X-Git-Url: https://wimlib.net/git/?a=blobdiff_plain;f=src%2Fwin32_capture.c;h=bc05d70779459c59871530c88cae5585d4ead1f5;hb=876385a3ab5dde09322c094c582edd84609d85c9;hp=b5b8bc5c91e809240a77141678c49245979a3640;hpb=f1460c1d7df10acd410aea0496147c1abe9ef24c;p=wimlib diff --git a/src/win32_capture.c b/src/win32_capture.c index b5b8bc5c..bc05d707 100644 --- a/src/win32_capture.c +++ b/src/win32_capture.c @@ -5,7 +5,7 @@ */ /* - * Copyright (C) 2013-2016 Eric Biggers + * Copyright (C) 2013-2018 Eric Biggers * * This file is free software; you can redistribute it and/or modify it under * the terms of the GNU Lesser General Public License as published by the Free @@ -41,6 +41,7 @@ #include "wimlib/scan.h" #include "wimlib/win32_vss.h" #include "wimlib/wof.h" +#include "wimlib/xattr.h" struct winnt_scan_ctx { struct scan_params *params; @@ -58,10 +59,10 @@ struct winnt_scan_ctx { }; static inline const wchar_t * -printable_path(const wchar_t *full_path) +printable_path(const struct winnt_scan_ctx *ctx) { /* Skip over \\?\ or \??\ */ - return full_path + 4; + return ctx->params->cur_path + 4; } /* Description of where data is located on a Windows filesystem */ @@ -315,7 +316,7 @@ windows_file_to_string(const struct windows_file *file, u8 *buf, size_t bufsize) static int read_winnt_stream_prefix(const struct windows_file *file, - u64 size, const struct read_blob_callbacks *cbs) + u64 size, const struct consume_chunk_callback *cb) { IO_STATUS_BLOCK iosb; UNICODE_STRING name = { @@ -401,7 +402,7 @@ read_winnt_stream_prefix(const struct windows_file *file, bytes_read = iosb.Information; bytes_remaining -= bytes_read; - ret = call_consume_chunk(buf, bytes_read, cbs); + ret = consume_chunk(cb, buf, bytes_read); if (ret) break; } @@ -410,7 +411,7 @@ read_winnt_stream_prefix(const struct windows_file *file, } struct win32_encrypted_read_ctx { - const struct read_blob_callbacks *cbs; + const struct consume_chunk_callback *cb; int wimlib_err_code; u64 bytes_remaining; }; @@ -425,7 +426,7 @@ win32_encrypted_export_cb(unsigned char *data, void *_ctx, unsigned long len) if (bytes_to_consume == 0) return ERROR_SUCCESS; - ret = call_consume_chunk(data, bytes_to_consume, ctx->cbs); + ret = consume_chunk(ctx->cb, data, bytes_to_consume); if (ret) { ctx->wimlib_err_code = ret; /* It doesn't matter what error code is returned here, as long @@ -438,7 +439,7 @@ win32_encrypted_export_cb(unsigned char *data, void *_ctx, unsigned long len) static int read_win32_encrypted_file_prefix(const wchar_t *path, bool is_dir, u64 size, - const struct read_blob_callbacks *cbs) + const struct consume_chunk_callback *cb) { struct win32_encrypted_read_ctx export_ctx; DWORD err; @@ -449,7 +450,7 @@ read_win32_encrypted_file_prefix(const wchar_t *path, bool is_dir, u64 size, if (is_dir) flags |= CREATE_FOR_DIR; - export_ctx.cbs = cbs; + export_ctx.cb = cb; export_ctx.wimlib_err_code = 0; export_ctx.bytes_remaining = size; @@ -457,7 +458,7 @@ read_win32_encrypted_file_prefix(const wchar_t *path, bool is_dir, u64 size, if (err != ERROR_SUCCESS) { win32_error(err, L"Failed to open encrypted file \"%ls\" for raw read", - printable_path(path)); + path); return WIMLIB_ERR_OPEN; } err = ReadEncryptedFileRaw(win32_encrypted_export_cb, @@ -467,14 +468,14 @@ read_win32_encrypted_file_prefix(const wchar_t *path, bool is_dir, u64 size, if (ret == 0) { win32_error(err, L"Failed to read encrypted file \"%ls\"", - printable_path(path)); + path); ret = WIMLIB_ERR_READ; } } else if (export_ctx.bytes_remaining != 0) { ERROR("Only could read %"PRIu64" of %"PRIu64" bytes from " "encrypted file \"%ls\"", size - export_ctx.bytes_remaining, size, - printable_path(path)); + path); ret = WIMLIB_ERR_READ; } else { ret = 0; @@ -487,16 +488,16 @@ read_win32_encrypted_file_prefix(const wchar_t *path, bool is_dir, u64 size, * described by @blob. */ int read_windows_file_prefix(const struct blob_descriptor *blob, u64 size, - const struct read_blob_callbacks *cbs) + const struct consume_chunk_callback *cb) { const struct windows_file *file = blob->windows_file; if (unlikely(file->is_encrypted)) { bool is_dir = (blob->file_inode->i_attributes & FILE_ATTRIBUTE_DIRECTORY); - return read_win32_encrypted_file_prefix(file->path, is_dir, size, cbs); + return read_win32_encrypted_file_prefix(file->path, is_dir, size, cb); } - return read_winnt_stream_prefix(file, size, cbs); + return read_winnt_stream_prefix(file, size, cb); } /* @@ -532,7 +533,6 @@ winnt_get_short_name(HANDLE h, struct wim_dentry *dentry) */ static noinline_for_stack int winnt_load_security_descriptor(HANDLE h, struct wim_inode *inode, - const wchar_t *full_path, struct winnt_scan_ctx *ctx) { SECURITY_INFORMATION requestedInformation; @@ -650,7 +650,7 @@ out: FREE(buf); if (!NT_SUCCESS(status)) { winnt_error(status, L"\"%ls\": Can't read security descriptor", - printable_path(full_path)); + printable_path(ctx)); return WIMLIB_ERR_STAT; } return 0; @@ -659,7 +659,7 @@ out: /* Load a file's object ID into the corresponding WIM inode. */ static noinline_for_stack int winnt_load_object_id(HANDLE h, struct wim_inode *inode, - const wchar_t *full_path, struct winnt_scan_ctx *ctx) + struct winnt_scan_ctx *ctx) { FILE_OBJECTID_BUFFER buffer; NTSTATUS status; @@ -674,7 +674,8 @@ winnt_load_object_id(HANDLE h, struct wim_inode *inode, if (status == STATUS_OBJECTID_NOT_FOUND) /* No object ID */ return 0; - if (status == STATUS_INVALID_DEVICE_REQUEST) { + if (status == STATUS_INVALID_DEVICE_REQUEST || + status == STATUS_NOT_SUPPORTED /* Samba volume, WinXP */) { /* The filesystem claimed to support object IDs, but we can't * actually read them. This happens with Samba. */ ctx->vol_flags &= ~FILE_SUPPORTS_OBJECT_IDS; @@ -683,7 +684,7 @@ winnt_load_object_id(HANDLE h, struct wim_inode *inode, if (!NT_SUCCESS(status)) { winnt_error(status, L"\"%ls\": Can't read object ID", - printable_path(full_path)); + printable_path(ctx)); return WIMLIB_ERR_STAT; } @@ -696,20 +697,122 @@ winnt_load_object_id(HANDLE h, struct wim_inode *inode, return 0; } +/* Load a file's extended attributes into the corresponding WIM inode. */ +static noinline_for_stack int +winnt_load_xattrs(HANDLE h, struct wim_inode *inode, + struct winnt_scan_ctx *ctx, u32 ea_size) +{ + IO_STATUS_BLOCK iosb; + NTSTATUS status; + u8 _buf[1024] _aligned_attribute(4); + u8 *buf = _buf; + const FILE_FULL_EA_INFORMATION *ea; + struct wim_xattr_entry *entry; + int ret; + + + /* + * EaSize from FILE_EA_INFORMATION is apparently supposed to give the + * size of the buffer required for NtQueryEaFile(), but it doesn't + * actually work correctly; it can be off by about 4 bytes per xattr. + * + * So just start out by doubling the advertised size, and also handle + * STATUS_BUFFER_OVERFLOW just in case. + */ +retry: + if (unlikely(ea_size * 2 < ea_size)) + ea_size = UINT32_MAX; + else + ea_size *= 2; + if (unlikely(ea_size > sizeof(_buf))) { + buf = MALLOC(ea_size); + if (!buf) { + if (ea_size >= (1 << 20)) { + WARNING("\"%ls\": EaSize was extremely large (%u)", + printable_path(ctx), ea_size); + } + return WIMLIB_ERR_NOMEM; + } + } + + status = NtQueryEaFile(h, &iosb, buf, ea_size, + FALSE, NULL, 0, NULL, TRUE); + + if (unlikely(!NT_SUCCESS(status))) { + if (status == STATUS_BUFFER_OVERFLOW) { + if (buf != _buf) { + FREE(buf); + buf = NULL; + } + goto retry; + } + if (status == STATUS_NO_EAS_ON_FILE) { + /* + * FILE_EA_INFORMATION.EaSize was nonzero so this + * shouldn't happen, but just in case... + */ + ret = 0; + goto out; + } + winnt_error(status, L"\"%ls\": Can't read extended attributes", + printable_path(ctx)); + ret = WIMLIB_ERR_STAT; + goto out; + } + + ea = (const FILE_FULL_EA_INFORMATION *)buf; + entry = (struct wim_xattr_entry *)buf; + for (;;) { + /* + * wim_xattr_entry is not larger than FILE_FULL_EA_INFORMATION, + * so we can reuse the same buffer by overwriting the + * FILE_FULL_EA_INFORMATION with the wim_xattr_entry in-place. + */ + FILE_FULL_EA_INFORMATION _ea; + + STATIC_ASSERT(offsetof(struct wim_xattr_entry, name) <= + offsetof(FILE_FULL_EA_INFORMATION, EaName)); + wimlib_assert((u8 *)entry <= (const u8 *)ea); + + memcpy(&_ea, ea, sizeof(_ea)); + + entry->value_len = cpu_to_le16(_ea.EaValueLength); + entry->name_len = _ea.EaNameLength; + entry->flags = _ea.Flags; + memmove(entry->name, ea->EaName, _ea.EaNameLength); + entry->name[_ea.EaNameLength] = '\0'; + memmove(&entry->name[_ea.EaNameLength + 1], + &ea->EaName[_ea.EaNameLength + 1], _ea.EaValueLength); + entry = (struct wim_xattr_entry *) + &entry->name[_ea.EaNameLength + 1 + _ea.EaValueLength]; + if (_ea.NextEntryOffset == 0) + break; + ea = (const FILE_FULL_EA_INFORMATION *) + ((const u8 *)ea + _ea.NextEntryOffset); + } + wimlib_assert((u8 *)entry - buf <= ea_size); + + ret = WIMLIB_ERR_NOMEM; + if (!inode_set_xattrs(inode, buf, (u8 *)entry - buf)) + goto out; + ret = 0; +out: + if (unlikely(buf != _buf)) + FREE(buf); + return ret; +} + static int -winnt_build_dentry_tree_recursive(struct wim_dentry **root_ret, - HANDLE cur_dir, - wchar_t *full_path, - size_t full_path_nchars, - wchar_t *relative_path, - size_t relative_path_nchars, - const wchar_t *filename, - struct winnt_scan_ctx *ctx); +winnt_build_dentry_tree(struct wim_dentry **root_ret, + HANDLE cur_dir, + const wchar_t *relative_path, + size_t relative_path_nchars, + const wchar_t *filename, + struct winnt_scan_ctx *ctx, + bool recursive); static int winnt_recurse_directory(HANDLE h, - wchar_t *full_path, - size_t full_path_nchars, struct wim_dentry *parent, struct winnt_scan_ctx *ctx) { @@ -736,33 +839,28 @@ winnt_recurse_directory(HANDLE h, if (!should_ignore_filename(info->FileName, info->FileNameLength / 2)) { - wchar_t *p; - wchar_t *filename; struct wim_dentry *child; + size_t orig_path_nchars; + const wchar_t *filename; + + ret = WIMLIB_ERR_NOMEM; + filename = pathbuf_append_name(ctx->params, + info->FileName, + info->FileNameLength / 2, + &orig_path_nchars); + if (!filename) + goto out_free_buf; - p = full_path + full_path_nchars; - /* Only add a backslash if we don't already have - * one. This prevents a duplicate backslash - * from being added when the path to the capture - * dir had a trailing backslash. */ - if (*(p - 1) != L'\\') - *p++ = L'\\'; - filename = p; - p = wmempcpy(filename, info->FileName, - info->FileNameLength / 2); - *p = '\0'; - - ret = winnt_build_dentry_tree_recursive( + ret = winnt_build_dentry_tree( &child, h, - full_path, - p - full_path, filename, info->FileNameLength / 2, filename, - ctx); + ctx, + true); - full_path[full_path_nchars] = L'\0'; + pathbuf_truncate(ctx->params, orig_path_nchars); if (ret) goto out_free_buf; @@ -778,7 +876,7 @@ winnt_recurse_directory(HANDLE h, if (unlikely(status != STATUS_NO_MORE_FILES)) { winnt_error(status, L"\"%ls\": Can't read directory", - printable_path(full_path)); + printable_path(ctx)); ret = WIMLIB_ERR_READ; } out_free_buf: @@ -910,7 +1008,7 @@ out_close_root_dir: } static int -winnt_rpfix_progress(struct scan_params *params, const wchar_t *path, +winnt_rpfix_progress(struct scan_params *params, const struct link_reparse_point *link, int scan_status) { size_t print_name_nchars = link->print_name_nbytes / sizeof(wchar_t); @@ -919,14 +1017,13 @@ winnt_rpfix_progress(struct scan_params *params, const wchar_t *path, wmemcpy(print_name0, link->print_name, print_name_nchars); print_name0[print_name_nchars] = L'\0'; - params->progress.scan.cur_path = path; params->progress.scan.symlink_target = print_name0; return do_scan_progress(params, scan_status, NULL); } static int winnt_try_rpfix(struct reparse_buffer_disk *rpbuf, u16 *rpbuflen_p, - const wchar_t *path, struct scan_params *params) + struct scan_params *params) { struct link_reparse_point link; const wchar_t *rel_target; @@ -970,7 +1067,7 @@ winnt_try_rpfix(struct reparse_buffer_disk *rpbuf, u16 *rpbuflen_p, if (rel_target == link.substitute_name) { /* Target points outside of the tree being captured or had an * unrecognized path format. Don't adjust it. */ - return winnt_rpfix_progress(params, path, &link, + return winnt_rpfix_progress(params, &link, WIMLIB_SCAN_DENTRY_NOT_FIXED_SYMLINK); } @@ -1006,7 +1103,7 @@ winnt_try_rpfix(struct reparse_buffer_disk *rpbuf, u16 *rpbuflen_p, if (make_link_reparse_point(&link, rpbuf, rpbuflen_p)) return 0; - ret = winnt_rpfix_progress(params, path, &link, + ret = winnt_rpfix_progress(params, &link, WIMLIB_SCAN_DENTRY_FIXED_SYMLINK); if (ret) return ret; @@ -1019,7 +1116,7 @@ winnt_try_rpfix(struct reparse_buffer_disk *rpbuf, u16 *rpbuflen_p, * capture root. */ static noinline_for_stack int winnt_load_reparse_data(HANDLE h, struct wim_inode *inode, - const wchar_t *full_path, struct scan_params *params) + struct winnt_scan_ctx *ctx) { struct reparse_buffer_disk rpbuf; NTSTATUS status; @@ -1030,7 +1127,7 @@ winnt_load_reparse_data(HANDLE h, struct wim_inode *inode, if (inode->i_attributes & FILE_ATTRIBUTE_ENCRYPTED) { /* See comment above assign_stream_types_encrypted() */ WARNING("Ignoring reparse data of encrypted file \"%ls\"", - printable_path(full_path)); + printable_path(ctx)); return 0; } @@ -1038,7 +1135,7 @@ winnt_load_reparse_data(HANDLE h, struct wim_inode *inode, NULL, 0, &rpbuf, sizeof(rpbuf), &len); if (!NT_SUCCESS(status)) { winnt_error(status, L"\"%ls\": Can't get reparse point", - printable_path(full_path)); + printable_path(ctx)); return WIMLIB_ERR_READLINK; } @@ -1046,7 +1143,7 @@ winnt_load_reparse_data(HANDLE h, struct wim_inode *inode, if (unlikely(rpbuflen < REPARSE_DATA_OFFSET)) { ERROR("\"%ls\": reparse point buffer is too short", - printable_path(full_path)); + printable_path(ctx)); return WIMLIB_ERR_INVALID_REPARSE_DATA; } @@ -1065,8 +1162,8 @@ winnt_load_reparse_data(HANDLE h, struct wim_inode *inode, return 0; } - if (params->add_flags & WIMLIB_ADD_FLAG_RPFIX) { - ret = winnt_try_rpfix(&rpbuf, &rpbuflen, full_path, params); + if (ctx->params->add_flags & WIMLIB_ADD_FLAG_RPFIX) { + ret = winnt_try_rpfix(&rpbuf, &rpbuflen, ctx->params); if (ret == RP_FIXED) inode->i_rp_flags &= ~WIM_RP_FLAG_NOT_FIXED; else if (ret) @@ -1081,7 +1178,7 @@ winnt_load_reparse_data(HANDLE h, struct wim_inode *inode, NO_STREAM_NAME, rpbuf.rpdata, rpbuflen - REPARSE_DATA_OFFSET, - params->blob_table)) + ctx->params->blob_table)) return WIMLIB_ERR_NOMEM; return 0; @@ -1110,7 +1207,7 @@ win32_get_encrypted_file_size(const wchar_t *path, bool is_dir, u64 *size_ret) if (err != ERROR_SUCCESS) { win32_error(err, L"Failed to open encrypted file \"%ls\" for raw read", - printable_path(path)); + path); return WIMLIB_ERR_OPEN; } *size_ret = 0; @@ -1119,7 +1216,7 @@ win32_get_encrypted_file_size(const wchar_t *path, bool is_dir, u64 *size_ret) if (err != ERROR_SUCCESS) { win32_error(err, L"Failed to read raw encrypted data from \"%ls\"", - printable_path(path)); + path); ret = WIMLIB_ERR_READ; } else { ret = 0; @@ -1130,9 +1227,10 @@ win32_get_encrypted_file_size(const wchar_t *path, bool is_dir, u64 *size_ret) static int winnt_scan_efsrpc_raw_data(struct wim_inode *inode, - wchar_t *path, size_t path_nchars, struct winnt_scan_ctx *ctx) { + wchar_t *path = ctx->params->cur_path; + size_t path_nchars = ctx->params->cur_path_nchars; const bool is_dir = (inode->i_attributes & FILE_ATTRIBUTE_DIRECTORY); struct windows_file *windows_file; u64 size; @@ -1192,8 +1290,7 @@ get_data_stream_name(const wchar_t *raw_stream_name, size_t raw_stream_name_ncha } static int -winnt_scan_data_stream(const wchar_t *path, size_t path_nchars, - wchar_t *raw_stream_name, size_t raw_stream_name_nchars, +winnt_scan_data_stream(wchar_t *raw_stream_name, size_t raw_stream_name_nchars, u64 stream_size, struct wim_inode *inode, struct winnt_scan_ctx *ctx) { @@ -1211,7 +1308,8 @@ winnt_scan_data_stream(const wchar_t *path, size_t path_nchars, stream_name[stream_name_nchars] = L'\0'; - windows_file = alloc_windows_file(path, path_nchars, + windows_file = alloc_windows_file(ctx->params->cur_path, + ctx->params->cur_path_nchars, stream_name, stream_name_nchars, ctx->snapshot, false); return add_stream(inode, windows_file, stream_size, STREAM_TYPE_DATA, @@ -1233,8 +1331,7 @@ winnt_scan_data_stream(const wchar_t *path, size_t path_nchars, * already present in Windows XP. */ static noinline_for_stack int -winnt_scan_data_streams(HANDLE h, const wchar_t *path, size_t path_nchars, - struct wim_inode *inode, u64 file_size, +winnt_scan_data_streams(HANDLE h, struct wim_inode *inode, u64 file_size, struct winnt_scan_ctx *ctx) { int ret; @@ -1283,7 +1380,7 @@ winnt_scan_data_streams(HANDLE h, const wchar_t *path, size_t path_nchars, default: winnt_error(status, L"\"%ls\": Failed to query stream information", - printable_path(path)); + printable_path(ctx)); ret = WIMLIB_ERR_READ; goto out_free_buf; } @@ -1299,8 +1396,7 @@ winnt_scan_data_streams(HANDLE h, const wchar_t *path, size_t path_nchars, info = (FILE_STREAM_INFORMATION *)buf; for (;;) { /* Load the stream information. */ - ret = winnt_scan_data_stream(path, path_nchars, - info->StreamName, + ret = winnt_scan_data_stream(info->StreamName, info->StreamNameLength / 2, info->StreamSize.QuadPart, inode, ctx); @@ -1330,8 +1426,8 @@ unnamed_only: { wchar_t stream_name[] = L"::$DATA"; - ret = winnt_scan_data_stream(path, path_nchars, stream_name, 7, - file_size, inode, ctx); + ret = winnt_scan_data_stream(stream_name, 7, file_size, + inode, ctx); } out_free_buf: /* Free buffer if allocated on heap. */ @@ -1375,8 +1471,7 @@ set_sort_key(struct wim_inode *inode, u64 sort_key) static inline bool should_try_to_use_wimboot_hash(const struct wim_inode *inode, - const struct winnt_scan_ctx *ctx, - const struct scan_params *params) + const struct winnt_scan_ctx *ctx) { /* Directories and encrypted files aren't valid for external backing. */ if (inode->i_attributes & (FILE_ATTRIBUTE_DIRECTORY | @@ -1388,7 +1483,7 @@ should_try_to_use_wimboot_hash(const struct wim_inode *inode, * fixup if WOF may be attached. */ if (inode->i_attributes & FILE_ATTRIBUTE_REPARSE_POINT) return (inode->i_reparse_tag == WIM_IO_REPARSE_TAG_WOF) && - (params->add_flags & WIMLIB_ADD_FLAG_WIMBOOT); + (ctx->params->add_flags & WIMLIB_ADD_FLAG_WIMBOOT); return !ctx->wof_not_attached; } @@ -1410,7 +1505,7 @@ should_try_to_use_wimboot_hash(const struct wim_inode *inode, */ static noinline_for_stack int try_to_use_wimboot_hash(HANDLE h, struct wim_inode *inode, - struct winnt_scan_ctx *ctx, const wchar_t *full_path) + struct winnt_scan_ctx *ctx) { struct blob_table *blob_table = ctx->params->blob_table; struct wim_inode_stream *reparse_strm = NULL; @@ -1479,7 +1574,7 @@ try_to_use_wimboot_hash(HANDLE h, struct wim_inode *inode, if (status != STATUS_SUCCESS) { winnt_error(status, L"\"%ls\": FSCTL_GET_EXTERNAL_BACKING failed", - full_path); + printable_path(ctx)); return WIMLIB_ERR_STAT; } @@ -1532,6 +1627,7 @@ struct file_info { u64 last_access_time; u64 ino; u64 end_of_file; + u32 ea_size; }; static noinline_for_stack NTSTATUS @@ -1554,12 +1650,12 @@ get_file_info(HANDLE h, struct file_info *info) info->last_access_time = all_info.BasicInformation.LastAccessTime.QuadPart; info->ino = all_info.InternalInformation.IndexNumber.QuadPart; info->end_of_file = all_info.StandardInformation.EndOfFile.QuadPart; + info->ea_size = all_info.EaInformation.EaSize; return STATUS_SUCCESS; } static void -get_volume_information(HANDLE h, const wchar_t *full_path, - struct winnt_scan_ctx *ctx) +get_volume_information(HANDLE h, struct winnt_scan_ctx *ctx) { u8 _attr_info[sizeof(FILE_FS_ATTRIBUTE_INFORMATION) + 128] _aligned_attribute(8); FILE_FS_ATTRIBUTE_INFORMATION *attr_info = (void *)_attr_info; @@ -1578,7 +1674,7 @@ get_volume_information(HANDLE h, const wchar_t *full_path, !wmemcmp(attr_info->FileSystemName, L"NTFS", 4); } else { winnt_warning(status, L"\"%ls\": Can't get volume attributes", - printable_path(full_path)); + printable_path(ctx)); } /* Get volume ID. */ @@ -1593,7 +1689,7 @@ get_volume_information(HANDLE h, const wchar_t *full_path, ctx->params->capture_root_dev = vol_info.VolumeSerialNumber; } else { winnt_warning(status, L"\"%ls\": Can't get volume ID", - printable_path(full_path)); + printable_path(ctx)); } /* Get inode number. */ @@ -1602,19 +1698,18 @@ get_volume_information(HANDLE h, const wchar_t *full_path, ctx->params->capture_root_ino = file_info.ino; } else { winnt_warning(status, L"\"%ls\": Can't get file information", - printable_path(full_path)); + printable_path(ctx)); } } static int -winnt_build_dentry_tree_recursive(struct wim_dentry **root_ret, - HANDLE cur_dir, - wchar_t *full_path, - size_t full_path_nchars, - wchar_t *relative_path, - size_t relative_path_nchars, - const wchar_t *filename, - struct winnt_scan_ctx *ctx) +winnt_build_dentry_tree(struct wim_dentry **root_ret, + HANDLE cur_dir, + const wchar_t *relative_path, + size_t relative_path_nchars, + const wchar_t *filename, + struct winnt_scan_ctx *ctx, + bool recursive) { struct wim_dentry *root = NULL; struct wim_inode *inode = NULL; @@ -1624,7 +1719,7 @@ winnt_build_dentry_tree_recursive(struct wim_dentry **root_ret, struct file_info file_info; u64 sort_key; - ret = try_exclude(full_path, ctx->params); + ret = try_exclude(ctx->params); if (unlikely(ret < 0)) /* Excluded? */ goto out_progress; if (unlikely(ret > 0)) /* Error? */ @@ -1637,13 +1732,13 @@ winnt_build_dentry_tree_recursive(struct wim_dentry **root_ret, * this permission on all nondirectories. Perhaps it causes Windows to * start prefetching the file contents... */ status = winnt_openat(cur_dir, relative_path, relative_path_nchars, - FILE_READ_ATTRIBUTES | READ_CONTROL | - ACCESS_SYSTEM_SECURITY, + FILE_READ_ATTRIBUTES | FILE_READ_EA | + READ_CONTROL | ACCESS_SYSTEM_SECURITY, &h); if (unlikely(!NT_SUCCESS(status))) { if (status == STATUS_DELETE_PENDING) { WARNING("\"%ls\": Deletion pending; skipping file", - printable_path(full_path)); + printable_path(ctx)); ret = 0; goto out; } @@ -1651,12 +1746,12 @@ winnt_build_dentry_tree_recursive(struct wim_dentry **root_ret, ERROR("Can't open \"%ls\":\n" " File is in use by another process! " "Consider using snapshot (VSS) mode.", - printable_path(full_path)); + printable_path(ctx)); ret = WIMLIB_ERR_OPEN; goto out; } winnt_error(status, L"\"%ls\": Can't open file", - printable_path(full_path)); + printable_path(ctx)); if (status == STATUS_FVE_LOCKED_VOLUME) ret = WIMLIB_ERR_FVE_LOCKED_VOLUME; else @@ -1668,7 +1763,7 @@ winnt_build_dentry_tree_recursive(struct wim_dentry **root_ret, status = get_file_info(h, &file_info); if (!NT_SUCCESS(status)) { winnt_error(status, L"\"%ls\": Can't get file information", - printable_path(full_path)); + printable_path(ctx)); ret = WIMLIB_ERR_STAT; goto out; } @@ -1724,19 +1819,26 @@ winnt_build_dentry_tree_recursive(struct wim_dentry **root_ret, if (!(ctx->params->add_flags & WIMLIB_ADD_FLAG_NO_ACLS) && (ctx->vol_flags & FILE_PERSISTENT_ACLS)) { - ret = winnt_load_security_descriptor(h, inode, full_path, ctx); + ret = winnt_load_security_descriptor(h, inode, ctx); if (ret) goto out; } /* Get the file's object ID. */ - ret = winnt_load_object_id(h, inode, full_path, ctx); + ret = winnt_load_object_id(h, inode, ctx); if (ret) goto out; + /* Get the file's extended attributes. */ + if (unlikely(file_info.ea_size != 0)) { + ret = winnt_load_xattrs(h, inode, ctx, file_info.ea_size); + if (ret) + goto out; + } + /* If this is a reparse point, load the reparse data. */ if (unlikely(inode->i_attributes & FILE_ATTRIBUTE_REPARSE_POINT)) { - ret = winnt_load_reparse_data(h, inode, full_path, ctx->params); + ret = winnt_load_reparse_data(h, inode, ctx); if (ret) goto out; } @@ -1754,8 +1856,7 @@ winnt_build_dentry_tree_recursive(struct wim_dentry **root_ret, * needed. */ NtClose(h); h = NULL; - ret = winnt_scan_efsrpc_raw_data(inode, full_path, - full_path_nchars, ctx); + ret = winnt_scan_efsrpc_raw_data(inode, ctx); if (ret) goto out; } else { @@ -1770,8 +1871,6 @@ winnt_build_dentry_tree_recursive(struct wim_dentry **root_ret, * the EFSRPC data and the named data stream(s)...! */ ret = winnt_scan_data_streams(h, - full_path, - full_path_nchars, inode, file_info.end_of_file, ctx); @@ -1779,15 +1878,15 @@ winnt_build_dentry_tree_recursive(struct wim_dentry **root_ret, goto out; } - if (unlikely(should_try_to_use_wimboot_hash(inode, ctx, ctx->params))) { - ret = try_to_use_wimboot_hash(h, inode, ctx, full_path); + if (unlikely(should_try_to_use_wimboot_hash(inode, ctx))) { + ret = try_to_use_wimboot_hash(h, inode, ctx); if (ret) goto out; } set_sort_key(inode, sort_key); - if (inode_is_directory(inode)) { + if (inode_is_directory(inode) && recursive) { /* Directory: recurse to children. */ @@ -1801,32 +1900,33 @@ winnt_build_dentry_tree_recursive(struct wim_dentry **root_ret, &h); if (!NT_SUCCESS(status)) { winnt_error(status, L"\"%ls\": Can't open directory", - printable_path(full_path)); + printable_path(ctx)); ret = WIMLIB_ERR_OPEN; goto out; } - ret = winnt_recurse_directory(h, - full_path, - full_path_nchars, - root, - ctx); + ret = winnt_recurse_directory(h, root, ctx); if (ret) goto out; } out_progress: - ctx->params->progress.scan.cur_path = full_path; - if (likely(root)) - ret = do_scan_progress(ctx->params, WIMLIB_SCAN_DENTRY_OK, inode); - else - ret = do_scan_progress(ctx->params, WIMLIB_SCAN_DENTRY_EXCLUDED, NULL); + ret = 0; + if (recursive) { /* if !recursive, caller handles progress */ + if (likely(root)) + ret = do_scan_progress(ctx->params, + WIMLIB_SCAN_DENTRY_OK, inode); + else + ret = do_scan_progress(ctx->params, + WIMLIB_SCAN_DENTRY_EXCLUDED, + NULL); + } out: if (likely(h)) NtClose(h); if (unlikely(ret)) { free_dentry_tree(root, ctx->params->blob_table); root = NULL; - ret = report_scan_error(ctx->params, ret, full_path); + ret = report_scan_error(ctx->params, ret); } *root_ret = root; return ret; @@ -1986,6 +2086,10 @@ typedef struct { #define NTFS_IS_SPECIAL_FILE(ino) \ (NTFS_MFT_NO(ino) <= 15 && !NTFS_IS_ROOT_FILE(ino)) +#define NTFS_SPECIAL_STREAM_OBJECT_ID 0x00000001 +#define NTFS_SPECIAL_STREAM_EA 0x00000002 +#define NTFS_SPECIAL_STREAM_EA_INFORMATION 0x00000004 + /* Intermediate inode structure. This is used to temporarily save information * from FSCTL_QUERY_FILE_LAYOUT before creating the full 'struct wim_inode'. */ struct ntfs_inode { @@ -1998,8 +2102,8 @@ struct ntfs_inode { u32 attributes; u32 security_id; u32 num_aliases; - u32 num_streams : 31; - u32 have_object_id : 1; + u32 num_streams; + u32 special_streams; u32 first_stream_offset; struct ntfs_dentry *first_child; wchar_t short_name[13]; @@ -2170,13 +2274,10 @@ is_valid_stream_entry(const STREAM_LAYOUT_ENTRY *stream) stream->StreamIdentifierLength / 2); } -static bool -is_object_id_stream(const STREAM_LAYOUT_ENTRY *stream) -{ - return stream->StreamIdentifierLength == 24 && - !wmemcmp(stream->StreamIdentifier, L"::$OBJECT_ID", 12); -} - +/* assumes that 'id' is a wide string literal */ +#define stream_has_identifier(stream, id) \ + ((stream)->StreamIdentifierLength == sizeof(id) - 2 && \ + !memcmp((stream)->StreamIdentifier, id, sizeof(id) - 2)) /* * If the specified STREAM_LAYOUT_ENTRY represents a DATA stream as opposed to * some other type of NTFS stream such as a STANDARD_INFORMATION stream, return @@ -2213,16 +2314,18 @@ use_stream(const FILE_LAYOUT_ENTRY *file, const STREAM_LAYOUT_ENTRY *stream, /* Validate the STREAM_LAYOUT_ENTRYs of the specified file and compute the total * length in bytes of the ntfs_stream structures needed to hold the stream - * information. In addition, set *have_object_id_ret=true if the file has an - * object ID stream. */ + * information. In addition, set *special_streams_ret to a bitmask of special + * stream types that were found. */ static int validate_streams_and_compute_total_length(const FILE_LAYOUT_ENTRY *file, size_t *total_length_ret, - bool *have_object_id_ret) + u32 *special_streams_ret) { const STREAM_LAYOUT_ENTRY *stream = (const void *)file + file->FirstStreamOffset; size_t total = 0; + u32 special_streams = 0; + for (;;) { const wchar_t *name; size_t name_nchars; @@ -2242,8 +2345,12 @@ validate_streams_and_compute_total_length(const FILE_LAYOUT_ENTRY *file, if (use_stream(file, stream, &name, &name_nchars)) { total += ALIGN(sizeof(struct ntfs_stream) + (name_nchars + 1) * sizeof(wchar_t), 8); - } else if (is_object_id_stream(stream)) { - *have_object_id_ret = true; + } else if (stream_has_identifier(stream, L"::$OBJECT_ID")) { + special_streams |= NTFS_SPECIAL_STREAM_OBJECT_ID; + } else if (stream_has_identifier(stream, L"::$EA")) { + special_streams |= NTFS_SPECIAL_STREAM_EA; + } else if (stream_has_identifier(stream, L"::$EA_INFORMATION")) { + special_streams |= NTFS_SPECIAL_STREAM_EA_INFORMATION; } if (stream->NextStreamOffset == 0) break; @@ -2251,6 +2358,7 @@ validate_streams_and_compute_total_length(const FILE_LAYOUT_ENTRY *file, } *total_length_ret = total; + *special_streams_ret = special_streams; return 0; } @@ -2347,7 +2455,7 @@ load_one_file(const FILE_LAYOUT_ENTRY *file, struct ntfs_inode_map *inode_map) size_t n; int ret; void *p; - bool have_object_id = false; + u32 special_streams = 0; inode_size = ALIGN(sizeof(struct ntfs_inode), 8); @@ -2365,7 +2473,7 @@ load_one_file(const FILE_LAYOUT_ENTRY *file, struct ntfs_inode_map *inode_map) if (file_has_streams(file)) { ret = validate_streams_and_compute_total_length(file, &n, - &have_object_id); + &special_streams); if (ret) return ret; inode_size += n; @@ -2383,7 +2491,7 @@ load_one_file(const FILE_LAYOUT_ENTRY *file, struct ntfs_inode_map *inode_map) ni->last_write_time = info->BasicInformation.LastWriteTime; ni->last_access_time = info->BasicInformation.LastAccessTime; ni->security_id = info->SecurityId; - ni->have_object_id = have_object_id; + ni->special_streams = special_streams; p = FIRST_DENTRY(ni); @@ -2470,7 +2578,9 @@ load_files_from_mft(const wchar_t *path, struct ntfs_inode_map *inode_map) * all files have been enumerated. */ if (status != STATUS_END_OF_FILE) { if (status == STATUS_INVALID_DEVICE_REQUEST /* old OS */ || - status == STATUS_INVALID_PARAMETER /* not root directory */ ) { + status == STATUS_NOT_SUPPORTED /* Samba volume, WinXP */ || + status == STATUS_INVALID_PARAMETER /* not root directory */ ) + { /* Silently try standard recursive scan instead */ ret = -1; } else { @@ -2609,14 +2719,13 @@ security_map_destroy(struct security_map *map) * ntfs_stream => wim_inode_stream * * This also handles things such as exclusions and issuing progress messages. - * It's similar to winnt_build_dentry_tree_recursive(), but this is much faster - * because almost all information we need is already loaded in memory in the - * ntfs_* structures. However, in some cases we still fall back to - * winnt_build_dentry_tree_recursive() and/or opening the file. + * It's similar to winnt_build_dentry_tree(), but this is much faster because + * almost all information we need is already loaded in memory in the ntfs_* + * structures. However, in some cases we still fall back to + * winnt_build_dentry_tree() and/or opening the file. */ static int generate_wim_structures_recursive(struct wim_dentry **root_ret, - wchar_t *path, size_t path_nchars, const wchar_t *filename, bool is_primary_name, struct ntfs_inode *ni, struct winnt_scan_ctx *ctx, @@ -2632,27 +2741,28 @@ generate_wim_structures_recursive(struct wim_dentry **root_ret, if (NTFS_IS_SPECIAL_FILE(ni->ino)) goto out; - /* Fall back to a recursive scan for unhandled cases. Reparse points, + /* Fall back to the standard scan for unhandled cases. Reparse points, * in particular, can't be properly handled here because a commonly used * filter driver (WOF) hides reparse points from regular filesystem APIs * but not from FSCTL_QUERY_FILE_LAYOUT. */ if (ni->attributes & (FILE_ATTRIBUTE_REPARSE_POINT | FILE_ATTRIBUTE_ENCRYPTED) || - ni->have_object_id) + ni->special_streams != 0) { - ret = winnt_build_dentry_tree_recursive(&root, - NULL, - path, - path_nchars, - path, - path_nchars, - filename, - ctx); - goto out; + ret = winnt_build_dentry_tree(&root, NULL, + ctx->params->cur_path, + ctx->params->cur_path_nchars, + filename, ctx, false); + if (ret) /* Error? */ + goto out; + if (!root) /* Excluded? */ + goto out_progress; + inode = root->d_inode; + goto process_children; } /* Test for exclusion based on path. */ - ret = try_exclude(path, ctx->params); + ret = try_exclude(ctx->params); if (unlikely(ret < 0)) /* Excluded? */ goto out_progress; if (unlikely(ret > 0)) /* Error? */ @@ -2706,17 +2816,18 @@ generate_wim_structures_recursive(struct wim_dentry **root_ret, /* Create a mapping for this security ID and insert it * into the security map. */ - status = winnt_open(path, path_nchars, + status = winnt_open(ctx->params->cur_path, + ctx->params->cur_path_nchars, READ_CONTROL | ACCESS_SYSTEM_SECURITY, &h); if (!NT_SUCCESS(status)) { winnt_error(status, L"Can't open \"%ls\" to " "read security descriptor", - printable_path(path)); + printable_path(ctx)); ret = WIMLIB_ERR_OPEN; goto out; } - ret = winnt_load_security_descriptor(h, inode, path, ctx); + ret = winnt_load_security_descriptor(h, inode, ctx); NtClose(h); if (ret) goto out; @@ -2741,16 +2852,16 @@ generate_wim_structures_recursive(struct wim_dentry **root_ret, !(ctx->vol_flags & FILE_SUPPORTS_OPEN_BY_FILE_ID) || !(ctx->params->add_flags & WIMLIB_ADD_FLAG_FILE_PATHS_UNNEEDED)) { - windows_file = alloc_windows_file(path, - path_nchars, + windows_file = alloc_windows_file(ctx->params->cur_path, + ctx->params->cur_path_nchars, ns->name, wcslen(ns->name), ctx->snapshot, false); } else { windows_file = alloc_windows_file_for_file_id(ni->ino, - path, - ctx->params->capture_root_nchars + 1, + ctx->params->cur_path, + ctx->params->root_path_nchars, ctx->snapshot); } @@ -2767,24 +2878,23 @@ generate_wim_structures_recursive(struct wim_dentry **root_ret, /* If processing a directory, then recurse to its children. In this * version there is no need to go to disk, as we already have the list * of children cached from the MFT. */ +process_children: if (inode_is_directory(inode)) { const struct ntfs_dentry *nd = ni->first_child; while (nd != NULL) { - const size_t name_len = wcslen(nd->name); - wchar_t *p = path + path_nchars; + size_t orig_path_nchars; struct wim_dentry *child; const struct ntfs_dentry *next = nd->next_child; - if (*(p - 1) != L'\\') - *p++ = L'\\'; - p = wmempcpy(p, nd->name, name_len); - *p = '\0'; + ret = WIMLIB_ERR_NOMEM; + if (!pathbuf_append_name(ctx->params, nd->name, + wcslen(nd->name), + &orig_path_nchars)) + goto out; ret = generate_wim_structures_recursive( &child, - path, - p - path, nd->name, nd->is_primary, (void *)nd - nd->offset_from_inode, @@ -2792,7 +2902,7 @@ generate_wim_structures_recursive(struct wim_dentry **root_ret, inode_map, security_map); - path[path_nchars] = L'\0'; + pathbuf_truncate(ctx->params, orig_path_nchars); if (ret) goto out; @@ -2803,7 +2913,6 @@ generate_wim_structures_recursive(struct wim_dentry **root_ret, } out_progress: - ctx->params->progress.scan.cur_path = path; if (likely(root)) ret = do_scan_progress(ctx->params, WIMLIB_SCAN_DENTRY_OK, inode); else @@ -2823,12 +2932,14 @@ out: } static int -winnt_build_dentry_tree_fast(struct wim_dentry **root_ret, wchar_t *path, - size_t path_nchars, struct winnt_scan_ctx *ctx) +winnt_build_dentry_tree_fast(struct wim_dentry **root_ret, + struct winnt_scan_ctx *ctx) { struct ntfs_inode_map inode_map = { .root = NULL }; struct security_map security_map = { .root = NULL }; struct ntfs_inode *root = NULL; + wchar_t *path = ctx->params->cur_path; + size_t path_nchars = ctx->params->cur_path_nchars; bool adjust_path; int ret; @@ -2857,8 +2968,7 @@ winnt_build_dentry_tree_fast(struct wim_dentry **root_ret, wchar_t *path, root->num_aliases = 1; - ret = generate_wim_structures_recursive(root_ret, path, path_nchars, - L"", false, root, ctx, + ret = generate_wim_structures_recursive(root_ret, L"", false, root, ctx, &inode_map, &security_map); out: ntfs_inode_map_destroy(&inode_map); @@ -2872,28 +2982,17 @@ out: * Entry point for directory tree scans on Windows * *----------------------------------------------------------------------------*/ -#define WINDOWS_NT_MAX_PATH 32768 - int win32_build_dentry_tree(struct wim_dentry **root_ret, const wchar_t *root_disk_path, struct scan_params *params) { - wchar_t *path = NULL; struct winnt_scan_ctx ctx = { .params = params }; UNICODE_STRING ntpath; - size_t ntpath_nchars; HANDLE h = NULL; NTSTATUS status; int ret; - /* WARNING: There is no check for overflow later when this buffer is - * being used! But it's as long as the maximum path length understood - * by Windows NT (which is NOT the same as MAX_PATH). */ - path = MALLOC((WINDOWS_NT_MAX_PATH + 1) * sizeof(wchar_t)); - if (!path) - return WIMLIB_ERR_NOMEM; - if (params->add_flags & WIMLIB_ADD_FLAG_SNAPSHOT) ret = vss_create_snapshot(root_disk_path, &ntpath, &ctx.snapshot); else @@ -2903,28 +3002,21 @@ win32_build_dentry_tree(struct wim_dentry **root_ret, goto out; if (ntpath.Length < 4 * sizeof(wchar_t) || - ntpath.Length > WINDOWS_NT_MAX_PATH * sizeof(wchar_t) || wmemcmp(ntpath.Buffer, L"\\??\\", 4)) { ERROR("\"%ls\": unrecognized path format", root_disk_path); ret = WIMLIB_ERR_INVALID_PARAM; } else { - ntpath_nchars = ntpath.Length / sizeof(wchar_t); - wmemcpy(path, ntpath.Buffer, ntpath_nchars); - path[ntpath_nchars] = L'\0'; - - params->capture_root_nchars = ntpath_nchars; - if (path[ntpath_nchars - 1] == L'\\') - params->capture_root_nchars--; - ret = 0; + ret = pathbuf_init(params, ntpath.Buffer); } HeapFree(GetProcessHeap(), 0, ntpath.Buffer); if (ret) goto out; - status = winnt_open(path, ntpath_nchars, FILE_READ_ATTRIBUTES, &h); + status = winnt_open(params->cur_path, params->cur_path_nchars, + FILE_READ_ATTRIBUTES, &h); if (!NT_SUCCESS(status)) { - winnt_error(status, L"Can't open \"%ls\"", printable_path(path)); + winnt_error(status, L"Can't open \"%ls\"", root_disk_path); if (status == STATUS_FVE_LOCKED_VOLUME) ret = WIMLIB_ERR_FVE_LOCKED_VOLUME; else @@ -2932,14 +3024,13 @@ win32_build_dentry_tree(struct wim_dentry **root_ret, goto out; } - get_volume_information(h, path, &ctx); + get_volume_information(h, &ctx); NtClose(h); #ifdef ENABLE_FAST_MFT_SCAN if (ctx.is_ntfs && !_wgetenv(L"WIMLIB_DISABLE_QUERY_FILE_LAYOUT")) { - ret = winnt_build_dentry_tree_fast(root_ret, path, - ntpath_nchars, &ctx); + ret = winnt_build_dentry_tree_fast(root_ret, &ctx); if (ret >= 0 && ret != WIMLIB_ERR_UNSUPPORTED) goto out; if (ret >= 0) { @@ -2949,13 +3040,10 @@ win32_build_dentry_tree(struct wim_dentry **root_ret, } } #endif - ret = winnt_build_dentry_tree_recursive(root_ret, NULL, - path, ntpath_nchars, - path, ntpath_nchars, - L"", &ctx); + ret = winnt_build_dentry_tree(root_ret, NULL, params->cur_path, + params->cur_path_nchars, L"", &ctx, true); out: vss_put_snapshot(ctx.snapshot); - FREE(path); if (ret == 0) winnt_do_scan_warnings(root_disk_path, &ctx); return ret;