ac7648a372e0e6e3d7561544b71dcb92ea86aaed
[wimlib] / src / ntfs-capture.c
1 /*
2  * ntfs-capture.c
3  *
4  * Capture a WIM image from a NTFS volume.  We capture everything we can,
5  * including security data and alternate data streams.
6  */
7
8 /*
9  * Copyright (C) 2012 Eric Biggers
10  *
11  * This file is part of wimlib, a library for working with WIM files.
12  *
13  * wimlib is free software; you can redistribute it and/or modify it under the
14  * terms of the GNU General Public License as published by the Free
15  * Software Foundation; either version 3 of the License, or (at your option)
16  * any later version.
17  *
18  * wimlib is distributed in the hope that it will be useful, but WITHOUT ANY
19  * WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR
20  * A PARTICULAR PURPOSE. See the GNU General Public License for more
21  * details.
22  *
23  * You should have received a copy of the GNU General Public License
24  * along with wimlib; if not, see http://www.gnu.org/licenses/.
25  */
26
27
28 #include "config.h"
29
30 #include <ntfs-3g/endians.h>
31 #include <ntfs-3g/types.h>
32
33 #include "wimlib_internal.h"
34
35
36 #include "dentry.h"
37 #include "lookup_table.h"
38 #include "buffer_io.h"
39 #include <ntfs-3g/layout.h>
40 #include <ntfs-3g/acls.h>
41 #include <ntfs-3g/attrib.h>
42 #include <ntfs-3g/misc.h>
43 #include <ntfs-3g/reparse.h>
44 #include <ntfs-3g/security.h> /* security.h before xattrs.h */
45 #include <ntfs-3g/xattrs.h>
46 #include <ntfs-3g/volume.h>
47 #include <stdlib.h>
48 #include <unistd.h>
49 #include <errno.h>
50
51 /* Structure that allows searching the security descriptors by SHA1 message
52  * digest. */
53 struct sd_set {
54         struct wim_security_data *sd;
55         struct sd_node *root;
56 };
57
58 /* Binary tree node of security descriptors, indexed by the @hash field. */
59 struct sd_node {
60         int security_id;
61         u8 hash[SHA1_HASH_SIZE];
62         struct sd_node *left;
63         struct sd_node *right;
64 };
65
66 static void free_sd_tree(struct sd_node *root)
67 {
68         if (root) {
69                 free_sd_tree(root->left);
70                 free_sd_tree(root->right);
71                 FREE(root);
72         }
73 }
74 /* Frees a security descriptor index set. */
75 static void destroy_sd_set(struct sd_set *sd_set)
76 {
77         free_sd_tree(sd_set->root);
78 }
79
80 /* Inserts a a new node into the security descriptor index tree. */
81 static void insert_sd_node(struct sd_node *new, struct sd_node *root)
82 {
83         int cmp = hashes_cmp(new->hash, root->hash);
84         if (cmp < 0) {
85                 if (root->left)
86                         insert_sd_node(new, root->left);
87                 else
88                         root->left = new;
89         } else if (cmp > 0) {
90                 if (root->right)
91                         insert_sd_node(new, root->right);
92                 else
93                         root->right = new;
94         } else {
95                 wimlib_assert(0);
96         }
97 }
98
99 /* Returns the security ID of the security data having a SHA1 message digest of
100  * @hash in the security descriptor index tree rooted at @root.
101  *
102  * If not found, return -1. */
103 static int lookup_sd(const u8 hash[SHA1_HASH_SIZE], struct sd_node *root)
104 {
105         int cmp;
106         if (!root)
107                 return -1;
108         cmp = hashes_cmp(hash, root->hash);
109         if (cmp < 0)
110                 return lookup_sd(hash, root->left);
111         else if (cmp > 0)
112                 return lookup_sd(hash, root->right);
113         else
114                 return root->security_id;
115 }
116
117 /*
118  * Adds a security descriptor to the indexed security descriptor set as well as
119  * the corresponding `struct wim_security_data', and returns the new security
120  * ID; or, if there is an existing security descriptor that is the same, return
121  * the security ID for it.  If a new security descriptor cannot be allocated,
122  * return -1.
123  */
124 static int sd_set_add_sd(struct sd_set *sd_set, const char descriptor[],
125                          size_t size)
126 {
127         u8 hash[SHA1_HASH_SIZE];
128         int security_id;
129         struct sd_node *new;
130         u8 **descriptors;
131         u64 *sizes;
132         u8 *descr_copy;
133         struct wim_security_data *sd;
134
135         sha1_buffer((const u8*)descriptor, size, hash);
136
137         security_id = lookup_sd(hash, sd_set->root);
138         if (security_id >= 0)
139                 return security_id;
140
141         new = MALLOC(sizeof(*new));
142         if (!new)
143                 goto out;
144         descr_copy = MALLOC(size);
145         if (!descr_copy)
146                 goto out_free_node;
147
148         sd = sd_set->sd;
149
150         memcpy(descr_copy, descriptor, size);
151         new->security_id = sd->num_entries;
152         new->left = NULL;
153         new->right = NULL;
154         copy_hash(new->hash, hash);
155
156
157         descriptors = REALLOC(sd->descriptors,
158                               (sd->num_entries + 1) * sizeof(sd->descriptors[0]));
159         if (!descriptors)
160                 goto out_free_descr;
161         sd->descriptors = descriptors;
162         sizes = REALLOC(sd->sizes,
163                         (sd->num_entries + 1) * sizeof(sd->sizes[0]));
164         if (!sizes)
165                 goto out_free_descr;
166         sd->sizes = sizes;
167         sd->descriptors[sd->num_entries] = descr_copy;
168         sd->sizes[sd->num_entries] = size;
169         sd->num_entries++;
170         DEBUG("There are now %d security descriptors", sd->num_entries);
171         sd->total_length += size + sizeof(sd->sizes[0]);
172
173         if (sd_set->root)
174                 insert_sd_node(new, sd_set->root);
175         else
176                 sd_set->root = new;
177         return new->security_id;
178 out_free_descr:
179         FREE(descr_copy);
180 out_free_node:
181         FREE(new);
182 out:
183         return -1;
184 }
185
186 static inline ntfschar *attr_record_name(ATTR_RECORD *ar)
187 {
188         return (ntfschar*)((u8*)ar + le16_to_cpu(ar->name_offset));
189 }
190
191 /* Calculates the SHA1 message digest of a NTFS attribute.
192  *
193  * @ni:  The NTFS inode containing the attribute.
194  * @ar:  The ATTR_RECORD describing the attribute.
195  * @md:  If successful, the returned SHA1 message digest.
196  * @reparse_tag_ret:    Optional pointer into which the first 4 bytes of the
197  *                              attribute will be written (to get the reparse
198  *                              point ID)
199  *
200  * Return 0 on success or nonzero on error.
201  */
202 static int ntfs_attr_sha1sum(ntfs_inode *ni, ATTR_RECORD *ar,
203                              u8 md[SHA1_HASH_SIZE],
204                              bool is_reparse_point,
205                              u32 *reparse_tag_ret)
206 {
207         s64 pos = 0;
208         s64 bytes_remaining;
209         char buf[BUFFER_SIZE];
210         ntfs_attr *na;
211         SHA_CTX ctx;
212
213         na = ntfs_attr_open(ni, ar->type, attr_record_name(ar),
214                             ar->name_length);
215         if (!na) {
216                 ERROR_WITH_ERRNO("Failed to open NTFS attribute");
217                 return WIMLIB_ERR_NTFS_3G;
218         }
219
220         bytes_remaining = na->data_size;
221
222         if (is_reparse_point) {
223                 if (ntfs_attr_pread(na, 0, 8, buf) != 8)
224                         goto out_error;
225                 *reparse_tag_ret = le32_to_cpu(*(u32*)buf);
226                 pos = 8;
227                 bytes_remaining -= 8;
228         }
229
230         sha1_init(&ctx);
231         while (bytes_remaining) {
232                 s64 to_read = min(bytes_remaining, sizeof(buf));
233                 if (ntfs_attr_pread(na, pos, to_read, buf) != to_read)
234                         goto out_error;
235                 sha1_update(&ctx, buf, to_read);
236                 pos += to_read;
237                 bytes_remaining -= to_read;
238         }
239         sha1_final(md, &ctx);
240         ntfs_attr_close(na);
241         return 0;
242 out_error:
243         ERROR_WITH_ERRNO("Error reading NTFS attribute");
244         return WIMLIB_ERR_NTFS_3G;
245 }
246
247 /* Load the streams from a file or reparse point in the NTFS volume into the WIM
248  * lookup table */
249 static int capture_ntfs_streams(struct wim_dentry *dentry, ntfs_inode *ni,
250                                 char path[], size_t path_len,
251                                 struct wim_lookup_table *lookup_table,
252                                 ntfs_volume **ntfs_vol_p,
253                                 ATTR_TYPES type)
254 {
255         ntfs_attr_search_ctx *actx;
256         u8 attr_hash[SHA1_HASH_SIZE];
257         struct ntfs_location *ntfs_loc = NULL;
258         int ret = 0;
259         struct wim_lookup_table_entry *lte;
260
261         DEBUG2("Capturing NTFS data streams from `%s'", path);
262
263         /* Get context to search the streams of the NTFS file. */
264         actx = ntfs_attr_get_search_ctx(ni, NULL);
265         if (!actx) {
266                 ERROR_WITH_ERRNO("Cannot get NTFS attribute search "
267                                  "context");
268                 return WIMLIB_ERR_NTFS_3G;
269         }
270
271         /* Capture each data stream or reparse data stream. */
272         while (!ntfs_attr_lookup(type, NULL, 0,
273                                  CASE_SENSITIVE, 0, NULL, 0, actx))
274         {
275                 char *stream_name_utf8;
276                 u32 reparse_tag;
277                 u64 data_size = ntfs_get_attribute_value_length(actx->attr);
278                 u64 name_length = actx->attr->name_length;
279
280                 if (data_size == 0) {
281                         if (errno != 0) {
282                                 ERROR_WITH_ERRNO("Failed to get size of attribute of "
283                                                  "`%s'", path);
284                                 ret = WIMLIB_ERR_NTFS_3G;
285                                 goto out_put_actx;
286                         }
287                         /* Empty stream.  No lookup table entry is needed. */
288                         lte = NULL;
289                 } else {
290                         if (type == AT_REPARSE_POINT && data_size < 8) {
291                                 ERROR("`%s': reparse point buffer too small",
292                                       path);
293                                 ret = WIMLIB_ERR_NTFS_3G;
294                                 goto out_put_actx;
295                         }
296                         /* Checksum the stream. */
297                         ret = ntfs_attr_sha1sum(ni, actx->attr, attr_hash,
298                                                 type == AT_REPARSE_POINT, &reparse_tag);
299                         if (ret != 0)
300                                 goto out_put_actx;
301
302                         /* Make a lookup table entry for the stream, or use an existing
303                          * one if there's already an identical stream. */
304                         lte = __lookup_resource(lookup_table, attr_hash);
305                         ret = WIMLIB_ERR_NOMEM;
306                         if (lte) {
307                                 lte->refcnt++;
308                         } else {
309                                 ntfs_loc = CALLOC(1, sizeof(*ntfs_loc));
310                                 if (!ntfs_loc)
311                                         goto out_put_actx;
312                                 ntfs_loc->ntfs_vol_p = ntfs_vol_p;
313                                 ntfs_loc->path_utf8 = MALLOC(path_len + 1);
314                                 if (!ntfs_loc->path_utf8)
315                                         goto out_free_ntfs_loc;
316                                 memcpy(ntfs_loc->path_utf8, path, path_len + 1);
317                                 if (name_length) {
318                                         ntfs_loc->stream_name_utf16 = MALLOC(name_length * 2);
319                                         if (!ntfs_loc->stream_name_utf16)
320                                                 goto out_free_ntfs_loc;
321                                         memcpy(ntfs_loc->stream_name_utf16,
322                                                attr_record_name(actx->attr),
323                                                actx->attr->name_length * 2);
324                                         ntfs_loc->stream_name_utf16_num_chars = name_length;
325                                 }
326
327                                 lte = new_lookup_table_entry();
328                                 if (!lte)
329                                         goto out_free_ntfs_loc;
330                                 lte->ntfs_loc = ntfs_loc;
331                                 lte->resource_location = RESOURCE_IN_NTFS_VOLUME;
332                                 if (type == AT_REPARSE_POINT) {
333                                         dentry->d_inode->i_reparse_tag = reparse_tag;
334                                         ntfs_loc->is_reparse_point = true;
335                                         lte->resource_entry.original_size = data_size - 8;
336                                         lte->resource_entry.size = data_size - 8;
337                                 } else {
338                                         ntfs_loc->is_reparse_point = false;
339                                         lte->resource_entry.original_size = data_size;
340                                         lte->resource_entry.size = data_size;
341                                 }
342                                 ntfs_loc = NULL;
343                                 DEBUG("Add resource for `%s' (size = %"PRIu64")",
344                                       dentry->file_name_utf8,
345                                       lte->resource_entry.original_size);
346                                 copy_hash(lte->hash, attr_hash);
347                                 lookup_table_insert(lookup_table, lte);
348                         }
349                 }
350                 if (name_length == 0) {
351                         /* Unnamed data stream.  Put the reference to it in the
352                          * dentry's inode. */
353                         if (dentry->d_inode->i_lte) {
354                                 ERROR("Found two un-named data streams for "
355                                       "`%s'", path);
356                                 ret = WIMLIB_ERR_NTFS_3G;
357                                 goto out_free_lte;
358                         }
359                         dentry->d_inode->i_lte = lte;
360                 } else {
361                         /* Named data stream.  Put the reference to it in the
362                          * alternate data stream entries */
363                         struct wim_ads_entry *new_ads_entry;
364                         size_t stream_name_utf8_len;
365
366                         ret = utf16_to_utf8((const char*)attr_record_name(actx->attr),
367                                             name_length * 2,
368                                             &stream_name_utf8,
369                                             &stream_name_utf8_len);
370                         if (ret != 0)
371                                 goto out_free_lte;
372                         new_ads_entry = inode_add_ads(dentry->d_inode, stream_name_utf8);
373                         FREE(stream_name_utf8);
374                         if (!new_ads_entry)
375                                 goto out_free_lte;
376
377                         wimlib_assert(new_ads_entry->stream_name_len == name_length * 2);
378
379                         new_ads_entry->lte = lte;
380                 }
381         }
382         ret = 0;
383         goto out_put_actx;
384 out_free_lte:
385         free_lookup_table_entry(lte);
386 out_free_ntfs_loc:
387         if (ntfs_loc) {
388                 FREE(ntfs_loc->path_utf8);
389                 FREE(ntfs_loc->stream_name_utf16);
390                 FREE(ntfs_loc);
391         }
392 out_put_actx:
393         ntfs_attr_put_search_ctx(actx);
394         if (ret == 0)
395                 DEBUG2("Successfully captured NTFS streams from `%s'", path);
396         else
397                 ERROR("Failed to capture NTFS streams from `%s", path);
398         return ret;
399 }
400
401 struct readdir_ctx {
402         struct wim_dentry           *parent;
403         ntfs_inode          *dir_ni;
404         char                *path;
405         size_t               path_len;
406         struct wim_lookup_table *lookup_table;
407         struct sd_set       *sd_set;
408         const struct capture_config *config;
409         ntfs_volume        **ntfs_vol_p;
410         int                  add_image_flags;
411         wimlib_progress_func_t progress_func;
412 };
413
414 static int
415 build_dentry_tree_ntfs_recursive(struct wim_dentry **root_p, ntfs_inode *dir_ni,
416                                  ntfs_inode *ni, char path[], size_t path_len,
417                                  int name_type,
418                                  struct wim_lookup_table *lookup_table,
419                                  struct sd_set *sd_set,
420                                  const struct capture_config *config,
421                                  ntfs_volume **ntfs_vol_p,
422                                  int add_image_flags,
423                                  wimlib_progress_func_t progress_func);
424
425 static int wim_ntfs_capture_filldir(void *dirent, const ntfschar *name,
426                                     const int name_len, const int name_type,
427                                     const s64 pos, const MFT_REF mref,
428                                     const unsigned dt_type)
429 {
430         struct readdir_ctx *ctx;
431         size_t utf8_name_len;
432         char *utf8_name;
433         struct wim_dentry *child = NULL;
434         int ret;
435         size_t path_len;
436
437         if (name_type == FILE_NAME_DOS)
438                 return 0;
439
440         ret = utf16_to_utf8((const char*)name, name_len * 2,
441                             &utf8_name, &utf8_name_len);
442         if (ret != 0)
443                 return -1;
444
445         if (utf8_name[0] == '.' &&
446              (utf8_name[1] == '\0' ||
447               (utf8_name[1] == '.' && utf8_name[2] == '\0'))) {
448                 ret = 0;
449                 goto out_free_utf8_name;
450         }
451
452         ctx = dirent;
453
454         ntfs_inode *ni = ntfs_inode_open(ctx->dir_ni->vol, mref);
455         if (!ni) {
456                 ERROR_WITH_ERRNO("Failed to open NTFS inode");
457                 goto out_free_utf8_name;
458         }
459         path_len = ctx->path_len;
460         if (path_len != 1)
461                 ctx->path[path_len++] = '/';
462         memcpy(ctx->path + path_len, utf8_name, utf8_name_len + 1);
463         path_len += utf8_name_len;
464         ret = build_dentry_tree_ntfs_recursive(&child, ctx->dir_ni,
465                                                ni, ctx->path, path_len, name_type,
466                                                ctx->lookup_table, ctx->sd_set,
467                                                ctx->config, ctx->ntfs_vol_p,
468                                                ctx->add_image_flags,
469                                                ctx->progress_func);
470
471         if (child)
472                 dentry_add_child(ctx->parent, child);
473
474         ntfs_inode_close(ni);
475 out_free_utf8_name:
476         FREE(utf8_name);
477         return ret;
478 }
479
480 static int change_dentry_short_name(struct wim_dentry *dentry,
481                                     const char short_name_utf8[],
482                                     int short_name_utf8_len)
483 {
484         size_t short_name_utf16_len;
485         char *short_name_utf16;
486         int ret;
487
488         ret = utf8_to_utf16(short_name_utf8, short_name_utf8_len,
489                             &short_name_utf16, &short_name_utf16_len);
490         if (ret == 0) {
491                 dentry->short_name = short_name_utf16;
492                 dentry->short_name_len = short_name_utf16_len;
493         }
494         return ret;
495 }
496
497 /* Recursively build a WIM dentry tree corresponding to a NTFS volume.
498  * At the same time, update the WIM lookup table with lookup table entries for
499  * the NTFS streams, and build an array of security descriptors.
500  */
501 static int build_dentry_tree_ntfs_recursive(struct wim_dentry **root_p,
502                                             ntfs_inode *dir_ni,
503                                             ntfs_inode *ni,
504                                             char path[],
505                                             size_t path_len,
506                                             int name_type,
507                                             struct wim_lookup_table *lookup_table,
508                                             struct sd_set *sd_set,
509                                             const struct capture_config *config,
510                                             ntfs_volume **ntfs_vol_p,
511                                             int add_image_flags,
512                                             wimlib_progress_func_t progress_func)
513 {
514         u32 attributes;
515         int mrec_flags;
516         int ret;
517         struct wim_dentry *root;
518
519         if (exclude_path(path, config, false)) {
520                 if ((add_image_flags & WIMLIB_ADD_IMAGE_FLAG_VERBOSE)
521                     && progress_func)
522                 {
523                         union wimlib_progress_info info;
524                         info.scan.cur_path = path;
525                         info.scan.excluded = true;
526                         progress_func(WIMLIB_PROGRESS_MSG_SCAN_DENTRY, &info);
527                 }
528                 *root_p = NULL;
529                 return 0;
530         }
531
532         mrec_flags = ni->mrec->flags;
533         struct SECURITY_CONTEXT ctx;
534         memset(&ctx, 0, sizeof(ctx));
535         ctx.vol = ni->vol;
536         ret = ntfs_xattr_system_getxattr(&ctx, XATTR_NTFS_ATTRIB,
537                                          ni, dir_ni, (char *)&attributes,
538                                          sizeof(u32));
539         if (ret != 4) {
540                 ERROR_WITH_ERRNO("Failed to get NTFS attributes from `%s'",
541                                  path);
542                 return WIMLIB_ERR_NTFS_3G;
543         }
544
545         if ((add_image_flags & WIMLIB_ADD_IMAGE_FLAG_VERBOSE)
546             && progress_func)
547         {
548                 union wimlib_progress_info info;
549                 info.scan.cur_path = path;
550                 info.scan.excluded = false;
551                 progress_func(WIMLIB_PROGRESS_MSG_SCAN_DENTRY, &info);
552         }
553
554         root = new_dentry_with_timeless_inode(path_basename(path));
555         if (!root) {
556                 if (errno == EILSEQ)
557                         return WIMLIB_ERR_INVALID_UTF8_STRING;
558                 else if (errno == ENOMEM)
559                         return WIMLIB_ERR_NOMEM;
560                 else
561                         return WIMLIB_ERR_ICONV_NOT_AVAILABLE;
562         }
563         *root_p = root;
564
565         if (dir_ni && (name_type == FILE_NAME_WIN32_AND_DOS
566                        || name_type == FILE_NAME_WIN32))
567         {
568                 char dos_name_utf8[12 * 4 + 1] = {0};
569                 ret = ntfs_get_ntfs_dos_name(ni, dir_ni, dos_name_utf8,
570                                              sizeof(dos_name_utf8) - 1);
571                 if (ret > 0) {
572                         DEBUG("Changing short name of `%s'", path);
573                         ret = change_dentry_short_name(root, dos_name_utf8,
574                                                        ret);
575                         if (ret != 0)
576                                 return ret;
577                 } else {
578                         if (
579                 #ifdef ENODATA
580                             errno != ENODATA &&
581                 #endif
582                             errno != EMLINK
583                             ) {
584                                 ERROR_WITH_ERRNO("Error getting DOS name "
585                                                  "of `%s'", path);
586                                 return WIMLIB_ERR_NTFS_3G;
587                         }
588                 }
589         }
590
591         root->d_inode->i_creation_time    = le64_to_cpu(ni->creation_time);
592         root->d_inode->i_last_write_time  = le64_to_cpu(ni->last_data_change_time);
593         root->d_inode->i_last_access_time = le64_to_cpu(ni->last_access_time);
594         root->d_inode->i_attributes       = le32_to_cpu(attributes);
595         root->d_inode->i_ino              = ni->mft_no;
596         root->d_inode->i_resolved         = 1;
597
598         if (attributes & FILE_ATTR_REPARSE_POINT) {
599                 /* Junction point, symbolic link, or other reparse point */
600                 ret = capture_ntfs_streams(root, ni, path, path_len,
601                                            lookup_table, ntfs_vol_p,
602                                            AT_REPARSE_POINT);
603         } else if (mrec_flags & MFT_RECORD_IS_DIRECTORY) {
604
605                 /* Normal directory */
606                 s64 pos = 0;
607                 struct readdir_ctx ctx = {
608                         .parent       = root,
609                         .dir_ni       = ni,
610                         .path         = path,
611                         .path_len     = path_len,
612                         .lookup_table = lookup_table,
613                         .sd_set       = sd_set,
614                         .config       = config,
615                         .ntfs_vol_p   = ntfs_vol_p,
616                         .add_image_flags = add_image_flags,
617                         .progress_func = progress_func,
618                 };
619                 ret = ntfs_readdir(ni, &pos, &ctx, wim_ntfs_capture_filldir);
620                 if (ret != 0) {
621                         ERROR_WITH_ERRNO("ntfs_readdir()");
622                         ret = WIMLIB_ERR_NTFS_3G;
623                 }
624         } else {
625                 /* Normal file */
626                 ret = capture_ntfs_streams(root, ni, path, path_len,
627                                            lookup_table, ntfs_vol_p,
628                                            AT_DATA);
629         }
630         if (ret != 0)
631                 return ret;
632
633         char _sd[1];
634         char *sd = _sd;
635         errno = 0;
636         ret = ntfs_xattr_system_getxattr(&ctx, XATTR_NTFS_ACL,
637                                          ni, dir_ni, sd,
638                                          sizeof(sd));
639         if (ret > sizeof(sd)) {
640                 sd = alloca(ret);
641                 ret = ntfs_xattr_system_getxattr(&ctx, XATTR_NTFS_ACL,
642                                                  ni, dir_ni, sd, ret);
643         }
644         if (ret > 0) {
645                 root->d_inode->i_security_id = sd_set_add_sd(sd_set, sd, ret);
646                 if (root->d_inode->i_security_id == -1) {
647                         ERROR("Out of memory");
648                         return WIMLIB_ERR_NOMEM;
649                 }
650                 DEBUG("Added security ID = %u for `%s'",
651                       root->d_inode->i_security_id, path);
652                 ret = 0;
653         } else if (ret < 0) {
654                 ERROR_WITH_ERRNO("Failed to get security information from "
655                                  "`%s'", path);
656                 ret = WIMLIB_ERR_NTFS_3G;
657         } else {
658                 root->d_inode->i_security_id = -1;
659                 DEBUG("No security ID for `%s'", path);
660         }
661         return ret;
662 }
663
664 int build_dentry_tree_ntfs(struct wim_dentry **root_p,
665                            const char *device,
666                            struct wim_lookup_table *lookup_table,
667                            struct wim_security_data *sd,
668                            const struct capture_config *config,
669                            int add_image_flags,
670                            wimlib_progress_func_t progress_func,
671                            void *extra_arg)
672 {
673         ntfs_volume *vol;
674         ntfs_inode *root_ni;
675         int ret = 0;
676         struct sd_set sd_set = {
677                 .sd = sd,
678                 .root = NULL,
679         };
680         ntfs_volume **ntfs_vol_p = extra_arg;
681
682         DEBUG("Mounting NTFS volume `%s' read-only", device);
683
684 #ifdef HAVE_NTFS_MNT_RDONLY
685         /* NTFS-3g 2013 */
686         vol = ntfs_mount(device, NTFS_MNT_RDONLY);
687 #else
688         /* NTFS-3g 2011, 2012 */
689         vol = ntfs_mount(device, MS_RDONLY);
690 #endif
691         if (!vol) {
692                 ERROR_WITH_ERRNO("Failed to mount NTFS volume `%s' read-only",
693                                  device);
694                 return WIMLIB_ERR_NTFS_3G;
695         }
696         ntfs_open_secure(vol);
697
698         /* We don't want to capture the special NTFS files such as $Bitmap.  Not
699          * to be confused with "hidden" or "system" files which are real files
700          * that we do need to capture.  */
701         NVolClearShowSysFiles(vol);
702
703         DEBUG("Opening root NTFS dentry");
704         root_ni = ntfs_inode_open(vol, FILE_root);
705         if (!root_ni) {
706                 ERROR_WITH_ERRNO("Failed to open root inode of NTFS volume "
707                                  "`%s'", device);
708                 ret = WIMLIB_ERR_NTFS_3G;
709                 goto out;
710         }
711
712         /* Currently we assume that all the UTF-8 paths fit into this length and
713          * there is no check for overflow. */
714         char *path = MALLOC(32768);
715         if (!path) {
716                 ERROR("Could not allocate memory for NTFS pathname");
717                 goto out_cleanup;
718         }
719
720         path[0] = '/';
721         path[1] = '\0';
722         ret = build_dentry_tree_ntfs_recursive(root_p, NULL, root_ni, path, 1,
723                                                FILE_NAME_POSIX, lookup_table,
724                                                &sd_set, config, ntfs_vol_p,
725                                                add_image_flags,
726                                                progress_func);
727 out_cleanup:
728         FREE(path);
729         ntfs_inode_close(root_ni);
730         destroy_sd_set(&sd_set);
731
732 out:
733         ntfs_index_ctx_put(vol->secure_xsii);
734         ntfs_index_ctx_put(vol->secure_xsdh);
735         ntfs_inode_close(vol->secure_ni);
736
737         if (ret) {
738                 if (ntfs_umount(vol, FALSE) != 0) {
739                         ERROR_WITH_ERRNO("Failed to unmount NTFS volume `%s'",
740                                          device);
741                         if (ret == 0)
742                                 ret = WIMLIB_ERR_NTFS_3G;
743                 }
744         } else {
745                 /* We need to leave the NTFS volume mounted so that we can read
746                  * the NTFS files again when we are actually writing the WIM */
747                 *ntfs_vol_p = vol;
748         }
749         return ret;
750 }