4 * Capture a WIM image from a NTFS volume. We capture everything we can,
5 * including security data and alternate data streams. There should be no loss
10 * Copyright (C) 2012 Eric Biggers
12 * This file is part of wimlib, a library for working with WIM files.
14 * wimlib is free software; you can redistribute it and/or modify it under the
15 * terms of the GNU Lesser General Public License as published by the Free
16 * Software Foundation; either version 2.1 of the License, or (at your option)
19 * wimlib is distributed in the hope that it will be useful, but WITHOUT ANY
20 * WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR
21 * A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
24 * You should have received a copy of the GNU Lesser General Public License
25 * along with wimlib; if not, see http://www.gnu.org/licenses/.
29 #include "wimlib_internal.h"
34 #include "lookup_table.h"
36 #include <ntfs-3g/layout.h>
37 #include <ntfs-3g/acls.h>
38 #include <ntfs-3g/attrib.h>
39 #include <ntfs-3g/misc.h>
40 #include <ntfs-3g/reparse.h>
41 #include <ntfs-3g/security.h>
42 #include <ntfs-3g/volume.h>
46 extern int ntfs_inode_get_security(ntfs_inode *ni, u32 selection, char *buf,
47 u32 buflen, u32 *psize);
49 extern int ntfs_inode_get_attributes(ntfs_inode *ni);
53 struct wim_security_data *sd;
59 u8 hash[SHA1_HASH_SIZE];
61 struct sd_node *right;
64 static void free_sd_tree(struct sd_node *root)
67 free_sd_tree(root->left);
68 free_sd_tree(root->right);
73 static void insert_sd_node(struct sd_node *new, struct sd_node *root)
75 int cmp = hashes_cmp(root->hash, new->hash);
78 insert_sd_node(new, root->left);
83 insert_sd_node(new, root->right);
91 static int lookup_sd(const u8 hash[SHA1_HASH_SIZE], struct sd_node *node)
96 cmp = hashes_cmp(hash, node->hash);
98 return lookup_sd(hash, node->left);
100 return lookup_sd(hash, node->right);
102 return node->security_id;
105 static int tree_add_sd(struct sd_tree *tree, const u8 *descriptor,
108 u8 hash[SHA1_HASH_SIZE];
114 struct wim_security_data *sd = tree->sd;
115 sha1_buffer(descriptor, size, hash);
117 security_id = lookup_sd(hash, tree->root);
118 if (security_id >= 0)
121 new = MALLOC(sizeof(struct sd_node));
124 descr_copy = MALLOC(size);
127 memcpy(descr_copy, descriptor, size);
128 new->security_id = tree->num_sds++;
131 copy_hash(new->hash, hash);
133 descriptors = REALLOC(sd->descriptors,
134 (sd->num_entries + 1) * sizeof(sd->descriptors[0]));
137 sd->descriptors = descriptors;
138 sizes = REALLOC(sd->sizes,
139 (sd->num_entries + 1) * sizeof(sd->sizes[0]));
143 sd->descriptors[sd->num_entries] = descr_copy;
144 sd->sizes[sd->num_entries] = size;
146 sd->total_length += size + 8;
149 insert_sd_node(tree->root, new);
152 return new->security_id;
161 static int build_sd_tree(struct wim_security_data *sd, struct sd_tree *tree)
164 u32 orig_num_entries = sd->num_entries;
165 u32 orig_total_length = sd->total_length;
171 for (u32 i = 0; i < sd->num_entries; i++) {
172 ret = tree_add_sd(tree, sd->descriptors[i], sd->sizes[i]);
178 sd->num_entries = orig_num_entries;
179 sd->total_length = orig_total_length;
180 free_sd_tree(tree->root);
185 static int ntfs_attr_sha1sum(ntfs_inode *ni, ATTR_RECORD *ar,
186 u8 md[SHA1_HASH_SIZE])
194 na = ntfs_attr_open(ni, ar->type,
195 (ntfschar*)((u8*)ar + le16_to_cpu(ar->name_offset)),
198 ERROR_WITH_ERRNO("Failed to open NTFS attribute");
199 return WIMLIB_ERR_NTFS_3G;
202 bytes_remaining = na->data_size;
205 while (bytes_remaining) {
206 s64 to_read = min(bytes_remaining, sizeof(buf));
207 if (ntfs_attr_pread(na, pos, to_read, buf) != to_read) {
208 ERROR_WITH_ERRNO("Error reading NTFS attribute");
209 return WIMLIB_ERR_NTFS_3G;
211 sha1_update(&ctx, buf, to_read);
213 bytes_remaining -= to_read;
215 sha1_final(md, &ctx);
220 /* Load the streams from a WIM file or reparse point in the NTFS volume into the
221 * WIM lookup table */
222 static int capture_ntfs_streams(struct dentry *dentry, ntfs_inode *ni,
223 char path[], size_t path_len,
224 struct lookup_table *lookup_table,
225 ntfs_volume **ntfs_vol_p,
229 ntfs_attr_search_ctx *actx;
230 u8 attr_hash[SHA1_HASH_SIZE];
231 struct ntfs_location *ntfs_loc;
232 struct lookup_table_entry *lte;
235 /* Get context to search the streams of the NTFS file. */
236 actx = ntfs_attr_get_search_ctx(ni, NULL);
238 ERROR_WITH_ERRNO("Cannot get attribute search "
240 return WIMLIB_ERR_NTFS_3G;
243 /* Capture each data stream or reparse data stream. */
244 while (!ntfs_attr_lookup(type, NULL, 0,
245 CASE_SENSITIVE, 0, NULL, 0, actx))
247 char *stream_name_utf8;
248 size_t stream_name_utf16_len;
250 /* Checksum the stream. */
251 ret = ntfs_attr_sha1sum(ni, actx->attr, attr_hash);
255 /* Make a lookup table entry for the stream, or use an existing
256 * one if there's already an identical stream. */
257 lte = __lookup_resource(lookup_table, attr_hash);
258 ret = WIMLIB_ERR_NOMEM;
262 struct ntfs_location *ntfs_loc;
265 ntfs_loc = CALLOC(1, sizeof(*ntfs_loc));
269 ntfs_loc->ntfs_vol_p = ntfs_vol_p;
270 ntfs_loc->path_utf8 = MALLOC(path_len + 1);
271 if (!ntfs_loc->path_utf8)
273 memcpy(ntfs_loc->path_utf8, path, path_len + 1);
274 ntfs_loc->stream_name_utf16 = MALLOC(actx->attr->name_length * 2);
275 if (!ntfs_loc->stream_name_utf16)
276 goto out_free_ntfs_loc;
277 memcpy(ntfs_loc->stream_name_utf16,
279 le16_to_cpu(actx->attr->name_offset),
280 actx->attr->name_length * 2);
282 ntfs_loc->stream_name_utf16_num_chars = actx->attr->name_length;
283 lte = new_lookup_table_entry();
285 goto out_free_ntfs_loc;
286 lte->ntfs_loc = ntfs_loc;
287 lte->resource_location = RESOURCE_IN_NTFS_VOLUME;
288 lte->resource_entry.original_size = actx->attr->data_size;
289 lte->resource_entry.size = actx->attr->data_size;
290 copy_hash(lte->hash, attr_hash);
291 lookup_table_insert(lookup_table, lte);
293 if (actx->attr->name_length == 0) {
294 wimlib_assert(!dentry->lte);
297 struct ads_entry *new_ads_entry;
298 stream_name_utf8 = utf16_to_utf8((u8*)actx->attr +
299 le16_to_cpu(actx->attr->name_offset),
300 actx->attr->name_length,
301 &stream_name_utf16_len);
302 if (!stream_name_utf8)
304 FREE(stream_name_utf8);
305 new_ads_entry = dentry_add_ads(dentry, stream_name_utf8);
309 new_ads_entry->lte = lte;
315 free_lookup_table_entry(lte);
318 FREE(ntfs_loc->path_utf8);
319 FREE(ntfs_loc->stream_name_utf16);
323 ntfs_attr_put_search_ctx(actx);
328 struct dentry *dentry;
332 struct lookup_table *lookup_table;
333 struct sd_tree *tree;
334 ntfs_volume **ntfs_vol_p;
337 static int __build_dentry_tree_ntfs(struct dentry *dentry, ntfs_inode *ni,
338 char path[], size_t path_len,
339 struct lookup_table *lookup_table,
340 struct sd_tree *tree,
341 ntfs_volume **ntfs_vol_p);
344 static int filldir(void *dirent, const ntfschar *name,
345 const int name_len, const int name_type, const s64 pos,
346 const MFT_REF mref, const unsigned dt_type)
348 struct readdir_ctx *ctx;
349 size_t utf8_name_len;
351 struct dentry *child;
357 utf8_name = utf16_to_utf8((const u8*)name, name_len * 2,
364 ntfs_inode *ni = ntfs_inode_open(ctx->dir_ni->vol, mref);
366 ERROR_WITH_ERRNO("Failed to open NTFS inode");
369 child = new_dentry(utf8_name);
373 memcpy(ctx->path + ctx->path_len, utf8_name, utf8_name_len + 1);
374 path_len = ctx->path_len + utf8_name_len;
375 ret = __build_dentry_tree_ntfs(child, ni, ctx->path, path_len,
376 ctx->lookup_table, ctx->tree,
378 link_dentry(child, ctx->dentry);
380 ntfs_inode_close(ni);
387 /* Recursively build a WIM dentry tree corresponding to a NTFS volume.
388 * At the same time, update the WIM lookup table with lookup table entries for
389 * the NTFS streams, and build an array of security descriptors.
391 static int __build_dentry_tree_ntfs(struct dentry *dentry, ntfs_inode *ni,
392 char path[], size_t path_len,
393 struct lookup_table *lookup_table,
394 struct sd_tree *tree,
395 ntfs_volume **ntfs_vol_p)
397 u32 attributes = ntfs_inode_get_attributes(ni);
398 int mrec_flags = ni->mrec->flags;
402 dentry->creation_time = le64_to_cpu(ni->creation_time);
403 dentry->last_write_time = le64_to_cpu(ni->last_data_change_time);
404 dentry->last_access_time = le64_to_cpu(ni->last_access_time);
405 dentry->security_id = le32_to_cpu(ni->security_id);
406 dentry->attributes = le32_to_cpu(attributes);
407 dentry->hard_link = ni->mft_no;
408 dentry->resolved = true;
410 if (attributes & FILE_ATTR_REPARSE_POINT) {
411 /* Junction point, symbolic link, or other reparse point */
412 ret = capture_ntfs_streams(dentry, ni, path, path_len,
413 lookup_table, ntfs_vol_p,
415 } else if (mrec_flags & MFT_RECORD_IS_DIRECTORY) {
416 /* Normal directory */
418 struct readdir_ctx ctx = {
422 .path_len = path_len,
423 .lookup_table = lookup_table,
425 .ntfs_vol_p = ntfs_vol_p,
427 ret = ntfs_readdir(ni, &pos, &ctx, filldir);
429 ret = WIMLIB_ERR_NTFS_3G;
432 ret = capture_ntfs_streams(dentry, ni, path, path_len,
433 lookup_table, ntfs_vol_p,
438 ret = ntfs_inode_get_security(ni,
439 OWNER_SECURITY_INFORMATION |
440 GROUP_SECURITY_INFORMATION |
441 DACL_SECURITY_INFORMATION |
442 SACL_SECURITY_INFORMATION,
445 ret = ntfs_inode_get_security(ni,
446 OWNER_SECURITY_INFORMATION |
447 GROUP_SECURITY_INFORMATION |
448 DACL_SECURITY_INFORMATION |
449 SACL_SECURITY_INFORMATION,
450 sd, sd_size, &sd_size);
451 dentry->security_id = tree_add_sd(tree, sd, sd_size);
455 static int build_dentry_tree_ntfs(struct dentry *root_dentry,
457 struct lookup_table *lookup_table,
458 struct wim_security_data *sd,
468 ntfs_volume **ntfs_vol_p = extra_arg;
470 vol = ntfs_mount(device, MS_RDONLY);
472 ERROR_WITH_ERRNO("Failed to mount NTFS volume `%s' read-only",
474 return WIMLIB_ERR_NTFS_3G;
476 root_ni = ntfs_inode_open(vol, FILE_root);
478 ERROR_WITH_ERRNO("Failed to open root inode of NTFS volume "
480 ret = WIMLIB_ERR_NTFS_3G;
486 ret = __build_dentry_tree_ntfs(root_dentry, root_ni, path, 1,
487 lookup_table, &tree, ntfs_vol_p);
488 ntfs_inode_close(root_ni);
491 if (ntfs_umount(vol, FALSE) != 0) {
492 ERROR_WITH_ERRNO("Failed to unmount NTFS volume `%s'", device);
494 ret = WIMLIB_ERR_NTFS_3G;
499 WIMLIBAPI int wimlib_add_image_from_ntfs_volume(WIMStruct *w,
502 const char *description,
503 const char *flags_element,
506 if (flags & (WIMLIB_ADD_IMAGE_FLAG_DEREFERENCE)) {
507 ERROR("Cannot dereference files when capturing directly from NTFS");
508 return WIMLIB_ERR_INVALID_PARAM;
510 return do_add_image(w, device, name, description, flags_element, flags,
511 build_dentry_tree_ntfs,
515 #else /* WITH_NTFS_3G */
516 WIMLIBAPI int wimlib_add_image_from_ntfs_volume(WIMStruct *w,
519 const char *description,
520 const char *flags_element,
523 ERROR("wimlib was compiled without support for NTFS-3g, so");
524 ERROR("we cannot capture a WIM image directly from a NTFS volume");
525 return WIMLIB_ERR_UNSUPPORTED;
527 #endif /* WITH_NTFS_3G */
git://wimlib.net / wimlib / blob