From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1754699Ab1G0Pnt (ORCPT ); Wed, 27 Jul 2011 11:43:49 -0400 Received: from rcsinet15.oracle.com ([148.87.113.117]:28684 "EHLO rcsinet15.oracle.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1754627Ab1G0Pnq (ORCPT ); Wed, 27 Jul 2011 11:43:46 -0400 Date: Wed, 27 Jul 2011 11:43:16 -0400 From: Konrad Rzeszutek Wilk To: Andrew Lutomirski Cc: x86@kernel.org, Linux Kernel Mailing List , jeremy@goop.org, keir.xen@gmail.com, xen-devel@lists.xensource.com, virtualization@lists.linux-foundation.org Subject: Re: [PATCH 0/5] Collected vdso/vsyscall fixes for 3.1 Message-ID: <20110727154316.GA16909@dumpdata.com> References: <20110727145745.GA11872@dumpdata.com> <20110727153015.GA16688@dumpdata.com> MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="Kj7319i9nmIyA2yE" Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.5.21 (2010-09-15) Content-Transfer-Encoding: 7bit X-Source-IP: rtcsinet21.oracle.com [66.248.204.29] X-CT-RefId: str=0001.0A090207.4E303225.008B,ss=1,re=-6.500,fgs=0 Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org --Kj7319i9nmIyA2yE Content-Type: text/plain; charset=iso-8859-1 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Wed, Jul 27, 2011 at 11:34:21AM -0400, Andrew Lutomirski wrote: > On Wed, Jul 27, 2011 at 11:30 AM, Konrad Rzeszutek Wilk > wrote: > >> > Anyhow, removed the benchmark code and ran it on 64-bit: > >> > > >> > sh-4.1# /test_vsyscall =A0test > >> > Testing gettimeofday... > >> > [ =A0109.552261] test_vsyscall[2462] trap invalid opcode ip:400c8d= sp:7fff84fab470 error:0 in test_vsyscall[400000+2000] > >> > Illegal instruction > >> > sh-4.1# /test_vsyscall =A0intcc > >> > About to execute int 0xcc from RIP =3D 400959 > >> > [ =A0114.137150] test_vsyscall[2463] illegal int 0xcc (exploit att= empt?) ip:400959 cs:e033 sp:7fff8b328310 ax:2c si:0 di:7fff8b3280f0 > >> > Caught SIGSEGV: Segmentation fault (Signal sent by the kernel [(ni= l)])RIP =3D 400959 > >> > > >> > [This is on git://git.kernel.org/pub/scm/linux/kernel/git/konrad/x= en.git #testing, which > >> > has todays linus/master and your patchset] > >> > > >> > >> I'll set up Xen. =A0Something's clearly still buggy. > > > > You sure? This is what I get when I boot baremetal: > > > > sh-4.1# > > sh-4.1# xen-detect > > Not running on Xen. > > sh-4.1# /test_vsyscall test > > Testing gettimeo[ =A0 84.442819] test_vsyscall[3175] trap invalid opc= ode ip:400c8d sp:7fffa8a72dc0 error:0fday... > > =A0in test_vsyscall[400000+2000] >=20 > $ test_vsyscall test > Testing gettimeofday... > vDSO offset =3D 0.000001s > vsyscall offset =3D 0.000001s >=20 > Testing time... > vDSO offset =3D 0 > vsyscall offset =3D 0 > Testing getcpu... > ok! cpu=3D6 node=3D0 >=20 > Can you send me your test_vsyscall binary so I can disassemble it? Here it is (also including source since I uncommented parts of it). One extra thing - I've been using AMD machines for this - I hadn't tried this on an Intel box. --Kj7319i9nmIyA2yE Content-Type: application/octet-stream Content-Disposition: attachment; filename=test_vsyscall Content-Transfer-Encoding: base64 f0VMRgIBAQMAAAAAAAAAAAIAPgABAAAAQAhAAAAAAABAAAAAAAAAAEhWAAAAAAAAAAAAAEAA OAAIAEAAJwAkAAYAAAAFAAAAQAAAAAAAAABAAEAAAAAAAEAAQAAAAAAAwAEAAAAAAADAAQAA AAAAAAgAAAAAAAAAAwAAAAQAAAAAAgAAAAAAAAACQAAAAAAAAAJAAAAAAAAcAAAAAAAAABwA AAAAAAAAAQAAAAAAAAABAAAABQAAAAAAAAAAAAAAAABAAAAAAAAAAEAAAAAAAAQaAAAAAAAA BBoAAAAAAAAAACAAAAAAAAEAAAAGAAAACBoAAAAAAAAIGmAAAAAAAAgaYAAAAAAAnAIAAAAA AADYAgAAAAAAAAAAIAAAAAAAAgAAAAYAAAAwGgAAAAAAADAaYAAAAAAAMBpgAAAAAADgAQAA AAAAAOABAAAAAAAACAAAAAAAAAAEAAAABAAAABwCAAAAAAAAHAJAAAAAAAAcAkAAAAAAAEQA AAAAAAAARAAAAAAAAAAEAAAAAAAAAFDldGQEAAAAgBcAAAAAAACAF0AAAAAAAIAXQAAAAAAA XAAAAAAAAABcAAAAAAAAAAQAAAAAAAAAUeV0ZAYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAvbGliNjQvbGQtbGludXgteDg2LTY0LnNvLjIA BAAAABAAAAABAAAAR05VAAAAAAACAAAABgAAABIAAAAEAAAAFAAAAAMAAABHTlUADz67NFpm koxe3kJBUAIHaWFw89wCAAAAEAAAAAEAAAAGAAAAAAAAACAAAAEQAAAAAAAAAHlJa7YAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAApwAAABIAAAAAAAAAAAAAAAAAAAAAAAAADAAAACAA AAAAAAAAAAAAAAAAAAAAAAAAGwAAACAAAAAAAAAAAAAAAAAAAAAAAAAAogAAABIAAAAAAAAA AAAAAAAAAAAAAAAAjQAAABIAAAAAAAAAAAAAAAAAAAAAAAAA5gAAABIAAAAAAAAAAAAAAAAA AAAAAAAA3gAAABIAAAAAAAAAAAAAAAAAAAAAAAAA1AAAABIAAAAAAAAAAAAAAAAAAAAAAAAA ugAAABIAAAAAAAAAAAAAAAAAAAAAAAAAkgAAABIAAAAAAAAAAAAAAAAAAAAAAAAAOgAAABIA AAAAAAAAAAAAAAAAAAAAAAAAywAAABIAAAAAAAAAAAAAAAAAAAAAAAAAQQAAABIAAAAAAAAA AAAAAAAAAAAAAAAArgAAABIAAAAAAAAAAAAAAAAAAAAAAAAAmwAAABIAAAAAAAAAAAAAAAAA AAAAAAAAVgAAABIAAAAwCEAAAAAAAAAAAAAAAAAAAGxpYnJ0LnNvLjEAX19nbW9uX3N0YXJ0 X18AX0p2X1JlZ2lzdGVyQ2xhc3NlcwBsaWJkbC5zby4yAGRsb3BlbgBkbHN5bQBsaWJzdGRj Kysuc28uNgBfX2d4eF9wZXJzb25hbGl0eV92MABsaWJtLnNvLjYAbGliZ2NjX3Muc28uMQBs aWJjLnNvLjYAZXhpdABwc2lnaW5mbwBwZXJyb3IAcHV0cwBwcmludGYAc2lnZW1wdHlzZXQA X19lcnJub19sb2NhdGlvbgBzdHJ0b3VsbABzaWdhY3Rpb24Ac3lzY2FsbABfX2xpYmNfc3Rh cnRfbWFpbgBDWFhBQklfMS4zAEdMSUJDXzIuMi41AEdMSUJDXzIuMTAAAAACAAAAAAACAAIA AgACAAIAAgADAAQAAgAEAAIAAgAFAAAAAAABAAEARwAAABAAAAAgAAAA069rBQAABQD4AAAA AAAAAAEAAQAvAAAAEAAAACAAAAB1GmkJAAAEAAMBAAAAAAAAAQACAIMAAAAQAAAAAAAAAJCR lgYAAAMADwEAABAAAAB1GmkJAAACAAMBAAAAAAAAEBxgAAAAAAAGAAAAAgAAAAAAAAAAAAAA MBxgAAAAAAAHAAAAAQAAAAAAAAAAAAAAOBxgAAAAAAAHAAAABAAAAAAAAAAAAAAAQBxgAAAA AAAHAAAABQAAAAAAAAAAAAAASBxgAAAAAAAHAAAABgAAAAAAAAAAAAAAUBxgAAAAAAAHAAAA BwAAAAAAAAAAAAAAWBxgAAAAAAAHAAAACAAAAAAAAAAAAAAAYBxgAAAAAAAHAAAACQAAAAAA AAAAAAAAaBxgAAAAAAAHAAAACgAAAAAAAAAAAAAAcBxgAAAAAAAHAAAACwAAAAAAAAAAAAAA eBxgAAAAAAAHAAAADAAAAAAAAAAAAAAAgBxgAAAAAAAHAAAADQAAAAAAAAAAAAAAiBxgAAAA AAAHAAAADgAAAAAAAAAAAAAAkBxgAAAAAAAHAAAADwAAAAAAAAAAAAAAmBxgAAAAAAAHAAAA EAAAAAAAAAAAAAAASIPsCOgrAQAA6LoBAADohQsAAEiDxAjD/zXKFCAA/yXMFCAADx9AAP8l yhQgAGgAAAAA6eD/////JcIUIABoAQAAAOnQ/////yW6FCAAaAIAAADpwP////8lshQgAGgD AAAA6bD/////JaoUIABoBAAAAOmg/////yWiFCAAaAUAAADpkP////8lmhQgAGgGAAAA6YD/ ////JZIUIABoBwAAAOlw/////yWKFCAAaAgAAADpYP////8lghQgAGgJAAAA6VD/////JXoU IABoCgAAAOlA/////yVyFCAAaAsAAADpMP////8lahQgAGgMAAAA6SD/////JWIUIABoDQAA AOkQ////Me1JidFeSIniSIPk8FBUScfAMBJAAEjHwUASQABIx8ewEEAA6Cf////0kJBIg+wI SIsFmRMgAEiFwHQC/9BIg8QIw5CQkJCQkJCQkJCQkJBVSInlU0iD7AiAPQgUIAAAdUu7IBpg AEiLBQIUIABIgesYGmAASMH7A0iD6wFIOdhzJGYPH0QAAEiDwAFIiQXdEyAA/xTFGBpgAEiL Bc8TIABIOdhy4sYFuxMgAAFIg8QIW8nDZmZmLg8fhAAAAAAASIM9IBEgAABVSInldBK4AAAA AEiFwHQIvygaYADJ/+DJw5CQkJCQkJCQkJCQkJCQMcDDZmZmZi4PH4QAAAAAAEiD7AiF/3Ug vlkJQAC/YBVAADHA6Af+///NzDHASIPECMNmDx9EAAC/KBNAAOj+/f//uAEAAABIg8QIww8f QABTSIn3SInTvjUTQADoP/7//0iLs6gAAAC/RBNAADHA6Lz9//+/AQAAAOjS/f//ZpBBVb9P E0AAQVRVU7v/////SIHsmAAAAOik/f//SI1UJHBIjXQkIDHAv2AAAADovv3//0iJxUiLBcwS IABIhcB0DkiNdCRgSI18JBD/0InDSI10JFBIiedIx8AAAGD//9CF7UmJxA+FvQEAAIXbD4Rd AQAASIM9jRIgAAB0Cr+iE0AA6Dn9//9FheR1GItEJHA7RCRQD4R2AgAAv7ATQADoHP3//7/i E0AARTHt6A/9//9IjXQkSDHAv8kAAABIx0QkSP////9Ix0QkQP////9Ix0QkOP/////oE/3/ /0mJxEiLBSkSIABIhcB0CkiNfCRA/9BJicVIjXwkOEjHwAAEYP//0E2F5EiJxQ+IcAIAAEiL XCRITDnjD4RCAQAASInaTInmv5AVQAAxwOiA/P//vyEUQADohvz//zHSSI20JIQAAABIjbwk jAAAAP8VxhEgAInDMdJIjbQkgAAAAEiNvCSIAAAASMfAAAhg///QhduJxQ+FlwAAAIXtdXOF 25B1Oou0JIwAAACLlCSIAAAAOdYPhagAAACLhCSEAAAAi5QkgAAAADnQD4SyAQAAica/MBZA ADHA6PT7//9IgcSYAAAAMcBbXUFcQV3DDx9AAItEJHA7RCRgD4TiAAAAv3gTQADo2Pv//+ma /v//Dx8ASGPzv0wUQAAxwOix+///SIHEmAAAADHAW11BXEFdw5BIY/O/MxRAADHA6JH7///p Vf///w8fQAC/ZxNAAOiO+///6W3+//9mDx+EAAAAAAC/CBZAADHA6GT7//9IgcSYAAAAMcBb XUFcQV3DDx9AAEiDPagQIAAAdCZNhe0PiD0BAABIi1QkQEk51Q+ETwEAAEyJ7r+4FUAAMcDo IPv//0iF7Q+IJwEAAEiLVCQ4SDnVD4TpAAAASInuv+AVQAAxwOj6+v//6XX+//8PH0QAAItE JHQ7RCRkD4UQ////SItEJBBIK0QkIL+LE0AAxOHzKshIi0QkGCtEJCjF+yrAuAEAAADF+1kF zAoAAMXzWMDoq/r//+l9/f//Zg8fRAAAi0QkdDtEJFQPhXz9//9IiwQkSCtEJCC/xxNAAMTh 8yrISItEJAgrRCQoxfsqwLgBAAAAxftZBX0KAADF81jA6Fz6///pS/3//w8fgAAAAACJwr9p FEAAMcDoQvr//0iBxJgAAAAxwFtdQVxBXcNmkEiLXCRI6ZT9//9mDx9EAABIie6/CBRAADHA SCne6A76///pif3//2YPH4QAAAAAAEiLVCRA6cf+//9mDx9EAABIi1QkOOnd/v//Zg8fRAAA TInuv/MTQAAxwEwp5ujO+f//6an+//9mDx+EAAAAAABTSIPsEIX/D4WzAAAAMcBIieK5EAAA AL4BAAAAv5oAAABIx0QkCAAAAADHBCQAAAAAx0QkBAAAAADHRCQI//8PAMZEJAwV6LX5//+F wInDdB/32+jI+f//v48UQACJGOgc+v//uAEAAABIg8QQW8OQZozLD7fzMcC/WBZAAInywfoD 6Dn5//+4qA5AAGbHBaUOIAAEAIkFmw4gAI0FZwAAAEg9qA5AAHQvv5oUQADoHfn//7gBAAAA 669mDx9EAAC/gBRAAOgG+f//uAEAAABIg8QQW8MPHwC4rQ5AAGaJHVAOIACJBUYOIACNBR0A AABIPa0OQAB1sbnQHGAAuNYcYABIieZn/yjNzC7/KUiJ9L+2FEAA6Lb4//8xwOlI////ZmZm ZmZmLg8fhAAAAAAASIlcJNBIiWwk2EiJ80yJZCTgTIlsJOhMiXQk8EyJfCT4SIPsSIP/BXQ2 v3gWQADobPj//7gBAAAASItcJBhIi2wkIEyLZCQoTItsJDBMi3QkOEyLfCRASIPESMMPH0AA SI1sJAhIizsx0kiJ7uiu+P//SYnESItEJAiAOAB1OUiLewgx0kiJ7uiT+P//SYnFSItEJAiA OAB1HkiLexAx0kiJ7uh4+P//SYnGSItEJAiAOAB0Gw8fAL/iFEAA6N73//+4AQAAAOlt//// Dx9AAEiLexgx0kiJ7uhC+P//SYnHSItEJAiAOAB1zUiLeyAx0kiJ7ugn+P//SInCSItEJAiA OAB1skyJ6EyJ90yJ/kH/1L/OFEAASInGMcDob/f//zHA6RH///8PH4QAAAAAAFO+BQAAAL/q FEAA6ND3//9IhcBIicN0UL4XFUAASInH6Nv3//9IhcBIiQWJDCAAdFe+JBVAAEiJ3+jC9/// SIXASIkFeAwgAHROvikVQABIid/oqff//0iFwEiJBWcMIAB0FVvDDx8AW7/6FEAA6f32//8P H0QAAFu/ABdAAOnt9v//Dx9EAAC/qBZAAOje9v//650PH0AAv9gWQADozvb//+umZmZmLg8f hAAAAAAAQVQxwLkTAAAAVUiJ9VOJ+0iB7KAAAABIiefzSKtIjXwkCEjHBCSACUAAx4QkiAAA AAQAAADoJvf//zHSSInmvwsAAADot/b//4XAD4WfAAAA6Pr+//+D+wEPjvEAAABIi1UIvzoV QAC5BQAAAEiJ1vOmD4SoAAAAuQYAAABIida/PxVAAPOmQA+Xxg+SwTHAQDjOdEq/LxNAALkG AAAASInW86YPhJYAAAC/hxRAALkIAAAASInW86YPhKkAAAC/RRVAALkFAAAASInW86Z0ML9K FUAA6Ob1//+4AQAAAEiBxKAAAABbXUFcww8fRAAAvzAVQADodvb//+lS////kEiNdRCNe/7o FP3//0iBxKAAAABbXUFcww8fhAAAAAAASI11EI17/ujU9///SIHEoAAAAFtdQVzDDx+EAAAA AABIjXUQjXv+6ET3///rkWaQvygXQADoZvX//7gBAAAA6Xv///8PH0AASI11EI17/uh8+/// 6Wb///+QkJCQkJCQ88NmZmZmZi4PH4QAAAAAAEiJbCTYTIlkJOBIjS2zByAATI0lrAcgAEyJ bCToTIl0JPBMiXwk+EiJXCTQSIPsOEwp5UGJ/UmJ9kjB/QNJidfos/T//0iF7XQcMdsPH0AA TIn6TIn2RInvQf8U3EiDwwFIOety6kiLXCQISItsJBBMi2QkGEyLbCQgTIt0JChMi3wkMEiD xDjDkJCQkJCQkFVIieVTSIPsCEiLBSgHIABIg/j/dBm7CBpgAA8fRAAASIPrCP/QSIsDSIP4 /3XxSIPECFvJw5CQSIPsCOh/9f//SIPECMMAAAEAAgAAAAAAAAAAAAAAAABVc2FnZTogaW50 Y2MAQ2F1Z2h0IFNJR1NFR1YAUklQID0gJWx4CgBUZXN0aW5nIGdldHRpbWVvZmRheS4uLgAg IHN5c2NhbGwgZmFpbGVkACAgdkRTTyB0eiBtaXNtYXRjaAAgIHZEU08gb2Zmc2V0ID0gJS42 ZnMKACAgdkRTTyBmYWlsZWQAICB2c3lzY2FsbCB0eiBtaXNtYXRjaAAgIHZzeXNjYWxsIG9m ZnNldCA9ICUuNmZzCgAKVGVzdGluZyB0aW1lLi4uACAgdkRTTyBvZmZzZXQgPSAlbGQKACAg dnN5c2NhbGwgb2Zmc2V0ID0gJWxkCgBUZXN0aW5nIGdldGNwdS4uLgAgIHZEU08gZmFpbGVk IChyZXQ6JWxkKQoAICB2c3lzY2FsbCBmYWlsZWQgKHJldDolbGQpCgAgIG9rISAgY3B1PSV1 IG5vZGU9JXUKAFVzYWdlOiBpbnRjYzMyAG1vZGlmeV9sZHQAU29tZXRoaW5nJ3MgbWFwcGVk IHRvbyBoaWdoAEhvbHkgY293ISAgV2Ugc3Vydml2ZWQhAFJldHVybiB2YWx1ZSA9ICVsZAoA QmFkIGFyZwBsaW51eC12ZHNvLnNvLjEAV2FybmluZzogZmFpbGVkIHRvIGZpbmQgdkRTTwBn ZXR0aW1lb2ZkYXkAdGltZQBnZXRjcHUAc2lnYWN0aW9uAHRlc3QAYmVuY2gAY2FsbABVbmtu b3duIGNvbW1hbmQAAAAAAAAAQWJvdXQgdG8gZXhlY3V0ZSBpbnQgMHhjYyBmcm9tIFJJUCA9 ICVsWAoAAAAAAAAAICBzeXNjYWxsIGZhaWxlZCAocmV0OiVsZCBvdXRwdXQ6JWxkKQoAACAg dkRTTyBmYWlsZWQgKHJldDolbGQgb3V0cHV0OiVsZCkKAAAAAAAgIHZzeXNjYWxsIGZhaWxl ZCAocmV0OiVsZCBvdXRwdXQ6JWxkKQoAICBjcHUgbWlzbWF0Y2ggKHZkc286JXUgdnN5c2Nh bGw6JXUpIQoAACAgbm9kZSBtaXNtYXRjaCAodmRzbzoldSB2c3lzY2FsbDoldSkhCgBJbml0 aWFsIENTID0gMHglMDRYIChlbnRyeSAlZCkKAFVzYWdlOiBjYWxsIDxhZGRyPiA8cmF4PiA8 YXJnMT4gPGFyZzI+IDxhcmczPgAAAFdhcm5pbmc6IGZhaWxlZCB0byBmaW5kIGdldHRpbWVv ZmRheSBpbiB2RFNPAAAAAFdhcm5pbmc6IGZhaWxlZCB0byBmaW5kIHRpbWUgaW4gdkRTTwAA AABXYXJuaW5nOiBmYWlsZWQgdG8gZmluZCBnZXRjcHUgaW4gdkRTTwAAVXNhZ2U6IHRlc3Rf dnN5c2NhbGwgPGNvbW1hbmQ+IC4uLgpjb21tYW5kIDo9IHsgdGVzdCwgYmVuY2gsIGludGNj LCBjYWxsIH0AAAAAAACN7bWg98awPgEbAztcAAAACgAAALDx//+AAAAAwPH//5gAAAAA8v// uAAAADDy///QAAAAIPb//0gBAABQ9///eAEAAID4//+gAQAAMPn//9ABAACw+v//QAIAAMD6 //9YAgAAAAAAABwAAAAAAAAAAXpQUgABeBAGAzAIQAAbDAcIkAEAAAAAFAAAACQAAAAo8f// AwAAAAAAAAAAAAAAHAAAADwAAAAg8f//PAAAAABEDhBdCg4IRwtTDggAAAAUAAAAXAAAAEDx //8uAAAAAEEOEEaDAgB0AAAAdAAAAFjx///nAwAAAEIOEEcOGEEOIEEOKEWDBYYEjAONAkcO wAEDrAEKDihDDiBBDhhCDhBCDghFC3YKDihDDiBBDhhCDhBCDghCCwJDCg4oQw4gQQ4YQg4Q Qg4IRQsDFQEKDihDDiBBDhhCDhBCDghDCwAsAAAA7AAAAND0//8hAQAAAEEOEEQOIEiDAgJg Cg4QQQ4IQgsCYwoOEEEOCEQLAAAkAAAAHAEAAND1//8oAQAAAE2GBoMHWA5QRY8CjgONBIwF cQoOCEULLAAAAEQBAADY9v//pAAAAABBDhBKgwICWQoOCEQLQQoOCE8LQQoOCE8LAAAAAAAA VAAAAHQBAABY9///eQEAAABCDhBIDhhDhgOMAkEOIEKDBEcOwAECzwoOIEEOGEEOEEIOCEYL YwoOIEEOGEEOEEIOCEkLUwoOIEEOGEEOEEIOCEkLAAAAABQAAAAAAAAAAXpSAAF4EAEbDAcI kAEAABQAAAAcAAAAaPj//wIAAAAAAAAAAAAAACQAAAA0AAAAYPj//4kAAAAAUYwFhgZfDkBG gwePAo4DjQQCUg4IAAAAAAAAAAAAAP//////////AAAAAAAAAAD//////////wAAAAAAAAAA AAAAAAAAAAABAAAAAAAAAAEAAAAAAAAAAQAAAAAAAAAvAAAAAAAAAAEAAAAAAAAARwAAAAAA AAABAAAAAAAAAGsAAAAAAAAAAQAAAAAAAAB1AAAAAAAAAAEAAAAAAAAAgwAAAAAAAAAMAAAA AAAAADgHQAAAAAAADQAAAAAAAAAIE0AAAAAAAPX+/28AAAAAYAJAAAAAAAAFAAAAAAAAACAE QAAAAAAABgAAAAAAAACIAkAAAAAAAAoAAAAAAAAAGgEAAAAAAAALAAAAAAAAABgAAAAAAAAA FQAAAAAAAAAAAAAAAAAAAAMAAAAAAAAAGBxgAAAAAAACAAAAAAAAAFABAAAAAAAAFAAAAAAA AAAHAAAAAAAAABcAAAAAAAAA6AVAAAAAAAAHAAAAAAAAANAFQAAAAAAACAAAAAAAAAAYAAAA AAAAAAkAAAAAAAAAGAAAAAAAAAD+//9vAAAAAGAFQAAAAAAA////bwAAAAADAAAAAAAAAPD/ /28AAAAAOgVAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAADAaYAAAAAAAAAAAAAAAAAAAAAAAAAAAAGYHQAAAAAAAdgdAAAAAAACGB0AA AAAAAJYHQAAAAAAApgdAAAAAAAC2B0AAAAAAAMYHQAAAAAAA1gdAAAAAAADmB0AAAAAAAPYH QAAAAAAABghAAAAAAAAWCEAAAAAAACYIQAAAAAAANghAAAAAAAAAAAAAR0NDOiAoR05VKSA0 LjQuMyAyMDEwMDQyMiAoUmVkIEhhdCA0LjQuMy0xOCkAR0NDOiAoR05VKSA0LjQuNCAyMDEw MDUwMyAoUmVkIEhhdCA0LjQuNC0yKQAsAAAAAgAAAAAACAAAAAAAMAlAAAAAAAD5CAAAAAAA AAAAAAAAAAAAAAAAAAAAAACDAAAAAgAAAAAA4REAAJULAABiZW5jaAC/CwAAaW50Y2MAiwwA AHRlc3QAkg4AAGludGNjMzIA8w8AAGNhbGwAthAAAGluaXRfdmRzbwDuEAAAbWFpbgB2EQAA dmRzb19ndG9kAKARAAB2ZHNvX3RpbWUAyhEAAHZkc29fZ2V0Y3B1AAAAAADdEQAAAwAAAAAA CAELAwAABGYAAAB+AAAAMAlAAAAAAAApEkAAAAAAAAAAAAACJAAAAALTOAAAAAMIB60FAAAD AQgjAgAAAwIHvQcAAAMEB7IFAAADAQYlAgAAAwIF2AYAAAJ0AgAAAyhGAAAABAQFaW50AAJQ BAAAAypNAAAAAwgFYAQAAAKUAwAAAy04AAAAAmcHAAADh00AAAACxwUAAAONfwAAAAJlBgAA A45/AAAAAoIFAAADj20AAAAFCAcCJAUAAAORfwAAAAIRBgAAA5V/AAAAAv8EAAADl38AAAAG CAcI6QAAAAMBBiwCAAAI0gEAANgEDwGMAgAACUcGAAAEEAFtAAAAAAnPAgAABBUB4wAAAAgJ fAcAAAQWAeMAAAAQCbIDAAAEFwHjAAAAGAm9AAAABBgB4wAAACAJ4QcAAAQZAeMAAAAoCYEE AAAEGgHjAAAAMAmnBAAABBsB4wAAADgJogYAAAQcAeMAAADAAAn1AAAABB4B4wAAAMgACSIG AAAEHwHjAAAA0AAJsAAAAAQgAeMAAADYAAlAAwAABCIBxAIAAOAACRUBAAAEJAHKAgAA6AAJ nAcAAAQmAW0AAADwAAmqAwAABCoBbQAAAPQACf8DAAAELAGcAAAA+AAJKAEAAAQwAUYAAACA AQnqBgAABDEBVAAAAIIBCTsGAAAEMgHQAgAAgwEJ2QAAAAQ2AeACAACIAQkDBAAABD8BpwAA AJABCdAEAAAESAHhAAAAmAEJ1wQAAARJAeEAAACgAQneBAAABEoB4QAAAKgBCeUEAAAESwHh AAAAsAEJ7AQAAARMAS0AAAC4AQkuBQAABE4BbQAAAMABCc8DAAAEUAHmAgAAxAEACmkCAAAE tAuHAQAAGAS6xAIAAAxfBgAABLvEAgAAAAzzBAAABLzKAgAACAz4AgAABMBtAAAAEAAHCJMC AAAHCPAAAAAN6QAAAOACAAAOvQAAAAAABwiMAgAADekAAAD2AgAADr0AAAATAAITBgAABUzL AAAAC4kCAAAQBkwmAwAADAwIAAAGTcsAAAAADG0DAAAGTtYAAAAIAA+ABx4BCAAAPwMAAAwp BwAABx8/AwAAAAANOAAAAE8DAAAOvQAAAA8AC5ECAAAICDp0AwAADB4EAAAIO20AAAAADKsH AAAIPG0AAAAEAAcITwMAAAMIBVsEAAADCAeoBQAADUYAAACYAwAADr0AAAACAAJ2AgAACTJG AAAAAlIEAAAJNE0AAAAQ2AUAAAgKItEDAAARjwYAAAojbQAAABF1AwAACiThAAAAAALvBwAA CiWuAwAACxoGAACACjRlBQAAEnAKOzQFAAATCApAEQQAAAykBwAACkGyAAAAAAy2BwAACkKR AAAABAATEApHPgQAAAzvBQAACkhtAAAAAAxvBgAACkltAAAABAzVBQAACkrRAwAACAATEApP awQAAAykBwAAClCyAAAAAAy2BwAAClGRAAAABAzVBQAAClLRAwAACAATIApXsAQAAAykBwAA CliyAAAAAAy2BwAAClmRAAAABAwxAgAAClptAAAACAwpCAAAClvAAAAAEAy4AgAAClzAAAAA GAATCAphxQQAAAw8BwAACmLhAAAAAAATEApn5gQAAAztAAAACmh/AAAAAAxwBQAACmltAAAA CAARHAcAAAo8ZQUAABGKBQAACkPwAwAAEVoCAAAKSxEEAAAUX3J0AApTPgQAABENBQAACl1r BAAAEfUDAAAKY7AEAAARegYAAApqxQQAAAAM2wEAAAo1bQAAAAAM7wIAAAo2bQAAAAQM5QAA AAo4bQAAAAgMvAQAAApr6AMAABAADW0AAAB1BQAADr0AAAAbAAIZAgAACmzcAwAAAg0HAAAL VIsFAAAHCJEFAAAVnAUAABZtAAAAAAtyBwAAmAwa+gUAABIIDB7HBQAAEU8CAAAMIIAFAAAR bwcAAAwiFQYAAAAMLQQAAAwkqAUAAAAMRwIAAAwsJgMAAAgMRQYAAAwvbQAAAIgBDBwBAAAM MhwGAACQAQAVDwYAABZtAAAAFg8GAAAW4QAAAAAHCHUFAAAHCPoFAAAXBwgbBgAADUYAAAAy BgAADr0AAAADAA10AAAAQgYAAA69AAAAAwANdAAAAFIGAAAOvQAAABcADTgAAABiBgAADr0A AAAHAAs9AQAAGA0zkwYAAAxdAQAADTThAAAAAAz4BwAADTVtAAAACAzGBgAADTYtAAAAEAAC tAQAAA03YgYAAAIBBgAADiF/AAAAAjMAAAAOJ7QGAAANngYAAMQGAAAOvQAAABYAGAQOK1cH AAAZFgUAAAAZHQUAAAEZ6QEAAAIZ8QEAAAMZ+QEAAAQZAQIAAAUZCQIAAAYZEQIAAAcZIQcA AAgZXQMAAAkZrgYAAAoZtgYAAAsZLwcAAAwZTgYAAA0Z4gYAAA4ZZQMAAA8ZUgAAABAZmgIA ABEZ9gUAABIZvwUAABMZogIAABQZNAMAABUZYQIAABYAC8wAAAAQDl+IBwAADHYFAAAOYCIG AAAADAgGAAAOYUYAAAAIDIkHAAAOYogDAAAKAAsAAAAAEA5moQcAAAyQBQAADmcyBgAAAAAa wQIAAAACDms1CAAAG2N3ZAAObWIAAAAAG3N3ZAAObmIAAAACG2Z0dwAOb2IAAAAEG2ZvcAAO cGIAAAAGG3JpcAAOcYYAAAAIG3JkcAAOcoYAAAAQDN8AAAAOc3QAAAAYDAMBAAAOdHQAAAAc G19zdAAOdTUIAAAgDDcHAAAOdkUIAACgAQyJBwAADndCBgAAoAMADVcHAABFCAAADr0AAAAH AA2IBwAAVQgAAA69AAAADwAC5AIAAA57YAgAAAcIoQcAABwAAQ5/5QMAAJoIAAAMHQgAAA6A qQYAAAAMBgcAAA6CVQgAALgBDJIBAAAOg1IGAADAAQAaVgYAAKgDDojyCAAADEkBAAAOiTgA AAAADHIEAAAOivIIAAAIDD0AAAAOi5MGAAAQDIMGAAAOjGYIAAAoDGUFAAAOjSYDAACoAgwX AAAADo6hBwAAqAMABwiaCAAAApEHAAAOj5oIAAALxgQAABAPFJwJAAAM+QYAAA8VTQAAAAAM 1wcAAA8WTQAAAAQMVwMAAA8XTQAAAAgdzgYAAA8YTQAAAAQBHwwdcAEAAA8ZTQAAAAQCHQwd oQAAAA8aTQAAAAQBHAwdQQQAAA8bTQAAAAQBGwwd3wUAAA8cTQAAAAQBGgwdKwAAAA8dTQAA AAQBGQwebG0ADx9NAAAABAEYDAACYAcAAAEapwkAAAcIrQkAAB9/AAAAwQkAABbBCQAAFnQD AAAABwgBAwAAAloAAAABHtIJAAAHCNgJAAAffwAAAOcJAAAW5wkAAAAHCPYCAAACNAEAAAEi +AkAAAcI/gkAAB9/AAAAFwoAABYXCgAAFhcKAAAWHQoAAAAHCE0AAAAHCCMKAAAgYwEAAAEI FggAAAYBHAFRCgAACQQEAAABHQGjAwAAACFzZWwAAR4BmAMAAAQAImkEAAABPH8AAAADdgoA ACN0dgABPMEJAAAjdHoAATx0AwAAACK+BgAAAXqZCgAAAZkKAAAjYQABeqAKAAAjYgABerAK AAAAAwgEegQAACSlCgAAJQirCgAAJAEDAAAkpQoAACKZBgAAAUF/AAAAA88KAAAjdAABQecJ AAAAIlIBAAABEW0AAAADDgsAACYvBQAAARFtAAAAI3B0cgABEeEAAAAmyQYAAAEROAAAACco cmV0AAETbQAAAAAAKRMIAAABIQFECwAAAUQLAAAqb3V0AAEhAUsLAAAqc2VsAAEhAZgDAAAr BAQAAAEhAeEAAAAAAwECNAUAAAcIKQoAACwBWgcAAAHJbQAAAAGPCwAAJvADAAAByW0AAAAm CwQAAAHJjwsAACcodHYAAcsBAwAAKHR6AAHMTwMAAAAABwjjAAAALVELAAAwCUAAAAAAADMJ QAAAAAAAAZy/CwAALmILAAABVS5tCwAAAVQALwGhBAAAAQ0B2AMAAG0AAABACUAAAAAAAHwJ QAAAAAAAAZwbDAAAMPADAAABDQFtAAAAAAAAADALBAAAAQ0BjwsAADYAAAAxAAAAADKfAwAA ARQB6QAAAAEBAAAzowUAAAFIgAlAAAAAAACuCUAAAAAAAAGchQwAADRzaWcAAUhtAAAAbAAA ADUdBgAAAUgPBgAAjwAAADXJAQAAAUjhAAAAxQAAADaHCUAAAAAAAK4JQAAAAAAAN2N0eAAB TIUMAAABUwAABwj4CAAAOAF5AQAAAYBGAAAAbQAAALAJQAAAAAAAlw1AAAAAAAABnJIOAAA1 8AMAAAGAbQAAAPsAAAA1CwQAAAGAjwsAAB4BAAAxMAAAADleBQAAAYMBAwAAA5HgfjncAgAA AYMBAwAAA5HQfjmZBAAAAYMBAwAAA5HAfjl3AAAAAYRPAwAAA5GwfzkNAQAAAYRPAwAAA5Gg fzkDAwAAAYRPAwAAA5GQfzoQBAAAAYVtAAAAQQEAADpNBQAAAYZtAAAAsAEAADpEBwAAAYlt AAAAWgIAADoSBAAAAZ9/AAAAdAMAADpPBQAAAZ9/AAAAHAQAADpGBwAAAZ9/AAAAxQQAADrC AQAAAaB/AAAARwUAADpWBQAAAaB/AAAAqwUAADpNBwAAAaB/AAAADwYAADoyBgAAAbZNAAAA cwYAADp+AQAAAbZNAAAAvwYAADqeAQAAAbZNAAAACwcAADp/AwAAAbZNAAAAQwcAADt2CgAA zgxAAAAAAACwAAAAAZobDgAAPI8KAAB7BwAAPIYKAACgBwAAADt2CgAAfgxAAAAAAADwAAAA AZJFDgAAPI8KAADDBwAAPIYKAADoBwAAAD1RCgAAzAlAAAAAAADlCUAAAAAAAAGFcw4AADxr CgAADQgAADxhCgAAhwkAAAA+tQoAAGEKQAAAAAAAMAEAAAGhPMUKAAAICwAAAAAALwGYBQAA ASgBswEAAG0AAACgDUAAAAAAAMEOQAAAAAAAAZzzDwAAMPADAAABKAFtAAAAKwsAADALBAAA ASgBjwsAAGELAAAxYAEAAD/LBAAAATABAwkAAAKRYECoAQAAAT8BmAMAAJcLAAAyrQIAAAFE AekAAAABATKJAwAAAUQB6QAAAAEBPxgEAAABRwEpCgAACQPWHGAAAAAAAD/5BAAAAUcBKQoA AAkD0BxgAAAAAABBDgsAACcOQAAAAAAAQQ5AAAAAAAABSAF5DwAAQjcLAAA8KwsAAM0LAAA8 HwsAAAUMAAAAQ88KAACtDUAAAAAAAKABAAABOQG8DwAAPPUKAABNDAAAPOoKAACFDAAAPN8K AAD4DAAAMfABAABEAQsAADANAAAAAEUOCwAAeA5AAAAAAACQDkAAAAAAAAFIAUI3CwAALisL AAABUy4fCwAACgPQHGAAAAAAAJ8AAAA4AeQBAAAB5DkFAABtAAAA0A5AAAAAAAD4D0AAAAAA AAGcthAAADXwAwAAAeRtAAAAfA0AADULBAAAAeSPCwAAsg0AAEZiYWQAAQgBiA9AAAAAAAAx QAIAADqlAwAAAes4AAAA+w0AAEdyYXgAAes4AAAAMQ4AADrAAwAAAes4AAAAeg4AADrFAwAA Aes4AAAAww4AADrKAwAAAes4AAAA+Q4AAEdlbmQAAezjAAAALw8AAEhyZXQAAQEBOAAAAAFR AABJAY8EAAABJkkDAAAAEEAAAAAAAKQQQAAAAAAAAZzuEAAAMXACAAA6WQUAAAEo4QAAAGkP AAAAAEoBVQcAAAFmAW0AAACwEEAAAAAAACkSQAAAAAAAAZxIEQAAMPADAAABZgFtAAAA2A8A ADALBAAAAWYBjwsAAEcQAAAxsAIAAD+gBQAAAWgBnAUAAAORwH4AAEv9AgAAEKXKAgAAAQFL 0AcAABCmygIAAAEBTM8FAAABG3ERAACAgIB7JJwJAABNDQAAAAEcnAkAAAEJA7gcYAAAAAAA TCMIAAABH5sRAACAiIB7JMcJAABNfwIAAAEgxwkAAAEJA8AcYAAAAAAATEUFAAABI8URAACA kIB7JO0JAABNOwIAAAEk7QkAAAEJA8gcYAAAAAAAAAERASUOEwsDDhsOEQESARAGAAACFgAD DjoLOwtJEwAAAyQACws+CwMOAAAEJAALCz4LAwgAAAUkAAsLPgsAAAYPAAsLAAAHDwALC0kT AAAIEwEDDgsLOgs7BQETAAAJDQADDjoLOwVJEzgNAAAKFgADDjoLOwsAAAsTAQMOCws6CzsL ARMAAAwNAAMOOgs7C0kTOA0AAA0BAUkTARMAAA4hAEkTLwsAAA8TAQsLOgs7CwMOARMAABAX AQMOCws6CzsLARMAABENAAMOOgs7C0kTAAASFwELCzoLOwsBEwAAExMBCws6CzsLARMAABQN AAMIOgs7C0kTAAAVFQEBEwAAFgUASRMAABcVAAAAGAQBCws6CzsLARMAABkoAAMOHA0AABoT AQMOCwU6CzsLARMAABsNAAMIOgs7C0kTOA0AABwTAQsFOgs7CwMOARMAAB0NAAMOOgs7C0kT CwsNCwwLOA0AAB4NAAMIOgs7C0kTCwsNCwwLOA0AAB8VAUkTARMAACATAAMOPAwAACENAAMI Ogs7BUkTOA0AACIuAQMOOgs7C0kTIAsBEwAAIwUAAwg6CzsLSRMAACQmAEkTAAAlEAALC0kT AAAmBQADDjoLOwtJEwAAJwsBAAAoNAADCDoLOwtJEwAAKS4BAw46CzsFSRMgCwETAAAqBQAD CDoLOwVJEwAAKwUAAw46CzsFSRMAACwuAT8MAw46CzsLSRMgCwETAAAtLgExExEBEgFACgET AAAuBQAxEwIKAAAvLgE/DAMOOgs7BYdADkkTEQESAUAKARMAADAFAAMOOgs7BUkTAgYAADEL AVUGAAAyNAADDjoLOwVJEz8MPAwAADMuAQMOOgs7CxEBEgFACgETAAA0BQADCDoLOwtJEwIG AAA1BQADDjoLOwtJEwIGAAA2CwERARIBAAA3NAADCDoLOwtJEwIKAAA4LgE/DAMOOgs7C4dA DkkTEQESAUAKARMAADk0AAMOOgs7C0kTAgoAADo0AAMOOgs7C0kTAgYAADsdATETUgFVBlgL WQsBEwAAPAUAMRMCBgAAPR0BMRMRARIBWAtZCwETAAA+HQExE1IBVQZYC1kLAAA/NAADDjoL OwVJEwIKAABANAADDjoLOwVJEwIGAABBHQExExEBEgFYC1kFARMAAEIFADETAABDHQExE1IB VQZYC1kFARMAAEQ0ADETAgYAAEUdATETEQESAVgLWQUAAEYKAAMIOgs7BREBAABHNAADCDoL OwtJEwIGAABINAADCDoLOwVJEwIKAABJLgE/DAMOOgs7C4dADhEBEgFACgETAABKLgE/DAMO Ogs7BUkTEQESAUAKARMAAEs0AAMOOgs7C0kTPww8DAAATDQAAw46CzsLSRMcDQAATTQAAw46 CzsLSRM/DAIKAAAA2wIAAAIARwEAAAEB+w4NAAEBAQEAAAABAAABL3Vzci9saWIvZ2NjL3g4 Nl82NC1yZWRoYXQtbGludXgvNC40LjQvaW5jbHVkZQAvdXNyL2luY2x1ZGUvYml0cwAvdXNy L2luY2x1ZGUAL3Vzci9pbmNsdWRlL3N5cwAvdXNyL2luY2x1ZGUvYXNtAAB0ZXN0X3ZzeXNj YWxsLmNjAAAAAHN0ZGRlZi5oAAEAAHR5cGVzLmgAAgAAbGliaW8uaAADAAB0aW1lLmgAAwAA dGltZS5oAAIAAHNpZ3NldC5oAAIAAHRpbWUuaAAEAABzdGRpbnQuaAADAABzaWdpbmZvLmgA AgAAc2lnbmFsLmgAAwAAc2lnYWN0aW9uLmgAAgAAc2lnc3RhY2suaAACAAB1Y29udGV4dC5o AAQAAGxkdC5oAAUAAHN0ZGlvLmgAAwAAAAAJAjAJQAAAAAAAA8kBAQMYAQMs8ktRCBRMA3as AwrkA69+kCBnoQgwAzK6L1dQA3pYdQO8f1gDyQAIgrvXCBQsPmmHn6BZ16RcOAOlf1gD3QC6 A6N/CJ4D3wCCu5/XOz0IPQMPCCCgCJEIny0vaExZCFoIWdwDSAg8150DLYIDC+QDcwgSA1II dAMzCHTCA2EIPJ8IZ+kIZ+MDYJ7ZAkIX2QMpAkIB2gNeCCADDfIDdwjk+O8D/QAI5FkD6X2C A54CLgPifTwDngLkkXWDhQPcfVhZLS8vA6UCdAPbfVgDpQIuAyqeA1x0PgNiCDxXkWcDI2aD 5QNhggM55ANAkFd1ZwMjZgMXggh2vAOCfwg8AiUTWQMk5ANiAicBCEuhCBOhCBMDE8jlA2+Q CBOhCBOjuwgUA6F+yCHlOz0zyTt1Mck7dTHJO3UwA3FmAw/kHwN45PYDswIIdDBy2GlWg61Z CGlZlgiECLwITAhMCBXmA2oIEgMS8r4DdAg8Awy6A3gIPAN38uUDCpAIAAEBX2xpYmNfeG1t cmVnAHZkc29fZ3RvZABfX2ZwcmVnc19tZW0Ac2l6ZV90AHVzZWFibGUAZ3JlZ3NldF90AHVj X3N0YWNrAF9aNHRlc3RpUFBjAFJFR19SSVAAdGltZV9mdW5jX3QAdGVzdF92c3lzY2FsbC5j YwB0el9zeXMAL2hvbWUva29ucmFkL2dpdC9saW51eC1jbG9jay10ZXN0cwByZWFkX2V4ZWNf b25seQBfSU9fc2F2ZV9lbmQAX0lPX3dyaXRlX2Jhc2UAX2xpYmNfZnB4cmVnAF9sb2NrAG14 Y3NyAHNpX2NvZGUAc2lfYmFuZABfSU9fc2F2ZV9iYXNlAG14Y3JfbWFzawB0el92ZHNvAF9j aGFpbgBzYV9yZXN0b3JlcgBfY3VyX2NvbHVtbgBnZXRjcHVfdABzaWdhbHRzdGFjawB1Y19m bGFncwBtb2RpZnlfbGR0AHNzX3NwAGdldGNwdV9jYWNoZQBjb250ZW50cwB0ZXN0AGNwdV92 c3lzAF9JT19tYXJrZXIAX19yZXNlcnZlZDEAbm9kZV92ZHNvAGluaXRpYWxfY3MAX1o3aW50 Y2MzMmlQUGMAdDJfc3lzAGN0eF92b2lkAF9JT19GSUxFAHNpX3NpZ25vAGNhbGwAUkVHX1Ix MABSRUdfUjExAFJFR19SMTIAUkVHX1IxMwBSRUdfUjE0AFJFR19SMTUAc2lnaW5mb190AHVu c2lnbmVkIGNoYXIAc2lfc3RhdHVzAHZkc29fZ2V0Y3B1AHNhX21hc2sAc2FfaGFuZGxlcgBf dGltZXIAUkVHX0NSMgBfSU9fbG9ja190AF9fdWludDE2X3QAdmRzb190aW1lAHRpbWV2YWwA dGltZXpvbmUAUkVHX0VGTABSRUdfVFJBUE5PAGxhbmRpbmdfMzIAc2lfc3RpbWUAX2xpYmNf ZnBzdGF0ZQBfSU9fcmVhZF9wdHIAdHZfdmRzbwBmcHJlZ3NldF90AHNpX2Vycm5vAF9wb3MA c3RkaW4AdHpfdnN5cwBHTlUgQysrIDQuNC40IDIwMTAwNTAzIChSZWQgSGF0IDQuNC40LTIp AFJFR19PTERNQVNLAF9tYXJrZXJzAF9aOWluaXRfdmRzb3YAbGltaXQAUkVHX1JTSQBSRUdf UlNQAHR2X3VzZWMAc2l2YWxfcHRyAG5vZGVfdnN5cwBsYW5kaW5nXzY0AF9fdWludDY0X3QA aW50Y2NfYWRkcgBfZmxhZ3MyAF9JT19yZWFkX2Jhc2UAYXJnMQBhcmcyAGFyZzMAX3VudXNl ZDIAX1o1aW50Y2NpUFBjAG1jb250ZXh0X3QAYXJnYwBfc2lnZmF1bHQAX29sZF9vZmZzZXQA YXJndgByZXRfc3lzAHB0cjMyAHR6X21pbnV0ZXN3ZXN0AF9fc2lnYWN0aW9uX2hhbmRsZXIA bGltaXRfaW5fcGFnZXMAX191aW50MzJfdABsb25nIGxvbmcgaW50AHN5c19ndG9kAHVjX2xp bmsAZG91YmxlAF9JT193cml0ZV9lbmQAaW5pdF92ZHNvAHR2X3ZzeXMAaW50Y2MAX0lPX2J1 Zl9iYXNlAHN0YWNrX3QAX3NpZmllbGRzAHVzZXJfZGVzYwBfX3BhZDEAX19wYWQyAF9fcGFk MwBfX3BhZDQAX19wYWQ1AF9zYnVmAHB0cjY0AF9fc3VzZWNvbmRzX3QAX3NpZ2NobGQAUkVH X1I4AFJFR19SOQBfX2Nsb2NrX3QAX21vZGUAYm9vbABfWjRjYWxsaVBQYwB2Z2V0Y3B1AHJl dF92ZHNvAHQyX3Zkc28AdHZfc3lzAHVjX3NpZ21hc2sAc2lfZmQAc2lnbmlmaWNhbmQAX19w aWRfdABfa2lsbABlbGVtZW50AGludGNjMzIAc2Ffc2VndgBsb25nIGxvbmcgdW5zaWduZWQg aW50AFJFR19FUlIAX19vZmZfdAB2Z3RvZABzaV9zaWd2YWwAc2VnX25vdF9wcmVzZW50AHNp X3RpZABSRUdfQ1NHU0ZTAGdyZWdfdABleHBvbmVudABfX3RpbWVfdABzaWdpbmZvAF9JT19i YWNrdXBfYmFzZQBjcHVfdmRzbwBfc2hvcnRidWYAc2FfZmxhZ3MAUkVHX1JBWAB1Y29udGV4 dABfbmV4dABfX29mZjY0X3QAc2lfb3ZlcnJ1bgBfc2lncG9sbAB1Y19tY29udGV4dABzaXZh bF9pbnQAc3lzX3RpbWUAX0lPX2J1Zl9lbmQAUkVHX1JCUABSRUdfUkJYAHR2X2RpZmYAc3Nf c2l6ZQBzZWdfMzJiaXQAc2hvcnQgaW50AFJFR19SQ1gAX3Z0YWJsZV9vZmZzZXQAZW50cnlf bnVtYmVyAGZwcmVncwBfX3NpZ2hhbmRsZXJfdABfcGFkAFJFR19SREkAX192YWwAUkVHX1JE WABfeG1tAHNpX2FkZHIAcmV0X3ZzeXMAdDJfdnN5cwBtYWluAGJlbmNoAGd0b2RfdABfX3Vp ZF90AHNhX3NpZ2FjdGlvbgBfSU9fcmVhZF9lbmQAcGFkZGluZwB1Y29udGV4dF90AF9maWxl bm8Ac2lfcGlkAHR6X2RzdHRpbWUAc2lfdWlkAHNob3J0IHVuc2lnbmVkIGludABzdGRvdXQA YmFzZV9hZGRyAF9JT193cml0ZV9wdHIAc2lndmFsX3QAc3NfZmxhZ3MAX19zaWdzZXRfdAB0 dl9zZWMAdG9fZmFycHRyAGdyZWdzAHZ0aW1lAHNpX3V0aW1lABAAAAAAAAAAIgAAAAAAAAAB AFUyAAAAAAAAAD0AAAAAAAAAAQBVAAAAAAAAAAAAAAAAAAAAABAAAAAAAAAAHQAAAAAAAAAB AFQyAAAAAAAAAEEAAAAAAAAAAQBUAAAAAAAAAAAAAAAAAAAAAFAAAAAAAAAAVAAAAAAAAAAB AFUAAAAAAAAAAAAAAAAAAAAAUAAAAAAAAABcAAAAAAAAAAEAVFwAAAAAAAAAYAAAAAAAAAAB AFUAAAAAAAAAAAAAAAAAAAAAUAAAAAAAAABgAAAAAAAAAAEAUWAAAAAAAAAAfgAAAAAAAAAB AFMAAAAAAAAAAAAAAAAAAAAAgAAAAAAAAACHAAAAAAAAAAEAVQAAAAAAAAAAAAAAAAAAAACA AAAAAAAAAJsAAAAAAAAAAQBUAAAAAAAAAAAAAAAAAAAAALUAAAAAAAAAvAAAAAAAAAABAFC8 AAAAAAAAAIoBAAAAAAAAAQBWTAIAAAAAAABtAgAAAAAAAAEAVqQCAAAAAAAAtwIAAAAAAAAB AFY7AwAAAAAAANkDAAAAAAAAAQBWAAAAAAAAAAAAAAAAAAAAALUAAAAAAAAAzwAAAAAAAAAD AAn/n88AAAAAAAAAlQEAAAAAAAABAFPUAQAAAAAAAO0BAAAAAAAAAQBQ7QEAAAAAAABGAgAA AAAAAAEAU0wCAAAAAAAAiQIAAAAAAAABAFOPAgAAAAAAANYCAAAAAAAAAQBTOwMAAAAAAAD4 AwAAAAAAAAEAU/4DAAAAAAAABQQAAAAAAAABAFMAAAAAAAAAAAAAAAAAAAAA5QAAAAAAAAAG AQAAAAAAAAEAUAYBAAAAAAAAYAEAAAAAAAABAFzzAQAAAAAAAPkBAAAAAAAAAQBQ+QEAAAAA AABHAgAAAAAAAAEAVkwCAAAAAAAAVAIAAAAAAAABAFBUAgAAAAAAAG0CAAAAAAAAAQBcbQIA AAAAAACKAgAAAAAAAAEAVo8CAAAAAAAAmgIAAAAAAAABAFCaAgAAAAAAAKQCAAAAAAAAAQBW pAIAAAAAAACxAgAAAAAAAAEAULECAAAAAAAAtwIAAAAAAAABAFy3AgAAAAAAANcCAAAAAAAA AQBWOwMAAAAAAADZAwAAAAAAAAEAXNkDAAAAAAAA+QMAAAAAAAABAFYAAAAAAAAAAAAAAAAA AAAAYAEAAAAAAABnAQAAAAAAAAEAUGcBAAAAAAAASQIAAAAAAAABAFxtAgAAAAAAAIwCAAAA AAAAAQBcjwIAAAAAAACkAgAAAAAAAAEAXLcCAAAAAAAA2QIAAAAAAAABAFzcAgAAAAAAADsD AAAAAAAAAQBc2QMAAAAAAAD7AwAAAAAAAAEAXP4DAAAAAAAAZwQAAAAAAAABAFwAAAAAAAAA AAAAAAAAAAAAMQEAAAAAAAB2AQAAAAAAAAIAMJ92AQAAAAAAAEsCAAAAAAAAAQBdbQIAAAAA AACOAgAAAAAAAAEAXY8CAAAAAAAApAIAAAAAAAABAF23AgAAAAAAANsCAAAAAAAAAQBd3AIA AAAAAAA7AwAAAAAAAAEAXdkDAAAAAAAA/QMAAAAAAAABAF3+AwAAAAAAAGcEAAAAAAAAAQBd AAAAAAAAAAAAAAAAAAAAAIoBAAAAAAAAqwEAAAAAAAABAFCrAQAAAAAAAPMBAAAAAAAAAQBW 3AIAAAAAAAALAwAAAAAAAAEAUAsDAAAAAAAAOwMAAAAAAAABAFb+AwAAAAAAAAoEAAAAAAAA AQBQCgQAAAAAAABnBAAAAAAAAAEAVgAAAAAAAAAAAAAAAAAAAABGAQAAAAAAAEwCAAAAAAAA AwCRiH9tAgAAAAAAAKQCAAAAAAAAAwCRiH+3AgAAAAAAADsDAAAAAAAAAwCRiH/ZAwAAAAAA AGcEAAAAAAAAAwCRiH8AAAAAAAAAAAAAAAAAAAAATwEAAAAAAABMAgAAAAAAAAMAkYB/bQIA AAAAAACkAgAAAAAAAAMAkYB/twIAAAAAAAA7AwAAAAAAAAMAkYB/2QMAAAAAAABnBAAAAAAA AAMAkYB/AAAAAAAAAAAAAAAAAAAAAFgBAAAAAAAATAIAAAAAAAADAJH4fm0CAAAAAAAApAIA AAAAAAADAJH4frcCAAAAAAAAOwMAAAAAAAADAJH4ftkDAAAAAAAAZwQAAAAAAAADAJH4fgAA AAAAAAAAAAAAAAAAAAACAgAAAAAAAEwCAAAAAAAAAgCRTLcCAAAAAAAA3AIAAAAAAAACAJFM 2QMAAAAAAAD+AwAAAAAAAAIAkUwAAAAAAAAAAAAAAAAAAAAACQIAAAAAAABMAgAAAAAAAAIA kUi3AgAAAAAAANwCAAAAAAAAAgCRSNkDAAAAAAAA/gMAAAAAAAACAJFIAAAAAAAAAAAAAAAA AAAAABgCAAAAAAAATAIAAAAAAAACAJFE2QMAAAAAAAD+AwAAAAAAAAIAkUQAAAAAAAAAAAAA AAAAAAAAHwIAAAAAAABMAgAAAAAAAAIAkUDZAwAAAAAAAP4DAAAAAAAAAgCRQAAAAAAAAAAA AAAAAAAAAACeAwAAAAAAANkDAAAAAAAAAwB3IJ8AAAAAAAAAAAAAAAAAAAAAngMAAAAAAADZ AwAAAAAAAAEAVwAAAAAAAAAAAAAAAAAAAABOAwAAAAAAAIoDAAAAAAAAAwB3IJ8AAAAAAAAA AAAAAAAAAAAATgMAAAAAAACKAwAAAAAAAAMAdxCfAAAAAAAAAAAAAAAAAAAAAJwAAAAAAAAA QwIAAAAAAAAEAHfwAJ9DAgAAAAAAAEYCAAAAAAAAAwB3WJ9GAgAAAAAAAEcCAAAAAAAAAwB3 UJ9HAgAAAAAAAEkCAAAAAAAAAwB3SJ9MAgAAAAAAAIYCAAAAAAAABAB38ACfhgIAAAAAAACJ AgAAAAAAAAMAd1ifiQIAAAAAAACKAgAAAAAAAAMAd1CfigIAAAAAAACMAgAAAAAAAAMAd0if jwIAAAAAAADTAgAAAAAAAAQAd/AAn9MCAAAAAAAA1gIAAAAAAAADAHdYn9YCAAAAAAAA1wIA AAAAAAADAHdQn9cCAAAAAAAA2QIAAAAAAAADAHdIn9wCAAAAAAAA9QMAAAAAAAAEAHfwAJ/1 AwAAAAAAAPgDAAAAAAAAAwB3WJ/4AwAAAAAAAPkDAAAAAAAAAwB3UJ/5AwAAAAAAAPsDAAAA AAAAAwB3SJ/+AwAAAAAAAGcEAAAAAAAABAB38ACfAAAAAAAAAAAAAAAAAAAAAJwAAAAAAAAA QwIAAAAAAAADAHcgn0MCAAAAAAAARgIAAAAAAAAEAHeIf59GAgAAAAAAAEcCAAAAAAAABAB3 gH+fRwIAAAAAAABJAgAAAAAAAAQAd/h+n0wCAAAAAAAAhgIAAAAAAAADAHcgn4YCAAAAAAAA iQIAAAAAAAAEAHeIf5+JAgAAAAAAAIoCAAAAAAAABAB3gH+figIAAAAAAACMAgAAAAAAAAQA d/h+n48CAAAAAAAA0wIAAAAAAAADAHcgn9MCAAAAAAAA1gIAAAAAAAAEAHeIf5/WAgAAAAAA ANcCAAAAAAAABAB3gH+f1wIAAAAAAADZAgAAAAAAAAQAd/h+n9wCAAAAAAAA9QMAAAAAAAAD AHcgn/UDAAAAAAAA+AMAAAAAAAAEAHeIf5/4AwAAAAAAAPkDAAAAAAAABAB3gH+f+QMAAAAA AAD7AwAAAAAAAAQAd/h+n/4DAAAAAAAAZwQAAAAAAAADAHcgnwAAAAAAAAAAAAAAAAAAAABY AQAAAAAAAFwBAAAAAAAAAQBUAAAAAAAAAAAAAAAAAAAAAHAEAAAAAAAAkQQAAAAAAAABAFUq BQAAAAAAADUFAAAAAAAAAQBVAAAAAAAAAAAAAAAAAAAAAHAEAAAAAAAAjAQAAAAAAAABAFQq BQAAAAAAADkFAAAAAAAAAQBUAAAAAAAAAAAAAAAAAAAAAOMEAAAAAAAAKgUAAAAAAAABAFNF BQAAAAAAAJEFAAAAAAAAAQBTAAAAAAAAAAAAAAAAAAAAAPcEAAAAAAAAKgUAAAAAAAACADSf RQUAAAAAAACRBQAAAAAAAAIANJ8AAAAAAAAAAAAAAAAAAAAA9wQAAAAAAAAqBQAAAAAAAAoA A9YcYAAAAAAAn0UFAAAAAAAAkQUAAAAAAAAKAAPWHGAAAAAAAJ8AAAAAAAAAAAAAAAAAAAAA tgQAAAAAAAAqBQAAAAAAAAIAQJ9FBQAAAAAAAJEFAAAAAAAAAgBAnwAAAAAAAAAAAAAAAAAA AAC2BAAAAAAAAN0EAAAAAAAAAQBX3QQAAAAAAADeBAAAAAAAAAMAd3Cf3gQAAAAAAADfBAAA AAAAAAMAd2if3wQAAAAAAAAqBQAAAAAAAAEAV0UFAAAAAAAAkQUAAAAAAAABAFcAAAAAAAAA AAAAAAAAAAAAtgQAAAAAAAAqBQAAAAAAAAIAMZ9FBQAAAAAAAJEFAAAAAAAAAgAxnwAAAAAA AAAAAAAAAAAAAAC/BAAAAAAAAMcEAAAAAAAAAQBQxwQAAAAAAADZBAAAAAAAAAQAcwAfn98E AAAAAAAA6AQAAAAAAAABAFAAAAAAAAAAAAAAAAAAAAAAoAUAAAAAAADPBQAAAAAAAAEAVfwF AAAAAAAACAYAAAAAAAABAFUAAAAAAAAAAAAAAAAAAAAAoAUAAAAAAADKBQAAAAAAAAEAVMoF AAAAAAAA3gUAAAAAAAABAFP8BQAAAAAAAMgGAAAAAAAAAQBTAAAAAAAAAAAAAAAAAAAAABUG AAAAAAAAGgYAAAAAAAABAFAaBgAAAAAAAMgGAAAAAAAAAQBcAAAAAAAAAAAAAAAAAAAAADAG AAAAAAAANQYAAAAAAAABAFA1BgAAAAAAAFUGAAAAAAAAAQBdbAYAAAAAAADIBgAAAAAAAAEA XQAAAAAAAAAAAAAAAAAAAABLBgAAAAAAAFAGAAAAAAAAAQBQUAYAAAAAAABVBgAAAAAAAAEA XmwGAAAAAAAAyAYAAAAAAAABAF4AAAAAAAAAAAAAAAAAAAAAgQYAAAAAAACGBgAAAAAAAAEA UIYGAAAAAAAAyAYAAAAAAAABAF8AAAAAAAAAAAAAAAAAAAAAnAYAAAAAAAChBgAAAAAAAAEA UKEGAAAAAAAAwAYAAAAAAAABAFEAAAAAAAAAAAAAAAAAAAAA2QUAAAAAAAD8BQAAAAAAAAMA kbh/FQYAAAAAAADIBgAAAAAAAAMAkbh/AAAAAAAAAAAAAAAAAAAAAOYGAAAAAAAA9AYAAAAA AAABAFD0BgAAAAAAADQHAAAAAAAAAQBTNQcAAAAAAABCBwAAAAAAAAEAUEMHAAAAAAAASQcA AAAAAAABAFNTBwAAAAAAAHQHAAAAAAAAAQBTAAAAAAAAAAAAAAAAAAAAAIAHAAAAAAAAmgcA AAAAAAABAFWaBwAAAAAAAGcIAAAAAAAAAQBTawgAAAAAAACUCAAAAAAAAAEAU5gIAAAAAAAA tAgAAAAAAAABAFO4CAAAAAAAAPkIAAAAAAAAAQBTAAAAAAAAAAAAAAAAAAAAAIAHAAAAAAAA uQcAAAAAAAABAFS5BwAAAAAAAGgIAAAAAAAAAQBWawgAAAAAAACVCAAAAAAAAAEAVpgIAAAA AAAAtQgAAAAAAAABAFa4CAAAAAAAAPkIAAAAAAAAAQBWAAAAAAAAAAAAAAAAAAAAADYCAAAC AAAAAADhEQAALQAAAHNpemVfdABiAAAAX191aW50MTZfdAB0AAAAX191aW50MzJfdACGAAAA X191aW50NjRfdACRAAAAX191aWRfdACcAAAAX19vZmZfdACnAAAAX19vZmY2NF90ALIAAABf X3BpZF90AMAAAABfX2Nsb2NrX3QAywAAAF9fdGltZV90ANYAAABfX3N1c2Vjb25kc190AIwC AABfSU9fbG9ja190AJMCAABfSU9fbWFya2VyAPAAAABfSU9fRklMRQD2AgAAdGltZV90AAED AAB0aW1ldmFsAE8DAAB0aW1lem9uZQCYAwAAdWludDE2X3QAowMAAHVpbnQzMl90AK4DAABz aWd2YWwA0QMAAHNpZ3ZhbF90ANwDAABzaWdpbmZvAHUFAABzaWdpbmZvX3QAgAUAAF9fc2ln aGFuZGxlcl90AJwFAABzaWdhY3Rpb24AYgYAAHNpZ2FsdHN0YWNrAJMGAABzdGFja190AJ4G AABncmVnX3QAqQYAAGdyZWdzZXRfdABXBwAAX2xpYmNfZnB4cmVnAIgHAABfbGliY194bW1y ZWcAoQcAAF9saWJjX2Zwc3RhdGUAVQgAAGZwcmVnc2V0X3QAmggAAHVjb250ZXh0APgIAAB1 Y29udGV4dF90AAMJAAB1c2VyX2Rlc2MAnAkAAGd0b2RfdADHCQAAdGltZV9mdW5jX3QA7QkA AGdldGNwdV90ACkKAABmYXJwdHIAAAAAABQAAAAAAAAALQAAAAAAAAA4AAAAAAAAAEcAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAIIAAAAAAAAAhwAAAAAAAAAABAAAAAAAAGcEAAAAAAAA4AIA AAAAAADuAwAAAAAAAJACAAAAAAAAzAIAAAAAAABQAgAAAAAAAH8CAAAAAAAAlwAAAAAAAAA8 AgAAAAAAAIsAAAAAAAAAkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAngMAAAAAAACnAwAAAAAA AMMDAAAAAAAAzwMAAAAAAACsAwAAAAAAAL4DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAE4DAAAA AAAAWAMAAAAAAAB0AwAAAAAAAIADAAAAAAAAXQMAAAAAAABvAwAAAAAAAAAAAAAAAAAAAAAA AAAAAAAxAQAAAAAAAD0BAAAAAAAAWAEAAAAAAABgAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAB1 BAAAAAAAANkEAAAAAAAASAUAAAAAAACRBQAAAAAAAOAEAAAAAAAAPwUAAAAAAAAAAAAAAAAA AAAAAAAAAAAAfQQAAAAAAAB/BAAAAAAAAM0EAAAAAAAAzwQAAAAAAAC2BAAAAAAAAMgEAAAA AAAAggQAAAAAAACRBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB9BAAAAAAAAH8EAAAAAAAAzQQA AAAAAADPBAAAAAAAALYEAAAAAAAAyAQAAAAAAACCBAAAAAAAAJEEAAAAAAAAAAAAAAAAAAAA AAAAAAAAAMUFAAAAAAAA2QUAAAAAAAAABgAAAAAAAMgGAAAAAAAAAAAAAAAAAAAAAAAAAAAA ANEGAAAAAAAAMwcAAAAAAABJBwAAAAAAAHQHAAAAAAAAOQcAAAAAAABIBwAAAAAAAAAAAAAA AAAAAAAAAAAAAACCBwAAAAAAAIkHAAAAAAAAwAgAAAAAAAD5CAAAAAAAAKAIAAAAAAAArAgA AAAAAABwCAAAAAAAAIwIAAAAAAAAlwcAAAAAAABfCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA LnN5bXRhYgAuc3RydGFiAC5zaHN0cnRhYgAuaW50ZXJwAC5ub3RlLkFCSS10YWcALm5vdGUu Z251LmJ1aWxkLWlkAC5nbnUuaGFzaAAuZHluc3ltAC5keW5zdHIALmdudS52ZXJzaW9uAC5n bnUudmVyc2lvbl9yAC5yZWxhLmR5bgAucmVsYS5wbHQALmluaXQALnRleHQALmZpbmkALnJv ZGF0YQAuZWhfZnJhbWVfaGRyAC5laF9mcmFtZQAuY3RvcnMALmR0b3JzAC5qY3IALmR5bmFt aWMALmdvdAAuZ290LnBsdAAuZGF0YQAuYnNzAC5jb21tZW50AC5kZWJ1Z19hcmFuZ2VzAC5k ZWJ1Z19wdWJuYW1lcwAuZGVidWdfaW5mbwAuZGVidWdfYWJicmV2AC5kZWJ1Z19saW5lAC5k ZWJ1Z19zdHIALmRlYnVnX2xvYwAuZGVidWdfcHVidHlwZXMALmRlYnVnX3JhbmdlcwAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAGwAAAAEAAAACAAAAAAAAAAACQAAAAAAAAAIAAAAAAAAcAAAAAAAAAAAA AAAAAAAAAQAAAAAAAAAAAAAAAAAAACMAAAAHAAAAAgAAAAAAAAAcAkAAAAAAABwCAAAAAAAA IAAAAAAAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAxAAAABwAAAAIAAAAAAAAAPAJAAAAA AAA8AgAAAAAAACQAAAAAAAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAARAAAAPb//28CAAAA AAAAAGACQAAAAAAAYAIAAAAAAAAkAAAAAAAAAAUAAAAAAAAACAAAAAAAAAAAAAAAAAAAAE4A AAALAAAAAgAAAAAAAACIAkAAAAAAAIgCAAAAAAAAmAEAAAAAAAAGAAAAAQAAAAgAAAAAAAAA GAAAAAAAAABWAAAAAwAAAAIAAAAAAAAAIARAAAAAAAAgBAAAAAAAABoBAAAAAAAAAAAAAAAA AAABAAAAAAAAAAAAAAAAAAAAXgAAAP///28CAAAAAAAAADoFQAAAAAAAOgUAAAAAAAAiAAAA AAAAAAUAAAAAAAAAAgAAAAAAAAACAAAAAAAAAGsAAAD+//9vAgAAAAAAAABgBUAAAAAAAGAF AAAAAAAAcAAAAAAAAAAGAAAAAwAAAAgAAAAAAAAAAAAAAAAAAAB6AAAABAAAAAIAAAAAAAAA 0AVAAAAAAADQBQAAAAAAABgAAAAAAAAABQAAAAAAAAAIAAAAAAAAABgAAAAAAAAAhAAAAAQA AAACAAAAAAAAAOgFQAAAAAAA6AUAAAAAAABQAQAAAAAAAAUAAAAMAAAACAAAAAAAAAAYAAAA AAAAAI4AAAABAAAABgAAAAAAAAA4B0AAAAAAADgHAAAAAAAAGAAAAAAAAAAAAAAAAAAAAAQA AAAAAAAAAAAAAAAAAACJAAAAAQAAAAYAAAAAAAAAUAdAAAAAAABQBwAAAAAAAPAAAAAAAAAA AAAAAAAAAAAEAAAAAAAAABAAAAAAAAAAlAAAAAEAAAAGAAAAAAAAAEAIQAAAAAAAQAgAAAAA AADICgAAAAAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAJoAAAABAAAABgAAAAAAAAAIE0AA AAAAAAgTAAAAAAAADgAAAAAAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAACgAAAAAQAAAAIA AAAAAAAAGBNAAAAAAAAYEwAAAAAAAGgEAAAAAAAAAAAAAAAAAAAIAAAAAAAAAAAAAAAAAAAA qAAAAAEAAAACAAAAAAAAAIAXQAAAAAAAgBcAAAAAAABcAAAAAAAAAAAAAAAAAAAABAAAAAAA AAAAAAAAAAAAALYAAAABAAAAAgAAAAAAAADgF0AAAAAAAOAXAAAAAAAAJAIAAAAAAAAAAAAA AAAAAAgAAAAAAAAAAAAAAAAAAADAAAAAAQAAAAMAAAAAAAAACBpgAAAAAAAIGgAAAAAAABAA AAAAAAAAAAAAAAAAAAAIAAAAAAAAAAAAAAAAAAAAxwAAAAEAAAADAAAAAAAAABgaYAAAAAAA GBoAAAAAAAAQAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAM4AAAABAAAAAwAAAAAA AAAoGmAAAAAAACgaAAAAAAAACAAAAAAAAAAAAAAAAAAAAAgAAAAAAAAAAAAAAAAAAADTAAAA BgAAAAMAAAAAAAAAMBpgAAAAAAAwGgAAAAAAAOABAAAAAAAABgAAAAAAAAAIAAAAAAAAABAA AAAAAAAA3AAAAAEAAAADAAAAAAAAABAcYAAAAAAAEBwAAAAAAAAIAAAAAAAAAAAAAAAAAAAA CAAAAAAAAAAIAAAAAAAAAOEAAAABAAAAAwAAAAAAAAAYHGAAAAAAABgcAAAAAAAAiAAAAAAA AAAAAAAAAAAAAAgAAAAAAAAACAAAAAAAAADqAAAAAQAAAAMAAAAAAAAAoBxgAAAAAACgHAAA AAAAAAQAAAAAAAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAA8AAAAAgAAAADAAAAAAAAAKgc YAAAAAAApBwAAAAAAAA4AAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAPUAAAABAAAA MAAAAAAAAAAAAAAAAAAAAKQcAAAAAAAAWQAAAAAAAAAAAAAAAAAAAAEAAAAAAAAAAQAAAAAA AAD+AAAAAQAAAAAAAAAAAAAAAAAAAAAAAAD9HAAAAAAAADAAAAAAAAAAAAAAAAAAAAABAAAA AAAAAAAAAAAAAAAADQEAAAEAAAAAAAAAAAAAAAAAAAAAAAAALR0AAAAAAACHAAAAAAAAAAAA AAAAAAAAAQAAAAAAAAAAAAAAAAAAAB0BAAABAAAAAAAAAAAAAAAAAAAAAAAAALQdAAAAAAAA 4REAAAAAAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAApAQAAAQAAAAAAAAAAAAAAAAAAAAAA AACVLwAAAAAAACUEAAAAAAAAAAAAAAAAAAABAAAAAAAAAAAAAAAAAAAANwEAAAEAAAAAAAAA AAAAAAAAAAAAAAAAujMAAAAAAADfAgAAAAAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAEMB AAABAAAAMAAAAAAAAAAAAAAAAAAAAJk2AAAAAAAAMggAAAAAAAAAAAAAAAAAAAEAAAAAAAAA AQAAAAAAAABOAQAAAQAAAAAAAAAAAAAAAAAAAAAAAADLPgAAAAAAALYQAAAAAAAAAAAAAAAA AAABAAAAAAAAAAAAAAAAAAAAWQEAAAEAAAAAAAAAAAAAAAAAAAAAAAAAgU8AAAAAAAA6AgAA AAAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAGkBAAABAAAAAAAAAAAAAAAAAAAAAAAAALtR AAAAAAAAEAMAAAAAAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAARAAAAAwAAAAAAAAAAAAAA AAAAAAAAAADLVAAAAAAAAHcBAAAAAAAAAAAAAAAAAAABAAAAAAAAAAAAAAAAAAAAAQAAAAIA AAAAAAAAAAAAAAAAAAAAAAAACGAAAAAAAABgCQAAAAAAACYAAAA9AAAACAAAAAAAAAAYAAAA AAAAAAkAAAADAAAAAAAAAAAAAAAAAAAAAAAAAGhpAAAAAAAA3QMAAAAAAAAAAAAAAAAAAAEA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwABAAACQAAAAAAA AAAAAAAAAAAAAAAAAwACABwCQAAAAAAAAAAAAAAAAAAAAAAAAwADADwCQAAAAAAAAAAAAAAA AAAAAAAAAwAEAGACQAAAAAAAAAAAAAAAAAAAAAAAAwAFAIgCQAAAAAAAAAAAAAAAAAAAAAAA AwAGACAEQAAAAAAAAAAAAAAAAAAAAAAAAwAHADoFQAAAAAAAAAAAAAAAAAAAAAAAAwAIAGAF QAAAAAAAAAAAAAAAAAAAAAAAAwAJANAFQAAAAAAAAAAAAAAAAAAAAAAAAwAKAOgFQAAAAAAA AAAAAAAAAAAAAAAAAwALADgHQAAAAAAAAAAAAAAAAAAAAAAAAwAMAFAHQAAAAAAAAAAAAAAA AAAAAAAAAwANAEAIQAAAAAAAAAAAAAAAAAAAAAAAAwAOAAgTQAAAAAAAAAAAAAAAAAAAAAAA AwAPABgTQAAAAAAAAAAAAAAAAAAAAAAAAwAQAIAXQAAAAAAAAAAAAAAAAAAAAAAAAwARAOAX QAAAAAAAAAAAAAAAAAAAAAAAAwASAAgaYAAAAAAAAAAAAAAAAAAAAAAAAwATABgaYAAAAAAA AAAAAAAAAAAAAAAAAwAUACgaYAAAAAAAAAAAAAAAAAAAAAAAAwAVADAaYAAAAAAAAAAAAAAA AAAAAAAAAwAWABAcYAAAAAAAAAAAAAAAAAAAAAAAAwAXABgcYAAAAAAAAAAAAAAAAAAAAAAA AwAYAKAcYAAAAAAAAAAAAAAAAAAAAAAAAwAZAKgcYAAAAAAAAAAAAAAAAAAAAAAAAwAaAAAA AAAAAAAAAAAAAAAAAAAAAAAAAwAbAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwAcAAAAAAAAAAAA AAAAAAAAAAAAAAAAAwAdAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwAeAAAAAAAAAAAAAAAAAAAA AAAAAAAAAwAfAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwAgAAAAAAAAAAAAAAAAAAAAAAAAAAAA AwAhAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwAiAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwAjAAAA AAAAAAAAAAAAAAAAAAABAAAAAgANAGwIQAAAAAAAAAAAAAAAAAARAAAABADx/wAAAAAAAAAA AAAAAAAAAAAcAAAAAQASAAgaYAAAAAAAAAAAAAAAAAAqAAAAAQATABgaYAAAAAAAAAAAAAAA AAA4AAAAAQAUACgaYAAAAAAAAAAAAAAAAABFAAAAAgANAJAIQAAAAAAAAAAAAAAAAABbAAAA AQAZAKgcYAAAAAAAAQAAAAAAAABqAAAAAQAZALAcYAAAAAAACAAAAAAAAAB4AAAAAgANAAAJ QAAAAAAAAAAAAAAAAAARAAAABADx/wAAAAAAAAAAAAAAAAAAAACEAAAAAQASABAaYAAAAAAA AAAAAAAAAACRAAAAAQARAAAaQAAAAAAAAAAAAAAAAACfAAAAAQAUACgaYAAAAAAAAAAAAAAA AACrAAAAAgANANASQAAAAAAAAAAAAAAAAADBAAAABADx/wAAAAAAAAAAAAAAAAAAAADSAAAA AAANAFkJQAAAAAAAAAAAAAAAAADdAAAAAgANAIAJQAAAAAAALgAAAAAAAADyAAAAAAANAKgO QAAAAAAAAAAAAAAAAAD9AAAAAQAZANYcYAAAAAAABgAAAAAAAAAUAQAAAAANAK0OQAAAAAAA AAAAAAAAAAAfAQAAAQAZANAcYAAAAAAABgAAAAAAAAA2AQAAAQAXABgcYAAAAAAAAAAAAAAA AABMAQAAAAASAAQaYAAAAAAAAAAAAAAAAABdAQAAAAASAAQaYAAAAAAAAAAAAAAAAABwAQAA AQAVADAaYAAAAAAAAAAAAAAAAAB5AQAAIAAYAKAcYAAAAAAAAAAAAAAAAACEAQAAEgAAAAAA AAAAAAAAAAAAAAAAAACYAQAAEgANADASQAAAAAAAAgAAAAAAAACoAQAAEgANAEAIQAAAAAAA AAAAAAAAAACvAQAAIAAAAAAAAAAAAAAAAAAAAAAAAAC+AQAAIAAAAAAAAAAAAAAAAAAAAAAA AADSAQAAEgAAAAAAAAAAAAAAAAAAAAAAAADkAQAAEgAAAAAAAAAAAAAAAAAAAAAAAAD2AQAA EgAOAAgTQAAAAAAAAAAAAAAAAAD8AQAAEQAZAMAcYAAAAAAACAAAAAAAAAAGAgAAEgAAAAAA AAAAAAAAAAAAAAAAAAAlAgAAEQAPABgTQAAAAAAABAAAAAAAAAA0AgAAEAAYAKAcYAAAAAAA AAAAAAAAAABBAgAAEgANALAJQAAAAAAA5wMAAAAAAABNAgAAEgAAAAAAAAAAAAAAAAAAAAAA AABiAgAAEgAAAAAAAAAAAAAAAAAAAAAAAAB5AgAAEQIPACATQAAAAAAAAAAAAAAAAACGAgAA EQITACAaYAAAAAAAAAAAAAAAAACTAgAAEgANAEASQAAAAAAAiQAAAAAAAACjAgAAEQAZAMgc YAAAAAAACAAAAAAAAACvAgAAEgAAAAAAAAAAAAAAAAAAAAAAAADNAgAAEgANADAJQAAAAAAA AwAAAAAAAADaAgAAEADx/6QcYAAAAAAAAAAAAAAAAADmAgAAEgANAEAJQAAAAAAAPAAAAAAA AADzAgAAEgAAAAAAAAAAAAAAAAAAAAAAAAAIAwAAEADx/+AcYAAAAAAAAAAAAAAAAAANAwAA EgAAAAAAAAAAAAAAAAAAAAAAAAAhAwAAEQAZALgcYAAAAAAACAAAAAAAAAArAwAAEgAAAAAA AAAAAAAAAAAAAAAAAABBAwAAEgAAAAAAAAAAAAAAAAAAAAAAAABUAwAAEgAAAAAAAAAAAAAA AAAAAAAAAABtAwAAEgANAKANQAAAAAAAIQEAAAAAAAB8AwAAEgANAAAQQAAAAAAApAAAAAAA AACKAwAAEgANANAOQAAAAAAAKAEAAAAAAACWAwAAEgAAAAAAAAAAAAAAAAAAAAAAAACqAwAA EADx/6QcYAAAAAAAAAAAAAAAAACxAwAAEgAAADAIQAAAAAAAAAAAAAAAAADSAwAAEgANALAQ QAAAAAAAeQEAAAAAAADXAwAAEgALADgHQAAAAAAAAAAAAAAAAAAAY2FsbF9nbW9uX3N0YXJ0 AGNydHN0dWZmLmMAX19DVE9SX0xJU1RfXwBfX0RUT1JfTElTVF9fAF9fSkNSX0xJU1RfXwBf X2RvX2dsb2JhbF9kdG9yc19hdXgAY29tcGxldGVkLjYzMzYAZHRvcl9pZHguNjMzOABmcmFt ZV9kdW1teQBfX0NUT1JfRU5EX18AX19GUkFNRV9FTkRfXwBfX0pDUl9FTkRfXwBfX2RvX2ds b2JhbF9jdG9yc19hdXgAdGVzdF92c3lzY2FsbC5jYwBpbnRjY19hZGRyAF9aTDRzZWd2aVA3 c2lnaW5mb1B2AGxhbmRpbmdfMzIAX1paN2ludGNjMzJpUFBjRTVwdHIzMgBsYW5kaW5nXzY0 AF9aWjdpbnRjYzMyaVBQY0U1cHRyNjQAX0dMT0JBTF9PRkZTRVRfVEFCTEVfAF9faW5pdF9h cnJheV9lbmQAX19pbml0X2FycmF5X3N0YXJ0AF9EWU5BTUlDAGRhdGFfc3RhcnQAcHJpbnRm QEBHTElCQ18yLjIuNQBfX2xpYmNfY3N1X2ZpbmkAX3N0YXJ0AF9fZ21vbl9zdGFydF9fAF9K dl9SZWdpc3RlckNsYXNzZXMAcHV0c0BAR0xJQkNfMi4yLjUAZXhpdEBAR0xJQkNfMi4yLjUA X2ZpbmkAdmRzb190aW1lAF9fbGliY19zdGFydF9tYWluQEBHTElCQ18yLjIuNQBfSU9fc3Rk aW5fdXNlZABfX2RhdGFfc3RhcnQAX1o0dGVzdGlQUGMAc3lzY2FsbEBAR0xJQkNfMi4yLjUA c2lnYWN0aW9uQEBHTElCQ18yLjIuNQBfX2Rzb19oYW5kbGUAX19EVE9SX0VORF9fAF9fbGli Y19jc3VfaW5pdAB2ZHNvX2dldGNwdQBfX2Vycm5vX2xvY2F0aW9uQEBHTElCQ18yLjIuNQBf WjViZW5jaGlQUGMAX19ic3Nfc3RhcnQAX1o1aW50Y2NpUFBjAHBzaWdpbmZvQEBHTElCQ18y LjEwAF9lbmQAZGxvcGVuQEBHTElCQ18yLjIuNQB2ZHNvX2d0b2QAc3RydG91bGxAQEdMSUJD XzIuMi41AGRsc3ltQEBHTElCQ18yLjIuNQBzaWdlbXB0eXNldEBAR0xJQkNfMi4yLjUAX1o3 aW50Y2MzMmlQUGMAX1o5aW5pdF92ZHNvdgBfWjRjYWxsaVBQYwBwZXJyb3JAQEdMSUJDXzIu Mi41AF9lZGF0YQBfX2d4eF9wZXJzb25hbGl0eV92MEBAQ1hYQUJJXzEuMwBtYWluAF9pbml0 AA== --Kj7319i9nmIyA2yE Content-Type: text/x-c++src; charset=us-ascii Content-Disposition: attachment; filename="test_vsyscall.cc" #define _POSIX_SOURCE #include #include #include #include #include #include #include #include #include #include #include #include #include static inline int modify_ldt(int mode, void *ptr, unsigned long size) { int ret = syscall(__NR_modify_ldt, mode, ptr, size); if (ret != 0) errno = -ret; return (ret == 0 ? 0 : -1); } /* vsyscalls and vDSO */ typedef long (*gtod_t)(struct timeval *tv, struct timezone *tz); const gtod_t vgtod = (gtod_t)0xffffffffff600000; gtod_t vdso_gtod; typedef long (*time_func_t)(time_t *t); const time_func_t vtime = (time_func_t)0xffffffffff600400; time_func_t vdso_time; typedef long (*getcpu_t)(unsigned *, unsigned *, struct getcpu_cache*); const getcpu_t vgetcpu = (getcpu_t)0xffffffffff600800; getcpu_t vdso_getcpu; void init_vdso() { void *vdso = dlopen("linux-vdso.so.1", RTLD_LAZY | RTLD_LOCAL | RTLD_NOLOAD); if (!vdso) { printf("Warning: failed to find vDSO\n"); return; } vdso_gtod = (gtod_t)dlsym(vdso, "gettimeofday"); if (!vdso_gtod) printf("Warning: failed to find gettimeofday in vDSO\n"); vdso_time = (time_func_t)dlsym(vdso, "time"); if (!vdso_time) printf("Warning: failed to find time in vDSO\n"); vdso_getcpu = (getcpu_t)dlsym(vdso, "getcpu"); if (!vdso_getcpu) printf("Warning: failed to find getcpu in vDSO\n"); } /* syscalls */ static inline long sys_gtod(struct timeval *tv, struct timezone *tz) { return syscall(__NR_gettimeofday, tv, tz); } static inline long sys_time(time_t *t) { return syscall(__NR_time, t); } /* There is no sys_getcpu. */ static void segv(int sig, siginfo_t *info, void *ctx_void) { psiginfo(info, "Caught SIGSEGV"); ucontext_t *ctx = (ucontext_t*)ctx_void; printf("RIP = %lx\n", ctx->uc_mcontext.gregs[REG_RIP]); exit(1); } #if 0 /* benchmark helper */ template void benchmark(const char *desc, Func f) { struct timespec start, end; long loops = 0; printf("Benchmarking %s ... ", desc); fflush(stdout); if (clock_gettime(CLOCK_MONOTONIC, &start)) { perror("clock_gettime"); exit(1); } while(true) { long loops_now = 1000; for(int i = 0; i < loops_now; i++) f(); loops += loops_now; if (clock_gettime(CLOCK_MONOTONIC, &end)) { perror("clock_gettime"); exit(1); } unsigned long long duration = (end.tv_nsec - start.tv_nsec) + 1000000000ULL * (end.tv_sec - start.tv_sec); if (duration < 500000000ULL) continue; printf("%9ld loops in %.5fs = %7.2f nsec / loop\n", loops, float(duration) * 1e-9, float(duration) / loops); break; } } #endif static double tv_diff(const struct timeval &a, const struct timeval &b) { return double(a.tv_sec - b.tv_sec) + double((int)a.tv_usec - (int)b.tv_usec) * 1e-6; } int test(int argc, char **argv) { printf("Testing gettimeofday...\n"); struct timeval tv_sys, tv_vdso, tv_vsys; struct timezone tz_sys, tz_vdso, tz_vsys; int ret_sys = sys_gtod(&tv_sys, &tz_sys); int ret_vdso = -1; if (vdso_gtod) ret_vdso = vdso_gtod(&tv_vdso, &tz_vdso); int ret_vsys = vgtod(&tv_vsys, &tz_vsys); if (ret_sys) { printf(" syscall failed\n"); } else { if (ret_vdso == 0) { if (tz_sys.tz_minuteswest != tz_vdso.tz_minuteswest || tz_sys.tz_dsttime != tz_vdso.tz_dsttime) printf(" vDSO tz mismatch\n"); else printf(" vDSO offset = %.6fs\n", tv_diff(tv_vdso, tv_sys)); } else if (vdso_gtod) { printf(" vDSO failed\n"); } if (ret_vsys == 0) { if (tz_sys.tz_minuteswest != tz_vsys.tz_minuteswest || tz_sys.tz_dsttime != tz_vsys.tz_dsttime) printf(" vsyscall tz mismatch\n"); else printf(" vsyscall offset = %.6fs\n", tv_diff(tv_vsys, tv_sys)); } } printf("\nTesting time...\n"); long t_sys, t_vdso = 0, t_vsys; long t2_sys = -1, t2_vdso = -1, t2_vsys = -1; t_sys = sys_time(&t2_sys); if (vdso_time) t_vdso = vdso_time(&t2_vdso); t_vsys = vtime(&t2_vsys); if (t_sys < 0 || t_sys != t2_sys) { printf(" syscall failed (ret:%ld output:%ld)\n", t_sys, t2_sys); } else { if (vdso_time) { if (t_vdso < 0 || t_vdso != t2_vdso) printf(" vDSO failed (ret:%ld output:%ld)\n", t_vdso, t2_vdso); else printf(" vDSO offset = %ld\n", t_vdso - t_sys); } if (t_vsys < 0 || t_vsys != t2_vsys) printf(" vsyscall failed (ret:%ld output:%ld)\n", t_vsys, t2_vsys); else printf(" vsyscall offset = %ld\n", t_vsys - t_sys); } printf("Testing getcpu...\n"); unsigned cpu_vdso, cpu_vsys, node_vdso, node_vsys; ret_vdso = vdso_getcpu(&cpu_vdso, &node_vdso, 0); ret_vsys = vgetcpu(&cpu_vsys, &node_vsys, 0); if (ret_vdso) printf(" vDSO failed (ret:%ld)\n", (unsigned long)ret_vdso); if (ret_vsys) printf(" vsyscall failed (ret:%ld)\n", (unsigned long)ret_vdso); if (ret_vdso == 0 && ret_vsys == 0) { if (cpu_vdso != cpu_vsys) printf(" cpu mismatch (vdso:%u vsyscall:%u)!\n", cpu_vdso, cpu_vsys); else if (node_vdso != node_vsys) printf(" node mismatch (vdso:%u vsyscall:%u)!\n", node_vdso, node_vsys); else printf(" ok! cpu=%u node=%u\n", cpu_vdso, node_vdso); } return 0; } int bench(int argc, char **argv) { struct timeval tv; struct timezone tz; #if 0 benchmark(" syscall gettimeofday", [&]{sys_gtod(&tv, &tz);}); benchmark(" vdso gettimeofday", [&]{vdso_gtod(&tv, &tz);}); benchmark("vsyscall gettimeofday", [&]{vgtod(&tv, &tz);}); printf("\n"); time_t t; benchmark(" syscall time ", [&]{sys_time(&t);}); if (vdso_time) benchmark(" vdso time ", [&]{vdso_time(&t);}); benchmark("vsyscall time ", [&]{vtime(&t);}); printf("\n"); unsigned cpu, node; benchmark(" vdso getcpu ", [&]{vdso_getcpu(&cpu, &node, 0);}); benchmark("vsyscall getcpu ", [&]{vgetcpu(&cpu, &node, 0);}); printf("\n"); benchmark("dummy syscall ", [&]{syscall(0xffffffff);}); #endif return 0; } int call(int argc, char **argv) { if (argc != 5) { printf("Usage: call \n"); return 1; } unsigned long addr, rax, arg1, arg2, arg3; char *end; addr = strtoull(argv[0], &end, 0); if (*end) goto bad; rax = strtoull(argv[1], &end, 0); if (*end) goto bad; arg1 = strtoull(argv[2], &end, 0); if (*end) goto bad; arg2 = strtoull(argv[3], &end, 0); if (*end) goto bad; arg3 = strtoull(argv[4], &end, 0); if (*end) goto bad; unsigned long ret; asm volatile("call *%[addr]" : "=a" (ret) : [addr] "rm" (addr), "a" (rax), "D" (arg1), "S" (arg2), "d" (arg3)); printf("Return value = %ld\n", ret); return 0; bad: printf("Bad arg\n"); return 1; } int intcc(int argc, char **argv) { if (argc != 0) { printf("Usage: intcc\n"); return 1; } extern char intcc_addr; printf("About to execute int 0xcc from RIP = %lX\n", (unsigned long)&intcc_addr); asm volatile ("intcc_addr: int $0xcc"); return 0; } struct __attribute__((packed)) farptr { uint32_t offset; uint16_t sel; }; static bool to_farptr(farptr *out, uint16_t sel, void *offset) { out->sel = sel; out->offset = (uint32_t)(unsigned long)offset; return out->offset == (unsigned long)offset; } int intcc32(int argc, char **argv) { if (argc != 0) { printf("Usage: intcc32\n"); return 1; } // Install a 32-bit code descriptor struct user_desc desc; memset(&desc, 0, sizeof(desc)); desc.entry_number = 0; desc.base_addr = 0; desc.limit = 0xFFFFF; desc.seg_32bit = 1; desc.contents = MODIFY_LDT_CONTENTS_CODE; desc.limit_in_pages = 1; if (modify_ldt(1, &desc, sizeof(desc)) != 0) { perror("modify_ldt"); return 1; } /* Load the initial CS. */ uint16_t initial_cs; asm ("mov %%cs,%[initial_cs]" : [initial_cs] "=rm" (initial_cs)); printf("Initial CS = 0x%04X (entry %d)\n", (unsigned)initial_cs, (int)(initial_cs >> 3)); extern char landing_32, landing_64; /* Set up the pointers. */ static farptr ptr32, ptr64; if (!to_farptr(&ptr32, 0x4, &landing_32) || !to_farptr(&ptr64, initial_cs, &landing_64)) { printf("Something's mapped too high\n"); return 1; } /* Go for it! */ asm volatile ( "mov %%rsp,%%rsi\n" // Save rsp (avoids truncation). "ljmpl *(%%eax)\n" // Switch to 32-bit mode. // 32-bit mode! // (Well, sort of. DS and ES are 0, so we can't use them.) ".code32\n" "landing_32:\n" "\tint $0xcc\n" // Try int 0xcc. "\tljmpl *%%cs:(%%ecx)\n" // Switch back. // 64-bit mode again! ".code64\n" "landing_64:\n" "\tmov %%rsi,%%rsp" : : "a" (&ptr32), "c" (&ptr64) : "rsi", "cc"); printf("Holy cow! We survived!\n"); return 0; } int main(int argc, char **argv) { struct sigaction sa_segv; memset(&sa_segv, 0, sizeof(sa_segv)); sa_segv.sa_sigaction = segv; sa_segv.sa_flags = SA_SIGINFO; sigemptyset(&sa_segv.sa_mask); if (sigaction(SIGSEGV, &sa_segv, 0)) perror("sigaction"); init_vdso(); if (argc < 2) { printf("Usage: test_vsyscall ...\n" "command := { test, bench, intcc, call }\n"); return 1; } if (!strcmp(argv[1], "test")) return test(argc - 2, argv + 2); if (!strcmp(argv[1], "bench")) return bench(argc - 2, argv + 2); if (!strcmp(argv[1], "intcc")) return intcc(argc - 2, argv + 2); if (!strcmp(argv[1], "intcc32")) return intcc32(argc - 2, argv + 2); if (!strcmp(argv[1], "call")) return call(argc - 2, argv + 2); printf("Unknown command\n"); return 1; } --Kj7319i9nmIyA2yE--