{"id":2232781,"url":"http://patchwork.ozlabs.org/api/1.2/patches/2232781/?format=json","web_url":"http://patchwork.ozlabs.org/project/linuxppc-dev/patch/20260505-module-hashes-v5-7-e174a5a49fce@weissschuh.net/","project":{"id":2,"url":"http://patchwork.ozlabs.org/api/1.2/projects/2/?format=json","name":"Linux PPC development","link_name":"linuxppc-dev","list_id":"linuxppc-dev.lists.ozlabs.org","list_email":"linuxppc-dev@lists.ozlabs.org","web_url":"https://github.com/linuxppc/wiki/wiki","scm_url":"https://git.kernel.org/pub/scm/linux/kernel/git/powerpc/linux.git","webscm_url":"https://git.kernel.org/pub/scm/linux/kernel/git/powerpc/linux.git/","list_archive_url":"https://lore.kernel.org/linuxppc-dev/","list_archive_url_format":"https://lore.kernel.org/linuxppc-dev/{}/","commit_url_format":"https://git.kernel.org/pub/scm/linux/kernel/git/powerpc/linux.git/commit/?id={}"},"msgid":"<20260505-module-hashes-v5-7-e174a5a49fce@weissschuh.net>","list_archive_url":"https://lore.kernel.org/linuxppc-dev/20260505-module-hashes-v5-7-e174a5a49fce@weissschuh.net/","date":"2026-05-05T09:05:11","name":"[v5,07/14] module: Make module authentication usable without MODULE_SIG","commit_ref":null,"pull_url":null,"state":"handled-elsewhere","archived":false,"hash":"ada1e93769c140e22341ff76fd0c114094835e39","submitter":{"id":82751,"url":"http://patchwork.ozlabs.org/api/1.2/people/82751/?format=json","name":"Thomas Weißschuh","email":"linux@weissschuh.net"},"delegate":null,"mbox":"http://patchwork.ozlabs.org/project/linuxppc-dev/patch/20260505-module-hashes-v5-7-e174a5a49fce@weissschuh.net/mbox/","series":[{"id":502791,"url":"http://patchwork.ozlabs.org/api/1.2/series/502791/?format=json","web_url":"http://patchwork.ozlabs.org/project/linuxppc-dev/list/?series=502791","date":"2026-05-05T09:05:17","name":"module: Introduce hash-based integrity checking","version":5,"mbox":"http://patchwork.ozlabs.org/series/502791/mbox/"}],"comments":"http://patchwork.ozlabs.org/api/patches/2232781/comments/","check":"pending","checks":"http://patchwork.ozlabs.org/api/patches/2232781/checks/","tags":{},"related":[],"headers":{"Return-Path":"\n <linuxppc-dev+bounces-20468-incoming=patchwork.ozlabs.org@lists.ozlabs.org>","X-Original-To":["incoming@patchwork.ozlabs.org","linuxppc-dev@lists.ozlabs.org"],"Delivered-To":"patchwork-incoming@legolas.ozlabs.org","Authentication-Results":["legolas.ozlabs.org;\n\tdkim=pass (1024-bit key;\n unprotected) header.d=weissschuh.net header.i=@weissschuh.net\n header.a=rsa-sha256 header.s=mail header.b=XkblmXkp;\n\tdkim-atps=neutral","legolas.ozlabs.org;\n spf=pass (sender SPF authorized) smtp.mailfrom=lists.ozlabs.org\n (client-ip=2404:9400:21b9:f100::1; helo=lists.ozlabs.org;\n envelope-from=linuxppc-dev+bounces-20468-incoming=patchwork.ozlabs.org@lists.ozlabs.org;\n receiver=patchwork.ozlabs.org)","lists.ozlabs.org;\n arc=none smtp.remote-ip=159.69.126.157","lists.ozlabs.org;\n dmarc=pass (p=quarantine dis=none) header.from=weissschuh.net","lists.ozlabs.org;\n\tdkim=pass (1024-bit key;\n unprotected) header.d=weissschuh.net header.i=@weissschuh.net\n header.a=rsa-sha256 header.s=mail header.b=XkblmXkp;\n\tdkim-atps=neutral","lists.ozlabs.org;\n spf=pass (sender SPF authorized) smtp.mailfrom=weissschuh.net\n (client-ip=159.69.126.157; helo=todd.t-8ch.de;\n envelope-from=linux@weissschuh.net; receiver=lists.ozlabs.org)"],"Received":["from lists.ozlabs.org (lists.ozlabs.org\n [IPv6:2404:9400:21b9:f100::1])\n\t(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)\n\t key-exchange x25519)\n\t(No client certificate requested)\n\tby legolas.ozlabs.org (Postfix) with ESMTPS id 4g8tB15CBBz1yJV\n\tfor <incoming@patchwork.ozlabs.org>; Tue, 05 May 2026 19:14:17 +1000 (AEST)","from boromir.ozlabs.org (localhost [127.0.0.1])\n\tby lists.ozlabs.org (Postfix) with ESMTP id 4g8t9G6xpXz3bgd;\n\tTue, 05 May 2026 19:13:38 +1000 (AEST)","from todd.t-8ch.de (todd.t-8ch.de [159.69.126.157])\n\t(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)\n\t key-exchange x25519 server-signature RSA-PSS (2048 bits) server-digest\n SHA256)\n\t(No client certificate requested)\n\tby lists.ozlabs.org (Postfix) with ESMTPS id 4g8t9865rLz30W9\n\tfor <linuxppc-dev@lists.ozlabs.org>; Tue, 05 May 2026 19:13:32 +1000 (AEST)"],"ARC-Seal":"i=1; a=rsa-sha256; d=lists.ozlabs.org; s=201707; t=1777972418;\n\tcv=none;\n b=FIUB02ALhvQXjHxcTFnl3G6011km62nTfHXvTGU73duiC9wf5uZmkhOhR2R9YHLq22b1KmGFyvf/peSaXDVNduSsTekAdYkbGR2Wh5AeWBDPSoVCw4mL7XIW/B9cZC2oJ3QKNWaqyg75RYgBerGfHHTSzt6o9fYbLkjyfVPSSJ3lr9PQua+gHdCHByNJhzSBVkWwhlyA07SAtArj33QkOE5HdewUEHC3/uhZ2SNhe/LpNhpGn6Q+eDlWgUs+GEksjPm7O0+yEonDKzYhsCS/xgJgYKhA0ffv9jmQuTgZMYHmow9dmV8BcAOT6a/fv0Tkmz1FFdECWVNhbcnxYZg0Tg==","ARC-Message-Signature":"i=1; a=rsa-sha256; d=lists.ozlabs.org; s=201707;\n\tt=1777972418; c=relaxed/relaxed;\n\tbh=yOapd3fVWt2pvCLIdJaKHZ+Tn7hRsxbhL+Bs369JPsc=;\n\th=From:Date:Subject:MIME-Version:Content-Type:Message-Id:References:\n\t In-Reply-To:To:Cc;\n b=agmPUtdwKzhx8A1VBOQp3ZKMm8ZitLrSm0QHf3AXRc8+WUwvYxO9qCpZPTEjdwm7S9wB0IWSBQS+44IhPjy/9MPwrPKqzLyk+emglxfwBcudaiQzweAdDyfCWSDm9Iqx/GZOgxhqnoDJpib4QHcPRKz77OgNZtFTPNMaf3IjHbcAy3jkOC9M1Y9SH75vTQe7bfpMGmQaVyyWeq8yMJtRTA2Rew4QF5fUpNEBGlGxNUWB7thbjiYtoaKTzKwkbRxVQGUCL5ZSmnVUq6u44uw4ENfXbYzFNv+JzfyYceUC6eHqpBivf8A+5fkAb65aV2wWoj/MYUGr7eufMweHEDQr1Q==","ARC-Authentication-Results":"i=1; lists.ozlabs.org;\n dmarc=pass (p=quarantine dis=none) header.from=weissschuh.net;\n dkim=pass (1024-bit key;\n unprotected) header.d=weissschuh.net header.i=@weissschuh.net\n header.a=rsa-sha256 header.s=mail header.b=XkblmXkp; dkim-atps=neutral;\n spf=pass (client-ip=159.69.126.157; helo=todd.t-8ch.de;\n envelope-from=linux@weissschuh.net;\n receiver=lists.ozlabs.org) smtp.mailfrom=weissschuh.net","DKIM-Signature":"v=1; a=rsa-sha256; c=relaxed/simple; d=weissschuh.net;\n\ts=mail; t=1777971923;\n\tbh=Z6oGRNNDPv7HY7Jwe2K5yTNZdEqWzrdbU1BcgGO8c9s=;\n\th=From:Date:Subject:References:In-Reply-To:To:Cc:From;\n\tb=XkblmXkpzZZAvu9TAu6Fo8xGr7wGUQLffhlfPsrw/JunGdCmxKegomNJfYxkSvKrq\n\t nY+Ah0UWy7MZtVE5pdWxGb2KLagXUd1+rXC3feh++QtJWTN2zCB+dX2wFX50KLr0rC\n\t evPC6zYWtifj99O9PunB91EAD+OYk/kkSVv7oceU=","From":"=?utf-8?q?Thomas_Wei=C3=9Fschuh?= <linux@weissschuh.net>","Date":"Tue, 05 May 2026 11:05:11 +0200","Subject":"[PATCH v5 07/14] module: Make module authentication usable without\n MODULE_SIG","X-Mailing-List":"linuxppc-dev@lists.ozlabs.org","List-Id":"<linuxppc-dev.lists.ozlabs.org>","List-Help":"<mailto:linuxppc-dev+help@lists.ozlabs.org>","List-Owner":"<mailto:linuxppc-dev+owner@lists.ozlabs.org>","List-Post":"<mailto:linuxppc-dev@lists.ozlabs.org>","List-Archive":"<https://lore.kernel.org/linuxppc-dev/>,\n  <https://lists.ozlabs.org/pipermail/linuxppc-dev/>","List-Subscribe":"<mailto:linuxppc-dev+subscribe@lists.ozlabs.org>,\n  <mailto:linuxppc-dev+subscribe-digest@lists.ozlabs.org>,\n  <mailto:linuxppc-dev+subscribe-nomail@lists.ozlabs.org>","List-Unsubscribe":"<mailto:linuxppc-dev+unsubscribe@lists.ozlabs.org>","Precedence":"list","MIME-Version":"1.0","Content-Type":"text/plain; charset=\"utf-8\"","Content-Transfer-Encoding":"8bit","Message-Id":"<20260505-module-hashes-v5-7-e174a5a49fce@weissschuh.net>","References":"<20260505-module-hashes-v5-0-e174a5a49fce@weissschuh.net>","In-Reply-To":"<20260505-module-hashes-v5-0-e174a5a49fce@weissschuh.net>","To":"Alexei Starovoitov <ast@kernel.org>,\n Daniel Borkmann <daniel@iogearbox.net>, Andrii Nakryiko <andrii@kernel.org>,\n Eduard Zingerman <eddyz87@gmail.com>,\n Kumar Kartikeya Dwivedi <memxor@gmail.com>,\n Nathan Chancellor <nathan@kernel.org>, Nicolas Schier <nsc@kernel.org>,\n Arnd Bergmann <arnd@arndb.de>, Luis Chamberlain <mcgrof@kernel.org>,\n Petr Pavlu <petr.pavlu@suse.com>, Sami Tolvanen <samitolvanen@google.com>,\n Daniel Gomez <da.gomez@samsung.com>, Paul Moore <paul@paul-moore.com>,\n James Morris <jmorris@namei.org>, \"Serge E. Hallyn\" <serge@hallyn.com>,\n Jonathan Corbet <corbet@lwn.net>, Madhavan Srinivasan <maddy@linux.ibm.com>,\n Michael Ellerman <mpe@ellerman.id.au>, Nicholas Piggin <npiggin@gmail.com>,\n Naveen N Rao <naveen@kernel.org>, Mimi Zohar <zohar@linux.ibm.com>,\n Roberto Sassu <roberto.sassu@huawei.com>,\n Dmitry Kasatkin <dmitry.kasatkin@gmail.com>,\n Eric Snowberg <eric.snowberg@oracle.com>,\n Nicolas Schier <nicolas.schier@linux.dev>,\n Daniel Gomez <da.gomez@kernel.org>, Aaron Tomlin <atomlin@atomlin.com>,\n \"Christophe Leroy (CS GROUP)\" <chleroy@kernel.org>,\n Nicolas Bouchinet <nicolas.bouchinet@oss.cyber.gouv.fr>,\n Xiu Jianfeng <xiujianfeng@huawei.com>,\n Christophe Leroy <chleroy@kernel.org>","Cc":"Martin KaFai Lau <martin.lau@linux.dev>, Song Liu <song@kernel.org>,\n  Yonghong Song <yonghong.song@linux.dev>, Jiri Olsa <jolsa@kernel.org>,\n  bpf@vger.kernel.org,\n =?utf-8?q?Fabian_Gr=C3=BCnbichler?= <f.gruenbichler@proxmox.com>,\n  Arnout Engelen <arnout@bzzt.net>, Mattia Rizzolo <mattia@mapreri.org>,\n  kpcyrd <kpcyrd@archlinux.org>, Christian Heusel <christian@heusel.eu>,\n\t=?utf-8?q?C=C3=A2ju_Mihai-Drosi?= <mcaju95@gmail.com>,\n  Eric Biggers <ebiggers@kernel.org>,\n  Sebastian Andrzej Siewior <bigeasy@linutronix.de>,\n  linux-kbuild@vger.kernel.org, linux-kernel@vger.kernel.org,\n  linux-arch@vger.kernel.org, linux-modules@vger.kernel.org,\n  linux-security-module@vger.kernel.org, linux-doc@vger.kernel.org,\n  linuxppc-dev@lists.ozlabs.org, linux-integrity@vger.kernel.org,\n  debian-kernel@lists.debian.org,\n =?utf-8?q?Thomas_Wei=C3=9Fschuh?= <linux@weissschuh.net>","X-Mailer":"b4 0.15.2","X-Developer-Signature":"v=1; a=ed25519-sha256; t=1777971921; l=7097;\n i=linux@weissschuh.net; s=20221212; h=from:subject:message-id;\n bh=Z6oGRNNDPv7HY7Jwe2K5yTNZdEqWzrdbU1BcgGO8c9s=;\n b=gZ9L4Pv0bW11gPm0OadkMRRSd3fcG4bTAsBKfMt93FHeYTx6e3IE0Apbb9U2ZuKdpL6rwl+xH\n 0w+pvk6DlWQB4Kj/mcYSKmEB5iRuH1DnEV/AbAzFaQus13MV8FaxoKp","X-Developer-Key":"i=linux@weissschuh.net; a=ed25519;\n pk=KcycQgFPX2wGR5azS7RhpBqedglOZVgRPfdFSPB1LNw=","X-Spam-Status":"No, score=-0.2 required=3.0 tests=DKIM_SIGNED,DKIM_VALID,\n\tDKIM_VALID_AU,DKIM_VALID_EF,SPF_HELO_NONE,SPF_PASS autolearn=disabled\n\tversion=4.0.1 OzLabs 8","X-Spam-Checker-Version":"SpamAssassin 4.0.1 (2024-03-25) on lists.ozlabs.org"},"content":"The module authentication functionality will also be used by the\nhash-based module authentication. Split it out from CONFIG_MODULE_SIG\nso it is usable by both.\n\nSigned-off-by: Thomas Weißschuh <linux@weissschuh.net>\n---\n crypto/algapi.c          |  4 ++--\n include/linux/module.h   | 18 +++++++++---------\n kernel/module/Kconfig    |  5 ++++-\n kernel/module/Makefile   |  1 +\n kernel/module/auth.c     | 32 ++++++++++++++++++++++++++++++++\n kernel/module/internal.h |  2 +-\n kernel/module/main.c     |  8 ++++----\n kernel/module/signing.c  | 23 +----------------------\n 8 files changed, 54 insertions(+), 39 deletions(-)","diff":"diff --git a/crypto/algapi.c b/crypto/algapi.c\nindex 37de377719ae..14252b780266 100644\n--- a/crypto/algapi.c\n+++ b/crypto/algapi.c\n@@ -24,8 +24,8 @@ static LIST_HEAD(crypto_template_list);\n \n static inline void crypto_check_module_sig(struct module *mod)\n {\n-\tif (fips_enabled && mod && !module_sig_ok(mod))\n-\t\tpanic(\"Module %s signature verification failed in FIPS mode\\n\",\n+\tif (fips_enabled && mod && !module_auth_ok(mod))\n+\t\tpanic(\"Module %s authentication failed in FIPS mode\\n\",\n \t\t      module_name(mod));\n }\n \ndiff --git a/include/linux/module.h b/include/linux/module.h\nindex 7566815fabbe..b4760777daad 100644\n--- a/include/linux/module.h\n+++ b/include/linux/module.h\n@@ -437,9 +437,9 @@ struct module {\n \t/* GPL-only exported symbols. */\n \tbool using_gplonly_symbols;\n \n-#ifdef CONFIG_MODULE_SIG\n-\t/* Signature was verified. */\n-\tbool sig_ok;\n+#ifdef CONFIG_MODULE_AUTH\n+\t/* Module was authenticated. */\n+\tbool auth_ok;\n #endif\n \n \tbool async_probe_requested;\n@@ -918,16 +918,16 @@ static inline bool retpoline_module_ok(bool has_retpoline)\n }\n #endif\n \n-#ifdef CONFIG_MODULE_SIG\n+#ifdef CONFIG_MODULE_AUTH\n bool is_module_sig_enforced(void);\n \n void set_module_sig_enforced(void);\n \n-static inline bool module_sig_ok(struct module *module)\n+static inline bool module_auth_ok(struct module *module)\n {\n-\treturn module->sig_ok;\n+\treturn module->auth_ok;\n }\n-#else\t/* !CONFIG_MODULE_SIG */\n+#else\t/* !CONFIG_MODULE_AUTH */\n static inline bool is_module_sig_enforced(void)\n {\n \treturn false;\n@@ -937,11 +937,11 @@ static inline void set_module_sig_enforced(void)\n {\n }\n \n-static inline bool module_sig_ok(struct module *module)\n+static inline bool module_auth_ok(struct module *module)\n {\n \treturn true;\n }\n-#endif\t/* CONFIG_MODULE_SIG */\n+#endif\t/* CONFIG_MODULE_AUTH */\n \n #if defined(CONFIG_MODULES) && defined(CONFIG_KALLSYMS)\n int module_kallsyms_on_each_symbol(const char *modname,\ndiff --git a/kernel/module/Kconfig b/kernel/module/Kconfig\nindex f535181e0d98..84297da666ff 100644\n--- a/kernel/module/Kconfig\n+++ b/kernel/module/Kconfig\n@@ -271,9 +271,12 @@ config MODULE_SIG\n \t  debuginfo strip done by some packagers (such as rpmbuild) and\n \t  inclusion into an initramfs that wants the module size reduced.\n \n+config MODULE_AUTH\n+\tdef_bool MODULE_SIG\n+\n config MODULE_SIG_FORCE\n \tbool \"Require modules to be validly signed\"\n-\tdepends on MODULE_SIG\n+\tdepends on MODULE_AUTH\n \thelp\n \t  Reject unsigned modules or signed modules for which we don't have a\n \t  key.  Without this, such modules will simply taint the kernel.\ndiff --git a/kernel/module/Makefile b/kernel/module/Makefile\nindex d9e8759a7b05..c7200e293d04 100644\n--- a/kernel/module/Makefile\n+++ b/kernel/module/Makefile\n@@ -14,6 +14,7 @@ obj-y += strict_rwx.o\n obj-y += kmod.o\n obj-$(CONFIG_MODULE_DEBUG_AUTOLOAD_DUPS) += dups.o\n obj-$(CONFIG_MODULE_DECOMPRESS) += decompress.o\n+obj-$(CONFIG_MODULE_AUTH) += auth.o\n obj-$(CONFIG_MODULE_SIG) += signing.o\n obj-$(CONFIG_LIVEPATCH) += livepatch.o\n obj-$(CONFIG_MODULES_TREE_LOOKUP) += tree_lookup.o\ndiff --git a/kernel/module/auth.c b/kernel/module/auth.c\nnew file mode 100644\nindex 000000000000..956ac63d9d33\n--- /dev/null\n+++ b/kernel/module/auth.c\n@@ -0,0 +1,32 @@\n+// SPDX-License-Identifier: GPL-2.0-or-later\n+/* Module authentication checker\n+ *\n+ * Copyright (C) 2012 Red Hat, Inc. All Rights Reserved.\n+ * Written by David Howells (dhowells@redhat.com)\n+ */\n+\n+#include <linux/export.h>\n+#include <linux/module.h>\n+#include <linux/moduleparam.h>\n+#include <linux/types.h>\n+\n+#undef MODULE_PARAM_PREFIX\n+#define MODULE_PARAM_PREFIX \"module.\"\n+\n+static bool sig_enforce = IS_ENABLED(CONFIG_MODULE_SIG_FORCE);\n+module_param(sig_enforce, bool_enable_only, 0644);\n+\n+/*\n+ * Export sig_enforce kernel cmdline parameter to allow other subsystems rely\n+ * on that instead of directly to CONFIG_MODULE_SIG_FORCE config.\n+ */\n+bool is_module_sig_enforced(void)\n+{\n+\treturn sig_enforce;\n+}\n+EXPORT_SYMBOL(is_module_sig_enforced);\n+\n+void set_module_sig_enforced(void)\n+{\n+\tsig_enforce = true;\n+}\ndiff --git a/kernel/module/internal.h b/kernel/module/internal.h\nindex 006ada7d4e6e..f8f425b167f1 100644\n--- a/kernel/module/internal.h\n+++ b/kernel/module/internal.h\n@@ -68,7 +68,7 @@ struct load_info {\n \tElf_Shdr *sechdrs;\n \tchar *secstrings, *strtab;\n \tunsigned long symoffs, stroffs, init_typeoffs, core_typeoffs;\n-\tbool sig_ok;\n+\tbool auth_ok;\n #ifdef CONFIG_KALLSYMS\n \tunsigned long mod_kallsyms_init_off;\n #endif\ndiff --git a/kernel/module/main.c b/kernel/module/main.c\nindex 17a352198016..cd8a74df117e 100644\n--- a/kernel/module/main.c\n+++ b/kernel/module/main.c\n@@ -2601,10 +2601,10 @@ static void module_augment_kernel_taints(struct module *mod, struct load_info *i\n \t\t\t\tmod->name);\n \t\tadd_taint_module(mod, TAINT_TEST, LOCKDEP_STILL_OK);\n \t}\n-#ifdef CONFIG_MODULE_SIG\n-\tmod->sig_ok = info->sig_ok;\n-\tif (!mod->sig_ok) {\n-\t\tpr_notice_once(\"%s: module verification failed: signature \"\n+#ifdef CONFIG_MODULE_AUTH\n+\tmod->auth_ok = info->auth_ok;\n+\tif (!mod->auth_ok) {\n+\t\tpr_notice_once(\"%s: module authentication failed: signature \"\n \t\t\t       \"and/or required key missing - tainting \"\n \t\t\t       \"kernel\\n\", mod->name);\n \t\tadd_taint_module(mod, TAINT_UNSIGNED_MODULE, LOCKDEP_STILL_OK);\ndiff --git a/kernel/module/signing.c b/kernel/module/signing.c\nindex 69d4b1758540..07a786723221 100644\n--- a/kernel/module/signing.c\n+++ b/kernel/module/signing.c\n@@ -16,27 +16,6 @@\n #include <uapi/linux/module.h>\n #include \"internal.h\"\n \n-#undef MODULE_PARAM_PREFIX\n-#define MODULE_PARAM_PREFIX \"module.\"\n-\n-static bool sig_enforce = IS_ENABLED(CONFIG_MODULE_SIG_FORCE);\n-module_param(sig_enforce, bool_enable_only, 0644);\n-\n-/*\n- * Export sig_enforce kernel cmdline parameter to allow other subsystems rely\n- * on that instead of directly to CONFIG_MODULE_SIG_FORCE config.\n- */\n-bool is_module_sig_enforced(void)\n-{\n-\treturn sig_enforce;\n-}\n-EXPORT_SYMBOL(is_module_sig_enforced);\n-\n-void set_module_sig_enforced(void)\n-{\n-\tsig_enforce = true;\n-}\n-\n /*\n  * Verify the signature on a module.\n  */\n@@ -84,7 +63,7 @@ int module_sig_check(struct load_info *info, int flags)\n \t\tinfo->len -= markerlen;\n \t\terr = mod_verify_sig(mod, info);\n \t\tif (!err) {\n-\t\t\tinfo->sig_ok = true;\n+\t\t\tinfo->auth_ok = true;\n \t\t\treturn 0;\n \t\t}\n \t}\n","prefixes":["v5","07/14"]}