From 00cf15777885f8a873095c74289268866cbc264d Mon Sep 17 00:00:00 2001
From: Jiankun Lu <jiankun@google.com>
Date: Tue, 19 Aug 2025 17:33:33 -0700
Subject: [PATCH] Add options to skip Calling EFI Application check

https://github.com/google/go-tpm-tools/pull/573
---
 extract/extract.go                  |  11 ++--
 extract/extract_test.go             |  21 +++++++-
 testdata/eventlog_data.go           |   2 +
 testdata/eventlogs/tpm/gdc-host.bin | Bin 0 -> 50430 bytes
 tpmeventlog/replay_test.go          |  79 +++++++++++++++++++++-------
 5 files changed, 90 insertions(+), 23 deletions(-)
 create mode 100644 testdata/eventlogs/tpm/gdc-host.bin

diff --git a/extract/extract.go b/extract/extract.go
index 7246d86..5e48555 100644
--- a/extract/extract.go
+++ b/extract/extract.go
@@ -60,6 +60,11 @@ type Opts struct {
 	// AllowEmptySBVar allows the SecureBoot variable to be empty in addition to length 1 (0 or 1).
 	// This can be used when the SecureBoot variable is not initialized.
 	AllowEmptySBVar bool
+	// AllowEFIAppBeforeCallingEvent skips a check that requires
+	// EV_EFI_BOOT_SERVICES_APPLICATION to occur after a
+	// "Calling EFI Application from Boot Option". This option is useful when
+	// the host platform loads EFI Applications unrelated to OS boot.
+	AllowEFIAppBeforeCallingEvent bool
 }
 
 // FirmwareLogState extracts event info from a verified TCG PC Client event
@@ -88,7 +93,7 @@ func FirmwareLogState(events []tcg.Event, hash crypto.Hash, registerCfg register
 	if err != nil {
 		joined = errors.Join(joined, err)
 	}
-	efiState, err := EfiState(hash, events, registerCfg)
+	efiState, err := EfiState(hash, events, registerCfg, opts)
 
 	if err != nil {
 		joined = errors.Join(joined, err)
@@ -343,7 +348,7 @@ func PlatformState(hash crypto.Hash, events []tcg.Event) (*pb.PlatformState, err
 
 // EfiState extracts EFI app information from a UEFI TCG2 firmware
 // event log.
-func EfiState(hash crypto.Hash, events []tcg.Event, registerCfg registerConfig) (*pb.EfiState, error) {
+func EfiState(hash crypto.Hash, events []tcg.Event, registerCfg registerConfig, opts Opts) (*pb.EfiState, error) {
 	// We pre-compute various event digests, and check if those event type have
 	// been modified. We only trust events that come before the
 	// ExitBootServices() request.
@@ -393,7 +398,7 @@ func EfiState(hash crypto.Hash, events []tcg.Event, registerCfg registerConfig)
 			}
 
 			if evtType == tcg.EFIBootServicesApplication {
-				if !seenCallingEfiApp {
+				if !opts.AllowEFIAppBeforeCallingEvent && !seenCallingEfiApp {
 					return nil, fmt.Errorf("found EFIBootServicesApplication in %s%d before CallingEFIApp event", registerCfg.Name, index)
 				}
 				efiAppStates = append(efiAppStates, &pb.EfiApp{Digest: event.ReplayedDigest()})
diff --git a/extract/extract_test.go b/extract/extract_test.go
index 365077e..8f3fcaf 100644
--- a/extract/extract_test.go
+++ b/extract/extract_test.go
@@ -383,6 +383,7 @@ func TestEfiState(t *testing.T) {
 		registserConfig registerConfig
 		wantPass        bool
 		wantEfiState    *pb.EfiState
+		opts            Opts
 	}{
 		{
 			name: "success with TPM logs",
@@ -401,6 +402,9 @@ func TestEfiState(t *testing.T) {
 					},
 				},
 			},
+			opts: Opts{
+				AllowEFIAppBeforeCallingEvent: false,
+			},
 		},
 		{
 			name: "success with CCEL logs",
@@ -419,6 +423,9 @@ func TestEfiState(t *testing.T) {
 					},
 				},
 			},
+			opts: Opts{
+				AllowEFIAppBeforeCallingEvent: false,
+			},
 		},
 		{
 			name: "nil EFI state with missing ExitBootServicesInvocation event in TPM logs",
@@ -436,6 +443,9 @@ func TestEfiState(t *testing.T) {
 			registserConfig: TPMRegisterConfig,
 			wantPass:        true,
 			wantEfiState:    nil,
+			opts: Opts{
+				AllowEFIAppBeforeCallingEvent: false,
+			},
 		},
 		{
 			name: "failed with missing CallingEFIApp event in TPM logs",
@@ -453,6 +463,9 @@ func TestEfiState(t *testing.T) {
 			registserConfig: TPMRegisterConfig,
 			wantPass:        false,
 			wantEfiState:    nil,
+			opts: Opts{
+				AllowEFIAppBeforeCallingEvent: false,
+			},
 		},
 		{
 			name: "failed with multiple separators in TPM logs",
@@ -466,6 +479,9 @@ func TestEfiState(t *testing.T) {
 			registserConfig: TPMRegisterConfig,
 			wantPass:        false,
 			wantEfiState:    nil,
+			opts: Opts{
+				AllowEFIAppBeforeCallingEvent: false,
+			},
 		},
 		{
 			name: "failed with bad data in TPM logs",
@@ -483,12 +499,15 @@ func TestEfiState(t *testing.T) {
 			registserConfig: TPMRegisterConfig,
 			wantPass:        false,
 			wantEfiState:    nil,
+			opts: Opts{
+				AllowEFIAppBeforeCallingEvent: false,
+			},
 		},
 	}
 	for _, tc := range tests {
 		t.Run(tc.name, func(t *testing.T) {
 			hash, events := tc.events()
-			efiState, err := EfiState(hash, events, tc.registserConfig)
+			efiState, err := EfiState(hash, events, tc.registserConfig, tc.opts)
 			if gotPass := (err == nil); gotPass != tc.wantPass {
 				t.Errorf("EfiState returned unexpected result, gotPass %v, but want %v", gotPass, tc.wantPass)
 			}
diff --git a/testdata/eventlog_data.go b/testdata/eventlog_data.go
index d79a9c1..f1f0b6b 100644
--- a/testdata/eventlog_data.go
+++ b/testdata/eventlog_data.go
@@ -43,6 +43,8 @@ var (
 	Cos101AmdSevEventLog []byte
 	//go:embed eventlogs/tpm/cos-121-amd-sev.bin
 	Cos121AmdSevEventLog []byte
+	//go:embed eventlogs/tpm/gdc-host.bin
+	GdcHost []byte
 )
 
 // Kernel command lines from event logs.
diff --git a/testdata/eventlogs/tpm/gdc-host.bin b/testdata/eventlogs/tpm/gdc-host.bin
new file mode 100644
index 0000000000000000000000000000000000000000..4c607a9cc8787fa24545f9447cd230cc4820103a
GIT binary patch
literal 50430
zcmeFZ1ymf}v*?SvyK4vzgS&fhcXu7!LU5Ph5(qAV;I0X7!6jHoa0{*>fxsP-eD{3+
z;rrin-dg9Zci&oXBE5F^Z>np$cUA4Gy}KbGARwSY|NiMi3EHXdY-vs*CrKgYY3bw+
z;DCU90HGkD9=6C36c4T60)FrK-TwFgV}cH;yPLYYdpIiq%}pI_-F<$a9v*byw}>&5
z`u%Si+woRCCj_4+9qUVti%fM$2Q;MFjp7Gy%ZQ0Vq&N`hP9fuA>S{ruXld%^;c96?
zq0TI!rlI)j)Cm7u7?tbsz;*8@b))TKg?OQYUb{?llFvNKyl=P573@fQJWxO+I|K^^
z2k0NyukS)YfW960TNUNHmd1@28K(X_GeZp%q!usaHiP=xOzp9fCt^q)F<xQ(`o{A8
z?=MpS`TpM}th^PvS??_KRo6+bM}BXGQP5?qOBPt*JHj00SBS*X`bz?a_a6yJ{~#fL
zU7&4#ev<^DDXoHg)JpG+fz8V%v9jiDaF6WPXEWos4xn4|>l5=25;ki3#4~P5a58T$
zhF$?%pU_r`ZCYd{D-@-^BKB5m(flLf&o^OyZ6ALBgEqgfL-Yx8D^AKaOGgFNHuPa9
zi*o#)3E|n(qBs#RJC2>$I64ri1f=i;I=Gu!TT%e6tlTW!DNLO#D3m3P6_h39Da>r$
zDQw*+K)e6k=s#B&Q?Hcv)98)lG+t%S#FEy#uV%>MNGb0>HWxf^BT<A}c(^B~E1NMN
zlBY4>qC%`@Kr_bvb(J1;d-$kBSVEXXctE&<w&D;#&>wdQh<`neeJ|#8xz>0K^H=)}
zRehkBZ)|oTF9MDMwqJ@pOY=TtI_%@q{JEkKZlGfi9~B6Bh<x3y;?0yd&mtPjaSa$x
zT>m<z4Pqj3jZ2WrSQOGYik75ft#$yxuo8e^=<+;hC`c$M3^p%9+tu`pO4-OJF$a~i
zRRAg+B15=r_%~EYNEBEIKu`-CG5`?{S`!8i8%k514Gn<u&_F<e)v)w7bz{Q@U_P|r
zQIOPt9-u3$1~j*4BL|Q^>_kGrleBbjpwO^1w{ZeG0Ih8;-6-Uo%vso&01OWRG79xC
zK+eg^)zr=1)x+E!WHS`%KnD+ZTcDF0g^VlE!<mf>!0|vsqcHumI0_X9Q+F$%t0RTH
zr4NOSr4t)B1&2I<0w0x~9l*}U#l{W#pI46nogKjSX9wHEj{h(JxM0YFzuziISP1A~
z$an}qFl01TFk}$K5d9We&f1LuDb4k(&qP>(rsn|e-BkOuy0e+*cK#HlWi4yF&~bjF
z=`^{dd9KfG_tJFUC2C<O7ZQ&cd%ydB%WfoMS;!Vd&3L;aJ9Uz@y}?P8`uWJZVXl|F
zw07^E-#5icc-$6FweLjt`!s|c5+{uEo^5Uf5$3N5GF#K7NO2wW0vVklO{Pbak~jCS
z4^@bS&b177^|u1QY;t@046hn9qcFrq&IQrGu9i`5+9TOLAce|`l4&nS3+;uXQp=Nb
zRDBIkMyB=D74D}ndk(C`bQJ|AT@2AIZ^zHrd3qWL<2UY%y!`Wu!@BN$)gwRW)eAM8
z$OWHX*WG>5#CG=94fAO_!;j>{K=~4&acrg1|1n$?q0E)Nf55}q@!RZNQgIa_i-$@1
zQ)N1H^mm;)Z0(W@GXb~XoC1HoS)wbsMNnjGUMGXen%3ikLa=xKM73!H$va$FT)GgV
z`nKgP=*h9VXg9^0+;E$@V&YS)Dg`J@mW+97(ygiW+!QuMC}>Cs$U-TA1ON@xcS+G9
zA@5;eprN2H09X%g?1wf201mW)f`t5KE~IEMcrZ8z{->cFyq>AW0w2ZZY9XIMx%ylF
z{YHaq5_F@3AUxT(6Jq(&U4jCMQlOMr_Y2omgXqtD(+jlWLmOOa_~}?vBVEPBVBZ=^
z5IJZZdJcRHmc+E5r8^`&^>EGa-Yen|;S{&*VwSV<<zmkeB<&dSE7_+MJ6=S;By=)R
z)`+u?utuz!);^HfmhLTG49VWXX64>B);UeZXy7UhTae_^;`|mvV$XhM#6lpCR6pSW
zGe9AuBmdE8&xMXp;_W-+XGuc<s*yK*FQ?|w$EMzhW$YlkOJ{oKg`7%CF4so+SQ@Ft
z7wQRztfz;zMvcZ!D$QD*q-)Cr0J)1AQ!oR+o5@3kRUpn-)A_~f(y$b-vlY1Q&xiPB
zUqw!sMV@?MmxDK8;Y~KUxHlSF+Iy)%*#Fhs_v>2Ba|RqoOl*e(%Z%+;@!#O95GF`~
zQ%I6Cyr}b+br<amk{)z9RO+e|_YBiq_z=mpXgsT*^;w{?G*S#RGRATF_o0E$t1o{H
zSN%*N*;6X5`N4{;xZwCydsGXpakv!6i2vmkY=!{#zdCaBt|RY#xmKbc>>3`MQri9R
zwbag6I;ypqkpkx|)eJboaE~4NU&9*$(6NV)JcQIgxbnY_-hy2DyUZV6y3p*3?@Z_}
zcH+I|L9Tok<jN<1yK*E`q^ZbXlA!<IVUQo3c;df0@jp%*0UJr%)Xm1$$=V(0#D?*!
zr^3Kv!>d_ZI0Bt4*vJ4R4}KR38&}cR+!g2sv~s7A0J=H@T}>a{Gn)W_@0VZ3X8*_I
z6dE?RpplRYXjtV#p=j!AZ|UyrU}|m&iV;9}02w|i8ykR|os%8F$;Qs72XfZjznfeS
zO+ZlK|A@{E0J`5gQ~tBg@>22?5@HnW0FZLQkW_!alD~Z{`h$-}0{K`-h`!y%=*~**
zr!`M|zwX><`$|F?!lN!d+j3{vu0cO=+&>6t-Ow{<_rt_jM%zGs!;72za^P|`v^Fz~
zY3H&zaSm~9y$hza0zk4Ndk&|PY4JuiU?@yEo+5nwj&&{fKDg^}Z*2TR-Oh|3S)z5F
z=I0&k_t`$2a?Ew=s5s~5B2vYJs;$>Q@OtLEM`m~XShrpsJ&A!nh&zk<+WYKA0uu|_
zzfmU1VR;)SYX6c0W*-BR!DZ`v2)5uo4I-<Jr}TZB^84jV7Y3cTH)zv7LYrBZ0;BW{
zxwo#m1^ZP=$5&j~fdfzno5rKro@2-6N!`^xqM<$!0UK(iyV=j-ZR2r&`?z38WzZFo
z2VlS<GQvT^KnC;RLV`RUB*fpmn%S+ySe|gvh&9%<{-S2Z^U<bgV*ug*{sImZ3<?<%
zXvE|JVFn=qAqGHx@R8^b4ihpQfd0_<<uG9Z&>)8iAb;3F4MPCH3&fGKQj=Ko*TL+Z
zQ_7*%L=fPovMU7`JOJb{ngDfxYMyeQVz|7GySp<#E33Jy1B>HdeVN4^=*a49Z~L&9
z)!7wj0UCa|v4Xk<sE>oXE~wvvIxVQL8iP6mfEn}`z{LVW0VZ$=pdShg3l9kiqXAF@
zsQlFiK!r>GIgyu_*FT-e()GV^2KT>rI*|E72ZJu=Y-r>qP6`3k2L{0#h9nY{`Mjyq
zT{WxHqk={c-vo%a%tfAhUwxWedF)i5V_00RS)4&xzyDTB?ES87JW|I3WlnpDu+SKG
z?$f}e?YOKwd-J~GG~lx9vZc)%zL4=Q>l3F|=t1y@Dlr=8*Y<mN3Fz}_<Xbx_<aG=v
zaq{<c^cc^-&HEKkdA7n1`5dArB)#srTLJnzpg*7Omio-8n#PB|Wu&!00GoCJUm{+g
z=k*hT@XSSPG&h{OC}O1Kr;h)utu=0<f6!R~_7-YPv|vQ&{>Jz_iLFZJ(BzkPjCy{O
zKh)j^4Kb6nud1y;U|wemb(_?zaWoc2PFWHn5$#m?6?F$kDDl>^qW0rN0Ds1@bnrFp
zZ1=8ij?so5r-&cZ$0SIL2?P;aFMOBKwH!h1_z97ueBmMRrtHbBikPU+Dzh?@9j&L6
z+F_dQ^J?^O5wMd|J(cP>LF6|8n72IKrc2Lki8&W+4(FgI98yqbCLE}IDr-+VpbMl;
z%KG4YD1%Rbp6&Xun{+Nz6jR~If9PJ2-+v*Z%~iLp?9otT0!^h}mFPn{mnBAy8?ND8
z_XU*;-LHnzwJqI5;KXOYppL|_0IwyYe~<X8F`Wj;o4b+tBibjU*A}h0kc0v@{rUq=
z6~uhsc^3|bhdpN=apNnKbAy_GZ6)q$_R!9pe~mZz!^yAOudJ68Z0jm|BaGhr3v}|1
z!&qy`7e^*5*dy%Z5<)<X)Dh0}3#CaFb}UVzSz7}CN*tbpjy-%VK(+>+IEem<MNdH6
z$I%830~Bqp|B5yUGkw40z<_nv|Er@74?7z>J15s)(FWAycxVEGg8oOM4I_Xa<ceUR
zv8nz!+Gt8i%l((bO)-Ll!k`qQojgiWS404u2Z{uwhQ%sg0Q_On3*<VtP86hpXHuql
z{dml2Gnb5cH;QsuVu1;Qtr|bKJEpSxiU^_u#G(y!Lu}aFV`YYqTskO~Go$_PB}L-m
z+3TLlR(UiY4J(j6BlO=4&Ls8rQbehFcZEKKH`DQhu~?PY@baeZlQ-0-`vWB6w2vVz
zgxGscUC%|IuaVQy4*xjTG9uabPx0?Mk*xFK+ghqKi&5<4bzZl5f-}rfguwGr$JS`Z
z@30$29breQh9SZn!4znYtNXQ%(PtjT)H+)Kr%`1@KwG%AvWpHD6$};Cc+9be3&gkz
zmyTyD!jWBV0p!QO!i^^=+_-{<(SHj!u)mH0sQ+Uh)Wcx<y4$`vz)StvISmh~QvTED
z=oHR@e~U`km7NlZ?}D9Q$9`01bNWb?5luY%|3{^N6ZifxDsdr*-vdU+zj>lmV%X?#
z(Mz*?()t}^iP4G^KYQyK#4D?dt$Dtu!&!od9Q@X>GI%L4L<}yzf%FWz^_<9%_*5m~
zd%b3;I2{SaySge>oc^wg^i)ccgiq+VUOB05iIE@Py;Ez2RY6_R&dD=9MBQ?vSrkRb
z7abZeeAc5_ory(?pb`IWu%nexNRE-5{nn1sRyk|PU!3!n8xB7vo<g*%K9k0Sc5E2B
z@XBy%hg-w9Ri$wTYYM)z-F;=5EI#n#A;ASJ4xT;h7pvGB>aD@hg~PAi9Kn@Z@&wGM
zHmUGq6DO`GRqda{!!npC6*w4A(4U>yL^LL8vU}v)1=|T0(qI-HR?fpzjVy@j=7mnB
zDwriw5xJAb3dx{JmTcB!adOrEXi_g_3OXo)bs5TTY1<{1wAz%>KzpebP@jvJQ5QaG
zBb-3p$Z8a?5*9ZQ7i=t+f5C#f`fA$2W3$P&kuv-T{M6OD;?z<llb1Rf4Li@EgPLn<
zc+Dx7sU6{Eoj{O^RtY=vT|v}$@o-uK&HUgGdRf<i3=NzTnKT;Kp{JW-DMSWPB3o%2
zVfuo?BJDDGuA1vKRJDuGcc9@I3cryhNcTdZ&Jjj!pmEWfLA&6V98c2b<>~U6T=S;1
zta>|Nw<&~2q+G35K}j81_B0jx+v0h^CuLohbm)fYfX5H`Kk;M#pR<*DQ2glpD}KOx
zYW<2I2#?}N<o}2-W(NR%`(pb4@Wl_A2!#Y_RAy^sYi{apNg?LpZUb}$m46>H0Ko4g
zg$=;Q$HvRa#>xIGZ2WF=Jv0G9q5mVQvH+NVt4i}9s%qOhSpdD<C{%tAR6+R{h01?5
zQTdG0Ua-l6xUtj!EzPzAg7Td$2gh+G%!o$d5nM=nKSk)`x9OO3-kS2FN@hPZAK3ei
zXCg3M6wVucJNB!uySP2}qS-#jId3iVG`dTt(dkE+P&0Kd%M@FGQ>D#u-G?t3ZY2{?
z=knW{IiPKgAh~NDrbYyoN+)(Zr3s47j1-C(LfI)E*pk!G8F1hKl)yzwStV?kSn0u9
z@6o3{qV)#E=rbVNQ$?wp;4yXCkgB&G$em}K#)jD-x=9+oD9~X1?DGwGg3Hi>gwbHU
z<27{*(5dn1A~$xg@*HhdE4zSL64Tn?nAh%G4W(}e$S@I>4H5*Ub*qkqUI%(le#k=q
z6*)kKPe_sfW1><<55@NquP@zuEa7{Oa^{+!X0`f%Pe}N9r8N@2TVP;jGbNOgpg%vJ
zNzez-`kkmK0~7)Bd2)F&;ZpyP5*1MQ1$ACfpZ%Sp0JxdiIew)mdVi%PpcF+3pa6LG
zR~wX~2>;holz$`pAHx97t)Gi(u}_av-7%kVhoBm|6Qc+Qw%c8)&7^Dzr($#(?9(GQ
z=>$`sxqDs~Df^4AExMK^()j34i1S2)3P{{mcCiP<^Dqge1o%Z+t?Q!f+@5{idIO!C
zFkN5qW-5AZj?F4QYdEL?bV~O9?o!?;y}UT^3wP7*QKNL@)H^SX)*6CYf=4{Oj@cN$
z@PAo#a)lg?a3eBI>KdTlvj5(Ebwh~FvL<NjtYQqWC|9VoHmgT`G9lDhgY-V?Ya6Ld
z0<gwSNi0`1*LW+Rp$;?AEt-<<Wc-U8pRsVcfyu!NG)CzR;@-toT3AznYNVA6VO&8C
zmQWCb4XjstqJr7;rf&GbHs1(NXf$~<-&cDdZpWYT3^NyL`;puUEw`ZS{g~^khYEw@
z|60H3v}sGp^Cf8N%7YNrdL~)hh@O~l=!ki3Y*Wfje{y=<w;Yc!SXyV&C_AX$y4r#3
ztYb^$$vRg7k_X%sf!3>8Z>A|&;{C};$n3Wmr?4w+{!Hf0a9Pxpec!zu)^+gVxET|%
zpht@q&zRf3r(}yB5=fnnM;q7+mqX7u6EGmzts2WreKbd6KdYYSCTDQg+Y;ABaFN$;
z^A8C+p%lCz>F#e$NJfj4N)F$vrFiu|W28T|$k1#q&m4i`od<^33!!tV*4*^m5$!-A
zM;Xk7SCJWsu0MDfxcO7tS^;hK_dXWJBdN<oa7pUjILDiTLcj<h7^?nv7(j&BTfDd3
zKHu2{j{=JS&a+B@rsqJ#ekWT~HY|`WgNE1e*oZ2o4nPVq2X`PFE&%&s9}+f-mZF!b
zt0mK~8HWc?4&Vj3Zf-Un&~(5<0swOA>>O-=nt=c2(*;9P{QU?0E*+shl#UR7m5%x?
z-$+eZ2b|-w_@D)-w~u<#rZwCBKuE5u2zA$87Qxqc+=5lS+iL9~MK2EwLN4mOwHUh7
zkd`-0zCQ*;b_zPsARS`?rJI&nwhNbBP6D?IDXD(Qa>W>1(NDAzyA?#=(W{LWug%V1
zoiyQx5=z9!rtx1WTFc8euwlO*P>A0Qkt|R_D)Ok$9j<9b$=&Z59E{;)&ZOB3$|w+A
zVknNE3b@+B#1Vmu!Xbx=COL!+5Nh4|j2Q}BBaqONJ4*nIVx*zk@I|S(66Qi6202VR
z(l9>-D}44;ouqttbEUwsdi8axpvM3ufzK6F%~jiSX}w`fgRf}7b{|xY9(Di}By?d=
zH6W<sZ^Q9t3vDp2@IrK0UT~iWMq6QF#M%b|FCIK3HH;^~JrL)gfPB>=koWv=?JL25
z>y!_ZU8LABe+o~3n;ZL8mjTrPosSz>`ueJ@76>S4Nl@ZYm2;BocP_S4fewgLK6tbg
zz1b-uHJ`e6nx&H7$jiNvh)F@#9sELI$rkFN-o@2{hs>Cq_3=hcEl(Fgkf-PpQuSKo
zo!N6PnuCG%M#}60e8a$K)LUYO2=x&22IP-&$*8tht{ewTM?-vZ74dfO136mOY&Im3
zte`!lK73$U#W+%flVblsY~4Khq$BHnL82}Sl0PTIQ|017+}0Tx>M`VA`Qemni78-&
zEMMD~W4vJO5k({s*zWxI76Ek{vu<fG!b*Jmk7iUAlmxvxRz!*A%uJlG5s*K#)9p{`
zYa_5gly>P;a=FlPOYo=fITV7M{>~rMANgm~Zw8ru?q8<Aq3}iz$y7)E@0RjVu6F(B
z+lhko52lau52lauFQ(5%4WNAR2+$}*zdZtlx~2KUG~=(?dUacCCr|<W*GP|t4ZzL`
z;O6AvdMHP8fSPQ4f13ZV==7h}pEq2Jv|KTg(&c>Aj1z$_qS=JsZ@gjX+sik)s>2QO
z^5s5O?Vm2&!@vA8*P21))D9URXy|uIdwl#nN8w4Jo!to9?47$Axix2XG!2#MclBjx
zn8Q~HdGEcOO2hZgq4r<q4A|jHB(3K!eLa-Mm>B|el`#Xw^t?Q-<%R65-IjL<(WGOl
zf7Bi{DGR--%+cLl;)8pN9qigZkEbKG)Ft3OYj^=84M@CmLA{x24vAC_f*LnyM1D8A
zw+D$ud}<TKV}f(2Z?B`9M-{;lE@!EgvowY$MV`sI2n!(&gRj>^`vU{$YKe^E;_qSP
zkbnW>cCcE^=rBOiGeO85-c9~{Sf>I|`kNDh(G3tLzj=b(hJJElXjEe?jC(czF9qX&
z1pZSqM|js%(ym#!zo4LC!g~C4F@VQcmLa=7g_2Sje#!Is0T1NYdswpViAbU_r3Rvk
zupSgLGlcm1?|PwnRNLQ4`z8T7e1eI%-k0kX#A-;6IHqi=>eBZVguoP-SI_DY6@x23
z0nT1LrDVW1==RCv?W5noppAyjUlp@!FW^524X%G%$*Qw_*a4j%<Fxd}Ue0fxc&86R
z8XIX_gM(tMug>dqe5e_DC$?9>@AcwY*igr<DE^6G06Nm*xo=`KVk#m$i}w{YHIwks
zUS_VNJQ_6INpF=cAzEOzmGJJ*=ARdi1v}m$lA-IBs#&U|+ou!g7%$||=SiUYJzfs0
z$smH8x!RxA2i*U>!hi}C<)eR_IgTsl$32szaoIb4bX<RAGh0{J%GkeKJnF*)RqVf-
z{D03X13UoEgW)5ip#EAnAY}ns1R|@a^4IbN=zq67;rGe`Ha2!%(Bc6euD@0eu(5GG
ztR{Ha@qe4b|JiDQS^9b3vm=@djvQnD&-)V}`G7K*>--H93}@}*>Beuf6lPOo6Dc>J
zmZMt{R+W*5R$hPjMwCE-J-5oEZ5mqZ%E@<@lc4!Qq^U~i$vaIxwjAo>O7*Cho&)k+
z`Rp~c!I-$EKP1;o$HmE?X2J*&@2o(wtMl6r?g_Gg8pA0L^y&8$frYj!bUO~J2u?3}
zAuZCn+EpwoN7@El`4)xBIo$oWN%8hHU$qB?YB-RSx6(hvXKwLE^Au{5@9R>@%1rkG
zeZEM>k@#XttFM=cK;p+N+Z>b4YKG+6&SCDOt%B*a?V8|m1M7u`5~Df>xAkpNw809q
zLo1<j9+g&@GZusl9mCNE!c#Vp@2G`qm+(k!Zs8G%yMbTfxkB9W6B_v2zn{j@iz<yE
z(43k>>LY*5Mn*DDhkXqhSo!`bB|p%lJ=j^dk|EbKew~y6n}rO!fxNxr3B~SgLC7|m
zKf3^eK-y;e6x_WJ{=~}5Q6uAP`Y##`7Lj6=n!L<B0K?wjp2{2G`LC-1-~)dRR!M1K
zPyk4OrD)L5e{*MbBnmR&YEQlb-*(09q@a>_Y)R()i#z*A;L(iP-v%xqbNjV`AkeF8
za?gYmTU?DLFLQc7GX~ShE5FuSn9M1|;G7nXIDc5;1-uO`K|z$mMrE20#RyeeVVuX;
zFS01xJX%cm9@d(7xkH+>B0KRcqLpM$5HO;{I}P^68AiF>bLEXC#BalzG%8M_Aw|Ac
zlS*lny<fJ%BZ!OWX-D<daVE?3=?^iTMYi4MoF*iVo1c;&zRgPdX38jQ%vKufA$&C<
zHZ)rA=gW<7r7F~BUCGT;kGhS~SN3x$g@Vec0`M^_Ghc~%p^MfyEFyLd({qf;TLRZM
z#)xFO=imi>tN-9l6(+EJ!s?S<61Bx-aWzCSz5H~cX&#bR@W9tYZT3%-=@*+;3=GfC
zs)qe!4CD3(yQbBz$q;0{*M;R1U6^Xm;UZrqyaL)jA1{(sn=KykPBNGYp}~74G@n1e
zt-rLq4b6f!>jQHcEnT10>it>!T4@IZr4CVWPGCaI_l4qJ-_7{<+qZIpPvk?x;J)rO
zeTS_z@R7pOLFsHHs}<I4+9>Y&*9o1X1(q@jS{W0Dm(!h*%=b%s_HM)WWd2;!Vgo+t
z3WU-}x{oJx{*1IBhCs(2J`WQ*-Vjgm`nnZVl0+-Y#J+PUOVBC&J_rE-Z7pxtG&4$Z
z#7oPFcKOEGGsT>QpIK8Cb5^${h&IiYyza$5-F)ezd-?oK_M^lkloYtE3fkYo9%O+}
z4+S<X+Ol<`Lj6oEAtRhpCM{CicB~VPEj3XTBTur-MFQt9SwjkcyuO)BLU*Nm@@W%V
zigQ{&4E~9|K<bMMC*pBmaK3+WAwPV5h#9f^Edwxs#VrC=*y0<L62h^yk6kD_`a5u*
z=peL3-odgMi=ynkOHi5`fD+YgZbne{)oXitJw_xraK5)JQyR6%B2T+l$1!C5@}df%
z8H3N~FpAxs`Q%U?#R{C)xk({9PA$-tsJ}6$!N^+?*;LROHbQEFiJ<qeDNlC+=hYK?
z3vMtep-SG8Ez?wat>qd55yudZ>Qr7)b&lyKeFf*|p5pqG+PTDZKPitZ@N2h(XUgM$
zZcp>#-N-wWE2Hx%aDLMKfbPn_P5sn@x%0(6$3P*&=kQz;>^nRbCic^jEk|&keqdj%
zL6AQ`hH2r@sno>pSn$VM+a0E*hr!u4PUtg9a6aK?2hDblLo`kpAH|0KQ{6P;DlHA|
zN|TV>bgFB~g#tK_0j&5saqv?KAmDxxm=~C_J{icE41780K2CX#7jE+!oX1z<N7k1Z
zD1mRE5mkoeBomt8GqWB~xo$*bp)OlWLILL)Urjs}XGyx_Htv+~MWsb>$XS#31>Q^E
zu-Yd;+P>lg=UJQ+t;0*cxv7%BAs{bDCv|Sr9$;rFqpmBRX=PNcegV#ljA!Mp2%ltY
zsMUNo+6?MxK5=yCck^-4eCdpBH!kc3&dZD<n9{DpWrnZv+aEK{VqEv@Iof~XrnKoL
zX4+uTTLI@?&JuvrRC4|rh0<o_PttFPFetpxFR^X*HWoWaewurL^TD44#v85>B*wGT
zd#57CvUJ79gmy8|bbyRYT0Gju*5G{foUHC?YU5>G_1hF=J5%e5Ip0X9c<E#dd{@eT
zU8z=ZKJH~f)Wi-F34FPm<p|x8>fwywnTq3X<W1!qT4$gv2{>Q1U&W?Mi{*Bh`j*8S
zlkbqNEX*3f&q0-O&4XC>Q7<2y??Zf7A>&cG@G0pnRbw;3O>9cOG!yw=5niidG)H95
zEjT}b-(6aJ#1KS6*H}ud5Hdd;qmM#MM`{WMzrUT-lNJEZ52JHf;kWF34@uX+9!@_+
zcH4g%u#k_^y78`az`FcX3^;G0t-pxnoymezsddFku2yY-jq+U*!dus4??j2&VqOZI
zml_<Z@<5tsm%Zgtdtrg~*+Q{uAyIHF`pK|jn6357OK?7D;YJ~c#W$G7(q2B;t$C!V
zM)+)RpJFwS9`DIPep@&=-^y^7v5Wwd<vr-0G^a`If-=ugSvdcEOB!*L-TT-{5u9Jk
zt_ta50n%aX%<fN-dQmrAensQ*f&VBebkP4@kSrUV=lj${_wqvCIF*B`*=qw6dRO#Q
zNuc?&Qn<_ES_n7-C~%(rG6kg|djYGUTWb3@%EF57e$>xb{KFO&$BQ`nKIBLK7Gu_U
zq%f`O99MYv>Yz%edRNAd4vFIFt;-eViwU_lR&e?9;WovymK~o#YggiK@5N!1M<%Pr
z*>9aOONA3nc5@NI`Ka@$tIe=p&N0|*#MF(kpIxvnwV@drp}vyKnzHN5H{ks60T&G1
znUiMbeFHS=`u-OUE?5PwvJ4ab_z9SF<~U7ozJ3di6TQ=3J3O5u89w((lYNmT{Dx5?
zX$?06!`Pm)95|m#V1B5L-<#6Fa*AXHUn^OnpHJSTo&8<@W!*{Nm`OJ{|5>+M3qcZY
zBi8(8H4Gh)H-_aU%|Mx?i(aGOqq~ju$e(<w&Vh9l(&udoQwKcjhz$1cfVf6!9b8Kv
z>(HSZV{-tPZ+YI8M;r<@W7g`*lJU*R=oOg*fm5>bb4C{X?Jq+R2jIN^lb4A?E@47K
z#Z{l<GUfYy6J4Ha^Wxtak1&T9oDMzepHF=((Kp1-Cdf)dq>;I_-d20PLA8(T3mpcK
z61zKmYXq0yPCDhN4uN0}q^5>`QwkKiPs<IB#O>0S$Lg7nxEmG$=TTNEA+G%VuZ@)s
zx#OWaos)Qx1gSqH{tO_LKuxJZAq3}BVRF&Lcm@+{rafI!w}5VeFR=KRudjAGnH67=
z0*s@;d8lnlyAQ_}kfP+png{O}MQe-Cv@#EqQcZcPbYxjho56XfyE|lkNST=DDGC@f
zr4<FEMHG>d>#(`ea3eZT=G$t(`D}<Pg;`&*!H{LybMY?Eo^Bu~_Qmvy%2dz?fyT<P
zNA|cdyZ!lUli9tbnER{QPb~aRdSo1f90TsuLSpgb#>*mb`Db3$%2~^a(Yv{Y2Ho{a
zoEZu*Rq2-OOoBCX+KSvNkK!q6kAlZO(Xm$RDSzu1ll6oAK2-?L^@R3%hbttFEb2$`
zIz%VvtXP}bS+{Y>T!lcBE@@B742Wqw`~kk=+q+%uNBXp_TyCD+y}@)QDZQcE?Bk`}
zAfrUNWF}R1|EzL4$=3m{f1g@;sEON(-Z;%@iK4wP;vyU%n#girO?0Dg|3lg6qxgOr
zE<DtHA(B#wbAuf7%vR1f*7Bf(L36cT9L<X{b~zDT{`27x4fAnyNb*Jmqn0+Wsfy{4
zK9OhICW77AXH5J3KH&T=1fSu1G#KrmT?ke0hPKNB?Gq>5M9LCBU1Pg-8n~a}JW0dy
zhqEE9i8l?&FR@+j7}FBbH{mIPiyCy+%ntr;c;LM7IPFONfh6zf7IiCa--+?Efi6Ff
z)u#*vBMD!Tt9*NK-sVV}eegYr)sS%1=j5+PSSh%fol*@wgUl}m<uVKMB*6J~c{V*w
zJQrD^m;|?a<~3r)wSAUyN}`|4ui0`hjSwcm`JEnQ{)V7~NKMFtVtSsS1$jN99_7fV
z_G->M2Mup&c)|JQQNgt?w9T4Yn1~tIydN@`JwWY3-S^LF1IcidD%$$Mc_{6B7jy=^
z&8T|!<StK`H)Ca{^b4gwZKj*5&G}&148eK+#FOt^bO8mg6ka4FGZ7iBDeSHd0iJE9
zR`$pCNeMpc4|3`dK4=bEXR4^>#o6^A{j(Xv=I1S7I1fD93d2a;x4`8GmDUY=5bcwf
zzxnjVXwR0k>+2B%TW<_bVkwTbR!OrnIR8@pcp3LvZG5X_kDjeVd>c=22K`EI^v$lT
zT5pkV8ZtQlikU0(P4Ty=X`5CB%vM=Fdy;Jlvzo&ONs>_lKR%1+;Cyb;M<|h5;ScxX
z5N-Z(66!SBjQ&QhjfhV7fwXgu7?1AnjBD5A#n0hOmK<{GTdgBkv1j<_DwE?SJ$76r
zy_CM#;PMT0U<vKQ_IRSCobhMB@7vI|`iYHXmCP)Yk763D`96ww&{xmsQ=%i^-+zKO
zLPmVUgEE1#IBq}j(gKANo-MvS0$e`qf<LYcr-ms|A8kG~v$5NSp+y;rGsXLWf%m&}
z7tSMp3%9RdIqjreW%<2`TIb8LAHfz=mvMW*pta|AHgN_64!C@TcB-hoJz_<Qdl6hS
zRl6Gh^eiTa<Mndqft7B;+_++J9+B=uH0B%4HmUW33vcOBhguploy@5dR|K8_9-3HF
z<s<%kbQyXWVJxcKb=DjIhy$RmgB-TXO?*sSU<qq`qC7Z{<na}m)cI@C%(?p$$42GB
z2H^l*J1!2y)?Rz%MGsdaa2`c<J^|R5j49`7SQ;KIZqIa=V^?(Ms{XYB0uzUQ;|(~E
zURaPhsS23C)4!P3wKN|)B#jVFdpk;iVVlgrBBz=O&f|Ci8dx#!<V5zMnrO(<#~6W}
zGj^BBfKyVaBGwdC_(y#FTD*&1?!;P=<T(0$Kv;NA0~H5qmpq#SI=!Len;dYSI3W?Y
zbk=PPo37NG`kficw&qHe#t+6Hu0Olz!!hStz<JUbo$jA4OEDayM`Xt7{NFei(a!NV
zL=0=S1sU@qOCQ-UIeudJ@ru#e7sz0#HngfB&hT)^HdL;Ap$yAzb-%-8aQU<-p>^5e
zr{-8Sc5gTLTUM^Wyg)z=){o@7$G4(Yx|adx=|_t+lnMcJxQT<Iwgxz_?O`CODxT{{
zjm*<QOd*Iq%C8xzGQJkrgO){VM(?paui3mdIG4Yc{dvXR)lL4sFC!gXKJ&!OxFBch
zsogaxA|ac(1Hj_@MTL%*0K(7RqmXzNMBqFd5ktSeN>>)3el)o?C7%#i_^3kTIEuAT
zru|(S2GOJZh`o|MEjX*saiYTL^GJ3l6WO5w=CuG7#>8tUlfjJHNBxHrwUAMVgXATn
z7I8HIrEF!cm1LS0ZFRj+PN#N&CMOJBA8wWzQi|GD=p;HUwlW|R(!>`i(<t@r)Zt^6
znzmjKl}EfU+g3;<TO|{`v`nO(!^#={c5PcC@_pE{Z$wp=Q3g2AV>xfzrT;xf{5cn9
zf&eAYZc!F6EF0-m_s}lf+pdHYoac44HCSPm@?0hUFnYO}<GrL>{YtZ|<%cI6j{t;E
zN<BEwuk8N5x{5J5q%s(HnxkYw2sWU8a2<O${r$1H=8vOC<179h2dNLvdju%Bx*6o+
zX3W#79r-ugt&sgJ-FR*_T#x*Z!0ygIXB<~|Qas_HZK!qRD?G8Os|iF^g?uR6WMwy9
zaD9aNo}RSi>wU}@vu?NW4HXoUpxiL*kX+s!;t>mArh7C#6h#_v)NQUwDceAXEO`gX
ze@_a~Mi1H1WfdoVZ+y`f4=!IUESTJ}T)&j_xpx7haVC<7^9O_EH;OXRK0+aFeHpNi
z_^G2>uP$~a{Lhx!=b>BdUr;WIATuTHA&=`-J7}`Kz<H?%d&LFQS$+PLKzMg3U&97H
z*}6CMVu%P$Vyw{-dynF^v~?#9%6xa8eW?2Y_E_zTMRb6U8?aM*(h%rjSZ;j*E??%J
z*t}M>=@#bD2OFDhTXjjFg%uy&u<8O=sOP4iy%wC;-cIEIF{(!O&U37q?fNh>O2dLi
z-TfHRH+cRsb0#$noYzVCLFGa@=$LSrV?N~1Z^?0#cXg6qAVS_Jg`G9f@u=QnNR~O$
z{_F*myp7rll&<so_#E(x>Im}n<YB;q*l6XW{MU56uh6Sg7pm*7YQvecGyP+S6CCb3
zKgmkl_QvIn;G^-OIXQxM1A!DbQ^G(7vOGp#6WzMd`zK9%4p`9}%QYV>!1cGR+ZiQT
zgzjZq!Bksu`+z#kKAnsI$~~wb2#Bcr%=XB?S-r*1JM1CkReUXO$Va<<_{@+{w0~zz
zu_E%)3ljS56kNWI+w>I){X4ZijiY;AueTxA60g#Oh|KOOnNor{2I3z1H^=s`)55Xg
zDAx@E?l-r^6p9<`F_GBV?WAO*%Q7;_O5pMxzfQ4huk?-%6xBQ9wIzBO@2wt?i>Uxo
zSoAt%PW&RldFOm7q_avsP1{POyV}KW8g`{UqyxSlok&Q|*(he!a&X?Y2N>+PpOlfF
zkw!dF<sOGa20ODq(PWq)R%bO#@je)w_r|xtpo}bSsCAnyy*x-+ptEq%LJWAt<*P$x
zCeP#XsGi^*5>hnC(H=3~scJ1WD4eu{TmC|I*+q-C%FD(vj`~sl;@xogp?qi&QJ7*K
zKai=a;UtH;kWb;+s8hu5xq2!aI=DUoa-;Q#>;fddwIs>Ink|EpCk4$0Y~*rA1PLb2
zDiE~bd~ijZ>_=*ciEoyfw>Y|rM+uB`2rQ?CNXS_#;dB$6kL)W-(VLGuo;_nUQE%6s
z<s2|yVD;)kS0?t1iP63;4DwOEIu=@P9zmOE>n&wBwz(`dJ3M>(g3VciPNF6KaX-cJ
zqw#QD@*IjSp{^y4=hm{c{2D{p54FIi%O|t>y|=@YvJ;QSR|)2qH~m|_O<x>RB5_P8
z)?8~nKbC9H4&|bopyA&!uY>>IL`%D(V>todCwa|J*=0A^=d_E5WaA=Hn)D&v5ZQ0k
zAMxoVIO&})^#?-vD*EEg_gj9H|MXNG*<}?d^ZGC}VF%8qID3EhGfhj2<==aqX{cl6
zA0EkcH8lJ&%DO16-S<KeoKM?SNl}>zT<SHue@U+yg%wRsvZWI?jT+VSyr66n@lpRt
z4{1D-OxoK`9MC+y2;@r5u9Ol)GvhzGdw$kc>>aiNE<e4P2vJhf4D~#AVL+9sA|cb`
zr-bj?<}^Khpr<Ky(4+p4UfSP=IY)lnZfFO)q=efh!`wG8Cg*xf1Z}uM$;rA2F8>uB
z#r8q0*ix1JLb>c^u+5%CiSvv>@%p<lVLyeGJl99OMt)hg=5B3NIq?TE`NXR{d_r;u
z(NcS$@VU+Ba0oVVKC4>UbKd@Pt~9;#ow0aUz9P(OjBM{woM$ppaQr>*qkQ}|P3{PQ
z)Oe83|D(q%^VMT}?oA5qpKdTt_LDI<xgI3o^0TLxn^}$A@o3NXR{3kgpbJF>ugYMG
ze2PB7F8Wicl!5a(Ga~361jt?N*9or+`pP*84tx2ficx7O3mYTs3coUe^F@o^&3*6k
zHMl+^T(|17^b}X#V10dFiDSog&<IGecvPP(douH3Zb`hEFDorCH4jK|Ra;)%;#TwV
zJnx9ots%w%Tz;j%R#caaQu-JDx=s#tIoW3W7HH3vWu4l)dF#e}{abLpWv+22?7373
z8l>OzjRmdB{q#Y4v>GctAsK%8ebwc2aK2Rp?v-wQ48;%Bif*RcTXGs39}y?792g%X
zM?Wfc^hfgr?T|~*9PQ?>{Ye5HYqUs*qt)@wSdTFhZsL$P9joLX<rf_u-!bml(G413
z<yf`PLMuPp;wfTXIp)G6QJ3AYT7OjEcsGgpbZ<c$W9H7InxxyAf&L_@;p*pAK^?XM
zRC?KXKe+zyB@Dlf(Y<Bxi)*+Ia+A^b+A2R!`eyIv`9s7uwwdUWKJUL-32c2;>|C&M
zdg4q54OD=>2^h03>9;ye8At4seB`fsq|<e~Q~Yr*nv7k`F6*m7Ys6ij+q9!5@)~rC
z<J(1p>(i^Ee|~^bOj@ytKWHB_g~*p@Id!h&(NYL!v_UeE^=Q1&$Ba3MGGP>Zev|m~
zj5Jb|vNFV>BzlFZ-6yph`7&}AT>e0|MR5z?CUL&CxSBsctR2C)AT4m(i8FzScyMxq
z>QOy&gcAa@dLPxjuQ;;asjWyX4G&>=`bXe$X*aLykc!WvdeP|11E*F>rp_o|y>b8O
z_Xlh6xkQe~NZzT5Be*iBC!yf_OkfvCbdRwJ#_sz&V?alYkKBa7(zJh{Y)0{^Jl_?g
z1LqeqF{d14<7RI<G)U#)e_UImS|O&$#&5}!cb+*bi9d?(i&oK%v|$L=;oY2#o9{k-
zd!iO3VCzPe*~*Y#tVlt82`+z$%j72td!s_g?Ad*I0`xROvTeoLP#VH@^&1KMAJUKN
z6)RA08$u$=)@BFP=n!5vm9M1@UDT%yZnpQPe!;f&x&oKKl2{Q|raXpn6Qudh@BNPo
zoR<D0xAZ%vA>B}^9G3h?<C#^}=E#G#!(xE+Ae!A3Y<wye6O5^LOJ8?u&%}VS^cJ}M
z4aZxTY)YJ-jm)o+p*eI?<?KLUz>X4{dX~S&0y+01|GANocoEalpWJd7J{~-71?<Mr
z&mH;62;VkYnsqVQ*$FOxI}C^&;PZ-kSh?VWJ^g@vdhreL`L-#}K)&#;z}V#wIREuN
zHmnDsO;O)IQ2KHX0bgd`r)|m0W?ODj=01zu>QO#^6jE#@XNven*=}GHV+Ep}z93;0
z3Ky?RAex%)r9aD~cyTnpdVF@MnZw|7#7+LntXhEVRU+F4a`R7k4PX_Lt2MYjrwv!C
z0;n3#Y~rvhdlHXJ`*X!nikItzk@ety_@g2Sf%9kij$Dlzwqg-)P(?r3(Cc2D8!)YY
zZTV^Ot%9NTvga8%e@;GY+P{~IAu2NLM_RB@HnQ%l`+~h~C4SD{OU^hh1)RTl>A2wX
zGF8B&K$+=%2~sNMmn!Q|G~)U%_{RlRUo1YV{|~{M2rB3CdO3-onGe7;WT%BfQ>`U2
zYr&P(v^RF%0m0>y<H5&{Lu6mEe9Ccg-gbDq?cA|L9G^539N2GH=n72=&hr!n@+elD
zL5=&MuthVryyZz}!!pG~dI`{sdGXbIumqeJjfoMuEU%GJBa-8yfnxJ0$1<(`LJ6m6
ze<m}IL#f^h&TAk*e&#gn?iIdZtJlBi+K!naZ1id^Un`q99qG*lJvImSG6@)DfnL77
zrtcLCbS?3m!Nt8-O4eI%aN0;q-@vHXKYL_fnBsY(ehDxuR|>kavWj;8y{bz1K!cKZ
zNAr2fDagsA;PUAry-!(UUOS9jK@JKTD`gl|pr7B?^e9Q<Br*!OlH-E&EJY)B<Ycuo
z%e%}PKi3@(p9mDL#qA7CV<s@@DsNdo@;{<;A6Dtzyb}T^6!<fzi1m;ZW7;Hn%hT39
zN4+IAzU+X@SBAp5-TV=mJ~@OWJ-5_=CG&KO`}RrF@g(uxN@1k$YjECx;g0iNwC{eq
z#A_PT8#{4jh%K%P#VfMzbg8COv?zXX{?&YC-kiT02S(gGPiIznyugTwz5`1+MTgSz
zQk}cDC2+n3p)^4C-8Xec`M@8kUsqO$uWLpcqhIjx4WE)=?T|dG=e(OmaDdD;<PB9H
zSmgAW$<(%VZM*j{Wnw3mF4R+}uLYMs@=9J5HlfL(Q}fn}OY_6Y?CJPZcZ*3WCTi1F
zqqVU|^`E(;xaQyuhw2-}++g?wn20aQNadrXguo)ro1Z`)+DG>LIS-3;0`Eobx*0RZ
zg@!W$Pleq%OrCI;J%BbrF0%ho{Mw{(t*&rIH+)9o`}P{@BxPy5DfnWKHl(gyBoD!?
z`qBLUHnn5-5xfGtpD#%kpJj?WAoTef&9|y%(!_i^Z2qs0_~VH8QAOC6FLqsVGBlaK
zuby{*BOYM>VcvSC-(j_D@yI`1?k0V9>g)OP<C&ZRB4w5twoj8{;Z)tmvlV$`OsIE!
z;Ma5Z31-5W9(Q&ur-BvQlXIwmmK`|dat<%F<R6~KH@Ga|JT(prj<|CDz0$46B(iz9
z7i}m}n+hyWg7eW6{FUhDSKxf2E72P>tHyTLK*UpmFpNScjp~n1X>Ji;Um#;DdQ&{A
zw=YNE2fWQDf+*ZzIqr<g0_cv^V;98)|9BmjO#U&xDH~k=E8RmS*e%({T*_pGB2DwJ
zVeM23M2n6GXlY$L<hNr%;Ji#d5sA08g*?kHq5!k;d&+fkuWnOcCWIhX?TXbfv|Moh
zM+Z;#dFuA%6W0diVg%M)G}NNN6V;3X8=PiXedr5maDF4;{1)w=qO-fpq^MIX(unM*
zX6fFzps}p2q(a4gB{Dd#u(Xkcq{{RfmLcX@TS8h|77}E76Am<)f<^H{#t7mgf2bdI
z`t}J|o)E!e9rRQ{!%flkCA`Dw_m;WEmZwxyT#x4KAp#Uqv9z&ku@HqRt%RAWH@d4{
zZ#I5G)hS5lpyn=E0M}>LWC>A=Xccv$)-&7bWvGo!{$8d=?X%)Zn_N24@qra^UiLyq
zajpNr5`|`afZE((4f0*EX+R&uEG|0I5w&K+2XMaHr&iR$gt#l?g^Wx!S>iLQSlBtL
z@g?ZyqAO>dyB%xr71~UHmIq>hw&1cr4`JMb9!1*xy+Run;*E6N@!ywZKRkp%@z?8r
zps{f!EzN9Ao&M#y2??=Zk4$ib9;)JI<7H>(0)QTw0KLKIKbn9iY*YY>Ur%0O6aIsQ
zhbJ#AT|sL6pI@>wGZm76zGPXz3a@99y8mr3+>auB$+EBnYhPbreCS3b-&H<mMWr8_
zqX>o3cuoukwP_+%_At7xa&8NfN6BQY?invky<}iYb*_`fr&4mkW_iFD${-+Op;en5
zW7=G%sTa!Zq2Q!Tdu8kim4PtLs3R4NX?kjP7K@@zlfO4qFIwx5I(^zNFACnH;8eIB
zq}SjY9Ug8Kdx&_ix{R}qha9T20Wy@fze5&8MwU<`_@Opy@Z+T(8u=I{DBX>{{Sth8
zmFA)(C)YZ&S5qD^&mhyR4xsg0w#q;RPWfL32no*?*hT6>v9byc4bXiNzgtujdeU<%
znt^%c*%{kz`FrUwAAkq+qCG^Da9POkYjMz1ouF6az+eDyA0AJlfq7UikM!r|J4n!w
ze|vonXod0L*8cwW(2_QBk%<ER-q{O#gXB-64!Hy(wz8QXUo6f;o*|Y!r99fxGF%g0
z^cWcp=v3U?jS}+56ps+?{kZDlvkc*|=3+LO(KAAe%$hrT@FS+~969Iwtamu~6HRhL
z(O5g=*2{}|&C&)BF}9ydhR_6gJr(_5q<5A{Ca^wc@5*E+$Fh$}esmuMWNH^{P5Mv3
zVm4fy(|`Yzr9S<RwbIVxsgy-q8(mt&%jOdw?H|5qg3ox9I?hthcIYO*Eo2ZG@#QpH
z2EIFA!V*#Ow5HFULPjEsNH=i(bPnnM>@$3u=bqi|XR1%qQ1jJD{fD?6=!|8b;yMF>
zl?BcHiqB-~yR{OU@WI!$I{bNe<3Fuy<>m;TQY2?V_Qo}{2<_9Y)Gj1AmPmVQB0H(m
zpP$v~32s}AolI|9P8Z2(kJOrO7z`)nTJ#vR)Lt7}nZX6Y)M#FV^Gt4w95ii?BU@3k
zMFWER$(p*yNjE1dhbn#R2x@SrFTi<Tv1v-~INXqV10>Lr785>22PGtHlcp>9R%o-1
zF#Sh$Y=9Nr4-GGXHeK5@=@&bbyuKQjwlki&<3=6_QPXj_kLKMZ(w9Dj<OG<*`!%8@
ztw?k*v(}Yf=03gkMU$Uh^uS93*T<d|JJ5SmEV?9a|9QO;oJrDzOwNAn<`~w_r0Zw{
z>!Ug(5QpyGW%v`?$7*tx=ba<v7JfaJpD*i@$C{pABJq1anpcg|OAouk|3K<LtK6M0
zgY0sCO2uooc%MDWzrK=$CsYltPtG%2d^S@X7R{f#cb6vnkq6{=%hfOt<W^lDzQNZu
zbAt1Y%4FNz=H!(&uyF#2JkUhlttcb-a14ATA8e{WZK6KPLtA|jqF`S`8=roZcWe~E
zZ1uFVS^Tc~#1ATlj%PkkVG&&Z&(BUm^j|{<-GwTj5q}zlXuRvLPyEg<nh;(wNILiF
zQ5?COsAHdEc_r^CYslnc?HXOIrW;ymP(tQ`M@0^wiNg&pUjQmXT^OZz@_?w6dgP=`
z?CpXpuFq88t3c+d-V*MXM|HF0%%h9TAFAsdqP=IE39{pnu4;Bazp3@UIWIix$Tg7z
zm;dIRRV7ZT=B_dm!T-C`R2$NP;r6#<;7JK%^7|D-sW@<c`-9D%n6z2uiHL2_wUhm^
z*>^y_AFyM{yE*QAEHvk%JbFUJ?@6_z^cqLIU9v4ykvle@JVW&70shE@L8Ip0l0k6!
z0Ro>{lB&d>Q%a1!5)9akOE$kRF?ii)+EfJp#^+U#J2<aZzvQaBPkbOrnCai?K5&=F
z6u;N`jN*+cicwZq6XX~;PilZWKF=%Fyl2zNKd#n4VDgr^<n!^_xP?@ne54*a7C6tF
zkX_BXp4GWd4V|3L2Xh|xLALp<h@9?Ramym_3GJhClrV?T?h8sRnYwZaM8R^|E4XZz
z=%4g^iM~R{Cc7TmP2lpiZhYR>IqglZe&Atkv5RTYt>{oOM5;HkGiMMoj$D2;Pue`Q
z(N_kzzx_lYO{lK)t#?*~>p1;eMmVO6vL<yM{G;n%If@LNTh_(w6hGna;<y!-IPnd^
z+9O4cWA_m-OF{7m*C%5%Ch@MHhShABKw|OZLIndW4S!*fT0OO$N)iRybOJd4E|OZa
z(*}DY@&Gxc37b0+16>w6r~*!%L`WBLg1qS|IRCOo1Lg3uE{mz%1+Qb-*KanO$4EXb
zPj7Lu*!NWD9UkRDs9{TQWr>M*B`DSyRlI!^3)1K+8U$>I60+%uTT?$gs$;NbzHAy=
zd+CoEeU}BYf`ylZ4rm2h_v8$rjQnV27mxgv*y!r5v?t;R?wG?ish*^>_rzwbt?yyn
zCRBIIoVK;p!1Y(!)T4aPTiVUzwSr)BN@Jwfc0Q2}ukN-%G`~J%#PkWA&p}OaKb4jy
z&m7;G4q$q*@P0?QiD7{0Isp3pYM-j*qq<xp4cm}}>b|XB^gXh#{z`H>)0dTMQEPV%
znt3D2F_d<2`K@(m$-;~d9K-hrFR2s*Dd^5J752A~8t0{<d@zeN?!ozP+LNPO7AeB0
zg_nw?rG+)IWgjEuB1&-mVfNmTKvq7gV^1k<nK}*~xX-0lBP@-2w;xx(Df2bBE6++J
z3m?z<%mXg}`ZHC~fS+z&{O94YoNVK7yigw&qCB23PT_=~3OX)5$`jwLjPl3X)uSh$
z<I8>;`pPS2aLL$O85m~Gv{)X+`|%67e8}~sm;EJ4*`M0?Su)^tfEAxV*!f>E-nHux
zFEhKk&w=xB1J2jljMtfMYeF~+<adD|HPLNt%xcSdofKoWYAEo)d3@I5(1xSp;#myk
znhL<-D*NaR$+WehGxU5W(`1jtHaP#3z6z(oddcv5Zy!jsOq8qgCay#9iJ8lgIw~sH
zD_;e0p3&D=vAWktZc^~Q3&D1qRIn%+zGrK9G)=mzK5Pl>DLBs;mFk5`xp!rsFqcjC
z1#fsO7LK#-+q6A7l?v&i$kHQwe^!B%gOGi_S7A-Fy7Ga)n+V_Cmxb$spOLpXK6<^t
z4P5@L>*R8qh~XUZMlzP9%kwj8<nkG`99Da}z|OIupH`OO{O9w{r#OTu%6_adNmo+}
zTyV(BDM7J)1R^N#v~XX(J+k-9nY3HIh32n4Pt~xpwIs89k!>x<g~cxCEfY3s5AMvs
z<$v28yut9$>*wrPF?}15AI7)I0!Q-1J8`c~e9bjsP#m1Uzo0Bzo;l{N)G>;wC_<=U
zQTVh{;*)^Z?HpyM#D?^!4ijCBcq2`Mm?=mc=txIIhUMW!wuFo(@*;J$n^+K^b01uO
zX(0fOBd@@gj&HOrG*HmUof%7o*iom?sU?6NGJxqGe5^_G=M_o+G}eSS`U(ddr4f^7
zQg?TVu_Q<_c$bAg24$bJTN2WOsm2R_ZusqiQXLCm?eTyQ^c`I-9wa%n^<C2Tdq(b8
zIrn^%kJfl0t{5w+Vj&!Ow>n}?2GRU%f)0<{$OXD4d8_GWS-yUBZ;;z1l9nobTe1K}
z6_y@st<Qgy!+b|Zt={_Hw4ab?{wUU>5G3<?GM{so3r)fmnXmk>_Pzruimh39R6xlF
zB!dG;lALo=GLmy<fB{B^G-MD7k|Zfff`UkpBp@gt0wRdytbz)X1r<<oMqUr-@zA5^
z{^#9u&s*!Q+pe*vhwAUE+Pk`T?b<!lE=D5V50>NPO)Q9z_5-!oqQLqS5<YEnVx7%!
z;-mCKO@^zS#Pxrum@ImZBx68I{Wu9RhJ5SNR?1B}#pi8T1$o`0C0}hv<3o;C8S_kO
zT|d`}xyDA$$IrTpZ8>)*>4@YB#i1`BIG%DUIp`cO@9uB0?(4<C7d$riWTl8$CY$80
zr%xSMiJ9#Yep|EWDP{<Ppmc(QKCnKT;XL15gUU&IBu_Wd(MLv9=y=x>)MdS>?^%w%
z%?%R(%Nu=C`W&u16F(_3*kt^U^Lz+9*NE-4O%hwdiRUuJY$jlNWVnt(^lQWMc+JO5
z&ybJnzOp402?z^>p?c%jIeXhqfaOv4k`+2wm$;YKC2rm9I<o5gDG#UDIpT=R6h~tk
zI|D|I12tMpZrg2|rdN16VnpnHO;8<g-kSoNC^IgH#RQgqjNH_Vxg<r9eRJN$uV}Kg
zZuCM#uS>nr`v%2I<Mp;|m9iILeFF2U;MKt|!|W4S^K}9{61B;@3rJ4BIo6UTw!^nO
zkFkawxy=749n!IO`fz6FjbrfkL$hKM8R7y@HOxnRUt6uvf$>w4Us^TBJ|(Sndvd%=
zH7*uHdcxId=-!1a8|xZk9wUrcaIgII8A08bnI(h@%!c0fli5%roy6QX2=|MMiXm>t
za>4jTc1&Xl4oojUFWH%dzx4|l7E^7PAQ~?YY{s_e71xJ?<x9qo;BEP_zdN<D$tQYv
zLfuxgWcI{^<Aa^DXGShcAI8Yl9?yHdy_%`q$VX=tA1*-B8PCpFLO%W8Is9Ufz%sKw
zMy_8IcF*o3g^l9v@?&2DG_TgDU+O&DP3C<&!?JH8_#F|3{_XZ5k<u?Sl06Jgm&es>
zDl1v2m-HW_co#m9>zL&AZ4In{m)Pc0!~V-3??>+_ldd&NZZw?Ll&XOn>JJEPvaU#X
zf#u({&m;+~*s=*;QNP*Qtb~A>k{wn4ghZ*H?>bDnzO)IJ|HMu|Bc^x0--NcIZBe1m
zP(k=hwg1ClO4&pw!|?~b81mn&^3=W9TVHN3c5G~)*y<6o2n#dlvkaL#X>)7H(cusn
zzm1FrrW}3cBz1g3RL?ivmnnf8y_ETmN96Eiw3r*3jKT7{RksK~NYs2&G|F!l>Xxb?
z{VEZ=S)NjGxsYNm*Q)#pSl;tJ1#uQ(_^z4QAxgX{T1#9nf>Zd~X6<29^WhQr_FQ23
z7V%OM`l6H-3paW9_d*>BLq$es+V3fFec?ah@>b+yFvi$G`}^<LzA&E5ymwz;IZb|H
z?8U|VtbJ*nzBi<W(_Qqdc^eI>G4hB{Z(Q5Eh6VXYvmaWkXpXgHWGFJT#x)CTO4i)$
zl;pDj>uS>zAjzolcKSw8>R9>uX@!nkTT{0*1D)+=%imS|T*JuwSY))Pdz9~xUonxW
z8}nsC6>-(}QY`w;dL@um#wKgeg7N42+I3Nm#|!6X(>}JD&atEp#21PoD0;10+`rXB
zZ@&i1-za|3n4;&Fr&Ql7ENiv&fX(P0W6pEvw)*tjYJ+<W$zb_5cz#)|X)3mnwC^*-
zH9`JVtcgJcE%4h%Te*h{-V9^R<H^F`DBq(UcH+F*-3lq9E~Ga82p3vJo&4Ak+g~&R
zJmLVfK6Z&HNM5H>Ayx}JYE3xHYl>A-*sWr){|aFgA9LCEeQU5hZE-)la!r|*{Dm=;
z)TN>ho?PYSJ{D84Q{e=S7wLyFVkO<8-?hbQzb}_x@i~f$4g=phE51|qb^K^TY!3O-
z>oap;d`7&{C!vH6^4DZz`?+67QfC}nO>AW!Kc>v86S{UL8N=5_?xfx8HVV6XQ>fhB
zvYNdqUn-}>f4a!yQ3>%wXe;LZM`GO1r}7!vE4$(4B8SaSmbM%pkPTQgscTR5-LaCw
z!O%zQ(|RxMP}Vki%5kjV;foDTOob04U6YMusV<8WinQr~^_NS~Z;YXmBfL%@a(zpL
ztIez0Ni|O>l;v8XcjQp*{B^Lr5xJThj{Z1#zW`}a==>Ufxh<#KpqGogMl()m1Mg=H
zd(GG?Ya&TUtKRRrTiDo5rFoQ`q^NfZ_=;zIOIQk0l?cZ7fBy}qQMHkqBS+3tK%9K%
z>4`_w52tX{>g!3r9OoJh0L#b9e5O>hUsxVsXSv(cdp4itb?!@hlI<&3w7<$SSnOh~
z=ftltNTxXF4$@vs%^W_9Wo64U-Gn@{SUs&mUWOO{<R%!un5HeF@UqH#x)%i$Sqv*l
zwd5MIrXC2BvRHzS@&&8MVEMYXY!bOee4XNZ8a)!1MJg}9Ip;$Xr24`rC#><=+W9Q7
z{BzbT0?+fmHa^pIzEtShm&!E7kt#gQ=&(EEnenB?2IGFZ7Wd+a=yF*~eHT<{s#?=D
z&Hd>-_vLe3)!F4-to$h$^RPi$6PQ+Jv}8qT$>$;^w<Wl8)7Dduv@pDCx49|aDvWu_
z;G?tc5iiZALgaCo<QnbLESU5C=aycS1hXZg7MKwj_p6Rk4Q}065R8pd@=WfZJ9J$u
ziRoVHHI-3#G*u#nb|gL6-YFpnBNIK<b4~>}-BPYlb!gdTS=&@juMaOA?(TL)%7EpU
z-+b<W&Uge{xR<C}Wd7?Am#$Dky|S6yhOP;pA>-SZVEGlQXOFkXo=j7Dw2Kb2RGzd+
zQ;Wa;^70)6l#*x%<K`Gxen&30sPDrAn+sMb0v9FLpx0##cV+IK4U+F<2wc4qhXl)?
zvaYOBF3Xqn?n|0k?ZV?;OSxjmI(h6Xp_r*olbSC^-R1Q0<Y<YGG3X-G&HRtPho?9D
z1+Od@NABo!mb2tE#$foTutjC_u9Hfq0X$fYGqh|rXIK4!OUfNO)>qB$VgXJVbyJ14
zoTZ?Xq4`aotH^KXf?u~Kv^&+$d>l)5jGcQO^^^~+zgAY8Y8AsX>xgG6ACaRRHJ3yS
zT6h?2N^zj3vySYU7<E&91Xsgj!hlq<N!&-W?(gSNjLlB(&F9nA23~UKgz@Eo@x27)
zjYl@8?Y<TdJ;^Kg@-5LU^FDW&C}2V+YyIqQ5XO3%&*6k8M>C5jtRuDwOE`D5E*X39
zr?=v)Q#=!EAY=5vm}`YF>O-#K^1P^|bRC&b&pBx_aQHKP*;rbqUS1MHCN%`sCt92L
zp@zOsWofd1{LWphGF;+ImgAOm=dD+CDo7;*FxJ~+-V_|6NSl5w(^1Whn_0T6uSH?Q
z5y`NXyR&=v4PGrP7(ZU1^}X|<%vm+wa}}Arw8)FEzLLs5BeWu^d}743F@v#gkh;Mr
zGbMSyMnAY(cF<;{;wTfDx>~(gQy1^&RfR7#nPB|vhu<d7_L*pJnLG;R9twDWWjc!T
zepK|Ad}a|u(u5dBE|`CHT2jAuo}@K1o`;p_qu-K$QVUH@qc}2NY8-kSA7gxf1l33*
zM3g01NevXU3zn5Dy)wEKD!E{H;qHk`Cr<k7f%WN%k{t`#EI5*Qdy$vb!b|7t6&}YP
zPYIiWr)GGHI5ZgX<m0g{p*h5fuX@zXZBN?j)b90<6IT-JoGPWe&q!HQPXNaM)J%2x
zb@m8;b~Jl-3{pM@j?!O~vN_~8X-59V&2a!j{~c~iffyp1#^?8r1bn3$dG+Fqtm|V7
zT%osgBMMw~x8PuWxTO(^1U=E+;KA3OTU6<{#ooftCw$JV3T3HbmaHK!2g?UwF?3Z<
zy5FR`$Bw#H*m4H=!eHW>wLZOa{~;YVU#3@J`6DcA?@yL%ea+1uz3O^|@3Fa*+SQlw
zVcXi|R*&e{Ofc>jJ2D~%VHUqY9(Qv-%~i>>B`D+AHn!7+=eSjU0%v%<G45Z$F-@rY
z3=#1;_r6kLY&0oGb*hd`Tg3Bv)dLUWSqU*1SRdRq#7&<1=m*dFV`o&v;g1)+8KTTz
zOcdhhFbfUVGA)7S@x-C1uj;jRSZ3rNA9brEUcWzvyLzctmR=+mxI6Yn42Hbr(WCbl
zMb(f)0zM=uV~Sc8*l%ZGq35~uUl~j>_df&6lN!cM+;VYzJLzF0TeyzEX)QBhEL`R3
z@S2@kqoX>4(O+Z@<yAKEoehc9*WORb^eT|zNSU{Io6Ix`2t~SLsYQbEDVCd$;0;I%
ztkfL6KOR!+F1*Ooryu5SiaJU=9CjPw1(rW+b}NvdQ*P|Z^7<R@-k99YPdmHVN~jy3
zt<N`pCEnBr%kyYIoWR!C5s8(@e(TZgSY)I@q|;MT*jcdM)mx)5st%SHtn94NyJ*m^
zbIsU+-E}>h^;k_ULTraoM6Q-+;!9u+SYD)Xj#c0q?bn;*m3-Ari8Lielo#za2sv)C
zJU0+9x`dH$C@Z>VQDkKe3w-9)cNy8P=9wkY#Zx<cd;VKhr=5LN92j3C?1YS5D&6K2
ziRx8}oPw56sjN5o*Upf04seRPRj6acPo3ts4WX#J+>RIK{J*@6WHpbOWscL_xVgzH
zWw(voItj)%D{Hp9P^NvqX0|%m!z1bBbqE2uK$O>uCkp~ODaa!j_Xoj)hT0>!&A#DR
zmkc%cCEm-cqnQ`ELK)F4_z5@SoHd63*mAd?n0k90_dFq#t70iZF9N3^>C=)Fck`!n
z1ulFXc3^#+v^$NL`Acu9k+hw>Y-p=>G%fi~M{>2_<)zbl6tnyo@!6%~&=(>3cP^eN
zhsWy1GMAI+3?w+hi$Z*t>~hrC>@nuXo}JyT*6P;-cBL;5^IU2Wc;8!;|GXlnAW?RZ
z!@BYgMt*)7_e~W(s<NSDA^X&XKtpe)se5&Z%tj6AqsDRjcXqm9{rzt$aCcWe?#c`v
z|9G5^YvaKea(aL3^FFwycA-iV4;sPp!2{+#*G~02RLOr{P$ViEevTu-d~cO;UiuM^
zOGM3mS+IN<*`?FdHnlifF>fhhiqvA_!|*SOCv=W%>^8m3bhyw1mXCV0Qyjj$9CsfX
z=3;YL&|%?zFuh7hA%}?4O7ZmVuNZaN8`)R2?9U6oFn%%IcWt2lrN{AGY37pgTIuiH
z8((Q^iGuNCHE?^o)9k7~a9a-ty{g1F=$j|W5XSD1wq}0G@OE1OET3`QM^7z2`L;fm
zdT&IY@ytns<CM?eu8!d^uv5cbYuLc@S=>8QCOAIk`0g!)c-%*ApC6iWAML)SHZDEi
zk1z4!2w1*UsVqI{#JD2!)+lK-cRLeBCm+1lDbRH~m*>UW;USECsmlBGyF1v-{yBF3
zQ8K4ER%5j^{n;|LUfGBkOTSv|#pvH^*`25!<r*=a4;`PAz6MSczl;~>XNissU7dZj
zG<OCgpRd=sym46n@X>sPihYcL)FcVT;3eV1^fV*Kx2}gKcwvF{?^-jZ$@>(0|K>}l
z2ogOOC8&SeYvLwumM2%4{Y;p9@WJx0YffyzZf(z5pS=}N;AK{1-X_94-z9FgBSn)s
zuOd_jmVcLWf!W3FCO)B`6d@euv4oQBn-{&I895`4gtCQqkbvbs-$vDUg_>E&7Vhdh
z4V-*6BBe>f6Q=#O`|F(Z7X!Osu>3;X%li;x{r+*z9N+Y(w4Xj;v%SwwSy`+Xyg)V_
zmYV>UUsF;r#0$&7J}jBOetU#K_|5B}HW}A-DD_O^g|FVW82R}YehuTL&n6oZ`L`FX
z13S(yPd~Be9khDPY<cYHbb5dZ7@vT^>#BdQ?F^Q2V9MAyUcb!-F3Y<wk5@i0O2l}1
zZa)Ic6UoxC6)gil(K5k9YXy}P!VVuT6Z26dDjzyN2=9G_QHwk^m>I0F^He<I?6--T
zaI2`XHyf8<#cAk0D<X<*(`3MiS2Q_NqU@JtTDenPQ8wkUJFBGGd|P5+hxsizd`b#a
zeZcxKZ1>l32X{^7Z-kp^i7?>fy&r9HHb|d@>C#Z=Eq}zAzcXE|(TBT4;CDP&yG{K5
zl<2jfBU?`DP_1?xg{@Tx5k`DqLXxny3<)O$J`7ZOUJ}MI$nvG@LG@w#>bZ;#nV0s@
z!TPXKrFX1^lu~Qb!)bgIv{g!Z3NDAK(OVvg3>lRCD5(mT=SA2y@76zdc>ItJ+xcU}
zwT{#L-QC>y$<I6|T{lXv-v!I_oz=KTeEa(Dm3kBHII2Yyb76XhJrQ-FL*Shly6$pw
zu)LVZ%@IqVVeabFwJ*A)#F@_$B=Ko~)TQ-3g1pglGN2VKuY+@Dg)o-YiA(m)L*e4N
zt*4<QN`s~!vo&K2@_ANjR>ATHcF9cyyV|!r`XuVu<0g-rUvgI(lhW>scaHQH&nM&n
z%Nr>?D5c?g+bPn-+&fjL{Ozp;<z3TDromgsmy&e*UNV5?&1~z=;?rQSu9Dvfx64j=
zfyZ6QXp959lNo$shKbl#87vReHYp%cfNd*wr1@Mm-JFM(Bj&dK@3CxLeH|g%V15oP
zkD$tuQS-8746M<-Rf6A6y2ZpHTK&fAjwDgrIo6E?9I!lcY%$r1K;BL)!;jSgFIYCF
z+oLJ1^y)X(=Z<sNW3FS=YLPpGmPZzKUPc&qz9N&*wDwWFoQqd>is^nvhS<ZtCm8vF
z>!mHz#q`#e5Z<S^Es54~57jYDb8+y8SL&B6Tya&#m>;=4ybX0|xl7%9^L0uz>&=QH
z1wYj1bw`S<A(C05LSkC5{+C@*_Xu4^6}=zF6Oby&zI71N9?gtX=3$_rF|YCpS_I4c
zv$AzXxB6PpE__DSuD!i<GS4%pnu=P-Kjejpuhcxo_!Y?cV3T7(G(1rWb-SpJ3|es=
znNF9eFH^~K*br}_9Amy5XqsF+ncU61W24wS%D#=K9A4ncaJia6>zlB!GRjT@tWN~D
ziTTsZdK(jTsy>6)$*g3S4-+$}i<5j{5V+~XA&BAsapWdU=R@4i<Srz)y;(ZibS$<g
zo+DlS+_ATe^1IF{82L=xy1{A&Ti+ph@&~4#h7)R@fu$z=ErBZ8t=tcx>w~ypeG*7k
zHVw3sqK<Ccm-<lW%M(vt*ljy}CWk!~l`m_tjFCU5*XHXgzphS~Fqwv|wK%976MC^N
z3@+haLh-w$n!Y9j;}?+*)3Rl{+!WC~YbO@)wLbLA70p-t>$|pZU6&nWEHL~H_!*(T
zT?m!ySDp{mPoL5_RQn}|=Wl&rq}0lpJ7lBP4aTqVd;D5F&U~h*r0aqn6dAH6NiXME
ztk(a<b2WdA@@N!TzR{VK5@+g>7Ne-8fMA@GcV{oT@Mv_5YKxPH5bu-<#`xRedb9UA
zPSN&cy7R!hB@SHC>s&MA_pv>mga|p0QAuL>TNmZVcGsoe+mJU5_6!fi*ToIRVZj+e
zHXp8kGC>xoo&xLhitHJdmWgk<JHu5=udXrZjtz<T)hDhI_YcvYed<0n4wfJ94yT@X
zNtBbr#`1FuBpOH^C)^=E9bZyCALN`J`V6B!GyS%<rYX{R&X9n$lB137rsu6lyV7$C
z!#!?~7anq5e+tH5NV@Biky;^L5Yf2nH_~#|Gw;se!*8P`g;ltIar(x#VENqvyBI&V
zC~+R?N2jM*s;6zlb;iZ|!gtx1VO|2qu8V-><%o7$nA^0Cyk9r&N>WO}F6N)K7mC|R
zdKnhm=9<EbQGY1>qQw%odAyAN*rQ&ZL%}fL)-aRwBOe6B)R#T<{bD1*_=`HnJmq)F
z-@g4kH6j-r;?6ch+|6nt*ypNACAX${I1DVGf~3(+G~E(R4!t#W&Y8%*!{e--i@iy0
zF008#xC}iWSl(Vo$$ul(2;q4?a^$*PDd`)x#`QeG^4e`73GC%(Uor3<$W-fXr7mwd
z(dL@ExTfxmR|b!hOj1s*6mYN7XG1XN3+;*7eWRo2jP-g9TNfD`cx|;mN6Ge0Y$9bt
zEpJVP<%9JZy4=z`bYcRlaKzD)`Ra9nGKR{4dG29fe%kP?)hrlB{u7SVP2l@_<jSF5
z=!z}>39(P4V^`gEJ!=&YBN+#oLNV(3UGRoPy3XL_&9{~x)(CZ9U|q18#chV&BWP~S
zgphe;gY{vJ!--LcIdP!0KfMkl&G)B|lTxj(j4*gAn^F}tyXXv-f8#~AW`$ci3DxmB
z)~+x5nIOh*OoqW*^t^CL5c&DgO0awfl=C{X_N;sBmx3mfG?6d&Hs|zltUqy21R8pD
z@^Qq1<$V+8HOz%dZ(TU|<k(YANeH*_Gxiy6TGBLm!U_TbQYEl_cVFJ3Sk3f#b!A89
z;U&8T-(yaj^l+9N#2Im}j?QKqVEOrnJ+EHKc?FEWtwhCCsPu)GzshuMxw`Z$fhJ-x
zEx`sX|1mJsrgD^|VloJCGf&khc=LR_DU(%;;!A_FSYEd$bYOWpUDY#U8!H^*eMx<O
zE0(99?HtRfvlX^mdeijGdPol=p06)Osn2|RGim0MZTO;Y!NuK#KiV92N8E7<PwILP
zTQ3+tX4sRLMYT{lE7$^=;X9s=+L^<ZOJbtrvUXKcj%dU1|8D<uKiuOCcke!5X<vJP
zf35WTk?bCC*xG5FZ)wZIF<-#=Y;?ebE%>w?Xgbrwio)YJ$}_HoJ!hth2z9Z84{N_Q
z0L!1cyW~5!r9)OxDKwrHh`jzfY(VuYf~2f$u5|~QMPzUYSPBMS0q8wG<QTmRqiIL^
zx9HFt*SxA`Y{RLPnrDcxHrMMImOOXx7exRm*vMpLTYTS%0z$}W@)5Qu0^l?BhDJbd
zvJg1L8G?j3LA-%?)(}<Toi*?dc#6rNsVea=Q^i43R~@{2IcCq0EI)3hCO|x;znh_M
zVt_U7_?!=r22<gp@qz6Jl??DCUuy^g;`Rs0AAjDrrx<JZ-EQgg;-dv*6=I>E^d8Ud
z)Mnnq?vHYfGMOR`_do;6T+mR0%F5`-{6OA6b%g!JiE}o3V-}ULh%`u~yG0V-&YL);
zt5tfbbQgT{v<{q#{*`Uu^}Q7jB?^7nRVOzfr^W4aDlp6`5>1QwDnV8KP%C_N%mI!h
z1EghDWzf%9bAwx<pK%S9MYzH&k#KAD(^Ikj08$(h4H*w;pHwKj>!Zi{O$>M}ZI-^a
zp%Rn+9M0p1I(XuMG*p_^4A?;+Q$L=(x_1Pj-rqs6j*)+Vx4+xv*>64nT`b5!w)@;!
z%2E9J4S4FPqy3f1BBmXLjVl#gFSLfYc&qj7LigC5>G#;kAAi5U>^n9Fo8mspE^Pn%
zLI1DWu7~0mc=Fwz_Y5fr`+C;ChMO{TNwY#M$Vo9gGm=??bI&#i?VfFq&*2|vF$~+9
zzPDuJ?`->b+2Zt^BSjlZRfreKKO4fEwDG2y)=nZqE6>CkX!lAIYwX!3O}S^Aa1_yB
z+je{3i*^~&E)9WT_S=8N#{I9d-N64hZTrXAjvP}uoLxKZO`{;(<UZ(u^X){VqE1NJ
zr`Fc-&qYVaPYVO>4~5X}*#^0{*ByWS_v4zz!Xbeq7Y+K1`MW8^S-80}UodmP>@%LP
zJBh<bAuBQ8K1|SWr;>@8d}~MvPgY8%e!$;=^|W=5X%xE0B;D`_$=;hkGbKd|hvD)X
z$%SVRs?(M!%V9EwHQcScMUZBaqT$_hsqe;V=Nu37Vb*~B%!uB`X9oCqdrSe}nHcwD
z#1FndGc75a;*~xmk*{Er4rtd+p~qyxt8*7S6Q3EvNYwaX>*<n4rDiGL^JW@R1<Kb3
zgG8s3|7;U9@CV2K{?AMUtJIrq{%aR<4#~H|NnfvEG7a@83b$Bu;rPTBt&dIFZZ32`
z#L=4lKyO*_s?)d_<+*PYt0@{=I^y?CuxuXM+`0jUh*#RzD75<2Fq!7Yu9d9XpQVyJ
zU)b$E%V@@g7wh_DtbN2V%!N4k<$}>3lXSbu9+S)OTdyE5?{=g|fLwy3re3ql5G5v)
z=A9yzFDC2Ob~27Jg%fF8x3jeMJk^5EkI=m~F6*wG+_&k~9#cT!?``T;;}^56S5$wZ
z8`snx44=kiVmiIcdqr)TCH4v(*VD(_k!P_ZcDh%Z*V^&Y3pzhg4DB&lH0&{1Bpn>X
z$iEY#y*!R%<d%=**oE9rJg^@1*X)=~BlsnA13j8BSkF1@+Y&?J@3YiTTIgBq>UHNd
z=1T|U?J?ch?<a`Q?`?{YAQ=3juclVucfy-N*$;-vWZ0#zpNePw;O4I9vMobd{K9np
z?3qpLOP+$TyPk1hg7=u7?f28@>hGDT?@fBU&YilD@NHsRkIyn6lZhX-rZMYq?@&Zj
zfCBe`@Qv%wmrE6sCKPCbwLV)eI!Ns?Y3wsSv--V9oJ{Bwz7WQGK2}U6w%>WD6O*a`
zf+Jl@%_}yc!vzt?kKgTvu{IW$L{F1ntGq#<=!kuFkI8wz^)ljqZ&N*0Za}W&mhA2P
zJ5`aPSk9PCA@x@))>u_>(ms_?cv#3^Zc}5tlrJ(+lFMT7z!+P?e~;-w_P*~)AIvkz
z|Kt(Hon%$|ALymiYyBCTW|%)<GG+6vlT;RVGx_<!U5vtmP*{)gr;KWJMbv2TO}oaF
zA@-P_)$cKlN__t&^LK_nGiAS+oT<Jnem+rm{@TrQWlv0|hVH&cS9TU8eR0x)@+5YR
z#A?n>e{GHE6Jp)SzR{?myT=6C_j2j^-+Ot<H8XoR<6*T-yJ(Li(lWZ3Ox)#a$rl<J
z7sI#D-N?kHsjkeApb{yQo(PV*Pbj^t^nQ;iW8Wj76u<Wf!pq3XP&Ea$>z4IN>3FVG
zm`reGt-KE~A+3%0qr_yZ++$x3sRi7W5sTrjHl`C!qHy118r`=kfcp0~6*`Vp_}!FL
zzUyv!**sp`6_bgjv%igvBGVdI`1XRlK<j)GX+Y3c=5fVJkDODB$9wemm>%Tp^%F$#
z`!m6Q(NDo=1&Ui;UML5#Y4-aZ6)wYM;#$$s<O(laxyqn@zRnJI&1(2X+<2&8{f1Hd
z8CS0P{ynDo`2A=^{bOpgPeuMG-xHJ4ViBE*QokReq9t6MynxA+QE|sDS6F(;g?OB0
z-gv65?u^RuHYQ=i1=9lO!*)Zj_Lwa8eGiiGd*5pl;d(Np5vy>cd(23B>WCgDlgx?h
zpJb%28Lw0b`W_l65>&|G*|@}LOtHk{azeCS@8%xU@%?^+jQ_r$;FI!0GzAFxv;uwx
zH_ogqOr~IKFC$_hmK!PGkiM=gQ<A0*q)ThkI{}JYva!4M5}JEV55C7e?BDyI!@%vs
z>)~^%x!#mCbETFIm`vyMGbSLxmm~S@A9Lai;I9T$eAr;Z#)~S+Klk#j;OYHQBVeD&
zLh$!Yd@3ij`OE~A(vcobZs9sxm`v6twd7SN9;s$z6B-hg9{RZb)#r6o(S|aXGGFYu
zmYX_zHhuSU=<(mTp4CSItn8LRg=h{@J&Jdo?wCwY7jgK^8<QRggjk=NSP39h&F9y@
zxY0WH%7*%kIBEQTjNsn)a_EcSdwB}Oom#`U3n~$?kyKr!Vh&8Eo~O5uz`GvFd-^4_
zNGZ?v-Q2VrJ5`$%|G1fNM%gg^#GXw*#;2X{ZvBhv36WbM;H%QF{v`hilJ53#YBUot
zJB0w=`hBW9=ly=U!o~oLN#(1lct*eeQ)2V?yu&dK(9^PZFQBnF!GJVWdOweVOdMpg
z{(gvsWdSh(3IsO5Ox|R#e1HVX2PP2Um)Ie$z}y}Vae$ZuM{o!V;sMB50q<P@%fEAe
zN8F#opgjaVtJ~kt=hQym-k34yN%iV@!>wVO|7hL-IivoLrgct~pX5$4^t&XmgJ9o#
zFXfmkuU^D@a#@>7;uthTa4*wCBLUv<y&Y~eAg<B1-RWV~cq$-;A`kZ<;w#ih%%s&=
zm=wf!7|TGn`0uJ2KSsFoK%vA5uvZ<h6J0Pt0p}b7I1VzE*d?;OeR`ZqC;zCO>ByZh
zUJD#OzL%7}$t6SWr2SI2(GvwQ(=p&P^yaa@gZyCP1|HXi{)c9;gy;e<cZegPfje-F
zb?DsQ=a3&KC)4en-EjH?Wx3XrOln*6>2FjjiH8qkVetdKAqSC%C;@x-KcSca{bUF9
zm;>;@FhK}E1hY?mwjf^NeJ_huau&ujF_k)U?*hfr5lhTcD#h91hu^sAFw8Xq?7y=s
zVNWv%$S$5e{VgCD0KGIJP+;%A=TA<6K2V4j(AHKEd%(w_kc)thj=*2Neq}fLerz5I
zT2EX$rE&glG-=0274bT>-MoLY8}$d?-?19O&s+J-Z0QDlhG~`W=NUCh1m#UmFM*(p
ziaEYv7_1+iX#LJ=%U@c}i?%v|9Ow@RpeN7;IJ7TW16Ha5?Qj9u^8hamKwA{h(?5=2
zdq?O>8Upx><KE|h_hFGh<j5&RL(RR^u6H$duiQy1_z?qsmb)ZuQIFQuUb!a@oMXRe
zzH@q|8r7`fKkjs{c)Tf1kM9W!peOK1T_o`QTd1785>&?78Huoh?bW?(P)-i}Psmkw
zMt^`d2_0b$0WW;Wh!iXtE1zpnTAzZWQDQ*xvuDJRR*h2BN9?oDNFJY{Kue-GwDjLU
z3mwb<{#j^m`1@y}&-nXip~rx~e-=8P{Qa}g^`5_f7P{quN@&1-f1L>IRCac1HSN+t
zd3-%Y4(kc@$2G{*vl<HjJQMmr{2mmLMoXeM+0#3V2}$hADV!gwyP*>a5a(Ve^yg@s
z0Smq(hH;r+pBcW=bE9cww9LZE2G$Vx(Y(IukXH4_!{T^^tCIj6+NU&Rv~<we=)^6D
zo~H|q^n+=atZ5IK9{nM(4SzpQWO<-#rsFC5AbZ+B&gOJJ+8@wc!1q@qExyM7wGV-?
zxSp#&v)*^&i3%j6RkBqK90h+w$=y42Xo!D&E0Jg-z8Z{Di1C&{yixF*Tv<D2c17rl
z^v%QAyd{lT_>hc!-rYN}f1Dc)2<AuTop}GrLqj3oiqQKQIaVtqW1n}Ic)zXxX(iB}
z3G~HxuRy6z1*`UagGJ_eB7NJAvOE>Or=xauQf<+&Dy*`wE5HDdhW6wdp|v>n>|n(c
zJrbk0|JzXujYbH(4goKG2p5Gtc7~pUb;mt7GPBO4YcXzf!m-Uw;!_KLElfv9mC=Kz
zs+0XigsU6m;F-}8qQx4o`wWCzO^zrRb@}Q<r6zJ##+eB^zSF*J`1}ESec}6=2I#c~
z$mk#D$8pA|>cYJv%oeyt(;}7X5-DT+uVr-P=8y^^BxJHwWdUi8LQ@O*QOJeD3W+zz
z-$yc_;n3U3{T+}_SwdhyxW5Pt4j#Y@330WAxv}%G^8yba=0-n(SQzi1!YV5#x%lOD
zUWg5IR!8+!PV`#f_47Or$r<Pv7xxU2OC<)7zbmYRa(8uuTSE@^8o{cq^0^1k&z4y}
z5F$uUAP(o9MV?*Ko%EMW5;1{COYQYqz^V#b!|*WlsPS|APkPN37{k!n$FFh?wD~`K
zEr9ysF{#we`y7XgS#2V4x99SxVkM?%G!=64JZA`pN6!G#EOyr1?6%HsJgi(mfZ=kt
zba!-f=dwk)TXI_2*rJ2pKMRQVl%E<lUsdqS_2<5;;^yUUpm*oax|in0#oWA`di3E5
zLh9v47XWFrF6LGa)}l~XI1FWF$7$ng?(UATh6?fUz+plH)*P0?yh0rOf_!`&!a|lX
z4nCNrwSb_Y4YvqP7>aUoa@&hqKS?d2zSLbL<+E@4RGTTh*-qW2T~7M?KJ<D1y}P4^
zE#a|@AW}D|GYW2l@RIn^R=lix4FqbO;?+bM2}-K;k~QtSx+i;{c#li!o;@Nt3vIsJ
z+(1;?$PB=O5V*XA1<eKdIRJDnD<=mBn4>i(61ap8wmR>&zv;(kIYaogS1NGZcyg~i
zRL~U}d+Q^2Vd!pE8B!k|@c#nX#`PDNR31*k`AW>+Zu!=K#GMzE^o${CI`k2;`I(uL
z)BWZ41*X5ov_g41yE**=SAISG1()EHjS3EnnrNK!mw1$mjEL7SU9iljW;}U!<Tl#f
z|3X(cILZOx2t)26A9NLkwAoWD^(07l9KGlb8i)K%uHulUQ@%)1vBxdGlisg50py>q
zV&&v$gRr$hAmLCj-EVxmP3*EZJeq=O_G7il$sK5!T75xj;G^rCc_x{*ClaJuDSn~(
zA5aHXUCJBuGCUO&&)O$)X$D`rZhP9!BbrC}<;02x5_w&NkM)46#!wE|Un&WA^njXz
zd|_3FJ|w_8+-%-e@_bWP-^(3qCYLpmLBb@Ja023EZrtR*(GtJ{T?Is<WTTBS=Lhbn
zp7xkt3u`^Wka*kxj{Tg8MC=w*<a;>ufRe6oH>e%V18$Bs832=TL%G92i0f5%Jd;Ik
zd<;;uZX1qWf|XZT5HwunnkioQx*sXqcjeRpM5GhU+8nLcL1+Kx4D737y*hPiHzk?t
zLy7L_2D9I@^{^EFF<%JDl`}GWWa$UhF@{1Vpu9kPAMDDY?7M0gve#hb#a1k)c=JXJ
zB8wKAAAH%Nu0GT>OTuiw0O7#^=?XksLq%LeP~NG)7nRZcdPUa3JKj-N6iRcmG%mLm
zjvi8ex-OszSPRh;*QD#1+#!BTf>9N(Ocvdpc%voV->s%5(ezRE))=6B{U-prudLxV
zFn6Sz1UJYYIXl5Kl?GHi*&NnJ<^0@SRcq&q3WO?m#<b{65#xqiqz90Up<doVvjG2r
zHNsu+Q{7TYTCkM2Vy7#;PsiA5LK2?x<pa*0YASv~-BSz)a2(){?r=vpl(#v;+T3Yx
z1|-43fv^TCr#xRRM364#9dy|5@aV;OGv3#1S^-BD?6);uI#7iMnjH+xa4%;klpFLH
z*dW;dcJu#JjaDhPE}HdW9-C<6%Ey479iGWmcA0=H%9>aznS~;id{59fO#JLd8z)CM
z33o??m6J92O5559`J8&`ibU;_irJT@yQ+xc1dDuvv~ZPF2jT7e!G2T+fY4VO8Vvet
zFe2ND^;Zs$NEB@dIgYYys#}aO(0+PeuJe#4qr6fOVt)_}?Oe7tUJig#5-@i+Cs12^
zFcrRe>UO^2gS()zWMaFhn6|h<Np<$&zS_c(byL>n(-@kWdmyagV3>cZ#RpDluL#DJ
z)w5vVhzn#%y7ksEZ;&=BP)W+mOIXaKQ0$;>2uD}IE+{aE|D{qv28OIP^(#D&B?piC
z;D+cKEaFDJztQ5*u7PyPBBN46j}Sk*?>iXKR_H+u)J%brsb+%O>epjCa4smVg%q1{
ze>t8i8sIKZ7EVl(l1h&LIisIY=r%_>S;3HSb87?&oQ81i{|Uq(^!ZZ!j{k?J2_uPZ
zL58Gp-}K+4%!p@V2U5+pw4K0nJgDp*1I*D@0`6$83p{5Qp#PaK-AApgGQ2`%opC<R
zc5dk5@zKZisH9y+)?>G_GKEMAxeh}8up92?2KNG|UQ!Y*8L~td?3u2qZ8c(Zxjm(S
zmOP6kBbQ;|Y?{`?PK8coe%k#b8!&frcXM{%^SfWP<v$Xl|0#!qwdJTcsN_AIzBMH!
zWONL8+M$}-a15bE01jT(rn!Ih!MKQSb~l6r9I(&a)y*3Tm#{-vTf-ee9q=+Ye%Ym>
z?&HAKl_^%9i$w}nudapWb*e7vxbvw<FW<rp|KC9|!awx#yTqN4*lRtc%?%w#s-Eeg
zlI5;V2Bgz;O~LzFyZzV?v_D!sba*wlazZ+x%pILj4ltyIryar#&Si;&S=od1bRze@
zGdf$|SbY&EF$-6<HJCbqKulheq`^$~ygYxzIsU&ww?o+4A%T~h#2z%)-g^#P6wDjM
zGXLmd1J9A5n9NOVEM@lX4_{k*%~E!&nrK{=>bZqvN=Oc{0HZ0L1Qc^j-i)TPb$wUS
z89b5Em7C8<AIDGE`C9LMh*IlyK1nHO9bOO$$1f5|8?QZ8k-)5%)6L5bV~|`_nug_0
zxF27?zY=@Co=o<l=-nD4m(=Oc6@+3gxa4>Ty?yT*L^!&8nFBGyd@sP-!{N>#>*+^j
z7-`GZW_X>?>KhhFM!u}{vG%J9uLvytyp6CZkb@r3`}-IP)Fl4|3qphk^&{Q6nJ3u%
zTkcf(k+JJX85@Zj2oFyOM4Oo@Yj&X*gMMC<e+;)!-My(Il!L<x33GLY?#~?mIJ9+i
z=h&nD^Cy42cX9>Z0#i6ZYEOv672)8FgmVaR^YHTW@bGZhSn=_2@LO8ha9G+1a&rg?
zz(uSCc|-(l1Vo^|c(^FIl@rR^28KZ5;qE1pdxHob?)Q-idiJ2jc(^~Jk`KZOIIw{N
zna$Zfqnwd2HygmQ(P@qs+!1Oj26eLo_TNwN0!|S7ae(x3az-E8ApQV!hN0Zdf$8%f
z9{@3r7Y}!TrV7~T=)_@zbaHm~2HxAaa_r4pIXHl>mOxKT|D!1^U?IBuaJf7j&~Jcm
zdvJ<ya&w@pgxL0Gw-Q{|a1SmAn6on+^?m-%!Qo-cvELya97qp93<`C0vO`$HQI0S-
zIMm+5!5rb}21jzbS$jzU_hs%Km?MBGs5@|oHU{B_vc~1w-*X}yZ2!cH=LhnjnH$Ly
zoz)>FGof#`pSa#?iOHofq&g>Sf5c|M%+&W*{VU)Hp?`XitGgxIiJ&sp9xz8MxHWV?
zA#{ZT-SE??{_GsE?~?zqd;D}#=6x?^hk7F1?4TFX4GI0(e$0P3<lpt)vwu+hOlhIa
zf4K8c3XZ>}JTuz44|w+h_x`<qA9V14#KV6;{&evlpX~eiKkVeVa4S0}T;_{FvWi|o
z0e2OYlarGfXq$ikS^z1Az9bMZBoqa6utvDr|Iq8NuNYiEJlsD#2Kv`d31vY?HxD?<
z8;TwTSpN+t{lWMjU19%~lOBk*|Lcl>8J2%EJP@AIosG@`0IxE4M^F09k=7_E;PMAA
zjQ=tJ69xtq0bveXIPe?^gw_9`*BvDK-vId^W&t2S_z@rvw&ss;gb^k|V(9GSe<E=J
zDfxGt^`M4$|4GO^c*?&RI1dtY{J4t$H+;f`F#^`V<)}Y8;eRHS9_(?ncY?EEQ^hMR
z`Zy0A6u-_(>IqBA#|@u-Z2RzfySTy49r|;I`Uhv}#!z6<2bgrA{|6UW*{s+|Oj7a1
zPtB~_P)?kTPJdhjDRxh2mYuaX#J^$3cd&@|eYmwmB0#0|xCNAfYfHOEIQb))o-<Eb
zKbBqOD+{x3a#-`v+7dXFiLOO}7f1fIAO!$&0%H;=*Z=3NjKD$B>0QuL;(3>v%&IE0
zAnM4gJmN*fkUn4j`3SFWE!}~ctc@oyHo7~br;V;0uI|q0+Apy5dazPe<GF>qAu(%~
zKnq(|_>531<IGzhNu@V%%ktXlU`iPTmj-x%4&cUU{`T%bKenD(<(U_cFVZF4Lynxq
z%WUoT%uv5MKw!1}uKr+=1X#YY!C1br0v3jy9MCJM80cOXXG~cZpWT(hS|rdOXemq1
z<ZI}@!N<U1B3CqC`_1Y60kZ*gA22$U1NJvL>r9Vl+dNzIB2U3fBOYqmWS4_IiHqeh
zuSrv`pP+<n9V~+a4GrY{FbCJ~voTO3=Ul<L!s58C_W2q-O?p98xPvTilG%4Ih;YvK
zVnQ8f(LwJ-UzPhabr6hoZQiQ!>5zfYAjQnMMkO19mNgCcdcv?`!|Xw6>M;roouEIV
zBzQnz-PyKI-`r_VD@^-D+hp*S-;$i;hrE55h23XC9$QFc2wv9UaD<{4urNAD&4+%&
zzF6LGei7k5TIWI1U&R{FO$~oCm1hFyp0ub#-&XK*CcD=;7#Lmb4M#nnM2j^W+t67(
zF9aTUuc}f^Heg;}D;<5N;>if@0Ss64q8fUo@27Pj+x~wpsdMGwn5IwQ3abjNzvd>l
z_jF(ytJdRPPnCb|7+)&Q!gg>)<VSVq7iF>2Ifo(-d3N7cdRFCqV#IcOu|EDKOj4?`
zbtXBpyvL~n)aXE(4S+erywSxYiC^HAn+8`u$RH*&t8Qu|^(TLS>Gq>rB&P-HI*@7`
zFT}`gC=Ya^F%%5}1e3iTIGmHvboYpn34U~fxzJB9QSW}db9sI<*L9(0j%97We)AN1
zt^KD{p{D>IZsvBty#P)&HWD6goIl<QfgA%V?*=@+_ls>+geA^^4t4wD>mfYycN3KT
zjzP@{jY+`=o&Ha=G7t`VsE*y@WbGY-#@+XK`OKwFaYmw@7Op;YT_HO5@l2d5*jBIo
zk!!zP2EwxJ^ms{~)l2BcDc`h9c3i%T;{A;!SRV7YCVg7N28D!!Sl@N}QDFdKJr>UH
z3nd7|4#eInz2S4FaupwLNQHY#3_^H|=S|-h^q2ObYZD-xm}qL3yDEGw@N#Uus^#-k
z^0&`qPrlu>(1KHZkbaN&pbu()^i3xJOz94!h}%j}s}A&uF@4gT52^i6Z5K6<;qPd^
zyeLbe`e-+(ox$gTB6}%3^uJg2`x`|+Q1Y-M?y!mznwXUqkN;G+nxXl0MZq0BciRU!
z8R`Sn(F8f@q4XEJfh-Pxv+*SJ*2idsM|nQ2E8CFl<~M8ov}cK<ZBuJ4TtbFui|v7;
zBpivp!w0Y!F8VK8d@y;4pnUgLf8ldDjKffkl{L8I6?4u#-573@!`jL1RZj(6SPt~g
ze!U0!>k28TEmi9tYM$OX757f-snE#?T-vdg{M)w?1CnQ(%&E*vr76%+?k|AQH@fcM
zhF1blcEfRai;SKkjh%CZRy3GsJ(@H-R*d_#iX8j#{U-E+!W_NWb@WwsQC&t>PS#vW
zRYpNhR1{rS+rRbLbx*mUnE#b>=;3@8z(lVH?x*tmrtjUs3f!>w{a(d4SQ7TWAw>c)
z4=ai<g^5;vWyrMBdNHJ4VD#l(x7i~q8sKy}FNE9vUC`Qaln25J?g~|M^Z*t%(YHjS
zZ;1T~SFY}UzWog<k1{Ro^VM5y(QcQo)SBIcnMf~l$=(~B$v}6;FW|I*91-v)>-}=C
Lw!0O;;rf37k?@ND

literal 0
HcmV?d00001

diff --git a/tpmeventlog/replay_test.go b/tpmeventlog/replay_test.go
index 719190a..b241aad 100644
--- a/tpmeventlog/replay_test.go
+++ b/tpmeventlog/replay_test.go
@@ -38,12 +38,6 @@ type eventLog struct {
 	ExpectedEFIAppDigests map[pb.HashAlgo][]string
 }
 
-// The Arch Linux event log has two known failures due to our parser's strict checks.
-var archLinuxKnownParsingFailures = []string{
-	"SecureBoot data len is 0, expected 1",
-	"found EFIBootServicesApplication in PCR4 before CallingEFIApp event",
-}
-
 // Agile Event Log from a RHEL 8 GCE instance with Secure Boot enabled
 var Rhel8GCE = eventLog{
 	RawLog: testdata.Rhel8EventLog,
@@ -555,31 +549,59 @@ var COS121AmdSev = eventLog{
 	},
 }
 
+var GdcHost = eventLog{
+	RawLog: testdata.GdcHost,
+	Banks: []register.PCRBank{
+		testutil.MakePCRBank(pb.HashAlgo_SHA256, map[uint32][]byte{
+			0:  decodeHex("dab77c454bd12c27ff6b6ce1f9adca90b7a330c1cef0b5cd01cb89fb3bd0dffa"),
+			1:  decodeHex("e9c706539943b2d9770715914f9b3946fab0265327bace4c479913acb9014051"),
+			2:  decodeHex("7fde57284c6a0eabdc9b829db4e2ab0bb565c4189410de2474dd116bc18bafcc"),
+			3:  decodeHex("3d458cfe55cc03ea1f443f1562beec8df51c75e14a9fcf9a7234a13f198e7969"),
+			4:  decodeHex("ded8b5d91a09c328b9859d8c9db5a346f1065224616b0ba66d6c83dba2b465e8"),
+			5:  decodeHex("163ee251955b844012f1493aa962b2a18acbec194ea4856cdc45cd54c8540058"),
+			6:  decodeHex("3d458cfe55cc03ea1f443f1562beec8df51c75e14a9fcf9a7234a13f198e7969"),
+			7:  decodeHex("2c9252609eda09899d96abe16b947d0e736c43271997c1fa5189e9bcd37ba516"),
+			8:  decodeHex("8edecd4daa5194ea70a2a9f2c71c7c816bd3b1e0a1ca6f4abea7306250191eba"),
+			9:  decodeHex("731d336f9f3255e80b429de54fb77b2ad5e485829eb386d661c668245f30f44b"),
+			14: decodeHex("306f9d8b94f17d93dc6e7cf8f5c79d652eb4c6c4d13de2dddc24af416e13ecaf"),
+		}),
+	},
+	ExpectedEFIAppDigests: map[pb.HashAlgo][]string{
+		pb.HashAlgo_SHA256: {
+			"c7ac5d44444affd8d4a7c5d3dea0ce20a71e05812fc18777a428d092f78ae3ff",
+			"c5d3b47de11a9a2a4a15ef5cb7202d7800a10609c0dcecc46e3e963d476b76ce",
+			"af4161084115c9d5c1872f4473fe974b535e3a9a767688293720ac2cc6f7f9a3",
+			"af4161084115c9d5c1872f4473fe974b535e3a9a767688293720ac2cc6f7f9a3",
+		},
+	},
+}
+
 func TestParseEventLogs(t *testing.T) {
 	sbatErrorStr := "asn1: structure error: tags don't match (16 vs {class:0 tag:24 length:10 isCompound:true})"
 	logs := []struct {
 		eventLog
 		name string
-		extract.Bootloader
+		extract.Opts
 		// This field handles known issues with event log parsing or bad event
 		// logs.
 		// Set to nil when the event log has no known issues.
 		knownErrs []string
 	}{
-		{Debian10GCE, "Debian10GCE", extract.UnsupportedLoader, nil},
-		{Rhel8GCE, "Rhel8GCE", extract.GRUB, nil},
-		{UbuntuAmdSevGCE, "UbuntuAmdSevGCE", extract.GRUB, nil},
+		{Debian10GCE, "Debian10GCE", extract.Opts{Loader: extract.UnsupportedLoader}, nil},
+		{Rhel8GCE, "Rhel8GCE", extract.Opts{Loader: extract.GRUB}, nil},
+		{UbuntuAmdSevGCE, "UbuntuAmdSevGCE", extract.Opts{Loader: extract.GRUB}, nil},
 		// TODO: remove once the fix is pulled in
 		// https://github.com/google/go-attestation/pull/222
-		{Ubuntu2104NoDbxGCE, "Ubuntu2104NoDbxGCE", extract.GRUB, []string{sbatErrorStr}},
-		{Ubuntu2104NoSecureBootGCE, "Ubuntu2104NoSecureBootGCE", extract.GRUB, []string{sbatErrorStr}},
-		{Ubuntu2404AmdSevSnp, "Ubuntu2404AmdSevSnp", extract.GRUB, nil},
+		{Ubuntu2104NoDbxGCE, "Ubuntu2104NoDbxGCE", extract.Opts{Loader: extract.GRUB}, []string{sbatErrorStr}},
+		{Ubuntu2104NoSecureBootGCE, "Ubuntu2104NoSecureBootGCE", extract.Opts{Loader: extract.GRUB}, []string{sbatErrorStr}},
+		{Ubuntu2404AmdSevSnp, "Ubuntu2404AmdSevSnp", extract.Opts{Loader: extract.GRUB}, nil},
 		// This event log has a SecureBoot variable length of 0.
-		{ArchLinuxWorkstation, "ArchLinuxWorkstation", extract.UnsupportedLoader, archLinuxKnownParsingFailures},
-		{COS85AmdSev, "COS85AmdSev", extract.GRUB, nil},
-		{COS93AmdSev, "COS93AmdSev", extract.GRUB, nil},
-		{COS101AmdSev, "COS101AmdSev", extract.GRUB, nil},
-		{COS121AmdSev, "COS121AmdSev", extract.GRUB, nil},
+		{ArchLinuxWorkstation, "ArchLinuxWorkstation", extract.Opts{Loader: extract.UnsupportedLoader, AllowEFIAppBeforeCallingEvent: true, AllowEmptySBVar: true}, nil},
+		{COS85AmdSev, "COS85AmdSev", extract.Opts{Loader: extract.GRUB}, nil},
+		{COS93AmdSev, "COS93AmdSev", extract.Opts{Loader: extract.GRUB}, nil},
+		{COS101AmdSev, "COS101AmdSev", extract.Opts{Loader: extract.GRUB}, nil},
+		{COS121AmdSev, "COS121AmdSev", extract.Opts{Loader: extract.GRUB}, nil},
+		{GdcHost, "GdcHost", extract.Opts{Loader: extract.GRUB, AllowEFIAppBeforeCallingEvent: true}, []string{"invalid SCRTM version event for PCR0"}},
 	}
 
 	for _, log := range logs {
@@ -588,7 +610,7 @@ func TestParseEventLogs(t *testing.T) {
 			hashName := pb.HashAlgo_name[int32(bank.TCGHashAlgo)]
 			subtestName := fmt.Sprintf("%s-%s", log.name, hashName)
 			t.Run(subtestName, func(t *testing.T) {
-				if _, err := ReplayAndExtract(rawLog, bank, extract.Opts{Loader: log.Bootloader}); err != nil {
+				if _, err := ReplayAndExtract(rawLog, bank, log.Opts); err != nil {
 					matched := false
 					for _, knownErr := range log.knownErrs {
 						if strings.Contains(err.Error(), knownErr) {
@@ -605,6 +627,25 @@ func TestParseEventLogs(t *testing.T) {
 	}
 }
 
+func TestParseEventLogCallingEFIAppError(t *testing.T) {
+	tests := []struct {
+		eventLog
+		name string
+	}{
+		{ArchLinuxWorkstation, "ArchLinuxWorkstation"},
+		{GdcHost, "GdcHost"},
+	}
+	for _, test := range tests {
+		t.Run(test.name, func(t *testing.T) {
+			for _, bank := range test.Banks {
+				if _, err := ReplayAndExtract(test.RawLog, bank, extract.Opts{AllowEFIAppBeforeCallingEvent: false}); err == nil || !strings.Contains(err.Error(), "before CallingEFIApp event") {
+					t.Errorf("ReplayAndExtract(%s): expected Calling EFI App error, received %v", test.name, err)
+				}
+			}
+		})
+	}
+}
+
 func TestParseMachineStateReplayFail(t *testing.T) {
 	pcrMap := make(map[uint32][]byte)
 	pcrMap[0] = []byte{0, 0, 0, 0}