From 5338b9cae6d674af481faa3aec48befd2a34ff0b Mon Sep 17 00:00:00 2001
From: liuxu <liuxu156@huawei.com>
Date: Sat, 20 Apr 2024 10:00:53 +0800
Subject: [PATCH] upgrade from upstream

---
 0038-add-modify-for-cgroup-v2-ci-test.patch   |  608 ++++++++
 ...n-ubuntu-container-bug-in-inspect.sh.patch |    2 +-
 ...0-add-support-for-GetContainerEvents.patch |    2 +-
 ...ix-cpurt-init-bug-for-systemd-cgroup.patch |    2 +-
 ...042-fix-message-queue-concurrent-bug.patch |    2 +-
 ...cify-runtime-as-runc-for-oom-test-CI.patch |    2 +-
 ...i.patch => 0044-set-oomkilled-in-cri.patch |    2 +-
 0045-add-cri-1.29-update-design-doc.patch     |  312 ++++
 0046-oom-monitor-in-manual-cases.patch        |  120 ++
 ...age-restrictions-for-CRI-1.29-update.patch |   27 +
 0048-CDI-interface-definition.patch           | 1192 ++++++++++++++++
 ...een-runtime-and-runtime_cmd-in-isula.patch |  145 ++
 ...Use-user-defined-shm-for-CRI-request.patch |  171 +++
 ...-in-set_connected_container_shm_path.patch |   26 +
 0052-init-enable_pod_events-as-false.patch    |   62 +
 ...-root-path-in-rt_lcr_rm-if-lcr-runti.patch |   33 +
 ...an-be-removed-if-sandbox-container-r.patch |   58 +
 ...-shim-timeout-exit-error-log-changes.patch |  175 +++
 ...re-created-pipe-was-not-closed-when-.patch |   36 +
 ...-add-debug-msg-info-in-image_load.sh.patch |   26 +
 0058-empty-pointer-check-in-lcr_rt_ops.patch  |  214 +++
 ...-status-codes-of-cri-in-case-of-erro.patch |  315 +++++
 ...i-return-int-instead-of-error-string.patch |  363 +++++
 ...modules-operate-registry-annotations.patch |  516 +++++++
 ...umount-shmpath-for-sandbox-container.patch |   30 +
 ...ystemd-cgroup-and-enable-cri-v1-valu.patch |   27 +
 0064-cdi-support-module-cache.patch           |  862 +++++++++++
 ...ge-default-subscribe-timeout-to-5min.patch |   76 +
 ...odules-version-spec-spec_dirs-device.patch | 1254 +++++++++++++++++
 ...pport-modules-container_edits-parser.patch | 1210 ++++++++++++++++
 ...perate-when-init-isulad-and-create-c.patch |  371 +++++
 0069-bugfix-fix-cni_operate_ut-ut.patch       |   24 +
 iSulad.spec                                   |   47 +-
 33 files changed, 8299 insertions(+), 13 deletions(-)
 create mode 100644 0038-add-modify-for-cgroup-v2-ci-test.patch
 rename 0038-fix-run-ubuntu-container-bug-in-inspect.sh.patch => 0039-fix-run-ubuntu-container-bug-in-inspect.sh.patch (94%)
 rename 0039-add-support-for-GetContainerEvents.patch => 0040-add-support-for-GetContainerEvents.patch (99%)
 rename 0040-fix-cpurt-init-bug-for-systemd-cgroup.patch => 0041-fix-cpurt-init-bug-for-systemd-cgroup.patch (98%)
 rename 0041-fix-message-queue-concurrent-bug.patch => 0042-fix-message-queue-concurrent-bug.patch (95%)
 rename 0042-specify-runtime-as-runc-for-oom-test-CI.patch => 0043-specify-runtime-as-runc-for-oom-test-CI.patch (94%)
 rename 0043-set-oomkilled-in-cri.patch => 0044-set-oomkilled-in-cri.patch (95%)
 create mode 100644 0045-add-cri-1.29-update-design-doc.patch
 create mode 100644 0046-oom-monitor-in-manual-cases.patch
 create mode 100644 0047-add-usage-restrictions-for-CRI-1.29-update.patch
 create mode 100644 0048-CDI-interface-definition.patch
 create mode 100644 0049-distinguish-between-runtime-and-runtime_cmd-in-isula.patch
 create mode 100644 0050-Use-user-defined-shm-for-CRI-request.patch
 create mode 100644 0051-Fix-memory-leak-in-set_connected_container_shm_path.patch
 create mode 100644 0052-init-enable_pod_events-as-false.patch
 create mode 100644 0053-remove-container-root-path-in-rt_lcr_rm-if-lcr-runti.patch
 create mode 100644 0054-ensure-sandbox-can-be-removed-if-sandbox-container-r.patch
 create mode 100644 0055-bugfix-for-shim-timeout-exit-error-log-changes.patch
 create mode 100644 0056-bugfix-for-the-pre-created-pipe-was-not-closed-when-.patch
 create mode 100644 0057-add-debug-msg-info-in-image_load.sh.patch
 create mode 100644 0058-empty-pointer-check-in-lcr_rt_ops.patch
 create mode 100644 0059-modify-some-grpc-status-codes-of-cri-in-case-of-erro.patch
 create mode 100644 0060-cdi-return-int-instead-of-error-string.patch
 create mode 100644 0061-cdi-support-modules-operate-registry-annotations.patch
 create mode 100644 0062-do-not-umount-shmpath-for-sandbox-container.patch
 create mode 100644 0063-remove-default-systemd-cgroup-and-enable-cri-v1-valu.patch
 create mode 100644 0064-cdi-support-module-cache.patch
 create mode 100644 0065-change-default-subscribe-timeout-to-5min.patch
 create mode 100644 0066-cdi-support-modules-version-spec-spec_dirs-device.patch
 create mode 100644 0067-cdi-support-modules-container_edits-parser.patch
 create mode 100644 0068-cdi-invoke-cdi-operate-when-init-isulad-and-create-c.patch
 create mode 100644 0069-bugfix-fix-cni_operate_ut-ut.patch

diff --git a/0038-add-modify-for-cgroup-v2-ci-test.patch b/0038-add-modify-for-cgroup-v2-ci-test.patch
new file mode 100644
index 0000000..843652a
--- /dev/null
+++ b/0038-add-modify-for-cgroup-v2-ci-test.patch
@@ -0,0 +1,608 @@
+From 33b26f27dd897574d73ce8654620a13edbeb947e Mon Sep 17 00:00:00 2001
+From: zhongtao <zhongtao17@huawei.com>
+Date: Tue, 2 Apr 2024 02:31:58 +1400
+Subject: [PATCH 38/69] add modify for cgroup v2 ci test
+
+Signed-off-by: zhongtao <zhongtao17@huawei.com>
+---
+ CI/test_cases/manual_cases/cgroupv2.sh | 276 +++++++++++++++----------
+ 1 file changed, 165 insertions(+), 111 deletions(-)
+
+diff --git a/CI/test_cases/manual_cases/cgroupv2.sh b/CI/test_cases/manual_cases/cgroupv2.sh
+index f8982f08..8e431688 100755
+--- a/CI/test_cases/manual_cases/cgroupv2.sh
++++ b/CI/test_cases/manual_cases/cgroupv2.sh
+@@ -31,59 +31,59 @@ function test_cgroup2_cpu()
+ 
+   if [[ -f /sys/fs/cgroup/isulad/cpu.weight ]];then
+     # min value
+-    isula run -ti --rm --cpu-shares 2 busybox cat /sys/fs/cgroup/cpu.weight | grep ^1$'\r'
++    isula run --runtime $1 -ti --rm --cpu-shares 2 busybox cat /sys/fs/cgroup/cpu.weight | grep ^1$'\r'
+     [[ $? -ne 0 ]] && msg_err "${FUNCNAME[0]}:${LINENO} - cgroup2 cpu.weight min value failed" && ((ret++))
+ 
+     # max value
+-    isula run -ti --rm --cpu-shares 262144 busybox cat /sys/fs/cgroup/cpu.weight | grep ^10000$'\r'
++    isula run --runtime $1 -ti --rm --cpu-shares 262144 busybox cat /sys/fs/cgroup/cpu.weight | grep ^10000$'\r'
+     [[ $? -ne 0 ]] && msg_err "${FUNCNAME[0]}:${LINENO} - cgroup2 cpu.weight max value failed" && ((ret++))
+ 
+     # invalid value
+-    isula run -ti --rm --cpu-shares -1 busybox echo hello
++    isula run --runtime $1 -ti --rm --cpu-shares -1 busybox echo hello
+     [[ $? -eq 0 ]] && msg_err "${FUNCNAME[0]}:${LINENO} - cgroup2 cpu.weight -1 failed" && ((ret++))
+ 
+     # default value
+-    isula run -ti --rm --cpu-shares 0 busybox cat /sys/fs/cgroup/cpu.weight | grep ^100$'\r'
++    isula run --runtime $1 -ti --rm --cpu-shares 0 busybox cat /sys/fs/cgroup/cpu.weight | grep ^100$'\r'
+     [[ $? -ne 0 ]] && msg_err "${FUNCNAME[0]}:${LINENO} - cgroup2 cpu.weight default value failed" && ((ret++))
+   fi
+ 
+   if [[ -f /sys/fs/cgroup/isulad/cpu.max ]];then
+     # normal value
+-    isula run -ti --rm --cpu-quota 50000 --cpu-period 12345 busybox cat /sys/fs/cgroup/cpu.max | grep ^"50000 12345"$'\r'
++    isula run --runtime $1 -ti --rm --cpu-quota 50000 --cpu-period 12345 busybox cat /sys/fs/cgroup/cpu.max | grep ^"50000 12345"$'\r'
+     [[ $? -ne 0 ]] && msg_err "${FUNCNAME[0]}:${LINENO} - cgroup2 cpu.max normal value failed" && ((ret++))
+ 
+     # invalid min period
+-    isula run -ti --rm --cpu-quota 50000 --cpu-period 999 busybox echo hello
++    isula run --runtime $1 -ti --rm --cpu-quota 50000 --cpu-period 999 busybox echo hello
+     [[ $? -eq 0 ]] && msg_err "${FUNCNAME[0]}:${LINENO} - cgroup2 cpu.max invalid min period failed" && ((ret++))
+ 
+     # invalid max period
+-    isula run -ti --rm --cpu-quota 50000 --cpu-period 1000001 busybox echo hello
++    isula run --runtime $1 -ti --rm --cpu-quota 50000 --cpu-period 1000001 busybox echo hello
+     [[ $? -eq 0 ]] && msg_err "${FUNCNAME[0]}:${LINENO} - cgroup2 cpu.max invalid max period failed" && ((ret++))
+ 
+     # invalid quota
+-    isula run -ti --rm --cpu-quota 999 --cpu-period 1000000 busybox echo hello
++    isula run --runtime $1 -ti --rm --cpu-quota 999 --cpu-period 1000000 busybox echo hello
+     [[ $? -eq 0 ]] && msg_err "${FUNCNAME[0]}:${LINENO} - cgroup2 cpu.max invalid quota failed" && ((ret++))
+ 
+     # default 0 quota
+-    isula run -ti --rm --cpu-quota 0 --cpu-period 1000000 busybox cat /sys/fs/cgroup/cpu.max | grep ^"max 1000000"$'\r'
++    isula run --runtime $1 -ti --rm --cpu-quota 0 --cpu-period 1000000 busybox cat /sys/fs/cgroup/cpu.max | grep ^"max 1000000"$'\r'
+     [[ $? -ne 0 ]] && msg_err "${FUNCNAME[0]}:${LINENO} - cgroup2 cpu.max default 0 quota failed" && ((ret++))
+ 
+     # default -1 quota
+-    isula run -ti --rm --cpu-quota -1 --cpu-period 1000000 busybox cat /sys/fs/cgroup/cpu.max | grep ^"max 1000000"$'\r'
++    isula run --runtime $1 -ti --rm --cpu-quota -1 --cpu-period 1000000 busybox cat /sys/fs/cgroup/cpu.max | grep ^"max 1000000"$'\r'
+     [[ $? -ne 0 ]] && msg_err "${FUNCNAME[0]}:${LINENO} - cgroup2 cpu.max default -1 quota failed" && ((ret++))
+ 
+     # cpus 1
+-    isula run -ti --rm --cpus 1 busybox cat /sys/fs/cgroup/cpu.max | grep ^"100000 100000"$'\r'
++    isula run --runtime $1 -ti --rm --cpus 1 busybox cat /sys/fs/cgroup/cpu.max | grep ^"100000 100000"$'\r'
+     [[ $? -ne 0 ]] && msg_err "${FUNCNAME[0]}:${LINENO} - cgroup2 cpu.max cpus 1 failed" && ((ret++))
+ 
+     # cpus 0
+-    isula run -ti --rm --cpus 0 busybox cat /sys/fs/cgroup/cpu.max | grep ^"max 100000"$'\r'
++    isula run --runtime $1 -ti --rm --cpus 0 busybox cat /sys/fs/cgroup/cpu.max | grep ^"max 100000"$'\r'
+     [[ $? -ne 0 ]] && msg_err "${FUNCNAME[0]}:${LINENO} - cgroup2 cpu.max cpus 0 failed" && ((ret++))
+   fi
+ 
+   if [[ -f /sys/fs/cgroup/isulad/cpuset.cpus.effective ]];then
+     # normal value
+-    isula run -tid -n cpuset --cpuset-cpus 0 --cpuset-mems 0 busybox sh
++    isula run --runtime $1 -tid -n cpuset --cpuset-cpus 0 --cpuset-mems 0 busybox sh
+     [[ $? -ne 0 ]] && msg_err "${FUNCNAME[0]}:${LINENO} - cgroup2 cpuset run container failed" && ((ret++))
+ 
+     isula exec -ti cpuset cat /sys/fs/cgroup/cpuset.cpus | grep ^0$'\r'
+@@ -96,19 +96,19 @@ function test_cgroup2_cpu()
+     [[ $? -ne 0 ]] && msg_err "${FUNCNAME[0]}:${LINENO} - cgroup2 cpuset remove container failed" && ((ret++))
+ 
+     # invalid cpus -1 value
+-    isula run -tid -n cpuset --cpuset-cpus -1 busybox sh
++    isula run --runtime $1 -tid -n cpuset --cpuset-cpus -1 busybox sh
+     [[ $? -eq 0 ]] && msg_err "${FUNCNAME[0]}:${LINENO} - cgroup2 cpuset cpus invalid -1 failed" && ((ret++))
+ 
+     # invalid cpus 100000 value
+-    isula run -tid -n cpuset --cpuset-cpus 100000 busybox sh
++    isula run --runtime $1 -tid -n cpuset --cpuset-cpus 100000 busybox sh
+     [[ $? -eq 0 ]] && msg_err "${FUNCNAME[0]}:${LINENO} - cgroup2 cpuset cpus invalid 100000 failed" && ((ret++))
+ 
+     # invalid mems -1 value
+-    isula run -tid -n cpuset --cpuset-mems -1 busybox sh
++    isula run --runtime $1 -tid -n cpuset --cpuset-mems -1 busybox sh
+     [[ $? -eq 0 ]] && msg_err "${FUNCNAME[0]}:${LINENO} - cgroup2 cpuset mems invalid -1 failed" && ((ret++))
+ 
+     # invalid mems 100000 value
+-    isula run -tid -n cpuset --cpuset-mems 100000 busybox sh
++    isula run --runtime $1 -tid -n cpuset --cpuset-mems 100000 busybox sh
+     [[ $? -eq 0 ]] && msg_err "${FUNCNAME[0]}:${LINENO} - cgroup2 cpuset mems invalid 100000 failed" && ((ret++))
+   fi
+ 
+@@ -121,33 +121,38 @@ function test_cgroup2_io()
+ 
+   if [[ -f "/sys/fs/cgroup/isulad/io.bfq.weight" ]];then
+     # min value
+-    isula run -ti --rm --blkio-weight 10 busybox cat "/sys/fs/cgroup/io.bfq.weight" | grep 1$'\r'
+-    [[ $? -ne 0 ]] && msg_err "${FUNCNAME[0]}:${LINENO} - cgroup2 io.bfq.weight min value failed" && ((ret++))
++    if [ $1 == "lcr" ]; then
++      isula run --runtime $1 -ti --rm --blkio-weight 10 busybox cat "/sys/fs/cgroup/io.bfq.weight" | grep 1$'\r'
++      [[ $? -ne 0 ]] && msg_err "${FUNCNAME[0]}:${LINENO} - cgroup2 io.bfq.weight min value failed" && ((ret++))
++    else
++      isula run --runtime $1 -ti --rm --blkio-weight 10 busybox cat "/sys/fs/cgroup/io.bfq.weight" | grep 10$'\r'
++      [[ $? -ne 0 ]] && msg_err "${FUNCNAME[0]}:${LINENO} - cgroup2 io.bfq.weight min value failed" && ((ret++))
++    fi
+ 
+     # max value
+-    isula run -ti --rm --blkio-weight 1000 busybox cat "/sys/fs/cgroup/io.bfq.weight" | grep 1000$'\r'
++    isula run --runtime $1 -ti --rm --blkio-weight 1000 busybox cat "/sys/fs/cgroup/io.bfq.weight" | grep 1000$'\r'
+     [[ $? -ne 0 ]] && msg_err "${FUNCNAME[0]}:${LINENO} - cgroup2 io.bfq.weight max value failed" && ((ret++))
+ 
+     # default value
+-    isula run -ti --rm --blkio-weight 0 busybox cat "/sys/fs/cgroup/io.bfq.weight" | grep 100$'\r'
++    isula run --runtime $1 -ti --rm --blkio-weight 0 busybox cat "/sys/fs/cgroup/io.bfq.weight" | grep 100$'\r'
+     [[ $? -ne 0 ]] && msg_err "${FUNCNAME[0]}:${LINENO} - cgroup2 io.bfq.weight default value failed" && ((ret++))
+ 
+     # invalid value
+-    isula run -ti --rm --blkio-weight -1 busybox echo hello
++    isula run --runtime $1 -ti --rm --blkio-weight -1 busybox echo hello
+     [[ $? -eq 0 ]] && msg_err "${FUNCNAME[0]}:${LINENO} - cgroup2 io.bfq.weight -1 failed" && ((ret++))
+   fi
+ 
+   if [[ -f "/sys/fs/cgroup/isulad/io.bfq.weight_device" ]];then
+     # min value
+-    isula run -ti --rm --blkio-weight-device /dev/null:10 busybox cat "/sys/fs/cgroup/io.bfq.weight_device" | grep ^"1:3 10"$'\r'
++    isula run --runtime $1 -ti --rm --blkio-weight-device /dev/null:10 busybox cat "/sys/fs/cgroup/io.bfq.weight_device" | grep ^"1:3 10"$'\r'
+     [[ $? -ne 0 ]] && msg_err "${FUNCNAME[0]}:${LINENO} - cgroup2 io.bfq.weight_device max value failed" && ((ret++))
+ 
+     # max value
+-    isula run -ti --rm --blkio-weight-device /dev/null:1000 busybox cat "/sys/fs/cgroup/io.bfq.weight_device" | grep ^"1:3 10000"$'\r'
++    isula run --runtime $1 -ti --rm --blkio-weight-device /dev/null:1000 busybox cat "/sys/fs/cgroup/io.bfq.weight_device" | grep ^"1:3 10000"$'\r'
+     [[ $? -ne 0 ]] && msg_err "${FUNCNAME[0]}:${LINENO} - cgroup2 io.bfq.weight_device max value failed" && ((ret++))
+ 
+     # disable weight device
+-    isula run -tid -n weight_device --rm --blkio-weight-device /dev/null:0 busybox sh
++    isula run --runtime $1 -tid -n weight_device --rm --blkio-weight-device /dev/null:0 busybox sh
+     [[ $? -ne 0 ]] && msg_err "${FUNCNAME[0]}:${LINENO} - cgroup2 io.bfq.weight_device failed" && ((ret++))
+ 
+     isula exec -ti weight_device cat "/sys/fs/cgroup/io.bfq.weight_device" | grep "1:3"
+@@ -159,33 +164,43 @@ function test_cgroup2_io()
+ 
+   if [[ -f "/sys/fs/cgroup/isulad/io.weight" ]];then
+     # min value
+-    isula run -ti --rm --blkio-weight 10 busybox cat "/sys/fs/cgroup/io.weight" | grep ^"default 1"$'\r'
+-    [[ $? -ne 0 ]] && msg_err "${FUNCNAME[0]}:${LINENO} - cgroup2 io.weight min value failed" && ((ret++))
++    if [ $1 == "lcr" ]; then
++      isula run --runtime $1 -ti --rm --blkio-weight 10 busybox cat "/sys/fs/cgroup/io.weight" | grep ^"default 1"$'\r'
++      [[ $? -ne 0 ]] && msg_err "${FUNCNAME[0]}:${LINENO} - cgroup2 io.weight min value failed" && ((ret++))
++    else
++      isula run --runtime $1 -ti --rm --blkio-weight 10 busybox cat "/sys/fs/cgroup/io.bfq.weight" | grep ^"default 10"$'\r'
++      [[ $? -ne 0 ]] && msg_err "${FUNCNAME[0]}:${LINENO} - cgroup2 io.weight min value failed" && ((ret++))
++    fi
+ 
+     # max value
+-    isula run -ti --rm --blkio-weight 1000 busybox cat "/sys/fs/cgroup/io.weight" | grep ^"default 10000"$'\r'
+-    [[ $? -ne 0 ]] && msg_err "${FUNCNAME[0]}:${LINENO} - cgroup2 io.weight max value failed" && ((ret++))
++    if [ $1 == "lcr" ]; then
++      isula run --runtime $1 -ti --rm --blkio-weight 1000 busybox cat "/sys/fs/cgroup/io.weight" | grep ^"default 10000"$'\r'
++      [[ $? -ne 0 ]] && msg_err "${FUNCNAME[0]}:${LINENO} - cgroup2 io.weight max value failed" && ((ret++))
++    else
++        isula run --runtime $1 -ti --rm --blkio-weight 1000 busybox cat "/sys/fs/cgroup/io.bfq.weight" | grep ^"default 1000"$'\r'
++        [[ $? -ne 0 ]] && msg_err "${FUNCNAME[0]}:${LINENO} - cgroup2 io.weight max value failed" && ((ret++))
++    fi
+ 
+     # default value
+-    isula run -ti --rm --blkio-weight 0 busybox cat "/sys/fs/cgroup/io.weight" | grep ^"default 100"$'\r'
++    isula run --runtime $1 -ti --rm --blkio-weight 0 busybox cat "/sys/fs/cgroup/io.weight" | grep ^"default 100"$'\r'
+     [[ $? -ne 0 ]] && msg_err "${FUNCNAME[0]}:${LINENO} - cgroup2 io.weight default value failed" && ((ret++))
+ 
+     # invalid value
+-    isula run -ti --rm --blkio-weight -1 busybox echo hello
++    isula run --runtime $1 -ti --rm --blkio-weight -1 busybox echo hello
+     [[ $? -eq 0 ]] && msg_err "${FUNCNAME[0]}:${LINENO} - cgroup2 io.weight -1 failed" && ((ret++))
+   fi
+ 
+   if [[ -f "/sys/fs/cgroup/isulad/io.weight_device" ]];then
+     # min value
+-    isula run -ti --rm --blkio-weight-device /dev/null:10 busybox cat "/sys/fs/cgroup/io.weight_device" | grep ^"1:3 10"$'\r'
++    isula run --runtime $1 -ti --rm --blkio-weight-device /dev/null:10 busybox cat "/sys/fs/cgroup/io.weight_device" | grep ^"1:3 10"$'\r'
+     [[ $? -ne 0 ]] && msg_err "${FUNCNAME[0]}:${LINENO} - cgroup2 io.weight max value failed" && ((ret++))
+ 
+     # max value
+-    isula run -ti --rm --blkio-weight-device /dev/null:1000 busybox cat "/sys/fs/cgroup/io.weight_device" | grep ^"1:3 10000"$'\r'
++    isula run --runtime $1 -ti --rm --blkio-weight-device /dev/null:1000 busybox cat "/sys/fs/cgroup/io.weight_device" | grep ^"1:3 10000"$'\r'
+     [[ $? -ne 0 ]] && msg_err "${FUNCNAME[0]}:${LINENO} - cgroup2 io.weight max value failed" && ((ret++))
+ 
+     # disable weight device
+-    isula run -tid -n weight_device --rm --blkio-weight-device /dev/null:0 busybox sh
++    isula run --runtime $1 -tid -n weight_device --rm --blkio-weight-device /dev/null:0 busybox sh
+     [[ $? -ne 0 ]] && msg_err "${FUNCNAME[0]}:${LINENO} - cgroup2 io.weight failed" && ((ret++))
+ 
+     isula exec -ti weight_device cat "/sys/fs/cgroup/io.weight_device" | grep ^"1:3"$'\r'
+@@ -197,16 +212,22 @@ function test_cgroup2_io()
+ 
+   if [[ -f /sys/fs/cgroup/isulad/io.max ]];then
+     # normal value
+-    isula run -ti --rm --device-read-bps /dev/null:1g --device-read-iops /dev/null:1000 --device-write-bps /dev/null:2g --device-write-iops /dev/null:2000 busybox cat /sys/fs/cgroup/io.max | grep ^"1:3 rbps=1073741824 wbps=2147483648 riops=1000 wiops=2000"$'\r'
++    isula run --runtime $1 -ti --rm --device-read-bps /dev/null:1g --device-read-iops /dev/null:1000 --device-write-bps /dev/null:2g --device-write-iops /dev/null:2000 busybox cat /sys/fs/cgroup/io.max | grep ^"1:3 rbps=1073741824 wbps=2147483648 riops=1000 wiops=2000"$'\r'
+     [[ $? -ne 0 ]] && msg_err "${FUNCNAME[0]}:${LINENO} - cgroup2 io.max failed" && ((ret++))
+ 
+     # invalid
+-    isula run -ti --rm --device-read-bps /dev/null:-1 busybox echo hello
++    isula run --runtime $1 -ti --rm --device-read-bps /dev/null:-1 busybox echo hello
+     [[ $? -eq 0 ]] && msg_err "${FUNCNAME[0]}:${LINENO} - cgroup2 io.max -1 failed" && ((ret++))
+ 
+-    # 0 is no limit
+-    isula run -ti --rm --device-read-bps /dev/null:0 --device-read-iops /dev/null:0 --device-write-bps /dev/null:0 --device-write-iops /dev/null:0 busybox echo hello
+-    [[ $? -ne 0 ]] && msg_err "${FUNCNAME[0]}:${LINENO} - cgroup2 io.max 0 failed" && ((ret++))
++    if [ $1 == "lcr" ]; then
++      # 0 is no limit
++      isula run --runtime $1 -ti --rm --device-read-bps /dev/null:0 --device-read-iops /dev/null:0 --device-write-bps /dev/null:0 --device-write-iops /dev/null:0 busybox echo hello
++      [[ $? -ne 0 ]] && msg_err "${FUNCNAME[0]}:${LINENO} - cgroup2 io.max 0 failed" && ((ret++))
++    else
++      # 0 is limit
++      isula run --runtime $1 -ti --rm --device-read-bps /dev/null:0 --device-read-iops /dev/null:0 --device-write-bps /dev/null:0 --device-write-iops /dev/null:0 busybox echo hello
++      [[ $? -eq 0 ]] && msg_err "${FUNCNAME[0]}:${LINENO} - cgroup2 io.max 0 success" && ((ret++))
++    fi
+   fi
+ 
+   return ${ret}
+@@ -218,51 +239,51 @@ function test_cgroup2_memory()
+ 
+   if [[ -f /sys/fs/cgroup/isulad/memory.max ]];then
+     # normal value
+-    isula run -ti --rm -m 10m busybox cat /sys/fs/cgroup/memory.max | grep ^10485760$'\r'
++    isula run --runtime $1 -ti --rm -m 10m busybox cat /sys/fs/cgroup/memory.max | grep ^10485760$'\r'
+     [[ $? -ne 0 ]] && msg_err "${FUNCNAME[0]}:${LINENO} - cgroup2 memory.max run container failed" && ((ret++))
+ 
+     # 0 is max
+-    isula run -ti --rm -m 0 busybox cat /sys/fs/cgroup/memory.max | grep ^max$'\r'
++    isula run --runtime $1 -ti --rm -m 0 busybox cat /sys/fs/cgroup/memory.max | grep ^max$'\r'
+     [[ $? -ne 0 ]] && msg_err "${FUNCNAME[0]}:${LINENO} - cgroup2 memory.max 0 failed" && ((ret++))
+ 
+     # invalid
+-    isula run -ti --rm -m -1 busybox echo hello
++    isula run --runtime $1 -ti --rm -m -1 busybox echo hello
+     [[ $? -eq 0 ]] && msg_err "${FUNCNAME[0]}:${LINENO} - cgroup2 memory.max -1 failed" && ((ret++))
+   fi
+ 
+   if [[ -f /sys/fs/cgroup/isulad/memory.low ]];then
+     # normal value
+-    isula run -ti --rm --memory-reservation 10m busybox cat /sys/fs/cgroup/memory.low | grep ^10485760$'\r'
++    isula run --runtime $1 -ti --rm --memory-reservation 10m busybox cat /sys/fs/cgroup/memory.low | grep ^10485760$'\r'
+     [[ $? -ne 0 ]] && msg_err "${FUNCNAME[0]}:${LINENO} - cgroup2 memory.low normal value failed" && ((ret++))
+ 
+     # -1 is invalid
+-    isula run -ti --rm --memory-reservation -1 busybox echo hello
++    isula run --runtime $1 -ti --rm --memory-reservation -1 busybox echo hello
+     [[ $? -eq 0 ]] && msg_err "${FUNCNAME[0]}:${LINENO} - cgroup2 memory.low invalid failed" && ((ret++))
+ 
+     # 0
+-    isula run -ti --rm --memory-reservation 0 busybox cat /sys/fs/cgroup/memory.low | grep ^0$'\r'
++    isula run --runtime $1 -ti --rm --memory-reservation 0 busybox cat /sys/fs/cgroup/memory.low | grep ^0$'\r'
+     [[ $? -ne 0 ]] && msg_err "${FUNCNAME[0]}:${LINENO} - cgroup2 memory.low 0 failed" && ((ret++))
+   fi
+ 
+   if [[ -f /sys/fs/cgroup/isulad/memory.swap.max ]];then
+     # normal value
+-    isula run -ti --rm --memory 10m --memory-swap 20m busybox cat /sys/fs/cgroup/memory.swap.max | grep ^10485760$'\r'
++    isula run --runtime $1 -ti --rm --memory 10m --memory-swap 20m busybox cat /sys/fs/cgroup/memory.swap.max | grep ^10485760$'\r'
+     [[ $? -ne 0 ]] && msg_err "${FUNCNAME[0]}:${LINENO} - cgroup2 memory.swap.max normal value failed" && ((ret++))
+ 
+     # invalid
+-    isula run -ti --rm --memory 10m --memory-swap 5m busybox echo hello
++    isula run --runtime $1 -ti --rm --memory 10m --memory-swap 5m busybox echo hello
+     [[ $? -eq 0 ]] && msg_err "${FUNCNAME[0]}:${LINENO} - cgroup2 memory.swap.max invalid failed" && ((ret++))
+ 
+     # 0 is the same as memory
+-    isula run -ti --rm --memory 10m --memory-swap 0 busybox cat /sys/fs/cgroup/memory.swap.max | grep ^10485760$'\r'
++    isula run --runtime $1 -ti --rm --memory 10m --memory-swap 0 busybox cat /sys/fs/cgroup/memory.swap.max | grep ^10485760$'\r'
+     [[ $? -ne 0 ]] && msg_err "${FUNCNAME[0]}:${LINENO} - cgroup2 memory.swap.max 0 failed" && ((ret++))
+ 
+     # -1 is max
+-    isula run -ti --rm --memory 10m --memory-swap -1 busybox cat /sys/fs/cgroup/memory.swap.max | grep ^max$'\r'
++    isula run --runtime $1 -ti --rm --memory 10m --memory-swap -1 busybox cat /sys/fs/cgroup/memory.swap.max | grep ^max$'\r'
+     [[ $? -ne 0 ]] && msg_err "${FUNCNAME[0]}:${LINENO} - cgroup2 memory.swap.max -1 failed" && ((ret++))
+ 
+     # disable swap
+-    isula run -ti --rm --memory 10m --memory-swap 10m busybox cat /sys/fs/cgroup/memory.swap.max | grep ^0$'\r'
++    isula run --runtime $1 -ti --rm --memory 100m --memory-swap 100m busybox cat /sys/fs/cgroup/memory.swap.max | grep ^0$'\r'
+     [[ $? -ne 0 ]] && msg_err "${FUNCNAME[0]}:${LINENO} - cgroup2 memory.swap.max disable swap failed" && ((ret++))
+   fi
+ 
+@@ -275,15 +296,15 @@ function test_cgroup2_pids()
+ 
+   if [[ -f /sys/fs/cgroup/isulad/pids.max ]];then
+     # normal value
+-    isula run -ti --rm --pids-limit 123456 busybox cat /sys/fs/cgroup/pids.max | grep ^123456$'\r'
++    isula run --runtime $1 -ti --rm --pids-limit 123456 busybox cat /sys/fs/cgroup/pids.max | grep ^123456$'\r'
+     [[ $? -ne 0 ]] && msg_err "${FUNCNAME[0]}:${LINENO} - cgroup2 pids.max run container failed" && ((ret++))
+ 
+     # -1 is max
+-    isula run -ti --rm --pids-limit -1 busybox cat /sys/fs/cgroup/pids.max | grep ^max$'\r'
++    isula run --runtime $1 -ti --rm --pids-limit -1 busybox cat /sys/fs/cgroup/pids.max | grep ^max$'\r'
+     [[ $? -ne 0 ]] && msg_err "${FUNCNAME[0]}:${LINENO} - cgroup2 pids.max run container failed" && ((ret++))
+ 
+     # 0 is max
+-    isula run -ti --rm --pids-limit 0 busybox cat /sys/fs/cgroup/pids.max | grep ^max$'\r'
++    isula run --runtime $1 -ti --rm --pids-limit 0 busybox cat /sys/fs/cgroup/pids.max | grep ^max$'\r'
+     [[ $? -ne 0 ]] && msg_err "${FUNCNAME[0]}:${LINENO} - cgroup2 pids.max run container failed" && ((ret++))
+   fi
+ 
+@@ -295,7 +316,7 @@ function test_cgroup2_hugetlb()
+   local ret=0
+ 
+   if [[ -f /sys/fs/cgroup/isulad/hugetlb.2MB.max ]];then
+-    isula run -ti --rm --hugetlb-limit 2M:32M busybox cat /sys/fs/cgroup/hugetlb.2MB.max | grep ^33554432$'\r'
++    isula run --runtime $1 -ti --rm --hugetlb-limit 2M:32M busybox cat /sys/fs/cgroup/hugetlb.2MB.max | grep ^33554432$'\r'
+     [[ $? -ne 0 ]] && msg_err "${FUNCNAME[0]}:${LINENO} - cgroup2 hugetlb.2M.max run container failed" && ((ret++))
+   fi
+ 
+@@ -307,7 +328,7 @@ function test_cgroup2_freeze()
+   local ret=0
+ 
+   if [[ -f /sys/fs/cgroup/isulad/cgroup.freeze ]];then
+-    isula run -tid -n freeze busybox sh
++    isula run --runtime $1 -tid -n freeze busybox sh
+     [[ $? -ne 0 ]] && msg_err "${FUNCNAME[0]}:${LINENO} - cgroup2 freeze run container failed" && ((ret++))
+ 
+     isula pause freeze
+@@ -335,15 +356,15 @@ function test_cgroup2_files()
+ 
+   if [[ -f /sys/fs/cgroup/isulad/files.limit ]];then
+     # normal value
+-    isula run -ti --rm --files-limit 123 busybox cat /sys/fs/cgroup/files.limit | grep ^123$'\r'
++    isula run --runtime $1 -ti --rm --files-limit 123 busybox cat /sys/fs/cgroup/files.limit | grep ^123$'\r'
+     [[ $? -ne 0 ]] && msg_err "${FUNCNAME[0]}:${LINENO} - cgroup2 files.limit run container failed" && ((ret++))
+ 
+     # -1 is max
+-    isula run -ti --rm --files-limit -1 busybox cat /sys/fs/cgroup/files.limit | grep ^max$'\r'
++    isula run --runtime $1 -ti --rm --files-limit -1 busybox cat /sys/fs/cgroup/files.limit | grep ^max$'\r'
+     [[ $? -ne 0 ]] && msg_err "${FUNCNAME[0]}:${LINENO} - cgroup2 files.limit run container failed" && ((ret++))
+ 
+     # 0 is max
+-    isula run -ti --rm --files-limit 0 busybox cat /sys/fs/cgroup/files.limit | grep ^max$'\r'
++    isula run --runtime $1 -ti --rm --files-limit 0 busybox cat /sys/fs/cgroup/files.limit | grep ^max$'\r'
+     [[ $? -ne 0 ]] && msg_err "${FUNCNAME[0]}:${LINENO} - cgroup2 files.limit run container failed" && ((ret++))
+   fi
+ 
+@@ -405,8 +426,13 @@ function test_cgroup2_cpu_update()
+     isula update --cpu-quota 0 --cpu-period 1000000 $cgroup2_update
+     [[ $? -ne 0 ]] && msg_err "${FUNCNAME[0]}:${LINENO} - cgroup2 update cpu.max 0 quota failed" && ((ret++))
+ 
+-    isula exec -ti $cgroup2_update cat /sys/fs/cgroup/cpu.max | grep ^"max 1000000"$'\r'
+-    [[ $? -ne 0 ]] && msg_err "${FUNCNAME[0]}:${LINENO} - cgroup2 update cpu.max 0 quota value not right" && ((ret++))
++    if [ $1 == "lcr" ]; then
++      isula exec -ti $cgroup2_update cat /sys/fs/cgroup/cpu.max | grep ^"max 1000000"$'\r'
++      [[ $? -ne 0 ]] && msg_err "${FUNCNAME[0]}:${LINENO} - cgroup2 update cpu.max 0 quota value not right" && ((ret++))
++    else
++      isula exec -ti $cgroup2_update cat /sys/fs/cgroup/cpu.max | grep ^"50000 1000000"$'\r'
++      [[ $? -ne 0 ]] && msg_err "${FUNCNAME[0]}:${LINENO} - cgroup2 update cpu.max 0 quota value not right" && ((ret++))
++    fi
+ 
+     # default -1 quota
+     isula update --cpu-quota -1 --cpu-period 1000000 $cgroup2_update
+@@ -416,7 +442,7 @@ function test_cgroup2_cpu_update()
+     [[ $? -ne 0 ]] && msg_err "${FUNCNAME[0]}:${LINENO} - cgroup2 update cpu.max -1 quota value not right" && ((ret++))
+ 
+     # cpus 1
+-    isula run -tid -n cpu_update busybox sh
++    isula run --runtime $1 -tid -n cpu_update busybox sh
+     [[ $? -ne 0 ]] && msg_err "${FUNCNAME[0]}:${LINENO} - cgroup2 run cpu_update failed" && ((ret++))
+ 
+     isula update --cpus 1 cpu_update
+@@ -476,8 +502,13 @@ function test_cgroup2_io_update()
+     isula update --blkio-weight 10 $cgroup2_update
+     [[ $? -ne 0 ]] && msg_err "${FUNCNAME[0]}:${LINENO} - cgroup2 update io.bfq.weight min value failed" && ((ret++))
+ 
+-    isula exec -ti $cgroup2_update cat "/sys/fs/cgroup/io.bfq.weight" | grep 1$'\r'
+-    [[ $? -ne 0 ]] && msg_err "${FUNCNAME[0]}:${LINENO} - cgroup2 update io.bfq.weight min value not right" && ((ret++))
++    if [ $1 == "lcr" ]; then
++      isula exec -ti $cgroup2_update cat "/sys/fs/cgroup/io.bfq.weight" | grep 1$'\r'
++      [[ $? -ne 0 ]] && msg_err "${FUNCNAME[0]}:${LINENO} - cgroup2 update io.bfq.weight min value not right" && ((ret++))
++    else
++      isula exec -ti $cgroup2_update cat "/sys/fs/cgroup/io.bfq.weight" | grep 10$'\r'
++      [[ $? -ne 0 ]] && msg_err "${FUNCNAME[0]}:${LINENO} - cgroup2 update io.bfq.weight min value not right" && ((ret++))
++    fi
+ 
+     # max value
+     isula update --blkio-weight 1000 $cgroup2_update
+@@ -503,22 +534,38 @@ function test_cgroup2_io_update()
+     isula update --blkio-weight 10 $cgroup2_update
+     [[ $? -ne 0 ]] && msg_err "${FUNCNAME[0]}:${LINENO} - cgroup2 update io.weight min value failed" && ((ret++))
+ 
+-    isula exec -ti $cgroup2_update cat "/sys/fs/cgroup/io.weight" | grep ^"default 1"$'\r'
+-    [[ $? -ne 0 ]] && msg_err "${FUNCNAME[0]}:${LINENO} - cgroup2 update io.weight min value not right" && ((ret++))
++    if [ $1 == "lcr" ]; then
++      isula exec -ti $cgroup2_update cat "/sys/fs/cgroup/io.weight" | grep ^"default 1"$'\r'
++      [[ $? -ne 0 ]] && msg_err "${FUNCNAME[0]}:${LINENO} - cgroup2 update io.weight min value not right" && ((ret++))
++    else
++      isula exec -ti $cgroup2_update cat "/sys/fs/cgroup/io.bfq.weight" | grep ^"default 10"$'\r'
++      [[ $? -ne 0 ]] && msg_err "${FUNCNAME[0]}:${LINENO} - cgroup2 update io.weight min value not right" && ((ret++))
++    fi
+ 
+     # max value
+     isula update --blkio-weight 1000 $cgroup2_update
+     [[ $? -ne 0 ]] && msg_err "${FUNCNAME[0]}:${LINENO} - cgroup2 update io.weight max value failed" && ((ret++))
+ 
+-    isula exec -ti $cgroup2_update cat "/sys/fs/cgroup/io.weight" | grep ^"default 10000"$'\r'
+-    [[ $? -ne 0 ]] && msg_err "${FUNCNAME[0]}:${LINENO} - cgroup2 update io.weight max value not right" && ((ret++))
++    if [ $1 == "lcr" ]; then
++      isula exec -ti $cgroup2_update cat "/sys/fs/cgroup/io.weight" | grep ^"default 10000"$'\r'
++      [[ $? -ne 0 ]] && msg_err "${FUNCNAME[0]}:${LINENO} - cgroup2 update io.weight max value not right" && ((ret++))
++    else
++      isula exec -ti $cgroup2_update cat "/sys/fs/cgroup/io.bfq.weight" | grep ^"default 1000"$'\r'
++      [[ $? -ne 0 ]] && msg_err "${FUNCNAME[0]}:${LINENO} - cgroup2 update io.weight max value not right" && ((ret++))
++    fi
+ 
+     # 0 means value not change
+     isula update --blkio-weight 0 $cgroup2_update
+     [[ $? -ne 0 ]] && msg_err "${FUNCNAME[0]}:${LINENO} - cgroup2 update io.weight 0 failed" && ((ret++))
+ 
+-    isula exec -ti $cgroup2_update cat "/sys/fs/cgroup/io.weight" | grep ^"default 10000"$'\r'
+-    [[ $? -ne 0 ]] && msg_err "${FUNCNAME[0]}:${LINENO} - cgroup2 update io.weight 0 not right" && ((ret++))
++
++    if [ $1 == "lcr" ]; then
++      isula exec -ti $cgroup2_update cat "/sys/fs/cgroup/io.weight" | grep ^"default 10000"$'\r'
++      [[ $? -ne 0 ]] && msg_err "${FUNCNAME[0]}:${LINENO} - cgroup2 update io.weight max value not right" && ((ret++))
++    else
++      isula exec -ti $cgroup2_update cat "/sys/fs/cgroup/io.bfq.weight" | grep ^"default 1000"$'\r'
++      [[ $? -ne 0 ]] && msg_err "${FUNCNAME[0]}:${LINENO} - cgroup2 update io.weight max value not right" && ((ret++))
++    fi
+ 
+     # invalid value
+     isula update --blkio-weight -1 $cgroup2_update echo hello
+@@ -591,12 +638,13 @@ function test_cgroup2_memory_update()
+     isula exec -ti $cgroup2_update cat /sys/fs/cgroup/memory.swap.max | grep ^10485760$'\r'
+     [[ $? -ne 0 ]] && msg_err "${FUNCNAME[0]}:${LINENO} - cgroup2 update memory.swap.max 0 value not right" && ((ret++))
+ 
+-    # -1 is max
+-    isula update --memory 10m --memory-swap -1 $cgroup2_update
+-    [[ $? -ne 0 ]] && msg_err "${FUNCNAME[0]}:${LINENO} - cgroup2 update memory.swap.max -1 failed" && ((ret++))
+-
+-    isula exec -ti $cgroup2_update cat /sys/fs/cgroup/memory.swap.max | grep ^max$'\r'
+-    [[ $? -ne 0 ]] && msg_err "${FUNCNAME[0]}:${LINENO} - cgroup2 update memory.swap.max -1 value not right" && ((ret++))
++    if [ $1 == "lcr" ]; then
++      # -1 is max
++      isula update --memory 10m --memory-swap -1 $cgroup2_update
++      [[ $? -ne 0 ]] && msg_err "${FUNCNAME[0]}:${LINENO} - cgroup2 update memory.swap.max -1 failed" && ((ret++))
++      isula exec -ti $cgroup2_update cat /sys/fs/cgroup/memory.swap.max | grep ^max$'\r'
++      [[ $? -ne 0 ]] && msg_err "${FUNCNAME[0]}:${LINENO} - cgroup2 update memory.swap.max -1 value not right" && ((ret++))
++    fi
+ 
+     # disable swap
+     isula update --memory 10m --memory-swap 10m $cgroup2_update
+@@ -613,16 +661,16 @@ function test_cgroup2_unsupported()
+ {
+   local ret=0
+ 
+-  isula run -ti --rm --cpu-rt-period 1000000 --cpu-rt-runtime 1000000 busybox echo hello
++  isula run --runtime $1 -ti --rm --cpu-rt-period 1000000 --cpu-rt-runtime 1000000 busybox echo hello
+   [[ $? -eq 0 ]] && msg_err "${FUNCNAME[0]}:${LINENO} - cgroup2 --cpu-rt-period and --cpu-rt-runtime should failed" && ((ret++))
+ 
+-  isula run -ti --rm --kernel-memory 100m busybox echo hello
++  isula run --runtime $1 -ti --rm --kernel-memory 100m busybox echo hello
+   [[ $? -eq 0 ]] && msg_err "${FUNCNAME[0]}:${LINENO} - cgroup2 --kernel-memory should failed" && ((ret++))
+ 
+-  isula run -ti --rm --memory-swappiness 50 busybox echo hello
++  isula run --runtime $1 -ti --rm --memory-swappiness 50 busybox echo hello
+   [[ $? -eq 0 ]] && msg_err "${FUNCNAME[0]}:${LINENO} - cgroup2 --memory-swappiness should failed" && ((ret++))
+ 
+-  isula run -ti --rm --oom-kill-disable busybox echo hello
++  isula run --runtime $1 -ti --rm --oom-kill-disable busybox echo hello
+   [[ $? -eq 0 ]] && msg_err "${FUNCNAME[0]}:${LINENO} - cgroup2 --oom-kill-disable should failed" && ((ret++))
+ 
+   isula update --cpu-rt-period 1000000 --cpu-rt-runtime 1000000 $cgroup2_update
+@@ -641,7 +689,7 @@ function test_cgroup2_parent()
+   rmdir /sys/fs/cgroup/isulad
+   rmdir /sys/fs/cgroup/abc
+ 
+-  id=`isula run -tid --cgroup-parent /abc -m 10m busybox sh`
++  id=`isula run --runtime $1 -tid --cgroup-parent /abc -m 10m busybox sh`
+   cat /sys/fs/cgroup/abc/$id/memory.max | grep ^10485760$
+   [[ $? -ne 0 ]] && msg_err "${FUNCNAME[0]}:${LINENO} - cgroup2 --cgroup-parent cannot work" && ((ret++))
+ 
+@@ -657,39 +705,39 @@ function test_cgroup2_device()
+   mknod_num=$(echo $dev_num | sed 's/:/ /g')
+ 
+   # read only
+-  isula run -ti --rm --device=$dev_name:/dev/sdx:r busybox sh -c 'echo q | fdisk /dev/sdx | grep "read only"'
++  isula run --runtime $1 -ti --rm --device=$dev_name:/dev/sdx:r busybox sh -c 'echo q | fdisk /dev/sdx | grep "read only"'
+   [[ $? -ne 0 ]] && msg_err "${FUNCNAME[0]}:${LINENO} - cgroup2 --device r failed" && ((ret++))
+ 
+-  isula run -ti --rm --device=$dev_name:/dev/sdx:rm busybox sh -c 'echo q | fdisk /dev/sdx | grep "read only"'
++  isula run --runtime $1 -ti --rm --device=$dev_name:/dev/sdx:rm busybox sh -c 'echo q | fdisk /dev/sdx | grep "read only"'
+   [[ $? -ne 0 ]] && msg_err "${FUNCNAME[0]}:${LINENO} - cgroup2 --device rm failed" && ((ret++))
+ 
+-  isula run -ti --rm --device-cgroup-rule="b $dev_num r" busybox sh -c "mknod /dev/sdx b $mknod_num && echo q | fdisk /dev/sdx | grep 'read only'"
++  isula run --runtime $1 -ti --rm --device-cgroup-rule="b $dev_num r" busybox sh -c "mknod /dev/sdx b $mknod_num && echo q | fdisk /dev/sdx | grep 'read only'"
+   [[ $? -ne 0 ]] && msg_err "${FUNCNAME[0]}:${LINENO} - cgroup2 --device r failed" && ((ret++))
+ 
+-  isula run -ti --rm --device-cgroup-rule="b $dev_num rm" busybox sh -c "mknod /dev/sdx b $mknod_num && echo q | fdisk /dev/sdx | grep 'read only'"
++  isula run --runtime $1 -ti --rm --device-cgroup-rule="b $dev_num rm" busybox sh -c "mknod /dev/sdx b $mknod_num && echo q | fdisk /dev/sdx | grep 'read only'"
+   [[ $? -ne 0 ]] && msg_err "${FUNCNAME[0]}:${LINENO} - cgroup2 --device rm failed" && ((ret++))
+ 
+   # can't read
+-  isula run -ti --rm --device=$dev_name:/dev/sdx:w busybox sh -c 'echo q | fdisk /dev/sdx 2>&1 | grep "t open"'
++  isula run --runtime $1 -ti --rm --device=$dev_name:/dev/sdx:w busybox sh -c 'echo q | fdisk /dev/sdx 2>&1 | grep "t open"'
+   [[ $? -ne 0 ]] && msg_err "${FUNCNAME[0]}:${LINENO} - cgroup2 --device w failed" && ((ret++))
+ 
+-  isula run -ti --rm --device=$dev_name:/dev/sdx:wm busybox sh -c 'echo q | fdisk /dev/sdx 2>&1 | grep "t open"'
++  isula run --runtime $1 -ti --rm --device=$dev_name:/dev/sdx:wm busybox sh -c 'echo q | fdisk /dev/sdx 2>&1 | grep "t open"'
+   [[ $? -ne 0 ]] && msg_err "${FUNCNAME[0]}:${LINENO} - cgroup2 --device wm failed" && ((ret++))
+ 
+-  isula run -ti --rm --device-cgroup-rule="b $dev_num w" busybox sh -c "mknod /dev/sdx b $mknod_num && echo q | fdisk /dev/sdx 2>&1 | grep 't open'"
++  isula run --runtime $1 -ti --rm --device-cgroup-rule="b $dev_num w" busybox sh -c "mknod /dev/sdx b $mknod_num && echo q | fdisk /dev/sdx 2>&1 | grep 't open'"
+   [[ $? -ne 0 ]] && msg_err "${FUNCNAME[0]}:${LINENO} - cgroup2 --device w failed" && ((ret++))
+ 
+-  isula run -ti --rm --device-cgroup-rule="b $dev_num wm" busybox sh -c "mknod /dev/sdx b $mknod_num && echo q | fdisk /dev/sdx 2>&1 | grep 't open'"
++  isula run --runtime $1 -ti --rm --device-cgroup-rule="b $dev_num wm" busybox sh -c "mknod /dev/sdx b $mknod_num && echo q | fdisk /dev/sdx 2>&1 | grep 't open'"
+   [[ $? -ne 0 ]] && msg_err "${FUNCNAME[0]}:${LINENO} - cgroup2 --device wm failed" && ((ret++))
+ 
+   # can't read write
+-  isula run -ti --rm --device=$dev_name:/dev/sdx:m busybox sh -c 'echo q | fdisk /dev/sdx 2>&1 | grep "t open"'
++  isula run --runtime $1 -ti --rm --device=$dev_name:/dev/sdx:m busybox sh -c 'echo q | fdisk /dev/sdx 2>&1 | grep "t open"'
+   [[ $? -ne 0 ]] && msg_err "${FUNCNAME[0]}:${LINENO} - cgroup2 --device m" && ((ret++))
+ 
+-  isula run -ti --rm --device-cgroup-rule="b $dev_num m" busybox sh -c "mknod /dev/sdx b $mknod_num && echo q | fdisk /dev/sdx 2>&1 | grep 't open'"
++  isula run --runtime $1 -ti --rm --device-cgroup-rule="b $dev_num m" busybox sh -c "mknod /dev/sdx b $mknod_num && echo q | fdisk /dev/sdx 2>&1 | grep 't open'"
+   [[ $? -ne 0 ]] && msg_err "${FUNCNAME[0]}:${LINENO} - cgroup2 --device wm failed" && ((ret++))
+ 
+-  isula run -ti --rm --device-cgroup-rule="b *:* m" busybox sh -c "mknod /dev/sdx b $mknod_num && echo q | fdisk /dev/sdx 2>&1 | grep 't open'"
++  isula run --runtime $1 -ti --rm --device-cgroup-rule="b *:* m" busybox sh -c "mknod /dev/sdx b $mknod_num && echo q | fdisk /dev/sdx 2>&1 | grep 't open'"
+   [[ $? -ne 0 ]] && msg_err "${FUNCNAME[0]}:${LINENO} - cgroup2 --device wm failed" && ((ret++))
+ 
+   return ${ret}
+@@ -723,7 +771,7 @@ function prepare_test_cgroupv2()
+ 
+   isula rm -f `isula ps -a -q`
+ 
+-  isula run -tid -n $cgroup2_update busybox sh
++  isula run --runtime $1 -tid -n $cgroup2_update busybox sh
+   [[ $? -ne 0 ]] && msg_err "${FUNCNAME[0]}:${LINENO} - cgroup2 run container failed" && ((ret++))
+ 
+   return ${ret}
+@@ -740,25 +788,31 @@ declare -i ans=0
+ msg_info "${test} starting..."
+ [[ $? -ne 0 ]] && msg_err "${FUNCNAME[0]}:${LINENO} - start isulad failed" && ((ret++))
+ 
+-prepare_test_cgroupv2 || ((ans++))
+-if [ "$cgroupv2" == "1" ];then
+-  test_cgroup2_cpu || ((ans++))
+-  test_cgroup2_io || ((ans++))
+-  test_cgroup2_memory || ((ans++))
+-  test_cgroup2_pids || ((ans++))
+-  test_cgroup2_hugetlb || ((ans++))
+-  test_cgroup2_freeze || ((ans++))
+-  test_cgroup2_files || ((ans++))
+-  test_cgroup2_cpu_update || ((ans++))
+-  test_cgroup2_io_update || ((ans++))
+-  test_cgroup2_memory_update || ((ans++))
+-  test_cgroup2_unsupported || ((ans++))
+-  test_cgroup2_parent || ((ans++))
+-  test_cgroup2_device || ((ans++))
+-else
+-  msg_info "${test} not cgroup v2 enviorment, ignore test..."
+-fi
+-post_test_cgroupv2
++for element in ${RUNTIME_LIST[@]};
++do
++  prepare_test_cgroupv2 $element || ((ans++))
++  if [ "$cgroupv2" == "1" ];then
++    local test="cgroup v2 test => (${element})"
++    msg_info "${test} starting..."
++    test_cgroup2_cpu $element || ((ans++))
++    test_cgroup2_io $element || ((ans++))
++    test_cgroup2_memory $element || ((ans++))
++    test_cgroup2_pids $element || ((ans++))
++    test_cgroup2_hugetlb $element || ((ans++))
++    test_cgroup2_freeze $element || ((ans++))
++    test_cgroup2_files $element || ((ans++))
++    test_cgroup2_cpu_update $element || ((ans++))
++    test_cgroup2_io_update $element || ((ans++))
++    test_cgroup2_memory_update $element || ((ans++))
++    test_cgroup2_unsupported $element || ((ans++))
++    test_cgroup2_parent $element || ((ans++))
++    test_cgroup2_device $element || ((ans++))
++    msg_info "${test} finished with return ${ans}..."
++  else
++    msg_info "${test} not cgroup v2 enviorment, ignore test..."
++  fi
++  post_test_cgroupv2 $element
++done
+ 
+ msg_info "${test} finished with return ${ans}..."
+ 
+-- 
+2.34.1
+
diff --git a/0038-fix-run-ubuntu-container-bug-in-inspect.sh.patch b/0039-fix-run-ubuntu-container-bug-in-inspect.sh.patch
similarity index 94%
rename from 0038-fix-run-ubuntu-container-bug-in-inspect.sh.patch
rename to 0039-fix-run-ubuntu-container-bug-in-inspect.sh.patch
index f16356c..5501261 100644
--- a/0038-fix-run-ubuntu-container-bug-in-inspect.sh.patch
+++ b/0039-fix-run-ubuntu-container-bug-in-inspect.sh.patch
@@ -1,7 +1,7 @@
 From 8e1fe0302bf1a871f66a296e456811e878b1fa3b Mon Sep 17 00:00:00 2001
 From: jikai <jikai11@huawei.com>
 Date: Tue, 2 Apr 2024 10:06:18 +0800
-Subject: [PATCH 38/43] fix run ubuntu container bug in inspect.sh
+Subject: [PATCH 39/69] fix run ubuntu container bug in inspect.sh
 
 Signed-off-by: jikai <jikai11@huawei.com>
 ---
diff --git a/0039-add-support-for-GetContainerEvents.patch b/0040-add-support-for-GetContainerEvents.patch
similarity index 99%
rename from 0039-add-support-for-GetContainerEvents.patch
rename to 0040-add-support-for-GetContainerEvents.patch
index 6e7d03f..397a792 100644
--- a/0039-add-support-for-GetContainerEvents.patch
+++ b/0040-add-support-for-GetContainerEvents.patch
@@ -1,7 +1,7 @@
 From 745497bdc5c5192709ecc7b3edc91a5170f5b30e Mon Sep 17 00:00:00 2001
 From: jikai <jikai11@huawei.com>
 Date: Fri, 29 Mar 2024 09:33:38 +0000
-Subject: [PATCH 39/43] add support for GetContainerEvents
+Subject: [PATCH 40/69] add support for GetContainerEvents
 
 Signed-off-by: jikai <jikai11@huawei.com>
 ---
diff --git a/0040-fix-cpurt-init-bug-for-systemd-cgroup.patch b/0041-fix-cpurt-init-bug-for-systemd-cgroup.patch
similarity index 98%
rename from 0040-fix-cpurt-init-bug-for-systemd-cgroup.patch
rename to 0041-fix-cpurt-init-bug-for-systemd-cgroup.patch
index ce92d43..1f5e9eb 100644
--- a/0040-fix-cpurt-init-bug-for-systemd-cgroup.patch
+++ b/0041-fix-cpurt-init-bug-for-systemd-cgroup.patch
@@ -1,7 +1,7 @@
 From fe11b34a3c2843ea2198b310160b182d63aeb63b Mon Sep 17 00:00:00 2001
 From: jikai <jikai11@huawei.com>
 Date: Tue, 2 Apr 2024 11:22:09 +0800
-Subject: [PATCH 40/43] fix cpurt init bug for systemd-cgroup
+Subject: [PATCH 41/69] fix cpurt init bug for systemd-cgroup
 
 Signed-off-by: jikai <jikai11@huawei.com>
 ---
diff --git a/0041-fix-message-queue-concurrent-bug.patch b/0042-fix-message-queue-concurrent-bug.patch
similarity index 95%
rename from 0041-fix-message-queue-concurrent-bug.patch
rename to 0042-fix-message-queue-concurrent-bug.patch
index 12c9876..063742a 100644
--- a/0041-fix-message-queue-concurrent-bug.patch
+++ b/0042-fix-message-queue-concurrent-bug.patch
@@ -1,7 +1,7 @@
 From f90a145d9d29682295aebf2bcd30865ee5f6491f Mon Sep 17 00:00:00 2001
 From: jikai <jikai11@huawei.com>
 Date: Tue, 2 Apr 2024 07:53:54 +0000
-Subject: [PATCH 41/43] fix message queue concurrent bug
+Subject: [PATCH 42/69] fix message queue concurrent bug
 
 Signed-off-by: jikai <jikai11@huawei.com>
 ---
diff --git a/0042-specify-runtime-as-runc-for-oom-test-CI.patch b/0043-specify-runtime-as-runc-for-oom-test-CI.patch
similarity index 94%
rename from 0042-specify-runtime-as-runc-for-oom-test-CI.patch
rename to 0043-specify-runtime-as-runc-for-oom-test-CI.patch
index 9db5fe1..3f807c8 100644
--- a/0042-specify-runtime-as-runc-for-oom-test-CI.patch
+++ b/0043-specify-runtime-as-runc-for-oom-test-CI.patch
@@ -1,7 +1,7 @@
 From 7af700c4021ef9961aaac37ffa5767bd4f3dd184 Mon Sep 17 00:00:00 2001
 From: jikai <jikai11@huawei.com>
 Date: Tue, 2 Apr 2024 08:00:37 +0000
-Subject: [PATCH 42/43] specify runtime as runc for oom test CI
+Subject: [PATCH 43/69] specify runtime as runc for oom test CI
 
 Signed-off-by: jikai <jikai11@huawei.com>
 ---
diff --git a/0043-set-oomkilled-in-cri.patch b/0044-set-oomkilled-in-cri.patch
similarity index 95%
rename from 0043-set-oomkilled-in-cri.patch
rename to 0044-set-oomkilled-in-cri.patch
index 486579e..a9d21ea 100644
--- a/0043-set-oomkilled-in-cri.patch
+++ b/0044-set-oomkilled-in-cri.patch
@@ -1,7 +1,7 @@
 From 5393ce7d02bb73ce4760edefa959dfb4846f1958 Mon Sep 17 00:00:00 2001
 From: jikai <jikai11@huawei.com>
 Date: Tue, 2 Apr 2024 11:19:06 +0000
-Subject: [PATCH 43/43] set oomkilled in cri
+Subject: [PATCH 44/69] set oomkilled in cri
 
 Signed-off-by: jikai <jikai11@huawei.com>
 ---
diff --git a/0045-add-cri-1.29-update-design-doc.patch b/0045-add-cri-1.29-update-design-doc.patch
new file mode 100644
index 0000000..7098ecf
--- /dev/null
+++ b/0045-add-cri-1.29-update-design-doc.patch
@@ -0,0 +1,312 @@
+From a1f8641f7b440362a615e72246c92654008f61e9 Mon Sep 17 00:00:00 2001
+From: jikai <jikai11@huawei.com>
+Date: Thu, 22 Feb 2024 11:09:50 +0800
+Subject: [PATCH 45/69] add cri 1.29 update design doc
+
+Signed-off-by: jikai <jikai11@huawei.com>
+---
+ README.md                                     |   2 +-
+ docs/design/README_zh.md                      |   3 +-
+ .../detailed/CRI/CRI_1.29_update_design.md    | 237 ++++++++++++++++++
+ .../cri_api_1.29_GetContainerEvents.svg       |   8 +
+ docs/images/cri_api_1.29_overview.svg         |   5 +
+ 5 files changed, 253 insertions(+), 2 deletions(-)
+ create mode 100644 docs/design/detailed/CRI/CRI_1.29_update_design.md
+ create mode 100644 docs/images/cri_api_1.29_GetContainerEvents.svg
+ create mode 100644 docs/images/cri_api_1.29_overview.svg
+
+diff --git a/README.md b/README.md
+index 970b6e72..694ddbc2 100644
+--- a/README.md
++++ b/README.md
+@@ -240,4 +240,4 @@ iSulad Version | Kubernetes Version | CRI Version
+ --- | --- | ---
+ v2.0.0+ | v1.13-v1.18 | v1alpha2
+ v2.0.8+ | v1.19-v1.22 | v1alpha2
+-v2.1.4+ | v1.23-v1.26 | v1, v1alpha2
++v2.1.4+ | v1.23-v1.29 | v1, v1alpha2
+diff --git a/docs/design/README_zh.md b/docs/design/README_zh.md
+index b7ec3ddb..3382bfbe 100644
+--- a/docs/design/README_zh.md
++++ b/docs/design/README_zh.md
+@@ -69,4 +69,5 @@
+ 
+ - 查看 Sandbox 模块的设计文档： [sandbox_design_zh](./detailed/Sandbox/sandbox_design_zh.md) 。
+ - 查看 Controller 模块的设计文档： [controller_design_zh](./detailed/Sandbox/controller_design_zh.md) 。
+-- 查看 CRI V1 模块的设计文档： [podsandbox_cri_interface_design](./detailed/Sandbox/podsandbox_cri_interface_design.md) 。
+\ No newline at end of file
++- 查看 CRI V1 模块的设计文档： [podsandbox_cri_interface_design](./detailed/Sandbox/podsandbox_cri_interface_design.md) 。
++- 查看 CRI 1.29 更新模块的设计文档： [cri_1.29_update_design](./detailed/CRI/CRI_1.29_update_design.md) 。
+diff --git a/docs/design/detailed/CRI/CRI_1.29_update_design.md b/docs/design/detailed/CRI/CRI_1.29_update_design.md
+new file mode 100644
+index 00000000..0a0c860b
+--- /dev/null
++++ b/docs/design/detailed/CRI/CRI_1.29_update_design.md
+@@ -0,0 +1,237 @@
++| Author | 吉凯                   |
++| ------ | ----------------------|
++| Date   | 2024-02-20            |
++| Email  | jikai11@huawei.com    |
++
++### 方案目标
++
++当前iSulad CRI接口版本采用的1.25版本, 预期升级至1.29版本，iSulad CRI接口需要对升级后的新增CRI字段进行补充。
++
++该需求需要iSulad对K8S新版本CRI接口1.29提供支持，在K8S 1.25及之前，K8S存在CRI V1alpha2 和 CRI V1两种版本的CRI接口，
++但从1.26开始，K8S开始仅提供对于新版本CRI V1的支持，对1.25及之前的CRI接口，此次升级中，iSulad引用CRI V1，
++对于1.25及之前的CRI接口，V1alpha2和V1功能保持一致，1.26及之后新增的特性仅在CRI V1中提供支持。
++
++CRI V1使能：
++
++1、编译iSulad时开启ENABLE_CRI_API_V1编译选项
++
++```bash
++cmake ../ -D ENABLE_CRI_API_V1=ON
++```
++
++2、daemon.json中enable-cri-v1设置为true
++
++```json
++{
++    "group": "isula",
++    "default-runtime": "runc",
++    "graph": "/var/lib/isulad",
++    "state": "/var/run/isulad",
++    "log-level": "ERROR",
++    "pidfile": "/var/run/isulad.pid",
++    ...
++    "enable-cri-v1": true,
++}
++```
++
++### 总体设计
++
++#### 变更文档
++
++<https://gitee.com/openeuler/iSulad/blob/master/docs/design/detailed/CRI/CRI_1.29_interface_change.md>
++
++#### 总体设计图
++
++![](../../../images/cri_api_1.29_overview.svg)
++
++#### 此次更新包含以下变更
++
++##### [kubelet: get cgroup driver config from CRI](https://github.com/kubernetes/kubernetes/pull/118770)
++
++`RuntimeConfig` 获取cgroup驱动配置 cgroupfs 或 systemd-cgroup
++
++##### [Add Support for Evented PLEG](https://github.com/kubernetes/kubernetes/pull/111384)
++
++`GetContainerEents`，提供对pod生命周期相关事件流
++
++`PodSandboxStatus`有相应调整
++
++##### [Add swap to stats to Summary API and Prometheus endpoints (/stats/summary and /metrics/resource)](https://github.com/kubernetes/kubernetes/pull/118865)
++
++`ContainerStats`新增虚拟内存使用情况信息： `SwapUsage`
++
++##### 变更排查
++
++1、[Propose comment to standardize the reason field](https://github.com/kubernetes/kubernetes/pull/112977)
++
++Must be set to "OOMKilled" for containers terminated by cgroup-based Out-of-Memory killer.
++
++container status中reason字段在cgroup out-of-memory时应该设置为OOMKilled
++
++2、[Improve the API description of `PodSecurityContext.SupplementalGroups` to clarify its unfamiliar behavior](https://github.com/kubernetes/kubernetes/pull/113047)
++
++描述修改，优化`PodSecurityContext.SupplementalGroups`的注释，明确容器镜像定义的主UID不在该列表下的行为
++
++- Clarified the expected behavior of `SupplementalGroups` field of `PodSecurityContext`
++
++```txt
++    // List of groups applied to the first process run in the sandbox, in
++    // addition to the sandbox's primary GID, and group memberships defined
++    // in the container image for the sandbox's primary UID of the container process.
++    // If the list is empty, no additional groups are added to any container.
++    // Note that group memberships defined in the container image for the sandbox's primary UID
++    // of the container process are still effective, even if they are not included in this list.
++```
++
++3、[cri-api: document expectation of 16 MB limit](https://github.com/kubernetes/kubernetes/pull/110435)
++
++```txt
++    // Captured command stdout output.
++    // The runtime should cap the output of this response to 16MB.
++    // If the stdout of the command produces more than 16MB, the remaining output
++    // should be discarded, and the command should proceed with no error.
++    // See CVE-2022-1708 and CVE-2022-31030 for more information.
++```
++
++##### 其它不涉及
++
++1、windows相关
++
++[CRI: Add Windows Podsandbox Stats](https://github.com/kubernetes/kubernetes/pull/110754)
++
++[Windows hostnetwork alpha](https://github.com/kubernetes/kubernetes/pull/112961)
++
++[Expose commit memory used in WindowsMemoryUsage struct](https://github.com/kubernetes/kubernetes/pull/119238)
++
++2、iSulad 底层暂不支持
++
++[Add mappings for volumes](https://github.com/kubernetes/kubernetes/pull/116377)
++
++[CRI: Add CDI device info for containers](https://github.com/kubernetes/kubernetes/pull/115891/)
++
++3、K8S KEP 初期，其它容器引擎未支持，iSulad暂不支持
++
++[kubelet: add support for broadcasting metrics from CRI](https://github.com/kubernetes/kubernetes/pull/113609)
++
++4、其它
++
++[Add user specified image to CRI ContainerConfig](https://github.com/kubernetes/kubernetes/pull/118652)
++
++[Add runtime handler field to ImageSpec struct](https://github.com/kubernetes/kubernetes/pull/121121)
++
++[cri-api: fix comment lines about PROPAGATION_PRIVATE](https://github.com/kubernetes/kubernetes/pull/115704)
++
++[Kubelet disk api cri update](https://github.com/kubernetes/kubernetes/pull/120914)
++
++### 详细设计
++
++#### Add swap stats to ContainerStats
++
++`ContainerStats`新增虚拟内存使用情况信息： `SwapUsage`
++
++```mermaid
++sequenceDiagram
++  participant kubelet
++  participant isulad
++  participant runc
++  participant cgroup
++
++  kubelet->>isulad:CRI request(ContainerStats)isulad->>isulad:container stats request
++  isulad->>runc:container create request(w/wo --sytemd-cgroup)
++  runc->>cgroup:read cgroup file
++  runc->>isulad:container stats info
++  isulad ->> kubelet:response
++```
++
++#### define reason to ContainerStatus
++
++container status中reason字段在cgroup out-of-memory时应该设置为OOMKilled
++
++```mermaid
++sequenceDiagram
++  participant kubelet
++  participant isulad
++  participant runc
++  participant cgroup
++
++  kubelet->>isulad:CRI request
++  alt CreateContainer&StartContainer
++    isulad->>runc:container create request(w memory limit set)
++    runc ->> cgroup:create cgroup path
++    isulad->>cgroup:monitor cgroup oom event
++    cgroup->>isulad:oom triggered
++  else ContainerStatus
++    isulad->>isulad:get container status
++  end
++  isulad ->> kubelet:response
++```
++
++#### kubelet: get cgroup driver config from CRI
++
++KEP：<https://github.com/kubernetes/enhancements/issues/4033>
++
++##### RuntimeConfig CRI API修改
++
++新增rpc，获取cgroup驱动配置: cgroupfs 或者 systemd-cgroup
++
++##### iSulad RuntimeConfig 设计
++
++仅提供对runc的支持
++
++配置文件daemon.json: systemd-cgroup: true表示使用systemd-cgroup否则使用cgroupfs
++
++在iSulad配置cgroup driver为systemd-cgroup时，底层runc采用对应的systemd-cgroup
++
++```mermaid
++sequenceDiagram
++  participant kubelet
++  participant isulad
++  participant runc
++  participant cgroup
++
++  kubelet->>isulad:CRI request
++  alt RuntimeConfig
++    isulad->>isulad:get cgroup driver from conf
++  else RunPodSandbox/CreateContainer
++    isulad->>isulad:get cgroup driver from conf
++    isulad->>runc:container create request(w/wo --sytemd-cgroup)
++    runc ->> cgroup:create cgroup path
++  end
++  isulad ->> kubelet:response
++```
++
++#### Add Support for Evented PLEG
++
++##### GetContainerEvents CRI API修改
++
++`GetContainerEvents` rpc接口此前尚未支持，此次提供对该接口的支持
++
++##### iSulad GetContainerEvents设计
++
++CRIContainerEvents 模块
++
++增加接口mailbox_publish
++
++事件包括沙箱和容器以下几种类型生命周期事件
++
++```proto
++enum ContainerEventType {
++    // Container created
++    CONTAINER_CREATED_EVENT = 0;
++
++    // Container started
++    CONTAINER_STARTED_EVENT = 1;
++
++    // Container stopped
++    CONTAINER_STOPPED_EVENT = 2;
++
++    // Container deleted
++    CONTAINER_DELETED_EVENT = 3;
++}
++```
++
++![](../../../images/cri_api_1.29_GetContainerEvents.svg)
++
++### 使用限制
++
++以上特性仅保证容器运行时设置为runc时支持。
+diff --git a/docs/images/cri_api_1.29_GetContainerEvents.svg b/docs/images/cri_api_1.29_GetContainerEvents.svg
+new file mode 100644
+index 00000000..be855b5b
+--- /dev/null
++++ b/docs/images/cri_api_1.29_GetContainerEvents.svg
+@@ -0,0 +1,8 @@
++<svg version="1.1" xmlns="http://www.w3.org/2000/svg" viewBox="0 0 711.9182835520442 573.5964413809206" width="711.9182835520442" height="573.5964413809206" filter="invert(93%) hue-rotate(180deg)" class="excalidraw-svg">
++  <!-- svg-source:excalidraw -->
++  
++  <defs>
++    <style class="style-fonts"> @font-face {font-display: swap;font-family: "Virgil";src: url("data:application/font-woff;charset=utf-8;base64,d09GMk9UVE8AAO9AAAkAAAABO1AAAO73AAMAAAAAAAAAAAAAAAAAAAAAAAAAAAAADYTJHQZgAIluATYCJAOQWAQGBY9lByBbpzpxQ1QZOitEWvl1ExHg7NqqxsS6RlCwSkciyuhqMfv//89KOsZwUAeGmJXV32EeijNbRUcYuVUTmWNvG5FWRBfkAW4YWVueXU6tq9d0pZufMcACcUzc7AmXTyBwYmw0WojBScItqLq853lRPMu/i21F/1VrveHFeyj+LdHE3AfsFiWacmNotmSIhpJesVGSFIFWJDgsMxNmRIsQQzGF4rvOX33MPtY+LeOF490dgR0G/l0zmGbP8ku9beGBOf2+EcKFm8Md59ESM5GZKYtFok/F14jmMBPlbsKEWTmjIcDMVCgM0RQv1VD4IZddn+x6g2Ff91p6BriTOHYqRgBPP/Z8O3Pn/WXBXUTBKoZoSbZg6N3qwPP/937uvc+bD5huHSziTSgio5mQNpAsr235cGq9P8/r5vc1H/KatrSSHj8fGwzDhavuia24cMyBvutkjYQtKFtwTcS1wVWcODY7KMSFOM69OS/+4fm59f7vRf5FsY0aMXLQQgsGrRwggmTYYCJVEmVBm4V5Z0ThidFYPeyrtRKEoeme3dvtgT6iOeJnlC8MsAKKT0UoFD469oV+l7DD8pn6lvkVc++0kSEfkCM0Vauqh+RnHNszHtYIqREKELpb3S0eAhMvIXmB7+tkb9/wpNO+5fOjmT/aU+6YYwu6wVlib1xrbGxcwNgduqmiNNOESimjUWmogISEAOOOe086XjvNccGlpjQnb8gjOY3Gyr1sLlmavf8vKSIJwtUoBiEBfY1jpaqrq1ET/z2/7f+/4/hmD/yU4cZxDvyseBGJ7/W9rVwMSlAkJUsk6hzqQCsqJVbd9NbifX/4r6pJ4LDfsD5vl0a3Nl1TSqk09SUxpviFT9KCpj3jFmScMz4t9f8VWXkadd4bSR35QqxNH33Ai5BewBI5hQAbQsZFe2nQZ84A787uLKHXduwYMHUawjI9wuP+7R+jZdW/WpL3hdof92mkcoac8YBwj3gJB7CB3aayqzgrsSIikYrAZYK2u3l6AJfgdm+OybOvB8+JTFAi4hU026JOz7fHCxQujUCxVVutY8Wgje+dK4CA+afpvl+9Nyecky85rLBnngvwxHEpBa9ATSI+MxnxjMcbadI6LaWIPXHlOeusTrrDBkAFCAzMc6UTOFEFKTY1Nm4GuAPasdAah4+DcVmNg/pfU5Nao+e7QykouG0KYR4ewkKQVmtP1n91ike6Kvt60/WySWeBpeOKr7QCg0hoKAwgPPOvqrl+UPI78CqVirROp/RhKm2YMy0C6CJQdAHdBNBOBOmKyGuC5AZe6X1LKQUflBN+2M7DB2VHoBs/KOcRvCZQfn6i0lsdM5Ypw5otoyCn0UlftixbMiaTk2XKy5Q1Y17G2zJOB7nKUm0/PkgM7J3K/X5azIxlS8eShkmeIYrIIuvN47j+8Xk5xmbzq/fd0AYlB/aifvZu/3or31eH2eCosZNM23gKUvMyo25K7fx8x2ZRqLM4/xxLbOST4x/7aOuym35y8olHctP4b8V/TX/YCP2p/1mult99+Gj0u488j59Q7/DTaWN4EkPx7itzRBhgghZ7XPAiQJAIcTLMtFCJKku1WqHHWlvsst9xLnKDYR4xwicQZ7tG+knSE5NnLF69LLqrR0X89vtHVudoGtiw59gDkletTr9hov04IcNsWAhCFGnUMYNrWMA6cqigBQoCbHTgQRhxDOMAjuIkzuIyzuAybuEuHmMEbxC773VEWIigqlrWqT4NbHCjmtiM5nd+y1vXlq5ob9d1c/f3eC93qA/7pk6NEihFn0Rmmnk61thin7O8wilOc4krXGeGedbYJEaSKhN6GOUQD/IKz/ACr/IW7/ERn/Il3/ITf/B1//9y0DjoHH5x+M2hIRCCxhEpTKlFmUZcYipGDGMmFmBNbIBtYYfYXewxq9h9hvn6/vr3thQeZ+KUArHScmqorznNakXbKqkpSqIM+SLlVlB9GtJ+HdUZXdZZXdGQ7uuZ3uizfnlBkASHEFk57pwrbnvKU17wunOuGjNrxbYj2+1zj/u92yM+4fO+5gu+7jt+6Od+40+uMZH/QTH0f6P/F2WjGegMdD6aieagxWg5WoU2oG0oH5WhWgfrEB2GI+UoOOqOGcc5+Rat6/9k/8+mUCCeJiIC5sZapHx9QEX2IMLTPuIbQjZoyoY9XgDCc1CSUcEfzRVFJcPJ4YfarTTXnEEp9Fll4bmCyF6huXD0c2NkyBrUclqFDS0fCcldmnBxq5ZzUdjQ0hBhra3noZkdrY2QIXdtwDXbzuJpombNK3hcpdld/aaHaGW4yOQ0Uq2KuSpqqHgkIlXMSxG5hZWvipLO5Yja+dGe2Ec0Xl7hJVeLriry+vKRHMnapHSSWh3Na/r0xosnKF8vBiOnHHm02DmrmKh7JKa/6Kx4A1EGB5L5gPZja3EC36Px8gVmpEMfpVo7eKal3dCDQk3OQWrtEfywxsP7kXKdc+xllnS10CSorh6UNHRFJNThKpI3Uj12NefH5EBdrYWSRruZkfa+i7mL+aR7b+irdu+/Svdr602Xpz3AJtUl38juYpi/pk0HYWKZtRHy//WcNGHEROmgcepGC9vOyzGRY1+qfJxX8Ka4G2gxbNKvLqrqBjSlQRMYHTrDDGsYBjAs71XrIXW0LYetKxhHqGHoNTTSyi1NsvSW9pYPZAY4gkxWtrU0z9vbRMU08fOJQxc+Syy+gtk9G54gA+xj+zrZX5Y0rjZrdBmGy68X/sBnzCF5AdMtKp4mqPbyQez0lZGifaq47Tf7SIZExoiy9kkO2JjFGs8VnQMdK9nMR0/nKEUbGADCEcjocG6DUGjz+CoAhQFwBBIDEwuFxo4bN+++CUBhAAhHIDEwsVBobBxhCwAAwIcDAomBiYVCY+OISUAQBH0SBIEgCIIgCIKgcvQdCMIRSAy0MCC+M6Y5BcVI/gkYkMn8sRZzoj6jjymGesj9+I2a22/ocz8NNPA2C+fgZtOvbe7ZbLKKuW1NchzK6mJ1Pf/1IF9PGNzuWk+fWr5AJLsGbXx6WqXtz7Sw5sK/2TRigdQEnKWCSwHOJDBxwFWcy/MuPpBExwGTydS++B38ygHYhoswSGJKao0cwRU+cxa87AMKDql645JDKYO+5m4QVzcJ3y7stzuYTaZTHAbNHXHpPfKmuHugSHKiUk/ZPC/TXrC0xqt/dsGQ57sgXd3hs/6nDbLRY/DknG/yxVziZVz+ldwy0Iy6cNfv9o1UVPeO7SRI/Eej3M5tWU/0ydP7mv8W+vb7QPcr3ytNdXF9bro22Y7bj7Zf+/5e7C/73n67/xrB1Iy9URj6uDPOjzvj1fgeZsnDRCrKMR3LsR2VaAcbarhhDXcEIhLDcSROx6U4E5fjZgzHoxiJt3PJ9GZwpV151l4c+73B+fGXExniT6JM1AELXkAM6XgMP5YTZEIWvN+8x96yP86/HmkfeR30BDeCq6FruBPGwn1qRw26oBG6Ql8N9qqpBupSDaqaqtbOeqAPtE9H9a6ua4yag2bZtBiT0RqTSZtKYzeKbdmu2Fors26rtyFbtJX2mzudd3CO+7zBVdzBKraziKWsZzf7OcUPuIzfccG8beSYgWdMypiWsTBjeUZ2xraMHRl1GW0ZwgxVhjlDyrAzchn1jJlUWRX48WpiZWxuhR6qmw57kBDolGzsgvY89rhb7XvJzwQfY4+20SX4OtWreKpuSFaXlECpiOVamcv4JA4/x8nKhM2qKCxtMjn4oyulp5+2+DzPxYtYzPSoPf9Yvlvd4vcuYU3142xsRkmAfbwfK6ODt6039/4JpW8VEqlHIZIunBL+6JmzfHyE3o3mF33fTPtyd+kt8NrwT5yY3tXcECqX0RZRjsN416y3bBO8IjDJcPLMjeX3UFc4USotsEQLOQvWwDz+tuofrKKIxg39EBCg4K6oeW4pSCLqm7ih+kAy7/Fydux5Ldh5nZZU05IuqzLvripqXcA6pZ2RPKH/d7Vhy+50yl+yFh/UIyLAjn8fv/fx2Z7SNsWc2qzj/U7z+cFG30qoPh7Z5qC3Ze5YhCSBZYH04b4xhJmKKLbQSuzNojJnYgVKYcrTV4jLFCCbX7QrsD8wOFpEHcVC6m7/T4/rDbOCMYvv9JxgP8P+5bnnhxblt29k79MERhrZfpNruPWEn9zyaWm9D6Yhlysalgwi4BGLoGwXLltLytTuk/Fts6n1vh2+DbWgbnrIDLRawWQ8nikM/EuPyg9/viTjuTpg3B1Y+hDUoC9ieivGQlh0cicgzznLfcQVZ3dVKCuRSmjBAmXfyhNu9pTGGImlCL53o0K42CnEDXXqbCl182f/Bf89gv5vwu2e7vJ4iWYg3CGwkKTThtD0GoseIwAWO58TjMhWCDTwf4n/MWnupK2x/YCzIig48kILRHftWSKYgi+uRo3xYmrCurpHP+wg/v01/53uutoVJiUQVDulJgTOfnkrR0ZI1k1tENAMdR8iv1SLeO3Yf8I/i8/b9WdwvtwVMZlpeDIIzYdmpyAtzZMJSHtCcxcsWTFrteeNzqfiMmfScU8kIho1b78owsx+mq4uQutyR6w+9Yo3PmDBKfNIugWybM4TIVcd0CWURQ0Sc9kHMwiRyovyick6zb2ikU77TH+AKiu2Gf+Ahqq76ShpCk2KlUBjcPCK11f9dj+F7vSs8H0W2JSabHDxn24YNFev43yHqeq6XfE4R3rTOnZgFh8dEP9Q12qAHDk022XQ1pUSyjS/MSNipVuDYUYp0cM2GyEIDULG3HlLVE2Auyq87HOQvZquGjVgYq9KECHaIH0yk/2vr37SWfBV8B39wF8uFIxNfTsoDBvADTTNVVQ7OCrfY6L0G9yaU8aGZUKY7KcewrBtVffi6ub8GXxbdpI97b8hBoFQUgYJ00i0awM2XFgyVBGcFpXLAuR+2yS9JkI/gib26ZWf37eeNzxCOI7hrUwsKtpDVjRC3jQBB+N9CokJWXc0xw4tO43puOVMxB3S5XQnpNSwKH7otNIEjQiM4uWWjq3nF5hOi5K7xSdq3G9gYjUCzpPda9tRcOW32Y1gO7B4VKSrcYl2suSDeHI+STDgD5mdKorFl+SBLm5wuaWCyjmlZRMIsqBi5kErzkGOJ4nBBsasiHSBSPGEh2GWK1XRkbr0idAO/blDD3UvNXmqJJmxpciGbqkJFkRNIUlDf+tr0yuVBmbNePeTRpvLyLH+s3osJPvlgTLqh3bYTHbiV3M6AGRNwjDRIuSterpZLzTWgcuy62rHrJUFzGaxIq+ArjzfVthhOorC0AiCppSU1uIeWScjvuX2saqaGLe8Fh3SttzX2jZ4L/t29aumKWwl4SBuLsVe6wvvnzl7f2Fj60x2nQvYoDXgEEtrWEGMMhekBIg0R6qwt5tu7aJsxFY80wzcmiOQL9SbhS37pegG7yUM0NERxJnuG9BGqdPXDMtrch5+Nbp6qOhNVG7d8BXcqZcV5coyFjc48CSzVlnjgNh2I9tCF1i0cmNaz0tWcdOWmnZQokq6pKW7cjrIj6FvBr7l+gH1AYTeF4etWFaoxef12lP4cFlvw7p8amqeUgDZqPYsC1MlUuNK8Mrdazc29gBZsdmRjPBrIuC6r/YdOIIzHVFYFJYrS6tbwdJCTvZNziE5kR7IqdUadOyGS3ESUHqK7/9NM3cbbyjUVkSsAOtQcaUIuezfbaVYT2V/XL5KOV9TQ9fG3WezS8MLr2cJBkVOfn9tH754Wao4QR+eb7wYvd2+107VAeA12lEZIBOssvLIFFCpkDpjRTY7Ovv0+7XIpQne3FTbfpFkF4sx2A8e2b/y6YM3OW4SCexYtGl0iDncNe3uxpa942A1SXQP5Cf61mjfYINvow1RZVm/4BbL9Xyj+fTag1N1gDdXtRHSP7w5j1qrmZ5xB3ApbsCAIKQ4zRDLkDfbE3FVSPJxnsxGk+P9wytWacTijZsSdBKq2ytb/prJ+O2mCchsWw3g0mDn9m7b4DN2d5seOaA066UNdPbUzuH6nQfXAunVgqo2ekuBJiumUfT9cxcjX6hdfdEzvjRfml7aBmEgqFVDoUAjb8kGGy6WB4uKKOG8vup5eFWweTsT9ItV3gQCp1IF8dX6Ok5ox9gPGraY2+n1iq7ZkiVZ5Dm9YDs7FyRqz+xpVVUolMUgZ/h2DpOmplbsrFN3TFtxNEArmqxBPWcSCxlJGisugPhwyHi/GDsfHF06QQKjxAP8pKgompEleE9YZHz32WddH0hyGDqskcSu9dgEuaqpMCjrBRHiIZeQsMiKnimZr0syQ+0SvxE9AFhxhQTs/AE/sanpzViT/b1wMD7ZvX1rBxCO8WcNLUCqHPuaarv1pOIBIHGalH2hk4EPA4jG3RO5MbMxXOhX7kx99f2ds1Vs7czum7f7DmvB5YZGY71ArWtIxnOaBSRdxAprUkE9EkEqH4Y6kuSWwazEblObCGPKRPDEqNqV1ZqTdw0xlgornRgwgOezRgQpEMGwA4+rQo3NbYvbG1gBuLaPrA9GzVMv9HbRsnav4EhDT3mZOlKNK+/e+Fx1s1pz/M9+UXf4Ja1DUcdd6aYJ8L++VzqQssWypCkghOsGqraGxEuQ2mgxXrGzpnFHzPRhhCT4J3DIYv5KjPnM8J3hYgyJRUFRERCiihSmv6uN1bjpzcsbV/NL2xfqs00vXq6mMiCiD4gbnSqNoxUtBqPV1/g+LIxqtIXWiofbm1thsPl6Tpp+Np3aKwM27ZYdKGpYoyiRVXwlWj4WDsx7Sn4iIWHC0NlwyGTXXr6wn4uzjyhq6JJ29+I1ABL4ss3q49ZkuZsSPlHwQmoZbRecMh/egNGDZJQi3KCtimV30adH2/PUB1KNGxptAPUUU7ajIqzWOquk8wrlY3tfbHumeo8VEOyryY9PbkV+J1BKHY2KWtbXAMeel6CQTZtybf3V627dbiPd71q46Ddo1HO0RRCRHyo+zBQ6YTv23devSKVABnQx4MJ/5Tlb/kCNO2giJf1rDycrANLWTQHC9x/Z272Dh6XbUfmlokgarA96u5NbV5DMzZEIEqnHX51L1IoVK7ndbzlCfP0n1UX1AtgGWfbL81d6m/JpVqBUQQS48gdViQ3PSvZD+VA4KO8s3VKOzdv7/ejA1bbLR/zvRoPib+DjXfcMJQd2I+MnyDoe/DePZDoN1QCCWscaqmlTQKd1AtMAB7bbbXfVsTEmNmOQ5EIvYqiRay296XeXArEJZJYnNeiPqoaL4seQk549GuJ/GTLKLduXFx+/SCHfYgMfIXRFrLHzo25iixS8ZaBbAuc7Cett9j01p1gzBodStOCUNZCCwIubdyN/utMxWO14HRr2m54XGI7nOpR6FsVAzvk0gLiVrFY4QZKKQSnXCC1RAq4xJbwHvP8Nyy0kkV7GC9pOVkK5M6vCwqa0z74TqahlwTSNmZKWbEHNZ6K6hPrG5FaXGRswXApnlnYWSWn6diVOZ79nOvEtn+Ox0RQ6xrJqA1cxLbjQJHiEZXWqYnb54dX2zEoxAQcYyxtX5JSdZTobF3KdImDFfgmUvYKII2bqGld+gzJ1Sapw1KJKJmbE8qJDxZTF08osFb/EMhMWs+mPDlXMCwmssLjEqUIZM9Ut8a2YS5QME1arzFoJ5lck07VmWSrXpid4zLMi0ww0pN7udPnlN1/hvUYAl62L039i1+t4moKRhtpjPKdhhJMXOPL0MpLpz0T2r4vrH581ODlaJd/z5uxALVOmys4gc4g4tnkm0yt9Yk0AMSu0KvP62glaZpuc/2JzG9suZErr5XUgDRhB1PifHrq0pvMFWDgK+c4wj14B5Om3O0g/F3lco3RR/aQgWEeRUE/slB77cjCLjTzqvCmGSrPM1EwiJDTNyALmpLmIgGrQ2pXdTLbk7vLBQQvjmUcktrqu72KCXYVU0+t1lYKg/gArCHwpVrmaQL0yckjHi1APcQhyykKTXX9tS/qqYwCZr16RoNHrtq9ceWLl/S0rn7jmlkW/waImOdjpXOn4bKbQpUscuG9fGb+xzmZMxYR6klAHLRZ/qJA2mjDlf+3hX0OMsUSsPQVhOPHsYmjyqGpQD4YJCCSMPCQv2q5IGDmI31OLvrQ01dvWVIanBA+Njw15M/XUSGnW/6I+tzKLo9Fj1+xXGPPUprENKxNidYwuiSiZbFutTvZlMVs5l9sqMQaR8LGJZeJUV3OWPWBkUfftVXC87aB2G39YDFYflLVYi5pIQDDNFBxKBlE1ZOZrWzjmgpJnu0o0AaR6neXUqQkJ19loSiYKkfHMwYnKfhMEUXOx02VkOGu+xrm6x6OvNc+9DajfWqqbU5OzpSUNwPN1zKNjWoHzF6kuw+EcRTkak/k0VudILpcSJXaPdFg+zHgJuWznOoTERhyYB5y6SCPWjrpkd39NaLQajfWd/uHWHoASlSRGba2322QquVondGQV20ZoNwLfO7l751szicl4a26KyEdv7bSPATtgJwUb6GRJtSGKRl4JhcO8qCVFZmPBKUkck2FO76rN17PktdM99RuLxKbn5gs3J3FHSuk4aqAk1ZACcNFGkJFaYxvBhvVyQ90LPqguF7fHJZ1+zh76WuBJPmLUuJoaNjBbPhdW4Abx+f51GmgAZIOYVBBv8i7WgQIt4w0bU4yN8UMzmMxcimVAllVR70rk+mJb1x1wRcsWr6SuCegtXmcFbZXI4pazvJwVljqqZGiqagmkGOQkoc5QGbD5S1rE/m9oYZeVhKXYlyqQFwoul/d5Nrp6SiKVmlThv1KiIog52ffqXvnT3xxQlwGT9OGGu9bWtn0+Dyqyyk9G51mb7sw/akWV73//dJNdcvmSQDNd/m6qUZ9XHRhWK0kRVetydUlKiYgFYr/8kEnFR2xXNiI/QK9CACmZ/+YXnf3LiOjMsS8ZnEgG63G1TZsNvzeGc4oeqmGeBLxogCYm2XWeAfNvJLvNO5S/onTtM7bnt9NTY6Rds26C4bbw/urcKix4S9t5hWLznuKpgW+FhAY3TMCEqVDWsJqeaX7XIyBw19HqWn68/u5qx/PVytZMTO8CGZaKfXMnuNX8WinQ8dW260lAKBdV2DWmsePLDauxHGxbE4d0lFBYwuzTG/gjJBPBQ0io/Z12b2eodtoTARgDpdIxSo5+/4l7YUDGSCgX6ha4JVZg4upSBZBjXQOimGEU1DcuUqbPWXsd/MczAA48M4B+0gpp9TEqiOV2NFhVIct11HPA3pfGoCQu+SIU8A0mREVOuSKXZNJys9d6O5kBWbq07svP1xb5aq4qn/nEGlSDh+O2g28bS6CG2abuNYKw7PjKDbQPhnlDt3AYZMLk87dDwAMyto8/2B+x8bvNlNB3R4DT6MZHUtVtlAr3xh0mpQ7aKnJAJSshCpAgdz2uiiAG/rD99o/XUODaTWr5BKoOdiMZ1Y0vug2o1ShyFVF2MZQNMMf84E66z0huVdwVpZcJeHZLG3DV0RwtJ1H6bzdWnZ87BkUEktYTxVcdByuZp1u352nwaA64cpHGX1aA2Pm3jjxjy9gGCbqilSAW9cM8wslgTjApO7u5Dfenl6eYOWrGoMI2wYTCoLyj7iub/VcZdDk6C4sywsci7sbhk8hs18B+32UvzeL7EfPPThkDuoYxqaeNzWhT9pdGnXHObIsHEEhWEMWpZYT7RoYhiGVN4sKs3B466Q88G8K/PDkP9IkN7Iz1rzCAmf77F10WCEy+W1mHfweg8htltqr2EqKSSNuco1kxc6ksA19TpZGFKQrTCvpJwff+YqgZbvttM8tTT5c0rLFVibKgWXl9dQLDI5NSoWLG85xuYziabFhAzljEhIlcrewjQnPG2JIPdCPjGA09JQRnNgLtVExzqGGWC3q32rimghfAFmMmuxwCFtd6EhrP7n49Pikn+aZp86ouacvA1mn3IePGfB5gDn3vkOwjCdNwINloGRy2xsRY2mQHAoyRCV2DVxhW5eUmnJwyej6yx6xUC4AFeVUyJfzK1gSvclTCoA8QxHkuhm18w3WELQ26hn0kcLfuCMexDQkAqbLKQ0aa4sHhljGG4RerELEjFJ+H9wGSr0eBevkxnn9Yj+AAEBlFqaAH6TGe5BUJUrcxwkWEAT4uJRw6HLZjXYjFmShkWEliKEhru1wMFQCNOrbRFVcPSBt1Aqe/GuP0BfzzGz9cW3I+s3JH6d7zPNHtRqA9bJS4IkTpohqK7cI6qzTpkji3uiYyGhZTZXFVE3ukSre9cPlO7S0ip6Bh7JQaNYUOwXblfCEELP1CJYAPUlOVjV22Q3ttPSpzFb4McMBEtXLzVyjNsgKRczcssaTDEjBDutnTgaqiTweDrT8SZi+58DlOCJA4XNTg6pG3U/rroamj7WTT52noPBolRUWR0KhujBe20ZBi/F4jVCOhWJwwKeXeqiF7lu/lHJE1eS3Fgno3UW1k+1QXR85btD3d3fid4lJjHUo3/rYpFQj5gWawRvTge6osbDe2V7rAwld3NSiXRX4eSTWdOV7Ob2nz9QKO9coZJknLzPQ6e/Jt+VZ4Mt1paA0aQ+thM1FdlCP1gXeqa7C620j7KLPb3JG2iqcmK8GUhSfWUbuXEtFXMZXtSe1Z4xlrg/nFGcjYOAWV63RehdtXnTvwHDIGuUElACLra3wCP9kk8z6Kp+485PnsZb+/93UWFVKh32aqSlfTEFNvkIBF4hRgVPUdi4tcKSxQDROKmCafwvL+3tp9tB7gt9AuTstW7Sf33LtyyzO4hcy2GMQ4HlBH3PWx/GOYBBg6pAoCzzBh+wGv0xsrLcud0OmyRYgILA719aT4ChbQnzhreVORUK1hc2QgKVp5pL8dMgHUrY2l5sZyFTOYl0Ie3AKZEO/arV6ApISCJVZEp2ShrijMQSgQTlGz9Ugrm2pkBKqe0ibpmTOQh/rAHv43T2BXA3BtpQT20woXrkiKQLjapGZ7h4vfq1XxZVLDHWtO2+bnFdWc4i8PrmBwRK1beJqSkhdouYDTZVGSrLkdCcwjdqTN9Ne9LNbR39Pzd4rTalZ93HbVhLdXXCCRZVqCgaAr8Gj87tPL7j3n7G9njhWADt4REmjnqRoioDdkDTLdubxDL66vjczXBWQu5CDUuenOC8ThncfkIbtmnAze4Cknur452dvk7onBc28W1MBtfGGvALu64uQCktJsnRNQHztGC4oC8VS1egptGIEFYKWtUI0AhPxo1jBcxcFaEp+t5ZUtEbD9N1IWtncO9q4hTrnohxYZcT1vNB3L5gxTN9tEM7meAeUFsOfSEBcB1tYFzCW0oOLCSvJiuKrd7NS6xIm6O/wtfvYGmRkRmJ6hTbcPrV96dZKYc0uxRmqTod/YN1QnUYBQWZV30MiB71ndge0w0Xx02zV7k1tlVu8PnhVE2BQEaXppK1/ZeMwaq2H9yW2jO5kVAjeIOQT+/dMN+LKlBy5ITd6ND6GVkyUH1cn9l0p1t/C0VvcJqUhZXU5qo/0JIKKDVEucSEAUUmwEouWEXvoJNWkLHblbNbhmvkXKnKyVmaxl+irxlHkwL/5Ra5I9SgxJVTBQwMcrFwu1tfhmdkFyAQSgwNckiY0Rl64mycf2XBdaxDnwBMstw5oUfzL21uQzxDz3RzFe8C1Mzaaqzi4Zh7UjbSzv1cbSQZQhONLcDC/ev/rS5iHAw5nPly+VltPTfd2eU7+qmzN5wlkJo6boBQ0yCh8oXmKKtEACgJtluJp6ALTs2NRoia7QexrLVMRfjfgkEFUqJmHYye/+FBiF7+HvZiIxE+IYVmdEJUI2HdQDDFyz1g8Z3yjfb5NpU4wr89e8J0aYqZCzVD1CY204dedr+ZHwA3nr3NjNrgs3e42TyL+kKQnl7yaf1wD+jxs3TCvVV1rHrbdjPpCNr9wSoULmayuo1SpVxEr1WkYulKtpEAt0bw7Hu4mSZkGtVhIqiLGUikkCcBAAcijrypeONwGX9CUfWlmqmUhN1zXFvviwT8YbCvtLxD3UHczdsNP5nHTQVGI/JR2+t0U7JK0P5LTmTAONui5V9bSYqPqsW6fzUlGcxfUq4IQyFqaxDSNnZi9TJQNrFMQgLI3JJoR78LIpAFfQe8H8NgFSaHZPhjiWRkW09lBpfpXIt4Gx/BH8ouFFgpmqEdCqrzRly+h5gK5+fVQAX6JqVtWopemdzmFeg0jjeBvZice2UQGpMHlDy2mBM91p0soCroBx1/GyD4tOEsKoFHT7ndb0n3iHBclEgKorBFnGKUFWMEzGd9xpIFOV4sTu+q6vH108hVZa1xwrwxOfZBVqPOVBm28UF7/OGhEQq7OKAZhmjNNcE+hyQTGEZTdRdZT1hul0ZzWEX3bNlsk7GdfaTeiWevtnKtqfMOVk1tegShNkeVSCRADUxkJMZlILhLjULCWm7Xl5ycQdqVJylBWKGpQRQvWGHBQH0bA2BLh3lzx1iAGLGksqHCV0bDyP0tzXVOUs3izGtqJIkq1NU70al0hAq+uiATV/cRFplJfYqQkspiM7UPViNi3jWxLH3z/JBY9ZuzfnIJFlu4uzTHYuY9ulEtHp5wS9QlvNZykyhU3FUrzVSjCNuRKm4rDMre2zU93UGNwL6RmwiyHvdrRl+bFONeLAdUsNvRUnTtXp/6mdEZrhQk8ypNZtbJYfS+mJ7TmOLQTYE43poPYIKwi//Qino7vU69FW3xQKX6mieISp2kuwQ8hwKOuRoRcfYcbSFzpdnVdPiNe4JHOgdMFTsco7JUmeJr9GX4pwBzsT+VMH3cF7JZoApHN8GUTX8mlDdsXuUj/tTm9ctLy9XEoYrUnanfZ1OvSVh2GrhngG7h2b22A8MMjgOB7bvhyRiFOuALGSfH9Fd1+DySdEwIph4gg9j4yBh/gIzpdNp8S/QXy07fKAqQpu/dOuGm1hZdocSc5cThCbiapoAv6jjzFDot/8ocOukugMCyVJPDrJtAopaTE4eaC+igv68rTrlyDpI/UFnyK0oBbUpttnn9b/mMxvM5kUNSWAmYENQVUB0A5kArSLFgF+v1Iq0AuUARuBOiAbdB1YAxQDfUAnsBrYACwGHQCzgAqgA2gE5gHdwCpgAFgIbAU2BWwHtgDbgG+CHWCQ2XlgP7PnwEpwABxiDgYcZv4D1oOl4ARzNHASdDHtwHnmjOAiOAcuME3AJXCNuRy4FX49sA4YAsPMbcFd5g6gB7SCR8z9wGPQr/0E6Mbv1Ay6+wnqFd4CevABGsLbQG+/gCPm7wEd/gCngH71h9OAp0D/3n8oAqoVXhJQDlSZXAJUgnerTQdqAF+ABMxVeBZQCBSAOcw7wFv35gfkBN4ErADfPLAWfOcbRAcgUAhoMFjobQdeXB7mKJfzlL+39BHAl+uXXvl/so5N/2RJKH9Sj7U5/fmhxseQzubqP3GyV3+yNnYcHb818XdREE6URRU0WPiFd/AeFsudUi8d0iU9clrOeDmvwh/o5/j3I+uDlACCuSAn/MtJnGbQK5KQllx0mWyGALVe/0NHdV5P6S3mr2ab+WTKzRv7k31i7dbLI3zgMT0qi2XGJmM/4qcTH02OJJk8mxxv7pOxZi5nVO+uXE++5Fv+Yx5b48U9xfcOczlXcPvO4MKlT5b+tQ+tuuv31P/sfKK5o+ltzbT/2rZ2/tWxdnO9W72S/o/9N5O/Tm6fLE0+TSV+8sNbXT16oe9i+pq/1lSu2V0rvLzm8quXT1xJy36Q8+DUZC7kKtf+3wTt3+9u8Jn+3Y2/nf3vQ3mz6dxffR1zIOSnYSML3sXCxcriT27//tLS8v/Ie5LPW21f/bWCduFHC+8WLhedXv89qlOx70Z3YzzaWNKxZPPmNyX/714rdS/tVPpqx8mMNptWbsr+FKedkpVby/m5k3l2ZbvKPpXh+ZdVn6iaVRAKSSFYeJ1wi/OFmlY1FyqFlX+te6L6/1M718+snaSNq7fqUuOPmz7YdKn1VvOXrFNtmL0QE7C72H5sPKdJ6yLiibarbQvtR9v7tP9DZkmW9Mkf8ydSN6ljtID+GS7VVeYxeC15vXhDuC2O5Eyuw33H/wX/C4KHBFHwBYfwSsgV6/t90ZD8jPxnknsURvk36eelRWpDlbVPyWq0P5V/Ux7X/2ZRT0WvsW7cNd5R/F8JytnK5UqbmZhr1suWaF232tahdU9VUq2orhW9J//ZTd2+2cZKRJ1qsiurIt89p76Ke843onpSvvxW/hFv4V/zNaJGxERCpIkMkSV5sn04J5nLOXN/cN58M77FhFwvs/VRpThMfU28hHnkBZWKr54RT6h3tX8vLZNeN/8snzE+biwZP2h+2XzTes76Bf1LesLJGDONa+af3H+2Br2u98D+tX8nmA+3w990RuJ/m5qXWpDKia/Hf5w+mv6lx8n9X1ea6unfujvZd2XLLaXdbnfb/fawPW5POjc6XEfoSJ2d7i91Z3vfVXq6PFeBDctGh6O36k+vbU6+0Jzf3LP+S+uP1rsba6eg81dTxVsT7i+5X7j/5+nxaDxaD7WzsPslb937ZW/K96Ozl2aUfmHgSOB/ULBUH7pywo/8Yu2X80+iumggmr9Tv2uIfyauENNH7xEqkRJbxJ+RWEG+YFCwST5PJol/UVgvfEg8SFSTv02+k/rctavUakpIM9fv03/Oo6irWTH3H4s+5HZz+7n7+W/dXimyd36VXOX5yn+8/302NfeT6t99+Hn+9/N7Cx97Ip8WycyaeM32n5fm6OW6L8pJ77/t1m/ojXI4q7U/EMXqXibzWQOct33KO7p78qQWcK2sTGv+kkDXjNWp2M49I1Q6L/q2WHP2BWDFnVwzBqFVqTVW48phjWgW1QgAq2uyBhveX4cDCDiwzY8u4tMErObflbyTvAPyR09/8Vrtj228o58s7AB/nZZNdnyWpFfGOpHuAfL1l505dxgxrAWyDzLMOTeGYxpvdRXF6aVDVqrJGoBWyAWyvl7CNcAdbjReNhsNNjaI79ewimqdXvT1XIQQYG6A9LGwTo9MAmeLkxvgZkmGleW0z8L4QB4biCACM6Q6Nwwi7OqW2+6F7+lOABJYISyTmeKVOsaMDKH829PqIqiLLw7X2FLIcZsqmBjpU8aYsnaVU9rmU2b++BFIPTHEGGm6HegMNZ4tcybgY4uhCgmKaDXkzOC76dpWsK5sS4DmV3nIm/OcndbuBmHXfJJvsTD+sdRuKFZ2T222Pgk0olNlHwdc6GaACrecfCB0VwvmHD5TsaSkXlNAr3mngRIfgBxbDY9VVFEFpwHK7VYqVwELH0G33Wss5cPV1bCslXILKfg2kHP+5RrUnzUSh50HK+9mhw+RztN6hTnR/xx32e/84W71GRAWuNBih/zhvlsGCENv0CWHUFbKHqtMJRP0DHYmvU23MNgfPIPzSIB66UhwB4TY6wYiwMKof9r1UcqjlqO+UvNJebyXL9okq0QcOxkmOrHV0NzS7zgb3ckuv976+mx7Y3LTnPnCfrNBJCWLbgHtXWurUmpJdvGoMwoqk+sm+BEgOUqR8UW62ZzHXHreFSGOx14FDUX7mkCJV7Nn0dVPNN/mu3d7xD7XEzdse8+Wzfjc37VU5IZ4LMe7kiuCMRhfJ17Q5pJA4mriTy9/nV5OQLhf20HsYMeyAzf19y6ZmcJig9+S6m8UNlRAndgQN+DZ05p5gshG6UbPSKFmKoKGvl2rA/fIHzQtcaKNkkSgCpWwBEaRe4I9m0dz/naSkFW/pwPUTGHwvETmjRclZYYI5U3VYsUcT8Q9XNxziuUgIGikhWj8/AIafZRmBY0jM7GUnbmFLFBkP5r6QLWpAdb272zUNGoBTDNqR3eN4RaowxPBagWjUW1Rcch/v7zyUuNtMhs23/gIkMQfsdI4V+a80am/guRmhiA/+R1MghTO3rpSA4EMWng7xLo+Y0MGC68IMN/7WpLVtlIHgT7t98OjKDb2GhTI4MyGe0s91U8bi+EWAX2ShzuIgKc4roCd7Mz33B7K+3X3PWnvXZu1EDjwb7N8QIvLJtjNUItzFCpqGs5IBcCC9itFn9xmXf4/dIhriZBnqyUZ1pFzGkHh1yudZljbjoBWtUMkXOaEX7xdbErxhW9KFBMPjPEyJ7HziGbku9OpneY97bc2JDJDIapthguGa/1MpaP+4q+szFdH5Op3URYsmnPCFAns1NnkU3GkZ09orWn62jd3Lu72nlLxexunYJG1Ya8AuDOBmsAZlKb4/XkH5Xpla0DjDlGIHJYzgkgUrKTZ74x0Kd61xe7T0lZrdvkrD3U59jYXwxBxrFCQIKJg9OMIyYq8+ilkjKGQk6lgVrxzpGDX1Sha1RJdSeo6jiKtrTbBO9oz/FZp3VAju6YpQBpSqYoSuhJgX+8vamqDCxuq3Aa8TChmHDlW/Youh4ZKXDf1lZhMVid1UuHblWYO0EHxUEIfIzZGHMoGdK9ay//aOOlXV4sikKS6wvapZIvQAU9hCQ5I5NyQkSWnpIo0tlaMxK5ZFVdtk3bYIoC4fJFzmvdNv9gpmmwt+dG/EdyAIpAFWqNSks3wOXndgtrphouiZyv3FAuQx31ihYZwBAvZMDSRVFm17TQTH/P/WHSwKtenDHx1uxjtpw6rVmEZ6ZUpPz9TRfahB/1nKNgXb+5ijOxxmdQGTwFtqiLtw7QoiRoC9fzx5xkXvEwt3EY6bKk0J20cyD6NVWjQlzEbBqtIfp3gmBgtwwvvaHv2qzDjxPTH3ITZWDUBpKukCof8jlRCyaAuyiJx+Lys5+vxdq0EXOSEWfW68pSK9UefUzldBRweqbbr8wMxwoBsnE733ZEKZkBOWKuktOnFjh+pUS1Y9g2jotCE08QyTwDdhrM21PkrQwq6GzGrk5RQkMRXUxGAwkogvxpfw86oxs00akFFXmWXXMUfqHhMRO15Rr/TPzXHsDfA6bN+XMFHmvXa683j6P1xLxiLyb4os9qZ01fSVCpjTriaUQj1chJ8+gmzMxT8Dake7+S+C9EbQjILkBE/bDlakqLfbu2v7gABfwBPTy2Zaf83aFabWmtZmf4ddn6M79SPrpbdU1GqSYnovxh+/gRbAib0/300uO+LdzdhW6vvXEZWi6qiGYRRVhoB94lK9b90rkT99iZQHjZ2K3PW86SXaE7bG8cuMMdG+gAu7135ygfo+hZxZDprXeEzeeufat9iVH+48h2ZNdkXj9K5Ao/W7n+jnXz9f7CmxDivEBeENMmyWUkXMBvNOJILtTShNjKyTlsKARilp8Z7FwgJBwesZEEOMYW6TRjUoYW8KWFWoGs4YanKfPYmWrdl9UkKB5TYXunDiVO+ZSKIKaoMMbvKo6bxjAuoI37cXIKhmt5P6Q9qMWL6iyOoAawnxEN6nV06fP8mQKfuCwOYKGCSopywHvvJcBJSb+OxRA3427Z/+Lzp2kXNNRO7thsKgX707IBog2dnyO6M/8PfLged30mDZafp5iYwA1eHTejpTeIraIVX87JfEWS3DYKgSm5K3d2OomhGDMgL9mGtQazxO+u810A4e1eqzq9+qe4OXz8QevXVkSPmcoXE62UxX90GFjFqfrg0li9ve2NoZ2XBQn58TAj1+BARufLyUqCKgEBIBLFTjx17Sm+a+CP8wcC1mnI6IaaVWHd9cHwsvk7PPx+qHeZ3Xtrczo+pQLABWjPv2OK3TVk5kaP/sX576na9XV0v1SOVU6vWqmDskY6cGpmhU4fmAXQKihyg1qms+B4ChJwrDZrLX/M1maLaLYacT+p7w8rveoc1rzNPOYmHpdMLRbIqMxogW16Ka7B+5/71L6L92VKnqDGlPi/jwHUvh3NaW7PN/APqrOrYEmAZcGj5ch5qgD6eiyTW/fHLiiY1JQ2DibypqaxqOqnD0FOloD8BDbXjjFhJ7lGNgtTgYYyoyuqaEb/ypl5pUpLECwWPdLPrBM+p7Fwq8FMvfcG3spNUq5IC2B7egfTBC0kTdnX3hxcQaSzbjjsXf/+Gloz27t4e7eoxF67aDBFqyvKVKxN9bdUtK99p8tUR1xIey7oAoEJH15ne3/y4BvnZoTNW6finnjU7vVvRo0zoVv9ucpd8dSAK3pr03AdPdt1KK6X/RMa1PVu2sE5TfNPo+68rGiAr/sCE/7LYQby4OOHH0AVfjzOwLg8YaVxtzPlyLGBaEEoTTPe5tA7r64a7zyMNze6ZMIRJgb8MBPZ8AZLDFVUSl6fixvWZhMF0RwdcMZZimKmqaoruhl/Hv5v2K3Z1eOUw713+Sr3UpEvn0ltUS89vAb0HP7wKu1X1+X1O9drnwsBSugt3LDV+GBXImeTD0bJeQTm1oOB1UhbFWFmH3MWPELhx/wuz+btnP6uoW5fZhY3o3uzeY6ulYeA2PX2rAIWi2F9GrVLFbGdv/Fxxpr+7e2/Nf/vW5nBPPgpBPk8WEsSXoH1aIKiWJXzqcoUhuDMr8zIbISoDPrmA6+MZeRQNuuvakN8qPLaf/HuDq/K0RAX0lx+8uogs1MJJSgHRQu99uq3NOUD0ItbUPTcS1uX01BdzigMHVitX9XNYx41CgIXKutwetHzSEVtAwhs7DPterpkpywo9NZNN48AK1N0wMsKExpVg3gVyeK6LwSioPpcnMwlR6zekdvXki1JDBDyvKDw6Ro7xrKTI3BMyrBn2cHgo3tT5+3SoAjITSsnmPaPcNQ0SgqcIOdB+cM6vsXFPNc1zVfX0QJwURMdUo/wT+vdb+dZTnyOeelHft+pTaAZKQNiwdvXrMWILoRLAxdNuaxe1xnbXtGNwfVJqXo/EjRUvtjHNvP7Fbu5gR4bXwKlmWqEhBiTKOybd5Jal7FxeyRSK/KcX/oYBB0ZzMd4NraWkZ4WDsT8IHlUj+ps0AnlJUhEcKxK4xAz7fA9Mqy/323BF+srclLgurTazBKF1iy69k9ktv6qPxFvzlrv6xa2NdAVY6snzvaGbr+iIO5McTvoAJLEKU2q3NMcNza5KRBKUSq59Bau5JQ0QeTXv6UEGWDw3AWXhAXvCnmcM1Cl1e7akO7pGvp4Gp9h3MWh2VAaptFa93NcY7rA1WO4ntOTF9Pm9S7VV6cvD16/b/Oy+fdHVoywQdFlT2JYnSo7lN+OzF3Imtbp92BRA4Oz8VJj2uZVMtHwwdBv777xsWcialW07ua7gzzOyoOuLhTB9cXnDLOwDgu5v5Zz5DF8CE4nFoGOsyZi2NGXxjj3ALeCwOdOAFCkJNTTg95sYB3bSf4hOveq2qdFSnBgklFaYMmKu3rNs3fMdxRcHfPu6DcaAR2bnHYlE6S7RFOXjejSTfh39E3i5pETJNRHqKWndh5Ztsx8haUZJL8F6kSqhkUvfIAksaq3w/R2psvFN2+nsulEwABYMPm+fKDnAC0hhadW2mAMNbTBm06h2oypKYjNAgli9s/XCSWsasY/88S5JrN3RQDty4D3ZGjeM6+Hdl7UIMKYtWdDpMWIVGXEp4VoLb8+dKFg721ycae/rnII38MQkaunht94ECG2qbqr1/SZeA3SBi7K12RVDyq0+NWP5v+bMb2/ONfcyKubxPeVB+24nxUeskxZPufbbbZKoFfSf+RLfwidfXWhkfCUFpvMjbgRlgLhvqq65bkZOmn3KaERyPUTG7ik3QS8QpKJ0/9IG2vMcpchSjPJSUYD8ijBy2G47AurTP4wprJKeMUFAORXuz2u/IZthDXyQb9EJmpAtyrisf85FRLpk+PBxkBDqMmZH9MWzB4CA8x0JPYDPecUq4MJ8DH8LDuF2uMW4Fs7B7Kc/XGdmwqo4dB0xci1No7t7mvZnr4k1p/Q7ifxMcrqRCgPRq4TnLD1kiOl/8WMIPfF8DQ0DEJS0KkrB9MOTaJ8GdPLx0WH4Wh4pua4p4hOGX0sO9AY2QooRGGEBe4Bwr121diEct8KBF7mRhE0Ibc1VVasmA1EDBmO5jHHywdz0EEj6H70vx+zZ6tbVLtgc/ZObl2H9Dj/8ElpayMitIIpFNA+st60L6B2GfqYi2SgZM0xR5pxnn3V8RRFEXnx2boLlRUmWn7lYbnVmwR+IDz043+zTIA67coeX1+Am3vtp0ejsLo6qNiBwMR9l0h8xHmL3GjctLz+ZebzYllD87A9xt2B9SrXH6HVH2a2pMi01LF9x7dEiBop/cUeEBxrc6PNoE3uRm8cLwRW//VobKtzhUCmbMY+FhOxbt+3xJjBBqzOpPXYu06YP3NxliCEI6ymusPZElicujdA2syBrOTSTwe/94PpSAf1g5GDbqIqrpHq9hFs+d8NKQNkJZQszmdGl8mK85b/Ve5jcHg2dra/IrqIgMnYbMDNVqQpDqr27GAk2VdFZ5vAUb9Q1zERi2Vh2QNuFVMAz88F+39rd6a8lXacZ9GsAqpKE0RFx0hDqJbqpEx1AVE6+PNj1CErlXtZk1zOdb6p9xVQt0Ve6O8ACCNtqs4MteqrFyPqTAMjh76caeccfpvfuX9o2CxnIpYw30PGMXUBQDgs4Z01AmsM89OKOUkWVvT361G6SGif39qXOsNR1fmfF+k7gZv1OTAu1XXjqCAeCFgUPAnYq0ljrVNGwEOEqzuHTJ6WOqUx1o3warTj3lKiSoNvVlIYUFJbMDcW78kM+Qm/pk+xhbIjhaONP/evFxgaxVVgcv4DFjCB03I0Tl6/EyU8+8+XAQrZFmSBWIoq2dOZpa/fGJSavrtCABcHQjUreTqTrWs9XJkoXKDByBL8FvcaxDtXYKQUIylakwrXC9xNxV2++C3V+GkvdeQ9IWH5Hh56+KJlDK+jywkwIWLaOa2i3NgYYvi5BtiD+ehK7gli5BgM1x4xwzNdshJCjFrbfogdqHVVWJYfLKJwpWSTUvYiPQCN5YZ2EGlMkBmzb6/U5dJCfLzWM5zz3cvcf7zFVbdAaFzMukJf40bt47edOoDqUIm7ZnrsYDgFMYQwnh7THjrNz3Pq+FlN2b+w3G4vjM2CZo9nzlmgAnqJUQqfHm2WMCOV4AbMiabvp8rq9tbOes/TA8KyYWSBYO6Nsylv74AFl6k7wLpOf8x/uv7UZjv2wgNJgujR5whx3NxJ3JG4V2lhCCZH8yooflYoTvHg5n6afuTTTKuan8xdn8YvNK4Pzh7NHK9/NN/bbfDlZXSFr49/1kaAwrlaaqE7uGvQFrZKj1YoldILCCnD1RRY73+fFbPyR1X9m1FIC71PVSPfMnBLA3dj2/JF8y7gz9K9DW9+uHkm/Gw8pP4oCnvSNws9A1SJ15rJyqnurNtKGhjEEZf3mkII2Hr9YTkn/RvjtD5Vv6K+IXXjiWKrttggIAEmURBH5A3FPuA76h7TEZE0xqFsYpC1x3ItdiiorOgI6X0dsQOUpJ5NkFBe3poSZgMTJBtvP4ZYMm8uldjUJ1Ax4wPFoKmI8H0tAEhc5LhCxGBtSQHK0deSKe1YTHGwdsYYAUvNPoyMQk7wXtqJqkjsLLqcOUXUFo2rtqMdBt15z2D60skWACbwX9TSR5ao1sfP8VvZevT4RsyN2O+309tod/3Z4p/SGGCidIk1fn3fKoWC5vgGDoSjKoh6c5vRGGhYuJPGXz+FMOUNi9PNKvTi788JMa+K+/bw+BdRgU27Cs2dMYwfV9dH6RAbtN1+Ey6fcdXxEQ5KYzgf/Ickt7xmtJA1KrX4TWLlQjaFb4cUYLUaOVwf5NB+t3Mx6ZkUsewupOVLamm+qqmyUtUIkKbRIRDwwo42AFlR7dScUlpeIPiUCNl7ulOHuhlfeeBa5ft0UK2tyPp14fJL8xDwmneLmu76Lapw1GtsCaA0ND5ok3KvWohN54VucbbF7xRofQACjsOdJ58foyJrkG1ybhpkRMw0M5T50y9hwkbdCVM66tbPViscnoP7k2sBiTNeB4/k7O3vUX9lw3KyvE1EyyoodrU5wu5Oi60uKxy/RBUEr0so3Qu1cQTJZWmDbYSMHWDIrydDXP9jPov3IyT8YRq2zNJQtlfAFx6y69QuSDUTu5SdYxAKisPcTI6m7dl6Tr10APJzqVPS4Dqkx6Ux4tTEfz42X0nn6QVbDirHOcI06oRv6LoD1ZYMGpkA0BhpTfO/m7b4XSef2b2UCmjneNU1MbQtj2637FbfUwQRe8aTVciiAkX675rSunp8fceYtU8ROc17lX/Ue+kzYH2lN+bKpcTtzhDeUoqkAF/otmfz5B9fzKkrVKtj7gZOGrr/3aHqpShWSuXolbZNzvuAuoIp6uuoAA88PLBiLhV4ZBYJjInMNa9k4yUbT14hN7dJp0ajijLgaOHw5mM0/3/uN1S3jTkuw0Vs/mXx0HFjsSb1uiB0lj8MzNXV13zXPktUNOKq/OJz2Jf984eQLJ1U6F6/SdXcDlrtICH6IffTDx1+6SNWNOqTOt6X+ir8LHFBS436tbWx/cdQmNanO1dWytEWINZCE5AXXjrVN77Bt73bSwsiL9XGmRXFPfcPQSqns0NRteq6ndpaStkZjX8kpsjKShv1m9KGRwbBE7LnIVGiZDoSIDNpGW1ww18wFbSNfSNerFb3dzAs40MerlmyBUsTfvhuPha64LTQJ4EZO4eQjkHDSUcon63FqderCH1YC3uFVJjBaAZYPwKPN5R296Q0yrF+0ZQKcyOq+AYVSXbRRPac107KHd4b/9eI2YFPwl59t0I18dwou3bOAWVNlFdqB1NUQ8MuaYANiLfhl0ahf6zypwIxlOI5djuSuMpGbVibLGK8PascMxUdFa4P2rUe9rd2jJtNeJw7dCWlX0nIKChCW+IYUA+FjFwxepmkvyyH6VWFc8ks20CPZvgy7O7z4KqqjN6sFVazVqv51TpEMR/O11GjtAflsosO88vuyXVYVr4Bj7We4y/yV7MjKhdxa2myVwyQvBspl7tsTLRIjs1XnBnAtr3HwgmTXCjS1qRG3D6QkE1t6Q+X35eZLk/ZJY4OaUF1qQ+wLRW6PWqQbLMvjvMAIAPXpqkikotSOfGAmedtBi08c3Dk+iUgaxcq3jpEj2uPFyIUthB5xDq7Zn2zLxXh2ynrNh7ydLGvY7rb0Vx1bVmji4dz0ym/9ZPN/E8On5zuoYf5LtN+0C6CCOfRKqEKGkQQeRckSFxeUT/ttIuyKxL/x9f0MlzpXbv04Ryr8sSNpRTd1WhZ66Ywv0N6qDtnyhg1I1QlH7N+tYAn6hLgsN2F0Sv3f9/Ce0nyCF8qdslgCTCKvqCxvsx12RK6bHHR48Y57FiKuJudd6eCZT7Eb/iBPx7NsrokQe75t9VwcSF87Htv7JiYkKGVAdQomKGGkYkhCmC5LYoqos/f9QdjKYuqinOy3hPRmC3cI+zlnLXkmjRsT4U+EttZSvOP1/eKad+9hg+o4J5+1XRDXrpCAVaOW2Rh2ymTT8ZRUS8qx4Cx3QvOn35q6+NRRhxhbGWjQ5w/kHBrtLq8PClK5XCBV0KxMr0ABxgxFicXOdZWvFe9pDk+V3BKNATHwkpny049pZnNn5tgfOtBlLF181v4axl9ImuWmCdWODqK9pjZ6efqRo7UD42ZtrT23HXL3dFdqPg5oDI8te7jaamnT1I5DvWvvLLb8IK8YmDOjjFAmn+q03xRTQIaIcTNzXCYm8bS21dZ7ipcSe3XsW0CKl3fKsLdXNTB0d+yw+0Q6gUt5VVbBmcTuDiMJB5LPspXKmyIWL+fXON7AgVQr4YrYsMvA3qGFMU2WDaUpmHOKQ+FaxNhqI0lo0/O6diuZCLeNTaCCJLosyGBIQdeB663BvWRxq69Yh7je28Y5/VX4oBgOQpJe9nUYJ4yn9Gi7Ssslr2kBK6P9XkgANE2VotqzrfiZBAZkTcbwLyCpFmjMyv5OkKpNy2lGKSaqphmbx5lTMFXDxHFu3zdHgWoU+B2kblXXulum7mpxHIqpSmISSRHvP17t5Lb7u8Ixd3xzX2/IJkPBCC7xhkw22TreDnYzf4vECuV2VuM0siTZOwqnFQ2TlAVRCO+Wu2oMiAgdkR8Tw0DqSawYuNcRsXqgD0oT/wUglYrBbDU6/4a47qpgqbjdUVrXPaCRgL4YBnizDcJJS5q6pn3htSqFPPR62MCOqFpyYEQlb+to83XvAp+GqVY4jI1AagF1Yr4tOECq+9zeBlybYxXn0FLRVuP6PM6k6ycCUEQfiC2YiakkRSuB443DJmiXXHgqNhSkHftxLpenRAQLomQg6BYUig5uu3b1JXMH33LCNUBAI3z4sUtzcY6ONQv7uPjzuAHEliSDB4YD2T7rDaB26Tgmapm1VtiOxE7QVUBq0FVDhNA8I1p715TXm7RRC+TNqwKH/VJNkcLaBRxc/pzff7YMOKqm1GBA9syyDYafHoBJzoLwWWPzgJHMSG/qKZ4R5HtG2L+rzuiKYVqW3mnQAc+TicdMIr8cJbioXv1v0dv/elwmJ4Wm6fCaLmrZdGTvwtCfq5Sqy8rp3l7PrlOaOZOPO2oYNiXXb+Bx2KN71BBIgfgAxNX5POQyV5fOnPw92vK8Y8sZt0JUqlSYY5upmRnWHv88y508uMB/3KN7KuDyjZIPKzo1KEqUa2m5c/Fo50i/h6llp1cbE1k0U0mWgWuSfkJImbVOOJTdD6goYbHsSu2KKdl531VV6Wwm1cMqwAr9ehPmRawm/tGosz05vH/DU1hoYXLe6ziMizY0ioRkRXXKV16w15kStlArbC24Xkm0aN42vmrYjMdWPslQyvmxxIFTUlhc0YArL/Zh+K7xnLU7bDbC56/HldpPTe7QU5TXY13Z8Q3OJ55sGI7VTpvDdmfQ60y2A1UxCJW3b6yXdzhQjbf32jJIG57ZZGC+6tdczlrAFg1oTk/opx9NSFpdw+pbt0q67fmyhymWhV8WF+bW2lUtU24IQGIUCbIcrqODh6Wj9mZg5KMEA4GpahykOVkQUZQqlJMy2APT4SEeqbGcGp640qzKLCXbiiH4VkXMeTZwhSCPOWuyoPmCWlc0VOOmeE2tY1hRDkv9gWmGoeAJjed93QLO5l87mIEtckVo2AmuWgpt9YbeIDzuf3fJn8ZhGKkdhWTiY8VQcD5v3ZC9FjomOk1HY8NKw3G4UJIsnk2F2Ny0XrV95IH9WuyEg/jdZwVhtRglP/n8zPL5miW5PboIPAbdc9hM/CAa1gARc+X/i3H+rFG9JoGRuI6w/m0gwUhwz4aX1WyPUS/+tfa+GFGlSIhhqqxZCbLTui9EAAoqZoZKvMY5VTs7kbf8Lu63GsPbh73x4WA8frfX4zdWVcuMybVmTEE856aKL+68HNJtPXL7UXp48HuVuGN39sxR0NKDRq1ZcVcMXQP3q5/f+7B3c/HSDv1TVvO43qKIb3M1jrt50/UWa6KBabJD7O4Mqm0nY6qWbPON0oZLll+ZXcWLa8ClmqcHzxz5oqPUmfc+KPbyFcKJrYE6iIeG6YdDp2WNlbaWZiM7as8akLGwpL+3Iy7HGwlhoAQa8YSjDa8MeRuIvEAEOIa6SRWxQrWkxJWfM1cqVzvjmFMfaz9KpWMfd3rxiNM40HuE7OywYtbGNiwOc+oQ1VOtsNFZ73C3uPWlA+bAO5Rj3PDdN5RI7nYf8BmPd+tX13YasgYmzWpXTcvNUggS3sWUgniwl5ZRXK2YnKmM+mvOSDvi+rlb5L31bMaRUE6v6sDEsrsKRNHYLaGg75hsiqG1q3ve/uV+yd0i3ItEKFdNPi+6y9fKkXRNbN4q6DWQbzJLg5Ymq6IkcvFN0SFARZf78KlQqU6TCiLcyJfOy0QPpB/3sTP9c5Zg4a5svueCabLzqstW+lK3y9gadS5rSxkRiU70QGhtuLa90OxkNigzQcIp4T4TAWib1jxodlZq9qUEiS2GS0NLUBZkkFwZT2T/C2RXz9ufCVCx+/+0MbGP74od/O859pzCf9NDClLEe68zaUTOfsNUCv2TmToicctpAMmxWXfgo6ZFDfCYzzANJN/bP34nYjKdrUqR4ZqICen3MFcgLdJGZq/+ggnSZQmy7YNK0sBiogH14ANABw6v2ScEvLzTpqmwbaZVyCLzenewu8qyQFrEn/+YAw593NbBnmtAjWVADV5t6JVZXjEEDGsgNeOrFC0OjP1NS/0kXZA2a2Fmt/N33VyovqABLyJqhVFCgcTzhIcRQpQ4dJwTX4pI0Me/fHUAI9wx8ht29Pe7vnIPKR/cNyWt19ZL652ZBACqSilyhlVZ6yu9+UjxfJKvewoYuhmTBVS/Jjr+IgojSlVsS21gSbfkezvPM8zZmuAhOFTS4PzU6452MbQ19IfSBmWZ66zLQyUCMuQLuIsDUNLHXApno4fCtmrGmVLItQcJyEyFTRUBpWkywpCYrASWp3A6KehFp9bIpVl/u0avFuyo5uS1b2v7AJWo4grbR+PlVgHw4WIC0+BJUuVioVzK8JjcyzGugsf+YlvKMoOicsc80R3sEocACgJMMSTjF9wJLiwk8A+ghXSElxgO7k//AKawQtraGgKnbGMLURD0aqn+VswRfaiPABhbJzGsgnfytJpjX9sgTJJ1LtgIpMuawFNcY+kWdlQDNKopURYQLJCA+38WzYzJCkyIbWlb03HG0l1V0xw3IxlamzC8WfQo25LPwCYBiAlNZfiRKSmhqgwAj101MatYsa9nbFfll1JsJekhPlHGIgtwTR3HZmIaqlM5nB8LWMqTmz+5TZU/6TRADEpyIBU2CpOeX8R+ivLP1s0Tb8DuYLTrIxkhRw2hbPVPdzDG9KBYCGQJwEweYjX3OuwyKcUY9SLWBK/owhNjyRRJ13mZIfbXbikAsSRayPVGA+tLm4wlHap9gLUl5syr69HcKdHhPrlENYsLU/v1JST3f64FITEsRM9w8LJAKcPZq1uyCgziiuXAng534eNoZnvxyEbhgHtEgXLf0QfZcaAAUCEyY1lvfPNTbV3dihG3hbq5HUUW9Of2VO2CfqPY/TEm80E69vu1H9pAyLQjjeQLYUiQ6Zh5KhRCAVl/m8AIKKB26HftmgsFk0aW/tLsXIIuXzGnJ9lp4K+8WR1AO080F03DX79IJjtccXA9bFVBEOtFF6/fYGAsFukraLOXLOyVwB+2MvXJdTpy3AW7cV0HaDjYyUJWLLjROiAsSCm19eyMdYVDEMs9+LwF57C+OrJd+8Bdw3uyosgEZZgpQaR1hRkYuaMQmAJ62rFQDfK6FEu05E50P7Fprm2Ck6meFzOFAf2Ny6xyWdd7rubPSKa/YTBlX8SzBDgdKokYyhSoGkQu5aPT/uizSwSofZLk4H9i667CftfWg06+vdCBy+GGHwhABlXDjpwJSEPVM+xe/qkPdpfZlvLYSLoc7DGsKpkKBha0Jt202wVQTdYpLI8HE9MEVsnwbEblnCplveAAKnPlcmBlPG2lzSAAsQ0vMp1OXoCI7vgRZ6K/TduWapAQ38CvXZXRPd2av+ulvUVeL1qJUujc3Seo3312OERUF/0nAizQOuL5PjDohB5keU82LUzYkdl+ZR8j3uSA51UHf4Y2b9ItwNingP6kCMSDC45rlfaOCxaIvWeKEEEJK0sHH3hF1uAFUoOROO/zaJDmBYNtb9hNd19IbtTMFtUaAnU4l7wFp0Xe3IMvvcjyaY18XoAYcuN+JbFuwVMBRHh83fdZt2/U3WBkRtbb3P4PaRL5pu3WtndX2S6v4VMtQIDJAqntwUkCNwRtOcaCjtxf+RjJbpxo0RV0NpE6xQlHigD+jyf7qlGm8j4pBUvwEyTV6M/KZmBBMPXWTQzz8lQ1uxchHTaY8RpjwKT+FrTANQBzvEKRCbJm1G0w+UDjooXEgdDxvzQJeo2xCfYwYVahIWStBHoBFcs76C6Yuy3tsmN4KxRhA+glqVUcCqldtcKmw1OMadZ9aFuCQ7qH5HWJuCQx7TQagEMTtJ2wNZD+WJZA8t7Raa8Fp19ODpsIqBirqJKagqmhZqgmF9dP9lxFhSEItN3mzV9uolKMu/Eyfkni63UYApyP1eWnr3M47M5x13gHUoDctYO5jkEMEAeWmqgLam1h7NTxuSCor3+/9v0cQqsv8x1YGjfMNgKKQqBYbRoGeo1hqGkwKGmYi0Z0TEUr+ydlkBOc71AYri7CQYoRIuQ1GSIdKg0NNiJt4TQAEum/IkHApsgojjCoELEq//IeATu7QmMVs9KS1ygfzmCVBNRW2HfOiG6um50PdpquZrkd4tXeaF3dB61tt4OAlRF3AvtKD+g972w0I9WuXzwoQ7FMkMXvE/o+mo5cJHAMCa+RvRusSt5x8wzPTX6Nzzqs6qSrjI6TMxCF5dyEgoJ9Gu9cHmLBc/ws9ktTVr7m+BxlxFhcDC7HVuU0hp16iExN2zwOnKHyMGRNRktT5PAY/K3WEQ3abAej2bT9LOVh1lSunF4kBFxyUls19FbwOfAORkI4aLWdZONY+cELzkxrgoDL+DblQ8uf8LjZDdPQBYOQd3QepgrcvxzAJaewkzK+u9SNjhLMBZsBqrJCynppqAAWnMDf42TzCeGMZz0ZH4E7321Z1Z3pYVB84N3y9X2SztzWkgI/kzjnPTruSyi3JpPLY8XdTsHh9IcvQ+/WrSBFNdsbzMf8tY1tBm2odi/Ff34e7Utjv1qE3QTHY8Kj7tjP7A8iYjSK82MHv1FcOH++3lrYfe8mEFJ1MYT5RLhpoxWLVfc6G4SyG46dCeKb6fx756NLr7pB/AaDAdAfi3aynwE4TPXtCTxUH8nyu2ij3rZUhwC0/SQoMay8IpnsLpsxP1q7mITcZTkE7b0BT8W1w7kYngYJzdXVULolhJPbbyIooOtXfhM5RevEZMDsE+au5fdAc1f+jTqMRDwZDa/9XjZRseAZSeYl5uT2EUmyjI3AhZp+YW7rh35Y+GI58R6K1hrPe50hWTxw2DQonPxuToOAanmUdjoZoNoBxnfuZOzycGAxamZ8oJn7+7e/3bA+On/sQ5PHQavQibYMDRkAtPDKdQeDu+815nHy+fOqWtrs7wIOUIKvK8iBgN121eJgyNSCvxuPsn3GmA/EuHhuDuqCpFQwZbbJekisy451w0iutQDdAsnILENknnVK3Vcm6uouLbHdTkmEtgZTnnoolQ1z24ohJ2cUFeM6hro8BUHxD9StgU9kXCpsegzUqIspqENvecyMyb0s7BA6r1xHJb78s7UAjJFWUYIJUdeQAfXBqMHkyMEFF+kHfVHKrkBUX5m/AgXHa3s0q87wHkwDoOBooUxySpAprjOgNOsEgqQkIgLo1pIkhTJX7j7hGZb/PTt+igOrm4r+F2hp+NG0C+WzD9d58ID9j5RjZAT5TatjfuPNTgPLj52KkEz8RYHrFOpASSoYTmVVap+ANEyH1bsvQBxwwmotkQT52uU4vjF/5kGCAKmAm/keHObWYvS3yLz/UU6AjIMw69XEK4CBXO6SxLhzH4/2viJCeyC/5udpGqHpSzeSBDztVZ0FRo5OCbM7D3TPj1naVLj5l/sRX6TSBJL95j2MoWA2LW5JJqdGMCinBVG0ugXLwK0oKrzod2JkwWeeWs2+D72DCBJVdDY6M0UZFBUzDX7yjIX0gWi07eMMBjnjphGwboh49tMgDt2zgiKKCmxTjoowq04/UNuptuk/DyHrbBD1xazXPXH2zlNDxtsVA256IpMhWn4NiCaTra2MO9gdq85Xbx8bOXx46Fn9rmXNOON+rwlTOcuwRwAkMEEAtmIBZSJeEOnNURQaj69sWVZoZ5UxnitWOzDa2R9ICAhYJuxIZkwQZaLAiLrY7DIyrExoXbUBZBh8pX5e02O8aEYUZBuu3tZgADAYH0B3NQnFFw2sn7L9dJlN0ppUY8LouUhn49BsUaUgArS+zUlUwxhOhwFdLjVjMLuZGcMLYQOKqCP1x/FkGGemwlhBCyAvFHQeSyyZU/HFuCdiwT2RQjI3MklP0FA6FcCYd6Ry/05v6DGFxuna22LmrtHLFSismVIAp7V4DdVgK7e7T/UAM8YsHvgboNoP1JSqUw/bTQWp+s2bz0J/tF9eQm3uqsC2afRvV9losn6nYoOcXzqchwezOzeHckzhWgodhmarnrkjAlHbzpYlk+1Sj9Qp1EBhyOhBCdRAayM0xG+GGJLWcfERSjOvJ2jbVKspL7gxq4Ck1rQDRpf7tPh9rwcI4nmtD9sr1VLoX0c+cWYxNn8I8Gb8KEfNlp7qXx2UC9CgStSAgo5wcB5VVHR2cmhK97wo/9RCDkDzozuV5aFoRT29n6yL3cfaxDuOZ1re6sfOI0ZmPuChTiuLHDotTRSp/CuNEWd+yxXA+lrkbz+1ZYGYBtyzZbsCR193ldnXtff55VYg7uuLfZgPKGtrRZm9i568IrR8yCR1y4YEO9ppwRQjtD30vQ+GC0Kzx74f2EKys8+2zpzmTOhFqmLMmU601O61CMgUD3T0GsKkL2951hdOVRGzpb8go4vCaxKG3LQJLGCe5oQssggKd4lr1gZ+oZ7j5he+vPbuO9aTcSZKV8pFxnqJu0BIYMy+A9wcXNzdJzErIBb2XHussr5Ufhp61kExc+c1W/NtMMTOxuao7b9/izU7FRq/OT9CfQ/T6M7HBVxeWv7m7gMrgKY/W28yl+Z+D4PmEyL5YXgtnkH0q4VSaeYjH1HcgSLJkym3899Ce355DvFaU/UnKPGpbhsVYfT0r34ztoup35dCYHRFfWa/JUq2xgRaKnmIzdoy7O1UeAvl5WIJ6hMyZZMNbuCLjctXRoYDbACzB8tmnmNaN6+vgloCrwbHR76sHwSe9pRiObYuwD5p7B3cfa2+vOQHRJnt/Sxceaa+bjF7DrM3d7jnwZ+/EEJbPlE/TVvYFsFI/9bFngX8lZcrHXj7/qWwBwlqkhIVR+pmlrbF9iVSBt4eqtGGWQbTGnq8oH21HGLDls+bbV56mtT4RrOcZEGzfH+1DQtyHaN0xvLMbjBsTjoWkJM6NaCeqpVs9P0/lX2d7krm+6ZY8mnzJr8c38DeMbffwUblm90UYwBX1TANKT/DA9tcz/2X136bl9GAnvZ3fWn3DSNw/AbqsFzNl9nW3O+n0RNsp4fh8SmpCcNW2gmA3a7lk2XwWM9LItQj6cg3jkGz5h1VQXv++NlBtxuji2pTPW0yZkCibTC3Hp5PixpVk+GwFikRoBiziSY6PSd63BQVE9WDevhr1cA4aPsWpbiEyQnrfIKbAmlYTMUKWK/AGSKSx880ndMvq9SSs+89GwBHbkzGvQ39gdQDwK4hBKetCJWf9L98O4GAdfYSEi5i4Fq/EEmYqcxCOUtZPb8Nuf7XF+1IwiMOL8MIHxbKKAUhY8zRCLQ19lroe5LQERkspdTtCWOPJc4GBNoRUbKRnALaQ5VA7fmy+BhWz234u9edKeS51+OH/eKszKihl7mFTFSSiBXKngrtxx+k7NAp1XMuGhjYURyYAGrR72hIhrFqfXdVB9lAdpCFDYBtyYYwy10Sg+oXiAtB4qgTy+aneAW3MNPInKp2JCH32L63DfW0IluIMw1Fh46+YVS7IB29u8JeL9zku8nnaAGSVMcSCtZm5RdqF9IU+SJJdJ3pTznxCmuwxtU8dB3UsT8BJnljUkJURJbuRnN1SWaImZ3BE5dP+uLae32wtiD/n7UEHS663cd/D9KFB3Sn3Rt9OAuEUTfdQIIyiDCcBm2GHo5nZKgJxWYC4+BIK6IaXt7rP1r8ZWC7dpPg/oPjkO9vG8faZGLMN+LO0KRxufGXvQgl/HlTOGK0ZAeYguiV4JLUxSsXYjC27XoX3UYEPYlMuKY8yMUwMFMFD3M1JLLuto7kyeuJGGyZFxY3eiDitwbzyP25TiQOXWblmLQdsWsDJ8ZdCYxqt7IRPFv8zgTbhCvkl61V6P7Tat6Tzy+PwF80q1gW6k132/Os+/eucynPMQTHZwI8C5V6PH3wx7EtiAC7aTvdI2ALJTajlfXKbx8jzoMPghkJb3twW0L/ypTKdXYRgV2JWBr/4zakFOXAdnxt3h6BU8cfrEzg7LDYvtmXd2e/szIAgu0mga7+bwLkNjZiW6rHB38pPS8dLL/WNS74A08h8M+tOoRCdkGBpVRCFgx85exllrAbKRIPioaTa+4YWjmZ99Co0ckmiqSXrAz7vVKPtVDe8EriZWOCu3dKwU+4KdcfvRJ3qKGsq0CaITqH4uB5WiMF5uBw3Kixq/x3pmkyLVdyavF3wrvSHgH3lGTzouhczo/wPeyvAtejRZyPY5Ft+puesfuzxFWrW2iBqb4UIQUAz240GujF/cS8RCVkr6kTYKitcFjBl5Eo1iU4LI0Fw5wAh0J4wM8D5WoskR0hbpoU0mZOU5kvdhLQ/LEMMtQustuB1m/y7QjMvZcVTxA069hCLzl7QNKoU9iYbnMj92tJinK/iwHNyWpbxTY4tr/PYvAK14JZEGe3Y4SstOcz3xNErGxMdbE+Fkvg+BKTX72Nxg1Sd2CVc+8zavPhr6UcBn3RgIY2TbFJH5sIdLg/lpzYm4P93YKLPg7JI0s2AgqKBpcFJ/iN++SUJFFk4VNp8d7YA3cwzU9xPbYKRYWXKlV4Z6RPC1FGrGaEOM660sZFLQz5E8c9sWYEL738W6GEZ4SfkVihfvfUcYfpH0EW0rjE+5bRq7bjS9S/MaD+n/qt+D8IWCzbdhAMxRi35IHe00AffN7gcTr0f3L8Q9gUt4Dmvz7gIIqmmYIZifZyhwPWFsovnNxOiOQ/a0PvFU5gwmS4phDSpp94QaomtXA50sySQhHAAphEEiipKFNFyD813AF+4v0lE7NYcw5IaFAryoBrDYNODuTA4shv/fPxdSgFltk/fGpmBwhPGNrWjcD1fqLoP6JtIb5qzuauYXMGCBGJnUPNWTe9qQPb35eqEuDGdQoroM2eRWZ3Cdgy+1YYz9V693bf2jSwZv56CSx3/YgJCtU0aOd/voAO24LcfW982yHJ3eIjWBjx3Bg8GnePRRy3yH3/GqicvEma5UBj5mKqa8dEAsotmc59qBmai79hF24oagXt+frQ8t3WaVzwrzGZIW/0Kubgy4cSjEUCs4j23dtvwyvuPnCD57rddzs0gZzHMq5eG++EAYN1sdB6YxMT6H0THMhEKTvzA9fAjqXLoezft63rN7U/bUOm6S1pE66c0/xdhNDjR08ev7YHKiMIIW0WGlo15Bwcj8IQZYOTgUmBMBYRgvgieNL9GBftlVTOkwvBBBgQsknBjPi9uJ0r+tllTABGPBtrItwXTV1uHvDLl3RkbUBf4yHJXgTinxZmrxVQYjDATTgEj5VP6Vs+Gm6c++2zW//5lW27wbqH7+Pu63po4EHlzK4/Qt89fraoQXn8ZAt8DVzaxDM++NzaUeEP+0S3Fzdc4Nv1NjeGn3xXiMFaYnQCQomvDedpQczPVTUgWVhYSx7W03dSRb8ICg8L3G0v5xBGQaBfqZoEmcOiGthpf7UwVsCmLPhc226kneypiQGkdBdlBfiqh9pLVaIJQVcXFX2GDuA/O6A1XWwyMr9SBG9JgGMvmCOWqKopwAQ5rdnyGAUROZNrsWPRsd59jbXjA21pwrV1dv1Cpx5FtHK3MAYF6JAC1+gi3NlhclU07pNlHWYOeY6hXR8a+QuUVk9TwMsFEr8KGAh4rahAFk6T0Q01nek9fLzigx25BYnx+309hxzaancoptvAUqQO4FtvjI+zshJgGaqAHyxzJiK+MMz6VyefmvvDpJGPOpCJOAraPqfTvrJVfn+EHk8CPaGn0BpIRo6+4FeLclrxkm1pCc74rc3LhwyADDUIrJC+DOL3PeNZ0fgdFnFpS3Hg3wGW5XmUPX9n+qAIBSFfHqptUoKTapNDDyy8CMWjp5FFH3trqhDVxpdjAZbn374lopNNpFNsAqTSHst+CwyzjJ3/mihTgrziKpcK9EtODmDt/Q8jbTvahD0Yv8U3hk+UmRt2FjpNF9MfvnNs1H5rrKrHg5ofpkBBRzqrYkjNmYW2BozgF5mFGv6/oHAmWcBOaGaGuq8/XeTaI7+4J8sW+wmxEVKfvvZuGLSph/zbstHbWj7u7IEcbPrXGAuRtGVSgcMSm4rQhbd7ILI6Q1S6+kKuYcSK3Hwqj30g2oxj/EkmAlq+tiAjp5PikoID1/65T0z65/em0GPuCA2oZDXdQXoqjb1erzOTHZzidnBfMsomfGtjbPjBqHbYNvQ2yMNA3rYz+qZbt6pbIM1Zq00kEc0NdYg26G107yr7VuafOLLtOq979sxlFsEGqbCX+bTaq39q8D8iSReKOcATtZLjgnjWrwZQ1jHVkWsGnhZO9h8umI+ACvnKsk/U2LJILd9YzukjgGyDh/4bkzBeo3WDZ5vEBf8PxP6/YonaXADWFvzCDQ9zSG0dfhiMemz0PUZBvoYA9VQL/fXGAr7CZbEPg368ewE2NBhMG+WFKVs8dYoYYstsqSPDQ6z4PCpw9MlMUwhegEqSf6UgvK3OuD/2CTHREVunW8oW8MYFkYKaqklXYAGEiiIhXq7sKq5dBsADO2FQRacsTt8BzUiONMMZwtZ273T3YKvn8+dW8KliFWUdcyJHNIEDnjVrl6mY52w+DGYY1VD99J8/+DCMXt356LNvo16XHhRGMk5N9MySSMaJx0PI/IwlEBlDBb1X2Kzwj119zAYENV/02h2XI2Ua5LwjcSO+KE7K6ObzqzCDHI7CCYNWRlNXjZz94bTIUczxUbxsVeCp64IHm7OTtRJiapcTacSBpUsfe5zMu94hH0bxyVOaiJXGy2qSXjrBEwcn10/BPJxd80jMIH0v+lP5fbdffoMZBSqzGnXgAyA8NTd27g0Zha3TbRWqHFxUmVagN+wKNbQPCnoRJ+zq7imDPZUSLXjBGNzV+7zNNPXln520kZdzEFdJpATOHvPH28jUuodJD7SL7j5OPVdQvbWB5DSpR/At9QMqKmyb/+oyolrL3Dv2AiLoor6P5ipehR33ULaqaDVqL7zNrfk0LokNtjSyN+ncl8c108wjdgyRdz/T2HqVQVOg6kRmJLRf2ZoYzCbjq1uATS3uH/Wz+x0mmhL0sgqeQV87lBD1qL7adPWZUPCgn8nrujqlFBRVZTX915fE2qnV03+UTrpjB3GzrwSODIBYl1ivzhRUJ5KeLkTpswsXq3QI9oJosJmi3ZAZKKoOS8G+ruX5yAcop/X8lo4VgUVYdioaWzEkgVqOkaoxHvTAuWwvZnInG9uHFrBeC54/QkP+HVFUgcsq2OynH/AY6Ev2xBSqGXV9rqxkEnmtbmsmU/wnHl2vmvCN7ZHhj3xTw7auNUAWBrO2nVO33IZRWwcOb6ymiB3NDQyINZgEun+TfSP77x3gMZ3xcL4SkY5BmsT3QM4/Wei4wFt+WG3BK581ZlxIUOIQUxyow1VKSPh1RgOhfpYgYJbFlEfP5IxXax7Bw1xRJwT1ZdqUCKydVEGHfLfQhAFcsz0nZTpGw++kg5YBJFMnGtSTfNVCKEHVkA7yo+nneK3RY91Rya/oW/UGAUI2DDlxRadaMNzYNGo+GmIMq5mFEqoTy3PsHjjN3KUKQpNVuYeTDsJIzJdqTXh+Cm2lvVI5U7CigT+kF1vE/urX8bI+qasd98VwT2mbI3Of2xxwXXFME72XaAmxig3feMLa9Zvu1IaZSRhbTJQW7945VLzh3vjortfBLbWVd8JALlqm2DmMFGDKVqBZZKxs4GK5Rw3amwV5xp26XNzeLDINdwawfs2z0IhFgg/8MKSNUzIwlPPDhQFjaob5AOk+b7uzr2rEMxP1BzcZ+sCFfrNEe/qlIQ06xlaOkOy1fKJprgLBNrKE3RhpobkTpb+VBO2ChM44NkRu7bry1ko+XBV7vfUbhu1CG6sBdsuC76KHGp6fkW0E+2vlRRTOVHVQVvHmSHtKC7o/vX2i1rX6H77qh/fpvIOA9EA9NsTY7aoRMn97f5b/UkX0ddQMa+deNVgqw29eMIZxLR0abJCBeNs04h+eaxKZS4fMW7LAe71Pw5IdNsmi2XUjyA7NmIuCIlTB8f1H5MA6FG++Ihtg+5xN+g3oR+RXzo/zWeKbTdNNB7vZmcf8NTztPZjVqeGGrxF53b7FXHRKALJeseC7m+OuTa9u0DW01h0IFmdLX3erZuXfYdIYkpStDnQor9QxdMcG++bWP0c9dnRz4pr6/4s6NlT8Qk+FuKULNv6ngJ+2KD+e+Nrr/OJk/pxqFBx6jO/XWYUfv6KmW69k5KRCYSqp9tA0zApCZcD2nTuSv/wI2PF8R4MoiHWJAnrx11voSQ+XbXge2MaWj24ayjexJAQaNrBtvP01OX2PUgW3ZhU04AMRzKyTsVDBGsNfWrHABTvSls6ct3S/wV+B6B3WNnqe7Uhu3Ohmzp59+3wiMlxR03wjlb7Z5SHDyqKA+onii3K0/FJPes4AoZAiSJB5aTMcyYg7boagzamjEMFk2GyHFjeGJn/gNEWbp9aB1GRnx/okn5KDmrQqSbKjLxFbaviVf2LSZNpB7pGdTp2f8oXa3XYgAir061vBD68+aBtak3zQsb+i5ZyW2RwAxhBVwvAhwcynwI7lhgZUcnQCrdhk38j9GxRMUCEvAgvYJAMXHmj87+waq0ZexFL3vQ6CTweXti17SqR1Qt+JnDiK4u/+oZA10Rg90UbJtD1hQAixNj/xnb79Rta4eUq4+IBJ/4+4DjMqHZLNu3bDcWynZaWkIQQFXZAVvj3Ha06Y8kj+ejxxPChHDV02ygXD8Qp1o+GNixN5IiwaoqZrtqTiRxpgueesWRJt8Gk2L1WMiYj5vGwKFGa4KPB8omdqf5gH9vP7yADFg/5IFLnTcqLPj/ba1CTeNv6twXVjNRJnH6RjAILcSbs/QaXDv1PSPMAU6KCBpkRKnX0gXqlPswAHmKpokfbcwcS5osF3PwUbwLXBA3rjaw4Te5MrXa32mUflLnTzdDhElbO7Cisow0AnbjpfITV39PS4HkiqfhmfwHGlrVK2jW2GIbBgmu4KMVujtKOrEBNKr9wSgJ2gDeNtF6JCQbmFA9ewORf2/+PWZHJDN/3Tw5APfQ++8vYHPESXJ8I63LgiVrvokwPWH8VWNYAHvfn5qQbXkEPjc2cdO2HTM/Jcllfn1kJzeTTR4sklHkBX4T6OWV3+/bX4BrskLD1Z2TOfCwpMMOU47C3jHT8nfB/DD4G/BYKk1DWDqcGMEaQpm63KI6uzxN9mpGHN+rPVOyv7LFu4TN0RjZeKKVBUNpIXHefCTd3lJOD0boa06rWHWcR6lwBTeYfxHuil8jwJ6bgFSzpRS9mR1LUaXGRe0u8OA1Dfhh9uTrh2vfpBz9A7Wv6gZW/oK27FLIqSRKVZHIK8PLlq8Qbr5oakgPd7DNIEEG6sg07H35nt20ASf6Xag3fvt5wJBZCgpBFWSUDHWdoSm9cIDQS6CawJswwhNfTogPpa0cf6DZczmoL0Am7weL0Zl0Cbcj/f8f+zu9pp2zFbQa817JlAEpzo0EjxFRUc1HZQ00gH6ad4x/kWo6dywtmTAF0Hlk7PF/+kDXKbm8iNgj38HDzRqzRFNtrqWnXIIacUs44NpASndAiyUyVoSq7pngrI5KR2yQuMjGrKaw480aG0UNhFpSD6sQNzgXqNIqRzBIZJ8XgMEGUew9va9gog5TplDYZQ9eMYLSA6kV8vQpmdqXJFYMLO+RzERzblz5DvsmiM5kVIjrZyCQ2nuQpoNzv6RK2o7gduFaGNVL589mYna4jNUUxr9KpDnhIdUP162YTK47eGSMoaluGAT88au3fRrevJRd7VMTe9VR69+8BUqy6QYbiy1OIE0DvQ/dSnUA6TrLLzv1SbWLVz41tbnhyFHN/ocBkcttEtocWesZbDMUt6w7ctoiFukHsa4bCiFWggyhBPR3AEUIzviwgtQgbkx/IvoHEo7/vH65ocAOrVDiPy1DtbqVOKFwRgYmjbillD37qL4YSJKUu0ztFzRO5DvkYJR69JcAzoWttB7LO/SlUdoB/spVe5DuLF7s991Uhgxy0HdQycqnujZPBavN8wW8CCoZlzLwtIcOTJI/txntcxmfWuenAOdnnaL1zOh0VVMEEEuYwmpp51LsB6pHwjKBTNH05PqJl8HYrAhEwpU26P7Jfi1ZccxFtvz7y8CZrGf2D+GNYzmNio8eEmr7E7amRZzVWb9lTgWsT+6zd+TEn/iGoQ0vdbDjwZ+kpq90aTtidsYmASEpgsdP0g6HlhwShNucqqp0GGkQUBTQiKb5JiqHpF9GM1leNA1/ZW0kFhlOPLUJtJFIS69IWjGeX8my+924Xcs3ycyDHcvKRMTLGrLzkSSQLJ5MV/e+5y2rQkLwgBPTCR+DylWH2TzXRd2V0wxW6VUkTiin4HdgM6fImssz5RtzS29OCzNtq1caO5/kPOo1jcLGb9IGkOlylCKVdq5EVPmHFtn1PY1JeZDZ6gZt90GrjNXmPGLVBcsjAy+GHAszUSSkCyx5hux/oK3d28+b2gx2TkIkgQZ4ZJoxV+zvWvLEUnwPwW2Ej6+s5TeZN3GolBtKYFxi1lJYEPgFnLFQMeMATDagTd7kpyQ9wTXc/m3usnbIfZFoNtA6XlRaJcabYbmIy6/omHE40qqqScu5ezn515t9PFC3ABsJ9bKYdU/IgEQqto4dMHsFr4D6Pltr3imj3xPAVBFwMNdxmP2KBPH6q3ZPXNQfWx+5Oj+ov3Sn3UasyL/pf70CFeUZkX/vjWTVcmzp+98Cf9NNrcBoAmpOVViJiONz/yPWNUhDW2ZJhFM/Ag2disRfNvTAZPj8cvf5oe4xlekSH9MC1cRwRgKEmqof6QGxd5TnAibbMMpLU1LoDylrNPJzw6O3UL4sUf/ujvEB2j3+JK/JOTwbJ944MUdLLaQed+49uLxKqqIzUNIr7jB19bTq6hCmywRdMsGr773Go0A1egmsdP/jiUTOzyJ8g6GtxveG1tfJiMC3wizEQgw4pg396ltPVqCGWgvaMKYQNg1O6uYxNdqSWAHT3xwMps3bMIOkX8gojeUArgF1dunLahHqRXGm+lV8Vc/7WFIjmnoPs3eX3F0d1FASSNLvXT6U/s+zpgE2O20RSGZmTqYT2f5U3gfBV4zGgWmXu206Gu623fRONkJxMh2z4ZqFu/pDc+88oCK9CoqEqaeA5L5Kr5DqfsGGbbAKAT5vhNIlz59Zz/FX0A7mCgnstDV/8kMXTjS/nIKwY1NFWPzqKfGYgkTsg6RiLBmvV+vOJ2rw21h0h1MAF/3h9Aw+Lo7yfhcpHro0/Tjar51tLArSF49qhPuvNFZYzlvT9qn0j3mv6dML6nkPUOiI/B0uPj7iAK+Npx0F1rzwxG+d8N3O6KDb8ZSrmuz9s3HOzPtfsRacj0L7nmgwVvRn1jcSQskgwUtmycjqN5PuatpZloAIzvig0a91H3E/QC6LAS/5dvwQQwrhvo2V2x4HPfjOuKxDAYdGDSoOlfdS8Git78GZsExZKgbHxH4d/mzVXmrIQHhpnKUneKYneMPGkLGZp+I+M0PvhqdqiK/AYsia8So+4G1UMVHEh5n1SMvcy9hPXbFhs1mzh3QD9ZJjHbJnI32IPsr0AR5GZ9qlcIoqAoiRSAbwGMy7JkfGsD7ODTA0v9rj/o31vTzp+DOPLJ4Q7pzs/rfzuxpAmW2h1m3uKAtO01vKkkdruTQpPk8fb6hnBJiizJfoXApzEzdV3orejfGZ1BYaE8TOcNJQLR1UUMA2nK3fpDEBnOhkSmuOb3zkGMD/dRO2niw3IVEZzpTrQ90Nh3H6j8B7TZb1f6Cd6EkwH2hEqS3FjVUDLcTKotfCf3NV1USIW46AHICliEXp245KHCRq/KbQAdFNEy4xiARTsUggIKx/BlxvxX97qJGht3A1CYHR7q5PGz2baPuJcQJvRMEp6z6k5hTVgH7iu2U2o/EDlF4dFetxVkBXPMejFZQCRgaUnm0emwH5cFSTlGIZ+oKwrLcV88ezkLabXPuVAiHkXoaF6fAoZWJ7AYnH0xRkMjd5pQOGlKpsmsyV9TtRNle7WowpWNcrlU86/k4xLMJwLss3QncwC55J7NID5qh/roG499ld+15Pq3QQF/CQKaSo4d+WtiiiO5QVMqvZCZ9UVm4IOI+3ycRr5tl2lHdKsldISIdvyGHzXUlIsWI8XM1XECWBHLEPUnRufy4gF5/nNcCHFVAQdqYKEvxOSuWkC+eF1gQFuy8Ng/d2SrUYwtN6haGMPx+gfBNF+2yqD00i2ZvvdiLlp4YzIE6LUFD2YeYfi9BRUI8okA6XRXMRSktLVqIOtu6huqCNZ2xVYNtL7mrD3bzmjn3OR84XUX6uczQK3upbLDjgVv+M4BysMyWzZKJUt5n8vHK3AjELqFGHoBs6nkw8xKMZlDxA+eCBWX5q8Ua5udq+RGnAdloLysCGE5OGteHqbPHjkLXWhyc6LYAEqEtbeBTO38tgb9/RZwMJL+tw7X8eVgCjOp2Ll5IXfWgnqQiKyfSOfEXP/l5aLx9w+/IeCCci+A4kOS6EKMSocELWtOzIidI4FlsUikuQ8pw+45EaL53q/vJJ5h/VblrpnShqyzDqRpCoycWcZrRuEd9MtPb7Umbb+qwkH22B+cRBNtuqKx1xIIf04LwkTxCa9MfNbIjDXA4sUkMGRJwiwypirRGEh8qpUmY3Wsu2PLzFC2SiIHNWW7f5pYn33qxKWIfoIUOoUOOlpjwB4MQA34SRutuGmg88Uzd3eKaPvmmSTzYpH5AUSqBjUnMM8mYgyUWaRCV/KO2No8G+8JWuPmTKL3XxIhfvjcL+28IjO8frbAtdhd9OQfE5Jlk6UbKbRwhHljdTHKNfbQTlimfdy2oRmOng6WJO8IbegLadv9uL9FB9jU5RJ9U06IDV8ModzXCvcOR4E2CIeW3QuSL3s4fBJfjr/SQ3XqOA2tgkHmreWpaP4f/Oact3mJH43bs1IC1IoQMEUiOYRfX79ywoFCSK+kr5FeFnPjU7PFI+4dv83lggKyuySCZFGVATadHm8PHj2YhDHcEcITLampmm0v7186KyMiP+5AJj035t7PQsq/W6Ln+01csGo/Zt6xH0/vsNv2VRC35LPHv8J1x7DJvmxcwQIZq/iqoiG522v+YAm40prMf+6cjtGvjh6Gfq3P8a+T8QSPgO69S3asn94CcHATU9Y5OqWmhdBjZKHuVaFPNoiZs1VlQzPYcreFKRAS/UaRJdOu6EIjo+o2ElXXJxS0C+02zZ2itdJ/hEhrSH3x9kTwzjdjqOZUzUVmshn4zVFjJrfwekrBjwtTg/2AYdA3xDP5s5a5pi07ZaPQobNJNFwpF6J7kmf+HVut62v/3QG2qI2ms0Ic+KSz+t6Z4xTdkOz1Hz776Ywa+PoEnB5pN3f4BKpp3XCQnolTb9Ttz7hDUxCIetmEr2WFd399WDNsm1oPlGGw4DhPGxm/adcOQIa3cx0kFcsNzcqFoVJHDzwYL+WfIDJuU70XT7mdP55Zc+JyH70oTSJpGldHdfmk7ksJY2qZXMsltmCYeSNws4WOAZUiDWn03KxDJRuKya4FfBsfwWEgsorCocdpE1YMn/xIioAL+gXQfbE8XBHgOODJ7SjdE5mU37JRXMMGFz7HlkYIaSKerFd4ZtYV7y+tZFBHeQ0iwjHSJwii/JVJflLb1jYBGNlTDUhk1ui1UuNLJAzDPveEuVPYdJpNgOnXZVdK3oQUOKPKVWu1uUr8EvQArpuoSEL36VkxQHjCAQErxAlk94jJCmIAx0iSiEbDYVwVZPLEeuHGlSZnQREArUFDDV5/mAndr8ZoMCH6EcHZGzvBRLYWDcMwEQcp1ilb5WQlFWIfhKqvcm147au0J4AUQ9c0ojszIKdNrhNKZgqCBWRwwM9rrMHune415abSBDwcz7le3mXdlsOrgqwXDdvxKrWiYKxOBIM8m1CgQ3lUGMC5lJc2hh03GqkGoKFiDSqmyJuoLVN/eupqVsHX/J+o1YLCWmWzEmZjMfRBcPB+rQ0vfJLxeJCsu058x4o2nKOcLBQkqylM4DHNVuGMk04CGtD1hl1xvYqb90QXtxVNksyi6XhVjisJxspEJKTwKQs65fv5LgwVhVJkpxzLSERYC2Y5aMQqgLqGVSjrkmCg8qVQL+R6pLa1DsLVgnkwD+M43vzUcmxS6UgQGJlfWI3n4SrAd9QiOLJ8bl9DT1HHg8GHmLA4EEhJrO/jhZzbguZmU9rkmHC7Z4bQpo62wEa7na0OThMrujroHueCUuIp/Igx/4HsbQ22la8alTKu1a6W4gLcDSSxrkjIy3FMgnpHEEicEgEd0pIgJ6Yz24VkCdGAzYFIQ0PBIK7wso2RxvA/8qgjVWfVadKdgDPGwzUIzAEhMENpkm3fnxZz/RTMEnSIjKb+9lMq5Dvg98bfLLHb5Nu/+gRWVt6/8bU+Lvjj0V9IKAzEOy5d4mOFlwg5++kPPClinJFFIpGqWwmKJqjGlLdX4NYj40Rcr2yemwjxQjozH6GX1l8DSEFarnvKEi06VOsLuMOXMBSdBRrVZJTsGy3X/dTSievHTQ6wMtRO6aU+CttESmgW55URe20DwAWPL2bd61lIqaslP55bNZl9fH6yrERaUw0yTL/+FMGGBHHpArTd8EZWrBh0Mo7YiOg6PfxE1fyth+T113gvA00y2TkDgjElNkafcNan5YZ8RxetKkgiA/5XyDhfePg2aaz6bc4PmzC8LV1DoGlc+DCBR1YcOHxsBjBOQ7VXvQmytohT6POv8ILLjyBkBjFL5iF3sr9D9RHy5vFhl2ygIjNVA5nRLfsAKqbu+0w+1l1XEZ+aWAZTNTbIgF3JuKddWTDlFMOdaLTDbmpBHR9TuorC8GB/wQVhTaYySwEnx+RyBcfbSBMX3mQpCtfggeKrtZdiX82cKtsuRcHBCFdEN5w58Vj4AixCodCA+SCy/zaWTbjYYRVjSkkmNIGpkiQ7yFS+2Idnz+we9+bbDLJxx4048mfL4b+n2ZDgeg0voi7gXm22Lhy3VuqpomRN9Lw6ZtBlUoJ+SrgsegQEwpX+degNKFz1OnGAZof0PuplVHgfAarOccyAyAksG9/ojGLWzWlr0L0oRF5fgu7tpFlJaoho5xyorwUqkjGlIrl2nNjlcTj02/S4WnBAN62RuU9u7oIsMNNSq+rK5OJmquVTdcCIlhpd9CXQ/99pqZOzIMWLiI//zkaePvxK4r4ijIN0XysMOqPWTCEGHnUbeDtuS7su+47FuQs24S2oN9UtwW43cOaym5LsQIXyUoNECzZbN1b/Azp14uFoXAWw+G9UfwY4V9MekzDPH4tQoZTmfBQEvqL8+OwpE27KWXJ7hWbaSKsuxihPwiKuFqzmr1gX5HAAzUfHlRwyu9uNYLg2mCnGnRBU+WqrKPf1uXFTP9TDfD2mu6TPBwU7M2rg7OWoCFgCIitWamjeCmVkKfEZ76U97Tw/AF9rMsz5LFRvm2ez6gqhMigPhykZyFbiRcSXE0WVXIly+rxpa2Sntm9tA16vB1jvr9+Kt1tvLobCd2Z8yf1JEwXwqK5Bx2w71ZbVv94RTECDcVmqGsI3eu7dtrDpIF1mCyJrNzk2MBVZcux8fGdNjcNd/fBKc5wR8mJzlYQ4L9aH+5YLJuOI+avEs/7V/vq1Z7EtEaaSa3aahHrDBlbG6GuR7mWcbItGIYB6pKrBBfMo0IPwPfhRYh+k6tGO3rox0Lp6bOr3DoeTq+BydBN2ecueXI3OXd4hv2PRXLlE14yrFIORHgQYZsGxRKwAg1KtHOjopu69XA/scGGiob5Qx7Zbb16I7g261M24960MtsyYlqpis5u5qPd8BUAfe1dPjM4+e7g5t3kbz/r83W7U6TXcP/LAXqRe+CkOivQFcpDpTcZCPm9dU8xXTvePuLdR/VuJQJkFHOKBuRxvMxSLNd94w2S1H98qE9YsBhS2MiDUjahrhpKo2FmoXmP6t9o15HdQpyHQYm2jkXMXD8NbQ64VZUu5C/YA/ns44f3i+IyyxlHNVTZDd0Pan6bM8t4LFRTbuOZ3oO95Cuw5BWniCD14kLq9AC1y33swsSKksJzULMWIQtcoD/24olootnyYXVoFCUkQGT68yuyr/7e/rdcILXGutdbB2AjXS1gD1JW64g/ApjaLWgTbD7o58gbqgjJ8gmbOjIbJ3wSlfoL41NzhnvyypBJngDemQ+wwMYlYG8ypspJsgDvaUsipsZ3gINu4iLqAbExKkxn5YFY/7E68iaNlXhs+2Lq9aw9ngCx7WJf1jEnUcRXG4/Xda0hiZEVCMYGXLV0qTbx90eMkSc6Vkg7ggXHYGhpDnvYWOVKu/hdvlhSnIz/Bxv8mxtK2K9ZkucaXV1+e0NApb/pWzYd2zsAqQvTTvxTA0E5e90PMXI/vqglyRfOKDcXpLGh8uncMEV6FJbGi8k/2de2UXeqiyI8vDo0qRsY/soc/0ewonCIpFzn5Oq2kaSmXpKslSZN1FZqqvmFRKFzNRr1nJqWEIjM8O8UdpuBtZyIDSJJ4/AzFS8DFYq2SSWJT0ex1wYWpgk9V9C8386emSIL/tLT2ccilzklQ9AnhZsLKqFPt1U9zdIexZJDGl4AfTjeCNhoatKpesCO7aqDeYMvVk3tnfdvtNvDLucGF3paOVHEsz5eKUfdiLbhL030mj9M3WC+IshYeUDnaVxtoOCW6cOiXtZdkOox9ZTXjy+mCBzECsiDEYHNoC8++EIVHRESXsrVJwEjmDoLvbiCVCvsQ1H9eJd9aQgvKiB0mwAn63wenqz/a9pr9XgHBR15/1sDW902ehHtpDyQwxVIJgGvuT3wzpk4q4zo6CmEJ5PB4aERnpAEIbvJby6l1VEWaTKBArfBrK2iB2mPRryh4ML2MtlxdGx/ShBe2pLkt1Q3qXUtNhvquIoLtCXTbEycfoS+vztT4TM8jeMOvwLm+VI7h558k/dMogTiBRvnTt5eWP52e03f93X4ueMDaXV6EpJbKgGFhLm1p4lHkxK+0MYx71YVIHu9NzILfPA2+3rJ7pJDy49eibtQjVhY8kERJqDMUximGoQwyAjs1ljoqBLBkEC3Hraai1GoBASaraSfp9NdHu40tAORAqYmGWWvOQ5ZV5BoawhhMpKwp4BIJLPmQ+ZIkyzIL1Fqe001pRuWmwkm77EPJJJr+P6027VbQCNOo2d+aHDbW9WamYlSShV6RkzjkI5V5WbD1id5Wuso3wCU3et0EuR/5PT0A64hc3Xj1Ys6SV8F8q6GkXUGOYwIhMdWt9gaeA1Zbw3VErO68eiFn/fnY3ORSglXocI6pbeEbWLp9U1V6InM2G9hbn148a0rt2yv97FOnV5ab53509ua+bCO+OvpzmTDqS5iRcsXWaL2HvP/YZBdN1zGH+CP1dY0Uzg5CMaXZmAGaZEsWAHns6do4moGwj7lCKd1UzRV533S4HESr9Bsg7R33DlLjTKnWjo+AjnNWzQJvjPjcsTs1h52aDRCtYiPahWCkv7MXLqVqx9pnD+yT/ptcLkmZDrLl9JugCrl0Ra/IIAaeExWlWl4p5/LrwyVxYYu7N1QpzVpTsw1bN4EEhGJB6SH/+FvFMWxmsOqgTWfiXBLj33zEOU+An0ikFVQfqzSwMnh1LlNVKCZsaWyytgtz1I7IXS5r87YcglPe5Po8kvml3MPwyxhyVkkmVB0ANXMNiDZg4ts9KW9XV1Suy6RzbecaD1cC252sI/NRnSOKDMvxIbpQDLvn1Y0W0ZkNONYiD3p0o7b/iKA3v2/ESE7X1tDQTgMafGnlxklQqM70+FH6dauAljFBeRj6yk6LOa+5u0FtUeP+A3fHdi7ytu/AvVXjNbojjj9MQg8Rg0zLXn0yCJ+lQx2/+pNsO1H3F/HJ0Bh/xroOjk+HnSl9oQf9Ic0IUMjfTcL+Rm9mOPZPiCRP2YGvA+66AVP2DceG0QGDiDisd8+6rwa3fZtHQZ/RWuhHeoXCocyWjNSa6Ob++q3Zyeiaid+DDB0+/wiehK+uI2unG6DD4wd8St1D3b5WBOjnTs4+G5Z2XbHjo81wHRdWi1zQuRHBbJ6DMDUMTdBx6p/kHDR/Ioj2DLBBAWve0udYF9j2U31lVSi4TxqvOA/9L6V//tkx2qfvtnn/yr163PFDGRyLDMCWwWvK2+G1SXeKlZnxJ4LWbkmT4arzoN+Rm8vF433yY+X7tX173BHfEGUtcpkXiD8qIOXYa7oyNxKW3hDzofr0L6KnAf/M1G2fiPYgZmFsybb9cjAZm989i+7snft6UQDXeGbDMBbwvvvgE6bXiBFi/z5hP63oadAH0cdmkQLR7pLVedJXyqKDWC/1E+K1FkexgjJxAjOazCqcfW3Uqa+GuEZGFy3ahX9E1CH/gTWl9fHHFynN6TeW+8xoEuEQn8Ty+Pa74TdO/ytKBepKMJd1jyBTkX1cHNcJw/sK4ACaCbK2BMQ5N0jmO7kfqNPu5CKw28XG7mJPb7NR6UmPBC1l0qDmG7kQcBiF5bEAR2h+wUOVpXFRWASJhIAFVoxyhGsA+40qj0aINHXsgYVRqa3Hk/C+B1hZM7tSJ1OgioYJIxG3U0S7OYU/XzsT+42XpbWE5FED1clZrVesS03Aeq75IaRuH2PbCBPHGEIUOXTUb0cGHwszgJoCQh0Dc4BVhT0xJjOKPAUNTCx01d8zL+wGJnBK+22b9znjvFKZURRG9xJsuL1bYpY1pnZz+38vmfcn+hsGZR0FZTRxKG7/IHHscuBg9Z59sZ3J0WW9BNGonTpoP63X5kpX7Ak3ISmC75MsPmDDkinEo7/2R94uTGgpiCAt/W9vn2fLE6xUEWvCtYUJki1yqYi5DMOPNaa4IQd0RpZN8l5aiGfqxtfTI/+5kekRIR9OuPbM6ZlkVYpFMO7fnx05YHToteoAvv64HikXMQQdjYikuFsYL9OaWLuOqUDUgmF12KBPzDP3QEh5vdxL+VWPMeq88GLLZLGK5i2DZvvDfC93C5bx2a7VjLqdYT+53pRBDGj6u6TQIy/adrCeOMhLsV8Z3uZM1wbivkfVNkz2qGaILuw3D289EIbi9MAbX1ulmIhdo9T2DgbDE+0byfHJkP5GrY/3255gYLzyAmUIWLvRyeFuvgWLDCdtuWbL7zWGbSvJHujZfHzFRu0o2tHinj1z0lqpTwvVcgx2Uzk9PD2bhu2wg/tHuEEqDQHHS9V878ALGuOinJSfWINbk10kCQ1esA8p6GMYNsc7w3KE5CbSUpxx0dWI1zO+u3rRJNBgwMWgqUUCn9SSuJC8aLGR+PPREHSXEuc7oJu/g3N9sRzDzz5OBbxbmE6wUWYLqVsf/wfi9feuv3+cCx60dpcC0s3NJdGO8li37vn4mfq0Gk5jqHP/S/JZUMN1ERiGu97LjlME+Y3j3EyB6RYL0yPO9L5ELx3j/33VUMA/JcqodCi4ITDu2IhgMKtK2pENjGm36nvI7GgGynXHqdk4ev1GyZMH4kzGXvVXoFGvaJ/FfjmDsyRU+c3aWi0D7PolT3F4WbP/djOvIZtJmIPXbpQpIaDSDDN2FfVFWYKvq0oUtYxP6pN59sLqcbFcsUjeD7pTrmw8upC1ZDEDVkIxVrVKARmsZUBe2dJQd4qV7c8DVgg3sRTjVaogkkk8g3dl+z11pQPViLCjxDL1EaLOw+d1CEitgkgC5jfc99kWqoncsyUllbsB7c+Isz9T077xmv+7Y7z7QJHspsZODXfWNgbf8wwct3bw2ZHdkfbSsw/Zor8OBSxhn5fzs+UJZwBMp39fBEXbuBE/5aCdby6PW5GFrt62gWukPY9/U3UT9XBBFlnuKWtTut+5AgDZ75+UXxzgsQRQNK7A2nRvq7ELlIHk1gNPJDzABS7qapynr04x9ni2s6E3DMACdeKCDw39hQBWJPesiOZA7LAHXyMM2sPWTKK30Zux21214OORSee+TD/o6Xozgni5oOVblyregnuwETaRpNJht8Mg0OJhwNcXooSp5/sQeeMFrMUgustU4YLCdUGuS3fHe3rpm3FflRgHtYvYJL7iCgUHcwcjXZWoY7JkI4YWDALKsjIbnQY7BhMFQliIqUpsG88JWYN2fX/9QPhLv4zzqszI/hObgFykB4BiE7CyRBTaJ/XAxo2vZklfRwugpVZzKKgZet3dzdQfDPszibhrlC+JreqfcO+L9MOevZ4KhsglbAXW3Suhsq94HMRMVnYA6e0w8klqA9Zblbn+Fpr2p0U3HY3RM3mm0UvN9UkU2bN6YL6YRMPC0aijZ3aHhbqhRJ4O83iXEUNfdX33z+IrXyYdXC2PpgvmM/StXbFMJ+OjE4RPO1RGQDZN2jR/AAqtIIVAego/6o5hkHqvFyoz0Djrc+gbg6QUhLrXvmThUfRivwRujzRFrLaLu6N1KNpt443Y6t5PBw5mx7HdngXnGFcj8I4DdcHZRDI+41XcwLwpfMr4UwNYZfPhta3ge/T6ynC3Us7JpYqUKwUuwTB+5uNXqEJ73LnJ46d2DjYOAH7So+iKISuwfCUjDQoxOnJ/vDnLnUbmsTxIbWzYr1aMmqSPZHMX747Ga1V8Nr+wmF0D6IpbJhHBoCx6qGVSK4tnZEkRFNE6snsiB4BNKIXjEtCZ5i1EXPjkdOnMLOpUgOFua3JA3HUyhv0018Pmb1ryZ6Kdui8qIlPAmZI8DEKgv1TGRGD95mQ6G4C54M+RMZNcAyQosB2xjFsreJJ1ZdIBLQinAfQAFkq76IkanpqgkXIiXDRD9cnDGgxcjoSCcOpOn1VaJiE4wEfcMSfDOM8lh9rEuKU7gRV0EIclzMdADS4c/4O7ggtcprbdbQFwchPlvBL/lX4e1Wh+Gy3qMoIxTKz2Hs/n83lsDFbRhKsgw0qN0Glqi1vnswBENOzGYHXw87H5yVzCVyRKDfAcvKBcopyuoIUx4LP6q7/lG5XTQHZCf8Pc4RuXqjZulk7uPOmYbIdInuwumE5zoHuRPVdfinX4r5/bgiuxdjeuJlyETtxx1H0tVK9GwT5zRlboStDKGAXGDnv5G6fYdHZVam08b5vLobyxwnPCjap+/ZiW1MsjODwKOOZuNg819NsjpKALNqy0fTJ+YBLYiEqoiu76hsO3OfRXn6fqr+UyObduZZRS43PjabbSehkjxHF66cMIHG/+p3sZF3M7s8Ct0OU4buCBqHfttN4tNZyvCuv+ql6cMbVFw4YaNW9W0XCHWsMtdcadNVbAN2o0tIfZdeRcQHL8MIFKr9wRV7r0g4rURaVDYnt+BES+Qoqwbq3Ro1C+ab2wIR39jNOUFTvRb8ghG2hG2omYYtcIZ4VOefFo78ZybihWB7vebxr+38zv5LZokeQKrgx05U3bx5Cx4zX6Igvh0CvZyQMo3zRS+BdByrjgBKyAZ1d0jZwSlDqGkQL70nwOCPUC12BEIbkZsyfXCC8pMlEWEOKOZ8j7fTK0V3ZqRRm+yyb65rih8w0ByM2PPtJj0UNT/I+EyampWLt9Z+64PNv12H+J3aoP1n/Ux7159ghUJOmEJ/wx2s3CWgBe1Z57K1ahSyEN2ZXKyxffWtQywaJ6WVkENfrp1RLUZj+otKAzoBkTxNYtjXjhTQD6cAx8gZLq6DTIUKEtLRKa+YB9pJ5rTWkFGVVTUh04pg6tGkrxLdymwo3mZpIDLAjxoxjgDEIsBBQrT53QfSMT5EEls+UeX5LqBA1KezsKCgCLzcA4E1jFRtzbJd0JDrAR3p5Mb4OlbsywcfOKK8B6Hb8Qoj26zVwN4oUru321Tg2WjGmfKGOntwWLCbVVl5wFAMfxqeDRGoU0AfkpJTWQ3jNlLwX6fXtphNAJMpqmoFlQpYqcCgoLKEVpbdvP2gUA+tXGdx6YHPr3W7Fo5/kLH91f0/JqvP60kz7hmLm006Frda1lxFIzF/KPddW+tG6kUhcHFlQoA2VbKMqzMIP018GJssDNp1QFUPmqDTBHD/THCdtNxif/dJrYZev4tW2EQpYvnkTuhLs+S2HipwGtBMtR7hZnkLoliAz+bJEmaHSiRmqylydqPp/rap2y5a/FY+UNbbjdhmdOvPZsEgtPzOB8okWm8/BvXzCw6VKRFtYvweFr/EmMFGQ7wuh4Yc+ELCvLAvLFYoKnuXVlQ85oBtViG9DFRlmTy8sJ1lRkZ7SEa+KHTprLqOdNycR6t26VC2MuKkBHtcdKGK6bdy82g3HUO+WHnuCOlh+TTmarlhYjACIvD0mIxj2Wpn9LzC+3GuWmoLVz7e3aiIjeUh2NT/RNFjxJn43vZUI5K7LYQXAjYbZaZH95tlwMxQa6ztPgOuJHB/slJEOJUEKXWVVuEpOVq8rriszvN38/a+vtN71ev92ZqFs+kFIBiWBxUqg00EKsUU8K7enFq+6USD73TbxPRoi6JDE0vchXY3v5dNBxejSiPC2yrKRRy0imja2kwVuwwA3wkAB7NPZNJJ+9OWzj25PoIP0h9v/zqh9PU1Yx7bTJGlYTI5DinC+ceK/3h2I1QytTSrzYt4sGHdnWY0GTMTkv3yhGVeCisMQ/3RpzoOvOSbs9kW5Z8NOraO63ZxyWuyV2Rm5x3tsy03AXVStDfBOy0FmVOSGbXnTrFil25n5nf5Edp+wK53zNxWLfq5vKrpKdyMEcpqmvAjNrPHnXvddVKipSjNTkW7JMfWFzE+qbUWLkJee549q6caf++mRnD2qb0uiV4Er+iviSW6JcLcsYWHhRQzyNZzURpUYPJd8Kljiv8Z8AeBa0CYDacGjlhmvIqzlupw1YK4kqLIsA40wfIQ9cSjEoIAGmlgF1svijIy/J0gjUwv88Nf0fG1kkg86Nyw34CsN/ZlovmwgRZR9BiFauwNQHRND4MERV5HsKzClrFEvZO6q1IQITyI20rmAb6QCax7S9pZ2PA+caFiP/Jsqx8bsPXT/xWI6cUhWdmNCO8p6GkMFwxyjTZ0QuzZy7bjkfrQYe4I9RP0C1Pa5vBNidOefoIQ8I1Ju5MZwJmYMAcX00whGACaoyIDaVhGR0hKx96uWYyoY9jggsMNXrCgMMNSzAoEHbnbPkgbKz7EKGwyS2y5CfRE8VUhHWNXxZru8KtIb2Ia17a2sIsRBbjFkQVkE4YIdYXtiIQYRhiR/zXrQzDbggph9k+3Bi3OoYSCxzjZIzJB07ou+WGpNlPW7E4xFPu5hxV1IXqht3+2A2uZsg4Ux+42gXlD19mm1WWhdq4Te5208t9thNe/UnsaVKD7yAfR2/3DIkP8AT+C4CwOnk7Yv7ejCwrb12wbIs9GoiTN92R6tWuSMAHlSZ7qjNMNMk1PqghkbYZUMQI+QBfIGfU4BiEt1m6sGAYeu58FNaFUQpp3yNqSFkBTZpurLHpi1xSLK9TRjgaXbZcTDE5FMM9oacJkp7ct3ONbD9Nd2JbFK1mYgF3HduTla6RsdkvosW9G4fKbCqqI+f6GsgxTmU5jmpKgEin9cRwHSraJdE36319KcAbf/t6hGhbb3TR/1veiOSUJ9UPtpI72Uc39dmb9TZgCSEKSDk76uWSt0qVF/Xf6n90nZCTsu33nCKQhEgcrx+grdNN53PyhAOeBvVkbVKjulyrdz9Ue2UdlZmNUR+lymBOYzxe/W6F7H3FThYDuUWrHzOpatPpyxSUno1FF/kC25FGdmHQtsUyHG3WDN7tNF/WdCDgGe/MIKtgWYrRhFHTSdse77Wyk3xkGqVai9BrDVEHZPhpJAd9jTAvvK7csBeY5sUFiOSIGX8BULOP+sbVQOueYy8qfcX5+ClRnbhp6QfKsn6Eg9iI6CXFVZj2rrsAl7B4nRI04RyaKjdaKCyL1QbbijvULUCommHa8PEMxrXgK18st5fmmAIBZgR9kyvpTXagUk6t29n5o6dnPJK0rYrIJHI3ZfZkakpMJU4ttfycbM88p3TiZE2960LtNuJAUWx7ZnFFdltH0vD6TLj4PI5uSgQJqQ4WUDqBt1ULZDWOlYQRz07EA68h1/3IP+x+e1bFdYpvylZuClEDESVTakgEWkDcnDdiqgcrKkTQCzBvt/Aef//ji5GemouQxrRmZwxmUJqhMcLS3lqMC5sIXZoSjHCUIdXGKrDJZM/LsYEMlinyJ8XP+VVPe38SNdoumta88Sf9G/nHx0LgGnjNr6/Q89rMmwXyVcoYfWcek5V4GVyrYoHBHjOXBSJnQy6P6lhbzBT7R7NiqyxmFVBTxffRoUI/vOq1e5RbQlAOy1nIPqubwZsbnzzp1f0NedRef6W0r3nWpaNhMTfMR60p13drjDbYVsE3+1d6zy3U2+QaiJgl0S7pjUiKV6wXlEI9JOeLnYYPUBtv2EKJZ6Nv7Ss3ek/rNhVceglYtDogYb2/804onJFZ0AC3wSsitctB8TSTsmDJWeeSSavF6nJ4N4iWUzEse2tRiwnFRVG44kCm+PLALjTS0jkRb7xei3C72uEoLRLazYY4VJbgsINx37xVTDD0MU/g6rxWGTLStiRijgdWvs3k5oywsNtE/JOW4JtDvzAwh149UrOOEFnIhvbo03Q7lr+lOPoKfI6T9ohwyXCABN8vvHKtVVYpti9UUSsbN1vbRndSYJDIh6cNXir6mFfb6hKCCwuKBvswLRyQK8FNOMzRT5YAZH0GIMtdrbIlAb2JnU4Fq87UUujZV4a5ZQjAlyzpzcYWOaTnEudqG+1Qp6W0cbL14i1eArPE4XXYyw24GP5gUK8gr63n4/B4e7EH6Q8rrJt47G79BHwG5xqqMZW21aaOK5GOT92jH2vcTqmGQO14OU0/o1/2nkhPsgNlIergw10NiQ7E/rLrTAyNj8ClVVgPZPM9FzwxpbhtP4nPnHp+LefRWpJWTPYt+fuOD1swL+4zENhnBki/ABiGLUoXqM4gQHD/NTW3O/PX4CBBMNqgWwvoI8Z4+3mg+6zIAw+JurEsBasAeKjiMUa0hhacv/dF9NJho2C1cLak6FWKEmmCSEsTPzyJ26PHsnBKPglemnPOwNE+jnggX7ftqKnfLT+WN2NdMXSIhoiGw6lIXcO4uRErCXQIg6IEoHhMuTLx/0XEzi7a5VWH6KXyS4c2geSUzSXxEiW+2JrD/dC1ClALo1rnkivvgpH7/zttW024GC3sfTF6w6TIzlo8GEZOTVRplrv4juxnfG+BKLzvzQWCspyVAVRo801YKpHj2WU3zmmVcSpfeagDFfnCNw6WtBU2ZiDln5RVW5nkVRSmu8oosif/oagLDsFcd20S7DgNDrAhRzhm/+nHVV3kTYFq1T93RLafkh5FExg+uHj7i3IxloEFmf4iW4j6DGpBols83q147QljyXoBej/A+Yf/L4D8kY+HuXz8P6rNCA9Ixu8CyfHf8iAGmXnAXL2pLB5yG+DKeViA4NCka+U0bAmL2lLwlCH+5BEZ8t8xaOvFl9tbaksxIfWfdEOeclNdLEvtOZPkdTixwFLJ9O/0L6Y2TB4XcprMCBv4zowNr4PC5GRMq72W6EPeIAYNaeAvwdoTICaDcaT40H0lMB1C0itkwRVWFsULtA1aV7ZDK/JCadU5bkay++94OOD3TbBnF0iHPgPfTSEXU6tAa9T/zpFzmd/+WxvLorQrajjH+lbdd4rls3/5ILKgKUi5xv+Q8sJrsylLf+q95sIXZvSYaev2cRWXP1bZlOrUacXM20zKzMgbNQHdsfYbkGuHO0E6zgYqzZgRsyHPOCz36MUx0vSCZxxEZiCgW1D0aGIFGXWBxduLYHlZy/+GuiNbgDxjffZWsuyI0Juu8YmaLzzeRPvjGibD5xylj7uqJhqfxj5+aXt9XkWkaNiidMaH7Umx19RWk+YRBu+qfRBOKlD3LDf/sHvTgFypDmOFMWipMxtj4eAI+SsBY29o548OY1vyx7dHnkNdgEJXLWurboBfaGdgM/D0E8CTdgHFlRshyRiAeiJ6s5Gk+9fuOk4BQ71Dsm/RUqqp3RzQHAFR781fHHJAProluJ01L9GQjThFqjMRj0Gl8I5sriTNEEq5RoOdCNz52JUzbKepdc90c6CkDEKlZGdbv3QB6UxZwOB/pztGuCdy67SPGvO7+V2g2CW4GIgOEc6A8bgY4gOP0E69U/6dfTOL23BM/EHCwq09PPrkr28afKOjk9AkVmUWwUIBY5aQVlTTZCkf3j/9Mz1EFr4UAJY9w9QPlkiFlw3NTNPjfJ65M7babeTsOlQ0EghARXkqYAM5eN7MLdaaTQFp+h/1O8ikbwQpLaRy9T57/MucJPdsnSj2s/ZOMwX7j0sorNI7cPXZQtJp/669vJjdAq/ucdDjUaWK2ik9ejevU2hX0eLLgCPwczWmixb7chdrSRgb/HD4+cr2Ejuyxa18VuaYA1564Pzh1x0XVX+817aMSNt+bXs5fQp8o7X1R4Pv/ysqBawYk7FMoNlo2tWftYbPwCkeGllowlRkDmf33pi2xFqSeH2qId5LV5Yd7OqS1ruaEk8E/c4VQ+m3ZaloUn/r166+u38DTnu+34QEQDalqrD5Ri+AbuzVe7mEjtj5XLaFWgn1bSabGP3j/6bBfb8+cNbSc50PHRUKyzbqJWx71znB2oOyyQA4/Ab67mDrRYCg8oGuxJ4KwuyTnSC5JKu1KqthdFKOSIUSwTITEVmYDaP61RRhF6tujLowUp2CAoVuM4923Vt1s43jFQt2XL/Pn/JmlJFLMsxBTotd8oJNIO5VrXMPz69/SEDjWQW9KJm5XT9E5RamQIkupgfkbs3D9dCsbfXRPExf617BXtz8IEwgR99c/3xmy9vzGF3MSa3qUbSkHkBSAZATrbNkOUjqoEgJj8OoaPPPL1VmN1A8R9zA29dX0QXek6pa+nvhpPJSgE+b0Fv6Tb5t8gQ6RpQRyzoiAhrP2kDtvutvZksVg1VESoYBNzdVsoUbAMrZZcSj//5aCOuT5dsWA5Gna2bBvvE2B0GEafbru2/Pel8Yt3uw0KsdkVFTwqwlCHjP1T0Y5SFXMnzPVrwMllg+cG8k4v+Wf8rSlGA7LPhLWoNkZxThcFRa5MoKmVchS/IyNNO7xdedCSsGoIC2pLeUEpk46de5tXDc5cnWQNud8gWSC+OHJDPf2np3KLZK0pUP/IjiAAepl9HR7BToBZ1GtBU0PnAsD55/TU9fOt6nWHVjJYfSv1Bl3rxYPSd/J0eaFmheb8686qOXwi0rIf6Wlb36tIV7Wp81Qa/D42KCPkrrdNxMzuE3cscEWbHu9W1U/zMUXWGRUZgVNSCPke3Z1j2jsYttkYwfuzFtAkLfbEE/5xuYmeCF7Y8GtKHpzvVgyz0jV7n1Rjv634HmFT+ZmU+i+wOgYnohD6untiKE8RgwfPM3Rysr7MEAoWmPUlouQpKxoWam/0HWPPwUrO6k4ski2u2MgQ53BP/3nq4qtdO04x/2NKQc58fWelcigEuF0LgmXPzwcm8Hq9W+k4HluLF8wP0v0Bzsm4iS2fVwotK51J118StnXUbmHl5GrRFjcEP4G4Ps+4vZx6vzml1mbZk71gPGDcaSvhjNGm9FJBQrUnFKnpYMfMLdlvjJbmBXfb68eZc7O2Wpvz+7nPTV0pfX80FTshOT83H5/95TV8jZM7czg7VNVRiCBmMYT6+MezCVuAJWNA4L//ZrUVXAetTvjSjRmMFZQPFKZ39iCTj3K8GrMYfhwEceKmILNuxf/C3VlAhWSRPlHwjhIpXli1UOtxaW1906P89a1NxDqUYQ8Lsk12c4f3MlCv+waN9Zbb81RRlm7im3ACdZu/TNXj0kPojXYA75G5p+6BeuLmPwSLr88OTugvssrMcvZCHxB1/pKz2R+zxaaybGzk//tdomHXt+rdwmvv+P3+Vnb1aSdrYL+z5oWuP2cCrtlpNb5pk/OSp2IwHfFyHVlGxrR22aoAHWxF6lohgnXfrCasPu05K8298IKL4OfWIuwWy1KonQk88ICuoWVfaZnJA6P7y/gEbDJEYn/pd2VP08u8k25kNFpjlU0zgioUOC71dZbKPBpfrTyQX7ZGjebE+/bGvP4XM+WsjYrHI18k2zviWkPZtVcxU0y/nlUbPpH18gl3tVMWJxvBq0CmnFPca2oAqDTXk4pyP35LebIRcLSOSFVrx/m5SMXiU83mMw7Xy/VK7CmxH+rpz5oZxoqg+zmOwInwspBirGPdTbWjQhhaJccHlj603yWDFRVHFHAzEnCvnkofTFhfkG+W4Aq6zZ/MF3o4srH9xsw1t5AshS/mluN/Qh7rUxEklWfZqJ8Q7+bCtTUCqSjjoRX1VQIEnpkK2n90ojsrAblC5C1ndX/ozFFl5cuf03NiTBcu698dVpprhihgwesqXnsFGYWT89Toa1tyWD+6/WNFKdopwUaJVjAuNYnulA8YO+zsbzKS6Z/TYxcKGPtQ2tHW9ZY289RL5UVD2WyJGTgiVSqvMVLnabLn/ulJU7A+Lx5D06C8rxoafMpmQp9nIEGioV6wmujM4pqaJazHleMM85zLXEoQK8ZhiAEFScJ2J4Yt+9KtxOCNytILL5SekSw+3YyxhQNZmBAhS6xV/iBLiFFTrtPonF0aQ2B3xW5dRH7bxv5eMnPxnrL1uZYUCFrLY57kGNFSMKg0FskZNYmntbOJJifQNv81ehs1NsfcltJ+87MXznFO49MAHkUxTbEBngKgGWtTHxjoGXELGKTLPlQEbD7sS/SbuJm4bUfrZE02bC2unrTC2LMQJ4IhyPnRAvOhVosQQI2qhXG7o6PH7S8kpcyulmMzwtShfrZUwjhDWykH3uZfAtf+dBnIfPXvNjcgrTmv0z+svo/aCfgqv/mflVzLytHi0xcjZttqGhVGR81Atvqlv9UDTSrn9geOKzaEgy1akEoj2tH0cdnTt37yOcr4bQ1o03pF2R9JJLtnZC11h2nimjUXNHFm/RK+iSNkV40sKO9ymLLmz+F7qYB//YM+ASqmvKcS/fV4NqOJfBxO76T+6qSlXdjZMhr76PV/+QNC6jpIAEwqfVUD+uXULDvOGNdkdxLi3upkbVCVWVmp6bSTsJYe0MFssy+RWZEMDAFrxoYHHNXiKL1KHqMA7qo12XOzRXsP8jL3lVdZeQDgFWjwx1elLh4CoxRYiwgduhJ6KCaHCPwChQt3H79W3H3vttEuTn6iRB04Yowk1kMQ/whiufeWca8AuAcFk+APSJSh3ZklOVhc8G1y0dE9YotGEEdiieCaaCuUOLdiu3ViQcnkAe1cLyLGe0Q17Azq9shCiunZMhl/UC6JQYzRZ9PHCkZX5BtC6AFN/bKledOajOgSDBAfMer5s1/xaXE7NWPdt1RtPbm/0N4AC+cKKS/N8VV5VdIyiSYYB0MDOgPbQkRTD+q4fLorRHYHd3uSGzIzat0tcWH1cijVXU37RtTgfxdW5XVMprm02tlNdU03FBgJcPHVvynnn8OjB3ykIzO2XFIr0WBv/itvObahnSRcGHygbyhbIJR7sZpWR6f/2pUk8utNheU19MQdtRKyShBW2d6ffv3iuY2R2DjstVnIIy1PGgB2/AbGgeuVXmbf4uLmCVIEUUebtqfmjYv1ZnHOLuAurNUmH0ulwOVg8TZr+HkWwS1u92gF3XDE86kPszOmmNIKvvW6/9hKbu/au9a2YsUxeTkYYBsXV5Rp6ruqaeQ3e2TgYXkQC55hJVa1lKJGnTAltQBwSapXw9cGWoqUK6KFasr/XCJRDX+GV0web27g7XUjFG/EkxhjTLsVlUTxvgnxKG7BxsFaK0ZJ2VB4+6BTIN6rzvXmjsa5KVt3sGRdQHUN1mhdiNHa4osTzXQLM23TCa9ugvbHDUobBmJ53cCMdjK3QVCt4i7JVT1AFUBR+7X9fZzs/qpg41uGSS6uSyIpo11cyIcaaR6cZTTBFrd/veh1n7PfsUQKWp776Sh4b84QmRfZws794a/OqTGlUUF9Zaa1kb/xxMhRsWD1n01oDeXEx4eH+yGLGQnmU12s67mUObZ7dXNjaO2G4qMfozg7TELeeVpGH44vr2gYIKMe5LpwoRa0RCtslDkPQ3d+UqyzMQP7iU8uaVqcWy4Mz5uCUmXgMCAmMGZCaAhQKZuGRKVnWNaYwstZPg6+9dIxuLhf4hs0L9VUMxH0ucwHqHtb6SEPyb5mbej8T6OhbhTAg+tz8IbhWMpPqkbckOZx56ue/b08glmWyFYJolGUvP5gFmJFP4Mo5tni09XiWFGe/bh55ZVCXQbc4SvddgbCBWhdxpWF/qfNm8AeZmHXuCTTx7rpNOi/pSQv05IV0n02kIse113p7w9dNtC56ajV+/jkI8kjRC5KTRQ9+Yok1k7iOnifDlXmIdWsd55Nt7Mx3L+H2i+7O7IjHvRE7TNjVsJbQkToyJ/IYICLIQpEQN2oKBHkPe1dJ7K6psnPHroNrxxttU8vM+wo/Kjvlq1cumwwYCuevW7BaR9wI0SDnbsA9B2xMnuywP38HwkR5QSjU2uNC3xfmx1bQSe43zbWpGCFFlWJ9Wl0mUsYN2Qm2yfG2qwrhtPeZL5GgC+kY7hpB2w1cNh2Z4nKe6EE7qDdsBKLkABtmeHy7N/rhxyr1byNcDlylzfpVWoOzVG2welVFr0BEF1/6ZCPmOieAIOnev1wZvAEJfKiDTQlG5ETQe8J/xE7Z/Q8Wwm5j6Mp9kMFaDMulhOsibYq6Q14FuscUrcWUrEp6HnJs9A1UDE2BY1i8lqAMKctMHPY6MPezU36SZmp/Md+hMTZIGhjEMl41hW6/9859o4gte/kIyST8UdLcur9YrJcwYUpRTATkWMO69vWv3bP7eABKtXqCLxSgrqjUf8ttDFhkmAc55zngdPU1Ns0lBfObbxvN2iDXJTBgBSacZ2GDqlURYMQMnlbwnCI+k6pyRczJ1RsLL0DDfhCJsRTJwCIWiOVEykg8JtF6wLOsyKSQRXS0ORgSLX34rrwXskqXAg+DypZcp2roVnwGKrjbYchxfHUCk0+GxxsdxBquLXeXTw+5MEfkLX0jeMLr1HfPKy0gyy+5KsyxarygByDim094qFL2ekVU6xgTe64MWhBCFOg7IsZNMuuqWVUHMt+Hcx5cN3lb2ei4t795OABfTtHW+K68mc748oj09RSbfGHV1d2XrN7pF5fjiPDolJawXealsE4aKhOlg4/K2f/syLbOAL+dCD3xK2L7m/juw+5F5zdl2wu4eKLK06LeX6YoXiKDKsB7gftBZexTejoCdt+1Wn3CcqfxwS3GOH7stTfAxaLs5h42K92tzKbzyPk7652FwWnlajqAH2HaWCiryKDdodmr9kqyVF0B0G5kJlxMSldc8tb70BPlCUGqhezvTD3pSywUcjkA/JSFvUfUzQLJlGtYiMkLSfMT3mr2ArLtlIq5g8GneoiZtzv3wkUAArSmL5V1rj0ty1zYorv0P1Q9SzCTvU45PYgw380+euDRr7fwa/pMWgIdQXz3TqfTtlgw0guj4NG5Uklcc2r/W1aoAHpaGDYY8KmVNwtyUqeMMKiJ1wIJykWSHKNjleacvahOPwVTu3Wg6rPh9hqTzi0LOaoVGIzX4j/2FHCzyeIvms4Qv/YWo16pTQnXAP5j1WRx/cuQfXU6gsvXRfvvvhpvTP56berAAiTgVU/pwUPZ27lSHpAQTZOvAJbftlN+r2Rn3q+GRGsy/E2Cs/RYOErfzcdbxlcxu5i327BTETKNKCiF7GsN357iTir3VjEkSQam2fd2Sp85V6Z3sGnhnOHBxy3mzzhLsi3asvVLX58P5d1y0J2GnaTD0BfU9+SkFKCv8i6wJPGniB9b1mlwHTRY8GFLXK99mZ7OvYOt80y/08n6btB2fPfrRXNvpzfm/tnQUvs0sEBaBhZiQF2QyqOm+IRTiAD+Cu3NxsRHT959vkUn3c0FWP/i2X3MIco0nQAY45HShBWyL6y9gT3Y98pqG872626I7u5ZOTP9Q4wLUyP1ltdNv6M05TkY1u4ZFMa4HRQ59pjJIgVy2dRgufJzbSTKvMtBjpKpLhSW6gWVWDYoG2hxwYURo97WUcaUkCbL39HaessAyIVEHEsZE8FbL6qno4zfwIhlI5zBgJheJlhCX3lzC+Avah7pRJeQ/YVu0X+IMb70pMWkmAJj3dnaO197jw+M43hjkykoApog3ZbuBbkFJLawtpDfpMhD20CYqIw00S1kWyBBm/1eYQATQEIzlZPy9/eanv+qCuQ1zsH88FqmQZwlFEbAmFLKA36/1ELO2N3hXVKj4/YaEchNNtd3GPDqj6/nvhfQOWW3w3BfJNasuhTQd+0NoGZUy2TK/IEoIXtI69mAyI6Q2FcEQ6ZMwbGqSmlJBWSqHtimYth32fXb2HsI80rC6Zih3b5APidjVIzErw/ZcraQ7cwcoPVP1mCWoWoFWQ1CW13mn4mz6iHdZ+VEgDUWTpDJiJmBDlY9KED3x41nitnEwizO8rnAPdKtmDkhigzwTb07pXjr9i/di7fZzS0NTFbFLqyO2oeb6Lmh9yoNuPZy0XuMWvvCg+0bwIVHIsvoQsUKaKVx54rkLWPcB/DEFwwy9YnxMmKRqjQBZWnJF2AoqSzHAmjuWGmTsHFg/iczfWvkz37Hv59rsr7uYEWpAlQ/yHbgJfPuGGWeedHt7YNA5XdfiMJW2QzaqDHC/+/og/QjgA8HadYEv++vvpjJTlXPI5tnJ+v/ONuTdBQqgeNwJnF4o4cIHI956Av5qoQ+BO2oLaP41NE/bpMt1uLrwYz6m0iUOW53MzNprBzH8c9ufOUzszVZTCzdnchjJmnFp6BAKQkOekrN1ym4Uv6X1wfYpcHmaNQA1++JgFbqOi04je+ULmVsbW6NpoVsAG2bWLsICRCKndqPUNzUSZIWadaiA14yP+q6G9fQdfLsKaM9u7miWsyhJxHuSWXNKHk4g77SXmDuONv2AlYJJHtqn8YGw0/kGyZRCw5A05G1AE69l3pIagOBG8dNqNUrcgVVjsYb+wPwjT8pYY/ZsGIqY8/5pk5n/KLQk0WpNgMYVGSKVeqU2n/6RR07E7WGcvDgnrdPo8/9QTMzG69TmD48omvIuMmQ3fKnfqGRmx/5bSxZI+s9xP2tJ+b8W+zoKIHVmpeOMfeEmLsf/ROElQyy9GP6HfUR9vKu67ILa8f3O6jsWUw5qNcTojax25gywLBau5FDUiBaBUiS30X5seUhC+uq8ZqJOrqG+iQBlhGEDvy3XSTp4Z3EBTOrKY6AMHYWauCplufK8iF96EKKGIyrNyKR0hP2Akh0mfrPPeZKfx5WWVeXURYoi1z6PwHs1AclYFoOLr7qzuF/AJcyS8BSrN1aPnk57bYIG/2ILVzFLNQhXmeRyXHXstrWhRk3Tjrf9kXmRuB3HeA4P/LER/5hLkg73U5/pl/r+TEAIEdUwufgBmfpl8ja8rc7Q2uNSJu2wjrRpi83n3CiXouGZ6i9yrthJzgX+tZ3K/tK9INfwRVJbjuRQJYyCYgH2Yw0m1hsoAshASTOBxcjGH31B+2Z8jZ+hAHvCrC/+R+WUjsq6p3ffiA8QuKuUstWc3Fu7uLMyNCbm/890m8pc+i7u5cufXKd9YLcmqdXv7KGXyvZ/dQ3jrT/Zjr4Jzw69SoFqPw2wrVffRBXBF3Cgr3Sa0wIsEek9Q3GoEY4YsNBT3Kh4afERGeQ+OMXluk9oATrXvUY8IXVhIuY0teUq1rNKbCOztWuCiE8s2mkbpVGrkm+8in/3jP/aFlbOLegsSzubGobjfQwkXqg5Te5j0mXF6eD31gEv/ff/QHnoa9JrZsmV6wVH9DOY0ZuK5jST5e6NC/VgMuz0g2g+CAhy7GODuRfJl17olFbY4ADoUcDAI78QNiadb1+Ybn/dvhZ6TXI36M/BP+h73zjOUsRW+rBZz1M5SA4+t8GpfLXachaVDANamqE3Cq04Ti+pbDL2vLPibaCe8OY9z0AKlJ9lkYjs1wLy/+luOEYnGw+fB0Rs4Oi096XP7munwmq7juDtc7fAuPVB5HbPrVzsnN/LXDAfav3umNGgXKoWZqhb03WBsLtG99dOdwkglMtti2h9oEpi8qbFtxuOP951DmHXQxnYp066gKEjwAa7gIu5NzCHiiZrd4YuucELC2jwq5f3r4wBD57CzBD/jZugcXc3q37XUffpR9FK7kXvnff70LB3eMs6rIfCOnBD43LU8oXxUX0LKDXR7NyXmJ5RhH4jGqLG5gokzZh6o6U9Pv8cM9oFV47MIlvYnXkJ5TyAnSfNwhNsEKAwItYhEHUdhzECR+xgIkmDFQEnoo5jQGSpTg/QQY47++TnNigtmqHKhDUJzmjbBFDejIEb5nB8uIk6Bw1THM0mLHmxyv+e5okeKPcgq7JanoWXg8/KNaxL8ZutBkPGwkilCio0fugFGIyak96Li0W60jVQeHoJ3ckD61eVLHmYg8qLiYvT0mWRzWuiO6Tu/Lzpz9rfPA183vbuTB7pvH6Bqa13jr/s9jIfJYJYbpkTuGK7IROd+USN9A2/WFpX3wsqJWffTJc8F8dSzG+ZWrjVhzE7JuIpUIfTvcZl9rKtQ6UpOsD9XIRUnFavsZ+spNp5ytCTQAa3nBSb2gS+cIW0MDjrbflvdsgbXhppa+aDzvB0XS0WAHI5RUg0PYuN7A+RKduLm29hVFdgas/OTe/2kZUogNW4oHYf1AzYSo01kM0m5jcvQPJUSdvubr0qZFwfjGKjyn7ZbtHg9aIMUIcB1OFsm8ql20M9PGsDbpAwq3JvvN9UwP0rOWmjOzObkhV8LDp+WM7BrmjJmLpsaWPXn0aktGSpZx+QNaPQTvocIJDrf3K3R95A8GWC6zCSfWGRtvsTH9V2nrsRpu3DvY0Jk8mxM2Xsr56M0QAQn7Zddp5/gLMs52gey93Hc0WUzdEr3z+IHdDQ+S83s4nn8BDp/7TfGV7NWLyNLgXu9AxdxHVI0zM4ZoBIBa5RYOTaEw/lz3NfyXu7f0KKXE2EUjov7+1ENQqD64cWffaZeDAc30P9loq5Q76DULaROD0BERlfvetUg9euIXIa4fYYIe7MlCI310ODsCLpfsx+8ueiPDvRI+7WHl/Tt9DvLZQtQX/A/pyuo3xS1oaMzWxzb0ivViiRIyV/xtqphUBy0i93WM05O3U5XduN87CGZ8L4RKwRs3uSeT9gZdS/tnCN/kcxHU54P31HRPtqZO/osoIq1Qt/ZSos4adOfxZB5hgFPg8tkEoqA2fRmHkaagicYTrZyAxsQ7ht3I8KfV+RD1UjsGUjH/wcJ+cwpd3OUXyXC0HYKpWZYwFmT2i6f3CrideqREqBuS+W6UEru39QWUY3ZUBb8pZXu4ZvMsB38C78z6c7m+nO/M6o6HH/UzIBOc3LnTPFlGi3C192MnOuIafGnTeybfg6aGvTmrQ5lh6K3Y1+93arMZqYKdwpcIwbfH6zj7gDE1/RH5kJ9ARiM2/KQnVTsG8l23AjHMSBUbpSPpwBbNbdTxL7gjfpQ4Jpmqc3U/eY2t7om5rtZX2EAPYyRYz2uLJRzkpfhaWe+iXdZSznv7Gika0SXdSOgSWGpuXbdQChcEQybAlssh+53obzoWbMUa3EL+yd8Dsjb768i4Mzv0MkTtfxf5sXvoSxIL8UNHpPqzJXf6oFcg9f/F6BiY+xvfB2VzmgJfdeMtKhiw0bfUYGdBSLCTUYsjDyoHEz+XsmCshYoOWw8XL9lPxPYEhTVCW2mFAWnlQ6+sk9Wuod1Begtw/OO+kzAsQB8m/z4zCa02m6ciwyR7k8s9B+6FPvVPowC2VbtS6+Jb0dWm6F+wikjmIdsXvu3eBS7aTyCGH9y/xCQ683ITZZJpNS3UKGS6ee6Q2gyrGfydmR2VtNd9ozxV16pmgGxXjOqD20IWtL33YdLiO/8+sJv8kWqmMxGt2CJ7JOTjHM33RGzkxgfuxo/VjaIckLkBaXW41KSoeUhyFD5V/n4NmF4f5PFJbkmEtuYOrbjm7nwddnsMbW3DdP2gh+g4HQWv+HpgnHftj+ao4GwBzCkgG1Ft85Qamsi6ECpR0ahxKZusXlqZG5Nw5kG2yeXLBofm3Tjhba122sViC6ObbsOt4FM48p5aUi++9Hmvlv6UvW1i6KCUdnsgYtOffT81cAdGDdC4iba7nipcj6uNsIwRjlndCROxRmMQ4Tnz36ubP7/8u7HV8TmPjCkh5kyJ7/NwOvgoed2F2xoU+sklWEJE+HewIm3gbFJibgZzVYhsWkr+wrgy+LaoR7FdbHUaOLK8TAvhd33PPK1H+ilzIH7cZ6NCiq0KzzXb2zAPzCJGjXn/6J6tYzRq/9EJw7lkSIcc0h7xlNU+nFQ1vvJm+F8u+bF/Evjt4+uZX2fdI6hiFUIxTZhKXNchAFQpgHs/+FyhGX3KKeo6cxfc6/3hH4nyn1dlYX/IJVuVWVtJ7gBwlfWaDPBLnKzVunpMVN0UCTjF22sP/TnXkyufyK2PmQf8lI4spowOOLTL7n9OKIBfZRCZPaNWNghdLtl3ErJ/Cx4z3GLlyCbC2UNKu9OFG9tEQwNo/Aa2vf1dev4If6JU64WZuTo45q5lEbW4Pt2/vlIAlH5ZCWGO8mCg45R5MmzVv2h9Y8nXlUWlj4utqzFTVKTFHmzWElJgOXQX4z+2+dO4TkNw8U0QEjhYWJDAPP92yb+zsHD00ZcKzYavNShjlS3oXDr6NclqzFIWoVZ1QgRMkFTQ28sVESVnAho+SyQ7TtI+fYfFvK4aoyyj+un7hfNj5LOD7mD6C1I9b56B/ISQmeTmmYYTr/+jm3ZM2S4CptPnd65BL8a/nAn/Nt7QpSzn+o177Rf/nG1yi+fAxBUEx0n7ODH8ouVcaY1PXhKKRxryY02Lxg5ov+q0X4Gb9D22g2uFnH9jtz/75msL6NqbtbYsft0fGC9K37Ck9D2VV1KZJRKQjcnICTFUJDUZCPjt6BaGuw/pff/zRCF9CqAaDEJvKhaUR3opCQ4wXW/f+3pMRmla/+vid3fmb9dfc2v/aaVwnvRjeDGx8mWf6B4V1ZI3c1w/bgEl9pVavVhnyhuZF7UsvDlfGrVPak1PEfXf2vPnpPxN7gYWU1rnmDQ6wxlbWwYJKIEfuWXVq/e/5HyDwmJW9wP+tH4hntuG233wHRs1j7TaQC34vTZkZmVefC82SizCGqYEiQijDMvHgYAE5+R3+piYL5+6Yo49Nfu/+ToWF+2yhEZ37OmXIfePBMPy3SF1rH9jyRPiepHk1meL3Ec2i4Feavifkne9dYjJ6t24vfu2gopt22eVj+/dB+eoQWQgdArJi063ve6KrYk/06naIFo7cOXROADmzXzohWLyiThpxp7I5nSfKM5M0ZPFtedg8AfNm/dR/MFzO/Y54kvLtYUf2n5WVZ/SpONb4UPAAD89H/nmyDUXi0MqjlvNiXNkELf5Pn7qvS88hu6BRSMB9YhKrI0XdAaPlnS8F0+gVHIEB843gF3cO+fWVSqFam8F7J1xVJjxAhpKJbrCLp6aUM7j+yV/7Utkk1lvBO8igVAm5G1dLuzXWMgjYaGyz7/R+/S2AGj26D/Dzq/cTm75/ZWOphFIMXlw6pR+zHJ4+Pi6PpqDsl8uSzONftnnBRCjGT2Y1Q1kclMoggsbA7t7iREkBT9QJh5ru16t2mPTxuU8WVxdRVtb7r/U5L7ZxPU8JyVdybdjspqaBEHHYYiN03KIllk5l/q4fob2LKS2CffxYhFZjHSPxRJXkd9g3itNrJ8HjjGY5LtOP7N7tyFLRRXL6P+v5IF//xb4yqGM4TI66a2SdZWu/9NL0fJSCTiK8ciUzLSKsL3gb+6gPiH1AvX7jvTBzzLW5gWS46g9ADjA3OQ7+WBO+Z+oICNqbEkTGvP/rFch93we+h++d5sf+PNYaCGgTf3pbENX4RBi64RW3ILZqocwrrpFBUVtXhuyS4+2HtAh5seZ1vohDQqfbZ0XS1kSOLptnoBCQElGWFwwmQnpCx/UYkrHgR0AfrpYhFoklSkUfQYdxDzR8UmES3a7efM2lBKuH//3+SYo5GogQugatafm5Q1zE3RxufBhDhBAqyxdDpvUeeJcsu8ZPAhbBzxAH/cipEp/+i2J/Kpd5p6BuRJvPofhKkz15mXvezOXV00YTLy8z/NCFYwR6NKJ7LhfB7G5zuP9CLWigQDzYVvuA3KchfxYAaPPfyB3eQGLxw5qbglKG2wwC1L4tt2/5EJ1lxKNThZL1kWUw+3TtvYeIFP6l0L1BtphWpyS9vCBkEPAVr8I/lGvL8K8xlDqmD28DVBTLlsX1LSkPqHxrBkaxLkFi0deAZrbmOXuekCrQy+/Dkzp6aY+zzTWsHYGNhPPrDaYtX8vbzgl7vK+7/MoBDzpdH6yM4FLMHfKovV/D+Ai8C2clkpyFIBz14/dvyLP7qJ6gxcCpD+JHFlSFRJuTZU1BWioXttfgrOqfvzXKjgf8WgDvfrxaYDM4F8u1hX++BSrnGxHkUpM64q3LiOl8hRQTwIh1LKKSZ7LegEQTnVBevJZyEjD1HBArfDmJ66EsNld4QQDVdZOBr4brhw+WzMfdhupyQJVgUqNOVskmsCm1hcGMT5+5Ozgh1VMqbgxcDCOpxM40mswGps4ShyUr56Ttqyc9ULK8C/barhgqwg4UqAwcDu3vLdNrnOLnD0jY2e/bN1CZqRHex6VRK6Nh9IipOOAevpXKRSY8rMYBm7KTHTbBKN6lyhAB7eqfaLa4Balimb/zjAiOi1EhB21/WijZ8z87ysXvSlKcycrelsmUxXOkAjvaOofLCFMHesCAFzL7d/lIzC/W0YaykcpjMEtejBrQ7w3sZfT6bfHvsNfQrzkt8zBC63gVtQpRltCYPWj2d4CZprqJpE4Nt8l0+Q9Gls/dYepgsyvt1bfYT9GBMPiV57IzwJFnG+tUj00NlCEYqThF7nLw4SMwoKhptgV0WaPkwiKmkq4dTn21efBwaiYd5Ob/Y8NENiGrXF4iZbq1HXWvPQ06J0yrWwSgO635rF9dlTL1sgcWtnuKV4Av54O5x5d9eOd8ZHdc3NsS0QTn6hj78/9dWnLn8PEXKs+S3WwWklsbDZ5t+wODqu8Mk6c004U3C+dnYWnn8Pnm9+0gcD0d+WWrSjpIn3r1xVY2/kJ87vcLXMQe97/xCA/stWZu9lAWeSI28qnbuMNPG6y8WjyPLwCxmcoHSA8jyHHmPMRHO15iWZQlx0pqedmsjYutHBaI8vxEt7V10eu9wRM879fzm087XouoBbPY//ICZbfv60JcNAFjjLlvz6kBuKvrpBoRlv1o+uG32YQRwu4cx4rCU3L9QYQffMkiF+6OnBzkjfNiA6538FHbBpr/5oCDjY2ecRnVMUJ2hRoVPneMF1Sgljn6RagE89hUCfF0WPrwO3Pe/fRb16nyaK7zWVv56MFar8NOIuRouMyDyDTaGHjbcGgAjL0dTXd5RtSggdK7l0+x5KNyVwi/jHUurChydUV5Ckq/fLNJaBqea07SxXBAf6Gn8+/JMjSM5EXGtUY74oWvRJ2o9fedStGoTuT7jPMc/ttbp1qrO7BgOBp0t9z4Dag+VDy0vZ+MkhHC1bLqnbuMw8mcqbjVECv5lJjdn3b5qOfHZlj2ORdMGNHuwaiWYwmBB4GvwmjU0V71RhCO9y1C81De0gAKGZGPO+/CQB9P/l5bLfmFDQkVLk4TUlpFD3U4CdJXRB5f8UoSURWqTNMIKLwoCrwx2meTqz22h3PyXMpIc4hfgMaZ0nZmQiXGILW2pF/fo4mbWdrz1Xq0aNLK0Z3zYQIMOqgh2wnfbbs5AYn/KuO/me5v4BhalXgasNL7KwTWgD2peyoy8mvrhAEy9agGZBiZMJTPrQOextLFqnwRlqS6IqEgP8aLcl2BT11P8SJqz3KM+e86MM4J1So63rM1vkAip/ZVgk0W8R0dqbriovdNPXNnVp1ChaAHw4UjWHHkrG7t3Dz7sxqp/PRffqnM1B5ua6MwzrzKxzWkGriOVCMMiANEPpJU9rlH13eir4lBa2+0ZQdiWrCBSpdkF+4+1FqLZ9Zp7/LxyilLwvNA9+lYv9OiI2r21m6Nv5OPa2ozFRvAZqpaBY7FXC+PDm4085UiSAiiLLLx2JwiQy6wojWql1AkgmSIRSoD+X5tinJyIsWrVvY0GaULObDH/unIglJPXbpLAEk1BQx1kMn7DaTBgRel1cgKWuLaZz1kQsTK+ZVaiLRdjfNlpvFfdVKtNpYT1+UzdeAaI9XAFueh6OgL9k906t0OAylLwmwf8NH+tdImcI2sjVNOruXTigOw0OBbfhWw9sNNuea75lKcglbisSncOqVnH0MyOAHRzwvpvI0cBnykaOm8rC7+LradeGy72/epXj3tzbG04YguzI8HoYDAQD3gfFCE+tOtxcdMYAzsiPQbSxDe7pbkpizTlyG7WOMue6pPDXiB2ISsYDaWtQXnX3mq2SShXdKqO0sR2NTq2h7VWKl4i4wRGFCSrAogXVVrkOKr5V4Ne6sKzy4RvVy5VeU4g9LACsS4jMl2A/bgVSll7dDUamOAaFrZ/BEWhId+bPUQTpeoGaDm4GDHW0+Prh27h6Dlu/JeCTKMInMoJlx0DF2eWdSmrJI8fIPBlhPdbgStbVhBiNdtmC8rfar4FZqJhRor5ZswxHjaV9ig+cMLGuwWY19DNagqZSumoL8Kk+z5lgljEd8uTbdP/4nRuJpjagb58wc5RlGY+6BgOmxLrAwS+nA3YurQEbjeDXjpnS+zQ46TLIvl9usBTKecXn+pF4VI5FaoBwNk91nkGl9EDATj5xeM/8eBZh6Z/BI3lfjTBf1PU+LH/9iYrrbfmHlrL+nNW3UNu4BR8KmKfTj+/bujvOp/h5zgGb0m1riscpAxux16t19+Q0wxSct37a4Rxo2GGPEPjprLW5njc2bDfVC/Kb/0lJzQsc42X5giz8bWNm63tfuyNt8SLABJKAdtgpQqNbRnXzL7+Wo1XZfaSyAetmpTlRbuiPjwq5RjLdcsnnuKJ0hFL4OQeiS40MiqxESFJzePuiedrWSzu90cFPuD8fI6NhHGdF8aSJ8BFOsJ01UxTaJFIGOiYxUP1g43DlaAGgj5Bch/851LQl93sLDyYP2de93E/agJxpSBybGCpEl1JgPMIZsQZKiW35GqckWpKpWsoNQErqNkeBBmpnhRqSMGHGVtPpFqXIajFFxm/v2hKacSs6Hr1zMwv0+PqWJ7KBzN+WvzYyC5K15MnG2QeHzWidkBRYe7Oul1JGd0z3DB6uOz97mXfPeTYewpf7eziFRlc387vNOasSot2oLJoqwEqDpd61xrAhgt9GzoD8fxPGrFx1DwUNtDa/ac1yKVVzgw75wAKEHH4SclVzr9za65hxFhBrcFNtJvTgyQAULeCRKUKYpGcKTHqmNZQAYH0q99dhtOgdqpbyRlKF/s33UhlKey4j/fX0EP5u6uhLBeDmId0Z9zkdIHgB3L3b3BmPu7PdYL6sjpF0i0/VBPuqYDSRUMyixR7zES1iVXdRXieBKX0azforhLXpg/HejgcJECwaBtNSB7AB1Bqidr7SLAYcQYfCqEJ3KKkbSMrsE2Qu8OMO5kYX24EUq/7Z3YAW52EKBouryx4iwfXVq91gcTQl1W2JH9DqFx8SshIgF70C5zFRI6m8bQB9onM2NQlbepVAEEljjjamJj7rlrFHIj9c0uX1IpoI7cq9kwy3ALUeLDgildRTd5l1M5c23UkN48yJTOee9tYK06UPc7hzgdF3ZxCAnyafNO/iRuVbD+Faikd3VSYQFbBsgvKO77jhJdvZFIz6Dqc+cN2S5tbHXxLrq4WJl1el4nx6IUQgxLpUgArCqF9EkCO6Wdear/QHWEtKhePLJB8rVrqaquqX5ZaCFL06g0tZ2mfnS5MXXqN+okePFJpHyIv1RXYbWWmkM5y7kL+EuE07dmdC3VSDMmXU1cYsB1PAnGrPSlzKofe7KWz8mbg4n612uA7LCEp36WJtWns+kKYNVh3civQJLV022b/fiTRGFnt9pvrwiKo2toFBRmY0yQmvi2YYFFnr1KM14OLQ3dxYDho9geurtF0ubRlp7pHo4unQLkCw0Uiekw8wH9cnm74rOm2orSwQ7Xmz5aC253u7nejOocVmAYjs8Xwu655wF0sxeCoKJJqnrwFNweZ/9nxnnlfrO7NWPx2LIN176ajOooK4vkJdetVlmvoiJ4ZeHWVHe2oxiUX+34hbyiRmSZmdkDR9uT44dXqkDb+TqBsvqiYRLA8Een7vkY7kWxlsSZx224572LFzrcbwimLpOW+kqDLfOP9rJ2S+l/HFkQTVlhwnL9dXIJWgwpkYyzf+KX00fP/xLoGXFaCgsVipVIrYyrTpKUqXd6dSa0R8ltQq6imr3Bj82TJ7AZyIUh/347kBJ9vTE4TLUB0VInqftCIlPBlUhVu6laFEsLm8om4DQ50Jns8ZON9cHvXDs10mqtdzPmQNDMBuHgnMkLsZwZ5+Z+KnIVJXOso4FXaF7HSc4BHF2WKiilrIDeHbi+gWN7Xzm09slaxpZqjVXIYrVYRP6oS3GCeHnlyfhKUIc+xW1iO1PUJGDdActLkJGlAxKrfiaRb+l+oqqRrmLQbQd5IGhC+vB/gb7+T0zOBBfxn7V9PsKJOVYB5HsNfBCDCVMuzdCpyLCtOO3LgThZ2kwnlUfCApeURJlkuqknlODMeuH7uahBpPekYDr6Gu9f14rSxIPbeH8FCXGjJ6Hxwu4fxNVyJ9+3fF4zRG0O2ClalvpC4Yq+kp7ub/ZMZU/PzuQxWwiDpuAmDTps3Nc81OTpCvEAuSS2O6LWLrj0+6CECpz1wkOCVMPGreB2daPSr22qKwsO3CDbKz/9kErBi3YFKrmNsblubFN7zIGxu5+sx+PmHt4mt4w/Tu7nd4rR6NQ27HVMSNdsSQXj2Xm6yzS9X7i9DpsbXfUS+kj37pFBzmZtfnv5NgeYYxNxDKsT1BojoGp1Cqld0hS/Udq6+eILXhBBfteo00dEH6hUlVagP+o5RWSx8AGEw/3dVRTNc5POJv6b80cLUKF8EJCEQFJ+AYxzuyhPwGThl9avHNkKs+zqnyEDBOiNMGjU0LWDcHyq+XTB/WCH3NrgOyyPDIxWZ7ZYZ3ZmGxelM/L27FYT1CD2uOu51FMylx1iVScGcfFb3EEt0v4KT4FCMS4JAEBWVHCJAxxq71VR1DNVOvTlB1kolyVhDr1rXPLjhWmOf7+ft2uRKSE1qZRmeMYbO/Mb4RL21dOpe6rWV2d7gjFxJFDzjo7iwVYytgFU0kDpUFOTY3JOJv6HENPNY5/H71oHUIVzB5Qx/LQFKuHgrbz16g86I7XdjRSkm186qEClopMW0AZLYamBD5oZB3nHvcilFs78R2dH5p9trxJ7j6tflELcsFAEYtDvySjRc+kQg+Fw7K+g9fGlywdT3ouvNC3sKoinNfTHxZnj8QPsZ7PzWUlUJPZEe7uYjSgjVx9uO81u1LKBUAxpNFRQJzguCz4SpQ5e5hX4MoTz4yVgY8fZWA48QNS/Teamjqu4QbEPIemoYduuXrJ8T4z5jC1EZpzQXNj3xFOY/fPB1hvkxd67qwNEIwuqCg/VS5UM6otF/8Bt8wfSQiuLqOyfsrhkCUPPrgQesx7Bv85TopRjHWch25aa+6pa6gybgDhZjsbfT9ahRx3cbETeC9LX6AfUezCTTDBmebG22MuOxZkRz5q1Pphoa0F3xx2GE36v8JdTzsxXBZmriFz0zWh8cKdP29IdnD9WUDw8rtRqb3ZJTDrzetlcvKA5aVUu0TB1z60VKen0TB3/0OcIf9flj3fWGP/sx0cg0VrF4ABfjzc+iU+eCq5/X/U3uBVx5etTx211gFLA9nWOA22udo75ziMUfHTKOxkhZzbdvb/DUs14Z5blldgax3UO5Vesn1LQhJNW90D6N+KJYEM6JX2beuDrcXFMGgMaDKmUyuCdAR2oQ223daqdkqvb7kVeyG4mXf0nxTU5o+QBwwg1DmSsEOUBOVQ4GWyA6uReN2pe+PTZ9ojluqpaYyekdJmlpya/Ruz6t6+7c1Yx8JxWM3nAH8L1F6B2gQoI9mxs843K6xwlZr4+c9KgQ+QCjlH4y23wbbjB/P29BfjYEWtjgpyx5nCL+afK6BTbLzECLXTG8nX7Q7pnvQ+mLzoTB3jjcpoVr/GrMwJe7NhbQ3ZAIwmFd1LaUJv6sH0KdugVw71Z05frSdf4vFCVW0obMDwv1Bj0guyAKObXh12QmRr2kvb8C6t123IcQjmWkH0+hBUgq0qyft0BtSSGQxE+rd9VDmeKVLfeIIA1LcV9YRYVAhD3fa8LrmHs8IQiZY475Y/kd2C11PlGDMDm0+KpwMX7qVhRShHt/EiozS3cnxEz6oLyBL9NJunb+JNStTyih7ftT/6obxyQUXyq2UW5fwfYSxeQR8Twqc8D4gw0SIOcUBuS8bGB3hf9Dz2ioHnfdPQtdWS5lvP9kz/TmB0h4HybjbCnmuy0jKUn9tkp8vUJ1RbIwLyGYk2v8RwvwEGxIBM4CTNlBS+mDvKSVK8zfRvichXdGbjH8lNxCNmEN/GakcpjlZ5XmzJGn9AW/daJm8e8B7UkVU2UrwRtZ3jydrP0phUREyahzvJcw4swSTkv6CzhXdbkAAnb14iWEgIvwLrQmz9wAwlZqSuMHBAkIsLxmCzGKNNjYL7dwdrVgQHihberG7A+YyYFPPZG31G2lLEykHvynZunQUHvHsxO5lUTUiwlNsGZN2VnAxVgWagaVa5S42E/P0OqQjjMPI/wRlaUmNPE86nAi23j0GyV3d1Dsysd6uQ6pWWWPmFBu8GY0nNU86Dqo7rFE10PU7Vv/bP+f9eDESxA9OE/1ZS3kapRS/jouP241I963zy896dviI4VXVeFNzFI6lGYMmdqdI7FY+X5u+nPSOBFc1kxsaSre1873GdWjY+oKAtsdczwzql3niY5pveEXXld2piLCSzwIifUrq4+I+jaSF1lFXvLv0Ce68jlv56T823txp+bcOk4ykG/2hLkA9t1UaS9hs9BCh/V/wF92FVZoU9r+i0AT+3hPeiDoaxg8ZTT2Gs3RSwYiCkWqwXuZnZtAL4U4Ua4c1mZzho39TXZ0fY7VlzVWc4wHHi70bptfSHDMOSX7fMfh+qMlVqDHxu6Z7nci5AIwTkQTVpBXxBz8GnCqnxYbC7UjnzXlx4XkJ2xZQf//1/rK93mz7Wtgv/rT+8l8f+vPxub73/hxxXhoEjL2+C2sCuTZTnG6Hup0MlY5UGeHHUOF3pRpyCjD7Na0MaH9wiep69tr39fR85VxYkRr1t6/er33ggh9Kot93zc133RV33T9zziD/7uf0UkmxQVXZKlUGqlW2bKtbJQ1gpen6jTNWyV/Qt9si+O/8wkmAfHZ4GztsXJyWArZ2JmZ2N25+dQ8FurN3u8GfOm983uNye4037v/P2DBv9usLaB7/88a/CyAc3/wXnGeZJzT8qplFHnb/Rv6KfoW+vH6XfqSXwf/qH+pf4X7n+w4RDMwHZoBg2MgQXi8C+UQN0fowDjBkaxjB2cxm1YgS0oQj2OohS16EAfRjCDxfgCq/AdfoU/DVHZcGfkY5zsGoDMWUUPlnTapneCi81A69x5ay7SGgML8tOLzXaZWuXbAlFZibqXPgfmne2ALIPOhJYalhedfcXg6M98cO+SnxmfTwVqbkRpWmPSrWVqwMnHRlMFQKsTodidS1O12WsE4+gJfm2SYPRVMSDSnCXpgLado3Zva3ftex4Hbv0kor34hxe3eEcXsf6zWxtQqMI1ftgcjjUWTw1jHRFLTmOkT7Qtcofa1/Z200k6bO/SbfXI/cPMbnnbJNfD4j1Mm72i4RZgwUlKy4YUWM19u3cL7PcP9pdRbKA6eNQdbhxu3pYSeV10apukMNppg0bgxVsV2NnuyPPoTv/52XCWLNzeOqEBPWMgX705rZrrQMkS3cVPVzcKmaMXn/cDqVB1Ge4z2SNqCDSqQsvQ04TvFpEr3/mQM/XgaHWQ7zK+y0eruGws7UrEz8y3vUMFMdNMvIbcFoO07T3fcCtOzQK4zVDogfogyUojN2ad8SjL6vRqeH8MKVU6NgBTZf0rPag9MGeQdaSxe8g0LM0XrtoyFyIE0c+0Lnp7WJun27gfx0cA8VHT3yDwL6fQ8JOLPMBWNIVMFWlbmSx7pfN55bCuCTY9DMci4Mz3aAGkzx7Lx/D81RHxq/ete9uL7u+6wYWHndPcsN5m+z9+8mjzrbo782C6yj7CnpFhApRkN4dNUsIgzl5oFupGyGzRiNhg/GXagTqjysm8whk14/2XH7rGToH15sgksypbPo9/YnBMCizui1CpjL0Corn8NGSVlVrrho1rpYsy+W/mFt0p3pPPGx7OYhHrHOAZXEf8GyzYBb29eS7BJP3IZqkngM3lT81jc0AwN20DvqRPS8RwxH10WrpR+VYbDVnNl6Q8zRMgpmXHZQjc+unnxvU1Pmv0e04waf/LneTu+cnfbiR3x2TWsTyKuEXDwaDuwEZG7L933+dEXnpTo8K8KEn0bMhgSYugnpJF26g2r36ZTyt/rQ2JVU35JUBMd7qON/94onSudlKDliIOw3375YCL5fXCcNggA9louHE9EFNF5T2JVo2bpqW3u9h90gYGxtpP0XIzDutcifbePmM6frVh2b7bdXbSTCITx6vNeHQhZnGsZMZFLWd75x7admbVarpC1VutNM1QGnuBriQ313Hq7deP3QMyyQijw28/czpUztdiIZt3aI6vXeBHBhuXdVaWn6A3KC0TX7eaSaCnDjCz6oAmWvWba/nypIh7dFQgBq/4IlBK1s5q5rin0mJDjWzPjwI10QOzT9Sgu/16WbD3uZPp45X10qRwSLheTHwMFDWMqIaNeqwYxSHVETvb764UtgqANguDHSYNl565XExYNIO7UToEm9pgkZFEJZcvrFZLVEuub9JuUFFKpH5EPij66KNkfHVfgzStiDU0zOqX92XqUEGreuWHj0ktW+9juoyDelnhXr5AVIk6yymMTQDalxihAlSRyHWG8Dk1cvwoZ5E0ooH9pJqb1b8+M8Ep82z6JqfAs1e0VyZVhDh/YKf2tf0Z+5FjGx7u7N7uP+T7wPHGiWHI0Ws71YrhRQ4Asko4W4bM9Tyq48s4uw8GmUdUQbgF2HvKepTFeM2AbNFASNqiBRWDaCpSP/fQk3HuTdv5A7P4WndXs+PzkpxpaFUCGm/UVRnAkqrCkiGvCcnc2s6otp09Odr9tB4qmeF4as9DRou37VZdvk4mMpgHxGClHSST491Xzws91oa4beFijVFssb3UUlia0I2CBng0F+swGNq7Z5v3KUrlyHF7miTZWaZ6NqohtCt5iAytagGLi1PaCPwic7R9lrkJS2KiJtOQdYjzoNTykV6HHuhwkyzrRhfUMs90QgyXxZ2Y3k65ySfh4dYYTsuhn0RPzdZUT66xzIPqHxKrxZitc409VkxsbFpkdhouG5K6DotnhKYp06zAScq07/Z4KNPnWCAHPFUptiRb8m9xQS20r1qzrrMos16QNt+Ru/hdvpQomG684wxZ/0JlvbwSUdAtykq5vFDZzi8PWZnReCfUa3rVaNVnBFrZADPxjODJnpKEbTfc+Z0bWAFCqSjvIP/EO6UJbOaw6qKLzvRGAuPffMAxTVRsi7K0mis1WxXwxlymqnIBak2sjw9ggdoXq1cUmrNF+mQ/NRdYaIsnxwFiW9g6DU4D6u6St4osJm7NnamP66nYx4v4hbh9dhT3x7uTdeHnPB8TJ+WS/4/n085y/78RaReNMO/h0lyjXfSs+o8fM8OdqeS0QEi/Aa7/37dOiI4q6eMeQerrobOvvG56vHeLquSz3lpzLW13ZneCQHTqvtaLgnYw6LzfnM9UMfXE2iktPg+gMSExC0sUWwxINt4CfHfnxv3SAF+1L8S0kuE0pbTw5YDNnrbw0JoJRroRdf3S2unoUG3IR4Wv9eaDc6GaGKXIsqTUlGnOyQmktZFv2avsZfUyeRmIzEtyzI73HR1XLwCXtRynmJssksc1z2vlC2Ky04XadX86+8lG8ODZU4mJ+px/z4tCkVNB96UuGAa28wZbPtbWzQwM1peOMREfqAPhfnVlpcIeomPjUr87H3SISI1rMY3PeJMsueViVX3Pl4YS6NC+YSLyDj5pSTacLPf7KFY1A9IERbSHLTpGaAdRH6k7QjYUdRP9IPubjZGZrUdFqpaqFdPIMZ1WzGQxTwqQb8dtctW9LoqUksyr8Wa6kdnPHwvDoUmi9ePqwZAlGpwu8HoDTcOwkJidwUCIt81W+qAR3jhujLsPK1LzS2TL2vIxZ3HLBHnOln08spMobW09WE4200nL/b/jjxHSfwPwMSGqqre3M6JBNIyTce5uRWUl5bonlMtls9J86cz+azeu3t6aYMDQYN8ThkJD6SsBuJqWu4pJFaJxUcXONQxMy2bZvplmlxgpX1vBl0uraVq4lCSrC62yQYF5a51vG0TQuvLJyXkbnH/XH806ezGO5AiXsC1k7Hf6YApyuapRlUEc7Bd0pVXIWBU1u/sktXlWQfMzRq0GHMh6qrdixt8b/yli3XP7M/Df9dofo2myXGMiDRSmauLwnBHitBUZoXN2dMBR3/cdXkNN2bxZ0J6NrX3inrnZmJqKbYA0AZ91FRciqAaNz6RQ2tIk5BlZSiVNAhR8zmb2uKbOpi1rWP+itAfYWh4DwhPKvWVTUNaXQx+s+q2oysjS+ZKiAxrPhyYMR2zLw4cVhHdgnErbXvPQ04uyP8kLZ1tRP/kxhw4anFn9ljb09Ky51J8XN6Xxjo3/uXHHLM7DZmDMUzko9xyY/e8S/Th+GtEIfCU8o7QW5T8+2OBfnKA3/pGsivlOJyTXrEv8TLBgdaRL0oBh7w0hgovHTsei8tAkMa6namxlQ63vgzw4c3LQ7aPWgalnnMc/cZMdU0V/s0dG7Bx+NRkFzuhab8zIe19oERWwW/lUjRRtKNteXtaT3Qx1u1gCi5gebRIs6xODCp4u02swYPRArVYLfDl9ZzMNTtFMrTBrppoEtuwomeVFF5EXHZqKCnN77/iNRc9RUdulm7n6iaAxeSFJKBil5wKb2jTjab1ai8VKJcNoBAqq5INWr3KWKdJFJzV58mcfSHNLfSZ2QDxlCzZUvaqpI2e4McpOzHv+OEvoxqgRt+0ioF1M1mZ0s7aBd6T+wpYU+UMhph6tDbB7vb+wi6cg2fP8fhk2t4T2PFpZU685M4A5uEBkzO1/La/Sk2d2FlTvKMX4Qne4/mi9eSEEAl7ZqcCIVhYLaAuvjAlXAVATHzQRLVFSb9LcX496ZlBsyIfFdnllCbSrMRODZdLBfgHpXee2IhMQVcSBfYv7wYE0XLi917s9i6vvWzi1EhChg6cG0dvZ6sZ7Et+Q/MRaLgGU/TIm5xZSHb7b1DkKcpeiTdp/nx9E9Onodx4ZAntsm9d7KI38JjHKRNbBY52tXdaCRsGFdCSU2wzlazqyjcG8m8j5sVu9a2kKI1b/Y0OQOwZeleXthohhlZE64lKKZroHztCQ/mkwwzg1z2HZfp8Q2LjPy9YOrjhfmzqmhbN/3ZhVAPXhw8X8fX8NzOJnWmAuvBchdE57bpzl/fCjt5A9MDZ+nFARnEL1aDHZ5azQ7nARcePk7nATNPV2MGaB26JMxrt+w0Ba1AMXI2l1NYmE1RI2kG1bRD8GnMXnC1AodeR5YktX2g8FZj57/8ZNSyEfLS/nN/TKUE9HjbDaxc2KxbkF1VJW6jYGmp+Lz8NS8qrxospsHfe+UcKPP8cg+/d8ixw+5ilaOELT7ubxp0jkSGGeDpDDwovwPyLTZTcdsWmmVgiOQlGhW4GHDVMwoVGAhOq5ulYDivZRAK0wY9zfdb6m4G1KeqM23emKiHdDw9x7H7leTAAWMjY0CGIDl6HM8rxjjyFkLPJ0h0jvorxKjoVaEu8hmQquuLZN3yJ9iRlfmEyzGK9ZJtCmnWJN8PtdRUmfm04XEfWynpYeUubMZLtWTKWHLvECw9TD6U6yyRdYv7GrHJjT5GdSLbdwB6efZZFlYtpNw5UNidZMCS9SN7oZPyat8e0JPfHbQuRferR+iB9u2l7ba6pppqzwzeHedJsb+gAloo3k+QbNf5lMFy41BT+9EePOAITdab0NBeZePwc09WuKM31vP2ASbuEH0v7uLWZn044FxNPjKPvdfaCERad5I0MpyJwjYFqPKSGacMItIDhU3n7Qqn8XOL/jhK+ECFGa3sssuTrGPGMGXXEQ9Pnian+POTptoKlN7/S9wMKSczUSTJz/Jc+iNgN3UrLGcT+RJdAzTG9y8Bpesy6mzpbm6bPQgodPZIA2Pk0wAHxwMQAIkjo2AKCejh8AwGA7+O0ikH3wHQBM9CZyCpO0fIBvx5GC/yZsy1hJAQA4V/8oAD29XwBQgzFEtsPnQCqvKJohkPDoeTP0sX/eTzDM20YxAgoGDgEJDToMmLBgw4ELDz4UAoSIECNBigw5il9tGEExnCApmmE5XhAlWVE13TAt23E9PwijOEmzvCirumm7fhineVm3/XA8nS/X2/3xfL0/398fSI+qNYGafhKnzUar0+v2B6PheG19c2NrZ/tg//Do/gOAfFZJQfoEOuVq/k+cmgJl2gEwnViTNJGa1HAAQPsAyFJ4AAwYtEjyYve7INu8/ADAYsVawoRY0Pt8yJd8zafU2w2Af6MDoP9RYwdenpPP+RayRJUi1SrUqlOvRpNmADRaZrkO7/TLeHkZm4AEmpsJGRd/aGcAEMcHhgIAWBQZsNYmg3HpH0xF+QvLz+VO3/l0L1dmMlPZm+N5OH9CJhrGHIuscJdfcWRHuL7x/xmglqmVaiO1Rm2ndldvZsJQY4QTc/77t+N//58YxlHTZ431ttgbtwTn17mIsU/d7Za3GtXQ9g504wOhbDTimSZQTc/t5/nPYv1JLYwuxj8F5bVZt7pv3a6v6xDczd+1tbpW1tI+wnEOhd8nJHVsypGjYytG4dFrpB4+pkvn2+Uvyuh6J4ZvdFwnyhff+h7rFwVSVTqJAgUUKKJApc7sBQXG1c3dm8VHn1FQqJgRjmJQLDcnMwdOKrWG8/tWf0n7p9uKzJWrsmbz9RLWJn51K8qqbtputz8cr641noylfxqdwWSxOf/vH3+TUn9ESv//94jEkk/1aWhqaevo6ukbGBoZWzOxbsOmLdt27Nqz78ChI7ccO3H7Wemiu+6BEIygGE6QFM2wHC+Ikqyomm6xBnfsDqd5Bt3Pg2PD3KPyMI+Onyd5egyYCT3L84zkRV7mVV7nTd7mXRSwETAtn2Oh67fwiNieE/cjnNIMAQL4+Dhk889zj38AmRfi8neu9fzNePf5FPA37Z+NlqdQqxmG2RAgfT6UeyabsyZtz1LhFeEjCZgBfZVevMDL8WzGAEBOs51NrLvMP3SQkh50J+GGArKZ8gMBjasI5BubL3vXdnZyAIDvCb0NOBWjl82sddszGZN+i7skhnwCEwMD7+IhZVH7jMJr6GMq5ppwGppaGMEwAb9+4rz2+EJkZtQZEraApDTWReP2R/S9nFu3CGun6CiitaQloo/J7nWOXZiEXh2jopChgDsG++RbYne9+tkv2Kmxxn01Doq7VSh/EfsNOzdoxmQ+X61fsX1HyjCk42d2ZP9fECD45tN6nShLQt8SZ4TuVoFWYee04lyZxQC8kiCpI/AmDSwPwjz5W0/gB5yZgM9KHE9SDQvUH/p3SDqIvmm6rgbXf0lqx2g3drn4/YTaybMgLNdAzrWE4sDE9zupq6gM6I2blFThVoLRJUR3kGP7+ZA9WvXwYQGoJpnTNhk05gTxcLyHUQWxEMdgkkgkRyDXmGGCYQFet2jvGFo7XrZ7iAQzzcArDqepxGAFBVw3YzaHprhh7bDCvA+g53Mk5HbW4pSJUSd+BTDug+suxPBKg54u+RKaH4F/YBzE97HNMAEwv2OmcDNFDwJCjIQ8IWZCnK/8Kt0Ibo3i/OZs7w+M76vP7T2EAscLqWJfcCMSnv1LHG857uwv5DjN8Qors1X7bhuTz87wik2OQCpMdYNvxL5bquIwK+6TiVKPbBL3OH7h9Rb/3oqJagkQghHv0B7bLBjlHljo2I65fMtl7Dlvx0JotXkSr1/acoVwidDYcmaksjZSjgtwGWqQiM77iXGBPZuW3YzaXRHdGqZ2oqkE6ySn8sLG+yauHAeSeLqOAm6EBRWzmCiuxgFvbzht8SruT26xOwk3eCxb6v54fiHznH/yOhzYyaXxdScuTxcTpAcH467LwvxEK2M7+w/Ly8jYWDa5DMZrXwzelRoIUlfxb4CetniasVNW8J4pcrjWgEN7XGoUdhGZuoLrBBj+Cs8Lka7CPXChvy3H+zmI7Tc8d1KpmMUtqwkeU308ue8N4d3XYO4Aaf+62QPQKfQuE/oenB7O0BeYuzE9gmgDui24Lsb3P3WvT5FuIawKM2qnK0ZVSmrHyEsifbuPH2/0Gde/f69kOlu/AkVIuX9hOX4YMIrjhZbuDV/C3Y6b1gOKLDRcn8PSapQf9q0wVEYpPQE8ZBzpa+ojxc8DKyy2mSAABb/LhXGBNL1m3hHKydyX7hJFA3w/Eo529nz2LaXP9xHNB2SeZC/ajTXEqPXamyOmz7GiASgmwEKByENh5Omcx0Qg4u5HMA+VOgIJiqtns8d1B6F/sAcB5jXvwliy8CqRH4e2j0JLg/jZ0b8+Fwp7EeEZwDAkw+s85zrSAGQHcYi6lYFMxdFR/B63tdMod2Gu7ejTiO47ycPXKq+vQxlhEwTC4obFfvg/l1NnIs+2Bm/PhLVdMFUE3Vr4hgJW5+FxQiMfHnfcje0XXe0apeCGA1nWZHPo3Npf0fJi4jB4mnHKoGJ3InmPT/B8ddJ32xftb9UY4QHCwUcAoDT/N46ML7AvgmCVAhgMQShD0PKP5VgexcAwOCxlOAw6GYEj68pIhCDAoEU/MDq+wRgDmYEGM5rIWLRnwdZsZHEAArTRAAClZyEkdC66icGwO8kQou56DYpodBmGcrwlDtF4RpDZ2YzEcoYZDcsNY3RKH1vGwHHbIZkUfcZYWr6kD9m8svO/jVCv+dDs4tveUJ29kdsblexxWt/fbLTC/dG/XNZj8K/eadcz9tqJb4uUrT3t/yOpic9MnM3sAvRqUup243FfKT0MKOc+VMVHasvt2TUKIeqNECoWdF735WA8cqSRnZSgt74lse54Tu8shUjoPJmmQ81IjFGfIeZrjGFCidYcCQbl3RrJcRjhcYI1AYczHSLabJvWuq4PehMSXDI42U+xoLrGOgPh/ihbOMGFdQezf0tcfIqDAT5jmcBLvQAFFvT5VuZy7pIYaFzy7zqMUlT2QiIiTkhJf+BEUHOaNLchX9LGhTdILfMM8WGAjERslyaOObp19wMe3xvT5+e4L1yG94Vn1vtJ6E3BzqT0x/iQOGNgrggGEnmWJVLrza95BFYFdZr0pqn4xxnAz7ZPOrvxu9ln9GCHuHCq4qq2L77Vp8JuQPrgG8R7iwRQrDcvyLhL2T1n5FNGYDi1WhnLFfWeY4GC7lB0PGKUoMbrzuuEsy8uljTmTmNQAmvoaLLZQOmok1jKn+jxKpDVzuCgR3FYa2Y1qrBICINYO3L1m0h4Nbwz8Pagv0tjAAAA") format("woff2");}</style>
++    
++  </defs>
++  <rect x="0" y="0" width="711.9182835520442" height="573.5964413809206" fill="#ffffff"/><g stroke-linecap="round" transform="translate(117.27154915703676 238.02839846037386) rotate(0 125.6132919736506 62.51589262187065)"><path d="M31.26 0 C93.8 0.58, 154.08 0.67, 219.97 0 M31.26 0 C84.04 -1.13, 134.76 -1.21, 219.97 0 M219.97 0 C242.41 1.71, 250.55 10.05, 251.23 31.26 M219.97 0 C242.9 -0.4, 252.85 11.5, 251.23 31.26 M251.23 31.26 C252.2 53.7, 250.18 76.91, 251.23 93.77 M251.23 31.26 C251.63 54.31, 250.34 79.61, 251.23 93.77 M251.23 93.77 C249.84 113.22, 242.8 126.81, 219.97 125.03 M251.23 93.77 C252.52 116.18, 239.79 123.63, 219.97 125.03 M219.97 125.03 C156.21 125.09, 94.35 124.88, 31.26 125.03 M219.97 125.03 C166.39 125.29, 111.61 125.6, 31.26 125.03 M31.26 125.03 C9.54 123.71, 0.89 114.79, 0 93.77 M31.26 125.03 C10.68 127.23, -0.19 114.27, 0 93.77 M0 93.77 C-0.41 73.25, 1.57 55.04, 0 31.26 M0 93.77 C-0.32 73.57, 0.04 52.78, 0 31.26 M0 31.26 C1.85 9.36, 11.18 0.6, 31.26 0 M0 31.26 C0.96 10.27, 9.51 1.34, 31.26 0" stroke="#1e1e1e" stroke-width="0.5" fill="none"/></g><g stroke-linecap="round" transform="translate(186.70726707100698 10) rotate(0 67.83414177602211 24.5)"><path d="M12.25 0 C40.5 0.38, 68.72 0.57, 123.42 0 M12.25 0 C55.6 0.03, 100.91 -0.01, 123.42 0 M123.42 0 C130.91 1.57, 136.88 5.9, 135.67 12.25 M123.42 0 C132.06 -1.24, 137.56 3.82, 135.67 12.25 M135.67 12.25 C135.51 17.2, 134.08 24.91, 135.67 36.75 M135.67 12.25 C134.61 19.88, 134.58 27.19, 135.67 36.75 M135.67 36.75 C137.48 46.76, 131.69 48.23, 123.42 49 M135.67 36.75 C137.06 43.82, 129.39 48.33, 123.42 49 M123.42 49 C98.21 47.23, 77.19 50.26, 12.25 49 M123.42 49 C91.01 48.47, 56.89 48.69, 12.25 49 M12.25 49 C3.53 48.6, 0.28 46.55, 0 36.75 M12.25 49 C5.16 50.53, -1.41 43.61, 0 36.75 M0 36.75 C-2.07 30.49, -0.06 21.95, 0 12.25 M0 36.75 C-0.15 28.95, -0.46 18.52, 0 12.25 M0 12.25 C-1.08 4.97, 3.28 -1.96, 12.25 0 M0 12.25 C-0.18 2.58, 5.05 2.17, 12.25 0" stroke="#1e1e1e" stroke-width="0.5" fill="none"/></g><g transform="translate(236.42063553159937 27.10232178526644) rotate(0 18.120773315429688 7.39767821473356)"><text x="18.120773315429688" y="10.368585785770504" font-family="Virgil, Segoe UI Emoji" font-size="11.836285143573637px" fill="#1e1e1e" text-anchor="middle" style="white-space: pre;" direction="ltr" dominant-baseline="alphabetic">Kublet</text></g><g stroke-linecap="round"><g transform="translate(248.10775797750728 63.908976948636564) rotate(0 0.33648643876290407 114.86137924595312)"><path d="M0 0 C0.11 38.29, 0.56 191.44, 0.67 229.72 M0 0 C0.11 38.29, 0.56 191.44, 0.67 229.72" stroke="#1e1e1e" stroke-width="0.5" fill="none"/></g><g transform="translate(248.10775797750728 63.908976948636564) rotate(0 0.33648643876290407 114.86137924595312)"><path d="M-7.95 206.26 C-5.24 213.62, -2.53 220.99, 0.67 229.72 M-7.95 206.26 C-5.83 212.03, -3.71 217.8, 0.67 229.72" stroke="#1e1e1e" stroke-width="0.5" fill="none"/></g><g transform="translate(248.10775797750728 63.908976948636564) rotate(0 0.33648643876290407 114.86137924595312)"><path d="M9.15 206.21 C6.49 213.59, 3.83 220.97, 0.67 229.72 M9.15 206.21 C7.07 211.99, 4.98 217.78, 0.67 229.72" stroke="#1e1e1e" stroke-width="0.5" fill="none"/></g></g><mask/><g stroke-linecap="round" transform="translate(10 144.1616587722251) rotate(0 345.9591417760221 209.71739130434776)"><path d="M32 0 C227.91 -2.73, 425.18 -2.08, 659.92 0 M659.92 0 C680.58 1.93, 690.18 10.06, 691.92 32 M691.92 32 C693.39 120.38, 693.37 207.8, 691.92 387.43 M691.92 387.43 C691.29 409.26, 680.31 419.89, 659.92 419.43 M659.92 419.43 C427.48 418.55, 196.22 418.73, 32 419.43 M32 419.43 C10.97 419.21, 1.58 409.18, 0 387.43 M0 387.43 C-0.16 309.85, 0.43 229.56, 0 32 M0 32 C1.75 12.18, 10.36 -1.82, 32 0" stroke="#1e1e1e" stroke-width="1" fill="none" stroke-dasharray="8 8.5"/></g><g stroke-opacity="0.7" fill-opacity="0.7" transform="translate(261.64178340975064 78.9663359790759) rotate(0 78.24016571044922 20)"><text x="0" y="14.016" font-family="Virgil, Segoe UI Emoji" font-size="16px" fill="#1e1e1e" text-anchor="start" style="white-space: pre;" direction="ltr" dominant-baseline="alphabetic">CRI request</text><text x="0" y="34.016" font-family="Virgil, Segoe UI Emoji" font-size="16px" fill="#1e1e1e" text-anchor="start" style="white-space: pre;" direction="ltr" dominant-baseline="alphabetic">GetContainerEvents</text></g><g stroke-opacity="0.7" fill-opacity="0.7" transform="translate(31.502620036891585 163.87905007657264) rotate(0 23.152053833007812 10)"><text x="0" y="14.016" font-family="Virgil, Segoe UI Emoji" font-size="16px" fill="#1e1e1e" text-anchor="start" style="white-space: pre;" direction="ltr" dominant-baseline="alphabetic">iSulad</text></g><g stroke-opacity="0.7" fill-opacity="0.7" transform="translate(206.6755449380774 253.0308946088519) rotate(0 45.07208251953125 10)"><text x="0" y="14.016" font-family="Virgil, Segoe UI Emoji" font-size="16px" fill="#1e1e1e" text-anchor="start" style="white-space: pre;" direction="ltr" dominant-baseline="alphabetic">CRI Module</text></g><g stroke-linecap="round" transform="translate(297.8433794466403 435.23132280384584) rotate(0 65.17109829776129 30.02618577075077)"><path d="M15.01 0 C53 -1.33, 90.88 -0.47, 115.33 0 M15.01 0 C37.61 0.15, 61.85 0.33, 115.33 0 M115.33 0 C126.37 0.51, 132.33 5.12, 130.34 15.01 M115.33 0 C126.67 -0.83, 132.61 5.73, 130.34 15.01 M130.34 15.01 C130.04 24.37, 130.92 32.18, 130.34 45.04 M130.34 15.01 C129.89 21.8, 129.98 29.11, 130.34 45.04 M130.34 45.04 C129.59 53.88, 125.54 61.84, 115.33 60.05 M130.34 45.04 C129.89 54.56, 126.11 58.24, 115.33 60.05 M115.33 60.05 C93.54 58.25, 72.69 59.79, 15.01 60.05 M115.33 60.05 C78.31 59.22, 40.63 60.44, 15.01 60.05 M15.01 60.05 C6.79 60.04, 1.18 55.22, 0 45.04 M15.01 60.05 C4.45 59.29, -0.53 54.55, 0 45.04 M0 45.04 C-1.49 39.75, -1.38 29.36, 0 15.01 M0 45.04 C0.16 36.46, -0.86 29.76, 0 15.01 M0 15.01 C0.47 6.74, 6.84 0.34, 15.01 0 M0 15.01 C0.17 6.96, 6.65 -0.03, 15.01 0" stroke="#1e1e1e" stroke-width="0.5" fill="none"/></g><g stroke-opacity="0.7" fill-opacity="0.7" transform="translate(331.5344057229172 445.2575085745966) rotate(0 31.480072021484375 20)"><text x="31.480072021484375" y="14.016" font-family="Virgil, Segoe UI Emoji" font-size="16px" fill="#1e1e1e" text-anchor="middle" style="white-space: pre;" direction="ltr" dominant-baseline="alphabetic">Sandbox</text><text x="31.480072021484375" y="34.016" font-family="Virgil, Segoe UI Emoji" font-size="16px" fill="#1e1e1e" text-anchor="middle" style="white-space: pre;" direction="ltr" dominant-baseline="alphabetic">Module</text></g><g stroke-linecap="round" transform="translate(464.3025362318838 433.3645573229496) rotate(0 112.06915495125267 34.23649538866903)"><path d="M17.12 0 C67.56 -0.3, 112.74 -0.22, 207.02 0 M17.12 0 C84.25 -1.17, 152.52 0.32, 207.02 0 M207.02 0 C219.93 1.68, 223.74 3.87, 224.14 17.12 M207.02 0 C218.01 0.95, 222.61 3.94, 224.14 17.12 M224.14 17.12 C225.24 28.68, 224.02 39.75, 224.14 51.35 M224.14 17.12 C224.87 28.16, 223.65 41.46, 224.14 51.35 M224.14 51.35 C222.62 62.47, 217.1 70.44, 207.02 68.47 M224.14 51.35 C222.09 61.36, 219.37 67.26, 207.02 68.47 M207.02 68.47 C133.93 68.83, 59.98 69.31, 17.12 68.47 M207.02 68.47 C134.98 68.23, 64.49 67.21, 17.12 68.47 M17.12 68.47 C3.77 69.94, -1.05 61.77, 0 51.35 M17.12 68.47 C3.99 66.69, -0.86 63.22, 0 51.35 M0 51.35 C1.56 41.15, -1.01 29.56, 0 17.12 M0 51.35 C0.27 43.35, -1.09 35.56, 0 17.12 M0 17.12 C0.95 5.19, 5.15 1.11, 17.12 0 M0 17.12 C0.6 6.01, 7.79 1.23, 17.12 0" stroke="#1e1e1e" stroke-width="0.5" fill="none"/></g><g stroke-opacity="0.7" fill-opacity="0.7" transform="translate(476.33948750882007 457.60105271161865) rotate(0 100.0322036743164 10)"><text x="100.0322036743164" y="14.016" font-family="Virgil, Segoe UI Emoji" font-size="16px" fill="#1e1e1e" text-anchor="middle" style="white-space: pre;" direction="ltr" dominant-baseline="alphabetic">Container Runtime Module</text></g><g stroke-linecap="round" transform="translate(202.96133893280614 294.6317354405428) rotate(0 52.98359829776129 25.625)"><path d="M12.81 0 C37.27 0.29, 61.21 0.79, 93.15 0 M12.81 0 C43.76 0.44, 76.15 -0.31, 93.15 0 M93.15 0 C102.9 1.89, 107.43 5.16, 105.97 12.81 M93.15 0 C101.4 -0.21, 105.39 6.54, 105.97 12.81 M105.97 12.81 C104.95 20.98, 105.57 26.71, 105.97 38.44 M105.97 12.81 C105.44 18.29, 106.85 23.3, 105.97 38.44 M105.97 38.44 C106.33 46.07, 100.93 51.05, 93.15 51.25 M105.97 38.44 C107.52 45.41, 101.14 51.44, 93.15 51.25 M93.15 51.25 C75.48 52.35, 56.61 52.58, 12.81 51.25 M93.15 51.25 C69.64 50.85, 45.46 50.34, 12.81 51.25 M12.81 51.25 C2.3 49.7, -0.95 46.28, 0 38.44 M12.81 51.25 C5.02 52.66, 1.44 49.09, 0 38.44 M0 38.44 C0.07 29.87, 0.25 23.89, 0 12.81 M0 38.44 C0.11 29.84, -0.41 23.97, 0 12.81 M0 12.81 C0.86 3.4, 2.88 1.14, 12.81 0 M0 12.81 C1.34 5.63, 5.15 1.89, 12.81 0" stroke="#1e1e1e" stroke-width="0.5" fill="none"/></g><g stroke-opacity="0.7" fill-opacity="0.7" transform="translate(212.07284402988387 300.2567354405428) rotate(0 43.872093200683594 20)"><text x="43.872093200683594" y="14.016" font-family="Virgil, Segoe UI Emoji" font-size="16px" fill="#1e1e1e" text-anchor="middle" style="white-space: pre;" direction="ltr" dominant-baseline="alphabetic">GetContain</text><text x="43.872093200683594" y="34.016" font-family="Virgil, Segoe UI Emoji" font-size="16px" fill="#1e1e1e" text-anchor="middle" style="white-space: pre;" direction="ltr" dominant-baseline="alphabetic">erEvents</text></g><g stroke-linecap="round"><g transform="translate(340.1307113548334 434.23132280384584) rotate(0 118.95745710012142 -47.87031585660827)"><path d="M0 0 C39.65 -15.96, 198.26 -79.78, 237.91 -95.74 M0 0 C39.65 -15.96, 198.26 -79.78, 237.91 -95.74" stroke="#1e1e1e" stroke-width="0.5" fill="none"/></g><g transform="translate(340.1307113548334 434.23132280384584) rotate(0 118.95745710012142 -47.87031585660827)"><path d="M219.31 -79.04 C226.69 -85.66, 234.06 -92.28, 237.91 -95.74 M219.31 -79.04 C223.6 -82.88, 227.88 -86.73, 237.91 -95.74" stroke="#1e1e1e" stroke-width="0.5" fill="none"/></g><g transform="translate(340.1307113548334 434.23132280384584) rotate(0 118.95745710012142 -47.87031585660827)"><path d="M212.93 -94.9 C222.83 -95.23, 232.74 -95.57, 237.91 -95.74 M212.93 -94.9 C218.68 -95.1, 224.44 -95.29, 237.91 -95.74" stroke="#1e1e1e" stroke-width="0.5" fill="none"/></g></g><mask/><g stroke-linecap="round"><g transform="translate(446.2179677206851 323.87552036052466) rotate(0 -67.33072154104592 1.3508267927636552)"><path d="M0 0 C-22.44 0.45, -112.22 2.25, -134.66 2.7 M0 0 C-22.44 0.45, -112.22 2.25, -134.66 2.7" stroke="#1e1e1e" stroke-width="0.5" fill="none"/></g><g transform="translate(446.2179677206851 323.87552036052466) rotate(0 -67.33072154104592 1.3508267927636552)"><path d="M-111.35 -6.32 C-117.47 -3.95, -123.6 -1.58, -134.66 2.7 M-111.35 -6.32 C-116.63 -4.27, -121.91 -2.23, -134.66 2.7" stroke="#1e1e1e" stroke-width="0.5" fill="none"/></g><g transform="translate(446.2179677206851 323.87552036052466) rotate(0 -67.33072154104592 1.3508267927636552)"><path d="M-111 10.78 C-117.22 8.66, -123.44 6.53, -134.66 2.7 M-111 10.78 C-116.36 8.95, -121.72 7.12, -134.66 2.7" stroke="#1e1e1e" stroke-width="0.5" fill="none"/></g></g><mask/><g stroke-linecap="round"><g transform="translate(588.0527570054602 428.8174815081436) rotate(0 -0.8929182632952131 -45.627363327153034)"><path d="M0 0 C-0.3 -15.21, -1.49 -76.05, -1.79 -91.25 M0 0 C-0.3 -15.21, -1.49 -76.05, -1.79 -91.25" stroke="#1e1e1e" stroke-width="0.5" fill="none"/></g><g transform="translate(588.0527570054602 428.8174815081436) rotate(0 -0.8929182632952131 -45.627363327153034)"><path d="M7.22 -67.93 C5.15 -73.31, 3.07 -78.68, -1.79 -91.25 M7.22 -67.93 C3.77 -76.86, 0.32 -85.79, -1.79 -91.25" stroke="#1e1e1e" stroke-width="0.5" fill="none"/></g><g transform="translate(588.0527570054602 428.8174815081436) rotate(0 -0.8929182632952131 -45.627363327153034)"><path d="M-9.88 -67.6 C-8.01 -73.05, -6.15 -78.5, -1.79 -91.25 M-9.88 -67.6 C-6.78 -76.66, -3.68 -85.71, -1.79 -91.25" stroke="#1e1e1e" stroke-width="0.5" fill="none"/></g></g><mask/><g stroke-linecap="round" transform="translate(432.46706192358357 243.8230477655593) rotate(0 115.3102616706203 71.00074110671915)"><path d="M32 0 C70.74 -1.08, 108.83 -1.91, 198.62 0 M32 0 C76.76 1.11, 120.12 -0.12, 198.62 0 M198.62 0 C221.38 -0.05, 231.57 10.4, 230.62 32 M198.62 0 C218.43 -0.94, 232.8 12.94, 230.62 32 M230.62 32 C230.94 57.17, 231.6 86.69, 230.62 110 M230.62 32 C230.33 61.69, 231.36 93.77, 230.62 110 M230.62 110 C230.74 132.33, 220.4 143.92, 198.62 142 M230.62 110 C229.03 131.88, 221.1 141.35, 198.62 142 M198.62 142 C156.63 142.43, 115.38 143.73, 32 142 M198.62 142 C157.68 141.22, 114.68 141.93, 32 142 M32 142 C9.62 140.04, 1.37 129.56, 0 110 M32 142 C12.07 140.6, 2.29 131.94, 0 110 M0 110 C1.42 86.17, 1.64 60.5, 0 32 M0 110 C-0.55 86.29, -0.53 61.36, 0 32 M0 32 C0.95 8.83, 12.13 -0.09, 32 0 M0 32 C-0.4 10.51, 10.84 2.1, 32 0" stroke="#1e1e1e" stroke-width="0.5" fill="none"/></g><g stroke-opacity="0.7" fill-opacity="0.7" transform="translate(502.0197478366281 248.76318281167232) rotate(0 58.4481201171875 10)"><text x="0" y="14.016" font-family="Virgil, Segoe UI Emoji" font-size="16px" fill="#1e1e1e" text-anchor="start" style="white-space: pre;" direction="ltr" dominant-baseline="alphabetic">Mailbox Module</text></g><g stroke-linecap="round" transform="translate(544.187664690382 297.68363735712705) rotate(0 41.46844678260974 19.261363636363512)"><path d="M9.63 0 C33.94 1.44, 56.41 -1.86, 73.31 0 M9.63 0 C31.38 0.34, 52.12 -1.12, 73.31 0 M73.31 0 C79.77 -1.9, 82.77 3.56, 82.94 9.63 M73.31 0 C78.98 0.73, 81.89 4.14, 82.94 9.63 M82.94 9.63 C82.49 14.97, 83.73 25.42, 82.94 28.89 M82.94 9.63 C82.98 14.3, 82.47 18.64, 82.94 28.89 M82.94 28.89 C82.11 34.47, 79.6 37.4, 73.31 38.52 M82.94 28.89 C82.97 35.77, 78.12 40.17, 73.31 38.52 M73.31 38.52 C49.98 38.99, 27.59 37.29, 9.63 38.52 M73.31 38.52 C51.54 37.58, 29.22 38.7, 9.63 38.52 M9.63 38.52 C5.13 37.91, -1.27 36.98, 0 28.89 M9.63 38.52 C3.94 38.94, 0.02 36.62, 0 28.89 M0 28.89 C-1.37 23.52, 1.52 18.82, 0 9.63 M0 28.89 C-0.15 24.06, 0.2 20.74, 0 9.63 M0 9.63 C1.22 2.19, 5.12 1.92, 9.63 0 M0 9.63 C1.79 4.92, 1.93 1.5, 9.63 0" stroke="#1e1e1e" stroke-width="0.5" fill="none"/></g><g stroke-opacity="0.7" fill-opacity="0.7" transform="translate(559.6080539168394 306.94500099349057) rotate(0 26.048057556152344 10)"><text x="26.048057556152344" y="14.016" font-family="Virgil, Segoe UI Emoji" font-size="16px" fill="#1e1e1e" text-anchor="middle" style="white-space: pre;" direction="ltr" dominant-baseline="alphabetic">Publish</text></g><g stroke-linecap="round" transform="translate(447.2179677206851 297.9866676601573) rotate(0 41.46844678260974 19.261363636363512)"><path d="M9.63 0 C29.49 2.05, 50.25 -1.45, 73.31 0 M9.63 0 C34.11 -0.1, 57.77 0.52, 73.31 0 M73.31 0 C81.51 -0.11, 82.9 4.24, 82.94 9.63 M73.31 0 C81.72 0.5, 82.42 4.13, 82.94 9.63 M82.94 9.63 C83.26 13.4, 82.27 18.62, 82.94 28.89 M82.94 9.63 C82.58 16.43, 82.48 23.74, 82.94 28.89 M82.94 28.89 C84.15 34.17, 80.61 39.22, 73.31 38.52 M82.94 28.89 C84.1 37.15, 77.43 39.1, 73.31 38.52 M73.31 38.52 C53.4 37.79, 34.39 37.28, 9.63 38.52 M73.31 38.52 C52.62 38.09, 30.49 38.09, 9.63 38.52 M9.63 38.52 C3.2 37.32, 0 35.88, 0 28.89 M9.63 38.52 C1.97 37.79, -0.99 36.78, 0 28.89 M0 28.89 C-1.8 23.78, 1.6 21.06, 0 9.63 M0 28.89 C-0.93 22.65, -0.76 16.28, 0 9.63 M0 9.63 C-0.2 2.86, 2.84 0.9, 9.63 0 M0 9.63 C-1.08 3.89, 1.53 1.08, 9.63 0" stroke="#1e1e1e" stroke-width="0.5" fill="none"/></g><g stroke-opacity="0.7" fill-opacity="0.7" transform="translate(453.22233369274795 307.2480312965208) rotate(0 35.464080810546875 10)"><text x="35.464080810546875" y="14.016" font-family="Virgil, Segoe UI Emoji" font-size="16px" fill="#1e1e1e" text-anchor="middle" style="white-space: pre;" direction="ltr" dominant-baseline="alphabetic">Subscribe</text></g></svg>
+\ No newline at end of file
+diff --git a/docs/images/cri_api_1.29_overview.svg b/docs/images/cri_api_1.29_overview.svg
+new file mode 100644
+index 00000000..94911913
+--- /dev/null
++++ b/docs/images/cri_api_1.29_overview.svg
+@@ -0,0 +1,5 @@
++<svg version="1.1" xmlns="http://www.w3.org/2000/svg" viewBox="0 0 1209.6444540126743 730.1247574550649" width="1209.6444540126743" height="730.1247574550649" filter="invert(93%) hue-rotate(180deg)" class="excalidraw-svg">
++  <!-- svg-source:excalidraw -->
++  
++  <defs><style> @font-face {font-display: swap;font-family: "Virgil";src: url("data:application/font-woff;charset=utf-8;base64,d09GMk9UVE8AAO9AAAkAAAABO1AAAO73AAMAAAAAAAAAAAAAAAAAAAAAAAAAAAAADYTJHQZgAIluATYCJAOQWAQGBY9lByBbpzpxQ1QZOitEWvl1ExHg7NqqxsS6RlCwSkciyuhqMfv//89KOsZwUAeGmJXV32EeijNbRUcYuVUTmWNvG5FWRBfkAW4YWVueXU6tq9d0pZufMcACcUzc7AmXTyBwYmw0WojBScItqLq853lRPMu/i21F/1VrveHFeyj+LdHE3AfsFiWacmNotmSIhpJesVGSFIFWJDgsMxNmRIsQQzGF4rvOX33MPtY+LeOF490dgR0G/l0zmGbP8ku9beGBOf2+EcKFm8Md59ESM5GZKYtFok/F14jmMBPlbsKEWTmjIcDMVCgM0RQv1VD4IZddn+x6g2Ff91p6BriTOHYqRgBPP/Z8O3Pn/WXBXUTBKoZoSbZg6N3qwPP/937uvc+bD5huHSziTSgio5mQNpAsr235cGq9P8/r5vc1H/KatrSSHj8fGwzDhavuia24cMyBvutkjYQtKFtwTcS1wVWcODY7KMSFOM69OS/+4fm59f7vRf5FsY0aMXLQQgsGrRwggmTYYCJVEmVBm4V5Z0ThidFYPeyrtRKEoeme3dvtgT6iOeJnlC8MsAKKT0UoFD469oV+l7DD8pn6lvkVc++0kSEfkCM0Vauqh+RnHNszHtYIqREKELpb3S0eAhMvIXmB7+tkb9/wpNO+5fOjmT/aU+6YYwu6wVlib1xrbGxcwNgduqmiNNOESimjUWmogISEAOOOe086XjvNccGlpjQnb8gjOY3Gyr1sLlmavf8vKSIJwtUoBiEBfY1jpaqrq1ET/z2/7f+/4/hmD/yU4cZxDvyseBGJ7/W9rVwMSlAkJUsk6hzqQCsqJVbd9NbifX/4r6pJ4LDfsD5vl0a3Nl1TSqk09SUxpviFT9KCpj3jFmScMz4t9f8VWXkadd4bSR35QqxNH33Ai5BewBI5hQAbQsZFe2nQZ84A787uLKHXduwYMHUawjI9wuP+7R+jZdW/WpL3hdof92mkcoac8YBwj3gJB7CB3aayqzgrsSIikYrAZYK2u3l6AJfgdm+OybOvB8+JTFAi4hU026JOz7fHCxQujUCxVVutY8Wgje+dK4CA+afpvl+9Nyecky85rLBnngvwxHEpBa9ATSI+MxnxjMcbadI6LaWIPXHlOeusTrrDBkAFCAzMc6UTOFEFKTY1Nm4GuAPasdAah4+DcVmNg/pfU5Nao+e7QykouG0KYR4ewkKQVmtP1n91ike6Kvt60/WySWeBpeOKr7QCg0hoKAwgPPOvqrl+UPI78CqVirROp/RhKm2YMy0C6CJQdAHdBNBOBOmKyGuC5AZe6X1LKQUflBN+2M7DB2VHoBs/KOcRvCZQfn6i0lsdM5Ypw5otoyCn0UlftixbMiaTk2XKy5Q1Y17G2zJOB7nKUm0/PkgM7J3K/X5azIxlS8eShkmeIYrIIuvN47j+8Xk5xmbzq/fd0AYlB/aifvZu/3or31eH2eCosZNM23gKUvMyo25K7fx8x2ZRqLM4/xxLbOST4x/7aOuym35y8olHctP4b8V/TX/YCP2p/1mult99+Gj0u488j59Q7/DTaWN4EkPx7itzRBhgghZ7XPAiQJAIcTLMtFCJKku1WqHHWlvsst9xLnKDYR4xwicQZ7tG+knSE5NnLF69LLqrR0X89vtHVudoGtiw59gDkletTr9hov04IcNsWAhCFGnUMYNrWMA6cqigBQoCbHTgQRhxDOMAjuIkzuIyzuAybuEuHmMEbxC773VEWIigqlrWqT4NbHCjmtiM5nd+y1vXlq5ob9d1c/f3eC93qA/7pk6NEihFn0Rmmnk61thin7O8wilOc4krXGeGedbYJEaSKhN6GOUQD/IKz/ACr/IW7/ERn/Il3/ITf/B1//9y0DjoHH5x+M2hIRCCxhEpTKlFmUZcYipGDGMmFmBNbIBtYYfYXewxq9h9hvn6/vr3thQeZ+KUArHScmqorznNakXbKqkpSqIM+SLlVlB9GtJ+HdUZXdZZXdGQ7uuZ3uizfnlBkASHEFk57pwrbnvKU17wunOuGjNrxbYj2+1zj/u92yM+4fO+5gu+7jt+6Od+40+uMZH/QTH0f6P/F2WjGegMdD6aieagxWg5WoU2oG0oH5WhWgfrEB2GI+UoOOqOGcc5+Rat6/9k/8+mUCCeJiIC5sZapHx9QEX2IMLTPuIbQjZoyoY9XgDCc1CSUcEfzRVFJcPJ4YfarTTXnEEp9Fll4bmCyF6huXD0c2NkyBrUclqFDS0fCcldmnBxq5ZzUdjQ0hBhra3noZkdrY2QIXdtwDXbzuJpombNK3hcpdld/aaHaGW4yOQ0Uq2KuSpqqHgkIlXMSxG5hZWvipLO5Yja+dGe2Ec0Xl7hJVeLriry+vKRHMnapHSSWh3Na/r0xosnKF8vBiOnHHm02DmrmKh7JKa/6Kx4A1EGB5L5gPZja3EC36Px8gVmpEMfpVo7eKal3dCDQk3OQWrtEfywxsP7kXKdc+xllnS10CSorh6UNHRFJNThKpI3Uj12NefH5EBdrYWSRruZkfa+i7mL+aR7b+irdu+/Svdr602Xpz3AJtUl38juYpi/pk0HYWKZtRHy//WcNGHEROmgcepGC9vOyzGRY1+qfJxX8Ka4G2gxbNKvLqrqBjSlQRMYHTrDDGsYBjAs71XrIXW0LYetKxhHqGHoNTTSyi1NsvSW9pYPZAY4gkxWtrU0z9vbRMU08fOJQxc+Syy+gtk9G54gA+xj+zrZX5Y0rjZrdBmGy68X/sBnzCF5AdMtKp4mqPbyQez0lZGifaq47Tf7SIZExoiy9kkO2JjFGs8VnQMdK9nMR0/nKEUbGADCEcjocG6DUGjz+CoAhQFwBBIDEwuFxo4bN+++CUBhAAhHIDEwsVBobBxhCwAAwIcDAomBiYVCY+OISUAQBH0SBIEgCIIgCIKgcvQdCMIRSAy0MCC+M6Y5BcVI/gkYkMn8sRZzoj6jjymGesj9+I2a22/ocz8NNPA2C+fgZtOvbe7ZbLKKuW1NchzK6mJ1Pf/1IF9PGNzuWk+fWr5AJLsGbXx6WqXtz7Sw5sK/2TRigdQEnKWCSwHOJDBxwFWcy/MuPpBExwGTydS++B38ygHYhoswSGJKao0cwRU+cxa87AMKDql645JDKYO+5m4QVzcJ3y7stzuYTaZTHAbNHXHpPfKmuHugSHKiUk/ZPC/TXrC0xqt/dsGQ57sgXd3hs/6nDbLRY/DknG/yxVziZVz+ldwy0Iy6cNfv9o1UVPeO7SRI/Eej3M5tWU/0ydP7mv8W+vb7QPcr3ytNdXF9bro22Y7bj7Zf+/5e7C/73n67/xrB1Iy9URj6uDPOjzvj1fgeZsnDRCrKMR3LsR2VaAcbarhhDXcEIhLDcSROx6U4E5fjZgzHoxiJt3PJ9GZwpV151l4c+73B+fGXExniT6JM1AELXkAM6XgMP5YTZEIWvN+8x96yP86/HmkfeR30BDeCq6FruBPGwn1qRw26oBG6Ql8N9qqpBupSDaqaqtbOeqAPtE9H9a6ua4yag2bZtBiT0RqTSZtKYzeKbdmu2Fors26rtyFbtJX2mzudd3CO+7zBVdzBKraziKWsZzf7OcUPuIzfccG8beSYgWdMypiWsTBjeUZ2xraMHRl1GW0ZwgxVhjlDyrAzchn1jJlUWRX48WpiZWxuhR6qmw57kBDolGzsgvY89rhb7XvJzwQfY4+20SX4OtWreKpuSFaXlECpiOVamcv4JA4/x8nKhM2qKCxtMjn4oyulp5+2+DzPxYtYzPSoPf9Yvlvd4vcuYU3142xsRkmAfbwfK6ODt6039/4JpW8VEqlHIZIunBL+6JmzfHyE3o3mF33fTPtyd+kt8NrwT5yY3tXcECqX0RZRjsN416y3bBO8IjDJcPLMjeX3UFc4USotsEQLOQvWwDz+tuofrKKIxg39EBCg4K6oeW4pSCLqm7ih+kAy7/Fydux5Ldh5nZZU05IuqzLvripqXcA6pZ2RPKH/d7Vhy+50yl+yFh/UIyLAjn8fv/fx2Z7SNsWc2qzj/U7z+cFG30qoPh7Z5qC3Ze5YhCSBZYH04b4xhJmKKLbQSuzNojJnYgVKYcrTV4jLFCCbX7QrsD8wOFpEHcVC6m7/T4/rDbOCMYvv9JxgP8P+5bnnhxblt29k79MERhrZfpNruPWEn9zyaWm9D6Yhlysalgwi4BGLoGwXLltLytTuk/Fts6n1vh2+DbWgbnrIDLRawWQ8nikM/EuPyg9/viTjuTpg3B1Y+hDUoC9ieivGQlh0cicgzznLfcQVZ3dVKCuRSmjBAmXfyhNu9pTGGImlCL53o0K42CnEDXXqbCl182f/Bf89gv5vwu2e7vJ4iWYg3CGwkKTThtD0GoseIwAWO58TjMhWCDTwf4n/MWnupK2x/YCzIig48kILRHftWSKYgi+uRo3xYmrCurpHP+wg/v01/53uutoVJiUQVDulJgTOfnkrR0ZI1k1tENAMdR8iv1SLeO3Yf8I/i8/b9WdwvtwVMZlpeDIIzYdmpyAtzZMJSHtCcxcsWTFrteeNzqfiMmfScU8kIho1b78owsx+mq4uQutyR6w+9Yo3PmDBKfNIugWybM4TIVcd0CWURQ0Sc9kHMwiRyovyick6zb2ikU77TH+AKiu2Gf+Ahqq76ShpCk2KlUBjcPCK11f9dj+F7vSs8H0W2JSabHDxn24YNFev43yHqeq6XfE4R3rTOnZgFh8dEP9Q12qAHDk022XQ1pUSyjS/MSNipVuDYUYp0cM2GyEIDULG3HlLVE2Auyq87HOQvZquGjVgYq9KECHaIH0yk/2vr37SWfBV8B39wF8uFIxNfTsoDBvADTTNVVQ7OCrfY6L0G9yaU8aGZUKY7KcewrBtVffi6ub8GXxbdpI97b8hBoFQUgYJ00i0awM2XFgyVBGcFpXLAuR+2yS9JkI/gib26ZWf37eeNzxCOI7hrUwsKtpDVjRC3jQBB+N9CokJWXc0xw4tO43puOVMxB3S5XQnpNSwKH7otNIEjQiM4uWWjq3nF5hOi5K7xSdq3G9gYjUCzpPda9tRcOW32Y1gO7B4VKSrcYl2suSDeHI+STDgD5mdKorFl+SBLm5wuaWCyjmlZRMIsqBi5kErzkGOJ4nBBsasiHSBSPGEh2GWK1XRkbr0idAO/blDD3UvNXmqJJmxpciGbqkJFkRNIUlDf+tr0yuVBmbNePeTRpvLyLH+s3osJPvlgTLqh3bYTHbiV3M6AGRNwjDRIuSterpZLzTWgcuy62rHrJUFzGaxIq+ArjzfVthhOorC0AiCppSU1uIeWScjvuX2saqaGLe8Fh3SttzX2jZ4L/t29aumKWwl4SBuLsVe6wvvnzl7f2Fj60x2nQvYoDXgEEtrWEGMMhekBIg0R6qwt5tu7aJsxFY80wzcmiOQL9SbhS37pegG7yUM0NERxJnuG9BGqdPXDMtrch5+Nbp6qOhNVG7d8BXcqZcV5coyFjc48CSzVlnjgNh2I9tCF1i0cmNaz0tWcdOWmnZQokq6pKW7cjrIj6FvBr7l+gH1AYTeF4etWFaoxef12lP4cFlvw7p8amqeUgDZqPYsC1MlUuNK8Mrdazc29gBZsdmRjPBrIuC6r/YdOIIzHVFYFJYrS6tbwdJCTvZNziE5kR7IqdUadOyGS3ESUHqK7/9NM3cbbyjUVkSsAOtQcaUIuezfbaVYT2V/XL5KOV9TQ9fG3WezS8MLr2cJBkVOfn9tH754Wao4QR+eb7wYvd2+107VAeA12lEZIBOssvLIFFCpkDpjRTY7Ovv0+7XIpQne3FTbfpFkF4sx2A8e2b/y6YM3OW4SCexYtGl0iDncNe3uxpa942A1SXQP5Cf61mjfYINvow1RZVm/4BbL9Xyj+fTag1N1gDdXtRHSP7w5j1qrmZ5xB3ApbsCAIKQ4zRDLkDfbE3FVSPJxnsxGk+P9wytWacTijZsSdBKq2ytb/prJ+O2mCchsWw3g0mDn9m7b4DN2d5seOaA066UNdPbUzuH6nQfXAunVgqo2ekuBJiumUfT9cxcjX6hdfdEzvjRfml7aBmEgqFVDoUAjb8kGGy6WB4uKKOG8vup5eFWweTsT9ItV3gQCp1IF8dX6Ok5ox9gPGraY2+n1iq7ZkiVZ5Dm9YDs7FyRqz+xpVVUolMUgZ/h2DpOmplbsrFN3TFtxNEArmqxBPWcSCxlJGisugPhwyHi/GDsfHF06QQKjxAP8pKgompEleE9YZHz32WddH0hyGDqskcSu9dgEuaqpMCjrBRHiIZeQsMiKnimZr0syQ+0SvxE9AFhxhQTs/AE/sanpzViT/b1wMD7ZvX1rBxCO8WcNLUCqHPuaarv1pOIBIHGalH2hk4EPA4jG3RO5MbMxXOhX7kx99f2ds1Vs7czum7f7DmvB5YZGY71ArWtIxnOaBSRdxAprUkE9EkEqH4Y6kuSWwazEblObCGPKRPDEqNqV1ZqTdw0xlgornRgwgOezRgQpEMGwA4+rQo3NbYvbG1gBuLaPrA9GzVMv9HbRsnav4EhDT3mZOlKNK+/e+Fx1s1pz/M9+UXf4Ja1DUcdd6aYJ8L++VzqQssWypCkghOsGqraGxEuQ2mgxXrGzpnFHzPRhhCT4J3DIYv5KjPnM8J3hYgyJRUFRERCiihSmv6uN1bjpzcsbV/NL2xfqs00vXq6mMiCiD4gbnSqNoxUtBqPV1/g+LIxqtIXWiofbm1thsPl6Tpp+Np3aKwM27ZYdKGpYoyiRVXwlWj4WDsx7Sn4iIWHC0NlwyGTXXr6wn4uzjyhq6JJ29+I1ABL4ss3q49ZkuZsSPlHwQmoZbRecMh/egNGDZJQi3KCtimV30adH2/PUB1KNGxptAPUUU7ajIqzWOquk8wrlY3tfbHumeo8VEOyryY9PbkV+J1BKHY2KWtbXAMeel6CQTZtybf3V627dbiPd71q46Ddo1HO0RRCRHyo+zBQ6YTv23devSKVABnQx4MJ/5Tlb/kCNO2giJf1rDycrANLWTQHC9x/Z272Dh6XbUfmlokgarA96u5NbV5DMzZEIEqnHX51L1IoVK7ndbzlCfP0n1UX1AtgGWfbL81d6m/JpVqBUQQS48gdViQ3PSvZD+VA4KO8s3VKOzdv7/ejA1bbLR/zvRoPib+DjXfcMJQd2I+MnyDoe/DePZDoN1QCCWscaqmlTQKd1AtMAB7bbbXfVsTEmNmOQ5EIvYqiRay296XeXArEJZJYnNeiPqoaL4seQk549GuJ/GTLKLduXFx+/SCHfYgMfIXRFrLHzo25iixS8ZaBbAuc7Cett9j01p1gzBodStOCUNZCCwIubdyN/utMxWO14HRr2m54XGI7nOpR6FsVAzvk0gLiVrFY4QZKKQSnXCC1RAq4xJbwHvP8Nyy0kkV7GC9pOVkK5M6vCwqa0z74TqahlwTSNmZKWbEHNZ6K6hPrG5FaXGRswXApnlnYWSWn6diVOZ79nOvEtn+Ox0RQ6xrJqA1cxLbjQJHiEZXWqYnb54dX2zEoxAQcYyxtX5JSdZTobF3KdImDFfgmUvYKII2bqGld+gzJ1Sapw1KJKJmbE8qJDxZTF08osFb/EMhMWs+mPDlXMCwmssLjEqUIZM9Ut8a2YS5QME1arzFoJ5lck07VmWSrXpid4zLMi0ww0pN7udPnlN1/hvUYAl62L039i1+t4moKRhtpjPKdhhJMXOPL0MpLpz0T2r4vrH581ODlaJd/z5uxALVOmys4gc4g4tnkm0yt9Yk0AMSu0KvP62glaZpuc/2JzG9suZErr5XUgDRhB1PifHrq0pvMFWDgK+c4wj14B5Om3O0g/F3lco3RR/aQgWEeRUE/slB77cjCLjTzqvCmGSrPM1EwiJDTNyALmpLmIgGrQ2pXdTLbk7vLBQQvjmUcktrqu72KCXYVU0+t1lYKg/gArCHwpVrmaQL0yckjHi1APcQhyykKTXX9tS/qqYwCZr16RoNHrtq9ceWLl/S0rn7jmlkW/waImOdjpXOn4bKbQpUscuG9fGb+xzmZMxYR6klAHLRZ/qJA2mjDlf+3hX0OMsUSsPQVhOPHsYmjyqGpQD4YJCCSMPCQv2q5IGDmI31OLvrQ01dvWVIanBA+Njw15M/XUSGnW/6I+tzKLo9Fj1+xXGPPUprENKxNidYwuiSiZbFutTvZlMVs5l9sqMQaR8LGJZeJUV3OWPWBkUfftVXC87aB2G39YDFYflLVYi5pIQDDNFBxKBlE1ZOZrWzjmgpJnu0o0AaR6neXUqQkJ19loSiYKkfHMwYnKfhMEUXOx02VkOGu+xrm6x6OvNc+9DajfWqqbU5OzpSUNwPN1zKNjWoHzF6kuw+EcRTkak/k0VudILpcSJXaPdFg+zHgJuWznOoTERhyYB5y6SCPWjrpkd39NaLQajfWd/uHWHoASlSRGba2322QquVondGQV20ZoNwLfO7l751szicl4a26KyEdv7bSPATtgJwUb6GRJtSGKRl4JhcO8qCVFZmPBKUkck2FO76rN17PktdM99RuLxKbn5gs3J3FHSuk4aqAk1ZACcNFGkJFaYxvBhvVyQ90LPqguF7fHJZ1+zh76WuBJPmLUuJoaNjBbPhdW4Abx+f51GmgAZIOYVBBv8i7WgQIt4w0bU4yN8UMzmMxcimVAllVR70rk+mJb1x1wRcsWr6SuCegtXmcFbZXI4pazvJwVljqqZGiqagmkGOQkoc5QGbD5S1rE/m9oYZeVhKXYlyqQFwoul/d5Nrp6SiKVmlThv1KiIog52ffqXvnT3xxQlwGT9OGGu9bWtn0+Dyqyyk9G51mb7sw/akWV73//dJNdcvmSQDNd/m6qUZ9XHRhWK0kRVetydUlKiYgFYr/8kEnFR2xXNiI/QK9CACmZ/+YXnf3LiOjMsS8ZnEgG63G1TZsNvzeGc4oeqmGeBLxogCYm2XWeAfNvJLvNO5S/onTtM7bnt9NTY6Rds26C4bbw/urcKix4S9t5hWLznuKpgW+FhAY3TMCEqVDWsJqeaX7XIyBw19HqWn68/u5qx/PVytZMTO8CGZaKfXMnuNX8WinQ8dW260lAKBdV2DWmsePLDauxHGxbE4d0lFBYwuzTG/gjJBPBQ0io/Z12b2eodtoTARgDpdIxSo5+/4l7YUDGSCgX6ha4JVZg4upSBZBjXQOimGEU1DcuUqbPWXsd/MczAA48M4B+0gpp9TEqiOV2NFhVIct11HPA3pfGoCQu+SIU8A0mREVOuSKXZNJys9d6O5kBWbq07svP1xb5aq4qn/nEGlSDh+O2g28bS6CG2abuNYKw7PjKDbQPhnlDt3AYZMLk87dDwAMyto8/2B+x8bvNlNB3R4DT6MZHUtVtlAr3xh0mpQ7aKnJAJSshCpAgdz2uiiAG/rD99o/XUODaTWr5BKoOdiMZ1Y0vug2o1ShyFVF2MZQNMMf84E66z0huVdwVpZcJeHZLG3DV0RwtJ1H6bzdWnZ87BkUEktYTxVcdByuZp1u352nwaA64cpHGX1aA2Pm3jjxjy9gGCbqilSAW9cM8wslgTjApO7u5Dfenl6eYOWrGoMI2wYTCoLyj7iub/VcZdDk6C4sywsci7sbhk8hs18B+32UvzeL7EfPPThkDuoYxqaeNzWhT9pdGnXHObIsHEEhWEMWpZYT7RoYhiGVN4sKs3B466Q88G8K/PDkP9IkN7Iz1rzCAmf77F10WCEy+W1mHfweg8htltqr2EqKSSNuco1kxc6ksA19TpZGFKQrTCvpJwff+YqgZbvttM8tTT5c0rLFVibKgWXl9dQLDI5NSoWLG85xuYziabFhAzljEhIlcrewjQnPG2JIPdCPjGA09JQRnNgLtVExzqGGWC3q32rimghfAFmMmuxwCFtd6EhrP7n49Pikn+aZp86ouacvA1mn3IePGfB5gDn3vkOwjCdNwINloGRy2xsRY2mQHAoyRCV2DVxhW5eUmnJwyej6yx6xUC4AFeVUyJfzK1gSvclTCoA8QxHkuhm18w3WELQ26hn0kcLfuCMexDQkAqbLKQ0aa4sHhljGG4RerELEjFJ+H9wGSr0eBevkxnn9Yj+AAEBlFqaAH6TGe5BUJUrcxwkWEAT4uJRw6HLZjXYjFmShkWEliKEhru1wMFQCNOrbRFVcPSBt1Aqe/GuP0BfzzGz9cW3I+s3JH6d7zPNHtRqA9bJS4IkTpohqK7cI6qzTpkji3uiYyGhZTZXFVE3ukSre9cPlO7S0ip6Bh7JQaNYUOwXblfCEELP1CJYAPUlOVjV22Q3ttPSpzFb4McMBEtXLzVyjNsgKRczcssaTDEjBDutnTgaqiTweDrT8SZi+58DlOCJA4XNTg6pG3U/rroamj7WTT52noPBolRUWR0KhujBe20ZBi/F4jVCOhWJwwKeXeqiF7lu/lHJE1eS3Fgno3UW1k+1QXR85btD3d3fid4lJjHUo3/rYpFQj5gWawRvTge6osbDe2V7rAwld3NSiXRX4eSTWdOV7Ob2nz9QKO9coZJknLzPQ6e/Jt+VZ4Mt1paA0aQ+thM1FdlCP1gXeqa7C620j7KLPb3JG2iqcmK8GUhSfWUbuXEtFXMZXtSe1Z4xlrg/nFGcjYOAWV63RehdtXnTvwHDIGuUElACLra3wCP9kk8z6Kp+485PnsZb+/93UWFVKh32aqSlfTEFNvkIBF4hRgVPUdi4tcKSxQDROKmCafwvL+3tp9tB7gt9AuTstW7Sf33LtyyzO4hcy2GMQ4HlBH3PWx/GOYBBg6pAoCzzBh+wGv0xsrLcud0OmyRYgILA719aT4ChbQnzhreVORUK1hc2QgKVp5pL8dMgHUrY2l5sZyFTOYl0Ie3AKZEO/arV6ApISCJVZEp2ShrijMQSgQTlGz9Ugrm2pkBKqe0ibpmTOQh/rAHv43T2BXA3BtpQT20woXrkiKQLjapGZ7h4vfq1XxZVLDHWtO2+bnFdWc4i8PrmBwRK1beJqSkhdouYDTZVGSrLkdCcwjdqTN9Ne9LNbR39Pzd4rTalZ93HbVhLdXXCCRZVqCgaAr8Gj87tPL7j3n7G9njhWADt4REmjnqRoioDdkDTLdubxDL66vjczXBWQu5CDUuenOC8ThncfkIbtmnAze4Cknur452dvk7onBc28W1MBtfGGvALu64uQCktJsnRNQHztGC4oC8VS1egptGIEFYKWtUI0AhPxo1jBcxcFaEp+t5ZUtEbD9N1IWtncO9q4hTrnohxYZcT1vNB3L5gxTN9tEM7meAeUFsOfSEBcB1tYFzCW0oOLCSvJiuKrd7NS6xIm6O/wtfvYGmRkRmJ6hTbcPrV96dZKYc0uxRmqTod/YN1QnUYBQWZV30MiB71ndge0w0Xx02zV7k1tlVu8PnhVE2BQEaXppK1/ZeMwaq2H9yW2jO5kVAjeIOQT+/dMN+LKlBy5ITd6ND6GVkyUH1cn9l0p1t/C0VvcJqUhZXU5qo/0JIKKDVEucSEAUUmwEouWEXvoJNWkLHblbNbhmvkXKnKyVmaxl+irxlHkwL/5Ra5I9SgxJVTBQwMcrFwu1tfhmdkFyAQSgwNckiY0Rl64mycf2XBdaxDnwBMstw5oUfzL21uQzxDz3RzFe8C1Mzaaqzi4Zh7UjbSzv1cbSQZQhONLcDC/ev/rS5iHAw5nPly+VltPTfd2eU7+qmzN5wlkJo6boBQ0yCh8oXmKKtEACgJtluJp6ALTs2NRoia7QexrLVMRfjfgkEFUqJmHYye/+FBiF7+HvZiIxE+IYVmdEJUI2HdQDDFyz1g8Z3yjfb5NpU4wr89e8J0aYqZCzVD1CY204dedr+ZHwA3nr3NjNrgs3e42TyL+kKQnl7yaf1wD+jxs3TCvVV1rHrbdjPpCNr9wSoULmayuo1SpVxEr1WkYulKtpEAt0bw7Hu4mSZkGtVhIqiLGUikkCcBAAcijrypeONwGX9CUfWlmqmUhN1zXFvviwT8YbCvtLxD3UHczdsNP5nHTQVGI/JR2+t0U7JK0P5LTmTAONui5V9bSYqPqsW6fzUlGcxfUq4IQyFqaxDSNnZi9TJQNrFMQgLI3JJoR78LIpAFfQe8H8NgFSaHZPhjiWRkW09lBpfpXIt4Gx/BH8ouFFgpmqEdCqrzRly+h5gK5+fVQAX6JqVtWopemdzmFeg0jjeBvZice2UQGpMHlDy2mBM91p0soCroBx1/GyD4tOEsKoFHT7ndb0n3iHBclEgKorBFnGKUFWMEzGd9xpIFOV4sTu+q6vH108hVZa1xwrwxOfZBVqPOVBm28UF7/OGhEQq7OKAZhmjNNcE+hyQTGEZTdRdZT1hul0ZzWEX3bNlsk7GdfaTeiWevtnKtqfMOVk1tegShNkeVSCRADUxkJMZlILhLjULCWm7Xl5ycQdqVJylBWKGpQRQvWGHBQH0bA2BLh3lzx1iAGLGksqHCV0bDyP0tzXVOUs3izGtqJIkq1NU70al0hAq+uiATV/cRFplJfYqQkspiM7UPViNi3jWxLH3z/JBY9ZuzfnIJFlu4uzTHYuY9ulEtHp5wS9QlvNZykyhU3FUrzVSjCNuRKm4rDMre2zU93UGNwL6RmwiyHvdrRl+bFONeLAdUsNvRUnTtXp/6mdEZrhQk8ypNZtbJYfS+mJ7TmOLQTYE43poPYIKwi//Qino7vU69FW3xQKX6mieISp2kuwQ8hwKOuRoRcfYcbSFzpdnVdPiNe4JHOgdMFTsco7JUmeJr9GX4pwBzsT+VMH3cF7JZoApHN8GUTX8mlDdsXuUj/tTm9ctLy9XEoYrUnanfZ1OvSVh2GrhngG7h2b22A8MMjgOB7bvhyRiFOuALGSfH9Fd1+DySdEwIph4gg9j4yBh/gIzpdNp8S/QXy07fKAqQpu/dOuGm1hZdocSc5cThCbiapoAv6jjzFDot/8ocOukugMCyVJPDrJtAopaTE4eaC+igv68rTrlyDpI/UFnyK0oBbUpttnn9b/mMxvM5kUNSWAmYENQVUB0A5kArSLFgF+v1Iq0AuUARuBOiAbdB1YAxQDfUAnsBrYACwGHQCzgAqgA2gE5gHdwCpgAFgIbAU2BWwHtgDbgG+CHWCQ2XlgP7PnwEpwABxiDgYcZv4D1oOl4ARzNHASdDHtwHnmjOAiOAcuME3AJXCNuRy4FX49sA4YAsPMbcFd5g6gB7SCR8z9wGPQr/0E6Mbv1Ay6+wnqFd4CevABGsLbQG+/gCPm7wEd/gCngH71h9OAp0D/3n8oAqoVXhJQDlSZXAJUgnerTQdqAF+ABMxVeBZQCBSAOcw7wFv35gfkBN4ErADfPLAWfOcbRAcgUAhoMFjobQdeXB7mKJfzlL+39BHAl+uXXvl/so5N/2RJKH9Sj7U5/fmhxseQzubqP3GyV3+yNnYcHb818XdREE6URRU0WPiFd/AeFsudUi8d0iU9clrOeDmvwh/o5/j3I+uDlACCuSAn/MtJnGbQK5KQllx0mWyGALVe/0NHdV5P6S3mr2ab+WTKzRv7k31i7dbLI3zgMT0qi2XGJmM/4qcTH02OJJk8mxxv7pOxZi5nVO+uXE++5Fv+Yx5b48U9xfcOczlXcPvO4MKlT5b+tQ+tuuv31P/sfKK5o+ltzbT/2rZ2/tWxdnO9W72S/o/9N5O/Tm6fLE0+TSV+8sNbXT16oe9i+pq/1lSu2V0rvLzm8quXT1xJy36Q8+DUZC7kKtf+3wTt3+9u8Jn+3Y2/nf3vQ3mz6dxffR1zIOSnYSML3sXCxcriT27//tLS8v/Ie5LPW21f/bWCduFHC+8WLhedXv89qlOx70Z3YzzaWNKxZPPmNyX/714rdS/tVPpqx8mMNptWbsr+FKedkpVby/m5k3l2ZbvKPpXh+ZdVn6iaVRAKSSFYeJ1wi/OFmlY1FyqFlX+te6L6/1M718+snaSNq7fqUuOPmz7YdKn1VvOXrFNtmL0QE7C72H5sPKdJ6yLiibarbQvtR9v7tP9DZkmW9Mkf8ydSN6ljtID+GS7VVeYxeC15vXhDuC2O5Eyuw33H/wX/C4KHBFHwBYfwSsgV6/t90ZD8jPxnknsURvk36eelRWpDlbVPyWq0P5V/Ux7X/2ZRT0WvsW7cNd5R/F8JytnK5UqbmZhr1suWaF232tahdU9VUq2orhW9J//ZTd2+2cZKRJ1qsiurIt89p76Ke843onpSvvxW/hFv4V/zNaJGxERCpIkMkSV5sn04J5nLOXN/cN58M77FhFwvs/VRpThMfU28hHnkBZWKr54RT6h3tX8vLZNeN/8snzE+biwZP2h+2XzTes76Bf1LesLJGDONa+af3H+2Br2u98D+tX8nmA+3w990RuJ/m5qXWpDKia/Hf5w+mv6lx8n9X1ea6unfujvZd2XLLaXdbnfb/fawPW5POjc6XEfoSJ2d7i91Z3vfVXq6PFeBDctGh6O36k+vbU6+0Jzf3LP+S+uP1rsba6eg81dTxVsT7i+5X7j/5+nxaDxaD7WzsPslb937ZW/K96Ozl2aUfmHgSOB/ULBUH7pywo/8Yu2X80+iumggmr9Tv2uIfyauENNH7xEqkRJbxJ+RWEG+YFCwST5PJol/UVgvfEg8SFSTv02+k/rctavUakpIM9fv03/Oo6irWTH3H4s+5HZz+7n7+W/dXimyd36VXOX5yn+8/302NfeT6t99+Hn+9/N7Cx97Ip8WycyaeM32n5fm6OW6L8pJ77/t1m/ojXI4q7U/EMXqXibzWQOct33KO7p78qQWcK2sTGv+kkDXjNWp2M49I1Q6L/q2WHP2BWDFnVwzBqFVqTVW48phjWgW1QgAq2uyBhveX4cDCDiwzY8u4tMErObflbyTvAPyR09/8Vrtj228o58s7AB/nZZNdnyWpFfGOpHuAfL1l505dxgxrAWyDzLMOTeGYxpvdRXF6aVDVqrJGoBWyAWyvl7CNcAdbjReNhsNNjaI79ewimqdXvT1XIQQYG6A9LGwTo9MAmeLkxvgZkmGleW0z8L4QB4biCACM6Q6Nwwi7OqW2+6F7+lOABJYISyTmeKVOsaMDKH829PqIqiLLw7X2FLIcZsqmBjpU8aYsnaVU9rmU2b++BFIPTHEGGm6HegMNZ4tcybgY4uhCgmKaDXkzOC76dpWsK5sS4DmV3nIm/OcndbuBmHXfJJvsTD+sdRuKFZ2T222Pgk0olNlHwdc6GaACrecfCB0VwvmHD5TsaSkXlNAr3mngRIfgBxbDY9VVFEFpwHK7VYqVwELH0G33Wss5cPV1bCslXILKfg2kHP+5RrUnzUSh50HK+9mhw+RztN6hTnR/xx32e/84W71GRAWuNBih/zhvlsGCENv0CWHUFbKHqtMJRP0DHYmvU23MNgfPIPzSIB66UhwB4TY6wYiwMKof9r1UcqjlqO+UvNJebyXL9okq0QcOxkmOrHV0NzS7zgb3ckuv976+mx7Y3LTnPnCfrNBJCWLbgHtXWurUmpJdvGoMwoqk+sm+BEgOUqR8UW62ZzHXHreFSGOx14FDUX7mkCJV7Nn0dVPNN/mu3d7xD7XEzdse8+Wzfjc37VU5IZ4LMe7kiuCMRhfJ17Q5pJA4mriTy9/nV5OQLhf20HsYMeyAzf19y6ZmcJig9+S6m8UNlRAndgQN+DZ05p5gshG6UbPSKFmKoKGvl2rA/fIHzQtcaKNkkSgCpWwBEaRe4I9m0dz/naSkFW/pwPUTGHwvETmjRclZYYI5U3VYsUcT8Q9XNxziuUgIGikhWj8/AIafZRmBY0jM7GUnbmFLFBkP5r6QLWpAdb272zUNGoBTDNqR3eN4RaowxPBagWjUW1Rcch/v7zyUuNtMhs23/gIkMQfsdI4V+a80am/guRmhiA/+R1MghTO3rpSA4EMWng7xLo+Y0MGC68IMN/7WpLVtlIHgT7t98OjKDb2GhTI4MyGe0s91U8bi+EWAX2ShzuIgKc4roCd7Mz33B7K+3X3PWnvXZu1EDjwb7N8QIvLJtjNUItzFCpqGs5IBcCC9itFn9xmXf4/dIhriZBnqyUZ1pFzGkHh1yudZljbjoBWtUMkXOaEX7xdbErxhW9KFBMPjPEyJ7HziGbku9OpneY97bc2JDJDIapthguGa/1MpaP+4q+szFdH5Op3URYsmnPCFAns1NnkU3GkZ09orWn62jd3Lu72nlLxexunYJG1Ya8AuDOBmsAZlKb4/XkH5Xpla0DjDlGIHJYzgkgUrKTZ74x0Kd61xe7T0lZrdvkrD3U59jYXwxBxrFCQIKJg9OMIyYq8+ilkjKGQk6lgVrxzpGDX1Sha1RJdSeo6jiKtrTbBO9oz/FZp3VAju6YpQBpSqYoSuhJgX+8vamqDCxuq3Aa8TChmHDlW/Youh4ZKXDf1lZhMVid1UuHblWYO0EHxUEIfIzZGHMoGdK9ay//aOOlXV4sikKS6wvapZIvQAU9hCQ5I5NyQkSWnpIo0tlaMxK5ZFVdtk3bYIoC4fJFzmvdNv9gpmmwt+dG/EdyAIpAFWqNSks3wOXndgtrphouiZyv3FAuQx31ihYZwBAvZMDSRVFm17TQTH/P/WHSwKtenDHx1uxjtpw6rVmEZ6ZUpPz9TRfahB/1nKNgXb+5ijOxxmdQGTwFtqiLtw7QoiRoC9fzx5xkXvEwt3EY6bKk0J20cyD6NVWjQlzEbBqtIfp3gmBgtwwvvaHv2qzDjxPTH3ITZWDUBpKukCof8jlRCyaAuyiJx+Lys5+vxdq0EXOSEWfW68pSK9UefUzldBRweqbbr8wMxwoBsnE733ZEKZkBOWKuktOnFjh+pUS1Y9g2jotCE08QyTwDdhrM21PkrQwq6GzGrk5RQkMRXUxGAwkogvxpfw86oxs00akFFXmWXXMUfqHhMRO15Rr/TPzXHsDfA6bN+XMFHmvXa683j6P1xLxiLyb4os9qZ01fSVCpjTriaUQj1chJ8+gmzMxT8Dake7+S+C9EbQjILkBE/bDlakqLfbu2v7gABfwBPTy2Zaf83aFabWmtZmf4ddn6M79SPrpbdU1GqSYnovxh+/gRbAib0/300uO+LdzdhW6vvXEZWi6qiGYRRVhoB94lK9b90rkT99iZQHjZ2K3PW86SXaE7bG8cuMMdG+gAu7135ygfo+hZxZDprXeEzeeufat9iVH+48h2ZNdkXj9K5Ao/W7n+jnXz9f7CmxDivEBeENMmyWUkXMBvNOJILtTShNjKyTlsKARilp8Z7FwgJBwesZEEOMYW6TRjUoYW8KWFWoGs4YanKfPYmWrdl9UkKB5TYXunDiVO+ZSKIKaoMMbvKo6bxjAuoI37cXIKhmt5P6Q9qMWL6iyOoAawnxEN6nV06fP8mQKfuCwOYKGCSopywHvvJcBJSb+OxRA3427Z/+Lzp2kXNNRO7thsKgX707IBog2dnyO6M/8PfLged30mDZafp5iYwA1eHTejpTeIraIVX87JfEWS3DYKgSm5K3d2OomhGDMgL9mGtQazxO+u810A4e1eqzq9+qe4OXz8QevXVkSPmcoXE62UxX90GFjFqfrg0li9ve2NoZ2XBQn58TAj1+BARufLyUqCKgEBIBLFTjx17Sm+a+CP8wcC1mnI6IaaVWHd9cHwsvk7PPx+qHeZ3Xtrczo+pQLABWjPv2OK3TVk5kaP/sX576na9XV0v1SOVU6vWqmDskY6cGpmhU4fmAXQKihyg1qms+B4ChJwrDZrLX/M1maLaLYacT+p7w8rveoc1rzNPOYmHpdMLRbIqMxogW16Ka7B+5/71L6L92VKnqDGlPi/jwHUvh3NaW7PN/APqrOrYEmAZcGj5ch5qgD6eiyTW/fHLiiY1JQ2DibypqaxqOqnD0FOloD8BDbXjjFhJ7lGNgtTgYYyoyuqaEb/ypl5pUpLECwWPdLPrBM+p7Fwq8FMvfcG3spNUq5IC2B7egfTBC0kTdnX3hxcQaSzbjjsXf/+Gloz27t4e7eoxF67aDBFqyvKVKxN9bdUtK99p8tUR1xIey7oAoEJH15ne3/y4BvnZoTNW6finnjU7vVvRo0zoVv9ucpd8dSAK3pr03AdPdt1KK6X/RMa1PVu2sE5TfNPo+68rGiAr/sCE/7LYQby4OOHH0AVfjzOwLg8YaVxtzPlyLGBaEEoTTPe5tA7r64a7zyMNze6ZMIRJgb8MBPZ8AZLDFVUSl6fixvWZhMF0RwdcMZZimKmqaoruhl/Hv5v2K3Z1eOUw713+Sr3UpEvn0ltUS89vAb0HP7wKu1X1+X1O9drnwsBSugt3LDV+GBXImeTD0bJeQTm1oOB1UhbFWFmH3MWPELhx/wuz+btnP6uoW5fZhY3o3uzeY6ulYeA2PX2rAIWi2F9GrVLFbGdv/Fxxpr+7e2/Nf/vW5nBPPgpBPk8WEsSXoH1aIKiWJXzqcoUhuDMr8zIbISoDPrmA6+MZeRQNuuvakN8qPLaf/HuDq/K0RAX0lx+8uogs1MJJSgHRQu99uq3NOUD0ItbUPTcS1uX01BdzigMHVitX9XNYx41CgIXKutwetHzSEVtAwhs7DPterpkpywo9NZNN48AK1N0wMsKExpVg3gVyeK6LwSioPpcnMwlR6zekdvXki1JDBDyvKDw6Ro7xrKTI3BMyrBn2cHgo3tT5+3SoAjITSsnmPaPcNQ0SgqcIOdB+cM6vsXFPNc1zVfX0QJwURMdUo/wT+vdb+dZTnyOeelHft+pTaAZKQNiwdvXrMWILoRLAxdNuaxe1xnbXtGNwfVJqXo/EjRUvtjHNvP7Fbu5gR4bXwKlmWqEhBiTKOybd5Jal7FxeyRSK/KcX/oYBB0ZzMd4NraWkZ4WDsT8IHlUj+ps0AnlJUhEcKxK4xAz7fA9Mqy/323BF+srclLgurTazBKF1iy69k9ktv6qPxFvzlrv6xa2NdAVY6snzvaGbr+iIO5McTvoAJLEKU2q3NMcNza5KRBKUSq59Bau5JQ0QeTXv6UEGWDw3AWXhAXvCnmcM1Cl1e7akO7pGvp4Gp9h3MWh2VAaptFa93NcY7rA1WO4ntOTF9Pm9S7VV6cvD16/b/Oy+fdHVoywQdFlT2JYnSo7lN+OzF3Imtbp92BRA4Oz8VJj2uZVMtHwwdBv777xsWcialW07ua7gzzOyoOuLhTB9cXnDLOwDgu5v5Zz5DF8CE4nFoGOsyZi2NGXxjj3ALeCwOdOAFCkJNTTg95sYB3bSf4hOveq2qdFSnBgklFaYMmKu3rNs3fMdxRcHfPu6DcaAR2bnHYlE6S7RFOXjejSTfh39E3i5pETJNRHqKWndh5Ztsx8haUZJL8F6kSqhkUvfIAksaq3w/R2psvFN2+nsulEwABYMPm+fKDnAC0hhadW2mAMNbTBm06h2oypKYjNAgli9s/XCSWsasY/88S5JrN3RQDty4D3ZGjeM6+Hdl7UIMKYtWdDpMWIVGXEp4VoLb8+dKFg721ycae/rnII38MQkaunht94ECG2qbqr1/SZeA3SBi7K12RVDyq0+NWP5v+bMb2/ONfcyKubxPeVB+24nxUeskxZPufbbbZKoFfSf+RLfwidfXWhkfCUFpvMjbgRlgLhvqq65bkZOmn3KaERyPUTG7ik3QS8QpKJ0/9IG2vMcpchSjPJSUYD8ijBy2G47AurTP4wprJKeMUFAORXuz2u/IZthDXyQb9EJmpAtyrisf85FRLpk+PBxkBDqMmZH9MWzB4CA8x0JPYDPecUq4MJ8DH8LDuF2uMW4Fs7B7Kc/XGdmwqo4dB0xci1No7t7mvZnr4k1p/Q7ifxMcrqRCgPRq4TnLD1kiOl/8WMIPfF8DQ0DEJS0KkrB9MOTaJ8GdPLx0WH4Wh4pua4p4hOGX0sO9AY2QooRGGEBe4Bwr121diEct8KBF7mRhE0Ibc1VVasmA1EDBmO5jHHywdz0EEj6H70vx+zZ6tbVLtgc/ZObl2H9Dj/8ElpayMitIIpFNA+st60L6B2GfqYi2SgZM0xR5pxnn3V8RRFEXnx2boLlRUmWn7lYbnVmwR+IDz043+zTIA67coeX1+Am3vtp0ejsLo6qNiBwMR9l0h8xHmL3GjctLz+ZebzYllD87A9xt2B9SrXH6HVH2a2pMi01LF9x7dEiBop/cUeEBxrc6PNoE3uRm8cLwRW//VobKtzhUCmbMY+FhOxbt+3xJjBBqzOpPXYu06YP3NxliCEI6ymusPZElicujdA2syBrOTSTwe/94PpSAf1g5GDbqIqrpHq9hFs+d8NKQNkJZQszmdGl8mK85b/Ve5jcHg2dra/IrqIgMnYbMDNVqQpDqr27GAk2VdFZ5vAUb9Q1zERi2Vh2QNuFVMAz88F+39rd6a8lXacZ9GsAqpKE0RFx0hDqJbqpEx1AVE6+PNj1CErlXtZk1zOdb6p9xVQt0Ve6O8ACCNtqs4MteqrFyPqTAMjh76caeccfpvfuX9o2CxnIpYw30PGMXUBQDgs4Z01AmsM89OKOUkWVvT361G6SGif39qXOsNR1fmfF+k7gZv1OTAu1XXjqCAeCFgUPAnYq0ljrVNGwEOEqzuHTJ6WOqUx1o3warTj3lKiSoNvVlIYUFJbMDcW78kM+Qm/pk+xhbIjhaONP/evFxgaxVVgcv4DFjCB03I0Tl6/EyU8+8+XAQrZFmSBWIoq2dOZpa/fGJSavrtCABcHQjUreTqTrWs9XJkoXKDByBL8FvcaxDtXYKQUIylakwrXC9xNxV2++C3V+GkvdeQ9IWH5Hh56+KJlDK+jywkwIWLaOa2i3NgYYvi5BtiD+ehK7gli5BgM1x4xwzNdshJCjFrbfogdqHVVWJYfLKJwpWSTUvYiPQCN5YZ2EGlMkBmzb6/U5dJCfLzWM5zz3cvcf7zFVbdAaFzMukJf40bt47edOoDqUIm7ZnrsYDgFMYQwnh7THjrNz3Pq+FlN2b+w3G4vjM2CZo9nzlmgAnqJUQqfHm2WMCOV4AbMiabvp8rq9tbOes/TA8KyYWSBYO6Nsylv74AFl6k7wLpOf8x/uv7UZjv2wgNJgujR5whx3NxJ3JG4V2lhCCZH8yooflYoTvHg5n6afuTTTKuan8xdn8YvNK4Pzh7NHK9/NN/bbfDlZXSFr49/1kaAwrlaaqE7uGvQFrZKj1YoldILCCnD1RRY73+fFbPyR1X9m1FIC71PVSPfMnBLA3dj2/JF8y7gz9K9DW9+uHkm/Gw8pP4oCnvSNws9A1SJ15rJyqnurNtKGhjEEZf3mkII2Hr9YTkn/RvjtD5Vv6K+IXXjiWKrttggIAEmURBH5A3FPuA76h7TEZE0xqFsYpC1x3ItdiiorOgI6X0dsQOUpJ5NkFBe3poSZgMTJBtvP4ZYMm8uldjUJ1Ax4wPFoKmI8H0tAEhc5LhCxGBtSQHK0deSKe1YTHGwdsYYAUvNPoyMQk7wXtqJqkjsLLqcOUXUFo2rtqMdBt15z2D60skWACbwX9TSR5ao1sfP8VvZevT4RsyN2O+309tod/3Z4p/SGGCidIk1fn3fKoWC5vgGDoSjKoh6c5vRGGhYuJPGXz+FMOUNi9PNKvTi788JMa+K+/bw+BdRgU27Cs2dMYwfV9dH6RAbtN1+Ey6fcdXxEQ5KYzgf/Ickt7xmtJA1KrX4TWLlQjaFb4cUYLUaOVwf5NB+t3Mx6ZkUsewupOVLamm+qqmyUtUIkKbRIRDwwo42AFlR7dScUlpeIPiUCNl7ulOHuhlfeeBa5ft0UK2tyPp14fJL8xDwmneLmu76Lapw1GtsCaA0ND5ok3KvWohN54VucbbF7xRofQACjsOdJ58foyJrkG1ybhpkRMw0M5T50y9hwkbdCVM66tbPViscnoP7k2sBiTNeB4/k7O3vUX9lw3KyvE1EyyoodrU5wu5Oi60uKxy/RBUEr0so3Qu1cQTJZWmDbYSMHWDIrydDXP9jPov3IyT8YRq2zNJQtlfAFx6y69QuSDUTu5SdYxAKisPcTI6m7dl6Tr10APJzqVPS4Dqkx6Ux4tTEfz42X0nn6QVbDirHOcI06oRv6LoD1ZYMGpkA0BhpTfO/m7b4XSef2b2UCmjneNU1MbQtj2637FbfUwQRe8aTVciiAkX675rSunp8fceYtU8ROc17lX/Ue+kzYH2lN+bKpcTtzhDeUoqkAF/otmfz5B9fzKkrVKtj7gZOGrr/3aHqpShWSuXolbZNzvuAuoIp6uuoAA88PLBiLhV4ZBYJjInMNa9k4yUbT14hN7dJp0ajijLgaOHw5mM0/3/uN1S3jTkuw0Vs/mXx0HFjsSb1uiB0lj8MzNXV13zXPktUNOKq/OJz2Jf984eQLJ1U6F6/SdXcDlrtICH6IffTDx1+6SNWNOqTOt6X+ir8LHFBS436tbWx/cdQmNanO1dWytEWINZCE5AXXjrVN77Bt73bSwsiL9XGmRXFPfcPQSqns0NRteq6ndpaStkZjX8kpsjKShv1m9KGRwbBE7LnIVGiZDoSIDNpGW1ww18wFbSNfSNerFb3dzAs40MerlmyBUsTfvhuPha64LTQJ4EZO4eQjkHDSUcon63FqderCH1YC3uFVJjBaAZYPwKPN5R296Q0yrF+0ZQKcyOq+AYVSXbRRPac107KHd4b/9eI2YFPwl59t0I18dwou3bOAWVNlFdqB1NUQ8MuaYANiLfhl0ahf6zypwIxlOI5djuSuMpGbVibLGK8PascMxUdFa4P2rUe9rd2jJtNeJw7dCWlX0nIKChCW+IYUA+FjFwxepmkvyyH6VWFc8ks20CPZvgy7O7z4KqqjN6sFVazVqv51TpEMR/O11GjtAflsosO88vuyXVYVr4Bj7We4y/yV7MjKhdxa2myVwyQvBspl7tsTLRIjs1XnBnAtr3HwgmTXCjS1qRG3D6QkE1t6Q+X35eZLk/ZJY4OaUF1qQ+wLRW6PWqQbLMvjvMAIAPXpqkikotSOfGAmedtBi08c3Dk+iUgaxcq3jpEj2uPFyIUthB5xDq7Zn2zLxXh2ynrNh7ydLGvY7rb0Vx1bVmji4dz0ym/9ZPN/E8On5zuoYf5LtN+0C6CCOfRKqEKGkQQeRckSFxeUT/ttIuyKxL/x9f0MlzpXbv04Ryr8sSNpRTd1WhZ66Ywv0N6qDtnyhg1I1QlH7N+tYAn6hLgsN2F0Sv3f9/Ce0nyCF8qdslgCTCKvqCxvsx12RK6bHHR48Y57FiKuJudd6eCZT7Eb/iBPx7NsrokQe75t9VwcSF87Htv7JiYkKGVAdQomKGGkYkhCmC5LYoqos/f9QdjKYuqinOy3hPRmC3cI+zlnLXkmjRsT4U+EttZSvOP1/eKad+9hg+o4J5+1XRDXrpCAVaOW2Rh2ymTT8ZRUS8qx4Cx3QvOn35q6+NRRhxhbGWjQ5w/kHBrtLq8PClK5XCBV0KxMr0ABxgxFicXOdZWvFe9pDk+V3BKNATHwkpny049pZnNn5tgfOtBlLF181v4axl9ImuWmCdWODqK9pjZ6efqRo7UD42ZtrT23HXL3dFdqPg5oDI8te7jaamnT1I5DvWvvLLb8IK8YmDOjjFAmn+q03xRTQIaIcTNzXCYm8bS21dZ7ipcSe3XsW0CKl3fKsLdXNTB0d+yw+0Q6gUt5VVbBmcTuDiMJB5LPspXKmyIWL+fXON7AgVQr4YrYsMvA3qGFMU2WDaUpmHOKQ+FaxNhqI0lo0/O6diuZCLeNTaCCJLosyGBIQdeB663BvWRxq69Yh7je28Y5/VX4oBgOQpJe9nUYJ4yn9Gi7Ssslr2kBK6P9XkgANE2VotqzrfiZBAZkTcbwLyCpFmjMyv5OkKpNy2lGKSaqphmbx5lTMFXDxHFu3zdHgWoU+B2kblXXulum7mpxHIqpSmISSRHvP17t5Lb7u8Ixd3xzX2/IJkPBCC7xhkw22TreDnYzf4vECuV2VuM0siTZOwqnFQ2TlAVRCO+Wu2oMiAgdkR8Tw0DqSawYuNcRsXqgD0oT/wUglYrBbDU6/4a47qpgqbjdUVrXPaCRgL4YBnizDcJJS5q6pn3htSqFPPR62MCOqFpyYEQlb+to83XvAp+GqVY4jI1AagF1Yr4tOECq+9zeBlybYxXn0FLRVuP6PM6k6ycCUEQfiC2YiakkRSuB443DJmiXXHgqNhSkHftxLpenRAQLomQg6BYUig5uu3b1JXMH33LCNUBAI3z4sUtzcY6ONQv7uPjzuAHEliSDB4YD2T7rDaB26Tgmapm1VtiOxE7QVUBq0FVDhNA8I1p715TXm7RRC+TNqwKH/VJNkcLaBRxc/pzff7YMOKqm1GBA9syyDYafHoBJzoLwWWPzgJHMSG/qKZ4R5HtG2L+rzuiKYVqW3mnQAc+TicdMIr8cJbioXv1v0dv/elwmJ4Wm6fCaLmrZdGTvwtCfq5Sqy8rp3l7PrlOaOZOPO2oYNiXXb+Bx2KN71BBIgfgAxNX5POQyV5fOnPw92vK8Y8sZt0JUqlSYY5upmRnWHv88y508uMB/3KN7KuDyjZIPKzo1KEqUa2m5c/Fo50i/h6llp1cbE1k0U0mWgWuSfkJImbVOOJTdD6goYbHsSu2KKdl531VV6Wwm1cMqwAr9ehPmRawm/tGosz05vH/DU1hoYXLe6ziMizY0ioRkRXXKV16w15kStlArbC24Xkm0aN42vmrYjMdWPslQyvmxxIFTUlhc0YArL/Zh+K7xnLU7bDbC56/HldpPTe7QU5TXY13Z8Q3OJ55sGI7VTpvDdmfQ60y2A1UxCJW3b6yXdzhQjbf32jJIG57ZZGC+6tdczlrAFg1oTk/opx9NSFpdw+pbt0q67fmyhymWhV8WF+bW2lUtU24IQGIUCbIcrqODh6Wj9mZg5KMEA4GpahykOVkQUZQqlJMy2APT4SEeqbGcGp640qzKLCXbiiH4VkXMeTZwhSCPOWuyoPmCWlc0VOOmeE2tY1hRDkv9gWmGoeAJjed93QLO5l87mIEtckVo2AmuWgpt9YbeIDzuf3fJn8ZhGKkdhWTiY8VQcD5v3ZC9FjomOk1HY8NKw3G4UJIsnk2F2Ny0XrV95IH9WuyEg/jdZwVhtRglP/n8zPL5miW5PboIPAbdc9hM/CAa1gARc+X/i3H+rFG9JoGRuI6w/m0gwUhwz4aX1WyPUS/+tfa+GFGlSIhhqqxZCbLTui9EAAoqZoZKvMY5VTs7kbf8Lu63GsPbh73x4WA8frfX4zdWVcuMybVmTEE856aKL+68HNJtPXL7UXp48HuVuGN39sxR0NKDRq1ZcVcMXQP3q5/f+7B3c/HSDv1TVvO43qKIb3M1jrt50/UWa6KBabJD7O4Mqm0nY6qWbPON0oZLll+ZXcWLa8ClmqcHzxz5oqPUmfc+KPbyFcKJrYE6iIeG6YdDp2WNlbaWZiM7as8akLGwpL+3Iy7HGwlhoAQa8YSjDa8MeRuIvEAEOIa6SRWxQrWkxJWfM1cqVzvjmFMfaz9KpWMfd3rxiNM40HuE7OywYtbGNiwOc+oQ1VOtsNFZ73C3uPWlA+bAO5Rj3PDdN5RI7nYf8BmPd+tX13YasgYmzWpXTcvNUggS3sWUgniwl5ZRXK2YnKmM+mvOSDvi+rlb5L31bMaRUE6v6sDEsrsKRNHYLaGg75hsiqG1q3ve/uV+yd0i3ItEKFdNPi+6y9fKkXRNbN4q6DWQbzJLg5Ymq6IkcvFN0SFARZf78KlQqU6TCiLcyJfOy0QPpB/3sTP9c5Zg4a5svueCabLzqstW+lK3y9gadS5rSxkRiU70QGhtuLa90OxkNigzQcIp4T4TAWib1jxodlZq9qUEiS2GS0NLUBZkkFwZT2T/C2RXz9ufCVCx+/+0MbGP74od/O859pzCf9NDClLEe68zaUTOfsNUCv2TmToicctpAMmxWXfgo6ZFDfCYzzANJN/bP34nYjKdrUqR4ZqICen3MFcgLdJGZq/+ggnSZQmy7YNK0sBiogH14ANABw6v2ScEvLzTpqmwbaZVyCLzenewu8qyQFrEn/+YAw593NbBnmtAjWVADV5t6JVZXjEEDGsgNeOrFC0OjP1NS/0kXZA2a2Fmt/N33VyovqABLyJqhVFCgcTzhIcRQpQ4dJwTX4pI0Me/fHUAI9wx8ht29Pe7vnIPKR/cNyWt19ZL652ZBACqSilyhlVZ6yu9+UjxfJKvewoYuhmTBVS/Jjr+IgojSlVsS21gSbfkezvPM8zZmuAhOFTS4PzU6452MbQ19IfSBmWZ66zLQyUCMuQLuIsDUNLHXApno4fCtmrGmVLItQcJyEyFTRUBpWkywpCYrASWp3A6KehFp9bIpVl/u0avFuyo5uS1b2v7AJWo4grbR+PlVgHw4WIC0+BJUuVioVzK8JjcyzGugsf+YlvKMoOicsc80R3sEocACgJMMSTjF9wJLiwk8A+ghXSElxgO7k//AKawQtraGgKnbGMLURD0aqn+VswRfaiPABhbJzGsgnfytJpjX9sgTJJ1LtgIpMuawFNcY+kWdlQDNKopURYQLJCA+38WzYzJCkyIbWlb03HG0l1V0xw3IxlamzC8WfQo25LPwCYBiAlNZfiRKSmhqgwAj101MatYsa9nbFfll1JsJekhPlHGIgtwTR3HZmIaqlM5nB8LWMqTmz+5TZU/6TRADEpyIBU2CpOeX8R+ivLP1s0Tb8DuYLTrIxkhRw2hbPVPdzDG9KBYCGQJwEweYjX3OuwyKcUY9SLWBK/owhNjyRRJ13mZIfbXbikAsSRayPVGA+tLm4wlHap9gLUl5syr69HcKdHhPrlENYsLU/v1JST3f64FITEsRM9w8LJAKcPZq1uyCgziiuXAng534eNoZnvxyEbhgHtEgXLf0QfZcaAAUCEyY1lvfPNTbV3dihG3hbq5HUUW9Of2VO2CfqPY/TEm80E69vu1H9pAyLQjjeQLYUiQ6Zh5KhRCAVl/m8AIKKB26HftmgsFk0aW/tLsXIIuXzGnJ9lp4K+8WR1AO080F03DX79IJjtccXA9bFVBEOtFF6/fYGAsFukraLOXLOyVwB+2MvXJdTpy3AW7cV0HaDjYyUJWLLjROiAsSCm19eyMdYVDEMs9+LwF57C+OrJd+8Bdw3uyosgEZZgpQaR1hRkYuaMQmAJ62rFQDfK6FEu05E50P7Fprm2Ck6meFzOFAf2Ny6xyWdd7rubPSKa/YTBlX8SzBDgdKokYyhSoGkQu5aPT/uizSwSofZLk4H9i667CftfWg06+vdCBy+GGHwhABlXDjpwJSEPVM+xe/qkPdpfZlvLYSLoc7DGsKpkKBha0Jt202wVQTdYpLI8HE9MEVsnwbEblnCplveAAKnPlcmBlPG2lzSAAsQ0vMp1OXoCI7vgRZ6K/TduWapAQ38CvXZXRPd2av+ulvUVeL1qJUujc3Seo3312OERUF/0nAizQOuL5PjDohB5keU82LUzYkdl+ZR8j3uSA51UHf4Y2b9ItwNingP6kCMSDC45rlfaOCxaIvWeKEEEJK0sHH3hF1uAFUoOROO/zaJDmBYNtb9hNd19IbtTMFtUaAnU4l7wFp0Xe3IMvvcjyaY18XoAYcuN+JbFuwVMBRHh83fdZt2/U3WBkRtbb3P4PaRL5pu3WtndX2S6v4VMtQIDJAqntwUkCNwRtOcaCjtxf+RjJbpxo0RV0NpE6xQlHigD+jyf7qlGm8j4pBUvwEyTV6M/KZmBBMPXWTQzz8lQ1uxchHTaY8RpjwKT+FrTANQBzvEKRCbJm1G0w+UDjooXEgdDxvzQJeo2xCfYwYVahIWStBHoBFcs76C6Yuy3tsmN4KxRhA+glqVUcCqldtcKmw1OMadZ9aFuCQ7qH5HWJuCQx7TQagEMTtJ2wNZD+WJZA8t7Raa8Fp19ODpsIqBirqJKagqmhZqgmF9dP9lxFhSEItN3mzV9uolKMu/Eyfkni63UYApyP1eWnr3M47M5x13gHUoDctYO5jkEMEAeWmqgLam1h7NTxuSCor3+/9v0cQqsv8x1YGjfMNgKKQqBYbRoGeo1hqGkwKGmYi0Z0TEUr+ydlkBOc71AYri7CQYoRIuQ1GSIdKg0NNiJt4TQAEum/IkHApsgojjCoELEq//IeATu7QmMVs9KS1ygfzmCVBNRW2HfOiG6um50PdpquZrkd4tXeaF3dB61tt4OAlRF3AvtKD+g972w0I9WuXzwoQ7FMkMXvE/o+mo5cJHAMCa+RvRusSt5x8wzPTX6Nzzqs6qSrjI6TMxCF5dyEgoJ9Gu9cHmLBc/ws9ktTVr7m+BxlxFhcDC7HVuU0hp16iExN2zwOnKHyMGRNRktT5PAY/K3WEQ3abAej2bT9LOVh1lSunF4kBFxyUls19FbwOfAORkI4aLWdZONY+cELzkxrgoDL+DblQ8uf8LjZDdPQBYOQd3QepgrcvxzAJaewkzK+u9SNjhLMBZsBqrJCynppqAAWnMDf42TzCeGMZz0ZH4E7321Z1Z3pYVB84N3y9X2SztzWkgI/kzjnPTruSyi3JpPLY8XdTsHh9IcvQ+/WrSBFNdsbzMf8tY1tBm2odi/Ff34e7Utjv1qE3QTHY8Kj7tjP7A8iYjSK82MHv1FcOH++3lrYfe8mEFJ1MYT5RLhpoxWLVfc6G4SyG46dCeKb6fx756NLr7pB/AaDAdAfi3aynwE4TPXtCTxUH8nyu2ij3rZUhwC0/SQoMay8IpnsLpsxP1q7mITcZTkE7b0BT8W1w7kYngYJzdXVULolhJPbbyIooOtXfhM5RevEZMDsE+au5fdAc1f+jTqMRDwZDa/9XjZRseAZSeYl5uT2EUmyjI3AhZp+YW7rh35Y+GI58R6K1hrPe50hWTxw2DQonPxuToOAanmUdjoZoNoBxnfuZOzycGAxamZ8oJn7+7e/3bA+On/sQ5PHQavQibYMDRkAtPDKdQeDu+815nHy+fOqWtrs7wIOUIKvK8iBgN121eJgyNSCvxuPsn3GmA/EuHhuDuqCpFQwZbbJekisy451w0iutQDdAsnILENknnVK3Vcm6uouLbHdTkmEtgZTnnoolQ1z24ohJ2cUFeM6hro8BUHxD9StgU9kXCpsegzUqIspqENvecyMyb0s7BA6r1xHJb78s7UAjJFWUYIJUdeQAfXBqMHkyMEFF+kHfVHKrkBUX5m/AgXHa3s0q87wHkwDoOBooUxySpAprjOgNOsEgqQkIgLo1pIkhTJX7j7hGZb/PTt+igOrm4r+F2hp+NG0C+WzD9d58ID9j5RjZAT5TatjfuPNTgPLj52KkEz8RYHrFOpASSoYTmVVap+ANEyH1bsvQBxwwmotkQT52uU4vjF/5kGCAKmAm/keHObWYvS3yLz/UU6AjIMw69XEK4CBXO6SxLhzH4/2viJCeyC/5udpGqHpSzeSBDztVZ0FRo5OCbM7D3TPj1naVLj5l/sRX6TSBJL95j2MoWA2LW5JJqdGMCinBVG0ugXLwK0oKrzod2JkwWeeWs2+D72DCBJVdDY6M0UZFBUzDX7yjIX0gWi07eMMBjnjphGwboh49tMgDt2zgiKKCmxTjoowq04/UNuptuk/DyHrbBD1xazXPXH2zlNDxtsVA256IpMhWn4NiCaTra2MO9gdq85Xbx8bOXx46Fn9rmXNOON+rwlTOcuwRwAkMEEAtmIBZSJeEOnNURQaj69sWVZoZ5UxnitWOzDa2R9ICAhYJuxIZkwQZaLAiLrY7DIyrExoXbUBZBh8pX5e02O8aEYUZBuu3tZgADAYH0B3NQnFFw2sn7L9dJlN0ppUY8LouUhn49BsUaUgArS+zUlUwxhOhwFdLjVjMLuZGcMLYQOKqCP1x/FkGGemwlhBCyAvFHQeSyyZU/HFuCdiwT2RQjI3MklP0FA6FcCYd6Ry/05v6DGFxuna22LmrtHLFSismVIAp7V4DdVgK7e7T/UAM8YsHvgboNoP1JSqUw/bTQWp+s2bz0J/tF9eQm3uqsC2afRvV9losn6nYoOcXzqchwezOzeHckzhWgodhmarnrkjAlHbzpYlk+1Sj9Qp1EBhyOhBCdRAayM0xG+GGJLWcfERSjOvJ2jbVKspL7gxq4Ck1rQDRpf7tPh9rwcI4nmtD9sr1VLoX0c+cWYxNn8I8Gb8KEfNlp7qXx2UC9CgStSAgo5wcB5VVHR2cmhK97wo/9RCDkDzozuV5aFoRT29n6yL3cfaxDuOZ1re6sfOI0ZmPuChTiuLHDotTRSp/CuNEWd+yxXA+lrkbz+1ZYGYBtyzZbsCR193ldnXtff55VYg7uuLfZgPKGtrRZm9i568IrR8yCR1y4YEO9ppwRQjtD30vQ+GC0Kzx74f2EKys8+2zpzmTOhFqmLMmU601O61CMgUD3T0GsKkL2951hdOVRGzpb8go4vCaxKG3LQJLGCe5oQssggKd4lr1gZ+oZ7j5he+vPbuO9aTcSZKV8pFxnqJu0BIYMy+A9wcXNzdJzErIBb2XHussr5Ufhp61kExc+c1W/NtMMTOxuao7b9/izU7FRq/OT9CfQ/T6M7HBVxeWv7m7gMrgKY/W28yl+Z+D4PmEyL5YXgtnkH0q4VSaeYjH1HcgSLJkym3899Ce355DvFaU/UnKPGpbhsVYfT0r34ztoup35dCYHRFfWa/JUq2xgRaKnmIzdoy7O1UeAvl5WIJ6hMyZZMNbuCLjctXRoYDbACzB8tmnmNaN6+vgloCrwbHR76sHwSe9pRiObYuwD5p7B3cfa2+vOQHRJnt/Sxceaa+bjF7DrM3d7jnwZ+/EEJbPlE/TVvYFsFI/9bFngX8lZcrHXj7/qWwBwlqkhIVR+pmlrbF9iVSBt4eqtGGWQbTGnq8oH21HGLDls+bbV56mtT4RrOcZEGzfH+1DQtyHaN0xvLMbjBsTjoWkJM6NaCeqpVs9P0/lX2d7krm+6ZY8mnzJr8c38DeMbffwUblm90UYwBX1TANKT/DA9tcz/2X136bl9GAnvZ3fWn3DSNw/AbqsFzNl9nW3O+n0RNsp4fh8SmpCcNW2gmA3a7lk2XwWM9LItQj6cg3jkGz5h1VQXv++NlBtxuji2pTPW0yZkCibTC3Hp5PixpVk+GwFikRoBiziSY6PSd63BQVE9WDevhr1cA4aPsWpbiEyQnrfIKbAmlYTMUKWK/AGSKSx880ndMvq9SSs+89GwBHbkzGvQ39gdQDwK4hBKetCJWf9L98O4GAdfYSEi5i4Fq/EEmYqcxCOUtZPb8Nuf7XF+1IwiMOL8MIHxbKKAUhY8zRCLQ19lroe5LQERkspdTtCWOPJc4GBNoRUbKRnALaQ5VA7fmy+BhWz234u9edKeS51+OH/eKszKihl7mFTFSSiBXKngrtxx+k7NAp1XMuGhjYURyYAGrR72hIhrFqfXdVB9lAdpCFDYBtyYYwy10Sg+oXiAtB4qgTy+aneAW3MNPInKp2JCH32L63DfW0IluIMw1Fh46+YVS7IB29u8JeL9zku8nnaAGSVMcSCtZm5RdqF9IU+SJJdJ3pTznxCmuwxtU8dB3UsT8BJnljUkJURJbuRnN1SWaImZ3BE5dP+uLae32wtiD/n7UEHS663cd/D9KFB3Sn3Rt9OAuEUTfdQIIyiDCcBm2GHo5nZKgJxWYC4+BIK6IaXt7rP1r8ZWC7dpPg/oPjkO9vG8faZGLMN+LO0KRxufGXvQgl/HlTOGK0ZAeYguiV4JLUxSsXYjC27XoX3UYEPYlMuKY8yMUwMFMFD3M1JLLuto7kyeuJGGyZFxY3eiDitwbzyP25TiQOXWblmLQdsWsDJ8ZdCYxqt7IRPFv8zgTbhCvkl61V6P7Tat6Tzy+PwF80q1gW6k132/Os+/eucynPMQTHZwI8C5V6PH3wx7EtiAC7aTvdI2ALJTajlfXKbx8jzoMPghkJb3twW0L/ypTKdXYRgV2JWBr/4zakFOXAdnxt3h6BU8cfrEzg7LDYvtmXd2e/szIAgu0mga7+bwLkNjZiW6rHB38pPS8dLL/WNS74A08h8M+tOoRCdkGBpVRCFgx85exllrAbKRIPioaTa+4YWjmZ99Co0ckmiqSXrAz7vVKPtVDe8EriZWOCu3dKwU+4KdcfvRJ3qKGsq0CaITqH4uB5WiMF5uBw3Kixq/x3pmkyLVdyavF3wrvSHgH3lGTzouhczo/wPeyvAtejRZyPY5Ft+puesfuzxFWrW2iBqb4UIQUAz240GujF/cS8RCVkr6kTYKitcFjBl5Eo1iU4LI0Fw5wAh0J4wM8D5WoskR0hbpoU0mZOU5kvdhLQ/LEMMtQustuB1m/y7QjMvZcVTxA069hCLzl7QNKoU9iYbnMj92tJinK/iwHNyWpbxTY4tr/PYvAK14JZEGe3Y4SstOcz3xNErGxMdbE+Fkvg+BKTX72Nxg1Sd2CVc+8zavPhr6UcBn3RgIY2TbFJH5sIdLg/lpzYm4P93YKLPg7JI0s2AgqKBpcFJ/iN++SUJFFk4VNp8d7YA3cwzU9xPbYKRYWXKlV4Z6RPC1FGrGaEOM660sZFLQz5E8c9sWYEL738W6GEZ4SfkVihfvfUcYfpH0EW0rjE+5bRq7bjS9S/MaD+n/qt+D8IWCzbdhAMxRi35IHe00AffN7gcTr0f3L8Q9gUt4Dmvz7gIIqmmYIZifZyhwPWFsovnNxOiOQ/a0PvFU5gwmS4phDSpp94QaomtXA50sySQhHAAphEEiipKFNFyD813AF+4v0lE7NYcw5IaFAryoBrDYNODuTA4shv/fPxdSgFltk/fGpmBwhPGNrWjcD1fqLoP6JtIb5qzuauYXMGCBGJnUPNWTe9qQPb35eqEuDGdQoroM2eRWZ3Cdgy+1YYz9V693bf2jSwZv56CSx3/YgJCtU0aOd/voAO24LcfW982yHJ3eIjWBjx3Bg8GnePRRy3yH3/GqicvEma5UBj5mKqa8dEAsotmc59qBmai79hF24oagXt+frQ8t3WaVzwrzGZIW/0Kubgy4cSjEUCs4j23dtvwyvuPnCD57rddzs0gZzHMq5eG++EAYN1sdB6YxMT6H0THMhEKTvzA9fAjqXLoezft63rN7U/bUOm6S1pE66c0/xdhNDjR08ev7YHKiMIIW0WGlo15Bwcj8IQZYOTgUmBMBYRgvgieNL9GBftlVTOkwvBBBgQsknBjPi9uJ0r+tllTABGPBtrItwXTV1uHvDLl3RkbUBf4yHJXgTinxZmrxVQYjDATTgEj5VP6Vs+Gm6c++2zW//5lW27wbqH7+Pu63po4EHlzK4/Qt89fraoQXn8ZAt8DVzaxDM++NzaUeEP+0S3Fzdc4Nv1NjeGn3xXiMFaYnQCQomvDedpQczPVTUgWVhYSx7W03dSRb8ICg8L3G0v5xBGQaBfqZoEmcOiGthpf7UwVsCmLPhc226kneypiQGkdBdlBfiqh9pLVaIJQVcXFX2GDuA/O6A1XWwyMr9SBG9JgGMvmCOWqKopwAQ5rdnyGAUROZNrsWPRsd59jbXjA21pwrV1dv1Cpx5FtHK3MAYF6JAC1+gi3NlhclU07pNlHWYOeY6hXR8a+QuUVk9TwMsFEr8KGAh4rahAFk6T0Q01nek9fLzigx25BYnx+309hxzaancoptvAUqQO4FtvjI+zshJgGaqAHyxzJiK+MMz6VyefmvvDpJGPOpCJOAraPqfTvrJVfn+EHk8CPaGn0BpIRo6+4FeLclrxkm1pCc74rc3LhwyADDUIrJC+DOL3PeNZ0fgdFnFpS3Hg3wGW5XmUPX9n+qAIBSFfHqptUoKTapNDDyy8CMWjp5FFH3trqhDVxpdjAZbn374lopNNpFNsAqTSHst+CwyzjJ3/mihTgrziKpcK9EtODmDt/Q8jbTvahD0Yv8U3hk+UmRt2FjpNF9MfvnNs1H5rrKrHg5ofpkBBRzqrYkjNmYW2BozgF5mFGv6/oHAmWcBOaGaGuq8/XeTaI7+4J8sW+wmxEVKfvvZuGLSph/zbstHbWj7u7IEcbPrXGAuRtGVSgcMSm4rQhbd7ILI6Q1S6+kKuYcSK3Hwqj30g2oxj/EkmAlq+tiAjp5PikoID1/65T0z65/em0GPuCA2oZDXdQXoqjb1erzOTHZzidnBfMsomfGtjbPjBqHbYNvQ2yMNA3rYz+qZbt6pbIM1Zq00kEc0NdYg26G107yr7VuafOLLtOq979sxlFsEGqbCX+bTaq39q8D8iSReKOcATtZLjgnjWrwZQ1jHVkWsGnhZO9h8umI+ACvnKsk/U2LJILd9YzukjgGyDh/4bkzBeo3WDZ5vEBf8PxP6/YonaXADWFvzCDQ9zSG0dfhiMemz0PUZBvoYA9VQL/fXGAr7CZbEPg368ewE2NBhMG+WFKVs8dYoYYstsqSPDQ6z4PCpw9MlMUwhegEqSf6UgvK3OuD/2CTHREVunW8oW8MYFkYKaqklXYAGEiiIhXq7sKq5dBsADO2FQRacsTt8BzUiONMMZwtZ273T3YKvn8+dW8KliFWUdcyJHNIEDnjVrl6mY52w+DGYY1VD99J8/+DCMXt356LNvo16XHhRGMk5N9MySSMaJx0PI/IwlEBlDBb1X2Kzwj119zAYENV/02h2XI2Ua5LwjcSO+KE7K6ObzqzCDHI7CCYNWRlNXjZz94bTIUczxUbxsVeCp64IHm7OTtRJiapcTacSBpUsfe5zMu94hH0bxyVOaiJXGy2qSXjrBEwcn10/BPJxd80jMIH0v+lP5fbdffoMZBSqzGnXgAyA8NTd27g0Zha3TbRWqHFxUmVagN+wKNbQPCnoRJ+zq7imDPZUSLXjBGNzV+7zNNPXln520kZdzEFdJpATOHvPH28jUuodJD7SL7j5OPVdQvbWB5DSpR/At9QMqKmyb/+oyolrL3Dv2AiLoor6P5ipehR33ULaqaDVqL7zNrfk0LokNtjSyN+ncl8c108wjdgyRdz/T2HqVQVOg6kRmJLRf2ZoYzCbjq1uATS3uH/Wz+x0mmhL0sgqeQV87lBD1qL7adPWZUPCgn8nrujqlFBRVZTX915fE2qnV03+UTrpjB3GzrwSODIBYl1ivzhRUJ5KeLkTpswsXq3QI9oJosJmi3ZAZKKoOS8G+ruX5yAcop/X8lo4VgUVYdioaWzEkgVqOkaoxHvTAuWwvZnInG9uHFrBeC54/QkP+HVFUgcsq2OynH/AY6Ev2xBSqGXV9rqxkEnmtbmsmU/wnHl2vmvCN7ZHhj3xTw7auNUAWBrO2nVO33IZRWwcOb6ymiB3NDQyINZgEun+TfSP77x3gMZ3xcL4SkY5BmsT3QM4/Wei4wFt+WG3BK581ZlxIUOIQUxyow1VKSPh1RgOhfpYgYJbFlEfP5IxXax7Bw1xRJwT1ZdqUCKydVEGHfLfQhAFcsz0nZTpGw++kg5YBJFMnGtSTfNVCKEHVkA7yo+nneK3RY91Rya/oW/UGAUI2DDlxRadaMNzYNGo+GmIMq5mFEqoTy3PsHjjN3KUKQpNVuYeTDsJIzJdqTXh+Cm2lvVI5U7CigT+kF1vE/urX8bI+qasd98VwT2mbI3Of2xxwXXFME72XaAmxig3feMLa9Zvu1IaZSRhbTJQW7945VLzh3vjortfBLbWVd8JALlqm2DmMFGDKVqBZZKxs4GK5Rw3amwV5xp26XNzeLDINdwawfs2z0IhFgg/8MKSNUzIwlPPDhQFjaob5AOk+b7uzr2rEMxP1BzcZ+sCFfrNEe/qlIQ06xlaOkOy1fKJprgLBNrKE3RhpobkTpb+VBO2ChM44NkRu7bry1ko+XBV7vfUbhu1CG6sBdsuC76KHGp6fkW0E+2vlRRTOVHVQVvHmSHtKC7o/vX2i1rX6H77qh/fpvIOA9EA9NsTY7aoRMn97f5b/UkX0ddQMa+deNVgqw29eMIZxLR0abJCBeNs04h+eaxKZS4fMW7LAe71Pw5IdNsmi2XUjyA7NmIuCIlTB8f1H5MA6FG++Ihtg+5xN+g3oR+RXzo/zWeKbTdNNB7vZmcf8NTztPZjVqeGGrxF53b7FXHRKALJeseC7m+OuTa9u0DW01h0IFmdLX3erZuXfYdIYkpStDnQor9QxdMcG++bWP0c9dnRz4pr6/4s6NlT8Qk+FuKULNv6ngJ+2KD+e+Nrr/OJk/pxqFBx6jO/XWYUfv6KmW69k5KRCYSqp9tA0zApCZcD2nTuSv/wI2PF8R4MoiHWJAnrx11voSQ+XbXge2MaWj24ayjexJAQaNrBtvP01OX2PUgW3ZhU04AMRzKyTsVDBGsNfWrHABTvSls6ct3S/wV+B6B3WNnqe7Uhu3Ohmzp59+3wiMlxR03wjlb7Z5SHDyqKA+onii3K0/FJPes4AoZAiSJB5aTMcyYg7boagzamjEMFk2GyHFjeGJn/gNEWbp9aB1GRnx/okn5KDmrQqSbKjLxFbaviVf2LSZNpB7pGdTp2f8oXa3XYgAir061vBD68+aBtak3zQsb+i5ZyW2RwAxhBVwvAhwcynwI7lhgZUcnQCrdhk38j9GxRMUCEvAgvYJAMXHmj87+waq0ZexFL3vQ6CTweXti17SqR1Qt+JnDiK4u/+oZA10Rg90UbJtD1hQAixNj/xnb79Rta4eUq4+IBJ/4+4DjMqHZLNu3bDcWynZaWkIQQFXZAVvj3Ha06Y8kj+ejxxPChHDV02ygXD8Qp1o+GNixN5IiwaoqZrtqTiRxpgueesWRJt8Gk2L1WMiYj5vGwKFGa4KPB8omdqf5gH9vP7yADFg/5IFLnTcqLPj/ba1CTeNv6twXVjNRJnH6RjAILcSbs/QaXDv1PSPMAU6KCBpkRKnX0gXqlPswAHmKpokfbcwcS5osF3PwUbwLXBA3rjaw4Te5MrXa32mUflLnTzdDhElbO7Cisow0AnbjpfITV39PS4HkiqfhmfwHGlrVK2jW2GIbBgmu4KMVujtKOrEBNKr9wSgJ2gDeNtF6JCQbmFA9ewORf2/+PWZHJDN/3Tw5APfQ++8vYHPESXJ8I63LgiVrvokwPWH8VWNYAHvfn5qQbXkEPjc2cdO2HTM/Jcllfn1kJzeTTR4sklHkBX4T6OWV3+/bX4BrskLD1Z2TOfCwpMMOU47C3jHT8nfB/DD4G/BYKk1DWDqcGMEaQpm63KI6uzxN9mpGHN+rPVOyv7LFu4TN0RjZeKKVBUNpIXHefCTd3lJOD0boa06rWHWcR6lwBTeYfxHuil8jwJ6bgFSzpRS9mR1LUaXGRe0u8OA1Dfhh9uTrh2vfpBz9A7Wv6gZW/oK27FLIqSRKVZHIK8PLlq8Qbr5oakgPd7DNIEEG6sg07H35nt20ASf6Xag3fvt5wJBZCgpBFWSUDHWdoSm9cIDQS6CawJswwhNfTogPpa0cf6DZczmoL0Am7weL0Zl0Cbcj/f8f+zu9pp2zFbQa817JlAEpzo0EjxFRUc1HZQ00gH6ad4x/kWo6dywtmTAF0Hlk7PF/+kDXKbm8iNgj38HDzRqzRFNtrqWnXIIacUs44NpASndAiyUyVoSq7pngrI5KR2yQuMjGrKaw480aG0UNhFpSD6sQNzgXqNIqRzBIZJ8XgMEGUew9va9gog5TplDYZQ9eMYLSA6kV8vQpmdqXJFYMLO+RzERzblz5DvsmiM5kVIjrZyCQ2nuQpoNzv6RK2o7gduFaGNVL589mYna4jNUUxr9KpDnhIdUP162YTK47eGSMoaluGAT88au3fRrevJRd7VMTe9VR69+8BUqy6QYbiy1OIE0DvQ/dSnUA6TrLLzv1SbWLVz41tbnhyFHN/ocBkcttEtocWesZbDMUt6w7ctoiFukHsa4bCiFWggyhBPR3AEUIzviwgtQgbkx/IvoHEo7/vH65ocAOrVDiPy1DtbqVOKFwRgYmjbillD37qL4YSJKUu0ztFzRO5DvkYJR69JcAzoWttB7LO/SlUdoB/spVe5DuLF7s991Uhgxy0HdQycqnujZPBavN8wW8CCoZlzLwtIcOTJI/txntcxmfWuenAOdnnaL1zOh0VVMEEEuYwmpp51LsB6pHwjKBTNH05PqJl8HYrAhEwpU26P7Jfi1ZccxFtvz7y8CZrGf2D+GNYzmNio8eEmr7E7amRZzVWb9lTgWsT+6zd+TEn/iGoQ0vdbDjwZ+kpq90aTtidsYmASEpgsdP0g6HlhwShNucqqp0GGkQUBTQiKb5JiqHpF9GM1leNA1/ZW0kFhlOPLUJtJFIS69IWjGeX8my+924Xcs3ycyDHcvKRMTLGrLzkSSQLJ5MV/e+5y2rQkLwgBPTCR+DylWH2TzXRd2V0wxW6VUkTiin4HdgM6fImssz5RtzS29OCzNtq1caO5/kPOo1jcLGb9IGkOlylCKVdq5EVPmHFtn1PY1JeZDZ6gZt90GrjNXmPGLVBcsjAy+GHAszUSSkCyx5hux/oK3d28+b2gx2TkIkgQZ4ZJoxV+zvWvLEUnwPwW2Ej6+s5TeZN3GolBtKYFxi1lJYEPgFnLFQMeMATDagTd7kpyQ9wTXc/m3usnbIfZFoNtA6XlRaJcabYbmIy6/omHE40qqqScu5ezn515t9PFC3ABsJ9bKYdU/IgEQqto4dMHsFr4D6Pltr3imj3xPAVBFwMNdxmP2KBPH6q3ZPXNQfWx+5Oj+ov3Sn3UasyL/pf70CFeUZkX/vjWTVcmzp+98Cf9NNrcBoAmpOVViJiONz/yPWNUhDW2ZJhFM/Ag2disRfNvTAZPj8cvf5oe4xlekSH9MC1cRwRgKEmqof6QGxd5TnAibbMMpLU1LoDylrNPJzw6O3UL4sUf/ujvEB2j3+JK/JOTwbJ944MUdLLaQed+49uLxKqqIzUNIr7jB19bTq6hCmywRdMsGr773Go0A1egmsdP/jiUTOzyJ8g6GtxveG1tfJiMC3wizEQgw4pg396ltPVqCGWgvaMKYQNg1O6uYxNdqSWAHT3xwMps3bMIOkX8gojeUArgF1dunLahHqRXGm+lV8Vc/7WFIjmnoPs3eX3F0d1FASSNLvXT6U/s+zpgE2O20RSGZmTqYT2f5U3gfBV4zGgWmXu206Gu623fRONkJxMh2z4ZqFu/pDc+88oCK9CoqEqaeA5L5Kr5DqfsGGbbAKAT5vhNIlz59Zz/FX0A7mCgnstDV/8kMXTjS/nIKwY1NFWPzqKfGYgkTsg6RiLBmvV+vOJ2rw21h0h1MAF/3h9Aw+Lo7yfhcpHro0/Tjar51tLArSF49qhPuvNFZYzlvT9qn0j3mv6dML6nkPUOiI/B0uPj7iAK+Npx0F1rzwxG+d8N3O6KDb8ZSrmuz9s3HOzPtfsRacj0L7nmgwVvRn1jcSQskgwUtmycjqN5PuatpZloAIzvig0a91H3E/QC6LAS/5dvwQQwrhvo2V2x4HPfjOuKxDAYdGDSoOlfdS8Git78GZsExZKgbHxH4d/mzVXmrIQHhpnKUneKYneMPGkLGZp+I+M0PvhqdqiK/AYsia8So+4G1UMVHEh5n1SMvcy9hPXbFhs1mzh3QD9ZJjHbJnI32IPsr0AR5GZ9qlcIoqAoiRSAbwGMy7JkfGsD7ODTA0v9rj/o31vTzp+DOPLJ4Q7pzs/rfzuxpAmW2h1m3uKAtO01vKkkdruTQpPk8fb6hnBJiizJfoXApzEzdV3orejfGZ1BYaE8TOcNJQLR1UUMA2nK3fpDEBnOhkSmuOb3zkGMD/dRO2niw3IVEZzpTrQ90Nh3H6j8B7TZb1f6Cd6EkwH2hEqS3FjVUDLcTKotfCf3NV1USIW46AHICliEXp245KHCRq/KbQAdFNEy4xiARTsUggIKx/BlxvxX97qJGht3A1CYHR7q5PGz2baPuJcQJvRMEp6z6k5hTVgH7iu2U2o/EDlF4dFetxVkBXPMejFZQCRgaUnm0emwH5cFSTlGIZ+oKwrLcV88ezkLabXPuVAiHkXoaF6fAoZWJ7AYnH0xRkMjd5pQOGlKpsmsyV9TtRNle7WowpWNcrlU86/k4xLMJwLss3QncwC55J7NID5qh/roG499ld+15Pq3QQF/CQKaSo4d+WtiiiO5QVMqvZCZ9UVm4IOI+3ycRr5tl2lHdKsldISIdvyGHzXUlIsWI8XM1XECWBHLEPUnRufy4gF5/nNcCHFVAQdqYKEvxOSuWkC+eF1gQFuy8Ng/d2SrUYwtN6haGMPx+gfBNF+2yqD00i2ZvvdiLlp4YzIE6LUFD2YeYfi9BRUI8okA6XRXMRSktLVqIOtu6huqCNZ2xVYNtL7mrD3bzmjn3OR84XUX6uczQK3upbLDjgVv+M4BysMyWzZKJUt5n8vHK3AjELqFGHoBs6nkw8xKMZlDxA+eCBWX5q8Ua5udq+RGnAdloLysCGE5OGteHqbPHjkLXWhyc6LYAEqEtbeBTO38tgb9/RZwMJL+tw7X8eVgCjOp2Ll5IXfWgnqQiKyfSOfEXP/l5aLx9w+/IeCCci+A4kOS6EKMSocELWtOzIidI4FlsUikuQ8pw+45EaL53q/vJJ5h/VblrpnShqyzDqRpCoycWcZrRuEd9MtPb7Umbb+qwkH22B+cRBNtuqKx1xIIf04LwkTxCa9MfNbIjDXA4sUkMGRJwiwypirRGEh8qpUmY3Wsu2PLzFC2SiIHNWW7f5pYn33qxKWIfoIUOoUOOlpjwB4MQA34SRutuGmg88Uzd3eKaPvmmSTzYpH5AUSqBjUnMM8mYgyUWaRCV/KO2No8G+8JWuPmTKL3XxIhfvjcL+28IjO8frbAtdhd9OQfE5Jlk6UbKbRwhHljdTHKNfbQTlimfdy2oRmOng6WJO8IbegLadv9uL9FB9jU5RJ9U06IDV8ModzXCvcOR4E2CIeW3QuSL3s4fBJfjr/SQ3XqOA2tgkHmreWpaP4f/Oact3mJH43bs1IC1IoQMEUiOYRfX79ywoFCSK+kr5FeFnPjU7PFI+4dv83lggKyuySCZFGVATadHm8PHj2YhDHcEcITLampmm0v7186KyMiP+5AJj035t7PQsq/W6Ln+01csGo/Zt6xH0/vsNv2VRC35LPHv8J1x7DJvmxcwQIZq/iqoiG522v+YAm40prMf+6cjtGvjh6Gfq3P8a+T8QSPgO69S3asn94CcHATU9Y5OqWmhdBjZKHuVaFPNoiZs1VlQzPYcreFKRAS/UaRJdOu6EIjo+o2ElXXJxS0C+02zZ2itdJ/hEhrSH3x9kTwzjdjqOZUzUVmshn4zVFjJrfwekrBjwtTg/2AYdA3xDP5s5a5pi07ZaPQobNJNFwpF6J7kmf+HVut62v/3QG2qI2ms0Ic+KSz+t6Z4xTdkOz1Hz776Ywa+PoEnB5pN3f4BKpp3XCQnolTb9Ttz7hDUxCIetmEr2WFd399WDNsm1oPlGGw4DhPGxm/adcOQIa3cx0kFcsNzcqFoVJHDzwYL+WfIDJuU70XT7mdP55Zc+JyH70oTSJpGldHdfmk7ksJY2qZXMsltmCYeSNws4WOAZUiDWn03KxDJRuKya4FfBsfwWEgsorCocdpE1YMn/xIioAL+gXQfbE8XBHgOODJ7SjdE5mU37JRXMMGFz7HlkYIaSKerFd4ZtYV7y+tZFBHeQ0iwjHSJwii/JVJflLb1jYBGNlTDUhk1ui1UuNLJAzDPveEuVPYdJpNgOnXZVdK3oQUOKPKVWu1uUr8EvQArpuoSEL36VkxQHjCAQErxAlk94jJCmIAx0iSiEbDYVwVZPLEeuHGlSZnQREArUFDDV5/mAndr8ZoMCH6EcHZGzvBRLYWDcMwEQcp1ilb5WQlFWIfhKqvcm147au0J4AUQ9c0ojszIKdNrhNKZgqCBWRwwM9rrMHune415abSBDwcz7le3mXdlsOrgqwXDdvxKrWiYKxOBIM8m1CgQ3lUGMC5lJc2hh03GqkGoKFiDSqmyJuoLVN/eupqVsHX/J+o1YLCWmWzEmZjMfRBcPB+rQ0vfJLxeJCsu058x4o2nKOcLBQkqylM4DHNVuGMk04CGtD1hl1xvYqb90QXtxVNksyi6XhVjisJxspEJKTwKQs65fv5LgwVhVJkpxzLSERYC2Y5aMQqgLqGVSjrkmCg8qVQL+R6pLa1DsLVgnkwD+M43vzUcmxS6UgQGJlfWI3n4SrAd9QiOLJ8bl9DT1HHg8GHmLA4EEhJrO/jhZzbguZmU9rkmHC7Z4bQpo62wEa7na0OThMrujroHueCUuIp/Igx/4HsbQ22la8alTKu1a6W4gLcDSSxrkjIy3FMgnpHEEicEgEd0pIgJ6Yz24VkCdGAzYFIQ0PBIK7wso2RxvA/8qgjVWfVadKdgDPGwzUIzAEhMENpkm3fnxZz/RTMEnSIjKb+9lMq5Dvg98bfLLHb5Nu/+gRWVt6/8bU+Lvjj0V9IKAzEOy5d4mOFlwg5++kPPClinJFFIpGqWwmKJqjGlLdX4NYj40Rcr2yemwjxQjozH6GX1l8DSEFarnvKEi06VOsLuMOXMBSdBRrVZJTsGy3X/dTSievHTQ6wMtRO6aU+CttESmgW55URe20DwAWPL2bd61lIqaslP55bNZl9fH6yrERaUw0yTL/+FMGGBHHpArTd8EZWrBh0Mo7YiOg6PfxE1fyth+T113gvA00y2TkDgjElNkafcNan5YZ8RxetKkgiA/5XyDhfePg2aaz6bc4PmzC8LV1DoGlc+DCBR1YcOHxsBjBOQ7VXvQmytohT6POv8ILLjyBkBjFL5iF3sr9D9RHy5vFhl2ygIjNVA5nRLfsAKqbu+0w+1l1XEZ+aWAZTNTbIgF3JuKddWTDlFMOdaLTDbmpBHR9TuorC8GB/wQVhTaYySwEnx+RyBcfbSBMX3mQpCtfggeKrtZdiX82cKtsuRcHBCFdEN5w58Vj4AixCodCA+SCy/zaWTbjYYRVjSkkmNIGpkiQ7yFS+2Idnz+we9+bbDLJxx4048mfL4b+n2ZDgeg0voi7gXm22Lhy3VuqpomRN9Lw6ZtBlUoJ+SrgsegQEwpX+degNKFz1OnGAZof0PuplVHgfAarOccyAyAksG9/ojGLWzWlr0L0oRF5fgu7tpFlJaoho5xyorwUqkjGlIrl2nNjlcTj02/S4WnBAN62RuU9u7oIsMNNSq+rK5OJmquVTdcCIlhpd9CXQ/99pqZOzIMWLiI//zkaePvxK4r4ijIN0XysMOqPWTCEGHnUbeDtuS7su+47FuQs24S2oN9UtwW43cOaym5LsQIXyUoNECzZbN1b/Azp14uFoXAWw+G9UfwY4V9MekzDPH4tQoZTmfBQEvqL8+OwpE27KWXJ7hWbaSKsuxihPwiKuFqzmr1gX5HAAzUfHlRwyu9uNYLg2mCnGnRBU+WqrKPf1uXFTP9TDfD2mu6TPBwU7M2rg7OWoCFgCIitWamjeCmVkKfEZ76U97Tw/AF9rMsz5LFRvm2ez6gqhMigPhykZyFbiRcSXE0WVXIly+rxpa2Sntm9tA16vB1jvr9+Kt1tvLobCd2Z8yf1JEwXwqK5Bx2w71ZbVv94RTECDcVmqGsI3eu7dtrDpIF1mCyJrNzk2MBVZcux8fGdNjcNd/fBKc5wR8mJzlYQ4L9aH+5YLJuOI+avEs/7V/vq1Z7EtEaaSa3aahHrDBlbG6GuR7mWcbItGIYB6pKrBBfMo0IPwPfhRYh+k6tGO3rox0Lp6bOr3DoeTq+BydBN2ecueXI3OXd4hv2PRXLlE14yrFIORHgQYZsGxRKwAg1KtHOjopu69XA/scGGiob5Qx7Zbb16I7g261M24960MtsyYlqpis5u5qPd8BUAfe1dPjM4+e7g5t3kbz/r83W7U6TXcP/LAXqRe+CkOivQFcpDpTcZCPm9dU8xXTvePuLdR/VuJQJkFHOKBuRxvMxSLNd94w2S1H98qE9YsBhS2MiDUjahrhpKo2FmoXmP6t9o15HdQpyHQYm2jkXMXD8NbQ64VZUu5C/YA/ns44f3i+IyyxlHNVTZDd0Pan6bM8t4LFRTbuOZ3oO95Cuw5BWniCD14kLq9AC1y33swsSKksJzULMWIQtcoD/24olootnyYXVoFCUkQGT68yuyr/7e/rdcILXGutdbB2AjXS1gD1JW64g/ApjaLWgTbD7o58gbqgjJ8gmbOjIbJ3wSlfoL41NzhnvyypBJngDemQ+wwMYlYG8ypspJsgDvaUsipsZ3gINu4iLqAbExKkxn5YFY/7E68iaNlXhs+2Lq9aw9ngCx7WJf1jEnUcRXG4/Xda0hiZEVCMYGXLV0qTbx90eMkSc6Vkg7ggXHYGhpDnvYWOVKu/hdvlhSnIz/Bxv8mxtK2K9ZkucaXV1+e0NApb/pWzYd2zsAqQvTTvxTA0E5e90PMXI/vqglyRfOKDcXpLGh8uncMEV6FJbGi8k/2de2UXeqiyI8vDo0qRsY/soc/0ewonCIpFzn5Oq2kaSmXpKslSZN1FZqqvmFRKFzNRr1nJqWEIjM8O8UdpuBtZyIDSJJ4/AzFS8DFYq2SSWJT0ex1wYWpgk9V9C8386emSIL/tLT2ccilzklQ9AnhZsLKqFPt1U9zdIexZJDGl4AfTjeCNhoatKpesCO7aqDeYMvVk3tnfdvtNvDLucGF3paOVHEsz5eKUfdiLbhL030mj9M3WC+IshYeUDnaVxtoOCW6cOiXtZdkOox9ZTXjy+mCBzECsiDEYHNoC8++EIVHRESXsrVJwEjmDoLvbiCVCvsQ1H9eJd9aQgvKiB0mwAn63wenqz/a9pr9XgHBR15/1sDW902ehHtpDyQwxVIJgGvuT3wzpk4q4zo6CmEJ5PB4aERnpAEIbvJby6l1VEWaTKBArfBrK2iB2mPRryh4ML2MtlxdGx/ShBe2pLkt1Q3qXUtNhvquIoLtCXTbEycfoS+vztT4TM8jeMOvwLm+VI7h558k/dMogTiBRvnTt5eWP52e03f93X4ueMDaXV6EpJbKgGFhLm1p4lHkxK+0MYx71YVIHu9NzILfPA2+3rJ7pJDy49eibtQjVhY8kERJqDMUximGoQwyAjs1ljoqBLBkEC3Hraai1GoBASaraSfp9NdHu40tAORAqYmGWWvOQ5ZV5BoawhhMpKwp4BIJLPmQ+ZIkyzIL1Fqe001pRuWmwkm77EPJJJr+P6027VbQCNOo2d+aHDbW9WamYlSShV6RkzjkI5V5WbD1id5Wuso3wCU3et0EuR/5PT0A64hc3Xj1Ys6SV8F8q6GkXUGOYwIhMdWt9gaeA1Zbw3VErO68eiFn/fnY3ORSglXocI6pbeEbWLp9U1V6InM2G9hbn148a0rt2yv97FOnV5ab53509ua+bCO+OvpzmTDqS5iRcsXWaL2HvP/YZBdN1zGH+CP1dY0Uzg5CMaXZmAGaZEsWAHns6do4moGwj7lCKd1UzRV533S4HESr9Bsg7R33DlLjTKnWjo+AjnNWzQJvjPjcsTs1h52aDRCtYiPahWCkv7MXLqVqx9pnD+yT/ptcLkmZDrLl9JugCrl0Ra/IIAaeExWlWl4p5/LrwyVxYYu7N1QpzVpTsw1bN4EEhGJB6SH/+FvFMWxmsOqgTWfiXBLj33zEOU+An0ikFVQfqzSwMnh1LlNVKCZsaWyytgtz1I7IXS5r87YcglPe5Po8kvml3MPwyxhyVkkmVB0ANXMNiDZg4ts9KW9XV1Suy6RzbecaD1cC252sI/NRnSOKDMvxIbpQDLvn1Y0W0ZkNONYiD3p0o7b/iKA3v2/ESE7X1tDQTgMafGnlxklQqM70+FH6dauAljFBeRj6yk6LOa+5u0FtUeP+A3fHdi7ytu/AvVXjNbojjj9MQg8Rg0zLXn0yCJ+lQx2/+pNsO1H3F/HJ0Bh/xroOjk+HnSl9oQf9Ic0IUMjfTcL+Rm9mOPZPiCRP2YGvA+66AVP2DceG0QGDiDisd8+6rwa3fZtHQZ/RWuhHeoXCocyWjNSa6Ob++q3Zyeiaid+DDB0+/wiehK+uI2unG6DD4wd8St1D3b5WBOjnTs4+G5Z2XbHjo81wHRdWi1zQuRHBbJ6DMDUMTdBx6p/kHDR/Ioj2DLBBAWve0udYF9j2U31lVSi4TxqvOA/9L6V//tkx2qfvtnn/yr163PFDGRyLDMCWwWvK2+G1SXeKlZnxJ4LWbkmT4arzoN+Rm8vF433yY+X7tX173BHfEGUtcpkXiD8qIOXYa7oyNxKW3hDzofr0L6KnAf/M1G2fiPYgZmFsybb9cjAZm989i+7snft6UQDXeGbDMBbwvvvgE6bXiBFi/z5hP63oadAH0cdmkQLR7pLVedJXyqKDWC/1E+K1FkexgjJxAjOazCqcfW3Uqa+GuEZGFy3ahX9E1CH/gTWl9fHHFynN6TeW+8xoEuEQn8Ty+Pa74TdO/ytKBepKMJd1jyBTkX1cHNcJw/sK4ACaCbK2BMQ5N0jmO7kfqNPu5CKw28XG7mJPb7NR6UmPBC1l0qDmG7kQcBiF5bEAR2h+wUOVpXFRWASJhIAFVoxyhGsA+40qj0aINHXsgYVRqa3Hk/C+B1hZM7tSJ1OgioYJIxG3U0S7OYU/XzsT+42XpbWE5FED1clZrVesS03Aeq75IaRuH2PbCBPHGEIUOXTUb0cGHwszgJoCQh0Dc4BVhT0xJjOKPAUNTCx01d8zL+wGJnBK+22b9znjvFKZURRG9xJsuL1bYpY1pnZz+38vmfcn+hsGZR0FZTRxKG7/IHHscuBg9Z59sZ3J0WW9BNGonTpoP63X5kpX7Ak3ISmC75MsPmDDkinEo7/2R94uTGgpiCAt/W9vn2fLE6xUEWvCtYUJki1yqYi5DMOPNaa4IQd0RpZN8l5aiGfqxtfTI/+5kekRIR9OuPbM6ZlkVYpFMO7fnx05YHToteoAvv64HikXMQQdjYikuFsYL9OaWLuOqUDUgmF12KBPzDP3QEh5vdxL+VWPMeq88GLLZLGK5i2DZvvDfC93C5bx2a7VjLqdYT+53pRBDGj6u6TQIy/adrCeOMhLsV8Z3uZM1wbivkfVNkz2qGaILuw3D289EIbi9MAbX1ulmIhdo9T2DgbDE+0byfHJkP5GrY/3255gYLzyAmUIWLvRyeFuvgWLDCdtuWbL7zWGbSvJHujZfHzFRu0o2tHinj1z0lqpTwvVcgx2Uzk9PD2bhu2wg/tHuEEqDQHHS9V878ALGuOinJSfWINbk10kCQ1esA8p6GMYNsc7w3KE5CbSUpxx0dWI1zO+u3rRJNBgwMWgqUUCn9SSuJC8aLGR+PPREHSXEuc7oJu/g3N9sRzDzz5OBbxbmE6wUWYLqVsf/wfi9feuv3+cCx60dpcC0s3NJdGO8li37vn4mfq0Gk5jqHP/S/JZUMN1ERiGu97LjlME+Y3j3EyB6RYL0yPO9L5ELx3j/33VUMA/JcqodCi4ITDu2IhgMKtK2pENjGm36nvI7GgGynXHqdk4ev1GyZMH4kzGXvVXoFGvaJ/FfjmDsyRU+c3aWi0D7PolT3F4WbP/djOvIZtJmIPXbpQpIaDSDDN2FfVFWYKvq0oUtYxP6pN59sLqcbFcsUjeD7pTrmw8upC1ZDEDVkIxVrVKARmsZUBe2dJQd4qV7c8DVgg3sRTjVaogkkk8g3dl+z11pQPViLCjxDL1EaLOw+d1CEitgkgC5jfc99kWqoncsyUllbsB7c+Isz9T077xmv+7Y7z7QJHspsZODXfWNgbf8wwct3bw2ZHdkfbSsw/Zor8OBSxhn5fzs+UJZwBMp39fBEXbuBE/5aCdby6PW5GFrt62gWukPY9/U3UT9XBBFlnuKWtTut+5AgDZ75+UXxzgsQRQNK7A2nRvq7ELlIHk1gNPJDzABS7qapynr04x9ni2s6E3DMACdeKCDw39hQBWJPesiOZA7LAHXyMM2sPWTKK30Zux21214OORSee+TD/o6Xozgni5oOVblyregnuwETaRpNJht8Mg0OJhwNcXooSp5/sQeeMFrMUgustU4YLCdUGuS3fHe3rpm3FflRgHtYvYJL7iCgUHcwcjXZWoY7JkI4YWDALKsjIbnQY7BhMFQliIqUpsG88JWYN2fX/9QPhLv4zzqszI/hObgFykB4BiE7CyRBTaJ/XAxo2vZklfRwugpVZzKKgZet3dzdQfDPszibhrlC+JreqfcO+L9MOevZ4KhsglbAXW3Suhsq94HMRMVnYA6e0w8klqA9Zblbn+Fpr2p0U3HY3RM3mm0UvN9UkU2bN6YL6YRMPC0aijZ3aHhbqhRJ4O83iXEUNfdX33z+IrXyYdXC2PpgvmM/StXbFMJ+OjE4RPO1RGQDZN2jR/AAqtIIVAego/6o5hkHqvFyoz0Djrc+gbg6QUhLrXvmThUfRivwRujzRFrLaLu6N1KNpt443Y6t5PBw5mx7HdngXnGFcj8I4DdcHZRDI+41XcwLwpfMr4UwNYZfPhta3ge/T6ynC3Us7JpYqUKwUuwTB+5uNXqEJ73LnJ46d2DjYOAH7So+iKISuwfCUjDQoxOnJ/vDnLnUbmsTxIbWzYr1aMmqSPZHMX747Ga1V8Nr+wmF0D6IpbJhHBoCx6qGVSK4tnZEkRFNE6snsiB4BNKIXjEtCZ5i1EXPjkdOnMLOpUgOFua3JA3HUyhv0018Pmb1ryZ6Kdui8qIlPAmZI8DEKgv1TGRGD95mQ6G4C54M+RMZNcAyQosB2xjFsreJJ1ZdIBLQinAfQAFkq76IkanpqgkXIiXDRD9cnDGgxcjoSCcOpOn1VaJiE4wEfcMSfDOM8lh9rEuKU7gRV0EIclzMdADS4c/4O7ggtcprbdbQFwchPlvBL/lX4e1Wh+Gy3qMoIxTKz2Hs/n83lsDFbRhKsgw0qN0Glqi1vnswBENOzGYHXw87H5yVzCVyRKDfAcvKBcopyuoIUx4LP6q7/lG5XTQHZCf8Pc4RuXqjZulk7uPOmYbIdInuwumE5zoHuRPVdfinX4r5/bgiuxdjeuJlyETtxx1H0tVK9GwT5zRlboStDKGAXGDnv5G6fYdHZVam08b5vLobyxwnPCjap+/ZiW1MsjODwKOOZuNg819NsjpKALNqy0fTJ+YBLYiEqoiu76hsO3OfRXn6fqr+UyObduZZRS43PjabbSehkjxHF66cMIHG/+p3sZF3M7s8Ct0OU4buCBqHfttN4tNZyvCuv+ql6cMbVFw4YaNW9W0XCHWsMtdcadNVbAN2o0tIfZdeRcQHL8MIFKr9wRV7r0g4rURaVDYnt+BES+Qoqwbq3Ro1C+ab2wIR39jNOUFTvRb8ghG2hG2omYYtcIZ4VOefFo78ZybihWB7vebxr+38zv5LZokeQKrgx05U3bx5Cx4zX6Igvh0CvZyQMo3zRS+BdByrjgBKyAZ1d0jZwSlDqGkQL70nwOCPUC12BEIbkZsyfXCC8pMlEWEOKOZ8j7fTK0V3ZqRRm+yyb65rih8w0ByM2PPtJj0UNT/I+EyampWLt9Z+64PNv12H+J3aoP1n/Ux7159ghUJOmEJ/wx2s3CWgBe1Z57K1ahSyEN2ZXKyxffWtQywaJ6WVkENfrp1RLUZj+otKAzoBkTxNYtjXjhTQD6cAx8gZLq6DTIUKEtLRKa+YB9pJ5rTWkFGVVTUh04pg6tGkrxLdymwo3mZpIDLAjxoxjgDEIsBBQrT53QfSMT5EEls+UeX5LqBA1KezsKCgCLzcA4E1jFRtzbJd0JDrAR3p5Mb4OlbsywcfOKK8B6Hb8Qoj26zVwN4oUru321Tg2WjGmfKGOntwWLCbVVl5wFAMfxqeDRGoU0AfkpJTWQ3jNlLwX6fXtphNAJMpqmoFlQpYqcCgoLKEVpbdvP2gUA+tXGdx6YHPr3W7Fo5/kLH91f0/JqvP60kz7hmLm006Frda1lxFIzF/KPddW+tG6kUhcHFlQoA2VbKMqzMIP018GJssDNp1QFUPmqDTBHD/THCdtNxif/dJrYZev4tW2EQpYvnkTuhLs+S2HipwGtBMtR7hZnkLoliAz+bJEmaHSiRmqylydqPp/rap2y5a/FY+UNbbjdhmdOvPZsEgtPzOB8okWm8/BvXzCw6VKRFtYvweFr/EmMFGQ7wuh4Yc+ELCvLAvLFYoKnuXVlQ85oBtViG9DFRlmTy8sJ1lRkZ7SEa+KHTprLqOdNycR6t26VC2MuKkBHtcdKGK6bdy82g3HUO+WHnuCOlh+TTmarlhYjACIvD0mIxj2Wpn9LzC+3GuWmoLVz7e3aiIjeUh2NT/RNFjxJn43vZUI5K7LYQXAjYbZaZH95tlwMxQa6ztPgOuJHB/slJEOJUEKXWVVuEpOVq8rriszvN38/a+vtN71ev92ZqFs+kFIBiWBxUqg00EKsUU8K7enFq+6USD73TbxPRoi6JDE0vchXY3v5dNBxejSiPC2yrKRRy0imja2kwVuwwA3wkAB7NPZNJJ+9OWzj25PoIP0h9v/zqh9PU1Yx7bTJGlYTI5DinC+ceK/3h2I1QytTSrzYt4sGHdnWY0GTMTkv3yhGVeCisMQ/3RpzoOvOSbs9kW5Z8NOraO63ZxyWuyV2Rm5x3tsy03AXVStDfBOy0FmVOSGbXnTrFil25n5nf5Edp+wK53zNxWLfq5vKrpKdyMEcpqmvAjNrPHnXvddVKipSjNTkW7JMfWFzE+qbUWLkJee549q6caf++mRnD2qb0uiV4Er+iviSW6JcLcsYWHhRQzyNZzURpUYPJd8Kljiv8Z8AeBa0CYDacGjlhmvIqzlupw1YK4kqLIsA40wfIQ9cSjEoIAGmlgF1svijIy/J0gjUwv88Nf0fG1kkg86Nyw34CsN/ZlovmwgRZR9BiFauwNQHRND4MERV5HsKzClrFEvZO6q1IQITyI20rmAb6QCax7S9pZ2PA+caFiP/Jsqx8bsPXT/xWI6cUhWdmNCO8p6GkMFwxyjTZ0QuzZy7bjkfrQYe4I9RP0C1Pa5vBNidOefoIQ8I1Ju5MZwJmYMAcX00whGACaoyIDaVhGR0hKx96uWYyoY9jggsMNXrCgMMNSzAoEHbnbPkgbKz7EKGwyS2y5CfRE8VUhHWNXxZru8KtIb2Ia17a2sIsRBbjFkQVkE4YIdYXtiIQYRhiR/zXrQzDbggph9k+3Bi3OoYSCxzjZIzJB07ou+WGpNlPW7E4xFPu5hxV1IXqht3+2A2uZsg4Ux+42gXlD19mm1WWhdq4Te5208t9thNe/UnsaVKD7yAfR2/3DIkP8AT+C4CwOnk7Yv7ejCwrb12wbIs9GoiTN92R6tWuSMAHlSZ7qjNMNMk1PqghkbYZUMQI+QBfIGfU4BiEt1m6sGAYeu58FNaFUQpp3yNqSFkBTZpurLHpi1xSLK9TRjgaXbZcTDE5FMM9oacJkp7ct3ONbD9Nd2JbFK1mYgF3HduTla6RsdkvosW9G4fKbCqqI+f6GsgxTmU5jmpKgEin9cRwHSraJdE36319KcAbf/t6hGhbb3TR/1veiOSUJ9UPtpI72Uc39dmb9TZgCSEKSDk76uWSt0qVF/Xf6n90nZCTsu33nCKQhEgcrx+grdNN53PyhAOeBvVkbVKjulyrdz9Ue2UdlZmNUR+lymBOYzxe/W6F7H3FThYDuUWrHzOpatPpyxSUno1FF/kC25FGdmHQtsUyHG3WDN7tNF/WdCDgGe/MIKtgWYrRhFHTSdse77Wyk3xkGqVai9BrDVEHZPhpJAd9jTAvvK7csBeY5sUFiOSIGX8BULOP+sbVQOueYy8qfcX5+ClRnbhp6QfKsn6Eg9iI6CXFVZj2rrsAl7B4nRI04RyaKjdaKCyL1QbbijvULUCommHa8PEMxrXgK18st5fmmAIBZgR9kyvpTXagUk6t29n5o6dnPJK0rYrIJHI3ZfZkakpMJU4ttfycbM88p3TiZE2960LtNuJAUWx7ZnFFdltH0vD6TLj4PI5uSgQJqQ4WUDqBt1ULZDWOlYQRz07EA68h1/3IP+x+e1bFdYpvylZuClEDESVTakgEWkDcnDdiqgcrKkTQCzBvt/Aef//ji5GemouQxrRmZwxmUJqhMcLS3lqMC5sIXZoSjHCUIdXGKrDJZM/LsYEMlinyJ8XP+VVPe38SNdoumta88Sf9G/nHx0LgGnjNr6/Q89rMmwXyVcoYfWcek5V4GVyrYoHBHjOXBSJnQy6P6lhbzBT7R7NiqyxmFVBTxffRoUI/vOq1e5RbQlAOy1nIPqubwZsbnzzp1f0NedRef6W0r3nWpaNhMTfMR60p13drjDbYVsE3+1d6zy3U2+QaiJgl0S7pjUiKV6wXlEI9JOeLnYYPUBtv2EKJZ6Nv7Ss3ek/rNhVceglYtDogYb2/804onJFZ0AC3wSsitctB8TSTsmDJWeeSSavF6nJ4N4iWUzEse2tRiwnFRVG44kCm+PLALjTS0jkRb7xei3C72uEoLRLazYY4VJbgsINx37xVTDD0MU/g6rxWGTLStiRijgdWvs3k5oywsNtE/JOW4JtDvzAwh149UrOOEFnIhvbo03Q7lr+lOPoKfI6T9ohwyXCABN8vvHKtVVYpti9UUSsbN1vbRndSYJDIh6cNXir6mFfb6hKCCwuKBvswLRyQK8FNOMzRT5YAZH0GIMtdrbIlAb2JnU4Fq87UUujZV4a5ZQjAlyzpzcYWOaTnEudqG+1Qp6W0cbL14i1eArPE4XXYyw24GP5gUK8gr63n4/B4e7EH6Q8rrJt47G79BHwG5xqqMZW21aaOK5GOT92jH2vcTqmGQO14OU0/o1/2nkhPsgNlIergw10NiQ7E/rLrTAyNj8ClVVgPZPM9FzwxpbhtP4nPnHp+LefRWpJWTPYt+fuOD1swL+4zENhnBki/ABiGLUoXqM4gQHD/NTW3O/PX4CBBMNqgWwvoI8Z4+3mg+6zIAw+JurEsBasAeKjiMUa0hhacv/dF9NJho2C1cLak6FWKEmmCSEsTPzyJ26PHsnBKPglemnPOwNE+jnggX7ftqKnfLT+WN2NdMXSIhoiGw6lIXcO4uRErCXQIg6IEoHhMuTLx/0XEzi7a5VWH6KXyS4c2geSUzSXxEiW+2JrD/dC1ClALo1rnkivvgpH7/zttW024GC3sfTF6w6TIzlo8GEZOTVRplrv4juxnfG+BKLzvzQWCspyVAVRo801YKpHj2WU3zmmVcSpfeagDFfnCNw6WtBU2ZiDln5RVW5nkVRSmu8oosif/oagLDsFcd20S7DgNDrAhRzhm/+nHVV3kTYFq1T93RLafkh5FExg+uHj7i3IxloEFmf4iW4j6DGpBols83q147QljyXoBej/A+Yf/L4D8kY+HuXz8P6rNCA9Ixu8CyfHf8iAGmXnAXL2pLB5yG+DKeViA4NCka+U0bAmL2lLwlCH+5BEZ8t8xaOvFl9tbaksxIfWfdEOeclNdLEvtOZPkdTixwFLJ9O/0L6Y2TB4XcprMCBv4zowNr4PC5GRMq72W6EPeIAYNaeAvwdoTICaDcaT40H0lMB1C0itkwRVWFsULtA1aV7ZDK/JCadU5bkay++94OOD3TbBnF0iHPgPfTSEXU6tAa9T/zpFzmd/+WxvLorQrajjH+lbdd4rls3/5ILKgKUi5xv+Q8sJrsylLf+q95sIXZvSYaev2cRWXP1bZlOrUacXM20zKzMgbNQHdsfYbkGuHO0E6zgYqzZgRsyHPOCz36MUx0vSCZxxEZiCgW1D0aGIFGXWBxduLYHlZy/+GuiNbgDxjffZWsuyI0Juu8YmaLzzeRPvjGibD5xylj7uqJhqfxj5+aXt9XkWkaNiidMaH7Umx19RWk+YRBu+qfRBOKlD3LDf/sHvTgFypDmOFMWipMxtj4eAI+SsBY29o548OY1vyx7dHnkNdgEJXLWurboBfaGdgM/D0E8CTdgHFlRshyRiAeiJ6s5Gk+9fuOk4BQ71Dsm/RUqqp3RzQHAFR781fHHJAProluJ01L9GQjThFqjMRj0Gl8I5sriTNEEq5RoOdCNz52JUzbKepdc90c6CkDEKlZGdbv3QB6UxZwOB/pztGuCdy67SPGvO7+V2g2CW4GIgOEc6A8bgY4gOP0E69U/6dfTOL23BM/EHCwq09PPrkr28afKOjk9AkVmUWwUIBY5aQVlTTZCkf3j/9Mz1EFr4UAJY9w9QPlkiFlw3NTNPjfJ65M7babeTsOlQ0EghARXkqYAM5eN7MLdaaTQFp+h/1O8ikbwQpLaRy9T57/MucJPdsnSj2s/ZOMwX7j0sorNI7cPXZQtJp/669vJjdAq/ucdDjUaWK2ik9ejevU2hX0eLLgCPwczWmixb7chdrSRgb/HD4+cr2Ejuyxa18VuaYA1564Pzh1x0XVX+817aMSNt+bXs5fQp8o7X1R4Pv/ysqBawYk7FMoNlo2tWftYbPwCkeGllowlRkDmf33pi2xFqSeH2qId5LV5Yd7OqS1ruaEk8E/c4VQ+m3ZaloUn/r166+u38DTnu+34QEQDalqrD5Ri+AbuzVe7mEjtj5XLaFWgn1bSabGP3j/6bBfb8+cNbSc50PHRUKyzbqJWx71znB2oOyyQA4/Ab67mDrRYCg8oGuxJ4KwuyTnSC5JKu1KqthdFKOSIUSwTITEVmYDaP61RRhF6tujLowUp2CAoVuM4923Vt1s43jFQt2XL/Pn/JmlJFLMsxBTotd8oJNIO5VrXMPz69/SEDjWQW9KJm5XT9E5RamQIkupgfkbs3D9dCsbfXRPExf617BXtz8IEwgR99c/3xmy9vzGF3MSa3qUbSkHkBSAZATrbNkOUjqoEgJj8OoaPPPL1VmN1A8R9zA29dX0QXek6pa+nvhpPJSgE+b0Fv6Tb5t8gQ6RpQRyzoiAhrP2kDtvutvZksVg1VESoYBNzdVsoUbAMrZZcSj//5aCOuT5dsWA5Gna2bBvvE2B0GEafbru2/Pel8Yt3uw0KsdkVFTwqwlCHjP1T0Y5SFXMnzPVrwMllg+cG8k4v+Wf8rSlGA7LPhLWoNkZxThcFRa5MoKmVchS/IyNNO7xdedCSsGoIC2pLeUEpk46de5tXDc5cnWQNud8gWSC+OHJDPf2np3KLZK0pUP/IjiAAepl9HR7BToBZ1GtBU0PnAsD55/TU9fOt6nWHVjJYfSv1Bl3rxYPSd/J0eaFmheb8686qOXwi0rIf6Wlb36tIV7Wp81Qa/D42KCPkrrdNxMzuE3cscEWbHu9W1U/zMUXWGRUZgVNSCPke3Z1j2jsYttkYwfuzFtAkLfbEE/5xuYmeCF7Y8GtKHpzvVgyz0jV7n1Rjv634HmFT+ZmU+i+wOgYnohD6untiKE8RgwfPM3Rysr7MEAoWmPUlouQpKxoWam/0HWPPwUrO6k4ski2u2MgQ53BP/3nq4qtdO04x/2NKQc58fWelcigEuF0LgmXPzwcm8Hq9W+k4HluLF8wP0v0Bzsm4iS2fVwotK51J118StnXUbmHl5GrRFjcEP4G4Ps+4vZx6vzml1mbZk71gPGDcaSvhjNGm9FJBQrUnFKnpYMfMLdlvjJbmBXfb68eZc7O2Wpvz+7nPTV0pfX80FTshOT83H5/95TV8jZM7czg7VNVRiCBmMYT6+MezCVuAJWNA4L//ZrUVXAetTvjSjRmMFZQPFKZ39iCTj3K8GrMYfhwEceKmILNuxf/C3VlAhWSRPlHwjhIpXli1UOtxaW1906P89a1NxDqUYQ8Lsk12c4f3MlCv+waN9Zbb81RRlm7im3ACdZu/TNXj0kPojXYA75G5p+6BeuLmPwSLr88OTugvssrMcvZCHxB1/pKz2R+zxaaybGzk//tdomHXt+rdwmvv+P3+Vnb1aSdrYL+z5oWuP2cCrtlpNb5pk/OSp2IwHfFyHVlGxrR22aoAHWxF6lohgnXfrCasPu05K8298IKL4OfWIuwWy1KonQk88ICuoWVfaZnJA6P7y/gEbDJEYn/pd2VP08u8k25kNFpjlU0zgioUOC71dZbKPBpfrTyQX7ZGjebE+/bGvP4XM+WsjYrHI18k2zviWkPZtVcxU0y/nlUbPpH18gl3tVMWJxvBq0CmnFPca2oAqDTXk4pyP35LebIRcLSOSFVrx/m5SMXiU83mMw7Xy/VK7CmxH+rpz5oZxoqg+zmOwInwspBirGPdTbWjQhhaJccHlj603yWDFRVHFHAzEnCvnkofTFhfkG+W4Aq6zZ/MF3o4srH9xsw1t5AshS/mluN/Qh7rUxEklWfZqJ8Q7+bCtTUCqSjjoRX1VQIEnpkK2n90ojsrAblC5C1ndX/ozFFl5cuf03NiTBcu698dVpprhihgwesqXnsFGYWT89Toa1tyWD+6/WNFKdopwUaJVjAuNYnulA8YO+zsbzKS6Z/TYxcKGPtQ2tHW9ZY289RL5UVD2WyJGTgiVSqvMVLnabLn/ulJU7A+Lx5D06C8rxoafMpmQp9nIEGioV6wmujM4pqaJazHleMM85zLXEoQK8ZhiAEFScJ2J4Yt+9KtxOCNytILL5SekSw+3YyxhQNZmBAhS6xV/iBLiFFTrtPonF0aQ2B3xW5dRH7bxv5eMnPxnrL1uZYUCFrLY57kGNFSMKg0FskZNYmntbOJJifQNv81ehs1NsfcltJ+87MXznFO49MAHkUxTbEBngKgGWtTHxjoGXELGKTLPlQEbD7sS/SbuJm4bUfrZE02bC2unrTC2LMQJ4IhyPnRAvOhVosQQI2qhXG7o6PH7S8kpcyulmMzwtShfrZUwjhDWykH3uZfAtf+dBnIfPXvNjcgrTmv0z+svo/aCfgqv/mflVzLytHi0xcjZttqGhVGR81Atvqlv9UDTSrn9geOKzaEgy1akEoj2tH0cdnTt37yOcr4bQ1o03pF2R9JJLtnZC11h2nimjUXNHFm/RK+iSNkV40sKO9ymLLmz+F7qYB//YM+ASqmvKcS/fV4NqOJfBxO76T+6qSlXdjZMhr76PV/+QNC6jpIAEwqfVUD+uXULDvOGNdkdxLi3upkbVCVWVmp6bSTsJYe0MFssy+RWZEMDAFrxoYHHNXiKL1KHqMA7qo12XOzRXsP8jL3lVdZeQDgFWjwx1elLh4CoxRYiwgduhJ6KCaHCPwChQt3H79W3H3vttEuTn6iRB04Yowk1kMQ/whiufeWca8AuAcFk+APSJSh3ZklOVhc8G1y0dE9YotGEEdiieCaaCuUOLdiu3ViQcnkAe1cLyLGe0Q17Azq9shCiunZMhl/UC6JQYzRZ9PHCkZX5BtC6AFN/bKledOajOgSDBAfMer5s1/xaXE7NWPdt1RtPbm/0N4AC+cKKS/N8VV5VdIyiSYYB0MDOgPbQkRTD+q4fLorRHYHd3uSGzIzat0tcWH1cijVXU37RtTgfxdW5XVMprm02tlNdU03FBgJcPHVvynnn8OjB3ykIzO2XFIr0WBv/itvObahnSRcGHygbyhbIJR7sZpWR6f/2pUk8utNheU19MQdtRKyShBW2d6ffv3iuY2R2DjstVnIIy1PGgB2/AbGgeuVXmbf4uLmCVIEUUebtqfmjYv1ZnHOLuAurNUmH0ulwOVg8TZr+HkWwS1u92gF3XDE86kPszOmmNIKvvW6/9hKbu/au9a2YsUxeTkYYBsXV5Rp6ruqaeQ3e2TgYXkQC55hJVa1lKJGnTAltQBwSapXw9cGWoqUK6KFasr/XCJRDX+GV0web27g7XUjFG/EkxhjTLsVlUTxvgnxKG7BxsFaK0ZJ2VB4+6BTIN6rzvXmjsa5KVt3sGRdQHUN1mhdiNHa4osTzXQLM23TCa9ugvbHDUobBmJ53cCMdjK3QVCt4i7JVT1AFUBR+7X9fZzs/qpg41uGSS6uSyIpo11cyIcaaR6cZTTBFrd/veh1n7PfsUQKWp776Sh4b84QmRfZws794a/OqTGlUUF9Zaa1kb/xxMhRsWD1n01oDeXEx4eH+yGLGQnmU12s67mUObZ7dXNjaO2G4qMfozg7TELeeVpGH44vr2gYIKMe5LpwoRa0RCtslDkPQ3d+UqyzMQP7iU8uaVqcWy4Mz5uCUmXgMCAmMGZCaAhQKZuGRKVnWNaYwstZPg6+9dIxuLhf4hs0L9VUMxH0ucwHqHtb6SEPyb5mbej8T6OhbhTAg+tz8IbhWMpPqkbckOZx56ue/b08glmWyFYJolGUvP5gFmJFP4Mo5tni09XiWFGe/bh55ZVCXQbc4SvddgbCBWhdxpWF/qfNm8AeZmHXuCTTx7rpNOi/pSQv05IV0n02kIse113p7w9dNtC56ajV+/jkI8kjRC5KTRQ9+Yok1k7iOnifDlXmIdWsd55Nt7Mx3L+H2i+7O7IjHvRE7TNjVsJbQkToyJ/IYICLIQpEQN2oKBHkPe1dJ7K6psnPHroNrxxttU8vM+wo/Kjvlq1cumwwYCuevW7BaR9wI0SDnbsA9B2xMnuywP38HwkR5QSjU2uNC3xfmx1bQSe43zbWpGCFFlWJ9Wl0mUsYN2Qm2yfG2qwrhtPeZL5GgC+kY7hpB2w1cNh2Z4nKe6EE7qDdsBKLkABtmeHy7N/rhxyr1byNcDlylzfpVWoOzVG2welVFr0BEF1/6ZCPmOieAIOnev1wZvAEJfKiDTQlG5ETQe8J/xE7Z/Q8Wwm5j6Mp9kMFaDMulhOsibYq6Q14FuscUrcWUrEp6HnJs9A1UDE2BY1i8lqAMKctMHPY6MPezU36SZmp/Md+hMTZIGhjEMl41hW6/9859o4gte/kIyST8UdLcur9YrJcwYUpRTATkWMO69vWv3bP7eABKtXqCLxSgrqjUf8ttDFhkmAc55zngdPU1Ns0lBfObbxvN2iDXJTBgBSacZ2GDqlURYMQMnlbwnCI+k6pyRczJ1RsLL0DDfhCJsRTJwCIWiOVEykg8JtF6wLOsyKSQRXS0ORgSLX34rrwXskqXAg+DypZcp2roVnwGKrjbYchxfHUCk0+GxxsdxBquLXeXTw+5MEfkLX0jeMLr1HfPKy0gyy+5KsyxarygByDim094qFL2ekVU6xgTe64MWhBCFOg7IsZNMuuqWVUHMt+Hcx5cN3lb2ei4t795OABfTtHW+K68mc748oj09RSbfGHV1d2XrN7pF5fjiPDolJawXealsE4aKhOlg4/K2f/syLbOAL+dCD3xK2L7m/juw+5F5zdl2wu4eKLK06LeX6YoXiKDKsB7gftBZexTejoCdt+1Wn3CcqfxwS3GOH7stTfAxaLs5h42K92tzKbzyPk7652FwWnlajqAH2HaWCiryKDdodmr9kqyVF0B0G5kJlxMSldc8tb70BPlCUGqhezvTD3pSywUcjkA/JSFvUfUzQLJlGtYiMkLSfMT3mr2ArLtlIq5g8GneoiZtzv3wkUAArSmL5V1rj0ty1zYorv0P1Q9SzCTvU45PYgw380+euDRr7fwa/pMWgIdQXz3TqfTtlgw0guj4NG5Uklcc2r/W1aoAHpaGDYY8KmVNwtyUqeMMKiJ1wIJykWSHKNjleacvahOPwVTu3Wg6rPh9hqTzi0LOaoVGIzX4j/2FHCzyeIvms4Qv/YWo16pTQnXAP5j1WRx/cuQfXU6gsvXRfvvvhpvTP56berAAiTgVU/pwUPZ27lSHpAQTZOvAJbftlN+r2Rn3q+GRGsy/E2Cs/RYOErfzcdbxlcxu5i327BTETKNKCiF7GsN357iTir3VjEkSQam2fd2Sp85V6Z3sGnhnOHBxy3mzzhLsi3asvVLX58P5d1y0J2GnaTD0BfU9+SkFKCv8i6wJPGniB9b1mlwHTRY8GFLXK99mZ7OvYOt80y/08n6btB2fPfrRXNvpzfm/tnQUvs0sEBaBhZiQF2QyqOm+IRTiAD+Cu3NxsRHT959vkUn3c0FWP/i2X3MIco0nQAY45HShBWyL6y9gT3Y98pqG872626I7u5ZOTP9Q4wLUyP1ltdNv6M05TkY1u4ZFMa4HRQ59pjJIgVy2dRgufJzbSTKvMtBjpKpLhSW6gWVWDYoG2hxwYURo97WUcaUkCbL39HaessAyIVEHEsZE8FbL6qno4zfwIhlI5zBgJheJlhCX3lzC+Avah7pRJeQ/YVu0X+IMb70pMWkmAJj3dnaO197jw+M43hjkykoApog3ZbuBbkFJLawtpDfpMhD20CYqIw00S1kWyBBm/1eYQATQEIzlZPy9/eanv+qCuQ1zsH88FqmQZwlFEbAmFLKA36/1ELO2N3hXVKj4/YaEchNNtd3GPDqj6/nvhfQOWW3w3BfJNasuhTQd+0NoGZUy2TK/IEoIXtI69mAyI6Q2FcEQ6ZMwbGqSmlJBWSqHtimYth32fXb2HsI80rC6Zih3b5APidjVIzErw/ZcraQ7cwcoPVP1mCWoWoFWQ1CW13mn4mz6iHdZ+VEgDUWTpDJiJmBDlY9KED3x41nitnEwizO8rnAPdKtmDkhigzwTb07pXjr9i/di7fZzS0NTFbFLqyO2oeb6Lmh9yoNuPZy0XuMWvvCg+0bwIVHIsvoQsUKaKVx54rkLWPcB/DEFwwy9YnxMmKRqjQBZWnJF2AoqSzHAmjuWGmTsHFg/iczfWvkz37Hv59rsr7uYEWpAlQ/yHbgJfPuGGWeedHt7YNA5XdfiMJW2QzaqDHC/+/og/QjgA8HadYEv++vvpjJTlXPI5tnJ+v/ONuTdBQqgeNwJnF4o4cIHI956Av5qoQ+BO2oLaP41NE/bpMt1uLrwYz6m0iUOW53MzNprBzH8c9ufOUzszVZTCzdnchjJmnFp6BAKQkOekrN1ym4Uv6X1wfYpcHmaNQA1++JgFbqOi04je+ULmVsbW6NpoVsAG2bWLsICRCKndqPUNzUSZIWadaiA14yP+q6G9fQdfLsKaM9u7miWsyhJxHuSWXNKHk4g77SXmDuONv2AlYJJHtqn8YGw0/kGyZRCw5A05G1AE69l3pIagOBG8dNqNUrcgVVjsYb+wPwjT8pYY/ZsGIqY8/5pk5n/KLQk0WpNgMYVGSKVeqU2n/6RR07E7WGcvDgnrdPo8/9QTMzG69TmD48omvIuMmQ3fKnfqGRmx/5bSxZI+s9xP2tJ+b8W+zoKIHVmpeOMfeEmLsf/ROElQyy9GP6HfUR9vKu67ILa8f3O6jsWUw5qNcTojax25gywLBau5FDUiBaBUiS30X5seUhC+uq8ZqJOrqG+iQBlhGEDvy3XSTp4Z3EBTOrKY6AMHYWauCplufK8iF96EKKGIyrNyKR0hP2Akh0mfrPPeZKfx5WWVeXURYoi1z6PwHs1AclYFoOLr7qzuF/AJcyS8BSrN1aPnk57bYIG/2ILVzFLNQhXmeRyXHXstrWhRk3Tjrf9kXmRuB3HeA4P/LER/5hLkg73U5/pl/r+TEAIEdUwufgBmfpl8ja8rc7Q2uNSJu2wjrRpi83n3CiXouGZ6i9yrthJzgX+tZ3K/tK9INfwRVJbjuRQJYyCYgH2Yw0m1hsoAshASTOBxcjGH31B+2Z8jZ+hAHvCrC/+R+WUjsq6p3ffiA8QuKuUstWc3Fu7uLMyNCbm/890m8pc+i7u5cufXKd9YLcmqdXv7KGXyvZ/dQ3jrT/Zjr4Jzw69SoFqPw2wrVffRBXBF3Cgr3Sa0wIsEek9Q3GoEY4YsNBT3Kh4afERGeQ+OMXluk9oATrXvUY8IXVhIuY0teUq1rNKbCOztWuCiE8s2mkbpVGrkm+8in/3jP/aFlbOLegsSzubGobjfQwkXqg5Te5j0mXF6eD31gEv/ff/QHnoa9JrZsmV6wVH9DOY0ZuK5jST5e6NC/VgMuz0g2g+CAhy7GODuRfJl17olFbY4ADoUcDAI78QNiadb1+Ybn/dvhZ6TXI36M/BP+h73zjOUsRW+rBZz1M5SA4+t8GpfLXachaVDANamqE3Cq04Ti+pbDL2vLPibaCe8OY9z0AKlJ9lkYjs1wLy/+luOEYnGw+fB0Rs4Oi096XP7munwmq7juDtc7fAuPVB5HbPrVzsnN/LXDAfav3umNGgXKoWZqhb03WBsLtG99dOdwkglMtti2h9oEpi8qbFtxuOP951DmHXQxnYp066gKEjwAa7gIu5NzCHiiZrd4YuucELC2jwq5f3r4wBD57CzBD/jZugcXc3q37XUffpR9FK7kXvnff70LB3eMs6rIfCOnBD43LU8oXxUX0LKDXR7NyXmJ5RhH4jGqLG5gokzZh6o6U9Pv8cM9oFV47MIlvYnXkJ5TyAnSfNwhNsEKAwItYhEHUdhzECR+xgIkmDFQEnoo5jQGSpTg/QQY47++TnNigtmqHKhDUJzmjbBFDejIEb5nB8uIk6Bw1THM0mLHmxyv+e5okeKPcgq7JanoWXg8/KNaxL8ZutBkPGwkilCio0fugFGIyak96Li0W60jVQeHoJ3ckD61eVLHmYg8qLiYvT0mWRzWuiO6Tu/Lzpz9rfPA183vbuTB7pvH6Bqa13jr/s9jIfJYJYbpkTuGK7IROd+USN9A2/WFpX3wsqJWffTJc8F8dSzG+ZWrjVhzE7JuIpUIfTvcZl9rKtQ6UpOsD9XIRUnFavsZ+spNp5ytCTQAa3nBSb2gS+cIW0MDjrbflvdsgbXhppa+aDzvB0XS0WAHI5RUg0PYuN7A+RKduLm29hVFdgas/OTe/2kZUogNW4oHYf1AzYSo01kM0m5jcvQPJUSdvubr0qZFwfjGKjyn7ZbtHg9aIMUIcB1OFsm8ql20M9PGsDbpAwq3JvvN9UwP0rOWmjOzObkhV8LDp+WM7BrmjJmLpsaWPXn0aktGSpZx+QNaPQTvocIJDrf3K3R95A8GWC6zCSfWGRtvsTH9V2nrsRpu3DvY0Jk8mxM2Xsr56M0QAQn7Zddp5/gLMs52gey93Hc0WUzdEr3z+IHdDQ+S83s4nn8BDp/7TfGV7NWLyNLgXu9AxdxHVI0zM4ZoBIBa5RYOTaEw/lz3NfyXu7f0KKXE2EUjov7+1ENQqD64cWffaZeDAc30P9loq5Q76DULaROD0BERlfvetUg9euIXIa4fYYIe7MlCI310ODsCLpfsx+8ueiPDvRI+7WHl/Tt9DvLZQtQX/A/pyuo3xS1oaMzWxzb0ivViiRIyV/xtqphUBy0i93WM05O3U5XduN87CGZ8L4RKwRs3uSeT9gZdS/tnCN/kcxHU54P31HRPtqZO/osoIq1Qt/ZSos4adOfxZB5hgFPg8tkEoqA2fRmHkaagicYTrZyAxsQ7ht3I8KfV+RD1UjsGUjH/wcJ+cwpd3OUXyXC0HYKpWZYwFmT2i6f3CrideqREqBuS+W6UEru39QWUY3ZUBb8pZXu4ZvMsB38C78z6c7m+nO/M6o6HH/UzIBOc3LnTPFlGi3C192MnOuIafGnTeybfg6aGvTmrQ5lh6K3Y1+93arMZqYKdwpcIwbfH6zj7gDE1/RH5kJ9ARiM2/KQnVTsG8l23AjHMSBUbpSPpwBbNbdTxL7gjfpQ4Jpmqc3U/eY2t7om5rtZX2EAPYyRYz2uLJRzkpfhaWe+iXdZSznv7Gika0SXdSOgSWGpuXbdQChcEQybAlssh+53obzoWbMUa3EL+yd8Dsjb768i4Mzv0MkTtfxf5sXvoSxIL8UNHpPqzJXf6oFcg9f/F6BiY+xvfB2VzmgJfdeMtKhiw0bfUYGdBSLCTUYsjDyoHEz+XsmCshYoOWw8XL9lPxPYEhTVCW2mFAWnlQ6+sk9Wuod1Begtw/OO+kzAsQB8m/z4zCa02m6ciwyR7k8s9B+6FPvVPowC2VbtS6+Jb0dWm6F+wikjmIdsXvu3eBS7aTyCGH9y/xCQ683ITZZJpNS3UKGS6ee6Q2gyrGfydmR2VtNd9ozxV16pmgGxXjOqD20IWtL33YdLiO/8+sJv8kWqmMxGt2CJ7JOTjHM33RGzkxgfuxo/VjaIckLkBaXW41KSoeUhyFD5V/n4NmF4f5PFJbkmEtuYOrbjm7nwddnsMbW3DdP2gh+g4HQWv+HpgnHftj+ao4GwBzCkgG1Ft85Qamsi6ECpR0ahxKZusXlqZG5Nw5kG2yeXLBofm3Tjhba122sViC6ObbsOt4FM48p5aUi++9Hmvlv6UvW1i6KCUdnsgYtOffT81cAdGDdC4iba7nipcj6uNsIwRjlndCROxRmMQ4Tnz36ubP7/8u7HV8TmPjCkh5kyJ7/NwOvgoed2F2xoU+sklWEJE+HewIm3gbFJibgZzVYhsWkr+wrgy+LaoR7FdbHUaOLK8TAvhd33PPK1H+ilzIH7cZ6NCiq0KzzXb2zAPzCJGjXn/6J6tYzRq/9EJw7lkSIcc0h7xlNU+nFQ1vvJm+F8u+bF/Evjt4+uZX2fdI6hiFUIxTZhKXNchAFQpgHs/+FyhGX3KKeo6cxfc6/3hH4nyn1dlYX/IJVuVWVtJ7gBwlfWaDPBLnKzVunpMVN0UCTjF22sP/TnXkyufyK2PmQf8lI4spowOOLTL7n9OKIBfZRCZPaNWNghdLtl3ErJ/Cx4z3GLlyCbC2UNKu9OFG9tEQwNo/Aa2vf1dev4If6JU64WZuTo45q5lEbW4Pt2/vlIAlH5ZCWGO8mCg45R5MmzVv2h9Y8nXlUWlj4utqzFTVKTFHmzWElJgOXQX4z+2+dO4TkNw8U0QEjhYWJDAPP92yb+zsHD00ZcKzYavNShjlS3oXDr6NclqzFIWoVZ1QgRMkFTQ28sVESVnAho+SyQ7TtI+fYfFvK4aoyyj+un7hfNj5LOD7mD6C1I9b56B/ISQmeTmmYYTr/+jm3ZM2S4CptPnd65BL8a/nAn/Nt7QpSzn+o177Rf/nG1yi+fAxBUEx0n7ODH8ouVcaY1PXhKKRxryY02Lxg5ov+q0X4Gb9D22g2uFnH9jtz/75msL6NqbtbYsft0fGC9K37Ck9D2VV1KZJRKQjcnICTFUJDUZCPjt6BaGuw/pff/zRCF9CqAaDEJvKhaUR3opCQ4wXW/f+3pMRmla/+vid3fmb9dfc2v/aaVwnvRjeDGx8mWf6B4V1ZI3c1w/bgEl9pVavVhnyhuZF7UsvDlfGrVPak1PEfXf2vPnpPxN7gYWU1rnmDQ6wxlbWwYJKIEfuWXVq/e/5HyDwmJW9wP+tH4hntuG233wHRs1j7TaQC34vTZkZmVefC82SizCGqYEiQijDMvHgYAE5+R3+piYL5+6Yo49Nfu/+ToWF+2yhEZ37OmXIfePBMPy3SF1rH9jyRPiepHk1meL3Ec2i4Feavifkne9dYjJ6t24vfu2gopt22eVj+/dB+eoQWQgdArJi063ve6KrYk/06naIFo7cOXROADmzXzohWLyiThpxp7I5nSfKM5M0ZPFtedg8AfNm/dR/MFzO/Y54kvLtYUf2n5WVZ/SpONb4UPAAD89H/nmyDUXi0MqjlvNiXNkELf5Pn7qvS88hu6BRSMB9YhKrI0XdAaPlnS8F0+gVHIEB843gF3cO+fWVSqFam8F7J1xVJjxAhpKJbrCLp6aUM7j+yV/7Utkk1lvBO8igVAm5G1dLuzXWMgjYaGyz7/R+/S2AGj26D/Dzq/cTm75/ZWOphFIMXlw6pR+zHJ4+Pi6PpqDsl8uSzONftnnBRCjGT2Y1Q1kclMoggsbA7t7iREkBT9QJh5ru16t2mPTxuU8WVxdRVtb7r/U5L7ZxPU8JyVdybdjspqaBEHHYYiN03KIllk5l/q4fob2LKS2CffxYhFZjHSPxRJXkd9g3itNrJ8HjjGY5LtOP7N7tyFLRRXL6P+v5IF//xb4yqGM4TI66a2SdZWu/9NL0fJSCTiK8ciUzLSKsL3gb+6gPiH1AvX7jvTBzzLW5gWS46g9ADjA3OQ7+WBO+Z+oICNqbEkTGvP/rFch93we+h++d5sf+PNYaCGgTf3pbENX4RBi64RW3ILZqocwrrpFBUVtXhuyS4+2HtAh5seZ1vohDQqfbZ0XS1kSOLptnoBCQElGWFwwmQnpCx/UYkrHgR0AfrpYhFoklSkUfQYdxDzR8UmES3a7efM2lBKuH//3+SYo5GogQugatafm5Q1zE3RxufBhDhBAqyxdDpvUeeJcsu8ZPAhbBzxAH/cipEp/+i2J/Kpd5p6BuRJvPofhKkz15mXvezOXV00YTLy8z/NCFYwR6NKJ7LhfB7G5zuP9CLWigQDzYVvuA3KchfxYAaPPfyB3eQGLxw5qbglKG2wwC1L4tt2/5EJ1lxKNThZL1kWUw+3TtvYeIFP6l0L1BtphWpyS9vCBkEPAVr8I/lGvL8K8xlDqmD28DVBTLlsX1LSkPqHxrBkaxLkFi0deAZrbmOXuekCrQy+/Dkzp6aY+zzTWsHYGNhPPrDaYtX8vbzgl7vK+7/MoBDzpdH6yM4FLMHfKovV/D+Ai8C2clkpyFIBz14/dvyLP7qJ6gxcCpD+JHFlSFRJuTZU1BWioXttfgrOqfvzXKjgf8WgDvfrxaYDM4F8u1hX++BSrnGxHkUpM64q3LiOl8hRQTwIh1LKKSZ7LegEQTnVBevJZyEjD1HBArfDmJ66EsNld4QQDVdZOBr4brhw+WzMfdhupyQJVgUqNOVskmsCm1hcGMT5+5Ozgh1VMqbgxcDCOpxM40mswGps4ShyUr56Ttqyc9ULK8C/barhgqwg4UqAwcDu3vLdNrnOLnD0jY2e/bN1CZqRHex6VRK6Nh9IipOOAevpXKRSY8rMYBm7KTHTbBKN6lyhAB7eqfaLa4Balimb/zjAiOi1EhB21/WijZ8z87ysXvSlKcycrelsmUxXOkAjvaOofLCFMHesCAFzL7d/lIzC/W0YaykcpjMEtejBrQ7w3sZfT6bfHvsNfQrzkt8zBC63gVtQpRltCYPWj2d4CZprqJpE4Nt8l0+Q9Gls/dYepgsyvt1bfYT9GBMPiV57IzwJFnG+tUj00NlCEYqThF7nLw4SMwoKhptgV0WaPkwiKmkq4dTn21efBwaiYd5Ob/Y8NENiGrXF4iZbq1HXWvPQ06J0yrWwSgO635rF9dlTL1sgcWtnuKV4Av54O5x5d9eOd8ZHdc3NsS0QTn6hj78/9dWnLn8PEXKs+S3WwWklsbDZ5t+wODqu8Mk6c004U3C+dnYWnn8Pnm9+0gcD0d+WWrSjpIn3r1xVY2/kJ87vcLXMQe97/xCA/stWZu9lAWeSI28qnbuMNPG6y8WjyPLwCxmcoHSA8jyHHmPMRHO15iWZQlx0pqedmsjYutHBaI8vxEt7V10eu9wRM879fzm087XouoBbPY//ICZbfv60JcNAFjjLlvz6kBuKvrpBoRlv1o+uG32YQRwu4cx4rCU3L9QYQffMkiF+6OnBzkjfNiA6538FHbBpr/5oCDjY2ecRnVMUJ2hRoVPneMF1Sgljn6RagE89hUCfF0WPrwO3Pe/fRb16nyaK7zWVv56MFar8NOIuRouMyDyDTaGHjbcGgAjL0dTXd5RtSggdK7l0+x5KNyVwi/jHUurChydUV5Ckq/fLNJaBqea07SxXBAf6Gn8+/JMjSM5EXGtUY74oWvRJ2o9fedStGoTuT7jPMc/ttbp1qrO7BgOBp0t9z4Dag+VDy0vZ+MkhHC1bLqnbuMw8mcqbjVECv5lJjdn3b5qOfHZlj2ORdMGNHuwaiWYwmBB4GvwmjU0V71RhCO9y1C81De0gAKGZGPO+/CQB9P/l5bLfmFDQkVLk4TUlpFD3U4CdJXRB5f8UoSURWqTNMIKLwoCrwx2meTqz22h3PyXMpIc4hfgMaZ0nZmQiXGILW2pF/fo4mbWdrz1Xq0aNLK0Z3zYQIMOqgh2wnfbbs5AYn/KuO/me5v4BhalXgasNL7KwTWgD2peyoy8mvrhAEy9agGZBiZMJTPrQOextLFqnwRlqS6IqEgP8aLcl2BT11P8SJqz3KM+e86MM4J1So63rM1vkAip/ZVgk0W8R0dqbriovdNPXNnVp1ChaAHw4UjWHHkrG7t3Dz7sxqp/PRffqnM1B5ua6MwzrzKxzWkGriOVCMMiANEPpJU9rlH13eir4lBa2+0ZQdiWrCBSpdkF+4+1FqLZ9Zp7/LxyilLwvNA9+lYv9OiI2r21m6Nv5OPa2ozFRvAZqpaBY7FXC+PDm4085UiSAiiLLLx2JwiQy6wojWql1AkgmSIRSoD+X5tinJyIsWrVvY0GaULObDH/unIglJPXbpLAEk1BQx1kMn7DaTBgRel1cgKWuLaZz1kQsTK+ZVaiLRdjfNlpvFfdVKtNpYT1+UzdeAaI9XAFueh6OgL9k906t0OAylLwmwf8NH+tdImcI2sjVNOruXTigOw0OBbfhWw9sNNuea75lKcglbisSncOqVnH0MyOAHRzwvpvI0cBnykaOm8rC7+LradeGy72/epXj3tzbG04YguzI8HoYDAQD3gfFCE+tOtxcdMYAzsiPQbSxDe7pbkpizTlyG7WOMue6pPDXiB2ISsYDaWtQXnX3mq2SShXdKqO0sR2NTq2h7VWKl4i4wRGFCSrAogXVVrkOKr5V4Ne6sKzy4RvVy5VeU4g9LACsS4jMl2A/bgVSll7dDUamOAaFrZ/BEWhId+bPUQTpeoGaDm4GDHW0+Prh27h6Dlu/JeCTKMInMoJlx0DF2eWdSmrJI8fIPBlhPdbgStbVhBiNdtmC8rfar4FZqJhRor5ZswxHjaV9ig+cMLGuwWY19DNagqZSumoL8Kk+z5lgljEd8uTbdP/4nRuJpjagb58wc5RlGY+6BgOmxLrAwS+nA3YurQEbjeDXjpnS+zQ46TLIvl9usBTKecXn+pF4VI5FaoBwNk91nkGl9EDATj5xeM/8eBZh6Z/BI3lfjTBf1PU+LH/9iYrrbfmHlrL+nNW3UNu4BR8KmKfTj+/bujvOp/h5zgGb0m1riscpAxux16t19+Q0wxSct37a4Rxo2GGPEPjprLW5njc2bDfVC/Kb/0lJzQsc42X5giz8bWNm63tfuyNt8SLABJKAdtgpQqNbRnXzL7+Wo1XZfaSyAetmpTlRbuiPjwq5RjLdcsnnuKJ0hFL4OQeiS40MiqxESFJzePuiedrWSzu90cFPuD8fI6NhHGdF8aSJ8BFOsJ01UxTaJFIGOiYxUP1g43DlaAGgj5Bch/851LQl93sLDyYP2de93E/agJxpSBybGCpEl1JgPMIZsQZKiW35GqckWpKpWsoNQErqNkeBBmpnhRqSMGHGVtPpFqXIajFFxm/v2hKacSs6Hr1zMwv0+PqWJ7KBzN+WvzYyC5K15MnG2QeHzWidkBRYe7Oul1JGd0z3DB6uOz97mXfPeTYewpf7eziFRlc387vNOasSot2oLJoqwEqDpd61xrAhgt9GzoD8fxPGrFx1DwUNtDa/ac1yKVVzgw75wAKEHH4SclVzr9za65hxFhBrcFNtJvTgyQAULeCRKUKYpGcKTHqmNZQAYH0q99dhtOgdqpbyRlKF/s33UhlKey4j/fX0EP5u6uhLBeDmId0Z9zkdIHgB3L3b3BmPu7PdYL6sjpF0i0/VBPuqYDSRUMyixR7zES1iVXdRXieBKX0azforhLXpg/HejgcJECwaBtNSB7AB1Bqidr7SLAYcQYfCqEJ3KKkbSMrsE2Qu8OMO5kYX24EUq/7Z3YAW52EKBouryx4iwfXVq91gcTQl1W2JH9DqFx8SshIgF70C5zFRI6m8bQB9onM2NQlbepVAEEljjjamJj7rlrFHIj9c0uX1IpoI7cq9kwy3ALUeLDgildRTd5l1M5c23UkN48yJTOee9tYK06UPc7hzgdF3ZxCAnyafNO/iRuVbD+Faikd3VSYQFbBsgvKO77jhJdvZFIz6Dqc+cN2S5tbHXxLrq4WJl1el4nx6IUQgxLpUgArCqF9EkCO6Wdear/QHWEtKhePLJB8rVrqaquqX5ZaCFL06g0tZ2mfnS5MXXqN+okePFJpHyIv1RXYbWWmkM5y7kL+EuE07dmdC3VSDMmXU1cYsB1PAnGrPSlzKofe7KWz8mbg4n612uA7LCEp36WJtWns+kKYNVh3civQJLV022b/fiTRGFnt9pvrwiKo2toFBRmY0yQmvi2YYFFnr1KM14OLQ3dxYDho9geurtF0ubRlp7pHo4unQLkCw0Uiekw8wH9cnm74rOm2orSwQ7Xmz5aC253u7nejOocVmAYjs8Xwu655wF0sxeCoKJJqnrwFNweZ/9nxnnlfrO7NWPx2LIN176ajOooK4vkJdetVlmvoiJ4ZeHWVHe2oxiUX+34hbyiRmSZmdkDR9uT44dXqkDb+TqBsvqiYRLA8Een7vkY7kWxlsSZx224572LFzrcbwimLpOW+kqDLfOP9rJ2S+l/HFkQTVlhwnL9dXIJWgwpkYyzf+KX00fP/xLoGXFaCgsVipVIrYyrTpKUqXd6dSa0R8ltQq6imr3Bj82TJ7AZyIUh/347kBJ9vTE4TLUB0VInqftCIlPBlUhVu6laFEsLm8om4DQ50Jns8ZON9cHvXDs10mqtdzPmQNDMBuHgnMkLsZwZ5+Z+KnIVJXOso4FXaF7HSc4BHF2WKiilrIDeHbi+gWN7Xzm09slaxpZqjVXIYrVYRP6oS3GCeHnlyfhKUIc+xW1iO1PUJGDdActLkJGlAxKrfiaRb+l+oqqRrmLQbQd5IGhC+vB/gb7+T0zOBBfxn7V9PsKJOVYB5HsNfBCDCVMuzdCpyLCtOO3LgThZ2kwnlUfCApeURJlkuqknlODMeuH7uahBpPekYDr6Gu9f14rSxIPbeH8FCXGjJ6Hxwu4fxNVyJ9+3fF4zRG0O2ClalvpC4Yq+kp7ub/ZMZU/PzuQxWwiDpuAmDTps3Nc81OTpCvEAuSS2O6LWLrj0+6CECpz1wkOCVMPGreB2daPSr22qKwsO3CDbKz/9kErBi3YFKrmNsblubFN7zIGxu5+sx+PmHt4mt4w/Tu7nd4rR6NQ27HVMSNdsSQXj2Xm6yzS9X7i9DpsbXfUS+kj37pFBzmZtfnv5NgeYYxNxDKsT1BojoGp1Cqld0hS/Udq6+eILXhBBfteo00dEH6hUlVagP+o5RWSx8AGEw/3dVRTNc5POJv6b80cLUKF8EJCEQFJ+AYxzuyhPwGThl9avHNkKs+zqnyEDBOiNMGjU0LWDcHyq+XTB/WCH3NrgOyyPDIxWZ7ZYZ3ZmGxelM/L27FYT1CD2uOu51FMylx1iVScGcfFb3EEt0v4KT4FCMS4JAEBWVHCJAxxq71VR1DNVOvTlB1kolyVhDr1rXPLjhWmOf7+ft2uRKSE1qZRmeMYbO/Mb4RL21dOpe6rWV2d7gjFxJFDzjo7iwVYytgFU0kDpUFOTY3JOJv6HENPNY5/H71oHUIVzB5Qx/LQFKuHgrbz16g86I7XdjRSkm186qEClopMW0AZLYamBD5oZB3nHvcilFs78R2dH5p9trxJ7j6tflELcsFAEYtDvySjRc+kQg+Fw7K+g9fGlywdT3ouvNC3sKoinNfTHxZnj8QPsZ7PzWUlUJPZEe7uYjSgjVx9uO81u1LKBUAxpNFRQJzguCz4SpQ5e5hX4MoTz4yVgY8fZWA48QNS/Teamjqu4QbEPIemoYduuXrJ8T4z5jC1EZpzQXNj3xFOY/fPB1hvkxd67qwNEIwuqCg/VS5UM6otF/8Bt8wfSQiuLqOyfsrhkCUPPrgQesx7Bv85TopRjHWch25aa+6pa6gybgDhZjsbfT9ahRx3cbETeC9LX6AfUezCTTDBmebG22MuOxZkRz5q1Pphoa0F3xx2GE36v8JdTzsxXBZmriFz0zWh8cKdP29IdnD9WUDw8rtRqb3ZJTDrzetlcvKA5aVUu0TB1z60VKen0TB3/0OcIf9flj3fWGP/sx0cg0VrF4ABfjzc+iU+eCq5/X/U3uBVx5etTx211gFLA9nWOA22udo75ziMUfHTKOxkhZzbdvb/DUs14Z5blldgax3UO5Vesn1LQhJNW90D6N+KJYEM6JX2beuDrcXFMGgMaDKmUyuCdAR2oQ223daqdkqvb7kVeyG4mXf0nxTU5o+QBwwg1DmSsEOUBOVQ4GWyA6uReN2pe+PTZ9ojluqpaYyekdJmlpya/Ruz6t6+7c1Yx8JxWM3nAH8L1F6B2gQoI9mxs843K6xwlZr4+c9KgQ+QCjlH4y23wbbjB/P29BfjYEWtjgpyx5nCL+afK6BTbLzECLXTG8nX7Q7pnvQ+mLzoTB3jjcpoVr/GrMwJe7NhbQ3ZAIwmFd1LaUJv6sH0KdugVw71Z05frSdf4vFCVW0obMDwv1Bj0guyAKObXh12QmRr2kvb8C6t123IcQjmWkH0+hBUgq0qyft0BtSSGQxE+rd9VDmeKVLfeIIA1LcV9YRYVAhD3fa8LrmHs8IQiZY475Y/kd2C11PlGDMDm0+KpwMX7qVhRShHt/EiozS3cnxEz6oLyBL9NJunb+JNStTyih7ftT/6obxyQUXyq2UW5fwfYSxeQR8Twqc8D4gw0SIOcUBuS8bGB3hf9Dz2ioHnfdPQtdWS5lvP9kz/TmB0h4HybjbCnmuy0jKUn9tkp8vUJ1RbIwLyGYk2v8RwvwEGxIBM4CTNlBS+mDvKSVK8zfRvichXdGbjH8lNxCNmEN/GakcpjlZ5XmzJGn9AW/daJm8e8B7UkVU2UrwRtZ3jydrP0phUREyahzvJcw4swSTkv6CzhXdbkAAnb14iWEgIvwLrQmz9wAwlZqSuMHBAkIsLxmCzGKNNjYL7dwdrVgQHihberG7A+YyYFPPZG31G2lLEykHvynZunQUHvHsxO5lUTUiwlNsGZN2VnAxVgWagaVa5S42E/P0OqQjjMPI/wRlaUmNPE86nAi23j0GyV3d1Dsysd6uQ6pWWWPmFBu8GY0nNU86Dqo7rFE10PU7Vv/bP+f9eDESxA9OE/1ZS3kapRS/jouP241I963zy896dviI4VXVeFNzFI6lGYMmdqdI7FY+X5u+nPSOBFc1kxsaSre1873GdWjY+oKAtsdczwzql3niY5pveEXXld2piLCSzwIifUrq4+I+jaSF1lFXvLv0Ce68jlv56T823txp+bcOk4ykG/2hLkA9t1UaS9hs9BCh/V/wF92FVZoU9r+i0AT+3hPeiDoaxg8ZTT2Gs3RSwYiCkWqwXuZnZtAL4U4Ua4c1mZzho39TXZ0fY7VlzVWc4wHHi70bptfSHDMOSX7fMfh+qMlVqDHxu6Z7nci5AIwTkQTVpBXxBz8GnCqnxYbC7UjnzXlx4XkJ2xZQf//1/rK93mz7Wtgv/rT+8l8f+vPxub73/hxxXhoEjL2+C2sCuTZTnG6Hup0MlY5UGeHHUOF3pRpyCjD7Na0MaH9wiep69tr39fR85VxYkRr1t6/er33ggh9Kot93zc133RV33T9zziD/7uf0UkmxQVXZKlUGqlW2bKtbJQ1gpen6jTNWyV/Qt9si+O/8wkmAfHZ4GztsXJyWArZ2JmZ2N25+dQ8FurN3u8GfOm983uNye4037v/P2DBv9usLaB7/88a/CyAc3/wXnGeZJzT8qplFHnb/Rv6KfoW+vH6XfqSXwf/qH+pf4X7n+w4RDMwHZoBg2MgQXi8C+UQN0fowDjBkaxjB2cxm1YgS0oQj2OohS16EAfRjCDxfgCq/AdfoU/DVHZcGfkY5zsGoDMWUUPlnTapneCi81A69x5ay7SGgML8tOLzXaZWuXbAlFZibqXPgfmne2ALIPOhJYalhedfcXg6M98cO+SnxmfTwVqbkRpWmPSrWVqwMnHRlMFQKsTodidS1O12WsE4+gJfm2SYPRVMSDSnCXpgLado3Zva3ftex4Hbv0kor34hxe3eEcXsf6zWxtQqMI1ftgcjjUWTw1jHRFLTmOkT7Qtcofa1/Z200k6bO/SbfXI/cPMbnnbJNfD4j1Mm72i4RZgwUlKy4YUWM19u3cL7PcP9pdRbKA6eNQdbhxu3pYSeV10apukMNppg0bgxVsV2NnuyPPoTv/52XCWLNzeOqEBPWMgX705rZrrQMkS3cVPVzcKmaMXn/cDqVB1Ge4z2SNqCDSqQsvQ04TvFpEr3/mQM/XgaHWQ7zK+y0eruGws7UrEz8y3vUMFMdNMvIbcFoO07T3fcCtOzQK4zVDogfogyUojN2ad8SjL6vRqeH8MKVU6NgBTZf0rPag9MGeQdaSxe8g0LM0XrtoyFyIE0c+0Lnp7WJun27gfx0cA8VHT3yDwL6fQ8JOLPMBWNIVMFWlbmSx7pfN55bCuCTY9DMci4Mz3aAGkzx7Lx/D81RHxq/ete9uL7u+6wYWHndPcsN5m+z9+8mjzrbo782C6yj7CnpFhApRkN4dNUsIgzl5oFupGyGzRiNhg/GXagTqjysm8whk14/2XH7rGToH15sgksypbPo9/YnBMCizui1CpjL0Corn8NGSVlVrrho1rpYsy+W/mFt0p3pPPGx7OYhHrHOAZXEf8GyzYBb29eS7BJP3IZqkngM3lT81jc0AwN20DvqRPS8RwxH10WrpR+VYbDVnNl6Q8zRMgpmXHZQjc+unnxvU1Pmv0e04waf/LneTu+cnfbiR3x2TWsTyKuEXDwaDuwEZG7L933+dEXnpTo8K8KEn0bMhgSYugnpJF26g2r36ZTyt/rQ2JVU35JUBMd7qON/94onSudlKDliIOw3375YCL5fXCcNggA9louHE9EFNF5T2JVo2bpqW3u9h90gYGxtpP0XIzDutcifbePmM6frVh2b7bdXbSTCITx6vNeHQhZnGsZMZFLWd75x7admbVarpC1VutNM1QGnuBriQ313Hq7deP3QMyyQijw28/czpUztdiIZt3aI6vXeBHBhuXdVaWn6A3KC0TX7eaSaCnDjCz6oAmWvWba/nypIh7dFQgBq/4IlBK1s5q5rin0mJDjWzPjwI10QOzT9Sgu/16WbD3uZPp45X10qRwSLheTHwMFDWMqIaNeqwYxSHVETvb764UtgqANguDHSYNl565XExYNIO7UToEm9pgkZFEJZcvrFZLVEuub9JuUFFKpH5EPij66KNkfHVfgzStiDU0zOqX92XqUEGreuWHj0ktW+9juoyDelnhXr5AVIk6yymMTQDalxihAlSRyHWG8Dk1cvwoZ5E0ooH9pJqb1b8+M8Ep82z6JqfAs1e0VyZVhDh/YKf2tf0Z+5FjGx7u7N7uP+T7wPHGiWHI0Ws71YrhRQ4Asko4W4bM9Tyq48s4uw8GmUdUQbgF2HvKepTFeM2AbNFASNqiBRWDaCpSP/fQk3HuTdv5A7P4WndXs+PzkpxpaFUCGm/UVRnAkqrCkiGvCcnc2s6otp09Odr9tB4qmeF4as9DRou37VZdvk4mMpgHxGClHSST491Xzws91oa4beFijVFssb3UUlia0I2CBng0F+swGNq7Z5v3KUrlyHF7miTZWaZ6NqohtCt5iAytagGLi1PaCPwic7R9lrkJS2KiJtOQdYjzoNTykV6HHuhwkyzrRhfUMs90QgyXxZ2Y3k65ySfh4dYYTsuhn0RPzdZUT66xzIPqHxKrxZitc409VkxsbFpkdhouG5K6DotnhKYp06zAScq07/Z4KNPnWCAHPFUptiRb8m9xQS20r1qzrrMos16QNt+Ru/hdvpQomG684wxZ/0JlvbwSUdAtykq5vFDZzi8PWZnReCfUa3rVaNVnBFrZADPxjODJnpKEbTfc+Z0bWAFCqSjvIP/EO6UJbOaw6qKLzvRGAuPffMAxTVRsi7K0mis1WxXwxlymqnIBak2sjw9ggdoXq1cUmrNF+mQ/NRdYaIsnxwFiW9g6DU4D6u6St4osJm7NnamP66nYx4v4hbh9dhT3x7uTdeHnPB8TJ+WS/4/n085y/78RaReNMO/h0lyjXfSs+o8fM8OdqeS0QEi/Aa7/37dOiI4q6eMeQerrobOvvG56vHeLquSz3lpzLW13ZneCQHTqvtaLgnYw6LzfnM9UMfXE2iktPg+gMSExC0sUWwxINt4CfHfnxv3SAF+1L8S0kuE0pbTw5YDNnrbw0JoJRroRdf3S2unoUG3IR4Wv9eaDc6GaGKXIsqTUlGnOyQmktZFv2avsZfUyeRmIzEtyzI73HR1XLwCXtRynmJssksc1z2vlC2Ky04XadX86+8lG8ODZU4mJ+px/z4tCkVNB96UuGAa28wZbPtbWzQwM1peOMREfqAPhfnVlpcIeomPjUr87H3SISI1rMY3PeJMsueViVX3Pl4YS6NC+YSLyDj5pSTacLPf7KFY1A9IERbSHLTpGaAdRH6k7QjYUdRP9IPubjZGZrUdFqpaqFdPIMZ1WzGQxTwqQb8dtctW9LoqUksyr8Wa6kdnPHwvDoUmi9ePqwZAlGpwu8HoDTcOwkJidwUCIt81W+qAR3jhujLsPK1LzS2TL2vIxZ3HLBHnOln08spMobW09WE4200nL/b/jjxHSfwPwMSGqqre3M6JBNIyTce5uRWUl5bonlMtls9J86cz+azeu3t6aYMDQYN8ThkJD6SsBuJqWu4pJFaJxUcXONQxMy2bZvplmlxgpX1vBl0uraVq4lCSrC62yQYF5a51vG0TQuvLJyXkbnH/XH806ezGO5AiXsC1k7Hf6YApyuapRlUEc7Bd0pVXIWBU1u/sktXlWQfMzRq0GHMh6qrdixt8b/yli3XP7M/Df9dofo2myXGMiDRSmauLwnBHitBUZoXN2dMBR3/cdXkNN2bxZ0J6NrX3inrnZmJqKbYA0AZ91FRciqAaNz6RQ2tIk5BlZSiVNAhR8zmb2uKbOpi1rWP+itAfYWh4DwhPKvWVTUNaXQx+s+q2oysjS+ZKiAxrPhyYMR2zLw4cVhHdgnErbXvPQ04uyP8kLZ1tRP/kxhw4anFn9ljb09Ky51J8XN6Xxjo3/uXHHLM7DZmDMUzko9xyY/e8S/Th+GtEIfCU8o7QW5T8+2OBfnKA3/pGsivlOJyTXrEv8TLBgdaRL0oBh7w0hgovHTsei8tAkMa6namxlQ63vgzw4c3LQ7aPWgalnnMc/cZMdU0V/s0dG7Bx+NRkFzuhab8zIe19oERWwW/lUjRRtKNteXtaT3Qx1u1gCi5gebRIs6xODCp4u02swYPRArVYLfDl9ZzMNTtFMrTBrppoEtuwomeVFF5EXHZqKCnN77/iNRc9RUdulm7n6iaAxeSFJKBil5wKb2jTjab1ai8VKJcNoBAqq5INWr3KWKdJFJzV58mcfSHNLfSZ2QDxlCzZUvaqpI2e4McpOzHv+OEvoxqgRt+0ioF1M1mZ0s7aBd6T+wpYU+UMhph6tDbB7vb+wi6cg2fP8fhk2t4T2PFpZU685M4A5uEBkzO1/La/Sk2d2FlTvKMX4Qne4/mi9eSEEAl7ZqcCIVhYLaAuvjAlXAVATHzQRLVFSb9LcX496ZlBsyIfFdnllCbSrMRODZdLBfgHpXee2IhMQVcSBfYv7wYE0XLi917s9i6vvWzi1EhChg6cG0dvZ6sZ7Et+Q/MRaLgGU/TIm5xZSHb7b1DkKcpeiTdp/nx9E9Onodx4ZAntsm9d7KI38JjHKRNbBY52tXdaCRsGFdCSU2wzlazqyjcG8m8j5sVu9a2kKI1b/Y0OQOwZeleXthohhlZE64lKKZroHztCQ/mkwwzg1z2HZfp8Q2LjPy9YOrjhfmzqmhbN/3ZhVAPXhw8X8fX8NzOJnWmAuvBchdE57bpzl/fCjt5A9MDZ+nFARnEL1aDHZ5azQ7nARcePk7nATNPV2MGaB26JMxrt+w0Ba1AMXI2l1NYmE1RI2kG1bRD8GnMXnC1AodeR5YktX2g8FZj57/8ZNSyEfLS/nN/TKUE9HjbDaxc2KxbkF1VJW6jYGmp+Lz8NS8qrxospsHfe+UcKPP8cg+/d8ixw+5ilaOELT7ubxp0jkSGGeDpDDwovwPyLTZTcdsWmmVgiOQlGhW4GHDVMwoVGAhOq5ulYDivZRAK0wY9zfdb6m4G1KeqM23emKiHdDw9x7H7leTAAWMjY0CGIDl6HM8rxjjyFkLPJ0h0jvorxKjoVaEu8hmQquuLZN3yJ9iRlfmEyzGK9ZJtCmnWJN8PtdRUmfm04XEfWynpYeUubMZLtWTKWHLvECw9TD6U6yyRdYv7GrHJjT5GdSLbdwB6efZZFlYtpNw5UNidZMCS9SN7oZPyat8e0JPfHbQuRferR+iB9u2l7ba6pppqzwzeHedJsb+gAloo3k+QbNf5lMFy41BT+9EePOAITdab0NBeZePwc09WuKM31vP2ASbuEH0v7uLWZn044FxNPjKPvdfaCERad5I0MpyJwjYFqPKSGacMItIDhU3n7Qqn8XOL/jhK+ECFGa3sssuTrGPGMGXXEQ9Pnian+POTptoKlN7/S9wMKSczUSTJz/Jc+iNgN3UrLGcT+RJdAzTG9y8Bpesy6mzpbm6bPQgodPZIA2Pk0wAHxwMQAIkjo2AKCejh8AwGA7+O0ikH3wHQBM9CZyCpO0fIBvx5GC/yZsy1hJAQA4V/8oAD29XwBQgzFEtsPnQCqvKJohkPDoeTP0sX/eTzDM20YxAgoGDgEJDToMmLBgw4ELDz4UAoSIECNBigw5il9tGEExnCApmmE5XhAlWVE13TAt23E9PwijOEmzvCirumm7fhineVm3/XA8nS/X2/3xfL0/398fSI+qNYGafhKnzUar0+v2B6PheG19c2NrZ/tg//Do/gOAfFZJQfoEOuVq/k+cmgJl2gEwnViTNJGa1HAAQPsAyFJ4AAwYtEjyYve7INu8/ADAYsVawoRY0Pt8yJd8zafU2w2Af6MDoP9RYwdenpPP+RayRJUi1SrUqlOvRpNmADRaZrkO7/TLeHkZm4AEmpsJGRd/aGcAEMcHhgIAWBQZsNYmg3HpH0xF+QvLz+VO3/l0L1dmMlPZm+N5OH9CJhrGHIuscJdfcWRHuL7x/xmglqmVaiO1Rm2ndldvZsJQY4QTc/77t+N//58YxlHTZ431ttgbtwTn17mIsU/d7Za3GtXQ9g504wOhbDTimSZQTc/t5/nPYv1JLYwuxj8F5bVZt7pv3a6v6xDczd+1tbpW1tI+wnEOhd8nJHVsypGjYytG4dFrpB4+pkvn2+Uvyuh6J4ZvdFwnyhff+h7rFwVSVTqJAgUUKKJApc7sBQXG1c3dm8VHn1FQqJgRjmJQLDcnMwdOKrWG8/tWf0n7p9uKzJWrsmbz9RLWJn51K8qqbtputz8cr641noylfxqdwWSxOf/vH3+TUn9ESv//94jEkk/1aWhqaevo6ukbGBoZWzOxbsOmLdt27Nqz78ChI7ccO3H7Wemiu+6BEIygGE6QFM2wHC+Ikqyomm6xBnfsDqd5Bt3Pg2PD3KPyMI+Onyd5egyYCT3L84zkRV7mVV7nTd7mXRSwETAtn2Oh67fwiNieE/cjnNIMAQL4+Dhk889zj38AmRfi8neu9fzNePf5FPA37Z+NlqdQqxmG2RAgfT6UeyabsyZtz1LhFeEjCZgBfZVevMDL8WzGAEBOs51NrLvMP3SQkh50J+GGArKZ8gMBjasI5BubL3vXdnZyAIDvCb0NOBWjl82sddszGZN+i7skhnwCEwMD7+IhZVH7jMJr6GMq5ppwGppaGMEwAb9+4rz2+EJkZtQZEraApDTWReP2R/S9nFu3CGun6CiitaQloo/J7nWOXZiEXh2jopChgDsG++RbYne9+tkv2Kmxxn01Doq7VSh/EfsNOzdoxmQ+X61fsX1HyjCk42d2ZP9fECD45tN6nShLQt8SZ4TuVoFWYee04lyZxQC8kiCpI/AmDSwPwjz5W0/gB5yZgM9KHE9SDQvUH/p3SDqIvmm6rgbXf0lqx2g3drn4/YTaybMgLNdAzrWE4sDE9zupq6gM6I2blFThVoLRJUR3kGP7+ZA9WvXwYQGoJpnTNhk05gTxcLyHUQWxEMdgkkgkRyDXmGGCYQFet2jvGFo7XrZ7iAQzzcArDqepxGAFBVw3YzaHprhh7bDCvA+g53Mk5HbW4pSJUSd+BTDug+suxPBKg54u+RKaH4F/YBzE97HNMAEwv2OmcDNFDwJCjIQ8IWZCnK/8Kt0Ibo3i/OZs7w+M76vP7T2EAscLqWJfcCMSnv1LHG857uwv5DjN8Qors1X7bhuTz87wik2OQCpMdYNvxL5bquIwK+6TiVKPbBL3OH7h9Rb/3oqJagkQghHv0B7bLBjlHljo2I65fMtl7Dlvx0JotXkSr1/acoVwidDYcmaksjZSjgtwGWqQiM77iXGBPZuW3YzaXRHdGqZ2oqkE6ySn8sLG+yauHAeSeLqOAm6EBRWzmCiuxgFvbzht8SruT26xOwk3eCxb6v54fiHznH/yOhzYyaXxdScuTxcTpAcH467LwvxEK2M7+w/Ly8jYWDa5DMZrXwzelRoIUlfxb4CetniasVNW8J4pcrjWgEN7XGoUdhGZuoLrBBj+Cs8Lka7CPXChvy3H+zmI7Tc8d1KpmMUtqwkeU308ue8N4d3XYO4Aaf+62QPQKfQuE/oenB7O0BeYuzE9gmgDui24Lsb3P3WvT5FuIawKM2qnK0ZVSmrHyEsifbuPH2/0Gde/f69kOlu/AkVIuX9hOX4YMIrjhZbuDV/C3Y6b1gOKLDRcn8PSapQf9q0wVEYpPQE8ZBzpa+ojxc8DKyy2mSAABb/LhXGBNL1m3hHKydyX7hJFA3w/Eo529nz2LaXP9xHNB2SeZC/ajTXEqPXamyOmz7GiASgmwEKByENh5Omcx0Qg4u5HMA+VOgIJiqtns8d1B6F/sAcB5jXvwliy8CqRH4e2j0JLg/jZ0b8+Fwp7EeEZwDAkw+s85zrSAGQHcYi6lYFMxdFR/B63tdMod2Gu7ejTiO47ycPXKq+vQxlhEwTC4obFfvg/l1NnIs+2Bm/PhLVdMFUE3Vr4hgJW5+FxQiMfHnfcje0XXe0apeCGA1nWZHPo3Npf0fJi4jB4mnHKoGJ3InmPT/B8ddJ32xftb9UY4QHCwUcAoDT/N46ML7AvgmCVAhgMQShD0PKP5VgexcAwOCxlOAw6GYEj68pIhCDAoEU/MDq+wRgDmYEGM5rIWLRnwdZsZHEAArTRAAClZyEkdC66icGwO8kQou56DYpodBmGcrwlDtF4RpDZ2YzEcoYZDcsNY3RKH1vGwHHbIZkUfcZYWr6kD9m8svO/jVCv+dDs4tveUJ29kdsblexxWt/fbLTC/dG/XNZj8K/eadcz9tqJb4uUrT3t/yOpic9MnM3sAvRqUup243FfKT0MKOc+VMVHasvt2TUKIeqNECoWdF735WA8cqSRnZSgt74lse54Tu8shUjoPJmmQ81IjFGfIeZrjGFCidYcCQbl3RrJcRjhcYI1AYczHSLabJvWuq4PehMSXDI42U+xoLrGOgPh/ihbOMGFdQezf0tcfIqDAT5jmcBLvQAFFvT5VuZy7pIYaFzy7zqMUlT2QiIiTkhJf+BEUHOaNLchX9LGhTdILfMM8WGAjERslyaOObp19wMe3xvT5+e4L1yG94Vn1vtJ6E3BzqT0x/iQOGNgrggGEnmWJVLrza95BFYFdZr0pqn4xxnAz7ZPOrvxu9ln9GCHuHCq4qq2L77Vp8JuQPrgG8R7iwRQrDcvyLhL2T1n5FNGYDi1WhnLFfWeY4GC7lB0PGKUoMbrzuuEsy8uljTmTmNQAmvoaLLZQOmok1jKn+jxKpDVzuCgR3FYa2Y1qrBICINYO3L1m0h4Nbwz8Pagv0tjAAAA") format("woff2");}</style></defs>
++  <rect x="0" y="0" width="1209.6444540126743" height="730.1247574550649" fill="#ffffff"/><g stroke-linecap="round" transform="translate(449.046845608731 593.6612861565363) rotate(0 67.83414177602211 24.5)"><path d="M12.25 0 C38.27 1.54, 69.71 0.86, 123.42 0 M12.25 0 C57.08 1.25, 100.41 1.21, 123.42 0 M123.42 0 C130.05 0.87, 137.62 3.02, 135.67 12.25 M123.42 0 C129.41 -0.25, 135.23 3.57, 135.67 12.25 M135.67 12.25 C137.2 17.84, 137.08 24.32, 135.67 36.75 M135.67 12.25 C135.63 18.87, 135.53 27.61, 135.67 36.75 M135.67 36.75 C135.96 45.56, 130.18 48.49, 123.42 49 M135.67 36.75 C134.67 43.8, 132.19 48.93, 123.42 49 M123.42 49 C95.98 49.68, 66.49 49.35, 12.25 49 M123.42 49 C90.86 49.22, 59.02 49.84, 12.25 49 M12.25 49 C2.25 49.89, 1.02 46.81, 0 36.75 M12.25 49 C3.81 48.52, 1.25 44.93, 0 36.75 M0 36.75 C0.91 27.08, 1.15 18.34, 0 12.25 M0 36.75 C0.47 29.41, 0.25 22.37, 0 12.25 M0 12.25 C-0.6 2.28, 3.59 0.5, 12.25 0 M0 12.25 C-0.87 4.69, 5.95 0.6, 12.25 0" stroke="#1e1e1e" stroke-width="0.5" fill="none"/></g><g transform="translate(454.23300001903044 610.7636079418028) rotate(0 62.647987365722656 7.397678214733503)"><text x="62.647987365722656" y="0" font-family="Virgil, Segoe UI Emoji" font-size="11.836285143573637px" fill="#1e1e1e" text-anchor="middle" style="white-space: pre;" direction="ltr" dominant-baseline="text-before-edge">ListPodSandboxStats</text></g><g stroke-linecap="round" transform="translate(447.35828363198516 671.1247574550649) rotate(0 67.83414177602211 24.5)"><path d="M12.25 0 C34.97 0.97, 59.23 -1.52, 123.42 0 M12.25 0 C40.77 0.34, 68.84 -0.06, 123.42 0 M123.42 0 C132.18 -0.16, 134.7 5.15, 135.67 12.25 M123.42 0 C133.44 1.32, 136.16 6.03, 135.67 12.25 M135.67 12.25 C135.14 19.88, 133.97 29.85, 135.67 36.75 M135.67 12.25 C135.08 21.23, 135.94 30.75, 135.67 36.75 M135.67 36.75 C136.32 45.43, 130.5 50.16, 123.42 49 M135.67 36.75 C136.02 43.05, 130.87 48.21, 123.42 49 M123.42 49 C83.36 47.82, 40.33 49.98, 12.25 49 M123.42 49 C88.35 49.03, 52.52 49.67, 12.25 49 M12.25 49 C5.04 50.61, 0.69 45.22, 0 36.75 M12.25 49 C4 50.41, -1.68 44.04, 0 36.75 M0 36.75 C-0.96 27.04, 0.16 18.04, 0 12.25 M0 36.75 C-0.03 30.79, -0.54 24.97, 0 12.25 M0 12.25 C1.26 5.34, 4.4 -1.81, 12.25 0 M0 12.25 C1.86 5.23, 3.09 0.52, 12.25 0" stroke="#1e1e1e" stroke-width="0.5" fill="none"/></g><g transform="translate(463.93497911894474 688.2270792403314) rotate(0 51.2574462890625 7.397678214733503)"><text x="51.2574462890625" y="0" font-family="Virgil, Segoe UI Emoji" font-size="11.836285143573637px" fill="#1e1e1e" text-anchor="middle" style="white-space: pre;" direction="ltr" dominant-baseline="text-before-edge">PodSandboxStats</text></g><g stroke-linecap="round" transform="translate(737.1843705885069 631.1247574550649) rotate(0 67.83414177602211 24.5)"><path d="M12.25 0 C37.96 -0.25, 58.44 0.26, 123.42 0 M123.42 0 C130.73 1.63, 137.21 3.69, 135.67 12.25 M135.67 12.25 C134.46 18.36, 134.06 28.96, 135.67 36.75 M135.67 36.75 C136.93 45.64, 130.11 49.46, 123.42 49 M123.42 49 C101.97 49.01, 78.66 48.81, 12.25 49 M12.25 49 C2.69 49.52, 1.03 43.94, 0 36.75 M0 36.75 C-1.43 30.68, -0.02 19.27, 0 12.25 M0 12.25 C1.09 3.03, 5.16 1.26, 12.25 0" stroke="#1e1e1e" stroke-width="1" fill="none" stroke-dasharray="8 8.5"/></g><g transform="translate(753.7610660754665 648.2270792403314) rotate(0 51.2574462890625 7.397678214733503)"><text x="51.2574462890625" y="0" font-family="Virgil, Segoe UI Emoji" font-size="11.836285143573637px" fill="#1e1e1e" text-anchor="middle" style="white-space: pre;" direction="ltr" dominant-baseline="text-before-edge">PodSandboxStats</text></g><g stroke-linecap="round"><g transform="translate(588.1924254080072 612.3090108639277) rotate(0 72.91304347826085 19.572020984666608)"><path d="M0 0 C24.3 6.52, 121.52 32.62, 145.83 39.14 M0 0 C24.3 6.52, 121.52 32.62, 145.83 39.14" stroke="#1e1e1e" stroke-width="0.5" fill="none"/></g><g transform="translate(588.1924254080072 612.3090108639277) rotate(0 72.91304347826085 19.572020984666608)"><path d="M120.92 41.31 C130.67 40.46, 140.41 39.62, 145.83 39.14 M120.92 41.31 C126.71 40.81, 132.49 40.3, 145.83 39.14" stroke="#1e1e1e" stroke-width="0.5" fill="none"/></g><g transform="translate(588.1924254080072 612.3090108639277) rotate(0 72.91304347826085 19.572020984666608)"><path d="M125.35 24.8 C133.36 30.41, 141.37 36.02, 145.83 39.14 M125.35 24.8 C130.11 28.13, 134.86 31.46, 145.83 39.14" stroke="#1e1e1e" stroke-width="0.5" fill="none"/></g></g><mask/><g stroke-linecap="round"><g transform="translate(588.6924254080072 698.0370401330747) rotate(0 72.41304347826087 -17.873370462502862)"><path d="M0 0 C24.14 -5.96, 120.69 -29.79, 144.83 -35.75 M0 0 C24.14 -5.96, 120.69 -29.79, 144.83 -35.75" stroke="#1e1e1e" stroke-width="0.5" fill="none"/></g><g transform="translate(588.6924254080072 698.0370401330747) rotate(0 72.41304347826087 -17.873370462502862)"><path d="M124.07 -21.82 C130.73 -26.29, 137.4 -30.76, 144.83 -35.75 M124.07 -21.82 C131.38 -26.73, 138.7 -31.64, 144.83 -35.75" stroke="#1e1e1e" stroke-width="0.5" fill="none"/></g><g transform="translate(588.6924254080072 698.0370401330747) rotate(0 72.41304347826087 -17.873370462502862)"><path d="M119.97 -38.42 C127.95 -37.56, 135.93 -36.7, 144.83 -35.75 M119.97 -38.42 C128.73 -37.48, 137.49 -36.54, 144.83 -35.75" stroke="#1e1e1e" stroke-width="0.5" fill="none"/></g></g><mask/><g stroke-linecap="round" transform="translate(729.416109037202 442.1119697312797) rotate(0 67.83414177602211 24.5)"><path d="M12.25 0 C52.26 1.83, 92.48 -2.78, 123.42 0 C129.04 0.42, 133.83 5.84, 135.67 12.25 C132.67 20.6, 134.35 27.62, 135.67 36.75 C137.13 47.24, 132.64 47.3, 123.42 49 C93.26 47.31, 71.23 51.51, 12.25 49 C5.81 50.31, -0.79 47.47, 0 36.75 C-2.88 31.99, -0.43 24.72, 0 12.25 C-3.1 6.69, 2.85 -2.69, 12.25 0" stroke="none" stroke-width="0" fill="#ffc9c9"/><path d="M12.25 0 C51.86 2.69, 95.82 2.16, 123.42 0 M123.42 0 C132.3 -1.29, 135.2 2.36, 135.67 12.25 M135.67 12.25 C137.06 20.22, 137.41 30.75, 135.67 36.75 M135.67 36.75 C135.19 45.62, 131.19 50.69, 123.42 49 M123.42 49 C82.02 50.49, 39.83 51.58, 12.25 49 M12.25 49 C5.05 50.62, 0.05 45.54, 0 36.75 M0 36.75 C-0.87 30.51, -0.24 21.91, 0 12.25 M0 12.25 C-0.62 3.97, 3.68 -1.22, 12.25 0" stroke="#1e1e1e" stroke-width="1" fill="none" stroke-dasharray="8 8.5"/></g><g transform="translate(752.8472433058998 459.21429151654615) rotate(0 44.40300750732422 7.397678214733503)"><text x="44.40300750732422" y="0" font-family="Virgil, Segoe UI Emoji" font-size="11.836285143573637px" fill="#1e1e1e" text-anchor="middle" style="white-space: pre;" direction="ltr" dominant-baseline="text-before-edge">ContainerStats</text></g><g stroke-linecap="round" transform="translate(1058.3871235299557 443.909071180555) rotate(0 67.83414177602211 24.5)"><path d="M12.25 0 C47.76 2.13, 86.54 3.47, 123.42 0 C131.17 -2.58, 138.83 1.41, 135.67 12.25 C137 22.8, 136.6 27, 135.67 36.75 C133.75 42.58, 131.42 46.28, 123.42 49 C96.7 51.76, 65.76 53.01, 12.25 49 C1.88 45.96, -3.34 41.66, 0 36.75 C-3 31.26, -1.14 17.88, 0 12.25 C-2.95 5.25, 6.94 2.67, 12.25 0" stroke="none" stroke-width="0" fill="#a5d8ff"/><path d="M12.25 0 C57.28 -2.1, 100.41 -2.53, 123.42 0 M123.42 0 C132.63 1.29, 136.7 5.32, 135.67 12.25 M135.67 12.25 C135.38 19.5, 135.47 27.03, 135.67 36.75 M135.67 36.75 C137.15 46.45, 133.13 49.2, 123.42 49 M123.42 49 C87.54 51.57, 49.78 50.58, 12.25 49 M12.25 49 C4.62 47.26, 1.3 43.83, 0 36.75 M0 36.75 C-0.56 27.13, -0.35 16.51, 0 12.25 M0 12.25 C0.99 4.55, 3.78 0.65, 12.25 0" stroke="#1e1e1e" stroke-width="1" fill="none" stroke-dasharray="8 8.5"/></g><g transform="translate(1094.586774339181 461.0113929658214) rotate(0 31.634490966796875 7.397678214733503)"><text x="31.634490966796875" y="0" font-family="Virgil, Segoe UI Emoji" font-size="11.836285143573637px" fill="#1e1e1e" text-anchor="middle" style="white-space: pre;" direction="ltr" dominant-baseline="text-before-edge">SwapUsage</text></g><g stroke-linecap="round" transform="translate(441.564737851662 407.0106688646242) rotate(0 67.83414177602211 24.5)"><path d="M12.25 0 C39.47 2.25, 65.63 2.19, 123.42 0 M12.25 0 C41.72 -0.34, 71.47 0.15, 123.42 0 M123.42 0 C133.07 1.53, 137.21 4.28, 135.67 12.25 M123.42 0 C132.31 -0.45, 137.65 5.2, 135.67 12.25 M135.67 12.25 C136.21 19.84, 136.98 29.82, 135.67 36.75 M135.67 12.25 C135.3 21.71, 135.41 30.67, 135.67 36.75 M135.67 36.75 C136.66 45.39, 131.28 49.65, 123.42 49 M135.67 36.75 C136.64 46.55, 129.62 47.37, 123.42 49 M123.42 49 C88.54 48.11, 55.89 48.05, 12.25 49 M123.42 49 C86.49 50.03, 49.05 48.91, 12.25 49 M12.25 49 C3.02 47.7, -0.09 43.4, 0 36.75 M12.25 49 C3.07 50.72, 1.66 46.02, 0 36.75 M0 36.75 C-1.17 26.82, -1.8 18.46, 0 12.25 M0 36.75 C-0.81 29.38, -0.29 19.82, 0 12.25 M0 12.25 C-1.64 4.73, 5.67 1.48, 12.25 0 M0 12.25 C-0.84 3.96, 5.85 -0.74, 12.25 0" stroke="#1e1e1e" stroke-width="0.5" fill="none"/></g><g transform="translate(453.6053310436997 424.11299064989066) rotate(0 55.793548583984375 7.39767821473356)"><text x="55.793548583984375" y="0" font-family="Virgil, Segoe UI Emoji" font-size="11.836285143573637px" fill="#1e1e1e" text-anchor="middle" style="white-space: pre;" direction="ltr" dominant-baseline="text-before-edge">ListContainerStats</text></g><g stroke-linecap="round" transform="translate(444.0526464631515 481.59178722197635) rotate(0 67.83414177602211 24.5)"><path d="M12.25 0 C52.12 0.9, 94.56 -1.16, 123.42 0 M12.25 0 C50.23 -0.17, 87.51 -0.84, 123.42 0 M123.42 0 C132.21 -0.39, 137.39 5.05, 135.67 12.25 M123.42 0 C133.44 0.06, 136.39 4.7, 135.67 12.25 M135.67 12.25 C137.59 17.02, 136.99 22.08, 135.67 36.75 M135.67 12.25 C136.11 19.7, 135.47 27, 135.67 36.75 M135.67 36.75 C136.52 46.33, 129.87 47.58, 123.42 49 M135.67 36.75 C135.94 43.74, 132.71 48.73, 123.42 49 M123.42 49 C98.74 47.61, 73.32 48.98, 12.25 49 M123.42 49 C82.35 47.83, 42.3 47.72, 12.25 49 M12.25 49 C3.2 50.5, 1.45 45.87, 0 36.75 M12.25 49 C4.92 48.5, 1.63 43.51, 0 36.75 M0 36.75 C0.83 31.02, 0.04 24.47, 0 12.25 M0 36.75 C-0.73 27.95, 0.88 19.25, 0 12.25 M0 12.25 C-0.73 3.98, 5.62 -0.65, 12.25 0 M0 12.25 C0 5.49, 3.49 0.09, 12.25 0" stroke="#1e1e1e" stroke-width="0.5" fill="none"/></g><g transform="translate(467.4837807318494 498.6941090072428) rotate(0 44.40300750732422 7.397678214733503)"><text x="44.40300750732422" y="0" font-family="Virgil, Segoe UI Emoji" font-size="11.836285143573637px" fill="#1e1e1e" text-anchor="middle" style="white-space: pre;" direction="ltr" dominant-baseline="text-before-edge">ContainerStats</text></g><g stroke-linecap="round"><g transform="translate(576.9767391334976 432.5751501807533) rotate(0 74.34782608695647 16.484967377403393)"><path d="M0 0 C24.78 5.49, 123.91 27.47, 148.7 32.97 M0 0 C24.78 5.49, 123.91 27.47, 148.7 32.97" stroke="#1e1e1e" stroke-width="0.5" fill="none"/></g><g transform="translate(576.9767391334976 432.5751501807533) rotate(0 74.34782608695647 16.484967377403393)"><path d="M123.91 36.23 C129.98 35.43, 136.05 34.63, 148.7 32.97 M123.91 36.23 C132.94 35.04, 141.98 33.85, 148.7 32.97" stroke="#1e1e1e" stroke-width="0.5" fill="none"/></g><g transform="translate(576.9767391334976 432.5751501807533) rotate(0 74.34782608695647 16.484967377403393)"><path d="M127.61 19.54 C132.78 22.83, 137.94 26.12, 148.7 32.97 M127.61 19.54 C135.3 24.43, 142.98 29.33, 148.7 32.97" stroke="#1e1e1e" stroke-width="0.5" fill="none"/></g></g><mask/><g stroke-linecap="round"><g transform="translate(580.7209300151958 505.1786965359955) rotate(0 72.5708108941958 -16.0807266192665)"><path d="M0 0 C24.19 -5.36, 120.95 -26.8, 145.14 -32.16 M0 0 C24.19 -5.36, 120.95 -26.8, 145.14 -32.16" stroke="#1e1e1e" stroke-width="0.5" fill="none"/></g><g transform="translate(580.7209300151958 505.1786965359955) rotate(0 72.5708108941958 -16.0807266192665)"><path d="M124.06 -18.73 C132.23 -23.94, 140.41 -29.15, 145.14 -32.16 M124.06 -18.73 C130.69 -22.96, 137.32 -27.18, 145.14 -32.16" stroke="#1e1e1e" stroke-width="0.5" fill="none"/></g><g transform="translate(580.7209300151958 505.1786965359955) rotate(0 72.5708108941958 -16.0807266192665)"><path d="M120.36 -35.43 C129.97 -34.16, 139.58 -32.89, 145.14 -32.16 M120.36 -35.43 C128.15 -34.4, 135.95 -33.37, 145.14 -32.16" stroke="#1e1e1e" stroke-width="0.5" fill="none"/></g></g><mask/><g stroke-linecap="round"><g transform="translate(866.6723913074106 465.7425365028266) rotate(0 94.48550724637687 1.2469152729007646)"><path d="M0 0 C31.5 0.42, 157.48 2.08, 188.97 2.49 M0 0 C31.5 0.42, 157.48 2.08, 188.97 2.49" stroke="#1e1e1e" stroke-width="0.5" fill="none"/></g><g transform="translate(866.6723913074106 465.7425365028266) rotate(0 94.48550724637687 1.2469152729007646)"><path d="M165.37 10.73 C174.72 7.47, 184.08 4.2, 188.97 2.49 M165.37 10.73 C172.32 8.31, 179.28 5.88, 188.97 2.49" stroke="#1e1e1e" stroke-width="0.5" fill="none"/></g><g transform="translate(866.6723913074106 465.7425365028266) rotate(0 94.48550724637687 1.2469152729007646)"><path d="M165.59 -6.37 C174.86 -2.85, 184.13 0.66, 188.97 2.49 M165.59 -6.37 C172.48 -3.76, 179.37 -1.14, 188.97 2.49" stroke="#1e1e1e" stroke-width="0.5" fill="none"/></g></g><mask/><g stroke-linecap="round" transform="translate(964.0837738280634 583.0659339256533) rotate(0 67.83414177602211 24.5)"><path d="M12.25 0 C48.8 -2.21, 87.24 -0.06, 123.42 0 M123.42 0 C132.53 -1.15, 134.69 2.8, 135.67 12.25 M135.67 12.25 C134.89 16.84, 135.91 23.74, 135.67 36.75 M135.67 36.75 C136.13 46.83, 132.71 49.42, 123.42 49 M123.42 49 C93.76 48.35, 64.94 50.91, 12.25 49 M12.25 49 C3.4 48.95, -1.46 45.53, 0 36.75 M0 36.75 C-0.96 28.74, 2.04 19.08, 0 12.25 M0 12.25 C-1.77 5.87, 5.27 1.44, 12.25 0" stroke="#1e1e1e" stroke-width="1" fill="none" stroke-dasharray="8 8.5"/></g><g transform="translate(969.5892794346519 592.7705774961863) rotate(0 62.32863616943358 14.795356429467063)"><text x="62.328636169433594" y="0" font-family="Virgil, Segoe UI Emoji" font-size="11.836285143573637px" fill="#1e1e1e" text-anchor="middle" style="white-space: pre;" direction="ltr" dominant-baseline="text-before-edge">LinuxPodSandboxStat</text><text x="62.328636169433594" y="14.795356429467045" font-family="Virgil, Segoe UI Emoji" font-size="11.836285143573637px" fill="#1e1e1e" text-anchor="middle" style="white-space: pre;" direction="ltr" dominant-baseline="text-before-edge">s</text></g><g stroke-linecap="round"><g transform="translate(962.0215132445969 597.845547329838) rotate(0 -73.06174139787645 -51.90632488420255)"><path d="M0 0 C-24.35 -17.3, -121.77 -86.51, -146.12 -103.81 M0 0 C-24.35 -17.3, -121.77 -86.51, -146.12 -103.81" stroke="#1e1e1e" stroke-width="0.5" fill="none"/></g><g transform="translate(962.0215132445969 597.845547329838) rotate(0 -73.06174139787645 -51.90632488420255)"><path d="M-122.02 -97.18 C-128.57 -98.98, -135.11 -100.78, -146.12 -103.81 M-122.02 -97.18 C-129.08 -99.12, -136.13 -101.06, -146.12 -103.81" stroke="#1e1e1e" stroke-width="0.5" fill="none"/></g><g transform="translate(962.0215132445969 597.845547329838) rotate(0 -73.06174139787645 -51.90632488420255)"><path d="M-131.92 -83.24 C-135.78 -88.83, -139.64 -94.41, -146.12 -103.81 M-131.92 -83.24 C-136.08 -89.26, -140.24 -95.29, -146.12 -103.81" stroke="#1e1e1e" stroke-width="0.5" fill="none"/></g></g><mask/><g stroke-linecap="round"><g transform="translate(875.3309150101162 655.6653273259251) rotate(0 43.085057460981474 -18.431487882991235)"><path d="M0 0 C14.36 -6.14, 71.81 -30.72, 86.17 -36.86 M0 0 C14.36 -6.14, 71.81 -30.72, 86.17 -36.86" stroke="#1e1e1e" stroke-width="0.5" fill="none"/></g><g transform="translate(875.3309150101162 655.6653273259251) rotate(0 43.085057460981474 -18.431487882991235)"><path d="M67.93 -19.76 C71.73 -23.32, 75.52 -26.88, 86.17 -36.86 M67.93 -19.76 C71.95 -23.53, 75.97 -27.3, 86.17 -36.86" stroke="#1e1e1e" stroke-width="0.5" fill="none"/></g><g transform="translate(875.3309150101162 655.6653273259251) rotate(0 43.085057460981474 -18.431487882991235)"><path d="M61.21 -35.48 C66.4 -35.77, 71.59 -36.06, 86.17 -36.86 M61.21 -35.48 C66.71 -35.79, 72.21 -36.09, 86.17 -36.86" stroke="#1e1e1e" stroke-width="0.5" fill="none"/></g></g><mask/><g stroke-linecap="round" transform="translate(440.28283606165286 110.97769863153599) rotate(0 67.83414177602211 24.5)"><path d="M12.25 0 C37.48 0.59, 59.06 -1, 123.42 0 M12.25 0 C46.22 0.32, 80.52 0.37, 123.42 0 M123.42 0 C132.79 1.69, 137.64 2.99, 135.67 12.25 M123.42 0 C133.57 2.17, 137.15 5.37, 135.67 12.25 M135.67 12.25 C136.28 20.69, 135.68 26.29, 135.67 36.75 M135.67 12.25 C135.93 17, 135.67 23.28, 135.67 36.75 M135.67 36.75 C135.54 46.09, 132.02 50.95, 123.42 49 M135.67 36.75 C135.97 43.99, 130.58 47.75, 123.42 49 M123.42 49 C80.9 50.2, 42.23 51.63, 12.25 49 M123.42 49 C95 48.82, 65.85 49.56, 12.25 49 M12.25 49 C3.95 50.76, -1.13 45.98, 0 36.75 M12.25 49 C4.66 47.42, 1.86 45.85, 0 36.75 M0 36.75 C1.57 28.95, 1.32 23.15, 0 12.25 M0 36.75 C-0.86 28.79, 0.15 19.26, 0 12.25 M0 12.25 C-0.53 4.66, 3.6 -1.84, 12.25 0 M0 12.25 C-1.54 6.17, 3 1.27, 12.25 0" stroke="#1e1e1e" stroke-width="0.5" fill="none"/></g><g transform="translate(450.2771569758586 128.08002041680243) rotate(0 57.839820861816406 7.39767821473356)"><text x="57.839820861816406" y="0" font-family="Virgil, Segoe UI Emoji" font-size="11.836285143573637px" fill="#1e1e1e" text-anchor="middle" style="white-space: pre;" direction="ltr" dominant-baseline="text-before-edge">GetContainerEvents</text></g><g stroke-linecap="round" transform="translate(728.152401279044 113.97769863153599) rotate(0 67.83414177602211 24.5)"><path d="M12.25 0 C45.72 0.76, 82.23 -2.19, 123.42 0 C131.19 -3.52, 137.93 3.84, 135.67 12.25 C136.32 19.27, 138.34 32.72, 135.67 36.75 C136.11 41.88, 130.16 51.45, 123.42 49 C92.54 51.07, 61.34 47.71, 12.25 49 C5.92 49.64, -2 43.97, 0 36.75 C-2.31 31.96, -1.59 22.63, 0 12.25 C-2.54 4.65, 4.97 -0.48, 12.25 0" stroke="none" stroke-width="0" fill="#ffc9c9"/><path d="M12.25 0 C47.53 1.66, 81.62 -0.19, 123.42 0 M123.42 0 C131.32 -1.13, 135.51 5.28, 135.67 12.25 M135.67 12.25 C137.63 23.57, 137.2 32.22, 135.67 36.75 M135.67 36.75 C135.2 45.39, 132.59 49.55, 123.42 49 M123.42 49 C79.5 50.53, 37.49 49.48, 12.25 49 M12.25 49 C2.22 48.69, -0.67 44.79, 0 36.75 M0 36.75 C0.21 27.15, -0.93 18.09, 0 12.25 M0 12.25 C1.37 3.08, 5.67 -1.56, 12.25 0" stroke="#1e1e1e" stroke-width="1" fill="none" stroke-dasharray="8 8.5"/></g><g transform="translate(733.1907132821169 123.68234220206887) rotate(0 62.79582977294922 14.795356429467006)"><text x="62.79582977294922" y="0" font-family="Virgil, Segoe UI Emoji" font-size="11.836285143573637px" fill="#1e1e1e" text-anchor="middle" style="white-space: pre;" direction="ltr" dominant-baseline="text-before-edge">ContainerEventRespon</text><text x="62.79582977294922" y="14.795356429467045" font-family="Virgil, Segoe UI Emoji" font-size="11.836285143573637px" fill="#1e1e1e" text-anchor="middle" style="white-space: pre;" direction="ltr" dominant-baseline="text-before-edge">se</text></g><g stroke-linecap="round"><g transform="translate(576.9511196136971 133.05499219504964) rotate(0 73.77981685505767 0.6953772588850597)"><path d="M0 0 C24.59 0.23, 122.97 1.16, 147.56 1.39 M0 0 C24.59 0.23, 122.97 1.16, 147.56 1.39" stroke="#1e1e1e" stroke-width="0.5" fill="none"/></g><g transform="translate(576.9511196136971 133.05499219504964) rotate(0 73.77981685505767 0.6953772588850597)"><path d="M123.99 9.72 C133.3 6.43, 142.62 3.14, 147.56 1.39 M123.99 9.72 C128.86 8, 133.73 6.28, 147.56 1.39" stroke="#1e1e1e" stroke-width="0.5" fill="none"/></g><g transform="translate(576.9511196136971 133.05499219504964) rotate(0 73.77981685505767 0.6953772588850597)"><path d="M124.15 -7.38 C133.4 -3.91, 142.65 -0.45, 147.56 1.39 M124.15 -7.38 C128.98 -5.57, 133.82 -3.76, 147.56 1.39" stroke="#1e1e1e" stroke-width="0.5" fill="none"/></g></g><mask/><g stroke-linecap="round" transform="translate(190.6875 271.9700851482246) rotate(0 28.459141776022108 14.5)"><path d="M7.25 0 C22.47 0.96, 35.44 1.05, 49.67 0 M7.25 0 C19.57 -0.58, 29.82 -0.66, 49.67 0 M49.67 0 C56.11 1.71, 56.24 2.04, 56.92 7.25 M49.67 0 C56.6 -0.4, 58.55 3.5, 56.92 7.25 M56.92 7.25 C57.84 11.89, 56.37 17.08, 56.92 21.75 M56.92 7.25 C57.19 12.2, 56.26 18.78, 56.92 21.75 M56.92 21.75 C55.53 25.19, 56.5 30.77, 49.67 29 M56.92 21.75 C58.21 28.15, 53.48 27.59, 49.67 29 M49.67 29 C34.46 28.12, 21.15 27.91, 7.25 29 M49.67 29 C38.26 29.2, 25.66 29.51, 7.25 29 M7.25 29 C1.54 27.68, 0.89 26.76, 0 21.75 M7.25 29 C2.68 31.2, -0.19 26.24, 0 21.75 M0 21.75 C-0.23 16.83, 1.21 13.58, 0 7.25 M0 21.75 C-0.23 17.25, 0.04 12.34, 0 7.25 M0 7.25 C1.85 1.35, 3.18 0.6, 7.25 0 M0 7.25 C0.96 2.27, 1.5 1.34, 7.25 0" stroke="#1e1e1e" stroke-width="0.5" fill="none"/></g><g stroke-linecap="round" transform="translate(11.5625 271.9700851482246) rotate(0 28.45914177602208 14.5)"><path d="M7.25 0 C16.26 -1.51, 26.66 3.03, 49.67 0 C54.02 0.86, 57.57 -1.18, 56.92 7.25 C56.58 13.55, 56.08 20.6, 56.92 21.75 C58.6 25.45, 54.66 30.06, 49.67 29 C36.06 31.69, 13.94 26.06, 7.25 29 C-0.53 28.97, -1.13 24.58, 0 21.75 C1.95 17.99, 1 13.32, 0 7.25 C1.74 3.98, 2.82 -0.37, 7.25 0" stroke="none" stroke-width="0" fill="#a5d8ff"/><path d="M7.25 0 C17.98 -1.84, 29.71 0.81, 49.67 0 M7.25 0 C18.89 0.19, 30.25 -0.86, 49.67 0 M49.67 0 C53.49 0.99, 57.95 3.46, 56.92 7.25 M49.67 0 C52.83 -2.26, 54.84 0.38, 56.92 7.25 M56.92 7.25 C56.18 9.02, 56 12.67, 56.92 21.75 M56.92 7.25 C56.36 12.38, 57.11 17.53, 56.92 21.75 M56.92 21.75 C54.94 25.29, 56.27 27.43, 49.67 29 M56.92 21.75 C55.57 28.54, 53.16 28.8, 49.67 29 M49.67 29 C36.16 29.79, 26.82 26.72, 7.25 29 M49.67 29 C37.75 27.83, 25.56 29.45, 7.25 29 M7.25 29 C4.15 27.12, -0.22 25.03, 0 21.75 M7.25 29 C2.28 28.26, 1.7 25.88, 0 21.75 M0 21.75 C0.16 17.22, 0.34 14.92, 0 7.25 M0 21.75 C-0.47 16.95, 0.62 12.83, 0 7.25 M0 7.25 C0.87 2.52, 0.94 -0.97, 7.25 0 M0 7.25 C-1.34 2.49, 2.24 1.35, 7.25 0" stroke="#1e1e1e" stroke-width="0.5" fill="none"/></g><g transform="translate(99.0216417760222 221.4700851482246) rotate(0 24.000045776367188 10)"><text x="0" y="0" font-family="Virgil, Segoe UI Emoji" font-size="16px" fill="#1e1e1e" text-anchor="start" style="white-space: pre;" direction="ltr" dominant-baseline="text-before-edge">无变更</text></g><g transform="translate(100.02159599965489 277.7200851482246) rotate(0 16.000030517578125 10)"><text x="0" y="0" font-family="Virgil, Segoe UI Emoji" font-size="16px" fill="#1e1e1e" text-anchor="start" style="white-space: pre;" direction="ltr" dominant-baseline="text-before-edge">新增</text></g><g stroke-linecap="round" transform="translate(191.625 354.4700851482246) rotate(0 28.459141776022108 14.5)"><path d="M7.25 0 C20.73 0.66, 35.61 1.39, 49.67 0 M49.67 0 C55.84 0.42, 58.86 3.94, 56.92 7.25 M56.92 7.25 C56.67 12.23, 56.52 18.54, 56.92 21.75 M56.92 21.75 C57.51 25.79, 56.33 28.62, 49.67 29 M49.67 29 C31.86 30.65, 17.6 30.27, 7.25 29 M7.25 29 C1.29 28.27, 0.65 28.07, 0 21.75 M0 21.75 C1.32 18.48, -0.62 11.43, 0 7.25 M0 7.25 C0.02 0.68, 0.81 -0.83, 7.25 0" stroke="#1e1e1e" stroke-width="1" fill="none" stroke-dasharray="8 8.5"/></g><g stroke-linecap="round" transform="translate(10 351.9700851482246) rotate(0 28.45914177602208 14.5)"><path d="M7.25 0 C22.43 0.79, 34.43 1.63, 49.67 0 C53.54 -1.26, 59.87 4.57, 56.92 7.25 C59.25 8.58, 54.91 14.64, 56.92 21.75 C57.53 27.64, 53.58 27.03, 49.67 29 C35.65 28.18, 20.44 31.03, 7.25 29 C-0.55 26.97, 2.02 28.52, 0 21.75 C-1.45 16.59, 2.11 9.43, 0 7.25 C0.36 3.17, 4.4 -0.65, 7.25 0" stroke="none" stroke-width="0" fill="#ffc9c9"/><path d="M7.25 0 C22.57 1.51, 40.7 0.21, 49.67 0 M7.25 0 C24.54 -0.61, 40.7 -0.64, 49.67 0 M49.67 0 C53.86 0.58, 57.51 1.63, 56.92 7.25 M49.67 0 C56.61 -0.44, 58.63 2.04, 56.92 7.25 M56.92 7.25 C56.57 13.42, 55.96 17.7, 56.92 21.75 M56.92 7.25 C57.29 12.13, 57.71 17.52, 56.92 21.75 M56.92 21.75 C56.13 24.79, 54.52 27.26, 49.67 29 M56.92 21.75 C55.07 25.62, 53.19 26.87, 49.67 29 M49.67 29 C41.95 29.45, 33.19 29.64, 7.25 29 M49.67 29 C38.13 27.91, 25.01 28.1, 7.25 29 M7.25 29 C0.44 28.4, 0.39 26.31, 0 21.75 M7.25 29 C0.13 27.85, 1.98 27.31, 0 21.75 M0 21.75 C0.38 15.34, -0.46 12.82, 0 7.25 M0 21.75 C-0.68 18.48, -0.45 14.78, 0 7.25 M0 7.25 C-0.73 0.91, 1.24 0.02, 7.25 0 M0 7.25 C-0.56 0.78, 3.14 0.64, 7.25 0" stroke="#1e1e1e" stroke-width="0.5" fill="none"/></g><g transform="translate(100.95909599965489 357.7200851482248) rotate(0 16.000030517578125 10)"><text x="0" y="0" font-family="Virgil, Segoe UI Emoji" font-size="16px" fill="#1e1e1e" text-anchor="start" style="white-space: pre;" direction="ltr" dominant-baseline="text-before-edge">修改</text></g><g transform="translate(279.55286125844384 278.4700851482246) rotate(0 16.000030517578125 10)"><text x="0" y="0" font-family="Virgil, Segoe UI Emoji" font-size="16px" fill="#1e1e1e" text-anchor="start" style="white-space: pre;" direction="ltr" dominant-baseline="text-before-edge">接口</text></g><g transform="translate(280.49036125844384 358.4700851482248) rotate(0 32.00006103515625 10)"><text x="0" y="0" font-family="Virgil, Segoe UI Emoji" font-size="16px" fill="#1e1e1e" text-anchor="start" style="white-space: pre;" direction="ltr" dominant-baseline="text-before-edge">内部数据</text></g><g stroke-linecap="round" transform="translate(441.51073438300847 10.751633986928255) rotate(0 67.83414177602211 24.5)"><path d="M12.25 0 C41.29 -2.53, 75.89 1.52, 123.42 0 C132.17 -0.98, 135.09 3.89, 135.67 12.25 C133.36 24.32, 137.05 29.24, 135.67 36.75 C137.92 46.6, 130.07 51.58, 123.42 49 C83.19 49.13, 38.97 49.55, 12.25 49 C4.7 45.52, -2.43 43.88, 0 36.75 C-0.11 28.49, 0.37 26.29, 0 12.25 C-1.69 4.38, 3.87 -1.66, 12.25 0" stroke="none" stroke-width="0" fill="#a5d8ff"/><path d="M12.25 0 C40.5 0.38, 68.72 0.57, 123.42 0 M12.25 0 C55.6 0.03, 100.91 -0.01, 123.42 0 M123.42 0 C130.91 1.57, 136.88 5.9, 135.67 12.25 M123.42 0 C132.06 -1.24, 137.56 3.82, 135.67 12.25 M135.67 12.25 C135.51 17.2, 134.08 24.91, 135.67 36.75 M135.67 12.25 C134.61 19.88, 134.58 27.19, 135.67 36.75 M135.67 36.75 C137.48 46.76, 131.69 48.23, 123.42 49 M135.67 36.75 C137.06 43.82, 129.39 48.33, 123.42 49 M123.42 49 C98.21 47.23, 77.19 50.26, 12.25 49 M123.42 49 C91.01 48.47, 56.89 48.69, 12.25 49 M12.25 49 C3.53 48.6, 0.28 46.55, 0 36.75 M12.25 49 C5.16 50.53, -1.41 43.61, 0 36.75 M0 36.75 C-2.07 30.49, -0.06 21.95, 0 12.25 M0 36.75 C-0.15 28.95, -0.46 18.52, 0 12.25 M0 12.25 C-1.08 4.97, 3.28 -1.96, 12.25 0 M0 12.25 C-0.18 2.58, 5.05 2.17, 12.25 0" stroke="#1e1e1e" stroke-width="0.5" fill="none"/></g><g transform="translate(470.6193894036595 27.853955772194695) rotate(0 38.725486755371094 7.39767821473356)"><text x="38.725486755371094" y="0" font-family="Virgil, Segoe UI Emoji" font-size="11.836285143573637px" fill="#1e1e1e" text-anchor="middle" style="white-space: pre;" direction="ltr" dominant-baseline="text-before-edge">RuntimeConfig</text></g><g stroke-linecap="round" transform="translate(729.5760938601327 10) rotate(0 67.83414177602211 24.5)"><path d="M12.25 0 C38.04 -4.08, 64.6 -0.03, 123.42 0 C129.17 -2.84, 134.04 3.08, 135.67 12.25 C137.41 21.5, 133.52 23.94, 135.67 36.75 C136.11 48.08, 129.01 45.67, 123.42 49 C84.43 48.66, 39.71 48.74, 12.25 49 C7.6 47.15, -2.39 42.97, 0 36.75 C-0.1 25.96, 1.69 23.27, 0 12.25 C-0.35 1.25, 3.51 -3.23, 12.25 0" stroke="none" stroke-width="0" fill="#a5d8ff"/><path d="M12.25 0 C46.61 0.02, 77.46 -1.82, 123.42 0 M123.42 0 C132.1 0.28, 136.1 3.41, 135.67 12.25 M135.67 12.25 C136.23 20.44, 137.46 30.56, 135.67 36.75 M135.67 36.75 C135.25 44.63, 132.11 48.87, 123.42 49 M123.42 49 C100.57 46.89, 76.6 46.7, 12.25 49 M12.25 49 C4.57 47.2, 0.35 46.73, 0 36.75 M0 36.75 C1.2 26.19, -1.93 16.95, 0 12.25 M0 12.25 C-1.8 3.46, 3.29 -1.87, 12.25 0" stroke="#1e1e1e" stroke-width="1" fill="none" stroke-dasharray="8 8.5"/></g><g transform="translate(738.4999420570532 19.70464357053288) rotate(0 58.91029357910156 14.795356429467006)"><text x="58.91029357910156" y="0" font-family="Virgil, Segoe UI Emoji" font-size="11.836285143573637px" fill="#1e1e1e" text-anchor="middle" style="white-space: pre;" direction="ltr" dominant-baseline="text-before-edge">LinuxRuntimeConfigur</text><text x="58.91029357910156" y="14.795356429467045" font-family="Virgil, Segoe UI Emoji" font-size="11.836285143573637px" fill="#1e1e1e" text-anchor="middle" style="white-space: pre;" direction="ltr" dominant-baseline="text-before-edge">ation</text></g><g stroke-linecap="round" transform="translate(1058.0597539908517 11.307189542483684) rotate(0 67.83414177602211 24.5)"><path d="M12.25 0 C35.82 -3.77, 62.58 -1.93, 123.42 0 C130.87 0.51, 138.6 5.76, 135.67 12.25 C135.84 24.39, 132.82 26.87, 135.67 36.75 C138.17 45.2, 132.5 51.1, 123.42 49 C96.22 46.72, 59.59 46.63, 12.25 49 C5.69 47.56, -3.53 44.64, 0 36.75 C-0.54 28.17, -0.76 22.02, 0 12.25 C-2.85 3.19, 5.28 0.58, 12.25 0" stroke="none" stroke-width="0" fill="#a5d8ff"/><path d="M12.25 0 C46.29 1.29, 79.73 0.34, 123.42 0 M123.42 0 C133.15 1.22, 137.48 4.5, 135.67 12.25 M135.67 12.25 C135.45 17.99, 136.4 24.18, 135.67 36.75 M135.67 36.75 C133.78 43.36, 130.56 49.03, 123.42 49 M123.42 49 C99.14 46.24, 74.25 49.85, 12.25 49 M12.25 49 C5.93 49.11, -0.77 46.13, 0 36.75 M0 36.75 C-1.57 29.94, -0.56 22.52, 0 12.25 M0 12.25 C-1.33 4.53, 5.78 -0.09, 12.25 0" stroke="#1e1e1e" stroke-width="1" fill="none" stroke-dasharray="8 8.5"/></g><g transform="translate(1089.7055565334754 28.409511327750124) rotate(0 36.18833923339844 7.39767821473356)"><text x="36.18833923339844" y="0" font-family="Virgil, Segoe UI Emoji" font-size="11.836285143573637px" fill="#1e1e1e" text-anchor="middle" style="white-space: pre;" direction="ltr" dominant-baseline="text-before-edge">CgroupDriver</text></g><g stroke-linecap="round"><g transform="translate(581.9852550437765 33.93286180168093) rotate(0 71.7256341871495 1.8430938087597042)"><path d="M0 0 C23.91 0.61, 119.54 3.07, 143.45 3.69 M0 0 C23.91 0.61, 119.54 3.07, 143.45 3.69" stroke="#1e1e1e" stroke-width="0.5" fill="none"/></g><g transform="translate(581.9852550437765 33.93286180168093) rotate(0 71.7256341871495 1.8430938087597042)"><path d="M119.75 11.63 C127.19 9.14, 134.63 6.64, 143.45 3.69 M119.75 11.63 C125.58 9.68, 131.41 7.72, 143.45 3.69" stroke="#1e1e1e" stroke-width="0.5" fill="none"/></g><g transform="translate(581.9852550437765 33.93286180168093) rotate(0 71.7256341871495 1.8430938087597042)"><path d="M120.19 -5.46 C127.49 -2.59, 134.79 0.28, 143.45 3.69 M120.19 -5.46 C125.91 -3.21, 131.63 -0.96, 143.45 3.69" stroke="#1e1e1e" stroke-width="0.5" fill="none"/></g></g><mask/><g stroke-linecap="round"><g transform="translate(865.0479184137803 32.85299659664042) rotate(0 96.0059177885357 1.8349593476192467)"><path d="M0 0 C32 0.61, 160.01 3.06, 192.01 3.67 M0 0 C32 0.61, 160.01 3.06, 192.01 3.67" stroke="#1e1e1e" stroke-width="0.5" fill="none"/></g><g transform="translate(865.0479184137803 32.85299659664042) rotate(0 96.0059177885357 1.8349593476192467)"><path d="M168.36 11.77 C174.66 9.61, 180.96 7.46, 192.01 3.67 M168.36 11.77 C175.19 9.43, 182.01 7.09, 192.01 3.67" stroke="#1e1e1e" stroke-width="0.5" fill="none"/></g><g transform="translate(865.0479184137803 32.85299659664042) rotate(0 96.0059177885357 1.8349593476192467)"><path d="M168.69 -5.33 C174.9 -2.93, 181.11 -0.54, 192.01 3.67 M168.69 -5.33 C175.42 -2.73, 182.15 -0.13, 192.01 3.67" stroke="#1e1e1e" stroke-width="0.5" fill="none"/></g></g><mask/><g stroke-linecap="round" transform="translate(438.04995006928294 211.70261437908425) rotate(0 67.83414177602211 24.5)"><path d="M12.25 0 C43.9 -1.21, 78.24 0.72, 123.42 0 M12.25 0 C46.77 0.14, 79.54 1.86, 123.42 0 M123.42 0 C133.51 -0.74, 135.06 3.55, 135.67 12.25 M123.42 0 C131.49 1.42, 134.35 2.09, 135.67 12.25 M135.67 12.25 C137.42 20.35, 134.37 30.45, 135.67 36.75 M135.67 12.25 C135.51 20, 135.59 28.32, 135.67 36.75 M135.67 36.75 C137.61 46.04, 131.47 47.46, 123.42 49 M135.67 36.75 C133.49 46.11, 133.38 47.18, 123.42 49 M123.42 49 C80.97 49.88, 34.97 47.77, 12.25 49 M123.42 49 C91.85 49.86, 57.62 49.38, 12.25 49 M12.25 49 C4.82 48.28, 1.71 43.69, 0 36.75 M12.25 49 C2.69 48.7, -1.47 43.07, 0 36.75 M0 36.75 C1.08 28.82, -1.09 19.76, 0 12.25 M0 36.75 C-0.17 31.6, 0.84 26, 0 12.25 M0 12.25 C1.32 2.85, 5.07 0.08, 12.25 0 M0 12.25 C-0.83 4.7, 2.84 -0.16, 12.25 0" stroke="#1e1e1e" stroke-width="0.5" fill="none"/></g><g transform="translate(451.26743840292227 228.8049361643507) rotate(0 54.61665344238281 7.39767821473356)"><text x="54.61665344238281" y="0" font-family="Virgil, Segoe UI Emoji" font-size="11.836285143573637px" fill="#1e1e1e" text-anchor="middle" style="white-space: pre;" direction="ltr" dominant-baseline="text-before-edge">PodSandboxStatus</text></g><g stroke-linecap="round" transform="translate(725.0499500692829 214.70261437908425) rotate(0 67.83414177602211 24.5)"><path d="M12.25 0 C47.77 4.34, 86.83 5.22, 123.42 0 C131.32 -2.47, 133.67 5.41, 135.67 12.25 C133.87 18.24, 133.75 22.28, 135.67 36.75 C138.29 45.26, 134.85 50.99, 123.42 49 C80.96 49.64, 42.72 49.5, 12.25 49 C5.98 51.88, 2.2 47.28, 0 36.75 C-1.51 31.86, -2.16 24.81, 0 12.25 C0.71 3.07, 7.04 2.86, 12.25 0" stroke="none" stroke-width="0" fill="#ffc9c9"/><path d="M12.25 0 C44.99 -2.91, 75.89 0.03, 123.42 0 M123.42 0 C130.08 -1.44, 137.6 6, 135.67 12.25 M135.67 12.25 C135.51 19.93, 134.45 23.4, 135.67 36.75 M135.67 36.75 C137.28 43.52, 132.96 50.92, 123.42 49 M123.42 49 C97.27 47.05, 71.3 48.85, 12.25 49 M12.25 49 C3.98 49.26, 0.92 46.86, 0 36.75 M0 36.75 C-1.88 29.05, 1.57 17.7, 0 12.25 M0 12.25 C1.82 3.02, 4.89 1.02, 12.25 0" stroke="#1e1e1e" stroke-width="1" fill="none" stroke-dasharray="8 8.5"/></g><g transform="translate(731.0226721675707 224.40725794961713) rotate(0 61.861419677734375 14.795356429467006)"><text x="61.861419677734375" y="0" font-family="Virgil, Segoe UI Emoji" font-size="11.836285143573637px" fill="#1e1e1e" text-anchor="middle" style="white-space: pre;" direction="ltr" dominant-baseline="text-before-edge">PodSandboxStatusRe</text><text x="61.861419677734375" y="14.795356429467045" font-family="Virgil, Segoe UI Emoji" font-size="11.836285143573637px" fill="#1e1e1e" text-anchor="middle" style="white-space: pre;" direction="ltr" dominant-baseline="text-before-edge">sponse</text></g><g stroke-linecap="round"><g transform="translate(574.7182336213272 233.78163227706204) rotate(0 73.34503424636208 0.6933682538535777)"><path d="M0 0 C24.45 0.23, 122.24 1.16, 146.69 1.39 M0 0 C24.45 0.23, 122.24 1.16, 146.69 1.39" stroke="#1e1e1e" stroke-width="0.5" fill="none"/></g><g transform="translate(574.7182336213272 233.78163227706204) rotate(0 73.34503424636208 0.6933682538535777)"><path d="M123.12 9.71 C127.94 8.01, 132.76 6.31, 146.69 1.39 M123.12 9.71 C129.32 7.52, 135.52 5.33, 146.69 1.39" stroke="#1e1e1e" stroke-width="0.5" fill="none"/></g><g transform="translate(574.7182336213272 233.78163227706204) rotate(0 73.34503424636208 0.6933682538535777)"><path d="M123.28 -7.39 C128.07 -5.59, 132.85 -3.8, 146.69 1.39 M123.28 -7.39 C129.44 -5.08, 135.59 -2.77, 146.69 1.39" stroke="#1e1e1e" stroke-width="0.5" fill="none"/></g></g><mask/><g stroke-linecap="round" transform="translate(440.4979095910648 299.03384611883644) rotate(0 67.83414177602211 24.5)"><path d="M12.25 0 C50.17 -0.59, 88.6 0.89, 123.42 0 M12.25 0 C46.77 0.83, 82.81 -0.36, 123.42 0 M123.42 0 C131.94 0.68, 136.22 2.42, 135.67 12.25 M123.42 0 C130.55 -0.75, 135.13 4.41, 135.67 12.25 M135.67 12.25 C137.68 20.92, 137.27 31.19, 135.67 36.75 M135.67 12.25 C135.29 19.8, 135.07 24.76, 135.67 36.75 M135.67 36.75 C136.35 43.35, 132.94 47.95, 123.42 49 M135.67 36.75 C135.17 43.63, 133.04 47.65, 123.42 49 M123.42 49 C94.28 49.81, 61.5 47.59, 12.25 49 M123.42 49 C94.72 47.73, 65.1 49.03, 12.25 49 M12.25 49 C2.49 47.86, -1.49 44.59, 0 36.75 M12.25 49 C5.13 49.61, 0.15 43.68, 0 36.75 M0 36.75 C-1.43 30.31, -1.35 24.99, 0 12.25 M0 36.75 C-0.76 31.1, 0.39 25.52, 0 12.25 M0 12.25 C0.61 4.67, 2.62 0.38, 12.25 0 M0 12.25 C-1.02 4.55, 6.02 2.1, 12.25 0" stroke="#1e1e1e" stroke-width="0.5" fill="none"/></g><g transform="translate(460.5698367064424 316.1361679041029) rotate(0 47.76221466064453 7.39767821473356)"><text x="47.76221466064453" y="0" font-family="Virgil, Segoe UI Emoji" font-size="11.836285143573637px" fill="#1e1e1e" text-anchor="middle" style="white-space: pre;" direction="ltr" dominant-baseline="text-before-edge">ContainerStatus</text></g><g stroke-linecap="round" transform="translate(1063.97617046063 294.6860200318804) rotate(0 67.83414177602211 24.5)"><path d="M12.25 0 C38.01 -3.37, 65.19 -1.9, 123.42 0 C130 1.95, 134.84 2.34, 135.67 12.25 C134.54 21.74, 137.66 26.41, 135.67 36.75 C132.31 45.9, 134.07 47.89, 123.42 49 C93.12 45.92, 65.34 49.01, 12.25 49 C4.74 47.11, -1.45 47.57, 0 36.75 C-3.76 26.75, -2.28 23.95, 0 12.25 C2.37 2.99, 3.64 0.89, 12.25 0" stroke="none" stroke-width="0" fill="#ffc9c9"/><path d="M12.25 0 C35.15 1.26, 59.02 -1.03, 123.42 0 M123.42 0 C130.63 0.72, 135.03 5.82, 135.67 12.25 M135.67 12.25 C135.27 18.6, 135.64 27.45, 135.67 36.75 M135.67 36.75 C134.55 46.3, 132.05 48.1, 123.42 49 M123.42 49 C93.36 48.93, 66.43 46.47, 12.25 49 M12.25 49 C2.87 48.24, -0.73 46.28, 0 36.75 M0 36.75 C-1.05 30.11, -1.84 21.45, 0 12.25 M0 12.25 C-1.26 3.76, 4.69 1.73, 12.25 0" stroke="#1e1e1e" stroke-width="1" fill="none" stroke-dasharray="8 8.5"/></g><g transform="translate(1084.0480975760076 311.78834181714683) rotate(0 47.76221466064453 7.39767821473356)"><text x="47.76221466064453" y="0" font-family="Virgil, Segoe UI Emoji" font-size="11.836285143573637px" fill="#1e1e1e" text-anchor="middle" style="white-space: pre;" direction="ltr" dominant-baseline="text-before-edge">ContainerStatus</text></g><g stroke-linecap="round"><g transform="translate(578.46527799029 323.3089478003749) rotate(0 72.04068642027516 0.656871557697059)"><path d="M0 0 C24.01 0.22, 120.07 1.09, 144.08 1.31 M0 0 C24.01 0.22, 120.07 1.09, 144.08 1.31" stroke="#1e1e1e" stroke-width="0.5" fill="none"/></g><g transform="translate(578.46527799029 323.3089478003749) rotate(0 72.04068642027516 0.656871557697059)"><path d="M120.51 9.65 C127.06 7.33, 133.61 5.02, 144.08 1.31 M120.51 9.65 C129.45 6.49, 138.39 3.33, 144.08 1.31" stroke="#1e1e1e" stroke-width="0.5" fill="none"/></g><g transform="translate(578.46527799029 323.3089478003749) rotate(0 72.04068642027516 0.656871557697059)"><path d="M120.67 -7.45 C127.18 -5.01, 133.68 -2.58, 144.08 1.31 M120.67 -7.45 C129.55 -4.13, 138.43 -0.8, 144.08 1.31" stroke="#1e1e1e" stroke-width="0.5" fill="none"/></g></g><mask/><g stroke-linecap="round"><g transform="translate(862.5877988387184 241.0759395996838) rotate(0 98.5082612422305 35.21081741989781)"><path d="M0 0 C32.84 11.74, 164.18 58.68, 197.02 70.42 M0 0 C32.84 11.74, 164.18 58.68, 197.02 70.42" stroke="#1e1e1e" stroke-width="0.5" fill="none"/></g><g transform="translate(862.5877988387184 241.0759395996838) rotate(0 98.5082612422305 35.21081741989781)"><path d="M172.02 70.57 C178.03 70.53, 184.04 70.5, 197.02 70.42 M172.02 70.57 C178.58 70.53, 185.15 70.49, 197.02 70.42" stroke="#1e1e1e" stroke-width="0.5" fill="none"/></g><g transform="translate(862.5877988387184 241.0759395996838) rotate(0 98.5082612422305 35.21081741989781)"><path d="M177.77 54.46 C182.4 58.3, 187.03 62.14, 197.02 70.42 M177.77 54.46 C182.83 58.66, 187.88 62.85, 197.02 70.42" stroke="#1e1e1e" stroke-width="0.5" fill="none"/></g></g><mask/><g stroke-linecap="round" transform="translate(727.4544313301952 300.7729765536194) rotate(0 67.83414177602211 24.5)"><path d="M12.25 0 C46.9 -1.24, 85.99 1.29, 123.42 0 C134.41 1.01, 139.25 3.2, 135.67 12.25 C134.88 21, 135.89 27.33, 135.67 36.75 C136.77 44.49, 130.7 47.51, 123.42 49 C84.18 44.76, 48.31 47.88, 12.25 49 C3.12 50.96, -2.99 43.09, 0 36.75 C-3.67 31.78, -3.89 24.69, 0 12.25 C2.47 6.06, 6.49 -1.51, 12.25 0" stroke="none" stroke-width="0" fill="#ffc9c9"/><path d="M12.25 0 C44.14 0.12, 79.36 1.51, 123.42 0 M123.42 0 C130.87 1.61, 136.83 4.15, 135.67 12.25 M135.67 12.25 C134.3 17.07, 135.03 22.89, 135.67 36.75 M135.67 36.75 C135.86 43.46, 131.72 47.36, 123.42 49 M123.42 49 C86.43 47.79, 44.01 50.5, 12.25 49 M12.25 49 C4.16 50.52, -0.37 46.36, 0 36.75 M0 36.75 C-0.57 27.56, 0.46 21.49, 0 12.25 M0 12.25 C1.17 2.39, 5.03 0.32, 12.25 0" stroke="#1e1e1e" stroke-width="1" fill="none" stroke-dasharray="8 8.5"/></g><g transform="translate(734.154593308854 310.4776201241523) rotate(0 61.13397979736328 14.795356429467006)"><text x="61.13397979736328" y="0" font-family="Virgil, Segoe UI Emoji" font-size="11.836285143573637px" fill="#1e1e1e" text-anchor="middle" style="white-space: pre;" direction="ltr" dominant-baseline="text-before-edge">ContainerStatusResp</text><text x="61.13397979736328" y="14.795356429467045" font-family="Virgil, Segoe UI Emoji" font-size="11.836285143573637px" fill="#1e1e1e" text-anchor="middle" style="white-space: pre;" direction="ltr" dominant-baseline="text-before-edge">onse</text></g><g stroke-linecap="round"><g transform="translate(867.6498770813782 324.6731306541085) rotate(0 95.03000037266514 1.0137009031917614)"><path d="M0 0 C31.68 0.34, 158.38 1.69, 190.06 2.03 M0 0 C31.68 0.34, 158.38 1.69, 190.06 2.03" stroke="#1e1e1e" stroke-width="0.5" fill="none"/></g><g transform="translate(867.6498770813782 324.6731306541085) rotate(0 95.03000037266514 1.0137009031917614)"><path d="M166.48 10.33 C174.33 7.56, 182.18 4.8, 190.06 2.03 M166.48 10.33 C171.44 8.58, 176.4 6.84, 190.06 2.03" stroke="#1e1e1e" stroke-width="0.5" fill="none"/></g><g transform="translate(867.6498770813782 324.6731306541085) rotate(0 95.03000037266514 1.0137009031917614)"><path d="M166.66 -6.77 C174.45 -3.84, 182.24 -0.92, 190.06 2.03 M166.66 -6.77 C171.58 -4.92, 176.5 -3.07, 190.06 2.03" stroke="#1e1e1e" stroke-width="0.5" fill="none"/></g></g><mask/><g stroke-linecap="round"><g transform="translate(864.9870171207247 140.22977320777773) rotate(0 98.12764294201418 79.82581204149369)"><path d="M0 0 C32.71 26.61, 163.55 133.04, 196.26 159.65 M0 0 C32.71 26.61, 163.55 133.04, 196.26 159.65" stroke="#1e1e1e" stroke-width="0.5" fill="none"/></g><g transform="translate(864.9870171207247 140.22977320777773) rotate(0 98.12764294201418 79.82581204149369)"><path d="M172.64 151.46 C178.74 153.58, 184.84 155.69, 196.26 159.65 M172.64 151.46 C180.78 154.29, 188.93 157.11, 196.26 159.65" stroke="#1e1e1e" stroke-width="0.5" fill="none"/></g><g transform="translate(864.9870171207247 140.22977320777773) rotate(0 98.12764294201418 79.82581204149369)"><path d="M183.43 138.19 C186.74 143.74, 190.05 149.28, 196.26 159.65 M183.43 138.19 C187.85 145.6, 192.28 153, 196.26 159.65" stroke="#1e1e1e" stroke-width="0.5" fill="none"/></g></g><mask/></svg>
+\ No newline at end of file
+-- 
+2.34.1
+
diff --git a/0046-oom-monitor-in-manual-cases.patch b/0046-oom-monitor-in-manual-cases.patch
new file mode 100644
index 0000000..37d7d40
--- /dev/null
+++ b/0046-oom-monitor-in-manual-cases.patch
@@ -0,0 +1,120 @@
+From aa77c85ea6879698663d4ef9e01bb63a0db1e57d Mon Sep 17 00:00:00 2001
+From: jikai <jikai11@huawei.com>
+Date: Wed, 3 Apr 2024 09:34:39 +0000
+Subject: [PATCH 46/69] oom monitor in manual cases
+
+Signed-off-by: jikai <jikai11@huawei.com>
+---
+ CI/test_cases/container_cases/inspect.sh  | 15 ------
+ CI/test_cases/manual_cases/oom_monitor.sh | 59 +++++++++++++++++++++++
+ 2 files changed, 59 insertions(+), 15 deletions(-)
+ create mode 100755 CI/test_cases/manual_cases/oom_monitor.sh
+
+diff --git a/CI/test_cases/container_cases/inspect.sh b/CI/test_cases/container_cases/inspect.sh
+index 5d976281..cde9ea1f 100755
+--- a/CI/test_cases/container_cases/inspect.sh
++++ b/CI/test_cases/container_cases/inspect.sh
+@@ -27,7 +27,6 @@ function test_inspect_spec()
+ {
+     local ret=0
+     local image="busybox"
+-    local ubuntu_image="ubuntu"
+     local test="container inspect test => (${FUNCNAME[@]})"
+ 
+     msg_info "${test} starting..."
+@@ -38,12 +37,6 @@ function test_inspect_spec()
+     isula images | grep busybox
+     [[ $? -ne 0 ]] && msg_err "${FUNCNAME[0]}:${LINENO} - missing list image: ${image}" && ((ret++))
+ 
+-    isula pull ${ubuntu_image}
+-    [[ $? -ne 0 ]] && msg_err "${FUNCNAME[0]}:${LINENO} - failed to pull image: ${ubuntu_image}" && return ${FAILURE}
+-
+-    isula images | grep ubuntu
+-    [[ $? -ne 0 ]] && msg_err "${FUNCNAME[0]}:${LINENO} - missing list image: ${ubuntu_image}" && ((ret++))
+-
+     containername=test_inspect
+ 
+     isula create --name $containername --ipc host --pid host --uts host --restart=on-failure:10 --hook-spec ${test_data_path}/test-hookspec.json --cpu-shares 100 --memory 5MB --memory-reservation 4MB --cpu-period 1000000 --cpu-quota 200000  --cpuset-cpus 1 --cpuset-mems 0 --kernel-memory 50M --pids-limit=10000 --volume /home:/root --env a=1 $image /bin/sh ls
+@@ -146,14 +139,6 @@ function test_inspect_spec()
+ 
+     isula rm -f $containername
+ 
+-    # use more than 10m memory limit, otherwise it might fail to run
+-    isula run -it -m 10m --runtime runc --name $containername $ubuntu_image perl -e 'for ($i = 0; $i < 100000000; $i++) { $a .= " " x 1024 }'
+-
+-    isula inspect -f "{{json .State.OOMKilled}} {{.Name}}" $containername 2>&1 | sed -n '1p' | grep "true"
+-    [[ $? -ne 0 ]] && msg_err "${FUNCNAME[0]}:${LINENO} - failed to check container with image: ${ubuntu_image}" && ((ret++))
+-
+-    isula rm -f $containername
+-
+     msg_info "${test} finished with return ${ret}..."
+     return ${ret}
+ }
+diff --git a/CI/test_cases/manual_cases/oom_monitor.sh b/CI/test_cases/manual_cases/oom_monitor.sh
+new file mode 100755
+index 00000000..a1c2503d
+--- /dev/null
++++ b/CI/test_cases/manual_cases/oom_monitor.sh
+@@ -0,0 +1,59 @@
++#!/bin/bash
++#
++# attributes: isulad oom monitor
++# concurrent: NA
++# spend time: 6
++
++#######################################################################
++##- Copyright (c) Huawei Technologies Co., Ltd. 2020. All rights reserved.
++# - iSulad licensed under the Mulan PSL v2.
++# - You can use this software according to the terms and conditions of the Mulan PSL v2.
++# - You may obtain a copy of Mulan PSL v2 at:
++# -     http://license.coscl.org.cn/MulanPSL2
++# - THIS SOFTWARE IS PROVIDED ON AN "AS IS" BASIS, WITHOUT WARRANTIES OF ANY KIND, EITHER EXPRESS OR
++# - IMPLIED, INCLUDING BUT NOT LIMITED TO NON-INFRINGEMENT, MERCHANTABILITY OR FIT FOR A PARTICULAR
++# - PURPOSE.
++# - See the Mulan PSL v2 for more details.
++##- @Description:CI
++##- @Author: jikai
++##- @Create: 2024-04-03
++#######################################################################
++
++declare -r curr_path=$(dirname $(readlink -f "$0"))
++source ../helpers.sh
++test_data_path=$(realpath $curr_path/test_data)
++
++function test_oom_monitor()
++{
++    local ret=0
++    local ubuntu_image="ubuntu"
++    local test="container oom monitor test => (${FUNCNAME[@]})"
++    containername="oommonitor"
++
++    msg_info "${test} starting..."
++
++    isula pull ${ubuntu_image}
++    [[ $? -ne 0 ]] && msg_err "${FUNCNAME[0]}:${LINENO} - failed to pull image: ${ubuntu_image}" && return ${FAILURE}
++
++    isula images | grep ubuntu
++    [[ $? -ne 0 ]] && msg_err "${FUNCNAME[0]}:${LINENO} - missing list image: ${ubuntu_image}" && ((ret++))
++
++    # use more than 10m memory limit, otherwise it might fail to run
++    # iSulad monitor cgroup file for oom event, however oom triggers cgroup files delete
++    # if cgroup files were deleted before oom event was handled for iSulad we might failed to detect oom event
++    isula run -it -m 10m --runtime runc --name $containername $ubuntu_image perl -e 'for ($i = 0; $i < 100000000; $i++) { $a .= " " x 1024 }'
++
++    isula inspect -f "{{json .State.OOMKilled}} {{.Name}}" $containername 2>&1 | sed -n '1p' | grep "true"
++    [[ $? -ne 0 ]] && msg_err "${FUNCNAME[0]}:${LINENO} - failed to check container with image: ${ubuntu_image}" && ((ret++))
++
++    isula rm -f $containername
++
++    msg_info "${test} finished with return ${ret}..."
++    return ${ret}
++}
++
++declare -i ans=0
++
++test_oom_monitor || ((ans++))
++
++show_result ${ans} "${curr_path}/${0}"
+-- 
+2.34.1
+
diff --git a/0047-add-usage-restrictions-for-CRI-1.29-update.patch b/0047-add-usage-restrictions-for-CRI-1.29-update.patch
new file mode 100644
index 0000000..e6990b7
--- /dev/null
+++ b/0047-add-usage-restrictions-for-CRI-1.29-update.patch
@@ -0,0 +1,27 @@
+From 9f066a405a95299c182ef7356b6518a9457af298 Mon Sep 17 00:00:00 2001
+From: jikai <jikai11@huawei.com>
+Date: Mon, 8 Apr 2024 02:52:11 +0000
+Subject: [PATCH 47/69] add usage restrictions for CRI 1.29 update
+
+Signed-off-by: jikai <jikai11@huawei.com>
+---
+ docs/design/detailed/CRI/CRI_1.29_update_design.md | 6 +++++-
+ 1 file changed, 5 insertions(+), 1 deletion(-)
+
+diff --git a/docs/design/detailed/CRI/CRI_1.29_update_design.md b/docs/design/detailed/CRI/CRI_1.29_update_design.md
+index 0a0c860b..0c66db48 100644
+--- a/docs/design/detailed/CRI/CRI_1.29_update_design.md
++++ b/docs/design/detailed/CRI/CRI_1.29_update_design.md
+@@ -234,4 +234,8 @@ enum ContainerEventType {
+ 
+ ### 使用限制
+ 
+-以上特性仅保证容器运行时设置为runc时支持。
++1. 以上新增特性，iSulad仅提供容器运行时设置为runc时的支持。
++2. 由于cgroup oom会同时触发容器cgroup路径删除，若iSulad对oom事件处理发生在
++cgroup路径删除之后，iSulad则无法成功捕捉容器oom事件，
++可能导致ContainerStatus中reason字段设置不正确。
++3. iSulad不支持交叉使用不同的cgroup驱动管理容器，启动容器后iSulad的cgroup驱动配置不应该发生变化。
+-- 
+2.34.1
+
diff --git a/0048-CDI-interface-definition.patch b/0048-CDI-interface-definition.patch
new file mode 100644
index 0000000..e84db63
--- /dev/null
+++ b/0048-CDI-interface-definition.patch
@@ -0,0 +1,1192 @@
+From 040e39827049cd557987f505d1bd6c6e4f18b4b3 Mon Sep 17 00:00:00 2001
+From: liuxu <liuxu156@huawei.com>
+Date: Mon, 11 Mar 2024 17:48:11 +0800
+Subject: [PATCH 48/69] CDI:interface definition
+
+---
+ cmake/options.cmake                           | 11 +++
+ src/daemon/modules/CMakeLists.txt             | 11 +++
+ src/daemon/modules/api/cdi_operate_api.h      | 39 ++++++++++
+ src/daemon/modules/device/CMakeLists.txt      | 23 ++++++
+ src/daemon/modules/device/cdi/CMakeLists.txt  | 13 ++++
+ .../device/cdi/behavior/CMakeLists.txt        | 13 ++++
+ .../device/cdi/behavior/cdi_container_edits.c | 49 ++++++++++++
+ .../device/cdi/behavior/cdi_container_edits.h | 39 ++++++++++
+ .../modules/device/cdi/behavior/cdi_device.c  | 40 ++++++++++
+ .../modules/device/cdi/behavior/cdi_device.h  | 46 ++++++++++++
+ .../modules/device/cdi/behavior/cdi_spec.c    | 60 +++++++++++++++
+ .../modules/device/cdi/behavior/cdi_spec.h    | 56 ++++++++++++++
+ .../device/cdi/behavior/cdi_spec_dirs.c       | 29 +++++++
+ .../device/cdi/behavior/cdi_spec_dirs.h       | 47 ++++++++++++
+ .../modules/device/cdi/behavior/cdi_version.c | 40 ++++++++++
+ .../modules/device/cdi/behavior/cdi_version.h | 34 +++++++++
+ .../device/cdi/behavior/parser/CMakeLists.txt |  3 +
+ .../device/cdi/behavior/parser/cdi_parser.c   | 55 ++++++++++++++
+ .../device/cdi/behavior/parser/cdi_parser.h   | 38 ++++++++++
+ .../modules/device/cdi/cdi_annotations.c      | 31 ++++++++
+ .../modules/device/cdi/cdi_annotations.h      | 32 ++++++++
+ src/daemon/modules/device/cdi/cdi_cache.c     | 69 +++++++++++++++++
+ src/daemon/modules/device/cdi/cdi_cache.h     | 75 +++++++++++++++++++
+ src/daemon/modules/device/cdi/cdi_registry.c  | 25 +++++++
+ src/daemon/modules/device/cdi/cdi_registry.h  | 36 +++++++++
+ src/daemon/modules/device/cdi_operate.c       | 35 +++++++++
+ 26 files changed, 949 insertions(+)
+ create mode 100644 src/daemon/modules/api/cdi_operate_api.h
+ create mode 100644 src/daemon/modules/device/CMakeLists.txt
+ create mode 100644 src/daemon/modules/device/cdi/CMakeLists.txt
+ create mode 100644 src/daemon/modules/device/cdi/behavior/CMakeLists.txt
+ create mode 100644 src/daemon/modules/device/cdi/behavior/cdi_container_edits.c
+ create mode 100644 src/daemon/modules/device/cdi/behavior/cdi_container_edits.h
+ create mode 100644 src/daemon/modules/device/cdi/behavior/cdi_device.c
+ create mode 100644 src/daemon/modules/device/cdi/behavior/cdi_device.h
+ create mode 100644 src/daemon/modules/device/cdi/behavior/cdi_spec.c
+ create mode 100644 src/daemon/modules/device/cdi/behavior/cdi_spec.h
+ create mode 100644 src/daemon/modules/device/cdi/behavior/cdi_spec_dirs.c
+ create mode 100644 src/daemon/modules/device/cdi/behavior/cdi_spec_dirs.h
+ create mode 100644 src/daemon/modules/device/cdi/behavior/cdi_version.c
+ create mode 100644 src/daemon/modules/device/cdi/behavior/cdi_version.h
+ create mode 100644 src/daemon/modules/device/cdi/behavior/parser/CMakeLists.txt
+ create mode 100644 src/daemon/modules/device/cdi/behavior/parser/cdi_parser.c
+ create mode 100644 src/daemon/modules/device/cdi/behavior/parser/cdi_parser.h
+ create mode 100644 src/daemon/modules/device/cdi/cdi_annotations.c
+ create mode 100644 src/daemon/modules/device/cdi/cdi_annotations.h
+ create mode 100644 src/daemon/modules/device/cdi/cdi_cache.c
+ create mode 100644 src/daemon/modules/device/cdi/cdi_cache.h
+ create mode 100644 src/daemon/modules/device/cdi/cdi_registry.c
+ create mode 100644 src/daemon/modules/device/cdi/cdi_registry.h
+ create mode 100644 src/daemon/modules/device/cdi_operate.c
+
+diff --git a/cmake/options.cmake b/cmake/options.cmake
+index b7a7c65d..c1eac472 100644
+--- a/cmake/options.cmake
++++ b/cmake/options.cmake
+@@ -40,6 +40,17 @@ if (ENABLE_CRI_API_V1 STREQUAL "ON")
+     message("${Green}--  Enable CRI API V1${ColourReset}")
+ endif()
+ 
++option(ENABLE_CDI "Enable CDI" OFF)
++if (ENABLE_CDI STREQUAL "ON")
++    if (ENABLE_CRI_API_V1)
++        add_definitions(-DENABLE_CDI)
++        set(ENABLE_CDI 1)
++        message("${Green}--  Enable CDI${ColourReset}")
++    else()
++        message("${Yellow}-- Can not enable CDI, CDI need enable CRI API V1 first ${ColourReset}")
++    endif()
++endif()
++
+ option(ENABLE_SANDBOXER "Enable sandbox API" ON)
+ if (ENABLE_SANDBOXER STREQUAL "ON")
+     add_definitions(-DENABLE_SANDBOXER)
+diff --git a/src/daemon/modules/CMakeLists.txt b/src/daemon/modules/CMakeLists.txt
+index a70c094f..ff2ea226 100644
+--- a/src/daemon/modules/CMakeLists.txt
++++ b/src/daemon/modules/CMakeLists.txt
+@@ -49,6 +49,16 @@ if (ENABLE_PLUGIN)
+         )
+ endif()
+ 
++if (ENABLE_CDI)
++    add_subdirectory(device)
++    list(APPEND local_modules_srcs
++        ${DEVICE_SRCS}
++        )
++    list(APPEND local_modules_incs
++        ${DEVICE_INCS}
++        )
++endif()
++
+ set(MODULES_SRCS
+     ${local_modules_srcs}
+     PARENT_SCOPE
+@@ -70,3 +80,4 @@ if(ENABLE_NETWORK)
+         )
+ endif()
+ 
++
+diff --git a/src/daemon/modules/api/cdi_operate_api.h b/src/daemon/modules/api/cdi_operate_api.h
+new file mode 100644
+index 00000000..4f4c339e
+--- /dev/null
++++ b/src/daemon/modules/api/cdi_operate_api.h
+@@ -0,0 +1,39 @@
++/******************************************************************************
++ * Copyright (c) Huawei Technologies Co., Ltd. 2024. All rights reserved.
++ * iSulad licensed under the Mulan PSL v2.
++ * You can use this software according to the terms and conditions of the Mulan PSL v2.
++ * You may obtain a copy of Mulan PSL v2 at:
++ *     http://license.coscl.org.cn/MulanPSL2
++ * THIS SOFTWARE IS PROVIDED ON AN "AS IS" BASIS, WITHOUT WARRANTIES OF ANY KIND, EITHER EXPRESS OR
++ * IMPLIED, INCLUDING BUT NOT LIMITED TO NON-INFRINGEMENT, MERCHANTABILITY OR FIT FOR A PARTICULAR
++ * PURPOSE.
++ * See the Mulan PSL v2 for more details.
++ * Author: liuxu
++ * Create: 2024-03-06
++ * Description: provide cdi device manager function definition
++ ******************************************************************************/
++#ifndef CDI_OPERATE_API_H
++#define CDI_OPERATE_API_H
++
++#include <isula_libutils/oci_runtime_spec.h>
++#include <isula_libutils/json_common.h>
++
++#include "utils_array.h"
++
++#ifdef __cplusplus
++extern "C" {
++#endif
++
++int cdi_operate_registry_init(char **specs_dirs, size_t specs_dirs_len);
++
++char *cdi_operate_refresh(void);
++
++string_array *cdi_operate_inject_devices(oci_runtime_spec *spec, string_array *devices, char **error);
++
++char *cdi_operate_parse_annotations(json_map_string_string *annotations, string_array **keys, string_array **devices);
++
++#ifdef __cplusplus
++}
++#endif
++
++#endif
+diff --git a/src/daemon/modules/device/CMakeLists.txt b/src/daemon/modules/device/CMakeLists.txt
+new file mode 100644
+index 00000000..e3468c0b
+--- /dev/null
++++ b/src/daemon/modules/device/CMakeLists.txt
+@@ -0,0 +1,23 @@
++# get current directory sources files
++aux_source_directory(${CMAKE_CURRENT_SOURCE_DIR} device_top_srcs)
++
++add_subdirectory(cdi)
++
++set(local_device_srcs
++    ${device_top_srcs}
++    ${CDI_SRCS}
++    )
++
++set(local_device_incs
++    ${CMAKE_CURRENT_SOURCE_DIR}
++    ${CDI_INCS}
++    )
++
++set(DEVICE_SRCS
++    ${local_device_srcs}
++    PARENT_SCOPE
++    )
++set(DEVICE_INCS
++    ${local_device_incs}
++    PARENT_SCOPE
++    )
+\ No newline at end of file
+diff --git a/src/daemon/modules/device/cdi/CMakeLists.txt b/src/daemon/modules/device/cdi/CMakeLists.txt
+new file mode 100644
+index 00000000..12d9b222
+--- /dev/null
++++ b/src/daemon/modules/device/cdi/CMakeLists.txt
+@@ -0,0 +1,13 @@
++aux_source_directory(${CMAKE_CURRENT_SOURCE_DIR} cdi_top_srcs)
++add_subdirectory(behavior)
++
++set(CDI_SRCS
++    ${cdi_top_srcs}
++    ${BEHAVIOR_SRCS}
++    PARENT_SCOPE
++    )
++set(CDI_INCS
++    ${CMAKE_CURRENT_SOURCE_DIR}
++    ${BEHAVIOR_INCS}
++    PARENT_SCOPE
++    )
+diff --git a/src/daemon/modules/device/cdi/behavior/CMakeLists.txt b/src/daemon/modules/device/cdi/behavior/CMakeLists.txt
+new file mode 100644
+index 00000000..39881a7b
+--- /dev/null
++++ b/src/daemon/modules/device/cdi/behavior/CMakeLists.txt
+@@ -0,0 +1,13 @@
++aux_source_directory(${CMAKE_CURRENT_SOURCE_DIR} behavior_top_srcs)
++add_subdirectory(parser)
++
++set(BEHAVIOR_SRCS
++    ${behavior_top_srcs}
++    ${PARSER_SRCS}
++    PARENT_SCOPE
++    )
++set(BEHAVIOR_INCS
++    ${CMAKE_CURRENT_SOURCE_DIR}
++    ${CMAKE_CURRENT_SOURCE_DIR}/parser/
++    PARENT_SCOPE
++    )
+diff --git a/src/daemon/modules/device/cdi/behavior/cdi_container_edits.c b/src/daemon/modules/device/cdi/behavior/cdi_container_edits.c
+new file mode 100644
+index 00000000..ce7b16db
+--- /dev/null
++++ b/src/daemon/modules/device/cdi/behavior/cdi_container_edits.c
+@@ -0,0 +1,49 @@
++/******************************************************************************
++ * Copyright (c) Huawei Technologies Co., Ltd. 2024. All rights reserved.
++ * iSulad licensed under the Mulan PSL v2.
++ * You can use this software according to the terms and conditions of the Mulan PSL v2.
++ * You may obtain a copy of Mulan PSL v2 at:
++ *     http://license.coscl.org.cn/MulanPSL2
++ * THIS SOFTWARE IS PROVIDED ON AN "AS IS" BASIS, WITHOUT WARRANTIES OF ANY KIND, EITHER EXPRESS OR
++ * IMPLIED, INCLUDING BUT NOT LIMITED TO NON-INFRINGEMENT, MERCHANTABILITY OR FIT FOR A PARTICULAR
++ * PURPOSE.
++ * See the Mulan PSL v2 for more details.
++ * Author: liuxu
++ * Create: 2024-03-06
++ * Description: provide cdi container edits function
++ ******************************************************************************/
++#include "cdi_container_edits.h"
++
++// PRESTART_HOOK is the name of the OCI "prestart" hook.
++#define PRESTART_HOOK "prestart"
++// CREATE_RUNTIME_HOOK is the name of the OCI "createRuntime" hook.
++#define CREATE_RUNTIME_HOOK "createRuntime"
++// CREATE_CONTAINER_HOOK is the name of the OCI "createContainer" hook.
++#define CREATE_CONTAINER_HOOK "createContainer"
++// START_CONTAINER_HOOK is the name of the OCI "startContainer" hook.
++#define START_CONTAINER_HOOK "startContainer"
++// POSTSTART_HOOK is the name of the OCI "poststart" hook.
++#define POSTSTART_HOOK "poststart"
++// POSTSTOP_HOOK is the name of the OCI "poststop" hook.
++#define POSTSTOP_HOOK "poststop"
++
++char *cdi_container_edits_apply(cdi_container_edits *e, oci_runtime_spec *spec)
++{
++    return NULL;
++}
++
++char *cdi_container_edits_validate(cdi_container_edits *e)
++{
++    return NULL;
++}
++
++cdi_container_edits *cdi_container_edits_append(cdi_container_edits *e, cdi_container_edits *o)
++{
++    return NULL;
++}
++
++bool cdi_container_edits_is_empty(cdi_container_edits *e)
++{
++    return true;
++}
++
+diff --git a/src/daemon/modules/device/cdi/behavior/cdi_container_edits.h b/src/daemon/modules/device/cdi/behavior/cdi_container_edits.h
+new file mode 100644
+index 00000000..7b16d2bc
+--- /dev/null
++++ b/src/daemon/modules/device/cdi/behavior/cdi_container_edits.h
+@@ -0,0 +1,39 @@
++/******************************************************************************
++ * Copyright (c) Huawei Technologies Co., Ltd. 2024. All rights reserved.
++ * iSulad licensed under the Mulan PSL v2.
++ * You can use this software according to the terms and conditions of the Mulan PSL v2.
++ * You may obtain a copy of Mulan PSL v2 at:
++ *     http://license.coscl.org.cn/MulanPSL2
++ * THIS SOFTWARE IS PROVIDED ON AN "AS IS" BASIS, WITHOUT WARRANTIES OF ANY KIND, EITHER EXPRESS OR
++ * IMPLIED, INCLUDING BUT NOT LIMITED TO NON-INFRINGEMENT, MERCHANTABILITY OR FIT FOR A PARTICULAR
++ * PURPOSE.
++ * See the Mulan PSL v2 for more details.
++ * Author: liuxu
++ * Create: 2024-03-06
++ * Description: provide cdi container edits function definition
++ ******************************************************************************/
++#ifndef CDI_CONTAINER_EDITS_H
++#define CDI_CONTAINER_EDITS_H
++
++#include <isula_libutils/cdi_container_edits.h>
++#include <isula_libutils/cdi_device_node.h>
++#include <isula_libutils/oci_runtime_spec.h>
++#include <isula_libutils/cdi_hook.h>
++#include <isula_libutils/cdi_mount.h>
++
++#include "utils_array.h"
++
++#ifdef __cplusplus
++extern "C" {
++#endif
++
++char *cdi_container_edits_apply(cdi_container_edits *e, oci_runtime_spec *spec);
++char *cdi_container_edits_validate(cdi_container_edits *e);
++cdi_container_edits *cdi_container_edits_append(cdi_container_edits *e, cdi_container_edits *o);
++bool cdi_container_edits_is_empty(cdi_container_edits *e);
++
++#ifdef __cplusplus
++}
++#endif
++
++#endif
+\ No newline at end of file
+diff --git a/src/daemon/modules/device/cdi/behavior/cdi_device.c b/src/daemon/modules/device/cdi/behavior/cdi_device.c
+new file mode 100644
+index 00000000..9904e9ee
+--- /dev/null
++++ b/src/daemon/modules/device/cdi/behavior/cdi_device.c
+@@ -0,0 +1,40 @@
++/******************************************************************************
++ * Copyright (c) Huawei Technologies Co., Ltd. 2024. All rights reserved.
++ * iSulad licensed under the Mulan PSL v2.
++ * You can use this software according to the terms and conditions of the Mulan PSL v2.
++ * You may obtain a copy of Mulan PSL v2 at:
++ *     http://license.coscl.org.cn/MulanPSL2
++ * THIS SOFTWARE IS PROVIDED ON AN "AS IS" BASIS, WITHOUT WARRANTIES OF ANY KIND, EITHER EXPRESS OR
++ * IMPLIED, INCLUDING BUT NOT LIMITED TO NON-INFRINGEMENT, MERCHANTABILITY OR FIT FOR A PARTICULAR
++ * PURPOSE.
++ * See the Mulan PSL v2 for more details.
++ * Author: liuxu
++ * Create: 2024-03-06
++ * Description: provide cdi device function
++ ******************************************************************************/
++#include "cdi_device.h"
++
++void free_cdi_cache_device(struct cdi_cache_device *d)
++{
++    (void)d;
++}
++
++struct cdi_cache_device *cdi_device_new_device(struct cdi_cache_spec *spec, cdi_device *d, char **error)
++{
++    return NULL;
++}
++
++struct cdi_cache_spec *cdi_device_get_spec(struct cdi_cache_device *d)
++{
++    return NULL;
++}
++
++char *cdi_device_get_qualified_name(struct cdi_cache_device *d)
++{
++    return NULL;
++}
++
++cdi_container_edits *cdi_device_edits(struct cdi_cache_device *d)
++{
++    return NULL;
++}
+diff --git a/src/daemon/modules/device/cdi/behavior/cdi_device.h b/src/daemon/modules/device/cdi/behavior/cdi_device.h
+new file mode 100644
+index 00000000..3f460152
+--- /dev/null
++++ b/src/daemon/modules/device/cdi/behavior/cdi_device.h
+@@ -0,0 +1,46 @@
++/******************************************************************************
++ * Copyright (c) Huawei Technologies Co., Ltd. 2024. All rights reserved.
++ * iSulad licensed under the Mulan PSL v2.
++ * You can use this software according to the terms and conditions of the Mulan PSL v2.
++ * You may obtain a copy of Mulan PSL v2 at:
++ *     http://license.coscl.org.cn/MulanPSL2
++ * THIS SOFTWARE IS PROVIDED ON AN "AS IS" BASIS, WITHOUT WARRANTIES OF ANY KIND, EITHER EXPRESS OR
++ * IMPLIED, INCLUDING BUT NOT LIMITED TO NON-INFRINGEMENT, MERCHANTABILITY OR FIT FOR A PARTICULAR
++ * PURPOSE.
++ * See the Mulan PSL v2 for more details.
++ * Author: liuxu
++ * Create: 2024-03-06
++ * Description: provide cdi device function definition
++ ******************************************************************************/
++#ifndef CDI_DEVICE_H
++#define CDI_DEVICE_H
++
++#include <stdbool.h>
++#include <isula_libutils/cdi_device.h>
++#include <isula_libutils/oci_runtime_spec.h>
++
++#include "cdi_container_edits.h"
++
++#ifdef __cplusplus
++extern "C" {
++#endif
++
++struct cdi_cache_spec;
++
++struct cdi_cache_device {
++    cdi_device *raw_device;
++    struct cdi_cache_spec *cache_spec;
++};
++
++void free_cdi_cache_device(struct cdi_cache_device *d);
++
++struct cdi_cache_device *cdi_device_new_device(struct cdi_cache_spec *spec, cdi_device *d, char **error);
++struct cdi_cache_spec *cdi_device_get_spec(struct cdi_cache_device *d);
++char *cdi_device_get_qualified_name(struct cdi_cache_device *d);
++cdi_container_edits *cdi_device_edits(struct cdi_cache_device *d);
++
++#ifdef __cplusplus
++}
++#endif
++
++#endif
+\ No newline at end of file
+diff --git a/src/daemon/modules/device/cdi/behavior/cdi_spec.c b/src/daemon/modules/device/cdi/behavior/cdi_spec.c
+new file mode 100644
+index 00000000..38fc9e38
+--- /dev/null
++++ b/src/daemon/modules/device/cdi/behavior/cdi_spec.c
+@@ -0,0 +1,60 @@
++/******************************************************************************
++ * Copyright (c) Huawei Technologies Co., Ltd. 2024. All rights reserved.
++ * iSulad licensed under the Mulan PSL v2.
++ * You can use this software according to the terms and conditions of the Mulan PSL v2.
++ * You may obtain a copy of Mulan PSL v2 at:
++ *     http://license.coscl.org.cn/MulanPSL2
++ * THIS SOFTWARE IS PROVIDED ON AN "AS IS" BASIS, WITHOUT WARRANTIES OF ANY KIND, EITHER EXPRESS OR
++ * IMPLIED, INCLUDING BUT NOT LIMITED TO NON-INFRINGEMENT, MERCHANTABILITY OR FIT FOR A PARTICULAR
++ * PURPOSE.
++ * See the Mulan PSL v2 for more details.
++ * Author: liuxu
++ * Create: 2024-03-06
++ * Description: provide cdi spec function
++ ******************************************************************************/
++#include "cdi_spec.h"
++
++void free_cdi_cache_spec(struct cdi_cache_spec *s)
++{
++    (void)s;
++}
++
++struct cdi_cache_spec *cdi_spec_read_spec(const char *path, int priority, char **error)
++{
++    return NULL;
++}
++
++struct cdi_cache_spec *cdi_spec_new_spec(cdi_spec *raw, const char *path, int priority, char **error)
++{
++    return NULL;
++}
++
++const char *cdi_spec_get_vendor(struct cdi_cache_spec *s)
++{
++    return NULL;
++}
++
++const char *cdi_spec_get_class(struct cdi_cache_spec *s)
++{
++    return NULL;
++}
++
++struct cdi_cache_device *cdi_spec_get_cache_device(struct cdi_cache_spec *s, const char *name)
++{
++    return NULL;
++}
++
++const char *cdi_spec_get_path(struct cdi_cache_spec *s)
++{
++    return NULL;
++}
++
++int cdi_spec_get_priority(struct cdi_cache_spec *s)
++{
++    return 0;
++}
++
++cdi_container_edits *cdi_spec_edits(struct cdi_cache_spec *s)
++{
++    return NULL;
++}
+diff --git a/src/daemon/modules/device/cdi/behavior/cdi_spec.h b/src/daemon/modules/device/cdi/behavior/cdi_spec.h
+new file mode 100644
+index 00000000..bd4fc9d1
+--- /dev/null
++++ b/src/daemon/modules/device/cdi/behavior/cdi_spec.h
+@@ -0,0 +1,56 @@
++/******************************************************************************
++ * Copyright (c) Huawei Technologies Co., Ltd. 2024. All rights reserved.
++ * iSulad licensed under the Mulan PSL v2.
++ * You can use this software according to the terms and conditions of the Mulan PSL v2.
++ * You may obtain a copy of Mulan PSL v2 at:
++ *     http://license.coscl.org.cn/MulanPSL2
++ * THIS SOFTWARE IS PROVIDED ON AN "AS IS" BASIS, WITHOUT WARRANTIES OF ANY KIND, EITHER EXPRESS OR
++ * IMPLIED, INCLUDING BUT NOT LIMITED TO NON-INFRINGEMENT, MERCHANTABILITY OR FIT FOR A PARTICULAR
++ * PURPOSE.
++ * See the Mulan PSL v2 for more details.
++ * Author: liuxu
++ * Create: 2024-03-06
++ * Description: provide cdi spec function definition
++ ******************************************************************************/
++#ifndef CDI_SPEC_H
++#define CDI_SPEC_H
++
++#include <isula_libutils/cdi_spec.h>
++#include <isula_libutils/oci_runtime_spec.h>
++
++#include "map.h"
++#include "cdi_container_edits.h"
++
++#ifdef __cplusplus
++extern "C" {
++#endif
++
++struct cdi_cache_device;
++
++struct cdi_cache_spec {
++    cdi_spec *raw_spec;
++    char *vendor;
++    char *class;
++    char *path;
++    int priority;
++    map_t *devices;  // MAP_STR_PTR  devices[cdi_device.name] = cdi_cache_device*
++};
++
++#define CDI_DEFAULT_SPEC_EXT ".json"
++ 
++void free_cdi_cache_spec(struct cdi_cache_spec *s);
++
++struct cdi_cache_spec *cdi_spec_read_spec(const char *path, int priority, char **error);
++struct cdi_cache_spec *cdi_spec_new_spec(cdi_spec *raw, const char *path, int priority, char **error);
++const char *cdi_spec_get_vendor(struct cdi_cache_spec *s);
++const char *cdi_spec_get_class(struct cdi_cache_spec *s);
++struct cdi_cache_device *cdi_spec_get_cache_device(struct cdi_cache_spec *s, const char *name);
++const char *cdi_spec_get_path(struct cdi_cache_spec *s);
++int cdi_spec_get_priority(struct cdi_cache_spec *s);
++cdi_container_edits *cdi_spec_edits(struct cdi_cache_spec *s);
++
++#ifdef __cplusplus
++}
++#endif
++
++#endif
+\ No newline at end of file
+diff --git a/src/daemon/modules/device/cdi/behavior/cdi_spec_dirs.c b/src/daemon/modules/device/cdi/behavior/cdi_spec_dirs.c
+new file mode 100644
+index 00000000..5df4c937
+--- /dev/null
++++ b/src/daemon/modules/device/cdi/behavior/cdi_spec_dirs.c
+@@ -0,0 +1,29 @@
++/******************************************************************************
++ * Copyright (c) Huawei Technologies Co., Ltd. 2024. All rights reserved.
++ * iSulad licensed under the Mulan PSL v2.
++ * You can use this software according to the terms and conditions of the Mulan PSL v2.
++ * You may obtain a copy of Mulan PSL v2 at:
++ *     http://license.coscl.org.cn/MulanPSL2
++ * THIS SOFTWARE IS PROVIDED ON AN "AS IS" BASIS, WITHOUT WARRANTIES OF ANY KIND, EITHER EXPRESS OR
++ * IMPLIED, INCLUDING BUT NOT LIMITED TO NON-INFRINGEMENT, MERCHANTABILITY OR FIT FOR A PARTICULAR
++ * PURPOSE.
++ * See the Mulan PSL v2 for more details.
++ * Author: liuxu
++ * Create: 2024-03-06
++ * Description: provide cdi spec dirs function
++ ******************************************************************************/
++#include "cdi_spec_dirs.h"
++
++#define DEFAULT_SPEC_DIRS_LEN   2
++static char *default_spec_dirs_items[DEFAULT_SPEC_DIRS_LEN] = {CDI_DEFAULT_STATIC_DIR, CDI_DEFAULT_DYNAMIC_DIR};
++ 
++string_array g_default_spec_dirs = {
++    .items = default_spec_dirs_items,
++    .len = DEFAULT_SPEC_DIRS_LEN,
++    .cap = DEFAULT_SPEC_DIRS_LEN,
++};
++ 
++char *cdi_scan_spec_dirs(string_array *dirs, struct cdi_scan_fn_maps *scan_fn_maps, cdi_scan_spec_func scan_fn)
++{
++    return NULL;
++}
+diff --git a/src/daemon/modules/device/cdi/behavior/cdi_spec_dirs.h b/src/daemon/modules/device/cdi/behavior/cdi_spec_dirs.h
+new file mode 100644
+index 00000000..bd00e318
+--- /dev/null
++++ b/src/daemon/modules/device/cdi/behavior/cdi_spec_dirs.h
+@@ -0,0 +1,47 @@
++/******************************************************************************
++ * Copyright (c) Huawei Technologies Co., Ltd. 2024. All rights reserved.
++ * iSulad licensed under the Mulan PSL v2.
++ * You can use this software according to the terms and conditions of the Mulan PSL v2.
++ * You may obtain a copy of Mulan PSL v2 at:
++ *     http://license.coscl.org.cn/MulanPSL2
++ * THIS SOFTWARE IS PROVIDED ON AN "AS IS" BASIS, WITHOUT WARRANTIES OF ANY KIND, EITHER EXPRESS OR
++ * IMPLIED, INCLUDING BUT NOT LIMITED TO NON-INFRINGEMENT, MERCHANTABILITY OR FIT FOR A PARTICULAR
++ * PURPOSE.
++ * See the Mulan PSL v2 for more details.
++ * Author: liuxu
++ * Create: 2024-03-06
++ * Description: provide cdi spec dirs function definition
++ ******************************************************************************/
++#ifndef CDI_SPEC_DIRS_H
++#define CDI_SPEC_DIRS_H
++
++#include "cdi_cache.h"
++#include "utils_array.h"
++#include "map.h"
++
++#ifdef __cplusplus
++extern "C" {
++#endif
++
++#define CDI_DEFAULT_STATIC_DIR "/etc/cdi"
++#define CDI_DEFAULT_DYNAMIC_DIR "/var/run/cdi"
++
++extern string_array g_default_spec_dirs;
++ 
++struct cdi_scan_fn_maps {
++    map_t *specs;
++    map_t *devices;
++    map_t *conflicts;
++    map_t *spec_errors;
++    string_array *result;
++};
++typedef char *(*cdi_scan_spec_func)(struct cdi_scan_fn_maps *scan_fn_maps, const char *path, int priority,
++                                    struct cdi_cache_spec *spec, char **error);
++
++char *cdi_scan_spec_dirs(string_array *dirs, struct cdi_scan_fn_maps *scan_fn_maps, cdi_scan_spec_func scan_fn);
++
++#ifdef __cplusplus
++}
++#endif
++
++#endif
+\ No newline at end of file
+diff --git a/src/daemon/modules/device/cdi/behavior/cdi_version.c b/src/daemon/modules/device/cdi/behavior/cdi_version.c
+new file mode 100644
+index 00000000..3e87c111
+--- /dev/null
++++ b/src/daemon/modules/device/cdi/behavior/cdi_version.c
+@@ -0,0 +1,40 @@
++/******************************************************************************
++ * Copyright (c) Huawei Technologies Co., Ltd. 2024. All rights reserved.
++ * iSulad licensed under the Mulan PSL v2.
++ * You can use this software according to the terms and conditions of the Mulan PSL v2.
++ * You may obtain a copy of Mulan PSL v2 at:
++ *     http://license.coscl.org.cn/MulanPSL2
++ * THIS SOFTWARE IS PROVIDED ON AN "AS IS" BASIS, WITHOUT WARRANTIES OF ANY KIND, EITHER EXPRESS OR
++ * IMPLIED, INCLUDING BUT NOT LIMITED TO NON-INFRINGEMENT, MERCHANTABILITY OR FIT FOR A PARTICULAR
++ * PURPOSE.
++ * See the Mulan PSL v2 for more details.
++ * Author: liuxu
++ * Create: 2024-03-06
++ * Description: provide cdi version function
++ ******************************************************************************/
++#include "cdi_version.h"
++
++#define CDI_V_CURRENT_VERSION "v"##CDI_CURRENT_VERSION
++
++#define CDI_V010        "v0.1.0"
++#define CDI_V020        "v0.2.0"
++#define CDI_V030        "v0.3.0"
++#define CDI_V040        "v0.4.0"
++#define CDI_V050        "v0.5.0"
++#define CDI_V060        "v0.6.0"
++#define CDI_V_EARLIEST  CDI_V030
++
++const char *cdi_minimum_required_version(cdi_spec *spec)
++{
++    return NULL;
++}
++
++bool cdi_is_greater_than_version(const char *v, const char *o)
++{
++    return true;
++}
++
++bool cdi_is_valid_version(const char *spec_version)
++{
++    return true;
++}
+diff --git a/src/daemon/modules/device/cdi/behavior/cdi_version.h b/src/daemon/modules/device/cdi/behavior/cdi_version.h
+new file mode 100644
+index 00000000..99b7e692
+--- /dev/null
++++ b/src/daemon/modules/device/cdi/behavior/cdi_version.h
+@@ -0,0 +1,34 @@
++/******************************************************************************
++ * Copyright (c) Huawei Technologies Co., Ltd. 2024. All rights reserved.
++ * iSulad licensed under the Mulan PSL v2.
++ * You can use this software according to the terms and conditions of the Mulan PSL v2.
++ * You may obtain a copy of Mulan PSL v2 at:
++ *     http://license.coscl.org.cn/MulanPSL2
++ * THIS SOFTWARE IS PROVIDED ON AN "AS IS" BASIS, WITHOUT WARRANTIES OF ANY KIND, EITHER EXPRESS OR
++ * IMPLIED, INCLUDING BUT NOT LIMITED TO NON-INFRINGEMENT, MERCHANTABILITY OR FIT FOR A PARTICULAR
++ * PURPOSE.
++ * See the Mulan PSL v2 for more details.
++ * Author: liuxu
++ * Create: 2024-03-06
++ * Description: provide cdi version function definition
++ ******************************************************************************/
++#ifndef CDI_VERSION_H
++#define CDI_VERSION_H
++
++#include <isula_libutils/cdi_spec.h>
++
++#ifdef __cplusplus
++extern "C" {
++#endif
++
++#define CDI_CURRENT_VERSION "0.6.0"
++
++const char *cdi_minimum_required_version(cdi_spec *spec);
++bool cdi_is_greater_than_version(const char *v, const char *o);
++bool cdi_is_valid_version(const char *spec_version);
++
++#ifdef __cplusplus
++}
++#endif
++
++#endif
+\ No newline at end of file
+diff --git a/src/daemon/modules/device/cdi/behavior/parser/CMakeLists.txt b/src/daemon/modules/device/cdi/behavior/parser/CMakeLists.txt
+new file mode 100644
+index 00000000..9bf5f3f2
+--- /dev/null
++++ b/src/daemon/modules/device/cdi/behavior/parser/CMakeLists.txt
+@@ -0,0 +1,3 @@
++# get current directory sources files
++aux_source_directory(${CMAKE_CURRENT_SOURCE_DIR} local_cdi_parser_srcs)
++set(PARSER_SRCS ${local_cdi_parser_srcs} PARENT_SCOPE)
+diff --git a/src/daemon/modules/device/cdi/behavior/parser/cdi_parser.c b/src/daemon/modules/device/cdi/behavior/parser/cdi_parser.c
+new file mode 100644
+index 00000000..45048f9a
+--- /dev/null
++++ b/src/daemon/modules/device/cdi/behavior/parser/cdi_parser.c
+@@ -0,0 +1,55 @@
++/******************************************************************************
++ * Copyright (c) Huawei Technologies Co., Ltd. 2024. All rights reserved.
++ * iSulad licensed under the Mulan PSL v2.
++ * You can use this software according to the terms and conditions of the Mulan PSL v2.
++ * You may obtain a copy of Mulan PSL v2 at:
++ *     http://license.coscl.org.cn/MulanPSL2
++ * THIS SOFTWARE IS PROVIDED ON AN "AS IS" BASIS, WITHOUT WARRANTIES OF ANY KIND, EITHER EXPRESS OR
++ * IMPLIED, INCLUDING BUT NOT LIMITED TO NON-INFRINGEMENT, MERCHANTABILITY OR FIT FOR A PARTICULAR
++ * PURPOSE.
++ * See the Mulan PSL v2 for more details.
++ * Author: liuxu
++ * Create: 2024-03-06
++ * Description: provide cdi parser linux function
++ ******************************************************************************/
++#include "cdi_parser.h"
++
++char *cdi_parser_qualified_name(const char *vendor, const char *class, const char *name)
++{
++    return NULL;
++}
++
++bool cdi_parser_is_qualified_name(const char *device)
++{
++    return true;
++}
++
++char *cdi_parser_parse_qualified_name(const char *device, char **vendor, char **class, char **name)
++{
++    return NULL;
++}
++
++int cdi_parser_parse_device(const char *device, char **vendor, char **class, char **name)
++{
++    return 0;
++}
++
++int cdi_parser_parse_qualifier(const char *kind, char **vendor, char **class)
++{
++    return 0;
++}
++
++char *cdi_parser_validate_vendor_name(const char *vendor)
++{
++    return NULL;
++}
++
++char *cdi_parser_validate_class_name(const char *class)
++{
++    return NULL;
++}
++
++char *cdi_parser_validate_device_name(const char *name)
++{
++    return NULL;
++}
+diff --git a/src/daemon/modules/device/cdi/behavior/parser/cdi_parser.h b/src/daemon/modules/device/cdi/behavior/parser/cdi_parser.h
+new file mode 100644
+index 00000000..d9c057ea
+--- /dev/null
++++ b/src/daemon/modules/device/cdi/behavior/parser/cdi_parser.h
+@@ -0,0 +1,38 @@
++/******************************************************************************
++ * Copyright (c) Huawei Technologies Co., Ltd. 2024. All rights reserved.
++ * iSulad licensed under the Mulan PSL v2.
++ * You can use this software according to the terms and conditions of the Mulan PSL v2.
++ * You may obtain a copy of Mulan PSL v2 at:
++ *     http://license.coscl.org.cn/MulanPSL2
++ * THIS SOFTWARE IS PROVIDED ON AN "AS IS" BASIS, WITHOUT WARRANTIES OF ANY KIND, EITHER EXPRESS OR
++ * IMPLIED, INCLUDING BUT NOT LIMITED TO NON-INFRINGEMENT, MERCHANTABILITY OR FIT FOR A PARTICULAR
++ * PURPOSE.
++ * See the Mulan PSL v2 for more details.
++ * Author: liuxu
++ * Create: 2024-03-06
++ * Description: provide cdi parser function definition
++ ******************************************************************************/
++#ifndef CDI_PARSER_H
++#define CDI_PARSER_H
++
++#include <stdbool.h>
++#include <stddef.h>
++
++#ifdef __cplusplus
++extern "C" {
++#endif
++
++char *cdi_parser_qualified_name(const char *vendor, const char *class, const char *name);
++bool cdi_parser_is_qualified_name(const char *device);
++char *cdi_parser_parse_qualified_name(const char *device, char **vendor, char **class, char **name);
++int cdi_parser_parse_device(const char *device, char **vendor, char **class, char **name);
++int cdi_parser_parse_qualifier(const char *kind, char **vendor, char **class);
++char *cdi_parser_validate_vendor_name(const char *vendor);
++char *cdi_parser_validate_class_name(const char *class);
++char *cdi_parser_validate_device_name(const char *name);
++
++#ifdef __cplusplus
++}
++#endif
++
++#endif
+\ No newline at end of file
+diff --git a/src/daemon/modules/device/cdi/cdi_annotations.c b/src/daemon/modules/device/cdi/cdi_annotations.c
+new file mode 100644
+index 00000000..3cb9be84
+--- /dev/null
++++ b/src/daemon/modules/device/cdi/cdi_annotations.c
+@@ -0,0 +1,31 @@
++/******************************************************************************
++ * Copyright (c) Huawei Technologies Co., Ltd. 2024. All rights reserved.
++ * iSulad licensed under the Mulan PSL v2.
++ * You can use this software according to the terms and conditions of the Mulan PSL v2.
++ * You may obtain a copy of Mulan PSL v2 at:
++ *     http://license.coscl.org.cn/MulanPSL2
++ * THIS SOFTWARE IS PROVIDED ON AN "AS IS" BASIS, WITHOUT WARRANTIES OF ANY KIND, EITHER EXPRESS OR
++ * IMPLIED, INCLUDING BUT NOT LIMITED TO NON-INFRINGEMENT, MERCHANTABILITY OR FIT FOR A PARTICULAR
++ * PURPOSE.
++ * See the Mulan PSL v2 for more details.
++ * Author: liuxu
++ * Create: 2024-03-06
++ * Description: provide cdi annotations function
++ ******************************************************************************/
++#include "cdi_annotations.h"
++
++#include <ctype.h>
++#include <isula_libutils/log.h>
++#include <isula_libutils/auto_cleanup.h>
++#include <isula_libutils/utils_string.h>
++
++#include "error.h"
++#include "utils.h"
++#include "cdi_parser.h"
++
++#define CDI_ANNOTATIONS_PREFIX "cdi.k8s.io/"
++
++char *cdi_parse_annotations(json_map_string_string *annotations, string_array **keys, string_array **devices)
++{
++    return NULL;
++}
+diff --git a/src/daemon/modules/device/cdi/cdi_annotations.h b/src/daemon/modules/device/cdi/cdi_annotations.h
+new file mode 100644
+index 00000000..52355099
+--- /dev/null
++++ b/src/daemon/modules/device/cdi/cdi_annotations.h
+@@ -0,0 +1,32 @@
++/******************************************************************************
++ * Copyright (c) Huawei Technologies Co., Ltd. 2024. All rights reserved.
++ * iSulad licensed under the Mulan PSL v2.
++ * You can use this software according to the terms and conditions of the Mulan PSL v2.
++ * You may obtain a copy of Mulan PSL v2 at:
++ *     http://license.coscl.org.cn/MulanPSL2
++ * THIS SOFTWARE IS PROVIDED ON AN "AS IS" BASIS, WITHOUT WARRANTIES OF ANY KIND, EITHER EXPRESS OR
++ * IMPLIED, INCLUDING BUT NOT LIMITED TO NON-INFRINGEMENT, MERCHANTABILITY OR FIT FOR A PARTICULAR
++ * PURPOSE.
++ * See the Mulan PSL v2 for more details.
++ * Author: liuxu
++ * Create: 2024-03-06
++ * Description: provide cdi annotations function definition
++ ******************************************************************************/
++#ifndef CDI_ANNOTATIONS_H
++#define CDI_ANNOTATIONS_H
++
++#include <isula_libutils/json_common.h>
++
++#include "utils_array.h"
++
++#ifdef __cplusplus
++extern "C" {
++#endif
++
++char *cdi_parse_annotations(json_map_string_string *annotations, string_array **keys, string_array **devices);
++
++#ifdef __cplusplus
++}
++#endif
++
++#endif
+\ No newline at end of file
+diff --git a/src/daemon/modules/device/cdi/cdi_cache.c b/src/daemon/modules/device/cdi/cdi_cache.c
+new file mode 100644
+index 00000000..9c54acbf
+--- /dev/null
++++ b/src/daemon/modules/device/cdi/cdi_cache.c
+@@ -0,0 +1,69 @@
++/******************************************************************************
++ * Copyright (c) Huawei Technologies Co., Ltd. 2024. All rights reserved.
++ * iSulad licensed under the Mulan PSL v2.
++ * You can use this software according to the terms and conditions of the Mulan PSL v2.
++ * You may obtain a copy of Mulan PSL v2 at:
++ *     http://license.coscl.org.cn/MulanPSL2
++ * THIS SOFTWARE IS PROVIDED ON AN "AS IS" BASIS, WITHOUT WARRANTIES OF ANY KIND, EITHER EXPRESS OR
++ * IMPLIED, INCLUDING BUT NOT LIMITED TO NON-INFRINGEMENT, MERCHANTABILITY OR FIT FOR A PARTICULAR
++ * PURPOSE.
++ * See the Mulan PSL v2 for more details.
++ * Author: liuxu
++ * Create: 2024-03-06
++ * Description: provide cdi cache function
++ ******************************************************************************/
++#include "cdi_cache.h"
++
++void free_cdi_cache(struct cdi_cache *c)
++{
++    (void)c;
++}
++
++struct cdi_cache *cdi_new_cache(string_array *spec_dirs, char **error)
++{
++    return NULL;
++}
++
++static string_array *cdi_inject_devices(struct cdi_cache *c, oci_runtime_spec *oci_spec, string_array *devices, char **error)
++{
++    return NULL;
++}
++
++static char *cdi_configure(struct cdi_cache *c, string_array *spec_dirs)
++{
++    return NULL;
++}
++
++static char *cdi_refresh(struct cdi_cache *c)
++{
++    return NULL;
++}
++
++static map_t *cdi_get_errors(struct cdi_cache *c)
++{
++    return NULL;
++}
++
++static string_array *cdi_get_spec_directories(struct cdi_cache *c)
++{
++    return NULL;
++}
++
++static map_t *cdi_get_spec_dir_errors(struct cdi_cache *c)
++{
++    return NULL;
++}
++
++static struct cdi_cache_ops g_cdi_cache_ops = {
++    .inject_devices = cdi_inject_devices,
++    .configure = cdi_configure,
++    .refresh = cdi_refresh,
++    .get_errors = cdi_get_errors,
++    .get_spec_directories = cdi_get_spec_directories,
++    .get_spec_dir_errors = cdi_get_spec_dir_errors
++};
++
++struct cdi_cache_ops *cdi_get_cache_ops(void)
++{
++    return &g_cdi_cache_ops;
++}
+\ No newline at end of file
+diff --git a/src/daemon/modules/device/cdi/cdi_cache.h b/src/daemon/modules/device/cdi/cdi_cache.h
+new file mode 100644
+index 00000000..92fb64af
+--- /dev/null
++++ b/src/daemon/modules/device/cdi/cdi_cache.h
+@@ -0,0 +1,75 @@
++/******************************************************************************
++ * Copyright (c) Huawei Technologies Co., Ltd. 2024. All rights reserved.
++ * iSulad licensed under the Mulan PSL v2.
++ * You can use this software according to the terms and conditions of the Mulan PSL v2.
++ * You may obtain a copy of Mulan PSL v2 at:
++ *     http://license.coscl.org.cn/MulanPSL2
++ * THIS SOFTWARE IS PROVIDED ON AN "AS IS" BASIS, WITHOUT WARRANTIES OF ANY KIND, EITHER EXPRESS OR
++ * IMPLIED, INCLUDING BUT NOT LIMITED TO NON-INFRINGEMENT, MERCHANTABILITY OR FIT FOR A PARTICULAR
++ * PURPOSE.
++ * See the Mulan PSL v2 for more details.
++ * Author: liuxu
++ * Create: 2024-03-06
++ * Description: provide cdi cache function definition
++ ******************************************************************************/
++#ifndef CDI_CACHE_H
++#define CDI_CACHE_H
++
++#include <stdbool.h>
++#include <stddef.h>
++#include <isula_libutils/oci_runtime_spec.h>
++
++#include "utils_array.h"
++#include "map.h"
++#include "cdi_device.h"
++#include "cdi_spec.h"
++
++#ifdef __cplusplus
++extern "C" {
++#endif
++
++struct cdi_cache;
++
++struct cdi_cache_ops {
++    // injecting CDI devices into an OCI Spec.
++    // Resolver
++    string_array *(*inject_devices)(struct cdi_cache *c, oci_runtime_spec *spec, string_array *devices, char **error);
++    
++    // refreshing the cache of CDI Specs and devices.
++    // Refresher
++    char *(*configure)(struct cdi_cache *c, string_array *spec_dirs);
++    char *(*refresh)(struct cdi_cache *c);
++    map_t *(*get_errors)(struct cdi_cache *c);
++    string_array *(*get_spec_directories)(struct cdi_cache *c);
++    map_t *(*get_spec_dir_errors)(struct cdi_cache *c);
++};
++
++struct cdi_watch {
++    int watcher_fd; // inotify fd
++    map_t *tracked; // MAP_STR_BOOL     tracked[spec_dirs[i]] = bool
++    map_t *wd_dirs; // MAP_INT_STR      wd_dirs[wd] = spec_dirs[i]
++};
++
++// Cache stores CDI Specs loaded from Spec directories.
++struct cdi_cache {
++    pthread_mutex_t mutex;
++    string_array *spec_dirs; // cdi-spec-dirs will scan for CDI Spec files
++    map_t *specs;        // MAP_STR_PTR     specs[vendor] = cdi_cache_spec**
++    map_t *devices;      // MAP_STR_PTR     devices[cdi_device.name] = cdi_cache_device*
++    map_t *errors;       // MAP_STR_PTR     errors[cdi_cache_spec.path] = string_array *errors
++    map_t *dir_errors;   // MAP_STR_STR     dir_errors[spec_dirs[i]] = error
++
++    bool auto_refresh; 
++    struct cdi_watch *watch;
++};
++
++void free_cdi_cache(struct cdi_cache *c);
++ 
++struct cdi_cache *cdi_new_cache(string_array *spec_dirs, char **error);
++struct cdi_cache_ops *cdi_get_cache_ops(void);
++
++#ifdef __cplusplus
++}
++#endif
++
++#endif
+\ No newline at end of file
+diff --git a/src/daemon/modules/device/cdi/cdi_registry.c b/src/daemon/modules/device/cdi/cdi_registry.c
+new file mode 100644
+index 00000000..68767a5f
+--- /dev/null
++++ b/src/daemon/modules/device/cdi/cdi_registry.c
+@@ -0,0 +1,25 @@
++/******************************************************************************
++ * Copyright (c) Huawei Technologies Co., Ltd. 2024. All rights reserved.
++ * iSulad licensed under the Mulan PSL v2.
++ * You can use this software according to the terms and conditions of the Mulan PSL v2.
++ * You may obtain a copy of Mulan PSL v2 at:
++ *     http://license.coscl.org.cn/MulanPSL2
++ * THIS SOFTWARE IS PROVIDED ON AN "AS IS" BASIS, WITHOUT WARRANTIES OF ANY KIND, EITHER EXPRESS OR
++ * IMPLIED, INCLUDING BUT NOT LIMITED TO NON-INFRINGEMENT, MERCHANTABILITY OR FIT FOR A PARTICULAR
++ * PURPOSE.
++ * See the Mulan PSL v2 for more details.
++ * Author: liuxu
++ * Create: 2024-03-06
++ * Description: provide cdi registry function
++ ******************************************************************************/
++#include "cdi_registry.h"
++
++int cdi_registry_init(string_array *spec_dirs)
++{
++    return 0;
++}
++
++struct cdi_registry *cdi_get_registry(void)
++{
++    return NULL;
++}
+diff --git a/src/daemon/modules/device/cdi/cdi_registry.h b/src/daemon/modules/device/cdi/cdi_registry.h
+new file mode 100644
+index 00000000..c27d37e3
+--- /dev/null
++++ b/src/daemon/modules/device/cdi/cdi_registry.h
+@@ -0,0 +1,36 @@
++/******************************************************************************
++ * Copyright (c) Huawei Technologies Co., Ltd. 2024. All rights reserved.
++ * iSulad licensed under the Mulan PSL v2.
++ * You can use this software according to the terms and conditions of the Mulan PSL v2.
++ * You may obtain a copy of Mulan PSL v2 at:
++ *     http://license.coscl.org.cn/MulanPSL2
++ * THIS SOFTWARE IS PROVIDED ON AN "AS IS" BASIS, WITHOUT WARRANTIES OF ANY KIND, EITHER EXPRESS OR
++ * IMPLIED, INCLUDING BUT NOT LIMITED TO NON-INFRINGEMENT, MERCHANTABILITY OR FIT FOR A PARTICULAR
++ * PURPOSE.
++ * See the Mulan PSL v2 for more details.
++ * Author: liuxu
++ * Create: 2024-03-06
++ * Description: provide cdi registry function definition
++ ******************************************************************************/
++#ifndef CDI_REGISTRY_H
++#define CDI_REGISTRY_H
++
++#include "cdi_cache.h"
++
++#ifdef __cplusplus
++extern "C" {
++#endif
++
++struct cdi_registry {
++    struct cdi_cache *cdi_cache;
++    struct cdi_cache_ops *ops;
++};
++
++int cdi_registry_init(string_array *spec_dirs);
++struct cdi_registry *cdi_get_registry(void);
++
++#ifdef __cplusplus
++}
++#endif
++
++#endif
+\ No newline at end of file
+diff --git a/src/daemon/modules/device/cdi_operate.c b/src/daemon/modules/device/cdi_operate.c
+new file mode 100644
+index 00000000..c7aa77d8
+--- /dev/null
++++ b/src/daemon/modules/device/cdi_operate.c
+@@ -0,0 +1,35 @@
++/******************************************************************************
++ * Copyright (c) Huawei Technologies Co., Ltd. 2024. All rights reserved.
++ * iSulad licensed under the Mulan PSL v2.
++ * You can use this software according to the terms and conditions of the Mulan PSL v2.
++ * You may obtain a copy of Mulan PSL v2 at:
++ *     http://license.coscl.org.cn/MulanPSL2
++ * THIS SOFTWARE IS PROVIDED ON AN "AS IS" BASIS, WITHOUT WARRANTIES OF ANY KIND, EITHER EXPRESS OR
++ * IMPLIED, INCLUDING BUT NOT LIMITED TO NON-INFRINGEMENT, MERCHANTABILITY OR FIT FOR A PARTICULAR
++ * PURPOSE.
++ * See the Mulan PSL v2 for more details.
++ * Author: liuxu
++ * Create: 2024-03-06
++ * Description: provide cdi device manager function
++ ******************************************************************************/
++#include "cdi_operate_api.h"
++
++int cdi_operate_registry_init(char **specs_dirs, size_t specs_dirs_len)
++{
++    return 0;
++}
++
++char *cdi_operate_refresh(void)
++{
++    return NULL;
++}
++
++string_array *cdi_operate_inject_devices(oci_runtime_spec *spec, string_array *devices, char **error)
++{
++    return NULL;
++}
++
++char *cdi_operate_parse_annotations(json_map_string_string *annotations, string_array **keys, string_array **devices)
++{
++    return NULL;
++}
+\ No newline at end of file
+-- 
+2.34.1
+
diff --git a/0049-distinguish-between-runtime-and-runtime_cmd-in-isula.patch b/0049-distinguish-between-runtime-and-runtime_cmd-in-isula.patch
new file mode 100644
index 0000000..4366d7a
--- /dev/null
+++ b/0049-distinguish-between-runtime-and-runtime_cmd-in-isula.patch
@@ -0,0 +1,145 @@
+From 491baece02522128720b3bd992a76dc5148aa7b2 Mon Sep 17 00:00:00 2001
+From: zhongtao <zhongtao17@huawei.com>
+Date: Mon, 8 Apr 2024 11:37:13 +0800
+Subject: [PATCH 49/69] distinguish between runtime and runtime_cmd in
+ isulad-shim
+
+Signed-off-by: zhongtao <zhongtao17@huawei.com>
+---
+ src/cmd/isulad-shim/process.c                 | 20 +++++++++----------
+ src/cmd/isulad-shim/process.h                 |  4 ++--
+ .../modules/runtime/isula/isula_rt_ops.c      |  2 ++
+ 3 files changed, 14 insertions(+), 12 deletions(-)
+
+diff --git a/src/cmd/isulad-shim/process.c b/src/cmd/isulad-shim/process.c
+index 8a4ca175..6b5f8f7f 100644
+--- a/src/cmd/isulad-shim/process.c
++++ b/src/cmd/isulad-shim/process.c
+@@ -1131,7 +1131,7 @@ static int init_root_path(process_t *p)
+         return SHIM_ERR;
+     }
+ 
+-    if (buffer->nappend(buffer, PATH_MAX, "%s/%s", state_path, p->runtime) < 0) {
++    if (buffer->nappend(buffer, PATH_MAX, "%s/%s", state_path, p->state->runtime) < 0) {
+         ERROR("Failed to append state_path\n");
+         isula_buffer_free(buffer);
+         return SHIM_ERR;
+@@ -1146,7 +1146,7 @@ static int init_root_path(process_t *p)
+     return SHIM_OK;
+ }
+ 
+-process_t *new_process(char *id, char *bundle, char *runtime)
++process_t *new_process(char *id, char *bundle, char *runtime_cmd)
+ {
+     shim_client_process_state *p_state;
+     process_t *p = NULL;
+@@ -1174,7 +1174,7 @@ process_t *new_process(char *id, char *bundle, char *runtime)
+ 
+     p->id = id;
+     p->bundle = bundle;
+-    p->runtime = runtime;
++    p->runtime_cmd = runtime_cmd;
+     p->state = p_state;
+     p->console_sock_path = NULL;
+     p->exit_fd = -1;
+@@ -1247,7 +1247,7 @@ static void set_common_params(process_t *p, const char *params[], int *index, co
+ {
+     int j;
+ 
+-    params[(*index)++]  = p->runtime;
++    params[(*index)++]  = p->runtime_cmd;
+     for (j = 0; j < p->state->runtime_args_len; j++) {
+         params[(*index)++]  = p->state->runtime_args[j];
+     }
+@@ -1261,7 +1261,7 @@ static void set_common_params(process_t *p, const char *params[], int *index, co
+ 
+     // In addition to kata, other commonly used oci runtimes (runc, crun, youki, gvisor)
+     // need to set the --root option
+-    if (strcasecmp(p->runtime, "kata-runtime") != 0) {
++    if (strcasecmp(p->state->runtime, "kata-runtime") != 0) {
+         params[(*index)++] = "--root";
+         params[(*index)++] = p->root_path;
+     }
+@@ -1347,7 +1347,7 @@ static void process_kill_all(process_t *p)
+     params[i++] = p->id;
+     params[i++] = "SIGKILL";
+ 
+-    (void)cmd_combined_output(p->runtime, params, output, &output_len);
++    (void)cmd_combined_output(p->runtime_cmd, params, output, &output_len);
+ 
+     return;
+ }
+@@ -1375,7 +1375,7 @@ static void process_delete(process_t *p)
+     params[i++] = "--force";
+     params[i++] = p->id;
+ 
+-    (void)cmd_combined_output(p->runtime, params, output, &output_len);
++    (void)cmd_combined_output(p->runtime_cmd, params, output, &output_len);
+ 
+     return;
+ }
+@@ -1444,8 +1444,8 @@ static void exec_runtime_process(process_t *p, int exec_fd)
+ 
+     const char *params[MAX_RUNTIME_ARGS] = { 0 };
+     get_runtime_cmd(p, log_path, pid_path, process_desc, params);
+-    execvp(p->runtime, (char * const *)params);
+-    (void)dprintf(exec_fd, "run process: %s error: %s", p->runtime, strerror(errno));
++    execvp(p->runtime_cmd, (char * const *)params);
++    (void)dprintf(exec_fd, "run process: %s error: %s", p->runtime_cmd, strerror(errno));
+     _exit(EXIT_FAILURE);
+ }
+ 
+@@ -1586,7 +1586,7 @@ static int waitpid_with_timeout(int ctr_pid,  int *status, const uint64_t timeou
+ static int wait_container_process_with_timeout(process_t *p, const uint64_t timeout, int *status)
+ {
+     // currently, kata runtime does not support setting timeout during exec
+-    if (strcasecmp(p->runtime, "kata-runtime") != 0 && timeout > 0) {
++    if (strcasecmp(p->state->runtime, "kata-runtime") != 0 && timeout > 0) {
+         return waitpid_with_timeout(p->ctr_pid, status, timeout);
+     }
+ 
+diff --git a/src/cmd/isulad-shim/process.h b/src/cmd/isulad-shim/process.h
+index 32ba7366..05fd87b0 100644
+--- a/src/cmd/isulad-shim/process.h
++++ b/src/cmd/isulad-shim/process.h
+@@ -44,7 +44,7 @@ typedef struct {
+ typedef struct process {
+     char *id;
+     char *bundle;
+-    char *runtime;
++    char *runtime_cmd;
+     char *console_sock_path; // pty socket path
+     char *workdir;
+     char *root_path;
+@@ -70,7 +70,7 @@ typedef struct {
+     int status;
+ } process_exit_t;
+ 
+-process_t* new_process(char *id, char *bundle, char *runtime);
++process_t* new_process(char *id, char *bundle, char *runtime_cmd);
+ 
+ int prepare_attach_socket(process_t *p);
+ 
+diff --git a/src/daemon/modules/runtime/isula/isula_rt_ops.c b/src/daemon/modules/runtime/isula/isula_rt_ops.c
+index b9aba3e3..bc3c36c8 100644
+--- a/src/daemon/modules/runtime/isula/isula_rt_ops.c
++++ b/src/daemon/modules/runtime/isula/isula_rt_ops.c
+@@ -1154,6 +1154,7 @@ int rt_isula_create(const char *id, const char *runtime, const rt_create_params_
+     p.isulad_stdin = (char *)params->stdin;
+     p.isulad_stdout = (char *)params->stdout;
+     p.isulad_stderr = (char *)params->stderr;
++    p.runtime = (char *)runtime;
+     p.runtime_args = (char **)runtime_args;
+     p.runtime_args_len = runtime_args_len;
+     p.attach_socket = attach_socket;
+@@ -1409,6 +1410,7 @@ static int preparation_exec(const char *id, const char *runtime, const char *wor
+     p.isulad_stdout = (char *)params->console_fifos[1];
+     p.isulad_stderr = (char *)params->console_fifos[2];
+     p.resize_fifo = resize_fifo_dir;
++    p.runtime = (char *)runtime;
+     p.runtime_args = (char **)runtime_args;
+     p.runtime_args_len = runtime_args_len;
+     copy_process(&p, process);
+-- 
+2.34.1
+
diff --git a/0050-Use-user-defined-shm-for-CRI-request.patch b/0050-Use-user-defined-shm-for-CRI-request.patch
new file mode 100644
index 0000000..2d61c9d
--- /dev/null
+++ b/0050-Use-user-defined-shm-for-CRI-request.patch
@@ -0,0 +1,171 @@
+From 162123bdec0f45f7b2001b2b0b83705cc6b9b1b1 Mon Sep 17 00:00:00 2001
+From: xuxuepeng <xuxuepeng1@huawei.com>
+Date: Mon, 8 Apr 2024 20:53:57 +0800
+Subject: [PATCH 50/69] Use user defined shm for CRI request
+
+Signed-off-by: xuxuepeng <xuxuepeng1@huawei.com>
+---
+ src/daemon/modules/spec/specs_mount.c | 128 +++++++++++++++++---------
+ 1 file changed, 85 insertions(+), 43 deletions(-)
+
+diff --git a/src/daemon/modules/spec/specs_mount.c b/src/daemon/modules/spec/specs_mount.c
+index 20bf5378..6903ae40 100644
+--- a/src/daemon/modules/spec/specs_mount.c
++++ b/src/daemon/modules/spec/specs_mount.c
+@@ -2799,33 +2799,31 @@ out_free:
+     return ret;
+ }
+ 
+-#define SHM_MOUNT_POINT "/dev/shm"
+-static int set_shm_path(host_config *host_spec, container_config_v2_common_config *v2_spec)
++static inline int set_sharable_ipc_mode(host_config *host_spec, container_config_v2_common_config *v2_spec)
+ {
+-    int ret = 0;
+-    container_t *cont = NULL;
+-    char *tmp_cid = NULL;
+-    char *right_path = NULL;
+-
+-    // ignore shm of system container
+-    if (host_spec->system_container) {
++    free(v2_spec->shm_path);
++#ifdef ENABLE_CRI_API_V1
++    // In the case of sandbox API is used, the shm path has already been created in CRI,
++    // so we need to use the sandbox's shm path
++    if (is_sandbox_container(v2_spec->sandbox_info)) {
++        v2_spec->shm_path = util_strdup_s(v2_spec->sandbox_info->shm_path);
+         return 0;
+     }
+-    // setup shareable dirs
+-    if (is_shareable_ipc(host_spec->ipc_mode)) {
+-        // has mount for /dev/shm
+-        if (has_mount_shm(host_spec, v2_spec)) {
+-            return 0;
+-        }
++#endif
++    v2_spec->shm_path = get_prepare_share_shm_path(host_spec->runtime, v2_spec->id);
++    if (v2_spec->shm_path == NULL) {
++        ERROR("Failed to get prepare share shm path");
++        return -1;
++    }
+ 
+-        v2_spec->shm_path = get_prepare_share_shm_path(host_spec->runtime, v2_spec->id);
+-        if (v2_spec->shm_path == NULL) {
+-            ERROR("Failed to get prepare share shm path");
+-            return -1;
+-        }
++    return 0;
++}
+ 
+-        return 0;
+-    }
++static inline int set_connected_container_shm_path(host_config *host_spec, container_config_v2_common_config *v2_spec)
++{
++    container_t *cont = NULL;
++    char *tmp_cid = NULL;
++    char *right_path = NULL;
+ 
+ #ifdef ENABLE_CRI_API_V1
+     // Sandbox API is used and the connected container is actually a sandbox
+@@ -2833,34 +2831,78 @@ static int set_shm_path(host_config *host_spec, container_config_v2_common_confi
+     if (namespace_is_sandbox(host_spec->ipc_mode, v2_spec->sandbox_info)) {
+         free(v2_spec->shm_path);
+         v2_spec->shm_path = util_strdup_s(v2_spec->sandbox_info->shm_path);
+-        goto out;
++        return 0;
+     }
+ #endif
+ 
+-    if (namespace_is_container(host_spec->ipc_mode)) {
+-        tmp_cid = namespace_get_connected_container(host_spec->ipc_mode);
+-        cont = containers_store_get(tmp_cid);
+-        if (cont == NULL) {
+-            ERROR("Invalid share path: %s", host_spec->ipc_mode);
+-            ret = -1;
+-            goto out;
+-        }
+-        right_path = util_strdup_s(cont->common_config->shm_path);
+-        container_unref(cont);
+-    } else if (namespace_is_host(host_spec->ipc_mode)) {
+-        if (!util_file_exists(SHM_MOUNT_POINT)) {
+-            ERROR("/dev/shm is not mounted, but must be for --ipc=host");
+-            ret = -1;
+-            goto out;
+-        }
+-        right_path = util_strdup_s(SHM_MOUNT_POINT);
++    tmp_cid = namespace_get_connected_container(host_spec->ipc_mode);
++    cont = containers_store_get(tmp_cid);
++    if (cont == NULL) {
++        ERROR("Invalid share path: %s", host_spec->ipc_mode);
++        return -1;
+     }
++    right_path = util_strdup_s(cont->common_config->shm_path);
++    container_unref(cont);
+ 
+     free(v2_spec->shm_path);
+     v2_spec->shm_path = right_path;
+-out:
+-    free(tmp_cid);
+-    return ret;
++
++    return 0;
++}
++
++#define SHM_MOUNT_POINT "/dev/shm"
++static inline int set_host_ipc_shm_path(container_config_v2_common_config *v2_spec)
++{
++    if (!util_file_exists(SHM_MOUNT_POINT)) {
++        ERROR("/dev/shm is not mounted, but must be for --ipc=host");
++        return -1;
++    }
++    free(v2_spec->shm_path);
++    v2_spec->shm_path = util_strdup_s(SHM_MOUNT_POINT);
++    return 0;
++}
++
++/**
++ * There are 4 cases for setting shm path:
++ * 1. The user defined /dev/shm in mounts, which takes the first priority
++ * 2. If sharable is set in ipc mode (or by default ipc_mode is null), the container provides shm path,
++ *    in the case of sandbox API is used, the sandbox module has already provided shm path
++ * 3. Use the connected container's shm path if ipc_mode is set to container:<cid>, 
++ *    if connected containerd is a sandbox, use the sandbox's shm path
++ * 4. Use /dev/shm if ipc_mode is set to host
++ */
++static int set_shm_path(host_config *host_spec, container_config_v2_common_config *v2_spec)
++{
++    // ignore shm of system container
++    if (host_spec->system_container) {
++        return 0;
++    }
++
++    // case 1: Defined in mounts already
++    if (has_mount_shm(host_spec, v2_spec)) {
++        return 0;
++    }
++
++    // case 2: Container has its own IPC namespace
++    if (is_shareable_ipc(host_spec->ipc_mode)) {
++        return set_sharable_ipc_mode(host_spec, v2_spec);
++    }
++
++    // case 3: Connected container
++    if (namespace_is_container(host_spec->ipc_mode)) {
++        return set_connected_container_shm_path(host_spec, v2_spec);
++    }
++
++    // case 4: Host IPC namespace
++    if (namespace_is_host(host_spec->ipc_mode)) {
++        return set_host_ipc_shm_path(v2_spec);
++    }
++
++    // Otherwise, the case is unknown, nothing is set
++    free(v2_spec->shm_path);
++    v2_spec->shm_path = NULL;
++
++    return 0;
+ }
+ 
+ int destination_compare(const void *p1, const void *p2)
+-- 
+2.34.1
+
diff --git a/0051-Fix-memory-leak-in-set_connected_container_shm_path.patch b/0051-Fix-memory-leak-in-set_connected_container_shm_path.patch
new file mode 100644
index 0000000..c31e092
--- /dev/null
+++ b/0051-Fix-memory-leak-in-set_connected_container_shm_path.patch
@@ -0,0 +1,26 @@
+From 1052a7b67a35b3504045729e1408d4ace8bf50ca Mon Sep 17 00:00:00 2001
+From: xuxuepeng <xuxuepeng1@huawei.com>
+Date: Tue, 9 Apr 2024 06:35:03 +0800
+Subject: [PATCH 51/69] Fix memory leak in set_connected_container_shm_path
+
+Signed-off-by: xuxuepeng <xuxuepeng1@huawei.com>
+---
+ src/daemon/modules/spec/specs_mount.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/src/daemon/modules/spec/specs_mount.c b/src/daemon/modules/spec/specs_mount.c
+index 6903ae40..50ee9a85 100644
+--- a/src/daemon/modules/spec/specs_mount.c
++++ b/src/daemon/modules/spec/specs_mount.c
+@@ -2822,7 +2822,7 @@ static inline int set_sharable_ipc_mode(host_config *host_spec, container_config
+ static inline int set_connected_container_shm_path(host_config *host_spec, container_config_v2_common_config *v2_spec)
+ {
+     container_t *cont = NULL;
+-    char *tmp_cid = NULL;
++    __isula_auto_free char *tmp_cid = NULL;
+     char *right_path = NULL;
+ 
+ #ifdef ENABLE_CRI_API_V1
+-- 
+2.34.1
+
diff --git a/0052-init-enable_pod_events-as-false.patch b/0052-init-enable_pod_events-as-false.patch
new file mode 100644
index 0000000..08cfa2f
--- /dev/null
+++ b/0052-init-enable_pod_events-as-false.patch
@@ -0,0 +1,62 @@
+From cfbb9f5ea40b3b654d7b6f9ad861877e97ed24be Mon Sep 17 00:00:00 2001
+From: jikai <jikai11@huawei.com>
+Date: Thu, 11 Apr 2024 02:04:47 +0000
+Subject: [PATCH 52/69] init enable_pod_events as false
+
+Signed-off-by: jikai <jikai11@huawei.com>
+---
+ src/daemon/entry/connect/grpc/cri/cri_service.cc               | 3 +--
+ src/daemon/entry/connect/grpc/cri/cri_service.h                | 1 -
+ .../connect/grpc/cri/v1/cri_v1_runtime_runtime_service.cc      | 2 +-
+ 3 files changed, 2 insertions(+), 4 deletions(-)
+
+diff --git a/src/daemon/entry/connect/grpc/cri/cri_service.cc b/src/daemon/entry/connect/grpc/cri/cri_service.cc
+index d10a60b5..80bcfef0 100644
+--- a/src/daemon/entry/connect/grpc/cri/cri_service.cc
++++ b/src/daemon/entry/connect/grpc/cri/cri_service.cc
+@@ -89,9 +89,8 @@ int CRIService::Init(const isulad_daemon_configs *config)
+ 
+ #ifdef ENABLE_CRI_API_V1
+     m_enableCRIV1 = config->enable_cri_v1;
+-    m_enablePodEvents = config->enable_pod_events;
+     if (m_enableCRIV1) {
+-        m_runtimeV1RuntimeService.Init(m_podSandboxImage, m_pluginManager, m_enablePodEvents, err);
++        m_runtimeV1RuntimeService.Init(m_podSandboxImage, m_pluginManager, config->enable_pod_events, err);
+         if (err.NotEmpty()) {
+             ERROR("Init CRI v1 runtime service failed: %s", err.GetCMessage());
+             return -1;
+diff --git a/src/daemon/entry/connect/grpc/cri/cri_service.h b/src/daemon/entry/connect/grpc/cri/cri_service.h
+index 041c7c63..77b2eb72 100644
+--- a/src/daemon/entry/connect/grpc/cri/cri_service.h
++++ b/src/daemon/entry/connect/grpc/cri/cri_service.h
+@@ -56,7 +56,6 @@ private:
+     std::string m_podSandboxImage;
+     std::shared_ptr<Network::PluginManager> m_pluginManager;
+     bool m_enableCRIV1;
+-    bool m_enablePodEvents;
+ };
+ 
+ }
+diff --git a/src/daemon/entry/connect/grpc/cri/v1/cri_v1_runtime_runtime_service.cc b/src/daemon/entry/connect/grpc/cri/v1/cri_v1_runtime_runtime_service.cc
+index bc5ab591..e2591ce0 100644
+--- a/src/daemon/entry/connect/grpc/cri/v1/cri_v1_runtime_runtime_service.cc
++++ b/src/daemon/entry/connect/grpc/cri/v1/cri_v1_runtime_runtime_service.cc
+@@ -62,6 +62,7 @@ void RuntimeV1RuntimeServiceImpl::Init(std::string &podSandboxImage,
+         return;
+     }
+ 
++    m_enablePodEvents = false;
+     if (enablePodEvents) {
+         if (mailbox_register_topic_handler(MAILBOX_TOPIC_CRI_CONTAINER, cri_container_topic_handler,
+                                            this, cri_container_topic_release, true) != 0) {
+@@ -72,7 +73,6 @@ void RuntimeV1RuntimeServiceImpl::Init(std::string &podSandboxImage,
+         m_enablePodEvents = enablePodEvents;
+     }
+ 
+-
+     m_rService = std::unique_ptr<CRIV1::CRIRuntimeService>(new CRIRuntimeServiceImpl(podSandboxImage, cb, networkPlugin, m_enablePodEvents));
+ }
+ 
+-- 
+2.34.1
+
diff --git a/0053-remove-container-root-path-in-rt_lcr_rm-if-lcr-runti.patch b/0053-remove-container-root-path-in-rt_lcr_rm-if-lcr-runti.patch
new file mode 100644
index 0000000..1d9b3a3
--- /dev/null
+++ b/0053-remove-container-root-path-in-rt_lcr_rm-if-lcr-runti.patch
@@ -0,0 +1,33 @@
+From 0cb96d50302f9f3ad1c17e0bb650ac37db4d5206 Mon Sep 17 00:00:00 2001
+From: jikai <jikai11@huawei.com>
+Date: Wed, 10 Apr 2024 08:41:46 +0000
+Subject: [PATCH 53/69] remove container root path in rt_lcr_rm if lcr runtime
+ missing
+
+Signed-off-by: jikai <jikai11@huawei.com>
+---
+ src/daemon/modules/runtime/engines/lcr/lcr_rt_ops.c | 8 +++++++-
+ 1 file changed, 7 insertions(+), 1 deletion(-)
+
+diff --git a/src/daemon/modules/runtime/engines/lcr/lcr_rt_ops.c b/src/daemon/modules/runtime/engines/lcr/lcr_rt_ops.c
+index 6b862958..978da079 100644
+--- a/src/daemon/modules/runtime/engines/lcr/lcr_rt_ops.c
++++ b/src/daemon/modules/runtime/engines/lcr/lcr_rt_ops.c
+@@ -238,7 +238,13 @@ int rt_lcr_rm(const char *name, const char *runtime, const rt_rm_params_t *param
+ 
+     engine_ops = engines_get_handler(runtime);
+     if (engine_ops == NULL || engine_ops->engine_delete_op == NULL) {
+-        ERROR("Failed to get engine delete operations");
++        // if engine_ops is NULL, container root path may have been corrupted, try to remove by daemon
++        // If user runs container with lcr but remove lcr runtime after, there might be resources remaining
++        ERROR("Failed to get engine delete operations, container %s root path may have been corrupted, try to remove by daemon", name);
++        if (remove_container_rootpath(name, params->rootpath) == 0) {
++            ret = 0;
++            goto out;
++        }
+         ret = -1;
+         goto out;
+     }
+-- 
+2.34.1
+
diff --git a/0054-ensure-sandbox-can-be-removed-if-sandbox-container-r.patch b/0054-ensure-sandbox-can-be-removed-if-sandbox-container-r.patch
new file mode 100644
index 0000000..4fefbe1
--- /dev/null
+++ b/0054-ensure-sandbox-can-be-removed-if-sandbox-container-r.patch
@@ -0,0 +1,58 @@
+From 21afb41e02886df0b5251889cc443f28b7da274f Mon Sep 17 00:00:00 2001
+From: jikai <jikai11@huawei.com>
+Date: Thu, 11 Apr 2024 01:21:34 +0000
+Subject: [PATCH 54/69] ensure sandbox can be removed if sandbox container
+ removed
+
+Signed-off-by: jikai <jikai11@huawei.com>
+---
+ .../sandbox/controller/shim/shim_controller.cc   | 16 ++++++++++++----
+ src/daemon/sandbox/sandbox.cc                    |  3 ++-
+ 2 files changed, 14 insertions(+), 5 deletions(-)
+
+diff --git a/src/daemon/sandbox/controller/shim/shim_controller.cc b/src/daemon/sandbox/controller/shim/shim_controller.cc
+index 593fade9..4da637c7 100644
+--- a/src/daemon/sandbox/controller/shim/shim_controller.cc
++++ b/src/daemon/sandbox/controller/shim/shim_controller.cc
+@@ -517,12 +517,20 @@ bool ShimController::Shutdown(const std::string &sandboxId, Errors &error)
+     container_delete_response *response {nullptr};
+     int ret = m_cb->container.remove(request, &response);
+     auto responseWrapper = makeUniquePtrCStructWrapper<container_delete_response>(response, free_container_delete_response);
++    if (ret == 0) {
++        return true;
++    }
+ 
+-    if (ret != 0) {
+-        std::string msg = (response != nullptr && response->errmsg != nullptr) ? response->errmsg : "internal";
+-        ERROR("Failed to remove sandbox %s: %s", sandboxId.c_str(), msg.c_str());
+-        error.SetError(msg);
++    std::string errMsg = "internal";
++    if (response != nullptr && response->errmsg != nullptr) {
++        if (strstr(response->errmsg, "No such container") != nullptr) {
++            ERROR("Container for sandbox %s not found", sandboxId.c_str());
++            return true;
++        }
++        errMsg = response->errmsg;
+     }
++    ERROR("Failed to remove sandbox %s: %s", sandboxId.c_str(), errMsg.c_str());
++    error.SetError(errMsg);
+     return error.Empty();
+ }
+ 
+diff --git a/src/daemon/sandbox/sandbox.cc b/src/daemon/sandbox/sandbox.cc
+index c70116c1..bae5b8db 100644
+--- a/src/daemon/sandbox/sandbox.cc
++++ b/src/daemon/sandbox/sandbox.cc
+@@ -757,7 +757,8 @@ auto Sandbox::Remove(Errors &error) -> bool
+ 
+     WriteGuard<RWMutex> lock(m_mutex);
+ 
+-    if (!DoStop(DEFAULT_STOP_TIMEOUT, error)) {
++    // Only stop the sandbox when it is running
++    if (IsReady() && !DoStop(DEFAULT_STOP_TIMEOUT, error)) {
+         ERROR("Failed to stop Sandbox before removing, id='%s'", m_id.c_str());
+         return false;
+     }
+-- 
+2.34.1
+
diff --git a/0055-bugfix-for-shim-timeout-exit-error-log-changes.patch b/0055-bugfix-for-shim-timeout-exit-error-log-changes.patch
new file mode 100644
index 0000000..7009560
--- /dev/null
+++ b/0055-bugfix-for-shim-timeout-exit-error-log-changes.patch
@@ -0,0 +1,175 @@
+From 35ffb77f568124e6e7c8fd7b3d021878b92c13f7 Mon Sep 17 00:00:00 2001
+From: zhongtao <zhongtao17@huawei.com>
+Date: Tue, 9 Apr 2024 20:04:33 +0800
+Subject: [PATCH 55/69] bugfix for shim timeout exit error log changes
+
+Signed-off-by: zhongtao <zhongtao17@huawei.com>
+---
+ .../modules/runtime/isula/isula_rt_ops.c      | 55 ++++++++++++-------
+ 1 file changed, 34 insertions(+), 21 deletions(-)
+
+diff --git a/src/daemon/modules/runtime/isula/isula_rt_ops.c b/src/daemon/modules/runtime/isula/isula_rt_ops.c
+index bc3c36c8..1875cf5b 100644
+--- a/src/daemon/modules/runtime/isula/isula_rt_ops.c
++++ b/src/daemon/modules/runtime/isula/isula_rt_ops.c
+@@ -861,6 +861,8 @@ static int shim_create(shim_create_args *args)
+     pid_t pid = 0;
+     int shim_stderr_pipe[2] = { -1, -1 };
+     int shim_stdout_pipe[2] = { -1, -1 };
++    // used to accept exec error msg
++    int exec_err_pipe[2] = {-1, -1};
+     int num = 0;
+     int ret = 0;
+     char exec_buff[BUFSIZ + 1] = { 0 };
+@@ -904,6 +906,11 @@ static int shim_create(shim_create_args *args)
+         return -1;
+     }
+ 
++    if (pipe2(exec_err_pipe, O_CLOEXEC) != 0) {
++        ERROR("Failed to create pipe for exec err");
++        return -1;
++    }
++
+     pid = fork();
+     if (pid < 0) {
+         SYSERROR("Failed fork for shim parent");
+@@ -911,30 +918,32 @@ static int shim_create(shim_create_args *args)
+         close(shim_stderr_pipe[1]);
+         close(shim_stdout_pipe[0]);
+         close(shim_stdout_pipe[1]);
++        close(exec_err_pipe[0]);
++        close(exec_err_pipe[1]);
+         return -1;
+     }
+ 
+     if (pid == (pid_t)0) {
+         if (chdir(args->workdir) < 0) {
+-            (void)dprintf(shim_stderr_pipe[1], "%s: failed chdir to %s", args->id, args->workdir);
++            (void)dprintf(exec_err_pipe[1], "%s: failed chdir to %s", args->id, args->workdir);
+             exit(EXIT_FAILURE);
+         }
+ 
+         //prevent the child process from having the same standard streams as the parent process
+         if (isula_null_stdfds() != 0) {
+-            (void)dprintf(shim_stderr_pipe[1], "failed to set std console to /dev/null");
++            (void)dprintf(exec_err_pipe[1], "failed to set std console to /dev/null");
+             exit(EXIT_FAILURE);           
+         }
+ 
+         if (args->fg) {
+             // child process, dup2 shim_stdout_pipe[1] to STDOUT, get container process exit_code in STDOUT
+             if (dup2(shim_stdout_pipe[1], STDOUT_FILENO) < 0) {
+-                (void)dprintf(shim_stderr_pipe[1], "Dup stdout fd error: %s", strerror(errno));
++                (void)dprintf(exec_err_pipe[1], "Dup stdout fd error: %s", strerror(errno));
+                 exit(EXIT_FAILURE);
+             }
+             // child process, dup2 shim_stderr_pipe[1] to STDERR, get isulad-shim errmsg in STDERR
+             if (dup2(shim_stderr_pipe[1], STDERR_FILENO) < 0) {
+-                (void)dprintf(shim_stderr_pipe[1], "Dup stderr fd error: %s", strerror(errno));
++                (void)dprintf(exec_err_pipe[1], "Dup stderr fd error: %s", strerror(errno));
+                 exit(EXIT_FAILURE);
+             }
+             goto realexec;
+@@ -942,18 +951,18 @@ static int shim_create(shim_create_args *args)
+ 
+         // clear NOTIFY_SOCKET from the env to adapt runc create
+         if (unsetenv("NOTIFY_SOCKET") != 0) {
+-            (void)dprintf(shim_stderr_pipe[1], "%s: unset env NOTIFY_SOCKET failed %s", args->id, strerror(errno));
++            (void)dprintf(exec_err_pipe[1], "%s: unset env NOTIFY_SOCKET failed %s", args->id, strerror(errno));
+             exit(EXIT_FAILURE);
+         }
+ 
+         pid = fork();
+         if (pid < 0) {
+-            (void)dprintf(shim_stderr_pipe[1], "%s: fork shim-process failed %s", args->id, strerror(errno));
++            (void)dprintf(exec_err_pipe[1], "%s: fork shim-process failed %s", args->id, strerror(errno));
+             _exit(EXIT_FAILURE);
+         }
+         if (pid != 0) {
+             if (file_write_int(fpid, pid) != 0) {
+-                (void)dprintf(shim_stderr_pipe[1], "%s: write %s with %d failed", args->id, fpid, pid);
++                (void)dprintf(exec_err_pipe[1], "%s: write %s with %d failed", args->id, fpid, pid);
+             }
+             _exit(EXIT_SUCCESS);
+         }
+@@ -962,35 +971,38 @@ realexec:
+         /* real shim process. */
+         close(shim_stderr_pipe[0]);
+         close(shim_stdout_pipe[0]);
++        close(exec_err_pipe[0]);
+ 
+         if (setsid() < 0) {
+-            (void)dprintf(shim_stderr_pipe[1], "%s: failed setsid for process %d", args->id, getpid());
++            (void)dprintf(exec_err_pipe[1], "%s: failed setsid for process %d", args->id, getpid());
+             exit(EXIT_FAILURE);
+         }
+ 
+         if (util_check_inherited(true, shim_stderr_pipe[1]) != 0) {
+-            (void)dprintf(shim_stderr_pipe[1], "close inherited fds failed");
++            (void)dprintf(exec_err_pipe[1], "close inherited fds failed");
+             exit(EXIT_FAILURE);
+         }
+ 
+         if (setenv(SHIIM_LOG_PATH_ENV, engine_log_path, 1) != 0) {
+-            (void)dprintf(shim_stderr_pipe[1], "%s: failed to set SHIIM_LOG_PATH_ENV for process %d", args->id, getpid());
++            (void)dprintf(exec_err_pipe[1], "%s: failed to set SHIIM_LOG_PATH_ENV for process %d", args->id, getpid());
+             exit(EXIT_FAILURE);
+         }
+ 
+         if (setenv(SHIIM_LOG_LEVEL_ENV, log_level, 1) != 0) {
+-            (void)dprintf(shim_stderr_pipe[1], "%s: failed to set SHIIM_LOG_LEVEL_ENV env for process %d", args->id, getpid());
++            (void)dprintf(exec_err_pipe[1], "%s: failed to set SHIIM_LOG_LEVEL_ENV env for process %d", args->id, getpid());
+             exit(EXIT_FAILURE);
+         }
+ 
+         execvp(SHIM_BINARY, (char * const *)params);
+-        (void)dprintf(shim_stderr_pipe[1], "run process: %s failed: %s", SHIM_BINARY, strerror(errno));
++        (void)dprintf(exec_err_pipe[1], "run process: %s failed: %s", SHIM_BINARY, strerror(errno));
+         exit(EXIT_FAILURE);
+     }
+ 
+     close(shim_stderr_pipe[1]);
+     close(shim_stdout_pipe[1]);
+-    num = util_read_nointr(shim_stderr_pipe[0], exec_buff, sizeof(exec_buff) - 1);
++    close(exec_err_pipe[1]);
++    num = util_read_nointr(exec_err_pipe[0], exec_buff, sizeof(exec_buff) - 1);
++    close(exec_err_pipe[0]);
+ 
+     status = util_wait_for_pid_status(pid);
+     if (status < 0) {
+@@ -1035,8 +1047,10 @@ realexec:
+ out:
+     close(shim_stdout_pipe[0]);
+     if (ret != 0) {
+-        show_runtime_errlog(args->workdir);
+         show_shim_errlog(shim_stderr_pipe[0]);
++        // Since users are more concerned about runtime error information, 
++        // the runtime log will overwrite the shim log if it exists.
++        show_runtime_errlog(args->workdir);
+         if (args->timeout != NULL) {
+             kill(pid, SIGKILL); /* can kill other process? */
+         }
+@@ -1491,14 +1505,13 @@ int rt_isula_exec(const char *id, const char *runtime, const rt_exec_params_t *p
+     args.exit_code = exit_code;
+     args.timeout = timeout;
+     ret = shim_create(&args);
+-    if (args.shim_exit_code == SHIM_EXIT_TIMEOUT) {
+-        ret = -1;
+-        isulad_set_error_message("Exec container error;exec timeout");
+-        ERROR("isulad-shim %d exit for execing timeout", pid);
+-        goto errlog_out;
+-    }
+     if (ret != 0) {
+-        ERROR("%s: failed create shim process for exec %s", id, exec_id);
++        if (args.shim_exit_code == SHIM_EXIT_TIMEOUT) {
++            isulad_set_error_message("Exec container error;exec timeout");
++            ERROR("isulad-shim %d exit for execing timeout", pid);
++        } else {
++            ERROR("%s: failed create shim process for exec %s", id, exec_id);
++        }
+         goto errlog_out;
+     }
+ 
+-- 
+2.34.1
+
diff --git a/0056-bugfix-for-the-pre-created-pipe-was-not-closed-when-.patch b/0056-bugfix-for-the-pre-created-pipe-was-not-closed-when-.patch
new file mode 100644
index 0000000..607f721
--- /dev/null
+++ b/0056-bugfix-for-the-pre-created-pipe-was-not-closed-when-.patch
@@ -0,0 +1,36 @@
+From e8ba4368f4be369f99d7da6fc04dcbe173985cd0 Mon Sep 17 00:00:00 2001
+From: zhongtao <zhongtao17@huawei.com>
+Date: Fri, 12 Apr 2024 14:42:05 +0800
+Subject: [PATCH 56/69] bugfix for the pre-created pipe was not closed when the
+ pipe creation failed
+
+Signed-off-by: zhongtao <zhongtao17@huawei.com>
+---
+ src/daemon/modules/runtime/isula/isula_rt_ops.c | 6 ++++++
+ 1 file changed, 6 insertions(+)
+
+diff --git a/src/daemon/modules/runtime/isula/isula_rt_ops.c b/src/daemon/modules/runtime/isula/isula_rt_ops.c
+index 1875cf5b..47a14b1d 100644
+--- a/src/daemon/modules/runtime/isula/isula_rt_ops.c
++++ b/src/daemon/modules/runtime/isula/isula_rt_ops.c
+@@ -903,11 +903,17 @@ static int shim_create(shim_create_args *args)
+ 
+     if (pipe2(shim_stdout_pipe, O_CLOEXEC) != 0) {
+         ERROR("Failed to create pipe for shim stdout");
++        close(shim_stderr_pipe[0]);
++        close(shim_stderr_pipe[1]);
+         return -1;
+     }
+ 
+     if (pipe2(exec_err_pipe, O_CLOEXEC) != 0) {
+         ERROR("Failed to create pipe for exec err");
++        close(shim_stderr_pipe[0]);
++        close(shim_stderr_pipe[1]);
++        close(shim_stdout_pipe[0]);
++        close(shim_stdout_pipe[1]);
+         return -1;
+     }
+ 
+-- 
+2.34.1
+
diff --git a/0057-add-debug-msg-info-in-image_load.sh.patch b/0057-add-debug-msg-info-in-image_load.sh.patch
new file mode 100644
index 0000000..81f61c8
--- /dev/null
+++ b/0057-add-debug-msg-info-in-image_load.sh.patch
@@ -0,0 +1,26 @@
+From c3f7cf2a54188e5fc890a8d23b95254ac69cfa52 Mon Sep 17 00:00:00 2001
+From: zhongtao <zhongtao17@huawei.com>
+Date: Fri, 12 Apr 2024 15:23:07 +0800
+Subject: [PATCH 57/69] add debug msg info in image_load.sh
+
+Signed-off-by: zhongtao <zhongtao17@huawei.com>
+---
+ CI/test_cases/image_cases/image_load.sh | 2 ++
+ 1 file changed, 2 insertions(+)
+
+diff --git a/CI/test_cases/image_cases/image_load.sh b/CI/test_cases/image_cases/image_load.sh
+index a2cada5f..d50b3203 100755
+--- a/CI/test_cases/image_cases/image_load.sh
++++ b/CI/test_cases/image_cases/image_load.sh
+@@ -103,6 +103,8 @@ function test_concurrent_load()
+       [[ $? -ne 0 ]] && msg_err "${FUNCNAME[0]}:${LINENO} - fail to do isulad load $i" && ((ret++))
+   done
+ 
++  tail -n 50 /var/lib/isulad/isulad.log
++
+   ubuntu_id=`isula inspect -f '{{.image.id}}' ubuntu`
+   [[ $? -ne 0 ]] && msg_err "${FUNCNAME[0]}:${LINENO} - fail to inspect image: ubuntu" && ((ret++))
+ 
+-- 
+2.34.1
+
diff --git a/0058-empty-pointer-check-in-lcr_rt_ops.patch b/0058-empty-pointer-check-in-lcr_rt_ops.patch
new file mode 100644
index 0000000..1cbe4b2
--- /dev/null
+++ b/0058-empty-pointer-check-in-lcr_rt_ops.patch
@@ -0,0 +1,214 @@
+From ea1bc00c894a3717ea375f5ff40c3eb05447ae17 Mon Sep 17 00:00:00 2001
+From: jikai <jikai11@huawei.com>
+Date: Sat, 13 Apr 2024 14:07:33 +0000
+Subject: [PATCH 58/69] empty pointer check in lcr_rt_ops
+
+Signed-off-by: jikai <jikai11@huawei.com>
+---
+ .../modules/runtime/engines/lcr/lcr_rt_ops.c  | 84 ++++++++++++++++++-
+ 1 file changed, 81 insertions(+), 3 deletions(-)
+
+diff --git a/src/daemon/modules/runtime/engines/lcr/lcr_rt_ops.c b/src/daemon/modules/runtime/engines/lcr/lcr_rt_ops.c
+index 978da079..a89d0375 100644
+--- a/src/daemon/modules/runtime/engines/lcr/lcr_rt_ops.c
++++ b/src/daemon/modules/runtime/engines/lcr/lcr_rt_ops.c
+@@ -53,6 +53,11 @@ int rt_lcr_create(const char *name, const char *runtime, const rt_create_params_
+     char *runtime_root = NULL;
+     struct engine_operation *engine_ops = NULL;
+ 
++    if (name == NULL || runtime == NULL || params == NULL) {
++        ERROR("Nullptr arguments not allowed");
++        return -1;
++    }
++
+     if (conf_get_systemd_cgroup()) {
+         ERROR("Systemd cgroup not supported for lcr runtime");
+         isulad_set_error_message("Systemd cgroup not supported for lcr runtime");
+@@ -129,6 +134,11 @@ int rt_lcr_start(const char *name, const char *runtime, const rt_start_params_t
+     struct engine_operation *engine_ops = NULL;
+     engine_start_request_t request = { 0 };
+ 
++    if (name == NULL || runtime == NULL || params == NULL || pid_info == NULL) {
++        ERROR("Nullptr arguments not allowed");
++        return -1;
++    }
++
+     engine_ops = engines_get_handler(runtime);
+     if (engine_ops == NULL || engine_ops->engine_start_op == NULL) {
+         ERROR("Failed to get engine start operations");
+@@ -183,6 +193,11 @@ int rt_lcr_clean_resource(const char *name, const char *runtime, const rt_clean_
+     int ret = 0;
+     struct engine_operation *engine_ops = NULL;
+ 
++    if (name == NULL || runtime == NULL || params == NULL) {
++        ERROR("Nullptr arguments not allowed");
++        return -1;
++    }
++
+     engine_ops = engines_get_handler(runtime);
+     if (engine_ops == NULL || engine_ops->engine_clean_op == NULL) {
+         ERROR("Failed to get engine clean operations");
+@@ -236,6 +251,15 @@ int rt_lcr_rm(const char *name, const char *runtime, const rt_rm_params_t *param
+     int ret = 0;
+     struct engine_operation *engine_ops = NULL;
+ 
++    if (name == NULL || runtime == NULL || params == NULL) {
++        ERROR("Nullptr arguments not allowed");
++        return -1;
++    }
++    if (params->rootpath == NULL) {
++        ERROR("Missing root path");
++        return -1;
++    }
++
+     engine_ops = engines_get_handler(runtime);
+     if (engine_ops == NULL || engine_ops->engine_delete_op == NULL) {
+         // if engine_ops is NULL, container root path may have been corrupted, try to remove by daemon
+@@ -284,6 +308,11 @@ int rt_lcr_status(const char *name, const char *runtime, const rt_status_params_
+     int nret = 0;
+     struct engine_operation *engine_ops = NULL;
+ 
++    if (name == NULL || runtime == NULL || params == NULL || status == NULL) {
++        ERROR("Nullptr arguments not allowed");
++        return -1;
++    }
++
+     engine_ops = engines_get_handler(runtime);
+     if (engine_ops == NULL || engine_ops->engine_get_container_status_op == NULL) {
+         ERROR("Failed to get engine status operations");
+@@ -322,6 +351,11 @@ int rt_lcr_resources_stats(const char *name, const char *runtime, const rt_stats
+     int nret = 0;
+     struct engine_operation *engine_ops = NULL;
+ 
++    if (name == NULL || runtime == NULL || params == NULL || rs_stats == NULL) {
++        ERROR("Nullptr arguments not allowed");
++        return -1;
++    }
++
+     engine_ops = engines_get_handler(runtime);
+     if (engine_ops == NULL || engine_ops->engine_get_container_resources_stats_op == NULL) {
+         ERROR("Failed to get engine stats operations");
+@@ -451,6 +485,11 @@ int rt_lcr_exec(const char *id, const char *runtime, const rt_exec_params_t *par
+     char *user = NULL;
+     char *add_gids = NULL;
+ 
++    if (id == NULL || runtime == NULL || params == NULL || exit_code == NULL) {
++        ERROR("Nullptr arguments not allowed");
++        return -1;
++    }
++
+     engine_ops = engines_get_handler(runtime);
+     if (engine_ops == NULL || engine_ops->engine_exec_op == NULL) {
+         DEBUG("Failed to get engine exec operations");
+@@ -519,6 +558,11 @@ int rt_lcr_pause(const char *name, const char *runtime, const rt_pause_params_t
+     int ret = 0;
+     struct engine_operation *engine_ops = NULL;
+ 
++    if (name == NULL || runtime == NULL || params == NULL) {
++        ERROR("Nullptr arguments not allowed");
++        return -1;
++    }
++
+     engine_ops = engines_get_handler(runtime);
+     if (engine_ops == NULL || engine_ops->engine_pause_op == NULL) {
+         DEBUG("Failed to get engine pause operations");
+@@ -549,6 +593,11 @@ int rt_lcr_resume(const char *name, const char *runtime, const rt_resume_params_
+     int ret = 0;
+     struct engine_operation *engine_ops = NULL;
+ 
++    if (name == NULL || runtime == NULL || params == NULL) {
++        ERROR("Nullptr arguments not allowed");
++        return -1;
++    }
++
+     engine_ops = engines_get_handler(runtime);
+     if (engine_ops == NULL || engine_ops->engine_resume_op == NULL) {
+         DEBUG("Failed to get engine resume operations");
+@@ -579,6 +628,11 @@ int rt_lcr_attach(const char *name, const char *runtime, const rt_attach_params_
+     int ret = 0;
+     struct engine_operation *engine_ops = NULL;
+ 
++    if (name == NULL || runtime == NULL || params == NULL) {
++        ERROR("Null argument");
++        return -1;
++    }
++
+     engine_ops = engines_get_handler(runtime);
+     if (engine_ops == NULL || engine_ops->engine_console_op == NULL) {
+         DEBUG("Failed to get engine attach operations");
+@@ -641,6 +695,11 @@ int rt_lcr_update(const char *id, const char *runtime, const rt_update_params_t
+     struct engine_operation *engine_ops = NULL;
+     struct engine_cgroup_resources cr = { 0 };
+ 
++    if (id == NULL || runtime == NULL || params == NULL) {
++        ERROR("Nullptr arguments not allowed");
++        return -1;
++    }
++
+     engine_ops = engines_get_handler(runtime);
+     if (engine_ops == NULL || engine_ops->engine_update_op == NULL) {
+         DEBUG("Failed to get engine update operations");
+@@ -673,10 +732,9 @@ int rt_lcr_listpids(const char *name, const char *runtime, const rt_listpids_par
+     int ret = 0;
+     struct engine_operation *engine_ops = NULL;
+ 
+-    if (out == NULL) {
++    if (name == NULL || runtime == NULL || params == NULL || out == NULL) {
+         ERROR("Invalid arguments");
+-        ret = -1;
+-        goto out;
++        return -1;
+     }
+ 
+     engine_ops = engines_get_handler(runtime);
+@@ -709,6 +767,11 @@ int rt_lcr_resize(const char *id, const char *runtime, const rt_resize_params_t
+     int ret = 0;
+     struct engine_operation *engine_ops = NULL;
+ 
++    if (id == NULL || runtime == NULL || params == NULL) {
++        ERROR("Invalid arguments");
++        return -1;
++    }
++
+     engine_ops = engines_get_handler(runtime);
+     if (engine_ops == NULL || engine_ops->engine_resize_op == NULL) {
+         DEBUG("Failed to get engine resume operations");
+@@ -740,6 +803,11 @@ int rt_lcr_exec_resize(const char *id, const char *runtime, const rt_exec_resize
+     int ret = 0;
+     struct engine_operation *engine_ops = NULL;
+ 
++    if (id == NULL || runtime == NULL || params == NULL) {
++        ERROR("Nullptr arguments not allowed");
++        return -1;
++    }
++
+     engine_ops = engines_get_handler(runtime);
+     if (engine_ops == NULL || engine_ops->engine_resize_op == NULL) {
+         DEBUG("Failed to get engine resume operations");
+@@ -767,6 +835,11 @@ out:
+ 
+ int rt_lcr_kill(const char *id, const char *runtime, const rt_kill_params_t *params)
+ {
++    if (id == NULL || runtime == NULL || params == NULL || params->pid < 0) {
++        ERROR("Invalid arguments not allowed");
++        return -1;
++    }
++
+     if (util_process_alive(params->pid, params->start_time) == false) {
+         if (params->signal == params->stop_signal || params->signal == SIGKILL) {
+             WARN("Process %d is not alive", params->pid);
+@@ -798,6 +871,11 @@ int rt_lcr_rebuild_config(const char *name, const char *runtime, const rt_rebuil
+     oci_runtime_spec *oci_spec = NULL;
+     __isula_auto_free parser_error err = NULL;
+ 
++    if (name == NULL || runtime == NULL || params == NULL) {
++        ERROR("Invalid arguments not allowed");
++        return -1;
++    }
++
+     engine_ops = engines_get_handler(runtime);
+     if (engine_ops == NULL || engine_ops->engine_create_op == NULL) {
+         ERROR("Failed to get engine rebuild config operations");
+-- 
+2.34.1
+
diff --git a/0059-modify-some-grpc-status-codes-of-cri-in-case-of-erro.patch b/0059-modify-some-grpc-status-codes-of-cri-in-case-of-erro.patch
new file mode 100644
index 0000000..1153418
--- /dev/null
+++ b/0059-modify-some-grpc-status-codes-of-cri-in-case-of-erro.patch
@@ -0,0 +1,315 @@
+From 628f4ceb329e16991ed33d3a460bcf8f5542ba99 Mon Sep 17 00:00:00 2001
+From: jikai <jikai11@huawei.com>
+Date: Mon, 8 Apr 2024 09:30:04 +0000
+Subject: [PATCH 59/69] modify some grpc status codes of cri in case of error
+
+Signed-off-by: jikai <jikai11@huawei.com>
+---
+ .../cri/v1/cri_v1_runtime_runtime_service.cc  | 41 +++++++++++++------
+ .../cri/v1/cri_v1_runtime_runtime_service.h   |  3 ++
+ .../v1alpha/cri_runtime_runtime_service.cc    | 41 +++++++++++++------
+ .../cri/v1alpha/cri_runtime_runtime_service.h |  2 +
+ 4 files changed, 63 insertions(+), 24 deletions(-)
+
+diff --git a/src/daemon/entry/connect/grpc/cri/v1/cri_v1_runtime_runtime_service.cc b/src/daemon/entry/connect/grpc/cri/v1/cri_v1_runtime_runtime_service.cc
+index e2591ce0..fb5aad3c 100644
+--- a/src/daemon/entry/connect/grpc/cri/v1/cri_v1_runtime_runtime_service.cc
++++ b/src/daemon/entry/connect/grpc/cri/v1/cri_v1_runtime_runtime_service.cc
+@@ -50,6 +50,23 @@ static void cri_container_topic_release(void *arg)
+     delete resp;
+ }
+ 
++grpc::Status RuntimeV1RuntimeServiceImpl::ToGRPCStatus(Errors &error)
++{
++    if (error.Empty()) {
++        return grpc::Status::OK;
++    }
++    if (error.GetMessage().find("Failed to find") != std::string::npos) {
++        return grpc::Status(grpc::StatusCode::NOT_FOUND, error.GetMessage());
++    }
++
++    // Attach exceeded timeout for lxc and Exec container error;exec timeout for runc
++    if (error.GetMessage().find("Attach exceeded timeout") != std::string::npos
++        || error.GetMessage().find("Exec container error;exec timeout") != std::string::npos) {
++        return grpc::Status(grpc::StatusCode::DEADLINE_EXCEEDED, error.GetMessage());
++    }
++    return grpc::Status(grpc::StatusCode::UNKNOWN, error.GetMessage());
++}
++
+ void RuntimeV1RuntimeServiceImpl::Init(std::string &podSandboxImage,
+                                        std::shared_ptr<Network::PluginManager> networkPlugin,
+                                        bool enablePodEvents, Errors &err)
+@@ -167,7 +184,7 @@ grpc::Status RuntimeV1RuntimeServiceImpl::CreateContainer(grpc::ServerContext *c
+         m_rService->CreateContainer(request->pod_sandbox_id(), request->config(), request->sandbox_config(), error);
+     if (!error.Empty() || responseID.empty()) {
+         ERROR("Object: CRI, Type: Failed to create container");
+-        return grpc::Status(grpc::StatusCode::UNKNOWN, error.GetMessage());
++        return ToGRPCStatus(error);
+     }
+     reply->set_container_id(responseID);
+ 
+@@ -192,7 +209,7 @@ grpc::Status RuntimeV1RuntimeServiceImpl::StartContainer(grpc::ServerContext *co
+     m_rService->StartContainer(request->container_id(), error);
+     if (!error.Empty()) {
+         ERROR("Object: CRI, Type: Failed to start container %s", request->container_id().c_str());
+-        return grpc::Status(grpc::StatusCode::UNKNOWN, error.GetMessage());
++        return ToGRPCStatus(error);
+     }
+ 
+     EVENT("Event: {Object: CRI, Type: Started Container: %s}", request->container_id().c_str());
+@@ -216,7 +233,7 @@ grpc::Status RuntimeV1RuntimeServiceImpl::StopContainer(grpc::ServerContext *con
+     m_rService->StopContainer(request->container_id(), (int64_t)request->timeout(), error);
+     if (!error.Empty()) {
+         ERROR("Object: CRI, Type: Failed to stop container %s", request->container_id().c_str());
+-        return grpc::Status(grpc::StatusCode::UNKNOWN, error.GetMessage());
++        return ToGRPCStatus(error);
+     }
+ 
+     EVENT("Event: {Object: CRI, Type: Stopped Container: %s}", request->container_id().c_str());
+@@ -240,7 +257,7 @@ grpc::Status RuntimeV1RuntimeServiceImpl::RemoveContainer(grpc::ServerContext *c
+     m_rService->RemoveContainer(request->container_id(), error);
+     if (!error.Empty()) {
+         ERROR("Object: CRI, Type: Failed to remove container %s", request->container_id().c_str());
+-        return grpc::Status(grpc::StatusCode::UNKNOWN, error.GetMessage());
++        return ToGRPCStatus(error);
+     }
+ 
+     EVENT("Event: {Object: CRI, Type: Removed Container: %s}", request->container_id().c_str());
+@@ -359,7 +376,7 @@ grpc::Status RuntimeV1RuntimeServiceImpl::ContainerStatus(grpc::ServerContext *c
+         m_rService->ContainerStatus(request->container_id(), error);
+     if (!error.Empty() || !contStatus) {
+         ERROR("Object: CRI, Type: Failed to get container status %s", request->container_id().c_str());
+-        return grpc::Status(grpc::StatusCode::UNKNOWN, error.GetMessage());
++        return ToGRPCStatus(error);
+     }
+     *(reply->mutable_status()) = *contStatus;
+ 
+@@ -384,7 +401,7 @@ grpc::Status RuntimeV1RuntimeServiceImpl::ExecSync(grpc::ServerContext *context,
+     m_rService->ExecSync(request->container_id(), request->cmd(), request->timeout(), reply, error);
+     if (!error.Empty()) {
+         ERROR("Object: CRI, Type: Failed to sync exec container: %s", request->container_id().c_str());
+-        return grpc::Status(grpc::StatusCode::UNKNOWN, error.GetMessage());
++        return ToGRPCStatus(error);
+     }
+ 
+     WARN("Event: {Object: CRI, Type: sync execed Container: %s}", request->container_id().c_str());
+@@ -437,7 +454,7 @@ grpc::Status RuntimeV1RuntimeServiceImpl::StopPodSandbox(grpc::ServerContext *co
+     if (!error.Empty()) {
+         ERROR("Object: CRI, Type: Failed to stop pod:%s due to %s", request->pod_sandbox_id().c_str(),
+               error.GetMessage().c_str());
+-        return grpc::Status(grpc::StatusCode::UNKNOWN, error.GetMessage());
++        return ToGRPCStatus(error);
+     }
+ 
+     EVENT("Event: {Object: CRI, Type: Stopped Pod: %s}", request->pod_sandbox_id().c_str());
+@@ -462,7 +479,7 @@ grpc::Status RuntimeV1RuntimeServiceImpl::RemovePodSandbox(grpc::ServerContext *
+     if (!error.Empty()) {
+         ERROR("Object: CRI, Type: Failed to remove pod:%s due to %s", request->pod_sandbox_id().c_str(),
+               error.GetMessage().c_str());
+-        return grpc::Status(grpc::StatusCode::UNKNOWN, error.GetMessage());
++        return ToGRPCStatus(error);
+     }
+ 
+     EVENT("Event: {Object: CRI, Type: Removed Pod: %s}", request->pod_sandbox_id().c_str());
+@@ -487,7 +504,7 @@ grpc::Status RuntimeV1RuntimeServiceImpl::PodSandboxStatus(grpc::ServerContext *
+     if (!error.Empty()) {
+         ERROR("Object: CRI, Type: Failed to status pod:%s due to %s", request->pod_sandbox_id().c_str(),
+               error.GetMessage().c_str());
+-        return grpc::Status(grpc::StatusCode::UNKNOWN, error.GetMessage());
++        return ToGRPCStatus(error);
+     }
+ 
+     INFO("Event: {Object: CRI, Type: Statused Pod: %s}", request->pod_sandbox_id().c_str());
+@@ -608,7 +625,7 @@ RuntimeV1RuntimeServiceImpl::UpdateContainerResources(grpc::ServerContext *conte
+     if (error.NotEmpty()) {
+         ERROR("Object: CRI, Type: Failed to update container:%s due to %s", request->container_id().c_str(),
+               error.GetMessage().c_str());
+-        return grpc::Status(grpc::StatusCode::UNKNOWN, error.GetMessage());
++        return ToGRPCStatus(error);
+     }
+ 
+     WARN("Event: {Object: CRI, Type: Updated container resources: %s}", request->container_id().c_str());
+@@ -633,7 +650,7 @@ grpc::Status RuntimeV1RuntimeServiceImpl::Exec(grpc::ServerContext *context,
+     if (!error.Empty()) {
+         ERROR("Object: CRI, Type: Failed to exec container:%s due to %s", request->container_id().c_str(),
+               error.GetMessage().c_str());
+-        return grpc::Status(grpc::StatusCode::UNKNOWN, error.GetMessage());
++        return ToGRPCStatus(error);
+     }
+ 
+     EVENT("Event: {Object: CRI, Type: execed Container: %s}", request->container_id().c_str());
+@@ -658,7 +675,7 @@ grpc::Status RuntimeV1RuntimeServiceImpl::Attach(grpc::ServerContext *context,
+     if (!error.Empty()) {
+         ERROR("Object: CRI, Type: Failed to attach container:%s due to %s", request->container_id().c_str(),
+               error.GetMessage().c_str());
+-        return grpc::Status(grpc::StatusCode::UNKNOWN, error.GetMessage());
++        return ToGRPCStatus(error);
+     }
+ 
+     EVENT("Event: {Object: CRI, Type: attched Container: %s}", request->container_id().c_str());
+diff --git a/src/daemon/entry/connect/grpc/cri/v1/cri_v1_runtime_runtime_service.h b/src/daemon/entry/connect/grpc/cri/v1/cri_v1_runtime_runtime_service.h
+index 842d1811..1cf375a4 100644
+--- a/src/daemon/entry/connect/grpc/cri/v1/cri_v1_runtime_runtime_service.h
++++ b/src/daemon/entry/connect/grpc/cri/v1/cri_v1_runtime_runtime_service.h
+@@ -114,6 +114,9 @@ public:
+                                     grpc::ServerWriter<runtime::v1::ContainerEventResponse> *writer) override;
+ 
+ private:
++
++    grpc::Status ToGRPCStatus(Errors &error);
++
+     std::unique_ptr<CRIV1::CRIRuntimeService> m_rService;
+     bool m_enablePodEvents;
+ };
+diff --git a/src/daemon/entry/connect/grpc/cri/v1alpha/cri_runtime_runtime_service.cc b/src/daemon/entry/connect/grpc/cri/v1alpha/cri_runtime_runtime_service.cc
+index 5e85702c..1c83f4ca 100644
+--- a/src/daemon/entry/connect/grpc/cri/v1alpha/cri_runtime_runtime_service.cc
++++ b/src/daemon/entry/connect/grpc/cri/v1alpha/cri_runtime_runtime_service.cc
+@@ -23,6 +23,23 @@
+ 
+ using namespace CRI;
+ 
++grpc::Status RuntimeRuntimeServiceImpl::ToGRPCStatus(Errors &error)
++{
++    if (error.Empty()) {
++        return grpc::Status::OK;
++    }
++    if (error.GetMessage().find("Failed to find") != std::string::npos) {
++        return grpc::Status(grpc::StatusCode::NOT_FOUND, error.GetMessage());
++    }
++
++    // Attach exceeded timeout for lxc and Exec container error;exec timeout for runc
++    if (error.GetMessage().find("Attach exceeded timeout") != std::string::npos
++        || error.GetMessage().find("Exec container error;exec timeout") != std::string::npos) {
++        return grpc::Status(grpc::StatusCode::DEADLINE_EXCEEDED, error.GetMessage());
++    }
++    return grpc::Status(grpc::StatusCode::UNKNOWN, error.GetMessage());
++}
++
+ void RuntimeRuntimeServiceImpl::Init(std::string &podSandboxImage,
+                                      std::shared_ptr<Network::PluginManager> networkPlugin, Errors &err)
+ {
+@@ -80,7 +97,7 @@ grpc::Status RuntimeRuntimeServiceImpl::CreateContainer(grpc::ServerContext *con
+         m_rService->CreateContainer(request->pod_sandbox_id(), request->config(), request->sandbox_config(), error);
+     if (!error.Empty() || responseID.empty()) {
+         ERROR("Object: CRI, Type: Failed to create container");
+-        return grpc::Status(grpc::StatusCode::UNKNOWN, error.GetMessage());
++        return ToGRPCStatus(error);
+     }
+     reply->set_container_id(responseID);
+ 
+@@ -105,7 +122,7 @@ grpc::Status RuntimeRuntimeServiceImpl::StartContainer(grpc::ServerContext *cont
+     m_rService->StartContainer(request->container_id(), error);
+     if (!error.Empty()) {
+         ERROR("Object: CRI, Type: Failed to start container %s", request->container_id().c_str());
+-        return grpc::Status(grpc::StatusCode::UNKNOWN, error.GetMessage());
++        return ToGRPCStatus(error);
+     }
+ 
+     EVENT("Event: {Object: CRI, Type: Started Container: %s}", request->container_id().c_str());
+@@ -129,7 +146,7 @@ grpc::Status RuntimeRuntimeServiceImpl::StopContainer(grpc::ServerContext *conte
+     m_rService->StopContainer(request->container_id(), (int64_t)request->timeout(), error);
+     if (!error.Empty()) {
+         ERROR("Object: CRI, Type: Failed to stop container %s", request->container_id().c_str());
+-        return grpc::Status(grpc::StatusCode::UNKNOWN, error.GetMessage());
++        return ToGRPCStatus(error);
+     }
+ 
+     EVENT("Event: {Object: CRI, Type: Stopped Container: %s}", request->container_id().c_str());
+@@ -153,7 +170,7 @@ grpc::Status RuntimeRuntimeServiceImpl::RemoveContainer(grpc::ServerContext *con
+     m_rService->RemoveContainer(request->container_id(), error);
+     if (!error.Empty()) {
+         ERROR("Object: CRI, Type: Failed to remove container %s", request->container_id().c_str());
+-        return grpc::Status(grpc::StatusCode::UNKNOWN, error.GetMessage());
++        return ToGRPCStatus(error);
+     }
+ 
+     EVENT("Event: {Object: CRI, Type: Removed Container: %s}", request->container_id().c_str());
+@@ -272,7 +289,7 @@ grpc::Status RuntimeRuntimeServiceImpl::ContainerStatus(grpc::ServerContext *con
+         m_rService->ContainerStatus(request->container_id(), error);
+     if (!error.Empty() || !contStatus) {
+         ERROR("Object: CRI, Type: Failed to get container status %s", request->container_id().c_str());
+-        return grpc::Status(grpc::StatusCode::UNKNOWN, error.GetMessage());
++        return ToGRPCStatus(error);
+     }
+     *(reply->mutable_status()) = *contStatus;
+ 
+@@ -297,7 +314,7 @@ grpc::Status RuntimeRuntimeServiceImpl::ExecSync(grpc::ServerContext *context,
+     m_rService->ExecSync(request->container_id(), request->cmd(), request->timeout(), reply, error);
+     if (!error.Empty()) {
+         ERROR("Object: CRI, Type: Failed to sync exec container: %s", request->container_id().c_str());
+-        return grpc::Status(grpc::StatusCode::UNKNOWN, error.GetMessage());
++        return ToGRPCStatus(error);
+     }
+ 
+     WARN("Event: {Object: CRI, Type: sync execed Container: %s}", request->container_id().c_str());
+@@ -351,7 +368,7 @@ grpc::Status RuntimeRuntimeServiceImpl::StopPodSandbox(grpc::ServerContext *cont
+     if (!error.Empty()) {
+         ERROR("Object: CRI, Type: Failed to stop pod:%s due to %s", request->pod_sandbox_id().c_str(),
+               error.GetMessage().c_str());
+-        return grpc::Status(grpc::StatusCode::UNKNOWN, error.GetMessage());
++        return ToGRPCStatus(error);
+     }
+ 
+     EVENT("Event: {Object: CRI, Type: Stopped Pod: %s}", request->pod_sandbox_id().c_str());
+@@ -376,7 +393,7 @@ grpc::Status RuntimeRuntimeServiceImpl::RemovePodSandbox(grpc::ServerContext *co
+     if (!error.Empty()) {
+         ERROR("Object: CRI, Type: Failed to remove pod:%s due to %s", request->pod_sandbox_id().c_str(),
+               error.GetMessage().c_str());
+-        return grpc::Status(grpc::StatusCode::UNKNOWN, error.GetMessage());
++        return ToGRPCStatus(error);
+     }
+ 
+     EVENT("Event: {Object: CRI, Type: Removed Pod: %s}", request->pod_sandbox_id().c_str());
+@@ -402,7 +419,7 @@ grpc::Status RuntimeRuntimeServiceImpl::PodSandboxStatus(grpc::ServerContext *co
+     if (!error.Empty() || !podStatus) {
+         ERROR("Object: CRI, Type: Failed to status pod:%s due to %s", request->pod_sandbox_id().c_str(),
+               error.GetMessage().c_str());
+-        return grpc::Status(grpc::StatusCode::UNKNOWN, error.GetMessage());
++        return ToGRPCStatus(error);
+     }
+     *(reply->mutable_status()) = *podStatus;
+ 
+@@ -523,7 +540,7 @@ RuntimeRuntimeServiceImpl::UpdateContainerResources(grpc::ServerContext *context
+     if (error.NotEmpty()) {
+         ERROR("Object: CRI, Type: Failed to update container:%s due to %s", request->container_id().c_str(),
+               error.GetMessage().c_str());
+-        return grpc::Status(grpc::StatusCode::UNKNOWN, error.GetMessage());
++        return ToGRPCStatus(error);
+     }
+ 
+     WARN("Event: {Object: CRI, Type: Updated container resources: %s}", request->container_id().c_str());
+@@ -548,7 +565,7 @@ grpc::Status RuntimeRuntimeServiceImpl::Exec(grpc::ServerContext *context,
+     if (!error.Empty()) {
+         ERROR("Object: CRI, Type: Failed to exec container:%s due to %s", request->container_id().c_str(),
+               error.GetMessage().c_str());
+-        return grpc::Status(grpc::StatusCode::UNKNOWN, error.GetMessage());
++        return ToGRPCStatus(error);
+     }
+ 
+     EVENT("Event: {Object: CRI, Type: execed Container: %s}", request->container_id().c_str());
+@@ -573,7 +590,7 @@ grpc::Status RuntimeRuntimeServiceImpl::Attach(grpc::ServerContext *context,
+     if (!error.Empty()) {
+         ERROR("Object: CRI, Type: Failed to attach container:%s due to %s", request->container_id().c_str(),
+               error.GetMessage().c_str());
+-        return grpc::Status(grpc::StatusCode::UNKNOWN, error.GetMessage());
++        return ToGRPCStatus(error);
+     }
+ 
+     EVENT("Event: {Object: CRI, Type: attched Container: %s}", request->container_id().c_str());
+diff --git a/src/daemon/entry/connect/grpc/cri/v1alpha/cri_runtime_runtime_service.h b/src/daemon/entry/connect/grpc/cri/v1alpha/cri_runtime_runtime_service.h
+index e0f75897..210e67cc 100644
+--- a/src/daemon/entry/connect/grpc/cri/v1alpha/cri_runtime_runtime_service.h
++++ b/src/daemon/entry/connect/grpc/cri/v1alpha/cri_runtime_runtime_service.h
+@@ -103,6 +103,8 @@ public:
+                         runtime::v1alpha2::StatusResponse *reply) override;
+ 
+ private:
++    grpc::Status ToGRPCStatus(Errors &err);
++
+     std::unique_ptr<CRI::CRIRuntimeService> m_rService;
+ };
+ 
+-- 
+2.34.1
+
diff --git a/0060-cdi-return-int-instead-of-error-string.patch b/0060-cdi-return-int-instead-of-error-string.patch
new file mode 100644
index 0000000..e2ebc9b
--- /dev/null
+++ b/0060-cdi-return-int-instead-of-error-string.patch
@@ -0,0 +1,363 @@
+From e7b94411b174c8445d9bdc84ec6c94b5d4343470 Mon Sep 17 00:00:00 2001
+From: liuxu <liuxu156@huawei.com>
+Date: Mon, 15 Apr 2024 15:38:57 +0800
+Subject: [PATCH 60/69] cdi:return int instead of error string
+
+---
+ src/daemon/modules/api/cdi_operate_api.h         |  7 ++++---
+ .../device/cdi/behavior/cdi_container_edits.c    | 12 ++++++------
+ .../device/cdi/behavior/cdi_container_edits.h    |  6 +++---
+ .../modules/device/cdi/behavior/cdi_device.c     |  2 +-
+ .../modules/device/cdi/behavior/cdi_device.h     |  2 +-
+ .../modules/device/cdi/behavior/cdi_spec.c       |  2 +-
+ .../modules/device/cdi/behavior/cdi_spec.h       |  2 +-
+ .../modules/device/cdi/behavior/cdi_spec_dirs.c  |  4 ++--
+ .../modules/device/cdi/behavior/cdi_spec_dirs.h  |  6 +++---
+ .../device/cdi/behavior/parser/cdi_parser.c      | 16 ++++++++--------
+ .../device/cdi/behavior/parser/cdi_parser.h      |  8 ++++----
+ src/daemon/modules/device/cdi/cdi_annotations.c  |  5 +++--
+ src/daemon/modules/device/cdi/cdi_annotations.h  |  3 ++-
+ src/daemon/modules/device/cdi/cdi_cache.c        | 14 +++++++-------
+ src/daemon/modules/device/cdi/cdi_cache.h        |  8 ++++----
+ src/daemon/modules/device/cdi_operate.c          | 13 +++++++------
+ 16 files changed, 57 insertions(+), 53 deletions(-)
+
+diff --git a/src/daemon/modules/api/cdi_operate_api.h b/src/daemon/modules/api/cdi_operate_api.h
+index 4f4c339e..49820ed7 100644
+--- a/src/daemon/modules/api/cdi_operate_api.h
++++ b/src/daemon/modules/api/cdi_operate_api.h
+@@ -26,11 +26,12 @@ extern "C" {
+ 
+ int cdi_operate_registry_init(char **specs_dirs, size_t specs_dirs_len);
+ 
+-char *cdi_operate_refresh(void);
++int cdi_operate_refresh(void);
+ 
+-string_array *cdi_operate_inject_devices(oci_runtime_spec *spec, string_array *devices, char **error);
++int cdi_operate_inject_devices(oci_runtime_spec *spec, string_array *devices);
+ 
+-char *cdi_operate_parse_annotations(json_map_string_string *annotations, string_array **keys, string_array **devices);
++int cdi_operate_parse_annotations(json_map_string_string *annotations, string_array **keys,
++                                  string_array **devices, char **error);
+ 
+ #ifdef __cplusplus
+ }
+diff --git a/src/daemon/modules/device/cdi/behavior/cdi_container_edits.c b/src/daemon/modules/device/cdi/behavior/cdi_container_edits.c
+index ce7b16db..590118b1 100644
+--- a/src/daemon/modules/device/cdi/behavior/cdi_container_edits.c
++++ b/src/daemon/modules/device/cdi/behavior/cdi_container_edits.c
+@@ -27,19 +27,19 @@
+ // POSTSTOP_HOOK is the name of the OCI "poststop" hook.
+ #define POSTSTOP_HOOK "poststop"
+ 
+-char *cdi_container_edits_apply(cdi_container_edits *e, oci_runtime_spec *spec)
++int cdi_container_edits_apply(cdi_container_edits *e, oci_runtime_spec *spec)
+ {
+-    return NULL;
++    return 0;
+ }
+ 
+-char *cdi_container_edits_validate(cdi_container_edits *e)
++int cdi_container_edits_validate(cdi_container_edits *e, char **error)
+ {
+-    return NULL;
++    return 0;
+ }
+ 
+-cdi_container_edits *cdi_container_edits_append(cdi_container_edits *e, cdi_container_edits *o)
++int cdi_container_edits_append(cdi_container_edits *e, cdi_container_edits *o)
+ {
+-    return NULL;
++    return 0;
+ }
+ 
+ bool cdi_container_edits_is_empty(cdi_container_edits *e)
+diff --git a/src/daemon/modules/device/cdi/behavior/cdi_container_edits.h b/src/daemon/modules/device/cdi/behavior/cdi_container_edits.h
+index 7b16d2bc..ea921e37 100644
+--- a/src/daemon/modules/device/cdi/behavior/cdi_container_edits.h
++++ b/src/daemon/modules/device/cdi/behavior/cdi_container_edits.h
+@@ -27,9 +27,9 @@
+ extern "C" {
+ #endif
+ 
+-char *cdi_container_edits_apply(cdi_container_edits *e, oci_runtime_spec *spec);
+-char *cdi_container_edits_validate(cdi_container_edits *e);
+-cdi_container_edits *cdi_container_edits_append(cdi_container_edits *e, cdi_container_edits *o);
++int cdi_container_edits_apply(cdi_container_edits *e, oci_runtime_spec *spec);
++int cdi_container_edits_validate(cdi_container_edits *e, char **error);
++int cdi_container_edits_append(cdi_container_edits *e, cdi_container_edits *o);
+ bool cdi_container_edits_is_empty(cdi_container_edits *e);
+ 
+ #ifdef __cplusplus
+diff --git a/src/daemon/modules/device/cdi/behavior/cdi_device.c b/src/daemon/modules/device/cdi/behavior/cdi_device.c
+index 9904e9ee..0fef8f42 100644
+--- a/src/daemon/modules/device/cdi/behavior/cdi_device.c
++++ b/src/daemon/modules/device/cdi/behavior/cdi_device.c
+@@ -34,7 +34,7 @@ char *cdi_device_get_qualified_name(struct cdi_cache_device *d)
+     return NULL;
+ }
+ 
+-cdi_container_edits *cdi_device_edits(struct cdi_cache_device *d)
++cdi_container_edits *cdi_device_get_edits(struct cdi_cache_device *d)
+ {
+     return NULL;
+ }
+diff --git a/src/daemon/modules/device/cdi/behavior/cdi_device.h b/src/daemon/modules/device/cdi/behavior/cdi_device.h
+index 3f460152..5d63a576 100644
+--- a/src/daemon/modules/device/cdi/behavior/cdi_device.h
++++ b/src/daemon/modules/device/cdi/behavior/cdi_device.h
+@@ -37,7 +37,7 @@ void free_cdi_cache_device(struct cdi_cache_device *d);
+ struct cdi_cache_device *cdi_device_new_device(struct cdi_cache_spec *spec, cdi_device *d, char **error);
+ struct cdi_cache_spec *cdi_device_get_spec(struct cdi_cache_device *d);
+ char *cdi_device_get_qualified_name(struct cdi_cache_device *d);
+-cdi_container_edits *cdi_device_edits(struct cdi_cache_device *d);
++cdi_container_edits *cdi_device_get_edits(struct cdi_cache_device *d);
+ 
+ #ifdef __cplusplus
+ }
+diff --git a/src/daemon/modules/device/cdi/behavior/cdi_spec.c b/src/daemon/modules/device/cdi/behavior/cdi_spec.c
+index 38fc9e38..f79b5a44 100644
+--- a/src/daemon/modules/device/cdi/behavior/cdi_spec.c
++++ b/src/daemon/modules/device/cdi/behavior/cdi_spec.c
+@@ -54,7 +54,7 @@ int cdi_spec_get_priority(struct cdi_cache_spec *s)
+     return 0;
+ }
+ 
+-cdi_container_edits *cdi_spec_edits(struct cdi_cache_spec *s)
++cdi_container_edits *cdi_spec_get_edits(struct cdi_cache_spec *s)
+ {
+     return NULL;
+ }
+diff --git a/src/daemon/modules/device/cdi/behavior/cdi_spec.h b/src/daemon/modules/device/cdi/behavior/cdi_spec.h
+index bd4fc9d1..87248041 100644
+--- a/src/daemon/modules/device/cdi/behavior/cdi_spec.h
++++ b/src/daemon/modules/device/cdi/behavior/cdi_spec.h
+@@ -47,7 +47,7 @@ const char *cdi_spec_get_class(struct cdi_cache_spec *s);
+ struct cdi_cache_device *cdi_spec_get_cache_device(struct cdi_cache_spec *s, const char *name);
+ const char *cdi_spec_get_path(struct cdi_cache_spec *s);
+ int cdi_spec_get_priority(struct cdi_cache_spec *s);
+-cdi_container_edits *cdi_spec_edits(struct cdi_cache_spec *s);
++cdi_container_edits *cdi_spec_get_edits(struct cdi_cache_spec *s);
+ 
+ #ifdef __cplusplus
+ }
+diff --git a/src/daemon/modules/device/cdi/behavior/cdi_spec_dirs.c b/src/daemon/modules/device/cdi/behavior/cdi_spec_dirs.c
+index 5df4c937..e340abc0 100644
+--- a/src/daemon/modules/device/cdi/behavior/cdi_spec_dirs.c
++++ b/src/daemon/modules/device/cdi/behavior/cdi_spec_dirs.c
+@@ -23,7 +23,7 @@ string_array g_default_spec_dirs = {
+     .cap = DEFAULT_SPEC_DIRS_LEN,
+ };
+  
+-char *cdi_scan_spec_dirs(string_array *dirs, struct cdi_scan_fn_maps *scan_fn_maps, cdi_scan_spec_func scan_fn)
++int cdi_scan_spec_dirs(string_array *dirs, struct cdi_scan_fn_maps *scan_fn_maps, cdi_scan_spec_func scan_fn)
+ {
+-    return NULL;
++    return 0;
+ }
+diff --git a/src/daemon/modules/device/cdi/behavior/cdi_spec_dirs.h b/src/daemon/modules/device/cdi/behavior/cdi_spec_dirs.h
+index bd00e318..73d8c0f5 100644
+--- a/src/daemon/modules/device/cdi/behavior/cdi_spec_dirs.h
++++ b/src/daemon/modules/device/cdi/behavior/cdi_spec_dirs.h
+@@ -35,10 +35,10 @@ struct cdi_scan_fn_maps {
+     map_t *spec_errors;
+     string_array *result;
+ };
+-typedef char *(*cdi_scan_spec_func)(struct cdi_scan_fn_maps *scan_fn_maps, const char *path, int priority,
+-                                    struct cdi_cache_spec *spec, char **error);
++typedef void(*cdi_scan_spec_func)(struct cdi_scan_fn_maps *scan_fn_maps, const char *path, int priority,
++                                    struct cdi_cache_spec *spec, char *error);
+ 
+-char *cdi_scan_spec_dirs(string_array *dirs, struct cdi_scan_fn_maps *scan_fn_maps, cdi_scan_spec_func scan_fn);
++int cdi_scan_spec_dirs(string_array *dirs, struct cdi_scan_fn_maps *scan_fn_maps, cdi_scan_spec_func scan_fn);
+ 
+ #ifdef __cplusplus
+ }
+diff --git a/src/daemon/modules/device/cdi/behavior/parser/cdi_parser.c b/src/daemon/modules/device/cdi/behavior/parser/cdi_parser.c
+index 45048f9a..14293c72 100644
+--- a/src/daemon/modules/device/cdi/behavior/parser/cdi_parser.c
++++ b/src/daemon/modules/device/cdi/behavior/parser/cdi_parser.c
+@@ -24,9 +24,9 @@ bool cdi_parser_is_qualified_name(const char *device)
+     return true;
+ }
+ 
+-char *cdi_parser_parse_qualified_name(const char *device, char **vendor, char **class, char **name)
++int cdi_parser_parse_qualified_name(const char *device, char **vendor, char **class, char **name)
+ {
+-    return NULL;
++    return 0;
+ }
+ 
+ int cdi_parser_parse_device(const char *device, char **vendor, char **class, char **name)
+@@ -39,17 +39,17 @@ int cdi_parser_parse_qualifier(const char *kind, char **vendor, char **class)
+     return 0;
+ }
+ 
+-char *cdi_parser_validate_vendor_name(const char *vendor)
++int cdi_parser_validate_vendor_name(const char *vendor, char **error)
+ {
+-    return NULL;
++    return 0;
+ }
+ 
+-char *cdi_parser_validate_class_name(const char *class)
++int cdi_parser_validate_class_name(const char *class, char **error)
+ {
+-    return NULL;
++    return 0;
+ }
+ 
+-char *cdi_parser_validate_device_name(const char *name)
++int cdi_parser_validate_device_name(const char *name, char **error)
+ {
+-    return NULL;
++    return 0;
+ }
+diff --git a/src/daemon/modules/device/cdi/behavior/parser/cdi_parser.h b/src/daemon/modules/device/cdi/behavior/parser/cdi_parser.h
+index d9c057ea..467641a1 100644
+--- a/src/daemon/modules/device/cdi/behavior/parser/cdi_parser.h
++++ b/src/daemon/modules/device/cdi/behavior/parser/cdi_parser.h
+@@ -24,12 +24,12 @@ extern "C" {
+ 
+ char *cdi_parser_qualified_name(const char *vendor, const char *class, const char *name);
+ bool cdi_parser_is_qualified_name(const char *device);
+-char *cdi_parser_parse_qualified_name(const char *device, char **vendor, char **class, char **name);
++int cdi_parser_parse_qualified_name(const char *device, char **vendor, char **class, char **name);
+ int cdi_parser_parse_device(const char *device, char **vendor, char **class, char **name);
+ int cdi_parser_parse_qualifier(const char *kind, char **vendor, char **class);
+-char *cdi_parser_validate_vendor_name(const char *vendor);
+-char *cdi_parser_validate_class_name(const char *class);
+-char *cdi_parser_validate_device_name(const char *name);
++int cdi_parser_validate_vendor_name(const char *vendor, char **error);
++int cdi_parser_validate_class_name(const char *class, char **error);
++int cdi_parser_validate_device_name(const char *name, char **error);
+ 
+ #ifdef __cplusplus
+ }
+diff --git a/src/daemon/modules/device/cdi/cdi_annotations.c b/src/daemon/modules/device/cdi/cdi_annotations.c
+index 3cb9be84..cfe6e099 100644
+--- a/src/daemon/modules/device/cdi/cdi_annotations.c
++++ b/src/daemon/modules/device/cdi/cdi_annotations.c
+@@ -25,7 +25,8 @@
+ 
+ #define CDI_ANNOTATIONS_PREFIX "cdi.k8s.io/"
+ 
+-char *cdi_parse_annotations(json_map_string_string *annotations, string_array **keys, string_array **devices)
++int cdi_parse_annotations(json_map_string_string *annotations, string_array **keys,
++                          string_array **devices, char **error)
+ {
+-    return NULL;
++    return 0;
+ }
+diff --git a/src/daemon/modules/device/cdi/cdi_annotations.h b/src/daemon/modules/device/cdi/cdi_annotations.h
+index 52355099..49930963 100644
+--- a/src/daemon/modules/device/cdi/cdi_annotations.h
++++ b/src/daemon/modules/device/cdi/cdi_annotations.h
+@@ -23,7 +23,8 @@
+ extern "C" {
+ #endif
+ 
+-char *cdi_parse_annotations(json_map_string_string *annotations, string_array **keys, string_array **devices);
++int cdi_parse_annotations(json_map_string_string *annotations, string_array **keys,
++                          string_array **devices, char **error);
+ 
+ #ifdef __cplusplus
+ }
+diff --git a/src/daemon/modules/device/cdi/cdi_cache.c b/src/daemon/modules/device/cdi/cdi_cache.c
+index 9c54acbf..cfc23a1c 100644
+--- a/src/daemon/modules/device/cdi/cdi_cache.c
++++ b/src/daemon/modules/device/cdi/cdi_cache.c
+@@ -19,24 +19,24 @@ void free_cdi_cache(struct cdi_cache *c)
+     (void)c;
+ }
+ 
+-struct cdi_cache *cdi_new_cache(string_array *spec_dirs, char **error)
++struct cdi_cache *cdi_new_cache(string_array *spec_dirs)
+ {
+     return NULL;
+ }
+ 
+-static string_array *cdi_inject_devices(struct cdi_cache *c, oci_runtime_spec *oci_spec, string_array *devices, char **error)
++static int cdi_inject_devices(struct cdi_cache *c, oci_runtime_spec *oci_spec, string_array *devices)
+ {
+-    return NULL;
++    return 0;
+ }
+ 
+-static char *cdi_configure(struct cdi_cache *c, string_array *spec_dirs)
++static int cdi_configure(struct cdi_cache *c, string_array *spec_dirs)
+ {
+-    return NULL;
++    return 0;
+ }
+ 
+-static char *cdi_refresh(struct cdi_cache *c)
++static int cdi_refresh(struct cdi_cache *c)
+ {
+-    return NULL;
++    return 0;
+ }
+ 
+ static map_t *cdi_get_errors(struct cdi_cache *c)
+diff --git a/src/daemon/modules/device/cdi/cdi_cache.h b/src/daemon/modules/device/cdi/cdi_cache.h
+index 92fb64af..34c27471 100644
+--- a/src/daemon/modules/device/cdi/cdi_cache.h
++++ b/src/daemon/modules/device/cdi/cdi_cache.h
+@@ -33,12 +33,12 @@ struct cdi_cache;
+ struct cdi_cache_ops {
+     // injecting CDI devices into an OCI Spec.
+     // Resolver
+-    string_array *(*inject_devices)(struct cdi_cache *c, oci_runtime_spec *spec, string_array *devices, char **error);
++    int (*inject_devices)(struct cdi_cache *c, oci_runtime_spec *spec, string_array *devices);
+     
+     // refreshing the cache of CDI Specs and devices.
+     // Refresher
+-    char *(*configure)(struct cdi_cache *c, string_array *spec_dirs);
+-    char *(*refresh)(struct cdi_cache *c);
++    int (*configure)(struct cdi_cache *c, string_array *spec_dirs);
++    int (*refresh)(struct cdi_cache *c);
+     map_t *(*get_errors)(struct cdi_cache *c);
+     string_array *(*get_spec_directories)(struct cdi_cache *c);
+     map_t *(*get_spec_dir_errors)(struct cdi_cache *c);
+@@ -65,7 +65,7 @@ struct cdi_cache {
+ 
+ void free_cdi_cache(struct cdi_cache *c);
+  
+-struct cdi_cache *cdi_new_cache(string_array *spec_dirs, char **error);
++struct cdi_cache *cdi_new_cache(string_array *spec_dirs);
+ struct cdi_cache_ops *cdi_get_cache_ops(void);
+ 
+ #ifdef __cplusplus
+diff --git a/src/daemon/modules/device/cdi_operate.c b/src/daemon/modules/device/cdi_operate.c
+index c7aa77d8..c5187ab1 100644
+--- a/src/daemon/modules/device/cdi_operate.c
++++ b/src/daemon/modules/device/cdi_operate.c
+@@ -19,17 +19,18 @@ int cdi_operate_registry_init(char **specs_dirs, size_t specs_dirs_len)
+     return 0;
+ }
+ 
+-char *cdi_operate_refresh(void)
++int cdi_operate_refresh(void)
+ {
+-    return NULL;
++    return 0;
+ }
+ 
+-string_array *cdi_operate_inject_devices(oci_runtime_spec *spec, string_array *devices, char **error)
++int cdi_operate_inject_devices(oci_runtime_spec *spec, string_array *devices)
+ {
+-    return NULL;
++    return 0;
+ }
+ 
+-char *cdi_operate_parse_annotations(json_map_string_string *annotations, string_array **keys, string_array **devices)
++int cdi_operate_parse_annotations(json_map_string_string *annotations, string_array **keys,
++                                  string_array **devices, char **error)
+ {
+-    return NULL;
++    return 0;
+ }
+\ No newline at end of file
+-- 
+2.34.1
+
diff --git a/0061-cdi-support-modules-operate-registry-annotations.patch b/0061-cdi-support-modules-operate-registry-annotations.patch
new file mode 100644
index 0000000..aa26ca2
--- /dev/null
+++ b/0061-cdi-support-modules-operate-registry-annotations.patch
@@ -0,0 +1,516 @@
+From 4527dc8b6f7ab438742a8f7403b24420f646236d Mon Sep 17 00:00:00 2001
+From: liuxu <liuxu156@huawei.com>
+Date: Mon, 8 Apr 2024 11:57:16 +0800
+Subject: [PATCH 61/69] cdi:support modules operate/registry/annotations
+
+---
+ .../modules/device/cdi/cdi_annotations.c      |  72 +++++++
+ src/daemon/modules/device/cdi/cdi_registry.c  |  14 +-
+ src/daemon/modules/device/cdi_operate.c       |  53 +++++-
+ src/utils/cutils/utils.c                      |  11 ++
+ src/utils/cutils/utils.h                      |   2 +
+ src/utils/cutils/utils_array.c                | 175 +++++++++++++++++-
+ src/utils/cutils/utils_array.h                |  31 ++++
+ 7 files changed, 350 insertions(+), 8 deletions(-)
+
+diff --git a/src/daemon/modules/device/cdi/cdi_annotations.c b/src/daemon/modules/device/cdi/cdi_annotations.c
+index cfe6e099..020816d7 100644
+--- a/src/daemon/modules/device/cdi/cdi_annotations.c
++++ b/src/daemon/modules/device/cdi/cdi_annotations.c
+@@ -21,12 +21,84 @@
+ 
+ #include "error.h"
+ #include "utils.h"
++#include "utils_array.h"
+ #include "cdi_parser.h"
+ 
+ #define CDI_ANNOTATIONS_PREFIX "cdi.k8s.io/"
+ 
++static int parse_devices(string_array *devices, const char *value, char **error)
++{
++    __isula_auto_array_t char **parts = NULL;
++    char **pos;
++
++    parts = util_string_split(value, ',');
++    if (parts == NULL) {
++        ERROR("Invalid CDI device value %s", value);
++        format_errorf(error, "Invalid CDI device value %s", value);
++        return -1;
++    }
++    for (pos = parts; pos != NULL && *pos != NULL; pos++) {
++        if (!cdi_parser_is_qualified_name(*pos)) {
++            ERROR("Invalid CDI device name %s", *pos);
++            format_errorf(error, "Invalid CDI device name %s", *pos);
++            return -1;
++        }
++        if (util_append_string_array(devices, *pos) != 0) {
++            ERROR("Out of memory");
++            *error = util_strdup_s("Out of memory");
++            return -1;
++        }
++    }
++
++    return 0;
++}
++
+ int cdi_parse_annotations(json_map_string_string *annotations, string_array **keys,
+                           string_array **devices, char **error)
+ {
++    char *key = NULL;
++    char *value = NULL;
++    size_t i;
++    __isula_auto_string_array_t string_array *keys_array = NULL;
++    __isula_auto_string_array_t string_array *devices_array = NULL;
++
++    if (annotations == NULL || keys == NULL || devices == NULL || error == NULL) {
++        ERROR("Invalid argument");
++        return -1;
++    }
++
++    keys_array = util_common_calloc_s(sizeof(*keys_array));
++    if (keys_array == NULL) {
++        ERROR("Out of memory");
++        *error = util_strdup_s("Out of memory");
++        return -1;
++    }
++    devices_array = util_common_calloc_s(sizeof(*devices_array));
++    if (devices_array == NULL) {
++        ERROR("Out of memory");
++        *error = util_strdup_s("Out of memory");
++        return -1;
++    }
++
++    for (i = 0; i < annotations->len; i++) {
++        key = annotations->keys[i];
++        value = annotations->values[i];
++        if (!util_has_prefix(key, CDI_ANNOTATIONS_PREFIX)) {
++            continue;
++        }
++        if (parse_devices(devices_array, value, error) != 0) {
++            return -1;
++        }
++        if (util_append_string_array(keys_array, key) != 0) {
++            ERROR("Out of memory");
++            *error = util_strdup_s("Out of memory");
++            return -1;
++        }
++    }
++
++    *keys = keys_array;
++    keys_array = NULL;
++    *devices = devices_array;
++    devices_array = NULL;
+     return 0;
+ }
+diff --git a/src/daemon/modules/device/cdi/cdi_registry.c b/src/daemon/modules/device/cdi/cdi_registry.c
+index 68767a5f..be381132 100644
+--- a/src/daemon/modules/device/cdi/cdi_registry.c
++++ b/src/daemon/modules/device/cdi/cdi_registry.c
+@@ -14,12 +14,24 @@
+  ******************************************************************************/
+ #include "cdi_registry.h"
+ 
++#include <util_atomic.h>
++#include <isula_libutils/auto_cleanup.h>
++
++static struct cdi_registry g_cdi_reg = { 0 };
++
+ int cdi_registry_init(string_array *spec_dirs)
+ {
++    // isulad will use default dirs when spec_dirs == NULL
++    g_cdi_reg.cdi_cache = cdi_new_cache(spec_dirs);
++    if (g_cdi_reg.cdi_cache == NULL) {
++        ERROR("Failed to init registry");
++        return -1;
++    }
++    g_cdi_reg.ops = cdi_get_cache_ops();
+     return 0;
+ }
+ 
+ struct cdi_registry *cdi_get_registry(void)
+ {
+-    return NULL;
++    return &g_cdi_reg;
+ }
+diff --git a/src/daemon/modules/device/cdi_operate.c b/src/daemon/modules/device/cdi_operate.c
+index c5187ab1..f99bb7e4 100644
+--- a/src/daemon/modules/device/cdi_operate.c
++++ b/src/daemon/modules/device/cdi_operate.c
+@@ -14,23 +14,66 @@
+  ******************************************************************************/
+ #include "cdi_operate_api.h"
+ 
++#include <isula_libutils/log.h>
++
++#include "utils.h"
++#include "error.h"
++#include "cdi_registry.h"
++#include "cdi_annotations.h"
++#include "cdi_spec_dirs.h"
++
+ int cdi_operate_registry_init(char **specs_dirs, size_t specs_dirs_len)
+ {
+-    return 0;
++    string_array spec_dirs_array = {
++        .items = specs_dirs,
++        .len = specs_dirs_len,
++        .cap = specs_dirs_len,
++    };
++    
++    return cdi_registry_init(&spec_dirs_array);
+ }
+ 
+ int cdi_operate_refresh(void)
+ {
+-    return 0;
++    struct cdi_registry *registry = cdi_get_registry();
++    if (registry == NULL || registry->ops == NULL || registry->ops->refresh == NULL) {
++        ERROR("Failed to get registry");
++        return -1;
++    }
++    
++    return registry->ops->refresh(registry->cdi_cache);
+ }
+ 
+ int cdi_operate_inject_devices(oci_runtime_spec *spec, string_array *devices)
+ {
+-    return 0;
++    struct cdi_registry *registry = NULL;
++
++    if (spec == NULL || devices == NULL) {
++        ERROR("Invalid params");
++        return -1;
++    }
++    
++    registry = cdi_get_registry();
++    if (registry == NULL || registry->ops == NULL || registry->ops->inject_devices == NULL) {
++        ERROR("Failed to get registry");
++        return -1;
++    }
++    
++    return registry->ops->inject_devices(registry->cdi_cache, spec, devices);
+ }
+ 
+ int cdi_operate_parse_annotations(json_map_string_string *annotations, string_array **keys,
+                                   string_array **devices, char **error)
+ {
+-    return 0;
+-}
+\ No newline at end of file
++    if (error == NULL) {
++        ERROR("Invalid argument");
++        return -1;
++    }
++    if (annotations == NULL || keys == NULL || devices == NULL) {
++        ERROR("Invalid params");
++        *error = util_strdup_s("Invalid params");
++        return -1;
++    }
++
++    return cdi_parse_annotations(annotations, keys, devices, error);
++}
+diff --git a/src/utils/cutils/utils.c b/src/utils/cutils/utils.c
+index 8da2cc60..9a33f935 100644
+--- a/src/utils/cutils/utils.c
++++ b/src/utils/cutils/utils.c
+@@ -59,6 +59,17 @@ int malloc_trim(size_t pad)
+ }
+ #endif
+ 
++void util_swap_ptr(void **p1, void **p2)
++{
++    void *tmp;
++    if (p1 == NULL || p2 == NULL) {
++        return;
++    }
++    tmp = *p1;
++    *p1 = *p2;
++    *p2 = tmp;
++}
++
+ int util_mem_realloc(void **newptr, size_t newsize, void *oldptr, size_t oldsize)
+ {
+     void *tmp = NULL;
+diff --git a/src/utils/cutils/utils.h b/src/utils/cutils/utils.h
+index 3acf0698..3671272a 100644
+--- a/src/utils/cutils/utils.h
++++ b/src/utils/cutils/utils.h
+@@ -320,6 +320,8 @@ struct signame {
+         }                         \
+     } while (0)
+ 
++void util_swap_ptr(void **p1, void **p2);
++
+ int util_mem_realloc(void **newptr, size_t newsize, void *oldptr, size_t oldsize);
+ 
+ int util_check_inherited(bool closeall, int fd_to_ignore);
+diff --git a/src/utils/cutils/utils_array.c b/src/utils/cutils/utils_array.c
+index 25f19b8b..72294005 100644
+--- a/src/utils/cutils/utils_array.c
++++ b/src/utils/cutils/utils_array.c
+@@ -86,6 +86,27 @@ void util_free_sensitive_array(char **array)
+     free(array);
+ }
+ 
++char **util_copy_array_by_len(char **array, size_t len)
++{
++    char **new_array = NULL;
++    size_t i;
++ 
++    if (array == NULL || len == 0) {
++        return NULL;
++    }
++ 
++    new_array = util_smart_calloc_s(sizeof(char *), len);
++    if (new_array == NULL) {
++        ERROR("Out of memory");
++        return NULL;
++    }
++ 
++    for (i = 0; i < len; i++) {
++        new_array[i] = util_strdup_s(array[i]);
++    }
++    return new_array;
++}
++
+ int util_array_append(char ***array, const char *element)
+ {
+     size_t len;
+@@ -166,7 +187,7 @@ bool util_array_contain(const char **array, const char *element)
+     return false;
+ }
+ 
+-static size_t get_string_array_scale_size(size_t old_size)
++static size_t get_array_scale_size(size_t old_size)
+ {
+ #define DOUBLE_THRESHOLD 1024
+     const size_t max_threshold = MAX_MEMORY_SIZE / sizeof(char *);
+@@ -188,7 +209,7 @@ static size_t get_string_array_scale_size(size_t old_size)
+ 
+ static bool do_expand_array(string_array *array)
+ {
+-    size_t new_size = get_string_array_scale_size(array->cap);
++    size_t new_size = get_array_scale_size(array->cap);
+     char **new_items = NULL;
+ 
+     // array capability sure less than MAX_MEMORY_SIZE
+@@ -237,6 +258,29 @@ out:
+     return 0;
+ }
+ 
++string_array *util_copy_string_array(string_array *sarr)
++{
++    string_array *ptr = NULL;
++    size_t i;
++ 
++    if (sarr == NULL) {
++        ERROR("Invalid string array");
++        return NULL;
++    }
++ 
++    ptr = util_string_array_new(sarr->cap);
++    if (ptr == NULL) {
++        ERROR("Out of memory");
++        return NULL;
++    }
++    for (i = 0; i < sarr->len; i++) {
++        ptr->items[i] = util_strdup_s(sarr->items[i]);
++        ptr->len += 1;
++    }
++ 
++    return ptr;
++}
++
+ bool util_string_array_contain(const string_array *sarr, const char *elem)
+ {
+     size_t i;
+@@ -339,3 +383,130 @@ int util_common_array_append_pointer(void ***array, void *element)
+ 
+     return 0;
+ }
++
++void *util_clone_ptr(void *item)
++{
++    return item;
++}
++
++common_array *util_common_array_new(size_t len, free_common_array_item_cb free_item_cb,
++                                    clone_common_array_item_cb clone_item_cb)
++{
++    common_array *ptr = NULL;
++
++    if (len == 0 || free_item_cb == NULL || clone_item_cb == NULL) {
++        return NULL;
++    }
++
++    ptr = (common_array *)util_common_calloc_s(sizeof(common_array));
++    if (ptr == NULL) {
++        ERROR("Out of memory");
++        return NULL;
++    }
++
++    ptr->items = (void **)util_smart_calloc_s(sizeof(void *), len);
++    if (ptr->items == NULL) {
++        ERROR("Out of memory");
++        free(ptr);
++        return NULL;
++    }
++
++    ptr->len = 0;
++    ptr->cap = len;
++    ptr->free_item_cb = free_item_cb;
++    ptr->clone_item_cb = clone_item_cb;
++
++    return ptr;
++}
++
++void util_free_common_array(common_array *ptr)
++{
++    size_t i;
++
++    if (ptr == NULL || ptr->free_item_cb == NULL) {
++        return;
++    }
++
++    for (i = 0; i < ptr->len; i++) {
++        ptr->free_item_cb(ptr->items[i]);
++        ptr->items[i] = NULL;
++    }
++    free(ptr->items);
++    ptr->items = NULL;
++    ptr->len = 0;
++    ptr->cap = 0;
++    ptr->free_item_cb = NULL;
++    ptr->clone_item_cb = NULL;
++
++    free(ptr);
++}
++
++static bool do_expand_common_array(common_array *array)
++{
++    size_t new_size = get_array_scale_size(array->cap);
++    void **new_items = NULL;
++
++    // array capability sure less than MAX_MEMORY_SIZE
++    // so we need to check Overflow:
++    if (new_size == array->cap) {
++        ERROR("Too large common array, overflow memory");
++        return false;
++    }
++
++    // new_size * sizeof(*new_items) and list->len * sizeof(*list->items)
++    if (util_mem_realloc((void **)&new_items, new_size * sizeof(void *), (void *)array->items,
++                         array->len * sizeof(void *)) != 0) {
++        ERROR("Out of memory");
++        return false;
++    }
++    array->items = new_items;
++    array->cap = new_size;
++
++    return true;
++}
++
++int util_append_common_array(common_array *arr, void *val)
++{
++    if (arr == NULL || arr->clone_item_cb == NULL) {
++        ERROR("Invalid common array");
++        return -1;
++    }
++
++    if (val == NULL) {
++        DEBUG("Empty new item, just ignore it");
++        return 0;
++    }
++
++    if (arr->len < arr->cap) {
++        goto out;
++    }
++
++    // expand common array
++    if (!do_expand_common_array(arr)) {
++        return -1;
++    }
++
++out:
++    arr->items[arr->len] = arr->clone_item_cb(val);
++    arr->len += 1;
++    return 0;
++}
++
++int util_merge_common_array(common_array *dest_arr, common_array *src_arr)
++{
++    size_t i;
++
++    if (dest_arr == NULL || dest_arr->clone_item_cb == NULL ||
++        src_arr == NULL || src_arr->clone_item_cb == NULL) {
++        ERROR("Invalid common array");
++        return -1;
++    }
++
++    for (i = 0; i < src_arr->len; i++) {
++        if (util_append_common_array(dest_arr, src_arr->items[i]) != 0) {
++            ERROR("Failed to append element");
++            return -1;
++        }
++    }
++    return 0;
++}
+diff --git a/src/utils/cutils/utils_array.h b/src/utils/cutils/utils_array.h
+index 1c084595..0c4fd217 100644
+--- a/src/utils/cutils/utils_array.h
++++ b/src/utils/cutils/utils_array.h
+@@ -30,6 +30,8 @@ void util_free_array_by_len(char **array, size_t len);
+ 
+ void util_free_array(char **array);
+ 
++char **util_copy_array_by_len(char **array, size_t len);
++
+ int util_grow_array(char ***orig_array, size_t *orig_capacity, size_t size,
+                     size_t increment);
+ 
+@@ -52,6 +54,8 @@ void util_free_string_array(string_array *ptr);
+ 
+ int util_append_string_array(string_array *sarr, const char *val);
+ 
++string_array *util_copy_string_array(string_array *sarr);
++
+ bool util_string_array_contain(const string_array *sarr, const char *elem);
+ 
+ void util_free_sensitive_array(char **array);
+@@ -63,6 +67,33 @@ define_auto_cleanup_callback(util_free_array, char *);
+ // define auto free macro for char *
+ #define __isula_auto_array_t auto_cleanup_tag(util_free_array)
+ 
++define_auto_cleanup_callback(util_free_string_array, string_array);
++#define __isula_auto_string_array_t auto_cleanup_tag(util_free_string_array)
++
++typedef void (*free_common_array_item_cb)(void *item);
++typedef void *(*clone_common_array_item_cb)(void *item);
++typedef struct common_array_t {
++    void **items;
++    size_t len;
++    size_t cap;
++    free_common_array_item_cb free_item_cb;
++    clone_common_array_item_cb clone_item_cb;
++} common_array;
++
++void *util_clone_ptr(void *item);
++
++common_array *util_common_array_new(size_t len, free_common_array_item_cb free_item_cb,
++                                    clone_common_array_item_cb clone_item_cb);
++
++void util_free_common_array(common_array *ptr);
++
++int util_append_common_array(common_array *arr, void *val);
++
++int util_merge_common_array(common_array *dest_arr, common_array *src_arr);
++
++define_auto_cleanup_callback(util_free_common_array, common_array);
++#define __isula_auto_common_array_t auto_cleanup_tag(util_free_common_array)
++
+ #ifdef __cplusplus
+ }
+ #endif
+-- 
+2.34.1
+
diff --git a/0062-do-not-umount-shmpath-for-sandbox-container.patch b/0062-do-not-umount-shmpath-for-sandbox-container.patch
new file mode 100644
index 0000000..8b719a3
--- /dev/null
+++ b/0062-do-not-umount-shmpath-for-sandbox-container.patch
@@ -0,0 +1,30 @@
+From 8e35525073b52b5d161984015de641bd21570380 Mon Sep 17 00:00:00 2001
+From: jikai <jikai11@huawei.com>
+Date: Tue, 16 Apr 2024 10:32:50 +0000
+Subject: [PATCH 62/69] do not umount shmpath for sandbox container
+
+Signed-off-by: jikai <jikai11@huawei.com>
+---
+ src/daemon/modules/service/service_container.c | 6 ++++++
+ 1 file changed, 6 insertions(+)
+
+diff --git a/src/daemon/modules/service/service_container.c b/src/daemon/modules/service/service_container.c
+index eb7ce4f4..a2322309 100644
+--- a/src/daemon/modules/service/service_container.c
++++ b/src/daemon/modules/service/service_container.c
+@@ -1718,6 +1718,12 @@ void umount_share_shm(container_t *cont)
+         return;
+     }
+     if (cont->hostconfig->ipc_mode == NULL || namespace_is_shareable(cont->hostconfig->ipc_mode)) {
++#ifdef ENABLE_CRI_API_V1
++        // For sandbox in cri v1, the shm path is created and umounted in CRI
++        if (is_sandbox_container(cont->common_config->sandbox_info)) {
++            return;
++        }
++#endif
+         if (cont->common_config == NULL || cont->common_config->shm_path == NULL) {
+             return;
+         }
+-- 
+2.34.1
+
diff --git a/0063-remove-default-systemd-cgroup-and-enable-cri-v1-valu.patch b/0063-remove-default-systemd-cgroup-and-enable-cri-v1-valu.patch
new file mode 100644
index 0000000..b6a0e6b
--- /dev/null
+++ b/0063-remove-default-systemd-cgroup-and-enable-cri-v1-valu.patch
@@ -0,0 +1,27 @@
+From c092597565e5f24b29ecd83b4b371a19a9c2db0d Mon Sep 17 00:00:00 2001
+From: jikai <jikai11@huawei.com>
+Date: Wed, 17 Apr 2024 01:52:45 +0000
+Subject: [PATCH 63/69] remove default systemd-cgroup and enable-cri-v1 value
+ in daemon.json
+
+Signed-off-by: jikai <jikai11@huawei.com>
+---
+ src/contrib/config/daemon.json | 4 +---
+ 1 file changed, 1 insertion(+), 3 deletions(-)
+
+diff --git a/src/contrib/config/daemon.json b/src/contrib/config/daemon.json
+index 69362c26..711dda94 100644
+--- a/src/contrib/config/daemon.json
++++ b/src/contrib/config/daemon.json
+@@ -35,7 +35,5 @@
+     "insecure-skip-verify-enforce": false,
+     "cri-runtimes": {
+         "kata": "io.containerd.kata.v2"
+-    },
+-    "enable-cri-v1": false,
+-    "systemd-cgroup": false
++    }
+ }
+-- 
+2.34.1
+
diff --git a/0064-cdi-support-module-cache.patch b/0064-cdi-support-module-cache.patch
new file mode 100644
index 0000000..4ed9fb5
--- /dev/null
+++ b/0064-cdi-support-module-cache.patch
@@ -0,0 +1,862 @@
+From f87f0fddaec4b3aea72f3b9c91f2dc91b89683ce Mon Sep 17 00:00:00 2001
+From: liuxu <liuxu156@huawei.com>
+Date: Tue, 16 Apr 2024 11:44:22 +0800
+Subject: [PATCH 64/69] cdi:support module cache
+
+---
+ .../device/cdi/behavior/cdi_spec_dirs.h       |   3 +-
+ src/daemon/modules/device/cdi/cdi_cache.c     | 760 +++++++++++++++++-
+ src/daemon/modules/device/cdi/cdi_cache.h     |   9 +-
+ 3 files changed, 747 insertions(+), 25 deletions(-)
+
+diff --git a/src/daemon/modules/device/cdi/behavior/cdi_spec_dirs.h b/src/daemon/modules/device/cdi/behavior/cdi_spec_dirs.h
+index 73d8c0f5..eedcabad 100644
+--- a/src/daemon/modules/device/cdi/behavior/cdi_spec_dirs.h
++++ b/src/daemon/modules/device/cdi/behavior/cdi_spec_dirs.h
+@@ -32,8 +32,7 @@ struct cdi_scan_fn_maps {
+     map_t *specs;
+     map_t *devices;
+     map_t *conflicts;
+-    map_t *spec_errors;
+-    string_array *result;
++    bool *refresh_error_flag;
+ };
+ typedef void(*cdi_scan_spec_func)(struct cdi_scan_fn_maps *scan_fn_maps, const char *path, int priority,
+                                     struct cdi_cache_spec *spec, char *error);
+diff --git a/src/daemon/modules/device/cdi/cdi_cache.c b/src/daemon/modules/device/cdi/cdi_cache.c
+index cfc23a1c..37767855 100644
+--- a/src/daemon/modules/device/cdi/cdi_cache.c
++++ b/src/daemon/modules/device/cdi/cdi_cache.c
+@@ -14,56 +14,784 @@
+  ******************************************************************************/
+ #include "cdi_cache.h"
+ 
++#include <stdlib.h>
++#include <pthread.h>
++#include <sys/inotify.h>
++#include <sys/prctl.h>
++#include <isula_libutils/log.h>
++#include <isula_libutils/auto_cleanup.h>
++#include <isula_libutils/utils_array.h>
++
++#include "utils.h"
++#include "utils_file.h"
++#include "path.h"
++#include "error.h"
++#include "cdi_device.h"
++#include "cdi_spec.h"
++#include "cdi_spec_dirs.h"
++#include "cdi_container_edits.h"
++
++// cache
++static int cdi_set_spec_dirs(struct cdi_cache *c, string_array *spec_dirs);
++static int configure(struct cdi_cache *c, string_array *spec_dirs);
++static int refresh(struct cdi_cache *c);
++static bool refresh_if_required(struct cdi_cache *c, bool force, int *ret);
++
++// watch
++static void free_cdi_watch(struct cdi_watch *watch);
++static void watch_setup(struct cdi_watch *watch, string_array *dirs);
++static void watch_start(struct cdi_cache *c);
++static void watch_stop(struct cdi_watch *w);
++static void *watch_thread_func(void *arg);
++static bool watch_update(struct cdi_watch *w, const char *removed, int wd);
++
++static int cdi_set_spec_dirs(struct cdi_cache *c, string_array *spec_dirs)
++{
++    __isula_auto_string_array_t string_array *new_spec_dirs = NULL;
++    char clean_path[PATH_MAX] = { 0 };
++    size_t i;
++
++    if (c == NULL || spec_dirs == NULL) {
++        ERROR("Invalid argument");
++        return -1;
++    }
++    if (spec_dirs->len == 0) {
++        return 0;
++    }
++
++    new_spec_dirs = util_string_array_new(spec_dirs->len);
++    if (new_spec_dirs == NULL) {
++        ERROR("Out of memory");
++        return -1;
++    }
++    for (i = 0; i < spec_dirs->len; i++) {
++        if (util_clean_path(spec_dirs->items[i], clean_path, sizeof(clean_path)) == NULL) {
++            ERROR("Failed to get clean path %s", spec_dirs->items[i]);
++            return -1;
++        }
++        if (util_append_string_array(new_spec_dirs, clean_path) != 0) {
++            ERROR("Out of memory");
++            return -1;
++        }
++    }
++    util_free_string_array(c->spec_dirs);
++    c->spec_dirs = new_spec_dirs;
++    new_spec_dirs = NULL;
++
++    return 0;
++}
++
+ void free_cdi_cache(struct cdi_cache *c)
+ {
+-    (void)c;
++    if (c == NULL) {
++        return;
++    }
++
++    util_free_string_array(c->spec_dirs);
++    c->spec_dirs = NULL;
++    map_free(c->specs);
++    c->specs = NULL;
++    map_free(c->devices);
++    c->devices = NULL;
++    free_cdi_watch(c->watch);
++    c->watch = NULL;
++
++    free(c);
+ }
+ 
+ struct cdi_cache *cdi_new_cache(string_array *spec_dirs)
+ {
++    struct cdi_cache *c = NULL;
++    int ret = 0;
++
++    c = util_common_calloc_s(sizeof(*c));
++    if (c == NULL) {
++        ERROR("Out of memory");
++        return NULL;
++    }
++    c->refresh_error_flag = false;
++    c->auto_refresh = true;
++    c->watch = util_common_calloc_s(sizeof(struct cdi_watch));
++    if (c->watch == NULL) {
++        ERROR("Out of memory");
++        goto free_out;
++    }
++    c->watch->watcher_fd = -1;
++
++    if (cdi_set_spec_dirs(c, &g_default_spec_dirs) != 0) {
++        ERROR("Failed to set spec dirs by default");
++        goto free_out;
++    }
++
++    (void)pthread_mutex_lock(&c->mutex);
++    ret = configure(c, spec_dirs);
++    (void)pthread_mutex_unlock(&c->mutex);
++    if (ret != 0) {
++        ERROR("Failed to configure");
++        goto free_out;
++    }
++
++    return c;
++
++free_out:
++    free_cdi_cache(c);
+     return NULL;
+ }
+ 
+-static int cdi_inject_devices(struct cdi_cache *c, oci_runtime_spec *oci_spec, string_array *devices)
++static int cdi_configure(struct cdi_cache *c, string_array *spec_dirs)
+ {
+-    return 0;
++    int ret = 0;
++
++    if (c == NULL) {
++        ERROR("Invalid arguments");
++        return -1;
++    }
++
++    (void)pthread_mutex_lock(&c->mutex);
++    ret = configure(c, spec_dirs);
++    (void)pthread_mutex_unlock(&c->mutex);
++
++    return ret;
+ }
+ 
+-static int cdi_configure(struct cdi_cache *c, string_array *spec_dirs)
++static int configure(struct cdi_cache *c, string_array *spec_dirs)
+ {
++    int ret = 0;
++
++    if (spec_dirs != NULL) {
++        ret = cdi_set_spec_dirs(c, spec_dirs);
++        if (ret != 0) {
++            ERROR("Failed to apply cache spec dirs");
++            return -1;
++        }
++    }
++
++    watch_stop(c->watch);
++    if (c->auto_refresh) {
++        watch_setup(c->watch, c->spec_dirs);
++        watch_start(c);
++    }
++    (void)refresh(c);
+     return 0;
+ }
+ 
+ static int cdi_refresh(struct cdi_cache *c)
+ {
+-    return 0;
++    bool refreshed;
++    int ret = 0;
++    
++    if (c == NULL) {
++        ERROR("Invalid arguments");
++        return -1;
++    }
++
++    (void)pthread_mutex_lock(&c->mutex);
++    refreshed = refresh_if_required(c, !c->auto_refresh, &ret);
++    if (refreshed) {
++        goto unlock_out;
++    }
++
++    ret = c->refresh_error_flag ? -1 : 0;
++unlock_out:
++    (void)pthread_mutex_unlock(&c->mutex);
++    return ret;
+ }
+ 
+-static map_t *cdi_get_errors(struct cdi_cache *c)
++static void map_cdi_cache_specs_kvfree(void *key, void *value)
+ {
+-    return NULL;
++    free(key);
++    util_free_common_array((common_array *)value);
+ }
+ 
+-static string_array *cdi_get_spec_directories(struct cdi_cache *c)
++static void map_cdi_cache_device_kvfree(void *key, void *value)
+ {
+-    return NULL;
++    free(key);
++    free_cdi_cache_device((struct cdi_cache_device *)value);
+ }
+ 
+-static map_t *cdi_get_spec_dir_errors(struct cdi_cache *c)
++static void set_refresh_error_flag(bool *refresh_error_flag, const char *error, const char *path)
+ {
+-    return NULL;
++    *refresh_error_flag = true;
++    ERROR("Cdi refresh error: %s, spec %s", error, path);
++}
++
++static bool resolve_conflict(struct cdi_scan_fn_maps *scan_fn_maps, const char *name,
++                             struct cdi_cache_device *dev, struct cdi_cache_device *old)
++{
++    map_t *conflicts = scan_fn_maps->conflicts;
++    bool *refresh_error_flag = scan_fn_maps->refresh_error_flag;
++    struct cdi_cache_spec *dev_spec = NULL;
++    struct cdi_cache_spec *old_spec = NULL;
++    int dev_prio;
++    int old_prio;
++    bool val = true;
++    const char *dev_path = NULL;
++    const char *old_path = NULL;
++
++    dev_spec = cdi_device_get_spec(dev);
++    old_spec = cdi_device_get_spec(old);
++    dev_prio = cdi_spec_get_priority(dev_spec);
++    old_prio = cdi_spec_get_priority(old_spec);
++    if (dev_prio > old_prio) {
++        return false;
++    } else if (dev_prio == old_prio) {
++        dev_path = cdi_spec_get_path(dev_spec);
++        old_path = cdi_spec_get_path(old_spec);
++        *refresh_error_flag = true;
++        ERROR("Conflicting device %s (specs %s, %s)", name, dev_path, old_path);
++        if (!map_replace(conflicts, (void *)name, (void *)&val)) {
++            ERROR("Failed to insert bool to conflicts by name %s", name);
++            return true;
++        }
++    } else {
++        // do nothing
++    }
++
++    return true;
++}
++
++static void refresh_scan_spec_func(struct cdi_scan_fn_maps *scan_fn_maps, const char *path, 
++                                    int priority, struct cdi_cache_spec *spec, char *error)
++{
++    map_t *specs = scan_fn_maps->specs;
++    map_t *devices = scan_fn_maps->devices;
++    bool *refresh_error_flag = scan_fn_maps->refresh_error_flag;
++    char clean_path[PATH_MAX] = { 0 };
++    __isula_auto_free char *tmp_error = NULL;
++    const char *vendor = NULL;
++    __isula_auto_common_array_t common_array *spec_array = NULL;
++    map_itor *itor = NULL;
++    __isula_auto_free char *qualified = NULL;
++    struct cdi_cache_device *dev = NULL;
++    struct cdi_cache_device *other = NULL;
++
++    if (util_clean_path(path, clean_path, sizeof(clean_path)) == NULL) {
++        ERROR("Failed to get clean path %s", path);
++        format_errorf(&tmp_error, "Failed to get clean path %s", path);
++        return;
++    }
++    if (error != NULL) {
++        ERROR("Failed to load CDI Spec %s", error);
++        format_errorf(&tmp_error, "Failed to load CDI Spec %s", error);
++        goto error_out;
++    }
++
++    vendor = cdi_spec_get_vendor(spec);
++    spec_array = map_search(specs, (void *)vendor);
++    if (spec_array == NULL) {
++        spec_array = util_common_array_new(1, (free_common_array_item_cb)free_cdi_cache_spec, util_clone_ptr);
++        if (spec_array == NULL) {
++            ERROR("Out of memory");
++            tmp_error = util_strdup_s("Out of memory");
++            goto error_out;
++        }
++        if (!map_insert(specs, (void *)vendor, spec_array)) {
++            ERROR("Failed to insert spec array to specs");
++            tmp_error = util_strdup_s("Failed to insert spec array to specs");
++            goto error_out;
++        }
++    }
++    if (util_append_common_array(spec_array, spec) != 0) {
++        ERROR("Failed to append spec");
++        tmp_error = util_strdup_s("Failed to append spec");
++        goto error_out;
++    }
++    spec_array = NULL;
++
++    itor = map_itor_new(spec->devices);
++    if (itor == NULL) {
++        ERROR("Out of memory, create new map itor failed");
++        tmp_error = util_strdup_s("Out of memory, create new map itor failed");
++        goto error_out;
++    }
++    for (; map_itor_valid(itor); map_itor_next(itor)) {
++        dev = map_itor_value(itor);
++        qualified = cdi_device_get_qualified_name(dev);
++        other = map_search(devices, (void *)qualified);
++        if (other != NULL) {
++            if (resolve_conflict(scan_fn_maps, qualified, dev, other)) {
++                continue;
++            }
++        }
++        if (!map_replace(devices, (void *)qualified, dev)) {
++            ERROR("Failed to insert device to devices by name %s", qualified);
++            format_errorf(&tmp_error, "Failed to insert device to devices by name %s", qualified);
++            goto error_out;
++        }
++        free(qualified);
++        qualified = NULL;
++    }
++    goto out;
++
++error_out:
++    set_refresh_error_flag(refresh_error_flag, tmp_error, path);
++out:
++    map_itor_free(itor);
++    return;
++}
++
++static int refresh(struct cdi_cache *c)
++{
++    int ret = 0;
++    __isula_auto_free char *error = NULL;
++    map_t *specs = NULL;
++    map_t *devices = NULL;
++    map_t *conflicts = NULL;
++    struct cdi_scan_fn_maps scan_fn_maps = { 0 };
++    map_itor *itor = NULL;
++    char *conflict = NULL;
++
++    c->refresh_error_flag = false;
++    specs = map_new(MAP_STR_PTR, MAP_DEFAULT_CMP_FUNC, map_cdi_cache_specs_kvfree);
++    if (specs == NULL) {
++        ERROR("Out of memory");
++        ret = -1;
++        goto free_out;
++    }
++    devices = map_new(MAP_STR_PTR, MAP_DEFAULT_CMP_FUNC, map_cdi_cache_device_kvfree);
++    if (devices == NULL) {
++        ERROR("Out of memory");
++        ret = -1;
++        goto free_out;
++    }
++    conflicts = map_new(MAP_STR_BOOL, MAP_DEFAULT_CMP_FUNC, MAP_DEFAULT_FREE_FUNC);
++    if (conflicts == NULL) {
++        ERROR("Out of memory");
++        ret = -1;
++        goto free_out;
++    }
++
++    scan_fn_maps.specs = specs;
++    scan_fn_maps.devices = devices;
++    scan_fn_maps.conflicts = conflicts;
++    scan_fn_maps.refresh_error_flag = &c->refresh_error_flag;
++    // ignore error when scan spec dirs
++    (void)cdi_scan_spec_dirs(c->spec_dirs, &scan_fn_maps, refresh_scan_spec_func);
++
++    itor = map_itor_new(conflicts);
++    if (itor == NULL) {
++        ERROR("Out of memory, create new map itor failed");
++        ret = -1;
++        goto free_out;
++    }
++    for (; map_itor_valid(itor); map_itor_next(itor)) {
++        conflict = map_itor_key(itor);
++        if ((map_search(devices, conflict) != NULL) &&
++            !map_remove(devices, conflict)) {
++            ERROR("Failed to remove conflict device from devices");
++            ret = -1;
++            goto free_out;
++        }
++    }
++
++    util_swap_ptr((void **)&c->specs, (void **)&specs);
++    util_swap_ptr((void **)&c->devices, (void **)&devices);
++
++    ret = c->refresh_error_flag ? -1 : 0;
++    
++free_out:
++    map_itor_free(itor);
++    map_free(specs);
++    map_free(devices);
++    map_free(conflicts);
++    return ret;
++}
++
++static bool refresh_if_required(struct cdi_cache *c, bool force, int *ret)
++{
++    if (force || (c->auto_refresh && watch_update(c->watch, NULL, -1))) {
++        *ret = refresh(c);
++        return true;
++    }
++    return false;
++}
++
++static void map_spec_ptr_kvfree(void *key, void *value)
++{
++    // do not need free spec*
++    (void)key;
++    free(value);
++}
++
++static int cdi_inject_devices(struct cdi_cache *c, oci_runtime_spec *oci_spec, string_array *devices)
++{
++    int ret = 0;
++    __isula_auto_string_array_t string_array *unresolved = NULL;
++    cdi_container_edits *edits = NULL;
++    map_t *specs = NULL;
++    size_t i;
++    const char *device = NULL;
++    struct cdi_cache_device *d = NULL;
++    int tmp_val = 0;
++    __isula_auto_free char *unresolved_str = NULL;
++
++    if (c == NULL || devices == NULL) {
++        ERROR("Can't inject devices");
++        return -1;
++    }
++    if (oci_spec == NULL) {
++        ERROR("Can't inject devices, nil OCI Spec");
++        return -1;
++    }
++
++    unresolved = util_common_calloc_s(sizeof(*unresolved));
++    if (unresolved == NULL) {
++        ERROR("Out of memory");
++        return -1;
++    }
++    specs = map_new(MAP_PTR_INT, MAP_DEFAULT_CMP_FUNC, map_spec_ptr_kvfree);
++    if (specs == NULL) {
++        ERROR("Out of memory");
++        ret = -1;
++        goto out;
++    }
++    edits = util_common_calloc_s(sizeof(*edits));
++    if (edits == NULL) {
++        ERROR("Out of memory");
++        ret = -1;
++        goto out;
++    }
++
++    (void)pthread_mutex_lock(&c->mutex);
++
++    (void)refresh_if_required(c, false, &ret);
++
++    for(i = 0; i < devices->len; i++) {
++        device = devices->items[i];
++        d = map_search(c->devices, (void *)device);
++        if (d == NULL) {
++            if (util_append_string_array(unresolved, device) != 0) {
++                ERROR("Out of memory");
++                ret = -1;
++                goto out;
++            }
++            continue;
++        }
++        if (map_search(specs, (void *)cdi_device_get_spec(d)) == NULL) {
++            if (!map_insert(specs, (void *)cdi_device_get_spec(d), (void *)&tmp_val)) {
++                ERROR("Failed to insert spec ptr to specs when find device %s", device);
++                ret = -1;
++                goto out;
++            }
++            if (cdi_container_edits_append(edits, cdi_spec_get_edits(cdi_device_get_spec(d))) != 0) {
++                ERROR("Failed to append edits when find device %s", device);
++                ret = -1;
++                goto out;
++            }
++        }
++        if (cdi_container_edits_append(edits, cdi_device_get_edits(d)) != 0) {
++            ERROR("Failed to append edits when find device %s", device);
++            ret = -1;
++            goto out;
++        }
++    }
++
++    if (unresolved->len != 0) {
++        unresolved_str = util_string_join(", ", (const char **)unresolved->items, unresolved->len);
++        ERROR("Unresolvable CDI devices %s", unresolved_str);
++        ret = -1;
++        goto out;
++    }
++
++    ret = cdi_container_edits_apply(edits, oci_spec);
++    if (ret != 0) {
++        ERROR("Failed to apply edits when inject devices");
++        ret = -1;
++    }
++
++out:
++    (void)pthread_mutex_unlock(&c->mutex);
++    map_free(specs);
++    free_cdi_container_edits(edits);
++    return ret;
+ }
+ 
+ static struct cdi_cache_ops g_cdi_cache_ops = {
+     .inject_devices = cdi_inject_devices,
+     .configure = cdi_configure,
+-    .refresh = cdi_refresh,
+-    .get_errors = cdi_get_errors,
+-    .get_spec_directories = cdi_get_spec_directories,
+-    .get_spec_dir_errors = cdi_get_spec_dir_errors
++    .refresh = cdi_refresh
+ };
+ 
+ struct cdi_cache_ops *cdi_get_cache_ops(void)
+ {
+     return &g_cdi_cache_ops;
+-}
+\ No newline at end of file
++}
++
++static void free_cdi_watch(struct cdi_watch *w)
++{
++    if (w == NULL) {
++        return;
++    }
++
++    watch_stop(w);
++    free(w);
++}
++
++static int init_tracked(struct cdi_watch *w, string_array *dirs)
++{
++    size_t i;
++    bool tmp_value = false;
++
++    w->tracked = map_new(MAP_STR_BOOL, MAP_DEFAULT_CMP_FUNC, MAP_DEFAULT_FREE_FUNC);
++    if (w->tracked == NULL) {
++        ERROR("Out of memory");
++        return -1;
++    }
++    for(i = 0; i < dirs->len; i++) {
++        if (!map_replace(w->tracked, (void *)dirs->items[i], (void *)&tmp_value)) {
++            ERROR("Failed to insert tracked by dir %s", dirs->items[i]);
++            goto error_out;
++        }
++    }
++    w->wd_dirs = map_new(MAP_INT_STR, MAP_DEFAULT_CMP_FUNC, MAP_DEFAULT_FREE_FUNC);
++    if (w->wd_dirs == NULL) {
++        ERROR("Out of memory");
++        goto error_out;
++    }
++
++    return 0;
++
++error_out:
++    map_free(w->tracked);
++    w->tracked = NULL;
++    return -1;
++}
++
++static void watch_setup(struct cdi_watch *w, string_array *dirs)
++{
++    __isula_auto_free char *error = NULL;
++
++    if (w == NULL || dirs == NULL || dirs->len == 0) {
++        ERROR("Invalid param");
++        return;
++    }
++
++    if (init_tracked(w, dirs) != 0) {
++        ERROR("Failed to initialize tracked");
++        return;
++    }
++
++    w->watcher_fd = inotify_init();
++    if (w->watcher_fd < 0) {
++        ERROR("Failed to initialize inotify fd");
++        map_free(w->tracked);
++        w->tracked = NULL;
++        map_free(w->wd_dirs);
++        w->wd_dirs = NULL;
++        return;
++    }
++
++    (void)watch_update(w, NULL, -1);
++}
++
++static void watch_start(struct cdi_cache *c)
++{
++    pthread_t thread = 0;
++    int ret = 0;
++
++    ret = pthread_create(&thread, NULL, watch_thread_func, c);
++    if (ret != 0) {
++        ERROR("Cdi watch thread create failed");
++        return;
++    }
++}
++
++static void watch_stop(struct cdi_watch *w)
++{
++    if (w == NULL) {
++        return;
++    }
++
++    if (w->watcher_fd >= 0) {
++        close(w->watcher_fd);
++        w->watcher_fd = -1;
++    }
++    map_free(w->tracked);
++    w->tracked = NULL;
++    map_free(w->wd_dirs);
++    w->wd_dirs = NULL;
++}
++
++// wait_events wait until inotify
++static int wait_events(int watcher_fd)
++{
++    fd_set rfds;
++    FD_ZERO(&rfds);
++    FD_SET(watcher_fd, &rfds);
++    return select(FD_SETSIZE, &rfds, NULL, NULL, NULL);
++}
++
++#define CDI_WATCH_EVENTS    (IN_MOVED_TO | IN_MOVED_FROM | IN_DELETE | IN_MODIFY | IN_MOVE_SELF | IN_DELETE_SELF)
++
++static int process_cdi_events(int watcher_fd, struct cdi_cache *c)
++{
++    ssize_t events_length = 0;
++    ssize_t events_index = 0;
++    struct inotify_event *cdi_event = NULL;
++    char buffer[MAXLINE] __attribute__((aligned(__alignof__(struct inotify_event)))) = { 0 };
++    int update_cnt = 0;
++    __isula_auto_free char *event_dir = NULL;
++
++    events_length = util_read_nointr(watcher_fd, buffer, sizeof(buffer));
++    if (events_length <= 0) {
++        ERROR("Failed to wait events");
++        return -1;
++    }
++
++    (void)pthread_mutex_lock(&c->mutex);
++    
++    while (events_index < events_length) {
++        cdi_event = (struct inotify_event *)(&buffer[events_index]);
++        ssize_t event_size = (ssize_t)(cdi_event->len) + (ssize_t)offsetof(struct inotify_event, name);
++        if (event_size == 0 || event_size > (events_length - events_index)) {
++            break;
++        }
++        events_index += event_size;
++
++        /*  
++         *  file: 
++         *      Rename:  mask == IN_MOVED_TO | IN_MOVED_FROM
++         *      Remove:  mask == IN_MOVED_FROM || mask == IN_DELETE
++         *      Write:   mask == IN_MODIFY
++         *  dir:
++         *      Remove: mask == IN_MOVE_SELF || mask == IN_DELETE_SELF
++         */
++        if ((cdi_event->mask & CDI_WATCH_EVENTS) == 0) {
++            continue;
++        }
++        DEBUG("Cdi spec file %s is changed", cdi_event->name);
++        if (cdi_event->mask == IN_MODIFY) {
++            if (!util_has_suffix(cdi_event->name, ".json")) {
++                WARN("Invalid spec %s ext", cdi_event->name);
++                continue;
++            }
++        }
++        event_dir = util_strdup_s(map_search(c->watch->wd_dirs, &(cdi_event->wd)));
++        if (!(cdi_event->mask == IN_DELETE_SELF || cdi_event->mask == IN_MOVE_SELF)) {
++            free(event_dir);
++            event_dir = NULL;
++        }
++        watch_update(c->watch, event_dir, cdi_event->wd);
++        update_cnt++;
++    }
++    if (update_cnt > 0) {
++        (void)refresh(c);
++    }
++
++    (void)pthread_mutex_unlock(&c->mutex);
++    return 0;
++}
++
++// Watch Spec directory changes, triggering a refresh if necessary.
++static void *watch_thread_func(void *arg)
++{
++    struct cdi_cache *c = (struct cdi_cache *)arg;
++    int errcode = 0;
++    int watcher_fd = -1;
++
++    errcode = pthread_detach(pthread_self());
++    if (errcode != 0) {
++        errno = errcode;
++        SYSERROR("Detach thread failed");
++        return NULL;
++    }
++
++    prctl(PR_SET_NAME, "cdi-watcher");
++
++    watcher_fd = c->watch->watcher_fd;
++    if (watcher_fd < 0) {
++        ERROR("Invalid inotify fd");
++        return NULL;
++    }
++
++    for (;;) {
++        if (wait_events(watcher_fd) < 0) {
++            ERROR("Failed to wait events");
++            break;
++        }
++        if (process_cdi_events(watcher_fd, c) != 0) {
++            break;
++        }
++    }
++    return NULL;
++}
++
++static void update_remove_watch_dir(struct cdi_watch *w, const char *dir, int wd)
++{
++    bool tmp_value = false;
++    if (wd >= 0) {
++        (void)inotify_rm_watch(w->watcher_fd, wd);
++        if ((map_search(w->wd_dirs, &wd) != NULL) &&
++            !map_remove(w->wd_dirs, &wd)) {
++            ERROR("Failed to remove watch fd of %s", dir);
++        }
++    }
++    if (!map_replace(w->tracked, (void *)dir, (void *)&tmp_value)) {
++        ERROR("Failed to insert tracked by dir %s", dir);
++    }
++}
++
++static void update_add_watch_dir(struct cdi_watch *w, const char *dir, bool *update)
++{
++    int wd = -1;
++    bool tmp_value = true;
++    __isula_auto_free char *error = NULL;
++
++    wd = inotify_add_watch(w->watcher_fd, dir, CDI_WATCH_EVENTS);
++    if (wd < 0) {
++        if (errno == ENOENT) {
++            SYSINFO("Watch device dir %s", dir);
++        } else {
++            SYSERROR("Failed to watch device dir %s", dir);
++        }
++        return;
++    } else {
++        DEBUG("Watching %s for device disovery", dir);
++        tmp_value = true;
++        if (!map_replace(w->tracked, (void *)dir, (void *)&tmp_value)) {
++            ERROR("Failed to insert tracked by dir %s", dir);
++            goto error_out;
++        }
++        if (!map_replace(w->wd_dirs, (void *)&wd, (void *)dir)) {
++            ERROR("Failed to insert dir %s by wd", dir);
++            goto error_out;
++        }
++        *update = true;
++    }
++    return;
++
++error_out:
++    update_remove_watch_dir(w, dir, wd);
++}
++
++static bool watch_update(struct cdi_watch *w, const char *removed, int wd)
++{
++    const char *dir = NULL;
++    bool *ok = NULL;
++    bool update = false;
++    map_itor *itor = NULL;
++    __isula_auto_free char *error = NULL;
++
++    itor = map_itor_new(w->tracked);
++    if (itor == NULL) {
++        ERROR("Out of memory, create new map itor failed");
++        return false;
++    }
++    for (; map_itor_valid(itor); map_itor_next(itor)) {
++        dir = map_itor_key(itor);
++        ok = map_itor_value(itor);
++        if (ok == NULL || *ok) {
++            continue;
++        }
++        update_add_watch_dir(w, dir, &update);
++    }
++
++    if (removed != NULL) {
++        update_remove_watch_dir(w, removed, wd);
++        WARN("Directory removed: %s", removed);
++        update = true;
++    }
++
++    map_itor_free(itor);
++    return update;
++}
+diff --git a/src/daemon/modules/device/cdi/cdi_cache.h b/src/daemon/modules/device/cdi/cdi_cache.h
+index 34c27471..da315de2 100644
+--- a/src/daemon/modules/device/cdi/cdi_cache.h
++++ b/src/daemon/modules/device/cdi/cdi_cache.h
+@@ -39,9 +39,6 @@ struct cdi_cache_ops {
+     // Refresher
+     int (*configure)(struct cdi_cache *c, string_array *spec_dirs);
+     int (*refresh)(struct cdi_cache *c);
+-    map_t *(*get_errors)(struct cdi_cache *c);
+-    string_array *(*get_spec_directories)(struct cdi_cache *c);
+-    map_t *(*get_spec_dir_errors)(struct cdi_cache *c);
+ };
+ 
+ struct cdi_watch {
+@@ -54,11 +51,9 @@ struct cdi_watch {
+ struct cdi_cache {
+     pthread_mutex_t mutex;
+     string_array *spec_dirs; // cdi-spec-dirs will scan for CDI Spec files
+-    map_t *specs;        // MAP_STR_PTR     specs[vendor] = cdi_cache_spec**
++    map_t *specs;        // MAP_STR_PTR     specs[vendor] = common_array of cdi_cache_spec*
+     map_t *devices;      // MAP_STR_PTR     devices[cdi_device.name] = cdi_cache_device*
+-    map_t *errors;       // MAP_STR_PTR     errors[cdi_cache_spec.path] = string_array *errors
+-    map_t *dir_errors;   // MAP_STR_STR     dir_errors[spec_dirs[i]] = error
+-
++    bool refresh_error_flag;
+     bool auto_refresh; 
+     struct cdi_watch *watch;
+ };
+-- 
+2.34.1
+
diff --git a/0065-change-default-subscribe-timeout-to-5min.patch b/0065-change-default-subscribe-timeout-to-5min.patch
new file mode 100644
index 0000000..7e4d067
--- /dev/null
+++ b/0065-change-default-subscribe-timeout-to-5min.patch
@@ -0,0 +1,76 @@
+From 5c89c23f5e0de06a17a9263114430674221a1ee0 Mon Sep 17 00:00:00 2001
+From: jikai <jikai11@huawei.com>
+Date: Wed, 17 Apr 2024 06:59:08 +0000
+Subject: [PATCH 65/69] change default subscribe timeout to 5min
+
+Signed-off-by: jikai <jikai11@huawei.com>
+---
+ src/daemon/mailbox/message_queue.c |  4 ++--
+ src/utils/cutils/blocking_queue.c  | 13 +++++++------
+ src/utils/cutils/blocking_queue.h  |  2 +-
+ 3 files changed, 10 insertions(+), 9 deletions(-)
+
+diff --git a/src/daemon/mailbox/message_queue.c b/src/daemon/mailbox/message_queue.c
+index 7e53301e..699ea0bc 100644
+--- a/src/daemon/mailbox/message_queue.c
++++ b/src/daemon/mailbox/message_queue.c
+@@ -20,8 +20,8 @@
+ 
+ #include "utils.h"
+ 
+-// default set subscriber timeout to 1000ms, maybe could be configured later
+-const int64_t subscribe_timeout = 1000;
++// default set subscriber timeout to 300s, maybe could be configured later
++const int64_t subscribe_timeout = 300;
+ 
+ static void message_queue_subscriber_free(void *key, void *val)
+ {
+diff --git a/src/utils/cutils/blocking_queue.c b/src/utils/cutils/blocking_queue.c
+index 7c9c5f50..9bdb2ca3 100644
+--- a/src/utils/cutils/blocking_queue.c
++++ b/src/utils/cutils/blocking_queue.c
+@@ -55,12 +55,11 @@ blocking_queue *blocking_queue_create(int64_t timeout, void (*release)(void *))
+     queue->release = release;
+ 
+     if (timeout >= 0) {
+-        queue->timeout.tv_sec = timeout / (Time_Second / Time_Milli);
+-        queue->timeout.tv_nsec = (timeout % (Time_Second / Time_Milli) ) * Time_Milli;
++        queue->timeout = timeout;
+     } else {
+-        queue->timeout.tv_sec = -1;
++        queue->timeout = -1;
+     }
+-    
++
+     return isula_transfer_ptr(queue);
+ }
+ 
+@@ -112,8 +111,10 @@ int blocking_queue_pop(blocking_queue *queue, void **data) {
+     lock = &queue->lock;
+ 
+     while (queue->head->next == NULL) {
+-        if (queue->timeout.tv_sec >= 0) {
+-            int ret = pthread_cond_timedwait(&queue->not_empty, &queue->lock, &queue->timeout);
++        if (queue->timeout >= 0) {
++            struct timespec timeout = { 0 };
++            timeout.tv_sec = queue->timeout + time(NULL);
++            int ret = pthread_cond_timedwait(&queue->not_empty, &queue->lock, &timeout);
+             if (ret != 0) {
+                 if (ret != ETIMEDOUT) {
+                     ERROR("Failed to wait cond");
+diff --git a/src/utils/cutils/blocking_queue.h b/src/utils/cutils/blocking_queue.h
+index 1c52a9d3..257779c3 100644
+--- a/src/utils/cutils/blocking_queue.h
++++ b/src/utils/cutils/blocking_queue.h
+@@ -37,7 +37,7 @@ typedef struct blocking_queue {
+     blocking_node *head;
+     blocking_node *tail;
+     pthread_mutex_t lock;
+-    struct timespec timeout;
++    int64_t timeout;
+     pthread_cond_t not_empty;
+     void (*release)(void *);
+ } blocking_queue;
+-- 
+2.34.1
+
diff --git a/0066-cdi-support-modules-version-spec-spec_dirs-device.patch b/0066-cdi-support-modules-version-spec-spec_dirs-device.patch
new file mode 100644
index 0000000..6aff31b
--- /dev/null
+++ b/0066-cdi-support-modules-version-spec-spec_dirs-device.patch
@@ -0,0 +1,1254 @@
+From 684f0aa648061a13e777153e297a7064ba33ea17 Mon Sep 17 00:00:00 2001
+From: liuxu <liuxu156@huawei.com>
+Date: Thu, 11 Apr 2024 11:00:44 +0800
+Subject: [PATCH 66/69] cdi:support modules version/spec/spec_dirs/device
+
+---
+ .../modules/device/cdi/behavior/cdi_device.c  | 100 +++++++-
+ .../modules/device/cdi/behavior/cdi_device.h  |  12 +-
+ .../modules/device/cdi/behavior/cdi_spec.c    | 220 ++++++++++++++++--
+ .../modules/device/cdi/behavior/cdi_spec.h    |  16 +-
+ .../device/cdi/behavior/cdi_spec_dirs.c       |  80 +++++++
+ .../device/cdi/behavior/cdi_spec_dirs.h       |   2 +-
+ .../modules/device/cdi/behavior/cdi_version.c | 173 ++++++++++++--
+ .../modules/device/cdi/behavior/cdi_version.h |   1 -
+ src/daemon/modules/device/cdi/cdi_cache.c     |  37 +--
+ src/daemon/modules/device/cdi/cdi_cache.h     |   1 +
+ .../network/cni_operator/libcni/libcni_api.c  |  98 +-------
+ src/utils/cutils/utils_version.c              | 147 ++++++++++++
+ src/utils/cutils/utils_version.h              |  36 +++
+ 13 files changed, 748 insertions(+), 175 deletions(-)
+ create mode 100644 src/utils/cutils/utils_version.c
+ create mode 100644 src/utils/cutils/utils_version.h
+
+diff --git a/src/daemon/modules/device/cdi/behavior/cdi_device.c b/src/daemon/modules/device/cdi/behavior/cdi_device.c
+index 0fef8f42..aec3d7c0 100644
+--- a/src/daemon/modules/device/cdi/behavior/cdi_device.c
++++ b/src/daemon/modules/device/cdi/behavior/cdi_device.c
+@@ -14,27 +14,109 @@
+  ******************************************************************************/
+ #include "cdi_device.h"
+ 
++#include <isula_libutils/log.h>
++#include <isula_libutils/auto_cleanup.h>
++
++#include "error.h"
++#include "cdi_parser.h"
++#include "cdi_spec.h"
++
++static int cdi_device_validate(struct cdi_cache_device *d);
++
+ void free_cdi_cache_device(struct cdi_cache_device *d)
+ {
+-    (void)d;
++    if (d == NULL) {
++        return;
++    }
++ 
++    /* 
++     * free_cdi_cache_device should not be recursively free raw_device.
++     * Otherwise, the function conflicts with the raw_spec free raw_device
++     * when cdi_cache_spec free raw_spec, triggering double free. 
++     */
++    d->raw_device = NULL;
++ 
++    /* 
++     * free_cdi_cache_device should not be recursively free cache_spec.
++     * Otherwise, the function conflicts with the cache free specs,
++     * triggering double free. 
++     */
++    d->cache_spec = NULL;
++ 
++    free(d);
++}
++
++struct cdi_cache_device *cdi_device_new_device(struct cdi_cache_spec *spec, cdi_device *d)
++{
++    struct cdi_cache_device *dev = NULL;
++
++    if (spec == NULL || d == NULL) {
++        ERROR("Invalid params");
++        return NULL;
++    }
++
++    dev = util_common_calloc_s(sizeof(*dev));
++    if (dev == NULL) {
++        ERROR("Out of memory");
++        return NULL;
++    }
++    dev->raw_device = d;
++    dev->cache_spec = spec;
++
++    if (cdi_device_validate(dev) != 0) {
++        free_cdi_cache_device(dev);
++        return NULL;
++    }
++    return dev;
+ }
+ 
+-struct cdi_cache_device *cdi_device_new_device(struct cdi_cache_spec *spec, cdi_device *d, char **error)
++const struct cdi_cache_spec *cdi_device_get_spec(const struct cdi_cache_device *d)
+ {
+-    return NULL;
++    if (d == NULL) {
++        ERROR("Invalid params");
++        return NULL;
++    }
++    return d->cache_spec;
+ }
+ 
+-struct cdi_cache_spec *cdi_device_get_spec(struct cdi_cache_device *d)
++char *cdi_device_get_qualified_name(const struct cdi_cache_device *d)
+ {
+-    return NULL;
++    if (d == NULL || d->raw_device == NULL) {
++        ERROR("Invalid params");
++        return NULL;
++    }
++    return cdi_parser_qualified_name(cdi_spec_get_vendor(d->cache_spec),
++        cdi_spec_get_class(d->cache_spec), d->raw_device->name);
+ }
+ 
+-char *cdi_device_get_qualified_name(struct cdi_cache_device *d)
++cdi_container_edits *cdi_device_get_edits(const struct cdi_cache_device *d)
+ {
+-    return NULL;
++    if (d == NULL || d->raw_device == NULL) {
++        ERROR("Invalid params");
++        return NULL;
++    }
++    return d->raw_device->container_edits;
+ }
+ 
+-cdi_container_edits *cdi_device_get_edits(struct cdi_cache_device *d)
++static int cdi_device_validate(struct cdi_cache_device *d)
+ {
+-    return NULL;
++    cdi_container_edits *edits = NULL;
++
++    if (cdi_parser_validate_device_name(d->raw_device->name) != 0) {
++        ERROR("Failed to validate device name");
++        return -1;
++    }
++
++    // ignore validate annotations
++
++    edits = cdi_device_get_edits(d);
++    if (cdi_container_edits_is_empty(edits)) {
++        ERROR("Invalid device, empty device edits");
++        return -1;
++    }
++    if (cdi_container_edits_validate(edits) != 0) {
++        ERROR("Invalid device %s", d->raw_device->name);
++        return -1;
++    }
++    return 0;
+ }
+diff --git a/src/daemon/modules/device/cdi/behavior/cdi_device.h b/src/daemon/modules/device/cdi/behavior/cdi_device.h
+index 5d63a576..9b0a5eab 100644
+--- a/src/daemon/modules/device/cdi/behavior/cdi_device.h
++++ b/src/daemon/modules/device/cdi/behavior/cdi_device.h
+@@ -28,16 +28,16 @@ extern "C" {
+ struct cdi_cache_spec;
+ 
+ struct cdi_cache_device {
+-    cdi_device *raw_device;
+-    struct cdi_cache_spec *cache_spec;
++    const cdi_device *raw_device;
++    const struct cdi_cache_spec *cache_spec;
+ };
+ 
+ void free_cdi_cache_device(struct cdi_cache_device *d);
+ 
+-struct cdi_cache_device *cdi_device_new_device(struct cdi_cache_spec *spec, cdi_device *d, char **error);
+-struct cdi_cache_spec *cdi_device_get_spec(struct cdi_cache_device *d);
+-char *cdi_device_get_qualified_name(struct cdi_cache_device *d);
+-cdi_container_edits *cdi_device_get_edits(struct cdi_cache_device *d);
++struct cdi_cache_device *cdi_device_new_device(struct cdi_cache_spec *spec, cdi_device *d);
++const struct cdi_cache_spec *cdi_device_get_spec(const struct cdi_cache_device *d);
++char *cdi_device_get_qualified_name(const struct cdi_cache_device *d);
++cdi_container_edits *cdi_device_get_edits(const struct cdi_cache_device *d);
+ 
+ #ifdef __cplusplus
+ }
+diff --git a/src/daemon/modules/device/cdi/behavior/cdi_spec.c b/src/daemon/modules/device/cdi/behavior/cdi_spec.c
+index f79b5a44..235b1863 100644
+--- a/src/daemon/modules/device/cdi/behavior/cdi_spec.c
++++ b/src/daemon/modules/device/cdi/behavior/cdi_spec.c
+@@ -14,47 +14,235 @@
+  ******************************************************************************/
+ #include "cdi_spec.h"
+ 
++#include <stdlib.h>
++#include <isula_libutils/log.h>
++#include <isula_libutils/auto_cleanup.h>
++
++#include "utils.h"
++#include "utils_version.h"
++#include "error.h"
++#include "path.h"
++#include "cdi_version.h"
++#include "cdi_parser.h"
++#include "cdi_device.h"
++
++static int cdi_spec_init(struct cdi_cache_spec *s);
++
+ void free_cdi_cache_spec(struct cdi_cache_spec *s)
+ {
+-    (void)s;
++    if (s == NULL) {
++        return;
++    }
++ 
++    free_cdi_spec(s->raw_spec);
++    s->raw_spec = NULL;
++    free(s->vendor);
++    s->vendor = NULL;
++    free(s->class);
++    s->class = NULL;
++    free(s->path);
++    s->path = NULL;
++    map_free(s->devices);
++    s->devices = NULL;
++ 
++    free(s);
+ }
+ 
+-struct cdi_cache_spec *cdi_spec_read_spec(const char *path, int priority, char **error)
++struct cdi_cache_spec *cdi_spec_read_spec(const char *path, int priority)
+ {
+-    return NULL;
++    cdi_spec *raw_spec = NULL;
++    __isula_auto_free parser_error err = NULL;
++    char cleanpath[PATH_MAX] = { 0 };
++
++    if (util_clean_path(path, cleanpath, sizeof(cleanpath)) == NULL) {
++        ERROR("Failed to get clean path %s", path);
++        return NULL;
++    }
++    
++    raw_spec = cdi_spec_parse_file(cleanpath, NULL, &err);
++    if (raw_spec == NULL) {
++        ERROR("Failed to read CDI Spec %s: %s", cleanpath, err);
++        return NULL;
++    }
++    DEBUG("Read cdi spec %s", cleanpath);
++
++    return cdi_spec_new_spec(raw_spec, cleanpath, priority);
+ }
+ 
+-struct cdi_cache_spec *cdi_spec_new_spec(cdi_spec *raw, const char *path, int priority, char **error)
++struct cdi_cache_spec *cdi_spec_new_spec(cdi_spec *raw, const char *path, int priority)
+ {
++    struct cdi_cache_spec *spec = NULL;
++    __isula_auto_free char *checked_path = NULL;
++
++    if (raw == NULL) {
++        ERROR("Invalid param");
++        return NULL;
++    }
++
++    if (!util_has_suffix(path, ".json")) {
++        checked_path = util_string_append(path, CDI_DEFAULT_SPEC_EXT);
++        if (checked_path == NULL) {
++            ERROR("Failed to append %s to path %s", CDI_DEFAULT_SPEC_EXT, path);
++            return NULL;
++        }
++    } else {
++        checked_path = util_strdup_s(path);
++    }
++    spec = util_common_calloc_s(sizeof(*spec));
++    if (spec == NULL) {
++        ERROR("Out of memory");
++        return NULL;
++    }
++    spec->raw_spec = raw;
++    spec->path = checked_path;
++    checked_path = NULL;
++    spec->priority = priority;
++
++    if (cdi_parser_parse_qualifier(raw->kind, &spec->vendor, &spec->class) != 0) {
++        ERROR("Failed to parse kind %s", raw->kind);
++        goto error_out;
++    }
++    if (cdi_spec_init(spec) != 0) {
++        ERROR("Invalid CDI Spec");
++        goto error_out;
++    }
++    
++    return spec;
++
++error_out:
++    free_cdi_cache_spec(spec);
+     return NULL;
+ }
+ 
+-const char *cdi_spec_get_vendor(struct cdi_cache_spec *s)
++const char *cdi_spec_get_vendor(const struct cdi_cache_spec *s)
+ {
+-    return NULL;
++    if (s == NULL) {
++        ERROR("Invalid params");
++        return NULL;
++    }
++    return s->vendor;
+ }
+ 
+-const char *cdi_spec_get_class(struct cdi_cache_spec *s)
++const char *cdi_spec_get_class(const struct cdi_cache_spec *s)
+ {
+-    return NULL;
++    if (s == NULL) {
++        ERROR("Invalid params");
++        return NULL;
++    }
++    return s->class;
+ }
+ 
+-struct cdi_cache_device *cdi_spec_get_cache_device(struct cdi_cache_spec *s, const char *name)
++struct cdi_cache_device *cdi_spec_get_cache_device(const struct cdi_cache_spec *s, const char *name)
+ {
+-    return NULL;
++    if (s == NULL) {
++        ERROR("Invalid params");
++        return NULL;
++    }
++    return map_search(s->devices, (void *)name);;
+ }
+ 
+-const char *cdi_spec_get_path(struct cdi_cache_spec *s)
++const char *cdi_spec_get_path(const struct cdi_cache_spec *s)
+ {
+-    return NULL;
++    if (s == NULL) {
++        ERROR("Invalid params");
++        return NULL;
++    }
++    return s->path;
+ }
+ 
+-int cdi_spec_get_priority(struct cdi_cache_spec *s)
++int cdi_spec_get_priority(const struct cdi_cache_spec *s)
+ {
+-    return 0;
++    if (s == NULL) {
++        ERROR("Invalid params");
++        return -1;
++    }
++    return s->priority;
+ }
+ 
+-cdi_container_edits *cdi_spec_get_edits(struct cdi_cache_spec *s)
++cdi_container_edits *cdi_spec_get_edits(const struct cdi_cache_spec *s)
+ {
+-    return NULL;
++    if (s == NULL || s->raw_spec == NULL) {
++        ERROR("Invalid params");
++        return NULL;
++    }
++    return s->raw_spec->container_edits;
++}
++
++static void map_cdi_cache_device_kvfree(void *key, void *value)
++{
++    free(key);
++    free_cdi_cache_device((struct cdi_cache_device *)value);
++}
++
++static int cdi_spec_init(struct cdi_cache_spec *s)
++{
++    const char *min_version = NULL;
++    __isula_auto_free char *spec_version = NULL;
++    cdi_container_edits *edits = NULL;
++    struct cdi_cache_device *dev = NULL;
++    cdi_device *d = NULL;
++    size_t i;
++    bool version_result = true;
++    
++    if (!cdi_is_valid_version(s->raw_spec->cdi_version)) {
++        ERROR("Failed to validate cdi spec version: %s", s->raw_spec->cdi_version);
++        return -1;
++    }
++
++    min_version = cdi_minimum_required_version(s->raw_spec);
++    if (min_version == NULL) {
++        ERROR("Could not determine minimum required version");
++        return -1;
++    }
++    if (util_version_greater_than(min_version, s->raw_spec->cdi_version, &version_result) != 0) {
++        ERROR("Failed to compare version %s and %s", min_version, s->raw_spec->cdi_version);
++        return -1;
++    }
++    if (version_result) {
++        ERROR("The spec version must be at least v%s", min_version);
++        return -1;
++    }
++
++    if (cdi_parser_validate_vendor_name(s->vendor) != 0) {
++        return -1;
++    }
++    if (cdi_parser_validate_class_name(s->class) != 0) {
++        return -1;
++    }
++
++    // ignore validate annotations
++
++    edits = cdi_spec_get_edits(s);
++    if (cdi_container_edits_validate(edits) != 0) {
++        return -1;
++    }
++
++    s->devices = map_new(MAP_STR_PTR, MAP_DEFAULT_CMP_FUNC, map_cdi_cache_device_kvfree);
++    if (s->devices == NULL) {
++        ERROR("Out of memory");
++        return -1;
++    }
++    for (i = 0; i < s->raw_spec->devices_len; i++) {
++        d = s->raw_spec->devices[i];
++        dev = cdi_device_new_device(s, d);
++        if (dev == NULL) {
++            ERROR("Could not determine minimum required version");
++            goto error_out;
++        }
++        if (map_search(s->devices, (void *)d->name) != NULL) {
++            ERROR("Invalid spec, multiple device %s", d->name);
++            goto error_out;
++        }
++        if (!map_insert(s->devices, (void *)d->name, dev)) {
++            ERROR("Failed to insert device %s", d->name);
++            goto error_out;
++        }
++    }
++
++    return 0;
++
++error_out:
++    map_free(s->devices);
++    s->devices = NULL;
++    return -1;
+ }
+diff --git a/src/daemon/modules/device/cdi/behavior/cdi_spec.h b/src/daemon/modules/device/cdi/behavior/cdi_spec.h
+index 87248041..ca7b2cfa 100644
+--- a/src/daemon/modules/device/cdi/behavior/cdi_spec.h
++++ b/src/daemon/modules/device/cdi/behavior/cdi_spec.h
+@@ -40,14 +40,14 @@ struct cdi_cache_spec {
+  
+ void free_cdi_cache_spec(struct cdi_cache_spec *s);
+ 
+-struct cdi_cache_spec *cdi_spec_read_spec(const char *path, int priority, char **error);
+-struct cdi_cache_spec *cdi_spec_new_spec(cdi_spec *raw, const char *path, int priority, char **error);
+-const char *cdi_spec_get_vendor(struct cdi_cache_spec *s);
+-const char *cdi_spec_get_class(struct cdi_cache_spec *s);
+-struct cdi_cache_device *cdi_spec_get_cache_device(struct cdi_cache_spec *s, const char *name);
+-const char *cdi_spec_get_path(struct cdi_cache_spec *s);
+-int cdi_spec_get_priority(struct cdi_cache_spec *s);
+-cdi_container_edits *cdi_spec_get_edits(struct cdi_cache_spec *s);
++struct cdi_cache_spec *cdi_spec_read_spec(const char *path, int priority);
++struct cdi_cache_spec *cdi_spec_new_spec(cdi_spec *raw, const char *path, int priority);
++const char *cdi_spec_get_vendor(const struct cdi_cache_spec *s);
++const char *cdi_spec_get_class(const struct cdi_cache_spec *s);
++struct cdi_cache_device *cdi_spec_get_cache_device(const struct cdi_cache_spec *s, const char *name);
++const char *cdi_spec_get_path(const struct cdi_cache_spec *s);
++int cdi_spec_get_priority(const struct cdi_cache_spec *s);
++cdi_container_edits *cdi_spec_get_edits(const struct cdi_cache_spec *s);
+ 
+ #ifdef __cplusplus
+ }
+diff --git a/src/daemon/modules/device/cdi/behavior/cdi_spec_dirs.c b/src/daemon/modules/device/cdi/behavior/cdi_spec_dirs.c
+index e340abc0..cafb52b8 100644
+--- a/src/daemon/modules/device/cdi/behavior/cdi_spec_dirs.c
++++ b/src/daemon/modules/device/cdi/behavior/cdi_spec_dirs.c
+@@ -14,6 +14,17 @@
+  ******************************************************************************/
+ #include "cdi_spec_dirs.h"
+ 
++#include <sys/stat.h>
++#include <isula_libutils/log.h>
++#include <isula_libutils/auto_cleanup.h>
++
++#include "utils.h"
++#include "path.h"
++#include "error.h"
++#include "utils_file.h"
++#include "utils_array.h"
++#include "cdi_spec.h"
++
+ #define DEFAULT_SPEC_DIRS_LEN   2
+ static char *default_spec_dirs_items[DEFAULT_SPEC_DIRS_LEN] = {CDI_DEFAULT_STATIC_DIR, CDI_DEFAULT_DYNAMIC_DIR};
+  
+@@ -23,7 +34,76 @@ string_array g_default_spec_dirs = {
+     .cap = DEFAULT_SPEC_DIRS_LEN,
+ };
+  
++struct scan_spec_dir_cb_args {
++    struct cdi_scan_fn_maps *scan_fn_maps;
++    cdi_scan_spec_func scan_fn;
++    int priority;
++};
++
++static bool scan_spec_dir_cb(const char *dir, const struct dirent *pdirent, void *context)
++{
++    struct scan_spec_dir_cb_args *args = (struct scan_spec_dir_cb_args *)context;
++    struct cdi_scan_fn_maps *scan_fn_maps = args->scan_fn_maps;
++    cdi_scan_spec_func scan_fn = args->scan_fn;
++    int priority = args->priority;
++    struct stat st = { 0 };
++    __isula_auto_free char *file_path = NULL;
++    struct cdi_cache_spec *cache_spec = NULL;
++
++    file_path = util_path_join(dir, pdirent->d_name);
++    if (file_path == NULL) {
++        ERROR("Failed to get path %s/%s", dir, pdirent->d_name);
++        goto error_out;
++    }
++
++    if (lstat(file_path, &st) != 0) {
++        ERROR("Failed to lstat %s", file_path);
++        goto error_out;
++    }
++    if (S_ISDIR(st.st_mode)) {
++        DEBUG("Skip dir %s", file_path);
++        return true;
++    }
++    
++    if (!util_has_suffix(file_path, ".json")) {
++        DEBUG("Skip file %s", file_path);
++        return true;
++    }
++
++    cache_spec = cdi_spec_read_spec(file_path, priority);
++    if (cache_spec == NULL) {
++        ERROR("Failed to read spec %s", file_path);
++        goto error_out;
++    }
++    scan_fn(scan_fn_maps, file_path, priority, cache_spec);
++    return true;
++
++error_out:
++    *(scan_fn_maps->refresh_error_flag) = true;
++    return true;
++}
++
+ int cdi_scan_spec_dirs(string_array *dirs, struct cdi_scan_fn_maps *scan_fn_maps, cdi_scan_spec_func scan_fn)
+ {
++    size_t i;
++    int nret = 0;
++
++    for (i = 0; i < dirs->len; i++) {
++        struct scan_spec_dir_cb_args args = {
++            .scan_fn_maps = scan_fn_maps,
++            .scan_fn = scan_fn,
++            .priority = i,
++        };
++        if (!util_dir_exists(dirs->items[i])) {
++            WARN("Cdi dir %s not exists", dirs->items[i]);
++            continue;
++        }
++        nret = util_scan_subdirs(dirs->items[i], scan_spec_dir_cb, &args);
++        if (nret != 0) {
++            ERROR("Failed to scan dir %s", dirs->items[i]);
++            return -1;
++        }
++    }
++
+     return 0;
+ }
+diff --git a/src/daemon/modules/device/cdi/behavior/cdi_spec_dirs.h b/src/daemon/modules/device/cdi/behavior/cdi_spec_dirs.h
+index eedcabad..b17a0cd8 100644
+--- a/src/daemon/modules/device/cdi/behavior/cdi_spec_dirs.h
++++ b/src/daemon/modules/device/cdi/behavior/cdi_spec_dirs.h
+@@ -35,7 +35,7 @@ struct cdi_scan_fn_maps {
+     bool *refresh_error_flag;
+ };
+ typedef void(*cdi_scan_spec_func)(struct cdi_scan_fn_maps *scan_fn_maps, const char *path, int priority,
+-                                    struct cdi_cache_spec *spec, char *error);
++                                  struct cdi_cache_spec *spec);
+ 
+ int cdi_scan_spec_dirs(string_array *dirs, struct cdi_scan_fn_maps *scan_fn_maps, cdi_scan_spec_func scan_fn);
+ 
+diff --git a/src/daemon/modules/device/cdi/behavior/cdi_version.c b/src/daemon/modules/device/cdi/behavior/cdi_version.c
+index 3e87c111..882a965e 100644
+--- a/src/daemon/modules/device/cdi/behavior/cdi_version.c
++++ b/src/daemon/modules/device/cdi/behavior/cdi_version.c
+@@ -14,27 +14,174 @@
+  ******************************************************************************/
+ #include "cdi_version.h"
+ 
+-#define CDI_V_CURRENT_VERSION "v"##CDI_CURRENT_VERSION
+-
+-#define CDI_V010        "v0.1.0"
+-#define CDI_V020        "v0.2.0"
+-#define CDI_V030        "v0.3.0"
+-#define CDI_V040        "v0.4.0"
+-#define CDI_V050        "v0.5.0"
+-#define CDI_V060        "v0.6.0"
++#include <ctype.h>
++#include <isula_libutils/log.h>
++#include <isula_libutils/auto_cleanup.h>
++
++#include "error.h"
++#include "utils_version.h"
++#include "utils_string.h"
++#include "cdi_container_edits.h"
++#include "cdi_parser.h"
++
++#define CDI_V010        "0.1.0"
++#define CDI_V020        "0.2.0"
++#define CDI_V030        "0.3.0"
++#define CDI_V040        "0.4.0"
++#define CDI_V050        "0.5.0"
++#define CDI_V060        "0.6.0"
+ #define CDI_V_EARLIEST  CDI_V030
+ 
+-const char *cdi_minimum_required_version(cdi_spec *spec)
++typedef bool (*required_version_cb)(cdi_spec *spec);
++
++struct required_version_map {
++    char *version;
++    required_version_cb cb;
++};
++
++static bool requires_v060(cdi_spec *spec)
++{
++    size_t i;
++    int ret = 0;
++    __isula_auto_free char *vendor = NULL;
++    __isula_auto_free char *class = NULL;
++
++    // The 0.6.0 spec allows annotations to be specified at a spec level
++    if (spec->annotations != NULL) {
++        return true;
++    }
++
++    // The 0.6.0 spec allows annotations to be specified at a device level
++    if (spec->devices != NULL) {
++        for (i = 0; i < spec->devices_len; i++) {
++            if (spec->devices[i]->annotations != NULL) {
++                return true;
++            }
++        }
++    }
++
++    // The 0.6.0 spec allows dots "." in Kind name label (class)
++    ret = cdi_parser_parse_qualifier(spec->kind, &vendor, &class);
++    if (ret == 0 && vendor != NULL) {
++        if (util_strings_count(class, '.') > 0) {
++            return true;
++        }
++    }
++    return false;
++}
++
++static bool check_host_path(cdi_container_edits *e)
+ {
+-    return NULL;
++    size_t i;
++
++    if (e == NULL) {
++        return false;
++    }
++    for (i = 0; i < e->device_nodes_len; i++) {
++        // The HostPath field was added in 0.5.0
++        if (e->device_nodes[i]->host_path != NULL) {
++            return true;
++        }
++    }
++    return false;
+ }
+ 
+-bool cdi_is_greater_than_version(const char *v, const char *o)
++static bool requires_v050(cdi_spec *spec)
+ {
+-    return true;
++    size_t i;
++
++    for (i = 0; i < spec->devices_len; i++) {
++        // The 0.5.0 spec allowed device names to start with a digit instead of requiring a letter
++        if (spec->devices[i]->name != NULL && strlen(spec->devices[i]->name) > 0 &&
++            !isalpha(spec->devices[i]->name[0])) {
++            return true;
++        }
++        if (check_host_path(spec->devices[i]->container_edits)) {
++            return true;
++        }
++    }
++
++    return check_host_path(spec->container_edits);
++}
++
++static bool check_mount_type(cdi_container_edits *e)
++{
++    size_t i;
++
++    if (e == NULL) {
++        return false;
++    }
++    for (i = 0; i < e->mounts_len; i++) {
++        // The Type field was added in 0.4.0
++        if (e->mounts[i]->type != NULL) {
++            return true;
++        }
++    }
++    return false;
++}
++
++static bool requires_v040(cdi_spec *spec)
++{
++    size_t i;
++
++    for (i = 0; i < spec->devices_len; i++) {
++        if (check_mount_type(spec->devices[i]->container_edits)) {
++            return true;
++        }
++    }
++
++    return check_mount_type(spec->container_edits);
++}
++
++#define VALID_SPEC_VERSIONS_LEN 6
++static struct required_version_map g_valid_spec_versions[VALID_SPEC_VERSIONS_LEN] = {
++    {CDI_V010, NULL},
++    {CDI_V020, NULL},
++    {CDI_V030, NULL},
++    {CDI_V040, requires_v060},
++    {CDI_V050, requires_v050},
++    {CDI_V060, requires_v040}
++};
++
++const char *cdi_minimum_required_version(cdi_spec *spec)
++{
++    const char *min_version = CDI_V_EARLIEST;
++    int i;
++    bool result = true;
++
++    if (spec == NULL) {
++        return NULL;
++    }
++
++    for (i = 0; i < VALID_SPEC_VERSIONS_LEN; i++) {
++        if (g_valid_spec_versions[i].cb == NULL) {
++            continue;
++        }
++        if (g_valid_spec_versions[i].cb(spec)) {
++            if (util_version_greater_than(g_valid_spec_versions[i].version, min_version, &result) != 0) {
++                ERROR("Failed to compare version %s and %s", g_valid_spec_versions[i].version, min_version);
++                return NULL;
++            }
++            if (result) {
++                min_version = g_valid_spec_versions[i].version;
++            }
++        }
++        if (strcmp(min_version, CDI_CURRENT_VERSION)) {
++            break;
++        }
++    }
++
++    return min_version;
+ }
+ 
+ bool cdi_is_valid_version(const char *spec_version)
+ {
+-    return true;
++    int i;
++    
++    for (i = 0; i < VALID_SPEC_VERSIONS_LEN; i++) {
++        if (strcmp(g_valid_spec_versions[i].version, spec_version) == 0) {
++            return true;
++        }
++    }
++    return false;
+ }
+diff --git a/src/daemon/modules/device/cdi/behavior/cdi_version.h b/src/daemon/modules/device/cdi/behavior/cdi_version.h
+index 99b7e692..6bd86340 100644
+--- a/src/daemon/modules/device/cdi/behavior/cdi_version.h
++++ b/src/daemon/modules/device/cdi/behavior/cdi_version.h
+@@ -24,7 +24,6 @@ extern "C" {
+ #define CDI_CURRENT_VERSION "0.6.0"
+ 
+ const char *cdi_minimum_required_version(cdi_spec *spec);
+-bool cdi_is_greater_than_version(const char *v, const char *o);
+ bool cdi_is_valid_version(const char *spec_version);
+ 
+ #ifdef __cplusplus
+diff --git a/src/daemon/modules/device/cdi/cdi_cache.c b/src/daemon/modules/device/cdi/cdi_cache.c
+index 37767855..e637f7cd 100644
+--- a/src/daemon/modules/device/cdi/cdi_cache.c
++++ b/src/daemon/modules/device/cdi/cdi_cache.c
+@@ -206,13 +206,12 @@ static void map_cdi_cache_specs_kvfree(void *key, void *value)
+ static void map_cdi_cache_device_kvfree(void *key, void *value)
+ {
+     free(key);
+-    free_cdi_cache_device((struct cdi_cache_device *)value);
+-}
+-
+-static void set_refresh_error_flag(bool *refresh_error_flag, const char *error, const char *path)
+-{
+-    *refresh_error_flag = true;
+-    ERROR("Cdi refresh error: %s, spec %s", error, path);
++    /* 
++     * map_cdi_cache_device_kvfree should not be recursively free cdi_cache_device.
++     * Otherwise, the function conflicts with the cdi_cache_specs free devices,
++     * triggering double free. 
++     */
++    (void)value;
+ }
+ 
+ static bool resolve_conflict(struct cdi_scan_fn_maps *scan_fn_maps, const char *name,
+@@ -220,8 +219,8 @@ static bool resolve_conflict(struct cdi_scan_fn_maps *scan_fn_maps, const char *
+ {
+     map_t *conflicts = scan_fn_maps->conflicts;
+     bool *refresh_error_flag = scan_fn_maps->refresh_error_flag;
+-    struct cdi_cache_spec *dev_spec = NULL;
+-    struct cdi_cache_spec *old_spec = NULL;
++    const struct cdi_cache_spec *dev_spec = NULL;
++    const struct cdi_cache_spec *old_spec = NULL;
+     int dev_prio;
+     int old_prio;
+     bool val = true;
+@@ -251,7 +250,7 @@ static bool resolve_conflict(struct cdi_scan_fn_maps *scan_fn_maps, const char *
+ }
+ 
+ static void refresh_scan_spec_func(struct cdi_scan_fn_maps *scan_fn_maps, const char *path, 
+-                                    int priority, struct cdi_cache_spec *spec, char *error)
++                                    int priority, struct cdi_cache_spec *spec)
+ {
+     map_t *specs = scan_fn_maps->specs;
+     map_t *devices = scan_fn_maps->devices;
+@@ -267,12 +266,6 @@ static void refresh_scan_spec_func(struct cdi_scan_fn_maps *scan_fn_maps, const
+ 
+     if (util_clean_path(path, clean_path, sizeof(clean_path)) == NULL) {
+         ERROR("Failed to get clean path %s", path);
+-        format_errorf(&tmp_error, "Failed to get clean path %s", path);
+-        return;
+-    }
+-    if (error != NULL) {
+-        ERROR("Failed to load CDI Spec %s", error);
+-        format_errorf(&tmp_error, "Failed to load CDI Spec %s", error);
+         goto error_out;
+     }
+ 
+@@ -282,18 +275,15 @@ static void refresh_scan_spec_func(struct cdi_scan_fn_maps *scan_fn_maps, const
+         spec_array = util_common_array_new(1, (free_common_array_item_cb)free_cdi_cache_spec, util_clone_ptr);
+         if (spec_array == NULL) {
+             ERROR("Out of memory");
+-            tmp_error = util_strdup_s("Out of memory");
+             goto error_out;
+         }
+         if (!map_insert(specs, (void *)vendor, spec_array)) {
+             ERROR("Failed to insert spec array to specs");
+-            tmp_error = util_strdup_s("Failed to insert spec array to specs");
+             goto error_out;
+         }
+     }
+     if (util_append_common_array(spec_array, spec) != 0) {
+         ERROR("Failed to append spec");
+-        tmp_error = util_strdup_s("Failed to append spec");
+         goto error_out;
+     }
+     spec_array = NULL;
+@@ -301,7 +291,6 @@ static void refresh_scan_spec_func(struct cdi_scan_fn_maps *scan_fn_maps, const
+     itor = map_itor_new(spec->devices);
+     if (itor == NULL) {
+         ERROR("Out of memory, create new map itor failed");
+-        tmp_error = util_strdup_s("Out of memory, create new map itor failed");
+         goto error_out;
+     }
+     for (; map_itor_valid(itor); map_itor_next(itor)) {
+@@ -315,7 +304,6 @@ static void refresh_scan_spec_func(struct cdi_scan_fn_maps *scan_fn_maps, const
+         }
+         if (!map_replace(devices, (void *)qualified, dev)) {
+             ERROR("Failed to insert device to devices by name %s", qualified);
+-            format_errorf(&tmp_error, "Failed to insert device to devices by name %s", qualified);
+             goto error_out;
+         }
+         free(qualified);
+@@ -324,7 +312,7 @@ static void refresh_scan_spec_func(struct cdi_scan_fn_maps *scan_fn_maps, const
+     goto out;
+ 
+ error_out:
+-    set_refresh_error_flag(refresh_error_flag, tmp_error, path);
++    *refresh_error_flag = true;
+ out:
+     map_itor_free(itor);
+     return;
+@@ -333,7 +321,6 @@ out:
+ static int refresh(struct cdi_cache *c)
+ {
+     int ret = 0;
+-    __isula_auto_free char *error = NULL;
+     map_t *specs = NULL;
+     map_t *devices = NULL;
+     map_t *conflicts = NULL;
+@@ -559,8 +546,6 @@ error_out:
+ 
+ static void watch_setup(struct cdi_watch *w, string_array *dirs)
+ {
+-    __isula_auto_free char *error = NULL;
+-
+     if (w == NULL || dirs == NULL || dirs->len == 0) {
+         ERROR("Invalid param");
+         return;
+@@ -735,7 +720,6 @@ static void update_add_watch_dir(struct cdi_watch *w, const char *dir, bool *upd
+ {
+     int wd = -1;
+     bool tmp_value = true;
+-    __isula_auto_free char *error = NULL;
+ 
+     wd = inotify_add_watch(w->watcher_fd, dir, CDI_WATCH_EVENTS);
+     if (wd < 0) {
+@@ -770,7 +754,6 @@ static bool watch_update(struct cdi_watch *w, const char *removed, int wd)
+     bool *ok = NULL;
+     bool update = false;
+     map_itor *itor = NULL;
+-    __isula_auto_free char *error = NULL;
+ 
+     itor = map_itor_new(w->tracked);
+     if (itor == NULL) {
+diff --git a/src/daemon/modules/device/cdi/cdi_cache.h b/src/daemon/modules/device/cdi/cdi_cache.h
+index da315de2..638e954e 100644
+--- a/src/daemon/modules/device/cdi/cdi_cache.h
++++ b/src/daemon/modules/device/cdi/cdi_cache.h
+@@ -52,6 +52,7 @@ struct cdi_cache {
+     pthread_mutex_t mutex;
+     string_array *spec_dirs; // cdi-spec-dirs will scan for CDI Spec files
+     map_t *specs;        // MAP_STR_PTR     specs[vendor] = common_array of cdi_cache_spec*
++    // This map holding the reference to cdi device, the devices will not released when the map is freed.
+     map_t *devices;      // MAP_STR_PTR     devices[cdi_device.name] = cdi_cache_device*
+     bool refresh_error_flag;
+     bool auto_refresh; 
+diff --git a/src/daemon/modules/network/cni_operator/libcni/libcni_api.c b/src/daemon/modules/network/cni_operator/libcni/libcni_api.c
+index 068881be..7ba983af 100644
+--- a/src/daemon/modules/network/cni_operator/libcni/libcni_api.c
++++ b/src/daemon/modules/network/cni_operator/libcni/libcni_api.c
+@@ -28,6 +28,7 @@
+ #include <isula_libutils/auto_cleanup.h>
+ 
+ #include "utils.h"
++#include "utils_version.h"
+ #include "utils_network.h"
+ #include "libcni_cached.h"
+ #include "libcni_conf.h"
+@@ -544,97 +545,6 @@ free_out:
+     return ret;
+ }
+ 
+-struct parse_version {
+-    int major;
+-    int minor;
+-    int micro;
+-};
+-
+-static bool do_parse_version(const char **splits, size_t splits_len, struct parse_version *ret)
+-{
+-    if (util_safe_int(splits[0], &ret->major) != 0) {
+-        ERROR("failed to convert major version part: %s", splits[0]);
+-        return false;
+-    }
+-
+-    if (splits_len >= 2 && util_safe_int(splits[1], &ret->minor) != 0) {
+-        ERROR("failed to convert minor version part: %s", splits[1]);
+-        return false;
+-    }
+-
+-    if (splits_len >= 3 && util_safe_int(splits[2], &ret->micro) != 0) {
+-        ERROR("failed to convert micro version part: %s", splits[2]);
+-        return false;
+-    }
+-
+-    return true;
+-}
+-
+-static bool parse_version_from_str(const char *src_version, struct parse_version *result)
+-{
+-    char **splits = NULL;
+-    const size_t max_len = 4;
+-    size_t tlen = 0;
+-    bool ret = false;
+-
+-    splits = util_string_split(src_version, '.');
+-    if (splits == NULL) {
+-        ERROR("Split version: \"%s\" failed", src_version);
+-        return false;
+-    }
+-    tlen = util_array_len((const char **)splits);
+-    if (tlen < 1 || tlen >= max_len) {
+-        ERROR("Invalid version: \"%s\"", src_version);
+-        goto out;
+-    }
+-
+-    ret = do_parse_version((const char **)splits, tlen, result);
+-
+-out:
+-    util_free_array(splits);
+-    return ret;
+-}
+-
+-static bool do_compare_version(const struct parse_version *p_first, const struct parse_version *p_second)
+-{
+-    bool ret = false;
+-
+-    if (p_first->major > p_second->major) {
+-        ret = true;
+-    } else if (p_first->major == p_second->major) {
+-        if (p_first->minor > p_second->minor) {
+-            ret = true;
+-        } else if (p_first->minor == p_second->minor && p_first->micro >= p_second->micro) {
+-            ret = true;
+-        }
+-    }
+-
+-    return ret;
+-}
+-
+-static int version_greater_than_or_equal_to(const char *first, const char *second, bool *result)
+-{
+-    struct parse_version first_parsed = { 0 };
+-    struct parse_version second_parsed = { 0 };
+-
+-    if (result == NULL) {
+-        ERROR("Invalid argument");
+-        return -1;
+-    }
+-
+-    if (!parse_version_from_str(first, &first_parsed)) {
+-        return -1;
+-    }
+-
+-    if (!parse_version_from_str(second, &second_parsed)) {
+-        return -1;
+-    }
+-
+-    *result = do_compare_version(&first_parsed, &second_parsed);
+-
+-    return 0;
+-}
+-
+ static inline bool check_add_network_args(const cni_net_conf *net, const struct runtime_conf *rc)
+ {
+     return (net == NULL || rc == NULL);
+@@ -690,7 +600,7 @@ int cni_add_network_list(const struct cni_network_list_conf *list, const struct
+     }
+ 
+     if (*pret != NULL &&
+-        version_greater_than_or_equal_to((*pret)->cniversion, SUPPORT_CACHE_AND_CHECK_VERSION, &greater) != 0) {
++        util_version_greater_than_or_equal_to((*pret)->cniversion, SUPPORT_CACHE_AND_CHECK_VERSION, &greater) != 0) {
+         return 0;
+     }
+ 
+@@ -741,7 +651,7 @@ int cni_del_network_list(const struct cni_network_list_conf *list, const struct
+         return -1;
+     }
+ 
+-    if (version_greater_than_or_equal_to(list->list->cni_version, SUPPORT_CACHE_AND_CHECK_VERSION, &greater) != 0) {
++    if (util_version_greater_than_or_equal_to(list->list->cni_version, SUPPORT_CACHE_AND_CHECK_VERSION, &greater) != 0) {
+         return -1;
+     }
+ 
+@@ -807,7 +717,7 @@ int cni_check_network_list(const struct cni_network_list_conf *list, const struc
+         return -1;
+     }
+ 
+-    if (version_greater_than_or_equal_to(list->list->cni_version, SUPPORT_CACHE_AND_CHECK_VERSION, &greater) != 0) {
++    if (util_version_greater_than_or_equal_to(list->list->cni_version, SUPPORT_CACHE_AND_CHECK_VERSION, &greater) != 0) {
+         return -1;
+     }
+ 
+diff --git a/src/utils/cutils/utils_version.c b/src/utils/cutils/utils_version.c
+new file mode 100644
+index 00000000..9dea5b09
+--- /dev/null
++++ b/src/utils/cutils/utils_version.c
+@@ -0,0 +1,147 @@
++/******************************************************************************
++ * Copyright (c) Huawei Technologies Co., Ltd. 2018-2022. All rights reserved.
++ * iSulad licensed under the Mulan PSL v2.
++ * You can use this software according to the terms and conditions of the Mulan PSL v2.
++ * You may obtain a copy of Mulan PSL v2 at:
++ *     http://license.coscl.org.cn/MulanPSL2
++ * THIS SOFTWARE IS PROVIDED ON AN "AS IS" BASIS, WITHOUT WARRANTIES OF ANY KIND, EITHER EXPRESS OR
++ * IMPLIED, INCLUDING BUT NOT LIMITED TO NON-INFRINGEMENT, MERCHANTABILITY OR FIT FOR A PARTICULAR
++ * PURPOSE.
++ * See the Mulan PSL v2 for more details.
++ * Author: liuxu
++ * Create: 2024-4-7
++ * Description: provide version functions
++ ********************************************************************************/
++
++#define _GNU_SOURCE
++#include "utils_version.h"
++
++#include <isula_libutils/log.h>
++
++#include "utils.h"
++#include "utils_string.h"
++
++struct parse_version {
++    int major;
++    int minor;
++    int micro;
++};
++
++static bool do_parse_version(const char **splits, size_t splits_len, struct parse_version *ret)
++{
++    if (util_safe_int(splits[0], &ret->major) != 0) {
++        ERROR("Failed to convert major version part: %s", splits[0]);
++        return false;
++    }
++
++    if (splits_len >= 2 && util_safe_int(splits[1], &ret->minor) != 0) {
++        ERROR("Failed to convert minor version part: %s", splits[1]);
++        return false;
++    }
++
++    if (splits_len >= 3 && util_safe_int(splits[2], &ret->micro) != 0) {
++        ERROR("Failed to convert micro version part: %s", splits[2]);
++        return false;
++    }
++
++    return true;
++}
++
++static bool parse_version_from_str(const char *src_version, struct parse_version *result)
++{
++    __isula_auto_array_t char **splits = NULL;
++    const size_t max_len = 4;
++    size_t tlen = 0;
++    bool ret = false;
++
++    splits = util_string_split(src_version, '.');
++    if (splits == NULL) {
++        ERROR("Split version: \"%s\" failed", src_version);
++        return false;
++    }
++    tlen = util_array_len((const char **)splits);
++    if (tlen < 1 || tlen >= max_len) {
++        ERROR("Invalid version: \"%s\"", src_version);
++        return false;
++    }
++
++    ret = do_parse_version((const char **)splits, tlen, result);
++
++    return ret;
++}
++
++static int do_compare_version(const struct parse_version *p_first, const struct parse_version *p_second)
++{
++    if (p_first->major != p_second->major) {
++        return p_first->major - p_second->major;
++    }
++    if (p_first->minor != p_second->minor) {
++        return p_first->minor - p_second->minor;
++    }
++    if (p_first->micro != p_second->micro) {
++        return p_first->micro - p_second->micro;
++    }
++
++    return 0;
++}
++
++int util_version_compare(const char *first, const char *second, int *diff_value)
++{
++    struct parse_version first_parsed = { 0 };
++    struct parse_version second_parsed = { 0 };
++
++    if (first == NULL || second == NULL || diff_value == NULL) {
++        ERROR("Invalid argument");
++        return -1;
++    }
++
++    if (!parse_version_from_str(first, &first_parsed)) {
++        return -1;
++    }
++
++    if (!parse_version_from_str(second, &second_parsed)) {
++        return -1;
++    }
++
++    *diff_value = do_compare_version(&first_parsed, &second_parsed);
++
++    return 0;
++}
++
++int util_version_greater_than(const char *first, const char *second, bool *result)
++{
++    int ret;
++    int diff_value = 0;
++
++    if (result == NULL) {
++        ERROR("Invalid argument");
++        return -1;
++    }
++
++    ret = util_version_compare(first, second, &diff_value);
++    if (ret != 0) {
++        return ret;
++    }
++
++    *result = (diff_value > 0);
++    return ret;
++}
++
++int util_version_greater_than_or_equal_to(const char *first, const char *second, bool *result)
++{
++    int ret;
++    int diff_value = 0;
++
++    if (result == NULL) {
++        ERROR("Invalid argument");
++        return -1;
++    }
++
++    ret = util_version_compare(first, second, &diff_value);
++    if (ret != 0) {
++        return ret;
++    }
++
++    *result = (diff_value >= 0);
++    return ret;
++}
+diff --git a/src/utils/cutils/utils_version.h b/src/utils/cutils/utils_version.h
+new file mode 100644
+index 00000000..f9b543b8
+--- /dev/null
++++ b/src/utils/cutils/utils_version.h
+@@ -0,0 +1,36 @@
++/******************************************************************************
++ * Copyright (c) Huawei Technologies Co., Ltd. 2018-2022. All rights reserved.
++ * iSulad licensed under the Mulan PSL v2.
++ * You can use this software according to the terms and conditions of the Mulan PSL v2.
++ * You may obtain a copy of Mulan PSL v2 at:
++ *     http://license.coscl.org.cn/MulanPSL2
++ * THIS SOFTWARE IS PROVIDED ON AN "AS IS" BASIS, WITHOUT WARRANTIES OF ANY KIND, EITHER EXPRESS OR
++ * IMPLIED, INCLUDING BUT NOT LIMITED TO NON-INFRINGEMENT, MERCHANTABILITY OR FIT FOR A PARTICULAR
++ * PURPOSE.
++ * See the Mulan PSL v2 for more details.
++ * Author: liuxu
++ * Create: 2024-4-7
++ * Description: provide version functions
++ ********************************************************************************/
++
++#ifndef UTILS_CUTILS_UTILS_VERSION_H
++#define UTILS_CUTILS_UTILS_VERSION_H
++
++#include <stdbool.h>
++#include <stddef.h>
++#include <stdint.h>
++#include <sys/types.h>
++
++#ifdef __cplusplus
++extern "C" {
++#endif
++
++int util_version_compare(const char *first, const char *second, int *diff_value);
++int util_version_greater_than(const char *first, const char *second, bool *result);
++int util_version_greater_than_or_equal_to(const char *first, const char *second, bool *result);
++
++#ifdef __cplusplus
++}
++#endif
++
++#endif // UTILS_CUTILS_UTILS_VERSION_H
+\ No newline at end of file
+-- 
+2.34.1
+
diff --git a/0067-cdi-support-modules-container_edits-parser.patch b/0067-cdi-support-modules-container_edits-parser.patch
new file mode 100644
index 0000000..901de2b
--- /dev/null
+++ b/0067-cdi-support-modules-container_edits-parser.patch
@@ -0,0 +1,1210 @@
+From d0442316761717849deb248b5da45240f7bb1d38 Mon Sep 17 00:00:00 2001
+From: liuxu <liuxu156@huawei.com>
+Date: Thu, 11 Apr 2024 11:01:44 +0800
+Subject: [PATCH 67/69] cdi:support modules container_edits/parser
+
+---
+ src/daemon/modules/api/specs_api.h            |  13 +
+ .../device/cdi/behavior/cdi_container_edits.c | 622 +++++++++++++++++-
+ .../device/cdi/behavior/cdi_container_edits.h |   2 +-
+ .../device/cdi/behavior/parser/cdi_parser.c   | 196 +++++-
+ .../device/cdi/behavior/parser/cdi_parser.h   |   6 +-
+ src/daemon/modules/spec/specs.c               | 230 +++++++
+ 6 files changed, 1052 insertions(+), 17 deletions(-)
+
+diff --git a/src/daemon/modules/api/specs_api.h b/src/daemon/modules/api/specs_api.h
+index f54c0d31..0999836b 100644
+--- a/src/daemon/modules/api/specs_api.h
++++ b/src/daemon/modules/api/specs_api.h
+@@ -55,6 +55,19 @@ const oci_runtime_spec *get_readonly_default_oci_spec(bool system_container);
+ 
+ int spec_module_init(void);
+ 
++#ifdef ENABLE_CDI
++int defs_process_add_multiple_env(defs_process *dp, const char **envs, size_t env_len);
++int spec_add_multiple_process_env(oci_runtime_spec *oci_spec, const char **envs, size_t env_len);
++int spec_add_device(oci_runtime_spec *oci_spec, defs_device *device);
++int spec_add_linux_resources_device(oci_runtime_spec *oci_spec, bool allow, const char *dev_type,
++                                    int64_t major, int64_t minor, const char *access);
++void spec_remove_mount(oci_runtime_spec *oci_spec, const char *dest);
++int spec_add_mount(oci_runtime_spec *oci_spec, defs_mount *mnt);
++int spec_add_prestart_hook(oci_runtime_spec *oci_spec, defs_hook *prestart_hook);
++int spec_add_poststart_hook(oci_runtime_spec *oci_spec, defs_hook *poststart_hook);
++int spec_add_poststop_hook(oci_runtime_spec *oci_spec, defs_hook *poststop_hook);
++#endif /* ENABLE_CDI */
++
+ #ifdef __cplusplus
+ }
+ #endif
+diff --git a/src/daemon/modules/device/cdi/behavior/cdi_container_edits.c b/src/daemon/modules/device/cdi/behavior/cdi_container_edits.c
+index 590118b1..816b9c2d 100644
+--- a/src/daemon/modules/device/cdi/behavior/cdi_container_edits.c
++++ b/src/daemon/modules/device/cdi/behavior/cdi_container_edits.c
+@@ -14,36 +14,642 @@
+  ******************************************************************************/
+ #include "cdi_container_edits.h"
+ 
++#include <sys/stat.h>
++#include <sys/sysmacros.h>
++#include <isula_libutils/auto_cleanup.h>
++#include <isula_libutils/log.h>
++#include <isula_libutils/utils_array.h>
++
++#include "error.h"
++#include "path.h"
++#include "specs_extend.h"
++#include "utils.h"
++#include "utils_array.h"
++#include "specs_api.h"
++
++/* 
++ * The OCI being used by the iSulad not supportes 
++ * createRuntime/createContainer/startContainer currently.
++ */
+ // PRESTART_HOOK is the name of the OCI "prestart" hook.
+ #define PRESTART_HOOK "prestart"
+-// CREATE_RUNTIME_HOOK is the name of the OCI "createRuntime" hook.
+-#define CREATE_RUNTIME_HOOK "createRuntime"
+-// CREATE_CONTAINER_HOOK is the name of the OCI "createContainer" hook.
+-#define CREATE_CONTAINER_HOOK "createContainer"
+-// START_CONTAINER_HOOK is the name of the OCI "startContainer" hook.
+-#define START_CONTAINER_HOOK "startContainer"
+ // POSTSTART_HOOK is the name of the OCI "poststart" hook.
+ #define POSTSTART_HOOK "poststart"
+ // POSTSTOP_HOOK is the name of the OCI "poststop" hook.
+ #define POSTSTOP_HOOK "poststop"
+ 
++#define VALID_HOOK_NAME_LEN     3
++static const char* g_valid_hook_names[VALID_HOOK_NAME_LEN] = {
++    PRESTART_HOOK, POSTSTART_HOOK, POSTSTOP_HOOK
++};
++
++static int cdi_validate_env(char **envs, size_t envs_len);
++static int cdi_validate_device_node(cdi_device_node *d);
++static int cdi_validate_hook(cdi_hook *h);
++static int cdi_validate_mount(cdi_mount *m);
++
++#define BLOCK_DEVICE    "b"
++#define CHAR_DEVICE     "c"
++#define FIFO_DEVICE     "p"
++static int device_info_from_path(const char *path, char **dev_type, int64_t *major, int64_t *minor)
++{
++    struct stat stat = { 0 };
++    int ret = 0;
++
++    ret = lstat(path, &stat);
++    if (ret != 0) {
++        ERROR("Failed to stat %s", path);
++        return -1;
++    }
++
++    if (S_ISBLK(stat.st_mode)) {
++        *dev_type = util_strdup_s(BLOCK_DEVICE);
++    } else if (S_ISCHR(stat.st_mode)) {
++        *dev_type = util_strdup_s(CHAR_DEVICE);
++    } else if (S_ISFIFO(stat.st_mode)) {
++        *dev_type = util_strdup_s(FIFO_DEVICE);
++    } else {
++        *dev_type = NULL;
++        *major = 0;
++        *minor = 0;
++        ERROR("Not a device node");
++        return -1;
++    }
++
++    *major = (int64_t)major(stat.st_rdev);
++    *minor = (int64_t)minor(stat.st_rdev);
++    return 0;
++}
++
++static int fill_device_node_info(cdi_device_node *d)
++{
++    __isula_auto_free char *dev_type = NULL;
++    int64_t major;
++    int64_t minor;
++
++    if (d->host_path == NULL) {
++        d->host_path = util_strdup_s(d->path);
++    }
++
++    if (d->type != NULL && (d->major != 0 || strcmp(d->type, FIFO_DEVICE) == 0)) {
++        return 0;
++    }
++
++    if (device_info_from_path(d->host_path, &dev_type, &major, &minor) != 0) {
++        ERROR("Failed to stat CDI host device %s", d->host_path);
++        return -1;
++    }
++
++    if (d->type == NULL) {
++        d->type = dev_type;
++        dev_type = NULL;
++    } else {
++        if (strcmp(d->type, dev_type) != 0) {
++            ERROR("CDI device (%s, %s), host type mismatch (%s, %s)", 
++                d->path, d->host_path, d->type, dev_type);
++            return -1;
++        }
++    }
++    if (d->major == 0 && strcmp(d->type, FIFO_DEVICE) != 0) {
++        d->major = major;
++        d->minor = minor;
++    }
++    return 0;
++}
++
++static cdi_device_node *clone_cdi_device_node(cdi_device_node *d)
++{
++    cdi_device_node *device_node = NULL;
++
++    device_node = util_common_calloc_s(sizeof(*device_node));
++    if (device_node == NULL) {
++        ERROR("Out of memory");
++        return NULL;
++    }
++
++    device_node->path = util_strdup_s(d->path);
++    device_node->host_path = util_strdup_s(d->host_path);
++    device_node->type = util_strdup_s(d->type);
++    device_node->major = d->major;
++    device_node->minor = d->minor;
++    device_node->file_mode = d->file_mode;
++    device_node->permissions = util_strdup_s(d->permissions);
++    device_node->uid = d->uid;
++    device_node->gid = d->gid;
++    return device_node;
++}
++
++static cdi_hook *clone_cdi_hook(cdi_hook *h)
++{
++    cdi_hook *hook = NULL;
++
++    hook = util_common_calloc_s(sizeof(*hook));
++    if (hook == NULL) {
++        ERROR("Out of memory");
++        return NULL;
++    }
++
++    hook->hook_name = util_strdup_s(h->hook_name);
++    hook->path = util_strdup_s(h->path);
++    if (h->args_len != 0) {
++        hook->args = util_copy_array_by_len(h->args, h->args_len);
++        if (hook->args == NULL) {
++            ERROR("Failed to copy args");
++            goto error_out;
++        }
++        hook->args_len = h->args_len;
++    }
++    if (h->env_len != 0) {
++        hook->env = util_copy_array_by_len(h->env, h->env_len);
++        if (hook->env == NULL) {
++            ERROR("Failed to copy env");
++            goto error_out;
++        }
++        hook->env_len = h->env_len;
++    }
++    hook->timeout = h->timeout;
++   
++    return hook;
++
++error_out:
++    free_cdi_hook(hook);
++    return NULL;
++}
++
++static cdi_mount *clone_cdi_mount(cdi_mount *m)
++{
++    cdi_mount *mount = NULL;
++
++    mount = util_common_calloc_s(sizeof(*mount));
++    if (mount == NULL) {
++        ERROR("Out of memory");
++        return NULL;
++    }
++
++    mount->host_path = util_strdup_s(m->host_path);
++    mount->container_path = util_strdup_s(m->container_path);
++    if (m->options_len != 0) {
++        mount->options = util_copy_array_by_len(m->options, m->options_len);
++        if (mount->options == NULL) {
++            ERROR("Failed to copy options");
++            free_cdi_mount(mount);
++            return NULL;
++        }
++        mount->options_len = m->options_len;
++    }
++    mount->type = util_strdup_s(m->type);
++
++    return mount;
++}
++
++static defs_hook *cdi_hook_to_oci(cdi_hook *h)
++{
++    defs_hook *oci_hook = NULL;
++
++    oci_hook = util_common_calloc_s(sizeof(*oci_hook));
++    if (oci_hook == NULL) {
++        ERROR("Out of memory");
++        return NULL;
++    }
++
++    oci_hook->path = util_strdup_s(h->path);
++    if (h->args_len != 0) {
++        oci_hook->args = util_copy_array_by_len(h->args, h->args_len);
++        if (oci_hook->args == NULL) {
++            ERROR("Failed to copy args");
++            goto error_out;
++        }
++        oci_hook->args_len = h->args_len;
++    }
++    if (h->env_len != 0) {
++        oci_hook->env = util_copy_array_by_len(h->env, h->env_len);
++        if (oci_hook->env == NULL) {
++            ERROR("Failed to copy env");
++            goto error_out;
++        }
++        oci_hook->env_len = h->env_len;
++    }
++    oci_hook->timeout = h->timeout;
++    return oci_hook;
++
++error_out:
++    free_defs_hook(oci_hook);
++    return NULL;
++}
++
++static defs_mount *cdi_mount_to_oci(cdi_mount *m)
++{
++    defs_mount *oci_mount = NULL;
++
++    oci_mount = util_common_calloc_s(sizeof(*oci_mount));
++    if (oci_mount == NULL) {
++        ERROR("Out of memory");
++        return NULL;
++    }
++
++    oci_mount->source = util_strdup_s(m->host_path);
++    oci_mount->destination = util_strdup_s(m->container_path);
++    if (m->options_len != 0) {
++        oci_mount->options = util_copy_array_by_len(m->options, m->options_len);
++        if (oci_mount->options == NULL) {
++            ERROR("Failed to copy options");
++            free_defs_mount(oci_mount);
++            return NULL;
++        }
++        oci_mount->options_len = m->options_len;
++    }
++    oci_mount->type = util_strdup_s(m->type);
++
++    return oci_mount;
++}
++
++static defs_device *cdi_device_node_to_oci(cdi_device_node *d)
++{
++    defs_device *oci_device = NULL;
++
++    oci_device = util_common_calloc_s(sizeof(*oci_device));
++    if (oci_device == NULL) {
++        ERROR("Out of memory");
++        return NULL;
++    }
++
++    oci_device->path = util_strdup_s(d->path);
++    oci_device->type = util_strdup_s(d->type);
++    oci_device->major = d->major;
++    oci_device->minor = d->minor;
++    oci_device->file_mode = d->file_mode;
++    oci_device->uid = d->uid;
++    oci_device->gid = d->gid;
++    
++    return oci_device;
++}
++
++static int apply_cdi_device_nodes(cdi_container_edits *e, oci_runtime_spec *spec)
++{
++    size_t i;
++    defs_device *dev = NULL;
++    cdi_device_node *dn = NULL;
++    const char *access = NULL;
++
++    for (i = 0; i < e->device_nodes_len; i++) {
++        dn = clone_cdi_device_node(e->device_nodes[i]);
++        if (dn == NULL) {
++            ERROR("Failed to copy device node");
++            goto error_out;
++        }
++
++        if (fill_device_node_info(dn) != 0) {
++            goto error_out;
++        }
++        dev = cdi_device_node_to_oci(dn);
++        if (dev == NULL) {
++            ERROR("Failed to generate oci device");
++            goto error_out;
++        }
++        /* Currently, for uid and gid, isulad cannot distinguish
++         * 0 and unspecified. Here, 0 is processed as unspecified.
++         */
++        if (dev->uid == 0 && spec->process != NULL) {
++            if (spec->process->user->uid > 0) {
++                dev->uid = spec->process->user->uid;
++            }
++        }
++        if (dev->gid == 0 && spec->process != NULL) {
++            if (spec->process->user->gid > 0) {
++                dev->gid = spec->process->user->gid;
++            }
++        }
++
++        if (spec_add_device(spec, dev) != 0) {
++            goto error_out;
++        }
++
++        if (strcmp(dev->type, BLOCK_DEVICE) == 0 || strcmp(dev->type, CHAR_DEVICE) == 0) {
++            if (e->device_nodes[i]->permissions != NULL) {
++                access = e->device_nodes[i]->permissions;
++            } else {
++                access = "rwm";
++            }
++            if (spec_add_linux_resources_device(spec, true, dev->type,
++                dev->major, dev->minor, access)) {
++                dev = NULL;
++                goto error_out;
++            }
++        }
++        free_cdi_device_node(dn);
++        dn = NULL;
++        dev = NULL;
++    }
++
++    return 0;
++
++error_out:
++    free_cdi_device_node(dn);
++    free_defs_device(dev);
++    return -1;
++}
++
++static int defs_mount_parts(defs_mount *m)
++{
++    char cleanpath[PATH_MAX] = { 0 };
++    if (util_clean_path(m->destination, cleanpath, sizeof(cleanpath)) == NULL) {
++        return -1;
++    }
++
++    return util_strings_count(cleanpath, '/');
++}
++
++static inline int defs_mount_cmp(defs_mount **first, defs_mount **second)
++{
++    int first_part = defs_mount_parts(*first);
++    int second_part = defs_mount_parts(*second);
++
++    if (first_part < second_part) {
++        return -1;
++    }
++    if (first_part > second_part) {
++        return 1;
++    }
++
++    return strcmp((*first)->destination, (*second)->destination);
++}
++
++static int apply_cdi_mounts(cdi_container_edits *e, oci_runtime_spec *spec)
++{
++    size_t i;
++    defs_mount *mnt = NULL;
++
++    if (e->mounts_len == 0) {
++        return 0;
++    }
++
++    for (i = 0; i < e->mounts_len; i++) {
++        spec_remove_mount(spec, e->mounts[i]->container_path);
++        mnt = cdi_mount_to_oci(e->mounts[i]);
++        if (spec_add_mount(spec, mnt) != 0) {
++            free_defs_mount(mnt);
++            return -1;
++        }
++    }
++        
++    qsort(spec->mounts, spec->mounts_len,
++              sizeof(defs_mount *), (int (*)(const void *, const void *))defs_mount_cmp);
++    return 0;
++}
++
++static int apply_cdi_hooks(cdi_container_edits *e, oci_runtime_spec *spec)
++{
++    size_t i;
++    int ret = 0;
++
++    for (i = 0; i < e->hooks_len; i++) {
++        defs_hook *oci_hook = cdi_hook_to_oci(e->hooks[i]);
++        if (strcmp(e->hooks[i]->hook_name, PRESTART_HOOK)) {
++            ret = spec_add_prestart_hook(spec, oci_hook);
++        } else if (strcmp(e->hooks[i]->hook_name, POSTSTART_HOOK)) {
++            ret = spec_add_poststart_hook(spec, oci_hook);
++        } else if (strcmp(e->hooks[i]->hook_name, POSTSTOP_HOOK)) {
++            ret = spec_add_poststop_hook(spec, oci_hook);
++        } else {
++            /* 
++            * The OCI being used by the iSulad not supportes 
++            * createRuntime/createContainer/startContainer currently.
++            */
++            ERROR("Unknown hook name %s", e->hooks[i]->hook_name);
++            free_defs_hook(oci_hook);
++            return -1;
++        }
++        if (ret != 0) {
++            ERROR("Failed add hook %s", e->hooks[i]->hook_name);
++            free_defs_hook(oci_hook);
++            return -1;
++        }
++    }
++    return ret;
++}
++
+ int cdi_container_edits_apply(cdi_container_edits *e, oci_runtime_spec *spec)
+ {
++    if (spec == NULL) {
++        ERROR("Can't edit nil OCI Spec");
++        return -1;
++    }
++    if (e == NULL) {
++        WARN("Cdi container edits is nil");
++        return 0;
++    }
++
++    if (e->env_len > 0) {
++        if (spec_add_multiple_process_env(spec, (const char **)e->env, e->env_len) != 0) {
++            ERROR("Failed to merge envs");
++            return -1;
++        }
++    }
++
++    if (apply_cdi_device_nodes(e, spec) != 0) {
++        ERROR("Failed to apply device nodes");
++        return -1;
++    }
++
++    if (apply_cdi_mounts(e, spec) != 0) {
++        ERROR("Failed to apply mounts");
++        return -1;
++    }
++
++    if (apply_cdi_hooks(e, spec) != 0) {
++        ERROR("Failed to apply hooks");
++        return -1;
++    }
++
+     return 0;
+ }
+ 
+-int cdi_container_edits_validate(cdi_container_edits *e, char **error)
++int cdi_container_edits_validate(cdi_container_edits *e)
+ {
++    size_t i;
++
++    if (e == NULL) {
++        WARN("Cdi container edits is nil");
++        return 0;
++    }
++
++    if (cdi_validate_env(e->env, e->env_len) != 0) {
++        ERROR("Invalid container edits");
++        return -1;
++    }
++    for (i = 0; i < e->device_nodes_len; i++) {
++        if (cdi_validate_device_node(e->device_nodes[i]) != 0) {
++            ERROR("Invalid container device node");
++            return -1;
++        }
++    }
++    for (i = 0; i < e->hooks_len; i++) {
++        if (cdi_validate_hook(e->hooks[i]) != 0) {
++            ERROR("Invalid container hook");
++            return -1;
++        }
++    }
++    for (i = 0; i < e->mounts_len; i++) {
++        if (cdi_validate_mount(e->mounts[i]) != 0) {
++            ERROR("Invalid container mount");
++            return -1;
++        }
++    }
++
+     return 0;
+ }
+ 
++#define EDITS_APPEND_ITEM_DEF(item)                                                                     \
++    static int append_##item(cdi_container_edits *e, cdi_container_edits *o, clone_common_array_item_cb cb) \
++    {                                                                                                   \
++        common_array e_array = {                                                                        \
++            .items = (void **)e->item,                                                                  \
++            .len = e->item##_len,                                                                       \
++            .cap = e->item##_len,                                                                       \
++            .free_item_cb = NULL,                                                                       \
++            .clone_item_cb = cb                                                                         \
++        };                                                                                              \
++        common_array o_array = {                                                                        \
++            .items = (void **)o->item,                                                                  \
++            .len = o->item##_len,                                                                       \
++            .cap = o->item##_len,                                                                       \
++            .free_item_cb = NULL,                                                                       \
++            .clone_item_cb = cb                                                                         \
++        };                                                                                              \
++        if (util_merge_common_array(&e_array, &o_array) != 0) {                                         \
++            ERROR("Out of memory");                                                                     \
++            return -1;                                                                                  \
++        }                                                                                               \
++        e->item = (void *)e_array.items;                                                                \
++        e->item##_len += o->item##_len;                                                                 \
++        return 0;                                                                                       \
++    }
++
++EDITS_APPEND_ITEM_DEF(env)
++EDITS_APPEND_ITEM_DEF(device_nodes)
++EDITS_APPEND_ITEM_DEF(hooks)
++EDITS_APPEND_ITEM_DEF(mounts)
++
+ int cdi_container_edits_append(cdi_container_edits *e, cdi_container_edits *o)
+ {
++    if (o == NULL) {
++        return 0;
++    }
++    if (e == NULL) {
++        ERROR("Invalid params");
++        return -1;
++    }
++
++    if (append_env(e, o, (clone_common_array_item_cb)util_strdup_s) != 0) {
++        return -1;
++    }
++    if (append_device_nodes(e, o, (clone_common_array_item_cb)clone_cdi_device_node) != 0) {
++        return -1;
++    }
++    if (append_hooks(e, o, (clone_common_array_item_cb)clone_cdi_hook) != 0) {
++        return -1;
++    }
++    if (append_mounts(e, o, (clone_common_array_item_cb)clone_cdi_mount) != 0) {
++        return -1;
++    }
++
+     return 0;
+ }
+ 
+ bool cdi_container_edits_is_empty(cdi_container_edits *e)
+ {
+-    return true;
++    if (e == NULL) {
++        return false;
++    }
++    return e->env_len + e->device_nodes_len + e->hooks_len + e->mounts_len == 0;
+ }
+ 
++static int cdi_validate_env(char **envs, size_t envs_len)
++{
++    size_t i;
++    char *ptr = NULL;
++
++    for (i = 0; i < envs_len; i++) {
++        ptr = strchr(envs[i], '=');
++        if (ptr == NULL || ptr == envs[i]) {
++            ERROR("Invalid environment variable %s", envs[i]);
++            return -1;
++        }
++    }
++    return 0;
++}
++
++static int cdi_validate_device_node(cdi_device_node *d)
++{
++    char *p = NULL;
++
++    if (d == NULL) {
++        ERROR("Device node is nil");
++        return -1;
++    }
++
++    if (d->path == NULL) {
++        ERROR("Invalid (empty) device path");
++        return -1;
++    }
++    if (d->type != NULL && strcmp(d->type, BLOCK_DEVICE) != 0 &&
++        strcmp(d->type, CHAR_DEVICE) != 0 && strcmp(d->type, FIFO_DEVICE) != 0) {
++        ERROR("Device %s: invalid type %s", d->path, d->type);
++        return -1;
++    }
++    for (p = d->permissions; p != NULL && *p != '\0'; p++) {
++        if (*p != 'r' && *p != 'w' && *p != 'm') {
++            ERROR("Device %s: invalid permissions %s", d->path, d->permissions);
++            return -1;
++        }
++    }
++
++    return 0;
++}
++
++static int cdi_validate_hook(cdi_hook *h)
++{
++    size_t i;
++
++    if (h == NULL) {
++        ERROR("Hook is nil");
++        return -1;
++    }
++
++    for (i = 0; i < VALID_HOOK_NAME_LEN; i++) {
++        if (strcmp(h->hook_name, g_valid_hook_names[i]) == 0) {
++            break;
++        }
++    }
++    if (i == VALID_HOOK_NAME_LEN) {
++        ERROR("Invalid hook name %s", h->hook_name);
++        return -1;
++    }
++    if (h->path == NULL) {
++        ERROR("Invalid hook %s with empty path", h->hook_name);
++        return -1;
++    }
++    if (cdi_validate_env(h->env, h->env_len) != 0) {
++        ERROR("Invalid hook %s", h->hook_name);
++        return -1;
++    }
++    return 0;
++}
++
++static int cdi_validate_mount(cdi_mount *m)
++{
++    if (m == NULL) {
++        ERROR("Mount is nil");
++        return -1;
++    }
++
++    if (m->host_path == NULL) {
++        ERROR("Invalid mount, empty host path");
++        return -1;
++    }
++    if (m->container_path == NULL) {
++        ERROR("Invalid mount, empty container path");
++        return -1;
++    }
++    return 0;
++}
+diff --git a/src/daemon/modules/device/cdi/behavior/cdi_container_edits.h b/src/daemon/modules/device/cdi/behavior/cdi_container_edits.h
+index ea921e37..ddceec25 100644
+--- a/src/daemon/modules/device/cdi/behavior/cdi_container_edits.h
++++ b/src/daemon/modules/device/cdi/behavior/cdi_container_edits.h
+@@ -28,7 +28,7 @@ extern "C" {
+ #endif
+ 
+ int cdi_container_edits_apply(cdi_container_edits *e, oci_runtime_spec *spec);
+-int cdi_container_edits_validate(cdi_container_edits *e, char **error);
++int cdi_container_edits_validate(cdi_container_edits *e);
+ int cdi_container_edits_append(cdi_container_edits *e, cdi_container_edits *o);
+ bool cdi_container_edits_is_empty(cdi_container_edits *e);
+ 
+diff --git a/src/daemon/modules/device/cdi/behavior/parser/cdi_parser.c b/src/daemon/modules/device/cdi/behavior/parser/cdi_parser.c
+index 14293c72..8824d29c 100644
+--- a/src/daemon/modules/device/cdi/behavior/parser/cdi_parser.c
++++ b/src/daemon/modules/device/cdi/behavior/parser/cdi_parser.c
+@@ -14,42 +14,228 @@
+  ******************************************************************************/
+ #include "cdi_parser.h"
+ 
++#include <stdio.h>
++#include <ctype.h>
++#include <string.h>
++#include <isula_libutils/log.h>
++#include <isula_libutils/auto_cleanup.h>
++
++#include "error.h"
++#include "utils_string.h"
++
++/* cdi_parser_qualified_name returns the qualified name for a device.
++ * The syntax for a qualified device names is
++ *
++ *	"<vendor>/<class>=<name>".
++ *
++ * A valid vendor and class name may contain the following runes:
++ *
++ *	'A'-'Z', 'a'-'z', '0'-'9', '.', '-', '_'.
++ *
++ * A valid device name may contain the following runes:
++ *
++ *	'A'-'Z', 'a'-'z', '0'-'9', '-', '_', '.', ':'
++ */
+ char *cdi_parser_qualified_name(const char *vendor, const char *class, const char *name)
+ {
+-    return NULL;
++    char device_name[PATH_MAX] = { 0 };
++    int nret;
++
++    if (vendor == NULL || class == NULL || name == NULL) {
++        ERROR("Invalid argument");
++        return NULL;
++    }
++
++    nret = snprintf(device_name, sizeof(device_name), "%s/%s=%s",
++                        vendor, class, name);
++    if (nret < 0 || (size_t)nret >= sizeof(device_name)) {
++        ERROR("Device name is too long");
++        return NULL;
++    }
++    return util_strdup_s(device_name);
+ }
+ 
++// cdi_parser_is_qualified_name tests if a device name is qualified.
+ bool cdi_parser_is_qualified_name(const char *device)
+ {
+-    return true;
++    __isula_auto_free char *vendor = NULL;
++    __isula_auto_free char *class = NULL;
++    __isula_auto_free char *name = NULL;
++
++    return cdi_parser_parse_qualified_name(device, &vendor, &class, &name) == 0;
+ }
+ 
++// cdi_parser_parse_qualified_name splits a qualified name into device vendor, class, and name.
+ int cdi_parser_parse_qualified_name(const char *device, char **vendor, char **class, char **name)
+ {
++    int ret = 0;
++
++    ret = cdi_parser_parse_device(device, vendor, class, name);
++    if (ret != 0) {
++        if (*vendor == NULL) {
++            ERROR("Unqualified device %s, missing vendor", device);
++            return -1;
++        }
++        if (*class == NULL) {
++            ERROR("Unqualified device %s, missing class", device);
++            return -1;
++        }
++        if (*name == NULL) {
++            ERROR("Unqualified device %s, missing name", device);
++            return -1;
++        }
++        ERROR("Unqualified device %s", device);
++        return -1;
++    }
++
++    if (cdi_parser_validate_vendor_name(*vendor) != 0) {
++        ERROR("Invalid device %s", device);
++        goto err_out;
++    }
++    if (cdi_parser_validate_class_name(*class) != 0) {
++        ERROR("Invalid device %s", device);
++        goto err_out;
++    }
++    if (cdi_parser_validate_device_name(*name) != 0) {
++        ERROR("Invalid device %s", device);
++        goto err_out;
++    }
++
+     return 0;
++
++err_out:
++    free(*vendor);
++    *vendor = NULL;
++    free(*class);
++    *class = NULL;
++    free(*name);
++    *name = NULL;
++    return -1;
+ }
+ 
++// cdi_parser_parse_device tries to split a device name into vendor, class, and name.
+ int cdi_parser_parse_device(const char *device, char **vendor, char **class, char **name)
+ {
++    __isula_auto_array_t char **parts = NULL;
++
++    if (vendor == NULL || class == NULL || name == NULL || 
++        device == NULL || device[0] == '/') {
++        ERROR("Invalid argument");
++        return -1;
++    }
++
++    parts = util_string_split_n(device, '=', 2);
++    if (parts == NULL || util_array_len((const char **)parts) != 2 || parts[0] == NULL || parts[1] == NULL) {
++        return -1;
++    }
++
++    *name = parts[1];
++    parts[1] = NULL;
++    (void)cdi_parser_parse_qualifier(parts[0], vendor, class);
++    if (*vendor == NULL) {
++        ERROR("Failed to parse device qualifier: %s", parts[0]);
++        return -1;
++    }
++
+     return 0;
+ }
+ 
++/* cdi_parser_parse_qualifier splits a device qualifier into vendor and class.
++ * The syntax for a device qualifier is
++ *
++ *	"<vendor>/<class>"
++ */
+ int cdi_parser_parse_qualifier(const char *kind, char **vendor, char **class)
+ {
++    __isula_auto_array_t char **parts = NULL;
++
++    if (kind == NULL || vendor == NULL || class == NULL) {
++        ERROR("Invalid argument");
++        return -1;
++    }
++
++    parts = util_string_split_n(kind, '/', 2);
++    if (parts == NULL || util_array_len((const char **)parts) != 2 || parts[0] == NULL || parts[1] == NULL) {
++        return -1;
++    }
++    *vendor = parts[0];
++    parts[0] = NULL;
++    *class = parts[1];
++    parts[1] = NULL;
++
++    return 0;
++}
++
++static int validate_vendor_or_class_name(const char *name)
++{
++    int i = 0;
++
++    if (name == NULL) {
++        ERROR("Empty name");
++        return -1;
++    }
++
++    if (!isalpha(name[0])) {
++        ERROR("%s, should start with letter", name);
++        return -1;
++    }
++    for (i = 1; name[i] != '\0'; i++) {
++        if (!(isalnum(name[i]) || name[i] == '_' || name[i] == '-' || name[i] == '.')) {
++            ERROR("Invalid character '%c' in name %s", name[i], name);
++            return -1;
++        }
++    }
++    if (!isalnum(name[i - 1])) {
++        ERROR("%s, should end with a letter or digit", name);
++        return -1;
++    }
++
+     return 0;
+ }
+ 
+-int cdi_parser_validate_vendor_name(const char *vendor, char **error)
++int cdi_parser_validate_vendor_name(const char *vendor)
+ {
++    if (validate_vendor_or_class_name(vendor) != 0) {
++        ERROR("Invalid vendor");
++        return -1;
++    }
+     return 0;
+ }
+ 
+-int cdi_parser_validate_class_name(const char *class, char **error)
++int cdi_parser_validate_class_name(const char *class)
+ {
++    if (validate_vendor_or_class_name(class) != 0) {
++        ERROR("Invalid class.");
++        return -1;
++    }
+     return 0;
+ }
+ 
+-int cdi_parser_validate_device_name(const char *name, char **error)
++int cdi_parser_validate_device_name(const char *name)
+ {
++    size_t i;
++    
++    if (name == NULL) {
++        ERROR("Invalid (empty) device name");
++        return -1;
++    }
++    if (!isalnum(name[0])) {
++        ERROR("Invalid class %s, should start with a letter or digit", name);
++        return -1;
++    }
++    if (strlen(name) == 1) {
++        return 0;
++    }
++    for (i = 1; name[i] != '\0'; i++) {
++        if (!(isalnum(name[i]) || name[i] == '_' || name[i] == '-' || name[i] == '.' || name[i] == ':')) {
++            ERROR("Invalid character '%c' in device name %s", name[i], name);
++            return -1;
++        }
++    }
++    if (!isalnum(name[i - 1])) {
++        ERROR("Invalid name %s, should end with a letter or digit", name);
++        return -1;
++    }
++
+     return 0;
+ }
+diff --git a/src/daemon/modules/device/cdi/behavior/parser/cdi_parser.h b/src/daemon/modules/device/cdi/behavior/parser/cdi_parser.h
+index 467641a1..3658e29b 100644
+--- a/src/daemon/modules/device/cdi/behavior/parser/cdi_parser.h
++++ b/src/daemon/modules/device/cdi/behavior/parser/cdi_parser.h
+@@ -27,9 +27,9 @@ bool cdi_parser_is_qualified_name(const char *device);
+ int cdi_parser_parse_qualified_name(const char *device, char **vendor, char **class, char **name);
+ int cdi_parser_parse_device(const char *device, char **vendor, char **class, char **name);
+ int cdi_parser_parse_qualifier(const char *kind, char **vendor, char **class);
+-int cdi_parser_validate_vendor_name(const char *vendor, char **error);
+-int cdi_parser_validate_class_name(const char *class, char **error);
+-int cdi_parser_validate_device_name(const char *name, char **error);
++int cdi_parser_validate_vendor_name(const char *vendor);
++int cdi_parser_validate_class_name(const char *class);
++int cdi_parser_validate_device_name(const char *name);
+ 
+ #ifdef __cplusplus
+ }
+diff --git a/src/daemon/modules/spec/specs.c b/src/daemon/modules/spec/specs.c
+index b4d2b0f6..77ca70f9 100644
+--- a/src/daemon/modules/spec/specs.c
++++ b/src/daemon/modules/spec/specs.c
+@@ -29,6 +29,7 @@
+ #include <isula_libutils/host_config.h>
+ #include <isula_libutils/log.h>
+ #include <isula_libutils/auto_cleanup.h>
++#include <isula_libutils/utils_array.h>
+ 
+ #include "specs_api.h"
+ #include "utils.h"
+@@ -2595,3 +2596,232 @@ int spec_module_init(void)
+     return 0;
+ }
+ 
++#ifdef ENABLE_CDI
++static int add_env(defs_process *dp, const char *env, const char *key)
++{
++    size_t i;
++    char *oci_key = NULL;
++    char *oci_value = NULL;
++    char *saveptr = NULL;
++    __isula_auto_free char *tmp_env = NULL;
++ 
++    for (i = 0; i < dp->env_len; i++) {
++        tmp_env = util_strdup_s(dp->env[i]);
++        oci_key = strtok_r(tmp_env, "=", &saveptr);
++        oci_value = strtok_r(NULL, "=", &saveptr);
++        if (oci_key == NULL || oci_value == NULL) {
++            ERROR("Bad env format");
++            return -1;
++        }
++        if (strcmp(key, oci_key) == 0) {
++            free(dp->env[i]);
++            dp->env[i] = util_strdup_s(env);
++            return 0;
++        }
++        free(tmp_env);
++        tmp_env = NULL;
++    }
++    if (util_mem_realloc((void **)&dp->env, (dp->env_len + 1) * sizeof(char *),
++                         (void *)dp->env, dp->env_len * sizeof(char *)) != 0) {
++        ERROR("Out of memory");
++        return -1;
++    }
++    dp->env[dp->env_len] = util_strdup_s(env);
++    dp->env_len++;
++    return 0;
++}
++
++int defs_process_add_multiple_env(defs_process *dp, const char **envs, size_t env_len)
++{
++    size_t i;
++    char *key = NULL;
++    char *value = NULL;
++    char *saveptr = NULL;
++    __isula_auto_free char *tmp_env = NULL;
++
++    if (envs == NULL || env_len == 0) {
++        DEBUG("empty envs");
++        return 0;
++    }
++    if (dp == NULL) {
++        ERROR("Invalid params");
++        return -1;
++    }
++
++    for (i = 0; i < env_len; i++) {
++        tmp_env = util_strdup_s(envs[i]);
++        key = strtok_r(tmp_env, "=", &saveptr);
++        value = strtok_r(NULL, "=", &saveptr);
++        if (key == NULL || value == NULL) {
++            ERROR("Bad env format: %s", tmp_env);
++            return -1;
++        }
++        if (add_env(dp, envs[i], key) != 0) {
++            return -1;
++        }
++        free(tmp_env);
++        tmp_env = NULL;
++    }
++
++    return 0;
++}
++
++int spec_add_multiple_process_env(oci_runtime_spec *oci_spec, const char **envs, size_t env_len)
++{
++    int ret = 0;
++    
++    if (envs == NULL || env_len == 0) {
++        DEBUG("empty envs");
++        return 0;
++    }
++    if (oci_spec == NULL) {
++        ERROR("Invalid params");
++        return -1;
++    }
++ 
++    ret = make_sure_oci_spec_process(oci_spec);
++    if (ret < 0) {
++        ERROR("Out of memory");
++        return -1;
++    }
++ 
++    ret = defs_process_add_multiple_env(oci_spec->process, envs, env_len);
++    if (ret < 0) {
++        ERROR("Failed to add envs");
++    }
++ 
++    return ret;
++}
++ 
++int spec_add_device(oci_runtime_spec *oci_spec, defs_device *device)
++{
++    int ret = 0;
++    size_t i;
++ 
++    if (device == NULL) {
++        return -1;
++    }
++    ret = make_sure_oci_spec_linux(oci_spec);
++    if (ret < 0) {
++        return -1;
++    }
++    
++    for (i = 0; i < oci_spec->linux->devices_len; i++) {
++        if (strcmp(oci_spec->linux->devices[i]->path, device->path) == 0) {
++            free_defs_device(oci_spec->linux->devices[i]);
++            oci_spec->linux->devices[i] = device;
++            return 0;
++        }
++    }
++
++    if (util_mem_realloc((void **)&oci_spec->linux->devices, (oci_spec->linux->devices_len + 1) * sizeof(char *),
++                         (void *)oci_spec->linux->devices, oci_spec->linux->devices_len * sizeof(char *)) != 0) {
++        ERROR("Out of memory");
++        return -1;
++    }
++    oci_spec->linux->devices[oci_spec->linux->devices_len] = device;
++    oci_spec->linux->devices_len++;
++ 
++    return 0;
++}
++ 
++int spec_add_linux_resources_device(oci_runtime_spec *oci_spec, bool allow, const char *dev_type,
++                                    int64_t major, int64_t minor, const char *access)
++{
++    int ret = 0;
++    defs_device_cgroup *device = NULL;
++ 
++    ret = make_sure_oci_spec_linux_resources(oci_spec);
++    if (ret < 0) {
++        return -1;
++    }
++ 
++    device = util_common_calloc_s(sizeof(*device));
++    if (device == NULL) {
++        ERROR("Out of memory");
++        return -1;
++    }
++    device->allow = allow;
++    device->type = util_strdup_s(dev_type);
++    device->access = util_strdup_s(access);
++    device->major = major;
++    device->minor = minor;
++
++    if (util_mem_realloc((void **)&oci_spec->linux->resources->devices, (oci_spec->linux->resources->devices_len + 1) * sizeof(char *),
++                         (void *)oci_spec->linux->resources->devices, oci_spec->linux->resources->devices_len * sizeof(char *)) != 0) {
++        ERROR("Out of memory");
++        free_defs_device_cgroup(device);
++        return -1;
++    }
++    oci_spec->linux->resources->devices[oci_spec->linux->resources->devices_len] = device;
++    oci_spec->linux->resources->devices_len++;
++ 
++    return 0;
++}
++ 
++void spec_remove_mount(oci_runtime_spec *oci_spec, const char *dest)
++{
++    size_t i;
++ 
++    if (oci_spec == NULL || oci_spec->mounts == NULL || dest == NULL) {
++        return;
++    }
++ 
++    for (i = 0; i < oci_spec->mounts_len; i++) {
++        if (strcmp(oci_spec->mounts[i]->destination, dest) == 0) {
++            free_defs_mount(oci_spec->mounts[i]);
++            (void)memcpy((void **)&oci_spec->mounts[i], (void **)&oci_spec->mounts[i + 1],
++                (oci_spec->mounts_len - i - 1) * sizeof(void *));        
++            oci_spec->mounts_len--;
++            return;
++        }
++    }
++}
++ 
++int spec_add_mount(oci_runtime_spec *oci_spec, defs_mount *mnt)
++{
++    if (oci_spec == NULL || mnt == NULL) {
++        return -1;
++    }
++    
++    if (util_mem_realloc((void **)&oci_spec->mounts, (oci_spec->mounts_len + 1) * sizeof(char *),
++                         (void *)oci_spec->mounts, oci_spec->mounts_len * sizeof(char *)) != 0) {
++        ERROR("Out of memory");
++        return -1;
++    }
++    oci_spec->mounts[oci_spec->mounts_len] = mnt;
++    oci_spec->mounts_len++;
++ 
++    return 0;
++}
++ 
++#define SPEC_ADD_HOOKS_ITEM_DEF(hooktype)                                                                                   \
++    int spec_add_##hooktype##_hook(oci_runtime_spec *oci_spec, defs_hook *hooktype##_hook)                                  \
++    {                                                                                                                       \
++        int ret = 0;                                                                                                        \
++        if (oci_spec == NULL || hooktype##_hook == NULL) {                                                                  \
++            return -1;                                                                                                      \
++        }                                                                                                                   \
++        ret = make_sure_oci_spec_hooks(oci_spec);                                                                           \
++        if (ret < 0) {                                                                                                      \
++            return -1;                                                                                                      \
++        }                                                                                                                   \
++        if (util_mem_realloc((void **)&oci_spec->hooks->hooktype, (oci_spec->hooks->hooktype##_len + 1) * sizeof(char *),   \
++                             (void *)oci_spec->hooks->hooktype, oci_spec->hooks->hooktype##_len * sizeof(char *)) != 0) {   \
++            ERROR("Out of memory");                                                                                         \
++            return -1;                                                                                                      \
++        }                                                                                                                   \
++        oci_spec->hooks->hooktype[oci_spec->hooks->hooktype##_len] = hooktype##_hook;                                       \
++        oci_spec->hooks->hooktype##_len++;                                                                                  \
++        return 0;                                                                                                           \
++    }
++ 
++/* 
++* The OCI being used by the iSulad not supportes 
++* createRuntime/createContainer/startContainer currently.
++*/
++SPEC_ADD_HOOKS_ITEM_DEF(prestart)
++SPEC_ADD_HOOKS_ITEM_DEF(poststart)
++SPEC_ADD_HOOKS_ITEM_DEF(poststop)
++
++#endif /* ENABLE_CDI */
+\ No newline at end of file
+-- 
+2.34.1
+
diff --git a/0068-cdi-invoke-cdi-operate-when-init-isulad-and-create-c.patch b/0068-cdi-invoke-cdi-operate-when-init-isulad-and-create-c.patch
new file mode 100644
index 0000000..3633616
--- /dev/null
+++ b/0068-cdi-invoke-cdi-operate-when-init-isulad-and-create-c.patch
@@ -0,0 +1,371 @@
+From 0674bfac4dd1ab812432334c779ab718dc54bc8b Mon Sep 17 00:00:00 2001
+From: liuxu <liuxu156@huawei.com>
+Date: Thu, 11 Apr 2024 11:02:19 +0800
+Subject: [PATCH 68/69] cdi:invoke cdi operate when init isulad and create
+ container
+
+---
+ src/cmd/isulad/main.c                         | 11 +++
+ src/daemon/common/cri/v1/v1_cri_helpers.cc    | 79 +++++++++++++++++++
+ src/daemon/common/cri/v1/v1_cri_helpers.h     |  3 +
+ src/daemon/config/daemon_arguments.c          |  4 +
+ src/daemon/config/isulad_config.c             |  8 ++
+ .../v1/v1_cri_container_manager_service.cc    |  8 ++
+ .../executor/container_cb/execution_create.c  |  9 +++
+ .../modules/service/service_container.c       | 10 +++
+ src/daemon/modules/spec/specs_mount.c         | 43 +++++++++-
+ src/daemon/modules/spec/specs_mount.h         |  4 +
+ src/daemon/modules/spec/verify.c              |  2 +-
+ 11 files changed, 179 insertions(+), 2 deletions(-)
+
+diff --git a/src/cmd/isulad/main.c b/src/cmd/isulad/main.c
+index 9fa87bdb..3e2249d7 100644
+--- a/src/cmd/isulad/main.c
++++ b/src/cmd/isulad/main.c
+@@ -83,6 +83,9 @@
+ #endif
+ #include "id_name_manager.h"
+ #include "cgroup.h"
++#ifdef ENABLE_CDI
++#include "cdi_operate_api.h"
++#endif /* ENABLE_CDI */
+ 
+ sem_t g_daemon_shutdown_sem;
+ sem_t g_daemon_wait_shutdown_sem;
+@@ -1400,6 +1403,14 @@ static int isulad_server_init_common()
+     }
+ #endif
+ 
++#ifdef ENABLE_CDI
++    if (args->json_confs->enable_cdi &&
++        cdi_operate_registry_init(args->json_confs->cdi_spec_dirs, args->json_confs->cdi_spec_dirs_len) != 0) {
++        ERROR("Failed to init CDI module");
++        goto out;
++    }
++#endif /* ENABLE_CDI */
++
+     if (spec_module_init() != 0) {
+         ERROR("Failed to init spec module");
+         goto out;
+diff --git a/src/daemon/common/cri/v1/v1_cri_helpers.cc b/src/daemon/common/cri/v1/v1_cri_helpers.cc
+index ea5c8bb5..520d23d4 100644
+--- a/src/daemon/common/cri/v1/v1_cri_helpers.cc
++++ b/src/daemon/common/cri/v1/v1_cri_helpers.cc
+@@ -22,6 +22,7 @@
+ 
+ #include <isula_libutils/log.h>
+ #include <isula_libutils/parse_common.h>
++#include <isula_libutils/auto_cleanup.h>
+ 
+ #include "v1_cri_security_context.h"
+ #include "cri_helpers.h"
+@@ -33,6 +34,9 @@
+ #include "isulad_config.h"
+ #include "sha256.h"
+ #include "v1_naming.h"
++#ifdef ENABLE_CDI
++#include "cdi_operate_api.h"
++#endif /* ENABLE_CDI */
+ 
+ namespace CRIHelpersV1 {
+ 
+@@ -666,4 +670,79 @@ std::unique_ptr<runtime::v1::ContainerStatus> GetContainerStatus(service_executo
+     return contStatus;
+ }
+ 
++#ifdef ENABLE_CDI
++static int InsertCDIDevices(std::unordered_set<std::string> &fromCRI, const std::string &devName,
++                            string_array *requested, Errors &err)
++{
++    if (fromCRI.find(devName) == fromCRI.end()) {
++        fromCRI.insert(devName);
++        if (util_append_string_array(requested, devName.c_str()) != 0) {
++            ERROR("Out of memory");
++            err.Errorf("Out of memory");
++            return -1;
++        }
++        DEBUG("Appended device: %s", devName.c_str());
++    } else {
++        INFO("Skipping duplicate CDI device %s", devName.c_str());
++    }
++    return 0;
++}
++ 
++void GenerateCDIRequestedDevices(const runtime::v1::ContainerConfig &config, host_config *hostconfig, Errors &err)
++{
++    std::unordered_set<std::string> fromCRI;
++    __isula_auto_string_array_t string_array *requested = nullptr;
++    __isula_auto_string_array_t string_array *keys = nullptr;
++    __isula_auto_string_array_t string_array *devices = nullptr;
++    json_map_string_string *annotations = nullptr;
++    __isula_auto_free char *error = nullptr;
++ 
++    if (hostconfig == nullptr) {
++        ERROR("Invalid input arguments");
++        err.Errorf("Invalid input arguments");
++        return;
++    }
++    
++    if (config.cdi_devices().empty() && config.annotations().empty()) {
++        return;
++    }
++    requested = (string_array *)util_common_calloc_s(sizeof(*requested));
++    if (requested == nullptr) {
++        ERROR("Out of memory");
++        err.Errorf("Out of memory");
++        return;
++    }
++    if (!config.cdi_devices().empty()) {
++        for (int i = 0; i < config.cdi_devices().size(); i++) {
++            if (InsertCDIDevices(fromCRI, config.cdi_devices(i).name(), requested, err) != 0) {
++                goto free_out;
++            }
++        }
++    }
++    if (!config.annotations().empty()) {
++        annotations = CRIHelpers::MakeAnnotations(config.annotations(), err);
++        if (err.NotEmpty()) {
++            goto free_out;
++        }
++        if (cdi_operate_parse_annotations(annotations, &keys, &devices, &error) != 0) {
++            ERROR("Failed to parse CDI annotations: %s", error);
++            err.Errorf("Failed to parse CDI annotations: %s", error);
++            goto free_out;
++        }
++        for (size_t i = 0; i < devices->len; i++) {
++            if (InsertCDIDevices(fromCRI, std::string(devices->items[i]), requested, err) != 0) {
++                goto free_out;
++            }
++        }
++    }
++    hostconfig->cdi_requested_devices = requested->items;
++    requested->items = nullptr;
++    hostconfig->cdi_requested_devices_len = requested->len;
++    requested->len = 0;
++ 
++free_out:
++    free_json_map_string_string(annotations);
++}
++#endif /* ENABLE_CDI */
++
+ } // v1 namespace CRIHelpers
+diff --git a/src/daemon/common/cri/v1/v1_cri_helpers.h b/src/daemon/common/cri/v1/v1_cri_helpers.h
+index 1578c428..22cffd0d 100644
+--- a/src/daemon/common/cri/v1/v1_cri_helpers.h
++++ b/src/daemon/common/cri/v1/v1_cri_helpers.h
+@@ -79,6 +79,9 @@ std::string CRISandboxerConvert(const std::string &runtime);
+ 
+ void ApplySandboxSecurityContextToHostConfig(const runtime::v1::LinuxSandboxSecurityContext &context, host_config *hc,
+                                              Errors &error);
++#ifdef ENABLE_CDI
++void GenerateCDIRequestedDevices(const runtime::v1::ContainerConfig &config, host_config *hostconfig, Errors &err);
++#endif /* ENABLE_CDI */
+ 
+ auto GetContainerStatus(service_executor_t *m_cb, const std::string &containerID, Errors &error)
+ -> std::unique_ptr<runtime::v1::ContainerStatus>;
+diff --git a/src/daemon/config/daemon_arguments.c b/src/daemon/config/daemon_arguments.c
+index 0ae6268a..ef15934a 100644
+--- a/src/daemon/config/daemon_arguments.c
++++ b/src/daemon/config/daemon_arguments.c
+@@ -173,6 +173,10 @@ int service_arguments_init(struct service_arguments *args)
+         goto free_out;
+     }
+ 
++#ifdef ENABLE_CDI
++    args->json_confs->enable_cdi = false;
++#endif /* ENABLE_CDI */
++
+     ret = 0;
+ 
+ free_out:
+diff --git a/src/daemon/config/isulad_config.c b/src/daemon/config/isulad_config.c
+index 778ff921..695a0d95 100644
+--- a/src/daemon/config/isulad_config.c
++++ b/src/daemon/config/isulad_config.c
+@@ -1830,6 +1830,14 @@ int merge_json_confs_into_global(struct service_arguments *args)
+     args->json_confs->metrics_port = tmp_json_confs->metrics_port;
+ #endif
+ 
++#ifdef ENABLE_CDI
++    args->json_confs->enable_cdi = tmp_json_confs->enable_cdi;
++    args->json_confs->cdi_spec_dirs = tmp_json_confs->cdi_spec_dirs;
++    tmp_json_confs->cdi_spec_dirs = NULL;
++    args->json_confs->cdi_spec_dirs_len = tmp_json_confs->cdi_spec_dirs_len;
++    tmp_json_confs->cdi_spec_dirs_len = 0;
++#endif /* ENABLE_CDI */
++ 
+ out:
+     free(err);
+     free_isulad_daemon_configs(tmp_json_confs);
+diff --git a/src/daemon/entry/cri/v1/v1_cri_container_manager_service.cc b/src/daemon/entry/cri/v1/v1_cri_container_manager_service.cc
+index e86dafae..1097c32c 100644
+--- a/src/daemon/entry/cri/v1/v1_cri_container_manager_service.cc
++++ b/src/daemon/entry/cri/v1/v1_cri_container_manager_service.cc
+@@ -199,6 +199,14 @@ auto ContainerManagerService::GenerateCreateContainerHostConfig(
+         }
+     }
+ 
++#ifdef ENABLE_CDI
++    CRIHelpersV1::GenerateCDIRequestedDevices(containerConfig, hostconfig, error);
++    if (error.NotEmpty()) {
++        ERROR("Failed to generate CDI requested devices");
++        goto cleanup;
++    }
++#endif /* ENABLE_CDI */
++
+     return hostconfig;
+ 
+ cleanup:
+diff --git a/src/daemon/executor/container_cb/execution_create.c b/src/daemon/executor/container_cb/execution_create.c
+index a9102226..785b4e27 100644
+--- a/src/daemon/executor/container_cb/execution_create.c
++++ b/src/daemon/executor/container_cb/execution_create.c
+@@ -63,6 +63,7 @@
+ #include "runtime_api.h"
+ #include "id_name_manager.h"
+ #include "mailbox.h"
++#include "specs_mount.h"
+ 
+ #ifdef ENABLE_CRI_API_V1
+ static bool validate_sandbox_info(const container_sandbox_info *sandbox)
+@@ -512,6 +513,14 @@ static oci_runtime_spec *generate_oci_config(host_config *host_spec, const char
+         goto error_out;
+     }
+ 
++#ifdef ENABLE_CDI
++    ret = inject_CDI_devcies_for_oci_spec(oci_spec, host_spec);
++    if (ret != 0) {
++        ERROR("Failed to inject CDI devices");
++        goto error_out;
++    }
++#endif /* ENABLE_CDI */
++
+     return oci_spec;
+ 
+ error_out:
+diff --git a/src/daemon/modules/service/service_container.c b/src/daemon/modules/service/service_container.c
+index eb7ce4f4..b19a134a 100644
+--- a/src/daemon/modules/service/service_container.c
++++ b/src/daemon/modules/service/service_container.c
+@@ -2003,6 +2003,16 @@ static defs_process *make_exec_process_spec(const container_config *container_sp
+         }
+ 
+         spec->no_new_privileges = oci_spec->process->no_new_privileges;
++
++#ifdef ENABLE_CDI
++        // extend step: merge env from oci_spec which comes from injected devices
++        ret = defs_process_add_multiple_env(spec, (const char **)oci_spec->process->env,
++            oci_spec->process->env_len);
++        if (ret != 0) {
++            ERROR("Failed to dup oci env for exec process spec");
++            goto err_out;
++        }
++#endif /* ENABLE_CDI */
+     }
+ 
+     // for oci runtime:
+diff --git a/src/daemon/modules/spec/specs_mount.c b/src/daemon/modules/spec/specs_mount.c
+index 50ee9a85..12bd261b 100644
+--- a/src/daemon/modules/spec/specs_mount.c
++++ b/src/daemon/modules/spec/specs_mount.c
+@@ -28,6 +28,7 @@
+ #include <isula_libutils/container_config_v2.h>
+ #include <isula_libutils/json_common.h>
+ #include <isula_libutils/oci_runtime_config_linux.h>
++#include <isula_libutils/auto_cleanup.h>
+ #include <limits.h>
+ #include <stdint.h>
+ 
+@@ -54,6 +55,9 @@
+ #include "volume_api.h"
+ #include "parse_volume.h"
+ #include "specs_api.h"
++#ifdef ENABLE_CDI
++#include "cdi_operate_api.h"
++#endif /* ENABLE_CDI */
+ 
+ enum update_rw {
+     update_rw_untouch,
+@@ -3582,6 +3586,15 @@ int update_devcies_for_oci_spec(oci_runtime_spec *oci_spec, host_config *hostcon
+         oci_spec->linux->resources->devices_len += 1;
+     }
+ 
++    // extend step: inject CDI devcies
++#ifdef ENABLE_CDI
++    ret = inject_CDI_devcies_for_oci_spec(oci_spec, hostconfig);
++    if (ret != 0) {
++        ERROR("Failed to inject CDI devices");
++        return -1;
++    }
++#endif /* ENABLE_CDI */
++
+     // Step8: do update devices and cgroup device rules at here
+     if (hostconfig->privileged) {
+         // Step8.1: for priviledged container, we should merge all devices under /dev
+@@ -3592,4 +3605,32 @@ int update_devcies_for_oci_spec(oci_runtime_spec *oci_spec, host_config *hostcon
+     }
+ 
+     return ret;
+-}
+\ No newline at end of file
++}
++
++#ifdef ENABLE_CDI
++int inject_CDI_devcies_for_oci_spec(oci_runtime_spec *oci_spec, host_config *hostconfig)
++{
++    int ret = 0;
++    string_array devices_array = { 0 };
++    __isula_auto_free char *error = NULL;
++    
++    if (oci_spec == NULL || hostconfig == NULL) {
++        ERROR("Invalid params");
++        return -1;
++    }
++    if (hostconfig->cdi_requested_devices == NULL) {
++        return 0;
++    }
++    devices_array.items = hostconfig->cdi_requested_devices;
++    devices_array.len = hostconfig->cdi_requested_devices_len;
++    devices_array.cap = hostconfig->cdi_requested_devices_len;
++    if (cdi_operate_refresh() != 0) {
++        WARN("CDI registry has errors, please check past logs");
++    }
++    if (cdi_operate_inject_devices(oci_spec, &devices_array) != 0) {
++        ERROR("Failed to inject CDI devices");
++        ret = -1;
++    }
++    return ret;
++}
++#endif /* ENABLE_CDI */
+\ No newline at end of file
+diff --git a/src/daemon/modules/spec/specs_mount.h b/src/daemon/modules/spec/specs_mount.h
+index b742ca35..1406c557 100644
+--- a/src/daemon/modules/spec/specs_mount.h
++++ b/src/daemon/modules/spec/specs_mount.h
+@@ -49,6 +49,10 @@ int setup_ipc_dirs(host_config *host_spec, container_config_v2_common_config *v2
+ 
+ int update_devcies_for_oci_spec(oci_runtime_spec *oci_spec, host_config *hostconfig);
+ 
++#ifdef ENABLE_CDI
++int inject_CDI_devcies_for_oci_spec(oci_runtime_spec *oci_spec, host_config *hostconfig);
++#endif /* ENABLE_CDI */
++
+ #ifdef __cplusplus
+ }
+ #endif
+diff --git a/src/daemon/modules/spec/verify.c b/src/daemon/modules/spec/verify.c
+index af790d6e..617b7f23 100644
+--- a/src/daemon/modules/spec/verify.c
++++ b/src/daemon/modules/spec/verify.c
+@@ -1518,7 +1518,7 @@ static int verify_custom_mount(defs_mount **mounts, size_t len)
+ 
+     for (i = 0; i < len; ++i) {
+         iter = *(mounts + i);
+-        if (iter == NULL || strcmp(iter->type, MOUNT_TYPE_BIND)) {
++        if (iter == NULL || iter->type == NULL || strcmp(iter->type, MOUNT_TYPE_BIND)) {
+             continue;
+         }
+ 
+-- 
+2.34.1
+
diff --git a/0069-bugfix-fix-cni_operate_ut-ut.patch b/0069-bugfix-fix-cni_operate_ut-ut.patch
new file mode 100644
index 0000000..538fcff
--- /dev/null
+++ b/0069-bugfix-fix-cni_operate_ut-ut.patch
@@ -0,0 +1,24 @@
+From a1f75fd089309d0f8620195ce7e517294be2c410 Mon Sep 17 00:00:00 2001
+From: liuxu <liuxu156@huawei.com>
+Date: Fri, 19 Apr 2024 18:37:05 +0800
+Subject: [PATCH 69/69] bugfix:fix cni_operate_ut ut
+
+---
+ test/network/cni_operate/CMakeLists.txt | 1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git a/test/network/cni_operate/CMakeLists.txt b/test/network/cni_operate/CMakeLists.txt
+index 5b4d7c7d..752e5199 100644
+--- a/test/network/cni_operate/CMakeLists.txt
++++ b/test/network/cni_operate/CMakeLists.txt
+@@ -14,6 +14,7 @@ add_executable(${EXE}
+     ${CMAKE_CURRENT_SOURCE_DIR}/../../../src/utils/cutils/utils_string.c
+     ${CMAKE_CURRENT_SOURCE_DIR}/../../../src/utils/cutils/utils_array.c
+     ${CMAKE_CURRENT_SOURCE_DIR}/../../../src/utils/cutils/utils_regex.c
++    ${CMAKE_CURRENT_SOURCE_DIR}/../../../src/utils/cutils/utils_version.c
+     ${CMAKE_CURRENT_SOURCE_DIR}/../../../src/utils/cutils/namespace.c
+     ${CMAKE_CURRENT_SOURCE_DIR}/../../../src/utils/sha256/sha256.c
+     ${CMAKE_CURRENT_SOURCE_DIR}/../../../src/utils/cutils/path.c
+-- 
+2.34.1
+
diff --git a/iSulad.spec b/iSulad.spec
index 5ce391a..9500769 100644
--- a/iSulad.spec
+++ b/iSulad.spec
@@ -1,5 +1,5 @@
 %global _version 2.1.5
-%global _release 4
+%global _release 5
 %global is_systemd 1
 %global enable_criv1 1
 %global enable_shimv2 1
@@ -52,12 +52,38 @@ Patch0034:	0034-bugfix-for-cpurt.sh.patch
 Patch0035:	0035-monitor-cgroup-oom-killed-event-and-update-to-cri-of.patch
 Patch0036:	0036-add-ci-cases-for-oomkilled-monitor.patch
 Patch0037:	0037-add-cgroup-v2-doc.patch
-Patch0038:	0038-fix-run-ubuntu-container-bug-in-inspect.sh.patch
-Patch0039:	0039-add-support-for-GetContainerEvents.patch
-Patch0040:	0040-fix-cpurt-init-bug-for-systemd-cgroup.patch
-Patch0041:	0041-fix-message-queue-concurrent-bug.patch
-Patch0042:	0042-specify-runtime-as-runc-for-oom-test-CI.patch
-Patch0043:	0043-set-oomkilled-in-cri.patch
+Patch0038:	0038-add-modify-for-cgroup-v2-ci-test.patch
+Patch0039:	0039-fix-run-ubuntu-container-bug-in-inspect.sh.patch
+Patch0040:	0040-add-support-for-GetContainerEvents.patch
+Patch0041:	0041-fix-cpurt-init-bug-for-systemd-cgroup.patch
+Patch0042:	0042-fix-message-queue-concurrent-bug.patch
+Patch0043:	0043-specify-runtime-as-runc-for-oom-test-CI.patch
+Patch0044:	0044-set-oomkilled-in-cri.patch
+Patch0045:	0045-add-cri-1.29-update-design-doc.patch
+Patch0046:	0046-oom-monitor-in-manual-cases.patch
+Patch0047:	0047-add-usage-restrictions-for-CRI-1.29-update.patch
+Patch0048:	0048-CDI-interface-definition.patch
+Patch0049:	0049-distinguish-between-runtime-and-runtime_cmd-in-isula.patch
+Patch0050:	0050-Use-user-defined-shm-for-CRI-request.patch
+Patch0051:	0051-Fix-memory-leak-in-set_connected_container_shm_path.patch
+Patch0052:	0052-init-enable_pod_events-as-false.patch
+Patch0053:	0053-remove-container-root-path-in-rt_lcr_rm-if-lcr-runti.patch
+Patch0054:	0054-ensure-sandbox-can-be-removed-if-sandbox-container-r.patch
+Patch0055:	0055-bugfix-for-shim-timeout-exit-error-log-changes.patch
+Patch0056:	0056-bugfix-for-the-pre-created-pipe-was-not-closed-when-.patch
+Patch0057:	0057-add-debug-msg-info-in-image_load.sh.patch
+Patch0058:	0058-empty-pointer-check-in-lcr_rt_ops.patch
+Patch0059:	0059-modify-some-grpc-status-codes-of-cri-in-case-of-erro.patch
+Patch0060:	0060-cdi-return-int-instead-of-error-string.patch
+Patch0061:	0061-cdi-support-modules-operate-registry-annotations.patch
+Patch0062:	0062-do-not-umount-shmpath-for-sandbox-container.patch
+Patch0063:	0063-remove-default-systemd-cgroup-and-enable-cri-v1-valu.patch
+Patch0064:	0064-cdi-support-module-cache.patch
+Patch0065:	0065-change-default-subscribe-timeout-to-5min.patch
+Patch0066:	0066-cdi-support-modules-version-spec-spec_dirs-device.patch
+Patch0067:	0067-cdi-support-modules-container_edits-parser.patch
+Patch0068:	0068-cdi-invoke-cdi-operate-when-init-isulad-and-create-c.patch
+Patch0069:	0069-bugfix-fix-cni_operate_ut-ut.patch
 
 %ifarch x86_64 aarch64
 Provides:       libhttpclient.so()(64bit)
@@ -130,6 +156,7 @@ cd build
 %if 0%{?enable_criv1}
     -DENABLE_CRI_API_V1=ON \
     -DENABLE_SANDBOXER=ON \
+    -DENABLE_CDI=ON \
 %endif
 %if 0%{?enable_shimv2}
     -DENABLE_SHIM_V2=ON \
@@ -312,6 +339,12 @@ fi
 %endif
 
 %changelog
+* Sat Apr 20 2024 liuxu <liuxu156@huawei.com> - 2.1.5-5
+- Type: update
+- ID: NA
+- SUG: NA
+- DESC: upgrade from upstream
+
 * Tue Apr 02 2024 jikai <jikai11@huawei.com> - 2.1.5-4
 - Type: update
 - ID: NA
-- 
Gitee