]> git.ipfire.org Git - thirdparty/kernel/stable.git/blob - fs/ceph/crypto.c
projects / thirdparty / kernel / stable.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
KVM: x86/pmu: Add documentation for fixed ctr on PMU filter
[thirdparty/kernel/stable.git] / fs / ceph / crypto.c
1 // SPDX-License-Identifier: GPL-2.0
2 /*
3 * The base64 encode/decode code was copied from fscrypt:
4 * Copyright (C) 2015, Google, Inc.
5 * Copyright (C) 2015, Motorola Mobility
6 * Written by Uday Savagaonkar, 2014.
7 * Modified by Jaegeuk Kim, 2015.
8 */
9 #include <linux/ceph/ceph_debug.h>
10 #include <linux/xattr.h>
11 #include <linux/fscrypt.h>
12 #include <linux/ceph/striper.h>
13
14 #include "super.h"
15 #include "mds_client.h"
16 #include "crypto.h"
17
18 /*
19 * The base64url encoding used by fscrypt includes the '_' character, which may
20 * cause problems in snapshot names (which can not start with '_'). Thus, we
21 * used the base64 encoding defined for IMAP mailbox names (RFC 3501) instead,
22 * which replaces '-' and '_' by '+' and ','.
23 */
24 static const char base64_table[65] =
25 "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+,";
26
27 int ceph_base64_encode(const u8 *src, int srclen, char *dst)
28 {
29 u32 ac = 0;
30 int bits = 0;
31 int i;
32 char *cp = dst;
33
34 for (i = 0; i < srclen; i++) {
35 ac = (ac << 8) | src[i];
36 bits += 8;
37 do {
38 bits -= 6;
39 *cp++ = base64_table[(ac >> bits) & 0x3f];
40 } while (bits >= 6);
41 }
42 if (bits)
43 *cp++ = base64_table[(ac << (6 - bits)) & 0x3f];
44 return cp - dst;
45 }
46
47 int ceph_base64_decode(const char *src, int srclen, u8 *dst)
48 {
49 u32 ac = 0;
50 int bits = 0;
51 int i;
52 u8 *bp = dst;
53
54 for (i = 0; i < srclen; i++) {
55 const char *p = strchr(base64_table, src[i]);
56
57 if (p == NULL || src[i] == 0)
58 return -1;
59 ac = (ac << 6) | (p - base64_table);
60 bits += 6;
61 if (bits >= 8) {
62 bits -= 8;
63 *bp++ = (u8)(ac >> bits);
64 }
65 }
66 if (ac & ((1 << bits) - 1))
67 return -1;
68 return bp - dst;
69 }
70
71 static int ceph_crypt_get_context(struct inode *inode, void *ctx, size_t len)
72 {
73 struct ceph_inode_info *ci = ceph_inode(inode);
74 struct ceph_fscrypt_auth *cfa = (struct ceph_fscrypt_auth *)ci->fscrypt_auth;
75 u32 ctxlen;
76
77 /* Non existent or too short? */
78 if (!cfa || (ci->fscrypt_auth_len < (offsetof(struct ceph_fscrypt_auth, cfa_blob) + 1)))
79 return -ENOBUFS;
80
81 /* Some format we don't recognize? */
82 if (le32_to_cpu(cfa->cfa_version) != CEPH_FSCRYPT_AUTH_VERSION)
83 return -ENOBUFS;
84
85 ctxlen = le32_to_cpu(cfa->cfa_blob_len);
86 if (len < ctxlen)
87 return -ERANGE;
88
89 memcpy(ctx, cfa->cfa_blob, ctxlen);
90 return ctxlen;
91 }
92
93 static int ceph_crypt_set_context(struct inode *inode, const void *ctx,
94 size_t len, void *fs_data)
95 {
96 int ret;
97 struct iattr attr = { };
98 struct ceph_iattr cia = { };
99 struct ceph_fscrypt_auth *cfa;
100
101 WARN_ON_ONCE(fs_data);
102
103 if (len > FSCRYPT_SET_CONTEXT_MAX_SIZE)
104 return -EINVAL;
105
106 cfa = kzalloc(sizeof(*cfa), GFP_KERNEL);
107 if (!cfa)
108 return -ENOMEM;
109
110 cfa->cfa_version = cpu_to_le32(CEPH_FSCRYPT_AUTH_VERSION);
111 cfa->cfa_blob_len = cpu_to_le32(len);
112 memcpy(cfa->cfa_blob, ctx, len);
113
114 cia.fscrypt_auth = cfa;
115
116 ret = __ceph_setattr(inode, &attr, &cia);
117 if (ret == 0)
118 inode_set_flags(inode, S_ENCRYPTED, S_ENCRYPTED);
119 kfree(cia.fscrypt_auth);
120 return ret;
121 }
122
123 static bool ceph_crypt_empty_dir(struct inode *inode)
124 {
125 struct ceph_inode_info *ci = ceph_inode(inode);
126
127 return ci->i_rsubdirs + ci->i_rfiles == 1;
128 }
129
130 static const union fscrypt_policy *ceph_get_dummy_policy(struct super_block *sb)
131 {
132 return ceph_sb_to_client(sb)->fsc_dummy_enc_policy.policy;
133 }
134
135 static struct fscrypt_operations ceph_fscrypt_ops = {
136 .get_context = ceph_crypt_get_context,
137 .set_context = ceph_crypt_set_context,
138 .get_dummy_policy = ceph_get_dummy_policy,
139 .empty_dir = ceph_crypt_empty_dir,
140 };
141
142 void ceph_fscrypt_set_ops(struct super_block *sb)
143 {
144 fscrypt_set_ops(sb, &ceph_fscrypt_ops);
145 }
146
147 void ceph_fscrypt_free_dummy_policy(struct ceph_fs_client *fsc)
148 {
149 fscrypt_free_dummy_policy(&fsc->fsc_dummy_enc_policy);
150 }
151
152 int ceph_fscrypt_prepare_context(struct inode *dir, struct inode *inode,
153 struct ceph_acl_sec_ctx *as)
154 {
155 int ret, ctxsize;
156 bool encrypted = false;
157 struct ceph_inode_info *ci = ceph_inode(inode);
158
159 ret = fscrypt_prepare_new_inode(dir, inode, &encrypted);
160 if (ret)
161 return ret;
162 if (!encrypted)
163 return 0;
164
165 as->fscrypt_auth = kzalloc(sizeof(*as->fscrypt_auth), GFP_KERNEL);
166 if (!as->fscrypt_auth)
167 return -ENOMEM;
168
169 ctxsize = fscrypt_context_for_new_inode(as->fscrypt_auth->cfa_blob,
170 inode);
171 if (ctxsize < 0)
172 return ctxsize;
173
174 as->fscrypt_auth->cfa_version = cpu_to_le32(CEPH_FSCRYPT_AUTH_VERSION);
175 as->fscrypt_auth->cfa_blob_len = cpu_to_le32(ctxsize);
176
177 WARN_ON_ONCE(ci->fscrypt_auth);
178 kfree(ci->fscrypt_auth);
179 ci->fscrypt_auth_len = ceph_fscrypt_auth_len(as->fscrypt_auth);
180 ci->fscrypt_auth = kmemdup(as->fscrypt_auth, ci->fscrypt_auth_len,
181 GFP_KERNEL);
182 if (!ci->fscrypt_auth)
183 return -ENOMEM;
184
185 inode->i_flags |= S_ENCRYPTED;
186
187 return 0;
188 }
189
190 void ceph_fscrypt_as_ctx_to_req(struct ceph_mds_request *req,
191 struct ceph_acl_sec_ctx *as)
192 {
193 swap(req->r_fscrypt_auth, as->fscrypt_auth);
194 }
195
196 /*
197 * User-created snapshots can't start with '_'. Snapshots that start with this
198 * character are special (hint: there aren't real snapshots) and use the
199 * following format:
200 *
201 * _<SNAPSHOT-NAME>_<INODE-NUMBER>
202 *
203 * where:
204 * - <SNAPSHOT-NAME> - the real snapshot name that may need to be decrypted,
205 * - <INODE-NUMBER> - the inode number (in decimal) for the actual snapshot
206 *
207 * This function parses these snapshot names and returns the inode
208 * <INODE-NUMBER>. 'name_len' will also bet set with the <SNAPSHOT-NAME>
209 * length.
210 */
211 static struct inode *parse_longname(const struct inode *parent,
212 const char *name, int *name_len)
213 {
214 struct inode *dir = NULL;
215 struct ceph_vino vino = { .snap = CEPH_NOSNAP };
216 char *inode_number;
217 char *name_end;
218 int orig_len = *name_len;
219 int ret = -EIO;
220
221 /* Skip initial '_' */
222 name++;
223 name_end = strrchr(name, '_');
224 if (!name_end) {
225 dout("Failed to parse long snapshot name: %s\n", name);
226 return ERR_PTR(-EIO);
227 }
228 *name_len = (name_end - name);
229 if (*name_len <= 0) {
230 pr_err("Failed to parse long snapshot name\n");
231 return ERR_PTR(-EIO);
232 }
233
234 /* Get the inode number */
235 inode_number = kmemdup_nul(name_end + 1,
236 orig_len - *name_len - 2,
237 GFP_KERNEL);
238 if (!inode_number)
239 return ERR_PTR(-ENOMEM);
240 ret = kstrtou64(inode_number, 10, &vino.ino);
241 if (ret) {
242 dout("Failed to parse inode number: %s\n", name);
243 dir = ERR_PTR(ret);
244 goto out;
245 }
246
247 /* And finally the inode */
248 dir = ceph_find_inode(parent->i_sb, vino);
249 if (!dir) {
250 /* This can happen if we're not mounting cephfs on the root */
251 dir = ceph_get_inode(parent->i_sb, vino, NULL);
252 if (!dir)
253 dir = ERR_PTR(-ENOENT);
254 }
255 if (IS_ERR(dir))
256 dout("Can't find inode %s (%s)\n", inode_number, name);
257
258 out:
259 kfree(inode_number);
260 return dir;
261 }
262
263 int ceph_encode_encrypted_dname(struct inode *parent, struct qstr *d_name,
264 char *buf)
265 {
266 struct inode *dir = parent;
267 struct qstr iname;
268 u32 len;
269 int name_len;
270 int elen;
271 int ret;
272 u8 *cryptbuf = NULL;
273
274 iname.name = d_name->name;
275 name_len = d_name->len;
276
277 /* Handle the special case of snapshot names that start with '_' */
278 if ((ceph_snap(dir) == CEPH_SNAPDIR) && (name_len > 0) &&
279 (iname.name[0] == '_')) {
280 dir = parse_longname(parent, iname.name, &name_len);
281 if (IS_ERR(dir))
282 return PTR_ERR(dir);
283 iname.name++; /* skip initial '_' */
284 }
285 iname.len = name_len;
286
287 if (!fscrypt_has_encryption_key(dir)) {
288 memcpy(buf, d_name->name, d_name->len);
289 elen = d_name->len;
290 goto out;
291 }
292
293 /*
294 * Convert cleartext d_name to ciphertext. If result is longer than
295 * CEPH_NOHASH_NAME_MAX, sha256 the remaining bytes
296 *
297 * See: fscrypt_setup_filename
298 */
299 if (!fscrypt_fname_encrypted_size(dir, iname.len, NAME_MAX, &len)) {
300 elen = -ENAMETOOLONG;
301 goto out;
302 }
303
304 /* Allocate a buffer appropriate to hold the result */
305 cryptbuf = kmalloc(len > CEPH_NOHASH_NAME_MAX ? NAME_MAX : len,
306 GFP_KERNEL);
307 if (!cryptbuf) {
308 elen = -ENOMEM;
309 goto out;
310 }
311
312 ret = fscrypt_fname_encrypt(dir, &iname, cryptbuf, len);
313 if (ret) {
314 elen = ret;
315 goto out;
316 }
317
318 /* hash the end if the name is long enough */
319 if (len > CEPH_NOHASH_NAME_MAX) {
320 u8 hash[SHA256_DIGEST_SIZE];
321 u8 *extra = cryptbuf + CEPH_NOHASH_NAME_MAX;
322
323 /*
324 * hash the extra bytes and overwrite crypttext beyond that
325 * point with it
326 */
327 sha256(extra, len - CEPH_NOHASH_NAME_MAX, hash);
328 memcpy(extra, hash, SHA256_DIGEST_SIZE);
329 len = CEPH_NOHASH_NAME_MAX + SHA256_DIGEST_SIZE;
330 }
331
332 /* base64 encode the encrypted name */
333 elen = ceph_base64_encode(cryptbuf, len, buf);
334 dout("base64-encoded ciphertext name = %.*s\n", elen, buf);
335
336 /* To understand the 240 limit, see CEPH_NOHASH_NAME_MAX comments */
337 WARN_ON(elen > 240);
338 if ((elen > 0) && (dir != parent)) {
339 char tmp_buf[NAME_MAX];
340
341 elen = snprintf(tmp_buf, sizeof(tmp_buf), "_%.*s_%ld",
342 elen, buf, dir->i_ino);
343 memcpy(buf, tmp_buf, elen);
344 }
345
346 out:
347 kfree(cryptbuf);
348 if (dir != parent) {
349 if ((dir->i_state & I_NEW))
350 discard_new_inode(dir);
351 else
352 iput(dir);
353 }
354 return elen;
355 }
356
357 int ceph_encode_encrypted_fname(struct inode *parent, struct dentry *dentry,
358 char *buf)
359 {
360 WARN_ON_ONCE(!fscrypt_has_encryption_key(parent));
361
362 return ceph_encode_encrypted_dname(parent, &dentry->d_name, buf);
363 }
364
365 /**
366 * ceph_fname_to_usr - convert a filename for userland presentation
367 * @fname: ceph_fname to be converted
368 * @tname: temporary name buffer to use for conversion (may be NULL)
369 * @oname: where converted name should be placed
370 * @is_nokey: set to true if key wasn't available during conversion (may be NULL)
371 *
372 * Given a filename (usually from the MDS), format it for presentation to
373 * userland. If @parent is not encrypted, just pass it back as-is.
374 *
375 * Otherwise, base64 decode the string, and then ask fscrypt to format it
376 * for userland presentation.
377 *
378 * Returns 0 on success or negative error code on error.
379 */
380 int ceph_fname_to_usr(const struct ceph_fname *fname, struct fscrypt_str *tname,
381 struct fscrypt_str *oname, bool *is_nokey)
382 {
383 struct inode *dir = fname->dir;
384 struct fscrypt_str _tname = FSTR_INIT(NULL, 0);
385 struct fscrypt_str iname;
386 char *name = fname->name;
387 int name_len = fname->name_len;
388 int ret;
389
390 /* Sanity check that the resulting name will fit in the buffer */
391 if (fname->name_len > NAME_MAX || fname->ctext_len > NAME_MAX)
392 return -EIO;
393
394 /* Handle the special case of snapshot names that start with '_' */
395 if ((ceph_snap(dir) == CEPH_SNAPDIR) && (name_len > 0) &&
396 (name[0] == '_')) {
397 dir = parse_longname(dir, name, &name_len);
398 if (IS_ERR(dir))
399 return PTR_ERR(dir);
400 name++; /* skip initial '_' */
401 }
402
403 if (!IS_ENCRYPTED(dir)) {
404 oname->name = fname->name;
405 oname->len = fname->name_len;
406 ret = 0;
407 goto out_inode;
408 }
409
410 ret = ceph_fscrypt_prepare_readdir(dir);
411 if (ret)
412 goto out_inode;
413
414 /*
415 * Use the raw dentry name as sent by the MDS instead of
416 * generating a nokey name via fscrypt.
417 */
418 if (!fscrypt_has_encryption_key(dir)) {
419 if (fname->no_copy)
420 oname->name = fname->name;
421 else
422 memcpy(oname->name, fname->name, fname->name_len);
423 oname->len = fname->name_len;
424 if (is_nokey)
425 *is_nokey = true;
426 ret = 0;
427 goto out_inode;
428 }
429
430 if (fname->ctext_len == 0) {
431 int declen;
432
433 if (!tname) {
434 ret = fscrypt_fname_alloc_buffer(NAME_MAX, &_tname);
435 if (ret)
436 goto out_inode;
437 tname = &_tname;
438 }
439
440 declen = ceph_base64_decode(name, name_len, tname->name);
441 if (declen <= 0) {
442 ret = -EIO;
443 goto out;
444 }
445 iname.name = tname->name;
446 iname.len = declen;
447 } else {
448 iname.name = fname->ctext;
449 iname.len = fname->ctext_len;
450 }
451
452 ret = fscrypt_fname_disk_to_usr(dir, 0, 0, &iname, oname);
453 if (!ret && (dir != fname->dir)) {
454 char tmp_buf[CEPH_BASE64_CHARS(NAME_MAX)];
455
456 name_len = snprintf(tmp_buf, sizeof(tmp_buf), "_%.*s_%ld",
457 oname->len, oname->name, dir->i_ino);
458 memcpy(oname->name, tmp_buf, name_len);
459 oname->len = name_len;
460 }
461
462 out:
463 fscrypt_fname_free_buffer(&_tname);
464 out_inode:
465 if ((dir != fname->dir) && !IS_ERR(dir)) {
466 if ((dir->i_state & I_NEW))
467 discard_new_inode(dir);
468 else
469 iput(dir);
470 }
471 return ret;
472 }
473
474 /**
475 * ceph_fscrypt_prepare_readdir - simple __fscrypt_prepare_readdir() wrapper
476 * @dir: directory inode for readdir prep
477 *
478 * Simple wrapper around __fscrypt_prepare_readdir() that will mark directory as
479 * non-complete if this call results in having the directory unlocked.
480 *
481 * Returns:
482 * 1 - if directory was locked and key is now loaded (i.e. dir is unlocked)
483 * 0 - if directory is still locked
484 * < 0 - if __fscrypt_prepare_readdir() fails
485 */
486 int ceph_fscrypt_prepare_readdir(struct inode *dir)
487 {
488 bool had_key = fscrypt_has_encryption_key(dir);
489 int err;
490
491 if (!IS_ENCRYPTED(dir))
492 return 0;
493
494 err = __fscrypt_prepare_readdir(dir);
495 if (err)
496 return err;
497 if (!had_key && fscrypt_has_encryption_key(dir)) {
498 /* directory just got unlocked, mark it as not complete */
499 ceph_dir_clear_complete(dir);
500 return 1;
501 }
502 return 0;
503 }
504
505 int ceph_fscrypt_decrypt_block_inplace(const struct inode *inode,
506 struct page *page, unsigned int len,
507 unsigned int offs, u64 lblk_num)
508 {
509 dout("%s: len %u offs %u blk %llu\n", __func__, len, offs, lblk_num);
510 return fscrypt_decrypt_block_inplace(inode, page, len, offs, lblk_num);
511 }
512
513 int ceph_fscrypt_encrypt_block_inplace(const struct inode *inode,
514 struct page *page, unsigned int len,
515 unsigned int offs, u64 lblk_num,
516 gfp_t gfp_flags)
517 {
518 dout("%s: len %u offs %u blk %llu\n", __func__, len, offs, lblk_num);
519 return fscrypt_encrypt_block_inplace(inode, page, len, offs, lblk_num,
520 gfp_flags);
521 }
522
523 /**
524 * ceph_fscrypt_decrypt_pages - decrypt an array of pages
525 * @inode: pointer to inode associated with these pages
526 * @page: pointer to page array
527 * @off: offset into the file that the read data starts
528 * @len: max length to decrypt
529 *
530 * Decrypt an array of fscrypt'ed pages and return the amount of
531 * data decrypted. Any data in the page prior to the start of the
532 * first complete block in the read is ignored. Any incomplete
533 * crypto blocks at the end of the array are ignored (and should
534 * probably be zeroed by the caller).
535 *
536 * Returns the length of the decrypted data or a negative errno.
537 */
538 int ceph_fscrypt_decrypt_pages(struct inode *inode, struct page **page,
539 u64 off, int len)
540 {
541 int i, num_blocks;
542 u64 baseblk = off >> CEPH_FSCRYPT_BLOCK_SHIFT;
543 int ret = 0;
544
545 /*
546 * We can't deal with partial blocks on an encrypted file, so mask off
547 * the last bit.
548 */
549 num_blocks = ceph_fscrypt_blocks(off, len & CEPH_FSCRYPT_BLOCK_MASK);
550
551 /* Decrypt each block */
552 for (i = 0; i < num_blocks; ++i) {
553 int blkoff = i << CEPH_FSCRYPT_BLOCK_SHIFT;
554 int pgidx = blkoff >> PAGE_SHIFT;
555 unsigned int pgoffs = offset_in_page(blkoff);
556 int fret;
557
558 fret = ceph_fscrypt_decrypt_block_inplace(inode, page[pgidx],
559 CEPH_FSCRYPT_BLOCK_SIZE, pgoffs,
560 baseblk + i);
561 if (fret < 0) {
562 if (ret == 0)
563 ret = fret;
564 break;
565 }
566 ret += CEPH_FSCRYPT_BLOCK_SIZE;
567 }
568 return ret;
569 }
570
571 /**
572 * ceph_fscrypt_decrypt_extents: decrypt received extents in given buffer
573 * @inode: inode associated with pages being decrypted
574 * @page: pointer to page array
575 * @off: offset into the file that the data in page[0] starts
576 * @map: pointer to extent array
577 * @ext_cnt: length of extent array
578 *
579 * Given an extent map and a page array, decrypt the received data in-place,
580 * skipping holes. Returns the offset into buffer of end of last decrypted
581 * block.
582 */
583 int ceph_fscrypt_decrypt_extents(struct inode *inode, struct page **page,
584 u64 off, struct ceph_sparse_extent *map,
585 u32 ext_cnt)
586 {
587 int i, ret = 0;
588 struct ceph_inode_info *ci = ceph_inode(inode);
589 u64 objno, objoff;
590 u32 xlen;
591
592 /* Nothing to do for empty array */
593 if (ext_cnt == 0) {
594 dout("%s: empty array, ret 0\n", __func__);
595 return 0;
596 }
597
598 ceph_calc_file_object_mapping(&ci->i_layout, off, map[0].len,
599 &objno, &objoff, &xlen);
600
601 for (i = 0; i < ext_cnt; ++i) {
602 struct ceph_sparse_extent *ext = &map[i];
603 int pgsoff = ext->off - objoff;
604 int pgidx = pgsoff >> PAGE_SHIFT;
605 int fret;
606
607 if ((ext->off | ext->len) & ~CEPH_FSCRYPT_BLOCK_MASK) {
608 pr_warn("%s: bad encrypted sparse extent idx %d off %llx len %llx\n",
609 __func__, i, ext->off, ext->len);
610 return -EIO;
611 }
612 fret = ceph_fscrypt_decrypt_pages(inode, &page[pgidx],
613 off + pgsoff, ext->len);
614 dout("%s: [%d] 0x%llx~0x%llx fret %d\n", __func__, i,
615 ext->off, ext->len, fret);
616 if (fret < 0) {
617 if (ret == 0)
618 ret = fret;
619 break;
620 }
621 ret = pgsoff + fret;
622 }
623 dout("%s: ret %d\n", __func__, ret);
624 return ret;
625 }
626
627 /**
628 * ceph_fscrypt_encrypt_pages - encrypt an array of pages
629 * @inode: pointer to inode associated with these pages
630 * @page: pointer to page array
631 * @off: offset into the file that the data starts
632 * @len: max length to encrypt
633 * @gfp: gfp flags to use for allocation
634 *
635 * Decrypt an array of cleartext pages and return the amount of
636 * data encrypted. Any data in the page prior to the start of the
637 * first complete block in the read is ignored. Any incomplete
638 * crypto blocks at the end of the array are ignored.
639 *
640 * Returns the length of the encrypted data or a negative errno.
641 */
642 int ceph_fscrypt_encrypt_pages(struct inode *inode, struct page **page, u64 off,
643 int len, gfp_t gfp)
644 {
645 int i, num_blocks;
646 u64 baseblk = off >> CEPH_FSCRYPT_BLOCK_SHIFT;
647 int ret = 0;
648
649 /*
650 * We can't deal with partial blocks on an encrypted file, so mask off
651 * the last bit.
652 */
653 num_blocks = ceph_fscrypt_blocks(off, len & CEPH_FSCRYPT_BLOCK_MASK);
654
655 /* Encrypt each block */
656 for (i = 0; i < num_blocks; ++i) {
657 int blkoff = i << CEPH_FSCRYPT_BLOCK_SHIFT;
658 int pgidx = blkoff >> PAGE_SHIFT;
659 unsigned int pgoffs = offset_in_page(blkoff);
660 int fret;
661
662 fret = ceph_fscrypt_encrypt_block_inplace(inode, page[pgidx],
663 CEPH_FSCRYPT_BLOCK_SIZE, pgoffs,
664 baseblk + i, gfp);
665 if (fret < 0) {
666 if (ret == 0)
667 ret = fret;
668 break;
669 }
670 ret += CEPH_FSCRYPT_BLOCK_SIZE;
671 }
672 return ret;
673 }
Mirror https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git