4 * Apply a WIM image directly to a NTFS volume using libntfs-3g. Restore as
5 * much information as possible, including security data, file attributes, DOS
6 * names, and alternate data streams.
10 * Copyright (C) 2012, 2013 Eric Biggers
12 * This file is part of wimlib, a library for working with WIM files.
14 * wimlib is free software; you can redistribute it and/or modify it under the
15 * terms of the GNU General Public License as published by the Free
16 * Software Foundation; either version 3 of the License, or (at your option)
19 * wimlib is distributed in the hope that it will be useful, but WITHOUT ANY
20 * WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR
21 * A PARTICULAR PURPOSE. See the GNU General Public License for more
24 * You should have received a copy of the GNU General Public License
25 * along with wimlib; if not, see http://www.gnu.org/licenses/.
42 #include <ntfs-3g/attrib.h>
43 #include <ntfs-3g/reparse.h>
44 #include <ntfs-3g/security.h>
46 #include "wimlib/apply.h"
47 #include "wimlib/encoding.h"
48 #include "wimlib/error.h"
49 #include "wimlib/lookup_table.h"
50 #include "wimlib/ntfs_3g.h"
51 #include "wimlib/paths.h"
52 #include "wimlib/resource.h"
53 #include "wimlib/security_descriptor.h"
56 ntfs_3g_apply_ctx_get_volume(struct apply_ctx *ctx)
58 return (ntfs_volume*)ctx->private[0];
62 ntfs_3g_apply_ctx_set_volume(struct apply_ctx *ctx, ntfs_volume *vol)
64 ctx->private[0] = (intptr_t)vol;
68 ntfs_3g_apply_pathname_to_inode(const char *path, struct apply_ctx *ctx)
70 ntfs_volume *vol = ntfs_3g_apply_ctx_get_volume(ctx);
71 return ntfs_pathname_to_inode(vol, NULL, path);
74 struct ntfs_attr_extract_ctx {
80 ntfs_3g_extract_wim_chunk(const void *buf, size_t len, void *_ctx)
82 struct ntfs_attr_extract_ctx *ctx = _ctx;
84 if (ntfs_attr_pwrite(ctx->na, ctx->offset, len, buf) != len)
85 return WIMLIB_ERR_WRITE;
91 ntfs_3g_open_parent_inode(const char *path, ntfs_volume *vol)
96 p = strrchr(path, '/');
98 dir_ni = ntfs_pathname_to_inode(vol, NULL, path);
104 ntfs_3g_create(const char *path, struct apply_ctx *ctx, u64 *cookie_ret,
108 ntfs_inode *dir_ni, *ni;
110 utf16lechar *name_utf16le;
111 size_t name_utf16le_nbytes;
114 vol = ntfs_3g_apply_ctx_get_volume(ctx);
116 ret = WIMLIB_ERR_OPEN;
117 dir_ni = ntfs_3g_open_parent_inode(path, vol);
121 name = path_basename(path);
122 ret = tstr_to_utf16le(name, strlen(name),
123 &name_utf16le, &name_utf16le_nbytes);
125 goto out_close_dir_ni;
127 ret = WIMLIB_ERR_OPEN;
128 ni = ntfs_create(dir_ni, 0, name_utf16le,
129 name_utf16le_nbytes / 2, mode);
131 goto out_free_name_utf16le;
132 *cookie_ret = MK_MREF(ni->mft_no, le16_to_cpu(ni->mrec->sequence_number));
133 if (ntfs_inode_close_in_dir(ni, dir_ni))
134 goto out_free_name_utf16le;
136 out_free_name_utf16le:
139 if (ntfs_inode_close(dir_ni))
140 ret = WIMLIB_ERR_WRITE;
146 ntfs_3g_create_file(const char *path, struct apply_ctx *ctx,
149 return ntfs_3g_create(path, ctx, cookie_ret, S_IFREG);
153 ntfs_3g_create_directory(const char *path, struct apply_ctx *ctx,
156 return ntfs_3g_create(path, ctx, cookie_ret, S_IFDIR);
160 ntfs_3g_create_hardlink(const char *oldpath, const char *newpath,
161 struct apply_ctx *ctx)
164 ntfs_inode *dir_ni, *ni;
166 utf16lechar *name_utf16le;
167 size_t name_utf16le_nbytes;
170 vol = ntfs_3g_apply_ctx_get_volume(ctx);
172 ret = WIMLIB_ERR_OPEN;
173 ni = ntfs_pathname_to_inode(vol, NULL, oldpath);
177 ret = WIMLIB_ERR_OPEN;
178 dir_ni = ntfs_3g_open_parent_inode(newpath, vol);
182 name = path_basename(newpath);
183 ret = tstr_to_utf16le(name, strlen(name),
184 &name_utf16le, &name_utf16le_nbytes);
186 goto out_close_dir_ni;
188 if (ntfs_link(ni, dir_ni, name_utf16le, name_utf16le_nbytes / 2))
189 ret = WIMLIB_ERR_LINK;
192 if (ntfs_inode_close(dir_ni))
193 ret = WIMLIB_ERR_WRITE;
195 if (ntfs_inode_close(ni))
196 ret = WIMLIB_ERR_WRITE;
202 * Extract a stream (default or alternate data) to an attribute of a NTFS file.
205 ntfs_3g_extract_stream(file_spec_t file, const utf16lechar *raw_stream_name,
206 size_t stream_name_nchars,
207 struct wim_lookup_table_entry *lte, struct apply_ctx *ctx)
212 struct ntfs_attr_extract_ctx extract_ctx;
213 utf16lechar *stream_name;
215 if (stream_name_nchars == 0) {
216 stream_name = AT_UNNAMED;
218 stream_name = alloca((stream_name_nchars + 1) * sizeof(utf16lechar));
219 memcpy(stream_name, raw_stream_name,
220 stream_name_nchars * sizeof(utf16lechar));
221 stream_name[stream_name_nchars] = 0;
225 if (!stream_name_nchars && !lte)
228 /* Open NTFS inode to which to extract the stream. */
229 ret = WIMLIB_ERR_OPEN;
230 ni = ntfs_inode_open(ntfs_3g_apply_ctx_get_volume(ctx), file.cookie);
234 /* Add the stream if it's not the default (unnamed) stream. */
235 ret = WIMLIB_ERR_OPEN;
236 if (stream_name_nchars)
237 if (ntfs_attr_add(ni, AT_DATA, stream_name,
238 stream_name_nchars, NULL, 0))
241 /* If stream is empty, no need to open and extract it. */
246 /* Open the stream (NTFS attribute). */
247 ret = WIMLIB_ERR_OPEN;
248 na = ntfs_attr_open(ni, AT_DATA, stream_name, stream_name_nchars);
252 /* (Optional) Immediately resize attribute to size of stream.
254 * This dramatically speeds up extraction, as demonstrated with the
255 * following timing results:
257 * 18 mins. 27 sec. to apply Windows 7 image (with resize)
258 * 32 mins. 45 sec. to apply Windows 7 image (no resize)
260 * It probably would speed things up even more if we could get NTFS-3g
261 * to skip even more useless work (for example it fills resized
262 * attributes with 0's, then we just override it.) */
263 ret = WIMLIB_ERR_WRITE;
264 if (ntfs_attr_truncate_solid(na, lte->size))
267 /* Extract stream data to the NTFS attribute. */
269 extract_ctx.offset = 0;
270 ret = extract_stream(lte, lte->size,
271 ntfs_3g_extract_wim_chunk, &extract_ctx);
272 /* Clean up and return. */
276 if (ntfs_inode_close(ni))
277 ret = WIMLIB_ERR_WRITE;
285 ntfs_3g_extract_unnamed_stream(file_spec_t file,
286 struct wim_lookup_table_entry *lte,
287 struct apply_ctx *ctx)
289 return ntfs_3g_extract_stream(file, NULL, 0, lte, ctx);
293 ntfs_3g_extract_named_stream(file_spec_t file, const utf16lechar *stream_name,
294 size_t stream_name_nchars,
295 struct wim_lookup_table_entry *lte, struct apply_ctx *ctx)
297 return ntfs_3g_extract_stream(file, stream_name,
298 stream_name_nchars, lte, ctx);
302 ntfs_3g_set_file_attributes(const char *path, u32 attributes,
303 struct apply_ctx *ctx, unsigned pass)
308 ni = ntfs_3g_apply_pathname_to_inode(path, ctx);
310 return WIMLIB_ERR_OPEN;
311 if (ntfs_set_ntfs_attrib(ni, (const char*)&attributes, sizeof(u32), 0))
312 ret = WIMLIB_ERR_SET_ATTRIBUTES;
313 if (ntfs_inode_close(ni))
314 ret = WIMLIB_ERR_WRITE;
319 ntfs_3g_set_reparse_data(const char *path, const u8 *rpbuf, u16 rpbuflen,
320 struct apply_ctx *ctx)
325 ni = ntfs_3g_apply_pathname_to_inode(path, ctx);
327 return WIMLIB_ERR_OPEN;
328 if (ntfs_set_ntfs_reparse_data(ni, rpbuf, rpbuflen, 0))
329 ret = WIMLIB_ERR_SET_REPARSE_DATA;
330 if (ntfs_inode_close(ni))
331 ret = WIMLIB_ERR_WRITE;
336 ntfs_3g_set_short_name(const char *path, const utf16lechar *short_name,
337 size_t short_name_nchars, struct apply_ctx *ctx)
339 ntfs_inode *ni, *dir_ni;
342 char *dosname = NULL;
343 size_t dosname_nbytes;
346 if (short_name_nchars == 0)
349 vol = ntfs_3g_apply_ctx_get_volume(ctx);
351 ret = WIMLIB_ERR_OPEN;
352 dir_ni = ntfs_3g_open_parent_inode(path, vol);
356 ret = WIMLIB_ERR_OPEN;
357 ni = ntfs_pathname_to_inode(vol, NULL, path);
359 goto out_close_dir_ni;
361 ret = utf16le_to_tstr(short_name, short_name_nchars * 2,
362 &dosname, &dosname_nbytes);
367 if (ntfs_set_ntfs_dos_name(ni, dir_ni, dosname,
369 ret = WIMLIB_ERR_SET_SHORT_NAME;
370 /* ntfs_set_ntfs_dos_name() always closes the inodes. */
374 if (ntfs_inode_close_in_dir(ni, dir_ni))
375 ret = WIMLIB_ERR_WRITE;
377 if (ntfs_inode_close(dir_ni))
378 ret = WIMLIB_ERR_WRITE;
384 sid_size(const wimlib_SID *sid)
386 return offsetof(wimlib_SID, sub_authority) +
387 sizeof(le32) * sid->sub_authority_count;
391 * sd_fixup - Fix up a Windows NT security descriptor for libntfs-3g.
393 * libntfs-3g validates security descriptors before setting them, but old
394 * versions contain bugs causing it to reject unusual but valid security
397 * - Versions before 2013.1.13 reject security descriptors ending with an empty
398 * SACL (System Access Control List). This bug can be worked around either by
399 * moving the empty SACL earlier in the security descriptor or by removing the
400 * SACL entirely. The latter work-around is valid because an empty SACL is
401 * equivalent to a "null", or non-existent, SACL.
402 * - Versions up to and including 2013.1.13 reject security descriptors ending
403 * with an empty DACL (Discretionary Access Control List). This is very
404 * similar to the SACL bug and should be fixed in the next release after
405 * 2013.1.13. However, removing the DACL is not a valid workaround because
406 * this changes the meaning of the security descriptor--- an empty DACL allows
407 * no access, whereas a "null" DACL allows all access.
409 * If the security descriptor was fixed, this function returns an allocated
410 * buffer containing the fixed security descriptor, and its size is updated.
411 * Otherwise (or if no memory is available) the original descriptor is returned.
414 sd_fixup(const u8 *_desc, size_t *size_p)
416 u32 owner_offset, group_offset, dacl_offset, sacl_offset;
417 bool owner_valid, group_valid;
418 size_t size = *size_p;
419 const wimlib_SECURITY_DESCRIPTOR_RELATIVE *desc =
420 (const wimlib_SECURITY_DESCRIPTOR_RELATIVE*)_desc;
421 wimlib_SECURITY_DESCRIPTOR_RELATIVE *desc_new;
422 const wimlib_SID *owner, *group, *sid;
424 /* Don't attempt to fix clearly invalid security descriptors. */
425 if (size < sizeof(wimlib_SECURITY_DESCRIPTOR_RELATIVE))
428 if (le16_to_cpu(desc->control) & wimlib_SE_DACL_PRESENT)
429 dacl_offset = le32_to_cpu(desc->dacl_offset);
433 if (le16_to_cpu(desc->control) & wimlib_SE_SACL_PRESENT)
434 sacl_offset = le32_to_cpu(desc->sacl_offset);
438 /* Check if the security descriptor will be affected by one of the bugs.
439 * If not, do nothing and return.
441 * Note: HAVE_NTFS_MNT_RDONLY is defined if libntfs-3g is
442 * version 2013.1.13 or later. */
444 #if !defined(HAVE_NTFS_MNT_RDONLY)
445 (sacl_offset != 0 && sacl_offset == size - sizeof(wimlib_ACL)) ||
447 (dacl_offset != 0 && dacl_offset == size - sizeof(wimlib_ACL))))
450 owner_offset = le32_to_cpu(desc->owner_offset);
451 group_offset = le32_to_cpu(desc->group_offset);
452 owner = (const wimlib_SID*)((const u8*)desc + owner_offset);
453 group = (const wimlib_SID*)((const u8*)desc + group_offset);
455 /* We'll try to move the owner or group SID to the end of the security
456 * descriptor to avoid the bug. This is only possible if at least one
458 owner_valid = (owner_offset != 0) &&
459 (owner_offset % 4 == 0) &&
460 (owner_offset <= size - sizeof(SID)) &&
461 (owner_offset + sid_size(owner) <= size) &&
462 (owner_offset >= sizeof(wimlib_SECURITY_DESCRIPTOR_RELATIVE));
463 group_valid = (group_offset != 0) &&
464 (group_offset % 4 == 0) &&
465 (group_offset <= size - sizeof(SID)) &&
466 (group_offset + sid_size(group) <= size) &&
467 (group_offset >= sizeof(wimlib_SECURITY_DESCRIPTOR_RELATIVE));
470 } else if (group_valid) {
476 desc_new = MALLOC(size + sid_size(sid));
477 if (desc_new == NULL)
480 memcpy(desc_new, desc, size);
482 desc_new->owner_offset = cpu_to_le32(size);
483 else if (group_valid)
484 desc_new->group_offset = cpu_to_le32(size);
485 memcpy((u8*)desc_new + size, sid, sid_size(sid));
486 *size_p = size + sid_size(sid);
487 return (u8*)desc_new;
491 ntfs_3g_set_security_descriptor(const char *path, const u8 *desc, size_t desc_size,
492 struct apply_ctx *ctx)
496 struct SECURITY_CONTEXT sec_ctx;
500 vol = ntfs_3g_apply_ctx_get_volume(ctx);
502 ni = ntfs_pathname_to_inode(vol, NULL, path);
504 return WIMLIB_ERR_OPEN;
506 memset(&sec_ctx, 0, sizeof(sec_ctx));
509 desc_fixed = sd_fixup(desc, &desc_size);
513 if (ntfs_set_ntfs_acl(&sec_ctx, ni, desc_fixed, desc_size, 0))
514 ret = WIMLIB_ERR_SET_SECURITY;
516 if (desc_fixed != desc)
519 if (ntfs_inode_close(ni))
520 ret = WIMLIB_ERR_WRITE;
526 ntfs_3g_set_timestamps(const char *path, u64 creation_time,
527 u64 last_write_time, u64 last_access_time,
528 struct apply_ctx *ctx)
530 u64 ntfs_timestamps[3];
534 ni = ntfs_3g_apply_pathname_to_inode(path, ctx);
536 return WIMLIB_ERR_OPEN;
538 /* Note: ntfs_inode_set_times() expects the times in native byte order,
539 * not little endian. */
540 ntfs_timestamps[0] = creation_time;
541 ntfs_timestamps[1] = last_write_time;
542 ntfs_timestamps[2] = last_access_time;
544 if (ntfs_inode_set_times(ni, (const char*)ntfs_timestamps,
545 sizeof(ntfs_timestamps), 0))
546 ret = WIMLIB_ERR_SET_TIMESTAMPS;
547 if (ntfs_inode_close(ni))
548 ret = WIMLIB_ERR_WRITE;
553 ntfs_3g_target_is_root(const char *target)
555 /* We always extract to the root of the NTFS volume. */
560 ntfs_3g_start_extract(const char *path, struct apply_ctx *ctx)
564 vol = ntfs_mount(ctx->target, 0);
566 ERROR_WITH_ERRNO("Failed to mount \"%"TS"\" with NTFS-3g", ctx->target);
567 return WIMLIB_ERR_OPEN;
569 ntfs_3g_apply_ctx_set_volume(ctx, vol);
571 ctx->supported_features.archive_files = 1;
572 ctx->supported_features.hidden_files = 1;
573 ctx->supported_features.system_files = 1;
574 ctx->supported_features.compressed_files = 1;
575 ctx->supported_features.encrypted_files = 0;
576 ctx->supported_features.not_context_indexed_files = 1;
577 ctx->supported_features.sparse_files = 1;
578 ctx->supported_features.named_data_streams = 1;
579 ctx->supported_features.hard_links = 1;
580 ctx->supported_features.reparse_points = 1;
581 ctx->supported_features.security_descriptors = 1;
582 ctx->supported_features.short_names = 1;
587 ntfs_3g_finish_or_abort_extract(struct apply_ctx *ctx)
591 vol = ntfs_3g_apply_ctx_get_volume(ctx);
592 if (ntfs_umount(vol, FALSE)) {
593 ERROR_WITH_ERRNO("Failed to unmount \"%"TS"\" with NTFS-3g",
595 return WIMLIB_ERR_WRITE;
601 libntfs3g_global_init(void)
603 ntfs_set_char_encoding(setlocale(LC_ALL, ""));
606 const struct apply_operations ntfs_3g_apply_ops = {
609 .target_is_root = ntfs_3g_target_is_root,
610 .start_extract = ntfs_3g_start_extract,
611 .create_file = ntfs_3g_create_file,
612 .create_directory = ntfs_3g_create_directory,
613 .create_hardlink = ntfs_3g_create_hardlink,
614 .extract_unnamed_stream = ntfs_3g_extract_unnamed_stream,
615 .extract_named_stream = ntfs_3g_extract_named_stream,
616 .set_file_attributes = ntfs_3g_set_file_attributes,
617 .set_reparse_data = ntfs_3g_set_reparse_data,
618 .set_short_name = ntfs_3g_set_short_name,
619 .set_security_descriptor = ntfs_3g_set_security_descriptor,
620 .set_timestamps = ntfs_3g_set_timestamps,
621 .abort_extract = ntfs_3g_finish_or_abort_extract,
622 .finish_extract = ntfs_3g_finish_or_abort_extract,
625 .path_prefix_nchars = 1,
626 .path_separator = '/',
629 /* By default, NTFS-3g creates names in the NTFS POSIX namespace, which
630 * is case-sensitive. */
631 .supports_case_sensitive_filenames = 1,
633 /* The root directory of the NTFS volume should not be created
635 .root_directory_is_special = 1,
637 /* NTFS-3g can open files by MFT reference. */
641 * With NTFS-3g, the extraction order of the names of a file that has a
642 * short name needs to be:
644 * 1. Create file using the long name that has an associated short name.
645 * This long name is temporarily placed in the POSIX namespace.
646 * 2. Set the short name on the file. This will either change the POSIX
647 * name to Win32 and create a new DOS name, or replace the POSIX name
648 * with a Win32+DOS name.
649 * 3. Create additional long names (links) of the file, which are placed
650 * in the POSIX namespace.
652 * The reason for this is that two issues can come up when the
653 * extraction is done otherwise:
655 * - If a DOS name is set on a file in a directory with several long
656 * names, it is ambiguous which long name to use (at least with the
657 * exported ntfs_set_ntfs_dos_name() function).
658 * - NTFS-3g 2013.1.13 will no longer allow even setting the DOS name on
659 * a file with multiple existing long names, even if those long names
660 * are in different directories and the ntfs_set_ntfs_dos_name() call
661 * is therefore unambiguous. (This was apparently changed with the
662 * FUSE interface in mind.)
664 .requires_short_name_reordering = 1,
667 #endif /* WITH_NTFS_3G */