• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 /*
2  * Copyright 1999-2017 The OpenSSL Project Authors. All Rights Reserved.
3  *
4  * Licensed under the OpenSSL license (the "License").  You may not use
5  * this file except in compliance with the License.  You can obtain a copy
6  * in the file LICENSE in the source distribution or at
7  * https://www.openssl.org/source/license.html
8  */
9 
10 /*
11  * Special method for a BIO where the other endpoint is also a BIO of this
12  * kind, handled by the same thread (i.e. the "peer" is actually ourselves,
13  * wearing a different hat). Such "BIO pairs" are mainly for using the SSL
14  * library with I/O interfaces for which no specific BIO method is available.
15  * See ssl/ssltest.c for some hints on how this can be used.
16  */
17 
18 #include "e_os.h"
19 #include <assert.h>
20 #include <limits.h>
21 #include <stdlib.h>
22 #include <string.h>
23 
24 #include "bio_local.h"
25 #include <openssl/err.h>
26 #include <openssl/crypto.h>
27 
28 static int bio_new(BIO *bio);
29 static int bio_free(BIO *bio);
30 static int bio_read(BIO *bio, char *buf, int size);
31 static int bio_write(BIO *bio, const char *buf, int num);
32 static long bio_ctrl(BIO *bio, int cmd, long num, void *ptr);
33 static int bio_puts(BIO *bio, const char *str);
34 
35 static int bio_make_pair(BIO *bio1, BIO *bio2);
36 static void bio_destroy_pair(BIO *bio);
37 
38 static const BIO_METHOD methods_biop = {
39     BIO_TYPE_BIO,
40     "BIO pair",
41     /* TODO: Convert to new style write function */
42     bwrite_conv,
43     bio_write,
44     /* TODO: Convert to new style read function */
45     bread_conv,
46     bio_read,
47     bio_puts,
48     NULL /* no bio_gets */ ,
49     bio_ctrl,
50     bio_new,
51     bio_free,
52     NULL                        /* no bio_callback_ctrl */
53 };
54 
BIO_s_bio(void)55 const BIO_METHOD *BIO_s_bio(void)
56 {
57     return &methods_biop;
58 }
59 
60 struct bio_bio_st {
61     BIO *peer;                  /* NULL if buf == NULL. If peer != NULL, then
62                                  * peer->ptr is also a bio_bio_st, and its
63                                  * "peer" member points back to us. peer !=
64                                  * NULL iff init != 0 in the BIO. */
65     /* This is for what we write (i.e. reading uses peer's struct): */
66     int closed;                 /* valid iff peer != NULL */
67     size_t len;                 /* valid iff buf != NULL; 0 if peer == NULL */
68     size_t offset;              /* valid iff buf != NULL; 0 if len == 0 */
69     size_t size;
70     char *buf;                  /* "size" elements (if != NULL) */
71     size_t request;             /* valid iff peer != NULL; 0 if len != 0,
72                                  * otherwise set by peer to number of bytes
73                                  * it (unsuccessfully) tried to read, never
74                                  * more than buffer space (size-len)
75                                  * warrants. */
76 };
77 
bio_new(BIO * bio)78 static int bio_new(BIO *bio)
79 {
80     struct bio_bio_st *b = OPENSSL_zalloc(sizeof(*b));
81 
82     if (b == NULL)
83         return 0;
84 
85     /* enough for one TLS record (just a default) */
86     b->size = 17 * 1024;
87 
88     bio->ptr = b;
89     return 1;
90 }
91 
bio_free(BIO * bio)92 static int bio_free(BIO *bio)
93 {
94     struct bio_bio_st *b;
95 
96     if (bio == NULL)
97         return 0;
98     b = bio->ptr;
99 
100     assert(b != NULL);
101 
102     if (b->peer)
103         bio_destroy_pair(bio);
104 
105     OPENSSL_free(b->buf);
106     OPENSSL_free(b);
107 
108     return 1;
109 }
110 
bio_read(BIO * bio,char * buf,int size_)111 static int bio_read(BIO *bio, char *buf, int size_)
112 {
113     size_t size = size_;
114     size_t rest;
115     struct bio_bio_st *b, *peer_b;
116 
117     BIO_clear_retry_flags(bio);
118 
119     if (!bio->init)
120         return 0;
121 
122     b = bio->ptr;
123     assert(b != NULL);
124     assert(b->peer != NULL);
125     peer_b = b->peer->ptr;
126     assert(peer_b != NULL);
127     assert(peer_b->buf != NULL);
128 
129     peer_b->request = 0;        /* will be set in "retry_read" situation */
130 
131     if (buf == NULL || size == 0)
132         return 0;
133 
134     if (peer_b->len == 0) {
135         if (peer_b->closed)
136             return 0;           /* writer has closed, and no data is left */
137         else {
138             BIO_set_retry_read(bio); /* buffer is empty */
139             if (size <= peer_b->size)
140                 peer_b->request = size;
141             else
142                 /*
143                  * don't ask for more than the peer can deliver in one write
144                  */
145                 peer_b->request = peer_b->size;
146             return -1;
147         }
148     }
149 
150     /* we can read */
151     if (peer_b->len < size)
152         size = peer_b->len;
153 
154     /* now read "size" bytes */
155 
156     rest = size;
157 
158     assert(rest > 0);
159     do {                        /* one or two iterations */
160         size_t chunk;
161 
162         assert(rest <= peer_b->len);
163         if (peer_b->offset + rest <= peer_b->size)
164             chunk = rest;
165         else
166             /* wrap around ring buffer */
167             chunk = peer_b->size - peer_b->offset;
168         assert(peer_b->offset + chunk <= peer_b->size);
169 
170         memcpy(buf, peer_b->buf + peer_b->offset, chunk);
171 
172         peer_b->len -= chunk;
173         if (peer_b->len) {
174             peer_b->offset += chunk;
175             assert(peer_b->offset <= peer_b->size);
176             if (peer_b->offset == peer_b->size)
177                 peer_b->offset = 0;
178             buf += chunk;
179         } else {
180             /* buffer now empty, no need to advance "buf" */
181             assert(chunk == rest);
182             peer_b->offset = 0;
183         }
184         rest -= chunk;
185     }
186     while (rest);
187 
188     return size;
189 }
190 
191 /*-
192  * non-copying interface: provide pointer to available data in buffer
193  *    bio_nread0:  return number of available bytes
194  *    bio_nread:   also advance index
195  * (example usage:  bio_nread0(), read from buffer, bio_nread()
196  *  or just         bio_nread(), read from buffer)
197  */
198 /*
199  * WARNING: The non-copying interface is largely untested as of yet and may
200  * contain bugs.
201  */
bio_nread0(BIO * bio,char ** buf)202 static ossl_ssize_t bio_nread0(BIO *bio, char **buf)
203 {
204     struct bio_bio_st *b, *peer_b;
205     ossl_ssize_t num;
206 
207     BIO_clear_retry_flags(bio);
208 
209     if (!bio->init)
210         return 0;
211 
212     b = bio->ptr;
213     assert(b != NULL);
214     assert(b->peer != NULL);
215     peer_b = b->peer->ptr;
216     assert(peer_b != NULL);
217     assert(peer_b->buf != NULL);
218 
219     peer_b->request = 0;
220 
221     if (peer_b->len == 0) {
222         char dummy;
223 
224         /* avoid code duplication -- nothing available for reading */
225         return bio_read(bio, &dummy, 1); /* returns 0 or -1 */
226     }
227 
228     num = peer_b->len;
229     if (peer_b->size < peer_b->offset + num)
230         /* no ring buffer wrap-around for non-copying interface */
231         num = peer_b->size - peer_b->offset;
232     assert(num > 0);
233 
234     if (buf != NULL)
235         *buf = peer_b->buf + peer_b->offset;
236     return num;
237 }
238 
bio_nread(BIO * bio,char ** buf,size_t num_)239 static ossl_ssize_t bio_nread(BIO *bio, char **buf, size_t num_)
240 {
241     struct bio_bio_st *b, *peer_b;
242     ossl_ssize_t num, available;
243 
244     if (num_ > OSSL_SSIZE_MAX)
245         num = OSSL_SSIZE_MAX;
246     else
247         num = (ossl_ssize_t) num_;
248 
249     available = bio_nread0(bio, buf);
250     if (num > available)
251         num = available;
252     if (num <= 0)
253         return num;
254 
255     b = bio->ptr;
256     peer_b = b->peer->ptr;
257 
258     peer_b->len -= num;
259     if (peer_b->len) {
260         peer_b->offset += num;
261         assert(peer_b->offset <= peer_b->size);
262         if (peer_b->offset == peer_b->size)
263             peer_b->offset = 0;
264     } else
265         peer_b->offset = 0;
266 
267     return num;
268 }
269 
bio_write(BIO * bio,const char * buf,int num_)270 static int bio_write(BIO *bio, const char *buf, int num_)
271 {
272     size_t num = num_;
273     size_t rest;
274     struct bio_bio_st *b;
275 
276     BIO_clear_retry_flags(bio);
277 
278     if (!bio->init || buf == NULL || num == 0)
279         return 0;
280 
281     b = bio->ptr;
282     assert(b != NULL);
283     assert(b->peer != NULL);
284     assert(b->buf != NULL);
285 
286     b->request = 0;
287     if (b->closed) {
288         /* we already closed */
289         BIOerr(BIO_F_BIO_WRITE, BIO_R_BROKEN_PIPE);
290         return -1;
291     }
292 
293     assert(b->len <= b->size);
294 
295     if (b->len == b->size) {
296         BIO_set_retry_write(bio); /* buffer is full */
297         return -1;
298     }
299 
300     /* we can write */
301     if (num > b->size - b->len)
302         num = b->size - b->len;
303 
304     /* now write "num" bytes */
305 
306     rest = num;
307 
308     assert(rest > 0);
309     do {                        /* one or two iterations */
310         size_t write_offset;
311         size_t chunk;
312 
313         assert(b->len + rest <= b->size);
314 
315         write_offset = b->offset + b->len;
316         if (write_offset >= b->size)
317             write_offset -= b->size;
318         /* b->buf[write_offset] is the first byte we can write to. */
319 
320         if (write_offset + rest <= b->size)
321             chunk = rest;
322         else
323             /* wrap around ring buffer */
324             chunk = b->size - write_offset;
325 
326         memcpy(b->buf + write_offset, buf, chunk);
327 
328         b->len += chunk;
329 
330         assert(b->len <= b->size);
331 
332         rest -= chunk;
333         buf += chunk;
334     }
335     while (rest);
336 
337     return num;
338 }
339 
340 /*-
341  * non-copying interface: provide pointer to region to write to
342  *   bio_nwrite0:  check how much space is available
343  *   bio_nwrite:   also increase length
344  * (example usage:  bio_nwrite0(), write to buffer, bio_nwrite()
345  *  or just         bio_nwrite(), write to buffer)
346  */
bio_nwrite0(BIO * bio,char ** buf)347 static ossl_ssize_t bio_nwrite0(BIO *bio, char **buf)
348 {
349     struct bio_bio_st *b;
350     size_t num;
351     size_t write_offset;
352 
353     BIO_clear_retry_flags(bio);
354 
355     if (!bio->init)
356         return 0;
357 
358     b = bio->ptr;
359     assert(b != NULL);
360     assert(b->peer != NULL);
361     assert(b->buf != NULL);
362 
363     b->request = 0;
364     if (b->closed) {
365         BIOerr(BIO_F_BIO_NWRITE0, BIO_R_BROKEN_PIPE);
366         return -1;
367     }
368 
369     assert(b->len <= b->size);
370 
371     if (b->len == b->size) {
372         BIO_set_retry_write(bio);
373         return -1;
374     }
375 
376     num = b->size - b->len;
377     write_offset = b->offset + b->len;
378     if (write_offset >= b->size)
379         write_offset -= b->size;
380     if (write_offset + num > b->size)
381         /*
382          * no ring buffer wrap-around for non-copying interface (to fulfil
383          * the promise by BIO_ctrl_get_write_guarantee, BIO_nwrite may have
384          * to be called twice)
385          */
386         num = b->size - write_offset;
387 
388     if (buf != NULL)
389         *buf = b->buf + write_offset;
390     assert(write_offset + num <= b->size);
391 
392     return num;
393 }
394 
bio_nwrite(BIO * bio,char ** buf,size_t num_)395 static ossl_ssize_t bio_nwrite(BIO *bio, char **buf, size_t num_)
396 {
397     struct bio_bio_st *b;
398     ossl_ssize_t num, space;
399 
400     if (num_ > OSSL_SSIZE_MAX)
401         num = OSSL_SSIZE_MAX;
402     else
403         num = (ossl_ssize_t) num_;
404 
405     space = bio_nwrite0(bio, buf);
406     if (num > space)
407         num = space;
408     if (num <= 0)
409         return num;
410     b = bio->ptr;
411     assert(b != NULL);
412     b->len += num;
413     assert(b->len <= b->size);
414 
415     return num;
416 }
417 
bio_ctrl(BIO * bio,int cmd,long num,void * ptr)418 static long bio_ctrl(BIO *bio, int cmd, long num, void *ptr)
419 {
420     long ret;
421     struct bio_bio_st *b = bio->ptr;
422 
423     assert(b != NULL);
424 
425     switch (cmd) {
426         /* specific CTRL codes */
427 
428     case BIO_C_SET_WRITE_BUF_SIZE:
429         if (b->peer) {
430             BIOerr(BIO_F_BIO_CTRL, BIO_R_IN_USE);
431             ret = 0;
432         } else if (num == 0) {
433             BIOerr(BIO_F_BIO_CTRL, BIO_R_INVALID_ARGUMENT);
434             ret = 0;
435         } else {
436             size_t new_size = num;
437 
438             if (b->size != new_size) {
439                 OPENSSL_free(b->buf);
440                 b->buf = NULL;
441                 b->size = new_size;
442             }
443             ret = 1;
444         }
445         break;
446 
447     case BIO_C_GET_WRITE_BUF_SIZE:
448         ret = (long)b->size;
449         break;
450 
451     case BIO_C_MAKE_BIO_PAIR:
452         {
453             BIO *other_bio = ptr;
454 
455             if (bio_make_pair(bio, other_bio))
456                 ret = 1;
457             else
458                 ret = 0;
459         }
460         break;
461 
462     case BIO_C_DESTROY_BIO_PAIR:
463         /*
464          * Affects both BIOs in the pair -- call just once! Or let
465          * BIO_free(bio1); BIO_free(bio2); do the job.
466          */
467         bio_destroy_pair(bio);
468         ret = 1;
469         break;
470 
471     case BIO_C_GET_WRITE_GUARANTEE:
472         /*
473          * How many bytes can the caller feed to the next write without
474          * having to keep any?
475          */
476         if (b->peer == NULL || b->closed)
477             ret = 0;
478         else
479             ret = (long)b->size - b->len;
480         break;
481 
482     case BIO_C_GET_READ_REQUEST:
483         /*
484          * If the peer unsuccessfully tried to read, how many bytes were
485          * requested? (As with BIO_CTRL_PENDING, that number can usually be
486          * treated as boolean.)
487          */
488         ret = (long)b->request;
489         break;
490 
491     case BIO_C_RESET_READ_REQUEST:
492         /*
493          * Reset request.  (Can be useful after read attempts at the other
494          * side that are meant to be non-blocking, e.g. when probing SSL_read
495          * to see if any data is available.)
496          */
497         b->request = 0;
498         ret = 1;
499         break;
500 
501     case BIO_C_SHUTDOWN_WR:
502         /* similar to shutdown(..., SHUT_WR) */
503         b->closed = 1;
504         ret = 1;
505         break;
506 
507     case BIO_C_NREAD0:
508         /* prepare for non-copying read */
509         ret = (long)bio_nread0(bio, ptr);
510         break;
511 
512     case BIO_C_NREAD:
513         /* non-copying read */
514         ret = (long)bio_nread(bio, ptr, (size_t)num);
515         break;
516 
517     case BIO_C_NWRITE0:
518         /* prepare for non-copying write */
519         ret = (long)bio_nwrite0(bio, ptr);
520         break;
521 
522     case BIO_C_NWRITE:
523         /* non-copying write */
524         ret = (long)bio_nwrite(bio, ptr, (size_t)num);
525         break;
526 
527         /* standard CTRL codes follow */
528 
529     case BIO_CTRL_RESET:
530         if (b->buf != NULL) {
531             b->len = 0;
532             b->offset = 0;
533         }
534         ret = 0;
535         break;
536 
537     case BIO_CTRL_GET_CLOSE:
538         ret = bio->shutdown;
539         break;
540 
541     case BIO_CTRL_SET_CLOSE:
542         bio->shutdown = (int)num;
543         ret = 1;
544         break;
545 
546     case BIO_CTRL_PENDING:
547         if (b->peer != NULL) {
548             struct bio_bio_st *peer_b = b->peer->ptr;
549 
550             ret = (long)peer_b->len;
551         } else
552             ret = 0;
553         break;
554 
555     case BIO_CTRL_WPENDING:
556         if (b->buf != NULL)
557             ret = (long)b->len;
558         else
559             ret = 0;
560         break;
561 
562     case BIO_CTRL_DUP:
563         /* See BIO_dup_chain for circumstances we have to expect. */
564         {
565             BIO *other_bio = ptr;
566             struct bio_bio_st *other_b;
567 
568             assert(other_bio != NULL);
569             other_b = other_bio->ptr;
570             assert(other_b != NULL);
571 
572             assert(other_b->buf == NULL); /* other_bio is always fresh */
573 
574             other_b->size = b->size;
575         }
576 
577         ret = 1;
578         break;
579 
580     case BIO_CTRL_FLUSH:
581         ret = 1;
582         break;
583 
584     case BIO_CTRL_EOF:
585         if (b->peer != NULL) {
586             struct bio_bio_st *peer_b = b->peer->ptr;
587 
588             if (peer_b->len == 0 && peer_b->closed)
589                 ret = 1;
590             else
591                 ret = 0;
592         } else {
593             ret = 1;
594         }
595         break;
596 
597     default:
598         ret = 0;
599     }
600     return ret;
601 }
602 
bio_puts(BIO * bio,const char * str)603 static int bio_puts(BIO *bio, const char *str)
604 {
605     return bio_write(bio, str, strlen(str));
606 }
607 
bio_make_pair(BIO * bio1,BIO * bio2)608 static int bio_make_pair(BIO *bio1, BIO *bio2)
609 {
610     struct bio_bio_st *b1, *b2;
611 
612     assert(bio1 != NULL);
613     assert(bio2 != NULL);
614 
615     b1 = bio1->ptr;
616     b2 = bio2->ptr;
617 
618     if (b1->peer != NULL || b2->peer != NULL) {
619         BIOerr(BIO_F_BIO_MAKE_PAIR, BIO_R_IN_USE);
620         return 0;
621     }
622 
623     if (b1->buf == NULL) {
624         b1->buf = OPENSSL_malloc(b1->size);
625         if (b1->buf == NULL) {
626             BIOerr(BIO_F_BIO_MAKE_PAIR, ERR_R_MALLOC_FAILURE);
627             return 0;
628         }
629         b1->len = 0;
630         b1->offset = 0;
631     }
632 
633     if (b2->buf == NULL) {
634         b2->buf = OPENSSL_malloc(b2->size);
635         if (b2->buf == NULL) {
636             BIOerr(BIO_F_BIO_MAKE_PAIR, ERR_R_MALLOC_FAILURE);
637             return 0;
638         }
639         b2->len = 0;
640         b2->offset = 0;
641     }
642 
643     b1->peer = bio2;
644     b1->closed = 0;
645     b1->request = 0;
646     b2->peer = bio1;
647     b2->closed = 0;
648     b2->request = 0;
649 
650     bio1->init = 1;
651     bio2->init = 1;
652 
653     return 1;
654 }
655 
bio_destroy_pair(BIO * bio)656 static void bio_destroy_pair(BIO *bio)
657 {
658     struct bio_bio_st *b = bio->ptr;
659 
660     if (b != NULL) {
661         BIO *peer_bio = b->peer;
662 
663         if (peer_bio != NULL) {
664             struct bio_bio_st *peer_b = peer_bio->ptr;
665 
666             assert(peer_b != NULL);
667             assert(peer_b->peer == bio);
668 
669             peer_b->peer = NULL;
670             peer_bio->init = 0;
671             assert(peer_b->buf != NULL);
672             peer_b->len = 0;
673             peer_b->offset = 0;
674 
675             b->peer = NULL;
676             bio->init = 0;
677             assert(b->buf != NULL);
678             b->len = 0;
679             b->offset = 0;
680         }
681     }
682 }
683 
684 /* Exported convenience functions */
BIO_new_bio_pair(BIO ** bio1_p,size_t writebuf1,BIO ** bio2_p,size_t writebuf2)685 int BIO_new_bio_pair(BIO **bio1_p, size_t writebuf1,
686                      BIO **bio2_p, size_t writebuf2)
687 {
688     BIO *bio1 = NULL, *bio2 = NULL;
689     long r;
690     int ret = 0;
691 
692     bio1 = BIO_new(BIO_s_bio());
693     if (bio1 == NULL)
694         goto err;
695     bio2 = BIO_new(BIO_s_bio());
696     if (bio2 == NULL)
697         goto err;
698 
699     if (writebuf1) {
700         r = BIO_set_write_buf_size(bio1, writebuf1);
701         if (!r)
702             goto err;
703     }
704     if (writebuf2) {
705         r = BIO_set_write_buf_size(bio2, writebuf2);
706         if (!r)
707             goto err;
708     }
709 
710     r = BIO_make_bio_pair(bio1, bio2);
711     if (!r)
712         goto err;
713     ret = 1;
714 
715  err:
716     if (ret == 0) {
717         BIO_free(bio1);
718         bio1 = NULL;
719         BIO_free(bio2);
720         bio2 = NULL;
721     }
722 
723     *bio1_p = bio1;
724     *bio2_p = bio2;
725     return ret;
726 }
727 
BIO_ctrl_get_write_guarantee(BIO * bio)728 size_t BIO_ctrl_get_write_guarantee(BIO *bio)
729 {
730     return BIO_ctrl(bio, BIO_C_GET_WRITE_GUARANTEE, 0, NULL);
731 }
732 
BIO_ctrl_get_read_request(BIO * bio)733 size_t BIO_ctrl_get_read_request(BIO *bio)
734 {
735     return BIO_ctrl(bio, BIO_C_GET_READ_REQUEST, 0, NULL);
736 }
737 
BIO_ctrl_reset_read_request(BIO * bio)738 int BIO_ctrl_reset_read_request(BIO *bio)
739 {
740     return (BIO_ctrl(bio, BIO_C_RESET_READ_REQUEST, 0, NULL) != 0);
741 }
742 
743 /*
744  * BIO_nread0/nread/nwrite0/nwrite are available only for BIO pairs for now
745  * (conceivably some other BIOs could allow non-copying reads and writes
746  * too.)
747  */
BIO_nread0(BIO * bio,char ** buf)748 int BIO_nread0(BIO *bio, char **buf)
749 {
750     long ret;
751 
752     if (!bio->init) {
753         BIOerr(BIO_F_BIO_NREAD0, BIO_R_UNINITIALIZED);
754         return -2;
755     }
756 
757     ret = BIO_ctrl(bio, BIO_C_NREAD0, 0, buf);
758     if (ret > INT_MAX)
759         return INT_MAX;
760     else
761         return (int)ret;
762 }
763 
BIO_nread(BIO * bio,char ** buf,int num)764 int BIO_nread(BIO *bio, char **buf, int num)
765 {
766     int ret;
767 
768     if (!bio->init) {
769         BIOerr(BIO_F_BIO_NREAD, BIO_R_UNINITIALIZED);
770         return -2;
771     }
772 
773     ret = (int)BIO_ctrl(bio, BIO_C_NREAD, num, buf);
774     if (ret > 0)
775         bio->num_read += ret;
776     return ret;
777 }
778 
BIO_nwrite0(BIO * bio,char ** buf)779 int BIO_nwrite0(BIO *bio, char **buf)
780 {
781     long ret;
782 
783     if (!bio->init) {
784         BIOerr(BIO_F_BIO_NWRITE0, BIO_R_UNINITIALIZED);
785         return -2;
786     }
787 
788     ret = BIO_ctrl(bio, BIO_C_NWRITE0, 0, buf);
789     if (ret > INT_MAX)
790         return INT_MAX;
791     else
792         return (int)ret;
793 }
794 
BIO_nwrite(BIO * bio,char ** buf,int num)795 int BIO_nwrite(BIO *bio, char **buf, int num)
796 {
797     int ret;
798 
799     if (!bio->init) {
800         BIOerr(BIO_F_BIO_NWRITE, BIO_R_UNINITIALIZED);
801         return -2;
802     }
803 
804     ret = BIO_ctrl(bio, BIO_C_NWRITE, num, buf);
805     if (ret > 0)
806         bio->num_write += ret;
807     return ret;
808 }
809