From 315f3d5df18408ba6cae841163ef47e83c320ac4 Mon Sep 17 00:00:00 2001
From: Jordan Whited <jordan@tailscale.com>
Date: Mon, 17 Jun 2024 14:06:53 -0700
Subject: [PATCH] derp/xdp: fix handling of zero value UDP checksums (#12510)

validate_udp_checksum was previously indeterminate (not zero) at
declaration, and IPv4 zero value UDP checksum packets were being passed
to the kernel.

Updates tailscale/corp#20689

Signed-off-by: Jordan Whited <jordan@tailscale.com>
---
 derp/xdp/bpf_bpfeb.o       | Bin 23640 -> 24120 bytes
 derp/xdp/bpf_bpfel.o       | Bin 23808 -> 24288 bytes
 derp/xdp/xdp.c             |   2 +-
 derp/xdp/xdp_linux_test.go |  48 +++++++++++++++++++++++++++++++++++++
 4 files changed, 49 insertions(+), 1 deletion(-)

diff --git a/derp/xdp/bpf_bpfeb.o b/derp/xdp/bpf_bpfeb.o
index 15a96f5ba38fea9ccb755ea799b4e9f10ee5333b..06ff73fc1ff72d33b990dac3db5f64ef6255d183 100644
GIT binary patch
literal 24120
zcmchfe{5XYb>Hs{f6Q=2i6e@XXjkn%Y31FKR@9Dutd^Vg%0o$1L|ZG)iqx*w8)arh
zj>NGja>N;~sLD<zNE|4?5IWev3ScDTWK+wi+pzh=RNGBCD4akEjDkghL_pnUTG+6F
zI0ch+QT?$s`#tBLJ9FoV)Vht)hn>0abI!Tv-h1xP_lDY^A3Ad?91fZK6*B(|_nx4x
z!OdqMF(u`Dvk5J~&i7_1!D(p8>daD%IehD@Yb$h@{e)@dbdKd_`O7wqEO5GI$)Z`x
z*qf!Yq}EReejbqI*6**~r?mgKLboZs{+!v&=?>FL=@n}q9qA@Ab$`7v^M*0M{9o$j
zlv!<-0!~Bl%l^;DLSHZ@YQ!$I{G7FmSi9XD)$8WRZN1>9N;&#>g-Vn<Ki5A-1TJ&3
zUb)lIjMeRTm>p#K1p7&-w>ta$4%0*SZ*u!Twf2O3S+c9^ZM<B4%<{{mg+9qi&vK4a
zvy`&w7j3e08PTMx-rotvP#^rQt?@m7EeG~Kz00O=a<aB|!^&e_HZ{xAUpH)hVqMMs
z*W%h~+qbs1PQRU^l3hPM?c$x`0_**df6j0T=%+=})Z-AaU40zf+-LO{yF;&#W|@1#
zn24?4z9;0f<Fh+-gz}+Z;*?5#Y5ejybM09wkk*9G$IJn`5jJhc>}R&+)#s5Kk4ME%
zxLzM?U!N~79^Sa*o^a#Q#?y2?<|m-iO+6l%7as?=Uzc(AW7yMp+^XVs?4$A_?k;{j
zpI!YSufm^s+KmeWW5RkIpnuuI#Z}@GzIE5GLoQC}S9Wl#V*B~lAFkaafzyxQUHg!D
zc^`eF-vb(5Yai11_Ai+ap{0zK_8RlIbhlBx^M~v@=<F|UGv6nB;nuwPckRvZHeu3V
z+-3edrB@2{ZGsz;_7+T$1UElt<FouMk*zP1FzUhM4eQ@ekv#t~yH4bX?RwcYNK%$_
z$z2EQyq)E5nJtud$vThx9N&D0d5YyWjHU|%midTHVYi3wP|i-4H_8cE{+8)ux%ll$
z5TTqgn<D>ix<h^%ccxy?4)ae~{xK}lB<ETq?IA*n4&Zc~P4h1sj!2jA^_NY%uU|fD
z?QVWr#@!yfKFEGnpSR1WtX<a$@hkOo<wXLPhp*Un1UDr8M1uOe?O#QbtZ!XD#HqRY
zSzF$#V{1PoiK|DK=$D_dcH%eW)sNQ`g!>a@k(GX2miE`zPigO)NwQj7bMeW(Y}>ai
z?a+Fucg%}d2YGPp>gm;od*CM=uRr|>#*63Ab&03jSNa0APszAXOZ;6N+<xQc#j?az
z$9XA3Q8Hm?kM(>?_M<8(WZ&2+cBZk;nJc9C<~xsTXLmj@<4}j3KD*n_TTh?f)&1Ua
z=kMuV<PGP5fWEOG{*+x8@`vqwb@?tHG8f3g`IT`NI6d;&b@&-GN_HX-dH#4Fo==z&
zsH6F<WMvH6{hBf5-B@?3#M18gV}7@p)1()9+jXAp$RC&?h)b?skaLS5KMr};lXDKp
zKLvT-lXFi){z=HEJUOpNkiQK1v?u3z1Uan)GoJieFxBTUk_k`FCql?+hUb<7d>hk)
zxbQlQc<_oS@~F&<0Q03vhF4G6_0Y;gAu#v%)#G+ulYD&}`0I4>zk0~_XT+{EM^Hao
zeqhUAmhtTNA-A5m@d5cgs?Qhc%b3CQnBsKf<k?@4^SbzP<6io6OMjo?b-|U}8<;bc
z-<2cd>1co4`f=-x%<E(Qr)@pkj5$mBmUtC0E$*DZR3<6*cPlsUIbtcpaylRJ^MvT@
z=Of|z`A6bke=fng%k94Tl->8UvR`E9tiR$vTl;`YDBfNBdrFrV=o?&F`#VnGTU({{
z)*r0ZD1G`meLr?iSl#HHu*|zK=0$>L=UNTLb31NIJ0-rMTRe*37k2CUm-rZ6&Qj9a
zOTUI)d(f{uK8jzp?J9m<+H+Uh^EKNZb>8`ZZb#P+TaS-w$4Av4{j@@!e%rd!<7;<+
z-1g`4pfy+?wP_^9>AvNUiTqug_Fq{0W4c?W)dZJ}$DRGB*ZzoD$pgs0L2}Grj$d!m
zo?DdN5!ii=>?Ho-t9wj9oR@OGmL%HM4LPq{*+Dz+Nlxqc_#S&+${x4-bM|$+&i~O6
z<ueBQIHl0{aQeEn^Yr^kF6Aed!$fGGP5R)E^R*f4SJgj``u`@GO8(GC)nDxPEFsQR
z|7Bhc>g9DVU$O;vP1rP>v}wJ*BENpZu47lMK6-uBY$D4MY4_Fl?D+_GyiR&{T%xl>
zzIMuY#rAvjdW&uPh-D{_jf{~M;`xVm+`}(Ns(8fu2e*(O%>KcAf!RNpXC|0K3+DL?
z=JPNZA?Eztj_jvxIm=S+4XI!8MO&_t_d)K;<9ggkGREMa%guk<#skddh&~Fo>xk?_
zy$N%Ua%K<OapKOU7<W7lMvkywTE`xWosDmT<pJzE>CUsO5yM{}rQ_Rdyuf_E2eUmm
z5PghN@E&0<7yDODnDfawD?ons3q98d%=tWhK>6_e#Qo*w6~-y^)n`bH`THfC%6p}F
z|D82%sqCxCVz=$L<+!zbdaq5dcH8*5_aCyaM*9cWcwXfX+V(DURB^uIe#E(2)*I-#
z{vO-sqlVr-$26GZ<=NZkB+<*hWv*_s?*&jlTaR7xJSO$X@3QBHt_E}5Jr1aa9(OC=
zt(g1Cv*&*Bc)POabCT0v-zv{nuai}MJvoBGYTu*WwDRl@S?6A|<7T{QdHlNNe7E%T
zA#0ERwf(%y@-jyo`>*UXSFc;W?ElH)b=zM{8Oi^SoPRkws8=9<Ub3mIXFar@(e*`}
z?4<qaC;2|>YwT}r4fW;m5h-v%JNxH<^w)H^JZuY=@!L~xr`yM*{ci?jx3-o&V&moZ
zJy~C3u0P&PSUWe)uAZ{b(^m)Wc+K|MxGyWeF8>YG7gx+Z|6lL1>!M?cTiorl?m4r+
z??-=18D0FPUm9_LnY8~O;`}8$9;N&?b-rvBIh{LKs6K7xNB^4Af9Ul$zZW7GGD=%Z
zIOgHg{fLA-kPYuMA+~}NX+Sz&^y$W$(V9-?ZO#t&0Y1(L?@8<Ap?uDU*Y$O5*d+|f
zHo%8Qm=wcn3hggReCT<H<YjzlHqyRV#pf8m7&1H_IG?nO*R^%ZBY&<=oOK-=uB-Ur
zk@uKQIKqBZy?L*NdwM4I>rKB6l<}c@)ALOgpJA!@R^0pb?g766zZ6sIw~P4n;zQRZ
zeCR&F=c?Q%k<Q6|2I&{&zKrx;xvwDo18$Ttv~GT#3v9%ke!L(NHTj$PY{Tc@Ab=#}
zl}%!Sy`$?_P&cvdT7do^;e)H|cf>#Tk1jjvtUtuB>t9M+>wPQ!o`&vyi6N4%KZm1$
zyy2eaL4Xh3cKs*0CtrUh_lQkbP0HMb`|nYua8W{eK9Dl0FIXjI?!ht=L2ywXePR?3
zT(N$9!7et46sEEBNYU-FN%8ZH)z`-k#$)W~;D^p<<mdO0;)?w{e3763jFkNRZ=~?E
z^&caJ-Bx<?!r0hK{*iqv<|B>et#o2Qy|;c-%6k^<*Lxpy{}mZ%+>@UVkmBm5@dUeW
z@{97i-$sh^x^E$cUH9)GMS0zSf)v@i|D*V)69?t{TR5PxN*C3UE(+^zzO(nA@b2T@
z{qv3c?!Sj0l+PFMDYy&p;eDR(^V21hP7j_tH~3b1bojGF>9My`L+Lc$vJ`UWYVKyb
znE$6a^G<eZE@yAAW#`km>C$XIS2W`@)0gvC($}&D+|Esxa<fH-`H4dM+Ju?Nma_bX
z43^T@auDUGugvC(#dQ91etIG|Z)WGy*XMF5z+$dhn@-OiK4j*mi}@?lxru-(JYJeN
zR7PQT=1ThV-1In+Iq<@P7mywpM**dvNgpqkX6MGO@Y+PM4-WPQw@k-7GkFlzld2fJ
z8pN$+Z+vQI`pRCI^&fNESA6q;t_{s$n!g;x>&|ke$>90m;NIX^;Jk71WCUIRu}Nx5
zX(o8})!<U$a(c2fGhK`ijh#-X(!;5}Y}@QHUs%^68|4fA$MTa?!LC<>7lY4#-gI<y
zkcdkdpJDlMDs^sTY$SdDWJ)aJWO8{ndnG+{`Eu~ASB>FR`n6NR=L4i8r%sIyjiEkp
zov^jy-U-Hw>AC64GgA}jAlroT;@q|LME>&Scw&Em|6DBch5Z2yshP|1efh#(==LI7
zFs5iyrr_AI;Na1{Xr9GqgT(x0Tzg*$UU(tE=*wS&5f4ac4nmW&`Jab_M*elJ$&cxn
z&6Vb6r-Pq^F^cApjTgNpQLj)hOqXURiyW8IOesB;o91@A4h;IeHZ^)^ZUS)}pUjP4
zRUTac;PB{^`tE4|v3D?!@-x%q;3&E$K#u-n)4BQ5<isoqz20jS?AI9Ph3w6#ne4=q
zs*S30cIiSpmoeqh6A9`QJ7w$~$CQzd#bi%U&CFb#E2MK%xoh!f8;ijHzyZ8aw^Af`
zjdLN*LFFhtA)>Bo>*Siq6-(R^<CvPoQo1lR3%+Fw!?4JsgK}v&NYiL)#3zsSrtl61
z7EC(|#oXM)On@Q7u`OmNCT0)hr;n!R4$K`*6CFJIcK#xo(6A(zs4`@pkh4$xIN2NX
z+V4(^(&d@iAWlnGo+FRslQhnGxqStMS{}01F6J=5fcq}ZT}DQVjvH2x(5MPN`D*hL
zV>?$`ff)kE?4rrejc#h8D0#@UR_5Y*M&yCpy`GXiuy#EUek2;pk{d6sLGjt#^>yb7
zwHmtqW3)xlbZGb+9Xo$EeSG-r$>Fm<ojy18`uU+zTCHx`P`Md0WwT$)Uddx@!U1P{
zZSbduPp~bAD9Dyd*v-)4v@pfTC$qD`zP)bp@1@!Agly@m?+Pi}LXiJTX_8B+JFHiz
z-qd1t!<IJu6|?=vJa+@MGBj(aX}r7k433SROOL);FN}&$Q~goYfZm9BC|$uSSG@7|
z=Pr_u8`){0x(9y-QDsn^tO<6%;xKZt7e>ydUmHxNhEApjPo6wSv1#<!6FO`(HF9=z
z$PXp$;@OGM&0(UKviYevcI5qmCrDqqX*<~U4E5F%_izruhDN9<y8q~r;L^=ft_Wv!
zzx{k$*YA@9k3?XdRk3j%!n)YBAljo6$F=STvl@#R2a0#6?05-V0Jv$E$LD8eH`qN$
z(|>GkdalTOaAH1@;5|?z)E+pqR<vfK;=BqMXXa+dbHUH*X~gp(eF{C98aX$XMwe2*
zhyz;i-cDSEkB!#P!-q)U@H!RuW*Is1J>@^b6ZAhD*by|JpLjdpe~^~u$0D=tB%*SD
zthit)`Ui!j{}@GuLn4do6Plk+Uz*ELmGaX#5nmfG+@xb*x^xYPBRLP+ZrLBuA#m`_
z&{+!pdYS0#=xik`?T|lSMr&Cw+Aqs(|FkJ`yYdC9UsI2BAJEyvZWb~a+^&E_CscM9
zAQfdt4u8<e5Tt6@=H(6^4X78SD9_gABwJL%8F3Z7ZP1>s9zSW@%1q8+3(sH6lZWBd
z$)QtYV`s>NUGcpm6ZGE1uP-QQ5sxu0m0H)Fg;ry`6nb)=HU3T=N2`M8*Qp}6)*c=0
z3CzaIZb1#-Fym95t%M)^#*R!wC3pCcM4daWvElR6z+?R)L6D>F`T@vO2Xgj?S)*d^
zlw7wdO{qB3p`odPICuYFJ}!(GZ9qLw{HQ?>AL+|e`2wCA*uwUy1Z(}~K#98geFF(P
zxHQ9ON8bF^6Wfz3yl*cY?DzBU$D<Kd2l7VK*Q>BSMH_db#WOk1X^p4e;v{ATkXHA!
z*w!DpvAKxKWG|b-rL5rxV|wU@n}LQGI>j`c$Oc8Z#Z?;jX}CBsa{lbt(7E(yhTcjK
zo=TrT`<b&NZ=TiS;nW*P){!06GOS*zP*;v$Y#}>-HCHNPL&wIOw%cEmr_|ty&kT)?
zrc;BXqv^4cvB5J<>f>*X4Q;4&c?XYUFT<&1qwE{&orkdt8)jZt<?@|8H<H>g=LSlb
z*EVhN#Mto2+4Kg{TsM48@uhbqG$j1a9Xfjwy*rv3Ix&1|c<AIhx}ghDQpipXpBo)Z
z*Uxy5nGT<QWAMx{+?`CNPmG>_Z9@aRM_5;Xc0}CMd1J%eqi?49h>5};v)L##uH^?V
z6^rHoj%r0C@8IcO7+v&!7oYAQ*w?HqqxWt1@!|J<Na?*V-gS~JbO0$`-^S-J?XMpE
zUXA!irsX|)PnfX!P`_!pOFSTa!L+=OcYbD4aas5arlm&jtnYeE_BG+Jo0cEoT`*S*
z<%Njx{xK96{eLhmA0mG!=`q?Cx*+^r)7lyZ7d#HYw=IX;O=}eIPeThH<9%Vs)rb63
zc~#MW%Czpp`{=N=H~h;c^a$@P!_r=6yxt5a#h&zdUmiX!{AVWgA?c-lVPdp5EcFY2
zfH#<^Pq=LDTSBIF56TZq{aWzr>;T@wh8IOoO!}2(ZV7}xV_JWv6R%^X{1#%guVqs7
z6Q=do5wDgz9>ZVDJ>g$9tzV)1HIMNQy=B$oU3kqK^BDPCGs538t<@L6w>>7k^G|x>
z2Ug$OV%nln@I%Y^=Bri8YyG%s>qI=;q`cOPxJCTh`e26f(K>0`f@i@Ak4c|YoD%+B
zn4<n|7d$3=iBBu(i3_6t3)6OzxU6`=GQRn0t01BJeAl$4(7v`s;s0sEllZBlt!lX~
zFyVRhciVlXUr~A&AD3U^Q_sKJoF7%>@}0h2;?s7-gr`t`dtB)g!cL!5dWlaxzr?5R
zzo7EZTW*#5wwIN^im)qhQ8;bFC5*RriAUQnns6NN^xIu~zk#WS`Hqm<_7O+H_)xr^
zedM(8`zB2N6>;?^#`up+Dt%eFX2QRY-;W}<Ew_g;_3-;m<c`PauSmtS$M0v6yP|*2
zgx@8-w5OdI>qX?Ar$_rD_k~ZI@Ex*W@tDecAe=YhuaLgxG39?~nc`m|{Uc$CSF}%9
z;uTGJ95p67pzP;`C0^0n9wT1SJ02sR(Yu!M%~yw%hxMv$3Z2stK#cxq{|(c28|!z6
zl*f$x9j8VA$ENKL`m-bBG3h6Tzi-;!BQ7hxZ8@^dwB5t{)gkqZoH1?hV?FMuh@P18
z-&0%_o;PhPXkW(zkI8;j_$#Kp6U;v+p*;~|tQSv3J^dbV%ww|e6aJoQ-wEAQ68{J>
z>81VAcGG?Y@p>v{?dyC&vBaaUFDQLkvBalte@E#niWe2%Q+!|XisG8$hl(FH^QNfq
zbEf@W#A8!J_$AZ6fM9P*3QwB$DUA0`r!C`~uTAqv&>!yFRK^`R3V&7dciS?)`P$^#
z^JUZi9n#;2nCu-t5WbJ4CV;*s{CB4P2Urg_J+zE-Mf(pazqH43C)84Ygnr}fj9G4(
zz|w^A*%^3@{_d<=#(62c`Yc%LgY#7Q2VgAG?5_iV{qqR>?Pl@k>^Jv`9)AUPAM<PT
zK(oKiNzqT6@V8N)&8LNb-h>}uzHKg8#y4M^Ye*1}4)Mpo(1P8yB`SLHw?*pHA^x^V
z`E~n@*nbI20oLy=QXbB4k^QLema^3|BOY7sS;qPhNs(US!HoKES+V-ayoqEmU$@je
zCjCRp=>JHG_>tv~ubRl`abD<h^(RJoU45dzkEI@M=?aAZhlwnZecWUEdxC_=2u_!@
z_o)|5<XzOaD{1x22f?R3#{STi5=Q+iN5B_6#`x&Uczg&v=`q^dRq&Yd&wEVy%N|qy
z+a6Q?J04U1yB<^id&2(~TNm+tk11Xcg#Vj~ypNyRyK0s<wVTMd$o`?n_<M}5RgW>4
zV^QH#*!mE!Sf6El^A$@X!Fbzr!$iJ=@e->Ff5Sv-;H`o1_e|uw#0!?GzgN-UTPv13
z`%L7ASf95_`JJD_)`<S>PKf@qCh}nnToA@z#|5OH7ydO9-HG|uT^9c5Cc38+eA}}}
z|93A4|9fnuh);J#@uKkeP4o=n-!1Xo+-jmH1Mq#T$GnZ6M*O;0gmWgkKwR^f{7Zb@
zd8&KW>iPVI`XQtoKR%yf{oE$;cIUNiF{|hNq?h<Rf7=3;KkhO5Z(Bm;AMlv;Nzb1A
zpZ1vaDbJqt8Oxi0)kNPzJhx2>f5k*A)SiN8Px+;P>g_9AeZ76RJ$v%M;4$UD<JptG
z;xXy(diJDW^qBPbJbThtJtqBq&z|%v9+UooXHWW?$E1Jg*^_?NW70qJ?4idHY4kVr
zJyBsgKjS>u6Z07H?CBGh=Z&5L%bWkiM57oyJxSreG|^U^S9?wie_*1W<Ui%v6JN00
zDf6c%BP{c$XHr<^Pfx+KM}POsTi()PqGMQJdu|IKGSLfIUwZBczhR<3gZ--KuJDwJ
zW~lr{;V+ozL{$Df?c2t<=kZ?1XgzVy<Gm6OX3Y2AKGDnbcyHWetS9)ZahqSB$9o4X
zZ~3N)((_wy((-1^S2}<8p7t2?wfBN$eDl?tL4x{hd0?X7LVJ599(;aB|MZrvzO82X
z`J?x?W%vBiEAe1P|Mpfqd+aa0cg0?wKYAA})BO52;@x{s81w5sl~?ub(ciuIJtqAF
zVR=63t$B>+lir8I@_f>}>M`YiWZ6BRY>!&*3Y+KytcTnCJVv~?$Aw=o(eEOD+b1o%
z{@gC{a{ak|-qWK$x0i*bKesP<O#bf(OMh;!Snj%Fq7TuZPrmTSZ1_)KA*zGOJF5*X
zzdI6nOU9E2xEFbAwIMeYJLjj|kcS2u@{YihQ!K?kQugG1p8SF*r`U--KSzrylx)cP
zdD+P+uh>WLi4aMM`oziadh*+zobKfcRdM6&scv$GD!6g-c_)ScOhdjY@Z<?kPHmAZ
zM5*}MR1qPP&|*X0dD@eg8*)C6iYk=y<bHb>8uHGH7$XUhPbqivq$iIx<XaM+oP3Hs
zpR+_2y3>&JdC1A*4SA2}$2@Atc|M7~`EyJt@$W?2AK>mZ76y#{rYiuw;>n5W3h?<A
z$lc#zl8mk>J|Ry|Oc$kJ_T<!dx=23i$@^Gp<^RHy2c8_a{C*GXihKXe&o}tn+&Y(W
z?{lr0w<MdnmEsoQ(~1uzpTrl=g>^oS``sRo;r<zqGq~U5@jULSe$L-7;hyRv%>O2Z
z2BhO8?tM-v&L}P@E-PM8Tv5EJxT<(XaZT}RGgH<5`iEkQ1H}o&NyRC}8N~&~WyK4M
zD~cBtR~4@)t|?w^<}lE2e>kQ%P@GVlRGd<rQCv`5R=l9NqIgkpRq=}An&Q=F=H<j2
zzb!GP4-_X9Cl#j@XA~C{mlZE4t|(qqTvfcHxTbiunRyy}?dRV&d=8X-LUB@YN^wSU
zL2+5}g5rweMa5OcD~fB1SDTr)0k6IMdyCJ3vQH>ZDo!cRC@v^2D_&4sQM{<Qs(3|l
zP4Q|o^S0@=w>_rxf#QVXq~es~jN*dgvf>5B6~&8+tBO|?*A%ZdGmhX*>t7_MI8dBW
zoK&1roKaj*TvoiGxT1JbaaHk(;+o>sX69p#*Z<L&(g%tYij#^{iZhA}ipz=@6ju~4
zDy}MCQCw5J+RS*wZ0i4xnBqWjLUB@YN^wSUL2+5}g5rweMa5OcD~fB1SDP8HSen|;
zzwdbC;i*9B6N;0HQ;IW+3yRB%7Zg_%FDkAoUQt|AyxPoo<<ivtO)<rR;)LR);*{cy
z;)3F`;swPO#fyroidPiZ6t6ZjUSTw~pMTHs`oA+!`h?=7;*{cy;)3F`;swPO#fyro
zidPiZ6t6ZjzY_7<%fCPQ94PyQ;-un~;*8>g;<Dle#TCViimQrO6xS55HZxwCHT6IL
z-sQD_OQ7@##Yx2}#Tmr~#bw0{iYtm26;~CnD6T19ZDzcJZE8RN-{rjacLhqHP@Ghp
zQk+p-P+V5Lptz!VQE^rAisG8$)n<+X{pY_J3B2~l0>uf%NyRC}8N~&~WyK4MD~cBt
zR~4@)t|?w^X1u9sYVX#V;y`giaZ+(gaYk`Laar+#;)>!$#Z|>Ciff8jn;CD^n%dtT
zQyeHxC{8L)Db6S^C@w2rP+U>GsJN<lMR85>YBTfiiQahU-w&Cei|<u`-&~|Wa5e`@
z_$Qm@z-(^n!11wD2N)WEfl6}vSIhOk;<o>ay8aKU>woLbf2PfUF}?2J_#T*=dgmJd
z6Ak<W=|(-sPlFmh@Ymhzd3Jvy+w`xd%>n!y&{Fmi(wo;fmA05O$B!q{FTE`3fK6YN
z^pK<jFIo8^Ne@c;(owOO^suCdBprCs>W@l#Skf1dSovW|4@o+3SnMS|Ea|`@D}PB+
z{3~*<_d!Vq5~7#%Z~{I4lezv1Zq)l{=lHGX?Oo`;lSoQq$zAyUhSyeN{k}R$!gVh9
zo|RND;p6;mke}a&`)>FFPXvdN@&gajq{t*0qW8XZrSPFcp=+nhAA>B8k7K8Yh^`&(
z{Wsb8m$N5XKR&Mh8|6=up?CTD{|0iG-!q}x9T%)%$1f>`AHVNIw^94=OTGe9YCpdi
zK<dh;_IvN;K~2|z?^xUxG>IGU$w`dA7ul%%Qv)_%_bO5<-__GE|JKaf8ID`o8hhVw
h#RXJco8tA?u;CZJUPie+?y}Q3pcwoAe+ts|{U0+_Uu^&Y

literal 23640
zcmchfe{5XWmEZ3Sf6Pdx$l))W*{b!EEz2WClt;8gGwWD8lte{}6>%(5mYl3IGvW_%
zRunnn3@xfkyHji(DCq*Fcb!&$r0pbe8o66<x#^-3wn1l5>=tSfbh+4eD=bp%08LS0
zH$~a5feNh=_Iu7fcX;QBRMMu{2hZI1Ip^GS?>+bDdqeq`M^2vzheM`*h0OoNy(g$^
zaPw9lQ&PTnm{4Vy@6FwWq%lszH@~sIN_W|2)68j+<)(7krjZP%?RQg_@7jC@`5utu
z?y|^BoQC={p((n%_M+Lr=`*H{(#tkqbhL{I`2tSN&2L&iy)kpjm@ogwdO6DPxmf7)
z#zc+iLzQQ2{)qMaoURAzcb_c!W1%rhUA}8i6FpvU_&)>jc-`(9!zF0HutPmfr?bmF
zV|vKnd9KGVtZ!m}jP!N6t#7^kl|j-PQ~9!_lQzAZ<g`c1F*nQW_ek;%i_Ol;342qS
zv8n6VKKNf>w=(*!1ol3?%ckc!Szo_y<*^Q%nj71#|BCd_bz9F^M`M3Ax&CtPx9whE
zzguF*A;jkes=;I9BxUs#Y5%j*54jf&OX~3vKNq_~J1Ivb&-wOw{;DL=_Wk(~du%ag
z59@6?_3^F7%b?Uhto?Z7hR3ZNFSebgW2<~<cPq+my(Z(~33fDRJ5_y-Y-QgcGyj{~
z<KlK>pB>lFx_(KK)`af{oQBXpRk}l5+2XE^U-;&C>^#@)z1U^`8`)P%^li+|Z_7B4
zb-=}a;v4H9lfJT#zR@oM_44}1G~WD6#%D;zuetGgTi;$|{+R44c4acpLO@sUuw8eY
z{l#wc?@2D)oD=`K7fhJs7k8OIptOQfMi<osSNO)y*>?BF%+He`_q3gtxf6E%>5%mg
za`xD9kgV8_$4%}{(@xy+27R-f<CkkS+lf1<*C@pR<MfbC;cqwHp&TBsUO55F-!$A}
z=eHw4QurCSDe^x@cgX*9l-BdNn!m#Gr?KdfT;kBds|{G<=i=MZO;+$TXve?fYlDWy
zrEy$2OoaHcSFDeL%s;7@j3ZMSv34E2dcm*MSC{MJf7#{_u1oqt!ZaDv@>`K4`)RHW
zSbwiIuYW{$t{xpCuRL${;xB}Hy+{&-o8z06eym9QuiJRUT)WOE$$EX=#V0#x+f|YJ
zYrWL7o*!}AMjo6$SHHiYIQ`zw5GS4&*Cc*!z3vOtJ|N>gE%A2kx9b|>Ci;quBOTwn
zNs5jMJNt7nlc5qSy(~Af5APH^)8A))ku;dMJkp%}TwvaUIFx<C&Pz}J=B}>yk5=N=
z-?MJN3W(R&u}<(jboLhqOo}vW9SEGhKW<KwUO0sOJfF@b=$v7qxlYm=gLZtzn9_5q
z9r3!KKEoqOxaAtpR^$sz64{H_UNBr!@DXqp%ogBJgL7c+88EF&vtS<2;34oF_ywfo
zZxG2mc#rTQq?2Ht2hdZ`P09T1x$*OMy+eC=WfFN*&H=%V&)RkO$}zhxS$QY~=Ki>H
z)W$>d^=;v=4f6X`pDP14{t-LB4`Cmwk{tEo@+)rq$T)mf`qAxk?~t)E!{;!?=*G#j
ze?!ilF29UF8BgsPM?5cGdA)&ogY!!{vR(|LznfXky@h=tNo0=npS1OBF=mVecT4nb
znq(gg-?i%qoo81`;qe1z+g?+_D4`4M?LA82kK=greK`kPKlSs5loOKvcr3r$hqFE8
z4FjiW>yLJFxrJ}8|2fGEAFTfmN-I<J4gU7}f9LdD>uZ!s|Ixl*BYyT8eZ#(SpI+N)
zpRVw3iFl!%*w1UdM(SbP<K}hfCigP@!frGFu06UOH;>-2*=V1(?fZtb?~ZL>;U7x7
zKCtb=d8M{lIoiMY4gI8cbjb6<Pilwu|5*LE+i~(W+a9C#t>^mV>;IJNJ!}msV>XSX
zINeuyTI7>9?Z2@8A>CDuT8<<+-PwO~{U6btk_V7~hvb;wRZ4r4_I#o24#Do5q?h`K
zuk1DfaZbwlPLgO>7v#KNWryu}CONIc6T4;KJ!<#S>>GBy{wE`p&lu==hG&o3a~AYG
zVm$qRvXk-?l`s*;nN9j&&m+IZSih?Nan%2-WGeYXKdJs=x0}w<ypOcnf~35*%CA}O
zc+aNUq)qGf75TMecAdLy_0el%<|(oqm3Ciw-=1G!$MfH_<8{i}As^S^vhDZiwI<v2
zQOic;vC(l`kBM*FaSy*7slp-aAKXM1VD=B@3(Wq(JTt-ER4}iDVBRmm2r=j9c4R+m
z%c)4Y*QI`i!?s){?}OZx$Mv|LWQ@T-mz(>njR%;^5q%WQ^>F)2Z^E3VoY{kRoVfEM
z#$6A|M-S0Ao<F{|{*Y4G+4v@iOaQw!y7BC4#IWn5bfVkZgZUf|W_xfT`WU6)-NIZh
z>Q@uyd~z-dke~fR&-DRwK2IM|zTAL~o10e{r`&&6o+mBl@4GgQEOQ#~zrFqv-O0M0
zEOgm^tDk%JTKg+qHhz^)S(be_+CQ}ZB1v)*p9)76?;p4yagLMq270c)$2=Z9w$B?I
z_8c!y&+%~V_OUD7<^YwC`tkhE?ULsvsRx+PSsfe9arZc&{2q5H=Jm+ab3b{^{opaL
zs2=a}{ax#n=N~>b)Yp?k7_4+YGnKzX-xwF4kag};cHB(-y5)&?E$6zVp9icx`q%dJ
zF3a`j+E0l7U8|S#M6&R%9iQ%eaphe(&vJC?<H5N8mi4Uu{^uR*b|>vm|1a-%wtBDg
z9rm}r?&>4sbZ7tVAOA5G>Ea{u9^KB0wEuiS*6Ztd?&5Le_B~l&Vy=JAC#+q4TyZ{(
zr%U$v_e$1|+pIjNYyZyAbsM*sd#=WN8eShAOZ?&$=@0i@*x&c#3e~{%L;XFb_2=eg
zy&wJp;?C>%-4fNxw8%NCS?bs1&ZRBp$G^!IKjYV*{R3XMd2PT^uV_DAzejF)K;vwT
z+Ynnpi8LS`FaC66&1h{W^A=}^`v4#3gWI%89?Iuzczxf*hF!vtYy*6#2c;NZTQGG^
z5+7OzNnXN-W+m-^ReX-{iyXt_f%8ebcwBB$9{F>1;;ft4a9za@kCex3!V&hP>dkvD
z+|!!q*PGsrm++x_)ALXjpHourPTc$TruFYl_@$Uqzg@(q7azJV;Y0TUK3C*EiF8r!
zGf3Z&`x4Uk<i3pbTihsPX#M<v3*3k~y}Tz8HTj?6(~ZyXAb=#}leEMFdq@Y>O>8@;
zZhr|MTpiQmANxqhtoWyFh+oG|X=}Z2#ox2geMMr3q=Q!H03Tc(e-B>)K5*MnmV5H`
zzT6`=9Un@WyKw(qDU%Y)Q<XBQFIXjI?uPE)A-E`yJ{|uFDXxzHg)i8}C>u;;&ml#(
z#}131=dHdzb}$}eufq?mL+}%uMT#r-x9~-N?jR*U{{|`f`BS8@>!fjuvC&EXk-c*m
zDP)~rM2dQM{)&{h2kh5-A9TNg43wYzRFUH9`~kjT*F|!a*A+*K^14nUg<aP)Qk2*A
zRiwz?_4ma;ojfSt?_faESf%SP+l2QnsvljblYM6)_vD{0l7Eu#_`a(GKPaEC?UDva
zdA~;*nA}{^q|?J^&knzp9y|5<k@WamsgZQr6mR6G%$2Dd=|b+WPMNo}vx`&q_G)%1
zJvCQc$W0Z@#QfZJ?sEESHjmrIx#HA9fnjMfpT0V2CbPvXe<6dV^wlYda&wm#rV530
zZaOzNIkjXKmeSW2r%-^!sYY!&z4-EgS)426F3(L(22|mR;*y~<@(c5q)6<J{6GY~~
zO9x&;dSHSY6*TDMh2p~EgcV+$4EDjn-r%O$_V#=ZMD?U92CoHiE7=>Lou9kB7iRrO
zoc2}UJfLe!bC~9)gLvK9RB<NwWN>hAa3pZvxOg&xuK&mkHKjNoy!KjfDL<W_DbCLo
z;v?fH)2Z~S)Lyo2^q9+U>X40c`Tirhnb~01Yr)~*OJ6eEwrwL3moPEU@>8kQ+0pUQ
z^tt0Hv51q&^g{M>dVYF3*yB~>R4V<s6Tz1Pq@yQJjE#(=K5(6|wc_3hCJO1rx#{`Y
zNpz5H!bD;5YI-s^JsnT%5AdIhMJ~TTpdmFs9p9JB?}ctJq6K4$CS?ka90?8%?nUz~
z?g<i0)42A&8ocyUfYFz`3L_qn&>Vzj%I5zh9Bky@)SCR5Z3|Py#f7=xufrHcbI2wN
zUX!R-s2Apn^D_mGOL4xKo}HTGcDoJ?`n@)7+Czg+>Y~B^BX486<mTt7<U#a8kjq0j
zH?>rpnOq>D*GU`x{ffanpS>|VpPhVC?G`8VoLzd#PFc)s1Ux~Zw==^|Wy}oeKg{X$
z?EL(d#e8~dcIs+;&&FKeA2@&)>OBhBt_d!rF?J}r|Hu;p=c=|zuF0uFk>fpq8CWQ$
z^YaVfo6=u7EFSr{F-k~~FH9{?&Ijm!j$k1>Ik|8kH#eAGJg_*JCOSCyh1^9{bi)!Q
zQ_LXqgq(fyr^&uCN&QZvSWM3^1aVq_avWbIpQb^}Yv-#V)N;U9yD){x0^E0LaT*yZ
z25yo-LSrZR^lOdlh3!IV1%^8qQ-x+OH@cyPqU7<*TA5gz8IcEW_hw4=z}n3`_>tIH
zW8A244T>*JUE6dvP^+QqKSKKr4f+j#W8>$}q>r9DbNtkq&!o?eym4-1jFz68HdJmN
z%-ZZ%vzK!ifpEatJ~#ZCQ^(krLlk6-MQlyza9U;J6EoR`VBcOhllRh8c0#sv)pvyy
zY$3>hxj4h6)E(9<RBvh_yJbr^{1vi1F`T<0n*WX3xy7p+?HL{)KbsyqUoVV`PgDI-
z)R5j)cqm=Ql2y3=g<rZzF}a?d6RLagXAo5e#mUUKn-7PPi@h*<HvPHbRBGgSdieP9
zvlN?+9(zKEjipA<jE(rAq%Ao+`AdtK&c$qQHjeFef8Ytymu}b&c0EJA^~4RCL$IY0
zYKrb3JQQ5IQJgBkS>10x-`4f}<n$sD*ktY7INV_MYgqQ|xrgIgcY|4t4T=NBTTOPN
zh=m^9Fw5gh^9x(-5v1uqvN*R`;0-mglt}P~CK757oLMVc8BuXwYYX#>3lmep7xgsa
z`H((=o=lCN9Z#c6sb9naEqGr@T!fFU*3Xv*NWbBAHtx+ba^!o;{RB_Ye=)ElXel@O
zg<StZTACk=%%+ow%K53{f~DwZ3QPYHiVBBB7S|^<Kb^j`n42x;=5V~dI+4FYXS#Ip
zDo#3bxU=1|KcExc@ad5=6#UIH(LvDJN><tjf4Yp;vR<@bmfPfMQ{;B#@>IWu9_K!w
z6Nud`WH7j00VhbP>@Gkm%8nfVppzj;)v(Q*Iye|mFGx|It;<QasDv}(DtOx<b{@=+
z$B)gnGBfko!gE)1<l$86_{fRz@zdnNuK3=;2zqbg*B2Cajzc+@O08?mLaVV|3O%_s
z_N$0iZCXWc?ZnK~#1#}z=PVm5y9I6dh8dsTY$g2QZ|ul4RHj}Ykf_6*zv1)I{;__M
zAjr9O^8n<i13CMK*+#|Ok+*JBoP`@d&Qyzr2I3I?e|h$wC`j}-Jn?e_JxQdeXLETx
z0<eYcQwi4Q&4Chi^-ocdU=b<Kr`ab(UOj$2xx)MQ!ohw&|9(8@P<0@Ga)s?#*|>8n
z9<Xsv+jxX6%wSdkX?0JFZT<Nfn~SJScG~1GWeq>&(i1e?3~hL!Q_O}F*`O%5xJu(b
z4Hw5o&z%_`Ih%fc<gN7ZiS)TMub&w`e@2T>rQSTWiEL2IuzIONT{(WS`Rv4%sbT>e
zIyT<4-ToRprG}5aJ~BR*P7RNZrN>9dhfg=CkG?fNvZd1H9X^V^45yN<vTv<-9>y<h
znR!!{%Xj?jXll!xTPR&#+qB_h<EKW?q_>FXrr~RdFTMDnA>nuK$eH8l-Lcfju~R2b
zjU3-ZH*x_=3fYNMXUE3V^)udMrl-!lIehvQ+#OG)kBy!C+?ED-DX^*j%&54h^Tw9B
z$Ihquh>5};v)L*%uH^?V6$<76j%o#ZuO;u)1G>jW?`!et`p5WGNq~#qjortG-`^pn
z_qg;P8L|-G<MH)<eE*UC6@&G}KQ>M8(|f--KHyNlX}Uw45WZlVzK3^sW=3&d_^+9!
z8oh(Q?J?P}3V&dlenjtfA9;-ThM}nNzco!CBY!CH7;Ou=@_%TWn_(L|DSBeqhAvnR
zx0>cC-iL-V9^?IAXvuPj{8M?iME?t>c_-d4ho$`Rmrdvq-a&?Aq9?}d%5a~@c>f)a
z3;!z<`k3@X9;3ZsSD!z}8%fkBJY)4uA=A7Y<%gyGCj9C;g#HNM7CkZPR}?=Ie%&<x
zD&o;3@n|B3eUp^mbj>t>y$zfZdt$uvZgS-l?*hB>i79_o?0>^FSMhss(?gG;Z|+l^
z6#i4w5{*KivW#!OnlB*1_`%OPEp3Qbb4mEPX^9~|%~F2zsA&oIfNzVQnDloP-xGev
zv?Ngf=BmeJe_!#cWqkA1Tth<j`7P6uqV}u_|4VcYetO{7&!qpaCcK3HYC)UW-sxk)
zPA~CjcKW!|Csh8V(o1~sb5?kk%AZmCyyd#Sr1TQ6y8e#Ruc-Vkey+Y%W&cpwKN8+=
z!bOay);{4BhCbf0w@Uk3ZeZwRzP6qeJ#iF#LD?@0f5n84qrY0q9%FvCy81eORrDX4
z@UP<coYwoozi-0J_&ufdfyd~t)|zLJ-?Lg>dp<JZ_ej4cdScA?R@Xjav@e1>Q-8O1
zVk*Ku67v}4MWp?$gC_iS(g&g^ru=csG=9pYPg-t~ctu=1BwqZl3{W1&4`oM6%Ko0P
z#3ORwW5g@+z+=QSQnQS2zM?54@Q?MTWftQ-D&@C+-n87p`Www#Ju~u0mxO=WwA@C2
zMsImc`eotYHZAWHmlfX;u9=p5Sf8R&|Hvmy%lELJMypoOO!-$8OM4<CreziFi>`^D
z81@J$w<nS_t!>1J8MTiY>%q2|$GgFO9+Q0_{9V(!6SmuiJSP1~;XgF3hY+uADa98Q
zXB5vU&MRJ0TvB{X@v`FEipz@cC|*%~PjOZ8s_;jq^*xHmBg@fd)4Gh`(zZv151ZCm
zjQ8y^%lPJNdlCuy!(H1?T8_Y975=uTEZ6lCkLaXn{Q>E3S$&<Qz0t2>DhJS)MgK2M
z>yNM=Y`<d}`+n<3lwaCc=c?7C{0RN#xLw+Z{W228_}pHzdS>+ZQ&JwzJK?oG;Ih@@
zJQV&B@k7heKQZA)*iWB&WZBsxB;5Y!x(VOM{Avr7K5lv2t0w$?)Tb>WeA<K`V7|3o
zu#9iM+U_GkJnR0Xd{LXWHLI`tllp8Ee>(!JclJ9@iv1Tc6|jEqkn%zwn8<$AcgKv?
zGb0{5%9gP{L{g+*@fh{ranCa5Yb1mDy5qjbq?dS8{ENgjtKT+fB45IJV27(eG0MXc
zirc&GYbJ6l2965<a}!yHeLG|nk8Q;0|MotQk-0q({@6s`Lw(!h9v=iJJjVXeK4f`2
z>R&ztPI`>-(SFk70dUG=w6|U2SI?jE^pt<bW6GcRnDUoArt+6Pru=2$TPCtXyy7v%
zt1A4PCh|S}?A?A}_zz9wcgcR$WBh$Y`vZ@0-e_O5{8YDz(0GLljxQy2b;R+7ct3UA
zM1Fwr(s4)lhKba`v8eEOP2`8fOO~m>*U;awTcZEZCh`&1=a`h=)@CA)(4U=sR^Rrb
ziF_ObUl2ZGq5<hM!WT?*C+1t{jPR0)?rsC;J$v+jr<C9Jw@sAJ&z(|!oo|c%Z=2|8
z#J{sF{0Am_JOHm)-qB*BClSBSd%^?Q`iSp)O#W9byYpY?17SKJQvDuU=JOfW&(1ZE
z5&zCdUVi9NC62fA*A?~bNgwkV`Mdf&d(sCUlRoa*lRn`w>4!Xf(x0@v<GhK!k9c;a
zgmWfZMtiz0c=nV(W7)N@YsO>J=RJG!zvMCLOP)RHZ+T4mWzU}Uw>>6(*|R789gj)B
z;@Ok_p2wuGdiJEh?=k6DJ$uqW@R;;9&z|%TJtqB{FrA-qc<FlNG2)3SXZxGR3-sNA
z<sDx&(I}MNap7;7Xfw{M-3j5UiMGLi_mF2#oV45~^QZfyu*{$Cl(5X7?hBqh`nx-0
zdB-1_=s4Eb?!53ij*eIyx=WVZpEuE8#D3MiEc_`G%~1Kbg+FVelTon5!#z)TuUS1a
zl_&9F#(c*V<9LMSdAcX&G1ilwK4E#D?g=cn|B8vy^IMOL7v?LSKYJ2Zzk?X_wP(mO
zzWM5r__Tl9M1L3U?YRK)_wDl^jrX1z%Pk)oe*Wmm3(NCIPswBSU(YSi9{WqrvamdV
z^xU>g^XvO)f6pCZ%&+@Y-il|B{_eTwG3oDHcF!k0s~+R|r00RKJfHN`Jf{2)ExYHF
zo=2A3f8RtOVDagVdW?AY_6dJ%qCZ6ZdNY<?fA-FJjP~^AJw|`_E(uG2_TKWC{7Zbo
z(x1Jzt-b^Q3gIF8^T`+fxD5a4D^!L=<b0kJgV4PVd3a5PNJ7aCd2@h!xk3SMoSzFK
zL=qa>khfNGFIOmq8?kRKJ1Oj`O-`Qh<P<w6r#Q$JD&a=t5x<^f<K#8m%N1I|jg#MZ
zQk2{0$^H71iL<}w*;C($eA`1$p4pIZAM)f0Pfl%-D-^|z_<4%%<qF-wjmY`j>EuhE
zyevXWsO`>=Uv7Rw-j*Umd-1zK=fBTM5r-J=Mb76br+Ty@=W~z9`5mIzcl&<g8}>YJ
zoS%P<i6iz-)O#OyC$Ruvj5k~X=v7ZnOjm%<S0Ha8@Ggp9$deP(Md{!5<kUvGNIvGt
zUHwV^p(hW(bcsKHPe*@q8DgpZQ+li?b)Lb!&-WX7N4$}n6JY#Jt-;@Y($)NFd<Ara
z4<#q@h4WyY$8rCh#~Iu|@9`4useUg1-^4xDN0|Rj2-V$j68ApSIPp27IIp;*cv*2-
z@rvTA;#I{p#cPdBRrTx3W7w;IC{X%@;-un~;*8?F;*#QJ#bw1SimQrO71tE6H8LJ0
z8rskA;l1{U1Eo(WPAX0*&M3|+E-7ACTvoiIxT<(naZT}BBlB|NwYMpz^nv1p;-un~
z;*8?F;*#QJ#bw1SimQrO71tE6H8M|Qul>z2r4JM*6eks@6lWCY6_*q*D=sTuQCwBL
zs<@_jt&w>f@Y>%JQ~E%0LUB@YN^wSUUU5nBvf{Gh6~$G>tBPxi*BY6(O|Si}F{KX_
zCln_Yrxa%t=M|R}FDou9UQt|CysEgSc&(9f)NWY+_;&~|9+5!l6N;0HQ;IW+^NLG~
zmlc;4uPCl6UR7LEyw=E3puhh`V~PXC3B^gpDa9GZdBr8g%Zkg2R}@zjuPUx7UTb7L
zN;b5gf7kH(e_NpR3B^gpDa9GZdBr8g%Zkg2R}@zjuPUx7UTb8$N@-|6|IXmGe|w<x
z3B^gpDa9GZdBr8g%Zkg2R}@zjuPUx7UTb8$T4`wiQ!&MX;)LR);*{cy;=JOL;$_8U
z#Vd-didPla6t6WhUR5--zb&RXP@GVlRGd<rQJhy?QoO9VtawFnRq?9gn&P!a=2suy
zc;69I`ap3)aZ+(gaYk`oaY^yA;<Dlu#Z|?tiffA38X2#W8v37q_wnM<9w>c6aZ+(g
zaYk`oaY^yA;<Dlu#Z|?tiffA38kyfmc<tr?3!Be@vQH>ZDo!cRD9$S`DPC4wR=lFP
zs(4j#P4QYI$AJF+A0vU+{#c+mp*X2Hr8uKFuehXmS#eqMisGu`RmC;MYmJOIH4W|U
zj42KjCln_Yrxa%t=M|R}FDou9UQt|CysEgSc&(B7cQCKN`FAg$17)93oK&1roKc)t
zTvEKOxU6_ZaaHlE<2^6N)t?d<=x>S5fg=75q&cuKHGAOb_=y7y8-MIca{AZ4^*@-l
z|N6N850UGCR?UAA&3~M{>7Uacn4Nw5D*tN;{KMjndXS$D+VFutq~6T4`)kyOe{F0I
z;2%{MvzL(GxXP)t#hgBRG?9MgQ#KuxbU@NqUJ<#Z1CqWnDESWC^suA@k{*<F=#bS9
zNczglVlU}{q(cK%J}4>vbv4)P@IjltEa`xxLkY2$^kqp8CeV}rf3E)kH|o8yb9{cx
z-i4}8A}P%Qcj5OHUK5G+d*&nwH@V#VQBu8vkMp-hetwVbyWs~j5xk6)A5@SgMJCCy
zn%tz2(qYcE)8&sr7RSf2(?dkp(@st{{^jH(>&M5{f2;gSGW0G#|DQqb@_Qz9`}9dG
zc;*eI@Z<MipxdJT$K5E&!-m?=5A;Y~`P6=TKfXoz{a=R;S67XbjW54^`u|;QResrK
z;orZhd}rsEe{+8QG{>!EjlFOCe|3UD#kHZne*!(fsP!_+ZL(x<nlebKjreVqFIRrw
F{{hJh^2PuF

diff --git a/derp/xdp/bpf_bpfel.o b/derp/xdp/bpf_bpfel.o
index f7812dcca200d592535404d59dff852ca6e11825..b4653efd91bf2ea899aad78f954e825b577d75c9 100644
GIT binary patch
literal 24288
zcmc(ne{h_~S;tqhb$3o|OO~wKN!{j^<2q-@vQM_+h$eAQvSlplSXWD`l?HP<pH9+S
z$<j%8iX{~2wItvM7-W(ThUw5tW2hMl2>z%&P`DeWFoMZ2VweHX5a5_;r=DqH4pIjH
z5eVOB_u0F>$5K)#3_CgP``LY-XP<rc$Gh))=X|F3?CJWtI%QLx`gc_&TdGw4`Ra94
zUq;n7NETX6`K?V#>)qPS3?ucpTzYuzT`EbOHx-EsroOOf^57Pww&U`aL3Jx&E^dW5
zhaK`~>ES!t&eFkEowpxY)^5(uZPkLav)gn&j#5(XZ_`+@*IIW${q)~C?O6M8Qrkah
z><`twTt`*p50w|@jGZ9l_ENdkL#5VZzZPFNek~m=8vmMKr0R;D*=xp5MgP8bU#RPK
z<!5(kg^lIYbvqn+e|D#qzkpUh1`jsY^Nn9lKS=Qw{Gn8M)#NmeWU=r`<_43$jBF2;
zr?}jXH;?~rZT(#x1Cl7P-FUN+r{SmCD=2Tmb)#*!&D39kzAk5``2f?EI8y&epZvw8
zTB?lOxjHJh<M0T_d+Fg7?Mr1|L5KAGIci0zx7d$Lyilp_R>sxnUu^54VpW)>ze)u`
z2a#9wgg=X4=6Txol-BcS!&=YA+4^ng*{z^ycc|`&kpoj|Q0+Ru1uGOPyPn*6c^u_r
zhw3Z-K%N@5>&C{VIzPkOFFP+OuI2UYh<**#wbhM4ZkFfUeeK>S|3N)Z-MF3jKH90q
zuSNT5{a^gDSznK|!H8=|wCm5A30E0kjxWUrqH5_CvoG0rU2F^Jc9tG6<Gu8$+h*SI
zI!V6rj^@Ibb+d~0gLmG2_gypJO&R^A^+AU0d}~#2Q*mWpO8@;w%>pVM)ne88$ot^M
zw(sZ)vPY6;^}-&<!QV^0sm|kz&EL{Ij{bVMy25#Da9)=${<?`@;gUw(53;cMy4n9)
z>z>jT{x!3o_^+A$wb7vRubFkz*kbhkYacN3U!Ywa>zVHd{xuVSfB6AZZq!s`OrvT%
zX>$MCK7HZ8M!O31EA4oi{V(j+xwYF!n*mZ|ugU#ud-a9?+QT}p=r4cRlwUIg*r-Pr
zdfi5^@e`bPnB0GLzrJW>o_*B}z&P3?3%0zFH1dl#czySnj?w*(l3m}0QNxX$CimH2
z+b+!?iaXi&kYC~aBbzp>-)+GDg2AToE<B1qNQ=K_+Iyz=duARcO?e~N+xbIwsjF50
z4rsv!W%`%k@hos0D*G+>`vMxJebmM&@v7-xf%_rr$#0Ud@tJ)UH*}=`kGTEG|7zT5
zbg<9yx@>IIsCMgOijYYKUI%d=2OAH2pR((u!10ywrgcpwt^82kWgY*;*UdVm`wXoN
zyPs6|#R=^|bssSE+{z8rV**0g)+hFwbzH3<QEkmPdaS)i%yLy1;EcYHzG2$;kD2xR
z7LT*lzxe2IP5U(OJlD@Rczqll&~l^)chq9Vu34W$oBH(v^LJ=5HB|Sk%I$@m)Bo^#
zc00~g>|)r}EOaOh)%U6_a@+6Oy=`3HqY^dcMq#M_W6G~7Hv>6T|FoK_Dc{F-en?H%
zlz)WFkE@xQa<krs>W?XmgyYX+EFV!RT<QG+d*0$3eE!@-QQ~q8soqyS)ZZ}UG1+PM
zNh+sf`(&pX_sM-Gp4uL^%ysQy3fTBhK5E7_2s^a27r)Hy*PHh3ytemUyT90ZviQ2W
zKfVmzZhVGRBmTk;mnU{(BSA{=`mpn#<}=+X+COXd3EOUK{aGz<+oAbH=bHA<89R3W
zp?#6g5A81*KO59Jt#=EEu2jxD_C8PLl<c|5&ff;TyCS}*M^n{$Fsaycla4dkKG!V%
zn(6mq-kcK>pFky2f;L8^%%|Vhdqd`xe>MBG>88p&@GqwPN6I>1`e;e#kL=QF$~{+<
z-{V|Sc*DrkxRoH+%Kcd6eo}n3|7P1(1quq1v~SNn^88}^N#ja!vHh{<gUrLGUzuOw
z{=CBd`Ek=9*^abNcFDi@>qp}(gpiirrytV3^nWqGrsMntV@|pAi*|ta&zbQoU=30#
zJYn)+gE`+9t{E=$nY{hw-_!OA`&bUcPAjtgrQf-)+|%V>)#Zyf%=&8GY|b;TKCQp@
zm%gIqwEqbFWDjZMyvOZ)1?{w9kDlxyuQA_tnssl=Z}cR4j9_A)30R`l?DxMjsKr&X
zCv5cgnT{q}ja;?<kglipBe*Jf8WoO@iabuV8odT(?7IGw<@T3;q3S;d`2GB+cF5yf
zh%?=X3d;Z_YL8kdnC(+Fo~BZ?4|z%zf4O|N^Fducj(Up7>=R~R>*sz?{)jm*&32My
zoJ%Tl0nJu!_6f64$Kj8*6QRF&j{v4b<rK00UX3dGDKqb9J86|*ot!lCvz=zaWlkD<
zvz<mhbJDao+ex#Z<c&YGou*@%lg97aPSarKr0G}UhH0n3?OtI&G6SYvx17c)Gho}-
z&8REf-^@wVu7AVCBXiQUTdg<k+WSW9rt{iBqQ#86J*Osint9WI(%4`6=v_VTi54?2
zs&X8^ik#UW5-n!_Cp%1iqQ%_Lk{w1r(c)>t$qv&_qGcbm@ni7~V<*{R?9h3OG?E?0
z&f*)!pJWG>R?pSR4r9lE)WprMtH~b2lSj3<Dm-LzdM_2mW&7tl&Af(K6r5=@<5u{b
zk$dD9O>UnvC)-S1?Rym3r>UpyKlQk_<F}fAH-5zE`5cc%-go>KGY_iF&oz~L6Q^pu
z>9=KlUV!Pzj>EbEzlH9$IG?lrWZNNA-fYeb6+fCyysPYKxhgjc-YeLQPgUN;yUOM{
zvC8{v^k;XN^)ZfVN)fWpd$do`5^7LSYx%-2=}aYNd46O}Jd#fuPVO@7w_(7L{6~%a
z<Wa+urW^XcA4OGWml==3XN}w=eBXHsevrk<T}IEI8z#ri_}FuWK5s#;kTLq?FGYg(
zHA*kzLnCDFQ_gdPF{}Qk@5R0X|8V<%cXF5UCx~fD?X>^Q-~T5vRd|j5Vn4+^CVwjZ
z<NKNIU!upvtHATo?k_g}7vQIU9_0E2KkwS-(hHd1y57#OQ8QmBck=p#KE=_F`)oJw
zv+Im=nEYh_?DJ>)XTPEQW8;5c++T$f(*Jp!A2Rck+HXL6mGdE{53P7AM<^=i$Od&=
z`;DR>D1GTWb^88GMzUy#KKFPIqo|(RMAMY&$PcfA+8up{qjH*V<TsL)GlVMBGmT`f
zqC<L|>dh+AR3pP}Qw%nHsHW}HmeCGFZAS5V3?C}b;d2xp+C_`_oWKWZJIxBKhs%01
zE2*lsAKV8juQxjzUDnDtzSf&v;eMG0dcZ(({Wf=8rKI2V%|Z?z@|&J=ium;5gS34I
z{<wbATKgnEh^ap5UBq=OK9nxuL)RWYlYAXTKF`-9$Y18`9CBL1B%jCU4SbM7w2S_R
zzN{Tb_^^$7^fi3wk?Z&ILD^P*ya1_sTA80m2T;D5WS4RML8?LeW%KwJqCMnG=DLn#
zD1N_fc)L5cD6W45f4+`7iXlGg&v5M_r?ke`G!}ow*JSH&_?mWy60VU#ZTRyobFIIL
zBAvGlZ>O<<zc$tH!&MN5&|ZMr`~VMdJ93iiMoxYYA*YEtVd}R(ifh*n&Bvca9p;_3
z^Ccsv{s=kA{Vj5`^B>5`&WAA2)ZRyt(;OT^PU|L%oaXX1<mC6)kRxs1k3VjE2f=@D
zWOaLQ8#&d8wM=p!MNaKKkDS_DLQd`dGIDC~50O)Qe~BDv`vLqRy?-+GI$9s18YJ>#
zuf8(ZA91e3&h_KY^}oUn+Shi>9YrY*^`<#<t^Db%ipRUppYMJyKG656-uU2ivEF!G
zWf#*aHJMtBXZ#;esTUGc^C@$AIk6B=O=su)R7NFdrpNs8_~k?zm-Exv)Lcfx!e}~v
zc~p%ivI+eM3WnmBQz-JM$LCU+Oxz#yr$<u@YHlGuJD)-W22-`Q@%a3)qiTLS<Bw0L
zMm=&knO#uSMtW{$JU%u*og`9+j~qUN{BV*w<<-=OGugTMq$#{S>K%lE1KyI_^1_S{
zB0tGR?-?&_N)CjlW~RpvK&<_Qt$oTB_b6>B4pD#13s;P#vJ>9pUdI9NglDbk=1B;3
z?I$LvE7=+EnP<F9>9P1kc4j&g?j1Z6kH!092efRhML)f+K`rE`+fVotQ(oIM-V@%7
zFRCqDwos97AvvSV`(m;4{e%7Sp;IxI2$RUzTw**vGdAY!ciiZU#h*Rxz33tDKYe<j
zcM$%-bi{b2N5@NM;`7sEGgG4&Ak&3pX8v+~)E^rQM-F-T&&I+}AM$8Q&5VT)`so9x
zJAi0Gn4(Ea-iZ@l$MFN`p27WIWMK^Hz*F9lBOYd-e;Go0LZYSvH7TS2I1E(v*Oewa
zYRg<IJ3lw={Un6Zv<_J^<8+Beg+^gIJ2R2dammhP<5Q_=-ETX9Uc1w$>Ilt`B96(4
zRB}>Sv;ly@<L@<g$J<Z5fOX{0Op}4*7#<HA?I)&F3)zX$IVyBUuiCKdF~rk}#i^OZ
z=zF;hSG771p;^mV@)(H-jfq(@W{qRX@W5iR$ERjyCg;=f)Kuzncz<;hIOJJ?6&hBG
zWLr`<QX5nqrT2)ab!{E3(Nrd@2O^23naRe}Gjrf2(-@|Oj{!=>VIWSksTv<2`%U@<
zOe~0QNoP{?qca|+jE-$4F*-VT*q=TgpFcc*JWkYc{CWQ(x=@uQlW-YjPN7yG{eIM|
z>)IVoiqhE3oEN4o%h!=d_B73Nz1=<qf|o~)+nE&B7x3Vv`7tO`bnLW33C$|+>1S%U
z7&Exs3#<?@Ru?UH-RYVha;2W~x|Y}CdO~DD_j|ocZ9&(rXTgm`bz8FY#dat>mzrI7
zolvh)*M5R-QM4SY_67!r&c%EB&YkKz_rvk?y`LEB9iZK6$%M+TkSU{nIWg{IZo+_8
zd$#+B`%Y?E9U?E0&Ejr`0jG^AoSaC^c?S>J#eaZSzb({~)_vPZ#xw%`@$7_drDCw+
zP^GJx#D+bs+RG%`PdMhfXlJOcou>J2`_nx*cs@RGq0$&NA1D9ORF}LF>8Ui1T`qIw
z`A=UY8&?w3Oce|63L<CF9PbI{ex<{xn;q^yAAhzx7VA9~?>=?vJjJFuV(&3v1F`;d
z1HEo2=`Nla{q#H*dN$!tg>gqd<T(ZLON(ZJ?a0t*z2`k#hhRe?c#7da-sxRh%%(Ch
zR<YZzFDvy2`M|>wSZ7zPo`<k6)@+F8sHEdsF@sf&%}WPL-<=Z4EN%hdnpGZNn3>z)
z?m;!}C+4T;Gx{DJS%^gRJ&;SNKQLybXwQV>dKb>j%+DoL-jB&;q}N0IG)6Mke||8I
zA*FF)1GM2iAGrt{8||ORj#7Qq>QvZSWn{>;<iC$4)c=@gX3&B^`n=!XL0j{Eky&>U
zQ9IvPT(A}WKw)V=K~d2m;m!3ux*v~Un)j!&{xnX+my_v5ItIqGmvK1a^Pm})LmnLh
zyU+HXqu{TnL}y1U%c^vT{QeY;WTk1hEqnW?o1*TQpC<omMqG~polVTmf+vH$E8x(H
zDsva0DpH4rJLz}|k{hObsgC0wjRH62$XZR3g%egtyWrdg&FSj?leTeYVg|Qx|FTaO
z`eLVgPY({BB@1T9caBV`cNTtSLqU)99Mi2*?`l<OH#S?LQ?6Hyd#4VgSKj06xTt$;
zj*jL8W@2S-K~>uj)2BM)gd6<o9hs&|>ex|^x*oLZ4PQSE+&3<|G@G4TH#B?zUOy~8
z4XaT%=VXXg-L+?DD^t@!oV)*<j|<6+325b%{R|#H@Tfr#AMvp%KaHmbEn&u#gSEcn
zsDxMU*q{UhoSo5UM}6}bPi*h)@WBHxaLCm^1n<Zll-tLG^&K{+Xk|~dcqYd=t@_lP
znZT+5((WE-*~%j~ZZ2G<5@RZTDWUX(F+Fs{Ojp$konop+_y$GVY$}fHI82=EA38VK
zdp`d0-sj@or{hECK7OwM!Z}&o7yD%AI%UUY8FnwxsBOn>Hl0XLrm`8_&~f99o7-QF
zrC9gLkM|A^#ADq91M$KB!S1s))jiJ*_HI~db-R0TFT<&1BlV5zt%bqi4VBlevU;b^
z_s2HW+@R9xnyz)99PH~q7vCV7>xQo;zVxnyri44Vz2{D0bO&O+C;LwK^`2U%u6G!f
z6tdHO=LZJkl{4ObqJ8H+*?qPT=1#@pCkKX}-B1AU5!S6g*U#qZys@G7z=gOzVxqD8
zWHt(o?fKzLnT$G&qgqDMJ9v5*Mv30<(q|7|vPS4dD-ykLTg8Xo$5Enpn|N)g%R0F5
zP4HjiLvI{C{3ZTReD>eiq`z+`Zinpto10V@*AIgOU*DuA1m~E40`(7;HmREq2f!uf
z-#~rKckwn6IoT%;g6WsP#D9VO!FM*PsKYzK)GpP36L|=4cGC`f;H%65yfEAn+N|i8
z_#{u<48F-s_JgojWd0cHckS7%BFIVpr;&f?UY+W4csn@ia4Yx>^PeK${!X15b~pe|
zGrx^|3*KVpnCsB>;6C`r+zdY0wOQSEI0(KYI1D-R@8ig~{^({EbGR9tW*$Yp^XE3J
zyu(3ok@*$mTfewjtvb9DeAnTJ!1o+(1Jh5ZsD088f+v{20X|Yhe;f{iR|Vf?-h@09
zYEbu>VbUbLP$v5iqr7!%gYuX!f&)zrD$Gpn?nh<R;Q)9<aGLp7A>S5hPzw$Rz{`TK
zGygfYcd9|%6nvZ6y1UB!O~?mh4eAc_zk#<+)T_J9a7}Gls8?lCe^1oYi*)M0)o)_9
z`nyGaSky<E>8Bdors`Ep)DMgL2~nRD^~<9Ex~R`HTYql~`Bfo*hdB=awq_9@A%Bng
zr%+!Xu2;M91qQ|AtKbK_>Q%(y5V(uk$}cc~9rA%w_3Em_&EV?}Q~e5a3G#b>u3p_{
zrY{~pjK#U?@D}izBfkUkcbFf8{Fc}1RmtI9;JXfQ1>a*nMe^6NxUoS~|A;>f4l(;w
z|HXRM<nUIo$E@c=9`Rtd{f{x*cuhD=@k$H%6=oZ+qQexgHHRr)C1yMSWB8Ja{MY;0
zRD&93{(1P{a<xIF9S(qV%)f{F2eH_$I~)M#nZJ$tzzuv;Ex5?sf;jHH-JsT(&w@XM
zPTX-g0KO+!;R_`4cLDOvYYl3*!vS!F`HQFzYz?TW!)@R*4(|iU947f;=5Im2X-`0<
z9S(r6G6xXHU}r$lKS3aWEMFIVQ}Bx5qTp4*cLbLNmj&Mw9KsjRu76E}J;7nYU4qXr
zKZgDXUPFACp9DXE%_hf8^LFbL;>B#|+ik%`W^Jz+P^+T;9`i3zdv66)XshXu<=xDy
zsQ0iLdCdO;-t*mn3NzEWBk;X|>Jl7f*6ril))=$C|AvBU#Ni+q|1eR<Q=g~GSntgG
zy!G9B6=iP5ynW~%_HQ9S%zPB}EvxlvLDc7%r%@kx6Z;?YXTT5M!G6bV<LTjt3U30e
zy(qJ-Kf`S8#h9(V1tFhjzJ~Vdy)9~mS)ca~1y#}EAow1$-Y;T76~ec?<PUKG+{CQc
z>qt;}4hO(tW*z@*P<1iCj`mw$45~8@2f@S4tEg|fit%CoXOdqIstJepfYT0d2QM%m
z!8&PqEvRx1cYv=tyaP<XW1#*lK)y2{RM#Ee3C=rw6nxX+X7Gx`q<`CC(l0tp`l}9;
z{vC%&|E|NNe~<YO;NQ*_#2*g_<S%g$yqozS!Hr)>{Fwt-S3AFf_&fYTaKzzl;4{pp
zA>Xo!_%qx2m1Dkw`uex9KJeQEYX7UmC5#XAw}`(PRBOz7yvspVVy1Q6_C2(Z9|e&9
z$H1+)*`}F41#Wr=@noK*dfZHJGyg33p*<m0Wd2R?)_ozh>d0@0{2KEgqdwRbQYFD<
z=5M3E`D{r49_mf_vl;8oI~7tPJeLu7fj@92q?#Pw3Es_|LjBI=kP15-1k-aJ>D%*G
z7c-sr9+<-Z;V_;5&N%W9;5-_0n9irejy&m)I86Ezjy&n79VYz+N1pU^4wL>>N1pVr
zGrxlVZNCvxd8eN2-E{QH-U{;<A-^?`@p9_Pe$mk<`>PI<y){Rk?A>vg^h=IB>ECsj
z^vjMs>ECmh^yz`yjtA+7947rHW;;H+9VUIxkthAI!=xW^<f;8Ghe<!mOy}t>I8UE(
zn9kS3%=Y<Vf%y*+&z4X~<(U5(ylZnvU1fe7ylrbpEj#ktAb*|NuAe-!T|YOO?fO}9
z<Z1mBnYUoyfAB}KzL*~Y?->lKJIr+7*)fdu<!~do%shqqZ6jD;%s&ARjfT`2{3wma
z!#=;q9H!^@VTbAYeT3OQzo#9h=l2EX%JVz(*Qoso#EV(4*V~Af!$EMK87}E`llczx
z_k08MnVIJI_Ep4(**=e~GTY~oI}X$HNXe0>=aIY2_Iaf2Fg=glbC{k-=tp}LFZ(>w
z#H`ono7j(-_4<Q<o+D4sD`95)yb^Jko>!vG_IV}7T#x%s^PP|yaX0`@Gao^H@S7pE
z!feO$w!<`@MTcoTSDEd2-f@`5v&3x2^Dgr^+S_&)hrahon-pGjh_rySq5fqY#?Vdl
zu8GPggo?-IYj{WCrm_aSliKQ*;$0rg595sDrVy9oHeHi;b2*MTHHqGpkw3ddc^8+{
z8Ou$>TwWGonc(u0D8I_(MNv-g*r?r@D9>~GiYOo9@)6wg-4wR+qFix#NtCZ}`Bf3m
zoV9~B=%yH#)0xyw%htZI6Xo)oV%(d!JT2_pw)QdC+;pAG>1^btGu96FI5*wXfOul=
zy6MjV&CdMv_y@LUP`*RqK+VbHoc=XEm0Py?=XE)5D4gu@kUKk6gR*RM`ezSRZr!)#
z16)q;oGIDz-@-M?dsK*I%Tc5gwL`zHrDq*V#PoaKqF|5XYwL4@BfP#S^YD4v;WqFY
zhxdX99exx%;_yE3g2UwBOAeENhw!09#pF{IA4-;E1}i)wI4w9Qcv)~>@QUD~;5ES|
z!DYd^6DYI(n|WPjk2>kpM+8R&#{`cEP7BTnUKX4eydt<LcujCga9J>3*Vpu~Nw6n4
zA~-5ICU`_}T5wMAvf#Yn6~RTpYl2IH%YyAzQW<}~k6HEvM+8R&({~k=tp12#`tHK5
z&k0@@oEN+zxF~o{a7l1kuy)k(w}~8g*c0sTH#C)^qCO^gL~vSgPVlneyx<kVMZs%=
zOM=US?S4$f)So8apDlZWBZ8xXV}eHnrv>K(FAL5KUJ+arye7CLxGdP-GHrk9yBJEA
zJ;4#dQNc06BZAX{bAp!z=LN3_E(%@~ToPOstoS@=``aYg6C4p76&w>hA~-ELCwN(K
zUhs<GqTn^bCBbFE_Fz)!KOa;qdx9f^qk`@E*Xoam`n2Gj;AO#i!7GA`g4YC>1eXOX
ze%`SDHVMY--J10f5gZj96Fed~EjTB5S#VzPir}K)HNhppWx@1a5v5B11$%-cf}?_C
zf=2|W1?L1W3(gB(5nL3!Cb%THELidLRHgrdJ;4#dQNc06BZBF>AUEDQ!OMd4f>#6=
z1+NJ%2`&p({JdA`zhF;rL~v9veK+LxZ$xlfa8B^D;Jn}!!9~Gqf=hzSg6X>|*WV_=
zp5Tb!s9^do%e6NmI4w9Qcv)~>@QUD~;5ES|!DYdUpC>EhFW5eR+WLs7j|!&m&T9HE
z*uF2Y_U!Yl<z*qC7rY|4D0oe9NpM-P;`bD`efloW_1_a55gZj96Fed~EjTB5S#VzP
zir}K)HNhppWx@7^My3BvqW^;FyDv9BQNc06BZAX{bAp!z=LN3_E(%@~ToPOsjF&Vu
z{b>^H362Pk3XTaL5u6sB6TB=qFL*_8QSh4JlHjsnyiBX@zhF;rL~vAaOz?={wBVfJ
zWx;vDD}sxH*94aYmjx?)*F~u^{{?%3BZ8xX9}6E4zn{*~52)4QEdEKTIy{$}I@~jO
z`ml!TFI=gd{#A74SK{VhX;=QicICI^`e)$!7uoCnhWPN*)C-sOKLNo%z^?j1cB)jh
zfnSfWXW9M)x8`4EtHby=rrE?L<cpVe&V5m5dwL@ACx3|ZE|WjO`BBcho;2l0Iq%^7
ziQ}gH80SYh?|OpmaekchW1K(H$$Fe0<-F^dDL>BnG0wY=vOUi6uhg~Q9h`SXxSsQ4
z5i>7-(7%5J1N_RR#?)UuXK<C@$Jt7O3SVXE_Y(ZrYQ<Eva#edl^Vm&K0?6h@`u6>~
z)#1k@i|QDz=#e2>DKQu2UX#bToQ_r0Ppi+{tp0yEQJIXv2*0-vv%bx&zU6jYkpCO$
zN39^|QvW+BmoX*LJh%T6=d7;x0eemPxA9r8|IyP%Ds3`F{ijE3+rI5Ty)$30{e4G_
zVvP3>LuMbc*Ob%$A7s7uSGaw<KT-Q6C)-~_*`~Aa&LGR-Q%P$)|72XHum1oIeq~zG
WrHh3gg9~hc^yvS8VcWOghx`|Fsa>!D

literal 23808
zcmc(n4{Y4Wb?1jGk-M@bkrKsNa+UZ;Sy3oOD=%q^X5v^~N}?>rin!q)OSVthT`ia5
zh7`HvE^RVOTiUS$B`t95HED&ScV%q_QCs+q%@t>%7jzeg_Mkf$R~}llD&V3ETn=Zn
zIbhqmsBmZ0_kHu;><*tvIoGu4z{~l4-n@A;^XC6=SN@s)b7w*g4aS8A^LM6BPHIf~
zx%zY5KE}-sXqNV{{H-k#BXbCk*B)N`fF$YoR-2H1+D4}IBFEt-V|L>4tw!dzq|j>*
z-?jPP+9vXdvGs{IU9}psbK7mg?CcI3Ux5@VX0ToKsc?jAN7znV!{^P{|I8~#*&S`T
z+(7xM9#lYSmU0^t1{^@F>v8SjJGOq&h8IY^mTxvq^kMzchG!f4NiOzhXCK-`?~4t)
zJiXj3JN5!f`AL+h>oMB!443cPV+nfF{!+#kV@eYepW*l|bO%{>e!up>ZQGvLAlr{m
zX^izsU+38M>t1XB1FK6ZB`GJloAoXrqSTilZ^3i3q%W?p{Zc#Yy#zZpU6|@iL&x=(
z^Aok3?7b!ZKiUv&unakc+Bk9jCh|wpoSvJbQjB>=>ZAR4sr^x#BOEs72=waXuWZ|>
z^`qgBTm44!DQlPXsfli!`{SmE?4e$iuI<#vPph@(#tpT%dY^ow4LcfANS~E)v6=nR
zhKL<Uetk~d$8NMCWb09~e~npuoyYeh?a1WkLt{wg+7b3oZjL*?=3n^H`r|7+?{&K`
zwg0WPSE9*=aP4^+7qTum|7RY4-}=AwI_rgD^!*P$_<+YB%jhqSSE>(<X9|no;d-~3
zisjPFHZqTVk>lJjE0(&LYxS1=m)if-CXhW6<;Xb2L)5DJIJ&g^k1UslY-Ff@q_OyG
z?3cENCv8G5&GR=m#_LrxqsgUtTsF6I{#^QFte>UT5c8(ZM$lvb=28!^oU@tc1gAHj
za(V~tLvD;_FY?#Q2`uNbdu{COHp@EQ+;7Dw=K$-CJ<NJ8f9ew~PjiPgi$9wCIA62)
z)%m@-ljXV0A+{qto54bla0TU(C8t*!wqjFS;y4=O2D<g8wvLT(dUH3&IjOfU-}M8P
z6F~JPi9fkzi}@|g#jx~i=~1@xRQx?2XHt)5k-PCh_Nd9xP>0RXXg+D<wDf05{O}T#
zsOGL+7f=qZQ_fH647aN!_1EcCPe1=`h8OgIPJjLWkL53#4OpjSo;9~yG<&U>Jj0<R
z<3A~WcYdIC(E3l(OEQkMpJ|?wNvA*Bkhb|sGA?QVrWrwc6rwL*vT<&R$Fq}<hMu<_
zogU(OT9;oi?YnQDEWKj0nMZg!nhPkD>X#eldHIg?pUZdY(S*(5uMYtvE<O6nIh#(5
zD#8xWv(YUBc7o(~*<>@?@U&SvfPL0$4~@i{otID5?4Y~MEOaT1hT^7(cy@>#KN>n=
z(w13aH1s)>v&@bk4Sm*3Sw4url)u+ZTjudT8tO4KmU&)}hPus|W!?uzLtQ2dw)1rl
z*1<P;9UR?4trIz1Zs&D?^qag+Pj>TqMRGcRPIhy@Ode!^SbJEyHnfMXT6{z7Jj(qL
zh8>z>i?2)hysa5G&fL6y<Q1w_{haq2p8N0_HO(Zho&VB%dElhgIHYk!D|Pf`o~N$7
zwh(ueD~Hw(ItN5wVLNXA(>g@^ar9O8Pov=lh|W1^f;}%Ft9Kre{gl<~=N?i<C{br4
zEPjXg(?+|>Vt@VoT|3v_LO!zR&MEFZW%~nio!{--={~ZG^ZV0W|HaqYUg5~!Si6N^
z{%aeTo@Kql^MA$i&sMoy6iQXTcBEqY5kB@Be_yZOXJ0S9!FH)%E6{7RyE57-exQD^
z_IY_VCFhUVB_GNs`>s9u{NUyh^*{M%@z<n%4@>*L$?YqAS=#l>+^%b1;r9GvwWE2K
z>wE1Z+VPR~U*U1`Z8m58ad-f-=qvx8`wMfFLg_fi;YL3HmeS0nGaN@>dz1AKiXMgm
z&DiLxzwse?VCCPn^2M7x|Jt_lxufLer}-Iu^>wRf{SU`ao}}DZ2Sx9@D5o83?c_<S
zHOAi_UKdz?^JL~EE2a;!!_sZMZvVRxt8OwUJ2>A#ZfLrV_3G(IZ90`7!&51+XmETr
zRO56T=W8@<*RMZWj=uWMdi^l~KdSyz4%L{>>vlg$0T8G>Dxq|k2<HVX{}j^Dr%<b}
z$Y;ABwDK!RCy&e?=XGyT+CBMsKF`c{lVzN@YI=PBa(c7JdEL5#`dB+L`iuKBm;%Yk
zV}tz`P3CzX_p{wJON=R;V*S}}o^XXzY;U%k^$VxCyxDG=outq8neFC=6;5%zXS=z;
z!YOW7`X-lCl5$^?dK8AaTwhN8R2X*U+hWX1(%!-;E;o0R{ZTl@<<`@=T(_^ZZ5gr#
z(yiR@?);eE!{cV~6x+Y{*>`Qfr(1bk)b+%FH9cM*(ycuHGo75CZsq+h)5-bMt${V1
z>Ev?Ktp|m<9*b|VolGa&q4N>t$aJ!u#W%P<nNE_{&%2pUwv&65{pRM?<VohqE~{=z
z`#27x`#SI#{l;TFuAvqO7uvbsYUiJS#rp2vG}+F6E&T$^X`QB)M!$B*+R3$XyPH4B
z={fO7v#dM0Rvrg+mitF7o&8i#=XN`G``2XWF<U^cRqjucf3p23%Xjm6qE?UH?C&}U
zR<F*x6(3N{{ZrRxf7hAsb9Lr(ljGT4JU^~rn39Lwy^PignnI1{DO+ACXCssTc^MzS
z!2Za5hB>p3IoHnpntPP>C%c#@xf%8x5l2#CANNP?Ui|Z{{|@Rw7AN;{J~}T@nB2$x
z<G6Molm4dqk|$_gqwpF&)I<N!_e7h$ANnrpgKhi+S05U$R8I68fBN@`jPn!8sXm*v
zFMXN)Rg&@O))(i0cdmE+l)lV<cK5{#7~l3@BIBzz{(5-aPJT@0Dcndoot@b<Du%F8
ze|JD$l74Xa#puhwYun}gUVG0a{i6HfpWg30Ug_LOT}|gHn)y^exTJQjY&37$dPDSM
zg<t*42D=ZFks=DB&+p4vhA2d3iYpqZ9zhLlb?jM=<TRS8z6ef_2}#@{i)5~rhw@1X
z@ocfQPDjcnA8ZYfOv|W~(Mm&Q#_{<SJ|thlrwboiP0RS4zz1O`jS80!k0BnNl(fDb
z(gu=;c!i_K^*UZ%<t@sGbsFhHg5cMicV1(3z3I*R5<XOKx)qi28Ndf&=Pvy5>rHcx
zt^n|<J@L^kyA2--m+_(J0G~;Djw7Cz=M>`C<ar74x8!*R@f-LcL})erb^Ex!A5n)L
z)S~}@4_(oI2Or3`%QXXJLNqg<MFSw;O1hWu{1cRdFwWP#2(2Yk{M<k~G<UBt@AUf?
z;?N`b^9`ht5AiX-i01$?g?}y2)E6uAOtx;yGp!D9;u#^*jz8byXZy_y<ta1oq`p9X
zT?ie-(;p!X<uy^6|AY0+|3OT8J5dPL`v77ZsK=>Lh#$ot-wut(XOM<*XYEX}p7~kC
zq<0H3+4--C$<ALOrt-q*a2kUL5YxQrLri1&ONgo7Uqg(r^AP^{<sAY4ChOYr%B*MJ
zK}>pK%xNmG12L6%7BQ7Kj+n~(CSoe@-ylZVc^H2v-|uj`^}@#~1%c{uz&`QwC%xwm
z@A=c-a|w1(zO}<UoiPE@xj23{x#^-wCi{kl`kqS;4?N$W9C<F$pG=zKVm@movx~_>
z?kidIVtQ&m%a2#n3(4$saW0oFn9R)dc<xH_YC4a{`RQVIu3%wdET6nOX2#ORwEcq&
zOv$TRh;q|c=CXxCGB=)^9?LG6xrOBHd=>>TX4j`Clk<;vnfd8L?#gs_ET9T!iVKFy
z$j{AONsiA?XNb(P$BsRQ_*jM-6|76|C=}=BGc3G1794?r!@)JP?ZufKi0VmI44w))
zSaP^yYG(S%VW>q<xYQ?o^?<^r>QK#%2OTwI+2Ta->7es)a3XNlZ1JRowCITmYD#e?
zc<QO(a(+BHQJk4Bbo7s$O(v29iNjWRy~SL9LxWZ+mye#vO-u#tPX)(=uYT2R+qR8F
zwuH=#l@BBmLxUrO$<fmZ(dZzR@wxPs<jnYZaLB91KqC2tGr?B_#Dizf4EK+qJ}@2Q
zTG`$SGKJ*)^!Uuw7&?fXkSWYxO^)Tp$2($21N`TFk;@+qXh_YBcO1#(4<qd`yai?Q
zCS?jvoCrF54x@RDhl1F`IKts4gU22VF#2*=p=1XnQaX{6<@}$9fqMQ8waJdzHkU2V
z&rJtE4P_K<U6v_$O`=|*UYIV<OcbnNiZjLJRCe07+jU?N_1d&y5B1!yi+Z9bUc_|C
z%}i6tJ?MoXmxpjVyHK1Mn<JsuNp<^v#h{)~FHX&*$L?3V`LVpsE<MFl7Bd?TkCE$n
zX7E(T%#i-WoK8;7%uLSbli8{4)s92;xqdWo04vmc<goUPEo8m#P;~UfeH`biwn473
zY@ulVoxuz&6qEUxIq)^<uN)SS{EHYRB*+)C^J6ms`rmr6kRBVGJC>X7NzNae?@1DM
z_Pmh0go@TRQ8M`qGEZo;kNqgw>yy;)H1fsx%v{hx>rc-57t!Zv(Au^0Nf2t;#nmok
zF<F2|F3*o6Bl*Bh5=dz51fP3q{d&P&D6PP72V<(x%(abP*Fs6O<JYFj#M(%SEZBB$
zlxQv3)Qv3oo~W-eZdAAib<AaFH=GUBYNSO^(0)UMzHV=LWb}OU<iPpU1LvPk4)uR=
zw11eEo@?wXHxH&b`_=T797Z4v*lb_udwSrM)wM1P(#0aSCUiKhG98(T^jvV{u$#$;
zX(~IR)pXT&g%r3D<iAp!u%*-t)+$tMY9YO8OY8OuX*)5Txn7$8>r<!auh!esH!?Dm
z9KKL1jEYZE{ZUk}-c{^Sx`HLE@X`xkzC=EGDLpMzv*6Dlstk&gna`V#b)zlz;^0v7
z3w?=1|LJ7k>C;2xn|hDkr^AL5gXf3)eOJ<!oF4n~Jf?Footx^w_Ifn%1j);b+`+DA
zsJHIBAzK%0s)U-N`+K^B%ZtTq0mf=}qxP|uend_$;(-m;zWU(?tKYh1kIy~UuQfB6
z)!3k{qwH3b&J?lGgV)XSj)j@IP4);%iJq9Bo-f!9HMS6o*$qu3)E*dPEm|2-al6(Q
zX6ENI+2Bih8rk`fJcFK03=WMX(WTTcVt^LB7h;!SW3%=1@h(cQTb=6gW*HgsE#*GK
z64JjE@CaJSjlGbIcGA-PA<t|$iKv_($uC%nek`{{PmouvOJs4qPxF(>%k#OZVs0A8
z+pC%UBAw}y#j7~!$l;E=<!C@By1sM$=gIjSWuk+i)0M2W5B_KwS+iEOUzXeCX;ZZA
z%H^qk>w4Vw0i8g2vyj2yb_JXuk;J<IB~f<d@CTg?L8=BfFWcD@P%lVPp03MDx~POx
zvQ_Z5LF_!3A0Iw8b7dxGu!ZNY=E%Z8;&lI+k&$y`fmeL*V1#sU;@1`wYaEAiTPn3~
zeHL1cc`5Ydtn612t=h1PwzZjwY-SS0(>aTM#amF_Hq`9djVs|hzrG{WP{}^tC0>U)
zf5W#&`w#Vtl@^Or8@fhLvm3i5N8QTV`OpisdUf4F*y*fmAP&+0pJ)F}LA)P5;VjvE
z1KlK&<5Rgjt^ihp`&68@amA5{TKT6aNU(?$XOh+?d0t(=?qA^}hhgBTpZ_TCIaD3U
z?_Xg)D;sxi#RVJZwE7jcFo9VCq}4qsy0!Z=HWx`U>2Z_4oHq8BOE+kk>8)F#Q%v26
zY*3V2OeOK0go#swqvuEZhmz0qKbPz~lN>$&%=y6!=e2ks@oe`7vK}qN>ZJ;G<@m+s
z)0xR^v49O78*h@gzjc-peW#x39~n+2`i6&-BZDJ-=hh{kd~T$F(?plI?<DpzoJuy!
zzInQ{FmiFz%o`@Te5Z#76PxDTB+=#NruCf~85lgD+{Bw3x^JC->BR>P3BPmu&!0x`
z4k!9g4V)S1KfOU(|3xH{%gzi84UZ&iXS@%o4xE3s@7w^)olYcA4Uc|dQw6*f*f9P4
zpqQug#-_Q4FC^^|6NP<9XEWEhmLI!ZD41h7suk#!7rj%bcUu(beJy?7!Hce{yzHX)
zXLs<S_iGgBT_s-sSy@zsZ-f6BA9{mG>BN7J&!L-J?DvPnq<iSr7W=(A@kMac_qUh{
zJo}s%{wbtCSlME3c-#bD6aICixBhU8x#w{h9D$td{Wr@0{uUE>yayZ;{sH0$-qfD;
zH~>?<D1Q@P0B(zHH7SpGgBOI!ei-(y3;!haAKJgwL=aQ{uOt5Wy#~|b@lG)P*3G52
zfjfl%Gvb}^H<(_Jo4^-^{|50kyp@~~ZorGt@WHL-y6|rBk>0K5hR0#>ZN>CLmCAnx
z@t&XCYI;2mgX6-ph`0X={NwQ+@Px<vz<H0`!OI?p!FPmz6Y*o^t)}X67~FvuyHp=a
zCr$|e1vnCEG$~=I*f1eXU);29Z#2uorx7=`G@2X2gNP3WjpmleP2f9<?+U+$xINZr
zDjqk1tBUUlyZWGtw*J2bc{tH%_6q+e@D6lVhw%RfZ(9f%n6&yXy;r5jRXR*seV6~D
zN}o{aOTrC^cT9!MvP!?9(r>BsvPxf5>33CnMcB3HU8UcG7xmP?u0DbAQRr<i!XLt}
zeP@NK-62ell<*?>!QPNr@Hhg#uJp^o-++G8>5y6TcsID>F{M|9--Q1Dp9`6L!hZn%
z#B#_)@P!7|pLiR%MVRz=L4U9CdzAjIkO@3~2;AZEc5tsSebvA1M##iH{sj1}a1W*b
zO2{NU-VRO)TYs&<AHvRG%filIw>&0)-B$WlVdpRU!i3sOO#W)|nEbU@*p2_|!gf8H
z!h95d9`$d%j``<t6L?klXOR9N24mUdCh#5M-$r`V%|>%qaYdN=anEhcPvL!N$H%|l
zXzqF31a85XTGSp&C*CXE58jQz9rL&e92d@!{`Mww*5h_?!sCPBiyo7HO89%o-?G2S
zEO^`mzApTSNDp^6nPtT{6t5`0rFd2GZN+89cNDKFzN@&R_+7<S#rG5&e1S&(ckOKv
zevkb7ttQheycPZSz%u+Td>p)e3jP*$<84Xtbzy4{lYd#I-xeN&y{31X%pJvdg};sT
z;N2!u5&m89{vS4(cZDxvpKp4v$=p+H@I^Vb&z6sGKU;+D{))vT@Hh;<D{Rk0RjfzC
z_Pq2%tQXta-k+oVefO|l2s{0_@CQh5y@T~YrB4VyiGFB$J7n_0=fDr%4VfFl&Yux{
zq5n3(+3OH?=`mqvuUFXFODX;9!e2spp<tW2A#BfUN5kfp$6;_q*sd2??5Z9&f$s_1
z`HICaf*(3ieTkdEEyC9SMfh8I8s)crHEd!Yhrw~-ZzH|sdf1#5{*R=O#WUgYe(*()
zcY;&G??b=!TVXTdaVI$M@h<R!a6iUP_e$6-dAtXF-QzCsvd6o@H$0~ND;`t+TOL#X
zRgWou*<;GT<}u~32-7^;vkL!v90t?3;N<Uri}dF2!~ep6Ncz7A|9kus;JqI20LO$|
zG0t1>!2iN-d`$?SMtbO-uz6Q_k+_2X!DWNW{~qxV!sfQ{d({8cu(>1rKat)J;a>cP
zfb_R-M}OW!{|SEz-10vBDSU#`gNRuXz6jp8KVohPFMzinjF?qVe<$>B3;#=`hkGOD
zj^ew*zm4?W=OU&e{NKUB>4>QcH)33W>}<r`^LP)Keq``A>feR*J=jcJJPw2R3cK@G
zAWY}02d1!ocueQNn5X{$&ZE5^)A=;+=~I6Ctp%0u&T9!zpYmVynDVDQeab)KF_oY9
z^eO+6@CCGQ=go+@?xmBxWiLP3yCIx|{`M90mzPfVZ+ZF2{;J1h@3yB;_R1bp{yUyN
z<zMrd^56CJDSyRd%KxsXPx-4JQ~rCNKINw$B>Dc02vdJj{uYlZ|6Wg@@&_JM`5nS^
zp58|1X^-iA9T#@z>y+>};m_7c#7qdk0e)y}#N>s`;2ql|X2H|n0sSRmH-D}RyZN&$
z?B>r6PoL(`E#W_g{RjUA=9lmf!TU!drYzisb!gW`%rB3d!FPo}gY+FK%rD{3gCk=R
z6T=G(@~^vp_j*kC@3_Zw|2`}1?%x+Zru%nFxOV>*{u-4(0e=bG`Fb1v@;D4$5=ND5
zSQh>c^6&pWjAvmQ-#hQXKf>-lvMTKEBV~{2K61y?r~Am7u)B}k^_cD>6_4pYQWbXh
zk$b{+e!d+s5&TGx{AuSO>enJn`gC8}E9~wofyZ=Ti3z*=N?iC4(Ei<bBPQW-6F4RO
zKGMTKfIoy?f3A8={dwDC>d&&U>(4chsXy-uyZ)>QcVpk#@h;Zij|f}n1&RtQI2+P0
z)#z;Jhub2@F>YOmi#&!o?}tF-H<X=Tk<(q(4+)Xe9oG*xM4nRel*n;RUKf@`-l3Ym
zEb_fdzAAE~<a<SqW77H{a%|V@0=+vUzjfd&;fISNUr=&-cSriSl$_rAk^HRk+bxmP
z8PpF8BB!&bAF39%m<45LLiCrn``Y+jqR1~QJ1x#W#;_mgT_x3%&Om<1J3Cm*{LmqC
znlpa*FM!>!<3bDl5EkJqKD$i4a|040(7!q-c|d>=*uS{rBi?1OaY%68NyU=fv5S96
z<T!HK;N-(1r+2>;ocv8ZlbwKs2u?mB<DSZ)-)YjFh5|AD#`TtBx}#8V=@W|GJR-C7
zJKWESeTo8n&U)Mq9`X19nBFl`py*M27Cff<z3MU5?<hVLNKAE#<3qu5g0aRa#d*a`
zikB6yC|*@uR=lRTqPVKqHUctNe;&Ve4ych{I?uy;dR(O^6sHvPc(3PQQt8WzR}`-*
zE-PMBTv1$AjMwVx+Sj5uP#jYnSDa9sQk+-3q<C5JisDtpWyNcXD~hX%-BMEPe_2`_
z2a02g<BAiCQ;PG7mlQ86UQxWNxU6_haYb=eu^sr{_->(wdmJeC*Bcs2ah0A>oKl=u
zyrg(p@rvSA#bw27iYtn%irp4KVrox|YzdA7#WBTk#R<hJ#d*a`ikB6yC|*@uR=lRT
zqPVKqZJDmUEwY6=4iv`}#}y|OrxfQEFDYJDyrOtjaar-2;)>#`Vk74=*WMPzf#R6r
zxZ;H3l;XVNCB@5%R}`-*E-PMBTv1$A><%Wi_RB%VaiBP+IIcLMIHfqRcu6r{^Vs0Z
zUs1fOxU6_haYb=evBA4c3a-2s#dwXoE<L6=t~jAMr8uv6N%6Ac6~(KH%Zk?&R}@zj
z({~gUYVB7XD2^$PE2i%(e0wRydBsbL={pQR|BB*O#bw27iYtn%is?HHzdZU5!)N*q
z!{?adxZ;H3l;XVNCB@5%R}`-*E-PMBTv1$AY~;RC>wm?8;+SH0e{uN}Dm|r`zLW9&
zxun?LGo8H^mA<ODtawdvMR8TJk^7V@uSId7n7$M8>mOH~P@GbnSG=TnS@DYERmEk+
zYl<t1tBQ@>(`)Tl94L+{jw?<mPASeSUQ)cQct!E5;<Dm3#TCU>#r!WFz4cGtPdI-B
zis?I@b^Wh6p*W>DuXsuEvf>rRtBT8t*A!P2R~6eIw4p(+y)7;4+ZQN~DUK^nC{8KP
zD_&B(tawH7s^YTZHN_RhRmFHoV?(X|iUY+l#c{<6#VN&k#Y>8p6|X2>Ra{oQrnsWG
zsu(ZR*0*1Apg5*Dt~jAMr8uv6N%6Ac6~(KH%Zk?&R}@zj8+q^O`v1_UI@C{<3-nuM
zbF7GeV`+}fWv7mv9658$LjA|2B&UB(T>C*b|Lf-3KXk7BY}@|g+Wz=?!=LLOo0@v@
zs{Pj%_=n5&dXSwu)otL1+8bGRzjj^subIs;{G-ic`ZD6ht2UOlm~$sj#*$BbhT|TI
zyCi<%36V?OCGitIlJ7Xj$0hEPxKrZZZcgu#`1s?(68CnA9f^A+#=qXS^*Y|k@#7MA
zN!%M_d5^@8OWYab@%-cd{Sz3FS0(FA{of0W?!B8!l-Ftw4ZXG|nOrw(@_6lO{R53Z
zKRf}rUw-%A+vSmKjYIP|p6I9_uSxjf;%SZ(BB$dJwbSL7<<b6jnPl1r33=b%A^Bb8
z@;i>=f$G0m{<u?=Sm*ys$hA*Nby>>);zN>ABJIEb1^Gtpza{O@OFn8pU5Q=!uKn~b
zeWUV!Kn+7^QQueS^6CGlu~GSZ`)zjnT{=Bc`J|`IzXsWsb05qgTEeFm?#cMme${pT
dbL5a$owdC5a4*i75(AWv{$C%ieD^)Z{{zL;+1LO8

diff --git a/derp/xdp/xdp.c b/derp/xdp/xdp.c
index d18a4190b..a72e67264 100644
--- a/derp/xdp/xdp.c
+++ b/derp/xdp/xdp.c
@@ -244,7 +244,7 @@ static __always_inline int handle_packet(struct xdp_md *ctx, struct packet_conte
 	struct ipv6hdr *ip6;
 	struct udphdr *udp;
 
-	int validate_udp_csum;
+	int validate_udp_csum = 0;
 	if (eth->h_proto == bpf_htons(ETH_P_IP)) {
 		pctx->af = COUNTER_KEY_AF_IPV4;
 		ip = (void *)(eth + 1);
diff --git a/derp/xdp/xdp_linux_test.go b/derp/xdp/xdp_linux_test.go
index ae14780be..1a59f9444 100644
--- a/derp/xdp/xdp_linux_test.go
+++ b/derp/xdp/xdp_linux_test.go
@@ -426,6 +426,18 @@ func TestXDP(t *testing.T) {
 		},
 	})
 
+	ipv4STUNBindingReqUDPZeroCsumTx := getIPv4STUNBindingReq(&ipv4Mutations{
+		udpHeaderFn: func(udpH header.UDP) {
+			udpH.SetChecksum(0)
+		},
+	})
+
+	ipv6STUNBindingReqUDPZeroCsumPass := getIPv6STUNBindingReq(&ipv6Mutations{
+		udpHeaderFn: func(udpH header.UDP) {
+			udpH.SetChecksum(0)
+		},
+	})
+
 	cases := []struct {
 		name          string
 		packetIn      []byte
@@ -865,6 +877,42 @@ func TestXDP(t *testing.T) {
 				}: uint64(len(ipv6STUNBindingReqSTUNFirstAttrPass)),
 			},
 		},
+		{
+			name:          "ipv4 UDP zero csum TX",
+			packetIn:      ipv4STUNBindingReqUDPZeroCsumTx,
+			wantCode:      xdpActionTX,
+			wantPacketOut: getIPv4STUNBindingResp(),
+			wantMetrics: map[bpfCountersKey]uint64{
+				{
+					Af:      uint8(bpfCounterKeyAfCOUNTER_KEY_AF_IPV4),
+					Pba:     uint8(bpfCounterKeyPacketsBytesActionCOUNTER_KEY_PACKETS_TX_TOTAL),
+					ProgEnd: uint8(bpfCounterKeyProgEndCOUNTER_KEY_END_UNSPECIFIED),
+				}: 1,
+				{
+					Af:      uint8(bpfCounterKeyAfCOUNTER_KEY_AF_IPV4),
+					Pba:     uint8(bpfCounterKeyPacketsBytesActionCOUNTER_KEY_BYTES_TX_TOTAL),
+					ProgEnd: uint8(bpfCounterKeyProgEndCOUNTER_KEY_END_UNSPECIFIED),
+				}: uint64(len(getIPv4STUNBindingResp())),
+			},
+		},
+		{
+			name:          "ipv6 UDP zero csum PASS",
+			packetIn:      ipv6STUNBindingReqUDPZeroCsumPass,
+			wantCode:      xdpActionPass,
+			wantPacketOut: ipv6STUNBindingReqUDPZeroCsumPass,
+			wantMetrics: map[bpfCountersKey]uint64{
+				{
+					Af:      uint8(bpfCounterKeyAfCOUNTER_KEY_AF_IPV6),
+					Pba:     uint8(bpfCounterKeyPacketsBytesActionCOUNTER_KEY_PACKETS_PASS_TOTAL),
+					ProgEnd: uint8(bpfCounterKeyProgEndCOUNTER_KEY_END_INVALID_UDP_CSUM),
+				}: 1,
+				{
+					Af:      uint8(bpfCounterKeyAfCOUNTER_KEY_AF_IPV6),
+					Pba:     uint8(bpfCounterKeyPacketsBytesActionCOUNTER_KEY_BYTES_PASS_TOTAL),
+					ProgEnd: uint8(bpfCounterKeyProgEndCOUNTER_KEY_END_INVALID_UDP_CSUM),
+				}: uint64(len(ipv6STUNBindingReqUDPZeroCsumPass)),
+			},
+		},
 	}
 
 	server, err := NewSTUNServer(&STUNServerConfig{DeviceName: "fake", DstPort: defaultSTUNPort},