Received: by 2002:a05:6358:c692:b0:131:369:b2a3 with SMTP id fe18csp5181392rwb; Mon, 31 Jul 2023 20:32:58 -0700 (PDT) X-Google-Smtp-Source: APBJJlF8EeuwXD4J26JowYCTCvfGPIIHjPgoIsJ/zJ9J1tSZ7O1SiLxiRXIiM5d0D5AhHg9Gb9Kd X-Received: by 2002:a17:906:7a5d:b0:99c:47a:8bcc with SMTP id i29-20020a1709067a5d00b0099c047a8bccmr1953044ejo.14.1690860777934; Mon, 31 Jul 2023 20:32:57 -0700 (PDT) ARC-Seal: i=2; a=rsa-sha256; t=1690860777; cv=pass; d=google.com; s=arc-20160816; b=YsxyxCdRtoR6d5jHAM9mJwhtVZP3BsB5z55YWVNH9KGOQuAuW+VvED7GRIn0lfqatC JnvlVCLVRj4TWj720pM/sxQ/D17tUceeSioTgt5LeQQVXXDZfeYZ+p0+AP/SirpwCFaI hcPQz/hJ4kcL45Rb07WkCHIWqe/EBkkBAC7OlRde5L240DjjFs9II3eckpIObjKlOsMA 6ul0xr84SAxfM4wQ0i9t7ygNas3vxFfL8NtK51EK3ekuLOtetqqatt1HD33JuYWl9zTi 1iDYuErJD3bkCWSktSLFh41g4z6T6A/I48/FKfrbp14wWxF5Pq7d9wkbN6I3X9k6CxCd 7Gxw== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:mime-version:in-reply-to:from:references:cc:to :content-language:subject:user-agent:date:message-id:dkim-signature; bh=AYy0hNCl/3i4JfVhtNlMGbLRAOKCHBTNjTeaXYpqFCM=; fh=6URr94JUcue2J1MAFzO+IZ8lfI0vCuLVAGR30+45oGY=; b=fKqZYhsz/75bGB4D5qDt3C567MjHEckQUqYmvGWiazb3TIFc8q2aZhFPo1k6JoIIKv T19LLmiSSTa/iaF6oiQIiJPovE4yu0fVeqsofCS2nk+/R3FcoPOEqFGYtGYfT8UrU1GO gIypwoULDZxuHB5yVKmin4fEd3Wj80hzgUldtqmxGbQcv3RsDDc7rq9oWMkJvitkcCQ7 PoWiePlDw+CCTlf1c3kKjwz9l3YYkyvAkp8glXeFjAYn3o0HSodVVd2is5Kx65EveYRA 2o9ziv5HtqvrPJO/I0GQ/Zul0F0DOSCyd2kDWMDJKQjWT+GBKR3XRdovUJOt6Yxm6hzm laHw== ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@amd.com header.s=selector1 header.b=nDAZvsMQ; arc=pass (i=1 spf=pass spfdomain=amd.com dkim=pass dkdomain=amd.com dmarc=pass fromdomain=amd.com); spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=amd.com Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id m8-20020a17090607c800b0098d22334ee0si8363601ejc.797.2023.07.31.20.32.31; Mon, 31 Jul 2023 20:32:57 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@amd.com header.s=selector1 header.b=nDAZvsMQ; arc=pass (i=1 spf=pass spfdomain=amd.com dkim=pass dkdomain=amd.com dmarc=pass fromdomain=amd.com); spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=amd.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231449AbjHADE0 (ORCPT + 99 others); Mon, 31 Jul 2023 23:04:26 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:44440 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231480AbjHADEW (ORCPT ); Mon, 31 Jul 2023 23:04:22 -0400 Received: from NAM11-CO1-obe.outbound.protection.outlook.com (mail-co1nam11on2054.outbound.protection.outlook.com [40.107.220.54]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 3B5EF19AA; Mon, 31 Jul 2023 20:04:20 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=Jzg71hlnkkfGHOJHGhaVo1F9qYKAxymcCCIBQvcLwsWLG2knKmRxN3Jz9/762wCfVcJpCw34GQublGRuvbhvnAASA+sx2RRIkXxMU+ewF/LYcipwBSF+ZcZlwej4ZjqUidoJsf4p4/WbIfCVwwUDv0iC2id3BgtUvKObguG24mTd9lAMqTxrHh/bkpaDiTdLc1ryevz3S85ii1R/OVuMhZ7NgPiMWj9DCMFl9GiSEmcnVtm9YdlkkDnuCYlAd+bAvByI5vwhjGoGRuieH53LEq4KapGFsekvim9XXVV7YJet5O/EvstYwtOjrQ2RJPjesPwpk4qWziKM2e5aLDfp6A== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=AYy0hNCl/3i4JfVhtNlMGbLRAOKCHBTNjTeaXYpqFCM=; b=jQr2TSEDExymbmy0+AlWSDpR2TAZYyfoVQ+gvQz6OyuughxC1lNvDZUdF6WsSkdZ/ROuHZJnKbcVdSOirPFAPAYsYSAvEf/UaDShBMkivLlHmCW3nikvd/1f/rKrNpi2wr8d9wVcGyBj8vAjOS+wwTSqNF7vODtQFJrrAWTenvLj6qiksaDeyk7/TZG3xkeAEcM+iYt0NDL8PXHpV6WInelzddCZBVlkOl6/V6c2pP9cPn5LFVQ9T0ZqSv4yrrhlhBYCb4kHjPgtlNoNIXZO6OxJb7lFadgkW1uUH4lvSf+OmWXXDdFb4dPjvoHb9ScNyXJOIs043NjbsblWaK0bVA== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=amd.com; dmarc=pass action=none header.from=amd.com; dkim=pass header.d=amd.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=AYy0hNCl/3i4JfVhtNlMGbLRAOKCHBTNjTeaXYpqFCM=; b=nDAZvsMQPLdHXtenxJvQCUsUeHUsMFeG2L75SPQKPP2NohDAiodmuzVwhRbk1HMF31P+ITfUPZMsDUZCDAbhZS8ezjELMtJWVzqXubhD26o1zq5jW3H9QXHaKKKDjUQK1EAXov3SrN6L3X3r/Vuw4XslX5TUKDRKtiQI8UncUxM= Authentication-Results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=amd.com; Received: from MN0PR12MB6101.namprd12.prod.outlook.com (2603:10b6:208:3cb::10) by SA3PR12MB7950.namprd12.prod.outlook.com (2603:10b6:806:31c::13) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6631.42; Tue, 1 Aug 2023 03:04:17 +0000 Received: from MN0PR12MB6101.namprd12.prod.outlook.com ([fe80::36f9:ffa7:c770:d146]) by MN0PR12MB6101.namprd12.prod.outlook.com ([fe80::36f9:ffa7:c770:d146%7]) with mapi id 15.20.6631.043; Tue, 1 Aug 2023 03:04:17 +0000 Content-Type: multipart/mixed; boundary="------------twtoQgukQ1lLOmDhRpcR2xvE" Message-ID: <61b363bc-286a-535c-27da-0f52673768ad@amd.com> Date: Mon, 31 Jul 2023 22:04:14 -0500 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:102.0) Gecko/20100101 Thunderbird/102.12.0 Subject: Re: [PATCH 1/1] tpm: disable hwrng for fTPM on some AMD designs Content-Language: en-US To: "Jason A. Donenfeld" , Linus Torvalds Cc: linux@dominikbrodowski.net, Jarkko Sakkinen , Daniil Stas , James.Bottomley@hansenpartnership.com, linux-integrity@vger.kernel.org, linux-kernel@vger.kernel.org, regressions@leemhuis.info, stable@vger.kernel.org References: <20230727183805.69c36d6e@g14> <20230727193949.55c18805@g14> <65a1c307-826d-4ca3-0336-07a185684e5d@amd.com> <20230727195019.41abb48d@g14> <67eefe98-e6df-e152-3169-44329e22478d@amd.com> <20230727200527.4080c595@g14> <105b9d13-cedd-7d3c-1f29-2c65199f1de7@amd.com> From: Mario Limonciello In-Reply-To: X-ClientProxiedBy: SN7PR04CA0027.namprd04.prod.outlook.com (2603:10b6:806:f2::32) To MN0PR12MB6101.namprd12.prod.outlook.com (2603:10b6:208:3cb::10) MIME-Version: 1.0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: MN0PR12MB6101:EE_|SA3PR12MB7950:EE_ X-MS-Office365-Filtering-Correlation-Id: ce83460b-ee64-4abd-87fb-08db923bfe4d X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: ivBgvmgbxZmGQ3HD6xFccxz/3UEtJNhbVVYc29yMRsdtrfEdKAvj7mCeEELcw27EntwDHJRZ6p7bFavkhRjII/OrZUgv+wLGeTOH5ilOoUEgBYVfWvaJxT2/SLAyIryNheuoA9i25E1txxbmdi2FJFeyZd1b+/giCKGJVPrY328xVYFV0BIW/0Ps4GPcUr+ETImiUSwVTtyBsyVlYYx5mJlZxgxxgdf3etpg6vsnVy3IR9m6Oe3lVv69Y8z6py5TPsMuMOWZDsd3L568/ErkdVAba3N93phYImznBeg5RUi0YWqEFUIZhEEn/hE8c8QtvfHDuOztjxFKZhmPRy+vfkdj86DcToNw3VlZEAgJk2E02ptprOW0QKRG7pq6pzRgaYwc3fAb8OTMLiq3a1Op04/8wu0cYLXG7W6PoZSaLOA3Hk8sopGz6XJshuUahQKhPOVsH5kRRiEC4U47B/0a9V39nyMjG8PxwgWK+USSYFooLWh+r++oXdbPX4rrPHspVIwpjUOVsHXyKWOAVOq986niEwZ5EMq48uK6CREIh2kg9uO4xEwq0AVicSfp+PK8Vc1/+2yqNl4VcmGfGxKJwypQ3kwlz3Dvd7cHxzduB4MXuV9dgeLwUZe7ZSi5wigJhskNMzG9PrVqSkDdyAgkgg== X-Forefront-Antispam-Report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:MN0PR12MB6101.namprd12.prod.outlook.com;PTR:;CAT:NONE;SFS:(13230028)(4636009)(396003)(136003)(366004)(346002)(39860400002)(376002)(451199021)(5660300002)(235185007)(2616005)(186003)(8936002)(53546011)(8676002)(6506007)(4326008)(316002)(83380400001)(7416002)(44832011)(478600001)(54906003)(66476007)(66556008)(66946007)(110136005)(86362001)(6486002)(33964004)(41300700001)(6512007)(6666004)(36756003)(31696002)(2906002)(38100700002)(31686004)(66899021)(45980500001)(43740500002);DIR:OUT;SFP:1101; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: =?utf-8?B?ek1vTkdIQ1A0cE5EQlZTdmsvTGczQVFoL1RaYmlPTGNXeE8rdkFLL0lxMW5O?= =?utf-8?B?MU5hRXJick9tVFdzZlcvMXpPbkZIY2VmbkUxNE5wdUZERmxabHRBU0NoRnpF?= =?utf-8?B?WXNudFJyZkM1ZG5sTnJqN3pjbE1BNmFkUWxrd3VVVEtxWUNLYys2aGpQUmEz?= =?utf-8?B?bE8venh4ZnJOVUpQV0NRT2NycWJHSmF0UXBWaHlmMlNmYnRSWmFzZldySkFR?= =?utf-8?B?cVRkcW14N0RQcHdFSi8yNDFoWjdmRk5CK2k2OHEwSnZGMWREenV3SE9senRY?= =?utf-8?B?WHdjVXlHSE9HZExKUUthYWhWdWh4aDgwNktvbXlVMVVLR0xZMFU4QzQzNXk2?= =?utf-8?B?bTBsMGVKZkVBc0w4NFk2TXBVa3ZYOVV5SEtVd0xUajNTQVJBKzRra0pTcjFs?= =?utf-8?B?REVPMjZtQmxXWjM5L2hqWGtQQWljUDB4VVUzSXJsZ3FaUkRrQzFHYnZidTRN?= =?utf-8?B?SHV6K0EzY05WclExMnlySm1SQzhqR1ZqSCtGRDFUNlJHdjBiZDN5eDNudjlz?= =?utf-8?B?UzdvWFdhS1JiOFkwZUkyUGxCMnZlZW1abEQzVkVxeDdwQWh2YTRZd2RqczZn?= =?utf-8?B?dW4vSGFPSXFCL0gzUDlqMXJtQkxaRVAzMkpvVFRVbTBKYno0dHhYclpaQ2Zr?= =?utf-8?B?a3hDRDVZakdCamFtVjc3Y2NWd2F0Y0JHNEk2eHEzRTA0N0hkSmFpUCtieFhi?= =?utf-8?B?Qm8vaDZFNGYwL3RYUlA1YXlhT2JycnFyVTE2WHVpSTlXS29oMDNURVMxRE9F?= =?utf-8?B?NmlwOGViT29QTHhSUUFxc3dxdVhrdHlnbVM2K0l3R0Y2c3JINHF5N01IS2s0?= =?utf-8?B?TURmQUlhQ1JPaUFMRkJqVC9iSWtFR1M3QWEwTm5RN2liQWxMM05FT1RoZCtX?= =?utf-8?B?M1hJVDVEcUtPVGxFL1pZckRVd0s1SXZYNHNjQm5ueWNEdDN5UlZmY3N3U25v?= =?utf-8?B?aFBucVp3ZGtxTWhGaG9zZWFOSTA5OCtVb1BMbmsyU2g5b091NVdGRjNhRGMw?= =?utf-8?B?MGVmTHJkMDNjWVZpY2lFYldjOStMZ2p2UWRPOC9hUTh0dGxlcWQ3QlFiVkln?= =?utf-8?B?YkZwU1FwSGI4OVBxVm10V3dnN1dabXhRTDlGaERXMDdlMlI4K1dsbW9JTTg1?= =?utf-8?B?L2xhMGJ6UkQvZGJobVM1TWlTYjF5SUxhM3A5cHZCTVpDK2dRUUlUWFpOTUxI?= =?utf-8?B?alZpR0NyeDdYNmRXSEtQRyt1aWkyVGcxZEpVTHdjYnZ0bjFyeWR5Ly9DZUda?= =?utf-8?B?TG5nODJmekZTdUZMS2xadlpSRERtY2kwaU5Ccks3Y1JVNVFTcmhuQ2Q2aHgv?= =?utf-8?B?UlkxWmVDUG5mSWhiOUtYeG1FZXlCOEVSMms4RFB0ZjdMS2JmdEJoQlJ4RUN5?= =?utf-8?B?T1VGTWx3STJEYjgxOFdrTzJwUS9yNTR2S3VUSERGSTc5cWVXZER3VDJCNVJH?= =?utf-8?B?aENvMjRWcjZDNW5VUldmbTZ2T1c0T0k0WTEzeUV2dzVzQ0hVQXBiZ1FtYnJE?= =?utf-8?B?Q0Y2UlpqTys2OHlvVWY5Ui93U3ZGNHM5bTNNNEV6RUZGRFBmRnBQYkYvSFo2?= =?utf-8?B?ZjFucmRvb2UybU4xTmhQMXBWc1FTVWIxaFNLZG9waEFOSzBKTDYva0xTd2lx?= =?utf-8?B?enJsM3krQnh1S1VuUTFQYk9PL1F3bjBxS3cvUmhPOGw2em1rSm5YRFIzaGZm?= =?utf-8?B?Zit4dy9xb3lDWld1UmFoM3NvcWFJNXZ2S0FUdkV6N1puNGNsejBTc2VWYUdQ?= =?utf-8?B?MDJZL1ZheGJjbGFFTlNrWDJ2OWFZYlBEZzJrSTYvY3pIN2ttSDRUMFpkak9R?= =?utf-8?B?c3IvM0xseUk3UDMza1hTazJJVzU0YkxHcHBZTkdxdnB5czBNdDFrdG5LQk9l?= =?utf-8?B?Z3hsQWJKTFhLZjhsWklVNkFJRjNxS3pzS252M2l2bks3STV6ODZaUCs2b0VF?= =?utf-8?B?RDllb1RtczBxVTFPQmZTWnNza3d4Z2dYOVRZZnBMdDRPSTlkT0NOb3pZNzdL?= =?utf-8?B?aDRqN2h6Y3I0RGJrZjdYUW5FeUxldTRWaVk2MU42S0VBZWxoWnNtTDBoOEF1?= =?utf-8?B?MGNtbU16VDRKbHZ2MWJjbHNFWXhHSWFUT056VnVCakxZWGVVRnM4djkxT0ov?= =?utf-8?B?M21MTS9MNWtSV0JUc3RlYVA4YzFvZklwVGJvQXhsNTJ5b1p1VFJSRHVSU2E4?= =?utf-8?B?NEE9PQ==?= X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-Network-Message-Id: ce83460b-ee64-4abd-87fb-08db923bfe4d X-MS-Exchange-CrossTenant-AuthSource: MN0PR12MB6101.namprd12.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 01 Aug 2023 03:04:17.1413 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: AMaVDBJibBVFQh7HOzqWsYA7ICSCMwnC+pQWy1bIAIAYvYsypt+m4HgbqJ7COnRRvZkhLsj5eWW5BiRVIOXyMg== X-MS-Exchange-Transport-CrossTenantHeadersStamped: SA3PR12MB7950 X-Spam-Status: No, score=-0.0 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,FORGED_SPF_HELO,NICE_REPLY_A, RCVD_IN_DNSWL_NONE,RCVD_IN_MSPIKE_H2,SPF_HELO_PASS,SPF_NONE, T_SCC_BODY_TEXT_LINE,URIBL_BLOCKED autolearn=no autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org --------------twtoQgukQ1lLOmDhRpcR2xvE Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit On 7/31/23 18:40, Jason A. Donenfeld wrote: > Hi all, > > I've been tracking this issue with Mario on various threads and > bugzilla for a while now. My suggestion over at bugzilla was to just > disable all current AMD fTPMs by bumping the check for a major version > number, so that the hardware people can reenable it i it's ever fixed, > but only if this is something that the hardware people would actually > respect. As I understand it, Mario was going to check into it and see. > Failing that, yea, just disabling hwrng on fTPM seems like a fine > enough thing to do. > > The reason I'm not too concerned about that is twofold: > - Systems with fTPM all have RDRAND anyway, so there's no entropy problem. > - fTPM *probably* uses the same random source as RDRAND -- the > TRNG_OUT MMIO register -- so it's not really doing much more than what > we already have available. Yeah I have conversations ongoing about this topic, but also I concluded your suspicion is correct. They both get their values from the integrated CCP HW IP. > > So this all seems fine. And Jarkko's patch seems more or less the > straight forward way of disabling it. But with that said, in order of > priority, maybe we should first try these: > > 1) Adjust the version check to a major-place fTPM version that AMD's > hardware team pinky swears will have this bug fixed. (Though, I can > already imagine somebody on the list shouting, "we don't trust > hardware teams to do anything with unreleased stuff!", which could be > valid.) I find it very likely the actual root cause is similar to what Linus suggested. If that's the case I don't think the bug can be fixed by just an fTPM fix but would rather require a BIOS fix. This to me strengthens the argument to either not register fTPM as RNG in the first place or just use TPM for boot time entropy. > 2) Remove the version check, but add some other query to detect AMD > fTPM vs realTPM, and ban fTPM. AMD doesn't make dTPMs, only fTPMs. It's tempting to try to use TPM2_PT_VENDOR_TPM_TYPE, but this actually is a vendor specific value. I don't see a reliable way in the spec to do this. > - Remove the version check, and just check for AMD; this is Jarrko's patch. I have a counter-proposal to Jarkko's patch attached. This has two notable changes: 1) It only disables RNG generation in the case of having RDRAND or RDSEED. 2) It also matches Intel PTT. I still do also think Linus' idea of TPMs only providing boot time entropy is worth weighing out. --------------twtoQgukQ1lLOmDhRpcR2xvE Content-Type: text/x-patch; charset=UTF-8; name="0001-tpm-Disable-RNG-for-fTPMs-on-SOCs-that-support-RDRAN.patch" Content-Disposition: attachment; filename*0="0001-tpm-Disable-RNG-for-fTPMs-on-SOCs-that-support-RDRAN.pa"; filename*1="tch" Content-Transfer-Encoding: base64 RnJvbSA5ZjQxZDMwMzdlMzdkOTFkNWFhZjE0MjA4YmE0M2JhNzZhNzYwMzFmIE1vbiBTZXAgMTcg MDA6MDA6MDAgMjAwMQpGcm9tOiBNYXJpbyBMaW1vbmNpZWxsbyA8bWFyaW8ubGltb25jaWVsbG9A YW1kLmNvbT4KRGF0ZTogTW9uLCAzMSBKdWwgMjAyMyAyMTozMDoxMyAtMDUwMApTdWJqZWN0OiBb UEFUQ0hdIHRwbTogRGlzYWJsZSBSTkcgZm9yIGZUUE1zIG9uIFNPQ3MgdGhhdCBzdXBwb3J0IFJE UkFORC9SRFNFRUQKClRoZSBUUE0gUk5HIGZ1bmN0aW9uYWxpdHkgaXMgbm90IG5lY2Vzc2FyeSBm b3IgZW50cm9weSB3aGVuIHRoZSBDUFUKYWxyZWFkeSBzdXBwb3J0cyBkZWRpY2F0ZWQgaW5zdHJ1 Y3Rpb25zIGZvciBSTkcuCgpGdXJ0aGVybW9yZSBpdCBjb250aW51ZXMgdG8gc2hvdyBwcm9ibGVt cyBvbiBzb21lIHN5c3RlbXMgY2F1c2luZwpzdHV0dGVyLgoKQ2M6IHN0YWJsZUB2Z2VyLmtlcm5l bC5vcmcgIyA2LjEueSsKRml4ZXM6IGIwMDZjNDM5ZDU4ZCAoImh3cm5nOiBjb3JlIC0gc3RhcnQg aHdybmcga3RocmVhZCBhbHNvIGZvciB1bnRydXN0ZWQgc291cmNlcyIpClJlcG9ydGVkLWJ5OiBk YW5paWwuc3Rhc0Bwb3N0ZW8ubmV0CkNsb3NlczogaHR0cHM6Ly9idWd6aWxsYS5rZXJuZWwub3Jn L3Nob3dfYnVnLmNnaT9pZD0yMTc3MTkKU2lnbmVkLW9mZi1ieTogTWFyaW8gTGltb25jaWVsbG8g PG1hcmlvLmxpbW9uY2llbGxvQGFtZC5jb20+Ci0tLQogZHJpdmVycy9jaGFyL3RwbS90cG0tY2hp cC5jIHwgNTMgKysrKysrKystLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLQogMSBmaWxlIGNo YW5nZWQsIDExIGluc2VydGlvbnMoKyksIDQyIGRlbGV0aW9ucygtKQoKZGlmZiAtLWdpdCBhL2Ry aXZlcnMvY2hhci90cG0vdHBtLWNoaXAuYyBiL2RyaXZlcnMvY2hhci90cG0vdHBtLWNoaXAuYwpp bmRleCBjZjU0OTllNTE5OTliLi5hYzM5ZWQ4Yzk3MDRhIDEwMDY0NAotLS0gYS9kcml2ZXJzL2No YXIvdHBtL3RwbS1jaGlwLmMKKysrIGIvZHJpdmVycy9jaGFyL3RwbS90cG0tY2hpcC5jCkBAIC01 MTAsMTkgKzUxMCwxMCBAQCBzdGF0aWMgaW50IHRwbV9hZGRfbGVnYWN5X3N5c2ZzKHN0cnVjdCB0 cG1fY2hpcCAqY2hpcCkKIAlyZXR1cm4gMDsKIH0KIAotLyoKLSAqIFNvbWUgQU1EIGZUUE0gdmVy c2lvbnMgbWF5IGNhdXNlIHN0dXR0ZXIKLSAqIGh0dHBzOi8vd3d3LmFtZC5jb20vZW4vc3VwcG9y dC9rYi9mYXEvcGEtNDEwCi0gKgotICogRml4ZXMgYXJlIGF2YWlsYWJsZSBpbiB0d28gc2VyaWVz IG9mIGZUUE0gZmlybXdhcmU6Ci0gKiA2LngueS56IHNlcmllczogNi4wLjE4LjYgKwotICogMy54 LnkueiBzZXJpZXM6IDMuNTcueS41ICsKLSAqLwogI2lmZGVmIENPTkZJR19YODYKLXN0YXRpYyBi b29sIHRwbV9hbWRfaXNfcm5nX2RlZmVjdGl2ZShzdHJ1Y3QgdHBtX2NoaXAgKmNoaXApCitzdGF0 aWMgYm9vbCB0cG1fc2tpcF9ybmcoc3RydWN0IHRwbV9jaGlwICpjaGlwKQogewotCXUzMiB2YWwx LCB2YWwyOwotCXU2NCB2ZXJzaW9uOworCXUzMiB2YWwxOwogCWludCByZXQ7CiAKIAlpZiAoIShj aGlwLT5mbGFncyAmIFRQTV9DSElQX0ZMQUdfVFBNMikpCkBAIC01MzEsNDQgKzUyMiwyMiBAQCBz dGF0aWMgYm9vbCB0cG1fYW1kX2lzX3JuZ19kZWZlY3RpdmUoc3RydWN0IHRwbV9jaGlwICpjaGlw KQogCXJldCA9IHRwbV9yZXF1ZXN0X2xvY2FsaXR5KGNoaXApOwogCWlmIChyZXQpCiAJCXJldHVy biBmYWxzZTsKLQogCXJldCA9IHRwbTJfZ2V0X3RwbV9wdChjaGlwLCBUUE0yX1BUX01BTlVGQUNU VVJFUiwgJnZhbDEsIE5VTEwpOwotCWlmIChyZXQpCi0JCWdvdG8gcmVsZWFzZTsKLQlpZiAodmFs MSAhPSAweDQxNEQ0NDAwVSAvKiBBTUQgKi8pIHsKLQkJcmV0ID0gLUVOT0RFVjsKLQkJZ290byBy ZWxlYXNlOwotCX0KLQlyZXQgPSB0cG0yX2dldF90cG1fcHQoY2hpcCwgVFBNMl9QVF9GSVJNV0FS RV9WRVJTSU9OXzEsICZ2YWwxLCBOVUxMKTsKLQlpZiAocmV0KQotCQlnb3RvIHJlbGVhc2U7Ci0J cmV0ID0gdHBtMl9nZXRfdHBtX3B0KGNoaXAsIFRQTTJfUFRfRklSTVdBUkVfVkVSU0lPTl8yLCAm dmFsMiwgTlVMTCk7Ci0KLXJlbGVhc2U6CiAJdHBtX3JlbGlucXVpc2hfbG9jYWxpdHkoY2hpcCk7 Ci0KIAlpZiAocmV0KQogCQlyZXR1cm4gZmFsc2U7CiAKLQl2ZXJzaW9uID0gKCh1NjQpdmFsMSA8 PCAzMikgfCB2YWwyOwotCWlmICgodmVyc2lvbiA+PiA0OCkgPT0gNikgewotCQlpZiAodmVyc2lv biA+PSAweDAwMDYwMDAwMDAxODAwMDZVTEwpCi0JCQlyZXR1cm4gZmFsc2U7Ci0JfSBlbHNlIGlm ICgodmVyc2lvbiA+PiA0OCkgPT0gMykgewotCQlpZiAodmVyc2lvbiA+PSAweDAwMDMwMDU3MDAw MDAwMDVVTEwpCi0JCQlyZXR1cm4gZmFsc2U7Ci0JfSBlbHNlIHsKKwkvKiBpZiBDUFUgc3VwcG9y dHMgUkRSQU5EL1JEU0VFRCBpZ25vcmUgZlRQTSBmb3IgUk5HICovCisJc3dpdGNoICh2YWwxKSB7 CisJY2FzZSAweDQxNEQ0NDAwVTogLyogQU1EICovCisJY2FzZSAweDQ5NEU1NDQzVTogLyogSU5U QyAqLworCQlyZXR1cm4gYm9vdF9jcHVfaGFzKFg4Nl9GRUFUVVJFX1JEUkFORCkgfHwgYm9vdF9j cHVfaGFzKFg4Nl9GRUFUVVJFX1JEU0VFRCk7CisJZGVmYXVsdDoKIAkJcmV0dXJuIGZhbHNlOwog CX0KLQotCWRldl93YXJuKCZjaGlwLT5kZXYsCi0JCSAiQU1EIGZUUE0gdmVyc2lvbiAweCVsbHgg Y2F1c2VzIHN5c3RlbSBzdHV0dGVyOyBod3JuZyBkaXNhYmxlZFxuIiwKLQkJIHZlcnNpb24pOwot Ci0JcmV0dXJuIHRydWU7CiB9CiAjZWxzZQotc3RhdGljIGlubGluZSBib29sIHRwbV9hbWRfaXNf cm5nX2RlZmVjdGl2ZShzdHJ1Y3QgdHBtX2NoaXAgKmNoaXApCitzdGF0aWMgaW5saW5lIGJvb2wg dHBtX3NraXBfcm5nKHN0cnVjdCB0cG1fY2hpcCAqY2hpcCkKIHsKIAlyZXR1cm4gZmFsc2U7CiB9 CkBAIC01ODgsNyArNTU3LDcgQEAgc3RhdGljIGludCB0cG1faHdybmdfcmVhZChzdHJ1Y3QgaHdy bmcgKnJuZywgdm9pZCAqZGF0YSwgc2l6ZV90IG1heCwgYm9vbCB3YWl0KQogc3RhdGljIGludCB0 cG1fYWRkX2h3cm5nKHN0cnVjdCB0cG1fY2hpcCAqY2hpcCkKIHsKIAlpZiAoIUlTX0VOQUJMRUQo Q09ORklHX0hXX1JBTkRPTV9UUE0pIHx8IHRwbV9pc19maXJtd2FyZV91cGdyYWRlKGNoaXApIHx8 Ci0JICAgIHRwbV9hbWRfaXNfcm5nX2RlZmVjdGl2ZShjaGlwKSkKKwkgICAgdHBtX3NraXBfcm5n KGNoaXApKQogCQlyZXR1cm4gMDsKIAogCXNucHJpbnRmKGNoaXAtPmh3cm5nX25hbWUsIHNpemVv ZihjaGlwLT5od3JuZ19uYW1lKSwKQEAgLTcxOSw3ICs2ODgsNyBAQCB2b2lkIHRwbV9jaGlwX3Vu cmVnaXN0ZXIoc3RydWN0IHRwbV9jaGlwICpjaGlwKQogewogCXRwbV9kZWxfbGVnYWN5X3N5c2Zz KGNoaXApOwogCWlmIChJU19FTkFCTEVEKENPTkZJR19IV19SQU5ET01fVFBNKSAmJiAhdHBtX2lz X2Zpcm13YXJlX3VwZ3JhZGUoY2hpcCkgJiYKLQkgICAgIXRwbV9hbWRfaXNfcm5nX2RlZmVjdGl2 ZShjaGlwKSkKKwkgICAgIXRwbV9za2lwX3JuZyhjaGlwKSkKIAkJaHdybmdfdW5yZWdpc3Rlcigm Y2hpcC0+aHdybmcpOwogCXRwbV9iaW9zX2xvZ190ZWFyZG93bihjaGlwKTsKIAlpZiAoY2hpcC0+ ZmxhZ3MgJiBUUE1fQ0hJUF9GTEFHX1RQTTIgJiYgIXRwbV9pc19maXJtd2FyZV91cGdyYWRlKGNo aXApKQotLSAKMi4zNC4xCgo= --------------twtoQgukQ1lLOmDhRpcR2xvE--