+ HANDLE hToken;
+ LUID luid;
+ TOKEN_PRIVILEGES newState;
+ bool ret = FALSE;
+
+ if (!OpenProcessToken(GetCurrentProcess(),
+ TOKEN_ADJUST_PRIVILEGES | TOKEN_QUERY,
+ &hToken))
+ goto out;
+
+ if (!LookupPrivilegeValue(NULL, privilege, &luid))
+ goto out_close_handle;
+
+ newState.PrivilegeCount = 1;
+ newState.Privileges[0].Luid = luid;
+ newState.Privileges[0].Attributes = (enable ? SE_PRIVILEGE_ENABLED : 0);
+ SetLastError(ERROR_SUCCESS);
+ ret = AdjustTokenPrivileges(hToken, FALSE, &newState, 0, NULL, NULL);
+ if (ret && GetLastError() == ERROR_NOT_ALL_ASSIGNED)
+ ret = FALSE;
+out_close_handle:
+ CloseHandle(hToken);
+out:
+ return ret;
+}
+
+static bool
+win32_modify_capture_privileges(bool enable)
+{
+ bool ok = true;
+ ok &= win32_modify_privilege(SE_BACKUP_NAME, enable);
+ ok &= win32_modify_privilege(SE_SECURITY_NAME, enable);
+ return ok;
+}
+
+static bool
+win32_modify_apply_privileges(bool enable)
+{
+ bool ok = true;
+ ok &= win32_modify_privilege(SE_RESTORE_NAME, enable);
+ ok &= win32_modify_privilege(SE_SECURITY_NAME, enable);
+ ok &= win32_modify_privilege(SE_TAKE_OWNERSHIP_NAME, enable);
+ ok &= win32_modify_privilege(SE_MANAGE_VOLUME_NAME, enable);
+ return ok;
+}
+
+static void
+win32_release_capture_and_apply_privileges(void)
+{
+ win32_modify_capture_privileges(false);
+ win32_modify_apply_privileges(false);
+}
+
+/* Pointers to dynamically loaded functions */
+
+/* ntdll.dll */
+
+NTSTATUS (WINAPI *func_NtCreateFile)(PHANDLE FileHandle,
+ ACCESS_MASK DesiredAccess,
+ POBJECT_ATTRIBUTES ObjectAttributes,
+ PIO_STATUS_BLOCK IoStatusBlock,
+ PLARGE_INTEGER AllocationSize,
+ ULONG FileAttributes,
+ ULONG ShareAccess,
+ ULONG CreateDisposition,
+ ULONG CreateOptions,
+ PVOID EaBuffer,
+ ULONG EaLength);
+
+NTSTATUS (WINAPI *func_NtOpenFile) (PHANDLE FileHandle,
+ ACCESS_MASK DesiredAccess,
+ POBJECT_ATTRIBUTES ObjectAttributes,
+ PIO_STATUS_BLOCK IoStatusBlock,
+ ULONG ShareAccess,
+ ULONG OpenOptions);
+
+NTSTATUS (WINAPI *func_NtReadFile) (HANDLE FileHandle,
+ HANDLE Event,
+ PIO_APC_ROUTINE ApcRoutine,
+ PVOID ApcContext,
+ PIO_STATUS_BLOCK IoStatusBlock,
+ PVOID Buffer,
+ ULONG Length,
+ PLARGE_INTEGER ByteOffset,
+ PULONG Key);
+
+NTSTATUS (WINAPI *func_NtWriteFile) (HANDLE FileHandle,
+ HANDLE Event,
+ PIO_APC_ROUTINE ApcRoutine,
+ PVOID ApcContext,
+ PIO_STATUS_BLOCK IoStatusBlock,
+ PVOID Buffer,
+ ULONG Length,
+ PLARGE_INTEGER ByteOffset,
+ PULONG Key);
+
+NTSTATUS (WINAPI *func_NtQueryInformationFile)(HANDLE FileHandle,
+ PIO_STATUS_BLOCK IoStatusBlock,
+ PVOID FileInformation,
+ ULONG Length,
+ FILE_INFORMATION_CLASS FileInformationClass);
+
+NTSTATUS (WINAPI *func_NtQuerySecurityObject)(HANDLE handle,
+ SECURITY_INFORMATION SecurityInformation,
+ PSECURITY_DESCRIPTOR SecurityDescriptor,
+ ULONG Length,
+ PULONG LengthNeeded);
+
+NTSTATUS (WINAPI *func_NtQueryDirectoryFile) (HANDLE FileHandle,
+ HANDLE Event,
+ PIO_APC_ROUTINE ApcRoutine,
+ PVOID ApcContext,
+ PIO_STATUS_BLOCK IoStatusBlock,
+ PVOID FileInformation,
+ ULONG Length,
+ FILE_INFORMATION_CLASS FileInformationClass,
+ BOOLEAN ReturnSingleEntry,
+ PUNICODE_STRING FileName,
+ BOOLEAN RestartScan);
+
+NTSTATUS (WINAPI *func_NtQueryVolumeInformationFile) (HANDLE FileHandle,
+ PIO_STATUS_BLOCK IoStatusBlock,
+ PVOID FsInformation,
+ ULONG Length,
+ FS_INFORMATION_CLASS FsInformationClass);
+
+NTSTATUS (WINAPI *func_NtSetInformationFile)(HANDLE FileHandle,
+ PIO_STATUS_BLOCK IoStatusBlock,
+ PVOID FileInformation,
+ ULONG Length,
+ FILE_INFORMATION_CLASS FileInformationClass);
+
+NTSTATUS (WINAPI *func_NtSetSecurityObject)(HANDLE Handle,
+ SECURITY_INFORMATION SecurityInformation,
+ PSECURITY_DESCRIPTOR SecurityDescriptor);
+
+NTSTATUS (WINAPI *func_NtFsControlFile) (HANDLE FileHandle,
+ HANDLE Event,
+ PIO_APC_ROUTINE ApcRoutine,
+ PVOID ApcContext,
+ PIO_STATUS_BLOCK IoStatusBlock,
+ ULONG FsControlCode,
+ PVOID InputBuffer,
+ ULONG InputBufferLength,
+ PVOID OutputBuffer,
+ ULONG OutputBufferLength);
+
+NTSTATUS (WINAPI *func_NtClose) (HANDLE Handle);
+
+DWORD (WINAPI *func_RtlNtStatusToDosError)(NTSTATUS status);
+
+BOOLEAN (WINAPI *func_RtlDosPathNameToNtPathName_U)
+ (IN PCWSTR DosName,
+ OUT PUNICODE_STRING NtName,
+ OUT PCWSTR *PartName,
+ OUT PRTL_RELATIVE_NAME_U RelativeName);
+
+NTSTATUS (WINAPI *func_RtlDosPathNameToNtPathName_U_WithStatus)
+ (IN PCWSTR DosName,
+ OUT PUNICODE_STRING NtName,
+ OUT PCWSTR *PartName,
+ OUT PRTL_RELATIVE_NAME_U RelativeName);
+
+NTSTATUS (WINAPI *func_RtlCreateSystemVolumeInformationFolder)
+ (PCUNICODE_STRING VolumeRootPath);
+
+static bool acquired_privileges = false;
+
+struct dll_sym {
+ void **func_ptr;
+ const char *name;
+ bool required;
+};
+
+#define DLL_SYM(name, required) { (void **)&func_##name, #name, required }
+
+#define for_each_sym(sym, spec) \
+ for ((sym) = (spec)->syms; (sym)->name; (sym)++)
+
+struct dll_spec {
+ const wchar_t *name;
+ HMODULE handle;
+ const struct dll_sym syms[];
+};
+
+struct dll_spec ntdll_spec = {
+ .name = L"ntdll.dll",
+ .syms = {
+ DLL_SYM(NtCreateFile, true),
+ DLL_SYM(NtOpenFile, true),
+ DLL_SYM(NtReadFile, true),
+ DLL_SYM(NtWriteFile, true),
+ DLL_SYM(NtQueryInformationFile, true),
+ DLL_SYM(NtQuerySecurityObject, true),
+ DLL_SYM(NtQueryDirectoryFile, true),
+ DLL_SYM(NtQueryVolumeInformationFile, true),
+ DLL_SYM(NtSetInformationFile, true),
+ DLL_SYM(NtSetSecurityObject, true),
+ DLL_SYM(NtFsControlFile, true),
+ DLL_SYM(NtClose, true),
+ DLL_SYM(RtlNtStatusToDosError, true),
+ DLL_SYM(RtlCreateSystemVolumeInformationFolder, false),
+ DLL_SYM(RtlDosPathNameToNtPathName_U, true),
+ DLL_SYM(RtlDosPathNameToNtPathName_U_WithStatus, false), /* Not present on XP */
+ {NULL, NULL},
+ },
+};
+
+static int
+init_dll(struct dll_spec *spec)
+{
+ const struct dll_sym *sym;
+ void *addr;
+
+ if (!spec->handle)
+ spec->handle = LoadLibrary(spec->name);
+ if (!spec->handle) {
+ for_each_sym(sym, spec) {
+ if (sym->required) {
+ ERROR("%ls could not be loaded!", spec->name);
+ return WIMLIB_ERR_UNSUPPORTED;
+ }
+ }
+ return 0;
+ }
+ for_each_sym(sym, spec) {
+ addr = (void *)GetProcAddress(spec->handle, sym->name);
+ if (addr) {
+ *(sym->func_ptr) = addr;
+ } else if (sym->required) {
+ ERROR("Can't find %s in %ls", sym->name, spec->name);
+ return WIMLIB_ERR_UNSUPPORTED;
+ }
+ }
+ return 0;
+}
+
+static void
+cleanup_dll(struct dll_spec *spec)
+{
+ const struct dll_sym *sym;
+
+ if (spec->handle) {
+ FreeLibrary(spec->handle);
+ spec->handle = NULL;
+
+ for_each_sym(sym, spec)
+ *(sym->func_ptr) = NULL;