From 294b274139566c2dbe6a2886a26c041666ad025d Mon Sep 17 00:00:00 2001
From: umagnus <xinyuyuan@microsoft.com>
Date: Thu, 13 Jun 2024 07:07:17 +0000
Subject: [PATCH] Fix shield guard issues for KSM

---
 charts/latest/csi-driver-smb-v0.0.0.tgz       | Bin 4943 -> 4973 bytes
 .../templates/csi-smb-controller.yaml         |   9 +++++++++
 2 files changed, 9 insertions(+)

diff --git a/charts/latest/csi-driver-smb-v0.0.0.tgz b/charts/latest/csi-driver-smb-v0.0.0.tgz
index 92fcb3ff302220ad9bf7a6bece5397d0b983574d..6a0a322c1d56ef0f754f8888c2da672c9cd31b3a 100644
GIT binary patch
delta 4959
zcmV-l6QJzRChaDWJAYk!Z`(MwpT7<CI}q*wJF~a)E04|<kU!caGgHho3F34XgUzC#
zrDK~nlBgvqH{LYg{eln4dQi6fNZRh0KpR^k&p9N|IsB1_q&-d?pOG0bhliu?=@c{3
znd30{Zg;8I>-CNg57pmZuUG!t>mLuk>mME;3|<e8`~BW`y?_2;Z_xV=^>!#jZA!Sn
z?7QC9yvmjPMiP$6AHX=Fk&9;i7LMcWYk&oC(ei<NjKo4c8@_*wPKWQ%nNk@vrVRa-
zjDSTTfVUzXf{ThO)tY7Gd!1gV*ZR^m-lu#j+5Zd&3Gf{|faUhz?;X58D%=0y_-Jqc
z&yh%oC*Zaa8h>F9*AP<|F_;i8*t~Q16Ymh(<z(V;K^dMv3n3nkWOjrY#FP_3+1y1F
zkI9^OKXHc(JR#A<$(8Eza1;m0ghZ;Kz!MjFIKphMzQ;)rT+x7da~HiEUr=$yfI}o&
zNV<|MMrTAi5MWilOGNET&5jp^7p!N8$`7qz9grDBz<>D_qa#?4b6PZ(MRR-yo&I1o
z<B0m8-RrgHfj6kQB$C=SOUV>PY0w59Co!Y<b4!O$O^;{JUv@ZGa(p6@Pe1Xr1McTJ
zzWq+WGg!{H#evO;2X8!&CXtZ5JqB2Siv&vmy+r?*LZm*wLMAW5Ix|O~ND!bAm?FL!
zq2@H{pno9<Bq$o=fCD09`4D}=k$RYLklz`ipQ4WBM<c;#5CGGo84pL!;+ey->88b7
z)!rPpT5N>9vdA*G8X4tq*wVe?<{x%EPE1d>T4TT>VM^s7!lM9w0r3Y7k`RUh3vNiZ
zax!M5s<O6Jw*|z*+(rEsLVm>4RzD3AE`a?^7=IW4AY%F}<>CSaLN5`XVG>B*NDl}u
zI)gDz0`aP@RPjX%p%4Tk9>1bYxM=Xd$A^b@qnZK^#B`BOY6nZA%ji9p<Xqij>BCc9
zv#S6{uy_^F$?q_Oz(q$bgg#MrN21AlsSsy`xv1S0Vcb?t!D+%g;F`6~yGR*BB6#{u
zR(~W^Du2-Hy(i`=gMTN$^SQh@aZ$e)R*DVMQkJ^cGwW~3Ec4R!ECyS#z~eEAh?u+R
z;n7&b5CZT7W#*Bf0Wd6Kqao{{JD9tut!#zS06GirA$>`xI=pQ-(pZ+3)Y|9wgbSX&
zfbkeS;iC2h9ePvnlK|R{=o_nurS3dA7k_69HZA2_qz&Qw4^d`|+JK9?-oT&^8uV5x
zAW?F^a5;YFxO{$5a4oVZdWn1tA&oc)<$0ddugKO8K)9$o!>k*SQP(_?@7U<*6nj%R
zBTQ9Jc2rx6n|@d0!5y#>Fv_Kq_8}4k2gsAfULgo$F-Kf55=~GDIO53H68=!;*MCjP
zbbmCguNaKUy<r)vFI(`F6g}_bk9JeCYE;R;J*&s5g)QH#lWQ3uQ!opSA6}vlQ2?AP
z6oCT<*q@^*_NAF1g?SK(xWGXG{wrkYbW%9gG1N{Jo*`UGMi}@t_9hXP&E_&w_}i&_
zJHzZYAfsFJ@NY^TLOO%t`?v3L9DkE&a+XLn`w)c+SEUxd)K8b38|9li&aG7QXroR%
z+(tFGWchTeX;>7Yc||=_jgm+=RX>wSDx3z-qeP$(&m~;Wv=xOoN^lU&5e_(2#Pcet
zc-HA-QJ3^kQyF`ZMB7Z`)%L{=dh_At*URg7H-FyV4*wk9oWE~peU=STrhgII6=ihO
z%C%Zv!UYX~$0G<d@0Typsl>pZ6bI2U!cjzp7EXeG?EC6Z5FjxH6jPtKV(PzH<g$|q
z6pJMkiZaN-T29LlMpukbM#TIyz+4f4h$qZUJ!EOb6E-6=$gBnNDP;mrfJ;&g#x9x)
z5p%cOEw+VEJuab#2eD8e#(!jz=$`1t)OTXT+KCy+F-Jac#d&#jAM-gE5IUY7a~+Qn
zK|CBt?nCernOn_{;9j7KlvGxn#xZ3gk)14S#ga(n!6X8PFh>!M7^MP@=7@t3a;U?I
z8*-<bn&dE=Be=(58~}3V_fi%YJxJPb_y;cM1^r&Hj~-i=OdLFqhJW!Dqhlgr(}S4D
z;G*j!5+nqJI3CgCekroD{wE-e)w*x@;_~Kv*b(<)dmgLS{|^oiO6z||M}vd?`rmV;
zn<=OT{o(t!>7qX2XkyINhd7{fP;O3nDdQMAt=0`i-W0sMa%t_y1QrQ@h2j7(2Who#
z%K#Qn1juou|K~CG;D6-d0d=lH<?CFePtoI}ltB}79Bu}JlQxdy5+sq7Dn!uZV;ecn
zCoH__-pZGyTKoSvg&+pTJ0jjT6tKen`$xz9lKmea_FwPq|2fjbL-+4!MnYE(%}9=y
za<DuJWwUrwaM9npkB_aE%65Jq<H%P-zO*_ChU8~Y#f(+Hhkpl0&R<CcsLjJsM`mjy
zXYodkyr`q2%*s$Zf9Qyl%y~Hj#)uE-vjnJ-hmH@_M-mQ`v7Ah|odq$7eDzt2W<Z&o
zZBHQx7t;-7l}l&W#Pny0F{{o+!Q#l1P}SyQtYtzR;R*Q8XkIEcG;7s$1q~*CctEKY
z<{Pn7TP_Q*Dt~UeZQo>ZTvJT8N{3Ios<R4NO=X<LleFY#wRSAsar=MTsQs~RXvx+j
z<E-oQ$Q!A~MuPr{!@!>7Ga``>kw630{F<EXO>4)-Nf1at$3W=r&5&hH*UADzoqwS$
zIcZhE>uQlnvMoPzRUw9>2`nuq=gPX*WaH&4VE-t^`G3*|UrM$9zcAZV^T&;Y!Ylm$
zLGN|R{||bHy~Dl#e~whLj=H6)$Hy0~I}-UWI#aX$A&3{P{N529$Gki1zi5RZu#W|H
zUu0n^X&iO*_2L4O^mTTH|8yA}EPNr|3yHiS@k_qEllLq#BagvTQY5jD1q=nl0w#0y
z2q8v;fPX}j59*zHR$Xz=iLREzitmls2$>0Ho}_${;#NaGlyKCn4x|im9Iw$psd=UZ
z7j503RgN=p*Jq57X-%mwpNN>&m&>gI<rwByhF;`{h=qJVneI*9W?Hm7!(Y_F@V<;w
zx+qIi%Ec9<9&i&e&A-f65iVBhXS!I0KBIppRDY<MNlI#}LlmDVyDRc2EM7HfvwVS6
z$(uA#g|br8bj2;#hS?(Anr&}cBFeQ^<!!E&QVPn!<TbM}K-Z|}Vvx^us*{Uyt7dzV
zj_p&-b?gPTyY1qLy=ddb_Jx8SAf&gzXh>8jnr?|fkB^micCv1LK7l6^KAA=iI5d@F
zOMgy<?#vin<#u1xQ(ElND5!@czkKO|YoB(Kmg2wSUXqOg;EMf!gM&e@g8yC*_W18P
zlH)ijuv2S&Aw<Fk>=wAr2J3Q45^2!T49ztKa~jJ@M3sWLJnRC!*{ZPD$u3;_UJJ+z
z@ufUEs{v=$YG#<M2+5ivvRXi9WtJOL7k{8Vi#erp&C>LH@%}T4asz&WUT&&dB%KS0
zEz0C#X|83$Un*9B8TpBE1}v*cCRhC&o+-nbdNfmJV}Wbtd2Z{9z4@~Y3tGiJiWOi~
ze4V4Upim5OE~|bC9IjJkz2u$`nYu`A^{G>(ysa!Y;pONp-@N6bcDt-q^?F-omVe*e
z*MMbVr`1x<o1@s4Rq)b`B(E0bU}V)A%Z05rS+dAF)hN!jEK{v@lw~cXUIprPI6d2d
z-3+Yfc4QV2?+y@qEp02B&gV9mIuG6(V)q^KELt@}m`!p`uA9B>%uWXF%0owX1onLf
zoS%IE!<)0S>+|98M@z;4un)`uvwz!Rb&dvcJPQ%H7YsXk(00-RQ*DOIXNG82uAtT{
zQ-Q)eq&F10Na9xcufwT#x9+Sb-};5QPma(`ZN*lbiz^+VHdb9>G1YREBsAN-sdop$
z@d?W>NMyUCY#yTkU`)o6xH&J<9~1>H`=o+Y46uJ01@mi4#m^)Fz5k;yJb&us;TVrd
zKm>tOwGr|ejmys*^yc^9D=s13_T}iK5e+;-VWZe?9l{dQRog6P-q0QFienRJP&E5G
zv(PzJZ#aU4KofCtz$+Q1Lc|V4eoRRuP6F!TK%yzvj+cs(FZLrBh1Qg3Cxf-Dv`Bjs
zBVA&KGS%Dg21Z(t_8YNL9)FIS7^VaWJ2l4&!Kz8fEE}5MCe+Jjwpu$=)MV31`-tt#
zPHK$E?DMY~LQ`A({)f}yyN~A=XIGc+E^cgtx;coGxdL?xx6`Y!-Q2MqJ7>LEl<m4P
z6!g<{qG~B-4&^w?yrkLHRJ(L|r$j8KtZL912GwUCn$*iWGMg-=cYiUXf_gM?(aq^q
z?wxf9vrc17f`q}%lmVa8z}H7L7D;;3UqF=2QF&C9IoGlr+9hdk`k(U4B{gsAjpc-z
z;NT1bJRgEbBcHqIpjXIahKTHSzxX-^MyPKuTnp#&`fJB@Nks15Zntg>Tk1SxMrI^{
zN$yC?B0ZC5eIn3UDu3M6o~#T+7;g_rc{r*W<8=Kkb3|*!)S(!4a_`}>QlctpA^VqJ
zPyN=?%JqNa*|)h7VAcNL!JxeV_w{kFzhD1<j^sE_VY%NNB2Uki&-x}ha5{XaH~20O
z1Qc;Vwrr1uz~1!Q97<Un+>NRKE*jIz=zZ=;(wA<Mzf@Xj|9|NLv@N!Pt%&~}4F-qh
z_}}Y;ef;lPQqBIaY};3P*Vp>7!IWgSpXiA~gQZ<w3Lq3Wc^S;G_8zZ%tT9h;lMte<
zHJ&PhXya8IZ%Z@pG^AiV#b=92rKkAp`<XThfUVpbwM{7Tn+_<Yl-G%1s$>687AYz%
z3ooF3!+F!Gdw*LubJF(?sTsq5wfVVLn@fvQ8>~00RSGAjOq`V6^X99|+b=<!y0=o(
z)PL(on3}C!FQ0g)ZhGA{=CrEzi=i5rhUF0bZVhB5gR0Wnifm{sPr<#J;S_arePc2g
zK4iVA;<7Oo)06LiIJ<uL$NBZg>+@ee4lhrC`*`){=6}~8n=N9(y@pl!<k2w1kzal+
z<*2`PtONI8DX^X33o0S?;lxg=G?>&ZaUL&U;@t5f<}wemAZM$-ova1!na0Q;-@3hR
z%m3t`$H&`SJt*?q+uE7?3i*Ef@b>)U#pT)g$BQ@b&ux<Z%xGBElQDt7zlL%3jd`cX
za|uzEd4FA`7fYD_Tj^qLHo19_Fb5urvM$FSY4L(Kt|F4pyv1l>X@Heu!am~n<syC>
z(kzYjZ4z;-j}TTeN(qR6^8F7*qb_GuK}R_ub|xSkZ95JZSn#}5=JLXh?dC#z?erx@
zYN;vI*AzLvx~IrV^hHG{78kelW~1$5hHGKWbbppn6P0_m&|!n%pzYmPAM$H9T0X^S
zRJs?tnxVmPwR(U_am&)dVaX8x_;~vi1J~m0@0dF=iNUEfL5|SvZRb{Iy3G~Kf~n<_
zRTk3nH{l`6m5RJXVhS9TIdFs-ATCG{q-zzvIY1u9SP&J?oxhSL=6_>=60YuF%M+tf
zFn^bWqPp;a`XEO~Ls32&fxyTdzEAH$I32!2i#u<dw5z1DMdMbBFKyxVx#?yums=N>
zY!Dh=p@iyyrxd#Aj@Hx2rrNkBvyy7=Of7e$lIy7BHqBh5wU%CP)Zli0OHlYSF3Y{H
znL&L_@8K@GVI3>TE+MUmWOw_UOS2Yp>wnm=bxSOnN-mS`lAY?aTVL@N8UNL(QT%ty
z--B2Y|2^zg_kRoyj`#83=SZbMlsX)?%jmBrxR3qX+v2Grzg12;{S^+5?j+7DOSBe4
zWAkI9rscOiF<OkbHVvceqn$epq8k|SEl0a6t)YA9t3EloZ9KfmKH_~e{J-by)qj?8
z@#l$LYrFdrXQTG9@8yzxx!AY;WO60jc9G($!aqmY+miXK33;zt;y-G#h`-S>>@7pw
z+J`JwAG&7sp<BE9u-RGg-G-4jIBU8|5V^Zi2)XQ*_W|U60D0{*rgbr7E7d0mBHyvm
zk)wZc>7?o|vY%!u75=)9aIOXFzJK~i?&<;IYmMUW=4}3wbEwaJIJ7*5S_c$HV?4q7
zH=o}U{qt#rMmVrapvov;k)K*dU@^qv&$FR+yE;8-Ciddz*LF~WOtMV=iYH%h6kRLc
z*)aIBKKN-Ad1;_dn~S)S1SNIaSwm&fy3NF@AhC`0eBGK<>227zwR*k}zkmHjQ*Hc@
zjj-pKAmEe6|9S_9uU}W=fBWBmdX`jKnlD~lsoaS23gv_1*~#!>p~&)R;EH=OcNrRd
z3V9b%nO#cy@Q`}pau7}0;IckY?{Olgl#&0aajAN4U;kj&H4R{SRTV9R8yvV7a>5wo
z?{8FBa5k<KO9BmY90|gIVShA<xr_eUZvU%QLR0^2$Fe?LKqL$}GMQ$;Mk>PuMEezL
z2ZXD?>Sw*=2i-LClP`yQP~|pY=mnUBjk)SzvyE5r@&p@alfw%z=MC%Guud?8NNmt@
zrZ%roJFa85x>_D5(l&Nlp{)pdlro=0d7H5DP*(dijb`nA6B4xW`&gGU?yAwgC6P~}
zNprJrZseu=S)Gw#)p+woGWtL8gt2m~b6p_MbuLG4;#{ROGL!zQquboQp{x^^G;_{l
df9c_SpY~~=_G#nv{{a91|Nm`=`&|H#007uoz4HJ7

delta 4929
zcmV-H6Ta;2CeJ32JAXZEZyPtZ{VX8=flvyx-J8+Fuk;S!4~d<&K{vKxIb9U%ML^9Q
zNxYsJ&XOF(TG#*mf{%G~q|w7px)p)M(hPadA$eXrhon4C9G{UnFo%cZ{@DyO(Ocj!
z_-1!yFc=I@j*isd!C+ARI~blEd^0>c8NNO~IXoPmd@~px4Sx;~zCnW>($H8EE-?FM
zur;n~=l&!G$K*F)oY2Tc^I-?aarQO90=Ve-z&%D{p`MLCyhUfD_vl=)44P1eeoe-}
zA`rkk5e~scWtQs9Gw_4npf~7z=^pP(u~g)Lj)MgFjupUi`5z7rUmsWH|KRoOz5G8%
zAt9cE+d*iIIe%P3OkKoaO1NN)-rbM9M`)juslx?jcnTeacsQ2T5n>QiP6TBO7fn4T
zYu^3H9WL;cL{q2Gs?Wo593)c`sfGeiUF6{ivxWK|CqZyU1L7@Q^nP+d#T5e%k?0_)
zO0F246RALe)$uMNwJ$k4&Ku{b=SNBptw0@+IYhwu6@Q~+SPygBG?q;Zcn^BRgVl&5
z>VsCV*BS@jpyLuqD%UIpQzoUw7<in-jNUIS6FxIDo+*Dh;at)2nM6MQ%+m?DUli~T
zd&Azra<m-|Y)(9Q<9RfRgv9MJzye$(SOVxJ`o|0+_4yStbrIH;Ir>b30FA*k@s)*I
z(4>b(Ab*gcXo3R{h)m=|^chF$VZuRvXNZ1|dJ-Rv1fxL!Oj|P^j-C9O!?BsB{H+>q
zjyoMT#$J_VSzB2~X%0JjR@~ylp2vxq$xdeiSR_ob97K2=z|SClqd^kFNMOMY$WDRA
z3{;)gj+(ZBc$m9r*g?pTcslB5LBa*Fp9tgPAAdy5exY1kfI#Ra!gEXli5qEy;G%Pw
z;3N>Qnp%}#bPx(bFyiqm%7lv!{`chQ$Szbfz=4?M)g*VYB)W_~U<uCEGnPI)(>=Qi
za0L0QfKLAoa|m2?+(GCwWp^Z+evk}tPMC|jeG$f8H58mC%mc1b+q8?MF(iVg-(*KZ
z#eedLgTV)4o-+7%0=!tuixU?O2Vt$*LE6gF_hw|nEs<qfx*5g6Rw(dfLLwp-E_!%0
z(lCMmJVBXxBxnE(OSjR0b<iCwT+~&v!e{`!Tzg1e5~>OB8jLiSttGVXyL-X~PhY@f
z0-kVD_kxbR8Td&6-B$38RK${Zo*av_1%H~3(k)Vk@cqXqlSM7SWnOO~P=_sMs}qnY
zxzAOOpD8Y%UzAjfY>HkYA45nZ4nk?3=hQ25v;z<>>d!Ij2V~qgPvko`K0d?V49*Et
zos$#QmE@-1l|8rvHU>tyRMI{~g5Usove_#HVJsGi3r3<T3IRtP`I^G-tN8jUn1B8c
z2K5z#3Ar~YWA$YVd=jGPefq&JN>+}l=(lIpIE`-0pH|6rj3ZML3++F=L?5F7I9FZ-
z4j5p6fo9m3VuF;<gGj^$4g&CBAp@tEx>G#^?Ns?Qge%Gj1HVDuq(^0wxl9zkJ9BU6
znB4|sd}|(lr`RE+a~OSi`vJ!>iGQZ&iDa{nQK<Z?RKl0)>56ird{f1_6>A=EG>J#s
zu;!L1pN=&Rin427W6zYMq^Fy*pQ$7nPCL)zM4%8aq`RDPD++Ox;2>Ba9B`_D7g<u_
zY~sf<FKJU#vpq<9+f4hb-HRLa=HtyTm)Gxae!smP{XV*R_o183S!SZlAb)gg%;=__
z>vX(?3mX0%k0H>wU%o_V(g*e=IfzaWjv^{Fank9>zOViS0TMGnG4**Trv96}mK{u>
zP%ME^ra>BOxhz8%T`@u#5sR|`a|Hk*o-niYkgX9<*qqEElNQ8hlnFcqE<rJvxM(Is
z%-w#!JQhCnxO6={h=uwvA%D|E&qP0_z7reNPRu~s9QnKx7wOS+%okih=y=-ZIvyi}
zcsP*QN8ly0wpty*y+Bh*sq8q7W6DG#Ct3E2C6TIwNdydGjv^W{N(CA(5C<Wosl$jH
zaAz8t#4uhUxW{1}0CMH`N);D9NZ4=qM=sX|!@*#P9y^vw96XPP@qZPg6C&NF2eF93
zMb}9rNC?K`ctnr;P-HFsCm@Vf+_!&mdGl`66Zc|!9IN90hewB%_}}sI;qgBH_Z;PB
z1}dOG`tUXl>JyHpMofK(1G)gE=9HE)ilNu(+)(7rz`Luq)_P1}k?>b24ghnIQtNh%
z!{UhmIgZr-JjNcJK7Tx*-ZiLty^HiIdVG{LXkd=RjUhPg;yA9jBoa~$2zq?%BFFiR
zg*V$v`Lfa||DR?M#K3q@#M`C<R>=SG_+(g-|C6J`;a>iqqdYwH|AyuybfsxV(q2kq
zc^b-L@n+znzx5v<I~`T+-F=KBUzvO<b<!D<pFNc`R`nhp9DlifB@v)5563-Ot&5!e
zjkLU|r?bpTP<y}WjFYT+IS0mw59kl+phg}#IaD7>I7%jRG2L}?U=aE0vnI_rWpcGW
zgCNY88^}tRuC9UU&(g=ND;MP!N1k+5Z7RmvCd3h*g71tMl~yAYt8Qv&eBy@(luBW7
z5POa7vIMKbrhmuwO_s+s&E%-`_^huct5nr=#>t<gE&oulW2uh2|I<a?PhA5`jwYF8
zQ&;r7ks53y=<hfT>^1&CB=R8==s*p>1}A6JI<avQ1k#~nAoTQRo@K+-$_67{KWCN#
zwJPCtl~<BztIu53h~a1oOWVn{vYs_Lc*PFbKT2}Gw12=?N~8WSt@hOVapR=$3jKdL
zcwN!|2ZN*G$zK0IN2y3hQ>g0k@kQs3M81p8)vA94;zg&pcLc{V@6U%XIw1(`V}acl
zSz1a8M-zM<TtE`OuCDw)-Nxn?zL4sLL|%~i6<yvdY8F|M$KWX{lGw)rMuK4h(}jA3
z5TijrqJQZ}_0Bx2N8Agft8iHPy&)SRv%oBZlrK`h)qoGBJ8Gf>DMB2_YYb2-o+-e5
ztXquANk;Dah!HZQDf#6y5wqrYg&0r)VKFlFqG%#=`hGOio2t#UX?2C4_rc)4j8nKM
zD>KT)6{8+-lQAv6%%TVvEBP}GR-r%8zY{9d%6}vUHPb1I&y?Mjag>5rZN{wFAZ7A4
z15|^om^6*J6~-_N!mT;>mJm^4v}$h)qm)8W3Z}@JB?H~Sp1F}POsZ4Ja;sr`k=phd
z<~sL+y8Uk1V&`L=Z(k_M0YZ8UjCP4iP17wg=<%`k&JNaXt|#zRx=&`10}gGe*b-A|
zI)5`nSB2dd&5-gv8YT8{<d-jPxb|fyWvTyH-b=Ev1Gr-U-@#ybQ1$<g2mAfM&r%%6
zNgX>C>kA<gHpeda>uhdafk`6mG_>>P+B$REmy;e<>ckb@F3_8;N_(B`#HH^wfxMJo
zDtc!P&Y88FnNL=B$=Z5kjSiU=S;3~}PJerrb4u5mmF0K-{tpxt41Nh-VX0aMT}X)K
zZ3?+G*RtTRG%L9o#f5R^Sk^t6LiY>)Ox2xf_GYSREbf|lUf8-~AO5UD4y(LJvE~?+
zUl(BI5XuS8W!<khhwF4%hun)PQx~bNK25Atl$CrFUIE_n&08+&cB@>~%(qo!#edCx
zEl`$rS}n!Axfk295?)!66xpJhjI2vzwXszuD-zkn8s)W?WvR6ev#jN**B$jHKRw%k
z-OgDr?8q#8ygTsN8(~|$>0)i;Qx~20mcILraF(SSA<U+QA=ks+b>^oB-P%J(P6YOS
z2ArRM`~92q^Xqq`(GQl20bn1P1Ak_>!|EC>@^}^?a4#5kw9$4_gQ+${6)QtDuXa%L
zmFYm~9nu>LT_pWh`LD;Rcen1Ur#SkhwNC-iTy4cxn~Q4`pf*-rVKLKmR46pty{UHx
z!tn_!1|+iGQ8tZHa$row3b_R>GCU{~T-8Y>su*DZG71*gl!~870DAvN$$vcN1D|f%
za`eH57V=!$=CxaKUIMx<S>?(b3iGZowh`sB&^9r(uBm3j5hMhfh|@z}t1uHHb|CU&
zN+NL@P!9*v7jo_1PMPw2H*uM04S9Zgu$GLKVQ(U0ON2<4W(nLt#7fjYi-hrT+(xXV
zao(vg)d1ERT2|Rma5jNn6@QY|yp?(^Hjc7eOJ{!CAOdEOeS`T*CF$Gm&qnV*y}LNS
zx_p0eV>77c5KJb>>I7_W&>(q*BQti)I#84Ccrg(4({zz&X=V<@I7&FA&@^<ra&V>s
zET*h3j+y_b&l|Mqm(?noDwTIJqk?)gaM8`#RpFg=_pmM#OoD{L&3}vmpV7eA$0YJ1
zb>YuYkx{)ibWx@nt8{3EqIKbasxO!Hysa*ki&=t$a|rNa1Rjli?xMp%sg6<b+3R8X
zbqtJ9-`=><l`8VD-JeP#a_{#0O%`aW>WdkflK`fL<0N@$r5B&b-KsQhD-BizB8<0p
z=6E=6urIp*merNDV}I&6i8}N4@K|e6r?gc4OGhI2<x7;6@qc4owz&~t)&AdugX;d@
z*C)fnef<A9isLw?aKAZ3o}Me84^4L9Z1i4l@Liq=DElH=*d7akz1g)nl#(CZjj8`W
zn$XMWL*Yo$mmZS8R9Pwi=>fDYwt%h3{~aG3998pwuaA!Q@_+vvrD6Y9w(YCB>udeo
zU<xwZPxM5o!OAW#%O<Z)_jomJ@!BMXXd8{E${^ZsHRjvW$~#Rd*iP};a#HCjKKp*A
zjS^rhw?=J~O8iqNlv2p+WH8mS|0l~7RRYWT0;T2Z@65ezTL0;Lht#@fAFqC{cy%Q(
zwn4;NMM|8QGJkPeRnMEpr?(G-oVmA>)6{?KXPDYWzn6y(QZ>D9lsfII{bHyVqG35i
zzgq!WiJ;E3wk8`2%Tr))CpcvuU0;~Yg%8<ms=REB#q9Lk@6WH_|Mu?s)AhTbKaDQW
ze*JXy=H{0l+67YKUb|Jr;?Xd~kzai*>1e)ntOxgCX@9UC;W?C$`fzFoRWT+FVb+u7
zVb&c7QkQ9v9GtEDcCZ$A&kRQK_}1-hSN<peJU-suYNN<+ZyQ(cE9m?6<J)(iE-ugC
zeY$w_;hl}LpBN46d@>;r_}4J0zcKH$J(n)360eK&VhJ;UD^;vbCO1zr7MzDNt;>Cn
zw0VgeSAPL1R^GxISO#FFP1t80zg*T)yEIGljhkfsnzNL(ijo52pMLv&S*WWORpL`F
zh@B}2N6U`G1s1$WmASmIXS=!3-aCCskqR}1`kErgSN9Y-iN2`l)S}{+-fXm8-f}G;
zGhJmgWCoutec2*GX?yq8rybi_%crnLm3y)46@OZotJMZ3^;?!2hb1Qd@$vR43|D^k
zcfy^R#NgD1paAIhws$Kl-4>c<3EgVTItnTIo8XY`DotJ@F#`@t95})Z5Emo}(pZIW
z4v>d27Gz8UA{MV?i^X>gP{P&yYeir*3Kr5RstXUO57Igsi1N`G1V-lYeR>zd+2}pW
z?|-~)Gp-WK7K2-FzI24w$EJt5+HPI9WP=3v3MNzsJSEX(b+jHww&lh(kyTi8XKcA6
zmRyG&w;AR#thM-ZqXD<$TjGT;!?IlKnibTi^d9cA8rHdj>=M!%Np`irIW=n`x7voS
zM`FoRav61(>`b5C`iif}_^&Rl^1oaD9)HA&{O{4AzW?Lkc(Bj^K1Zn}qSWEAU1onZ
zz<uu5J{C`v`K@Ep<*#sXbSHUU*`kx1#`ecX&B$+iVziuZZJS2dM>}_zL^p20pE=uI
z8x1`}U-ik!ZS&!6c0=#8;r~6Sx3<iSKTqab%iWheUA51Be{H#M`^n^5we2#+b$^C`
zj<mO>@>i4cUKQd$ZWF}c=ot2vDQ>Mp^5{d~L?8N%(TB~>g6}qsyuoSJO_Ip{jZ(-}
zwY*Ot?-R&tpL1=>AzPt7K@$0njgKAui%X|<b&>rvQ>F3OeT;N1r|zrI<gPXdUuzb3
zd;b$HKMVWJM_j8m)M`)|jqw!g-+z35OZ3mD5gOsZN`Y#lbVYG#8G%I*%RkSCy50Kn
zq#fD$&#&#E0~uu*{WVR#o)ujy-`O(xvcB`vD)Z8Uoi-<NBMK_)w6lTAvUQu0RrAC)
z=JR!XQir$U+&1$0KK=F=Esgm<HpZS~l7LT|{~H`0y?$NG{~hgr|LIvuEq^p$zPM7U
z5v3KX2gS3K;iFQM<=Ma$_hRlcHTV?t=2@9tQu^?aYT;@UP0HZ1IZ*F$B4(74|0ugu
zKew-cu<M!zu)M1Zmhl@LxEFH47!>bsR9A4e?i5P`?c_Mp3ICbVB<3#qXSe&WPQ{!0
zXE&Dp;Q}IIoFh|d4s5I{On*UiU!iV5xcaMp)=PfSLnA-=($s@$w*f*gz$9#qRVSNm
zxXPC&*f5(KUVu4o+0T}Jf;mKDgOM}6d4;-h6S~#i@;H&QvC|H11<<3E`6MdJgbjz1
z+NT*b>+GA9patK*lyKLD_AQBg5>4BSeS0CV+|TNa4XW0gFOu>9fjTFQlv|Z+?s=|r
zIdU82DwUC0^w$;L=IRY)lelD<3mW@No9}(umwnlnjm!TB00960(l0Z|0FVFx;NzJU

diff --git a/charts/latest/csi-driver-smb/templates/csi-smb-controller.yaml b/charts/latest/csi-driver-smb/templates/csi-smb-controller.yaml
index 5f86404efa5..3d2eda96d3e 100755
--- a/charts/latest/csi-driver-smb/templates/csi-smb-controller.yaml
+++ b/charts/latest/csi-driver-smb/templates/csi-smb-controller.yaml
@@ -74,6 +74,9 @@ spec:
           resources: {{- toYaml .Values.controller.resources.csiProvisioner | nindent 12 }}
           securityContext:
             readOnlyRootFilesystem: true
+            capabilities:
+              drop:
+              - ALL
         - name: liveness-probe
 {{- if hasPrefix "/" .Values.image.livenessProbe.repository }}
           image: "{{ .Values.image.baseRepo }}{{ .Values.image.livenessProbe.repository }}:{{ .Values.image.livenessProbe.tag }}"
@@ -92,6 +95,9 @@ spec:
           resources: {{- toYaml .Values.controller.resources.livenessProbe | nindent 12 }}
           securityContext:
             readOnlyRootFilesystem: true
+            capabilities:
+              drop:
+              - ALL
         - name: smb
 {{- if hasPrefix "/" .Values.image.smb.repository }}
           image: "{{ .Values.image.baseRepo }}{{ .Values.image.smb.repository }}:{{ .Values.image.smb.tag }}"
@@ -124,6 +130,9 @@ spec:
           securityContext:
             privileged: true
             readOnlyRootFilesystem: true
+            capabilities:
+              drop:
+              - ALL
           volumeMounts:
             - mountPath: /csi
               name: socket-dir