# 安全功能

Qualcomm Linux 采用了多项旨在保护设备和应用程序的安全功能。这些功能对于防御漏洞、确保数据完整性和机密性、保持符合行业标准以及支持整体系统稳定性至关重要。

Qualcomm^®^ Trusted Execution Environment (TEE) 进一步增强了这些安全功能。它提供了一些接口，允许通过可信应用程序扩展安全功能集。硬件支持的 TrustZone 架构集成了某些功能，提供系统安全配置。这些功能可以进一步定制以满足特定要求。

在本节中探索以下安全功能和视频。

![icol](data:image/png;base64,UklGRpwAAABXRUJQVlA4TJAAAAAvF8AFEH+goG0bxqU4/kwuDQNp22T7Hd2/tito24Zxx5/keDw1kaw6pAoFSMK/iB/qXPECxHNdR35a5LyfAAqFBeA/Hm9S6E2CUWxbbf5gABvsO2yRgABSJERZJERCJMRBb/sM1UBE/xWmbcM46e4lUEfjF2LpUYCVX6HiHS5YDP3Jhgk/hl+K1nlAASYCVQQ=) [加密算法](https://docs.qualcomm.com/doc/80-70020-11SC/topic/features.html#section-cryptography-features)

![icol](data:image/png;base64,UklGRpwAAABXRUJQVlA4TJAAAAAvF8AFEH+goG0bxqU4/kwuDQNp22T7Hd2/tito24Zxx5/keDw1kaw6pAoFSMK/iB/qXPECxHNdR35a5LyfAAqFBeA/Hm9S6E2CUWxbbf5gABvsO2yRgABSJERZJERCJMRBb/sM1UBE/xWmbcM46e4lUEfjF2LpUYCVX6HiHS5YDP3Jhgk/hl+K1nlAASYCVQQ=) [密钥管理](https://docs.qualcomm.com/doc/80-70020-11SC/topic/features.html#section-key-management-features)

![icol](data:image/png;base64,UklGRpwAAABXRUJQVlA4TJAAAAAvF8AFEH+goG0bxqU4/kwuDQNp22T7Hd2/tito24Zxx5/keDw1kaw6pAoFSMK/iB/qXPECxHNdR35a5LyfAAqFBeA/Hm9S6E2CUWxbbf5gABvsO2yRgABSJERZJERCJMRBb/sM1UBE/xWmbcM46e4lUEfjF2LpUYCVX6HiHS5YDP3Jhgk/hl+K1nlAASYCVQQ=) [安全启动](https://docs.qualcomm.com/doc/80-70020-11SC/topic/features.html#section-secure-boot-features)

![icol](data:image/png;base64,UklGRpwAAABXRUJQVlA4TJAAAAAvF8AFEH+goG0bxqU4/kwuDQNp22T7Hd2/tito24Zxx5/keDw1kaw6pAoFSMK/iB/qXPECxHNdR35a5LyfAAqFBeA/Hm9S6E2CUWxbbf5gABvsO2yRgABSJERZJERCJMRBb/sM1UBE/xWmbcM46e4lUEfjF2LpUYCVX6HiHS5YDP3Jhgk/hl+K1nlAASYCVQQ=) [存储安全](https://docs.qualcomm.com/doc/80-70020-11SC/topic/features.html#section-storage-security-features)

![icol](data:image/png;base64,UklGRpwAAABXRUJQVlA4TJAAAAAvF8AFEH+goG0bxqU4/kwuDQNp22T7Hd2/tito24Zxx5/keDw1kaw6pAoFSMK/iB/qXPECxHNdR35a5LyfAAqFBeA/Hm9S6E2CUWxbbf5gABvsO2yRgABSJERZJERCJMRBb/sM1UBE/xWmbcM46e4lUEfjF2LpUYCVX6HiHS5YDP3Jhgk/hl+K1nlAASYCVQQ=) [存储加密](https://docs.qualcomm.com/doc/80-70020-11SC/topic/features.html#section-storage-encryption-features)

![icol](data:image/png;base64,UklGRpwAAABXRUJQVlA4TJAAAAAvF8AFEH+goG0bxqU4/kwuDQNp22T7Hd2/tito24Zxx5/keDw1kaw6pAoFSMK/iB/qXPECxHNdR35a5LyfAAqFBeA/Hm9S6E2CUWxbbf5gABvsO2yRgABSJERZJERCJMRBb/sM1UBE/xWmbcM46e4lUEfjF2LpUYCVX6HiHS5YDP3Jhgk/hl+K1nlAASYCVQQ=) [SMC 调用](https://docs.qualcomm.com/doc/80-70020-11SC/topic/features.html#section-smc-invoke-features)

![icol](data:image/png;base64,UklGRpwAAABXRUJQVlA4TJAAAAAvF8AFEH+goG0bxqU4/kwuDQNp22T7Hd2/tito24Zxx5/keDw1kaw6pAoFSMK/iB/qXPECxHNdR35a5LyfAAqFBeA/Hm9S6E2CUWxbbf5gABvsO2yRgABSJERZJERCJMRBb/sM1UBE/xWmbcM46e4lUEfjF2LpUYCVX6HiHS5YDP3Jhgk/hl+K1nlAASYCVQQ=) [访问控制](https://docs.qualcomm.com/doc/80-70020-11SC/topic/features.html#section-access-control-features)

![icol](data:image/png;base64,UklGRpwAAABXRUJQVlA4TJAAAAAvF8AFEH+goG0bxqU4/kwuDQNp22T7Hd2/tito24Zxx5/keDw1kaw6pAoFSMK/iB/qXPECxHNdR35a5LyfAAqFBeA/Hm9S6E2CUWxbbf5gABvsO2yRgABSJERZJERCJMRBb/sM1UBE/xWmbcM46e4lUEfjF2LpUYCVX6HiHS5YDP3Jhgk/hl+K1nlAASYCVQQ=) [安全外设镜像加载](https://docs.qualcomm.com/doc/80-70020-11SC/topic/features.html#section-secure-peripheral-image-loading-features)

![icol](data:image/png;base64,UklGRpwAAABXRUJQVlA4TJAAAAAvF8AFEH+goG0bxqU4/kwuDQNp22T7Hd2/tito24Zxx5/keDw1kaw6pAoFSMK/iB/qXPECxHNdR35a5LyfAAqFBeA/Hm9S6E2CUWxbbf5gABvsO2yRgABSJERZJERCJMRBb/sM1UBE/xWmbcM46e4lUEfjF2LpUYCVX6HiHS5YDP3Jhgk/hl+K1nlAASYCVQQ=) [SELinux](https://docs.qualcomm.com/doc/80-70020-11SC/topic/features.html#section-selinux-features)

![icol](data:image/png;base64,UklGRpwAAABXRUJQVlA4TJAAAAAvF8AFEH+goG0bxqU4/kwuDQNp22T7Hd2/tito24Zxx5/keDw1kaw6pAoFSMK/iB/qXPECxHNdR35a5LyfAAqFBeA/Hm9S6E2CUWxbbf5gABvsO2yRgABSJERZJERCJMRBb/sM1UBE/xWmbcM46e4lUEfjF2LpUYCVX6HiHS5YDP3Jhgk/hl+K1nlAASYCVQQ=) [Qualcomm TEE](https://docs.qualcomm.com/doc/80-70020-11SC/topic/features.html#section-qualcomm-tee-features)

![icol](data:image/png;base64,UklGRpwAAABXRUJQVlA4TJAAAAAvF8AFEH+goG0bxqU4/kwuDQNp22T7Hd2/tito24Zxx5/keDw1kaw6pAoFSMK/iB/qXPECxHNdR35a5LyfAAqFBeA/Hm9S6E2CUWxbbf5gABvsO2yRgABSJERZJERCJMRBb/sM1UBE/xWmbcM46e4lUEfjF2LpUYCVX6HiHS5YDP3Jhgk/hl+K1nlAASYCVQQ=) [Qualcomm Hypervisor](https://docs.qualcomm.com/doc/80-70020-11SC/topic/features.html#section-qualcomm-hypervisor-features)

![icol](data:image/png;base64,UklGRpwAAABXRUJQVlA4TJAAAAAvF8AFEH+goG0bxqU4/kwuDQNp22T7Hd2/tito24Zxx5/keDw1kaw6pAoFSMK/iB/qXPECxHNdR35a5LyfAAqFBeA/Hm9S6E2CUWxbbf5gABvsO2yRgABSJERZJERCJMRBb/sM1UBE/xWmbcM46e4lUEfjF2LpUYCVX6HiHS5YDP3Jhgk/hl+K1nlAASYCVQQ=) [安全强化](https://docs.qualcomm.com/doc/80-70020-11SC/topic/features.html#section-security-hardening-features)

![icol](data:image/png;base64,UklGRpwAAABXRUJQVlA4TJAAAAAvF8AFEH+goG0bxqU4/kwuDQNp22T7Hd2/tito24Zxx5/keDw1kaw6pAoFSMK/iB/qXPECxHNdR35a5LyfAAqFBeA/Hm9S6E2CUWxbbf5gABvsO2yRgABSJERZJERCJMRBb/sM1UBE/xWmbcM46e4lUEfjF2LpUYCVX6HiHS5YDP3Jhgk/hl+K1nlAASYCVQQ=) [Qualcomm WES](https://docs.qualcomm.com/doc/80-70020-11SC/topic/features.html#section-qualcomm-wes-features)

![icol](data:image/png;base64,UklGRpwAAABXRUJQVlA4TJAAAAAvF8AFEH+goG0bxqU4/kwuDQNp22T7Hd2/tito24Zxx5/keDw1kaw6pAoFSMK/iB/qXPECxHNdR35a5LyfAAqFBeA/Hm9S6E2CUWxbbf5gABvsO2yRgABSJERZJERCJMRBb/sM1UBE/xWmbcM46e4lUEfjF2LpUYCVX6HiHS5YDP3Jhgk/hl+K1nlAASYCVQQ=) [观看有关安全启动技术的视频](https://docs.qualcomm.com/doc/80-70020-11SC/topic/features.html#section-watch-video-secure-boot-technology-label)

![icol](data:image/png;base64,UklGRpwAAABXRUJQVlA4TJAAAAAvF8AFEH+goG0bxqU4/kwuDQNp22T7Hd2/tito24Zxx5/keDw1kaw6pAoFSMK/iB/qXPECxHNdR35a5LyfAAqFBeA/Hm9S6E2CUWxbbf5gABvsO2yRgABSJERZJERCJMRBb/sM1UBE/xWmbcM46e4lUEfjF2LpUYCVX6HiHS5YDP3Jhgk/hl+K1nlAASYCVQQ=) [观看有关 Qualcomm® Type-1 Hypervisor 和可信执行环境的视频](https://docs.qualcomm.com/doc/80-70020-11SC/topic/features.html#section-watch-video-hypervisor-qtee-label)

## 加密算法

Qualcomm Linux 提供全面的加密支持，利用硬件加速和基于软件的实现来增强系统安全性。

主要功能包括：

- 具有直接基于内存的访问的寄存器和总线访问管理器。
- 与加密硬件交互。
- Linux 内核加密驱动程序 (qcrypto) 提供对独立于受信程序的硬件加密的访问。
- Qualcomm TEE 为可信应用程序提供硬件和软件加密应用程序编程接口 (API)。

Qualcomm TEE 支持以下加密算法：

表：加密算法

| 算法 | 硬件 | 软件 |
| --- | --- | --- |
| 哈希 | SHA-1/SHA-256 | <ul class="simple"><br><li><p>SHA-1/SHA-224/SHA-256/SHA-384/SHA-512</p></li><br><li><p>SM3</p></li><br></ul> |
| 对称密码 | <ul class="simple"><br><li><p>AES-128/AES-256 CBC、ECB、CTR、CCM、GCM，</p></li><br><li><p>三重 TDES CBC/ECB</p></li><br></ul> | <ul class="simple"><br><li><p>AES-128/AES-192/AES-256 CBC、ECB、CTR、CCM、XTS、CFB、OFB、CTS</p></li><br><li><p>三重 TDES CBC/ECB</p></li><br><li><p>PBKDF2</p></li><br><li><p>SM4</p></li><br></ul> |
| MAC | AES-CMAC | 基于哈希的消息身份验证 (HMAC) |
| RNG | HRNG | – |
| HMAC | HMAC-SHA-1/SHA-256 | HMAC-SHA-1/SHA-224/SHA-256/SHA-384/SHA-512 |
| 非对称密码 | – | <ul class="simple"><br><li><p>1024/2048/3072 模量的 RSA</p></li><br><li><p>P224、P256、P384、P521 的 ECDSA</p></li><br><li><p>ECDH</p></li><br><li><p>SM2</p></li><br></ul> |

**内联加密引擎**

内联加密引擎 (ICE) 对存储数据执行高吞吐量加密。

ICE 支持：

- AES 128/AES 256 ECB/XTS
- 多个加密流，可满足高吞吐量要求
- 每个加密流对应多个 AES 核心
- 提供 32 个软件可配置密钥
- 能够实现对称和非对称操作

## 密钥管理

Qualcomm Linux Security 解决方案通过实施 PKCS#11 API 支持公钥加密标准。这使得应用程序能够以独立于平台的标准化方式管理和使用加密密钥和证书。

Qualcomm 将 PKCS#11 实施为一个全球平台接口，用于在 Qualcomm TEE 中运行可信应用程序。丰富执行环境 (REE) 中也有相应的实现，允许在安全和非安全应用程序域之间实现无缝集成和互操作性。

有关详细信息，请参阅以下文档：

- [PKCS #11 Cryptographic Token Interface Base Specification](http://docs.oasis-open.org/pkcs11/pkcs11-base/v2.40/os/pkcs11-base-v2.40-os.html)
- [PKCS #11 Cryptographic Token Interface Usage Guide](https://docs.oasis-open.org/pkcs11/pkcs11-ug/v2.40/cnd01/pkcs11-ug-v2.40-cnd01.html)

**局限性**

不支持以下功能：

- 随机数生成器功能
- CKM\_ECDSA 中的 P-192
- RSA PKCS 密钥生成和使用 CKM\_RSA\_PKCS 模式签名
- EDDSA 密钥生成和签名

## 观看有关安全启动技术的视频

**Qualcomm 处理器安全性：基础**

*通过阅读本综合教程来释放 Qualcomm 设备上安全启动技术的全部潜力。从生成加密密钥到对硬件熔丝进行编程以及管理安全启动状态，该视频详细介绍了每个步骤。非常适合希望通过经过身份验证的启动过程增强设备安全性的用户。了解如何有效使用 Qualcomm 工具来确保您的设备每次都能安全启动。*

<svg xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" viewbox="0 0 640 400" width="640" height="400" style="cursor:auto !important" aria-label="../../../../../_images/video1-features-qualcomm-security-processor-foundations.svg" class="align-center">
    <defs>
      <style>@import url("https://fonts.googleapis.com/css2?family=Roboto+Flex:opsz,wght@8..144,100..1000&amp;display=swap");
.svg-1 .bg-fill { fill: var(--color-background) }
.svg-1 .fill-text { color: var(--color-content); fill: var(--color-content) }
.svg-1 .video-hoverbox { transition: opacity 0.15s ease-in-out }
.svg-1 .video-hoverbox:hover { opacity: 0.9 }</style>
  </defs>

  <foreignobject x="0" y="0" width="640" height="400">
    <body xmlns="http://www.w3.org/1999/xhtml">
        <iframe width="640" height="400" src="https://players.brightcove.net/1414329538001/BJv5wEFt_default/index.html?videoId=6358216194112" allowfullscreen="" allow="encrypted-media"></iframe>
    <div class='topic-detail'><div class='topic-updated-date'><span> Last Published: </span>Apr 14, 2026</div><div class='prev-and-next-links'><span class='previous-topic-link'><span aria-hidden='true' class='disabled' data-tip='' data-effect='solid'></span></span></div></div></body>
    </foreignobject>
</svg>

## 安全启动

安全启动是为整个软件堆栈建立受信平台的启动顺序。

请参阅工作流以了解安全启动和 UEFI 安全启动过程。

![../../../../../_images/secure-boot-uefi-workflow-updated.png](data:image/png;base64,UklGRiwcAABXRUJQVlA4TB8cAAAvkEOQEE/kKAAjR8k1NXjAvxH4X4UpSSgmHARg2zbqRTMM44/jAejdfCRBjm1bVbRx9xSIgwyYkS3hMHfrvve+cxxHsq1UjcNOIiAUMiU6lu58JZikqbZjAAD8batKokhGim02RLHNhigGJBHt/wYkAfhZ7m2/AL4Am8FnAOswdBKDAXYLUAMENgBugL/hAgZABVACNADNuLYOQxrHrvcvuPuCT2Qz9NT+uzJSdxGxjHOY9+wlu+c4i9RzXoXsuu6mquv9bzI73n/J7IiQiI5Mef9RZdcN0s7LJBynVV10n0him4XjepHEhmSP7113Ih9si3+Rd6apb93MLvthQM/zdYb5T0eHx/A6pBnGpckMGWJ2EV/xKxibjq72Vydaf1Q9VKLD+xeMBhqIemNLl9H/MkOFFP9UJVFIYLCIn+7Cttvj4P48coritm0caf+xr/vaNyImgCe03OSfLTd5XjecQL60FbWlAd1I20j2demql7fLlmIbrI81HQE6rLOlApt0m2cwqF3tDCYhgTI5YrZbJc4iopyhPLLVfdja4rR9chQ3HnFkMARYfN8eH+OThCJUNsZjrKzHeDx7pDwURJ7KMl4WH1SWFOODFOxVZFN7/NtSd0vqUfdI6vVKvz7UEf2XBdtW3TbrNGqssV2glq0Iosevt2Xb3Na2rQ2N3zPDssB45ZyjQR2voJU7dIMRWCB/sEDGBiH0v6W7ZI/QPfpQjVBXXVV1R/SfFiTJYtumL/USPALIklVPkIkHmPx9ys+HLzfFYF4rn0Ly/kuwOFOfEH6ZrINuvvxe8PXOs9MTojD6+Rf9Py89W1pxmLJ6RX4I0xMiMXX44OXFCbGYpVebM4LR3NvNumBUB5go/PckPtMlsBClBYrJRpONNLQ4sQCs5Jw4sQTMpPBf4b/Cf49XumRz9dU3KhTkfWezfATQ8/gN6g410Pud5QLffXMcAwCM0XYZA1AF8p6j5hFoDwD6QoZpxfCPzOW/jbw73McLOVaiatLjyBa7MSD3F6BgDfhWhHE+TMYcokIQKiru7BDDPTHlzoQ4AnCs0UfsWHgcmUQn/EHkkbwu7FrnUK0UVw/zrfGH2MsBoQgRwRt/pq350VFfMs7Uqpi6AUTjTaI7ElPf7Xj0ETlFSc8XbJfFBoeLr1CEGAAfAACQnq1ivSx1o/ceuIx05nHYzZ7uKMB+ObJFFAO/Zg8kFiJMB/TFIrTGhAT7ZeH8J5DEwbfozDB9WoZLIaIsEZCD2gv/Ff4r/PdkJA1xYo4Zi+KEfZYRalKgsPNL9PNbST8waXMXKSu1kZxaduG/xzAsrwEMjThk7myXZ1KKRGv3sccKRGe28F/hv4JrBgAUAKyIQ6DQHAjEG6cIaQUiUwZAKN5l6KsmhKJ+r7ZtBOMT7avhhOhSn6ed/340Tz0zU0LFdKPJRBYEiilGvgDmxQnVZMVz+ZUUd/ofhf8K/xX+yzYuWS0cOFf7JAEuBdlX0kcRpwhmgn4HOAYBZWSU7gAqH5cSGD8kOh4NAUBgkAnyvrBUduyZFiAwLSfoAKDoFyEWRoKalZ0SDolhSUVdSpBTqMOylrnpaKcUPeK43KTFBLHYiYRPGg8hjQFWypE1Aj+aqqJfTpD37HTyQrcoZ6d03CGxfX0zVIFF/cpmQRyicyul6AGMxcICniSA/J35STdMicFGqSjr+KKPbS7fz31Rzs5GuR/k0O9elCi26r1Fa/JDZ+zuReiL6mss5HaqO/Bo7Dq82h0KMga8gCR7sZmoBwJyUHvhv8J/hf8KJSwyoyFO1JmxIE7YWUaUkwKFnZqnnv/DCKIF5CUuFf4r/Ff4r/Bf4b/Cf7+3o7gYyNlZDkYW/mPHsBXOjS1Uen7yc90GS6jkQlnDpvG8+anC1h52TwvWcZVSt6EJG6u4o6t45GwRNR9C6TcNoz2U5Pa3h3VcpRnsYbNvhMfNHjplt1OkS7+yiJuFPUm3sYtXmWxjULWJfr57QsL+0NqatXaNZ5aH1n5zau1hTj4gARSS7WXLs9xXSIZ5+YCEiocLGSB6ufmAhOXtYCHrW77lTmA/Px+QMAwWMh6+WckcfUBCv1eTXHyzWslL9gdbfh+w+zxcyMreqc09nAectPnwlhZmF5eo5yf6BV2oj/4itkrq+f7P1At6bm4yYztnA3jNrg0+lO/GUpONLPLwMu+em8rWhtv8UDMtpvBmzDdZyexIv2+w0jRlplbykzklYWjejOeYcW6U5oCZTOWDmswoebjyAPXHfA0AxHofLCEdlups68TKL/7LmuJjP+imsYhO2cNN0ske2jfqB9Xbwxoqsyh4WMcGt8UeODw7FXqzm9twemTbJ592tbfMI1V2n7WsoSR5uPisDNWS1B1woahxDtyTof4Oit8k0pJcVzom9WvCZucPJPfLay5za9JlR+Aj78a4qflrFH3hkPdFPnEAYOYLjN+9Jm6T5Dg+lRrjVlXfYXdejEA45Oa4KXQESYz3HS9LVuUtZFHbSp64TULfurDKVG8SAkPNgAX3IqjkATjEJUb9iJa5TNzsuE0SXfCUGeqCbI1f7vvoZSRfi6fA8Yd882jeKYRDEWC68CiCvOjlyFxyolYByfnE3SVuk0QWWEF9J3+b1vmfcFCo9yKS0X8Hfsib73U316f3yGU8CpxLI61jusK3O0nUKtzCQeLEbZLIfCtekx36AsAYjCQ68Z08pF+Yfth7sxdGH8lq4fBX+ZNoP/RdlNEtNUkWt0miSiKcM9/Zuo9zEimJMN1hkq+ok9rHIkaDGDSRt8Io0+JCcsVtkqgq8WrkDPK8EEeoqaKolVVgXbFdENT5cFGON9+9tEqVuLvEbpLYk3tRPW2MF2a2mi7Ewwj0dF+ruXAn6PKOTpL6RHGbJP5s32Gy1G28PjGuBfZ8i+78CKRDb6h5Eu1hSSx8FhMS4jZJrIe5+bFRTJoYjc3o5UuTxvtasFDu36HaPF14WZ6yp5DcADwtyV6fTNk70kppC8kTv0kkvn0ZAK5jrbB0/jP1pHaHXJ7/7A6QkTqsBt3Nu7/s6wRb7L83JrWvAq4W8bKvRtQt8xbxwmhR+6vaw6YU9RPH20+eh1I9PllETXZTVWZbq3hzLVXVx80ibhblboefLjYasmuMJ6vYrY28/aRdPP+5jZtfpv1r8J5lxiL/TkISACYz+2Hw3owZZkyP0uRzrFiwmf0weG+GnW0woTFjR5rpZ5n5yuyHwXs37GSdhYy+babpV/R/f7XUM5XJz/X85b8Gj8fJZy9xKXosovg4q5a3/XCyhbbZMHmkG7KNJeRuqhqzqLq/2kFldprcBlVtYAvFiTtbRDo0qkHs43G1hM7Z7Zqoum2s4SraJF5L1SE7W8QJCaXq1Gws5AyhX/xX+K/wX2GTFRhDuX8IYyjLGZq8fzZ+sj2OmrI3zNIgG90YFv4r/Ff4r/DfEwj18d1P5rT2sX01DseK7RoSOVbckfIbkFL2s/CkV0OyPF4+w8ZYU9osPLEwll5hvcDxOGrK7X42ni3H0Stsfxw15VrgwGZjZiy9ws7GVFPez8wPOx5HrzAznppSQQZxLaH52z8f6YTmW4abUj9MbFNepeLpPyY0//nZJjRPUzFV521Y8dnlK0nNP3Ri8/f433xyUXM3X30b/7u3mtzNu/G/mVwC7qYxy4TPrvA4X8b1neZxvo79Gdbkcv4Q1xLwOHUWXOQyfTWmLzWX82lM5/jsmZhmmlz2LAs0n12L6TKffR5Tg88aMc3zGaQ0VwrEdPccs+tGtOGNgutgkRR1jJu1Xa8F2frVt/MA4K4kF+lklC7spYr+lUzuXep661pfMBuRjSgD0HHCuAoI7quVTiDuBH3rBoB+nnZyOHBvK3m8D7Pc+zeu61zQQfy/2o6+oi8ZqXVnz5gKMO1dx7SwVeqqgyy2A8e4QTHWw0oRSkHLbJAq40T+v41TuVobz/FKrbUcON5GZneiVqPyXU9qrmS/kwfcQw0g78l21ElHBgfMyUIFtIdoLhTyf3CfVeOcflJ7ho5OJmnF8x7JS5qf3ftxwdlE7O4RIGvPlR2g2v5SWlmlL/kl05XX9Q0u6Q3jtYMihZUiVFAQnAz5bzQa12kj88ELapPdJzsQmXeo6C/YFXegOzi0rIAxJFw46YsE9TnGEKF0i2pWk7FvJ0cG7MYAKC9II51I4nyYjDlaep0jvRXk5x4Aiet0tZYGEIM9pHRd17uktd71P1vR4lVBKdbDShHKaiIfEcKf/6nBVOibj1+bXGK2DwDGAvNjgO+AnC2OYpAf7kisgR0vcxjE4ADAEAsFHOtu0o8QGdAHYyHKpzKpgJwdgOL+DmEFQpDKsYct3LgNpLBhpQi/oUMmXOreRFbQW55fm4z/sJiC8du0KB9wYZQCd3IIj7ECgGXBR7Qed2+kh+9wCAbfAajpDPLZvcUF7VrHGJyLLdzrAemNTvjLFPVPDW0HiReUMMNPAGjZKUkGBFOgKAUCqW6ZSwwo2lkun9yokYZIUW8NcSH0WuQbLmGiTWImc/3pvyWzsVhtchFFv3vaLOZMPY/LEMeK7vXGeLpPvLMdSXMBgf7Q6ZJnl6TZtBEqI7LMuxDASB9Aip5dd9+UXZ+/H441JovdlQjgoMZ4fqLmHPj+Wrcx6t0zb21CArL9Ftnusxl0slyK8jDldSkjVuZPv3LhH+dAfyg3K3UX1KgfluyRToS3J3AUPRuWRYe7ObICRY1wRCLhV3UD//IOd4pqZQDdLQzI5PuEFMmiQrr370f0PaAMcrNWbjb1+AtinyNQFzdzgGcQxHu5cWGzQmzWzaGfUpYcGrIXdJdo3dl1jBu8JbQcs+d3hpD6PyWp/5MyUmXEGc/If5zyq3H+07Sw/k93ZCKOdGKbB4xzz4YZSV6EheEmA+TqnSEWMUcseqDjcY74OVJIbkS+oSN5KUbj/Kc3zn8eLpA/vWo8080hXjn/eTHPf/bp7UFe7f6HI48HtUcd6cQyrTWvtAWeAvrC0PsdjDdMfQeE4t1Naj90+M5VG4FDtG51eIz2SCfXMZ5LXMNwHX/tYLetrTFuWCkiSHNu99Vf/um/uTmcGR6CbXD+WyhSwMrGqJ4zYF7RveLISriLcBrMJ7Fj/bbkRQt0h/TdE+v0+GtflEc6SXQQE2Gkk08FBRh0tXQ6YaUI5+ZnQp3CycxI4WEAPiO1riqttXGx6vl1iFA91p1XR1HkDLPAALOSyFB076txPRndD5rrMOmOdALjamRhxrdSI5uvdTv4QO8aN6wUoTfQAU1xfiIwU1bIew8y0gmpSul00I3hEBSkJFevy9hdVvG7lARHqgyg25pI2knPAgs0yu3e3YXRP+QYgYSgMGH9uAjCm0ZYKTBoAn84B//rmTz4V1aj7wjeBraa3rIanThuhOqxP9FqlTQJw56d6SL30x5WHLRGOpk6YSOd4okw+ev4l9NIN/wPNJggOL2ntHURSF2rklQ9PjiJ6jI3aFlLR16w+qA70mkzfEJZ0D/UPw6LTaWRYFxv0+mSNiK3HJe5yY+1I/qTylgFo9/Nkr/jC53rIBnQA+vReQ6SdgRt02HkiWiNdFrubpFmUzYln17LhW6sp7ODqxx/uQ8QeoIJ1Us+88LD87EcqTLWEyU/AvIEKD7HblJzeTlfQohRqnpj7jtakvevu3evy5kTNfeXhUhvDb2lFPsFrQHEoDSSSPToKI/qgATKI52k6ZAeprwubT5qCOZmCAoPyP8gNgCiclyUVrajpdkgVC/x5KSXGzu3gPbD8t47M2HNAPRjbii6z9YdQOV7AEoejRfVfFkKh7wv8m9Ey518Psfo2+8lWo+A1poRtEc6uY6xxI5J2sK//anwp4vnPwftKwh0jDEKqashVi/58NE4eBGG7EXu/wwdsud3MMGzUppvCSfWnzUEJqArol/6tcMf5JWX2DF8I44MS5nfKhksx21nA9uLB/7S7RLW9jro5hJQ6Kt7t9TB6175ZSPBl5gKefFbhdbLv4HuN4S8u5EqQr8/oV8frw+2XxGKg9qZGun01195AW96UvuvW5TL+HmrqIAPXZyNgmtzZS0yRikWZCt+jvVkwPJkPgDFKH5otMh5eTrPb3QLM/l4NHGdTWQ92P/oCuZj48t3CdAbiMoGq3z+H88pdcdzw1mJ1ML1fHuVRhhXE3Y3QihaWL8/3q9PqA/1CVMjnf4/hXeO8sDYGD5zgUfUTInVs0nAPZaqZoCynRRuDmreVMQQmET+2Sv3GzHvKMIVSC4Fy7q/aJL24rFhkIX6QgTYllG1i5UR9sh3kfjGGxcZ4N41LspqrfFfFSMUjTAKIFq//mCPPnbyp1+lf3zv4Med89Tce3zeqnnEx8L8sdCxDyKUKw5tmi38FjyGSY15tJsXhBl28g+7ItIr9xtZuBqMR7M3jdci7cWDsNUoAvT1jyy1Hlqk0An2Ex+yyJemixqE/DJ1xB8Rif36pKqm/d/D/NjnwGe/2Y6dca0IkEJB+R/h/my6ns4qIOfiJdOyxjA/JLx0vxHfyrnxXLrLwEjyXjzWo5NGax0s3vG5u1rtaRypVz4yrF8/TAbYU8Hn3CwkOWLxNnS6dCKISWpJclF45sJdYBJeud/Iwh1FeKRtvHXyXjySMOkY613QVCfYdqm8wUhRPfLWGeO6Dlg8nGpRfc0mMfQjnjdepnprze5e22jSXjykwYaDeq3os+PTds8DHHF2ZHi/ft7AMRjDH74zkgWmxWi+wxNPu4F+5EV65X4jb6wb2bw62CXvxUNp5KdJZcEvTLCTj9CHxYZuddEkhN2NREbo1ydp5QFa7pamBQexMG+WlhbGIseFpqWbiiyoySS9cr8R844iHBqyt4mu265je/HAOiNVF+lENEr5urth/Z8EYUP2iLqmJCHtbiSy0H59wKqauWHjJAi27oEx3IGqN2fxBZJRIYi/euDWzioOP7gBwaq8B6jQ4x4cLgvnPwXkcSkL//2uy+Vci4A86cGUdlqg17LSaYEqLpthgf38Mn99QeHEeTnclF9djX/ivO9m5xPntfbba7xNRefUsnmb71g+tex/G5vUsHxq2X+6yalTy06ryUbXnCVrYBMaYQOUkoJRr6bUgVA0VMiFDwlE5bZSSqmhQHSqsIvn4477Jre3AnB4HwD6vGHubJdnflZy5SeivlrKDpoz1gCgLxShNwoQlWsAhrDhCGCFShkAKTDVMpTWWkunDBKQGCplkMltLMuHxioT2ljUGoj+S7GqRtFYJeONFbuBAglefmKTZ1IeBOQZkmMqZZBIgamWAWl9OmU4RstwQKUMNrmNZfnQWCsJbSxqDUT/pfgNjKKxVhhvrNgNFEjw8iMgZxd9MoeVvK+UUmui0Mp2dbgG+f5krb0w+g7S/ylNXxw6VNh+NsQh2wv0+iIRBA6sSGSNUtKKRctKgWBkh9WE6DJdp51/aUs704LFPBPHXG8siBSqyUgWRQJuHHB9Wpios2MuxRi2wrlZ28ynFqXPPvm5boMlVGYLZQ2bxvPmpwpbtYV0Wlg7ViFduNzI/Kqupyta6vbchM2aIdaFy13ovkTpVTxyXjGQLlwuLWs+nEu/afhpxUC4cDmtfpRfSs71ZEw4kLwD1Wh+k7mRvKTIxW/zINWDW6nLB7n97bFKCLlwOeS+4kCbH+6IY2EcdI9s4XyYjDla+mrhSySJAOcfqDKd3aUZVorusAuXu7cF9CMqKuDaXOoLAN3B/NIrHYDC+Fc/prIb+0Z43FaLHZEvXO5IHfNDQPT9DgAk32FO5Ja+9ArGYH4Jq1TmlN1On/j48KvV4/zn3eBOO23NHZCUDLkUKeqpSNJHfpnR856k2+iKgXjhcncLNQ66VYi50QSI+nJsVHX7aaO6ZiBeuNwN+gD5jR2VOjNHvXvmi65b148JCSEXLldwBzh2gB5y1HOWxG7e2TOLm20JpwEJYRcud4/yUTI6AJF3I0V6ZvH8p/gZkBA3h8u3M6ldDA1IiPzvbq2m598yaYY1xHW1VcJoJmltQMKqdR1mWhuQsGpJawMSLCLVbQyqdpFqucq4q5C0ZoALDuOXoPOAkzZpnVm4uxNagC9DZw7gNbs2SKUlNNzmh5ppMQU7qGQ0pyQMzY/BqSDBDKA/WmsGAGK9ZAnpsFRna+frvBY/S4UklTpJq1ajSe1PzBAf+0E3jUV0yh5ukk720L5RP6jeHtZQmUXBwzo2uK1tZlPN7OY2nB7ZdiUw2WBFo0w1u59MJPen1eBjgc6y83eKEUuNcbsmfHDe+rklBlLZCZvOziArNwnAKJoyzdBHswJ9+HqbMs03n5wr2kMLdyqwh1SNBQvJQi7YRvvMOnaXzj6u0jyso+tgDzWibpm3hkqK2l/VHjalKH2hDgTe7DCU6hGXrhnYH9rjs+0SxN3s7KaqzLaGMz/3leod9/MuqeuUzpb375zmXXdJZSc9KP4m9lDIrjGepm6LOEOoMe52ZxWn7G3j5icBF0anssPg5SZzrJTW2j59aegweGuN0xoSOYInSkOHwVtrLG8jTMockNAMq86EhGHgeCKFTnBbbfR7NbXdH4V0dhi8vCT7Sh2mzIed158JCbKXPvs/Y9yqrjlWIFWKj6Ba3vbDitBMLS4xED2dXmyzYfJIN2SbtUC9kfKP3OxuqhqzqLq/rgXS/rkNlNlpchtUtYEd/PQfZRYn+7NaxM/HMzSqQezjcbWEztntmqi6bbKNLfwEWU3itVQdsrPaw490VqpOzcbifU7X11+LX3JULpUlVHKpGkvYNEsVf6rYHUvbqGRU1XNcWdzdQd1Q11OroVltWNEIgH1sHC6sC3oFxjBpmTt/nxMFm6fPcfdLcOFxDvEFZwDwYQ8A57XGDlAel2AMU8eX3K1DZK06IqDURYm+wzfhL2t8yyEfBiSsRjDSfSP+e8a5HLM7ZO9XpvOn1YjS378HNrOW8btsxc5WHvfCVPQV9QuPZ1yDBCaon7R0GAvbhqKqJ9CR/dQkBsDx/mVoZZrU/mMyAwA5K8E64MKABNuACwMSfqqoMeq0sYXKbKHOtrApjYrXLFrH7sfNOmoG6+hqHW3S2TbOEEoobSOWFnKG0I//zQkTU+yYFibsAiuWrDhhFRsWJ0UKW9YZiP9dSpNnpfCfUNDb7wtG5VDWlPRzuiwKWWutQQ4rLRRhNwr/Ff77PZSr14j5TgT69EpIvhaALofR12K6ZhbMlaiuGXm1im4ftur3tIgkT6rKzOu8+in7lfoh4036FTI+SnHwxlZ1/9gz+VtGlHp1yHgOpNvYJr+wVFXPxlRmV92ks+AG/yt3VaaNPtKvdO+oyG4asjnWVhu60ruHTUJcI+bVRK+qzs0+caO6bUqeVX1qdC+SbVTdbWpUfzUHuibrRU9DRgpnmWnLqKpwhl+puofhpHrNrNcCp8fUPeO/Jnu1ipOmkf7ywuvs1Y4e+9IP2a/md4oCH0ur3MQqzH5lzeg1I7lRDY588FdTDwfshQ3Im1el2JE9Mz8y8PRtzqG1UlTP3sq5GHNQu5XzyeUQXwjIPRUU/nvsmxWPZgSjuTdeWxSMll7/sDktGG9/8NTLz08KRPrNV6V874VKHD6k/uZLSkqpTHNpti4CM1fCq0oi+QDeborAvPP6B1JKCQA=)

**图：安全启动与 UEFI 安全启动**

此过程使用加密身份验证来启动一个不可变序列，验证代码的来源，确保授权软件的执行。此过程：

> 
> 
> - 确认 Qualcomm 和用户签署的所有软件镜像（非 Linux 镜像）的真实性。设备执行此过程。
> - 防止任何未经授权或恶意修改的软件在设备上运行。

安全启动功能可对非 Linux 镜像进行身份验证，而 UEFI 安全启动功能可对 Linux 镜像进行身份验证。

**UEFI 安全启动**

UEFI 安全启动是统一可扩展固件接口 (UEFI) 规范的一项功能，用于定义操作系统和平台固件之间的接口。

关于更多信息，请参阅 [UEFI specification](https://uefi.org/specs/UEFI/2.10/)。

UEFI 安全启动的功能包括：

- 在操作系统开始启动之前，确保设备的 UEFI 固件运行的代码安全且受信。
- 定义 UEFI 如何对镜像进行身份验证，例如 Linux 镜像、操作系统加载程序 (uki.efi)、systemd-boot (bootaa64.efi) 和设备树 blob (DTB) 镜像文件。
- 确保仅在由有效且授权的用户签名时加载镜像。此过程还确保在基于 UEFI 的固件上运行的系统上 Qualcomm Linux 的安全性和完整性。

UEFI 安全启动允许 Qualcomm Linux 用户：

- 验证 UEFI 加载镜像的完整性和安全性，确保以批准的方式加载镜像。
- 管理由 UEFI 安全启动身份验证变量定义的 Qualcomm Linux 安全策略，其中包括：

    - 平台密钥 (PK)
    - 密钥交换密钥 (KEK)
    - 允许的数据库 (dB)
    - 禁止的数据库 (DBX)（此版本不支持。）

## 存储安全

安全文件系统 (SFS) 存储敏感数据，例如密钥和生物识别数据。

**SFS**

SFS 为受信任应用程序提供机密性、完整性和防回滚支持，并安全存储敏感数据。SFS 下创建或存储的文件受到防回滚保护。SFS 功能：

- 为每个受信任的应用程序使用加密密钥，以确保文件的机密性。
- 为每个受信任的应用程序使用 HMAC 密钥来验证文件的完整性。

加密密钥和 HMAC 密钥都是使用设备唯一密钥派生的，该密钥取决于设备的安全启动状态。SFS 防回滚保护默认开启。

当设备启用安全启动时，SFS 使用唯一的硬件密钥进行文件数据加密和解密，以确保它们彼此安全。

**RPMB**

RPMB 是 UFS/eMMC 闪存上的物理分区。此分区用于存储敏感信息，只能从 Qualcomm TEE 访问。

要读取和写入 RPMB 分区，需要提供 RPMB 密钥。这是一个一次性过程，完成后无法覆盖或擦除。

对 RPMB 的每次访问都经过身份验证，允许主机以经过身份验证和回放保护的方式存储数据。

## 存储加密

存储加密通过支持文件和目录的透明加密来增强安全性。

Qualcomm Linux 支持使用[内联加密引擎](https://docs.qualcomm.com/doc/80-70020-11SC/topic/features.html#section-crypto-inline-crypto-engine-label)和硬件封装密钥进行存储加密。它提供了更好的效率和增强的密钥保护。

存储加密功能允许：

- 提供 32 字节到 64 字节的标准密钥用于内容加密。
- 使用单独的密钥对文件名和文件内容进行加密。
- 生成 32 字节密钥标识符。

添加了 Qualcomm 通用闪存存储 (UFS) 驱动程序以支持 `fscrypt` API。

有关 `fscrypt` API 的更多信息，请参阅[文件系统级加密 (fscrypt) Linux 内核文档](https://www.kernel.org/doc/Documentation/filesystems/fscrypt.rst)。

有关相关的内核文档，请参阅以下文件：

- [内联加密](https://www.kernel.org/doc/Documentation/block/inline-encryption.rst)
- [用于存储加密的输入/输出控制 (IOCTL) 支持](https://www.kernel.org/doc/Documentation/userspace-api/ioctl/ioctl-number.rst)

您可以使用开源 [fscryptctl](https://github.com/google/fscryptctl) 工具调用存储加密功能。

## SMC 调用

安全监视调用 (SMC) 用于向 Linux 客户端公开在 Qualcomm TEE 中实现的服务和接口。它向 Qualcomm TEE 提供有关请求进程的标识信息。

SMC 调用是一种面向对象、基于能力的框架，它使得 Linux 客户端、TrustZone 以及使用迷你内核 (MINK) 调用对象的 TrustZone 应用程序之间能够进行通信。

在 SMC 调用过程中，涉及以下对象：

表：对象 – SMC 调用

| 对象 | 所有者的执行环境 | 说明 |
| --- | --- | --- |
| Remote | TrustZone | Linux 通过调用操作获取对远程对象的引用。例如，AppLoader，它是一个远程对象。 |
| Callback | Linux | Linux 通过调用操作将所需回调对象的引用发送到 TrustZone，TrustZone 可以根据需要调用这些对象。 |
| 内存 (Memory） | Linux | 这些内存对象对于在 TrustZone 和 Linux 之间有效共享大型缓存非常有用。 |

下图显示了 SMC 调用体系结构：

![../../../../../_images/smcinvoke-fig-updated.png](data:image/png;base64,UklGRgYUAABXRUJQVlA4TPoTAAAvH8JhEPcEIZJtV9H5OX8H+BeCoXzvi+cAuyIcRpLkNPsGDwpLIShhBYSHM/93kGPbVhWdZzhDy4ERI3IgHCIlDXe677Nz2Na2LWP/mYxIIQpV6Sz2JQAAfrlkrViJJmComWhCIzjQhOhQHcVKLlUCGrEKjRhFCoqdiuusBCAAOAB0AA+AD8AL4GiCKwJ2AKtMi1wjgBnA9K/tbGuj9zxITvSvWju7AsCp/lBKY9eIwk3WKj5z1UThJElhz5/IWSATyAQy/v6LnNnzJ0nRx4UurM39wNQnU1e0YW7sknUcGdtom8b67DV5L6sXqEviBKIkTmSK7CShQJBV7IFa5X0LDV6X+LtDI7k8zw8a5Xvr/Ey1yTuWiT55ff+2jtnQFUOTtLYxtslt/cjalHBUSnP9H5VSDbXIZ1OtSXtFp7gVBMW1UJSwZajgq4l3RqH0FJUpvVWlLlNT3qZIk++mapeuwlcjk7Bn008u34Mu0TZFbeyOxZEH58cBumNxmhDtc9elSIJhADDHjVOhTe/NhNd7f5uiCKU4zQl61aTSj3tOACMgRblDdA6n0Dt+5ojf4/CP3flmVsVnaZWi3Z3y7Xze+Sai/7Rg2xbaNuvGr4GAch55BvyU4H5/IKt/+Yu/W0nU31QG1D/8eXvb9ddesXKoaEP7Z/8oPv72g9fwiqKuIp/9+HO6klcWVdGf/v2/tODnK4uf/tG/NoFXGnXrn7bXrzbEto2rDdy2vPbfu98MdgHdvBfGI5/r4JNChTjuMg9shVtAd4RoU2ZNtoODzC0NjMaplIgf0x0dCq4H0XBXD5itT7nRjpuOYVBON+zGPqMjR6yYrXU80o6dtiIns8Eo1hdbhI45GO5jYE47hhvPUMTI3CXHmpi50iIaTEOamRsMrCtm9qOi28AdDKbM7JtsQeI0uHQxFDp9eLHLjGE0OFC50gV3dRyhN8yEoJQ4bTpIThIxioiIQiOf2UAVWhXcQo/YSKNLIm9lvVM0XRzAZqRobGHdzWAKb13gNYrQRYwiiRKhA6crxWqDaUZenXaCA4mcK6KcHzlOx5bZdAI7a5lHvuGojUoXK+aBdtJuxBENp6OM0428W8jSN4X0fR/XdBAJ/ipi4+C8izbqhWgRR11mPbCIDYzoDRKcd2lSKXRV/N8X1DTtvO17PzC/X7T7PvraMlbP3rg46eGSVl+6Z1E6paWtvrIo/dfyhk4XpNfW/nsn0FMbCfX+c0guiZBNrlPkOZ+p755KTOw0bBKHz2DR45LtIW0m5zL0EnA/sFlbol6Nx0D95YnUvjipHRHRRo+eqmsnlHWdsck2yOPnj4iKnTIBtp8SCwhPZD6zCbYiX0N18AnFIXnMnEueGr4UxVVP0tuw4txHfF5xMqTayQ0RWU4oiJCuR+RELKLzRanp4UuKCxzZzN29kGGWxq0k2R6er1227emQXE3lRg9c9QBfR5jf1yUQaks2cQqn2ZpYh8xGHLrktFA1VPaSTQuV6MW5ZXszg/LFTOLAiCXCAC52T4ERiJtCICuG3vaQXkqkK6MjIr+h0EMCZ8LzIlyZPFWsENmQYATEaAs1+YkEgYk2kV5K4rDHBIZexoPB6JKXpNskIptY9SbSqN5OzkeyQihY4BYuE8V5ZyMAd0/sXBKdiOWFUGfA/RCFBJTkfI4yAVXQxFDClxSy05EYSjmb5CJ8qrdJOc22+I+rSVHnJmgc7GQBA+5XgBrYTrKxB1g4ttDn2+TaUs7qoatfknJGUq3e3FBgBj8rZqiHFiwAVCcOok2E83L5ziX1kOBuXtqt3GCR/zzZ+ilpt5i7mzjVoRL2Cta8ProhtFmXEnqqTqj30jAPPFkR5c27nEs8mHeRr1/ksq7kz7v0XlKyCcXVx/uCa/+9V8h/rTycLm++ujCfi/fQ0vbYs2pxPlfzzqdPrvrvV/zJVfpyfa7mslEffpVPslr7b+2/tf/W/ntnzMOP40c+j4j3riw80AH1hZtXFwsVQLy6YIVqpbHJE5l6pUF/Ec2K44UedXcVAvc1r51c9XJzcpUPl6ki9eD3L93Dq47nvn9lUWpWH993Zu2/d+bcfx30n0kcPpV8eTI2iSr1Mzmhp2eTWBzZadi5skq1L3CICJi05oiIchS+BVfThh3KASwSORjJ3+0S4pegINKEhHpRcHVSb2dilnITdCUhtkPy7JIAulNvg+64hCiL8VIvoXh+SDFxG1TCzweq3ZCkRMVGTwTBjB9SrO9GCsl5KBtyJfeAp8BHbcnWGZdYsN5mac7XnoiluD5xyu7EGmFTbsAUGYanyVCDTwlFokIDh1SCkVeKJNtDwsRBG2AACTYJ4HeSQtebRIQ9CiLrtkh5TgTZJI+q223QAcjVJciV2R4Cd7PYICoSFZ7d7u7J7JDKJEgLQhan9uDm5VxioVMwujZrsuJcB8NJPeKc7mAPigxCYcYK0mWSVImKD55SQihCyWwCqh6S7SXowMltQswQe3gtUyGHSW9blajoNXyu7uU0p8ovvOpIbraNojaTpxRNAVo9pUDbSVStLkGAsiSWkqlW85SrJbBrRMzFaHWvFLtNjXo1wt0SsNv2ENmD36BkJmIu4W5MObuVcIMS4RdnEDOR34gU66BIVDQkoKx63mV6JYKhR71Nad6FNqXfwJewK9EOoZzukFXOu8jArxIti/MuJ3S5pJzt+z7vwUBEa7C9Q/BcmtPlzVcX5nPxHlraHntWLc7nat759AlW/+5PrtI3FoLn8j7euYtXHc/1/rfVho+sOr4vQI2ZrzG/a+P7EhECTr9r4/siMnNdMTOv/fd+HuT/rYoKQT0+1ww16Mc8M9QIi+eZoWJmfnymGQSRZ6Ef/nr1sbD237sS7Q6E8ecenNot+FiRN8I+z0JB/3d7umHe6jzCM1HQ/93vbsMGt1h4EnHcZR7YCslg8KhjJh110N4iFgr6cwN008eGhZFPudGOm45hNmgdN5rZectubJci9y6o547oscau0MfAnHYMDz7HQsocOxYGCB3r0BT05xZpHHvL8khk33BjASdEHnkGwzVT0J97tuvT2Hkys4Wg8lkQZ0nCj3/xrgX1QpXYy2gGld/Yk2e3b77x/ZOr/vf05KrvzXneZawdGITM3XyknYhzkqh+s7+c1S+/OVepHjFb3+WoTS7nR44Ndk8O36alrX4+33n9R3ALzLtow3ngvMs48snhh8sb+u6CfF/w50uc7639tzLykwsJfesHmauTn0HfSTjzq72EGs5w0k6leWtiv0hYEvYKnTp5c59+lPxAMNKAEsrmAtFPmjePh1DoXPgWEdGbV2eaBnjraiEEAlv4uSqGCwHwza/p6gtwJLm9TJmwNLgATqyjpgXjlKjZ2yduEmJJkzAI0lj510LSvAUiMwWx4PakQV6ahIzO4r55IWkLEeVZqXkrhEybtJlWjlNKjN7fEyc3JqqTGoRpmzcBzj6kdC2gxTXRANl4FLghImNIf8uQDoGoaXxh2uTN5MIPJOCstPetMmMVZxVJKUZsvb8XsqROupxxUmbapBGpDRG5CzBpo4k8UEI+y17KQWxSZzEL1AuVb31LukKJJX01+8looc3ylPvOUA1i+cTuN3sN7RPViQW3T8CFQDIt7ebeBJEvOCIwQJu3itW8y0++ZcDdzJtOnHOEdmLUsE/qLILPaDHAEnIgEygoTIId7WV9CyBeoaIbD8deKdTJT8RFKGeTXHsmG2LqJtSNIaqlSZvJG5/UjQXbEBFRkWqufhPy4Kuhb4VswPmcF8plm/AW5awmm9h9DYJoLa/OR+6CCPOW2I58ofKDhFULxInbh8pmD87L5ZCmd2EYL+1GF64uibNNy7Cn3C0PJ0YkckbDT4K3itW8PjX7UCkSeLCZN2BePxfcm/LmXbQLGgQxynkXzlOCG2cw7xJaEXf18b7g2n/vHfLTlYc3lje/+eaCxD9e2rx+xaLElVvKqvkuX54KVa39t/bfu6N8uK7vZWa2Nai75prhZtCPeWbQUgaeZwYrnM4lw0I//HpKr1bVE8ITFaiH55rBgn7MM4OVMvA8Mzwh0FwyLPTDb1cfq9f+W13b7Uh1y1TGCOvBgt7E6cZbFx9jqT5nebVhC/vFXoPGoxtbMAIduwGijdwgopYG6JOcqRD9I8ysaYA4kpKMu8WYdcwK1joeYFfVWO0yI5+y6QRmjYEbbWCSgXaFWGAVh8TsSMWA36APIg58phIpR9wXcdOOKcSiElsf1audtnBXB/ZLWRNICTIw+0HxxoQ46MrAJY6ZScOgjQIhqCKOOR11+pKIxBM3+kTZ7Q+/fW4Zq7dna+AhkMUhSbyIo14tk0OfEH73wovLWX32D7NksM9R4y3sR44NRk4FwsjMrNpNQSRpOGpzIvj9i0tbfXaWuEIcUSa10gQLoWaNsEied1GASbXhE8EnljfudEG+L/iZJc7/r/23kvB8ItXBDJ0hnN6lQ7F+cgdHUztLn/w6SbUzXfcIlll2mxjdNHX49TmZuDdIZzLtztSfLGDgGjIz+uQ4uvRiMePc5NwMYuNMHdCnl2SH8SIdgLGwQ5VzHz8iwhfPEJEYAfh1aoNzrrpE7YHszP8R2R3n2gNLdOjkAOqFiigaB3ohOtNSlitrHOgJIeguEsWzzu2AjHDMVSoV4RHtgENzQDtyuoqIWmmAXnTKbrQHWSQrXCSKZ5ZL9LxzCobQnfn6odQgGbA+ttY5KznbVq45upRpjTN0URFAJcbGHdAZF7Kohg4UC7Anpr0ouotu55IVGXdcBfY9uOTUsjxOJqdTNZfaHafsRkvBVW2WyR412TGLS6WjF1XAGHABJeJP3B3Z7OwQnWJIIJ11IF9bidNE6+QACoZORV7MBgnonlJbweSwuwctPFnGSjjCHMGpSOlUkNA5VTfgEbpk3amI29Dzy+WCmqFD1epTCnDA2Uv5q1EW6FQRQHaQ81XPodKpYswdKs5IRwbmM+1ODiPkppPttOKYqboBux4j/KRxR4fLK2csHaHEEKjWXcqBR0QkM2QUARRaJ6mIiJQMuIDtECqAbIcizWHlJpGXTiZdCFXdUKgI1DLLOYdft3Jz6kBZNSScukG5qY7MDJqszlrRwTZMJDcdBO6lJm7aZXQ3eJcBKAYCEMGfdow5q+EdC85odYsuM9lqBcVnRGhdLtDHvHSSI5dlVK+WyaGXTfDm19kMUnA7lyIcZiDF2Xio2E0x4WGOhNaAM4gcQL3bDtjt0lE2pikT6FS125lsN1VzZCNIYy9O5HnRx1aZrhEOQCbnVN1QcPboTJb0+eXTmSMiFH+42BId7jh39ogQprgozbs8L6++SGTFgGgP5XmXaqJ5F2vApYiqi+KkZ/PmXVRAtqPwYkOn+eQ+qtKBqK1rCVYld0MBJm2fLwjvC369UgU4BlUdHa/3BYso54qt1cffO1n774TwqZWHt5c3L1yxIPEnlraP3y9M/DZ+Zhmrj/1h9fF9q9b+W/tv7b+1/9b+W/tvsagbdX3j+Cq/p67Lwo33qevO5c3bud+sJx5XP9zPqZ9eDh9fHebUQ0ubz7i8+u2UHun052U/t8rj79lhntdmwo+Ohf4uPrbQPAc9iYjVsSatMqJ7txxPT0/GYlaj7vGVdraYdwfMfrzwNLt9tr45/iptuevHl5XAt4ywe7wb+PNFp49BGoQjz5x2Aqe2g+MUGiCOu8xmF7VhrrxFNAbRNxxwgDjqe8QwG10Qz+KDPALh4fnSivxbiBaez0QvSErUZ8aKOWAaOmMMbBB1YO6PEWl2mEdjBsfROoOOeTySUmRgHypmA44gw6MbOM26WQmpFQlzj5N8cNKOAWdG2AGPSAsL4S0Zh6Qwts7ZEVD5RsQJYFxErrDPhN45P8oYjogND3bdTBjQPdZbbEEn+kw+hX2y3EXDUucjBq50w1anKoalrqeojRhxM2TQgcH4uarbiezQSCkE7FTc11uZii04ihZ0TYxRYWw51VX+cUKQMmRAo+gAhkWlQhaFlULDzAaFW9AwpxWOR/AUUIFkhrna5YApsx+IEdOdiS3YPT8A3WPfgD5F7ML8lSCGDlMAiZwmGUg2HjAz9UmzyDBDAW3ELvOWFmkNOimFQNqxiGJEvyoQTIzctBMgTczG5B8n0HNj1KQoC5RFRMBK2yCBkSUJIqwEjBw7D9b2EZRV4lGnMfDixzwe5egYmAyEtbNlEBSbXR6MWEoh2DEzR+wDpsMgkZLBcXUL5x+nEey0GoyyQBf8OGWTx0xrtguSMRx9zGrcrca6yXo7DXhjPdOFFPYYHDBtpP5LwymHk25dFNhVIwz5x2lCC3KTCko7YeKFKcx2E2h34HArX5+YWVeKBT/RQsfN2NhyxMig7OfQySkmWBhkCzZHWok4Pv84TbOw+F7IYJcrDKxH3Neo3OSWgIEDhvnigfRCivvMCi0bnap1DDfagE0qTEWP3VgSQNpG3LSm460Zv9DnfArOd6YzYjmFfDvb6EqxSUDDVkeZ0yN241H+cUKQMocUZbHNy2HDfMsYcYRBrPEDTAUnvxCiNjyFGc/LjbT0deoA0YecBaM72IhE8IW6HnEkYQNSct8jDtyM5+XSMTx4accoUkhfDksvJA64dGSMaqEvEqb5x4mDRzSsJEdZXBhsG3ieNb2cGvnLYV5uxiUWcmpex2mxYTa3rAJ8Ktfv+JjWb3J9+/h7KNd/LG1+/z85PsHH1Rs5P7Diy6A+muMr96w+/t7auijXrjZc2bY3rDZc3/7V7asNt/3NP682Fq9p/+UDf/HHV64wfv2Df27M39smrirED/1JaYwp//Lv6KZrVxB10x3tX5QG1D/99Wm7gqjTmowxBg==)

**图：SMC 调用架构**

SMC 调用包含以下组件：

- Linux 内核：

    内核中的 SMC 调用驱动程序负责在 TrustZone 和 Linux 用户空间客户端之间传输用户空间请求。它公开以下输入/输出控制 (IOCTL)。

    - `SMCINVOKE_IOCTL_INVOKE_REQ`
    - `SMCINVOKE_IOCTL_ACCEPT_REQ`
    - `SMCINVOKE_IOCTL_SERVER_REQ`
    - `SMCINVOKE_IOCTL_ACK_LOCAL_OBJ`
- Linux 用户空间：

    用户空间中的 SMC 调用包括 `libminkdescriptor.so` 和 SSGTZD daemon。

表：SMC 调用模块

| 模块 | 说明 |
| --- | --- |
| `SMCInvoke client` | 该客户端通过 SMC 调用驱动程序与 Qualcomm TEE 中的可信应用程序进行通信。 |
| `TA client` | 该客户端通过 SMC 调用驱动程序与 TrustZone 应用程序进行通信。 |
| `Libminkdescriptor` | <ul class="simple"><br><li><p>该模块在用户空间客户端和内核之间创建了桥接。</p></li><br><li><p>使用 SMC 调用的客户端必须使用 <code class="docutils literal notranslate"><span class="pre">libminkdescriptor</span></code> 与内核通信。</p></li><br><li><p><code class="docutils literal notranslate"><span class="pre">libminkdescriptor.so</span></code> 可从 <code class="docutils literal notranslate"><span class="pre">/usr/lib/libminkdescriptor.so</span></code> 获取</p></li><br></ul> |
| `SMCInvoke driver` | <ul class="simple"><br><li><p>Linux 内核中的驱动程序与应用程序客户端以及 TrustZone 中的可信应用程序进行通信。</p></li><br><li><p>SMC 调用驱动程序源代码位于 <code class="docutils literal notranslate"><span class="pre">/kernel/drivers/soc/qcom/smcinvoke/smcinvoke.c.</span></code></p></li><br></ul> |

## 访问控制

访问控制使用策略、技术和信任模型确保只有授权实体才能在定义的条件下访问特定资源。

访问控制信任模型通过管理各种资产、接口、SoC（片上系统）组件和镜像之间的访问控制配置来确保持续的安全性。此模型有助于保护敏感信息的完整性和机密性。

- Qualcomm 访问控制使用外部保护单元 (xPU) 来控制辅助端对寄存器、固定地址和动态内存区域的访问。
- 系统内存管理单元 (SMMU) 控制来自主端的访问，以实现内容保护和子系统内存共享用例。

**访问控制域**

两个控制级别是：

1. TrustZone 管理 TrustZone 域并使用 xPU 控制来自辅助侧的访问。

    - xPU 是多个称为保护单元的安全块的组合。它允许基于一组可编程访问控制寄存器有条件地进行访问。
    - 如果系统拒绝访问，xPU 会生成错误输出信号，并在必要时生成中断请求信号。
2. Hypervisor (EL2) 管理非安全域，包括内容保护区 (CPZ)，该区域旨在阻止访问高级视频。

    - 它通过 SMMU 配置从主侧至第二级页表的访问控制。
    - 它管理阶段 2 映射，以保护所有主要域（Linux、显示、GPU 和视频）中的资产。Linux 内核管理阶段 1 映射，以保护在用户权限级别运行的程序中的资产。

该图显示了访问控制域。

![../../../../../_images/access-control-trust-hierarchy-security-domain-updated.png](data:image/png;base64,UklGRmQTAABXRUJQVlA4TFgTAAAvQENVEHfkuJEkRapl5v2v/06cL+cAU8/MdvWBE44jSXKUPq31fQk8wXRMwYXTd7O7TK/rSLZNa13b+H1M46X3orW1z1pMbNtWsnFJkKjOnJh/dciSAAD4zUtwf1QiBQY0JlKoRAqVLPwzL2oDJFGFJFUB9JIKqAQgALACOAA8APYo8BIAgwGvUQ2AANBnHiWAGkD1B9BGgTdH6XuJQ9+AVhKGsiYUolgaR247qZr7IVEQuu0EOPdDzAcepyEDz8uo+l63E5xP9SW4hLceEfLW4ww54/GWRCA4ed2gKs9LSHicorrj7Q9J5uV+3JG0vRfSONTWpSyJ1GUuT2N1mYsCT57GqiJT5qkyT5V5qsgSdZnL01hTFbIk0lSFNA51TSWJAv3aieEr+lgc+E6/i/f+AQU5PuwP7vqiJc8fCKgh//ypOEHM/pjdmnCZ9/LGP7njxyiyfcUf5/iaAVsiXyKVPG3kaWOdD4oslSVXTbVw+O45hXHbRo6o/sve3cvhGxET4NhO1tE2HnLihiuf1z9G4QIuvKkNtSPaSl+aW+x3njHTAXLtPiGUsVw01OX2hnHZPjeObK17Nu/65JxzMAyUQAVCLAVCCCGEMTQYs8mYE31uDifnc/506Veldjg9a/UNXfXVVxXRf4qSJIttm37llwAB6AWFE0i8h3wArW3b27aNs86UH5G0PWK918X42oPZQxWzPLPZvffeu/3RJCQGxCd8Bu1LIPFhRPTfEdtIiuQ6Jt328uHs96Wpff+L3zzItK/+4FsvifbtL/iPv/H6s4NLez1/7LPf+K7487VPvfbsQNNe/sQ3vzf5wqdezoebhq9/e+z732Q+4Dh+5ofmix/PB5325tfH/BuHHcdvvuZfP+zIk/z//htpYOHaTVnGL9aULMk0vp50Raqu1ZNIrtH++18X1MZq411kR7a7azVZmHuQlVmXu5YBd2iGPWTzrM/vrJujNQz34R0gVKu7Mo53pyMA1Or8PtoaraeJHJkAlB7oNRkGKJKVVcGNqEqymAOoVJHaSlJaxV0KfRpdaQypDJCY5QFWZc000gSS7KMWhZ7XYuUIh6wqjD66uqxKeW0bZAkrZvTByCSVVXrGuoa60qTQItA40QCTubO2LSqsxRo4yCx9yg6V+As6ETHHST0H1OjmuIP9daumNhNHmlEZkdMpwkHkm49lNRbg7vTgXt0yyRRZ7BehZECRwXnxGlLBAEca62vdwoIbpsWksErDUJFpdCiirD8lg3qHRNEq52FEbaeZ9Hdl1BjrlRqA4GO2JLbYuVNwtJx6yFh2mu7uXc/Edk1mf6XyjkKTvLiyuVfb7NAARGrJ22nk6jrOnyV3BB8KrMsqcbErxWituH3XsAPKMAJw7uYwJ+nRKrlJYBALrjRJebGbZ8BQLii0jFqvzEZNVrmc/yupewCB2dNqrT3+5CKSBOOcQsQEZ5pgzSnKZAwLWsqLanfomcRqIg48xhgOPKpNfQB6Dun/HlM3d5PrVVwgSd3ei8B+hz/lmDk33+z2tHpfmnVcDwSG+xEWdRuPkRWAms1yRivYOs7a7yFaWcGCqHcscp1Xc1AJzulCtSarsSLDID9dqkYuGOaCqpUGZodSAVGToV/QMK7mSu2esCpmoiqDWFRAPaVIbC16RKVgV6W7G2MAghrcIpv1nN/hkYkIoA7yWYmRyTIALTvY/xcgx+pufkYPQFEvfE9T9Ypup4f2gMRsFaAtu6qyKoW5FQHQXoSJC3xe0Rdcj40vGiqS3Enp7S6xt2s0qSV6LTeqdIeu0MPOncOoqtW/C/Sux8aX9Gywg+XViX7lX50YXI+NL8pBAxWXLO82qkruVu2w25o+hch+bHwRWk+a6BfsMP6U2K3T40+Qc2/zG3LG4cI9TbHz9IeOxyhMeUejD4ee55BCfQB6Evb//TeEjoEa+ncM1NTME0GNnVWnnAowo/2n/af9p/2n/ae10cmOXCF/5EoHO1nvHh6505ihSDo0JcQjLkOPCXjksFWTEhrtP+0/7T/tvxOaDo1JnTEmw2D46P8NKgxEfSV8gEUJe6kxO3jJiAkOF+4TEx8wyANigsOFhphkiJ3ZYeuKgk6v4DwKIkY3IFLCewExkcvtBBzyuGCxuL5vaorHAolB7SaHRM4EJJIS+YCETpddnEdjgeQQubt16TBgISPyAYs8JYoCFrHkOsh53g145IHD5DXn/YBH0qdBImY2Eoj5M0DMUhXbo7EFsoIgS2gXKhCDLOEff0HslqaSEkpzuG5mBZm9cVOeucLNkUTjuG2QRBNjUsJFMa6RTLPMOwsnqWaWdxZOMnXD8Z6WawmFsCRVCadluWr45xZ4HCUk1VilgsnQ3mj/jfxn1IbVsJuR5t7Fkgyru7poz0cdh8chF2FaEVZ2LQMAFNXj0JqacdAru7qwdhpR+sk7zIAhVWMZNBmi9RHTTFStyWqsZJzs0xzAkEUL09UE13ZFEJpN51Kr/jyxFbLSQIiAYYug6knwaKkMhqKacA4gw4mOfm2nKvulXebyzExCUgB6NggJ86aDDFAWAOowdTLsADTsxWpl1n9WIMl7iNZtWmcFOzLaRhF9ddmtUkJif2/GYPbkwlCRpKWSWvHujjR3sx/OdlVYJ4Wb473bXYp7jqeyT136HTKZF6m0h1TWJhxcCj04Or3c7UFMdxF2YthP1LjvsLHepBeUF8UL5SjN1Tlxrh6cq/ch9jsDsDtg/3VaKF9UXSfeu6KESprMkDebQwMYBnpREVO2kQHod7sd3e6HAVzDDq3a5Bw0UFHKqnLt5qfd9iAdveQYBoiVrE+x0CiWRgSIZBKFzgopOM+EXAbSD3uGFgXrWc1iIIPIUVIlxyDHuDS2IdeDopS/gVRoEViL09xan+dtOyAoRyGM5eLt6D0whYha1DAZ5hpsS9JE7xp/qly/aPahqqERHMMARk10wGwOFUsrQMvkWHCeCRXr6dzQe0YjftwptJOx0EBQgzW2QSOS5NIvjW3IleEgxkBDsu4qh1rcGBCBgCIBsZrJ09un7PwoVu+DSawNy/jCuGUWKmg1zhzDAD1bRBpBl5C1qgvx+8fFcSZYn6HVntGKNyPWDf18hosMMoCfBDl+0S2MbcjQxmq9OC1KjZl4A7nJ4r2bjHKawcDG6nRcvhmwF2aB+/r8RcIzu1aHJM7xhoOgkvvrVuXiOhMcV/M9Y35bAjtj//JBVcwBBPlbaKCxWO+bXG+iy4GNpWUIFM3WbfqgYH0Uq8g0um5H7wvACwUS24ljGACmQNaYjXRIJOniOhP2lIBYIZeYlRkQb5W3lZzbfmeY1OjuOszNgiLo2jUptC1jdnQfTSHGiWMYAJ5daLDUVUW7XzuDoHww2Lmzvijuc2MIFSx1sEaacrbVpWoFx/d8x+3oj6haqgDHMMBcwmrEwmr5lbfabfXeElmqEWbH1Ukk8XsdMptZaO1bShlDWdm6jYLUs54Tj47b0R9RITPAGgaQ5aghBRrEgh5lHBE4adgJjjNhb4FmBRh7t2pxN1HTe50RIUJ2jj+xPrehqC3i3rTuHbejP7IaQ4BjGAAY2FiQFcs6Z4sh5FIxx5gve/9JYhq2gNlh/MkwyCTtJg07wdGVkPblDAjDftbSPJBEVqpFEaxaIckktJqMxs7C9A96tldS9qvq8SnwbtO9UKE1KOrWoQK8Lkegm6/2DY39FUjp/cP4Hj5euqkcFBu8eKUqOWGMFaAj7BHsbF1i9szZbn8+VJrvIe1lNTlfDlQ1B0mOmWsYNZnKSiYrGvENQJPG0tUujqfRhT5lS7sJe+o5pJqJLgbrdmSH0rtmrqH0EYaVTGbYTAo/x1u87juKtIOxCtXVdSs4MdtpYABKH9g5Zq5ZA5qqsgLkQg7ojDS7C0BNbVzaqLFes1qwp9lWYpCsdtRiguEoWAECh56tqOk7QUwFF3ZbwbtE0SoAJXu4Zq4lWwoyo7+7DqKFQttZsIoLClZrKaqt0MMDdSmMOXl5VHFNZ33i8+L1WgZ75tpuq3ex/EKhto5qVQddeLTKIImJaY6Za3K35NztjnzpR8AwrPALQE2q+a9NgGdlz1yzxp+Ua/zpLkgG1xQiJqzAICU84COyBwBjkYA6DAcc6OVk/UMOIiKi0fpm5GoLj4YyEjlMpkGLmDS5blZISxkTuU6YOE3KtNGc1Da8k9NWpq5hsmiVnBFiUqa7GJFmp7aBu4SLrUT3/CWMJVrCK40YIcwuA8y//0PslqWZKiZCMcTO/TU0ANNOVlNCSWaxkrUTeZbwCLvZNeoc7T/tP+0/7T/tv9HX9g2kpD0DKm9B9bSijr5lTTXZrwOYxxmg2DSDlDQDO0/bAVVoUwvw0jpjvAwXCr32n/af9p/238FCJ/M+tfntYHir79eAIi4CCgKP937XeO87sAqt9NwpJkDmBS0xcR6GLjHZh+cBMUmBFVrpz1hGF8qg10KaCISnYMcJw8oCpKmLVfyL08LTAMRzZiIA53qw48Rh4QGwQiu+LGcCqJHtOZyVJLDjRKfNRaAKnSn/3RyoQS8CNREIO2DHiadEgO74VlFo5RfRTgCUfXoL0iyq9yAAzT1Qa3QNRYpsdpknv/1X9UYmTHzwCUc++8Xw5N0c0IJU3j3//F119zTtXXKu/t7wZFYhbYjczJHFcu/+9LO4fDtxBlJBYi6TW0K36wTUNqnYRhWtEYkckGdKT4vcW/t5qWUSGjcY5EK7lkRmTRXdIKFZLvORFZtSLUEdKUhslso4EhtVRGIlZT4R7G1YBeGwINgGqLkz2Vpeov2n/fc/7I2buZXNRHFu74gEneQ35j596r5j/PXVXz4eiWQ9nsNwbrpFptWCUBXnlgcrQY5So9t7N6ggVgKZXBXy8MJTWQWgZjOZE7RKz2qh50P5r0ej9AOi97MegLZ/n7R5XcRSAIayGEWCsQr9/G8lef8GFkQmCAwzpqc3FNoCwwEqyHMuhXsH7UxSg6hSY4Gy6jUf5wBAt2msBLoA+mDaBwRVywRyP0X6p7cy2FoGKC0LtsgP1PGXfwd/+c8bxr/H/+Ixxt8xHv/1+XxN/Of7VWiIqqhspbeqZZ0gGJnsEpav96BK7yjhNNFF+bTvOqhUenkmP6TnmIL8weHvf5jS/Merf743dmWJNjiqQos8U3MEQrcxjhI2D05pRwmLH2BD8/Re3dmrRQkncRrmODyk34gALtOaecW9GmywVHJ1ON2CMGix2voN8dAqdu6Ls8rQanxCm1vRLu2W5qUcTP+Qfjf7L6fj81f/9e8PyHVvLbBPB8bdlj3obot65qd1l9jDXoBMUBfnRo2PS/T85T0blzq7FZZEc1XUI1oAlhaAxPZJbQzVsm7TlhmPrHs1Trs8zCbaLXETnpbh8RhVsn6ARXxKrxb/WISiZPso/JJ/tvzbc7zq7/2FRvlCTp4VwaMLPB7B8QNsqZ7QxD+WGRZ4FDCF+PO/Tn4n7mTgvgdwtRzAdSrVCM6oVf94JAbYP8DMp/ULJXaLhk16AEw+XhB/Qz7/5eZ3x+fzPjz+9X6N9YbEuZOn1TahIMl6OH8EXFOIHMYQDkCTWLX/tP80aE4Mtk9BIi0kmZBiC0kaWIKygdxkndd/EurL2raNPpNboBpj9bYcW4mVgGoWlxe5SxpVFMLssqgsvWw75USluBGggrCneW4DqtBNLKwjbAgKRxWi/af9p/03mtvkRjI4y2C9+/W3g0N1Lv6foomh+uHnkvw0USMr/80l3qMfnfzsobzEr4LW3/ZOAfEfwc18eKertIdvuGe8ePfx+2DLfHtxuUZzp570jaVXFzmfTSmOVye4PJPeBS5vn+Wb7cn2Jud4cXmCG5wg3eYf4V3gihcn+NH9OIp4xE/ylQgvr7jHOf81cHkqzEdxbSVizojzG3KWcIk0Xzi3KWcep2g1o4NT53OnuHa4PJ7m45UQL27nOD8ShfOTHMF8jYvTnK4mN9mf4Jjf3Z5yYy8T6bbT4YmDYL6+OJPHdJVvp0K2Dt4jTRfJY77anrncZOvQj8ftTeaJrxfZU8xzQnS4FXU2O51L5iwepzLOGcccRbL5EridKyrn+RPnj3Bbiev58ETQqyT+AnFMPzk5yvwfzG7hp4A/EolOt9c2kezy3Tk88/bZnKH2NC1AoLUNrkXpWX40h7WI0qIIAE9Eo1O+Onn3Rn6+zPnyagFurGRzu193nrmYNrpZcnNX1Z6xXMryzNkt38bL7S1PeBeXq+YmUToi7bzAodqbSNtp4XoZ5yTb6FhIOy3gdM18oZuT2xzxo7y9ytyeODc5fZI/G09erPyu9UKOTT4A8832zA03+XZ7IzaJJ2fzEedLSxJpb89wlY+XB3XkG7i4zXkqElxNuD25eBdns1P7hU4VD8Sh4jdwr7bWC03HdPGjhYWb7QnenRPJF7pNwJUl34iUmRfAu+drx48QiW1/tNPhPc4pRNPCSj0H7+b0IGJ5WP4K/dsyP5ypkYV4SP5Jc+KjTwZn4hjom7Dafwd1rx9+vHHYce5C8+WPH3a89fWx7/vXDjle/twPTfjip48HHJ/42rdMwFc+8/rBZqNPfv07L+X51he/+Yk3Xz/AtDc+/s3Pp5dk++6Xvu4PMe2L3w9TMw==)

**图：访问控制域**

## 安全外设镜像加载

TrustZone 的安全外设镜像加载 (PIL) 可验证不同的镜像，并为所有子系统（如音频、摄像头和视频）配置 xPU。

关于 xPU 的更多信息，请参阅[访问控制](https://docs.qualcomm.com/doc/80-70020-11SC/topic/features.html#section-access-control-features)。

## SELinux

SELinux 是 Linux 的安全增强功能，提供对系统访问的更好控制。它使用 Linux 安全模块 (LSM) 框架在 Linux 内核中实现强制访问控制 (MAC)。

有关更多信息，请参阅[什么是 SELinux？](https://www.redhat.com/en/topics/linux/what-is-selinux)

LSM 框架包括以下控制：

- 自由访问控制 (DAC)

    - 这是 Linux 访问控制的标准形式。数据所有者对资源（如数据和文件）具有完全控制权，并且可以更新或修改数据。
    - 某些程序（具有 root 用户权限）可以覆盖此控制权。某些资源（如套接字）不会被检查。
    - 根据用户和组身份提供有限粒度的访问控制。例如，文件模式 `–rwxr-xr-x-`
- MAC

    - 系统范围的安全策略确定所有进程、对象和操作的 Linux 访问控制。
    - 该策略可以限制有缺陷的恶意程序或不谨慎的用户。它甚至可以阻止用户升级权限，例如 root 或 UID 0。
    - MAC 为访问控件提供了更精细的粒度，允许访问除具有更特定控件的文件之外的更多资源。例如，取消链接、仅追加或移动文件。

下图显示了 DAC 和 MAC 决策链中的步骤：

![../../../../../_images/selinux-mac-dac-updated.png](data:image/png;base64,UklGRhohAABXRUJQVlA4TA0hAAAvkMOXEP/CKJIkRb28r/Mv5sScBxweG44jSXKU7kO+Cfy3BDvwY/XuSLdtJDlSrfDOvPwzuXjuhaX/V/U0m8i2nWz1cyAJQAoV/iUgg+4HAICVaapTeMiozLsIKyhMkmRXr8Qk8+zKbSlMZMFU3M10rUz+TGeAHWAD2AA2gLswvYVcAAdAB1Mo4Cu5PZXFfKPdqldPEUHLrjD7h4CBRgCNl4QncpZwiIgrTMUUZqLH3IMeCzfekgleQvK2Pw/Hd9Lrrr0bPt1XUZ8N7YZ2868/kSHTvvkjMnzzR3WiKRZ/Zsvd3iJCpt3tLSKcv4O73O3NbHnHl+rke0N+JzJc/4biuG0kR5LyD7vdmN29e0bEBOCteCVRlYXbPiEXnUx9gYo55Uk/ODEBbgD/mcQE4CxD6s9NeQKSjpQ6YeECBYzByoYbyV2Y+D9l4Tn94KflGsS2AHDcyLZOla7OQXfxXefety9CBBuDMMYII+qTwQSCwRgMIQTy/3+HVSW70zN9eiZvieg/Lci2w7bNgYOGMEEdcPQIkEDYf3rT/7dtm0C/85185zv+1T1l55e9dxR2ub8k9WA6FLbIQPP+34ZFyiBMkNTvKxER/ZfEuI0kSWEgsVV9wF1zT2t6Xd+ftvQv//7lNZj+659/Yukf//HlT7/7Rb380m9++e2fv/zb39Ofv/3lZ/UqTL/89T+2n//4y2/U6zD9/Nd/u/QvX35Wr8T0uy9f/vuf1Gsx/eWbL797MfKHH7788mLkl8++qP/3n41d09nQLPVx9Xk+POvpTHVczYdpHWiO5wPVw/XSMJ42TuPwRu4TAJyLr4B8qNZ6aYZ7CnSY38YDYBpXWIrXIROMSqkFhlcbp/M8D6nzHVZIMX8fH+dZqZ2643Cf5iRxugCsTGACWB7SFkuKFeYlfcoZ1nGBUY2wAhQs/GEdGAWwdFZqYYPnBxM4A9ylLZQMPL7vJ4CrusKaeNzlJsDlzrgVN4BrMQ5qM71s5bNKytIWTOZHoQr1gGUcxxWuI4y5ndNfxkSRXNPQmHPhw+OcLZR2XwBguqoBWOJk0xngJhn5BEwOaYshj9Svsmq3cYb1NMgnvRmu/DNmGCTDFdbxNOwwv4qqXeDC6/GlCTMrvil1vXKy1RbGKQncBpj3iqUtgNwALuMlRfEI8/2xwlWdAc4XWLI8AGa2IKHglou6MzeYZLWbtAUQ9VhATGCeAWAdxEzm5ZRFXS8AcD6pjRlgvW66KyxnWPj853zP2CKIUrf7jQuc7vcdoWJfkVW73b9HVgit8cV3+d+N0IcPhEZEMFdqhi7fSI2IZf9ENKZUvxcBNSdqDNkT5J5HX75fo1uL6Jq8yOTJcr9CsiZQtCY+kTIFkbbvBjYMj+9ENDZSMPbYOX4rDfrU2uYHKB2LjR79kyGP/btlluH0O5BrboPd84m6YnbmxyHBItoURF6jblJEeXQ8HBoWYQ2VthZujUGsRf+pfZJziPUOLbYBvcGYGoKeqRjEFG19amIkiiWia6W9xLLQC1gmAlPktFjKBmZPEwl/Ea81I9bBavYpLTWstQG35PNnVaNpW8NPSe7a4THw83BP/cRU7kwKglaUl5nBp7RET71xfFTZpnisdbsJeOqwpqDrvawL6CJvSJu6vZZpl6wh0Tkit2mlcK91SJEpaJh/rduNXpeppYygS5INlKcpwf2tjoyOXY/EvlSa1FquXGraPatWu55qEek1Ri7cU6Wf5DcnD7RPm+Im1JHYiNHY7FA3GF0zh9KJHswaFn4UWX9aGi5S6Xzxph5Yn57imrXCWS7gsWf6EWvWh5JzrOcXtGy0aqpmgynWGDd6Y4lkAzOnSY7lk4i8ADj2F3YCdc0DvPGc7FmNYszRo2dUAiE3n9zUv8X2uTvVSrNQkcmXaEMifxNbOhF9Mr4aDHvVQtLqmFvAJso+0xqh7wzXrvl9saRjnWLnZQh6hnMx20B5mvK+UqG2WEZxuej4AJsokTurkpZF/A6ZXbUPn6aoI7XIEmPHELuECJw6uSUCIyJLkjIbnMItot+2OI5LeqZfJitv0DYST6ZMTfQYmBFiAhG7bAPFacrNk2AGdnNsYroCVYZbGc+RZ3UXubEzYzNRPhUPKGdiJ56L5mi8cMtlpWkpWXSZTDz6zbOfkZaZzYesaGeFPoPXQXuGRy8y3TkTMw3MnCauWopMjLhFD2wqI1rqteWZPKt77O3SkbHP9G7x2IsorUVkRBauMSbybqTLXLGuaEMWV4bffVI4woHiBvtaxySZiUMeis5l6NHpyChNZoN6XUm7kDlN4sTksIbB+n2NQZjWGBnyrB5AKlFp2C233onGRupTrASsiEoWf81mUiYybj3byFVzJvm5FGspVDx1ydqag3hsKexW42HOP6Cl0gQKus5AFkti1Onm03DSGZENzJ0mEu2xgg5LsUEBDXHb6Bx/1iXP6h67CxIi68cnSodiZoFb65A9MWLTlRXl4Heqlg2OK0Tb8wnMstIx2aHx0ro/yN78Z01c27X8A0zDfpvMcjTYMpiR9djyQYHVQTQwd5pEw4yX8dyXmQWG2otms4dLvUEvz+oxqHFsOpa36c7uZd3Sliodfaypw/CVLGoHkv39HIvuTPbngPw7zOS/5L/kvw14gBycF5CjZcNx+PoDUhaxVmGp80okXC8BzhcERLgss/NlpWG/XkDmxJij8x0Zc+LXC8ZYc1b2PP826AVi/loqzj1WS3/59YIwzlTKrfa+US/4kpVVi9UWVWXm10vDBXN3tD2I2a8XpAlWo6wAebPkvw4kIq7yVxZSKRukB670G6IHrvVAlR7++aPSQ62fvEP9odtGPURxeM74HJKi8Dk8RRHiULXx8NDqt1bjHmqHpF2Hx/bp4Wn/xwcgbcZlaNOGwvWSfFG8yDiNY2IcH2/nDrNgXAHmx8uKO0Ch1BnW4onMAOMEMLy0GABu6nnc2EVjgPWDxJpqHXWfQMW8JrvxbrY4AyyPTWV8nGc1jKfzfLluDCvAkOORqXsfb6NQWwCmk3C8FEpdJ4Dp+jFkJ9X/iIN7AtF67LTCmQ+B5xHgrkZYAYoZFgBY2DB6XGDMUKwyxEdIaT2lbnqcktYAMG766rS5XWAtPgS4XBJSVTOP8EeK+gGmxOOuZhiL0wr3E8BVXWFNxRlVWEbGpSgucFGP8arUuvktcE8Cp/Mmoy4wfAzFYoxZZKoqpfvGGaZxPMO6MSq1cWf7PWAZx3GFa65akSouJy4odBhXOYpe4DKOE1w+BrKFMY66GPMav/DaF/bU5QADsMTI6s4wSaDgg+YsK3P9KCBnCm292S11pImRqRxg5oYc6XeHVbJuKtOg1h3uz6o2nUVRbz5G8eD2NEmR9nuk4q36o9jlxKZirtcMA/MbGGd+t7vCfb94SoYH6LmJle5O1SmQMLNntOddNic4X2DZWZBwZgsSxk10XGFgz4UXgJuoNm3VmMljn76b6eyxJilY0RkARrWLmNM8ScRs5zyojXmFtEMxAVxmGJgjm7s5TQDLkaz3ph6cqRBVFOJI2dXruXrF2xa1jzAW96t6S3ozef+4HQXNKNmFb64JVMzK4cqHK0OSGtXIB2adMcBvlvy3gco59AlUzIBMCG0lqBGx7I/jyrf6vgt9iah9lvnkznI/DFgTKFoTj+Oe7+sxvPWPtkStrj4ArNVJHTYpOPfC8Lm+74Bzwm4fFNxRyyC/1WsdYk0U0BvkcapLvuHZ2FaY7fp67NKn1BQsou1JI2KZb4RD9L1lMiSvHUyIt+ceHERjM31tTUHXGy4SaZ9MOkatW2rRS7O8L9uX9bNRlxSdYX3ubiNq5OLiCtIKYap2nuQ3Jw/QgILRdc9vRomo0hsNEZVukzCUiGyP0kizQ77W8QAPdUxkG5FsIlZEZEpGIyFKFeaTm3BA5Eu0gYclNRgCtkygJ1MlZF+aM9vzbbBLl4qobc91MNsIQc0eS+2Q2RURUreLXUSWBGkzYCcIjIzZjm8K5QZ7PotSR4ZUPEYr4aaTCRw0Xna6WkSioLTeEKPLZP6YL5WmdFymdYZt5BR32N/F7D9bvaAgQ+uxZ5QiUIOk0a6mbHFlpNmuL7WYxGqMrNtlyEbssXuggPfy1VCQoY3G9nzI22FFZI2ENHYcqnVI1aTZri+RwU0hJKlSx3QvS7IRx+h1yRckRL2/7HwFLET2bEt8ytL2AlZbQB7R+IzZvi+VlqRU6rYtlrIRx6Bgs9Opd3Yv67pYSvuvZFE7kHgTP2isVWoBTXhBvssn+U8XWbut+XqwI6ecA+lsA8l/naCHB+dVUP07WrZ+Zmh7ePh67cvQDpGzsosA0cgp5yAkhjtK/ttAxYwgCdIMrchYT4Y2+Y95jZb8z9AiMkOb/DcUWFOtIyAuJxUld/Lzn1qNyyWBYoZWziwyKCaEsoUxDoyRPWcK6mTMOmc6i6LefIziwe3FcTMiuAysBMiRzgA59CAgxwId/UUEUcxbZGfUcwGWhgzjotR82eU/cwg0q2Ipx1o8HWvBRannZyKgcp0ApiJlgmGF9ZGEZnj7MjwR/DitF3Va5hwD3Fl5sU6KTqGG7XlRA5yUGqHIsJ6VUsukhrXYNsC25NKQ4waPjfOqplm96hgWAMhxB5ZWNb/sGGDYzW5M6CmZc5hyWdQOxTpuFMVTiokwZYSbui9QZKs91Gm+ZKqpb4bWG0QbiAK2x80w5ogWsT9CQJ7mUew+A0wD3HfmP+Es5j8P9TeyV+mWyOr+eVSbIh3Dv4oWtbfY0JZM+Tyso48P5c3QVpoSpU6hbJGFc28RbWTHQ+05vbF9KsMtlZuK5oqlq7DewaNHR7qy2FLrEMsoXUJqzrPIiSgoJzrauGECeewoGksx+dS6pRZ9YvOIWVGfolxXGyn+dymJSOtA1GFNvXPCJeqSotuNgvI+/2lcbrDbEEUW9z1Rg13UrO81CWt6yqJrIuZXmr1dWm69ZWxUzZvDXVpsicLNOVS0iZpsCu4efYttprPVgbJ02IoQLx0dyCK7Usj9SFfcJWr+2+A+yYVVobXcERymlAiCZJGHG0X0byRyFVcKl75ErOcRERuOVl4lm1mu1OUyX2H37hlLrduNaINIaYnxsClz1DqmyCZeXLFicu5Y8ZvIFnNqjKyZMdHaDG1l+IKEDKlaJI+Bah1kNeqw2q0Wtmpvg1Vjj4k5AZPnTlSL2mZovWbTkhn4/Kdr+YcYPv/JKmXIz3/uL9nLkp3/jMLCPsljgqvXg42gtgs5B0cifrvhSCT5b/1jLRwRQRRREjJDOy6aoYXj4LxEsBotOwZwGb6+bRla3T4ru44uiCIaOSUCUcxwJJL8t/5h3uTN0Cb/M7SozNAm/1HyP0PLPBqboR3FY021joC4nFSUDERcLgkUI3tyZpFBUbYwxoExsudMQUAxnUVRbz5G8eD2WvhDN/uB3sBKIn7gONIZM1yGHgTkWKCjv5wD5Ckubbm5wJYup2MU67DLZX3mkj3gWJUqLuv1IOPLDqWmRR1MT8JaRLnBXanTBDAVSq3jBWDaMhhyMmoEmKaDiOAJj/limVQxzxvwUNd12JMZ17u6r0+EGT9GNcBJqQfc1HpWSs1TIiszso1nLkgAEF7hBAOP+XlOZGRucH+5MagZUsqxI3N/uZHifJq4Sj7LyLzcMjYiHtdi47pDXuYNOIcnxbReVXqQW6gBrnkyMrwarD+Il+yVuKWy53hsOH2JqH2GGhGrmLziYXZutjiydz4pxac65/tOJmXE/Of5hzGaKJY6MBxa/kdbolZXAud66p37hvgWXj+pnoisYfGPFnse+byfDvzvOskE9C81OmxT5OsePfsUTzz0GcbyWC/TUNqgbjdah1iLobZrOXXy9IjafyhYq7Qieh7xNtVvsRWfwZ1qYbFhIzPtsKagaz6KrjEkfHKvdUgCH8urQ9RWnaK74cPjRiDiX0IbPVGLHR9aV5o5EJlqo8VaDrJ989HBrKUq7FPUv5HI+21dbTQYaoyiuNQlEd/r/dMnqX30Ojmrhk1w0yasSOEZSNDRDXGP6sy2sUM8QkSWNjQJEE1kagZt87FwpLJ46LfIU3d8F5vNfObKIHCdtsRT9dEUKy1rpAHp6siBIj9QBiEW8sXUYENRHOLlQ7Q6UNRVRqTX5c6CBMsXJOTosOJXD+eirEZW91SaQEHXHwnO6Wxkr+pTkHeMFj1RsPlpzFglN8rB5z9tz71tS4xoXKSk6F+Q74P9nxcQbRdyDo5EIIoZjkRSi6zFQGQvOZuhFRmNzdACcnBeOI6WLYKW4evRfVZ2zHBEtJ2JCHy74UhkOxMzHImkFhGlIDO01qYrM7Qjp5xLV2ZowXeVdGWGVoFZU60jIEb2TipKBiIulwSK/5W6nFlkUEwIZQtjHBgje84UBBTTWRT15mMUD24vlgwt+AZW6mzT+3kn1/NbIR087ugBxw56eKSzoeBp/42sePAi7+h6cdDDQw8OAzfyzvZiGszDvLPr4Zo+p+v9Hvw8nnd4relzuj4e80OEZhc4JcY1lT+bFbY0vpwoVhjekYtS12kuXiI4F84DpuV9UcVy+RTRl4hYb5TIUk0eAyNq/3Zai2j829hvwYEWf2Zp33Od0/SAa55hhdRXP+AmRKaFc58BLoVSl/kMo4SJFkwqyVxhmJL2DYaNZf48EI2NFIzd0FwlS/1mOqyIGvTPoCbSZZI50uJPdrULdYJBrWOWAe7qvp5VsQ5KLfBQmxbjBqM6zbNSFxjymbrDjUld13FjuW7qN7bvFYbPAx57SsHc7fGsZE2qV+mnSEoOtfi7iQFOalqyrKO0mdQJlrO6wY0xzSrF9kNdFrXLnaufV+alChiY+bAWnwdqRqzDoQw9eWwM6jb5RaIW25DiucWa4RihjkQVogsbrUGscppUugrriN7jlng/XOm402IpzR1Lw7p8T71FtJFIVxbb7wKWRakH3DPc4C7ifVjVsAyLGlYR9SOrd942DpB0kv/1CvfEyHr8eVKfBzp593gcGzejbGR77Mg5adhm+uh+04vUpgg2ZRb0rAUpE/uaUrZ4T5o7dqmr9jqNpCk6t6HD5zazNgwxmi3WS4Y7XDcKdvt5m84nuJ0nRgFDYr4c4lYAS1nUNJ/g8ZnYpUFXc9iebp8+BXSXYytJBTxVaD0P6oaoR0/OEiXZHIYycL8O21yL89LckUydrhW8xQ12W/adsEJoBJbWQ5lah/Wulm2HN2fjWqhVyOUYYPP5TEBUWyzj8UwEdJYOs6HZ1wa9vA81ZeS97c5GHjKWar3X4ow0d6TKUI8NWUP88qDr7wQW1u3e4HGkWE3ruhnMcFW7xfORA83M5ZqlWNeL+lxA1FsTnwi5vYdNbQpuZGnDvxWvo6l2WyykJR2GbZscs/ls4twFusNDHG6n2lXcik7pGrEoBnuAW2zVdrnOc5GkNtNpyaIu8PhM4BsxWn0iLeqSE+vAPXsvnfWbs4A1trstltICMt5WRNZmmvJ9sELosspDX3fnPzdOfA7zrFR+/nMHAFjHjNR0yjOs6jOBNRz/Zjz2AmNbGcu6Ep7cJBAvbrDfNA9CTpv9FgvpDJVjj5N1TDbfJjvXPMIauRHHtXN6c/oYHuPnalH7dHkXPAaOK3d415UvrnyHL+gqN3faosPySRsBPfWOddGBnJGGnm+QNYFa7WU1obmDsVy12m+xlJZ0qOV6BY/hG8UjrIGGsztI3eD2zrgDvMPKl1wLSv2Ncv6nrbLPL9kTAjtQg2g8tmySJMhwaK285lWI2ov5z5qE5g4tYkjK3W6LM9ISMhXTsoiupW8Un7AGP13tZKd/OBe9FR7q3Tie3nHly7dMxOXNe3h/i3iENZxhLuXuZS+tQyxjRoDTG9t/PXAhfT0WqBxxmI2A3iJ60WVFrKMzRFHb3a8PeY26kctmcprk0aMjVwb2/NJqduFoefM2V9MmUZ+oEE0yjxax3qilaRqyf9kGyt9iF43/GPEIazh2Kx31HQ9cr3cuI8CIzsWvJsteGdMWIt3LlJKFYQJ57DKRzR7GVLrf/fp4bFO5vKHLU4riUvN9xWQ8N7La9VRj4GtnPG4/ziWBckWapgk+MaYJYxY2aiVW9DHiEdZwAT0bdO36sI6IAjYZgUT6fnwt/FaaXmfM4n0QDbsfy7GVbAXZr0/u4aexmWUzWZ6tIPx0LYhErVgyIxbTlEYI6HJFmsZfJsY0ZUzBlMdcHyQeYQ3HotzZfKduUi0tvzK6ygl4LHWgr4Rf/jKV9xVpRxWFdG0V1YP+c3MioLNEox3tfX140FKlM8tmssxXq/Sm1EkO+HnsNwHGijSNt19Ls/RHgyNrKiU/DSe5J98NhoBt7nMVsQjDlRmBDUT/YfLHHz2FavS0+/Vp+bV7w7+VDtvK0CFqzXVDLahHcfz9HsrR8OEX1tB1bcjD4cxX2H2UGyKduHEhi9aGdr8+nfwu6DdnZCpT07Oy2sd/g41XQTb+HUAbfmGNyph6I9huco6+ol3argOvElLARlCaoOvdr09kJjFmls1smr5qjeEQR4qrLeXNbsZF46u8JwrKGPblrhgNej7n6Zq3E9CLD0jJ+Azyrj98bPiFNTrEsOF7s+hcToDRYUUf0YH8dN8dBUVscQzroj3VGHa/Ph4b6l0pqwnNc1SMgIYOsVutxjKvp2ma3dH7RaM7kozCapENL5xhWC1+5bF5Ip6dTr9P+6ExqdS8HtYQ12vjaCPY85/sXH9u3wd7p5af2SMYRK/raBz7osTdlS9eI1aZZTNSc7XesK+L9sfYn/90ZT1N0ziQkDXARIFVxlTsdHTi2x/5utnSPBmyZodnb3R4qP1XkiucvwWiqw7Dt/PPvoLTvuL/HrLeaLCVK588hvw1UjeUW6ZBwaGu96gx8neBhNwGF+mjfJ/IdxsjrL9CWEsfFQ12HbaiZ828QoSPPzKdtw5UY5tZpsGXStndTBMLeKt7ifAzmfeJ/Mrwa7qGdpng8WuDRxs/LKyYYOAdcqpVSUiiq50na568jgeKpQ6ZKkOtmVfTbcIdtp8Wui/AfoPbcmFcAOa7Uuq+ABs9nyaAqVCqkEIDwNvDjlyIPip6rIh3nFHX6VeHkDNKuTt6645V4zpUGomYkMi8T+RTjEgbnVfx8sh5PqkRruoOgzotF1UsE39fwTwX6rIJjet1KzgccOQzpBY9C2D+AKnOk3t2hlncHl74uTJRa4kQke8T+X5jPfOXnt/hxt9WME/8FT8DnNjb1Pn7esYrf4vP4f/DjkOW+PQtm+DN7dJJjO13s2McyYSIfJ/IdxuPtNMyKzVCwUQKGLnRtCjFX/a63JnIyPcYarJBLNbtaoeB/38Ndg7Ebll3SMWHOFzcs9ldbejzjrUX7LKyEL9m/rc/BQycGVga2JsrL9e0xwKn/w87Nfa5WK7YooncggQxjcmf0ZaYQ1Tbh1crd6qV4rGxx+rTTPu+WherDPdBZGqV2ZTTO03i9SCvB95uY8WhDfHP4D8O0bViXYFYFuONyy/TcKj9AY7Of5Y9k+u+2xh4gE/LbvEDTvyty1d1F6+142Poef6sFLeiWgxf1ftEBjLm9pmXzOHmudivVqhhE+EfcFeX5aqu6/iJpay+uveJrGUJoSsMjGK9sPnPSc5/jmL+c77zD1ge7LcAg/pMEfXriQBy2IjNQs6phSGfEBqpdn+tMUAH57V20A7Om/fh4LwDdLRskTVhtOzudtC/w9cPBdOO3vUi6M85s47+eHk+GwpnZdfPP8/OOrgOKHDtdfGR3SMaqDSnxjAw+2Vo1ViffBVOQbIWjkSgxzlABhJSkKxN/mdox3oytNYCMpCQguQcSDO0aS7W1E4UCogZ2pOKkoGYoeXSGGM6+QOIWa2f/xRjzCKDYiAhWxjjwJgQcqbYYsrQDr6BlTQqQztARzoj0h49PPSgfurhsUC3gVkLRyLQQ5SCxAwhMWRot78CCenRDK1zgAwkpCBZO46Zof0ktY9eJ2fVsAlu2oQVKfBILBwje0QQZS0gn/9M/tuQ5RwgAwnbhkZjM7TJfx2txZRseC6NxuoZeINo2/ehRsQqZnFlKv9xjieKVvc5Sv1W+uf8jTw2RBV2Bwjo34pzPfXOfRA4p3SoR/9MOmyfgmZXC2PfgVr33O5jgEjrRCw3BYdYU8At+Yg16yNTQBqMpfOIrs8MZDF49OhS14umYWFvEctYItqeEZHR+I41zDhKUq6lEhE1UW8RbdwXzl47dLlZG8T6RzyiH+xSia55lsXFTQUris4K1ZR5TIFpTc/HxFqHzUd76o0IWGtkYDveLucilRh4nxuNpejcAWHeYpZ6atBvTvUPeaI1kawhokofoKENw8awO/Rs0CykNNPk5pxosWqJuKHXkbUk1gyh3WB3RLiXED8Tzv14B5EPU3W10WDYp004duyYJ7L9eKQLMnbcr2bD6D7tYVO0s1tejjXEjPaEJflUfuNYq3SLMyn0WXoyteYe4RhsDxb0rseG3/SWQeBYI48Rs9TJzf2AP5DYT4vHqV9LFuooR7sea82Ne4udyCyxtHcF2dnFUmnaLfshD/8Pn3EM4kC6egLZ4iN02DA0UdS6FLYRaw6/NIQjZJTQp7b/uKdl1Srek1aJ0kTy+EZy1Y7FszWt2KASG9bjppa01LNqzOLoGNtZsSDBsbb/mIfHXOv4U6XeoKdoEcvyzcj5z11yS/aMZwaa/1Y41nL+07V0jFghYiVMy0rHH9rEWvvXWhJqB5JHk0dgfD3Yncm97eFXu7vAKTGuqfxJvD3GlmKF4cXIA6blK8Ra5JimB1zz3GeAS6EecBMi08JlxtSPTwBjCCLAcdrK1jHLDUZ1mmdVrINSCzzUpsVkrklvnk9qMNgywElNS5ZpVkpd4aGmSZ1gOasb3LjZed0c7mkDW5ZFqQfcM/BuWq1nNaxqWIZFDSvTSHrXAYqXF9d0lGK9ZChgSMyX1CNP5xPcztMmw9N1fIExAkvroUytw3pXy7ZDUhAD6xcYy5Tq3eBxpFhN66YxzHBVap5ZN/7EYudg4w4PcbidagUL/AdMSWNhV4qzUtPCq40GWYGEyyoPfd2d/xQzMUptlYXMdBLzn38eAzLUvg3KWjgSASTUDF/Pq+eor/VgVw5Y7+rz1UujRnllo7Z+hgR4JHjcTZT8l/yX/Jf8l/zXX573j5n6uto7HpP6oqs988+7U431q5eS/8YL/Px65HcvRv7ww7//6cXIX775lxfj5u++fPnTf/zlNy9Efv7rv1366R9/+8vPr8M6f/2Pv1/afv7jy59+98srsOS3f/7yb3//qVL/8u9fXoPpv/55+90lAA==)

**图：Linux 安全模块：DAC 和 MAC**

SELinux 支持三种模式：

- Enforcing 模式：在此模式下，将在系统上强制执行 SEPolicy。如果在运行软件时不满足 SEPolicy 规则，则会阻止访问。内核将尝试的访问冲突作为访问向量缓存 (AVC) 拒绝消息记录到 `dmesg` 和 `journalctl`。
- Permissive 模式：在此模式下，不会在系统上强制执行 SEPolicy。所有拒绝均会记录至 `dmesg` 和 `journalctl` 日志中，但不会禁止对进程或软件的访问。
- Disable 模式（默认）：在此模式下，不会强制执行或记录 SEPolicy。

有关启用 SELinux 的信息，请参阅[启用 SELinux](https://docs.qualcomm.com/doc/80-70020-11SC/topic/enable-selinux.html#enable-selinux)。请参阅 [SELinux 配置](https://docs.qualcomm.com/doc/80-70020-11SC/topic/enable-selinux.html#section-ql1-bwm-m1c)，配置 SELinux 模式。

**SELinux 层**

SELinux 动态层包含必要的特定于 SELinux 的代码修改，当通过整体设计启用 SELinux 时，这些修改会激活并初始化设备。

![../../../../../_images/selinux-folders-fig1.jpg](data:image/jpeg;base64,UklGRhJMAABXRUJQVlA4TAVMAAAv9AA2AE1AbNtIkgSrdu9TXf4B9zO1GUT0fwI0+16TpLfZymoKEOBXVpHkX1AFaBGNgL5Sh8YqQEDZmyydBKJgorqxLgQ3FbatV1tRAKlc3iEC/MJMJy/ZzgAqxqkOazGGyzoUCeiYYbXGoBdghq2MlbrJ8Umrwge+EQGqRmzZCs+km3P2T+Sli050CwJU1ZQ0AjxrWr9Yc3kD3b8gwJWHafPpBZtGkhxVeOFBeP6oFsKDOO9iM23b+NwZCOOPrhCItG3qX93h4aT0fwIAIgjEAgikAAqFACIQTkijQrmyCsPDMJEToGY4ko5Il94y1j4LgFeRUe9OsxaUWQvLZiPNrNCsT7Maf2RSrzoUtG0jJfxh77lORyAiJoBz841XKEwsmAWTiyqwAXlzSViFC8Qx1CtpsY3VxpDYmKon4qCReiIO5BvCYlczXDkRFT5zIF8IKyacwnKtR/6/V5Ms5XnfzrlRMdZdypizJEzMMTFZAibLwGQ5Y6LpaKpPGue8WXWzqk+7nwiWocUKtNZLIKI8IsocLayJjMAbYaFcYqxrJpq0O6I8TDCfwKRXQDzWG3cF13w9FjBaW1Ue6bY7HnsotFqAVu7omXLRcNx0byfyQevewBvRLspNNJ4WthZ2mQivFtArQKtFEInWotfQbi+AY12/V4BmC+PNu4eyKgIT+y4A1SxAHqM9lHdcNKNnfHoFBDZ2m6hy0SrjRXkXV8NBnF1IcCRJkhTLmBQqfs5zb2hGOVkUZNuO20YHDz8MMmfZWfDEZoMfMQF8nm17LTmWtJodONhGixidZppppkmTJk2OppmjOZqj00wzR7dumjRzdI6mGcaIMGN0jM7ROTqMFolGIkdUjZ6h/YBVDlv8hU1UsQ0a5Y6eIJjlEER7Y8dBgg5xMNILBDoIgkYdHJR1rFYbIFrQ2cc6WGi5AXIb9MojWhCBHNLYv6CQoxY2Nq3BsblGxmgtwiGywvkMGvkDCgUerX5CfwcsFjBs8Q8GUeBprawjrAmCqDRotLRyg0DwEARxNIH2ahDYG8QR1SDCG6zRAZBO6/bYooANkDQCKDMxBK1ATNao+AGtO4Dh+QvEru1sYLSwCR6O4OhjyrfAotM6f8HmkBzRgu60FwFGtmAL/2wnjkg0RiuPKPQOEBw9HLVGtQqg6BDLPUCMSMwGkttIbzTRMpBg/YThQcsNzCprQCA9rrNGxIhCmqMJFo23tfAHnhzZlm1bkiR6RxY+WPJd/E2V4itKc7fkA4KF8yk5kiRJcoQJR8MOXPzYz+VOPnWOceBiGARyYgKKOybOXa/xrH0363C3sXETrrCE2DRCHaGGy25cdmGzxsQb5EKodsFmpjOcXC5AKDaxGcpTW7IpXBb0gM36AJN7LgyP2TTduGxyX0OobNb0tYMdbpKVUHXj03jShCE5wyHZ8o2COPXfKriC+QA5CvU7GMGX/LWHIBgkDJIbn4YnL4fbvrNPMwTFkC4c7G9mmMyreJXpZ1/Y7Onyhcc8x+9igyku67nzcOrhXnQquJsbPgQflDvhFB+E9woW3qtiLbitLc5SO2PcwrrilPuM7nwIZ1msF2vWCIc9D2+P9aw1C6yxXqCd8XDVyZ2W8DBHeJaFtYVTB4s1xufcS/NShCTysnxgXvZoj8YPxJ+FP1ux/dcWxjP6+xZH5rCwduTOZ2m3h/WMyvXCYm0B44y/X3X71HObr4/mR9YLFdt3/TLuD3CW/rJWe2rsubOrDVNCW7VY+dnHrC0srbbHEitYW5s7xJHR0bHVGsfCMN85guU2WK6qlgusWVjDWnkNS44tza1Xx8fHlioXwc+F+VG7mN9+jl1xOKmkG7ROc2db9htqo9E/ZMfK2qJizerMwjZBQpyJJasCggRPMuysfqkpjp1qtrrx2OmUl9uher1cYQndxDNIVhXlh5R3sFR9vAM7jruf3Rdpz/lnc1VBvmzv6t6xYRyxGtmYfVqZvbTV1YzemZ4eM3pBTLcTobelAsfC7NIO3dLs+ZFz8ZS1UNmtlqz4ZxVbr+qd7uKJItkGVz6E9QHdjRvub/0zqZnqg5uDQc9BVRBexLUZYlUWFej0sWpSTRCJwhacybrbVN7f2ayEPYV4KOjJ62zuCCrsGzaaxKrqZ2MSHMyKZ215bZWsDl5gzapbv7vTDRv0hU7DciV02XhvD3rIwnqnS9P15sP+0spamNtpy0IylctnK08QZdo5brDWLaFu3hdQpYCuGjDhQmO4IRCboAcxyXwD4BAApgXLBEw8qNkOJjBMDRYAEUnrpk5YtMn3AUyAMQ8ABsBAKuUaa6JAO8NFOwBigAdgNbXDdIWQeNHSRaYF4iYCg80SF2J2iVQFTWBCiSHWMWCBAeW+BkJqHea6NumuoTRACi4YtgHN0MQEWPlMcHL1mSEnmUM5vo29hb7QhdQBmMjWTAi7nGIyl7ssoUNnaS0SYNO0TIBM02JiENNWCMAC0wBUEvAIaM4KXVm5dLaSqfgmi+4KwLLWYE1IuggCQWMAqqGTHgQT1qRojkI3LQjqNQlsggnwSl5kAgAJ6X4wA3IJjFXTJLY5DLc451xwqazejDBslwhETGC9F+qckiXFzDFgLAcoi3A0pE5itrrYviN6SBaT4ttsmOnuVDCIAYR4GdEaQUsJkgggFhIg9pRBzUAMECDg7UJd5EJnToFSNiat/SNTFCBqxwZQMCvCS+BYWdY0BINhOwqNTeVQblkygUHEAAgvBjFnOmtmAgIDEWvuvTpchCGZMpNn67Ll6gAAAROUAB2uKFXmM+qYgiGwLlFVDKIUkBQFFASNbJXpK37Te3/rdguzAcehkd2B5dl4OOSRqkXTq2b2gNhkkU4LgMECJIgsEwyWRCA22BAESFqGSJcUU8tWawXw6wMRGCxQtXolGYMRBDXBjKgwIiHCEoMhOE3WUqQFc3uvxdCFNweWzAypExNYMKeT+siUMmsNMvRslLmSKbIdhFSXwCxhBlLoIQKHq6yBWQEjHaEsG+uqt2TvDvU3PdYYkanp12+No3XiODhZblrknLeTmKiyZnPRwgTZ37rFtAiiSaOpB4ka0UfaqFcwC45zqH/TfA8Kk3J08RoQMeK2yw6DuFhdQwdVTDo4eU0TsqPfI+Oy2Cw135zWEYoTClq2oBUAV7e1ZsBoV/zu8fMsJMYlcyYDMT4oWWRqaiQQYWmHodnBoFPdP0nJqAtn+mXr5uPtAmeq9bisLi1Vr9L2sjuZ5ZDXDiU79C3WyWUGRjC7TQph4Vn2eLSZNIx0HkVhik0PQmILeX86uXpkqiSmxZcfkePSN9I5Ne+PXP7g3eXuVE41+bpbYv1IgCBlzUjntPHJNOqUw4LgpNSkjjghLGMBn6bmgVUSgmvym2p69MbOv2sb6ZQifWxnrHP1LTWMXN7n801WG6T4ebafUS0AUZOTEGPUE89toyOvmThaJIk1IqZoeqLsGdimVHcR1ySmaS6Q6BfG1Nk9GNl03Wfs1i850glaMDJJgA77FTZPmc4WUm7PGLZH9fjJp2vfUOfohEG6Yq2eGPYsR8yp5WqMZsrrFPKfcAeiPt9QW2Osrevg8owFMtNn2pOy1Uf9FOtjjQVntpsp2TrpDCmoAJGM3KrCIMAPKsaGpkzMt7nOlL6tdAf2SKteTPn6F3zJQH+OVLH5uqnc0hZLYxK5vpq27VQ4A0ClZCaIALw5mZvFDi5H2nLdQ1sNRqTQbDJY1SHFqQGSxIgv9v7+9ZnjNTQ7DoIXaGoZiZpY/as2lI3rlK4rOjFTWcdvWic5rFu3vz7eXyoPbUwUlHSLtmxLy9iKoFqRhsYBPgzpfGNWdFNLhZ7VsK2k+8rSwPVOhBvSAM2c8UkZ7+tLNBLOEmK8g3sJEWJP2EnNpqGPRDc9YHbzZgX3tz65wvfVR2y3llGa7vEaJXpS7LdfBWWUw9LLzeG36KM5/iYWLT1MwtusEzQo8W5eIgmepWPVV9lGbUR3dLcD6TL6/mwC28T58tJXzBAEABaGJ0Yiv2rk5fdREkVPS//zKop0NeV2m8w9D9RBRt0Ds2tVXexWLog6/2SFbDrezavilGMQBLmuIDf+R06p2xY0uxTWMccqlhwKOyqaSWeKFLxrIaVrbMj2f/pdXrPe1ZSq1dq1XUSDxhZlSy0Nly4TI4ON5XKE9xh9O8Hi0M67ulXtJA5Kznkwn4/FIKogcd1MbpuZ0oQ897InbWufVjRhtPlCfECgkZof2Hac/WQHouCoC+fxKZdSpW8R0gqqKjRPdV1oJ6t0lnahanNx+JYa8dhHpnCA2DN3TKNUDHvcbfI+fvsOOoFVFMOsNtu6IWauJ11ydEUtJ2mAbJCmh48NlNV8/PJP73gCwAZ0sPA67DJAOnQOhclApv9trqpOhpUdPWhUPVkcGkbbDufkVySGZ9TV3IC2zbRSD3UJY+UUtlUWIkoiSrCYxMhDr+yftk4rnRjcIvmtHgy4Wbt6h+9x5XaZunLq/OmldEd5MjhlrSAY1ckP4WLuiRs1nFCH7SLq2EAIrisoG4fUDGopU+/IrNIMPbjtOgsf0zzPok0+zzb5KLCDLvTG0UzkX71/whqRnvTNmqOc3W0VoRDV2cR4m9D7m3IeNcUaGPYTIaSBU5RmArO+cMVVUnAKZI0df+RF00eMBhUGafQgW2oHc27b6yE7S5tQOenjJpZz0nI8hHOejOD9AFIawwGQfh4mZLx64ho5LKDUMlwoUTbuYFd0TrNN/YSF2Vn4QPnaNWNwaAh+ykYjgGlBZzfaxHrUtR2AsnPeTy7YaEztA7SMxG4X40B6ityQK0O2L/q/3mCb/Do/AAYIzxGrW49sgxRId584q5YrXJkER7NyFJXUbpFdMxeVVhQkjEcRS8nBJPreZktpyaQT1e9PJqfma7R04e2MKjiNZRsodHv95fMbh1cktyxjB28tnm44ULeue9K/yxo5fQ2PXFBszrftY3PSZSgG6O/vG6+5oC9iXDg5u87I+9IlG4zmLWd948RsXdcbxs6BxM2zn9QEmmllz+0vqH+oF2A7lH5hTX+0yxOy4aSOwHl3fqr+GyTFvbvL3C6vcNB6UDfXg7jkwzK3ySbfiyB06JXx2YFjKrSximBt5L1Ym4Wq9ozH6R9G363ufu+vbKGBU7rP7zivcl1RbBRyXCCCbEP5+AJHc4PPe3WOKwqCoFryMiwg0Jrwdne/fHrs/a2V5ZR3BUmh3frijbXKHconalwlehmcRCO8UFyI9J0ZJdTQANoy49uV9aVBu8pPOYaLs519033DOXrNQPoNTwFlH1dBrrNf79FlOqB2XlQazF4jpI14Kp21zeOcy3x3lJPWcrnHTcxL9POuv5RpW5vrLqxkYs+1Td7Hb9/gBjGgoUyOzPlOPP5AyZxxu22vXrr4LjUWr9t6urxG6H6K+ReH077nzfb57mERezYtdvvSI22xAzOFhvr6J5walhsQB+sEXT97FgGmyw/j378YG8lTA3VVXS3R7hAgRWcLcqeEHhgsI7YW3AQ5HuuTYtwTTM6zx3oKMHpd5YJX19OhYMpbsZOTsUO1Yh3LCi45ytfNMuqgb1V9AGNta4t6QI97hw9Y5VsR6z64+AkffX3prfrEmsRYTSzsuTP3A2C5TT5KCAAsaq5i7a3+Rjbc6uP9v5Nk6uIIBs+qLOSw00gdcjySnCVualyJGz8INmwX6UZi0cxrG20JEFRnEGtcQlEc6kzIf2Zj79+p1mVB0Qfq36yc0T16w4vlOJ8iZTqISkAElFx33723X6da0ZzbyaWeZmOwMHcgkiUxf39mT7r4jsWpunmfp5e99K59PRLMWlCccvvg/HFXpYOitDzJlS8Uxod5fB29L6B4MI7DfGkCNmEesLYJEM2iVznvvM+bVS9IZr3gofsuWCDe12XN/XwsU1Vg7rlSbSr2wgiy1NklwkqnSDQA0ACRaY4CFxSTTcs22Es4W9AZp0MvEVlldES8ejBIceKhBu/j0n6KYoNVVPlieAdVqRycOmTpxXVWyZmbQk6ERKMEnxvvpQ3tgM6FJoNA8v4IAEI4dJgsOWlCcNkZvR5D5xaltNF1E6AHmyVWjtK88yZP97gbN660zsD8hTTvPm+ARSDeJkHa2/gybO9IaUKAR065cf7tKurgl+6lL/Oa/f3dqutOn+r+S+cy4eLeXnZNHaSbA8oZEOuIu+BloDhCft2F4S5XDjDBJoDJOAPRCk7dbYyejg7NdMd/3VSb7H54ySCsBDyX8gFcDBsgClM2koxsAAaWl5h71kDXDFYjJ6xBMO7AFXfjkDVRw4HyfdwwP4lpnqGLTb+/Lvv3dRPv3fbdqrj9zzY6p+cZTk8movm0eK7tHAwLlQ+0eIEl2D9qa6UVjL8UQvnxp+FplkPlol+5VCbMcW0GmDU7SVkjTqbmEtQkg4IMmATWek12bGRDhXjinOC8zwcuJgIFXdjtOPRKIW42WRQquWNQuKSBNuB2JE2P6JETAH0RUGeC4gtGLwZrqewZp8OpBeoMlEaEoQYX4Iy3Rx3xyiQiGDxg+MQPPBDKRBOMqdd2D6IcGmEgxH7levsTgiDArTP8dDvL/Yv77BBeDRu/ers+KG2E6H35h1yAolRls0yuZCceRnyo06vbICeLOpPA8JyZewdcCL+9y96VIISzA93ppIiHGjClThhgcyPOuDgIXvmOcz8vwVxj1O7Bjt1rMZ6LPQDmZInZEAbgkdwuei+CrqhqCBwHA9anZ+I4OcqxGsLCo49PLudkYq5jFDoIsHSPqF2MknP3aKfTLKdTIe3zrXYIMTDqlDvKEUQUamT5k5YDCOtQWpp7S7YYtTVyg+vGw3ZwA1wtCIZKgJb1CDM5LjGxVQAsQ+oAOwUGiOYB0gGWsCy9ieDXQa4GCxtRcouCC4rrZFl3N3XEhTBsl6un6YSaJUIRvWvebqP+GDerHMrtpA47BJlsQvW5ES4Wjs2hAyE2LTfcVWIIlnX62W+MppBjPBEUx2e0g8PGOHSPODpsYUPP1rn/ziBnhT7qZ951xE+qIXp4UMAIgwRDUCHrivm87lbK3lr8x72us+yzQtwlGCTcLkaSGICwpQHqGRQg/zAgOKh3CQGwy52nSg3i1stzNPtMDwUjgtjNzjZZipA+qPxb4c5fd05womy4gEuq4fCXcA2Y+qVT31nMx32z2eDqDG+67LYpEejFmlwrziqyn1qPeqEXbExi6FUnpcsfKuzc37JjWwsTi0wr+ivIuoK+xy6XtHZhcXwsCNH3djp889yJrV4IhB6bhny0d1gOt/TzpPJw0dw2OcwfaUdCalIr3bbYlbqO6nuvbIHqXnhpdWjH3HXENTVhJ144rqUKOltT+bOdowcWeIau63rIzyKi6WGbOHTE+nu1CO0JHK9Io7bOa2Ntu1aveGrb8W3bcUs0jOJQ7Nt8m+/UPBtUb70+u1PqbNQnRu4dGZkU0fWqeUY+z4yRwBF/1aUXMod0+t6DY80j7q3x1TAZx90Y1xq+2FizOH4V1lNAXDZyry76O+8fjH+xwKm5ttUtEbpul+u/mGC8wlA/HX3NUJHrOz1ih4+YrhMzZ0E8VGXnHNmHn70EuKnRWjkhRhLIGJ/bO+6yp/wTVHLE7Z+xXtSBy2Zj84kPfYvbVvP8ODW05X4nWRqtjO/T4BITjB9cyrStLfMUPPbScjrFzatqRGvbzKl52KmCQOGYG0frNjdY/yUXVUDihasWXHnYigPuEztPTfd0mX+VpDjCNpGKEMsrRa5t2iocuvnIU7wE/Es7Jwa3eTt0g+DbvK3DcrPMogxHVVJyZ8b+OfKYI3Z2DL9gG4dX2ItxZW8O86Nbu1i398b9c/6UQ6ACSI3O2rmxoqTB/Q3b7lyfwvpj5AXd3YkCEmk32zP7ZAUMZzCFyrptwu86Y7nwsMmRT6xocb9+zACfsJ1uk0Nf2xMiZgZST0eqQZ72xJfq4eahhZU6KbWv+umfr9gvGd5mXyr69J9MniW4rS9K1eyTmUBY+P4e568oZ9yTs25fOD4GTnKHC46DqZzZy5d0Lqvebtnbk5DthjE190ML4vV+QTo32D3hL2FZIwnA2Np6W4lGFpTdsKkTVyHCSQLXdIZ5jg0d1ud6t3MWFsmUqCUeBShOcY8sdAosUvImGdsnOILZUN9pU6qDxC2DIdmWcVFON+PU1dNXJG5kSZmvWpu4RHnEjcsXzk5SJpciDnCcESeX14VJJfj9tVEKpjTWSTeIcELhrgP7W67UyyBd+eUrbTKhhs30ZkluOrcLAAFi/IYdtUbOgw7Laqc/jUdlkDoozi84NVCmE1puGwy/QiQVkRYiOhNLsCdR6M2sK3FVlc/bPeLL8Zy3fo1bdug/4tQPF/X+VS0GnjYTN3rrkK+/2kc9KJ8bc0/Rv9h5MpyiDhaaXaC4M2ersQYENXZTLoh0jYaFS5pjIw7mKI9F245trNCSM8qxyUe78uPbBOWgzzEsBSyAtlAeOZ2aYAIb4GpiGGASmYb9fC7GC0gvPMY7XKTFrKma8Ej86zLimZavi/71jY/O0M/Dz7PicmfY4KpTd3EZfT4Gg4nmeQBq/Efwhm2Zd31ES/qOp0Wl7OlrmWwRllIJR2REfSAFg7MGomETgO1GJoZ7egxGMcjMSFbm9tz4mA0LG3A+JZOnVHXoidM9FqDhGRbgsFcaZJJA7sQZUkYm0bfvLG45NbFj8thMObX4un2Ld5/iVOueyKO+4p7f41FdZ3dPX64/r2WffE/1dectrGkbSZRmA0MKlBjIem7M1JyQxjbrI8ZujuSf4ivedP7qxKEjjWistJNqTt3SKbohR6ZSDCPFRpLLudA39HyJcWPrta3Gy0jvSnHNk/+rCQ/+vnOPBJmANY/SJkgQI3ODoQKwwPp4owsQkxhq86bLeVt4tdgUyem3nUDUYZw34l3Vj2zj3kdutiYCMnLaWI1vfIY+JyUGJ0cJ9rs6pCofygFsDL69SVW0Ep0QEH1G/Q2PBB7X+LIdTzl+6Dsd+ijiwPkXlfGIHcIuNa4FeUQJDLh4SMOQryUtK+iUvrZRLvCbDZcnXWeZ8LgP5nzIBJhAqdyQwbLOYIBNF5ie6cNPtzbxKoDDzYT8rbWCWH+AezxRbyUruGuuPoFiOvAVd9sHQLrzGuI0ZOP7qyAWRLi45AtNFtgiIQnrsl4Ojce82DNcfG6tKNQGBZxi33314nEYl0h0xilcYuos6M6jA231ZVBUb3jhFdPXNIWXfSR/d9CAcjwD4D6EFeIcM4mBpViaYpRFKUYR8z4DnZUEYQ24pAuAT6g7w4QJqKkuyXVgOLiYSu4LJpH2gyckKNbFVVWiGIYR9AgnO6IA/i8sneeFpRjGGfO+AAatLAAyktpb65XvOe/7QmY7sn75FTy7ECv4YwNwQhEwfbal7WZ7iZEk0sZjlpFr4HcKEVqP6ikH2gCBMfPgHMkVTyVnPEGWCPK0MPUTd8Lc+6cFvex62hRpQtJJPaHzNP/aNUJ7sTv2PB3iGwyMesTwhPdWo3TGGRezrKOmlBpJnl57j3IQrAEL7fRZMPcHgIhO0BBlcO/KAlIacI9iPFLyFZRNAyHIdgmC53YPkEt1Hj+YvhSklb/vrnf/pdc8ujSnjDG48whWX3n3fvn4sjdU3Od8XiRvYyM54aGc/vRmH0Feb/hdVn8pKVjt21F8sf964IKynas5SLr2JIttZ+Bjl5gkGBYPmIpnru/wonkegJggBIdApzMIG7JAHWBcHILyfXjN8lqA2HqZOjiOjeXsycvT26+HtPkZUyelB/swy2+A+nK5StaPpBsuTwwzb56nHislCUJn70PB7c4gqIJrBPlLpBSyQ2D5ekW7BobW9fB0xAUePwCXGI/RutRUnKxefB2YZ9RpMJg0A0RZ1zoBgtopEzJLjNvlECwawOnMcFEHZoBABS7wegObl4PBdVTE3RCQofVvnov11vByJrfddD5/kR0AFI9T9v37XpCl46Xy5RRiKWHftNqbrKBxE3GJ9/UBxNUDBHsk+OpBc54XHKQ1y9uBXjD6E4nAJMJNFsksv83IRwJjFOFlGISKpBNSDrvJJZgr51y6Lhlej+HxxOuZCiaY91yQjZ4+VxFZIrsHPKZJQqcQa66tCjmdZbXDiiUF7/4pgsKgnAFgSe7QQ1DtOucACNezIK4zkPx3YN7TG8zCH0XXhWWTrpkUA6Zg5vH914WI4QYBJ/r6NmtwVDes6Smrqf1u5S8jlLfmbQoRBly84LnaGrCDyecwIVe8nPuePH8t8NSa5WC4fM9OSmYGtWw0/+Xiiy1BRpPKDMyG44iSiMzxj6NYlQjh8N4cxtuDswxQkY2TGoTBoCKKztnTR3iESYHjoic8ZwcUCusAg5VfPl4E5SBs8W2kAWRa4Cy5iqK5nLOZw3lrAUH+L2iwQbqtBntlq2+vASRa6gOXfo9wiD3S34lrum3K9B/+fUauCIG4ZQsK13YLb5pAcF2bueWRT3lVypIRsa/4cFPzH5H70EuadaaddwbQBJNLoZWql3POpDz/7jIo52nPdqZy4cfi5RCKl3PeXi8dJCCGpttfdxwZjUaj0Tg+/PD6kZVj7Ua7n/sDlzRfNVQaj0RqAi3sK8M/OJS794JLGndTdmzv7jjl8D/dd+uoSkZIie4Ak6Qmd6IMGcAN+W9+5/fZefZxYeemY4cz+7QyA++5xHOuQeVBlY0DJkg51lhTGZBjVJnOV2lAGrg6hK9/JLxujSzWTlknz7vNSEAaeolhBHUttEXNXFR+IidU/+BVJ5453W1a5XtYw7C6/26f6i2Oen7z1hbXfKrpc8VfyQquG6IsVQnRdrPbjPcQXESuyc1Yp8lftfmOkuSjZm0334I3e9r1hW+N7bgMm8XSHwx6kDBZbpJuwqMeveme1WIRy6WhAq0RgjTY+RzcQxggQDj1Q+PjqTlvjqX1mz0MY2Rm5/sE72sAP/ms/nNbnpem7vFn3hSBq7Kjk5ESsyIYOlI79+zDsqxIpVbtHHjV5ckrZzkf9db4I7tClqGFD7VwKTFnJkPA2GJsGVv8QKWisIZhIUszaRjKcww6yVzo5DbxZobKxEk2SGbvCjo6UzDp5xBF2LHXFUaDBhhEYZ2oOezyy5e6/Q99hbFxoUlNpzaaxIJYO9IyKreCWYgCD6AJ/rtx6PSp8e0Yq3Y5fVT63Fz66j4FAthx54zO3jjZbDCQRLZIjJvCIEAFs5/hhg0HFTz8E7b1lPEwq/4lPkdBUw9MC0tNEEZoR1sklIged4EggxZ3VJxJXP3JM/p5Slq3cX9hFj40U4EoHq2J1mTjXR1XOr8i1S19aHLEaHM8DceGn6UqOtyLWq4T6+8fPZnEv1S94zmPHtdvnGjVRQsmALNvkkaKskaiFjQIycA3ezrxdYlLRzZP4xPPL+PJlz5q71syXiZ+5Ehnrmz6XmqfV3jE1NK5YsxAtrGc+t1zXg5LlIU7d6/pTgzsGeipLmZddL/2+/o3jb+XrjfWhqUwly5dBCRKYkTGZNoD1Evkvie4L31FdTE2frDo7HzVVu7slhTf6dyjGz6cP7nfUzzLf7t21V0gT8Kx7v5WELF81z1XbDYTk1SyVVtfU732beGGRM/aPnfuHTUfBnVx0VJYJohTk/UpNTlKYgQpCExsbuJdybLv0kvqfecnmSihecSnSebQ/rlc595E6J6ST3Vio3uPucRNT5/6+rSlGENB9vl2nLFjE54VjM2nl9Qv9mbKNV1oW12vqwtnf+DuGxtfg+IuQ1Qg1cHJJIggOa4992xbyqtun7Tj3nG7FxLz5cYKAZ2CDADKAXikC+w4RgpMqp461hc8B8aH+PZLrzc7xpoSSrgjCNHLAQyp8sH3x6GGuB0kHdtw1jVeWc+XDuerR1ZhYvrulAHtFhXBymWiGB6t1VzWqRQUNC7NiUePHJhy2rEr6LQzcq4p5SeFaiBSjg26N7ajs8EceBJ4AQRr7tgNv/o1Dvvl1+gWllYe/3EDQ3WBdqsXAyCkweyRcI9rKN+P537EqbXmNnLC9PquG5HLtSWqHgDmtHGv7ICGZSgxFshRSTRe+cdvfLFIvOYb74Sm0lnJYQbWmMDp74LDUEB45Sjsd+kNP3ydR16BiBY/skeMUV39/GYyA9GuLj4dGyzLtOqUD+yRhXPBkV3PHQpX6LVyfXnH7QFGMEUWQAArUv+sy+anAID8QJHOnT416UCH0UiMUYz1ZMCTQaQBAwRGapSSGkPTTctc1pvqXRYO7Xin2Awr5XcdVhDqmE83LSYEBw+eFECPZkWwo3fZ70hd6x5RMfLYOLbGVjlG9aV644vwUYGunhDRx84CZuoZmJvlm3iw//iGemPTzWbFE0U0uEYw2y7gkhCDCDEghEdCgzoHwZg/4/ZaVWu8YrxSUV8HLxfTDUwLWQAkiU12CRp+g1sOdThIqPElHtd2bvgskQlc/1eNhrnlf9hz6pO2oX3bwuKwPVdPXUuf8Ohjve6XfN2f8ukXi0KvMNSU5TC8nAnSxeUzv3/FUWjOMlBQ2Sbcv8fowCadD4vrhPY6LJVDmfNGp76mz4TMoiXRf+2XHFLgSa/dXjAx7765k9nzso6bDr7w+xwd1o2Ji2/reJzRPV9Y9UBWCwJDPUnJpN5wJenguiV2z93U+d3jAPGC3b31YiQdXIivTQWXVJ24xiK3+OGudeu2eLVeuU17nMz5pq+z0HS3ahvIO7s+gaqdCo7snA1rZPPS/f7UR44PyTAMOFn1+NscNqoR68Ycwc+TcSR27OT5vh7KbvxrAVfMr8ldNGmJlCZ557tWQgeVQ64TZmYOMTmksVEg1iQfqoX31gyVwPaCmpNKuw7fIt1j2IAnsOaWBhuOaMTrMOFDedqRjL3qKS/0vEhNUhqEDoMiBEYIYBjQgogQMyMaRFYL2cFe00q15oU/1LvrkD5fizLZDnYdOvLDASDRblkfzDSBh9pGhsTmy81gLsLgm1zhBP1ZFwSyATsspKjVQMgG4brYHhxZuWWusgRIHzT3akecABASzDY2mASR+xqNYrRVurO3FbS2dFVPjkbIRoNQAQaI6c/5NYwbygYHtWA2lY1SljH3MzVndtCzY4cMlHiedF1I0u8aBkzECzBAnjPzXNASDvcHtLx7J8hTE+P5fM6bAhGpRIOLZS1jfRnXnenz8sumDCqC/Hz3RyXU3FxgWRosZAkfAst8PddDannts626wbIKUHbO1xqymhapOHxIlk9jf5/6eXMPoXJGtpn4QfuMhx/XyIE+Lg1xPm843Jgf92RwJtsRGVVC4AU1h0mymmPuUvcgQnnsC6WUgxHMze2Dnzg+v19d3LneCfd10H4prH3wR/tX/9PLnOWP/5T3ul3B7uvPXz0uVt9R2FCiRSNhzPe+2f0nrYe/x3T/v7M7TD739G0qV2uPQpzVIHkz+UvB+aGFWfQki/nrTDdYs9E1f+jol62fzdUWFZQTK0VI0kZmKhL1Qa0XX+YP/ew7m+kkZEwJ+r4YSv0pH50ZKUGEeN/EGEKkaT+6Qv57d/rLmewUiygmb6xTyfdd6XHdZZZiXmYpTHjuILyf5UULnyEVeio/dIJHDfWoHNqWkpm5VA5Ltv/4gWYoCJKOg323cv+Zh3LN+5rnXYMNn83qdc15V+8nCKKJpAnTHfuPDoRSe/KsM/3OVbObgiJj/z3tPGX/mmE/yNICgoD2MgtgAhbMqXpNU3mqQCPIsBkHbqrBe2dnZp7Bwf61onJDoWMB6XEpYGUdNmKTr3Ydy9pL7tcSoxssm2EIOzcrv86gVvdnZQIm941hg2NYL3BMD6zh9joGgAHTrMPx9ZWw9aLpPoPyMNSprW7mDIYqRN+ZK+2t+W0tR+PcuG5tN8QaHoQRhZ+fzXCt2A6yfG5BENycrFh3Ik3XYtgqBunBjS0hFaarRRm9FpoAXJffKz9tzYTOOnbf42+cwXSdkB7PsvXyhN1u/keuQSgyYTny5m3r9LrD8/QWBY+FuBkKQZ7OueZkM+csaea0mJ09tIw62cR+L7BhAAT2yMdJb0c5NdsMiW++hXvUa+9aM02leudWx2a1+/PeeFxcxlb1NRiH3991G6pVkJWDqMuZKZ1rho5qG7pkhPuPaHCzF6QfEuxVzvxWGGh39Q8X28ZMN6tarjGHjYbpBDqPmZw05t/y/sx9ZTMk9WPHT3uL2M1z3Tuq3bs1uVjuvlgsh/XJEcTBeGPFTE0aBJwOSodzJ40cxeRoXX2Qdwx/HPLk865N0mf1iirKaUl0XoHQgq3QXc3aZdtSn4sdl3swC3BgU3BQCHM5YOki05A794HRIBsgw3VpHfsNMChugN97J29bov7+0bP06hEFNWrFIc9aKkolD2/sG4eRFgD8qF2ADRYIvPOFI22x0zhjI+4JGBmOhpKLI7+GPMCDzued+ifXtfXVf9SFqXRTrU6/MbLFURQKVLiFMLUCTBysFYX2Baa53C06QUDuctN8hEozBOdeLgd4fiu11KQbvf2ZdAXj6v8ZBen6gjpVDuqQWEPZRxLHQa7pZZcYxDoxnX4I3db3VRv2kR1wVNFyZsOWSdxRCA8O5RtkQGC3nd7wnM0mf3JFP7a62jTB/Jby+O7v7l27CJevdY+FGMMrX+CX7gfX2Ha9jXf/6hOf1bjfNF1wIFz3WU9eG8sTPNLYee1Y/YHE+77hKd25RHd1SsGf+Ol6WDCtBxNjlFNtOdNU4eUK4T8TrlCm90zvG+0Hebwfz586dl6iL6XxeMPq5xmu7lDftPLsRs0TnDdjHQn0lZjQixiXygQmZDlnYu2ZP/OM8oXSFgsim/cECepPeES6UsoUU9GLIgVBhaAcLY0kwHMU+iShfxtiZKm5FAAvVRlrz20oSA1cCB9bkLOEkAZjOUALt2MFapesOUGU6XNc4nDWBdZkldt2CiOlLMsAmCUQYySrPWe9Eel2DDJ1OGGkGk5slKeb7ZCBzjTUFJbPLUt6B9g+XSlGTGAWzGKMavD8bMmwMokWAHKjXqph1WMBhs5+qYXDIdTx3fdIaidG9MSitaa6heQYo5zrDvqzlDSeOTwpRtL2M2F0zgmnCI7wSgOv4466yhnqfftwdmMpdwk40zbSUM9dgqgmx4oQgsyKTOUxc0h/xIoTRzXYtwpijeM2878jdPAez4BfF1rk6KiDnh45cm+pdQqIamvKvlgL1CxMtINQ6HXmPTA5Gf8HkqnwzHhVeQtdN27SZA88b4qfZ+Eo1eou3L6+pBEtwl8qtaLoIoIL+N+pStL5uqU2oj8+HGIi1ZbZHCRAx9jqdFqAiYnEP7ZMEBzkroc11KdRfV/mc5dz6vA6OTLkG7stl/U+bpo++y0ajvkmevzwVR8p/nd9/Lu8hdI3roZyjE1TW2IFY3C+YGYzmTiYDUYLnlieThUJwqS8tnrd+FK7xvvzL9HwkX1lHZ9H/JvqyOKdzuSU+8zNZPxmfJ9cuuXZB3V6h6aWGwQBBLKs1gaN/huO+j4jsVju6hWtdhzh6izTYxBkHxZBf863Hd+nAnnL4i3rXbh0ylNfTy3GR04K7NtFKHbeMjZJvKnv03Lk7APP+mO/5Mz2ZELcJpILUo0p/zmtR2yx1rRedeyiNbYjrhYF9d2499Wng/DEeOrgah8Ceye9gcw3Ivfcv2gX11bL2dubIhfx9QRGyrntpm9C8T9ysiNBrIEOxcoa0yFRn6sfqt8tN9KOWgQOZsF4dZV7xOegxhMWM0p0ZqWTUfW0bFxwWMsCdgpwUIj3kLEija5yAsVaxUKtfL7ouwpSzmrvbJsWgqukZ7Gm5EIndj15ezkT2vga1Bg7MPfn2P7E4BaBR1ifWGWKCZxyKewQU1xrZn142q1LYSwufN0iG/aRcs51ZteckxQkEK2DHaRrjX078AyQIOgB6tpd+FrSue905l72sb/9I8LCi2gQgESWwkU3LBqesDohPtXRZw66oqe/5aRFVGcv3XJ0aTHXFKysNpUg3oYCNxnbHMmCYFBpFk6fTZddJjifMXHd39zwvdNfxC6y6td1BTCDCVEVHz1/zZlnxsQKE+F8pPhTPp2x7ce2xmwxJHykGAwG6SZkIlJm+jxBn5Bz2rppMB+7+h85MS8OTvv+EUqxAlUyMhOkyia2zovAfYmxXfJFgMrJTYrf0V7Rfhb19wloGLxm2DHEklJWLn9UYKih7idySjn69rr6XSkYRvGU2jWAw92NRJXpng0k7b/X9eOFLJPuyUFP/iLaTtvXoMoGB9lZNArtLEvTVGJe7Fqq9Xld5eRJy6IIzjkxSXHZI3idJSbkEmSp9uAiDCqCocpR33RjV4saclYdqzIGEr29crVzneWaFrCh1wJwBqG993dC+B7lDLBSd5jhD5OEHeYCmFqdnr4OhW1ynDGzQCwhHQ/K1otWUhADCGngPSzWHR1Ar2UyUdUtghDE0pnje1Bw1KVefZ6Vq8pDRLgp6EoFmegNswvUGgwAnLVQ12RD8yOzs2QuMt4eLjpqtb3cGetSLkWDIDNCPAoFsAsVZjAEItgWuLn/qTrIT7DucZCNDrfudVkWTOG7N7KsRVcArRoaCoro2XjuNVkYANpRDm1j7XRgEFumtXqb4bpLyyPhZr8Zh1zoiL+c4ovyrFe4EY99f8sV60K2uiEI7gmDi0EORoyXC8HFk2w8qAUzK8KkQSd8thqxxRP8IIIFbhupWI57LoIVDwP2LQsJv/f4/ndqsvrOOUuImA5zjPHxB+jPuZC/+dEtF6ApfmuyvwVqXEBMyoUUCjHjMoozE4T6zOrLRZYo7G7iqRehTGoUqKy1BTMvp5EOSNkFUGIcxiP9g+urJz1r9/xbbFX09VcdSa78iCf9PO4Dq3efkP7Xyn+Pdaweuddep/okCMd3vtbVWz9nXHVv2Kx4XhRzBPefFAgE2rjHtrGoXmyxAyEGM0PL/WqIYUtWDAc7Xuyq98r9t2zPeb1jlK5aQcN45i22dvZZODXTdMWBsdgTF2Noz/H6Pd3MnMMoyH32rT5q2sqrXpjPtdbXM3zVsSMT4SARDSgfteM0pfE/evdnd3Z2du55Qst4hOnDQXV93lz2gV+649YtZ7/E2n3vOqbUKXu73Q2VpmJxYj1VWfvhsf7nsWXMJu7NvUTsDu3dKyEy3vCcq8tnh1DmkoabG28p5zovZDz9eRPbsVHxCB3bP49LDvMu9mYymcued5t24X4Vfrq/sgTm6+ysEF6n5AK7cWIIl1wh7bVpfVB6DZrQ8aouedJoeL0QYBYHwN+F5sUPa3iU3Q/wrt5dx3b3CEOmyKgdle2MNbYqV1/floORNoetV9jTV0idPmyYR3kwawCR+m8+40lDsf+TllqHuxCMCLfLqwubCURuGAaRQXTKHeedXMbIAlD+uDf0XuqTzIKVX9QTmG1hMoCx78dbu190r2uUQSxP19lYjhwFvUqEMyF7O9dVMH1Vniinmy3VXQBIGODRSkR/cjjtkuEUXL+WBWZRmvEPJMZPpYk7GF1jX7o/UbMYSDqom3ljMXLpt9P2x1qr9ZwHr4b299tJ3lPWb57qoP/QyAkYumRCdvvmty1d13jsnUf+by5sEl1HVLcUKf3RNx3f0dWxFkapm41CU9WeN8zd0NLfGQPlhp7fX70wEsTpceWoG2f4ipbPPe3js/y9y9eXkI9Q1x07JnP83clr+kqPPUbPLpEKWh/yFfc6x973zd47scMThSG1noR2/b4165I7BWq2fXKaHA9uPeMeMZweG+FAw335RKZcBTLTJ58P58ejZrtypq7WnNWb/fXrji5ROZ33XdOJCxbe4Bs5dZdVd3GUGnLfKfCc0RSfmvtOI9Oni56Xq5iUflLMLXThUwViJx7oVQjEOr9TbkwCZKE2H1TpH7xofkipClM8z1ERfLNv8py0UVaEJwDGZ5buR8vBiaFyymbtB2somS5yKlTJsHJHl25jsYxIacQa8bQnftYVFzgMwVRflmdSflqByu8DlUhSF/FTk81u8KkumBGcUGlUYD1lmqXHBf8DssQwpxQPKJskeEklt/lcP5ERkUQFrhtxC1uf7KkihK505QndBBsUpg5D/30M2/qdKKWCGKpU537E2YbVbjEnbYCYAQvMCIeVUB16JQtkt3ecYUpD1VZDKxoPPnSloThqmeyJpoMYHmHFNbrWH/RF4gRthbtRKw7UIVRiogixNSBc1yVmqbN047AGeLklwbJuhNjaVh9Ik3uq6PuLD40yxe0lZ2AYGGAJjhqUu3GavsCQDMdhMAeVW6rje3Qy22mAmGkRQzIXYS7axDPv+2A5E9eHCxV2/DPoNvVmCZAxRYG1CNaAabU/RfPTN+bxyB5kE/wU7RgNQtPp1tS5d/quCYnHDPwDFxeb1OK/o5zMvUMuXOikL5vb7XXnmfe0Hu/uOumEpq4mD13CTYYRFCY0kpkWYH2kFHMaDBCyJ4Tm00dZsICQYvXW64sXwPATCzeyd5HAJEBY51qWOfDr/EbxqL+h64QsXBdBwsweA+380oDZi8peue6bXyLKYeajJyGK4UENNrJOkqJM3v6h6mG/d3j9YyeEHziXMe/7ptZgYw0qByPQB6PM6NHxchTAkkXlsSVXqYGCuk8esTyP7n/jehCBIyww/MzANN0lUU9p6cufGOEWAfO5yhksq0e3swihAJ2MrBcQDWaJgSyKxnG0s+LpJ/82l1dCQzfkP+XHzeemKcN2KQmynz/C9055W0au/+e4MrHn7Uw7hJP41wdWvsisQe+OtptfK5DI7xvQKo+B/CM68z5wi6i83/V3lc2BTmtjfr6ynTk1mTARmAF758zV67jhghoiKsieGXfKi1RcmM/Ap69BbiNEWKTTLGABkeZGb04yOevbdTz0T4JIynPTIZ7z7mvDIWaP4EHPje5SNmMBo8G3tuEansXUPJUV1wSW/v51iBNta1nl23r1xWKt0ZrW5xvJBQShgsNCnJIg5lCqa9SFTgYIDIpDibh6JNBZf9Dw3dTyXlc84YXC1QmYR+2ZlgfdYtepY/3+fdt2ej8wBZd3vytpdaHrrm29pEGWdCYbnJ6cgysNXgHrtDlb4IItdx0Njanxmccb/oxUEAely2Zq09b49VvHY6G7vu5klYf2Tlxsnp9Sn9B8RZqP1OQJKcq5I1hUxGYUB8eeOvPxWicek7ir9EVczmN3G/fiOY35XLXvUx7elRnZ8cr6zEe06Pplf7dTd2afzHmiaVJUGeUmZ1IjZuZbLC8eTdJjgDJWTak7DT3iLVS/etw2OwfE+EqMf59vslui9YlrGRlfvuakv+iNwwiNVJN2zcxVIuQcY8w5prZMY+efzIq7UsqG+5q/7jpWQrazbtWE2jx7Sp3SVDHSVu8LiEzjffWfKtf5d9pesRT3qMkLXEuIM3IFYowa2rBBvR+bARm5XSV4hEl3cZeu0iAh3Tguwe3+FdemR4+XG+riG/f6uhOrKkNiqxE5yjnJ9Bv6mgwMvNj3NUHWKJyo34Wuy1SqlvuAwmLSUq9PyYECoR07vLGanWeJxEzO5DgAFjTlgCkkpwbYE7J06AwSYQZlTWLAbN+IyN0Ptqnr0/EnqE+dxmoZq3JWGYk5QgIL5u4qvzNgeY46y8D7cg0GI+hPsUckskynMym3yueFC3IcLYf+UOjUntSXDDIA5bdvaF8lNACW+QaHwEpibCJMGFAOAAYxyAhtbMECDRvbwb3ayqb29tcfgMvcGrhAwBhlHQMAmMAYAGCCiTXSB3oHXlQbqrUIPAIQtxE5ImZr6VJwT5ZjVA5igFzW6lQtnvIInk6aDRUoimw2CAs4AXC5MuFinAQQAsGSgAUQkwWvUBnteAaUj/pw4BKuA51Z0DvmEkJaFoOQIyKmsFkIcmGKEHMYjBVRXp8VkSyCKjGHdTa44b3FRmKUii04jQ0iLJAWwmLwOIeFHmQQ6uQhOgBJoBFhOjTIZCwFc5ubppESJjEl9TXe8MAGPmZC7Ape4lyXagrf/GvUV+NwKp8u4MrDXXdi2oZegYyvTpjFnbmv2A+XOialLVZDIdijrbFHPtQgWq6bdQLunCXMs2Gkr6pmAgiQKUYkNYl7jx2pEWTv+elFPYbWMWLTV19N/Q2rYl8yVsn8iemsSYf76zs/PYEZ9Xt9myNGWucPD+UfNnRajnRadVqrb5/+NLu6Uy92MSGHyYzXm7mClpHAAASmxCylKCfarqtf25yOXdM5w+y4b6ze/y97N83Z36Y+gBO8LaFsC5UNleZ5q3b1UojiV03TtS8cCqBQHTugrTWRO2ZFdW47HtaWboEZtLkuNE3Jtzk1kG/IB/JaRoCJUEFiFq2cMyCPrR4/MPzA29SOX3nuV2ypHoTd/beIShrb++6qMbShhX10VrrxU4uQzp7liH/1w+zdfHYZfGymnMsv7ONWT4ZxdL8YF6QyoWZWlr7naN1aOc87ZY20RgAxMt5MEmOUBXifsbFj2BO6PIBH0DinDD1NSZkyuLttQu78RxqGCaWJUi2UuAX56JDkAqtexBLXTx+Fg/TxQEvDP5kvpgkvUn68dSHpjA7LmGZPC3R2du67wKht3wvaPsUcY8xR972Tnv04mUv/ssHRA7ZaT/xO9UPlEGyVGIobYo2qn1mreRKPskrsMNgllwlgTo+0xXJDOxECQ6+5dugiMpdg+2btO0siKaW1yqslciMTidpvi7MnxruiEq+/zPdaBVKGnaSOkjusNtMsDrjumv0bLSW2HRJyeM6ihw+48L24h72yb3FpKjh7/4wUutq30yXpB2jJ38TbN/wGXOUMNmFpoSZ2MIfrwfv3NBU5x4rGnvypfo/+ctJaXiZ2ySVigG242aaVXT2Fns9ac9U5AKVUWmvvW9/vyaNOiH2NHafPUNfZT37CjW39LZnbnnmJb7xTViorfJ3i9g1oWomuWbRokZmpgoyYOahmSlXPSeju2iMb723rSQyTfnvabxOR464tp3gHO2wYydsDxn2t+vqn7LrFuop3BToTj42NNxRvmmDTrckJCdyCJLa3NjMaSYoiMeac7OQJBTtFiuT4pW31neVolB65PiXtOOLJUy7KpZtdqIAnz/PtGNBKkz7thfUjBy3usreZ+nrBRmr8RudTHZnnpI349g0dMB8kzaDR5yyKGfoY8+F9X7ftizS/y8ru6MZeJ50ltmSWteIyJv7YpFOIpBgmxItAD0mzGcRpy+O6SLLJnPJCwNq+4QIWLAvNjE4TVWZijOYAQHGYypGVDmv3mDCpYALc5GTDWpDJQgfcuE1FLtlQtqh7pJ1NfalL1GsOMAhc1AUcshbVDAAmMDAQ5IVVvZzlkixqUGK0x7I/qSvXS0ZYGsvb2VnJFmGBxpRCLUJN7PwO+j0nXAyXKRhPhVGnHNY8oOu/FUCMRZZBaC+RDebS2tD1HXTAYgAvHOgTJiyYINY0TSMxYcAlXoDl5JHwd0D7GXNOFE9UuQ2F4FlO5iYIyioXECI0qcr/ZYnrghyNAjxAHSS9oOu7ArWzcREuGJ4zMNv/A7oGa5EJssTnR9JgKV8gBqBpBmt68D9d8LctcJkoZBcUawiHU2uiqO342MzAAKM2m+pw24GQFHjBCybrZqh+oG7wBLIuEEUTokTEXGoBDNKg6RGYHbTTIDQVqTjWADoNPp50lyfn1PsZC2z3dI1SQRRdl6pCYXJMBDmbCqK6hrgEdMIe8wA0EhGszwImYtWfgKtgAbYjGMyGDJvDgFjBNus0P3LwNfTSAprD89elv0g2G2bBIiLSsFqsPXrVmMO/jQyA8RveJLYoXdV1XOObpkP3k3zkF1Nq2G2+oRrxSfh8N7wC86t21thHLfhOEsOoH/n9D9fWvULuK8a+xxUjNQD++6VmnSnbcQYzj9oKJgAEIsfYkQtUX95WI/hL7rlYq7LX+W6afVUnHtZ8bIzC3sUy6M14vcOpzthT+/M1p1cvqN8x0dY6kgkTQHVnUp2YluqWlhbGVjuOUhATV+CNKUe0bX25La9vU6bJ9Ey8k/P45Jf8vE8rvHDizg0/KjuvLhYbHvnRe6bVnK+v+VN9ydhftXPZ+DLpFfn3Tg5MWzM7MACuLwm7x+UDgU8ZyAdaxpYRAKFvbBYyOtLVq3amSsLywCpq7OqWl/+m8TTl7q1evzdBdSgVJDgPu7XYVsMTcjRkJbdGhBApYhNLa0tkXCinsyHx3vl8HsaxvfpTRq1fbYTYGo/Wg7HpOjlIpT/CH15d868eCPnkH1hzLvsCHeQADlxIlk+5IXZ4+VRBEQld84MBMGprhMMTZtqrEw0NDQ2l8hdUbq+W0ke6g5Pwgf9Q5x981qEurjIGfvtyp2+U1o94c9fkJifONrgKFeALip/wU9V/wvo+0hkuHJBtE5l1JauU70wkpZSz2ooeMadkP5V66Z9HN90Z3Wo55fPsX/lmM7fq1/ON4LoS571hQzgDwH/TqBA0Kw+pfn561ilaKEspwAB0gKHVlZlsgyyYkJtGztqu1I3ECHv6cvmF3Jp2sre9v/4ZL4Nst21b7fO95r864DhKKmbFniM5L22ba2esvj33irmgrCqhyhQci7jmkAOYJpBUj8r9VbKm4UtC9o/XTFvY5c8bv6Pjv/DE+KynTMwOByUE4Z3Pm9re9XGqgfWfvqH6ynKekBZjaXF1eF1DowNArTkPqpyxYDalSNf3dKmLshjdjnzmaZobCtiamOP+d1VPdt3fzLqNq3UNIbIRLM2uR7bl0p+f0p25tkA681ljK2bhq0CMlLEELKi25IqQDay0gIpMrxNj6pQzruUwPd8TcfB9U2rjlDfKG89DCacopdSzFhsUHOSbksqJRJaomaVD8ccUNYPJFc4SSOKa0pvpaCabsLpZKRMbOZN4BLquprjH2HRyn3fEH9XhZl3FVQ6PRFQYMjtXXShnsODiEFJdBRc0kA0Sw2ujfbD9b6u4WTs6dCXAdVjxIohMQwFyUt1ZOToFmZYUy6g/UuhnKxsldX/C438nGClX8XxsPgNhGmhvwso1UbduGc31WgM6tbNubnydlc+AUP3rfh0P1A2NmcZ3mCubeLHUzE6MDQVja9TrmPhr1Bpr1H/u9gg5FDKyIMRT8aZnKEcI7SoHkQIQoSbbxsfAIOARMhc1vd1S1FxXR/uT3lPxYJjRdjkXRPqx6ZNmL2Vo0IoMVdLAkmy2m2ByEU7vSpLMKQwCMJCsQzGkAy/JpDNbBJg1pr9E1tVgYN4HhBKHQjBqoGlHLb6PeEFiYtJMQnPjHtdgckIuim4PomvijAK7pBcNAgPhl8XwhGWntnXOEpgMQn0NymHwU1A3VmKeBwiCEAdoegUdWh1dG/f2eyoLSlZZ4bgRV3mqj2YjEeHnHpeYRSQeD8UxLFjwSjC7d95/ephBpontsW+zc/Q6on4AtgMjrcqu0+p6Yzv6+m9xRM8NbxiQKzL1nYGTywiXZoU8boe/KjFjvQQiOTUf/cahWOvZcW8scdKr4tEt+dXyim2dU/sBC6ZVX3BEjDkc/DMZWkaMyiOdHv5CFTyLdWElr9CKazfdjsROCrq5zofFudpI7X7NrLg+3+WzfZ98rZrP29x5/CcNi+FIet0V1WAiRp3dPfWssf//HyMA3BrXJ3g3rfHKlSvG1njVp9jqVwkK+EZErcf6cq77rONa4hR2AsfVP9tu/Y/yP87+ObEMdDkx73fy/XDri3J3NvoCRrlO3W7ngphB22M6uOIIW4/aUDIetSdr49gJQFYQg3a8A6O2TrIkL1CFnftOv2UzqMstlilq9VlPuHr47CQf+LlA1aHJibnSmwFJpN752YdO379jbUnKl568luF3yFjc5pb1iY8AcBUyNTSRqGQmA9y/3yMP33FSbLKzjig2d4kUmEDMRKhtbXUnlJkcJMEh0tD3ur6uiBw5bKzsUzHEagjtyXrcXeytyyAGSJqqw/FyAqrB7bQb3ZD7K84kVycBEsXRsFuIM0vKgv/JKTVIYkvfNwKOnM2c5ciUrmv6VFuqL/h3HPdkBt3GwmItIQGQKGUN7nrgAcGG1syNv8a5LUMEPVS6uLpuQztg9Dq79krH3cbdf9PaKlCd+zNcuS58IUY0uq7msOvwAs/FtEJwrYL8QAvEMNlCBu282RP78POvbzzT+4/kR0gFjBQGg8q1hsoYi139KY9mHXuddmVDpKU6wtyl7Zz/Ie82juhrDhwbBJ3HnkcKOQDTNK2lTHJGlDw/VqP6QWPvnlZy5lRnp9mv0o6dz3jFghMcpa7eU1SQWO+eKU4cSg++WScrRtP36TSOW3U4G4TbbpcY/SXVSsFO0cGCCcsEq37FUPIO1E8fjbL52Hf6l873rfPunW++XEH/GmeR//9Y9VOps3jhN/XiFu/u8UjBrdXfZN/v8kc/GO1VSVczgvZoEAyzNANgSIxfnVUKyXXzfTIPy1xkmTN8VJaQGpQjmPEI1X5sb8kdZ91H5nHJyoHR+/bNXbpL94t7zXbvoEc0ivd+sGKRt/hWV42dvq8ZF2zeRDZrT/VqsCxh8aLh27/x1JNX/zDEfkgFWa5iAUk7bqAdta9fpz9e69XgWapslFxoS+wU2FMfr6ue14prM3/4qzasvn0Upjae7Xh/Ot7YcJ9BELX1he5zYbhWiHUVDd7c5J7Xa64bskiDdtS1awKFdI3BtS6zCpByMWFuo4FGP/oNFx0f6Gk31Iv/3s5mu1mQ1dpQ7QFbXbB7aBVWoUjJtXQgQU4yXc8YYQGKE4LQnzvqssUAM5botu6NP1poNCA3Uqw3lS+c3mgqWC8I6m0QIio3TUmpp1073iSxZVA2BGazHaizaNSGFmKmy6R7dyEjNOrQmQfbARmDjrcR0ZN6f2z42Ou9giwuMsOFBpvQxarOuEC0JiakB9U5qsV/YDKa6dVsoUgO9l99+HWCxK+tGXLOkUjDeEw3Xba4YAAcclxwXJfMFIdNTtrNTExpiFp6CtTp+aX50eGrWVg706ahN2o/1m1Dwjdj/aqXR9KP/bv2S+SS/sH4jvmPkL8mJI5/yFD2xNtOu4pOnV7Bw692cntt7coVXKlqPb/pO512/Fljh9LTxsoQNDmvUd1QTmwVR4ZG0okKWs6ld72+klDxzOe0dOqzieVQQll65kdiSnLEWVu4tHfr+7Q9aCvQNU3fdP0vPOlpfNstDbNQdx+94v2dqCNt1frhaiIx7Vq9zpP9P/mBNHZL/j9p0adaFMTSRSVnwGvQV79D6cJVENkLa3uL+09yufvqfTFiMWcaowSvUyspg2mrG38FmQk9vLhTPkcMGnVsSd7WGHtdU3N+HR6dbF9gmVDMSi203ZooTQgGORgx7h62ua1+2upnL/JVAPpB5BybS1ARJw5rhEL0ZE5cm+r+Tn39N+a9zKC4C1aTg0ZSHgDwT5I6nwB22zlOfeeo8qdKf/+TlX//uzFNppyVOaQyyA3j0CORCv/EyJvELbm2QP9j46OsU5zps+h1mlx3Zp5urRx40QaShhNSEYczHuG2eelPE372XJLE+EhZjNAGCxdGWI+UTX3uTKfV96iOyennhT06dAqtmHBdWMtto04rh/VbwUoprhMJ3vM1Bkp+sdT8rEVcDzWmn7c5MOfnz/+78ncwTViqFzj/xX1letKk6IGR2DicZFx/aL7hDXfpLscjXdi/mPvon/KqsaDXxZpkmaZyBpYZOWxQOdasaV9qXg/CU9cGnp+Uv/3MFiBZlHO2rP28vkD5FGcjMTKSwcLVRPs9u9jX6VtBqjd9aaKvDxr1N/06N28CTqk8kPr9PthlJ98FH8pFyZmkV1CIFyvnd+UnYmKmviTS6JR9R/KDkDwGfU7xmqjiDQOd2xqb4AnTP7nvNH3WFX3TuYN8D+CGfzN1xkEwKKfBWQ2KxdrHJkxZcJyS6p+m+rrzdZQrnAc5BAzdMqkgny+2Y1Yd3bMm1YIBE5CETTww3ettZjQXLjpk6SLokfNg4Z47n1E8byGVeBDAUoYjAbO/x7rnJQIOeQMCBBO395qYgUMOAXullOzeM9lYBFwetsG499vO4JzHV9Ny7xwA)

**图：SELinux 层**

该层建立在 meta-SELinux 层之上，后者是 Yocto 上游的一部分。它包括：

- recipe-kernel，其中包含为 SELinux 启用所需的内核配置标志的配方。
- recipe‑security 包括：

    - 用于将设备启动到 shell 的策略
    - 针对 Qualcomm 服务和测试程序的策略
    - 补丁形式的上游服务策略
    - 处理 Qualcomm 政策汇编的配方

**SEPolicy**

SEPolicy 是包含核心 SELinux 策略配置的目录。

上游 SEPolicy 在 `sepolicy` 中定义，在编译过程中下载并使用位于 `layers/meta-qcom-hwe/dynamic-layers/selinux/recipes-security/sepolicy/` 的 Qualcomm SEPolicy 进行修改。

遵循上游目录结构，将 `apps/kernel/system/services` 添加到相应的目录中。

该图显示了合并和编译以生成高层目录结构 `policy.33`，也就是在启动期间使用或加载的 SEPolicy 二进制文件。

![../../../../../_images/sepolicy-figure-updated.png](data:image/png;base64,UklGRgY5AABXRUJQVlA4TPo4AAAvd4SEEB8Hsbbdts3HB1jcNvXOXsJJ2ACkDeG2tt0G+dK3ydDRMQNDsBo7MgB1zk6SIAdgG7cBCMq531mnv+7SITuWT4pgEMlWm8UIFvBvhSQKeu8lAQDwZ9jul7AWboIBGlaDDCAOiYlKkEH7dEZxWriFNcSgTEnKoDPErYRLOIWXJsWtpOzCm5uFNwBfWAMQAAQANYAewJzAI8AEoAIwZiBmOAMY/gPoRXgA+KnMEq9Ekc07EdndMkr4MKsB7QwAJreQIbOaSDsDRKbVhlEso4XTGeRm4Re3AMisEG4Zl90DIKOcVqNR2mo0a5uVVmujwO72+QM3+/haOLw/BvwQiCaylGwkXSyUQIaSh8K7Mg11slC5EU51sih5oAYRSkt9ISJkKSlFhJQChJLF5Im5UEOb3ogQ46EtgBosJfpDmTdLyVISIWqItrCHlV0igRqoIfvddUOWklIspf1LGab2hQh9QSLhgRUlYJuogSRhEaGSh7iBe1nzw9d/E95wFiJ83XepNh4HGIz3LgfM7yFaW7+T17b+Fy/TLuX8y2llf4v3aX1OMdp8n9JtPA8DO+4nOVi5/OqTjzYXEWgzIalMSRnKlCyJZbAsmqFOhIQ6TaS1uSDodfr3PP7JAGW4Lz9EQSlWYdy2jSSn/7Znx1cG+40IBW7bKNsxdviI2cfQmAFjGABcwBo1JmhDOS40/+nZzwhzsNiiciQ1lcnizwpzFWx++LZKS5pG5zQTc+hQzOCrXERMaXRjei0BpE9CEXH1BAAEVSFIWQAwit1kFZggWpTi8UV+NH36NltBOa9asJzrVWyCXyOduawmrH5r4x/4ltMuGPQnC5Y8IWELQ9cC0JLeSBLSQ1I9i2brNem9+2n2fdMsve/7viRJPmZ/iClTSSM8+3i2ooUfEjxLL4UxenAhKI89FKYwojCJXzzgEYlHGIHpVLb/SdxzTsQn2dmSrJq+8Tk2xfKdG/eL41jyhhTRf1qQJIWxo+KMDU/s9uC4CaRFo1l/Wry2X5HbJjKkraUcUzHMzFBmZmbmNqQTn8gpqD3bDUdOuQ0zro+9LoSZmZm3J+p/skP33r0zc393bjS7ksfWrLSa2dHOrOCnVUT/aUGSbbdteiXYYImsI+RFSsD1Kp9blHPgnm9XafKOvQ8e1eXQPZLLlnUvVGWyOFm+w9v3O0x7f+eOPajYZHLXPcsanUWo3GRql31H68kUKjhZkQSty1DJyc4HJMvUHK13Jd1qjis2vR19//lW+/RPfg7V/OADbujNn/8mVPK1j1H7aAuw+dmE+9lqOANMPknrR5DV+o77aWegySylFmg13M8kbGwDeC3ff77/vuaMTy1I07T5Y4699c9EfrAOSPbjh2TImci3/KrHZwSUuvlxCTB3We1n1i+YYzSve5/mC+nHOfCZrdP065T8VkC5QAK+n+abwte/1I60DmHSabV+2uz8kOmgB8tvCDfNXN56jnhbfhpY41HTM9FnJvUlIzlPTwZowwPls+kHs+xHlf42pHVftG/68/0kwyKl1QpjXqXnc6DVPCdQM1Se+wAd4aspl3AnMGz9Bu1+39f683pc/sXp1lVi5fvaM6HpME3P3mkac6YcFQMXUgqfibBaMRmRn27eEVEyPvPTZ1KDc7d5o9ZpIpknmIXPxbxVGxHGv/fYrLmkTVNLDS2YY5Tkt5oG2PDjadPU2VzkrGfxDPBTgTwZoJyn/qTKFj4XYdCgzVJVA0Sdv8IzeCymtvWHUnn9i8BDSTuqcSLDIGMkn74eW2l/VAncOk2z2W9mtWHdkOXZ3jBv+DeZzuA+9edCLjw/6An8UVTJ6BGKzC6g/zP5pDa+QeT7jjaky9ykys+dnffAObwSoxxE+o6YsmF5u3lLuCk/8+NI6Pl5qbzY3JMyb5osSz3BqUetlGd9M5eyQeshRS9M8Uq4qWWOTsKgSGBDn2XKQXHTm8+oKTB+KiCMzhUDVQxE1Z/5aYWPWQogitOm8QiCmIyvfzGavX79/e3wesQnaoPMPlUe8AL0/2IbAm1IZPsmXl8BaWB5Fqj6KU/cL3pv8KMUs9kvvnbLgwdl1IWM2Uy7JjjmDYNrL+anm7flvCmN9M3ZWfOOvGqaFLurV4z56Qa5oPJcnVlBT8bQpb0CDo4+GUxlTgDlZhngLXkb2nqWNQ0w8seVgLn0TfNKSl8V0IXKGUNElTnuPjNpA84mWXoPH7M80FzFofEIgthMLXXkp+C1njHCREqdWv583ZvwXO37lz+FIp38olI6vAbl+5bfHBX4MjbiwpObAF8YRgQXkihDvs+DMArYk31iTnicZfgS0Dk35pV51Zyzx1tQVS1gZYKZw0MpP1QSIKXBQeoBUEwDDQGWAAiNvipg6edGmKyIYeosFXpNDz+z5sArA/dsPIJg9ouegO8X4HMwF689fxWBa0ZoRUXxKTx9g+UX3dctj6iiHR9QCvT+IgIoVsWDMupiOSzfLD47WY08Q3N29rb05Vkv5xRNfSaGaVKBpQQfqYs/UzSauYgIwtOF7FZk9ZQQpTZnPg0sB/jeVJjgvCF4S0DpGI4gnH0K3NPXyZs/SnMhoLRAkkhg4KIqQEMJbIEoGQja1xjSqIs3041zYuMtqcmKzzlrXp2/Om9IGqXnzKfiBpRS6uAVS6l4W16RPsy8RVR88FU6B4aw9EEIUrFPdd6oYjyCwKXWOkSFTtZGnyrBx4+Bq0/dAIX9YgACVaNPlbwmylx7a6FxZhqiW/kN5crOs5okQ56HJMvAnxqWPhD+L8TSQ85/uvEI3D195alGfjQQ03WjKdi82eQIgtWbX4fcFNENOl/PZhRoq8+nn74Ov26KRvt9kCEIU3ZTRs2QLeIiPTt/p4HD6vO+aRqj/MSZvCJhedWkylX8NMHbUgJPWQs3/Zk//vsV31HqMo/MpA0LpMmyFA8DZh0ALDxFA3xMVvoNS8lhr5p+tGlyBGHl4LcZXrTymhoWRsPrQTmh6E0E+AzsF2fha7ecvL74uoCMMk7RCDbsUzSMMAq8wezwsKhsRER+um8aYt+Qx08buF6hG3wON/b0Rrg5nxP3XvRAkmGZBwBrk6wHrk+pq4F5P/7T52mT1dDuM2rf0EEAL2LNyfszKILuGzoj9w3JeMt4BAF7XdgAb6vwmH0f2jfkvQF46QuRAfJ6bOGWHiVtlItg3Rdviogj78+gCLpv6E1y35B8H3qD2qzAX4/6jjl/6+TtflTA8f8++PSn01M6NE3zNXW8fv0n/uP778SJ6qQPdaffnLLT51Ih6q+rysT3n+8/339DO9rwl9Nhmn+ud0dhNAmUnEtvba7vZKA6YdVpbmiykwHF/HHzG2jlxlKwPqVu90+6n6ivjWDJRJLSac+nCNec2+d+5tsImOQm6Eyehm6e4587CPsQMs7KUZoErZzraedg8yzf95/vv6Hr/e7VW4G4ebqEzy2p8tmcZp15EoTBE3OLo1MkmH8r+5zcorjGifyngChJp0gQ59xkaZ1C1J+D4rJbp0wQjpz7/GSJo5tuNPxMbrVydZyYTjEaXm9RQ0Z4/sej66RzLhM57VGNrmNeNzxxvMTMw8CgdNC78X6ugAdES88kYRl5cG7kyamObuYhcwOPzg18TTVuep7t2a1s5AELmBDkS/uZu+YpSjh3hsfTHcMmzt1aYhGZLI2gG66obi5xu84CBOSYcclgyaMSdpqjMfB+5nIGxZ9hgk4AB4oI0vGkWzKnOw55xqLIgBQ/rhnAMxqDND/jydJ4uoOR91F31tHkS4kbOQICgnS7dVbt0x3DBjjMCPMtDK/LZClyN/eBgMR/2OjcNWZz+mPf0ODc1ckSm8Fhng3Mk5vO5cMS87ojAOur/RE2u5eLOH8yh7zbNQdKNtzCcjIfgfuJO12CQ0xdJFqKTuWQqdO/Uyhkw7XppWXD6Z04h3/iP77/fP/xZ+1p/R1RT182IvOFfVkbRT3hP5N5iS83tlDks6HvXGkv7aQo9Jkfk+mOF5e327khUF30Ih/ZTrmw5MmHeMnzqoXmND+5SLHwMEeeVixMc2TUr8mNN4KqOQXNuuv4yL/ks8EBOh8ui8he37dGzBOP/OtFriM1ouSae3nJLUtls66o9xwGmz3ZBf1O2n5m9JGq6kzxkxvksyhaXaBmrvd9P1/tn8oj74C9IxWzHLlH1jojH4aBcQDjDMUw7NJSCik9ltzjuvEqfeTqvo0jU7JWvpdK1P8gnV0BRSloZL532oKQZqdeROoN90TZM83Rj/vyZcAdUaX4gFbQbd9elq2vnIgzmCHSSs1TjzTtvzXqe/USwueurEDUK42bWw9IBV9VvvCeDCfHBAGpUh6RznU47Em/E2nwBo/UoYng2bot9wi6maSkgsgpBRdJcArS+G4R0mrmaN+QXO/hG+hHUI3Amclsq6B4IHdJBZuA+3fzoJxU8gCuCxM4FyvdkORkNZAKBtme5pBssCtSOaxcKM9GdN/eykkF3YVEQ1CKvVGkdLinDtraDD6sG++6YEfeZzjVIgxj3dcJz0B5jTVk0lKWgQFcU1VyXzVILXTZ3oqC6M2XqNRDiflAYPBgZRmUISB5db/zyiBjkEZhNc1OXtp6liMXCI9BZp1Xoq2gVfJliAl4SK98tuRxboyg8Njcwi8XkEGGwA3d5xG0yF++y1qI40+P8pCRd6PwMMsDeukiUDe6PyO9Vi5fn2GbCOL1qK8BFQSqDkTgCgJVRz5UDVzFkZsUCzjBjTuWylrFWNThVbfcxkWuGUdq3v8D8fu3lcRll35zKgLg9puLY4lJ1ek3F4bg7TfnAaw3NlQIROAKQ3nsjRsHwZ58eHqHo3N+c/JZEwdkT0Rk1j/SIt8663sdXZenfboqUkS673dWRZq0NyKij9D5zclmzP/i96apoijtG5P2WvaAip2+Fd2nX7/ap1EEqqN0fnPy9jxp5v3mjEYJhu2K6/W8Vyoc1LMnO32fCyuO0vnNSVu9oS668/jPkAYEl0Kqm2eKCJzzpZDVee8dJW1QxHW9MSkt6n+Q1O6qiGAKTCSqQE5/5DdHaCY6YNXAYUczVqoDorFJkvebI7YnOxi6uzDK8c1OTcC839x8tQf5ee+sQtCwAg5Lwc+eCJ/e4IsuMLsis37PyLyVAgL3DRm0byhyfd83oo9kVDJ03ZBIcg88h102PTV3RG4rLkQ279PIBqXruj9xzM11YW9c97sv7CjGAH7JNuovlBpJu/vJ0HXR1tgVyd3EijK2hwYiBx7Nn6oMUneOfGwvVzjPla2oG2TEKjYjkElqN8oMoUJ/VyTn9R+uijSz/qjHnaToOujYuovE4wG42qSokPfbGiMTlCKD4n+AxVEaekMJvv7GkQ8RlbXl9jIo/tyFcsjctzpSPGzOkgjkzgx0+FfJVMPO6VU6+s2tVCCR1AfAw+W5L9sga+Yphv15UNXoN4c8W5SM3eAdOm7e8UMNM912MgR/oUK+RN5DQ/73mxMi+dZmrvYNyZc7f7oLkWSYar9iUcaer2ibCO/1qP5ZpOuHnJH5ZfWbQ4RfvznlAb/frpC2guA1Kv3mzsiG4O83N5SLPXkCH5kjqjz1UdC3Xy+yuhsI9eCBKuFbpSFTQzANpQD5wuvy+PQDiBWwI6uyQ6XCsicNreA6fIjyqY/85gK2zY60FLviKAWPBJC3/WmT/ObQIqqJ6OoxqaCZ74BDTj/kN4fIut8cTG5uTz4kuuertIK0kevO4/RDfnNnrGbeb66/Ljt9I0XwYf1uIfO8P22S3xxxrTqa+6TQbLTvB/ztsYEvmalZ1O1KGQFpv7ldgeVxQGZF2nulmR8F2V6+/yLEk6/tlrhTLh8BaL+5G29AD3c9ECCzXYA5LlF7u2vlMnj2m0tRXk/aBG2szndB47jEbu4lWQzOfnN78hi9dBu0u52LzNv+aMadzQu52423RaL7ECjiQdflhcjmtoavfnM9iYvphvr1qEc1loeuy7cikBmCAojIq6rrqirvConL+Oo31y3zBAEobHVdN6w86LrOXQAGGbvunnw1l7tdl1ca0n5zEhYiKGx6RBV0fYDIdTCfwsrhnzLvN6dQqArF3RXApoAyeEJECqNh3m9O2dhEHVHGSIYJd86pS9od+/SbEyP+3XeBCAPzmwMvMUXab07CKsb26TcnSNCwghqWd4OYDr6Bdgf2/ebcmzzoNydOguwbqrbhG2yplJqn2Pebc2/eWd8nvy9nZKqOfCgxwa/fnLDwwPrNce7yEl8JpOZ/5dtfJWT0F4IQ80Mb6zIgjUlKJb9P8e6loBxbI+GB9Zvjm1F/Ckw1ILNW2OAsgrEmOpMH1djL8IKfvhcrpuQ4MMSJ9UZQpljIHZVw4JRqAlHbvchFXlop9gphF0O6WOPa1u8yX7Y2ZGZtL7kFsxutBXLaL+AKeCPWpd0A7qwKlZDK2obLkIGU0TG7BlVcIiGjdRqs4WqltoS2chu3yLpSQ9XWaA4LjzAEZ5oxpNQM1lWmYi4AbXscoxjb5YLUCwQWgwcaGIyY0p5/2vB6Gr2ATsZe4od2rN6FcsYwpFjo2tb8EBzbcOkRLhThaBd8xcbVmrVOjwSxVkIqeGxbgSVSDG2tWSvrWmtL5W91YYFFY+gDklUytLfRrUes62PosM40P3m3oEPMeqOIrcICl2RtoTHK3RjesE4JaNgg0CXqtrIlj7bUsRLVeMAFlINSbFUQLDQUDqzTC7hEQgpCaCtSUfIIzSz90QUwCk6JKeHaLhBeX7+5gtlqZOfU9XGUhqOJXMaHGm5IRi6VJiAK81+BY0OiwjXllEKLKTR0WLatCMLQwlIo0RtgiYQgnFrJNXaKi0BssMG6W3y1aXHCEU9e1Ddmq68WztDHURr+TuoLS6D4EPMCXZUOW4oGqV0LR+CHqpJgwTG8/LzQFC1ig+uigkskf4AxSmXMwagZFG1t7RiZ2byERHcfqh3iDd7iM3W1wTXiIS90DD6Mn7JyoUWlKqoF/LT/EKqS/JBNO9A+DvOh7B4Q33rjuMBAgFhcxRw6D2sOqruorI21bpUEZ+0BdI9slGpulISNAATqbiuKGMiKY0pnVb6UJAx1D3A4axtcqBcLNiz2G9bYmsGLsUH7BolhNRzW+gxr0cXyhlE7CCXXtiGGVR4lb9haE8OMHcPWlmzAJGzweMLAcSO/ObbQBqG1kaiKqfYNwWVOqVQYbSHFdPuG2tHiU8iqDILvviGwX1HZTe8b4gK9QRvDtd1xct/Q4AA59Oz16yLRrO9vRFaezmSvEWk9dlZFmkeKI3R+c9xfjwoaB1DWWuWy3kPUB6Bzgxtrax7t4ZcvfHQlKKDrN0fsxhuzHuQxp03aa9lTauYz8MT2dL7ap1GkOELnN+cIiKvMB8iae/7vgwdevzkyT8WhPFdUWpd63ivyvk+lBZmk9rmwxxE6vzlH8NHSFXuwPOS1+PhPyLjf3EzAwgo6tn6uvQY861MUMM+nHWmDoRqsN4Yhbb85AiKrHoWA4k8E5BwriGP3Bs1+czPRT9RvLUokzL9qelCOESBKWIMZ8YdcNzu9A+8786cwqZJzZOTOykk8pRCRWDqP+n51Puud2fMlnTdp38rsRBBo9pubwVfRYN+Q98sPuG8ockeu6v5tkeiDLlrxuCfbXbq1LBedQZmvDIkkadcNMiQp3pxieRiyfnPuTi5cj3qU4sHKnS7f3FLHosRXhs4kBaoG2Ub9RTe1cVNjburaNGbab05hAJNbuV896FYuui6pumo577p0gAAx3VbkkSuJm3W9w5j2m1MbNtEIBFyo5MK+6vUXVPdMUqAIYNK/Rwb3m8syCPQMGwsR7/duJtsXW13XSbTsBsT2Mii+KCT95rY3tx6o7MIccmXDSoSrGVDiV4l2v7me7XdLhCvV5pRj95vrzN7raLnrpqUcqQhPVq2oS9WbFRQDyBPl3PLcD8HuN9dTTcQs3dScqt/cf+91vNwxzg8jF2pNlSsFIHNmuQeT9L5IkIqxKvwg6jcnsnZIBM1OWOG3l0a5yNMXIHP3OJ+pCY52tjdhRnNdtzLAn4rcybtu3JIBqrjo/OCm39xiQZIIW0Lq/x8iNglznSkHdBeP50nP5P4Ldl8Y7uRiX9dYBAHdtA8kbqZ4dDvqXjQS97IcvRRfkSh/4cBke3ey4zKU2hyz35xLx/uTDwXUL49h6syuUyqFbTMZyuJV73N5cMS69OOyPlg+XhyVcYx+c8BRVjYwDZfPOWvv2cPgNxW1JpoTZY7Rbw44wocvLLHeOBz7KmryqISpMzKB4xj95gTdQ2ZtiESniCSkSi45tHHLHNbQ2TQ4/SnwqERFwRw2toVJLTSOqWd6NCHrkksPLLzUDHWEl5ndWDJXNcZUrGs7Kl01b8BHSo+EGWWFDFlwSUyPXrTMzhLzZnVMzCtZkZiKeQGfOWsLHcNcsIDkimNgQKnTGGd9orQ44zaCrtCNvcw1OLbhkkhCqgQuLQxj23KD8oFp2JOxYJQalV2rRtvqGK5/Rt3asQohI8iGShGCB0w3OPUp/IhqmC0V+QiiVluQd0zBhbUuBE4pDkOcFEyMDCGmR7OxjS6JeTM/JlaVrCgMl7bmBTjWVi3OBQtIhk/Ihi66WQ04s+TdfEQ6Uz4o5ss40SkiCamSRyjIxgtFVaLHmMUMlKG8gUZ+CIA6Fxwj7xIDtwSXTbYqqNQY2lDpUiINN4jRAoEPtbVVVVmrSyjGKNUNN542ZIjf9ISOmDerY6LRP7Vq2CCQ7wtDMGEl1zgXLKQNONeHsb5kHnP2KBr28EWibiAQ2Js9b4QSnSKSkEJXe0J8ElbrmAA9e77kETgX8npPiXChBRAOkEgFBgDl1FxDsVjEBpcN1zw2XAJfBM/4FiFpCJoeIskQYt4sj0mgjVcju7kNYW5nmsoFC0i2Czx7QbXJl5ce4ifbCTpEQTW2zMyXUaJTOAkpjF0wtw1ce/izYFAwZcXMHCs1ZUigLYBIfcoPIJLA6rKsbFUabW3IoJToIk+IQPlYEeB5I9Q2HF1mbhRwpjxKHVcFzgULAifOGcM3DLn6kEc58qxc9vHaqLwHTnRqg0vfT7dGp6RoE4CHmh5WchmoKg+2ss65hS1c4ax1zuezdIdA+VgR4Hkjg9abtqotsLvhBXSvcN4UsBTAo46RcIr1VaWyho1VoESniCSkkBfCTsRo6w/yVw2irSxFOUX3lJRab9hSVw/BlSloVLFGG4LysSIA80bCopIVgS4sxIa6AvrAZPpKnovWeGHgh00tX0aJThFJSCHXVTnl+WrriiBYVzW21iW6/MMbtq4QMTksJoY1urBTMrJWzgtcSYcWN1YbP0Nsy4YCz5sli0pWBGGlTFGUXFC5YKGqrRrwqdoDjcR+nr7xQnBfViAPEjGHynDgqvNk6HIZTh4OqUPmsgJOQFtLJCGFGNeYqytq7REIW6CdNgvWMJOpEpwp4W0+eN+Qo/YNTYutWuB4LLI4rK3R/huRSm0piHmzYl7JCoN0gFdueIPKBQs3Cnwdy71IihzWC8ddxTH/haiLTk2zcfhjexil8XgOyrvvHeD0cHKtSdKM5lxsEwE2X7Sq67opcIh+c8Jvg0s7TXnBeP6nJ/54yhnhxuAAjTeur8pu775V5MYjCBBR9H3/YSPS7Bwqvx0H5rYY8AZ36H+elJWLSD1POFneHMTAQKV3sZcqRDYNiIu8Jcl21wF5F5httywXigsRlyqDhkpkUAYVhArwMwW2lI1Vgd36zYm9j/iK/eTguZ+eS/yefa4IApp+cxTMrO8fy9N+51sjBRQxM0X/yNzo0+jrD5Xcszcg98ADHarE558nJUlM16UydGPl8VWvxyQVZLPKuyjJQRQv+AQsIA+ARLii6yI3doOkHp7Ou5Jsw8cTC3gOcYrBlrLRGx2eOUq/Oam37k8l+82Rb/q+X4WJIDwBNMrFWQPTYpkVjw4VYG8gtu9sebiLe+Q/Twp8ePDtCp24RUrZRQKYSQrCryuNSsAMyUNUERAxzkStwArXGRip/ULZVkAVnYswhKWMRNF00U795iSmP5g3CTs4DYZ+c6SeguOg6wMY6/FEPnxk4E8PhD9lhPktaG8glGuS5dlA//OkgEVVUkGg97snhlZLPf8hqTDkoyAGyaHjQ1TKF1aIiwRDWGruHLoj97vf22e9MSkt6n+Q3CPpC5pvvaFIBZYP+0aLFOnB8OtewpQiLYf/jcCg1j/FZqeoREQE8UAQuYCCz+BuL4uQ5Ms+DJAqARqXTTDuLueYTRERsVKjO3K/+K3Xsb4qImW/OXabvZ4ou9/69YfeKJ2EHSLDikmGDlRRB4p/NdBC70xVdcnBVxF0NMx2pvPtHB/ubj0H8eSF3X/l9w/ipd57dxrVzw1hoHetFgeleIrvojpW40CW0fWbI2d9cxQpZn0hqfefuEOmv4CERtlU16epf54UxO1NRFUBiciRjX4E6r5HdvsQoBtbyojuC2PcSB4c79Dx1J9vXZmC+vkhtPaS9mGD/8cBsgg8Xxw/UClEpKL/1tkjath18GIfiu1VGt+HSr2ISKq7rdZOA/nPk+JBfCYGhl104AoQFhORIHmBh/mBh21jCEvZ0L4RWMbNznGOg9D2kX0hSgAurx3YCm2q+eJYAamRnDe0uoPe4MP+MCkiUrgn2x7UP08KOE2jNgShBw2PHfwtka1B7hLPFYbyBnrf0F1q31AALnz2DRGWMlH+HVP5HWAPsefJyLAlRgaPyMHLXoNIMnR465JxVOt+c8LvfRiWFEVaxZW6s6JkDkfqJogS3g9Wo/AcJZcc4qCrVt0kxgVUXWqjQThVHDUVxW1FGKgwiGR0ywWyKGwbZubS96uk2pJZl6RNekHGf60MqsDNItBaUnjbJuPC16MS53PPUVGNw7wflbHNKu/uUHue4P4leBkrGQBVst0JtXXJZFRm/eYEGbiNM1ZfkbLkWvVT8HueoDWfG1Lj/6ELGKJL0Voq6GrNpR2rFsLwW6HiqKl03FaLv9ZpAMk0LVgtgcrnq6RScVEpmzSIsVpAO0o2EDLYKyU81k1BMGze78zWRfdJDFrZ5RWx58kjBYvEvEvFKHJwxB1HbF0yjmrRb074QS/TXCYirSKQh1hokv+hF20Vw/usFKOlgq6GDkqBxEoMFTUVxW0F4K91GkQyyUhidYHuR21bKi4qEZEVSio0ijXUVhAyGAgl/GGViMJmWAGfrH9SV1vAQmLPE7T4A2/ohesU22gKiK1L2qgs+80J9AY8+4GItEo2oHMib4R/iG6XCBeA2BJBV5U4UAhs5aioqWFVkw62tdYGkkwSE/h8lVQyLiphE8TwBlRb8ggggr2Swm24ICSM6/68MHR3l+XO/Q7tecJ0UdFtDQi4oiK2LhlGNe03BwEwYqn3e82gTEnMGt4B1mAWDIpH6U8YElFTUdxWoLKEX+vUR/JU+H2VVCouKrIJADUvNLKbQFsPUnjDDQjB69QzYs8TYkhmyyNgRlSRn1TTfnMQ2IEBcT6O8Q3n07HQ/BA6HqLCPkUHrBzpVh15R/tD7WjJU+H3VVKpuKiETVNUSD4SjtrsVDKjHHlRSFAJPOE9T5gPlqOq66juL2/hrUsmnZ8s+s0JPtO1wHCk1QBYXSAaLhfgGVglAvko21h4ceiKXzeOmkp5Mkt+7eUAkhs2wfD7KqnY+xI2HUQ3Fm6rhy8E2z3MjceXiMoG7kfaxnueiCta0fIAUP2m2ya3LhlHtew3J/qapfeUX4lxpNUgtDhOaViBT902eMQQQVeDDYuJqKlE3Fao19g4DANIBisz63wo0PkkblNxUQmb0LBFwGGxXXCDhW/w+EKA2z3Nx28efXYJiooPIrBvCe95IkiXR0Q3iLihw1uXjKOy6zcnxDsmq442RKTVIMSOuW1D6LBKLgtnMWTQ1Ro8jBhRkvuGwhrHbSV+ytzGQSTbpmIuNc1YcUl/lVQiLippk26n2zfkaouFF84eIM4QdwXh86Q5+XlMpy0lx89drMPG2jr4KklfPijhsTbPCcXYq2OtfeFYcxaUQ8S55yy+qleu5LX4kBmPMJAp4lgurfsjU+RDuQbY/eakImD3m5O34Ndvznt3D3PcRoTtJmqq1N9ocah+c+uc0Cyc1URNDR253xze4ID+BdoeGkL4djmiY/Wbc/i35lUI5949iIu6BSyLkZ6t+81N+8MOX3nlyA5nQQSPE8PvNXpGL2//hHk/8qGS5Y0b/nyrPm6QZdJcdNwgDGW1P94bDtFvTm7iq9/ck6+Hicw9WhUpFOZ6I6JTLdLsgMaHsrcq0v6xjt36zclbjPvNPZG9flf9F0U7fSsKM+udmLZv5tpgYni6nT7l7uzVb07eYtxvbnUOLx49ll3UMIVSAvObM3hOVwfK7dmp35ysVewnbRtG129OR/2epD5EHoVs1ntGM+aCQLvemBj/Qoq831whIhL1xXECmflAXPWb0/PdI3F1Z+VAE52TtecrIjLuN2eu9x6g+6hN8uDkGcb95qJ56h0RwWFP5QhN1504V0HAuN9csyqir5sU7huKjpLcx99/oBKJIo87m0rBB4PI1jZ8UHJSFZ6SwBQ9hOtRBcu4UnTj1ibKZi5RgIwzk6jrIodQaWcmQzCi1V3k642pDgYZQX7gMEPNAlRg0TV2XSoGcgES7w1EvkTTf0VNEODQB1+VbR9QEqyooaj80bXuUTgMW8si8mD7ELivN9KlXj9H869yUGKkoaU8GJaHw6uylk6WFTT1a1C+hDXEEpN9+s0JjmKr8wDdh9DAk0rlHel6tyyzT785wXF3eaZSl38Ahy0fNFjol5Scot+c6Nz85WW5Pcg23Dd0ceAgNnsFEyjjRpym79OQ54JA1ZEPFWyO0W/Og+cY/eY8eI7Rb059wG0kLpv0m1MQBIFt+s158Jyj35znzkH6zakH7LPe2FAhskxt6lU4fbph/z8Ymt8BBMht7nr/aL4KkntK+z0R06pxIh/2vRX51lnf6+ipSLPTisx3lQzMee3Lruz1M6PBsf1c94WZ9a20qFqd7/TapL2Wtm/mZrXvmzkMyOB+c4Wk3gF7/WPJe5ZdmARCmwOAmH5H2l5HQGLT97kMC4S1q1Kxd9o8QNQp+835VboHxWsWb/R9IXtUdys7SpHGpEonCgQ8+QSht6FvPUSw7De3uypz5eLaN9L5dfUGc2meIJ4KKEcY1tZy/2wLe07vixbCrt8cOLbp+9lygV3ZdWlRZXpQji4g/iUn7jm5vRBB128uIjxZZL4ep/QURQrs3GZHC4AR0PWb25MnfRpFQAFIr3A+62emANeZ+r7xVOya9vQHX3QA35+K6LRXzcfwpwKG7OJ9Q6Y9RVEV44qcJ703P7D7wlQGYVgJ6XzvdA7a+/kpnarvv5YSyPebUw/Yp9+cesA+/ebkKlDGp9nN0zpMlq66fzsZTnYIQ9ngd5c4OyA+y//plA7Z4E5rIHLtcxO5ORgWxbi/xKMbmZnF3YqYk5FgiCZmVM7QLLHJIaO0bpB8nJjPOxctiXPC4kQyl4lkpxnImPeZebLEzOvOJbwvz1h+d51ZrrpnbGSfO/yLk0niibu1zybiJFPAAfyMmTmnWOfICRv3CQTY+80BxbWbHXOXdbzvbimvlXMCG5mMzo0cIQx3QM+6UhLxSBK1mWGhyPb5WsL5yQi26TcHEhl1XMfPRMTzVLgbMorIVRdxdM3dzNwzjkQMRyTinNCAE0RxJyPYp98ccIwMCmYwzKwcG7zKNFni/ShzCdA2Le4ZJ9kJSVxn+/SbA4+JAwWQ877cohrOdesDTzyuAhnTMTBzd0KyX9E+640Bh9d9zevJIcD7UYg414Luz3qMgUg4cfDQyVLEz7JTFLh15iTiwbl9NlcHIIINcUgyjPxMDZvIsNQFoWNeN8wCPGW0JCdnfOuNYx9w39DnbjnXMYvrEn62zgOWaJh5+F3nWsM8BKucMJuExRs5uJw5PzkjOo7Fdb6ZkcdNXX53uOanmex3WSBjTkAYCFSj9eT/KPZjtqqyloMPSTZP+r6VVqJWZh5Gw4YWiXY9XCTylJCqXGDOa5LU6D6N5srP7aJ+rY5t+/6xMCCKmr6QWc9S9DNTYKnSEND6zaHcDmZF2pvrfd/PV1FeYTrqezvvFQ7kiDC3MJ1CawipshC4+s1RFTxTeyxPgDfzSD1yafq5BRSCPJuxQNAMS5WF4NZvrtEiRdrvCigQ0JzJY4hBnlFgmSGpCsMOw35zu9E8fSwMRGD0ajvvAS1RtX5SVQVZxqLfHJnAU2qKvu/TFPPEREXv0432EM2InJ8Uj35zM7ne99qkIMm5HXJZZYQhfRSlaJjtvRcjpKoe/eZ2I5FmhpKcu94jwGhEr0UahyXuEFLVBdyfJ/0aGydX94X5MPeb69k+caXssMzz7DfX/XbXynKvs9/cTu5lt0Xy4M9HhonFiYulGzwGAtDrlnkQff+BV5apOvKhBPHLY5i68tEXDpPfVMu3v0qtMakmWHvPBub9pYcHRDWgtCY6kxFZ0G8OzmJdHjoMZjsqYUQe9JsDn5L5I2M3gM/6OLS21KyNklNyaJs1Zjcqygo4tpC5HB1zq3iPOWxsy8zaQol4JWUq5oKQhitr9aJldtb+V66tjXlhW26sDatRGV0eFBKh3xzwFLqxl7kGxzZc2pJr1N+qxVVr47ACGheKMLYL1rWtubR2rRptq2NYjbq1YxUCgKxGt4Q0Cja20SVFXDlr2CitOj42Yp9+c8CjC+h4Sh5tqWOgw368BnRAt9QsYnVs4wG9FFDW2g021o78EAB1Llj5LPQGpiSkUSjNoaOwhusKvHbbHth9YRJhfVUI3qwvA68UrkEPZQvt8QVVuRFd9AktwUJJDqGHs1VLdpeImoFFhDSqATWTWKf16BHr+vi4X1GSGFtmVo5nLRzZ2JpBgUBV6ndblQFYMCiYsmJmjkNmbmzt2FOKpU1JzS26bnXSwI3omEu1NkI3VPJCx15V+i2ZbB1WSs4YpNL0sJJLLBYJ146QNh2h5gZsDzgJ4MYbx2gavmIhsdatGrfwiGPIgmMLfFOxZilon2UbRFtZBFQFRCNpQWjYIEreUCpHLl+yE3urIdsCF9YC1/eQjR3DFtJwYcHnYNoEwbqqsbUu7ahY8IatKwUSH5PSAmArZ61Tw3Rray5V+9hIMSb128aXN56uitxQ7ImYJ/1MRKSFKlpFKxKRCdD1+VzSC+G4U4fMZRVai0/GSs38HlwyQVVr79sr2gbCFsy6BCsqDUS4kmtLiG9jQloQmoq59FQ4HSuP2lTl8fe+MP7Dsy/6YXZ7pxyYNbP+qThUFUDOXq/F9mm0ihOgg2KG4yp4VCJrl6ZxjO/Z573US+MxGOY/+h2/CiQYBvMIS6WApCDLHj33WsD59UQCdIWk3gFtgbF4xRVcpMd+Nrg8KboPfnWWnaN7oZeVgzR88fVr8IlqXvvyRB4jFYhdcWR3ISmRAJ0TfbTpnnk7L7nMXsAO5hOjePL1er3fOADWUOc5g/Jb/4cGuDeQtpwIwcwPIgG63q3KxAuuzjYr7lwhm9c5VPzhf3aBqnmzQ1UcpOKeKC/E7xEW2/P0J1RJaP/qi8G6Z+AEzvh02zkBkQBdhISIih3ezlGks/xLLtCwok9N0/daPK7DYTM1DEMnQJf3mzdunFYuZIiWNNo3tBuJ7M2jvt+Zo31D87YnwAnQwTfQ6RGJ93k8GMCdDQ4l/qh8brhcBeHYX0IaEnj6SX4/alivH16q1+t/diijR2zHwFzSn5Bcfn7QsS258fvw7nhpK4t0GUSHssaXvPq9A8MNd/w5pZpIW7hKJ3OsnfFdIuToJXcZhSotmfUV2zAzl1AFeKW4EVWbJLLDbaPhsuIYh1e1I4ysGnOJw6pS4VLRbGHBDk4oycjw5lNk0UJbzcxtyRvWzumvRGvDXt9/olMsRVFUR8dS8mWN4Ycq/igR0BRVCxSsdFz7F2O7ai3uRJGNhLHF4VXhfaquQoSjXfAVOlxqY0suPYgYrAQjEyCLFhpWIy/QgiuoNiUuDMuKzqW6bNccQl26vcIbOKCpAl8ubivjcqZrLBTCrshWjLVEeNWFhlIgNRBDhEuFd6OWxoOKwUowMomxBMAVWtQN3kiAyiX7zRUGu/rRucTWjpYA+gpQNKLmmujWTWFuoKR/8arFcHENuxn+Xhm1pcKrhugTLopCk+FSiYiqOAYr0cgkNY3hDejma5NQ5Zb95gZKBYc7b4gAugAU0JSgmYLzVkf6a/i0GC6uYTfD0ZVChVcNW38WHBPhUm1Z8ZoBKlsUg9V8ZFpWL0w0p32iLahyrH5z6266jbPcz9uncc1S3vhWKKApYmO6qnxKlM12avJm+LWAlSZ1FuQBda0RmI5Mra1a/b5k66FxyT33Ol3uWMoxwxsooKlPd1ER0j2JtBcqvCq8ODT6dqNwqYQnAyzQjBGMbHURlJrBbDfGJZu77nW+XMefd0NiGBnQtIDDGjWMXPkutkKGV4116z+spsKltlVjG7CTkYrBSjCybSslhsbAtVil2uPRnFzzr3sdUMapsGBeG8mApmOF9g1VpSWnPbCdEOFV0eafdkQU5L4huDJkJISIwUoyso0dc9vSWMct2EOljY6J52CK252pi4OdJ91wbZ+zolxmUD1evVFW8F4U1UbDVWO9CgK87s/XlDPDke0VC3gZN3ZapFrAmeYOXGTFCNrU++9yFQCwfSjW5YGlf7pgNv7Ae+AWVUDGqOmNsEtsCuQ5F5zLQQi239mwsTYwOg7Gw0bi/dOXA3OQ6Z+WHAcncHl33ItXcsnv4sipNTNz6RdQtTKo4pKIneo0WE/V6LZSXTiuwY0al60NYZ5i2miuamuBnEsxrpQQkGRqXDlll45BJA5v3iVLRE4Ft7j7BlQt2WBw7FR4bFvh9E+1bkAwWXiT6kJVD1kp1COQM4YhRQ3uzG3hsVULkzb05o2WiJwKIAOqAgGXKgxcJzUotoYmYsLrArhMsG4iiKEl7l0olSB00Fpla4mWah692BKRUwmoZFKBKASKnQpF1byBY8LrBT7UcEMAfaZeWCAKgYIGWTIGdK1jaeqBfKXLV4agfFkkmTEZQJSgyKk+LDheaHQhmqBFbHBdVPATMETMoPgRhuhKeNhSlNhiHVcFfIyOZHU3ILe3Pui2F8yYDCBKG21Bmb5aI64AfVxUC5j+KVEhPzZ1ZTWuGl4AA7U5WSVw+UDuqUMvNRlAjBCRUw+o+3+wsZ4CbkD6pxh07tccVLfh0dpQV0qCtieV3JdhUwSfsm2lqFJKPohEorGLVjxS2aYO32gygBghIqcCiICqAYZRsVNtw6hNsMGF0uQ3LAbD4mDDlDZwHbw4wWTzg+6upPCUbZCUIF+JlBh47B3XIZQ2kwGECBU5FVNMt2/o0mjx6VxVIohAqyNBOd2+oQVowkcllyeXgAXUVtR9FQi44wjurgBZaZdcdB2+zpSLSMNkANc+T9oGC4yVql3zOJUbndbV4lXa5cqecHKx0g3LOVg7fYDZBFeNoKjt5RmhNE1nTAYQVcRznw+VwHC+kOTkNXOwrPIcmyEoEDPZvtjyeXGTAQRVyWvx4WPSDEbCbshPybYu3F2SRlo3GcDBuei6P5L2ZvhBfZWIQSuuFCyvzAaAENl5t+1gwwrk0oy4Dm5h3KzANkWTAdQOF9PtGypGpWhlQOQFuC3DbADFY2f6Mls2Qe9HVV5EUXe0oMcrMyxH+RED3M3FLPY21/3BFe7lcvQ44Yqqa717nhC7XSkjKPcJfXz/+f4bmtmG4wDnnznIWrsqpf3pk5zQbdQ/Sul6yDhtnk7aFwHWyTnqwW5xQP+lPrInAMaGvnMtWc81di5Qc1auP6W29DbHcxX9M8labqQNlEwm0UJKuH4sB9X8JV3IIJdc52i5Zh2Ll7ATOahkrL2QgCoT33++/3z/+f7z/ef7b4g1b/rOD8zzLW699/MWeSt3Lho1z//7theAS26zyP9+CcOXfm6Vzc8rX/umRYZ5s/Ihq/zfF4C77rXKq5cvBJa+PiWfX7p2SGyTWYY377bUvwDca+l/vTRinZmT55//b9Lwf/Jn5OcEZuZJdzBkS9nzwsjMyc2XOXxu/5rLhugTn8S5f8vjC0Wyn7nfHSYvcciWPg+dG/AZHd9y2WSJI0jrSfjsTefGfU5G59YHT8c4Mg+56zhiNtcG5u6AYTPwfuacUixuYOau5cnSOrCtc9BqHxPZcSPfdK1hNq0zE+fEk3GVryUTs8SJQ3MIFpXAUGChOKB00tLzyEYO5GV81RkwQ3C9Osk9/cI8uemcQ3OLFGUO/8V2PPFEj0xMs5zMI3zTI2PBZJy4fH8EDJOb7bDuOvD/51WXeFKEn93MBuMxuqvMuYv2swNmyJ3ZzzIWT3YHqpaNU57JjYTVtIkM5XwVzBQzcH0TT4bsu3Ue3ci5m7Br99dVBQ1t90fg7Cd8M2O/eWRiZKAuEWfA7F1z8qx1ZvAwLudRged2fV9NdUsxOvRX2SLjT+RZZ+QwMO1N55wxioFz5zJxE6OksEueKec0OpfsgxWZG8B6LD9gEqBd+SYnmM65SaQcxIispk1kqOVReU2X8ZDzcJOfiZtEyIJOuSY3jojOOUkcsDYH3stnHpkQds4BoWYAb3CTR+eucg71ryvQ3AJF2b5QtHCanVxDxr8cwHWTJWYAvujD4pwTRnRKLCJRZAeP49EZjkbnKBiUEVlNm8gWWP5kPLp9GZNxyLgjGHmSZI7CMAMLcyXAbx4rwZiMQclI0Nxm6uXcxPgAVmKE8S8HGuDkx/gxPn+Ic3ky2c9JBOiDVh8WOXcjO0gyiSRfGjmjLMgSwx0JuhY9cOtGP9juICbQqzlHguY2W8qmYfIy4JCB+N8xcOMQMb6GyRE5j5kob7FONhi7i0NE+CZuuIH3Bzd5xg7TJq1z0UA2gMcCGvxh+yGQfa8h/qC5JRpDoMbSzZcAL2SGm9lkqc15dCMb6pDIk9Cp/sPlxGgOr5zst/iQazyC69Yjt5COR5clV6HVh4Tw6NRMZTyoAzhzwkKQ7RuXTYxyVJCWjWsn4hLj2XsIuAi9ED4EXIEf91sSNLfgkHVu4V8sogNqc2T8Cf5+Rc6dywdmw60bmSc8APLJEkfqhVi90OGifXs+muTOLU0S74Wgjsi5mwOPADeCnyCraRifr9gyeCHnJhG8okNYkE3A5/QuWjLQ0GxQk6p6hohbGsbnK5p99EIR8/B5skHMrYvUC6G/WACUPXTY+JP7+zNGtTNZSMLn9RnRr1zn+gwzvPzYr/g9quvCThzlx1sVBJ+2NIWc5otWJnmz5FErz9rAbVbuQO8FfvTr5omRV1t9+GOmGZlH3jL20oumuQDtkKssmpEvVXfWOfT997VdLFZ2dKs6dr9czbHjPvvuukjFkbz94MPecZmCY6Sz1xajByUtBef9nYeOZtnftOd//nTNn8LvTf9Opkr8l639zu84NVO+2/4DLjJUivqvn54pf6MFx2Y=)

**图：SEPolicy 高层目录**

有关更多信息，请参阅[定制内存和 SEPolicy](https://docs.qualcomm.com/doc/80-70020-11SC/topic/customize.html#customize)。

## 观看有关 Qualcomm Type-1 Hypervisor 和可信执行环境的视频

**Qualcomm 处理器安全性 - TEE 和芯片组服务**

*在本综合教程中学习如何使用 Qualcomm Type 1 Hypervisor 和可信执行环境。深入了解平台虚拟化、安全通信以及 Qualcomm 提供的广泛安全功能。了解如何使用 Qualcomm 工具和 API 开发安全应用程序，并了解 Qualcomm 支持的关键安全用例和合规性标准。非常适合希望增强设备安全性和功能的用户。*

<svg xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" viewbox="0 0 640 400" width="640" height="400" style="cursor:auto !important" aria-label="../../../../../_images/video2-features-tee-and-chipset-services.svg" class="align-center">
    <defs>
      <style>@import url("https://fonts.googleapis.com/css2?family=Roboto+Flex:opsz,wght@8..144,100..1000&amp;display=swap");
.svg-2 .bg-fill { fill: var(--color-background) }
.svg-2 .fill-text { color: var(--color-content); fill: var(--color-content) }
.svg-2 .video-hoverbox { transition: opacity 0.15s ease-in-out }
.svg-2 .video-hoverbox:hover { opacity: 0.9 }</style>
  </defs>

  <foreignobject x="0" y="0" width="640" height="400">
    <body xmlns="http://www.w3.org/1999/xhtml">
        <iframe width="640" height="400" src="https://players.brightcove.net/1414329538001/BJv5wEFt_default/index.html?videoId=6358216309112" allowfullscreen="" allow="encrypted-media"></iframe>
    <div class='topic-detail'><div class='topic-updated-date'><span> Last Published: </span>Apr 14, 2026</div><div class='prev-and-next-links'><span class='previous-topic-link'><span aria-hidden='true' class='disabled' data-tip='' data-effect='solid'></span></span></div></div></body>
    </foreignobject>
</svg>

## Qualcomm TEE

Qualcomm TEE 是在 Qualcomm 设备上的 Arm TrustZone 环境中运行的软件。

TrustZone 是一种基于硬件的安全架构，通过 Arm 处理器的安全模式实现。它建立了两个执行环境，具有系统范围的硬件强制隔离。有关更多信息，请参阅[什么是 TrustZone？](https://developer.arm.com/documentation/102418/0101/What-is-TrustZone-)。

Qualcomm 提供具有硬件虚拟化的 64 位 Arm 8.x 处理器系统来运行 TrustZone。

在 TrustZone 架构中，有两种安全状态：

- 安全
- 非安全

在 EL0、EL1 和 EL2 [异常等级](https://developer.arm.com/documentation/102412/0103/Privilege-and-Exception-levels/Exception-levels)，处理器可以处于安全状态或非安全状态，而 EL3 始终处于安全状态。

操作系统在非安全的 EL1 中运行。安全监视器模式促进了从非安全模式到安全模式的过渡。

Qualcomm TEE 提供以下功能：

- 从受硬件保护的内存进行操作
- 支持加密引擎、PRNG、内联加密引擎和外部保护单元 (xPU) 等安全块的电源深度休眠模式
- 支持安全外设镜像加载程序 (PIL)
- 支持子系统重启
- 提供内容保护
- 支持运行受信任的应用程序
- 支持熔丝管理

**受信应用程序**

受信应用程序 (TA) 在安全的环境中为不安全的 Linux 客户端提供服务。Qualcomm TEE 向 TA 提供以下服务：

- 支持可信应用程序在 EL0 的安全环境中运行
- 可信应用程序的沙盒环境
- 与位置无关的可信应用程序加载
- 不同可信应用程序之间的消息传递

TA 从受硬件保护的内存运行。然而，需要更多内存的应用程序可以使用双倍数据速率 (DDR) 内存来加载和运行。默认情况下，应用程序设置为从受硬件保护的内存运行。

## Qualcomm Hypervisor

Qualcomm Hypervisor 提供了一个现代虚拟化框架，允许多个操作系统独立并发运行，从而提供高性能。

Qualcomm Type-1 Hypervisor 有助于托管多个可信执行环境，以实现安全用例。该图显示了 Qualcomm Hypervisor 软件架构、组件和虚拟机。它还包括一个使用 Linux 内核的客户端虚拟机的示例。

![../../../../../_images/qualcomm-hypervisor-architecture-updated.png](data:image/png;base64,UklGRvpXAABXRUJQVlA4TO1XAAAvsUXkEHcHx7YdR4qkajOYkNTvfyXk5GTEnipJ//9twLFtN24DgJ5nV6lSZTdZfeqpTa/JNgDifwiRbLuKzg2PbAQLCFmzq4rMe//ec1TFtk2tCPdRgAbSiqiAbyNMwARflO5FFBYRYg5YESEEGcFMTEg0KDJpoojSaVRgbel0JLgIIaIIEpJkXxIiiH5ggmmCMMFyte2KY4JngmtqvfocqCaCKCaCksrSWUgRxES6U0ap3BDi9mDalk+oJkqnAEv3QlC+CJxEWT4RxO4aP5UbVEO4wsf/84sgx07WW8aCcLIlY/mfSfZTuele6uUgH93LnKH4RNCcIfFw6o2bcTWuR7cnE2rCzM3pKMyN5sS9m5MJc9sqXO33RnP7Op274Wq3d2yHrYVjO7iafR1GC+d2MDUusK3caMkUjs0wmhtmogUXuHuDMBfmQodzl7ZVGi2Ehmgm/nYc5rzvhLjzthPqjuswLO3nVG0nzLiCa/p/lu4gOoJEqnQo6S6iiIEQlOkuBIhg0giXAZUggmtznZYfoYAAEcRGBEL+nw3lRMgAVOvuRKgUFGWYSkBRhukOKFpuugsh8wWV8vcAEQj5XUQEEX5mef/+8/r173O4+/j/IqbH6cEK5vSjDmuZGJSPBU753ODV6lX6WTpKLQXZcl7YaU2LIHOY3j4v7t8vXj6uXAfpOIgkKXB6/MuGPwgxEBETUJlX1rbofOl5uKY4+bHTn/0xntpjhw/7CmZmJm11esVnUcwapD3RevYwb31aB4Z3oGC3XrAedNSZhgcXl8o6Mh4FPYwq65n1qK8KG1z6Q5SoeKG/Nn3iZd66iQie+F64LQDlTJI1h6qdXUnvp5Zd27w/QN7eRrYbkoG8DA03mYSbdDIt1nsv79YUXIqBYRhKpnZL3qVMybeUMgkFJWpVKpFwN78ML5bLZRDrfsQT55x4Mqsqu6s7l3lOREWc6JMRT0T03xttW1ls27ZVWIuZcGj0ChgNRD5Cf3qc/k+NJFfbFsrs8ZjZNWZmxlpHn3H0dvTZA7Mxh5mZmWnaDEtl7hOnDk2fE+5DdaLHOBAen57e0+PuMTOz/U9UqbJKqsz8ZaZ+3Vk/YZagFNF/WbBt1W2zbl7KSCoRRJUdcSXzedUgHvW4hyPpyOaJJx7x2Oa+d7tLC0FHNM+b+BHD90c/9M6EpqOJqsFb/NA7EKKOJIqvetTD70yoOpqHz7OckHXkWXM3bG3eNIN/CFtPNoSuw/rP+s+C6uhAfhEwkNGmJD4XYRZRRHotMjoGuuRAJEGmMjH8kyJHm4hQIw4wRrL/DifSr5NC3VTqNqYbishneW1uI9f6A8G5Jz0SIrxurgFjLAnm1WAtkhMZ9+8OBFBBemt0ANwxcxTgJigW0jV4cUwyPvDrgi3k/aLdEeR9Ksa5vPY5sG6urc3QkO4bSVsCZLA+EwEubiPWUiEFUUF6hJlvBRVJ3IHq1UT6jiM6yzL8Aw4ar00CrNhoDe7od/UHxODF9Zyn4tenTa5tEmdw63A3XZLKgMvrEkWUu7FMthHLkZCCqCA9kmT8icp4KMJdI2LKrJJykoGRdtyesYywZZsCuzZI0MZPjKDaWHwqQgqqt9DgefGgCitDCxMZmLCbyhElK48OZHJkGDiZVKhzKoMJtKexFxluQRwwZEkckafM3RAkKExh36mISFo312CGJ1GULRYmJrd6mRg6L+J0Y7kmf+IRdSzCFZzWIzI9FVwr1YFR1ugZga+PM8Kob4GXNJZsWiOiAmDTqCBvg9UCwA0pa6biOlOnbAv6A/Br6kWGmbEbiAP7URFqwRBGkiaZWkUU7+QIy8LtGLkX4MYY4DrUCOS3HseC20BIJjBBeQATFNI61+zgbKFJkpiTJBEcp7ixXJM9FukB2aGmQW9rVMgiE/A9QcqmjPLa04hIhrlZAGwKFTTSYHWAM9+yCWnNkozFZQR0JBkaeXAadWMRSUqdc5UnMiQ4QvIonCQeiqMZTKQ24dgoIWQNxGUTgwblgUiH8PCSYiJjY4fzLXKvVwlTvXZA6o7Al3AAhBlxa+caAc4WmiiO2UlsqFD46B7kGr2qlgDvpUeVlb7rehkBAeBiE7ko6HZzkmnuYLYNjZqOZJq5ExkMG4ZI2o7kEMFXEKPBQshyn9DxYBixLRlNxvH+g4wYSQT1zc3ArGOyuJ9I6hpVVITs4LhYSJKasFFCyBqBNodBBCmURTIEWUxgU3ksug0LZFhNovAyYu6BgMkgo+Kkfa7ZwdlC048O+l5GSAnQfD9yTQY6J2pwkpijOPZ0RXRsviBJRFyFbTZJfAXNDinReGYVB3KwIqAjyApiNFhIjYeNG5j6GySKcYMtBDuRY14rMDBMUYp1nrgETjKJ4ngtqhcRG8Ns1KaugZA1RnFqSxXoBtuOKlKt4OqCoKuiHl4AWHJtHXC2WDyVYZIYDdHERXhzuSZ7Ji9dg0gPUrgNzBynMmGHGqWI3LIxEOgWBHQEWUGMBgsoVEAYqMrckbgthMLq+iZ2QS3ESQaEbRwd+LXonLTAN9uT9LkByoLeWuStaescSBm1eTjhuRuMDlwHoHNtLTonLdDONa5TqAawfq6BgaciwFObR3zNRyjTp4gq0rVC394EX0GVAsggQ3o52haouMy+oXPiRfJmPsiBxgXq5JmISKQgTkR/0HPXi28kHrPaGYg4NhCykrhsMqotnEDOdbz1gBc9AxEqT1VSZe64E4kgQatI5XVzDSRzdaIwW6yw6VeAM8vEdby5XJO/HjBCm+0kcUdGoDNZ0YF0dib/RDr4LcBkkeipBngFX0GMBgu4KD0b4n0EumwhAzGwkm+ajtoAnfKIqAwp0toRZ504tjEUkQz1tfc6kcS0h3tZHLcmwtjWbfdBOPXoPOUJEDDkhIR0IuLXzjV4QdDa4ygSmfY2l2uSX8yDbzJ5mJ0O5DCpLKJ2lxH6thAGcAizawbvYsFXEKPBgvvtbnvB0clkIFNTiwQVnjXgwdQyOt5nRlQRbyWPjfSByGjYaOqn4gYi1QKPpQIIWbgnc2u4H4OuMVsPBl+56YCJPEVSfEZ/oGPWhrVzrTMmkUWJbLHQOYdODBWZDMXxxnINAFmIfuD9J3aYk0PJC4raAdW9GX4LCFinnt7h8Aq+ghgNFlKwEtKKd3CXJqQAMW0QhWDkHgBP7HRzJK93ruHXcsydk7x7Bcg9d6Z94wY8lD6ZziC7zAD3mnsBLnFnpIy7d3LqVymeqFY8badG5BIdcEbBcTzaxV5f8nv/URgf5A+z/rP+C9ntLM5ngo3C+i9M8uBnST+OGt3FOomBkf3qFQDidzNct6JfvAJC/Aaq89dXgIinYDp/CIU/Q9jiw7GZ23wmaWrumdyeO4eSe9Az/sh//OVT74GK3f8PkiDip5+MWhfrJEF7ekC/hj//RES8ot/wxzb1PfwbTOwPfw8av5lb8/f+AGxfQ9UHGv7OfyCl9Of/1fX+6l/8munwxw/1j6zFYyv+Bf0DRtGHGf6ef2UjX7/fmxsOf+Y3859Zr/belg8285n8hn/rcTMu+3mz4RfynwHB8K/9I6o/IATQgaz69/7xhj/Jql0jTFUzVPQvBNUMtDba/pGG3wk0fsAYufPb44b46T8yGpz+Eda9Iewf9/pnCAEGvNfv/ctdU513TaGw1w4GAP+CNhKD0aru8Q+EbDT+zqZg+QMfLviHHjflzIZ/pNn6C7BKb5pmAiGA4I+D9vXf/GeAxMe/95EASDQqfu9j+DNG0v4v/05TkORut5Xfayrx/AsZ4fSPEAIwnf5OUugPSOBFwR9Q12hFhcjf+5vBv+608i+YivteM2Kve0IAQXhEdNo4kj1odvmd+i9goLYf/IEPE/OZ/Lv/0X/Rdf/931jLfefbZsTfq8D9I2t5/wL2fvCb//jaHrxc+EcO+UPEB/3F//X/++n67v0f+VkD4g/ovwAP/70b2Rz4saHdZgy4JDAf8QGCv/C//3Qj7oMfNR1A28nvRR+HuqZ0j1gAfdjvBIf9vb85N8XC3wsq/tRhf6A5jPJ+8z/yO42aDxD8Zz/dkDv/K2zzJ5oHxrCjj+bmw3E/8NyqH/j+j4NmFs3g7uje1g+cAGr7zX/y8QME/9Om+L9vjfC8P+cehiMD1S90hIA7MAPVByD+/NcWi9972t1bmNrTrx1Eiwy3dkfxJE5l85n8hf+46978pfXcJLxVg3WvCPwX/9v/+y+t7dL/Oo+K/fv/10834t73fkzsv9zUH/mvMX7pCajX/74p3jVq5LMR96pVxdNEyprP5P+4DX7z2dUo3HpFYG58+IFJ8qAWoWr/MKwa6z8Fcf5N+No/Tzi8qXn+wgAN5JiS8LwtUSrY7qNUGubDzHwmfPj/f5/k873zFfITr0drMZHxemQT/hxDmVl5HZEGN6bvXwbx9y3iyi/KWPLGa+/RCfPyWn1NPk+5/XCfjSUm6VDVeyDikjlOjNH3In1tUCe9J0guSwJ/QJ1MIyGADMQk4k3kRkY5igdQlMciXEGLzlRcZGY1Gt8/PA/7r1KYwR0zEyRnzHpCdfHxNH8iruPYKMk9wXT8ybgHtf1xo81lQgAGCp2OmPu+awR1MGDoEqW1ayLFQGN1o3dJHvyrIAxgwFEKNT4wSQ9KAIUcHShzloTKBQiUk6QaOqCLEEAwGQOhGSiPEimS65h56o0qo6SHcdbBuyRET3mW9OPBRGSi85n8T1Aq/xJNEmCyAdCY83TUaKPxkjnLEMHTMSEAY2uarySw0OHRlAc4qlFGO3Nvbe7fPhjQ7TYsAsaDqYyfA4wa4EbdgQXTnsKThOl7QgBFQsSxiND0I8PQEQBt08FuHG/6z0DeiuhNQWNmjzcnhyQ6mijQHa3jsUNeldEGPOOSG+/EQW/6x/98l++Isje2gjGQDIBaJj3db/uYbZtHjmG7+/qbn0tOkhvababoe1hU7ZQx7QjIMeyEEnk0rVzdEDW5jBsV0Q1QlxNI5zz6ONw1pSME2A+Df2BsmI7Jw0YuUyRR7vqedy1hFZkOJDJ7EdD4HXE/cJdQP/AESXIEiJKSJNQPXFKrfuBDZjZ6BkZBtPYDJwPJiYy63TIkFumgowTcvnsPgcnNZ6JGsFGoEZwZ38uG4c1nAqadsg86GO8Pf+6K9KN+LrLz20DcoCWq86wrQESJ6cRQ+OvQ0E7c7yTB2ePFav2HDoQB+Uww7V0QW/9ZaBinMRnWzXwmmrIi4zQmw6FYzx3jNCbDoRiDNibDIRKTNibD4RGTNibD5j2fyVrKK1M2JsPh0ooM2pgMh0hM2pgMh0dM2pgMh0dM2pgMh0cM2pgMh0XfRq7jxZokxpeR72tp+mDsu244LJ2Jz2eCsa9WZv1n8RXO5DPB2D137GT+DArPwnSO/hQMfo4wXT4TelYGwvtTCNOtiOjon/2h9OOvM4w9Ei/WfwfKmNx8Jhh7ZBSt/7ABo5vPBGOvyPrPrLD+5zOxeuQzsf7nM8HZ+Uys/yyIXJqm9/KeVJSmQpTBeU6fE70MkWeDi16GdKgeV4YXrbDLw38ZJm9wEm+IHTfl8jvhGyW7wYlZhhXnLQOB0ig5aIi1jCQ/kCSeRpoMQogydDxn7IpehsazwUUvQ+Jpl2KXYfIGB3JD7EihITZyaIiex0hq0CgZu2Sc09fS+p/P5LCjfCbWf2SDvU8SIwZBh/Ufoex8Js5h7BVZ1ln/uY7SsP7nM7H+5zN5DYxxjN8VHQGy2u7H74oqIKuN48UKIKutkZPRAXCveTD8Jwn+jkG+F9x4PYSxmvJr/n0gVtsNL+bXoEVAGAXH6iyFMGZzWRkPGzf4ZCJDxPPR64N/8n4A4+MXnl1PEEbNszlBGFyrCcJIpSUBARRjEdm15ruPvxJdI7o3enbSDWKmB9odxZM4Y84Tr9QDRIqHSPEQ6daEPZtmzXJ84McWgziu9F61qniaSPG0nWbN8pMDnlhBjyuSS8w8MVIEwoskFhYBIs8BAxltSGJ+LX23CYVHb0VEFHAs0+5uZRk6MZHXmd9F2GCW7YiwWYlDkcibYWt+kHhVtv1oolD1w/gTlfFQhLtGxJRZJfG4UdO9lgEmoi6TSWRyxOwljSVPZTCBVjD2IkMLgzwWr+eOgHoRziLqZHq8gSzjgROnG8syLeu5Y9ygbuwUWaQ3IhADJxNu6IG+3CBiAK7jKMb5tzXATTaQZUOgT1tnGcbgjtnLhMKocBIxDtVDjTkbHfiGlJmTeM5G0aTRXkXyW9tjFenWzrJOZGCytX2W4QvIypFkJ40ghHGpwcvI2MfU4NmgYL8scsw8FsX0At1xIGWw39pZpuKAjLy5LEMX4Mj/AcUQqBghM2blGFu3+027I7q1sywJdP3msky3rqTgnAGURSQRDNiDZvO2ZIwtIN6KRP+wdpYpZkNZpmUrMnZUXmf2hrGM3IFSEjsH9R0zd2yFE+zAwm931s6yLBLXyzIcAbrnFjIQ09CD2urrjrKMSUTRYUM7Eao9fosiIiJqYe0sQ4eNu9ZZBpwE07y/fcYiydA5kf4tTh0dyOvUOmPSrWQmcv6TFgJ0CEcnk4FMu148c5IhARoxOBARn+3w0VgkqXWsJbQ2kGU6NcZyU1kGFJF4F5gYorzVQbdcRveDED8DVQK3FZJM7gJy3DB6u5Nk0vFzEb0zMIPLUaKZkRYQ7gPHvaZG63ZeBJi147EIg56V/hP24tFg1E+eO5GE2h5GGTORgQm7qWEgRho1UpjrGEQKKBqPDhKlenowmKa3BBFYdcuoDZzgiH5i0hpm7TQyuHWTJFUVGWeTSwPYKij+XQJDe7UyMVCjdcci4H/ZAQHHJEBYgs0BSNcUM5TeGEvvGhK8mYO7/ySoEbYZWmI1NYi8LRjA9HsuQkAkOKAKSusJTnyh3IiVVJHe80GkeIiEmBhRo3VFeiDHy6TrehnRpMzsZGhEdqlR0SV5jhj0ctzoBvKdJB6Ks4wU7rJR48SbaA4Yq24YvzVG7ngZY+OOIRIcMGpyIDuJKDucQTmB/XAujcx+YxnZgYUMISDUhyxPpkbrJhkNmBmYe47iaDzzsUjHnFI3NbqSeEyS1ISJ+8O9CHW/HmtDA1gbCNVT0bcStgRHOInMmurIZHF3IDWLZO5FyFwayBjst/tAJkfrHk9FZJyhye9FLEAlwDkBbowDWSZRUmeoXkQsDKagjcGIBhCq7wViTtgSHCHSEyUHGxVrsdsQQBPfegzzcTKzbzl53t4DTG34ZnsCxq/vnNhAzeYW7z4h5iy2BKc8wOjAQ+/ByElw/6Nvhxyk9l94EZk8N2xs7RdI8pmMBWRUvU38gd9s7sGSz2QArZNkYrRuFAdE8AhtBqav6xFgM9jVg84nHRMMRBwbepHKSgIbhBO9Gau+B7SdWCvKHI0th8N7iQQnN3dTiQO8+WGJyPNbQMTTbJUPEoK42kaQb0UvktdDxNO8HT+oS+KZGK3bw8SnDlOQHRAid0ZYVyToRIa8rkcIYJR6CKKeO97uvcwP7MVmo4sFSXN67uCLX8mb/8I/t5X7b1M87GZxu9hy7+3bD1xFjhmN1rX2A0d9t0dDAqIfeAYCyTweSwVwPxU3EKkE7EVGcjCCcfjhqx2j1LDgOkJ4u/cyN/hE54G/lDQTT8QToxsS7GIrmTzd8EgL+gs/lCkcLKHwRlUCUqyrcUGDMAMHJ3F0wiaGLbTk+BJ1RNfkAcoLqGY8IoFZlUWi+Ha5hzJ2pPbkRHahwPplkGWg6ptjSYTQEUmm6Io1wZtMQxm36/6fSY7ABHkiAFi+9JKsq3ENgIqTUBGRDJN5BCHyjmF6ewOZF0cC5VhzLwMxLXMPZuxI7akXlHsL2HIG5hOVpnsuQo1u6CVyb+3+j0dakGSRvqFnNnQiXSdybFuNC2hf5HkFzsRExjBhMzLnFQgi8o4YcALSHOcFvAnVt8i9hkHb3DMsWLWnXrphg5uBl+VV401Bs4F4HkrqRDpL93880qIFiSGmfInS21fj8rI4XoE0i1TYvptAMveSAETe4QEnACovnCizb0dunXsqjlV7KjbBzERkpiWZUqMbjsVF6Zns/k+NtLAGSAbmPlXigW1tl26c5/mPLSDJZzIW1A0TMzZiEETe9SiH2EDlhUjf0C6QW+deA6v2RLlPkrBUEs8Jw6/FmD5L93/fBi+JSY7FTaSy2mCeHT9xdTQDpOfOGCUnwdTiIapIR6EY7Flzz2DNPRJm7QnSc0fxEJkyI9O6QI2NGILWBkv3fzzSgmIgkmh4IuLYuhpXJ5J5doRwqcRm04sN5x014KSKVCIviM223AO0zr0GZu2hAag3BDk2Ior0zO26/w8RwHm2MASyrKtxJaib4MLoMCggE3k3QHI6kz9EXvQow2y5B2ideyo/xqw9TGDUf2IZG+GAtaL7geORFpZx3TaOBbTc0KtxYbkzyHBCmZXHIhnlHTngREU8kRccnYyHNBNlSOvcU3Gs2gvFhPGv/NQ5eISiVytTvsWs/6xSQtH7JEE4iACjST13LNwOqOYzIcLYKzog77bXSz9Ed0ss+7hJcN0N6Udp4OSf+yYA8RmR3fQ1AGrtGx8TWHl2H4C4UBo3X/kmCDET1y3fgKHaXiuu7X0QIjJtPvZNIOImYc2+CYOvCau3D0RsGjafgsInhM1n8qUEiBA2n8m7oZCLLN7KuYrNIHT7OVfRrGu8aLo9dxQPkeJxbroW3G3B3Z5v/T3uftIGYSGaqrt4v3i39Cnj8qksZMdUtO98XZv//5poW2398uGvAr7Vn//Sybr8/xoAnf4tSMheuzZ0+usQr91bkK/0O8DJ41/5pmuPLRt+Wb/GQvYtT4QeUk/egiz0AvBGry81rsvqHHKqV0iIljZEdRCncUvzH9yHUo9EOKdIbfX7bwH7rx9/ad8T1qpbE1S6BF0bf39pd4ThNRt+1mTJN4UoPvbrgkqXr9Zm399fOk4Uy9M30PrP+FIdYewX6+KRvLVxW5r/6j0Ij1/vsal7fHzcGHsBfNPe2wKBtR8QZ2IvVEZtjP0+wDJ635otEPiBNWEmZqeGK2jzN0YIgHlozXY4zHD51UNvwvu+qUw2Ru6bpHWvqh2sq1btQW10n2m+1g78ga8MnahKb0zhiWoyBFEN0DR+VYJq+W5YqrooGoikfW/C3/wVENinr/WXtXGhN4kM8q7vVMvPLYET+Ae+MuQTkB8wdwNoHjvRvf8r4DTY105VYPlSlBVALvTShE+XoPXkfOV1nlQ1sAgzF1020s5UC81MF4aaDDGprq4bbmaqkjlqEdXCIB5FG9HBxMytGvHbnPmh6nlmXugMX7kEuwqXeqvF8eVyprq6eHDwCIInX/8VyOEvo6oqRdp3j1V/neRX9/XR6PQN3+2/ehRjKb2GRkDXcNI1yn8G0fTYl6+HDx6a5MtlAw6TnhkUjoj9z5FHUUr/KPueBBbORWpD1vDotYJcBFkXVPpGOULz489h+REPvw8PBsGzGUN0gTyKi0aF0zlJAZqcOqgv8ixEjkGYpTbUyEWvELIEFjQ3wq9D2d7MauSl1NigN4DUQKq4s4BM56LpwcG3e2DvECd/pQX7BAwfya8DeScpNwT9Dsoz5YFR0Sm8DgA0AmGEPMezrgTI44mA1MbeoxWYpV49SX/yFShvE8gPKK/fB6P4BMbB688gyaj6mijOAfIG2PELxBm3YFbZqKBZ6DVzqjdasGTH8wAUp2iELHWBuDGqrqB4H7Y0KF/YJHMJoRiWIQSmVUyZ/z9vpPrAAFgxY8IR37QBuL2FnwHL9zOi2Tho32slN/daYYAubpLB/ywAqfvemHBEtYPywkYAbV+4nR3ktldPbvbqYYAubhJXAuRSHTDhKNACqC5ZMKEYFkQ7e2wQITYb5ogljFnwoKJ6va25hJXrReKioMzjoueBaRW8uoDdgUDJ7FVrMvHyM72ErVvv7IA6ehNai+++0sbRhMeTr4xEQDhRVUNYi0XhCZB0+qud5rXwX6uqhe47k3MVUo0qw8/XIi48ARE+e9OE1qNo42gS+8qLEAFupqqGtBZRgdveLOuMmaHNhjccVrN5sKjgEl1S3/CsZtgsE8I10br1Ds+3J01VfS1Ovv6u8WyEfbcPgKABmrf9ul46jcVkmc/kpGuq6mtg7gvbve7x6+K1A3QnHuT2z9b2vghWPpM3Z/nwci1SdY1nI6uTxIaoCZYOs3W9suUPu65hfgNZ1gRanXywqOCVxzA8N1Jt8My4desdnp8dfnPyV+wYGwYxNdcWfKdl3xugvIA3Z/2uLXXtKTJIfS1/ed80h9sxTd+QoNKGrKU8NiB5Hd6cTtqy8BRgsYCor+WVrs64DalCjGVqAVdRByh604A3Z71oi8AI3af5TPhb0eL8cBYBJUSTyClYVHAP5iDIZVOjJ1q33t15PDn81sav6s8eYTeT/WHfm67Ondp4FP3qEVCNvJPDnjisLV8c/mxvuBUk36lmG8nQnZiStMDs+NrK414DpCB5j3X/c3NYW5K0qJKv1q8DqXf8mb4hQbf2YDeT0wYBXTOsFK0MMB94M2tYhgQOa8uViZvULT9yJx1m05JtcqXODbQK7ie4BHRuAFDr1rs8xthbQOXAt6pStQc9uH/5pNCg7uNBOygvGBUe9Ghujaf0+Vdhymfyzf7Rhpw0OdN/rdp1BfTgPglabaR9D/nOyAMqgjb6/kpbPKUvXAKSuV7Z4KKn4A7brDTciGryIVrIWtA1QAl6VhoVUF9uDbhDN8tbm4sFTHAP7j3OVk6jgVJhIeZylmzzNtG6hUcyUG1noIGGRSTgQlfChhYqqoGsOMeTZZgbzs+ozQDcuvV+iXZH8XScXliezW6IAPOpFoBFhad0Gd3+oZz47LmDD4Pg1q33S6z9gOL5gTWYrn2z7UfHzy4Z4k+XBrsKylxRFGeIL3yxUpVmf9wPHIJbt3ZHeJeegep7/3nPCJyP5Ouf3yK/rl1r+n14K/JLqvptf4vUk7Uy9K3AWaVYtBjrMa8tMJNL3Zl5oh2KZ1HjZs4qaV7f1/Lt3j8+fr3/7jbxrdh/ZfglGqjymXxT5FFKuU32vQU8NqpFhso6n8ml6tV6nC7b9T6+nXmii163gpQ002wlLN/P4sHQbjMH4B1z++5tOXLnl/bfIct+m64lb42RO2/OqrcY8424TcwTfUtw8BZJd3s+E7Pl2/0jMWlSOtSTDOyUGQ8Pxm3bVfw6GvpuW5Ps0aiS74iVuYI2rus1IEVdMlpOeJwIKhipFP5lNePhvX9UDXYVFQ19p9ckIxYqIxZ++0pV9zBDfZPnX/WPo+WUsNPFG2jXL4KuPBgBPzddiBeq9RLNk9FoCMVIq6oerIOAFh+7Zrz6WJt5okuAcoJZ3kyYg6omuN4ZEt2ClcAOzGmJPWZ2ILJXIA5V7s7IHbMFNyT0Zn6o78xMRw2lb2waXD3LpoLAtiYZmKRKToiVuWDA0J8IaOthlBMaxPIRQqRww1dGQNNKU/XnNhUEtjXJKsxUvPAbEejAGm9SyuNoOWWKsO14EtcF36zQimT5DK4tBikh8gLNJhVDAsRqhIVMrD5mnyd6oY6dqawHvWjUFlgcgFgRolt4AiaUvlkJBqVHTWDfqGWLkUzdK2WCVbrTLKy3G+b1YcEJbvpFM0N3J3gKqW9BI41NBQW9JhmsoHaa8cpcFGHfG8GOUU5ofId5JFIYTyGVjapgU0FAr0lmXaisak/x9TcwQxnllK7ZGZrFTlbIYicBJv8GzBIKECApwXIgLQAFNG3XN4xXH7POOsphjmdE8mAtAUxlJkRbSXoFom/iQiAzqL9oNnq3GYE5pnBNIHecaPYrBGH5MAHatMcAJtYmVwKwqCCwzQxouePXkRhTZyl+GnHymYiHSGEAkT82FSRIQIP11mag2YNo7YniJ5ZtPpOsb9D47TC3gCbzgx4ySU5BfdWAFkZI1KytVq7UQZOPZ0TCCDMhutVhAUQgeASMEZpa1pQaWw7bRLV3Hy4aHziBR1BBB/bpVvgKgFbmIkGKaskAzYp6AiKFbwGi+yBa+I2k1wCjxCDbFS30CjZ4LHUdeHGmswvYZbAWAGpsmAcbBQPKAKCwFYRoawAJBcIIiArsbHWjF9vssPOAC8iFFl2xJK4JJim8XXB55NKPPDFZGnVRdTkP4KIJ3mXw4GdOoDsVEfzWiXf2XW7X+7pAOv2qtScg4WaR2/TohcpCa0/aVgpr1et5wL1BFruEWVvPOk/0hrwWtPCgEKRtHpZbD9hQpYnZUIyUmYDbBdmH8pFLP3JlNWtYLZkbsuZGT4CTB6YQ0Z2KkDiu6rs1hPU5+YravB6d/qoNavN3muHKXO02w6WCdO3IFF6ToNICYqEytPBbu81yRtxCLHrTbG5PVGTrBSmiNxPY5ommNreA3NyG1puTZl6GcM7bkDkvNANAlmRQdGRYiKYx8UY4amIA18LmaiI3QkBszyvDU4fjfPnOPXLnBI7cIQ5bD1iZFTv9/itzGLEyl5FHHtbtvwqXZlVNOHKHSOH1AEWAFBvEQmXUwm9CH9Y3h0kZvrFJLit21tJL9ZpjMCbwgpci1GHnIRPYR+4UdXzdHEaR9ApCiG4DOGzZ7jDmpBdbk4hanKo3ZRxsVK88T0xx6RLhK2dNqJyq5yiHwyy/m4+O34NlxBjngfvVnaiGvQ205tZ31Mpcj97aDxwwfVKwjBjjPHCfHrPqSbCCFypjXvitGXceuLSN3i3ChxrYD7x14I2qLhh27U7R0g+cYGye6NHzwJl4ptB+EaLb0LofeIERISlakJTKaYabvPg0I7nSaHJmrsZROZxUy3JnZwaq005+QOFKcq1X4QLsAxx/lmFOwmeLmafK0wai7K3L9wiYtddfU11TydDsjEm4zgK4HxkbLnGoaKTxq+BQizlHtl2j7eKsCAyGbPKVz4RTcRauLRSdMVpYsi4ucQZ2z6fJigqryC4sIFE9cwrL3RyIaEh2veP9DVtAPdfzDNxUGOCud7wFRlOJedWwwAEn4E7FTg+qloHqPQKfCHPp+2v1FTafyReA8A1h85lsgvFafQ2b274Ggy+RsCu6CYrnssR9Pew7MJi3DNu1b+imr4Dwfpu46LXfgOFdXN1tCESlcUN00+ulH7e0SGBEsfzjNhIYUW9D+hETiauEwa4SgSgEA1GIBaLfbJFRzKOeT1tcDosJsrPJ5X7bp+4Of/bWkR3a4G3PvZf7/8nLBW8uxodijhdr2yEY1v/xYj3MYLxYrf9CHHMI4wU8WwWx2pZ4FoNYbVxbArHaGvWQwhjX8esYkNV2il85kNXGsVMpjFFNwjTEq1ZJ7aKJSD0icAoSk8BF4Ry+RmQr5TqKJ3EIx9oPKJ4kVb7FrP8sYw6fzGeSptb/fCYWj3wmnQRjnwdu/WdWWP/zmYTV+Uys//lMrP/5TFyapvfynlSUpkKUwXlOeBa9DJFng4tehnSoHleG7/oRdnn4L8PkDU7eDXFgyuV3wjdKdoMTswzfW3vLQKA0Sg4aYi0jnR9IkmgoGYQQZfA85FsVvQyNZ4OLXobE0y7HleEHf5hdHv7LMHmDk3hDjOopll8KDbFhNzgxy/DjlbcMBEqj5KAhRuMnQqcwUhOHELGi5DOx/jswppNg7BVZ/1kQjQ6Ae82D4T+JGIjIZ7vM85mMDsbDxg0+6WUI8eKSk9EO88gdQQUEwbG4v4OryC/uUDOQ8SfciRzvSEO4I3G8y8w4Na6z0UvaYZ7PZHQA3LEFL/2H+Q/SuYmBTLsda57L68y71RyJ9PyBHg3ruTPtGzfoXktvlMTd59HxDcClY0ECdqFnoOqA27n/nST3m+tgFBMO2fNcB+NIAD13NNyRpRuv18H4vrSZ4KvVWaqDUVxnIKy+7AjpYDRLq2Obz/1mLyAtjGJ1yTg4dQPpYqTxOEu5LranI7PKNFiKtdEr0nFmx0gXY+nFfvOZ6Ld0ro3mY91I2qiu/a7I+u97/zEr1lJ8jcj672+m4lCLfCZ/RzoQSV07jkRuBZHnzJw3uth9N5Xjd0D+yYlIH1sylsFtkGQKf8fReKNSR2ufkSIiw8zMz3uRqVJaug8pdFMxLnUPPgYCXNqGmPgM0cLahJZJ9wEFL6+PuTrxd5J36kAW8cxeJN8fbu+MjCK1E/Fg1w5q6UUGH07ooF1Xka4XyZzNfp0Xea2IPDqQyVFDnIr4jjnJYCwS+6mk3uiMSdKxioyzHS8TYBlykqFrVKI2gyEDueLHRkKSKYscgcjKoKGORbgaG7VyMq+USYJ2PckQmvjnkuCZMsqIfgJEgPydRqNsPBBhI8PbVNjJIo3OXrxKP4K6uqE5GdG5oSIdOIEHMoaRHVd0tZHwKUZhVMKYdClldJaODkYfTjDFA7LrFBMxLhpwa03miFptGgj3uoFyIzvHIpWHMkZSHRbvoVw/kAlzLwkwRq0J2aFfxRnnea5QxuJRTZwAZfIEUuFpw9yj/FUBrp0KqwfseNecG0jcEIvP6NxwEjmK6wxH8BTrUIPLCJxiBOiE5qk4WJn/EIMeCP7CEgADP5ERIBkDP5EhT8VzdTKAAkS8kVUblAdwP4fArgelAJaajYBexuDRGhoScyfSdSIVINID6+Rl0nW9jAZcpVATSQbIvBMY8wvaPgCjg95kfVRxlb04BgJGZr+xjGwq6AZ5aYjiOGGpQ3EcRY4alR6dG0NJnGTEDWB750TBCakiFZ5iNIm5Tk2Eekzvtl8gScwmZCjGBviTB/tBBMWHsQcNanT2YD+gszfiexE7RnwV6aBUL6MMxI9FUfQmEqP0DEgyAtYCGI0obiAmtYPPgh7gJDJrqqAWbYpnoGwgY7ifRYWdzknfnH9QXBap3ojvDxI6N8y500tEEXDpCMh24MRK8Ey2BKrRNRUgQ6BLW28XIsM5EccighjLAAuE5cdatNgliwxkxABQbODaHSLJaHiQAKi6l2GMepERSjfRDUQEI9IjgQmWH2vRYhcvQycVFT9iig3jqHPDSS/SAcmwFUaR/LEdXBVA90k6qqfh9sNsztKLNFAe/F6LZOBtFNjOqkx5Vqq4XiqKBddkGmucKO0p3SxjaSA9wOjAQ2+zRBFJTHpWRgdjGRGSU7Ohh7InbUni8Kkpoh9cRsd7caBe7TmLRNYG8D32iCQug10d2rxhBuDmF7EZWDLmjmj0mYg4BkRxGbb6os2qJYuMQL3aZJ7L7BtEBpwbiM3dVOIAb94s7Ewc0GaouTJ3jIkiMoD05syaila8uVUgViRT6jbFTPbcAQqsHtZ1TBy2UbABw4d1WHzFDEUSBHV78PRhsaL13IEXUKRHH9bhwzaNF6nMiuOGxA8xXUMHiejkJQ6jga438UCqDB9eVlLoEvj2ZubjXlyEtUPpk7h2/cAzbxhOEgE+geog92MwKhpTxehq1Q+8/0S5cJwgODrpU0MeiwymMmjVD/w5bxqVnoFULzLEBZPPxLkxArra9QMnsI2E1x4kEsl7yQ+SWuT+zj6jSBTXAfQdeQaqwd39ReW9DCAfEteXHB3xncRcDfA7NdyP+A4CW2Hyh0eY7yqj7h0b5rvK68iQXew13L/fgiTB14is//6mMdZSjL0i+7MN2UcP3ele2Jd/7L0b2dnZByHOojqb+0DEejiRzyTeymUfZTcIG7n0owhcDoW+b2WTb3v3v0Xz0nOn3IZgd7IX+xbvQrBxd0qY5X71axCecTIuLu4TCG+Z3wPAGoaNu6MiNqDYtoZFBuMOZQuKjdtTEA4Ie4bFBhQin3IobCmICIqNG3Q+k1BVbgYsR9Z/1n9mRSfB14is/5C8y9mhni0aTvUKstLScHOuGgpCVI2KdZjXtlwrcrIWS0UuvgedzyQdZsBZZea5qr6J8MsFv7xFI1B32lCq6sxtBSbd02yConHjmYKsE5HoVJYopatDz3yhxeCRcTfchBnzZfCIwEadb31CNYR1rHzRuJnTMap/H/pBl4cJflsXzCI3nEUMBXyDCk0xCr1ebQMm3tPcSaB1KlSiU1mikmagUu5PG0KAhj3ArwE6WRBQ3Xon1O0jdfletB/46Qx/W+bhhtmYQgTLGQ2sZFXZBky8p7mzcF1RiU5liUpaAeJ8yaczmKs1NWSgwWQ0yVwj8yKoEbPUOYPyJKhq4hKYQ0mqs4YoqmWVbCy0qFyqQ5KvG22SkWpmVB3gbOREEGFRLVjJ8j0i/jQCa0gUAuHcgL5fFEsFXJRtwOR7Guq7HdF3+1zmwBowXwRd+YZz8VoIXWxk+cCE9Wl0FVXJFmZUopNZopAWxnbDU34O6vNOXYPDcjLJeYA6XfAEMADRC44BXaYWbUFiJoghcZRKVSCWQcxx5usnITfUyEWvgJK4kveI5MMLBvZvqXP0zcTMTmlPzvLW2GXiPQ313b4JibMp/JIWKMAZAWLQwpQuHxy7QFofTup5KTOSohdUolNZopSz+MNZQYDz/LzmhguiAMHgVvY5OBtyO7xRMuMroDm04IbEqQNXFAQJ/IECa06+4cIILFBu0qv3iKPjzwR+hzKGEUULzVLUX24JJt7TWL7b0Dqcrxh+yWdGwMJQmQld0OikQFkfqGseyF00MUp0S5ao5YryvB4uACa0DIvrVqhxhVEpEDW1AylZ6LIl0eKBiz7GOPC9g2cop8oRCYQtb1kX7w2B9/bPhCnaH8aXc60XW4GJ9zTUdxsaAAD6koc5RpgJXVfqAJT1aXShthYiuV0oRKK/ox7GIFvrDJh2X03t2uDaeM7gNDKoEKxF2QSw02KJBLXC+CUgNFCIwkLqfeF8JtA+wkqx3WMmIXSUbcDEexqSRVVVCFASlYbQ5RCU9WkFxcyNzqgSlbScX8NMzQ2mzF4ljq13kXqHPHi2So2IuTpu7eXmsefOWTJthtQu0gapoKWRmaVuAybf0xAstKzpFS2b9KgubmdsdFljPyTJijPDfahUPgSPznCQHHWllxxbfhD6T5jjgsW350pde4haUUHlBiSqEUluZqk9JblkFC1OzxIz42+EpQKbYTfx6rGCWdgG3uR7GgxqJLdtJkG62m1u67E2uszV3gcnUrLQAgOAopUhNyHZRu6g/xR1HMHdaVAxF3A70gI8rGgLcIVIGq7VSA9LqHoVYgM+7DzczpI1uecBgEmUD6Ed5NXMMnKHYXU2wk5WLNVtq0DRYg0UvWJXNVoPqwhKVzGHaaCsTyvOFTVro8senW5Gyad3vBaG3GjByRQFjI6ncVpQD1DU2TuBE2WmiQb1Aw8tua6qxQh0K9VZhKqjIudwP3AWT0k+FJnFfCaC6uvRH6p6tsBFVVPGjc61bK3R8Tqnv9teVYzxTytP9gPHmyldPFcVCYytD8VkveObmuTOu0HlQJgIfnvMQLWWhicZqNJqbXG3c0tA7h/eTEBa1sLsQ94eLEfhkZmY5tP09qQuaihxhE0qH6JZ+sPb6Nou+8VAneAHHz/8otZPW/Lsiy9vhZevAP0GRT8JL97bzcvNetrfrPr8R0/5y+LvOf1uJf2rJ8z85Rcv7jPMvFvJjzMb5z/nJ+BjSmH++LLW8iXiqa/VB9hqs/9nGl5lX+tHo80/tamw86L+pNHdROdVb8QZMozRx5Jr/3HfkOqLJ7Vn7va1ZrZG7/nhBWI9pluknLXnUq/vEUmiYJ6iz82vSEr5yD8KHwEfg2f2e7P9Kb+oXUOIjaLQ89P9S5sKO2bfRmtsxD1rxGUo/mMTo5e1N/sm5j6w4VmzPYaX1uiRgVN44rL8EOsx3SYhtswFg7tHECmYLxGf1icEqXbcmO5ngP4VUNclUNF+uW8A8vageLGpsAdgCVOQuBxMjGDhBPbnfSNn/9Fg4s3cvWAyehXpGShyBsoPtR7THS03H1wgQRBCx4v6ERz3FFGgWJsKSIWuoavpSXiB6GoyskHh8LEYfrjnUDvkvWwRvTADvR4TMWp9oSVovXRVtVhV0LNKXVQNDk2x7ioYQ4yWPAJDaAMMuJVqWjLWeZdRxYlnTWt3xbwEwD9jlKxHi11C39WnAHC10MMiBPOTGpuwAcR135PRCzeQMw/fEKuINZwbAWCKqWubChJQIgQDnswm4SWPYABwpXPQ1oN1Pijg/UuA31N8WV9Snrd7G+bj/mNh0gsMHIL3vf8hAEYt+A8n3o3BOvtqgaXBBZi+16aCJhsBV4DVjNkowUseEcCpJKMmQucdns9E8VYUfggBbSaR3vyU3LxZ4L1QavMzID4S5BIqgFBORC8cYVnhwLYegk0FASHHEIF4osShCUBR8IT8h8rInZf7J82/FdBfJHjEx1cvLYdtGt6bFnN0WG/ER34WXhhgMDAAxOhjKVT0wpEJyypitwK6v4mWRCJBiiQRPEBGx4P2kCems7ax4f2ruu/rp1Q/8I9UP/CN89Gz4SPZDzy8YAzvM4L7YLqTU9ELTWaRW/U4FPR/LQ8fr9U//YjvqHv1AvDpO9ZYy4sw6iscy3pMxOY1WeiNDWrzhWa45FG7zQ8Z+EV3R+n3T+4X3T2gXug+VOOvoHDo9ZioVcTWAxQBeUVCH0YteXRDH7YU4YcC98l9+cWPI98v6N1gvFR0CPNenG2pG9t6TEQ/8DXhCzOVrR12VbVYljyy9QOneH81LzfR1i4ALnR9K5M9EMYRR1pUOwNVJwlTR+LFFCCyqLCsrPDs82bG7WctKS93k+mMgE/rs50V2k4p0Us/vvzxh38eFh/0ohmv3oGywcNB8vHzGj5FdPWpoZkXCgx+N1NIwYXFegCS3aNWm49PjI4+1P2z2mjrbSp2R/nhq2haW+Aomxc1oeXJiOm68ezdBKaBxkwnBenB3FIvODVCnpZi+MjsX5Wn/GmNNhU7o7zKDGbkjrVDs/eFj1TgpQEIo/B7MOcU4AnY4+UeTN8NtPdAHlqVzKZixzNg39UAZsjujc1fFygIQOkIPSx2ECgSNhUfAuibIU/BcpAknwPWCnBvlGIiLEqgzvLyvRV9MEaqzgzZ/+jpWl5foyHVjuLlvhJeem/m0Q4MLrRMENBsbsFsbvlBL+pTyKvMDfTmTG1+R2bj4rb040IP4lF0prMtMkE9d2CPlJdkAB1mH7kDC4+nnzcUuKgZPiziw8BqY+/GbAHxVHLQiLob0g8iIwT1337x40IA+4G/qD2pq5anoNCo+74hmJXH8qsnRD/wPdUP/N2Y9X0Y7HV9gzFg+rNupAcZqL788atnfBfcOxxAna+xqSC6OzAcAfQ0IWfgk/zxPRS5gqAyl/8XuxfWW0HnMzECWV570n+atVQGGhdBL2YA5HsQPAFZIiHvWCsCl5hOCcaQYOMg71q/bAcbuPNPJNZX47Lh2Y9QH/EAtHz6DsU2PtGvS2SO+5fMP6kZjdUMH025EfzOLsy8ATjXJ3D+bs4BAiZE2UGASO0kMCJ+/zn5RGIvQg0dc1/7WjbyRGIkgbkA4qcfIWYO751TzL4c6wvqicT6+gxt/7ihJxIjeBaQauMoL+2cYppLwByv4VPcipLBxN2mHWUTTyRm2QUeVX1P8WzveVeUL5CLYIWbzz31tDSpdqDIMDP/beSJxCgPrg3MHD7d112Hw9pO9Wbxnz+tnQG2dldYhADWfiIxK9yBlhdYo8cBfkBwfTj/YHzYi/ppeEJ6yNwb1n4iMQug8Og+fhoZinrwcHq+ORYaPzjyJBibjjejHt8fPxrWfiKxdl7ISMdOK/yxdszosJ5B75Onn380rPtEYnbivhgF/YMmgN8ha9HGRfB4AKvI8LWxNprOdKn4LWSdlplqYvTKZ4clTevw0ItgeyKxPtSa2bCJJxKzjY7/yOiRfz/lBwrEO2RF3qzecApLTlqMrtWSScALQXtDvLa9YXnr0DAD1Y9e3tmnpXmAQLxDVsgVfqjb8zNmoIkGPKJLQOQ5EdVOPJsQXLc+iGsCb0Xyj6Sr1MDgnIc06GGK8Gs3zMx8ljitAK4FF3qFPO8cwkkgvBUpIiiuL6nUXjX//mCnqKqqroVTh3ap31acPiecGIzr1husa7g/xL3AwG3C88T/ivBtqK5bD+N9koRlnDqjh4aDb7WZKEAUTY5FnM3Q6291pwsK/J5o8WFG4YVmI+cSZWmNezncD/x0wQT0e6INCfYDZxZNnhIWNZkibWfKCRftKvJGgwIv9uLH5rHzNrWUJJ5v6tkXsd3wH5uej5+3I52jT3Bs+w/rT+w2PHwES0lunmc7sKB5ova+FcZtGmZ+kML8YZEnXwC6F2AekohfYyVU8aT25Lus7Gt91SGo1ShbBPra7Wt4BqlffIQ/kPhT9G52evwJzPpH1bqJ11gJAw34XVYSj68HPWo1ylb4J40QQDTqU7Mlht7EyUwwiD3BCnd+hiFeYyUB8S4r8ePrQajVKFvx1AhIDWHvQVmEX2Tls3sbOD28gqx0cRtca4Asg17vBMHcvK/EfUfb8C9pPi+0xoCgVqO0QzwOQkMpT3ALffdF7OvHe8wbZPNvC70AFL1rZEUtc6Ffz53+ix6AXmOlhZeWx9dDEKtRroXR+ZNGPF5x+NP7TAiAebg1bwavDMJuEF/2oD3F7wHoNVbS+M8tj6+HIFajXI+Qyt60xPeoOLrPzKBNPjtvIJd5mavObhaq9ZKpN7KUxKsHI8Z9iBDRCP5AMlygd7oUyrmqoDp/uDDCVhqKFvTGmBrNwYuJi9GXjb7Q6GMMwal3dE7xBdBgDngF6etTG8S7rIy1YwpiNco1A/y02Q2158T7vXm+EgbTLOnCtsxLrkGMEqbekGnSBdq3JoZcgJ7QJbiGpAs4uUfQxDEAjZHn6jiDKDQsq3CEi8Zcs9MAX7QYF3Vm++gQnCKNCXj8MxTYeyZeY6VRAQ7D77ISP74eCX+s3bqAcUHwl1r6PTzs00ZQYH7S87MbLeQyLytj/jUzX9BvFu+8MgNxWS8RDmipb4C+imfS80bAzAhAb10sRGj9C4zLFYMCZmWE+oCE1tOMITgNB7SdsvWO3/fAzNcviddYyc/ofuAvA/H4eiT9K+vP43nWAvYhwtev8xT1A68FZULLsGjsuG2ZF+olP4YCFL4xcqBFL4ExptBwmhdoM9AWLLOdhmLKGsisMiiLkDQUPVBCsWeNEucQlljsDrkf3ZbRF9I5vzkzde8GvMyLFeINmUKMyOoxBRUsRSND3TQ3ySgpLBhR4+w4BQ73+MkXaZvS1M5XiYEXGLh1vWst6ihKiKEA0pmzenV2Y/UEVvjtXgZqMI9Xzb9vU/hsBW0zXubFCrEZwRIqU9yohCUgeLYAtDZQm/G7PLUSgYqYqYPNMO4D83ZlcXgG7DixzIsN4g2ZYhbqKeAaAoAVWBGGJIYZczKqycNAqWLBKLngG3kHS+UDkK+uGj/Ih3MIXubFBu4HTnCtVzQX6gCgj/e5D0tcDEDBizOB/cDnjUigbeXYCi+CqicWOlOkU0F9GN43W2gAR7E4ux25oM/iZt100MYFAG6AZp14h25Ez+0nk+rsmiCqR8xV1S+RODVOLkmcXvO83icWegHwGpsor8vqfDOT9kR1kGUovIlZf97LEs8Wt7Dv6QXH2YrvBhAG92CT2HUVGn96ySzhBkJeW60kcxZBANs80ysrYXmPiMFD4z3jS3WEsV+si0fy1mbeArvw+wSROZIOPd+CuwDtOQ8FUHf/C5u9T8xmCC2mzqCS+ekNtMQkHLyF+xaYBXChCE32+tgn7WkP4TYx68979jXcHwzMActyDe9bFDjg1ZAC4kozLDXQFUBINCvB91SAR70obI8seJW7zAUw7D4sQZSLFl2B6W+I+z1oXh1Au0l7YgKT9qC5dTLxE2p5qYWYUQcm7JzXEk5opCLKRXXmAz1BT9HVLghXhAVc6CU7U1PHzS1LhA+wJ2jEEm8s3gzPcUPhFMxNA/aNWu7wLtRUCojEMKIEeF4dQ7tJe0Qiz0JEHacq8RNqERI5BZg516GsJZzQSEXUB5OPAWQo2n6+E+IZy7aaIwsIG2daVMYDqqXfEDdGSc71ihgbQCAzGIWi2RQydxoP7HjC3NjB8+oY2k7aA+XNA0w69DNpFwZiRh0o3oe1hFs1rgTl47ltgp7bnM8EFWCez0xTypVeQntvJ2lirkJiPYwYf4sgLwJ0YUqNOww00j4wZtkC4M4BbSbtodrMRYjNhjkEiw8epP/1WsKLPaJX6iD0BD23eRguABqPz6IxtQwM5IqA+nPzRtWynQe1GiQREA0ws1XWizveD7z6JrQeRVUV0GrSHnYzVTWktYgK3fVawos9og6DJujZIWFhDLmpfxKedZdlQBOFUbuIhRYeFIK0zcPyjuNr1su1SNVhr9WkPVETLB1m63qw5FtDOE2qzu5lkAm7I8zOIAtq86U68oOKXmF984AssY3Wm5Pe8DKEc77jXOmqsh2QfkRDCqbNpD1QXsSbs160RQSUIm2F26An8oHgCXp2R7g6TDDAC2P8gJ3zlRy5s6rUx8kMjtyxAee4aXcYc9KLOz86vqq3kRuAFc8rdWheHUCbSXtgAs0aliGBw9pyZeImdQ3hBHRE58Gx08B4gp4dks05HaqmzEQ/cKRglpmpmjw0pdGrqmcrrfuBFxgDvvPM9YqEGBp6oVoX6oh5dRraTdpTgpE3Z6gvtwUm7CyvJRxBRhT2A5eAstHzhxJAGNdJ2WegmqW3/QxUszOLpHdrurJ5XVUf1QRMY6cqex+4pgLc6Tyjc4XjBJGCWd+V0ACYqQigxidY5rzX7web96mrtzlSafJrnbmKAGoMsNd1Ly+3wpPSAGaqjxwK/RAZabPcDGg7fG05sv6z/jvozjl8jcgUu4jplHtA6GM6lMNgpyW0N3+IyPNiFwp3O+umJjEL2oohyFhdSkBKRFX+tsusm5oMKxd7s/NYhZYsDtes4YXUWmfRSwqnkRBAIelWASkkgT5QnGPd1GSoz3HUAgQ8fLhcnGHd1GR4z7J69gPIY96+0+XwE/kM0X6ml5yCrjzGVVWPf19tRK8eqwA8/Om1UCcF9VNqnUbwa25hIIKnkH6wUJ1uMtad/oafyGeIDtcMf+aKAKhf97KsM3QvbCWZiybiuaWRTgr8U2oBIADIIXGuq3cRJLJYmIr8ybMe/4quBYD8JbhhyczVox8AFxL8kZ03WpBODPlTai1ANXNdPlQC3kYmDVtQ2PDpookxcoudAek4N4CDCgH1A0RnK6DtjBcaAdRzS4c5DfkTtGxAWQ8bJDJLuQfiCf6bQEiCzmeijN+2PUN0VAuFobxkmAcuCOK5paNujHKmqg8coiKSxIqoB8Lbbm+CFgXRI5iL3aB77qijdOZaexzW8QKOwKYoWh46HvOmJsVHZT+XfjQUQKxv5dKPHpGqC28Y03LzRbvNDgi4Njo3RKr8wIF9U5Mi0rZQdvQzRBPdUtodlvBhc03Ec0sjne3JmLlesavvRMjgfI0QlOUZolG/blhXx78Et0U/8NU5fm5prLM9PIf9wIHMWSPrgz7Lkb5loPref2wxehuyjxLdySHoRb1dmnRtZ4qvCFwa9Z47Cmnt5buXoppX55sinpb786sboNiJbiEN6y7f7eGo+E0QEnMM83euX7aDNKy7fDd6DU+b4d3s16NhCy0m0SdmLiFemc9SVTXxKlGvvidqaViJ0WYmlSqq4cIcp3oNp/L2qjUR2lUH0liMWr6bWEmSeGU+UFQDfvU9FmRJvFlmGADM6g0XvSC0I1T0YrDEDNz4lfkQ4FcGQQG1cfBspBDgt8FRCe0GwFbg1jcgOsEfoE4MhfqzrHJDvWoIiqyuBY44gqRobCh6M1p2ldOHQhywMgLhyov+v4ghuPW5vUb1J2wrSbbCtSYnVVWSeeAGp9cqqIyh2LYB24Hw3CNaB+Kyx/2gqekst+PV2c07rEc9EHabUekbVI9nfFrsw2BXwbVYvpvYTNBqMwdPgT+i3WZFAuDTrDGRb1D9zcAM3dnOBJ9aLN9NrCTZBvLV9ySwIiWEerPMXMV22DsTAAbUchgpeD6TFst3E/3AW0G9+p4oqinBAPlmmZ21H/jOAUSqnoFqdisvGBlx4mboe3Zq4Wboe3aqYWZm3uFgOTqA7h3XvBcy13Q75KR6ttgw1HQBTuNuJiNn09RbIp/OlnwZ/O3hdmRYwJdA3Y5Vaq0Uufk24s2jQ7oZbocEypkLzbcEM+/MEM1+Za05qtaQtI3I35agyZcEhyaFC5CqQeulq6qFGKcE5OgKzCB+Awu9jFI/eK4ztGzmlaZrLUIqXhKPGQWfLIqQ5TRyCclEcfcFdFwrt405c7oENt5QDi/R9sQ8C+C3HF8T60YYOWBfItWdOpyo82D+TGUz1wteGwIojishHzMqhnPGstCPq4ePGfUehnRqAF+MO7IMd9EZ5FLDAxUOc/zQeUhJSDCQVAWPh59bSeK1oBovrkoL75KpZRfNZwlNmlVn6Dcao8d9oubbKprROFJZ4SzA39orzexrI2wmxNoQUGjSKxihuYlNWhCyEEtwjXDrbLxb+lEosbIummGE7jltp7BWM+qh82ArRAYIqhFfaeEYihVdMK7xElVp0Xn2+jIjHsmMfaB+VTdHndufUuRCcwzFjkn7elETh8KRUFwZFgMg/R28qUrIouAqtz3L6y4M94KivJh5TUIosEAJ9xsilSXUQ+edCzcVWzZcgrt/1UMr6YOVymyt8dbTgnszXcDFHIJJM+CsEOtGIDjML/SGrQGeyZXeeMl6RbFS4zDsZloXLVnJpgHq9X6pG+KOTigz1cT4gWvRpXSq8DGLl1oY3cIhpn9Dd3ZQoMI/cB7IK/PrGZx0bgku2YknwCVW/sZX6LqkaIbzdBvLWT1gDq0pg2LAWGEbwkzUeHFVWngc5qUy8FBfk3U9TjUJs3UXLqEIX4QUmPRQKYhgo07uorcFxtXKlA1xRyeACZbfUNfcSdFFN5fAUQu+hUNMsYzu7EASKDJWs3lg4sp82YiMq8osYqJxjZ8Al1j5m7hC1yIz4qHzmMMiaoYEBiwVuFYwjnhHDqUlwJ/VuQG1MMZog9iMcRoK+UFIYQZqgiSSAhRfI0TAN3uJsWxWgysCK9sEuqODzm4fiGtu9LWojZyaDOgWDrmMCQfPmFjBd+bCByauzJ0RGOdLMAtzLDCOvMKRPA+Mr9D1B7CqC8LIJylnDCiEh4xfC0aPeBmH0uLLTXkGALWdm9W5DWLdCCJNq2ZErtTInWqSUfSCJFaJptZlALEC9w0w9GGX1eCuG1TLIa6LoTs6iKSZuOZOK4OvnPUCeee4WADHZQ5zihKiqemlQF2ZL8MsQ7tRHRlnwWVNIG46adBiRSNqPjYqUpA52zaLGGIbRo94GYfS4uMqbEBLRXi2QfQDJ0hiGR2PykRP3Bu4tiheOeZQGMUqRQu4yzmpAWWbBd3RQVyqQ9fcmCuNi8AGfAuHWo6bJprLgTpvIK/Mc1ItSxBBTdfUE+A6DLpC1yBzXTD10HnMQa8gLLKEh8GGvDYwjnhHD6UlnIHqtPDdcfhayOxAd3RID5ltBNcy8wB8C4fyLLCsLjVCrzDhnFTw3cgzveJUnd2r9Kp3vMc1W3/GCE5IlVupzm7aMHrEyziUlq9S43tG0B0dYjO+5ibwEhyAuIVDbLZxoSJsIK7M5+gqF1/o0k+ACyCu0A1mllc4UvLBBmiN0EpdjIL778Wq4loLanWkGqrTDYGkbdQPvGpmRocV4pobc6WBAfgWDnGYFQ5awD0l4so8qmfQ3QVejzv8BLjUyt/4Ct2s5+VWaMgAXujC4AHXalPRisC8TOGaQLYOxB2dkEQ1UdfcGD7zEHwLh+gHbseHpYkRcWWO/kCjKIsRSj0BLl75m7hCRytmZ4w6VISALG1TnaVVtAMq3m4zUIUCmPO9crbcwCtWgDhf8ukMlgc1NZAq2nMFxqcUXZkAHr5omxNSZKXGW+DOrPx9F+czwQYWhD0/na+kwanTBa2iJUTrc2JuwMMXrXNCiitqjXwL3JmVv+8eRObH9aGuux5Z0eVDCvaHs4JYwP54N1poFeswb8hgFzx8kZ6ZJ0S8hjs0G+ns3Haz6QEH38wrKAhO5yYUzbQOhVaxLhGAhy/Sc0KaVEGBu36rAdtKH4ww8+XZDAyt9ZVLiA2kirUoBHj4IpoT0rxKm1XpUkkjXv6Omc4yAuMAp728ZnJ4eyQWiIB9utCKEduRnFR1biv/1j/LLvV62wKnUMJjDBNfqVslNlAqLNyQOHUEePgiMSekUlqOjJH5KfkIOSkwnAVgFiKcQiqFTL0kwHm4NuUHvh+2/cDzFVxXefvBpx7V2kEK1pU6gEUFVpcqk8wq03gJjvGckBJxS+txpxVxHj2ssTz22JkugxfVFJOqVGOPimVNl/gRciBXeoErfDdoBkXNUB8oHBaJuB+27cDVWJBEbz/KYYEBQNHKBruKohdgP4qlhGsLWQMzMSekBD/A+sr6uIc19GOPrZagmxWcZSFXN/aoWN5QOgOwKOoSfUZYWDQ7FxP3w7Yhc0As17glCb8dUrwICvlGSR054yFucBp55YHS7B2vc4ZkLQCbCrS+izhGaON8ZgtcPTMxJ6T0PbgD8J6P7bHH0FdH0HTso0fF0p/ISVUVgG0OhRAvCRAImF3g+2HbkSt0pY5nqVgQb4cULxOK3yipDdzg5Dk8gD4DlRwl8YcFLzeGKgWQS03gPEpSVCVTLyDrIetZHsmGQCy1YrkTwY+Qg4iarF7RQrVieC0sskUPu9DV3BDDAi/Mlpkv9YpYBCXD08kG0eCUFY60yGFhvNwYUSkwxJAYop6XMoPqblYPVmyPPdYO9lGxxFcELloIoI2M9OZ0xoCoMM3x/bDtCHOZaVqiNlSYfgZHLIJSdNkGosEpKyI9UpnxcmNEpaAh1xkjKriORX2yHvLeyFGxzF2cntOPkOMbnKn8CECiOYx6SYCpXnMMhbgfth1BL8n5Uq9tEIugzNuBGpw0ijBySYhKQYPIEiP47n65t6ylyozY3I7hUbHMqaosmH6EnFzBDQOtRedEP3DiJQECAVqoFSO2IQW0pVxpym28AoW09gTmjkahlxuLCFXNVqIiHrIjd4hlc9vBPirWlAxUswpZwEt0XwmQjbmmNke9IMANTlqFXm4McZqlLu3ewxfqscfaBcYdFWuJq8MEA2bUkTmMAC8TSr5RUtB9FEI0OGmVU88AolKQhHPwVmare0xYkuU1J7wi1wLMkEiAF0Eh3yjpdVVdnAKIBiedQi83do0P46IXFtALnv2ghJT2mrqEWm4MVQqQmlm4poH9wP29pJOgL4LH4jDfyw9CmxaryPHM8+40aGH2wjuZiB7f+49OWEvxNSLrvwNjkgRjr+jwDhdh1AdZY6jtTlW5B+IOZRMK635Bta2N0OiDOhk9Yp0qysF4qegQHgOebfkF1LaGcYRvS+XV3ZHQYCRMF23FAFiUvpUJALuUOm/5BtS29h29bQi+3mwpL+puuW2ZhOsTBU7bIgAaFyqaz0R2EbYjsv47MKaT4GvLkfXfIS5edkobvWKs77ufNrrOOHhBqo2W8rGHALUuOnLD3DTkMzmS5Zro1Phj+flsronvS/4P5fQbHVvN8loDo8mqSf7vSGsNjDxLj5gHRK+odVA12WFhVOtgHCNSQsgmELokwdeWI+s/6z+zYi3F2D13DoN2OLgkwdgrsv4zK6z/0vQQs5471n9k/c9n4px7BNdnDrhwqxranp9jmmVISAPfioYUSni8VQ3pdDf/1Dc532qSu6lvcmm0PBK75Unhl06wlvcDiXL80qXDbYCbRJGawNiLWf9Z/1n/Wf8dnur1AXAjHgz/Scjx+ECmz3ebGQ0bpzw5SMzMnJ2MPxMZ7DQTgQCCJCPmwcF0VxrCRXE71wxkvPO8eUDzdyQv07zzfJijORaRcd65DiTpd67pRLodasbmDxyJ240euTPtGzeIIuOhiN+BHh3fAFziOBaZDnajZ6DqgNvFnjNwd57eRmge2ujde/vhedRn9VC+H65HooO6+2F7rGugInTXR9hy6z/rv+/9x/rP+s/6z/pvN5fL2aGeLTZNUUGi9bQd87rTytXhG+YLXWwcvQGctyYsG23Xu6rMQDXch00TQjEsQ2gveJeVFSDOl8z+UMVYd1dVPbNTx7zUwgstKkgWEajwDySDW6mmRniSoirZeBxUNZkyRbWwkeR1vivK4tARtfzMKUR2WjjXRJMoWYgLIHc1mzdcaeGblZi2Gc9RZgbgwVi54I2kskO6iz+cFcOVXjDfaGFj6rloJsmULERsihK+1gvfICsGGvi8svk3kjCHceBUd0o/KM/PmgIAlgdc0xK3mpBEShamhGgKhNQQgNDgOa0MGgmu1OFCRHZN+4G7s1lj4YFrWLQCy8Jcm2p+nRuQ0FVqgzMfYITtlBLn19D05xKQlNDSw7IwPFs5jbu5XvDI9Dto1RluvtCbqIkEyaJICm5ykpsJ2mzeLaUcFhhgqZFdKMRhDMQgCFkEHLQ0oMOWK2EbF5qNQMfX4DDZNR0dD29yelVQErgzKCRW1UUAULIofFgyk/3ArfDM1g98F3sGqu/9x/rP+s/6z/rP+s/6z/oPk9nE2KMPirBH+BZfj6Jz3tJDRL0iLI+YCGyIK6z/rP+s/6z/rP+s/6z/rP+s/w6r1l6OorWhThRFUylDMpRKpwwu8oacysBIQ9o+GtiNTz5lkFPjTqXWuJ3cGnckvcbtMDaM/W3rP+s/6z/rP+s/67/v/cf6z/rP+i+c9t+Vn9Lu/7mzfOqbYyISwNFfvMKOf/7v3yHj//2pzekd5ZZvjg0B/NmVcfFHd8j46YZ5fnB0S7xeQH841h/aCNPxnWAg0u/m8JmI+PtAMtHr7hG9iMj4+O7yizLkKgPm6WQHh9HrI+6T3H0+cz0fp8m9QrkbS73TXi/9bk6gl+eoWDC7q2TuJyIjSJ6IjLtPeODEJWNek7ij0YFMukbWqNF0lER0MxwDeb38kzxOE5EBvKboK6sMTTxw9d8pcx6LcIYp4qesMhGlE55SejbKSnCYxxMsdSAdcz+GkeoagCCT1gOQgp/A1FXO0oNLHZzoAhKbSCc2ST3kLIMkRu50jNIL0RhK19BJwnTi+dgNANNJl5NnFeWBRJ6mzL2MTDNEQ+IoUnnkuo2QQPTYDXkMInHEw2nmcWoYm2YNQ5TIQ8kgtn1PMjB/oBmWsoqO0yIvApSkQ1KrRO4kgQ3TzwxZPB+5YYPnHqRiz0lyFlTtn/ScnWcxMXYdSieoVrQBeA0oWyo8wwvQJB6TO2YesyGKqcsOeTKG1eQpUFaZ0whcBXAaASEbYSjMDISOE/gDxmpzlAr1f4ZLk+yrsdjcS6TIDFRWcbUSDXfhJwKk0mOpvZiIgaQcOsPQdSCuwMh/5kB0uoOURSFuyDxIIDuyJJxOIBqDRALTYeXvEA/WiYgABgIFg/aPJIjMnMYAJKS/DcbcHwDXk+QkXtFlQCeJph/54U56CkvBwlIHjkfNcTC6DaClxlToAUkYKCJJMvmsYwBLwuk0hpGmgVcmmGciy7jxbKR12WwAMTmSCASRMKt3k24gvA7eP5kGOpGx1CzqEo4/gC10qF2egLvPxqKIhNOpJTs7u0whKrl1YA02uwvENYGhnUEC+nAgtwvks4BNeiak9lPpOEo0tAiMmkBvIX9m5EwB1QSGgHUCGGdF49R1k4Nsbj8mGRO7gLZyNdtvFx6hDyJ2+Ux6Ti7TSI9j2/WJOzfi6gB4l1mVU6tarAS7IiwVJCaDu7bjHu9SnSd2UUncu4jp3PiTbjLGu+B0ylBlm10abNNzx9i5OhUZSzZNzJN+CqgTkVEHu80lXoMNj9wZO/RBowOZqiXgBSjKPfggVpFpj5iNrsgNt0SgPXcoqca4w0j1FX5QQh9k4olSJlGBI6Mws/RO3BGRTqzJqCMBgn+swDa942fDM60nCU57x590IvSODzhMYC0nn+3yzGey6yufiZtxlIEqAAJkoEJk+uPMuf3xPjc2y+sEBMjyishQt2BGj/iNW17PDBJjgz7lWczA2Ne+sf6zArkztnaXhzd3w9bmzWPvi63l8aOaO+Jqrplf9ZiH3gFTS6LZVckjHx0h6i9dVGXJ4G3W5HdD0d9w87yZZYknHvX4BklHMU+SJAEA)

**图：Hypervisor 架构**

Qualcomm Type-1 Hypervisor（也称为本机 Hypervisor）具有以下功能：

- 与 Type 2（托管）Hypervisors 相比，提供增强的安全性
- 支持独立于 Linux 的多核实时操作
- 操作方式独特、独立，且比 Linux 具有更高的权限
- 对性能影响极小

Type-1 Hypervisor 的架构包括 Qualcomm Hypervisor 访问控制，它支持：

- 多种操作系统
- 更小的攻击面

下图展示了 Type-1 Hypervisor。

![../../../../../_images/type1-hypervisor-updated.png](data:image/png;base64,UklGRsYQAABXRUJQVlA4TLkQAAAvlEFhEC/lKpIkxerlI3/P/8cTsEx3PTYctpGkSL28e6j7/HPjBI4XfmYgR7atWlnX73djSDaEQsDkoaMvT/dmG0mSk0aDRZEA+SdDDm+jhaUJAAC/iO02IwnZUPBZIRtZICAbsQIFHwvJyEIyslCbNJAF4FPWsWBAFrQNgAlgBXgBDgGPArtSIQNoBNQAHcQDwCZCK+IeIACsACvAChAAVoBFqXAC/AD/U3Ll58Lo7BtnInaqrW0qa4u0SVxNZJF3A5K0mVKrvBs5qefio6hdq92itEnabBaZJVhVRsZu1i58ZPU0MsphCh9CLILfcj5yrnCmcyHyvjKqCSkJoQEXwu9mno086fdo1Vk7B7st6vHykuT9iSRpe7DdF6WgdfT0B0rDmOT3/HTMjdJBGCttIz9UxiWuz6zPzqUzMfGpMCHyXaV9FPrmXDoYnFMn2o650YjyYyYilLuPVuq/VfMEsLcOlBu8/8W4Nsgm9AA72G3Wd6F+WXUyL5DPrI2ecef/+7bqwrl/NsjIg5EHbMnMbyQeBoBy2zbWtpjpvfdkd2/Z3vuuuEXb+6boijavFN7rcteNFqPtvXe5pChWJF2vbuLrP4o5MwBIgCS2kWcA4mDODAYR/acFSbbdtumTILo0iJx77gWIh03/XxfEO97w3uwQ//KOAsS7n3zvPbfdcn0miBuahXlv9R7x7wceuPn6LBH2oSeCf56kG67PFoH1G4t3vNf6rBENvqsyPnvEfW/C2zKIO9+Pt2QQDaL/J8heOnU2RTGvE+X1PFH+dMKmKM78b3y1TVlcHFf+RDZd8ZfYTqXNt8aV/7YpQ3fEZVMX4wrZ1B2opiN25r9ZrO7PI9u/9az948vR7ecTBrZORnWU/wfUOEZWyWSYj8fiIjngUmR1eqIoNJsYota45APBJNOV+3Mdh7VRTZ7GNb5wf8x9MKIEN7S5koPjRr3PXJ9UJKBsGGZtRMVy5v0gU2ZGOFWOOmYsrEV3wOxOJszrzz0SwyvPJ86F+hoYdKNrzfcfVSQAFlKNc2ax25QXmOvTFpn5Vmu4VFX/gK/lrI8mQc3H52wEPrAnc6dIQGU/6J/hgyBFY4/yPmwA8yCLkw7kesUW7kLSHDqXR/Xnw4coaU6ysbfug3l/wdpan1QkoGDAcLxsa41iWBSNUq4+SLqwqJOgzq3VLwsOTg1FArICrIE5SNE6p1SLFEu+ZjEHh9nEIXr+lSg+8twhSp4DPhmUFSjA1FAkoPDHCzA/kaLd50JBVX2Q0lGej14tjgT61gIAvVckIAn9DEUlOKmtvmLRCVxE9+rro4jDAaLDfw6VnwP55COJF2K4Pxfz/6jE5hcUCcgK3ldPHiVF9WGuR9mM3gEfB0cEScH7igRUSsk+B6FUsBEcjn1wXItbX5Y5p0hAQXE6Ye5nZiVF9RPEMYg61uK43DvMTfxFAhuvRmk8ksTGPoO4NdbCamlxwCbxixLOLsMn4798JRfdDUR7Obnyj0Rc5YXDyQLHPIg5X4v/8jU+ibkNRHs5Ofb5pLS5mG8rwZHV5YU17MBMUb2tcM4m1X/G2dCr55LlKNfS5uSTvdOKBCK8bZ/nZ4/mgVp6m6L6yZFfkDadB+N5Rbo+cjrK9VFurK0vMCM4GanDro+S6iPxLlpNsqCWd43ygI10fcQmyvUR2IAYlQMx4vth10fJEKEiTpHARL8ResCFIoER3p3+K7yM8nBt5r8Zes6kz3T0JdXHUueOMfN17vW08HXuU9NffJCq6lPp4/P+4YupCfR+jEhz9f/kfSRpjuQZ1zHz38x/MzgsHsQUxQPN+HLzfZii4DvjW2DKohlXbnwM0xV3xsZpQ+PKPZgy9oa4MHUxrtjUVb+ZjuBMXHudQ1RUQ3O+///jVyKrj//RTbr/o/9CZHLD0O0LevxKYPWFOukGYLKt94dThjHdSGr1E87RjuDJIfedp8EeIlY1kUbcJh6QQSbyDgsKgg0xFsQdIg5s1+SZeNwZYfUvdYgKg+jXC9pDNyDSUvVBo6+7RJ2AKYh07RNFkxEMaWQqEIt+jjui130dqI2YtgVq2oMNaFAg0w7mfZHo+DO66puqQFPXAb+N6IhxjzRsQOSw8IxY1zkyjUrco4DvBgxiToydATiEBJzIqAJVUnMwAfYGsRh/Rld9phzsuqDwcCzqWgWmUxe4Q3si42TDQQG76Wi7oD2Uwoeo4PTo1Dix4KCDRYVwVvS1Ir0QGkwPKVGf1Iakrg2BkOVdCiKaekwaWfWxJhEKmoKIRksSuopywQgiABK5NOYXo6t+USiPTtit9mIvkrgh3Teqo3hdg58AsImoxubLI6s+SAKxkPh1jCqZL2MlX67J5zsGd2gdsRhIoy5O7boUWA9nxuTbRld9MygMMm1Lo14ZZAqsh4Jv09RN4O2dukKBlddHRR405CR4UCPmFXEILGryevwZYfUvwVQCUhLd9b4B1Q9jCiLtRyZmAAZHETvkxp1UVB8cVseGnb5DU9Q46ZkB+Ei5ND4WribqmokPtztExXZGebj2d4jkW2t6CqCJqHtpXIDXzdtVJ9ojvomqqLbRdCoTAdN2GjFdgjcEJ7wdcgjuuI0LGjC66Iixd9Jz13X5uSuyJ+8UNz+qARFPJHvkwMg7ph3xf9Hw4ifHPhF11c/nayIGt3ySbQe8Q1oXuwPcI8btfldaMFXS613ETh/c+tueRAz83ADrgr3SBJU3dQUXYc/nNfk9rIiTvYqjWivuHnkNnxk5lvgKPtxgMtI8zokn0svbg74Ga3cqxKLGPfDURBtAfj4v3woGY9FN+oZ0h7oGdHaPdrAi0E1ohxwog0S6PT2Z3obcpWIbfKqbPqPxHXAKCKiez6sKX9fJvz7KxfnODu2tD+BN9AFL9gjEZCQqLVbqa0eX4BWKNpAhEGnCDlHaEwfrAy0l0+/ICw8ymXwcKz45ugMvjfNePTDSghFEenQGECPqPm1LvdRklL9L1pjJh+kS0EWsSAy9luoMyM/nU2SHulIDt6kCdXFoavDcVcoir7uTjxl0LkkNrCgXYyB21r4BV47y8/kUwbwr3diQjw7s4UOafEAMs1jHSfiyJvl3/XcL+KvSQ5oOefn5fFLF31mL6eBG6PD+sEladAqcCvDAjBNMhZkGbFNVZJSHazPT2XHjwbThceXe1LlhzHyd+2JcuTlt/7nLx+Vvt6n6eeHHFd+k6khl7/LxeX9zk5qw3o8v3t/YpCcyyt/bMvPfP333PIE490i28CqUZ43GYcF+JGv4s/BK9ljluUN02GcP5twhnUk25HwW4U024f8+wKe+uTJ1x9Ofie8zPJXHZ2ObT+eejY2n9Chm/vuHLE99usXtL0X0ldY3RmJpGfhEGUn07k0dnhJj9+XyCylXTR3qmoPQrW8k0RTXeKq1gCNo4Y7yTMuucL7c4k98Q1K1W/w5oWhxO0iybOmaWT9FzMthWUSgW18TPbNSciB52KPlumjZ9jKchqB7iyjda7fySW3R+hrQJqW6zpmWcqBq6ZWnxLBRu17RrUUgyMq2liqRUlgWocS6YLSD5J4KklvA5JeDHi2LJHUZIFJ0r1wK7x5PYupt17XK18SwVa0KqAlk91QDPnCW2yslSA/sTe3lsCwiNKi9wlTD5LhNsEdPtbTIn0E6dUsDVuyNC83K7i1WpgsgSkiRh27lcFZILEw2JAtJC0YJ9v+81JLPLYm04axZBjm2iyCzp6TFcqTu8VTRqKjFLNOQXWJmkUksUVYpbTDaEtvKLYOQ6fbKMskfmdRqa2X3JrtSGuylzykEuSwrFitL4YshW24Hw65clAwCEPl8bWkhYWa9RCGL6WBDZWsBwINbqX55oXx5yKpWqQHlQYBLCKSylAMwadvK1d2bBi5a4WgxtSw80aNWFfFtw8ZtMbGkt1Ui+aAnS1qmW7QCgB7ldR3SvYl/e4eXwJ7TbrEW00KXrbZuWdX1kVVduAzdMq0IhfL6aEmvyJ5qLSDQV17OFd2b+JiZc2rppPZoSQPVlHZ3+nNlUs/02/l0JG2nlO1yBcooz3Fm/vv7TJ+M66vTuad9XB83U/mXJ30yNp9//utTd1QfzyjfXTnz38x/szf87pdTd/xmCD72o29P4fGDJraf6qk8TGx6So8PZRO/n/nv7119/7ctvukXgd+yCN9o7Sug8tO771d/0PonN/1amgLNBz/83Szgg40O4hf8Q2kK/Jh/lgF8n38hlOwlhn+VAcx5Ls0KxeIXGQDJ5Jf/8GGTIWSMt83VCymDTLFKJL/ODhuCWXwfTBCa5i9afwsvWpXMh/9gdPPBZpq/vVNW4PaOmjaemYuMciN05r9/duh7U7qPxWWncz/3cXn7nenb4pc+Pu9/P3VHRvlC0Zn/Zv6bDeJTX1THZ5PL/lIdi9S44y8h4camYiUsvphUvwz/o25p8a2zIcFj0xdDfT2mRw+9Nio/CvXLlPiTDY2h2KUXk6BapSNJNN8gslUK7G4S2a0EuxgRBbG6SLAGvV9rPup75JLmNZr7anXTJd4uzb1b3ahSp+f9VXot2YsjNokNt9GTRn5OlfebPe8bos0XoTnRYtd7XiVR1gWtEVneJNr1lcgBQUJDArrnFqWfg+ThkWEh8m82aHNLPgKRdTCjufe28b6iXd/gRuO5IbrqfWVFakMW9NSBYuIW02Xvry4czEKAHak8gzJWcsdAXwGRThlaLEWFGuspCO6RXLSkuEzWB7GKClc3tnyzcMIuLUQ6FTX+xY2rYC+zRFt+TaR1xFcLMId4KErYvbXVQOMZdIBhn7BymwsA0VcbPam3VqWpfAWyXXi0vtrsDZXU56ublejHRuk9rklZAA26CjGArmqslzoG+iqUG5XHJrxYINumF4CLgJRKEigPHXZTYct7z8QBUTfvr3K54cA83wWZrYlktypaeN/bAIfXobhMLDQL2L1mAfrkaA7z3xTAUM3nYjy8t6jSE4PiRU6XaUvkMFygMo7m3gdJBylvkZWzCIB6MFmmBSin1DHQV2n2em5caLFAdnxVTUoluVxDRJA0znYVDifUA8lKgzgyc/IkIsycVnvOeyq99yWFsFbKDMQIMIFgpq35hpOzCMzJgeEFmFjqmALTZq/04cWaw56rSakkt9FsvOg5jI1ruA2ZIzib1bzrHaGFp3ksznvvh99YMF2Whu/qkTUvZwF4NSt1TMH7eUNNeLEiSugqu5LNXvRGdMNdBVrb8KsYruqJjDYVjV60hh2FkpyjEio3g8zlLMIbr4mGDXGVRTpVaLHiNJK3oRfBL/WC4agqJFatslVRz5cbjR+tubQh+bManK3whlVyG0e8Qyt6K/fY9yQVzBZ88FscxYYaYj/fqPwWLZwiC2kVh41iFaljCnazEmdbocWCZxNrUVZZJOuilebeg/PTReMrJGpoFwzynGhz4cF5cM/HMNyL1sCqdFZLRPOQBiMRguMT2JBDIgtIac89KAqWI7loXYMV9M2aIgu4IZQ2BPosd0yhskSbHF4sXyLRmlOSU0nW7Z0eNT5KJPL2jlCl5aJ1yCEaIRGhWKm857Yop3afTcvd6Z+G351OCX8mDI1N/rO5Or748aT62M+NOn7n0xJ/OnZCGa7JKI+h/+mGG7KJJpN4/50ZxN3/9u8PZhAPvfnd2GQOd73PXvcWvD1jMPj2oijeinffkCHceM9759eJqD+A992VEaKc4+PvvE6Kd7z5X7NCvA38VAAA)

**图：Type-1 Hypervisor**

**虚拟化**

虚拟机和 CPU 提供了灵活性与抽象能力。Qualcomm Hypervisor 提供以下虚拟化功能：

> 
> 
> 表：Qualcomm Hypervisor 虚拟化功能
> 
> 
> | **功能** | **说明** |
> | --- | --- |
> | 内存管理 | <ul class="simple"><br><li><p>Qualcomm Hypervisor 管理阶段 2 页表，并将中间物理地址 (IPA) 转换为物理地址 (PA)。</p></li><br><li><p>它还会在虚拟机之间隔离内存</p></li><br></ul> |
> | 中断虚拟化 | 它将中断虚拟化并映射到正确且独立的虚拟机 |
> | 调度 | 虚拟化 CPU (VCPU) 调度程序可防止虚拟机在故障期间出现饥饿现象 |
> | 进程间通信 (IPC) | 这包括共享内存、消息传递 (IPC) API 和虚拟中断。 |
> | 电源管理 | 它支持多个虚拟机，并采用最低公分母电源状态 |

**Qualcomm Hypervisor BSP**

Qualcomm Hypervisor 在板级支持包 (BSP) 中支持以下功能：

- PIL
- 访问 SoC AC 策略
- 系统 MMU 驱动程序
- SMC TrustZone 通信的路径支持

下图展示了 Qualcomm Hypervisor 和 BSP 的所有功能，它们共同提供了完整的 Hypervisor 解决方案：

![../../../../../_images/qualcomm-hypervsior-bsp-updated.png](data:image/png;base64,UklGRoIuAABXRUJQVlA4THYuAAAvnsSGEM/DKJIkRXXM8D3/Dhm7xwbjNpIU9fIe/i//BJmvexy2beRInnD3of/mvoocZ2ZtppFtO1myvV9hUXRMZfSRbQoAAH+YfF8zyRKRLDHJEpMkSsJInEmcyWOyzvK4WVcSR6o7i0SxCOAzCaAC2AA+gAvgBbgDeBLgSpx1AMXSDFCHaQAoAAEIQAAmgAAk9TYm3tY01RIgi87zwxTbIi7/P5572JpFFl1nwS3P8/f/4/9EKv8/LHpvkv3d949F/t2vn+9r4qLXffq4ri+LEu3260qvC1/et1w7hf/5vnbtJHzs8/js6Vzp1cMyXfS9ST10ncmCaVsokqkrlNlVRariyix1dWWWuoYiUduGLFDXpdQvw2DCwjgasAyDSVyahytCkYrjtpEciZV/2NPjevfMMyImwDSL8kx3m60OeWWROGWahA5j4FjUDd4STdQRlRA4ZFyzFczIRm9jausP2EQy5DS6kCK1+UraRLKWIiubdsOgaj5kKoMVY+KCpfvGC+2lNu3hAGQpNwgVQWAhkWXIHLGlKI35wSXhcQ4+J8iXrWWXf7E3adin5GHZNslttW1bl675ukzAup95nuchXIMJJJgFNiIQEy4SbCJfNhghhDBCGLRA9+/vOs6zZTvz1XCVXKo+VWd31RnRf1mQbQWRc6iQksjmMotPQXiDfvrbtr1No237lvP8/1qGK3yRs/fee+8t05NpzJBcwHJ+/SAdkox9HJLFXLIxGCzsQxH9pwVJsti26UtBBgKwjqBJvih4B+B9/lCF//3v/1sDKfzr//c/foCg/y78429+/fOGUfhV97t/8V//N/z5L/9sX5pJ4ffh/1f8u/yL0lQKMfyv3f8OvyrNpfBP/+0P/74tDSb24X8GazJR/sX/CV2jCf2/ofzdfwIPXv/8cHh+6fOrWHkOzdL7ucwhoIb3c5nDYen5fOUgv5D5zOH9PL/AnN8X+HmLeIHRe/eExhONp+Tgv+C/4L/gP4v0/mcQrsvozTFhJCJvG0RcWBVGPx+LIUl660WbQxgIYDiS/qAkkT80lRjJ7uelF0lNJJjwUq4bRskHNTgRDaNsqYa3Mv55aTBtjOSvfZOJE7n+Q2kw8VJES2kiDQeNpQqjg2sZOyXHDaPJNBUQ7EiIgMbRVOQDCM02TwmvvuuC8cY1He0bexeMnnwvfPu1E2q/P6q90Xzqgj4YvrhGu/b7t9kN443mX5UXm8RuGB/3tKt6dsX4uFbZ7NkVY3iVdJvWGaUvVH7qnFG9J12f3BU7o33wX/Bf8N+6jYM3PxOxfjNeijwKIiellD9keq6Kfrd/xQIdj0XKbkMuZPQYjCTit0nuHlKq8TWZEAfcXSnlZCwSd5yWg+8WHESol7F3PiOBUD6HSCzlDfmqAEbL+KCskH52fVRSL29zyapnOpFUShLpPh1W9zfyWOToQOQt7NqjFhUZlRQO0IjtRPqX7pjq3H59ErneEbr3IuOXFcdRJB2UEmV0IXKsUaI6nbso8agS/stR7a2M4TDoory5lqik6WOgaifpwkkwiUVEobAyqjjaieySOyDTdn+0Jm/QiEUxtGcnErGmvO8IL8cgAn6/8dgpuxiJ7JyMVKdCzVWSUsaSTqQo6urNVUZSN1ylhQo8kgss7MURuY4stIpxOJVYkn5UOlJL34uWFJwtJEaMYywuHDtoo7MrO9L4rGDCdQUXflQ7EknljVwQqT0V/xblppEzm2MZARekUdT1ZD0Ny49Ji7KTRK6xGMgveYwcYbUpZUx+vycCYTMVygkYrQORl0TcGyq+I3XjWo7LTvoDh2IVOyhG6mInIgykQpco13iZ9t2DqqbT2skA1mws74GRXHfw5cxR3rrG5wgFuJqulb6KXRnhfr1EDgWTR6V2TsBYLmDVaB0cfAcifS+SABGFQ/GtjPu+yPsru6NFzUQZEVvGoaLQhAO0so/Ofp1I7844fQEBKr2TpXUq4F+iScWx9GVEpb6R3pXmZaXyLakbJlZMtFRA+sG1nECF3IkcYRXjABkpugK9pGgvoxIFOSouHPj98S9Hx2ArXeWvOCnOiMF+oFOd+LjfqznxSeQApb6V9x2Iv5ATUryxHO+k/ByI8h4ODThCdtJf6dju0FrwErgW15AcHcH10YFI2kmE2oX71ahQ66/lZVX/UFwnkt6KuooWSd1wdWcsO1KAfqQgu4eKNcKaXLMBTc4oIEMwxIMyZeb4QkQIOxlRgWgs74XGKp3IqDqCALCR9LxNqES9EQPIibzDEqmIxOpmDpxlo4goEThCY3kvNFZJrs/yiNhacTbSBa5u9PJS5AAlmzh7R+Tv6qHnPdK3ecANcihRVlGRCj4qpSSRDqKHpYzFqeCiWo7keiyJlKKkkWtz9nLCR1a3yoVUsBHwXhJGD8uxiMTCRrWoXIgykkcm8hJljzelSE+qJmiBUGI8kLtiwm7y43JSAZU2yQWTDLv2JPmBGUHvLJccwcgeMG3XsVQHCHAsfYc9NSTZtnQiCldMXdm532CqEBnBr59JPohyPKLJD0vpXRlIMmpOrvogaDZHAHSPuqp5RJM32jhORKYkhu8hw0FBQW1EdSUm24NCj1aa7YCKT5Q3IoaQm1Bv+WydpR0OipfGbMRnO6DZHprkKkI5oWUj4t9Q+ooeOSaVl8nGg2HsykFUOb6HTKaRcVV1j8ZyfYznfRmb9JuNt+rKA1OiHAMpwom+6AVMoqAkcbo2Gm+lxbqU4zGh7K5lPKroLkRGUcpG461OykNzImPIF5PIG2qFU8fUDQVdm4232gTrYTINfEjfQyillD+MP9q15h1X28DJV/JU5NHHu6SksYyQ73aeEt6/LB8l7jqvfFVT9H35KNmJyB++81HKx8r7g69sSvlYuT4uSOPJz9Tf/Sf4L/gv+O8pT6PH9+4gH2ePxhlo6qFFPraHzhxN+zoDs7rFPh5MLcf89B8KYmoskbBvN3NjRO1rY1sSdu6tzmpU/9AQM9M/JxrihjGi9jWFX3cpbW3G/B8iPDB0SFR89puial8bahMRYTNmVGgN1VSoTVG1r4P/gv+C/56SNv9poMNFxaHOkPWgVExWqrkQgqpTcR+WflOmSsLCyE2UonUNq8EE8N7VLFW9a7EmYU0tGkBdvsJVjN05CnTfVlng2GT+okhvRWCnQy+JVZoNOrNbXTg6Yskck5zM5rkjZHPquo0rVEW+j0mL2mbz17GJx+Qa/OAWq+bCbB0m1ofgKFBdCg8vM3wS72JA+22VS+JbkaGdDr0kNinB5VZ3WJEzWrGMhwGpLARUd78K9fgsqtY9ZnKiVSPmiZkFLQRLnkf8+qw6DGi/rXIrVQtop0MviU1aA9PljR0m/K36VcUENQQtLEtXdUpWJ6bVaGA8s6qubJnNclyppoo2qS7Dqg6OHJvzWEkpT5Nq6onqlKTvvtQv02mgwEm1UCWtrbvLLRz6jMXLkbLUlqONgvuMAf23FVeRA6nIq7SEqm8mWdddxarKt2R0mZPVZWMOtUpXUQ19DR2008GXxCItdE5P0RGu1Lz6Ck/lTFhWGXX63DHgBqJiIZMGCEcVFMLQ5pW1YcidLdu8dvl8Mku5r/DBis5ASbtobN1scGtwsLe6JNWQkjIfdVWPxirabyuuIvc5Wu8sfRwUFDB3AoJDi3G67rI7wthDzaJ2dhMSC8c9tNOhl8QqV+k0LQhQz1d+UiGMteQQLU4d1IZ+MzqnJNkMNA8aeg4UMI0twwr+g4KXCV2FOIEF5e7jXVvfzCesMD3FCEULT9vFJ+dIbKb9tqqpyHgorNaGNTo5AcUxNON05QgtZu5QQ13LzO4Sd0na6YqXxC4faLIc6gJwWze5hI1QF4oRkzdV2QyipGirqa2J4HLeKB6OO6yhrvpNiUDsQOgj27qYW/dPHJtnS+eTeHIfBdpvK6Yio5gCkBqdlwgoYXRVRxjAHWqVLtJkBHZ3NUyAnW6pmxn8WocJ7Nidd9dNjvkmkXd4OBRaLfciPgQ4XmLZMgw9lg/ELjMDMciWDo0BXu7UR2YsQB6MAe23FQMOP1AElLTKw+iaE7hDbSPSE3CnAy+JTbpZBsNLZsds4NfRphvvEoYfUYS1NQxbQtS5bRylr/zhoMOVa+dzu6RNSF747UBKqaswoP+2Yiha7hkVLQ8XCVn0wE7HGn+x2cTd8gMDlUm+IzUcPg6/1rlNN/xB5K+8pFa02xhXj/QxlwCRGEkkqBPJJnNEUNLYu0UekgvpFg6g4mA77KGWyBl0AwYT/bcVhXRs1SWzEF2bJW8aQTsdcw/FZidKFlpwAyjqDZnkWDcclPxVnN2E2ydwyVUhOqsBs+2e1UDP/qliqk56blH1OrcVNFvMPYNTApd21m4ywIPe1okdDkpC8gHv76auOsdq5mFk5UzUWSVk0NZmGxI4XdFl08wdahuxjxNop2MvdScyfDrT6NKQiS7pxxQSTKbh8VrI4BMyqGoFFSVp5CHjrQZN06FqydH9q2qaouqgJHg63ooDlCwqi+/rt87khHU3UO2sBiuquprQjqKK0epMo0u+IneqyVm61bpjx1vRZE6XLVVTykYPNQ69zjQVJ/RNYouDwsRwLD27Isf1vcU9Tjce7pP/JiLd+OV343Cz9JWS6/KQLyccmUoWxP8yLHFxzWj/8H+I2MxB6kydXe33rzfkrcNLK/GXSyA+oOhn29Pvdn6muK46h3H+7nl52sonTmww8PryWSnlaX/6KVNKaTDw4ay48O68PIMfU9fMTXU41BvJc9nvJWLjs/ux4jLIfu+dNol1KtROr15UuqvibKMT5zjDEvlt2EffVdj+9Jmzydpd7c9KbfEGf4HxHPuI7E70zTV8RniO/NyzS5btNpR3lwEIWylFPrj05+X06scr9YaHQ/0R747fqbJQc/tWWp8qcbnk/RmK91WJ/P7U7WuVrG1x5Cr9aetri8clHKmgN36AyrGrlG82/C04/GeEDeH11TOGF84qvdpnIF6COrV9dibvwxUhvaPwWarKQj2D5vSciAtbVyK0xLB/6So5nQfiVShFTwtbvK/YzVBRKQE/UOXYnH5JfN4gghBGx+lVgHzPSWoxWVUWoj2Gih/3L8LlKeJEONlgCf2546wrca8k8hsUz2eAK8cCnVweRh5iNfdD1VKrgp9efDvUPCcuw5yqOzPinBUmIWTc8GvV2BrViczMq3f7/Z7yFwD/G6fEjMYq2/jj/jkh73PcQ6C82D9V2w4o64dTtnh+A1hc6CZQ3PfK5TIBmGs8rVPBAuYvO+hEzxV1zoobwGywhCYr1VnkVf4CvOs4nvaei6Q+ypjv/HlhI9LuJJRuL2cAFu1S/nYS3VxSFlhh8aPvFjz01Kng6Z2AGbBOZk4Jdc7KkdbQxBRGJwoPtD0DnFGq4JOfs8nZws56LjmD+CeGsL3MAKOcKZ4foShPpypmV6eCgZHjaDUaFwpPjjhlmZFf/MNBwRg9q/5tC3fvohDCpa/JlrXSuV4uku21E/9U8vbUgZuXBYAShfMtVzw/MqMo7rsahf7bUFVZiKL1iqHonWmgWffMDYry5651V/U/Xb3mxlt5brxV5rwUh2fHW21PC6V0AYGy7n3giudNVulWOrEcyR8tn7GooLV6Vz7ScHkKvP7KGq2+pdGFxVFUjgUWGyo6qYNLvtUenbNulvzZoOx//EjZf3j2acGnRJgamhNhM7I4cOVYqLivGbB3/ZqFz8Y5Z+35bG2V7ZOkSPGnqw9P5RPjgsKfzA+o+Oi3N6rKscDxVobsVnVYWLjxVrHGOWvdeCsOS6wzxTw/u4N/TNk8Uot/DDO2E5iFxXG2+P/datzivTq/2r/LG1J/twbkRyfg9dWrBhK8+3H/ocHD/mp/+SMYwnc4p+bp/OoyEhSm6jnndDhXJu8z+vuNAJF9ShqfPjgdbipOzl1ViDoVDQ3OLp9coxGHblZOyYnXYMb9FPVGxQDtzHwVkQiTjE+LVUKen28dvhS5PI9usl+dimYGl+DoKTo/wcRnwTZwG94BwjjefYDJx0CAPXwH7qhA+ynII86C61Q0OJIvHeDxKToDd19QEMDpuIxoYwmkEHUqmhk8B5fkLOfAvTZKdEoJpKkYUOfWN0/48O75vaI9mr0X+x85fJeZyJouEXR11eCSN/xB+6vnyPasVPDJZ1zyVzKPbhAwDhfTkgTeH/R7DpKtfjgoWsrn5xVb9DVMsz0x2UKV7euYLRGfEDSb2dYMGSd1+mHLgOOtqnFSrK799jlYSOdaOKNX4bPLZ8x4q44bb/XVCk2lSMcUj93K6chSx27lTx8uX31LTEV+RIVpmTTyPc/Onn2Hos4Yjx+06EfdsHlMt/iXN3zcseUUcplPa+TjMLMG7hZ2oyPh15o35h7bGRG/uR17a2MyDsvxpCg/O3GpL/fX77u/cuHM8eodGYu1BS2xMcPO1JMboOVLebE/I6Pdt94Zye27ZgzMnIFytn+G/qjK2RaByYLNDl7ABJoP5+z6fU+34GD49Kqa2/cg6/cFbUs5B57iM0Le52ZHVO0LE4659fueXmWS7h9o/b6AvCWqXeAia3bgWn3gxmX7mjYGAziics3Bh1i/r2IVzLWXU47cNTSSr0h4Al+c5++4FWjaXsE+On8HD7J+X2iCX8ZQSnzd7b9Nst1+dlLOrvLuvLJ7hFf7nPcQgHuv31epKG1A5k7oRvlm4XD1cCw0fN/j9Cpun7ERsW2Oe6/fV+3VXkN8KiiqOcKzrTNgTPIzEBCC497r99WbbM+Ijm8U5AETKVqFACvfWk8N35FIpWmoN0qfe/cwJtWV0Zd5wjEOXNIdb+Wdx3OSLRa4F/j83Dvuu35ftacO3AmffstsAAMmQqLkJ/DU33FQnK51ayzwvNV3zPPOL/Plcs4piNh6drzV/qw4HmL9vqrONM8KeaiFWL5RAAZMBJnRdcHHoTnEeGBdgZmwaFJKvC/nuiK/+8tHuwLNbxKky52kL2dgYmbDaHENzDfgVmckEtconvqUgPphj82NtxTUEJ7l2Ysr+2ZniQ8odi+8erILn8T/3S8CkgqIPTA12hBxFpz8uqz+/ds9yijpISIhnhRhMVVnxaHwSo/TjSLUmXJwXr3Tw5OGJ1qLGWtZNDUVpjRe02bpZPgTedcj88MFhzwCKEy2peHLPLm8yrAZJpam9jI8jreCUVQM8Aig5IjjrcySRiHDyGmtQeFis0u0Es3pB7fk34fyF0xn9g2Hjd5BW6p8/Plm/FGtV8Cx5mf7F/UGq66EesHZG5omkBl5H95txDIyJMc3KWbf8Xi2B3483YOvKfpmH8QsmsNH0PA+OC2XSoBKDitnlilrt99mJO89LprlNXmMxrhmASYTc9dTzJt9EGeuyMP7wCwdWJxAJYe1yLPit8CTU/9iHysB0ZXJzVteq4CXUmevKMybfQAAw/tAlw4sgkoOa4lOgFXEDwKGl77bh/zJbhwOZsj6ce7ETzUjN1nD394o5dVr4uzAEyEb2PmW13hJgEoOawlgWSu220B71dS9yZVnnzB3xMA9FnoLFP3YaCJ7EQVcQgHkzT4o+JqlAxOAksNGnM4XpQTqQ/31p0zOwDI/WpTwmi//jQ369XfQ8EOe9pVyIuc1SwcmACWHzWxfnHehFDpo65OOEhqg4aqCdUi5VE2Tournxj0WaQyddjDBpMstksAcBo2OW/JgpTmuVBO5msvihK01Fy3ksU1bs9wlVxanr3f6smaBxptjF2McPAfo5AIukdOr51SA4X142mvhAEoOG86U59VupFn69GknL9fBYL6tLuocUvY+J6fE6OvgqNBC9vXRkFsYcRTzvEK04MS3rGIhg8ZgUb31UISKdpisRfeW00pjxudYtqJzkt61aTcIEy+y2Suy0Unh3uwDH/fCZvLwPtClAxPkksOmYLAprvFAOsz2+lBQ4IJkNZxoYR1Srp2t095M+EdyX3kzEDcbzAketPg70Oep/4DOCUhOAHmo5dyiqStYlpnl6KQ5oV0mQn0HjDeHL1l8+oGu6fdq/8S82Qce4OOtvtsBlw4MucpReZK+QUORyyd8UsZIxlvVBeW2bvKCMVrp5FJCn3A7R1B45+Sg+VpmozgL6XVWSDJoyzUOTXKkhpXFT84+Mpha1BbMsXXQKFF4i1VyFD+s6hOukFZ2N3RXVRVyQUol5nVwEEpuhx2lECtadGqom2eyUtUqCpRFXIbaHNV4NK8dEqZmA7+OBtEgZmM6mepSPUfJIRdgNZzXRsM0qY06sSmnnsxAjTfzx9W/x5QN12iI5IKUSkwywUIeGsdE17kF8p3VAForuGR54DqUWlDRtv5swoyrxWAIRgsoSKnCvA4OStE7FksaDViD70qWNiezlVPNZhM+QlWs6K1NwiWkX5XHVJh5BpPBEpELUqrQ8VYMU53x3KpH+qQau9xSm4eCyzDgeKsYOQm5NedJyUpW7RIk7eKgi8QTidxiz1OlczF8HLkwXCLbWAmeb2i4aHTP48YvHmHfw1trf1qkAuDRtEY/LpjzjtzIXdaf61R/mjIEvSNEVe1uiDh1Ic1ZvAaLw0+JhQrQaZhruC+Ly2z620/VkwNq4JRFh33nEasD5hHCLTRLc4LAyD/seJz6xNMdzs1SniBso34deutDIIAhSjqrJbefEDcZq31O5tUzlm1xX45SevdmokEncZc9BYMrIKN+b2uMG14LDVcUn1DJ8rBHs8Ni+a6GT20jgb2eoX26P+r+9pvDBPMO+15MBG7iFG+FFJzR5FhlwmwwQxNJru1yZGDvtsQWIu5FO3XEXPn1x8wtWLEu30CRF1p0DTPXmVtIZEo8oNffvo0w355Mi++ZdRpZGxnoDC/u2EkyShzIEXqiFlVTl/m59RwX3sWMOdwXOjfvrsFoq/GG0GUcI9dSiZOaKNHp6RxeYVo57DvV8hHvwk0MJUTDgjLQKfEOvf72IbSWcktG2QyZdRo5gM7wwo5thp1R4kCO0BPtsjefM/xCSfqlf5m4w3i9JIc7tjE3uMzK5PqrZ3ruWVY6Y4YIM6wTFqFo7yzqR00HRksofT10SrxDt789yltm/OjIWoyKA+gMLyZ/HIwSV+a4kA80XNXNrfcxzJbJtQhngzkat3pExcwHltpszAQrAnt5p8WZyI8YtEhdNsrNBkBYATr97bl+rnVgkh0RkZIXP9j2sTFKnJVP1P0eEX5uvZ9hNknDG2dXDKzBmoH775aVqnaTCAIzPZ2jEG1p3evtRz7eanhXbd0HMiUe0Opvb/Okqo54L9ooRmOUOKufqKeQufVeBrNuvNlAmKh2l5tMHFpwu6QaNohQCNEWc/uR0w2rD+w+kCnxgFZ/+6ARTWG6byR+zJslzuATVU3o3HpPIw2RBZc8V8/+oKIzqm+ZidmpQ3vxPvapHYbLlHOzQRjaJrD2THuQotPfHuUFmtyrbAi5jr2tm7gK3AcfqZtb72E2W+GGLdyRDgd1N2SHg66H3I8LCYeD1iF2T9fbLKVdvJ/7zjReuzr6pcaVfK2eTIkHdPrb4weUKtocIdumzFzZuhODxAHwE13COo6y0bn1vmbxJA5UY2/MeCuiIPVm3DUa2o32TlU7q0X7eKud+AxS7kWdsQAH19+qDovOmSnxV/T625fs5EVDff2m4Afb9UaJS8AniuOtUjY6t76M0B9q5GM6Z8a+K3J3SX1X5DSskZRjc2QuZvR0O7Yh8xsk7NoR7pa/jibcT+nGDQb5aEGvKMhmTCzC60y1mBNPXkY2bIF7sU+EWxiN/Yj9mFKxc+flSJ2phJCN/aipcChrJWdWB/8F/4WobL013lBxs5b+2gUVPwvtcG0WcVmNE261Ft4Iz89a/GPKCAC//cHfcKu1KAUdRmCdN2QxuOe5O8eNdXKsIFUMjACOxW6lKAosuK935FZrUZ7zFrSAgG8fbnTJrdaiJKc4N8c3UMR+oe/1khH7xCp3SecmWUMH0MXL0CXBBPKo4BHocLUwYp4Q6OpfqhiiqmbcCEm1ax0F+W46H6TNSkbsE6vkqeF3Aa4B7isQb3winbXr0FvRyDwli5SnQtem3SCADaDP0fqThY1AZLOvTw62iF2lyx39EukFwC5eBr5x2nfky95zxKVy9JFVeTJ49S8KqGYSW1eZwUr2CUPVaScMbYlwmmNkoRyZ6IgOyBQZuGWEpDVoG1rRFuCekmWYwMAzMKugLLfxGdmFb9F43kQqWqZFWFz3xCo3WkMxlAcql9kigXlKljZmpgxVo+OYa4XEA/HoDgXOOjaN2Q0K/lxzIUQ/3ziyfJ8o0wJkpWj51onY1VoUH/N8hn6MOYvo8Y8RF0O+M8qGybebJXsQcHuZZ0bi0L5x4FdrUUTOFsUA37EK8D8J9TaLNNtSV8xTshCdm9MTYO0f/sSKYPA/98tGijtWkY6fElth8sXLbDDeCkxbp5oL1bk5tsTxViAzcay8M5K6Igf/PS1rjv491h1mnhlFfS5uzH0I4+r7N0l1so4PRXtYPh3OiOhrPvYhTKvvdzhK/SHIER788ZNhTEa1NB/CtPo+eVTfh+Hr7NuJvQaNEkNAtxngVh7hCYqirSP3SI6txooQnDavrRXVfOvyqQb0/dKpemG0Nz+Aqu8D5YKBW3lEURX0kRxrWLfMyyrCDSANeyt6y2hvegCXtwZKtsi38shAH4uoBjFwBOOkMNDHuxoy2pshKAreQbdTxOCs3QZ4JgdL0bai6IRq/w7ANGujixr9mGVhjP/AKBzmxZpRlQvWUmmSB6sItMxW4TXYoA0VxqZIun+ZWyMNFJ1oYlu8VVYzOeluWuyEWxo8YFNEjVeLBpLeNXXeaVTfBxYDtBan4QiRH0JvsRXqtjRU6jdG1Wj/GDqzkhNYafzQqL4PlAvWAd6S46VQdlgEDVZROkl12b6aoDFKkrMTa4RG9X3geCst0C05tl2MlztxBhysovPa8VaNC3JzS46r2K3rEnJzS47rK3JzS46rsFYzkwKhVoMFstTV4zCJqr48MFDnxyo2axDI0Av/SEwO043N893jUXkoYiW7rtKz2GlnKsUEI4f0jXPkxyGCUb3V2SORUvJTbi/XY6NaCgYpYSQMI9q3EHE4fr6FTzWrn/uhamHH5hctugaHfT1a+J58+tVfPpFvlpgNZKolsYpbZp2yuDRZIS3gUqqG/fIpeibSdlqBseXhDRg0R1FP0qNZyrD8oCnjk9TJIfsWDXyrcB0sZvffDM1KbqnfUVDcrgO7TtmQV0lOS7rSM/E6ZUsY8dABB0ZOTsvEsRNVcaCA5UjXI02U5BVuRNVAZ/cta1mFTidSW0ZuJBXeVBfgT2YYiXMHn+iyggSuyzi/EEV7MlGoW8AvgcUM7+6k85WwlBi/oyhUdAYFwrU0SgHSkrRC62/VxjX6twSyPYxsWLwvOsECfSFY/8StRxobUzMgkGud2SBayLEWLSa3ZYBGUtGBiQuJWcCw3WWy6ikyRbp+MYz7eLcdWM1yMS9eLBcLjOKhoc3LsWKOvf5AWpB00hmjsFraZm69zOye5FzQeuYvBIFbj/QqmN15c8x1Bpc4aBK6XIs3U7Zlqq7gsgk6Cs3uM4NQC+OTlJCG3T7eTMoZS2k26LvU64xjrS5QzCcdlg1ZNJkj6SSCN+wN0wubo3NOYvQpC0gjCY712aDcaDHS7QqUKZF+G0s2hvgfxMy2uaYJnaO00BhjHvuA+SYo2vZCSdEe3eI5M+HvgCWaDkObJzqtI5gBbRm5kVR4lpfRG0Tkzt99o7SrlrtPuYqVXIJJlmxsREw+AapQyseEqpJw1obphc3g4q3jWlNRSXPKSrZ2UGi3K1DkTfptLCJgH9dpmY1pc7WVyHbtrniCK8aUPvYB801QTNsLH4lZj7RZLlOdIdmAdgBhI4C2jNRIQsDd0C8dpFegbetgkinncWDwgYjCGajJIbJEUBwc9KOP2soUi+3gDDHWNkN6YUnt7jLTmiKHhTuq/MpBul3BErlpOBql9XDMSJeNtrnwkArLFvzAtTGgoDUt5CoT5VWHDDAhJTO/o1S8AYWJyJG+AXJbBmgkFZ9WxhuA89hkHetgfJIyn2kVe0lfQYeDDt3HmAbC0jpZRQNSVKCvTwZv1pYxotzwIL2wiBPBtKbi2tF561VIFKkNFLbr0zDhKLm1mDlbJzptc+rRbvCDbmKghjUzHcXYKBpIl09wH2BeL60uOQTHdBPktgzQSCo+82tzEDekndXBjLdiuOwUnWnICaBj+vNCjeK1N8vRSKlWrRoLx1uVOhPSC0vw6klrijKrusWyOWi3K3R6JljotdgwVnBtLjiwli0UUFeBe+yDOYW0vbCx1GLceqTNss4AaBxjNmx8bwLQlpEbSQh3RR4epvyE3Motd5BeWDYiNopgvqQOoN2u0ETB0nquU4yKMcHD05fCOX5m0c/ro7tYdaah65EmlywEi0SVD6qp3wS5LQM0kvD18KR1OPOkOuTO49ADy8osplpI64RrvcUJw2KHDtILyyTT1hRDF7IHmG5XYLHKrVbCHEyba0naL7QJwz/2AcC0vVyhkAuONXc22JS4RUPYkWqkykKLa5DFHBgadI63or2wJFtkWlOU2SAbQLtdgc2ULGuBfmCmzRW0c0Jaw5bWnD72AfdNULTt5bB1pqxaGhrpP86ZmJXKEsBZ6EHFn7HhoEwvbI5JNXKtKYr5DqHdrsDxVmpdbl2J2DaXD9jf2ycnlHvsA/pNUEzbyw9ZA9N4Y4cJjZ9fXQGz0DeDUUVF125DPsJS1dW80F2R8wJY2icV6k4WnsiCMV6HERqHXn1kOAtNTJMsmlXIR1gqu5oX2cLfPAK5ORPU35SAtlRaEArea5tEhrMwsazoYRf5CEtFt7Cceshe2EcgN2eC+upnOtD7uglmbb+psEn0ugAT4rZucgmR4SxMtYB8hCXc1ZzsOlPfAizMbv2qrjfU5ZjZfJhg9O+dR6dgDGZhpDDIR1hKXc3dxiB16SMNdr9+C4KT1XAYJM48n6+jOaAsFHoWr56BjrBkppo7jYwPjtsNSGMeI1TzLTYzC3q2mBo7GyYw3v3wdjJx94ejPqrqss7Y37+WeQ2f4ejwjlyPwSc4XOscUGRB1cWh1f0gBjrCkk41LwMtM7NqWPj0cNJQyq0VxYnK3Ms/WFb6ihZ6Pwk/dHrT1KcvIAstuAEU9eZQZ1H0FvbjaFMOHHSEJTPVHA8rOgHKas3Uoy8YimuYHupNvkuqsY2qqVe2d7CmLV01LDIbCG1pTIjfCO1RH1jCIsz9JOxw7SfR2ZcP8wnsAzLRJaDKgrh6S3MjaBW63jjoCEs61RzDCZ6c74//ggFfw/S6hQEoOAOpH+6U7R28kc8ZoKK4jpDEmBMyTduY+0kYisBNnNIGMX15JdRdIzjgJRXr54G2m6VrZqe9KzLuvoC7PFRdwzQ5ja2JLy25vYP8DF01LEDP/xyBefkHICAJvZ/0eWRGGhx0BteCeXkl1FW9POAlKrTdLH0Xuo9V6HRJvQCTMyAy1wj1KK6LaphwDyn9xYgUV+HKEGqud3C3DnTVsISpxtqoaOEaY3daLKXPaLZbDUvHTV5Qf8m92VxnjLvGKP51UmHazcvvQieiC6NegJkzoGOaoyHa2c06obpJ+DKguoZpPXB7B/EHgstRBjQIgU9eDQ1oFT9zej8JR2Yx6eqG9Hvg5+fwjLtGjq0Opt3cxHM3MjSjXoCZM2DFxCcDUNkykzvkX8xIau9g7jZHftWwdxVzLTZJQGpdNu7lH6x8sJCXzP0kHJH3bjTXUAfjrnGnh7SbHUowEmJgzoAVIdxQqKU4jF8YgMV6lu0dzKnqemH8qmEnHjr51BddMuOtmJd/AAK0cO7+MLQQM7gJOtskKmIimhOm3exQeC/AU4Kqzmpp9UsDcJ4CPXB7x1G6IqchssCWRucZyAF1G1rc6C0DbTc7Fd4LMOFwFoY3X7gIuoZpvRlVe8dJzAYr3HBDWV02BuqqHhzwEhi5gjDtZpfCeAFmzoAx2CR3dTxkcjlWyAXvmUQycHdYjIG6awQHvGQ6VC0ZYNrNLoX3Ajyl2azobQ3kZct8vwGljwhXwnkBJmdAoiblKQ+Ot+oaEBQ4iK+IxhKL9dTC8M4aSpF02hdOab1pJgX/Bf+FzdFgS6MLkm3syylGA1yyUryhYlB4DM2JsBmZompfk/h91+bLA4w+E1brgsKfzEcqPvqzxUcKv+64q4i4h6R84S1CI6KzWjw/a/GPLL4XUot/DDM2RtS+No6ubvGP7Zhzhuc1KnEYc/acLTLgbrF62EXwX/BfKNPHbzujV5W+f8EZfUy7N7695or6SvluOrqi9vsXSMdff+qG/7Qff31N5d/v926o+/oDpt21j3/qXTCGXuPL7YX++94B4+thz8RjvpZcMDrNb/zkgtHyCqzZRPBf8F/wX/Bf8F/wX/BfWMzLv+737wuX4LMXol16f1U5CBRkZTlEx+NoAHZcZjl4gR29Q9R/Xm+a54XXshFit3RYVQ4BCrKyHMzxOBqAHZdZDl5gR6e1p8XBf8F/wX9BF9c/g/C+jN4cI0cXIn89aRDx3qqwK2MxfDqvXi7eioyaQ+DFGoPJ+1JGEhtJMGEnfbOJkVw0i5JHPAeWJP6hWZSt5zkSkd0fmk0bJuNmEwcifVOJC7FSXkrfQBoOGksVRsciFybytmk0maYCgv38+EIkjhpIU5EPIDSePCU005hPH3nRSHOije78402j7Uh2ljxq3KLYOHnVmBGs96vq4L/gv+C/4L/gv0CwxXCgP80fmkOdIetB2YibXJojLAa3Znc6e3A6YKobszTLq2YIGQzcMD00OQPLvCFm1hihHQCyMJsk1dRWRNX13CwEZ/i0tdwl9eaDaqQkNIfDFdCpejGbaknqhLRailYh8JK8to2MKPkJMZA+WetMYQh9ZQ2nLHlqNqtSQo6ECKLm6nWB0otKhQ9WdOaAiJe0bs0aGbRpcDd3LHRiJjrz0P817PgIDJyZdZlSdGq28n3FbDA3p6FCzP0bQ42kxkY2my8HQyF2rzJzkTT+WKIZ7io6JbitNpdQUUBo0T7o3BEZaiQ1NsZb4R7F1upCRbaNaBUCZWV3Qyu5daDQuYYN4CQ1N5jGFn+kpURM5MZRqbkb6NqLIVrzJZoNBMi2zK0zk8YkrzzPOoAVZTC/1rlN+eQNqJVkDY1sc9hw2VorcKewhWxFZzbPlJkb+ZCGHEW9WWCz1TJMViOp0TGZxhfD8VZruMois2vuVBMTwXir1HP0ukTooKpavGrgJTWepiL/3X+C/4L/gv+C/4L/gv8QMqV47FZOvaoxxaZ+9SfFuD/zpuNydMFZWd+J4L/gv+C/4L/gv+C/4L/gv5LD178K8b5/zwFNL78uxMG/57D2tDj4L/gv+C/4L/iv3Dbu4WjWjvRJEafzdSNDxgNg8MIzn6zbuKNrdC2y+0NziZGUn/9h/NeDphL99VtiA3exlE5OSnchMu6Q9yLjI7iw6ysVb+NYZFRE4tHPT0RFLl5GkZNmC8eyK1UYF4ZxOejLBfA2Hjk5J7Iro0rfW3lZ3kjs+3hRMao0y1F5f33QaOFEXjouIkOClqajd4nd22584ZSNf54iaWum64qulPjeCT9q2lBtCKCoqcibChPCSYUQEghv2GzEaqdRHaP70pDZJSGd7DbeuAcNmR80kqPK3u3K9UV52Qu7y4HbpUpv6FBG1yLu8uxgLHIhJy4lvpc/OA7oDxL3gxo4AJEkPepcvwYMZXfUAOKB0uN1o0oJo0Fh6NaeqnQG/4UO/LrpxG8bTfzL//MftcnEb8L/+F+Nps1/9h9+2D39q181lvjH/6q73X//d91vmkn88p+E//1DFdr/F/757+3XTaPwOwn/5n/uMGj5z6FxFP71f4LUHQ==)

**图：Qualcomm Hypervisor 和 BSP**

**资源管理器**

异常等级 1 (EL1) 资源管理器执行以下功能：

- 创建和管理虚拟机
- 处理和分配虚拟机准入控制策略
- 管理 I/O 直通，其中包括：

    - I/O 空间映射和隔离
    - 中断路由配置

有关更多信息，请参阅 [Qualcomm Linux 内核指南](https://docs.qualcomm.com/bundle/publicresource/topics/80-70020-3/virtualization.html)。

## 安全强化

安全强化是一个过程，它通过使攻击者更难利用系统漏洞来最大限度地降低系统攻击的风险。

内核安全强化与上游内核准则一致。启用了关键内核标志，如 KASLR、强化用户副本、协议栈保护程序，以及权限 (RWX)。

**用户空间强化**

[security_flags.inc](https://git.yoctoproject.org/poky/tree/meta/conf/distro/include/security_flags.inc) 文件是 [Yocto Project](https://www.thegoodpenguin.co.uk/blog/yocto-security-hardening-security-flags/) 的一部分，用于为编译启用安全编译器和链接器标志。

要将此功能扩展到 Qualcomm 模块，请将以下命令添加到 `qcom-security_flags.inc` (文件路径：[qcom-security_flags.inc](https://github.com/quic-yocto/meta-qcom-distro/blob/kirkstone/conf/distro/include/qcom-security_flags.inc))：

require conf/distro/include/security_flags.inc
    Copy to clipboard

添加这些标志可能会导致警告或错误，从而中断编译。不过，Yocto 提供了一种方法来禁用有问题的包的某些编译器标志。现代编译器（如 GCC 和 Clang）提供了广泛的编译器标志，可以使攻击者更难利用某些类型的漏洞。

以下是 GCC 的示例标志：

- `Wformat` 标志添加了编译时检查，以检测与常见库函数（例如 `printf`、`scanf` 和 `strftime`）中字符串参数格式相关的问题。
- `D_FORTIFY_SOURCE` 标志添加了编译和运行时检查，以检测内存和字符串函数中的缓存溢出。
- `Fstack-protector` 标志添加运行时检查以检测缓存溢出和协议栈崩溃。
- `Fpie` 标志启用与位置无关的代码，其允许在随机位置加载二进制文件，从而使某些类型的攻击（如返回导向编程）更加困难。
- `Wl,-z,relro,-z,now` 标志使得滥用二进制全局偏移表变得更加困难。

如果存在警告和错误，则为某些模块定制这些标志可能会中断编译。如果使用 Checksec 等工具应用编译器漏洞利用缓解功能，则可以验证文件系统中的二进制文件。

有关提高镜像安全性的信息，请参阅 [Yocto 项目文档](https://docs.yoctoproject.org/dev/dev-manual/securing-images.html)。

## Qualcomm^®^ 无线边缘服务 (WES)

Qualcomm WES 是一套基于硬件的受信服务，可安全地连接和管理设备。

它提供以下服务：

- 功能许可支持由功能 ID 和别名功能名称标识的设备功能。通过安装相应的功能许可证或证书来启用这些功能。
- 设备证明提供经过加密签名和加密的数据项，用于描述设备及其软件的安全状态。这些数据项对于风险引擎和其他类似程序非常有用。
- 安全配置支持生成和使用加密密钥（使用唯一设备密钥进行保护）。这些密钥用于：

    - 通过售后和空口 (OTA) 安全地向设备提供数据。
    - 在设备上对数据进行签名。

要安装或升级 QCS5430 SoftSKU 功能包，请参阅[安装或升级 SoftSKU 功能包](https://docs.qualcomm.com/doc/80-70020-11SC/topic/upgrade-qualcomm-wes-feature-pack.html#upgrade-qualcomm-wes-feature-pack)。

如需开发提供基于硬件的认证、零接触设备配置和芯片组功能管理的应用程序，请参阅：[Qualcomm Linux Wireless Edge Services Guide](https://docs.qualcomm.com/bundle/resource/topics/80-70020-11B/overview.html)。此功能可供具有授权访问权限的许可用户使用。

Last Published: Apr 14, 2026

[Previous Topic
安全架构](https://docs.qualcomm.com/bundle/publicresource/80-70020-11SC/topics/architecture.md) [Next Topic
安全工具](https://docs.qualcomm.com/bundle/publicresource/80-70020-11SC/topics/tools.md)