From mboxrd@z Thu Jan 1 00:00:00 1970 From: Xen.org security team Subject: Xen Security Advisory 282 v1 - guest use of HLE constructs may lock up host Date: Tue, 06 Nov 2018 18:41:04 +0000 Message-ID: Mime-Version: 1.0 Content-Type: multipart/mixed; boundary="=separator"; charset="utf-8" Content-Transfer-Encoding: binary Return-path: List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Errors-To: xen-devel-bounces@lists.xenproject.org Sender: "Xen-devel" To: xen-announce@lists.xen.org, xen-devel@lists.xen.org, xen-users@lists.xen.org, oss-security@lists.openwall.com Cc: "Xen.org security team" List-Id: xen-devel@lists.xenproject.org --=separator Content-Type: text/plain; charset="utf-8" Content-Disposition: inline Content-Transfer-Encoding: 7bit -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Xen Security Advisory XSA-282 guest use of HLE constructs may lock up host ISSUE DESCRIPTION ================= Various Intel CPU models have an erratum listed under the title "Processor May Hang When Executing Code In an HLE Transaction". It describes a potential hang when using instructions with the XACQUIRE prefix on the host physical memory range covering the first 4 MiB starting at the 1GiB boundary. IMPACT ====== A malicious or buggy guest may cause a CPU to hang, resulting in a DoS (Denial of Service) affecting the entire host. VULNERABLE SYSTEMS ================== All Xen versions are affected. Only Intel based x86 systems are affected. Please refer to Intel documentation as to which specific CPU models are affected. AMD x86 systems as well as Arm ones are not affected. MITIGATION ========== There is no known mitigation. A BIOS update may be available for some systems, working around the issue at the firmware level. RESOLUTION ========== Applying the appropriate pair of attached patches works around this issue for the CPU models known to be affected at the time of writing. xsa282-?.patch xen-unstable xsa282-4.11-1.patch + xsa282-2.patch Xen 4.11.x, Xen 4.10.x xsa282-4.9-1.patch + xsa282-2.patch Xen 4.9.x xsa282-4.9-1.patch + xsa282-4.8-2.patch Xen 4.8.x, Xen 4.7.x $ sha256sum xsa282* 6ef64ca920a58ed9185e81fad3dfa9ca5f6316f1e72ddd4f411f3e79eaf79903 xsa282.meta ad7093e00b3d6650530c95427ef0e68880883f0cec7229b5f41c9e2dc497ffd5 xsa282-1.patch 7ce7fa105026b189500a31bd3978ec0c6fd9d7c95f688463c25ecce76366be35 xsa282-2.patch fbff734d678700864563f8214361f391c0cbda9b67ed7256535ed3db388c8feb xsa282-4.8-2.patch df833cbe9b8798104a65d44b737c46f97399b86b0ffd03c99fda4c8ecf5a353c xsa282-4.9-1.patch 68eab296a7124662cbe3c6df8835aff9b4a26160fdbe970e206a7a6ef8d27ec7 xsa282-4.11-1.patch $ NOTE REGARDING LACK OF EMBARGO ============================== The issue has been documented publicly in Specification Updates for at least some of the affected processors for quite some time. -----BEGIN PGP SIGNATURE----- iQFABAEBCAAqFiEEI+MiLBRfRHX6gGCng/4UyVfoK9kFAlvh3+0MHHBncEB4ZW4u b3JnAAoJEIP+FMlX6CvZ48QIALQ1hLMewraf+URzsd36EUJNPP+1C8Dg35PavdJ1 mrqBljy/bIYCiLvLm1RwinUPL5vrvkB97/6AjmnpZM83AA3/PLTbh3tpP8fiLUcF YL7wJogvjv51Q3N8mYHjxGGl5YYVdrgxwxbQIuzRnw2gi/ikd0oAoNce/QIF6iFz P2I8VjKuQZ6qEzdKXTTiPNQQzL+OfVGQ+RcsthQieWce53p+n1pI1QqbPOwdYtca /cOhP+vGRzh+4QP50JuN5ikdC/C9KpyjEo5mZVlrZQYPIqzI+vomueCJLPGN3cSY LBcJc/lT/w/LRgygpbUB/OO8RwK5XB9T4Jm/ssXGpCOTs3Y= =Ipfd -----END PGP SIGNATURE----- --=separator Content-Type: application/octet-stream; name="xsa282.meta" Content-Disposition: attachment; filename="xsa282.meta" Content-Transfer-Encoding: base64 ewogICJYU0EiOiAyODIsCiAgIlN1cHBvcnRlZFZlcnNpb25zIjogWwogICAg Im1hc3RlciIsCiAgICAiNC4xMSIsCiAgICAiNC4xMCIsCiAgICAiNC45IiwK ICAgICI0LjgiLAogICAgIjQuNyIKICBdLAogICJUcmVlcyI6IFsKICAgICJ4 ZW4iCiAgXSwKICAiUmVjaXBlcyI6IHsKICAgICI0LjEwIjogewogICAgICAi UmVjaXBlcyI6IHsKICAgICAgICAieGVuIjogewogICAgICAgICAgIlN0YWJs ZVJlZiI6ICJjODQxYzgyYTUzNDljZDU2YWRiOGZkNDkwN2JmNWFkOTU2M2Vh YTdlIiwKICAgICAgICAgICJQcmVyZXFzIjogWwogICAgICAgICAgXSwKICAg ICAgICAgICJQYXRjaGVzIjogWwogICAgICAgICAgICAieHNhMjgyLTQuMTEt MS5wYXRjaCIsCiAgICAgICAgICAgICJ4c2EyODItMi5wYXRjaCIKICAgICAg ICAgIF0KICAgICAgICB9CiAgICAgIH0KICAgIH0sCiAgICAiNC4xMSI6IHsK ICAgICAgIlJlY2lwZXMiOiB7CiAgICAgICAgInhlbiI6IHsKICAgICAgICAg ICJTdGFibGVSZWYiOiAiOGFkNDYyYTM0ZjA2NTRjMjU2YzE5NzQwNjU4NzY4 NmZlNDIyODU0NiIsCiAgICAgICAgICAiUHJlcmVxcyI6IFsKICAgICAgICAg IF0sCiAgICAgICAgICAiUGF0Y2hlcyI6IFsKICAgICAgICAgICAgInhzYTI4 Mi00LjExLTEucGF0Y2giLAogICAgICAgICAgICAieHNhMjgyLTIucGF0Y2gi CiAgICAgICAgICBdCiAgICAgICAgfQogICAgICB9CiAgICB9LAogICAgIjQu NyI6IHsKICAgICAgIlJlY2lwZXMiOiB7CiAgICAgICAgInhlbiI6IHsKICAg ICAgICAgICJTdGFibGVSZWYiOiAiM2QzM2NjNmRkZjM3MDI2YjU1MzBmODNm NWZhM2FmMDViMjJmOWU0MyIsCiAgICAgICAgICAiUHJlcmVxcyI6IFsKICAg ICAgICAgIF0sCiAgICAgICAgICAiUGF0Y2hlcyI6IFsKICAgICAgICAgICAg InhzYTI4Mi00LjktMS5wYXRjaCIsCiAgICAgICAgICAgICJ4c2EyODItNC44 LTIucGF0Y2giCiAgICAgICAgICBdCiAgICAgICAgfQogICAgICB9CiAgICB9 LAogICAgIjQuOCI6IHsKICAgICAgIlJlY2lwZXMiOiB7CiAgICAgICAgInhl biI6IHsKICAgICAgICAgICJTdGFibGVSZWYiOiAiODhiNWUzNjhjZTA4YWFm Zjc4ZGI1ZTNlZGM0YzQ4ODk0NTgzNzc1MCIsCiAgICAgICAgICAiUHJlcmVx cyI6IFsKICAgICAgICAgIF0sCiAgICAgICAgICAiUGF0Y2hlcyI6IFsKICAg ICAgICAgICAgInhzYTI4Mi00LjktMS5wYXRjaCIsCiAgICAgICAgICAgICJ4 c2EyODItNC44LTIucGF0Y2giCiAgICAgICAgICBdCiAgICAgICAgfQogICAg ICB9CiAgICB9LAogICAgIjQuOSI6IHsKICAgICAgIlJlY2lwZXMiOiB7CiAg ICAgICAgInhlbiI6IHsKICAgICAgICAgICJTdGFibGVSZWYiOiAiMWJkN2Mx N2M1ZTk3NmZlYzRhZDBkOGJhNzg1YWM3OGYzNmVlZjYyOCIsCiAgICAgICAg ICAiUHJlcmVxcyI6IFsKICAgICAgICAgIF0sCiAgICAgICAgICAiUGF0Y2hl cyI6IFsKICAgICAgICAgICAgInhzYTI4Mi00LjktMS5wYXRjaCIsCiAgICAg ICAgICAgICJ4c2EyODItMi5wYXRjaCIKICAgICAgICAgIF0KICAgICAgICB9 CiAgICAgIH0KICAgIH0sCiAgICAibWFzdGVyIjogewogICAgICAiUmVjaXBl cyI6IHsKICAgICAgICAieGVuIjogewogICAgICAgICAgIlN0YWJsZVJlZiI6 ICJjZTJmNDI2MDU4ODhmMThmNjNmZjlmZTBkNDVkZDY5YWU4MzA0NWJiIiwK ICAgICAgICAgICJQcmVyZXFzIjogWwogICAgICAgICAgXSwKICAgICAgICAg ICJQYXRjaGVzIjogWwogICAgICAgICAgICAieHNhMjgyLT8ucGF0Y2giCiAg ICAgICAgICBdCiAgICAgICAgfQogICAgICB9CiAgICB9CiAgfQp9 --=separator Content-Type: application/octet-stream; name="xsa282-1.patch" Content-Disposition: attachment; filename="xsa282-1.patch" Content-Transfer-Encoding: base64 RnJvbTogSmFuIEJldWxpY2ggPGpiZXVsaWNoQHN1c2UuY29tPgpTdWJqZWN0 OiB4ODY6IGV4dGVuZCBnZXRfcGxhdGZvcm1fYmFkcGFnZXMoKSBpbnRlcmZh Y2UKClVzZSBhIHN0cnVjdHVyZSBzbyBhbG9uZyB3aXRoIGFuIGFkZHJlc3Mg KG5vdyBmcmFtZSBudW1iZXIpIGFuIG9yZGVyIGNhbgphbHNvIGJlIHNwZWNp ZmllZC4KClRoaXMgaXMgcGFydCBvZiBYU0EtMjgyLgoKU2lnbmVkLW9mZi1i eTogSmFuIEJldWxpY2ggPGpiZXVsaWNoQHN1c2UuY29tPgpSZXZpZXdlZC1i eTogQW5kcmV3IENvb3BlciA8YW5kcmV3LmNvb3BlcjNAY2l0cml4LmNvbT4K Ci0tLSBhL3hlbi9hcmNoL3g4Ni9ndWVzdC94ZW4uYworKysgYi94ZW4vYXJj aC94ODYvZ3Vlc3QveGVuLmMKQEAgLTQwLDcgKzQwLDcgQEAgYm9vbCBfX3Jl YWRfbW9zdGx5IHhlbl9ndWVzdDsKIHN0YXRpYyBfX3JlYWRfbW9zdGx5IHVp bnQzMl90IHhlbl9jcHVpZF9iYXNlOwogZXh0ZXJuIGNoYXIgaHlwZXJjYWxs X3BhZ2VbXTsKIHN0YXRpYyBzdHJ1Y3QgcmFuZ2VzZXQgKm1lbTsKLXN0YXRp YyB1bnNpZ25lZCBsb25nIF9faW5pdGRhdGEgcmVzZXJ2ZWRfcGFnZXNbMl07 CitzdGF0aWMgc3RydWN0IHBsYXRmb3JtX2JhZF9wYWdlIF9faW5pdGRhdGEg cmVzZXJ2ZWRfcGFnZXNbMl07CiAKIERFRklORV9QRVJfQ1BVKHVuc2lnbmVk IGludCwgdmNwdV9pZCk7CiAKQEAgLTMyNiw3ICszMjYsNyBAQCB2b2lkIF9f aW5pdCBoeXBlcnZpc29yX2ZpeHVwX2U4MjAoc3RydWN0CiAgICAgICAgIHBh bmljKCJVbmFibGUgdG8gZ2V0ICIgI3AgIlxuIik7ICAgICAgICBcCiAgICAg bWFya19wZm5fYXNfcmFtKGU4MjAsIHBmbik7ICAgICAgICAgICAgICAgICBc CiAgICAgQVNTRVJUKGkgPCBBUlJBWV9TSVpFKHJlc2VydmVkX3BhZ2VzKSk7 ICAgICBcCi0gICAgcmVzZXJ2ZWRfcGFnZXNbaSsrXSA9IHBmbiA8PCBQQUdF X1NISUZUOyAgICBcCisgICAgcmVzZXJ2ZWRfcGFnZXNbaSsrXS5tZm4gPSBw Zm47ICAgICAgICAgICAgICBcCiB9KQogICAgIE1BUktfUEFSQU1fUkFNKEhW TV9QQVJBTV9TVE9SRV9QRk4pOwogICAgIGlmICggIXB2X2NvbnNvbGUgKQpA QCAtMzM0LDcgKzMzNCw3IEBAIHZvaWQgX19pbml0IGh5cGVydmlzb3JfZml4 dXBfZTgyMChzdHJ1Y3QKICN1bmRlZiBNQVJLX1BBUkFNX1JBTQogfQogCi1j b25zdCB1bnNpZ25lZCBsb25nICpfX2luaXQgaHlwZXJ2aXNvcl9yZXNlcnZl ZF9wYWdlcyh1bnNpZ25lZCBpbnQgKnNpemUpCitjb25zdCBzdHJ1Y3QgcGxh dGZvcm1fYmFkX3BhZ2UgKl9faW5pdCBoeXBlcnZpc29yX3Jlc2VydmVkX3Bh Z2VzKHVuc2lnbmVkIGludCAqc2l6ZSkKIHsKICAgICBBU1NFUlQoeGVuX2d1 ZXN0KTsKIAotLS0gYS94ZW4vYXJjaC94ODYvbW0uYworKysgYi94ZW4vYXJj aC94ODYvbW0uYwpAQCAtNTg0MywyMyArNTg0MywyMyBAQCB2b2lkIGFyY2hf ZHVtcF9zaGFyZWRfbWVtX2luZm8odm9pZCkKICAgICAgICAgICAgIG1lbV9z aGFyaW5nX2dldF9ucl9zYXZlZF9tZm5zKCkpOwogfQogCi1jb25zdCB1bnNp Z25lZCBsb25nICpfX2luaXQgZ2V0X3BsYXRmb3JtX2JhZHBhZ2VzKHVuc2ln bmVkIGludCAqYXJyYXlfc2l6ZSkKK2NvbnN0IHN0cnVjdCBwbGF0Zm9ybV9i YWRfcGFnZSAqX19pbml0IGdldF9wbGF0Zm9ybV9iYWRwYWdlcyh1bnNpZ25l ZCBpbnQgKmFycmF5X3NpemUpCiB7CiAgICAgdTMyIGlnZF9pZDsKLSAgICBz dGF0aWMgdW5zaWduZWQgbG9uZyBfX2luaXRkYXRhIGJhZF9wYWdlc1tdID0g ewotICAgICAgICAweDIwMDUwMDAwLAotICAgICAgICAweDIwMTEwMDAwLAot ICAgICAgICAweDIwMTMwMDAwLAotICAgICAgICAweDIwMTM4MDAwLAotICAg ICAgICAweDQwMDA0MDAwLAorICAgIHN0YXRpYyBjb25zdCBzdHJ1Y3QgcGxh dGZvcm1fYmFkX3BhZ2UgX19pbml0Y29uc3Qgc25iX2JhZF9wYWdlc1tdID0g eworICAgICAgICB7IC5tZm4gPSAweDIwMDUwMDAwID4+IFBBR0VfU0hJRlQg fSwKKyAgICAgICAgeyAubWZuID0gMHgyMDExMDAwMCA+PiBQQUdFX1NISUZU IH0sCisgICAgICAgIHsgLm1mbiA9IDB4MjAxMzAwMDAgPj4gUEFHRV9TSElG VCB9LAorICAgICAgICB7IC5tZm4gPSAweDIwMTM4MDAwID4+IFBBR0VfU0hJ RlQgfSwKKyAgICAgICAgeyAubWZuID0gMHg0MDAwNDAwMCA+PiBQQUdFX1NI SUZUIH0sCiAgICAgfTsKIAotICAgICphcnJheV9zaXplID0gQVJSQVlfU0la RShiYWRfcGFnZXMpOworICAgICphcnJheV9zaXplID0gQVJSQVlfU0laRShz bmJfYmFkX3BhZ2VzKTsKICAgICBpZ2RfaWQgPSBwY2lfY29uZl9yZWFkMzIo MCwgMCwgMiwgMCwgMCk7Ci0gICAgaWYgKCAhSVNfU05CX0dGWChpZ2RfaWQp ICkKLSAgICAgICAgcmV0dXJuIE5VTEw7CisgICAgaWYgKCBJU19TTkJfR0ZY KGlnZF9pZCkgKQorICAgICAgICByZXR1cm4gc25iX2JhZF9wYWdlczsKIAot ICAgIHJldHVybiBiYWRfcGFnZXM7CisgICAgcmV0dXJuIE5VTEw7CiB9CiAK IHZvaWQgcGFnaW5nX2ludmxwZyhzdHJ1Y3QgdmNwdSAqdiwgdW5zaWduZWQg bG9uZyBsaW5lYXIpCi0tLSBhL3hlbi9jb21tb24vcGFnZV9hbGxvYy5jCisr KyBiL3hlbi9jb21tb24vcGFnZV9hbGxvYy5jCkBAIC0yNzAsNyArMjcwLDcg QEAgdm9pZCBfX2luaXQgaW5pdF9ib290X3BhZ2VzKHBhZGRyX3QgcHMsCiAg ICAgdW5zaWduZWQgbG9uZyBiYWRfc3BmbiwgYmFkX2VwZm47CiAgICAgY29u c3QgY2hhciAqcDsKICNpZmRlZiBDT05GSUdfWDg2Ci0gICAgY29uc3QgdW5z aWduZWQgbG9uZyAqYmFkcGFnZSA9IE5VTEw7CisgICAgY29uc3Qgc3RydWN0 IHBsYXRmb3JtX2JhZF9wYWdlICpiYWRwYWdlOwogICAgIHVuc2lnbmVkIGlu dCBpLCBhcnJheV9zaXplOwogCiAgICAgQlVJTERfQlVHX09OKDggKiBzaXpl b2YoZnJhbWVfdGFibGUtPnUuZnJlZS5maXJzdF9kaXJ0eSkgPApAQCAtMjk5 LDggKzI5OSw4IEBAIHZvaWQgX19pbml0IGluaXRfYm9vdF9wYWdlcyhwYWRk cl90IHBzLAogICAgIHsKICAgICAgICAgZm9yICggaSA9IDA7IGkgPCBhcnJh eV9zaXplOyBpKysgKQogICAgICAgICB7Ci0gICAgICAgICAgICBib290bWVt X3JlZ2lvbl96YXAoKmJhZHBhZ2UgPj4gUEFHRV9TSElGVCwKLSAgICAgICAg ICAgICAgICAgICAgICAgICAgICAgICAoKmJhZHBhZ2UgPj4gUEFHRV9TSElG VCkgKyAxKTsKKyAgICAgICAgICAgIGJvb3RtZW1fcmVnaW9uX3phcChiYWRw YWdlLT5tZm4sCisgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgYmFk cGFnZS0+bWZuICsgKDFVIDw8IGJhZHBhZ2UtPm9yZGVyKSk7CiAgICAgICAg ICAgICBiYWRwYWdlKys7CiAgICAgICAgIH0KICAgICB9CkBAIC0zMTIsOCAr MzEyLDggQEAgdm9pZCBfX2luaXQgaW5pdF9ib290X3BhZ2VzKHBhZGRyX3Qg cHMsCiAgICAgICAgIHsKICAgICAgICAgICAgIGZvciAoIGkgPSAwOyBpIDwg YXJyYXlfc2l6ZTsgaSsrICkKICAgICAgICAgICAgIHsKLSAgICAgICAgICAg ICAgICBib290bWVtX3JlZ2lvbl96YXAoKmJhZHBhZ2UgPj4gUEFHRV9TSElG VCwKLSAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgKCpiYWRw YWdlID4+IFBBR0VfU0hJRlQpICsgMSk7CisgICAgICAgICAgICAgICAgYm9v dG1lbV9yZWdpb25femFwKGJhZHBhZ2UtPm1mbiwKKyAgICAgICAgICAgICAg ICAgICAgICAgICAgICAgICAgICAgYmFkcGFnZS0+bWZuICsgKDFVIDw8IGJh ZHBhZ2UtPm9yZGVyKSk7CiAgICAgICAgICAgICAgICAgYmFkcGFnZSsrOwog ICAgICAgICAgICAgfQogICAgICAgICB9Ci0tLSBhL3hlbi9pbmNsdWRlL2Fz bS14ODYvZ3Vlc3QveGVuLmgKKysrIGIveGVuL2luY2x1ZGUvYXNtLXg4Ni9n dWVzdC94ZW4uaApAQCAtMzcsNyArMzcsNyBAQCB2b2lkIGh5cGVydmlzb3Jf YXBfc2V0dXAodm9pZCk7CiBpbnQgaHlwZXJ2aXNvcl9hbGxvY191bnVzZWRf cGFnZShtZm5fdCAqbWZuKTsKIGludCBoeXBlcnZpc29yX2ZyZWVfdW51c2Vk X3BhZ2UobWZuX3QgbWZuKTsKIHZvaWQgaHlwZXJ2aXNvcl9maXh1cF9lODIw KHN0cnVjdCBlODIwbWFwICplODIwKTsKLWNvbnN0IHVuc2lnbmVkIGxvbmcg Kmh5cGVydmlzb3JfcmVzZXJ2ZWRfcGFnZXModW5zaWduZWQgaW50ICpzaXpl KTsKK2NvbnN0IHN0cnVjdCBwbGF0Zm9ybV9iYWRfcGFnZSAqaHlwZXJ2aXNv cl9yZXNlcnZlZF9wYWdlcyh1bnNpZ25lZCBpbnQgKnNpemUpOwogdWludDMy X3QgaHlwZXJ2aXNvcl9jcHVpZF9iYXNlKHZvaWQpOwogdm9pZCBoeXBlcnZp c29yX3Jlc3VtZSh2b2lkKTsKIApAQCAtNjUsNyArNjUsNyBAQCBzdGF0aWMg aW5saW5lIHZvaWQgaHlwZXJ2aXNvcl9maXh1cF9lODIwCiAgICAgQVNTRVJU X1VOUkVBQ0hBQkxFKCk7CiB9CiAKLXN0YXRpYyBpbmxpbmUgY29uc3QgdW5z aWduZWQgbG9uZyAqaHlwZXJ2aXNvcl9yZXNlcnZlZF9wYWdlcyh1bnNpZ25l ZCBpbnQgKnNpemUpCitzdGF0aWMgaW5saW5lIGNvbnN0IHN0cnVjdCBwbGF0 Zm9ybV9iYWRfcGFnZSAqaHlwZXJ2aXNvcl9yZXNlcnZlZF9wYWdlcyh1bnNp Z25lZCBpbnQgKnNpemUpCiB7CiAgICAgQVNTRVJUX1VOUkVBQ0hBQkxFKCk7 CiAgICAgcmV0dXJuIE5VTEw7Ci0tLSBhL3hlbi9pbmNsdWRlL2FzbS14ODYv bW0uaAorKysgYi94ZW4vaW5jbHVkZS9hc20teDg2L21tLmgKQEAgLTM0MSw3 ICszNDEsMTMgQEAgdm9pZCB6YXBfcm9fbXB0KG1mbl90IG1mbik7CiAKIGJv b2wgaXNfaW9tZW1fcGFnZShtZm5fdCBtZm4pOwogCi1jb25zdCB1bnNpZ25l ZCBsb25nICpnZXRfcGxhdGZvcm1fYmFkcGFnZXModW5zaWduZWQgaW50ICph cnJheV9zaXplKTsKK3N0cnVjdCBwbGF0Zm9ybV9iYWRfcGFnZSB7CisgICAg dW5zaWduZWQgbG9uZyBtZm47CisgICAgdW5zaWduZWQgaW50IG9yZGVyOwor fTsKKworY29uc3Qgc3RydWN0IHBsYXRmb3JtX2JhZF9wYWdlICpnZXRfcGxh dGZvcm1fYmFkcGFnZXModW5zaWduZWQgaW50ICphcnJheV9zaXplKTsKKwog LyogUGVyIHBhZ2UgbG9ja3M6CiAgKiBwYWdlX2xvY2soKSBpcyB1c2VkIGZv ciB0d28gcHVycG9zZXM6IHB0ZSBzZXJpYWxpemF0aW9uLCBhbmQgbWVtb3J5 IHNoYXJpbmcuCiAgKgo= --=separator Content-Type: application/octet-stream; name="xsa282-2.patch" Content-Disposition: attachment; filename="xsa282-2.patch" Content-Transfer-Encoding: base64 RnJvbTogSmFuIEJldWxpY2ggPGpiZXVsaWNoQHN1c2UuY29tPgpTdWJqZWN0 OiB4ODY6IHdvcmsgYXJvdW5kIEhMRSBob3N0IGxvY2t1cCBlcnJhdHVtCgpY QUNRVUlSRSBwcmVmaXhlZCBhY2Nlc3NlcyB0byB0aGUgNE1iIHJhbmdlIG9m IG1lbW9yeSBzdGFydGluZyBhdCAxR2IKYXJlIGxpYWJsZSB0byBsb2NrIHVw IHRoZSBwcm9jZXNzb3IuIERpc2FsbG93IHVzZSBvZiB0aGlzIG1lbW9yeSBy YW5nZS4KClVuZm9ydHVuYXRlbHkgdGhlIGF2YWlsYWJsZSBDb3JlIEdlbjcg YW5kIEdlbjggc3BlYyB1cGRhdGVzIGFyZSBwcmV0dHkKb2xkLCBzbyBJIGNh biBvbmx5IGd1ZXNzIHRoYXQgdGhleSdyZSBzaW1pbGFybHkgYWZmZWN0ZWQg d2hlbiBDb3JlIEdlbjYKaXMgYW5kIHRoZSBYZW9uIGNvdW50ZXJwYXJ0cyBh cmUsIHRvby4KClRoaXMgaXMgcGFydCBvZiBYU0EtMjgyLgoKU2lnbmVkLW9m Zi1ieTogSmFuIEJldWxpY2ggPGpiZXVsaWNoQHN1c2UuY29tPgpSZXZpZXdl ZC1ieTogQW5kcmV3IENvb3BlciA8YW5kcmV3LmNvb3BlcjNAY2l0cml4LmNv bT4KLS0tCnYyOiBEb24ndCBhcHBseSB0aGUgd29ya2Fyb3VuZCB3aGVuIHJ1 bm5pbmcgb3Vyc2VsdmVzIHZpcnR1YWxpemVkLgoKLS0tIGEveGVuL2FyY2gv eDg2L21tLmMKKysrIGIveGVuL2FyY2gveDg2L21tLmMKQEAgLTU4NTMsNiAr NTg1MywyMiBAQCBjb25zdCBzdHJ1Y3QgcGxhdGZvcm1fYmFkX3BhZ2UgKl9f aW5pdCBnCiAgICAgICAgIHsgLm1mbiA9IDB4MjAxMzgwMDAgPj4gUEFHRV9T SElGVCB9LAogICAgICAgICB7IC5tZm4gPSAweDQwMDA0MDAwID4+IFBBR0Vf U0hJRlQgfSwKICAgICB9OworICAgIHN0YXRpYyBjb25zdCBzdHJ1Y3QgcGxh dGZvcm1fYmFkX3BhZ2UgX19pbml0Y29uc3QgaGxlX2JhZF9wYWdlID0gewor ICAgICAgICAubWZuID0gMHg0MDAwMDAwMCA+PiBQQUdFX1NISUZULCAub3Jk ZXIgPSAxMAorICAgIH07CisKKyAgICBzd2l0Y2ggKCBjcHVpZF9lYXgoMSkg JiAweDAwMGYzZmYwICkKKyAgICB7CisgICAgY2FzZSAweDAwMDQwNmUwOiAv KiBlcnJhdHVtIFNLTDE2NyAqLworICAgIGNhc2UgMHgwMDA1MDY1MDogLyog ZXJyYXR1bSBTS1o2MyAqLworICAgIGNhc2UgMHgwMDA1MDZlMDogLyogZXJy YXRhIFNLTDE2NyAvIFNLVzE1OSAqLworICAgIGNhc2UgMHgwMDA4MDZlMDog LyogZXJyYXR1bSBLQkw/Pz8gKi8KKyAgICBjYXNlIDB4MDAwOTA2ZTA6IC8q IGVycmF0YSBLQkw/Pz8gLyBLQlcxMTQgLyBDRlcxMDMgKi8KKyAgICAgICAg KmFycmF5X3NpemUgPSAoY3B1aWRfZWF4KDApID49IDcgJiYKKyAgICAgICAg ICAgICAgICAgICAgICAgIShjcHVpZF9lY3goMSkgJiBjcHVmZWF0X21hc2so WDg2X0ZFQVRVUkVfSFlQRVJWSVNPUikpICYmCisgICAgICAgICAgICAgICAg ICAgICAgIChjcHVpZF9jb3VudF9lYngoNywgMCkgJiBjcHVmZWF0X21hc2so WDg2X0ZFQVRVUkVfSExFKSkpOworICAgICAgICByZXR1cm4gJmhsZV9iYWRf cGFnZTsKKyAgICB9CiAKICAgICAqYXJyYXlfc2l6ZSA9IEFSUkFZX1NJWkUo c25iX2JhZF9wYWdlcyk7CiAgICAgaWdkX2lkID0gcGNpX2NvbmZfcmVhZDMy KDAsIDAsIDIsIDAsIDApOwo= --=separator Content-Type: application/octet-stream; name="xsa282-4.8-2.patch" Content-Disposition: attachment; filename="xsa282-4.8-2.patch" Content-Transfer-Encoding: base64 RnJvbTogSmFuIEJldWxpY2ggPGpiZXVsaWNoQHN1c2UuY29tPgpTdWJqZWN0 OiB4ODY6IHdvcmsgYXJvdW5kIEhMRSBob3N0IGxvY2t1cCBlcnJhdHVtCgpY QUNRVUlSRSBwcmVmaXhlZCBhY2Nlc3NlcyB0byB0aGUgNE1iIHJhbmdlIG9m IG1lbW9yeSBzdGFydGluZyBhdCAxR2IKYXJlIGxpYWJsZSB0byBsb2NrIHVw IHRoZSBwcm9jZXNzb3IuIERpc2FsbG93IHVzZSBvZiB0aGlzIG1lbW9yeSBy YW5nZS4KClVuZm9ydHVuYXRlbHkgdGhlIGF2YWlsYWJsZSBDb3JlIEdlbjcg YW5kIEdlbjggc3BlYyB1cGRhdGVzIGFyZSBwcmV0dHkKb2xkLCBzbyBJIGNh biBvbmx5IGd1ZXNzIHRoYXQgdGhleSdyZSBzaW1pbGFybHkgYWZmZWN0ZWQg d2hlbiBDb3JlIEdlbjYKaXMgYW5kIHRoZSBYZW9uIGNvdW50ZXJwYXJ0cyBh cmUsIHRvby4KClRoaXMgaXMgcGFydCBvZiBYU0EtMjgyLgoKU2lnbmVkLW9m Zi1ieTogSmFuIEJldWxpY2ggPGpiZXVsaWNoQHN1c2UuY29tPgpSZXZpZXdl ZC1ieTogQW5kcmV3IENvb3BlciA8YW5kcmV3LmNvb3BlcjNAY2l0cml4LmNv bT4KCi0tLSBhL3hlbi9hcmNoL3g4Ni9tbS5jCisrKyBiL3hlbi9hcmNoL3g4 Ni9tbS5jCkBAIC02OTg5LDYgKzY5ODksMjUgQEAgY29uc3Qgc3RydWN0IHBs YXRmb3JtX2JhZF9wYWdlICpfX2luaXQgZwogICAgICAgICB7IC5tZm4gPSAw eDIwMTM4MDAwID4+IFBBR0VfU0hJRlQgfSwKICAgICAgICAgeyAubWZuID0g MHg0MDAwNDAwMCA+PiBQQUdFX1NISUZUIH0sCiAgICAgfTsKKyAgICBzdGF0 aWMgY29uc3Qgc3RydWN0IHBsYXRmb3JtX2JhZF9wYWdlIF9faW5pdGNvbnN0 IGhsZV9iYWRfcGFnZSA9IHsKKyAgICAgICAgLm1mbiA9IDB4NDAwMDAwMDAg Pj4gUEFHRV9TSElGVCwgLm9yZGVyID0gMTAKKyAgICB9OworCisgICAgc3dp dGNoICggY3B1aWRfZWF4KDEpICYgMHgwMDBmM2ZmMCApCisgICAgeworICAg ICAgICB1bnNpZ25lZCBpbnQgZWJ4LCBkdW1teTsKKworICAgIGNhc2UgMHgw MDA0MDZlMDogLyogZXJyYXR1bSBTS0wxNjcgKi8KKyAgICBjYXNlIDB4MDAw NTA2NTA6IC8qIGVycmF0dW0gU0taNjMgKi8KKyAgICBjYXNlIDB4MDAwNTA2 ZTA6IC8qIGVycmF0YSBTS0wxNjcgLyBTS1cxNTkgKi8KKyAgICBjYXNlIDB4 MDAwODA2ZTA6IC8qIGVycmF0dW0gS0JMPz8/ICovCisgICAgY2FzZSAweDAw MDkwNmUwOiAvKiBlcnJhdGEgS0JMPz8/IC8gS0JXMTE0IC8gQ0ZXMTAzICov CisgICAgICAgICphcnJheV9zaXplID0gKGNwdWlkX2VheCgwKSA+PSA3ICYm CisgICAgICAgICAgICAgICAgICAgICAgICEoY3B1aWRfZWN4KDEpICYgY3B1 ZmVhdF9tYXNrKFg4Nl9GRUFUVVJFX0hZUEVSVklTT1IpKSAmJgorICAgICAg ICAgICAgICAgICAgICAgICAoY3B1aWRfY291bnQoNywgMCwgJmR1bW15LCAm ZWJ4LCAmZHVtbXksICZkdW1teSksCisgICAgICAgICAgICAgICAgICAgICAg ICBlYnggJiBjcHVmZWF0X21hc2soWDg2X0ZFQVRVUkVfSExFKSkpOworICAg ICAgICByZXR1cm4gJmhsZV9iYWRfcGFnZTsKKyAgICB9CiAKICAgICAqYXJy YXlfc2l6ZSA9IEFSUkFZX1NJWkUoc25iX2JhZF9wYWdlcyk7CiAgICAgaWdk X2lkID0gcGNpX2NvbmZfcmVhZDMyKDAsIDAsIDIsIDAsIDApOwo= --=separator Content-Type: application/octet-stream; name="xsa282-4.9-1.patch" Content-Disposition: attachment; filename="xsa282-4.9-1.patch" Content-Transfer-Encoding: base64 RnJvbTogSmFuIEJldWxpY2ggPGpiZXVsaWNoQHN1c2UuY29tPgpTdWJqZWN0 OiB4ODY6IGV4dGVuZCBnZXRfcGxhdGZvcm1fYmFkcGFnZXMoKSBpbnRlcmZh Y2UKClVzZSBhIHN0cnVjdHVyZSBzbyBhbG9uZyB3aXRoIGFuIGFkZHJlc3Mg KG5vdyBmcmFtZSBudW1iZXIpIGFuIG9yZGVyIGNhbgphbHNvIGJlIHNwZWNp ZmllZC4KClRoaXMgaXMgcGFydCBvZiBYU0EtMjgyLgoKU2lnbmVkLW9mZi1i eTogSmFuIEJldWxpY2ggPGpiZXVsaWNoQHN1c2UuY29tPgpSZXZpZXdlZC1i eTogQW5kcmV3IENvb3BlciA8YW5kcmV3LmNvb3BlcjNAY2l0cml4LmNvbT4K Ci0tLSBhL3hlbi9hcmNoL3g4Ni9tbS5jCisrKyBiL3hlbi9hcmNoL3g4Ni9t bS5jCkBAIC03MTExLDIzICs3MTExLDIzIEBAIHZvaWQgYXJjaF9kdW1wX3No YXJlZF9tZW1faW5mbyh2b2lkKQogICAgICAgICAgICAgbWVtX3NoYXJpbmdf Z2V0X25yX3NhdmVkX21mbnMoKSk7CiB9CiAKLWNvbnN0IHVuc2lnbmVkIGxv bmcgKl9faW5pdCBnZXRfcGxhdGZvcm1fYmFkcGFnZXModW5zaWduZWQgaW50 ICphcnJheV9zaXplKQorY29uc3Qgc3RydWN0IHBsYXRmb3JtX2JhZF9wYWdl ICpfX2luaXQgZ2V0X3BsYXRmb3JtX2JhZHBhZ2VzKHVuc2lnbmVkIGludCAq YXJyYXlfc2l6ZSkKIHsKICAgICB1MzIgaWdkX2lkOwotICAgIHN0YXRpYyB1 bnNpZ25lZCBsb25nIF9faW5pdGRhdGEgYmFkX3BhZ2VzW10gPSB7Ci0gICAg ICAgIDB4MjAwNTAwMDAsCi0gICAgICAgIDB4MjAxMTAwMDAsCi0gICAgICAg IDB4MjAxMzAwMDAsCi0gICAgICAgIDB4MjAxMzgwMDAsCi0gICAgICAgIDB4 NDAwMDQwMDAsCisgICAgc3RhdGljIGNvbnN0IHN0cnVjdCBwbGF0Zm9ybV9i YWRfcGFnZSBfX2luaXRjb25zdCBzbmJfYmFkX3BhZ2VzW10gPSB7CisgICAg ICAgIHsgLm1mbiA9IDB4MjAwNTAwMDAgPj4gUEFHRV9TSElGVCB9LAorICAg ICAgICB7IC5tZm4gPSAweDIwMTEwMDAwID4+IFBBR0VfU0hJRlQgfSwKKyAg ICAgICAgeyAubWZuID0gMHgyMDEzMDAwMCA+PiBQQUdFX1NISUZUIH0sCisg ICAgICAgIHsgLm1mbiA9IDB4MjAxMzgwMDAgPj4gUEFHRV9TSElGVCB9LAor ICAgICAgICB7IC5tZm4gPSAweDQwMDA0MDAwID4+IFBBR0VfU0hJRlQgfSwK ICAgICB9OwogCi0gICAgKmFycmF5X3NpemUgPSBBUlJBWV9TSVpFKGJhZF9w YWdlcyk7CisgICAgKmFycmF5X3NpemUgPSBBUlJBWV9TSVpFKHNuYl9iYWRf cGFnZXMpOwogICAgIGlnZF9pZCA9IHBjaV9jb25mX3JlYWQzMigwLCAwLCAy LCAwLCAwKTsKLSAgICBpZiAoICFJU19TTkJfR0ZYKGlnZF9pZCkgKQotICAg ICAgICByZXR1cm4gTlVMTDsKKyAgICBpZiAoIElTX1NOQl9HRlgoaWdkX2lk KSApCisgICAgICAgIHJldHVybiBzbmJfYmFkX3BhZ2VzOwogCi0gICAgcmV0 dXJuIGJhZF9wYWdlczsKKyAgICByZXR1cm4gTlVMTDsKIH0KIAogdm9pZCBw YWdpbmdfaW52bHBnKHN0cnVjdCB2Y3B1ICp2LCB1bnNpZ25lZCBsb25nIHZh KQotLS0gYS94ZW4vY29tbW9uL3BhZ2VfYWxsb2MuYworKysgYi94ZW4vY29t bW9uL3BhZ2VfYWxsb2MuYwpAQCAtMjcwLDcgKzI3MCw3IEBAIHZvaWQgX19p bml0IGluaXRfYm9vdF9wYWdlcyhwYWRkcl90IHBzLAogICAgIHVuc2lnbmVk IGxvbmcgYmFkX3NwZm4sIGJhZF9lcGZuOwogICAgIGNvbnN0IGNoYXIgKnA7 CiAjaWZkZWYgQ09ORklHX1g4NgotICAgIGNvbnN0IHVuc2lnbmVkIGxvbmcg KmJhZHBhZ2UgPSBOVUxMOworICAgIGNvbnN0IHN0cnVjdCBwbGF0Zm9ybV9i YWRfcGFnZSAqYmFkcGFnZTsKICAgICB1bnNpZ25lZCBpbnQgaSwgYXJyYXlf c2l6ZTsKICNlbmRpZgogCkBAIC0yOTUsOCArMjk1LDggQEAgdm9pZCBfX2lu aXQgaW5pdF9ib290X3BhZ2VzKHBhZGRyX3QgcHMsCiAgICAgewogICAgICAg ICBmb3IgKCBpID0gMDsgaSA8IGFycmF5X3NpemU7IGkrKyApCiAgICAgICAg IHsKLSAgICAgICAgICAgIGJvb3RtZW1fcmVnaW9uX3phcCgqYmFkcGFnZSA+ PiBQQUdFX1NISUZULAotICAgICAgICAgICAgICAgICAgICAgICAgICAgICAg ICgqYmFkcGFnZSA+PiBQQUdFX1NISUZUKSArIDEpOworICAgICAgICAgICAg Ym9vdG1lbV9yZWdpb25femFwKGJhZHBhZ2UtPm1mbiwKKyAgICAgICAgICAg ICAgICAgICAgICAgICAgICAgICBiYWRwYWdlLT5tZm4gKyAoMVUgPDwgYmFk cGFnZS0+b3JkZXIpKTsKICAgICAgICAgICAgIGJhZHBhZ2UrKzsKICAgICAg ICAgfQogICAgIH0KLS0tIGEveGVuL2luY2x1ZGUvYXNtLXg4Ni9tbS5oCisr KyBiL3hlbi9pbmNsdWRlL2FzbS14ODYvbW0uaApAQCAtMzUwLDcgKzM1MCwx MyBAQCBib29sIGlzX2lvbWVtX3BhZ2UobWZuX3QgbWZuKTsKIAogdm9pZCBj bGVhcl9zdXBlcnBhZ2VfbWFyayhzdHJ1Y3QgcGFnZV9pbmZvICpwYWdlKTsK IAotY29uc3QgdW5zaWduZWQgbG9uZyAqZ2V0X3BsYXRmb3JtX2JhZHBhZ2Vz KHVuc2lnbmVkIGludCAqYXJyYXlfc2l6ZSk7CitzdHJ1Y3QgcGxhdGZvcm1f YmFkX3BhZ2UgeworICAgIHVuc2lnbmVkIGxvbmcgbWZuOworICAgIHVuc2ln bmVkIGludCBvcmRlcjsKK307CisKK2NvbnN0IHN0cnVjdCBwbGF0Zm9ybV9i YWRfcGFnZSAqZ2V0X3BsYXRmb3JtX2JhZHBhZ2VzKHVuc2lnbmVkIGludCAq YXJyYXlfc2l6ZSk7CisKIC8qIFBlciBwYWdlIGxvY2tzOgogICogcGFnZV9s b2NrKCkgaXMgdXNlZCBmb3IgdHdvIHB1cnBvc2VzOiBwdGUgc2VyaWFsaXph dGlvbiwgYW5kIG1lbW9yeSBzaGFyaW5nLgogICoK --=separator Content-Type: application/octet-stream; name="xsa282-4.11-1.patch" Content-Disposition: attachment; filename="xsa282-4.11-1.patch" Content-Transfer-Encoding: base64 RnJvbTogSmFuIEJldWxpY2ggPGpiZXVsaWNoQHN1c2UuY29tPgpTdWJqZWN0 OiB4ODY6IGV4dGVuZCBnZXRfcGxhdGZvcm1fYmFkcGFnZXMoKSBpbnRlcmZh Y2UKClVzZSBhIHN0cnVjdHVyZSBzbyBhbG9uZyB3aXRoIGFuIGFkZHJlc3Mg KG5vdyBmcmFtZSBudW1iZXIpIGFuIG9yZGVyIGNhbgphbHNvIGJlIHNwZWNp ZmllZC4KClRoaXMgaXMgcGFydCBvZiBYU0EtMjgyLgoKU2lnbmVkLW9mZi1i eTogSmFuIEJldWxpY2ggPGpiZXVsaWNoQHN1c2UuY29tPgpSZXZpZXdlZC1i eTogQW5kcmV3IENvb3BlciA8YW5kcmV3LmNvb3BlcjNAY2l0cml4LmNvbT4K Ci0tLSBhL3hlbi9hcmNoL3g4Ni9ndWVzdC94ZW4uYworKysgYi94ZW4vYXJj aC94ODYvZ3Vlc3QveGVuLmMKQEAgLTQwLDcgKzQwLDcgQEAgYm9vbCBfX3Jl YWRfbW9zdGx5IHhlbl9ndWVzdDsKIHN0YXRpYyBfX3JlYWRfbW9zdGx5IHVp bnQzMl90IHhlbl9jcHVpZF9iYXNlOwogZXh0ZXJuIGNoYXIgaHlwZXJjYWxs X3BhZ2VbXTsKIHN0YXRpYyBzdHJ1Y3QgcmFuZ2VzZXQgKm1lbTsKLXN0YXRp YyB1bnNpZ25lZCBsb25nIF9faW5pdGRhdGEgcmVzZXJ2ZWRfcGFnZXNbMl07 CitzdGF0aWMgc3RydWN0IHBsYXRmb3JtX2JhZF9wYWdlIF9faW5pdGRhdGEg cmVzZXJ2ZWRfcGFnZXNbMl07CiAKIERFRklORV9QRVJfQ1BVKHVuc2lnbmVk IGludCwgdmNwdV9pZCk7CiAKQEAgLTMyNiw3ICszMjYsNyBAQCB2b2lkIF9f aW5pdCBoeXBlcnZpc29yX2ZpeHVwX2U4MjAoc3RydWN0CiAgICAgICAgIHBh bmljKCJVbmFibGUgdG8gZ2V0ICIgI3ApOyAgICAgICAgICAgICBcCiAgICAg bWFya19wZm5fYXNfcmFtKGU4MjAsIHBmbik7ICAgICAgICAgICAgICAgICBc CiAgICAgQVNTRVJUKGkgPCBBUlJBWV9TSVpFKHJlc2VydmVkX3BhZ2VzKSk7 ICAgICBcCi0gICAgcmVzZXJ2ZWRfcGFnZXNbaSsrXSA9IHBmbiA8PCBQQUdF X1NISUZUOyAgICBcCisgICAgcmVzZXJ2ZWRfcGFnZXNbaSsrXS5tZm4gPSBw Zm47ICAgICAgICAgICAgICBcCiB9KQogICAgIE1BUktfUEFSQU1fUkFNKEhW TV9QQVJBTV9TVE9SRV9QRk4pOwogICAgIGlmICggIXB2X2NvbnNvbGUgKQpA QCAtMzM0LDcgKzMzNCw3IEBAIHZvaWQgX19pbml0IGh5cGVydmlzb3JfZml4 dXBfZTgyMChzdHJ1Y3QKICN1bmRlZiBNQVJLX1BBUkFNX1JBTQogfQogCi1j b25zdCB1bnNpZ25lZCBsb25nICpfX2luaXQgaHlwZXJ2aXNvcl9yZXNlcnZl ZF9wYWdlcyh1bnNpZ25lZCBpbnQgKnNpemUpCitjb25zdCBzdHJ1Y3QgcGxh dGZvcm1fYmFkX3BhZ2UgKl9faW5pdCBoeXBlcnZpc29yX3Jlc2VydmVkX3Bh Z2VzKHVuc2lnbmVkIGludCAqc2l6ZSkKIHsKICAgICBBU1NFUlQoeGVuX2d1 ZXN0KTsKIAotLS0gYS94ZW4vYXJjaC94ODYvbW0uYworKysgYi94ZW4vYXJj aC94ODYvbW0uYwpAQCAtNTc2OCwyMyArNTc2OCwyMyBAQCB2b2lkIGFyY2hf ZHVtcF9zaGFyZWRfbWVtX2luZm8odm9pZCkKICAgICAgICAgICAgIG1lbV9z aGFyaW5nX2dldF9ucl9zYXZlZF9tZm5zKCkpOwogfQogCi1jb25zdCB1bnNp Z25lZCBsb25nICpfX2luaXQgZ2V0X3BsYXRmb3JtX2JhZHBhZ2VzKHVuc2ln bmVkIGludCAqYXJyYXlfc2l6ZSkKK2NvbnN0IHN0cnVjdCBwbGF0Zm9ybV9i YWRfcGFnZSAqX19pbml0IGdldF9wbGF0Zm9ybV9iYWRwYWdlcyh1bnNpZ25l ZCBpbnQgKmFycmF5X3NpemUpCiB7CiAgICAgdTMyIGlnZF9pZDsKLSAgICBz dGF0aWMgdW5zaWduZWQgbG9uZyBfX2luaXRkYXRhIGJhZF9wYWdlc1tdID0g ewotICAgICAgICAweDIwMDUwMDAwLAotICAgICAgICAweDIwMTEwMDAwLAot ICAgICAgICAweDIwMTMwMDAwLAotICAgICAgICAweDIwMTM4MDAwLAotICAg ICAgICAweDQwMDA0MDAwLAorICAgIHN0YXRpYyBjb25zdCBzdHJ1Y3QgcGxh dGZvcm1fYmFkX3BhZ2UgX19pbml0Y29uc3Qgc25iX2JhZF9wYWdlc1tdID0g eworICAgICAgICB7IC5tZm4gPSAweDIwMDUwMDAwID4+IFBBR0VfU0hJRlQg fSwKKyAgICAgICAgeyAubWZuID0gMHgyMDExMDAwMCA+PiBQQUdFX1NISUZU IH0sCisgICAgICAgIHsgLm1mbiA9IDB4MjAxMzAwMDAgPj4gUEFHRV9TSElG VCB9LAorICAgICAgICB7IC5tZm4gPSAweDIwMTM4MDAwID4+IFBBR0VfU0hJ RlQgfSwKKyAgICAgICAgeyAubWZuID0gMHg0MDAwNDAwMCA+PiBQQUdFX1NI SUZUIH0sCiAgICAgfTsKIAotICAgICphcnJheV9zaXplID0gQVJSQVlfU0la RShiYWRfcGFnZXMpOworICAgICphcnJheV9zaXplID0gQVJSQVlfU0laRShz bmJfYmFkX3BhZ2VzKTsKICAgICBpZ2RfaWQgPSBwY2lfY29uZl9yZWFkMzIo MCwgMCwgMiwgMCwgMCk7Ci0gICAgaWYgKCAhSVNfU05CX0dGWChpZ2RfaWQp ICkKLSAgICAgICAgcmV0dXJuIE5VTEw7CisgICAgaWYgKCBJU19TTkJfR0ZY KGlnZF9pZCkgKQorICAgICAgICByZXR1cm4gc25iX2JhZF9wYWdlczsKIAot ICAgIHJldHVybiBiYWRfcGFnZXM7CisgICAgcmV0dXJuIE5VTEw7CiB9CiAK IHZvaWQgcGFnaW5nX2ludmxwZyhzdHJ1Y3QgdmNwdSAqdiwgdW5zaWduZWQg bG9uZyB2YSkKLS0tIGEveGVuL2NvbW1vbi9wYWdlX2FsbG9jLmMKKysrIGIv eGVuL2NvbW1vbi9wYWdlX2FsbG9jLmMKQEAgLTI3MCw3ICsyNzAsNyBAQCB2 b2lkIF9faW5pdCBpbml0X2Jvb3RfcGFnZXMocGFkZHJfdCBwcywKICAgICB1 bnNpZ25lZCBsb25nIGJhZF9zcGZuLCBiYWRfZXBmbjsKICAgICBjb25zdCBj aGFyICpwOwogI2lmZGVmIENPTkZJR19YODYKLSAgICBjb25zdCB1bnNpZ25l ZCBsb25nICpiYWRwYWdlID0gTlVMTDsKKyAgICBjb25zdCBzdHJ1Y3QgcGxh dGZvcm1fYmFkX3BhZ2UgKmJhZHBhZ2U7CiAgICAgdW5zaWduZWQgaW50IGks IGFycmF5X3NpemU7CiAKICAgICBCVUlMRF9CVUdfT04oOCAqIHNpemVvZihm cmFtZV90YWJsZS0+dS5mcmVlLmZpcnN0X2RpcnR5KSA8CkBAIC0yOTksOCAr Mjk5LDggQEAgdm9pZCBfX2luaXQgaW5pdF9ib290X3BhZ2VzKHBhZGRyX3Qg cHMsCiAgICAgewogICAgICAgICBmb3IgKCBpID0gMDsgaSA8IGFycmF5X3Np emU7IGkrKyApCiAgICAgICAgIHsKLSAgICAgICAgICAgIGJvb3RtZW1fcmVn aW9uX3phcCgqYmFkcGFnZSA+PiBQQUdFX1NISUZULAotICAgICAgICAgICAg ICAgICAgICAgICAgICAgICAgICgqYmFkcGFnZSA+PiBQQUdFX1NISUZUKSAr IDEpOworICAgICAgICAgICAgYm9vdG1lbV9yZWdpb25femFwKGJhZHBhZ2Ut Pm1mbiwKKyAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICBiYWRwYWdl LT5tZm4gKyAoMVUgPDwgYmFkcGFnZS0+b3JkZXIpKTsKICAgICAgICAgICAg IGJhZHBhZ2UrKzsKICAgICAgICAgfQogICAgIH0KQEAgLTMxMiw4ICszMTIs OCBAQCB2b2lkIF9faW5pdCBpbml0X2Jvb3RfcGFnZXMocGFkZHJfdCBwcywK ICAgICAgICAgewogICAgICAgICAgICAgZm9yICggaSA9IDA7IGkgPCBhcnJh eV9zaXplOyBpKysgKQogICAgICAgICAgICAgewotICAgICAgICAgICAgICAg IGJvb3RtZW1fcmVnaW9uX3phcCgqYmFkcGFnZSA+PiBQQUdFX1NISUZULAot ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAoKmJhZHBhZ2Ug Pj4gUEFHRV9TSElGVCkgKyAxKTsKKyAgICAgICAgICAgICAgICBib290bWVt X3JlZ2lvbl96YXAoYmFkcGFnZS0+bWZuLAorICAgICAgICAgICAgICAgICAg ICAgICAgICAgICAgICAgICBiYWRwYWdlLT5tZm4gKyAoMVUgPDwgYmFkcGFn ZS0+b3JkZXIpKTsKICAgICAgICAgICAgICAgICBiYWRwYWdlKys7CiAgICAg ICAgICAgICB9CiAgICAgICAgIH0KLS0tIGEveGVuL2luY2x1ZGUvYXNtLXg4 Ni9ndWVzdC94ZW4uaAorKysgYi94ZW4vaW5jbHVkZS9hc20teDg2L2d1ZXN0 L3hlbi5oCkBAIC0zNyw3ICszNyw3IEBAIHZvaWQgaHlwZXJ2aXNvcl9hcF9z ZXR1cCh2b2lkKTsKIGludCBoeXBlcnZpc29yX2FsbG9jX3VudXNlZF9wYWdl KG1mbl90ICptZm4pOwogaW50IGh5cGVydmlzb3JfZnJlZV91bnVzZWRfcGFn ZShtZm5fdCBtZm4pOwogdm9pZCBoeXBlcnZpc29yX2ZpeHVwX2U4MjAoc3Ry dWN0IGU4MjBtYXAgKmU4MjApOwotY29uc3QgdW5zaWduZWQgbG9uZyAqaHlw ZXJ2aXNvcl9yZXNlcnZlZF9wYWdlcyh1bnNpZ25lZCBpbnQgKnNpemUpOwor Y29uc3Qgc3RydWN0IHBsYXRmb3JtX2JhZF9wYWdlICpoeXBlcnZpc29yX3Jl c2VydmVkX3BhZ2VzKHVuc2lnbmVkIGludCAqc2l6ZSk7CiB1aW50MzJfdCBo eXBlcnZpc29yX2NwdWlkX2Jhc2Uodm9pZCk7CiB2b2lkIGh5cGVydmlzb3Jf cmVzdW1lKHZvaWQpOwogCkBAIC02NSw3ICs2NSw3IEBAIHN0YXRpYyBpbmxp bmUgdm9pZCBoeXBlcnZpc29yX2ZpeHVwX2U4MjAKICAgICBBU1NFUlRfVU5S RUFDSEFCTEUoKTsKIH0KIAotc3RhdGljIGlubGluZSBjb25zdCB1bnNpZ25l ZCBsb25nICpoeXBlcnZpc29yX3Jlc2VydmVkX3BhZ2VzKHVuc2lnbmVkIGlu dCAqc2l6ZSkKK3N0YXRpYyBpbmxpbmUgY29uc3Qgc3RydWN0IHBsYXRmb3Jt X2JhZF9wYWdlICpoeXBlcnZpc29yX3Jlc2VydmVkX3BhZ2VzKHVuc2lnbmVk IGludCAqc2l6ZSkKIHsKICAgICBBU1NFUlRfVU5SRUFDSEFCTEUoKTsKICAg ICByZXR1cm4gTlVMTDsKLS0tIGEveGVuL2luY2x1ZGUvYXNtLXg4Ni9tbS5o CisrKyBiL3hlbi9pbmNsdWRlL2FzbS14ODYvbW0uaApAQCAtMzQ4LDcgKzM0 OCwxMyBAQCB2b2lkIHphcF9yb19tcHQobWZuX3QgbWZuKTsKIAogYm9vbCBp c19pb21lbV9wYWdlKG1mbl90IG1mbik7CiAKLWNvbnN0IHVuc2lnbmVkIGxv bmcgKmdldF9wbGF0Zm9ybV9iYWRwYWdlcyh1bnNpZ25lZCBpbnQgKmFycmF5 X3NpemUpOworc3RydWN0IHBsYXRmb3JtX2JhZF9wYWdlIHsKKyAgICB1bnNp Z25lZCBsb25nIG1mbjsKKyAgICB1bnNpZ25lZCBpbnQgb3JkZXI7Cit9Owor Citjb25zdCBzdHJ1Y3QgcGxhdGZvcm1fYmFkX3BhZ2UgKmdldF9wbGF0Zm9y bV9iYWRwYWdlcyh1bnNpZ25lZCBpbnQgKmFycmF5X3NpemUpOworCiAvKiBQ ZXIgcGFnZSBsb2NrczoKICAqIHBhZ2VfbG9jaygpIGlzIHVzZWQgZm9yIHR3 byBwdXJwb3NlczogcHRlIHNlcmlhbGl6YXRpb24sIGFuZCBtZW1vcnkgc2hh cmluZy4KICAqCg== --=separator Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: base64 Content-Disposition: inline X19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX18KWGVuLWRldmVs IG1haWxpbmcgbGlzdApYZW4tZGV2ZWxAbGlzdHMueGVucHJvamVjdC5vcmcKaHR0cHM6Ly9saXN0 cy54ZW5wcm9qZWN0Lm9yZy9tYWlsbWFuL2xpc3RpbmZvL3hlbi1kZXZlbA== --=separator--