From xen-announce-bounces@lists.xenproject.org Tue Jul 07 12:19:26 2020 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Tue, 07 Jul 2020 12:19:26 +0000 Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1jsmYi-0005TP-6C; Tue, 07 Jul 2020 12:18:48 +0000 Received: from all-amaz-eas1.inumbo.com ([34.197.232.57] helo=us1-amaz-eas2.inumbo.com) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1jsmYg-0005Sv-QY for xen-announce@lists.xen.org; Tue, 07 Jul 2020 12:18:46 +0000 X-Inumbo-ID: ff1edf8c-c04b-11ea-8d5d-12813bfff9fa Received: from mail.xenproject.org (unknown [104.130.215.37]) by us1-amaz-eas2.inumbo.com (Halon) with ESMTPS id ff1edf8c-c04b-11ea-8d5d-12813bfff9fa; Tue, 07 Jul 2020 12:18:42 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=xen.org; s=20200302mail; h=Date:Message-Id:Subject:CC:From:To:MIME-Version: Content-Transfer-Encoding:Content-Type:Sender:Reply-To:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:In-Reply-To:References:List-Id:List-Help:List-Unsubscribe: List-Subscribe:List-Post:List-Owner:List-Archive; bh=pka224yeKHvOnBWMQf/upTLDc1Wie4UNUJLCWEs/KC4=; b=HQHGlhpB4pJrFNJPJts4F2QL3R BQ8USz9N48wvmAx4C9Hsi8zpMVPfGYxWgbuTHqr25bH3KPLI9XeapPHLF+eP1JJPUrwYLtnhlOtCs CS7wTaNjlsJK/5yRIieZVFv3NcoeRZ8I/aREgxO68K+iVFFpoOs0R5EKNcaapHhbYUw0=; Received: from xenbits.xenproject.org ([104.239.192.120]) by mail.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1jsmYX-0002mz-D6; Tue, 07 Jul 2020 12:18:37 +0000 Received: from iwj by xenbits.xenproject.org with local (Exim 4.92) (envelope-from ) id 1jsmYX-0000Xl-BV; Tue, 07 Jul 2020 12:18:37 +0000 Content-Type: multipart/mixed; boundary="=separator"; charset="utf-8" Content-Transfer-Encoding: binary MIME-Version: 1.0 X-Mailer: MIME-tools 5.509 (Entity 5.509) To: xen-announce@lists.xen.org, xen-devel@lists.xen.org, xen-users@lists.xen.org, oss-security@lists.openwall.com From: Xen.org security team Subject: Xen Security Advisory 319 v3 (CVE-2020-15563) - inverted code paths in x86 dirty VRAM tracking Message-Id: Date: Tue, 07 Jul 2020 12:18:37 +0000 X-BeenThere: xen-announce@lists.xenproject.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: "Xen announcements \(low volume\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Cc: "Xen.org security team" Errors-To: xen-announce-bounces@lists.xenproject.org Sender: "Xen-announce" --=separator Content-Type: text/plain; charset="utf-8" Content-Disposition: inline Content-Transfer-Encoding: 7bit -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Xen Security Advisory CVE-2020-15563 / XSA-319 version 3 inverted code paths in x86 dirty VRAM tracking UPDATES IN VERSION 3 ==================== Public release. ISSUE DESCRIPTION ================= An inverted conditional in x86 HVM guests' dirty video RAM tracking code allows such guests to make Xen de-reference a pointer guaranteed to point at unmapped space. IMPACT ====== A malicious or buggy HVM guest may cause the hypervisor to crash, resulting in Denial of Service (DoS) affecting the entire host. VULNERABLE SYSTEMS ================== Xen versions from 4.8 onwards are affected. Xen versions 4.7 and earlier are not affected. Only x86 systems are affected. Arm systems are not affected. Only x86 HVM guests using shadow paging can leverage the vulnerability. In addition there needs to be an entity actively monitoring a guest's video frame buffer (typically for display purposes) in order for such a guest to be able to leverage the vulnerability. x86 PV guests as well as x86 HVM guest using hardware assisted paging (HAP) cannot leverage the vulnerability. MITIGATION ========== Running only PV guests will avoid the vulnerability. For HVM guest explicitly configured to use shadow paging (e.g. via the `hap=0' xl domain configuration file parameter), changing to HAP (e.g. by setting `hap=1') will avoid exposing the vulnerability to those guests. HAP is the default (in upstream Xen), where the hardware supports it; so this mitigation is only applicable if HAP has been disabled by configuration. CREDITS ======= This issue was discovered by Jan Beulich of SUSE. RESOLUTION ========== Applying the attached patch resolves this issue. Note that patches for released versions are generally prepared to apply to the stable branches, and may not apply cleanly to the most recent release tarball. Downstreams are encouraged to update to the tip of the stable branch before applying these patches. xsa319.patch xen-unstable, 4.13 - 4.9 $ sha256sum xsa319* 1fe0dc2e274776b8e1275f85129280f280f94ca4eabe6a8166113283dad93ed8 xsa319.meta c145f394f8ac7d8838c376a97e1850c4125c12e478fc66ebe025ae397b27e6ea xsa319.patch $ DEPLOYMENT DURING EMBARGO ========================= Deployment of the patch described above (or others which are substantially similar) is permitted during the embargo, even on public-facing systems with untrusted guest users and administrators. HOWEVER deployment of the "use HAP mode" mitigation described above is NOT permitted (except where all the affected systems and VMs are administered and used only by organisations which are members of the Xen Project Security Issues Predisclosure List). Specifically, deployment on public cloud systems is NOT permitted. This is because in that case the configuration change can be observed by guests, which could lead to the rediscovery of the vulnerability. But: Distribution of updated software is prohibited (except to other members of the predisclosure list). Predisclosure list members who wish to deploy significantly different patches and/or mitigations, please contact the Xen Project Security Team. (Note: this during-embargo deployment notice is retained in post-embargo publicly released Xen Project advisories, even though it is then no longer applicable. This is to enable the community to have oversight of the Xen Project Security Team's decisionmaking.) For more information about permissible uses of embargoed information, consult the Xen Project community's agreed Security Policy: http://www.xenproject.org/security-policy.html -----BEGIN PGP SIGNATURE----- iQFABAEBCAAqFiEEI+MiLBRfRHX6gGCng/4UyVfoK9kFAl8EZ/sMHHBncEB4ZW4u b3JnAAoJEIP+FMlX6CvZ75YH/jX/sAs0icOgBtHkwVZHg318OBExxt9x+ehk/pxb i+1ZlS/IrJ8eJdHJYq8HYvAlxmtmFP1I0t+C9vmwbP4QMcR++RmKgdJI4+/sqCsB AMEnK+cVJSbHxD7y7eW2CPuU3h0cKx0H24JgtzA2ONse7dVz7RN+oa97D5IKryTL cBW8WroMn2InbKMCUy/5zj89NLAlbSuWSVZzQidDwzTITukzhZZ7Xw0+Q2yh1nkK S4kcmz7Bzzd5Mc1gFr1Eh1FxfmVVl5RxwDE//3a5VbmfPVo/f0kMOIWjXVd1R1dj x78SPrPojOAZbb8+f1LYqHmqzCgzvpa4EFbsOnsB7CBmP2Q= =bDFh -----END PGP SIGNATURE----- --=separator Content-Type: application/octet-stream; name="xsa319.meta" Content-Disposition: attachment; filename="xsa319.meta" Content-Transfer-Encoding: base64 ewogICJYU0EiOiAzMTksCiAgIlN1cHBvcnRlZFZlcnNpb25zIjogWwogICAg Im1hc3RlciIsCiAgICAiNC4xMyIsCiAgICAiNC4xMiIsCiAgICAiNC4xMSIs CiAgICAiNC4xMCIsCiAgICAiNC45IgogIF0sCiAgIlRyZWVzIjogWwogICAg InhlbiIKICBdLAogICJSZWNpcGVzIjogewogICAgIjQuMTAiOiB7CiAgICAg ICJSZWNpcGVzIjogewogICAgICAgICJ4ZW4iOiB7CiAgICAgICAgICAiU3Rh YmxlUmVmIjogImZkNmU0OWVjYWUwMzg0MDYxMGZkYzZhNDE2YTYzODU5MGMw YjY1MzUiLAogICAgICAgICAgIlByZXJlcXMiOiBbCiAgICAgICAgICAgIDMx NwogICAgICAgICAgXSwKICAgICAgICAgICJQYXRjaGVzIjogWwogICAgICAg ICAgICAieHNhMzE5LnBhdGNoIgogICAgICAgICAgXQogICAgICAgIH0KICAg ICAgfQogICAgfSwKICAgICI0LjExIjogewogICAgICAiUmVjaXBlcyI6IHsK ICAgICAgICAieGVuIjogewogICAgICAgICAgIlN0YWJsZVJlZiI6ICIyYjc3 NzI5ODg4ZmI4NTFhYjk2ZTdmNzdiYzg1NDEyMjYyNmI0ODYxIiwKICAgICAg ICAgICJQcmVyZXFzIjogWwogICAgICAgICAgICAzMTcKICAgICAgICAgIF0s CiAgICAgICAgICAiUGF0Y2hlcyI6IFsKICAgICAgICAgICAgInhzYTMxOS5w YXRjaCIKICAgICAgICAgIF0KICAgICAgICB9CiAgICAgIH0KICAgIH0sCiAg ICAiNC4xMiI6IHsKICAgICAgIlJlY2lwZXMiOiB7CiAgICAgICAgInhlbiI6 IHsKICAgICAgICAgICJTdGFibGVSZWYiOiAiMDUwZmU0OGRjOTgxZTA0ODhk ZTFmNmM2YzA3ZDgxMTBmM2I3NTIzYiIsCiAgICAgICAgICAiUHJlcmVxcyI6 IFsKICAgICAgICAgICAgMzE3CiAgICAgICAgICBdLAogICAgICAgICAgIlBh dGNoZXMiOiBbCiAgICAgICAgICAgICJ4c2EzMTkucGF0Y2giCiAgICAgICAg ICBdCiAgICAgICAgfQogICAgICB9CiAgICB9LAogICAgIjQuMTMiOiB7CiAg ICAgICJSZWNpcGVzIjogewogICAgICAgICJ4ZW4iOiB7CiAgICAgICAgICAi U3RhYmxlUmVmIjogIjlmN2U4YmFjNGNhMjc5YjNiZmNjYjVmMzczMGZiMmU1 Mzk4Yzk1YWIiLAogICAgICAgICAgIlByZXJlcXMiOiBbCiAgICAgICAgICAg IDMxNwogICAgICAgICAgXSwKICAgICAgICAgICJQYXRjaGVzIjogWwogICAg ICAgICAgICAieHNhMzE5LnBhdGNoIgogICAgICAgICAgXQogICAgICAgIH0K ICAgICAgfQogICAgfSwKICAgICI0LjkiOiB7CiAgICAgICJSZWNpcGVzIjog ewogICAgICAgICJ4ZW4iOiB7CiAgICAgICAgICAiU3RhYmxlUmVmIjogIjZl NDc3YzJlYTRkNWMyNmE3YTdiMmY4NTAxNjZhYTc5ZWRjNTIyNWMiLAogICAg ICAgICAgIlByZXJlcXMiOiBbXSwKICAgICAgICAgICJQYXRjaGVzIjogWwog ICAgICAgICAgICAieHNhMzE5LnBhdGNoIgogICAgICAgICAgXQogICAgICAg IH0KICAgICAgfQogICAgfSwKICAgICJtYXN0ZXIiOiB7CiAgICAgICJSZWNp cGVzIjogewogICAgICAgICJ4ZW4iOiB7CiAgICAgICAgICAiU3RhYmxlUmVm IjogImU0ZDIyMDcxNjViMzc5ZWMxM2M4YjUxMjkzNmY2Mzk4MmFmNjJkMTMi LAogICAgICAgICAgIlByZXJlcXMiOiBbCiAgICAgICAgICAgIDMxNwogICAg ICAgICAgXSwKICAgICAgICAgICJQYXRjaGVzIjogWwogICAgICAgICAgICAi eHNhMzE5LnBhdGNoIgogICAgICAgICAgXQogICAgICAgIH0KICAgICAgfQog ICAgfQogIH0KfQ== --=separator Content-Type: application/octet-stream; name="xsa319.patch" Content-Disposition: attachment; filename="xsa319.patch" Content-Transfer-Encoding: base64 RnJvbTogSmFuIEJldWxpY2ggPGpiZXVsaWNoQHN1c2UuY29tPgpTdWJqZWN0 OiB4ODYvc2hhZG93OiBjb3JyZWN0IGFuIGludmVydGVkIGNvbmRpdGlvbmFs IGluIGRpcnR5IFZSQU0gdHJhY2tpbmcKClRoaXMgb3JpZ2luYWxseSB3YXMg Im1mbl94KG1mbikgPT0gSU5WQUxJRF9NRk4iLiBNYWtlIGl0IGxpa2UgdGhp cwphZ2FpbiwgdGFraW5nIHRoZSBvcHBvcnR1bml0eSB0byBhbHNvIGRyb3Ag dGhlIHVubmVjZXNzYXJ5IG5lYXJieQpicmFjZXMuCgpUaGlzIGlzIFhTQS0z MTkuCgpGaXhlczogMjQ2YTVhMzM3N2MyICgieGVuOiBVc2UgYSB0eXBlc2Fm ZSB0byBkZWZpbmUgSU5WQUxJRF9NRk4iKQpTaWduZWQtb2ZmLWJ5OiBKYW4g QmV1bGljaCA8amJldWxpY2hAc3VzZS5jb20+ClJldmlld2VkLWJ5OiBBbmRy ZXcgQ29vcGVyIDxhbmRyZXcuY29vcGVyM0BjaXRyaXguY29tPgoKLS0tIGEv eGVuL2FyY2gveDg2L21tL3NoYWRvdy9jb21tb24uYworKysgYi94ZW4vYXJj aC94ODYvbW0vc2hhZG93L2NvbW1vbi5jCkBAIC0zMjUyLDEwICszMjUyLDgg QEAgaW50IHNoYWRvd190cmFja19kaXJ0eV92cmFtKHN0cnVjdCBkb21haQog ICAgICAgICAgICAgaW50IGRpcnR5ID0gMDsKICAgICAgICAgICAgIHBhZGRy X3Qgc2wxbWEgPSBkaXJ0eV92cmFtLT5zbDFtYVtpXTsKIAotICAgICAgICAg ICAgaWYgKCAhbWZuX2VxKG1mbiwgSU5WQUxJRF9NRk4pICkKLSAgICAgICAg ICAgIHsKKyAgICAgICAgICAgIGlmICggbWZuX2VxKG1mbiwgSU5WQUxJRF9N Rk4pICkKICAgICAgICAgICAgICAgICBkaXJ0eSA9IDE7Ci0gICAgICAgICAg ICB9CiAgICAgICAgICAgICBlbHNlCiAgICAgICAgICAgICB7CiAgICAgICAg ICAgICAgICAgcGFnZSA9IG1mbl90b19wYWdlKG1mbik7Cg== --=separator-- From xen-announce-bounces@lists.xenproject.org Tue Jul 07 12:19:26 2020 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Tue, 07 Jul 2020 12:19:26 +0000 Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1jsmYf-0005TB-Su; Tue, 07 Jul 2020 12:18:45 +0000 Received: from us1-rack-iad1.inumbo.com ([172.99.69.81]) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1jsmYf-0005Sp-9X for xen-announce@lists.xen.org; Tue, 07 Jul 2020 12:18:45 +0000 X-Inumbo-ID: fd2469cc-c04b-11ea-bca7-bc764e2007e4 Received: from mail.xenproject.org (unknown [104.130.215.37]) by us1-rack-iad1.inumbo.com (Halon) with ESMTPS id fd2469cc-c04b-11ea-bca7-bc764e2007e4; Tue, 07 Jul 2020 12:18:39 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=xen.org; s=20200302mail; h=Date:Message-Id:Subject:CC:From:To:MIME-Version: Content-Transfer-Encoding:Content-Type:Sender:Reply-To:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:In-Reply-To:References:List-Id:List-Help:List-Unsubscribe: List-Subscribe:List-Post:List-Owner:List-Archive; bh=mFmAfu+l9Qnx7Y9fQVSM/XKGmQ57MHrxuyQCgm25OCQ=; b=qFrRGnrO5DPb5kurUU6le/eUUD CRXilbVw+GyIW2LF4yoHF83eJv2Lo6OS1FSAteKRby6ngUBfP4WTQTQXEktq/crTkHrQadF43OC/W jnoB7/SzpRDfk438u0t5y97zmw9NIc8cVs3vSjL3cKLFhTa2gwzhQ1Z/cOKGfBuF064Q=; Received: from xenbits.xenproject.org ([104.239.192.120]) by mail.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1jsmYT-0002mn-TH; Tue, 07 Jul 2020 12:18:33 +0000 Received: from iwj by xenbits.xenproject.org with local (Exim 4.92) (envelope-from ) id 1jsmYT-0000Wl-Q7; Tue, 07 Jul 2020 12:18:33 +0000 Content-Type: multipart/mixed; boundary="=separator"; charset="utf-8" Content-Transfer-Encoding: binary MIME-Version: 1.0 X-Mailer: MIME-tools 5.509 (Entity 5.509) To: xen-announce@lists.xen.org, xen-devel@lists.xen.org, xen-users@lists.xen.org, oss-security@lists.openwall.com From: Xen.org security team Subject: Xen Security Advisory 317 v3 (CVE-2020-15566) - Incorrect error handling in event channel port allocation Message-Id: Date: Tue, 07 Jul 2020 12:18:33 +0000 X-BeenThere: xen-announce@lists.xenproject.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: "Xen announcements \(low volume\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Cc: "Xen.org security team" Errors-To: xen-announce-bounces@lists.xenproject.org Sender: "Xen-announce" --=separator Content-Type: text/plain; charset="utf-8" Content-Disposition: inline Content-Transfer-Encoding: 7bit -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Xen Security Advisory CVE-2020-15566 / XSA-317 version 3 Incorrect error handling in event channel port allocation UPDATES IN VERSION 3 ==================== Public release. ISSUE DESCRIPTION ================= The allocation of an event channel port may fail for multiple reasons: 1) Port is already in use 2) The memory allocation failed 3) The port we try to allocate is higher than what is supported by the ABI (e.g 2L or FIFO) used by the guest or the limit set by an administrator ('max_event_channels' in xl cfg). Due to the missing error checks, only 1) will be considered as an error. All the other cases will provide a "valid" port and will result to a crash when trying to access the event channel. IMPACT ====== When the administrator configured a guest to allow more than 1023 event channels, that guest may be able to crash the host. When Xen is out-of-memory, allocation of new event channels will result in crashing the host rather than reporting an error. VULNERABLE SYSTEMS ================== Xen versions 4.10 and later are affected. (The special Xen 4.8 "Comet" branch for XSA-254 contains changes similar to those which led to this vulnerability; so it is likely to be affected, but - like mainline Xen 4.8 - that branch is longer security-supported.) Older Xen versions are unaffected. All architectures are affected. The default configuration, when guests are created with xl/libxl, is not vulnerable, because of the default event channel limit (see Mitigation, below). MITIGATION ========== The problem can be avoided by reducing the number of event channels available to the guest no more than 1023. For example, setting "max_event_channels=1023" in the xl domain configuration, or deleting any existing setting (since 1023 is the default for xl/libxl). For ARM systems, any limit no more than 4095 is safe. For 64-bit x86 PV guests, any limit no more than 4095 is likewise safe if the host configuration prevents the guest administrator from substituting and running a 32-bit kernel (and thereby putting the guest into 32-bit PV mode). CREDITS ======= This issue was discovered by Amazon. RESOLUTION ========== Applying the attached patch resolves this issue. Note that patches for released versions are generally prepared to apply to the stable branches, and may not apply cleanly to the most recent release tarball. Downstreams are encouraged to update to the tip of the stable branch before applying these patches. xsa317.patch Xen 4.10 - xen-unstable $ sha256sum xsa317* 11e77dd8644cee40cee609d02e27d70655f3999005cae8c24fb2801980ebb4f2 xsa317.meta 17908035e2da07f6070fa8de345db68c96ed9bd78f8b114e43ba0194c1be3f15 xsa317.patch $ DEPLOYMENT DURING EMBARGO ========================= Deployment of the *patch* described above (or others which are substantially similar) is permitted during the embargo, even on public-facing systems with untrusted guest users and administrators. But: Distribution of updated software is prohibited (except to other members of the predisclosure list). And: deployment of the event channel limit reduction mitigation is NOT permitted (except where all the affected systems and VMs are administered and used only by organisations which are members of the Xen Project Security Issues Predisclosure List). Specifically, deployment on public cloud systems is NOT permitted. This is because such a change can be visible to the guest, so it would leak the preconditions for the vulnerability and maybe lead to rediscovery. Deployment of this, or similar mitigations, is permitted only AFTER the embargo ends. Predisclosure list members who wish to deploy significantly different patches and/or mitigations, please contact the Xen Project Security Team. (Note: this during-embargo deployment notice is retained in post-embargo publicly released Xen Project advisories, even though it is then no longer applicable. This is to enable the community to have oversight of the Xen Project Security Team's decisionmaking.) For more information about permissible uses of embargoed information, consult the Xen Project community's agreed Security Policy: http://www.xenproject.org/security-policy.html -----BEGIN PGP SIGNATURE----- iQFABAEBCAAqFiEEI+MiLBRfRHX6gGCng/4UyVfoK9kFAl8EZ/gMHHBncEB4ZW4u b3JnAAoJEIP+FMlX6CvZQUwIAK8W8bZ0xml2bzAu4vsXi8QqhDX4VrpkgADYZS+M BD8hpllQ+O/CiM5ZMECj7zaWYTt7+VrGrqK4jtf2REBs/sOWcO+k7KdEury4XCKf jIG4CzCBHC46RVEKftiqQNTX2ebVBDwoj+1fGeIvm7OhcZ7f6KdhYPHvE2bU8D45 ghr2jw33HZHoG7IsPQvJn8u6wqd6l+7h0BxhgzO5U8pI+w3ZXRM4XAno+ERzs8LO N5ffv8UeaMIpkHoYEdsKOK/ItjhoCASoWTFvbE90u7f2WbimFnBG3oCPEVPt89kv Y/o0+0jBk+WjXbPChMmMu5WuQuKVFDelMXLLE6mjfhGAvnI= =vEgE -----END PGP SIGNATURE----- --=separator Content-Type: application/octet-stream; name="xsa317.meta" Content-Disposition: attachment; filename="xsa317.meta" Content-Transfer-Encoding: base64 ewogICJYU0EiOiAzMTcsCiAgIlN1cHBvcnRlZFZlcnNpb25zIjogWwogICAg Im1hc3RlciIsCiAgICAiNC4xMyIsCiAgICAiNC4xMiIsCiAgICAiNC4xMSIs CiAgICAiNC4xMCIKICBdLAogICJUcmVlcyI6IFsKICAgICJ4ZW4iCiAgXSwK ICAiUmVjaXBlcyI6IHsKICAgICI0LjEwIjogewogICAgICAiUmVjaXBlcyI6 IHsKICAgICAgICAieGVuIjogewogICAgICAgICAgIlN0YWJsZVJlZiI6ICJm ZDZlNDllY2FlMDM4NDA2MTBmZGM2YTQxNmE2Mzg1OTBjMGI2NTM1IiwKICAg ICAgICAgICJQcmVyZXFzIjogW10sCiAgICAgICAgICAiUGF0Y2hlcyI6IFtd CiAgICAgICAgfQogICAgICB9CiAgICB9LAogICAgIjQuMTEiOiB7CiAgICAg ICJSZWNpcGVzIjogewogICAgICAgICJ4ZW4iOiB7CiAgICAgICAgICAiU3Rh YmxlUmVmIjogIjJiNzc3Mjk4ODhmYjg1MWFiOTZlN2Y3N2JjODU0MTIyNjI2 YjQ4NjEiLAogICAgICAgICAgIlByZXJlcXMiOiBbXSwKICAgICAgICAgICJQ YXRjaGVzIjogW10KICAgICAgICB9CiAgICAgIH0KICAgIH0sCiAgICAiNC4x MiI6IHsKICAgICAgIlJlY2lwZXMiOiB7CiAgICAgICAgInhlbiI6IHsKICAg ICAgICAgICJTdGFibGVSZWYiOiAiMDUwZmU0OGRjOTgxZTA0ODhkZTFmNmM2 YzA3ZDgxMTBmM2I3NTIzYiIsCiAgICAgICAgICAiUHJlcmVxcyI6IFtdLAog ICAgICAgICAgIlBhdGNoZXMiOiBbXQogICAgICAgIH0KICAgICAgfQogICAg fSwKICAgICI0LjEzIjogewogICAgICAiUmVjaXBlcyI6IHsKICAgICAgICAi eGVuIjogewogICAgICAgICAgIlN0YWJsZVJlZiI6ICI5ZjdlOGJhYzRjYTI3 OWIzYmZjY2I1ZjM3MzBmYjJlNTM5OGM5NWFiIiwKICAgICAgICAgICJQcmVy ZXFzIjogW10sCiAgICAgICAgICAiUGF0Y2hlcyI6IFtdCiAgICAgICAgfQog ICAgICB9CiAgICB9LAogICAgIjQuOSI6IHsKICAgICAgIlJlY2lwZXMiOiB7 CiAgICAgICAgInhlbiI6IHsKICAgICAgICAgICJTdGFibGVSZWYiOiAiNmU0 NzdjMmVhNGQ1YzI2YTdhN2IyZjg1MDE2NmFhNzllZGM1MjI1YyIsCiAgICAg ICAgICAiUHJlcmVxcyI6IFtdLAogICAgICAgICAgIlBhdGNoZXMiOiBbXQog ICAgICAgIH0KICAgICAgfQogICAgfSwKICAgICJtYXN0ZXIiOiB7CiAgICAg ICJSZWNpcGVzIjogewogICAgICAgICJ4ZW4iOiB7CiAgICAgICAgICAiU3Rh YmxlUmVmIjogImU0ZDIyMDcxNjViMzc5ZWMxM2M4YjUxMjkzNmY2Mzk4MmFm NjJkMTMiLAogICAgICAgICAgIlByZXJlcXMiOiBbXSwKICAgICAgICAgICJQ YXRjaGVzIjogW10KICAgICAgICB9CiAgICAgIH0KICAgIH0KICB9Cn0K --=separator Content-Type: application/octet-stream; name="xsa317.patch" Content-Disposition: attachment; filename="xsa317.patch" Content-Transfer-Encoding: base64 RnJvbSBhZWI0NmU5MmY5MTVmMTlhNjFkNWE4YTFmNGI2OTY3OTNmNjRlNmZi IE1vbiBTZXAgMTcgMDA6MDA6MDAgMjAwMQpGcm9tOiBKdWxpZW4gR3JhbGwg PGpncmFsbEBhbWF6b24uY29tPgpEYXRlOiBUaHUsIDE5IE1hciAyMDIwIDEz OjE3OjMxICswMDAwClN1YmplY3Q6IFtQQVRDSF0geGVuL2NvbW1vbjogZXZl bnRfY2hhbm5lbDogRG9uJ3QgaWdub3JlIGVycm9yIGluCiBnZXRfZnJlZV9w b3J0KCkKCkN1cnJlbnRseSwgZ2V0X2ZyZWVfcG9ydCgpIGlzIGFzc3VtaW5n IHRoYXQgdGhlIHBvcnQgaGFzIGJlZW4gYWxsb2NhdGVkCndoZW4gZXZ0Y2hu X2FsbG9jYXRlX3BvcnQoKSBpcyBub3QgcmV0dXJuIC1FQlVTWS4KCkhvd2V2 ZXIsIHRoZSBmdW5jdGlvbiBtYXkgcmV0dXJuIGFuIGVycm9yIHdoZW46CiAg ICAtIFdlIGV4aGF1c3RlZCBhbGwgdGhlIGV2ZW50IGNoYW5uZWxzLiBUaGlz IGNhbiBoYXBwZW4gaWYgdGhlIGxpbWl0CiAgICBjb25maWd1cmVkIGJ5IHRo ZSBhZG1pbmlzdHJhdG9yIGZvciB0aGUgZ3Vlc3QgKCdtYXhfZXZlbnRfY2hh bm5lbHMnCiAgICBpbiB4bCBjZmcpIGlzIGhpZ2hlciB0aGFuIHRoZSBBQkkg dXNlZCBieSB0aGUgZ3Vlc3QuIEZvciBpbnN0YW5jZSwKICAgIGlmIHRoZSBn dWVzdCBpcyB1c2luZyAyTCwgdGhlIGxpbWl0IHNob3VsZCBub3QgYmUgaGln aGVyIHRoYW4gNDA5NS4KICAgIC0gV2UgY2Fubm90IGFsbG9jYXRlIG1lbW9y eSAoZS5nIFhlbiBoYXMgbm90IG1vcmUgbWVtb3J5KS4KClVzZXJzIG9mIGdl dF9mcmVlX3BvcnQoKSAoc3VjaCBhcyBFVlRDSE5PUF9hbGxvY191bmJvdW5k KSB3aWxsIHZhbGlkbHkKYXNzdW1pbmcgdGhlIHBvcnQgd2FzIHZhbGlkIGFu ZCB3aWxsIG5leHQgY2FsbCBldnRjaG5fZnJvbV9wb3J0KCkuIFRoaXMKd2ls bCByZXN1bHQgdG8gYSBjcmFzaCBhcyB0aGUgbWVtb3J5IGJhY2tpbmcgdGhl IGV2ZW50IGNoYW5uZWwgc3RydWN0dXJlCmlzIG5vdCBwcmVzZW50LgoKRml4 ZXM6IDM2OGFlOWEwNWZlICgieGVuL3B2c2hpbTogZm9yd2FyZCBldnRjaG4g b3BzIGJldHdlZW4gTDAgWGVuIGFuZCBMMiBEb21VIikKU2lnbmVkLW9mZi1i eTogSnVsaWVuIEdyYWxsIDxqZ3JhbGxAYW1hem9uLmNvbT4KUmV2aWV3ZWQt Ynk6IEphbiBCZXVsaWNoIDxqYmV1bGljaEBzdXNlLmNvbT4KLS0tCiB4ZW4v Y29tbW9uL2V2ZW50X2NoYW5uZWwuYyB8IDggKysrKy0tLS0KIDEgZmlsZSBj aGFuZ2VkLCA0IGluc2VydGlvbnMoKyksIDQgZGVsZXRpb25zKC0pCgpkaWZm IC0tZ2l0IGEveGVuL2NvbW1vbi9ldmVudF9jaGFubmVsLmMgYi94ZW4vY29t bW9uL2V2ZW50X2NoYW5uZWwuYwppbmRleCBlODZlMmJmYWIwLi5hOGQxODJi NTg0IDEwMDY0NAotLS0gYS94ZW4vY29tbW9uL2V2ZW50X2NoYW5uZWwuYwor KysgYi94ZW4vY29tbW9uL2V2ZW50X2NoYW5uZWwuYwpAQCAtMTk1LDEwICsx OTUsMTAgQEAgc3RhdGljIGludCBnZXRfZnJlZV9wb3J0KHN0cnVjdCBkb21h aW4gKmQpCiAgICAgewogICAgICAgICBpbnQgcmMgPSBldnRjaG5fYWxsb2Nh dGVfcG9ydChkLCBwb3J0KTsKIAotICAgICAgICBpZiAoIHJjID09IC1FQlVT WSApCi0gICAgICAgICAgICBjb250aW51ZTsKLQotICAgICAgICByZXR1cm4g cG9ydDsKKyAgICAgICAgaWYgKCByYyA9PSAwICkKKyAgICAgICAgICAgIHJl dHVybiBwb3J0OworICAgICAgICBlbHNlIGlmICggcmMgIT0gLUVCVVNZICkK KyAgICAgICAgICAgIHJldHVybiByYzsKICAgICB9CiAKICAgICByZXR1cm4g LUVOT1NQQzsKLS0gCjIuMTcuMQoK --=separator-- From xen-announce-bounces@lists.xenproject.org Tue Jul 07 12:22:56 2020 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Tue, 07 Jul 2020 12:22:56 +0000 Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1jsmbr-0006k9-8V; Tue, 07 Jul 2020 12:22:03 +0000 Received: from us1-rack-iad1.inumbo.com ([172.99.69.81]) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1jsmbp-0006jB-Dn for xen-announce@lists.xen.org; Tue, 07 Jul 2020 12:22:01 +0000 X-Inumbo-ID: 71f3babe-c04c-11ea-bb8b-bc764e2007e4 Received: from mail.xenproject.org (unknown [104.130.215.37]) by us1-rack-iad1.inumbo.com (Halon) with ESMTPS id 71f3babe-c04c-11ea-bb8b-bc764e2007e4; Tue, 07 Jul 2020 12:21:55 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=xen.org; s=20200302mail; h=Date:Message-Id:Subject:CC:From:To:MIME-Version: Content-Transfer-Encoding:Content-Type:Sender:Reply-To:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:In-Reply-To:References:List-Id:List-Help:List-Unsubscribe: List-Subscribe:List-Post:List-Owner:List-Archive; bh=+jb059afZWg7ECHFvnGYbIcRZH6cC5fsjzA8zhBrxqQ=; b=kh2EL+TxbfwSawpcEjdqwVgmfs X1HkRdkXQVAzhyfbtPZ9FIoUkdn7qaATSomj8UCNVuREowPibLmJsiXcvyZkd2WxexueoolwoJgwq 8DlQrORTiohRl3A741rGmYwuDAH54EiWf6401v1kotfOoYUmSKKT1QzWMdWgdts1Nfek=; Received: from xenbits.xenproject.org ([104.239.192.120]) by mail.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1jsmbd-0002rk-6d; Tue, 07 Jul 2020 12:21:49 +0000 Received: from iwj by xenbits.xenproject.org with local (Exim 4.92) (envelope-from ) id 1jsmbd-0002Fv-4w; Tue, 07 Jul 2020 12:21:49 +0000 Content-Type: multipart/mixed; boundary="=separator"; charset="utf-8" Content-Transfer-Encoding: binary MIME-Version: 1.0 X-Mailer: MIME-tools 5.509 (Entity 5.509) To: xen-announce@lists.xen.org, xen-devel@lists.xen.org, xen-users@lists.xen.org, oss-security@lists.openwall.com From: Xen.org security team Subject: Xen Security Advisory 321 v3 (CVE-2020-15565) - insufficient cache write-back under VT-d Message-Id: Date: Tue, 07 Jul 2020 12:21:49 +0000 X-BeenThere: xen-announce@lists.xenproject.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: "Xen announcements \(low volume\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Cc: "Xen.org security team" Errors-To: xen-announce-bounces@lists.xenproject.org Sender: "Xen-announce" --=separator Content-Type: text/plain; charset="utf-8" Content-Disposition: inline Content-Transfer-Encoding: 7bit -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Xen Security Advisory CVE-2020-15565 / XSA-321 version 3 insufficient cache write-back under VT-d UPDATES IN VERSION 3 ==================== Public release. ISSUE DESCRIPTION ================= When page tables are shared between IOMMU and CPU, changes to them require flushing of both TLBs. Furthermore, IOMMUs may be non-coherent, and hence prior to flushing IOMMU TLBs CPU cached also needs writing back to memory after changes were made. Such writing back of cached data was missing in particular when splitting large page mappings into smaller granularity ones. IMPACT ====== A malicious guest may be able to retain read/write DMA access to frames returned to Xen's free pool, and later reused for another purpose. Host crashes (leading to a Denial of Service) and privilege escalation cannot be ruled out. VULNERABLE SYSTEMS ================== Xen versions from at least 3.2 onwards are affected. Only x86 Intel systems are affected. x86 AMD as well as Arm systems are not affected. Only x86 HVM guests using hardware assisted paging (HAP), having a passed through PCI device assigned, and having page table sharing enabled can leverage the vulnerability. Note that page table sharing will be enabled (by default) only if Xen considers IOMMU and CPU large page size support compatible. MITIGATION ========== Suppressing the use of page table sharing will avoid the vulnerability (command line option "iommu=no-sharept"). Note however that as of Xen version 4.13 there's also a respective per-guest control ("passthrough=" libxl guest config file option). If any guests have been created with an explicit setting here, this setting may conflict with the addition of the "iommu=no-sharept" Xen command line option. Suppressing the use of large HAP pages will avoid the vulnerability (command line options "hap_2mb=no hap_1gb=no"). Not passing through PCI devices to HVM guests will avoid the vulnerability. CREDITS ======= This issue was discovered by Roger Pau Monné of Citrix. RESOLUTION ========== Applying the appropriate set of attached patches resolves this issue. Note that unlike implied by the numbering, the patches here are intended to go on top of XSA-328's. Note also that patches for released versions are generally prepared to apply to the stable branches, and may not apply cleanly to the most recent release tarball. Downstreams are encouraged to update to the tip of the stable branch before applying these patches. xsa321/xsa321-?.patch xen-unstable xsa321/xsa321-4.13-?.patch Xen 4.13.x xsa321/xsa321-4.12-?.patch Xen 4.12.x xsa321/xsa321-4.11-?.patch Xen 4.11.x xsa321/xsa321-4.10-?.patch Xen 4.10.x xsa321/xsa321-4.9-?.patch Xen 4.9.x $ sha256sum xsa321* xsa321*/* f0824c6b6e5de723301223927dbad916e0e5fbeb70f30a7e2467a04094dd840b xsa321.meta 35ed3be5e66da0580de8fb14ee7e6c073ac60e08e022c35ef194a714698641ad xsa321/xsa321-1.patch b2bbb4cf397b7b532dcab120a4d678938c50ca0df6ff2724a416ac8567bd667b xsa321/xsa321-2.patch 87d2e0446ee3fb013c8f307e71c0ddeae8122d6beee3e5d2871aa429d8d19daa xsa321/xsa321-3.patch 38d7e715d4ed751a9ce503b61cacaf2d06c91b2eab4be95cbc3a9ae4d2a05efb xsa321/xsa321-4.9-1.patch e4d5238233c883ea62491f852e543550bce9d74d7239a866f5e117df46838abc xsa321/xsa321-4.9-2.patch d9140aee60c848e2e07a59741bab1fde4669f2627923e5d3f08b8f2971f589c4 xsa321/xsa321-4.9-3.patch be8e320f64185bb29c52c0c1472d9d9aa1319768076ff70e691d4b40f7938a27 xsa321/xsa321-4.9-4.patch 7d83cb2d7de293f8534fa4eae1c56979984d01d8842ac06cfcb645191f27e51f xsa321/xsa321-4.9-5.patch 99c7cf186f0fea47ef516e3d477a5f5068adaad44624b406694b9ff33268e05b xsa321/xsa321-4.9-6.patch 9731286e9af9d83c5bf191aa5a6be0dfa34c79bca15660cd9b9e1c8e930cf974 xsa321/xsa321-4.9-7.patch 360765e859866c466dc1c9c6893dd800407d8f09b0b6f2b07fa403c290c4f0c6 xsa321/xsa321-4.10-1.patch e4d5238233c883ea62491f852e543550bce9d74d7239a866f5e117df46838abc xsa321/xsa321-4.10-2.patch 74b5c19a469cc7252a296cb19288f1ab53a411530d06dd364a0e3292c6aa273f xsa321/xsa321-4.10-3.patch be8e320f64185bb29c52c0c1472d9d9aa1319768076ff70e691d4b40f7938a27 xsa321/xsa321-4.10-4.patch 7d83cb2d7de293f8534fa4eae1c56979984d01d8842ac06cfcb645191f27e51f xsa321/xsa321-4.10-5.patch 99c7cf186f0fea47ef516e3d477a5f5068adaad44624b406694b9ff33268e05b xsa321/xsa321-4.10-6.patch fb3122d23ae7381d798721fe92c622ea2d37baac369fe89b0707030315dfc896 xsa321/xsa321-4.10-7.patch 360765e859866c466dc1c9c6893dd800407d8f09b0b6f2b07fa403c290c4f0c6 xsa321/xsa321-4.11-1.patch 02e2fda4b467f10a7f38cb2a095b9da04289d9e8489db88bf542d6527b823a23 xsa321/xsa321-4.11-2.patch 04c9bc347f8d3cbb8aecede370189bba2ed47be560d1871b91eb01b962a578cc xsa321/xsa321-4.11-3.patch be8e320f64185bb29c52c0c1472d9d9aa1319768076ff70e691d4b40f7938a27 xsa321/xsa321-4.11-4.patch c1b143b43b59244d5dc755f6a99de70ac39e803a7204296bb47300b9ffe26e59 xsa321/xsa321-4.11-5.patch 38456ff553416e48f2f5438c2a5a163b20929e8a58dbe811942d0d47aacfc9ea xsa321/xsa321-4.11-6.patch d3b6df41682e6b88898545590bee8242c00b4593773ba8070ce57a0473094189 xsa321/xsa321-4.11-7.patch c6d00d7a988002687be9a19a2d631c3562d8ec9f02ae24efc23eb0039f9e0ddb xsa321/xsa321-4.12-1.patch 64dd3aa18be3ccb17ab6d813df16e2025adabbe38127f2f00175a6a481651d86 xsa321/xsa321-4.12-2.patch 935346f3d0f2759699b0ccb8002abfb0dc173ec3ed616fb9042ad86751445757 xsa321/xsa321-4.12-3.patch be8e320f64185bb29c52c0c1472d9d9aa1319768076ff70e691d4b40f7938a27 xsa321/xsa321-4.12-4.patch c1b143b43b59244d5dc755f6a99de70ac39e803a7204296bb47300b9ffe26e59 xsa321/xsa321-4.12-5.patch 0da20aeb89e18490d60649dbfdb9c374e5861032da784a7724216c329f2cc5f0 xsa321/xsa321-4.12-6.patch 4d1954600eeca7e2cb9143ea8e32969731071f991a9a88a245c18e860c57c22c xsa321/xsa321-4.12-7.patch 946053a8bba53d87b4164acaf3343e30689d91b505b6355d873c016166d87103 xsa321/xsa321-4.13-1.patch f09e8cbf0cce17647d47f38137792517c8b108c3b54f57793d03578b0d5ccf99 xsa321/xsa321-4.13-2.patch bd50ad52d23c6fc12b69ecaaf41073833cbe9b1d66a9f4e148df078e30dd45d4 xsa321/xsa321-4.13-3.patch b181511962ce397302be8b7d5a130abe0995b3fda68b96f1afa95ae64f62dd09 xsa321/xsa321-4.13-4.patch 3286fc184fb377c1ce94344d1dbae3b78e95b0ae766eabb80b2fc612e59ffb69 xsa321/xsa321-4.13-5.patch 03a193197d176109dc586f4d6a76aebe32a4aa147e88c79d57582cf0a186c4ef xsa321/xsa321-4.13-6.patch ef7f9ac74313d2dabfb258b2519b2144e4feed3c85b5f705c4b1b7ba31ec316a xsa321/xsa321-4.13-7.patch e6d4b77063d4cd7a7242ac54b150ce42ce684ecbf46c7eaff5715976f272f4bc xsa321/xsa321-4.patch 920771be10110a3eef8e4b8644145794d274042092f3aa14e04fa94fc1e78e8a xsa321/xsa321-5.patch b10c5583e01f1c26862806562f30e393960b0bbdd7cf7fca6640f4daa88fe017 xsa321/xsa321-6.patch 18da003fb05b7aebe868ff9f1c77063b8a51be3b07ab0c9fc4821bf46ca86eeb xsa321/xsa321-7.patch $ DEPLOYMENT DURING EMBARGO ========================= Deployment of the patches and/or mitigations described above (or others which are substantially similar) is permitted during the embargo, even on public-facing systems with untrusted guest users and administrators. But: Distribution of updated software is prohibited (except to other members of the predisclosure list). Predisclosure list members who wish to deploy significantly different patches and/or mitigations, please contact the Xen Project Security Team. (Note: this during-embargo deployment notice is retained in post-embargo publicly released Xen Project advisories, even though it is then no longer applicable. This is to enable the community to have oversight of the Xen Project Security Team's decisionmaking.) For more information about permissible uses of embargoed information, consult the Xen Project community's agreed Security Policy: http://www.xenproject.org/security-policy.html -----BEGIN PGP SIGNATURE----- iQFABAEBCAAqFiEEI+MiLBRfRHX6gGCng/4UyVfoK9kFAl8EaM8MHHBncEB4ZW4u b3JnAAoJEIP+FMlX6CvZ35IH/iNi7HaBQrIqks4MB/0odUAIYyUEVsI4eAavChkX oKO+IQ7sDOyjKG+VHWgMxtnZhcQk9A+qHMnfCjL7igp0HMonT5C1r38x/+Nf203+ V/mQ0h/Vj1Fz7qSk0mtX2j2zkAS7hEFnOQcT5TIkxAt5ZO3wSbPEwmt9UqR7VON9 rXFX6WyAqDhO7Hw2lngPXc2VGoORHqybII4XZGb24TO7q9U4vFhBR0ZVgWKBo1pt 82gl2h2jQn8IA0Rrack+ucfsoD9D+E3AQYtipZVd9PI/SJNsZHvHJdaPxBf2CUqO Jb1e5MMXRG9Htpe0GPu8Y0TSUAUCoHqBsJTE1wkn4hun5SQ= =/CNm -----END PGP SIGNATURE----- --=separator Content-Type: application/octet-stream; name="xsa321.meta" Content-Disposition: attachment; filename="xsa321.meta" Content-Transfer-Encoding: base64 ewogICJYU0EiOiAzMjEsCiAgIlN1cHBvcnRlZFZlcnNpb25zIjogWwogICAg Im1hc3RlciIsCiAgICAiNC4xMyIsCiAgICAiNC4xMiIsCiAgICAiNC4xMSIs CiAgICAiNC4xMCIsCiAgICAiNC45IgogIF0sCiAgIlRyZWVzIjogWwogICAg InhlbiIKICBdLAogICJSZWNpcGVzIjogewogICAgIjQuMTAiOiB7CiAgICAg ICJSZWNpcGVzIjogewogICAgICAgICJ4ZW4iOiB7CiAgICAgICAgICAiU3Rh YmxlUmVmIjogImZkNmU0OWVjYWUwMzg0MDYxMGZkYzZhNDE2YTYzODU5MGMw YjY1MzUiLAogICAgICAgICAgIlByZXJlcXMiOiBbCiAgICAgICAgICAgIDMx NywKICAgICAgICAgICAgMzE5LAogICAgICAgICAgICAzMjgKICAgICAgICAg IF0sCiAgICAgICAgICAiUGF0Y2hlcyI6IFsKICAgICAgICAgICAgInhzYTMy MS94c2EzMjEtNC4xMC0xLnBhdGNoIiwKICAgICAgICAgICAgInhzYTMyMS94 c2EzMjEtNC4xMC0yLnBhdGNoIiwKICAgICAgICAgICAgInhzYTMyMS94c2Ez MjEtNC4xMC0zLnBhdGNoIiwKICAgICAgICAgICAgInhzYTMyMS94c2EzMjEt NC4xMC00LnBhdGNoIiwKICAgICAgICAgICAgInhzYTMyMS94c2EzMjEtNC4x MC01LnBhdGNoIiwKICAgICAgICAgICAgInhzYTMyMS94c2EzMjEtNC4xMC02 LnBhdGNoIiwKICAgICAgICAgICAgInhzYTMyMS94c2EzMjEtNC4xMC03LnBh dGNoIgogICAgICAgICAgXQogICAgICAgIH0KICAgICAgfQogICAgfSwKICAg ICI0LjExIjogewogICAgICAiUmVjaXBlcyI6IHsKICAgICAgICAieGVuIjog ewogICAgICAgICAgIlN0YWJsZVJlZiI6ICIyYjc3NzI5ODg4ZmI4NTFhYjk2 ZTdmNzdiYzg1NDEyMjYyNmI0ODYxIiwKICAgICAgICAgICJQcmVyZXFzIjog WwogICAgICAgICAgICAzMTcsCiAgICAgICAgICAgIDMxOSwKICAgICAgICAg ICAgMzI4CiAgICAgICAgICBdLAogICAgICAgICAgIlBhdGNoZXMiOiBbCiAg ICAgICAgICAgICJ4c2EzMjEveHNhMzIxLTQuMTEtMS5wYXRjaCIsCiAgICAg ICAgICAgICJ4c2EzMjEveHNhMzIxLTQuMTEtMi5wYXRjaCIsCiAgICAgICAg ICAgICJ4c2EzMjEveHNhMzIxLTQuMTEtMy5wYXRjaCIsCiAgICAgICAgICAg ICJ4c2EzMjEveHNhMzIxLTQuMTEtNC5wYXRjaCIsCiAgICAgICAgICAgICJ4 c2EzMjEveHNhMzIxLTQuMTEtNS5wYXRjaCIsCiAgICAgICAgICAgICJ4c2Ez MjEveHNhMzIxLTQuMTEtNi5wYXRjaCIsCiAgICAgICAgICAgICJ4c2EzMjEv eHNhMzIxLTQuMTEtNy5wYXRjaCIKICAgICAgICAgIF0KICAgICAgICB9CiAg ICAgIH0KICAgIH0sCiAgICAiNC4xMiI6IHsKICAgICAgIlJlY2lwZXMiOiB7 CiAgICAgICAgInhlbiI6IHsKICAgICAgICAgICJTdGFibGVSZWYiOiAiMDUw ZmU0OGRjOTgxZTA0ODhkZTFmNmM2YzA3ZDgxMTBmM2I3NTIzYiIsCiAgICAg ICAgICAiUHJlcmVxcyI6IFsKICAgICAgICAgICAgMzE3LAogICAgICAgICAg ICAzMTksCiAgICAgICAgICAgIDMyOAogICAgICAgICAgXSwKICAgICAgICAg ICJQYXRjaGVzIjogWwogICAgICAgICAgICAieHNhMzIxL3hzYTMyMS00LjEy LTEucGF0Y2giLAogICAgICAgICAgICAieHNhMzIxL3hzYTMyMS00LjEyLTIu cGF0Y2giLAogICAgICAgICAgICAieHNhMzIxL3hzYTMyMS00LjEyLTMucGF0 Y2giLAogICAgICAgICAgICAieHNhMzIxL3hzYTMyMS00LjEyLTQucGF0Y2gi LAogICAgICAgICAgICAieHNhMzIxL3hzYTMyMS00LjEyLTUucGF0Y2giLAog ICAgICAgICAgICAieHNhMzIxL3hzYTMyMS00LjEyLTYucGF0Y2giLAogICAg ICAgICAgICAieHNhMzIxL3hzYTMyMS00LjEyLTcucGF0Y2giCiAgICAgICAg ICBdCiAgICAgICAgfQogICAgICB9CiAgICB9LAogICAgIjQuMTMiOiB7CiAg ICAgICJSZWNpcGVzIjogewogICAgICAgICJ4ZW4iOiB7CiAgICAgICAgICAi U3RhYmxlUmVmIjogIjlmN2U4YmFjNGNhMjc5YjNiZmNjYjVmMzczMGZiMmU1 Mzk4Yzk1YWIiLAogICAgICAgICAgIlByZXJlcXMiOiBbCiAgICAgICAgICAg IDMxNywKICAgICAgICAgICAgMzE5LAogICAgICAgICAgICAzMjgKICAgICAg ICAgIF0sCiAgICAgICAgICAiUGF0Y2hlcyI6IFsKICAgICAgICAgICAgInhz YTMyMS94c2EzMjEtNC4xMy0xLnBhdGNoIiwKICAgICAgICAgICAgInhzYTMy MS94c2EzMjEtNC4xMy0yLnBhdGNoIiwKICAgICAgICAgICAgInhzYTMyMS94 c2EzMjEtNC4xMy0zLnBhdGNoIiwKICAgICAgICAgICAgInhzYTMyMS94c2Ez MjEtNC4xMy00LnBhdGNoIiwKICAgICAgICAgICAgInhzYTMyMS94c2EzMjEt NC4xMy01LnBhdGNoIiwKICAgICAgICAgICAgInhzYTMyMS94c2EzMjEtNC4x My02LnBhdGNoIiwKICAgICAgICAgICAgInhzYTMyMS94c2EzMjEtNC4xMy03 LnBhdGNoIgogICAgICAgICAgXQogICAgICAgIH0KICAgICAgfQogICAgfSwK ICAgICI0LjkiOiB7CiAgICAgICJSZWNpcGVzIjogewogICAgICAgICJ4ZW4i OiB7CiAgICAgICAgICAiU3RhYmxlUmVmIjogIjZlNDc3YzJlYTRkNWMyNmE3 YTdiMmY4NTAxNjZhYTc5ZWRjNTIyNWMiLAogICAgICAgICAgIlByZXJlcXMi OiBbCiAgICAgICAgICAgIDMxOSwKICAgICAgICAgICAgMzI4CiAgICAgICAg ICBdLAogICAgICAgICAgIlBhdGNoZXMiOiBbCiAgICAgICAgICAgICJ4c2Ez MjEveHNhMzIxLTQuOS0xLnBhdGNoIiwKICAgICAgICAgICAgInhzYTMyMS94 c2EzMjEtNC45LTIucGF0Y2giLAogICAgICAgICAgICAieHNhMzIxL3hzYTMy MS00LjktMy5wYXRjaCIsCiAgICAgICAgICAgICJ4c2EzMjEveHNhMzIxLTQu OS00LnBhdGNoIiwKICAgICAgICAgICAgInhzYTMyMS94c2EzMjEtNC45LTUu cGF0Y2giLAogICAgICAgICAgICAieHNhMzIxL3hzYTMyMS00LjktNi5wYXRj aCIsCiAgICAgICAgICAgICJ4c2EzMjEveHNhMzIxLTQuOS03LnBhdGNoIgog ICAgICAgICAgXQogICAgICAgIH0KICAgICAgfQogICAgfSwKICAgICJtYXN0 ZXIiOiB7CiAgICAgICJSZWNpcGVzIjogewogICAgICAgICJ4ZW4iOiB7CiAg ICAgICAgICAiU3RhYmxlUmVmIjogImU0ZDIyMDcxNjViMzc5ZWMxM2M4YjUx MjkzNmY2Mzk4MmFmNjJkMTMiLAogICAgICAgICAgIlByZXJlcXMiOiBbCiAg ICAgICAgICAgIDMxNywKICAgICAgICAgICAgMzE5LAogICAgICAgICAgICAz MjgKICAgICAgICAgIF0sCiAgICAgICAgICAiUGF0Y2hlcyI6IFsKICAgICAg ICAgICAgInhzYTMyMS94c2EzMjEtMS5wYXRjaCIsCiAgICAgICAgICAgICJ4 c2EzMjEveHNhMzIxLTIucGF0Y2giLAogICAgICAgICAgICAieHNhMzIxL3hz YTMyMS0zLnBhdGNoIgogICAgICAgICAgXQogICAgICAgIH0KICAgICAgfQog ICAgfQogIH0KfQ== --=separator Content-Type: application/octet-stream; name="xsa321/xsa321-1.patch" Content-Disposition: attachment; filename="xsa321/xsa321-1.patch" Content-Transfer-Encoding: base64 RnJvbTogSmFuIEJldWxpY2ggPGpiZXVsaWNoQHN1c2UuY29tPgpTdWJqZWN0 OiBbUEFUQ0ggdjUgMS85XSB2dGQ6IGltcHJvdmUgSU9NTVUgVExCIGZsdXNo CgpEbyBub3QgbGltaXQgUFNJIGZsdXNoZXMgdG8gb3JkZXIgMCBwYWdlcywg aW4gb3JkZXIgdG8gYXZvaWQgZG9pbmcgYQpmdWxsIFRMQiBmbHVzaCBpZiB0 aGUgcGFzc2VkIGluIHBhZ2UgaGFzIGFuIG9yZGVyIGdyZWF0ZXIgdGhhbiAw IGFuZAppcyBhbGlnbmVkLiBTaG91bGQgaW5jcmVhc2UgdGhlIHBlcmZvcm1h bmNlIG9mIElPTU1VIFRMQiBmbHVzaGVzIHdoZW4KZGVhbGluZyB3aXRoIHBh Z2Ugb3JkZXJzIGdyZWF0ZXIgdGhhbiAwLgoKVGhpcyBpcyBwYXJ0IG9mIFhT QS0zMjEuCgpTaWduZWQtb2ZmLWJ5OiBKYW4gQmV1bGljaCA8amJldWxpY2hA c3VzZS5jb20+ClJldmlld2VkLWJ5OiBSb2dlciBQYXUgTW9ubsOpIDxyb2dl ci5wYXVAY2l0cml4LmNvbT4KLS0tCiB4ZW4vZHJpdmVycy9wYXNzdGhyb3Vn aC92dGQvaW9tbXUuYyB8IDUgKysrLS0KIDEgZmlsZSBjaGFuZ2VkLCAzIGlu c2VydGlvbnMoKyksIDIgZGVsZXRpb25zKC0pCgpkaWZmIC0tZ2l0IGEveGVu L2RyaXZlcnMvcGFzc3Rocm91Z2gvdnRkL2lvbW11LmMgYi94ZW4vZHJpdmVy cy9wYXNzdGhyb3VnaC92dGQvaW9tbXUuYwppbmRleCAyMDhiMzNjMGU0Li5k Y2M5YjdhMzVlIDEwMDY0NAotLS0gYS94ZW4vZHJpdmVycy9wYXNzdGhyb3Vn aC92dGQvaW9tbXUuYworKysgYi94ZW4vZHJpdmVycy9wYXNzdGhyb3VnaC92 dGQvaW9tbXUuYwpAQCAtNTc2LDEzICs1NzYsMTQgQEAgc3RhdGljIGludCBf X211c3RfY2hlY2sgaW9tbXVfZmx1c2hfaW90bGIoc3RydWN0IGRvbWFpbiAq ZCwgZGZuX3QgZGZuLAogICAgICAgICBpZiAoIGlvbW11X2RvbWlkID09IC0x ICkKICAgICAgICAgICAgIGNvbnRpbnVlOwogCi0gICAgICAgIGlmICggcGFn ZV9jb3VudCAhPSAxIHx8IGRmbl9lcShkZm4sIElOVkFMSURfREZOKSApCisg ICAgICAgIGlmICggIXBhZ2VfY291bnQgfHwgKHBhZ2VfY291bnQgJiAocGFn ZV9jb3VudCAtIDEpKSB8fAorICAgICAgICAgICAgIGRmbl9lcShkZm4sIElO VkFMSURfREZOKSB8fCAhSVNfQUxJR05FRChkZm5feChkZm4pLCBwYWdlX2Nv dW50KSApCiAgICAgICAgICAgICByYyA9IGlvbW11X2ZsdXNoX2lvdGxiX2Rz aShpb21tdSwgaW9tbXVfZG9taWQsCiAgICAgICAgICAgICAgICAgICAgICAg ICAgICAgICAgICAgICAgICAwLCBmbHVzaF9kZXZfaW90bGIpOwogICAgICAg ICBlbHNlCiAgICAgICAgICAgICByYyA9IGlvbW11X2ZsdXNoX2lvdGxiX3Bz aShpb21tdSwgaW9tbXVfZG9taWQsCiAgICAgICAgICAgICAgICAgICAgICAg ICAgICAgICAgICAgICAgICBkZm5fdG9fZGFkZHIoZGZuKSwKLSAgICAgICAg ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIFBBR0VfT1JERVJfNEss CisgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICBnZXRf b3JkZXJfZnJvbV9wYWdlcyhwYWdlX2NvdW50KSwKICAgICAgICAgICAgICAg ICAgICAgICAgICAgICAgICAgICAgICAgICFkbWFfb2xkX3B0ZV9wcmVzZW50 LAogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgZmx1 c2hfZGV2X2lvdGxiKTsKIAotLSAKMi4yNi4yCgo= --=separator Content-Type: application/octet-stream; name="xsa321/xsa321-2.patch" Content-Disposition: attachment; filename="xsa321/xsa321-2.patch" Content-Transfer-Encoding: base64 RnJvbTogUm9nZXIgUGF1IE1vbm7DqSA8cm9nZXIucGF1QGNpdHJpeC5jb20+ ClN1YmplY3Q6IFtQQVRDSCB2NSA0LzldIHZ0ZDogcHJ1bmUgKGFuZCByZW5h bWUpIGNhY2hlIGZsdXNoIGZ1bmN0aW9ucwoKUmVuYW1lIF9faW9tbXVfZmx1 c2hfY2FjaGUgdG8gaW9tbXVfc3luY19jYWNoZSBhbmQgcmVtb3ZlCmlvbW11 X2ZsdXNoX2NhY2hlX3BhZ2UuIEFsc28gcmVtb3ZlIHRoZSBpb21tdV9mbHVz aF9jYWNoZV9lbnRyeQp3cmFwcGVyIGFuZCBqdXN0IHVzZSBpb21tdV9zeW5j X2NhY2hlIGluc3RlYWQuIE5vdGUgdGhlIF9lbnRyeSBzdWZmaXgKd2FzIG1l YW5pbmdsZXNzIGFzIHRoZSB3cmFwcGVyIHdhcyBhbHJlYWR5IHRha2luZyBh IHNpemUgcGFyYW1ldGVyIGluCmJ5dGVzLiBXaGlsZSB0aGVyZSBhbHNvIGNv bnN0aWZ5IHRoZSBhZGRyIHBhcmFtZXRlci4KCk5vIGZ1bmN0aW9uYWwgY2hh bmdlIGludGVuZGVkLgoKVGhpcyBpcyBwYXJ0IG9mIFhTQS0zMjEuCgpTaWdu ZWQtb2ZmLWJ5OiBSb2dlciBQYXUgTW9ubsOpIDxyb2dlci5wYXVAY2l0cml4 LmNvbT4KUmV2aWV3ZWQtYnk6IEphbiBCZXVsaWNoIDxqYmV1bGljaEBzdXNl LmNvbT4KLS0tCkNoYW5nZXMgc2luY2UgdjM6CiAtIENvbnN0aWZ5IGFkZHIg cGFyYW1ldGVyLgoKQ2hhbmdlcyBzaW5jZSB2MjoKIC0gTmV3IGluIHRoaXMg dmVyc2lvbi4KLS0tCiB4ZW4vZHJpdmVycy9wYXNzdGhyb3VnaC92dGQvZXh0 ZXJuLmggICB8ICAzICstLQogeGVuL2RyaXZlcnMvcGFzc3Rocm91Z2gvdnRk L2ludHJlbWFwLmMgfCAgNiArKy0tLQogeGVuL2RyaXZlcnMvcGFzc3Rocm91 Z2gvdnRkL2lvbW11LmMgICAgfCAzMyArKysrKysrKysrLS0tLS0tLS0tLS0t LS0tLQogMyBmaWxlcyBjaGFuZ2VkLCAxNiBpbnNlcnRpb25zKCspLCAyNiBk ZWxldGlvbnMoLSkKCmRpZmYgLS1naXQgYS94ZW4vZHJpdmVycy9wYXNzdGhy b3VnaC92dGQvZXh0ZXJuLmggYi94ZW4vZHJpdmVycy9wYXNzdGhyb3VnaC92 dGQvZXh0ZXJuLmgKaW5kZXggOTk0ZDM2MGU5MC4uNTJiNWUxYzYwZCAxMDA2 NDQKLS0tIGEveGVuL2RyaXZlcnMvcGFzc3Rocm91Z2gvdnRkL2V4dGVybi5o CisrKyBiL3hlbi9kcml2ZXJzL3Bhc3N0aHJvdWdoL3Z0ZC9leHRlcm4uaApA QCAtNDMsOCArNDMsNyBAQCB2b2lkIGRpc2FibGVfcWludmFsKHN0cnVjdCB2 dGRfaW9tbXUgKmlvbW11KTsKIGludCBlbmFibGVfaW50cmVtYXAoc3RydWN0 IHZ0ZF9pb21tdSAqaW9tbXUsIGludCBlaW0pOwogdm9pZCBkaXNhYmxlX2lu dHJlbWFwKHN0cnVjdCB2dGRfaW9tbXUgKmlvbW11KTsKIAotdm9pZCBpb21t dV9mbHVzaF9jYWNoZV9lbnRyeSh2b2lkICphZGRyLCB1bnNpZ25lZCBpbnQg c2l6ZSk7Ci12b2lkIGlvbW11X2ZsdXNoX2NhY2hlX3BhZ2Uodm9pZCAqYWRk ciwgdW5zaWduZWQgbG9uZyBucGFnZXMpOwordm9pZCBpb21tdV9zeW5jX2Nh Y2hlKGNvbnN0IHZvaWQgKmFkZHIsIHVuc2lnbmVkIGludCBzaXplKTsKIGlu dCBpb21tdV9hbGxvYyhzdHJ1Y3QgYWNwaV9kcmhkX3VuaXQgKmRyaGQpOwog dm9pZCBpb21tdV9mcmVlKHN0cnVjdCBhY3BpX2RyaGRfdW5pdCAqZHJoZCk7 CiAKZGlmZiAtLWdpdCBhL3hlbi9kcml2ZXJzL3Bhc3N0aHJvdWdoL3Z0ZC9p bnRyZW1hcC5jIGIveGVuL2RyaXZlcnMvcGFzc3Rocm91Z2gvdnRkL2ludHJl bWFwLmMKaW5kZXggYmY4NDYxOTVjNC4uYTJmMDJjMWJlYSAxMDA2NDQKLS0t IGEveGVuL2RyaXZlcnMvcGFzc3Rocm91Z2gvdnRkL2ludHJlbWFwLmMKKysr IGIveGVuL2RyaXZlcnMvcGFzc3Rocm91Z2gvdnRkL2ludHJlbWFwLmMKQEAg LTIzMCw3ICsyMzAsNyBAQCBzdGF0aWMgdm9pZCBmcmVlX3JlbWFwX2VudHJ5 KHN0cnVjdCB2dGRfaW9tbXUgKmlvbW11LCBpbnQgaW5kZXgpCiAgICAgICAg ICAgICAgICAgICAgICBpcmVtYXBfZW50cmllcywgaXJlbWFwX2VudHJ5KTsK IAogICAgIHVwZGF0ZV9pcnRlKGlvbW11LCBpcmVtYXBfZW50cnksICZuZXdf aXJlLCBmYWxzZSk7Ci0gICAgaW9tbXVfZmx1c2hfY2FjaGVfZW50cnkoaXJl bWFwX2VudHJ5LCBzaXplb2YoKmlyZW1hcF9lbnRyeSkpOworICAgIGlvbW11 X3N5bmNfY2FjaGUoaXJlbWFwX2VudHJ5LCBzaXplb2YoKmlyZW1hcF9lbnRy eSkpOwogICAgIGlvbW11X2ZsdXNoX2llY19pbmRleChpb21tdSwgMCwgaW5k ZXgpOwogCiAgICAgdW5tYXBfdnRkX2RvbWFpbl9wYWdlKGlyZW1hcF9lbnRy aWVzKTsKQEAgLTQwNiw3ICs0MDYsNyBAQCBzdGF0aWMgaW50IGlvYXBpY19y dGVfdG9fcmVtYXBfZW50cnkoc3RydWN0IHZ0ZF9pb21tdSAqaW9tbXUsCiAg ICAgfQogCiAgICAgdXBkYXRlX2lydGUoaW9tbXUsIGlyZW1hcF9lbnRyeSwg Jm5ld19pcmUsICFpbml0KTsKLSAgICBpb21tdV9mbHVzaF9jYWNoZV9lbnRy eShpcmVtYXBfZW50cnksIHNpemVvZigqaXJlbWFwX2VudHJ5KSk7CisgICAg aW9tbXVfc3luY19jYWNoZShpcmVtYXBfZW50cnksIHNpemVvZigqaXJlbWFw X2VudHJ5KSk7CiAgICAgaW9tbXVfZmx1c2hfaWVjX2luZGV4KGlvbW11LCAw LCBpbmRleCk7CiAKICAgICB1bm1hcF92dGRfZG9tYWluX3BhZ2UoaXJlbWFw X2VudHJpZXMpOwpAQCAtNjk1LDcgKzY5NSw3IEBAIHN0YXRpYyBpbnQgbXNp X21zZ190b19yZW1hcF9lbnRyeSgKICAgICB1cGRhdGVfaXJ0ZShpb21tdSwg aXJlbWFwX2VudHJ5LCAmbmV3X2lyZSwgbXNpX2Rlc2MtPmlydGVfaW5pdGlh bGl6ZWQpOwogICAgIG1zaV9kZXNjLT5pcnRlX2luaXRpYWxpemVkID0gdHJ1 ZTsKIAotICAgIGlvbW11X2ZsdXNoX2NhY2hlX2VudHJ5KGlyZW1hcF9lbnRy eSwgc2l6ZW9mKCppcmVtYXBfZW50cnkpKTsKKyAgICBpb21tdV9zeW5jX2Nh Y2hlKGlyZW1hcF9lbnRyeSwgc2l6ZW9mKCppcmVtYXBfZW50cnkpKTsKICAg ICBpb21tdV9mbHVzaF9pZWNfaW5kZXgoaW9tbXUsIDAsIGluZGV4KTsKIAog ICAgIHVubWFwX3Z0ZF9kb21haW5fcGFnZShpcmVtYXBfZW50cmllcyk7CmRp ZmYgLS1naXQgYS94ZW4vZHJpdmVycy9wYXNzdGhyb3VnaC92dGQvaW9tbXUu YyBiL3hlbi9kcml2ZXJzL3Bhc3N0aHJvdWdoL3Z0ZC9pb21tdS5jCmluZGV4 IGRjYzliN2EzNWUuLjU1ZWIxNDAwMzMgMTAwNjQ0Ci0tLSBhL3hlbi9kcml2 ZXJzL3Bhc3N0aHJvdWdoL3Z0ZC9pb21tdS5jCisrKyBiL3hlbi9kcml2ZXJz L3Bhc3N0aHJvdWdoL3Z0ZC9pb21tdS5jCkBAIC0xNDYsNyArMTQ2LDggQEAg c3RhdGljIGludCBjb250ZXh0X2dldF9kb21haW5faWQoc3RydWN0IGNvbnRl eHRfZW50cnkgKmNvbnRleHQsCiB9CiAKIHN0YXRpYyBpbnQgaW9tbXVzX2lu Y29oZXJlbnQ7Ci1zdGF0aWMgdm9pZCBfX2lvbW11X2ZsdXNoX2NhY2hlKHZv aWQgKmFkZHIsIHVuc2lnbmVkIGludCBzaXplKQorCit2b2lkIGlvbW11X3N5 bmNfY2FjaGUoY29uc3Qgdm9pZCAqYWRkciwgdW5zaWduZWQgaW50IHNpemUp CiB7CiAgICAgaW50IGk7CiAgICAgc3RhdGljIHVuc2lnbmVkIGludCBjbGZs dXNoX3NpemUgPSAwOwpAQCAtMTYxLDE2ICsxNjIsNiBAQCBzdGF0aWMgdm9p ZCBfX2lvbW11X2ZsdXNoX2NhY2hlKHZvaWQgKmFkZHIsIHVuc2lnbmVkIGlu dCBzaXplKQogICAgICAgICBjYWNoZWxpbmVfZmx1c2goKGNoYXIgKilhZGRy ICsgaSk7CiB9CiAKLXZvaWQgaW9tbXVfZmx1c2hfY2FjaGVfZW50cnkodm9p ZCAqYWRkciwgdW5zaWduZWQgaW50IHNpemUpCi17Ci0gICAgX19pb21tdV9m bHVzaF9jYWNoZShhZGRyLCBzaXplKTsKLX0KLQotdm9pZCBpb21tdV9mbHVz aF9jYWNoZV9wYWdlKHZvaWQgKmFkZHIsIHVuc2lnbmVkIGxvbmcgbnBhZ2Vz KQotewotICAgIF9faW9tbXVfZmx1c2hfY2FjaGUoYWRkciwgUEFHRV9TSVpF ICogbnBhZ2VzKTsKLX0KLQogLyogQWxsb2NhdGUgcGFnZSB0YWJsZSwgcmV0 dXJuIGl0cyBtYWNoaW5lIGFkZHJlc3MgKi8KIHVpbnQ2NF90IGFsbG9jX3Bn dGFibGVfbWFkZHIodW5zaWduZWQgbG9uZyBucGFnZXMsIG5vZGVpZF90IG5v ZGUpCiB7CkBAIC0xODksNyArMTgwLDcgQEAgdWludDY0X3QgYWxsb2NfcGd0 YWJsZV9tYWRkcih1bnNpZ25lZCBsb25nIG5wYWdlcywgbm9kZWlkX3Qgbm9k ZSkKICAgICAgICAgdmFkZHIgPSBfX21hcF9kb21haW5fcGFnZShjdXJfcGcp OwogICAgICAgICBtZW1zZXQodmFkZHIsIDAsIFBBR0VfU0laRSk7CiAKLSAg ICAgICAgaW9tbXVfZmx1c2hfY2FjaGVfcGFnZSh2YWRkciwgMSk7CisgICAg ICAgIGlvbW11X3N5bmNfY2FjaGUodmFkZHIsIFBBR0VfU0laRSk7CiAgICAg ICAgIHVubWFwX2RvbWFpbl9wYWdlKHZhZGRyKTsKICAgICAgICAgY3VyX3Bn Kys7CiAgICAgfQpAQCAtMjIyLDcgKzIxMyw3IEBAIHN0YXRpYyB1NjQgYnVz X3RvX2NvbnRleHRfbWFkZHIoc3RydWN0IHZ0ZF9pb21tdSAqaW9tbXUsIHU4 IGJ1cykKICAgICAgICAgfQogICAgICAgICBzZXRfcm9vdF92YWx1ZSgqcm9v dCwgbWFkZHIpOwogICAgICAgICBzZXRfcm9vdF9wcmVzZW50KCpyb290KTsK LSAgICAgICAgaW9tbXVfZmx1c2hfY2FjaGVfZW50cnkocm9vdCwgc2l6ZW9m KHN0cnVjdCByb290X2VudHJ5KSk7CisgICAgICAgIGlvbW11X3N5bmNfY2Fj aGUocm9vdCwgc2l6ZW9mKHN0cnVjdCByb290X2VudHJ5KSk7CiAgICAgfQog ICAgIG1hZGRyID0gKHU2NCkgZ2V0X2NvbnRleHRfYWRkcigqcm9vdCk7CiAg ICAgdW5tYXBfdnRkX2RvbWFpbl9wYWdlKHJvb3RfZW50cmllcyk7CkBAIC0y NjksNyArMjYwLDcgQEAgc3RhdGljIHU2NCBhZGRyX3RvX2RtYV9wYWdlX21h ZGRyKHN0cnVjdCBkb21haW4gKmRvbWFpbiwgdTY0IGFkZHIsIGludCBhbGxv YykKICAgICAgICAgICAgICAqLwogICAgICAgICAgICAgZG1hX3NldF9wdGVf cmVhZGFibGUoKnB0ZSk7CiAgICAgICAgICAgICBkbWFfc2V0X3B0ZV93cml0 YWJsZSgqcHRlKTsKLSAgICAgICAgICAgIGlvbW11X2ZsdXNoX2NhY2hlX2Vu dHJ5KHB0ZSwgc2l6ZW9mKHN0cnVjdCBkbWFfcHRlKSk7CisgICAgICAgICAg ICBpb21tdV9zeW5jX2NhY2hlKHB0ZSwgc2l6ZW9mKHN0cnVjdCBkbWFfcHRl KSk7CiAgICAgICAgIH0KIAogICAgICAgICBpZiAoIGxldmVsID09IDIgKQpA QCAtNjQ1LDcgKzYzNiw3IEBAIHN0YXRpYyB2b2lkIGRtYV9wdGVfY2xlYXJf b25lKHN0cnVjdCBkb21haW4gKmRvbWFpbiwgdWludDY0X3QgYWRkciwKICAg ICAqZmx1c2hfZmxhZ3MgfD0gSU9NTVVfRkxVU0hGX21vZGlmaWVkOwogCiAg ICAgc3Bpbl91bmxvY2soJmhkLT5hcmNoLm1hcHBpbmdfbG9jayk7Ci0gICAg aW9tbXVfZmx1c2hfY2FjaGVfZW50cnkocHRlLCBzaXplb2Yoc3RydWN0IGRt YV9wdGUpKTsKKyAgICBpb21tdV9zeW5jX2NhY2hlKHB0ZSwgc2l6ZW9mKHN0 cnVjdCBkbWFfcHRlKSk7CiAKICAgICB1bm1hcF92dGRfZG9tYWluX3BhZ2Uo cGFnZSk7CiB9CkBAIC02ODIsNyArNjczLDcgQEAgc3RhdGljIHZvaWQgaW9t bXVfZnJlZV9wYWdlX3RhYmxlKHN0cnVjdCBwYWdlX2luZm8gKnBnKQogICAg ICAgICAgICAgaW9tbXVfZnJlZV9wYWdldGFibGUoZG1hX3B0ZV9hZGRyKCpw dGUpLCBuZXh0X2xldmVsKTsKIAogICAgICAgICBkbWFfY2xlYXJfcHRlKCpw dGUpOwotICAgICAgICBpb21tdV9mbHVzaF9jYWNoZV9lbnRyeShwdGUsIHNp emVvZihzdHJ1Y3QgZG1hX3B0ZSkpOworICAgICAgICBpb21tdV9zeW5jX2Nh Y2hlKHB0ZSwgc2l6ZW9mKHN0cnVjdCBkbWFfcHRlKSk7CiAgICAgfQogCiAg ICAgdW5tYXBfdnRkX2RvbWFpbl9wYWdlKHB0X3ZhZGRyKTsKQEAgLTE0MDEs NyArMTM5Miw3IEBAIGludCBkb21haW5fY29udGV4dF9tYXBwaW5nX29uZSgK ICAgICBjb250ZXh0X3NldF9hZGRyZXNzX3dpZHRoKCpjb250ZXh0LCBhZ2F3 KTsKICAgICBjb250ZXh0X3NldF9mYXVsdF9lbmFibGUoKmNvbnRleHQpOwog ICAgIGNvbnRleHRfc2V0X3ByZXNlbnQoKmNvbnRleHQpOwotICAgIGlvbW11 X2ZsdXNoX2NhY2hlX2VudHJ5KGNvbnRleHQsIHNpemVvZihzdHJ1Y3QgY29u dGV4dF9lbnRyeSkpOworICAgIGlvbW11X3N5bmNfY2FjaGUoY29udGV4dCwg c2l6ZW9mKHN0cnVjdCBjb250ZXh0X2VudHJ5KSk7CiAgICAgc3Bpbl91bmxv Y2soJmlvbW11LT5sb2NrKTsKIAogICAgIC8qIENvbnRleHQgZW50cnkgd2Fz IHByZXZpb3VzbHkgbm9uLXByZXNlbnQgKHdpdGggZG9taWQgMCkuICovCkBA IC0xNTY1LDcgKzE1NTYsNyBAQCBpbnQgZG9tYWluX2NvbnRleHRfdW5tYXBf b25lKAogCiAgICAgY29udGV4dF9jbGVhcl9wcmVzZW50KCpjb250ZXh0KTsK ICAgICBjb250ZXh0X2NsZWFyX2VudHJ5KCpjb250ZXh0KTsKLSAgICBpb21t dV9mbHVzaF9jYWNoZV9lbnRyeShjb250ZXh0LCBzaXplb2Yoc3RydWN0IGNv bnRleHRfZW50cnkpKTsKKyAgICBpb21tdV9zeW5jX2NhY2hlKGNvbnRleHQs IHNpemVvZihzdHJ1Y3QgY29udGV4dF9lbnRyeSkpOwogCiAgICAgaW9tbXVf ZG9taWQ9IGRvbWFpbl9pb21tdV9kb21pZChkb21haW4sIGlvbW11KTsKICAg ICBpZiAoIGlvbW11X2RvbWlkID09IC0xICkKQEAgLTE3OTIsNyArMTc4Myw3 IEBAIHN0YXRpYyBpbnQgX19tdXN0X2NoZWNrIGludGVsX2lvbW11X21hcF9w YWdlKHN0cnVjdCBkb21haW4gKmQsIGRmbl90IGRmbiwKIAogICAgICpwdGUg PSBuZXc7CiAKLSAgICBpb21tdV9mbHVzaF9jYWNoZV9lbnRyeShwdGUsIHNp emVvZihzdHJ1Y3QgZG1hX3B0ZSkpOworICAgIGlvbW11X3N5bmNfY2FjaGUo cHRlLCBzaXplb2Yoc3RydWN0IGRtYV9wdGUpKTsKICAgICBzcGluX3VubG9j aygmaGQtPmFyY2gubWFwcGluZ19sb2NrKTsKICAgICB1bm1hcF92dGRfZG9t YWluX3BhZ2UocGFnZSk7CiAKQEAgLTE4NjksNyArMTg2MCw3IEBAIGludCBp b21tdV9wdGVfZmx1c2goc3RydWN0IGRvbWFpbiAqZCwgdWludDY0X3QgZGZu LCB1aW50NjRfdCAqcHRlLAogICAgIGludCBpb21tdV9kb21pZDsKICAgICBp bnQgcmMgPSAwOwogCi0gICAgaW9tbXVfZmx1c2hfY2FjaGVfZW50cnkocHRl LCBzaXplb2Yoc3RydWN0IGRtYV9wdGUpKTsKKyAgICBpb21tdV9zeW5jX2Nh Y2hlKHB0ZSwgc2l6ZW9mKHN0cnVjdCBkbWFfcHRlKSk7CiAKICAgICBmb3Jf ZWFjaF9kcmhkX3VuaXQgKCBkcmhkICkKICAgICB7CkBAIC0yNzM5LDcgKzI3 MzAsNyBAQCBzdGF0aWMgaW50IF9faW5pdCBpbnRlbF9pb21tdV9xdWFyYW50 aW5lX2luaXQoc3RydWN0IGRvbWFpbiAqZCkKICAgICAgICAgICAgIGRtYV9z ZXRfcHRlX2FkZHIoKnB0ZSwgbWFkZHIpOwogICAgICAgICAgICAgZG1hX3Nl dF9wdGVfcmVhZGFibGUoKnB0ZSk7CiAgICAgICAgIH0KLSAgICAgICAgaW9t bXVfZmx1c2hfY2FjaGVfcGFnZShwYXJlbnQsIDEpOworICAgICAgICBpb21t dV9zeW5jX2NhY2hlKHBhcmVudCwgUEFHRV9TSVpFKTsKIAogICAgICAgICB1 bm1hcF92dGRfZG9tYWluX3BhZ2UocGFyZW50KTsKICAgICAgICAgcGFyZW50 ID0gbWFwX3Z0ZF9kb21haW5fcGFnZShtYWRkcik7Ci0tIAoyLjI2LjIKCg== --=separator Content-Type: application/octet-stream; name="xsa321/xsa321-3.patch" Content-Disposition: attachment; filename="xsa321/xsa321-3.patch" Content-Transfer-Encoding: base64 RnJvbTogUm9nZXIgUGF1IE1vbm7DqSA8cm9nZXIucGF1QGNpdHJpeC5jb20+ ClN1YmplY3Q6IFtQQVRDSCB2NSA1LzldIHg4Ni9pb21tdTogaW50cm9kdWNl IGEgY2FjaGUgc3luYyBob29rCgpUaGUgaG9vayBpcyBvbmx5IGltcGxlbWVu dGVkIGZvciBWVC1kIGFuZCBpdCB1c2VzIHRoZSBhbHJlYWR5IGV4aXN0aW5n CmlvbW11X3N5bmNfY2FjaGUgZnVuY3Rpb24gcHJlc2VudCBpbiBWVC1kIGNv ZGUuIFRoZSBuZXcgaG9vayBpcwphZGRlZCBzbyB0aGF0IHRoZSBjYWNoZSBj YW4gYmUgZmx1c2hlZCBieSBjb2RlIG91dHNpZGUgb2YgVlQtZCB3aGVuCnVz aW5nIHNoYXJlZCBwYWdlIHRhYmxlcy4KCk5vdGUgdGhhdCBhbGxvY19wZ3Rh YmxlX21hZGRyIG11c3QgdXNlIHRoZSBub3cgbG9jYWxseSBkZWZpbmVkCnN5 bmNfY2FjaGUgZnVuY3Rpb24sIGJlY2F1c2UgSU9NTVUgb3BzIGFyZSBub3Qg eWV0IHNldHVwIHRoZSBmaXJzdAp0aW1lIHRoZSBmdW5jdGlvbiBnZXRzIGNh bGxlZCBkdXJpbmcgSU9NTVUgaW5pdGlhbGl6YXRpb24uCgpObyBmdW5jdGlv bmFsIGNoYW5nZSBpbnRlbmRlZC4KClRoaXMgaXMgcGFydCBvZiBYU0EtMzIx LgoKU2lnbmVkLW9mZi1ieTogUm9nZXIgUGF1IE1vbm7DqSA8cm9nZXIucGF1 QGNpdHJpeC5jb20+ClJldmlld2VkLWJ5OiBKYW4gQmV1bGljaCA8amJldWxp Y2hAc3VzZS5jb20+Ci0tLQpDaGFuZ2VzIHNpbmNlIHYzOgogLSBVc2UgYSBt YWNybyBpbnN0ZWFkIG9mIGEgZnVuY3Rpb24uCgpDaGFuZ2VzIHNpbmNlIHYy OgogLSBSZW5hbWUgdG8gaW9tbXVfc3luY19jYWNoZS4KIC0gTW92ZSB0byBp b21tdS5jIGluIG9yZGVyIHRvIHVzZSB0aGUgYWx0ZXJuYXRpdmUgY2FsbCBw YXRjaGluZy4KLS0tCiB4ZW4vZHJpdmVycy9wYXNzdGhyb3VnaC92dGQvZXh0 ZXJuLmggfCAxIC0KIHhlbi9kcml2ZXJzL3Bhc3N0aHJvdWdoL3Z0ZC9pb21t dS5jICB8IDUgKysrLS0KIHhlbi9pbmNsdWRlL2FzbS14ODYvaW9tbXUuaCAg ICAgICAgICB8IDcgKysrKysrKwogeGVuL2luY2x1ZGUveGVuL2lvbW11Lmgg ICAgICAgICAgICAgIHwgMSArCiA0IGZpbGVzIGNoYW5nZWQsIDExIGluc2Vy dGlvbnMoKyksIDMgZGVsZXRpb25zKC0pCgpkaWZmIC0tZ2l0IGEveGVuL2Ry aXZlcnMvcGFzc3Rocm91Z2gvdnRkL2V4dGVybi5oIGIveGVuL2RyaXZlcnMv cGFzc3Rocm91Z2gvdnRkL2V4dGVybi5oCmluZGV4IDUyYjVlMWM2MGQuLmYx NTk0N2FmMWYgMTAwNjQ0Ci0tLSBhL3hlbi9kcml2ZXJzL3Bhc3N0aHJvdWdo L3Z0ZC9leHRlcm4uaAorKysgYi94ZW4vZHJpdmVycy9wYXNzdGhyb3VnaC92 dGQvZXh0ZXJuLmgKQEAgLTQzLDcgKzQzLDYgQEAgdm9pZCBkaXNhYmxlX3Fp bnZhbChzdHJ1Y3QgdnRkX2lvbW11ICppb21tdSk7CiBpbnQgZW5hYmxlX2lu dHJlbWFwKHN0cnVjdCB2dGRfaW9tbXUgKmlvbW11LCBpbnQgZWltKTsKIHZv aWQgZGlzYWJsZV9pbnRyZW1hcChzdHJ1Y3QgdnRkX2lvbW11ICppb21tdSk7 CiAKLXZvaWQgaW9tbXVfc3luY19jYWNoZShjb25zdCB2b2lkICphZGRyLCB1 bnNpZ25lZCBpbnQgc2l6ZSk7CiBpbnQgaW9tbXVfYWxsb2Moc3RydWN0IGFj cGlfZHJoZF91bml0ICpkcmhkKTsKIHZvaWQgaW9tbXVfZnJlZShzdHJ1Y3Qg YWNwaV9kcmhkX3VuaXQgKmRyaGQpOwogCmRpZmYgLS1naXQgYS94ZW4vZHJp dmVycy9wYXNzdGhyb3VnaC92dGQvaW9tbXUuYyBiL3hlbi9kcml2ZXJzL3Bh c3N0aHJvdWdoL3Z0ZC9pb21tdS5jCmluZGV4IDU1ZWIxNDAwMzMuLjkzYmNk NzJmODQgMTAwNjQ0Ci0tLSBhL3hlbi9kcml2ZXJzL3Bhc3N0aHJvdWdoL3Z0 ZC9pb21tdS5jCisrKyBiL3hlbi9kcml2ZXJzL3Bhc3N0aHJvdWdoL3Z0ZC9p b21tdS5jCkBAIC0xNDcsNyArMTQ3LDcgQEAgc3RhdGljIGludCBjb250ZXh0 X2dldF9kb21haW5faWQoc3RydWN0IGNvbnRleHRfZW50cnkgKmNvbnRleHQs CiAKIHN0YXRpYyBpbnQgaW9tbXVzX2luY29oZXJlbnQ7CiAKLXZvaWQgaW9t bXVfc3luY19jYWNoZShjb25zdCB2b2lkICphZGRyLCB1bnNpZ25lZCBpbnQg c2l6ZSkKK3N0YXRpYyB2b2lkIHN5bmNfY2FjaGUoY29uc3Qgdm9pZCAqYWRk ciwgdW5zaWduZWQgaW50IHNpemUpCiB7CiAgICAgaW50IGk7CiAgICAgc3Rh dGljIHVuc2lnbmVkIGludCBjbGZsdXNoX3NpemUgPSAwOwpAQCAtMTgwLDcg KzE4MCw3IEBAIHVpbnQ2NF90IGFsbG9jX3BndGFibGVfbWFkZHIodW5zaWdu ZWQgbG9uZyBucGFnZXMsIG5vZGVpZF90IG5vZGUpCiAgICAgICAgIHZhZGRy ID0gX19tYXBfZG9tYWluX3BhZ2UoY3VyX3BnKTsKICAgICAgICAgbWVtc2V0 KHZhZGRyLCAwLCBQQUdFX1NJWkUpOwogCi0gICAgICAgIGlvbW11X3N5bmNf Y2FjaGUodmFkZHIsIFBBR0VfU0laRSk7CisgICAgICAgIHN5bmNfY2FjaGUo dmFkZHIsIFBBR0VfU0laRSk7CiAgICAgICAgIHVubWFwX2RvbWFpbl9wYWdl KHZhZGRyKTsKICAgICAgICAgY3VyX3BnKys7CiAgICAgfQpAQCAtMjc3OCw2 ICsyNzc4LDcgQEAgY29uc3Qgc3RydWN0IGlvbW11X29wcyBfX2luaXRjb25z dHJlbCBpbnRlbF9pb21tdV9vcHMgPSB7CiAgICAgLmlvdGxiX2ZsdXNoX2Fs bCA9IGlvbW11X2ZsdXNoX2lvdGxiX2FsbCwKICAgICAuZ2V0X3Jlc2VydmVk X2RldmljZV9tZW1vcnkgPSBpbnRlbF9pb21tdV9nZXRfcmVzZXJ2ZWRfZGV2 aWNlX21lbW9yeSwKICAgICAuZHVtcF9wMm1fdGFibGUgPSB2dGRfZHVtcF9w Mm1fdGFibGUsCisgICAgLnN5bmNfY2FjaGUgPSBzeW5jX2NhY2hlLAogfTsK IAogY29uc3Qgc3RydWN0IGlvbW11X2luaXRfb3BzIF9faW5pdGNvbnN0cmVs IGludGVsX2lvbW11X2luaXRfb3BzID0gewpkaWZmIC0tZ2l0IGEveGVuL2lu Y2x1ZGUvYXNtLXg4Ni9pb21tdS5oIGIveGVuL2luY2x1ZGUvYXNtLXg4Ni9p b21tdS5oCmluZGV4IDg1NzQxZjdjOTYuLjg2NGUwMjUwNzggMTAwNjQ0Ci0t LSBhL3hlbi9pbmNsdWRlL2FzbS14ODYvaW9tbXUuaAorKysgYi94ZW4vaW5j bHVkZS9hc20teDg2L2lvbW11LmgKQEAgLTEyMSw2ICsxMjEsMTMgQEAgZXh0 ZXJuIGJvb2wgdW50cnVzdGVkX21zaTsKIGludCBwaV91cGRhdGVfaXJ0ZShj b25zdCBzdHJ1Y3QgcGlfZGVzYyAqcGlfZGVzYywgY29uc3Qgc3RydWN0IHBp cnEgKnBpcnEsCiAgICAgICAgICAgICAgICAgICAgY29uc3QgdWludDhfdCBn dmVjKTsKIAorI2RlZmluZSBpb21tdV9zeW5jX2NhY2hlKGFkZHIsIHNpemUp ICh7ICAgICAgICAgICAgICAgICBcCisgICAgY29uc3Qgc3RydWN0IGlvbW11 X29wcyAqb3BzID0gaW9tbXVfZ2V0X29wcygpOyAgICAgIFwKKyAgICAgICAg ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAg ICAgXAorICAgIGlmICggb3BzLT5zeW5jX2NhY2hlICkgICAgICAgICAgICAg ICAgICAgICAgICAgICAgICBcCisgICAgICAgIGlvbW11X3ZjYWxsKG9wcywg c3luY19jYWNoZSwgYWRkciwgc2l6ZSk7ICAgICAgIFwKK30pCisKICNlbmRp ZiAvKiAhX19BUkNIX1g4Nl9JT01NVV9IX18gKi8KIC8qCiAgKiBMb2NhbCB2 YXJpYWJsZXM6CmRpZmYgLS1naXQgYS94ZW4vaW5jbHVkZS94ZW4vaW9tbXUu aCBiL3hlbi9pbmNsdWRlL3hlbi9pb21tdS5oCmluZGV4IDYyNjRkM2QwN2Yu LjMyNzI4NzQ5NTggMTAwNjQ0Ci0tLSBhL3hlbi9pbmNsdWRlL3hlbi9pb21t dS5oCisrKyBiL3hlbi9pbmNsdWRlL3hlbi9pb21tdS5oCkBAIC0yNzUsNiAr Mjc1LDcgQEAgc3RydWN0IGlvbW11X29wcyB7CiAgICAgaW50ICgqc2V0dXBf aHBldF9tc2kpKHN0cnVjdCBtc2lfZGVzYyAqKTsKIAogICAgIGludCAoKmFk anVzdF9pcnFfYWZmaW5pdGllcykodm9pZCk7CisgICAgdm9pZCAoKnN5bmNf Y2FjaGUpKGNvbnN0IHZvaWQgKmFkZHIsIHVuc2lnbmVkIGludCBzaXplKTsK ICNlbmRpZiAvKiBDT05GSUdfWDg2ICovCiAKICAgICBpbnQgX19tdXN0X2No ZWNrICgqc3VzcGVuZCkodm9pZCk7Ci0tIAoyLjI2LjIKCg== --=separator Content-Type: application/octet-stream; name="xsa321/xsa321-4.9-1.patch" Content-Disposition: attachment; filename="xsa321/xsa321-4.9-1.patch" Content-Transfer-Encoding: base64 RnJvbTogSmFuIEJldWxpY2ggPGpiZXVsaWNoQHN1c2UuY29tPgpTdWJqZWN0 OiB2dGQ6IGltcHJvdmUgSU9NTVUgVExCIGZsdXNoCgpEbyBub3QgbGltaXQg UFNJIGZsdXNoZXMgdG8gb3JkZXIgMCBwYWdlcywgaW4gb3JkZXIgdG8gYXZv aWQgZG9pbmcgYQpmdWxsIFRMQiBmbHVzaCBpZiB0aGUgcGFzc2VkIGluIHBh Z2UgaGFzIGFuIG9yZGVyIGdyZWF0ZXIgdGhhbiAwIGFuZAppcyBhbGlnbmVk LiBTaG91bGQgaW5jcmVhc2UgdGhlIHBlcmZvcm1hbmNlIG9mIElPTU1VIFRM QiBmbHVzaGVzIHdoZW4KZGVhbGluZyB3aXRoIHBhZ2Ugb3JkZXJzIGdyZWF0 ZXIgdGhhbiAwLgoKVGhpcyBpcyBwYXJ0IG9mIFhTQS0zMjEuCgpTaWduZWQt b2ZmLWJ5OiBKYW4gQmV1bGljaCA8amJldWxpY2hAc3VzZS5jb20+ClJldmll d2VkLWJ5OiBSb2dlciBQYXUgTW9ubsOpIDxyb2dlci5wYXVAY2l0cml4LmNv bT4KCi0tLSBhL3hlbi9kcml2ZXJzL3Bhc3N0aHJvdWdoL3Z0ZC9pb21tdS5j CisrKyBiL3hlbi9kcml2ZXJzL3Bhc3N0aHJvdWdoL3Z0ZC9pb21tdS5jCkBA IC02MTIsMTMgKzYxMiwxNCBAQCBzdGF0aWMgaW50IF9fbXVzdF9jaGVjayBp b21tdV9mbHVzaF9pb3RsCiAgICAgICAgIGlmICggaW9tbXVfZG9taWQgPT0g LTEgKQogICAgICAgICAgICAgY29udGludWU7CiAKLSAgICAgICAgaWYgKCBw YWdlX2NvdW50ICE9IDEgfHwgZ2ZuID09IGdmbl94KElOVkFMSURfR0ZOKSAp CisgICAgICAgIGlmICggIXBhZ2VfY291bnQgfHwgKHBhZ2VfY291bnQgJiAo cGFnZV9jb3VudCAtIDEpKSB8fAorICAgICAgICAgICAgIGdmbiA9PSBnZm5f eChJTlZBTElEX0dGTikgfHwgIUlTX0FMSUdORUQoZ2ZuLCBwYWdlX2NvdW50 KSApCiAgICAgICAgICAgICByYyA9IGlvbW11X2ZsdXNoX2lvdGxiX2RzaShp b21tdSwgaW9tbXVfZG9taWQsCiAgICAgICAgICAgICAgICAgICAgICAgICAg ICAgICAgICAgICAgICAwLCBmbHVzaF9kZXZfaW90bGIpOwogICAgICAgICBl bHNlCiAgICAgICAgICAgICByYyA9IGlvbW11X2ZsdXNoX2lvdGxiX3BzaShp b21tdSwgaW9tbXVfZG9taWQsCiAgICAgICAgICAgICAgICAgICAgICAgICAg ICAgICAgICAgICAgICAocGFkZHJfdClnZm4gPDwgUEFHRV9TSElGVF80SywK LSAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIFBBR0Vf T1JERVJfNEssCisgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAg ICAgICBnZXRfb3JkZXJfZnJvbV9wYWdlcyhwYWdlX2NvdW50KSwKICAgICAg ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICFkbWFfb2xkX3B0 ZV9wcmVzZW50LAogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAg ICAgICAgZmx1c2hfZGV2X2lvdGxiKTsKIAo= --=separator Content-Type: application/octet-stream; name="xsa321/xsa321-4.9-2.patch" Content-Disposition: attachment; filename="xsa321/xsa321-4.9-2.patch" Content-Transfer-Encoding: base64 RnJvbTogPHNlY3VyaXR5QHhlbnByb2plY3Qub3JnPgpTdWJqZWN0OiB2dGQ6 IHBydW5lIChhbmQgcmVuYW1lKSBjYWNoZSBmbHVzaCBmdW5jdGlvbnMKClJl bmFtZSBfX2lvbW11X2ZsdXNoX2NhY2hlIHRvIGlvbW11X3N5bmNfY2FjaGUg YW5kIHJlbW92ZQppb21tdV9mbHVzaF9jYWNoZV9wYWdlLiBBbHNvIHJlbW92 ZSB0aGUgaW9tbXVfZmx1c2hfY2FjaGVfZW50cnkKd3JhcHBlciBhbmQganVz dCB1c2UgaW9tbXVfc3luY19jYWNoZSBpbnN0ZWFkLiBOb3RlIHRoZSBfZW50 cnkgc3VmZml4CndhcyBtZWFuaW5nbGVzcyBhcyB0aGUgd3JhcHBlciB3YXMg YWxyZWFkeSB0YWtpbmcgYSBzaXplIHBhcmFtZXRlciBpbgpieXRlcy4gV2hp bGUgdGhlcmUgYWxzbyBjb25zdGlmeSB0aGUgYWRkciBwYXJhbWV0ZXIuCgpO byBmdW5jdGlvbmFsIGNoYW5nZSBpbnRlbmRlZC4KClRoaXMgaXMgcGFydCBv ZiBYU0EtMzIxLgoKUmV2aWV3ZWQtYnk6IEphbiBCZXVsaWNoIDxqYmV1bGlj aEBzdXNlLmNvbT4KCi0tLSBhL3hlbi9kcml2ZXJzL3Bhc3N0aHJvdWdoL3Z0 ZC9leHRlcm4uaAorKysgYi94ZW4vZHJpdmVycy9wYXNzdGhyb3VnaC92dGQv ZXh0ZXJuLmgKQEAgLTM3LDggKzM3LDcgQEAgdm9pZCBkaXNhYmxlX3FpbnZh bChzdHJ1Y3QgaW9tbXUgKmlvbW11KQogaW50IGVuYWJsZV9pbnRyZW1hcChz dHJ1Y3QgaW9tbXUgKmlvbW11LCBpbnQgZWltKTsKIHZvaWQgZGlzYWJsZV9p bnRyZW1hcChzdHJ1Y3QgaW9tbXUgKmlvbW11KTsKIAotdm9pZCBpb21tdV9m bHVzaF9jYWNoZV9lbnRyeSh2b2lkICphZGRyLCB1bnNpZ25lZCBpbnQgc2l6 ZSk7Ci12b2lkIGlvbW11X2ZsdXNoX2NhY2hlX3BhZ2Uodm9pZCAqYWRkciwg dW5zaWduZWQgbG9uZyBucGFnZXMpOwordm9pZCBpb21tdV9zeW5jX2NhY2hl KGNvbnN0IHZvaWQgKmFkZHIsIHVuc2lnbmVkIGludCBzaXplKTsKIGludCBp b21tdV9hbGxvYyhzdHJ1Y3QgYWNwaV9kcmhkX3VuaXQgKmRyaGQpOwogdm9p ZCBpb21tdV9mcmVlKHN0cnVjdCBhY3BpX2RyaGRfdW5pdCAqZHJoZCk7CiAK LS0tIGEveGVuL2RyaXZlcnMvcGFzc3Rocm91Z2gvdnRkL2ludHJlbWFwLmMK KysrIGIveGVuL2RyaXZlcnMvcGFzc3Rocm91Z2gvdnRkL2ludHJlbWFwLmMK QEAgLTIzMSw3ICsyMzEsNyBAQCBzdGF0aWMgdm9pZCBmcmVlX3JlbWFwX2Vu dHJ5KHN0cnVjdCBpb21tCiAgICAgICAgICAgICAgICAgICAgICBpcmVtYXBf ZW50cmllcywgaXJlbWFwX2VudHJ5KTsKIAogICAgIHVwZGF0ZV9pcnRlKGlv bW11LCBpcmVtYXBfZW50cnksICZuZXdfaXJlLCBmYWxzZSk7Ci0gICAgaW9t bXVfZmx1c2hfY2FjaGVfZW50cnkoaXJlbWFwX2VudHJ5LCBzaXplb2YoKmly ZW1hcF9lbnRyeSkpOworICAgIGlvbW11X3N5bmNfY2FjaGUoaXJlbWFwX2Vu dHJ5LCBzaXplb2YoKmlyZW1hcF9lbnRyeSkpOwogICAgIGlvbW11X2ZsdXNo X2llY19pbmRleChpb21tdSwgMCwgaW5kZXgpOwogCiAgICAgdW5tYXBfdnRk X2RvbWFpbl9wYWdlKGlyZW1hcF9lbnRyaWVzKTsKQEAgLTQwMyw3ICs0MDMs NyBAQCBzdGF0aWMgaW50IGlvYXBpY19ydGVfdG9fcmVtYXBfZW50cnkoc3Ry CiAgICAgfQogCiAgICAgdXBkYXRlX2lydGUoaW9tbXUsIGlyZW1hcF9lbnRy eSwgJm5ld19pcmUsICFpbml0KTsKLSAgICBpb21tdV9mbHVzaF9jYWNoZV9l bnRyeShpcmVtYXBfZW50cnksIHNpemVvZigqaXJlbWFwX2VudHJ5KSk7Cisg ICAgaW9tbXVfc3luY19jYWNoZShpcmVtYXBfZW50cnksIHNpemVvZigqaXJl bWFwX2VudHJ5KSk7CiAgICAgaW9tbXVfZmx1c2hfaWVjX2luZGV4KGlvbW11 LCAwLCBpbmRleCk7CiAKICAgICB1bm1hcF92dGRfZG9tYWluX3BhZ2UoaXJl bWFwX2VudHJpZXMpOwpAQCAtNjk0LDcgKzY5NCw3IEBAIHN0YXRpYyBpbnQg bXNpX21zZ190b19yZW1hcF9lbnRyeSgKICAgICB1cGRhdGVfaXJ0ZShpb21t dSwgaXJlbWFwX2VudHJ5LCAmbmV3X2lyZSwgbXNpX2Rlc2MtPmlydGVfaW5p dGlhbGl6ZWQpOwogICAgIG1zaV9kZXNjLT5pcnRlX2luaXRpYWxpemVkID0g dHJ1ZTsKIAotICAgIGlvbW11X2ZsdXNoX2NhY2hlX2VudHJ5KGlyZW1hcF9l bnRyeSwgc2l6ZW9mKCppcmVtYXBfZW50cnkpKTsKKyAgICBpb21tdV9zeW5j X2NhY2hlKGlyZW1hcF9lbnRyeSwgc2l6ZW9mKCppcmVtYXBfZW50cnkpKTsK ICAgICBpb21tdV9mbHVzaF9pZWNfaW5kZXgoaW9tbXUsIDAsIGluZGV4KTsK IAogICAgIHVubWFwX3Z0ZF9kb21haW5fcGFnZShpcmVtYXBfZW50cmllcyk7 Ci0tLSBhL3hlbi9kcml2ZXJzL3Bhc3N0aHJvdWdoL3Z0ZC9pb21tdS5jCisr KyBiL3hlbi9kcml2ZXJzL3Bhc3N0aHJvdWdoL3Z0ZC9pb21tdS5jCkBAIC0x NTgsNyArMTU4LDggQEAgc3RhdGljIHZvaWQgX19pbml0IGZyZWVfaW50ZWxf aW9tbXUoc3RydQogfQogCiBzdGF0aWMgaW50IGlvbW11c19pbmNvaGVyZW50 Owotc3RhdGljIHZvaWQgX19pb21tdV9mbHVzaF9jYWNoZSh2b2lkICphZGRy LCB1bnNpZ25lZCBpbnQgc2l6ZSkKKwordm9pZCBpb21tdV9zeW5jX2NhY2hl KGNvbnN0IHZvaWQgKmFkZHIsIHVuc2lnbmVkIGludCBzaXplKQogewogICAg IGludCBpOwogICAgIHN0YXRpYyB1bnNpZ25lZCBpbnQgY2xmbHVzaF9zaXpl ID0gMDsKQEAgLTE3MywxNiArMTc0LDYgQEAgc3RhdGljIHZvaWQgX19pb21t dV9mbHVzaF9jYWNoZSh2b2lkICphZAogICAgICAgICBjYWNoZWxpbmVfZmx1 c2goKGNoYXIgKilhZGRyICsgaSk7CiB9CiAKLXZvaWQgaW9tbXVfZmx1c2hf Y2FjaGVfZW50cnkodm9pZCAqYWRkciwgdW5zaWduZWQgaW50IHNpemUpCi17 Ci0gICAgX19pb21tdV9mbHVzaF9jYWNoZShhZGRyLCBzaXplKTsKLX0KLQot dm9pZCBpb21tdV9mbHVzaF9jYWNoZV9wYWdlKHZvaWQgKmFkZHIsIHVuc2ln bmVkIGxvbmcgbnBhZ2VzKQotewotICAgIF9faW9tbXVfZmx1c2hfY2FjaGUo YWRkciwgUEFHRV9TSVpFICogbnBhZ2VzKTsKLX0KLQogLyogQWxsb2NhdGUg cGFnZSB0YWJsZSwgcmV0dXJuIGl0cyBtYWNoaW5lIGFkZHJlc3MgKi8KIHU2 NCBhbGxvY19wZ3RhYmxlX21hZGRyKHN0cnVjdCBhY3BpX2RyaGRfdW5pdCAq ZHJoZCwgdW5zaWduZWQgbG9uZyBucGFnZXMpCiB7CkBAIC0yMDcsNyArMTk4 LDcgQEAgdTY0IGFsbG9jX3BndGFibGVfbWFkZHIoc3RydWN0IGFjcGlfZHJo ZAogICAgICAgICB2YWRkciA9IF9fbWFwX2RvbWFpbl9wYWdlKGN1cl9wZyk7 CiAgICAgICAgIG1lbXNldCh2YWRkciwgMCwgUEFHRV9TSVpFKTsKIAotICAg ICAgICBpb21tdV9mbHVzaF9jYWNoZV9wYWdlKHZhZGRyLCAxKTsKKyAgICAg ICAgaW9tbXVfc3luY19jYWNoZSh2YWRkciwgUEFHRV9TSVpFKTsKICAgICAg ICAgdW5tYXBfZG9tYWluX3BhZ2UodmFkZHIpOwogICAgICAgICBjdXJfcGcr KzsKICAgICB9CkBAIC0yNDIsNyArMjMzLDcgQEAgc3RhdGljIHU2NCBidXNf dG9fY29udGV4dF9tYWRkcihzdHJ1Y3QgaQogICAgICAgICB9CiAgICAgICAg IHNldF9yb290X3ZhbHVlKCpyb290LCBtYWRkcik7CiAgICAgICAgIHNldF9y b290X3ByZXNlbnQoKnJvb3QpOwotICAgICAgICBpb21tdV9mbHVzaF9jYWNo ZV9lbnRyeShyb290LCBzaXplb2Yoc3RydWN0IHJvb3RfZW50cnkpKTsKKyAg ICAgICAgaW9tbXVfc3luY19jYWNoZShyb290LCBzaXplb2Yoc3RydWN0IHJv b3RfZW50cnkpKTsKICAgICB9CiAgICAgbWFkZHIgPSAodTY0KSBnZXRfY29u dGV4dF9hZGRyKCpyb290KTsKICAgICB1bm1hcF92dGRfZG9tYWluX3BhZ2Uo cm9vdF9lbnRyaWVzKTsKQEAgLTMwMCw3ICsyOTEsNyBAQCBzdGF0aWMgdTY0 IGFkZHJfdG9fZG1hX3BhZ2VfbWFkZHIoc3RydWN0CiAgICAgICAgICAgICAg Ki8KICAgICAgICAgICAgIGRtYV9zZXRfcHRlX3JlYWRhYmxlKCpwdGUpOwog ICAgICAgICAgICAgZG1hX3NldF9wdGVfd3JpdGFibGUoKnB0ZSk7Ci0gICAg ICAgICAgICBpb21tdV9mbHVzaF9jYWNoZV9lbnRyeShwdGUsIHNpemVvZihz dHJ1Y3QgZG1hX3B0ZSkpOworICAgICAgICAgICAgaW9tbXVfc3luY19jYWNo ZShwdGUsIHNpemVvZihzdHJ1Y3QgZG1hX3B0ZSkpOwogICAgICAgICB9CiAK ICAgICAgICAgaWYgKCBsZXZlbCA9PSAyICkKQEAgLTY3NCw3ICs2NjUsNyBA QCBzdGF0aWMgaW50IF9fbXVzdF9jaGVjayBkbWFfcHRlX2NsZWFyX29uCiAK ICAgICBkbWFfY2xlYXJfcHRlKCpwdGUpOwogICAgIHNwaW5fdW5sb2NrKCZo ZC0+YXJjaC5tYXBwaW5nX2xvY2spOwotICAgIGlvbW11X2ZsdXNoX2NhY2hl X2VudHJ5KHB0ZSwgc2l6ZW9mKHN0cnVjdCBkbWFfcHRlKSk7CisgICAgaW9t bXVfc3luY19jYWNoZShwdGUsIHNpemVvZihzdHJ1Y3QgZG1hX3B0ZSkpOwog CiAgICAgaWYgKCAhdGhpc19jcHUoaW9tbXVfZG9udF9mbHVzaF9pb3RsYikg KQogICAgICAgICByYyA9IGlvbW11X2ZsdXNoX2lvdGxiX3BhZ2VzKGRvbWFp biwgYWRkciA+PiBQQUdFX1NISUZUXzRLLCAxKTsKQEAgLTcxNiw3ICs3MDcs NyBAQCBzdGF0aWMgdm9pZCBpb21tdV9mcmVlX3BhZ2VfdGFibGUoc3RydWN0 CiAgICAgICAgICAgICBpb21tdV9mcmVlX3BhZ2V0YWJsZShkbWFfcHRlX2Fk ZHIoKnB0ZSksIG5leHRfbGV2ZWwpOwogCiAgICAgICAgIGRtYV9jbGVhcl9w dGUoKnB0ZSk7Ci0gICAgICAgIGlvbW11X2ZsdXNoX2NhY2hlX2VudHJ5KHB0 ZSwgc2l6ZW9mKHN0cnVjdCBkbWFfcHRlKSk7CisgICAgICAgIGlvbW11X3N5 bmNfY2FjaGUocHRlLCBzaXplb2Yoc3RydWN0IGRtYV9wdGUpKTsKICAgICB9 CiAKICAgICB1bm1hcF92dGRfZG9tYWluX3BhZ2UocHRfdmFkZHIpOwpAQCAt MTQ0Nyw3ICsxNDM4LDcgQEAgaW50IGRvbWFpbl9jb250ZXh0X21hcHBpbmdf b25lKAogICAgIGNvbnRleHRfc2V0X2FkZHJlc3Nfd2lkdGgoKmNvbnRleHQs IGFnYXcpOwogICAgIGNvbnRleHRfc2V0X2ZhdWx0X2VuYWJsZSgqY29udGV4 dCk7CiAgICAgY29udGV4dF9zZXRfcHJlc2VudCgqY29udGV4dCk7Ci0gICAg aW9tbXVfZmx1c2hfY2FjaGVfZW50cnkoY29udGV4dCwgc2l6ZW9mKHN0cnVj dCBjb250ZXh0X2VudHJ5KSk7CisgICAgaW9tbXVfc3luY19jYWNoZShjb250 ZXh0LCBzaXplb2Yoc3RydWN0IGNvbnRleHRfZW50cnkpKTsKICAgICBzcGlu X3VubG9jaygmaW9tbXUtPmxvY2spOwogCiAgICAgLyogQ29udGV4dCBlbnRy eSB3YXMgcHJldmlvdXNseSBub24tcHJlc2VudCAod2l0aCBkb21pZCAwKS4g Ki8KQEAgLTE1OTQsNyArMTU4NSw3IEBAIGludCBkb21haW5fY29udGV4dF91 bm1hcF9vbmUoCiAKICAgICBjb250ZXh0X2NsZWFyX3ByZXNlbnQoKmNvbnRl eHQpOwogICAgIGNvbnRleHRfY2xlYXJfZW50cnkoKmNvbnRleHQpOwotICAg IGlvbW11X2ZsdXNoX2NhY2hlX2VudHJ5KGNvbnRleHQsIHNpemVvZihzdHJ1 Y3QgY29udGV4dF9lbnRyeSkpOworICAgIGlvbW11X3N5bmNfY2FjaGUoY29u dGV4dCwgc2l6ZW9mKHN0cnVjdCBjb250ZXh0X2VudHJ5KSk7CiAKICAgICBp b21tdV9kb21pZD0gZG9tYWluX2lvbW11X2RvbWlkKGRvbWFpbiwgaW9tbXUp OwogICAgIGlmICggaW9tbXVfZG9taWQgPT0gLTEgKQpAQCAtMTgyNCw3ICsx ODE1LDcgQEAgc3RhdGljIGludCBfX211c3RfY2hlY2sgaW50ZWxfaW9tbXVf bWFwXwogCiAgICAgKnB0ZSA9IG5ldzsKIAotICAgIGlvbW11X2ZsdXNoX2Nh Y2hlX2VudHJ5KHB0ZSwgc2l6ZW9mKHN0cnVjdCBkbWFfcHRlKSk7CisgICAg aW9tbXVfc3luY19jYWNoZShwdGUsIHNpemVvZihzdHJ1Y3QgZG1hX3B0ZSkp OwogICAgIHNwaW5fdW5sb2NrKCZoZC0+YXJjaC5tYXBwaW5nX2xvY2spOwog ICAgIHVubWFwX3Z0ZF9kb21haW5fcGFnZShwYWdlKTsKIApAQCAtMTg1OCw3 ICsxODQ5LDcgQEAgaW50IGlvbW11X3B0ZV9mbHVzaChzdHJ1Y3QgZG9tYWlu ICpkLCB1NgogICAgIGludCBpb21tdV9kb21pZDsKICAgICBpbnQgcmMgPSAw OwogCi0gICAgaW9tbXVfZmx1c2hfY2FjaGVfZW50cnkocHRlLCBzaXplb2Yo c3RydWN0IGRtYV9wdGUpKTsKKyAgICBpb21tdV9zeW5jX2NhY2hlKHB0ZSwg c2l6ZW9mKHN0cnVjdCBkbWFfcHRlKSk7CiAKICAgICBmb3JfZWFjaF9kcmhk X3VuaXQgKCBkcmhkICkKICAgICB7Cg== --=separator Content-Type: application/octet-stream; name="xsa321/xsa321-4.9-3.patch" Content-Disposition: attachment; filename="xsa321/xsa321-4.9-3.patch" Content-Transfer-Encoding: base64 RnJvbTogPHNlY3VyaXR5QHhlbnByb2plY3Qub3JnPgpTdWJqZWN0OiB4ODYv aW9tbXU6IGludHJvZHVjZSBhIGNhY2hlIHN5bmMgaG9vawoKVGhlIGhvb2sg aXMgb25seSBpbXBsZW1lbnRlZCBmb3IgVlQtZCBhbmQgaXQgdXNlcyB0aGUg YWxyZWFkeSBleGlzdGluZwppb21tdV9zeW5jX2NhY2hlIGZ1bmN0aW9uIHBy ZXNlbnQgaW4gVlQtZCBjb2RlLiBUaGUgbmV3IGhvb2sgaXMKYWRkZWQgc28g dGhhdCB0aGUgY2FjaGUgY2FuIGJlIGZsdXNoZWQgYnkgY29kZSBvdXRzaWRl IG9mIFZULWQgd2hlbgp1c2luZyBzaGFyZWQgcGFnZSB0YWJsZXMuCgpOb3Rl IHRoYXQgYWxsb2NfcGd0YWJsZV9tYWRkciBtdXN0IHVzZSB0aGUgbm93IGxv Y2FsbHkgZGVmaW5lZApzeW5jX2NhY2hlIGZ1bmN0aW9uLCBiZWNhdXNlIElP TU1VIG9wcyBhcmUgbm90IHlldCBzZXR1cCB0aGUgZmlyc3QKdGltZSB0aGUg ZnVuY3Rpb24gZ2V0cyBjYWxsZWQgZHVyaW5nIElPTU1VIGluaXRpYWxpemF0 aW9uLgoKTm8gZnVuY3Rpb25hbCBjaGFuZ2UgaW50ZW5kZWQuCgpUaGlzIGlz IHBhcnQgb2YgWFNBLTMyMS4KClJldmlld2VkLWJ5OiBKYW4gQmV1bGljaCA8 amJldWxpY2hAc3VzZS5jb20+CgotLS0gYS94ZW4vZHJpdmVycy9wYXNzdGhy b3VnaC92dGQvZXh0ZXJuLmgKKysrIGIveGVuL2RyaXZlcnMvcGFzc3Rocm91 Z2gvdnRkL2V4dGVybi5oCkBAIC0zNyw3ICszNyw2IEBAIHZvaWQgZGlzYWJs ZV9xaW52YWwoc3RydWN0IGlvbW11ICppb21tdSkKIGludCBlbmFibGVfaW50 cmVtYXAoc3RydWN0IGlvbW11ICppb21tdSwgaW50IGVpbSk7CiB2b2lkIGRp c2FibGVfaW50cmVtYXAoc3RydWN0IGlvbW11ICppb21tdSk7CiAKLXZvaWQg aW9tbXVfc3luY19jYWNoZShjb25zdCB2b2lkICphZGRyLCB1bnNpZ25lZCBp bnQgc2l6ZSk7CiBpbnQgaW9tbXVfYWxsb2Moc3RydWN0IGFjcGlfZHJoZF91 bml0ICpkcmhkKTsKIHZvaWQgaW9tbXVfZnJlZShzdHJ1Y3QgYWNwaV9kcmhk X3VuaXQgKmRyaGQpOwogCi0tLSBhL3hlbi9kcml2ZXJzL3Bhc3N0aHJvdWdo L3Z0ZC9pb21tdS5jCisrKyBiL3hlbi9kcml2ZXJzL3Bhc3N0aHJvdWdoL3Z0 ZC9pb21tdS5jCkBAIC0xNTksNyArMTU5LDcgQEAgc3RhdGljIHZvaWQgX19p bml0IGZyZWVfaW50ZWxfaW9tbXUoc3RydQogCiBzdGF0aWMgaW50IGlvbW11 c19pbmNvaGVyZW50OwogCi12b2lkIGlvbW11X3N5bmNfY2FjaGUoY29uc3Qg dm9pZCAqYWRkciwgdW5zaWduZWQgaW50IHNpemUpCitzdGF0aWMgdm9pZCBz eW5jX2NhY2hlKGNvbnN0IHZvaWQgKmFkZHIsIHVuc2lnbmVkIGludCBzaXpl KQogewogICAgIGludCBpOwogICAgIHN0YXRpYyB1bnNpZ25lZCBpbnQgY2xm bHVzaF9zaXplID0gMDsKQEAgLTE5OCw3ICsxOTgsNyBAQCB1NjQgYWxsb2Nf cGd0YWJsZV9tYWRkcihzdHJ1Y3QgYWNwaV9kcmhkCiAgICAgICAgIHZhZGRy ID0gX19tYXBfZG9tYWluX3BhZ2UoY3VyX3BnKTsKICAgICAgICAgbWVtc2V0 KHZhZGRyLCAwLCBQQUdFX1NJWkUpOwogCi0gICAgICAgIGlvbW11X3N5bmNf Y2FjaGUodmFkZHIsIFBBR0VfU0laRSk7CisgICAgICAgIHN5bmNfY2FjaGUo dmFkZHIsIFBBR0VfU0laRSk7CiAgICAgICAgIHVubWFwX2RvbWFpbl9wYWdl KHZhZGRyKTsKICAgICAgICAgY3VyX3BnKys7CiAgICAgfQpAQCAtMjY5Niw2 ICsyNjk2LDcgQEAgY29uc3Qgc3RydWN0IGlvbW11X29wcyBpbnRlbF9pb21t dV9vcHMgPQogICAgIC5pb3RsYl9mbHVzaF9hbGwgPSBpb21tdV9mbHVzaF9p b3RsYl9hbGwsCiAgICAgLmdldF9yZXNlcnZlZF9kZXZpY2VfbWVtb3J5ID0g aW50ZWxfaW9tbXVfZ2V0X3Jlc2VydmVkX2RldmljZV9tZW1vcnksCiAgICAg LmR1bXBfcDJtX3RhYmxlID0gdnRkX2R1bXBfcDJtX3RhYmxlLAorICAgIC5z eW5jX2NhY2hlID0gc3luY19jYWNoZSwKIH07CiAKIC8qCi0tLSBhL3hlbi9p bmNsdWRlL2FzbS14ODYvaW9tbXUuaAorKysgYi94ZW4vaW5jbHVkZS9hc20t eDg2L2lvbW11LmgKQEAgLTk4LDYgKzk4LDEzIEBAIGV4dGVybiBib29sIHVu dHJ1c3RlZF9tc2k7CiBpbnQgcGlfdXBkYXRlX2lydGUoY29uc3Qgc3RydWN0 IHBpX2Rlc2MgKnBpX2Rlc2MsIGNvbnN0IHN0cnVjdCBwaXJxICpwaXJxLAog ICAgICAgICAgICAgICAgICAgIGNvbnN0IHVpbnQ4X3QgZ3ZlYyk7CiAKKyNk ZWZpbmUgaW9tbXVfc3luY19jYWNoZShhZGRyLCBzaXplKSAoeyAgICAgICAg ICAgICAgICAgXAorICAgIGNvbnN0IHN0cnVjdCBpb21tdV9vcHMgKm9wcyA9 IGlvbW11X2dldF9vcHMoKTsgICAgICBcCisgICAgICAgICAgICAgICAgICAg ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIFwKKyAgICBp ZiAoIG9wcy0+c3luY19jYWNoZSApICAgICAgICAgICAgICAgICAgICAgICAg ICAgICAgXAorICAgICAgICBvcHMtPnN5bmNfY2FjaGUoYWRkciwgc2l6ZSk7 ICAgICAgICAgICAgICAgICAgICBcCit9KQorCiAjZW5kaWYgLyogIV9fQVJD SF9YODZfSU9NTVVfSF9fICovCiAvKgogICogTG9jYWwgdmFyaWFibGVzOgot LS0gYS94ZW4vaW5jbHVkZS94ZW4vaW9tbXUuaAorKysgYi94ZW4vaW5jbHVk ZS94ZW4vaW9tbXUuaApAQCAtMTc2LDYgKzE3Niw3IEBAIHN0cnVjdCBpb21t dV9vcHMgewogICAgIHZvaWQgKCp1cGRhdGVfaXJlX2Zyb21fYXBpYykodW5z aWduZWQgaW50IGFwaWMsIHVuc2lnbmVkIGludCByZWcsIHVuc2lnbmVkIGlu dCB2YWx1ZSk7CiAgICAgdW5zaWduZWQgaW50ICgqcmVhZF9hcGljX2Zyb21f aXJlKSh1bnNpZ25lZCBpbnQgYXBpYywgdW5zaWduZWQgaW50IHJlZyk7CiAg ICAgaW50ICgqc2V0dXBfaHBldF9tc2kpKHN0cnVjdCBtc2lfZGVzYyAqKTsK KyAgICB2b2lkICgqc3luY19jYWNoZSkoY29uc3Qgdm9pZCAqYWRkciwgdW5z aWduZWQgaW50IHNpemUpOwogI2VuZGlmIC8qIENPTkZJR19YODYgKi8KICAg ICBpbnQgX19tdXN0X2NoZWNrICgqc3VzcGVuZCkodm9pZCk7CiAgICAgdm9p ZCAoKnJlc3VtZSkodm9pZCk7Cg== --=separator Content-Type: application/octet-stream; name="xsa321/xsa321-4.9-4.patch" Content-Disposition: attachment; filename="xsa321/xsa321-4.9-4.patch" Content-Transfer-Encoding: base64 RnJvbTogPHNlY3VyaXR5QHhlbnByb2plY3Qub3JnPgpTdWJqZWN0OiB2dGQ6 IGRvbid0IGFzc3VtZSBhZGRyZXNzZXMgYXJlIGFsaWduZWQgaW4gc3luY19j YWNoZQoKQ3VycmVudCBjb2RlIGluIHN5bmNfY2FjaGUgYXNzdW1lIHRoYXQg dGhlIGFkZHJlc3MgcGFzc2VkIGluIGlzCmFsaWduZWQgdG8gYSBjYWNoZSBs aW5lIHNpemUuIEZpeCB0aGUgY29kZSB0byBzdXBwb3J0IHBhc3NpbmcgaW4K YXJiaXRyYXJ5IGFkZHJlc3NlcyBub3QgbmVjZXNzYXJpbHkgYWxpZ25lZCB0 byBhIGNhY2hlIGxpbmUgc2l6ZS4KClRoaXMgaXMgcGFydCBvZiBYU0EtMzIx LgoKUmV2aWV3ZWQtYnk6IEphbiBCZXVsaWNoIDxqYmV1bGljaEBzdXNlLmNv bT4KCi0tLSBhL3hlbi9kcml2ZXJzL3Bhc3N0aHJvdWdoL3Z0ZC9pb21tdS5j CisrKyBiL3hlbi9kcml2ZXJzL3Bhc3N0aHJvdWdoL3Z0ZC9pb21tdS5jCkBA IC0xNjEsOCArMTYxLDggQEAgc3RhdGljIGludCBpb21tdXNfaW5jb2hlcmVu dDsKIAogc3RhdGljIHZvaWQgc3luY19jYWNoZShjb25zdCB2b2lkICphZGRy LCB1bnNpZ25lZCBpbnQgc2l6ZSkKIHsKLSAgICBpbnQgaTsKLSAgICBzdGF0 aWMgdW5zaWduZWQgaW50IGNsZmx1c2hfc2l6ZSA9IDA7CisgICAgc3RhdGlj IHVuc2lnbmVkIGxvbmcgY2xmbHVzaF9zaXplID0gMDsKKyAgICBjb25zdCB2 b2lkICplbmQgPSBhZGRyICsgc2l6ZTsKIAogICAgIGlmICggIWlvbW11c19p bmNvaGVyZW50ICkKICAgICAgICAgcmV0dXJuOwpAQCAtMTcwLDggKzE3MCw5 IEBAIHN0YXRpYyB2b2lkIHN5bmNfY2FjaGUoY29uc3Qgdm9pZCAqYWRkciwK ICAgICBpZiAoIGNsZmx1c2hfc2l6ZSA9PSAwICkKICAgICAgICAgY2xmbHVz aF9zaXplID0gZ2V0X2NhY2hlX2xpbmVfc2l6ZSgpOwogCi0gICAgZm9yICgg aSA9IDA7IGkgPCBzaXplOyBpICs9IGNsZmx1c2hfc2l6ZSApCi0gICAgICAg IGNhY2hlbGluZV9mbHVzaCgoY2hhciAqKWFkZHIgKyBpKTsKKyAgICBhZGRy IC09ICh1bnNpZ25lZCBsb25nKWFkZHIgJiAoY2xmbHVzaF9zaXplIC0gMSk7 CisgICAgZm9yICggOyBhZGRyIDwgZW5kOyBhZGRyICs9IGNsZmx1c2hfc2l6 ZSApCisgICAgICAgIGNhY2hlbGluZV9mbHVzaCgoY2hhciAqKWFkZHIpOwog fQogCiAvKiBBbGxvY2F0ZSBwYWdlIHRhYmxlLCByZXR1cm4gaXRzIG1hY2hp bmUgYWRkcmVzcyAqLwo= --=separator Content-Type: application/octet-stream; name="xsa321/xsa321-4.9-5.patch" Content-Disposition: attachment; filename="xsa321/xsa321-4.9-5.patch" Content-Transfer-Encoding: base64 RnJvbTogPHNlY3VyaXR5QHhlbnByb2plY3Qub3JnPgpTdWJqZWN0OiB4ODYv YWx0ZXJuYXRpdmU6IGludHJvZHVjZSBhbHRlcm5hdGl2ZV8yCgpJdCdzIGJh c2VkIG9uIGFsdGVybmF0aXZlX2lvXzIgd2l0aG91dCBpbnB1dHMgb3Igb3V0 cHV0cyBidXQgd2l0aCBhbgphZGRlZCBtZW1vcnkgY2xvYmJlci4KClRoaXMg aXMgcGFydCBvZiBYU0EtMzIxLgoKQWNrZWQtYnk6IEphbiBCZXVsaWNoIDxq YmV1bGljaEBzdXNlLmNvbT4KCi0tLSBhL3hlbi9pbmNsdWRlL2FzbS14ODYv YWx0ZXJuYXRpdmUuaAorKysgYi94ZW4vaW5jbHVkZS9hc20teDg2L2FsdGVy bmF0aXZlLmgKQEAgLTg1LDYgKzg1LDExIEBAIGV4dGVybiB2b2lkIGFsdGVy bmF0aXZlX2luc3RydWN0aW9ucyh2b2kKICNkZWZpbmUgYWx0ZXJuYXRpdmUo b2xkaW5zdHIsIG5ld2luc3RyLCBmZWF0dXJlKSAgICAgICAgICAgICAgICAg ICAgICAgIFwKICAgICAgICAgYXNtIHZvbGF0aWxlIChBTFRFUk5BVElWRShv bGRpbnN0ciwgbmV3aW5zdHIsIGZlYXR1cmUpIDogOiA6ICJtZW1vcnkiKQog CisjZGVmaW5lIGFsdGVybmF0aXZlXzIob2xkaW5zdHIsIG5ld2luc3RyMSwg ZmVhdHVyZTEsIG5ld2luc3RyMiwgZmVhdHVyZTIpIFwKKwlhc20gdm9sYXRp bGUgKEFMVEVSTkFUSVZFXzIob2xkaW5zdHIsIG5ld2luc3RyMSwgZmVhdHVy ZTEsCVwKKwkJCQkgICAgbmV3aW5zdHIyLCBmZWF0dXJlMikJCVwKKwkJICAg ICAgOiA6IDogIm1lbW9yeSIpCisKIC8qCiAgKiBBbHRlcm5hdGl2ZSBpbmxp bmUgYXNzZW1ibHkgd2l0aCBpbnB1dC4KICAqCg== --=separator Content-Type: application/octet-stream; name="xsa321/xsa321-4.9-6.patch" Content-Disposition: attachment; filename="xsa321/xsa321-4.9-6.patch" Content-Transfer-Encoding: base64 RnJvbTogPHNlY3VyaXR5QHhlbnByb2plY3Qub3JnPgpTdWJqZWN0OiB2dGQ6 IG9wdGltaXplIENQVSBjYWNoZSBzeW5jCgpTb21lIFZULWQgSU9NTVVzIGFy ZSBub24tY29oZXJlbnQsIHdoaWNoIHJlcXVpcmVzIGEgY2FjaGUgd3JpdGUg YmFjawppbiBvcmRlciBmb3IgdGhlIGNoYW5nZXMgbWFkZSBieSB0aGUgQ1BV IHRvIGJlIHZpc2libGUgdG8gdGhlIElPTU1VLgpUaGlzIGNhY2hlIHdyaXRl IGJhY2sgd2FzIHVuY29uZGl0aW9uYWxseSBkb25lIHVzaW5nIGNsZmx1c2gs IGJ1dCB0aGVyZSBhcmUKb3RoZXIgbW9yZSBlZmZpY2llbnQgaW5zdHJ1Y3Rp b25zIHRvIGRvIHNvLCBoZW5jZSBpbXBsZW1lbnQgc3VwcG9ydApmb3IgdGhl bSB1c2luZyB0aGUgYWx0ZXJuYXRpdmUgZnJhbWV3b3JrLgoKVGhpcyBpcyBw YXJ0IG9mIFhTQS0zMjEuCgpSZXZpZXdlZC1ieTogSmFuIEJldWxpY2ggPGpi ZXVsaWNoQHN1c2UuY29tPgoKLS0tIGEveGVuL2RyaXZlcnMvcGFzc3Rocm91 Z2gvdnRkL2V4dGVybi5oCisrKyBiL3hlbi9kcml2ZXJzL3Bhc3N0aHJvdWdo L3Z0ZC9leHRlcm4uaApAQCAtNjMsNyArNjMsNiBAQCBpbnQgX19tdXN0X2No ZWNrIHFpbnZhbF9kZXZpY2VfaW90bGJfc3luCiAgICAgICAgICAgICAgICAg ICAgICAgICAgICAgICAgICAgICAgICAgICB1MTYgZGlkLCB1MTYgc2l6ZSwg dTY0IGFkZHIpOwogCiB1bnNpZ25lZCBpbnQgZ2V0X2NhY2hlX2xpbmVfc2l6 ZSh2b2lkKTsKLXZvaWQgY2FjaGVsaW5lX2ZsdXNoKGNoYXIgKik7CiB2b2lk IGZsdXNoX2FsbF9jYWNoZSh2b2lkKTsKIAogdTY0IGFsbG9jX3BndGFibGVf bWFkZHIoc3RydWN0IGFjcGlfZHJoZF91bml0ICpkcmhkLCB1bnNpZ25lZCBs b25nIG5wYWdlcyk7Ci0tLSBhL3hlbi9kcml2ZXJzL3Bhc3N0aHJvdWdoL3Z0 ZC9pb21tdS5jCisrKyBiL3hlbi9kcml2ZXJzL3Bhc3N0aHJvdWdoL3Z0ZC9p b21tdS5jCkBAIC0zMSw2ICszMSw3IEBACiAjaW5jbHVkZSA8eGVuL3BjaV9y ZWdzLmg+CiAjaW5jbHVkZSA8eGVuL2tleWhhbmRsZXIuaD4KICNpbmNsdWRl IDxhc20vbXNpLmg+CisjaW5jbHVkZSA8YXNtL25vcHMuaD4KICNpbmNsdWRl IDxhc20vaXJxLmg+CiAjaW5jbHVkZSA8YXNtL2h2bS92bXgvdm14Lmg+CiAj aW5jbHVkZSA8YXNtL3AybS5oPgpAQCAtMTcyLDcgKzE3Myw0MiBAQCBzdGF0 aWMgdm9pZCBzeW5jX2NhY2hlKGNvbnN0IHZvaWQgKmFkZHIsCiAKICAgICBh ZGRyIC09ICh1bnNpZ25lZCBsb25nKWFkZHIgJiAoY2xmbHVzaF9zaXplIC0g MSk7CiAgICAgZm9yICggOyBhZGRyIDwgZW5kOyBhZGRyICs9IGNsZmx1c2hf c2l6ZSApCi0gICAgICAgIGNhY2hlbGluZV9mbHVzaCgoY2hhciAqKWFkZHIp OworLyoKKyAqIFRoZSBhcmd1bWVudHMgdG8gYSBtYWNybyBtdXN0IG5vdCBp bmNsdWRlIHByZXByb2Nlc3NvciBkaXJlY3RpdmVzLiBEb2luZyBzbworICog cmVzdWx0cyBpbiB1bmRlZmluZWQgYmVoYXZpb3IsIHNvIHdlIGhhdmUgdG8g Y3JlYXRlIHNvbWUgZGVmaW5lcyBoZXJlIGluCisgKiBvcmRlciB0byBhdm9p ZCBpdC4KKyAqLworI2lmIGRlZmluZWQoSEFWRV9BU19DTFdCKQorIyBkZWZp bmUgQ0xXQl9FTkNPRElORyAiY2x3YiAlW3BdIgorI2VsaWYgZGVmaW5lZChI QVZFX0FTX1hTQVZFT1BUKQorIyBkZWZpbmUgQ0xXQl9FTkNPRElORyAiZGF0 YTE2IHhzYXZlb3B0ICVbcF0iIC8qIGNsd2IgKi8KKyNlbHNlCisjIGRlZmlu ZSBDTFdCX0VOQ09ESU5HICIuYnl0ZSAweDY2LCAweDBmLCAweGFlLCAweDMw IiAvKiBjbHdiICglJXJheCkgKi8KKyNlbmRpZgorCisjZGVmaW5lIEJBU0Vf SU5QVVQoYWRkcikgW3BdICJtIiAoKihjb25zdCBjaGFyICopKGFkZHIpKQor I2lmIGRlZmluZWQoSEFWRV9BU19DTFdCKSB8fCBkZWZpbmVkKEhBVkVfQVNf WFNBVkVPUFQpCisjIGRlZmluZSBJTlBVVCBCQVNFX0lOUFVUCisjZWxzZQor IyBkZWZpbmUgSU5QVVQoYWRkcikgImEiIChhZGRyKSwgQkFTRV9JTlBVVChh ZGRyKQorI2VuZGlmCisgICAgICAgIC8qCisgICAgICAgICAqIE5vdGUgcmVn YXJkaW5nIHRoZSB1c2Ugb2YgTk9QX0RTX1BSRUZJWDogaXQncyBmYXN0ZXIg dG8gZG8gYSBjbGZsdXNoCisgICAgICAgICAqICsgcHJlZml4IHRoYW4gYSBj bGZsdXNoICsgbm9wLCBhbmQgaGVuY2UgdGhlIHByZWZpeCBpcyBhZGRlZCBp bnN0ZWFkCisgICAgICAgICAqIG9mIGxldHRpbmcgdGhlIGFsdGVybmF0aXZl IGZyYW1ld29yayBmaWxsIHRoZSBnYXAgYnkgYXBwZW5kaW5nIG5vcHMuCisg ICAgICAgICAqLworICAgICAgICBhbHRlcm5hdGl2ZV9pb18yKCIuYnl0ZSAi IF9fc3RyaW5naWZ5KE5PUF9EU19QUkVGSVgpICI7IGNsZmx1c2ggJVtwXSIs CisgICAgICAgICAgICAgICAgICAgICAgICAgImRhdGExNiBjbGZsdXNoICVb cF0iLCAvKiBjbGZsdXNob3B0ICovCisgICAgICAgICAgICAgICAgICAgICAg ICAgWDg2X0ZFQVRVUkVfQ0xGTFVTSE9QVCwKKyAgICAgICAgICAgICAgICAg ICAgICAgICBDTFdCX0VOQ09ESU5HLAorICAgICAgICAgICAgICAgICAgICAg ICAgIFg4Nl9GRUFUVVJFX0NMV0IsIC8qIG5vIG91dHB1dHMgKi8sCisgICAg ICAgICAgICAgICAgICAgICAgICAgSU5QVVQoYWRkcikpOworI3VuZGVmIElO UFVUCisjdW5kZWYgQkFTRV9JTlBVVAorI3VuZGVmIENMV0JfRU5DT0RJTkcK KworICAgIGFsdGVybmF0aXZlXzIoQVNNX05PUDMsICJzZmVuY2UiLCBYODZf RkVBVFVSRV9DTEZMVVNIT1BULAorICAgICAgICAgICAgICAgICAgICAgICAg ICAgICJzZmVuY2UiLCBYODZfRkVBVFVSRV9DTFdCKTsKIH0KIAogLyogQWxs b2NhdGUgcGFnZSB0YWJsZSwgcmV0dXJuIGl0cyBtYWNoaW5lIGFkZHJlc3Mg Ki8KLS0tIGEveGVuL2RyaXZlcnMvcGFzc3Rocm91Z2gvdnRkL3g4Ni92dGQu YworKysgYi94ZW4vZHJpdmVycy9wYXNzdGhyb3VnaC92dGQveDg2L3Z0ZC5j CkBAIC01MywxMSArNTMsNiBAQCB1bnNpZ25lZCBpbnQgZ2V0X2NhY2hlX2xp bmVfc2l6ZSh2b2lkKQogICAgIHJldHVybiAoKGNwdWlkX2VieCgxKSA+PiA4 KSAmIDB4ZmYpICogODsKIH0KIAotdm9pZCBjYWNoZWxpbmVfZmx1c2goY2hh ciAqIGFkZHIpCi17Ci0gICAgY2xmbHVzaChhZGRyKTsKLX0KLQogdm9pZCBm bHVzaF9hbGxfY2FjaGUoKQogewogICAgIHdiaW52ZCgpOwo= --=separator Content-Type: application/octet-stream; name="xsa321/xsa321-4.9-7.patch" Content-Disposition: attachment; filename="xsa321/xsa321-4.9-7.patch" Content-Transfer-Encoding: base64 RnJvbTogPHNlY3VyaXR5QHhlbnByb2plY3Qub3JnPgpTdWJqZWN0OiB4ODYv ZXB0OiBmbHVzaCBjYWNoZSB3aGVuIG1vZGlmeWluZyBQVEVzIGFuZCBzaGFy aW5nIHBhZ2UgdGFibGVzCgpNb2RpZmljYXRpb25zIG1hZGUgdG8gdGhlIHBh Z2UgdGFibGVzIGJ5IEVQVCBjb2RlIG5lZWQgdG8gYmUgd3JpdHRlbgp0byBt ZW1vcnkgd2hlbiB0aGUgcGFnZSB0YWJsZXMgYXJlIHNoYXJlZCB3aXRoIHRo ZSBJT01NVSwgYXMgSW50ZWwKSU9NTVVzIGNhbiBiZSBub24tY29oZXJlbnQg YW5kIHRodXMgcmVxdWlyZSBjaGFuZ2VzIHRvIGJlIHdyaXR0ZW4gdG8KbWVt b3J5IGluIG9yZGVyIHRvIGJlIHZpc2libGUgdG8gdGhlIElPTU1VLgoKSW4g b3JkZXIgdG8gYWNoaWV2ZSB0aGlzIG1ha2Ugc3VyZSBkYXRhIGlzIHdyaXR0 ZW4gYmFjayB0byBtZW1vcnkKYWZ0ZXIgd3JpdGluZyBhbiBFUFQgZW50cnkg d2hlbiB0aGUgcmVjYWxjIGJpdCBpcyBub3Qgc2V0IGluCmF0b21pY193cml0 ZV9lcHRfZW50cnkuIElmIHN1Y2ggYml0IGlzIHNldCwgdGhlIGVudHJ5IHdp bGwgYmUKYWRqdXN0ZWQgYW5kIGF0b21pY193cml0ZV9lcHRfZW50cnkgd2ls bCBiZSBjYWxsZWQgYSBzZWNvbmQgdGltZQp3aXRob3V0IHRoZSByZWNhbGMg Yml0IHNldC4gTm90ZSB0aGF0IHdoZW4gc3BsaXR0aW5nIGEgc3VwZXIgcGFn ZSB0aGUKbmV3IHRhYmxlcyByZXN1bHRpbmcgb2YgdGhlIHNwbGl0IHNob3Vs ZCBhbHNvIGJlIHdyaXR0ZW4gYmFjay4KCkZhaWx1cmUgdG8gZG8gc28gY2Fu IGFsbG93IGRldmljZXMgYmVoaW5kIHRoZSBJT01NVSBhY2Nlc3MgdG8gdGhl CnN0YWxlIHN1cGVyIHBhZ2UsIG9yIGNhdXNlIGNvaGVyZW5jeSBpc3N1ZXMg YXMgY2hhbmdlcyBtYWRlIGJ5IHRoZQpwcm9jZXNzb3IgdG8gdGhlIHBhZ2Ug dGFibGVzIGFyZSBub3QgdmlzaWJsZSB0byB0aGUgSU9NTVUuCgpUaGlzIGFs bG93cyB0byByZW1vdmUgdGhlIFZULWQgc3BlY2lmaWMgaW9tbXVfcHRlX2Zs dXNoIGhlbHBlciwgc2luY2UKdGhlIGNhY2hlIHdyaXRlIGJhY2sgaXMgbm93 IHBlcmZvcm1lZCBieSBhdG9taWNfd3JpdGVfZXB0X2VudHJ5LCBhbmQKaGVu Y2UgaW9tbXVfaW90bGJfZmx1c2ggY2FuIGJlIHVzZWQgdG8gZmx1c2ggdGhl IElPTU1VIFRMQi4gVGhlIG5ld2x5CnVzZWQgbWV0aG9kIChpb21tdV9pb3Rs Yl9mbHVzaCkgY2FuIHJlc3VsdCBpbiBsZXNzIGZsdXNoZXMsIHNpbmNlIGl0 Cm1pZ2h0IHNvbWV0aW1lcyBiZSBjYWxsZWQgcmlnaHRseSB3aXRoIDAgZmxh Z3MsIGluIHdoaWNoIGNhc2UgaXQKYmVjb21lcyBhIG5vLW9wLgoKVGhpcyBp cyBwYXJ0IG9mIFhTQS0zMjEuCgpSZXZpZXdlZC1ieTogSmFuIEJldWxpY2gg PGpiZXVsaWNoQHN1c2UuY29tPgoKLS0tIGEveGVuL2FyY2gveDg2L21tL3Ay bS1lcHQuYworKysgYi94ZW4vYXJjaC94ODYvbW0vcDJtLWVwdC5jCkBAIC05 MCw2ICs5MCwxOSBAQCBzdGF0aWMgaW50IGF0b21pY193cml0ZV9lcHRfZW50 cnkoZXB0X2VuCiAKICAgICB3cml0ZV9hdG9taWMoJmVudHJ5cHRyLT5lcHRl LCBuZXcuZXB0ZSk7CiAKKyAgICAvKgorICAgICAqIFRoZSByZWNhbGMgZmll bGQgb24gdGhlIEVQVCBpcyB1c2VkIHRvIHNpZ25hbCBlaXRoZXIgdGhhdCBh CisgICAgICogcmVjYWxjdWxhdGlvbiBvZiB0aGUgRU1UIGZpZWxkIGlzIHJl cXVpcmVkICh3aGljaCBkb2Vzbid0IGVmZmVjdCB0aGUKKyAgICAgKiBJT01N VSksIG9yIGEgdHlwZSBjaGFuZ2UuIFR5cGUgY2hhbmdlcyBjYW4gb25seSBi ZSBiZXR3ZWVuIHJhbV9ydywKKyAgICAgKiBsb2dkaXJ0eSBhbmQgaW9yZXFf c2VydmVyOiBjaGFuZ2VzIHRvL2Zyb20gbG9nZGlydHkgd29uJ3Qgd29yayB3 ZWxsIHdpdGgKKyAgICAgKiBhbiBJT01NVSBhbnl3YXksIGFzIElPTU1VICNQ RnMgYXJlIG5vdCBzeW5jaHJvbm91cyBhbmQgd2lsbCBsZWFkIHRvCisgICAg ICogYWJvcnRzLCBhbmQgY2hhbmdlcyB0by9mcm9tIGlvcmVxX3NlcnZlciBh cmUgYWxyZWFkeSBmdWxseSBmbHVzaGVkCisgICAgICogYmVmb3JlIHJldHVy bmluZyB0byBndWVzdCBjb250ZXh0IChzZWUKKyAgICAgKiBYRU5fRE1PUF9t YXBfbWVtX3R5cGVfdG9faW9yZXFfc2VydmVyKS4KKyAgICAgKi8KKyAgICBp ZiAoICFuZXcucmVjYWxjICYmIGlvbW11X2hhcF9wdF9zaGFyZSApCisgICAg ICAgIGlvbW11X3N5bmNfY2FjaGUoZW50cnlwdHIsIHNpemVvZigqZW50cnlw dHIpKTsKKwogICAgIGlmICggdW5saWtlbHkob2xkbWZuICE9IG1mbl94KElO VkFMSURfTUZOKSkgKQogICAgICAgICBwdXRfcGFnZShtZm5fdG9fcGFnZShv bGRtZm4pKTsKIApAQCAtMzE5LDYgKzMzMiw5IEBAIHN0YXRpYyBib29sX3Qg ZXB0X3NwbGl0X3N1cGVyX3BhZ2Uoc3RydWMKICAgICAgICAgICAgIGJyZWFr OwogICAgIH0KIAorICAgIGlmICggaW9tbXVfaGFwX3B0X3NoYXJlICkKKyAg ICAgICAgaW9tbXVfc3luY19jYWNoZSh0YWJsZSwgRVBUX1BBR0VUQUJMRV9F TlRSSUVTICogc2l6ZW9mKGVwdF9lbnRyeV90KSk7CisKICAgICB1bm1hcF9k b21haW5fcGFnZSh0YWJsZSk7CiAKICAgICAvKiBFdmVuIGZhaWxlZCB3ZSBz aG91bGQgaW5zdGFsbCB0aGUgbmV3bHkgYWxsb2NhdGVkIGVwdCBwYWdlLiAq LwpAQCAtMzc4LDYgKzM5NCw5IEBAIHN0YXRpYyBpbnQgZXB0X25leHRfbGV2 ZWwoc3RydWN0IHAybV9kb20KICAgICAgICAgaWYgKCAhbmV4dCApCiAgICAg ICAgICAgICByZXR1cm4gR1VFU1RfVEFCTEVfTUFQX0ZBSUxFRDsKIAorICAg ICAgICBpZiAoIGlvbW11X2hhcF9wdF9zaGFyZSApCisgICAgICAgICAgICBp b21tdV9zeW5jX2NhY2hlKG5leHQsIEVQVF9QQUdFVEFCTEVfRU5UUklFUyAq IHNpemVvZihlcHRfZW50cnlfdCkpOworCiAgICAgICAgIHJjID0gYXRvbWlj X3dyaXRlX2VwdF9lbnRyeShlcHRfZW50cnksIGUsIG5leHRfbGV2ZWwpOwog ICAgICAgICBBU1NFUlQocmMgPT0gMCk7CiAgICAgfQpAQCAtODczLDcgKzg5 Miw3IEBAIG91dDoKICAgICAgICAgIG5lZWRfbW9kaWZ5X3Z0ZF90YWJsZSAp CiAgICAgewogICAgICAgICBpZiAoIGlvbW11X2hhcF9wdF9zaGFyZSApCi0g ICAgICAgICAgICByYyA9IGlvbW11X3B0ZV9mbHVzaChkLCBnZm4sICZlcHRf ZW50cnktPmVwdGUsIG9yZGVyLCB2dGRfcHRlX3ByZXNlbnQpOworICAgICAg ICAgICAgcmMgPSBpb21tdV9mbHVzaF9pb3RsYihkLCBnZm4sIHZ0ZF9wdGVf cHJlc2VudCwgMXUgPDwgb3JkZXIpOwogICAgICAgICBlbHNlCiAgICAgICAg IHsKICAgICAgICAgICAgIGlmICggaW9tbXVfZmxhZ3MgKQotLS0gYS94ZW4v ZHJpdmVycy9wYXNzdGhyb3VnaC92dGQvaW9tbXUuYworKysgYi94ZW4vZHJp dmVycy9wYXNzdGhyb3VnaC92dGQvaW9tbXUuYwpAQCAtNjEyLDEwICs2MTIs OCBAQCBzdGF0aWMgaW50IF9fbXVzdF9jaGVjayBpb21tdV9mbHVzaF9hbGwo CiAgICAgcmV0dXJuIHJjOwogfQogCi1zdGF0aWMgaW50IF9fbXVzdF9jaGVj ayBpb21tdV9mbHVzaF9pb3RsYihzdHJ1Y3QgZG9tYWluICpkLAotICAgICAg ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgdW5zaWduZWQg bG9uZyBnZm4sCi0gICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAg ICAgICAgICBib29sX3QgZG1hX29sZF9wdGVfcHJlc2VudCwKLSAgICAgICAg ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIHVuc2lnbmVkIGlu dCBwYWdlX2NvdW50KQoraW50IGlvbW11X2ZsdXNoX2lvdGxiKHN0cnVjdCBk b21haW4gKmQsIHVuc2lnbmVkIGxvbmcgZ2ZuLAorICAgICAgICAgICAgICAg ICAgICAgIGJvb2wgZG1hX29sZF9wdGVfcHJlc2VudCwgdW5zaWduZWQgaW50 IHBhZ2VfY291bnQpCiB7CiAgICAgc3RydWN0IGRvbWFpbl9pb21tdSAqaGQg PSBkb21faW9tbXUoZCk7CiAgICAgc3RydWN0IGFjcGlfZHJoZF91bml0ICpk cmhkOwpAQCAtMTg3Niw1MyArMTg3NCw2IEBAIHN0YXRpYyBpbnQgX19tdXN0 X2NoZWNrIGludGVsX2lvbW11X3VubWEKICAgICByZXR1cm4gZG1hX3B0ZV9j bGVhcl9vbmUoZCwgKHBhZGRyX3QpZ2ZuIDw8IFBBR0VfU0hJRlRfNEspOwog fQogCi1pbnQgaW9tbXVfcHRlX2ZsdXNoKHN0cnVjdCBkb21haW4gKmQsIHU2 NCBnZm4sIHU2NCAqcHRlLAotICAgICAgICAgICAgICAgICAgICBpbnQgb3Jk ZXIsIGludCBwcmVzZW50KQotewotICAgIHN0cnVjdCBhY3BpX2RyaGRfdW5p dCAqZHJoZDsKLSAgICBzdHJ1Y3QgaW9tbXUgKmlvbW11ID0gTlVMTDsKLSAg ICBzdHJ1Y3QgZG9tYWluX2lvbW11ICpoZCA9IGRvbV9pb21tdShkKTsKLSAg ICBib29sX3QgZmx1c2hfZGV2X2lvdGxiOwotICAgIGludCBpb21tdV9kb21p ZDsKLSAgICBpbnQgcmMgPSAwOwotCi0gICAgaW9tbXVfc3luY19jYWNoZShw dGUsIHNpemVvZihzdHJ1Y3QgZG1hX3B0ZSkpOwotCi0gICAgZm9yX2VhY2hf ZHJoZF91bml0ICggZHJoZCApCi0gICAgewotICAgICAgICBpb21tdSA9IGRy aGQtPmlvbW11OwotICAgICAgICBpZiAoICF0ZXN0X2JpdChpb21tdS0+aW5k ZXgsICZoZC0+YXJjaC5pb21tdV9iaXRtYXApICkKLSAgICAgICAgICAgIGNv bnRpbnVlOwotCi0gICAgICAgIGZsdXNoX2Rldl9pb3RsYiA9ICEhZmluZF9h dHNfZGV2X2RyaGQoaW9tbXUpOwotICAgICAgICBpb21tdV9kb21pZD0gZG9t YWluX2lvbW11X2RvbWlkKGQsIGlvbW11KTsKLSAgICAgICAgaWYgKCBpb21t dV9kb21pZCA9PSAtMSApCi0gICAgICAgICAgICBjb250aW51ZTsKLQotICAg ICAgICByYyA9IGlvbW11X2ZsdXNoX2lvdGxiX3BzaShpb21tdSwgaW9tbXVf ZG9taWQsCi0gICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIChw YWRkcl90KWdmbiA8PCBQQUdFX1NISUZUXzRLLAotICAgICAgICAgICAgICAg ICAgICAgICAgICAgICAgICAgICBvcmRlciwgIXByZXNlbnQsIGZsdXNoX2Rl dl9pb3RsYik7Ci0gICAgICAgIGlmICggcmMgPiAwICkKLSAgICAgICAgewot ICAgICAgICAgICAgaW9tbXVfZmx1c2hfd3JpdGVfYnVmZmVyKGlvbW11KTsK LSAgICAgICAgICAgIHJjID0gMDsKLSAgICAgICAgfQotICAgIH0KLQotICAg IGlmICggdW5saWtlbHkocmMpICkKLSAgICB7Ci0gICAgICAgIGlmICggIWQt PmlzX3NodXR0aW5nX2Rvd24gJiYgcHJpbnRrX3JhdGVsaW1pdCgpICkKLSAg ICAgICAgICAgIHByaW50ayhYRU5MT0dfRVJSIFZURFBSRUZJWAotICAgICAg ICAgICAgICAgICAgICIgZCVkOiBJT01NVSBwYWdlcyBmbHVzaCBmYWlsZWQ6 ICVkXG4iLAotICAgICAgICAgICAgICAgICAgIGQtPmRvbWFpbl9pZCwgcmMp OwotCi0gICAgICAgIGlmICggIWlzX2hhcmR3YXJlX2RvbWFpbihkKSApCi0g ICAgICAgICAgICBkb21haW5fY3Jhc2goZCk7Ci0gICAgfQotCi0gICAgcmV0 dXJuIHJjOwotfQotCiBzdGF0aWMgaW50IF9faW5pdCB2dGRfZXB0X3BhZ2Vf Y29tcGF0aWJsZShzdHJ1Y3QgaW9tbXUgKmlvbW11KQogewogICAgIHU2NCBl cHRfY2FwLCB2dGRfY2FwID0gaW9tbXUtPmNhcDsKLS0tIGEveGVuL2luY2x1 ZGUvYXNtLXg4Ni9pb21tdS5oCisrKyBiL3hlbi9pbmNsdWRlL2FzbS14ODYv aW9tbXUuaApAQCAtODcsOCArODcsOSBAQCBpbnQgaW9tbXVfc2V0dXBfaHBl dF9tc2koc3RydWN0IG1zaV9kZXNjCiAKIC8qIFdoaWxlIFZULWQgc3BlY2lm aWMsIHRoaXMgbXVzdCBnZXQgZGVjbGFyZWQgaW4gYSBnZW5lcmljIGhlYWRl ci4gKi8KIGludCBhZGp1c3RfdnRkX2lycV9hZmZpbml0aWVzKHZvaWQpOwot aW50IF9fbXVzdF9jaGVjayBpb21tdV9wdGVfZmx1c2goc3RydWN0IGRvbWFp biAqZCwgdTY0IGdmbiwgdTY0ICpwdGUsCi0gICAgICAgICAgICAgICAgICAg ICAgICAgICAgICAgICBpbnQgb3JkZXIsIGludCBwcmVzZW50KTsKK2ludCBf X211c3RfY2hlY2sgaW9tbXVfZmx1c2hfaW90bGIoc3RydWN0IGRvbWFpbiAq ZCwgdW5zaWduZWQgbG9uZyBnZm4sCisgICAgICAgICAgICAgICAgICAgICAg ICAgICAgICAgICAgIGJvb2wgZG1hX29sZF9wdGVfcHJlc2VudCwKKyAgICAg ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgdW5zaWduZWQgaW50IHBh Z2VfY291bnQpOwogYm9vbF90IGlvbW11X3N1cHBvcnRzX2VpbSh2b2lkKTsK IGludCBpb21tdV9lbmFibGVfeDJhcGljX0lSKHZvaWQpOwogdm9pZCBpb21t dV9kaXNhYmxlX3gyYXBpY19JUih2b2lkKTsK --=separator Content-Type: application/octet-stream; name="xsa321/xsa321-4.10-1.patch" Content-Disposition: attachment; filename="xsa321/xsa321-4.10-1.patch" Content-Transfer-Encoding: base64 RnJvbTogSmFuIEJldWxpY2ggPGpiZXVsaWNoQHN1c2UuY29tPgpTdWJqZWN0 OiB2dGQ6IGltcHJvdmUgSU9NTVUgVExCIGZsdXNoCgpEbyBub3QgbGltaXQg UFNJIGZsdXNoZXMgdG8gb3JkZXIgMCBwYWdlcywgaW4gb3JkZXIgdG8gYXZv aWQgZG9pbmcgYQpmdWxsIFRMQiBmbHVzaCBpZiB0aGUgcGFzc2VkIGluIHBh Z2UgaGFzIGFuIG9yZGVyIGdyZWF0ZXIgdGhhbiAwIGFuZAppcyBhbGlnbmVk LiBTaG91bGQgaW5jcmVhc2UgdGhlIHBlcmZvcm1hbmNlIG9mIElPTU1VIFRM QiBmbHVzaGVzIHdoZW4KZGVhbGluZyB3aXRoIHBhZ2Ugb3JkZXJzIGdyZWF0 ZXIgdGhhbiAwLgoKVGhpcyBpcyBwYXJ0IG9mIFhTQS0zMjEuCgpTaWduZWQt b2ZmLWJ5OiBKYW4gQmV1bGljaCA8amJldWxpY2hAc3VzZS5jb20+CgotLS0g YS94ZW4vZHJpdmVycy9wYXNzdGhyb3VnaC92dGQvaW9tbXUuYworKysgYi94 ZW4vZHJpdmVycy9wYXNzdGhyb3VnaC92dGQvaW9tbXUuYwpAQCAtNjEyLDEz ICs2MTIsMTQgQEAgc3RhdGljIGludCBfX211c3RfY2hlY2sgaW9tbXVfZmx1 c2hfaW90bAogICAgICAgICBpZiAoIGlvbW11X2RvbWlkID09IC0xICkKICAg ICAgICAgICAgIGNvbnRpbnVlOwogCi0gICAgICAgIGlmICggcGFnZV9jb3Vu dCAhPSAxIHx8IGdmbiA9PSBnZm5feChJTlZBTElEX0dGTikgKQorICAgICAg ICBpZiAoICFwYWdlX2NvdW50IHx8IChwYWdlX2NvdW50ICYgKHBhZ2VfY291 bnQgLSAxKSkgfHwKKyAgICAgICAgICAgICBnZm4gPT0gZ2ZuX3goSU5WQUxJ RF9HRk4pIHx8ICFJU19BTElHTkVEKGdmbiwgcGFnZV9jb3VudCkgKQogICAg ICAgICAgICAgcmMgPSBpb21tdV9mbHVzaF9pb3RsYl9kc2koaW9tbXUsIGlv bW11X2RvbWlkLAogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAg ICAgICAgMCwgZmx1c2hfZGV2X2lvdGxiKTsKICAgICAgICAgZWxzZQogICAg ICAgICAgICAgcmMgPSBpb21tdV9mbHVzaF9pb3RsYl9wc2koaW9tbXUsIGlv bW11X2RvbWlkLAogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAg ICAgICAgKHBhZGRyX3QpZ2ZuIDw8IFBBR0VfU0hJRlRfNEssCi0gICAgICAg ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICBQQUdFX09SREVSXzRL LAorICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgZ2V0 X29yZGVyX2Zyb21fcGFnZXMocGFnZV9jb3VudCksCiAgICAgICAgICAgICAg ICAgICAgICAgICAgICAgICAgICAgICAgICAhZG1hX29sZF9wdGVfcHJlc2Vu dCwKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIGZs dXNoX2Rldl9pb3RsYik7CiAK --=separator Content-Type: application/octet-stream; name="xsa321/xsa321-4.10-2.patch" Content-Disposition: attachment; filename="xsa321/xsa321-4.10-2.patch" Content-Transfer-Encoding: base64 RnJvbTogPHNlY3VyaXR5QHhlbnByb2plY3Qub3JnPgpTdWJqZWN0OiB2dGQ6 IHBydW5lIChhbmQgcmVuYW1lKSBjYWNoZSBmbHVzaCBmdW5jdGlvbnMKClJl bmFtZSBfX2lvbW11X2ZsdXNoX2NhY2hlIHRvIGlvbW11X3N5bmNfY2FjaGUg YW5kIHJlbW92ZQppb21tdV9mbHVzaF9jYWNoZV9wYWdlLiBBbHNvIHJlbW92 ZSB0aGUgaW9tbXVfZmx1c2hfY2FjaGVfZW50cnkKd3JhcHBlciBhbmQganVz dCB1c2UgaW9tbXVfc3luY19jYWNoZSBpbnN0ZWFkLiBOb3RlIHRoZSBfZW50 cnkgc3VmZml4CndhcyBtZWFuaW5nbGVzcyBhcyB0aGUgd3JhcHBlciB3YXMg YWxyZWFkeSB0YWtpbmcgYSBzaXplIHBhcmFtZXRlciBpbgpieXRlcy4gV2hp bGUgdGhlcmUgYWxzbyBjb25zdGlmeSB0aGUgYWRkciBwYXJhbWV0ZXIuCgpO byBmdW5jdGlvbmFsIGNoYW5nZSBpbnRlbmRlZC4KClRoaXMgaXMgcGFydCBv ZiBYU0EtMzIxLgoKUmV2aWV3ZWQtYnk6IEphbiBCZXVsaWNoIDxqYmV1bGlj aEBzdXNlLmNvbT4KCi0tLSBhL3hlbi9kcml2ZXJzL3Bhc3N0aHJvdWdoL3Z0 ZC9leHRlcm4uaAorKysgYi94ZW4vZHJpdmVycy9wYXNzdGhyb3VnaC92dGQv ZXh0ZXJuLmgKQEAgLTM3LDggKzM3LDcgQEAgdm9pZCBkaXNhYmxlX3FpbnZh bChzdHJ1Y3QgaW9tbXUgKmlvbW11KQogaW50IGVuYWJsZV9pbnRyZW1hcChz dHJ1Y3QgaW9tbXUgKmlvbW11LCBpbnQgZWltKTsKIHZvaWQgZGlzYWJsZV9p bnRyZW1hcChzdHJ1Y3QgaW9tbXUgKmlvbW11KTsKIAotdm9pZCBpb21tdV9m bHVzaF9jYWNoZV9lbnRyeSh2b2lkICphZGRyLCB1bnNpZ25lZCBpbnQgc2l6 ZSk7Ci12b2lkIGlvbW11X2ZsdXNoX2NhY2hlX3BhZ2Uodm9pZCAqYWRkciwg dW5zaWduZWQgbG9uZyBucGFnZXMpOwordm9pZCBpb21tdV9zeW5jX2NhY2hl KGNvbnN0IHZvaWQgKmFkZHIsIHVuc2lnbmVkIGludCBzaXplKTsKIGludCBp b21tdV9hbGxvYyhzdHJ1Y3QgYWNwaV9kcmhkX3VuaXQgKmRyaGQpOwogdm9p ZCBpb21tdV9mcmVlKHN0cnVjdCBhY3BpX2RyaGRfdW5pdCAqZHJoZCk7CiAK LS0tIGEveGVuL2RyaXZlcnMvcGFzc3Rocm91Z2gvdnRkL2ludHJlbWFwLmMK KysrIGIveGVuL2RyaXZlcnMvcGFzc3Rocm91Z2gvdnRkL2ludHJlbWFwLmMK QEAgLTIzMSw3ICsyMzEsNyBAQCBzdGF0aWMgdm9pZCBmcmVlX3JlbWFwX2Vu dHJ5KHN0cnVjdCBpb21tCiAgICAgICAgICAgICAgICAgICAgICBpcmVtYXBf ZW50cmllcywgaXJlbWFwX2VudHJ5KTsKIAogICAgIHVwZGF0ZV9pcnRlKGlv bW11LCBpcmVtYXBfZW50cnksICZuZXdfaXJlLCBmYWxzZSk7Ci0gICAgaW9t bXVfZmx1c2hfY2FjaGVfZW50cnkoaXJlbWFwX2VudHJ5LCBzaXplb2YoKmly ZW1hcF9lbnRyeSkpOworICAgIGlvbW11X3N5bmNfY2FjaGUoaXJlbWFwX2Vu dHJ5LCBzaXplb2YoKmlyZW1hcF9lbnRyeSkpOwogICAgIGlvbW11X2ZsdXNo X2llY19pbmRleChpb21tdSwgMCwgaW5kZXgpOwogCiAgICAgdW5tYXBfdnRk X2RvbWFpbl9wYWdlKGlyZW1hcF9lbnRyaWVzKTsKQEAgLTQwMyw3ICs0MDMs NyBAQCBzdGF0aWMgaW50IGlvYXBpY19ydGVfdG9fcmVtYXBfZW50cnkoc3Ry CiAgICAgfQogCiAgICAgdXBkYXRlX2lydGUoaW9tbXUsIGlyZW1hcF9lbnRy eSwgJm5ld19pcmUsICFpbml0KTsKLSAgICBpb21tdV9mbHVzaF9jYWNoZV9l bnRyeShpcmVtYXBfZW50cnksIHNpemVvZigqaXJlbWFwX2VudHJ5KSk7Cisg ICAgaW9tbXVfc3luY19jYWNoZShpcmVtYXBfZW50cnksIHNpemVvZigqaXJl bWFwX2VudHJ5KSk7CiAgICAgaW9tbXVfZmx1c2hfaWVjX2luZGV4KGlvbW11 LCAwLCBpbmRleCk7CiAKICAgICB1bm1hcF92dGRfZG9tYWluX3BhZ2UoaXJl bWFwX2VudHJpZXMpOwpAQCAtNjk0LDcgKzY5NCw3IEBAIHN0YXRpYyBpbnQg bXNpX21zZ190b19yZW1hcF9lbnRyeSgKICAgICB1cGRhdGVfaXJ0ZShpb21t dSwgaXJlbWFwX2VudHJ5LCAmbmV3X2lyZSwgbXNpX2Rlc2MtPmlydGVfaW5p dGlhbGl6ZWQpOwogICAgIG1zaV9kZXNjLT5pcnRlX2luaXRpYWxpemVkID0g dHJ1ZTsKIAotICAgIGlvbW11X2ZsdXNoX2NhY2hlX2VudHJ5KGlyZW1hcF9l bnRyeSwgc2l6ZW9mKCppcmVtYXBfZW50cnkpKTsKKyAgICBpb21tdV9zeW5j X2NhY2hlKGlyZW1hcF9lbnRyeSwgc2l6ZW9mKCppcmVtYXBfZW50cnkpKTsK ICAgICBpb21tdV9mbHVzaF9pZWNfaW5kZXgoaW9tbXUsIDAsIGluZGV4KTsK IAogICAgIHVubWFwX3Z0ZF9kb21haW5fcGFnZShpcmVtYXBfZW50cmllcyk7 Ci0tLSBhL3hlbi9kcml2ZXJzL3Bhc3N0aHJvdWdoL3Z0ZC9pb21tdS5jCisr KyBiL3hlbi9kcml2ZXJzL3Bhc3N0aHJvdWdoL3Z0ZC9pb21tdS5jCkBAIC0x NTgsNyArMTU4LDggQEAgc3RhdGljIHZvaWQgX19pbml0IGZyZWVfaW50ZWxf aW9tbXUoc3RydQogfQogCiBzdGF0aWMgaW50IGlvbW11c19pbmNvaGVyZW50 Owotc3RhdGljIHZvaWQgX19pb21tdV9mbHVzaF9jYWNoZSh2b2lkICphZGRy LCB1bnNpZ25lZCBpbnQgc2l6ZSkKKwordm9pZCBpb21tdV9zeW5jX2NhY2hl KGNvbnN0IHZvaWQgKmFkZHIsIHVuc2lnbmVkIGludCBzaXplKQogewogICAg IGludCBpOwogICAgIHN0YXRpYyB1bnNpZ25lZCBpbnQgY2xmbHVzaF9zaXpl ID0gMDsKQEAgLTE3MywxNiArMTc0LDYgQEAgc3RhdGljIHZvaWQgX19pb21t dV9mbHVzaF9jYWNoZSh2b2lkICphZAogICAgICAgICBjYWNoZWxpbmVfZmx1 c2goKGNoYXIgKilhZGRyICsgaSk7CiB9CiAKLXZvaWQgaW9tbXVfZmx1c2hf Y2FjaGVfZW50cnkodm9pZCAqYWRkciwgdW5zaWduZWQgaW50IHNpemUpCi17 Ci0gICAgX19pb21tdV9mbHVzaF9jYWNoZShhZGRyLCBzaXplKTsKLX0KLQot dm9pZCBpb21tdV9mbHVzaF9jYWNoZV9wYWdlKHZvaWQgKmFkZHIsIHVuc2ln bmVkIGxvbmcgbnBhZ2VzKQotewotICAgIF9faW9tbXVfZmx1c2hfY2FjaGUo YWRkciwgUEFHRV9TSVpFICogbnBhZ2VzKTsKLX0KLQogLyogQWxsb2NhdGUg cGFnZSB0YWJsZSwgcmV0dXJuIGl0cyBtYWNoaW5lIGFkZHJlc3MgKi8KIHU2 NCBhbGxvY19wZ3RhYmxlX21hZGRyKHN0cnVjdCBhY3BpX2RyaGRfdW5pdCAq ZHJoZCwgdW5zaWduZWQgbG9uZyBucGFnZXMpCiB7CkBAIC0yMDcsNyArMTk4 LDcgQEAgdTY0IGFsbG9jX3BndGFibGVfbWFkZHIoc3RydWN0IGFjcGlfZHJo ZAogICAgICAgICB2YWRkciA9IF9fbWFwX2RvbWFpbl9wYWdlKGN1cl9wZyk7 CiAgICAgICAgIG1lbXNldCh2YWRkciwgMCwgUEFHRV9TSVpFKTsKIAotICAg ICAgICBpb21tdV9mbHVzaF9jYWNoZV9wYWdlKHZhZGRyLCAxKTsKKyAgICAg ICAgaW9tbXVfc3luY19jYWNoZSh2YWRkciwgUEFHRV9TSVpFKTsKICAgICAg ICAgdW5tYXBfZG9tYWluX3BhZ2UodmFkZHIpOwogICAgICAgICBjdXJfcGcr KzsKICAgICB9CkBAIC0yNDIsNyArMjMzLDcgQEAgc3RhdGljIHU2NCBidXNf dG9fY29udGV4dF9tYWRkcihzdHJ1Y3QgaQogICAgICAgICB9CiAgICAgICAg IHNldF9yb290X3ZhbHVlKCpyb290LCBtYWRkcik7CiAgICAgICAgIHNldF9y b290X3ByZXNlbnQoKnJvb3QpOwotICAgICAgICBpb21tdV9mbHVzaF9jYWNo ZV9lbnRyeShyb290LCBzaXplb2Yoc3RydWN0IHJvb3RfZW50cnkpKTsKKyAg ICAgICAgaW9tbXVfc3luY19jYWNoZShyb290LCBzaXplb2Yoc3RydWN0IHJv b3RfZW50cnkpKTsKICAgICB9CiAgICAgbWFkZHIgPSAodTY0KSBnZXRfY29u dGV4dF9hZGRyKCpyb290KTsKICAgICB1bm1hcF92dGRfZG9tYWluX3BhZ2Uo cm9vdF9lbnRyaWVzKTsKQEAgLTMwMCw3ICsyOTEsNyBAQCBzdGF0aWMgdTY0 IGFkZHJfdG9fZG1hX3BhZ2VfbWFkZHIoc3RydWN0CiAgICAgICAgICAgICAg Ki8KICAgICAgICAgICAgIGRtYV9zZXRfcHRlX3JlYWRhYmxlKCpwdGUpOwog ICAgICAgICAgICAgZG1hX3NldF9wdGVfd3JpdGFibGUoKnB0ZSk7Ci0gICAg ICAgICAgICBpb21tdV9mbHVzaF9jYWNoZV9lbnRyeShwdGUsIHNpemVvZihz dHJ1Y3QgZG1hX3B0ZSkpOworICAgICAgICAgICAgaW9tbXVfc3luY19jYWNo ZShwdGUsIHNpemVvZihzdHJ1Y3QgZG1hX3B0ZSkpOwogICAgICAgICB9CiAK ICAgICAgICAgaWYgKCBsZXZlbCA9PSAyICkKQEAgLTY3NCw3ICs2NjUsNyBA QCBzdGF0aWMgaW50IF9fbXVzdF9jaGVjayBkbWFfcHRlX2NsZWFyX29uCiAK ICAgICBkbWFfY2xlYXJfcHRlKCpwdGUpOwogICAgIHNwaW5fdW5sb2NrKCZo ZC0+YXJjaC5tYXBwaW5nX2xvY2spOwotICAgIGlvbW11X2ZsdXNoX2NhY2hl X2VudHJ5KHB0ZSwgc2l6ZW9mKHN0cnVjdCBkbWFfcHRlKSk7CisgICAgaW9t bXVfc3luY19jYWNoZShwdGUsIHNpemVvZihzdHJ1Y3QgZG1hX3B0ZSkpOwog CiAgICAgaWYgKCAhdGhpc19jcHUoaW9tbXVfZG9udF9mbHVzaF9pb3RsYikg KQogICAgICAgICByYyA9IGlvbW11X2ZsdXNoX2lvdGxiX3BhZ2VzKGRvbWFp biwgYWRkciA+PiBQQUdFX1NISUZUXzRLLCAxKTsKQEAgLTcxNiw3ICs3MDcs NyBAQCBzdGF0aWMgdm9pZCBpb21tdV9mcmVlX3BhZ2VfdGFibGUoc3RydWN0 CiAgICAgICAgICAgICBpb21tdV9mcmVlX3BhZ2V0YWJsZShkbWFfcHRlX2Fk ZHIoKnB0ZSksIG5leHRfbGV2ZWwpOwogCiAgICAgICAgIGRtYV9jbGVhcl9w dGUoKnB0ZSk7Ci0gICAgICAgIGlvbW11X2ZsdXNoX2NhY2hlX2VudHJ5KHB0 ZSwgc2l6ZW9mKHN0cnVjdCBkbWFfcHRlKSk7CisgICAgICAgIGlvbW11X3N5 bmNfY2FjaGUocHRlLCBzaXplb2Yoc3RydWN0IGRtYV9wdGUpKTsKICAgICB9 CiAKICAgICB1bm1hcF92dGRfZG9tYWluX3BhZ2UocHRfdmFkZHIpOwpAQCAt MTQ0Nyw3ICsxNDM4LDcgQEAgaW50IGRvbWFpbl9jb250ZXh0X21hcHBpbmdf b25lKAogICAgIGNvbnRleHRfc2V0X2FkZHJlc3Nfd2lkdGgoKmNvbnRleHQs IGFnYXcpOwogICAgIGNvbnRleHRfc2V0X2ZhdWx0X2VuYWJsZSgqY29udGV4 dCk7CiAgICAgY29udGV4dF9zZXRfcHJlc2VudCgqY29udGV4dCk7Ci0gICAg aW9tbXVfZmx1c2hfY2FjaGVfZW50cnkoY29udGV4dCwgc2l6ZW9mKHN0cnVj dCBjb250ZXh0X2VudHJ5KSk7CisgICAgaW9tbXVfc3luY19jYWNoZShjb250 ZXh0LCBzaXplb2Yoc3RydWN0IGNvbnRleHRfZW50cnkpKTsKICAgICBzcGlu X3VubG9jaygmaW9tbXUtPmxvY2spOwogCiAgICAgLyogQ29udGV4dCBlbnRy eSB3YXMgcHJldmlvdXNseSBub24tcHJlc2VudCAod2l0aCBkb21pZCAwKS4g Ki8KQEAgLTE1OTQsNyArMTU4NSw3IEBAIGludCBkb21haW5fY29udGV4dF91 bm1hcF9vbmUoCiAKICAgICBjb250ZXh0X2NsZWFyX3ByZXNlbnQoKmNvbnRl eHQpOwogICAgIGNvbnRleHRfY2xlYXJfZW50cnkoKmNvbnRleHQpOwotICAg IGlvbW11X2ZsdXNoX2NhY2hlX2VudHJ5KGNvbnRleHQsIHNpemVvZihzdHJ1 Y3QgY29udGV4dF9lbnRyeSkpOworICAgIGlvbW11X3N5bmNfY2FjaGUoY29u dGV4dCwgc2l6ZW9mKHN0cnVjdCBjb250ZXh0X2VudHJ5KSk7CiAKICAgICBp b21tdV9kb21pZD0gZG9tYWluX2lvbW11X2RvbWlkKGRvbWFpbiwgaW9tbXUp OwogICAgIGlmICggaW9tbXVfZG9taWQgPT0gLTEgKQpAQCAtMTgyNCw3ICsx ODE1LDcgQEAgc3RhdGljIGludCBfX211c3RfY2hlY2sgaW50ZWxfaW9tbXVf bWFwXwogCiAgICAgKnB0ZSA9IG5ldzsKIAotICAgIGlvbW11X2ZsdXNoX2Nh Y2hlX2VudHJ5KHB0ZSwgc2l6ZW9mKHN0cnVjdCBkbWFfcHRlKSk7CisgICAg aW9tbXVfc3luY19jYWNoZShwdGUsIHNpemVvZihzdHJ1Y3QgZG1hX3B0ZSkp OwogICAgIHNwaW5fdW5sb2NrKCZoZC0+YXJjaC5tYXBwaW5nX2xvY2spOwog ICAgIHVubWFwX3Z0ZF9kb21haW5fcGFnZShwYWdlKTsKIApAQCAtMTg1OCw3 ICsxODQ5LDcgQEAgaW50IGlvbW11X3B0ZV9mbHVzaChzdHJ1Y3QgZG9tYWlu ICpkLCB1NgogICAgIGludCBpb21tdV9kb21pZDsKICAgICBpbnQgcmMgPSAw OwogCi0gICAgaW9tbXVfZmx1c2hfY2FjaGVfZW50cnkocHRlLCBzaXplb2Yo c3RydWN0IGRtYV9wdGUpKTsKKyAgICBpb21tdV9zeW5jX2NhY2hlKHB0ZSwg c2l6ZW9mKHN0cnVjdCBkbWFfcHRlKSk7CiAKICAgICBmb3JfZWFjaF9kcmhk X3VuaXQgKCBkcmhkICkKICAgICB7Cg== --=separator Content-Type: application/octet-stream; name="xsa321/xsa321-4.10-3.patch" Content-Disposition: attachment; filename="xsa321/xsa321-4.10-3.patch" Content-Transfer-Encoding: base64 RnJvbTogPHNlY3VyaXR5QHhlbnByb2plY3Qub3JnPgpTdWJqZWN0OiB4ODYv aW9tbXU6IGludHJvZHVjZSBhIGNhY2hlIHN5bmMgaG9vawoKVGhlIGhvb2sg aXMgb25seSBpbXBsZW1lbnRlZCBmb3IgVlQtZCBhbmQgaXQgdXNlcyB0aGUg YWxyZWFkeSBleGlzdGluZwppb21tdV9zeW5jX2NhY2hlIGZ1bmN0aW9uIHBy ZXNlbnQgaW4gVlQtZCBjb2RlLiBUaGUgbmV3IGhvb2sgaXMKYWRkZWQgc28g dGhhdCB0aGUgY2FjaGUgY2FuIGJlIGZsdXNoZWQgYnkgY29kZSBvdXRzaWRl IG9mIFZULWQgd2hlbgp1c2luZyBzaGFyZWQgcGFnZSB0YWJsZXMuCgpOb3Rl IHRoYXQgYWxsb2NfcGd0YWJsZV9tYWRkciBtdXN0IHVzZSB0aGUgbm93IGxv Y2FsbHkgZGVmaW5lZApzeW5jX2NhY2hlIGZ1bmN0aW9uLCBiZWNhdXNlIElP TU1VIG9wcyBhcmUgbm90IHlldCBzZXR1cCB0aGUgZmlyc3QKdGltZSB0aGUg ZnVuY3Rpb24gZ2V0cyBjYWxsZWQgZHVyaW5nIElPTU1VIGluaXRpYWxpemF0 aW9uLgoKTm8gZnVuY3Rpb25hbCBjaGFuZ2UgaW50ZW5kZWQuCgpUaGlzIGlz IHBhcnQgb2YgWFNBLTMyMS4KClJldmlld2VkLWJ5OiBKYW4gQmV1bGljaCA8 amJldWxpY2hAc3VzZS5jb20+CgotLS0gYS94ZW4vZHJpdmVycy9wYXNzdGhy b3VnaC92dGQvZXh0ZXJuLmgKKysrIGIveGVuL2RyaXZlcnMvcGFzc3Rocm91 Z2gvdnRkL2V4dGVybi5oCkBAIC0zNyw3ICszNyw2IEBAIHZvaWQgZGlzYWJs ZV9xaW52YWwoc3RydWN0IGlvbW11ICppb21tdSkKIGludCBlbmFibGVfaW50 cmVtYXAoc3RydWN0IGlvbW11ICppb21tdSwgaW50IGVpbSk7CiB2b2lkIGRp c2FibGVfaW50cmVtYXAoc3RydWN0IGlvbW11ICppb21tdSk7CiAKLXZvaWQg aW9tbXVfc3luY19jYWNoZShjb25zdCB2b2lkICphZGRyLCB1bnNpZ25lZCBp bnQgc2l6ZSk7CiBpbnQgaW9tbXVfYWxsb2Moc3RydWN0IGFjcGlfZHJoZF91 bml0ICpkcmhkKTsKIHZvaWQgaW9tbXVfZnJlZShzdHJ1Y3QgYWNwaV9kcmhk X3VuaXQgKmRyaGQpOwogCi0tLSBhL3hlbi9kcml2ZXJzL3Bhc3N0aHJvdWdo L3Z0ZC9pb21tdS5jCisrKyBiL3hlbi9kcml2ZXJzL3Bhc3N0aHJvdWdoL3Z0 ZC9pb21tdS5jCkBAIC0xNTksNyArMTU5LDcgQEAgc3RhdGljIHZvaWQgX19p bml0IGZyZWVfaW50ZWxfaW9tbXUoc3RydQogCiBzdGF0aWMgaW50IGlvbW11 c19pbmNvaGVyZW50OwogCi12b2lkIGlvbW11X3N5bmNfY2FjaGUoY29uc3Qg dm9pZCAqYWRkciwgdW5zaWduZWQgaW50IHNpemUpCitzdGF0aWMgdm9pZCBz eW5jX2NhY2hlKGNvbnN0IHZvaWQgKmFkZHIsIHVuc2lnbmVkIGludCBzaXpl KQogewogICAgIGludCBpOwogICAgIHN0YXRpYyB1bnNpZ25lZCBpbnQgY2xm bHVzaF9zaXplID0gMDsKQEAgLTE5OCw3ICsxOTgsNyBAQCB1NjQgYWxsb2Nf cGd0YWJsZV9tYWRkcihzdHJ1Y3QgYWNwaV9kcmhkCiAgICAgICAgIHZhZGRy ID0gX19tYXBfZG9tYWluX3BhZ2UoY3VyX3BnKTsKICAgICAgICAgbWVtc2V0 KHZhZGRyLCAwLCBQQUdFX1NJWkUpOwogCi0gICAgICAgIGlvbW11X3N5bmNf Y2FjaGUodmFkZHIsIFBBR0VfU0laRSk7CisgICAgICAgIHN5bmNfY2FjaGUo dmFkZHIsIFBBR0VfU0laRSk7CiAgICAgICAgIHVubWFwX2RvbWFpbl9wYWdl KHZhZGRyKTsKICAgICAgICAgY3VyX3BnKys7CiAgICAgfQpAQCAtMjY5Niw2 ICsyNjk2LDcgQEAgY29uc3Qgc3RydWN0IGlvbW11X29wcyBpbnRlbF9pb21t dV9vcHMgPQogICAgIC5pb3RsYl9mbHVzaF9hbGwgPSBpb21tdV9mbHVzaF9p b3RsYl9hbGwsCiAgICAgLmdldF9yZXNlcnZlZF9kZXZpY2VfbWVtb3J5ID0g aW50ZWxfaW9tbXVfZ2V0X3Jlc2VydmVkX2RldmljZV9tZW1vcnksCiAgICAg LmR1bXBfcDJtX3RhYmxlID0gdnRkX2R1bXBfcDJtX3RhYmxlLAorICAgIC5z eW5jX2NhY2hlID0gc3luY19jYWNoZSwKIH07CiAKIC8qCi0tLSBhL3hlbi9p bmNsdWRlL2FzbS14ODYvaW9tbXUuaAorKysgYi94ZW4vaW5jbHVkZS9hc20t eDg2L2lvbW11LmgKQEAgLTk4LDYgKzk4LDEzIEBAIGV4dGVybiBib29sIHVu dHJ1c3RlZF9tc2k7CiBpbnQgcGlfdXBkYXRlX2lydGUoY29uc3Qgc3RydWN0 IHBpX2Rlc2MgKnBpX2Rlc2MsIGNvbnN0IHN0cnVjdCBwaXJxICpwaXJxLAog ICAgICAgICAgICAgICAgICAgIGNvbnN0IHVpbnQ4X3QgZ3ZlYyk7CiAKKyNk ZWZpbmUgaW9tbXVfc3luY19jYWNoZShhZGRyLCBzaXplKSAoeyAgICAgICAg ICAgICAgICAgXAorICAgIGNvbnN0IHN0cnVjdCBpb21tdV9vcHMgKm9wcyA9 IGlvbW11X2dldF9vcHMoKTsgICAgICBcCisgICAgICAgICAgICAgICAgICAg ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIFwKKyAgICBp ZiAoIG9wcy0+c3luY19jYWNoZSApICAgICAgICAgICAgICAgICAgICAgICAg ICAgICAgXAorICAgICAgICBvcHMtPnN5bmNfY2FjaGUoYWRkciwgc2l6ZSk7 ICAgICAgICAgICAgICAgICAgICBcCit9KQorCiAjZW5kaWYgLyogIV9fQVJD SF9YODZfSU9NTVVfSF9fICovCiAvKgogICogTG9jYWwgdmFyaWFibGVzOgot LS0gYS94ZW4vaW5jbHVkZS94ZW4vaW9tbXUuaAorKysgYi94ZW4vaW5jbHVk ZS94ZW4vaW9tbXUuaApAQCAtMTYwLDYgKzE2MCw3IEBAIHN0cnVjdCBpb21t dV9vcHMgewogICAgIHZvaWQgKCp1cGRhdGVfaXJlX2Zyb21fYXBpYykodW5z aWduZWQgaW50IGFwaWMsIHVuc2lnbmVkIGludCByZWcsIHVuc2lnbmVkIGlu dCB2YWx1ZSk7CiAgICAgdW5zaWduZWQgaW50ICgqcmVhZF9hcGljX2Zyb21f aXJlKSh1bnNpZ25lZCBpbnQgYXBpYywgdW5zaWduZWQgaW50IHJlZyk7CiAg ICAgaW50ICgqc2V0dXBfaHBldF9tc2kpKHN0cnVjdCBtc2lfZGVzYyAqKTsK KyAgICB2b2lkICgqc3luY19jYWNoZSkoY29uc3Qgdm9pZCAqYWRkciwgdW5z aWduZWQgaW50IHNpemUpOwogI2VuZGlmIC8qIENPTkZJR19YODYgKi8KICAg ICBpbnQgX19tdXN0X2NoZWNrICgqc3VzcGVuZCkodm9pZCk7CiAgICAgdm9p ZCAoKnJlc3VtZSkodm9pZCk7Cg== --=separator Content-Type: application/octet-stream; name="xsa321/xsa321-4.10-4.patch" Content-Disposition: attachment; filename="xsa321/xsa321-4.10-4.patch" Content-Transfer-Encoding: base64 RnJvbTogPHNlY3VyaXR5QHhlbnByb2plY3Qub3JnPgpTdWJqZWN0OiB2dGQ6 IGRvbid0IGFzc3VtZSBhZGRyZXNzZXMgYXJlIGFsaWduZWQgaW4gc3luY19j YWNoZQoKQ3VycmVudCBjb2RlIGluIHN5bmNfY2FjaGUgYXNzdW1lIHRoYXQg dGhlIGFkZHJlc3MgcGFzc2VkIGluIGlzCmFsaWduZWQgdG8gYSBjYWNoZSBs aW5lIHNpemUuIEZpeCB0aGUgY29kZSB0byBzdXBwb3J0IHBhc3NpbmcgaW4K YXJiaXRyYXJ5IGFkZHJlc3NlcyBub3QgbmVjZXNzYXJpbHkgYWxpZ25lZCB0 byBhIGNhY2hlIGxpbmUgc2l6ZS4KClRoaXMgaXMgcGFydCBvZiBYU0EtMzIx LgoKUmV2aWV3ZWQtYnk6IEphbiBCZXVsaWNoIDxqYmV1bGljaEBzdXNlLmNv bT4KCi0tLSBhL3hlbi9kcml2ZXJzL3Bhc3N0aHJvdWdoL3Z0ZC9pb21tdS5j CisrKyBiL3hlbi9kcml2ZXJzL3Bhc3N0aHJvdWdoL3Z0ZC9pb21tdS5jCkBA IC0xNjEsOCArMTYxLDggQEAgc3RhdGljIGludCBpb21tdXNfaW5jb2hlcmVu dDsKIAogc3RhdGljIHZvaWQgc3luY19jYWNoZShjb25zdCB2b2lkICphZGRy LCB1bnNpZ25lZCBpbnQgc2l6ZSkKIHsKLSAgICBpbnQgaTsKLSAgICBzdGF0 aWMgdW5zaWduZWQgaW50IGNsZmx1c2hfc2l6ZSA9IDA7CisgICAgc3RhdGlj IHVuc2lnbmVkIGxvbmcgY2xmbHVzaF9zaXplID0gMDsKKyAgICBjb25zdCB2 b2lkICplbmQgPSBhZGRyICsgc2l6ZTsKIAogICAgIGlmICggIWlvbW11c19p bmNvaGVyZW50ICkKICAgICAgICAgcmV0dXJuOwpAQCAtMTcwLDggKzE3MCw5 IEBAIHN0YXRpYyB2b2lkIHN5bmNfY2FjaGUoY29uc3Qgdm9pZCAqYWRkciwK ICAgICBpZiAoIGNsZmx1c2hfc2l6ZSA9PSAwICkKICAgICAgICAgY2xmbHVz aF9zaXplID0gZ2V0X2NhY2hlX2xpbmVfc2l6ZSgpOwogCi0gICAgZm9yICgg aSA9IDA7IGkgPCBzaXplOyBpICs9IGNsZmx1c2hfc2l6ZSApCi0gICAgICAg IGNhY2hlbGluZV9mbHVzaCgoY2hhciAqKWFkZHIgKyBpKTsKKyAgICBhZGRy IC09ICh1bnNpZ25lZCBsb25nKWFkZHIgJiAoY2xmbHVzaF9zaXplIC0gMSk7 CisgICAgZm9yICggOyBhZGRyIDwgZW5kOyBhZGRyICs9IGNsZmx1c2hfc2l6 ZSApCisgICAgICAgIGNhY2hlbGluZV9mbHVzaCgoY2hhciAqKWFkZHIpOwog fQogCiAvKiBBbGxvY2F0ZSBwYWdlIHRhYmxlLCByZXR1cm4gaXRzIG1hY2hp bmUgYWRkcmVzcyAqLwo= --=separator Content-Type: application/octet-stream; name="xsa321/xsa321-4.10-5.patch" Content-Disposition: attachment; filename="xsa321/xsa321-4.10-5.patch" Content-Transfer-Encoding: base64 RnJvbTogPHNlY3VyaXR5QHhlbnByb2plY3Qub3JnPgpTdWJqZWN0OiB4ODYv YWx0ZXJuYXRpdmU6IGludHJvZHVjZSBhbHRlcm5hdGl2ZV8yCgpJdCdzIGJh c2VkIG9uIGFsdGVybmF0aXZlX2lvXzIgd2l0aG91dCBpbnB1dHMgb3Igb3V0 cHV0cyBidXQgd2l0aCBhbgphZGRlZCBtZW1vcnkgY2xvYmJlci4KClRoaXMg aXMgcGFydCBvZiBYU0EtMzIxLgoKQWNrZWQtYnk6IEphbiBCZXVsaWNoIDxq YmV1bGljaEBzdXNlLmNvbT4KCi0tLSBhL3hlbi9pbmNsdWRlL2FzbS14ODYv YWx0ZXJuYXRpdmUuaAorKysgYi94ZW4vaW5jbHVkZS9hc20teDg2L2FsdGVy bmF0aXZlLmgKQEAgLTg1LDYgKzg1LDExIEBAIGV4dGVybiB2b2lkIGFsdGVy bmF0aXZlX2luc3RydWN0aW9ucyh2b2kKICNkZWZpbmUgYWx0ZXJuYXRpdmUo b2xkaW5zdHIsIG5ld2luc3RyLCBmZWF0dXJlKSAgICAgICAgICAgICAgICAg ICAgICAgIFwKICAgICAgICAgYXNtIHZvbGF0aWxlIChBTFRFUk5BVElWRShv bGRpbnN0ciwgbmV3aW5zdHIsIGZlYXR1cmUpIDogOiA6ICJtZW1vcnkiKQog CisjZGVmaW5lIGFsdGVybmF0aXZlXzIob2xkaW5zdHIsIG5ld2luc3RyMSwg ZmVhdHVyZTEsIG5ld2luc3RyMiwgZmVhdHVyZTIpIFwKKwlhc20gdm9sYXRp bGUgKEFMVEVSTkFUSVZFXzIob2xkaW5zdHIsIG5ld2luc3RyMSwgZmVhdHVy ZTEsCVwKKwkJCQkgICAgbmV3aW5zdHIyLCBmZWF0dXJlMikJCVwKKwkJICAg ICAgOiA6IDogIm1lbW9yeSIpCisKIC8qCiAgKiBBbHRlcm5hdGl2ZSBpbmxp bmUgYXNzZW1ibHkgd2l0aCBpbnB1dC4KICAqCg== --=separator Content-Type: application/octet-stream; name="xsa321/xsa321-4.10-6.patch" Content-Disposition: attachment; filename="xsa321/xsa321-4.10-6.patch" Content-Transfer-Encoding: base64 RnJvbTogPHNlY3VyaXR5QHhlbnByb2plY3Qub3JnPgpTdWJqZWN0OiB2dGQ6 IG9wdGltaXplIENQVSBjYWNoZSBzeW5jCgpTb21lIFZULWQgSU9NTVVzIGFy ZSBub24tY29oZXJlbnQsIHdoaWNoIHJlcXVpcmVzIGEgY2FjaGUgd3JpdGUg YmFjawppbiBvcmRlciBmb3IgdGhlIGNoYW5nZXMgbWFkZSBieSB0aGUgQ1BV IHRvIGJlIHZpc2libGUgdG8gdGhlIElPTU1VLgpUaGlzIGNhY2hlIHdyaXRl IGJhY2sgd2FzIHVuY29uZGl0aW9uYWxseSBkb25lIHVzaW5nIGNsZmx1c2gs IGJ1dCB0aGVyZSBhcmUKb3RoZXIgbW9yZSBlZmZpY2llbnQgaW5zdHJ1Y3Rp b25zIHRvIGRvIHNvLCBoZW5jZSBpbXBsZW1lbnQgc3VwcG9ydApmb3IgdGhl bSB1c2luZyB0aGUgYWx0ZXJuYXRpdmUgZnJhbWV3b3JrLgoKVGhpcyBpcyBw YXJ0IG9mIFhTQS0zMjEuCgpSZXZpZXdlZC1ieTogSmFuIEJldWxpY2ggPGpi ZXVsaWNoQHN1c2UuY29tPgoKLS0tIGEveGVuL2RyaXZlcnMvcGFzc3Rocm91 Z2gvdnRkL2V4dGVybi5oCisrKyBiL3hlbi9kcml2ZXJzL3Bhc3N0aHJvdWdo L3Z0ZC9leHRlcm4uaApAQCAtNjMsNyArNjMsNiBAQCBpbnQgX19tdXN0X2No ZWNrIHFpbnZhbF9kZXZpY2VfaW90bGJfc3luCiAgICAgICAgICAgICAgICAg ICAgICAgICAgICAgICAgICAgICAgICAgICB1MTYgZGlkLCB1MTYgc2l6ZSwg dTY0IGFkZHIpOwogCiB1bnNpZ25lZCBpbnQgZ2V0X2NhY2hlX2xpbmVfc2l6 ZSh2b2lkKTsKLXZvaWQgY2FjaGVsaW5lX2ZsdXNoKGNoYXIgKik7CiB2b2lk IGZsdXNoX2FsbF9jYWNoZSh2b2lkKTsKIAogdTY0IGFsbG9jX3BndGFibGVf bWFkZHIoc3RydWN0IGFjcGlfZHJoZF91bml0ICpkcmhkLCB1bnNpZ25lZCBs b25nIG5wYWdlcyk7Ci0tLSBhL3hlbi9kcml2ZXJzL3Bhc3N0aHJvdWdoL3Z0 ZC9pb21tdS5jCisrKyBiL3hlbi9kcml2ZXJzL3Bhc3N0aHJvdWdoL3Z0ZC9p b21tdS5jCkBAIC0zMSw2ICszMSw3IEBACiAjaW5jbHVkZSA8eGVuL3BjaV9y ZWdzLmg+CiAjaW5jbHVkZSA8eGVuL2tleWhhbmRsZXIuaD4KICNpbmNsdWRl IDxhc20vbXNpLmg+CisjaW5jbHVkZSA8YXNtL25vcHMuaD4KICNpbmNsdWRl IDxhc20vaXJxLmg+CiAjaW5jbHVkZSA8YXNtL2h2bS92bXgvdm14Lmg+CiAj aW5jbHVkZSA8YXNtL3AybS5oPgpAQCAtMTcyLDcgKzE3Myw0MiBAQCBzdGF0 aWMgdm9pZCBzeW5jX2NhY2hlKGNvbnN0IHZvaWQgKmFkZHIsCiAKICAgICBh ZGRyIC09ICh1bnNpZ25lZCBsb25nKWFkZHIgJiAoY2xmbHVzaF9zaXplIC0g MSk7CiAgICAgZm9yICggOyBhZGRyIDwgZW5kOyBhZGRyICs9IGNsZmx1c2hf c2l6ZSApCi0gICAgICAgIGNhY2hlbGluZV9mbHVzaCgoY2hhciAqKWFkZHIp OworLyoKKyAqIFRoZSBhcmd1bWVudHMgdG8gYSBtYWNybyBtdXN0IG5vdCBp bmNsdWRlIHByZXByb2Nlc3NvciBkaXJlY3RpdmVzLiBEb2luZyBzbworICog cmVzdWx0cyBpbiB1bmRlZmluZWQgYmVoYXZpb3IsIHNvIHdlIGhhdmUgdG8g Y3JlYXRlIHNvbWUgZGVmaW5lcyBoZXJlIGluCisgKiBvcmRlciB0byBhdm9p ZCBpdC4KKyAqLworI2lmIGRlZmluZWQoSEFWRV9BU19DTFdCKQorIyBkZWZp bmUgQ0xXQl9FTkNPRElORyAiY2x3YiAlW3BdIgorI2VsaWYgZGVmaW5lZChI QVZFX0FTX1hTQVZFT1BUKQorIyBkZWZpbmUgQ0xXQl9FTkNPRElORyAiZGF0 YTE2IHhzYXZlb3B0ICVbcF0iIC8qIGNsd2IgKi8KKyNlbHNlCisjIGRlZmlu ZSBDTFdCX0VOQ09ESU5HICIuYnl0ZSAweDY2LCAweDBmLCAweGFlLCAweDMw IiAvKiBjbHdiICglJXJheCkgKi8KKyNlbmRpZgorCisjZGVmaW5lIEJBU0Vf SU5QVVQoYWRkcikgW3BdICJtIiAoKihjb25zdCBjaGFyICopKGFkZHIpKQor I2lmIGRlZmluZWQoSEFWRV9BU19DTFdCKSB8fCBkZWZpbmVkKEhBVkVfQVNf WFNBVkVPUFQpCisjIGRlZmluZSBJTlBVVCBCQVNFX0lOUFVUCisjZWxzZQor IyBkZWZpbmUgSU5QVVQoYWRkcikgImEiIChhZGRyKSwgQkFTRV9JTlBVVChh ZGRyKQorI2VuZGlmCisgICAgICAgIC8qCisgICAgICAgICAqIE5vdGUgcmVn YXJkaW5nIHRoZSB1c2Ugb2YgTk9QX0RTX1BSRUZJWDogaXQncyBmYXN0ZXIg dG8gZG8gYSBjbGZsdXNoCisgICAgICAgICAqICsgcHJlZml4IHRoYW4gYSBj bGZsdXNoICsgbm9wLCBhbmQgaGVuY2UgdGhlIHByZWZpeCBpcyBhZGRlZCBp bnN0ZWFkCisgICAgICAgICAqIG9mIGxldHRpbmcgdGhlIGFsdGVybmF0aXZl IGZyYW1ld29yayBmaWxsIHRoZSBnYXAgYnkgYXBwZW5kaW5nIG5vcHMuCisg ICAgICAgICAqLworICAgICAgICBhbHRlcm5hdGl2ZV9pb18yKCIuYnl0ZSAi IF9fc3RyaW5naWZ5KE5PUF9EU19QUkVGSVgpICI7IGNsZmx1c2ggJVtwXSIs CisgICAgICAgICAgICAgICAgICAgICAgICAgImRhdGExNiBjbGZsdXNoICVb cF0iLCAvKiBjbGZsdXNob3B0ICovCisgICAgICAgICAgICAgICAgICAgICAg ICAgWDg2X0ZFQVRVUkVfQ0xGTFVTSE9QVCwKKyAgICAgICAgICAgICAgICAg ICAgICAgICBDTFdCX0VOQ09ESU5HLAorICAgICAgICAgICAgICAgICAgICAg ICAgIFg4Nl9GRUFUVVJFX0NMV0IsIC8qIG5vIG91dHB1dHMgKi8sCisgICAg ICAgICAgICAgICAgICAgICAgICAgSU5QVVQoYWRkcikpOworI3VuZGVmIElO UFVUCisjdW5kZWYgQkFTRV9JTlBVVAorI3VuZGVmIENMV0JfRU5DT0RJTkcK KworICAgIGFsdGVybmF0aXZlXzIoQVNNX05PUDMsICJzZmVuY2UiLCBYODZf RkVBVFVSRV9DTEZMVVNIT1BULAorICAgICAgICAgICAgICAgICAgICAgICAg ICAgICJzZmVuY2UiLCBYODZfRkVBVFVSRV9DTFdCKTsKIH0KIAogLyogQWxs b2NhdGUgcGFnZSB0YWJsZSwgcmV0dXJuIGl0cyBtYWNoaW5lIGFkZHJlc3Mg Ki8KLS0tIGEveGVuL2RyaXZlcnMvcGFzc3Rocm91Z2gvdnRkL3g4Ni92dGQu YworKysgYi94ZW4vZHJpdmVycy9wYXNzdGhyb3VnaC92dGQveDg2L3Z0ZC5j CkBAIC01MywxMSArNTMsNiBAQCB1bnNpZ25lZCBpbnQgZ2V0X2NhY2hlX2xp bmVfc2l6ZSh2b2lkKQogICAgIHJldHVybiAoKGNwdWlkX2VieCgxKSA+PiA4 KSAmIDB4ZmYpICogODsKIH0KIAotdm9pZCBjYWNoZWxpbmVfZmx1c2goY2hh ciAqIGFkZHIpCi17Ci0gICAgY2xmbHVzaChhZGRyKTsKLX0KLQogdm9pZCBm bHVzaF9hbGxfY2FjaGUoKQogewogICAgIHdiaW52ZCgpOwo= --=separator Content-Type: application/octet-stream; name="xsa321/xsa321-4.10-7.patch" Content-Disposition: attachment; filename="xsa321/xsa321-4.10-7.patch" Content-Transfer-Encoding: base64 RnJvbTogPHNlY3VyaXR5QHhlbnByb2plY3Qub3JnPgpTdWJqZWN0OiB4ODYv ZXB0OiBmbHVzaCBjYWNoZSB3aGVuIG1vZGlmeWluZyBQVEVzIGFuZCBzaGFy aW5nIHBhZ2UgdGFibGVzCgpNb2RpZmljYXRpb25zIG1hZGUgdG8gdGhlIHBh Z2UgdGFibGVzIGJ5IEVQVCBjb2RlIG5lZWQgdG8gYmUgd3JpdHRlbgp0byBt ZW1vcnkgd2hlbiB0aGUgcGFnZSB0YWJsZXMgYXJlIHNoYXJlZCB3aXRoIHRo ZSBJT01NVSwgYXMgSW50ZWwKSU9NTVVzIGNhbiBiZSBub24tY29oZXJlbnQg YW5kIHRodXMgcmVxdWlyZSBjaGFuZ2VzIHRvIGJlIHdyaXR0ZW4gdG8KbWVt b3J5IGluIG9yZGVyIHRvIGJlIHZpc2libGUgdG8gdGhlIElPTU1VLgoKSW4g b3JkZXIgdG8gYWNoaWV2ZSB0aGlzIG1ha2Ugc3VyZSBkYXRhIGlzIHdyaXR0 ZW4gYmFjayB0byBtZW1vcnkKYWZ0ZXIgd3JpdGluZyBhbiBFUFQgZW50cnkg d2hlbiB0aGUgcmVjYWxjIGJpdCBpcyBub3Qgc2V0IGluCmF0b21pY193cml0 ZV9lcHRfZW50cnkuIElmIHN1Y2ggYml0IGlzIHNldCwgdGhlIGVudHJ5IHdp bGwgYmUKYWRqdXN0ZWQgYW5kIGF0b21pY193cml0ZV9lcHRfZW50cnkgd2ls bCBiZSBjYWxsZWQgYSBzZWNvbmQgdGltZQp3aXRob3V0IHRoZSByZWNhbGMg Yml0IHNldC4gTm90ZSB0aGF0IHdoZW4gc3BsaXR0aW5nIGEgc3VwZXIgcGFn ZSB0aGUKbmV3IHRhYmxlcyByZXN1bHRpbmcgb2YgdGhlIHNwbGl0IHNob3Vs ZCBhbHNvIGJlIHdyaXR0ZW4gYmFjay4KCkZhaWx1cmUgdG8gZG8gc28gY2Fu IGFsbG93IGRldmljZXMgYmVoaW5kIHRoZSBJT01NVSBhY2Nlc3MgdG8gdGhl CnN0YWxlIHN1cGVyIHBhZ2UsIG9yIGNhdXNlIGNvaGVyZW5jeSBpc3N1ZXMg YXMgY2hhbmdlcyBtYWRlIGJ5IHRoZQpwcm9jZXNzb3IgdG8gdGhlIHBhZ2Ug dGFibGVzIGFyZSBub3QgdmlzaWJsZSB0byB0aGUgSU9NTVUuCgpUaGlzIGFs bG93cyB0byByZW1vdmUgdGhlIFZULWQgc3BlY2lmaWMgaW9tbXVfcHRlX2Zs dXNoIGhlbHBlciwgc2luY2UKdGhlIGNhY2hlIHdyaXRlIGJhY2sgaXMgbm93 IHBlcmZvcm1lZCBieSBhdG9taWNfd3JpdGVfZXB0X2VudHJ5LCBhbmQKaGVu Y2UgaW9tbXVfaW90bGJfZmx1c2ggY2FuIGJlIHVzZWQgdG8gZmx1c2ggdGhl IElPTU1VIFRMQi4gVGhlIG5ld2x5CnVzZWQgbWV0aG9kIChpb21tdV9pb3Rs Yl9mbHVzaCkgY2FuIHJlc3VsdCBpbiBsZXNzIGZsdXNoZXMsIHNpbmNlIGl0 Cm1pZ2h0IHNvbWV0aW1lcyBiZSBjYWxsZWQgcmlnaHRseSB3aXRoIDAgZmxh Z3MsIGluIHdoaWNoIGNhc2UgaXQKYmVjb21lcyBhIG5vLW9wLgoKVGhpcyBp cyBwYXJ0IG9mIFhTQS0zMjEuCgpSZXZpZXdlZC1ieTogSmFuIEJldWxpY2gg PGpiZXVsaWNoQHN1c2UuY29tPgoKLS0tIGEveGVuL2FyY2gveDg2L21tL3Ay bS1lcHQuYworKysgYi94ZW4vYXJjaC94ODYvbW0vcDJtLWVwdC5jCkBAIC05 MCw2ICs5MCwxOSBAQCBzdGF0aWMgaW50IGF0b21pY193cml0ZV9lcHRfZW50 cnkoZXB0X2VuCiAKICAgICB3cml0ZV9hdG9taWMoJmVudHJ5cHRyLT5lcHRl LCBuZXcuZXB0ZSk7CiAKKyAgICAvKgorICAgICAqIFRoZSByZWNhbGMgZmll bGQgb24gdGhlIEVQVCBpcyB1c2VkIHRvIHNpZ25hbCBlaXRoZXIgdGhhdCBh CisgICAgICogcmVjYWxjdWxhdGlvbiBvZiB0aGUgRU1UIGZpZWxkIGlzIHJl cXVpcmVkICh3aGljaCBkb2Vzbid0IGVmZmVjdCB0aGUKKyAgICAgKiBJT01N VSksIG9yIGEgdHlwZSBjaGFuZ2UuIFR5cGUgY2hhbmdlcyBjYW4gb25seSBi ZSBiZXR3ZWVuIHJhbV9ydywKKyAgICAgKiBsb2dkaXJ0eSBhbmQgaW9yZXFf c2VydmVyOiBjaGFuZ2VzIHRvL2Zyb20gbG9nZGlydHkgd29uJ3Qgd29yayB3 ZWxsIHdpdGgKKyAgICAgKiBhbiBJT01NVSBhbnl3YXksIGFzIElPTU1VICNQ RnMgYXJlIG5vdCBzeW5jaHJvbm91cyBhbmQgd2lsbCBsZWFkIHRvCisgICAg ICogYWJvcnRzLCBhbmQgY2hhbmdlcyB0by9mcm9tIGlvcmVxX3NlcnZlciBh cmUgYWxyZWFkeSBmdWxseSBmbHVzaGVkCisgICAgICogYmVmb3JlIHJldHVy bmluZyB0byBndWVzdCBjb250ZXh0IChzZWUKKyAgICAgKiBYRU5fRE1PUF9t YXBfbWVtX3R5cGVfdG9faW9yZXFfc2VydmVyKS4KKyAgICAgKi8KKyAgICBp ZiAoICFuZXcucmVjYWxjICYmIGlvbW11X2hhcF9wdF9zaGFyZSApCisgICAg ICAgIGlvbW11X3N5bmNfY2FjaGUoZW50cnlwdHIsIHNpemVvZigqZW50cnlw dHIpKTsKKwogICAgIGlmICggdW5saWtlbHkob2xkbWZuICE9IG1mbl94KElO VkFMSURfTUZOKSkgKQogICAgICAgICBwdXRfcGFnZShtZm5fdG9fcGFnZShv bGRtZm4pKTsKIApAQCAtMzE5LDYgKzMzMiw5IEBAIHN0YXRpYyBib29sX3Qg ZXB0X3NwbGl0X3N1cGVyX3BhZ2Uoc3RydWMKICAgICAgICAgICAgIGJyZWFr OwogICAgIH0KIAorICAgIGlmICggaW9tbXVfaGFwX3B0X3NoYXJlICkKKyAg ICAgICAgaW9tbXVfc3luY19jYWNoZSh0YWJsZSwgRVBUX1BBR0VUQUJMRV9F TlRSSUVTICogc2l6ZW9mKGVwdF9lbnRyeV90KSk7CisKICAgICB1bm1hcF9k b21haW5fcGFnZSh0YWJsZSk7CiAKICAgICAvKiBFdmVuIGZhaWxlZCB3ZSBz aG91bGQgaW5zdGFsbCB0aGUgbmV3bHkgYWxsb2NhdGVkIGVwdCBwYWdlLiAq LwpAQCAtMzc4LDYgKzM5NCw5IEBAIHN0YXRpYyBpbnQgZXB0X25leHRfbGV2 ZWwoc3RydWN0IHAybV9kb20KICAgICAgICAgaWYgKCAhbmV4dCApCiAgICAg ICAgICAgICByZXR1cm4gR1VFU1RfVEFCTEVfTUFQX0ZBSUxFRDsKIAorICAg ICAgICBpZiAoIGlvbW11X2hhcF9wdF9zaGFyZSApCisgICAgICAgICAgICBp b21tdV9zeW5jX2NhY2hlKG5leHQsIEVQVF9QQUdFVEFCTEVfRU5UUklFUyAq IHNpemVvZihlcHRfZW50cnlfdCkpOworCiAgICAgICAgIHJjID0gYXRvbWlj X3dyaXRlX2VwdF9lbnRyeShlcHRfZW50cnksIGUsIG5leHRfbGV2ZWwpOwog ICAgICAgICBBU1NFUlQocmMgPT0gMCk7CiAgICAgfQpAQCAtODc0LDcgKzg5 Myw3IEBAIG91dDoKICAgICAgICAgIG5lZWRfbW9kaWZ5X3Z0ZF90YWJsZSAp CiAgICAgewogICAgICAgICBpZiAoIGlvbW11X2hhcF9wdF9zaGFyZSApCi0g ICAgICAgICAgICByYyA9IGlvbW11X3B0ZV9mbHVzaChkLCBnZm4sICZlcHRf ZW50cnktPmVwdGUsIG9yZGVyLCB2dGRfcHRlX3ByZXNlbnQpOworICAgICAg ICAgICAgcmMgPSBpb21tdV9mbHVzaF9pb3RsYihkLCBnZm4sIHZ0ZF9wdGVf cHJlc2VudCwgMXUgPDwgb3JkZXIpOwogICAgICAgICBlbHNlCiAgICAgICAg IHsKICAgICAgICAgICAgIGlmICggaW9tbXVfZmxhZ3MgKQotLS0gYS94ZW4v ZHJpdmVycy9wYXNzdGhyb3VnaC92dGQvaW9tbXUuYworKysgYi94ZW4vZHJp dmVycy9wYXNzdGhyb3VnaC92dGQvaW9tbXUuYwpAQCAtNjEyLDEwICs2MTIs OCBAQCBzdGF0aWMgaW50IF9fbXVzdF9jaGVjayBpb21tdV9mbHVzaF9hbGwo CiAgICAgcmV0dXJuIHJjOwogfQogCi1zdGF0aWMgaW50IF9fbXVzdF9jaGVj ayBpb21tdV9mbHVzaF9pb3RsYihzdHJ1Y3QgZG9tYWluICpkLAotICAgICAg ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgdW5zaWduZWQg bG9uZyBnZm4sCi0gICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAg ICAgICAgICBib29sX3QgZG1hX29sZF9wdGVfcHJlc2VudCwKLSAgICAgICAg ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIHVuc2lnbmVkIGlu dCBwYWdlX2NvdW50KQoraW50IGlvbW11X2ZsdXNoX2lvdGxiKHN0cnVjdCBk b21haW4gKmQsIHVuc2lnbmVkIGxvbmcgZ2ZuLAorICAgICAgICAgICAgICAg ICAgICAgIGJvb2wgZG1hX29sZF9wdGVfcHJlc2VudCwgdW5zaWduZWQgaW50 IHBhZ2VfY291bnQpCiB7CiAgICAgc3RydWN0IGRvbWFpbl9pb21tdSAqaGQg PSBkb21faW9tbXUoZCk7CiAgICAgc3RydWN0IGFjcGlfZHJoZF91bml0ICpk cmhkOwpAQCAtMTg3Niw1MyArMTg3NCw2IEBAIHN0YXRpYyBpbnQgX19tdXN0 X2NoZWNrIGludGVsX2lvbW11X3VubWEKICAgICByZXR1cm4gZG1hX3B0ZV9j bGVhcl9vbmUoZCwgKHBhZGRyX3QpZ2ZuIDw8IFBBR0VfU0hJRlRfNEspOwog fQogCi1pbnQgaW9tbXVfcHRlX2ZsdXNoKHN0cnVjdCBkb21haW4gKmQsIHU2 NCBnZm4sIHU2NCAqcHRlLAotICAgICAgICAgICAgICAgICAgICBpbnQgb3Jk ZXIsIGludCBwcmVzZW50KQotewotICAgIHN0cnVjdCBhY3BpX2RyaGRfdW5p dCAqZHJoZDsKLSAgICBzdHJ1Y3QgaW9tbXUgKmlvbW11ID0gTlVMTDsKLSAg ICBzdHJ1Y3QgZG9tYWluX2lvbW11ICpoZCA9IGRvbV9pb21tdShkKTsKLSAg ICBib29sX3QgZmx1c2hfZGV2X2lvdGxiOwotICAgIGludCBpb21tdV9kb21p ZDsKLSAgICBpbnQgcmMgPSAwOwotCi0gICAgaW9tbXVfc3luY19jYWNoZShw dGUsIHNpemVvZihzdHJ1Y3QgZG1hX3B0ZSkpOwotCi0gICAgZm9yX2VhY2hf ZHJoZF91bml0ICggZHJoZCApCi0gICAgewotICAgICAgICBpb21tdSA9IGRy aGQtPmlvbW11OwotICAgICAgICBpZiAoICF0ZXN0X2JpdChpb21tdS0+aW5k ZXgsICZoZC0+YXJjaC5pb21tdV9iaXRtYXApICkKLSAgICAgICAgICAgIGNv bnRpbnVlOwotCi0gICAgICAgIGZsdXNoX2Rldl9pb3RsYiA9ICEhZmluZF9h dHNfZGV2X2RyaGQoaW9tbXUpOwotICAgICAgICBpb21tdV9kb21pZD0gZG9t YWluX2lvbW11X2RvbWlkKGQsIGlvbW11KTsKLSAgICAgICAgaWYgKCBpb21t dV9kb21pZCA9PSAtMSApCi0gICAgICAgICAgICBjb250aW51ZTsKLQotICAg ICAgICByYyA9IGlvbW11X2ZsdXNoX2lvdGxiX3BzaShpb21tdSwgaW9tbXVf ZG9taWQsCi0gICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIChw YWRkcl90KWdmbiA8PCBQQUdFX1NISUZUXzRLLAotICAgICAgICAgICAgICAg ICAgICAgICAgICAgICAgICAgICBvcmRlciwgIXByZXNlbnQsIGZsdXNoX2Rl dl9pb3RsYik7Ci0gICAgICAgIGlmICggcmMgPiAwICkKLSAgICAgICAgewot ICAgICAgICAgICAgaW9tbXVfZmx1c2hfd3JpdGVfYnVmZmVyKGlvbW11KTsK LSAgICAgICAgICAgIHJjID0gMDsKLSAgICAgICAgfQotICAgIH0KLQotICAg IGlmICggdW5saWtlbHkocmMpICkKLSAgICB7Ci0gICAgICAgIGlmICggIWQt PmlzX3NodXR0aW5nX2Rvd24gJiYgcHJpbnRrX3JhdGVsaW1pdCgpICkKLSAg ICAgICAgICAgIHByaW50ayhYRU5MT0dfRVJSIFZURFBSRUZJWAotICAgICAg ICAgICAgICAgICAgICIgZCVkOiBJT01NVSBwYWdlcyBmbHVzaCBmYWlsZWQ6 ICVkXG4iLAotICAgICAgICAgICAgICAgICAgIGQtPmRvbWFpbl9pZCwgcmMp OwotCi0gICAgICAgIGlmICggIWlzX2hhcmR3YXJlX2RvbWFpbihkKSApCi0g ICAgICAgICAgICBkb21haW5fY3Jhc2goZCk7Ci0gICAgfQotCi0gICAgcmV0 dXJuIHJjOwotfQotCiBzdGF0aWMgaW50IF9faW5pdCB2dGRfZXB0X3BhZ2Vf Y29tcGF0aWJsZShzdHJ1Y3QgaW9tbXUgKmlvbW11KQogewogICAgIHU2NCBl cHRfY2FwLCB2dGRfY2FwID0gaW9tbXUtPmNhcDsKLS0tIGEveGVuL2luY2x1 ZGUvYXNtLXg4Ni9pb21tdS5oCisrKyBiL3hlbi9pbmNsdWRlL2FzbS14ODYv aW9tbXUuaApAQCAtODcsOCArODcsOSBAQCBpbnQgaW9tbXVfc2V0dXBfaHBl dF9tc2koc3RydWN0IG1zaV9kZXNjCiAKIC8qIFdoaWxlIFZULWQgc3BlY2lm aWMsIHRoaXMgbXVzdCBnZXQgZGVjbGFyZWQgaW4gYSBnZW5lcmljIGhlYWRl ci4gKi8KIGludCBhZGp1c3RfdnRkX2lycV9hZmZpbml0aWVzKHZvaWQpOwot aW50IF9fbXVzdF9jaGVjayBpb21tdV9wdGVfZmx1c2goc3RydWN0IGRvbWFp biAqZCwgdTY0IGdmbiwgdTY0ICpwdGUsCi0gICAgICAgICAgICAgICAgICAg ICAgICAgICAgICAgICBpbnQgb3JkZXIsIGludCBwcmVzZW50KTsKK2ludCBf X211c3RfY2hlY2sgaW9tbXVfZmx1c2hfaW90bGIoc3RydWN0IGRvbWFpbiAq ZCwgdW5zaWduZWQgbG9uZyBnZm4sCisgICAgICAgICAgICAgICAgICAgICAg ICAgICAgICAgICAgIGJvb2wgZG1hX29sZF9wdGVfcHJlc2VudCwKKyAgICAg ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgdW5zaWduZWQgaW50IHBh Z2VfY291bnQpOwogYm9vbF90IGlvbW11X3N1cHBvcnRzX2VpbSh2b2lkKTsK IGludCBpb21tdV9lbmFibGVfeDJhcGljX0lSKHZvaWQpOwogdm9pZCBpb21t dV9kaXNhYmxlX3gyYXBpY19JUih2b2lkKTsK --=separator Content-Type: application/octet-stream; name="xsa321/xsa321-4.11-1.patch" Content-Disposition: attachment; filename="xsa321/xsa321-4.11-1.patch" Content-Transfer-Encoding: base64 RnJvbTogSmFuIEJldWxpY2ggPGpiZXVsaWNoQHN1c2UuY29tPgpTdWJqZWN0 OiB2dGQ6IGltcHJvdmUgSU9NTVUgVExCIGZsdXNoCgpEbyBub3QgbGltaXQg UFNJIGZsdXNoZXMgdG8gb3JkZXIgMCBwYWdlcywgaW4gb3JkZXIgdG8gYXZv aWQgZG9pbmcgYQpmdWxsIFRMQiBmbHVzaCBpZiB0aGUgcGFzc2VkIGluIHBh Z2UgaGFzIGFuIG9yZGVyIGdyZWF0ZXIgdGhhbiAwIGFuZAppcyBhbGlnbmVk LiBTaG91bGQgaW5jcmVhc2UgdGhlIHBlcmZvcm1hbmNlIG9mIElPTU1VIFRM QiBmbHVzaGVzIHdoZW4KZGVhbGluZyB3aXRoIHBhZ2Ugb3JkZXJzIGdyZWF0 ZXIgdGhhbiAwLgoKVGhpcyBpcyBwYXJ0IG9mIFhTQS0zMjEuCgpTaWduZWQt b2ZmLWJ5OiBKYW4gQmV1bGljaCA8amJldWxpY2hAc3VzZS5jb20+CgotLS0g YS94ZW4vZHJpdmVycy9wYXNzdGhyb3VnaC92dGQvaW9tbXUuYworKysgYi94 ZW4vZHJpdmVycy9wYXNzdGhyb3VnaC92dGQvaW9tbXUuYwpAQCAtNjEyLDEz ICs2MTIsMTQgQEAgc3RhdGljIGludCBfX211c3RfY2hlY2sgaW9tbXVfZmx1 c2hfaW90bAogICAgICAgICBpZiAoIGlvbW11X2RvbWlkID09IC0xICkKICAg ICAgICAgICAgIGNvbnRpbnVlOwogCi0gICAgICAgIGlmICggcGFnZV9jb3Vu dCAhPSAxIHx8IGdmbiA9PSBnZm5feChJTlZBTElEX0dGTikgKQorICAgICAg ICBpZiAoICFwYWdlX2NvdW50IHx8IChwYWdlX2NvdW50ICYgKHBhZ2VfY291 bnQgLSAxKSkgfHwKKyAgICAgICAgICAgICBnZm4gPT0gZ2ZuX3goSU5WQUxJ RF9HRk4pIHx8ICFJU19BTElHTkVEKGdmbiwgcGFnZV9jb3VudCkgKQogICAg ICAgICAgICAgcmMgPSBpb21tdV9mbHVzaF9pb3RsYl9kc2koaW9tbXUsIGlv bW11X2RvbWlkLAogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAg ICAgICAgMCwgZmx1c2hfZGV2X2lvdGxiKTsKICAgICAgICAgZWxzZQogICAg ICAgICAgICAgcmMgPSBpb21tdV9mbHVzaF9pb3RsYl9wc2koaW9tbXUsIGlv bW11X2RvbWlkLAogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAg ICAgICAgKHBhZGRyX3QpZ2ZuIDw8IFBBR0VfU0hJRlRfNEssCi0gICAgICAg ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICBQQUdFX09SREVSXzRL LAorICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgZ2V0 X29yZGVyX2Zyb21fcGFnZXMocGFnZV9jb3VudCksCiAgICAgICAgICAgICAg ICAgICAgICAgICAgICAgICAgICAgICAgICAhZG1hX29sZF9wdGVfcHJlc2Vu dCwKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIGZs dXNoX2Rldl9pb3RsYik7CiAK --=separator Content-Type: application/octet-stream; name="xsa321/xsa321-4.11-2.patch" Content-Disposition: attachment; filename="xsa321/xsa321-4.11-2.patch" Content-Transfer-Encoding: base64 RnJvbTogPHNlY3VyaXR5QHhlbnByb2plY3Qub3JnPgpTdWJqZWN0OiB2dGQ6 IHBydW5lIChhbmQgcmVuYW1lKSBjYWNoZSBmbHVzaCBmdW5jdGlvbnMKClJl bmFtZSBfX2lvbW11X2ZsdXNoX2NhY2hlIHRvIGlvbW11X3N5bmNfY2FjaGUg YW5kIHJlbW92ZQppb21tdV9mbHVzaF9jYWNoZV9wYWdlLiBBbHNvIHJlbW92 ZSB0aGUgaW9tbXVfZmx1c2hfY2FjaGVfZW50cnkKd3JhcHBlciBhbmQganVz dCB1c2UgaW9tbXVfc3luY19jYWNoZSBpbnN0ZWFkLiBOb3RlIHRoZSBfZW50 cnkgc3VmZml4CndhcyBtZWFuaW5nbGVzcyBhcyB0aGUgd3JhcHBlciB3YXMg YWxyZWFkeSB0YWtpbmcgYSBzaXplIHBhcmFtZXRlciBpbgpieXRlcy4gV2hp bGUgdGhlcmUgYWxzbyBjb25zdGlmeSB0aGUgYWRkciBwYXJhbWV0ZXIuCgpO byBmdW5jdGlvbmFsIGNoYW5nZSBpbnRlbmRlZC4KClRoaXMgaXMgcGFydCBv ZiBYU0EtMzIxLgoKUmV2aWV3ZWQtYnk6IEphbiBCZXVsaWNoIDxqYmV1bGlj aEBzdXNlLmNvbT4KCi0tLSBhL3hlbi9kcml2ZXJzL3Bhc3N0aHJvdWdoL3Z0 ZC9leHRlcm4uaAorKysgYi94ZW4vZHJpdmVycy9wYXNzdGhyb3VnaC92dGQv ZXh0ZXJuLmgKQEAgLTM3LDggKzM3LDcgQEAgdm9pZCBkaXNhYmxlX3FpbnZh bChzdHJ1Y3QgaW9tbXUgKmlvbW11KQogaW50IGVuYWJsZV9pbnRyZW1hcChz dHJ1Y3QgaW9tbXUgKmlvbW11LCBpbnQgZWltKTsKIHZvaWQgZGlzYWJsZV9p bnRyZW1hcChzdHJ1Y3QgaW9tbXUgKmlvbW11KTsKIAotdm9pZCBpb21tdV9m bHVzaF9jYWNoZV9lbnRyeSh2b2lkICphZGRyLCB1bnNpZ25lZCBpbnQgc2l6 ZSk7Ci12b2lkIGlvbW11X2ZsdXNoX2NhY2hlX3BhZ2Uodm9pZCAqYWRkciwg dW5zaWduZWQgbG9uZyBucGFnZXMpOwordm9pZCBpb21tdV9zeW5jX2NhY2hl KGNvbnN0IHZvaWQgKmFkZHIsIHVuc2lnbmVkIGludCBzaXplKTsKIGludCBp b21tdV9hbGxvYyhzdHJ1Y3QgYWNwaV9kcmhkX3VuaXQgKmRyaGQpOwogdm9p ZCBpb21tdV9mcmVlKHN0cnVjdCBhY3BpX2RyaGRfdW5pdCAqZHJoZCk7CiAK LS0tIGEveGVuL2RyaXZlcnMvcGFzc3Rocm91Z2gvdnRkL2ludHJlbWFwLmMK KysrIGIveGVuL2RyaXZlcnMvcGFzc3Rocm91Z2gvdnRkL2ludHJlbWFwLmMK QEAgLTIzMSw3ICsyMzEsNyBAQCBzdGF0aWMgdm9pZCBmcmVlX3JlbWFwX2Vu dHJ5KHN0cnVjdCBpb21tCiAgICAgICAgICAgICAgICAgICAgICBpcmVtYXBf ZW50cmllcywgaXJlbWFwX2VudHJ5KTsKIAogICAgIHVwZGF0ZV9pcnRlKGlv bW11LCBpcmVtYXBfZW50cnksICZuZXdfaXJlLCBmYWxzZSk7Ci0gICAgaW9t bXVfZmx1c2hfY2FjaGVfZW50cnkoaXJlbWFwX2VudHJ5LCBzaXplb2YoKmly ZW1hcF9lbnRyeSkpOworICAgIGlvbW11X3N5bmNfY2FjaGUoaXJlbWFwX2Vu dHJ5LCBzaXplb2YoKmlyZW1hcF9lbnRyeSkpOwogICAgIGlvbW11X2ZsdXNo X2llY19pbmRleChpb21tdSwgMCwgaW5kZXgpOwogCiAgICAgdW5tYXBfdnRk X2RvbWFpbl9wYWdlKGlyZW1hcF9lbnRyaWVzKTsKQEAgLTQwMyw3ICs0MDMs NyBAQCBzdGF0aWMgaW50IGlvYXBpY19ydGVfdG9fcmVtYXBfZW50cnkoc3Ry CiAgICAgfQogCiAgICAgdXBkYXRlX2lydGUoaW9tbXUsIGlyZW1hcF9lbnRy eSwgJm5ld19pcmUsICFpbml0KTsKLSAgICBpb21tdV9mbHVzaF9jYWNoZV9l bnRyeShpcmVtYXBfZW50cnksIHNpemVvZigqaXJlbWFwX2VudHJ5KSk7Cisg ICAgaW9tbXVfc3luY19jYWNoZShpcmVtYXBfZW50cnksIHNpemVvZigqaXJl bWFwX2VudHJ5KSk7CiAgICAgaW9tbXVfZmx1c2hfaWVjX2luZGV4KGlvbW11 LCAwLCBpbmRleCk7CiAKICAgICB1bm1hcF92dGRfZG9tYWluX3BhZ2UoaXJl bWFwX2VudHJpZXMpOwpAQCAtNjk0LDcgKzY5NCw3IEBAIHN0YXRpYyBpbnQg bXNpX21zZ190b19yZW1hcF9lbnRyeSgKICAgICB1cGRhdGVfaXJ0ZShpb21t dSwgaXJlbWFwX2VudHJ5LCAmbmV3X2lyZSwgbXNpX2Rlc2MtPmlydGVfaW5p dGlhbGl6ZWQpOwogICAgIG1zaV9kZXNjLT5pcnRlX2luaXRpYWxpemVkID0g dHJ1ZTsKIAotICAgIGlvbW11X2ZsdXNoX2NhY2hlX2VudHJ5KGlyZW1hcF9l bnRyeSwgc2l6ZW9mKCppcmVtYXBfZW50cnkpKTsKKyAgICBpb21tdV9zeW5j X2NhY2hlKGlyZW1hcF9lbnRyeSwgc2l6ZW9mKCppcmVtYXBfZW50cnkpKTsK ICAgICBpb21tdV9mbHVzaF9pZWNfaW5kZXgoaW9tbXUsIDAsIGluZGV4KTsK IAogICAgIHVubWFwX3Z0ZF9kb21haW5fcGFnZShpcmVtYXBfZW50cmllcyk7 Ci0tLSBhL3hlbi9kcml2ZXJzL3Bhc3N0aHJvdWdoL3Z0ZC9pb21tdS5jCisr KyBiL3hlbi9kcml2ZXJzL3Bhc3N0aHJvdWdoL3Z0ZC9pb21tdS5jCkBAIC0x NTgsNyArMTU4LDggQEAgc3RhdGljIHZvaWQgX19pbml0IGZyZWVfaW50ZWxf aW9tbXUoc3RydQogfQogCiBzdGF0aWMgaW50IGlvbW11c19pbmNvaGVyZW50 Owotc3RhdGljIHZvaWQgX19pb21tdV9mbHVzaF9jYWNoZSh2b2lkICphZGRy LCB1bnNpZ25lZCBpbnQgc2l6ZSkKKwordm9pZCBpb21tdV9zeW5jX2NhY2hl KGNvbnN0IHZvaWQgKmFkZHIsIHVuc2lnbmVkIGludCBzaXplKQogewogICAg IGludCBpOwogICAgIHN0YXRpYyB1bnNpZ25lZCBpbnQgY2xmbHVzaF9zaXpl ID0gMDsKQEAgLTE3MywxNiArMTc0LDYgQEAgc3RhdGljIHZvaWQgX19pb21t dV9mbHVzaF9jYWNoZSh2b2lkICphZAogICAgICAgICBjYWNoZWxpbmVfZmx1 c2goKGNoYXIgKilhZGRyICsgaSk7CiB9CiAKLXZvaWQgaW9tbXVfZmx1c2hf Y2FjaGVfZW50cnkodm9pZCAqYWRkciwgdW5zaWduZWQgaW50IHNpemUpCi17 Ci0gICAgX19pb21tdV9mbHVzaF9jYWNoZShhZGRyLCBzaXplKTsKLX0KLQot dm9pZCBpb21tdV9mbHVzaF9jYWNoZV9wYWdlKHZvaWQgKmFkZHIsIHVuc2ln bmVkIGxvbmcgbnBhZ2VzKQotewotICAgIF9faW9tbXVfZmx1c2hfY2FjaGUo YWRkciwgUEFHRV9TSVpFICogbnBhZ2VzKTsKLX0KLQogLyogQWxsb2NhdGUg cGFnZSB0YWJsZSwgcmV0dXJuIGl0cyBtYWNoaW5lIGFkZHJlc3MgKi8KIHU2 NCBhbGxvY19wZ3RhYmxlX21hZGRyKHN0cnVjdCBhY3BpX2RyaGRfdW5pdCAq ZHJoZCwgdW5zaWduZWQgbG9uZyBucGFnZXMpCiB7CkBAIC0yMDcsNyArMTk4 LDcgQEAgdTY0IGFsbG9jX3BndGFibGVfbWFkZHIoc3RydWN0IGFjcGlfZHJo ZAogICAgICAgICB2YWRkciA9IF9fbWFwX2RvbWFpbl9wYWdlKGN1cl9wZyk7 CiAgICAgICAgIG1lbXNldCh2YWRkciwgMCwgUEFHRV9TSVpFKTsKIAotICAg ICAgICBpb21tdV9mbHVzaF9jYWNoZV9wYWdlKHZhZGRyLCAxKTsKKyAgICAg ICAgaW9tbXVfc3luY19jYWNoZSh2YWRkciwgUEFHRV9TSVpFKTsKICAgICAg ICAgdW5tYXBfZG9tYWluX3BhZ2UodmFkZHIpOwogICAgICAgICBjdXJfcGcr KzsKICAgICB9CkBAIC0yNDIsNyArMjMzLDcgQEAgc3RhdGljIHU2NCBidXNf dG9fY29udGV4dF9tYWRkcihzdHJ1Y3QgaQogICAgICAgICB9CiAgICAgICAg IHNldF9yb290X3ZhbHVlKCpyb290LCBtYWRkcik7CiAgICAgICAgIHNldF9y b290X3ByZXNlbnQoKnJvb3QpOwotICAgICAgICBpb21tdV9mbHVzaF9jYWNo ZV9lbnRyeShyb290LCBzaXplb2Yoc3RydWN0IHJvb3RfZW50cnkpKTsKKyAg ICAgICAgaW9tbXVfc3luY19jYWNoZShyb290LCBzaXplb2Yoc3RydWN0IHJv b3RfZW50cnkpKTsKICAgICB9CiAgICAgbWFkZHIgPSAodTY0KSBnZXRfY29u dGV4dF9hZGRyKCpyb290KTsKICAgICB1bm1hcF92dGRfZG9tYWluX3BhZ2Uo cm9vdF9lbnRyaWVzKTsKQEAgLTMwMCw3ICsyOTEsNyBAQCBzdGF0aWMgdTY0 IGFkZHJfdG9fZG1hX3BhZ2VfbWFkZHIoc3RydWN0CiAgICAgICAgICAgICAg Ki8KICAgICAgICAgICAgIGRtYV9zZXRfcHRlX3JlYWRhYmxlKCpwdGUpOwog ICAgICAgICAgICAgZG1hX3NldF9wdGVfd3JpdGFibGUoKnB0ZSk7Ci0gICAg ICAgICAgICBpb21tdV9mbHVzaF9jYWNoZV9lbnRyeShwdGUsIHNpemVvZihz dHJ1Y3QgZG1hX3B0ZSkpOworICAgICAgICAgICAgaW9tbXVfc3luY19jYWNo ZShwdGUsIHNpemVvZihzdHJ1Y3QgZG1hX3B0ZSkpOwogICAgICAgICB9CiAK ICAgICAgICAgaWYgKCBsZXZlbCA9PSAyICkKQEAgLTY3NCw3ICs2NjUsNyBA QCBzdGF0aWMgaW50IF9fbXVzdF9jaGVjayBkbWFfcHRlX2NsZWFyX29uCiAK ICAgICBkbWFfY2xlYXJfcHRlKCpwdGUpOwogICAgIHNwaW5fdW5sb2NrKCZo ZC0+YXJjaC5tYXBwaW5nX2xvY2spOwotICAgIGlvbW11X2ZsdXNoX2NhY2hl X2VudHJ5KHB0ZSwgc2l6ZW9mKHN0cnVjdCBkbWFfcHRlKSk7CisgICAgaW9t bXVfc3luY19jYWNoZShwdGUsIHNpemVvZihzdHJ1Y3QgZG1hX3B0ZSkpOwog CiAgICAgaWYgKCAhdGhpc19jcHUoaW9tbXVfZG9udF9mbHVzaF9pb3RsYikg KQogICAgICAgICByYyA9IGlvbW11X2ZsdXNoX2lvdGxiX3BhZ2VzKGRvbWFp biwgYWRkciA+PiBQQUdFX1NISUZUXzRLLCAxKTsKQEAgLTcxNiw3ICs3MDcs NyBAQCBzdGF0aWMgdm9pZCBpb21tdV9mcmVlX3BhZ2VfdGFibGUoc3RydWN0 CiAgICAgICAgICAgICBpb21tdV9mcmVlX3BhZ2V0YWJsZShkbWFfcHRlX2Fk ZHIoKnB0ZSksIG5leHRfbGV2ZWwpOwogCiAgICAgICAgIGRtYV9jbGVhcl9w dGUoKnB0ZSk7Ci0gICAgICAgIGlvbW11X2ZsdXNoX2NhY2hlX2VudHJ5KHB0 ZSwgc2l6ZW9mKHN0cnVjdCBkbWFfcHRlKSk7CisgICAgICAgIGlvbW11X3N5 bmNfY2FjaGUocHRlLCBzaXplb2Yoc3RydWN0IGRtYV9wdGUpKTsKICAgICB9 CiAKICAgICB1bm1hcF92dGRfZG9tYWluX3BhZ2UocHRfdmFkZHIpOwpAQCAt MTQ0OSw3ICsxNDQwLDcgQEAgaW50IGRvbWFpbl9jb250ZXh0X21hcHBpbmdf b25lKAogICAgIGNvbnRleHRfc2V0X2FkZHJlc3Nfd2lkdGgoKmNvbnRleHQs IGFnYXcpOwogICAgIGNvbnRleHRfc2V0X2ZhdWx0X2VuYWJsZSgqY29udGV4 dCk7CiAgICAgY29udGV4dF9zZXRfcHJlc2VudCgqY29udGV4dCk7Ci0gICAg aW9tbXVfZmx1c2hfY2FjaGVfZW50cnkoY29udGV4dCwgc2l6ZW9mKHN0cnVj dCBjb250ZXh0X2VudHJ5KSk7CisgICAgaW9tbXVfc3luY19jYWNoZShjb250 ZXh0LCBzaXplb2Yoc3RydWN0IGNvbnRleHRfZW50cnkpKTsKICAgICBzcGlu X3VubG9jaygmaW9tbXUtPmxvY2spOwogCiAgICAgLyogQ29udGV4dCBlbnRy eSB3YXMgcHJldmlvdXNseSBub24tcHJlc2VudCAod2l0aCBkb21pZCAwKS4g Ki8KQEAgLTE2MDIsNyArMTU5Myw3IEBAIGludCBkb21haW5fY29udGV4dF91 bm1hcF9vbmUoCiAKICAgICBjb250ZXh0X2NsZWFyX3ByZXNlbnQoKmNvbnRl eHQpOwogICAgIGNvbnRleHRfY2xlYXJfZW50cnkoKmNvbnRleHQpOwotICAg IGlvbW11X2ZsdXNoX2NhY2hlX2VudHJ5KGNvbnRleHQsIHNpemVvZihzdHJ1 Y3QgY29udGV4dF9lbnRyeSkpOworICAgIGlvbW11X3N5bmNfY2FjaGUoY29u dGV4dCwgc2l6ZW9mKHN0cnVjdCBjb250ZXh0X2VudHJ5KSk7CiAKICAgICBp b21tdV9kb21pZD0gZG9tYWluX2lvbW11X2RvbWlkKGRvbWFpbiwgaW9tbXUp OwogICAgIGlmICggaW9tbXVfZG9taWQgPT0gLTEgKQpAQCAtMTgyOCw3ICsx ODE5LDcgQEAgc3RhdGljIGludCBfX211c3RfY2hlY2sgaW50ZWxfaW9tbXVf bWFwXwogCiAgICAgKnB0ZSA9IG5ldzsKIAotICAgIGlvbW11X2ZsdXNoX2Nh Y2hlX2VudHJ5KHB0ZSwgc2l6ZW9mKHN0cnVjdCBkbWFfcHRlKSk7CisgICAg aW9tbXVfc3luY19jYWNoZShwdGUsIHNpemVvZihzdHJ1Y3QgZG1hX3B0ZSkp OwogICAgIHNwaW5fdW5sb2NrKCZoZC0+YXJjaC5tYXBwaW5nX2xvY2spOwog ICAgIHVubWFwX3Z0ZF9kb21haW5fcGFnZShwYWdlKTsKIApAQCAtMTg2Miw3 ICsxODUzLDcgQEAgaW50IGlvbW11X3B0ZV9mbHVzaChzdHJ1Y3QgZG9tYWlu ICpkLCB1NgogICAgIGludCBpb21tdV9kb21pZDsKICAgICBpbnQgcmMgPSAw OwogCi0gICAgaW9tbXVfZmx1c2hfY2FjaGVfZW50cnkocHRlLCBzaXplb2Yo c3RydWN0IGRtYV9wdGUpKTsKKyAgICBpb21tdV9zeW5jX2NhY2hlKHB0ZSwg c2l6ZW9mKHN0cnVjdCBkbWFfcHRlKSk7CiAKICAgICBmb3JfZWFjaF9kcmhk X3VuaXQgKCBkcmhkICkKICAgICB7CkBAIC0yNzI1LDcgKzI3MTYsNyBAQCBz dGF0aWMgaW50IF9faW5pdCBpbnRlbF9pb21tdV9xdWFyYW50aW5lCiAgICAg ICAgICAgICBkbWFfc2V0X3B0ZV9hZGRyKCpwdGUsIG1hZGRyKTsKICAgICAg ICAgICAgIGRtYV9zZXRfcHRlX3JlYWRhYmxlKCpwdGUpOwogICAgICAgICB9 Ci0gICAgICAgIGlvbW11X2ZsdXNoX2NhY2hlX3BhZ2UocGFyZW50LCAxKTsK KyAgICAgICAgaW9tbXVfc3luY19jYWNoZShwYXJlbnQsIFBBR0VfU0laRSk7 CiAKICAgICAgICAgdW5tYXBfdnRkX2RvbWFpbl9wYWdlKHBhcmVudCk7CiAg ICAgICAgIHBhcmVudCA9IG1hcF92dGRfZG9tYWluX3BhZ2UobWFkZHIpOwo= --=separator Content-Type: application/octet-stream; name="xsa321/xsa321-4.11-3.patch" Content-Disposition: attachment; filename="xsa321/xsa321-4.11-3.patch" Content-Transfer-Encoding: base64 RnJvbTogPHNlY3VyaXR5QHhlbnByb2plY3Qub3JnPgpTdWJqZWN0OiB4ODYv aW9tbXU6IGludHJvZHVjZSBhIGNhY2hlIHN5bmMgaG9vawoKVGhlIGhvb2sg aXMgb25seSBpbXBsZW1lbnRlZCBmb3IgVlQtZCBhbmQgaXQgdXNlcyB0aGUg YWxyZWFkeSBleGlzdGluZwppb21tdV9zeW5jX2NhY2hlIGZ1bmN0aW9uIHBy ZXNlbnQgaW4gVlQtZCBjb2RlLiBUaGUgbmV3IGhvb2sgaXMKYWRkZWQgc28g dGhhdCB0aGUgY2FjaGUgY2FuIGJlIGZsdXNoZWQgYnkgY29kZSBvdXRzaWRl IG9mIFZULWQgd2hlbgp1c2luZyBzaGFyZWQgcGFnZSB0YWJsZXMuCgpOb3Rl IHRoYXQgYWxsb2NfcGd0YWJsZV9tYWRkciBtdXN0IHVzZSB0aGUgbm93IGxv Y2FsbHkgZGVmaW5lZApzeW5jX2NhY2hlIGZ1bmN0aW9uLCBiZWNhdXNlIElP TU1VIG9wcyBhcmUgbm90IHlldCBzZXR1cCB0aGUgZmlyc3QKdGltZSB0aGUg ZnVuY3Rpb24gZ2V0cyBjYWxsZWQgZHVyaW5nIElPTU1VIGluaXRpYWxpemF0 aW9uLgoKTm8gZnVuY3Rpb25hbCBjaGFuZ2UgaW50ZW5kZWQuCgpUaGlzIGlz IHBhcnQgb2YgWFNBLTMyMS4KClJldmlld2VkLWJ5OiBKYW4gQmV1bGljaCA8 amJldWxpY2hAc3VzZS5jb20+CgotLS0gYS94ZW4vZHJpdmVycy9wYXNzdGhy b3VnaC92dGQvZXh0ZXJuLmgKKysrIGIveGVuL2RyaXZlcnMvcGFzc3Rocm91 Z2gvdnRkL2V4dGVybi5oCkBAIC0zNyw3ICszNyw2IEBAIHZvaWQgZGlzYWJs ZV9xaW52YWwoc3RydWN0IGlvbW11ICppb21tdSkKIGludCBlbmFibGVfaW50 cmVtYXAoc3RydWN0IGlvbW11ICppb21tdSwgaW50IGVpbSk7CiB2b2lkIGRp c2FibGVfaW50cmVtYXAoc3RydWN0IGlvbW11ICppb21tdSk7CiAKLXZvaWQg aW9tbXVfc3luY19jYWNoZShjb25zdCB2b2lkICphZGRyLCB1bnNpZ25lZCBp bnQgc2l6ZSk7CiBpbnQgaW9tbXVfYWxsb2Moc3RydWN0IGFjcGlfZHJoZF91 bml0ICpkcmhkKTsKIHZvaWQgaW9tbXVfZnJlZShzdHJ1Y3QgYWNwaV9kcmhk X3VuaXQgKmRyaGQpOwogCi0tLSBhL3hlbi9kcml2ZXJzL3Bhc3N0aHJvdWdo L3Z0ZC9pb21tdS5jCisrKyBiL3hlbi9kcml2ZXJzL3Bhc3N0aHJvdWdoL3Z0 ZC9pb21tdS5jCkBAIC0xNTksNyArMTU5LDcgQEAgc3RhdGljIHZvaWQgX19p bml0IGZyZWVfaW50ZWxfaW9tbXUoc3RydQogCiBzdGF0aWMgaW50IGlvbW11 c19pbmNvaGVyZW50OwogCi12b2lkIGlvbW11X3N5bmNfY2FjaGUoY29uc3Qg dm9pZCAqYWRkciwgdW5zaWduZWQgaW50IHNpemUpCitzdGF0aWMgdm9pZCBz eW5jX2NhY2hlKGNvbnN0IHZvaWQgKmFkZHIsIHVuc2lnbmVkIGludCBzaXpl KQogewogICAgIGludCBpOwogICAgIHN0YXRpYyB1bnNpZ25lZCBpbnQgY2xm bHVzaF9zaXplID0gMDsKQEAgLTE5OCw3ICsxOTgsNyBAQCB1NjQgYWxsb2Nf cGd0YWJsZV9tYWRkcihzdHJ1Y3QgYWNwaV9kcmhkCiAgICAgICAgIHZhZGRy ID0gX19tYXBfZG9tYWluX3BhZ2UoY3VyX3BnKTsKICAgICAgICAgbWVtc2V0 KHZhZGRyLCAwLCBQQUdFX1NJWkUpOwogCi0gICAgICAgIGlvbW11X3N5bmNf Y2FjaGUodmFkZHIsIFBBR0VfU0laRSk7CisgICAgICAgIHN5bmNfY2FjaGUo dmFkZHIsIFBBR0VfU0laRSk7CiAgICAgICAgIHVubWFwX2RvbWFpbl9wYWdl KHZhZGRyKTsKICAgICAgICAgY3VyX3BnKys7CiAgICAgfQpAQCAtMjc2MCw2 ICsyNzYwLDcgQEAgY29uc3Qgc3RydWN0IGlvbW11X29wcyBpbnRlbF9pb21t dV9vcHMgPQogICAgIC5pb3RsYl9mbHVzaF9hbGwgPSBpb21tdV9mbHVzaF9p b3RsYl9hbGwsCiAgICAgLmdldF9yZXNlcnZlZF9kZXZpY2VfbWVtb3J5ID0g aW50ZWxfaW9tbXVfZ2V0X3Jlc2VydmVkX2RldmljZV9tZW1vcnksCiAgICAg LmR1bXBfcDJtX3RhYmxlID0gdnRkX2R1bXBfcDJtX3RhYmxlLAorICAgIC5z eW5jX2NhY2hlID0gc3luY19jYWNoZSwKIH07CiAKIC8qCi0tLSBhL3hlbi9p bmNsdWRlL2FzbS14ODYvaW9tbXUuaAorKysgYi94ZW4vaW5jbHVkZS9hc20t eDg2L2lvbW11LmgKQEAgLTk4LDYgKzk4LDEzIEBAIGV4dGVybiBib29sIHVu dHJ1c3RlZF9tc2k7CiBpbnQgcGlfdXBkYXRlX2lydGUoY29uc3Qgc3RydWN0 IHBpX2Rlc2MgKnBpX2Rlc2MsIGNvbnN0IHN0cnVjdCBwaXJxICpwaXJxLAog ICAgICAgICAgICAgICAgICAgIGNvbnN0IHVpbnQ4X3QgZ3ZlYyk7CiAKKyNk ZWZpbmUgaW9tbXVfc3luY19jYWNoZShhZGRyLCBzaXplKSAoeyAgICAgICAg ICAgICAgICAgXAorICAgIGNvbnN0IHN0cnVjdCBpb21tdV9vcHMgKm9wcyA9 IGlvbW11X2dldF9vcHMoKTsgICAgICBcCisgICAgICAgICAgICAgICAgICAg ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIFwKKyAgICBp ZiAoIG9wcy0+c3luY19jYWNoZSApICAgICAgICAgICAgICAgICAgICAgICAg ICAgICAgXAorICAgICAgICBvcHMtPnN5bmNfY2FjaGUoYWRkciwgc2l6ZSk7 ICAgICAgICAgICAgICAgICAgICBcCit9KQorCiAjZW5kaWYgLyogIV9fQVJD SF9YODZfSU9NTVVfSF9fICovCiAvKgogICogTG9jYWwgdmFyaWFibGVzOgot LS0gYS94ZW4vaW5jbHVkZS94ZW4vaW9tbXUuaAorKysgYi94ZW4vaW5jbHVk ZS94ZW4vaW9tbXUuaApAQCAtMTYxLDYgKzE2MSw3IEBAIHN0cnVjdCBpb21t dV9vcHMgewogICAgIHZvaWQgKCp1cGRhdGVfaXJlX2Zyb21fYXBpYykodW5z aWduZWQgaW50IGFwaWMsIHVuc2lnbmVkIGludCByZWcsIHVuc2lnbmVkIGlu dCB2YWx1ZSk7CiAgICAgdW5zaWduZWQgaW50ICgqcmVhZF9hcGljX2Zyb21f aXJlKSh1bnNpZ25lZCBpbnQgYXBpYywgdW5zaWduZWQgaW50IHJlZyk7CiAg ICAgaW50ICgqc2V0dXBfaHBldF9tc2kpKHN0cnVjdCBtc2lfZGVzYyAqKTsK KyAgICB2b2lkICgqc3luY19jYWNoZSkoY29uc3Qgdm9pZCAqYWRkciwgdW5z aWduZWQgaW50IHNpemUpOwogI2VuZGlmIC8qIENPTkZJR19YODYgKi8KICAg ICBpbnQgX19tdXN0X2NoZWNrICgqc3VzcGVuZCkodm9pZCk7CiAgICAgdm9p ZCAoKnJlc3VtZSkodm9pZCk7Cg== --=separator Content-Type: application/octet-stream; name="xsa321/xsa321-4.11-4.patch" Content-Disposition: attachment; filename="xsa321/xsa321-4.11-4.patch" Content-Transfer-Encoding: base64 RnJvbTogPHNlY3VyaXR5QHhlbnByb2plY3Qub3JnPgpTdWJqZWN0OiB2dGQ6 IGRvbid0IGFzc3VtZSBhZGRyZXNzZXMgYXJlIGFsaWduZWQgaW4gc3luY19j YWNoZQoKQ3VycmVudCBjb2RlIGluIHN5bmNfY2FjaGUgYXNzdW1lIHRoYXQg dGhlIGFkZHJlc3MgcGFzc2VkIGluIGlzCmFsaWduZWQgdG8gYSBjYWNoZSBs aW5lIHNpemUuIEZpeCB0aGUgY29kZSB0byBzdXBwb3J0IHBhc3NpbmcgaW4K YXJiaXRyYXJ5IGFkZHJlc3NlcyBub3QgbmVjZXNzYXJpbHkgYWxpZ25lZCB0 byBhIGNhY2hlIGxpbmUgc2l6ZS4KClRoaXMgaXMgcGFydCBvZiBYU0EtMzIx LgoKUmV2aWV3ZWQtYnk6IEphbiBCZXVsaWNoIDxqYmV1bGljaEBzdXNlLmNv bT4KCi0tLSBhL3hlbi9kcml2ZXJzL3Bhc3N0aHJvdWdoL3Z0ZC9pb21tdS5j CisrKyBiL3hlbi9kcml2ZXJzL3Bhc3N0aHJvdWdoL3Z0ZC9pb21tdS5jCkBA IC0xNjEsOCArMTYxLDggQEAgc3RhdGljIGludCBpb21tdXNfaW5jb2hlcmVu dDsKIAogc3RhdGljIHZvaWQgc3luY19jYWNoZShjb25zdCB2b2lkICphZGRy LCB1bnNpZ25lZCBpbnQgc2l6ZSkKIHsKLSAgICBpbnQgaTsKLSAgICBzdGF0 aWMgdW5zaWduZWQgaW50IGNsZmx1c2hfc2l6ZSA9IDA7CisgICAgc3RhdGlj IHVuc2lnbmVkIGxvbmcgY2xmbHVzaF9zaXplID0gMDsKKyAgICBjb25zdCB2 b2lkICplbmQgPSBhZGRyICsgc2l6ZTsKIAogICAgIGlmICggIWlvbW11c19p bmNvaGVyZW50ICkKICAgICAgICAgcmV0dXJuOwpAQCAtMTcwLDggKzE3MCw5 IEBAIHN0YXRpYyB2b2lkIHN5bmNfY2FjaGUoY29uc3Qgdm9pZCAqYWRkciwK ICAgICBpZiAoIGNsZmx1c2hfc2l6ZSA9PSAwICkKICAgICAgICAgY2xmbHVz aF9zaXplID0gZ2V0X2NhY2hlX2xpbmVfc2l6ZSgpOwogCi0gICAgZm9yICgg aSA9IDA7IGkgPCBzaXplOyBpICs9IGNsZmx1c2hfc2l6ZSApCi0gICAgICAg IGNhY2hlbGluZV9mbHVzaCgoY2hhciAqKWFkZHIgKyBpKTsKKyAgICBhZGRy IC09ICh1bnNpZ25lZCBsb25nKWFkZHIgJiAoY2xmbHVzaF9zaXplIC0gMSk7 CisgICAgZm9yICggOyBhZGRyIDwgZW5kOyBhZGRyICs9IGNsZmx1c2hfc2l6 ZSApCisgICAgICAgIGNhY2hlbGluZV9mbHVzaCgoY2hhciAqKWFkZHIpOwog fQogCiAvKiBBbGxvY2F0ZSBwYWdlIHRhYmxlLCByZXR1cm4gaXRzIG1hY2hp bmUgYWRkcmVzcyAqLwo= --=separator Content-Type: application/octet-stream; name="xsa321/xsa321-4.11-5.patch" Content-Disposition: attachment; filename="xsa321/xsa321-4.11-5.patch" Content-Transfer-Encoding: base64 RnJvbTogPHNlY3VyaXR5QHhlbnByb2plY3Qub3JnPgpTdWJqZWN0OiB4ODYv YWx0ZXJuYXRpdmU6IGludHJvZHVjZSBhbHRlcm5hdGl2ZV8yCgpJdCdzIGJh c2VkIG9uIGFsdGVybmF0aXZlX2lvXzIgd2l0aG91dCBpbnB1dHMgb3Igb3V0 cHV0cyBidXQgd2l0aCBhbgphZGRlZCBtZW1vcnkgY2xvYmJlci4KClRoaXMg aXMgcGFydCBvZiBYU0EtMzIxLgoKQWNrZWQtYnk6IEphbiBCZXVsaWNoIDxq YmV1bGljaEBzdXNlLmNvbT4KCi0tLSBhL3hlbi9pbmNsdWRlL2FzbS14ODYv YWx0ZXJuYXRpdmUuaAorKysgYi94ZW4vaW5jbHVkZS9hc20teDg2L2FsdGVy bmF0aXZlLmgKQEAgLTExMyw2ICsxMTMsMTEgQEAgZXh0ZXJuIHZvaWQgYWx0 ZXJuYXRpdmVfaW5zdHJ1Y3Rpb25zKHZvaQogI2RlZmluZSBhbHRlcm5hdGl2 ZShvbGRpbnN0ciwgbmV3aW5zdHIsIGZlYXR1cmUpICAgICAgICAgICAgICAg ICAgICAgICAgXAogICAgICAgICBhc20gdm9sYXRpbGUgKEFMVEVSTkFUSVZF KG9sZGluc3RyLCBuZXdpbnN0ciwgZmVhdHVyZSkgOiA6IDogIm1lbW9yeSIp CiAKKyNkZWZpbmUgYWx0ZXJuYXRpdmVfMihvbGRpbnN0ciwgbmV3aW5zdHIx LCBmZWF0dXJlMSwgbmV3aW5zdHIyLCBmZWF0dXJlMikgXAorCWFzbSB2b2xh dGlsZSAoQUxURVJOQVRJVkVfMihvbGRpbnN0ciwgbmV3aW5zdHIxLCBmZWF0 dXJlMSwJXAorCQkJCSAgICBuZXdpbnN0cjIsIGZlYXR1cmUyKQkJXAorCQkg ICAgICA6IDogOiAibWVtb3J5IikKKwogLyoKICAqIEFsdGVybmF0aXZlIGlu bGluZSBhc3NlbWJseSB3aXRoIGlucHV0LgogICoK --=separator Content-Type: application/octet-stream; name="xsa321/xsa321-4.11-6.patch" Content-Disposition: attachment; filename="xsa321/xsa321-4.11-6.patch" Content-Transfer-Encoding: base64 RnJvbTogPHNlY3VyaXR5QHhlbnByb2plY3Qub3JnPgpTdWJqZWN0OiB2dGQ6 IG9wdGltaXplIENQVSBjYWNoZSBzeW5jCgpTb21lIFZULWQgSU9NTVVzIGFy ZSBub24tY29oZXJlbnQsIHdoaWNoIHJlcXVpcmVzIGEgY2FjaGUgd3JpdGUg YmFjawppbiBvcmRlciBmb3IgdGhlIGNoYW5nZXMgbWFkZSBieSB0aGUgQ1BV IHRvIGJlIHZpc2libGUgdG8gdGhlIElPTU1VLgpUaGlzIGNhY2hlIHdyaXRl IGJhY2sgd2FzIHVuY29uZGl0aW9uYWxseSBkb25lIHVzaW5nIGNsZmx1c2gs IGJ1dCB0aGVyZSBhcmUKb3RoZXIgbW9yZSBlZmZpY2llbnQgaW5zdHJ1Y3Rp b25zIHRvIGRvIHNvLCBoZW5jZSBpbXBsZW1lbnQgc3VwcG9ydApmb3IgdGhl bSB1c2luZyB0aGUgYWx0ZXJuYXRpdmUgZnJhbWV3b3JrLgoKVGhpcyBpcyBw YXJ0IG9mIFhTQS0zMjEuCgpSZXZpZXdlZC1ieTogSmFuIEJldWxpY2ggPGpi ZXVsaWNoQHN1c2UuY29tPgoKLS0tIGEveGVuL2RyaXZlcnMvcGFzc3Rocm91 Z2gvdnRkL2V4dGVybi5oCisrKyBiL3hlbi9kcml2ZXJzL3Bhc3N0aHJvdWdo L3Z0ZC9leHRlcm4uaApAQCAtNjMsNyArNjMsNiBAQCBpbnQgX19tdXN0X2No ZWNrIHFpbnZhbF9kZXZpY2VfaW90bGJfc3luCiAgICAgICAgICAgICAgICAg ICAgICAgICAgICAgICAgICAgICAgICAgICB1MTYgZGlkLCB1MTYgc2l6ZSwg dTY0IGFkZHIpOwogCiB1bnNpZ25lZCBpbnQgZ2V0X2NhY2hlX2xpbmVfc2l6 ZSh2b2lkKTsKLXZvaWQgY2FjaGVsaW5lX2ZsdXNoKGNoYXIgKik7CiB2b2lk IGZsdXNoX2FsbF9jYWNoZSh2b2lkKTsKIAogdTY0IGFsbG9jX3BndGFibGVf bWFkZHIoc3RydWN0IGFjcGlfZHJoZF91bml0ICpkcmhkLCB1bnNpZ25lZCBs b25nIG5wYWdlcyk7Ci0tLSBhL3hlbi9kcml2ZXJzL3Bhc3N0aHJvdWdoL3Z0 ZC9pb21tdS5jCisrKyBiL3hlbi9kcml2ZXJzL3Bhc3N0aHJvdWdoL3Z0ZC9p b21tdS5jCkBAIC0zMSw2ICszMSw3IEBACiAjaW5jbHVkZSA8eGVuL3BjaV9y ZWdzLmg+CiAjaW5jbHVkZSA8eGVuL2tleWhhbmRsZXIuaD4KICNpbmNsdWRl IDxhc20vbXNpLmg+CisjaW5jbHVkZSA8YXNtL25vcHMuaD4KICNpbmNsdWRl IDxhc20vaXJxLmg+CiAjaW5jbHVkZSA8YXNtL2h2bS92bXgvdm14Lmg+CiAj aW5jbHVkZSA8YXNtL3AybS5oPgpAQCAtMTcyLDcgKzE3Myw0MiBAQCBzdGF0 aWMgdm9pZCBzeW5jX2NhY2hlKGNvbnN0IHZvaWQgKmFkZHIsCiAKICAgICBh ZGRyIC09ICh1bnNpZ25lZCBsb25nKWFkZHIgJiAoY2xmbHVzaF9zaXplIC0g MSk7CiAgICAgZm9yICggOyBhZGRyIDwgZW5kOyBhZGRyICs9IGNsZmx1c2hf c2l6ZSApCi0gICAgICAgIGNhY2hlbGluZV9mbHVzaCgoY2hhciAqKWFkZHIp OworLyoKKyAqIFRoZSBhcmd1bWVudHMgdG8gYSBtYWNybyBtdXN0IG5vdCBp bmNsdWRlIHByZXByb2Nlc3NvciBkaXJlY3RpdmVzLiBEb2luZyBzbworICog cmVzdWx0cyBpbiB1bmRlZmluZWQgYmVoYXZpb3IsIHNvIHdlIGhhdmUgdG8g Y3JlYXRlIHNvbWUgZGVmaW5lcyBoZXJlIGluCisgKiBvcmRlciB0byBhdm9p ZCBpdC4KKyAqLworI2lmIGRlZmluZWQoSEFWRV9BU19DTFdCKQorIyBkZWZp bmUgQ0xXQl9FTkNPRElORyAiY2x3YiAlW3BdIgorI2VsaWYgZGVmaW5lZChI QVZFX0FTX1hTQVZFT1BUKQorIyBkZWZpbmUgQ0xXQl9FTkNPRElORyAiZGF0 YTE2IHhzYXZlb3B0ICVbcF0iIC8qIGNsd2IgKi8KKyNlbHNlCisjIGRlZmlu ZSBDTFdCX0VOQ09ESU5HICIuYnl0ZSAweDY2LCAweDBmLCAweGFlLCAweDMw IiAvKiBjbHdiICglJXJheCkgKi8KKyNlbmRpZgorCisjZGVmaW5lIEJBU0Vf SU5QVVQoYWRkcikgW3BdICJtIiAoKihjb25zdCBjaGFyICopKGFkZHIpKQor I2lmIGRlZmluZWQoSEFWRV9BU19DTFdCKSB8fCBkZWZpbmVkKEhBVkVfQVNf WFNBVkVPUFQpCisjIGRlZmluZSBJTlBVVCBCQVNFX0lOUFVUCisjZWxzZQor IyBkZWZpbmUgSU5QVVQoYWRkcikgImEiIChhZGRyKSwgQkFTRV9JTlBVVChh ZGRyKQorI2VuZGlmCisgICAgICAgIC8qCisgICAgICAgICAqIE5vdGUgcmVn YXJkaW5nIHRoZSB1c2Ugb2YgTk9QX0RTX1BSRUZJWDogaXQncyBmYXN0ZXIg dG8gZG8gYSBjbGZsdXNoCisgICAgICAgICAqICsgcHJlZml4IHRoYW4gYSBj bGZsdXNoICsgbm9wLCBhbmQgaGVuY2UgdGhlIHByZWZpeCBpcyBhZGRlZCBp bnN0ZWFkCisgICAgICAgICAqIG9mIGxldHRpbmcgdGhlIGFsdGVybmF0aXZl IGZyYW1ld29yayBmaWxsIHRoZSBnYXAgYnkgYXBwZW5kaW5nIG5vcHMuCisg ICAgICAgICAqLworICAgICAgICBhbHRlcm5hdGl2ZV9pb18yKCIuYnl0ZSAi IF9fc3RyaW5naWZ5KE5PUF9EU19QUkVGSVgpICI7IGNsZmx1c2ggJVtwXSIs CisgICAgICAgICAgICAgICAgICAgICAgICAgImRhdGExNiBjbGZsdXNoICVb cF0iLCAvKiBjbGZsdXNob3B0ICovCisgICAgICAgICAgICAgICAgICAgICAg ICAgWDg2X0ZFQVRVUkVfQ0xGTFVTSE9QVCwKKyAgICAgICAgICAgICAgICAg ICAgICAgICBDTFdCX0VOQ09ESU5HLAorICAgICAgICAgICAgICAgICAgICAg ICAgIFg4Nl9GRUFUVVJFX0NMV0IsIC8qIG5vIG91dHB1dHMgKi8sCisgICAg ICAgICAgICAgICAgICAgICAgICAgSU5QVVQoYWRkcikpOworI3VuZGVmIElO UFVUCisjdW5kZWYgQkFTRV9JTlBVVAorI3VuZGVmIENMV0JfRU5DT0RJTkcK KworICAgIGFsdGVybmF0aXZlXzIoIiIsICJzZmVuY2UiLCBYODZfRkVBVFVS RV9DTEZMVVNIT1BULAorICAgICAgICAgICAgICAgICAgICAgICJzZmVuY2Ui LCBYODZfRkVBVFVSRV9DTFdCKTsKIH0KIAogLyogQWxsb2NhdGUgcGFnZSB0 YWJsZSwgcmV0dXJuIGl0cyBtYWNoaW5lIGFkZHJlc3MgKi8KLS0tIGEveGVu L2RyaXZlcnMvcGFzc3Rocm91Z2gvdnRkL3g4Ni92dGQuYworKysgYi94ZW4v ZHJpdmVycy9wYXNzdGhyb3VnaC92dGQveDg2L3Z0ZC5jCkBAIC01MywxMSAr NTMsNiBAQCB1bnNpZ25lZCBpbnQgZ2V0X2NhY2hlX2xpbmVfc2l6ZSh2b2lk KQogICAgIHJldHVybiAoKGNwdWlkX2VieCgxKSA+PiA4KSAmIDB4ZmYpICog ODsKIH0KIAotdm9pZCBjYWNoZWxpbmVfZmx1c2goY2hhciAqIGFkZHIpCi17 Ci0gICAgY2xmbHVzaChhZGRyKTsKLX0KLQogdm9pZCBmbHVzaF9hbGxfY2Fj aGUoKQogewogICAgIHdiaW52ZCgpOwo= --=separator Content-Type: application/octet-stream; name="xsa321/xsa321-4.11-7.patch" Content-Disposition: attachment; filename="xsa321/xsa321-4.11-7.patch" Content-Transfer-Encoding: base64 RnJvbTogPHNlY3VyaXR5QHhlbnByb2plY3Qub3JnPgpTdWJqZWN0OiB4ODYv ZXB0OiBmbHVzaCBjYWNoZSB3aGVuIG1vZGlmeWluZyBQVEVzIGFuZCBzaGFy aW5nIHBhZ2UgdGFibGVzCgpNb2RpZmljYXRpb25zIG1hZGUgdG8gdGhlIHBh Z2UgdGFibGVzIGJ5IEVQVCBjb2RlIG5lZWQgdG8gYmUgd3JpdHRlbgp0byBt ZW1vcnkgd2hlbiB0aGUgcGFnZSB0YWJsZXMgYXJlIHNoYXJlZCB3aXRoIHRo ZSBJT01NVSwgYXMgSW50ZWwKSU9NTVVzIGNhbiBiZSBub24tY29oZXJlbnQg YW5kIHRodXMgcmVxdWlyZSBjaGFuZ2VzIHRvIGJlIHdyaXR0ZW4gdG8KbWVt b3J5IGluIG9yZGVyIHRvIGJlIHZpc2libGUgdG8gdGhlIElPTU1VLgoKSW4g b3JkZXIgdG8gYWNoaWV2ZSB0aGlzIG1ha2Ugc3VyZSBkYXRhIGlzIHdyaXR0 ZW4gYmFjayB0byBtZW1vcnkKYWZ0ZXIgd3JpdGluZyBhbiBFUFQgZW50cnkg d2hlbiB0aGUgcmVjYWxjIGJpdCBpcyBub3Qgc2V0IGluCmF0b21pY193cml0 ZV9lcHRfZW50cnkuIElmIHN1Y2ggYml0IGlzIHNldCwgdGhlIGVudHJ5IHdp bGwgYmUKYWRqdXN0ZWQgYW5kIGF0b21pY193cml0ZV9lcHRfZW50cnkgd2ls bCBiZSBjYWxsZWQgYSBzZWNvbmQgdGltZQp3aXRob3V0IHRoZSByZWNhbGMg Yml0IHNldC4gTm90ZSB0aGF0IHdoZW4gc3BsaXR0aW5nIGEgc3VwZXIgcGFn ZSB0aGUKbmV3IHRhYmxlcyByZXN1bHRpbmcgb2YgdGhlIHNwbGl0IHNob3Vs ZCBhbHNvIGJlIHdyaXR0ZW4gYmFjay4KCkZhaWx1cmUgdG8gZG8gc28gY2Fu IGFsbG93IGRldmljZXMgYmVoaW5kIHRoZSBJT01NVSBhY2Nlc3MgdG8gdGhl CnN0YWxlIHN1cGVyIHBhZ2UsIG9yIGNhdXNlIGNvaGVyZW5jeSBpc3N1ZXMg YXMgY2hhbmdlcyBtYWRlIGJ5IHRoZQpwcm9jZXNzb3IgdG8gdGhlIHBhZ2Ug dGFibGVzIGFyZSBub3QgdmlzaWJsZSB0byB0aGUgSU9NTVUuCgpUaGlzIGFs bG93cyB0byByZW1vdmUgdGhlIFZULWQgc3BlY2lmaWMgaW9tbXVfcHRlX2Zs dXNoIGhlbHBlciwgc2luY2UKdGhlIGNhY2hlIHdyaXRlIGJhY2sgaXMgbm93 IHBlcmZvcm1lZCBieSBhdG9taWNfd3JpdGVfZXB0X2VudHJ5LCBhbmQKaGVu Y2UgaW9tbXVfaW90bGJfZmx1c2ggY2FuIGJlIHVzZWQgdG8gZmx1c2ggdGhl IElPTU1VIFRMQi4gVGhlIG5ld2x5CnVzZWQgbWV0aG9kIChpb21tdV9pb3Rs Yl9mbHVzaCkgY2FuIHJlc3VsdCBpbiBsZXNzIGZsdXNoZXMsIHNpbmNlIGl0 Cm1pZ2h0IHNvbWV0aW1lcyBiZSBjYWxsZWQgcmlnaHRseSB3aXRoIDAgZmxh Z3MsIGluIHdoaWNoIGNhc2UgaXQKYmVjb21lcyBhIG5vLW9wLgoKVGhpcyBp cyBwYXJ0IG9mIFhTQS0zMjEuCgpSZXZpZXdlZC1ieTogSmFuIEJldWxpY2gg PGpiZXVsaWNoQHN1c2UuY29tPgoKLS0tIGEveGVuL2FyY2gveDg2L21tL3Ay bS1lcHQuYworKysgYi94ZW4vYXJjaC94ODYvbW0vcDJtLWVwdC5jCkBAIC05 MCw2ICs5MCwxOSBAQCBzdGF0aWMgaW50IGF0b21pY193cml0ZV9lcHRfZW50 cnkoZXB0X2VuCiAKICAgICB3cml0ZV9hdG9taWMoJmVudHJ5cHRyLT5lcHRl LCBuZXcuZXB0ZSk7CiAKKyAgICAvKgorICAgICAqIFRoZSByZWNhbGMgZmll bGQgb24gdGhlIEVQVCBpcyB1c2VkIHRvIHNpZ25hbCBlaXRoZXIgdGhhdCBh CisgICAgICogcmVjYWxjdWxhdGlvbiBvZiB0aGUgRU1UIGZpZWxkIGlzIHJl cXVpcmVkICh3aGljaCBkb2Vzbid0IGVmZmVjdCB0aGUKKyAgICAgKiBJT01N VSksIG9yIGEgdHlwZSBjaGFuZ2UuIFR5cGUgY2hhbmdlcyBjYW4gb25seSBi ZSBiZXR3ZWVuIHJhbV9ydywKKyAgICAgKiBsb2dkaXJ0eSBhbmQgaW9yZXFf c2VydmVyOiBjaGFuZ2VzIHRvL2Zyb20gbG9nZGlydHkgd29uJ3Qgd29yayB3 ZWxsIHdpdGgKKyAgICAgKiBhbiBJT01NVSBhbnl3YXksIGFzIElPTU1VICNQ RnMgYXJlIG5vdCBzeW5jaHJvbm91cyBhbmQgd2lsbCBsZWFkIHRvCisgICAg ICogYWJvcnRzLCBhbmQgY2hhbmdlcyB0by9mcm9tIGlvcmVxX3NlcnZlciBh cmUgYWxyZWFkeSBmdWxseSBmbHVzaGVkCisgICAgICogYmVmb3JlIHJldHVy bmluZyB0byBndWVzdCBjb250ZXh0IChzZWUKKyAgICAgKiBYRU5fRE1PUF9t YXBfbWVtX3R5cGVfdG9faW9yZXFfc2VydmVyKS4KKyAgICAgKi8KKyAgICBp ZiAoICFuZXcucmVjYWxjICYmIGlvbW11X2hhcF9wdF9zaGFyZSApCisgICAg ICAgIGlvbW11X3N5bmNfY2FjaGUoZW50cnlwdHIsIHNpemVvZigqZW50cnlw dHIpKTsKKwogICAgIGlmICggdW5saWtlbHkob2xkbWZuICE9IG1mbl94KElO VkFMSURfTUZOKSkgKQogICAgICAgICBwdXRfcGFnZShtZm5fdG9fcGFnZShf bWZuKG9sZG1mbikpKTsKIApAQCAtMzE5LDYgKzMzMiw5IEBAIHN0YXRpYyBi b29sX3QgZXB0X3NwbGl0X3N1cGVyX3BhZ2Uoc3RydWMKICAgICAgICAgICAg IGJyZWFrOwogICAgIH0KIAorICAgIGlmICggaW9tbXVfaGFwX3B0X3NoYXJl ICkKKyAgICAgICAgaW9tbXVfc3luY19jYWNoZSh0YWJsZSwgRVBUX1BBR0VU QUJMRV9FTlRSSUVTICogc2l6ZW9mKGVwdF9lbnRyeV90KSk7CisKICAgICB1 bm1hcF9kb21haW5fcGFnZSh0YWJsZSk7CiAKICAgICAvKiBFdmVuIGZhaWxl ZCB3ZSBzaG91bGQgaW5zdGFsbCB0aGUgbmV3bHkgYWxsb2NhdGVkIGVwdCBw YWdlLiAqLwpAQCAtMzc4LDYgKzM5NCw5IEBAIHN0YXRpYyBpbnQgZXB0X25l eHRfbGV2ZWwoc3RydWN0IHAybV9kb20KICAgICAgICAgaWYgKCAhbmV4dCAp CiAgICAgICAgICAgICByZXR1cm4gR1VFU1RfVEFCTEVfTUFQX0ZBSUxFRDsK IAorICAgICAgICBpZiAoIGlvbW11X2hhcF9wdF9zaGFyZSApCisgICAgICAg ICAgICBpb21tdV9zeW5jX2NhY2hlKG5leHQsIEVQVF9QQUdFVEFCTEVfRU5U UklFUyAqIHNpemVvZihlcHRfZW50cnlfdCkpOworCiAgICAgICAgIHJjID0g YXRvbWljX3dyaXRlX2VwdF9lbnRyeShlcHRfZW50cnksIGUsIG5leHRfbGV2 ZWwpOwogICAgICAgICBBU1NFUlQocmMgPT0gMCk7CiAgICAgfQpAQCAtODc1 LDcgKzg5NCw3IEBAIG91dDoKICAgICAgICAgIG5lZWRfbW9kaWZ5X3Z0ZF90 YWJsZSApCiAgICAgewogICAgICAgICBpZiAoIGlvbW11X2hhcF9wdF9zaGFy ZSApCi0gICAgICAgICAgICByYyA9IGlvbW11X3B0ZV9mbHVzaChkLCBnZm4s ICZlcHRfZW50cnktPmVwdGUsIG9yZGVyLCB2dGRfcHRlX3ByZXNlbnQpOwor ICAgICAgICAgICAgcmMgPSBpb21tdV9mbHVzaF9pb3RsYihkLCBnZm4sIHZ0 ZF9wdGVfcHJlc2VudCwgMXUgPDwgb3JkZXIpOwogICAgICAgICBlbHNlCiAg ICAgICAgIHsKICAgICAgICAgICAgIGlmICggaW9tbXVfZmxhZ3MgKQotLS0g YS94ZW4vZHJpdmVycy9wYXNzdGhyb3VnaC92dGQvaW9tbXUuYworKysgYi94 ZW4vZHJpdmVycy9wYXNzdGhyb3VnaC92dGQvaW9tbXUuYwpAQCAtNjEyLDEw ICs2MTIsOCBAQCBzdGF0aWMgaW50IF9fbXVzdF9jaGVjayBpb21tdV9mbHVz aF9hbGwoCiAgICAgcmV0dXJuIHJjOwogfQogCi1zdGF0aWMgaW50IF9fbXVz dF9jaGVjayBpb21tdV9mbHVzaF9pb3RsYihzdHJ1Y3QgZG9tYWluICpkLAot ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgdW5z aWduZWQgbG9uZyBnZm4sCi0gICAgICAgICAgICAgICAgICAgICAgICAgICAg ICAgICAgICAgICAgICBib29sX3QgZG1hX29sZF9wdGVfcHJlc2VudCwKLSAg ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIHVuc2ln bmVkIGludCBwYWdlX2NvdW50KQoraW50IGlvbW11X2ZsdXNoX2lvdGxiKHN0 cnVjdCBkb21haW4gKmQsIHVuc2lnbmVkIGxvbmcgZ2ZuLAorICAgICAgICAg ICAgICAgICAgICAgIGJvb2wgZG1hX29sZF9wdGVfcHJlc2VudCwgdW5zaWdu ZWQgaW50IHBhZ2VfY291bnQpCiB7CiAgICAgc3RydWN0IGRvbWFpbl9pb21t dSAqaGQgPSBkb21faW9tbXUoZCk7CiAgICAgc3RydWN0IGFjcGlfZHJoZF91 bml0ICpkcmhkOwpAQCAtMTg4MCw1MyArMTg3OCw2IEBAIHN0YXRpYyBpbnQg X19tdXN0X2NoZWNrIGludGVsX2lvbW11X3VubWEKICAgICByZXR1cm4gZG1h X3B0ZV9jbGVhcl9vbmUoZCwgKHBhZGRyX3QpZ2ZuIDw8IFBBR0VfU0hJRlRf NEspOwogfQogCi1pbnQgaW9tbXVfcHRlX2ZsdXNoKHN0cnVjdCBkb21haW4g KmQsIHU2NCBnZm4sIHU2NCAqcHRlLAotICAgICAgICAgICAgICAgICAgICBp bnQgb3JkZXIsIGludCBwcmVzZW50KQotewotICAgIHN0cnVjdCBhY3BpX2Ry aGRfdW5pdCAqZHJoZDsKLSAgICBzdHJ1Y3QgaW9tbXUgKmlvbW11ID0gTlVM TDsKLSAgICBzdHJ1Y3QgZG9tYWluX2lvbW11ICpoZCA9IGRvbV9pb21tdShk KTsKLSAgICBib29sX3QgZmx1c2hfZGV2X2lvdGxiOwotICAgIGludCBpb21t dV9kb21pZDsKLSAgICBpbnQgcmMgPSAwOwotCi0gICAgaW9tbXVfc3luY19j YWNoZShwdGUsIHNpemVvZihzdHJ1Y3QgZG1hX3B0ZSkpOwotCi0gICAgZm9y X2VhY2hfZHJoZF91bml0ICggZHJoZCApCi0gICAgewotICAgICAgICBpb21t dSA9IGRyaGQtPmlvbW11OwotICAgICAgICBpZiAoICF0ZXN0X2JpdChpb21t dS0+aW5kZXgsICZoZC0+YXJjaC5pb21tdV9iaXRtYXApICkKLSAgICAgICAg ICAgIGNvbnRpbnVlOwotCi0gICAgICAgIGZsdXNoX2Rldl9pb3RsYiA9ICEh ZmluZF9hdHNfZGV2X2RyaGQoaW9tbXUpOwotICAgICAgICBpb21tdV9kb21p ZD0gZG9tYWluX2lvbW11X2RvbWlkKGQsIGlvbW11KTsKLSAgICAgICAgaWYg KCBpb21tdV9kb21pZCA9PSAtMSApCi0gICAgICAgICAgICBjb250aW51ZTsK LQotICAgICAgICByYyA9IGlvbW11X2ZsdXNoX2lvdGxiX3BzaShpb21tdSwg aW9tbXVfZG9taWQsCi0gICAgICAgICAgICAgICAgICAgICAgICAgICAgICAg ICAgIChwYWRkcl90KWdmbiA8PCBQQUdFX1NISUZUXzRLLAotICAgICAgICAg ICAgICAgICAgICAgICAgICAgICAgICAgICBvcmRlciwgIXByZXNlbnQsIGZs dXNoX2Rldl9pb3RsYik7Ci0gICAgICAgIGlmICggcmMgPiAwICkKLSAgICAg ICAgewotICAgICAgICAgICAgaW9tbXVfZmx1c2hfd3JpdGVfYnVmZmVyKGlv bW11KTsKLSAgICAgICAgICAgIHJjID0gMDsKLSAgICAgICAgfQotICAgIH0K LQotICAgIGlmICggdW5saWtlbHkocmMpICkKLSAgICB7Ci0gICAgICAgIGlm ICggIWQtPmlzX3NodXR0aW5nX2Rvd24gJiYgcHJpbnRrX3JhdGVsaW1pdCgp ICkKLSAgICAgICAgICAgIHByaW50ayhYRU5MT0dfRVJSIFZURFBSRUZJWAot ICAgICAgICAgICAgICAgICAgICIgZCVkOiBJT01NVSBwYWdlcyBmbHVzaCBm YWlsZWQ6ICVkXG4iLAotICAgICAgICAgICAgICAgICAgIGQtPmRvbWFpbl9p ZCwgcmMpOwotCi0gICAgICAgIGlmICggIWlzX2hhcmR3YXJlX2RvbWFpbihk KSApCi0gICAgICAgICAgICBkb21haW5fY3Jhc2goZCk7Ci0gICAgfQotCi0g ICAgcmV0dXJuIHJjOwotfQotCiBzdGF0aWMgaW50IF9faW5pdCB2dGRfZXB0 X3BhZ2VfY29tcGF0aWJsZShzdHJ1Y3QgaW9tbXUgKmlvbW11KQogewogICAg IHU2NCBlcHRfY2FwLCB2dGRfY2FwID0gaW9tbXUtPmNhcDsKLS0tIGEveGVu L2luY2x1ZGUvYXNtLXg4Ni9pb21tdS5oCisrKyBiL3hlbi9pbmNsdWRlL2Fz bS14ODYvaW9tbXUuaApAQCAtODcsOCArODcsOSBAQCBpbnQgaW9tbXVfc2V0 dXBfaHBldF9tc2koc3RydWN0IG1zaV9kZXNjCiAKIC8qIFdoaWxlIFZULWQg c3BlY2lmaWMsIHRoaXMgbXVzdCBnZXQgZGVjbGFyZWQgaW4gYSBnZW5lcmlj IGhlYWRlci4gKi8KIGludCBhZGp1c3RfdnRkX2lycV9hZmZpbml0aWVzKHZv aWQpOwotaW50IF9fbXVzdF9jaGVjayBpb21tdV9wdGVfZmx1c2goc3RydWN0 IGRvbWFpbiAqZCwgdTY0IGdmbiwgdTY0ICpwdGUsCi0gICAgICAgICAgICAg ICAgICAgICAgICAgICAgICAgICBpbnQgb3JkZXIsIGludCBwcmVzZW50KTsK K2ludCBfX211c3RfY2hlY2sgaW9tbXVfZmx1c2hfaW90bGIoc3RydWN0IGRv bWFpbiAqZCwgdW5zaWduZWQgbG9uZyBnZm4sCisgICAgICAgICAgICAgICAg ICAgICAgICAgICAgICAgICAgIGJvb2wgZG1hX29sZF9wdGVfcHJlc2VudCwK KyAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgdW5zaWduZWQg aW50IHBhZ2VfY291bnQpOwogYm9vbF90IGlvbW11X3N1cHBvcnRzX2VpbSh2 b2lkKTsKIGludCBpb21tdV9lbmFibGVfeDJhcGljX0lSKHZvaWQpOwogdm9p ZCBpb21tdV9kaXNhYmxlX3gyYXBpY19JUih2b2lkKTsK --=separator Content-Type: application/octet-stream; name="xsa321/xsa321-4.12-1.patch" Content-Disposition: attachment; filename="xsa321/xsa321-4.12-1.patch" Content-Transfer-Encoding: base64 RnJvbTogSmFuIEJldWxpY2ggPGpiZXVsaWNoQHN1c2UuY29tPgpTdWJqZWN0 OiB2dGQ6IGltcHJvdmUgSU9NTVUgVExCIGZsdXNoCgpEbyBub3QgbGltaXQg UFNJIGZsdXNoZXMgdG8gb3JkZXIgMCBwYWdlcywgaW4gb3JkZXIgdG8gYXZv aWQgZG9pbmcgYQpmdWxsIFRMQiBmbHVzaCBpZiB0aGUgcGFzc2VkIGluIHBh Z2UgaGFzIGFuIG9yZGVyIGdyZWF0ZXIgdGhhbiAwIGFuZAppcyBhbGlnbmVk LiBTaG91bGQgaW5jcmVhc2UgdGhlIHBlcmZvcm1hbmNlIG9mIElPTU1VIFRM QiBmbHVzaGVzIHdoZW4KZGVhbGluZyB3aXRoIHBhZ2Ugb3JkZXJzIGdyZWF0 ZXIgdGhhbiAwLgoKVGhpcyBpcyBwYXJ0IG9mIFhTQS0zMjEuCgpTaWduZWQt b2ZmLWJ5OiBKYW4gQmV1bGljaCA8amJldWxpY2hAc3VzZS5jb20+CgotLS0g YS94ZW4vZHJpdmVycy9wYXNzdGhyb3VnaC92dGQvaW9tbXUuYworKysgYi94 ZW4vZHJpdmVycy9wYXNzdGhyb3VnaC92dGQvaW9tbXUuYwpAQCAtNjExLDEz ICs2MTEsMTQgQEAgc3RhdGljIGludCBfX211c3RfY2hlY2sgaW9tbXVfZmx1 c2hfaW90bAogICAgICAgICBpZiAoIGlvbW11X2RvbWlkID09IC0xICkKICAg ICAgICAgICAgIGNvbnRpbnVlOwogCi0gICAgICAgIGlmICggcGFnZV9jb3Vu dCAhPSAxIHx8IGRmbl9lcShkZm4sIElOVkFMSURfREZOKSApCisgICAgICAg IGlmICggIXBhZ2VfY291bnQgfHwgKHBhZ2VfY291bnQgJiAocGFnZV9jb3Vu dCAtIDEpKSB8fAorICAgICAgICAgICAgIGRmbl9lcShkZm4sIElOVkFMSURf REZOKSB8fCAhSVNfQUxJR05FRChkZm5feChkZm4pLCBwYWdlX2NvdW50KSAp CiAgICAgICAgICAgICByYyA9IGlvbW11X2ZsdXNoX2lvdGxiX2RzaShpb21t dSwgaW9tbXVfZG9taWQsCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAg ICAgICAgICAgICAwLCBmbHVzaF9kZXZfaW90bGIpOwogICAgICAgICBlbHNl CiAgICAgICAgICAgICByYyA9IGlvbW11X2ZsdXNoX2lvdGxiX3BzaShpb21t dSwgaW9tbXVfZG9taWQsCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAg ICAgICAgICAgICBkZm5fdG9fZGFkZHIoZGZuKSwKLSAgICAgICAgICAgICAg ICAgICAgICAgICAgICAgICAgICAgICAgIFBBR0VfT1JERVJfNEssCisgICAg ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICBnZXRfb3JkZXJf ZnJvbV9wYWdlcyhwYWdlX2NvdW50KSwKICAgICAgICAgICAgICAgICAgICAg ICAgICAgICAgICAgICAgICAgICFkbWFfb2xkX3B0ZV9wcmVzZW50LAogICAg ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgZmx1c2hfZGV2 X2lvdGxiKTsKIAo= --=separator Content-Type: application/octet-stream; name="xsa321/xsa321-4.12-2.patch" Content-Disposition: attachment; filename="xsa321/xsa321-4.12-2.patch" Content-Transfer-Encoding: base64 RnJvbTogPHNlY3VyaXR5QHhlbnByb2plY3Qub3JnPgpTdWJqZWN0OiB2dGQ6 IHBydW5lIChhbmQgcmVuYW1lKSBjYWNoZSBmbHVzaCBmdW5jdGlvbnMKClJl bmFtZSBfX2lvbW11X2ZsdXNoX2NhY2hlIHRvIGlvbW11X3N5bmNfY2FjaGUg YW5kIHJlbW92ZQppb21tdV9mbHVzaF9jYWNoZV9wYWdlLiBBbHNvIHJlbW92 ZSB0aGUgaW9tbXVfZmx1c2hfY2FjaGVfZW50cnkKd3JhcHBlciBhbmQganVz dCB1c2UgaW9tbXVfc3luY19jYWNoZSBpbnN0ZWFkLiBOb3RlIHRoZSBfZW50 cnkgc3VmZml4CndhcyBtZWFuaW5nbGVzcyBhcyB0aGUgd3JhcHBlciB3YXMg YWxyZWFkeSB0YWtpbmcgYSBzaXplIHBhcmFtZXRlciBpbgpieXRlcy4gV2hp bGUgdGhlcmUgYWxzbyBjb25zdGlmeSB0aGUgYWRkciBwYXJhbWV0ZXIuCgpO byBmdW5jdGlvbmFsIGNoYW5nZSBpbnRlbmRlZC4KClRoaXMgaXMgcGFydCBv ZiBYU0EtMzIxLgoKUmV2aWV3ZWQtYnk6IEphbiBCZXVsaWNoIDxqYmV1bGlj aEBzdXNlLmNvbT4KCi0tLSBhL3hlbi9kcml2ZXJzL3Bhc3N0aHJvdWdoL3Z0 ZC9leHRlcm4uaAorKysgYi94ZW4vZHJpdmVycy9wYXNzdGhyb3VnaC92dGQv ZXh0ZXJuLmgKQEAgLTM4LDggKzM4LDcgQEAgdm9pZCBkaXNhYmxlX3FpbnZh bChzdHJ1Y3QgaW9tbXUgKmlvbW11KQogaW50IGVuYWJsZV9pbnRyZW1hcChz dHJ1Y3QgaW9tbXUgKmlvbW11LCBpbnQgZWltKTsKIHZvaWQgZGlzYWJsZV9p bnRyZW1hcChzdHJ1Y3QgaW9tbXUgKmlvbW11KTsKIAotdm9pZCBpb21tdV9m bHVzaF9jYWNoZV9lbnRyeSh2b2lkICphZGRyLCB1bnNpZ25lZCBpbnQgc2l6 ZSk7Ci12b2lkIGlvbW11X2ZsdXNoX2NhY2hlX3BhZ2Uodm9pZCAqYWRkciwg dW5zaWduZWQgbG9uZyBucGFnZXMpOwordm9pZCBpb21tdV9zeW5jX2NhY2hl KGNvbnN0IHZvaWQgKmFkZHIsIHVuc2lnbmVkIGludCBzaXplKTsKIGludCBp b21tdV9hbGxvYyhzdHJ1Y3QgYWNwaV9kcmhkX3VuaXQgKmRyaGQpOwogdm9p ZCBpb21tdV9mcmVlKHN0cnVjdCBhY3BpX2RyaGRfdW5pdCAqZHJoZCk7CiAK LS0tIGEveGVuL2RyaXZlcnMvcGFzc3Rocm91Z2gvdnRkL2ludHJlbWFwLmMK KysrIGIveGVuL2RyaXZlcnMvcGFzc3Rocm91Z2gvdnRkL2ludHJlbWFwLmMK QEAgLTIzMSw3ICsyMzEsNyBAQCBzdGF0aWMgdm9pZCBmcmVlX3JlbWFwX2Vu dHJ5KHN0cnVjdCBpb21tCiAgICAgICAgICAgICAgICAgICAgICBpcmVtYXBf ZW50cmllcywgaXJlbWFwX2VudHJ5KTsKIAogICAgIHVwZGF0ZV9pcnRlKGlv bW11LCBpcmVtYXBfZW50cnksICZuZXdfaXJlLCBmYWxzZSk7Ci0gICAgaW9t bXVfZmx1c2hfY2FjaGVfZW50cnkoaXJlbWFwX2VudHJ5LCBzaXplb2YoKmly ZW1hcF9lbnRyeSkpOworICAgIGlvbW11X3N5bmNfY2FjaGUoaXJlbWFwX2Vu dHJ5LCBzaXplb2YoKmlyZW1hcF9lbnRyeSkpOwogICAgIGlvbW11X2ZsdXNo X2llY19pbmRleChpb21tdSwgMCwgaW5kZXgpOwogCiAgICAgdW5tYXBfdnRk X2RvbWFpbl9wYWdlKGlyZW1hcF9lbnRyaWVzKTsKQEAgLTQwMyw3ICs0MDMs NyBAQCBzdGF0aWMgaW50IGlvYXBpY19ydGVfdG9fcmVtYXBfZW50cnkoc3Ry CiAgICAgfQogCiAgICAgdXBkYXRlX2lydGUoaW9tbXUsIGlyZW1hcF9lbnRy eSwgJm5ld19pcmUsICFpbml0KTsKLSAgICBpb21tdV9mbHVzaF9jYWNoZV9l bnRyeShpcmVtYXBfZW50cnksIHNpemVvZigqaXJlbWFwX2VudHJ5KSk7Cisg ICAgaW9tbXVfc3luY19jYWNoZShpcmVtYXBfZW50cnksIHNpemVvZigqaXJl bWFwX2VudHJ5KSk7CiAgICAgaW9tbXVfZmx1c2hfaWVjX2luZGV4KGlvbW11 LCAwLCBpbmRleCk7CiAKICAgICB1bm1hcF92dGRfZG9tYWluX3BhZ2UoaXJl bWFwX2VudHJpZXMpOwpAQCAtNjk0LDcgKzY5NCw3IEBAIHN0YXRpYyBpbnQg bXNpX21zZ190b19yZW1hcF9lbnRyeSgKICAgICB1cGRhdGVfaXJ0ZShpb21t dSwgaXJlbWFwX2VudHJ5LCAmbmV3X2lyZSwgbXNpX2Rlc2MtPmlydGVfaW5p dGlhbGl6ZWQpOwogICAgIG1zaV9kZXNjLT5pcnRlX2luaXRpYWxpemVkID0g dHJ1ZTsKIAotICAgIGlvbW11X2ZsdXNoX2NhY2hlX2VudHJ5KGlyZW1hcF9l bnRyeSwgc2l6ZW9mKCppcmVtYXBfZW50cnkpKTsKKyAgICBpb21tdV9zeW5j X2NhY2hlKGlyZW1hcF9lbnRyeSwgc2l6ZW9mKCppcmVtYXBfZW50cnkpKTsK ICAgICBpb21tdV9mbHVzaF9pZWNfaW5kZXgoaW9tbXUsIDAsIGluZGV4KTsK IAogICAgIHVubWFwX3Z0ZF9kb21haW5fcGFnZShpcmVtYXBfZW50cmllcyk7 Ci0tLSBhL3hlbi9kcml2ZXJzL3Bhc3N0aHJvdWdoL3Z0ZC9pb21tdS5jCisr KyBiL3hlbi9kcml2ZXJzL3Bhc3N0aHJvdWdoL3Z0ZC9pb21tdS5jCkBAIC0x NTgsNyArMTU4LDggQEAgc3RhdGljIHZvaWQgX19pbml0IGZyZWVfaW50ZWxf aW9tbXUoc3RydQogfQogCiBzdGF0aWMgaW50IGlvbW11c19pbmNvaGVyZW50 Owotc3RhdGljIHZvaWQgX19pb21tdV9mbHVzaF9jYWNoZSh2b2lkICphZGRy LCB1bnNpZ25lZCBpbnQgc2l6ZSkKKwordm9pZCBpb21tdV9zeW5jX2NhY2hl KGNvbnN0IHZvaWQgKmFkZHIsIHVuc2lnbmVkIGludCBzaXplKQogewogICAg IGludCBpOwogICAgIHN0YXRpYyB1bnNpZ25lZCBpbnQgY2xmbHVzaF9zaXpl ID0gMDsKQEAgLTE3MywxNiArMTc0LDYgQEAgc3RhdGljIHZvaWQgX19pb21t dV9mbHVzaF9jYWNoZSh2b2lkICphZAogICAgICAgICBjYWNoZWxpbmVfZmx1 c2goKGNoYXIgKilhZGRyICsgaSk7CiB9CiAKLXZvaWQgaW9tbXVfZmx1c2hf Y2FjaGVfZW50cnkodm9pZCAqYWRkciwgdW5zaWduZWQgaW50IHNpemUpCi17 Ci0gICAgX19pb21tdV9mbHVzaF9jYWNoZShhZGRyLCBzaXplKTsKLX0KLQot dm9pZCBpb21tdV9mbHVzaF9jYWNoZV9wYWdlKHZvaWQgKmFkZHIsIHVuc2ln bmVkIGxvbmcgbnBhZ2VzKQotewotICAgIF9faW9tbXVfZmx1c2hfY2FjaGUo YWRkciwgUEFHRV9TSVpFICogbnBhZ2VzKTsKLX0KLQogLyogQWxsb2NhdGUg cGFnZSB0YWJsZSwgcmV0dXJuIGl0cyBtYWNoaW5lIGFkZHJlc3MgKi8KIHU2 NCBhbGxvY19wZ3RhYmxlX21hZGRyKHN0cnVjdCBhY3BpX2RyaGRfdW5pdCAq ZHJoZCwgdW5zaWduZWQgbG9uZyBucGFnZXMpCiB7CkBAIC0yMDcsNyArMTk4 LDcgQEAgdTY0IGFsbG9jX3BndGFibGVfbWFkZHIoc3RydWN0IGFjcGlfZHJo ZAogICAgICAgICB2YWRkciA9IF9fbWFwX2RvbWFpbl9wYWdlKGN1cl9wZyk7 CiAgICAgICAgIG1lbXNldCh2YWRkciwgMCwgUEFHRV9TSVpFKTsKIAotICAg ICAgICBpb21tdV9mbHVzaF9jYWNoZV9wYWdlKHZhZGRyLCAxKTsKKyAgICAg ICAgaW9tbXVfc3luY19jYWNoZSh2YWRkciwgUEFHRV9TSVpFKTsKICAgICAg ICAgdW5tYXBfZG9tYWluX3BhZ2UodmFkZHIpOwogICAgICAgICBjdXJfcGcr KzsKICAgICB9CkBAIC0yNDIsNyArMjMzLDcgQEAgc3RhdGljIHU2NCBidXNf dG9fY29udGV4dF9tYWRkcihzdHJ1Y3QgaQogICAgICAgICB9CiAgICAgICAg IHNldF9yb290X3ZhbHVlKCpyb290LCBtYWRkcik7CiAgICAgICAgIHNldF9y b290X3ByZXNlbnQoKnJvb3QpOwotICAgICAgICBpb21tdV9mbHVzaF9jYWNo ZV9lbnRyeShyb290LCBzaXplb2Yoc3RydWN0IHJvb3RfZW50cnkpKTsKKyAg ICAgICAgaW9tbXVfc3luY19jYWNoZShyb290LCBzaXplb2Yoc3RydWN0IHJv b3RfZW50cnkpKTsKICAgICB9CiAgICAgbWFkZHIgPSAodTY0KSBnZXRfY29u dGV4dF9hZGRyKCpyb290KTsKICAgICB1bm1hcF92dGRfZG9tYWluX3BhZ2Uo cm9vdF9lbnRyaWVzKTsKQEAgLTMwMCw3ICsyOTEsNyBAQCBzdGF0aWMgdTY0 IGFkZHJfdG9fZG1hX3BhZ2VfbWFkZHIoc3RydWN0CiAgICAgICAgICAgICAg Ki8KICAgICAgICAgICAgIGRtYV9zZXRfcHRlX3JlYWRhYmxlKCpwdGUpOwog ICAgICAgICAgICAgZG1hX3NldF9wdGVfd3JpdGFibGUoKnB0ZSk7Ci0gICAg ICAgICAgICBpb21tdV9mbHVzaF9jYWNoZV9lbnRyeShwdGUsIHNpemVvZihz dHJ1Y3QgZG1hX3B0ZSkpOworICAgICAgICAgICAgaW9tbXVfc3luY19jYWNo ZShwdGUsIHNpemVvZihzdHJ1Y3QgZG1hX3B0ZSkpOwogICAgICAgICB9CiAK ICAgICAgICAgaWYgKCBsZXZlbCA9PSAyICkKQEAgLTY4MSw3ICs2NzIsNyBA QCBzdGF0aWMgaW50IF9fbXVzdF9jaGVjayBkbWFfcHRlX2NsZWFyX29uCiAg ICAgKmZsdXNoX2ZsYWdzIHw9IElPTU1VX0ZMVVNIRl9tb2RpZmllZDsKIAog ICAgIHNwaW5fdW5sb2NrKCZoZC0+YXJjaC5tYXBwaW5nX2xvY2spOwotICAg IGlvbW11X2ZsdXNoX2NhY2hlX2VudHJ5KHB0ZSwgc2l6ZW9mKHN0cnVjdCBk bWFfcHRlKSk7CisgICAgaW9tbXVfc3luY19jYWNoZShwdGUsIHNpemVvZihz dHJ1Y3QgZG1hX3B0ZSkpOwogCiAgICAgdW5tYXBfdnRkX2RvbWFpbl9wYWdl KHBhZ2UpOwogCkBAIC03MjAsNyArNzExLDcgQEAgc3RhdGljIHZvaWQgaW9t bXVfZnJlZV9wYWdlX3RhYmxlKHN0cnVjdAogICAgICAgICAgICAgaW9tbXVf ZnJlZV9wYWdldGFibGUoZG1hX3B0ZV9hZGRyKCpwdGUpLCBuZXh0X2xldmVs KTsKIAogICAgICAgICBkbWFfY2xlYXJfcHRlKCpwdGUpOwotICAgICAgICBp b21tdV9mbHVzaF9jYWNoZV9lbnRyeShwdGUsIHNpemVvZihzdHJ1Y3QgZG1h X3B0ZSkpOworICAgICAgICBpb21tdV9zeW5jX2NhY2hlKHB0ZSwgc2l6ZW9m KHN0cnVjdCBkbWFfcHRlKSk7CiAgICAgfQogCiAgICAgdW5tYXBfdnRkX2Rv bWFpbl9wYWdlKHB0X3ZhZGRyKTsKQEAgLTE0NDksNyArMTQ0MCw3IEBAIGlu dCBkb21haW5fY29udGV4dF9tYXBwaW5nX29uZSgKICAgICBjb250ZXh0X3Nl dF9hZGRyZXNzX3dpZHRoKCpjb250ZXh0LCBhZ2F3KTsKICAgICBjb250ZXh0 X3NldF9mYXVsdF9lbmFibGUoKmNvbnRleHQpOwogICAgIGNvbnRleHRfc2V0 X3ByZXNlbnQoKmNvbnRleHQpOwotICAgIGlvbW11X2ZsdXNoX2NhY2hlX2Vu dHJ5KGNvbnRleHQsIHNpemVvZihzdHJ1Y3QgY29udGV4dF9lbnRyeSkpOwor ICAgIGlvbW11X3N5bmNfY2FjaGUoY29udGV4dCwgc2l6ZW9mKHN0cnVjdCBj b250ZXh0X2VudHJ5KSk7CiAgICAgc3Bpbl91bmxvY2soJmlvbW11LT5sb2Nr KTsKIAogICAgIC8qIENvbnRleHQgZW50cnkgd2FzIHByZXZpb3VzbHkgbm9u LXByZXNlbnQgKHdpdGggZG9taWQgMCkuICovCkBAIC0xNjAyLDcgKzE1OTMs NyBAQCBpbnQgZG9tYWluX2NvbnRleHRfdW5tYXBfb25lKAogCiAgICAgY29u dGV4dF9jbGVhcl9wcmVzZW50KCpjb250ZXh0KTsKICAgICBjb250ZXh0X2Ns ZWFyX2VudHJ5KCpjb250ZXh0KTsKLSAgICBpb21tdV9mbHVzaF9jYWNoZV9l bnRyeShjb250ZXh0LCBzaXplb2Yoc3RydWN0IGNvbnRleHRfZW50cnkpKTsK KyAgICBpb21tdV9zeW5jX2NhY2hlKGNvbnRleHQsIHNpemVvZihzdHJ1Y3Qg Y29udGV4dF9lbnRyeSkpOwogCiAgICAgaW9tbXVfZG9taWQ9IGRvbWFpbl9p b21tdV9kb21pZChkb21haW4sIGlvbW11KTsKICAgICBpZiAoIGlvbW11X2Rv bWlkID09IC0xICkKQEAgLTE4MzcsNyArMTgyOCw3IEBAIHN0YXRpYyBpbnQg X19tdXN0X2NoZWNrIGludGVsX2lvbW11X21hcF8KIAogICAgICpwdGUgPSBu ZXc7CiAKLSAgICBpb21tdV9mbHVzaF9jYWNoZV9lbnRyeShwdGUsIHNpemVv ZihzdHJ1Y3QgZG1hX3B0ZSkpOworICAgIGlvbW11X3N5bmNfY2FjaGUocHRl LCBzaXplb2Yoc3RydWN0IGRtYV9wdGUpKTsKICAgICBzcGluX3VubG9jaygm aGQtPmFyY2gubWFwcGluZ19sb2NrKTsKICAgICB1bm1hcF92dGRfZG9tYWlu X3BhZ2UocGFnZSk7CiAKQEAgLTE5MTIsNyArMTkwMyw3IEBAIGludCBpb21t dV9wdGVfZmx1c2goc3RydWN0IGRvbWFpbiAqZCwgdWkKICAgICBpbnQgaW9t bXVfZG9taWQ7CiAgICAgaW50IHJjID0gMDsKIAotICAgIGlvbW11X2ZsdXNo X2NhY2hlX2VudHJ5KHB0ZSwgc2l6ZW9mKHN0cnVjdCBkbWFfcHRlKSk7Cisg ICAgaW9tbXVfc3luY19jYWNoZShwdGUsIHNpemVvZihzdHJ1Y3QgZG1hX3B0 ZSkpOwogCiAgICAgZm9yX2VhY2hfZHJoZF91bml0ICggZHJoZCApCiAgICAg ewpAQCAtMjc3Nyw3ICsyNzY4LDcgQEAgc3RhdGljIGludCBfX2luaXQgaW50 ZWxfaW9tbXVfcXVhcmFudGluZQogICAgICAgICAgICAgZG1hX3NldF9wdGVf YWRkcigqcHRlLCBtYWRkcik7CiAgICAgICAgICAgICBkbWFfc2V0X3B0ZV9y ZWFkYWJsZSgqcHRlKTsKICAgICAgICAgfQotICAgICAgICBpb21tdV9mbHVz aF9jYWNoZV9wYWdlKHBhcmVudCwgMSk7CisgICAgICAgIGlvbW11X3N5bmNf Y2FjaGUocGFyZW50LCBQQUdFX1NJWkUpOwogCiAgICAgICAgIHVubWFwX3Z0 ZF9kb21haW5fcGFnZShwYXJlbnQpOwogICAgICAgICBwYXJlbnQgPSBtYXBf dnRkX2RvbWFpbl9wYWdlKG1hZGRyKTsK --=separator Content-Type: application/octet-stream; name="xsa321/xsa321-4.12-3.patch" Content-Disposition: attachment; filename="xsa321/xsa321-4.12-3.patch" Content-Transfer-Encoding: base64 RnJvbTogPHNlY3VyaXR5QHhlbnByb2plY3Qub3JnPgpTdWJqZWN0OiB4ODYv aW9tbXU6IGludHJvZHVjZSBhIGNhY2hlIHN5bmMgaG9vawoKVGhlIGhvb2sg aXMgb25seSBpbXBsZW1lbnRlZCBmb3IgVlQtZCBhbmQgaXQgdXNlcyB0aGUg YWxyZWFkeSBleGlzdGluZwppb21tdV9zeW5jX2NhY2hlIGZ1bmN0aW9uIHBy ZXNlbnQgaW4gVlQtZCBjb2RlLiBUaGUgbmV3IGhvb2sgaXMKYWRkZWQgc28g dGhhdCB0aGUgY2FjaGUgY2FuIGJlIGZsdXNoZWQgYnkgY29kZSBvdXRzaWRl IG9mIFZULWQgd2hlbgp1c2luZyBzaGFyZWQgcGFnZSB0YWJsZXMuCgpOb3Rl IHRoYXQgYWxsb2NfcGd0YWJsZV9tYWRkciBtdXN0IHVzZSB0aGUgbm93IGxv Y2FsbHkgZGVmaW5lZApzeW5jX2NhY2hlIGZ1bmN0aW9uLCBiZWNhdXNlIElP TU1VIG9wcyBhcmUgbm90IHlldCBzZXR1cCB0aGUgZmlyc3QKdGltZSB0aGUg ZnVuY3Rpb24gZ2V0cyBjYWxsZWQgZHVyaW5nIElPTU1VIGluaXRpYWxpemF0 aW9uLgoKTm8gZnVuY3Rpb25hbCBjaGFuZ2UgaW50ZW5kZWQuCgpUaGlzIGlz IHBhcnQgb2YgWFNBLTMyMS4KClJldmlld2VkLWJ5OiBKYW4gQmV1bGljaCA8 amJldWxpY2hAc3VzZS5jb20+CgotLS0gYS94ZW4vZHJpdmVycy9wYXNzdGhy b3VnaC92dGQvZXh0ZXJuLmgKKysrIGIveGVuL2RyaXZlcnMvcGFzc3Rocm91 Z2gvdnRkL2V4dGVybi5oCkBAIC0zOCw3ICszOCw2IEBAIHZvaWQgZGlzYWJs ZV9xaW52YWwoc3RydWN0IGlvbW11ICppb21tdSkKIGludCBlbmFibGVfaW50 cmVtYXAoc3RydWN0IGlvbW11ICppb21tdSwgaW50IGVpbSk7CiB2b2lkIGRp c2FibGVfaW50cmVtYXAoc3RydWN0IGlvbW11ICppb21tdSk7CiAKLXZvaWQg aW9tbXVfc3luY19jYWNoZShjb25zdCB2b2lkICphZGRyLCB1bnNpZ25lZCBp bnQgc2l6ZSk7CiBpbnQgaW9tbXVfYWxsb2Moc3RydWN0IGFjcGlfZHJoZF91 bml0ICpkcmhkKTsKIHZvaWQgaW9tbXVfZnJlZShzdHJ1Y3QgYWNwaV9kcmhk X3VuaXQgKmRyaGQpOwogCi0tLSBhL3hlbi9kcml2ZXJzL3Bhc3N0aHJvdWdo L3Z0ZC9pb21tdS5jCisrKyBiL3hlbi9kcml2ZXJzL3Bhc3N0aHJvdWdoL3Z0 ZC9pb21tdS5jCkBAIC0xNTksNyArMTU5LDcgQEAgc3RhdGljIHZvaWQgX19p bml0IGZyZWVfaW50ZWxfaW9tbXUoc3RydQogCiBzdGF0aWMgaW50IGlvbW11 c19pbmNvaGVyZW50OwogCi12b2lkIGlvbW11X3N5bmNfY2FjaGUoY29uc3Qg dm9pZCAqYWRkciwgdW5zaWduZWQgaW50IHNpemUpCitzdGF0aWMgdm9pZCBz eW5jX2NhY2hlKGNvbnN0IHZvaWQgKmFkZHIsIHVuc2lnbmVkIGludCBzaXpl KQogewogICAgIGludCBpOwogICAgIHN0YXRpYyB1bnNpZ25lZCBpbnQgY2xm bHVzaF9zaXplID0gMDsKQEAgLTE5OCw3ICsxOTgsNyBAQCB1NjQgYWxsb2Nf cGd0YWJsZV9tYWRkcihzdHJ1Y3QgYWNwaV9kcmhkCiAgICAgICAgIHZhZGRy ID0gX19tYXBfZG9tYWluX3BhZ2UoY3VyX3BnKTsKICAgICAgICAgbWVtc2V0 KHZhZGRyLCAwLCBQQUdFX1NJWkUpOwogCi0gICAgICAgIGlvbW11X3N5bmNf Y2FjaGUodmFkZHIsIFBBR0VfU0laRSk7CisgICAgICAgIHN5bmNfY2FjaGUo dmFkZHIsIFBBR0VfU0laRSk7CiAgICAgICAgIHVubWFwX2RvbWFpbl9wYWdl KHZhZGRyKTsKICAgICAgICAgY3VyX3BnKys7CiAgICAgfQpAQCAtMjgxMyw2 ICsyODEzLDcgQEAgY29uc3Qgc3RydWN0IGlvbW11X29wcyBfX2luaXRjb25z dHJlbCBpbgogICAgIC5pb3RsYl9mbHVzaF9hbGwgPSBpb21tdV9mbHVzaF9p b3RsYl9hbGwsCiAgICAgLmdldF9yZXNlcnZlZF9kZXZpY2VfbWVtb3J5ID0g aW50ZWxfaW9tbXVfZ2V0X3Jlc2VydmVkX2RldmljZV9tZW1vcnksCiAgICAg LmR1bXBfcDJtX3RhYmxlID0gdnRkX2R1bXBfcDJtX3RhYmxlLAorICAgIC5z eW5jX2NhY2hlID0gc3luY19jYWNoZSwKIH07CiAKIC8qCi0tLSBhL3hlbi9p bmNsdWRlL2FzbS14ODYvaW9tbXUuaAorKysgYi94ZW4vaW5jbHVkZS9hc20t eDg2L2lvbW11LmgKQEAgLTEwMSw2ICsxMDEsMTMgQEAgZXh0ZXJuIGJvb2wg dW50cnVzdGVkX21zaTsKIGludCBwaV91cGRhdGVfaXJ0ZShjb25zdCBzdHJ1 Y3QgcGlfZGVzYyAqcGlfZGVzYywgY29uc3Qgc3RydWN0IHBpcnEgKnBpcnEs CiAgICAgICAgICAgICAgICAgICAgY29uc3QgdWludDhfdCBndmVjKTsKIAor I2RlZmluZSBpb21tdV9zeW5jX2NhY2hlKGFkZHIsIHNpemUpICh7ICAgICAg ICAgICAgICAgICBcCisgICAgY29uc3Qgc3RydWN0IGlvbW11X29wcyAqb3Bz ID0gaW9tbXVfZ2V0X29wcygpOyAgICAgIFwKKyAgICAgICAgICAgICAgICAg ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgXAorICAg IGlmICggb3BzLT5zeW5jX2NhY2hlICkgICAgICAgICAgICAgICAgICAgICAg ICAgICAgICBcCisgICAgICAgIG9wcy0+c3luY19jYWNoZShhZGRyLCBzaXpl KTsgICAgICAgICAgICAgICAgICAgIFwKK30pCisKICNlbmRpZiAvKiAhX19B UkNIX1g4Nl9JT01NVV9IX18gKi8KIC8qCiAgKiBMb2NhbCB2YXJpYWJsZXM6 Ci0tLSBhL3hlbi9pbmNsdWRlL3hlbi9pb21tdS5oCisrKyBiL3hlbi9pbmNs dWRlL3hlbi9pb21tdS5oCkBAIC0yMjEsNiArMjIxLDcgQEAgc3RydWN0IGlv bW11X29wcyB7CiAgICAgdm9pZCAoKnVwZGF0ZV9pcmVfZnJvbV9hcGljKSh1 bnNpZ25lZCBpbnQgYXBpYywgdW5zaWduZWQgaW50IHJlZywgdW5zaWduZWQg aW50IHZhbHVlKTsKICAgICB1bnNpZ25lZCBpbnQgKCpyZWFkX2FwaWNfZnJv bV9pcmUpKHVuc2lnbmVkIGludCBhcGljLCB1bnNpZ25lZCBpbnQgcmVnKTsK ICAgICBpbnQgKCpzZXR1cF9ocGV0X21zaSkoc3RydWN0IG1zaV9kZXNjICop OworICAgIHZvaWQgKCpzeW5jX2NhY2hlKShjb25zdCB2b2lkICphZGRyLCB1 bnNpZ25lZCBpbnQgc2l6ZSk7CiAjZW5kaWYgLyogQ09ORklHX1g4NiAqLwog ICAgIGludCBfX211c3RfY2hlY2sgKCpzdXNwZW5kKSh2b2lkKTsKICAgICB2 b2lkICgqcmVzdW1lKSh2b2lkKTsK --=separator Content-Type: application/octet-stream; name="xsa321/xsa321-4.12-4.patch" Content-Disposition: attachment; filename="xsa321/xsa321-4.12-4.patch" Content-Transfer-Encoding: base64 RnJvbTogPHNlY3VyaXR5QHhlbnByb2plY3Qub3JnPgpTdWJqZWN0OiB2dGQ6 IGRvbid0IGFzc3VtZSBhZGRyZXNzZXMgYXJlIGFsaWduZWQgaW4gc3luY19j YWNoZQoKQ3VycmVudCBjb2RlIGluIHN5bmNfY2FjaGUgYXNzdW1lIHRoYXQg dGhlIGFkZHJlc3MgcGFzc2VkIGluIGlzCmFsaWduZWQgdG8gYSBjYWNoZSBs aW5lIHNpemUuIEZpeCB0aGUgY29kZSB0byBzdXBwb3J0IHBhc3NpbmcgaW4K YXJiaXRyYXJ5IGFkZHJlc3NlcyBub3QgbmVjZXNzYXJpbHkgYWxpZ25lZCB0 byBhIGNhY2hlIGxpbmUgc2l6ZS4KClRoaXMgaXMgcGFydCBvZiBYU0EtMzIx LgoKUmV2aWV3ZWQtYnk6IEphbiBCZXVsaWNoIDxqYmV1bGljaEBzdXNlLmNv bT4KCi0tLSBhL3hlbi9kcml2ZXJzL3Bhc3N0aHJvdWdoL3Z0ZC9pb21tdS5j CisrKyBiL3hlbi9kcml2ZXJzL3Bhc3N0aHJvdWdoL3Z0ZC9pb21tdS5jCkBA IC0xNjEsOCArMTYxLDggQEAgc3RhdGljIGludCBpb21tdXNfaW5jb2hlcmVu dDsKIAogc3RhdGljIHZvaWQgc3luY19jYWNoZShjb25zdCB2b2lkICphZGRy LCB1bnNpZ25lZCBpbnQgc2l6ZSkKIHsKLSAgICBpbnQgaTsKLSAgICBzdGF0 aWMgdW5zaWduZWQgaW50IGNsZmx1c2hfc2l6ZSA9IDA7CisgICAgc3RhdGlj IHVuc2lnbmVkIGxvbmcgY2xmbHVzaF9zaXplID0gMDsKKyAgICBjb25zdCB2 b2lkICplbmQgPSBhZGRyICsgc2l6ZTsKIAogICAgIGlmICggIWlvbW11c19p bmNvaGVyZW50ICkKICAgICAgICAgcmV0dXJuOwpAQCAtMTcwLDggKzE3MCw5 IEBAIHN0YXRpYyB2b2lkIHN5bmNfY2FjaGUoY29uc3Qgdm9pZCAqYWRkciwK ICAgICBpZiAoIGNsZmx1c2hfc2l6ZSA9PSAwICkKICAgICAgICAgY2xmbHVz aF9zaXplID0gZ2V0X2NhY2hlX2xpbmVfc2l6ZSgpOwogCi0gICAgZm9yICgg aSA9IDA7IGkgPCBzaXplOyBpICs9IGNsZmx1c2hfc2l6ZSApCi0gICAgICAg IGNhY2hlbGluZV9mbHVzaCgoY2hhciAqKWFkZHIgKyBpKTsKKyAgICBhZGRy IC09ICh1bnNpZ25lZCBsb25nKWFkZHIgJiAoY2xmbHVzaF9zaXplIC0gMSk7 CisgICAgZm9yICggOyBhZGRyIDwgZW5kOyBhZGRyICs9IGNsZmx1c2hfc2l6 ZSApCisgICAgICAgIGNhY2hlbGluZV9mbHVzaCgoY2hhciAqKWFkZHIpOwog fQogCiAvKiBBbGxvY2F0ZSBwYWdlIHRhYmxlLCByZXR1cm4gaXRzIG1hY2hp bmUgYWRkcmVzcyAqLwo= --=separator Content-Type: application/octet-stream; name="xsa321/xsa321-4.12-5.patch" Content-Disposition: attachment; filename="xsa321/xsa321-4.12-5.patch" Content-Transfer-Encoding: base64 RnJvbTogPHNlY3VyaXR5QHhlbnByb2plY3Qub3JnPgpTdWJqZWN0OiB4ODYv YWx0ZXJuYXRpdmU6IGludHJvZHVjZSBhbHRlcm5hdGl2ZV8yCgpJdCdzIGJh c2VkIG9uIGFsdGVybmF0aXZlX2lvXzIgd2l0aG91dCBpbnB1dHMgb3Igb3V0 cHV0cyBidXQgd2l0aCBhbgphZGRlZCBtZW1vcnkgY2xvYmJlci4KClRoaXMg aXMgcGFydCBvZiBYU0EtMzIxLgoKQWNrZWQtYnk6IEphbiBCZXVsaWNoIDxq YmV1bGljaEBzdXNlLmNvbT4KCi0tLSBhL3hlbi9pbmNsdWRlL2FzbS14ODYv YWx0ZXJuYXRpdmUuaAorKysgYi94ZW4vaW5jbHVkZS9hc20teDg2L2FsdGVy bmF0aXZlLmgKQEAgLTExMyw2ICsxMTMsMTEgQEAgZXh0ZXJuIHZvaWQgYWx0 ZXJuYXRpdmVfaW5zdHJ1Y3Rpb25zKHZvaQogI2RlZmluZSBhbHRlcm5hdGl2 ZShvbGRpbnN0ciwgbmV3aW5zdHIsIGZlYXR1cmUpICAgICAgICAgICAgICAg ICAgICAgICAgXAogICAgICAgICBhc20gdm9sYXRpbGUgKEFMVEVSTkFUSVZF KG9sZGluc3RyLCBuZXdpbnN0ciwgZmVhdHVyZSkgOiA6IDogIm1lbW9yeSIp CiAKKyNkZWZpbmUgYWx0ZXJuYXRpdmVfMihvbGRpbnN0ciwgbmV3aW5zdHIx LCBmZWF0dXJlMSwgbmV3aW5zdHIyLCBmZWF0dXJlMikgXAorCWFzbSB2b2xh dGlsZSAoQUxURVJOQVRJVkVfMihvbGRpbnN0ciwgbmV3aW5zdHIxLCBmZWF0 dXJlMSwJXAorCQkJCSAgICBuZXdpbnN0cjIsIGZlYXR1cmUyKQkJXAorCQkg ICAgICA6IDogOiAibWVtb3J5IikKKwogLyoKICAqIEFsdGVybmF0aXZlIGlu bGluZSBhc3NlbWJseSB3aXRoIGlucHV0LgogICoK --=separator Content-Type: application/octet-stream; name="xsa321/xsa321-4.12-6.patch" Content-Disposition: attachment; filename="xsa321/xsa321-4.12-6.patch" Content-Transfer-Encoding: base64 RnJvbTogPHNlY3VyaXR5QHhlbnByb2plY3Qub3JnPgpTdWJqZWN0OiB2dGQ6 IG9wdGltaXplIENQVSBjYWNoZSBzeW5jCgpTb21lIFZULWQgSU9NTVVzIGFy ZSBub24tY29oZXJlbnQsIHdoaWNoIHJlcXVpcmVzIGEgY2FjaGUgd3JpdGUg YmFjawppbiBvcmRlciBmb3IgdGhlIGNoYW5nZXMgbWFkZSBieSB0aGUgQ1BV IHRvIGJlIHZpc2libGUgdG8gdGhlIElPTU1VLgpUaGlzIGNhY2hlIHdyaXRl IGJhY2sgd2FzIHVuY29uZGl0aW9uYWxseSBkb25lIHVzaW5nIGNsZmx1c2gs IGJ1dCB0aGVyZSBhcmUKb3RoZXIgbW9yZSBlZmZpY2llbnQgaW5zdHJ1Y3Rp b25zIHRvIGRvIHNvLCBoZW5jZSBpbXBsZW1lbnQgc3VwcG9ydApmb3IgdGhl bSB1c2luZyB0aGUgYWx0ZXJuYXRpdmUgZnJhbWV3b3JrLgoKVGhpcyBpcyBw YXJ0IG9mIFhTQS0zMjEuCgpSZXZpZXdlZC1ieTogSmFuIEJldWxpY2ggPGpi ZXVsaWNoQHN1c2UuY29tPgoKLS0tIGEveGVuL2RyaXZlcnMvcGFzc3Rocm91 Z2gvdnRkL2V4dGVybi5oCisrKyBiL3hlbi9kcml2ZXJzL3Bhc3N0aHJvdWdo L3Z0ZC9leHRlcm4uaApAQCAtNjQsNyArNjQsNiBAQCBpbnQgX19tdXN0X2No ZWNrIHFpbnZhbF9kZXZpY2VfaW90bGJfc3luCiAgICAgICAgICAgICAgICAg ICAgICAgICAgICAgICAgICAgICAgICAgICB1MTYgZGlkLCB1MTYgc2l6ZSwg dTY0IGFkZHIpOwogCiB1bnNpZ25lZCBpbnQgZ2V0X2NhY2hlX2xpbmVfc2l6 ZSh2b2lkKTsKLXZvaWQgY2FjaGVsaW5lX2ZsdXNoKGNoYXIgKik7CiB2b2lk IGZsdXNoX2FsbF9jYWNoZSh2b2lkKTsKIAogdTY0IGFsbG9jX3BndGFibGVf bWFkZHIoc3RydWN0IGFjcGlfZHJoZF91bml0ICpkcmhkLCB1bnNpZ25lZCBs b25nIG5wYWdlcyk7Ci0tLSBhL3hlbi9kcml2ZXJzL3Bhc3N0aHJvdWdoL3Z0 ZC9pb21tdS5jCisrKyBiL3hlbi9kcml2ZXJzL3Bhc3N0aHJvdWdoL3Z0ZC9p b21tdS5jCkBAIC0zMSw2ICszMSw3IEBACiAjaW5jbHVkZSA8eGVuL3BjaV9y ZWdzLmg+CiAjaW5jbHVkZSA8eGVuL2tleWhhbmRsZXIuaD4KICNpbmNsdWRl IDxhc20vbXNpLmg+CisjaW5jbHVkZSA8YXNtL25vcHMuaD4KICNpbmNsdWRl IDxhc20vaXJxLmg+CiAjaW5jbHVkZSA8YXNtL2h2bS92bXgvdm14Lmg+CiAj aW5jbHVkZSA8YXNtL3AybS5oPgpAQCAtMTcyLDcgKzE3Myw0MiBAQCBzdGF0 aWMgdm9pZCBzeW5jX2NhY2hlKGNvbnN0IHZvaWQgKmFkZHIsCiAKICAgICBh ZGRyIC09ICh1bnNpZ25lZCBsb25nKWFkZHIgJiAoY2xmbHVzaF9zaXplIC0g MSk7CiAgICAgZm9yICggOyBhZGRyIDwgZW5kOyBhZGRyICs9IGNsZmx1c2hf c2l6ZSApCi0gICAgICAgIGNhY2hlbGluZV9mbHVzaCgoY2hhciAqKWFkZHIp OworLyoKKyAqIFRoZSBhcmd1bWVudHMgdG8gYSBtYWNybyBtdXN0IG5vdCBp bmNsdWRlIHByZXByb2Nlc3NvciBkaXJlY3RpdmVzLiBEb2luZyBzbworICog cmVzdWx0cyBpbiB1bmRlZmluZWQgYmVoYXZpb3IsIHNvIHdlIGhhdmUgdG8g Y3JlYXRlIHNvbWUgZGVmaW5lcyBoZXJlIGluCisgKiBvcmRlciB0byBhdm9p ZCBpdC4KKyAqLworI2lmIGRlZmluZWQoSEFWRV9BU19DTFdCKQorIyBkZWZp bmUgQ0xXQl9FTkNPRElORyAiY2x3YiAlW3BdIgorI2VsaWYgZGVmaW5lZChI QVZFX0FTX1hTQVZFT1BUKQorIyBkZWZpbmUgQ0xXQl9FTkNPRElORyAiZGF0 YTE2IHhzYXZlb3B0ICVbcF0iIC8qIGNsd2IgKi8KKyNlbHNlCisjIGRlZmlu ZSBDTFdCX0VOQ09ESU5HICIuYnl0ZSAweDY2LCAweDBmLCAweGFlLCAweDMw IiAvKiBjbHdiICglJXJheCkgKi8KKyNlbmRpZgorCisjZGVmaW5lIEJBU0Vf SU5QVVQoYWRkcikgW3BdICJtIiAoKihjb25zdCBjaGFyICopKGFkZHIpKQor I2lmIGRlZmluZWQoSEFWRV9BU19DTFdCKSB8fCBkZWZpbmVkKEhBVkVfQVNf WFNBVkVPUFQpCisjIGRlZmluZSBJTlBVVCBCQVNFX0lOUFVUCisjZWxzZQor IyBkZWZpbmUgSU5QVVQoYWRkcikgImEiIChhZGRyKSwgQkFTRV9JTlBVVChh ZGRyKQorI2VuZGlmCisgICAgICAgIC8qCisgICAgICAgICAqIE5vdGUgcmVn YXJkaW5nIHRoZSB1c2Ugb2YgTk9QX0RTX1BSRUZJWDogaXQncyBmYXN0ZXIg dG8gZG8gYSBjbGZsdXNoCisgICAgICAgICAqICsgcHJlZml4IHRoYW4gYSBj bGZsdXNoICsgbm9wLCBhbmQgaGVuY2UgdGhlIHByZWZpeCBpcyBhZGRlZCBp bnN0ZWFkCisgICAgICAgICAqIG9mIGxldHRpbmcgdGhlIGFsdGVybmF0aXZl IGZyYW1ld29yayBmaWxsIHRoZSBnYXAgYnkgYXBwZW5kaW5nIG5vcHMuCisg ICAgICAgICAqLworICAgICAgICBhbHRlcm5hdGl2ZV9pb18yKCIuYnl0ZSAi IF9fc3RyaW5naWZ5KE5PUF9EU19QUkVGSVgpICI7IGNsZmx1c2ggJVtwXSIs CisgICAgICAgICAgICAgICAgICAgICAgICAgImRhdGExNiBjbGZsdXNoICVb cF0iLCAvKiBjbGZsdXNob3B0ICovCisgICAgICAgICAgICAgICAgICAgICAg ICAgWDg2X0ZFQVRVUkVfQ0xGTFVTSE9QVCwKKyAgICAgICAgICAgICAgICAg ICAgICAgICBDTFdCX0VOQ09ESU5HLAorICAgICAgICAgICAgICAgICAgICAg ICAgIFg4Nl9GRUFUVVJFX0NMV0IsIC8qIG5vIG91dHB1dHMgKi8sCisgICAg ICAgICAgICAgICAgICAgICAgICAgSU5QVVQoYWRkcikpOworI3VuZGVmIElO UFVUCisjdW5kZWYgQkFTRV9JTlBVVAorI3VuZGVmIENMV0JfRU5DT0RJTkcK KworICAgIGFsdGVybmF0aXZlXzIoIiIsICJzZmVuY2UiLCBYODZfRkVBVFVS RV9DTEZMVVNIT1BULAorICAgICAgICAgICAgICAgICAgICAgICJzZmVuY2Ui LCBYODZfRkVBVFVSRV9DTFdCKTsKIH0KIAogLyogQWxsb2NhdGUgcGFnZSB0 YWJsZSwgcmV0dXJuIGl0cyBtYWNoaW5lIGFkZHJlc3MgKi8KLS0tIGEveGVu L2RyaXZlcnMvcGFzc3Rocm91Z2gvdnRkL3g4Ni92dGQuYworKysgYi94ZW4v ZHJpdmVycy9wYXNzdGhyb3VnaC92dGQveDg2L3Z0ZC5jCkBAIC01MSwxMSAr NTEsNiBAQCB1bnNpZ25lZCBpbnQgZ2V0X2NhY2hlX2xpbmVfc2l6ZSh2b2lk KQogICAgIHJldHVybiAoKGNwdWlkX2VieCgxKSA+PiA4KSAmIDB4ZmYpICog ODsKIH0KIAotdm9pZCBjYWNoZWxpbmVfZmx1c2goY2hhciAqIGFkZHIpCi17 Ci0gICAgY2xmbHVzaChhZGRyKTsKLX0KLQogdm9pZCBmbHVzaF9hbGxfY2Fj aGUoKQogewogICAgIHdiaW52ZCgpOwo= --=separator Content-Type: application/octet-stream; name="xsa321/xsa321-4.12-7.patch" Content-Disposition: attachment; filename="xsa321/xsa321-4.12-7.patch" Content-Transfer-Encoding: base64 RnJvbTogPHNlY3VyaXR5QHhlbnByb2plY3Qub3JnPgpTdWJqZWN0OiB4ODYv ZXB0OiBmbHVzaCBjYWNoZSB3aGVuIG1vZGlmeWluZyBQVEVzIGFuZCBzaGFy aW5nIHBhZ2UgdGFibGVzCgpNb2RpZmljYXRpb25zIG1hZGUgdG8gdGhlIHBh Z2UgdGFibGVzIGJ5IEVQVCBjb2RlIG5lZWQgdG8gYmUgd3JpdHRlbgp0byBt ZW1vcnkgd2hlbiB0aGUgcGFnZSB0YWJsZXMgYXJlIHNoYXJlZCB3aXRoIHRo ZSBJT01NVSwgYXMgSW50ZWwKSU9NTVVzIGNhbiBiZSBub24tY29oZXJlbnQg YW5kIHRodXMgcmVxdWlyZSBjaGFuZ2VzIHRvIGJlIHdyaXR0ZW4gdG8KbWVt b3J5IGluIG9yZGVyIHRvIGJlIHZpc2libGUgdG8gdGhlIElPTU1VLgoKSW4g b3JkZXIgdG8gYWNoaWV2ZSB0aGlzIG1ha2Ugc3VyZSBkYXRhIGlzIHdyaXR0 ZW4gYmFjayB0byBtZW1vcnkKYWZ0ZXIgd3JpdGluZyBhbiBFUFQgZW50cnkg d2hlbiB0aGUgcmVjYWxjIGJpdCBpcyBub3Qgc2V0IGluCmF0b21pY193cml0 ZV9lcHRfZW50cnkuIElmIHN1Y2ggYml0IGlzIHNldCwgdGhlIGVudHJ5IHdp bGwgYmUKYWRqdXN0ZWQgYW5kIGF0b21pY193cml0ZV9lcHRfZW50cnkgd2ls bCBiZSBjYWxsZWQgYSBzZWNvbmQgdGltZQp3aXRob3V0IHRoZSByZWNhbGMg Yml0IHNldC4gTm90ZSB0aGF0IHdoZW4gc3BsaXR0aW5nIGEgc3VwZXIgcGFn ZSB0aGUKbmV3IHRhYmxlcyByZXN1bHRpbmcgb2YgdGhlIHNwbGl0IHNob3Vs ZCBhbHNvIGJlIHdyaXR0ZW4gYmFjay4KCkZhaWx1cmUgdG8gZG8gc28gY2Fu IGFsbG93IGRldmljZXMgYmVoaW5kIHRoZSBJT01NVSBhY2Nlc3MgdG8gdGhl CnN0YWxlIHN1cGVyIHBhZ2UsIG9yIGNhdXNlIGNvaGVyZW5jeSBpc3N1ZXMg YXMgY2hhbmdlcyBtYWRlIGJ5IHRoZQpwcm9jZXNzb3IgdG8gdGhlIHBhZ2Ug dGFibGVzIGFyZSBub3QgdmlzaWJsZSB0byB0aGUgSU9NTVUuCgpUaGlzIGFs bG93cyB0byByZW1vdmUgdGhlIFZULWQgc3BlY2lmaWMgaW9tbXVfcHRlX2Zs dXNoIGhlbHBlciwgc2luY2UKdGhlIGNhY2hlIHdyaXRlIGJhY2sgaXMgbm93 IHBlcmZvcm1lZCBieSBhdG9taWNfd3JpdGVfZXB0X2VudHJ5LCBhbmQKaGVu Y2UgaW9tbXVfaW90bGJfZmx1c2ggY2FuIGJlIHVzZWQgdG8gZmx1c2ggdGhl IElPTU1VIFRMQi4gVGhlIG5ld2x5CnVzZWQgbWV0aG9kIChpb21tdV9pb3Rs Yl9mbHVzaCkgY2FuIHJlc3VsdCBpbiBsZXNzIGZsdXNoZXMsIHNpbmNlIGl0 Cm1pZ2h0IHNvbWV0aW1lcyBiZSBjYWxsZWQgcmlnaHRseSB3aXRoIDAgZmxh Z3MsIGluIHdoaWNoIGNhc2UgaXQKYmVjb21lcyBhIG5vLW9wLgoKVGhpcyBp cyBwYXJ0IG9mIFhTQS0zMjEuCgpSZXZpZXdlZC1ieTogSmFuIEJldWxpY2gg PGpiZXVsaWNoQHN1c2UuY29tPgoKLS0tIGEveGVuL2FyY2gveDg2L21tL3Ay bS1lcHQuYworKysgYi94ZW4vYXJjaC94ODYvbW0vcDJtLWVwdC5jCkBAIC01 OCw2ICs1OCwxOSBAQCBzdGF0aWMgaW50IGF0b21pY193cml0ZV9lcHRfZW50 cnkoc3RydWN0CiAKICAgICB3cml0ZV9hdG9taWMoJmVudHJ5cHRyLT5lcHRl LCBuZXcuZXB0ZSk7CiAKKyAgICAvKgorICAgICAqIFRoZSByZWNhbGMgZmll bGQgb24gdGhlIEVQVCBpcyB1c2VkIHRvIHNpZ25hbCBlaXRoZXIgdGhhdCBh CisgICAgICogcmVjYWxjdWxhdGlvbiBvZiB0aGUgRU1UIGZpZWxkIGlzIHJl cXVpcmVkICh3aGljaCBkb2Vzbid0IGVmZmVjdCB0aGUKKyAgICAgKiBJT01N VSksIG9yIGEgdHlwZSBjaGFuZ2UuIFR5cGUgY2hhbmdlcyBjYW4gb25seSBi ZSBiZXR3ZWVuIHJhbV9ydywKKyAgICAgKiBsb2dkaXJ0eSBhbmQgaW9yZXFf c2VydmVyOiBjaGFuZ2VzIHRvL2Zyb20gbG9nZGlydHkgd29uJ3Qgd29yayB3 ZWxsIHdpdGgKKyAgICAgKiBhbiBJT01NVSBhbnl3YXksIGFzIElPTU1VICNQ RnMgYXJlIG5vdCBzeW5jaHJvbm91cyBhbmQgd2lsbCBsZWFkIHRvCisgICAg ICogYWJvcnRzLCBhbmQgY2hhbmdlcyB0by9mcm9tIGlvcmVxX3NlcnZlciBh cmUgYWxyZWFkeSBmdWxseSBmbHVzaGVkCisgICAgICogYmVmb3JlIHJldHVy bmluZyB0byBndWVzdCBjb250ZXh0IChzZWUKKyAgICAgKiBYRU5fRE1PUF9t YXBfbWVtX3R5cGVfdG9faW9yZXFfc2VydmVyKS4KKyAgICAgKi8KKyAgICBp ZiAoICFuZXcucmVjYWxjICYmIGlvbW11X3VzZV9oYXBfcHQocDJtLT5kb21h aW4pICkKKyAgICAgICAgaW9tbXVfc3luY19jYWNoZShlbnRyeXB0ciwgc2l6 ZW9mKCplbnRyeXB0cikpOworCiAgICAgcmV0dXJuIDA7CiB9CiAKQEAgLTI3 OCw2ICsyOTEsOSBAQCBzdGF0aWMgYm9vbF90IGVwdF9zcGxpdF9zdXBlcl9w YWdlKHN0cnVjCiAgICAgICAgICAgICBicmVhazsKICAgICB9CiAKKyAgICBp ZiAoIGlvbW11X3VzZV9oYXBfcHQocDJtLT5kb21haW4pICkKKyAgICAgICAg aW9tbXVfc3luY19jYWNoZSh0YWJsZSwgRVBUX1BBR0VUQUJMRV9FTlRSSUVT ICogc2l6ZW9mKGVwdF9lbnRyeV90KSk7CisKICAgICB1bm1hcF9kb21haW5f cGFnZSh0YWJsZSk7CiAKICAgICAvKiBFdmVuIGZhaWxlZCB3ZSBzaG91bGQg aW5zdGFsbCB0aGUgbmV3bHkgYWxsb2NhdGVkIGVwdCBwYWdlLiAqLwpAQCAt MzM3LDYgKzM1Myw5IEBAIHN0YXRpYyBpbnQgZXB0X25leHRfbGV2ZWwoc3Ry dWN0IHAybV9kb20KICAgICAgICAgaWYgKCAhbmV4dCApCiAgICAgICAgICAg ICByZXR1cm4gR1VFU1RfVEFCTEVfTUFQX0ZBSUxFRDsKIAorICAgICAgICBp ZiAoIGlvbW11X3VzZV9oYXBfcHQocDJtLT5kb21haW4pICkKKyAgICAgICAg ICAgIGlvbW11X3N5bmNfY2FjaGUobmV4dCwgRVBUX1BBR0VUQUJMRV9FTlRS SUVTICogc2l6ZW9mKGVwdF9lbnRyeV90KSk7CisKICAgICAgICAgcmMgPSBh dG9taWNfd3JpdGVfZXB0X2VudHJ5KHAybSwgZXB0X2VudHJ5LCBlLCBuZXh0 X2xldmVsKTsKICAgICAgICAgQVNTRVJUKHJjID09IDApOwogICAgIH0KQEAg LTgxNSw3ICs4MzQsMTAgQEAgb3V0OgogICAgICAgICAgbmVlZF9tb2RpZnlf dnRkX3RhYmxlICkKICAgICB7CiAgICAgICAgIGlmICggaW9tbXVfdXNlX2hh cF9wdChkKSApCi0gICAgICAgICAgICByYyA9IGlvbW11X3B0ZV9mbHVzaChk LCBnZm4sICZlcHRfZW50cnktPmVwdGUsIG9yZGVyLCB2dGRfcHRlX3ByZXNl bnQpOworICAgICAgICAgICAgcmMgPSBpb21tdV9pb3RsYl9mbHVzaChkLCBf ZGZuKGdmbiksICgxdSA8PCBvcmRlciksCisgICAgICAgICAgICAgICAgICAg ICAgICAgICAgICAgICAgIChpb21tdV9mbGFncyA/IElPTU1VX0ZMVVNIRl9h ZGRlZCA6IDApIHwKKyAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAg ICAgKHZ0ZF9wdGVfcHJlc2VudCA/IElPTU1VX0ZMVVNIRl9tb2RpZmllZAor ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAg ICAgICAgIDogMCkpOwogICAgICAgICBlbHNlIGlmICggbmVlZF9pb21tdV9w dF9zeW5jKGQpICkKICAgICAgICAgICAgIHJjID0gaW9tbXVfZmxhZ3MgPwog ICAgICAgICAgICAgICAgIGlvbW11X2xlZ2FjeV9tYXAoZCwgX2RmbihnZm4p LCBtZm4sIG9yZGVyLCBpb21tdV9mbGFncykgOgotLS0gYS94ZW4vZHJpdmVy cy9wYXNzdGhyb3VnaC92dGQvaW9tbXUuYworKysgYi94ZW4vZHJpdmVycy9w YXNzdGhyb3VnaC92dGQvaW9tbXUuYwpAQCAtMTkzMCw1MyArMTkzMCw2IEBA IHN0YXRpYyBpbnQgaW50ZWxfaW9tbXVfbG9va3VwX3BhZ2Uoc3RydWMKICAg ICByZXR1cm4gMDsKIH0KIAotaW50IGlvbW11X3B0ZV9mbHVzaChzdHJ1Y3Qg ZG9tYWluICpkLCB1aW50NjRfdCBkZm4sIHVpbnQ2NF90ICpwdGUsCi0gICAg ICAgICAgICAgICAgICAgIGludCBvcmRlciwgaW50IHByZXNlbnQpCi17Ci0g ICAgc3RydWN0IGFjcGlfZHJoZF91bml0ICpkcmhkOwotICAgIHN0cnVjdCBp b21tdSAqaW9tbXUgPSBOVUxMOwotICAgIHN0cnVjdCBkb21haW5faW9tbXUg KmhkID0gZG9tX2lvbW11KGQpOwotICAgIGJvb2xfdCBmbHVzaF9kZXZfaW90 bGI7Ci0gICAgaW50IGlvbW11X2RvbWlkOwotICAgIGludCByYyA9IDA7Ci0K LSAgICBpb21tdV9zeW5jX2NhY2hlKHB0ZSwgc2l6ZW9mKHN0cnVjdCBkbWFf cHRlKSk7Ci0KLSAgICBmb3JfZWFjaF9kcmhkX3VuaXQgKCBkcmhkICkKLSAg ICB7Ci0gICAgICAgIGlvbW11ID0gZHJoZC0+aW9tbXU7Ci0gICAgICAgIGlm ICggIXRlc3RfYml0KGlvbW11LT5pbmRleCwgJmhkLT5hcmNoLmlvbW11X2Jp dG1hcCkgKQotICAgICAgICAgICAgY29udGludWU7Ci0KLSAgICAgICAgZmx1 c2hfZGV2X2lvdGxiID0gISFmaW5kX2F0c19kZXZfZHJoZChpb21tdSk7Ci0g ICAgICAgIGlvbW11X2RvbWlkPSBkb21haW5faW9tbXVfZG9taWQoZCwgaW9t bXUpOwotICAgICAgICBpZiAoIGlvbW11X2RvbWlkID09IC0xICkKLSAgICAg ICAgICAgIGNvbnRpbnVlOwotCi0gICAgICAgIHJjID0gaW9tbXVfZmx1c2hf aW90bGJfcHNpKGlvbW11LCBpb21tdV9kb21pZCwKLSAgICAgICAgICAgICAg ICAgICAgICAgICAgICAgICAgICAgX19kZm5fdG9fZGFkZHIoZGZuKSwKLSAg ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgb3JkZXIsICFwcmVz ZW50LCBmbHVzaF9kZXZfaW90bGIpOwotICAgICAgICBpZiAoIHJjID4gMCAp Ci0gICAgICAgIHsKLSAgICAgICAgICAgIGlvbW11X2ZsdXNoX3dyaXRlX2J1 ZmZlcihpb21tdSk7Ci0gICAgICAgICAgICByYyA9IDA7Ci0gICAgICAgIH0K LSAgICB9Ci0KLSAgICBpZiAoIHVubGlrZWx5KHJjKSApCi0gICAgewotICAg ICAgICBpZiAoICFkLT5pc19zaHV0dGluZ19kb3duICYmIHByaW50a19yYXRl bGltaXQoKSApCi0gICAgICAgICAgICBwcmludGsoWEVOTE9HX0VSUiBWVERQ UkVGSVgKLSAgICAgICAgICAgICAgICAgICAiIGQlZDogSU9NTVUgcGFnZXMg Zmx1c2ggZmFpbGVkOiAlZFxuIiwKLSAgICAgICAgICAgICAgICAgICBkLT5k b21haW5faWQsIHJjKTsKLQotICAgICAgICBpZiAoICFpc19oYXJkd2FyZV9k b21haW4oZCkgKQotICAgICAgICAgICAgZG9tYWluX2NyYXNoKGQpOwotICAg IH0KLQotICAgIHJldHVybiByYzsKLX0KLQogc3RhdGljIGludCBfX2luaXQg dnRkX2VwdF9wYWdlX2NvbXBhdGlibGUoc3RydWN0IGlvbW11ICppb21tdSkK IHsKICAgICB1NjQgZXB0X2NhcCwgdnRkX2NhcCA9IGlvbW11LT5jYXA7Ci0t LSBhL3hlbi9pbmNsdWRlL2FzbS14ODYvaW9tbXUuaAorKysgYi94ZW4vaW5j bHVkZS9hc20teDg2L2lvbW11LmgKQEAgLTkwLDggKzkwLDYgQEAgaW50IGlv bW11X3NldHVwX2hwZXRfbXNpKHN0cnVjdCBtc2lfZGVzYwogCiAvKiBXaGls ZSBWVC1kIHNwZWNpZmljLCB0aGlzIG11c3QgZ2V0IGRlY2xhcmVkIGluIGEg Z2VuZXJpYyBoZWFkZXIuICovCiBpbnQgYWRqdXN0X3Z0ZF9pcnFfYWZmaW5p dGllcyh2b2lkKTsKLWludCBfX211c3RfY2hlY2sgaW9tbXVfcHRlX2ZsdXNo KHN0cnVjdCBkb21haW4gKmQsIHU2NCBnZm4sIHU2NCAqcHRlLAotICAgICAg ICAgICAgICAgICAgICAgICAgICAgICAgICAgaW50IG9yZGVyLCBpbnQgcHJl c2VudCk7CiBib29sX3QgaW9tbXVfc3VwcG9ydHNfZWltKHZvaWQpOwogaW50 IGlvbW11X2VuYWJsZV94MmFwaWNfSVIodm9pZCk7CiB2b2lkIGlvbW11X2Rp c2FibGVfeDJhcGljX0lSKHZvaWQpOwo= --=separator Content-Type: application/octet-stream; name="xsa321/xsa321-4.13-1.patch" Content-Disposition: attachment; filename="xsa321/xsa321-4.13-1.patch" Content-Transfer-Encoding: base64 RnJvbTogSmFuIEJldWxpY2ggPGpiZXVsaWNoQHN1c2UuY29tPgpTdWJqZWN0 OiB2dGQ6IGltcHJvdmUgSU9NTVUgVExCIGZsdXNoCgpEbyBub3QgbGltaXQg UFNJIGZsdXNoZXMgdG8gb3JkZXIgMCBwYWdlcywgaW4gb3JkZXIgdG8gYXZv aWQgZG9pbmcgYQpmdWxsIFRMQiBmbHVzaCBpZiB0aGUgcGFzc2VkIGluIHBh Z2UgaGFzIGFuIG9yZGVyIGdyZWF0ZXIgdGhhbiAwIGFuZAppcyBhbGlnbmVk LiBTaG91bGQgaW5jcmVhc2UgdGhlIHBlcmZvcm1hbmNlIG9mIElPTU1VIFRM QiBmbHVzaGVzIHdoZW4KZGVhbGluZyB3aXRoIHBhZ2Ugb3JkZXJzIGdyZWF0 ZXIgdGhhbiAwLgoKVGhpcyBpcyBwYXJ0IG9mIFhTQS0zMjEuCgpTaWduZWQt b2ZmLWJ5OiBKYW4gQmV1bGljaCA8amJldWxpY2hAc3VzZS5jb20+CgotLS0g YS94ZW4vZHJpdmVycy9wYXNzdGhyb3VnaC92dGQvaW9tbXUuYworKysgYi94 ZW4vZHJpdmVycy9wYXNzdGhyb3VnaC92dGQvaW9tbXUuYwpAQCAtNTcwLDEz ICs1NzAsMTQgQEAgc3RhdGljIGludCBfX211c3RfY2hlY2sgaW9tbXVfZmx1 c2hfaW90bAogICAgICAgICBpZiAoIGlvbW11X2RvbWlkID09IC0xICkKICAg ICAgICAgICAgIGNvbnRpbnVlOwogCi0gICAgICAgIGlmICggcGFnZV9jb3Vu dCAhPSAxIHx8IGRmbl9lcShkZm4sIElOVkFMSURfREZOKSApCisgICAgICAg IGlmICggIXBhZ2VfY291bnQgfHwgKHBhZ2VfY291bnQgJiAocGFnZV9jb3Vu dCAtIDEpKSB8fAorICAgICAgICAgICAgIGRmbl9lcShkZm4sIElOVkFMSURf REZOKSB8fCAhSVNfQUxJR05FRChkZm5feChkZm4pLCBwYWdlX2NvdW50KSAp CiAgICAgICAgICAgICByYyA9IGlvbW11X2ZsdXNoX2lvdGxiX2RzaShpb21t dSwgaW9tbXVfZG9taWQsCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAg ICAgICAgICAgICAwLCBmbHVzaF9kZXZfaW90bGIpOwogICAgICAgICBlbHNl CiAgICAgICAgICAgICByYyA9IGlvbW11X2ZsdXNoX2lvdGxiX3BzaShpb21t dSwgaW9tbXVfZG9taWQsCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAg ICAgICAgICAgICBkZm5fdG9fZGFkZHIoZGZuKSwKLSAgICAgICAgICAgICAg ICAgICAgICAgICAgICAgICAgICAgICAgIFBBR0VfT1JERVJfNEssCisgICAg ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICBnZXRfb3JkZXJf ZnJvbV9wYWdlcyhwYWdlX2NvdW50KSwKICAgICAgICAgICAgICAgICAgICAg ICAgICAgICAgICAgICAgICAgICFkbWFfb2xkX3B0ZV9wcmVzZW50LAogICAg ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgZmx1c2hfZGV2 X2lvdGxiKTsKIAo= --=separator Content-Type: application/octet-stream; name="xsa321/xsa321-4.13-2.patch" Content-Disposition: attachment; filename="xsa321/xsa321-4.13-2.patch" Content-Transfer-Encoding: base64 RnJvbTogPHNlY3VyaXR5QHhlbnByb2plY3Qub3JnPgpTdWJqZWN0OiB2dGQ6 IHBydW5lIChhbmQgcmVuYW1lKSBjYWNoZSBmbHVzaCBmdW5jdGlvbnMKClJl bmFtZSBfX2lvbW11X2ZsdXNoX2NhY2hlIHRvIGlvbW11X3N5bmNfY2FjaGUg YW5kIHJlbW92ZQppb21tdV9mbHVzaF9jYWNoZV9wYWdlLiBBbHNvIHJlbW92 ZSB0aGUgaW9tbXVfZmx1c2hfY2FjaGVfZW50cnkKd3JhcHBlciBhbmQganVz dCB1c2UgaW9tbXVfc3luY19jYWNoZSBpbnN0ZWFkLiBOb3RlIHRoZSBfZW50 cnkgc3VmZml4CndhcyBtZWFuaW5nbGVzcyBhcyB0aGUgd3JhcHBlciB3YXMg YWxyZWFkeSB0YWtpbmcgYSBzaXplIHBhcmFtZXRlciBpbgpieXRlcy4gV2hp bGUgdGhlcmUgYWxzbyBjb25zdGlmeSB0aGUgYWRkciBwYXJhbWV0ZXIuCgpO byBmdW5jdGlvbmFsIGNoYW5nZSBpbnRlbmRlZC4KClRoaXMgaXMgcGFydCBv ZiBYU0EtMzIxLgoKUmV2aWV3ZWQtYnk6IEphbiBCZXVsaWNoIDxqYmV1bGlj aEBzdXNlLmNvbT4KCi0tLSBhL3hlbi9kcml2ZXJzL3Bhc3N0aHJvdWdoL3Z0 ZC9leHRlcm4uaAorKysgYi94ZW4vZHJpdmVycy9wYXNzdGhyb3VnaC92dGQv ZXh0ZXJuLmgKQEAgLTQzLDggKzQzLDcgQEAgdm9pZCBkaXNhYmxlX3FpbnZh bChzdHJ1Y3QgdnRkX2lvbW11ICppbwogaW50IGVuYWJsZV9pbnRyZW1hcChz dHJ1Y3QgdnRkX2lvbW11ICppb21tdSwgaW50IGVpbSk7CiB2b2lkIGRpc2Fi bGVfaW50cmVtYXAoc3RydWN0IHZ0ZF9pb21tdSAqaW9tbXUpOwogCi12b2lk IGlvbW11X2ZsdXNoX2NhY2hlX2VudHJ5KHZvaWQgKmFkZHIsIHVuc2lnbmVk IGludCBzaXplKTsKLXZvaWQgaW9tbXVfZmx1c2hfY2FjaGVfcGFnZSh2b2lk ICphZGRyLCB1bnNpZ25lZCBsb25nIG5wYWdlcyk7Cit2b2lkIGlvbW11X3N5 bmNfY2FjaGUoY29uc3Qgdm9pZCAqYWRkciwgdW5zaWduZWQgaW50IHNpemUp OwogaW50IGlvbW11X2FsbG9jKHN0cnVjdCBhY3BpX2RyaGRfdW5pdCAqZHJo ZCk7CiB2b2lkIGlvbW11X2ZyZWUoc3RydWN0IGFjcGlfZHJoZF91bml0ICpk cmhkKTsKIAotLS0gYS94ZW4vZHJpdmVycy9wYXNzdGhyb3VnaC92dGQvaW50 cmVtYXAuYworKysgYi94ZW4vZHJpdmVycy9wYXNzdGhyb3VnaC92dGQvaW50 cmVtYXAuYwpAQCAtMjMwLDcgKzIzMCw3IEBAIHN0YXRpYyB2b2lkIGZyZWVf cmVtYXBfZW50cnkoc3RydWN0IHZ0ZF8KICAgICAgICAgICAgICAgICAgICAg IGlyZW1hcF9lbnRyaWVzLCBpcmVtYXBfZW50cnkpOwogCiAgICAgdXBkYXRl X2lydGUoaW9tbXUsIGlyZW1hcF9lbnRyeSwgJm5ld19pcmUsIGZhbHNlKTsK LSAgICBpb21tdV9mbHVzaF9jYWNoZV9lbnRyeShpcmVtYXBfZW50cnksIHNp emVvZigqaXJlbWFwX2VudHJ5KSk7CisgICAgaW9tbXVfc3luY19jYWNoZShp cmVtYXBfZW50cnksIHNpemVvZigqaXJlbWFwX2VudHJ5KSk7CiAgICAgaW9t bXVfZmx1c2hfaWVjX2luZGV4KGlvbW11LCAwLCBpbmRleCk7CiAKICAgICB1 bm1hcF92dGRfZG9tYWluX3BhZ2UoaXJlbWFwX2VudHJpZXMpOwpAQCAtNDA2 LDcgKzQwNiw3IEBAIHN0YXRpYyBpbnQgaW9hcGljX3J0ZV90b19yZW1hcF9l bnRyeShzdHIKICAgICB9CiAKICAgICB1cGRhdGVfaXJ0ZShpb21tdSwgaXJl bWFwX2VudHJ5LCAmbmV3X2lyZSwgIWluaXQpOwotICAgIGlvbW11X2ZsdXNo X2NhY2hlX2VudHJ5KGlyZW1hcF9lbnRyeSwgc2l6ZW9mKCppcmVtYXBfZW50 cnkpKTsKKyAgICBpb21tdV9zeW5jX2NhY2hlKGlyZW1hcF9lbnRyeSwgc2l6 ZW9mKCppcmVtYXBfZW50cnkpKTsKICAgICBpb21tdV9mbHVzaF9pZWNfaW5k ZXgoaW9tbXUsIDAsIGluZGV4KTsKIAogICAgIHVubWFwX3Z0ZF9kb21haW5f cGFnZShpcmVtYXBfZW50cmllcyk7CkBAIC02OTUsNyArNjk1LDcgQEAgc3Rh dGljIGludCBtc2lfbXNnX3RvX3JlbWFwX2VudHJ5KAogICAgIHVwZGF0ZV9p cnRlKGlvbW11LCBpcmVtYXBfZW50cnksICZuZXdfaXJlLCBtc2lfZGVzYy0+ aXJ0ZV9pbml0aWFsaXplZCk7CiAgICAgbXNpX2Rlc2MtPmlydGVfaW5pdGlh bGl6ZWQgPSB0cnVlOwogCi0gICAgaW9tbXVfZmx1c2hfY2FjaGVfZW50cnko aXJlbWFwX2VudHJ5LCBzaXplb2YoKmlyZW1hcF9lbnRyeSkpOworICAgIGlv bW11X3N5bmNfY2FjaGUoaXJlbWFwX2VudHJ5LCBzaXplb2YoKmlyZW1hcF9l bnRyeSkpOwogICAgIGlvbW11X2ZsdXNoX2llY19pbmRleChpb21tdSwgMCwg aW5kZXgpOwogCiAgICAgdW5tYXBfdnRkX2RvbWFpbl9wYWdlKGlyZW1hcF9l bnRyaWVzKTsKLS0tIGEveGVuL2RyaXZlcnMvcGFzc3Rocm91Z2gvdnRkL2lv bW11LmMKKysrIGIveGVuL2RyaXZlcnMvcGFzc3Rocm91Z2gvdnRkL2lvbW11 LmMKQEAgLTE0MCw3ICsxNDAsOCBAQCBzdGF0aWMgaW50IGNvbnRleHRfZ2V0 X2RvbWFpbl9pZChzdHJ1Y3QKIH0KIAogc3RhdGljIGludCBpb21tdXNfaW5j b2hlcmVudDsKLXN0YXRpYyB2b2lkIF9faW9tbXVfZmx1c2hfY2FjaGUodm9p ZCAqYWRkciwgdW5zaWduZWQgaW50IHNpemUpCisKK3ZvaWQgaW9tbXVfc3lu Y19jYWNoZShjb25zdCB2b2lkICphZGRyLCB1bnNpZ25lZCBpbnQgc2l6ZSkK IHsKICAgICBpbnQgaTsKICAgICBzdGF0aWMgdW5zaWduZWQgaW50IGNsZmx1 c2hfc2l6ZSA9IDA7CkBAIC0xNTUsMTYgKzE1Niw2IEBAIHN0YXRpYyB2b2lk IF9faW9tbXVfZmx1c2hfY2FjaGUodm9pZCAqYWQKICAgICAgICAgY2FjaGVs aW5lX2ZsdXNoKChjaGFyICopYWRkciArIGkpOwogfQogCi12b2lkIGlvbW11 X2ZsdXNoX2NhY2hlX2VudHJ5KHZvaWQgKmFkZHIsIHVuc2lnbmVkIGludCBz aXplKQotewotICAgIF9faW9tbXVfZmx1c2hfY2FjaGUoYWRkciwgc2l6ZSk7 Ci19Ci0KLXZvaWQgaW9tbXVfZmx1c2hfY2FjaGVfcGFnZSh2b2lkICphZGRy LCB1bnNpZ25lZCBsb25nIG5wYWdlcykKLXsKLSAgICBfX2lvbW11X2ZsdXNo X2NhY2hlKGFkZHIsIFBBR0VfU0laRSAqIG5wYWdlcyk7Ci19Ci0KIC8qIEFs bG9jYXRlIHBhZ2UgdGFibGUsIHJldHVybiBpdHMgbWFjaGluZSBhZGRyZXNz ICovCiB1aW50NjRfdCBhbGxvY19wZ3RhYmxlX21hZGRyKHVuc2lnbmVkIGxv bmcgbnBhZ2VzLCBub2RlaWRfdCBub2RlKQogewpAQCAtMTgzLDcgKzE3NCw3 IEBAIHVpbnQ2NF90IGFsbG9jX3BndGFibGVfbWFkZHIodW5zaWduZWQgbG8K ICAgICAgICAgdmFkZHIgPSBfX21hcF9kb21haW5fcGFnZShjdXJfcGcpOwog ICAgICAgICBtZW1zZXQodmFkZHIsIDAsIFBBR0VfU0laRSk7CiAKLSAgICAg ICAgaW9tbXVfZmx1c2hfY2FjaGVfcGFnZSh2YWRkciwgMSk7CisgICAgICAg IGlvbW11X3N5bmNfY2FjaGUodmFkZHIsIFBBR0VfU0laRSk7CiAgICAgICAg IHVubWFwX2RvbWFpbl9wYWdlKHZhZGRyKTsKICAgICAgICAgY3VyX3BnKys7 CiAgICAgfQpAQCAtMjE2LDcgKzIwNyw3IEBAIHN0YXRpYyB1NjQgYnVzX3Rv X2NvbnRleHRfbWFkZHIoc3RydWN0IHYKICAgICAgICAgfQogICAgICAgICBz ZXRfcm9vdF92YWx1ZSgqcm9vdCwgbWFkZHIpOwogICAgICAgICBzZXRfcm9v dF9wcmVzZW50KCpyb290KTsKLSAgICAgICAgaW9tbXVfZmx1c2hfY2FjaGVf ZW50cnkocm9vdCwgc2l6ZW9mKHN0cnVjdCByb290X2VudHJ5KSk7CisgICAg ICAgIGlvbW11X3N5bmNfY2FjaGUocm9vdCwgc2l6ZW9mKHN0cnVjdCByb290 X2VudHJ5KSk7CiAgICAgfQogICAgIG1hZGRyID0gKHU2NCkgZ2V0X2NvbnRl eHRfYWRkcigqcm9vdCk7CiAgICAgdW5tYXBfdnRkX2RvbWFpbl9wYWdlKHJv b3RfZW50cmllcyk7CkBAIC0yNjMsNyArMjU0LDcgQEAgc3RhdGljIHU2NCBh ZGRyX3RvX2RtYV9wYWdlX21hZGRyKHN0cnVjdAogICAgICAgICAgICAgICov CiAgICAgICAgICAgICBkbWFfc2V0X3B0ZV9yZWFkYWJsZSgqcHRlKTsKICAg ICAgICAgICAgIGRtYV9zZXRfcHRlX3dyaXRhYmxlKCpwdGUpOwotICAgICAg ICAgICAgaW9tbXVfZmx1c2hfY2FjaGVfZW50cnkocHRlLCBzaXplb2Yoc3Ry dWN0IGRtYV9wdGUpKTsKKyAgICAgICAgICAgIGlvbW11X3N5bmNfY2FjaGUo cHRlLCBzaXplb2Yoc3RydWN0IGRtYV9wdGUpKTsKICAgICAgICAgfQogCiAg ICAgICAgIGlmICggbGV2ZWwgPT0gMiApCkBAIC02NDAsNyArNjMxLDcgQEAg c3RhdGljIGludCBfX211c3RfY2hlY2sgZG1hX3B0ZV9jbGVhcl9vbgogICAg ICpmbHVzaF9mbGFncyB8PSBJT01NVV9GTFVTSEZfbW9kaWZpZWQ7CiAKICAg ICBzcGluX3VubG9jaygmaGQtPmFyY2gubWFwcGluZ19sb2NrKTsKLSAgICBp b21tdV9mbHVzaF9jYWNoZV9lbnRyeShwdGUsIHNpemVvZihzdHJ1Y3QgZG1h X3B0ZSkpOworICAgIGlvbW11X3N5bmNfY2FjaGUocHRlLCBzaXplb2Yoc3Ry dWN0IGRtYV9wdGUpKTsKIAogICAgIHVubWFwX3Z0ZF9kb21haW5fcGFnZShw YWdlKTsKIApAQCAtNjc5LDcgKzY3MCw3IEBAIHN0YXRpYyB2b2lkIGlvbW11 X2ZyZWVfcGFnZV90YWJsZShzdHJ1Y3QKICAgICAgICAgICAgIGlvbW11X2Zy ZWVfcGFnZXRhYmxlKGRtYV9wdGVfYWRkcigqcHRlKSwgbmV4dF9sZXZlbCk7 CiAKICAgICAgICAgZG1hX2NsZWFyX3B0ZSgqcHRlKTsKLSAgICAgICAgaW9t bXVfZmx1c2hfY2FjaGVfZW50cnkocHRlLCBzaXplb2Yoc3RydWN0IGRtYV9w dGUpKTsKKyAgICAgICAgaW9tbXVfc3luY19jYWNoZShwdGUsIHNpemVvZihz dHJ1Y3QgZG1hX3B0ZSkpOwogICAgIH0KIAogICAgIHVubWFwX3Z0ZF9kb21h aW5fcGFnZShwdF92YWRkcik7CkBAIC0xNDAwLDcgKzEzOTEsNyBAQCBpbnQg ZG9tYWluX2NvbnRleHRfbWFwcGluZ19vbmUoCiAgICAgY29udGV4dF9zZXRf YWRkcmVzc193aWR0aCgqY29udGV4dCwgYWdhdyk7CiAgICAgY29udGV4dF9z ZXRfZmF1bHRfZW5hYmxlKCpjb250ZXh0KTsKICAgICBjb250ZXh0X3NldF9w cmVzZW50KCpjb250ZXh0KTsKLSAgICBpb21tdV9mbHVzaF9jYWNoZV9lbnRy eShjb250ZXh0LCBzaXplb2Yoc3RydWN0IGNvbnRleHRfZW50cnkpKTsKKyAg ICBpb21tdV9zeW5jX2NhY2hlKGNvbnRleHQsIHNpemVvZihzdHJ1Y3QgY29u dGV4dF9lbnRyeSkpOwogICAgIHNwaW5fdW5sb2NrKCZpb21tdS0+bG9jayk7 CiAKICAgICAvKiBDb250ZXh0IGVudHJ5IHdhcyBwcmV2aW91c2x5IG5vbi1w cmVzZW50ICh3aXRoIGRvbWlkIDApLiAqLwpAQCAtMTU2NCw3ICsxNTU1LDcg QEAgaW50IGRvbWFpbl9jb250ZXh0X3VubWFwX29uZSgKIAogICAgIGNvbnRl eHRfY2xlYXJfcHJlc2VudCgqY29udGV4dCk7CiAgICAgY29udGV4dF9jbGVh cl9lbnRyeSgqY29udGV4dCk7Ci0gICAgaW9tbXVfZmx1c2hfY2FjaGVfZW50 cnkoY29udGV4dCwgc2l6ZW9mKHN0cnVjdCBjb250ZXh0X2VudHJ5KSk7Cisg ICAgaW9tbXVfc3luY19jYWNoZShjb250ZXh0LCBzaXplb2Yoc3RydWN0IGNv bnRleHRfZW50cnkpKTsKIAogICAgIGlvbW11X2RvbWlkPSBkb21haW5faW9t bXVfZG9taWQoZG9tYWluLCBpb21tdSk7CiAgICAgaWYgKCBpb21tdV9kb21p ZCA9PSAtMSApCkBAIC0xNzkxLDcgKzE3ODIsNyBAQCBzdGF0aWMgaW50IF9f bXVzdF9jaGVjayBpbnRlbF9pb21tdV9tYXBfCiAKICAgICAqcHRlID0gbmV3 OwogCi0gICAgaW9tbXVfZmx1c2hfY2FjaGVfZW50cnkocHRlLCBzaXplb2Yo c3RydWN0IGRtYV9wdGUpKTsKKyAgICBpb21tdV9zeW5jX2NhY2hlKHB0ZSwg c2l6ZW9mKHN0cnVjdCBkbWFfcHRlKSk7CiAgICAgc3Bpbl91bmxvY2soJmhk LT5hcmNoLm1hcHBpbmdfbG9jayk7CiAgICAgdW5tYXBfdnRkX2RvbWFpbl9w YWdlKHBhZ2UpOwogCkBAIC0xODY2LDcgKzE4NTcsNyBAQCBpbnQgaW9tbXVf cHRlX2ZsdXNoKHN0cnVjdCBkb21haW4gKmQsIHVpCiAgICAgaW50IGlvbW11 X2RvbWlkOwogICAgIGludCByYyA9IDA7CiAKLSAgICBpb21tdV9mbHVzaF9j YWNoZV9lbnRyeShwdGUsIHNpemVvZihzdHJ1Y3QgZG1hX3B0ZSkpOworICAg IGlvbW11X3N5bmNfY2FjaGUocHRlLCBzaXplb2Yoc3RydWN0IGRtYV9wdGUp KTsKIAogICAgIGZvcl9lYWNoX2RyaGRfdW5pdCAoIGRyaGQgKQogICAgIHsK QEAgLTI3MjQsNyArMjcxNSw3IEBAIHN0YXRpYyBpbnQgX19pbml0IGludGVs X2lvbW11X3F1YXJhbnRpbmUKICAgICAgICAgICAgIGRtYV9zZXRfcHRlX2Fk ZHIoKnB0ZSwgbWFkZHIpOwogICAgICAgICAgICAgZG1hX3NldF9wdGVfcmVh ZGFibGUoKnB0ZSk7CiAgICAgICAgIH0KLSAgICAgICAgaW9tbXVfZmx1c2hf Y2FjaGVfcGFnZShwYXJlbnQsIDEpOworICAgICAgICBpb21tdV9zeW5jX2Nh Y2hlKHBhcmVudCwgUEFHRV9TSVpFKTsKIAogICAgICAgICB1bm1hcF92dGRf ZG9tYWluX3BhZ2UocGFyZW50KTsKICAgICAgICAgcGFyZW50ID0gbWFwX3Z0 ZF9kb21haW5fcGFnZShtYWRkcik7Cg== --=separator Content-Type: application/octet-stream; name="xsa321/xsa321-4.13-3.patch" Content-Disposition: attachment; filename="xsa321/xsa321-4.13-3.patch" Content-Transfer-Encoding: base64 RnJvbTogPHNlY3VyaXR5QHhlbnByb2plY3Qub3JnPgpTdWJqZWN0OiB4ODYv aW9tbXU6IGludHJvZHVjZSBhIGNhY2hlIHN5bmMgaG9vawoKVGhlIGhvb2sg aXMgb25seSBpbXBsZW1lbnRlZCBmb3IgVlQtZCBhbmQgaXQgdXNlcyB0aGUg YWxyZWFkeSBleGlzdGluZwppb21tdV9zeW5jX2NhY2hlIGZ1bmN0aW9uIHBy ZXNlbnQgaW4gVlQtZCBjb2RlLiBUaGUgbmV3IGhvb2sgaXMKYWRkZWQgc28g dGhhdCB0aGUgY2FjaGUgY2FuIGJlIGZsdXNoZWQgYnkgY29kZSBvdXRzaWRl IG9mIFZULWQgd2hlbgp1c2luZyBzaGFyZWQgcGFnZSB0YWJsZXMuCgpOb3Rl IHRoYXQgYWxsb2NfcGd0YWJsZV9tYWRkciBtdXN0IHVzZSB0aGUgbm93IGxv Y2FsbHkgZGVmaW5lZApzeW5jX2NhY2hlIGZ1bmN0aW9uLCBiZWNhdXNlIElP TU1VIG9wcyBhcmUgbm90IHlldCBzZXR1cCB0aGUgZmlyc3QKdGltZSB0aGUg ZnVuY3Rpb24gZ2V0cyBjYWxsZWQgZHVyaW5nIElPTU1VIGluaXRpYWxpemF0 aW9uLgoKTm8gZnVuY3Rpb25hbCBjaGFuZ2UgaW50ZW5kZWQuCgpUaGlzIGlz IHBhcnQgb2YgWFNBLTMyMS4KClJldmlld2VkLWJ5OiBKYW4gQmV1bGljaCA8 amJldWxpY2hAc3VzZS5jb20+CgotLS0gYS94ZW4vZHJpdmVycy9wYXNzdGhy b3VnaC92dGQvZXh0ZXJuLmgKKysrIGIveGVuL2RyaXZlcnMvcGFzc3Rocm91 Z2gvdnRkL2V4dGVybi5oCkBAIC00Myw3ICs0Myw2IEBAIHZvaWQgZGlzYWJs ZV9xaW52YWwoc3RydWN0IHZ0ZF9pb21tdSAqaW8KIGludCBlbmFibGVfaW50 cmVtYXAoc3RydWN0IHZ0ZF9pb21tdSAqaW9tbXUsIGludCBlaW0pOwogdm9p ZCBkaXNhYmxlX2ludHJlbWFwKHN0cnVjdCB2dGRfaW9tbXUgKmlvbW11KTsK IAotdm9pZCBpb21tdV9zeW5jX2NhY2hlKGNvbnN0IHZvaWQgKmFkZHIsIHVu c2lnbmVkIGludCBzaXplKTsKIGludCBpb21tdV9hbGxvYyhzdHJ1Y3QgYWNw aV9kcmhkX3VuaXQgKmRyaGQpOwogdm9pZCBpb21tdV9mcmVlKHN0cnVjdCBh Y3BpX2RyaGRfdW5pdCAqZHJoZCk7CiAKLS0tIGEveGVuL2RyaXZlcnMvcGFz c3Rocm91Z2gvdnRkL2lvbW11LmMKKysrIGIveGVuL2RyaXZlcnMvcGFzc3Ro cm91Z2gvdnRkL2lvbW11LmMKQEAgLTE0MSw3ICsxNDEsNyBAQCBzdGF0aWMg aW50IGNvbnRleHRfZ2V0X2RvbWFpbl9pZChzdHJ1Y3QKIAogc3RhdGljIGlu dCBpb21tdXNfaW5jb2hlcmVudDsKIAotdm9pZCBpb21tdV9zeW5jX2NhY2hl KGNvbnN0IHZvaWQgKmFkZHIsIHVuc2lnbmVkIGludCBzaXplKQorc3RhdGlj IHZvaWQgc3luY19jYWNoZShjb25zdCB2b2lkICphZGRyLCB1bnNpZ25lZCBp bnQgc2l6ZSkKIHsKICAgICBpbnQgaTsKICAgICBzdGF0aWMgdW5zaWduZWQg aW50IGNsZmx1c2hfc2l6ZSA9IDA7CkBAIC0xNzQsNyArMTc0LDcgQEAgdWlu dDY0X3QgYWxsb2NfcGd0YWJsZV9tYWRkcih1bnNpZ25lZCBsbwogICAgICAg ICB2YWRkciA9IF9fbWFwX2RvbWFpbl9wYWdlKGN1cl9wZyk7CiAgICAgICAg IG1lbXNldCh2YWRkciwgMCwgUEFHRV9TSVpFKTsKIAotICAgICAgICBpb21t dV9zeW5jX2NhY2hlKHZhZGRyLCBQQUdFX1NJWkUpOworICAgICAgICBzeW5j X2NhY2hlKHZhZGRyLCBQQUdFX1NJWkUpOwogICAgICAgICB1bm1hcF9kb21h aW5fcGFnZSh2YWRkcik7CiAgICAgICAgIGN1cl9wZysrOwogICAgIH0KQEAg LTI3NjMsNiArMjc2Myw3IEBAIGNvbnN0IHN0cnVjdCBpb21tdV9vcHMgX19p bml0Y29uc3RyZWwgaW4KICAgICAuaW90bGJfZmx1c2hfYWxsID0gaW9tbXVf Zmx1c2hfaW90bGJfYWxsLAogICAgIC5nZXRfcmVzZXJ2ZWRfZGV2aWNlX21l bW9yeSA9IGludGVsX2lvbW11X2dldF9yZXNlcnZlZF9kZXZpY2VfbWVtb3J5 LAogICAgIC5kdW1wX3AybV90YWJsZSA9IHZ0ZF9kdW1wX3AybV90YWJsZSwK KyAgICAuc3luY19jYWNoZSA9IHN5bmNfY2FjaGUsCiB9OwogCiBjb25zdCBz dHJ1Y3QgaW9tbXVfaW5pdF9vcHMgX19pbml0Y29uc3RyZWwgaW50ZWxfaW9t bXVfaW5pdF9vcHMgPSB7Ci0tLSBhL3hlbi9pbmNsdWRlL2FzbS14ODYvaW9t bXUuaAorKysgYi94ZW4vaW5jbHVkZS9hc20teDg2L2lvbW11LmgKQEAgLTEy MSw2ICsxMjEsMTMgQEAgZXh0ZXJuIGJvb2wgdW50cnVzdGVkX21zaTsKIGlu dCBwaV91cGRhdGVfaXJ0ZShjb25zdCBzdHJ1Y3QgcGlfZGVzYyAqcGlfZGVz YywgY29uc3Qgc3RydWN0IHBpcnEgKnBpcnEsCiAgICAgICAgICAgICAgICAg ICAgY29uc3QgdWludDhfdCBndmVjKTsKIAorI2RlZmluZSBpb21tdV9zeW5j X2NhY2hlKGFkZHIsIHNpemUpICh7ICAgICAgICAgICAgICAgICBcCisgICAg Y29uc3Qgc3RydWN0IGlvbW11X29wcyAqb3BzID0gaW9tbXVfZ2V0X29wcygp OyAgICAgIFwKKyAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAg ICAgICAgICAgICAgICAgICAgICAgXAorICAgIGlmICggb3BzLT5zeW5jX2Nh Y2hlICkgICAgICAgICAgICAgICAgICAgICAgICAgICAgICBcCisgICAgICAg IGlvbW11X3ZjYWxsKG9wcywgc3luY19jYWNoZSwgYWRkciwgc2l6ZSk7ICAg ICAgIFwKK30pCisKICNlbmRpZiAvKiAhX19BUkNIX1g4Nl9JT01NVV9IX18g Ki8KIC8qCiAgKiBMb2NhbCB2YXJpYWJsZXM6Ci0tLSBhL3hlbi9pbmNsdWRl L3hlbi9pb21tdS5oCisrKyBiL3hlbi9pbmNsdWRlL3hlbi9pb21tdS5oCkBA IC0yNTAsNiArMjUwLDcgQEAgc3RydWN0IGlvbW11X29wcyB7CiAgICAgaW50 ICgqc2V0dXBfaHBldF9tc2kpKHN0cnVjdCBtc2lfZGVzYyAqKTsKIAogICAg IGludCAoKmFkanVzdF9pcnFfYWZmaW5pdGllcykodm9pZCk7CisgICAgdm9p ZCAoKnN5bmNfY2FjaGUpKGNvbnN0IHZvaWQgKmFkZHIsIHVuc2lnbmVkIGlu dCBzaXplKTsKICNlbmRpZiAvKiBDT05GSUdfWDg2ICovCiAKICAgICBpbnQg X19tdXN0X2NoZWNrICgqc3VzcGVuZCkodm9pZCk7Cg== --=separator Content-Type: application/octet-stream; name="xsa321/xsa321-4.13-4.patch" Content-Disposition: attachment; filename="xsa321/xsa321-4.13-4.patch" Content-Transfer-Encoding: base64 RnJvbTogPHNlY3VyaXR5QHhlbnByb2plY3Qub3JnPgpTdWJqZWN0OiB2dGQ6 IGRvbid0IGFzc3VtZSBhZGRyZXNzZXMgYXJlIGFsaWduZWQgaW4gc3luY19j YWNoZQoKQ3VycmVudCBjb2RlIGluIHN5bmNfY2FjaGUgYXNzdW1lIHRoYXQg dGhlIGFkZHJlc3MgcGFzc2VkIGluIGlzCmFsaWduZWQgdG8gYSBjYWNoZSBs aW5lIHNpemUuIEZpeCB0aGUgY29kZSB0byBzdXBwb3J0IHBhc3NpbmcgaW4K YXJiaXRyYXJ5IGFkZHJlc3NlcyBub3QgbmVjZXNzYXJpbHkgYWxpZ25lZCB0 byBhIGNhY2hlIGxpbmUgc2l6ZS4KClRoaXMgaXMgcGFydCBvZiBYU0EtMzIx LgoKUmV2aWV3ZWQtYnk6IEphbiBCZXVsaWNoIDxqYmV1bGljaEBzdXNlLmNv bT4KCi0tLSBhL3hlbi9kcml2ZXJzL3Bhc3N0aHJvdWdoL3Z0ZC9pb21tdS5j CisrKyBiL3hlbi9kcml2ZXJzL3Bhc3N0aHJvdWdoL3Z0ZC9pb21tdS5jCkBA IC0xNDMsOCArMTQzLDggQEAgc3RhdGljIGludCBpb21tdXNfaW5jb2hlcmVu dDsKIAogc3RhdGljIHZvaWQgc3luY19jYWNoZShjb25zdCB2b2lkICphZGRy LCB1bnNpZ25lZCBpbnQgc2l6ZSkKIHsKLSAgICBpbnQgaTsKLSAgICBzdGF0 aWMgdW5zaWduZWQgaW50IGNsZmx1c2hfc2l6ZSA9IDA7CisgICAgc3RhdGlj IHVuc2lnbmVkIGxvbmcgY2xmbHVzaF9zaXplID0gMDsKKyAgICBjb25zdCB2 b2lkICplbmQgPSBhZGRyICsgc2l6ZTsKIAogICAgIGlmICggIWlvbW11c19p bmNvaGVyZW50ICkKICAgICAgICAgcmV0dXJuOwpAQCAtMTUyLDggKzE1Miw5 IEBAIHN0YXRpYyB2b2lkIHN5bmNfY2FjaGUoY29uc3Qgdm9pZCAqYWRkciwK ICAgICBpZiAoIGNsZmx1c2hfc2l6ZSA9PSAwICkKICAgICAgICAgY2xmbHVz aF9zaXplID0gZ2V0X2NhY2hlX2xpbmVfc2l6ZSgpOwogCi0gICAgZm9yICgg aSA9IDA7IGkgPCBzaXplOyBpICs9IGNsZmx1c2hfc2l6ZSApCi0gICAgICAg IGNhY2hlbGluZV9mbHVzaCgoY2hhciAqKWFkZHIgKyBpKTsKKyAgICBhZGRy IC09ICh1bnNpZ25lZCBsb25nKWFkZHIgJiAoY2xmbHVzaF9zaXplIC0gMSk7 CisgICAgZm9yICggOyBhZGRyIDwgZW5kOyBhZGRyICs9IGNsZmx1c2hfc2l6 ZSApCisgICAgICAgIGNhY2hlbGluZV9mbHVzaCgoY2hhciAqKWFkZHIpOwog fQogCiAvKiBBbGxvY2F0ZSBwYWdlIHRhYmxlLCByZXR1cm4gaXRzIG1hY2hp bmUgYWRkcmVzcyAqLwo= --=separator Content-Type: application/octet-stream; name="xsa321/xsa321-4.13-5.patch" Content-Disposition: attachment; filename="xsa321/xsa321-4.13-5.patch" Content-Transfer-Encoding: base64 RnJvbTogPHNlY3VyaXR5QHhlbnByb2plY3Qub3JnPgpTdWJqZWN0OiB4ODYv YWx0ZXJuYXRpdmU6IGludHJvZHVjZSBhbHRlcm5hdGl2ZV8yCgpJdCdzIGJh c2VkIG9uIGFsdGVybmF0aXZlX2lvXzIgd2l0aG91dCBpbnB1dHMgb3Igb3V0 cHV0cyBidXQgd2l0aCBhbgphZGRlZCBtZW1vcnkgY2xvYmJlci4KClRoaXMg aXMgcGFydCBvZiBYU0EtMzIxLgoKQWNrZWQtYnk6IEphbiBCZXVsaWNoIDxq YmV1bGljaEBzdXNlLmNvbT4KCi0tLSBhL3hlbi9pbmNsdWRlL2FzbS14ODYv YWx0ZXJuYXRpdmUuaAorKysgYi94ZW4vaW5jbHVkZS9hc20teDg2L2FsdGVy bmF0aXZlLmgKQEAgLTExNCw2ICsxMTQsMTEgQEAgZXh0ZXJuIHZvaWQgYWx0 ZXJuYXRpdmVfYnJhbmNoZXModm9pZCk7CiAjZGVmaW5lIGFsdGVybmF0aXZl KG9sZGluc3RyLCBuZXdpbnN0ciwgZmVhdHVyZSkgICAgICAgICAgICAgICAg ICAgICAgICBcCiAgICAgICAgIGFzbSB2b2xhdGlsZSAoQUxURVJOQVRJVkUo b2xkaW5zdHIsIG5ld2luc3RyLCBmZWF0dXJlKSA6IDogOiAibWVtb3J5IikK IAorI2RlZmluZSBhbHRlcm5hdGl2ZV8yKG9sZGluc3RyLCBuZXdpbnN0cjEs IGZlYXR1cmUxLCBuZXdpbnN0cjIsIGZlYXR1cmUyKSBcCisJYXNtIHZvbGF0 aWxlIChBTFRFUk5BVElWRV8yKG9sZGluc3RyLCBuZXdpbnN0cjEsIGZlYXR1 cmUxLAlcCisJCQkJICAgIG5ld2luc3RyMiwgZmVhdHVyZTIpCQlcCisJCSAg ICAgIDogOiA6ICJtZW1vcnkiKQorCiAvKgogICogQWx0ZXJuYXRpdmUgaW5s aW5lIGFzc2VtYmx5IHdpdGggaW5wdXQuCiAgKgo= --=separator Content-Type: application/octet-stream; name="xsa321/xsa321-4.13-6.patch" Content-Disposition: attachment; filename="xsa321/xsa321-4.13-6.patch" Content-Transfer-Encoding: base64 RnJvbTogPHNlY3VyaXR5QHhlbnByb2plY3Qub3JnPgpTdWJqZWN0OiB2dGQ6 IG9wdGltaXplIENQVSBjYWNoZSBzeW5jCgpTb21lIFZULWQgSU9NTVVzIGFy ZSBub24tY29oZXJlbnQsIHdoaWNoIHJlcXVpcmVzIGEgY2FjaGUgd3JpdGUg YmFjawppbiBvcmRlciBmb3IgdGhlIGNoYW5nZXMgbWFkZSBieSB0aGUgQ1BV IHRvIGJlIHZpc2libGUgdG8gdGhlIElPTU1VLgpUaGlzIGNhY2hlIHdyaXRl IGJhY2sgd2FzIHVuY29uZGl0aW9uYWxseSBkb25lIHVzaW5nIGNsZmx1c2gs IGJ1dCB0aGVyZSBhcmUKb3RoZXIgbW9yZSBlZmZpY2llbnQgaW5zdHJ1Y3Rp b25zIHRvIGRvIHNvLCBoZW5jZSBpbXBsZW1lbnQgc3VwcG9ydApmb3IgdGhl bSB1c2luZyB0aGUgYWx0ZXJuYXRpdmUgZnJhbWV3b3JrLgoKVGhpcyBpcyBw YXJ0IG9mIFhTQS0zMjEuCgpSZXZpZXdlZC1ieTogSmFuIEJldWxpY2ggPGpi ZXVsaWNoQHN1c2UuY29tPgoKLS0tIGEveGVuL2RyaXZlcnMvcGFzc3Rocm91 Z2gvdnRkL2V4dGVybi5oCisrKyBiL3hlbi9kcml2ZXJzL3Bhc3N0aHJvdWdo L3Z0ZC9leHRlcm4uaApAQCAtNjgsNyArNjgsNiBAQCBpbnQgX19tdXN0X2No ZWNrIHFpbnZhbF9kZXZpY2VfaW90bGJfc3luCiAgICAgICAgICAgICAgICAg ICAgICAgICAgICAgICAgICAgICAgICAgICB1MTYgZGlkLCB1MTYgc2l6ZSwg dTY0IGFkZHIpOwogCiB1bnNpZ25lZCBpbnQgZ2V0X2NhY2hlX2xpbmVfc2l6 ZSh2b2lkKTsKLXZvaWQgY2FjaGVsaW5lX2ZsdXNoKGNoYXIgKik7CiB2b2lk IGZsdXNoX2FsbF9jYWNoZSh2b2lkKTsKIAogdWludDY0X3QgYWxsb2NfcGd0 YWJsZV9tYWRkcih1bnNpZ25lZCBsb25nIG5wYWdlcywgbm9kZWlkX3Qgbm9k ZSk7Ci0tLSBhL3hlbi9kcml2ZXJzL3Bhc3N0aHJvdWdoL3Z0ZC9pb21tdS5j CisrKyBiL3hlbi9kcml2ZXJzL3Bhc3N0aHJvdWdoL3Z0ZC9pb21tdS5jCkBA IC0zMSw2ICszMSw3IEBACiAjaW5jbHVkZSA8eGVuL3BjaV9yZWdzLmg+CiAj aW5jbHVkZSA8eGVuL2tleWhhbmRsZXIuaD4KICNpbmNsdWRlIDxhc20vbXNp Lmg+CisjaW5jbHVkZSA8YXNtL25vcHMuaD4KICNpbmNsdWRlIDxhc20vaXJx Lmg+CiAjaW5jbHVkZSA8YXNtL2h2bS92bXgvdm14Lmg+CiAjaW5jbHVkZSA8 YXNtL3AybS5oPgpAQCAtMTU0LDcgKzE1NSw0MiBAQCBzdGF0aWMgdm9pZCBz eW5jX2NhY2hlKGNvbnN0IHZvaWQgKmFkZHIsCiAKICAgICBhZGRyIC09ICh1 bnNpZ25lZCBsb25nKWFkZHIgJiAoY2xmbHVzaF9zaXplIC0gMSk7CiAgICAg Zm9yICggOyBhZGRyIDwgZW5kOyBhZGRyICs9IGNsZmx1c2hfc2l6ZSApCi0g ICAgICAgIGNhY2hlbGluZV9mbHVzaCgoY2hhciAqKWFkZHIpOworLyoKKyAq IFRoZSBhcmd1bWVudHMgdG8gYSBtYWNybyBtdXN0IG5vdCBpbmNsdWRlIHBy ZXByb2Nlc3NvciBkaXJlY3RpdmVzLiBEb2luZyBzbworICogcmVzdWx0cyBp biB1bmRlZmluZWQgYmVoYXZpb3IsIHNvIHdlIGhhdmUgdG8gY3JlYXRlIHNv bWUgZGVmaW5lcyBoZXJlIGluCisgKiBvcmRlciB0byBhdm9pZCBpdC4KKyAq LworI2lmIGRlZmluZWQoSEFWRV9BU19DTFdCKQorIyBkZWZpbmUgQ0xXQl9F TkNPRElORyAiY2x3YiAlW3BdIgorI2VsaWYgZGVmaW5lZChIQVZFX0FTX1hT QVZFT1BUKQorIyBkZWZpbmUgQ0xXQl9FTkNPRElORyAiZGF0YTE2IHhzYXZl b3B0ICVbcF0iIC8qIGNsd2IgKi8KKyNlbHNlCisjIGRlZmluZSBDTFdCX0VO Q09ESU5HICIuYnl0ZSAweDY2LCAweDBmLCAweGFlLCAweDMwIiAvKiBjbHdi ICglJXJheCkgKi8KKyNlbmRpZgorCisjZGVmaW5lIEJBU0VfSU5QVVQoYWRk cikgW3BdICJtIiAoKihjb25zdCBjaGFyICopKGFkZHIpKQorI2lmIGRlZmlu ZWQoSEFWRV9BU19DTFdCKSB8fCBkZWZpbmVkKEhBVkVfQVNfWFNBVkVPUFQp CisjIGRlZmluZSBJTlBVVCBCQVNFX0lOUFVUCisjZWxzZQorIyBkZWZpbmUg SU5QVVQoYWRkcikgImEiIChhZGRyKSwgQkFTRV9JTlBVVChhZGRyKQorI2Vu ZGlmCisgICAgICAgIC8qCisgICAgICAgICAqIE5vdGUgcmVnYXJkaW5nIHRo ZSB1c2Ugb2YgTk9QX0RTX1BSRUZJWDogaXQncyBmYXN0ZXIgdG8gZG8gYSBj bGZsdXNoCisgICAgICAgICAqICsgcHJlZml4IHRoYW4gYSBjbGZsdXNoICsg bm9wLCBhbmQgaGVuY2UgdGhlIHByZWZpeCBpcyBhZGRlZCBpbnN0ZWFkCisg ICAgICAgICAqIG9mIGxldHRpbmcgdGhlIGFsdGVybmF0aXZlIGZyYW1ld29y ayBmaWxsIHRoZSBnYXAgYnkgYXBwZW5kaW5nIG5vcHMuCisgICAgICAgICAq LworICAgICAgICBhbHRlcm5hdGl2ZV9pb18yKCIuYnl0ZSAiIF9fc3RyaW5n aWZ5KE5PUF9EU19QUkVGSVgpICI7IGNsZmx1c2ggJVtwXSIsCisgICAgICAg ICAgICAgICAgICAgICAgICAgImRhdGExNiBjbGZsdXNoICVbcF0iLCAvKiBj bGZsdXNob3B0ICovCisgICAgICAgICAgICAgICAgICAgICAgICAgWDg2X0ZF QVRVUkVfQ0xGTFVTSE9QVCwKKyAgICAgICAgICAgICAgICAgICAgICAgICBD TFdCX0VOQ09ESU5HLAorICAgICAgICAgICAgICAgICAgICAgICAgIFg4Nl9G RUFUVVJFX0NMV0IsIC8qIG5vIG91dHB1dHMgKi8sCisgICAgICAgICAgICAg ICAgICAgICAgICAgSU5QVVQoYWRkcikpOworI3VuZGVmIElOUFVUCisjdW5k ZWYgQkFTRV9JTlBVVAorI3VuZGVmIENMV0JfRU5DT0RJTkcKKworICAgIGFs dGVybmF0aXZlXzIoIiIsICJzZmVuY2UiLCBYODZfRkVBVFVSRV9DTEZMVVNI T1BULAorICAgICAgICAgICAgICAgICAgICAgICJzZmVuY2UiLCBYODZfRkVB VFVSRV9DTFdCKTsKIH0KIAogLyogQWxsb2NhdGUgcGFnZSB0YWJsZSwgcmV0 dXJuIGl0cyBtYWNoaW5lIGFkZHJlc3MgKi8KLS0tIGEveGVuL2RyaXZlcnMv cGFzc3Rocm91Z2gvdnRkL3g4Ni92dGQuYworKysgYi94ZW4vZHJpdmVycy9w YXNzdGhyb3VnaC92dGQveDg2L3Z0ZC5jCkBAIC01MSwxMSArNTEsNiBAQCB1 bnNpZ25lZCBpbnQgZ2V0X2NhY2hlX2xpbmVfc2l6ZSh2b2lkKQogICAgIHJl dHVybiAoKGNwdWlkX2VieCgxKSA+PiA4KSAmIDB4ZmYpICogODsKIH0KIAot dm9pZCBjYWNoZWxpbmVfZmx1c2goY2hhciAqIGFkZHIpCi17Ci0gICAgY2xm bHVzaChhZGRyKTsKLX0KLQogdm9pZCBmbHVzaF9hbGxfY2FjaGUoKQogewog ICAgIHdiaW52ZCgpOwo= --=separator Content-Type: application/octet-stream; name="xsa321/xsa321-4.13-7.patch" Content-Disposition: attachment; filename="xsa321/xsa321-4.13-7.patch" Content-Transfer-Encoding: base64 RnJvbTogPHNlY3VyaXR5QHhlbnByb2plY3Qub3JnPgpTdWJqZWN0OiB4ODYv ZXB0OiBmbHVzaCBjYWNoZSB3aGVuIG1vZGlmeWluZyBQVEVzIGFuZCBzaGFy aW5nIHBhZ2UgdGFibGVzCgpNb2RpZmljYXRpb25zIG1hZGUgdG8gdGhlIHBh Z2UgdGFibGVzIGJ5IEVQVCBjb2RlIG5lZWQgdG8gYmUgd3JpdHRlbgp0byBt ZW1vcnkgd2hlbiB0aGUgcGFnZSB0YWJsZXMgYXJlIHNoYXJlZCB3aXRoIHRo ZSBJT01NVSwgYXMgSW50ZWwKSU9NTVVzIGNhbiBiZSBub24tY29oZXJlbnQg YW5kIHRodXMgcmVxdWlyZSBjaGFuZ2VzIHRvIGJlIHdyaXR0ZW4gdG8KbWVt b3J5IGluIG9yZGVyIHRvIGJlIHZpc2libGUgdG8gdGhlIElPTU1VLgoKSW4g b3JkZXIgdG8gYWNoaWV2ZSB0aGlzIG1ha2Ugc3VyZSBkYXRhIGlzIHdyaXR0 ZW4gYmFjayB0byBtZW1vcnkKYWZ0ZXIgd3JpdGluZyBhbiBFUFQgZW50cnkg d2hlbiB0aGUgcmVjYWxjIGJpdCBpcyBub3Qgc2V0IGluCmF0b21pY193cml0 ZV9lcHRfZW50cnkuIElmIHN1Y2ggYml0IGlzIHNldCwgdGhlIGVudHJ5IHdp bGwgYmUKYWRqdXN0ZWQgYW5kIGF0b21pY193cml0ZV9lcHRfZW50cnkgd2ls bCBiZSBjYWxsZWQgYSBzZWNvbmQgdGltZQp3aXRob3V0IHRoZSByZWNhbGMg Yml0IHNldC4gTm90ZSB0aGF0IHdoZW4gc3BsaXR0aW5nIGEgc3VwZXIgcGFn ZSB0aGUKbmV3IHRhYmxlcyByZXN1bHRpbmcgb2YgdGhlIHNwbGl0IHNob3Vs ZCBhbHNvIGJlIHdyaXR0ZW4gYmFjay4KCkZhaWx1cmUgdG8gZG8gc28gY2Fu IGFsbG93IGRldmljZXMgYmVoaW5kIHRoZSBJT01NVSBhY2Nlc3MgdG8gdGhl CnN0YWxlIHN1cGVyIHBhZ2UsIG9yIGNhdXNlIGNvaGVyZW5jeSBpc3N1ZXMg YXMgY2hhbmdlcyBtYWRlIGJ5IHRoZQpwcm9jZXNzb3IgdG8gdGhlIHBhZ2Ug dGFibGVzIGFyZSBub3QgdmlzaWJsZSB0byB0aGUgSU9NTVUuCgpUaGlzIGFs bG93cyB0byByZW1vdmUgdGhlIFZULWQgc3BlY2lmaWMgaW9tbXVfcHRlX2Zs dXNoIGhlbHBlciwgc2luY2UKdGhlIGNhY2hlIHdyaXRlIGJhY2sgaXMgbm93 IHBlcmZvcm1lZCBieSBhdG9taWNfd3JpdGVfZXB0X2VudHJ5LCBhbmQKaGVu Y2UgaW9tbXVfaW90bGJfZmx1c2ggY2FuIGJlIHVzZWQgdG8gZmx1c2ggdGhl IElPTU1VIFRMQi4gVGhlIG5ld2x5CnVzZWQgbWV0aG9kIChpb21tdV9pb3Rs Yl9mbHVzaCkgY2FuIHJlc3VsdCBpbiBsZXNzIGZsdXNoZXMsIHNpbmNlIGl0 Cm1pZ2h0IHNvbWV0aW1lcyBiZSBjYWxsZWQgcmlnaHRseSB3aXRoIDAgZmxh Z3MsIGluIHdoaWNoIGNhc2UgaXQKYmVjb21lcyBhIG5vLW9wLgoKVGhpcyBp cyBwYXJ0IG9mIFhTQS0zMjEuCgpSZXZpZXdlZC1ieTogSmFuIEJldWxpY2gg PGpiZXVsaWNoQHN1c2UuY29tPgoKLS0tIGEveGVuL2FyY2gveDg2L21tL3Ay bS1lcHQuYworKysgYi94ZW4vYXJjaC94ODYvbW0vcDJtLWVwdC5jCkBAIC01 OCw2ICs1OCwxOSBAQCBzdGF0aWMgaW50IGF0b21pY193cml0ZV9lcHRfZW50 cnkoc3RydWN0CiAKICAgICB3cml0ZV9hdG9taWMoJmVudHJ5cHRyLT5lcHRl LCBuZXcuZXB0ZSk7CiAKKyAgICAvKgorICAgICAqIFRoZSByZWNhbGMgZmll bGQgb24gdGhlIEVQVCBpcyB1c2VkIHRvIHNpZ25hbCBlaXRoZXIgdGhhdCBh CisgICAgICogcmVjYWxjdWxhdGlvbiBvZiB0aGUgRU1UIGZpZWxkIGlzIHJl cXVpcmVkICh3aGljaCBkb2Vzbid0IGVmZmVjdCB0aGUKKyAgICAgKiBJT01N VSksIG9yIGEgdHlwZSBjaGFuZ2UuIFR5cGUgY2hhbmdlcyBjYW4gb25seSBi ZSBiZXR3ZWVuIHJhbV9ydywKKyAgICAgKiBsb2dkaXJ0eSBhbmQgaW9yZXFf c2VydmVyOiBjaGFuZ2VzIHRvL2Zyb20gbG9nZGlydHkgd29uJ3Qgd29yayB3 ZWxsIHdpdGgKKyAgICAgKiBhbiBJT01NVSBhbnl3YXksIGFzIElPTU1VICNQ RnMgYXJlIG5vdCBzeW5jaHJvbm91cyBhbmQgd2lsbCBsZWFkIHRvCisgICAg ICogYWJvcnRzLCBhbmQgY2hhbmdlcyB0by9mcm9tIGlvcmVxX3NlcnZlciBh cmUgYWxyZWFkeSBmdWxseSBmbHVzaGVkCisgICAgICogYmVmb3JlIHJldHVy bmluZyB0byBndWVzdCBjb250ZXh0IChzZWUKKyAgICAgKiBYRU5fRE1PUF9t YXBfbWVtX3R5cGVfdG9faW9yZXFfc2VydmVyKS4KKyAgICAgKi8KKyAgICBp ZiAoICFuZXcucmVjYWxjICYmIGlvbW11X3VzZV9oYXBfcHQocDJtLT5kb21h aW4pICkKKyAgICAgICAgaW9tbXVfc3luY19jYWNoZShlbnRyeXB0ciwgc2l6 ZW9mKCplbnRyeXB0cikpOworCiAgICAgcmV0dXJuIDA7CiB9CiAKQEAgLTI3 OCw2ICsyOTEsOSBAQCBzdGF0aWMgYm9vbF90IGVwdF9zcGxpdF9zdXBlcl9w YWdlKHN0cnVjCiAgICAgICAgICAgICBicmVhazsKICAgICB9CiAKKyAgICBp ZiAoIGlvbW11X3VzZV9oYXBfcHQocDJtLT5kb21haW4pICkKKyAgICAgICAg aW9tbXVfc3luY19jYWNoZSh0YWJsZSwgRVBUX1BBR0VUQUJMRV9FTlRSSUVT ICogc2l6ZW9mKGVwdF9lbnRyeV90KSk7CisKICAgICB1bm1hcF9kb21haW5f cGFnZSh0YWJsZSk7CiAKICAgICAvKiBFdmVuIGZhaWxlZCB3ZSBzaG91bGQg aW5zdGFsbCB0aGUgbmV3bHkgYWxsb2NhdGVkIGVwdCBwYWdlLiAqLwpAQCAt MzM3LDYgKzM1Myw5IEBAIHN0YXRpYyBpbnQgZXB0X25leHRfbGV2ZWwoc3Ry dWN0IHAybV9kb20KICAgICAgICAgaWYgKCAhbmV4dCApCiAgICAgICAgICAg ICByZXR1cm4gR1VFU1RfVEFCTEVfTUFQX0ZBSUxFRDsKIAorICAgICAgICBp ZiAoIGlvbW11X3VzZV9oYXBfcHQocDJtLT5kb21haW4pICkKKyAgICAgICAg ICAgIGlvbW11X3N5bmNfY2FjaGUobmV4dCwgRVBUX1BBR0VUQUJMRV9FTlRS SUVTICogc2l6ZW9mKGVwdF9lbnRyeV90KSk7CisKICAgICAgICAgcmMgPSBh dG9taWNfd3JpdGVfZXB0X2VudHJ5KHAybSwgZXB0X2VudHJ5LCBlLCBuZXh0 X2xldmVsKTsKICAgICAgICAgQVNTRVJUKHJjID09IDApOwogICAgIH0KQEAg LTgyMSw3ICs4NDAsMTAgQEAgb3V0OgogICAgICAgICAgbmVlZF9tb2RpZnlf dnRkX3RhYmxlICkKICAgICB7CiAgICAgICAgIGlmICggaW9tbXVfdXNlX2hh cF9wdChkKSApCi0gICAgICAgICAgICByYyA9IGlvbW11X3B0ZV9mbHVzaChk LCBnZm4sICZlcHRfZW50cnktPmVwdGUsIG9yZGVyLCB2dGRfcHRlX3ByZXNl bnQpOworICAgICAgICAgICAgcmMgPSBpb21tdV9pb3RsYl9mbHVzaChkLCBf ZGZuKGdmbiksICgxdSA8PCBvcmRlciksCisgICAgICAgICAgICAgICAgICAg ICAgICAgICAgICAgICAgIChpb21tdV9mbGFncyA/IElPTU1VX0ZMVVNIRl9h ZGRlZCA6IDApIHwKKyAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAg ICAgKHZ0ZF9wdGVfcHJlc2VudCA/IElPTU1VX0ZMVVNIRl9tb2RpZmllZAor ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAg ICAgICAgIDogMCkpOwogICAgICAgICBlbHNlIGlmICggbmVlZF9pb21tdV9w dF9zeW5jKGQpICkKICAgICAgICAgICAgIHJjID0gaW9tbXVfZmxhZ3MgPwog ICAgICAgICAgICAgICAgIGlvbW11X2xlZ2FjeV9tYXAoZCwgX2RmbihnZm4p LCBtZm4sIG9yZGVyLCBpb21tdV9mbGFncykgOgotLS0gYS94ZW4vZHJpdmVy cy9wYXNzdGhyb3VnaC92dGQvaW9tbXUuYworKysgYi94ZW4vZHJpdmVycy9w YXNzdGhyb3VnaC92dGQvaW9tbXUuYwpAQCAtMTg4NCw1MyArMTg4NCw2IEBA IHN0YXRpYyBpbnQgaW50ZWxfaW9tbXVfbG9va3VwX3BhZ2Uoc3RydWMKICAg ICByZXR1cm4gMDsKIH0KIAotaW50IGlvbW11X3B0ZV9mbHVzaChzdHJ1Y3Qg ZG9tYWluICpkLCB1aW50NjRfdCBkZm4sIHVpbnQ2NF90ICpwdGUsCi0gICAg ICAgICAgICAgICAgICAgIGludCBvcmRlciwgaW50IHByZXNlbnQpCi17Ci0g ICAgc3RydWN0IGFjcGlfZHJoZF91bml0ICpkcmhkOwotICAgIHN0cnVjdCB2 dGRfaW9tbXUgKmlvbW11ID0gTlVMTDsKLSAgICBzdHJ1Y3QgZG9tYWluX2lv bW11ICpoZCA9IGRvbV9pb21tdShkKTsKLSAgICBib29sX3QgZmx1c2hfZGV2 X2lvdGxiOwotICAgIGludCBpb21tdV9kb21pZDsKLSAgICBpbnQgcmMgPSAw OwotCi0gICAgaW9tbXVfc3luY19jYWNoZShwdGUsIHNpemVvZihzdHJ1Y3Qg ZG1hX3B0ZSkpOwotCi0gICAgZm9yX2VhY2hfZHJoZF91bml0ICggZHJoZCAp Ci0gICAgewotICAgICAgICBpb21tdSA9IGRyaGQtPmlvbW11OwotICAgICAg ICBpZiAoICF0ZXN0X2JpdChpb21tdS0+aW5kZXgsICZoZC0+YXJjaC5pb21t dV9iaXRtYXApICkKLSAgICAgICAgICAgIGNvbnRpbnVlOwotCi0gICAgICAg IGZsdXNoX2Rldl9pb3RsYiA9ICEhZmluZF9hdHNfZGV2X2RyaGQoaW9tbXUp OwotICAgICAgICBpb21tdV9kb21pZD0gZG9tYWluX2lvbW11X2RvbWlkKGQs IGlvbW11KTsKLSAgICAgICAgaWYgKCBpb21tdV9kb21pZCA9PSAtMSApCi0g ICAgICAgICAgICBjb250aW51ZTsKLQotICAgICAgICByYyA9IGlvbW11X2Zs dXNoX2lvdGxiX3BzaShpb21tdSwgaW9tbXVfZG9taWQsCi0gICAgICAgICAg ICAgICAgICAgICAgICAgICAgICAgICAgIF9fZGZuX3RvX2RhZGRyKGRmbiks Ci0gICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIG9yZGVyLCAh cHJlc2VudCwgZmx1c2hfZGV2X2lvdGxiKTsKLSAgICAgICAgaWYgKCByYyA+ IDAgKQotICAgICAgICB7Ci0gICAgICAgICAgICBpb21tdV9mbHVzaF93cml0 ZV9idWZmZXIoaW9tbXUpOwotICAgICAgICAgICAgcmMgPSAwOwotICAgICAg ICB9Ci0gICAgfQotCi0gICAgaWYgKCB1bmxpa2VseShyYykgKQotICAgIHsK LSAgICAgICAgaWYgKCAhZC0+aXNfc2h1dHRpbmdfZG93biAmJiBwcmludGtf cmF0ZWxpbWl0KCkgKQotICAgICAgICAgICAgcHJpbnRrKFhFTkxPR19FUlIg VlREUFJFRklYCi0gICAgICAgICAgICAgICAgICAgIiBkJWQ6IElPTU1VIHBh Z2VzIGZsdXNoIGZhaWxlZDogJWRcbiIsCi0gICAgICAgICAgICAgICAgICAg ZC0+ZG9tYWluX2lkLCByYyk7Ci0KLSAgICAgICAgaWYgKCAhaXNfaGFyZHdh cmVfZG9tYWluKGQpICkKLSAgICAgICAgICAgIGRvbWFpbl9jcmFzaChkKTsK LSAgICB9Ci0KLSAgICByZXR1cm4gcmM7Ci19Ci0KIHN0YXRpYyBpbnQgX19p bml0IHZ0ZF9lcHRfcGFnZV9jb21wYXRpYmxlKHN0cnVjdCB2dGRfaW9tbXUg KmlvbW11KQogewogICAgIHU2NCBlcHRfY2FwLCB2dGRfY2FwID0gaW9tbXUt PmNhcDsKLS0tIGEveGVuL2luY2x1ZGUvYXNtLXg4Ni9pb21tdS5oCisrKyBi L3hlbi9pbmNsdWRlL2FzbS14ODYvaW9tbXUuaApAQCAtOTcsMTAgKzk3LDYg QEAgc3RhdGljIGlubGluZSBpbnQgaW9tbXVfYWRqdXN0X2lycV9hZmZpbgog ICAgICAgICAgICA6IDA7CiB9CiAKLS8qIFdoaWxlIFZULWQgc3BlY2lmaWMs IHRoaXMgbXVzdCBnZXQgZGVjbGFyZWQgaW4gYSBnZW5lcmljIGhlYWRlci4g Ki8KLWludCBfX211c3RfY2hlY2sgaW9tbXVfcHRlX2ZsdXNoKHN0cnVjdCBk b21haW4gKmQsIHU2NCBnZm4sIHU2NCAqcHRlLAotICAgICAgICAgICAgICAg ICAgICAgICAgICAgICAgICAgaW50IG9yZGVyLCBpbnQgcHJlc2VudCk7Ci0K IHN0YXRpYyBpbmxpbmUgYm9vbCBpb21tdV9zdXBwb3J0c194MmFwaWModm9p ZCkKIHsKICAgICByZXR1cm4gaW9tbXVfaW5pdF9vcHMgJiYgaW9tbXVfaW5p dF9vcHMtPnN1cHBvcnRzX3gyYXBpYwo= --=separator Content-Type: application/octet-stream; name="xsa321/xsa321-4.patch" Content-Disposition: attachment; filename="xsa321/xsa321-4.patch" Content-Transfer-Encoding: base64 RnJvbTogUm9nZXIgUGF1IE1vbm7DqSA8cm9nZXIucGF1QGNpdHJpeC5jb20+ ClN1YmplY3Q6IFtQQVRDSCB2NSA2LzldIHZ0ZDogZG9uJ3QgYXNzdW1lIGFk ZHJlc3NlcyBhcmUgYWxpZ25lZCBpbiBzeW5jX2NhY2hlCgpDdXJyZW50IGNv ZGUgaW4gc3luY19jYWNoZSBhc3N1bWUgdGhhdCB0aGUgYWRkcmVzcyBwYXNz ZWQgaW4gaXMKYWxpZ25lZCB0byBhIGNhY2hlIGxpbmUgc2l6ZS4gRml4IHRo ZSBjb2RlIHRvIHN1cHBvcnQgcGFzc2luZyBpbgphcmJpdHJhcnkgYWRkcmVz c2VzIG5vdCBuZWNlc3NhcmlseSBhbGlnbmVkIHRvIGEgY2FjaGUgbGluZSBz aXplLgoKVGhpcyBpcyBwYXJ0IG9mIFhTQS0zMjEuCgpSZXBvcnRlZC1ieTog SmFuIEJldWxpY2ggPGpiZXVsaWNoQHN1c2UuY29tPgpTaWduZWQtb2ZmLWJ5 OiBSb2dlciBQYXUgTW9ubsOpIDxyb2dlci5wYXVAY2l0cml4LmNvbT4KUmV2 aWV3ZWQtYnk6IEphbiBCZXVsaWNoIDxqYmV1bGljaEBzdXNlLmNvbT4KLS0t CkNoYW5nZXMgc2luY2UgdjU6CiAtIGJ1aWxkIGZpeAoKQ2hhbmdlcyBzaW5j ZSB2MzoKIC0gQXZvaWQgb25lIGNhc3QgYnkgdXNpbmcgYSBzdWJ0cmFjdGlv bi4KCkNoYW5nZXMgc2luY2UgdjI6CiAtIE5ldyBpbiB0aGlzIHZlcnNpb24u Ci0tLQogeGVuL2RyaXZlcnMvcGFzc3Rocm91Z2gvdnRkL2lvbW11LmMgfCA5 ICsrKysrLS0tLQogMSBmaWxlIGNoYW5nZWQsIDUgaW5zZXJ0aW9ucygrKSwg NCBkZWxldGlvbnMoLSkKCi0tLSBhL3hlbi9kcml2ZXJzL3Bhc3N0aHJvdWdo L3Z0ZC9pb21tdS5jCisrKyBiL3hlbi9kcml2ZXJzL3Bhc3N0aHJvdWdoL3Z0 ZC9pb21tdS5jCkBAIC0xNDksOCArMTQ5LDggQEAgc3RhdGljIGludCBpb21t dXNfaW5jb2hlcmVudDsKIAogc3RhdGljIHZvaWQgc3luY19jYWNoZShjb25z dCB2b2lkICphZGRyLCB1bnNpZ25lZCBpbnQgc2l6ZSkKIHsKLSAgICBpbnQg aTsKLSAgICBzdGF0aWMgdW5zaWduZWQgaW50IGNsZmx1c2hfc2l6ZSA9IDA7 CisgICAgc3RhdGljIHVuc2lnbmVkIGxvbmcgY2xmbHVzaF9zaXplID0gMDsK KyAgICBjb25zdCB2b2lkICplbmQgPSBhZGRyICsgc2l6ZTsKIAogICAgIGlm ICggIWlvbW11c19pbmNvaGVyZW50ICkKICAgICAgICAgcmV0dXJuOwpAQCAt MTU4LDggKzE1OCw5IEBAIHN0YXRpYyB2b2lkIHN5bmNfY2FjaGUoY29uc3Qg dm9pZCAqYWRkciwgdW5zaWduZWQgaW50IHNpemUpCiAgICAgaWYgKCBjbGZs dXNoX3NpemUgPT0gMCApCiAgICAgICAgIGNsZmx1c2hfc2l6ZSA9IGdldF9j YWNoZV9saW5lX3NpemUoKTsKIAotICAgIGZvciAoIGkgPSAwOyBpIDwgc2l6 ZTsgaSArPSBjbGZsdXNoX3NpemUgKQotICAgICAgICBjYWNoZWxpbmVfZmx1 c2goKGNoYXIgKilhZGRyICsgaSk7CisgICAgYWRkciAtPSAodW5zaWduZWQg bG9uZylhZGRyICYgKGNsZmx1c2hfc2l6ZSAtIDEpOworICAgIGZvciAoIDsg YWRkciA8IGVuZDsgYWRkciArPSBjbGZsdXNoX3NpemUgKQorICAgICAgICBj YWNoZWxpbmVfZmx1c2goKGNoYXIgKilhZGRyKTsKIH0KIAogLyogQWxsb2Nh dGUgcGFnZSB0YWJsZSwgcmV0dXJuIGl0cyBtYWNoaW5lIGFkZHJlc3MgKi8K --=separator Content-Type: application/octet-stream; name="xsa321/xsa321-5.patch" Content-Disposition: attachment; filename="xsa321/xsa321-5.patch" Content-Transfer-Encoding: base64 RnJvbTogUm9nZXIgUGF1IE1vbm7DqSA8cm9nZXIucGF1QGNpdHJpeC5jb20+ ClN1YmplY3Q6IFtQQVRDSCB2NSA3LzldIHg4Ni9hbHRlcm5hdGl2ZTogaW50 cm9kdWNlIGFsdGVybmF0aXZlXzIKCkl0J3MgYmFzZWQgb24gYWx0ZXJuYXRp dmVfaW9fMiB3aXRob3V0IGlucHV0cyBvciBvdXRwdXRzIGJ1dCB3aXRoIGFu CmFkZGVkIG1lbW9yeSBjbG9iYmVyLgoKVGhpcyBpcyBwYXJ0IG9mIFhTQS0z MjEuCgpTaWduZWQtb2ZmLWJ5OiBSb2dlciBQYXUgTW9ubsOpIDxyb2dlci5w YXVAY2l0cml4LmNvbT4KQWNrZWQtYnk6IEphbiBCZXVsaWNoIDxqYmV1bGlj aEBzdXNlLmNvbT4KLS0tCkNoYW5nZXMgc2luY2UgdjM6CiAtIFNsaWdodGx5 IHJld29yZCBjb21taXQgbWVzc2FnZS4KCkNoYW5nZXMgc2luY2UgdjI6CiAt IFJld29yZCB0aGUgY29tbWl0IG1lc3NhZ2UgdG8gbm90ZSB0aGUgYWRkaXRp b24gb2YgdGhlIG1lbW9yeQogICBjbG9iYmVyLgotLS0KIHhlbi9pbmNsdWRl L2FzbS14ODYvYWx0ZXJuYXRpdmUuaCB8IDUgKysrKysKIDEgZmlsZSBjaGFu Z2VkLCA1IGluc2VydGlvbnMoKykKCmRpZmYgLS1naXQgYS94ZW4vaW5jbHVk ZS9hc20teDg2L2FsdGVybmF0aXZlLmggYi94ZW4vaW5jbHVkZS9hc20teDg2 L2FsdGVybmF0aXZlLmgKaW5kZXggOTJlMzU4MWJjMi4uOGU3OGNjOTFjMyAx MDA2NDQKLS0tIGEveGVuL2luY2x1ZGUvYXNtLXg4Ni9hbHRlcm5hdGl2ZS5o CisrKyBiL3hlbi9pbmNsdWRlL2FzbS14ODYvYWx0ZXJuYXRpdmUuaApAQCAt MTE0LDYgKzExNCwxMSBAQCBleHRlcm4gdm9pZCBhbHRlcm5hdGl2ZV9icmFu Y2hlcyh2b2lkKTsKICNkZWZpbmUgYWx0ZXJuYXRpdmUob2xkaW5zdHIsIG5l d2luc3RyLCBmZWF0dXJlKSAgICAgICAgICAgICAgICAgICAgICAgIFwKICAg ICAgICAgYXNtIHZvbGF0aWxlIChBTFRFUk5BVElWRShvbGRpbnN0ciwgbmV3 aW5zdHIsIGZlYXR1cmUpIDogOiA6ICJtZW1vcnkiKQogCisjZGVmaW5lIGFs dGVybmF0aXZlXzIob2xkaW5zdHIsIG5ld2luc3RyMSwgZmVhdHVyZTEsIG5l d2luc3RyMiwgZmVhdHVyZTIpIFwKKwlhc20gdm9sYXRpbGUgKEFMVEVSTkFU SVZFXzIob2xkaW5zdHIsIG5ld2luc3RyMSwgZmVhdHVyZTEsCVwKKwkJCQkg ICAgbmV3aW5zdHIyLCBmZWF0dXJlMikJCVwKKwkJICAgICAgOiA6IDogIm1l bW9yeSIpCisKIC8qCiAgKiBBbHRlcm5hdGl2ZSBpbmxpbmUgYXNzZW1ibHkg d2l0aCBpbnB1dC4KICAqCi0tIAoyLjI2LjIKCg== --=separator Content-Type: application/octet-stream; name="xsa321/xsa321-6.patch" Content-Disposition: attachment; filename="xsa321/xsa321-6.patch" Content-Transfer-Encoding: base64 RnJvbTogUm9nZXIgUGF1IE1vbm7DqSA8cm9nZXIucGF1QGNpdHJpeC5jb20+ ClN1YmplY3Q6IFtQQVRDSCB2NSA4LzldIHZ0ZDogb3B0aW1pemUgQ1BVIGNh Y2hlIHN5bmMKClNvbWUgVlQtZCBJT01NVXMgYXJlIG5vbi1jb2hlcmVudCwg d2hpY2ggcmVxdWlyZXMgYSBjYWNoZSB3cml0ZSBiYWNrCmluIG9yZGVyIGZv ciB0aGUgY2hhbmdlcyBtYWRlIGJ5IHRoZSBDUFUgdG8gYmUgdmlzaWJsZSB0 byB0aGUgSU9NTVUuClRoaXMgY2FjaGUgd3JpdGUgYmFjayB3YXMgdW5jb25k aXRpb25hbGx5IGRvbmUgdXNpbmcgY2xmbHVzaCwgYnV0IHRoZXJlIGFyZQpv dGhlciBtb3JlIGVmZmljaWVudCBpbnN0cnVjdGlvbnMgdG8gZG8gc28sIGhl bmNlIGltcGxlbWVudCBzdXBwb3J0CmZvciB0aGVtIHVzaW5nIHRoZSBhbHRl cm5hdGl2ZSBmcmFtZXdvcmsuCgpUaGlzIGlzIHBhcnQgb2YgWFNBLTMyMS4K ClNpZ25lZC1vZmYtYnk6IFJvZ2VyIFBhdSBNb25uw6kgPHJvZ2VyLnBhdUBj aXRyaXguY29tPgpSZXZpZXdlZC1ieTogSmFuIEJldWxpY2ggPGpiZXVsaWNo QHN1c2UuY29tPgotLS0KQ2hhbmdlcyBzaW5jZSB2NToKIC0gcmUtYmFzZSBv dmVyIGNoYW5nZSB0byBwYXRjaCA2CiAtIGFsc28gZHJvcCBjYWNoZWxpbmVf Zmx1c2goKSdzIGRlY2xhcmF0aW9uCgpDaGFuZ2VzIHNpbmNlIHYyOgogLSBE byBub3QgdXNlIHByZXByb2Nlc3NvciBkaXJlY3RpdmVzIG1peGVkIGluIG1h Y3JvIGFyZ3VtZW50czogaXQncwogICB1bmRlZmluZWQgYmVoYXZpb3IuCiAt IFJlbW92ZSBjYWNoZWxpbmVfZmx1c2ggYXMgc3luY19jYWNoZSB3YXMgdGhl IG9ubHkgdXNlci4KCkNoYW5nZXMgc2luY2UgdjE6CiAtIE5ldyBpbiB0aGlz IHZlcnNpb24uCi0tLQogeGVuL2RyaXZlcnMvcGFzc3Rocm91Z2gvdnRkL2V4 dGVybi5oICB8ICAxIC0KIHhlbi9kcml2ZXJzL3Bhc3N0aHJvdWdoL3Z0ZC9p b21tdS5jICAgfCAzOCArKysrKysrKysrKysrKysrKysrKysrKysrKy0KIHhl bi9kcml2ZXJzL3Bhc3N0aHJvdWdoL3Z0ZC94ODYvdnRkLmMgfCAgNSAtLS0t CiAzIGZpbGVzIGNoYW5nZWQsIDM3IGluc2VydGlvbnMoKyksIDcgZGVsZXRp b25zKC0pCgotLS0gYS94ZW4vZHJpdmVycy9wYXNzdGhyb3VnaC92dGQvZXh0 ZXJuLmgKKysrIGIveGVuL2RyaXZlcnMvcGFzc3Rocm91Z2gvdnRkL2V4dGVy bi5oCkBAIC02OCw3ICs2OCw2IEBAIGludCBfX211c3RfY2hlY2sgcWludmFs X2RldmljZV9pb3RsYl9zeW5jKHN0cnVjdCB2dGRfaW9tbXUgKmlvbW11LAog ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgdTE2 IGRpZCwgdTE2IHNpemUsIHU2NCBhZGRyKTsKIAogdW5zaWduZWQgaW50IGdl dF9jYWNoZV9saW5lX3NpemUodm9pZCk7Ci12b2lkIGNhY2hlbGluZV9mbHVz aChjaGFyICopOwogdm9pZCBmbHVzaF9hbGxfY2FjaGUodm9pZCk7CiAKIHVp bnQ2NF90IGFsbG9jX3BndGFibGVfbWFkZHIodW5zaWduZWQgbG9uZyBucGFn ZXMsIG5vZGVpZF90IG5vZGUpOwotLS0gYS94ZW4vZHJpdmVycy9wYXNzdGhy b3VnaC92dGQvaW9tbXUuYworKysgYi94ZW4vZHJpdmVycy9wYXNzdGhyb3Vn aC92dGQvaW9tbXUuYwpAQCAtMzEsNiArMzEsNyBAQAogI2luY2x1ZGUgPHhl bi9wY2lfcmVncy5oPgogI2luY2x1ZGUgPHhlbi9rZXloYW5kbGVyLmg+CiAj aW5jbHVkZSA8YXNtL21zaS5oPgorI2luY2x1ZGUgPGFzbS9ub3BzLmg+CiAj aW5jbHVkZSA8YXNtL2lycS5oPgogI2luY2x1ZGUgPGFzbS9odm0vdm14L3Zt eC5oPgogI2luY2x1ZGUgPGFzbS9wMm0uaD4KQEAgLTE2MCw3ICsxNjEsNDIg QEAgc3RhdGljIHZvaWQgc3luY19jYWNoZShjb25zdCB2b2lkICphZGRyLCB1 bnNpZ25lZCBpbnQgc2l6ZSkKIAogICAgIGFkZHIgLT0gKHVuc2lnbmVkIGxv bmcpYWRkciAmIChjbGZsdXNoX3NpemUgLSAxKTsKICAgICBmb3IgKCA7IGFk ZHIgPCBlbmQ7IGFkZHIgKz0gY2xmbHVzaF9zaXplICkKLSAgICAgICAgY2Fj aGVsaW5lX2ZsdXNoKChjaGFyICopYWRkcik7CisvKgorICogVGhlIGFyZ3Vt ZW50cyB0byBhIG1hY3JvIG11c3Qgbm90IGluY2x1ZGUgcHJlcHJvY2Vzc29y IGRpcmVjdGl2ZXMuIERvaW5nIHNvCisgKiByZXN1bHRzIGluIHVuZGVmaW5l ZCBiZWhhdmlvciwgc28gd2UgaGF2ZSB0byBjcmVhdGUgc29tZSBkZWZpbmVz IGhlcmUgaW4KKyAqIG9yZGVyIHRvIGF2b2lkIGl0LgorICovCisjaWYgZGVm aW5lZChIQVZFX0FTX0NMV0IpCisjIGRlZmluZSBDTFdCX0VOQ09ESU5HICJj bHdiICVbcF0iCisjZWxpZiBkZWZpbmVkKEhBVkVfQVNfWFNBVkVPUFQpCisj IGRlZmluZSBDTFdCX0VOQ09ESU5HICJkYXRhMTYgeHNhdmVvcHQgJVtwXSIg LyogY2x3YiAqLworI2Vsc2UKKyMgZGVmaW5lIENMV0JfRU5DT0RJTkcgIi5i eXRlIDB4NjYsIDB4MGYsIDB4YWUsIDB4MzAiIC8qIGNsd2IgKCUlcmF4KSAq LworI2VuZGlmCisKKyNkZWZpbmUgQkFTRV9JTlBVVChhZGRyKSBbcF0gIm0i ICgqKGNvbnN0IGNoYXIgKikoYWRkcikpCisjaWYgZGVmaW5lZChIQVZFX0FT X0NMV0IpIHx8IGRlZmluZWQoSEFWRV9BU19YU0FWRU9QVCkKKyMgZGVmaW5l IElOUFVUIEJBU0VfSU5QVVQKKyNlbHNlCisjIGRlZmluZSBJTlBVVChhZGRy KSAiYSIgKGFkZHIpLCBCQVNFX0lOUFVUKGFkZHIpCisjZW5kaWYKKyAgICAg ICAgLyoKKyAgICAgICAgICogTm90ZSByZWdhcmRpbmcgdGhlIHVzZSBvZiBO T1BfRFNfUFJFRklYOiBpdCdzIGZhc3RlciB0byBkbyBhIGNsZmx1c2gKKyAg ICAgICAgICogKyBwcmVmaXggdGhhbiBhIGNsZmx1c2ggKyBub3AsIGFuZCBo ZW5jZSB0aGUgcHJlZml4IGlzIGFkZGVkIGluc3RlYWQKKyAgICAgICAgICog b2YgbGV0dGluZyB0aGUgYWx0ZXJuYXRpdmUgZnJhbWV3b3JrIGZpbGwgdGhl IGdhcCBieSBhcHBlbmRpbmcgbm9wcy4KKyAgICAgICAgICovCisgICAgICAg IGFsdGVybmF0aXZlX2lvXzIoIi5ieXRlICIgX19zdHJpbmdpZnkoTk9QX0RT X1BSRUZJWCkgIjsgY2xmbHVzaCAlW3BdIiwKKyAgICAgICAgICAgICAgICAg ICAgICAgICAiZGF0YTE2IGNsZmx1c2ggJVtwXSIsIC8qIGNsZmx1c2hvcHQg Ki8KKyAgICAgICAgICAgICAgICAgICAgICAgICBYODZfRkVBVFVSRV9DTEZM VVNIT1BULAorICAgICAgICAgICAgICAgICAgICAgICAgIENMV0JfRU5DT0RJ TkcsCisgICAgICAgICAgICAgICAgICAgICAgICAgWDg2X0ZFQVRVUkVfQ0xX QiwgLyogbm8gb3V0cHV0cyAqLywKKyAgICAgICAgICAgICAgICAgICAgICAg ICBJTlBVVChhZGRyKSk7CisjdW5kZWYgSU5QVVQKKyN1bmRlZiBCQVNFX0lO UFVUCisjdW5kZWYgQ0xXQl9FTkNPRElORworCisgICAgYWx0ZXJuYXRpdmVf MigiIiwgInNmZW5jZSIsIFg4Nl9GRUFUVVJFX0NMRkxVU0hPUFQsCisgICAg ICAgICAgICAgICAgICAgICAgInNmZW5jZSIsIFg4Nl9GRUFUVVJFX0NMV0Ip OwogfQogCiAvKiBBbGxvY2F0ZSBwYWdlIHRhYmxlLCByZXR1cm4gaXRzIG1h Y2hpbmUgYWRkcmVzcyAqLwotLS0gYS94ZW4vZHJpdmVycy9wYXNzdGhyb3Vn aC92dGQveDg2L3Z0ZC5jCisrKyBiL3hlbi9kcml2ZXJzL3Bhc3N0aHJvdWdo L3Z0ZC94ODYvdnRkLmMKQEAgLTUyLDExICs1Miw2IEBAIHVuc2lnbmVkIGlu dCBnZXRfY2FjaGVfbGluZV9zaXplKHZvaWQpCiAgICAgcmV0dXJuICgoY3B1 aWRfZWJ4KDEpID4+IDgpICYgMHhmZikgKiA4OwogfQogCi12b2lkIGNhY2hl bGluZV9mbHVzaChjaGFyICogYWRkcikKLXsKLSAgICBjbGZsdXNoKGFkZHIp OwotfQotCiB2b2lkIGZsdXNoX2FsbF9jYWNoZSgpCiB7CiAgICAgd2JpbnZk KCk7Cg== --=separator Content-Type: application/octet-stream; name="xsa321/xsa321-7.patch" Content-Disposition: attachment; filename="xsa321/xsa321-7.patch" Content-Transfer-Encoding: base64 RnJvbTogUm9nZXIgUGF1IE1vbm7DqSA8cm9nZXIucGF1QGNpdHJpeC5jb20+ ClN1YmplY3Q6IFtQQVRDSCB2NSA5LzldIHg4Ni9lcHQ6IGZsdXNoIGNhY2hl IHdoZW4gbW9kaWZ5aW5nIFBURXMgYW5kIHNoYXJpbmcgcGFnZSB0YWJsZXMK Ck1vZGlmaWNhdGlvbnMgbWFkZSB0byB0aGUgcGFnZSB0YWJsZXMgYnkgRVBU IGNvZGUgbmVlZCB0byBiZSB3cml0dGVuCnRvIG1lbW9yeSB3aGVuIHRoZSBw YWdlIHRhYmxlcyBhcmUgc2hhcmVkIHdpdGggdGhlIElPTU1VLCBhcyBJbnRl bApJT01NVXMgY2FuIGJlIG5vbi1jb2hlcmVudCBhbmQgdGh1cyByZXF1aXJl IGNoYW5nZXMgdG8gYmUgd3JpdHRlbiB0bwptZW1vcnkgaW4gb3JkZXIgdG8g YmUgdmlzaWJsZSB0byB0aGUgSU9NTVUuCgpJbiBvcmRlciB0byBhY2hpZXZl IHRoaXMgbWFrZSBzdXJlIGRhdGEgaXMgd3JpdHRlbiBiYWNrIHRvIG1lbW9y eQphZnRlciB3cml0aW5nIGFuIEVQVCBlbnRyeSB3aGVuIHRoZSByZWNhbGMg Yml0IGlzIG5vdCBzZXQgaW4KYXRvbWljX3dyaXRlX2VwdF9lbnRyeS4gSWYg c3VjaCBiaXQgaXMgc2V0LCB0aGUgZW50cnkgd2lsbCBiZQphZGp1c3RlZCBh bmQgYXRvbWljX3dyaXRlX2VwdF9lbnRyeSB3aWxsIGJlIGNhbGxlZCBhIHNl Y29uZCB0aW1lCndpdGhvdXQgdGhlIHJlY2FsYyBiaXQgc2V0LiBOb3RlIHRo YXQgd2hlbiBzcGxpdHRpbmcgYSBzdXBlciBwYWdlIHRoZQpuZXcgdGFibGVz IHJlc3VsdGluZyBvZiB0aGUgc3BsaXQgc2hvdWxkIGFsc28gYmUgd3JpdHRl biBiYWNrLgoKRmFpbHVyZSB0byBkbyBzbyBjYW4gYWxsb3cgZGV2aWNlcyBi ZWhpbmQgdGhlIElPTU1VIGFjY2VzcyB0byB0aGUKc3RhbGUgc3VwZXIgcGFn ZSwgb3IgY2F1c2UgY29oZXJlbmN5IGlzc3VlcyBhcyBjaGFuZ2VzIG1hZGUg YnkgdGhlCnByb2Nlc3NvciB0byB0aGUgcGFnZSB0YWJsZXMgYXJlIG5vdCB2 aXNpYmxlIHRvIHRoZSBJT01NVS4KClRoaXMgYWxsb3dzIHRvIHJlbW92ZSB0 aGUgVlQtZCBzcGVjaWZpYyBpb21tdV9wdGVfZmx1c2ggaGVscGVyLCBzaW5j ZQp0aGUgY2FjaGUgd3JpdGUgYmFjayBpcyBub3cgcGVyZm9ybWVkIGJ5IGF0 b21pY193cml0ZV9lcHRfZW50cnksIGFuZApoZW5jZSBpb21tdV9pb3RsYl9m bHVzaCBjYW4gYmUgdXNlZCB0byBmbHVzaCB0aGUgSU9NTVUgVExCLiBUaGUg bmV3bHkKdXNlZCBtZXRob2QgKGlvbW11X2lvdGxiX2ZsdXNoKSBjYW4gcmVz dWx0IGluIGxlc3MgZmx1c2hlcywgc2luY2UgaXQKbWlnaHQgc29tZXRpbWVz IGJlIGNhbGxlZCByaWdodGx5IHdpdGggMCBmbGFncywgaW4gd2hpY2ggY2Fz ZSBpdApiZWNvbWVzIGEgbm8tb3AuCgpUaGlzIGlzIHBhcnQgb2YgWFNBLTMy MS4KClNpZ25lZC1vZmYtYnk6IFJvZ2VyIFBhdSBNb25uw6kgPHJvZ2VyLnBh dUBjaXRyaXguY29tPgpSZXZpZXdlZC1ieTogSmFuIEJldWxpY2ggPGpiZXVs aWNoQHN1c2UuY29tPgotLS0KQ2hhbmdlcyBzaW5jZSB2MzoKIC0gTm90ZSB0 aGF0IGlvbW11X2lvdGxiX2ZsdXNoIGNhbiBiZSBjYWxsZWQgd2l0aCAwIGZs YWdzLgogLSBSZW1vdmUgdGhlIGZsdXNoIGZyb20gZXB0X3NldF9taWRkbGVf ZW50cnksIHNob3VsZCBiZSBkb25lIGJ5IHRoZQogICBjYWxsZXJzLgoKQ2hh bmdlcyBzaW5jZSB2MjoKIC0gV3JpdGUgYmFjayB0YWJsZSBpbiBlcHRfc2V0 X21pZGRsZV9lbnRyeSBhbHNvLgogLSBSZW1vdmUgaW9tbXVfcHRlX2ZsdXNo IGFuZCBpbnN0ZWFkIHVzZSBpb21tdV9pb3RsYl9mbHVzaC4KCkNoYW5nZXMg c2luY2UgdjE6CiAtIE9ubHkgZmx1c2ggY2FjaGUgd2hlbiAhcmVjYWxjLgog LSBNb3ZlIHRoZSBmbHVzaCBpbnRvIGF0b21pY193cml0ZV9lcHRfZW50cnku CiAtIERvIGEgc2luZ2xlIGNhbGwgdG8gaW9tbXVfZmx1c2hfY2FjaGVfZW50 cnkgdGhhdCBmbHVzaGVzIHRoZSB3aG9sZQogICBuZXcgdGFibGUuCi0tLQog eGVuL2FyY2gveDg2L21tL3AybS1lcHQuYyAgICAgICAgICAgfCAyNCArKysr KysrKysrKysrKy0KIHhlbi9kcml2ZXJzL3Bhc3N0aHJvdWdoL3Z0ZC9pb21t dS5jIHwgNDcgLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0KIHhlbi9p bmNsdWRlL2FzbS14ODYvaW9tbXUuaCAgICAgICAgIHwgIDQgLS0tCiAzIGZp bGVzIGNoYW5nZWQsIDIzIGluc2VydGlvbnMoKyksIDUyIGRlbGV0aW9ucygt KQoKZGlmZiAtLWdpdCBhL3hlbi9hcmNoL3g4Ni9tbS9wMm0tZXB0LmMgYi94 ZW4vYXJjaC94ODYvbW0vcDJtLWVwdC5jCmluZGV4IDg3YTE0ZjZmMjIuLmI4 MTU0YTdlY2MgMTAwNjQ0Ci0tLSBhL3hlbi9hcmNoL3g4Ni9tbS9wMm0tZXB0 LmMKKysrIGIveGVuL2FyY2gveDg2L21tL3AybS1lcHQuYwpAQCAtNTgsNiAr NTgsMTkgQEAgc3RhdGljIGludCBhdG9taWNfd3JpdGVfZXB0X2VudHJ5KHN0 cnVjdCBwMm1fZG9tYWluICpwMm0sCiAKICAgICB3cml0ZV9hdG9taWMoJmVu dHJ5cHRyLT5lcHRlLCBuZXcuZXB0ZSk7CiAKKyAgICAvKgorICAgICAqIFRo ZSByZWNhbGMgZmllbGQgb24gdGhlIEVQVCBpcyB1c2VkIHRvIHNpZ25hbCBl aXRoZXIgdGhhdCBhCisgICAgICogcmVjYWxjdWxhdGlvbiBvZiB0aGUgRU1U IGZpZWxkIGlzIHJlcXVpcmVkICh3aGljaCBkb2Vzbid0IGVmZmVjdCB0aGUK KyAgICAgKiBJT01NVSksIG9yIGEgdHlwZSBjaGFuZ2UuIFR5cGUgY2hhbmdl cyBjYW4gb25seSBiZSBiZXR3ZWVuIHJhbV9ydywKKyAgICAgKiBsb2dkaXJ0 eSBhbmQgaW9yZXFfc2VydmVyOiBjaGFuZ2VzIHRvL2Zyb20gbG9nZGlydHkg d29uJ3Qgd29yayB3ZWxsIHdpdGgKKyAgICAgKiBhbiBJT01NVSBhbnl3YXks IGFzIElPTU1VICNQRnMgYXJlIG5vdCBzeW5jaHJvbm91cyBhbmQgd2lsbCBs ZWFkIHRvCisgICAgICogYWJvcnRzLCBhbmQgY2hhbmdlcyB0by9mcm9tIGlv cmVxX3NlcnZlciBhcmUgYWxyZWFkeSBmdWxseSBmbHVzaGVkCisgICAgICog YmVmb3JlIHJldHVybmluZyB0byBndWVzdCBjb250ZXh0IChzZWUKKyAgICAg KiBYRU5fRE1PUF9tYXBfbWVtX3R5cGVfdG9faW9yZXFfc2VydmVyKS4KKyAg ICAgKi8KKyAgICBpZiAoICFuZXcucmVjYWxjICYmIGlvbW11X3VzZV9oYXBf cHQocDJtLT5kb21haW4pICkKKyAgICAgICAgaW9tbXVfc3luY19jYWNoZShl bnRyeXB0ciwgc2l6ZW9mKCplbnRyeXB0cikpOworCiAgICAgcmV0dXJuIDA7 CiB9CiAKQEAgLTI3Nyw2ICsyOTAsOSBAQCBzdGF0aWMgYm9vbF90IGVwdF9z cGxpdF9zdXBlcl9wYWdlKHN0cnVjdCBwMm1fZG9tYWluICpwMm0sCiAgICAg ICAgICAgICBicmVhazsKICAgICB9CiAKKyAgICBpZiAoIGlvbW11X3VzZV9o YXBfcHQocDJtLT5kb21haW4pICkKKyAgICAgICAgaW9tbXVfc3luY19jYWNo ZSh0YWJsZSwgRVBUX1BBR0VUQUJMRV9FTlRSSUVTICogc2l6ZW9mKGVwdF9l bnRyeV90KSk7CisKICAgICB1bm1hcF9kb21haW5fcGFnZSh0YWJsZSk7CiAK ICAgICAvKiBFdmVuIGZhaWxlZCB3ZSBzaG91bGQgaW5zdGFsbCB0aGUgbmV3 bHkgYWxsb2NhdGVkIGVwdCBwYWdlLiAqLwpAQCAtMzM2LDYgKzM1Miw5IEBA IHN0YXRpYyBpbnQgZXB0X25leHRfbGV2ZWwoc3RydWN0IHAybV9kb21haW4g KnAybSwgYm9vbF90IHJlYWRfb25seSwKICAgICAgICAgaWYgKCAhbmV4dCAp CiAgICAgICAgICAgICByZXR1cm4gR1VFU1RfVEFCTEVfTUFQX0ZBSUxFRDsK IAorICAgICAgICBpZiAoIGlvbW11X3VzZV9oYXBfcHQocDJtLT5kb21haW4p ICkKKyAgICAgICAgICAgIGlvbW11X3N5bmNfY2FjaGUobmV4dCwgRVBUX1BB R0VUQUJMRV9FTlRSSUVTICogc2l6ZW9mKGVwdF9lbnRyeV90KSk7CisKICAg ICAgICAgcmMgPSBhdG9taWNfd3JpdGVfZXB0X2VudHJ5KHAybSwgZXB0X2Vu dHJ5LCBlLCBuZXh0X2xldmVsKTsKICAgICAgICAgQVNTRVJUKHJjID09IDAp OwogICAgIH0KQEAgLTgyNCw3ICs4NDMsMTAgQEAgb3V0OgogICAgICAgICAg bmVlZF9tb2RpZnlfdnRkX3RhYmxlICkKICAgICB7CiAgICAgICAgIGlmICgg aW9tbXVfdXNlX2hhcF9wdChkKSApCi0gICAgICAgICAgICByYyA9IGlvbW11 X3B0ZV9mbHVzaChkLCBnZm4sICZlcHRfZW50cnktPmVwdGUsIG9yZGVyLCB2 dGRfcHRlX3ByZXNlbnQpOworICAgICAgICAgICAgcmMgPSBpb21tdV9pb3Rs Yl9mbHVzaChkLCBfZGZuKGdmbiksICgxdSA8PCBvcmRlciksCisgICAgICAg ICAgICAgICAgICAgICAgICAgICAgICAgICAgIChpb21tdV9mbGFncyA/IElP TU1VX0ZMVVNIRl9hZGRlZCA6IDApIHwKKyAgICAgICAgICAgICAgICAgICAg ICAgICAgICAgICAgICAgKHZ0ZF9wdGVfcHJlc2VudCA/IElPTU1VX0ZMVVNI Rl9tb2RpZmllZAorICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAg ICAgICAgICAgICAgICAgICAgIDogMCkpOwogICAgICAgICBlbHNlIGlmICgg bmVlZF9pb21tdV9wdF9zeW5jKGQpICkKICAgICAgICAgICAgIHJjID0gaW9t bXVfZmxhZ3MgPwogICAgICAgICAgICAgICAgIGlvbW11X2xlZ2FjeV9tYXAo ZCwgX2RmbihnZm4pLCBtZm4sIG9yZGVyLCBpb21tdV9mbGFncykgOgpkaWZm IC0tZ2l0IGEveGVuL2RyaXZlcnMvcGFzc3Rocm91Z2gvdnRkL2lvbW11LmMg Yi94ZW4vZHJpdmVycy9wYXNzdGhyb3VnaC92dGQvaW9tbXUuYwppbmRleCBj ZjY1MWZiYTM0Li4yYTk5Y2QyMDhmIDEwMDY0NAotLS0gYS94ZW4vZHJpdmVy cy9wYXNzdGhyb3VnaC92dGQvaW9tbXUuYworKysgYi94ZW4vZHJpdmVycy9w YXNzdGhyb3VnaC92dGQvaW9tbXUuYwpAQCAtMTg4Nyw1MyArMTg4Nyw2IEBA IHN0YXRpYyBpbnQgaW50ZWxfaW9tbXVfbG9va3VwX3BhZ2Uoc3RydWN0IGRv bWFpbiAqZCwgZGZuX3QgZGZuLCBtZm5fdCAqbWZuLAogICAgIHJldHVybiAw OwogfQogCi1pbnQgaW9tbXVfcHRlX2ZsdXNoKHN0cnVjdCBkb21haW4gKmQs IHVpbnQ2NF90IGRmbiwgdWludDY0X3QgKnB0ZSwKLSAgICAgICAgICAgICAg ICAgICAgaW50IG9yZGVyLCBpbnQgcHJlc2VudCkKLXsKLSAgICBzdHJ1Y3Qg YWNwaV9kcmhkX3VuaXQgKmRyaGQ7Ci0gICAgc3RydWN0IHZ0ZF9pb21tdSAq aW9tbXUgPSBOVUxMOwotICAgIHN0cnVjdCBkb21haW5faW9tbXUgKmhkID0g ZG9tX2lvbW11KGQpOwotICAgIGJvb2xfdCBmbHVzaF9kZXZfaW90bGI7Ci0g ICAgaW50IGlvbW11X2RvbWlkOwotICAgIGludCByYyA9IDA7Ci0KLSAgICBp b21tdV9zeW5jX2NhY2hlKHB0ZSwgc2l6ZW9mKHN0cnVjdCBkbWFfcHRlKSk7 Ci0KLSAgICBmb3JfZWFjaF9kcmhkX3VuaXQgKCBkcmhkICkKLSAgICB7Ci0g ICAgICAgIGlvbW11ID0gZHJoZC0+aW9tbXU7Ci0gICAgICAgIGlmICggIXRl c3RfYml0KGlvbW11LT5pbmRleCwgJmhkLT5hcmNoLmlvbW11X2JpdG1hcCkg KQotICAgICAgICAgICAgY29udGludWU7Ci0KLSAgICAgICAgZmx1c2hfZGV2 X2lvdGxiID0gISFmaW5kX2F0c19kZXZfZHJoZChpb21tdSk7Ci0gICAgICAg IGlvbW11X2RvbWlkPSBkb21haW5faW9tbXVfZG9taWQoZCwgaW9tbXUpOwot ICAgICAgICBpZiAoIGlvbW11X2RvbWlkID09IC0xICkKLSAgICAgICAgICAg IGNvbnRpbnVlOwotCi0gICAgICAgIHJjID0gaW9tbXVfZmx1c2hfaW90bGJf cHNpKGlvbW11LCBpb21tdV9kb21pZCwKLSAgICAgICAgICAgICAgICAgICAg ICAgICAgICAgICAgICAgX19kZm5fdG9fZGFkZHIoZGZuKSwKLSAgICAgICAg ICAgICAgICAgICAgICAgICAgICAgICAgICAgb3JkZXIsICFwcmVzZW50LCBm bHVzaF9kZXZfaW90bGIpOwotICAgICAgICBpZiAoIHJjID4gMCApCi0gICAg ICAgIHsKLSAgICAgICAgICAgIGlvbW11X2ZsdXNoX3dyaXRlX2J1ZmZlcihp b21tdSk7Ci0gICAgICAgICAgICByYyA9IDA7Ci0gICAgICAgIH0KLSAgICB9 Ci0KLSAgICBpZiAoIHVubGlrZWx5KHJjKSApCi0gICAgewotICAgICAgICBp ZiAoICFkLT5pc19zaHV0dGluZ19kb3duICYmIHByaW50a19yYXRlbGltaXQo KSApCi0gICAgICAgICAgICBwcmludGsoWEVOTE9HX0VSUiBWVERQUkVGSVgK LSAgICAgICAgICAgICAgICAgICAiIGQlZDogSU9NTVUgcGFnZXMgZmx1c2gg ZmFpbGVkOiAlZFxuIiwKLSAgICAgICAgICAgICAgICAgICBkLT5kb21haW5f aWQsIHJjKTsKLQotICAgICAgICBpZiAoICFpc19oYXJkd2FyZV9kb21haW4o ZCkgKQotICAgICAgICAgICAgZG9tYWluX2NyYXNoKGQpOwotICAgIH0KLQot ICAgIHJldHVybiByYzsKLX0KLQogc3RhdGljIGludCBfX2luaXQgdnRkX2Vw dF9wYWdlX2NvbXBhdGlibGUoc3RydWN0IHZ0ZF9pb21tdSAqaW9tbXUpCiB7 CiAgICAgdTY0IGVwdF9jYXAsIHZ0ZF9jYXAgPSBpb21tdS0+Y2FwOwpkaWZm IC0tZ2l0IGEveGVuL2luY2x1ZGUvYXNtLXg4Ni9pb21tdS5oIGIveGVuL2lu Y2x1ZGUvYXNtLXg4Ni9pb21tdS5oCmluZGV4IDg2NGUwMjUwNzguLjZjOWQ1 ZTU2MzIgMTAwNjQ0Ci0tLSBhL3hlbi9pbmNsdWRlL2FzbS14ODYvaW9tbXUu aAorKysgYi94ZW4vaW5jbHVkZS9hc20teDg2L2lvbW11LmgKQEAgLTk3LDEw ICs5Nyw2IEBAIHN0YXRpYyBpbmxpbmUgaW50IGlvbW11X2FkanVzdF9pcnFf YWZmaW5pdGllcyh2b2lkKQogICAgICAgICAgICA6IDA7CiB9CiAKLS8qIFdo aWxlIFZULWQgc3BlY2lmaWMsIHRoaXMgbXVzdCBnZXQgZGVjbGFyZWQgaW4g YSBnZW5lcmljIGhlYWRlci4gKi8KLWludCBfX211c3RfY2hlY2sgaW9tbXVf cHRlX2ZsdXNoKHN0cnVjdCBkb21haW4gKmQsIHU2NCBnZm4sIHU2NCAqcHRl LAotICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgaW50IG9yZGVy LCBpbnQgcHJlc2VudCk7Ci0KIHN0YXRpYyBpbmxpbmUgYm9vbCBpb21tdV9z dXBwb3J0c194MmFwaWModm9pZCkKIHsKICAgICByZXR1cm4gaW9tbXVfaW5p dF9vcHMgJiYgaW9tbXVfaW5pdF9vcHMtPnN1cHBvcnRzX3gyYXBpYwotLSAK Mi4yNi4yCgo= --=separator-- From xen-announce-bounces@lists.xenproject.org Tue Jul 07 12:24:44 2020 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Tue, 07 Jul 2020 12:24:44 +0000 Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1jsmdw-0007G3-5U; Tue, 07 Jul 2020 12:24:12 +0000 Received: from all-amaz-eas1.inumbo.com ([34.197.232.57] helo=us1-amaz-eas2.inumbo.com) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1jsmdv-0007FV-79 for xen-announce@lists.xen.org; Tue, 07 Jul 2020 12:24:11 +0000 X-Inumbo-ID: c2ace552-c04c-11ea-8d5d-12813bfff9fa Received: from mail.xenproject.org (unknown [104.130.215.37]) by us1-amaz-eas2.inumbo.com (Halon) with ESMTPS id c2ace552-c04c-11ea-8d5d-12813bfff9fa; Tue, 07 Jul 2020 12:24:10 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=xen.org; s=20200302mail; h=Date:Message-Id:Subject:CC:From:To:MIME-Version: Content-Transfer-Encoding:Content-Type:Sender:Reply-To:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:In-Reply-To:References:List-Id:List-Help:List-Unsubscribe: List-Subscribe:List-Post:List-Owner:List-Archive; bh=OfSeTYeTsKjSZwvL6r1Hs9ToUyWuj9sme0SjaVk1H1c=; b=ZBe1l2yJAbysjWHq+PAhapWEXn RC0YCao2qaD6diSAoiz3LaKo4oAGseJajxsgLiUab8j71GFiBA+gp9kO5MKdOwP+vvsb0EOGap0ob +yamxp0Rc1lTDxcqIMoCGqbRzqhVAUnPZuJXCBH/IUcnmRJXB1bIUOpfvW8ZQpk+sFtU=; Received: from xenbits.xenproject.org ([104.239.192.120]) by mail.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1jsmdp-0002v0-Sz; Tue, 07 Jul 2020 12:24:05 +0000 Received: from iwj by xenbits.xenproject.org with local (Exim 4.92) (envelope-from ) id 1jsmdp-0004Ry-Rv; Tue, 07 Jul 2020 12:24:05 +0000 Content-Type: multipart/mixed; boundary="=separator"; charset="utf-8" Content-Transfer-Encoding: binary MIME-Version: 1.0 X-Mailer: MIME-tools 5.509 (Entity 5.509) To: xen-announce@lists.xen.org, xen-devel@lists.xen.org, xen-users@lists.xen.org, oss-security@lists.openwall.com From: Xen.org security team Subject: Xen Security Advisory 328 v3 (CVE-2020-15567) - non-atomic modification of live EPT PTE Message-Id: Date: Tue, 07 Jul 2020 12:24:05 +0000 X-BeenThere: xen-announce@lists.xenproject.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: "Xen announcements \(low volume\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Cc: "Xen.org security team" Errors-To: xen-announce-bounces@lists.xenproject.org Sender: "Xen-announce" --=separator Content-Type: text/plain; charset="utf-8" Content-Disposition: inline Content-Transfer-Encoding: 7bit -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Xen Security Advisory CVE-2020-15567 / XSA-328 version 3 non-atomic modification of live EPT PTE UPDATES IN VERSION 3 ==================== Public release. ISSUE DESCRIPTION ================= When mapping guest EPT (nested paging) tables, Xen would in some circumstances use a series of non-atomic bitfield writes. Depending on the compiler version and optimisation flags, Xen might expose a dangerous partially-written PTE to the hardware, which an attacker might be able to race to exploit. IMPACT ====== A guest administrator or perhaps even unprivileged guest user might be able to cause denial of service, data corruption, or privilege escalation. VULNERABLE SYSTEMS ================== Only systems using Intel CPUs are vulnerable. Sytems using AMD CPUs, and Arm systems, are not vulnerable. Only systems using nested paging ("hap", aka nested paging, aka in this case Intel EPT) are vulnerable. Only HVM and PVH guests can exploit the vulnerability. The presence and scope of the vulnerability depends on the precise optimisations performed by the compiler used to build Xen. If the compiler generates (a) a single 64-bit write, or (b) a series of read-modify-write operations which are in the same order as the source code, the hypervisor is not vulnerable. For example, in one test build with gcc 8.3 with normal settings, the compiler generated multiple (unlocked) read-modify-write operations in source code order, which did *not* constitute a vulnerability. We have not been able to survey compilers; consequently we cannot say which compiler(s) might produce vulnerable code (with which code generation options). The code clearly violates the C rules. So we have chosen to issue this advisory. MITIGATION ========== Running only PV guests will avoid this vulnerability. Switching to shadow paging (e.g. using the "hap=0" xl domain domain configuration file parameter) will avoid exposing the vulnerability to those guests. Manual inspection of the generated assembly code might allow a suitably qualified person to say that a particular build is not vulnerable. There is no less broad mitigation. CREDITS ======= This issue was discovered by Jan Beulich of SUSE. For patch 1: Reviewed-by: Roger Pau Monné For patch 2: From: Roger Pau Monné Reported-by: Jan Beulich Signed-off-by: Roger Pau Monné RESOLUTION ========== Applying the appropriate pair of attached patches resolves this issue. Note that patches for released versions are generally prepared to apply to the stable branches, and may not apply cleanly to the most recent release tarball. Downstreams are encouraged to update to the tip of the stable branch before applying these patches. xsa328/xsa328-?.patch xen-unstable xsa328/xsa328-4.13-?.patch Xen 4.13.x xsa328/xsa328-4.12-?.patch Xen 4.12.x xsa328/xsa328-4.11-?.patch Xen 4.11.x, Xen 4.10.x xsa328/xsa328-4.9-?.patch Xen 4.9.x $ sha256sum xsa328* xsa328*/* 61ceb3d039c3ebb06f480a17593b367b01e7c1e5cc3669d77caecb704fbc7071 xsa328.meta cae53f7e6c46fe245790036279bc50eaa10e4271790e871ad8a7d446629b2e12 xsa328/xsa328-1.patch d61354a992869451cd7a3c92254672b5e253d1a994135cf9b4a5c784be0a07ef xsa328/xsa328-2.patch 018412fba6f153c1d6b03fc2fa6f3ac381060efe6a8651404462028d24c830a8 xsa328/xsa328-4.9-1.patch f3deb26e0ce27c385ab16065a0ba67b86a228afd949c0a6a78b9d48366fc2554 xsa328/xsa328-4.9-2.patch a600ecef784485e8608cd4549f756ffa24705747a4d876147f9ba64fff118580 xsa328/xsa328-4.11-1.patch f3deb26e0ce27c385ab16065a0ba67b86a228afd949c0a6a78b9d48366fc2554 xsa328/xsa328-4.11-2.patch d608921359e561f9c594c9f8f7ee02432518a229ecea638d472ab91227d705ec xsa328/xsa328-4.12-1.patch a51162c019e7e6ed394faa7d40c932456059b7b76a784dc7886dd0a47c43da0b xsa328/xsa328-4.12-2.patch 51a41fae885aed40839887da473e0c8ab4c4d897a121f5fac2cc3c6c0188d6d2 xsa328/xsa328-4.13-1.patch a51162c019e7e6ed394faa7d40c932456059b7b76a784dc7886dd0a47c43da0b xsa328/xsa328-4.13-2.patch $ DEPLOYMENT DURING EMBARGO ========================= Deployment of the patches and/or mitigations described above (or others which are substantially similar) is permitted during the embargo, even on public-facing systems with untrusted guest users and administrators. But: Distribution of updated software is prohibited (except to other members of the predisclosure list). Predisclosure list members who wish to deploy significantly different patches and/or mitigations, please contact the Xen Project Security Team. (Note: this during-embargo deployment notice is retained in post-embargo publicly released Xen Project advisories, even though it is then no longer applicable. This is to enable the community to have oversight of the Xen Project Security Team's decisionmaking.) For more information about permissible uses of embargoed information, consult the Xen Project community's agreed Security Policy: http://www.xenproject.org/security-policy.html -----BEGIN PGP SIGNATURE----- iQFABAEBCAAqFiEEI+MiLBRfRHX6gGCng/4UyVfoK9kFAl8EaAIMHHBncEB4ZW4u b3JnAAoJEIP+FMlX6CvZi0YH/Aqd/aStpQKD3gTEuif3YBwL9YRf9q8ZxSQqgrG/ du4lABcOE87kRqaAnsVRNe3sQ1sL995O1oiRbcQPcnKqr5q34IPqMghYGJZgpupE qfreaA6b4Uv7XFEM8Z7NTN17t9dx9Y8aLIoD8dETbFaidtKwjBsQ8fkX7tFSmXH9 YQ0he7B8Is0pGmH6EM5mM6TxqCHz2mtWDdVL4jFuLVqrt10TnNH6S4OHJkEkJcYP rcSgqOkM7q7tBP3yDWPvlcSGgk+cijEI3AmKREMuISEmimrBpGzrosBpdh8zqbYU MPmRwbn+luyEEOn2Y8j81EfgJR+LR1Itct1E8CU0vS2v0Gw= =b0L/ -----END PGP SIGNATURE----- --=separator Content-Type: application/octet-stream; name="xsa328.meta" Content-Disposition: attachment; filename="xsa328.meta" Content-Transfer-Encoding: base64 ewogICJYU0EiOiAzMjgsCiAgIlN1cHBvcnRlZFZlcnNpb25zIjogWwogICAg Im1hc3RlciIsCiAgICAiNC4xMyIsCiAgICAiNC4xMiIsCiAgICAiNC4xMSIs CiAgICAiNC4xMCIsCiAgICAiNC45IgogIF0sCiAgIlRyZWVzIjogWwogICAg InhlbiIKICBdLAogICJSZWNpcGVzIjogewogICAgIjQuMTAiOiB7CiAgICAg ICJSZWNpcGVzIjogewogICAgICAgICJ4ZW4iOiB7CiAgICAgICAgICAiU3Rh YmxlUmVmIjogImZkNmU0OWVjYWUwMzg0MDYxMGZkYzZhNDE2YTYzODU5MGMw YjY1MzUiLAogICAgICAgICAgIlByZXJlcXMiOiBbCiAgICAgICAgICAgIDMx NywKICAgICAgICAgICAgMzE5CiAgICAgICAgICBdLAogICAgICAgICAgIlBh dGNoZXMiOiBbCiAgICAgICAgICAgICJ4c2EzMjgveHNhMzI4LTQuMTEtMS5w YXRjaCIsCiAgICAgICAgICAgICJ4c2EzMjgveHNhMzI4LTQuMTEtMi5wYXRj aCIKICAgICAgICAgIF0KICAgICAgICB9CiAgICAgIH0KICAgIH0sCiAgICAi NC4xMSI6IHsKICAgICAgIlJlY2lwZXMiOiB7CiAgICAgICAgInhlbiI6IHsK ICAgICAgICAgICJTdGFibGVSZWYiOiAiMmI3NzcyOTg4OGZiODUxYWI5NmU3 Zjc3YmM4NTQxMjI2MjZiNDg2MSIsCiAgICAgICAgICAiUHJlcmVxcyI6IFsK ICAgICAgICAgICAgMzE3LAogICAgICAgICAgICAzMTkKICAgICAgICAgIF0s CiAgICAgICAgICAiUGF0Y2hlcyI6IFsKICAgICAgICAgICAgInhzYTMyOC94 c2EzMjgtNC4xMS0xLnBhdGNoIiwKICAgICAgICAgICAgInhzYTMyOC94c2Ez MjgtNC4xMS0yLnBhdGNoIgogICAgICAgICAgXQogICAgICAgIH0KICAgICAg fQogICAgfSwKICAgICI0LjEyIjogewogICAgICAiUmVjaXBlcyI6IHsKICAg ICAgICAieGVuIjogewogICAgICAgICAgIlN0YWJsZVJlZiI6ICIwNTBmZTQ4 ZGM5ODFlMDQ4OGRlMWY2YzZjMDdkODExMGYzYjc1MjNiIiwKICAgICAgICAg ICJQcmVyZXFzIjogWwogICAgICAgICAgICAzMTcsCiAgICAgICAgICAgIDMx OQogICAgICAgICAgXSwKICAgICAgICAgICJQYXRjaGVzIjogWwogICAgICAg ICAgICAieHNhMzI4L3hzYTMyOC00LjEyLTEucGF0Y2giLAogICAgICAgICAg ICAieHNhMzI4L3hzYTMyOC00LjEyLTIucGF0Y2giCiAgICAgICAgICBdCiAg ICAgICAgfQogICAgICB9CiAgICB9LAogICAgIjQuMTMiOiB7CiAgICAgICJS ZWNpcGVzIjogewogICAgICAgICJ4ZW4iOiB7CiAgICAgICAgICAiU3RhYmxl UmVmIjogIjlmN2U4YmFjNGNhMjc5YjNiZmNjYjVmMzczMGZiMmU1Mzk4Yzk1 YWIiLAogICAgICAgICAgIlByZXJlcXMiOiBbCiAgICAgICAgICAgIDMxNywK ICAgICAgICAgICAgMzE5CiAgICAgICAgICBdLAogICAgICAgICAgIlBhdGNo ZXMiOiBbCiAgICAgICAgICAgICJ4c2EzMjgveHNhMzI4LTQuMTMtMS5wYXRj aCIsCiAgICAgICAgICAgICJ4c2EzMjgveHNhMzI4LTQuMTMtMi5wYXRjaCIK ICAgICAgICAgIF0KICAgICAgICB9CiAgICAgIH0KICAgIH0sCiAgICAiNC45 IjogewogICAgICAiUmVjaXBlcyI6IHsKICAgICAgICAieGVuIjogewogICAg ICAgICAgIlN0YWJsZVJlZiI6ICI2ZTQ3N2MyZWE0ZDVjMjZhN2E3YjJmODUw MTY2YWE3OWVkYzUyMjVjIiwKICAgICAgICAgICJQcmVyZXFzIjogWwogICAg ICAgICAgICAzMTkKICAgICAgICAgIF0sCiAgICAgICAgICAiUGF0Y2hlcyI6 IFsKICAgICAgICAgICAgInhzYTMyOC94c2EzMjgtNC45LTEucGF0Y2giLAog ICAgICAgICAgICAieHNhMzI4L3hzYTMyOC00LjktMi5wYXRjaCIKICAgICAg ICAgIF0KICAgICAgICB9CiAgICAgIH0KICAgIH0sCiAgICAibWFzdGVyIjog ewogICAgICAiUmVjaXBlcyI6IHsKICAgICAgICAieGVuIjogewogICAgICAg ICAgIlN0YWJsZVJlZiI6ICJlNGQyMjA3MTY1YjM3OWVjMTNjOGI1MTI5MzZm NjM5ODJhZjYyZDEzIiwKICAgICAgICAgICJQcmVyZXFzIjogWwogICAgICAg ICAgICAzMTcsCiAgICAgICAgICAgIDMxOQogICAgICAgICAgXSwKICAgICAg ICAgICJQYXRjaGVzIjogWwogICAgICAgICAgICAieHNhMzI4L3hzYTMyOC0x LnBhdGNoIiwKICAgICAgICAgICAgInhzYTMyOC94c2EzMjgtMi5wYXRjaCIK ICAgICAgICAgIF0KICAgICAgICB9CiAgICAgIH0KICAgIH0KICB9Cn0= --=separator Content-Type: application/octet-stream; name="xsa328/xsa328-1.patch" Content-Disposition: attachment; filename="xsa328/xsa328-1.patch" Content-Transfer-Encoding: base64 RnJvbTogSmFuIEJldWxpY2ggPGpiZXVsaWNoQHN1c2UuY29tPgpTdWJqZWN0 OiB4ODYvRVBUOiBlcHRfc2V0X21pZGRsZV9lbnRyeSgpIHJlbGF0ZWQgYWRq dXN0bWVudHMKCmVwdF9zcGxpdF9zdXBlcl9wYWdlKCkgd2FudHMgdG8gZnVy dGhlciBtb2RpZnkgdGhlIG5ld2x5IGFsbG9jYXRlZAp0YWJsZSwgc28gaGF2 ZSBlcHRfc2V0X21pZGRsZV9lbnRyeSgpIHJldHVybiB0aGUgbWFwcGVkIHBv aW50ZXIgcmF0aGVyCnRoYW4gdGVhcmluZyBpdCBkb3duIGFuZCB0aGVuIGdl dHRpbmcgcmUtZXN0YWJsaXNoZWQgcmlnaHQgYWdhaW4uCgpTaW1pbGFybHkg ZXB0X25leHRfbGV2ZWwoKSB3YW50cyB0byBoYW5kIGJhY2sgYSBtYXBwZWQg cG9pbnRlciBvZgp0aGUgbmV4dCBsZXZlbCBwYWdlLCBzbyByZS11c2UgdGhl IG9uZSBlc3RhYmxpc2hlZCBieQplcHRfc2V0X21pZGRsZV9lbnRyeSgpIGlu IGNhc2UgdGhhdCBwYXRoIHdhcyB0YWtlbi4KClB1bGwgdGhlIHNldHRpbmcg b2Ygc3VwcHJlc3NfdmUgYWhlYWQgb2YgaW5zZXJ0aW9uIGludG8gdGhlIGhp Z2hlciBsZXZlbAp0YWJsZSwgYW5kIGRvbid0IGhhdmUgZXB0X3NwbGl0X3N1 cGVyX3BhZ2UoKSBzZXQgdGhlIGZpZWxkIGEgMm5kIHRpbWUuCgpUaGlzIGlz IHBhcnQgb2YgWFNBLTMyOC4KClNpZ25lZC1vZmYtYnk6IEphbiBCZXVsaWNo IDxqYmV1bGljaEBzdXNlLmNvbT4KLS0tCiB4ZW4vYXJjaC94ODYvbW0vcDJt LWVwdC5jIHwgNDEgKysrKysrKysrKysrKysrKystLS0tLS0tLS0tLS0tLS0t LS0tLS0tCiAxIGZpbGUgY2hhbmdlZCwgMTggaW5zZXJ0aW9ucygrKSwgMjMg ZGVsZXRpb25zKC0pCgpkaWZmIC0tZ2l0IGEveGVuL2FyY2gveDg2L21tL3Ay bS1lcHQuYyBiL3hlbi9hcmNoL3g4Ni9tbS9wMm0tZXB0LmMKaW5kZXggMjkz ZjNlOTQxOS4uZDk5MTNhNmM5NyAxMDA2NDQKLS0tIGEveGVuL2FyY2gveDg2 L21tL3AybS1lcHQuYworKysgYi94ZW4vYXJjaC94ODYvbW0vcDJtLWVwdC5j CkBAIC0xODYsOCArMTg2LDkgQEAgc3RhdGljIHZvaWQgZXB0X3AybV90eXBl X3RvX2ZsYWdzKGNvbnN0IHN0cnVjdCBwMm1fZG9tYWluICpwMm0sCiAjZGVm aW5lIEdVRVNUX1RBQkxFX1NVUEVSX1BBR0UgIDIKICNkZWZpbmUgR1VFU1Rf VEFCTEVfUE9EX1BBR0UgICAgMwogCi0vKiBGaWxsIGluIG1pZGRsZSBsZXZl bHMgb2YgZXB0IHRhYmxlICovCi1zdGF0aWMgaW50IGVwdF9zZXRfbWlkZGxl X2VudHJ5KHN0cnVjdCBwMm1fZG9tYWluICpwMm0sIGVwdF9lbnRyeV90ICpl cHRfZW50cnkpCisvKiBGaWxsIGluIG1pZGRsZSBsZXZlbCBvZiBlcHQgdGFi bGU7IHJldHVybiBwb2ludGVyIHRvIG1hcHBlZCBuZXcgdGFibGUuICovCitz dGF0aWMgZXB0X2VudHJ5X3QgKmVwdF9zZXRfbWlkZGxlX2VudHJ5KHN0cnVj dCBwMm1fZG9tYWluICpwMm0sCisgICAgICAgICAgICAgICAgICAgICAgICAg ICAgICAgICAgICAgICAgIGVwdF9lbnRyeV90ICplcHRfZW50cnkpCiB7CiAg ICAgbWZuX3QgbWZuOwogICAgIGVwdF9lbnRyeV90ICp0YWJsZTsKQEAgLTE5 NSw3ICsxOTYsMTIgQEAgc3RhdGljIGludCBlcHRfc2V0X21pZGRsZV9lbnRy eShzdHJ1Y3QgcDJtX2RvbWFpbiAqcDJtLCBlcHRfZW50cnlfdCAqZXB0X2Vu dHJ5KQogCiAgICAgbWZuID0gcDJtX2FsbG9jX3B0cChwMm0sIDApOwogICAg IGlmICggbWZuX2VxKG1mbiwgSU5WQUxJRF9NRk4pICkKLSAgICAgICAgcmV0 dXJuIDA7CisgICAgICAgIHJldHVybiBOVUxMOworCisgICAgdGFibGUgPSBt YXBfZG9tYWluX3BhZ2UobWZuKTsKKworICAgIGZvciAoIGkgPSAwOyBpIDwg RVBUX1BBR0VUQUJMRV9FTlRSSUVTOyBpKysgKQorICAgICAgICB0YWJsZVtp XS5zdXBwcmVzc192ZSA9IDE7CiAKICAgICBlcHRfZW50cnktPmVwdGUgPSAw OwogICAgIGVwdF9lbnRyeS0+bWZuID0gbWZuX3gobWZuKTsKQEAgLTIwNywx NCArMjEzLDcgQEAgc3RhdGljIGludCBlcHRfc2V0X21pZGRsZV9lbnRyeShz dHJ1Y3QgcDJtX2RvbWFpbiAqcDJtLCBlcHRfZW50cnlfdCAqZXB0X2VudHJ5 KQogCiAgICAgZXB0X2VudHJ5LT5zdXBwcmVzc192ZSA9IDE7CiAKLSAgICB0 YWJsZSA9IG1hcF9kb21haW5fcGFnZShtZm4pOwotCi0gICAgZm9yICggaSA9 IDA7IGkgPCBFUFRfUEFHRVRBQkxFX0VOVFJJRVM7IGkrKyApCi0gICAgICAg IHRhYmxlW2ldLnN1cHByZXNzX3ZlID0gMTsKLQotICAgIHVubWFwX2RvbWFp bl9wYWdlKHRhYmxlKTsKLQotICAgIHJldHVybiAxOworICAgIHJldHVybiB0 YWJsZTsKIH0KIAogLyogZnJlZSBlcHQgc3ViIHRyZWUgYmVoaW5kIGFuIGVu dHJ5ICovCkBAIC0yNTIsMTAgKzI1MSwxMCBAQCBzdGF0aWMgYm9vbF90IGVw dF9zcGxpdF9zdXBlcl9wYWdlKHN0cnVjdCBwMm1fZG9tYWluICpwMm0sCiAK ICAgICBBU1NFUlQoaXNfZXB0ZV9zdXBlcnBhZ2UoZXB0X2VudHJ5KSk7CiAK LSAgICBpZiAoICFlcHRfc2V0X21pZGRsZV9lbnRyeShwMm0sICZuZXdfZXB0 KSApCisgICAgdGFibGUgPSBlcHRfc2V0X21pZGRsZV9lbnRyeShwMm0sICZu ZXdfZXB0KTsKKyAgICBpZiAoICF0YWJsZSApCiAgICAgICAgIHJldHVybiAw OwogCi0gICAgdGFibGUgPSBtYXBfZG9tYWluX3BhZ2UoX21mbihuZXdfZXB0 Lm1mbikpOwogICAgIHRydW5rID0gMVVMIDw8ICgobGV2ZWwgLSAxKSAqIEVQ VF9UQUJMRV9PUkRFUik7CiAKICAgICBmb3IgKCBpID0gMDsgaSA8IEVQVF9Q QUdFVEFCTEVfRU5UUklFUzsgaSsrICkKQEAgLTI2Niw3ICsyNjUsNiBAQCBz dGF0aWMgYm9vbF90IGVwdF9zcGxpdF9zdXBlcl9wYWdlKHN0cnVjdCBwMm1f ZG9tYWluICpwMm0sCiAgICAgICAgIGVwdGUtPnNwID0gKGxldmVsID4gMSk7 CiAgICAgICAgIGVwdGUtPm1mbiArPSBpICogdHJ1bms7CiAgICAgICAgIGVw dGUtPnNucCA9IGlzX2lvbW11X2VuYWJsZWQocDJtLT5kb21haW4pICYmIGlv bW11X3Nub29wOwotICAgICAgICBlcHRlLT5zdXBwcmVzc192ZSA9IDE7CiAK ICAgICAgICAgZXB0X3AybV90eXBlX3RvX2ZsYWdzKHAybSwgZXB0ZSk7CiAK QEAgLTMwNSw4ICszMDMsNyBAQCBzdGF0aWMgaW50IGVwdF9uZXh0X2xldmVs KHN0cnVjdCBwMm1fZG9tYWluICpwMm0sIGJvb2xfdCByZWFkX29ubHksCiAg ICAgICAgICAgICAgICAgICAgICAgICAgIGVwdF9lbnRyeV90ICoqdGFibGUs IHVuc2lnbmVkIGxvbmcgKmdmbl9yZW1haW5kZXIsCiAgICAgICAgICAgICAg ICAgICAgICAgICAgIGludCBuZXh0X2xldmVsKQogewotICAgIHVuc2lnbmVk IGxvbmcgbWZuOwotICAgIGVwdF9lbnRyeV90ICplcHRfZW50cnksIGU7Cisg ICAgZXB0X2VudHJ5X3QgKmVwdF9lbnRyeSwgKm5leHQgPSBOVUxMLCBlOwog ICAgIHUzMiBzaGlmdCwgaW5kZXg7CiAKICAgICBzaGlmdCA9IG5leHRfbGV2 ZWwgKiBFUFRfVEFCTEVfT1JERVI7CkBAIC0zMzEsMTkgKzMyOCwxNyBAQCBz dGF0aWMgaW50IGVwdF9uZXh0X2xldmVsKHN0cnVjdCBwMm1fZG9tYWluICpw Mm0sIGJvb2xfdCByZWFkX29ubHksCiAgICAgICAgIGlmICggcmVhZF9vbmx5 ICkKICAgICAgICAgICAgIHJldHVybiBHVUVTVF9UQUJMRV9NQVBfRkFJTEVE OwogCi0gICAgICAgIGlmICggIWVwdF9zZXRfbWlkZGxlX2VudHJ5KHAybSwg ZXB0X2VudHJ5KSApCisgICAgICAgIG5leHQgPSBlcHRfc2V0X21pZGRsZV9l bnRyeShwMm0sIGVwdF9lbnRyeSk7CisgICAgICAgIGlmICggIW5leHQgKQog ICAgICAgICAgICAgcmV0dXJuIEdVRVNUX1RBQkxFX01BUF9GQUlMRUQ7Ci0g ICAgICAgIGVsc2UKLSAgICAgICAgICAgIGUgPSBhdG9taWNfcmVhZF9lcHRf ZW50cnkoZXB0X2VudHJ5KTsgLyogUmVmcmVzaCAqLworICAgICAgICAvKiBl IGlzIG5vdyBzdGFsZSBhbmQgaGVuY2UgbWF5IG5vdCBiZSB1c2VkIGFueW1v cmUgYmVsb3cuICovCiAgICAgfQotCiAgICAgLyogVGhlIG9ubHkgdGltZSBz cCB3b3VsZCBiZSBzZXQgaGVyZSBpcyBpZiB3ZSBoYWQgaGl0IGEgc3VwZXJw YWdlICovCi0gICAgaWYgKCBpc19lcHRlX3N1cGVycGFnZSgmZSkgKQorICAg IGVsc2UgaWYgKCBpc19lcHRlX3N1cGVycGFnZSgmZSkgKQogICAgICAgICBy ZXR1cm4gR1VFU1RfVEFCTEVfU1VQRVJfUEFHRTsKIAotICAgIG1mbiA9IGUu bWZuOwogICAgIHVubWFwX2RvbWFpbl9wYWdlKCp0YWJsZSk7Ci0gICAgKnRh YmxlID0gbWFwX2RvbWFpbl9wYWdlKF9tZm4obWZuKSk7CisgICAgKnRhYmxl ID0gbmV4dCA/OiBtYXBfZG9tYWluX3BhZ2UoX21mbihlLm1mbikpOwogICAg ICpnZm5fcmVtYWluZGVyICY9ICgxVUwgPDwgc2hpZnQpIC0gMTsKICAgICBy ZXR1cm4gR1VFU1RfVEFCTEVfTk9STUFMX1BBR0U7CiB9Ci0tIAoyLjI2LjIK Cg== --=separator Content-Type: application/octet-stream; name="xsa328/xsa328-2.patch" Content-Disposition: attachment; filename="xsa328/xsa328-2.patch" Content-Transfer-Encoding: base64 RnJvbTogPHNlY3VyaXR5QHhlbnByb2plY3Qub3JnPgpTdWJqZWN0OiB4ODYv ZXB0OiBhdG9taWNhbGx5IG1vZGlmeSBlbnRyaWVzIGluIGVwdF9uZXh0X2xl dmVsCgplcHRfbmV4dF9sZXZlbCB3YXMgcGFzc2luZyBhIGxpdmUgUFRFIHBv aW50ZXIgdG8gZXB0X3NldF9taWRkbGVfZW50cnksCndoaWNoIHdhcyB0aGVu IG1vZGlmaWVkIHdpdGhvdXQgdGFraW5nIGludG8gYWNjb3VudCB0aGF0IHRo ZSBQVEUgY291bGQKYmUgcGFydCBvZiBhIGxpdmUgRVBUIHRhYmxlLiBUaGlz IHdhc24ndCBhIHNlY3VyaXR5IGlzc3VlIGJlY2F1c2UgdGhlCnBhZ2VzIHJl dHVybmVkIGJ5IHAybV9hbGxvY19wdHAgYXJlIHplcm9lZCwgc28gYWRkaW5n IHN1Y2ggYW4gZW50cnkKYmVmb3JlIGFjdHVhbGx5IGluaXRpYWxpemluZyBp dCBkaWRuJ3QgYWxsb3cgYSBndWVzdCB0byBhY2Nlc3MKcGh5c2ljYWwgbWVt b3J5IGFkZHJlc3NlcyBpdCB3YXNuJ3Qgc3VwcG9zZWQgdG8gYWNjZXNzLgoK VGhpcyBpcyBwYXJ0IG9mIFhTQS0zMjguCgpSZXZpZXdlZC1ieTogSmFuIEJl dWxpY2ggPGpiZXVsaWNoQHN1c2UuY29tPgotLS0KIHhlbi9hcmNoL3g4Ni9t bS9wMm0tZXB0LmMgfCAxMCArKysrKysrKy0tCiAxIGZpbGUgY2hhbmdlZCwg OCBpbnNlcnRpb25zKCspLCAyIGRlbGV0aW9ucygtKQoKZGlmZiAtLWdpdCBh L3hlbi9hcmNoL3g4Ni9tbS9wMm0tZXB0LmMgYi94ZW4vYXJjaC94ODYvbW0v cDJtLWVwdC5jCmluZGV4IGQ5OTEzYTZjOTcuLjg3YTE0ZjZmMjIgMTAwNjQ0 Ci0tLSBhL3hlbi9hcmNoL3g4Ni9tbS9wMm0tZXB0LmMKKysrIGIveGVuL2Fy Y2gveDg2L21tL3AybS1lcHQuYwpAQCAtMzA2LDYgKzMwNiw4IEBAIHN0YXRp YyBpbnQgZXB0X25leHRfbGV2ZWwoc3RydWN0IHAybV9kb21haW4gKnAybSwg Ym9vbF90IHJlYWRfb25seSwKICAgICBlcHRfZW50cnlfdCAqZXB0X2VudHJ5 LCAqbmV4dCA9IE5VTEwsIGU7CiAgICAgdTMyIHNoaWZ0LCBpbmRleDsKIAor ICAgIEFTU0VSVChuZXh0X2xldmVsKTsKKwogICAgIHNoaWZ0ID0gbmV4dF9s ZXZlbCAqIEVQVF9UQUJMRV9PUkRFUjsKIAogICAgIGluZGV4ID0gKmdmbl9y ZW1haW5kZXIgPj4gc2hpZnQ7CkBAIC0zMjIsMTYgKzMyNCwyMCBAQCBzdGF0 aWMgaW50IGVwdF9uZXh0X2xldmVsKHN0cnVjdCBwMm1fZG9tYWluICpwMm0s IGJvb2xfdCByZWFkX29ubHksCiAKICAgICBpZiAoICFpc19lcHRlX3ByZXNl bnQoJmUpICkKICAgICB7CisgICAgICAgIGludCByYzsKKwogICAgICAgICBp ZiAoIGUuc2FfcDJtdCA9PSBwMm1fcG9wdWxhdGVfb25fZGVtYW5kICkKICAg ICAgICAgICAgIHJldHVybiBHVUVTVF9UQUJMRV9QT0RfUEFHRTsKIAogICAg ICAgICBpZiAoIHJlYWRfb25seSApCiAgICAgICAgICAgICByZXR1cm4gR1VF U1RfVEFCTEVfTUFQX0ZBSUxFRDsKIAotICAgICAgICBuZXh0ID0gZXB0X3Nl dF9taWRkbGVfZW50cnkocDJtLCBlcHRfZW50cnkpOworICAgICAgICBuZXh0 ID0gZXB0X3NldF9taWRkbGVfZW50cnkocDJtLCAmZSk7CiAgICAgICAgIGlm ICggIW5leHQgKQogICAgICAgICAgICAgcmV0dXJuIEdVRVNUX1RBQkxFX01B UF9GQUlMRUQ7Ci0gICAgICAgIC8qIGUgaXMgbm93IHN0YWxlIGFuZCBoZW5j ZSBtYXkgbm90IGJlIHVzZWQgYW55bW9yZSBiZWxvdy4gKi8KKworICAgICAg ICByYyA9IGF0b21pY193cml0ZV9lcHRfZW50cnkocDJtLCBlcHRfZW50cnks IGUsIG5leHRfbGV2ZWwpOworICAgICAgICBBU1NFUlQocmMgPT0gMCk7CiAg ICAgfQogICAgIC8qIFRoZSBvbmx5IHRpbWUgc3Agd291bGQgYmUgc2V0IGhl cmUgaXMgaWYgd2UgaGFkIGhpdCBhIHN1cGVycGFnZSAqLwogICAgIGVsc2Ug aWYgKCBpc19lcHRlX3N1cGVycGFnZSgmZSkgKQotLSAKMi4yNi4yCgo= --=separator Content-Type: application/octet-stream; name="xsa328/xsa328-4.9-1.patch" Content-Disposition: attachment; filename="xsa328/xsa328-4.9-1.patch" Content-Transfer-Encoding: base64 RnJvbTogSmFuIEJldWxpY2ggPGpiZXVsaWNoQHN1c2UuY29tPgpTdWJqZWN0 OiB4ODYvRVBUOiBlcHRfc2V0X21pZGRsZV9lbnRyeSgpIHJlbGF0ZWQgYWRq dXN0bWVudHMKCmVwdF9zcGxpdF9zdXBlcl9wYWdlKCkgd2FudHMgdG8gZnVy dGhlciBtb2RpZnkgdGhlIG5ld2x5IGFsbG9jYXRlZAp0YWJsZSwgc28gaGF2 ZSBlcHRfc2V0X21pZGRsZV9lbnRyeSgpIHJldHVybiB0aGUgbWFwcGVkIHBv aW50ZXIgcmF0aGVyCnRoYW4gdGVhcmluZyBpdCBkb3duIGFuZCB0aGVuIGdl dHRpbmcgcmUtZXN0YWJsaXNoZWQgcmlnaHQgYWdhaW4uCgpTaW1pbGFybHkg ZXB0X25leHRfbGV2ZWwoKSB3YW50cyB0byBoYW5kIGJhY2sgYSBtYXBwZWQg cG9pbnRlciBvZgp0aGUgbmV4dCBsZXZlbCBwYWdlLCBzbyByZS11c2UgdGhl IG9uZSBlc3RhYmxpc2hlZCBieQplcHRfc2V0X21pZGRsZV9lbnRyeSgpIGlu IGNhc2UgdGhhdCBwYXRoIHdhcyB0YWtlbi4KClB1bGwgdGhlIHNldHRpbmcg b2Ygc3VwcHJlc3NfdmUgYWhlYWQgb2YgaW5zZXJ0aW9uIGludG8gdGhlIGhp Z2hlciBsZXZlbAp0YWJsZSwgYW5kIGRvbid0IGhhdmUgZXB0X3NwbGl0X3N1 cGVyX3BhZ2UoKSBzZXQgdGhlIGZpZWxkIGEgMm5kIHRpbWUuCgpUaGlzIGlz IHBhcnQgb2YgWFNBLTMyOC4KClNpZ25lZC1vZmYtYnk6IEphbiBCZXVsaWNo IDxqYmV1bGljaEBzdXNlLmNvbT4KUmV2aWV3ZWQtYnk6IFJvZ2VyIFBhdSBN b25uw6kgPHJvZ2VyLnBhdUBjaXRyaXguY29tPgoKLS0tIGEveGVuL2FyY2gv eDg2L21tL3AybS1lcHQuYworKysgYi94ZW4vYXJjaC94ODYvbW0vcDJtLWVw dC5jCkBAIC0yMjgsOCArMjI4LDkgQEAgc3RhdGljIHZvaWQgZXB0X3AybV90 eXBlX3RvX2ZsYWdzKHN0cnVjdAogI2RlZmluZSBHVUVTVF9UQUJMRV9TVVBF Ul9QQUdFICAyCiAjZGVmaW5lIEdVRVNUX1RBQkxFX1BPRF9QQUdFICAgIDMK IAotLyogRmlsbCBpbiBtaWRkbGUgbGV2ZWxzIG9mIGVwdCB0YWJsZSAqLwot c3RhdGljIGludCBlcHRfc2V0X21pZGRsZV9lbnRyeShzdHJ1Y3QgcDJtX2Rv bWFpbiAqcDJtLCBlcHRfZW50cnlfdCAqZXB0X2VudHJ5KQorLyogRmlsbCBp biBtaWRkbGUgbGV2ZWwgb2YgZXB0IHRhYmxlOyByZXR1cm4gcG9pbnRlciB0 byBtYXBwZWQgbmV3IHRhYmxlLiAqLworc3RhdGljIGVwdF9lbnRyeV90ICpl cHRfc2V0X21pZGRsZV9lbnRyeShzdHJ1Y3QgcDJtX2RvbWFpbiAqcDJtLAor ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICBlcHRf ZW50cnlfdCAqZXB0X2VudHJ5KQogewogICAgIHN0cnVjdCBwYWdlX2luZm8g KnBnOwogICAgIGVwdF9lbnRyeV90ICp0YWJsZTsKQEAgLTIzNyw3ICsyMzgs MTIgQEAgc3RhdGljIGludCBlcHRfc2V0X21pZGRsZV9lbnRyeShzdHJ1Y3Qg cAogCiAgICAgcGcgPSBwMm1fYWxsb2NfcHRwKHAybSwgMCk7CiAgICAgaWYg KCBwZyA9PSBOVUxMICkKLSAgICAgICAgcmV0dXJuIDA7CisgICAgICAgIHJl dHVybiBOVUxMOworCisgICAgdGFibGUgPSBfX21hcF9kb21haW5fcGFnZShw Zyk7CisKKyAgICBmb3IgKCBpID0gMDsgaSA8IEVQVF9QQUdFVEFCTEVfRU5U UklFUzsgaSsrICkKKyAgICAgICAgdGFibGVbaV0uc3VwcHJlc3NfdmUgPSAx OwogCiAgICAgZXB0X2VudHJ5LT5lcHRlID0gMDsKICAgICBlcHRfZW50cnkt Pm1mbiA9IHBhZ2VfdG9fbWZuKHBnKTsKQEAgLTI0OSwxNCArMjU1LDcgQEAg c3RhdGljIGludCBlcHRfc2V0X21pZGRsZV9lbnRyeShzdHJ1Y3QgcAogCiAg ICAgZXB0X2VudHJ5LT5zdXBwcmVzc192ZSA9IDE7CiAKLSAgICB0YWJsZSA9 IF9fbWFwX2RvbWFpbl9wYWdlKHBnKTsKLQotICAgIGZvciAoIGkgPSAwOyBp IDwgRVBUX1BBR0VUQUJMRV9FTlRSSUVTOyBpKysgKQotICAgICAgICB0YWJs ZVtpXS5zdXBwcmVzc192ZSA9IDE7Ci0KLSAgICB1bm1hcF9kb21haW5fcGFn ZSh0YWJsZSk7Ci0KLSAgICByZXR1cm4gMTsKKyAgICByZXR1cm4gdGFibGU7 CiB9CiAKIC8qIGZyZWUgZXB0IHN1YiB0cmVlIGJlaGluZCBhbiBlbnRyeSAq LwpAQCAtMjk0LDEwICsyOTMsMTAgQEAgc3RhdGljIGJvb2xfdCBlcHRfc3Bs aXRfc3VwZXJfcGFnZShzdHJ1YwogCiAgICAgQVNTRVJUKGlzX2VwdGVfc3Vw ZXJwYWdlKGVwdF9lbnRyeSkpOwogCi0gICAgaWYgKCAhZXB0X3NldF9taWRk bGVfZW50cnkocDJtLCAmbmV3X2VwdCkgKQorICAgIHRhYmxlID0gZXB0X3Nl dF9taWRkbGVfZW50cnkocDJtLCAmbmV3X2VwdCk7CisgICAgaWYgKCAhdGFi bGUgKQogICAgICAgICByZXR1cm4gMDsKIAotICAgIHRhYmxlID0gbWFwX2Rv bWFpbl9wYWdlKF9tZm4obmV3X2VwdC5tZm4pKTsKICAgICB0cnVuayA9IDFV TCA8PCAoKGxldmVsIC0gMSkgKiBFUFRfVEFCTEVfT1JERVIpOwogCiAgICAg Zm9yICggaSA9IDA7IGkgPCBFUFRfUEFHRVRBQkxFX0VOVFJJRVM7IGkrKyAp CkBAIC0zMDgsNyArMzA3LDYgQEAgc3RhdGljIGJvb2xfdCBlcHRfc3BsaXRf c3VwZXJfcGFnZShzdHJ1YwogICAgICAgICBlcHRlLT5zcCA9IChsZXZlbCA+ IDEpOwogICAgICAgICBlcHRlLT5tZm4gKz0gaSAqIHRydW5rOwogICAgICAg ICBlcHRlLT5zbnAgPSAoaW9tbXVfZW5hYmxlZCAmJiBpb21tdV9zbm9vcCk7 Ci0gICAgICAgIGVwdGUtPnN1cHByZXNzX3ZlID0gMTsKIAogICAgICAgICBl cHRfcDJtX3R5cGVfdG9fZmxhZ3MocDJtLCBlcHRlLCBlcHRlLT5zYV9wMm10 LCBlcHRlLT5hY2Nlc3MpOwogCkBAIC0zNDcsOCArMzQ1LDcgQEAgc3RhdGlj IGludCBlcHRfbmV4dF9sZXZlbChzdHJ1Y3QgcDJtX2RvbQogICAgICAgICAg ICAgICAgICAgICAgICAgICBlcHRfZW50cnlfdCAqKnRhYmxlLCB1bnNpZ25l ZCBsb25nICpnZm5fcmVtYWluZGVyLAogICAgICAgICAgICAgICAgICAgICAg ICAgICBpbnQgbmV4dF9sZXZlbCkKIHsKLSAgICB1bnNpZ25lZCBsb25nIG1m bjsKLSAgICBlcHRfZW50cnlfdCAqZXB0X2VudHJ5LCBlOworICAgIGVwdF9l bnRyeV90ICplcHRfZW50cnksICpuZXh0ID0gTlVMTCwgZTsKICAgICB1MzIg c2hpZnQsIGluZGV4OwogCiAgICAgc2hpZnQgPSBuZXh0X2xldmVsICogRVBU X1RBQkxFX09SREVSOwpAQCAtMzczLDE5ICszNzAsMTcgQEAgc3RhdGljIGlu dCBlcHRfbmV4dF9sZXZlbChzdHJ1Y3QgcDJtX2RvbQogICAgICAgICBpZiAo IHJlYWRfb25seSApCiAgICAgICAgICAgICByZXR1cm4gR1VFU1RfVEFCTEVf TUFQX0ZBSUxFRDsKIAotICAgICAgICBpZiAoICFlcHRfc2V0X21pZGRsZV9l bnRyeShwMm0sIGVwdF9lbnRyeSkgKQorICAgICAgICBuZXh0ID0gZXB0X3Nl dF9taWRkbGVfZW50cnkocDJtLCBlcHRfZW50cnkpOworICAgICAgICBpZiAo ICFuZXh0ICkKICAgICAgICAgICAgIHJldHVybiBHVUVTVF9UQUJMRV9NQVBf RkFJTEVEOwotICAgICAgICBlbHNlCi0gICAgICAgICAgICBlID0gYXRvbWlj X3JlYWRfZXB0X2VudHJ5KGVwdF9lbnRyeSk7IC8qIFJlZnJlc2ggKi8KKyAg ICAgICAgLyogZSBpcyBub3cgc3RhbGUgYW5kIGhlbmNlIG1heSBub3QgYmUg dXNlZCBhbnltb3JlIGJlbG93LiAqLwogICAgIH0KLQogICAgIC8qIFRoZSBv bmx5IHRpbWUgc3Agd291bGQgYmUgc2V0IGhlcmUgaXMgaWYgd2UgaGFkIGhp dCBhIHN1cGVycGFnZSAqLwotICAgIGlmICggaXNfZXB0ZV9zdXBlcnBhZ2Uo JmUpICkKKyAgICBlbHNlIGlmICggaXNfZXB0ZV9zdXBlcnBhZ2UoJmUpICkK ICAgICAgICAgcmV0dXJuIEdVRVNUX1RBQkxFX1NVUEVSX1BBR0U7CiAKLSAg ICBtZm4gPSBlLm1mbjsKICAgICB1bm1hcF9kb21haW5fcGFnZSgqdGFibGUp OwotICAgICp0YWJsZSA9IG1hcF9kb21haW5fcGFnZShfbWZuKG1mbikpOwor ICAgICp0YWJsZSA9IG5leHQgPzogbWFwX2RvbWFpbl9wYWdlKF9tZm4oZS5t Zm4pKTsKICAgICAqZ2ZuX3JlbWFpbmRlciAmPSAoMVVMIDw8IHNoaWZ0KSAt IDE7CiAgICAgcmV0dXJuIEdVRVNUX1RBQkxFX05PUk1BTF9QQUdFOwogfQo= --=separator Content-Type: application/octet-stream; name="xsa328/xsa328-4.9-2.patch" Content-Disposition: attachment; filename="xsa328/xsa328-4.9-2.patch" Content-Transfer-Encoding: base64 RnJvbTogPHNlY3VyaXR5QHhlbnByb2plY3Qub3JnPgpTdWJqZWN0OiB4ODYv ZXB0OiBhdG9taWNhbGx5IG1vZGlmeSBlbnRyaWVzIGluIGVwdF9uZXh0X2xl dmVsCgplcHRfbmV4dF9sZXZlbCB3YXMgcGFzc2luZyBhIGxpdmUgUFRFIHBv aW50ZXIgdG8gZXB0X3NldF9taWRkbGVfZW50cnksCndoaWNoIHdhcyB0aGVu IG1vZGlmaWVkIHdpdGhvdXQgdGFraW5nIGludG8gYWNjb3VudCB0aGF0IHRo ZSBQVEUgY291bGQKYmUgcGFydCBvZiBhIGxpdmUgRVBUIHRhYmxlLiBUaGlz IHdhc24ndCBhIHNlY3VyaXR5IGlzc3VlIGJlY2F1c2UgdGhlCnBhZ2VzIHJl dHVybmVkIGJ5IHAybV9hbGxvY19wdHAgYXJlIHplcm9lZCwgc28gYWRkaW5n IHN1Y2ggYW4gZW50cnkKYmVmb3JlIGFjdHVhbGx5IGluaXRpYWxpemluZyBp dCBkaWRuJ3QgYWxsb3cgYSBndWVzdCB0byBhY2Nlc3MKcGh5c2ljYWwgbWVt b3J5IGFkZHJlc3NlcyBpdCB3YXNuJ3Qgc3VwcG9zZWQgdG8gYWNjZXNzLgoK VGhpcyBpcyBwYXJ0IG9mIFhTQS0zMjguCgpSZXZpZXdlZC1ieTogSmFuIEJl dWxpY2ggPGpiZXVsaWNoQHN1c2UuY29tPgoKLS0tIGEveGVuL2FyY2gveDg2 L21tL3AybS1lcHQuYworKysgYi94ZW4vYXJjaC94ODYvbW0vcDJtLWVwdC5j CkBAIC0zNDgsNiArMzQ4LDggQEAgc3RhdGljIGludCBlcHRfbmV4dF9sZXZl bChzdHJ1Y3QgcDJtX2RvbQogICAgIGVwdF9lbnRyeV90ICplcHRfZW50cnks ICpuZXh0ID0gTlVMTCwgZTsKICAgICB1MzIgc2hpZnQsIGluZGV4OwogCisg ICAgQVNTRVJUKG5leHRfbGV2ZWwpOworCiAgICAgc2hpZnQgPSBuZXh0X2xl dmVsICogRVBUX1RBQkxFX09SREVSOwogCiAgICAgaW5kZXggPSAqZ2ZuX3Jl bWFpbmRlciA+PiBzaGlmdDsKQEAgLTM2NCwxNiArMzY2LDIwIEBAIHN0YXRp YyBpbnQgZXB0X25leHRfbGV2ZWwoc3RydWN0IHAybV9kb20KIAogICAgIGlm ICggIWlzX2VwdGVfcHJlc2VudCgmZSkgKQogICAgIHsKKyAgICAgICAgaW50 IHJjOworCiAgICAgICAgIGlmICggZS5zYV9wMm10ID09IHAybV9wb3B1bGF0 ZV9vbl9kZW1hbmQgKQogICAgICAgICAgICAgcmV0dXJuIEdVRVNUX1RBQkxF X1BPRF9QQUdFOwogCiAgICAgICAgIGlmICggcmVhZF9vbmx5ICkKICAgICAg ICAgICAgIHJldHVybiBHVUVTVF9UQUJMRV9NQVBfRkFJTEVEOwogCi0gICAg ICAgIG5leHQgPSBlcHRfc2V0X21pZGRsZV9lbnRyeShwMm0sIGVwdF9lbnRy eSk7CisgICAgICAgIG5leHQgPSBlcHRfc2V0X21pZGRsZV9lbnRyeShwMm0s ICZlKTsKICAgICAgICAgaWYgKCAhbmV4dCApCiAgICAgICAgICAgICByZXR1 cm4gR1VFU1RfVEFCTEVfTUFQX0ZBSUxFRDsKLSAgICAgICAgLyogZSBpcyBu b3cgc3RhbGUgYW5kIGhlbmNlIG1heSBub3QgYmUgdXNlZCBhbnltb3JlIGJl bG93LiAqLworCisgICAgICAgIHJjID0gYXRvbWljX3dyaXRlX2VwdF9lbnRy eShlcHRfZW50cnksIGUsIG5leHRfbGV2ZWwpOworICAgICAgICBBU1NFUlQo cmMgPT0gMCk7CiAgICAgfQogICAgIC8qIFRoZSBvbmx5IHRpbWUgc3Agd291 bGQgYmUgc2V0IGhlcmUgaXMgaWYgd2UgaGFkIGhpdCBhIHN1cGVycGFnZSAq LwogICAgIGVsc2UgaWYgKCBpc19lcHRlX3N1cGVycGFnZSgmZSkgKQo= --=separator Content-Type: application/octet-stream; name="xsa328/xsa328-4.11-1.patch" Content-Disposition: attachment; filename="xsa328/xsa328-4.11-1.patch" Content-Transfer-Encoding: base64 RnJvbTogSmFuIEJldWxpY2ggPGpiZXVsaWNoQHN1c2UuY29tPgpTdWJqZWN0 OiB4ODYvRVBUOiBlcHRfc2V0X21pZGRsZV9lbnRyeSgpIHJlbGF0ZWQgYWRq dXN0bWVudHMKCmVwdF9zcGxpdF9zdXBlcl9wYWdlKCkgd2FudHMgdG8gZnVy dGhlciBtb2RpZnkgdGhlIG5ld2x5IGFsbG9jYXRlZAp0YWJsZSwgc28gaGF2 ZSBlcHRfc2V0X21pZGRsZV9lbnRyeSgpIHJldHVybiB0aGUgbWFwcGVkIHBv aW50ZXIgcmF0aGVyCnRoYW4gdGVhcmluZyBpdCBkb3duIGFuZCB0aGVuIGdl dHRpbmcgcmUtZXN0YWJsaXNoZWQgcmlnaHQgYWdhaW4uCgpTaW1pbGFybHkg ZXB0X25leHRfbGV2ZWwoKSB3YW50cyB0byBoYW5kIGJhY2sgYSBtYXBwZWQg cG9pbnRlciBvZgp0aGUgbmV4dCBsZXZlbCBwYWdlLCBzbyByZS11c2UgdGhl IG9uZSBlc3RhYmxpc2hlZCBieQplcHRfc2V0X21pZGRsZV9lbnRyeSgpIGlu IGNhc2UgdGhhdCBwYXRoIHdhcyB0YWtlbi4KClB1bGwgdGhlIHNldHRpbmcg b2Ygc3VwcHJlc3NfdmUgYWhlYWQgb2YgaW5zZXJ0aW9uIGludG8gdGhlIGhp Z2hlciBsZXZlbAp0YWJsZSwgYW5kIGRvbid0IGhhdmUgZXB0X3NwbGl0X3N1 cGVyX3BhZ2UoKSBzZXQgdGhlIGZpZWxkIGEgMm5kIHRpbWUuCgpUaGlzIGlz IHBhcnQgb2YgWFNBLTMyOC4KClNpZ25lZC1vZmYtYnk6IEphbiBCZXVsaWNo IDxqYmV1bGljaEBzdXNlLmNvbT4KCi0tLSBhL3hlbi9hcmNoL3g4Ni9tbS9w Mm0tZXB0LmMKKysrIGIveGVuL2FyY2gveDg2L21tL3AybS1lcHQuYwpAQCAt MjI4LDggKzIyOCw5IEBAIHN0YXRpYyB2b2lkIGVwdF9wMm1fdHlwZV90b19m bGFncyhzdHJ1Y3QKICNkZWZpbmUgR1VFU1RfVEFCTEVfU1VQRVJfUEFHRSAg MgogI2RlZmluZSBHVUVTVF9UQUJMRV9QT0RfUEFHRSAgICAzCiAKLS8qIEZp bGwgaW4gbWlkZGxlIGxldmVscyBvZiBlcHQgdGFibGUgKi8KLXN0YXRpYyBp bnQgZXB0X3NldF9taWRkbGVfZW50cnkoc3RydWN0IHAybV9kb21haW4gKnAy bSwgZXB0X2VudHJ5X3QgKmVwdF9lbnRyeSkKKy8qIEZpbGwgaW4gbWlkZGxl IGxldmVsIG9mIGVwdCB0YWJsZTsgcmV0dXJuIHBvaW50ZXIgdG8gbWFwcGVk IG5ldyB0YWJsZS4gKi8KK3N0YXRpYyBlcHRfZW50cnlfdCAqZXB0X3NldF9t aWRkbGVfZW50cnkoc3RydWN0IHAybV9kb21haW4gKnAybSwKKyAgICAgICAg ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgZXB0X2VudHJ5X3Qg KmVwdF9lbnRyeSkKIHsKICAgICBtZm5fdCBtZm47CiAgICAgZXB0X2VudHJ5 X3QgKnRhYmxlOwpAQCAtMjM3LDcgKzIzOCwxMiBAQCBzdGF0aWMgaW50IGVw dF9zZXRfbWlkZGxlX2VudHJ5KHN0cnVjdCBwCiAKICAgICBtZm4gPSBwMm1f YWxsb2NfcHRwKHAybSwgMCk7CiAgICAgaWYgKCBtZm5fZXEobWZuLCBJTlZB TElEX01GTikgKQotICAgICAgICByZXR1cm4gMDsKKyAgICAgICAgcmV0dXJu IE5VTEw7CisKKyAgICB0YWJsZSA9IG1hcF9kb21haW5fcGFnZShtZm4pOwor CisgICAgZm9yICggaSA9IDA7IGkgPCBFUFRfUEFHRVRBQkxFX0VOVFJJRVM7 IGkrKyApCisgICAgICAgIHRhYmxlW2ldLnN1cHByZXNzX3ZlID0gMTsKIAog ICAgIGVwdF9lbnRyeS0+ZXB0ZSA9IDA7CiAgICAgZXB0X2VudHJ5LT5tZm4g PSBtZm5feChtZm4pOwpAQCAtMjQ5LDE0ICsyNTUsNyBAQCBzdGF0aWMgaW50 IGVwdF9zZXRfbWlkZGxlX2VudHJ5KHN0cnVjdCBwCiAKICAgICBlcHRfZW50 cnktPnN1cHByZXNzX3ZlID0gMTsKIAotICAgIHRhYmxlID0gbWFwX2RvbWFp bl9wYWdlKG1mbik7Ci0KLSAgICBmb3IgKCBpID0gMDsgaSA8IEVQVF9QQUdF VEFCTEVfRU5UUklFUzsgaSsrICkKLSAgICAgICAgdGFibGVbaV0uc3VwcHJl c3NfdmUgPSAxOwotCi0gICAgdW5tYXBfZG9tYWluX3BhZ2UodGFibGUpOwot Ci0gICAgcmV0dXJuIDE7CisgICAgcmV0dXJuIHRhYmxlOwogfQogCiAvKiBm cmVlIGVwdCBzdWIgdHJlZSBiZWhpbmQgYW4gZW50cnkgKi8KQEAgLTI5NCwx MCArMjkzLDEwIEBAIHN0YXRpYyBib29sX3QgZXB0X3NwbGl0X3N1cGVyX3Bh Z2Uoc3RydWMKIAogICAgIEFTU0VSVChpc19lcHRlX3N1cGVycGFnZShlcHRf ZW50cnkpKTsKIAotICAgIGlmICggIWVwdF9zZXRfbWlkZGxlX2VudHJ5KHAy bSwgJm5ld19lcHQpICkKKyAgICB0YWJsZSA9IGVwdF9zZXRfbWlkZGxlX2Vu dHJ5KHAybSwgJm5ld19lcHQpOworICAgIGlmICggIXRhYmxlICkKICAgICAg ICAgcmV0dXJuIDA7CiAKLSAgICB0YWJsZSA9IG1hcF9kb21haW5fcGFnZShf bWZuKG5ld19lcHQubWZuKSk7CiAgICAgdHJ1bmsgPSAxVUwgPDwgKChsZXZl bCAtIDEpICogRVBUX1RBQkxFX09SREVSKTsKIAogICAgIGZvciAoIGkgPSAw OyBpIDwgRVBUX1BBR0VUQUJMRV9FTlRSSUVTOyBpKysgKQpAQCAtMzA4LDcg KzMwNyw2IEBAIHN0YXRpYyBib29sX3QgZXB0X3NwbGl0X3N1cGVyX3BhZ2Uo c3RydWMKICAgICAgICAgZXB0ZS0+c3AgPSAobGV2ZWwgPiAxKTsKICAgICAg ICAgZXB0ZS0+bWZuICs9IGkgKiB0cnVuazsKICAgICAgICAgZXB0ZS0+c25w ID0gKGlvbW11X2VuYWJsZWQgJiYgaW9tbXVfc25vb3ApOwotICAgICAgICBl cHRlLT5zdXBwcmVzc192ZSA9IDE7CiAKICAgICAgICAgZXB0X3AybV90eXBl X3RvX2ZsYWdzKHAybSwgZXB0ZSwgZXB0ZS0+c2FfcDJtdCwgZXB0ZS0+YWNj ZXNzKTsKIApAQCAtMzQ3LDggKzM0NSw3IEBAIHN0YXRpYyBpbnQgZXB0X25l eHRfbGV2ZWwoc3RydWN0IHAybV9kb20KICAgICAgICAgICAgICAgICAgICAg ICAgICAgZXB0X2VudHJ5X3QgKip0YWJsZSwgdW5zaWduZWQgbG9uZyAqZ2Zu X3JlbWFpbmRlciwKICAgICAgICAgICAgICAgICAgICAgICAgICAgaW50IG5l eHRfbGV2ZWwpCiB7Ci0gICAgdW5zaWduZWQgbG9uZyBtZm47Ci0gICAgZXB0 X2VudHJ5X3QgKmVwdF9lbnRyeSwgZTsKKyAgICBlcHRfZW50cnlfdCAqZXB0 X2VudHJ5LCAqbmV4dCA9IE5VTEwsIGU7CiAgICAgdTMyIHNoaWZ0LCBpbmRl eDsKIAogICAgIHNoaWZ0ID0gbmV4dF9sZXZlbCAqIEVQVF9UQUJMRV9PUkRF UjsKQEAgLTM3MywxOSArMzcwLDE3IEBAIHN0YXRpYyBpbnQgZXB0X25leHRf bGV2ZWwoc3RydWN0IHAybV9kb20KICAgICAgICAgaWYgKCByZWFkX29ubHkg KQogICAgICAgICAgICAgcmV0dXJuIEdVRVNUX1RBQkxFX01BUF9GQUlMRUQ7 CiAKLSAgICAgICAgaWYgKCAhZXB0X3NldF9taWRkbGVfZW50cnkocDJtLCBl cHRfZW50cnkpICkKKyAgICAgICAgbmV4dCA9IGVwdF9zZXRfbWlkZGxlX2Vu dHJ5KHAybSwgZXB0X2VudHJ5KTsKKyAgICAgICAgaWYgKCAhbmV4dCApCiAg ICAgICAgICAgICByZXR1cm4gR1VFU1RfVEFCTEVfTUFQX0ZBSUxFRDsKLSAg ICAgICAgZWxzZQotICAgICAgICAgICAgZSA9IGF0b21pY19yZWFkX2VwdF9l bnRyeShlcHRfZW50cnkpOyAvKiBSZWZyZXNoICovCisgICAgICAgIC8qIGUg aXMgbm93IHN0YWxlIGFuZCBoZW5jZSBtYXkgbm90IGJlIHVzZWQgYW55bW9y ZSBiZWxvdy4gKi8KICAgICB9Ci0KICAgICAvKiBUaGUgb25seSB0aW1lIHNw IHdvdWxkIGJlIHNldCBoZXJlIGlzIGlmIHdlIGhhZCBoaXQgYSBzdXBlcnBh Z2UgKi8KLSAgICBpZiAoIGlzX2VwdGVfc3VwZXJwYWdlKCZlKSApCisgICAg ZWxzZSBpZiAoIGlzX2VwdGVfc3VwZXJwYWdlKCZlKSApCiAgICAgICAgIHJl dHVybiBHVUVTVF9UQUJMRV9TVVBFUl9QQUdFOwogCi0gICAgbWZuID0gZS5t Zm47CiAgICAgdW5tYXBfZG9tYWluX3BhZ2UoKnRhYmxlKTsKLSAgICAqdGFi bGUgPSBtYXBfZG9tYWluX3BhZ2UoX21mbihtZm4pKTsKKyAgICAqdGFibGUg PSBuZXh0ID86IG1hcF9kb21haW5fcGFnZShfbWZuKGUubWZuKSk7CiAgICAg Kmdmbl9yZW1haW5kZXIgJj0gKDFVTCA8PCBzaGlmdCkgLSAxOwogICAgIHJl dHVybiBHVUVTVF9UQUJMRV9OT1JNQUxfUEFHRTsKIH0K --=separator Content-Type: application/octet-stream; name="xsa328/xsa328-4.11-2.patch" Content-Disposition: attachment; filename="xsa328/xsa328-4.11-2.patch" Content-Transfer-Encoding: base64 RnJvbTogPHNlY3VyaXR5QHhlbnByb2plY3Qub3JnPgpTdWJqZWN0OiB4ODYv ZXB0OiBhdG9taWNhbGx5IG1vZGlmeSBlbnRyaWVzIGluIGVwdF9uZXh0X2xl dmVsCgplcHRfbmV4dF9sZXZlbCB3YXMgcGFzc2luZyBhIGxpdmUgUFRFIHBv aW50ZXIgdG8gZXB0X3NldF9taWRkbGVfZW50cnksCndoaWNoIHdhcyB0aGVu IG1vZGlmaWVkIHdpdGhvdXQgdGFraW5nIGludG8gYWNjb3VudCB0aGF0IHRo ZSBQVEUgY291bGQKYmUgcGFydCBvZiBhIGxpdmUgRVBUIHRhYmxlLiBUaGlz IHdhc24ndCBhIHNlY3VyaXR5IGlzc3VlIGJlY2F1c2UgdGhlCnBhZ2VzIHJl dHVybmVkIGJ5IHAybV9hbGxvY19wdHAgYXJlIHplcm9lZCwgc28gYWRkaW5n IHN1Y2ggYW4gZW50cnkKYmVmb3JlIGFjdHVhbGx5IGluaXRpYWxpemluZyBp dCBkaWRuJ3QgYWxsb3cgYSBndWVzdCB0byBhY2Nlc3MKcGh5c2ljYWwgbWVt b3J5IGFkZHJlc3NlcyBpdCB3YXNuJ3Qgc3VwcG9zZWQgdG8gYWNjZXNzLgoK VGhpcyBpcyBwYXJ0IG9mIFhTQS0zMjguCgpSZXZpZXdlZC1ieTogSmFuIEJl dWxpY2ggPGpiZXVsaWNoQHN1c2UuY29tPgoKLS0tIGEveGVuL2FyY2gveDg2 L21tL3AybS1lcHQuYworKysgYi94ZW4vYXJjaC94ODYvbW0vcDJtLWVwdC5j CkBAIC0zNDgsNiArMzQ4LDggQEAgc3RhdGljIGludCBlcHRfbmV4dF9sZXZl bChzdHJ1Y3QgcDJtX2RvbQogICAgIGVwdF9lbnRyeV90ICplcHRfZW50cnks ICpuZXh0ID0gTlVMTCwgZTsKICAgICB1MzIgc2hpZnQsIGluZGV4OwogCisg ICAgQVNTRVJUKG5leHRfbGV2ZWwpOworCiAgICAgc2hpZnQgPSBuZXh0X2xl dmVsICogRVBUX1RBQkxFX09SREVSOwogCiAgICAgaW5kZXggPSAqZ2ZuX3Jl bWFpbmRlciA+PiBzaGlmdDsKQEAgLTM2NCwxNiArMzY2LDIwIEBAIHN0YXRp YyBpbnQgZXB0X25leHRfbGV2ZWwoc3RydWN0IHAybV9kb20KIAogICAgIGlm ICggIWlzX2VwdGVfcHJlc2VudCgmZSkgKQogICAgIHsKKyAgICAgICAgaW50 IHJjOworCiAgICAgICAgIGlmICggZS5zYV9wMm10ID09IHAybV9wb3B1bGF0 ZV9vbl9kZW1hbmQgKQogICAgICAgICAgICAgcmV0dXJuIEdVRVNUX1RBQkxF X1BPRF9QQUdFOwogCiAgICAgICAgIGlmICggcmVhZF9vbmx5ICkKICAgICAg ICAgICAgIHJldHVybiBHVUVTVF9UQUJMRV9NQVBfRkFJTEVEOwogCi0gICAg ICAgIG5leHQgPSBlcHRfc2V0X21pZGRsZV9lbnRyeShwMm0sIGVwdF9lbnRy eSk7CisgICAgICAgIG5leHQgPSBlcHRfc2V0X21pZGRsZV9lbnRyeShwMm0s ICZlKTsKICAgICAgICAgaWYgKCAhbmV4dCApCiAgICAgICAgICAgICByZXR1 cm4gR1VFU1RfVEFCTEVfTUFQX0ZBSUxFRDsKLSAgICAgICAgLyogZSBpcyBu b3cgc3RhbGUgYW5kIGhlbmNlIG1heSBub3QgYmUgdXNlZCBhbnltb3JlIGJl bG93LiAqLworCisgICAgICAgIHJjID0gYXRvbWljX3dyaXRlX2VwdF9lbnRy eShlcHRfZW50cnksIGUsIG5leHRfbGV2ZWwpOworICAgICAgICBBU1NFUlQo cmMgPT0gMCk7CiAgICAgfQogICAgIC8qIFRoZSBvbmx5IHRpbWUgc3Agd291 bGQgYmUgc2V0IGhlcmUgaXMgaWYgd2UgaGFkIGhpdCBhIHN1cGVycGFnZSAq LwogICAgIGVsc2UgaWYgKCBpc19lcHRlX3N1cGVycGFnZSgmZSkgKQo= --=separator Content-Type: application/octet-stream; name="xsa328/xsa328-4.12-1.patch" Content-Disposition: attachment; filename="xsa328/xsa328-4.12-1.patch" Content-Transfer-Encoding: base64 RnJvbTogSmFuIEJldWxpY2ggPGpiZXVsaWNoQHN1c2UuY29tPgpTdWJqZWN0 OiB4ODYvRVBUOiBlcHRfc2V0X21pZGRsZV9lbnRyeSgpIHJlbGF0ZWQgYWRq dXN0bWVudHMKCmVwdF9zcGxpdF9zdXBlcl9wYWdlKCkgd2FudHMgdG8gZnVy dGhlciBtb2RpZnkgdGhlIG5ld2x5IGFsbG9jYXRlZAp0YWJsZSwgc28gaGF2 ZSBlcHRfc2V0X21pZGRsZV9lbnRyeSgpIHJldHVybiB0aGUgbWFwcGVkIHBv aW50ZXIgcmF0aGVyCnRoYW4gdGVhcmluZyBpdCBkb3duIGFuZCB0aGVuIGdl dHRpbmcgcmUtZXN0YWJsaXNoZWQgcmlnaHQgYWdhaW4uCgpTaW1pbGFybHkg ZXB0X25leHRfbGV2ZWwoKSB3YW50cyB0byBoYW5kIGJhY2sgYSBtYXBwZWQg cG9pbnRlciBvZgp0aGUgbmV4dCBsZXZlbCBwYWdlLCBzbyByZS11c2UgdGhl IG9uZSBlc3RhYmxpc2hlZCBieQplcHRfc2V0X21pZGRsZV9lbnRyeSgpIGlu IGNhc2UgdGhhdCBwYXRoIHdhcyB0YWtlbi4KClB1bGwgdGhlIHNldHRpbmcg b2Ygc3VwcHJlc3NfdmUgYWhlYWQgb2YgaW5zZXJ0aW9uIGludG8gdGhlIGhp Z2hlciBsZXZlbAp0YWJsZSwgYW5kIGRvbid0IGhhdmUgZXB0X3NwbGl0X3N1 cGVyX3BhZ2UoKSBzZXQgdGhlIGZpZWxkIGEgMm5kIHRpbWUuCgpUaGlzIGlz IHBhcnQgb2YgWFNBLTMyOC4KClNpZ25lZC1vZmYtYnk6IEphbiBCZXVsaWNo IDxqYmV1bGljaEBzdXNlLmNvbT4KCi0tLSBhL3hlbi9hcmNoL3g4Ni9tbS9w Mm0tZXB0LmMKKysrIGIveGVuL2FyY2gveDg2L21tL3AybS1lcHQuYwpAQCAt MTg3LDggKzE4Nyw5IEBAIHN0YXRpYyB2b2lkIGVwdF9wMm1fdHlwZV90b19m bGFncyhzdHJ1Y3QKICNkZWZpbmUgR1VFU1RfVEFCTEVfU1VQRVJfUEFHRSAg MgogI2RlZmluZSBHVUVTVF9UQUJMRV9QT0RfUEFHRSAgICAzCiAKLS8qIEZp bGwgaW4gbWlkZGxlIGxldmVscyBvZiBlcHQgdGFibGUgKi8KLXN0YXRpYyBp bnQgZXB0X3NldF9taWRkbGVfZW50cnkoc3RydWN0IHAybV9kb21haW4gKnAy bSwgZXB0X2VudHJ5X3QgKmVwdF9lbnRyeSkKKy8qIEZpbGwgaW4gbWlkZGxl IGxldmVsIG9mIGVwdCB0YWJsZTsgcmV0dXJuIHBvaW50ZXIgdG8gbWFwcGVk IG5ldyB0YWJsZS4gKi8KK3N0YXRpYyBlcHRfZW50cnlfdCAqZXB0X3NldF9t aWRkbGVfZW50cnkoc3RydWN0IHAybV9kb21haW4gKnAybSwKKyAgICAgICAg ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgZXB0X2VudHJ5X3Qg KmVwdF9lbnRyeSkKIHsKICAgICBtZm5fdCBtZm47CiAgICAgZXB0X2VudHJ5 X3QgKnRhYmxlOwpAQCAtMTk2LDcgKzE5NywxMiBAQCBzdGF0aWMgaW50IGVw dF9zZXRfbWlkZGxlX2VudHJ5KHN0cnVjdCBwCiAKICAgICBtZm4gPSBwMm1f YWxsb2NfcHRwKHAybSwgMCk7CiAgICAgaWYgKCBtZm5fZXEobWZuLCBJTlZB TElEX01GTikgKQotICAgICAgICByZXR1cm4gMDsKKyAgICAgICAgcmV0dXJu IE5VTEw7CisKKyAgICB0YWJsZSA9IG1hcF9kb21haW5fcGFnZShtZm4pOwor CisgICAgZm9yICggaSA9IDA7IGkgPCBFUFRfUEFHRVRBQkxFX0VOVFJJRVM7 IGkrKyApCisgICAgICAgIHRhYmxlW2ldLnN1cHByZXNzX3ZlID0gMTsKIAog ICAgIGVwdF9lbnRyeS0+ZXB0ZSA9IDA7CiAgICAgZXB0X2VudHJ5LT5tZm4g PSBtZm5feChtZm4pOwpAQCAtMjA4LDE0ICsyMTQsNyBAQCBzdGF0aWMgaW50 IGVwdF9zZXRfbWlkZGxlX2VudHJ5KHN0cnVjdCBwCiAKICAgICBlcHRfZW50 cnktPnN1cHByZXNzX3ZlID0gMTsKIAotICAgIHRhYmxlID0gbWFwX2RvbWFp bl9wYWdlKG1mbik7Ci0KLSAgICBmb3IgKCBpID0gMDsgaSA8IEVQVF9QQUdF VEFCTEVfRU5UUklFUzsgaSsrICkKLSAgICAgICAgdGFibGVbaV0uc3VwcHJl c3NfdmUgPSAxOwotCi0gICAgdW5tYXBfZG9tYWluX3BhZ2UodGFibGUpOwot Ci0gICAgcmV0dXJuIDE7CisgICAgcmV0dXJuIHRhYmxlOwogfQogCiAvKiBm cmVlIGVwdCBzdWIgdHJlZSBiZWhpbmQgYW4gZW50cnkgKi8KQEAgLTI1Mywx MCArMjUyLDEwIEBAIHN0YXRpYyBib29sX3QgZXB0X3NwbGl0X3N1cGVyX3Bh Z2Uoc3RydWMKIAogICAgIEFTU0VSVChpc19lcHRlX3N1cGVycGFnZShlcHRf ZW50cnkpKTsKIAotICAgIGlmICggIWVwdF9zZXRfbWlkZGxlX2VudHJ5KHAy bSwgJm5ld19lcHQpICkKKyAgICB0YWJsZSA9IGVwdF9zZXRfbWlkZGxlX2Vu dHJ5KHAybSwgJm5ld19lcHQpOworICAgIGlmICggIXRhYmxlICkKICAgICAg ICAgcmV0dXJuIDA7CiAKLSAgICB0YWJsZSA9IG1hcF9kb21haW5fcGFnZShf bWZuKG5ld19lcHQubWZuKSk7CiAgICAgdHJ1bmsgPSAxVUwgPDwgKChsZXZl bCAtIDEpICogRVBUX1RBQkxFX09SREVSKTsKIAogICAgIGZvciAoIGkgPSAw OyBpIDwgRVBUX1BBR0VUQUJMRV9FTlRSSUVTOyBpKysgKQpAQCAtMjY3LDcg KzI2Niw2IEBAIHN0YXRpYyBib29sX3QgZXB0X3NwbGl0X3N1cGVyX3BhZ2Uo c3RydWMKICAgICAgICAgZXB0ZS0+c3AgPSAobGV2ZWwgPiAxKTsKICAgICAg ICAgZXB0ZS0+bWZuICs9IGkgKiB0cnVuazsKICAgICAgICAgZXB0ZS0+c25w ID0gKGlvbW11X2VuYWJsZWQgJiYgaW9tbXVfc25vb3ApOwotICAgICAgICBl cHRlLT5zdXBwcmVzc192ZSA9IDE7CiAKICAgICAgICAgZXB0X3AybV90eXBl X3RvX2ZsYWdzKHAybSwgZXB0ZSwgZXB0ZS0+c2FfcDJtdCwgZXB0ZS0+YWNj ZXNzKTsKIApAQCAtMzA2LDggKzMwNCw3IEBAIHN0YXRpYyBpbnQgZXB0X25l eHRfbGV2ZWwoc3RydWN0IHAybV9kb20KICAgICAgICAgICAgICAgICAgICAg ICAgICAgZXB0X2VudHJ5X3QgKip0YWJsZSwgdW5zaWduZWQgbG9uZyAqZ2Zu X3JlbWFpbmRlciwKICAgICAgICAgICAgICAgICAgICAgICAgICAgaW50IG5l eHRfbGV2ZWwpCiB7Ci0gICAgdW5zaWduZWQgbG9uZyBtZm47Ci0gICAgZXB0 X2VudHJ5X3QgKmVwdF9lbnRyeSwgZTsKKyAgICBlcHRfZW50cnlfdCAqZXB0 X2VudHJ5LCAqbmV4dCA9IE5VTEwsIGU7CiAgICAgdTMyIHNoaWZ0LCBpbmRl eDsKIAogICAgIHNoaWZ0ID0gbmV4dF9sZXZlbCAqIEVQVF9UQUJMRV9PUkRF UjsKQEAgLTMzMiwxOSArMzI5LDE3IEBAIHN0YXRpYyBpbnQgZXB0X25leHRf bGV2ZWwoc3RydWN0IHAybV9kb20KICAgICAgICAgaWYgKCByZWFkX29ubHkg KQogICAgICAgICAgICAgcmV0dXJuIEdVRVNUX1RBQkxFX01BUF9GQUlMRUQ7 CiAKLSAgICAgICAgaWYgKCAhZXB0X3NldF9taWRkbGVfZW50cnkocDJtLCBl cHRfZW50cnkpICkKKyAgICAgICAgbmV4dCA9IGVwdF9zZXRfbWlkZGxlX2Vu dHJ5KHAybSwgZXB0X2VudHJ5KTsKKyAgICAgICAgaWYgKCAhbmV4dCApCiAg ICAgICAgICAgICByZXR1cm4gR1VFU1RfVEFCTEVfTUFQX0ZBSUxFRDsKLSAg ICAgICAgZWxzZQotICAgICAgICAgICAgZSA9IGF0b21pY19yZWFkX2VwdF9l bnRyeShlcHRfZW50cnkpOyAvKiBSZWZyZXNoICovCisgICAgICAgIC8qIGUg aXMgbm93IHN0YWxlIGFuZCBoZW5jZSBtYXkgbm90IGJlIHVzZWQgYW55bW9y ZSBiZWxvdy4gKi8KICAgICB9Ci0KICAgICAvKiBUaGUgb25seSB0aW1lIHNw IHdvdWxkIGJlIHNldCBoZXJlIGlzIGlmIHdlIGhhZCBoaXQgYSBzdXBlcnBh Z2UgKi8KLSAgICBpZiAoIGlzX2VwdGVfc3VwZXJwYWdlKCZlKSApCisgICAg ZWxzZSBpZiAoIGlzX2VwdGVfc3VwZXJwYWdlKCZlKSApCiAgICAgICAgIHJl dHVybiBHVUVTVF9UQUJMRV9TVVBFUl9QQUdFOwogCi0gICAgbWZuID0gZS5t Zm47CiAgICAgdW5tYXBfZG9tYWluX3BhZ2UoKnRhYmxlKTsKLSAgICAqdGFi bGUgPSBtYXBfZG9tYWluX3BhZ2UoX21mbihtZm4pKTsKKyAgICAqdGFibGUg PSBuZXh0ID86IG1hcF9kb21haW5fcGFnZShfbWZuKGUubWZuKSk7CiAgICAg Kmdmbl9yZW1haW5kZXIgJj0gKDFVTCA8PCBzaGlmdCkgLSAxOwogICAgIHJl dHVybiBHVUVTVF9UQUJMRV9OT1JNQUxfUEFHRTsKIH0K --=separator Content-Type: application/octet-stream; name="xsa328/xsa328-4.12-2.patch" Content-Disposition: attachment; filename="xsa328/xsa328-4.12-2.patch" Content-Transfer-Encoding: base64 RnJvbTogPHNlY3VyaXR5QHhlbnByb2plY3Qub3JnPgpTdWJqZWN0OiB4ODYv ZXB0OiBhdG9taWNhbGx5IG1vZGlmeSBlbnRyaWVzIGluIGVwdF9uZXh0X2xl dmVsCgplcHRfbmV4dF9sZXZlbCB3YXMgcGFzc2luZyBhIGxpdmUgUFRFIHBv aW50ZXIgdG8gZXB0X3NldF9taWRkbGVfZW50cnksCndoaWNoIHdhcyB0aGVu IG1vZGlmaWVkIHdpdGhvdXQgdGFraW5nIGludG8gYWNjb3VudCB0aGF0IHRo ZSBQVEUgY291bGQKYmUgcGFydCBvZiBhIGxpdmUgRVBUIHRhYmxlLiBUaGlz IHdhc24ndCBhIHNlY3VyaXR5IGlzc3VlIGJlY2F1c2UgdGhlCnBhZ2VzIHJl dHVybmVkIGJ5IHAybV9hbGxvY19wdHAgYXJlIHplcm9lZCwgc28gYWRkaW5n IHN1Y2ggYW4gZW50cnkKYmVmb3JlIGFjdHVhbGx5IGluaXRpYWxpemluZyBp dCBkaWRuJ3QgYWxsb3cgYSBndWVzdCB0byBhY2Nlc3MKcGh5c2ljYWwgbWVt b3J5IGFkZHJlc3NlcyBpdCB3YXNuJ3Qgc3VwcG9zZWQgdG8gYWNjZXNzLgoK VGhpcyBpcyBwYXJ0IG9mIFhTQS0zMjguCgpSZXZpZXdlZC1ieTogSmFuIEJl dWxpY2ggPGpiZXVsaWNoQHN1c2UuY29tPgoKLS0tIGEveGVuL2FyY2gveDg2 L21tL3AybS1lcHQuYworKysgYi94ZW4vYXJjaC94ODYvbW0vcDJtLWVwdC5j CkBAIC0zMDcsNiArMzA3LDggQEAgc3RhdGljIGludCBlcHRfbmV4dF9sZXZl bChzdHJ1Y3QgcDJtX2RvbQogICAgIGVwdF9lbnRyeV90ICplcHRfZW50cnks ICpuZXh0ID0gTlVMTCwgZTsKICAgICB1MzIgc2hpZnQsIGluZGV4OwogCisg ICAgQVNTRVJUKG5leHRfbGV2ZWwpOworCiAgICAgc2hpZnQgPSBuZXh0X2xl dmVsICogRVBUX1RBQkxFX09SREVSOwogCiAgICAgaW5kZXggPSAqZ2ZuX3Jl bWFpbmRlciA+PiBzaGlmdDsKQEAgLTMyMywxNiArMzI1LDIwIEBAIHN0YXRp YyBpbnQgZXB0X25leHRfbGV2ZWwoc3RydWN0IHAybV9kb20KIAogICAgIGlm ICggIWlzX2VwdGVfcHJlc2VudCgmZSkgKQogICAgIHsKKyAgICAgICAgaW50 IHJjOworCiAgICAgICAgIGlmICggZS5zYV9wMm10ID09IHAybV9wb3B1bGF0 ZV9vbl9kZW1hbmQgKQogICAgICAgICAgICAgcmV0dXJuIEdVRVNUX1RBQkxF X1BPRF9QQUdFOwogCiAgICAgICAgIGlmICggcmVhZF9vbmx5ICkKICAgICAg ICAgICAgIHJldHVybiBHVUVTVF9UQUJMRV9NQVBfRkFJTEVEOwogCi0gICAg ICAgIG5leHQgPSBlcHRfc2V0X21pZGRsZV9lbnRyeShwMm0sIGVwdF9lbnRy eSk7CisgICAgICAgIG5leHQgPSBlcHRfc2V0X21pZGRsZV9lbnRyeShwMm0s ICZlKTsKICAgICAgICAgaWYgKCAhbmV4dCApCiAgICAgICAgICAgICByZXR1 cm4gR1VFU1RfVEFCTEVfTUFQX0ZBSUxFRDsKLSAgICAgICAgLyogZSBpcyBu b3cgc3RhbGUgYW5kIGhlbmNlIG1heSBub3QgYmUgdXNlZCBhbnltb3JlIGJl bG93LiAqLworCisgICAgICAgIHJjID0gYXRvbWljX3dyaXRlX2VwdF9lbnRy eShwMm0sIGVwdF9lbnRyeSwgZSwgbmV4dF9sZXZlbCk7CisgICAgICAgIEFT U0VSVChyYyA9PSAwKTsKICAgICB9CiAgICAgLyogVGhlIG9ubHkgdGltZSBz cCB3b3VsZCBiZSBzZXQgaGVyZSBpcyBpZiB3ZSBoYWQgaGl0IGEgc3VwZXJw YWdlICovCiAgICAgZWxzZSBpZiAoIGlzX2VwdGVfc3VwZXJwYWdlKCZlKSAp Cg== --=separator Content-Type: application/octet-stream; name="xsa328/xsa328-4.13-1.patch" Content-Disposition: attachment; filename="xsa328/xsa328-4.13-1.patch" Content-Transfer-Encoding: base64 RnJvbTogSmFuIEJldWxpY2ggPGpiZXVsaWNoQHN1c2UuY29tPgpTdWJqZWN0 OiB4ODYvRVBUOiBlcHRfc2V0X21pZGRsZV9lbnRyeSgpIHJlbGF0ZWQgYWRq dXN0bWVudHMKCmVwdF9zcGxpdF9zdXBlcl9wYWdlKCkgd2FudHMgdG8gZnVy dGhlciBtb2RpZnkgdGhlIG5ld2x5IGFsbG9jYXRlZAp0YWJsZSwgc28gaGF2 ZSBlcHRfc2V0X21pZGRsZV9lbnRyeSgpIHJldHVybiB0aGUgbWFwcGVkIHBv aW50ZXIgcmF0aGVyCnRoYW4gdGVhcmluZyBpdCBkb3duIGFuZCB0aGVuIGdl dHRpbmcgcmUtZXN0YWJsaXNoZWQgcmlnaHQgYWdhaW4uCgpTaW1pbGFybHkg ZXB0X25leHRfbGV2ZWwoKSB3YW50cyB0byBoYW5kIGJhY2sgYSBtYXBwZWQg cG9pbnRlciBvZgp0aGUgbmV4dCBsZXZlbCBwYWdlLCBzbyByZS11c2UgdGhl IG9uZSBlc3RhYmxpc2hlZCBieQplcHRfc2V0X21pZGRsZV9lbnRyeSgpIGlu IGNhc2UgdGhhdCBwYXRoIHdhcyB0YWtlbi4KClB1bGwgdGhlIHNldHRpbmcg b2Ygc3VwcHJlc3NfdmUgYWhlYWQgb2YgaW5zZXJ0aW9uIGludG8gdGhlIGhp Z2hlciBsZXZlbAp0YWJsZSwgYW5kIGRvbid0IGhhdmUgZXB0X3NwbGl0X3N1 cGVyX3BhZ2UoKSBzZXQgdGhlIGZpZWxkIGEgMm5kIHRpbWUuCgpUaGlzIGlz IHBhcnQgb2YgWFNBLTMyOC4KClNpZ25lZC1vZmYtYnk6IEphbiBCZXVsaWNo IDxqYmV1bGljaEBzdXNlLmNvbT4KCi0tLSBhL3hlbi9hcmNoL3g4Ni9tbS9w Mm0tZXB0LmMKKysrIGIveGVuL2FyY2gveDg2L21tL3AybS1lcHQuYwpAQCAt MTg3LDggKzE4Nyw5IEBAIHN0YXRpYyB2b2lkIGVwdF9wMm1fdHlwZV90b19m bGFncyhzdHJ1Y3QKICNkZWZpbmUgR1VFU1RfVEFCTEVfU1VQRVJfUEFHRSAg MgogI2RlZmluZSBHVUVTVF9UQUJMRV9QT0RfUEFHRSAgICAzCiAKLS8qIEZp bGwgaW4gbWlkZGxlIGxldmVscyBvZiBlcHQgdGFibGUgKi8KLXN0YXRpYyBp bnQgZXB0X3NldF9taWRkbGVfZW50cnkoc3RydWN0IHAybV9kb21haW4gKnAy bSwgZXB0X2VudHJ5X3QgKmVwdF9lbnRyeSkKKy8qIEZpbGwgaW4gbWlkZGxl IGxldmVsIG9mIGVwdCB0YWJsZTsgcmV0dXJuIHBvaW50ZXIgdG8gbWFwcGVk IG5ldyB0YWJsZS4gKi8KK3N0YXRpYyBlcHRfZW50cnlfdCAqZXB0X3NldF9t aWRkbGVfZW50cnkoc3RydWN0IHAybV9kb21haW4gKnAybSwKKyAgICAgICAg ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgZXB0X2VudHJ5X3Qg KmVwdF9lbnRyeSkKIHsKICAgICBtZm5fdCBtZm47CiAgICAgZXB0X2VudHJ5 X3QgKnRhYmxlOwpAQCAtMTk2LDcgKzE5NywxMiBAQCBzdGF0aWMgaW50IGVw dF9zZXRfbWlkZGxlX2VudHJ5KHN0cnVjdCBwCiAKICAgICBtZm4gPSBwMm1f YWxsb2NfcHRwKHAybSwgMCk7CiAgICAgaWYgKCBtZm5fZXEobWZuLCBJTlZB TElEX01GTikgKQotICAgICAgICByZXR1cm4gMDsKKyAgICAgICAgcmV0dXJu IE5VTEw7CisKKyAgICB0YWJsZSA9IG1hcF9kb21haW5fcGFnZShtZm4pOwor CisgICAgZm9yICggaSA9IDA7IGkgPCBFUFRfUEFHRVRBQkxFX0VOVFJJRVM7 IGkrKyApCisgICAgICAgIHRhYmxlW2ldLnN1cHByZXNzX3ZlID0gMTsKIAog ICAgIGVwdF9lbnRyeS0+ZXB0ZSA9IDA7CiAgICAgZXB0X2VudHJ5LT5tZm4g PSBtZm5feChtZm4pOwpAQCAtMjA4LDE0ICsyMTQsNyBAQCBzdGF0aWMgaW50 IGVwdF9zZXRfbWlkZGxlX2VudHJ5KHN0cnVjdCBwCiAKICAgICBlcHRfZW50 cnktPnN1cHByZXNzX3ZlID0gMTsKIAotICAgIHRhYmxlID0gbWFwX2RvbWFp bl9wYWdlKG1mbik7Ci0KLSAgICBmb3IgKCBpID0gMDsgaSA8IEVQVF9QQUdF VEFCTEVfRU5UUklFUzsgaSsrICkKLSAgICAgICAgdGFibGVbaV0uc3VwcHJl c3NfdmUgPSAxOwotCi0gICAgdW5tYXBfZG9tYWluX3BhZ2UodGFibGUpOwot Ci0gICAgcmV0dXJuIDE7CisgICAgcmV0dXJuIHRhYmxlOwogfQogCiAvKiBm cmVlIGVwdCBzdWIgdHJlZSBiZWhpbmQgYW4gZW50cnkgKi8KQEAgLTI1Mywx MCArMjUyLDEwIEBAIHN0YXRpYyBib29sX3QgZXB0X3NwbGl0X3N1cGVyX3Bh Z2Uoc3RydWMKIAogICAgIEFTU0VSVChpc19lcHRlX3N1cGVycGFnZShlcHRf ZW50cnkpKTsKIAotICAgIGlmICggIWVwdF9zZXRfbWlkZGxlX2VudHJ5KHAy bSwgJm5ld19lcHQpICkKKyAgICB0YWJsZSA9IGVwdF9zZXRfbWlkZGxlX2Vu dHJ5KHAybSwgJm5ld19lcHQpOworICAgIGlmICggIXRhYmxlICkKICAgICAg ICAgcmV0dXJuIDA7CiAKLSAgICB0YWJsZSA9IG1hcF9kb21haW5fcGFnZShf bWZuKG5ld19lcHQubWZuKSk7CiAgICAgdHJ1bmsgPSAxVUwgPDwgKChsZXZl bCAtIDEpICogRVBUX1RBQkxFX09SREVSKTsKIAogICAgIGZvciAoIGkgPSAw OyBpIDwgRVBUX1BBR0VUQUJMRV9FTlRSSUVTOyBpKysgKQpAQCAtMjY3LDcg KzI2Niw2IEBAIHN0YXRpYyBib29sX3QgZXB0X3NwbGl0X3N1cGVyX3BhZ2Uo c3RydWMKICAgICAgICAgZXB0ZS0+c3AgPSAobGV2ZWwgPiAxKTsKICAgICAg ICAgZXB0ZS0+bWZuICs9IGkgKiB0cnVuazsKICAgICAgICAgZXB0ZS0+c25w ID0gaXNfaW9tbXVfZW5hYmxlZChwMm0tPmRvbWFpbikgJiYgaW9tbXVfc25v b3A7Ci0gICAgICAgIGVwdGUtPnN1cHByZXNzX3ZlID0gMTsKIAogICAgICAg ICBlcHRfcDJtX3R5cGVfdG9fZmxhZ3MocDJtLCBlcHRlLCBlcHRlLT5zYV9w Mm10LCBlcHRlLT5hY2Nlc3MpOwogCkBAIC0zMDYsOCArMzA0LDcgQEAgc3Rh dGljIGludCBlcHRfbmV4dF9sZXZlbChzdHJ1Y3QgcDJtX2RvbQogICAgICAg ICAgICAgICAgICAgICAgICAgICBlcHRfZW50cnlfdCAqKnRhYmxlLCB1bnNp Z25lZCBsb25nICpnZm5fcmVtYWluZGVyLAogICAgICAgICAgICAgICAgICAg ICAgICAgICBpbnQgbmV4dF9sZXZlbCkKIHsKLSAgICB1bnNpZ25lZCBsb25n IG1mbjsKLSAgICBlcHRfZW50cnlfdCAqZXB0X2VudHJ5LCBlOworICAgIGVw dF9lbnRyeV90ICplcHRfZW50cnksICpuZXh0ID0gTlVMTCwgZTsKICAgICB1 MzIgc2hpZnQsIGluZGV4OwogCiAgICAgc2hpZnQgPSBuZXh0X2xldmVsICog RVBUX1RBQkxFX09SREVSOwpAQCAtMzMyLDE5ICszMjksMTcgQEAgc3RhdGlj IGludCBlcHRfbmV4dF9sZXZlbChzdHJ1Y3QgcDJtX2RvbQogICAgICAgICBp ZiAoIHJlYWRfb25seSApCiAgICAgICAgICAgICByZXR1cm4gR1VFU1RfVEFC TEVfTUFQX0ZBSUxFRDsKIAotICAgICAgICBpZiAoICFlcHRfc2V0X21pZGRs ZV9lbnRyeShwMm0sIGVwdF9lbnRyeSkgKQorICAgICAgICBuZXh0ID0gZXB0 X3NldF9taWRkbGVfZW50cnkocDJtLCBlcHRfZW50cnkpOworICAgICAgICBp ZiAoICFuZXh0ICkKICAgICAgICAgICAgIHJldHVybiBHVUVTVF9UQUJMRV9N QVBfRkFJTEVEOwotICAgICAgICBlbHNlCi0gICAgICAgICAgICBlID0gYXRv bWljX3JlYWRfZXB0X2VudHJ5KGVwdF9lbnRyeSk7IC8qIFJlZnJlc2ggKi8K KyAgICAgICAgLyogZSBpcyBub3cgc3RhbGUgYW5kIGhlbmNlIG1heSBub3Qg YmUgdXNlZCBhbnltb3JlIGJlbG93LiAqLwogICAgIH0KLQogICAgIC8qIFRo ZSBvbmx5IHRpbWUgc3Agd291bGQgYmUgc2V0IGhlcmUgaXMgaWYgd2UgaGFk IGhpdCBhIHN1cGVycGFnZSAqLwotICAgIGlmICggaXNfZXB0ZV9zdXBlcnBh Z2UoJmUpICkKKyAgICBlbHNlIGlmICggaXNfZXB0ZV9zdXBlcnBhZ2UoJmUp ICkKICAgICAgICAgcmV0dXJuIEdVRVNUX1RBQkxFX1NVUEVSX1BBR0U7CiAK LSAgICBtZm4gPSBlLm1mbjsKICAgICB1bm1hcF9kb21haW5fcGFnZSgqdGFi bGUpOwotICAgICp0YWJsZSA9IG1hcF9kb21haW5fcGFnZShfbWZuKG1mbikp OworICAgICp0YWJsZSA9IG5leHQgPzogbWFwX2RvbWFpbl9wYWdlKF9tZm4o ZS5tZm4pKTsKICAgICAqZ2ZuX3JlbWFpbmRlciAmPSAoMVVMIDw8IHNoaWZ0 KSAtIDE7CiAgICAgcmV0dXJuIEdVRVNUX1RBQkxFX05PUk1BTF9QQUdFOwog fQo= --=separator Content-Type: application/octet-stream; name="xsa328/xsa328-4.13-2.patch" Content-Disposition: attachment; filename="xsa328/xsa328-4.13-2.patch" Content-Transfer-Encoding: base64 RnJvbTogPHNlY3VyaXR5QHhlbnByb2plY3Qub3JnPgpTdWJqZWN0OiB4ODYv ZXB0OiBhdG9taWNhbGx5IG1vZGlmeSBlbnRyaWVzIGluIGVwdF9uZXh0X2xl dmVsCgplcHRfbmV4dF9sZXZlbCB3YXMgcGFzc2luZyBhIGxpdmUgUFRFIHBv aW50ZXIgdG8gZXB0X3NldF9taWRkbGVfZW50cnksCndoaWNoIHdhcyB0aGVu IG1vZGlmaWVkIHdpdGhvdXQgdGFraW5nIGludG8gYWNjb3VudCB0aGF0IHRo ZSBQVEUgY291bGQKYmUgcGFydCBvZiBhIGxpdmUgRVBUIHRhYmxlLiBUaGlz IHdhc24ndCBhIHNlY3VyaXR5IGlzc3VlIGJlY2F1c2UgdGhlCnBhZ2VzIHJl dHVybmVkIGJ5IHAybV9hbGxvY19wdHAgYXJlIHplcm9lZCwgc28gYWRkaW5n IHN1Y2ggYW4gZW50cnkKYmVmb3JlIGFjdHVhbGx5IGluaXRpYWxpemluZyBp dCBkaWRuJ3QgYWxsb3cgYSBndWVzdCB0byBhY2Nlc3MKcGh5c2ljYWwgbWVt b3J5IGFkZHJlc3NlcyBpdCB3YXNuJ3Qgc3VwcG9zZWQgdG8gYWNjZXNzLgoK VGhpcyBpcyBwYXJ0IG9mIFhTQS0zMjguCgpSZXZpZXdlZC1ieTogSmFuIEJl dWxpY2ggPGpiZXVsaWNoQHN1c2UuY29tPgoKLS0tIGEveGVuL2FyY2gveDg2 L21tL3AybS1lcHQuYworKysgYi94ZW4vYXJjaC94ODYvbW0vcDJtLWVwdC5j CkBAIC0zMDcsNiArMzA3LDggQEAgc3RhdGljIGludCBlcHRfbmV4dF9sZXZl bChzdHJ1Y3QgcDJtX2RvbQogICAgIGVwdF9lbnRyeV90ICplcHRfZW50cnks ICpuZXh0ID0gTlVMTCwgZTsKICAgICB1MzIgc2hpZnQsIGluZGV4OwogCisg ICAgQVNTRVJUKG5leHRfbGV2ZWwpOworCiAgICAgc2hpZnQgPSBuZXh0X2xl dmVsICogRVBUX1RBQkxFX09SREVSOwogCiAgICAgaW5kZXggPSAqZ2ZuX3Jl bWFpbmRlciA+PiBzaGlmdDsKQEAgLTMyMywxNiArMzI1LDIwIEBAIHN0YXRp YyBpbnQgZXB0X25leHRfbGV2ZWwoc3RydWN0IHAybV9kb20KIAogICAgIGlm ICggIWlzX2VwdGVfcHJlc2VudCgmZSkgKQogICAgIHsKKyAgICAgICAgaW50 IHJjOworCiAgICAgICAgIGlmICggZS5zYV9wMm10ID09IHAybV9wb3B1bGF0 ZV9vbl9kZW1hbmQgKQogICAgICAgICAgICAgcmV0dXJuIEdVRVNUX1RBQkxF X1BPRF9QQUdFOwogCiAgICAgICAgIGlmICggcmVhZF9vbmx5ICkKICAgICAg ICAgICAgIHJldHVybiBHVUVTVF9UQUJMRV9NQVBfRkFJTEVEOwogCi0gICAg ICAgIG5leHQgPSBlcHRfc2V0X21pZGRsZV9lbnRyeShwMm0sIGVwdF9lbnRy eSk7CisgICAgICAgIG5leHQgPSBlcHRfc2V0X21pZGRsZV9lbnRyeShwMm0s ICZlKTsKICAgICAgICAgaWYgKCAhbmV4dCApCiAgICAgICAgICAgICByZXR1 cm4gR1VFU1RfVEFCTEVfTUFQX0ZBSUxFRDsKLSAgICAgICAgLyogZSBpcyBu b3cgc3RhbGUgYW5kIGhlbmNlIG1heSBub3QgYmUgdXNlZCBhbnltb3JlIGJl bG93LiAqLworCisgICAgICAgIHJjID0gYXRvbWljX3dyaXRlX2VwdF9lbnRy eShwMm0sIGVwdF9lbnRyeSwgZSwgbmV4dF9sZXZlbCk7CisgICAgICAgIEFT U0VSVChyYyA9PSAwKTsKICAgICB9CiAgICAgLyogVGhlIG9ubHkgdGltZSBz cCB3b3VsZCBiZSBzZXQgaGVyZSBpcyBpZiB3ZSBoYWQgaGl0IGEgc3VwZXJw YWdlICovCiAgICAgZWxzZSBpZiAoIGlzX2VwdGVfc3VwZXJwYWdlKCZlKSAp Cg== --=separator-- From xen-announce-bounces@lists.xenproject.org Tue Jul 07 12:24:44 2020 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Tue, 07 Jul 2020 12:24:44 +0000 Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1jsmdv-0007Ft-R2; Tue, 07 Jul 2020 12:24:11 +0000 Received: from us1-rack-iad1.inumbo.com ([172.99.69.81]) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1jsmdt-0007DT-WA for xen-announce@lists.xen.org; Tue, 07 Jul 2020 12:24:10 +0000 X-Inumbo-ID: bbb45f0a-c04c-11ea-bca7-bc764e2007e4 Received: from mail.xenproject.org (unknown [104.130.215.37]) by us1-rack-iad1.inumbo.com (Halon) with ESMTPS id bbb45f0a-c04c-11ea-bca7-bc764e2007e4; Tue, 07 Jul 2020 12:23:58 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=xen.org; s=20200302mail; h=Date:Message-Id:Subject:CC:From:To:MIME-Version: Content-Transfer-Encoding:Content-Type:Sender:Reply-To:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:In-Reply-To:References:List-Id:List-Help:List-Unsubscribe: List-Subscribe:List-Post:List-Owner:List-Archive; bh=ZWlDk5b1NVC6EET/cOV6YdvAXsB2RSRQIeRlFabmc9s=; b=GgqsbibzuG1G6WuLD3aoi4YSAp CjXkwfoYWDV6HljfvN+b7aNhE7/UdBrnvT9OiTcCJjg2aPjZ0cCjEm/JQe8l9gr09bgN2gzOmrwrd 3VZSPQu6H1vt2jCQYXA315Wl30kQ0N9n2at3b5UtwEefe7HW4vVYLnsDPmbDVTxw6CIc=; Received: from xenbits.xenproject.org ([104.239.192.120]) by mail.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1jsmde-0002uU-Dd; Tue, 07 Jul 2020 12:23:54 +0000 Received: from iwj by xenbits.xenproject.org with local (Exim 4.92) (envelope-from ) id 1jsmde-00040K-Bc; Tue, 07 Jul 2020 12:23:54 +0000 Content-Type: multipart/mixed; boundary="=separator"; charset="utf-8" Content-Transfer-Encoding: binary MIME-Version: 1.0 X-Mailer: MIME-tools 5.509 (Entity 5.509) To: xen-announce@lists.xen.org, xen-devel@lists.xen.org, xen-users@lists.xen.org, oss-security@lists.openwall.com From: Xen.org security team Subject: Xen Security Advisory 327 v3 (CVE-2020-15564) - Missing alignment check in VCPUOP_register_vcpu_info Message-Id: Date: Tue, 07 Jul 2020 12:23:54 +0000 X-BeenThere: xen-announce@lists.xenproject.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: "Xen announcements \(low volume\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Cc: "Xen.org security team" Errors-To: xen-announce-bounces@lists.xenproject.org Sender: "Xen-announce" --=separator Content-Type: text/plain; charset="utf-8" Content-Disposition: inline Content-Transfer-Encoding: 7bit -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Xen Security Advisory CVE-2020-15564 / XSA-327 version 3 Missing alignment check in VCPUOP_register_vcpu_info UPDATES IN VERSION 3 ==================== Public release. ISSUE DESCRIPTION ================= The hypercall VCPUOP_register_vcpu_info is used by a guest to register a shared region with the hypervisor. The region will be mapped into Xen address space so it can be directly accessed. On Arm, the region is accessed with instructions which require a specific alignment. Unfortunately, there is no check that the address provided by the guest will be correctly aligned. As a result, a malicious guest could cause a hypervisor crash by passing a misaligned address. IMPACT ====== A malicious guest administrator may cause a hypervisor crash, resulting in a Denial of Service (DoS). VULNERABLE SYSTEMS ================== All Xen versions are vulnerable. Only Arm systems are vulnerable. x86 systems are not affected. MITIGATION ========== There is no mitigation. CREDITS ======= This issue was discovered by Julien Grall of Amazon. RESOLUTION ========== Applying the attached patch resolves this issue. Note that patches for released versions are generally prepared to apply to the stable branches, and may not apply cleanly to the most recent release tarball. Downstreams are encouraged to update to the tip of the stable branch before applying these patches. xsa327.patch Xen 4.9 - xen-unstable $ sha256sum xsa327* f046eefcc1368708bd1fafc88e063d3dbc5c4cdb593d68b3b04917c6cdb7bcb5 xsa327.meta 1d057695d5b74ce2857204103e943caeaf773bc4fb9d91ea78016e01a9147ed7 xsa327.patch $ DEPLOYMENT DURING EMBARGO ========================= Deployment of the patch and/or mitigations described above (or others which are substantially similar) is permitted during the embargo, even on public-facing systems with untrusted guest users and administrators. But: Distribution of updated software is prohibited (except to other members of the predisclosure list). Predisclosure list members who wish to deploy significantly different patches and/or mitigations, please contact the Xen Project Security Team. (Note: this during-embargo deployment notice is retained in post-embargo publicly released Xen Project advisories, even though it is then no longer applicable. This is to enable the community to have oversight of the Xen Project Security Team's decisionmaking.) For more information about permissible uses of embargoed information, consult the Xen Project community's agreed Security Policy: http://www.xenproject.org/security-policy.html -----BEGIN PGP SIGNATURE----- iQFABAEBCAAqFiEEI+MiLBRfRHX6gGCng/4UyVfoK9kFAl8EaVAMHHBncEB4ZW4u b3JnAAoJEIP+FMlX6CvZcqIIAKpb992pMq1jFStIGPhk6HsaIhxVEGep67eJHq9d TMaFiyBix125djY0zV8KaznmZmRpM2pNKVsIkGe1XHgtEMcWgMAYARejJLRC4UnW xHhpunI7rJMQc1vL5ZGxAFbVYF6U/PX0rwESwQb2/Rt0eLBTAmH4m25TQiSEnrkM 3C4Dbk3puCbaeB7VGiyccK07hh6qQhEO8s1FhZTNVTaqqcNWZYqy/SbmRYHiT/in 2dK6XOiBgRhHnjsDDoXj5abSMb00KnJ9PkWu8RC2b7+BVZJUii1557T8zpDo9Fyl CJ3YXrekd+gQSFxgwCts00BbLr2NUf3uqEtpY1EEV7UKmvQ= =fPiG -----END PGP SIGNATURE----- --=separator Content-Type: application/octet-stream; name="xsa327.meta" Content-Disposition: attachment; filename="xsa327.meta" Content-Transfer-Encoding: base64 ewogICJYU0EiOiAzMjcsCiAgIlN1cHBvcnRlZFZlcnNpb25zIjogWwogICAg Im1hc3RlciIsCiAgICAiNC4xMyIsCiAgICAiNC4xMiIsCiAgICAiNC4xMSIs CiAgICAiNC4xMCIsCiAgICAiNC45IgogIF0sCiAgIlRyZWVzIjogWwogICAg InhlbiIKICBdLAogICJSZWNpcGVzIjogewogICAgIjQuMTAiOiB7CiAgICAg ICJSZWNpcGVzIjogewogICAgICAgICJ4ZW4iOiB7CiAgICAgICAgICAiU3Rh YmxlUmVmIjogImZkNmU0OWVjYWUwMzg0MDYxMGZkYzZhNDE2YTYzODU5MGMw YjY1MzUiLAogICAgICAgICAgIlByZXJlcXMiOiBbCiAgICAgICAgICAgIDMx NywKICAgICAgICAgICAgMzE5LAogICAgICAgICAgICAzMjgsCiAgICAgICAg ICAgIDMyMQogICAgICAgICAgXSwKICAgICAgICAgICJQYXRjaGVzIjogWwog ICAgICAgICAgICAieHNhMzI3LnBhdGNoIgogICAgICAgICAgXQogICAgICAg IH0KICAgICAgfQogICAgfSwKICAgICI0LjExIjogewogICAgICAiUmVjaXBl cyI6IHsKICAgICAgICAieGVuIjogewogICAgICAgICAgIlN0YWJsZVJlZiI6 ICIyYjc3NzI5ODg4ZmI4NTFhYjk2ZTdmNzdiYzg1NDEyMjYyNmI0ODYxIiwK ICAgICAgICAgICJQcmVyZXFzIjogWwogICAgICAgICAgICAzMTcsCiAgICAg ICAgICAgIDMxOSwKICAgICAgICAgICAgMzI4LAogICAgICAgICAgICAzMjEK ICAgICAgICAgIF0sCiAgICAgICAgICAiUGF0Y2hlcyI6IFsKICAgICAgICAg ICAgInhzYTMyNy5wYXRjaCIKICAgICAgICAgIF0KICAgICAgICB9CiAgICAg IH0KICAgIH0sCiAgICAiNC4xMiI6IHsKICAgICAgIlJlY2lwZXMiOiB7CiAg ICAgICAgInhlbiI6IHsKICAgICAgICAgICJTdGFibGVSZWYiOiAiMDUwZmU0 OGRjOTgxZTA0ODhkZTFmNmM2YzA3ZDgxMTBmM2I3NTIzYiIsCiAgICAgICAg ICAiUHJlcmVxcyI6IFsKICAgICAgICAgICAgMzE3LAogICAgICAgICAgICAz MTksCiAgICAgICAgICAgIDMyOCwKICAgICAgICAgICAgMzIxCiAgICAgICAg ICBdLAogICAgICAgICAgIlBhdGNoZXMiOiBbCiAgICAgICAgICAgICJ4c2Ez MjcucGF0Y2giCiAgICAgICAgICBdCiAgICAgICAgfQogICAgICB9CiAgICB9 LAogICAgIjQuMTMiOiB7CiAgICAgICJSZWNpcGVzIjogewogICAgICAgICJ4 ZW4iOiB7CiAgICAgICAgICAiU3RhYmxlUmVmIjogIjlmN2U4YmFjNGNhMjc5 YjNiZmNjYjVmMzczMGZiMmU1Mzk4Yzk1YWIiLAogICAgICAgICAgIlByZXJl cXMiOiBbCiAgICAgICAgICAgIDMxNywKICAgICAgICAgICAgMzE5LAogICAg ICAgICAgICAzMjgsCiAgICAgICAgICAgIDMyMQogICAgICAgICAgXSwKICAg ICAgICAgICJQYXRjaGVzIjogWwogICAgICAgICAgICAieHNhMzI3LnBhdGNo IgogICAgICAgICAgXQogICAgICAgIH0KICAgICAgfQogICAgfSwKICAgICI0 LjkiOiB7CiAgICAgICJSZWNpcGVzIjogewogICAgICAgICJ4ZW4iOiB7CiAg ICAgICAgICAiU3RhYmxlUmVmIjogIjZlNDc3YzJlYTRkNWMyNmE3YTdiMmY4 NTAxNjZhYTc5ZWRjNTIyNWMiLAogICAgICAgICAgIlByZXJlcXMiOiBbCiAg ICAgICAgICAgIDMxOSwKICAgICAgICAgICAgMzI4LAogICAgICAgICAgICAz MjEKICAgICAgICAgIF0sCiAgICAgICAgICAiUGF0Y2hlcyI6IFsKICAgICAg ICAgICAgInhzYTMyNy5wYXRjaCIKICAgICAgICAgIF0KICAgICAgICB9CiAg ICAgIH0KICAgIH0sCiAgICAibWFzdGVyIjogewogICAgICAiUmVjaXBlcyI6 IHsKICAgICAgICAieGVuIjogewogICAgICAgICAgIlN0YWJsZVJlZiI6ICJl NGQyMjA3MTY1YjM3OWVjMTNjOGI1MTI5MzZmNjM5ODJhZjYyZDEzIiwKICAg ICAgICAgICJQcmVyZXFzIjogWwogICAgICAgICAgICAzMTcsCiAgICAgICAg ICAgIDMxOSwKICAgICAgICAgICAgMzI4LAogICAgICAgICAgICAzMjEKICAg ICAgICAgIF0sCiAgICAgICAgICAiUGF0Y2hlcyI6IFsKICAgICAgICAgICAg InhzYTMyNy5wYXRjaCIKICAgICAgICAgIF0KICAgICAgICB9CiAgICAgIH0K ICAgIH0KICB9Cn0= --=separator Content-Type: application/octet-stream; name="xsa327.patch" Content-Disposition: attachment; filename="xsa327.patch" Content-Transfer-Encoding: base64 RnJvbSAwMzAzMDBlYmJiODZjNDBjMTJkYjAzODcxNDQ3OWQ3NDYxNjdjNzY3 IE1vbiBTZXAgMTcgMDA6MDA6MDAgMjAwMQpGcm9tOiBKdWxpZW4gR3JhbGwg PGpncmFsbEBhbWF6b24uY29tPgpEYXRlOiBUdWUsIDI2IE1heSAyMDIwIDE4 OjMxOjMzICswMTAwClN1YmplY3Q6IFtQQVRDSF0geGVuOiBDaGVjayB0aGUg YWxpZ25tZW50IG9mIHRoZSBvZmZzZXQgcGFzZWQgdmlhCiBWQ1BVT1BfcmVn aXN0ZXJfdmNwdV9pbmZvCgpDdXJyZW50bHkgYSBndWVzdCBpcyBhYmxlIHRv IHJlZ2lzdGVyIGFueSBndWVzdCBwaHlzaWNhbCBhZGRyZXNzIHRvIHVzZQpm b3IgdGhlIHZjcHVfaW5mbyBzdHJ1Y3R1cmUgYXMgbG9uZyBhcyB0aGUgc3Ry dWN0dXJlIGNhbiBmaXRzIGluIHRoZQpyZXN0IG9mIHRoZSBmcmFtZS4KClRo aXMgbWVhbnMgYSBndWVzdCBjYW4gcHJvdmlkZSBhbiBhZGRyZXNzIHRoYXQg aXMgbm90IGFsaWduZWQgdG8gdGhlCm5hdHVyYWwgYWxpZ25tZW50IG9mIHRo ZSBzdHJ1Y3R1cmUuCgpPbiBBcm0gMzItYml0LCB1bmFsaWduZWQgYWNjZXNz IGFyZSBjb21wbGV0ZWx5IGZvcmJpZGRlbiBieSB0aGUKaHlwZXJ2aXNvci4g VGhpcyB3aWxsIHJlc3VsdCB0byBhIGRhdGEgYWJvcnQgd2hpY2ggaXMgZmF0 YWwuCgpPbiBBcm0gNjQtYml0LCB1bmFsaWduZWQgYWNjZXNzIGFyZSBvbmx5 IGZvcmJpZGRlbiB3aGVuIHVzZWQgZm9yIGF0b21pYwphY2Nlc3MuIEFzIHRo ZSBzdHJ1Y3R1cmUgY29udGFpbnMgZmllbGRzIChzdWNoIGFzIGV2dGNobl9w ZW5kaW5nX3NlbGYpCnRoYXQgYXJlIHVwZGF0ZWQgdXNpbmcgYXRvbWljIG9w ZXJhdGlvbnMsIGFueSB1bmFsaWduZWQgYWNjZXNzIHdpbGwgYmUKZmF0YWwg YXMgd2VsbC4KCldoaWxlIHRoZSBtaXNhbGlnbm1lbnQgaXMgb25seSBmYXRh bCBvbiBBcm0sIGEgZ2VuZXJpYyBjaGVjayBpcyBhZGRlZAphcyBhbiB4ODYg Z3Vlc3Qgc2hvdWxkbid0IHNlbnNpYmx5IHBhc3MgYW4gdW5hbGlnbmVkIGFk ZHJlc3MgKHRoaXMKd291bGQgcmVzdWx0IHRvIGEgc3BsaXQgbG9jaykuCgpU aGlzIGlzIFhTQS0zMjcuCgpSZXBvcnRlZC1ieTogSnVsaWVuIEdyYWxsIDxq Z3JhbGxAYW1hem9uLmNvbT4KU2lnbmVkLW9mZi1ieTogSnVsaWVuIEdyYWxs IDxqZ3JhbGxAYW1hem9uLmNvbT4KUmV2aWV3ZWQtYnk6IEFuZHJldyBDb29w ZXIgPGFuZHJldy5jb29wZXIzQGNpdHJpeC5jb20+ClJldmlld2VkLWJ5OiBT dGVmYW5vIFN0YWJlbGxpbmkgPHNzdGFiZWxsaW5pQGtlcm5lbC5vcmc+Ci0t LQogeGVuL2NvbW1vbi9kb21haW4uYyB8IDEwICsrKysrKysrKysKIDEgZmls ZSBjaGFuZ2VkLCAxMCBpbnNlcnRpb25zKCspCgpkaWZmIC0tZ2l0IGEveGVu L2NvbW1vbi9kb21haW4uYyBiL3hlbi9jb21tb24vZG9tYWluLmMKaW5kZXgg N2NjOTUyNjEzOWE2Li5lOWJlMDVmMWQwNWYgMTAwNjQ0Ci0tLSBhL3hlbi9j b21tb24vZG9tYWluLmMKKysrIGIveGVuL2NvbW1vbi9kb21haW4uYwpAQCAt MTIyNywxMCArMTIyNywyMCBAQCBpbnQgbWFwX3ZjcHVfaW5mbyhzdHJ1Y3Qg dmNwdSAqdiwgdW5zaWduZWQgbG9uZyBnZm4sIHVuc2lnbmVkIG9mZnNldCkK ICAgICB2b2lkICptYXBwaW5nOwogICAgIHZjcHVfaW5mb190ICpuZXdfaW5m bzsKICAgICBzdHJ1Y3QgcGFnZV9pbmZvICpwYWdlOworICAgIHVuc2lnbmVk IGludCBhbGlnbjsKIAogICAgIGlmICggb2Zmc2V0ID4gKFBBR0VfU0laRSAt IHNpemVvZih2Y3B1X2luZm9fdCkpICkKICAgICAgICAgcmV0dXJuIC1FSU5W QUw7CiAKKyNpZmRlZiBDT05GSUdfQ09NUEFUCisgICAgaWYgKCBoYXNfMzJi aXRfc2hpbmZvKGQpICkKKyAgICAgICAgYWxpZ24gPSBhbGlnbm9mKG5ld19p bmZvLT5jb21wYXQpOworICAgIGVsc2UKKyNlbmRpZgorICAgICAgICBhbGln biA9IGFsaWdub2YoKm5ld19pbmZvKTsKKyAgICBpZiAoIG9mZnNldCAmIChh bGlnbiAtIDEpICkKKyAgICAgICAgcmV0dXJuIC1FSU5WQUw7CisKICAgICBp ZiAoICFtZm5fZXEodi0+dmNwdV9pbmZvX21mbiwgSU5WQUxJRF9NRk4pICkK ICAgICAgICAgcmV0dXJuIC1FSU5WQUw7CiAKLS0gCjIuMTcuMQoK --=separator-- From xen-announce-bounces@lists.xenproject.org Thu Jul 16 13:20:17 2020 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Thu, 16 Jul 2020 13:20:17 +0000 Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1jw3nF-0004tF-LQ; Thu, 16 Jul 2020 13:19:21 +0000 Received: from us1-rack-iad1.inumbo.com ([172.99.69.81]) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1jw3nD-0004rq-SQ for xen-announce@lists.xen.org; Thu, 16 Jul 2020 13:19:19 +0000 X-Inumbo-ID: eb9fc9f4-c766-11ea-b7bb-bc764e2007e4 Received: from mail.xenproject.org (unknown [104.130.215.37]) by us1-rack-iad1.inumbo.com (Halon) with ESMTPS id eb9fc9f4-c766-11ea-b7bb-bc764e2007e4; Thu, 16 Jul 2020 13:19:04 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=xen.org; s=20200302mail; h=Date:Message-Id:Subject:CC:From:To:MIME-Version: Content-Transfer-Encoding:Content-Type:Sender:Reply-To:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:In-Reply-To:References:List-Id:List-Help:List-Unsubscribe: List-Subscribe:List-Post:List-Owner:List-Archive; bh=3VGZzYg6mn62RtPmWMdMHRbsHJM8t32N5zUX+qK4CUw=; b=G7u8LMu9ALbkKy8HZA3VKFPwtJ ExmVOFeRW3Hkjfbt1HVZrvl2CAeZsfBaiq++awmQq1YLnmRYVn9YPIXoEm46dg9pJ6Ps4DPkdYzwd pHGAM9/5cy/0G36Iv8l0Y5VmPyGTJIxMP3KLqKuPyYsnAunp95ZFEt46TTSt9M8iRZIY=; Received: from xenbits.xenproject.org ([104.239.192.120]) by mail.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1jw3ms-0006Kq-VB; Thu, 16 Jul 2020 13:18:58 +0000 Received: from iwj by xenbits.xenproject.org with local (Exim 4.92) (envelope-from ) id 1jw3ms-0006i6-Se; Thu, 16 Jul 2020 13:18:58 +0000 Content-Type: multipart/mixed; boundary="=separator"; charset="utf-8" Content-Transfer-Encoding: binary MIME-Version: 1.0 X-Mailer: MIME-tools 5.509 (Entity 5.509) To: xen-announce@lists.xen.org, xen-devel@lists.xen.org, xen-users@lists.xen.org, oss-security@lists.openwall.com From: Xen.org security team Subject: Xen Security Advisory 329 v2 - Linux ioperm bitmap context switching issues Message-Id: Date: Thu, 16 Jul 2020 13:18:58 +0000 X-BeenThere: xen-announce@lists.xenproject.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: "Xen announcements \(low volume\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Cc: "Xen.org security team" Errors-To: xen-announce-bounces@lists.xenproject.org Sender: "Xen-announce" --=separator Content-Type: text/plain; charset="utf-8" Content-Disposition: inline Content-Transfer-Encoding: 7bit -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Xen Security Advisory XSA-329 version 2 Linux ioperm bitmap context switching issues UPDATES IN VERSION 2 ==================== Public release. ISSUE DESCRIPTION ================= Linux 5.5 overhauled the internal state handling for the iopl() and ioperm() system calls. Unfortunately, one aspect on context switch wasn't wired up correctly for the Xen PVOps case. IMPACT ====== IO port permissions don't get rescinded when context switching to an unprivileged task. Therefore, all userspace can use the IO ports granted to the most recently scheduled task with IO port permissions. VULNERABLE SYSTEMS ================== Only x86 guests are vulnerable. All versions of Linux from 5.5 are potentially vulnerable. Linux is only vulnerable when running as x86 PV guest. Linux is not vulnerable when running as an x86 HVM/PVH guests. The vulnerability can only be exploited in domains which have been granted access to IO ports by Xen. This is typically only the hardware domain, and guests configured with PCI Passthrough. MITIGATION ========== Running only HVM/PVH guests avoids the vulnerability. CREDITS ======= This issue was discovered by Andy Lutomirski. RESOLUTION ========== Applying the appropriate attached patch resolves this issue. xsa329.patch Linux 5.5 and later $ sha256sum xsa329* cdb5ac9bfd21192b5965e8ec0a1c4fcf12d0a94a962a8158cd27810e6aa362f0 xsa329.patch $ DEPLOYMENT DURING EMBARGO ========================= Deployment of the patches and/or mitigations described above (or others which are substantially similar) is permitted during the embargo, even on public-facing systems with untrusted guest users and administrators. But: Distribution of updated software is prohibited (except to other members of the predisclosure list). Predisclosure list members who wish to deploy significantly different patches and/or mitigations, please contact the Xen Project Security Team. (Note: this during-embargo deployment notice is retained in post-embargo publicly released Xen Project advisories, even though it is then no longer applicable. This is to enable the community to have oversight of the Xen Project Security Team's decisionmaking.) For more information about permissible uses of embargoed information, consult the Xen Project community's agreed Security Policy: http://www.xenproject.org/security-policy.html -----BEGIN PGP SIGNATURE----- iQFABAEBCAAqFiEEI+MiLBRfRHX6gGCng/4UyVfoK9kFAl8QU6EMHHBncEB4ZW4u b3JnAAoJEIP+FMlX6CvZ/sEIAMiCOnz119KTlRU50HTwa4pvIgLphf9htTbPzHXS iEb8yINqMxmep8NRcAzwFREQP+Z4Tue1upt31Vx0RPkFZpUklLuuBSXsV0JA7+UM LSGyWhkzDdnfj6iPUHycGmFzRTzkbB7qfcMj7khCvuYtSNbTUdOgUq04ngZksrSJ UMhfgUNKXawULKvVe7572L/AQTmMXK8eaolb+eWtf1U2pFkZQR8GWoLmiFbKLks2 X2tRUF4U4cHEBzxXRzYrD1ArWLajqK6hQmauwgkCCSowvCHoD1dTv55GlrlEo4od MSB6YOVLl7HJuUw1GmwlKjA8XqStHq1Fi0urvlKCfHfK2Wk= =MP+m -----END PGP SIGNATURE----- --=separator Content-Type: application/octet-stream; name="xsa329.patch" Content-Disposition: attachment; filename="xsa329.patch" Content-Transfer-Encoding: base64 RnJvbTogQW5keSBMdXRvbWlyc2tpIDxsdXRvQGtlcm5lbC5vcmc+ClN1Ympl Y3Q6IHg4Ni9pb3Blcm06IEZpeCBpbyBiaXRtYXAgaW52YWxpZGF0aW9uIG9u IFhlbiBQVgoKdHNzX2ludmFsaWRhdGVfaW9fYml0bWFwKCkgd2Fzbid0IHdp cmVkIHVwIHByb3Blcmx5IHRocm91Z2ggdGhlIHB2b3AKbWFjaGluZXJ5LCBz byB0aGUgVFNTIGFuZCBYZW4ncyBpbyBiaXRtYXAgd291bGQgZ2V0IG91dCBv ZiBzeW5jCndoZW5ldmVyIGRpc2FibGluZyBhIHZhbGlkIGlvIGJpdG1hcC4K CkFkZCBhIG5ldyBwdm9wIGZvciB0c3NfaW52YWxpZGF0ZV9pb19iaXRtYXAo KSB0byBmaXggaXQuCgpUaGlzIGlzIFhTQS0zMjkuCgpGaXhlczogMjJmZTVi MDQzOWRkICgieDg2L2lvcGVybTogTW92ZSBUU1MgYml0bWFwIHVwZGF0ZSB0 byBleGl0IHRvIHVzZXIgd29yayIpClNpZ25lZC1vZmYtYnk6IEFuZHkgTHV0 b21pcnNraSA8bHV0b0BrZXJuZWwub3JnPgpSZXZpZXdlZC1ieTogSnVlcmdl biBHcm9zcyA8amdyb3NzQHN1c2UuY29tPgpSZXZpZXdlZC1ieTogVGhvbWFz IEdsZWl4bmVyIDx0Z2x4QGxpbnV0cm9uaXguZGU+CgpkaWZmIC0tZ2l0IGEv YXJjaC94ODYvaW5jbHVkZS9hc20vaW9fYml0bWFwLmggYi9hcmNoL3g4Ni9p bmNsdWRlL2FzbS9pb19iaXRtYXAuaAppbmRleCBhYzFhOTlmZmJkOGQuLjdm MDgwZjVjN2RlZiAxMDA2NDQKLS0tIGEvYXJjaC94ODYvaW5jbHVkZS9hc20v aW9fYml0bWFwLmgKKysrIGIvYXJjaC94ODYvaW5jbHVkZS9hc20vaW9fYml0 bWFwLmgKQEAgLTE5LDEyICsxOSwyOCBAQCBzdHJ1Y3QgdGFza19zdHJ1Y3Q7 CiB2b2lkIGlvX2JpdG1hcF9zaGFyZShzdHJ1Y3QgdGFza19zdHJ1Y3QgKnRz ayk7CiB2b2lkIGlvX2JpdG1hcF9leGl0KHN0cnVjdCB0YXNrX3N0cnVjdCAq dHNrKTsKIAorc3RhdGljIGlubGluZSB2b2lkIG5hdGl2ZV90c3NfaW52YWxp ZGF0ZV9pb19iaXRtYXAodm9pZCkKK3sKKwkvKgorCSAqIEludmFsaWRhdGUg dGhlIEkvTyBiaXRtYXAgYnkgbW92aW5nIGlvX2JpdG1hcF9iYXNlIG91dHNp ZGUgdGhlCisJICogVFNTIGxpbWl0IHNvIGFueSBzdWJzZXF1ZW50IEkvTyBh Y2Nlc3MgZnJvbSB1c2VyIHNwYWNlIHdpbGwKKwkgKiB0cmlnZ2VyIGEgI0dQ LgorCSAqCisJICogVGhpcyBpcyBjb3JyZWN0IGV2ZW4gd2hlbiBWTUVYSVQg cmV3cml0ZXMgdGhlIFRTUyBsaW1pdAorCSAqIHRvIDB4NjcgYXMgdGhlIG9u bHkgcmVxdWlyZW1lbnQgaXMgdGhhdCB0aGUgYmFzZSBwb2ludHMKKwkgKiBv dXRzaWRlIHRoZSBsaW1pdC4KKwkgKi8KKwl0aGlzX2NwdV93cml0ZShjcHVf dHNzX3J3Lng4Nl90c3MuaW9fYml0bWFwX2Jhc2UsCisJCSAgICAgICBJT19C SVRNQVBfT0ZGU0VUX0lOVkFMSUQpOworfQorCiB2b2lkIG5hdGl2ZV90c3Nf dXBkYXRlX2lvX2JpdG1hcCh2b2lkKTsKIAogI2lmZGVmIENPTkZJR19QQVJB VklSVF9YWEwKICNpbmNsdWRlIDxhc20vcGFyYXZpcnQuaD4KICNlbHNlCiAj ZGVmaW5lIHRzc191cGRhdGVfaW9fYml0bWFwIG5hdGl2ZV90c3NfdXBkYXRl X2lvX2JpdG1hcAorI2RlZmluZSB0c3NfaW52YWxpZGF0ZV9pb19iaXRtYXAg bmF0aXZlX3Rzc19pbnZhbGlkYXRlX2lvX2JpdG1hcAogI2VuZGlmCiAKICNl bHNlCmRpZmYgLS1naXQgYS9hcmNoL3g4Ni9pbmNsdWRlL2FzbS9wYXJhdmly dC5oIGIvYXJjaC94ODYvaW5jbHVkZS9hc20vcGFyYXZpcnQuaAppbmRleCA1 Y2E1ZDI5N2RmNzUuLjNkMmFmZWNkZTUwYyAxMDA2NDQKLS0tIGEvYXJjaC94 ODYvaW5jbHVkZS9hc20vcGFyYXZpcnQuaAorKysgYi9hcmNoL3g4Ni9pbmNs dWRlL2FzbS9wYXJhdmlydC5oCkBAIC0zMDIsNiArMzAyLDExIEBAIHN0YXRp YyBpbmxpbmUgdm9pZCB3cml0ZV9pZHRfZW50cnkoZ2F0ZV9kZXNjICpkdCwg aW50IGVudHJ5LCBjb25zdCBnYXRlX2Rlc2MgKmcpCiB9CiAKICNpZmRlZiBD T05GSUdfWDg2X0lPUExfSU9QRVJNCitzdGF0aWMgaW5saW5lIHZvaWQgdHNz X2ludmFsaWRhdGVfaW9fYml0bWFwKHZvaWQpCit7CisJUFZPUF9WQ0FMTDAo Y3B1LmludmFsaWRhdGVfaW9fYml0bWFwKTsKK30KKwogc3RhdGljIGlubGlu ZSB2b2lkIHRzc191cGRhdGVfaW9fYml0bWFwKHZvaWQpCiB7CiAJUFZPUF9W Q0FMTDAoY3B1LnVwZGF0ZV9pb19iaXRtYXApOwpkaWZmIC0tZ2l0IGEvYXJj aC94ODYvaW5jbHVkZS9hc20vcGFyYXZpcnRfdHlwZXMuaCBiL2FyY2gveDg2 L2luY2x1ZGUvYXNtL3BhcmF2aXJ0X3R5cGVzLmgKaW5kZXggNzMyZjYyZTA0 ZGRiLi44ZGZjYjI1MDhlNmQgMTAwNjQ0Ci0tLSBhL2FyY2gveDg2L2luY2x1 ZGUvYXNtL3BhcmF2aXJ0X3R5cGVzLmgKKysrIGIvYXJjaC94ODYvaW5jbHVk ZS9hc20vcGFyYXZpcnRfdHlwZXMuaApAQCAtMTQxLDYgKzE0MSw3IEBAIHN0 cnVjdCBwdl9jcHVfb3BzIHsKIAl2b2lkICgqbG9hZF9zcDApKHVuc2lnbmVk IGxvbmcgc3AwKTsKIAogI2lmZGVmIENPTkZJR19YODZfSU9QTF9JT1BFUk0K Kwl2b2lkICgqaW52YWxpZGF0ZV9pb19iaXRtYXApKHZvaWQpOwogCXZvaWQg KCp1cGRhdGVfaW9fYml0bWFwKSh2b2lkKTsKICNlbmRpZgogCmRpZmYgLS1n aXQgYS9hcmNoL3g4Ni9rZXJuZWwvcGFyYXZpcnQuYyBiL2FyY2gveDg2L2tl cm5lbC9wYXJhdmlydC5jCmluZGV4IDY3NGE3ZDY2ZDk2MC4uZGUyMTM4YmEz OGU1IDEwMDY0NAotLS0gYS9hcmNoL3g4Ni9rZXJuZWwvcGFyYXZpcnQuYwor KysgYi9hcmNoL3g4Ni9rZXJuZWwvcGFyYXZpcnQuYwpAQCAtMzI0LDcgKzMy NCw4IEBAIHN0cnVjdCBwYXJhdmlydF9wYXRjaF90ZW1wbGF0ZSBwdl9vcHMg PSB7CiAJLmNwdS5zd2FwZ3MJCT0gbmF0aXZlX3N3YXBncywKIAogI2lmZGVm IENPTkZJR19YODZfSU9QTF9JT1BFUk0KLQkuY3B1LnVwZGF0ZV9pb19iaXRt YXAJPSBuYXRpdmVfdHNzX3VwZGF0ZV9pb19iaXRtYXAsCisJLmNwdS5pbnZh bGlkYXRlX2lvX2JpdG1hcAk9IG5hdGl2ZV90c3NfaW52YWxpZGF0ZV9pb19i aXRtYXAsCisJLmNwdS51cGRhdGVfaW9fYml0bWFwCQk9IG5hdGl2ZV90c3Nf dXBkYXRlX2lvX2JpdG1hcCwKICNlbmRpZgogCiAJLmNwdS5zdGFydF9jb250 ZXh0X3N3aXRjaAk9IHBhcmF2aXJ0X25vcCwKZGlmZiAtLWdpdCBhL2FyY2gv eDg2L2tlcm5lbC9wcm9jZXNzLmMgYi9hcmNoL3g4Ni9rZXJuZWwvcHJvY2Vz cy5jCmluZGV4IGYzNjJjZTBkNWFjMC4uZmU2N2RiZDc2ZTUxIDEwMDY0NAot LS0gYS9hcmNoL3g4Ni9rZXJuZWwvcHJvY2Vzcy5jCisrKyBiL2FyY2gveDg2 L2tlcm5lbC9wcm9jZXNzLmMKQEAgLTMyMiwyMCArMzIyLDYgQEAgdm9pZCBh cmNoX3NldHVwX25ld19leGVjKHZvaWQpCiB9CiAKICNpZmRlZiBDT05GSUdf WDg2X0lPUExfSU9QRVJNCi1zdGF0aWMgaW5saW5lIHZvaWQgdHNzX2ludmFs aWRhdGVfaW9fYml0bWFwKHN0cnVjdCB0c3Nfc3RydWN0ICp0c3MpCi17Ci0J LyoKLQkgKiBJbnZhbGlkYXRlIHRoZSBJL08gYml0bWFwIGJ5IG1vdmluZyBp b19iaXRtYXBfYmFzZSBvdXRzaWRlIHRoZQotCSAqIFRTUyBsaW1pdCBzbyBh bnkgc3Vic2VxdWVudCBJL08gYWNjZXNzIGZyb20gdXNlciBzcGFjZSB3aWxs Ci0JICogdHJpZ2dlciBhICNHUC4KLQkgKgotCSAqIFRoaXMgaXMgY29ycmVj dCBldmVuIHdoZW4gVk1FWElUIHJld3JpdGVzIHRoZSBUU1MgbGltaXQKLQkg KiB0byAweDY3IGFzIHRoZSBvbmx5IHJlcXVpcmVtZW50IGlzIHRoYXQgdGhl IGJhc2UgcG9pbnRzCi0JICogb3V0c2lkZSB0aGUgbGltaXQuCi0JICovCi0J dHNzLT54ODZfdHNzLmlvX2JpdG1hcF9iYXNlID0gSU9fQklUTUFQX09GRlNF VF9JTlZBTElEOwotfQotCiBzdGF0aWMgaW5saW5lIHZvaWQgc3dpdGNoX3Rv X2JpdG1hcCh1bnNpZ25lZCBsb25nIHRpZnApCiB7CiAJLyoKQEAgLTM0Niw3 ICszMzIsNyBAQCBzdGF0aWMgaW5saW5lIHZvaWQgc3dpdGNoX3RvX2JpdG1h cCh1bnNpZ25lZCBsb25nIHRpZnApCiAJICogdXNlciBtb2RlLgogCSAqLwog CWlmICh0aWZwICYgX1RJRl9JT19CSVRNQVApCi0JCXRzc19pbnZhbGlkYXRl X2lvX2JpdG1hcCh0aGlzX2NwdV9wdHIoJmNwdV90c3NfcncpKTsKKwkJdHNz X2ludmFsaWRhdGVfaW9fYml0bWFwKCk7CiB9CiAKIHN0YXRpYyB2b2lkIHRz c19jb3B5X2lvX2JpdG1hcChzdHJ1Y3QgdHNzX3N0cnVjdCAqdHNzLCBzdHJ1 Y3QgaW9fYml0bWFwICppb2JtKQpAQCAtMzgwLDcgKzM2Niw3IEBAIHZvaWQg bmF0aXZlX3Rzc191cGRhdGVfaW9fYml0bWFwKHZvaWQpCiAJdTE2ICpiYXNl ID0gJnRzcy0+eDg2X3Rzcy5pb19iaXRtYXBfYmFzZTsKIAogCWlmICghdGVz dF90aHJlYWRfZmxhZyhUSUZfSU9fQklUTUFQKSkgewotCQl0c3NfaW52YWxp ZGF0ZV9pb19iaXRtYXAodHNzKTsKKwkJbmF0aXZlX3Rzc19pbnZhbGlkYXRl X2lvX2JpdG1hcCgpOwogCQlyZXR1cm47CiAJfQogCmRpZmYgLS1naXQgYS9h cmNoL3g4Ni94ZW4vZW5saWdodGVuX3B2LmMgYi9hcmNoL3g4Ni94ZW4vZW5s aWdodGVuX3B2LmMKaW5kZXggYWNjNDlmYTZhMDk3Li5jNDc1YTExYzY2MjAg MTAwNjQ0Ci0tLSBhL2FyY2gveDg2L3hlbi9lbmxpZ2h0ZW5fcHYuYworKysg Yi9hcmNoL3g4Ni94ZW4vZW5saWdodGVuX3B2LmMKQEAgLTg1MCw2ICs4NTAs MTcgQEAgc3RhdGljIHZvaWQgeGVuX2xvYWRfc3AwKHVuc2lnbmVkIGxvbmcg c3AwKQogfQogCiAjaWZkZWYgQ09ORklHX1g4Nl9JT1BMX0lPUEVSTQorc3Rh dGljIHZvaWQgeGVuX2ludmFsaWRhdGVfaW9fYml0bWFwKHZvaWQpCit7CisJ c3RydWN0IHBoeXNkZXZfc2V0X2lvYml0bWFwIGlvYml0bWFwID0geworCQku Yml0bWFwID0gMCwKKwkJLm5yX3BvcnRzID0gMCwKKwl9OworCisJbmF0aXZl X3Rzc19pbnZhbGlkYXRlX2lvX2JpdG1hcCgpOworCUhZUEVSVklTT1JfcGh5 c2Rldl9vcChQSFlTREVWT1Bfc2V0X2lvYml0bWFwLCAmaW9iaXRtYXApOwor fQorCiBzdGF0aWMgdm9pZCB4ZW5fdXBkYXRlX2lvX2JpdG1hcCh2b2lkKQog ewogCXN0cnVjdCBwaHlzZGV2X3NldF9pb2JpdG1hcCBpb2JpdG1hcDsKQEAg LTEwNzksNiArMTA5MCw3IEBAIHN0YXRpYyBjb25zdCBzdHJ1Y3QgcHZfY3B1 X29wcyB4ZW5fY3B1X29wcyBfX2luaXRjb25zdCA9IHsKIAkubG9hZF9zcDAg PSB4ZW5fbG9hZF9zcDAsCiAKICNpZmRlZiBDT05GSUdfWDg2X0lPUExfSU9Q RVJNCisJLmludmFsaWRhdGVfaW9fYml0bWFwID0geGVuX2ludmFsaWRhdGVf aW9fYml0bWFwLAogCS51cGRhdGVfaW9fYml0bWFwID0geGVuX3VwZGF0ZV9p b19iaXRtYXAsCiAjZW5kaWYKIAkuaW9fZGVsYXkgPSB4ZW5faW9fZGVsYXks Cg== --=separator-- From xen-announce-bounces@lists.xenproject.org Tue Jul 21 11:03:19 2020 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Tue, 21 Jul 2020 11:03:19 +0000 Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1jxq2K-0008I7-SG; Tue, 21 Jul 2020 11:02:16 +0000 Received: from us1-rack-iad1.inumbo.com ([172.99.69.81]) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1jxq2J-0008FW-JO for xen-announce@lists.xen.org; Tue, 21 Jul 2020 11:02:15 +0000 X-Inumbo-ID: 99b106f6-cb41-11ea-84fe-bc764e2007e4 Received: from mail.xenproject.org (unknown [104.130.215.37]) by us1-rack-iad1.inumbo.com (Halon) with ESMTPS id 99b106f6-cb41-11ea-84fe-bc764e2007e4; Tue, 21 Jul 2020 11:02:00 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=xen.org; s=20200302mail; h=Date:Message-Id:Subject:CC:From:To:MIME-Version: Content-Transfer-Encoding:Content-Type:Sender:Reply-To:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:In-Reply-To:References:List-Id:List-Help:List-Unsubscribe: List-Subscribe:List-Post:List-Owner:List-Archive; bh=rG/yjzz16rNFLpv3o/8yFDCoEwHYZ2FiTwqh9jkLt3M=; b=rx4xY51uu4vIg1rQZB6PVlYekh n9YU/P4nL7fGhMMR1ssHfAcYdi4ImR26oW44a4SdEtDx/Uhve0Zu73JQ6SZytx4tHeZU3/jydqNR+ BG2aM91+m6URSSbNIOn9Yjfpg7hyKe0mFLZBe/fUUk8vl3L4mowutWmVf1EuI4bMP/50=; Received: from xenbits.xenproject.org ([104.239.192.120]) by mail.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1jxq1y-0003wa-6u; Tue, 21 Jul 2020 11:01:54 +0000 Received: from iwj by xenbits.xenproject.org with local (Exim 4.92) (envelope-from ) id 1jxq1y-0007MA-2r; Tue, 21 Jul 2020 11:01:54 +0000 Content-Type: multipart/mixed; boundary="=separator"; charset="utf-8" Content-Transfer-Encoding: binary MIME-Version: 1.0 X-Mailer: MIME-tools 5.509 (Entity 5.509) To: xen-announce@lists.xen.org, xen-devel@lists.xen.org, xen-users@lists.xen.org, oss-security@lists.openwall.com From: Xen.org security team Subject: Xen Security Advisory 329 v3 (CVE-2020-15852) - Linux ioperm bitmap context switching issues Message-Id: Date: Tue, 21 Jul 2020 11:01:54 +0000 X-BeenThere: xen-announce@lists.xenproject.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: "Xen announcements \(low volume\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Cc: "Xen.org security team" Errors-To: xen-announce-bounces@lists.xenproject.org Sender: "Xen-announce" --=separator Content-Type: text/plain; charset="utf-8" Content-Disposition: inline Content-Transfer-Encoding: 7bit -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Xen Security Advisory CVE-2020-15852 / XSA-329 version 3 Linux ioperm bitmap context switching issues UPDATES IN VERSION 3 ==================== CVE assigned. ISSUE DESCRIPTION ================= Linux 5.5 overhauled the internal state handling for the iopl() and ioperm() system calls. Unfortunately, one aspect on context switch wasn't wired up correctly for the Xen PVOps case. IMPACT ====== IO port permissions don't get rescinded when context switching to an unprivileged task. Therefore, all userspace can use the IO ports granted to the most recently scheduled task with IO port permissions. VULNERABLE SYSTEMS ================== Only x86 guests are vulnerable. All versions of Linux from 5.5 are potentially vulnerable. Linux is only vulnerable when running as x86 PV guest. Linux is not vulnerable when running as an x86 HVM/PVH guests. The vulnerability can only be exploited in domains which have been granted access to IO ports by Xen. This is typically only the hardware domain, and guests configured with PCI Passthrough. MITIGATION ========== Running only HVM/PVH guests avoids the vulnerability. CREDITS ======= This issue was discovered by Andy Lutomirski. RESOLUTION ========== Applying the appropriate attached patch resolves this issue. xsa329.patch Linux 5.5 and later $ sha256sum xsa329* cdb5ac9bfd21192b5965e8ec0a1c4fcf12d0a94a962a8158cd27810e6aa362f0 xsa329.patch $ DEPLOYMENT DURING EMBARGO ========================= Deployment of the patches and/or mitigations described above (or others which are substantially similar) is permitted during the embargo, even on public-facing systems with untrusted guest users and administrators. But: Distribution of updated software is prohibited (except to other members of the predisclosure list). Predisclosure list members who wish to deploy significantly different patches and/or mitigations, please contact the Xen Project Security Team. (Note: this during-embargo deployment notice is retained in post-embargo publicly released Xen Project advisories, even though it is then no longer applicable. This is to enable the community to have oversight of the Xen Project Security Team's decisionmaking.) For more information about permissible uses of embargoed information, consult the Xen Project community's agreed Security Policy: http://www.xenproject.org/security-policy.html -----BEGIN PGP SIGNATURE----- iQFABAEBCAAqFiEEI+MiLBRfRHX6gGCng/4UyVfoK9kFAl8WytoMHHBncEB4ZW4u b3JnAAoJEIP+FMlX6CvZ4wsH/0/2AMv2kb/Q6rfwlNLSrnDbK2b6bb/QUE+0GcHO vrJ7Su53xrt7mllk/P4jYmtXfyUeJzfsahdb5GQVh4GBxOA3YGgS5T4pdpnwNoFi NFZV35qOT0muwpjE/zoefKsESuvqWjd28Vssm4HrllJ4YqcGik9clo6Y5qWMFcFH rlgchZinl5RtqAzMnuOdirWir7Xika6KdkXWi56CjKZBB5ozoqfH5JKi/XbWbwrz ZoFHXwKRuckuQSxUlvdpmI7MZDyggii3OhdvA6fIMDWq58EjSVVatrvDxYsGRL8x 4PXmFPBp+871GjLQuQZ294fZH3DaZLWSrzvmwC8uZJr5uds= =Wdnv -----END PGP SIGNATURE----- --=separator Content-Type: application/octet-stream; name="xsa329.patch" Content-Disposition: attachment; filename="xsa329.patch" Content-Transfer-Encoding: base64 RnJvbTogQW5keSBMdXRvbWlyc2tpIDxsdXRvQGtlcm5lbC5vcmc+ClN1Ympl Y3Q6IHg4Ni9pb3Blcm06IEZpeCBpbyBiaXRtYXAgaW52YWxpZGF0aW9uIG9u IFhlbiBQVgoKdHNzX2ludmFsaWRhdGVfaW9fYml0bWFwKCkgd2Fzbid0IHdp cmVkIHVwIHByb3Blcmx5IHRocm91Z2ggdGhlIHB2b3AKbWFjaGluZXJ5LCBz byB0aGUgVFNTIGFuZCBYZW4ncyBpbyBiaXRtYXAgd291bGQgZ2V0IG91dCBv ZiBzeW5jCndoZW5ldmVyIGRpc2FibGluZyBhIHZhbGlkIGlvIGJpdG1hcC4K CkFkZCBhIG5ldyBwdm9wIGZvciB0c3NfaW52YWxpZGF0ZV9pb19iaXRtYXAo KSB0byBmaXggaXQuCgpUaGlzIGlzIFhTQS0zMjkuCgpGaXhlczogMjJmZTVi MDQzOWRkICgieDg2L2lvcGVybTogTW92ZSBUU1MgYml0bWFwIHVwZGF0ZSB0 byBleGl0IHRvIHVzZXIgd29yayIpClNpZ25lZC1vZmYtYnk6IEFuZHkgTHV0 b21pcnNraSA8bHV0b0BrZXJuZWwub3JnPgpSZXZpZXdlZC1ieTogSnVlcmdl biBHcm9zcyA8amdyb3NzQHN1c2UuY29tPgpSZXZpZXdlZC1ieTogVGhvbWFz IEdsZWl4bmVyIDx0Z2x4QGxpbnV0cm9uaXguZGU+CgpkaWZmIC0tZ2l0IGEv YXJjaC94ODYvaW5jbHVkZS9hc20vaW9fYml0bWFwLmggYi9hcmNoL3g4Ni9p bmNsdWRlL2FzbS9pb19iaXRtYXAuaAppbmRleCBhYzFhOTlmZmJkOGQuLjdm MDgwZjVjN2RlZiAxMDA2NDQKLS0tIGEvYXJjaC94ODYvaW5jbHVkZS9hc20v aW9fYml0bWFwLmgKKysrIGIvYXJjaC94ODYvaW5jbHVkZS9hc20vaW9fYml0 bWFwLmgKQEAgLTE5LDEyICsxOSwyOCBAQCBzdHJ1Y3QgdGFza19zdHJ1Y3Q7 CiB2b2lkIGlvX2JpdG1hcF9zaGFyZShzdHJ1Y3QgdGFza19zdHJ1Y3QgKnRz ayk7CiB2b2lkIGlvX2JpdG1hcF9leGl0KHN0cnVjdCB0YXNrX3N0cnVjdCAq dHNrKTsKIAorc3RhdGljIGlubGluZSB2b2lkIG5hdGl2ZV90c3NfaW52YWxp ZGF0ZV9pb19iaXRtYXAodm9pZCkKK3sKKwkvKgorCSAqIEludmFsaWRhdGUg dGhlIEkvTyBiaXRtYXAgYnkgbW92aW5nIGlvX2JpdG1hcF9iYXNlIG91dHNp ZGUgdGhlCisJICogVFNTIGxpbWl0IHNvIGFueSBzdWJzZXF1ZW50IEkvTyBh Y2Nlc3MgZnJvbSB1c2VyIHNwYWNlIHdpbGwKKwkgKiB0cmlnZ2VyIGEgI0dQ LgorCSAqCisJICogVGhpcyBpcyBjb3JyZWN0IGV2ZW4gd2hlbiBWTUVYSVQg cmV3cml0ZXMgdGhlIFRTUyBsaW1pdAorCSAqIHRvIDB4NjcgYXMgdGhlIG9u bHkgcmVxdWlyZW1lbnQgaXMgdGhhdCB0aGUgYmFzZSBwb2ludHMKKwkgKiBv dXRzaWRlIHRoZSBsaW1pdC4KKwkgKi8KKwl0aGlzX2NwdV93cml0ZShjcHVf dHNzX3J3Lng4Nl90c3MuaW9fYml0bWFwX2Jhc2UsCisJCSAgICAgICBJT19C SVRNQVBfT0ZGU0VUX0lOVkFMSUQpOworfQorCiB2b2lkIG5hdGl2ZV90c3Nf dXBkYXRlX2lvX2JpdG1hcCh2b2lkKTsKIAogI2lmZGVmIENPTkZJR19QQVJB VklSVF9YWEwKICNpbmNsdWRlIDxhc20vcGFyYXZpcnQuaD4KICNlbHNlCiAj ZGVmaW5lIHRzc191cGRhdGVfaW9fYml0bWFwIG5hdGl2ZV90c3NfdXBkYXRl X2lvX2JpdG1hcAorI2RlZmluZSB0c3NfaW52YWxpZGF0ZV9pb19iaXRtYXAg bmF0aXZlX3Rzc19pbnZhbGlkYXRlX2lvX2JpdG1hcAogI2VuZGlmCiAKICNl bHNlCmRpZmYgLS1naXQgYS9hcmNoL3g4Ni9pbmNsdWRlL2FzbS9wYXJhdmly dC5oIGIvYXJjaC94ODYvaW5jbHVkZS9hc20vcGFyYXZpcnQuaAppbmRleCA1 Y2E1ZDI5N2RmNzUuLjNkMmFmZWNkZTUwYyAxMDA2NDQKLS0tIGEvYXJjaC94 ODYvaW5jbHVkZS9hc20vcGFyYXZpcnQuaAorKysgYi9hcmNoL3g4Ni9pbmNs dWRlL2FzbS9wYXJhdmlydC5oCkBAIC0zMDIsNiArMzAyLDExIEBAIHN0YXRp YyBpbmxpbmUgdm9pZCB3cml0ZV9pZHRfZW50cnkoZ2F0ZV9kZXNjICpkdCwg aW50IGVudHJ5LCBjb25zdCBnYXRlX2Rlc2MgKmcpCiB9CiAKICNpZmRlZiBD T05GSUdfWDg2X0lPUExfSU9QRVJNCitzdGF0aWMgaW5saW5lIHZvaWQgdHNz X2ludmFsaWRhdGVfaW9fYml0bWFwKHZvaWQpCit7CisJUFZPUF9WQ0FMTDAo Y3B1LmludmFsaWRhdGVfaW9fYml0bWFwKTsKK30KKwogc3RhdGljIGlubGlu ZSB2b2lkIHRzc191cGRhdGVfaW9fYml0bWFwKHZvaWQpCiB7CiAJUFZPUF9W Q0FMTDAoY3B1LnVwZGF0ZV9pb19iaXRtYXApOwpkaWZmIC0tZ2l0IGEvYXJj aC94ODYvaW5jbHVkZS9hc20vcGFyYXZpcnRfdHlwZXMuaCBiL2FyY2gveDg2 L2luY2x1ZGUvYXNtL3BhcmF2aXJ0X3R5cGVzLmgKaW5kZXggNzMyZjYyZTA0 ZGRiLi44ZGZjYjI1MDhlNmQgMTAwNjQ0Ci0tLSBhL2FyY2gveDg2L2luY2x1 ZGUvYXNtL3BhcmF2aXJ0X3R5cGVzLmgKKysrIGIvYXJjaC94ODYvaW5jbHVk ZS9hc20vcGFyYXZpcnRfdHlwZXMuaApAQCAtMTQxLDYgKzE0MSw3IEBAIHN0 cnVjdCBwdl9jcHVfb3BzIHsKIAl2b2lkICgqbG9hZF9zcDApKHVuc2lnbmVk IGxvbmcgc3AwKTsKIAogI2lmZGVmIENPTkZJR19YODZfSU9QTF9JT1BFUk0K Kwl2b2lkICgqaW52YWxpZGF0ZV9pb19iaXRtYXApKHZvaWQpOwogCXZvaWQg KCp1cGRhdGVfaW9fYml0bWFwKSh2b2lkKTsKICNlbmRpZgogCmRpZmYgLS1n aXQgYS9hcmNoL3g4Ni9rZXJuZWwvcGFyYXZpcnQuYyBiL2FyY2gveDg2L2tl cm5lbC9wYXJhdmlydC5jCmluZGV4IDY3NGE3ZDY2ZDk2MC4uZGUyMTM4YmEz OGU1IDEwMDY0NAotLS0gYS9hcmNoL3g4Ni9rZXJuZWwvcGFyYXZpcnQuYwor KysgYi9hcmNoL3g4Ni9rZXJuZWwvcGFyYXZpcnQuYwpAQCAtMzI0LDcgKzMy NCw4IEBAIHN0cnVjdCBwYXJhdmlydF9wYXRjaF90ZW1wbGF0ZSBwdl9vcHMg PSB7CiAJLmNwdS5zd2FwZ3MJCT0gbmF0aXZlX3N3YXBncywKIAogI2lmZGVm IENPTkZJR19YODZfSU9QTF9JT1BFUk0KLQkuY3B1LnVwZGF0ZV9pb19iaXRt YXAJPSBuYXRpdmVfdHNzX3VwZGF0ZV9pb19iaXRtYXAsCisJLmNwdS5pbnZh bGlkYXRlX2lvX2JpdG1hcAk9IG5hdGl2ZV90c3NfaW52YWxpZGF0ZV9pb19i aXRtYXAsCisJLmNwdS51cGRhdGVfaW9fYml0bWFwCQk9IG5hdGl2ZV90c3Nf dXBkYXRlX2lvX2JpdG1hcCwKICNlbmRpZgogCiAJLmNwdS5zdGFydF9jb250 ZXh0X3N3aXRjaAk9IHBhcmF2aXJ0X25vcCwKZGlmZiAtLWdpdCBhL2FyY2gv eDg2L2tlcm5lbC9wcm9jZXNzLmMgYi9hcmNoL3g4Ni9rZXJuZWwvcHJvY2Vz cy5jCmluZGV4IGYzNjJjZTBkNWFjMC4uZmU2N2RiZDc2ZTUxIDEwMDY0NAot LS0gYS9hcmNoL3g4Ni9rZXJuZWwvcHJvY2Vzcy5jCisrKyBiL2FyY2gveDg2 L2tlcm5lbC9wcm9jZXNzLmMKQEAgLTMyMiwyMCArMzIyLDYgQEAgdm9pZCBh cmNoX3NldHVwX25ld19leGVjKHZvaWQpCiB9CiAKICNpZmRlZiBDT05GSUdf WDg2X0lPUExfSU9QRVJNCi1zdGF0aWMgaW5saW5lIHZvaWQgdHNzX2ludmFs aWRhdGVfaW9fYml0bWFwKHN0cnVjdCB0c3Nfc3RydWN0ICp0c3MpCi17Ci0J LyoKLQkgKiBJbnZhbGlkYXRlIHRoZSBJL08gYml0bWFwIGJ5IG1vdmluZyBp b19iaXRtYXBfYmFzZSBvdXRzaWRlIHRoZQotCSAqIFRTUyBsaW1pdCBzbyBh bnkgc3Vic2VxdWVudCBJL08gYWNjZXNzIGZyb20gdXNlciBzcGFjZSB3aWxs Ci0JICogdHJpZ2dlciBhICNHUC4KLQkgKgotCSAqIFRoaXMgaXMgY29ycmVj dCBldmVuIHdoZW4gVk1FWElUIHJld3JpdGVzIHRoZSBUU1MgbGltaXQKLQkg KiB0byAweDY3IGFzIHRoZSBvbmx5IHJlcXVpcmVtZW50IGlzIHRoYXQgdGhl IGJhc2UgcG9pbnRzCi0JICogb3V0c2lkZSB0aGUgbGltaXQuCi0JICovCi0J dHNzLT54ODZfdHNzLmlvX2JpdG1hcF9iYXNlID0gSU9fQklUTUFQX09GRlNF VF9JTlZBTElEOwotfQotCiBzdGF0aWMgaW5saW5lIHZvaWQgc3dpdGNoX3Rv X2JpdG1hcCh1bnNpZ25lZCBsb25nIHRpZnApCiB7CiAJLyoKQEAgLTM0Niw3 ICszMzIsNyBAQCBzdGF0aWMgaW5saW5lIHZvaWQgc3dpdGNoX3RvX2JpdG1h cCh1bnNpZ25lZCBsb25nIHRpZnApCiAJICogdXNlciBtb2RlLgogCSAqLwog CWlmICh0aWZwICYgX1RJRl9JT19CSVRNQVApCi0JCXRzc19pbnZhbGlkYXRl X2lvX2JpdG1hcCh0aGlzX2NwdV9wdHIoJmNwdV90c3NfcncpKTsKKwkJdHNz X2ludmFsaWRhdGVfaW9fYml0bWFwKCk7CiB9CiAKIHN0YXRpYyB2b2lkIHRz c19jb3B5X2lvX2JpdG1hcChzdHJ1Y3QgdHNzX3N0cnVjdCAqdHNzLCBzdHJ1 Y3QgaW9fYml0bWFwICppb2JtKQpAQCAtMzgwLDcgKzM2Niw3IEBAIHZvaWQg bmF0aXZlX3Rzc191cGRhdGVfaW9fYml0bWFwKHZvaWQpCiAJdTE2ICpiYXNl ID0gJnRzcy0+eDg2X3Rzcy5pb19iaXRtYXBfYmFzZTsKIAogCWlmICghdGVz dF90aHJlYWRfZmxhZyhUSUZfSU9fQklUTUFQKSkgewotCQl0c3NfaW52YWxp ZGF0ZV9pb19iaXRtYXAodHNzKTsKKwkJbmF0aXZlX3Rzc19pbnZhbGlkYXRl X2lvX2JpdG1hcCgpOwogCQlyZXR1cm47CiAJfQogCmRpZmYgLS1naXQgYS9h cmNoL3g4Ni94ZW4vZW5saWdodGVuX3B2LmMgYi9hcmNoL3g4Ni94ZW4vZW5s aWdodGVuX3B2LmMKaW5kZXggYWNjNDlmYTZhMDk3Li5jNDc1YTExYzY2MjAg MTAwNjQ0Ci0tLSBhL2FyY2gveDg2L3hlbi9lbmxpZ2h0ZW5fcHYuYworKysg Yi9hcmNoL3g4Ni94ZW4vZW5saWdodGVuX3B2LmMKQEAgLTg1MCw2ICs4NTAs MTcgQEAgc3RhdGljIHZvaWQgeGVuX2xvYWRfc3AwKHVuc2lnbmVkIGxvbmcg c3AwKQogfQogCiAjaWZkZWYgQ09ORklHX1g4Nl9JT1BMX0lPUEVSTQorc3Rh dGljIHZvaWQgeGVuX2ludmFsaWRhdGVfaW9fYml0bWFwKHZvaWQpCit7CisJ c3RydWN0IHBoeXNkZXZfc2V0X2lvYml0bWFwIGlvYml0bWFwID0geworCQku Yml0bWFwID0gMCwKKwkJLm5yX3BvcnRzID0gMCwKKwl9OworCisJbmF0aXZl X3Rzc19pbnZhbGlkYXRlX2lvX2JpdG1hcCgpOworCUhZUEVSVklTT1JfcGh5 c2Rldl9vcChQSFlTREVWT1Bfc2V0X2lvYml0bWFwLCAmaW9iaXRtYXApOwor fQorCiBzdGF0aWMgdm9pZCB4ZW5fdXBkYXRlX2lvX2JpdG1hcCh2b2lkKQog ewogCXN0cnVjdCBwaHlzZGV2X3NldF9pb2JpdG1hcCBpb2JpdG1hcDsKQEAg LTEwNzksNiArMTA5MCw3IEBAIHN0YXRpYyBjb25zdCBzdHJ1Y3QgcHZfY3B1 X29wcyB4ZW5fY3B1X29wcyBfX2luaXRjb25zdCA9IHsKIAkubG9hZF9zcDAg PSB4ZW5fbG9hZF9zcDAsCiAKICNpZmRlZiBDT05GSUdfWDg2X0lPUExfSU9Q RVJNCisJLmludmFsaWRhdGVfaW9fYml0bWFwID0geGVuX2ludmFsaWRhdGVf aW9fYml0bWFwLAogCS51cGRhdGVfaW9fYml0bWFwID0geGVuX3VwZGF0ZV9p b19iaXRtYXAsCiAjZW5kaWYKIAkuaW9fZGVsYXkgPSB4ZW5faW9fZGVsYXks Cg== --=separator-- From xen-announce-bounces@lists.xenproject.org Thu Jul 23 11:16:02 2020 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Thu, 23 Jul 2020 11:16:02 +0000 Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1jyZBc-0003CZ-T5; Thu, 23 Jul 2020 11:14:52 +0000 Received: from us1-rack-iad1.inumbo.com ([172.99.69.81]) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1jyAIj-0001K0-8O for xen-announce@lists.xenproject.org; Wed, 22 Jul 2020 08:40:33 +0000 X-Inumbo-ID: fda90306-cbf6-11ea-8620-bc764e2007e4 Received: from mx2.suse.de (unknown [195.135.220.15]) by us1-rack-iad1.inumbo.com (Halon) with ESMTPS id fda90306-cbf6-11ea-8620-bc764e2007e4; Wed, 22 Jul 2020 08:40:27 +0000 (UTC) X-Virus-Scanned: by amavisd-new at test-mx.suse.de Received: from relay2.suse.de (unknown [195.135.221.27]) by mx2.suse.de (Postfix) with ESMTP id 9AB2CAD4A; Wed, 22 Jul 2020 08:40:33 +0000 (UTC) From: Jan Beulich Subject: Xen 4.11.4 released To: xen-announce@lists.xenproject.org Message-ID: Date: Wed, 22 Jul 2020 10:40:27 +0200 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:68.0) Gecko/20100101 Thunderbird/68.10.0 MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Language: en-US Content-Transfer-Encoding: 7bit X-Mailman-Approved-At: Thu, 23 Jul 2020 11:14:52 +0000 X-BeenThere: xen-announce@lists.xenproject.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: "Xen announcements \(low volume\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Cc: "xen-devel@lists.xenproject.org" Errors-To: xen-announce-bounces@lists.xenproject.org Sender: "Xen-announce" All, better late than never, I am pleased to announce the release of Xen 4.11.4. This has been available immediately from its git repository http://xenbits.xen.org/gitweb/?p=xen.git;a=shortlog;h=refs/heads/stable-4.11 (tag RELEASE-4.11.4) or from the XenProject download page https://xenproject.org/downloads/xen-project-archives/xen-project-4-11-series/xen-project-4-11-4/ (where a list of changes can also be found). We recommend all users of the 4.11 stable series to update to this last point release to be made by the XenProject team from this stable branch. Apologies for the much delayed announcement. Regards, Jan