*/
/*
- * Copyright (C) 2013-2016 Eric Biggers
+ * Copyright (C) 2013-2021 Eric Biggers
*
* This file is free software; you can redistribute it and/or modify it under
* the terms of the GNU Lesser General Public License as published by the Free
#include "wimlib/assert.h"
#include "wimlib/blob_table.h"
-#include "wimlib/capture.h"
#include "wimlib/dentry.h"
#include "wimlib/encoding.h"
#include "wimlib/endianness.h"
#include "wimlib/error.h"
+#include "wimlib/object_id.h"
#include "wimlib/paths.h"
#include "wimlib/reparse.h"
+#include "wimlib/scan.h"
#include "wimlib/win32_vss.h"
#include "wimlib/wof.h"
+#include "wimlib/xattr.h"
struct winnt_scan_ctx {
- struct capture_params *params;
+ struct scan_params *params;
bool is_ntfs;
u32 vol_flags;
unsigned long num_get_sd_access_denied;
};
static inline const wchar_t *
-printable_path(const wchar_t *full_path)
+printable_path(const struct winnt_scan_ctx *ctx)
{
/* Skip over \\?\ or \??\ */
- return full_path + 4;
+ return ctx->params->cur_path + 4;
}
/* Description of where data is located on a Windows filesystem */
static int
read_winnt_stream_prefix(const struct windows_file *file,
- u64 size, const struct read_blob_callbacks *cbs)
+ u64 size, const struct consume_chunk_callback *cb)
{
IO_STATUS_BLOCK iosb;
UNICODE_STRING name = {
bytes_read = iosb.Information;
bytes_remaining -= bytes_read;
- ret = call_consume_chunk(buf, bytes_read, cbs);
+ ret = consume_chunk(cb, buf, bytes_read);
if (ret)
break;
}
}
struct win32_encrypted_read_ctx {
- const struct read_blob_callbacks *cbs;
+ const struct consume_chunk_callback *cb;
int wimlib_err_code;
u64 bytes_remaining;
};
if (bytes_to_consume == 0)
return ERROR_SUCCESS;
- ret = call_consume_chunk(data, bytes_to_consume, ctx->cbs);
+ ret = consume_chunk(ctx->cb, data, bytes_to_consume);
if (ret) {
ctx->wimlib_err_code = ret;
/* It doesn't matter what error code is returned here, as long
static int
read_win32_encrypted_file_prefix(const wchar_t *path, bool is_dir, u64 size,
- const struct read_blob_callbacks *cbs)
+ const struct consume_chunk_callback *cb)
{
struct win32_encrypted_read_ctx export_ctx;
DWORD err;
if (is_dir)
flags |= CREATE_FOR_DIR;
- export_ctx.cbs = cbs;
+ export_ctx.cb = cb;
export_ctx.wimlib_err_code = 0;
export_ctx.bytes_remaining = size;
if (err != ERROR_SUCCESS) {
win32_error(err,
L"Failed to open encrypted file \"%ls\" for raw read",
- printable_path(path));
+ path);
return WIMLIB_ERR_OPEN;
}
err = ReadEncryptedFileRaw(win32_encrypted_export_cb,
if (ret == 0) {
win32_error(err,
L"Failed to read encrypted file \"%ls\"",
- printable_path(path));
+ path);
ret = WIMLIB_ERR_READ;
}
} else if (export_ctx.bytes_remaining != 0) {
ERROR("Only could read %"PRIu64" of %"PRIu64" bytes from "
"encrypted file \"%ls\"",
size - export_ctx.bytes_remaining, size,
- printable_path(path));
+ path);
ret = WIMLIB_ERR_READ;
} else {
ret = 0;
* described by @blob. */
int
read_windows_file_prefix(const struct blob_descriptor *blob, u64 size,
- const struct read_blob_callbacks *cbs)
+ const struct consume_chunk_callback *cb,
+ bool recover_data)
{
const struct windows_file *file = blob->windows_file;
if (unlikely(file->is_encrypted)) {
bool is_dir = (blob->file_inode->i_attributes & FILE_ATTRIBUTE_DIRECTORY);
- return read_win32_encrypted_file_prefix(file->path, is_dir, size, cbs);
+ return read_win32_encrypted_file_prefix(file->path, is_dir, size, cb);
}
- return read_winnt_stream_prefix(file, size, cbs);
+ return read_winnt_stream_prefix(file, size, cb);
}
/*
*/
static noinline_for_stack int
winnt_load_security_descriptor(HANDLE h, struct wim_inode *inode,
- const wchar_t *full_path,
struct winnt_scan_ctx *ctx)
{
SECURITY_INFORMATION requestedInformation;
FREE(buf);
if (!NT_SUCCESS(status)) {
winnt_error(status, L"\"%ls\": Can't read security descriptor",
- printable_path(full_path));
+ printable_path(ctx));
return WIMLIB_ERR_STAT;
}
return 0;
}
+/* Load a file's object ID into the corresponding WIM inode. */
+static noinline_for_stack int
+winnt_load_object_id(HANDLE h, struct wim_inode *inode,
+ struct winnt_scan_ctx *ctx)
+{
+ FILE_OBJECTID_BUFFER buffer;
+ NTSTATUS status;
+ u32 len;
+
+ if (!(ctx->vol_flags & FILE_SUPPORTS_OBJECT_IDS))
+ return 0;
+
+ status = winnt_fsctl(h, FSCTL_GET_OBJECT_ID, NULL, 0,
+ &buffer, sizeof(buffer), &len);
+
+ if (status == STATUS_OBJECTID_NOT_FOUND) /* No object ID */
+ return 0;
+
+ if (status == STATUS_INVALID_DEVICE_REQUEST ||
+ status == STATUS_NOT_SUPPORTED /* Samba volume, WinXP */) {
+ /* The filesystem claimed to support object IDs, but we can't
+ * actually read them. This happens with Samba. */
+ ctx->vol_flags &= ~FILE_SUPPORTS_OBJECT_IDS;
+ return 0;
+ }
+
+ if (!NT_SUCCESS(status)) {
+ winnt_error(status, L"\"%ls\": Can't read object ID",
+ printable_path(ctx));
+ return WIMLIB_ERR_STAT;
+ }
+
+ if (len == 0) /* No object ID (for directories) */
+ return 0;
+
+ if (!inode_set_object_id(inode, &buffer, len))
+ return WIMLIB_ERR_NOMEM;
+
+ return 0;
+}
+
+/* Load a file's extended attributes into the corresponding WIM inode. */
+static noinline_for_stack int
+winnt_load_xattrs(HANDLE h, struct wim_inode *inode,
+ struct winnt_scan_ctx *ctx, u32 ea_size)
+{
+ IO_STATUS_BLOCK iosb;
+ NTSTATUS status;
+ u8 _buf[1024] _aligned_attribute(4);
+ u8 *buf = _buf;
+ const FILE_FULL_EA_INFORMATION *ea;
+ struct wim_xattr_entry *entry;
+ int ret;
+
+
+ /*
+ * EaSize from FILE_EA_INFORMATION is apparently supposed to give the
+ * size of the buffer required for NtQueryEaFile(), but it doesn't
+ * actually work correctly; it can be off by about 4 bytes per xattr.
+ *
+ * So just start out by doubling the advertised size, and also handle
+ * STATUS_BUFFER_OVERFLOW just in case.
+ */
+retry:
+ if (unlikely(ea_size * 2 < ea_size))
+ ea_size = UINT32_MAX;
+ else
+ ea_size *= 2;
+ if (unlikely(ea_size > sizeof(_buf))) {
+ buf = MALLOC(ea_size);
+ if (!buf) {
+ if (ea_size >= (1 << 20)) {
+ WARNING("\"%ls\": EaSize was extremely large (%u)",
+ printable_path(ctx), ea_size);
+ }
+ return WIMLIB_ERR_NOMEM;
+ }
+ }
+
+ status = NtQueryEaFile(h, &iosb, buf, ea_size,
+ FALSE, NULL, 0, NULL, TRUE);
+
+ if (unlikely(!NT_SUCCESS(status))) {
+ if (status == STATUS_BUFFER_OVERFLOW) {
+ if (buf != _buf) {
+ FREE(buf);
+ buf = NULL;
+ }
+ goto retry;
+ }
+ if (status == STATUS_NO_EAS_ON_FILE) {
+ /*
+ * FILE_EA_INFORMATION.EaSize was nonzero so this
+ * shouldn't happen, but just in case...
+ */
+ ret = 0;
+ goto out;
+ }
+ winnt_error(status, L"\"%ls\": Can't read extended attributes",
+ printable_path(ctx));
+ ret = WIMLIB_ERR_STAT;
+ goto out;
+ }
+
+ ea = (const FILE_FULL_EA_INFORMATION *)buf;
+ entry = (struct wim_xattr_entry *)buf;
+ for (;;) {
+ /*
+ * wim_xattr_entry is not larger than FILE_FULL_EA_INFORMATION,
+ * so we can reuse the same buffer by overwriting the
+ * FILE_FULL_EA_INFORMATION with the wim_xattr_entry in-place.
+ */
+ FILE_FULL_EA_INFORMATION _ea;
+
+ STATIC_ASSERT(offsetof(struct wim_xattr_entry, name) <=
+ offsetof(FILE_FULL_EA_INFORMATION, EaName));
+ wimlib_assert((u8 *)entry <= (const u8 *)ea);
+
+ memcpy(&_ea, ea, sizeof(_ea));
+
+ entry->value_len = cpu_to_le16(_ea.EaValueLength);
+ entry->name_len = _ea.EaNameLength;
+ entry->flags = _ea.Flags;
+ memmove(entry->name, ea->EaName, _ea.EaNameLength);
+ entry->name[_ea.EaNameLength] = '\0';
+ memmove(&entry->name[_ea.EaNameLength + 1],
+ &ea->EaName[_ea.EaNameLength + 1], _ea.EaValueLength);
+ entry = (struct wim_xattr_entry *)
+ &entry->name[_ea.EaNameLength + 1 + _ea.EaValueLength];
+ if (_ea.NextEntryOffset == 0)
+ break;
+ ea = (const FILE_FULL_EA_INFORMATION *)
+ ((const u8 *)ea + _ea.NextEntryOffset);
+ }
+ wimlib_assert((u8 *)entry - buf <= ea_size);
+
+ ret = WIMLIB_ERR_NOMEM;
+ if (!inode_set_xattrs(inode, buf, (u8 *)entry - buf))
+ goto out;
+ ret = 0;
+out:
+ if (unlikely(buf != _buf))
+ FREE(buf);
+ return ret;
+}
+
static int
-winnt_build_dentry_tree_recursive(struct wim_dentry **root_ret,
- HANDLE cur_dir,
- wchar_t *full_path,
- size_t full_path_nchars,
- wchar_t *relative_path,
- size_t relative_path_nchars,
- const wchar_t *filename,
- struct winnt_scan_ctx *ctx);
+winnt_build_dentry_tree(struct wim_dentry **root_ret,
+ HANDLE cur_dir,
+ const wchar_t *relative_path,
+ size_t relative_path_nchars,
+ const wchar_t *filename,
+ struct winnt_scan_ctx *ctx,
+ bool recursive);
static int
winnt_recurse_directory(HANDLE h,
- wchar_t *full_path,
- size_t full_path_nchars,
struct wim_dentry *parent,
struct winnt_scan_ctx *ctx)
{
if (!should_ignore_filename(info->FileName,
info->FileNameLength / 2))
{
- wchar_t *p;
- wchar_t *filename;
struct wim_dentry *child;
+ size_t orig_path_nchars;
+ const wchar_t *filename;
+
+ ret = WIMLIB_ERR_NOMEM;
+ filename = pathbuf_append_name(ctx->params,
+ info->FileName,
+ info->FileNameLength / 2,
+ &orig_path_nchars);
+ if (!filename)
+ goto out_free_buf;
- p = full_path + full_path_nchars;
- /* Only add a backslash if we don't already have
- * one. This prevents a duplicate backslash
- * from being added when the path to the capture
- * dir had a trailing backslash. */
- if (*(p - 1) != L'\\')
- *p++ = L'\\';
- filename = p;
- p = wmempcpy(filename, info->FileName,
- info->FileNameLength / 2);
- *p = '\0';
-
- ret = winnt_build_dentry_tree_recursive(
+ ret = winnt_build_dentry_tree(
&child,
h,
- full_path,
- p - full_path,
filename,
info->FileNameLength / 2,
filename,
- ctx);
+ ctx,
+ true);
- full_path[full_path_nchars] = L'\0';
+ pathbuf_truncate(ctx->params, orig_path_nchars);
if (ret)
goto out_free_buf;
if (unlikely(status != STATUS_NO_MORE_FILES)) {
winnt_error(status, L"\"%ls\": Can't read directory",
- printable_path(full_path));
+ printable_path(ctx));
ret = WIMLIB_ERR_READ;
}
out_free_buf:
}
static int
-winnt_rpfix_progress(struct capture_params *params, const wchar_t *path,
+winnt_rpfix_progress(struct scan_params *params,
const struct link_reparse_point *link, int scan_status)
{
size_t print_name_nchars = link->print_name_nbytes / sizeof(wchar_t);
wmemcpy(print_name0, link->print_name, print_name_nchars);
print_name0[print_name_nchars] = L'\0';
- params->progress.scan.cur_path = path;
params->progress.scan.symlink_target = print_name0;
- return do_capture_progress(params, scan_status, NULL);
+ return do_scan_progress(params, scan_status, NULL);
}
static int
winnt_try_rpfix(struct reparse_buffer_disk *rpbuf, u16 *rpbuflen_p,
- const wchar_t *path, struct capture_params *params)
+ struct scan_params *params)
{
struct link_reparse_point link;
const wchar_t *rel_target;
if (rel_target == link.substitute_name) {
/* Target points outside of the tree being captured or had an
* unrecognized path format. Don't adjust it. */
- return winnt_rpfix_progress(params, path, &link,
+ return winnt_rpfix_progress(params, &link,
WIMLIB_SCAN_DENTRY_NOT_FIXED_SYMLINK);
}
if (make_link_reparse_point(&link, rpbuf, rpbuflen_p))
return 0;
- ret = winnt_rpfix_progress(params, path, &link,
+ ret = winnt_rpfix_progress(params, &link,
WIMLIB_SCAN_DENTRY_FIXED_SYMLINK);
if (ret)
return ret;
* capture root. */
static noinline_for_stack int
winnt_load_reparse_data(HANDLE h, struct wim_inode *inode,
- const wchar_t *full_path, struct capture_params *params)
+ struct winnt_scan_ctx *ctx)
{
struct reparse_buffer_disk rpbuf;
NTSTATUS status;
if (inode->i_attributes & FILE_ATTRIBUTE_ENCRYPTED) {
/* See comment above assign_stream_types_encrypted() */
WARNING("Ignoring reparse data of encrypted file \"%ls\"",
- printable_path(full_path));
+ printable_path(ctx));
return 0;
}
NULL, 0, &rpbuf, sizeof(rpbuf), &len);
if (!NT_SUCCESS(status)) {
winnt_error(status, L"\"%ls\": Can't get reparse point",
- printable_path(full_path));
+ printable_path(ctx));
return WIMLIB_ERR_READLINK;
}
if (unlikely(rpbuflen < REPARSE_DATA_OFFSET)) {
ERROR("\"%ls\": reparse point buffer is too short",
- printable_path(full_path));
+ printable_path(ctx));
return WIMLIB_ERR_INVALID_REPARSE_DATA;
}
- if (params->add_flags & WIMLIB_ADD_FLAG_RPFIX) {
- ret = winnt_try_rpfix(&rpbuf, &rpbuflen, full_path, params);
+ if (le32_to_cpu(rpbuf.rptag) == WIM_IO_REPARSE_TAG_DEDUP) {
+ /*
+ * Windows treats Data Deduplication reparse points specially.
+ * Reads from the unnamed data stream actually return the
+ * redirected file contents, even with FILE_OPEN_REPARSE_POINT.
+ * Deduplicated files also cannot be properly restored without
+ * also restoring the "System Volume Information" directory,
+ * which wimlib excludes by default. Therefore, the logical
+ * behavior for us seems to be to ignore the reparse point and
+ * treat the file as a normal file.
+ */
+ inode->i_attributes &= ~FILE_ATTRIBUTE_REPARSE_POINT;
+ return 0;
+ }
+
+ if (ctx->params->add_flags & WIMLIB_ADD_FLAG_RPFIX) {
+ ret = winnt_try_rpfix(&rpbuf, &rpbuflen, ctx->params);
if (ret == RP_FIXED)
inode->i_rp_flags &= ~WIM_RP_FLAG_NOT_FIXED;
else if (ret)
NO_STREAM_NAME,
rpbuf.rpdata,
rpbuflen - REPARSE_DATA_OFFSET,
- params->blob_table))
+ ctx->params->blob_table))
return WIMLIB_ERR_NOMEM;
return 0;
if (err != ERROR_SUCCESS) {
win32_error(err,
L"Failed to open encrypted file \"%ls\" for raw read",
- printable_path(path));
+ path);
return WIMLIB_ERR_OPEN;
}
*size_ret = 0;
if (err != ERROR_SUCCESS) {
win32_error(err,
L"Failed to read raw encrypted data from \"%ls\"",
- printable_path(path));
+ path);
ret = WIMLIB_ERR_READ;
} else {
ret = 0;
static int
winnt_scan_efsrpc_raw_data(struct wim_inode *inode,
- wchar_t *path, size_t path_nchars,
struct winnt_scan_ctx *ctx)
{
+ wchar_t *path = ctx->params->cur_path;
+ size_t path_nchars = ctx->params->cur_path_nchars;
const bool is_dir = (inode->i_attributes & FILE_ATTRIBUTE_DIRECTORY);
struct windows_file *windows_file;
u64 size;
}
static int
-winnt_scan_data_stream(const wchar_t *path, size_t path_nchars,
- wchar_t *raw_stream_name, size_t raw_stream_name_nchars,
+winnt_scan_data_stream(wchar_t *raw_stream_name, size_t raw_stream_name_nchars,
u64 stream_size, struct wim_inode *inode,
struct winnt_scan_ctx *ctx)
{
stream_name[stream_name_nchars] = L'\0';
- windows_file = alloc_windows_file(path, path_nchars,
+ windows_file = alloc_windows_file(ctx->params->cur_path,
+ ctx->params->cur_path_nchars,
stream_name, stream_name_nchars,
ctx->snapshot, false);
return add_stream(inode, windows_file, stream_size, STREAM_TYPE_DATA,
* already present in Windows XP.
*/
static noinline_for_stack int
-winnt_scan_data_streams(HANDLE h, const wchar_t *path, size_t path_nchars,
- struct wim_inode *inode, u64 file_size,
+winnt_scan_data_streams(HANDLE h, struct wim_inode *inode, u64 file_size,
struct winnt_scan_ctx *ctx)
{
int ret;
default:
winnt_error(status,
L"\"%ls\": Failed to query stream information",
- printable_path(path));
+ printable_path(ctx));
ret = WIMLIB_ERR_READ;
goto out_free_buf;
}
info = (FILE_STREAM_INFORMATION *)buf;
for (;;) {
/* Load the stream information. */
- ret = winnt_scan_data_stream(path, path_nchars,
- info->StreamName,
+ ret = winnt_scan_data_stream(info->StreamName,
info->StreamNameLength / 2,
info->StreamSize.QuadPart,
inode, ctx);
{
wchar_t stream_name[] = L"::$DATA";
- ret = winnt_scan_data_stream(path, path_nchars, stream_name, 7,
- file_size, inode, ctx);
+ ret = winnt_scan_data_stream(stream_name, 7, file_size,
+ inode, ctx);
}
out_free_buf:
/* Free buffer if allocated on heap. */
static inline bool
should_try_to_use_wimboot_hash(const struct wim_inode *inode,
- const struct winnt_scan_ctx *ctx,
- const struct capture_params *params)
+ const struct winnt_scan_ctx *ctx)
{
/* Directories and encrypted files aren't valid for external backing. */
if (inode->i_attributes & (FILE_ATTRIBUTE_DIRECTORY |
* fixup if WOF may be attached. */
if (inode->i_attributes & FILE_ATTRIBUTE_REPARSE_POINT)
return (inode->i_reparse_tag == WIM_IO_REPARSE_TAG_WOF) &&
- (params->add_flags & WIMLIB_ADD_FLAG_WIMBOOT);
+ (ctx->params->add_flags & WIMLIB_ADD_FLAG_WIMBOOT);
return !ctx->wof_not_attached;
}
*/
static noinline_for_stack int
try_to_use_wimboot_hash(HANDLE h, struct wim_inode *inode,
- struct winnt_scan_ctx *ctx, const wchar_t *full_path)
+ struct winnt_scan_ctx *ctx)
{
struct blob_table *blob_table = ctx->params->blob_table;
struct wim_inode_stream *reparse_strm = NULL;
if (inode->i_attributes & FILE_ATTRIBUTE_REPARSE_POINT) {
struct reparse_buffer_disk rpbuf;
struct {
- struct wof_external_info wof_info;
+ WOF_EXTERNAL_INFO wof_info;
struct wim_provider_rpdata wim_info;
} *rpdata = (void *)rpbuf.rpdata;
struct blob_descriptor *reparse_blob;
if (ret)
return ret;
- if (rpdata->wof_info.version != WOF_CURRENT_VERSION ||
- rpdata->wof_info.provider != WOF_PROVIDER_WIM ||
+ if (rpdata->wof_info.Version != WOF_CURRENT_VERSION ||
+ rpdata->wof_info.Provider != WOF_PROVIDER_WIM ||
rpdata->wim_info.version != 2)
return 0; /* Not a WIM-backed file */
copy_hash(hash, rpdata->wim_info.unnamed_data_stream_hash);
} else {
struct {
- struct wof_external_info wof_info;
- struct wim_provider_external_info wim_info;
+ WOF_EXTERNAL_INFO wof_info;
+ WIM_PROVIDER_EXTERNAL_INFO wim_info;
} out;
NTSTATUS status;
if (status != STATUS_SUCCESS) {
winnt_error(status,
L"\"%ls\": FSCTL_GET_EXTERNAL_BACKING failed",
- full_path);
+ printable_path(ctx));
return WIMLIB_ERR_STAT;
}
/* Is this file backed by a WIM? */
- if (out.wof_info.version != WOF_CURRENT_VERSION ||
- out.wof_info.provider != WOF_PROVIDER_WIM ||
- out.wim_info.version != WIM_PROVIDER_CURRENT_VERSION)
+ if (out.wof_info.Version != WOF_CURRENT_VERSION ||
+ out.wof_info.Provider != WOF_PROVIDER_WIM ||
+ out.wim_info.Version != WIM_PROVIDER_CURRENT_VERSION)
return 0;
/* Okay, this is a WIM backed file. Get its SHA-1 hash. */
- copy_hash(hash, out.wim_info.unnamed_data_stream_hash);
+ copy_hash(hash, out.wim_info.ResourceHash);
}
/* If the file's unnamed data stream is nonempty, then fill in its hash
return 0;
back_ptr = retrieve_pointer_to_unhashed_blob(blob);
copy_hash(blob->hash, hash);
- if (after_blob_hashed(blob, back_ptr, blob_table) != blob)
+ if (after_blob_hashed(blob, back_ptr, blob_table,
+ inode) != blob)
free_blob_descriptor(blob);
}
u64 last_access_time;
u64 ino;
u64 end_of_file;
+ u32 ea_size;
};
static noinline_for_stack NTSTATUS
info->last_access_time = all_info.BasicInformation.LastAccessTime.QuadPart;
info->ino = all_info.InternalInformation.IndexNumber.QuadPart;
info->end_of_file = all_info.StandardInformation.EndOfFile.QuadPart;
+ info->ea_size = all_info.EaInformation.EaSize;
return STATUS_SUCCESS;
}
static void
-get_volume_information(HANDLE h, const wchar_t *full_path,
- struct winnt_scan_ctx *ctx)
+get_volume_information(HANDLE h, struct winnt_scan_ctx *ctx)
{
u8 _attr_info[sizeof(FILE_FS_ATTRIBUTE_INFORMATION) + 128] _aligned_attribute(8);
FILE_FS_ATTRIBUTE_INFORMATION *attr_info = (void *)_attr_info;
!wmemcmp(attr_info->FileSystemName, L"NTFS", 4);
} else {
winnt_warning(status, L"\"%ls\": Can't get volume attributes",
- printable_path(full_path));
+ printable_path(ctx));
}
/* Get volume ID. */
ctx->params->capture_root_dev = vol_info.VolumeSerialNumber;
} else {
winnt_warning(status, L"\"%ls\": Can't get volume ID",
- printable_path(full_path));
+ printable_path(ctx));
}
/* Get inode number. */
ctx->params->capture_root_ino = file_info.ino;
} else {
winnt_warning(status, L"\"%ls\": Can't get file information",
- printable_path(full_path));
+ printable_path(ctx));
}
}
static int
-winnt_build_dentry_tree_recursive(struct wim_dentry **root_ret,
- HANDLE cur_dir,
- wchar_t *full_path,
- size_t full_path_nchars,
- wchar_t *relative_path,
- size_t relative_path_nchars,
- const wchar_t *filename,
- struct winnt_scan_ctx *ctx)
+winnt_build_dentry_tree(struct wim_dentry **root_ret,
+ HANDLE cur_dir,
+ const wchar_t *relative_path,
+ size_t relative_path_nchars,
+ const wchar_t *filename,
+ struct winnt_scan_ctx *ctx,
+ bool recursive)
{
struct wim_dentry *root = NULL;
struct wim_inode *inode = NULL;
struct file_info file_info;
u64 sort_key;
- ret = try_exclude(full_path, ctx->params);
+ ret = try_exclude(ctx->params);
if (unlikely(ret < 0)) /* Excluded? */
goto out_progress;
if (unlikely(ret > 0)) /* Error? */
* this permission on all nondirectories. Perhaps it causes Windows to
* start prefetching the file contents... */
status = winnt_openat(cur_dir, relative_path, relative_path_nchars,
- FILE_READ_ATTRIBUTES | READ_CONTROL |
- ACCESS_SYSTEM_SECURITY,
+ FILE_READ_ATTRIBUTES | FILE_READ_EA |
+ READ_CONTROL | ACCESS_SYSTEM_SECURITY,
&h);
if (unlikely(!NT_SUCCESS(status))) {
if (status == STATUS_DELETE_PENDING) {
WARNING("\"%ls\": Deletion pending; skipping file",
- printable_path(full_path));
+ printable_path(ctx));
ret = 0;
goto out;
}
ERROR("Can't open \"%ls\":\n"
" File is in use by another process! "
"Consider using snapshot (VSS) mode.",
- printable_path(full_path));
+ printable_path(ctx));
ret = WIMLIB_ERR_OPEN;
goto out;
}
winnt_error(status, L"\"%ls\": Can't open file",
- printable_path(full_path));
+ printable_path(ctx));
if (status == STATUS_FVE_LOCKED_VOLUME)
ret = WIMLIB_ERR_FVE_LOCKED_VOLUME;
else
status = get_file_info(h, &file_info);
if (!NT_SUCCESS(status)) {
winnt_error(status, L"\"%ls\": Can't get file information",
- printable_path(full_path));
+ printable_path(ctx));
ret = WIMLIB_ERR_STAT;
goto out;
}
if (!(ctx->params->add_flags & WIMLIB_ADD_FLAG_NO_ACLS)
&& (ctx->vol_flags & FILE_PERSISTENT_ACLS))
{
- ret = winnt_load_security_descriptor(h, inode, full_path, ctx);
+ ret = winnt_load_security_descriptor(h, inode, ctx);
+ if (ret)
+ goto out;
+ }
+
+ /* Get the file's object ID. */
+ ret = winnt_load_object_id(h, inode, ctx);
+ if (ret)
+ goto out;
+
+ /* Get the file's extended attributes. */
+ if (unlikely(file_info.ea_size != 0)) {
+ ret = winnt_load_xattrs(h, inode, ctx, file_info.ea_size);
if (ret)
goto out;
}
/* If this is a reparse point, load the reparse data. */
if (unlikely(inode->i_attributes & FILE_ATTRIBUTE_REPARSE_POINT)) {
- ret = winnt_load_reparse_data(h, inode, full_path, ctx->params);
+ ret = winnt_load_reparse_data(h, inode, ctx);
if (ret)
goto out;
}
* needed. */
NtClose(h);
h = NULL;
- ret = winnt_scan_efsrpc_raw_data(inode, full_path,
- full_path_nchars, ctx);
+ ret = winnt_scan_efsrpc_raw_data(inode, ctx);
if (ret)
goto out;
} else {
* the EFSRPC data and the named data stream(s)...!
*/
ret = winnt_scan_data_streams(h,
- full_path,
- full_path_nchars,
inode,
file_info.end_of_file,
ctx);
goto out;
}
- if (unlikely(should_try_to_use_wimboot_hash(inode, ctx, ctx->params))) {
- ret = try_to_use_wimboot_hash(h, inode, ctx, full_path);
+ if (unlikely(should_try_to_use_wimboot_hash(inode, ctx))) {
+ ret = try_to_use_wimboot_hash(h, inode, ctx);
if (ret)
goto out;
}
set_sort_key(inode, sort_key);
- if (inode_is_directory(inode)) {
+ if (inode_is_directory(inode) && recursive) {
/* Directory: recurse to children. */
&h);
if (!NT_SUCCESS(status)) {
winnt_error(status, L"\"%ls\": Can't open directory",
- printable_path(full_path));
+ printable_path(ctx));
ret = WIMLIB_ERR_OPEN;
goto out;
}
- ret = winnt_recurse_directory(h,
- full_path,
- full_path_nchars,
- root,
- ctx);
+ ret = winnt_recurse_directory(h, root, ctx);
if (ret)
goto out;
}
out_progress:
- ctx->params->progress.scan.cur_path = full_path;
- if (likely(root))
- ret = do_capture_progress(ctx->params, WIMLIB_SCAN_DENTRY_OK, inode);
- else
- ret = do_capture_progress(ctx->params, WIMLIB_SCAN_DENTRY_EXCLUDED, NULL);
+ ret = 0;
+ if (recursive) { /* if !recursive, caller handles progress */
+ if (likely(root))
+ ret = do_scan_progress(ctx->params,
+ WIMLIB_SCAN_DENTRY_OK, inode);
+ else
+ ret = do_scan_progress(ctx->params,
+ WIMLIB_SCAN_DENTRY_EXCLUDED,
+ NULL);
+ }
out:
if (likely(h))
NtClose(h);
if (unlikely(ret)) {
free_dentry_tree(root, ctx->params->blob_table);
root = NULL;
- ret = report_capture_error(ctx->params, ret, full_path);
+ ret = report_scan_error(ctx->params, ret);
}
*root_ret = root;
return ret;
#define NTFS_IS_SPECIAL_FILE(ino) \
(NTFS_MFT_NO(ino) <= 15 && !NTFS_IS_ROOT_FILE(ino))
+#define NTFS_SPECIAL_STREAM_OBJECT_ID 0x00000001
+#define NTFS_SPECIAL_STREAM_EA 0x00000002
+#define NTFS_SPECIAL_STREAM_EA_INFORMATION 0x00000004
+
/* Intermediate inode structure. This is used to temporarily save information
* from FSCTL_QUERY_FILE_LAYOUT before creating the full 'struct wim_inode'. */
struct ntfs_inode {
u32 security_id;
u32 num_aliases;
u32 num_streams;
+ u32 special_streams;
u32 first_stream_offset;
struct ntfs_dentry *first_child;
wchar_t short_name[13];
stream->StreamIdentifierLength / 2);
}
+/* assumes that 'id' is a wide string literal */
+#define stream_has_identifier(stream, id) \
+ ((stream)->StreamIdentifierLength == sizeof(id) - 2 && \
+ !memcmp((stream)->StreamIdentifier, id, sizeof(id) - 2))
/*
* If the specified STREAM_LAYOUT_ENTRY represents a DATA stream as opposed to
* some other type of NTFS stream such as a STANDARD_INFORMATION stream, return
/* Validate the STREAM_LAYOUT_ENTRYs of the specified file and compute the total
* length in bytes of the ntfs_stream structures needed to hold the stream
- * information. */
+ * information. In addition, set *special_streams_ret to a bitmask of special
+ * stream types that were found. */
static int
validate_streams_and_compute_total_length(const FILE_LAYOUT_ENTRY *file,
- size_t *total_length_ret)
+ size_t *total_length_ret,
+ u32 *special_streams_ret)
{
const STREAM_LAYOUT_ENTRY *stream =
(const void *)file + file->FirstStreamOffset;
size_t total = 0;
+ u32 special_streams = 0;
+
for (;;) {
const wchar_t *name;
size_t name_nchars;
if (use_stream(file, stream, &name, &name_nchars)) {
total += ALIGN(sizeof(struct ntfs_stream) +
(name_nchars + 1) * sizeof(wchar_t), 8);
+ } else if (stream_has_identifier(stream, L"::$OBJECT_ID")) {
+ special_streams |= NTFS_SPECIAL_STREAM_OBJECT_ID;
+ } else if (stream_has_identifier(stream, L"::$EA")) {
+ special_streams |= NTFS_SPECIAL_STREAM_EA;
+ } else if (stream_has_identifier(stream, L"::$EA_INFORMATION")) {
+ special_streams |= NTFS_SPECIAL_STREAM_EA_INFORMATION;
}
if (stream->NextStreamOffset == 0)
break;
}
*total_length_ret = total;
+ *special_streams_ret = special_streams;
return 0;
}
size_t n;
int ret;
void *p;
+ u32 special_streams = 0;
inode_size = ALIGN(sizeof(struct ntfs_inode), 8);
}
if (file_has_streams(file)) {
- ret = validate_streams_and_compute_total_length(file, &n);
+ ret = validate_streams_and_compute_total_length(file, &n,
+ &special_streams);
if (ret)
return ret;
inode_size += n;
ni->last_write_time = info->BasicInformation.LastWriteTime;
ni->last_access_time = info->BasicInformation.LastAccessTime;
ni->security_id = info->SecurityId;
+ ni->special_streams = special_streams;
p = FIRST_DENTRY(ni);
QUERY_FILE_LAYOUT_INCLUDE_STREAMS_WITH_NO_CLUSTERS_ALLOCATED,
.FilterType = QUERY_FILE_LAYOUT_FILTER_TYPE_NONE,
};
- const size_t outsize = 32768;
+ size_t outsize = 32768;
QUERY_FILE_LAYOUT_OUTPUT *out = NULL;
int ret;
NTSTATUS status;
goto out;
}
- out = MALLOC(outsize);
- if (!out) {
- ret = WIMLIB_ERR_NOMEM;
- goto out;
- }
+ for (;;) {
+ /* Allocate a buffer for the output of the ioctl. */
+ out = MALLOC(outsize);
+ if (!out) {
+ ret = WIMLIB_ERR_NOMEM;
+ goto out;
+ }
- while (NT_SUCCESS(status = winnt_fsctl(h, FSCTL_QUERY_FILE_LAYOUT,
- &in, sizeof(in),
- out, outsize, NULL)))
- {
- const FILE_LAYOUT_ENTRY *file =
- (const void *)out + out->FirstFileOffset;
- for (;;) {
- ret = load_one_file(file, inode_map);
- if (ret)
- goto out;
- if (file->NextFileOffset == 0)
- break;
- file = (const void *)file + file->NextFileOffset;
+ /* Execute FSCTL_QUERY_FILE_LAYOUT until it fails. */
+ while (NT_SUCCESS(status = winnt_fsctl(h,
+ FSCTL_QUERY_FILE_LAYOUT,
+ &in, sizeof(in),
+ out, outsize, NULL)))
+ {
+ const FILE_LAYOUT_ENTRY *file =
+ (const void *)out + out->FirstFileOffset;
+ for (;;) {
+ ret = load_one_file(file, inode_map);
+ if (ret)
+ goto out;
+ if (file->NextFileOffset == 0)
+ break;
+ file = (const void *)file + file->NextFileOffset;
+ }
+ in.Flags &= ~QUERY_FILE_LAYOUT_RESTART;
}
- in.Flags &= ~QUERY_FILE_LAYOUT_RESTART;
+
+ /* Enlarge the buffer if needed. */
+ if (status != STATUS_BUFFER_TOO_SMALL)
+ break;
+ FREE(out);
+ outsize *= 2;
}
/* Normally, FSCTL_QUERY_FILE_LAYOUT fails with STATUS_END_OF_FILE after
* all files have been enumerated. */
if (status != STATUS_END_OF_FILE) {
if (status == STATUS_INVALID_DEVICE_REQUEST /* old OS */ ||
- status == STATUS_INVALID_PARAMETER /* not root directory */ ) {
+ status == STATUS_NOT_SUPPORTED /* Samba volume, WinXP */ ||
+ status == STATUS_INVALID_PARAMETER /* not root directory */ )
+ {
/* Silently try standard recursive scan instead */
ret = -1;
} else {
* ntfs_stream => wim_inode_stream
*
* This also handles things such as exclusions and issuing progress messages.
- * It's similar to winnt_build_dentry_tree_recursive(), but this is much faster
- * because almost all information we need is already loaded in memory in the
- * ntfs_* structures. However, in some cases we still fall back to
- * winnt_build_dentry_tree_recursive() and/or opening the file.
+ * It's similar to winnt_build_dentry_tree(), but this is much faster because
+ * almost all information we need is already loaded in memory in the ntfs_*
+ * structures. However, in some cases we still fall back to
+ * winnt_build_dentry_tree() and/or opening the file.
*/
static int
generate_wim_structures_recursive(struct wim_dentry **root_ret,
- wchar_t *path, size_t path_nchars,
const wchar_t *filename, bool is_primary_name,
struct ntfs_inode *ni,
struct winnt_scan_ctx *ctx,
if (NTFS_IS_SPECIAL_FILE(ni->ino))
goto out;
- /* Fall back to a recursive scan for unhandled cases. Reparse points,
+ /* Fall back to the standard scan for unhandled cases. Reparse points,
* in particular, can't be properly handled here because a commonly used
* filter driver (WOF) hides reparse points from regular filesystem APIs
* but not from FSCTL_QUERY_FILE_LAYOUT. */
if (ni->attributes & (FILE_ATTRIBUTE_REPARSE_POINT |
- FILE_ATTRIBUTE_ENCRYPTED))
+ FILE_ATTRIBUTE_ENCRYPTED) ||
+ ni->special_streams != 0)
{
- ret = winnt_build_dentry_tree_recursive(&root,
- NULL,
- path,
- path_nchars,
- path,
- path_nchars,
- filename,
- ctx);
- goto out;
+ ret = winnt_build_dentry_tree(&root, NULL,
+ ctx->params->cur_path,
+ ctx->params->cur_path_nchars,
+ filename, ctx, false);
+ if (ret) /* Error? */
+ goto out;
+ if (!root) /* Excluded? */
+ goto out_progress;
+ inode = root->d_inode;
+ goto process_children;
}
/* Test for exclusion based on path. */
- ret = try_exclude(path, ctx->params);
+ ret = try_exclude(ctx->params);
if (unlikely(ret < 0)) /* Excluded? */
goto out_progress;
if (unlikely(ret > 0)) /* Error? */
/* Create a mapping for this security ID and insert it
* into the security map. */
- status = winnt_open(path, path_nchars,
+ status = winnt_open(ctx->params->cur_path,
+ ctx->params->cur_path_nchars,
READ_CONTROL |
ACCESS_SYSTEM_SECURITY, &h);
if (!NT_SUCCESS(status)) {
winnt_error(status, L"Can't open \"%ls\" to "
"read security descriptor",
- printable_path(path));
+ printable_path(ctx));
ret = WIMLIB_ERR_OPEN;
goto out;
}
- ret = winnt_load_security_descriptor(h, inode, path, ctx);
+ ret = winnt_load_security_descriptor(h, inode, ctx);
NtClose(h);
if (ret)
goto out;
!(ctx->vol_flags & FILE_SUPPORTS_OPEN_BY_FILE_ID) ||
!(ctx->params->add_flags & WIMLIB_ADD_FLAG_FILE_PATHS_UNNEEDED))
{
- windows_file = alloc_windows_file(path,
- path_nchars,
+ windows_file = alloc_windows_file(ctx->params->cur_path,
+ ctx->params->cur_path_nchars,
ns->name,
wcslen(ns->name),
ctx->snapshot,
false);
} else {
windows_file = alloc_windows_file_for_file_id(ni->ino,
- path,
- ctx->params->capture_root_nchars + 1,
+ ctx->params->cur_path,
+ ctx->params->root_path_nchars,
ctx->snapshot);
}
/* If processing a directory, then recurse to its children. In this
* version there is no need to go to disk, as we already have the list
* of children cached from the MFT. */
+process_children:
if (inode_is_directory(inode)) {
const struct ntfs_dentry *nd = ni->first_child;
while (nd != NULL) {
- const size_t name_len = wcslen(nd->name);
- wchar_t *p = path + path_nchars;
+ size_t orig_path_nchars;
struct wim_dentry *child;
const struct ntfs_dentry *next = nd->next_child;
- if (*(p - 1) != L'\\')
- *p++ = L'\\';
- p = wmempcpy(p, nd->name, name_len);
- *p = '\0';
+ ret = WIMLIB_ERR_NOMEM;
+ if (!pathbuf_append_name(ctx->params, nd->name,
+ wcslen(nd->name),
+ &orig_path_nchars))
+ goto out;
ret = generate_wim_structures_recursive(
&child,
- path,
- p - path,
nd->name,
nd->is_primary,
(void *)nd - nd->offset_from_inode,
inode_map,
security_map);
- path[path_nchars] = L'\0';
+ pathbuf_truncate(ctx->params, orig_path_nchars);
if (ret)
goto out;
}
out_progress:
- ctx->params->progress.scan.cur_path = path;
if (likely(root))
- ret = do_capture_progress(ctx->params, WIMLIB_SCAN_DENTRY_OK, inode);
+ ret = do_scan_progress(ctx->params, WIMLIB_SCAN_DENTRY_OK, inode);
else
- ret = do_capture_progress(ctx->params, WIMLIB_SCAN_DENTRY_EXCLUDED, NULL);
+ ret = do_scan_progress(ctx->params, WIMLIB_SCAN_DENTRY_EXCLUDED, NULL);
out:
if (--ni->num_aliases == 0) {
/* Memory usage optimization: when we don't need the ntfs_inode
}
static int
-winnt_build_dentry_tree_fast(struct wim_dentry **root_ret, wchar_t *path,
- size_t path_nchars, struct winnt_scan_ctx *ctx)
+winnt_build_dentry_tree_fast(struct wim_dentry **root_ret,
+ struct winnt_scan_ctx *ctx)
{
struct ntfs_inode_map inode_map = { .root = NULL };
struct security_map security_map = { .root = NULL };
struct ntfs_inode *root = NULL;
+ wchar_t *path = ctx->params->cur_path;
+ size_t path_nchars = ctx->params->cur_path_nchars;
bool adjust_path;
int ret;
root->num_aliases = 1;
- ret = generate_wim_structures_recursive(root_ret, path, path_nchars,
- L"", false, root, ctx,
+ ret = generate_wim_structures_recursive(root_ret, L"", false, root, ctx,
&inode_map, &security_map);
out:
ntfs_inode_map_destroy(&inode_map);
* Entry point for directory tree scans on Windows *
*----------------------------------------------------------------------------*/
-#define WINDOWS_NT_MAX_PATH 32768
-
int
win32_build_dentry_tree(struct wim_dentry **root_ret,
const wchar_t *root_disk_path,
- struct capture_params *params)
+ struct scan_params *params)
{
- wchar_t *path = NULL;
struct winnt_scan_ctx ctx = { .params = params };
UNICODE_STRING ntpath;
- size_t ntpath_nchars;
HANDLE h = NULL;
NTSTATUS status;
int ret;
- /* WARNING: There is no check for overflow later when this buffer is
- * being used! But it's as long as the maximum path length understood
- * by Windows NT (which is NOT the same as MAX_PATH). */
- path = MALLOC((WINDOWS_NT_MAX_PATH + 1) * sizeof(wchar_t));
- if (!path)
- return WIMLIB_ERR_NOMEM;
-
if (params->add_flags & WIMLIB_ADD_FLAG_SNAPSHOT)
ret = vss_create_snapshot(root_disk_path, &ntpath, &ctx.snapshot);
else
goto out;
if (ntpath.Length < 4 * sizeof(wchar_t) ||
- ntpath.Length > WINDOWS_NT_MAX_PATH * sizeof(wchar_t) ||
wmemcmp(ntpath.Buffer, L"\\??\\", 4))
{
ERROR("\"%ls\": unrecognized path format", root_disk_path);
ret = WIMLIB_ERR_INVALID_PARAM;
} else {
- ntpath_nchars = ntpath.Length / sizeof(wchar_t);
- wmemcpy(path, ntpath.Buffer, ntpath_nchars);
- path[ntpath_nchars] = L'\0';
-
- params->capture_root_nchars = ntpath_nchars;
- if (path[ntpath_nchars - 1] == L'\\')
- params->capture_root_nchars--;
- ret = 0;
+ ret = pathbuf_init(params, ntpath.Buffer);
}
HeapFree(GetProcessHeap(), 0, ntpath.Buffer);
if (ret)
goto out;
- status = winnt_open(path, ntpath_nchars, FILE_READ_ATTRIBUTES, &h);
+ status = winnt_open(params->cur_path, params->cur_path_nchars,
+ FILE_READ_ATTRIBUTES, &h);
if (!NT_SUCCESS(status)) {
- winnt_error(status, L"Can't open \"%ls\"", printable_path(path));
+ winnt_error(status, L"Can't open \"%ls\"", root_disk_path);
if (status == STATUS_FVE_LOCKED_VOLUME)
ret = WIMLIB_ERR_FVE_LOCKED_VOLUME;
else
goto out;
}
- get_volume_information(h, path, &ctx);
+ get_volume_information(h, &ctx);
NtClose(h);
#ifdef ENABLE_FAST_MFT_SCAN
if (ctx.is_ntfs && !_wgetenv(L"WIMLIB_DISABLE_QUERY_FILE_LAYOUT")) {
- ret = winnt_build_dentry_tree_fast(root_ret, path,
- ntpath_nchars, &ctx);
+ ret = winnt_build_dentry_tree_fast(root_ret, &ctx);
if (ret >= 0 && ret != WIMLIB_ERR_UNSUPPORTED)
goto out;
if (ret >= 0) {
}
}
#endif
- ret = winnt_build_dentry_tree_recursive(root_ret, NULL,
- path, ntpath_nchars,
- path, ntpath_nchars,
- L"", &ctx);
+ ret = winnt_build_dentry_tree(root_ret, NULL, params->cur_path,
+ params->cur_path_nchars, L"", &ctx, true);
out:
vss_put_snapshot(ctx.snapshot);
- FREE(path);
if (ret == 0)
winnt_do_scan_warnings(root_disk_path, &ctx);
return ret;