From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <keyrings-owner@kernel.org>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
X-Spam-Level: 
X-Spam-Status: No, score=-21.0 required=3.0 tests=BAYES_00,DKIMWL_WL_HIGH,
	DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,INCLUDES_CR_TRAILER,INCLUDES_PATCH,
	MAILING_LIST_MULTI,MENTIONS_GIT_HOSTING,SPF_HELO_NONE,SPF_PASS,URIBL_BLOCKED
	autolearn=ham autolearn_force=no version=3.4.0
Received: from mail.kernel.org (mail.kernel.org [198.145.29.99])
	by smtp.lore.kernel.org (Postfix) with ESMTP id 3625AC433DB
	for <keyrings@archiver.kernel.org>; Tue, 16 Feb 2021 07:30:01 +0000 (UTC)
Received: from vger.kernel.org (vger.kernel.org [23.128.96.18])
	by mail.kernel.org (Postfix) with ESMTP id C526264DDA
	for <keyrings@archiver.kernel.org>; Tue, 16 Feb 2021 07:30:00 +0000 (UTC)
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S229694AbhBPH37 (ORCPT <rfc822;keyrings@archiver.kernel.org>);
        Tue, 16 Feb 2021 02:29:59 -0500
Received: from mail.kernel.org ([198.145.29.99]:60624 "EHLO mail.kernel.org"
        rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP
        id S229662AbhBPH36 (ORCPT <rfc822;keyrings@vger.kernel.org>);
        Tue, 16 Feb 2021 02:29:58 -0500
Received: by mail.kernel.org (Postfix) with ESMTPSA id 560C664DFF;
        Tue, 16 Feb 2021 07:29:16 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org;
        s=k20201202; t=1613460556;
        bh=/NFwoG8ZRyHVoe9r7dEIE/ZNKD/IBrrhvjQYDHnSWSg=;
        h=Date:From:To:Cc:Subject:References:In-Reply-To:From;
        b=QbLpLPoMz/+VBYvT7Bh5TBcpH572zZWDho8n8C4YVc/DX4fixjkhzzTNXHpp0CeHB
         vOpH+ZfxbibybZ6U0W1FO+mnUrm/ALR7tcC3akWbYNzkBYh0yUI0AFpeaQnfomU3Ad
         KZJGOJUMD9iwS7SuFQxQZ/aihUJ6pvL4HWQt/fWbEzb67/m1oXxUDT5+amsLSrFrzl
         es0PMncOjh1EZhoAz77AdGqnPMy7u/sHL0NZyriNH1SsPQM32pHVwAzlgMOeeFPjfR
         7846XUAuW5CMLwRQM1EOleLeGYO2QCBf0oHKPZYsFKzGGe+Bbbc2+DH8jlNWqpE54l
         hTj3FBqWJsJSQ==
Date:   Tue, 16 Feb 2021 09:29:04 +0200
From:   Jarkko Sakkinen <jarkko@kernel.org>
To:     Sumit Garg <sumit.garg@linaro.org>
Cc:     Jerome Forissier <jerome@forissier.org>,
        "open list:SECURITY SUBSYSTEM" 
        <linux-security-module@vger.kernel.org>,
        Daniel Thompson <daniel.thompson@linaro.org>,
        op-tee@lists.trustedfirmware.org, Jonathan Corbet <corbet@lwn.net>,
        James Bottomley <jejb@linux.ibm.com>,
        Janne Karhunen <janne.karhunen@gmail.com>,
        Linux Doc Mailing List <linux-doc@vger.kernel.org>,
        James Morris <jmorris@namei.org>,
        Mimi Zohar <zohar@linux.ibm.com>,
        Linux Kernel Mailing List <linux-kernel@vger.kernel.org>,
        David Howells <dhowells@redhat.com>,
        Luke Hinds <lhinds@redhat.com>,
        "open list:ASYMMETRIC KEYS" <keyrings@vger.kernel.org>,
        Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>,
        Casey Schaufler <casey@schaufler-ca.com>,
        linux-integrity@vger.kernel.org,
        linux-arm-kernel <linux-arm-kernel@lists.infradead.org>,
        "Serge E. Hallyn" <serge@hallyn.com>, dave.hansen@intel.com
Subject: Re: [PATCH v8 2/4] KEYS: trusted: Introduce TEE based Trusted Keys
Message-ID: <YCt0QPVX4LeFKMsX@kernel.org>
References: <CAFA6WYP5G6NfGk96ePOC+2kpD6B+4hz9nywyUM9Nh=dJDYMiuA@mail.gmail.com>
 <01000177223f74d3-1eef7685-4a19-40d2-ace6-d4cd7f35579d-000000@email.amazonses.com>
 <dc3979e8-6bf0-adb7-164d-d50e805a048f@forissier.org>
 <YAmYu9FxWcLPhBhs@kernel.org>
 <YAmcyKnYCK+Y4IGW@kernel.org>
 <1486cfe8-bc30-1266-12bd-0049f2b64820@forissier.org>
 <YAsVenGkaqb8205f@kernel.org>
 <CAFA6WYPQ+LZyHKZJQb=3euTy8f8TO3HqCADojpZaHXgtzNj+fw@mail.gmail.com>
 <YCW/BKmeswM5AThU@kernel.org>
 <CAFA6WYNiM3cPqPDhzQ5vaadvhqsxm51820RjorZkFB+-ntoRqA@mail.gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Disposition: inline
Content-Transfer-Encoding: 8bit
In-Reply-To: <CAFA6WYNiM3cPqPDhzQ5vaadvhqsxm51820RjorZkFB+-ntoRqA@mail.gmail.com>
Precedence: bulk
List-ID: <keyrings.vger.kernel.org>
X-Mailing-List: keyrings@vger.kernel.org

On Mon, Feb 15, 2021 at 06:37:00PM +0530, Sumit Garg wrote:
> On Fri, 12 Feb 2021 at 05:04, Jarkko Sakkinen <jarkko@kernel.org> wrote:
> >
> > On Mon, Jan 25, 2021 at 02:47:38PM +0530, Sumit Garg wrote:
> > > Hi Jarkko,
> > >
> > > On Fri, 22 Jan 2021 at 23:42, Jarkko Sakkinen <jarkko@kernel.org> wrote:
> > > >
> > > > On Thu, Jan 21, 2021 at 05:23:45PM +0100, Jerome Forissier wrote:
> > > > >
> > > > >
> > > > > On 1/21/21 4:24 PM, Jarkko Sakkinen wrote:
> > > > > > On Thu, Jan 21, 2021 at 05:07:42PM +0200, Jarkko Sakkinen wrote:
> > > > > >> On Thu, Jan 21, 2021 at 09:44:07AM +0100, Jerome Forissier wrote:
> > > > > >>>
> > > > > >>>
> > > > > >>> On 1/21/21 1:02 AM, Jarkko Sakkinen via OP-TEE wrote:
> > > > > >>>> On Wed, Jan 20, 2021 at 12:53:28PM +0530, Sumit Garg wrote:
> > > > > >>>>> On Wed, 20 Jan 2021 at 07:01, Jarkko Sakkinen <jarkko@kernel.org> wrote:
> > > > > >>>>>>
> > > > > >>>>>> On Tue, Jan 19, 2021 at 12:30:42PM +0200, Jarkko Sakkinen wrote:
> > > > > >>>>>>> On Fri, Jan 15, 2021 at 11:32:31AM +0530, Sumit Garg wrote:
> > > > > >>>>>>>> On Thu, 14 Jan 2021 at 07:35, Jarkko Sakkinen <jarkko@kernel.org> wrote:
> > > > > >>>>>>>>>
> > > > > >>>>>>>>> On Wed, Jan 13, 2021 at 04:47:00PM +0530, Sumit Garg wrote:
> > > > > >>>>>>>>>> Hi Jarkko,
> > > > > >>>>>>>>>>
> > > > > >>>>>>>>>> On Mon, 11 Jan 2021 at 22:05, Jarkko Sakkinen <jarkko@kernel.org> wrote:
> > > > > >>>>>>>>>>>
> > > > > >>>>>>>>>>> On Tue, Nov 03, 2020 at 09:31:44PM +0530, Sumit Garg wrote:
> > > > > >>>>>>>>>>>> Add support for TEE based trusted keys where TEE provides the functionality
> > > > > >>>>>>>>>>>> to seal and unseal trusted keys using hardware unique key.
> > > > > >>>>>>>>>>>>
> > > > > >>>>>>>>>>>> Refer to Documentation/tee.txt for detailed information about TEE.
> > > > > >>>>>>>>>>>>
> > > > > >>>>>>>>>>>> Signed-off-by: Sumit Garg <sumit.garg@linaro.org>
> > > > > >>>>>>>>>>>
> > > > > >>>>>>>>>>> I haven't yet got QEMU environment working with aarch64, this produces
> > > > > >>>>>>>>>>> just a blank screen:
> > > > > >>>>>>>>>>>
> > > > > >>>>>>>>>>> ./output/host/usr/bin/qemu-system-aarch64 -M virt -cpu cortex-a53 -smp 1 -kernel output/images/Image -initrd output/images/rootfs.cpio -serial stdio
> > > > > >>>>>>>>>>>
> > > > > >>>>>>>>>>> My BuildRoot fork for TPM and keyring testing is located over here:
> > > > > >>>>>>>>>>>
> > > > > >>>>>>>>>>> https://git.kernel.org/pub/scm/linux/kernel/git/jarkko/buildroot-tpmdd.git/
> > > > > >>>>>>>>>>>
> > > > > >>>>>>>>>>> The "ARM version" is at this point in aarch64 branch. Over time I will
> > > > > >>>>>>>>>>> define tpmdd-x86_64 and tpmdd-aarch64 boards and everything will be then
> > > > > >>>>>>>>>>> in the master branch.
> > > > > >>>>>>>>>>>
> > > > > >>>>>>>>>>> To create identical images you just need to
> > > > > >>>>>>>>>>>
> > > > > >>>>>>>>>>> $ make tpmdd_defconfig && make
> > > > > >>>>>>>>>>>
> > > > > >>>>>>>>>>> Can you check if you see anything obviously wrong? I'm eager to test this
> > > > > >>>>>>>>>>> patch set, and in bigger picture I really need to have ready to run
> > > > > >>>>>>>>>>> aarch64 environment available.
> > > > > >>>>>>>>>>
> > > > > >>>>>>>>>> I would rather suggest you to follow steps listed here [1] as to test
> > > > > >>>>>>>>>> this feature on Qemu aarch64 we need to build firmwares such as TF-A,
> > > > > >>>>>>>>>> OP-TEE, UEFI etc. which are all integrated into OP-TEE Qemu build
> > > > > >>>>>>>>>> system [2]. And then it would be easier to migrate them to your
> > > > > >>>>>>>>>> buildroot environment as well.
> > > > > >>>>>>>>>>
> > > > > >>>>>>>>>> [1] https://lists.trustedfirmware.org/pipermail/op-tee/2020-May/000027.html
> > > > > >>>>>>>>>> [2] https://optee.readthedocs.io/en/latest/building/devices/qemu.html#qemu-v8
> > > > > >>>>>>>>>>
> > > > > >>>>>>>>>> -Sumit
> > > > > >>>>>>>>>
> > > > > >>>>>>>>> Can you provide 'keyctl_change'? Otherwise, the steps are easy to follow.
> > > > > >>>>>>>>>
> > > > > >>>>>>>>
> > > > > >>>>>>>> $ cat keyctl_change
> > > > > >>>>>>>> diff --git a/common.mk b/common.mk
> > > > > >>>>>>>> index aeb7b41..663e528 100644
> > > > > >>>>>>>> --- a/common.mk
> > > > > >>>>>>>> +++ b/common.mk
> > > > > >>>>>>>> @@ -229,6 +229,7 @@ BR2_PACKAGE_OPTEE_TEST_SDK ?= $(OPTEE_OS_TA_DEV_KIT_DIR)
> > > > > >>>>>>>>  BR2_PACKAGE_OPTEE_TEST_SITE ?= $(OPTEE_TEST_PATH)
> > > > > >>>>>>>>  BR2_PACKAGE_STRACE ?= y
> > > > > >>>>>>>>  BR2_TARGET_GENERIC_GETTY_PORT ?= $(if
> > > > > >>>>>>>> $(CFG_NW_CONSOLE_UART),ttyAMA$(CFG_NW_CONSOLE_UART),ttyAMA0)
> > > > > >>>>>>>> +BR2_PACKAGE_KEYUTILS := y
> > > > > >>>>>>>>
> > > > > >>>>>>>>  # All BR2_* variables from the makefile or the environment are appended to
> > > > > >>>>>>>>  # ../out-br/extra.conf. All values are quoted "..." except y and n.
> > > > > >>>>>>>> diff --git a/kconfigs/qemu.conf b/kconfigs/qemu.conf
> > > > > >>>>>>>> index 368c18a..832ab74 100644
> > > > > >>>>>>>> --- a/kconfigs/qemu.conf
> > > > > >>>>>>>> +++ b/kconfigs/qemu.conf
> > > > > >>>>>>>> @@ -20,3 +20,5 @@ CONFIG_9P_FS=y
> > > > > >>>>>>>>  CONFIG_9P_FS_POSIX_ACL=y
> > > > > >>>>>>>>  CONFIG_HW_RANDOM=y
> > > > > >>>>>>>>  CONFIG_HW_RANDOM_VIRTIO=y
> > > > > >>>>>>>> +CONFIG_TRUSTED_KEYS=y
> > > > > >>>>>>>> +CONFIG_ENCRYPTED_KEYS=y
> > > > > >>>>>>>>
> > > > > >>>>>>>>> After I've successfully tested 2/4, I'd suggest that you roll out one more
> > > > > >>>>>>>>> version and CC the documentation patch to Elaine and Mini, and clearly
> > > > > >>>>>>>>> remark in the commit message that TEE is a standard, with a link to the
> > > > > >>>>>>>>> specification.
> > > > > >>>>>>>>>
> > > > > >>>>>>>>
> > > > > >>>>>>>> Sure, I will roll out the next version after your testing.
> > > > > >>>>>>>
> > > > > >>>>>>> Thanks, I'll try this at instant, and give my feedback.
> > > > > >>>>>>
> > > > > >>>>>> I bump into this:
> > > > > >>>>>>
> > > > > >>>>>> $ make run-only
> > > > > >>>>>> ln -sf /home/jarkko/devel/tpm/optee/build/../out-br/images/rootfs.cpio.gz /home/jarkko/devel/tpm/optee/build/../out/bin/
> > > > > >>>>>> ln: failed to create symbolic link '/home/jarkko/devel/tpm/optee/build/../out/bin/': No such file or directory
> > > > > >>>>>> make: *** [Makefile:194: run-only] Error 1
> > > > > >>>>>>
> > > > > >>>>>
> > > > > >>>>> Could you check if the following directory tree is built after
> > > > > >>>>> executing the below command?
> > > > > >>>>>
> > > > > >>>>> $ make -j`nproc`
> > > > > >>>>> CFG_IN_TREE_EARLY_TAS=trusted_keys/f04a0fe7-1f5d-4b9b-abf7-619b85b4ce8c
> > > > > >>>>>
> > > > > >>>>> $ tree out/bin/
> > > > > >>>>> out/bin/
> > > > > >>>>> ├── bl1.bin -> /home/sumit/build/optee/build/../trusted-firmware-a/build/qemu/release/bl1.bin
> > > > > >>>>> ├── bl2.bin -> /home/sumit/build/optee/build/../trusted-firmware-a/build/qemu/release/bl2.bin
> > > > > >>>>> ├── bl31.bin ->
> > > > > >>>>> /home/sumit/build/optee/build/../trusted-firmware-a/build/qemu/release/bl31.bin
> > > > > >>>>> ├── bl32.bin ->
> > > > > >>>>> /home/sumit/build/optee/build/../optee_os/out/arm/core/tee-header_v2.bin
> > > > > >>>>> ├── bl32_extra1.bin ->
> > > > > >>>>> /home/sumit/build/optee/build/../optee_os/out/arm/core/tee-pager_v2.bin
> > > > > >>>>> ├── bl32_extra2.bin ->
> > > > > >>>>> /home/sumit/build/optee/build/../optee_os/out/arm/core/tee-pageable_v2.bin
> > > > > >>>>> ├── bl33.bin ->
> > > > > >>>>> /home/sumit/build/optee/build/../edk2/Build/ArmVirtQemuKernel-AARCH64/RELEASE_GCC49/FV/QEMU_EFI.fd
> > > > > >>>>> ├── Image -> /home/sumit/build/optee/build/../linux/arch/arm64/boot/Image
> > > > > >>>>> └── rootfs.cpio.gz ->
> > > > > >>>>> /home/sumit/build/optee/build/../out-br/images/rootfs.cpio.gz
> > > > > >>>>>
> > > > > >>>>> 0 directories, 9 files
> > > > > >>>>>
> > > > > >>>>> -Sumit
> > > > > >>>>
> > > > > >>>> I actually spotted a build error that was unnoticed last time:
> > > > > >>>>
> > > > > >>>> make[2]: Entering directory '/home/jarkko/devel/tpm/optee/edk2/BaseTools/Tests'
> > > > > >>>> /bin/sh: 1: python: not found
> > > > > >>>>
> > > > > >>>> I'd prefer not to install Python2. It has been EOL over a year.
> > > > > >>>
> > > > > >>> AFAIK, everything should build fine with Python3. On my Ubuntu 20.04
> > > > > >>> machine, this is accomplished by installing package "python-is-python3"
> > > > > >>> (after uninstalling "python-is-python2" if need be).
> > > > > >>>
> > > > > >>> $ ls -l /usr/bin/python
> > > > > >>> lrwxrwxrwx 1 root root 7 Apr 15  2020 /usr/bin/python -> python3
> > > > > >>
> > > > > >> Right, just found about this in unrelated context :-) [*]
> > > > > >>
> > > > > >> Hope this will work out...
> > > > > >>
> > > > > >> [*] https://github.com/surge-synthesizer/surge/pull/3655
> > > > > >
> > > > > > Now I get
> > > > > >
> > > > > > Traceback (most recent call last):
> > > > > >   File "/home/jarkko/Projects/tpm/optee/edk2/BaseTools/Tests/RunTests.py", line 36, in <module>
> > > > > >     allTests = GetAllTestsSuite()
> > > > > >   File "/home/jarkko/Projects/tpm/optee/edk2/BaseTools/Tests/RunTests.py", line 33, in GetAllTestsSuite
> > > > > >     return unittest.TestSuite([GetCTestSuite(), GetPythonTestSuite()])
> > > > > >   File "/home/jarkko/Projects/tpm/optee/edk2/BaseTools/Tests/RunTests.py", line 25, in GetCTestSuite
> > > > > >     import CToolsTests
> > > > > >   File "/home/jarkko/Projects/tpm/optee/edk2/BaseTools/Tests/CToolsTests.py", line 22, in <module>
> > > > > >     import TianoCompress
> > > > > >   File "/home/jarkko/Projects/tpm/optee/edk2/BaseTools/Tests/TianoCompress.py", line 69, in <module>
> > > > > >     TheTestSuite = TestTools.MakeTheTestSuite(locals())
> > > > > >   File "/home/jarkko/Projects/tpm/optee/edk2/BaseTools/Tests/TestTools.py", line 43, in MakeTheTestSuite
> > > > > >     for name, item in localItems.iteritems():
> > > > > > AttributeError: 'dict' object has no attribute 'iteritems'
> > > > >
> > > > > Right. Same here after removing all traces of Python2 from my system :-/
> > > > >
> > > > > A couple of fixes are needed:
> > > > > 1. EDK2 needs to be upgraded to tag or later [1]
> > > > > 2. The PYTHON3_ENABLE environment variable needs to be set to TRUE [2]
> > > > >
> > > > > [1] https://github.com/OP-TEE/manifest/pull/177
> > > > > [2] https://github.com/OP-TEE/build/pull/450
> > > >
> > > > BTW, Is to *really* impossible to test this with plain BuildRoot.  It's
> > > > obvious that this forks BR internally.
> > > >
> > > > I mean even if I get this working once, this will feels like a clumsy way
> > > > to test Aarch64 regularly. I use BuildRoot extensively for x86 testing. And
> > > > it would be nice to be able to start doing regular ARM testing.
> > >
> > > The main reason to guide you towards the OP-TEE build system is that
> > > you will be able to build all the firmwares (TF-A, OP-TEE, edk2 etc.)
> > > from source. If you don't need to rebuild those then I have prepared a
> > > flash firmware binary blob for your testing (attached flash.bin). So
> > > Qemu cmdline will look like:
> > >
> > > $ qemu-system-aarch64 -nographic -s -machine virt,secure=on -cpu
> > > cortex-a57 -kernel out/bin/Image -no-acpi -append
> > > 'console=ttyAMA0,38400 keep_bootcon root=/dev/vda2' -initrd
> > > out/bin/rootfs.cpio.gz -smp 2 -m 1024 -bios flash.bin -d unimp
> >
> > I spentt couple of days to try to get this running.
> >
> > Here's the log:
> >
> > ❯ ./qemu.sh
> > NOTICE:  Booting Trusted Firmware
> > NOTICE:  BL1: v2.3():v2.3
> > NOTICE:  BL1: Built : 13:28:04, Jan 25 2021
> > NOTICE:  BL1: Booting BL2
> > NOTICE:  BL2: v2.3():v2.3
> > NOTICE:  BL2: Built : 13:28:06, Jan 25 2021
> > NOTICE:  BL1: Booting BL31
> > NOTICE:  BL31: v2.3():v2.3
> > NOTICE:  BL31: Built : 13:28:08, Jan 25 2021
> > UEFI firmware (version  built at 18:49:27 on Nov 18 2019)
> > pflash_write: Write to buffer emulation is flawed
> > pflash_write: Write to buffer emulation is flawed
> > EFI stub: Booting Linux Kernel...
> > EFI stub: Using DTB from configuration table
> > EFI stub: Exiting boot services and installing virtual address map...
> > Booting Linux on physical CPU 0x0000000000 [0x411fd070]
> > Linux version 5.11.0-rc5 (jarkko@suppilovahvero) (aarch64-buildroot-linux-uclibc-gcc.br_real (Buildroot 2021.02-rc1-10-ga72c90b972) 9.3.0, GNU ld (GNU Binutils) 2.35.2) #1 SMP Thu Feb 11 22:04:53 EET 2021
> > Machine model: linux,dummy-virt
> > efi: EFI v2.70 by EDK II
> > efi: SMBIOS=0x7f520000 SMBIOS 3.0=0x7f500000 MEMATTR=0x7e59b018 MEMRESERVE=0x7c143f18
> > Zone ranges:
> >   DMA      [mem 0x0000000040000000-0x000000007fffffff]
> >   DMA32    empty
> >   Normal   empty
> > Movable zone start for each node
> > Early memory node ranges
> >   node   0: [mem 0x0000000040000000-0x0000000041ffffff]
> >   node   0: [mem 0x0000000042200000-0x000000007be3ffff]
> >   node   0: [mem 0x000000007be40000-0x000000007c13ffff]
> >   node   0: [mem 0x000000007c140000-0x000000007f41ffff]
> >   node   0: [mem 0x000000007f420000-0x000000007f4affff]
> >   node   0: [mem 0x000000007f4b0000-0x000000007f4cffff]
> >   node   0: [mem 0x000000007f4d0000-0x000000007f5dffff]
> >   node   0: [mem 0x000000007f5e0000-0x000000007fffffff]
> > Zeroed struct page in unavailable ranges: 864 pages
> > Initmem setup node 0 [mem 0x0000000040000000-0x000000007fffffff]
> > psci: probing for conduit method from DT.
> > psci: PSCIv1.1 detected in firmware.
> > psci: Using standard PSCI v0.2 function IDs
> > psci: Trusted OS migration not required
> > psci: SMC Calling Convention v1.2
> > percpu: Embedded 21 pages/cpu s48024 r8192 d29800 u86016
> > Detected PIPT I-cache on CPU0
> > CPU features: detected: ARM erratum 832075
> > CPU features: detected: Spectre-v2
> > CPU features: detected: ARM errata 1165522, 1319367, or 1530923
> > Built 1 zonelists, mobility grouping on.  Total pages: 257536
> > Kernel command line: root=/dev/vda rw console=ttyAMA0,115200
> > Dentry cache hash table entries: 131072 (order: 8, 1048576 bytes, linear)
> > Inode-cache hash table entries: 65536 (order: 7, 524288 bytes, linear)
> > mem auto-init: stack:off, heap alloc:off, heap free:off
> > Memory: 1011284K/1046528K available (6592K kernel code, 804K rwdata, 1460K rodata, 1088K init, 321K bss, 35244K reserved, 0K cma-reserved)
> > SLUB: HWalign=64, Order=0-3, MinObjects=0, CPUs=1, Nodes=1
> > rcu: Hierarchical RCU implementation.
> > rcu:    RCU restricting CPUs from NR_CPUS=256 to nr_cpu_ids=1.
> > rcu: RCU calculated value of scheduler-enlistment delay is 25 jiffies.
> > rcu: Adjusting geometry for rcu_fanout_leaf=16, nr_cpu_ids=1
> > NR_IRQS: 64, nr_irqs: 64, preallocated irqs: 0
> > GICv2m: range[mem 0x08020000-0x08020fff], SPI[80:143]
> > random: get_random_bytes called from start_kernel+0x340/0x53c with crng_init=0
> > arch_timer: cp15 timer(s) running at 62.50MHz (virt).
> > clocksource: arch_sys_counter: mask: 0xffffffffffffff max_cycles: 0x1cd42e208c, max_idle_ns: 881590405314 ns
> > sched_clock: 56 bits at 62MHz, resolution 16ns, wraps every 4398046511096ns
> > Console: colour dummy device 80x25
> > Calibrating delay loop (skipped), value calculated using timer frequency.. 125.00 BogoMIPS (lpj=250000)
> > pid_max: default: 32768 minimum: 301
> > Mount-cache hash table entries: 2048 (order: 2, 16384 bytes, linear)
> > Mountpoint-cache hash table entries: 2048 (order: 2, 16384 bytes, linear)
> > rcu: Hierarchical SRCU implementation.
> > Remapping and enabling EFI services.
> > smp: Bringing up secondary CPUs ...
> > smp: Brought up 1 node, 1 CPU
> > SMP: Total of 1 processors activated.
> > CPU features: detected: 32-bit EL0 Support
> > CPU features: detected: CRC32 instructions
> > CPU: All CPU(s) started at EL1
> > alternatives: patching kernel code
> > devtmpfs: initialized
> > clocksource: jiffies: mask: 0xffffffff max_cycles: 0xffffffff, max_idle_ns: 7645041785100000 ns
> > futex hash table entries: 256 (order: 2, 16384 bytes, linear)
> > SMBIOS 3.0.0 present.
> > DMI: QEMU QEMU Virtual Machine, BIOS 0.0.0 02/06/2015
> > NET: Registered protocol family 16
> > DMA: preallocated 128 KiB GFP_KERNEL pool for atomic allocations
> > DMA: preallocated 128 KiB GFP_KERNEL|GFP_DMA pool for atomic allocations
> > DMA: preallocated 128 KiB GFP_KERNEL|GFP_DMA32 pool for atomic allocations
> > hw-breakpoint: found 6 breakpoint and 4 watchpoint registers.
> > ASID allocator initialised with 65536 entries
> > Serial: AMBA PL011 UART driver
> > 9000000.pl011: ttyAMA0 at MMIO 0x9000000 (irq = 46, base_baud = 0) is a PL011 rev1
> > printk: console [ttyAMA0] enabled
> > iommu: Default domain type: Translated
> > vgaarb: loaded
> > SCSI subsystem initialized
> > Registered efivars operations
> > clocksource: Switched to clocksource arch_sys_counter
> > NET: Registered protocol family 2
> > tcp_listen_portaddr_hash hash table entries: 512 (order: 1, 8192 bytes, linear)
> > TCP established hash table entries: 8192 (order: 4, 65536 bytes, linear)
> > TCP bind hash table entries: 8192 (order: 5, 131072 bytes, linear)
> > TCP: Hash tables configured (established 8192 bind 8192)
> > UDP hash table entries: 512 (order: 2, 16384 bytes, linear)
> > UDP-Lite hash table entries: 512 (order: 2, 16384 bytes, linear)
> > NET: Registered protocol family 1
> > PCI: CLS 0 bytes, default 64
> > hw perfevents: enabled with armv8_pmuv3 PMU driver, 5 counters available
> > workingset: timestamp_bits=62 max_order=18 bucket_order=0
> > fuse: init (API version 7.33)
> > Block layer SCSI generic (bsg) driver version 0.4 loaded (major 251)
> > io scheduler mq-deadline registered
> > io scheduler kyber registered
> > pci-host-generic 4010000000.pcie: host bridge /pcie@10000000 ranges:
> > pci-host-generic 4010000000.pcie:       IO 0x003eff0000..0x003effffff -> 0x0000000000
> > pci-host-generic 4010000000.pcie:      MEM 0x0010000000..0x003efeffff -> 0x0010000000
> > pci-host-generic 4010000000.pcie:      MEM 0x8000000000..0xffffffffff -> 0x8000000000
> > pci-host-generic 4010000000.pcie: Memory resource size exceeds max for 32 bits
> > pci-host-generic 4010000000.pcie: ECAM at [mem 0x4010000000-0x401fffffff] for [bus 00-ff]
> > pci-host-generic 4010000000.pcie: PCI host bridge to bus 0000:00
> > pci_bus 0000:00: root bus resource [bus 00-ff]
> > pci_bus 0000:00: root bus resource [io  0x0000-0xffff]
> > pci_bus 0000:00: root bus resource [mem 0x10000000-0x3efeffff]
> > pci_bus 0000:00: root bus resource [mem 0x8000000000-0xffffffffff]
> > pci 0000:00:00.0: [1b36:0008] type 00 class 0x060000
> > pci 0000:00:01.0: [1af4:1000] type 00 class 0x020000
> > pci 0000:00:01.0: reg 0x10: [io  0x0080-0x009f]
> > pci 0000:00:01.0: reg 0x14: [mem 0x10001000-0x10001fff]
> > pci 0000:00:01.0: reg 0x20: [mem 0x8000000000-0x8000003fff 64bit pref]
> > pci 0000:00:01.0: reg 0x30: [mem 0xfffc0000-0xffffffff pref]
> > pci 0000:00:02.0: [1af4:1001] type 00 class 0x010000
> > pci 0000:00:02.0: reg 0x10: [io  0x0000-0x007f]
> > pci 0000:00:02.0: reg 0x14: [mem 0x10000000-0x10000fff]
> > pci 0000:00:02.0: reg 0x20: [mem 0x8000004000-0x8000007fff 64bit pref]
> > pci 0000:00:01.0: BAR 6: assigned [mem 0x10000000-0x1003ffff pref]
> > pci 0000:00:01.0: BAR 4: assigned [mem 0x8000000000-0x8000003fff 64bit pref]
> > pci 0000:00:02.0: BAR 4: assigned [mem 0x8000004000-0x8000007fff 64bit pref]
> > pci 0000:00:01.0: BAR 1: assigned [mem 0x10040000-0x10040fff]
> > pci 0000:00:02.0: BAR 1: assigned [mem 0x10041000-0x10041fff]
> > pci 0000:00:02.0: BAR 0: assigned [io  0x1000-0x107f]
> > pci 0000:00:01.0: BAR 0: assigned [io  0x1080-0x109f]
> > virtio-pci 0000:00:01.0: enabling device (0000 -> 0003)
> > virtio-pci 0000:00:02.0: enabling device (0000 -> 0003)
> > cacheinfo: Unable to detect cache hierarchy for CPU 0
> > virtio_blk virtio1: [vda] 122880 512-byte logical blocks (62.9 MB/60.0 MiB)
> > SMCCC: SOC_ID: ARCH_FEATURES(ARCH_SOC_ID) returned error: fffffffffffffffd
> > NET: Registered protocol family 10
> > Segment Routing with IPv6
> > sit: IPv6, IPv4 and MPLS over IPv4 tunneling driver
> > NET: Registered protocol family 17
> > NET: Registered protocol family 15
> > NET: Registered protocol family 40
> > registered taskstats version 1
> > EXT4-fs (vda): recovery complete
> > EXT4-fs (vda): mounted filesystem with ordered data mode. Opts: (null). Quota mode: disabled.
> > VFS: Mounted root (ext4 filesystem) on device 254:0.
> > devtmpfs: mounted
> > Freeing unused kernel memory: 1088K
> > Run /sbin/init as init process
> > mount: you must be root
> > mount: you must be root
> > mkdir: can't create directory '/dev/pts': Permission denied
> > mkdir: can't create directory '/dev/shm': Permission denied
> > mount: you must be root
> > hostname: sethostname: Operation not permitted
> > Starting syslogd: OK
> > Starting klogd: OK
> > Running sysctl: OK
> > Initializing random number generator: OK
> > Saving random seed: random: dd: uninitialized urandom read (512 bytes read)
> > OK
> > Starting network: ip: RTNETLINK answers: Operation not permitted
> > ip: SIOCSIFFLAGS: Operation not permitted
> > sed: /proc/mounts: No such file or directory
> > Waiting for interface eth0 to appear............... timeout!
> > run-parts: /etc/network/if-pre-up.d/wait_iface: exit status 1
> > FAIL
> > can't open /dev/ttyAMA0: Permission denied
> > can't open /dev/ttyAMA0: Permission denied
> > can't open /dev/ttyAMA0: Permission denied
> > can't open /dev/ttyAMA0: Permission denied
> >
> > And it continues...
> >
> > The qemu command I got did not work "as it is" and because I'm neither too
> > proficient with qemu nor aarch64, it took a while to get something usable.
> > This is my current qemu command:
> >
> > qemu-system-aarch64 -nographic -s -machine virt,secure=on -cpu cortex-a57 \
> >                     -kernel ~/Projects/tpm/buildroot/output/images/Image \
> >                     -no-acpi \
> >                     -append 'root=/dev/vda rw console=ttyAMA0,115200 ' \
> >                     -drive file=~/Projects/tpm/buildroot/output/images/rootfs.ext4,format=raw \
> >                     -smp 1 \
> >                     -monitor telnet:127.0.0.1:55555,server,nowait \
> >                     -m 1024 -bios ~/Projects/tpm/fw/aarch64-fw.bin -d unimp
> >
> > Then I start QEMU monitor from another terminal with:
> >
> > socat tcp-connect:127.0.0.1:55555 file:`tty`,raw,echo=0
> >
> > So... what could be the issue with permissions?
> >
> 
> It mostly sounds like an issue with your buildroot filesystem.
> 
> Can you try with this [1] init ramdisk instead?
> 
> -initrd rootfs.cpio.gz
> 
> [1] https://people.linaro.org/~sumit.garg/rootfs.cpio.gz
> 
> -Sumit

That does not include my LKM's.

/Jarkko

From mboxrd@z Thu Jan  1 00:00:00 1970
From: Jarkko Sakkinen <jarkko@kernel.org>
To: op-tee@lists.trustedfirmware.org
Subject: Re: [PATCH v8 2/4] KEYS: trusted: Introduce TEE based Trusted Keys
Date: Tue, 16 Feb 2021 09:29:04 +0200
Message-ID: <YCt0QPVX4LeFKMsX@kernel.org>
In-Reply-To: <
 <CAFA6WYNiM3cPqPDhzQ5vaadvhqsxm51820RjorZkFB+-ntoRqA@mail.gmail.com>>
MIME-Version: 1.0
Content-Type: multipart/mixed; boundary="===============5474966348483017566=="
List-Id: <op-tee.lists.trustedfirmware.org>

--===============5474966348483017566==
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable

On Mon, Feb 15, 2021 at 06:37:00PM +0530, Sumit Garg wrote:
> On Fri, 12 Feb 2021 at 05:04, Jarkko Sakkinen <jarkko@kernel.org> wrote:
> >
> > On Mon, Jan 25, 2021 at 02:47:38PM +0530, Sumit Garg wrote:
> > > Hi Jarkko,
> > >
> > > On Fri, 22 Jan 2021 at 23:42, Jarkko Sakkinen <jarkko@kernel.org> wro=
te:
> > > >
> > > > On Thu, Jan 21, 2021 at 05:23:45PM +0100, Jerome Forissier wrote:
> > > > >
> > > > >
> > > > > On 1/21/21 4:24 PM, Jarkko Sakkinen wrote:
> > > > > > On Thu, Jan 21, 2021 at 05:07:42PM +0200, Jarkko Sakkinen wrote:
> > > > > >> On Thu, Jan 21, 2021 at 09:44:07AM +0100, Jerome Forissier wrote:
> > > > > >>>
> > > > > >>>
> > > > > >>> On 1/21/21 1:02 AM, Jarkko Sakkinen via OP-TEE wrote:
> > > > > >>>> On Wed, Jan 20, 2021 at 12:53:28PM +0530, Sumit Garg wrote:
> > > > > >>>>> On Wed, 20 Jan 2021 at 07:01, Jarkko Sakkinen <jarkko@kerne=
l.org> wrote:
> > > > > >>>>>>
> > > > > >>>>>> On Tue, Jan 19, 2021 at 12:30:42PM +0200, Jarkko Sakkinen wr=
ote:
> > > > > >>>>>>> On Fri, Jan 15, 2021 at 11:32:31AM +0530, Sumit Garg wrote:
> > > > > >>>>>>>> On Thu, 14 Jan 2021 at 07:35, Jarkko Sakkinen <jarkko@ke=
rnel.org> wrote:
> > > > > >>>>>>>>>
> > > > > >>>>>>>>> On Wed, Jan 13, 2021 at 04:47:00PM +0530, Sumit Garg wrot=
e:
> > > > > >>>>>>>>>> Hi Jarkko,
> > > > > >>>>>>>>>>
> > > > > >>>>>>>>>> On Mon, 11 Jan 2021 at 22:05, Jarkko Sakkinen <jarkko@=
kernel.org> wrote:
> > > > > >>>>>>>>>>>
> > > > > >>>>>>>>>>> On Tue, Nov 03, 2020 at 09:31:44PM +0530, Sumit Garg wr=
ote:
> > > > > >>>>>>>>>>>> Add support for TEE based trusted keys where TEE provi=
des the functionality
> > > > > >>>>>>>>>>>> to seal and unseal trusted keys using hardware unique =
key.
> > > > > >>>>>>>>>>>>
> > > > > >>>>>>>>>>>> Refer to Documentation/tee.txt for detailed informatio=
n about TEE.
> > > > > >>>>>>>>>>>>
> > > > > >>>>>>>>>>>> Signed-off-by: Sumit Garg <sumit.garg@linaro.org>
> > > > > >>>>>>>>>>>
> > > > > >>>>>>>>>>> I haven't yet got QEMU environment working with aarch64=
, this produces
> > > > > >>>>>>>>>>> just a blank screen:
> > > > > >>>>>>>>>>>
> > > > > >>>>>>>>>>> ./output/host/usr/bin/qemu-system-aarch64 -M virt -cpu =
cortex-a53 -smp 1 -kernel output/images/Image -initrd output/images/rootfs.cp=
io -serial stdio
> > > > > >>>>>>>>>>>
> > > > > >>>>>>>>>>> My BuildRoot fork for TPM and keyring testing is locate=
d over here:
> > > > > >>>>>>>>>>>
> > > > > >>>>>>>>>>> https://git.kernel.org/pub/scm/linux/kernel/git/jarkko/=
buildroot-tpmdd.git/
> > > > > >>>>>>>>>>>
> > > > > >>>>>>>>>>> The "ARM version" is at this point in aarch64 branch. O=
ver time I will
> > > > > >>>>>>>>>>> define tpmdd-x86_64 and tpmdd-aarch64 boards and everyt=
hing will be then
> > > > > >>>>>>>>>>> in the master branch.
> > > > > >>>>>>>>>>>
> > > > > >>>>>>>>>>> To create identical images you just need to
> > > > > >>>>>>>>>>>
> > > > > >>>>>>>>>>> $ make tpmdd_defconfig && make
> > > > > >>>>>>>>>>>
> > > > > >>>>>>>>>>> Can you check if you see anything obviously wrong? I'm =
eager to test this
> > > > > >>>>>>>>>>> patch set, and in bigger picture I really need to have =
ready to run
> > > > > >>>>>>>>>>> aarch64 environment available.
> > > > > >>>>>>>>>>
> > > > > >>>>>>>>>> I would rather suggest you to follow steps listed here [=
1] as to test
> > > > > >>>>>>>>>> this feature on Qemu aarch64 we need to build firmwares =
such as TF-A,
> > > > > >>>>>>>>>> OP-TEE, UEFI etc. which are all integrated into OP-TEE Q=
emu build
> > > > > >>>>>>>>>> system [2]. And then it would be easier to migrate them =
to your
> > > > > >>>>>>>>>> buildroot environment as well.
> > > > > >>>>>>>>>>
> > > > > >>>>>>>>>> [1] https://lists.trustedfirmware.org/pipermail/op-tee/2=
020-May/000027.html
> > > > > >>>>>>>>>> [2] https://optee.readthedocs.io/en/latest/building/devi=
ces/qemu.html#qemu-v8
> > > > > >>>>>>>>>>
> > > > > >>>>>>>>>> -Sumit
> > > > > >>>>>>>>>
> > > > > >>>>>>>>> Can you provide 'keyctl_change'? Otherwise, the steps are=
 easy to follow.
> > > > > >>>>>>>>>
> > > > > >>>>>>>>
> > > > > >>>>>>>> $ cat keyctl_change
> > > > > >>>>>>>> diff --git a/common.mk b/common.mk
> > > > > >>>>>>>> index aeb7b41..663e528 100644
> > > > > >>>>>>>> --- a/common.mk
> > > > > >>>>>>>> +++ b/common.mk
> > > > > >>>>>>>> @@ -229,6 +229,7 @@ BR2_PACKAGE_OPTEE_TEST_SDK ?=3D $(OPTE=
E_OS_TA_DEV_KIT_DIR)
> > > > > >>>>>>>>  BR2_PACKAGE_OPTEE_TEST_SITE ?=3D $(OPTEE_TEST_PATH)
> > > > > >>>>>>>>  BR2_PACKAGE_STRACE ?=3D y
> > > > > >>>>>>>>  BR2_TARGET_GENERIC_GETTY_PORT ?=3D $(if
> > > > > >>>>>>>> $(CFG_NW_CONSOLE_UART),ttyAMA$(CFG_NW_CONSOLE_UART),ttyAMA=
0)
> > > > > >>>>>>>> +BR2_PACKAGE_KEYUTILS :=3D y
> > > > > >>>>>>>>
> > > > > >>>>>>>>  # All BR2_* variables from the makefile or the environmen=
t are appended to
> > > > > >>>>>>>>  # ../out-br/extra.conf. All values are quoted "..." excep=
t y and n.
> > > > > >>>>>>>> diff --git a/kconfigs/qemu.conf b/kconfigs/qemu.conf
> > > > > >>>>>>>> index 368c18a..832ab74 100644
> > > > > >>>>>>>> --- a/kconfigs/qemu.conf
> > > > > >>>>>>>> +++ b/kconfigs/qemu.conf
> > > > > >>>>>>>> @@ -20,3 +20,5 @@ CONFIG_9P_FS=3Dy
> > > > > >>>>>>>>  CONFIG_9P_FS_POSIX_ACL=3Dy
> > > > > >>>>>>>>  CONFIG_HW_RANDOM=3Dy
> > > > > >>>>>>>>  CONFIG_HW_RANDOM_VIRTIO=3Dy
> > > > > >>>>>>>> +CONFIG_TRUSTED_KEYS=3Dy
> > > > > >>>>>>>> +CONFIG_ENCRYPTED_KEYS=3Dy
> > > > > >>>>>>>>
> > > > > >>>>>>>>> After I've successfully tested 2/4, I'd suggest that you =
roll out one more
> > > > > >>>>>>>>> version and CC the documentation patch to Elaine and Mini=
, and clearly
> > > > > >>>>>>>>> remark in the commit message that TEE is a standard, with=
 a link to the
> > > > > >>>>>>>>> specification.
> > > > > >>>>>>>>>
> > > > > >>>>>>>>
> > > > > >>>>>>>> Sure, I will roll out the next version after your testing.
> > > > > >>>>>>>
> > > > > >>>>>>> Thanks, I'll try this at instant, and give my feedback.
> > > > > >>>>>>
> > > > > >>>>>> I bump into this:
> > > > > >>>>>>
> > > > > >>>>>> $ make run-only
> > > > > >>>>>> ln -sf /home/jarkko/devel/tpm/optee/build/../out-br/images/r=
ootfs.cpio.gz /home/jarkko/devel/tpm/optee/build/../out/bin/
> > > > > >>>>>> ln: failed to create symbolic link '/home/jarkko/devel/tpm/o=
ptee/build/../out/bin/': No such file or directory
> > > > > >>>>>> make: *** [Makefile:194: run-only] Error 1
> > > > > >>>>>>
> > > > > >>>>>
> > > > > >>>>> Could you check if the following directory tree is built after
> > > > > >>>>> executing the below command?
> > > > > >>>>>
> > > > > >>>>> $ make -j`nproc`
> > > > > >>>>> CFG_IN_TREE_EARLY_TAS=3Dtrusted_keys/f04a0fe7-1f5d-4b9b-abf7-=
619b85b4ce8c
> > > > > >>>>>
> > > > > >>>>> $ tree out/bin/
> > > > > >>>>> out/bin/
> > > > > >>>>> =E2=94=9C=E2=94=80=E2=94=80 bl1.bin -> /home/sumit/build/opte=
e/build/../trusted-firmware-a/build/qemu/release/bl1.bin
> > > > > >>>>> =E2=94=9C=E2=94=80=E2=94=80 bl2.bin -> /home/sumit/build/opte=
e/build/../trusted-firmware-a/build/qemu/release/bl2.bin
> > > > > >>>>> =E2=94=9C=E2=94=80=E2=94=80 bl31.bin ->
> > > > > >>>>> /home/sumit/build/optee/build/../trusted-firmware-a/build/qem=
u/release/bl31.bin
> > > > > >>>>> =E2=94=9C=E2=94=80=E2=94=80 bl32.bin ->
> > > > > >>>>> /home/sumit/build/optee/build/../optee_os/out/arm/core/tee-he=
ader_v2.bin
> > > > > >>>>> =E2=94=9C=E2=94=80=E2=94=80 bl32_extra1.bin ->
> > > > > >>>>> /home/sumit/build/optee/build/../optee_os/out/arm/core/tee-pa=
ger_v2.bin
> > > > > >>>>> =E2=94=9C=E2=94=80=E2=94=80 bl32_extra2.bin ->
> > > > > >>>>> /home/sumit/build/optee/build/../optee_os/out/arm/core/tee-pa=
geable_v2.bin
> > > > > >>>>> =E2=94=9C=E2=94=80=E2=94=80 bl33.bin ->
> > > > > >>>>> /home/sumit/build/optee/build/../edk2/Build/ArmVirtQemuKernel=
-AARCH64/RELEASE_GCC49/FV/QEMU_EFI.fd
> > > > > >>>>> =E2=94=9C=E2=94=80=E2=94=80 Image -> /home/sumit/build/optee/=
build/../linux/arch/arm64/boot/Image
> > > > > >>>>> =E2=94=94=E2=94=80=E2=94=80 rootfs.cpio.gz ->
> > > > > >>>>> /home/sumit/build/optee/build/../out-br/images/rootfs.cpio.gz
> > > > > >>>>>
> > > > > >>>>> 0 directories, 9 files
> > > > > >>>>>
> > > > > >>>>> -Sumit
> > > > > >>>>
> > > > > >>>> I actually spotted a build error that was unnoticed last time:
> > > > > >>>>
> > > > > >>>> make[2]: Entering directory '/home/jarkko/devel/tpm/optee/edk2=
/BaseTools/Tests'
> > > > > >>>> /bin/sh: 1: python: not found
> > > > > >>>>
> > > > > >>>> I'd prefer not to install Python2. It has been EOL over a year.
> > > > > >>>
> > > > > >>> AFAIK, everything should build fine with Python3. On my Ubuntu =
20.04
> > > > > >>> machine, this is accomplished by installing package "python-is-=
python3"
> > > > > >>> (after uninstalling "python-is-python2" if need be).
> > > > > >>>
> > > > > >>> $ ls -l /usr/bin/python
> > > > > >>> lrwxrwxrwx 1 root root 7 Apr 15  2020 /usr/bin/python -> python3
> > > > > >>
> > > > > >> Right, just found about this in unrelated context :-) [*]
> > > > > >>
> > > > > >> Hope this will work out...
> > > > > >>
> > > > > >> [*] https://github.com/surge-synthesizer/surge/pull/3655
> > > > > >
> > > > > > Now I get
> > > > > >
> > > > > > Traceback (most recent call last):
> > > > > >   File "/home/jarkko/Projects/tpm/optee/edk2/BaseTools/Tests/RunT=
ests.py", line 36, in <module>
> > > > > >     allTests =3D GetAllTestsSuite()
> > > > > >   File "/home/jarkko/Projects/tpm/optee/edk2/BaseTools/Tests/RunT=
ests.py", line 33, in GetAllTestsSuite
> > > > > >     return unittest.TestSuite([GetCTestSuite(), GetPythonTestSuit=
e()])
> > > > > >   File "/home/jarkko/Projects/tpm/optee/edk2/BaseTools/Tests/RunT=
ests.py", line 25, in GetCTestSuite
> > > > > >     import CToolsTests
> > > > > >   File "/home/jarkko/Projects/tpm/optee/edk2/BaseTools/Tests/CToo=
lsTests.py", line 22, in <module>
> > > > > >     import TianoCompress
> > > > > >   File "/home/jarkko/Projects/tpm/optee/edk2/BaseTools/Tests/Tian=
oCompress.py", line 69, in <module>
> > > > > >     TheTestSuite =3D TestTools.MakeTheTestSuite(locals())
> > > > > >   File "/home/jarkko/Projects/tpm/optee/edk2/BaseTools/Tests/Test=
Tools.py", line 43, in MakeTheTestSuite
> > > > > >     for name, item in localItems.iteritems():
> > > > > > AttributeError: 'dict' object has no attribute 'iteritems'
> > > > >
> > > > > Right. Same here after removing all traces of Python2 from my syste=
m :-/
> > > > >
> > > > > A couple of fixes are needed:
> > > > > 1. EDK2 needs to be upgraded to tag or later [1]
> > > > > 2. The PYTHON3_ENABLE environment variable needs to be set to TRUE =
[2]
> > > > >
> > > > > [1] https://github.com/OP-TEE/manifest/pull/177
> > > > > [2] https://github.com/OP-TEE/build/pull/450
> > > >
> > > > BTW, Is to *really* impossible to test this with plain BuildRoot.  It=
's
> > > > obvious that this forks BR internally.
> > > >
> > > > I mean even if I get this working once, this will feels like a clumsy=
 way
> > > > to test Aarch64 regularly. I use BuildRoot extensively for x86 testin=
g. And
> > > > it would be nice to be able to start doing regular ARM testing.
> > >
> > > The main reason to guide you towards the OP-TEE build system is that
> > > you will be able to build all the firmwares (TF-A, OP-TEE, edk2 etc.)
> > > from source. If you don't need to rebuild those then I have prepared a
> > > flash firmware binary blob for your testing (attached flash.bin). So
> > > Qemu cmdline will look like:
> > >
> > > $ qemu-system-aarch64 -nographic -s -machine virt,secure=3Don -cpu
> > > cortex-a57 -kernel out/bin/Image -no-acpi -append
> > > 'console=3DttyAMA0,38400 keep_bootcon root=3D/dev/vda2' -initrd
> > > out/bin/rootfs.cpio.gz -smp 2 -m 1024 -bios flash.bin -d unimp
> >
> > I spentt couple of days to try to get this running.
> >
> > Here's the log:
> >
> > =E2=9D=AF ./qemu.sh
> > NOTICE:  Booting Trusted Firmware
> > NOTICE:  BL1: v2.3():v2.3
> > NOTICE:  BL1: Built : 13:28:04, Jan 25 2021
> > NOTICE:  BL1: Booting BL2
> > NOTICE:  BL2: v2.3():v2.3
> > NOTICE:  BL2: Built : 13:28:06, Jan 25 2021
> > NOTICE:  BL1: Booting BL31
> > NOTICE:  BL31: v2.3():v2.3
> > NOTICE:  BL31: Built : 13:28:08, Jan 25 2021
> > UEFI firmware (version  built at 18:49:27 on Nov 18 2019)
> > pflash_write: Write to buffer emulation is flawed
> > pflash_write: Write to buffer emulation is flawed
> > EFI stub: Booting Linux Kernel...
> > EFI stub: Using DTB from configuration table
> > EFI stub: Exiting boot services and installing virtual address map...
> > Booting Linux on physical CPU 0x0000000000 [0x411fd070]
> > Linux version 5.11.0-rc5 (jarkko(a)suppilovahvero) (aarch64-buildroot-lin=
ux-uclibc-gcc.br_real (Buildroot 2021.02-rc1-10-ga72c90b972) 9.3.0, GNU ld (G=
NU Binutils) 2.35.2) #1 SMP Thu Feb 11 22:04:53 EET 2021
> > Machine model: linux,dummy-virt
> > efi: EFI v2.70 by EDK II
> > efi: SMBIOS=3D0x7f520000 SMBIOS 3.0=3D0x7f500000 MEMATTR=3D0x7e59b018 MEM=
RESERVE=3D0x7c143f18
> > Zone ranges:
> >   DMA      [mem 0x0000000040000000-0x000000007fffffff]
> >   DMA32    empty
> >   Normal   empty
> > Movable zone start for each node
> > Early memory node ranges
> >   node   0: [mem 0x0000000040000000-0x0000000041ffffff]
> >   node   0: [mem 0x0000000042200000-0x000000007be3ffff]
> >   node   0: [mem 0x000000007be40000-0x000000007c13ffff]
> >   node   0: [mem 0x000000007c140000-0x000000007f41ffff]
> >   node   0: [mem 0x000000007f420000-0x000000007f4affff]
> >   node   0: [mem 0x000000007f4b0000-0x000000007f4cffff]
> >   node   0: [mem 0x000000007f4d0000-0x000000007f5dffff]
> >   node   0: [mem 0x000000007f5e0000-0x000000007fffffff]
> > Zeroed struct page in unavailable ranges: 864 pages
> > Initmem setup node 0 [mem 0x0000000040000000-0x000000007fffffff]
> > psci: probing for conduit method from DT.
> > psci: PSCIv1.1 detected in firmware.
> > psci: Using standard PSCI v0.2 function IDs
> > psci: Trusted OS migration not required
> > psci: SMC Calling Convention v1.2
> > percpu: Embedded 21 pages/cpu s48024 r8192 d29800 u86016
> > Detected PIPT I-cache on CPU0
> > CPU features: detected: ARM erratum 832075
> > CPU features: detected: Spectre-v2
> > CPU features: detected: ARM errata 1165522, 1319367, or 1530923
> > Built 1 zonelists, mobility grouping on.  Total pages: 257536
> > Kernel command line: root=3D/dev/vda rw console=3DttyAMA0,115200
> > Dentry cache hash table entries: 131072 (order: 8, 1048576 bytes, linear)
> > Inode-cache hash table entries: 65536 (order: 7, 524288 bytes, linear)
> > mem auto-init: stack:off, heap alloc:off, heap free:off
> > Memory: 1011284K/1046528K available (6592K kernel code, 804K rwdata, 1460=
K rodata, 1088K init, 321K bss, 35244K reserved, 0K cma-reserved)
> > SLUB: HWalign=3D64, Order=3D0-3, MinObjects=3D0, CPUs=3D1, Nodes=3D1
> > rcu: Hierarchical RCU implementation.
> > rcu:    RCU restricting CPUs from NR_CPUS=3D256 to nr_cpu_ids=3D1.
> > rcu: RCU calculated value of scheduler-enlistment delay is 25 jiffies.
> > rcu: Adjusting geometry for rcu_fanout_leaf=3D16, nr_cpu_ids=3D1
> > NR_IRQS: 64, nr_irqs: 64, preallocated irqs: 0
> > GICv2m: range[mem 0x08020000-0x08020fff], SPI[80:143]
> > random: get_random_bytes called from start_kernel+0x340/0x53c with crng_i=
nit=3D0
> > arch_timer: cp15 timer(s) running at 62.50MHz (virt).
> > clocksource: arch_sys_counter: mask: 0xffffffffffffff max_cycles: 0x1cd42=
e208c, max_idle_ns: 881590405314 ns
> > sched_clock: 56 bits at 62MHz, resolution 16ns, wraps every 4398046511096=
ns
> > Console: colour dummy device 80x25
> > Calibrating delay loop (skipped), value calculated using timer frequency.=
. 125.00 BogoMIPS (lpj=3D250000)
> > pid_max: default: 32768 minimum: 301
> > Mount-cache hash table entries: 2048 (order: 2, 16384 bytes, linear)
> > Mountpoint-cache hash table entries: 2048 (order: 2, 16384 bytes, linear)
> > rcu: Hierarchical SRCU implementation.
> > Remapping and enabling EFI services.
> > smp: Bringing up secondary CPUs ...
> > smp: Brought up 1 node, 1 CPU
> > SMP: Total of 1 processors activated.
> > CPU features: detected: 32-bit EL0 Support
> > CPU features: detected: CRC32 instructions
> > CPU: All CPU(s) started at EL1
> > alternatives: patching kernel code
> > devtmpfs: initialized
> > clocksource: jiffies: mask: 0xffffffff max_cycles: 0xffffffff, max_idle_n=
s: 7645041785100000 ns
> > futex hash table entries: 256 (order: 2, 16384 bytes, linear)
> > SMBIOS 3.0.0 present.
> > DMI: QEMU QEMU Virtual Machine, BIOS 0.0.0 02/06/2015
> > NET: Registered protocol family 16
> > DMA: preallocated 128 KiB GFP_KERNEL pool for atomic allocations
> > DMA: preallocated 128 KiB GFP_KERNEL|GFP_DMA pool for atomic allocations
> > DMA: preallocated 128 KiB GFP_KERNEL|GFP_DMA32 pool for atomic allocations
> > hw-breakpoint: found 6 breakpoint and 4 watchpoint registers.
> > ASID allocator initialised with 65536 entries
> > Serial: AMBA PL011 UART driver
> > 9000000.pl011: ttyAMA0 at MMIO 0x9000000 (irq =3D 46, base_baud =3D 0) is=
 a PL011 rev1
> > printk: console [ttyAMA0] enabled
> > iommu: Default domain type: Translated
> > vgaarb: loaded
> > SCSI subsystem initialized
> > Registered efivars operations
> > clocksource: Switched to clocksource arch_sys_counter
> > NET: Registered protocol family 2
> > tcp_listen_portaddr_hash hash table entries: 512 (order: 1, 8192 bytes, l=
inear)
> > TCP established hash table entries: 8192 (order: 4, 65536 bytes, linear)
> > TCP bind hash table entries: 8192 (order: 5, 131072 bytes, linear)
> > TCP: Hash tables configured (established 8192 bind 8192)
> > UDP hash table entries: 512 (order: 2, 16384 bytes, linear)
> > UDP-Lite hash table entries: 512 (order: 2, 16384 bytes, linear)
> > NET: Registered protocol family 1
> > PCI: CLS 0 bytes, default 64
> > hw perfevents: enabled with armv8_pmuv3 PMU driver, 5 counters available
> > workingset: timestamp_bits=3D62 max_order=3D18 bucket_order=3D0
> > fuse: init (API version 7.33)
> > Block layer SCSI generic (bsg) driver version 0.4 loaded (major 251)
> > io scheduler mq-deadline registered
> > io scheduler kyber registered
> > pci-host-generic 4010000000.pcie: host bridge /pcie(a)10000000 ranges:
> > pci-host-generic 4010000000.pcie:       IO 0x003eff0000..0x003effffff -> =
0x0000000000
> > pci-host-generic 4010000000.pcie:      MEM 0x0010000000..0x003efeffff -> =
0x0010000000
> > pci-host-generic 4010000000.pcie:      MEM 0x8000000000..0xffffffffff -> =
0x8000000000
> > pci-host-generic 4010000000.pcie: Memory resource size exceeds max for 32=
 bits
> > pci-host-generic 4010000000.pcie: ECAM at [mem 0x4010000000-0x401fffffff]=
 for [bus 00-ff]
> > pci-host-generic 4010000000.pcie: PCI host bridge to bus 0000:00
> > pci_bus 0000:00: root bus resource [bus 00-ff]
> > pci_bus 0000:00: root bus resource [io  0x0000-0xffff]
> > pci_bus 0000:00: root bus resource [mem 0x10000000-0x3efeffff]
> > pci_bus 0000:00: root bus resource [mem 0x8000000000-0xffffffffff]
> > pci 0000:00:00.0: [1b36:0008] type 00 class 0x060000
> > pci 0000:00:01.0: [1af4:1000] type 00 class 0x020000
> > pci 0000:00:01.0: reg 0x10: [io  0x0080-0x009f]
> > pci 0000:00:01.0: reg 0x14: [mem 0x10001000-0x10001fff]
> > pci 0000:00:01.0: reg 0x20: [mem 0x8000000000-0x8000003fff 64bit pref]
> > pci 0000:00:01.0: reg 0x30: [mem 0xfffc0000-0xffffffff pref]
> > pci 0000:00:02.0: [1af4:1001] type 00 class 0x010000
> > pci 0000:00:02.0: reg 0x10: [io  0x0000-0x007f]
> > pci 0000:00:02.0: reg 0x14: [mem 0x10000000-0x10000fff]
> > pci 0000:00:02.0: reg 0x20: [mem 0x8000004000-0x8000007fff 64bit pref]
> > pci 0000:00:01.0: BAR 6: assigned [mem 0x10000000-0x1003ffff pref]
> > pci 0000:00:01.0: BAR 4: assigned [mem 0x8000000000-0x8000003fff 64bit pr=
ef]
> > pci 0000:00:02.0: BAR 4: assigned [mem 0x8000004000-0x8000007fff 64bit pr=
ef]
> > pci 0000:00:01.0: BAR 1: assigned [mem 0x10040000-0x10040fff]
> > pci 0000:00:02.0: BAR 1: assigned [mem 0x10041000-0x10041fff]
> > pci 0000:00:02.0: BAR 0: assigned [io  0x1000-0x107f]
> > pci 0000:00:01.0: BAR 0: assigned [io  0x1080-0x109f]
> > virtio-pci 0000:00:01.0: enabling device (0000 -> 0003)
> > virtio-pci 0000:00:02.0: enabling device (0000 -> 0003)
> > cacheinfo: Unable to detect cache hierarchy for CPU 0
> > virtio_blk virtio1: [vda] 122880 512-byte logical blocks (62.9 MB/60.0 Mi=
B)
> > SMCCC: SOC_ID: ARCH_FEATURES(ARCH_SOC_ID) returned error: fffffffffffffffd
> > NET: Registered protocol family 10
> > Segment Routing with IPv6
> > sit: IPv6, IPv4 and MPLS over IPv4 tunneling driver
> > NET: Registered protocol family 17
> > NET: Registered protocol family 15
> > NET: Registered protocol family 40
> > registered taskstats version 1
> > EXT4-fs (vda): recovery complete
> > EXT4-fs (vda): mounted filesystem with ordered data mode. Opts: (null). Q=
uota mode: disabled.
> > VFS: Mounted root (ext4 filesystem) on device 254:0.
> > devtmpfs: mounted
> > Freeing unused kernel memory: 1088K
> > Run /sbin/init as init process
> > mount: you must be root
> > mount: you must be root
> > mkdir: can't create directory '/dev/pts': Permission denied
> > mkdir: can't create directory '/dev/shm': Permission denied
> > mount: you must be root
> > hostname: sethostname: Operation not permitted
> > Starting syslogd: OK
> > Starting klogd: OK
> > Running sysctl: OK
> > Initializing random number generator: OK
> > Saving random seed: random: dd: uninitialized urandom read (512 bytes rea=
d)
> > OK
> > Starting network: ip: RTNETLINK answers: Operation not permitted
> > ip: SIOCSIFFLAGS: Operation not permitted
> > sed: /proc/mounts: No such file or directory
> > Waiting for interface eth0 to appear............... timeout!
> > run-parts: /etc/network/if-pre-up.d/wait_iface: exit status 1
> > FAIL
> > can't open /dev/ttyAMA0: Permission denied
> > can't open /dev/ttyAMA0: Permission denied
> > can't open /dev/ttyAMA0: Permission denied
> > can't open /dev/ttyAMA0: Permission denied
> >
> > And it continues...
> >
> > The qemu command I got did not work "as it is" and because I'm neither too
> > proficient with qemu nor aarch64, it took a while to get something usable.
> > This is my current qemu command:
> >
> > qemu-system-aarch64 -nographic -s -machine virt,secure=3Don -cpu cortex-a=
57 \
> >                     -kernel ~/Projects/tpm/buildroot/output/images/Image \
> >                     -no-acpi \
> >                     -append 'root=3D/dev/vda rw console=3DttyAMA0,115200 =
' \
> >                     -drive file=3D~/Projects/tpm/buildroot/output/images/=
rootfs.ext4,format=3Draw \
> >                     -smp 1 \
> >                     -monitor telnet:127.0.0.1:55555,server,nowait \
> >                     -m 1024 -bios ~/Projects/tpm/fw/aarch64-fw.bin -d uni=
mp
> >
> > Then I start QEMU monitor from another terminal with:
> >
> > socat tcp-connect:127.0.0.1:55555 file:`tty`,raw,echo=3D0
> >
> > So... what could be the issue with permissions?
> >
>=20
> It mostly sounds like an issue with your buildroot filesystem.
>=20
> Can you try with this [1] init ramdisk instead?
>=20
> -initrd rootfs.cpio.gz
>=20
> [1] https://people.linaro.org/~sumit.garg/rootfs.cpio.gz
>=20
> -Sumit

That does not include my LKM's.

/Jarkko

--===============5474966348483017566==--


From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <SRS0=Ntjy=HS=lists.infradead.org=linux-arm-kernel-bounces+linux-arm-kernel=archiver.kernel.org@kernel.org>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
X-Spam-Level: 
X-Spam-Status: No, score=-19.0 required=3.0 tests=BAYES_00,DKIMWL_WL_HIGH,
	DKIM_SIGNED,DKIM_VALID,INCLUDES_CR_TRAILER,INCLUDES_PATCH,MAILING_LIST_MULTI,
	MENTIONS_GIT_HOSTING,SPF_HELO_NONE,SPF_PASS,URIBL_BLOCKED autolearn=ham
	autolearn_force=no version=3.4.0
Received: from mail.kernel.org (mail.kernel.org [198.145.29.99])
	by smtp.lore.kernel.org (Postfix) with ESMTP id 8B0AAC433DB
	for <linux-arm-kernel@archiver.kernel.org>; Tue, 16 Feb 2021 07:31:10 +0000 (UTC)
Received: from merlin.infradead.org (merlin.infradead.org [205.233.59.134])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by mail.kernel.org (Postfix) with ESMTPS id 1879B64DDA
	for <linux-arm-kernel@archiver.kernel.org>; Tue, 16 Feb 2021 07:31:10 +0000 (UTC)
DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org 1879B64DDA
Authentication-Results: mail.kernel.org; dmarc=fail (p=none dis=none) header.from=kernel.org
Authentication-Results: mail.kernel.org; spf=none smtp.mailfrom=linux-arm-kernel-bounces+linux-arm-kernel=archiver.kernel.org@lists.infradead.org
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed;
	d=lists.infradead.org; s=merlin.20170209; h=Sender:Content-Transfer-Encoding:
	Content-Type:Cc:List-Subscribe:List-Help:List-Post:List-Archive:
	List-Unsubscribe:List-Id:In-Reply-To:MIME-Version:References:Message-ID:
	Subject:To:From:Date:Reply-To:Content-ID:Content-Description:Resent-Date:
	Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Owner;
	 bh=nlI/GOS8cIsc0LcSySZQCdDHx+PHm19Cqy13+/RzVtU=; b=wZz8r+aVecWaNCdaaNaNNMU3X
	7ZYy6PL5CvdqQtniuz7ZJv5FWv21ma7zXeoVL8WvbQBDyoixzzEfyfkboVU+2JO6Rn4pIkm8jubjV
	U140vDhj+WttwdXp4A7tP40c2Qk8ATerb0PV/ojBL4W4NcWfGWB1V6UmHshi2xRBN9hFmIQqIk/yr
	frUJ7d3jO5rHP5oPT1o+37uty+OXB+YcSqTOnMYaobP6fFPZv9lCZRV64+/GFaKp6RdqG8jZJBmtF
	ARur2FzLoHcQ2UJRiHTVSErHa+eOemR3t65v0uH+s3yYFJuAEhtu5R8+N7aoI1V74IvFxUdWyltli
	SrHGx85Pg==;
Received: from localhost ([::1] helo=merlin.infradead.org)
	by merlin.infradead.org with esmtp (Exim 4.92.3 #3 (Red Hat Linux))
	id 1lBunR-0000uf-Fe; Tue, 16 Feb 2021 07:29:21 +0000
Received: from mail.kernel.org ([198.145.29.99])
 by merlin.infradead.org with esmtps (Exim 4.92.3 #3 (Red Hat Linux))
 id 1lBunO-0000u5-4w
 for linux-arm-kernel@lists.infradead.org; Tue, 16 Feb 2021 07:29:20 +0000
Received: by mail.kernel.org (Postfix) with ESMTPSA id 560C664DFF;
 Tue, 16 Feb 2021 07:29:16 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org;
 s=k20201202; t=1613460556;
 bh=/NFwoG8ZRyHVoe9r7dEIE/ZNKD/IBrrhvjQYDHnSWSg=;
 h=Date:From:To:Cc:Subject:References:In-Reply-To:From;
 b=QbLpLPoMz/+VBYvT7Bh5TBcpH572zZWDho8n8C4YVc/DX4fixjkhzzTNXHpp0CeHB
 vOpH+ZfxbibybZ6U0W1FO+mnUrm/ALR7tcC3akWbYNzkBYh0yUI0AFpeaQnfomU3Ad
 KZJGOJUMD9iwS7SuFQxQZ/aihUJ6pvL4HWQt/fWbEzb67/m1oXxUDT5+amsLSrFrzl
 es0PMncOjh1EZhoAz77AdGqnPMy7u/sHL0NZyriNH1SsPQM32pHVwAzlgMOeeFPjfR
 7846XUAuW5CMLwRQM1EOleLeGYO2QCBf0oHKPZYsFKzGGe+Bbbc2+DH8jlNWqpE54l
 hTj3FBqWJsJSQ==
Date: Tue, 16 Feb 2021 09:29:04 +0200
From: Jarkko Sakkinen <jarkko@kernel.org>
To: Sumit Garg <sumit.garg@linaro.org>
Subject: Re: [PATCH v8 2/4] KEYS: trusted: Introduce TEE based Trusted Keys
Message-ID: <YCt0QPVX4LeFKMsX@kernel.org>
References: <CAFA6WYP5G6NfGk96ePOC+2kpD6B+4hz9nywyUM9Nh=dJDYMiuA@mail.gmail.com>
 <01000177223f74d3-1eef7685-4a19-40d2-ace6-d4cd7f35579d-000000@email.amazonses.com>
 <dc3979e8-6bf0-adb7-164d-d50e805a048f@forissier.org>
 <YAmYu9FxWcLPhBhs@kernel.org> <YAmcyKnYCK+Y4IGW@kernel.org>
 <1486cfe8-bc30-1266-12bd-0049f2b64820@forissier.org>
 <YAsVenGkaqb8205f@kernel.org>
 <CAFA6WYPQ+LZyHKZJQb=3euTy8f8TO3HqCADojpZaHXgtzNj+fw@mail.gmail.com>
 <YCW/BKmeswM5AThU@kernel.org>
 <CAFA6WYNiM3cPqPDhzQ5vaadvhqsxm51820RjorZkFB+-ntoRqA@mail.gmail.com>
MIME-Version: 1.0
Content-Disposition: inline
In-Reply-To: <CAFA6WYNiM3cPqPDhzQ5vaadvhqsxm51820RjorZkFB+-ntoRqA@mail.gmail.com>
X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 
X-CRM114-CacheID: sfid-20210216_022918_551049_066BD098 
X-CRM114-Status: GOOD (  46.24  )
X-BeenThere: linux-arm-kernel@lists.infradead.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: <linux-arm-kernel.lists.infradead.org>
List-Unsubscribe: <http://lists.infradead.org/mailman/options/linux-arm-kernel>, 
 <mailto:linux-arm-kernel-request@lists.infradead.org?subject=unsubscribe>
List-Archive: <http://lists.infradead.org/pipermail/linux-arm-kernel/>
List-Post: <mailto:linux-arm-kernel@lists.infradead.org>
List-Help: <mailto:linux-arm-kernel-request@lists.infradead.org?subject=help>
List-Subscribe: <http://lists.infradead.org/mailman/listinfo/linux-arm-kernel>, 
 <mailto:linux-arm-kernel-request@lists.infradead.org?subject=subscribe>
Cc: dave.hansen@intel.com, Daniel Thompson <daniel.thompson@linaro.org>,
 Jerome Forissier <jerome@forissier.org>, Jonathan Corbet <corbet@lwn.net>,
 James Bottomley <jejb@linux.ibm.com>,
 Janne Karhunen <janne.karhunen@gmail.com>,
 Linux Doc Mailing List <linux-doc@vger.kernel.org>,
 James Morris <jmorris@namei.org>, Mimi Zohar <zohar@linux.ibm.com>,
 Linux Kernel Mailing List <linux-kernel@vger.kernel.org>,
 David Howells <dhowells@redhat.com>, Casey Schaufler <casey@schaufler-ca.com>,
 "open list:SECURITY SUBSYSTEM" <linux-security-module@vger.kernel.org>,
 op-tee@lists.trustedfirmware.org,
 "open list:ASYMMETRIC KEYS" <keyrings@vger.kernel.org>,
 Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>,
 Luke Hinds <lhinds@redhat.com>, linux-integrity@vger.kernel.org,
 linux-arm-kernel <linux-arm-kernel@lists.infradead.org>,
 "Serge E. Hallyn" <serge@hallyn.com>
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
Sender: "linux-arm-kernel" <linux-arm-kernel-bounces@lists.infradead.org>
Errors-To: linux-arm-kernel-bounces+linux-arm-kernel=archiver.kernel.org@lists.infradead.org

T24gTW9uLCBGZWIgMTUsIDIwMjEgYXQgMDY6Mzc6MDBQTSArMDUzMCwgU3VtaXQgR2FyZyB3cm90
ZToKPiBPbiBGcmksIDEyIEZlYiAyMDIxIGF0IDA1OjA0LCBKYXJra28gU2Fra2luZW4gPGphcmtr
b0BrZXJuZWwub3JnPiB3cm90ZToKPiA+Cj4gPiBPbiBNb24sIEphbiAyNSwgMjAyMSBhdCAwMjo0
NzozOFBNICswNTMwLCBTdW1pdCBHYXJnIHdyb3RlOgo+ID4gPiBIaSBKYXJra28sCj4gPiA+Cj4g
PiA+IE9uIEZyaSwgMjIgSmFuIDIwMjEgYXQgMjM6NDIsIEphcmtrbyBTYWtraW5lbiA8amFya2tv
QGtlcm5lbC5vcmc+IHdyb3RlOgo+ID4gPiA+Cj4gPiA+ID4gT24gVGh1LCBKYW4gMjEsIDIwMjEg
YXQgMDU6MjM6NDVQTSArMDEwMCwgSmVyb21lIEZvcmlzc2llciB3cm90ZToKPiA+ID4gPiA+Cj4g
PiA+ID4gPgo+ID4gPiA+ID4gT24gMS8yMS8yMSA0OjI0IFBNLCBKYXJra28gU2Fra2luZW4gd3Jv
dGU6Cj4gPiA+ID4gPiA+IE9uIFRodSwgSmFuIDIxLCAyMDIxIGF0IDA1OjA3OjQyUE0gKzAyMDAs
IEphcmtrbyBTYWtraW5lbiB3cm90ZToKPiA+ID4gPiA+ID4+IE9uIFRodSwgSmFuIDIxLCAyMDIx
IGF0IDA5OjQ0OjA3QU0gKzAxMDAsIEplcm9tZSBGb3Jpc3NpZXIgd3JvdGU6Cj4gPiA+ID4gPiA+
Pj4KPiA+ID4gPiA+ID4+Pgo+ID4gPiA+ID4gPj4+IE9uIDEvMjEvMjEgMTowMiBBTSwgSmFya2tv
IFNha2tpbmVuIHZpYSBPUC1URUUgd3JvdGU6Cj4gPiA+ID4gPiA+Pj4+IE9uIFdlZCwgSmFuIDIw
LCAyMDIxIGF0IDEyOjUzOjI4UE0gKzA1MzAsIFN1bWl0IEdhcmcgd3JvdGU6Cj4gPiA+ID4gPiA+
Pj4+PiBPbiBXZWQsIDIwIEphbiAyMDIxIGF0IDA3OjAxLCBKYXJra28gU2Fra2luZW4gPGphcmtr
b0BrZXJuZWwub3JnPiB3cm90ZToKPiA+ID4gPiA+ID4+Pj4+Pgo+ID4gPiA+ID4gPj4+Pj4+IE9u
IFR1ZSwgSmFuIDE5LCAyMDIxIGF0IDEyOjMwOjQyUE0gKzAyMDAsIEphcmtrbyBTYWtraW5lbiB3
cm90ZToKPiA+ID4gPiA+ID4+Pj4+Pj4gT24gRnJpLCBKYW4gMTUsIDIwMjEgYXQgMTE6MzI6MzFB
TSArMDUzMCwgU3VtaXQgR2FyZyB3cm90ZToKPiA+ID4gPiA+ID4+Pj4+Pj4+IE9uIFRodSwgMTQg
SmFuIDIwMjEgYXQgMDc6MzUsIEphcmtrbyBTYWtraW5lbiA8amFya2tvQGtlcm5lbC5vcmc+IHdy
b3RlOgo+ID4gPiA+ID4gPj4+Pj4+Pj4+Cj4gPiA+ID4gPiA+Pj4+Pj4+Pj4gT24gV2VkLCBKYW4g
MTMsIDIwMjEgYXQgMDQ6NDc6MDBQTSArMDUzMCwgU3VtaXQgR2FyZyB3cm90ZToKPiA+ID4gPiA+
ID4+Pj4+Pj4+Pj4gSGkgSmFya2tvLAo+ID4gPiA+ID4gPj4+Pj4+Pj4+Pgo+ID4gPiA+ID4gPj4+
Pj4+Pj4+PiBPbiBNb24sIDExIEphbiAyMDIxIGF0IDIyOjA1LCBKYXJra28gU2Fra2luZW4gPGph
cmtrb0BrZXJuZWwub3JnPiB3cm90ZToKPiA+ID4gPiA+ID4+Pj4+Pj4+Pj4+Cj4gPiA+ID4gPiA+
Pj4+Pj4+Pj4+PiBPbiBUdWUsIE5vdiAwMywgMjAyMCBhdCAwOTozMTo0NFBNICswNTMwLCBTdW1p
dCBHYXJnIHdyb3RlOgo+ID4gPiA+ID4gPj4+Pj4+Pj4+Pj4+IEFkZCBzdXBwb3J0IGZvciBURUUg
YmFzZWQgdHJ1c3RlZCBrZXlzIHdoZXJlIFRFRSBwcm92aWRlcyB0aGUgZnVuY3Rpb25hbGl0eQo+
ID4gPiA+ID4gPj4+Pj4+Pj4+Pj4+IHRvIHNlYWwgYW5kIHVuc2VhbCB0cnVzdGVkIGtleXMgdXNp
bmcgaGFyZHdhcmUgdW5pcXVlIGtleS4KPiA+ID4gPiA+ID4+Pj4+Pj4+Pj4+Pgo+ID4gPiA+ID4g
Pj4+Pj4+Pj4+Pj4+IFJlZmVyIHRvIERvY3VtZW50YXRpb24vdGVlLnR4dCBmb3IgZGV0YWlsZWQg
aW5mb3JtYXRpb24gYWJvdXQgVEVFLgo+ID4gPiA+ID4gPj4+Pj4+Pj4+Pj4+Cj4gPiA+ID4gPiA+
Pj4+Pj4+Pj4+Pj4gU2lnbmVkLW9mZi1ieTogU3VtaXQgR2FyZyA8c3VtaXQuZ2FyZ0BsaW5hcm8u
b3JnPgo+ID4gPiA+ID4gPj4+Pj4+Pj4+Pj4KPiA+ID4gPiA+ID4+Pj4+Pj4+Pj4+IEkgaGF2ZW4n
dCB5ZXQgZ290IFFFTVUgZW52aXJvbm1lbnQgd29ya2luZyB3aXRoIGFhcmNoNjQsIHRoaXMgcHJv
ZHVjZXMKPiA+ID4gPiA+ID4+Pj4+Pj4+Pj4+IGp1c3QgYSBibGFuayBzY3JlZW46Cj4gPiA+ID4g
PiA+Pj4+Pj4+Pj4+Pgo+ID4gPiA+ID4gPj4+Pj4+Pj4+Pj4gLi9vdXRwdXQvaG9zdC91c3IvYmlu
L3FlbXUtc3lzdGVtLWFhcmNoNjQgLU0gdmlydCAtY3B1IGNvcnRleC1hNTMgLXNtcCAxIC1rZXJu
ZWwgb3V0cHV0L2ltYWdlcy9JbWFnZSAtaW5pdHJkIG91dHB1dC9pbWFnZXMvcm9vdGZzLmNwaW8g
LXNlcmlhbCBzdGRpbwo+ID4gPiA+ID4gPj4+Pj4+Pj4+Pj4KPiA+ID4gPiA+ID4+Pj4+Pj4+Pj4+
IE15IEJ1aWxkUm9vdCBmb3JrIGZvciBUUE0gYW5kIGtleXJpbmcgdGVzdGluZyBpcyBsb2NhdGVk
IG92ZXIgaGVyZToKPiA+ID4gPiA+ID4+Pj4+Pj4+Pj4+Cj4gPiA+ID4gPiA+Pj4+Pj4+Pj4+PiBo
dHRwczovL2dpdC5rZXJuZWwub3JnL3B1Yi9zY20vbGludXgva2VybmVsL2dpdC9qYXJra28vYnVp
bGRyb290LXRwbWRkLmdpdC8KPiA+ID4gPiA+ID4+Pj4+Pj4+Pj4+Cj4gPiA+ID4gPiA+Pj4+Pj4+
Pj4+PiBUaGUgIkFSTSB2ZXJzaW9uIiBpcyBhdCB0aGlzIHBvaW50IGluIGFhcmNoNjQgYnJhbmNo
LiBPdmVyIHRpbWUgSSB3aWxsCj4gPiA+ID4gPiA+Pj4+Pj4+Pj4+PiBkZWZpbmUgdHBtZGQteDg2
XzY0IGFuZCB0cG1kZC1hYXJjaDY0IGJvYXJkcyBhbmQgZXZlcnl0aGluZyB3aWxsIGJlIHRoZW4K
PiA+ID4gPiA+ID4+Pj4+Pj4+Pj4+IGluIHRoZSBtYXN0ZXIgYnJhbmNoLgo+ID4gPiA+ID4gPj4+
Pj4+Pj4+Pj4KPiA+ID4gPiA+ID4+Pj4+Pj4+Pj4+IFRvIGNyZWF0ZSBpZGVudGljYWwgaW1hZ2Vz
IHlvdSBqdXN0IG5lZWQgdG8KPiA+ID4gPiA+ID4+Pj4+Pj4+Pj4+Cj4gPiA+ID4gPiA+Pj4+Pj4+
Pj4+PiAkIG1ha2UgdHBtZGRfZGVmY29uZmlnICYmIG1ha2UKPiA+ID4gPiA+ID4+Pj4+Pj4+Pj4+
Cj4gPiA+ID4gPiA+Pj4+Pj4+Pj4+PiBDYW4geW91IGNoZWNrIGlmIHlvdSBzZWUgYW55dGhpbmcg
b2J2aW91c2x5IHdyb25nPyBJJ20gZWFnZXIgdG8gdGVzdCB0aGlzCj4gPiA+ID4gPiA+Pj4+Pj4+
Pj4+PiBwYXRjaCBzZXQsIGFuZCBpbiBiaWdnZXIgcGljdHVyZSBJIHJlYWxseSBuZWVkIHRvIGhh
dmUgcmVhZHkgdG8gcnVuCj4gPiA+ID4gPiA+Pj4+Pj4+Pj4+PiBhYXJjaDY0IGVudmlyb25tZW50
IGF2YWlsYWJsZS4KPiA+ID4gPiA+ID4+Pj4+Pj4+Pj4KPiA+ID4gPiA+ID4+Pj4+Pj4+Pj4gSSB3
b3VsZCByYXRoZXIgc3VnZ2VzdCB5b3UgdG8gZm9sbG93IHN0ZXBzIGxpc3RlZCBoZXJlIFsxXSBh
cyB0byB0ZXN0Cj4gPiA+ID4gPiA+Pj4+Pj4+Pj4+IHRoaXMgZmVhdHVyZSBvbiBRZW11IGFhcmNo
NjQgd2UgbmVlZCB0byBidWlsZCBmaXJtd2FyZXMgc3VjaCBhcyBURi1BLAo+ID4gPiA+ID4gPj4+
Pj4+Pj4+PiBPUC1URUUsIFVFRkkgZXRjLiB3aGljaCBhcmUgYWxsIGludGVncmF0ZWQgaW50byBP
UC1URUUgUWVtdSBidWlsZAo+ID4gPiA+ID4gPj4+Pj4+Pj4+PiBzeXN0ZW0gWzJdLiBBbmQgdGhl
biBpdCB3b3VsZCBiZSBlYXNpZXIgdG8gbWlncmF0ZSB0aGVtIHRvIHlvdXIKPiA+ID4gPiA+ID4+
Pj4+Pj4+Pj4gYnVpbGRyb290IGVudmlyb25tZW50IGFzIHdlbGwuCj4gPiA+ID4gPiA+Pj4+Pj4+
Pj4+Cj4gPiA+ID4gPiA+Pj4+Pj4+Pj4+IFsxXSBodHRwczovL2xpc3RzLnRydXN0ZWRmaXJtd2Fy
ZS5vcmcvcGlwZXJtYWlsL29wLXRlZS8yMDIwLU1heS8wMDAwMjcuaHRtbAo+ID4gPiA+ID4gPj4+
Pj4+Pj4+PiBbMl0gaHR0cHM6Ly9vcHRlZS5yZWFkdGhlZG9jcy5pby9lbi9sYXRlc3QvYnVpbGRp
bmcvZGV2aWNlcy9xZW11Lmh0bWwjcWVtdS12OAo+ID4gPiA+ID4gPj4+Pj4+Pj4+Pgo+ID4gPiA+
ID4gPj4+Pj4+Pj4+PiAtU3VtaXQKPiA+ID4gPiA+ID4+Pj4+Pj4+Pgo+ID4gPiA+ID4gPj4+Pj4+
Pj4+IENhbiB5b3UgcHJvdmlkZSAna2V5Y3RsX2NoYW5nZSc/IE90aGVyd2lzZSwgdGhlIHN0ZXBz
IGFyZSBlYXN5IHRvIGZvbGxvdy4KPiA+ID4gPiA+ID4+Pj4+Pj4+Pgo+ID4gPiA+ID4gPj4+Pj4+
Pj4KPiA+ID4gPiA+ID4+Pj4+Pj4+ICQgY2F0IGtleWN0bF9jaGFuZ2UKPiA+ID4gPiA+ID4+Pj4+
Pj4+IGRpZmYgLS1naXQgYS9jb21tb24ubWsgYi9jb21tb24ubWsKPiA+ID4gPiA+ID4+Pj4+Pj4+
IGluZGV4IGFlYjdiNDEuLjY2M2U1MjggMTAwNjQ0Cj4gPiA+ID4gPiA+Pj4+Pj4+PiAtLS0gYS9j
b21tb24ubWsKPiA+ID4gPiA+ID4+Pj4+Pj4+ICsrKyBiL2NvbW1vbi5tawo+ID4gPiA+ID4gPj4+
Pj4+Pj4gQEAgLTIyOSw2ICsyMjksNyBAQCBCUjJfUEFDS0FHRV9PUFRFRV9URVNUX1NESyA/PSAk
KE9QVEVFX09TX1RBX0RFVl9LSVRfRElSKQo+ID4gPiA+ID4gPj4+Pj4+Pj4gIEJSMl9QQUNLQUdF
X09QVEVFX1RFU1RfU0lURSA/PSAkKE9QVEVFX1RFU1RfUEFUSCkKPiA+ID4gPiA+ID4+Pj4+Pj4+
ICBCUjJfUEFDS0FHRV9TVFJBQ0UgPz0geQo+ID4gPiA+ID4gPj4+Pj4+Pj4gIEJSMl9UQVJHRVRf
R0VORVJJQ19HRVRUWV9QT1JUID89ICQoaWYKPiA+ID4gPiA+ID4+Pj4+Pj4+ICQoQ0ZHX05XX0NP
TlNPTEVfVUFSVCksdHR5QU1BJChDRkdfTldfQ09OU09MRV9VQVJUKSx0dHlBTUEwKQo+ID4gPiA+
ID4gPj4+Pj4+Pj4gK0JSMl9QQUNLQUdFX0tFWVVUSUxTIDo9IHkKPiA+ID4gPiA+ID4+Pj4+Pj4+
Cj4gPiA+ID4gPiA+Pj4+Pj4+PiAgIyBBbGwgQlIyXyogdmFyaWFibGVzIGZyb20gdGhlIG1ha2Vm
aWxlIG9yIHRoZSBlbnZpcm9ubWVudCBhcmUgYXBwZW5kZWQgdG8KPiA+ID4gPiA+ID4+Pj4+Pj4+
ICAjIC4uL291dC1ici9leHRyYS5jb25mLiBBbGwgdmFsdWVzIGFyZSBxdW90ZWQgIi4uLiIgZXhj
ZXB0IHkgYW5kIG4uCj4gPiA+ID4gPiA+Pj4+Pj4+PiBkaWZmIC0tZ2l0IGEva2NvbmZpZ3MvcWVt
dS5jb25mIGIva2NvbmZpZ3MvcWVtdS5jb25mCj4gPiA+ID4gPiA+Pj4+Pj4+PiBpbmRleCAzNjhj
MThhLi44MzJhYjc0IDEwMDY0NAo+ID4gPiA+ID4gPj4+Pj4+Pj4gLS0tIGEva2NvbmZpZ3MvcWVt
dS5jb25mCj4gPiA+ID4gPiA+Pj4+Pj4+PiArKysgYi9rY29uZmlncy9xZW11LmNvbmYKPiA+ID4g
PiA+ID4+Pj4+Pj4+IEBAIC0yMCwzICsyMCw1IEBAIENPTkZJR185UF9GUz15Cj4gPiA+ID4gPiA+
Pj4+Pj4+PiAgQ09ORklHXzlQX0ZTX1BPU0lYX0FDTD15Cj4gPiA+ID4gPiA+Pj4+Pj4+PiAgQ09O
RklHX0hXX1JBTkRPTT15Cj4gPiA+ID4gPiA+Pj4+Pj4+PiAgQ09ORklHX0hXX1JBTkRPTV9WSVJU
SU89eQo+ID4gPiA+ID4gPj4+Pj4+Pj4gK0NPTkZJR19UUlVTVEVEX0tFWVM9eQo+ID4gPiA+ID4g
Pj4+Pj4+Pj4gK0NPTkZJR19FTkNSWVBURURfS0VZUz15Cj4gPiA+ID4gPiA+Pj4+Pj4+Pgo+ID4g
PiA+ID4gPj4+Pj4+Pj4+IEFmdGVyIEkndmUgc3VjY2Vzc2Z1bGx5IHRlc3RlZCAyLzQsIEknZCBz
dWdnZXN0IHRoYXQgeW91IHJvbGwgb3V0IG9uZSBtb3JlCj4gPiA+ID4gPiA+Pj4+Pj4+Pj4gdmVy
c2lvbiBhbmQgQ0MgdGhlIGRvY3VtZW50YXRpb24gcGF0Y2ggdG8gRWxhaW5lIGFuZCBNaW5pLCBh
bmQgY2xlYXJseQo+ID4gPiA+ID4gPj4+Pj4+Pj4+IHJlbWFyayBpbiB0aGUgY29tbWl0IG1lc3Nh
Z2UgdGhhdCBURUUgaXMgYSBzdGFuZGFyZCwgd2l0aCBhIGxpbmsgdG8gdGhlCj4gPiA+ID4gPiA+
Pj4+Pj4+Pj4gc3BlY2lmaWNhdGlvbi4KPiA+ID4gPiA+ID4+Pj4+Pj4+Pgo+ID4gPiA+ID4gPj4+
Pj4+Pj4KPiA+ID4gPiA+ID4+Pj4+Pj4+IFN1cmUsIEkgd2lsbCByb2xsIG91dCB0aGUgbmV4dCB2
ZXJzaW9uIGFmdGVyIHlvdXIgdGVzdGluZy4KPiA+ID4gPiA+ID4+Pj4+Pj4KPiA+ID4gPiA+ID4+
Pj4+Pj4gVGhhbmtzLCBJJ2xsIHRyeSB0aGlzIGF0IGluc3RhbnQsIGFuZCBnaXZlIG15IGZlZWRi
YWNrLgo+ID4gPiA+ID4gPj4+Pj4+Cj4gPiA+ID4gPiA+Pj4+Pj4gSSBidW1wIGludG8gdGhpczoK
PiA+ID4gPiA+ID4+Pj4+Pgo+ID4gPiA+ID4gPj4+Pj4+ICQgbWFrZSBydW4tb25seQo+ID4gPiA+
ID4gPj4+Pj4+IGxuIC1zZiAvaG9tZS9qYXJra28vZGV2ZWwvdHBtL29wdGVlL2J1aWxkLy4uL291
dC1ici9pbWFnZXMvcm9vdGZzLmNwaW8uZ3ogL2hvbWUvamFya2tvL2RldmVsL3RwbS9vcHRlZS9i
dWlsZC8uLi9vdXQvYmluLwo+ID4gPiA+ID4gPj4+Pj4+IGxuOiBmYWlsZWQgdG8gY3JlYXRlIHN5
bWJvbGljIGxpbmsgJy9ob21lL2phcmtrby9kZXZlbC90cG0vb3B0ZWUvYnVpbGQvLi4vb3V0L2Jp
bi8nOiBObyBzdWNoIGZpbGUgb3IgZGlyZWN0b3J5Cj4gPiA+ID4gPiA+Pj4+Pj4gbWFrZTogKioq
IFtNYWtlZmlsZToxOTQ6IHJ1bi1vbmx5XSBFcnJvciAxCj4gPiA+ID4gPiA+Pj4+Pj4KPiA+ID4g
PiA+ID4+Pj4+Cj4gPiA+ID4gPiA+Pj4+PiBDb3VsZCB5b3UgY2hlY2sgaWYgdGhlIGZvbGxvd2lu
ZyBkaXJlY3RvcnkgdHJlZSBpcyBidWlsdCBhZnRlcgo+ID4gPiA+ID4gPj4+Pj4gZXhlY3V0aW5n
IHRoZSBiZWxvdyBjb21tYW5kPwo+ID4gPiA+ID4gPj4+Pj4KPiA+ID4gPiA+ID4+Pj4+ICQgbWFr
ZSAtamBucHJvY2AKPiA+ID4gPiA+ID4+Pj4+IENGR19JTl9UUkVFX0VBUkxZX1RBUz10cnVzdGVk
X2tleXMvZjA0YTBmZTctMWY1ZC00YjliLWFiZjctNjE5Yjg1YjRjZThjCj4gPiA+ID4gPiA+Pj4+
Pgo+ID4gPiA+ID4gPj4+Pj4gJCB0cmVlIG91dC9iaW4vCj4gPiA+ID4gPiA+Pj4+PiBvdXQvYmlu
Lwo+ID4gPiA+ID4gPj4+Pj4g4pSc4pSA4pSAIGJsMS5iaW4gLT4gL2hvbWUvc3VtaXQvYnVpbGQv
b3B0ZWUvYnVpbGQvLi4vdHJ1c3RlZC1maXJtd2FyZS1hL2J1aWxkL3FlbXUvcmVsZWFzZS9ibDEu
YmluCj4gPiA+ID4gPiA+Pj4+PiDilJzilIDilIAgYmwyLmJpbiAtPiAvaG9tZS9zdW1pdC9idWls
ZC9vcHRlZS9idWlsZC8uLi90cnVzdGVkLWZpcm13YXJlLWEvYnVpbGQvcWVtdS9yZWxlYXNlL2Js
Mi5iaW4KPiA+ID4gPiA+ID4+Pj4+IOKUnOKUgOKUgCBibDMxLmJpbiAtPgo+ID4gPiA+ID4gPj4+
Pj4gL2hvbWUvc3VtaXQvYnVpbGQvb3B0ZWUvYnVpbGQvLi4vdHJ1c3RlZC1maXJtd2FyZS1hL2J1
aWxkL3FlbXUvcmVsZWFzZS9ibDMxLmJpbgo+ID4gPiA+ID4gPj4+Pj4g4pSc4pSA4pSAIGJsMzIu
YmluIC0+Cj4gPiA+ID4gPiA+Pj4+PiAvaG9tZS9zdW1pdC9idWlsZC9vcHRlZS9idWlsZC8uLi9v
cHRlZV9vcy9vdXQvYXJtL2NvcmUvdGVlLWhlYWRlcl92Mi5iaW4KPiA+ID4gPiA+ID4+Pj4+IOKU
nOKUgOKUgCBibDMyX2V4dHJhMS5iaW4gLT4KPiA+ID4gPiA+ID4+Pj4+IC9ob21lL3N1bWl0L2J1
aWxkL29wdGVlL2J1aWxkLy4uL29wdGVlX29zL291dC9hcm0vY29yZS90ZWUtcGFnZXJfdjIuYmlu
Cj4gPiA+ID4gPiA+Pj4+PiDilJzilIDilIAgYmwzMl9leHRyYTIuYmluIC0+Cj4gPiA+ID4gPiA+
Pj4+PiAvaG9tZS9zdW1pdC9idWlsZC9vcHRlZS9idWlsZC8uLi9vcHRlZV9vcy9vdXQvYXJtL2Nv
cmUvdGVlLXBhZ2VhYmxlX3YyLmJpbgo+ID4gPiA+ID4gPj4+Pj4g4pSc4pSA4pSAIGJsMzMuYmlu
IC0+Cj4gPiA+ID4gPiA+Pj4+PiAvaG9tZS9zdW1pdC9idWlsZC9vcHRlZS9idWlsZC8uLi9lZGsy
L0J1aWxkL0FybVZpcnRRZW11S2VybmVsLUFBUkNINjQvUkVMRUFTRV9HQ0M0OS9GVi9RRU1VX0VG
SS5mZAo+ID4gPiA+ID4gPj4+Pj4g4pSc4pSA4pSAIEltYWdlIC0+IC9ob21lL3N1bWl0L2J1aWxk
L29wdGVlL2J1aWxkLy4uL2xpbnV4L2FyY2gvYXJtNjQvYm9vdC9JbWFnZQo+ID4gPiA+ID4gPj4+
Pj4g4pSU4pSA4pSAIHJvb3Rmcy5jcGlvLmd6IC0+Cj4gPiA+ID4gPiA+Pj4+PiAvaG9tZS9zdW1p
dC9idWlsZC9vcHRlZS9idWlsZC8uLi9vdXQtYnIvaW1hZ2VzL3Jvb3Rmcy5jcGlvLmd6Cj4gPiA+
ID4gPiA+Pj4+Pgo+ID4gPiA+ID4gPj4+Pj4gMCBkaXJlY3RvcmllcywgOSBmaWxlcwo+ID4gPiA+
ID4gPj4+Pj4KPiA+ID4gPiA+ID4+Pj4+IC1TdW1pdAo+ID4gPiA+ID4gPj4+Pgo+ID4gPiA+ID4g
Pj4+PiBJIGFjdHVhbGx5IHNwb3R0ZWQgYSBidWlsZCBlcnJvciB0aGF0IHdhcyB1bm5vdGljZWQg
bGFzdCB0aW1lOgo+ID4gPiA+ID4gPj4+Pgo+ID4gPiA+ID4gPj4+PiBtYWtlWzJdOiBFbnRlcmlu
ZyBkaXJlY3RvcnkgJy9ob21lL2phcmtrby9kZXZlbC90cG0vb3B0ZWUvZWRrMi9CYXNlVG9vbHMv
VGVzdHMnCj4gPiA+ID4gPiA+Pj4+IC9iaW4vc2g6IDE6IHB5dGhvbjogbm90IGZvdW5kCj4gPiA+
ID4gPiA+Pj4+Cj4gPiA+ID4gPiA+Pj4+IEknZCBwcmVmZXIgbm90IHRvIGluc3RhbGwgUHl0aG9u
Mi4gSXQgaGFzIGJlZW4gRU9MIG92ZXIgYSB5ZWFyLgo+ID4gPiA+ID4gPj4+Cj4gPiA+ID4gPiA+
Pj4gQUZBSUssIGV2ZXJ5dGhpbmcgc2hvdWxkIGJ1aWxkIGZpbmUgd2l0aCBQeXRob24zLiBPbiBt
eSBVYnVudHUgMjAuMDQKPiA+ID4gPiA+ID4+PiBtYWNoaW5lLCB0aGlzIGlzIGFjY29tcGxpc2hl
ZCBieSBpbnN0YWxsaW5nIHBhY2thZ2UgInB5dGhvbi1pcy1weXRob24zIgo+ID4gPiA+ID4gPj4+
IChhZnRlciB1bmluc3RhbGxpbmcgInB5dGhvbi1pcy1weXRob24yIiBpZiBuZWVkIGJlKS4KPiA+
ID4gPiA+ID4+Pgo+ID4gPiA+ID4gPj4+ICQgbHMgLWwgL3Vzci9iaW4vcHl0aG9uCj4gPiA+ID4g
PiA+Pj4gbHJ3eHJ3eHJ3eCAxIHJvb3Qgcm9vdCA3IEFwciAxNSAgMjAyMCAvdXNyL2Jpbi9weXRo
b24gLT4gcHl0aG9uMwo+ID4gPiA+ID4gPj4KPiA+ID4gPiA+ID4+IFJpZ2h0LCBqdXN0IGZvdW5k
IGFib3V0IHRoaXMgaW4gdW5yZWxhdGVkIGNvbnRleHQgOi0pIFsqXQo+ID4gPiA+ID4gPj4KPiA+
ID4gPiA+ID4+IEhvcGUgdGhpcyB3aWxsIHdvcmsgb3V0Li4uCj4gPiA+ID4gPiA+Pgo+ID4gPiA+
ID4gPj4gWypdIGh0dHBzOi8vZ2l0aHViLmNvbS9zdXJnZS1zeW50aGVzaXplci9zdXJnZS9wdWxs
LzM2NTUKPiA+ID4gPiA+ID4KPiA+ID4gPiA+ID4gTm93IEkgZ2V0Cj4gPiA+ID4gPiA+Cj4gPiA+
ID4gPiA+IFRyYWNlYmFjayAobW9zdCByZWNlbnQgY2FsbCBsYXN0KToKPiA+ID4gPiA+ID4gICBG
aWxlICIvaG9tZS9qYXJra28vUHJvamVjdHMvdHBtL29wdGVlL2VkazIvQmFzZVRvb2xzL1Rlc3Rz
L1J1blRlc3RzLnB5IiwgbGluZSAzNiwgaW4gPG1vZHVsZT4KPiA+ID4gPiA+ID4gICAgIGFsbFRl
c3RzID0gR2V0QWxsVGVzdHNTdWl0ZSgpCj4gPiA+ID4gPiA+ICAgRmlsZSAiL2hvbWUvamFya2tv
L1Byb2plY3RzL3RwbS9vcHRlZS9lZGsyL0Jhc2VUb29scy9UZXN0cy9SdW5UZXN0cy5weSIsIGxp
bmUgMzMsIGluIEdldEFsbFRlc3RzU3VpdGUKPiA+ID4gPiA+ID4gICAgIHJldHVybiB1bml0dGVz
dC5UZXN0U3VpdGUoW0dldENUZXN0U3VpdGUoKSwgR2V0UHl0aG9uVGVzdFN1aXRlKCldKQo+ID4g
PiA+ID4gPiAgIEZpbGUgIi9ob21lL2phcmtrby9Qcm9qZWN0cy90cG0vb3B0ZWUvZWRrMi9CYXNl
VG9vbHMvVGVzdHMvUnVuVGVzdHMucHkiLCBsaW5lIDI1LCBpbiBHZXRDVGVzdFN1aXRlCj4gPiA+
ID4gPiA+ICAgICBpbXBvcnQgQ1Rvb2xzVGVzdHMKPiA+ID4gPiA+ID4gICBGaWxlICIvaG9tZS9q
YXJra28vUHJvamVjdHMvdHBtL29wdGVlL2VkazIvQmFzZVRvb2xzL1Rlc3RzL0NUb29sc1Rlc3Rz
LnB5IiwgbGluZSAyMiwgaW4gPG1vZHVsZT4KPiA+ID4gPiA+ID4gICAgIGltcG9ydCBUaWFub0Nv
bXByZXNzCj4gPiA+ID4gPiA+ICAgRmlsZSAiL2hvbWUvamFya2tvL1Byb2plY3RzL3RwbS9vcHRl
ZS9lZGsyL0Jhc2VUb29scy9UZXN0cy9UaWFub0NvbXByZXNzLnB5IiwgbGluZSA2OSwgaW4gPG1v
ZHVsZT4KPiA+ID4gPiA+ID4gICAgIFRoZVRlc3RTdWl0ZSA9IFRlc3RUb29scy5NYWtlVGhlVGVz
dFN1aXRlKGxvY2FscygpKQo+ID4gPiA+ID4gPiAgIEZpbGUgIi9ob21lL2phcmtrby9Qcm9qZWN0
cy90cG0vb3B0ZWUvZWRrMi9CYXNlVG9vbHMvVGVzdHMvVGVzdFRvb2xzLnB5IiwgbGluZSA0Mywg
aW4gTWFrZVRoZVRlc3RTdWl0ZQo+ID4gPiA+ID4gPiAgICAgZm9yIG5hbWUsIGl0ZW0gaW4gbG9j
YWxJdGVtcy5pdGVyaXRlbXMoKToKPiA+ID4gPiA+ID4gQXR0cmlidXRlRXJyb3I6ICdkaWN0JyBv
YmplY3QgaGFzIG5vIGF0dHJpYnV0ZSAnaXRlcml0ZW1zJwo+ID4gPiA+ID4KPiA+ID4gPiA+IFJp
Z2h0LiBTYW1lIGhlcmUgYWZ0ZXIgcmVtb3ZpbmcgYWxsIHRyYWNlcyBvZiBQeXRob24yIGZyb20g
bXkgc3lzdGVtIDotLwo+ID4gPiA+ID4KPiA+ID4gPiA+IEEgY291cGxlIG9mIGZpeGVzIGFyZSBu
ZWVkZWQ6Cj4gPiA+ID4gPiAxLiBFREsyIG5lZWRzIHRvIGJlIHVwZ3JhZGVkIHRvIHRhZyBvciBs
YXRlciBbMV0KPiA+ID4gPiA+IDIuIFRoZSBQWVRIT04zX0VOQUJMRSBlbnZpcm9ubWVudCB2YXJp
YWJsZSBuZWVkcyB0byBiZSBzZXQgdG8gVFJVRSBbMl0KPiA+ID4gPiA+Cj4gPiA+ID4gPiBbMV0g
aHR0cHM6Ly9naXRodWIuY29tL09QLVRFRS9tYW5pZmVzdC9wdWxsLzE3Nwo+ID4gPiA+ID4gWzJd
IGh0dHBzOi8vZ2l0aHViLmNvbS9PUC1URUUvYnVpbGQvcHVsbC80NTAKPiA+ID4gPgo+ID4gPiA+
IEJUVywgSXMgdG8gKnJlYWxseSogaW1wb3NzaWJsZSB0byB0ZXN0IHRoaXMgd2l0aCBwbGFpbiBC
dWlsZFJvb3QuICBJdCdzCj4gPiA+ID4gb2J2aW91cyB0aGF0IHRoaXMgZm9ya3MgQlIgaW50ZXJu
YWxseS4KPiA+ID4gPgo+ID4gPiA+IEkgbWVhbiBldmVuIGlmIEkgZ2V0IHRoaXMgd29ya2luZyBv
bmNlLCB0aGlzIHdpbGwgZmVlbHMgbGlrZSBhIGNsdW1zeSB3YXkKPiA+ID4gPiB0byB0ZXN0IEFh
cmNoNjQgcmVndWxhcmx5LiBJIHVzZSBCdWlsZFJvb3QgZXh0ZW5zaXZlbHkgZm9yIHg4NiB0ZXN0
aW5nLiBBbmQKPiA+ID4gPiBpdCB3b3VsZCBiZSBuaWNlIHRvIGJlIGFibGUgdG8gc3RhcnQgZG9p
bmcgcmVndWxhciBBUk0gdGVzdGluZy4KPiA+ID4KPiA+ID4gVGhlIG1haW4gcmVhc29uIHRvIGd1
aWRlIHlvdSB0b3dhcmRzIHRoZSBPUC1URUUgYnVpbGQgc3lzdGVtIGlzIHRoYXQKPiA+ID4geW91
IHdpbGwgYmUgYWJsZSB0byBidWlsZCBhbGwgdGhlIGZpcm13YXJlcyAoVEYtQSwgT1AtVEVFLCBl
ZGsyIGV0Yy4pCj4gPiA+IGZyb20gc291cmNlLiBJZiB5b3UgZG9uJ3QgbmVlZCB0byByZWJ1aWxk
IHRob3NlIHRoZW4gSSBoYXZlIHByZXBhcmVkIGEKPiA+ID4gZmxhc2ggZmlybXdhcmUgYmluYXJ5
IGJsb2IgZm9yIHlvdXIgdGVzdGluZyAoYXR0YWNoZWQgZmxhc2guYmluKS4gU28KPiA+ID4gUWVt
dSBjbWRsaW5lIHdpbGwgbG9vayBsaWtlOgo+ID4gPgo+ID4gPiAkIHFlbXUtc3lzdGVtLWFhcmNo
NjQgLW5vZ3JhcGhpYyAtcyAtbWFjaGluZSB2aXJ0LHNlY3VyZT1vbiAtY3B1Cj4gPiA+IGNvcnRl
eC1hNTcgLWtlcm5lbCBvdXQvYmluL0ltYWdlIC1uby1hY3BpIC1hcHBlbmQKPiA+ID4gJ2NvbnNv
bGU9dHR5QU1BMCwzODQwMCBrZWVwX2Jvb3Rjb24gcm9vdD0vZGV2L3ZkYTInIC1pbml0cmQKPiA+
ID4gb3V0L2Jpbi9yb290ZnMuY3Bpby5neiAtc21wIDIgLW0gMTAyNCAtYmlvcyBmbGFzaC5iaW4g
LWQgdW5pbXAKPiA+Cj4gPiBJIHNwZW50dCBjb3VwbGUgb2YgZGF5cyB0byB0cnkgdG8gZ2V0IHRo
aXMgcnVubmluZy4KPiA+Cj4gPiBIZXJlJ3MgdGhlIGxvZzoKPiA+Cj4gPiDina8gLi9xZW11LnNo
Cj4gPiBOT1RJQ0U6ICBCb290aW5nIFRydXN0ZWQgRmlybXdhcmUKPiA+IE5PVElDRTogIEJMMTog
djIuMygpOnYyLjMKPiA+IE5PVElDRTogIEJMMTogQnVpbHQgOiAxMzoyODowNCwgSmFuIDI1IDIw
MjEKPiA+IE5PVElDRTogIEJMMTogQm9vdGluZyBCTDIKPiA+IE5PVElDRTogIEJMMjogdjIuMygp
OnYyLjMKPiA+IE5PVElDRTogIEJMMjogQnVpbHQgOiAxMzoyODowNiwgSmFuIDI1IDIwMjEKPiA+
IE5PVElDRTogIEJMMTogQm9vdGluZyBCTDMxCj4gPiBOT1RJQ0U6ICBCTDMxOiB2Mi4zKCk6djIu
Mwo+ID4gTk9USUNFOiAgQkwzMTogQnVpbHQgOiAxMzoyODowOCwgSmFuIDI1IDIwMjEKPiA+IFVF
RkkgZmlybXdhcmUgKHZlcnNpb24gIGJ1aWx0IGF0IDE4OjQ5OjI3IG9uIE5vdiAxOCAyMDE5KQo+
ID4gcGZsYXNoX3dyaXRlOiBXcml0ZSB0byBidWZmZXIgZW11bGF0aW9uIGlzIGZsYXdlZAo+ID4g
cGZsYXNoX3dyaXRlOiBXcml0ZSB0byBidWZmZXIgZW11bGF0aW9uIGlzIGZsYXdlZAo+ID4gRUZJ
IHN0dWI6IEJvb3RpbmcgTGludXggS2VybmVsLi4uCj4gPiBFRkkgc3R1YjogVXNpbmcgRFRCIGZy
b20gY29uZmlndXJhdGlvbiB0YWJsZQo+ID4gRUZJIHN0dWI6IEV4aXRpbmcgYm9vdCBzZXJ2aWNl
cyBhbmQgaW5zdGFsbGluZyB2aXJ0dWFsIGFkZHJlc3MgbWFwLi4uCj4gPiBCb290aW5nIExpbnV4
IG9uIHBoeXNpY2FsIENQVSAweDAwMDAwMDAwMDAgWzB4NDExZmQwNzBdCj4gPiBMaW51eCB2ZXJz
aW9uIDUuMTEuMC1yYzUgKGphcmtrb0BzdXBwaWxvdmFodmVybykgKGFhcmNoNjQtYnVpbGRyb290
LWxpbnV4LXVjbGliYy1nY2MuYnJfcmVhbCAoQnVpbGRyb290IDIwMjEuMDItcmMxLTEwLWdhNzJj
OTBiOTcyKSA5LjMuMCwgR05VIGxkIChHTlUgQmludXRpbHMpIDIuMzUuMikgIzEgU01QIFRodSBG
ZWIgMTEgMjI6MDQ6NTMgRUVUIDIwMjEKPiA+IE1hY2hpbmUgbW9kZWw6IGxpbnV4LGR1bW15LXZp
cnQKPiA+IGVmaTogRUZJIHYyLjcwIGJ5IEVESyBJSQo+ID4gZWZpOiBTTUJJT1M9MHg3ZjUyMDAw
MCBTTUJJT1MgMy4wPTB4N2Y1MDAwMDAgTUVNQVRUUj0weDdlNTliMDE4IE1FTVJFU0VSVkU9MHg3
YzE0M2YxOAo+ID4gWm9uZSByYW5nZXM6Cj4gPiAgIERNQSAgICAgIFttZW0gMHgwMDAwMDAwMDQw
MDAwMDAwLTB4MDAwMDAwMDA3ZmZmZmZmZl0KPiA+ICAgRE1BMzIgICAgZW1wdHkKPiA+ICAgTm9y
bWFsICAgZW1wdHkKPiA+IE1vdmFibGUgem9uZSBzdGFydCBmb3IgZWFjaCBub2RlCj4gPiBFYXJs
eSBtZW1vcnkgbm9kZSByYW5nZXMKPiA+ICAgbm9kZSAgIDA6IFttZW0gMHgwMDAwMDAwMDQwMDAw
MDAwLTB4MDAwMDAwMDA0MWZmZmZmZl0KPiA+ICAgbm9kZSAgIDA6IFttZW0gMHgwMDAwMDAwMDQy
MjAwMDAwLTB4MDAwMDAwMDA3YmUzZmZmZl0KPiA+ICAgbm9kZSAgIDA6IFttZW0gMHgwMDAwMDAw
MDdiZTQwMDAwLTB4MDAwMDAwMDA3YzEzZmZmZl0KPiA+ICAgbm9kZSAgIDA6IFttZW0gMHgwMDAw
MDAwMDdjMTQwMDAwLTB4MDAwMDAwMDA3ZjQxZmZmZl0KPiA+ICAgbm9kZSAgIDA6IFttZW0gMHgw
MDAwMDAwMDdmNDIwMDAwLTB4MDAwMDAwMDA3ZjRhZmZmZl0KPiA+ICAgbm9kZSAgIDA6IFttZW0g
MHgwMDAwMDAwMDdmNGIwMDAwLTB4MDAwMDAwMDA3ZjRjZmZmZl0KPiA+ICAgbm9kZSAgIDA6IFtt
ZW0gMHgwMDAwMDAwMDdmNGQwMDAwLTB4MDAwMDAwMDA3ZjVkZmZmZl0KPiA+ICAgbm9kZSAgIDA6
IFttZW0gMHgwMDAwMDAwMDdmNWUwMDAwLTB4MDAwMDAwMDA3ZmZmZmZmZl0KPiA+IFplcm9lZCBz
dHJ1Y3QgcGFnZSBpbiB1bmF2YWlsYWJsZSByYW5nZXM6IDg2NCBwYWdlcwo+ID4gSW5pdG1lbSBz
ZXR1cCBub2RlIDAgW21lbSAweDAwMDAwMDAwNDAwMDAwMDAtMHgwMDAwMDAwMDdmZmZmZmZmXQo+
ID4gcHNjaTogcHJvYmluZyBmb3IgY29uZHVpdCBtZXRob2QgZnJvbSBEVC4KPiA+IHBzY2k6IFBT
Q0l2MS4xIGRldGVjdGVkIGluIGZpcm13YXJlLgo+ID4gcHNjaTogVXNpbmcgc3RhbmRhcmQgUFND
SSB2MC4yIGZ1bmN0aW9uIElEcwo+ID4gcHNjaTogVHJ1c3RlZCBPUyBtaWdyYXRpb24gbm90IHJl
cXVpcmVkCj4gPiBwc2NpOiBTTUMgQ2FsbGluZyBDb252ZW50aW9uIHYxLjIKPiA+IHBlcmNwdTog
RW1iZWRkZWQgMjEgcGFnZXMvY3B1IHM0ODAyNCByODE5MiBkMjk4MDAgdTg2MDE2Cj4gPiBEZXRl
Y3RlZCBQSVBUIEktY2FjaGUgb24gQ1BVMAo+ID4gQ1BVIGZlYXR1cmVzOiBkZXRlY3RlZDogQVJN
IGVycmF0dW0gODMyMDc1Cj4gPiBDUFUgZmVhdHVyZXM6IGRldGVjdGVkOiBTcGVjdHJlLXYyCj4g
PiBDUFUgZmVhdHVyZXM6IGRldGVjdGVkOiBBUk0gZXJyYXRhIDExNjU1MjIsIDEzMTkzNjcsIG9y
IDE1MzA5MjMKPiA+IEJ1aWx0IDEgem9uZWxpc3RzLCBtb2JpbGl0eSBncm91cGluZyBvbi4gIFRv
dGFsIHBhZ2VzOiAyNTc1MzYKPiA+IEtlcm5lbCBjb21tYW5kIGxpbmU6IHJvb3Q9L2Rldi92ZGEg
cncgY29uc29sZT10dHlBTUEwLDExNTIwMAo+ID4gRGVudHJ5IGNhY2hlIGhhc2ggdGFibGUgZW50
cmllczogMTMxMDcyIChvcmRlcjogOCwgMTA0ODU3NiBieXRlcywgbGluZWFyKQo+ID4gSW5vZGUt
Y2FjaGUgaGFzaCB0YWJsZSBlbnRyaWVzOiA2NTUzNiAob3JkZXI6IDcsIDUyNDI4OCBieXRlcywg
bGluZWFyKQo+ID4gbWVtIGF1dG8taW5pdDogc3RhY2s6b2ZmLCBoZWFwIGFsbG9jOm9mZiwgaGVh
cCBmcmVlOm9mZgo+ID4gTWVtb3J5OiAxMDExMjg0Sy8xMDQ2NTI4SyBhdmFpbGFibGUgKDY1OTJL
IGtlcm5lbCBjb2RlLCA4MDRLIHJ3ZGF0YSwgMTQ2MEsgcm9kYXRhLCAxMDg4SyBpbml0LCAzMjFL
IGJzcywgMzUyNDRLIHJlc2VydmVkLCAwSyBjbWEtcmVzZXJ2ZWQpCj4gPiBTTFVCOiBIV2FsaWdu
PTY0LCBPcmRlcj0wLTMsIE1pbk9iamVjdHM9MCwgQ1BVcz0xLCBOb2Rlcz0xCj4gPiByY3U6IEhp
ZXJhcmNoaWNhbCBSQ1UgaW1wbGVtZW50YXRpb24uCj4gPiByY3U6ICAgIFJDVSByZXN0cmljdGlu
ZyBDUFVzIGZyb20gTlJfQ1BVUz0yNTYgdG8gbnJfY3B1X2lkcz0xLgo+ID4gcmN1OiBSQ1UgY2Fs
Y3VsYXRlZCB2YWx1ZSBvZiBzY2hlZHVsZXItZW5saXN0bWVudCBkZWxheSBpcyAyNSBqaWZmaWVz
Lgo+ID4gcmN1OiBBZGp1c3RpbmcgZ2VvbWV0cnkgZm9yIHJjdV9mYW5vdXRfbGVhZj0xNiwgbnJf
Y3B1X2lkcz0xCj4gPiBOUl9JUlFTOiA2NCwgbnJfaXJxczogNjQsIHByZWFsbG9jYXRlZCBpcnFz
OiAwCj4gPiBHSUN2Mm06IHJhbmdlW21lbSAweDA4MDIwMDAwLTB4MDgwMjBmZmZdLCBTUElbODA6
MTQzXQo+ID4gcmFuZG9tOiBnZXRfcmFuZG9tX2J5dGVzIGNhbGxlZCBmcm9tIHN0YXJ0X2tlcm5l
bCsweDM0MC8weDUzYyB3aXRoIGNybmdfaW5pdD0wCj4gPiBhcmNoX3RpbWVyOiBjcDE1IHRpbWVy
KHMpIHJ1bm5pbmcgYXQgNjIuNTBNSHogKHZpcnQpLgo+ID4gY2xvY2tzb3VyY2U6IGFyY2hfc3lz
X2NvdW50ZXI6IG1hc2s6IDB4ZmZmZmZmZmZmZmZmZmYgbWF4X2N5Y2xlczogMHgxY2Q0MmUyMDhj
LCBtYXhfaWRsZV9uczogODgxNTkwNDA1MzE0IG5zCj4gPiBzY2hlZF9jbG9jazogNTYgYml0cyBh
dCA2Mk1IeiwgcmVzb2x1dGlvbiAxNm5zLCB3cmFwcyBldmVyeSA0Mzk4MDQ2NTExMDk2bnMKPiA+
IENvbnNvbGU6IGNvbG91ciBkdW1teSBkZXZpY2UgODB4MjUKPiA+IENhbGlicmF0aW5nIGRlbGF5
IGxvb3AgKHNraXBwZWQpLCB2YWx1ZSBjYWxjdWxhdGVkIHVzaW5nIHRpbWVyIGZyZXF1ZW5jeS4u
IDEyNS4wMCBCb2dvTUlQUyAobHBqPTI1MDAwMCkKPiA+IHBpZF9tYXg6IGRlZmF1bHQ6IDMyNzY4
IG1pbmltdW06IDMwMQo+ID4gTW91bnQtY2FjaGUgaGFzaCB0YWJsZSBlbnRyaWVzOiAyMDQ4IChv
cmRlcjogMiwgMTYzODQgYnl0ZXMsIGxpbmVhcikKPiA+IE1vdW50cG9pbnQtY2FjaGUgaGFzaCB0
YWJsZSBlbnRyaWVzOiAyMDQ4IChvcmRlcjogMiwgMTYzODQgYnl0ZXMsIGxpbmVhcikKPiA+IHJj
dTogSGllcmFyY2hpY2FsIFNSQ1UgaW1wbGVtZW50YXRpb24uCj4gPiBSZW1hcHBpbmcgYW5kIGVu
YWJsaW5nIEVGSSBzZXJ2aWNlcy4KPiA+IHNtcDogQnJpbmdpbmcgdXAgc2Vjb25kYXJ5IENQVXMg
Li4uCj4gPiBzbXA6IEJyb3VnaHQgdXAgMSBub2RlLCAxIENQVQo+ID4gU01QOiBUb3RhbCBvZiAx
IHByb2Nlc3NvcnMgYWN0aXZhdGVkLgo+ID4gQ1BVIGZlYXR1cmVzOiBkZXRlY3RlZDogMzItYml0
IEVMMCBTdXBwb3J0Cj4gPiBDUFUgZmVhdHVyZXM6IGRldGVjdGVkOiBDUkMzMiBpbnN0cnVjdGlv
bnMKPiA+IENQVTogQWxsIENQVShzKSBzdGFydGVkIGF0IEVMMQo+ID4gYWx0ZXJuYXRpdmVzOiBw
YXRjaGluZyBrZXJuZWwgY29kZQo+ID4gZGV2dG1wZnM6IGluaXRpYWxpemVkCj4gPiBjbG9ja3Nv
dXJjZTogamlmZmllczogbWFzazogMHhmZmZmZmZmZiBtYXhfY3ljbGVzOiAweGZmZmZmZmZmLCBt
YXhfaWRsZV9uczogNzY0NTA0MTc4NTEwMDAwMCBucwo+ID4gZnV0ZXggaGFzaCB0YWJsZSBlbnRy
aWVzOiAyNTYgKG9yZGVyOiAyLCAxNjM4NCBieXRlcywgbGluZWFyKQo+ID4gU01CSU9TIDMuMC4w
IHByZXNlbnQuCj4gPiBETUk6IFFFTVUgUUVNVSBWaXJ0dWFsIE1hY2hpbmUsIEJJT1MgMC4wLjAg
MDIvMDYvMjAxNQo+ID4gTkVUOiBSZWdpc3RlcmVkIHByb3RvY29sIGZhbWlseSAxNgo+ID4gRE1B
OiBwcmVhbGxvY2F0ZWQgMTI4IEtpQiBHRlBfS0VSTkVMIHBvb2wgZm9yIGF0b21pYyBhbGxvY2F0
aW9ucwo+ID4gRE1BOiBwcmVhbGxvY2F0ZWQgMTI4IEtpQiBHRlBfS0VSTkVMfEdGUF9ETUEgcG9v
bCBmb3IgYXRvbWljIGFsbG9jYXRpb25zCj4gPiBETUE6IHByZWFsbG9jYXRlZCAxMjggS2lCIEdG
UF9LRVJORUx8R0ZQX0RNQTMyIHBvb2wgZm9yIGF0b21pYyBhbGxvY2F0aW9ucwo+ID4gaHctYnJl
YWtwb2ludDogZm91bmQgNiBicmVha3BvaW50IGFuZCA0IHdhdGNocG9pbnQgcmVnaXN0ZXJzLgo+
ID4gQVNJRCBhbGxvY2F0b3IgaW5pdGlhbGlzZWQgd2l0aCA2NTUzNiBlbnRyaWVzCj4gPiBTZXJp
YWw6IEFNQkEgUEwwMTEgVUFSVCBkcml2ZXIKPiA+IDkwMDAwMDAucGwwMTE6IHR0eUFNQTAgYXQg
TU1JTyAweDkwMDAwMDAgKGlycSA9IDQ2LCBiYXNlX2JhdWQgPSAwKSBpcyBhIFBMMDExIHJldjEK
PiA+IHByaW50azogY29uc29sZSBbdHR5QU1BMF0gZW5hYmxlZAo+ID4gaW9tbXU6IERlZmF1bHQg
ZG9tYWluIHR5cGU6IFRyYW5zbGF0ZWQKPiA+IHZnYWFyYjogbG9hZGVkCj4gPiBTQ1NJIHN1YnN5
c3RlbSBpbml0aWFsaXplZAo+ID4gUmVnaXN0ZXJlZCBlZml2YXJzIG9wZXJhdGlvbnMKPiA+IGNs
b2Nrc291cmNlOiBTd2l0Y2hlZCB0byBjbG9ja3NvdXJjZSBhcmNoX3N5c19jb3VudGVyCj4gPiBO
RVQ6IFJlZ2lzdGVyZWQgcHJvdG9jb2wgZmFtaWx5IDIKPiA+IHRjcF9saXN0ZW5fcG9ydGFkZHJf
aGFzaCBoYXNoIHRhYmxlIGVudHJpZXM6IDUxMiAob3JkZXI6IDEsIDgxOTIgYnl0ZXMsIGxpbmVh
cikKPiA+IFRDUCBlc3RhYmxpc2hlZCBoYXNoIHRhYmxlIGVudHJpZXM6IDgxOTIgKG9yZGVyOiA0
LCA2NTUzNiBieXRlcywgbGluZWFyKQo+ID4gVENQIGJpbmQgaGFzaCB0YWJsZSBlbnRyaWVzOiA4
MTkyIChvcmRlcjogNSwgMTMxMDcyIGJ5dGVzLCBsaW5lYXIpCj4gPiBUQ1A6IEhhc2ggdGFibGVz
IGNvbmZpZ3VyZWQgKGVzdGFibGlzaGVkIDgxOTIgYmluZCA4MTkyKQo+ID4gVURQIGhhc2ggdGFi
bGUgZW50cmllczogNTEyIChvcmRlcjogMiwgMTYzODQgYnl0ZXMsIGxpbmVhcikKPiA+IFVEUC1M
aXRlIGhhc2ggdGFibGUgZW50cmllczogNTEyIChvcmRlcjogMiwgMTYzODQgYnl0ZXMsIGxpbmVh
cikKPiA+IE5FVDogUmVnaXN0ZXJlZCBwcm90b2NvbCBmYW1pbHkgMQo+ID4gUENJOiBDTFMgMCBi
eXRlcywgZGVmYXVsdCA2NAo+ID4gaHcgcGVyZmV2ZW50czogZW5hYmxlZCB3aXRoIGFybXY4X3Bt
dXYzIFBNVSBkcml2ZXIsIDUgY291bnRlcnMgYXZhaWxhYmxlCj4gPiB3b3JraW5nc2V0OiB0aW1l
c3RhbXBfYml0cz02MiBtYXhfb3JkZXI9MTggYnVja2V0X29yZGVyPTAKPiA+IGZ1c2U6IGluaXQg
KEFQSSB2ZXJzaW9uIDcuMzMpCj4gPiBCbG9jayBsYXllciBTQ1NJIGdlbmVyaWMgKGJzZykgZHJp
dmVyIHZlcnNpb24gMC40IGxvYWRlZCAobWFqb3IgMjUxKQo+ID4gaW8gc2NoZWR1bGVyIG1xLWRl
YWRsaW5lIHJlZ2lzdGVyZWQKPiA+IGlvIHNjaGVkdWxlciBreWJlciByZWdpc3RlcmVkCj4gPiBw
Y2ktaG9zdC1nZW5lcmljIDQwMTAwMDAwMDAucGNpZTogaG9zdCBicmlkZ2UgL3BjaWVAMTAwMDAw
MDAgcmFuZ2VzOgo+ID4gcGNpLWhvc3QtZ2VuZXJpYyA0MDEwMDAwMDAwLnBjaWU6ICAgICAgIElP
IDB4MDAzZWZmMDAwMC4uMHgwMDNlZmZmZmZmIC0+IDB4MDAwMDAwMDAwMAo+ID4gcGNpLWhvc3Qt
Z2VuZXJpYyA0MDEwMDAwMDAwLnBjaWU6ICAgICAgTUVNIDB4MDAxMDAwMDAwMC4uMHgwMDNlZmVm
ZmZmIC0+IDB4MDAxMDAwMDAwMAo+ID4gcGNpLWhvc3QtZ2VuZXJpYyA0MDEwMDAwMDAwLnBjaWU6
ICAgICAgTUVNIDB4ODAwMDAwMDAwMC4uMHhmZmZmZmZmZmZmIC0+IDB4ODAwMDAwMDAwMAo+ID4g
cGNpLWhvc3QtZ2VuZXJpYyA0MDEwMDAwMDAwLnBjaWU6IE1lbW9yeSByZXNvdXJjZSBzaXplIGV4
Y2VlZHMgbWF4IGZvciAzMiBiaXRzCj4gPiBwY2ktaG9zdC1nZW5lcmljIDQwMTAwMDAwMDAucGNp
ZTogRUNBTSBhdCBbbWVtIDB4NDAxMDAwMDAwMC0weDQwMWZmZmZmZmZdIGZvciBbYnVzIDAwLWZm
XQo+ID4gcGNpLWhvc3QtZ2VuZXJpYyA0MDEwMDAwMDAwLnBjaWU6IFBDSSBob3N0IGJyaWRnZSB0
byBidXMgMDAwMDowMAo+ID4gcGNpX2J1cyAwMDAwOjAwOiByb290IGJ1cyByZXNvdXJjZSBbYnVz
IDAwLWZmXQo+ID4gcGNpX2J1cyAwMDAwOjAwOiByb290IGJ1cyByZXNvdXJjZSBbaW8gIDB4MDAw
MC0weGZmZmZdCj4gPiBwY2lfYnVzIDAwMDA6MDA6IHJvb3QgYnVzIHJlc291cmNlIFttZW0gMHgx
MDAwMDAwMC0weDNlZmVmZmZmXQo+ID4gcGNpX2J1cyAwMDAwOjAwOiByb290IGJ1cyByZXNvdXJj
ZSBbbWVtIDB4ODAwMDAwMDAwMC0weGZmZmZmZmZmZmZdCj4gPiBwY2kgMDAwMDowMDowMC4wOiBb
MWIzNjowMDA4XSB0eXBlIDAwIGNsYXNzIDB4MDYwMDAwCj4gPiBwY2kgMDAwMDowMDowMS4wOiBb
MWFmNDoxMDAwXSB0eXBlIDAwIGNsYXNzIDB4MDIwMDAwCj4gPiBwY2kgMDAwMDowMDowMS4wOiBy
ZWcgMHgxMDogW2lvICAweDAwODAtMHgwMDlmXQo+ID4gcGNpIDAwMDA6MDA6MDEuMDogcmVnIDB4
MTQ6IFttZW0gMHgxMDAwMTAwMC0weDEwMDAxZmZmXQo+ID4gcGNpIDAwMDA6MDA6MDEuMDogcmVn
IDB4MjA6IFttZW0gMHg4MDAwMDAwMDAwLTB4ODAwMDAwM2ZmZiA2NGJpdCBwcmVmXQo+ID4gcGNp
IDAwMDA6MDA6MDEuMDogcmVnIDB4MzA6IFttZW0gMHhmZmZjMDAwMC0weGZmZmZmZmZmIHByZWZd
Cj4gPiBwY2kgMDAwMDowMDowMi4wOiBbMWFmNDoxMDAxXSB0eXBlIDAwIGNsYXNzIDB4MDEwMDAw
Cj4gPiBwY2kgMDAwMDowMDowMi4wOiByZWcgMHgxMDogW2lvICAweDAwMDAtMHgwMDdmXQo+ID4g
cGNpIDAwMDA6MDA6MDIuMDogcmVnIDB4MTQ6IFttZW0gMHgxMDAwMDAwMC0weDEwMDAwZmZmXQo+
ID4gcGNpIDAwMDA6MDA6MDIuMDogcmVnIDB4MjA6IFttZW0gMHg4MDAwMDA0MDAwLTB4ODAwMDAw
N2ZmZiA2NGJpdCBwcmVmXQo+ID4gcGNpIDAwMDA6MDA6MDEuMDogQkFSIDY6IGFzc2lnbmVkIFtt
ZW0gMHgxMDAwMDAwMC0weDEwMDNmZmZmIHByZWZdCj4gPiBwY2kgMDAwMDowMDowMS4wOiBCQVIg
NDogYXNzaWduZWQgW21lbSAweDgwMDAwMDAwMDAtMHg4MDAwMDAzZmZmIDY0Yml0IHByZWZdCj4g
PiBwY2kgMDAwMDowMDowMi4wOiBCQVIgNDogYXNzaWduZWQgW21lbSAweDgwMDAwMDQwMDAtMHg4
MDAwMDA3ZmZmIDY0Yml0IHByZWZdCj4gPiBwY2kgMDAwMDowMDowMS4wOiBCQVIgMTogYXNzaWdu
ZWQgW21lbSAweDEwMDQwMDAwLTB4MTAwNDBmZmZdCj4gPiBwY2kgMDAwMDowMDowMi4wOiBCQVIg
MTogYXNzaWduZWQgW21lbSAweDEwMDQxMDAwLTB4MTAwNDFmZmZdCj4gPiBwY2kgMDAwMDowMDow
Mi4wOiBCQVIgMDogYXNzaWduZWQgW2lvICAweDEwMDAtMHgxMDdmXQo+ID4gcGNpIDAwMDA6MDA6
MDEuMDogQkFSIDA6IGFzc2lnbmVkIFtpbyAgMHgxMDgwLTB4MTA5Zl0KPiA+IHZpcnRpby1wY2kg
MDAwMDowMDowMS4wOiBlbmFibGluZyBkZXZpY2UgKDAwMDAgLT4gMDAwMykKPiA+IHZpcnRpby1w
Y2kgMDAwMDowMDowMi4wOiBlbmFibGluZyBkZXZpY2UgKDAwMDAgLT4gMDAwMykKPiA+IGNhY2hl
aW5mbzogVW5hYmxlIHRvIGRldGVjdCBjYWNoZSBoaWVyYXJjaHkgZm9yIENQVSAwCj4gPiB2aXJ0
aW9fYmxrIHZpcnRpbzE6IFt2ZGFdIDEyMjg4MCA1MTItYnl0ZSBsb2dpY2FsIGJsb2NrcyAoNjIu
OSBNQi82MC4wIE1pQikKPiA+IFNNQ0NDOiBTT0NfSUQ6IEFSQ0hfRkVBVFVSRVMoQVJDSF9TT0Nf
SUQpIHJldHVybmVkIGVycm9yOiBmZmZmZmZmZmZmZmZmZmZkCj4gPiBORVQ6IFJlZ2lzdGVyZWQg
cHJvdG9jb2wgZmFtaWx5IDEwCj4gPiBTZWdtZW50IFJvdXRpbmcgd2l0aCBJUHY2Cj4gPiBzaXQ6
IElQdjYsIElQdjQgYW5kIE1QTFMgb3ZlciBJUHY0IHR1bm5lbGluZyBkcml2ZXIKPiA+IE5FVDog
UmVnaXN0ZXJlZCBwcm90b2NvbCBmYW1pbHkgMTcKPiA+IE5FVDogUmVnaXN0ZXJlZCBwcm90b2Nv
bCBmYW1pbHkgMTUKPiA+IE5FVDogUmVnaXN0ZXJlZCBwcm90b2NvbCBmYW1pbHkgNDAKPiA+IHJl
Z2lzdGVyZWQgdGFza3N0YXRzIHZlcnNpb24gMQo+ID4gRVhUNC1mcyAodmRhKTogcmVjb3Zlcnkg
Y29tcGxldGUKPiA+IEVYVDQtZnMgKHZkYSk6IG1vdW50ZWQgZmlsZXN5c3RlbSB3aXRoIG9yZGVy
ZWQgZGF0YSBtb2RlLiBPcHRzOiAobnVsbCkuIFF1b3RhIG1vZGU6IGRpc2FibGVkLgo+ID4gVkZT
OiBNb3VudGVkIHJvb3QgKGV4dDQgZmlsZXN5c3RlbSkgb24gZGV2aWNlIDI1NDowLgo+ID4gZGV2
dG1wZnM6IG1vdW50ZWQKPiA+IEZyZWVpbmcgdW51c2VkIGtlcm5lbCBtZW1vcnk6IDEwODhLCj4g
PiBSdW4gL3NiaW4vaW5pdCBhcyBpbml0IHByb2Nlc3MKPiA+IG1vdW50OiB5b3UgbXVzdCBiZSBy
b290Cj4gPiBtb3VudDogeW91IG11c3QgYmUgcm9vdAo+ID4gbWtkaXI6IGNhbid0IGNyZWF0ZSBk
aXJlY3RvcnkgJy9kZXYvcHRzJzogUGVybWlzc2lvbiBkZW5pZWQKPiA+IG1rZGlyOiBjYW4ndCBj
cmVhdGUgZGlyZWN0b3J5ICcvZGV2L3NobSc6IFBlcm1pc3Npb24gZGVuaWVkCj4gPiBtb3VudDog
eW91IG11c3QgYmUgcm9vdAo+ID4gaG9zdG5hbWU6IHNldGhvc3RuYW1lOiBPcGVyYXRpb24gbm90
IHBlcm1pdHRlZAo+ID4gU3RhcnRpbmcgc3lzbG9nZDogT0sKPiA+IFN0YXJ0aW5nIGtsb2dkOiBP
Swo+ID4gUnVubmluZyBzeXNjdGw6IE9LCj4gPiBJbml0aWFsaXppbmcgcmFuZG9tIG51bWJlciBn
ZW5lcmF0b3I6IE9LCj4gPiBTYXZpbmcgcmFuZG9tIHNlZWQ6IHJhbmRvbTogZGQ6IHVuaW5pdGlh
bGl6ZWQgdXJhbmRvbSByZWFkICg1MTIgYnl0ZXMgcmVhZCkKPiA+IE9LCj4gPiBTdGFydGluZyBu
ZXR3b3JrOiBpcDogUlRORVRMSU5LIGFuc3dlcnM6IE9wZXJhdGlvbiBub3QgcGVybWl0dGVkCj4g
PiBpcDogU0lPQ1NJRkZMQUdTOiBPcGVyYXRpb24gbm90IHBlcm1pdHRlZAo+ID4gc2VkOiAvcHJv
Yy9tb3VudHM6IE5vIHN1Y2ggZmlsZSBvciBkaXJlY3RvcnkKPiA+IFdhaXRpbmcgZm9yIGludGVy
ZmFjZSBldGgwIHRvIGFwcGVhci4uLi4uLi4uLi4uLi4uLiB0aW1lb3V0IQo+ID4gcnVuLXBhcnRz
OiAvZXRjL25ldHdvcmsvaWYtcHJlLXVwLmQvd2FpdF9pZmFjZTogZXhpdCBzdGF0dXMgMQo+ID4g
RkFJTAo+ID4gY2FuJ3Qgb3BlbiAvZGV2L3R0eUFNQTA6IFBlcm1pc3Npb24gZGVuaWVkCj4gPiBj
YW4ndCBvcGVuIC9kZXYvdHR5QU1BMDogUGVybWlzc2lvbiBkZW5pZWQKPiA+IGNhbid0IG9wZW4g
L2Rldi90dHlBTUEwOiBQZXJtaXNzaW9uIGRlbmllZAo+ID4gY2FuJ3Qgb3BlbiAvZGV2L3R0eUFN
QTA6IFBlcm1pc3Npb24gZGVuaWVkCj4gPgo+ID4gQW5kIGl0IGNvbnRpbnVlcy4uLgo+ID4KPiA+
IFRoZSBxZW11IGNvbW1hbmQgSSBnb3QgZGlkIG5vdCB3b3JrICJhcyBpdCBpcyIgYW5kIGJlY2F1
c2UgSSdtIG5laXRoZXIgdG9vCj4gPiBwcm9maWNpZW50IHdpdGggcWVtdSBub3IgYWFyY2g2NCwg
aXQgdG9vayBhIHdoaWxlIHRvIGdldCBzb21ldGhpbmcgdXNhYmxlLgo+ID4gVGhpcyBpcyBteSBj
dXJyZW50IHFlbXUgY29tbWFuZDoKPiA+Cj4gPiBxZW11LXN5c3RlbS1hYXJjaDY0IC1ub2dyYXBo
aWMgLXMgLW1hY2hpbmUgdmlydCxzZWN1cmU9b24gLWNwdSBjb3J0ZXgtYTU3IFwKPiA+ICAgICAg
ICAgICAgICAgICAgICAgLWtlcm5lbCB+L1Byb2plY3RzL3RwbS9idWlsZHJvb3Qvb3V0cHV0L2lt
YWdlcy9JbWFnZSBcCj4gPiAgICAgICAgICAgICAgICAgICAgIC1uby1hY3BpIFwKPiA+ICAgICAg
ICAgICAgICAgICAgICAgLWFwcGVuZCAncm9vdD0vZGV2L3ZkYSBydyBjb25zb2xlPXR0eUFNQTAs
MTE1MjAwICcgXAo+ID4gICAgICAgICAgICAgICAgICAgICAtZHJpdmUgZmlsZT1+L1Byb2plY3Rz
L3RwbS9idWlsZHJvb3Qvb3V0cHV0L2ltYWdlcy9yb290ZnMuZXh0NCxmb3JtYXQ9cmF3IFwKPiA+
ICAgICAgICAgICAgICAgICAgICAgLXNtcCAxIFwKPiA+ICAgICAgICAgICAgICAgICAgICAgLW1v
bml0b3IgdGVsbmV0OjEyNy4wLjAuMTo1NTU1NSxzZXJ2ZXIsbm93YWl0IFwKPiA+ICAgICAgICAg
ICAgICAgICAgICAgLW0gMTAyNCAtYmlvcyB+L1Byb2plY3RzL3RwbS9mdy9hYXJjaDY0LWZ3LmJp
biAtZCB1bmltcAo+ID4KPiA+IFRoZW4gSSBzdGFydCBRRU1VIG1vbml0b3IgZnJvbSBhbm90aGVy
IHRlcm1pbmFsIHdpdGg6Cj4gPgo+ID4gc29jYXQgdGNwLWNvbm5lY3Q6MTI3LjAuMC4xOjU1NTU1
IGZpbGU6YHR0eWAscmF3LGVjaG89MAo+ID4KPiA+IFNvLi4uIHdoYXQgY291bGQgYmUgdGhlIGlz
c3VlIHdpdGggcGVybWlzc2lvbnM/Cj4gPgo+IAo+IEl0IG1vc3RseSBzb3VuZHMgbGlrZSBhbiBp
c3N1ZSB3aXRoIHlvdXIgYnVpbGRyb290IGZpbGVzeXN0ZW0uCj4gCj4gQ2FuIHlvdSB0cnkgd2l0
aCB0aGlzIFsxXSBpbml0IHJhbWRpc2sgaW5zdGVhZD8KPiAKPiAtaW5pdHJkIHJvb3Rmcy5jcGlv
Lmd6Cj4gCj4gWzFdIGh0dHBzOi8vcGVvcGxlLmxpbmFyby5vcmcvfnN1bWl0Lmdhcmcvcm9vdGZz
LmNwaW8uZ3oKPiAKPiAtU3VtaXQKClRoYXQgZG9lcyBub3QgaW5jbHVkZSBteSBMS00ncy4KCi9K
YXJra28KCl9fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fCmxp
bnV4LWFybS1rZXJuZWwgbWFpbGluZyBsaXN0CmxpbnV4LWFybS1rZXJuZWxAbGlzdHMuaW5mcmFk
ZWFkLm9yZwpodHRwOi8vbGlzdHMuaW5mcmFkZWFkLm9yZy9tYWlsbWFuL2xpc3RpbmZvL2xpbnV4
LWFybS1rZXJuZWwK