Hello,
We are facing an issue as below.
Problem statement:
This is with reference to the patch http://kernel.ubuntu.com/git?p=ubuntu/linux-2.6/.git;a=commit;h=e7c29cb16c833441fd2160642bb13025f4e7ac70 for handling L2CAP connection requests on an insecure link. I am pasting below the details of this patch.
"The?Security?Mode?4?of?the?Bluetooth?2.1?specification?has?strict authentication?and?encryption?requirements.?It?is?the?initiators?job to?create?a?secure?ACL?link.?However?in?case?of?malicious?devices,?the acceptor?has?to?make?sure?that?the?ACL?is?encrypted?before?allowing any?kind?of?L2CAP?connection.?The?only?exception?here?is?the?PSM?1?for the?service?discovery?protocol,?because?that?is?allowed?to?run?on?an insecure?ACL?link.
Previously?it?was?enough?to?reject?a?L2CAP?connection?during?the connection?setup?phase,?but?with?Bluetooth?2.1?it?is?forbidden?to do?any?L2CAP?protocol?exchange?on?an?insecure?link?(except?SDP).
The?new?hci_conn_check_link_mode()?function?can?be?used?to?check?the integrity?of?an?ACL?link.?This?functions?also?takes?care?of?the?cases where?Security?Mode?4?is?disabled?or?one?of?the?devices?is?based?on an?older?specification."
On receipt of a L2CAP_Connect_Req (function l2cap_connect_req()), the function hci_conn_check_link_mode() checks is encryption is enabled on the link when SSP is enabled. If encryption is not yet enabled then the function l2cap_connect_req() returns L2CAP_Connect_Rsp with error Security Block.
Due to this patch, if the HCI encryption change event arrives after the Initiator sends the L2CAP Connection Request, then the connection request is rejected with response Security Block.
Query:
I wanted to know if this can be handled by sending an L2CAP Connection response with Connection Pending and on receiving the Encryption Change event send the L2CAP Connection response with success; else with error Security Block.
Can you please let me know?
Regards,
Tejaswini
Hi Tejaswini,
> We are facing an issue as below.
>
> Problem statement:
> This is with reference to the patch http://kernel.ubuntu.com/git?p=ubuntu/linux-2.6/.git;a=commit;h=e7c29cb16c833441fd2160642bb13025f4e7ac70 for handling L2CAP connection requests on an insecure link. I am pasting below the details of this patch.
>
> "The Security Mode 4 of the Bluetooth 2.1 specification has strict authentication and encryption requirements. It is the initiators job to create a secure ACL link. However in case of malicious devices, the acceptor has to make sure that the ACL is encrypted before allowing any kind of L2CAP connection. The only exception here is the PSM 1 for the service discovery protocol, because that is allowed to run on an insecure ACL link.
> Previously it was enough to reject a L2CAP connection during the connection setup phase, but with Bluetooth 2.1 it is forbidden to do any L2CAP protocol exchange on an insecure link (except SDP).
> The new hci_conn_check_link_mode() function can be used to check the integrity of an ACL link. This functions also takes care of the cases where Security Mode 4 is disabled or one of the devices is based on an older specification."
>
> On receipt of a L2CAP_Connect_Req (function l2cap_connect_req()), the function hci_conn_check_link_mode() checks is encryption is enabled on the link when SSP is enabled. If encryption is not yet enabled then the function l2cap_connect_req() returns L2CAP_Connect_Rsp with error Security Block.
>
> Due to this patch, if the HCI encryption change event arrives after the Initiator sends the L2CAP Connection Request, then the connection request is rejected with response Security Block.
>
> Query:
> I wanted to know if this can be handled by sending an L2CAP Connection response with Connection Pending and on receiving the Encryption Change event send the L2CAP Connection response with success; else with error Security Block.
no it can not. The specification is pretty damn clear here. Any
Connect_Request needs to be rejected if the underlying link is not know
to be secure.
And with some chips this is a race conditions in their LMP+BB and the
transport layer. They end up sending the ACL packet before the send the
HCI event for signaling that the encryption is active.
If you do look at the air traffic you might see that the ACL packet
actually was encrypted, but that is not what they have signaled to the
host stack. There is nothing we can do from our side. The chips need to
be fixed to do this in the right order.
Regards
Marcel
SGVsbG8gUGV0ZXIsDQoNClRoYW5rcyBmb3IgdGhlIGluZm9ybWF0aW9uLiBQbGVhc2UgZmlu
ZCBteSBpbnB1dHMgYmVsb3cuIA0KDQpSZWdhcmRzLA0KVGVqYXN3aW5pDQoNCg0KLS0tLS1P
cmlnaW5hbCBNZXNzYWdlLS0tLS0NCkZyb206IFBldGVyIEh1cmxleSBbbWFpbHRvOnBldGVy
QGh1cmxleXNvZnR3YXJlLmNvbV0gDQpTZW50OiBUdWVzZGF5LCBKdWx5IDEyLCAyMDExIDc6
NDMgUE0NClRvOiBUZWphc3dpbmkgUHVyYW5kYXJlIChXVDAxIC0gUHJvZHVjdCBFbmdpbmVl
cmluZyBTZXJ2aWNlcykNCkNjOiBtYXJjZWxAaG9sdG1hbm4ub3JnOyBsaW51eC1ibHVldG9v
dGhAdmdlci5rZXJuZWwub3JnDQpTdWJqZWN0OiBSRTogTDJDQVAgY29ubmVjdGlvbiBvbiBp
bnNlY3VyZSBsaW5rDQoNCkhpIFRlamFzd2luaSwNCg0KT24gVHVlLCAyMDExLTA3LTEyIGF0
IDA3OjM0IC0wNDAwLCB0ZWphc3dpbmkucHVyYW5kYXJlQHdpcHJvLmNvbSB3cm90ZToNCj4g
SGVsbG8gTWFyY2VsLA0KPiANCj4gVGhhbmtzIGZvciB5b3VyIHJlc3BvbnNlLiANCj4gDQo+
IENhbiB5b3UgcGxlYXNlIGxldCBtZSBrbm93IHRoZSBleGFjdCBzZWN0aW9uIG9mIHRoZSBC
VCAyLjEgQ29yZSBzcGVjaWZpY2F0aW9uIHdoaWNoIG1lbnRpb25zICJUaGUgc3BlY2lmaWNh
dGlvbiBpcyBwcmV0dHkgZGFtbiBjbGVhciBoZXJlLiBBbnkgQ29ubmVjdF9SZXF1ZXN0IG5l
ZWRzIHRvIGJlIHJlamVjdGVkIGlmIHRoZSB1bmRlcmx5aW5nIGxpbmsgaXMgbm90IGtub3du
IHRvIGJlIHNlY3VyZS4iDQoNCkZyb20gVm9sIDMsIFBhcnQgQy4gR2VuZXJpYyBBY2Nlc3Mg
UHJvZmlsZSwgU2VjdGlvbiA1LjIuMi4yLiBTZWN1cml0eQ0KZm9yIEFjY2VzcyB0byBMb2Nh
bCBTZXJ2aWNlIGJ5IFJlbW90ZSBEZXZpY2UgKFJlc3BvbmRpbmcgU2lkZSksIHBhcmEuIDU6
DQoNCiJJZiB0aGUgcmVtb3RlIGRldmljZSBoYXMgaW5kaWNhdGVkIHN1cHBvcnQgZm9yIFNl
Y3VyZSBTaW1wbGUgUGFpcmluZywgYQ0KY2hhbm5lbCBlc3RhYmxpc2htZW50IHJlcXVlc3Qg
aXMgcmVjZWl2ZWQgZm9yIGEgc2VydmljZSBvdGhlciB0aGFuIFNEUCwNCmFuZCBlbmNyeXB0
aW9uIGhhcyBub3QgeWV0IGJlZW4gZW5hYmxlZCwgdGhlbiB0aGUgbG9jYWwgZGV2aWNlIHNo
YWxsDQpkaXNjb25uZWN0IHRoZSBBQ0wgbGluayB3aXRoIGVycm9yIGNvZGUgMHgwNSAtIEF1
dGhlbnRpY2F0aW9uIEZhaWx1cmUuIg0KDQoNClJlZ2FyZGxlc3MsIHRoZSBpc3N1ZSB3aXRo
IHRoZSBMTVAvQkIgcmFjZSBjYW4gYmUgZXhoaWJpdGVkIGFzIHRoZQ0KTDJDQVBfQ29ubmVj
dF9SZXEgYmVpbmcgcmVjZWl2ZWQgcHJpb3IgdG8gcmVjZWlwdCBvZiB0aGUgQ29ubmVjdGlv
bg0KQ29tcGxldGUgRXZlbnQgKGluIHdoaWNoIGNhc2UgdGhlIEFDTCBjb25uZWN0aW9uIGhh
bmRsZSBpcyB1bmtub3duKS4NClNob3VsZCB0aGUgSENJIGNvcmUgcGVuZCB0aGF0IHJlcXVl
c3QgdG9vPw0KDQo+PiBBY3R1YWxseSB3ZSBoYXZlIGEgcmFjZSBjb25kaXRpb24gYmV0d2Vl
biB0aGUgTDJDQVBfQ29ubmVjdF9SZXEgYW5kIHRoZSBFbmNyeXB0aW9uIENoYW5nZSBldmVu
dCBhbmQgbm90IHRoZSBDb25uZWN0aW9uIENvbXBsZXRlIEV2ZW50LiANCg0KUmVnYXJkcywN
ClBldGVyDQoNCj4gUmVnYXJkcywNCj4gVGVqYXN3aW5pDQo+IA0KPiANCj4gLS0tLS1Pcmln
aW5hbCBNZXNzYWdlLS0tLS0NCj4gRnJvbTogTWFyY2VsIEhvbHRtYW5uIFttYWlsdG86bWFy
Y2VsQGhvbHRtYW5uLm9yZ10gDQo+IFNlbnQ6IFRodXJzZGF5LCBKdW5lIDMwLCAyMDExIDk6
MzkgUE0NCj4gVG86IFRlamFzd2luaSBQdXJhbmRhcmUgKFdUMDEgLSBQcm9kdWN0IEVuZ2lu
ZWVyaW5nIFNlcnZpY2VzKQ0KPiBDYzogbGludXgtYmx1ZXRvb3RoQHZnZXIua2VybmVsLm9y
Zw0KPiBTdWJqZWN0OiBSZTogTDJDQVAgY29ubmVjdGlvbiBvbiBpbnNlY3VyZSBsaW5rDQo+
IA0KPiBIaSBUZWphc3dpbmksDQo+IA0KPiA+IFdlIGFyZSBmYWNpbmcgYW4gaXNzdWUgYXMg
YmVsb3cuIA0KPiA+IA0KPiA+IFByb2JsZW0gc3RhdGVtZW50Og0KPiA+IFRoaXMgaXMgd2l0
aCByZWZlcmVuY2UgdG8gdGhlIHBhdGNoIGh0dHA6Ly9rZXJuZWwudWJ1bnR1LmNvbS9naXQ/
cD11YnVudHUvbGludXgtMi42Ly5naXQ7YT1jb21taXQ7aD1lN2MyOWNiMTZjODMzNDQxZmQy
MTYwNjQyYmIxMzAyNWY0ZTdhYzcwIGZvciBoYW5kbGluZyBMMkNBUCBjb25uZWN0aW9uIHJl
cXVlc3RzIG9uIGFuIGluc2VjdXJlIGxpbmsuIEkgYW0gcGFzdGluZyBiZWxvdyB0aGUgZGV0
YWlscyBvZiB0aGlzIHBhdGNoLg0KPiA+IA0KPiA+ICJUaGUgU2VjdXJpdHkgTW9kZSA0IG9m
IHRoZSBCbHVldG9vdGggMi4xIHNwZWNpZmljYXRpb24gaGFzIHN0cmljdCBhdXRoZW50aWNh
dGlvbiBhbmQgZW5jcnlwdGlvbiByZXF1aXJlbWVudHMuIEl0IGlzIHRoZSBpbml0aWF0b3Jz
IGpvYiB0byBjcmVhdGUgYSBzZWN1cmUgQUNMIGxpbmsuIEhvd2V2ZXIgaW4gY2FzZSBvZiBt
YWxpY2lvdXMgZGV2aWNlcywgdGhlIGFjY2VwdG9yIGhhcyB0byBtYWtlIHN1cmUgdGhhdCB0
aGUgQUNMIGlzIGVuY3J5cHRlZCBiZWZvcmUgYWxsb3dpbmcgYW55IGtpbmQgb2YgTDJDQVAg
Y29ubmVjdGlvbi4gVGhlIG9ubHkgZXhjZXB0aW9uIGhlcmUgaXMgdGhlIFBTTSAxIGZvciB0
aGUgc2VydmljZSBkaXNjb3ZlcnkgcHJvdG9jb2wsIGJlY2F1c2UgdGhhdCBpcyBhbGxvd2Vk
IHRvIHJ1biBvbiBhbiBpbnNlY3VyZSBBQ0wgbGluay4NCj4gPiBQcmV2aW91c2x5IGl0IHdh
cyBlbm91Z2ggdG8gcmVqZWN0IGEgTDJDQVAgY29ubmVjdGlvbiBkdXJpbmcgdGhlIGNvbm5l
Y3Rpb24gc2V0dXAgcGhhc2UsIGJ1dCB3aXRoIEJsdWV0b290aCAyLjEgaXQgaXMgZm9yYmlk
ZGVuIHRvIGRvIGFueSBMMkNBUCBwcm90b2NvbCBleGNoYW5nZSBvbiBhbiBpbnNlY3VyZSBs
aW5rIChleGNlcHQgU0RQKS4NCj4gPiBUaGUgbmV3IGhjaV9jb25uX2NoZWNrX2xpbmtfbW9k
ZSgpIGZ1bmN0aW9uIGNhbiBiZSB1c2VkIHRvIGNoZWNrIHRoZSBpbnRlZ3JpdHkgb2YgYW4g
QUNMIGxpbmsuIFRoaXMgZnVuY3Rpb25zIGFsc28gdGFrZXMgY2FyZSBvZiB0aGUgY2FzZXMg
d2hlcmUgU2VjdXJpdHkgTW9kZSA0IGlzIGRpc2FibGVkIG9yIG9uZSBvZiB0aGUgZGV2aWNl
cyBpcyBiYXNlZCBvbiBhbiBvbGRlciBzcGVjaWZpY2F0aW9uLiINCj4gPiANCj4gPiBPbiBy
ZWNlaXB0IG9mIGEgTDJDQVBfQ29ubmVjdF9SZXEgKGZ1bmN0aW9uIGwyY2FwX2Nvbm5lY3Rf
cmVxKCkpLCB0aGUgZnVuY3Rpb24gaGNpX2Nvbm5fY2hlY2tfbGlua19tb2RlKCkgY2hlY2tz
IGlzIGVuY3J5cHRpb24gaXMgZW5hYmxlZCBvbiB0aGUgbGluayB3aGVuIFNTUCBpcyBlbmFi
bGVkLiBJZiBlbmNyeXB0aW9uIGlzIG5vdCB5ZXQgZW5hYmxlZCB0aGVuIHRoZSBmdW5jdGlv
biBsMmNhcF9jb25uZWN0X3JlcSgpIHJldHVybnMgTDJDQVBfQ29ubmVjdF9Sc3Agd2l0aCBl
cnJvciBTZWN1cml0eSBCbG9jay4gDQo+ID4gDQo+ID4gRHVlIHRvIHRoaXMgcGF0Y2gsIGlm
IHRoZSBIQ0kgZW5jcnlwdGlvbiBjaGFuZ2UgZXZlbnQgYXJyaXZlcyBhZnRlciB0aGUgSW5p
dGlhdG9yIHNlbmRzIHRoZSBMMkNBUCBDb25uZWN0aW9uIFJlcXVlc3QsIHRoZW4gdGhlIGNv
bm5lY3Rpb24gcmVxdWVzdCBpcyByZWplY3RlZCB3aXRoIHJlc3BvbnNlIFNlY3VyaXR5IEJs
b2NrLg0KPiA+IA0KPiA+IFF1ZXJ5OiANCj4gPiBJIHdhbnRlZCB0byBrbm93IGlmIHRoaXMg
Y2FuIGJlIGhhbmRsZWQgYnkgc2VuZGluZyBhbiBMMkNBUCBDb25uZWN0aW9uIHJlc3BvbnNl
IHdpdGggQ29ubmVjdGlvbiBQZW5kaW5nIGFuZCBvbiByZWNlaXZpbmcgdGhlIEVuY3J5cHRp
b24gQ2hhbmdlIGV2ZW50IHNlbmQgdGhlIEwyQ0FQIENvbm5lY3Rpb24gcmVzcG9uc2Ugd2l0
aCBzdWNjZXNzOyBlbHNlIHdpdGggZXJyb3IgU2VjdXJpdHkgQmxvY2suIA0KPiANCj4gbm8g
aXQgY2FuIG5vdC4gVGhlIHNwZWNpZmljYXRpb24gaXMgcHJldHR5IGRhbW4gY2xlYXIgaGVy
ZS4gQW55DQo+IENvbm5lY3RfUmVxdWVzdCBuZWVkcyB0byBiZSByZWplY3RlZCBpZiB0aGUg
dW5kZXJseWluZyBsaW5rIGlzIG5vdCBrbm93DQo+IHRvIGJlIHNlY3VyZS4NCj4gDQo+IEFu
ZCB3aXRoIHNvbWUgY2hpcHMgdGhpcyBpcyBhIHJhY2UgY29uZGl0aW9ucyBpbiB0aGVpciBM
TVArQkIgYW5kIHRoZQ0KPiB0cmFuc3BvcnQgbGF5ZXIuIFRoZXkgZW5kIHVwIHNlbmRpbmcg
dGhlIEFDTCBwYWNrZXQgYmVmb3JlIHRoZSBzZW5kIHRoZQ0KPiBIQ0kgZXZlbnQgZm9yIHNp
Z25hbGluZyB0aGF0IHRoZSBlbmNyeXB0aW9uIGlzIGFjdGl2ZS4NCj4gDQo+IElmIHlvdSBk
byBsb29rIGF0IHRoZSBhaXIgdHJhZmZpYyB5b3UgbWlnaHQgc2VlIHRoYXQgdGhlIEFDTCBw
YWNrZXQNCj4gYWN0dWFsbHkgd2FzIGVuY3J5cHRlZCwgYnV0IHRoYXQgaXMgbm90IHdoYXQg
dGhleSBoYXZlIHNpZ25hbGVkIHRvIHRoZQ0KPiBob3N0IHN0YWNrLiBUaGVyZSBpcyBub3Ro
aW5nIHdlIGNhbiBkbyBmcm9tIG91ciBzaWRlLiBUaGUgY2hpcHMgbmVlZCB0bw0KPiBiZSBm
aXhlZCB0byBkbyB0aGlzIGluIHRoZSByaWdodCBvcmRlci4NCj4gDQo+IFJlZ2FyZHMNCj4g
DQo+IE1hcmNlbA0KPiANCj4gDQo+IBPvv73vv73subsc77+9Ju+/vX7vv70m77+9GO+/ve+/
vSst77+977+93bYX77+977+9d++/ve+/vcub77+977+977+9be+/vWLvv73vv71b77+9562i
77+9Ye+/vXthee+/vR3Kh9qZ77+9LGoNCu+/ve+/vWbvv73vv73vv71o77+977+977+9eu+/
vR7vv71377+977+977+9DQrvv73vv73vv71qOit277+977+977+9d++/vWrvv71t77+977+9
77+977+9DQrvv73vv73vv73vv716Wivvv73vv73vv73vv73vv73domoi77+977+9Ie+/vWkN
Cg0KDQpQbGVhc2UgZG8gbm90IHByaW50IHRoaXMgZW1haWwgdW5sZXNzIGl0IGlzIGFic29s
dXRlbHkgbmVjZXNzYXJ5LiAKClRoZSBpbmZvcm1hdGlvbiBjb250YWluZWQgaW4gdGhpcyBl
bGVjdHJvbmljIG1lc3NhZ2UgYW5kIGFueSBhdHRhY2htZW50cyB0byB0aGlzIG1lc3NhZ2Ug
YXJlIGludGVuZGVkIGZvciB0aGUgZXhjbHVzaXZlIHVzZSBvZiB0aGUgYWRkcmVzc2VlKHMp
IGFuZCBtYXkgY29udGFpbiBwcm9wcmlldGFyeSwgY29uZmlkZW50aWFsIG9yIHByaXZpbGVn
ZWQgaW5mb3JtYXRpb24uIElmIHlvdSBhcmUgbm90IHRoZSBpbnRlbmRlZCByZWNpcGllbnQs
IHlvdSBzaG91bGQgbm90IGRpc3NlbWluYXRlLCBkaXN0cmlidXRlIG9yIGNvcHkgdGhpcyBl
LW1haWwuIFBsZWFzZSBub3RpZnkgdGhlIHNlbmRlciBpbW1lZGlhdGVseSBhbmQgZGVzdHJv
eSBhbGwgY29waWVzIG9mIHRoaXMgbWVzc2FnZSBhbmQgYW55IGF0dGFjaG1lbnRzLiAKCldB
Uk5JTkc6IENvbXB1dGVyIHZpcnVzZXMgY2FuIGJlIHRyYW5zbWl0dGVkIHZpYSBlbWFpbC4g
VGhlIHJlY2lwaWVudCBzaG91bGQgY2hlY2sgdGhpcyBlbWFpbCBhbmQgYW55IGF0dGFjaG1l
bnRzIGZvciB0aGUgcHJlc2VuY2Ugb2YgdmlydXNlcy4gVGhlIGNvbXBhbnkgYWNjZXB0cyBu
byBsaWFiaWxpdHkgZm9yIGFueSBkYW1hZ2UgY2F1c2VkIGJ5IGFueSB2aXJ1cyB0cmFuc21p
dHRlZCBieSB0aGlzIGVtYWlsLiAKCnd3dy53aXByby5jb20NCg==
SGkgVGVqYXN3aW5pLA0KDQpPbiBUdWUsIDIwMTEtMDctMTIgYXQgMDc6MzQgLTA0MDAsIHRlamFz
d2luaS5wdXJhbmRhcmVAd2lwcm8uY29tIHdyb3RlOg0KPiBIZWxsbyBNYXJjZWwsDQo+IA0KPiBU
aGFua3MgZm9yIHlvdXIgcmVzcG9uc2UuIA0KPiANCj4gQ2FuIHlvdSBwbGVhc2UgbGV0IG1lIGtu
b3cgdGhlIGV4YWN0IHNlY3Rpb24gb2YgdGhlIEJUIDIuMSBDb3JlIHNwZWNpZmljYXRpb24gd2hp
Y2ggbWVudGlvbnMgIlRoZSBzcGVjaWZpY2F0aW9uIGlzIHByZXR0eSBkYW1uIGNsZWFyIGhlcmUu
IEFueSBDb25uZWN0X1JlcXVlc3QgbmVlZHMgdG8gYmUgcmVqZWN0ZWQgaWYgdGhlIHVuZGVybHlp
bmcgbGluayBpcyBub3Qga25vd24gdG8gYmUgc2VjdXJlLiINCg0KRnJvbSBWb2wgMywgUGFydCBD
LiBHZW5lcmljIEFjY2VzcyBQcm9maWxlLCBTZWN0aW9uIDUuMi4yLjIuIFNlY3VyaXR5DQpmb3Ig
QWNjZXNzIHRvIExvY2FsIFNlcnZpY2UgYnkgUmVtb3RlIERldmljZSAoUmVzcG9uZGluZyBTaWRl
KSwgcGFyYS4gNToNCg0KIklmIHRoZSByZW1vdGUgZGV2aWNlIGhhcyBpbmRpY2F0ZWQgc3VwcG9y
dCBmb3IgU2VjdXJlIFNpbXBsZSBQYWlyaW5nLCBhDQpjaGFubmVsIGVzdGFibGlzaG1lbnQgcmVx
dWVzdCBpcyByZWNlaXZlZCBmb3IgYSBzZXJ2aWNlIG90aGVyIHRoYW4gU0RQLA0KYW5kIGVuY3J5
cHRpb24gaGFzIG5vdCB5ZXQgYmVlbiBlbmFibGVkLCB0aGVuIHRoZSBsb2NhbCBkZXZpY2Ugc2hh
bGwNCmRpc2Nvbm5lY3QgdGhlIEFDTCBsaW5rIHdpdGggZXJyb3IgY29kZSAweDA1IC0gQXV0aGVu
dGljYXRpb24gRmFpbHVyZS4iDQoNCg0KUmVnYXJkbGVzcywgdGhlIGlzc3VlIHdpdGggdGhlIExN
UC9CQiByYWNlIGNhbiBiZSBleGhpYml0ZWQgYXMgdGhlDQpMMkNBUF9Db25uZWN0X1JlcSBiZWlu
ZyByZWNlaXZlZCBwcmlvciB0byByZWNlaXB0IG9mIHRoZSBDb25uZWN0aW9uDQpDb21wbGV0ZSBF
dmVudCAoaW4gd2hpY2ggY2FzZSB0aGUgQUNMIGNvbm5lY3Rpb24gaGFuZGxlIGlzIHVua25vd24p
Lg0KU2hvdWxkIHRoZSBIQ0kgY29yZSBwZW5kIHRoYXQgcmVxdWVzdCB0b28/DQoNClJlZ2FyZHMs
DQpQZXRlcg0KDQo+IFJlZ2FyZHMsDQo+IFRlamFzd2luaQ0KPiANCj4gDQo+IC0tLS0tT3JpZ2lu
YWwgTWVzc2FnZS0tLS0tDQo+IEZyb206IE1hcmNlbCBIb2x0bWFubiBbbWFpbHRvOm1hcmNlbEBo
b2x0bWFubi5vcmddIA0KPiBTZW50OiBUaHVyc2RheSwgSnVuZSAzMCwgMjAxMSA5OjM5IFBNDQo+
IFRvOiBUZWphc3dpbmkgUHVyYW5kYXJlIChXVDAxIC0gUHJvZHVjdCBFbmdpbmVlcmluZyBTZXJ2
aWNlcykNCj4gQ2M6IGxpbnV4LWJsdWV0b290aEB2Z2VyLmtlcm5lbC5vcmcNCj4gU3ViamVjdDog
UmU6IEwyQ0FQIGNvbm5lY3Rpb24gb24gaW5zZWN1cmUgbGluaw0KPiANCj4gSGkgVGVqYXN3aW5p
LA0KPiANCj4gPiBXZSBhcmUgZmFjaW5nIGFuIGlzc3VlIGFzIGJlbG93LiANCj4gPiANCj4gPiBQ
cm9ibGVtIHN0YXRlbWVudDoNCj4gPiBUaGlzIGlzIHdpdGggcmVmZXJlbmNlIHRvIHRoZSBwYXRj
aCBodHRwOi8va2VybmVsLnVidW50dS5jb20vZ2l0P3A9dWJ1bnR1L2xpbnV4LTIuNi8uZ2l0O2E9
Y29tbWl0O2g9ZTdjMjljYjE2YzgzMzQ0MWZkMjE2MDY0MmJiMTMwMjVmNGU3YWM3MCBmb3IgaGFu
ZGxpbmcgTDJDQVAgY29ubmVjdGlvbiByZXF1ZXN0cyBvbiBhbiBpbnNlY3VyZSBsaW5rLiBJIGFt
IHBhc3RpbmcgYmVsb3cgdGhlIGRldGFpbHMgb2YgdGhpcyBwYXRjaC4NCj4gPiANCj4gPiAiVGhl
IFNlY3VyaXR5IE1vZGUgNCBvZiB0aGUgQmx1ZXRvb3RoIDIuMSBzcGVjaWZpY2F0aW9uIGhhcyBz
dHJpY3QgYXV0aGVudGljYXRpb24gYW5kIGVuY3J5cHRpb24gcmVxdWlyZW1lbnRzLiBJdCBpcyB0
aGUgaW5pdGlhdG9ycyBqb2IgdG8gY3JlYXRlIGEgc2VjdXJlIEFDTCBsaW5rLiBIb3dldmVyIGlu
IGNhc2Ugb2YgbWFsaWNpb3VzIGRldmljZXMsIHRoZSBhY2NlcHRvciBoYXMgdG8gbWFrZSBzdXJl
IHRoYXQgdGhlIEFDTCBpcyBlbmNyeXB0ZWQgYmVmb3JlIGFsbG93aW5nIGFueSBraW5kIG9mIEwy
Q0FQIGNvbm5lY3Rpb24uIFRoZSBvbmx5IGV4Y2VwdGlvbiBoZXJlIGlzIHRoZSBQU00gMSBmb3Ig
dGhlIHNlcnZpY2UgZGlzY292ZXJ5IHByb3RvY29sLCBiZWNhdXNlIHRoYXQgaXMgYWxsb3dlZCB0
byBydW4gb24gYW4gaW5zZWN1cmUgQUNMIGxpbmsuDQo+ID4gUHJldmlvdXNseSBpdCB3YXMgZW5v
dWdoIHRvIHJlamVjdCBhIEwyQ0FQIGNvbm5lY3Rpb24gZHVyaW5nIHRoZSBjb25uZWN0aW9uIHNl
dHVwIHBoYXNlLCBidXQgd2l0aCBCbHVldG9vdGggMi4xIGl0IGlzIGZvcmJpZGRlbiB0byBkbyBh
bnkgTDJDQVAgcHJvdG9jb2wgZXhjaGFuZ2Ugb24gYW4gaW5zZWN1cmUgbGluayAoZXhjZXB0IFNE
UCkuDQo+ID4gVGhlIG5ldyBoY2lfY29ubl9jaGVja19saW5rX21vZGUoKSBmdW5jdGlvbiBjYW4g
YmUgdXNlZCB0byBjaGVjayB0aGUgaW50ZWdyaXR5IG9mIGFuIEFDTCBsaW5rLiBUaGlzIGZ1bmN0
aW9ucyBhbHNvIHRha2VzIGNhcmUgb2YgdGhlIGNhc2VzIHdoZXJlIFNlY3VyaXR5IE1vZGUgNCBp
cyBkaXNhYmxlZCBvciBvbmUgb2YgdGhlIGRldmljZXMgaXMgYmFzZWQgb24gYW4gb2xkZXIgc3Bl
Y2lmaWNhdGlvbi4iDQo+ID4gDQo+ID4gT24gcmVjZWlwdCBvZiBhIEwyQ0FQX0Nvbm5lY3RfUmVx
IChmdW5jdGlvbiBsMmNhcF9jb25uZWN0X3JlcSgpKSwgdGhlIGZ1bmN0aW9uIGhjaV9jb25uX2No
ZWNrX2xpbmtfbW9kZSgpIGNoZWNrcyBpcyBlbmNyeXB0aW9uIGlzIGVuYWJsZWQgb24gdGhlIGxp
bmsgd2hlbiBTU1AgaXMgZW5hYmxlZC4gSWYgZW5jcnlwdGlvbiBpcyBub3QgeWV0IGVuYWJsZWQg
dGhlbiB0aGUgZnVuY3Rpb24gbDJjYXBfY29ubmVjdF9yZXEoKSByZXR1cm5zIEwyQ0FQX0Nvbm5l
Y3RfUnNwIHdpdGggZXJyb3IgU2VjdXJpdHkgQmxvY2suIA0KPiA+IA0KPiA+IER1ZSB0byB0aGlz
IHBhdGNoLCBpZiB0aGUgSENJIGVuY3J5cHRpb24gY2hhbmdlIGV2ZW50IGFycml2ZXMgYWZ0ZXIg
dGhlIEluaXRpYXRvciBzZW5kcyB0aGUgTDJDQVAgQ29ubmVjdGlvbiBSZXF1ZXN0LCB0aGVuIHRo
ZSBjb25uZWN0aW9uIHJlcXVlc3QgaXMgcmVqZWN0ZWQgd2l0aCByZXNwb25zZSBTZWN1cml0eSBC
bG9jay4NCj4gPiANCj4gPiBRdWVyeTogDQo+ID4gSSB3YW50ZWQgdG8ga25vdyBpZiB0aGlzIGNh
biBiZSBoYW5kbGVkIGJ5IHNlbmRpbmcgYW4gTDJDQVAgQ29ubmVjdGlvbiByZXNwb25zZSB3aXRo
IENvbm5lY3Rpb24gUGVuZGluZyBhbmQgb24gcmVjZWl2aW5nIHRoZSBFbmNyeXB0aW9uIENoYW5n
ZSBldmVudCBzZW5kIHRoZSBMMkNBUCBDb25uZWN0aW9uIHJlc3BvbnNlIHdpdGggc3VjY2Vzczsg
ZWxzZSB3aXRoIGVycm9yIFNlY3VyaXR5IEJsb2NrLiANCj4gDQo+IG5vIGl0IGNhbiBub3QuIFRo
ZSBzcGVjaWZpY2F0aW9uIGlzIHByZXR0eSBkYW1uIGNsZWFyIGhlcmUuIEFueQ0KPiBDb25uZWN0
X1JlcXVlc3QgbmVlZHMgdG8gYmUgcmVqZWN0ZWQgaWYgdGhlIHVuZGVybHlpbmcgbGluayBpcyBu
b3Qga25vdw0KPiB0byBiZSBzZWN1cmUuDQo+IA0KPiBBbmQgd2l0aCBzb21lIGNoaXBzIHRoaXMg
aXMgYSByYWNlIGNvbmRpdGlvbnMgaW4gdGhlaXIgTE1QK0JCIGFuZCB0aGUNCj4gdHJhbnNwb3J0
IGxheWVyLiBUaGV5IGVuZCB1cCBzZW5kaW5nIHRoZSBBQ0wgcGFja2V0IGJlZm9yZSB0aGUgc2Vu
ZCB0aGUNCj4gSENJIGV2ZW50IGZvciBzaWduYWxpbmcgdGhhdCB0aGUgZW5jcnlwdGlvbiBpcyBh
Y3RpdmUuDQo+IA0KPiBJZiB5b3UgZG8gbG9vayBhdCB0aGUgYWlyIHRyYWZmaWMgeW91IG1pZ2h0
IHNlZSB0aGF0IHRoZSBBQ0wgcGFja2V0DQo+IGFjdHVhbGx5IHdhcyBlbmNyeXB0ZWQsIGJ1dCB0
aGF0IGlzIG5vdCB3aGF0IHRoZXkgaGF2ZSBzaWduYWxlZCB0byB0aGUNCj4gaG9zdCBzdGFjay4g
VGhlcmUgaXMgbm90aGluZyB3ZSBjYW4gZG8gZnJvbSBvdXIgc2lkZS4gVGhlIGNoaXBzIG5lZWQg
dG8NCj4gYmUgZml4ZWQgdG8gZG8gdGhpcyBpbiB0aGUgcmlnaHQgb3JkZXIuDQo+IA0KPiBSZWdh
cmRzDQo+IA0KPiBNYXJjZWwNCj4gDQo+IA0KPiAT77+977+97Lm7HO+/vSbvv71+77+9Ju+/vRjv
v73vv70rLe+/ve+/vd22F++/ve+/vXfvv73vv73Lm++/ve+/ve+/vW3vv71i77+977+9W++/veet
ou+/vWHvv717YXnvv70dyofame+/vSxqB++/ve+/vWbvv73vv73vv71o77+977+977+9eu+/vR7v
v71377+977+977+9DO+/ve+/ve+/vWo6K3bvv73vv73vv71377+9au+/vW3vv73vv73vv73vv70H
77+977+977+977+9elor77+977+977+977+977+93aJqIu+/ve+/vSHvv71pDQoNCg==
SGVsbG8gTWFyY2VsLA0KDQpUaGFua3MgZm9yIHlvdXIgcmVzcG9uc2UuIA0KDQpDYW4geW91
IHBsZWFzZSBsZXQgbWUga25vdyB0aGUgZXhhY3Qgc2VjdGlvbiBvZiB0aGUgQlQgMi4xIENv
cmUgc3BlY2lmaWNhdGlvbiB3aGljaCBtZW50aW9ucyAiVGhlIHNwZWNpZmljYXRpb24gaXMg
cHJldHR5IGRhbW4gY2xlYXIgaGVyZS4gQW55IENvbm5lY3RfUmVxdWVzdCBuZWVkcyB0byBi
ZSByZWplY3RlZCBpZiB0aGUgdW5kZXJseWluZyBsaW5rIGlzIG5vdCBrbm93biB0byBiZSBz
ZWN1cmUuIg0KDQpSZWdhcmRzLA0KVGVqYXN3aW5pDQoNCg0KLS0tLS1PcmlnaW5hbCBNZXNz
YWdlLS0tLS0NCkZyb206IE1hcmNlbCBIb2x0bWFubiBbbWFpbHRvOm1hcmNlbEBob2x0bWFu
bi5vcmddIA0KU2VudDogVGh1cnNkYXksIEp1bmUgMzAsIDIwMTEgOTozOSBQTQ0KVG86IFRl
amFzd2luaSBQdXJhbmRhcmUgKFdUMDEgLSBQcm9kdWN0IEVuZ2luZWVyaW5nIFNlcnZpY2Vz
KQ0KQ2M6IGxpbnV4LWJsdWV0b290aEB2Z2VyLmtlcm5lbC5vcmcNClN1YmplY3Q6IFJlOiBM
MkNBUCBjb25uZWN0aW9uIG9uIGluc2VjdXJlIGxpbmsNCg0KSGkgVGVqYXN3aW5pLA0KDQo+
IFdlIGFyZSBmYWNpbmcgYW4gaXNzdWUgYXMgYmVsb3cuIA0KPiANCj4gUHJvYmxlbSBzdGF0
ZW1lbnQ6DQo+IFRoaXMgaXMgd2l0aCByZWZlcmVuY2UgdG8gdGhlIHBhdGNoIGh0dHA6Ly9r
ZXJuZWwudWJ1bnR1LmNvbS9naXQ/cD11YnVudHUvbGludXgtMi42Ly5naXQ7YT1jb21taXQ7
aD1lN2MyOWNiMTZjODMzNDQxZmQyMTYwNjQyYmIxMzAyNWY0ZTdhYzcwIGZvciBoYW5kbGlu
ZyBMMkNBUCBjb25uZWN0aW9uIHJlcXVlc3RzIG9uIGFuIGluc2VjdXJlIGxpbmsuIEkgYW0g
cGFzdGluZyBiZWxvdyB0aGUgZGV0YWlscyBvZiB0aGlzIHBhdGNoLg0KPiANCj4gIlRoZSBT
ZWN1cml0eSBNb2RlIDQgb2YgdGhlIEJsdWV0b290aCAyLjEgc3BlY2lmaWNhdGlvbiBoYXMg
c3RyaWN0IGF1dGhlbnRpY2F0aW9uIGFuZCBlbmNyeXB0aW9uIHJlcXVpcmVtZW50cy4gSXQg
aXMgdGhlIGluaXRpYXRvcnMgam9iIHRvIGNyZWF0ZSBhIHNlY3VyZSBBQ0wgbGluay4gSG93
ZXZlciBpbiBjYXNlIG9mIG1hbGljaW91cyBkZXZpY2VzLCB0aGUgYWNjZXB0b3IgaGFzIHRv
IG1ha2Ugc3VyZSB0aGF0IHRoZSBBQ0wgaXMgZW5jcnlwdGVkIGJlZm9yZSBhbGxvd2luZyBh
bnkga2luZCBvZiBMMkNBUCBjb25uZWN0aW9uLiBUaGUgb25seSBleGNlcHRpb24gaGVyZSBp
cyB0aGUgUFNNIDEgZm9yIHRoZSBzZXJ2aWNlIGRpc2NvdmVyeSBwcm90b2NvbCwgYmVjYXVz
ZSB0aGF0IGlzIGFsbG93ZWQgdG8gcnVuIG9uIGFuIGluc2VjdXJlIEFDTCBsaW5rLg0KPiBQ
cmV2aW91c2x5IGl0IHdhcyBlbm91Z2ggdG8gcmVqZWN0IGEgTDJDQVAgY29ubmVjdGlvbiBk
dXJpbmcgdGhlIGNvbm5lY3Rpb24gc2V0dXAgcGhhc2UsIGJ1dCB3aXRoIEJsdWV0b290aCAy
LjEgaXQgaXMgZm9yYmlkZGVuIHRvIGRvIGFueSBMMkNBUCBwcm90b2NvbCBleGNoYW5nZSBv
biBhbiBpbnNlY3VyZSBsaW5rIChleGNlcHQgU0RQKS4NCj4gVGhlIG5ldyBoY2lfY29ubl9j
aGVja19saW5rX21vZGUoKSBmdW5jdGlvbiBjYW4gYmUgdXNlZCB0byBjaGVjayB0aGUgaW50
ZWdyaXR5IG9mIGFuIEFDTCBsaW5rLiBUaGlzIGZ1bmN0aW9ucyBhbHNvIHRha2VzIGNhcmUg
b2YgdGhlIGNhc2VzIHdoZXJlIFNlY3VyaXR5IE1vZGUgNCBpcyBkaXNhYmxlZCBvciBvbmUg
b2YgdGhlIGRldmljZXMgaXMgYmFzZWQgb24gYW4gb2xkZXIgc3BlY2lmaWNhdGlvbi4iDQo+
IA0KPiBPbiByZWNlaXB0IG9mIGEgTDJDQVBfQ29ubmVjdF9SZXEgKGZ1bmN0aW9uIGwyY2Fw
X2Nvbm5lY3RfcmVxKCkpLCB0aGUgZnVuY3Rpb24gaGNpX2Nvbm5fY2hlY2tfbGlua19tb2Rl
KCkgY2hlY2tzIGlzIGVuY3J5cHRpb24gaXMgZW5hYmxlZCBvbiB0aGUgbGluayB3aGVuIFNT
UCBpcyBlbmFibGVkLiBJZiBlbmNyeXB0aW9uIGlzIG5vdCB5ZXQgZW5hYmxlZCB0aGVuIHRo
ZSBmdW5jdGlvbiBsMmNhcF9jb25uZWN0X3JlcSgpIHJldHVybnMgTDJDQVBfQ29ubmVjdF9S
c3Agd2l0aCBlcnJvciBTZWN1cml0eSBCbG9jay4gDQo+IA0KPiBEdWUgdG8gdGhpcyBwYXRj
aCwgaWYgdGhlIEhDSSBlbmNyeXB0aW9uIGNoYW5nZSBldmVudCBhcnJpdmVzIGFmdGVyIHRo
ZSBJbml0aWF0b3Igc2VuZHMgdGhlIEwyQ0FQIENvbm5lY3Rpb24gUmVxdWVzdCwgdGhlbiB0
aGUgY29ubmVjdGlvbiByZXF1ZXN0IGlzIHJlamVjdGVkIHdpdGggcmVzcG9uc2UgU2VjdXJp
dHkgQmxvY2suDQo+IA0KPiBRdWVyeTogDQo+IEkgd2FudGVkIHRvIGtub3cgaWYgdGhpcyBj
YW4gYmUgaGFuZGxlZCBieSBzZW5kaW5nIGFuIEwyQ0FQIENvbm5lY3Rpb24gcmVzcG9uc2Ug
d2l0aCBDb25uZWN0aW9uIFBlbmRpbmcgYW5kIG9uIHJlY2VpdmluZyB0aGUgRW5jcnlwdGlv
biBDaGFuZ2UgZXZlbnQgc2VuZCB0aGUgTDJDQVAgQ29ubmVjdGlvbiByZXNwb25zZSB3aXRo
IHN1Y2Nlc3M7IGVsc2Ugd2l0aCBlcnJvciBTZWN1cml0eSBCbG9jay4gDQoNCm5vIGl0IGNh
biBub3QuIFRoZSBzcGVjaWZpY2F0aW9uIGlzIHByZXR0eSBkYW1uIGNsZWFyIGhlcmUuIEFu
eQ0KQ29ubmVjdF9SZXF1ZXN0IG5lZWRzIHRvIGJlIHJlamVjdGVkIGlmIHRoZSB1bmRlcmx5
aW5nIGxpbmsgaXMgbm90IGtub3cNCnRvIGJlIHNlY3VyZS4NCg0KQW5kIHdpdGggc29tZSBj
aGlwcyB0aGlzIGlzIGEgcmFjZSBjb25kaXRpb25zIGluIHRoZWlyIExNUCtCQiBhbmQgdGhl
DQp0cmFuc3BvcnQgbGF5ZXIuIFRoZXkgZW5kIHVwIHNlbmRpbmcgdGhlIEFDTCBwYWNrZXQg
YmVmb3JlIHRoZSBzZW5kIHRoZQ0KSENJIGV2ZW50IGZvciBzaWduYWxpbmcgdGhhdCB0aGUg
ZW5jcnlwdGlvbiBpcyBhY3RpdmUuDQoNCklmIHlvdSBkbyBsb29rIGF0IHRoZSBhaXIgdHJh
ZmZpYyB5b3UgbWlnaHQgc2VlIHRoYXQgdGhlIEFDTCBwYWNrZXQNCmFjdHVhbGx5IHdhcyBl
bmNyeXB0ZWQsIGJ1dCB0aGF0IGlzIG5vdCB3aGF0IHRoZXkgaGF2ZSBzaWduYWxlZCB0byB0
aGUNCmhvc3Qgc3RhY2suIFRoZXJlIGlzIG5vdGhpbmcgd2UgY2FuIGRvIGZyb20gb3VyIHNp
ZGUuIFRoZSBjaGlwcyBuZWVkIHRvDQpiZSBmaXhlZCB0byBkbyB0aGlzIGluIHRoZSByaWdo
dCBvcmRlci4NCg0KUmVnYXJkcw0KDQpNYXJjZWwNCg0KDQoNClBsZWFzZSBkbyBub3QgcHJp
bnQgdGhpcyBlbWFpbCB1bmxlc3MgaXQgaXMgYWJzb2x1dGVseSBuZWNlc3NhcnkuIAoKVGhl
IGluZm9ybWF0aW9uIGNvbnRhaW5lZCBpbiB0aGlzIGVsZWN0cm9uaWMgbWVzc2FnZSBhbmQg
YW55IGF0dGFjaG1lbnRzIHRvIHRoaXMgbWVzc2FnZSBhcmUgaW50ZW5kZWQgZm9yIHRoZSBl
eGNsdXNpdmUgdXNlIG9mIHRoZSBhZGRyZXNzZWUocykgYW5kIG1heSBjb250YWluIHByb3By
aWV0YXJ5LCBjb25maWRlbnRpYWwgb3IgcHJpdmlsZWdlZCBpbmZvcm1hdGlvbi4gSWYgeW91
IGFyZSBub3QgdGhlIGludGVuZGVkIHJlY2lwaWVudCwgeW91IHNob3VsZCBub3QgZGlzc2Vt
aW5hdGUsIGRpc3RyaWJ1dGUgb3IgY29weSB0aGlzIGUtbWFpbC4gUGxlYXNlIG5vdGlmeSB0
aGUgc2VuZGVyIGltbWVkaWF0ZWx5IGFuZCBkZXN0cm95IGFsbCBjb3BpZXMgb2YgdGhpcyBt
ZXNzYWdlIGFuZCBhbnkgYXR0YWNobWVudHMuIAoKV0FSTklORzogQ29tcHV0ZXIgdmlydXNl
cyBjYW4gYmUgdHJhbnNtaXR0ZWQgdmlhIGVtYWlsLiBUaGUgcmVjaXBpZW50IHNob3VsZCBj
aGVjayB0aGlzIGVtYWlsIGFuZCBhbnkgYXR0YWNobWVudHMgZm9yIHRoZSBwcmVzZW5jZSBv
ZiB2aXJ1c2VzLiBUaGUgY29tcGFueSBhY2NlcHRzIG5vIGxpYWJpbGl0eSBmb3IgYW55IGRh
bWFnZSBjYXVzZWQgYnkgYW55IHZpcnVzIHRyYW5zbWl0dGVkIGJ5IHRoaXMgZW1haWwuIAoK
d3d3LndpcHJvLmNvbQ0K