From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mail-yw1-f178.google.com (mail-yw1-f178.google.com [209.85.128.178]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 3CE0F2F6188 for ; Sun, 22 Mar 2026 05:13:32 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.128.178 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1774156413; cv=none; b=aqqY9i6MASMuiKaoyjjBnVAYea9bybmgg6L6MIbGx5Y+9M6EZoqJWkSzocRKM6qhjBQHXZYSBY4IrodbbMC15AA632X5wecR2FlrXrFh2OuA6L+w6xKfkGHo4EMOxYJswRnaWUQkMbaOVva5Hkeq+853oGEjZ9jtkyeAeoLPgvY= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1774156413; c=relaxed/simple; bh=FArICwAYk05909erFEGCVR6N+3LI5sK/hoBT4MEWLkM=; h=Message-ID:Date:MIME-Version:Subject:To:Cc:References:From: In-Reply-To:Content-Type; b=g7NeQrTFiT9CZ3P5ua8hcKPJRPeVBBDWisiCk9uBQGCeey8PTjpOb14afYRpTliiYxFVEPPylhXyxn+n9sqrJaH9uvrPb4YVV7XhMVnNDGARYEqFPT03uiTGtzdTIFtBbCEUiUPKLN53i5GgiqFqf9Op7ShgCSR3WCtUTCB1bZM= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com; spf=pass smtp.mailfrom=gmail.com; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b=Y6NkxZt9; arc=none smtp.client-ip=209.85.128.178 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=gmail.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b="Y6NkxZt9" Received: by mail-yw1-f178.google.com with SMTP id 00721157ae682-7982c3b7da9so31387967b3.1 for ; Sat, 21 Mar 2026 22:13:31 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1774156411; x=1774761211; darn=vger.kernel.org; h=in-reply-to:autocrypt:from:content-language:references:cc:to :subject:user-agent:mime-version:date:message-id:from:to:cc:subject :date:message-id:reply-to; bh=JnQg1mN+et30tcdD4AlBl7KdfllFmfs+qXFlHWAG520=; b=Y6NkxZt9BWKzSwuCuduJM2wq79Djtp9C7FojXmWJuToQVFXtF+TEfl79gUXlGEpz3S i0ErOB6A0mjz70LuAK/9nVyxwb5ZpwmRo0BtQxkoOUeSG9RF6OBjbLivwNbLjsSdo77g 94xKT3Ed6YaG8uwTX9JE72vJs/cQtJWa0RS2FMXz1LoUpYNyi3PyFGCJpdlhtURiCIYF eIlkRTozb7ylKQFElQXAXnXPOO1vB2Zkro7oHRC21GSAEuZobCbOTzX/VA0O0xuJyWGj 7sXWCwNkkilKo/1Hc1nRziwqW8IliqSXNwQ5bI2Ip/4FRHBaZH3h58CsVd2L6ExoYwMK e4aw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20251104; t=1774156411; x=1774761211; h=in-reply-to:autocrypt:from:content-language:references:cc:to :subject:user-agent:mime-version:date:message-id:x-gm-gg :x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=JnQg1mN+et30tcdD4AlBl7KdfllFmfs+qXFlHWAG520=; b=h+IXkjEr3eX+5jhDUH5NRpqDbfU6IpUVR6ihyTCpLhi7ZFTh4N31eeQCyuu2geBpG+ mL4mXT+PZ5Sv64X81BAhjfbHc5xiiHSpSC3jndwpz1zDqTuJMbPcPzMBZLYx42nOHovL oyXra27MAsNBT+gHfskcfHMLcv1wGaobxuGI6jXr2dD0iYMvNzJ6q58398d0sjbqMOPA rbGZs1Sqb6fmqcSs7PKq3CKCA2L/Rt/AIPF/nD8IrLFioFgtkocR9vOTpndQJArBwaBt EcQamnzSzKMHj9uExozwM6uIZoCiGHMKpoCbVWnGPIlna0i9GPjjaUJU0EJA7d5SMFOm 4Zsw== X-Forwarded-Encrypted: i=1; AJvYcCX5cCkysQkS/nkug48OK/JK3WTyPCoZi5leVvcVKmSmeRGr7ikuQn5C3UKdOCS5YC56ExW8bXRpII9edx4k@vger.kernel.org X-Gm-Message-State: AOJu0YwA7BK9cfAJFPi7v3TS26Wahy/q+tstslGlvrmyHBOCu6qsqXqO Glwk7Z5BdmLBahBJgxi4H4nxMFWC/wQY23j8UlyQ688CBxH7dFLpzY6Q X-Gm-Gg: ATEYQzwxfus5nxnbTMaqRl5f4gQvm1o0XicuhNZTsz8eE3xhK1JHimHH/jAsIqXO0xJ eAPEzexfh/iSj+VmA+dKQMLswpJL+Zdui8Tuug3pSHNAMFcYv/1KbE8RA5r0hzltIs6FBc5tMEe eLX4ZATJPHjVVLk90EKuEBGBVxExDUeSMLpbk0F3IPn4W9sY6cVDZRgDJr7nWbjPFqzYzmfVPld c5PlPhh5g32U9LzKJu9axaGxv0sWHmzuz88TpL12vDQDm0MawEty1gx9MHNOqlFOHDJHaRf7MI5 H2plejh7uOOu/06h/YQHnvaBUbxpo7HDH566LCiFgEO/xaseaDsJr+oFZ0092vtjaChlTmq6jSg yJMkrkJuVOre0UYsZF1ye6HsNdQoRmr3xQS1jbf9Yl9MWmsJn/YGn3Rci2EdLgnKrwWd0LXJynE Ea0jSt37qO8myjLfrCaN3HWEztILOb4Z868gABtsyP8lFj9VMXZojTdZUdoBQoj35DwXW6w49j9 y2N/EK6aD+21JyGWFQj9jf3xqML2EKgp5LYsZ4= X-Received: by 2002:a05:690c:4a08:b0:796:3c99:1833 with SMTP id 00721157ae682-79a90c2e49dmr84366257b3.60.1774156410770; Sat, 21 Mar 2026 22:13:30 -0700 (PDT) Received: from [10.138.34.110] (h69-131-148-49.cncrtn.broadband.dynamic.tds.net. [69.131.148.49]) by smtp.gmail.com with ESMTPSA id 00721157ae682-79a9057b4ecsm40560077b3.35.2026.03.21.22.13.27 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Sat, 21 Mar 2026 22:13:29 -0700 (PDT) Message-ID: Date: Sun, 22 Mar 2026 01:13:21 -0400 Precedence: bulk X-Mailing-List: linux-fsdevel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 User-Agent: Mozilla Thunderbird Subject: Re: [LSF/MM/BPF TOPIC] Where is fuse going? API cleanup, restructuring and more To: Gao Xiang , "Darrick J. Wong" Cc: Miklos Szeredi , linux-fsdevel@vger.kernel.org, Joanne Koong , John Groves , Bernd Schubert , Amir Goldstein , Luis Henriques , Horst Birthelmer , Gao Xiang , lsf-pc@lists.linux-foundation.org References: <20260204190649.GB7693@frogsfrogsfrogs> <20260206053835.GD7693@frogsfrogsfrogs> <20260221004752.GE11076@frogsfrogsfrogs> <7de8630d-b6f5-406e-809a-bc2a2d945afb@linux.alibaba.com> <20260318215140.GL1742010@frogsfrogsfrogs> <361d312b-9706-45ca-8943-b655a75c765b@gmail.com> <390cd031-742b-4f1b-99c4-8ee41a259744@linux.alibaba.com> Content-Language: en-US From: Demi Marie Obenour Autocrypt: addr=demiobenour@gmail.com; keydata= xsFNBFp+A0oBEADffj6anl9/BHhUSxGTICeVl2tob7hPDdhHNgPR4C8xlYt5q49yB+l2nipd aq+4Gk6FZfqC825TKl7eRpUjMriwle4r3R0ydSIGcy4M6eb0IcxmuPYfbWpr/si88QKgyGSV Z7GeNW1UnzTdhYHuFlk8dBSmB1fzhEYEk0RcJqg4AKoq6/3/UorR+FaSuVwT7rqzGrTlscnT DlPWgRzrQ3jssesI7sZLm82E3pJSgaUoCdCOlL7MMPCJwI8JpPlBedRpe9tfVyfu3euTPLPx wcV3L/cfWPGSL4PofBtB8NUU6QwYiQ9Hzx4xOyn67zW73/G0Q2vPPRst8LBDqlxLjbtx/WLR 6h3nBc3eyuZ+q62HS1pJ5EvUT1vjyJ1ySrqtUXWQ4XlZyoEFUfpJxJoN0A9HCxmHGVckzTRl 5FMWo8TCniHynNXsBtDQbabt7aNEOaAJdE7to0AH3T/Bvwzcp0ZJtBk0EM6YeMLtotUut7h2 Bkg1b//r6bTBswMBXVJ5H44Qf0+eKeUg7whSC9qpYOzzrm7+0r9F5u3qF8ZTx55TJc2g656C 9a1P1MYVysLvkLvS4H+crmxA/i08Tc1h+x9RRvqba4lSzZ6/Tmt60DPM5Sc4R0nSm9BBff0N m0bSNRS8InXdO1Aq3362QKX2NOwcL5YaStwODNyZUqF7izjK4QARAQABzTxEZW1pIE1hcmll IE9iZW5vdXIgKGxvdmVyIG9mIGNvZGluZykgPGRlbWlvYmVub3VyQGdtYWlsLmNvbT7CwXgE EwECACIFAlp+A0oCGwMGCwkIBwMCBhUIAgkKCwQWAgMBAh4BAheAAAoJELKItV//nCLBhr8Q AK/xrb4wyi71xII2hkFBpT59ObLN+32FQT7R3lbZRjVFjc6yMUjOb1H/hJVxx+yo5gsSj5LS 9AwggioUSrcUKldfA/PKKai2mzTlUDxTcF3vKx6iMXKA6AqwAw4B57ZEJoMM6egm57TV19kz PMc879NV2nc6+elaKl+/kbVeD3qvBuEwsTe2Do3HAAdrfUG/j9erwIk6gha/Hp9yZlCnPTX+ VK+xifQqt8RtMqS5R/S8z0msJMI/ajNU03kFjOpqrYziv6OZLJ5cuKb3bZU5aoaRQRDzkFIR 6aqtFLTohTo20QywXwRa39uFaOT/0YMpNyel0kdOszFOykTEGI2u+kja35g9TkH90kkBTG+a EWttIht0Hy6YFmwjcAxisSakBuHnHuMSOiyRQLu43ej2+mDWgItLZ48Mu0C3IG1seeQDjEYP tqvyZ6bGkf2Vj+L6wLoLLIhRZxQOedqArIk/Sb2SzQYuxN44IDRt+3ZcDqsPppoKcxSyd1Ny 2tpvjYJXlfKmOYLhTWs8nwlAlSHX/c/jz/ywwf7eSvGknToo1Y0VpRtoxMaKW1nvH0OeCSVJ itfRP7YbiRVc2aNqWPCSgtqHAuVraBRbAFLKh9d2rKFB3BmynTUpc1BQLJP8+D5oNyb8Ts4x Xd3iV/uD8JLGJfYZIR7oGWFLP4uZ3tkneDfYzsFNBFp+A0oBEAC9ynZI9LU+uJkMeEJeJyQ/ 8VFkCJQPQZEsIGzOTlPnwvVna0AS86n2Z+rK7R/usYs5iJCZ55/JISWd8xD57ue0eB47bcJv VqGlObI2DEG8TwaW0O0duRhDgzMEL4t1KdRAepIESBEA/iPpI4gfUbVEIEQuqdqQyO4GAe+M kD0Hy5JH/0qgFmbaSegNTdQg5iqYjRZ3ttiswalql1/iSyv1WYeC1OAs+2BLOAT2NEggSiVO txEfgewsQtCWi8H1SoirakIfo45Hz0tk/Ad9ZWh2PvOGt97Ka85o4TLJxgJJqGEnqcFUZnJJ riwoaRIS8N2C8/nEM53jb1sH0gYddMU3QxY7dYNLIUrRKQeNkF30dK7V6JRH7pleRlf+wQcN fRAIUrNlatj9TxwivQrKnC9aIFFHEy/0mAgtrQShcMRmMgVlRoOA5B8RTulRLCmkafvwuhs6 dCxN0GNAORIVVFxjx9Vn7OqYPgwiofZ6SbEl0hgPyWBQvE85klFLZLoj7p+joDY1XNQztmfA rnJ9x+YV4igjWImINAZSlmEcYtd+xy3Li/8oeYDAqrsnrOjb+WvGhCykJk4urBog2LNtcyCj kTs7F+WeXGUo0NDhbd3Z6AyFfqeF7uJ3D5hlpX2nI9no/ugPrrTVoVZAgrrnNz0iZG2DVx46 x913pVKHl5mlYQARAQABwsFfBBgBAgAJBQJafgNKAhsMAAoJELKItV//nCLBwNIP/AiIHE8b oIqReFQyaMzxq6lE4YZCZNj65B/nkDOvodSiwfwjjVVE2V3iEzxMHbgyTCGA67+Bo/d5aQGj gn0TPtsGzelyQHipaUzEyrsceUGWYoKXYyVWKEfyh0cDfnd9diAm3VeNqchtcMpoehETH8fr RHnJdBcjf112PzQSdKC6kqU0Q196c4Vp5HDOQfNiDnTf7gZSj0BraHOByy9LEDCLhQiCmr+2 E0rW4tBtDAn2HkT9uf32ZGqJCn1O+2uVfFhGu6vPE5qkqrbSE8TG+03H8ecU2q50zgHWPdHM OBvy3EhzfAh2VmOSTcRK+tSUe/u3wdLRDPwv/DTzGI36Kgky9MsDC5gpIwNbOJP2G/q1wT1o Gkw4IXfWv2ufWiXqJ+k7HEi2N1sree7Dy9KBCqb+ca1vFhYPDJfhP75I/VnzHVssZ/rYZ9+5 1yDoUABoNdJNSGUYl+Yh9Pw9pE3Kt4EFzUlFZWbE4xKL/NPno+z4J9aWemLLszcYz/u3XnbO vUSQHSrmfOzX3cV4yfmjM5lewgSstoxGyTx2M8enslgdXhPthZlDnTnOT+C+OTsh8+m5tos8 HQjaPM01MKBiAqdPgksm1wu2DrrwUi6ChRVTUBcj6+/9IJ81H2P2gJk3Ls3AVIxIffLoY34E +MYSfkEjBz0E8CLOcAw7JIwAaeBT In-Reply-To: <390cd031-742b-4f1b-99c4-8ee41a259744@linux.alibaba.com> Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="------------S6UpLd0BWi0Q5lUl06INLdVa" This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --------------S6UpLd0BWi0Q5lUl06INLdVa Content-Type: multipart/mixed; boundary="------------T4000R3b8WCUlM00X8HkBUUE"; protected-headers="v1" Message-ID: Date: Sun, 22 Mar 2026 01:13:21 -0400 MIME-Version: 1.0 User-Agent: Mozilla Thunderbird Subject: Re: [LSF/MM/BPF TOPIC] Where is fuse going? API cleanup, restructuring and more To: Gao Xiang , "Darrick J. Wong" Cc: Miklos Szeredi , linux-fsdevel@vger.kernel.org, Joanne Koong , John Groves , Bernd Schubert , Amir Goldstein , Luis Henriques , Horst Birthelmer , Gao Xiang , lsf-pc@lists.linux-foundation.org References: <20260204190649.GB7693@frogsfrogsfrogs> <20260206053835.GD7693@frogsfrogsfrogs> <20260221004752.GE11076@frogsfrogsfrogs> <7de8630d-b6f5-406e-809a-bc2a2d945afb@linux.alibaba.com> <20260318215140.GL1742010@frogsfrogsfrogs> <361d312b-9706-45ca-8943-b655a75c765b@gmail.com> <390cd031-742b-4f1b-99c4-8ee41a259744@linux.alibaba.com> Content-Language: en-US From: Demi Marie Obenour Autocrypt: addr=demiobenour@gmail.com; keydata= xsFNBFp+A0oBEADffj6anl9/BHhUSxGTICeVl2tob7hPDdhHNgPR4C8xlYt5q49yB+l2nipd aq+4Gk6FZfqC825TKl7eRpUjMriwle4r3R0ydSIGcy4M6eb0IcxmuPYfbWpr/si88QKgyGSV Z7GeNW1UnzTdhYHuFlk8dBSmB1fzhEYEk0RcJqg4AKoq6/3/UorR+FaSuVwT7rqzGrTlscnT DlPWgRzrQ3jssesI7sZLm82E3pJSgaUoCdCOlL7MMPCJwI8JpPlBedRpe9tfVyfu3euTPLPx wcV3L/cfWPGSL4PofBtB8NUU6QwYiQ9Hzx4xOyn67zW73/G0Q2vPPRst8LBDqlxLjbtx/WLR 6h3nBc3eyuZ+q62HS1pJ5EvUT1vjyJ1ySrqtUXWQ4XlZyoEFUfpJxJoN0A9HCxmHGVckzTRl 5FMWo8TCniHynNXsBtDQbabt7aNEOaAJdE7to0AH3T/Bvwzcp0ZJtBk0EM6YeMLtotUut7h2 Bkg1b//r6bTBswMBXVJ5H44Qf0+eKeUg7whSC9qpYOzzrm7+0r9F5u3qF8ZTx55TJc2g656C 9a1P1MYVysLvkLvS4H+crmxA/i08Tc1h+x9RRvqba4lSzZ6/Tmt60DPM5Sc4R0nSm9BBff0N m0bSNRS8InXdO1Aq3362QKX2NOwcL5YaStwODNyZUqF7izjK4QARAQABzTxEZW1pIE1hcmll IE9iZW5vdXIgKGxvdmVyIG9mIGNvZGluZykgPGRlbWlvYmVub3VyQGdtYWlsLmNvbT7CwXgE EwECACIFAlp+A0oCGwMGCwkIBwMCBhUIAgkKCwQWAgMBAh4BAheAAAoJELKItV//nCLBhr8Q AK/xrb4wyi71xII2hkFBpT59ObLN+32FQT7R3lbZRjVFjc6yMUjOb1H/hJVxx+yo5gsSj5LS 9AwggioUSrcUKldfA/PKKai2mzTlUDxTcF3vKx6iMXKA6AqwAw4B57ZEJoMM6egm57TV19kz PMc879NV2nc6+elaKl+/kbVeD3qvBuEwsTe2Do3HAAdrfUG/j9erwIk6gha/Hp9yZlCnPTX+ VK+xifQqt8RtMqS5R/S8z0msJMI/ajNU03kFjOpqrYziv6OZLJ5cuKb3bZU5aoaRQRDzkFIR 6aqtFLTohTo20QywXwRa39uFaOT/0YMpNyel0kdOszFOykTEGI2u+kja35g9TkH90kkBTG+a EWttIht0Hy6YFmwjcAxisSakBuHnHuMSOiyRQLu43ej2+mDWgItLZ48Mu0C3IG1seeQDjEYP tqvyZ6bGkf2Vj+L6wLoLLIhRZxQOedqArIk/Sb2SzQYuxN44IDRt+3ZcDqsPppoKcxSyd1Ny 2tpvjYJXlfKmOYLhTWs8nwlAlSHX/c/jz/ywwf7eSvGknToo1Y0VpRtoxMaKW1nvH0OeCSVJ itfRP7YbiRVc2aNqWPCSgtqHAuVraBRbAFLKh9d2rKFB3BmynTUpc1BQLJP8+D5oNyb8Ts4x Xd3iV/uD8JLGJfYZIR7oGWFLP4uZ3tkneDfYzsFNBFp+A0oBEAC9ynZI9LU+uJkMeEJeJyQ/ 8VFkCJQPQZEsIGzOTlPnwvVna0AS86n2Z+rK7R/usYs5iJCZ55/JISWd8xD57ue0eB47bcJv VqGlObI2DEG8TwaW0O0duRhDgzMEL4t1KdRAepIESBEA/iPpI4gfUbVEIEQuqdqQyO4GAe+M kD0Hy5JH/0qgFmbaSegNTdQg5iqYjRZ3ttiswalql1/iSyv1WYeC1OAs+2BLOAT2NEggSiVO txEfgewsQtCWi8H1SoirakIfo45Hz0tk/Ad9ZWh2PvOGt97Ka85o4TLJxgJJqGEnqcFUZnJJ riwoaRIS8N2C8/nEM53jb1sH0gYddMU3QxY7dYNLIUrRKQeNkF30dK7V6JRH7pleRlf+wQcN fRAIUrNlatj9TxwivQrKnC9aIFFHEy/0mAgtrQShcMRmMgVlRoOA5B8RTulRLCmkafvwuhs6 dCxN0GNAORIVVFxjx9Vn7OqYPgwiofZ6SbEl0hgPyWBQvE85klFLZLoj7p+joDY1XNQztmfA rnJ9x+YV4igjWImINAZSlmEcYtd+xy3Li/8oeYDAqrsnrOjb+WvGhCykJk4urBog2LNtcyCj kTs7F+WeXGUo0NDhbd3Z6AyFfqeF7uJ3D5hlpX2nI9no/ugPrrTVoVZAgrrnNz0iZG2DVx46 x913pVKHl5mlYQARAQABwsFfBBgBAgAJBQJafgNKAhsMAAoJELKItV//nCLBwNIP/AiIHE8b oIqReFQyaMzxq6lE4YZCZNj65B/nkDOvodSiwfwjjVVE2V3iEzxMHbgyTCGA67+Bo/d5aQGj gn0TPtsGzelyQHipaUzEyrsceUGWYoKXYyVWKEfyh0cDfnd9diAm3VeNqchtcMpoehETH8fr RHnJdBcjf112PzQSdKC6kqU0Q196c4Vp5HDOQfNiDnTf7gZSj0BraHOByy9LEDCLhQiCmr+2 E0rW4tBtDAn2HkT9uf32ZGqJCn1O+2uVfFhGu6vPE5qkqrbSE8TG+03H8ecU2q50zgHWPdHM OBvy3EhzfAh2VmOSTcRK+tSUe/u3wdLRDPwv/DTzGI36Kgky9MsDC5gpIwNbOJP2G/q1wT1o Gkw4IXfWv2ufWiXqJ+k7HEi2N1sree7Dy9KBCqb+ca1vFhYPDJfhP75I/VnzHVssZ/rYZ9+5 1yDoUABoNdJNSGUYl+Yh9Pw9pE3Kt4EFzUlFZWbE4xKL/NPno+z4J9aWemLLszcYz/u3XnbO vUSQHSrmfOzX3cV4yfmjM5lewgSstoxGyTx2M8enslgdXhPthZlDnTnOT+C+OTsh8+m5tos8 HQjaPM01MKBiAqdPgksm1wu2DrrwUi6ChRVTUBcj6+/9IJ81H2P2gJk3Ls3AVIxIffLoY34E +MYSfkEjBz0E8CLOcAw7JIwAaeBT In-Reply-To: <390cd031-742b-4f1b-99c4-8ee41a259744@linux.alibaba.com> --------------T4000R3b8WCUlM00X8HkBUUE Content-Type: multipart/mixed; boundary="------------lv6SSR5j3czp6stsszwGre0C" --------------lv6SSR5j3czp6stsszwGre0C Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable On 3/22/26 00:51, Gao Xiang wrote: >=20 >=20 > On 2026/3/22 11:25, Demi Marie Obenour wrote: >=20 > ... >=20 >>> >>> Technically speaking fuse4fs could just invoke e2fsck -fn before it >>> starts up the rest of the libfuse initialization but who knows if tha= t's >>> an acceptable risk. Also unclear if you actually want -fy for that. >> >=20 > Let me try to reply the remaining part: >=20 >> To me, the attacks mentioned above are all either user error, >> or vulnerabilities in software accessing the filesystem. If one >=20 > There are many consequences if users try to use potential inconsistent > writable filesystems directly (without full fsck), what I can think > out including but not limited to: >=20 > - data loss (considering data block double free issue); > - data theft (for example, users keep sensitive information in the > workload in a high permission inode but it can be read with > low permission malicious inode later); > - data tamper (the same principle). >=20 > All vulnerabilities above happen after users try to write the > inconsistent filesystem, which is hard to prevent by on-disk > design. >=20 > But if users write with copy-on-write to another local consistent > filesystem, all the vulnerabilities above won't exist. That makes sense! Is this because the reads are at least deterministic? >> doesn't trust a filesystem image, then any data from the filesystem >> can't be trusted either. The only exception is if one can verify >=20 > I don't think trustiness is the core part of this whole topic, > because Linux namespace & cgroup concepts are totally _invented_ > for untrusted or isolated workloads. >=20 > If you untrust some workload, fine, isolate into another > namespace: you cannot strictly trust anything. >=20 > The kernel always has bugs, but is that the real main reason > you never run untrusted workloads? I don't think so. I always use VMs for untrusted workloads. >> the data cryptographically, which is what fsverity is for. >> If the filesystem is mounted r/o and the image doesn't change, one >> could guarantee that accessing the filesystem will at least return >> deterministic results even for corrupted images. That's something tha= t >> would need to be guaranteed by individual filesystem implementations, >> though. >=20 > I just want to say that the real problem with generic writable > filesystems is that their on-disk design makes it difficult to > prevent or detect harmful inconsistencies. >=20 > First, the on-disk format includes redundant metadata and even > malicious journal metadata (as I mentioned in previous emails). > This makes it hard to determine whether the filesystem is > inconsistent without performing a full disk scan, which takes > much long time. >=20 > Of course, you could mount severely inconsistent writable > filesystems in read-only (RO) mode. However, they are still > inconsistent by definition according to their formal on-disk > specifications. Furthermore, the runtime kernel implementatio > mixes read-write and read-only logic within the same > codebase, which complicates the practical consequences. >=20 > Due to immutable filesystem designs, almost all typical severe > inconsistencies cannot happen by design or be regard as harmful. > I believe the core issue is not trustworthiness; even with > an untrusted workload, you should be able to audit it easily. > However, severely inconsistent writable filesystems make such > auditability much harder. That actually makes a lot of sense. I had not considered the journal, which means one must modify the disk image just to mount it. >> See the end of this email for a long note about what can and cannot >> be guaranteed in the face of corrupt or malicious filesystem images. >> >>>> "that is not the case that we will handle with userspace FUSE >>>> drivers, because the metadata is serious broken"), the only way to >>>> resolve such attack vectors is to run >>>> >>>> the full-scan fsck consistency check and then mount "rw" >>>> >>>> or >>>> >>>> using the immutable filesystem like EROFS (so that there will not >>>> be such inconsisteny issues by design) and isolate the entire write >>>> traffic with a full copy-on-write mechanism with OverlayFS for >>>> example (IOWs, to make all write copy-on-write into another trusted >>>> local filesystem). >>> >>> (Yeah, that's probably the only way to go for prepopulated images lik= e >>> root filesystems and container packages) >> >> Even an immutable filesystem can still be corrupt. >> >>>> I hope it's a valid case, and that can indeed happen if the arbitary= >>>> generic filesystem can be mounted in "rw". And my immutable image >>>> filesystem idea can help mitigate this too (just because the immutab= le >>>> image won't be changed in any way, and all writes are always copy-up= ) >>> >>> That, we agree on :) >> >> Indeed, expecting writes to a corrupt filesystem to behave reasonably >> is very foolish. >> >> Long note starts here: There is no *fundamental* reason that a crafted= >> filesystem image must be able to cause crashes, memory corruption, etc= =2E >=20 > I still think those kinds of security risks just of implementation > bugs are the easist part of the whole issue. >=20 > Many linux kernel bugs can cause crashes, memory corruption, why > crafted filesystems need to be specially considered? In the past, filesystem implementations have often not focused on this. The Linux Kernel CVE team does not issue CVEs for such bugs. >> This applies even if the filesystem image may be written to while >> mounted. It is always *possible* to write a filesystem such that >> it never trusts anything it reads from disk and assumes each read >> could return arbitrarily malicious results. >=20 > Linux namespaces are invented for those kind of usage, the broken > archive images return garbage data or even archive images can be > changed randomly at runtime, what's the real impacts if they are > isolated by the namespaces? None! Regardless of whether one considers namespaces sufficient for isolating malicious code, they can definitely isolate filesystem operations very well. >> Right now, many filesystem maintainers do not consider this to be a >> priority. Even if they did, I don't think *anyone* (myself included) >> could write a filesystem implementation in C that didn't have memory >> corruption flaws. The only exceptions are if the filesystem is >=20 > I think this is still falling into the aspect of implementation > bugs, my question is simply: "why filesystem is special in this > kind of area, there are many other kernel subsystems in C which > can receive untrusted data, like TCP/IP stack", why filesystem > is special for particular memory corruption flaws? See above - the difference is that filesystems have historically not been written with untrusted input in mind. This, of course, can be changed. > I really think different aspects are often mixed when this topic > is mentioned, which makes the discussion getting more and more > divergent. I agree. > If we talk about implementation bugs, I think filesystem is not > special, but as I said, I think the main issue is the writable > filesystem on-disk format design, due to the design, there are > many severe consequences out of inconsistent filesystems. It definitely makes things much harder, and dramatically increases the attack surface. Most uses I have (notably backups) have a hard requirement for writable storage, and when they don't need it they can use dm-verity. >> incredibly simple or formal methods are used, and neither is the >> case for existing filesystems in the Linux kernel. By sandboxing a >> filesystem, one ensures that an attacker who compromises a filesystem >> implementation needs to find *another* exploit to compromise the >> whole system. >=20 > Yes, yet sandboxing is the one part, of course VM sandboxing > is better than Linux namespace isolation, but VMs cost much. I use a lot of VMs, but they indeed use significant resources. I hope that at some point this can largely be solved with copy-on-write VM forking. > Other than sandboxing, I think auditability is important too, > especially users provide sensitive data to new workloads. >=20 > Of course, only dealing with trusted workloads is the best, > out of question. But in the real world, we cannot always > face complete trusted workloads. For untrusted workloads, > we need to find reliable ways to audit them until they > become trusted. >=20 > Just like in the real world: accumulate credit, undergo > audits, and eventually earn trust. >=20 > Sorry about my English, but I hope I express my whole idea. >=20 > Thanks, > Gao Xiang Don't worry about your English. It is completely understandable and more than capable of getting your (very informative) points across. --=20 Sincerely, Demi Marie Obenour (she/her/hers) --------------lv6SSR5j3czp6stsszwGre0C Content-Type: application/pgp-keys; name="OpenPGP_0xB288B55FFF9C22C1.asc" Content-Disposition: attachment; filename="OpenPGP_0xB288B55FFF9C22C1.asc" Content-Description: OpenPGP public key Content-Transfer-Encoding: quoted-printable -----BEGIN PGP PUBLIC KEY BLOCK----- xsFNBFp+A0oBEADffj6anl9/BHhUSxGTICeVl2tob7hPDdhHNgPR4C8xlYt5q49y B+l2nipdaq+4Gk6FZfqC825TKl7eRpUjMriwle4r3R0ydSIGcy4M6eb0IcxmuPYf bWpr/si88QKgyGSVZ7GeNW1UnzTdhYHuFlk8dBSmB1fzhEYEk0RcJqg4AKoq6/3/ UorR+FaSuVwT7rqzGrTlscnTDlPWgRzrQ3jssesI7sZLm82E3pJSgaUoCdCOlL7M MPCJwI8JpPlBedRpe9tfVyfu3euTPLPxwcV3L/cfWPGSL4PofBtB8NUU6QwYiQ9H zx4xOyn67zW73/G0Q2vPPRst8LBDqlxLjbtx/WLR6h3nBc3eyuZ+q62HS1pJ5EvU T1vjyJ1ySrqtUXWQ4XlZyoEFUfpJxJoN0A9HCxmHGVckzTRl5FMWo8TCniHynNXs BtDQbabt7aNEOaAJdE7to0AH3T/Bvwzcp0ZJtBk0EM6YeMLtotUut7h2Bkg1b//r 6bTBswMBXVJ5H44Qf0+eKeUg7whSC9qpYOzzrm7+0r9F5u3qF8ZTx55TJc2g656C 9a1P1MYVysLvkLvS4H+crmxA/i08Tc1h+x9RRvqba4lSzZ6/Tmt60DPM5Sc4R0nS m9BBff0Nm0bSNRS8InXdO1Aq3362QKX2NOwcL5YaStwODNyZUqF7izjK4QARAQAB zTxEZW1pIE9iZW5vdXIgKElUTCBFbWFpbCBLZXkpIDxhdGhlbmFAaW52aXNpYmxl dGhpbmdzbGFiLmNvbT7CwY4EEwEIADgWIQR2h02fEza6IlkHHHGyiLVf/5wiwQUC X6YJvQIbAwULCQgHAgYVCgkICwIEFgIDAQIeAQIXgAAKCRCyiLVf/5wiwWRhD/0Y R+YYC5Kduv/2LBgQJIygMsFiRHbR4+tWXuTFqgrxxFSlMktZ6gQrQCWe38WnOXkB oY6n/5lSJdfnuGd2UagZ/9dkaGMUkqt+5WshLFly4BnP7pSsWReKgMP7etRTwn3S zk1OwFx2lzY1EnnconPLfPBc6rWG2moA6l0WX+3WNR1B1ndqpl2hPSjT2jUCBWDV rGOUSX7r5f1WgtBeNYnEXPBCUUM51pFGESmfHIXQrqFDA7nBNiIVFDJTmQzuEqIy Jl67pKNgooij5mKzRhFKHfjLRAH4mmWZlB9UjDStAfFBAoDFHwd1HL5VQCNQdqEc /9lZDApqWuCPadZN+pGouqLysesIYsNxUhJ7dtWOWHl0vs7/3qkWmWun/2uOJMQh ra2u8nA9g91FbOobWqjrDd6x3ZJoGQf4zLqjmn/P514gb697788e573WN/MpQ5XI Fl7aM2d6/GJiq6LC9T2gSUW4rbPBiqOCeiUx7Kd/sVm41p9TOA7fEG4bYddCfDsN xaQJH6VRK3NOuBUGeL+iQEVF5Xs6Yp+U+jwvv2M5Lel3EqAYo5xXTx4ls0xaxDCu fudcAh8CMMqx3fguSb7Mi31WlnZpk0fDuWQVNKyDP7lYpwc4nCCGNKCj622ZSocH AcQmX28L8pJdLYacv9pU3jPy4fHcQYvmTavTqowGnM08RGVtaSBNYXJpZSBPYmVu b3VyIChsb3ZlciBvZiBjb2RpbmcpIDxkZW1pb2Jlbm91ckBnbWFpbC5jb20+wsF4 BBMBAgAiBQJafgNKAhsDBgsJCAcDAgYVCAIJCgsEFgIDAQIeAQIXgAAKCRCyiLVf /5wiwYa/EACv8a2+MMou9cSCNoZBQaU+fTmyzft9hUE+0d5W2UY1RY3OsjFIzm9R /4SVccfsqOYLEo+S0vQMIIIqFEq3FCpXXwPzyimotps05VA8U3Bd7yseojFygOgK sAMOAee2RCaDDOnoJue01dfZMzzHPO/TVdp3OvnpWipfv5G1Xg96rwbhMLE3tg6N xwAHa31Bv4/Xq8CJOoIWvx6fcmZQpz01/lSvsYn0KrfEbTKkuUf0vM9JrCTCP2oz VNN5BYzqaq2M4r+jmSyeXLim922VOWqGkUEQ85BSEemqrRS06IU6NtEMsF8EWt/b hWjk/9GDKTcnpdJHTrMxTspExBiNrvpI2t+YPU5B/dJJAUxvmhFrbSIbdB8umBZs I3AMYrEmpAbh5x7jEjoskUC7uN3o9vpg1oCLS2ePDLtAtyBtbHnkA4xGD7ar8mem xpH9lY/i+sC6CyyIUWcUDnnagKyJP0m9ks0GLsTeOCA0bft2XA6rD6aaCnMUsndT ctrab42CV5XypjmC4U1rPJ8JQJUh1/3P48/8sMH+3krxpJ06KNWNFaUbaMTGiltZ 7x9DngklSYrX0T+2G4kVXNmjaljwkoLahwLla2gUWwBSyofXdqyhQdwZsp01KXNQ UCyT/Pg+aDcm/E7OMV3d4lf7g/CSxiX2GSEe6BlhSz+Lmd7ZJ3g32M1ARGVtaSBN YXJpZSBPYmVub3VyIChJVEwgRW1haWwgS2V5KSA8ZGVtaUBpbnZpc2libGV0aGlu Z3NsYWIuY29tPsLBjgQTAQgAOBYhBHaHTZ8TNroiWQcccbKItV//nCLBBQJgOEV+ AhsDBQsJCAcCBhUKCQgLAgQWAgMBAh4BAheAAAoJELKItV//nCLBKwoP/1WSnFdv SAD0g7fD0WlF+oi7ISFT7oqJnchFLOwVHK4Jg0e4hGn1ekWsF3Ha5tFLh4V/7UUu obYJpTfBAA2CckspYBqLtKGjFxcaqjjpO1I2W/jeNELVtSYuCOZICjdNGw2Hl9yH KRZiBkqc9u8lQcHDZKq4LIpVJj6ZQV/nxttDX90ax2No1nLLQXFbr5wb465LAPpU lXwunYDij7xJGye+VUASQh9datye6orZYuJvNo8Tr3mAQxxkfR46LzWgxFCPEAZJ 5P56Nc0IMHdJZj0Uc9+1jxERhOGppp5jlLgYGK7faGB/jTV6LaRQ4Ad+xiqokDWp mUOZsmA+bMbtPfYjDZBz5mlyHcIRKIFpE1l3Y8F7PhJuzzMUKkJi90CYakCV4x/a Zs4pzk5E96c2VQx01RIEJ7fzHF7lwFdtfTS4YsLtAbQFsKayqwkGcVv2B1AHeqdo TMX+cgDvjd1ZganGlWA8Sv9RkNSMchn1hMuTwERTyFTr2dKPnQdA1F480+jUap41 ClXgn227WkCIMrNhQGNyJsnwyzi5wS8rBVRQ3BOTMyvGM07j3axUOYaejEpg7wKi wTPZGLGH1sz5GljD/916v5+v2xLbOo5606j9dWf5/tAhbPuqrQgWv41wuKDi+dDD EKkODF7DHes8No+QcHTDyETMn1RYm7t0RKR4zsFNBFp+A0oBEAC9ynZI9LU+uJkM eEJeJyQ/8VFkCJQPQZEsIGzOTlPnwvVna0AS86n2Z+rK7R/usYs5iJCZ55/JISWd 8xD57ue0eB47bcJvVqGlObI2DEG8TwaW0O0duRhDgzMEL4t1KdRAepIESBEA/iPp I4gfUbVEIEQuqdqQyO4GAe+MkD0Hy5JH/0qgFmbaSegNTdQg5iqYjRZ3ttiswalq l1/iSyv1WYeC1OAs+2BLOAT2NEggSiVOtxEfgewsQtCWi8H1SoirakIfo45Hz0tk /Ad9ZWh2PvOGt97Ka85o4TLJxgJJqGEnqcFUZnJJriwoaRIS8N2C8/nEM53jb1sH 0gYddMU3QxY7dYNLIUrRKQeNkF30dK7V6JRH7pleRlf+wQcNfRAIUrNlatj9Txwi vQrKnC9aIFFHEy/0mAgtrQShcMRmMgVlRoOA5B8RTulRLCmkafvwuhs6dCxN0GNA ORIVVFxjx9Vn7OqYPgwiofZ6SbEl0hgPyWBQvE85klFLZLoj7p+joDY1XNQztmfA rnJ9x+YV4igjWImINAZSlmEcYtd+xy3Li/8oeYDAqrsnrOjb+WvGhCykJk4urBog 2LNtcyCjkTs7F+WeXGUo0NDhbd3Z6AyFfqeF7uJ3D5hlpX2nI9no/ugPrrTVoVZA grrnNz0iZG2DVx46x913pVKHl5mlYQARAQABwsFfBBgBAgAJBQJafgNKAhsMAAoJ ELKItV//nCLBwNIP/AiIHE8boIqReFQyaMzxq6lE4YZCZNj65B/nkDOvodSiwfwj jVVE2V3iEzxMHbgyTCGA67+Bo/d5aQGjgn0TPtsGzelyQHipaUzEyrsceUGWYoKX YyVWKEfyh0cDfnd9diAm3VeNqchtcMpoehETH8frRHnJdBcjf112PzQSdKC6kqU0 Q196c4Vp5HDOQfNiDnTf7gZSj0BraHOByy9LEDCLhQiCmr+2E0rW4tBtDAn2HkT9 uf32ZGqJCn1O+2uVfFhGu6vPE5qkqrbSE8TG+03H8ecU2q50zgHWPdHMOBvy3Ehz fAh2VmOSTcRK+tSUe/u3wdLRDPwv/DTzGI36Kgky9MsDC5gpIwNbOJP2G/q1wT1o Gkw4IXfWv2ufWiXqJ+k7HEi2N1sree7Dy9KBCqb+ca1vFhYPDJfhP75I/VnzHVss Z/rYZ9+51yDoUABoNdJNSGUYl+Yh9Pw9pE3Kt4EFzUlFZWbE4xKL/NPno+z4J9aW emLLszcYz/u3XnbOvUSQHSrmfOzX3cV4yfmjM5lewgSstoxGyTx2M8enslgdXhPt hZlDnTnOT+C+OTsh8+m5tos8HQjaPM01MKBiAqdPgksm1wu2DrrwUi6ChRVTUBcj 6+/9IJ81H2P2gJk3Ls3AVIxIffLoY34E+MYSfkEjBz0E8CLOcAw7JIwAaeBTzsFN BGbyLVgBEACqClxh50hmBepTSVlan6EBq3OAoxhrAhWZYEwN78k+ENhK68KhqC5R IsHzlL7QHW1gmfVBQZ63GnWiraM6wOJqFTL4ZWvRslga9u28FJ5XyK860mZLgYhK 9BzoUk4s+dat9jVUbq6LpQ1Ot5I9vrdzo2p1jtQ8h9WCIiFxSYy8s8pZ3hHh5T64 GIj1m/kY7lG3VIdUgoNiREGf/iOMjUFjwwE9ZoJ26j9p7p1U+TkKeF6wgswEB1T3 J8KCAtvmRtqJDq558IU5jhg5fgN+xHB8cgvUWulgK9FIF9oFxcuxtaf/juhHWKMO RtL0bHfNdXoBdpUDZE+mLBUAxF6KSsRrvx6AQyJs7VjgXJDtQVWvH0PUmTrEswgb 49nNU+dLLZQAZagxqnZ9Dp5l6GqaGZCHERJcLmdY/EmMzSf5YazJ6c0vO8rdW27M kn73qcWAplQn5mOXaqbfzWkAUPyUXppuRHfrjxTDz3GyJJVOeMmMrTxH4uCaGpOX Z8tN6829J1roGw4oKDRUQsaBAeEDqizXMPRc+6U9vI5FXzbAsb+8lKW65G7JWHym YPOGUt2hK4DdTA1PmVo0DxH00eWWeKxqvmGyX+Dhcg+5e191rPsMRGsDlH6KihI6 +3JIuc0y6ngdjcp6aalbuvPIGFrCRx3tnRtNc7He6cBWQoH9RPwluwARAQABwsOs BBgBCgAgFiEEdodNnxM2uiJZBxxxsoi1X/+cIsEFAmbyLVgCGwICQAkQsoi1X/+c IsHBdCAEGQEKAB0WIQSilC2pUlbVp66j3+yzNoc6synyUwUCZvItWAAKCRCzNoc6 synyU85gD/0T1QDtPhovkGwoqv4jUbEMMvpeYQf+oWgm/TjWPeLwdjl7AtY0G9Ml ZoyGniYkoHi37Gnn/ShLT3B5vtyI58ap2+SSa8SnGftdAKRLiWFWCiAEklm9FRk8 N3hwxhmSFF1KR/AIDS4g+HIsZn7YEMubBSgLlZZ9zHl4O4vwuXlREBEW97iL/FSt VownU2V39t7PtFvGZNk+DJH7eLO3jmNRYB0PL4JOyyda3NH/J92iwrFmjFWWmmWb /Xz8l9DIs+Z59pRCVTTwbBEZhcUc7rVMCcIYL+q1WxBG2e6lMn15OQJ5WfiE6E0I sGirAEDnXWx92JNGx5l+mMpdpsWhBZ5iGTtttZesibNkQfd48/eCgFi4cxJUC4PT UQwfD9AMgzwSTGJrkI5XGy+XqxwOjL8UA0iIrtTpMh49zw46uV6kwFQCgkf32jZM OLwLTNSzclbnA7GRd8tKwezQ/XqeK3dal2n+cOr+o+Eka7yGmGWNUqFbIe8cjj9T JeF3mgOCmZOwMI+wIcQYRSf+e5VTMO6TNWH5BI3vqeHSt7HkYuPlHT0pGum88d4a pWqhulH4rUhEMtirX1hYx8Q4HlUOQqLtxzmwOYWkhl1C+yPObAvUDNiHCLf9w28n uihgEkzHt9J4VKYulyJM9fe3ENcyU6rpXD7iANQqcr87ogKXFxknZ97uEACvSucc RbnnAgRqZ7GDzgoBerJ2zrmhLkeREZ08iz1zze1JgyW3HEwdr2UbyAuqvSADCSUU GN0vtQHsPzWl8onRc7lOPqPDF8OO+UfN9NAfA4wl3QyChD1GXl9rwKQOkbvdlYFV UFx9u86LNi4ssTmU8p9NtHIGpz1SYMVYNoYy9NU7EVqypGMguDCL7gJt6GUmA0sw p+YCroXiwL2BJ7RwRqTpgQuFL1gShkA17D5jK4mDPEetq1d8kz9rQYvAR/sTKBsR ImC3xSfn8zpWoNTTB6lnwyP5Ng1bu6esS7+SpYprFTe7ZqGZF6xhvBPf1Ldi9UAm U2xPN1/eeWxEa2kusidmFKPmN8lcT4miiAvwGxEnY7Oww9CgZlUB+LP4dl5VPjEt sFeAhrgxLdpVTjPRRwTd9VQF3/XYl83j5wySIQKIPXgT3sG3ngAhDhC8I8GpM36r 8WJJ3x2yVzyJUbBPO0GBhWE2xPNIfhxVoU4cGGhpFqz7dPKSTRDGq++MrFgKKGpI ZwT3CPTSSKc7ySndEXWkOYArDIdtyxdE1p5/c3aoz4utzUU7NDHQ+vVIwlnZSMiZ jek2IJP3SZ+COOIHCVxpUaZ4lnzWT4eDqABhMLpIzw6NmGfg+kLBJhouqz81WITr EtJuZYM5blWncBOJCoWMnBEcTEo/viU3GgcVRw=3D=3D =3Dx94R -----END PGP PUBLIC KEY BLOCK----- --------------lv6SSR5j3czp6stsszwGre0C-- --------------T4000R3b8WCUlM00X8HkBUUE-- --------------S6UpLd0BWi0Q5lUl06INLdVa Content-Type: application/pgp-signature; name="OpenPGP_signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="OpenPGP_signature.asc" -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEopQtqVJW1aeuo9/sszaHOrMp8lMFAmm/enIACgkQszaHOrMp 8lOqHRAAg6/WPC6BEr0JgEii1d6bFD32xFX/ehKu0FYXZZIqNRjjIYVaQaXUi+95 /uBaL1ffN+F9fYOBe/2vAbQs6gEHBEiDHevmiROWGG4QMBUiRDexA1BO+V3tzXlb HGznOcLQQNzY0FipGA/QMSawZQEoXY4UKBPlhI66/v4lgPuTcW4j1dhxp30uSEAy CZlBAqnWgQKfBFwLinR7R6Y19jlAKySrpV3jcL7dq8OoyB+Pv6ClVhNVbH22qe76 Nwqbzeyl/lTpxOFmLVufZ38Myx94C9LRLjX1S6fJnqMeUSlwZq4kLcrKDF6lsEhJ VmQ4iyeY0s+BijHDIahvB0CyKZE3G+IJC2CoAavuv57v/JzLqF//g+c6pbHNOeiL WAvhRL5rKHKSYJEu1xxEgTPtbOjtwNU43xpYWhp87RA6QIyL2NoPLFmo3Yc5NDQ3 Ap+772pU1FWtRqdz0RbL/Vy6KiNVXuTbeHCj8XEqBmfK03Kl6n1utns4wZHDrK81 r+Lpr8i+mOtPVKuNlxzaeek/2gOnrN5Qy/X5iRg5DR6BA/WA0kEmIizloCbjX/uj /LhCelM/+CwtHIz/7cL4/sspu8FBRGK6fYtyk7GocEKHwJAItysvZA1XgH9VOZMY OKSN3xC77Dn++qjYw7Gdah6OBYucKYOG5JyeNnxltlb1RT4uG2g= =mkIc -----END PGP SIGNATURE----- --------------S6UpLd0BWi0Q5lUl06INLdVa--