From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id A50BE1B7E4; Sun, 17 Mar 2024 12:26:25 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1710678386; cv=none; b=A+Uu82QDOsUlDskZ+XCYtbTyZ4+5uTm7BzNMwjXs7wFVqADl2CxHqDdlEQUtrrrDg0aR0jTfvunMoSniAeOLyfRndTx2Vzykt94dNxROuFG3B8M/UDJEDsTWz5qZoIb1YmvlHuWlEahk8G6xqBly4nWMxGocQ36/0OfI4UHBPaQ= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1710678386; c=relaxed/simple; bh=iYxTMqDgxfAqrpKM39EoXettOKZYey71bShInFhDSTk=; h=Date:Message-ID:From:To:Cc:Subject:In-Reply-To:References: MIME-Version:Content-Type; b=oGYzC50/wzXqZYrZivsXpZGah4WCitz9TRRdkaZfgBfB82+QW+imLyP82kbxGgSkszQlyWGzWzQpriOTFsuj6Bs52lwxOeiXxWQnwTi4A4crKuk8kwUh0sAoflCFM2VQ10qlPuYQmUocDOotnrxVo9uzlcDnD/6ji2Oh9oOcg0E= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=Hj7oKJDa; arc=none smtp.client-ip=10.30.226.201 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="Hj7oKJDa" Received: by smtp.kernel.org (Postfix) with ESMTPSA id 8C889C433F1; Sun, 17 Mar 2024 12:26:25 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1710678385; bh=iYxTMqDgxfAqrpKM39EoXettOKZYey71bShInFhDSTk=; h=Date:From:To:Cc:Subject:In-Reply-To:References:From; b=Hj7oKJDa6uvMGqLUWJJEr92TqIWE1Nolf84xYqoALjfpEXHvFzZh4PmeE5KKUWbF9 IG8GULM/fNK7z//SG3PIR6xUT0PF4Eku0xao/q5XeIGnX6AJIQSHVzx88BjBjzMx7Z PLyTj5pkc2uH8AlqmTBJzApk9DgXHXjRMpNhUV9XzdbmnyGVVpuTJPerjeRy1ERW/0 EDz+189kO2gR6R+cfdtF/+jdwgxz8PlefQZJjCxWqIn7doGg0wBjbI/cSRTipQqV/w Mal+kgdvMRo5Nk0ImnorLQR3obfj6xEyPCbYhFw2iSmVqPqqbr9Vo623edB9E56GBE kda1cKMNh1IZg== Received: from sofa.misterjones.org ([185.219.108.64] helo=goblin-girl.misterjones.org) by disco-boy.misterjones.org with esmtpsa (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.95) (envelope-from ) id 1rlpap-00D1nT-63; Sun, 17 Mar 2024 12:26:23 +0000 Date: Sun, 17 Mar 2024 12:26:22 +0000 Message-ID: <86a5mx11u9.wl-maz@kernel.org> From: Marc Zyngier To: =?UTF-8?B?UGllcnJlLUNsw6ltZW50?= Tosi Cc: kvmarm@lists.linux.dev, linux-arm-kernel@lists.infradead.org, kvm@vger.kernel.org, James Morse , Suzuki K Poulose , Oliver Upton , Zenghui Yu , Andrew Scull Subject: Re: [PATCH 01/10] KVM: arm64: Fix clobbered ELR in sync abort In-Reply-To: <0dfcc4c5c898941147723ba530c81ddc8399ef55.1710446682.git.ptosi@google.com> References: <0dfcc4c5c898941147723ba530c81ddc8399ef55.1710446682.git.ptosi@google.com> User-Agent: Wanderlust/2.15.9 (Almost Unreal) SEMI-EPG/1.14.7 (Harue) FLIM-LB/1.14.9 (=?UTF-8?B?R29qxY0=?=) APEL-LB/10.8 EasyPG/1.0.0 Emacs/29.1 (aarch64-unknown-linux-gnu) MULE/6.0 (HANACHIRUSATO) Precedence: bulk X-Mailing-List: kvmarm@lists.linux.dev List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 (generated by SEMI-EPG 1.14.7 - "Harue") Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable X-SA-Exim-Connect-IP: 185.219.108.64 X-SA-Exim-Rcpt-To: ptosi@google.com, kvmarm@lists.linux.dev, linux-arm-kernel@lists.infradead.org, kvm@vger.kernel.org, james.morse@arm.com, suzuki.poulose@arm.com, oliver.upton@linux.dev, yuzenghui@huawei.com, ascull@google.com X-SA-Exim-Mail-From: maz@kernel.org X-SA-Exim-Scanned: No (on disco-boy.misterjones.org); SAEximRunCond expanded to false On Thu, 14 Mar 2024 20:23:22 +0000, Pierre-Cl=C3=A9ment Tosi wrote: >=20 > When the hypervisor receives a SError or synchronous exception (EL2h) nit: since this also affects SError, $subject seems wrong. > while running with the __kvm_hyp_vector and if ELR_EL2 doesn't point to > an extable entry, it panics indirectly by overwriting ELR with the > address of a panic handler in order for the asm routine it returns to to > ERET into the handler. This is done (instead of a simple function call) > to ensure that the panic handler runs with the SPSel that was in use > when the exception was triggered, necessary to support features such as > the shadow call stack. I don't understand this. Who changes SPsel? At any given point, SP_EL0 is that of either the host or the guest, but never the hypervisor's. If something was touching SP_EL0 behind our back, it would result in corruption (see 6e977984f6d8 for a bit of rationale about it). > > However, this clobbers ELR_EL2 for the handler itself. As a result, > hyp_panic(), when retrieving what it believes to be the PC where the > exception happened, actually ends up reading the address of the panic > handler that called it! This results in an erroneous and confusing panic > message where the source of any synchronous exception (e.g. BUG() or > kCFI) appears to be __guest_exit_panic, making it hard to locate the > actual BRK instruction. >=20 > Therefore, store the original ELR_EL2 in a per-CPU struct and point the Can you elaborate on *which* per-CPU structure you are using? > sysreg to a routine that first restores it to its previous value before > running __guest_exit_panic. >=20 > Fixes: 7db21530479f ("KVM: arm64: Restore hyp when panicking in guest con= text") > Signed-off-by: Pierre-Cl=C3=A9ment Tosi > --- > arch/arm64/kernel/asm-offsets.c | 1 + > arch/arm64/kvm/hyp/entry.S | 9 +++++++++ > arch/arm64/kvm/hyp/include/hyp/switch.h | 6 ++++-- > 3 files changed, 14 insertions(+), 2 deletions(-) >=20 > diff --git a/arch/arm64/kernel/asm-offsets.c b/arch/arm64/kernel/asm-offs= ets.c > index 5a7dbbe0ce63..e62353168a57 100644 > --- a/arch/arm64/kernel/asm-offsets.c > +++ b/arch/arm64/kernel/asm-offsets.c > @@ -128,6 +128,7 @@ int main(void) > DEFINE(VCPU_FAULT_DISR, offsetof(struct kvm_vcpu, arch.fault.disr_el1)= ); > DEFINE(VCPU_HCR_EL2, offsetof(struct kvm_vcpu, arch.hcr_el2)); > DEFINE(CPU_USER_PT_REGS, offsetof(struct kvm_cpu_context, regs)); > + DEFINE(CPU_ELR_EL2, offsetof(struct kvm_cpu_context, sys_regs[ELR_EL2= ])); > DEFINE(CPU_RGSR_EL1, offsetof(struct kvm_cpu_context, sys_regs[RGSR_E= L1])); > DEFINE(CPU_GCR_EL1, offsetof(struct kvm_cpu_context, sys_regs[GCR_EL1= ])); > DEFINE(CPU_APIAKEYLO_EL1, offsetof(struct kvm_cpu_context, sys_regs[AP= IAKEYLO_EL1])); > diff --git a/arch/arm64/kvm/hyp/entry.S b/arch/arm64/kvm/hyp/entry.S > index f3aa7738b477..9cdf46da3051 100644 > --- a/arch/arm64/kvm/hyp/entry.S > +++ b/arch/arm64/kvm/hyp/entry.S > @@ -83,6 +83,15 @@ alternative_else_nop_endif > eret > sb > =20 > +SYM_INNER_LABEL(__guest_exit_panic_with_restored_elr, SYM_L_GLOBAL) The name of the function isn't great. Crucially, 'with_restored_elr' implies that ELR is already restored, while it is the hunk below that does the 'restore' part. Something like '__guest_exit_restore_elr_and_panic' seems more appropriate. > + // x0-x29,lr: hyp regs > + > + stp x0, x1, [sp, #-16]! > + adr_this_cpu x0, kvm_hyp_ctxt, x1 > + ldr x0, [x0, #CPU_ELR_EL2] > + msr elr_el2, x0 > + ldp x0, x1, [sp], #16 > + > SYM_INNER_LABEL(__guest_exit_panic, SYM_L_GLOBAL) > // x2-x29,lr: vcpu regs > // vcpu x0-x1 on the stack > diff --git a/arch/arm64/kvm/hyp/include/hyp/switch.h b/arch/arm64/kvm/hyp= /include/hyp/switch.h > index a038320cdb08..6a8dc8d3c193 100644 > --- a/arch/arm64/kvm/hyp/include/hyp/switch.h > +++ b/arch/arm64/kvm/hyp/include/hyp/switch.h > @@ -747,7 +747,7 @@ static inline bool fixup_guest_exit(struct kvm_vcpu *= vcpu, u64 *exit_code) > =20 > static inline void __kvm_unexpected_el2_exception(void) > { > - extern char __guest_exit_panic[]; > + extern char __guest_exit_panic_with_restored_elr[]; > unsigned long addr, fixup; > struct kvm_exception_table_entry *entry, *end; > unsigned long elr_el2 =3D read_sysreg(elr_el2); > @@ -769,7 +769,9 @@ static inline void __kvm_unexpected_el2_exception(voi= d) > } > =20 > /* Trigger a panic after restoring the hyp context. */ > - write_sysreg(__guest_exit_panic, elr_el2); > + write_sysreg(__guest_exit_panic_with_restored_elr, elr_el2); > + > + this_cpu_ptr(&kvm_hyp_ctxt)->sys_regs[ELR_EL2] =3D elr_el2; nit: placing the saving of ELR_EL2 before overriding the sysreg makes the whole thing a bit more readable, specially given the poor choice of 'elr_el2' as a variable (visually clashing with 'elr_el2' as a system register). Thanks, M. --=20 Without deviation from the norm, progress is not possible. From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from bombadil.infradead.org (bombadil.infradead.org [198.137.202.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 513F7C54E60 for ; Sun, 17 Mar 2024 12:26:52 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender: Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:MIME-Version:References:In-Reply-To: Subject:Cc:To:From:Message-ID:Date:Reply-To:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=7Ve9Fix+kOqpNSZt8qw/2iSOB1h6CT1wBEB+gff91j0=; b=nQT2eqVTyAxVax xNNaWU0qSNogOG6+yLgobaavA4BuVwng5cvGjA34tDHsHn2du2KBVkzqYftRplR4F8agHnVWCznAf uI4NHKGiOOncqPqOSy0yW0Gqp4DOj6XnHgqgbdUweRXk9pllkkI+znDH/rvPH7r8Gbv4V1FW//I0u O5els+LhbPPfL/KjVdyiEtPqTKLmehVpqUxH6yBgQJhz4TMkcv5pwPB4euVctNOLDVKB56ff7PVVf 8EdqdkqaguWLjfOQ2Kby5VtKQqHc9n4hLJ5OrFZXKrdHfAGTMFJ8gnrtGV0FnfFhN2pYex2dKXGSe PtIlOeMh02rXsukkIqZA==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.97.1 #2 (Red Hat Linux)) id 1rlpb1-000000059Fg-2qeY; Sun, 17 Mar 2024 12:26:35 +0000 Received: from sin.source.kernel.org ([2604:1380:40e1:4800::1]) by bombadil.infradead.org with esmtps (Exim 4.97.1 #2 (Red Hat Linux)) id 1rlpaw-000000059Ee-3A3W for linux-arm-kernel@lists.infradead.org; Sun, 17 Mar 2024 12:26:33 +0000 Received: from smtp.kernel.org (transwarp.subspace.kernel.org [100.75.92.58]) by sin.source.kernel.org (Postfix) with ESMTP id 23B73CE013C; Sun, 17 Mar 2024 12:26:27 +0000 (UTC) Received: by smtp.kernel.org (Postfix) with ESMTPSA id 8C889C433F1; Sun, 17 Mar 2024 12:26:25 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1710678385; bh=iYxTMqDgxfAqrpKM39EoXettOKZYey71bShInFhDSTk=; h=Date:From:To:Cc:Subject:In-Reply-To:References:From; b=Hj7oKJDa6uvMGqLUWJJEr92TqIWE1Nolf84xYqoALjfpEXHvFzZh4PmeE5KKUWbF9 IG8GULM/fNK7z//SG3PIR6xUT0PF4Eku0xao/q5XeIGnX6AJIQSHVzx88BjBjzMx7Z PLyTj5pkc2uH8AlqmTBJzApk9DgXHXjRMpNhUV9XzdbmnyGVVpuTJPerjeRy1ERW/0 EDz+189kO2gR6R+cfdtF/+jdwgxz8PlefQZJjCxWqIn7doGg0wBjbI/cSRTipQqV/w Mal+kgdvMRo5Nk0ImnorLQR3obfj6xEyPCbYhFw2iSmVqPqqbr9Vo623edB9E56GBE kda1cKMNh1IZg== Received: from sofa.misterjones.org ([185.219.108.64] helo=goblin-girl.misterjones.org) by disco-boy.misterjones.org with esmtpsa (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.95) (envelope-from ) id 1rlpap-00D1nT-63; Sun, 17 Mar 2024 12:26:23 +0000 Date: Sun, 17 Mar 2024 12:26:22 +0000 Message-ID: <86a5mx11u9.wl-maz@kernel.org> From: Marc Zyngier To: =?UTF-8?B?UGllcnJlLUNsw6ltZW50?= Tosi Cc: kvmarm@lists.linux.dev, linux-arm-kernel@lists.infradead.org, kvm@vger.kernel.org, James Morse , Suzuki K Poulose , Oliver Upton , Zenghui Yu , Andrew Scull Subject: Re: [PATCH 01/10] KVM: arm64: Fix clobbered ELR in sync abort In-Reply-To: <0dfcc4c5c898941147723ba530c81ddc8399ef55.1710446682.git.ptosi@google.com> References: <0dfcc4c5c898941147723ba530c81ddc8399ef55.1710446682.git.ptosi@google.com> User-Agent: Wanderlust/2.15.9 (Almost Unreal) SEMI-EPG/1.14.7 (Harue) FLIM-LB/1.14.9 (=?UTF-8?B?R29qxY0=?=) APEL-LB/10.8 EasyPG/1.0.0 Emacs/29.1 (aarch64-unknown-linux-gnu) MULE/6.0 (HANACHIRUSATO) MIME-Version: 1.0 (generated by SEMI-EPG 1.14.7 - "Harue") X-SA-Exim-Connect-IP: 185.219.108.64 X-SA-Exim-Rcpt-To: ptosi@google.com, kvmarm@lists.linux.dev, linux-arm-kernel@lists.infradead.org, kvm@vger.kernel.org, james.morse@arm.com, suzuki.poulose@arm.com, oliver.upton@linux.dev, yuzenghui@huawei.com, ascull@google.com X-SA-Exim-Mail-From: maz@kernel.org X-SA-Exim-Scanned: No (on disco-boy.misterjones.org); SAEximRunCond expanded to false X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20240317_052631_175496_B4CF7E65 X-CRM114-Status: GOOD ( 30.01 ) X-BeenThere: linux-arm-kernel@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: base64 Sender: "linux-arm-kernel" Errors-To: linux-arm-kernel-bounces+linux-arm-kernel=archiver.kernel.org@lists.infradead.org T24gVGh1LCAxNCBNYXIgMjAyNCAyMDoyMzoyMiArMDAwMCwKUGllcnJlLUNsw6ltZW50IFRvc2kg PHB0b3NpQGdvb2dsZS5jb20+IHdyb3RlOgo+IAo+IFdoZW4gdGhlIGh5cGVydmlzb3IgcmVjZWl2 ZXMgYSBTRXJyb3Igb3Igc3luY2hyb25vdXMgZXhjZXB0aW9uIChFTDJoKQoKbml0OiBzaW5jZSB0 aGlzIGFsc28gYWZmZWN0cyBTRXJyb3IsICRzdWJqZWN0IHNlZW1zIHdyb25nLgoKPiB3aGlsZSBy dW5uaW5nIHdpdGggdGhlIF9fa3ZtX2h5cF92ZWN0b3IgYW5kIGlmIEVMUl9FTDIgZG9lc24ndCBw b2ludCB0bwo+IGFuIGV4dGFibGUgZW50cnksIGl0IHBhbmljcyBpbmRpcmVjdGx5IGJ5IG92ZXJ3 cml0aW5nIEVMUiB3aXRoIHRoZQo+IGFkZHJlc3Mgb2YgYSBwYW5pYyBoYW5kbGVyIGluIG9yZGVy IGZvciB0aGUgYXNtIHJvdXRpbmUgaXQgcmV0dXJucyB0byB0bwo+IEVSRVQgaW50byB0aGUgaGFu ZGxlci4gVGhpcyBpcyBkb25lIChpbnN0ZWFkIG9mIGEgc2ltcGxlIGZ1bmN0aW9uIGNhbGwpCj4g dG8gZW5zdXJlIHRoYXQgdGhlIHBhbmljIGhhbmRsZXIgcnVucyB3aXRoIHRoZSBTUFNlbCB0aGF0 IHdhcyBpbiB1c2UKPiB3aGVuIHRoZSBleGNlcHRpb24gd2FzIHRyaWdnZXJlZCwgbmVjZXNzYXJ5 IHRvIHN1cHBvcnQgZmVhdHVyZXMgc3VjaCBhcwo+IHRoZSBzaGFkb3cgY2FsbCBzdGFjay4KCkkg ZG9uJ3QgdW5kZXJzdGFuZCB0aGlzLiBXaG8gY2hhbmdlcyBTUHNlbD8gQXQgYW55IGdpdmVuIHBv aW50LCBTUF9FTDAKaXMgdGhhdCBvZiBlaXRoZXIgdGhlIGhvc3Qgb3IgdGhlIGd1ZXN0LCBidXQg bmV2ZXIgdGhlIGh5cGVydmlzb3Incy4KSWYgc29tZXRoaW5nIHdhcyB0b3VjaGluZyBTUF9FTDAg YmVoaW5kIG91ciBiYWNrLCBpdCB3b3VsZCByZXN1bHQgaW4KY29ycnVwdGlvbiAoc2VlIDZlOTc3 OTg0ZjZkOCBmb3IgYSBiaXQgb2YgcmF0aW9uYWxlIGFib3V0IGl0KS4KCj4KPiBIb3dldmVyLCB0 aGlzIGNsb2JiZXJzIEVMUl9FTDIgZm9yIHRoZSBoYW5kbGVyIGl0c2VsZi4gQXMgYSByZXN1bHQs Cj4gaHlwX3BhbmljKCksIHdoZW4gcmV0cmlldmluZyB3aGF0IGl0IGJlbGlldmVzIHRvIGJlIHRo ZSBQQyB3aGVyZSB0aGUKPiBleGNlcHRpb24gaGFwcGVuZWQsIGFjdHVhbGx5IGVuZHMgdXAgcmVh ZGluZyB0aGUgYWRkcmVzcyBvZiB0aGUgcGFuaWMKPiBoYW5kbGVyIHRoYXQgY2FsbGVkIGl0ISBU aGlzIHJlc3VsdHMgaW4gYW4gZXJyb25lb3VzIGFuZCBjb25mdXNpbmcgcGFuaWMKPiBtZXNzYWdl IHdoZXJlIHRoZSBzb3VyY2Ugb2YgYW55IHN5bmNocm9ub3VzIGV4Y2VwdGlvbiAoZS5nLiBCVUco KSBvcgo+IGtDRkkpIGFwcGVhcnMgdG8gYmUgX19ndWVzdF9leGl0X3BhbmljLCBtYWtpbmcgaXQg aGFyZCB0byBsb2NhdGUgdGhlCj4gYWN0dWFsIEJSSyBpbnN0cnVjdGlvbi4KPiAKPiBUaGVyZWZv cmUsIHN0b3JlIHRoZSBvcmlnaW5hbCBFTFJfRUwyIGluIGEgcGVyLUNQVSBzdHJ1Y3QgYW5kIHBv aW50IHRoZQoKQ2FuIHlvdSBlbGFib3JhdGUgb24gKndoaWNoKiBwZXItQ1BVIHN0cnVjdHVyZSB5 b3UgYXJlIHVzaW5nPwoKPiBzeXNyZWcgdG8gYSByb3V0aW5lIHRoYXQgZmlyc3QgcmVzdG9yZXMg aXQgdG8gaXRzIHByZXZpb3VzIHZhbHVlIGJlZm9yZQo+IHJ1bm5pbmcgX19ndWVzdF9leGl0X3Bh bmljLgo+IAo+IEZpeGVzOiA3ZGIyMTUzMDQ3OWYgKCJLVk06IGFybTY0OiBSZXN0b3JlIGh5cCB3 aGVuIHBhbmlja2luZyBpbiBndWVzdCBjb250ZXh0IikKPiBTaWduZWQtb2ZmLWJ5OiBQaWVycmUt Q2zDqW1lbnQgVG9zaSA8cHRvc2lAZ29vZ2xlLmNvbT4KPiAtLS0KPiAgYXJjaC9hcm02NC9rZXJu ZWwvYXNtLW9mZnNldHMuYyAgICAgICAgIHwgMSArCj4gIGFyY2gvYXJtNjQva3ZtL2h5cC9lbnRy eS5TICAgICAgICAgICAgICB8IDkgKysrKysrKysrCj4gIGFyY2gvYXJtNjQva3ZtL2h5cC9pbmNs dWRlL2h5cC9zd2l0Y2guaCB8IDYgKysrKy0tCj4gIDMgZmlsZXMgY2hhbmdlZCwgMTQgaW5zZXJ0 aW9ucygrKSwgMiBkZWxldGlvbnMoLSkKPiAKPiBkaWZmIC0tZ2l0IGEvYXJjaC9hcm02NC9rZXJu ZWwvYXNtLW9mZnNldHMuYyBiL2FyY2gvYXJtNjQva2VybmVsL2FzbS1vZmZzZXRzLmMKPiBpbmRl eCA1YTdkYmJlMGNlNjMuLmU2MjM1MzE2OGE1NyAxMDA2NDQKPiAtLS0gYS9hcmNoL2FybTY0L2tl cm5lbC9hc20tb2Zmc2V0cy5jCj4gKysrIGIvYXJjaC9hcm02NC9rZXJuZWwvYXNtLW9mZnNldHMu Ywo+IEBAIC0xMjgsNiArMTI4LDcgQEAgaW50IG1haW4odm9pZCkKPiAgICBERUZJTkUoVkNQVV9G QVVMVF9ESVNSLAlvZmZzZXRvZihzdHJ1Y3Qga3ZtX3ZjcHUsIGFyY2guZmF1bHQuZGlzcl9lbDEp KTsKPiAgICBERUZJTkUoVkNQVV9IQ1JfRUwyLAkJb2Zmc2V0b2Yoc3RydWN0IGt2bV92Y3B1LCBh cmNoLmhjcl9lbDIpKTsKPiAgICBERUZJTkUoQ1BVX1VTRVJfUFRfUkVHUywJb2Zmc2V0b2Yoc3Ry dWN0IGt2bV9jcHVfY29udGV4dCwgcmVncykpOwo+ICsgIERFRklORShDUFVfRUxSX0VMMiwJCW9m ZnNldG9mKHN0cnVjdCBrdm1fY3B1X2NvbnRleHQsIHN5c19yZWdzW0VMUl9FTDJdKSk7Cj4gICAg REVGSU5FKENQVV9SR1NSX0VMMSwJCW9mZnNldG9mKHN0cnVjdCBrdm1fY3B1X2NvbnRleHQsIHN5 c19yZWdzW1JHU1JfRUwxXSkpOwo+ICAgIERFRklORShDUFVfR0NSX0VMMSwJCW9mZnNldG9mKHN0 cnVjdCBrdm1fY3B1X2NvbnRleHQsIHN5c19yZWdzW0dDUl9FTDFdKSk7Cj4gICAgREVGSU5FKENQ VV9BUElBS0VZTE9fRUwxLAlvZmZzZXRvZihzdHJ1Y3Qga3ZtX2NwdV9jb250ZXh0LCBzeXNfcmVn c1tBUElBS0VZTE9fRUwxXSkpOwo+IGRpZmYgLS1naXQgYS9hcmNoL2FybTY0L2t2bS9oeXAvZW50 cnkuUyBiL2FyY2gvYXJtNjQva3ZtL2h5cC9lbnRyeS5TCj4gaW5kZXggZjNhYTc3MzhiNDc3Li45 Y2RmNDZkYTMwNTEgMTAwNjQ0Cj4gLS0tIGEvYXJjaC9hcm02NC9rdm0vaHlwL2VudHJ5LlMKPiAr KysgYi9hcmNoL2FybTY0L2t2bS9oeXAvZW50cnkuUwo+IEBAIC04Myw2ICs4MywxNSBAQCBhbHRl cm5hdGl2ZV9lbHNlX25vcF9lbmRpZgo+ICAJZXJldAo+ICAJc2IKPiAgCj4gK1NZTV9JTk5FUl9M QUJFTChfX2d1ZXN0X2V4aXRfcGFuaWNfd2l0aF9yZXN0b3JlZF9lbHIsIFNZTV9MX0dMT0JBTCkK ClRoZSBuYW1lIG9mIHRoZSBmdW5jdGlvbiBpc24ndCBncmVhdC4gQ3J1Y2lhbGx5LCAnd2l0aF9y ZXN0b3JlZF9lbHInCmltcGxpZXMgdGhhdCBFTFIgaXMgYWxyZWFkeSByZXN0b3JlZCwgd2hpbGUg aXQgaXMgdGhlIGh1bmsgYmVsb3cgdGhhdApkb2VzIHRoZSAncmVzdG9yZScgcGFydC4KClNvbWV0 aGluZyBsaWtlICdfX2d1ZXN0X2V4aXRfcmVzdG9yZV9lbHJfYW5kX3BhbmljJyBzZWVtcyBtb3Jl CmFwcHJvcHJpYXRlLgoKPiArCS8vIHgwLXgyOSxscjogaHlwIHJlZ3MKPiArCj4gKwlzdHAJeDAs IHgxLCBbc3AsICMtMTZdIQo+ICsJYWRyX3RoaXNfY3B1IHgwLCBrdm1faHlwX2N0eHQsIHgxCj4g KwlsZHIJeDAsIFt4MCwgI0NQVV9FTFJfRUwyXQo+ICsJbXNyCWVscl9lbDIsIHgwCj4gKwlsZHAJ eDAsIHgxLCBbc3BdLCAjMTYKPiArCj4gIFNZTV9JTk5FUl9MQUJFTChfX2d1ZXN0X2V4aXRfcGFu aWMsIFNZTV9MX0dMT0JBTCkKPiAgCS8vIHgyLXgyOSxscjogdmNwdSByZWdzCj4gIAkvLyB2Y3B1 IHgwLXgxIG9uIHRoZSBzdGFjawo+IGRpZmYgLS1naXQgYS9hcmNoL2FybTY0L2t2bS9oeXAvaW5j bHVkZS9oeXAvc3dpdGNoLmggYi9hcmNoL2FybTY0L2t2bS9oeXAvaW5jbHVkZS9oeXAvc3dpdGNo LmgKPiBpbmRleCBhMDM4MzIwY2RiMDguLjZhOGRjOGQzYzE5MyAxMDA2NDQKPiAtLS0gYS9hcmNo L2FybTY0L2t2bS9oeXAvaW5jbHVkZS9oeXAvc3dpdGNoLmgKPiArKysgYi9hcmNoL2FybTY0L2t2 bS9oeXAvaW5jbHVkZS9oeXAvc3dpdGNoLmgKPiBAQCAtNzQ3LDcgKzc0Nyw3IEBAIHN0YXRpYyBp bmxpbmUgYm9vbCBmaXh1cF9ndWVzdF9leGl0KHN0cnVjdCBrdm1fdmNwdSAqdmNwdSwgdTY0ICpl eGl0X2NvZGUpCj4gIAo+ICBzdGF0aWMgaW5saW5lIHZvaWQgX19rdm1fdW5leHBlY3RlZF9lbDJf ZXhjZXB0aW9uKHZvaWQpCj4gIHsKPiAtCWV4dGVybiBjaGFyIF9fZ3Vlc3RfZXhpdF9wYW5pY1td Owo+ICsJZXh0ZXJuIGNoYXIgX19ndWVzdF9leGl0X3BhbmljX3dpdGhfcmVzdG9yZWRfZWxyW107 Cj4gIAl1bnNpZ25lZCBsb25nIGFkZHIsIGZpeHVwOwo+ICAJc3RydWN0IGt2bV9leGNlcHRpb25f dGFibGVfZW50cnkgKmVudHJ5LCAqZW5kOwo+ICAJdW5zaWduZWQgbG9uZyBlbHJfZWwyID0gcmVh ZF9zeXNyZWcoZWxyX2VsMik7Cj4gQEAgLTc2OSw3ICs3NjksOSBAQCBzdGF0aWMgaW5saW5lIHZv aWQgX19rdm1fdW5leHBlY3RlZF9lbDJfZXhjZXB0aW9uKHZvaWQpCj4gIAl9Cj4gIAo+ICAJLyog VHJpZ2dlciBhIHBhbmljIGFmdGVyIHJlc3RvcmluZyB0aGUgaHlwIGNvbnRleHQuICovCj4gLQl3 cml0ZV9zeXNyZWcoX19ndWVzdF9leGl0X3BhbmljLCBlbHJfZWwyKTsKPiArCXdyaXRlX3N5c3Jl ZyhfX2d1ZXN0X2V4aXRfcGFuaWNfd2l0aF9yZXN0b3JlZF9lbHIsIGVscl9lbDIpOwo+ICsKPiAr CXRoaXNfY3B1X3B0cigma3ZtX2h5cF9jdHh0KS0+c3lzX3JlZ3NbRUxSX0VMMl0gPSBlbHJfZWwy OwoKbml0OiBwbGFjaW5nIHRoZSBzYXZpbmcgb2YgRUxSX0VMMiBiZWZvcmUgb3ZlcnJpZGluZyB0 aGUgc3lzcmVnIG1ha2VzCnRoZSB3aG9sZSB0aGluZyBhIGJpdCBtb3JlIHJlYWRhYmxlLCBzcGVj aWFsbHkgZ2l2ZW4gdGhlIHBvb3IgY2hvaWNlCm9mICdlbHJfZWwyJyBhcyBhIHZhcmlhYmxlICh2 aXN1YWxseSBjbGFzaGluZyB3aXRoICdlbHJfZWwyJyBhcyBhCnN5c3RlbSByZWdpc3RlcikuCgpU aGFua3MsCgoJTS4KCi0tIApXaXRob3V0IGRldmlhdGlvbiBmcm9tIHRoZSBub3JtLCBwcm9ncmVz cyBpcyBub3QgcG9zc2libGUuCgpfX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19f X19fX19fX19fXwpsaW51eC1hcm0ta2VybmVsIG1haWxpbmcgbGlzdApsaW51eC1hcm0ta2VybmVs QGxpc3RzLmluZnJhZGVhZC5vcmcKaHR0cDovL2xpc3RzLmluZnJhZGVhZC5vcmcvbWFpbG1hbi9s aXN0aW5mby9saW51eC1hcm0ta2VybmVsCg==