_DMA=y
+# CONFIG_QCOM_CLK_RPM is not set
+# CONFIG_QCOM_CLK_SMD_RPM is not set
 CONFIG_QCOM_COINCELL=m
 # CONFIG_QCOM_EBI2 is not set
 CONFIG_QCOM_GSBI=y
@@ -4063,6 +4127,7 @@ CONFIG_REISERFS_FS_XATTR=y
 CONFIG_REISERFS_PROC_INFO=y
 CONFIG_RELAY=y
 # CONFIG_RELOCATABLE is not set
+CONFIG_REMOTEPROC=m
 CONFIG_RESET_CONTROLLER=y
 CONFIG_RESET_GPIO=y
 CONFIG_RESET_HISI=y
@@ -4285,6 +4350,7 @@ CONFIG_SCHED_SMT=y
 # CONFIG_SCHED_STACK_END_CHECK is not set
 CONFIG_SCHEDSTATS=y
 CONFIG_SCHED_TRACER=y
+# CONFIG_SCR24X is not set
 # CONFIG_SCSI_3W_9XXX is not set
 # CONFIG_SCSI_3W_SAS is not set
 # CONFIG_SCSI_AACRAID is not set
@@ -4542,10 +4608,12 @@ CONFIG_SENSORS_SIS5595=m
 CONFIG_SENSORS_SMSC47B397=m
 CONFIG_SENSORS_SMSC47M192=m
 CONFIG_SENSORS_SMSC47M1=m
+CONFIG_SENSORS_TC654=m
 CONFIG_SENSORS_TC74=m
 CONFIG_SENSORS_THMC50=m
 CONFIG_SENSORS_TMP102=m
 CONFIG_SENSORS_TMP103=m
+CONFIG_SENSORS_TMP108=m
 CONFIG_SENSORS_TMP401=m
 CONFIG_SENSORS_TMP421=m
 CONFIG_SENSORS_TPS40422=m
@@ -4959,6 +5027,7 @@ CONFIG_SPARSEMEM_VMEMMAP=y
 CONFIG_SPARSE_RCU_POINTER=y
 # CONFIG_SPEAKUP is not set
 # CONFIG_SPI_ALTERA is not set
+CONFIG_SPI_ARMADA_3700=m
 # CONFIG_SPI_AXI_SPI_ENGINE is not set
 CONFIG_SPI_BCM2835AUX=m
 CONFIG_SPI_BCM2835=m
@@ -4971,6 +5040,7 @@ CONFIG_SPI_DESIGNWARE=m
 # CONFIG_SPI_DW_MID_DMA is not set
 CONFIG_SPI_DW_MMIO=m
 CONFIG_SPI_DW_PCI=m
+CONFIG_SPI_FSL_LPSPI=m
 # CONFIG_SPI_FSL_SPI is not set
 CONFIG_SPI_GPIO=m
 # CONFIG_SPI_LM70_LLP is not set
@@ -5040,6 +5110,7 @@ CONFIG_STRIP_ASM_SYMS=y
 # CONFIG_STRIP is not set
 CONFIG_STUB_CLK_HI6220=y
 # CONFIG_SUN4I_EMAC is not set
+# CONFIG_SUN50I_A64_CCU is not set
 # CONFIG_SUN6I_A31_CCU is not set
 # CONFIG_SUN8I_A23_CCU is not set
 # CONFIG_SUN8I_A33_CCU is not set
@@ -5151,6 +5222,7 @@ CONFIG_TEHUTI=m
 CONFIG_TEKRAM_DONGLE=m
 CONFIG_TELCLOCK=m
 CONFIG_TERANETICS_PHY=m
+CONFIG_TEST_ASYNC_DRIVER_PROBE=m
 # CONFIG_TEST_BITMAP is not set
 # CONFIG_TEST_BPF is not set
 # CONFIG_TEST_FIRMWARE is not set
@@ -5325,6 +5397,7 @@ CONFIG_UHID=m
 CONFIG_UIO_AEC=m
 CONFIG_UIO_CIF=m
 # CONFIG_UIO_DMEM_GENIRQ is not set
+CONFIG_UIO_HV_GENERIC=m
 CONFIG_UIO=m
 # CONFIG_UIO_MF624 is not set
 # CONFIG_UIO_NETX is not set
@@ -5594,6 +5667,7 @@ CONFIG_USB_SERIAL_EDGEPORT=m
 CONFIG_USB_SERIAL_EDGEPORT_TI=m
 CONFIG_USB_SERIAL_EMPEG=m
 # CONFIG_USB_SERIAL_F81232 is not set
+CONFIG_USB_SERIAL_F8153X=m
 CONFIG_USB_SERIAL_FTDI_SIO=m
 CONFIG_USB_SERIAL_GARMIN=m
 CONFIG_USB_SERIAL_GENERIC=y
@@ -5729,6 +5803,8 @@ CONFIG_VFAT_FS=m
 CONFIG_VFIO_AMBA=m
 CONFIG_VFIO_IOMMU_TYPE1=m
 CONFIG_VFIO=m
+CONFIG_VFIO_MDEV_DEVICE=m
+CONFIG_VFIO_MDEV=m
 # CONFIG_VFIO_NOIOMMU is not set
 CONFIG_VFIO_PCI=m
 CONFIG_VFIO_PLATFORM_AMDXGBE_RESET=m
diff --git a/kernel-aarch64.config b/kernel-aarch64.config
index d5004c1f4..114e85e09 100644
--- a/kernel-aarch64.config
+++ b/kernel-aarch64.config
@@ -33,12 +33,18 @@ CONFIG_9P_FS_SECURITY=y
 CONFIG_A11Y_BRAILLE_CONSOLE=y
 # CONFIG_AB3100_CORE is not set
 # CONFIG_AB3100_OTP is not set
+CONFIG_ABP060MG=m
 # CONFIG_ABX500_CORE is not set
 CONFIG_ACCESSIBILITY=y
 CONFIG_ACENIC=m
 # CONFIG_ACENIC_OMIT_TIGON_I is not set
 # CONFIG_ACORN_PARTITION is not set
 CONFIG_ACPI_ALS=m
+# CONFIG_ACPI_APEI_EINJ is not set
+# CONFIG_ACPI_APEI_ERST_DEBUG is not set
+CONFIG_ACPI_APEI_GHES=y
+CONFIG_ACPI_APEI_PCIEAER=y
+CONFIG_ACPI_APEI=y
 CONFIG_ACPI_BUTTON=m
 CONFIG_ACPI_CONFIGFS=m
 CONFIG_ACPI_CONTAINER=y
@@ -95,6 +101,7 @@ CONFIG_ACTISYS_DONGLE=m
 # CONFIG_AD7476 is not set
 # CONFIG_AD7606 is not set
 # CONFIG_AD7746 is not set
+CONFIG_AD7766=m
 # CONFIG_AD7780 is not set
 # CONFIG_AD7791 is not set
 # CONFIG_AD7793 is not set
@@ -252,8 +259,10 @@ CONFIG_ARM64_ERRATUM_843419=y
 CONFIG_ARM64_HW_AFDBM=y
 CONFIG_ARM64_LSE_ATOMICS=y
 CONFIG_ARM64_PAN=y
+CONFIG_ARM64_PTDUMP_DEBUGFS=y
 # CONFIG_ARM64_PTDUMP is not set
 # CONFIG_ARM64_RANDOMIZE_TEXT_OFFSET is not set
+# CONFIG_ARM64_SW_TTBR0_PAN is not set
 CONFIG_ARM64_UAO=y
 CONFIG_ARM64_VA_BITS=48
 CONFIG_ARM64_VA_BITS_48=y
@@ -461,6 +470,7 @@ CONFIG_BAYCOM_SER_HDX=m
 # CONFIG_BCACHE_DEBUG is not set
 CONFIG_BCACHE=m
 CONFIG_BCM2835_MBOX=y
+# CONFIG_BCM2835_VCHIQ is not set
 CONFIG_BCM2835_WDT=m
 CONFIG_BCM63XX_PHY=m
 # CONFIG_BCM7038_WDT is not set
@@ -533,6 +543,10 @@ CONFIG_BLK_DEV_THROTTLING=y
 # CONFIG_BLK_DEV_UB is not set
 CONFIG_BLK_DEV_UMEM=m
 CONFIG_BLK_DEV=y
+CONFIG_BLK_DEV_ZONED=y
+CONFIG_BLK_WBT_MQ=y
+# CONFIG_BLK_WBT_SQ is not set
+CONFIG_BLK_WBT=y
 # CONFIG_BMA180 is not set
 # CONFIG_BMA220 is not set
 CONFIG_BMC150_ACCEL=m
@@ -828,8 +842,17 @@ CONFIG_CNIC=m
 # CONFIG_COMMON_CLK_CDCE706 is not set
 # CONFIG_COMMON_CLK_CDCE925 is not set
 # CONFIG_COMMON_CLK_CS2000_CP is not set
+# CONFIG_COMMON_CLK_HI3516CV300 is not set
 # CONFIG_COMMON_CLK_HI3519 is not set
+# CONFIG_COMMON_CLK_HI3798CV200 is not set
 CONFIG_COMMON_CLK_HI6220=y
+# CONFIG_COMMON_CLK_MT2701_BDPSYS is not set
+# CONFIG_COMMON_CLK_MT2701_ETHSYS is not set
+# CONFIG_COMMON_CLK_MT2701_HIFSYS is not set
+# CONFIG_COMMON_CLK_MT2701_IMGSYS is not set
+# CONFIG_COMMON_CLK_MT2701 is not set
+# CONFIG_COMMON_CLK_MT2701_MMSYS is not set
+# CONFIG_COMMON_CLK_MT2701_VDECSYS is not set
 # CONFIG_COMMON_CLK_MT8135 is not set
 # CONFIG_COMMON_CLK_MT8173 is not set
 # CONFIG_COMMON_CLK_OXNAS is not set
@@ -1003,6 +1026,8 @@ CONFIG_CW1200_WLAN_SPI=m
 # CONFIG_CX_ECAT is not set
 CONFIG_CYCLADES=m
 # CONFIG_CYZ_INTR is not set
+CONFIG_DA280=m
+CONFIG_DA311=m
 CONFIG_DAVICOM_PHY=m
 CONFIG_DCB=y
 # CONFIG_DDR is not set
@@ -1066,6 +1091,7 @@ CONFIG_DEBUG_SHIRQ=y
 CONFIG_DEBUG_VM=y
 # CONFIG_DEBUG_WQ_FORCE_RR_CPU is not set
 # CONFIG_DEBUG_WW_MUTEX_SLOWPATH is not set
+CONFIG_DEBUG_WX=y
 # CONFIG_DECNET is not set
 CONFIG_DEFAULT_CFQ=y
 CONFIG_DEFAULT_HOSTNAME="(none)"
@@ -1098,9 +1124,11 @@ CONFIG_DMA_CMA=y
 # CONFIG_DMADEVICES_DEBUG is not set
 CONFIG_DMADEVICES=y
 CONFIG_DMA_ENGINE=y
+# CONFIG_DMA_FENCE_TRACE is not set
 CONFIG_DMA_OF=y
 # CONFIG_DMARD06 is not set
 # CONFIG_DMARD09 is not set
+CONFIG_DMARD10=m
 # CONFIG_DMATEST is not set
 CONFIG_DMA_VIRTUAL_CHANNELS=y
 CONFIG_DM_CACHE_CLEANER=m
@@ -1138,6 +1166,7 @@ CONFIG_DP83640_PHY=m
 CONFIG_DP83848_PHY=m
 CONFIG_DP83867_PHY=m
 # CONFIG_DPM_WATCHDOG is not set # revisit this in debug
+CONFIG_DPOT_DAC=m
 CONFIG_DRAGONRISE_FF=y
 # CONFIG_DRBD_FAULT_INJECTION is not set
 CONFIG_DRM_AMD_ACP=y
@@ -1156,19 +1185,25 @@ CONFIG_DRM_BOCHS=m
 CONFIG_DRM_CIRRUS_QEMU=m # do not enable on f17 or older
 CONFIG_DRM_DP_AUX_CHARDEV=y
 # CONFIG_DRM_DUMB_VGA_DAC is not set
+CONFIG_DRM_DW_HDMI_I2S_AUDIO=m
 CONFIG_DRM_FBDEV_EMULATION=y
 CONFIG_DRM_HDLCD=m
 # CONFIG_DRM_HDLCD_SHOW_UNDERRUN is not set
+CONFIG_DRM_HISI_HIBMC=m
 CONFIG_DRM_HISI_KIRIN=m
+CONFIG_DRM_I2C_ADV7511_AUDIO=y
 CONFIG_DRM_I2C_ADV7511=m
 # CONFIG_DRM_I2C_ADV7533 is not set
 CONFIG_DRM_I2C_CH7006=m
 CONFIG_DRM_I2C_NXP_TDA998X=m
 CONFIG_DRM_I2C_SIL164=m
 # CONFIG_DRM_I810 is not set
+# CONFIG_DRM_I915_ALPHA_SUPPORT is not set
+CONFIG_DRM_I915_CAPTURE_ERROR=y
+CONFIG_DRM_I915_COMPRESS_ERROR=y
+CONFIG_DRM_I915_GVT_KVMGT=m
 CONFIG_DRM_I915_GVT=y
 CONFIG_DRM_I915=m
-# CONFIG_DRM_I915_PRELIMINARY_HW_SUPPORT is not set
 CONFIG_DRM_I915_USERPTR=y
 # CONFIG_DRM_LEGACY is not set
 CONFIG_DRM_LOAD_EDID_FIRMWARE=y
@@ -1180,6 +1215,7 @@ CONFIG_DRM_MGAG200=m # do not enable on f17 or older
 CONFIG_DRM_MSM_HDMI_HDCP=y
 CONFIG_DRM_MSM=m
 # CONFIG_DRM_MSM_REGISTER_LOGGING is not set
+CONFIG_DRM_MXSFB=m
 CONFIG_DRM_NOUVEAU_BACKLIGHT=y
 CONFIG_DRM_NOUVEAU=m
 # CONFIG_DRM_NXP_PTN3460 is not set
@@ -1200,11 +1236,13 @@ CONFIG_DRM_RADEON_USERPTR=y
 CONFIG_DRM_ROCKCHIP=m
 # CONFIG_DRM_SAVAGE is not set
 # CONFIG_DRM_SII902X is not set
+CONFIG_DRM_SIL_SII8620=m
 # CONFIG_DRM_SIS is not set
 # CONFIG_DRM_TDFX is not set
 # CONFIG_DRM_TEGRA_DEBUG is not set
 CONFIG_DRM_TEGRA=m
 CONFIG_DRM_TEGRA_STAGING=y
+CONFIG_DRM_TI_TFP410=m
 # CONFIG_DRM_TOSHIBA_TC358767 is not set
 CONFIG_DRM_UDL=m
 CONFIG_DRM_VC4=m
@@ -1329,10 +1367,12 @@ CONFIG_EEPROM_AT24=m
 # CONFIG_EEPROM_AT25 is not set
 CONFIG_EEPROM_LEGACY=m
 CONFIG_EEPROM_MAX6875=m
+# CONFIG_EFI_ALLOW_SECURE_BOOT_EXIT is not set
 # CONFIG_EFI_BOOTLOADER_CONTROL is not set
 # CONFIG_EFI_CAPSULE_LOADER is not set
 CONFIG_EFI_PARTITION=y
 # CONFIG_EFI_PGT_DUMP is not set
+# CONFIG_EFI_SECURE_BOOT_LOCK_DOWN is not set
 # CONFIG_EFI_SIGNATURE_LIST_PARSER is not set
 # CONFIG_EFI_TEST is not set
 CONFIG_EFIVAR_FS=y
@@ -1349,6 +1389,7 @@ CONFIG_ENABLE_MUST_CHECK=y
 CONFIG_ENCLOSURE_SERVICES=m
 CONFIG_ENCRYPTED_KEYS=m
 CONFIG_ENIC=m
+CONFIG_ENVELOPE_DETECTOR=m
 CONFIG_EPIC100=m
 CONFIG_EPOLL=y
 CONFIG_EQUALIZER=m
@@ -1489,7 +1530,6 @@ CONFIG_FCOE_FNIC=m
 CONFIG_FCOE=m
 # CONFIG_FDDI is not set
 CONFIG_FEALNX=m
-# CONFIG_FENCE_TRACE is not set
 CONFIG_FHANDLE=y
 # CONFIG_FIREWIRE is not set
 CONFIG_FIREWIRE_NET=m
@@ -1804,10 +1844,12 @@ CONFIG_HOTPLUG=y
 # CONFIG_HSR is not set
 # CONFIG_HSU_DMA is not set
 # CONFIG_HSU_DMA_PCI is not set
+CONFIG_HT16K33=m
 # CONFIG_HTC_EGPIO is not set
 # CONFIG_HTC_I2CPLD is not set
 # CONFIG_HTC_PASIC3 is not set
 CONFIG_HT_IRQ=y
+CONFIG_HTS221=m
 # CONFIG_HTU21 is not set
 CONFIG_HUGETLBFS=y
 CONFIG_HUGETLB_PAGE=y
@@ -1943,6 +1985,9 @@ CONFIG_IIO_BUFFER_CB=y
 CONFIG_IIO_BUFFER=y
 CONFIG_IIO_CONFIGFS=m
 CONFIG_IIO_CONSUMERS_PER_TRIGGER=2
+CONFIG_IIO_CROS_EC_SENSORS_CORE=m
+CONFIG_IIO_CROS_EC_SENSORS_COR=m
+CONFIG_IIO_CROS_EC_SENSORS=m
 # CONFIG_IIO_HRTIMER_TRIGGER is not set
 CONFIG_IIO_INTERRUPT_TRIGGER=m
 # CONFIG_IIO_KFIFO_BUF is not set
@@ -2067,6 +2112,8 @@ CONFIG_INPUT_PCF50633_PMU=m
 # CONFIG_INPUT_PCF8574 is not set
 CONFIG_INPUT_PCSPKR=m
 # CONFIG_INPUT_PM8941_PWRKEY is not set
+CONFIG_INPUT_PM8XXX_VIBRATOR=m
+CONFIG_INPUT_PMIC8XXX_PWRKEY=m
 CONFIG_INPUT_POLLDEV=m
 CONFIG_INPUT_POWERMATE=m
 CONFIG_INPUT_PWM_BEEPER=m
@@ -2417,6 +2464,7 @@ CONFIG_KEYBOARD_GPIO_POLLED=m
 # CONFIG_KEYBOARD_NEWTON is not set
 # CONFIG_KEYBOARD_OMAP4 is not set
 # CONFIG_KEYBOARD_OPENCORES is not set
+CONFIG_KEYBOARD_PMIC8XXX=m
 # CONFIG_KEYBOARD_QT1070 is not set
 # CONFIG_KEYBOARD_QT2160 is not set
 # CONFIG_KEYBOARD_SAMSUNG is not set
@@ -2510,6 +2558,7 @@ CONFIG_LEDS_LP3952=m
 CONFIG_LEDS_LT3593=m
 CONFIG_LEDS_MLXCPLD=m
 # CONFIG_LEDS_NET48XX is not set
+CONFIG_LEDS_NIC78BX=m
 # CONFIG_LEDS_OT200 is not set
 # CONFIG_LEDS_PCA9532 is not set
 # CONFIG_LEDS_PCA955X is not set
@@ -2534,6 +2583,7 @@ CONFIG_LEDS_TRIGGER_PANIC=y
 CONFIG_LEDS_TRIGGERS=y
 CONFIG_LEDS_TRIGGER_TIMER=m
 CONFIG_LEDS_TRIGGER_TRANSIENT=m
+CONFIG_LEDS_USER=m
 CONFIG_LEDS_WM831X_STATUS=m
 CONFIG_LEDS_WM8350=m
 CONFIG_LED_TRIGGER_PHY=y
@@ -2574,10 +2624,12 @@ CONFIG_LITELINK_DONGLE=m
 # CONFIG_LKDTM is not set
 # CONFIG_LLC2 is not set
 CONFIG_LLC=m
+CONFIG_LMP91000=m
 # CONFIG_LNET is not set
 CONFIG_LOCALVERSION=""
 # CONFIG_LOCALVERSION_AUTO is not set
 CONFIG_LOCKD=m
+# CONFIG_LOCK_DOWN_KERNEL is not set
 CONFIG_LOCKD_V4=y
 # CONFIG_LOCK_STAT is not set
 # CONFIG_LOCK_TORTURE_TEST is not set
@@ -2761,6 +2813,7 @@ CONFIG_MFD_MAX77620=y
 # CONFIG_MFD_NVEC is not set
 # CONFIG_MFD_PALMAS is not set
 # CONFIG_MFD_PCF50633 is not set
+CONFIG_MFD_PM8XXX=m
 CONFIG_MFD_QCOM_RPM=m
 # CONFIG_MFD_RDC321X is not set
 # CONFIG_MFD_RETU is not set
@@ -2871,6 +2924,7 @@ CONFIG_MMC_REALTEK_PCI=m
 CONFIG_MMC_REALTEK_USB=m
 CONFIG_MMC_RICOH_MMC=y
 CONFIG_MMC_SDHCI_ACPI=m
+CONFIG_MMC_SDHCI_CADENCE=m
 # CONFIG_MMC_SDHCI_F_SDH30 is not set
 CONFIG_MMC_SDHCI_IPROC=m
 CONFIG_MMC_SDHCI=m
@@ -2936,6 +2990,7 @@ CONFIG_MOVABLE_NODE=y
 # CONFIG_MPL3115 is not set
 CONFIG_MPLS_IPTUNNEL=m
 CONFIG_MPLS_ROUTING=m
+# CONFIG_MPU3050_I2C is not set
 # CONFIG_MS5611 is not set
 # CONFIG_MS5637 is not set
 # CONFIG_MS_BLOCK is not set
@@ -2945,6 +3000,7 @@ CONFIG_MSM_GCC_8660=m
 # CONFIG_MSM_GCC_8916 is not set
 CONFIG_MSM_GCC_8960=m
 CONFIG_MSM_GCC_8974=m
+# CONFIG_MSM_GCC_8994 is not set
 CONFIG_MSM_GCC_8996=m
 # CONFIG_MSM_LCC_8960 is not set
 CONFIG_MSM_MMCC_8960=m
@@ -3541,9 +3597,12 @@ CONFIG_NTP_PPS=y
 CONFIG_NUMA_BALANCING_DEFAULT_ENABLED=y
 CONFIG_NUMA_BALANCING=y
 CONFIG_NUMA=y
+CONFIG_NVME_FC=m
 CONFIG_NVMEM=m
 CONFIG_NVMEM_SUNXI_SID=m
 CONFIG_NVME_RDMA=m
+CONFIG_NVME_TARGET_FCLOOP=m
+CONFIG_NVME_TARGET_FC=m
 CONFIG_NVME_TARGET_LOOP=m
 CONFIG_NVME_TARGET=m
 CONFIG_NVME_TARGET_RDMA=m
@@ -3765,6 +3824,7 @@ CONFIG_PINCTRL_MAX77620=m
 # CONFIG_PINCTRL_MSM8660 is not set
 CONFIG_PINCTRL_MSM8916=y
 # CONFIG_PINCTRL_MSM8960 is not set
+CONFIG_PINCTRL_MSM8994=m
 CONFIG_PINCTRL_MSM8996=y
 # CONFIG_PINCTRL_MSM8X74 is not set
 CONFIG_PINCTRL_MSM=y
@@ -3774,6 +3834,7 @@ CONFIG_PINCTRL_QCOM_SPMI_PMIC=m
 # CONFIG_PINCTRL_QDF2XXX is not set
 CONFIG_PINCTRL_SINGLE=y
 # CONFIG_PINCTRL_SUNRISEPOINT is not set
+# CONFIG_PINCTRL_SX150X is not set
 CONFIG_PINCTRL=y
 CONFIG_PINMUX=y
 CONFIG_PKCS7_MESSAGE_PARSER=y
@@ -3875,7 +3936,10 @@ CONFIG_PWM_TEGRA=m
 CONFIG_PWM=y
 # CONFIG_PWRSEQ_EMMC is not set
 # CONFIG_PWRSEQ_SIMPLE is not set
+CONFIG_QCOM_ADSP_PIL=m
 CONFIG_QCOM_BAM_DMA=y
+# CONFIG_QCOM_CLK_RPM is not set
+# CONFIG_QCOM_CLK_SMD_RPM is not set
 CONFIG_QCOM_COINCELL=m
 # CONFIG_QCOM_EBI2 is not set
 CONFIG_QCOM_GSBI=y
@@ -4041,6 +4105,7 @@ CONFIG_REISERFS_FS_XATTR=y
 CONFIG_REISERFS_PROC_INFO=y
 CONFIG_RELAY=y
 # CONFIG_RELOCATABLE is not set
+CONFIG_REMOTEPROC=m
 CONFIG_RESET_CONTROLLER=y
 CONFIG_RESET_GPIO=y
 CONFIG_RESET_HISI=y
@@ -4263,6 +4328,7 @@ CONFIG_SCHED_SMT=y
 # CONFIG_SCHED_STACK_END_CHECK is not set
 CONFIG_SCHEDSTATS=y
 CONFIG_SCHED_TRACER=y
+# CONFIG_SCR24X is not set
 # CONFIG_SCSI_3W_9XXX is not set
 # CONFIG_SCSI_3W_SAS is not set
 # CONFIG_SCSI_AACRAID is not set
@@ -4520,10 +4586,12 @@ CONFIG_SENSORS_SIS5595=m
 CONFIG_SENSORS_SMSC47B397=m
 CONFIG_SENSORS_SMSC47M192=m
 CONFIG_SENSORS_SMSC47M1=m
+CONFIG_SENSORS_TC654=m
 CONFIG_SENSORS_TC74=m
 CONFIG_SENSORS_THMC50=m
 CONFIG_SENSORS_TMP102=m
 CONFIG_SENSORS_TMP103=m
+CONFIG_SENSORS_TMP108=m
 CONFIG_SENSORS_TMP401=m
 CONFIG_SENSORS_TMP421=m
 CONFIG_SENSORS_TPS40422=m
@@ -4936,6 +5004,7 @@ CONFIG_SPARSEMEM_VMEMMAP=y
 CONFIG_SPARSE_RCU_POINTER=y
 # CONFIG_SPEAKUP is not set
 # CONFIG_SPI_ALTERA is not set
+CONFIG_SPI_ARMADA_3700=m
 # CONFIG_SPI_AXI_SPI_ENGINE is not set
 CONFIG_SPI_BCM2835AUX=m
 CONFIG_SPI_BCM2835=m
@@ -4948,6 +5017,7 @@ CONFIG_SPI_DESIGNWARE=m
 # CONFIG_SPI_DW_MID_DMA is not set
 CONFIG_SPI_DW_MMIO=m
 CONFIG_SPI_DW_PCI=m
+CONFIG_SPI_FSL_LPSPI=m
 # CONFIG_SPI_FSL_SPI is not set
 CONFIG_SPI_GPIO=m
 # CONFIG_SPI_LM70_LLP is not set
@@ -5017,6 +5087,7 @@ CONFIG_STRIP_ASM_SYMS=y
 # CONFIG_STRIP is not set
 CONFIG_STUB_CLK_HI6220=y
 # CONFIG_SUN4I_EMAC is not set
+# CONFIG_SUN50I_A64_CCU is not set
 # CONFIG_SUN6I_A31_CCU is not set
 # CONFIG_SUN8I_A23_CCU is not set
 # CONFIG_SUN8I_A33_CCU is not set
@@ -5128,6 +5199,7 @@ CONFIG_TEHUTI=m
 CONFIG_TEKRAM_DONGLE=m
 CONFIG_TELCLOCK=m
 CONFIG_TERANETICS_PHY=m
+CONFIG_TEST_ASYNC_DRIVER_PROBE=m
 # CONFIG_TEST_BITMAP is not set
 # CONFIG_TEST_BPF is not set
 # CONFIG_TEST_FIRMWARE is not set
@@ -5302,6 +5374,7 @@ CONFIG_UHID=m
 CONFIG_UIO_AEC=m
 CONFIG_UIO_CIF=m
 # CONFIG_UIO_DMEM_GENIRQ is not set
+CONFIG_UIO_HV_GENERIC=m
 CONFIG_UIO=m
 # CONFIG_UIO_MF624 is not set
 # CONFIG_UIO_NETX is not set
@@ -5571,6 +5644,7 @@ CONFIG_USB_SERIAL_EDGEPORT=m
 CONFIG_USB_SERIAL_EDGEPORT_TI=m
 CONFIG_USB_SERIAL_EMPEG=m
 # CONFIG_USB_SERIAL_F81232 is not set
+CONFIG_USB_SERIAL_F8153X=m
 CONFIG_USB_SERIAL_FTDI_SIO=m
 CONFIG_USB_SERIAL_GARMIN=m
 CONFIG_USB_SERIAL_GENERIC=y
@@ -5706,6 +5780,8 @@ CONFIG_VFAT_FS=m
 CONFIG_VFIO_AMBA=m
 CONFIG_VFIO_IOMMU_TYPE1=m
 CONFIG_VFIO=m
+CONFIG_VFIO_MDEV_DEVICE=m
+CONFIG_VFIO_MDEV=m
 # CONFIG_VFIO_NOIOMMU is not set
 CONFIG_VFIO_PCI=m
 CONFIG_VFIO_PLATFORM_AMDXGBE_RESET=m
diff --git a/kernel-armv7hl-debug.config b/kernel-armv7hl-debug.config
index 434a5a7d6..bb18b661b 100644
--- a/kernel-armv7hl-debug.config
+++ b/kernel-armv7hl-debug.config
@@ -33,6 +33,7 @@ CONFIG_9P_FS_SECURITY=y
 CONFIG_A11Y_BRAILLE_CONSOLE=y
 # CONFIG_AB3100_CORE is not set
 # CONFIG_AB3100_OTP is not set
+CONFIG_ABP060MG=m
 # CONFIG_ABX500_CORE is not set
 CONFIG_ACCESSIBILITY=y
 CONFIG_ACENIC=m
@@ -79,6 +80,7 @@ CONFIG_AD525X_DPOT_SPI=m
 # CONFIG_AD7476 is not set
 # CONFIG_AD7606 is not set
 # CONFIG_AD7746 is not set
+CONFIG_AD7766=m
 # CONFIG_AD7780 is not set
 # CONFIG_AD7791 is not set
 # CONFIG_AD7793 is not set
@@ -255,6 +257,7 @@ CONFIG_ARCH_VIRT=y
 CONFIG_ARCH_ZYNQ=y
 # CONFIG_ARCNET is not set
 CONFIG_ARM64_PTDUMP=y
+# CONFIG_ARM64_SW_TTBR0_PAN is not set
 CONFIG_ARMADA_THERMAL=m
 CONFIG_ARM_AMBA=y
 CONFIG_ARM_APPENDED_DTB=y
@@ -518,6 +521,7 @@ CONFIG_BAYCOM_SER_HDX=m
 # CONFIG_BCACHE_DEBUG is not set
 CONFIG_BCACHE=m
 CONFIG_BCM2835_MBOX=y
+# CONFIG_BCM2835_VCHIQ is not set
 CONFIG_BCM2835_WDT=m
 CONFIG_BCM63XX_PHY=m
 # CONFIG_BCM7038_WDT is not set
@@ -588,6 +592,10 @@ CONFIG_BLK_DEV_THROTTLING=y
 # CONFIG_BLK_DEV_UB is not set
 CONFIG_BLK_DEV_UMEM=m
 CONFIG_BLK_DEV=y
+CONFIG_BLK_DEV_ZONED=y
+CONFIG_BLK_WBT_MQ=y
+# CONFIG_BLK_WBT_SQ is not set
+CONFIG_BLK_WBT=y
 # CONFIG_BL_SWITCHER_DUMMY_IF is not set
 CONFIG_BL_SWITCHER=y
 # CONFIG_BMA180 is not set
@@ -891,9 +899,18 @@ CONFIG_COMMON_CLK_AXI_CLKGEN=m
 # CONFIG_COMMON_CLK_CDCE706 is not set
 # CONFIG_COMMON_CLK_CDCE925 is not set
 # CONFIG_COMMON_CLK_CS2000_CP is not set
+# CONFIG_COMMON_CLK_HI3516CV300 is not set
 # CONFIG_COMMON_CLK_HI3519 is not set
+# CONFIG_COMMON_CLK_HI3798CV200 is not set
 CONFIG_COMMON_CLK_MAX77686=m
 CONFIG_COMMON_CLK_MAX77802=m
+# CONFIG_COMMON_CLK_MT2701_BDPSYS is not set
+# CONFIG_COMMON_CLK_MT2701_ETHSYS is not set
+# CONFIG_COMMON_CLK_MT2701_HIFSYS is not set
+# CONFIG_COMMON_CLK_MT2701_IMGSYS is not set
+# CONFIG_COMMON_CLK_MT2701 is not set
+# CONFIG_COMMON_CLK_MT2701_MMSYS is not set
+# CONFIG_COMMON_CLK_MT2701_VDECSYS is not set
 # CONFIG_COMMON_CLK_MT8135 is not set
 # CONFIG_COMMON_CLK_MT8173 is not set
 # CONFIG_COMMON_CLK_OXNAS is not set
@@ -1088,6 +1105,8 @@ CONFIG_CW1200_WLAN_SPI=m
 # CONFIG_CX_ECAT is not set
 CONFIG_CYCLADES=m
 # CONFIG_CYZ_INTR is not set
+CONFIG_DA280=m
+CONFIG_DA311=m
 CONFIG_DA9052_WATCHDOG=m
 CONFIG_DA9055_WATCHDOG=m
 CONFIG_DAVICOM_PHY=m
@@ -1203,10 +1222,12 @@ CONFIG_DMA_CMA=y
 # CONFIG_DMADEVICES_VDEBUG is not set
 CONFIG_DMADEVICES=y
 CONFIG_DMA_ENGINE=y
+# CONFIG_DMA_FENCE_TRACE is not set
 CONFIG_DMA_OF=y
 CONFIG_DMA_OMAP=m
 # CONFIG_DMARD06 is not set
 # CONFIG_DMARD09 is not set
+CONFIG_DMARD10=m
 CONFIG_DMA_SUN4I=m
 CONFIG_DMA_SUN6I=m
 # CONFIG_DMATEST is not set
@@ -1244,6 +1265,7 @@ CONFIG_DP83640_PHY=m
 CONFIG_DP83848_PHY=m
 CONFIG_DP83867_PHY=m
 # CONFIG_DPM_WATCHDOG is not set # revisit this in debug
+CONFIG_DPOT_DAC=m
 CONFIG_DRAGONRISE_FF=y
 CONFIG_DRBD_FAULT_INJECTION=y
 CONFIG_DRM_AMD_ACP=y
@@ -1263,6 +1285,7 @@ CONFIG_DRM_CIRRUS_QEMU=m # do not enable on f17 or older
 CONFIG_DRM_DP_AUX_CHARDEV=y
 # CONFIG_DRM_DUMB_VGA_DAC is not set
 CONFIG_DRM_DW_HDMI_AHB_AUDIO=m
+CONFIG_DRM_DW_HDMI_I2S_AUDIO=m
 CONFIG_DRM_DW_HDMI=m
 CONFIG_DRM_ETNAVIV=m
 # CONFIG_DRM_ETNAVIV_REGISTER_LOGGING is not set
@@ -1287,15 +1310,20 @@ CONFIG_DRM_FBDEV_EMULATION=y
 # CONFIG_DRM_FSL_DCU is not set
 CONFIG_DRM_HDLCD=m
 # CONFIG_DRM_HDLCD_SHOW_UNDERRUN is not set
+CONFIG_DRM_HISI_HIBMC=m
+CONFIG_DRM_I2C_ADV7511_AUDIO=y
 CONFIG_DRM_I2C_ADV7511=m
 # CONFIG_DRM_I2C_ADV7533 is not set
 CONFIG_DRM_I2C_CH7006=m
 CONFIG_DRM_I2C_NXP_TDA998X=m
 CONFIG_DRM_I2C_SIL164=m
 # CONFIG_DRM_I810 is not set
+# CONFIG_DRM_I915_ALPHA_SUPPORT is not set
+CONFIG_DRM_I915_CAPTURE_ERROR=y
+CONFIG_DRM_I915_COMPRESS_ERROR=y
+CONFIG_DRM_I915_GVT_KVMGT=m
 CONFIG_DRM_I915_GVT=y
 CONFIG_DRM_I915=m
-# CONFIG_DRM_I915_PRELIMINARY_HW_SUPPORT is not set
 CONFIG_DRM_I915_USERPTR=y
 CONFIG_DRM_IMX_HDMI=m
 CONFIG_DRM_IMX_IPUV3=m
@@ -1313,6 +1341,7 @@ CONFIG_DRM_MGAG200=m # do not enable on f17 or older
 CONFIG_DRM_MSM_HDMI_HDCP=y
 CONFIG_DRM_MSM=m
 # CONFIG_DRM_MSM_REGISTER_LOGGING is not set
+CONFIG_DRM_MXSFB=m
 CONFIG_DRM_NOUVEAU_BACKLIGHT=y
 CONFIG_DRM_NOUVEAU=m
 # CONFIG_DRM_NXP_PTN3460 is not set
@@ -1349,6 +1378,7 @@ CONFIG_DRM_RADEON_USERPTR=y
 CONFIG_DRM_ROCKCHIP=m
 # CONFIG_DRM_SAVAGE is not set
 # CONFIG_DRM_SII902X is not set
+CONFIG_DRM_SIL_SII8620=m
 # CONFIG_DRM_SIS is not set
 # CONFIG_DRM_STI is not set
 CONFIG_DRM_SUN4I=m
@@ -1358,6 +1388,7 @@ CONFIG_DRM_TEGRA=m
 CONFIG_DRM_TEGRA_STAGING=y
 CONFIG_DRM_TILCDC=m
 CONFIG_DRM_TILCDC_SLAVE_COMPAT=y
+CONFIG_DRM_TI_TFP410=m
 # CONFIG_DRM_TOSHIBA_TC358767 is not set
 CONFIG_DRM_UDL=m
 CONFIG_DRM_VC4=m
@@ -1486,10 +1517,12 @@ CONFIG_EEPROM_AT24=m
 CONFIG_EEPROM_AT25=m
 CONFIG_EEPROM_LEGACY=m
 CONFIG_EEPROM_MAX6875=m
+# CONFIG_EFI_ALLOW_SECURE_BOOT_EXIT is not set
 # CONFIG_EFI_BOOTLOADER_CONTROL is not set
 # CONFIG_EFI_CAPSULE_LOADER is not set
 CONFIG_EFI_PARTITION=y
 CONFIG_EFI_PGT_DUMP=y
+# CONFIG_EFI_SECURE_BOOT_LOCK_DOWN is not set
 # CONFIG_EFI_SIGNATURE_LIST_PARSER is not set
 # CONFIG_EFI_TEST is not set
 CONFIG_EFIVAR_FS=y
@@ -1506,6 +1539,7 @@ CONFIG_ENC28J60=m
 CONFIG_ENCLOSURE_SERVICES=m
 CONFIG_ENCRYPTED_KEYS=m
 CONFIG_ENIC=m
+CONFIG_ENVELOPE_DETECTOR=m
 CONFIG_EPIC100=m
 CONFIG_EPOLL=y
 CONFIG_EQUALIZER=m
@@ -1670,7 +1704,6 @@ CONFIG_FCOE=m
 # CONFIG_FDDI is not set
 CONFIG_FEALNX=m
 CONFIG_FEC=m
-# CONFIG_FENCE_TRACE is not set
 CONFIG_FHANDLE=y
 # CONFIG_FIREWIRE is not set
 CONFIG_FIREWIRE_NET=m
@@ -1999,10 +2032,12 @@ CONFIG_HOTPLUG=y
 # CONFIG_HSR is not set
 # CONFIG_HSU_DMA is not set
 # CONFIG_HSU_DMA_PCI is not set
+CONFIG_HT16K33=m
 # CONFIG_HTC_EGPIO is not set
 # CONFIG_HTC_I2CPLD is not set
 # CONFIG_HTC_PASIC3 is not set
 CONFIG_HT_IRQ=y
+CONFIG_HTS221=m
 # CONFIG_HTU21 is not set
 CONFIG_HUGETLBFS=y
 CONFIG_HUGETLB_PAGE=y
@@ -2142,6 +2177,9 @@ CONFIG_IIO_BUFFER_CB=y
 CONFIG_IIO_BUFFER=y
 CONFIG_IIO_CONFIGFS=m
 CONFIG_IIO_CONSUMERS_PER_TRIGGER=2
+CONFIG_IIO_CROS_EC_SENSORS_CORE=m
+CONFIG_IIO_CROS_EC_SENSORS_COR=m
+CONFIG_IIO_CROS_EC_SENSORS=m
 # CONFIG_IIO_HRTIMER_TRIGGER is not set
 CONFIG_IIO_INTERRUPT_TRIGGER=m
 # CONFIG_IIO_KFIFO_BUF is not set
@@ -2757,6 +2795,7 @@ CONFIG_LEDS_MAX8997=m
 CONFIG_LEDS_MC13783=m
 CONFIG_LEDS_MLXCPLD=m
 # CONFIG_LEDS_NET48XX is not set
+CONFIG_LEDS_NIC78BX=m
 CONFIG_LEDS_NS2=m
 # CONFIG_LEDS_OT200 is not set
 # CONFIG_LEDS_PCA9532 is not set
@@ -2782,6 +2821,7 @@ CONFIG_LEDS_TRIGGER_PANIC=y
 CONFIG_LEDS_TRIGGERS=y
 CONFIG_LEDS_TRIGGER_TIMER=m
 CONFIG_LEDS_TRIGGER_TRANSIENT=m
+CONFIG_LEDS_USER=m
 CONFIG_LEDS_WM831X_STATUS=m
 CONFIG_LEDS_WM8350=m
 CONFIG_LED_TRIGGER_PHY=y
@@ -2821,10 +2861,12 @@ CONFIG_LITELINK_DONGLE=m
 # CONFIG_LKDTM is not set
 # CONFIG_LLC2 is not set
 CONFIG_LLC=m
+CONFIG_LMP91000=m
 # CONFIG_LNET is not set
 CONFIG_LOCALVERSION=""
 # CONFIG_LOCALVERSION_AUTO is not set
 CONFIG_LOCKD=m
+# CONFIG_LOCK_DOWN_KERNEL is not set
 CONFIG_LOCKD_V4=y
 # CONFIG_LOCK_STAT is not set
 CONFIG_LOCK_TORTURE_TEST=m
@@ -3157,6 +3199,7 @@ CONFIG_MMC_REALTEK_PCI=m
 CONFIG_MMC_REALTEK_USB=m
 CONFIG_MMC_RICOH_MMC=y
 CONFIG_MMC_SDHCI_ACPI=m
+CONFIG_MMC_SDHCI_CADENCE=m
 CONFIG_MMC_SDHCI_DOVE=m
 CONFIG_MMC_SDHCI_ESDHC_IMX=m
 # CONFIG_MMC_SDHCI_F_SDH30 is not set
@@ -3231,6 +3274,7 @@ CONFIG_MPL115=m
 CONFIG_MPL3115=m
 CONFIG_MPLS_IPTUNNEL=m
 CONFIG_MPLS_ROUTING=m
+# CONFIG_MPU3050_I2C is not set
 # CONFIG_MS5611 is not set
 # CONFIG_MS5637 is not set
 # CONFIG_MS_BLOCK is not set
@@ -3240,6 +3284,7 @@ CONFIG_MSM_GCC_8660=m
 # CONFIG_MSM_GCC_8916 is not set
 CONFIG_MSM_GCC_8960=m
 CONFIG_MSM_GCC_8974=m
+# CONFIG_MSM_GCC_8994 is not set
 CONFIG_MSM_GCC_8996=m
 # CONFIG_MSM_IOMMU is not set
 # CONFIG_MSM_LCC_8960 is not set
@@ -3869,10 +3914,13 @@ CONFIG_NSC_FIR=m
 CONFIG_NTP_PPS=y
 CONFIG_NVEC_PAZ00=y
 CONFIG_NVEC_POWER=y
+CONFIG_NVME_FC=m
 CONFIG_NVMEM_IMX_OCOTP=m
 CONFIG_NVMEM=m
 CONFIG_NVMEM_SUNXI_SID=m
 CONFIG_NVME_RDMA=m
+CONFIG_NVME_TARGET_FCLOOP=m
+CONFIG_NVME_TARGET_FC=m
 CONFIG_NVME_TARGET_LOOP=m
 CONFIG_NVME_TARGET=m
 CONFIG_NVME_TARGET_RDMA=m
@@ -4145,6 +4193,7 @@ CONFIG_PINCTRL_IMX6SL=y
 CONFIG_PINCTRL_MSM8660=m
 CONFIG_PINCTRL_MSM8916=m
 CONFIG_PINCTRL_MSM8960=m
+CONFIG_PINCTRL_MSM8994=m
 # CONFIG_PINCTRL_MSM8996 is not set
 CONFIG_PINCTRL_MSM8X74=m
 CONFIG_PINCTRL_MVEBU=y
@@ -4154,6 +4203,7 @@ CONFIG_PINCTRL_QCOM_SSBI_PMIC=m
 # CONFIG_PINCTRL_SAMSUNG is not set
 CONFIG_PINCTRL_SINGLE=y
 # CONFIG_PINCTRL_SUNRISEPOINT is not set
+# CONFIG_PINCTRL_SX150X is not set
 CONFIG_PINCTRL=y
 CONFIG_PINCTRL_ZYNQ=y
 CONFIG_PINMUX=y
@@ -4278,7 +4328,10 @@ CONFIG_PWM=y
 # CONFIG_PWRSEQ_EMMC is not set
 # CONFIG_PWRSEQ_SIMPLE is not set
 CONFIG_PXA_DMA=y
+CONFIG_QCOM_ADSP_PIL=m
 CONFIG_QCOM_BAM_DMA=m
+# CONFIG_QCOM_CLK_RPM is not set
+# CONFIG_QCOM_CLK_SMD_RPM is not set
 CONFIG_QCOM_COINCELL=m
 # CONFIG_QCOM_EBI2 is not set
 CONFIG_QCOM_GSBI=m
@@ -4712,6 +4765,7 @@ CONFIG_SCHED_SMT=y
 # CONFIG_SCHED_STACK_END_CHECK is not set
 CONFIG_SCHEDSTATS=y
 CONFIG_SCHED_TRACER=y
+# CONFIG_SCR24X is not set
 # CONFIG_SCSI_3W_9XXX is not set
 # CONFIG_SCSI_3W_SAS is not set
 # CONFIG_SCSI_AACRAID is not set
@@ -4971,10 +5025,12 @@ CONFIG_SENSORS_SIS5595=m
 CONFIG_SENSORS_SMSC47B397=m
 CONFIG_SENSORS_SMSC47M192=m
 CONFIG_SENSORS_SMSC47M1=m
+CONFIG_SENSORS_TC654=m
 CONFIG_SENSORS_TC74=m
 CONFIG_SENSORS_THMC50=m
 CONFIG_SENSORS_TMP102=m
 CONFIG_SENSORS_TMP103=m
+CONFIG_SENSORS_TMP108=m
 CONFIG_SENSORS_TMP401=m
 CONFIG_SENSORS_TMP421=m
 CONFIG_SENSORS_TPS40422=m
@@ -5510,6 +5566,7 @@ CONFIG_SOUND_OSS_CORE_PRECLAIM=y
 CONFIG_SPARSE_RCU_POINTER=y
 # CONFIG_SPEAKUP is not set
 # CONFIG_SPI_ALTERA is not set
+CONFIG_SPI_ARMADA_3700=m
 # CONFIG_SPI_AXI_SPI_ENGINE is not set
 CONFIG_SPI_BCM2835AUX=m
 CONFIG_SPI_BCM2835=m
@@ -5524,6 +5581,7 @@ CONFIG_SPI_DESIGNWARE=m
 # CONFIG_SPI_DW_MID_DMA is not set
 CONFIG_SPI_DW_MMIO=m
 CONFIG_SPI_DW_PCI=m
+CONFIG_SPI_FSL_LPSPI=m
 CONFIG_SPI_FSL_QUADSPI=m
 # CONFIG_SPI_FSL_SPI is not set
 CONFIG_SPI_GPIO=m
@@ -5599,6 +5657,7 @@ CONFIG_STRICT_DEVMEM=y
 CONFIG_STRIP_ASM_SYMS=y
 # CONFIG_STRIP is not set
 CONFIG_SUN4I_EMAC=m
+# CONFIG_SUN50I_A64_CCU is not set
 # CONFIG_SUN6I_A31_CCU is not set
 # CONFIG_SUN8I_A23_CCU is not set
 # CONFIG_SUN8I_A33_CCU is not set
@@ -5711,6 +5770,7 @@ CONFIG_TEHUTI=m
 CONFIG_TEKRAM_DONGLE=m
 CONFIG_TELCLOCK=m
 CONFIG_TERANETICS_PHY=m
+CONFIG_TEST_ASYNC_DRIVER_PROBE=m
 # CONFIG_TEST_BITMAP is not set
 # CONFIG_TEST_BPF is not set
 # CONFIG_TEST_FIRMWARE is not set
@@ -5907,6 +5967,7 @@ CONFIG_UHID=m
 CONFIG_UIO_AEC=m
 CONFIG_UIO_CIF=m
 # CONFIG_UIO_DMEM_GENIRQ is not set
+CONFIG_UIO_HV_GENERIC=m
 CONFIG_UIO=m
 # CONFIG_UIO_MF624 is not set
 # CONFIG_UIO_NETX is not set
@@ -6192,6 +6253,7 @@ CONFIG_USB_SERIAL_EDGEPORT=m
 CONFIG_USB_SERIAL_EDGEPORT_TI=m
 CONFIG_USB_SERIAL_EMPEG=m
 # CONFIG_USB_SERIAL_F81232 is not set
+CONFIG_USB_SERIAL_F8153X=m
 CONFIG_USB_SERIAL_FTDI_SIO=m
 CONFIG_USB_SERIAL_GARMIN=m
 CONFIG_USB_SERIAL_GENERIC=y
@@ -6329,6 +6391,8 @@ CONFIG_VFAT_FS=m
 CONFIG_VFIO_AMBA=m
 CONFIG_VFIO_IOMMU_TYPE1=m
 CONFIG_VFIO=m
+CONFIG_VFIO_MDEV_DEVICE=m
+CONFIG_VFIO_MDEV=m
 # CONFIG_VFIO_NOIOMMU is not set
 CONFIG_VFIO_PCI=m
 # CONFIG_VFIO_PLATFORM_AMDXGBE_RESET is not set
diff --git a/kernel-armv7hl-lpae-debug.config b/kernel-armv7hl-lpae-debug.config
index 58f49a2b3..2044e3d67 100644
--- a/kernel-armv7hl-lpae-debug.config
+++ b/kernel-armv7hl-lpae-debug.config
@@ -33,6 +33,7 @@ CONFIG_9P_FS_SECURITY=y
 CONFIG_A11Y_BRAILLE_CONSOLE=y
 # CONFIG_AB3100_CORE is not set
 # CONFIG_AB3100_OTP is not set
+CONFIG_ABP060MG=m
 # CONFIG_ABX500_CORE is not set
 CONFIG_ACCESSIBILITY=y
 CONFIG_ACENIC=m
@@ -79,6 +80,7 @@ CONFIG_AD525X_DPOT_SPI=m
 # CONFIG_AD7476 is not set
 # CONFIG_AD7606 is not set
 # CONFIG_AD7746 is not set
+CONFIG_AD7766=m
 # CONFIG_AD7780 is not set
 # CONFIG_AD7791 is not set
 # CONFIG_AD7793 is not set
@@ -247,6 +249,7 @@ CONFIG_ARCH_VIRT=y
 # CONFIG_ARCH_ZYNQ is not set
 # CONFIG_ARCNET is not set
 CONFIG_ARM64_PTDUMP=y
+# CONFIG_ARM64_SW_TTBR0_PAN is not set
 CONFIG_ARMADA_THERMAL=m
 CONFIG_ARM_AMBA=y
 CONFIG_ARM_APPENDED_DTB=y
@@ -499,6 +502,7 @@ CONFIG_BAYCOM_SER_HDX=m
 # CONFIG_BCACHE_DEBUG is not set
 CONFIG_BCACHE=m
 CONFIG_BCM2835_MBOX=y
+# CONFIG_BCM2835_VCHIQ is not set
 CONFIG_BCM2835_WDT=m
 CONFIG_BCM63XX_PHY=m
 # CONFIG_BCM7038_WDT is not set
@@ -569,6 +573,10 @@ CONFIG_BLK_DEV_THROTTLING=y
 # CONFIG_BLK_DEV_UB is not set
 CONFIG_BLK_DEV_UMEM=m
 CONFIG_BLK_DEV=y
+CONFIG_BLK_DEV_ZONED=y
+CONFIG_BLK_WBT_MQ=y
+# CONFIG_BLK_WBT_SQ is not set
+CONFIG_BLK_WBT=y
 # CONFIG_BL_SWITCHER_DUMMY_IF is not set
 CONFIG_BL_SWITCHER=y
 # CONFIG_BMA180 is not set
@@ -869,9 +877,18 @@ CONFIG_CNIC=m
 # CONFIG_COMMON_CLK_CDCE706 is not set
 # CONFIG_COMMON_CLK_CDCE925 is not set
 # CONFIG_COMMON_CLK_CS2000_CP is not set
+# CONFIG_COMMON_CLK_HI3516CV300 is not set
 # CONFIG_COMMON_CLK_HI3519 is not set
+# CONFIG_COMMON_CLK_HI3798CV200 is not set
 CONFIG_COMMON_CLK_MAX77686=m
 CONFIG_COMMON_CLK_MAX77802=m
+# CONFIG_COMMON_CLK_MT2701_BDPSYS is not set
+# CONFIG_COMMON_CLK_MT2701_ETHSYS is not set
+# CONFIG_COMMON_CLK_MT2701_HIFSYS is not set
+# CONFIG_COMMON_CLK_MT2701_IMGSYS is not set
+# CONFIG_COMMON_CLK_MT2701 is not set
+# CONFIG_COMMON_CLK_MT2701_MMSYS is not set
+# CONFIG_COMMON_CLK_MT2701_VDECSYS is not set
 # CONFIG_COMMON_CLK_MT8135 is not set
 # CONFIG_COMMON_CLK_MT8173 is not set
 # CONFIG_COMMON_CLK_OXNAS is not set
@@ -1044,6 +1061,8 @@ CONFIG_CW1200_WLAN_SPI=m
 # CONFIG_CX_ECAT is not set
 CONFIG_CYCLADES=m
 # CONFIG_CYZ_INTR is not set
+CONFIG_DA280=m
+CONFIG_DA311=m
 CONFIG_DAVICOM_PHY=m
 CONFIG_DAVINCI_WATCHDOG=m
 CONFIG_DCB=y
@@ -1158,9 +1177,11 @@ CONFIG_DMA_CMA=y
 # CONFIG_DMADEVICES_VDEBUG is not set
 CONFIG_DMADEVICES=y
 CONFIG_DMA_ENGINE=y
+# CONFIG_DMA_FENCE_TRACE is not set
 CONFIG_DMA_OF=y
 # CONFIG_DMARD06 is not set
 # CONFIG_DMARD09 is not set
+CONFIG_DMARD10=m
 CONFIG_DMA_SUN4I=m
 CONFIG_DMA_SUN6I=m
 # CONFIG_DMATEST is not set
@@ -1198,6 +1219,7 @@ CONFIG_DP83640_PHY=m
 CONFIG_DP83848_PHY=m
 CONFIG_DP83867_PHY=m
 # CONFIG_DPM_WATCHDOG is not set # revisit this in debug
+CONFIG_DPOT_DAC=m
 CONFIG_DRAGONRISE_FF=y
 CONFIG_DRBD_FAULT_INJECTION=y
 CONFIG_DRM_AMD_ACP=y
@@ -1217,6 +1239,7 @@ CONFIG_DRM_CIRRUS_QEMU=m # do not enable on f17 or older
 CONFIG_DRM_DP_AUX_CHARDEV=y
 # CONFIG_DRM_DUMB_VGA_DAC is not set
 CONFIG_DRM_DW_HDMI_AHB_AUDIO=m
+CONFIG_DRM_DW_HDMI_I2S_AUDIO=m
 CONFIG_DRM_DW_HDMI=m
 CONFIG_DRM_EXYNOS5433_DECON=y
 CONFIG_DRM_EXYNOS7_DECON=y
@@ -1239,15 +1262,20 @@ CONFIG_DRM_FBDEV_EMULATION=y
 # CONFIG_DRM_FSL_DCU is not set
 CONFIG_DRM_HDLCD=m
 # CONFIG_DRM_HDLCD_SHOW_UNDERRUN is not set
+CONFIG_DRM_HISI_HIBMC=m
+CONFIG_DRM_I2C_ADV7511_AUDIO=y
 CONFIG_DRM_I2C_ADV7511=m
 # CONFIG_DRM_I2C_ADV7533 is not set
 CONFIG_DRM_I2C_CH7006=m
 CONFIG_DRM_I2C_NXP_TDA998X=m
 CONFIG_DRM_I2C_SIL164=m
 # CONFIG_DRM_I810 is not set
+# CONFIG_DRM_I915_ALPHA_SUPPORT is not set
+CONFIG_DRM_I915_CAPTURE_ERROR=y
+CONFIG_DRM_I915_COMPRESS_ERROR=y
+CONFIG_DRM_I915_GVT_KVMGT=m
 CONFIG_DRM_I915_GVT=y
 CONFIG_DRM_I915=m
-# CONFIG_DRM_I915_PRELIMINARY_HW_SUPPORT is not set
 CONFIG_DRM_I915_USERPTR=y
 # CONFIG_DRM_IMX is not set
 # CONFIG_DRM_LEGACY is not set
@@ -1256,6 +1284,7 @@ CONFIG_DRM=m
 CONFIG_DRM_MALI_DISPLAY=m
 CONFIG_DRM_MGAG200=m # do not enable on f17 or older
 # CONFIG_DRM_MGA is not set
+CONFIG_DRM_MXSFB=m
 CONFIG_DRM_NOUVEAU_BACKLIGHT=y
 CONFIG_DRM_NOUVEAU=m
 # CONFIG_DRM_NXP_PTN3460 is not set
@@ -1277,6 +1306,7 @@ CONFIG_DRM_RADEON_USERPTR=y
 CONFIG_DRM_ROCKCHIP=m
 # CONFIG_DRM_SAVAGE is not set
 # CONFIG_DRM_SII902X is not set
+CONFIG_DRM_SIL_SII8620=m
 # CONFIG_DRM_SIS is not set
 # CONFIG_DRM_STI is not set
 CONFIG_DRM_SUN4I=m
@@ -1285,6 +1315,7 @@ CONFIG_DRM_SUN4I=m
 CONFIG_DRM_TEGRA=m
 CONFIG_DRM_TEGRA_STAGING=y
 # CONFIG_DRM_TILCDC is not set
+CONFIG_DRM_TI_TFP410=m
 # CONFIG_DRM_TOSHIBA_TC358767 is not set
 CONFIG_DRM_UDL=m
 CONFIG_DRM_VC4=m
@@ -1412,10 +1443,12 @@ CONFIG_EEPROM_AT24=m
 CONFIG_EEPROM_AT25=m
 CONFIG_EEPROM_LEGACY=m
 CONFIG_EEPROM_MAX6875=m
+# CONFIG_EFI_ALLOW_SECURE_BOOT_EXIT is not set
 # CONFIG_EFI_BOOTLOADER_CONTROL is not set
 # CONFIG_EFI_CAPSULE_LOADER is not set
 CONFIG_EFI_PARTITION=y
 CONFIG_EFI_PGT_DUMP=y
+# CONFIG_EFI_SECURE_BOOT_LOCK_DOWN is not set
 # CONFIG_EFI_SIGNATURE_LIST_PARSER is not set
 # CONFIG_EFI_TEST is not set
 CONFIG_EFIVAR_FS=y
@@ -1432,6 +1465,7 @@ CONFIG_ENC28J60=m
 CONFIG_ENCLOSURE_SERVICES=m
 CONFIG_ENCRYPTED_KEYS=m
 CONFIG_ENIC=m
+CONFIG_ENVELOPE_DETECTOR=m
 CONFIG_EPIC100=m
 CONFIG_EPOLL=y
 CONFIG_EQUALIZER=m
@@ -1591,7 +1625,6 @@ CONFIG_FCOE_FNIC=m
 CONFIG_FCOE=m
 # CONFIG_FDDI is not set
 CONFIG_FEALNX=m
-# CONFIG_FENCE_TRACE is not set
 CONFIG_FHANDLE=y
 # CONFIG_FIREWIRE is not set
 CONFIG_FIREWIRE_NET=m
@@ -1908,10 +1941,12 @@ CONFIG_HOTPLUG=y
 # CONFIG_HSR is not set
 # CONFIG_HSU_DMA is not set
 # CONFIG_HSU_DMA_PCI is not set
+CONFIG_HT16K33=m
 # CONFIG_HTC_EGPIO is not set
 # CONFIG_HTC_I2CPLD is not set
 # CONFIG_HTC_PASIC3 is not set
 CONFIG_HT_IRQ=y
+CONFIG_HTS221=m
 # CONFIG_HTU21 is not set
 CONFIG_HUGETLBFS=y
 CONFIG_HUGETLB_PAGE=y
@@ -2043,6 +2078,9 @@ CONFIG_IIO_BUFFER_CB=y
 CONFIG_IIO_BUFFER=y
 CONFIG_IIO_CONFIGFS=m
 CONFIG_IIO_CONSUMERS_PER_TRIGGER=2
+CONFIG_IIO_CROS_EC_SENSORS_CORE=m
+CONFIG_IIO_CROS_EC_SENSORS_COR=m
+CONFIG_IIO_CROS_EC_SENSORS=m
 # CONFIG_IIO_HRTIMER_TRIGGER is not set
 CONFIG_IIO_INTERRUPT_TRIGGER=m
 # CONFIG_IIO_KFIFO_BUF is not set
@@ -2169,6 +2207,8 @@ CONFIG_INPUT_MPU3050=m
 CONFIG_INPUT_PCF50633_PMU=m
 # CONFIG_INPUT_PCF8574 is not set
 CONFIG_INPUT_PCSPKR=m
+CONFIG_INPUT_PM8XXX_VIBRATOR=m
+CONFIG_INPUT_PMIC8XXX_PWRKEY=m
 CONFIG_INPUT_POLLDEV=m
 CONFIG_INPUT_POWERMATE=m
 CONFIG_INPUT_PWM_BEEPER=m
@@ -2537,6 +2577,7 @@ CONFIG_KEYBOARD_MATRIX=m
 # CONFIG_KEYBOARD_NEWTON is not set
 # CONFIG_KEYBOARD_OMAP4 is not set
 # CONFIG_KEYBOARD_OPENCORES is not set
+CONFIG_KEYBOARD_PMIC8XXX=m
 # CONFIG_KEYBOARD_QT1070 is not set
 # CONFIG_KEYBOARD_QT2160 is not set
 # CONFIG_KEYBOARD_SAMSUNG is not set
@@ -2636,6 +2677,7 @@ CONFIG_LEDS_LT3593=m
 CONFIG_LEDS_MAX8997=m
 CONFIG_LEDS_MLXCPLD=m
 # CONFIG_LEDS_NET48XX is not set
+CONFIG_LEDS_NIC78BX=m
 CONFIG_LEDS_NS2=m
 # CONFIG_LEDS_OT200 is not set
 # CONFIG_LEDS_PCA9532 is not set
@@ -2661,6 +2703,7 @@ CONFIG_LEDS_TRIGGER_PANIC=y
 CONFIG_LEDS_TRIGGERS=y
 CONFIG_LEDS_TRIGGER_TIMER=m
 CONFIG_LEDS_TRIGGER_TRANSIENT=m
+CONFIG_LEDS_USER=m
 CONFIG_LEDS_WM831X_STATUS=m
 CONFIG_LEDS_WM8350=m
 CONFIG_LED_TRIGGER_PHY=y
@@ -2700,10 +2743,12 @@ CONFIG_LITELINK_DONGLE=m
 # CONFIG_LKDTM is not set
 # CONFIG_LLC2 is not set
 CONFIG_LLC=m
+CONFIG_LMP91000=m
 # CONFIG_LNET is not set
 CONFIG_LOCALVERSION=""
 # CONFIG_LOCALVERSION_AUTO is not set
 CONFIG_LOCKD=m
+# CONFIG_LOCK_DOWN_KERNEL is not set
 CONFIG_LOCKD_V4=y
 # CONFIG_LOCK_STAT is not set
 CONFIG_LOCK_TORTURE_TEST=m
@@ -2906,6 +2951,7 @@ CONFIG_MFD_MAX8997=y
 # CONFIG_MFD_PALMAS is not set
 # CONFIG_MFD_PCF50633 is not set
 # CONFIG_MFD_PM8921_CORE is not set
+CONFIG_MFD_PM8XXX=m
 # CONFIG_MFD_RC5T583 is not set
 # CONFIG_MFD_RDC321X is not set
 # CONFIG_MFD_RETU is not set
@@ -3021,6 +3067,7 @@ CONFIG_MMC_REALTEK_PCI=m
 CONFIG_MMC_REALTEK_USB=m
 CONFIG_MMC_RICOH_MMC=y
 CONFIG_MMC_SDHCI_ACPI=m
+CONFIG_MMC_SDHCI_CADENCE=m
 CONFIG_MMC_SDHCI_DOVE=m
 # CONFIG_MMC_SDHCI_F_SDH30 is not set
 CONFIG_MMC_SDHCI_IPROC=m
@@ -3090,11 +3137,13 @@ CONFIG_MPL115=m
 CONFIG_MPL3115=m
 CONFIG_MPLS_IPTUNNEL=m
 CONFIG_MPLS_ROUTING=m
+# CONFIG_MPU3050_I2C is not set
 # CONFIG_MS5611 is not set
 # CONFIG_MS5637 is not set
 # CONFIG_MS_BLOCK is not set
 CONFIG_MSDOS_FS=m
 CONFIG_MSDOS_PARTITION=y
+# CONFIG_MSM_GCC_8994 is not set
 CONFIG_MSPRO_BLOCK=m
 CONFIG_MT7601U=m
 # CONFIG_MTD_ABSENT is not set
@@ -3706,9 +3755,12 @@ CONFIG_NSC_FIR=m
 # CONFIG_NTB is not set
 # CONFIG_NTFS_FS is not set
 CONFIG_NTP_PPS=y
+CONFIG_NVME_FC=m
 CONFIG_NVMEM=m
 CONFIG_NVMEM_SUNXI_SID=m
 CONFIG_NVME_RDMA=m
+CONFIG_NVME_TARGET_FCLOOP=m
+CONFIG_NVME_TARGET_FC=m
 CONFIG_NVME_TARGET_LOOP=m
 CONFIG_NVME_TARGET=m
 CONFIG_NVME_TARGET_RDMA=m
@@ -3932,11 +3984,13 @@ CONFIG_PINCTRL_DOVE=y
 # CONFIG_PINCTRL_IPQ4019 is not set
 # CONFIG_PINCTRL_IPQ8064 is not set
 # CONFIG_PINCTRL_MDM9615 is not set
+CONFIG_PINCTRL_MSM8994=m
 # CONFIG_PINCTRL_MSM8996 is not set
 CONFIG_PINCTRL_MVEBU=y
 # CONFIG_PINCTRL_SAMSUNG is not set
 CONFIG_PINCTRL_SINGLE=y
 # CONFIG_PINCTRL_SUNRISEPOINT is not set
+# CONFIG_PINCTRL_SX150X is not set
 CONFIG_PINCTRL=y
 CONFIG_PINMUX=y
 CONFIG_PJ4B_ERRATA_4742=y
@@ -4048,6 +4102,9 @@ CONFIG_PWM_TEGRA=m
 CONFIG_PWM=y
 # CONFIG_PWRSEQ_EMMC is not set
 # CONFIG_PWRSEQ_SIMPLE is not set
+CONFIG_QCOM_ADSP_PIL=m
+# CONFIG_QCOM_CLK_RPM is not set
+# CONFIG_QCOM_CLK_SMD_RPM is not set
 # CONFIG_QCOM_EBI2 is not set
 # CONFIG_QCOM_HIDMA is not set
 # CONFIG_QCOM_HIDMA_MGMT is not set
@@ -4213,6 +4270,7 @@ CONFIG_REISERFS_FS_SECURITY=y
 CONFIG_REISERFS_FS_XATTR=y
 CONFIG_REISERFS_PROC_INFO=y
 CONFIG_RELAY=y
+CONFIG_REMOTEPROC=m
 CONFIG_RESET_CONTROLLER=y
 CONFIG_RESET_GPIO=y
 # CONFIG_RFD_FTL is not set
@@ -4334,6 +4392,7 @@ CONFIG_RTC_DRV_PCF8563=m
 CONFIG_RTC_DRV_PCF8583=m
 CONFIG_RTC_DRV_PL030=y
 CONFIG_RTC_DRV_PL031=y
+CONFIG_RTC_DRV_PM8XXX=m
 CONFIG_RTC_DRV_R9701=m
 CONFIG_RTC_DRV_RK808=m
 CONFIG_RTC_DRV_RP5C01=m
@@ -4441,6 +4500,7 @@ CONFIG_SCHED_SMT=y
 # CONFIG_SCHED_STACK_END_CHECK is not set
 CONFIG_SCHEDSTATS=y
 CONFIG_SCHED_TRACER=y
+# CONFIG_SCR24X is not set
 # CONFIG_SCSI_3W_9XXX is not set
 # CONFIG_SCSI_3W_SAS is not set
 # CONFIG_SCSI_AACRAID is not set
@@ -4697,10 +4757,12 @@ CONFIG_SENSORS_SIS5595=m
 CONFIG_SENSORS_SMSC47B397=m
 CONFIG_SENSORS_SMSC47M192=m
 CONFIG_SENSORS_SMSC47M1=m
+CONFIG_SENSORS_TC654=m
 CONFIG_SENSORS_TC74=m
 CONFIG_SENSORS_THMC50=m
 CONFIG_SENSORS_TMP102=m
 CONFIG_SENSORS_TMP103=m
+CONFIG_SENSORS_TMP108=m
 CONFIG_SENSORS_TMP401=m
 CONFIG_SENSORS_TMP421=m
 CONFIG_SENSORS_TPS40422=m
@@ -5165,6 +5227,7 @@ CONFIG_SOUND_OSS_CORE_PRECLAIM=y
 CONFIG_SPARSE_RCU_POINTER=y
 # CONFIG_SPEAKUP is not set
 # CONFIG_SPI_ALTERA is not set
+CONFIG_SPI_ARMADA_3700=m
 # CONFIG_SPI_AXI_SPI_ENGINE is not set
 CONFIG_SPI_BCM2835AUX=m
 CONFIG_SPI_BCM2835=m
@@ -5179,6 +5242,7 @@ CONFIG_SPI_DESIGNWARE=m
 # CONFIG_SPI_DW_MID_DMA is not set
 CONFIG_SPI_DW_MMIO=m
 CONFIG_SPI_DW_PCI=m
+CONFIG_SPI_FSL_LPSPI=m
 # CONFIG_SPI_FSL_SPI is not set
 CONFIG_SPI_GPIO=m
 # CONFIG_SPI_LM70_LLP is not set
@@ -5245,6 +5309,7 @@ CONFIG_STRICT_DEVMEM=y
 CONFIG_STRIP_ASM_SYMS=y
 # CONFIG_STRIP is not set
 CONFIG_SUN4I_EMAC=m
+# CONFIG_SUN50I_A64_CCU is not set
 # CONFIG_SUN6I_A31_CCU is not set
 # CONFIG_SUN8I_A23_CCU is not set
 # CONFIG_SUN8I_A33_CCU is not set
@@ -5358,6 +5423,7 @@ CONFIG_TEHUTI=m
 CONFIG_TEKRAM_DONGLE=m
 CONFIG_TELCLOCK=m
 CONFIG_TERANETICS_PHY=m
+CONFIG_TEST_ASYNC_DRIVER_PROBE=m
 # CONFIG_TEST_BITMAP is not set
 # CONFIG_TEST_BPF is not set
 # CONFIG_TEST_FIRMWARE is not set
@@ -5539,6 +5605,7 @@ CONFIG_UHID=m
 CONFIG_UIO_AEC=m
 CONFIG_UIO_CIF=m
 # CONFIG_UIO_DMEM_GENIRQ is not set
+CONFIG_UIO_HV_GENERIC=m
 CONFIG_UIO=m
 # CONFIG_UIO_MF624 is not set
 # CONFIG_UIO_NETX is not set
@@ -5809,6 +5876,7 @@ CONFIG_USB_SERIAL_EDGEPORT=m
 CONFIG_USB_SERIAL_EDGEPORT_TI=m
 CONFIG_USB_SERIAL_EMPEG=m
 # CONFIG_USB_SERIAL_F81232 is not set
+CONFIG_USB_SERIAL_F8153X=m
 CONFIG_USB_SERIAL_FTDI_SIO=m
 CONFIG_USB_SERIAL_GARMIN=m
 CONFIG_USB_SERIAL_GENERIC=y
@@ -5945,6 +6013,8 @@ CONFIG_VFAT_FS=m
 CONFIG_VFIO_AMBA=m
 CONFIG_VFIO_IOMMU_TYPE1=m
 CONFIG_VFIO=m
+CONFIG_VFIO_MDEV_DEVICE=m
+CONFIG_VFIO_MDEV=m
 # CONFIG_VFIO_NOIOMMU is not set
 CONFIG_VFIO_PCI=m
 # CONFIG_VFIO_PLATFORM_AMDXGBE_RESET is not set
diff --git a/kernel-armv7hl-lpae.config b/kernel-armv7hl-lpae.config
index 05533a1a3..6e4408e9c 100644
--- a/kernel-armv7hl-lpae.config
+++ b/kernel-armv7hl-lpae.config
@@ -33,6 +33,7 @@ CONFIG_9P_FS_SECURITY=y
 CONFIG_A11Y_BRAILLE_CONSOLE=y
 # CONFIG_AB3100_CORE is not set
 # CONFIG_AB3100_OTP is not set
+CONFIG_ABP060MG=m
 # CONFIG_ABX500_CORE is not set
 CONFIG_ACCESSIBILITY=y
 CONFIG_ACENIC=m
@@ -79,6 +80,7 @@ CONFIG_AD525X_DPOT_SPI=m
 # CONFIG_AD7476 is not set
 # CONFIG_AD7606 is not set
 # CONFIG_AD7746 is not set
+CONFIG_AD7766=m
 # CONFIG_AD7780 is not set
 # CONFIG_AD7791 is not set
 # CONFIG_AD7793 is not set
@@ -247,6 +249,7 @@ CONFIG_ARCH_VIRT=y
 # CONFIG_ARCH_ZYNQ is not set
 # CONFIG_ARCNET is not set
 # CONFIG_ARM64_PTDUMP is not set
+# CONFIG_ARM64_SW_TTBR0_PAN is not set
 CONFIG_ARMADA_THERMAL=m
 CONFIG_ARM_AMBA=y
 CONFIG_ARM_APPENDED_DTB=y
@@ -499,6 +502,7 @@ CONFIG_BAYCOM_SER_HDX=m
 # CONFIG_BCACHE_DEBUG is not set
 CONFIG_BCACHE=m
 CONFIG_BCM2835_MBOX=y
+# CONFIG_BCM2835_VCHIQ is not set
 CONFIG_BCM2835_WDT=m
 CONFIG_BCM63XX_PHY=m
 # CONFIG_BCM7038_WDT is not set
@@ -569,6 +573,10 @@ CONFIG_BLK_DEV_THROTTLING=y
 # CONFIG_BLK_DEV_UB is not set
 CONFIG_BLK_DEV_UMEM=m
 CONFIG_BLK_DEV=y
+CONFIG_BLK_DEV_ZONED=y
+CONFIG_BLK_WBT_MQ=y
+# CONFIG_BLK_WBT_SQ is not set
+CONFIG_BLK_WBT=y
 # CONFIG_BL_SWITCHER_DUMMY_IF is not set
 CONFIG_BL_SWITCHER=y
 # CONFIG_BMA180 is not set
@@ -869,9 +877,18 @@ CONFIG_CNIC=m
 # CONFIG_COMMON_CLK_CDCE706 is not set
 # CONFIG_COMMON_CLK_CDCE925 is not set
 # CONFIG_COMMON_CLK_CS2000_CP is not set
+# CONFIG_COMMON_CLK_HI3516CV300 is not set
 # CONFIG_COMMON_CLK_HI3519 is not set
+# CONFIG_COMMON_CLK_HI3798CV200 is not set
 CONFIG_COMMON_CLK_MAX77686=m
 CONFIG_COMMON_CLK_MAX77802=m
+# CONFIG_COMMON_CLK_MT2701_BDPSYS is not set
+# CONFIG_COMMON_CLK_MT2701_ETHSYS is not set
+# CONFIG_COMMON_CLK_MT2701_HIFSYS is not set
+# CONFIG_COMMON_CLK_MT2701_IMGSYS is not set
+# CONFIG_COMMON_CLK_MT2701 is not set
+# CONFIG_COMMON_CLK_MT2701_MMSYS is not set
+# CONFIG_COMMON_CLK_MT2701_VDECSYS is not set
 # CONFIG_COMMON_CLK_MT8135 is not set
 # CONFIG_COMMON_CLK_MT8173 is not set
 # CONFIG_COMMON_CLK_OXNAS is not set
@@ -1043,6 +1060,8 @@ CONFIG_CW1200_WLAN_SPI=m
 # CONFIG_CX_ECAT is not set
 CONFIG_CYCLADES=m
 # CONFIG_CYZ_INTR is not set
+CONFIG_DA280=m
+CONFIG_DA311=m
 CONFIG_DAVICOM_PHY=m
 CONFIG_DAVINCI_WATCHDOG=m
 CONFIG_DCB=y
@@ -1149,9 +1168,11 @@ CONFIG_DMA_CMA=y
 # CONFIG_DMADEVICES_VDEBUG is not set
 CONFIG_DMADEVICES=y
 CONFIG_DMA_ENGINE=y
+# CONFIG_DMA_FENCE_TRACE is not set
 CONFIG_DMA_OF=y
 # CONFIG_DMARD06 is not set
 # CONFIG_DMARD09 is not set
+CONFIG_DMARD10=m
 CONFIG_DMA_SUN4I=m
 CONFIG_DMA_SUN6I=m
 # CONFIG_DMATEST is not set
@@ -1189,6 +1210,7 @@ CONFIG_DP83640_PHY=m
 CONFIG_DP83848_PHY=m
 CONFIG_DP83867_PHY=m
 # CONFIG_DPM_WATCHDOG is not set # revisit this in debug
+CONFIG_DPOT_DAC=m
 CONFIG_DRAGONRISE_FF=y
 # CONFIG_DRBD_FAULT_INJECTION is not set
 CONFIG_DRM_AMD_ACP=y
@@ -1208,6 +1230,7 @@ CONFIG_DRM_CIRRUS_QEMU=m # do not enable on f17 or older
 CONFIG_DRM_DP_AUX_CHARDEV=y
 # CONFIG_DRM_DUMB_VGA_DAC is not set
 CONFIG_DRM_DW_HDMI_AHB_AUDIO=m
+CONFIG_DRM_DW_HDMI_I2S_AUDIO=m
 CONFIG_DRM_DW_HDMI=m
 CONFIG_DRM_EXYNOS5433_DECON=y
 CONFIG_DRM_EXYNOS7_DECON=y
@@ -1230,15 +1253,20 @@ CONFIG_DRM_FBDEV_EMULATION=y
 # CONFIG_DRM_FSL_DCU is not set
 CONFIG_DRM_HDLCD=m
 # CONFIG_DRM_HDLCD_SHOW_UNDERRUN is not set
+CONFIG_DRM_HISI_HIBMC=m
+CONFIG_DRM_I2C_ADV7511_AUDIO=y
 CONFIG_DRM_I2C_ADV7511=m
 # CONFIG_DRM_I2C_ADV7533 is not set
 CONFIG_DRM_I2C_CH7006=m
 CONFIG_DRM_I2C_NXP_TDA998X=m
 CONFIG_DRM_I2C_SIL164=m
 # CONFIG_DRM_I810 is not set
+# CONFIG_DRM_I915_ALPHA_SUPPORT is not set
+CONFIG_DRM_I915_CAPTURE_ERROR=y
+CONFIG_DRM_I915_COMPRESS_ERROR=y
+CONFIG_DRM_I915_GVT_KVMGT=m
 CONFIG_DRM_I915_GVT=y
 CONFIG_DRM_I915=m
-# CONFIG_DRM_I915_PRELIMINARY_HW_SUPPORT is not set
 CONFIG_DRM_I915_USERPTR=y
 # CONFIG_DRM_IMX is not set
 # CONFIG_DRM_LEGACY is not set
@@ -1247,6 +1275,7 @@ CONFIG_DRM=m
 CONFIG_DRM_MALI_DISPLAY=m
 CONFIG_DRM_MGAG200=m # do not enable on f17 or older
 # CONFIG_DRM_MGA is not set
+CONFIG_DRM_MXSFB=m
 CONFIG_DRM_NOUVEAU_BACKLIGHT=y
 CONFIG_DRM_NOUVEAU=m
 # CONFIG_DRM_NXP_PTN3460 is not set
@@ -1268,6 +1297,7 @@ CONFIG_DRM_RADEON_USERPTR=y
 CONFIG_DRM_ROCKCHIP=m
 # CONFIG_DRM_SAVAGE is not set
 # CONFIG_DRM_SII902X is not set
+CONFIG_DRM_SIL_SII8620=m
 # CONFIG_DRM_SIS is not set
 # CONFIG_DRM_STI is not set
 CONFIG_DRM_SUN4I=m
@@ -1276,6 +1306,7 @@ CONFIG_DRM_SUN4I=m
 CONFIG_DRM_TEGRA=m
 CONFIG_DRM_TEGRA_STAGING=y
 # CONFIG_DRM_TILCDC is not set
+CONFIG_DRM_TI_TFP410=m
 # CONFIG_DRM_TOSHIBA_TC358767 is not set
 CONFIG_DRM_UDL=m
 CONFIG_DRM_VC4=m
@@ -1403,10 +1434,12 @@ CONFIG_EEPROM_AT24=m
 CONFIG_EEPROM_AT25=m
 CONFIG_EEPROM_LEGACY=m
 CONFIG_EEPROM_MAX6875=m
+# CONFIG_EFI_ALLOW_SECURE_BOOT_EXIT is not set
 # CONFIG_EFI_BOOTLOADER_CONTROL is not set
 # CONFIG_EFI_CAPSULE_LOADER is not set
 CONFIG_EFI_PARTITION=y
 # CONFIG_EFI_PGT_DUMP is not set
+# CONFIG_EFI_SECURE_BOOT_LOCK_DOWN is not set
 # CONFIG_EFI_SIGNATURE_LIST_PARSER is not set
 # CONFIG_EFI_TEST is not set
 CONFIG_EFIVAR_FS=y
@@ -1423,6 +1456,7 @@ CONFIG_ENC28J60=m
 CONFIG_ENCLOSURE_SERVICES=m
 CONFIG_ENCRYPTED_KEYS=m
 CONFIG_ENIC=m
+CONFIG_ENVELOPE_DETECTOR=m
 CONFIG_EPIC100=m
 CONFIG_EPOLL=y
 CONFIG_EQUALIZER=m
@@ -1575,7 +1609,6 @@ CONFIG_FCOE_FNIC=m
 CONFIG_FCOE=m
 # CONFIG_FDDI is not set
 CONFIG_FEALNX=m
-# CONFIG_FENCE_TRACE is not set
 CONFIG_FHANDLE=y
 # CONFIG_FIREWIRE is not set
 CONFIG_FIREWIRE_NET=m
@@ -1892,10 +1925,12 @@ CONFIG_HOTPLUG=y
 # CONFIG_HSR is not set
 # CONFIG_HSU_DMA is not set
 # CONFIG_HSU_DMA_PCI is not set
+CONFIG_HT16K33=m
 # CONFIG_HTC_EGPIO is not set
 # CONFIG_HTC_I2CPLD is not set
 # CONFIG_HTC_PASIC3 is not set
 CONFIG_HT_IRQ=y
+CONFIG_HTS221=m
 # CONFIG_HTU21 is not set
 CONFIG_HUGETLBFS=y
 CONFIG_HUGETLB_PAGE=y
@@ -2027,6 +2062,9 @@ CONFIG_IIO_BUFFER_CB=y
 CONFIG_IIO_BUFFER=y
 CONFIG_IIO_CONFIGFS=m
 CONFIG_IIO_CONSUMERS_PER_TRIGGER=2
+CONFIG_IIO_CROS_EC_SENSORS_CORE=m
+CONFIG_IIO_CROS_EC_SENSORS_COR=m
+CONFIG_IIO_CROS_EC_SENSORS=m
 # CONFIG_IIO_HRTIMER_TRIGGER is not set
 CONFIG_IIO_INTERRUPT_TRIGGER=m
 # CONFIG_IIO_KFIFO_BUF is not set
@@ -2153,6 +2191,8 @@ CONFIG_INPUT_MPU3050=m
 CONFIG_INPUT_PCF50633_PMU=m
 # CONFIG_INPUT_PCF8574 is not set
 CONFIG_INPUT_PCSPKR=m
+CONFIG_INPUT_PM8XXX_VIBRATOR=m
+CONFIG_INPUT_PMIC8XXX_PWRKEY=m
 CONFIG_INPUT_POLLDEV=m
 CONFIG_INPUT_POWERMATE=m
 CONFIG_INPUT_PWM_BEEPER=m
@@ -2519,6 +2559,7 @@ CONFIG_KEYBOARD_MATRIX=m
 # CONFIG_KEYBOARD_NEWTON is not set
 # CONFIG_KEYBOARD_OMAP4 is not set
 # CONFIG_KEYBOARD_OPENCORES is not set
+CONFIG_KEYBOARD_PMIC8XXX=m
 # CONFIG_KEYBOARD_QT1070 is not set
 # CONFIG_KEYBOARD_QT2160 is not set
 # CONFIG_KEYBOARD_SAMSUNG is not set
@@ -2618,6 +2659,7 @@ CONFIG_LEDS_LT3593=m
 CONFIG_LEDS_MAX8997=m
 CONFIG_LEDS_MLXCPLD=m
 # CONFIG_LEDS_NET48XX is not set
+CONFIG_LEDS_NIC78BX=m
 CONFIG_LEDS_NS2=m
 # CONFIG_LEDS_OT200 is not set
 # CONFIG_LEDS_PCA9532 is not set
@@ -2643,6 +2685,7 @@ CONFIG_LEDS_TRIGGER_PANIC=y
 CONFIG_LEDS_TRIGGERS=y
 CONFIG_LEDS_TRIGGER_TIMER=m
 CONFIG_LEDS_TRIGGER_TRANSIENT=m
+CONFIG_LEDS_USER=m
 CONFIG_LEDS_WM831X_STATUS=m
 CONFIG_LEDS_WM8350=m
 CONFIG_LED_TRIGGER_PHY=y
@@ -2682,10 +2725,12 @@ CONFIG_LITELINK_DONGLE=m
 # CONFIG_LKDTM is not set
 # CONFIG_LLC2 is not set
 CONFIG_LLC=m
+CONFIG_LMP91000=m
 # CONFIG_LNET is not set
 CONFIG_LOCALVERSION=""
 # CONFIG_LOCALVERSION_AUTO is not set
 CONFIG_LOCKD=m
+# CONFIG_LOCK_DOWN_KERNEL is not set
 CONFIG_LOCKD_V4=y
 # CONFIG_LOCK_STAT is not set
 # CONFIG_LOCK_TORTURE_TEST is not set
@@ -2887,6 +2932,7 @@ CONFIG_MFD_MAX8997=y
 # CONFIG_MFD_PALMAS is not set
 # CONFIG_MFD_PCF50633 is not set
 # CONFIG_MFD_PM8921_CORE is not set
+CONFIG_MFD_PM8XXX=m
 # CONFIG_MFD_RC5T583 is not set
 # CONFIG_MFD_RDC321X is not set
 # CONFIG_MFD_RETU is not set
@@ -3002,6 +3048,7 @@ CONFIG_MMC_REALTEK_PCI=m
 CONFIG_MMC_REALTEK_USB=m
 CONFIG_MMC_RICOH_MMC=y
 CONFIG_MMC_SDHCI_ACPI=m
+CONFIG_MMC_SDHCI_CADENCE=m
 CONFIG_MMC_SDHCI_DOVE=m
 # CONFIG_MMC_SDHCI_F_SDH30 is not set
 CONFIG_MMC_SDHCI_IPROC=m
@@ -3070,11 +3117,13 @@ CONFIG_MPL115=m
 CONFIG_MPL3115=m
 CONFIG_MPLS_IPTUNNEL=m
 CONFIG_MPLS_ROUTING=m
+# CONFIG_MPU3050_I2C is not set
 # CONFIG_MS5611 is not set
 # CONFIG_MS5637 is not set
 # CONFIG_MS_BLOCK is not set
 CONFIG_MSDOS_FS=m
 CONFIG_MSDOS_PARTITION=y
+# CONFIG_MSM_GCC_8994 is not set
 CONFIG_MSPRO_BLOCK=m
 CONFIG_MT7601U=m
 # CONFIG_MTD_ABSENT is not set
@@ -3686,9 +3735,12 @@ CONFIG_NSC_FIR=m
 # CONFIG_NTB is not set
 # CONFIG_NTFS_FS is not set
 CONFIG_NTP_PPS=y
+CONFIG_NVME_FC=m
 CONFIG_NVMEM=m
 CONFIG_NVMEM_SUNXI_SID=m
 CONFIG_NVME_RDMA=m
+CONFIG_NVME_TARGET_FCLOOP=m
+CONFIG_NVME_TARGET_FC=m
 CONFIG_NVME_TARGET_LOOP=m
 CONFIG_NVME_TARGET=m
 CONFIG_NVME_TARGET_RDMA=m
@@ -3912,11 +3964,13 @@ CONFIG_PINCTRL_DOVE=y
 # CONFIG_PINCTRL_IPQ4019 is not set
 # CONFIG_PINCTRL_IPQ8064 is not set
 # CONFIG_PINCTRL_MDM9615 is not set
+CONFIG_PINCTRL_MSM8994=m
 # CONFIG_PINCTRL_MSM8996 is not set
 CONFIG_PINCTRL_MVEBU=y
 # CONFIG_PINCTRL_SAMSUNG is not set
 CONFIG_PINCTRL_SINGLE=y
 # CONFIG_PINCTRL_SUNRISEPOINT is not set
+# CONFIG_PINCTRL_SX150X is not set
 CONFIG_PINCTRL=y
 CONFIG_PINMUX=y
 CONFIG_PJ4B_ERRATA_4742=y
@@ -4027,6 +4081,9 @@ CONFIG_PWM_TEGRA=m
 CONFIG_PWM=y
 # CONFIG_PWRSEQ_EMMC is not set
 # CONFIG_PWRSEQ_SIMPLE is not set
+CONFIG_QCOM_ADSP_PIL=m
+# CONFIG_QCOM_CLK_RPM is not set
+# CONFIG_QCOM_CLK_SMD_RPM is not set
 # CONFIG_QCOM_EBI2 is not set
 # CONFIG_QCOM_HIDMA is not set
 # CONFIG_QCOM_HIDMA_MGMT is not set
@@ -4192,6 +4249,7 @@ CONFIG_REISERFS_FS_SECURITY=y
 CONFIG_REISERFS_FS_XATTR=y
 CONFIG_REISERFS_PROC_INFO=y
 CONFIG_RELAY=y
+CONFIG_REMOTEPROC=m
 CONFIG_RESET_CONTROLLER=y
 CONFIG_RESET_GPIO=y
 # CONFIG_RFD_FTL is not set
@@ -4313,6 +4371,7 @@ CONFIG_RTC_DRV_PCF8563=m
 CONFIG_RTC_DRV_PCF8583=m
 CONFIG_RTC_DRV_PL030=y
 CONFIG_RTC_DRV_PL031=y
+CONFIG_RTC_DRV_PM8XXX=m
 CONFIG_RTC_DRV_R9701=m
 CONFIG_RTC_DRV_RK808=m
 CONFIG_RTC_DRV_RP5C01=m
@@ -4420,6 +4479,7 @@ CONFIG_SCHED_SMT=y
 # CONFIG_SCHED_STACK_END_CHECK is not set
 CONFIG_SCHEDSTATS=y
 CONFIG_SCHED_TRACER=y
+# CONFIG_SCR24X is not set
 # CONFIG_SCSI_3W_9XXX is not set
 # CONFIG_SCSI_3W_SAS is not set
 # CONFIG_SCSI_AACRAID is not set
@@ -4676,10 +4736,12 @@ CONFIG_SENSORS_SIS5595=m
 CONFIG_SENSORS_SMSC47B397=m
 CONFIG_SENSORS_SMSC47M192=m
 CONFIG_SENSORS_SMSC47M1=m
+CONFIG_SENSORS_TC654=m
 CONFIG_SENSORS_TC74=m
 CONFIG_SENSORS_THMC50=m
 CONFIG_SENSORS_TMP102=m
 CONFIG_SENSORS_TMP103=m
+CONFIG_SENSORS_TMP108=m
 CONFIG_SENSORS_TMP401=m
 CONFIG_SENSORS_TMP421=m
 CONFIG_SENSORS_TPS40422=m
@@ -5143,6 +5205,7 @@ CONFIG_SOUND_OSS_CORE_PRECLAIM=y
 CONFIG_SPARSE_RCU_POINTER=y
 # CONFIG_SPEAKUP is not set
 # CONFIG_SPI_ALTERA is not set
+CONFIG_SPI_ARMADA_3700=m
 # CONFIG_SPI_AXI_SPI_ENGINE is not set
 CONFIG_SPI_BCM2835AUX=m
 CONFIG_SPI_BCM2835=m
@@ -5157,6 +5220,7 @@ CONFIG_SPI_DESIGNWARE=m
 # CONFIG_SPI_DW_MID_DMA is not set
 CONFIG_SPI_DW_MMIO=m
 CONFIG_SPI_DW_PCI=m
+CONFIG_SPI_FSL_LPSPI=m
 # CONFIG_SPI_FSL_SPI is not set
 CONFIG_SPI_GPIO=m
 # CONFIG_SPI_LM70_LLP is not set
@@ -5223,6 +5287,7 @@ CONFIG_STRICT_DEVMEM=y
 CONFIG_STRIP_ASM_SYMS=y
 # CONFIG_STRIP is not set
 CONFIG_SUN4I_EMAC=m
+# CONFIG_SUN50I_A64_CCU is not set
 # CONFIG_SUN6I_A31_CCU is not set
 # CONFIG_SUN8I_A23_CCU is not set
 # CONFIG_SUN8I_A33_CCU is not set
@@ -5336,6 +5401,7 @@ CONFIG_TEHUTI=m
 CONFIG_TEKRAM_DONGLE=m
 CONFIG_TELCLOCK=m
 CONFIG_TERANETICS_PHY=m
+CONFIG_TEST_ASYNC_DRIVER_PROBE=m
 # CONFIG_TEST_BITMAP is not set
 # CONFIG_TEST_BPF is not set
 # CONFIG_TEST_FIRMWARE is not set
@@ -5517,6 +5583,7 @@ CONFIG_UHID=m
 CONFIG_UIO_AEC=m
 CONFIG_UIO_CIF=m
 # CONFIG_UIO_DMEM_GENIRQ is not set
+CONFIG_UIO_HV_GENERIC=m
 CONFIG_UIO=m
 # CONFIG_UIO_MF624 is not set
 # CONFIG_UIO_NETX is not set
@@ -5787,6 +5854,7 @@ CONFIG_USB_SERIAL_EDGEPORT=m
 CONFIG_USB_SERIAL_EDGEPORT_TI=m
 CONFIG_USB_SERIAL_EMPEG=m
 # CONFIG_USB_SERIAL_F81232 is not set
+CONFIG_USB_SERIAL_F8153X=m
 CONFIG_USB_SERIAL_FTDI_SIO=m
 CONFIG_USB_SERIAL_GARMIN=m
 CONFIG_USB_SERIAL_GENERIC=y
@@ -5923,6 +5991,8 @@ CONFIG_VFAT_FS=m
 CONFIG_VFIO_AMBA=m
 CONFIG_VFIO_IOMMU_TYPE1=m
 CONFIG_VFIO=m
+CONFIG_VFIO_MDEV_DEVICE=m
+CONFIG_VFIO_MDEV=m
 # CONFIG_VFIO_NOIOMMU is not set
 CONFIG_VFIO_PCI=m
 # CONFIG_VFIO_PLATFORM_AMDXGBE_RESET is not set
diff --git a/kernel-armv7hl.config b/kernel-armv7hl.config
index 6f896bba7..aab12c200 100644
--- a/kernel-armv7hl.config
+++ b/kernel-armv7hl.config
@@ -33,6 +33,7 @@ CONFIG_9P_FS_SECURITY=y
 CONFIG_A11Y_BRAILLE_CONSOLE=y
 # CONFIG_AB3100_CORE is not set
 # CONFIG_AB3100_OTP is not set
+CONFIG_ABP060MG=m
 # CONFIG_ABX500_CORE is not set
 CONFIG_ACCESSIBILITY=y
 CONFIG_ACENIC=m
@@ -79,6 +80,7 @@ CONFIG_AD525X_DPOT_SPI=m
 # CONFIG_AD7476 is not set
 # CONFIG_AD7606 is not set
 # CONFIG_AD7746 is not set
+CONFIG_AD7766=m
 # CONFIG_AD7780 is not set
 # CONFIG_AD7791 is not set
 # CONFIG_AD7793 is not set
@@ -255,6 +257,7 @@ CONFIG_ARCH_VIRT=y
 CONFIG_ARCH_ZYNQ=y
 # CONFIG_ARCNET is not set
 # CONFIG_ARM64_PTDUMP is not set
+# CONFIG_ARM64_SW_TTBR0_PAN is not set
 CONFIG_ARMADA_THERMAL=m
 CONFIG_ARM_AMBA=y
 CONFIG_ARM_APPENDED_DTB=y
@@ -518,6 +521,7 @@ CONFIG_BAYCOM_SER_HDX=m
 # CONFIG_BCACHE_DEBUG is not set
 CONFIG_BCACHE=m
 CONFIG_BCM2835_MBOX=y
+# CONFIG_BCM2835_VCHIQ is not set
 CONFIG_BCM2835_WDT=m
 CONFIG_BCM63XX_PHY=m
 # CONFIG_BCM7038_WDT is not set
@@ -588,6 +592,10 @@ CONFIG_BLK_DEV_THROTTLING=y
 # CONFIG_BLK_DEV_UB is not set
 CONFIG_BLK_DEV_UMEM=m
 CONFIG_BLK_DEV=y
+CONFIG_BLK_DEV_ZONED=y
+CONFIG_BLK_WBT_MQ=y
+# CONFIG_BLK_WBT_SQ is not set
+CONFIG_BLK_WBT=y
 # CONFIG_BL_SWITCHER_DUMMY_IF is not set
 CONFIG_BL_SWITCHER=y
 # CONFIG_BMA180 is not set
@@ -891,9 +899,18 @@ CONFIG_COMMON_CLK_AXI_CLKGEN=m
 # CONFIG_COMMON_CLK_CDCE706 is not set
 # CONFIG_COMMON_CLK_CDCE925 is not set
 # CONFIG_COMMON_CLK_CS2000_CP is not set
+# CONFIG_COMMON_CLK_HI3516CV300 is not set
 # CONFIG_COMMON_CLK_HI3519 is not set
+# CONFIG_COMMON_CLK_HI3798CV200 is not set
 CONFIG_COMMON_CLK_MAX77686=m
 CONFIG_COMMON_CLK_MAX77802=m
+# CONFIG_COMMON_CLK_MT2701_BDPSYS is not set
+# CONFIG_COMMON_CLK_MT2701_ETHSYS is not set
+# CONFIG_COMMON_CLK_MT2701_HIFSYS is not set
+# CONFIG_COMMON_CLK_MT2701_IMGSYS is not set
+# CONFIG_COMMON_CLK_MT2701 is not set
+# CONFIG_COMMON_CLK_MT2701_MMSYS is not set
+# CONFIG_COMMON_CLK_MT2701_VDECSYS is not set
 # CONFIG_COMMON_CLK_MT8135 is not set
 # CONFIG_COMMON_CLK_MT8173 is not set
 # CONFIG_COMMON_CLK_OXNAS is not set
@@ -1087,6 +1104,8 @@ CONFIG_CW1200_WLAN_SPI=m
 # CONFIG_CX_ECAT is not set
 CONFIG_CYCLADES=m
 # CONFIG_CYZ_INTR is not set
+CONFIG_DA280=m
+CONFIG_DA311=m
 CONFIG_DA9052_WATCHDOG=m
 CONFIG_DA9055_WATCHDOG=m
 CONFIG_DAVICOM_PHY=m
@@ -1194,10 +1213,12 @@ CONFIG_DMA_CMA=y
 # CONFIG_DMADEVICES_VDEBUG is not set
 CONFIG_DMADEVICES=y
 CONFIG_DMA_ENGINE=y
+# CONFIG_DMA_FENCE_TRACE is not set
 CONFIG_DMA_OF=y
 CONFIG_DMA_OMAP=m
 # CONFIG_DMARD06 is not set
 # CONFIG_DMARD09 is not set
+CONFIG_DMARD10=m
 CONFIG_DMA_SUN4I=m
 CONFIG_DMA_SUN6I=m
 # CONFIG_DMATEST is not set
@@ -1235,6 +1256,7 @@ CONFIG_DP83640_PHY=m
 CONFIG_DP83848_PHY=m
 CONFIG_DP83867_PHY=m
 # CONFIG_DPM_WATCHDOG is not set # revisit this in debug
+CONFIG_DPOT_DAC=m
 CONFIG_DRAGONRISE_FF=y
 # CONFIG_DRBD_FAULT_INJECTION is not set
 CONFIG_DRM_AMD_ACP=y
@@ -1254,6 +1276,7 @@ CONFIG_DRM_CIRRUS_QEMU=m # do not enable on f17 or older
 CONFIG_DRM_DP_AUX_CHARDEV=y
 # CONFIG_DRM_DUMB_VGA_DAC is not set
 CONFIG_DRM_DW_HDMI_AHB_AUDIO=m
+CONFIG_DRM_DW_HDMI_I2S_AUDIO=m
 CONFIG_DRM_DW_HDMI=m
 CONFIG_DRM_ETNAVIV=m
 # CONFIG_DRM_ETNAVIV_REGISTER_LOGGING is not set
@@ -1278,15 +1301,20 @@ CONFIG_DRM_FBDEV_EMULATION=y
 # CONFIG_DRM_FSL_DCU is not set
 CONFIG_DRM_HDLCD=m
 # CONFIG_DRM_HDLCD_SHOW_UNDERRUN is not set
+CONFIG_DRM_HISI_HIBMC=m
+CONFIG_DRM_I2C_ADV7511_AUDIO=y
 CONFIG_DRM_I2C_ADV7511=m
 # CONFIG_DRM_I2C_ADV7533 is not set
 CONFIG_DRM_I2C_CH7006=m
 CONFIG_DRM_I2C_NXP_TDA998X=m
 CONFIG_DRM_I2C_SIL164=m
 # CONFIG_DRM_I810 is not set
+# CONFIG_DRM_I915_ALPHA_SUPPORT is not set
+CONFIG_DRM_I915_CAPTURE_ERROR=y
+CONFIG_DRM_I915_COMPRESS_ERROR=y
+CONFIG_DRM_I915_GVT_KVMGT=m
 CONFIG_DRM_I915_GVT=y
 CONFIG_DRM_I915=m
-# CONFIG_DRM_I915_PRELIMINARY_HW_SUPPORT is not set
 CONFIG_DRM_I915_USERPTR=y
 CONFIG_DRM_IMX_HDMI=m
 CONFIG_DRM_IMX_IPUV3=m
@@ -1304,6 +1332,7 @@ CONFIG_DRM_MGAG200=m # do not enable on f17 or older
 CONFIG_DRM_MSM_HDMI_HDCP=y
 CONFIG_DRM_MSM=m
 # CONFIG_DRM_MSM_REGISTER_LOGGING is not set
+CONFIG_DRM_MXSFB=m
 CONFIG_DRM_NOUVEAU_BACKLIGHT=y
 CONFIG_DRM_NOUVEAU=m
 # CONFIG_DRM_NXP_PTN3460 is not set
@@ -1340,6 +1369,7 @@ CONFIG_DRM_RADEON_USERPTR=y
 CONFIG_DRM_ROCKCHIP=m
 # CONFIG_DRM_SAVAGE is not set
 # CONFIG_DRM_SII902X is not set
+CONFIG_DRM_SIL_SII8620=m
 # CONFIG_DRM_SIS is not set
 # CONFIG_DRM_STI is not set
 CONFIG_DRM_SUN4I=m
@@ -1349,6 +1379,7 @@ CONFIG_DRM_TEGRA=m
 CONFIG_DRM_TEGRA_STAGING=y
 CONFIG_DRM_TILCDC=m
 CONFIG_DRM_TILCDC_SLAVE_COMPAT=y
+CONFIG_DRM_TI_TFP410=m
 # CONFIG_DRM_TOSHIBA_TC358767 is not set
 CONFIG_DRM_UDL=m
 CONFIG_DRM_VC4=m
@@ -1477,10 +1508,12 @@ CONFIG_EEPROM_AT24=m
 CONFIG_EEPROM_AT25=m
 CONFIG_EEPROM_LEGACY=m
 CONFIG_EEPROM_MAX6875=m
+# CONFIG_EFI_ALLOW_SECURE_BOOT_EXIT is not set
 # CONFIG_EFI_BOOTLOADER_CONTROL is not set
 # CONFIG_EFI_CAPSULE_LOADER is not set
 CONFIG_EFI_PARTITION=y
 # CONFIG_EFI_PGT_DUMP is not set
+# CONFIG_EFI_SECURE_BOOT_LOCK_DOWN is not set
 # CONFIG_EFI_SIGNATURE_LIST_PARSER is not set
 # CONFIG_EFI_TEST is not set
 CONFIG_EFIVAR_FS=y
@@ -1497,6 +1530,7 @@ CONFIG_ENC28J60=m
 CONFIG_ENCLOSURE_SERVICES=m
 CONFIG_ENCRYPTED_KEYS=m
 CONFIG_ENIC=m
+CONFIG_ENVELOPE_DETECTOR=m
 CONFIG_EPIC100=m
 CONFIG_EPOLL=y
 CONFIG_EQUALIZER=m
@@ -1654,7 +1688,6 @@ CONFIG_FCOE=m
 # CONFIG_FDDI is not set
 CONFIG_FEALNX=m
 CONFIG_FEC=m
-# CONFIG_FENCE_TRACE is not set
 CONFIG_FHANDLE=y
 # CONFIG_FIREWIRE is not set
 CONFIG_FIREWIRE_NET=m
@@ -1983,10 +2016,12 @@ CONFIG_HOTPLUG=y
 # CONFIG_HSR is not set
 # CONFIG_HSU_DMA is not set
 # CONFIG_HSU_DMA_PCI is not set
+CONFIG_HT16K33=m
 # CONFIG_HTC_EGPIO is not set
 # CONFIG_HTC_I2CPLD is not set
 # CONFIG_HTC_PASIC3 is not set
 CONFIG_HT_IRQ=y
+CONFIG_HTS221=m
 # CONFIG_HTU21 is not set
 CONFIG_HUGETLBFS=y
 CONFIG_HUGETLB_PAGE=y
@@ -2126,6 +2161,9 @@ CONFIG_IIO_BUFFER_CB=y
 CONFIG_IIO_BUFFER=y
 CONFIG_IIO_CONFIGFS=m
 CONFIG_IIO_CONSUMERS_PER_TRIGGER=2
+CONFIG_IIO_CROS_EC_SENSORS_CORE=m
+CONFIG_IIO_CROS_EC_SENSORS_COR=m
+CONFIG_IIO_CROS_EC_SENSORS=m
 # CONFIG_IIO_HRTIMER_TRIGGER is not set
 CONFIG_IIO_INTERRUPT_TRIGGER=m
 # CONFIG_IIO_KFIFO_BUF is not set
@@ -2739,6 +2777,7 @@ CONFIG_LEDS_MAX8997=m
 CONFIG_LEDS_MC13783=m
 CONFIG_LEDS_MLXCPLD=m
 # CONFIG_LEDS_NET48XX is not set
+CONFIG_LEDS_NIC78BX=m
 CONFIG_LEDS_NS2=m
 # CONFIG_LEDS_OT200 is not set
 # CONFIG_LEDS_PCA9532 is not set
@@ -2764,6 +2803,7 @@ CONFIG_LEDS_TRIGGER_PANIC=y
 CONFIG_LEDS_TRIGGERS=y
 CONFIG_LEDS_TRIGGER_TIMER=m
 CONFIG_LEDS_TRIGGER_TRANSIENT=m
+CONFIG_LEDS_USER=m
 CONFIG_LEDS_WM831X_STATUS=m
 CONFIG_LEDS_WM8350=m
 CONFIG_LED_TRIGGER_PHY=y
@@ -2803,10 +2843,12 @@ CONFIG_LITELINK_DONGLE=m
 # CONFIG_LKDTM is not set
 # CONFIG_LLC2 is not set
 CONFIG_LLC=m
+CONFIG_LMP91000=m
 # CONFIG_LNET is not set
 CONFIG_LOCALVERSION=""
 # CONFIG_LOCALVERSION_AUTO is not set
 CONFIG_LOCKD=m
+# CONFIG_LOCK_DOWN_KERNEL is not set
 CONFIG_LOCKD_V4=y
 # CONFIG_LOCK_STAT is not set
 # CONFIG_LOCK_TORTURE_TEST is not set
@@ -3138,6 +3180,7 @@ CONFIG_MMC_REALTEK_PCI=m
 CONFIG_MMC_REALTEK_USB=m
 CONFIG_MMC_RICOH_MMC=y
 CONFIG_MMC_SDHCI_ACPI=m
+CONFIG_MMC_SDHCI_CADENCE=m
 CONFIG_MMC_SDHCI_DOVE=m
 CONFIG_MMC_SDHCI_ESDHC_IMX=m
 # CONFIG_MMC_SDHCI_F_SDH30 is not set
@@ -3211,6 +3254,7 @@ CONFIG_MPL115=m
 CONFIG_MPL3115=m
 CONFIG_MPLS_IPTUNNEL=m
 CONFIG_MPLS_ROUTING=m
+# CONFIG_MPU3050_I2C is not set
 # CONFIG_MS5611 is not set
 # CONFIG_MS5637 is not set
 # CONFIG_MS_BLOCK is not set
@@ -3220,6 +3264,7 @@ CONFIG_MSM_GCC_8660=m
 # CONFIG_MSM_GCC_8916 is not set
 CONFIG_MSM_GCC_8960=m
 CONFIG_MSM_GCC_8974=m
+# CONFIG_MSM_GCC_8994 is not set
 CONFIG_MSM_GCC_8996=m
 # CONFIG_MSM_IOMMU is not set
 # CONFIG_MSM_LCC_8960 is not set
@@ -3849,10 +3894,13 @@ CONFIG_NSC_FIR=m
 CONFIG_NTP_PPS=y
 CONFIG_NVEC_PAZ00=y
 CONFIG_NVEC_POWER=y
+CONFIG_NVME_FC=m
 CONFIG_NVMEM_IMX_OCOTP=m
 CONFIG_NVMEM=m
 CONFIG_NVMEM_SUNXI_SID=m
 CONFIG_NVME_RDMA=m
+CONFIG_NVME_TARGET_FCLOOP=m
+CONFIG_NVME_TARGET_FC=m
 CONFIG_NVME_TARGET_LOOP=m
 CONFIG_NVME_TARGET=m
 CONFIG_NVME_TARGET_RDMA=m
@@ -4125,6 +4173,7 @@ CONFIG_PINCTRL_IMX6SL=y
 CONFIG_PINCTRL_MSM8660=m
 CONFIG_PINCTRL_MSM8916=m
 CONFIG_PINCTRL_MSM8960=m
+CONFIG_PINCTRL_MSM8994=m
 # CONFIG_PINCTRL_MSM8996 is not set
 CONFIG_PINCTRL_MSM8X74=m
 CONFIG_PINCTRL_MVEBU=y
@@ -4134,6 +4183,7 @@ CONFIG_PINCTRL_QCOM_SSBI_PMIC=m
 # CONFIG_PINCTRL_SAMSUNG is not set
 CONFIG_PINCTRL_SINGLE=y
 # CONFIG_PINCTRL_SUNRISEPOINT is not set
+# CONFIG_PINCTRL_SX150X is not set
 CONFIG_PINCTRL=y
 CONFIG_PINCTRL_ZYNQ=y
 CONFIG_PINMUX=y
@@ -4257,7 +4307,10 @@ CONFIG_PWM=y
 # CONFIG_PWRSEQ_EMMC is not set
 # CONFIG_PWRSEQ_SIMPLE is not set
 CONFIG_PXA_DMA=y
+CONFIG_QCOM_ADSP_PIL=m
 CONFIG_QCOM_BAM_DMA=m
+# CONFIG_QCOM_CLK_RPM is not set
+# CONFIG_QCOM_CLK_SMD_RPM is not set
 CONFIG_QCOM_COINCELL=m
 # CONFIG_QCOM_EBI2 is not set
 CONFIG_QCOM_GSBI=m
@@ -4691,6 +4744,7 @@ CONFIG_SCHED_SMT=y
 # CONFIG_SCHED_STACK_END_CHECK is not set
 CONFIG_SCHEDSTATS=y
 CONFIG_SCHED_TRACER=y
+# CONFIG_SCR24X is not set
 # CONFIG_SCSI_3W_9XXX is not set
 # CONFIG_SCSI_3W_SAS is not set
 # CONFIG_SCSI_AACRAID is not set
@@ -4950,10 +5004,12 @@ CONFIG_SENSORS_SIS5595=m
 CONFIG_SENSORS_SMSC47B397=m
 CONFIG_SENSORS_SMSC47M192=m
 CONFIG_SENSORS_SMSC47M1=m
+CONFIG_SENSORS_TC654=m
 CONFIG_SENSORS_TC74=m
 CONFIG_SENSORS_THMC50=m
 CONFIG_SENSORS_TMP102=m
 CONFIG_SENSORS_TMP103=m
+CONFIG_SENSORS_TMP108=m
 CONFIG_SENSORS_TMP401=m
 CONFIG_SENSORS_TMP421=m
 CONFIG_SENSORS_TPS40422=m
@@ -5488,6 +5544,7 @@ CONFIG_SOUND_OSS_CORE_PRECLAIM=y
 CONFIG_SPARSE_RCU_POINTER=y
 # CONFIG_SPEAKUP is not set
 # CONFIG_SPI_ALTERA is not set
+CONFIG_SPI_ARMADA_3700=m
 # CONFIG_SPI_AXI_SPI_ENGINE is not set
 CONFIG_SPI_BCM2835AUX=m
 CONFIG_SPI_BCM2835=m
@@ -5502,6 +5559,7 @@ CONFIG_SPI_DESIGNWARE=m
 # CONFIG_SPI_DW_MID_DMA is not set
 CONFIG_SPI_DW_MMIO=m
 CONFIG_SPI_DW_PCI=m
+CONFIG_SPI_FSL_LPSPI=m
 CONFIG_SPI_FSL_QUADSPI=m
 # CONFIG_SPI_FSL_SPI is not set
 CONFIG_SPI_GPIO=m
@@ -5577,6 +5635,7 @@ CONFIG_STRICT_DEVMEM=y
 CONFIG_STRIP_ASM_SYMS=y
 # CONFIG_STRIP is not set
 CONFIG_SUN4I_EMAC=m
+# CONFIG_SUN50I_A64_CCU is not set
 # CONFIG_SUN6I_A31_CCU is not set
 # CONFIG_SUN8I_A23_CCU is not set
 # CONFIG_SUN8I_A33_CCU is not set
@@ -5689,6 +5748,7 @@ CONFIG_TEHUTI=m
 CONFIG_TEKRAM_DONGLE=m
 CONFIG_TELCLOCK=m
 CONFIG_TERANETICS_PHY=m
+CONFIG_TEST_ASYNC_DRIVER_PROBE=m
 # CONFIG_TEST_BITMAP is not set
 # CONFIG_TEST_BPF is not set
 # CONFIG_TEST_FIRMWARE is not set
@@ -5885,6 +5945,7 @@ CONFIG_UHID=m
 CONFIG_UIO_AEC=m
 CONFIG_UIO_CIF=m
 # CONFIG_UIO_DMEM_GENIRQ is not set
+CONFIG_UIO_HV_GENERIC=m
 CONFIG_UIO=m
 # CONFIG_UIO_MF624 is not set
 # CONFIG_UIO_NETX is not set
@@ -6170,6 +6231,7 @@ CONFIG_USB_SERIAL_EDGEPORT=m
 CONFIG_USB_SERIAL_EDGEPORT_TI=m
 CONFIG_USB_SERIAL_EMPEG=m
 # CONFIG_USB_SERIAL_F81232 is not set
+CONFIG_USB_SERIAL_F8153X=m
 CONFIG_USB_SERIAL_FTDI_SIO=m
 CONFIG_USB_SERIAL_GARMIN=m
 CONFIG_USB_SERIAL_GENERIC=y
@@ -6307,6 +6369,8 @@ CONFIG_VFAT_FS=m
 CONFIG_VFIO_AMBA=m
 CONFIG_VFIO_IOMMU_TYPE1=m
 CONFIG_VFIO=m
+CONFIG_VFIO_MDEV_DEVICE=m
+CONFIG_VFIO_MDEV=m
 # CONFIG_VFIO_NOIOMMU is not set
 CONFIG_VFIO_PCI=m
 # CONFIG_VFIO_PLATFORM_AMDXGBE_RESET is not set
diff --git a/kernel-i686-PAE.config b/kernel-i686-PAE.config
index f3fce10a7..0a2db01dc 100644
--- a/kernel-i686-PAE.config
+++ b/kernel-i686-PAE.config
@@ -34,6 +34,7 @@ CONFIG_9P_FS_SECURITY=y
 CONFIG_A11Y_BRAILLE_CONSOLE=y
 # CONFIG_AB3100_CORE is not set
 # CONFIG_AB3100_OTP is not set
+CONFIG_ABP060MG=m
 # CONFIG_ABX500_CORE is not set
 CONFIG_ACCESSIBILITY=y
 CONFIG_ACENIC=m
@@ -114,6 +115,7 @@ CONFIG_ACTISYS_DONGLE=m
 # CONFIG_AD7476 is not set
 # CONFIG_AD7606 is not set
 # CONFIG_AD7746 is not set
+CONFIG_AD7766=m
 # CONFIG_AD7780 is not set
 # CONFIG_AD7791 is not set
 # CONFIG_AD7793 is not set
@@ -223,6 +225,7 @@ CONFIG_AR5523=m
 CONFIG_ARC_EMAC=m
 # CONFIG_ARCNET is not set
 # CONFIG_ARM64_PTDUMP is not set
+# CONFIG_ARM64_SW_TTBR0_PAN is not set
 # CONFIG_ARM_ARCH_TIMER_EVTSTREAM is not set
 # CONFIG_ARM_SCPI_PROTOCOL is not set
 # CONFIG_AS3935 is not set
@@ -397,6 +400,7 @@ CONFIG_BAYCOM_SER_HDX=m
 # CONFIG_BCACHE_CLOSURES_DEBUG is not set
 # CONFIG_BCACHE_DEBUG is not set
 CONFIG_BCACHE=m
+# CONFIG_BCM2835_VCHIQ is not set
 CONFIG_BCM63XX_PHY=m
 # CONFIG_BCM7038_WDT is not set
 CONFIG_BCM7XXX_PHY=m
@@ -466,6 +470,10 @@ CONFIG_BLK_DEV_THROTTLING=y
 # CONFIG_BLK_DEV_UB is not set
 CONFIG_BLK_DEV_UMEM=m
 CONFIG_BLK_DEV=y
+CONFIG_BLK_DEV_ZONED=y
+CONFIG_BLK_WBT_MQ=y
+# CONFIG_BLK_WBT_SQ is not set
+CONFIG_BLK_WBT=y
 # CONFIG_BMA180 is not set
 # CONFIG_BMA220 is not set
 CONFIG_BMC150_ACCEL=m
@@ -740,7 +748,16 @@ CONFIG_CODA_FS=m
 # CONFIG_COMMON_CLK_CDCE706 is not set
 # CONFIG_COMMON_CLK_CDCE925 is not set
 # CONFIG_COMMON_CLK_CS2000_CP is not set
+# CONFIG_COMMON_CLK_HI3516CV300 is not set
 # CONFIG_COMMON_CLK_HI3519 is not set
+# CONFIG_COMMON_CLK_HI3798CV200 is not set
+# CONFIG_COMMON_CLK_MT2701_BDPSYS is not set
+# CONFIG_COMMON_CLK_MT2701_ETHSYS is not set
+# CONFIG_COMMON_CLK_MT2701_HIFSYS is not set
+# CONFIG_COMMON_CLK_MT2701_IMGSYS is not set
+# CONFIG_COMMON_CLK_MT2701 is not set
+# CONFIG_COMMON_CLK_MT2701_MMSYS is not set
+# CONFIG_COMMON_CLK_MT2701_VDECSYS is not set
 # CONFIG_COMMON_CLK_MT8135 is not set
 # CONFIG_COMMON_CLK_MT8173 is not set
 # CONFIG_COMMON_CLK_OXNAS is not set
@@ -906,6 +923,8 @@ CONFIG_CW1200_WLAN_SPI=m
 # CONFIG_CX_ECAT is not set
 CONFIG_CYCLADES=m
 # CONFIG_CYZ_INTR is not set
+CONFIG_DA280=m
+CONFIG_DA311=m
 CONFIG_DAVICOM_PHY=m
 CONFIG_DCB=y
 CONFIG_DCDBAS=m
@@ -1011,8 +1030,10 @@ CONFIG_DM9102=m
 # CONFIG_DMADEVICES_DEBUG is not set
 CONFIG_DMADEVICES=y
 CONFIG_DMA_ENGINE=y
+# CONFIG_DMA_FENCE_TRACE is not set
 # CONFIG_DMARD06 is not set
 # CONFIG_DMARD09 is not set
+CONFIG_DMARD10=m
 # CONFIG_DMATEST is not set
 CONFIG_DM_CACHE_CLEANER=m
 CONFIG_DM_CACHE=m
@@ -1048,6 +1069,7 @@ CONFIG_DP83640_PHY=m
 CONFIG_DP83848_PHY=m
 CONFIG_DP83867_PHY=m
 # CONFIG_DPM_WATCHDOG is not set # revisit this in debug
+CONFIG_DPOT_DAC=m
 CONFIG_DPTF_POWER=m
 CONFIG_DRAGONRISE_FF=y
 # CONFIG_DRBD_FAULT_INJECTION is not set
@@ -1065,19 +1087,25 @@ CONFIG_DRM_BOCHS=m
 CONFIG_DRM_CIRRUS_QEMU=m # do not enable on f17 or older
 CONFIG_DRM_DP_AUX_CHARDEV=y
 # CONFIG_DRM_DUMB_VGA_DAC is not set
+CONFIG_DRM_DW_HDMI_I2S_AUDIO=m
 CONFIG_DRM_FBDEV_EMULATION=y
 CONFIG_DRM_GMA3600=y
 CONFIG_DRM_GMA500=m
 # CONFIG_DRM_GMA600 is not set
+CONFIG_DRM_HISI_HIBMC=m
+CONFIG_DRM_I2C_ADV7511_AUDIO=y
 CONFIG_DRM_I2C_ADV7511=m
 # CONFIG_DRM_I2C_ADV7533 is not set
 CONFIG_DRM_I2C_CH7006=m
 CONFIG_DRM_I2C_NXP_TDA998X=m
 CONFIG_DRM_I2C_SIL164=m
 # CONFIG_DRM_I810 is not set
+# CONFIG_DRM_I915_ALPHA_SUPPORT is not set
+CONFIG_DRM_I915_CAPTURE_ERROR=y
+CONFIG_DRM_I915_COMPRESS_ERROR=y
+CONFIG_DRM_I915_GVT_KVMGT=m
 CONFIG_DRM_I915_GVT=y
 CONFIG_DRM_I915=m
-# CONFIG_DRM_I915_PRELIMINARY_HW_SUPPORT is not set
 CONFIG_DRM_I915_USERPTR=y
 # CONFIG_DRM_LEGACY is not set
 CONFIG_DRM_LOAD_EDID_FIRMWARE=y
@@ -1085,6 +1113,7 @@ CONFIG_DRM=m
 # CONFIG_DRM_MALI_DISPLAY is not set
 CONFIG_DRM_MGAG200=m # do not enable on f17 or older
 # CONFIG_DRM_MGA is not set
+CONFIG_DRM_MXSFB=m
 CONFIG_DRM_NOUVEAU_BACKLIGHT=y
 CONFIG_DRM_NOUVEAU=m
 # CONFIG_DRM_NXP_PTN3460 is not set
@@ -1104,8 +1133,10 @@ CONFIG_DRM_RADEON=m
 CONFIG_DRM_RADEON_USERPTR=y
 # CONFIG_DRM_SAVAGE is not set
 # CONFIG_DRM_SII902X is not set
+CONFIG_DRM_SIL_SII8620=m
 # CONFIG_DRM_SIS is not set
 # CONFIG_DRM_TDFX is not set
+CONFIG_DRM_TI_TFP410=m
 # CONFIG_DRM_TOSHIBA_TC358767 is not set
 CONFIG_DRM_UDL=m
 CONFIG_DRM_VGEM=m
@@ -1250,6 +1281,7 @@ CONFIG_EEPROM_AT24=m
 # CONFIG_EEPROM_AT25 is not set
 CONFIG_EEPROM_LEGACY=m
 CONFIG_EEPROM_MAX6875=m
+CONFIG_EFI_ALLOW_SECURE_BOOT_EXIT=y
 # CONFIG_EFI_BOOTLOADER_CONTROL is not set
 # CONFIG_EFI_CAPSULE_LOADER is not set
 # CONFIG_EFI_FAKE_MEMMAP is not set
@@ -1257,6 +1289,7 @@ CONFIG_EFI_PARTITION=y
 CONFIG_EFI_PCDP=y
 # CONFIG_EFI_PGT_DUMP is not set
 CONFIG_EFI_RUNTIME_MAP=y
+CONFIG_EFI_SECURE_BOOT_LOCK_DOWN=y
 CONFIG_EFI_SECURE_BOOT_SIG_ENFORCE=y
 CONFIG_EFI_SIGNATURE_LIST_PARSER=y
 CONFIG_EFI_STUB=y
@@ -1275,6 +1308,7 @@ CONFIG_ENABLE_MUST_CHECK=y
 CONFIG_ENCLOSURE_SERVICES=m
 CONFIG_ENCRYPTED_KEYS=m
 CONFIG_ENIC=m
+CONFIG_ENVELOPE_DETECTOR=m
 CONFIG_EPIC100=m
 CONFIG_EPOLL=y
 CONFIG_EQUALIZER=m
@@ -1415,7 +1449,6 @@ CONFIG_FCOE_FNIC=m
 CONFIG_FCOE=m
 # CONFIG_FDDI is not set
 CONFIG_FEALNX=m
-# CONFIG_FENCE_TRACE is not set
 CONFIG_FHANDLE=y
 CONFIG_FIREWIRE=m
 CONFIG_FIREWIRE_NET=m
@@ -1740,10 +1773,12 @@ CONFIG_HP_WMI=m
 # CONFIG_HSR is not set
 # CONFIG_HSU_DMA is not set
 # CONFIG_HSU_DMA_PCI is not set
+CONFIG_HT16K33=m
 # CONFIG_HTC_EGPIO is not set
 # CONFIG_HTC_I2CPLD is not set
 # CONFIG_HTC_PASIC3 is not set
 CONFIG_HT_IRQ=y
+CONFIG_HTS221=m
 # CONFIG_HTU21 is not set
 CONFIG_HUGETLBFS=y
 CONFIG_HUGETLB_PAGE=y
@@ -1880,6 +1915,9 @@ CONFIG_IIO_BUFFER_CB=y
 CONFIG_IIO_BUFFER=y
 CONFIG_IIO_CONFIGFS=m
 CONFIG_IIO_CONSUMERS_PER_TRIGGER=2
+CONFIG_IIO_CROS_EC_SENSORS_CORE=m
+CONFIG_IIO_CROS_EC_SENSORS_COR=m
+CONFIG_IIO_CROS_EC_SENSORS=m
 # CONFIG_IIO_HRTIMER_TRIGGER is not set
 CONFIG_IIO_INTERRUPT_TRIGGER=m
 # CONFIG_IIO_KFIFO_BUF is not set
@@ -1999,6 +2037,8 @@ CONFIG_INPUT_MPU3050=m
 CONFIG_INPUT_PCF50633_PMU=m
 # CONFIG_INPUT_PCF8574 is not set
 CONFIG_INPUT_PCSPKR=m
+CONFIG_INPUT_PM8XXX_VIBRATOR=m
+CONFIG_INPUT_PMIC8XXX_PWRKEY=m
 CONFIG_INPUT_POLLDEV=m
 CONFIG_INPUT_POWERMATE=m
 CONFIG_INPUT_PWM_BEEPER=m
@@ -2381,6 +2421,7 @@ CONFIG_KEYBOARD_GPIO=m
 # CONFIG_KEYBOARD_NEWTON is not set
 # CONFIG_KEYBOARD_OMAP4 is not set
 # CONFIG_KEYBOARD_OPENCORES is not set
+CONFIG_KEYBOARD_PMIC8XXX=m
 # CONFIG_KEYBOARD_QT1070 is not set
 # CONFIG_KEYBOARD_QT2160 is not set
 # CONFIG_KEYBOARD_SAMSUNG is not set
@@ -2478,6 +2519,7 @@ CONFIG_LEDS_LP3952=m
 CONFIG_LEDS_LT3593=m
 CONFIG_LEDS_MLXCPLD=m
 # CONFIG_LEDS_NET48XX is not set
+CONFIG_LEDS_NIC78BX=m
 # CONFIG_LEDS_OT200 is not set
 # CONFIG_LEDS_PCA9532 is not set
 # CONFIG_LEDS_PCA955X is not set
@@ -2502,6 +2544,7 @@ CONFIG_LEDS_TRIGGER_PANIC=y
 CONFIG_LEDS_TRIGGERS=y
 CONFIG_LEDS_TRIGGER_TIMER=m
 CONFIG_LEDS_TRIGGER_TRANSIENT=m
+CONFIG_LEDS_USER=m
 CONFIG_LEDS_WM831X_STATUS=m
 CONFIG_LEDS_WM8350=m
 CONFIG_LED_TRIGGER_PHY=y
@@ -2543,10 +2586,12 @@ CONFIG_LITELINK_DONGLE=m
 # CONFIG_LKDTM is not set
 # CONFIG_LLC2 is not set
 CONFIG_LLC=m
+CONFIG_LMP91000=m
 # CONFIG_LNET is not set
 CONFIG_LOCALVERSION=""
 # CONFIG_LOCALVERSION_AUTO is not set
 CONFIG_LOCKD=m
+CONFIG_LOCK_DOWN_KERNEL=y
 CONFIG_LOCKD_V4=y
 # CONFIG_LOCK_STAT is not set
 # CONFIG_LOCK_TORTURE_TEST is not set
@@ -2742,6 +2787,7 @@ CONFIG_MFD_INTEL_LPSS_PCI=m
 # CONFIG_MFD_MT6397 is not set
 # CONFIG_MFD_PALMAS is not set
 # CONFIG_MFD_PCF50633 is not set
+CONFIG_MFD_PM8XXX=m
 # CONFIG_MFD_RC5T583 is not set
 # CONFIG_MFD_RDC321X is not set
 # CONFIG_MFD_RETU is not set
@@ -2848,6 +2894,7 @@ CONFIG_MMC_REALTEK_PCI=m
 CONFIG_MMC_REALTEK_USB=m
 CONFIG_MMC_RICOH_MMC=y
 CONFIG_MMC_SDHCI_ACPI=m
+CONFIG_MMC_SDHCI_CADENCE=m
 # CONFIG_MMC_SDHCI_F_SDH30 is not set
 CONFIG_MMC_SDHCI=m
 # CONFIG_MMC_SDHCI_OF_ARASAN is not set
@@ -2916,6 +2963,7 @@ CONFIG_MPILIB=y
 # CONFIG_MPL3115 is not set
 CONFIG_MPLS_IPTUNNEL=m
 CONFIG_MPLS_ROUTING=m
+# CONFIG_MPU3050_I2C is not set
 # CONFIG_MS5611 is not set
 # CONFIG_MS5637 is not set
 # CONFIG_MS_BLOCK is not set
@@ -2923,6 +2971,7 @@ CONFIG_MSDOS_FS=m
 CONFIG_MSDOS_PARTITION=y
 CONFIG_MSI_LAPTOP=m
 CONFIG_MSI_WMI=m
+# CONFIG_MSM_GCC_8994 is not set
 CONFIG_MSPRO_BLOCK=m
 CONFIG_MT7601U=m
 # CONFIG_MTD_ABSENT is not set
@@ -3504,8 +3553,11 @@ CONFIG_NSC_FIR=m
 # CONFIG_NTFS_FS is not set
 CONFIG_NTP_PPS=y
 # CONFIG_NUMA is not set
+CONFIG_NVME_FC=m
 # CONFIG_NVMEM is not set
 CONFIG_NVME_RDMA=m
+CONFIG_NVME_TARGET_FCLOOP=m
+CONFIG_NVME_TARGET_FC=m
 CONFIG_NVME_TARGET_LOOP=m
 CONFIG_NVME_TARGET=m
 CONFIG_NVME_TARGET_RDMA=m
@@ -3701,8 +3753,10 @@ CONFIG_PINCTRL_BAYTRAIL=y
 # CONFIG_PINCTRL_BCM281XX is not set
 CONFIG_PINCTRL_BROXTON=m
 CONFIG_PINCTRL_CHERRYVIEW=y
+CONFIG_PINCTRL_MSM8994=m
 # CONFIG_PINCTRL_SINGLE is not set
 CONFIG_PINCTRL_SUNRISEPOINT=m
+# CONFIG_PINCTRL_SX150X is not set
 CONFIG_PINCTRL=y
 # CONFIG_PINMUX is not set
 CONFIG_PKCS7_MESSAGE_PARSER=y
@@ -3801,6 +3855,9 @@ CONFIG_PWM_LPSS_PLATFORM=m
 CONFIG_PWM=y
 # CONFIG_PWRSEQ_EMMC is not set
 # CONFIG_PWRSEQ_SIMPLE is not set
+CONFIG_QCOM_ADSP_PIL=m
+# CONFIG_QCOM_CLK_RPM is not set
+# CONFIG_QCOM_CLK_SMD_RPM is not set
 # CONFIG_QCOM_EBI2 is not set
 # CONFIG_QCOM_HIDMA is not set
 # CONFIG_QCOM_HIDMA_MGMT is not set
@@ -3905,6 +3962,7 @@ CONFIG_REISERFS_FS_XATTR=y
 CONFIG_REISERFS_PROC_INFO=y
 CONFIG_RELAY=y
 CONFIG_RELOCATABLE=y
+CONFIG_REMOTEPROC=m
 # CONFIG_RFD_FTL is not set
 CONFIG_RFKILL_GPIO=m
 CONFIG_RFKILL_INPUT=y
@@ -4004,6 +4062,7 @@ CONFIG_RTC_DRV_PCF85063=m
 CONFIG_RTC_DRV_PCF8523=m
 CONFIG_RTC_DRV_PCF8563=m
 CONFIG_RTC_DRV_PCF8583=m
+CONFIG_RTC_DRV_PM8XXX=m
 CONFIG_RTC_DRV_R9701=m
 CONFIG_RTC_DRV_RP5C01=m
 CONFIG_RTC_DRV_RS5C348=m
@@ -4103,6 +4162,7 @@ CONFIG_SCHED_SMT=y
 # CONFIG_SCHED_STACK_END_CHECK is not set
 CONFIG_SCHEDSTATS=y
 CONFIG_SCHED_TRACER=y
+# CONFIG_SCR24X is not set
 CONFIG_SCSI_3W_9XXX=m
 CONFIG_SCSI_3W_SAS=m
 CONFIG_SCSI_AACRAID=m
@@ -4372,10 +4432,12 @@ CONFIG_SENSORS_SIS5595=m
 CONFIG_SENSORS_SMSC47B397=m
 CONFIG_SENSORS_SMSC47M192=m
 CONFIG_SENSORS_SMSC47M1=m
+CONFIG_SENSORS_TC654=m
 CONFIG_SENSORS_TC74=m
 CONFIG_SENSORS_THMC50=m
 CONFIG_SENSORS_TMP102=m
 CONFIG_SENSORS_TMP103=m
+CONFIG_SENSORS_TMP108=m
 CONFIG_SENSORS_TMP401=m
 CONFIG_SENSORS_TMP421=m
 CONFIG_SENSORS_TPS40422=m
@@ -4791,12 +4853,14 @@ CONFIG_SP5100_TCO=m
 CONFIG_SPARSE_RCU_POINTER=y
 # CONFIG_SPEAKUP is not set
 # CONFIG_SPI_ALTERA is not set
+CONFIG_SPI_ARMADA_3700=m
 # CONFIG_SPI_AXI_SPI_ENGINE is not set
 # CONFIG_SPI_BITBANG is not set
 # CONFIG_SPI_BUTTERFLY is not set
 # CONFIG_SPI_CADENCE is not set
 # CONFIG_SPI_DEBUG is not set
 # CONFIG_SPI_DESIGNWARE is not set
+CONFIG_SPI_FSL_LPSPI=m
 # CONFIG_SPI_FSL_SPI is not set
 # CONFIG_SPI_GPIO is not set
 # CONFIG_SPI_LM70_LLP is not set
@@ -4855,6 +4919,7 @@ CONFIG_STMMAC_ETH=m
 CONFIG_STRICT_DEVMEM=y
 CONFIG_STRIP_ASM_SYMS=y
 # CONFIG_STRIP is not set
+# CONFIG_SUN50I_A64_CCU is not set
 # CONFIG_SUN6I_A31_CCU is not set
 # CONFIG_SUN8I_A23_CCU is not set
 # CONFIG_SUN8I_A33_CCU is not set
@@ -4952,6 +5017,7 @@ CONFIG_TEHUTI=m
 CONFIG_TEKRAM_DONGLE=m
 CONFIG_TELCLOCK=m
 CONFIG_TERANETICS_PHY=m
+CONFIG_TEST_ASYNC_DRIVER_PROBE=m
 # CONFIG_TEST_BITMAP is not set
 # CONFIG_TEST_BPF is not set
 # CONFIG_TEST_FIRMWARE is not set
@@ -5133,6 +5199,7 @@ CONFIG_UID16=y
 CONFIG_UIO_AEC=m
 CONFIG_UIO_CIF=m
 # CONFIG_UIO_DMEM_GENIRQ is not set
+CONFIG_UIO_HV_GENERIC=m
 CONFIG_UIO=m
 # CONFIG_UIO_MF624 is not set
 # CONFIG_UIO_NETX is not set
@@ -5346,6 +5413,7 @@ CONFIG_USB_SERIAL_EDGEPORT=m
 CONFIG_USB_SERIAL_EDGEPORT_TI=m
 CONFIG_USB_SERIAL_EMPEG=m
 # CONFIG_USB_SERIAL_F81232 is not set
+CONFIG_USB_SERIAL_F8153X=m
 CONFIG_USB_SERIAL_FTDI_SIO=m
 CONFIG_USB_SERIAL_GARMIN=m
 CONFIG_USB_SERIAL_GENERIC=y
@@ -5473,6 +5541,8 @@ CONFIG_VETH=m
 CONFIG_VFAT_FS=m
 CONFIG_VFIO_IOMMU_TYPE1=m
 CONFIG_VFIO=m
+CONFIG_VFIO_MDEV_DEVICE=m
+CONFIG_VFIO_MDEV=m
 # CONFIG_VFIO_NOIOMMU is not set
 CONFIG_VFIO_PCI=m
 CONFIG_VFIO_PCI_VGA=y
diff --git a/kernel-i686-PAEdebug.config b/kernel-i686-PAEdebug.config
index 80c8f525e..e10367e5a 100644
--- a/kernel-i686-PAEdebug.config
+++ b/kernel-i686-PAEdebug.config
@@ -34,6 +34,7 @@ CONFIG_9P_FS_SECURITY=y
 CONFIG_A11Y_BRAILLE_CONSOLE=y
 # CONFIG_AB3100_CORE is not set
 # CONFIG_AB3100_OTP is not set
+CONFIG_ABP060MG=m
 # CONFIG_ABX500_CORE is not set
 CONFIG_ACCESSIBILITY=y
 CONFIG_ACENIC=m
@@ -114,6 +115,7 @@ CONFIG_ACTISYS_DONGLE=m
 # CONFIG_AD7476 is not set
 # CONFIG_AD7606 is not set
 # CONFIG_AD7746 is not set
+CONFIG_AD7766=m
 # CONFIG_AD7780 is not set
 # CONFIG_AD7791 is not set
 # CONFIG_AD7793 is not set
@@ -223,6 +225,7 @@ CONFIG_AR5523=m
 CONFIG_ARC_EMAC=m
 # CONFIG_ARCNET is not set
 CONFIG_ARM64_PTDUMP=y
+# CONFIG_ARM64_SW_TTBR0_PAN is not set
 # CONFIG_ARM_ARCH_TIMER_EVTSTREAM is not set
 # CONFIG_ARM_SCPI_PROTOCOL is not set
 # CONFIG_AS3935 is not set
@@ -397,6 +400,7 @@ CONFIG_BAYCOM_SER_HDX=m
 # CONFIG_BCACHE_CLOSURES_DEBUG is not set
 # CONFIG_BCACHE_DEBUG is not set
 CONFIG_BCACHE=m
+# CONFIG_BCM2835_VCHIQ is not set
 CONFIG_BCM63XX_PHY=m
 # CONFIG_BCM7038_WDT is not set
 CONFIG_BCM7XXX_PHY=m
@@ -466,6 +470,10 @@ CONFIG_BLK_DEV_THROTTLING=y
 # CONFIG_BLK_DEV_UB is not set
 CONFIG_BLK_DEV_UMEM=m
 CONFIG_BLK_DEV=y
+CONFIG_BLK_DEV_ZONED=y
+CONFIG_BLK_WBT_MQ=y
+# CONFIG_BLK_WBT_SQ is not set
+CONFIG_BLK_WBT=y
 # CONFIG_BMA180 is not set
 # CONFIG_BMA220 is not set
 CONFIG_BMC150_ACCEL=m
@@ -740,7 +748,16 @@ CONFIG_CODA_FS=m
 # CONFIG_COMMON_CLK_CDCE706 is not set
 # CONFIG_COMMON_CLK_CDCE925 is not set
 # CONFIG_COMMON_CLK_CS2000_CP is not set
+# CONFIG_COMMON_CLK_HI3516CV300 is not set
 # CONFIG_COMMON_CLK_HI3519 is not set
+# CONFIG_COMMON_CLK_HI3798CV200 is not set
+# CONFIG_COMMON_CLK_MT2701_BDPSYS is not set
+# CONFIG_COMMON_CLK_MT2701_ETHSYS is not set
+# CONFIG_COMMON_CLK_MT2701_HIFSYS is not set
+# CONFIG_COMMON_CLK_MT2701_IMGSYS is not set
+# CONFIG_COMMON_CLK_MT2701 is not set
+# CONFIG_COMMON_CLK_MT2701_MMSYS is not set
+# CONFIG_COMMON_CLK_MT2701_VDECSYS is not set
 # CONFIG_COMMON_CLK_MT8135 is not set
 # CONFIG_COMMON_CLK_MT8173 is not set
 # CONFIG_COMMON_CLK_OXNAS is not set
@@ -907,6 +924,8 @@ CONFIG_CW1200_WLAN_SPI=m
 # CONFIG_CX_ECAT is not set
 CONFIG_CYCLADES=m
 # CONFIG_CYZ_INTR is not set
+CONFIG_DA280=m
+CONFIG_DA311=m
 CONFIG_DAVICOM_PHY=m
 CONFIG_DCB=y
 CONFIG_DCDBAS=m
@@ -1021,8 +1040,10 @@ CONFIG_DMADEVICES_DEBUG=y
 # CONFIG_DMADEVICES_VDEBUG is not set
 CONFIG_DMADEVICES=y
 CONFIG_DMA_ENGINE=y
+# CONFIG_DMA_FENCE_TRACE is not set
 # CONFIG_DMARD06 is not set
 # CONFIG_DMARD09 is not set
+CONFIG_DMARD10=m
 # CONFIG_DMATEST is not set
 CONFIG_DM_CACHE_CLEANER=m
 CONFIG_DM_CACHE=m
@@ -1058,6 +1079,7 @@ CONFIG_DP83640_PHY=m
 CONFIG_DP83848_PHY=m
 CONFIG_DP83867_PHY=m
 # CONFIG_DPM_WATCHDOG is not set # revisit this in debug
+CONFIG_DPOT_DAC=m
 CONFIG_DPTF_POWER=m
 CONFIG_DRAGONRISE_FF=y
 CONFIG_DRBD_FAULT_INJECTION=y
@@ -1075,19 +1097,25 @@ CONFIG_DRM_BOCHS=m
 CONFIG_DRM_CIRRUS_QEMU=m # do not enable on f17 or older
 CONFIG_DRM_DP_AUX_CHARDEV=y
 # CONFIG_DRM_DUMB_VGA_DAC is not set
+CONFIG_DRM_DW_HDMI_I2S_AUDIO=m
 CONFIG_DRM_FBDEV_EMULATION=y
 CONFIG_DRM_GMA3600=y
 CONFIG_DRM_GMA500=m
 # CONFIG_DRM_GMA600 is not set
+CONFIG_DRM_HISI_HIBMC=m
+CONFIG_DRM_I2C_ADV7511_AUDIO=y
 CONFIG_DRM_I2C_ADV7511=m
 # CONFIG_DRM_I2C_ADV7533 is not set
 CONFIG_DRM_I2C_CH7006=m
 CONFIG_DRM_I2C_NXP_TDA998X=m
 CONFIG_DRM_I2C_SIL164=m
 # CONFIG_DRM_I810 is not set
+# CONFIG_DRM_I915_ALPHA_SUPPORT is not set
+CONFIG_DRM_I915_CAPTURE_ERROR=y
+CONFIG_DRM_I915_COMPRESS_ERROR=y
+CONFIG_DRM_I915_GVT_KVMGT=m
 CONFIG_DRM_I915_GVT=y
 CONFIG_DRM_I915=m
-# CONFIG_DRM_I915_PRELIMINARY_HW_SUPPORT is not set
 CONFIG_DRM_I915_USERPTR=y
 # CONFIG_DRM_LEGACY is not set
 CONFIG_DRM_LOAD_EDID_FIRMWARE=y
@@ -1095,6 +1123,7 @@ CONFIG_DRM=m
 # CONFIG_DRM_MALI_DISPLAY is not set
 CONFIG_DRM_MGAG200=m # do not enable on f17 or older
 # CONFIG_DRM_MGA is not set
+CONFIG_DRM_MXSFB=m
 CONFIG_DRM_NOUVEAU_BACKLIGHT=y
 CONFIG_DRM_NOUVEAU=m
 # CONFIG_DRM_NXP_PTN3460 is not set
@@ -1114,8 +1143,10 @@ CONFIG_DRM_RADEON=m
 CONFIG_DRM_RADEON_USERPTR=y
 # CONFIG_DRM_SAVAGE is not set
 # CONFIG_DRM_SII902X is not set
+CONFIG_DRM_SIL_SII8620=m
 # CONFIG_DRM_SIS is not set
 # CONFIG_DRM_TDFX is not set
+CONFIG_DRM_TI_TFP410=m
 # CONFIG_DRM_TOSHIBA_TC358767 is not set
 CONFIG_DRM_UDL=m
 CONFIG_DRM_VGEM=m
@@ -1260,6 +1291,7 @@ CONFIG_EEPROM_AT24=m
 # CONFIG_EEPROM_AT25 is not set
 CONFIG_EEPROM_LEGACY=m
 CONFIG_EEPROM_MAX6875=m
+CONFIG_EFI_ALLOW_SECURE_BOOT_EXIT=y
 # CONFIG_EFI_BOOTLOADER_CONTROL is not set
 # CONFIG_EFI_CAPSULE_LOADER is not set
 # CONFIG_EFI_FAKE_MEMMAP is not set
@@ -1267,6 +1299,7 @@ CONFIG_EFI_PARTITION=y
 CONFIG_EFI_PCDP=y
 CONFIG_EFI_PGT_DUMP=y
 CONFIG_EFI_RUNTIME_MAP=y
+CONFIG_EFI_SECURE_BOOT_LOCK_DOWN=y
 CONFIG_EFI_SECURE_BOOT_SIG_ENFORCE=y
 CONFIG_EFI_SIGNATURE_LIST_PARSER=y
 CONFIG_EFI_STUB=y
@@ -1285,6 +1318,7 @@ CONFIG_ENABLE_MUST_CHECK=y
 CONFIG_ENCLOSURE_SERVICES=m
 CONFIG_ENCRYPTED_KEYS=m
 CONFIG_ENIC=m
+CONFIG_ENVELOPE_DETECTOR=m
 CONFIG_EPIC100=m
 CONFIG_EPOLL=y
 CONFIG_EQUALIZER=m
@@ -1432,7 +1466,6 @@ CONFIG_FCOE_FNIC=m
 CONFIG_FCOE=m
 # CONFIG_FDDI is not set
 CONFIG_FEALNX=m
-# CONFIG_FENCE_TRACE is not set
 CONFIG_FHANDLE=y
 CONFIG_FIREWIRE=m
 CONFIG_FIREWIRE_NET=m
@@ -1757,10 +1790,12 @@ CONFIG_HP_WMI=m
 # CONFIG_HSR is not set
 # CONFIG_HSU_DMA is not set
 # CONFIG_HSU_DMA_PCI is not set
+CONFIG_HT16K33=m
 # CONFIG_HTC_EGPIO is not set
 # CONFIG_HTC_I2CPLD is not set
 # CONFIG_HTC_PASIC3 is not set
 CONFIG_HT_IRQ=y
+CONFIG_HTS221=m
 # CONFIG_HTU21 is not set
 CONFIG_HUGETLBFS=y
 CONFIG_HUGETLB_PAGE=y
@@ -1897,6 +1932,9 @@ CONFIG_IIO_BUFFER_CB=y
 CONFIG_IIO_BUFFER=y
 CONFIG_IIO_CONFIGFS=m
 CONFIG_IIO_CONSUMERS_PER_TRIGGER=2
+CONFIG_IIO_CROS_EC_SENSORS_CORE=m
+CONFIG_IIO_CROS_EC_SENSORS_COR=m
+CONFIG_IIO_CROS_EC_SENSORS=m
 # CONFIG_IIO_HRTIMER_TRIGGER is not set
 CONFIG_IIO_INTERRUPT_TRIGGER=m
 # CONFIG_IIO_KFIFO_BUF is not set
@@ -2016,6 +2054,8 @@ CONFIG_INPUT_MPU3050=m
 CONFIG_INPUT_PCF50633_PMU=m
 # CONFIG_INPUT_PCF8574 is not set
 CONFIG_INPUT_PCSPKR=m
+CONFIG_INPUT_PM8XXX_VIBRATOR=m
+CONFIG_INPUT_PMIC8XXX_PWRKEY=m
 CONFIG_INPUT_POLLDEV=m
 CONFIG_INPUT_POWERMATE=m
 CONFIG_INPUT_PWM_BEEPER=m
@@ -2400,6 +2440,7 @@ CONFIG_KEYBOARD_GPIO=m
 # CONFIG_KEYBOARD_NEWTON is not set
 # CONFIG_KEYBOARD_OMAP4 is not set
 # CONFIG_KEYBOARD_OPENCORES is not set
+CONFIG_KEYBOARD_PMIC8XXX=m
 # CONFIG_KEYBOARD_QT1070 is not set
 # CONFIG_KEYBOARD_QT2160 is not set
 # CONFIG_KEYBOARD_SAMSUNG is not set
@@ -2497,6 +2538,7 @@ CONFIG_LEDS_LP3952=m
 CONFIG_LEDS_LT3593=m
 CONFIG_LEDS_MLXCPLD=m
 # CONFIG_LEDS_NET48XX is not set
+CONFIG_LEDS_NIC78BX=m
 # CONFIG_LEDS_OT200 is not set
 # CONFIG_LEDS_PCA9532 is not set
 # CONFIG_LEDS_PCA955X is not set
@@ -2521,6 +2563,7 @@ CONFIG_LEDS_TRIGGER_PANIC=y
 CONFIG_LEDS_TRIGGERS=y
 CONFIG_LEDS_TRIGGER_TIMER=m
 CONFIG_LEDS_TRIGGER_TRANSIENT=m
+CONFIG_LEDS_USER=m
 CONFIG_LEDS_WM831X_STATUS=m
 CONFIG_LEDS_WM8350=m
 CONFIG_LED_TRIGGER_PHY=y
@@ -2562,10 +2605,12 @@ CONFIG_LITELINK_DONGLE=m
 # CONFIG_LKDTM is not set
 # CONFIG_LLC2 is not set
 CONFIG_LLC=m
+CONFIG_LMP91000=m
 # CONFIG_LNET is not set
 CONFIG_LOCALVERSION=""
 # CONFIG_LOCALVERSION_AUTO is not set
 CONFIG_LOCKD=m
+CONFIG_LOCK_DOWN_KERNEL=y
 CONFIG_LOCKD_V4=y
 CONFIG_LOCK_STAT=y
 CONFIG_LOCK_TORTURE_TEST=m
@@ -2761,6 +2806,7 @@ CONFIG_MFD_INTEL_LPSS_PCI=m
 # CONFIG_MFD_MT6397 is not set
 # CONFIG_MFD_PALMAS is not set
 # CONFIG_MFD_PCF50633 is not set
+CONFIG_MFD_PM8XXX=m
 # CONFIG_MFD_RC5T583 is not set
 # CONFIG_MFD_RDC321X is not set
 # CONFIG_MFD_RETU is not set
@@ -2867,6 +2913,7 @@ CONFIG_MMC_REALTEK_PCI=m
 CONFIG_MMC_REALTEK_USB=m
 CONFIG_MMC_RICOH_MMC=y
 CONFIG_MMC_SDHCI_ACPI=m
+CONFIG_MMC_SDHCI_CADENCE=m
 # CONFIG_MMC_SDHCI_F_SDH30 is not set
 CONFIG_MMC_SDHCI=m
 # CONFIG_MMC_SDHCI_OF_ARASAN is not set
@@ -2935,6 +2982,7 @@ CONFIG_MPILIB=y
 # CONFIG_MPL3115 is not set
 CONFIG_MPLS_IPTUNNEL=m
 CONFIG_MPLS_ROUTING=m
+# CONFIG_MPU3050_I2C is not set
 # CONFIG_MS5611 is not set
 # CONFIG_MS5637 is not set
 # CONFIG_MS_BLOCK is not set
@@ -2942,6 +2990,7 @@ CONFIG_MSDOS_FS=m
 CONFIG_MSDOS_PARTITION=y
 CONFIG_MSI_LAPTOP=m
 CONFIG_MSI_WMI=m
+# CONFIG_MSM_GCC_8994 is not set
 CONFIG_MSPRO_BLOCK=m
 CONFIG_MT7601U=m
 # CONFIG_MTD_ABSENT is not set
@@ -3523,8 +3572,11 @@ CONFIG_NSC_FIR=m
 # CONFIG_NTFS_FS is not set
 CONFIG_NTP_PPS=y
 # CONFIG_NUMA is not set
+CONFIG_NVME_FC=m
 # CONFIG_NVMEM is not set
 CONFIG_NVME_RDMA=m
+CONFIG_NVME_TARGET_FCLOOP=m
+CONFIG_NVME_TARGET_FC=m
 CONFIG_NVME_TARGET_LOOP=m
 CONFIG_NVME_TARGET=m
 CONFIG_NVME_TARGET_RDMA=m
@@ -3720,8 +3772,10 @@ CONFIG_PINCTRL_BAYTRAIL=y
 # CONFIG_PINCTRL_BCM281XX is not set
 CONFIG_PINCTRL_BROXTON=m
 CONFIG_PINCTRL_CHERRYVIEW=y
+CONFIG_PINCTRL_MSM8994=m
 # CONFIG_PINCTRL_SINGLE is not set
 CONFIG_PINCTRL_SUNRISEPOINT=m
+# CONFIG_PINCTRL_SX150X is not set
 CONFIG_PINCTRL=y
 # CONFIG_PINMUX is not set
 CONFIG_PKCS7_MESSAGE_PARSER=y
@@ -3821,6 +3875,9 @@ CONFIG_PWM_LPSS_PLATFORM=m
 CONFIG_PWM=y
 # CONFIG_PWRSEQ_EMMC is not set
 # CONFIG_PWRSEQ_SIMPLE is not set
+CONFIG_QCOM_ADSP_PIL=m
+# CONFIG_QCOM_CLK_RPM is not set
+# CONFIG_QCOM_CLK_SMD_RPM is not set
 # CONFIG_QCOM_EBI2 is not set
 # CONFIG_QCOM_HIDMA is not set
 # CONFIG_QCOM_HIDMA_MGMT is not set
@@ -3925,6 +3982,7 @@ CONFIG_REISERFS_FS_XATTR=y
 CONFIG_REISERFS_PROC_INFO=y
 CONFIG_RELAY=y
 CONFIG_RELOCATABLE=y
+CONFIG_REMOTEPROC=m
 # CONFIG_RFD_FTL is not set
 CONFIG_RFKILL_GPIO=m
 CONFIG_RFKILL_INPUT=y
@@ -4024,6 +4082,7 @@ CONFIG_RTC_DRV_PCF85063=m
 CONFIG_RTC_DRV_PCF8523=m
 CONFIG_RTC_DRV_PCF8563=m
 CONFIG_RTC_DRV_PCF8583=m
+CONFIG_RTC_DRV_PM8XXX=m
 CONFIG_RTC_DRV_R9701=m
 CONFIG_RTC_DRV_RP5C01=m
 CONFIG_RTC_DRV_RS5C348=m
@@ -4123,6 +4182,7 @@ CONFIG_SCHED_SMT=y
 # CONFIG_SCHED_STACK_END_CHECK is not set
 CONFIG_SCHEDSTATS=y
 CONFIG_SCHED_TRACER=y
+# CONFIG_SCR24X is not set
 CONFIG_SCSI_3W_9XXX=m
 CONFIG_SCSI_3W_SAS=m
 CONFIG_SCSI_AACRAID=m
@@ -4392,10 +4452,12 @@ CONFIG_SENSORS_SIS5595=m
 CONFIG_SENSORS_SMSC47B397=m
 CONFIG_SENSORS_SMSC47M192=m
 CONFIG_SENSORS_SMSC47M1=m
+CONFIG_SENSORS_TC654=m
 CONFIG_SENSORS_TC74=m
 CONFIG_SENSORS_THMC50=m
 CONFIG_SENSORS_TMP102=m
 CONFIG_SENSORS_TMP103=m
+CONFIG_SENSORS_TMP108=m
 CONFIG_SENSORS_TMP401=m
 CONFIG_SENSORS_TMP421=m
 CONFIG_SENSORS_TPS40422=m
@@ -4812,12 +4874,14 @@ CONFIG_SP5100_TCO=m
 CONFIG_SPARSE_RCU_POINTER=y
 # CONFIG_SPEAKUP is not set
 # CONFIG_SPI_ALTERA is not set
+CONFIG_SPI_ARMADA_3700=m
 # CONFIG_SPI_AXI_SPI_ENGINE is not set
 # CONFIG_SPI_BITBANG is not set
 # CONFIG_SPI_BUTTERFLY is not set
 # CONFIG_SPI_CADENCE is not set
 # CONFIG_SPI_DEBUG is not set
 # CONFIG_SPI_DESIGNWARE is not set
+CONFIG_SPI_FSL_LPSPI=m
 # CONFIG_SPI_FSL_SPI is not set
 # CONFIG_SPI_GPIO is not set
 # CONFIG_SPI_LM70_LLP is not set
@@ -4876,6 +4940,7 @@ CONFIG_STMMAC_ETH=m
 CONFIG_STRICT_DEVMEM=y
 CONFIG_STRIP_ASM_SYMS=y
 # CONFIG_STRIP is not set
+# CONFIG_SUN50I_A64_CCU is not set
 # CONFIG_SUN6I_A31_CCU is not set
 # CONFIG_SUN8I_A23_CCU is not set
 # CONFIG_SUN8I_A33_CCU is not set
@@ -4973,6 +5038,7 @@ CONFIG_TEHUTI=m
 CONFIG_TEKRAM_DONGLE=m
 CONFIG_TELCLOCK=m
 CONFIG_TERANETICS_PHY=m
+CONFIG_TEST_ASYNC_DRIVER_PROBE=m
 # CONFIG_TEST_BITMAP is not set
 # CONFIG_TEST_BPF is not set
 # CONFIG_TEST_FIRMWARE is not set
@@ -5154,6 +5220,7 @@ CONFIG_UID16=y
 CONFIG_UIO_AEC=m
 CONFIG_UIO_CIF=m
 # CONFIG_UIO_DMEM_GENIRQ is not set
+CONFIG_UIO_HV_GENERIC=m
 CONFIG_UIO=m
 # CONFIG_UIO_MF624 is not set
 # CONFIG_UIO_NETX is not set
@@ -5367,6 +5434,7 @@ CONFIG_USB_SERIAL_EDGEPORT=m
 CONFIG_USB_SERIAL_EDGEPORT_TI=m
 CONFIG_USB_SERIAL_EMPEG=m
 # CONFIG_USB_SERIAL_F81232 is not set
+CONFIG_USB_SERIAL_F8153X=m
 CONFIG_USB_SERIAL_FTDI_SIO=m
 CONFIG_USB_SERIAL_GARMIN=m
 CONFIG_USB_SERIAL_GENERIC=y
@@ -5494,6 +5562,8 @@ CONFIG_VETH=m
 CONFIG_VFAT_FS=m
 CONFIG_VFIO_IOMMU_TYPE1=m
 CONFIG_VFIO=m
+CONFIG_VFIO_MDEV_DEVICE=m
+CONFIG_VFIO_MDEV=m
 # CONFIG_VFIO_NOIOMMU is not set
 CONFIG_VFIO_PCI=m
 CONFIG_VFIO_PCI_VGA=y
diff --git a/kernel-i686-debug.config b/kernel-i686-debug.config
index b04283c84..f919ada09 100644
--- a/kernel-i686-debug.config
+++ b/kernel-i686-debug.config
@@ -34,6 +34,7 @@ CONFIG_9P_FS_SECURITY=y
 CONFIG_A11Y_BRAILLE_CONSOLE=y
 # CONFIG_AB3100_CORE is not set
 # CONFIG_AB3100_OTP is not set
+CONFIG_ABP060MG=m
 # CONFIG_ABX500_CORE is not set
 CONFIG_ACCESSIBILITY=y
 CONFIG_ACENIC=m
@@ -114,6 +115,7 @@ CONFIG_ACTISYS_DONGLE=m
 # CONFIG_AD7476 is not set
 # CONFIG_AD7606 is not set
 # CONFIG_AD7746 is not set
+CONFIG_AD7766=m
 # CONFIG_AD7780 is not set
 # CONFIG_AD7791 is not set
 # CONFIG_AD7793 is not set
@@ -223,6 +225,7 @@ CONFIG_AR5523=m
 CONFIG_ARC_EMAC=m
 # CONFIG_ARCNET is not set
 CONFIG_ARM64_PTDUMP=y
+# CONFIG_ARM64_SW_TTBR0_PAN is not set
 # CONFIG_ARM_ARCH_TIMER_EVTSTREAM is not set
 # CONFIG_ARM_SCPI_PROTOCOL is not set
 # CONFIG_AS3935 is not set
@@ -397,6 +400,7 @@ CONFIG_BAYCOM_SER_HDX=m
 # CONFIG_BCACHE_CLOSURES_DEBUG is not set
 # CONFIG_BCACHE_DEBUG is not set
 CONFIG_BCACHE=m
+# CONFIG_BCM2835_VCHIQ is not set
 CONFIG_BCM63XX_PHY=m
 # CONFIG_BCM7038_WDT is not set
 CONFIG_BCM7XXX_PHY=m
@@ -466,6 +470,10 @@ CONFIG_BLK_DEV_THROTTLING=y
 # CONFIG_BLK_DEV_UB is not set
 CONFIG_BLK_DEV_UMEM=m
 CONFIG_BLK_DEV=y
+CONFIG_BLK_DEV_ZONED=y
+CONFIG_BLK_WBT_MQ=y
+# CONFIG_BLK_WBT_SQ is not set
+CONFIG_BLK_WBT=y
 # CONFIG_BMA180 is not set
 # CONFIG_BMA220 is not set
 CONFIG_BMC150_ACCEL=m
@@ -740,7 +748,16 @@ CONFIG_CODA_FS=m
 # CONFIG_COMMON_CLK_CDCE706 is not set
 # CONFIG_COMMON_CLK_CDCE925 is not set
 # CONFIG_COMMON_CLK_CS2000_CP is not set
+# CONFIG_COMMON_CLK_HI3516CV300 is not set
 # CONFIG_COMMON_CLK_HI3519 is not set
+# CONFIG_COMMON_CLK_HI3798CV200 is not set
+# CONFIG_COMMON_CLK_MT2701_BDPSYS is not set
+# CONFIG_COMMON_CLK_MT2701_ETHSYS is not set
+# CONFIG_COMMON_CLK_MT2701_HIFSYS is not set
+# CONFIG_COMMON_CLK_MT2701_IMGSYS is not set
+# CONFIG_COMMON_CLK_MT2701 is not set
+# CONFIG_COMMON_CLK_MT2701_MMSYS is not set
+# CONFIG_COMMON_CLK_MT2701_VDECSYS is not set
 # CONFIG_COMMON_CLK_MT8135 is not set
 # CONFIG_COMMON_CLK_MT8173 is not set
 # CONFIG_COMMON_CLK_OXNAS is not set
@@ -907,6 +924,8 @@ CONFIG_CW1200_WLAN_SPI=m
 # CONFIG_CX_ECAT is not set
 CONFIG_CYCLADES=m
 # CONFIG_CYZ_INTR is not set
+CONFIG_DA280=m
+CONFIG_DA311=m
 CONFIG_DAVICOM_PHY=m
 CONFIG_DCB=y
 CONFIG_DCDBAS=m
@@ -1021,8 +1040,10 @@ CONFIG_DMADEVICES_DEBUG=y
 # CONFIG_DMADEVICES_VDEBUG is not set
 CONFIG_DMADEVICES=y
 CONFIG_DMA_ENGINE=y
+# CONFIG_DMA_FENCE_TRACE is not set
 # CONFIG_DMARD06 is not set
 # CONFIG_DMARD09 is not set
+CONFIG_DMARD10=m
 # CONFIG_DMATEST is not set
 CONFIG_DM_CACHE_CLEANER=m
 CONFIG_DM_CACHE=m
@@ -1058,6 +1079,7 @@ CONFIG_DP83640_PHY=m
 CONFIG_DP83848_PHY=m
 CONFIG_DP83867_PHY=m
 # CONFIG_DPM_WATCHDOG is not set # revisit this in debug
+CONFIG_DPOT_DAC=m
 CONFIG_DPTF_POWER=m
 CONFIG_DRAGONRISE_FF=y
 CONFIG_DRBD_FAULT_INJECTION=y
@@ -1075,19 +1097,25 @@ CONFIG_DRM_BOCHS=m
 CONFIG_DRM_CIRRUS_QEMU=m # do not enable on f17 or older
 CONFIG_DRM_DP_AUX_CHARDEV=y
 # CONFIG_DRM_DUMB_VGA_DAC is not set
+CONFIG_DRM_DW_HDMI_I2S_AUDIO=m
 CONFIG_DRM_FBDEV_EMULATION=y
 CONFIG_DRM_GMA3600=y
 CONFIG_DRM_GMA500=m
 # CONFIG_DRM_GMA600 is not set
+CONFIG_DRM_HISI_HIBMC=m
+CONFIG_DRM_I2C_ADV7511_AUDIO=y
 CONFIG_DRM_I2C_ADV7511=m
 # CONFIG_DRM_I2C_ADV7533 is not set
 CONFIG_DRM_I2C_CH7006=m
 CONFIG_DRM_I2C_NXP_TDA998X=m
 CONFIG_DRM_I2C_SIL164=m
 # CONFIG_DRM_I810 is not set
+# CONFIG_DRM_I915_ALPHA_SUPPORT is not set
+CONFIG_DRM_I915_CAPTURE_ERROR=y
+CONFIG_DRM_I915_COMPRESS_ERROR=y
+CONFIG_DRM_I915_GVT_KVMGT=m
 CONFIG_DRM_I915_GVT=y
 CONFIG_DRM_I915=m
-# CONFIG_DRM_I915_PRELIMINARY_HW_SUPPORT is not set
 CONFIG_DRM_I915_USERPTR=y
 # CONFIG_DRM_LEGACY is not set
 CONFIG_DRM_LOAD_EDID_FIRMWARE=y
@@ -1095,6 +1123,7 @@ CONFIG_DRM=m
 # CONFIG_DRM_MALI_DISPLAY is not set
 CONFIG_DRM_MGAG200=m # do not enable on f17 or older
 # CONFIG_DRM_MGA is not set
+CONFIG_DRM_MXSFB=m
 CONFIG_DRM_NOUVEAU_BACKLIGHT=y
 CONFIG_DRM_NOUVEAU=m
 # CONFIG_DRM_NXP_PTN3460 is not set
@@ -1114,8 +1143,10 @@ CONFIG_DRM_RADEON=m
 CONFIG_DRM_RADEON_USERPTR=y
 # CONFIG_DRM_SAVAGE is not set
 # CONFIG_DRM_SII902X is not set
+CONFIG_DRM_SIL_SII8620=m
 # CONFIG_DRM_SIS is not set
 # CONFIG_DRM_TDFX is not set
+CONFIG_DRM_TI_TFP410=m
 # CONFIG_DRM_TOSHIBA_TC358767 is not set
 CONFIG_DRM_UDL=m
 CONFIG_DRM_VGEM=m
@@ -1260,6 +1291,7 @@ CONFIG_EEPROM_AT24=m
 # CONFIG_EEPROM_AT25 is not set
 CONFIG_EEPROM_LEGACY=m
 CONFIG_EEPROM_MAX6875=m
+CONFIG_EFI_ALLOW_SECURE_BOOT_EXIT=y
 # CONFIG_EFI_BOOTLOADER_CONTROL is not set
 # CONFIG_EFI_CAPSULE_LOADER is not set
 # CONFIG_EFI_FAKE_MEMMAP is not set
@@ -1267,6 +1299,7 @@ CONFIG_EFI_PARTITION=y
 CONFIG_EFI_PCDP=y
 CONFIG_EFI_PGT_DUMP=y
 CONFIG_EFI_RUNTIME_MAP=y
+CONFIG_EFI_SECURE_BOOT_LOCK_DOWN=y
 CONFIG_EFI_SECURE_BOOT_SIG_ENFORCE=y
 CONFIG_EFI_SIGNATURE_LIST_PARSER=y
 CONFIG_EFI_STUB=y
@@ -1285,6 +1318,7 @@ CONFIG_ENABLE_MUST_CHECK=y
 CONFIG_ENCLOSURE_SERVICES=m
 CONFIG_ENCRYPTED_KEYS=m
 CONFIG_ENIC=m
+CONFIG_ENVELOPE_DETECTOR=m
 CONFIG_EPIC100=m
 CONFIG_EPOLL=y
 CONFIG_EQUALIZER=m
@@ -1432,7 +1466,6 @@ CONFIG_FCOE_FNIC=m
 CONFIG_FCOE=m
 # CONFIG_FDDI is not set
 CONFIG_FEALNX=m
-# CONFIG_FENCE_TRACE is not set
 CONFIG_FHANDLE=y
 CONFIG_FIREWIRE=m
 CONFIG_FIREWIRE_NET=m
@@ -1757,10 +1790,12 @@ CONFIG_HP_WMI=m
 # CONFIG_HSR is not set
 # CONFIG_HSU_DMA is not set
 # CONFIG_HSU_DMA_PCI is not set
+CONFIG_HT16K33=m
 # CONFIG_HTC_EGPIO is not set
 # CONFIG_HTC_I2CPLD is not set
 # CONFIG_HTC_PASIC3 is not set
 CONFIG_HT_IRQ=y
+CONFIG_HTS221=m
 # CONFIG_HTU21 is not set
 CONFIG_HUGETLBFS=y
 CONFIG_HUGETLB_PAGE=y
@@ -1897,6 +1932,9 @@ CONFIG_IIO_BUFFER_CB=y
 CONFIG_IIO_BUFFER=y
 CONFIG_IIO_CONFIGFS=m
 CONFIG_IIO_CONSUMERS_PER_TRIGGER=2
+CONFIG_IIO_CROS_EC_SENSORS_CORE=m
+CONFIG_IIO_CROS_EC_SENSORS_COR=m
+CONFIG_IIO_CROS_EC_SENSORS=m
 # CONFIG_IIO_HRTIMER_TRIGGER is not set
 CONFIG_IIO_INTERRUPT_TRIGGER=m
 # CONFIG_IIO_KFIFO_BUF is not set
@@ -2016,6 +2054,8 @@ CONFIG_INPUT_MPU3050=m
 CONFIG_INPUT_PCF50633_PMU=m
 # CONFIG_INPUT_PCF8574 is not set
 CONFIG_INPUT_PCSPKR=m
+CONFIG_INPUT_PM8XXX_VIBRATOR=m
+CONFIG_INPUT_PMIC8XXX_PWRKEY=m
 CONFIG_INPUT_POLLDEV=m
 CONFIG_INPUT_POWERMATE=m
 CONFIG_INPUT_PWM_BEEPER=m
@@ -2400,6 +2440,7 @@ CONFIG_KEYBOARD_GPIO=m
 # CONFIG_KEYBOARD_NEWTON is not set
 # CONFIG_KEYBOARD_OMAP4 is not set
 # CONFIG_KEYBOARD_OPENCORES is not set
+CONFIG_KEYBOARD_PMIC8XXX=m
 # CONFIG_KEYBOARD_QT1070 is not set
 # CONFIG_KEYBOARD_QT2160 is not set
 # CONFIG_KEYBOARD_SAMSUNG is not set
@@ -2497,6 +2538,7 @@ CONFIG_LEDS_LP3952=m
 CONFIG_LEDS_LT3593=m
 CONFIG_LEDS_MLXCPLD=m
 # CONFIG_LEDS_NET48XX is not set
+CONFIG_LEDS_NIC78BX=m
 # CONFIG_LEDS_OT200 is not set
 # CONFIG_LEDS_PCA9532 is not set
 # CONFIG_LEDS_PCA955X is not set
@@ -2521,6 +2563,7 @@ CONFIG_LEDS_TRIGGER_PANIC=y
 CONFIG_LEDS_TRIGGERS=y
 CONFIG_LEDS_TRIGGER_TIMER=m
 CONFIG_LEDS_TRIGGER_TRANSIENT=m
+CONFIG_LEDS_USER=m
 CONFIG_LEDS_WM831X_STATUS=m
 CONFIG_LEDS_WM8350=m
 CONFIG_LED_TRIGGER_PHY=y
@@ -2562,10 +2605,12 @@ CONFIG_LITELINK_DONGLE=m
 # CONFIG_LKDTM is not set
 # CONFIG_LLC2 is not set
 CONFIG_LLC=m
+CONFIG_LMP91000=m
 # CONFIG_LNET is not set
 CONFIG_LOCALVERSION=""
 # CONFIG_LOCALVERSION_AUTO is not set
 CONFIG_LOCKD=m
+CONFIG_LOCK_DOWN_KERNEL=y
 CONFIG_LOCKD_V4=y
 CONFIG_LOCK_STAT=y
 CONFIG_LOCK_TORTURE_TEST=m
@@ -2761,6 +2806,7 @@ CONFIG_MFD_INTEL_LPSS_PCI=m
 # CONFIG_MFD_MT6397 is not set
 # CONFIG_MFD_PALMAS is not set
 # CONFIG_MFD_PCF50633 is not set
+CONFIG_MFD_PM8XXX=m
 # CONFIG_MFD_RC5T583 is not set
 # CONFIG_MFD_RDC321X is not set
 # CONFIG_MFD_RETU is not set
@@ -2867,6 +2913,7 @@ CONFIG_MMC_REALTEK_PCI=m
 CONFIG_MMC_REALTEK_USB=m
 CONFIG_MMC_RICOH_MMC=y
 CONFIG_MMC_SDHCI_ACPI=m
+CONFIG_MMC_SDHCI_CADENCE=m
 # CONFIG_MMC_SDHCI_F_SDH30 is not set
 CONFIG_MMC_SDHCI=m
 # CONFIG_MMC_SDHCI_OF_ARASAN is not set
@@ -2935,6 +2982,7 @@ CONFIG_MPILIB=y
 # CONFIG_MPL3115 is not set
 CONFIG_MPLS_IPTUNNEL=m
 CONFIG_MPLS_ROUTING=m
+# CONFIG_MPU3050_I2C is not set
 # CONFIG_MS5611 is not set
 # CONFIG_MS5637 is not set
 # CONFIG_MS_BLOCK is not set
@@ -2942,6 +2990,7 @@ CONFIG_MSDOS_FS=m
 CONFIG_MSDOS_PARTITION=y
 CONFIG_MSI_LAPTOP=m
 CONFIG_MSI_WMI=m
+# CONFIG_MSM_GCC_8994 is not set
 CONFIG_MSPRO_BLOCK=m
 CONFIG_MT7601U=m
 # CONFIG_MTD_ABSENT is not set
@@ -3523,8 +3572,11 @@ CONFIG_NSC_FIR=m
 # CONFIG_NTFS_FS is not set
 CONFIG_NTP_PPS=y
 # CONFIG_NUMA is not set
+CONFIG_NVME_FC=m
 # CONFIG_NVMEM is not set
 CONFIG_NVME_RDMA=m
+CONFIG_NVME_TARGET_FCLOOP=m
+CONFIG_NVME_TARGET_FC=m
 CONFIG_NVME_TARGET_LOOP=m
 CONFIG_NVME_TARGET=m
 CONFIG_NVME_TARGET_RDMA=m
@@ -3720,8 +3772,10 @@ CONFIG_PINCTRL_BAYTRAIL=y
 # CONFIG_PINCTRL_BCM281XX is not set
 CONFIG_PINCTRL_BROXTON=m
 CONFIG_PINCTRL_CHERRYVIEW=y
+CONFIG_PINCTRL_MSM8994=m
 # CONFIG_PINCTRL_SINGLE is not set
 CONFIG_PINCTRL_SUNRISEPOINT=m
+# CONFIG_PINCTRL_SX150X is not set
 CONFIG_PINCTRL=y
 # CONFIG_PINMUX is not set
 CONFIG_PKCS7_MESSAGE_PARSER=y
@@ -3821,6 +3875,9 @@ CONFIG_PWM_LPSS_PLATFORM=m
 CONFIG_PWM=y
 # CONFIG_PWRSEQ_EMMC is not set
 # CONFIG_PWRSEQ_SIMPLE is not set
+CONFIG_QCOM_ADSP_PIL=m
+# CONFIG_QCOM_CLK_RPM is not set
+# CONFIG_QCOM_CLK_SMD_RPM is not set
 # CONFIG_QCOM_EBI2 is not set
 # CONFIG_QCOM_HIDMA is not set
 # CONFIG_QCOM_HIDMA_MGMT is not set
@@ -3925,6 +3982,7 @@ CONFIG_REISERFS_FS_XATTR=y
 CONFIG_REISERFS_PROC_INFO=y
 CONFIG_RELAY=y
 CONFIG_RELOCATABLE=y
+CONFIG_REMOTEPROC=m
 # CONFIG_RFD_FTL is not set
 CONFIG_RFKILL_GPIO=m
 CONFIG_RFKILL_INPUT=y
@@ -4024,6 +4082,7 @@ CONFIG_RTC_DRV_PCF85063=m
 CONFIG_RTC_DRV_PCF8523=m
 CONFIG_RTC_DRV_PCF8563=m
 CONFIG_RTC_DRV_PCF8583=m
+CONFIG_RTC_DRV_PM8XXX=m
 CONFIG_RTC_DRV_R9701=m
 CONFIG_RTC_DRV_RP5C01=m
 CONFIG_RTC_DRV_RS5C348=m
@@ -4123,6 +4182,7 @@ CONFIG_SCHED_SMT=y
 # CONFIG_SCHED_STACK_END_CHECK is not set
 CONFIG_SCHEDSTATS=y
 CONFIG_SCHED_TRACER=y
+# CONFIG_SCR24X is not set
 CONFIG_SCSI_3W_9XXX=m
 CONFIG_SCSI_3W_SAS=m
 CONFIG_SCSI_AACRAID=m
@@ -4392,10 +4452,12 @@ CONFIG_SENSORS_SIS5595=m
 CONFIG_SENSORS_SMSC47B397=m
 CONFIG_SENSORS_SMSC47M192=m
 CONFIG_SENSORS_SMSC47M1=m
+CONFIG_SENSORS_TC654=m
 CONFIG_SENSORS_TC74=m
 CONFIG_SENSORS_THMC50=m
 CONFIG_SENSORS_TMP102=m
 CONFIG_SENSORS_TMP103=m
+CONFIG_SENSORS_TMP108=m
 CONFIG_SENSORS_TMP401=m
 CONFIG_SENSORS_TMP421=m
 CONFIG_SENSORS_TPS40422=m
@@ -4812,12 +4874,14 @@ CONFIG_SP5100_TCO=m
 CONFIG_SPARSE_RCU_POINTER=y
 # CONFIG_SPEAKUP is not set
 # CONFIG_SPI_ALTERA is not set
+CONFIG_SPI_ARMADA_3700=m
 # CONFIG_SPI_AXI_SPI_ENGINE is not set
 # CONFIG_SPI_BITBANG is not set
 # CONFIG_SPI_BUTTERFLY is not set
 # CONFIG_SPI_CADENCE is not set
 # CONFIG_SPI_DEBUG is not set
 # CONFIG_SPI_DESIGNWARE is not set
+CONFIG_SPI_FSL_LPSPI=m
 # CONFIG_SPI_FSL_SPI is not set
 # CONFIG_SPI_GPIO is not set
 # CONFIG_SPI_LM70_LLP is not set
@@ -4876,6 +4940,7 @@ CONFIG_STMMAC_ETH=m
 CONFIG_STRICT_DEVMEM=y
 CONFIG_STRIP_ASM_SYMS=y
 # CONFIG_STRIP is not set
+# CONFIG_SUN50I_A64_CCU is not set
 # CONFIG_SUN6I_A31_CCU is not set
 # CONFIG_SUN8I_A23_CCU is not set
 # CONFIG_SUN8I_A33_CCU is not set
@@ -4973,6 +5038,7 @@ CONFIG_TEHUTI=m
 CONFIG_TEKRAM_DONGLE=m
 CONFIG_TELCLOCK=m
 CONFIG_TERANETICS_PHY=m
+CONFIG_TEST_ASYNC_DRIVER_PROBE=m
 # CONFIG_TEST_BITMAP is not set
 # CONFIG_TEST_BPF is not set
 # CONFIG_TEST_FIRMWARE is not set
@@ -5154,6 +5220,7 @@ CONFIG_UID16=y
 CONFIG_UIO_AEC=m
 CONFIG_UIO_CIF=m
 # CONFIG_UIO_DMEM_GENIRQ is not set
+CONFIG_UIO_HV_GENERIC=m
 CONFIG_UIO=m
 # CONFIG_UIO_MF624 is not set
 # CONFIG_UIO_NETX is not set
@@ -5367,6 +5434,7 @@ CONFIG_USB_SERIAL_EDGEPORT=m
 CONFIG_USB_SERIAL_EDGEPORT_TI=m
 CONFIG_USB_SERIAL_EMPEG=m
 # CONFIG_USB_SERIAL_F81232 is not set
+CONFIG_USB_SERIAL_F8153X=m
 CONFIG_USB_SERIAL_FTDI_SIO=m
 CONFIG_USB_SERIAL_GARMIN=m
 CONFIG_USB_SERIAL_GENERIC=y
@@ -5494,6 +5562,8 @@ CONFIG_VETH=m
 CONFIG_VFAT_FS=m
 CONFIG_VFIO_IOMMU_TYPE1=m
 CONFIG_VFIO=m
+CONFIG_VFIO_MDEV_DEVICE=m
+CONFIG_VFIO_MDEV=m
 # CONFIG_VFIO_NOIOMMU is not set
 CONFIG_VFIO_PCI=m
 CONFIG_VFIO_PCI_VGA=y
diff --git a/kernel-i686.config b/kernel-i686.config
index e9f38b16f..bc15aa5d9 100644
--- a/kernel-i686.config
+++ b/kernel-i686.config
@@ -34,6 +34,7 @@ CONFIG_9P_FS_SECURITY=y
 CONFIG_A11Y_BRAILLE_CONSOLE=y
 # CONFIG_AB3100_CORE is not set
 # CONFIG_AB3100_OTP is not set
+CONFIG_ABP060MG=m
 # CONFIG_ABX500_CORE is not set
 CONFIG_ACCESSIBILITY=y
 CONFIG_ACENIC=m
@@ -114,6 +115,7 @@ CONFIG_ACTISYS_DONGLE=m
 # CONFIG_AD7476 is not set
 # CONFIG_AD7606 is not set
 # CONFIG_AD7746 is not set
+CONFIG_AD7766=m
 # CONFIG_AD7780 is not set
 # CONFIG_AD7791 is not set
 # CONFIG_AD7793 is not set
@@ -223,6 +225,7 @@ CONFIG_AR5523=m
 CONFIG_ARC_EMAC=m
 # CONFIG_ARCNET is not set
 # CONFIG_ARM64_PTDUMP is not set
+# CONFIG_ARM64_SW_TTBR0_PAN is not set
 # CONFIG_ARM_ARCH_TIMER_EVTSTREAM is not set
 # CONFIG_ARM_SCPI_PROTOCOL is not set
 # CONFIG_AS3935 is not set
@@ -397,6 +400,7 @@ CONFIG_BAYCOM_SER_HDX=m
 # CONFIG_BCACHE_CLOSURES_DEBUG is not set
 # CONFIG_BCACHE_DEBUG is not set
 CONFIG_BCACHE=m
+# CONFIG_BCM2835_VCHIQ is not set
 CONFIG_BCM63XX_PHY=m
 # CONFIG_BCM7038_WDT is not set
 CONFIG_BCM7XXX_PHY=m
@@ -466,6 +470,10 @@ CONFIG_BLK_DEV_THROTTLING=y
 # CONFIG_BLK_DEV_UB is not set
 CONFIG_BLK_DEV_UMEM=m
 CONFIG_BLK_DEV=y
+CONFIG_BLK_DEV_ZONED=y
+CONFIG_BLK_WBT_MQ=y
+# CONFIG_BLK_WBT_SQ is not set
+CONFIG_BLK_WBT=y
 # CONFIG_BMA180 is not set
 # CONFIG_BMA220 is not set
 CONFIG_BMC150_ACCEL=m
@@ -740,7 +748,16 @@ CONFIG_CODA_FS=m
 # CONFIG_COMMON_CLK_CDCE706 is not set
 # CONFIG_COMMON_CLK_CDCE925 is not set
 # CONFIG_COMMON_CLK_CS2000_CP is not set
+# CONFIG_COMMON_CLK_HI3516CV300 is not set
 # CONFIG_COMMON_CLK_HI3519 is not set
+# CONFIG_COMMON_CLK_HI3798CV200 is not set
+# CONFIG_COMMON_CLK_MT2701_BDPSYS is not set
+# CONFIG_COMMON_CLK_MT2701_ETHSYS is not set
+# CONFIG_COMMON_CLK_MT2701_HIFSYS is not set
+# CONFIG_COMMON_CLK_MT2701_IMGSYS is not set
+# CONFIG_COMMON_CLK_MT2701 is not set
+# CONFIG_COMMON_CLK_MT2701_MMSYS is not set
+# CONFIG_COMMON_CLK_MT2701_VDECSYS is not set
 # CONFIG_COMMON_CLK_MT8135 is not set
 # CONFIG_COMMON_CLK_MT8173 is not set
 # CONFIG_COMMON_CLK_OXNAS is not set
@@ -906,6 +923,8 @@ CONFIG_CW1200_WLAN_SPI=m
 # CONFIG_CX_ECAT is not set
 CONFIG_CYCLADES=m
 # CONFIG_CYZ_INTR is not set
+CONFIG_DA280=m
+CONFIG_DA311=m
 CONFIG_DAVICOM_PHY=m
 CONFIG_DCB=y
 CONFIG_DCDBAS=m
@@ -1011,8 +1030,10 @@ CONFIG_DM9102=m
 # CONFIG_DMADEVICES_DEBUG is not set
 CONFIG_DMADEVICES=y
 CONFIG_DMA_ENGINE=y
+# CONFIG_DMA_FENCE_TRACE is not set
 # CONFIG_DMARD06 is not set
 # CONFIG_DMARD09 is not set
+CONFIG_DMARD10=m
 # CONFIG_DMATEST is not set
 CONFIG_DM_CACHE_CLEANER=m
 CONFIG_DM_CACHE=m
@@ -1048,6 +1069,7 @@ CONFIG_DP83640_PHY=m
 CONFIG_DP83848_PHY=m
 CONFIG_DP83867_PHY=m
 # CONFIG_DPM_WATCHDOG is not set # revisit this in debug
+CONFIG_DPOT_DAC=m
 CONFIG_DPTF_POWER=m
 CONFIG_DRAGONRISE_FF=y
 # CONFIG_DRBD_FAULT_INJECTION is not set
@@ -1065,19 +1087,25 @@ CONFIG_DRM_BOCHS=m
 CONFIG_DRM_CIRRUS_QEMU=m # do not enable on f17 or older
 CONFIG_DRM_DP_AUX_CHARDEV=y
 # CONFIG_DRM_DUMB_VGA_DAC is not set
+CONFIG_DRM_DW_HDMI_I2S_AUDIO=m
 CONFIG_DRM_FBDEV_EMULATION=y
 CONFIG_DRM_GMA3600=y
 CONFIG_DRM_GMA500=m
 # CONFIG_DRM_GMA600 is not set
+CONFIG_DRM_HISI_HIBMC=m
+CONFIG_DRM_I2C_ADV7511_AUDIO=y
 CONFIG_DRM_I2C_ADV7511=m
 # CONFIG_DRM_I2C_ADV7533 is not set
 CONFIG_DRM_I2C_CH7006=m
 CONFIG_DRM_I2C_NXP_TDA998X=m
 CONFIG_DRM_I2C_SIL164=m
 # CONFIG_DRM_I810 is not set
+# CONFIG_DRM_I915_ALPHA_SUPPORT is not set
+CONFIG_DRM_I915_CAPTURE_ERROR=y
+CONFIG_DRM_I915_COMPRESS_ERROR=y
+CONFIG_DRM_I915_GVT_KVMGT=m
 CONFIG_DRM_I915_GVT=y
 CONFIG_DRM_I915=m
-# CONFIG_DRM_I915_PRELIMINARY_HW_SUPPORT is not set
 CONFIG_DRM_I915_USERPTR=y
 # CONFIG_DRM_LEGACY is not set
 CONFIG_DRM_LOAD_EDID_FIRMWARE=y
@@ -1085,6 +1113,7 @@ CONFIG_DRM=m
 # CONFIG_DRM_MALI_DISPLAY is not set
 CONFIG_DRM_MGAG200=m # do not enable on f17 or older
 # CONFIG_DRM_MGA is not set
+CONFIG_DRM_MXSFB=m
 CONFIG_DRM_NOUVEAU_BACKLIGHT=y
 CONFIG_DRM_NOUVEAU=m
 # CONFIG_DRM_NXP_PTN3460 is not set
@@ -1104,8 +1133,10 @@ CONFIG_DRM_RADEON=m
 CONFIG_DRM_RADEON_USERPTR=y
 # CONFIG_DRM_SAVAGE is not set
 # CONFIG_DRM_SII902X is not set
+CONFIG_DRM_SIL_SII8620=m
 # CONFIG_DRM_SIS is not set
 # CONFIG_DRM_TDFX is not set
+CONFIG_DRM_TI_TFP410=m
 # CONFIG_DRM_TOSHIBA_TC358767 is not set
 CONFIG_DRM_UDL=m
 CONFIG_DRM_VGEM=m
@@ -1250,6 +1281,7 @@ CONFIG_EEPROM_AT24=m
 # CONFIG_EEPROM_AT25 is not set
 CONFIG_EEPROM_LEGACY=m
 CONFIG_EEPROM_MAX6875=m
+CONFIG_EFI_ALLOW_SECURE_BOOT_EXIT=y
 # CONFIG_EFI_BOOTLOADER_CONTROL is not set
 # CONFIG_EFI_CAPSULE_LOADER is not set
 # CONFIG_EFI_FAKE_MEMMAP is not set
@@ -1257,6 +1289,7 @@ CONFIG_EFI_PARTITION=y
 CONFIG_EFI_PCDP=y
 # CONFIG_EFI_PGT_DUMP is not set
 CONFIG_EFI_RUNTIME_MAP=y
+CONFIG_EFI_SECURE_BOOT_LOCK_DOWN=y
 CONFIG_EFI_SECURE_BOOT_SIG_ENFORCE=y
 CONFIG_EFI_SIGNATURE_LIST_PARSER=y
 CONFIG_EFI_STUB=y
@@ -1275,6 +1308,7 @@ CONFIG_ENABLE_MUST_CHECK=y
 CONFIG_ENCLOSURE_SERVICES=m
 CONFIG_ENCRYPTED_KEYS=m
 CONFIG_ENIC=m
+CONFIG_ENVELOPE_DETECTOR=m
 CONFIG_EPIC100=m
 CONFIG_EPOLL=y
 CONFIG_EQUALIZER=m
@@ -1415,7 +1449,6 @@ CONFIG_FCOE_FNIC=m
 CONFIG_FCOE=m
 # CONFIG_FDDI is not set
 CONFIG_FEALNX=m
-# CONFIG_FENCE_TRACE is not set
 CONFIG_FHANDLE=y
 CONFIG_FIREWIRE=m
 CONFIG_FIREWIRE_NET=m
@@ -1740,10 +1773,12 @@ CONFIG_HP_WMI=m
 # CONFIG_HSR is not set
 # CONFIG_HSU_DMA is not set
 # CONFIG_HSU_DMA_PCI is not set
+CONFIG_HT16K33=m
 # CONFIG_HTC_EGPIO is not set
 # CONFIG_HTC_I2CPLD is not set
 # CONFIG_HTC_PASIC3 is not set
 CONFIG_HT_IRQ=y
+CONFIG_HTS221=m
 # CONFIG_HTU21 is not set
 CONFIG_HUGETLBFS=y
 CONFIG_HUGETLB_PAGE=y
@@ -1880,6 +1915,9 @@ CONFIG_IIO_BUFFER_CB=y
 CONFIG_IIO_BUFFER=y
 CONFIG_IIO_CONFIGFS=m
 CONFIG_IIO_CONSUMERS_PER_TRIGGER=2
+CONFIG_IIO_CROS_EC_SENSORS_CORE=m
+CONFIG_IIO_CROS_EC_SENSORS_COR=m
+CONFIG_IIO_CROS_EC_SENSORS=m
 # CONFIG_IIO_HRTIMER_TRIGGER is not set
 CONFIG_IIO_INTERRUPT_TRIGGER=m
 # CONFIG_IIO_KFIFO_BUF is not set
@@ -1999,6 +2037,8 @@ CONFIG_INPUT_MPU3050=m
 CONFIG_INPUT_PCF50633_PMU=m
 # CONFIG_INPUT_PCF8574 is not set
 CONFIG_INPUT_PCSPKR=m
+CONFIG_INPUT_PM8XXX_VIBRATOR=m
+CONFIG_INPUT_PMIC8XXX_PWRKEY=m
 CONFIG_INPUT_POLLDEV=m
 CONFIG_INPUT_POWERMATE=m
 CONFIG_INPUT_PWM_BEEPER=m
@@ -2381,6 +2421,7 @@ CONFIG_KEYBOARD_GPIO=m
 # CONFIG_KEYBOARD_NEWTON is not set
 # CONFIG_KEYBOARD_OMAP4 is not set
 # CONFIG_KEYBOARD_OPENCORES is not set
+CONFIG_KEYBOARD_PMIC8XXX=m
 # CONFIG_KEYBOARD_QT1070 is not set
 # CONFIG_KEYBOARD_QT2160 is not set
 # CONFIG_KEYBOARD_SAMSUNG is not set
@@ -2478,6 +2519,7 @@ CONFIG_LEDS_LP3952=m
 CONFIG_LEDS_LT3593=m
 CONFIG_LEDS_MLXCPLD=m
 # CONFIG_LEDS_NET48XX is not set
+CONFIG_LEDS_NIC78BX=m
 # CONFIG_LEDS_OT200 is not set
 # CONFIG_LEDS_PCA9532 is not set
 # CONFIG_LEDS_PCA955X is not set
@@ -2502,6 +2544,7 @@ CONFIG_LEDS_TRIGGER_PANIC=y
 CONFIG_LEDS_TRIGGERS=y
 CONFIG_LEDS_TRIGGER_TIMER=m
 CONFIG_LEDS_TRIGGER_TRANSIENT=m
+CONFIG_LEDS_USER=m
 CONFIG_LEDS_WM831X_STATUS=m
 CONFIG_LEDS_WM8350=m
 CONFIG_LED_TRIGGER_PHY=y
@@ -2543,10 +2586,12 @@ CONFIG_LITELINK_DONGLE=m
 # CONFIG_LKDTM is not set
 # CONFIG_LLC2 is not set
 CONFIG_LLC=m
+CONFIG_LMP91000=m
 # CONFIG_LNET is not set
 CONFIG_LOCALVERSION=""
 # CONFIG_LOCALVERSION_AUTO is not set
 CONFIG_LOCKD=m
+CONFIG_LOCK_DOWN_KERNEL=y
 CONFIG_LOCKD_V4=y
 # CONFIG_LOCK_STAT is not set
 # CONFIG_LOCK_TORTURE_TEST is not set
@@ -2742,6 +2787,7 @@ CONFIG_MFD_INTEL_LPSS_PCI=m
 # CONFIG_MFD_MT6397 is not set
 # CONFIG_MFD_PALMAS is not set
 # CONFIG_MFD_PCF50633 is not set
+CONFIG_MFD_PM8XXX=m
 # CONFIG_MFD_RC5T583 is not set
 # CONFIG_MFD_RDC321X is not set
 # CONFIG_MFD_RETU is not set
@@ -2848,6 +2894,7 @@ CONFIG_MMC_REALTEK_PCI=m
 CONFIG_MMC_REALTEK_USB=m
 CONFIG_MMC_RICOH_MMC=y
 CONFIG_MMC_SDHCI_ACPI=m
+CONFIG_MMC_SDHCI_CADENCE=m
 # CONFIG_MMC_SDHCI_F_SDH30 is not set
 CONFIG_MMC_SDHCI=m
 # CONFIG_MMC_SDHCI_OF_ARASAN is not set
@@ -2916,6 +2963,7 @@ CONFIG_MPILIB=y
 # CONFIG_MPL3115 is not set
 CONFIG_MPLS_IPTUNNEL=m
 CONFIG_MPLS_ROUTING=m
+# CONFIG_MPU3050_I2C is not set
 # CONFIG_MS5611 is not set
 # CONFIG_MS5637 is not set
 # CONFIG_MS_BLOCK is not set
@@ -2923,6 +2971,7 @@ CONFIG_MSDOS_FS=m
 CONFIG_MSDOS_PARTITION=y
 CONFIG_MSI_LAPTOP=m
 CONFIG_MSI_WMI=m
+# CONFIG_MSM_GCC_8994 is not set
 CONFIG_MSPRO_BLOCK=m
 CONFIG_MT7601U=m
 # CONFIG_MTD_ABSENT is not set
@@ -3504,8 +3553,11 @@ CONFIG_NSC_FIR=m
 # CONFIG_NTFS_FS is not set
 CONFIG_NTP_PPS=y
 # CONFIG_NUMA is not set
+CONFIG_NVME_FC=m
 # CONFIG_NVMEM is not set
 CONFIG_NVME_RDMA=m
+CONFIG_NVME_TARGET_FCLOOP=m
+CONFIG_NVME_TARGET_FC=m
 CONFIG_NVME_TARGET_LOOP=m
 CONFIG_NVME_TARGET=m
 CONFIG_NVME_TARGET_RDMA=m
@@ -3701,8 +3753,10 @@ CONFIG_PINCTRL_BAYTRAIL=y
 # CONFIG_PINCTRL_BCM281XX is not set
 CONFIG_PINCTRL_BROXTON=m
 CONFIG_PINCTRL_CHERRYVIEW=y
+CONFIG_PINCTRL_MSM8994=m
 # CONFIG_PINCTRL_SINGLE is not set
 CONFIG_PINCTRL_SUNRISEPOINT=m
+# CONFIG_PINCTRL_SX150X is not set
 CONFIG_PINCTRL=y
 # CONFIG_PINMUX is not set
 CONFIG_PKCS7_MESSAGE_PARSER=y
@@ -3801,6 +3855,9 @@ CONFIG_PWM_LPSS_PLATFORM=m
 CONFIG_PWM=y
 # CONFIG_PWRSEQ_EMMC is not set
 # CONFIG_PWRSEQ_SIMPLE is not set
+CONFIG_QCOM_ADSP_PIL=m
+# CONFIG_QCOM_CLK_RPM is not set
+# CONFIG_QCOM_CLK_SMD_RPM is not set
 # CONFIG_QCOM_EBI2 is not set
 # CONFIG_QCOM_HIDMA is not set
 # CONFIG_QCOM_HIDMA_MGMT is not set
@@ -3905,6 +3962,7 @@ CONFIG_REISERFS_FS_XATTR=y
 CONFIG_REISERFS_PROC_INFO=y
 CONFIG_RELAY=y
 CONFIG_RELOCATABLE=y
+CONFIG_REMOTEPROC=m
 # CONFIG_RFD_FTL is not set
 CONFIG_RFKILL_GPIO=m
 CONFIG_RFKILL_INPUT=y
@@ -4004,6 +4062,7 @@ CONFIG_RTC_DRV_PCF85063=m
 CONFIG_RTC_DRV_PCF8523=m
 CONFIG_RTC_DRV_PCF8563=m
 CONFIG_RTC_DRV_PCF8583=m
+CONFIG_RTC_DRV_PM8XXX=m
 CONFIG_RTC_DRV_R9701=m
 CONFIG_RTC_DRV_RP5C01=m
 CONFIG_RTC_DRV_RS5C348=m
@@ -4103,6 +4162,7 @@ CONFIG_SCHED_SMT=y
 # CONFIG_SCHED_STACK_END_CHECK is not set
 CONFIG_SCHEDSTATS=y
 CONFIG_SCHED_TRACER=y
+# CONFIG_SCR24X is not set
 CONFIG_SCSI_3W_9XXX=m
 CONFIG_SCSI_3W_SAS=m
 CONFIG_SCSI_AACRAID=m
@@ -4372,10 +4432,12 @@ CONFIG_SENSORS_SIS5595=m
 CONFIG_SENSORS_SMSC47B397=m
 CONFIG_SENSORS_SMSC47M192=m
 CONFIG_SENSORS_SMSC47M1=m
+CONFIG_SENSORS_TC654=m
 CONFIG_SENSORS_TC74=m
 CONFIG_SENSORS_THMC50=m
 CONFIG_SENSORS_TMP102=m
 CONFIG_SENSORS_TMP103=m
+CONFIG_SENSORS_TMP108=m
 CONFIG_SENSORS_TMP401=m
 CONFIG_SENSORS_TMP421=m
 CONFIG_SENSORS_TPS40422=m
@@ -4791,12 +4853,14 @@ CONFIG_SP5100_TCO=m
 CONFIG_SPARSE_RCU_POINTER=y
 # CONFIG_SPEAKUP is not set
 # CONFIG_SPI_ALTERA is not set
+CONFIG_SPI_ARMADA_3700=m
 # CONFIG_SPI_AXI_SPI_ENGINE is not set
 # CONFIG_SPI_BITBANG is not set
 # CONFIG_SPI_BUTTERFLY is not set
 # CONFIG_SPI_CADENCE is not set
 # CONFIG_SPI_DEBUG is not set
 # CONFIG_SPI_DESIGNWARE is not set
+CONFIG_SPI_FSL_LPSPI=m
 # CONFIG_SPI_FSL_SPI is not set
 # CONFIG_SPI_GPIO is not set
 # CONFIG_SPI_LM70_LLP is not set
@@ -4855,6 +4919,7 @@ CONFIG_STMMAC_ETH=m
 CONFIG_STRICT_DEVMEM=y
 CONFIG_STRIP_ASM_SYMS=y
 # CONFIG_STRIP is not set
+# CONFIG_SUN50I_A64_CCU is not set
 # CONFIG_SUN6I_A31_CCU is not set
 # CONFIG_SUN8I_A23_CCU is not set
 # CONFIG_SUN8I_A33_CCU is not set
@@ -4952,6 +5017,7 @@ CONFIG_TEHUTI=m
 CONFIG_TEKRAM_DONGLE=m
 CONFIG_TELCLOCK=m
 CONFIG_TERANETICS_PHY=m
+CONFIG_TEST_ASYNC_DRIVER_PROBE=m
 # CONFIG_TEST_BITMAP is not set
 # CONFIG_TEST_BPF is not set
 # CONFIG_TEST_FIRMWARE is not set
@@ -5133,6 +5199,7 @@ CONFIG_UID16=y
 CONFIG_UIO_AEC=m
 CONFIG_UIO_CIF=m
 # CONFIG_UIO_DMEM_GENIRQ is not set
+CONFIG_UIO_HV_GENERIC=m
 CONFIG_UIO=m
 # CONFIG_UIO_MF624 is not set
 # CONFIG_UIO_NETX is not set
@@ -5346,6 +5413,7 @@ CONFIG_USB_SERIAL_EDGEPORT=m
 CONFIG_USB_SERIAL_EDGEPORT_TI=m
 CONFIG_USB_SERIAL_EMPEG=m
 # CONFIG_USB_SERIAL_F81232 is not set
+CONFIG_USB_SERIAL_F8153X=m
 CONFIG_USB_SERIAL_FTDI_SIO=m
 CONFIG_USB_SERIAL_GARMIN=m
 CONFIG_USB_SERIAL_GENERIC=y
@@ -5473,6 +5541,8 @@ CONFIG_VETH=m
 CONFIG_VFAT_FS=m
 CONFIG_VFIO_IOMMU_TYPE1=m
 CONFIG_VFIO=m
+CONFIG_VFIO_MDEV_DEVICE=m
+CONFIG_VFIO_MDEV=m
 # CONFIG_VFIO_NOIOMMU is not set
 CONFIG_VFIO_PCI=m
 CONFIG_VFIO_PCI_VGA=y
diff --git a/kernel-ppc64-debug.config b/kernel-ppc64-debug.config
index 1e86bbe14..a94e06b13 100644
--- a/kernel-ppc64-debug.config
+++ b/kernel-ppc64-debug.config
@@ -33,6 +33,7 @@ CONFIG_9P_FS_SECURITY=y
 CONFIG_A11Y_BRAILLE_CONSOLE=y
 # CONFIG_AB3100_CORE is not set
 # CONFIG_AB3100_OTP is not set
+CONFIG_ABP060MG=m
 # CONFIG_ABX500_CORE is not set
 CONFIG_ACCESSIBILITY=y
 CONFIG_ACENIC=m
@@ -77,6 +78,7 @@ CONFIG_ACTISYS_DONGLE=m
 # CONFIG_AD7476 is not set
 # CONFIG_AD7606 is not set
 # CONFIG_AD7746 is not set
+CONFIG_AD7766=m
 # CONFIG_AD7780 is not set
 # CONFIG_AD7791 is not set
 # CONFIG_AD7793 is not set
@@ -185,6 +187,7 @@ CONFIG_AR5523=m
 CONFIG_ARC_EMAC=m
 # CONFIG_ARCNET is not set
 CONFIG_ARM64_PTDUMP=y
+# CONFIG_ARM64_SW_TTBR0_PAN is not set
 # CONFIG_ARM_ARCH_TIMER_EVTSTREAM is not set
 # CONFIG_ARM_SCPI_PROTOCOL is not set
 # CONFIG_AS3935 is not set
@@ -352,6 +355,7 @@ CONFIG_BAYCOM_SER_HDX=m
 # CONFIG_BCACHE_CLOSURES_DEBUG is not set
 # CONFIG_BCACHE_DEBUG is not set
 CONFIG_BCACHE=m
+# CONFIG_BCM2835_VCHIQ is not set
 CONFIG_BCM63XX_PHY=m
 # CONFIG_BCM7038_WDT is not set
 CONFIG_BCM7XXX_PHY=m
@@ -459,6 +463,10 @@ CONFIG_BLK_DEV_THROTTLING=y
 CONFIG_BLK_DEV_UMEM=m
 # CONFIG_BLK_DEV_VIA82CXXX is not set
 CONFIG_BLK_DEV=y
+CONFIG_BLK_DEV_ZONED=y
+CONFIG_BLK_WBT_MQ=y
+# CONFIG_BLK_WBT_SQ is not set
+CONFIG_BLK_WBT=y
 # CONFIG_BMA180 is not set
 # CONFIG_BMA220 is not set
 CONFIG_BMC150_ACCEL=m
@@ -737,7 +745,16 @@ CONFIG_CODA_FS=m
 # CONFIG_COMMON_CLK_CDCE706 is not set
 # CONFIG_COMMON_CLK_CDCE925 is not set
 # CONFIG_COMMON_CLK_CS2000_CP is not set
+# CONFIG_COMMON_CLK_HI3516CV300 is not set
 # CONFIG_COMMON_CLK_HI3519 is not set
+# CONFIG_COMMON_CLK_HI3798CV200 is not set
+# CONFIG_COMMON_CLK_MT2701_BDPSYS is not set
+# CONFIG_COMMON_CLK_MT2701_ETHSYS is not set
+# CONFIG_COMMON_CLK_MT2701_HIFSYS is not set
+# CONFIG_COMMON_CLK_MT2701_IMGSYS is not set
+# CONFIG_COMMON_CLK_MT2701 is not set
+# CONFIG_COMMON_CLK_MT2701_MMSYS is not set
+# CONFIG_COMMON_CLK_MT2701_VDECSYS is not set
 # CONFIG_COMMON_CLK_MT8135 is not set
 # CONFIG_COMMON_CLK_MT8173 is not set
 # CONFIG_COMMON_CLK_OXNAS is not set
@@ -896,6 +913,8 @@ CONFIG_CXLFLASH=m
 CONFIG_CXL=m
 CONFIG_CYCLADES=m
 # CONFIG_CYZ_INTR is not set
+CONFIG_DA280=m
+CONFIG_DA311=m
 CONFIG_DAVICOM_PHY=m
 CONFIG_DCB=y
 # CONFIG_DDR is not set
@@ -999,8 +1018,10 @@ CONFIG_DMADEVICES_DEBUG=y
 # CONFIG_DMADEVICES_VDEBUG is not set
 CONFIG_DMADEVICES=y
 CONFIG_DMA_ENGINE=y
+# CONFIG_DMA_FENCE_TRACE is not set
 # CONFIG_DMARD06 is not set
 # CONFIG_DMARD09 is not set
+CONFIG_DMARD10=m
 # CONFIG_DMATEST is not set
 CONFIG_DM_CACHE_CLEANER=m
 CONFIG_DM_CACHE=m
@@ -1034,6 +1055,7 @@ CONFIG_DP83640_PHY=m
 CONFIG_DP83848_PHY=m
 CONFIG_DP83867_PHY=m
 # CONFIG_DPM_WATCHDOG is not set # revisit this in debug
+CONFIG_DPOT_DAC=m
 CONFIG_DRAGONRISE_FF=y
 CONFIG_DRBD_FAULT_INJECTION=y
 CONFIG_DRM_AMD_ACP=y
@@ -1050,16 +1072,22 @@ CONFIG_DRM_BOCHS=m
 CONFIG_DRM_CIRRUS_QEMU=m # do not enable on f17 or older
 CONFIG_DRM_DP_AUX_CHARDEV=y
 # CONFIG_DRM_DUMB_VGA_DAC is not set
+CONFIG_DRM_DW_HDMI_I2S_AUDIO=m
 CONFIG_DRM_FBDEV_EMULATION=y
+CONFIG_DRM_HISI_HIBMC=m
+CONFIG_DRM_I2C_ADV7511_AUDIO=y
 CONFIG_DRM_I2C_ADV7511=m
 # CONFIG_DRM_I2C_ADV7533 is not set
 CONFIG_DRM_I2C_CH7006=m
 CONFIG_DRM_I2C_NXP_TDA998X=m
 CONFIG_DRM_I2C_SIL164=m
 # CONFIG_DRM_I810 is not set
+# CONFIG_DRM_I915_ALPHA_SUPPORT is not set
+CONFIG_DRM_I915_CAPTURE_ERROR=y
+CONFIG_DRM_I915_COMPRESS_ERROR=y
+CONFIG_DRM_I915_GVT_KVMGT=m
 CONFIG_DRM_I915_GVT=y
 CONFIG_DRM_I915=m
-# CONFIG_DRM_I915_PRELIMINARY_HW_SUPPORT is not set
 CONFIG_DRM_I915_USERPTR=y
 # CONFIG_DRM_LEGACY is not set
 CONFIG_DRM_LOAD_EDID_FIRMWARE=y
@@ -1067,6 +1095,7 @@ CONFIG_DRM=m
 # CONFIG_DRM_MALI_DISPLAY is not set
 CONFIG_DRM_MGAG200=m # do not enable on f17 or older
 # CONFIG_DRM_MGA is not set
+CONFIG_DRM_MXSFB=m
 CONFIG_DRM_NOUVEAU_BACKLIGHT=y
 CONFIG_DRM_NOUVEAU=m
 # CONFIG_DRM_NXP_PTN3460 is not set
@@ -1081,8 +1110,10 @@ CONFIG_DRM_RADEON=m
 CONFIG_DRM_RADEON_USERPTR=y
 # CONFIG_DRM_SAVAGE is not set
 # CONFIG_DRM_SII902X is not set
+CONFIG_DRM_SIL_SII8620=m
 # CONFIG_DRM_SIS is not set
 # CONFIG_DRM_TDFX is not set
+CONFIG_DRM_TI_TFP410=m
 # CONFIG_DRM_TOSHIBA_TC358767 is not set
 CONFIG_DRM_UDL=m
 CONFIG_DRM_VGEM=m
@@ -1205,8 +1236,10 @@ CONFIG_EEPROM_AT24=m
 # CONFIG_EEPROM_AT25 is not set
 CONFIG_EEPROM_LEGACY=m
 CONFIG_EEPROM_MAX6875=m
+# CONFIG_EFI_ALLOW_SECURE_BOOT_EXIT is not set
 CONFIG_EFI_PARTITION=y
 CONFIG_EFI_PGT_DUMP=y
+# CONFIG_EFI_SECURE_BOOT_LOCK_DOWN is not set
 # CONFIG_EFI_SIGNATURE_LIST_PARSER is not set
 # CONFIG_EFI_TEST is not set
 # CONFIG_EFS_FS is not set
@@ -1219,6 +1252,7 @@ CONFIG_ENABLE_MUST_CHECK=y
 CONFIG_ENCLOSURE_SERVICES=m
 CONFIG_ENCRYPTED_KEYS=m
 CONFIG_ENIC=m
+CONFIG_ENVELOPE_DETECTOR=m
 CONFIG_EPIC100=m
 CONFIG_EPOLL=y
 CONFIG_EQUALIZER=m
@@ -1370,7 +1404,6 @@ CONFIG_FCOE_FNIC=m
 CONFIG_FCOE=m
 # CONFIG_FDDI is not set
 CONFIG_FEALNX=m
-# CONFIG_FENCE_TRACE is not set
 CONFIG_FHANDLE=y
 # CONFIG_FHCI_DEBUG is not set
 CONFIG_FIREWIRE=m
@@ -1681,10 +1714,12 @@ CONFIG_HOTPLUG=y
 # CONFIG_HSR is not set
 # CONFIG_HSU_DMA is not set
 # CONFIG_HSU_DMA_PCI is not set
+CONFIG_HT16K33=m
 # CONFIG_HTC_EGPIO is not set
 # CONFIG_HTC_I2CPLD is not set
 # CONFIG_HTC_PASIC3 is not set
 CONFIG_HT_IRQ=y
+CONFIG_HTS221=m
 # CONFIG_HTU21 is not set
 CONFIG_HUGETLBFS=y
 CONFIG_HUGETLB_PAGE=y
@@ -1826,6 +1861,9 @@ CONFIG_IIO_BUFFER_CB=y
 CONFIG_IIO_BUFFER=y
 CONFIG_IIO_CONFIGFS=m
 CONFIG_IIO_CONSUMERS_PER_TRIGGER=2
+CONFIG_IIO_CROS_EC_SENSORS_CORE=m
+CONFIG_IIO_CROS_EC_SENSORS_COR=m
+CONFIG_IIO_CROS_EC_SENSORS=m
 # CONFIG_IIO_HRTIMER_TRIGGER is not set
 CONFIG_IIO_INTERRUPT_TRIGGER=m
 # CONFIG_IIO_KFIFO_BUF is not set
@@ -1945,6 +1983,8 @@ CONFIG_INPUT_MPU3050=m
 CONFIG_INPUT_PCF50633_PMU=m
 # CONFIG_INPUT_PCF8574 is not set
 # CONFIG_INPUT_PCSPKR is not set
+CONFIG_INPUT_PM8XXX_VIBRATOR=m
+CONFIG_INPUT_PMIC8XXX_PWRKEY=m
 CONFIG_INPUT_POLLDEV=m
 CONFIG_INPUT_POWERMATE=m
 CONFIG_INPUT_PWM_BEEPER=m
@@ -2291,6 +2331,7 @@ CONFIG_KEYBOARD_ATKBD=y
 # CONFIG_KEYBOARD_NEWTON is not set
 # CONFIG_KEYBOARD_OMAP4 is not set
 # CONFIG_KEYBOARD_OPENCORES is not set
+CONFIG_KEYBOARD_PMIC8XXX=m
 # CONFIG_KEYBOARD_QT1070 is not set
 # CONFIG_KEYBOARD_QT2160 is not set
 # CONFIG_KEYBOARD_SAMSUNG is not set
@@ -2388,6 +2429,7 @@ CONFIG_LEDS_LP3952=m
 CONFIG_LEDS_LT3593=m
 CONFIG_LEDS_MLXCPLD=m
 # CONFIG_LEDS_NET48XX is not set
+CONFIG_LEDS_NIC78BX=m
 # CONFIG_LEDS_OT200 is not set
 # CONFIG_LEDS_PCA9532 is not set
 # CONFIG_LEDS_PCA955X is not set
@@ -2413,6 +2455,7 @@ CONFIG_LEDS_TRIGGER_PANIC=y
 CONFIG_LEDS_TRIGGERS=y
 CONFIG_LEDS_TRIGGER_TIMER=m
 CONFIG_LEDS_TRIGGER_TRANSIENT=m
+CONFIG_LEDS_USER=m
 CONFIG_LEDS_WM831X_STATUS=m
 CONFIG_LEDS_WM8350=m
 CONFIG_LED_TRIGGER_PHY=y
@@ -2452,10 +2495,12 @@ CONFIG_LITELINK_DONGLE=m
 # CONFIG_LKDTM is not set
 # CONFIG_LLC2 is not set
 CONFIG_LLC=m
+CONFIG_LMP91000=m
 # CONFIG_LNET is not set
 CONFIG_LOCALVERSION=""
 # CONFIG_LOCALVERSION_AUTO is not set
 CONFIG_LOCKD=m
+# CONFIG_LOCK_DOWN_KERNEL is not set
 CONFIG_LOCKD_V4=y
 CONFIG_LOCK_STAT=y
 CONFIG_LOCK_TORTURE_TEST=m
@@ -2643,6 +2688,7 @@ CONFIG_MFD_CORE=m
 # CONFIG_MFD_MT6397 is not set
 # CONFIG_MFD_PALMAS is not set
 # CONFIG_MFD_PCF50633 is not set
+CONFIG_MFD_PM8XXX=m
 # CONFIG_MFD_RDC321X is not set
 # CONFIG_MFD_RETU is not set
 # CONFIG_MFD_RK808 is not set
@@ -2741,6 +2787,7 @@ CONFIG_MMC_REALTEK_PCI=m
 CONFIG_MMC_REALTEK_USB=m
 CONFIG_MMC_RICOH_MMC=y
 CONFIG_MMC_SDHCI_ACPI=m
+CONFIG_MMC_SDHCI_CADENCE=m
 # CONFIG_MMC_SDHCI_F_SDH30 is not set
 CONFIG_MMC_SDHCI=m
 # CONFIG_MMC_SDHCI_OF_ARASAN is not set
@@ -2806,12 +2853,14 @@ CONFIG_MOVABLE_NODE=y
 # CONFIG_MPL3115 is not set
 CONFIG_MPLS_IPTUNNEL=m
 CONFIG_MPLS_ROUTING=m
+# CONFIG_MPU3050_I2C is not set
 # CONFIG_MS5611 is not set
 # CONFIG_MS5637 is not set
 # CONFIG_MS_BLOCK is not set
 CONFIG_MSDOS_FS=m
 CONFIG_MSDOS_PARTITION=y
 CONFIG_MSI_BITMAP_SELFTEST=y
+# CONFIG_MSM_GCC_8994 is not set
 CONFIG_MSPRO_BLOCK=m
 CONFIG_MT7601U=m
 # CONFIG_MTD_ABSENT is not set
@@ -3384,8 +3433,11 @@ CONFIG_NTP_PPS=y
 CONFIG_NUMA_BALANCING_DEFAULT_ENABLED=y
 CONFIG_NUMA_BALANCING=y
 CONFIG_NUMA=y
+CONFIG_NVME_FC=m
 # CONFIG_NVMEM is not set
 CONFIG_NVME_RDMA=m
+CONFIG_NVME_TARGET_FCLOOP=m
+CONFIG_NVME_TARGET_FC=m
 CONFIG_NVME_TARGET_LOOP=m
 CONFIG_NVME_TARGET=m
 CONFIG_NVME_TARGET_RDMA=m
@@ -3549,6 +3601,8 @@ CONFIG_PHYLIB=y
 CONFIG_PID_NS=y
 # CONFIG_PINCONF is not set
 # CONFIG_PINCTRL is not set
+CONFIG_PINCTRL_MSM8994=m
+# CONFIG_PINCTRL_SX150X is not set
 # CONFIG_PINMUX is not set
 CONFIG_PKCS7_MESSAGE_PARSER=y
 # CONFIG_PKCS7_TEST_KEY is not set
@@ -3678,6 +3732,9 @@ CONFIG_PTP_1588_CLOCK_PCH=m
 CONFIG_PWM=y
 # CONFIG_PWRSEQ_EMMC is not set
 # CONFIG_PWRSEQ_SIMPLE is not set
+CONFIG_QCOM_ADSP_PIL=m
+# CONFIG_QCOM_CLK_RPM is not set
+# CONFIG_QCOM_CLK_SMD_RPM is not set
 # CONFIG_QCOM_EBI2 is not set
 # CONFIG_QCOM_HIDMA is not set
 # CONFIG_QCOM_HIDMA_MGMT is not set
@@ -3781,6 +3838,7 @@ CONFIG_REISERFS_FS_XATTR=y
 CONFIG_REISERFS_PROC_INFO=y
 CONFIG_RELAY=y
 CONFIG_RELOCATABLE=y
+CONFIG_REMOTEPROC=m
 # CONFIG_RFD_FTL is not set
 CONFIG_RFKILL_GPIO=m
 CONFIG_RFKILL_INPUT=y
@@ -3884,6 +3942,7 @@ CONFIG_RTC_DRV_PCF85063=m
 CONFIG_RTC_DRV_PCF8523=m
 CONFIG_RTC_DRV_PCF8563=m
 CONFIG_RTC_DRV_PCF8583=m
+CONFIG_RTC_DRV_PM8XXX=m
 CONFIG_RTC_DRV_R9701=m
 CONFIG_RTC_DRV_RP5C01=m
 CONFIG_RTC_DRV_RS5C348=m
@@ -3981,6 +4040,7 @@ CONFIG_SCHED_SMT=y
 CONFIG_SCHEDSTATS=y
 CONFIG_SCHED_TRACER=y
 CONFIG_SCOM_DEBUGFS=y
+# CONFIG_SCR24X is not set
 CONFIG_SCSI_3W_9XXX=m
 CONFIG_SCSI_3W_SAS=m
 CONFIG_SCSI_AACRAID=m
@@ -4242,10 +4302,12 @@ CONFIG_SENSORS_SIS5595=m
 CONFIG_SENSORS_SMSC47B397=m
 CONFIG_SENSORS_SMSC47M192=m
 CONFIG_SENSORS_SMSC47M1=m
+CONFIG_SENSORS_TC654=m
 CONFIG_SENSORS_TC74=m
 CONFIG_SENSORS_THMC50=m
 CONFIG_SENSORS_TMP102=m
 CONFIG_SENSORS_TMP103=m
+CONFIG_SENSORS_TMP108=m
 CONFIG_SENSORS_TMP401=m
 CONFIG_SENSORS_TMP421=m
 CONFIG_SENSORS_TPS40422=m
@@ -4654,11 +4716,13 @@ CONFIG_SPARSEMEM_VMEMMAP=y
 CONFIG_SPARSE_RCU_POINTER=y
 # CONFIG_SPEAKUP is not set
 # CONFIG_SPI_ALTERA is not set
+CONFIG_SPI_ARMADA_3700=m
 # CONFIG_SPI_AXI_SPI_ENGINE is not set
 # CONFIG_SPI_BITBANG is not set
 # CONFIG_SPI_BUTTERFLY is not set
 # CONFIG_SPI_DEBUG is not set
 # CONFIG_SPI_DESIGNWARE is not set
+CONFIG_SPI_FSL_LPSPI=m
 # CONFIG_SPI_FSL_SPI is not set
 # CONFIG_SPI_GPIO is not set
 # CONFIG_SPI is not set
@@ -4713,6 +4777,7 @@ CONFIG_STMMAC_ETH=m
 CONFIG_STRICT_DEVMEM=y
 CONFIG_STRIP_ASM_SYMS=y
 # CONFIG_STRIP is not set
+# CONFIG_SUN50I_A64_CCU is not set
 # CONFIG_SUN6I_A31_CCU is not set
 # CONFIG_SUN8I_A23_CCU is not set
 # CONFIG_SUN8I_A33_CCU is not set
@@ -4809,6 +4874,7 @@ CONFIG_TEHUTI=m
 CONFIG_TEKRAM_DONGLE=m
 CONFIG_TELCLOCK=m
 CONFIG_TERANETICS_PHY=m
+CONFIG_TEST_ASYNC_DRIVER_PROBE=m
 # CONFIG_TEST_BITMAP is not set
 # CONFIG_TEST_BPF is not set
 # CONFIG_TEST_FIRMWARE is not set
@@ -4979,6 +5045,7 @@ CONFIG_UHID=m
 CONFIG_UIO_AEC=m
 CONFIG_UIO_CIF=m
 # CONFIG_UIO_DMEM_GENIRQ is not set
+CONFIG_UIO_HV_GENERIC=m
 CONFIG_UIO=m
 # CONFIG_UIO_MF624 is not set
 # CONFIG_UIO_NETX is not set
@@ -5197,6 +5264,7 @@ CONFIG_USB_SERIAL_EDGEPORT=m
 CONFIG_USB_SERIAL_EDGEPORT_TI=m
 CONFIG_USB_SERIAL_EMPEG=m
 # CONFIG_USB_SERIAL_F81232 is not set
+CONFIG_USB_SERIAL_F8153X=m
 CONFIG_USB_SERIAL_FTDI_SIO=m
 CONFIG_USB_SERIAL_GARMIN=m
 CONFIG_USB_SERIAL_GENERIC=y
@@ -5324,6 +5392,8 @@ CONFIG_VETH=m
 CONFIG_VFAT_FS=m
 CONFIG_VFIO_IOMMU_TYPE1=m
 CONFIG_VFIO=m
+CONFIG_VFIO_MDEV_DEVICE=m
+CONFIG_VFIO_MDEV=m
 # CONFIG_VFIO_NOIOMMU is not set
 CONFIG_VFIO_PCI=m
 CONFIG_VGA_ARB_MAX_GPUS=16
diff --git a/kernel-ppc64.config b/kernel-ppc64.config
index f9ebd9c53..a02297ca1 100644
--- a/kernel-ppc64.config
+++ b/kernel-ppc64.config
@@ -33,6 +33,7 @@ CONFIG_9P_FS_SECURITY=y
 CONFIG_A11Y_BRAILLE_CONSOLE=y
 # CONFIG_AB3100_CORE is not set
 # CONFIG_AB3100_OTP is not set
+CONFIG_ABP060MG=m
 # CONFIG_ABX500_CORE is not set
 CONFIG_ACCESSIBILITY=y
 CONFIG_ACENIC=m
@@ -77,6 +78,7 @@ CONFIG_ACTISYS_DONGLE=m
 # CONFIG_AD7476 is not set
 # CONFIG_AD7606 is not set
 # CONFIG_AD7746 is not set
+CONFIG_AD7766=m
 # CONFIG_AD7780 is not set
 # CONFIG_AD7791 is not set
 # CONFIG_AD7793 is not set
@@ -185,6 +187,7 @@ CONFIG_AR5523=m
 CONFIG_ARC_EMAC=m
 # CONFIG_ARCNET is not set
 # CONFIG_ARM64_PTDUMP is not set
+# CONFIG_ARM64_SW_TTBR0_PAN is not set
 # CONFIG_ARM_ARCH_TIMER_EVTSTREAM is not set
 # CONFIG_ARM_SCPI_PROTOCOL is not set
 # CONFIG_AS3935 is not set
@@ -352,6 +355,7 @@ CONFIG_BAYCOM_SER_HDX=m
 # CONFIG_BCACHE_CLOSURES_DEBUG is not set
 # CONFIG_BCACHE_DEBUG is not set
 CONFIG_BCACHE=m
+# CONFIG_BCM2835_VCHIQ is not set
 CONFIG_BCM63XX_PHY=m
 # CONFIG_BCM7038_WDT is not set
 CONFIG_BCM7XXX_PHY=m
@@ -459,6 +463,10 @@ CONFIG_BLK_DEV_THROTTLING=y
 CONFIG_BLK_DEV_UMEM=m
 # CONFIG_BLK_DEV_VIA82CXXX is not set
 CONFIG_BLK_DEV=y
+CONFIG_BLK_DEV_ZONED=y
+CONFIG_BLK_WBT_MQ=y
+# CONFIG_BLK_WBT_SQ is not set
+CONFIG_BLK_WBT=y
 # CONFIG_BMA180 is not set
 # CONFIG_BMA220 is not set
 CONFIG_BMC150_ACCEL=m
@@ -737,7 +745,16 @@ CONFIG_CODA_FS=m
 # CONFIG_COMMON_CLK_CDCE706 is not set
 # CONFIG_COMMON_CLK_CDCE925 is not set
 # CONFIG_COMMON_CLK_CS2000_CP is not set
+# CONFIG_COMMON_CLK_HI3516CV300 is not set
 # CONFIG_COMMON_CLK_HI3519 is not set
+# CONFIG_COMMON_CLK_HI3798CV200 is not set
+# CONFIG_COMMON_CLK_MT2701_BDPSYS is not set
+# CONFIG_COMMON_CLK_MT2701_ETHSYS is not set
+# CONFIG_COMMON_CLK_MT2701_HIFSYS is not set
+# CONFIG_COMMON_CLK_MT2701_IMGSYS is not set
+# CONFIG_COMMON_CLK_MT2701 is not set
+# CONFIG_COMMON_CLK_MT2701_MMSYS is not set
+# CONFIG_COMMON_CLK_MT2701_VDECSYS is not set
 # CONFIG_COMMON_CLK_MT8135 is not set
 # CONFIG_COMMON_CLK_MT8173 is not set
 # CONFIG_COMMON_CLK_OXNAS is not set
@@ -895,6 +912,8 @@ CONFIG_CXLFLASH=m
 CONFIG_CXL=m
 CONFIG_CYCLADES=m
 # CONFIG_CYZ_INTR is not set
+CONFIG_DA280=m
+CONFIG_DA311=m
 CONFIG_DAVICOM_PHY=m
 CONFIG_DCB=y
 # CONFIG_DDR is not set
@@ -989,8 +1008,10 @@ CONFIG_DM9102=m
 # CONFIG_DMADEVICES_DEBUG is not set
 CONFIG_DMADEVICES=y
 CONFIG_DMA_ENGINE=y
+# CONFIG_DMA_FENCE_TRACE is not set
 # CONFIG_DMARD06 is not set
 # CONFIG_DMARD09 is not set
+CONFIG_DMARD10=m
 # CONFIG_DMATEST is not set
 CONFIG_DM_CACHE_CLEANER=m
 CONFIG_DM_CACHE=m
@@ -1024,6 +1045,7 @@ CONFIG_DP83640_PHY=m
 CONFIG_DP83848_PHY=m
 CONFIG_DP83867_PHY=m
 # CONFIG_DPM_WATCHDOG is not set # revisit this in debug
+CONFIG_DPOT_DAC=m
 CONFIG_DRAGONRISE_FF=y
 # CONFIG_DRBD_FAULT_INJECTION is not set
 CONFIG_DRM_AMD_ACP=y
@@ -1040,16 +1062,22 @@ CONFIG_DRM_BOCHS=m
 CONFIG_DRM_CIRRUS_QEMU=m # do not enable on f17 or older
 CONFIG_DRM_DP_AUX_CHARDEV=y
 # CONFIG_DRM_DUMB_VGA_DAC is not set
+CONFIG_DRM_DW_HDMI_I2S_AUDIO=m
 CONFIG_DRM_FBDEV_EMULATION=y
+CONFIG_DRM_HISI_HIBMC=m
+CONFIG_DRM_I2C_ADV7511_AUDIO=y
 CONFIG_DRM_I2C_ADV7511=m
 # CONFIG_DRM_I2C_ADV7533 is not set
 CONFIG_DRM_I2C_CH7006=m
 CONFIG_DRM_I2C_NXP_TDA998X=m
 CONFIG_DRM_I2C_SIL164=m
 # CONFIG_DRM_I810 is not set
+# CONFIG_DRM_I915_ALPHA_SUPPORT is not set
+CONFIG_DRM_I915_CAPTURE_ERROR=y
+CONFIG_DRM_I915_COMPRESS_ERROR=y
+CONFIG_DRM_I915_GVT_KVMGT=m
 CONFIG_DRM_I915_GVT=y
 CONFIG_DRM_I915=m
-# CONFIG_DRM_I915_PRELIMINARY_HW_SUPPORT is not set
 CONFIG_DRM_I915_USERPTR=y
 # CONFIG_DRM_LEGACY is not set
 CONFIG_DRM_LOAD_EDID_FIRMWARE=y
@@ -1057,6 +1085,7 @@ CONFIG_DRM=m
 # CONFIG_DRM_MALI_DISPLAY is not set
 CONFIG_DRM_MGAG200=m # do not enable on f17 or older
 # CONFIG_DRM_MGA is not set
+CONFIG_DRM_MXSFB=m
 CONFIG_DRM_NOUVEAU_BACKLIGHT=y
 CONFIG_DRM_NOUVEAU=m
 # CONFIG_DRM_NXP_PTN3460 is not set
@@ -1071,8 +1100,10 @@ CONFIG_DRM_RADEON=m
 CONFIG_DRM_RADEON_USERPTR=y
 # CONFIG_DRM_SAVAGE is not set
 # CONFIG_DRM_SII902X is not set
+CONFIG_DRM_SIL_SII8620=m
 # CONFIG_DRM_SIS is not set
 # CONFIG_DRM_TDFX is not set
+CONFIG_DRM_TI_TFP410=m
 # CONFIG_DRM_TOSHIBA_TC358767 is not set
 CONFIG_DRM_UDL=m
 CONFIG_DRM_VGEM=m
@@ -1195,8 +1226,10 @@ CONFIG_EEPROM_AT24=m
 # CONFIG_EEPROM_AT25 is not set
 CONFIG_EEPROM_LEGACY=m
 CONFIG_EEPROM_MAX6875=m
+# CONFIG_EFI_ALLOW_SECURE_BOOT_EXIT is not set
 CONFIG_EFI_PARTITION=y
 # CONFIG_EFI_PGT_DUMP is not set
+# CONFIG_EFI_SECURE_BOOT_LOCK_DOWN is not set
 # CONFIG_EFI_SIGNATURE_LIST_PARSER is not set
 # CONFIG_EFI_TEST is not set
 # CONFIG_EFS_FS is not set
@@ -1209,6 +1242,7 @@ CONFIG_ENABLE_MUST_CHECK=y
 CONFIG_ENCLOSURE_SERVICES=m
 CONFIG_ENCRYPTED_KEYS=m
 CONFIG_ENIC=m
+CONFIG_ENVELOPE_DETECTOR=m
 CONFIG_EPIC100=m
 CONFIG_EPOLL=y
 CONFIG_EQUALIZER=m
@@ -1353,7 +1387,6 @@ CONFIG_FCOE_FNIC=m
 CONFIG_FCOE=m
 # CONFIG_FDDI is not set
 CONFIG_FEALNX=m
-# CONFIG_FENCE_TRACE is not set
 CONFIG_FHANDLE=y
 # CONFIG_FHCI_DEBUG is not set
 CONFIG_FIREWIRE=m
@@ -1664,10 +1697,12 @@ CONFIG_HOTPLUG=y
 # CONFIG_HSR is not set
 # CONFIG_HSU_DMA is not set
 # CONFIG_HSU_DMA_PCI is not set
+CONFIG_HT16K33=m
 # CONFIG_HTC_EGPIO is not set
 # CONFIG_HTC_I2CPLD is not set
 # CONFIG_HTC_PASIC3 is not set
 CONFIG_HT_IRQ=y
+CONFIG_HTS221=m
 # CONFIG_HTU21 is not set
 CONFIG_HUGETLBFS=y
 CONFIG_HUGETLB_PAGE=y
@@ -1809,6 +1844,9 @@ CONFIG_IIO_BUFFER_CB=y
 CONFIG_IIO_BUFFER=y
 CONFIG_IIO_CONFIGFS=m
 CONFIG_IIO_CONSUMERS_PER_TRIGGER=2
+CONFIG_IIO_CROS_EC_SENSORS_CORE=m
+CONFIG_IIO_CROS_EC_SENSORS_COR=m
+CONFIG_IIO_CROS_EC_SENSORS=m
 # CONFIG_IIO_HRTIMER_TRIGGER is not set
 CONFIG_IIO_INTERRUPT_TRIGGER=m
 # CONFIG_IIO_KFIFO_BUF is not set
@@ -1928,6 +1966,8 @@ CONFIG_INPUT_MPU3050=m
 CONFIG_INPUT_PCF50633_PMU=m
 # CONFIG_INPUT_PCF8574 is not set
 # CONFIG_INPUT_PCSPKR is not set
+CONFIG_INPUT_PM8XXX_VIBRATOR=m
+CONFIG_INPUT_PMIC8XXX_PWRKEY=m
 CONFIG_INPUT_POLLDEV=m
 CONFIG_INPUT_POWERMATE=m
 CONFIG_INPUT_PWM_BEEPER=m
@@ -2272,6 +2312,7 @@ CONFIG_KEYBOARD_ATKBD=y
 # CONFIG_KEYBOARD_NEWTON is not set
 # CONFIG_KEYBOARD_OMAP4 is not set
 # CONFIG_KEYBOARD_OPENCORES is not set
+CONFIG_KEYBOARD_PMIC8XXX=m
 # CONFIG_KEYBOARD_QT1070 is not set
 # CONFIG_KEYBOARD_QT2160 is not set
 # CONFIG_KEYBOARD_SAMSUNG is not set
@@ -2369,6 +2410,7 @@ CONFIG_LEDS_LP3952=m
 CONFIG_LEDS_LT3593=m
 CONFIG_LEDS_MLXCPLD=m
 # CONFIG_LEDS_NET48XX is not set
+CONFIG_LEDS_NIC78BX=m
 # CONFIG_LEDS_OT200 is not set
 # CONFIG_LEDS_PCA9532 is not set
 # CONFIG_LEDS_PCA955X is not set
@@ -2394,6 +2436,7 @@ CONFIG_LEDS_TRIGGER_PANIC=y
 CONFIG_LEDS_TRIGGERS=y
 CONFIG_LEDS_TRIGGER_TIMER=m
 CONFIG_LEDS_TRIGGER_TRANSIENT=m
+CONFIG_LEDS_USER=m
 CONFIG_LEDS_WM831X_STATUS=m
 CONFIG_LEDS_WM8350=m
 CONFIG_LED_TRIGGER_PHY=y
@@ -2433,10 +2476,12 @@ CONFIG_LITELINK_DONGLE=m
 # CONFIG_LKDTM is not set
 # CONFIG_LLC2 is not set
 CONFIG_LLC=m
+CONFIG_LMP91000=m
 # CONFIG_LNET is not set
 CONFIG_LOCALVERSION=""
 # CONFIG_LOCALVERSION_AUTO is not set
 CONFIG_LOCKD=m
+# CONFIG_LOCK_DOWN_KERNEL is not set
 CONFIG_LOCKD_V4=y
 # CONFIG_LOCK_STAT is not set
 # CONFIG_LOCK_TORTURE_TEST is not set
@@ -2623,6 +2668,7 @@ CONFIG_MFD_CORE=m
 # CONFIG_MFD_MT6397 is not set
 # CONFIG_MFD_PALMAS is not set
 # CONFIG_MFD_PCF50633 is not set
+CONFIG_MFD_PM8XXX=m
 # CONFIG_MFD_RDC321X is not set
 # CONFIG_MFD_RETU is not set
 # CONFIG_MFD_RK808 is not set
@@ -2721,6 +2767,7 @@ CONFIG_MMC_REALTEK_PCI=m
 CONFIG_MMC_REALTEK_USB=m
 CONFIG_MMC_RICOH_MMC=y
 CONFIG_MMC_SDHCI_ACPI=m
+CONFIG_MMC_SDHCI_CADENCE=m
 # CONFIG_MMC_SDHCI_F_SDH30 is not set
 CONFIG_MMC_SDHCI=m
 # CONFIG_MMC_SDHCI_OF_ARASAN is not set
@@ -2785,12 +2832,14 @@ CONFIG_MOVABLE_NODE=y
 # CONFIG_MPL3115 is not set
 CONFIG_MPLS_IPTUNNEL=m
 CONFIG_MPLS_ROUTING=m
+# CONFIG_MPU3050_I2C is not set
 # CONFIG_MS5611 is not set
 # CONFIG_MS5637 is not set
 # CONFIG_MS_BLOCK is not set
 CONFIG_MSDOS_FS=m
 CONFIG_MSDOS_PARTITION=y
 CONFIG_MSI_BITMAP_SELFTEST=y
+# CONFIG_MSM_GCC_8994 is not set
 CONFIG_MSPRO_BLOCK=m
 CONFIG_MT7601U=m
 # CONFIG_MTD_ABSENT is not set
@@ -3363,8 +3412,11 @@ CONFIG_NTP_PPS=y
 CONFIG_NUMA_BALANCING_DEFAULT_ENABLED=y
 CONFIG_NUMA_BALANCING=y
 CONFIG_NUMA=y
+CONFIG_NVME_FC=m
 # CONFIG_NVMEM is not set
 CONFIG_NVME_RDMA=m
+CONFIG_NVME_TARGET_FCLOOP=m
+CONFIG_NVME_TARGET_FC=m
 CONFIG_NVME_TARGET_LOOP=m
 CONFIG_NVME_TARGET=m
 CONFIG_NVME_TARGET_RDMA=m
@@ -3528,6 +3580,8 @@ CONFIG_PHYLIB=y
 CONFIG_PID_NS=y
 # CONFIG_PINCONF is not set
 # CONFIG_PINCTRL is not set
+CONFIG_PINCTRL_MSM8994=m
+# CONFIG_PINCTRL_SX150X is not set
 # CONFIG_PINMUX is not set
 CONFIG_PKCS7_MESSAGE_PARSER=y
 # CONFIG_PKCS7_TEST_KEY is not set
@@ -3656,6 +3710,9 @@ CONFIG_PTP_1588_CLOCK_PCH=m
 CONFIG_PWM=y
 # CONFIG_PWRSEQ_EMMC is not set
 # CONFIG_PWRSEQ_SIMPLE is not set
+CONFIG_QCOM_ADSP_PIL=m
+# CONFIG_QCOM_CLK_RPM is not set
+# CONFIG_QCOM_CLK_SMD_RPM is not set
 # CONFIG_QCOM_EBI2 is not set
 # CONFIG_QCOM_HIDMA is not set
 # CONFIG_QCOM_HIDMA_MGMT is not set
@@ -3759,6 +3816,7 @@ CONFIG_REISERFS_FS_XATTR=y
 CONFIG_REISERFS_PROC_INFO=y
 CONFIG_RELAY=y
 CONFIG_RELOCATABLE=y
+CONFIG_REMOTEPROC=m
 # CONFIG_RFD_FTL is not set
 CONFIG_RFKILL_GPIO=m
 CONFIG_RFKILL_INPUT=y
@@ -3862,6 +3920,7 @@ CONFIG_RTC_DRV_PCF85063=m
 CONFIG_RTC_DRV_PCF8523=m
 CONFIG_RTC_DRV_PCF8563=m
 CONFIG_RTC_DRV_PCF8583=m
+CONFIG_RTC_DRV_PM8XXX=m
 CONFIG_RTC_DRV_R9701=m
 CONFIG_RTC_DRV_RP5C01=m
 CONFIG_RTC_DRV_RS5C348=m
@@ -3959,6 +4018,7 @@ CONFIG_SCHED_SMT=y
 CONFIG_SCHEDSTATS=y
 CONFIG_SCHED_TRACER=y
 CONFIG_SCOM_DEBUGFS=y
+# CONFIG_SCR24X is not set
 CONFIG_SCSI_3W_9XXX=m
 CONFIG_SCSI_3W_SAS=m
 CONFIG_SCSI_AACRAID=m
@@ -4220,10 +4280,12 @@ CONFIG_SENSORS_SIS5595=m
 CONFIG_SENSORS_SMSC47B397=m
 CONFIG_SENSORS_SMSC47M192=m
 CONFIG_SENSORS_SMSC47M1=m
+CONFIG_SENSORS_TC654=m
 CONFIG_SENSORS_TC74=m
 CONFIG_SENSORS_THMC50=m
 CONFIG_SENSORS_TMP102=m
 CONFIG_SENSORS_TMP103=m
+CONFIG_SENSORS_TMP108=m
 CONFIG_SENSORS_TMP401=m
 CONFIG_SENSORS_TMP421=m
 CONFIG_SENSORS_TPS40422=m
@@ -4631,11 +4693,13 @@ CONFIG_SPARSEMEM_VMEMMAP=y
 CONFIG_SPARSE_RCU_POINTER=y
 # CONFIG_SPEAKUP is not set
 # CONFIG_SPI_ALTERA is not set
+CONFIG_SPI_ARMADA_3700=m
 # CONFIG_SPI_AXI_SPI_ENGINE is not set
 # CONFIG_SPI_BITBANG is not set
 # CONFIG_SPI_BUTTERFLY is not set
 # CONFIG_SPI_DEBUG is not set
 # CONFIG_SPI_DESIGNWARE is not set
+CONFIG_SPI_FSL_LPSPI=m
 # CONFIG_SPI_FSL_SPI is not set
 # CONFIG_SPI_GPIO is not set
 # CONFIG_SPI is not set
@@ -4690,6 +4754,7 @@ CONFIG_STMMAC_ETH=m
 CONFIG_STRICT_DEVMEM=y
 CONFIG_STRIP_ASM_SYMS=y
 # CONFIG_STRIP is not set
+# CONFIG_SUN50I_A64_CCU is not set
 # CONFIG_SUN6I_A31_CCU is not set
 # CONFIG_SUN8I_A23_CCU is not set
 # CONFIG_SUN8I_A33_CCU is not set
@@ -4786,6 +4851,7 @@ CONFIG_TEHUTI=m
 CONFIG_TEKRAM_DONGLE=m
 CONFIG_TELCLOCK=m
 CONFIG_TERANETICS_PHY=m
+CONFIG_TEST_ASYNC_DRIVER_PROBE=m
 # CONFIG_TEST_BITMAP is not set
 # CONFIG_TEST_BPF is not set
 # CONFIG_TEST_FIRMWARE is not set
@@ -4956,6 +5022,7 @@ CONFIG_UHID=m
 CONFIG_UIO_AEC=m
 CONFIG_UIO_CIF=m
 # CONFIG_UIO_DMEM_GENIRQ is not set
+CONFIG_UIO_HV_GENERIC=m
 CONFIG_UIO=m
 # CONFIG_UIO_MF624 is not set
 # CONFIG_UIO_NETX is not set
@@ -5174,6 +5241,7 @@ CONFIG_USB_SERIAL_EDGEPORT=m
 CONFIG_USB_SERIAL_EDGEPORT_TI=m
 CONFIG_USB_SERIAL_EMPEG=m
 # CONFIG_USB_SERIAL_F81232 is not set
+CONFIG_USB_SERIAL_F8153X=m
 CONFIG_USB_SERIAL_FTDI_SIO=m
 CONFIG_USB_SERIAL_GARMIN=m
 CONFIG_USB_SERIAL_GENERIC=y
@@ -5301,6 +5369,8 @@ CONFIG_VETH=m
 CONFIG_VFAT_FS=m
 CONFIG_VFIO_IOMMU_TYPE1=m
 CONFIG_VFIO=m
+CONFIG_VFIO_MDEV_DEVICE=m
+CONFIG_VFIO_MDEV=m
 # CONFIG_VFIO_NOIOMMU is not set
 CONFIG_VFIO_PCI=m
 CONFIG_VGA_ARB_MAX_GPUS=16
diff --git a/kernel-ppc64le-debug.config b/kernel-ppc64le-debug.config
index 4504ad0de..0b5789177 100644
--- a/kernel-ppc64le-debug.config
+++ b/kernel-ppc64le-debug.config
@@ -33,6 +33,7 @@ CONFIG_9P_FS_SECURITY=y
 CONFIG_A11Y_BRAILLE_CONSOLE=y
 # CONFIG_AB3100_CORE is not set
 # CONFIG_AB3100_OTP is not set
+CONFIG_ABP060MG=m
 # CONFIG_ABX500_CORE is not set
 CONFIG_ACCESSIBILITY=y
 CONFIG_ACENIC=m
@@ -77,6 +78,7 @@ CONFIG_ACTISYS_DONGLE=m
 # CONFIG_AD7476 is not set
 # CONFIG_AD7606 is not set
 # CONFIG_AD7746 is not set
+CONFIG_AD7766=m
 # CONFIG_AD7780 is not set
 # CONFIG_AD7791 is not set
 # CONFIG_AD7793 is not set
@@ -179,6 +181,7 @@ CONFIG_AR5523=m
 CONFIG_ARC_EMAC=m
 # CONFIG_ARCNET is not set
 CONFIG_ARM64_PTDUMP=y
+# CONFIG_ARM64_SW_TTBR0_PAN is not set
 # CONFIG_ARM_ARCH_TIMER_EVTSTREAM is not set
 # CONFIG_ARM_SCPI_PROTOCOL is not set
 # CONFIG_AS3935 is not set
@@ -346,6 +349,7 @@ CONFIG_BAYCOM_SER_HDX=m
 # CONFIG_BCACHE_CLOSURES_DEBUG is not set
 # CONFIG_BCACHE_DEBUG is not set
 CONFIG_BCACHE=m
+# CONFIG_BCM2835_VCHIQ is not set
 CONFIG_BCM63XX_PHY=m
 # CONFIG_BCM7038_WDT is not set
 CONFIG_BCM7XXX_PHY=m
@@ -416,6 +420,10 @@ CONFIG_BLK_DEV_THROTTLING=y
 # CONFIG_BLK_DEV_UB is not set
 CONFIG_BLK_DEV_UMEM=m
 CONFIG_BLK_DEV=y
+CONFIG_BLK_DEV_ZONED=y
+CONFIG_BLK_WBT_MQ=y
+# CONFIG_BLK_WBT_SQ is not set
+CONFIG_BLK_WBT=y
 # CONFIG_BMA180 is not set
 # CONFIG_BMA220 is not set
 CONFIG_BMC150_ACCEL=m
@@ -694,7 +702,16 @@ CONFIG_CODA_FS=m
 # CONFIG_COMMON_CLK_CDCE706 is not set
 # CONFIG_COMMON_CLK_CDCE925 is not set
 # CONFIG_COMMON_CLK_CS2000_CP is not set
+# CONFIG_COMMON_CLK_HI3516CV300 is not set
 # CONFIG_COMMON_CLK_HI3519 is not set
+# CONFIG_COMMON_CLK_HI3798CV200 is not set
+# CONFIG_COMMON_CLK_MT2701_BDPSYS is not set
+# CONFIG_COMMON_CLK_MT2701_ETHSYS is not set
+# CONFIG_COMMON_CLK_MT2701_HIFSYS is not set
+# CONFIG_COMMON_CLK_MT2701_IMGSYS is not set
+# CONFIG_COMMON_CLK_MT2701 is not set
+# CONFIG_COMMON_CLK_MT2701_MMSYS is not set
+# CONFIG_COMMON_CLK_MT2701_VDECSYS is not set
 # CONFIG_COMMON_CLK_MT8135 is not set
 # CONFIG_COMMON_CLK_MT8173 is not set
 # CONFIG_COMMON_CLK_OXNAS is not set
@@ -851,6 +868,8 @@ CONFIG_CXLFLASH=m
 CONFIG_CXL=m
 CONFIG_CYCLADES=m
 # CONFIG_CYZ_INTR is not set
+CONFIG_DA280=m
+CONFIG_DA311=m
 CONFIG_DAVICOM_PHY=m
 CONFIG_DCB=y
 # CONFIG_DDR is not set
@@ -955,8 +974,10 @@ CONFIG_DMADEVICES_DEBUG=y
 # CONFIG_DMADEVICES_VDEBUG is not set
 CONFIG_DMADEVICES=y
 CONFIG_DMA_ENGINE=y
+# CONFIG_DMA_FENCE_TRACE is not set
 # CONFIG_DMARD06 is not set
 # CONFIG_DMARD09 is not set
+CONFIG_DMARD10=m
 # CONFIG_DMATEST is not set
 CONFIG_DM_CACHE_CLEANER=m
 CONFIG_DM_CACHE=m
@@ -990,6 +1011,7 @@ CONFIG_DP83640_PHY=m
 CONFIG_DP83848_PHY=m
 CONFIG_DP83867_PHY=m
 # CONFIG_DPM_WATCHDOG is not set # revisit this in debug
+CONFIG_DPOT_DAC=m
 CONFIG_DRAGONRISE_FF=y
 CONFIG_DRBD_FAULT_INJECTION=y
 CONFIG_DRM_AMD_ACP=y
@@ -1006,16 +1028,22 @@ CONFIG_DRM_BOCHS=m
 CONFIG_DRM_CIRRUS_QEMU=m # do not enable on f17 or older
 CONFIG_DRM_DP_AUX_CHARDEV=y
 # CONFIG_DRM_DUMB_VGA_DAC is not set
+CONFIG_DRM_DW_HDMI_I2S_AUDIO=m
 CONFIG_DRM_FBDEV_EMULATION=y
+CONFIG_DRM_HISI_HIBMC=m
+CONFIG_DRM_I2C_ADV7511_AUDIO=y
 CONFIG_DRM_I2C_ADV7511=m
 # CONFIG_DRM_I2C_ADV7533 is not set
 CONFIG_DRM_I2C_CH7006=m
 CONFIG_DRM_I2C_NXP_TDA998X=m
 CONFIG_DRM_I2C_SIL164=m
 # CONFIG_DRM_I810 is not set
+# CONFIG_DRM_I915_ALPHA_SUPPORT is not set
+CONFIG_DRM_I915_CAPTURE_ERROR=y
+CONFIG_DRM_I915_COMPRESS_ERROR=y
+CONFIG_DRM_I915_GVT_KVMGT=m
 CONFIG_DRM_I915_GVT=y
 CONFIG_DRM_I915=m
-# CONFIG_DRM_I915_PRELIMINARY_HW_SUPPORT is not set
 CONFIG_DRM_I915_USERPTR=y
 # CONFIG_DRM_LEGACY is not set
 CONFIG_DRM_LOAD_EDID_FIRMWARE=y
@@ -1023,6 +1051,7 @@ CONFIG_DRM=m
 # CONFIG_DRM_MALI_DISPLAY is not set
 CONFIG_DRM_MGAG200=m # do not enable on f17 or older
 # CONFIG_DRM_MGA is not set
+CONFIG_DRM_MXSFB=m
 CONFIG_DRM_NOUVEAU_BACKLIGHT=y
 CONFIG_DRM_NOUVEAU=m
 # CONFIG_DRM_NXP_PTN3460 is not set
@@ -1037,8 +1066,10 @@ CONFIG_DRM_RADEON=m
 CONFIG_DRM_RADEON_USERPTR=y
 # CONFIG_DRM_SAVAGE is not set
 # CONFIG_DRM_SII902X is not set
+CONFIG_DRM_SIL_SII8620=m
 # CONFIG_DRM_SIS is not set
 # CONFIG_DRM_TDFX is not set
+CONFIG_DRM_TI_TFP410=m
 # CONFIG_DRM_TOSHIBA_TC358767 is not set
 CONFIG_DRM_UDL=m
 CONFIG_DRM_VGEM=m
@@ -1159,8 +1190,10 @@ CONFIG_EEPROM_AT24=m
 # CONFIG_EEPROM_AT25 is not set
 CONFIG_EEPROM_LEGACY=m
 CONFIG_EEPROM_MAX6875=m
+# CONFIG_EFI_ALLOW_SECURE_BOOT_EXIT is not set
 CONFIG_EFI_PARTITION=y
 CONFIG_EFI_PGT_DUMP=y
+# CONFIG_EFI_SECURE_BOOT_LOCK_DOWN is not set
 # CONFIG_EFI_SIGNATURE_LIST_PARSER is not set
 # CONFIG_EFI_TEST is not set
 # CONFIG_EFS_FS is not set
@@ -1173,6 +1206,7 @@ CONFIG_ENABLE_MUST_CHECK=y
 CONFIG_ENCLOSURE_SERVICES=m
 CONFIG_ENCRYPTED_KEYS=m
 CONFIG_ENIC=m
+CONFIG_ENVELOPE_DETECTOR=m
 CONFIG_EPIC100=m
 CONFIG_EPOLL=y
 CONFIG_EQUALIZER=m
@@ -1324,7 +1358,6 @@ CONFIG_FCOE_FNIC=m
 CONFIG_FCOE=m
 # CONFIG_FDDI is not set
 CONFIG_FEALNX=m
-# CONFIG_FENCE_TRACE is not set
 CONFIG_FHANDLE=y
 # CONFIG_FHCI_DEBUG is not set
 CONFIG_FIREWIRE=m
@@ -1635,10 +1668,12 @@ CONFIG_HOTPLUG=y
 # CONFIG_HSR is not set
 # CONFIG_HSU_DMA is not set
 # CONFIG_HSU_DMA_PCI is not set
+CONFIG_HT16K33=m
 # CONFIG_HTC_EGPIO is not set
 # CONFIG_HTC_I2CPLD is not set
 # CONFIG_HTC_PASIC3 is not set
 CONFIG_HT_IRQ=y
+CONFIG_HTS221=m
 # CONFIG_HTU21 is not set
 CONFIG_HUGETLBFS=y
 CONFIG_HUGETLB_PAGE=y
@@ -1772,6 +1807,9 @@ CONFIG_IIO_BUFFER_CB=y
 CONFIG_IIO_BUFFER=y
 CONFIG_IIO_CONFIGFS=m
 CONFIG_IIO_CONSUMERS_PER_TRIGGER=2
+CONFIG_IIO_CROS_EC_SENSORS_CORE=m
+CONFIG_IIO_CROS_EC_SENSORS_COR=m
+CONFIG_IIO_CROS_EC_SENSORS=m
 # CONFIG_IIO_HRTIMER_TRIGGER is not set
 CONFIG_IIO_INTERRUPT_TRIGGER=m
 # CONFIG_IIO_KFIFO_BUF is not set
@@ -1891,6 +1929,8 @@ CONFIG_INPUT_MPU3050=m
 CONFIG_INPUT_PCF50633_PMU=m
 # CONFIG_INPUT_PCF8574 is not set
 # CONFIG_INPUT_PCSPKR is not set
+CONFIG_INPUT_PM8XXX_VIBRATOR=m
+CONFIG_INPUT_PMIC8XXX_PWRKEY=m
 CONFIG_INPUT_POLLDEV=m
 CONFIG_INPUT_POWERMATE=m
 CONFIG_INPUT_PWM_BEEPER=m
@@ -2237,6 +2277,7 @@ CONFIG_KEYBOARD_ATKBD=y
 # CONFIG_KEYBOARD_NEWTON is not set
 # CONFIG_KEYBOARD_OMAP4 is not set
 # CONFIG_KEYBOARD_OPENCORES is not set
+CONFIG_KEYBOARD_PMIC8XXX=m
 # CONFIG_KEYBOARD_QT1070 is not set
 # CONFIG_KEYBOARD_QT2160 is not set
 # CONFIG_KEYBOARD_SAMSUNG is not set
@@ -2334,6 +2375,7 @@ CONFIG_LEDS_LP3952=m
 CONFIG_LEDS_LT3593=m
 CONFIG_LEDS_MLXCPLD=m
 # CONFIG_LEDS_NET48XX is not set
+CONFIG_LEDS_NIC78BX=m
 # CONFIG_LEDS_OT200 is not set
 # CONFIG_LEDS_PCA9532 is not set
 # CONFIG_LEDS_PCA955X is not set
@@ -2359,6 +2401,7 @@ CONFIG_LEDS_TRIGGER_PANIC=y
 CONFIG_LEDS_TRIGGERS=y
 CONFIG_LEDS_TRIGGER_TIMER=m
 CONFIG_LEDS_TRIGGER_TRANSIENT=m
+CONFIG_LEDS_USER=m
 CONFIG_LEDS_WM831X_STATUS=m
 CONFIG_LEDS_WM8350=m
 CONFIG_LED_TRIGGER_PHY=y
@@ -2398,10 +2441,12 @@ CONFIG_LITELINK_DONGLE=m
 # CONFIG_LKDTM is not set
 # CONFIG_LLC2 is not set
 CONFIG_LLC=m
+CONFIG_LMP91000=m
 # CONFIG_LNET is not set
 CONFIG_LOCALVERSION=""
 # CONFIG_LOCALVERSION_AUTO is not set
 CONFIG_LOCKD=m
+# CONFIG_LOCK_DOWN_KERNEL is not set
 CONFIG_LOCKD_V4=y
 CONFIG_LOCK_STAT=y
 CONFIG_LOCK_TORTURE_TEST=m
@@ -2589,6 +2634,7 @@ CONFIG_MFD_CORE=m
 # CONFIG_MFD_MT6397 is not set
 # CONFIG_MFD_PALMAS is not set
 # CONFIG_MFD_PCF50633 is not set
+CONFIG_MFD_PM8XXX=m
 # CONFIG_MFD_RDC321X is not set
 # CONFIG_MFD_RETU is not set
 # CONFIG_MFD_RK808 is not set
@@ -2687,6 +2733,7 @@ CONFIG_MMC_REALTEK_PCI=m
 CONFIG_MMC_REALTEK_USB=m
 CONFIG_MMC_RICOH_MMC=y
 CONFIG_MMC_SDHCI_ACPI=m
+CONFIG_MMC_SDHCI_CADENCE=m
 # CONFIG_MMC_SDHCI_F_SDH30 is not set
 CONFIG_MMC_SDHCI=m
 # CONFIG_MMC_SDHCI_OF_ARASAN is not set
@@ -2751,12 +2798,14 @@ CONFIG_MOVABLE_NODE=y
 # CONFIG_MPL3115 is not set
 CONFIG_MPLS_IPTUNNEL=m
 CONFIG_MPLS_ROUTING=m
+# CONFIG_MPU3050_I2C is not set
 # CONFIG_MS5611 is not set
 # CONFIG_MS5637 is not set
 # CONFIG_MS_BLOCK is not set
 CONFIG_MSDOS_FS=m
 CONFIG_MSDOS_PARTITION=y
 CONFIG_MSI_BITMAP_SELFTEST=y
+# CONFIG_MSM_GCC_8994 is not set
 CONFIG_MSPRO_BLOCK=m
 CONFIG_MT7601U=m
 # CONFIG_MTD_ABSENT is not set
@@ -3329,8 +3378,11 @@ CONFIG_NTP_PPS=y
 CONFIG_NUMA_BALANCING_DEFAULT_ENABLED=y
 CONFIG_NUMA_BALANCING=y
 CONFIG_NUMA=y
+CONFIG_NVME_FC=m
 # CONFIG_NVMEM is not set
 CONFIG_NVME_RDMA=m
+CONFIG_NVME_TARGET_FCLOOP=m
+CONFIG_NVME_TARGET_FC=m
 CONFIG_NVME_TARGET_LOOP=m
 CONFIG_NVME_TARGET=m
 CONFIG_NVME_TARGET_RDMA=m
@@ -3492,6 +3544,8 @@ CONFIG_PHYLIB=y
 CONFIG_PID_NS=y
 # CONFIG_PINCONF is not set
 # CONFIG_PINCTRL is not set
+CONFIG_PINCTRL_MSM8994=m
+# CONFIG_PINCTRL_SX150X is not set
 # CONFIG_PINMUX is not set
 CONFIG_PKCS7_MESSAGE_PARSER=y
 # CONFIG_PKCS7_TEST_KEY is not set
@@ -3618,6 +3672,9 @@ CONFIG_PTP_1588_CLOCK_PCH=m
 CONFIG_PWM=y
 # CONFIG_PWRSEQ_EMMC is not set
 # CONFIG_PWRSEQ_SIMPLE is not set
+CONFIG_QCOM_ADSP_PIL=m
+# CONFIG_QCOM_CLK_RPM is not set
+# CONFIG_QCOM_CLK_SMD_RPM is not set
 # CONFIG_QCOM_EBI2 is not set
 # CONFIG_QCOM_HIDMA is not set
 # CONFIG_QCOM_HIDMA_MGMT is not set
@@ -3721,6 +3778,7 @@ CONFIG_REISERFS_FS_XATTR=y
 CONFIG_REISERFS_PROC_INFO=y
 CONFIG_RELAY=y
 CONFIG_RELOCATABLE=y
+CONFIG_REMOTEPROC=m
 # CONFIG_RFD_FTL is not set
 CONFIG_RFKILL_GPIO=m
 CONFIG_RFKILL_INPUT=y
@@ -3824,6 +3882,7 @@ CONFIG_RTC_DRV_PCF85063=m
 CONFIG_RTC_DRV_PCF8523=m
 CONFIG_RTC_DRV_PCF8563=m
 CONFIG_RTC_DRV_PCF8583=m
+CONFIG_RTC_DRV_PM8XXX=m
 CONFIG_RTC_DRV_R9701=m
 CONFIG_RTC_DRV_RP5C01=m
 CONFIG_RTC_DRV_RS5C348=m
@@ -3921,6 +3980,7 @@ CONFIG_SCHED_SMT=y
 CONFIG_SCHEDSTATS=y
 CONFIG_SCHED_TRACER=y
 CONFIG_SCOM_DEBUGFS=y
+# CONFIG_SCR24X is not set
 CONFIG_SCSI_3W_9XXX=m
 CONFIG_SCSI_3W_SAS=m
 CONFIG_SCSI_AACRAID=m
@@ -4182,10 +4242,12 @@ CONFIG_SENSORS_SIS5595=m
 CONFIG_SENSORS_SMSC47B397=m
 CONFIG_SENSORS_SMSC47M192=m
 CONFIG_SENSORS_SMSC47M1=m
+CONFIG_SENSORS_TC654=m
 CONFIG_SENSORS_TC74=m
 CONFIG_SENSORS_THMC50=m
 CONFIG_SENSORS_TMP102=m
 CONFIG_SENSORS_TMP103=m
+CONFIG_SENSORS_TMP108=m
 CONFIG_SENSORS_TMP401=m
 CONFIG_SENSORS_TMP421=m
 CONFIG_SENSORS_TPS40422=m
@@ -4583,11 +4645,13 @@ CONFIG_SPARSEMEM_VMEMMAP=y
 CONFIG_SPARSE_RCU_POINTER=y
 # CONFIG_SPEAKUP is not set
 # CONFIG_SPI_ALTERA is not set
+CONFIG_SPI_ARMADA_3700=m
 # CONFIG_SPI_AXI_SPI_ENGINE is not set
 # CONFIG_SPI_BITBANG is not set
 # CONFIG_SPI_BUTTERFLY is not set
 # CONFIG_SPI_DEBUG is not set
 # CONFIG_SPI_DESIGNWARE is not set
+CONFIG_SPI_FSL_LPSPI=m
 # CONFIG_SPI_FSL_SPI is not set
 # CONFIG_SPI_GPIO is not set
 # CONFIG_SPI is not set
@@ -4642,6 +4706,7 @@ CONFIG_STMMAC_ETH=m
 CONFIG_STRICT_DEVMEM=y
 CONFIG_STRIP_ASM_SYMS=y
 # CONFIG_STRIP is not set
+# CONFIG_SUN50I_A64_CCU is not set
 # CONFIG_SUN6I_A31_CCU is not set
 # CONFIG_SUN8I_A23_CCU is not set
 # CONFIG_SUN8I_A33_CCU is not set
@@ -4738,6 +4803,7 @@ CONFIG_TEHUTI=m
 CONFIG_TEKRAM_DONGLE=m
 CONFIG_TELCLOCK=m
 CONFIG_TERANETICS_PHY=m
+CONFIG_TEST_ASYNC_DRIVER_PROBE=m
 # CONFIG_TEST_BITMAP is not set
 # CONFIG_TEST_BPF is not set
 # CONFIG_TEST_FIRMWARE is not set
@@ -4908,6 +4974,7 @@ CONFIG_UHID=m
 CONFIG_UIO_AEC=m
 CONFIG_UIO_CIF=m
 # CONFIG_UIO_DMEM_GENIRQ is not set
+CONFIG_UIO_HV_GENERIC=m
 CONFIG_UIO=m
 # CONFIG_UIO_MF624 is not set
 # CONFIG_UIO_NETX is not set
@@ -5126,6 +5193,7 @@ CONFIG_USB_SERIAL_EDGEPORT=m
 CONFIG_USB_SERIAL_EDGEPORT_TI=m
 CONFIG_USB_SERIAL_EMPEG=m
 # CONFIG_USB_SERIAL_F81232 is not set
+CONFIG_USB_SERIAL_F8153X=m
 CONFIG_USB_SERIAL_FTDI_SIO=m
 CONFIG_USB_SERIAL_GARMIN=m
 CONFIG_USB_SERIAL_GENERIC=y
@@ -5253,6 +5321,8 @@ CONFIG_VETH=m
 CONFIG_VFAT_FS=m
 CONFIG_VFIO_IOMMU_TYPE1=m
 CONFIG_VFIO=m
+CONFIG_VFIO_MDEV_DEVICE=m
+CONFIG_VFIO_MDEV=m
 # CONFIG_VFIO_NOIOMMU is not set
 CONFIG_VFIO_PCI=m
 CONFIG_VGA_ARB_MAX_GPUS=16
diff --git a/kernel-ppc64le.config b/kernel-ppc64le.config
index 9d44c10e8..bbb0ee3e8 100644
--- a/kernel-ppc64le.config
+++ b/kernel-ppc64le.config
@@ -33,6 +33,7 @@ CONFIG_9P_FS_SECURITY=y
 CONFIG_A11Y_BRAILLE_CONSOLE=y
 # CONFIG_AB3100_CORE is not set
 # CONFIG_AB3100_OTP is not set
+CONFIG_ABP060MG=m
 # CONFIG_ABX500_CORE is not set
 CONFIG_ACCESSIBILITY=y
 CONFIG_ACENIC=m
@@ -77,6 +78,7 @@ CONFIG_ACTISYS_DONGLE=m
 # CONFIG_AD7476 is not set
 # CONFIG_AD7606 is not set
 # CONFIG_AD7746 is not set
+CONFIG_AD7766=m
 # CONFIG_AD7780 is not set
 # CONFIG_AD7791 is not set
 # CONFIG_AD7793 is not set
@@ -179,6 +181,7 @@ CONFIG_AR5523=m
 CONFIG_ARC_EMAC=m
 # CONFIG_ARCNET is not set
 # CONFIG_ARM64_PTDUMP is not set
+# CONFIG_ARM64_SW_TTBR0_PAN is not set
 # CONFIG_ARM_ARCH_TIMER_EVTSTREAM is not set
 # CONFIG_ARM_SCPI_PROTOCOL is not set
 # CONFIG_AS3935 is not set
@@ -346,6 +349,7 @@ CONFIG_BAYCOM_SER_HDX=m
 # CONFIG_BCACHE_CLOSURES_DEBUG is not set
 # CONFIG_BCACHE_DEBUG is not set
 CONFIG_BCACHE=m
+# CONFIG_BCM2835_VCHIQ is not set
 CONFIG_BCM63XX_PHY=m
 # CONFIG_BCM7038_WDT is not set
 CONFIG_BCM7XXX_PHY=m
@@ -416,6 +420,10 @@ CONFIG_BLK_DEV_THROTTLING=y
 # CONFIG_BLK_DEV_UB is not set
 CONFIG_BLK_DEV_UMEM=m
 CONFIG_BLK_DEV=y
+CONFIG_BLK_DEV_ZONED=y
+CONFIG_BLK_WBT_MQ=y
+# CONFIG_BLK_WBT_SQ is not set
+CONFIG_BLK_WBT=y
 # CONFIG_BMA180 is not set
 # CONFIG_BMA220 is not set
 CONFIG_BMC150_ACCEL=m
@@ -694,7 +702,16 @@ CONFIG_CODA_FS=m
 # CONFIG_COMMON_CLK_CDCE706 is not set
 # CONFIG_COMMON_CLK_CDCE925 is not set
 # CONFIG_COMMON_CLK_CS2000_CP is not set
+# CONFIG_COMMON_CLK_HI3516CV300 is not set
 # CONFIG_COMMON_CLK_HI3519 is not set
+# CONFIG_COMMON_CLK_HI3798CV200 is not set
+# CONFIG_COMMON_CLK_MT2701_BDPSYS is not set
+# CONFIG_COMMON_CLK_MT2701_ETHSYS is not set
+# CONFIG_COMMON_CLK_MT2701_HIFSYS is not set
+# CONFIG_COMMON_CLK_MT2701_IMGSYS is not set
+# CONFIG_COMMON_CLK_MT2701 is not set
+# CONFIG_COMMON_CLK_MT2701_MMSYS is not set
+# CONFIG_COMMON_CLK_MT2701_VDECSYS is not set
 # CONFIG_COMMON_CLK_MT8135 is not set
 # CONFIG_COMMON_CLK_MT8173 is not set
 # CONFIG_COMMON_CLK_OXNAS is not set
@@ -850,6 +867,8 @@ CONFIG_CXLFLASH=m
 CONFIG_CXL=m
 CONFIG_CYCLADES=m
 # CONFIG_CYZ_INTR is not set
+CONFIG_DA280=m
+CONFIG_DA311=m
 CONFIG_DAVICOM_PHY=m
 CONFIG_DCB=y
 # CONFIG_DDR is not set
@@ -945,8 +964,10 @@ CONFIG_DM9102=m
 # CONFIG_DMADEVICES_DEBUG is not set
 CONFIG_DMADEVICES=y
 CONFIG_DMA_ENGINE=y
+# CONFIG_DMA_FENCE_TRACE is not set
 # CONFIG_DMARD06 is not set
 # CONFIG_DMARD09 is not set
+CONFIG_DMARD10=m
 # CONFIG_DMATEST is not set
 CONFIG_DM_CACHE_CLEANER=m
 CONFIG_DM_CACHE=m
@@ -980,6 +1001,7 @@ CONFIG_DP83640_PHY=m
 CONFIG_DP83848_PHY=m
 CONFIG_DP83867_PHY=m
 # CONFIG_DPM_WATCHDOG is not set # revisit this in debug
+CONFIG_DPOT_DAC=m
 CONFIG_DRAGONRISE_FF=y
 # CONFIG_DRBD_FAULT_INJECTION is not set
 CONFIG_DRM_AMD_ACP=y
@@ -996,16 +1018,22 @@ CONFIG_DRM_BOCHS=m
 CONFIG_DRM_CIRRUS_QEMU=m # do not enable on f17 or older
 CONFIG_DRM_DP_AUX_CHARDEV=y
 # CONFIG_DRM_DUMB_VGA_DAC is not set
+CONFIG_DRM_DW_HDMI_I2S_AUDIO=m
 CONFIG_DRM_FBDEV_EMULATION=y
+CONFIG_DRM_HISI_HIBMC=m
+CONFIG_DRM_I2C_ADV7511_AUDIO=y
 CONFIG_DRM_I2C_ADV7511=m
 # CONFIG_DRM_I2C_ADV7533 is not set
 CONFIG_DRM_I2C_CH7006=m
 CONFIG_DRM_I2C_NXP_TDA998X=m
 CONFIG_DRM_I2C_SIL164=m
 # CONFIG_DRM_I810 is not set
+# CONFIG_DRM_I915_ALPHA_SUPPORT is not set
+CONFIG_DRM_I915_CAPTURE_ERROR=y
+CONFIG_DRM_I915_COMPRESS_ERROR=y
+CONFIG_DRM_I915_GVT_KVMGT=m
 CONFIG_DRM_I915_GVT=y
 CONFIG_DRM_I915=m
-# CONFIG_DRM_I915_PRELIMINARY_HW_SUPPORT is not set
 CONFIG_DRM_I915_USERPTR=y
 # CONFIG_DRM_LEGACY is not set
 CONFIG_DRM_LOAD_EDID_FIRMWARE=y
@@ -1013,6 +1041,7 @@ CONFIG_DRM=m
 # CONFIG_DRM_MALI_DISPLAY is not set
 CONFIG_DRM_MGAG200=m # do not enable on f17 or older
 # CONFIG_DRM_MGA is not set
+CONFIG_DRM_MXSFB=m
 CONFIG_DRM_NOUVEAU_BACKLIGHT=y
 CONFIG_DRM_NOUVEAU=m
 # CONFIG_DRM_NXP_PTN3460 is not set
@@ -1027,8 +1056,10 @@ CONFIG_DRM_RADEON=m
 CONFIG_DRM_RADEON_USERPTR=y
 # CONFIG_DRM_SAVAGE is not set
 # CONFIG_DRM_SII902X is not set
+CONFIG_DRM_SIL_SII8620=m
 # CONFIG_DRM_SIS is not set
 # CONFIG_DRM_TDFX is not set
+CONFIG_DRM_TI_TFP410=m
 # CONFIG_DRM_TOSHIBA_TC358767 is not set
 CONFIG_DRM_UDL=m
 CONFIG_DRM_VGEM=m
@@ -1149,8 +1180,10 @@ CONFIG_EEPROM_AT24=m
 # CONFIG_EEPROM_AT25 is not set
 CONFIG_EEPROM_LEGACY=m
 CONFIG_EEPROM_MAX6875=m
+# CONFIG_EFI_ALLOW_SECURE_BOOT_EXIT is not set
 CONFIG_EFI_PARTITION=y
 # CONFIG_EFI_PGT_DUMP is not set
+# CONFIG_EFI_SECURE_BOOT_LOCK_DOWN is not set
 # CONFIG_EFI_SIGNATURE_LIST_PARSER is not set
 # CONFIG_EFI_TEST is not set
 # CONFIG_EFS_FS is not set
@@ -1163,6 +1196,7 @@ CONFIG_ENABLE_MUST_CHECK=y
 CONFIG_ENCLOSURE_SERVICES=m
 CONFIG_ENCRYPTED_KEYS=m
 CONFIG_ENIC=m
+CONFIG_ENVELOPE_DETECTOR=m
 CONFIG_EPIC100=m
 CONFIG_EPOLL=y
 CONFIG_EQUALIZER=m
@@ -1307,7 +1341,6 @@ CONFIG_FCOE_FNIC=m
 CONFIG_FCOE=m
 # CONFIG_FDDI is not set
 CONFIG_FEALNX=m
-# CONFIG_FENCE_TRACE is not set
 CONFIG_FHANDLE=y
 # CONFIG_FHCI_DEBUG is not set
 CONFIG_FIREWIRE=m
@@ -1618,10 +1651,12 @@ CONFIG_HOTPLUG=y
 # CONFIG_HSR is not set
 # CONFIG_HSU_DMA is not set
 # CONFIG_HSU_DMA_PCI is not set
+CONFIG_HT16K33=m
 # CONFIG_HTC_EGPIO is not set
 # CONFIG_HTC_I2CPLD is not set
 # CONFIG_HTC_PASIC3 is not set
 CONFIG_HT_IRQ=y
+CONFIG_HTS221=m
 # CONFIG_HTU21 is not set
 CONFIG_HUGETLBFS=y
 CONFIG_HUGETLB_PAGE=y
@@ -1755,6 +1790,9 @@ CONFIG_IIO_BUFFER_CB=y
 CONFIG_IIO_BUFFER=y
 CONFIG_IIO_CONFIGFS=m
 CONFIG_IIO_CONSUMERS_PER_TRIGGER=2
+CONFIG_IIO_CROS_EC_SENSORS_CORE=m
+CONFIG_IIO_CROS_EC_SENSORS_COR=m
+CONFIG_IIO_CROS_EC_SENSORS=m
 # CONFIG_IIO_HRTIMER_TRIGGER is not set
 CONFIG_IIO_INTERRUPT_TRIGGER=m
 # CONFIG_IIO_KFIFO_BUF is not set
@@ -1874,6 +1912,8 @@ CONFIG_INPUT_MPU3050=m
 CONFIG_INPUT_PCF50633_PMU=m
 # CONFIG_INPUT_PCF8574 is not set
 # CONFIG_INPUT_PCSPKR is not set
+CONFIG_INPUT_PM8XXX_VIBRATOR=m
+CONFIG_INPUT_PMIC8XXX_PWRKEY=m
 CONFIG_INPUT_POLLDEV=m
 CONFIG_INPUT_POWERMATE=m
 CONFIG_INPUT_PWM_BEEPER=m
@@ -2218,6 +2258,7 @@ CONFIG_KEYBOARD_ATKBD=y
 # CONFIG_KEYBOARD_NEWTON is not set
 # CONFIG_KEYBOARD_OMAP4 is not set
 # CONFIG_KEYBOARD_OPENCORES is not set
+CONFIG_KEYBOARD_PMIC8XXX=m
 # CONFIG_KEYBOARD_QT1070 is not set
 # CONFIG_KEYBOARD_QT2160 is not set
 # CONFIG_KEYBOARD_SAMSUNG is not set
@@ -2315,6 +2356,7 @@ CONFIG_LEDS_LP3952=m
 CONFIG_LEDS_LT3593=m
 CONFIG_LEDS_MLXCPLD=m
 # CONFIG_LEDS_NET48XX is not set
+CONFIG_LEDS_NIC78BX=m
 # CONFIG_LEDS_OT200 is not set
 # CONFIG_LEDS_PCA9532 is not set
 # CONFIG_LEDS_PCA955X is not set
@@ -2340,6 +2382,7 @@ CONFIG_LEDS_TRIGGER_PANIC=y
 CONFIG_LEDS_TRIGGERS=y
 CONFIG_LEDS_TRIGGER_TIMER=m
 CONFIG_LEDS_TRIGGER_TRANSIENT=m
+CONFIG_LEDS_USER=m
 CONFIG_LEDS_WM831X_STATUS=m
 CONFIG_LEDS_WM8350=m
 CONFIG_LED_TRIGGER_PHY=y
@@ -2379,10 +2422,12 @@ CONFIG_LITELINK_DONGLE=m
 # CONFIG_LKDTM is not set
 # CONFIG_LLC2 is not set
 CONFIG_LLC=m
+CONFIG_LMP91000=m
 # CONFIG_LNET is not set
 CONFIG_LOCALVERSION=""
 # CONFIG_LOCALVERSION_AUTO is not set
 CONFIG_LOCKD=m
+# CONFIG_LOCK_DOWN_KERNEL is not set
 CONFIG_LOCKD_V4=y
 # CONFIG_LOCK_STAT is not set
 # CONFIG_LOCK_TORTURE_TEST is not set
@@ -2569,6 +2614,7 @@ CONFIG_MFD_CORE=m
 # CONFIG_MFD_MT6397 is not set
 # CONFIG_MFD_PALMAS is not set
 # CONFIG_MFD_PCF50633 is not set
+CONFIG_MFD_PM8XXX=m
 # CONFIG_MFD_RDC321X is not set
 # CONFIG_MFD_RETU is not set
 # CONFIG_MFD_RK808 is not set
@@ -2667,6 +2713,7 @@ CONFIG_MMC_REALTEK_PCI=m
 CONFIG_MMC_REALTEK_USB=m
 CONFIG_MMC_RICOH_MMC=y
 CONFIG_MMC_SDHCI_ACPI=m
+CONFIG_MMC_SDHCI_CADENCE=m
 # CONFIG_MMC_SDHCI_F_SDH30 is not set
 CONFIG_MMC_SDHCI=m
 # CONFIG_MMC_SDHCI_OF_ARASAN is not set
@@ -2730,12 +2777,14 @@ CONFIG_MOVABLE_NODE=y
 # CONFIG_MPL3115 is not set
 CONFIG_MPLS_IPTUNNEL=m
 CONFIG_MPLS_ROUTING=m
+# CONFIG_MPU3050_I2C is not set
 # CONFIG_MS5611 is not set
 # CONFIG_MS5637 is not set
 # CONFIG_MS_BLOCK is not set
 CONFIG_MSDOS_FS=m
 CONFIG_MSDOS_PARTITION=y
 CONFIG_MSI_BITMAP_SELFTEST=y
+# CONFIG_MSM_GCC_8994 is not set
 CONFIG_MSPRO_BLOCK=m
 CONFIG_MT7601U=m
 # CONFIG_MTD_ABSENT is not set
@@ -3308,8 +3357,11 @@ CONFIG_NTP_PPS=y
 CONFIG_NUMA_BALANCING_DEFAULT_ENABLED=y
 CONFIG_NUMA_BALANCING=y
 CONFIG_NUMA=y
+CONFIG_NVME_FC=m
 # CONFIG_NVMEM is not set
 CONFIG_NVME_RDMA=m
+CONFIG_NVME_TARGET_FCLOOP=m
+CONFIG_NVME_TARGET_FC=m
 CONFIG_NVME_TARGET_LOOP=m
 CONFIG_NVME_TARGET=m
 CONFIG_NVME_TARGET_RDMA=m
@@ -3471,6 +3523,8 @@ CONFIG_PHYLIB=y
 CONFIG_PID_NS=y
 # CONFIG_PINCONF is not set
 # CONFIG_PINCTRL is not set
+CONFIG_PINCTRL_MSM8994=m
+# CONFIG_PINCTRL_SX150X is not set
 # CONFIG_PINMUX is not set
 CONFIG_PKCS7_MESSAGE_PARSER=y
 # CONFIG_PKCS7_TEST_KEY is not set
@@ -3596,6 +3650,9 @@ CONFIG_PTP_1588_CLOCK_PCH=m
 CONFIG_PWM=y
 # CONFIG_PWRSEQ_EMMC is not set
 # CONFIG_PWRSEQ_SIMPLE is not set
+CONFIG_QCOM_ADSP_PIL=m
+# CONFIG_QCOM_CLK_RPM is not set
+# CONFIG_QCOM_CLK_SMD_RPM is not set
 # CONFIG_QCOM_EBI2 is not set
 # CONFIG_QCOM_HIDMA is not set
 # CONFIG_QCOM_HIDMA_MGMT is not set
@@ -3699,6 +3756,7 @@ CONFIG_REISERFS_FS_XATTR=y
 CONFIG_REISERFS_PROC_INFO=y
 CONFIG_RELAY=y
 CONFIG_RELOCATABLE=y
+CONFIG_REMOTEPROC=m
 # CONFIG_RFD_FTL is not set
 CONFIG_RFKILL_GPIO=m
 CONFIG_RFKILL_INPUT=y
@@ -3802,6 +3860,7 @@ CONFIG_RTC_DRV_PCF85063=m
 CONFIG_RTC_DRV_PCF8523=m
 CONFIG_RTC_DRV_PCF8563=m
 CONFIG_RTC_DRV_PCF8583=m
+CONFIG_RTC_DRV_PM8XXX=m
 CONFIG_RTC_DRV_R9701=m
 CONFIG_RTC_DRV_RP5C01=m
 CONFIG_RTC_DRV_RS5C348=m
@@ -3899,6 +3958,7 @@ CONFIG_SCHED_SMT=y
 CONFIG_SCHEDSTATS=y
 CONFIG_SCHED_TRACER=y
 CONFIG_SCOM_DEBUGFS=y
+# CONFIG_SCR24X is not set
 CONFIG_SCSI_3W_9XXX=m
 CONFIG_SCSI_3W_SAS=m
 CONFIG_SCSI_AACRAID=m
@@ -4160,10 +4220,12 @@ CONFIG_SENSORS_SIS5595=m
 CONFIG_SENSORS_SMSC47B397=m
 CONFIG_SENSORS_SMSC47M192=m
 CONFIG_SENSORS_SMSC47M1=m
+CONFIG_SENSORS_TC654=m
 CONFIG_SENSORS_TC74=m
 CONFIG_SENSORS_THMC50=m
 CONFIG_SENSORS_TMP102=m
 CONFIG_SENSORS_TMP103=m
+CONFIG_SENSORS_TMP108=m
 CONFIG_SENSORS_TMP401=m
 CONFIG_SENSORS_TMP421=m
 CONFIG_SENSORS_TPS40422=m
@@ -4560,11 +4622,13 @@ CONFIG_SPARSEMEM_VMEMMAP=y
 CONFIG_SPARSE_RCU_POINTER=y
 # CONFIG_SPEAKUP is not set
 # CONFIG_SPI_ALTERA is not set
+CONFIG_SPI_ARMADA_3700=m
 # CONFIG_SPI_AXI_SPI_ENGINE is not set
 # CONFIG_SPI_BITBANG is not set
 # CONFIG_SPI_BUTTERFLY is not set
 # CONFIG_SPI_DEBUG is not set
 # CONFIG_SPI_DESIGNWARE is not set
+CONFIG_SPI_FSL_LPSPI=m
 # CONFIG_SPI_FSL_SPI is not set
 # CONFIG_SPI_GPIO is not set
 # CONFIG_SPI is not set
@@ -4619,6 +4683,7 @@ CONFIG_STMMAC_ETH=m
 CONFIG_STRICT_DEVMEM=y
 CONFIG_STRIP_ASM_SYMS=y
 # CONFIG_STRIP is not set
+# CONFIG_SUN50I_A64_CCU is not set
 # CONFIG_SUN6I_A31_CCU is not set
 # CONFIG_SUN8I_A23_CCU is not set
 # CONFIG_SUN8I_A33_CCU is not set
@@ -4715,6 +4780,7 @@ CONFIG_TEHUTI=m
 CONFIG_TEKRAM_DONGLE=m
 CONFIG_TELCLOCK=m
 CONFIG_TERANETICS_PHY=m
+CONFIG_TEST_ASYNC_DRIVER_PROBE=m
 # CONFIG_TEST_BITMAP is not set
 # CONFIG_TEST_BPF is not set
 # CONFIG_TEST_FIRMWARE is not set
@@ -4885,6 +4951,7 @@ CONFIG_UHID=m
 CONFIG_UIO_AEC=m
 CONFIG_UIO_CIF=m
 # CONFIG_UIO_DMEM_GENIRQ is not set
+CONFIG_UIO_HV_GENERIC=m
 CONFIG_UIO=m
 # CONFIG_UIO_MF624 is not set
 # CONFIG_UIO_NETX is not set
@@ -5103,6 +5170,7 @@ CONFIG_USB_SERIAL_EDGEPORT=m
 CONFIG_USB_SERIAL_EDGEPORT_TI=m
 CONFIG_USB_SERIAL_EMPEG=m
 # CONFIG_USB_SERIAL_F81232 is not set
+CONFIG_USB_SERIAL_F8153X=m
 CONFIG_USB_SERIAL_FTDI_SIO=m
 CONFIG_USB_SERIAL_GARMIN=m
 CONFIG_USB_SERIAL_GENERIC=y
@@ -5230,6 +5298,8 @@ CONFIG_VETH=m
 CONFIG_VFAT_FS=m
 CONFIG_VFIO_IOMMU_TYPE1=m
 CONFIG_VFIO=m
+CONFIG_VFIO_MDEV_DEVICE=m
+CONFIG_VFIO_MDEV=m
 # CONFIG_VFIO_NOIOMMU is not set
 CONFIG_VFIO_PCI=m
 CONFIG_VGA_ARB_MAX_GPUS=16
diff --git a/kernel-ppc64p7-debug.config b/kernel-ppc64p7-debug.config
index f929839a1..d445e0d3e 100644
--- a/kernel-ppc64p7-debug.config
+++ b/kernel-ppc64p7-debug.config
@@ -33,6 +33,7 @@ CONFIG_9P_FS_SECURITY=y
 CONFIG_A11Y_BRAILLE_CONSOLE=y
 # CONFIG_AB3100_CORE is not set
 # CONFIG_AB3100_OTP is not set
+CONFIG_ABP060MG=m
 # CONFIG_ABX500_CORE is not set
 CONFIG_ACCESSIBILITY=y
 CONFIG_ACENIC=m
@@ -77,6 +78,7 @@ CONFIG_ACTISYS_DONGLE=m
 # CONFIG_AD7476 is not set
 # CONFIG_AD7606 is not set
 # CONFIG_AD7746 is not set
+CONFIG_AD7766=m
 # CONFIG_AD7780 is not set
 # CONFIG_AD7791 is not set
 # CONFIG_AD7793 is not set
@@ -179,6 +181,7 @@ CONFIG_AR5523=m
 CONFIG_ARC_EMAC=m
 # CONFIG_ARCNET is not set
 CONFIG_ARM64_PTDUMP=y
+# CONFIG_ARM64_SW_TTBR0_PAN is not set
 # CONFIG_ARM_ARCH_TIMER_EVTSTREAM is not set
 # CONFIG_ARM_SCPI_PROTOCOL is not set
 # CONFIG_AS3935 is not set
@@ -346,6 +349,7 @@ CONFIG_BAYCOM_SER_HDX=m
 # CONFIG_BCACHE_CLOSURES_DEBUG is not set
 # CONFIG_BCACHE_DEBUG is not set
 CONFIG_BCACHE=m
+# CONFIG_BCM2835_VCHIQ is not set
 CONFIG_BCM63XX_PHY=m
 # CONFIG_BCM7038_WDT is not set
 CONFIG_BCM7XXX_PHY=m
@@ -416,6 +420,10 @@ CONFIG_BLK_DEV_THROTTLING=y
 # CONFIG_BLK_DEV_UB is not set
 CONFIG_BLK_DEV_UMEM=m
 CONFIG_BLK_DEV=y
+CONFIG_BLK_DEV_ZONED=y
+CONFIG_BLK_WBT_MQ=y
+# CONFIG_BLK_WBT_SQ is not set
+CONFIG_BLK_WBT=y
 # CONFIG_BMA180 is not set
 # CONFIG_BMA220 is not set
 CONFIG_BMC150_ACCEL=m
@@ -694,7 +702,16 @@ CONFIG_CODA_FS=m
 # CONFIG_COMMON_CLK_CDCE706 is not set
 # CONFIG_COMMON_CLK_CDCE925 is not set
 # CONFIG_COMMON_CLK_CS2000_CP is not set
+# CONFIG_COMMON_CLK_HI3516CV300 is not set
 # CONFIG_COMMON_CLK_HI3519 is not set
+# CONFIG_COMMON_CLK_HI3798CV200 is not set
+# CONFIG_COMMON_CLK_MT2701_BDPSYS is not set
+# CONFIG_COMMON_CLK_MT2701_ETHSYS is not set
+# CONFIG_COMMON_CLK_MT2701_HIFSYS is not set
+# CONFIG_COMMON_CLK_MT2701_IMGSYS is not set
+# CONFIG_COMMON_CLK_MT2701 is not set
+# CONFIG_COMMON_CLK_MT2701_MMSYS is not set
+# CONFIG_COMMON_CLK_MT2701_VDECSYS is not set
 # CONFIG_COMMON_CLK_MT8135 is not set
 # CONFIG_COMMON_CLK_MT8173 is not set
 # CONFIG_COMMON_CLK_OXNAS is not set
@@ -851,6 +868,8 @@ CONFIG_CXLFLASH=m
 CONFIG_CXL=m
 CONFIG_CYCLADES=m
 # CONFIG_CYZ_INTR is not set
+CONFIG_DA280=m
+CONFIG_DA311=m
 CONFIG_DAVICOM_PHY=m
 CONFIG_DCB=y
 # CONFIG_DDR is not set
@@ -954,8 +973,10 @@ CONFIG_DMADEVICES_DEBUG=y
 # CONFIG_DMADEVICES_VDEBUG is not set
 CONFIG_DMADEVICES=y
 CONFIG_DMA_ENGINE=y
+# CONFIG_DMA_FENCE_TRACE is not set
 # CONFIG_DMARD06 is not set
 # CONFIG_DMARD09 is not set
+CONFIG_DMARD10=m
 # CONFIG_DMATEST is not set
 CONFIG_DM_CACHE_CLEANER=m
 CONFIG_DM_CACHE=m
@@ -989,6 +1010,7 @@ CONFIG_DP83640_PHY=m
 CONFIG_DP83848_PHY=m
 CONFIG_DP83867_PHY=m
 # CONFIG_DPM_WATCHDOG is not set # revisit this in debug
+CONFIG_DPOT_DAC=m
 CONFIG_DRAGONRISE_FF=y
 CONFIG_DRBD_FAULT_INJECTION=y
 CONFIG_DRM_AMD_ACP=y
@@ -1005,16 +1027,22 @@ CONFIG_DRM_BOCHS=m
 CONFIG_DRM_CIRRUS_QEMU=m # do not enable on f17 or older
 CONFIG_DRM_DP_AUX_CHARDEV=y
 # CONFIG_DRM_DUMB_VGA_DAC is not set
+CONFIG_DRM_DW_HDMI_I2S_AUDIO=m
 CONFIG_DRM_FBDEV_EMULATION=y
+CONFIG_DRM_HISI_HIBMC=m
+CONFIG_DRM_I2C_ADV7511_AUDIO=y
 CONFIG_DRM_I2C_ADV7511=m
 # CONFIG_DRM_I2C_ADV7533 is not set
 CONFIG_DRM_I2C_CH7006=m
 CONFIG_DRM_I2C_NXP_TDA998X=m
 CONFIG_DRM_I2C_SIL164=m
 # CONFIG_DRM_I810 is not set
+# CONFIG_DRM_I915_ALPHA_SUPPORT is not set
+CONFIG_DRM_I915_CAPTURE_ERROR=y
+CONFIG_DRM_I915_COMPRESS_ERROR=y
+CONFIG_DRM_I915_GVT_KVMGT=m
 CONFIG_DRM_I915_GVT=y
 CONFIG_DRM_I915=m
-# CONFIG_DRM_I915_PRELIMINARY_HW_SUPPORT is not set
 CONFIG_DRM_I915_USERPTR=y
 # CONFIG_DRM_LEGACY is not set
 CONFIG_DRM_LOAD_EDID_FIRMWARE=y
@@ -1022,6 +1050,7 @@ CONFIG_DRM=m
 # CONFIG_DRM_MALI_DISPLAY is not set
 CONFIG_DRM_MGAG200=m # do not enable on f17 or older
 # CONFIG_DRM_MGA is not set
+CONFIG_DRM_MXSFB=m
 CONFIG_DRM_NOUVEAU_BACKLIGHT=y
 CONFIG_DRM_NOUVEAU=m
 # CONFIG_DRM_NXP_PTN3460 is not set
@@ -1036,8 +1065,10 @@ CONFIG_DRM_RADEON=m
 CONFIG_DRM_RADEON_USERPTR=y
 # CONFIG_DRM_SAVAGE is not set
 # CONFIG_DRM_SII902X is not set
+CONFIG_DRM_SIL_SII8620=m
 # CONFIG_DRM_SIS is not set
 # CONFIG_DRM_TDFX is not set
+CONFIG_DRM_TI_TFP410=m
 # CONFIG_DRM_TOSHIBA_TC358767 is not set
 CONFIG_DRM_UDL=m
 CONFIG_DRM_VGEM=m
@@ -1158,8 +1189,10 @@ CONFIG_EEPROM_AT24=m
 # CONFIG_EEPROM_AT25 is not set
 CONFIG_EEPROM_LEGACY=m
 CONFIG_EEPROM_MAX6875=m
+# CONFIG_EFI_ALLOW_SECURE_BOOT_EXIT is not set
 CONFIG_EFI_PARTITION=y
 CONFIG_EFI_PGT_DUMP=y
+# CONFIG_EFI_SECURE_BOOT_LOCK_DOWN is not set
 # CONFIG_EFI_SIGNATURE_LIST_PARSER is not set
 # CONFIG_EFI_TEST is not set
 # CONFIG_EFS_FS is not set
@@ -1172,6 +1205,7 @@ CONFIG_ENABLE_MUST_CHECK=y
 CONFIG_ENCLOSURE_SERVICES=m
 CONFIG_ENCRYPTED_KEYS=m
 CONFIG_ENIC=m
+CONFIG_ENVELOPE_DETECTOR=m
 CONFIG_EPIC100=m
 CONFIG_EPOLL=y
 CONFIG_EQUALIZER=m
@@ -1323,7 +1357,6 @@ CONFIG_FCOE_FNIC=m
 CONFIG_FCOE=m
 # CONFIG_FDDI is not set
 CONFIG_FEALNX=m
-# CONFIG_FENCE_TRACE is not set
 CONFIG_FHANDLE=y
 # CONFIG_FHCI_DEBUG is not set
 CONFIG_FIREWIRE=m
@@ -1634,10 +1667,12 @@ CONFIG_HOTPLUG=y
 # CONFIG_HSR is not set
 # CONFIG_HSU_DMA is not set
 # CONFIG_HSU_DMA_PCI is not set
+CONFIG_HT16K33=m
 # CONFIG_HTC_EGPIO is not set
 # CONFIG_HTC_I2CPLD is not set
 # CONFIG_HTC_PASIC3 is not set
 CONFIG_HT_IRQ=y
+CONFIG_HTS221=m
 # CONFIG_HTU21 is not set
 CONFIG_HUGETLBFS=y
 CONFIG_HUGETLB_PAGE=y
@@ -1771,6 +1806,9 @@ CONFIG_IIO_BUFFER_CB=y
 CONFIG_IIO_BUFFER=y
 CONFIG_IIO_CONFIGFS=m
 CONFIG_IIO_CONSUMERS_PER_TRIGGER=2
+CONFIG_IIO_CROS_EC_SENSORS_CORE=m
+CONFIG_IIO_CROS_EC_SENSORS_COR=m
+CONFIG_IIO_CROS_EC_SENSORS=m
 # CONFIG_IIO_HRTIMER_TRIGGER is not set
 CONFIG_IIO_INTERRUPT_TRIGGER=m
 # CONFIG_IIO_KFIFO_BUF is not set
@@ -1890,6 +1928,8 @@ CONFIG_INPUT_MPU3050=m
 CONFIG_INPUT_PCF50633_PMU=m
 # CONFIG_INPUT_PCF8574 is not set
 # CONFIG_INPUT_PCSPKR is not set
+CONFIG_INPUT_PM8XXX_VIBRATOR=m
+CONFIG_INPUT_PMIC8XXX_PWRKEY=m
 CONFIG_INPUT_POLLDEV=m
 CONFIG_INPUT_POWERMATE=m
 CONFIG_INPUT_PWM_BEEPER=m
@@ -2236,6 +2276,7 @@ CONFIG_KEYBOARD_ATKBD=y
 # CONFIG_KEYBOARD_NEWTON is not set
 # CONFIG_KEYBOARD_OMAP4 is not set
 # CONFIG_KEYBOARD_OPENCORES is not set
+CONFIG_KEYBOARD_PMIC8XXX=m
 # CONFIG_KEYBOARD_QT1070 is not set
 # CONFIG_KEYBOARD_QT2160 is not set
 # CONFIG_KEYBOARD_SAMSUNG is not set
@@ -2333,6 +2374,7 @@ CONFIG_LEDS_LP3952=m
 CONFIG_LEDS_LT3593=m
 CONFIG_LEDS_MLXCPLD=m
 # CONFIG_LEDS_NET48XX is not set
+CONFIG_LEDS_NIC78BX=m
 # CONFIG_LEDS_OT200 is not set
 # CONFIG_LEDS_PCA9532 is not set
 # CONFIG_LEDS_PCA955X is not set
@@ -2358,6 +2400,7 @@ CONFIG_LEDS_TRIGGER_PANIC=y
 CONFIG_LEDS_TRIGGERS=y
 CONFIG_LEDS_TRIGGER_TIMER=m
 CONFIG_LEDS_TRIGGER_TRANSIENT=m
+CONFIG_LEDS_USER=m
 CONFIG_LEDS_WM831X_STATUS=m
 CONFIG_LEDS_WM8350=m
 CONFIG_LED_TRIGGER_PHY=y
@@ -2397,10 +2440,12 @@ CONFIG_LITELINK_DONGLE=m
 # CONFIG_LKDTM is not set
 # CONFIG_LLC2 is not set
 CONFIG_LLC=m
+CONFIG_LMP91000=m
 # CONFIG_LNET is not set
 CONFIG_LOCALVERSION=""
 # CONFIG_LOCALVERSION_AUTO is not set
 CONFIG_LOCKD=m
+# CONFIG_LOCK_DOWN_KERNEL is not set
 CONFIG_LOCKD_V4=y
 CONFIG_LOCK_STAT=y
 CONFIG_LOCK_TORTURE_TEST=m
@@ -2588,6 +2633,7 @@ CONFIG_MFD_CORE=m
 # CONFIG_MFD_MT6397 is not set
 # CONFIG_MFD_PALMAS is not set
 # CONFIG_MFD_PCF50633 is not set
+CONFIG_MFD_PM8XXX=m
 # CONFIG_MFD_RDC321X is not set
 # CONFIG_MFD_RETU is not set
 # CONFIG_MFD_RK808 is not set
@@ -2686,6 +2732,7 @@ CONFIG_MMC_REALTEK_PCI=m
 CONFIG_MMC_REALTEK_USB=m
 CONFIG_MMC_RICOH_MMC=y
 CONFIG_MMC_SDHCI_ACPI=m
+CONFIG_MMC_SDHCI_CADENCE=m
 # CONFIG_MMC_SDHCI_F_SDH30 is not set
 CONFIG_MMC_SDHCI=m
 # CONFIG_MMC_SDHCI_OF_ARASAN is not set
@@ -2750,12 +2797,14 @@ CONFIG_MOVABLE_NODE=y
 # CONFIG_MPL3115 is not set
 CONFIG_MPLS_IPTUNNEL=m
 CONFIG_MPLS_ROUTING=m
+# CONFIG_MPU3050_I2C is not set
 # CONFIG_MS5611 is not set
 # CONFIG_MS5637 is not set
 # CONFIG_MS_BLOCK is not set
 CONFIG_MSDOS_FS=m
 CONFIG_MSDOS_PARTITION=y
 CONFIG_MSI_BITMAP_SELFTEST=y
+# CONFIG_MSM_GCC_8994 is not set
 CONFIG_MSPRO_BLOCK=m
 CONFIG_MT7601U=m
 # CONFIG_MTD_ABSENT is not set
@@ -3328,8 +3377,11 @@ CONFIG_NTP_PPS=y
 CONFIG_NUMA_BALANCING_DEFAULT_ENABLED=y
 CONFIG_NUMA_BALANCING=y
 CONFIG_NUMA=y
+CONFIG_NVME_FC=m
 # CONFIG_NVMEM is not set
 CONFIG_NVME_RDMA=m
+CONFIG_NVME_TARGET_FCLOOP=m
+CONFIG_NVME_TARGET_FC=m
 CONFIG_NVME_TARGET_LOOP=m
 CONFIG_NVME_TARGET=m
 CONFIG_NVME_TARGET_RDMA=m
@@ -3491,6 +3543,8 @@ CONFIG_PHYLIB=y
 CONFIG_PID_NS=y
 # CONFIG_PINCONF is not set
 # CONFIG_PINCTRL is not set
+CONFIG_PINCTRL_MSM8994=m
+# CONFIG_PINCTRL_SX150X is not set
 # CONFIG_PINMUX is not set
 CONFIG_PKCS7_MESSAGE_PARSER=y
 # CONFIG_PKCS7_TEST_KEY is not set
@@ -3617,6 +3671,9 @@ CONFIG_PTP_1588_CLOCK_PCH=m
 CONFIG_PWM=y
 # CONFIG_PWRSEQ_EMMC is not set
 # CONFIG_PWRSEQ_SIMPLE is not set
+CONFIG_QCOM_ADSP_PIL=m
+# CONFIG_QCOM_CLK_RPM is not set
+# CONFIG_QCOM_CLK_SMD_RPM is not set
 # CONFIG_QCOM_EBI2 is not set
 # CONFIG_QCOM_HIDMA is not set
 # CONFIG_QCOM_HIDMA_MGMT is not set
@@ -3720,6 +3777,7 @@ CONFIG_REISERFS_FS_XATTR=y
 CONFIG_REISERFS_PROC_INFO=y
 CONFIG_RELAY=y
 CONFIG_RELOCATABLE=y
+CONFIG_REMOTEPROC=m
 # CONFIG_RFD_FTL is not set
 CONFIG_RFKILL_GPIO=m
 CONFIG_RFKILL_INPUT=y
@@ -3823,6 +3881,7 @@ CONFIG_RTC_DRV_PCF85063=m
 CONFIG_RTC_DRV_PCF8523=m
 CONFIG_RTC_DRV_PCF8563=m
 CONFIG_RTC_DRV_PCF8583=m
+CONFIG_RTC_DRV_PM8XXX=m
 CONFIG_RTC_DRV_R9701=m
 CONFIG_RTC_DRV_RP5C01=m
 CONFIG_RTC_DRV_RS5C348=m
@@ -3920,6 +3979,7 @@ CONFIG_SCHED_SMT=y
 CONFIG_SCHEDSTATS=y
 CONFIG_SCHED_TRACER=y
 CONFIG_SCOM_DEBUGFS=y
+# CONFIG_SCR24X is not set
 CONFIG_SCSI_3W_9XXX=m
 CONFIG_SCSI_3W_SAS=m
 CONFIG_SCSI_AACRAID=m
@@ -4181,10 +4241,12 @@ CONFIG_SENSORS_SIS5595=m
 CONFIG_SENSORS_SMSC47B397=m
 CONFIG_SENSORS_SMSC47M192=m
 CONFIG_SENSORS_SMSC47M1=m
+CONFIG_SENSORS_TC654=m
 CONFIG_SENSORS_TC74=m
 CONFIG_SENSORS_THMC50=m
 CONFIG_SENSORS_TMP102=m
 CONFIG_SENSORS_TMP103=m
+CONFIG_SENSORS_TMP108=m
 CONFIG_SENSORS_TMP401=m
 CONFIG_SENSORS_TMP421=m
 CONFIG_SENSORS_TPS40422=m
@@ -4582,11 +4644,13 @@ CONFIG_SPARSEMEM_VMEMMAP=y
 CONFIG_SPARSE_RCU_POINTER=y
 # CONFIG_SPEAKUP is not set
 # CONFIG_SPI_ALTERA is not set
+CONFIG_SPI_ARMADA_3700=m
 # CONFIG_SPI_AXI_SPI_ENGINE is not set
 # CONFIG_SPI_BITBANG is not set
 # CONFIG_SPI_BUTTERFLY is not set
 # CONFIG_SPI_DEBUG is not set
 # CONFIG_SPI_DESIGNWARE is not set
+CONFIG_SPI_FSL_LPSPI=m
 # CONFIG_SPI_FSL_SPI is not set
 # CONFIG_SPI_GPIO is not set
 # CONFIG_SPI is not set
@@ -4641,6 +4705,7 @@ CONFIG_STMMAC_ETH=m
 CONFIG_STRICT_DEVMEM=y
 CONFIG_STRIP_ASM_SYMS=y
 # CONFIG_STRIP is not set
+# CONFIG_SUN50I_A64_CCU is not set
 # CONFIG_SUN6I_A31_CCU is not set
 # CONFIG_SUN8I_A23_CCU is not set
 # CONFIG_SUN8I_A33_CCU is not set
@@ -4737,6 +4802,7 @@ CONFIG_TEHUTI=m
 CONFIG_TEKRAM_DONGLE=m
 CONFIG_TELCLOCK=m
 CONFIG_TERANETICS_PHY=m
+CONFIG_TEST_ASYNC_DRIVER_PROBE=m
 # CONFIG_TEST_BITMAP is not set
 # CONFIG_TEST_BPF is not set
 # CONFIG_TEST_FIRMWARE is not set
@@ -4907,6 +4973,7 @@ CONFIG_UHID=m
 CONFIG_UIO_AEC=m
 CONFIG_UIO_CIF=m
 # CONFIG_UIO_DMEM_GENIRQ is not set
+CONFIG_UIO_HV_GENERIC=m
 CONFIG_UIO=m
 # CONFIG_UIO_MF624 is not set
 # CONFIG_UIO_NETX is not set
@@ -5125,6 +5192,7 @@ CONFIG_USB_SERIAL_EDGEPORT=m
 CONFIG_USB_SERIAL_EDGEPORT_TI=m
 CONFIG_USB_SERIAL_EMPEG=m
 # CONFIG_USB_SERIAL_F81232 is not set
+CONFIG_USB_SERIAL_F8153X=m
 CONFIG_USB_SERIAL_FTDI_SIO=m
 CONFIG_USB_SERIAL_GARMIN=m
 CONFIG_USB_SERIAL_GENERIC=y
@@ -5252,6 +5320,8 @@ CONFIG_VETH=m
 CONFIG_VFAT_FS=m
 CONFIG_VFIO_IOMMU_TYPE1=m
 CONFIG_VFIO=m
+CONFIG_VFIO_MDEV_DEVICE=m
+CONFIG_VFIO_MDEV=m
 # CONFIG_VFIO_NOIOMMU is not set
 CONFIG_VFIO_PCI=m
 CONFIG_VGA_ARB_MAX_GPUS=16
diff --git a/kernel-ppc64p7.config b/kernel-ppc64p7.config
index ae759efb9..611e7a4c4 100644
--- a/kernel-ppc64p7.config
+++ b/kernel-ppc64p7.config
@@ -33,6 +33,7 @@ CONFIG_9P_FS_SECURITY=y
 CONFIG_A11Y_BRAILLE_CONSOLE=y
 # CONFIG_AB3100_CORE is not set
 # CONFIG_AB3100_OTP is not set
+CONFIG_ABP060MG=m
 # CONFIG_ABX500_CORE is not set
 CONFIG_ACCESSIBILITY=y
 CONFIG_ACENIC=m
@@ -77,6 +78,7 @@ CONFIG_ACTISYS_DONGLE=m
 # CONFIG_AD7476 is not set
 # CONFIG_AD7606 is not set
 # CONFIG_AD7746 is not set
+CONFIG_AD7766=m
 # CONFIG_AD7780 is not set
 # CONFIG_AD7791 is not set
 # CONFIG_AD7793 is not set
@@ -179,6 +181,7 @@ CONFIG_AR5523=m
 CONFIG_ARC_EMAC=m
 # CONFIG_ARCNET is not set
 # CONFIG_ARM64_PTDUMP is not set
+# CONFIG_ARM64_SW_TTBR0_PAN is not set
 # CONFIG_ARM_ARCH_TIMER_EVTSTREAM is not set
 # CONFIG_ARM_SCPI_PROTOCOL is not set
 # CONFIG_AS3935 is not set
@@ -346,6 +349,7 @@ CONFIG_BAYCOM_SER_HDX=m
 # CONFIG_BCACHE_CLOSURES_DEBUG is not set
 # CONFIG_BCACHE_DEBUG is not set
 CONFIG_BCACHE=m
+# CONFIG_BCM2835_VCHIQ is not set
 CONFIG_BCM63XX_PHY=m
 # CONFIG_BCM7038_WDT is not set
 CONFIG_BCM7XXX_PHY=m
@@ -416,6 +420,10 @@ CONFIG_BLK_DEV_THROTTLING=y
 # CONFIG_BLK_DEV_UB is not set
 CONFIG_BLK_DEV_UMEM=m
 CONFIG_BLK_DEV=y
+CONFIG_BLK_DEV_ZONED=y
+CONFIG_BLK_WBT_MQ=y
+# CONFIG_BLK_WBT_SQ is not set
+CONFIG_BLK_WBT=y
 # CONFIG_BMA180 is not set
 # CONFIG_BMA220 is not set
 CONFIG_BMC150_ACCEL=m
@@ -694,7 +702,16 @@ CONFIG_CODA_FS=m
 # CONFIG_COMMON_CLK_CDCE706 is not set
 # CONFIG_COMMON_CLK_CDCE925 is not set
 # CONFIG_COMMON_CLK_CS2000_CP is not set
+# CONFIG_COMMON_CLK_HI3516CV300 is not set
 # CONFIG_COMMON_CLK_HI3519 is not set
+# CONFIG_COMMON_CLK_HI3798CV200 is not set
+# CONFIG_COMMON_CLK_MT2701_BDPSYS is not set
+# CONFIG_COMMON_CLK_MT2701_ETHSYS is not set
+# CONFIG_COMMON_CLK_MT2701_HIFSYS is not set
+# CONFIG_COMMON_CLK_MT2701_IMGSYS is not set
+# CONFIG_COMMON_CLK_MT2701 is not set
+# CONFIG_COMMON_CLK_MT2701_MMSYS is not set
+# CONFIG_COMMON_CLK_MT2701_VDECSYS is not set
 # CONFIG_COMMON_CLK_MT8135 is not set
 # CONFIG_COMMON_CLK_MT8173 is not set
 # CONFIG_COMMON_CLK_OXNAS is not set
@@ -850,6 +867,8 @@ CONFIG_CXLFLASH=m
 CONFIG_CXL=m
 CONFIG_CYCLADES=m
 # CONFIG_CYZ_INTR is not set
+CONFIG_DA280=m
+CONFIG_DA311=m
 CONFIG_DAVICOM_PHY=m
 CONFIG_DCB=y
 # CONFIG_DDR is not set
@@ -944,8 +963,10 @@ CONFIG_DM9102=m
 # CONFIG_DMADEVICES_DEBUG is not set
 CONFIG_DMADEVICES=y
 CONFIG_DMA_ENGINE=y
+# CONFIG_DMA_FENCE_TRACE is not set
 # CONFIG_DMARD06 is not set
 # CONFIG_DMARD09 is not set
+CONFIG_DMARD10=m
 # CONFIG_DMATEST is not set
 CONFIG_DM_CACHE_CLEANER=m
 CONFIG_DM_CACHE=m
@@ -979,6 +1000,7 @@ CONFIG_DP83640_PHY=m
 CONFIG_DP83848_PHY=m
 CONFIG_DP83867_PHY=m
 # CONFIG_DPM_WATCHDOG is not set # revisit this in debug
+CONFIG_DPOT_DAC=m
 CONFIG_DRAGONRISE_FF=y
 # CONFIG_DRBD_FAULT_INJECTION is not set
 CONFIG_DRM_AMD_ACP=y
@@ -995,16 +1017,22 @@ CONFIG_DRM_BOCHS=m
 CONFIG_DRM_CIRRUS_QEMU=m # do not enable on f17 or older
 CONFIG_DRM_DP_AUX_CHARDEV=y
 # CONFIG_DRM_DUMB_VGA_DAC is not set
+CONFIG_DRM_DW_HDMI_I2S_AUDIO=m
 CONFIG_DRM_FBDEV_EMULATION=y
+CONFIG_DRM_HISI_HIBMC=m
+CONFIG_DRM_I2C_ADV7511_AUDIO=y
 CONFIG_DRM_I2C_ADV7511=m
 # CONFIG_DRM_I2C_ADV7533 is not set
 CONFIG_DRM_I2C_CH7006=m
 CONFIG_DRM_I2C_NXP_TDA998X=m
 CONFIG_DRM_I2C_SIL164=m
 # CONFIG_DRM_I810 is not set
+# CONFIG_DRM_I915_ALPHA_SUPPORT is not set
+CONFIG_DRM_I915_CAPTURE_ERROR=y
+CONFIG_DRM_I915_COMPRESS_ERROR=y
+CONFIG_DRM_I915_GVT_KVMGT=m
 CONFIG_DRM_I915_GVT=y
 CONFIG_DRM_I915=m
-# CONFIG_DRM_I915_PRELIMINARY_HW_SUPPORT is not set
 CONFIG_DRM_I915_USERPTR=y
 # CONFIG_DRM_LEGACY is not set
 CONFIG_DRM_LOAD_EDID_FIRMWARE=y
@@ -1012,6 +1040,7 @@ CONFIG_DRM=m
 # CONFIG_DRM_MALI_DISPLAY is not set
 CONFIG_DRM_MGAG200=m # do not enable on f17 or older
 # CONFIG_DRM_MGA is not set
+CONFIG_DRM_MXSFB=m
 CONFIG_DRM_NOUVEAU_BACKLIGHT=y
 CONFIG_DRM_NOUVEAU=m
 # CONFIG_DRM_NXP_PTN3460 is not set
@@ -1026,8 +1055,10 @@ CONFIG_DRM_RADEON=m
 CONFIG_DRM_RADEON_USERPTR=y
 # CONFIG_DRM_SAVAGE is not set
 # CONFIG_DRM_SII902X is not set
+CONFIG_DRM_SIL_SII8620=m
 # CONFIG_DRM_SIS is not set
 # CONFIG_DRM_TDFX is not set
+CONFIG_DRM_TI_TFP410=m
 # CONFIG_DRM_TOSHIBA_TC358767 is not set
 CONFIG_DRM_UDL=m
 CONFIG_DRM_VGEM=m
@@ -1148,8 +1179,10 @@ CONFIG_EEPROM_AT24=m
 # CONFIG_EEPROM_AT25 is not set
 CONFIG_EEPROM_LEGACY=m
 CONFIG_EEPROM_MAX6875=m
+# CONFIG_EFI_ALLOW_SECURE_BOOT_EXIT is not set
 CONFIG_EFI_PARTITION=y
 # CONFIG_EFI_PGT_DUMP is not set
+# CONFIG_EFI_SECURE_BOOT_LOCK_DOWN is not set
 # CONFIG_EFI_SIGNATURE_LIST_PARSER is not set
 # CONFIG_EFI_TEST is not set
 # CONFIG_EFS_FS is not set
@@ -1162,6 +1195,7 @@ CONFIG_ENABLE_MUST_CHECK=y
 CONFIG_ENCLOSURE_SERVICES=m
 CONFIG_ENCRYPTED_KEYS=m
 CONFIG_ENIC=m
+CONFIG_ENVELOPE_DETECTOR=m
 CONFIG_EPIC100=m
 CONFIG_EPOLL=y
 CONFIG_EQUALIZER=m
@@ -1306,7 +1340,6 @@ CONFIG_FCOE_FNIC=m
 CONFIG_FCOE=m
 # CONFIG_FDDI is not set
 CONFIG_FEALNX=m
-# CONFIG_FENCE_TRACE is not set
 CONFIG_FHANDLE=y
 # CONFIG_FHCI_DEBUG is not set
 CONFIG_FIREWIRE=m
@@ -1617,10 +1650,12 @@ CONFIG_HOTPLUG=y
 # CONFIG_HSR is not set
 # CONFIG_HSU_DMA is not set
 # CONFIG_HSU_DMA_PCI is not set
+CONFIG_HT16K33=m
 # CONFIG_HTC_EGPIO is not set
 # CONFIG_HTC_I2CPLD is not set
 # CONFIG_HTC_PASIC3 is not set
 CONFIG_HT_IRQ=y
+CONFIG_HTS221=m
 # CONFIG_HTU21 is not set
 CONFIG_HUGETLBFS=y
 CONFIG_HUGETLB_PAGE=y
@@ -1754,6 +1789,9 @@ CONFIG_IIO_BUFFER_CB=y
 CONFIG_IIO_BUFFER=y
 CONFIG_IIO_CONFIGFS=m
 CONFIG_IIO_CONSUMERS_PER_TRIGGER=2
+CONFIG_IIO_CROS_EC_SENSORS_CORE=m
+CONFIG_IIO_CROS_EC_SENSORS_COR=m
+CONFIG_IIO_CROS_EC_SENSORS=m
 # CONFIG_IIO_HRTIMER_TRIGGER is not set
 CONFIG_IIO_INTERRUPT_TRIGGER=m
 # CONFIG_IIO_KFIFO_BUF is not set
@@ -1873,6 +1911,8 @@ CONFIG_INPUT_MPU3050=m
 CONFIG_INPUT_PCF50633_PMU=m
 # CONFIG_INPUT_PCF8574 is not set
 # CONFIG_INPUT_PCSPKR is not set
+CONFIG_INPUT_PM8XXX_VIBRATOR=m
+CONFIG_INPUT_PMIC8XXX_PWRKEY=m
 CONFIG_INPUT_POLLDEV=m
 CONFIG_INPUT_POWERMATE=m
 CONFIG_INPUT_PWM_BEEPER=m
@@ -2217,6 +2257,7 @@ CONFIG_KEYBOARD_ATKBD=y
 # CONFIG_KEYBOARD_NEWTON is not set
 # CONFIG_KEYBOARD_OMAP4 is not set
 # CONFIG_KEYBOARD_OPENCORES is not set
+CONFIG_KEYBOARD_PMIC8XXX=m
 # CONFIG_KEYBOARD_QT1070 is not set
 # CONFIG_KEYBOARD_QT2160 is not set
 # CONFIG_KEYBOARD_SAMSUNG is not set
@@ -2314,6 +2355,7 @@ CONFIG_LEDS_LP3952=m
 CONFIG_LEDS_LT3593=m
 CONFIG_LEDS_MLXCPLD=m
 # CONFIG_LEDS_NET48XX is not set
+CONFIG_LEDS_NIC78BX=m
 # CONFIG_LEDS_OT200 is not set
 # CONFIG_LEDS_PCA9532 is not set
 # CONFIG_LEDS_PCA955X is not set
@@ -2339,6 +2381,7 @@ CONFIG_LEDS_TRIGGER_PANIC=y
 CONFIG_LEDS_TRIGGERS=y
 CONFIG_LEDS_TRIGGER_TIMER=m
 CONFIG_LEDS_TRIGGER_TRANSIENT=m
+CONFIG_LEDS_USER=m
 CONFIG_LEDS_WM831X_STATUS=m
 CONFIG_LEDS_WM8350=m
 CONFIG_LED_TRIGGER_PHY=y
@@ -2378,10 +2421,12 @@ CONFIG_LITELINK_DONGLE=m
 # CONFIG_LKDTM is not set
 # CONFIG_LLC2 is not set
 CONFIG_LLC=m
+CONFIG_LMP91000=m
 # CONFIG_LNET is not set
 CONFIG_LOCALVERSION=""
 # CONFIG_LOCALVERSION_AUTO is not set
 CONFIG_LOCKD=m
+# CONFIG_LOCK_DOWN_KERNEL is not set
 CONFIG_LOCKD_V4=y
 # CONFIG_LOCK_STAT is not set
 # CONFIG_LOCK_TORTURE_TEST is not set
@@ -2568,6 +2613,7 @@ CONFIG_MFD_CORE=m
 # CONFIG_MFD_MT6397 is not set
 # CONFIG_MFD_PALMAS is not set
 # CONFIG_MFD_PCF50633 is not set
+CONFIG_MFD_PM8XXX=m
 # CONFIG_MFD_RDC321X is not set
 # CONFIG_MFD_RETU is not set
 # CONFIG_MFD_RK808 is not set
@@ -2666,6 +2712,7 @@ CONFIG_MMC_REALTEK_PCI=m
 CONFIG_MMC_REALTEK_USB=m
 CONFIG_MMC_RICOH_MMC=y
 CONFIG_MMC_SDHCI_ACPI=m
+CONFIG_MMC_SDHCI_CADENCE=m
 # CONFIG_MMC_SDHCI_F_SDH30 is not set
 CONFIG_MMC_SDHCI=m
 # CONFIG_MMC_SDHCI_OF_ARASAN is not set
@@ -2729,12 +2776,14 @@ CONFIG_MOVABLE_NODE=y
 # CONFIG_MPL3115 is not set
 CONFIG_MPLS_IPTUNNEL=m
 CONFIG_MPLS_ROUTING=m
+# CONFIG_MPU3050_I2C is not set
 # CONFIG_MS5611 is not set
 # CONFIG_MS5637 is not set
 # CONFIG_MS_BLOCK is not set
 CONFIG_MSDOS_FS=m
 CONFIG_MSDOS_PARTITION=y
 CONFIG_MSI_BITMAP_SELFTEST=y
+# CONFIG_MSM_GCC_8994 is not set
 CONFIG_MSPRO_BLOCK=m
 CONFIG_MT7601U=m
 # CONFIG_MTD_ABSENT is not set
@@ -3307,8 +3356,11 @@ CONFIG_NTP_PPS=y
 CONFIG_NUMA_BALANCING_DEFAULT_ENABLED=y
 CONFIG_NUMA_BALANCING=y
 CONFIG_NUMA=y
+CONFIG_NVME_FC=m
 # CONFIG_NVMEM is not set
 CONFIG_NVME_RDMA=m
+CONFIG_NVME_TARGET_FCLOOP=m
+CONFIG_NVME_TARGET_FC=m
 CONFIG_NVME_TARGET_LOOP=m
 CONFIG_NVME_TARGET=m
 CONFIG_NVME_TARGET_RDMA=m
@@ -3470,6 +3522,8 @@ CONFIG_PHYLIB=y
 CONFIG_PID_NS=y
 # CONFIG_PINCONF is not set
 # CONFIG_PINCTRL is not set
+CONFIG_PINCTRL_MSM8994=m
+# CONFIG_PINCTRL_SX150X is not set
 # CONFIG_PINMUX is not set
 CONFIG_PKCS7_MESSAGE_PARSER=y
 # CONFIG_PKCS7_TEST_KEY is not set
@@ -3595,6 +3649,9 @@ CONFIG_PTP_1588_CLOCK_PCH=m
 CONFIG_PWM=y
 # CONFIG_PWRSEQ_EMMC is not set
 # CONFIG_PWRSEQ_SIMPLE is not set
+CONFIG_QCOM_ADSP_PIL=m
+# CONFIG_QCOM_CLK_RPM is not set
+# CONFIG_QCOM_CLK_SMD_RPM is not set
 # CONFIG_QCOM_EBI2 is not set
 # CONFIG_QCOM_HIDMA is not set
 # CONFIG_QCOM_HIDMA_MGMT is not set
@@ -3698,6 +3755,7 @@ CONFIG_REISERFS_FS_XATTR=y
 CONFIG_REISERFS_PROC_INFO=y
 CONFIG_RELAY=y
 CONFIG_RELOCATABLE=y
+CONFIG_REMOTEPROC=m
 # CONFIG_RFD_FTL is not set
 CONFIG_RFKILL_GPIO=m
 CONFIG_RFKILL_INPUT=y
@@ -3801,6 +3859,7 @@ CONFIG_RTC_DRV_PCF85063=m
 CONFIG_RTC_DRV_PCF8523=m
 CONFIG_RTC_DRV_PCF8563=m
 CONFIG_RTC_DRV_PCF8583=m
+CONFIG_RTC_DRV_PM8XXX=m
 CONFIG_RTC_DRV_R9701=m
 CONFIG_RTC_DRV_RP5C01=m
 CONFIG_RTC_DRV_RS5C348=m
@@ -3898,6 +3957,7 @@ CONFIG_SCHED_SMT=y
 CONFIG_SCHEDSTATS=y
 CONFIG_SCHED_TRACER=y
 CONFIG_SCOM_DEBUGFS=y
+# CONFIG_SCR24X is not set
 CONFIG_SCSI_3W_9XXX=m
 CONFIG_SCSI_3W_SAS=m
 CONFIG_SCSI_AACRAID=m
@@ -4159,10 +4219,12 @@ CONFIG_SENSORS_SIS5595=m
 CONFIG_SENSORS_SMSC47B397=m
 CONFIG_SENSORS_SMSC47M192=m
 CONFIG_SENSORS_SMSC47M1=m
+CONFIG_SENSORS_TC654=m
 CONFIG_SENSORS_TC74=m
 CONFIG_SENSORS_THMC50=m
 CONFIG_SENSORS_TMP102=m
 CONFIG_SENSORS_TMP103=m
+CONFIG_SENSORS_TMP108=m
 CONFIG_SENSORS_TMP401=m
 CONFIG_SENSORS_TMP421=m
 CONFIG_SENSORS_TPS40422=m
@@ -4559,11 +4621,13 @@ CONFIG_SPARSEMEM_VMEMMAP=y
 CONFIG_SPARSE_RCU_POINTER=y
 # CONFIG_SPEAKUP is not set
 # CONFIG_SPI_ALTERA is not set
+CONFIG_SPI_ARMADA_3700=m
 # CONFIG_SPI_AXI_SPI_ENGINE is not set
 # CONFIG_SPI_BITBANG is not set
 # CONFIG_SPI_BUTTERFLY is not set
 # CONFIG_SPI_DEBUG is not set
 # CONFIG_SPI_DESIGNWARE is not set
+CONFIG_SPI_FSL_LPSPI=m
 # CONFIG_SPI_FSL_SPI is not set
 # CONFIG_SPI_GPIO is not set
 # CONFIG_SPI is not set
@@ -4618,6 +4682,7 @@ CONFIG_STMMAC_ETH=m
 CONFIG_STRICT_DEVMEM=y
 CONFIG_STRIP_ASM_SYMS=y
 # CONFIG_STRIP is not set
+# CONFIG_SUN50I_A64_CCU is not set
 # CONFIG_SUN6I_A31_CCU is not set
 # CONFIG_SUN8I_A23_CCU is not set
 # CONFIG_SUN8I_A33_CCU is not set
@@ -4714,6 +4779,7 @@ CONFIG_TEHUTI=m
 CONFIG_TEKRAM_DONGLE=m
 CONFIG_TELCLOCK=m
 CONFIG_TERANETICS_PHY=m
+CONFIG_TEST_ASYNC_DRIVER_PROBE=m
 # CONFIG_TEST_BITMAP is not set
 # CONFIG_TEST_BPF is not set
 # CONFIG_TEST_FIRMWARE is not set
@@ -4884,6 +4950,7 @@ CONFIG_UHID=m
 CONFIG_UIO_AEC=m
 CONFIG_UIO_CIF=m
 # CONFIG_UIO_DMEM_GENIRQ is not set
+CONFIG_UIO_HV_GENERIC=m
 CONFIG_UIO=m
 # CONFIG_UIO_MF624 is not set
 # CONFIG_UIO_NETX is not set
@@ -5102,6 +5169,7 @@ CONFIG_USB_SERIAL_EDGEPORT=m
 CONFIG_USB_SERIAL_EDGEPORT_TI=m
 CONFIG_USB_SERIAL_EMPEG=m
 # CONFIG_USB_SERIAL_F81232 is not set
+CONFIG_USB_SERIAL_F8153X=m
 CONFIG_USB_SERIAL_FTDI_SIO=m
 CONFIG_USB_SERIAL_GARMIN=m
 CONFIG_USB_SERIAL_GENERIC=y
@@ -5229,6 +5297,8 @@ CONFIG_VETH=m
 CONFIG_VFAT_FS=m
 CONFIG_VFIO_IOMMU_TYPE1=m
 CONFIG_VFIO=m
+CONFIG_VFIO_MDEV_DEVICE=m
+CONFIG_VFIO_MDEV=m
 # CONFIG_VFIO_NOIOMMU is not set
 CONFIG_VFIO_PCI=m
 CONFIG_VGA_ARB_MAX_GPUS=16
diff --git a/kernel-s390x-debug.config b/kernel-s390x-debug.config
index 2b24604ae..4438d878f 100644
--- a/kernel-s390x-debug.config
+++ b/kernel-s390x-debug.config
@@ -33,6 +33,7 @@ CONFIG_9P_FS_SECURITY=y
 CONFIG_A11Y_BRAILLE_CONSOLE=y
 # CONFIG_AB3100_CORE is not set
 # CONFIG_AB3100_OTP is not set
+CONFIG_ABP060MG=m
 # CONFIG_ABX500_CORE is not set
 # CONFIG_ACCESSIBILITY is not set
 CONFIG_ACENIC=m
@@ -77,6 +78,7 @@ CONFIG_ACTISYS_DONGLE=m
 # CONFIG_AD7476 is not set
 # CONFIG_AD7606 is not set
 # CONFIG_AD7746 is not set
+CONFIG_AD7766=m
 # CONFIG_AD7780 is not set
 # CONFIG_AD7791 is not set
 # CONFIG_AD7793 is not set
@@ -181,6 +183,7 @@ CONFIG_AR5523=m
 CONFIG_ARC_EMAC=m
 # CONFIG_ARCNET is not set
 CONFIG_ARM64_PTDUMP=y
+# CONFIG_ARM64_SW_TTBR0_PAN is not set
 # CONFIG_ARM_ARCH_TIMER_EVTSTREAM is not set
 # CONFIG_ARM_SCPI_PROTOCOL is not set
 # CONFIG_AS3935 is not set
@@ -347,6 +350,7 @@ CONFIG_BAYCOM_SER_HDX=m
 # CONFIG_BCACHE_CLOSURES_DEBUG is not set
 # CONFIG_BCACHE_DEBUG is not set
 CONFIG_BCACHE=m
+# CONFIG_BCM2835_VCHIQ is not set
 CONFIG_BCM63XX_PHY=m
 # CONFIG_BCM7038_WDT is not set
 CONFIG_BCM7XXX_PHY=m
@@ -416,6 +420,10 @@ CONFIG_BLK_DEV_THROTTLING=y
 CONFIG_BLK_DEV_UMEM=m
 CONFIG_BLK_DEV_XPRAM=m
 CONFIG_BLK_DEV=y
+CONFIG_BLK_DEV_ZONED=y
+CONFIG_BLK_WBT_MQ=y
+# CONFIG_BLK_WBT_SQ is not set
+CONFIG_BLK_WBT=y
 # CONFIG_BMA180 is not set
 # CONFIG_BMA220 is not set
 CONFIG_BMC150_ACCEL=m
@@ -691,7 +699,16 @@ CONFIG_CODA_FS=m
 # CONFIG_COMMON_CLK_CDCE706 is not set
 # CONFIG_COMMON_CLK_CDCE925 is not set
 # CONFIG_COMMON_CLK_CS2000_CP is not set
+# CONFIG_COMMON_CLK_HI3516CV300 is not set
 # CONFIG_COMMON_CLK_HI3519 is not set
+# CONFIG_COMMON_CLK_HI3798CV200 is not set
+# CONFIG_COMMON_CLK_MT2701_BDPSYS is not set
+# CONFIG_COMMON_CLK_MT2701_ETHSYS is not set
+# CONFIG_COMMON_CLK_MT2701_HIFSYS is not set
+# CONFIG_COMMON_CLK_MT2701_IMGSYS is not set
+# CONFIG_COMMON_CLK_MT2701 is not set
+# CONFIG_COMMON_CLK_MT2701_MMSYS is not set
+# CONFIG_COMMON_CLK_MT2701_VDECSYS is not set
 # CONFIG_COMMON_CLK_MT8135 is not set
 # CONFIG_COMMON_CLK_MT8173 is not set
 # CONFIG_COMMON_CLK_OXNAS is not set
@@ -843,6 +860,8 @@ CONFIG_CW1200_WLAN_SPI=m
 # CONFIG_CX_ECAT is not set
 CONFIG_CYCLADES=m
 # CONFIG_CYZ_INTR is not set
+CONFIG_DA280=m
+CONFIG_DA311=m
 CONFIG_DASD_DIAG=m
 CONFIG_DASD_ECKD=m
 CONFIG_DASD_EER=y
@@ -952,8 +971,10 @@ CONFIG_DMADEVICES_DEBUG=y
 # CONFIG_DMADEVICES_VDEBUG is not set
 CONFIG_DMADEVICES=y
 CONFIG_DMA_ENGINE=y
+# CONFIG_DMA_FENCE_TRACE is not set
 # CONFIG_DMARD06 is not set
 # CONFIG_DMARD09 is not set
+CONFIG_DMARD10=m
 # CONFIG_DMATEST is not set
 CONFIG_DM_CACHE_CLEANER=m
 CONFIG_DM_CACHE=m
@@ -987,6 +1008,7 @@ CONFIG_DP83640_PHY=m
 CONFIG_DP83848_PHY=m
 CONFIG_DP83867_PHY=m
 # CONFIG_DPM_WATCHDOG is not set # revisit this in debug
+CONFIG_DPOT_DAC=m
 CONFIG_DRAGONRISE_FF=y
 CONFIG_DRBD_FAULT_INJECTION=y
 CONFIG_DRM_AMD_ACP=y
@@ -1003,16 +1025,22 @@ CONFIG_DRM_BOCHS=m
 CONFIG_DRM_CIRRUS_QEMU=m # do not enable on f17 or older
 CONFIG_DRM_DP_AUX_CHARDEV=y
 # CONFIG_DRM_DUMB_VGA_DAC is not set
+CONFIG_DRM_DW_HDMI_I2S_AUDIO=m
 CONFIG_DRM_FBDEV_EMULATION=y
+CONFIG_DRM_HISI_HIBMC=m
+CONFIG_DRM_I2C_ADV7511_AUDIO=y
 CONFIG_DRM_I2C_ADV7511=m
 # CONFIG_DRM_I2C_ADV7533 is not set
 CONFIG_DRM_I2C_CH7006=m
 CONFIG_DRM_I2C_NXP_TDA998X=m
 CONFIG_DRM_I2C_SIL164=m
 # CONFIG_DRM_I810 is not set
+# CONFIG_DRM_I915_ALPHA_SUPPORT is not set
+CONFIG_DRM_I915_CAPTURE_ERROR=y
+CONFIG_DRM_I915_COMPRESS_ERROR=y
+CONFIG_DRM_I915_GVT_KVMGT=m
 CONFIG_DRM_I915_GVT=y
 CONFIG_DRM_I915=m
-# CONFIG_DRM_I915_PRELIMINARY_HW_SUPPORT is not set
 CONFIG_DRM_I915_USERPTR=y
 # CONFIG_DRM is not set
 # CONFIG_DRM_LEGACY is not set
@@ -1020,6 +1048,7 @@ CONFIG_DRM_LOAD_EDID_FIRMWARE=y
 # CONFIG_DRM_MALI_DISPLAY is not set
 CONFIG_DRM_MGAG200=m # do not enable on f17 or older
 # CONFIG_DRM_MGA is not set
+CONFIG_DRM_MXSFB=m
 CONFIG_DRM_NOUVEAU_BACKLIGHT=y
 CONFIG_DRM_NOUVEAU=m
 # CONFIG_DRM_NXP_PTN3460 is not set
@@ -1034,8 +1063,10 @@ CONFIG_DRM_RADEON=m
 CONFIG_DRM_RADEON_USERPTR=y
 # CONFIG_DRM_SAVAGE is not set
 # CONFIG_DRM_SII902X is not set
+CONFIG_DRM_SIL_SII8620=m
 # CONFIG_DRM_SIS is not set
 # CONFIG_DRM_TDFX is not set
+CONFIG_DRM_TI_TFP410=m
 # CONFIG_DRM_TOSHIBA_TC358767 is not set
 CONFIG_DRM_UDL=m
 CONFIG_DRM_VGEM=m
@@ -1154,8 +1185,10 @@ CONFIG_EEPROM_AT24=m
 # CONFIG_EEPROM_AT25 is not set
 CONFIG_EEPROM_LEGACY=m
 CONFIG_EEPROM_MAX6875=m
+# CONFIG_EFI_ALLOW_SECURE_BOOT_EXIT is not set
 CONFIG_EFI_PARTITION=y
 CONFIG_EFI_PGT_DUMP=y
+# CONFIG_EFI_SECURE_BOOT_LOCK_DOWN is not set
 # CONFIG_EFI_SIGNATURE_LIST_PARSER is not set
 # CONFIG_EFI_TEST is not set
 # CONFIG_EFS_FS is not set
@@ -1167,6 +1200,7 @@ CONFIG_ENABLE_MUST_CHECK=y
 CONFIG_ENCLOSURE_SERVICES=m
 CONFIG_ENCRYPTED_KEYS=m
 CONFIG_ENIC=m
+CONFIG_ENVELOPE_DETECTOR=m
 CONFIG_EPIC100=m
 CONFIG_EPOLL=y
 CONFIG_EQUALIZER=m
@@ -1306,7 +1340,6 @@ CONFIG_FCOE_FNIC=m
 # CONFIG_FCOE is not set
 # CONFIG_FDDI is not set
 CONFIG_FEALNX=m
-# CONFIG_FENCE_TRACE is not set
 CONFIG_FHANDLE=y
 # CONFIG_FIREWIRE is not set
 CONFIG_FIREWIRE_NET=m
@@ -1600,10 +1633,12 @@ CONFIG_HOTPLUG=y
 # CONFIG_HSR is not set
 # CONFIG_HSU_DMA is not set
 # CONFIG_HSU_DMA_PCI is not set
+CONFIG_HT16K33=m
 # CONFIG_HTC_EGPIO is not set
 # CONFIG_HTC_I2CPLD is not set
 # CONFIG_HTC_PASIC3 is not set
 CONFIG_HT_IRQ=y
+CONFIG_HTS221=m
 # CONFIG_HTU21 is not set
 CONFIG_HUGETLBFS=y
 CONFIG_HUGETLB_PAGE=y
@@ -1721,6 +1756,9 @@ CONFIG_IIO_BUFFER_CB=y
 CONFIG_IIO_BUFFER=y
 CONFIG_IIO_CONFIGFS=m
 CONFIG_IIO_CONSUMERS_PER_TRIGGER=2
+CONFIG_IIO_CROS_EC_SENSORS_CORE=m
+CONFIG_IIO_CROS_EC_SENSORS_COR=m
+CONFIG_IIO_CROS_EC_SENSORS=m
 # CONFIG_IIO_HRTIMER_TRIGGER is not set
 CONFIG_IIO_INTERRUPT_TRIGGER=m
 # CONFIG_IIO_KFIFO_BUF is not set
@@ -1841,6 +1879,8 @@ CONFIG_INPUT_MPU3050=m
 CONFIG_INPUT_PCF50633_PMU=m
 # CONFIG_INPUT_PCF8574 is not set
 CONFIG_INPUT_PCSPKR=m
+CONFIG_INPUT_PM8XXX_VIBRATOR=m
+CONFIG_INPUT_PMIC8XXX_PWRKEY=m
 CONFIG_INPUT_POLLDEV=m
 CONFIG_INPUT_POWERMATE=m
 # CONFIG_INPUT_PWM_BEEPER is not set
@@ -2182,6 +2222,7 @@ CONFIG_KEYBOARD_ATKBD=y
 # CONFIG_KEYBOARD_NEWTON is not set
 # CONFIG_KEYBOARD_OMAP4 is not set
 # CONFIG_KEYBOARD_OPENCORES is not set
+CONFIG_KEYBOARD_PMIC8XXX=m
 # CONFIG_KEYBOARD_QT1070 is not set
 # CONFIG_KEYBOARD_QT2160 is not set
 # CONFIG_KEYBOARD_SAMSUNG is not set
@@ -2274,6 +2315,7 @@ CONFIG_LEDS_LP3952=m
 CONFIG_LEDS_LT3593=m
 CONFIG_LEDS_MLXCPLD=m
 # CONFIG_LEDS_NET48XX is not set
+CONFIG_LEDS_NIC78BX=m
 # CONFIG_LEDS_OT200 is not set
 # CONFIG_LEDS_PCA9532 is not set
 # CONFIG_LEDS_PCA955X is not set
@@ -2298,6 +2340,7 @@ CONFIG_LEDS_TRIGGER_PANIC=y
 CONFIG_LEDS_TRIGGERS=y
 CONFIG_LEDS_TRIGGER_TIMER=m
 CONFIG_LEDS_TRIGGER_TRANSIENT=m
+CONFIG_LEDS_USER=m
 CONFIG_LEDS_WM831X_STATUS=m
 CONFIG_LEDS_WM8350=m
 CONFIG_LED_TRIGGER_PHY=y
@@ -2337,10 +2380,12 @@ CONFIG_LITELINK_DONGLE=m
 # CONFIG_LKDTM is not set
 # CONFIG_LLC2 is not set
 CONFIG_LLC=m
+CONFIG_LMP91000=m
 # CONFIG_LNET is not set
 CONFIG_LOCALVERSION=""
 # CONFIG_LOCALVERSION_AUTO is not set
 CONFIG_LOCKD=m
+# CONFIG_LOCK_DOWN_KERNEL is not set
 CONFIG_LOCKD_V4=y
 CONFIG_LOCK_STAT=y
 CONFIG_LOCK_TORTURE_TEST=m
@@ -2523,6 +2568,7 @@ CONFIG_MESSAGE_LOGLEVEL_DEFAULT=4
 # CONFIG_MFD_MT6397 is not set
 # CONFIG_MFD_PALMAS is not set
 # CONFIG_MFD_PCF50633 is not set
+CONFIG_MFD_PM8XXX=m
 # CONFIG_MFD_RDC321X is not set
 # CONFIG_MFD_RETU is not set
 # CONFIG_MFD_RK808 is not set
@@ -2620,6 +2666,7 @@ CONFIG_MMC_REALTEK_PCI=m
 CONFIG_MMC_REALTEK_USB=m
 CONFIG_MMC_RICOH_MMC=y
 CONFIG_MMC_SDHCI_ACPI=m
+CONFIG_MMC_SDHCI_CADENCE=m
 # CONFIG_MMC_SDHCI_F_SDH30 is not set
 CONFIG_MMC_SDHCI=m
 # CONFIG_MMC_SDHCI_OF_ARASAN is not set
@@ -2683,11 +2730,13 @@ CONFIG_MOVABLE_NODE=y
 # CONFIG_MPL3115 is not set
 CONFIG_MPLS_IPTUNNEL=m
 CONFIG_MPLS_ROUTING=m
+# CONFIG_MPU3050_I2C is not set
 # CONFIG_MS5611 is not set
 # CONFIG_MS5637 is not set
 # CONFIG_MS_BLOCK is not set
 CONFIG_MSDOS_FS=m
 CONFIG_MSDOS_PARTITION=y
+# CONFIG_MSM_GCC_8994 is not set
 CONFIG_MSPRO_BLOCK=m
 CONFIG_MT7601U=m
 # CONFIG_MTD_ABSENT is not set
@@ -3250,8 +3299,11 @@ CONFIG_NSC_FIR=m
 # CONFIG_NTFS_FS is not set
 CONFIG_NTP_PPS=y
 # CONFIG_NUMA is not set
+CONFIG_NVME_FC=m
 # CONFIG_NVMEM is not set
 CONFIG_NVME_RDMA=m
+CONFIG_NVME_TARGET_FCLOOP=m
+CONFIG_NVME_TARGET_FC=m
 CONFIG_NVME_TARGET_LOOP=m
 CONFIG_NVME_TARGET=m
 CONFIG_NVME_TARGET_RDMA=m
@@ -3413,6 +3465,8 @@ CONFIG_PFAULT=y
 CONFIG_PID_NS=y
 # CONFIG_PINCONF is not set
 # CONFIG_PINCTRL is not set
+CONFIG_PINCTRL_MSM8994=m
+# CONFIG_PINCTRL_SX150X is not set
 # CONFIG_PINMUX is not set
 CONFIG_PKCS7_MESSAGE_PARSER=y
 # CONFIG_PKCS7_TEST_KEY is not set
@@ -3497,6 +3551,9 @@ CONFIG_PTP_1588_CLOCK_PCH=m
 CONFIG_PWM=y
 # CONFIG_PWRSEQ_EMMC is not set
 # CONFIG_PWRSEQ_SIMPLE is not set
+CONFIG_QCOM_ADSP_PIL=m
+# CONFIG_QCOM_CLK_RPM is not set
+# CONFIG_QCOM_CLK_SMD_RPM is not set
 # CONFIG_QCOM_EBI2 is not set
 # CONFIG_QCOM_HIDMA is not set
 # CONFIG_QCOM_HIDMA_MGMT is not set
@@ -3603,6 +3660,7 @@ CONFIG_REISERFS_FS_SECURITY=y
 CONFIG_REISERFS_FS_XATTR=y
 CONFIG_REISERFS_PROC_INFO=y
 CONFIG_RELAY=y
+CONFIG_REMOTEPROC=m
 # CONFIG_RFD_FTL is not set
 CONFIG_RFKILL_GPIO=m
 CONFIG_RFKILL_INPUT=y
@@ -3702,6 +3760,7 @@ CONFIG_RTC_DRV_PCF85063=m
 CONFIG_RTC_DRV_PCF8523=m
 CONFIG_RTC_DRV_PCF8563=m
 CONFIG_RTC_DRV_PCF8583=m
+CONFIG_RTC_DRV_PM8XXX=m
 CONFIG_RTC_DRV_R9701=m
 CONFIG_RTC_DRV_RP5C01=m
 CONFIG_RTC_DRV_RS5C348=m
@@ -3818,6 +3877,7 @@ CONFIG_SCLP_VT220_TTY=y
 CONFIG_SCM_BLOCK_CLUSTER_WRITE=y
 CONFIG_SCM_BLOCK=m
 CONFIG_SCM_BUS=y
+# CONFIG_SCR24X is not set
 CONFIG_SCSI_3W_9XXX=m
 CONFIG_SCSI_3W_SAS=m
 CONFIG_SCSI_AACRAID=m
@@ -4072,10 +4132,12 @@ CONFIG_SENSORS_SIS5595=m
 CONFIG_SENSORS_SMSC47B397=m
 CONFIG_SENSORS_SMSC47M192=m
 CONFIG_SENSORS_SMSC47M1=m
+CONFIG_SENSORS_TC654=m
 CONFIG_SENSORS_TC74=m
 CONFIG_SENSORS_THMC50=m
 CONFIG_SENSORS_TMP102=m
 CONFIG_SENSORS_TMP103=m
+CONFIG_SENSORS_TMP108=m
 CONFIG_SENSORS_TMP401=m
 CONFIG_SENSORS_TMP421=m
 CONFIG_SENSORS_TPS40422=m
@@ -4466,11 +4528,13 @@ CONFIG_SOUND_OSS_CORE_PRECLAIM=y
 CONFIG_SPARSE_RCU_POINTER=y
 # CONFIG_SPEAKUP is not set
 # CONFIG_SPI_ALTERA is not set
+CONFIG_SPI_ARMADA_3700=m
 # CONFIG_SPI_AXI_SPI_ENGINE is not set
 # CONFIG_SPI_BITBANG is not set
 # CONFIG_SPI_BUTTERFLY is not set
 # CONFIG_SPI_DEBUG is not set
 # CONFIG_SPI_DESIGNWARE is not set
+CONFIG_SPI_FSL_LPSPI=m
 # CONFIG_SPI_FSL_SPI is not set
 # CONFIG_SPI_GPIO is not set
 # CONFIG_SPI is not set
@@ -4526,6 +4590,7 @@ CONFIG_STMMAC_ETH=m
 CONFIG_STRICT_DEVMEM=y
 CONFIG_STRIP_ASM_SYMS=y
 # CONFIG_STRIP is not set
+# CONFIG_SUN50I_A64_CCU is not set
 # CONFIG_SUN6I_A31_CCU is not set
 # CONFIG_SUN8I_A23_CCU is not set
 # CONFIG_SUN8I_A33_CCU is not set
@@ -4620,6 +4685,7 @@ CONFIG_TEHUTI=m
 CONFIG_TEKRAM_DONGLE=m
 CONFIG_TELCLOCK=m
 CONFIG_TERANETICS_PHY=m
+CONFIG_TEST_ASYNC_DRIVER_PROBE=m
 # CONFIG_TEST_BITMAP is not set
 # CONFIG_TEST_BPF is not set
 # CONFIG_TEST_FIRMWARE is not set
@@ -4794,6 +4860,7 @@ CONFIG_UHID=m
 CONFIG_UIO_AEC=m
 CONFIG_UIO_CIF=m
 # CONFIG_UIO_DMEM_GENIRQ is not set
+CONFIG_UIO_HV_GENERIC=m
 CONFIG_UIO=m
 # CONFIG_UIO_MF624 is not set
 # CONFIG_UIO_NETX is not set
@@ -5007,6 +5074,7 @@ CONFIG_USB_SERIAL_EDGEPORT=m
 CONFIG_USB_SERIAL_EDGEPORT_TI=m
 CONFIG_USB_SERIAL_EMPEG=m
 # CONFIG_USB_SERIAL_F81232 is not set
+CONFIG_USB_SERIAL_F8153X=m
 CONFIG_USB_SERIAL_FTDI_SIO=m
 CONFIG_USB_SERIAL_GARMIN=m
 CONFIG_USB_SERIAL_GENERIC=y
@@ -5134,6 +5202,8 @@ CONFIG_VETH=m
 CONFIG_VFAT_FS=m
 CONFIG_VFIO_IOMMU_TYPE1=m
 CONFIG_VFIO=m
+CONFIG_VFIO_MDEV_DEVICE=m
+CONFIG_VFIO_MDEV=m
 # CONFIG_VFIO_NOIOMMU is not set
 CONFIG_VFIO_PCI=m
 CONFIG_VGA_ARB_MAX_GPUS=16
diff --git a/kernel-s390x.config b/kernel-s390x.config
index e8e57a0a9..d1c9adac8 100644
--- a/kernel-s390x.config
+++ b/kernel-s390x.config
@@ -33,6 +33,7 @@ CONFIG_9P_FS_SECURITY=y
 CONFIG_A11Y_BRAILLE_CONSOLE=y
 # CONFIG_AB3100_CORE is not set
 # CONFIG_AB3100_OTP is not set
+CONFIG_ABP060MG=m
 # CONFIG_ABX500_CORE is not set
 # CONFIG_ACCESSIBILITY is not set
 CONFIG_ACENIC=m
@@ -77,6 +78,7 @@ CONFIG_ACTISYS_DONGLE=m
 # CONFIG_AD7476 is not set
 # CONFIG_AD7606 is not set
 # CONFIG_AD7746 is not set
+CONFIG_AD7766=m
 # CONFIG_AD7780 is not set
 # CONFIG_AD7791 is not set
 # CONFIG_AD7793 is not set
@@ -181,6 +183,7 @@ CONFIG_AR5523=m
 CONFIG_ARC_EMAC=m
 # CONFIG_ARCNET is not set
 # CONFIG_ARM64_PTDUMP is not set
+# CONFIG_ARM64_SW_TTBR0_PAN is not set
 # CONFIG_ARM_ARCH_TIMER_EVTSTREAM is not set
 # CONFIG_ARM_SCPI_PROTOCOL is not set
 # CONFIG_AS3935 is not set
@@ -347,6 +350,7 @@ CONFIG_BAYCOM_SER_HDX=m
 # CONFIG_BCACHE_CLOSURES_DEBUG is not set
 # CONFIG_BCACHE_DEBUG is not set
 CONFIG_BCACHE=m
+# CONFIG_BCM2835_VCHIQ is not set
 CONFIG_BCM63XX_PHY=m
 # CONFIG_BCM7038_WDT is not set
 CONFIG_BCM7XXX_PHY=m
@@ -416,6 +420,10 @@ CONFIG_BLK_DEV_THROTTLING=y
 CONFIG_BLK_DEV_UMEM=m
 CONFIG_BLK_DEV_XPRAM=m
 CONFIG_BLK_DEV=y
+CONFIG_BLK_DEV_ZONED=y
+CONFIG_BLK_WBT_MQ=y
+# CONFIG_BLK_WBT_SQ is not set
+CONFIG_BLK_WBT=y
 # CONFIG_BMA180 is not set
 # CONFIG_BMA220 is not set
 CONFIG_BMC150_ACCEL=m
@@ -691,7 +699,16 @@ CONFIG_CODA_FS=m
 # CONFIG_COMMON_CLK_CDCE706 is not set
 # CONFIG_COMMON_CLK_CDCE925 is not set
 # CONFIG_COMMON_CLK_CS2000_CP is not set
+# CONFIG_COMMON_CLK_HI3516CV300 is not set
 # CONFIG_COMMON_CLK_HI3519 is not set
+# CONFIG_COMMON_CLK_HI3798CV200 is not set
+# CONFIG_COMMON_CLK_MT2701_BDPSYS is not set
+# CONFIG_COMMON_CLK_MT2701_ETHSYS is not set
+# CONFIG_COMMON_CLK_MT2701_HIFSYS is not set
+# CONFIG_COMMON_CLK_MT2701_IMGSYS is not set
+# CONFIG_COMMON_CLK_MT2701 is not set
+# CONFIG_COMMON_CLK_MT2701_MMSYS is not set
+# CONFIG_COMMON_CLK_MT2701_VDECSYS is not set
 # CONFIG_COMMON_CLK_MT8135 is not set
 # CONFIG_COMMON_CLK_MT8173 is not set
 # CONFIG_COMMON_CLK_OXNAS is not set
@@ -842,6 +859,8 @@ CONFIG_CW1200_WLAN_SPI=m
 # CONFIG_CX_ECAT is not set
 CONFIG_CYCLADES=m
 # CONFIG_CYZ_INTR is not set
+CONFIG_DA280=m
+CONFIG_DA311=m
 CONFIG_DASD_DIAG=m
 CONFIG_DASD_ECKD=m
 CONFIG_DASD_EER=y
@@ -942,8 +961,10 @@ CONFIG_DM9102=m
 # CONFIG_DMADEVICES_DEBUG is not set
 CONFIG_DMADEVICES=y
 CONFIG_DMA_ENGINE=y
+# CONFIG_DMA_FENCE_TRACE is not set
 # CONFIG_DMARD06 is not set
 # CONFIG_DMARD09 is not set
+CONFIG_DMARD10=m
 # CONFIG_DMATEST is not set
 CONFIG_DM_CACHE_CLEANER=m
 CONFIG_DM_CACHE=m
@@ -977,6 +998,7 @@ CONFIG_DP83640_PHY=m
 CONFIG_DP83848_PHY=m
 CONFIG_DP83867_PHY=m
 # CONFIG_DPM_WATCHDOG is not set # revisit this in debug
+CONFIG_DPOT_DAC=m
 CONFIG_DRAGONRISE_FF=y
 # CONFIG_DRBD_FAULT_INJECTION is not set
 CONFIG_DRM_AMD_ACP=y
@@ -993,16 +1015,22 @@ CONFIG_DRM_BOCHS=m
 CONFIG_DRM_CIRRUS_QEMU=m # do not enable on f17 or older
 CONFIG_DRM_DP_AUX_CHARDEV=y
 # CONFIG_DRM_DUMB_VGA_DAC is not set
+CONFIG_DRM_DW_HDMI_I2S_AUDIO=m
 CONFIG_DRM_FBDEV_EMULATION=y
+CONFIG_DRM_HISI_HIBMC=m
+CONFIG_DRM_I2C_ADV7511_AUDIO=y
 CONFIG_DRM_I2C_ADV7511=m
 # CONFIG_DRM_I2C_ADV7533 is not set
 CONFIG_DRM_I2C_CH7006=m
 CONFIG_DRM_I2C_NXP_TDA998X=m
 CONFIG_DRM_I2C_SIL164=m
 # CONFIG_DRM_I810 is not set
+# CONFIG_DRM_I915_ALPHA_SUPPORT is not set
+CONFIG_DRM_I915_CAPTURE_ERROR=y
+CONFIG_DRM_I915_COMPRESS_ERROR=y
+CONFIG_DRM_I915_GVT_KVMGT=m
 CONFIG_DRM_I915_GVT=y
 CONFIG_DRM_I915=m
-# CONFIG_DRM_I915_PRELIMINARY_HW_SUPPORT is not set
 CONFIG_DRM_I915_USERPTR=y
 # CONFIG_DRM is not set
 # CONFIG_DRM_LEGACY is not set
@@ -1010,6 +1038,7 @@ CONFIG_DRM_LOAD_EDID_FIRMWARE=y
 # CONFIG_DRM_MALI_DISPLAY is not set
 CONFIG_DRM_MGAG200=m # do not enable on f17 or older
 # CONFIG_DRM_MGA is not set
+CONFIG_DRM_MXSFB=m
 CONFIG_DRM_NOUVEAU_BACKLIGHT=y
 CONFIG_DRM_NOUVEAU=m
 # CONFIG_DRM_NXP_PTN3460 is not set
@@ -1024,8 +1053,10 @@ CONFIG_DRM_RADEON=m
 CONFIG_DRM_RADEON_USERPTR=y
 # CONFIG_DRM_SAVAGE is not set
 # CONFIG_DRM_SII902X is not set
+CONFIG_DRM_SIL_SII8620=m
 # CONFIG_DRM_SIS is not set
 # CONFIG_DRM_TDFX is not set
+CONFIG_DRM_TI_TFP410=m
 # CONFIG_DRM_TOSHIBA_TC358767 is not set
 CONFIG_DRM_UDL=m
 CONFIG_DRM_VGEM=m
@@ -1144,8 +1175,10 @@ CONFIG_EEPROM_AT24=m
 # CONFIG_EEPROM_AT25 is not set
 CONFIG_EEPROM_LEGACY=m
 CONFIG_EEPROM_MAX6875=m
+# CONFIG_EFI_ALLOW_SECURE_BOOT_EXIT is not set
 CONFIG_EFI_PARTITION=y
 # CONFIG_EFI_PGT_DUMP is not set
+# CONFIG_EFI_SECURE_BOOT_LOCK_DOWN is not set
 # CONFIG_EFI_SIGNATURE_LIST_PARSER is not set
 # CONFIG_EFI_TEST is not set
 # CONFIG_EFS_FS is not set
@@ -1157,6 +1190,7 @@ CONFIG_ENABLE_MUST_CHECK=y
 CONFIG_ENCLOSURE_SERVICES=m
 CONFIG_ENCRYPTED_KEYS=m
 CONFIG_ENIC=m
+CONFIG_ENVELOPE_DETECTOR=m
 CONFIG_EPIC100=m
 CONFIG_EPOLL=y
 CONFIG_EQUALIZER=m
@@ -1289,7 +1323,6 @@ CONFIG_FCOE_FNIC=m
 # CONFIG_FCOE is not set
 # CONFIG_FDDI is not set
 CONFIG_FEALNX=m
-# CONFIG_FENCE_TRACE is not set
 CONFIG_FHANDLE=y
 # CONFIG_FIREWIRE is not set
 CONFIG_FIREWIRE_NET=m
@@ -1583,10 +1616,12 @@ CONFIG_HOTPLUG=y
 # CONFIG_HSR is not set
 # CONFIG_HSU_DMA is not set
 # CONFIG_HSU_DMA_PCI is not set
+CONFIG_HT16K33=m
 # CONFIG_HTC_EGPIO is not set
 # CONFIG_HTC_I2CPLD is not set
 # CONFIG_HTC_PASIC3 is not set
 CONFIG_HT_IRQ=y
+CONFIG_HTS221=m
 # CONFIG_HTU21 is not set
 CONFIG_HUGETLBFS=y
 CONFIG_HUGETLB_PAGE=y
@@ -1704,6 +1739,9 @@ CONFIG_IIO_BUFFER_CB=y
 CONFIG_IIO_BUFFER=y
 CONFIG_IIO_CONFIGFS=m
 CONFIG_IIO_CONSUMERS_PER_TRIGGER=2
+CONFIG_IIO_CROS_EC_SENSORS_CORE=m
+CONFIG_IIO_CROS_EC_SENSORS_COR=m
+CONFIG_IIO_CROS_EC_SENSORS=m
 # CONFIG_IIO_HRTIMER_TRIGGER is not set
 CONFIG_IIO_INTERRUPT_TRIGGER=m
 # CONFIG_IIO_KFIFO_BUF is not set
@@ -1824,6 +1862,8 @@ CONFIG_INPUT_MPU3050=m
 CONFIG_INPUT_PCF50633_PMU=m
 # CONFIG_INPUT_PCF8574 is not set
 CONFIG_INPUT_PCSPKR=m
+CONFIG_INPUT_PM8XXX_VIBRATOR=m
+CONFIG_INPUT_PMIC8XXX_PWRKEY=m
 CONFIG_INPUT_POLLDEV=m
 CONFIG_INPUT_POWERMATE=m
 # CONFIG_INPUT_PWM_BEEPER is not set
@@ -2163,6 +2203,7 @@ CONFIG_KEYBOARD_ATKBD=y
 # CONFIG_KEYBOARD_NEWTON is not set
 # CONFIG_KEYBOARD_OMAP4 is not set
 # CONFIG_KEYBOARD_OPENCORES is not set
+CONFIG_KEYBOARD_PMIC8XXX=m
 # CONFIG_KEYBOARD_QT1070 is not set
 # CONFIG_KEYBOARD_QT2160 is not set
 # CONFIG_KEYBOARD_SAMSUNG is not set
@@ -2255,6 +2296,7 @@ CONFIG_LEDS_LP3952=m
 CONFIG_LEDS_LT3593=m
 CONFIG_LEDS_MLXCPLD=m
 # CONFIG_LEDS_NET48XX is not set
+CONFIG_LEDS_NIC78BX=m
 # CONFIG_LEDS_OT200 is not set
 # CONFIG_LEDS_PCA9532 is not set
 # CONFIG_LEDS_PCA955X is not set
@@ -2279,6 +2321,7 @@ CONFIG_LEDS_TRIGGER_PANIC=y
 CONFIG_LEDS_TRIGGERS=y
 CONFIG_LEDS_TRIGGER_TIMER=m
 CONFIG_LEDS_TRIGGER_TRANSIENT=m
+CONFIG_LEDS_USER=m
 CONFIG_LEDS_WM831X_STATUS=m
 CONFIG_LEDS_WM8350=m
 CONFIG_LED_TRIGGER_PHY=y
@@ -2318,10 +2361,12 @@ CONFIG_LITELINK_DONGLE=m
 # CONFIG_LKDTM is not set
 # CONFIG_LLC2 is not set
 CONFIG_LLC=m
+CONFIG_LMP91000=m
 # CONFIG_LNET is not set
 CONFIG_LOCALVERSION=""
 # CONFIG_LOCALVERSION_AUTO is not set
 CONFIG_LOCKD=m
+# CONFIG_LOCK_DOWN_KERNEL is not set
 CONFIG_LOCKD_V4=y
 # CONFIG_LOCK_STAT is not set
 # CONFIG_LOCK_TORTURE_TEST is not set
@@ -2503,6 +2548,7 @@ CONFIG_MESSAGE_LOGLEVEL_DEFAULT=4
 # CONFIG_MFD_MT6397 is not set
 # CONFIG_MFD_PALMAS is not set
 # CONFIG_MFD_PCF50633 is not set
+CONFIG_MFD_PM8XXX=m
 # CONFIG_MFD_RDC321X is not set
 # CONFIG_MFD_RETU is not set
 # CONFIG_MFD_RK808 is not set
@@ -2600,6 +2646,7 @@ CONFIG_MMC_REALTEK_PCI=m
 CONFIG_MMC_REALTEK_USB=m
 CONFIG_MMC_RICOH_MMC=y
 CONFIG_MMC_SDHCI_ACPI=m
+CONFIG_MMC_SDHCI_CADENCE=m
 # CONFIG_MMC_SDHCI_F_SDH30 is not set
 CONFIG_MMC_SDHCI=m
 # CONFIG_MMC_SDHCI_OF_ARASAN is not set
@@ -2662,11 +2709,13 @@ CONFIG_MOVABLE_NODE=y
 # CONFIG_MPL3115 is not set
 CONFIG_MPLS_IPTUNNEL=m
 CONFIG_MPLS_ROUTING=m
+# CONFIG_MPU3050_I2C is not set
 # CONFIG_MS5611 is not set
 # CONFIG_MS5637 is not set
 # CONFIG_MS_BLOCK is not set
 CONFIG_MSDOS_FS=m
 CONFIG_MSDOS_PARTITION=y
+# CONFIG_MSM_GCC_8994 is not set
 CONFIG_MSPRO_BLOCK=m
 CONFIG_MT7601U=m
 # CONFIG_MTD_ABSENT is not set
@@ -3229,8 +3278,11 @@ CONFIG_NSC_FIR=m
 # CONFIG_NTFS_FS is not set
 CONFIG_NTP_PPS=y
 # CONFIG_NUMA is not set
+CONFIG_NVME_FC=m
 # CONFIG_NVMEM is not set
 CONFIG_NVME_RDMA=m
+CONFIG_NVME_TARGET_FCLOOP=m
+CONFIG_NVME_TARGET_FC=m
 CONFIG_NVME_TARGET_LOOP=m
 CONFIG_NVME_TARGET=m
 CONFIG_NVME_TARGET_RDMA=m
@@ -3392,6 +3444,8 @@ CONFIG_PFAULT=y
 CONFIG_PID_NS=y
 # CONFIG_PINCONF is not set
 # CONFIG_PINCTRL is not set
+CONFIG_PINCTRL_MSM8994=m
+# CONFIG_PINCTRL_SX150X is not set
 # CONFIG_PINMUX is not set
 CONFIG_PKCS7_MESSAGE_PARSER=y
 # CONFIG_PKCS7_TEST_KEY is not set
@@ -3475,6 +3529,9 @@ CONFIG_PTP_1588_CLOCK_PCH=m
 CONFIG_PWM=y
 # CONFIG_PWRSEQ_EMMC is not set
 # CONFIG_PWRSEQ_SIMPLE is not set
+CONFIG_QCOM_ADSP_PIL=m
+# CONFIG_QCOM_CLK_RPM is not set
+# CONFIG_QCOM_CLK_SMD_RPM is not set
 # CONFIG_QCOM_EBI2 is not set
 # CONFIG_QCOM_HIDMA is not set
 # CONFIG_QCOM_HIDMA_MGMT is not set
@@ -3581,6 +3638,7 @@ CONFIG_REISERFS_FS_SECURITY=y
 CONFIG_REISERFS_FS_XATTR=y
 CONFIG_REISERFS_PROC_INFO=y
 CONFIG_RELAY=y
+CONFIG_REMOTEPROC=m
 # CONFIG_RFD_FTL is not set
 CONFIG_RFKILL_GPIO=m
 CONFIG_RFKILL_INPUT=y
@@ -3680,6 +3738,7 @@ CONFIG_RTC_DRV_PCF85063=m
 CONFIG_RTC_DRV_PCF8523=m
 CONFIG_RTC_DRV_PCF8563=m
 CONFIG_RTC_DRV_PCF8583=m
+CONFIG_RTC_DRV_PM8XXX=m
 CONFIG_RTC_DRV_R9701=m
 CONFIG_RTC_DRV_RP5C01=m
 CONFIG_RTC_DRV_RS5C348=m
@@ -3796,6 +3855,7 @@ CONFIG_SCLP_VT220_TTY=y
 CONFIG_SCM_BLOCK_CLUSTER_WRITE=y
 CONFIG_SCM_BLOCK=m
 CONFIG_SCM_BUS=y
+# CONFIG_SCR24X is not set
 CONFIG_SCSI_3W_9XXX=m
 CONFIG_SCSI_3W_SAS=m
 CONFIG_SCSI_AACRAID=m
@@ -4050,10 +4110,12 @@ CONFIG_SENSORS_SIS5595=m
 CONFIG_SENSORS_SMSC47B397=m
 CONFIG_SENSORS_SMSC47M192=m
 CONFIG_SENSORS_SMSC47M1=m
+CONFIG_SENSORS_TC654=m
 CONFIG_SENSORS_TC74=m
 CONFIG_SENSORS_THMC50=m
 CONFIG_SENSORS_TMP102=m
 CONFIG_SENSORS_TMP103=m
+CONFIG_SENSORS_TMP108=m
 CONFIG_SENSORS_TMP401=m
 CONFIG_SENSORS_TMP421=m
 CONFIG_SENSORS_TPS40422=m
@@ -4443,11 +4505,13 @@ CONFIG_SOUND_OSS_CORE_PRECLAIM=y
 CONFIG_SPARSE_RCU_POINTER=y
 # CONFIG_SPEAKUP is not set
 # CONFIG_SPI_ALTERA is not set
+CONFIG_SPI_ARMADA_3700=m
 # CONFIG_SPI_AXI_SPI_ENGINE is not set
 # CONFIG_SPI_BITBANG is not set
 # CONFIG_SPI_BUTTERFLY is not set
 # CONFIG_SPI_DEBUG is not set
 # CONFIG_SPI_DESIGNWARE is not set
+CONFIG_SPI_FSL_LPSPI=m
 # CONFIG_SPI_FSL_SPI is not set
 # CONFIG_SPI_GPIO is not set
 # CONFIG_SPI is not set
@@ -4503,6 +4567,7 @@ CONFIG_STMMAC_ETH=m
 CONFIG_STRICT_DEVMEM=y
 CONFIG_STRIP_ASM_SYMS=y
 # CONFIG_STRIP is not set
+# CONFIG_SUN50I_A64_CCU is not set
 # CONFIG_SUN6I_A31_CCU is not set
 # CONFIG_SUN8I_A23_CCU is not set
 # CONFIG_SUN8I_A33_CCU is not set
@@ -4597,6 +4662,7 @@ CONFIG_TEHUTI=m
 CONFIG_TEKRAM_DONGLE=m
 CONFIG_TELCLOCK=m
 CONFIG_TERANETICS_PHY=m
+CONFIG_TEST_ASYNC_DRIVER_PROBE=m
 # CONFIG_TEST_BITMAP is not set
 # CONFIG_TEST_BPF is not set
 # CONFIG_TEST_FIRMWARE is not set
@@ -4771,6 +4837,7 @@ CONFIG_UHID=m
 CONFIG_UIO_AEC=m
 CONFIG_UIO_CIF=m
 # CONFIG_UIO_DMEM_GENIRQ is not set
+CONFIG_UIO_HV_GENERIC=m
 CONFIG_UIO=m
 # CONFIG_UIO_MF624 is not set
 # CONFIG_UIO_NETX is not set
@@ -4984,6 +5051,7 @@ CONFIG_USB_SERIAL_EDGEPORT=m
 CONFIG_USB_SERIAL_EDGEPORT_TI=m
 CONFIG_USB_SERIAL_EMPEG=m
 # CONFIG_USB_SERIAL_F81232 is not set
+CONFIG_USB_SERIAL_F8153X=m
 CONFIG_USB_SERIAL_FTDI_SIO=m
 CONFIG_USB_SERIAL_GARMIN=m
 CONFIG_USB_SERIAL_GENERIC=y
@@ -5111,6 +5179,8 @@ CONFIG_VETH=m
 CONFIG_VFAT_FS=m
 CONFIG_VFIO_IOMMU_TYPE1=m
 CONFIG_VFIO=m
+CONFIG_VFIO_MDEV_DEVICE=m
+CONFIG_VFIO_MDEV=m
 # CONFIG_VFIO_NOIOMMU is not set
 CONFIG_VFIO_PCI=m
 CONFIG_VGA_ARB_MAX_GPUS=16
diff --git a/kernel-x86_64-debug.config b/kernel-x86_64-debug.config
index d975b1685..95af68157 100644
--- a/kernel-x86_64-debug.config
+++ b/kernel-x86_64-debug.config
@@ -33,6 +33,7 @@ CONFIG_9P_FS_SECURITY=y
 CONFIG_A11Y_BRAILLE_CONSOLE=y
 # CONFIG_AB3100_CORE is not set
 # CONFIG_AB3100_OTP is not set
+CONFIG_ABP060MG=m
 # CONFIG_ABX500_CORE is not set
 CONFIG_ACCESSIBILITY=y
 CONFIG_ACENIC=m
@@ -116,6 +117,7 @@ CONFIG_ACTISYS_DONGLE=m
 # CONFIG_AD7476 is not set
 # CONFIG_AD7606 is not set
 # CONFIG_AD7746 is not set
+CONFIG_AD7766=m
 # CONFIG_AD7780 is not set
 # CONFIG_AD7791 is not set
 # CONFIG_AD7793 is not set
@@ -222,6 +224,7 @@ CONFIG_ARC_EMAC=m
 # CONFIG_ARCH_MEMORY_PROBE is not set
 # CONFIG_ARCNET is not set
 CONFIG_ARM64_PTDUMP=y
+# CONFIG_ARM64_SW_TTBR0_PAN is not set
 # CONFIG_ARM_ARCH_TIMER_EVTSTREAM is not set
 # CONFIG_ARM_SCPI_PROTOCOL is not set
 # CONFIG_AS3935 is not set
@@ -394,6 +397,7 @@ CONFIG_BAYCOM_SER_HDX=m
 # CONFIG_BCACHE_CLOSURES_DEBUG is not set
 # CONFIG_BCACHE_DEBUG is not set
 CONFIG_BCACHE=m
+# CONFIG_BCM2835_VCHIQ is not set
 CONFIG_BCM63XX_PHY=m
 # CONFIG_BCM7038_WDT is not set
 CONFIG_BCM7XXX_PHY=m
@@ -469,6 +473,10 @@ CONFIG_BLK_DEV_THROTTLING=y
 # CONFIG_BLK_DEV_UB is not set
 CONFIG_BLK_DEV_UMEM=m
 CONFIG_BLK_DEV=y
+CONFIG_BLK_DEV_ZONED=y
+CONFIG_BLK_WBT_MQ=y
+# CONFIG_BLK_WBT_SQ is not set
+CONFIG_BLK_WBT=y
 # CONFIG_BMA180 is not set
 # CONFIG_BMA220 is not set
 CONFIG_BMC150_ACCEL=m
@@ -747,7 +755,16 @@ CONFIG_CODA_FS=m
 # CONFIG_COMMON_CLK_CDCE706 is not set
 # CONFIG_COMMON_CLK_CDCE925 is not set
 # CONFIG_COMMON_CLK_CS2000_CP is not set
+# CONFIG_COMMON_CLK_HI3516CV300 is not set
 # CONFIG_COMMON_CLK_HI3519 is not set
+# CONFIG_COMMON_CLK_HI3798CV200 is not set
+# CONFIG_COMMON_CLK_MT2701_BDPSYS is not set
+# CONFIG_COMMON_CLK_MT2701_ETHSYS is not set
+# CONFIG_COMMON_CLK_MT2701_HIFSYS is not set
+# CONFIG_COMMON_CLK_MT2701_IMGSYS is not set
+# CONFIG_COMMON_CLK_MT2701 is not set
+# CONFIG_COMMON_CLK_MT2701_MMSYS is not set
+# CONFIG_COMMON_CLK_MT2701_VDECSYS is not set
 # CONFIG_COMMON_CLK_MT8135 is not set
 # CONFIG_COMMON_CLK_MT8173 is not set
 # CONFIG_COMMON_CLK_OXNAS is not set
@@ -935,6 +952,8 @@ CONFIG_CW1200_WLAN_SPI=m
 # CONFIG_CX_ECAT is not set
 CONFIG_CYCLADES=m
 # CONFIG_CYZ_INTR is not set
+CONFIG_DA280=m
+CONFIG_DA311=m
 CONFIG_DAVICOM_PHY=m
 CONFIG_DCB=y
 CONFIG_DCDBAS=m
@@ -1053,8 +1072,10 @@ CONFIG_DMADEVICES_DEBUG=y
 # CONFIG_DMADEVICES_VDEBUG is not set
 CONFIG_DMADEVICES=y
 CONFIG_DMA_ENGINE=y
+# CONFIG_DMA_FENCE_TRACE is not set
 # CONFIG_DMARD06 is not set
 # CONFIG_DMARD09 is not set
+CONFIG_DMARD10=m
 # CONFIG_DMATEST is not set
 CONFIG_DM_CACHE_CLEANER=m
 CONFIG_DM_CACHE=m
@@ -1090,6 +1111,7 @@ CONFIG_DP83640_PHY=m
 CONFIG_DP83848_PHY=m
 CONFIG_DP83867_PHY=m
 # CONFIG_DPM_WATCHDOG is not set # revisit this in debug
+CONFIG_DPOT_DAC=m
 CONFIG_DPTF_POWER=m
 CONFIG_DRAGONRISE_FF=y
 CONFIG_DRBD_FAULT_INJECTION=y
@@ -1107,19 +1129,25 @@ CONFIG_DRM_BOCHS=m
 CONFIG_DRM_CIRRUS_QEMU=m # do not enable on f17 or older
 CONFIG_DRM_DP_AUX_CHARDEV=y
 # CONFIG_DRM_DUMB_VGA_DAC is not set
+CONFIG_DRM_DW_HDMI_I2S_AUDIO=m
 CONFIG_DRM_FBDEV_EMULATION=y
 CONFIG_DRM_GMA3600=y
 CONFIG_DRM_GMA500=m
 # CONFIG_DRM_GMA600 is not set
+CONFIG_DRM_HISI_HIBMC=m
+CONFIG_DRM_I2C_ADV7511_AUDIO=y
 CONFIG_DRM_I2C_ADV7511=m
 # CONFIG_DRM_I2C_ADV7533 is not set
 CONFIG_DRM_I2C_CH7006=m
 CONFIG_DRM_I2C_NXP_TDA998X=m
 CONFIG_DRM_I2C_SIL164=m
 # CONFIG_DRM_I810 is not set
+# CONFIG_DRM_I915_ALPHA_SUPPORT is not set
+CONFIG_DRM_I915_CAPTURE_ERROR=y
+CONFIG_DRM_I915_COMPRESS_ERROR=y
+CONFIG_DRM_I915_GVT_KVMGT=m
 CONFIG_DRM_I915_GVT=y
 CONFIG_DRM_I915=m
-# CONFIG_DRM_I915_PRELIMINARY_HW_SUPPORT is not set
 CONFIG_DRM_I915_USERPTR=y
 # CONFIG_DRM_LEGACY is not set
 CONFIG_DRM_LOAD_EDID_FIRMWARE=y
@@ -1127,6 +1155,7 @@ CONFIG_DRM=m
 # CONFIG_DRM_MALI_DISPLAY is not set
 CONFIG_DRM_MGAG200=m # do not enable on f17 or older
 # CONFIG_DRM_MGA is not set
+CONFIG_DRM_MXSFB=m
 CONFIG_DRM_NOUVEAU_BACKLIGHT=y
 CONFIG_DRM_NOUVEAU=m
 # CONFIG_DRM_NXP_PTN3460 is not set
@@ -1144,8 +1173,10 @@ CONFIG_DRM_RADEON=m
 CONFIG_DRM_RADEON_USERPTR=y
 # CONFIG_DRM_SAVAGE is not set
 # CONFIG_DRM_SII902X is not set
+CONFIG_DRM_SIL_SII8620=m
 # CONFIG_DRM_SIS is not set
 # CONFIG_DRM_TDFX is not set
+CONFIG_DRM_TI_TFP410=m
 # CONFIG_DRM_TOSHIBA_TC358767 is not set
 CONFIG_DRM_UDL=m
 CONFIG_DRM_VGEM=m
@@ -1292,6 +1323,7 @@ CONFIG_EEPROM_AT24=m
 # CONFIG_EEPROM_AT25 is not set
 CONFIG_EEPROM_LEGACY=m
 CONFIG_EEPROM_MAX6875=m
+CONFIG_EFI_ALLOW_SECURE_BOOT_EXIT=y
 # CONFIG_EFI_BOOTLOADER_CONTROL is not set
 # CONFIG_EFI_CAPSULE_LOADER is not set
 # CONFIG_EFI_FAKE_MEMMAP is not set
@@ -1300,6 +1332,7 @@ CONFIG_EFI_PARTITION=y
 CONFIG_EFI_PCDP=y
 CONFIG_EFI_PGT_DUMP=y
 CONFIG_EFI_RUNTIME_MAP=y
+CONFIG_EFI_SECURE_BOOT_LOCK_DOWN=y
 CONFIG_EFI_SECURE_BOOT_SIG_ENFORCE=y
 CONFIG_EFI_SIGNATURE_LIST_PARSER=y
 CONFIG_EFI_STUB=y
@@ -1318,6 +1351,7 @@ CONFIG_ENABLE_MUST_CHECK=y
 CONFIG_ENCLOSURE_SERVICES=m
 CONFIG_ENCRYPTED_KEYS=m
 CONFIG_ENIC=m
+CONFIG_ENVELOPE_DETECTOR=m
 CONFIG_EPIC100=m
 CONFIG_EPOLL=y
 CONFIG_EQUALIZER=m
@@ -1460,7 +1494,6 @@ CONFIG_FCOE_FNIC=m
 CONFIG_FCOE=m
 # CONFIG_FDDI is not set
 CONFIG_FEALNX=m
-# CONFIG_FENCE_TRACE is not set
 CONFIG_FHANDLE=y
 CONFIG_FIREWIRE=m
 CONFIG_FIREWIRE_NET=m
@@ -1783,10 +1816,12 @@ CONFIG_HSA_AMD=m
 # CONFIG_HSR is not set
 # CONFIG_HSU_DMA is not set
 # CONFIG_HSU_DMA_PCI is not set
+CONFIG_HT16K33=m
 # CONFIG_HTC_EGPIO is not set
 # CONFIG_HTC_I2CPLD is not set
 # CONFIG_HTC_PASIC3 is not set
 CONFIG_HT_IRQ=y
+CONFIG_HTS221=m
 # CONFIG_HTU21 is not set
 CONFIG_HUGETLBFS=y
 CONFIG_HUGETLB_PAGE=y
@@ -1924,6 +1959,9 @@ CONFIG_IIO_BUFFER_CB=y
 CONFIG_IIO_BUFFER=y
 CONFIG_IIO_CONFIGFS=m
 CONFIG_IIO_CONSUMERS_PER_TRIGGER=2
+CONFIG_IIO_CROS_EC_SENSORS_CORE=m
+CONFIG_IIO_CROS_EC_SENSORS_COR=m
+CONFIG_IIO_CROS_EC_SENSORS=m
 # CONFIG_IIO_HRTIMER_TRIGGER is not set
 CONFIG_IIO_INTERRUPT_TRIGGER=m
 # CONFIG_IIO_KFIFO_BUF is not set
@@ -2044,6 +2082,8 @@ CONFIG_INPUT_MPU3050=m
 CONFIG_INPUT_PCF50633_PMU=m
 # CONFIG_INPUT_PCF8574 is not set
 CONFIG_INPUT_PCSPKR=m
+CONFIG_INPUT_PM8XXX_VIBRATOR=m
+CONFIG_INPUT_PMIC8XXX_PWRKEY=m
 CONFIG_INPUT_POLLDEV=m
 CONFIG_INPUT_POWERMATE=m
 # CONFIG_INPUT_PWM_BEEPER is not set
@@ -2435,6 +2475,7 @@ CONFIG_KEYBOARD_GPIO=m
 # CONFIG_KEYBOARD_NEWTON is not set
 # CONFIG_KEYBOARD_OMAP4 is not set
 # CONFIG_KEYBOARD_OPENCORES is not set
+CONFIG_KEYBOARD_PMIC8XXX=m
 # CONFIG_KEYBOARD_QT1070 is not set
 # CONFIG_KEYBOARD_QT2160 is not set
 # CONFIG_KEYBOARD_SAMSUNG is not set
@@ -2531,6 +2572,7 @@ CONFIG_LEDS_LP3952=m
 CONFIG_LEDS_LT3593=m
 CONFIG_LEDS_MLXCPLD=m
 # CONFIG_LEDS_NET48XX is not set
+CONFIG_LEDS_NIC78BX=m
 # CONFIG_LEDS_OT200 is not set
 # CONFIG_LEDS_PCA9532 is not set
 # CONFIG_LEDS_PCA955X is not set
@@ -2555,6 +2597,7 @@ CONFIG_LEDS_TRIGGER_PANIC=y
 CONFIG_LEDS_TRIGGERS=y
 CONFIG_LEDS_TRIGGER_TIMER=m
 CONFIG_LEDS_TRIGGER_TRANSIENT=m
+CONFIG_LEDS_USER=m
 CONFIG_LEDS_WM831X_STATUS=m
 CONFIG_LEDS_WM8350=m
 CONFIG_LED_TRIGGER_PHY=y
@@ -2596,10 +2639,12 @@ CONFIG_LITELINK_DONGLE=m
 # CONFIG_LKDTM is not set
 # CONFIG_LLC2 is not set
 CONFIG_LLC=m
+CONFIG_LMP91000=m
 # CONFIG_LNET is not set
 CONFIG_LOCALVERSION=""
 # CONFIG_LOCALVERSION_AUTO is not set
 CONFIG_LOCKD=m
+CONFIG_LOCK_DOWN_KERNEL=y
 CONFIG_LOCKD_V4=y
 CONFIG_LOCK_STAT=y
 CONFIG_LOCK_TORTURE_TEST=m
@@ -2790,6 +2835,7 @@ CONFIG_MFD_INTEL_LPSS_PCI=m
 # CONFIG_MFD_MT6397 is not set
 # CONFIG_MFD_PALMAS is not set
 # CONFIG_MFD_PCF50633 is not set
+CONFIG_MFD_PM8XXX=m
 # CONFIG_MFD_RC5T583 is not set
 # CONFIG_MFD_RDC321X is not set
 # CONFIG_MFD_RETU is not set
@@ -2896,6 +2942,7 @@ CONFIG_MMC_REALTEK_PCI=m
 CONFIG_MMC_REALTEK_USB=m
 CONFIG_MMC_RICOH_MMC=y
 CONFIG_MMC_SDHCI_ACPI=m
+CONFIG_MMC_SDHCI_CADENCE=m
 # CONFIG_MMC_SDHCI_F_SDH30 is not set
 CONFIG_MMC_SDHCI=m
 # CONFIG_MMC_SDHCI_OF_ARASAN is not set
@@ -2960,6 +3007,7 @@ CONFIG_MPILIB=y
 CONFIG_MPLS_IPTUNNEL=m
 CONFIG_MPLS_ROUTING=m
 # CONFIG_MPSC is not set
+# CONFIG_MPU3050_I2C is not set
 # CONFIG_MS5611 is not set
 # CONFIG_MS5637 is not set
 # CONFIG_MS_BLOCK is not set
@@ -2967,6 +3015,7 @@ CONFIG_MSDOS_FS=m
 CONFIG_MSDOS_PARTITION=y
 CONFIG_MSI_LAPTOP=m
 CONFIG_MSI_WMI=m
+# CONFIG_MSM_GCC_8994 is not set
 CONFIG_MSPRO_BLOCK=m
 CONFIG_MT7601U=m
 # CONFIG_MTD_ABSENT is not set
@@ -3559,8 +3608,11 @@ CONFIG_NUMA_BALANCING=y
 CONFIG_NUMA=y
 CONFIG_NVDIMM_DAX=y
 CONFIG_NVDIMM_PFN=y
+CONFIG_NVME_FC=m
 # CONFIG_NVMEM is not set
 CONFIG_NVME_RDMA=m
+CONFIG_NVME_TARGET_FCLOOP=m
+CONFIG_NVME_TARGET_FC=m
 CONFIG_NVME_TARGET_LOOP=m
 CONFIG_NVME_TARGET=m
 CONFIG_NVME_TARGET_RDMA=m
@@ -3742,7 +3794,9 @@ CONFIG_PID_NS=y
 CONFIG_PINCTRL_BAYTRAIL=y
 CONFIG_PINCTRL_BROXTON=m
 CONFIG_PINCTRL_CHERRYVIEW=y
+CONFIG_PINCTRL_MSM8994=m
 CONFIG_PINCTRL_SUNRISEPOINT=m
+# CONFIG_PINCTRL_SX150X is not set
 CONFIG_PINCTRL=y
 # CONFIG_PINMUX is not set
 CONFIG_PKCS7_MESSAGE_PARSER=y
@@ -3840,6 +3894,9 @@ CONFIG_PWM_LPSS_PLATFORM=m
 CONFIG_PWM=y
 # CONFIG_PWRSEQ_EMMC is not set
 # CONFIG_PWRSEQ_SIMPLE is not set
+CONFIG_QCOM_ADSP_PIL=m
+# CONFIG_QCOM_CLK_RPM is not set
+# CONFIG_QCOM_CLK_SMD_RPM is not set
 # CONFIG_QCOM_EBI2 is not set
 # CONFIG_QCOM_HIDMA is not set
 # CONFIG_QCOM_HIDMA_MGMT is not set
@@ -3945,6 +4002,7 @@ CONFIG_REISERFS_FS_XATTR=y
 CONFIG_REISERFS_PROC_INFO=y
 CONFIG_RELAY=y
 CONFIG_RELOCATABLE=y
+CONFIG_REMOTEPROC=m
 # CONFIG_RFD_FTL is not set
 CONFIG_RFKILL_GPIO=m
 CONFIG_RFKILL_INPUT=y
@@ -4044,6 +4102,7 @@ CONFIG_RTC_DRV_PCF85063=m
 CONFIG_RTC_DRV_PCF8523=m
 CONFIG_RTC_DRV_PCF8563=m
 CONFIG_RTC_DRV_PCF8583=m
+CONFIG_RTC_DRV_PM8XXX=m
 CONFIG_RTC_DRV_R9701=m
 CONFIG_RTC_DRV_RP5C01=m
 CONFIG_RTC_DRV_RS5C348=m
@@ -4145,6 +4204,7 @@ CONFIG_SCHEDSTATS=y
 CONFIG_SCHED_TRACER=y
 CONFIG_SCIF_BUS=m
 CONFIG_SCIF=m
+# CONFIG_SCR24X is not set
 CONFIG_SCSI_3W_9XXX=m
 CONFIG_SCSI_3W_SAS=m
 CONFIG_SCSI_AACRAID=m
@@ -4413,10 +4473,12 @@ CONFIG_SENSORS_SIS5595=m
 CONFIG_SENSORS_SMSC47B397=m
 CONFIG_SENSORS_SMSC47M192=m
 CONFIG_SENSORS_SMSC47M1=m
+CONFIG_SENSORS_TC654=m
 CONFIG_SENSORS_TC74=m
 CONFIG_SENSORS_THMC50=m
 CONFIG_SENSORS_TMP102=m
 CONFIG_SENSORS_TMP103=m
+CONFIG_SENSORS_TMP108=m
 CONFIG_SENSORS_TMP401=m
 CONFIG_SENSORS_TMP421=m
 CONFIG_SENSORS_TPS40422=m
@@ -4842,12 +4904,14 @@ CONFIG_SPARSEMEM=y
 CONFIG_SPARSE_RCU_POINTER=y
 # CONFIG_SPEAKUP is not set
 # CONFIG_SPI_ALTERA is not set
+CONFIG_SPI_ARMADA_3700=m
 # CONFIG_SPI_AXI_SPI_ENGINE is not set
 # CONFIG_SPI_BITBANG is not set
 # CONFIG_SPI_BUTTERFLY is not set
 # CONFIG_SPI_CADENCE is not set
 # CONFIG_SPI_DEBUG is not set
 # CONFIG_SPI_DESIGNWARE is not set
+CONFIG_SPI_FSL_LPSPI=m
 # CONFIG_SPI_FSL_SPI is not set
 # CONFIG_SPI_GPIO is not set
 # CONFIG_SPI_LM70_LLP is not set
@@ -4905,6 +4969,7 @@ CONFIG_STMMAC_ETH=m
 CONFIG_STRICT_DEVMEM=y
 CONFIG_STRIP_ASM_SYMS=y
 # CONFIG_STRIP is not set
+# CONFIG_SUN50I_A64_CCU is not set
 # CONFIG_SUN6I_A31_CCU is not set
 # CONFIG_SUN8I_A23_CCU is not set
 # CONFIG_SUN8I_A33_CCU is not set
@@ -5002,6 +5067,7 @@ CONFIG_TEHUTI=m
 CONFIG_TEKRAM_DONGLE=m
 CONFIG_TELCLOCK=m
 CONFIG_TERANETICS_PHY=m
+CONFIG_TEST_ASYNC_DRIVER_PROBE=m
 # CONFIG_TEST_BITMAP is not set
 # CONFIG_TEST_BPF is not set
 # CONFIG_TEST_FIRMWARE is not set
@@ -5183,6 +5249,7 @@ CONFIG_UID16=y
 CONFIG_UIO_AEC=m
 CONFIG_UIO_CIF=m
 # CONFIG_UIO_DMEM_GENIRQ is not set
+CONFIG_UIO_HV_GENERIC=m
 CONFIG_UIO=m
 # CONFIG_UIO_MF624 is not set
 # CONFIG_UIO_NETX is not set
@@ -5396,6 +5463,7 @@ CONFIG_USB_SERIAL_EDGEPORT=m
 CONFIG_USB_SERIAL_EDGEPORT_TI=m
 CONFIG_USB_SERIAL_EMPEG=m
 # CONFIG_USB_SERIAL_F81232 is not set
+CONFIG_USB_SERIAL_F8153X=m
 CONFIG_USB_SERIAL_FTDI_SIO=m
 CONFIG_USB_SERIAL_GARMIN=m
 CONFIG_USB_SERIAL_GENERIC=y
@@ -5524,6 +5592,8 @@ CONFIG_VETH=m
 CONFIG_VFAT_FS=m
 CONFIG_VFIO_IOMMU_TYPE1=m
 CONFIG_VFIO=m
+CONFIG_VFIO_MDEV_DEVICE=m
+CONFIG_VFIO_MDEV=m
 # CONFIG_VFIO_NOIOMMU is not set
 CONFIG_VFIO_PCI=m
 CONFIG_VFIO_PCI_VGA=y
diff --git a/kernel-x86_64.config b/kernel-x86_64.config
index 2377c1872..3e52ba25b 100644
--- a/kernel-x86_64.config
+++ b/kernel-x86_64.config
@@ -33,6 +33,7 @@ CONFIG_9P_FS_SECURITY=y
 CONFIG_A11Y_BRAILLE_CONSOLE=y
 # CONFIG_AB3100_CORE is not set
 # CONFIG_AB3100_OTP is not set
+CONFIG_ABP060MG=m
 # CONFIG_ABX500_CORE is not set
 CONFIG_ACCESSIBILITY=y
 CONFIG_ACENIC=m
@@ -116,6 +117,7 @@ CONFIG_ACTISYS_DONGLE=m
 # CONFIG_AD7476 is not set
 # CONFIG_AD7606 is not set
 # CONFIG_AD7746 is not set
+CONFIG_AD7766=m
 # CONFIG_AD7780 is not set
 # CONFIG_AD7791 is not set
 # CONFIG_AD7793 is not set
@@ -222,6 +224,7 @@ CONFIG_ARC_EMAC=m
 # CONFIG_ARCH_MEMORY_PROBE is not set
 # CONFIG_ARCNET is not set
 # CONFIG_ARM64_PTDUMP is not set
+# CONFIG_ARM64_SW_TTBR0_PAN is not set
 # CONFIG_ARM_ARCH_TIMER_EVTSTREAM is not set
 # CONFIG_ARM_SCPI_PROTOCOL is not set
 # CONFIG_AS3935 is not set
@@ -394,6 +397,7 @@ CONFIG_BAYCOM_SER_HDX=m
 # CONFIG_BCACHE_CLOSURES_DEBUG is not set
 # CONFIG_BCACHE_DEBUG is not set
 CONFIG_BCACHE=m
+# CONFIG_BCM2835_VCHIQ is not set
 CONFIG_BCM63XX_PHY=m
 # CONFIG_BCM7038_WDT is not set
 CONFIG_BCM7XXX_PHY=m
@@ -469,6 +473,10 @@ CONFIG_BLK_DEV_THROTTLING=y
 # CONFIG_BLK_DEV_UB is not set
 CONFIG_BLK_DEV_UMEM=m
 CONFIG_BLK_DEV=y
+CONFIG_BLK_DEV_ZONED=y
+CONFIG_BLK_WBT_MQ=y
+# CONFIG_BLK_WBT_SQ is not set
+CONFIG_BLK_WBT=y
 # CONFIG_BMA180 is not set
 # CONFIG_BMA220 is not set
 CONFIG_BMC150_ACCEL=m
@@ -747,7 +755,16 @@ CONFIG_CODA_FS=m
 # CONFIG_COMMON_CLK_CDCE706 is not set
 # CONFIG_COMMON_CLK_CDCE925 is not set
 # CONFIG_COMMON_CLK_CS2000_CP is not set
+# CONFIG_COMMON_CLK_HI3516CV300 is not set
 # CONFIG_COMMON_CLK_HI3519 is not set
+# CONFIG_COMMON_CLK_HI3798CV200 is not set
+# CONFIG_COMMON_CLK_MT2701_BDPSYS is not set
+# CONFIG_COMMON_CLK_MT2701_ETHSYS is not set
+# CONFIG_COMMON_CLK_MT2701_HIFSYS is not set
+# CONFIG_COMMON_CLK_MT2701_IMGSYS is not set
+# CONFIG_COMMON_CLK_MT2701 is not set
+# CONFIG_COMMON_CLK_MT2701_MMSYS is not set
+# CONFIG_COMMON_CLK_MT2701_VDECSYS is not set
 # CONFIG_COMMON_CLK_MT8135 is not set
 # CONFIG_COMMON_CLK_MT8173 is not set
 # CONFIG_COMMON_CLK_OXNAS is not set
@@ -934,6 +951,8 @@ CONFIG_CW1200_WLAN_SPI=m
 # CONFIG_CX_ECAT is not set
 CONFIG_CYCLADES=m
 # CONFIG_CYZ_INTR is not set
+CONFIG_DA280=m
+CONFIG_DA311=m
 CONFIG_DAVICOM_PHY=m
 CONFIG_DCB=y
 CONFIG_DCDBAS=m
@@ -1043,8 +1062,10 @@ CONFIG_DM9102=m
 # CONFIG_DMADEVICES_DEBUG is not set
 CONFIG_DMADEVICES=y
 CONFIG_DMA_ENGINE=y
+# CONFIG_DMA_FENCE_TRACE is not set
 # CONFIG_DMARD06 is not set
 # CONFIG_DMARD09 is not set
+CONFIG_DMARD10=m
 # CONFIG_DMATEST is not set
 CONFIG_DM_CACHE_CLEANER=m
 CONFIG_DM_CACHE=m
@@ -1080,6 +1101,7 @@ CONFIG_DP83640_PHY=m
 CONFIG_DP83848_PHY=m
 CONFIG_DP83867_PHY=m
 # CONFIG_DPM_WATCHDOG is not set # revisit this in debug
+CONFIG_DPOT_DAC=m
 CONFIG_DPTF_POWER=m
 CONFIG_DRAGONRISE_FF=y
 # CONFIG_DRBD_FAULT_INJECTION is not set
@@ -1097,19 +1119,25 @@ CONFIG_DRM_BOCHS=m
 CONFIG_DRM_CIRRUS_QEMU=m # do not enable on f17 or older
 CONFIG_DRM_DP_AUX_CHARDEV=y
 # CONFIG_DRM_DUMB_VGA_DAC is not set
+CONFIG_DRM_DW_HDMI_I2S_AUDIO=m
 CONFIG_DRM_FBDEV_EMULATION=y
 CONFIG_DRM_GMA3600=y
 CONFIG_DRM_GMA500=m
 # CONFIG_DRM_GMA600 is not set
+CONFIG_DRM_HISI_HIBMC=m
+CONFIG_DRM_I2C_ADV7511_AUDIO=y
 CONFIG_DRM_I2C_ADV7511=m
 # CONFIG_DRM_I2C_ADV7533 is not set
 CONFIG_DRM_I2C_CH7006=m
 CONFIG_DRM_I2C_NXP_TDA998X=m
 CONFIG_DRM_I2C_SIL164=m
 # CONFIG_DRM_I810 is not set
+# CONFIG_DRM_I915_ALPHA_SUPPORT is not set
+CONFIG_DRM_I915_CAPTURE_ERROR=y
+CONFIG_DRM_I915_COMPRESS_ERROR=y
+CONFIG_DRM_I915_GVT_KVMGT=m
 CONFIG_DRM_I915_GVT=y
 CONFIG_DRM_I915=m
-# CONFIG_DRM_I915_PRELIMINARY_HW_SUPPORT is not set
 CONFIG_DRM_I915_USERPTR=y
 # CONFIG_DRM_LEGACY is not set
 CONFIG_DRM_LOAD_EDID_FIRMWARE=y
@@ -1117,6 +1145,7 @@ CONFIG_DRM=m
 # CONFIG_DRM_MALI_DISPLAY is not set
 CONFIG_DRM_MGAG200=m # do not enable on f17 or older
 # CONFIG_DRM_MGA is not set
+CONFIG_DRM_MXSFB=m
 CONFIG_DRM_NOUVEAU_BACKLIGHT=y
 CONFIG_DRM_NOUVEAU=m
 # CONFIG_DRM_NXP_PTN3460 is not set
@@ -1134,8 +1163,10 @@ CONFIG_DRM_RADEON=m
 CONFIG_DRM_RADEON_USERPTR=y
 # CONFIG_DRM_SAVAGE is not set
 # CONFIG_DRM_SII902X is not set
+CONFIG_DRM_SIL_SII8620=m
 # CONFIG_DRM_SIS is not set
 # CONFIG_DRM_TDFX is not set
+CONFIG_DRM_TI_TFP410=m
 # CONFIG_DRM_TOSHIBA_TC358767 is not set
 CONFIG_DRM_UDL=m
 CONFIG_DRM_VGEM=m
@@ -1282,6 +1313,7 @@ CONFIG_EEPROM_AT24=m
 # CONFIG_EEPROM_AT25 is not set
 CONFIG_EEPROM_LEGACY=m
 CONFIG_EEPROM_MAX6875=m
+CONFIG_EFI_ALLOW_SECURE_BOOT_EXIT=y
 # CONFIG_EFI_BOOTLOADER_CONTROL is not set
 # CONFIG_EFI_CAPSULE_LOADER is not set
 # CONFIG_EFI_FAKE_MEMMAP is not set
@@ -1290,6 +1322,7 @@ CONFIG_EFI_PARTITION=y
 CONFIG_EFI_PCDP=y
 # CONFIG_EFI_PGT_DUMP is not set
 CONFIG_EFI_RUNTIME_MAP=y
+CONFIG_EFI_SECURE_BOOT_LOCK_DOWN=y
 CONFIG_EFI_SECURE_BOOT_SIG_ENFORCE=y
 CONFIG_EFI_SIGNATURE_LIST_PARSER=y
 CONFIG_EFI_STUB=y
@@ -1308,6 +1341,7 @@ CONFIG_ENABLE_MUST_CHECK=y
 CONFIG_ENCLOSURE_SERVICES=m
 CONFIG_ENCRYPTED_KEYS=m
 CONFIG_ENIC=m
+CONFIG_ENVELOPE_DETECTOR=m
 CONFIG_EPIC100=m
 CONFIG_EPOLL=y
 CONFIG_EQUALIZER=m
@@ -1443,7 +1477,6 @@ CONFIG_FCOE_FNIC=m
 CONFIG_FCOE=m
 # CONFIG_FDDI is not set
 CONFIG_FEALNX=m
-# CONFIG_FENCE_TRACE is not set
 CONFIG_FHANDLE=y
 CONFIG_FIREWIRE=m
 CONFIG_FIREWIRE_NET=m
@@ -1766,10 +1799,12 @@ CONFIG_HSA_AMD=m
 # CONFIG_HSR is not set
 # CONFIG_HSU_DMA is not set
 # CONFIG_HSU_DMA_PCI is not set
+CONFIG_HT16K33=m
 # CONFIG_HTC_EGPIO is not set
 # CONFIG_HTC_I2CPLD is not set
 # CONFIG_HTC_PASIC3 is not set
 CONFIG_HT_IRQ=y
+CONFIG_HTS221=m
 # CONFIG_HTU21 is not set
 CONFIG_HUGETLBFS=y
 CONFIG_HUGETLB_PAGE=y
@@ -1907,6 +1942,9 @@ CONFIG_IIO_BUFFER_CB=y
 CONFIG_IIO_BUFFER=y
 CONFIG_IIO_CONFIGFS=m
 CONFIG_IIO_CONSUMERS_PER_TRIGGER=2
+CONFIG_IIO_CROS_EC_SENSORS_CORE=m
+CONFIG_IIO_CROS_EC_SENSORS_COR=m
+CONFIG_IIO_CROS_EC_SENSORS=m
 # CONFIG_IIO_HRTIMER_TRIGGER is not set
 CONFIG_IIO_INTERRUPT_TRIGGER=m
 # CONFIG_IIO_KFIFO_BUF is not set
@@ -2027,6 +2065,8 @@ CONFIG_INPUT_MPU3050=m
 CONFIG_INPUT_PCF50633_PMU=m
 # CONFIG_INPUT_PCF8574 is not set
 CONFIG_INPUT_PCSPKR=m
+CONFIG_INPUT_PM8XXX_VIBRATOR=m
+CONFIG_INPUT_PMIC8XXX_PWRKEY=m
 CONFIG_INPUT_POLLDEV=m
 CONFIG_INPUT_POWERMATE=m
 # CONFIG_INPUT_PWM_BEEPER is not set
@@ -2416,6 +2456,7 @@ CONFIG_KEYBOARD_GPIO=m
 # CONFIG_KEYBOARD_NEWTON is not set
 # CONFIG_KEYBOARD_OMAP4 is not set
 # CONFIG_KEYBOARD_OPENCORES is not set
+CONFIG_KEYBOARD_PMIC8XXX=m
 # CONFIG_KEYBOARD_QT1070 is not set
 # CONFIG_KEYBOARD_QT2160 is not set
 # CONFIG_KEYBOARD_SAMSUNG is not set
@@ -2512,6 +2553,7 @@ CONFIG_LEDS_LP3952=m
 CONFIG_LEDS_LT3593=m
 CONFIG_LEDS_MLXCPLD=m
 # CONFIG_LEDS_NET48XX is not set
+CONFIG_LEDS_NIC78BX=m
 # CONFIG_LEDS_OT200 is not set
 # CONFIG_LEDS_PCA9532 is not set
 # CONFIG_LEDS_PCA955X is not set
@@ -2536,6 +2578,7 @@ CONFIG_LEDS_TRIGGER_PANIC=y
 CONFIG_LEDS_TRIGGERS=y
 CONFIG_LEDS_TRIGGER_TIMER=m
 CONFIG_LEDS_TRIGGER_TRANSIENT=m
+CONFIG_LEDS_USER=m
 CONFIG_LEDS_WM831X_STATUS=m
 CONFIG_LEDS_WM8350=m
 CONFIG_LED_TRIGGER_PHY=y
@@ -2577,10 +2620,12 @@ CONFIG_LITELINK_DONGLE=m
 # CONFIG_LKDTM is not set
 # CONFIG_LLC2 is not set
 CONFIG_LLC=m
+CONFIG_LMP91000=m
 # CONFIG_LNET is not set
 CONFIG_LOCALVERSION=""
 # CONFIG_LOCALVERSION_AUTO is not set
 CONFIG_LOCKD=m
+CONFIG_LOCK_DOWN_KERNEL=y
 CONFIG_LOCKD_V4=y
 # CONFIG_LOCK_STAT is not set
 # CONFIG_LOCK_TORTURE_TEST is not set
@@ -2771,6 +2816,7 @@ CONFIG_MFD_INTEL_LPSS_PCI=m
 # CONFIG_MFD_MT6397 is not set
 # CONFIG_MFD_PALMAS is not set
 # CONFIG_MFD_PCF50633 is not set
+CONFIG_MFD_PM8XXX=m
 # CONFIG_MFD_RC5T583 is not set
 # CONFIG_MFD_RDC321X is not set
 # CONFIG_MFD_RETU is not set
@@ -2877,6 +2923,7 @@ CONFIG_MMC_REALTEK_PCI=m
 CONFIG_MMC_REALTEK_USB=m
 CONFIG_MMC_RICOH_MMC=y
 CONFIG_MMC_SDHCI_ACPI=m
+CONFIG_MMC_SDHCI_CADENCE=m
 # CONFIG_MMC_SDHCI_F_SDH30 is not set
 CONFIG_MMC_SDHCI=m
 # CONFIG_MMC_SDHCI_OF_ARASAN is not set
@@ -2941,6 +2988,7 @@ CONFIG_MPILIB=y
 CONFIG_MPLS_IPTUNNEL=m
 CONFIG_MPLS_ROUTING=m
 # CONFIG_MPSC is not set
+# CONFIG_MPU3050_I2C is not set
 # CONFIG_MS5611 is not set
 # CONFIG_MS5637 is not set
 # CONFIG_MS_BLOCK is not set
@@ -2948,6 +2996,7 @@ CONFIG_MSDOS_FS=m
 CONFIG_MSDOS_PARTITION=y
 CONFIG_MSI_LAPTOP=m
 CONFIG_MSI_WMI=m
+# CONFIG_MSM_GCC_8994 is not set
 CONFIG_MSPRO_BLOCK=m
 CONFIG_MT7601U=m
 # CONFIG_MTD_ABSENT is not set
@@ -3540,8 +3589,11 @@ CONFIG_NUMA_BALANCING=y
 CONFIG_NUMA=y
 CONFIG_NVDIMM_DAX=y
 CONFIG_NVDIMM_PFN=y
+CONFIG_NVME_FC=m
 # CONFIG_NVMEM is not set
 CONFIG_NVME_RDMA=m
+CONFIG_NVME_TARGET_FCLOOP=m
+CONFIG_NVME_TARGET_FC=m
 CONFIG_NVME_TARGET_LOOP=m
 CONFIG_NVME_TARGET=m
 CONFIG_NVME_TARGET_RDMA=m
@@ -3723,7 +3775,9 @@ CONFIG_PID_NS=y
 CONFIG_PINCTRL_BAYTRAIL=y
 CONFIG_PINCTRL_BROXTON=m
 CONFIG_PINCTRL_CHERRYVIEW=y
+CONFIG_PINCTRL_MSM8994=m
 CONFIG_PINCTRL_SUNRISEPOINT=m
+# CONFIG_PINCTRL_SX150X is not set
 CONFIG_PINCTRL=y
 # CONFIG_PINMUX is not set
 CONFIG_PKCS7_MESSAGE_PARSER=y
@@ -3820,6 +3874,9 @@ CONFIG_PWM_LPSS_PLATFORM=m
 CONFIG_PWM=y
 # CONFIG_PWRSEQ_EMMC is not set
 # CONFIG_PWRSEQ_SIMPLE is not set
+CONFIG_QCOM_ADSP_PIL=m
+# CONFIG_QCOM_CLK_RPM is not set
+# CONFIG_QCOM_CLK_SMD_RPM is not set
 # CONFIG_QCOM_EBI2 is not set
 # CONFIG_QCOM_HIDMA is not set
 # CONFIG_QCOM_HIDMA_MGMT is not set
@@ -3925,6 +3982,7 @@ CONFIG_REISERFS_FS_XATTR=y
 CONFIG_REISERFS_PROC_INFO=y
 CONFIG_RELAY=y
 CONFIG_RELOCATABLE=y
+CONFIG_REMOTEPROC=m
 # CONFIG_RFD_FTL is not set
 CONFIG_RFKILL_GPIO=m
 CONFIG_RFKILL_INPUT=y
@@ -4024,6 +4082,7 @@ CONFIG_RTC_DRV_PCF85063=m
 CONFIG_RTC_DRV_PCF8523=m
 CONFIG_RTC_DRV_PCF8563=m
 CONFIG_RTC_DRV_PCF8583=m
+CONFIG_RTC_DRV_PM8XXX=m
 CONFIG_RTC_DRV_R9701=m
 CONFIG_RTC_DRV_RP5C01=m
 CONFIG_RTC_DRV_RS5C348=m
@@ -4125,6 +4184,7 @@ CONFIG_SCHEDSTATS=y
 CONFIG_SCHED_TRACER=y
 CONFIG_SCIF_BUS=m
 CONFIG_SCIF=m
+# CONFIG_SCR24X is not set
 CONFIG_SCSI_3W_9XXX=m
 CONFIG_SCSI_3W_SAS=m
 CONFIG_SCSI_AACRAID=m
@@ -4393,10 +4453,12 @@ CONFIG_SENSORS_SIS5595=m
 CONFIG_SENSORS_SMSC47B397=m
 CONFIG_SENSORS_SMSC47M192=m
 CONFIG_SENSORS_SMSC47M1=m
+CONFIG_SENSORS_TC654=m
 CONFIG_SENSORS_TC74=m
 CONFIG_SENSORS_THMC50=m
 CONFIG_SENSORS_TMP102=m
 CONFIG_SENSORS_TMP103=m
+CONFIG_SENSORS_TMP108=m
 CONFIG_SENSORS_TMP401=m
 CONFIG_SENSORS_TMP421=m
 CONFIG_SENSORS_TPS40422=m
@@ -4821,12 +4883,14 @@ CONFIG_SPARSEMEM=y
 CONFIG_SPARSE_RCU_POINTER=y
 # CONFIG_SPEAKUP is not set
 # CONFIG_SPI_ALTERA is not set
+CONFIG_SPI_ARMADA_3700=m
 # CONFIG_SPI_AXI_SPI_ENGINE is not set
 # CONFIG_SPI_BITBANG is not set
 # CONFIG_SPI_BUTTERFLY is not set
 # CONFIG_SPI_CADENCE is not set
 # CONFIG_SPI_DEBUG is not set
 # CONFIG_SPI_DESIGNWARE is not set
+CONFIG_SPI_FSL_LPSPI=m
 # CONFIG_SPI_FSL_SPI is not set
 # CONFIG_SPI_GPIO is not set
 # CONFIG_SPI_LM70_LLP is not set
@@ -4884,6 +4948,7 @@ CONFIG_STMMAC_ETH=m
 CONFIG_STRICT_DEVMEM=y
 CONFIG_STRIP_ASM_SYMS=y
 # CONFIG_STRIP is not set
+# CONFIG_SUN50I_A64_CCU is not set
 # CONFIG_SUN6I_A31_CCU is not set
 # CONFIG_SUN8I_A23_CCU is not set
 # CONFIG_SUN8I_A33_CCU is not set
@@ -4981,6 +5046,7 @@ CONFIG_TEHUTI=m
 CONFIG_TEKRAM_DONGLE=m
 CONFIG_TELCLOCK=m
 CONFIG_TERANETICS_PHY=m
+CONFIG_TEST_ASYNC_DRIVER_PROBE=m
 # CONFIG_TEST_BITMAP is not set
 # CONFIG_TEST_BPF is not set
 # CONFIG_TEST_FIRMWARE is not set
@@ -5162,6 +5228,7 @@ CONFIG_UID16=y
 CONFIG_UIO_AEC=m
 CONFIG_UIO_CIF=m
 # CONFIG_UIO_DMEM_GENIRQ is not set
+CONFIG_UIO_HV_GENERIC=m
 CONFIG_UIO=m
 # CONFIG_UIO_MF624 is not set
 # CONFIG_UIO_NETX is not set
@@ -5375,6 +5442,7 @@ CONFIG_USB_SERIAL_EDGEPORT=m
 CONFIG_USB_SERIAL_EDGEPORT_TI=m
 CONFIG_USB_SERIAL_EMPEG=m
 # CONFIG_USB_SERIAL_F81232 is not set
+CONFIG_USB_SERIAL_F8153X=m
 CONFIG_USB_SERIAL_FTDI_SIO=m
 CONFIG_USB_SERIAL_GARMIN=m
 CONFIG_USB_SERIAL_GENERIC=y
@@ -5503,6 +5571,8 @@ CONFIG_VETH=m
 CONFIG_VFAT_FS=m
 CONFIG_VFIO_IOMMU_TYPE1=m
 CONFIG_VFIO=m
+CONFIG_VFIO_MDEV_DEVICE=m
+CONFIG_VFIO_MDEV=m
 # CONFIG_VFIO_NOIOMMU is not set
 CONFIG_VFIO_PCI=m
 CONFIG_VFIO_PCI_VGA=y
diff --git a/kernel.spec b/kernel.spec
index a4c8a741c..f9409951f 100644
--- a/kernel.spec
+++ b/kernel.spec
@@ -69,7 +69,7 @@ Summary: The Linux kernel
 # The rc snapshot level
 %global rcrev 0
 # The git snapshot level
-%define gitrev 1
+%define gitrev 2
 # Set rpm version accordingly
 %define rpmversion 4.%{upstream_sublevel}.0
 %endif
@@ -492,9 +492,6 @@ Source5005: kbuild-AFTER_LINK.patch
 
 # Standalone patches
 
-# http://www.spinics.net/lists/linux-serial/msg24272.html
-Patch420: arm64-ACPI-parse-SPCR-table.patch
-
 # a tempory patch for QCOM hardware enablement. Will be gone by end of 2016/F-26 GA
 Patch421: qcom-QDF2432-tmp-errata.patch
 
@@ -521,8 +518,6 @@ Patch430: ARM-tegra-usb-no-reset.patch
 
 Patch431: bcm2837-initial-support.patch
 
-Patch432: bcm283x-vc4-fixes.patch
-
 Patch433: AllWinner-net-emac.patch
 
 Patch434: ARM-Drop-fixed-200-Hz-timer-requirement-from-Samsung-platforms.patch
@@ -543,35 +538,9 @@ Patch471: Kbuild-Add-an-option-to-enable-GCC-VTA.patch
 
 Patch472: crash-driver.patch
 
-Patch473: Add-secure_modules-call.patch
+Patch473: efi-lockdown.patch
 
-Patch474: PCI-Lock-down-BAR-access-when-module-security-is-ena.patch
-
-Patch475: x86-Lock-down-IO-port-access-when-module-security-is.patch
-
-Patch476: ACPI-Limit-access-to-custom_method.patch
-
-Patch477: asus-wmi-Restrict-debugfs-interface-when-module-load.patch
-
-Patch478: Restrict-dev-mem-and-dev-kmem-when-module-loading-is.patch
-
-Patch479: acpi-Ignore-acpi_rsdp-kernel-parameter-when-module-l.patch
-
-Patch480: kexec-Disable-at-runtime-if-the-kernel-enforces-modu.patch
-
-Patch481: x86-Restrict-MSR-access-when-module-loading-is-restr.patch
-
-# Patch482: Add-option-to-automatically-enforce-module-signature.patch
-
-# Patch483: efi-Add-SHIM-and-image-security-database-GUID-defini.patch
-
-# Patch484: efi-Disable-secure-boot-if-shim-is-in-insecure-mode.patch
-
-# Patch485: efi-Add-EFI_SECURE_BOOT-bit.patch
-
-Patch486: hibernate-Disable-in-a-signed-modules-environment.patch
-
-# Patch487: Add-EFI-signature-data-types.patch
+Patch487: Add-EFI-signature-data-types.patch
 
 Patch488: Add-an-EFI-signature-blob-parser-and-key-loader.patch
 
@@ -584,8 +553,6 @@ Patch490: MODSIGN-Import-certificates-from-UEFI-Secure-Boot.patch
 
 Patch491: MODSIGN-Support-not-importing-certs-from-db.patch
 
-Patch492: Add-sysrq-option-to-disable-secure-boot-mode.patch
-
 Patch493: drm-i915-hush-check-crtc-state.patch
 
 Patch494: disable-i8042-check-on-apple-mac.patch
@@ -609,8 +576,6 @@ Patch502: firmware-Drop-WARN-from-usermodehelper_read_trylock-.patch
 
 # Patch503: drm-i915-turn-off-wc-mmaps.patch
 
-Patch508: kexec-uefi-copy-secure_boot-flag-in-boot-params.patch
-
 Patch509: MODSIGN-Don-t-try-secure-boot-if-EFI-runtime-is-disa.patch
 
 #CVE-2016-3134 rhbz 1317383 1317384
@@ -2174,6 +2139,9 @@ fi
 #
 #
 %changelog
+* Wed Dec 14 2016 Justin M. Forbes <jforbes@fedoraproject.org> - 4.10.0-0.rc0.git2.1
+- Linux v4.9-7150-gcdb98c2
+
 * Tue Dec 13 2016 Justin M. Forbes <jforbes@fedoraproject.org> - 4.10.0-0.rc0.git1.1
 - Linux v4.9-2682-ge7aa8c2
 
diff --git a/kexec-Disable-at-runtime-if-the-kernel-enforces-modu.patch b/kexec-Disable-at-runtime-if-the-kernel-enforces-modu.patch
deleted file mode 100644
index ec8675eb4..000000000
--- a/kexec-Disable-at-runtime-if-the-kernel-enforces-modu.patch
+++ /dev/null
@@ -1,44 +0,0 @@
-From 85968a9f0b3f05c56d4ac4002748f3412a9baab0 Mon Sep 17 00:00:00 2001
-From: Matthew Garrett <matthew.garrett@nebula.com>
-Date: Fri, 9 Aug 2013 03:33:56 -0400
-Subject: [PATCH 08/20] kexec: Disable at runtime if the kernel enforces module
- loading restrictions
-
-kexec permits the loading and execution of arbitrary code in ring 0, which
-is something that module signing enforcement is meant to prevent. It makes
-sense to disable kexec in this situation.
-
-Signed-off-by: Matthew Garrett <matthew.garrett@nebula.com>
----
- kernel/kexec.c | 8 ++++++++
- 1 file changed, 8 insertions(+)
-
-diff --git a/kernel/kexec.c b/kernel/kexec.c
-index 980936a90ee6..fce28bf7d5d7 100644
---- a/kernel/kexec.c
-+++ b/kernel/kexec.c
-@@ -12,6 +12,7 @@
- #include <linux/mm.h>
- #include <linux/file.h>
- #include <linux/kexec.h>
-+#include <linux/module.h>
- #include <linux/mutex.h>
- #include <linux/list.h>
- #include <linux/syscalls.h>
-@@ -194,6 +195,13 @@ SYSCALL_DEFINE4(kexec_load, unsigned long, entry, unsigned long, nr_segments,
- 		return -EPERM;
- 
- 	/*
-+	 * kexec can be used to circumvent module loading restrictions, so
-+	 * prevent loading in that case
-+	 */
-+	if (secure_modules())
-+		return -EPERM;
-+
-+	/*
- 	 * Verify we have a legal set of flags
- 	 * This leaves us room for future extensions.
- 	 */
--- 
-2.9.3
-
diff --git a/kexec-uefi-copy-secure_boot-flag-in-boot-params.patch b/kexec-uefi-copy-secure_boot-flag-in-boot-params.patch
deleted file mode 100644
index e239ea908..000000000
--- a/kexec-uefi-copy-secure_boot-flag-in-boot-params.patch
+++ /dev/null
@@ -1,30 +0,0 @@
-From: Dave Young <dyoung@redhat.com>
-
-[PATCH] kexec/uefi: copy secure_boot flag in boot params across kexec reboot
-
-Kexec reboot in case secure boot being enabled does not keep the secure boot
-mode in new kernel, so later one can load unsigned kernel via legacy kexec_load.
-In this state, the system is missing the protections provided by secure boot.
-
-Adding a patch to fix this by retain the secure_boot flag in original kernel.
-
-secure_boot flag in boot_params is set in EFI stub, but kexec bypasses the stub.
-Fixing this issue by copying secure_boot flag across kexec reboot.
-
-Signed-off-by: Dave Young <dyoung@redhat.com>
----
- arch/x86/kernel/kexec-bzimage64.c | 1 +
- 1 file changed, 1 insertion(+)
-
-diff --git a/arch/x86/kernel/kexec-bzimage64.c b/arch/x86/kernel/kexec-bzimage64.c
-index 9642b9b..0539ec7 100644
---- a/arch/x86/kernel/kexec-bzimage64.c
-+++ b/arch/x86/kernel/kexec-bzimage64.c
-@@ -178,6 +178,7 @@ setup_efi_state(struct boot_params *params, unsigned long params_load_addr,
- 	if (efi_enabled(EFI_OLD_MEMMAP))
- 		return 0;
- 
-+	params->secure_boot = boot_params.secure_boot;
- 	ei->efi_loader_signature = current_ei->efi_loader_signature;
- 	ei->efi_systab = current_ei->efi_systab;
- 	ei->efi_systab_hi = current_ei->efi_systab_hi;
diff --git a/scsi-sd_revalidate_disk-prevent-NULL-ptr-deref.patch b/scsi-sd_revalidate_disk-prevent-NULL-ptr-deref.patch
index 7b9976517..a19267cc1 100644
--- a/scsi-sd_revalidate_disk-prevent-NULL-ptr-deref.patch
+++ b/scsi-sd_revalidate_disk-prevent-NULL-ptr-deref.patch
@@ -20,8 +20,8 @@ index 3d22fc3..07aec76 100644
 -	struct scsi_device *sdp = sdkp->device;
 +	struct scsi_device *sdp;
  	struct request_queue *q = sdkp->disk->queue;
+ 	sector_t old_capacity = sdkp->capacity;
  	unsigned char *buffer;
- 	unsigned int dev_max, rw_max;
 @@ -2833,6 +2833,11 @@ static int sd_revalidate_disk(struct gendisk *disk)
  	SCSI_LOG_HLQUEUE(3, sd_printk(KERN_INFO, sdkp,
  				      "sd_revalidate_disk\n"));
diff --git a/sources b/sources
index 4e162c301..f5d9af607 100644
--- a/sources
+++ b/sources
@@ -1,3 +1,3 @@
 SHA512 (linux-4.9.tar.xz) = bf67ff812cc3cb7e5059e82cc5db0d9a7c5637f7ed9a42e4730c715bf7047c81ed3a571225f92a33ef0b6d65f35595bc32d773356646df2627da55e9bc7f1f1a
 SHA512 (perf-man-4.9.tar.gz) = d23bb3da1eadd6623fddbf4696948de7675f3dcf57c711a7427dd7ae111394f58d8f42752938bbea7cd219f1e7f6f116fc67a1c74f769711063940a065f37b99
-SHA512 (patch-4.9-git1.xz) = 1fdb71e5d4b0a6b6805f32d800e902d9fde61805ef2da9562f141f2e5c1b5a6800361ad3f2669637839bbff5f577fa6759adc2b39bf9da6155170f29ef3e1e57
+SHA512 (patch-4.9-git2.xz) = f9260ea66a5a3f42f62a1304245fd4f624810fcd9d480d309201597a162d42097fabdc4638df202133d602a35c27d1e7ec89d3e6ba6bc68c874a851fcaf40830
diff --git a/x86-Lock-down-IO-port-access-when-module-security-is.patch b/x86-Lock-down-IO-port-access-when-module-security-is.patch
deleted file mode 100644
index 3bb42bb45..000000000
--- a/x86-Lock-down-IO-port-access-when-module-security-is.patch
+++ /dev/null
@@ -1,72 +0,0 @@
-From e7817a96c7ef1b502dba6f70b75f9e8993a8750b Mon Sep 17 00:00:00 2001
-From: Matthew Garrett <matthew.garrett@nebula.com>
-Date: Thu, 8 Mar 2012 10:35:59 -0500
-Subject: [PATCH 03/20] x86: Lock down IO port access when module security is
- enabled
-
-IO port access would permit users to gain access to PCI configuration
-registers, which in turn (on a lot of hardware) give access to MMIO register
-space. This would potentially permit root to trigger arbitrary DMA, so lock
-it down by default.
-
-Signed-off-by: Matthew Garrett <matthew.garrett@nebula.com>
----
- arch/x86/kernel/ioport.c | 5 +++--
- drivers/char/mem.c       | 4 ++++
- 2 files changed, 7 insertions(+), 2 deletions(-)
-
-diff --git a/arch/x86/kernel/ioport.c b/arch/x86/kernel/ioport.c
-index 589b3193f102..ab8372443efb 100644
---- a/arch/x86/kernel/ioport.c
-+++ b/arch/x86/kernel/ioport.c
-@@ -15,6 +15,7 @@
- #include <linux/thread_info.h>
- #include <linux/syscalls.h>
- #include <linux/bitmap.h>
-+#include <linux/module.h>
- #include <asm/syscalls.h>
- 
- /*
-@@ -28,7 +29,7 @@ asmlinkage long sys_ioperm(unsigned long from, unsigned long num, int turn_on)
- 
- 	if ((from + num <= from) || (from + num > IO_BITMAP_BITS))
- 		return -EINVAL;
--	if (turn_on && !capable(CAP_SYS_RAWIO))
-+	if (turn_on && (!capable(CAP_SYS_RAWIO) || secure_modules()))
- 		return -EPERM;
- 
- 	/*
-@@ -108,7 +109,7 @@ SYSCALL_DEFINE1(iopl, unsigned int, level)
- 		return -EINVAL;
- 	/* Trying to gain more privileges? */
- 	if (level > old) {
--		if (!capable(CAP_SYS_RAWIO))
-+		if (!capable(CAP_SYS_RAWIO) || secure_modules())
- 			return -EPERM;
- 	}
- 	regs->flags = (regs->flags & ~X86_EFLAGS_IOPL) |
-diff --git a/drivers/char/mem.c b/drivers/char/mem.c
-index 5bb1985ec484..7f1a7ab5850d 100644
---- a/drivers/char/mem.c
-+++ b/drivers/char/mem.c
-@@ -28,6 +28,7 @@
- #include <linux/export.h>
- #include <linux/io.h>
- #include <linux/uio.h>
-+#include <linux/module.h>
- 
- #include <linux/uaccess.h>
- 
-@@ -580,6 +581,9 @@ static ssize_t write_port(struct file *file, const char __user *buf,
- 	unsigned long i = *ppos;
- 	const char __user *tmp = buf;
- 
-+	if (secure_modules())
-+		return -EPERM;
-+
- 	if (!access_ok(VERIFY_READ, buf, count))
- 		return -EFAULT;
- 	while (count-- > 0 && i < 65536) {
--- 
-2.9.3
-
diff --git a/x86-Restrict-MSR-access-when-module-loading-is-restr.patch b/x86-Restrict-MSR-access-when-module-loading-is-restr.patch
deleted file mode 100644
index 71b5b2edb..000000000
--- a/x86-Restrict-MSR-access-when-module-loading-is-restr.patch
+++ /dev/null
@@ -1,44 +0,0 @@
-From 85539b332c79fbce1b9f371ff1a2a8d489e65110 Mon Sep 17 00:00:00 2001
-From: Matthew Garrett <matthew.garrett@nebula.com>
-Date: Fri, 8 Feb 2013 11:12:13 -0800
-Subject: [PATCH 09/20] x86: Restrict MSR access when module loading is
- restricted
-
-Writing to MSRs should not be allowed if module loading is restricted,
-since it could lead to execution of arbitrary code in kernel mode. Based
-on a patch by Kees Cook.
-
-Cc: Kees Cook <keescook@chromium.org>
-Signed-off-by: Matthew Garrett <matthew.garrett@nebula.com>
----
- arch/x86/kernel/msr.c | 7 +++++++
- 1 file changed, 7 insertions(+)
-
-diff --git a/arch/x86/kernel/msr.c b/arch/x86/kernel/msr.c
-index 7f3550acde1b..963ba4011923 100644
---- a/arch/x86/kernel/msr.c
-+++ b/arch/x86/kernel/msr.c
-@@ -83,6 +83,9 @@ static ssize_t msr_write(struct file *file, const char __user *buf,
- 	int err = 0;
- 	ssize_t bytes = 0;
- 
-+	if (secure_modules())
-+		return -EPERM;
-+
- 	if (count % 8)
- 		return -EINVAL;	/* Invalid chunk size */
- 
-@@ -130,6 +133,10 @@ static long msr_ioctl(struct file *file, unsigned int ioc, unsigned long arg)
- 			err = -EBADF;
- 			break;
- 		}
-+		if (secure_modules()) {
-+			err = -EPERM;
-+			break;
-+		}
- 		if (copy_from_user(&regs, uregs, sizeof regs)) {
- 			err = -EFAULT;
- 			break;
--- 
-2.9.3
-