cd534a21cb507c8533a1f5e3d7c44d7011053a0a
[wimlib] / src / ntfs-capture.c
1 /*
2  * ntfs-capture.c
3  *
4  * Capture a WIM image from a NTFS volume.  We capture everything we can,
5  * including security data and alternate data streams.
6  */
7
8 /*
9  * Copyright (C) 2012 Eric Biggers
10  *
11  * This file is part of wimlib, a library for working with WIM files.
12  *
13  * wimlib is free software; you can redistribute it and/or modify it under the
14  * terms of the GNU General Public License as published by the Free
15  * Software Foundation; either version 3 of the License, or (at your option)
16  * any later version.
17  *
18  * wimlib is distributed in the hope that it will be useful, but WITHOUT ANY
19  * WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR
20  * A PARTICULAR PURPOSE. See the GNU General Public License for more
21  * details.
22  *
23  * You should have received a copy of the GNU General Public License
24  * along with wimlib; if not, see http://www.gnu.org/licenses/.
25  */
26
27 #include "config.h"
28 #include "wimlib_internal.h"
29
30
31 #ifdef WITH_NTFS_3G
32 #include "dentry.h"
33 #include "lookup_table.h"
34 #include "io.h"
35 #include <ntfs-3g/layout.h>
36 #include <ntfs-3g/acls.h>
37 #include <ntfs-3g/attrib.h>
38 #include <ntfs-3g/misc.h>
39 #include <ntfs-3g/reparse.h>
40 #include <ntfs-3g/security.h> /* security.h before xattrs.h */
41 #include <ntfs-3g/xattrs.h>
42 #include <ntfs-3g/volume.h>
43 #include <stdlib.h>
44 #include <unistd.h>
45 #include <errno.h>
46
47 #if 0
48 extern int ntfs_get_inode_security(ntfs_inode *ni, u32 selection, char *buf,
49                                    u32 buflen, u32 *psize);
50
51 extern u32 ntfs_get_inode_attributes(ntfs_inode *ni);
52 #endif
53
54 /* Structure that allows searching the security descriptors by SHA1 message
55  * digest. */
56 struct sd_set {
57         struct wim_security_data *sd;
58         struct sd_node *root;
59 };
60
61 /* Binary tree node of security descriptors, indexed by the @hash field. */
62 struct sd_node {
63         int security_id;
64         u8 hash[SHA1_HASH_SIZE];
65         struct sd_node *left;
66         struct sd_node *right;
67 };
68
69 static void free_sd_tree(struct sd_node *root)
70 {
71         if (root) {
72                 free_sd_tree(root->left);
73                 free_sd_tree(root->right);
74                 FREE(root);
75         }
76 }
77 /* Frees a security descriptor index set. */
78 static void destroy_sd_set(struct sd_set *sd_set)
79 {
80         free_sd_tree(sd_set->root);
81 }
82
83 /* Inserts a a new node into the security descriptor index tree. */
84 static void insert_sd_node(struct sd_node *new, struct sd_node *root)
85 {
86         int cmp = hashes_cmp(new->hash, root->hash);
87         if (cmp < 0) {
88                 if (root->left)
89                         insert_sd_node(new, root->left);
90                 else 
91                         root->left = new;
92         } else if (cmp > 0) {
93                 if (root->right)
94                         insert_sd_node(new, root->right);
95                 else 
96                         root->right = new;
97         } else {
98                 wimlib_assert(0);
99         }
100 }
101
102 /* Returns the security ID of the security data having a SHA1 message digest of
103  * @hash in the security descriptor index tree rooted at @root. 
104  *
105  * If not found, return -1. */
106 static int lookup_sd(const u8 hash[SHA1_HASH_SIZE], struct sd_node *root)
107 {
108         int cmp;
109         if (!root)
110                 return -1;
111         cmp = hashes_cmp(hash, root->hash);
112         if (cmp < 0)
113                 return lookup_sd(hash, root->left);
114         else if (cmp > 0)
115                 return lookup_sd(hash, root->right);
116         else
117                 return root->security_id;
118 }
119
120 /*
121  * Adds a security descriptor to the indexed security descriptor set as well as
122  * the corresponding `struct wim_security_data', and returns the new security
123  * ID; or, if there is an existing security descriptor that is the same, return
124  * the security ID for it.  If a new security descriptor cannot be allocated,
125  * return -1.
126  */
127 static int sd_set_add_sd(struct sd_set *sd_set, const char descriptor[],
128                          size_t size)
129 {
130         u8 hash[SHA1_HASH_SIZE];
131         int security_id;
132         struct sd_node *new;
133         u8 **descriptors;
134         u64 *sizes;
135         u8 *descr_copy;
136         struct wim_security_data *sd;
137
138         sha1_buffer((const u8*)descriptor, size, hash);
139
140         security_id = lookup_sd(hash, sd_set->root);
141         if (security_id >= 0)
142                 return security_id;
143
144         new = MALLOC(sizeof(*new));
145         if (!new)
146                 goto out;
147         descr_copy = MALLOC(size);
148         if (!descr_copy)
149                 goto out_free_node;
150
151         sd = sd_set->sd;
152
153         memcpy(descr_copy, descriptor, size);
154         new->security_id = sd->num_entries;
155         new->left = NULL;
156         new->right = NULL;
157         copy_hash(new->hash, hash);
158
159
160         descriptors = REALLOC(sd->descriptors,
161                               (sd->num_entries + 1) * sizeof(sd->descriptors[0]));
162         if (!descriptors)
163                 goto out_free_descr;
164         sd->descriptors = descriptors;
165         sizes = REALLOC(sd->sizes,
166                         (sd->num_entries + 1) * sizeof(sd->sizes[0]));
167         if (!sizes)
168                 goto out_free_descr;
169         sd->sizes = sizes;
170         sd->descriptors[sd->num_entries] = descr_copy;
171         sd->sizes[sd->num_entries] = size;
172         sd->num_entries++;
173         DEBUG("There are now %d security descriptors", sd->num_entries);
174         sd->total_length += size + sizeof(sd->sizes[0]);
175
176         if (sd_set->root)
177                 insert_sd_node(new, sd_set->root);
178         else
179                 sd_set->root = new;
180         return new->security_id;
181 out_free_descr:
182         FREE(descr_copy);
183 out_free_node:
184         FREE(new);
185 out:
186         return -1;
187 }
188
189 static inline ntfschar *attr_record_name(ATTR_RECORD *ar)
190 {
191         return (ntfschar*)((u8*)ar + le16_to_cpu(ar->name_offset));
192 }
193
194 /* Calculates the SHA1 message digest of a NTFS attribute. 
195  *
196  * @ni:  The NTFS inode containing the attribute.
197  * @ar:  The ATTR_RECORD describing the attribute.
198  * @md:  If successful, the returned SHA1 message digest.
199  * @reparse_tag_ret:    Optional pointer into which the first 4 bytes of the
200  *                              attribute will be written (to get the reparse
201  *                              point ID)
202  *
203  * Return 0 on success or nonzero on error.
204  */
205 static int ntfs_attr_sha1sum(ntfs_inode *ni, ATTR_RECORD *ar,
206                              u8 md[SHA1_HASH_SIZE],
207                              u32 *reparse_tag_ret)
208 {
209         s64 pos = 0;
210         s64 bytes_remaining;
211         char buf[4096];
212         ntfs_attr *na;
213         SHA_CTX ctx;
214
215         na = ntfs_attr_open(ni, ar->type, attr_record_name(ar),
216                             ar->name_length);
217         if (!na) {
218                 ERROR_WITH_ERRNO("Failed to open NTFS attribute");
219                 return WIMLIB_ERR_NTFS_3G;
220         }
221
222         bytes_remaining = na->data_size;
223         sha1_init(&ctx);
224
225         DEBUG2("Calculating SHA1 message digest (%"PRIu64" bytes)",
226                bytes_remaining);
227
228         while (bytes_remaining) {
229                 s64 to_read = min(bytes_remaining, sizeof(buf));
230                 if (ntfs_attr_pread(na, pos, to_read, buf) != to_read) {
231                         ERROR_WITH_ERRNO("Error reading NTFS attribute");
232                         return WIMLIB_ERR_NTFS_3G;
233                 }
234                 if (bytes_remaining == na->data_size && reparse_tag_ret)
235                         *reparse_tag_ret = le32_to_cpu(*(u32*)buf);
236                 sha1_update(&ctx, buf, to_read);
237                 pos += to_read;
238                 bytes_remaining -= to_read;
239         }
240         sha1_final(md, &ctx);
241         ntfs_attr_close(na);
242         return 0;
243 }
244
245 /* Load the streams from a WIM file or reparse point in the NTFS volume into the
246  * WIM lookup table */
247 static int capture_ntfs_streams(struct dentry *dentry, ntfs_inode *ni,
248                                 char path[], size_t path_len,
249                                 struct lookup_table *lookup_table,
250                                 ntfs_volume **ntfs_vol_p,
251                                 ATTR_TYPES type)
252 {
253
254         ntfs_attr_search_ctx *actx;
255         u8 attr_hash[SHA1_HASH_SIZE];
256         struct ntfs_location *ntfs_loc = NULL;
257         int ret = 0;
258         struct lookup_table_entry *lte;
259
260         DEBUG2("Capturing NTFS data streams from `%s'", path);
261
262         /* Get context to search the streams of the NTFS file. */
263         actx = ntfs_attr_get_search_ctx(ni, NULL);
264         if (!actx) {
265                 ERROR_WITH_ERRNO("Cannot get NTFS attribute search "
266                                  "context");
267                 return WIMLIB_ERR_NTFS_3G;
268         }
269
270         /* Capture each data stream or reparse data stream. */
271         while (!ntfs_attr_lookup(type, NULL, 0,
272                                  CASE_SENSITIVE, 0, NULL, 0, actx))
273         {
274                 char *stream_name_utf8;
275                 size_t stream_name_utf16_len;
276                 u32 reparse_tag;
277                 u64 data_size = ntfs_get_attribute_value_length(actx->attr);
278                 u64 name_length = actx->attr->name_length;
279
280                 if (data_size == 0) { 
281                         if (errno != 0) {
282                                 ERROR_WITH_ERRNO("Failed to get size of attribute of "
283                                                  "`%s'", path);
284                                 ret = WIMLIB_ERR_NTFS_3G;
285                                 goto out_put_actx;
286                         }
287                         /* Empty stream.  No lookup table entry is needed. */
288                         lte = NULL;
289                 } else {
290                         if (type == AT_REPARSE_POINT && data_size < 8) {
291                                 ERROR("`%s': reparse point buffer too small");
292                                 ret = WIMLIB_ERR_NTFS_3G;
293                                 goto out_put_actx;
294                         }
295                         /* Checksum the stream. */
296                         ret = ntfs_attr_sha1sum(ni, actx->attr, attr_hash, &reparse_tag);
297                         if (ret != 0)
298                                 goto out_put_actx;
299
300                         /* Make a lookup table entry for the stream, or use an existing
301                          * one if there's already an identical stream. */
302                         lte = __lookup_resource(lookup_table, attr_hash);
303                         ret = WIMLIB_ERR_NOMEM;
304                         if (lte) {
305                                 lte->refcnt++;
306                         } else {
307                                 ntfs_loc = CALLOC(1, sizeof(*ntfs_loc));
308                                 if (!ntfs_loc)
309                                         goto out_put_actx;
310                                 ntfs_loc->ntfs_vol_p = ntfs_vol_p;
311                                 ntfs_loc->path_utf8 = MALLOC(path_len + 1);
312                                 if (!ntfs_loc->path_utf8)
313                                         goto out_free_ntfs_loc;
314                                 memcpy(ntfs_loc->path_utf8, path, path_len + 1);
315                                 if (name_length) {
316                                         ntfs_loc->stream_name_utf16 = MALLOC(name_length * 2);
317                                         if (!ntfs_loc->stream_name_utf16)
318                                                 goto out_free_ntfs_loc;
319                                         memcpy(ntfs_loc->stream_name_utf16,
320                                                attr_record_name(actx->attr),
321                                                actx->attr->name_length * 2);
322                                         ntfs_loc->stream_name_utf16_num_chars = name_length;
323                                 }
324
325                                 lte = new_lookup_table_entry();
326                                 if (!lte)
327                                         goto out_free_ntfs_loc;
328                                 lte->ntfs_loc = ntfs_loc;
329                                 lte->resource_location = RESOURCE_IN_NTFS_VOLUME;
330                                 if (type == AT_REPARSE_POINT) {
331                                         dentry->reparse_tag = reparse_tag;
332                                         ntfs_loc->is_reparse_point = true;
333                                         lte->resource_entry.original_size = data_size - 8;
334                                         lte->resource_entry.size = data_size - 8;
335                                 } else {
336                                         ntfs_loc->is_reparse_point = false;
337                                         lte->resource_entry.original_size = data_size;
338                                         lte->resource_entry.size = data_size;
339                                 }
340                                 ntfs_loc = NULL;
341                                 DEBUG("Add resource for `%s' (size = %zu)",
342                                       dentry->file_name_utf8,
343                                       lte->resource_entry.original_size);
344                                 copy_hash(lte->hash, attr_hash);
345                                 lookup_table_insert(lookup_table, lte);
346                         }
347                 }
348                 if (name_length == 0) {
349                         /* Unnamed data stream.  Put the reference to it in the
350                          * dentry. */
351                         if (dentry->lte) {
352                                 ERROR("Found two un-named data streams for "
353                                       "`%s'", path);
354                                 ret = WIMLIB_ERR_NTFS_3G;
355                                 goto out_free_lte;
356                         }
357                         dentry->lte = lte;
358                 } else {
359                         /* Named data stream.  Put the reference to it in the
360                          * alternate data stream entries */
361                         struct ads_entry *new_ads_entry;
362                         size_t stream_name_utf8_len;
363                         stream_name_utf8 = utf16_to_utf8((const char*)attr_record_name(actx->attr),
364                                                          name_length * 2,
365                                                          &stream_name_utf8_len);
366                         if (!stream_name_utf8)
367                                 goto out_free_lte;
368                         new_ads_entry = dentry_add_ads(dentry, stream_name_utf8);
369                         FREE(stream_name_utf8);
370                         if (!new_ads_entry)
371                                 goto out_free_lte;
372
373                         wimlib_assert(new_ads_entry->stream_name_len == name_length * 2);
374                                 
375                         new_ads_entry->lte = lte;
376                 }
377         }
378         ret = 0;
379         goto out_put_actx;
380 out_free_lte:
381         free_lookup_table_entry(lte);
382 out_free_ntfs_loc:
383         if (ntfs_loc) {
384                 FREE(ntfs_loc->path_utf8);
385                 FREE(ntfs_loc->stream_name_utf16);
386                 FREE(ntfs_loc);
387         }
388 out_put_actx:
389         ntfs_attr_put_search_ctx(actx);
390         if (ret == 0)
391                 DEBUG2("Successfully captured NTFS streams from `%s'", path);
392         else
393                 ERROR("Failed to capture NTFS streams from `%s", path);
394         return ret;
395 }
396
397 struct readdir_ctx {
398         struct dentry       *parent;
399         ntfs_inode          *dir_ni;
400         char                *path;
401         size_t               path_len;
402         struct lookup_table *lookup_table;
403         struct sd_set       *sd_set;
404         const struct capture_config *config;
405         ntfs_volume        **ntfs_vol_p;
406         int                  flags;
407 };
408
409 static int
410 build_dentry_tree_ntfs_recursive(struct dentry **root_p, ntfs_inode *dir_ni,
411                                  ntfs_inode *ni, char path[], size_t path_len,
412                                  int name_type,
413                                  struct lookup_table *lookup_table,
414                                  struct sd_set *sd_set,
415                                  const struct capture_config *config,
416                                  ntfs_volume **ntfs_vol_p,
417                                  int flags);
418
419 static int wim_ntfs_capture_filldir(void *dirent, const ntfschar *name,
420                                     const int name_len, const int name_type,
421                                     const s64 pos, const MFT_REF mref,
422                                     const unsigned dt_type)
423 {
424         struct readdir_ctx *ctx;
425         size_t utf8_name_len;
426         char *utf8_name;
427         struct dentry *child = NULL;
428         int ret;
429         size_t path_len;
430
431         if (name_type == FILE_NAME_DOS)
432                 return 0;
433
434         ret = -1;
435
436         utf8_name = utf16_to_utf8((const char*)name, name_len * 2,
437                                   &utf8_name_len);
438         if (!utf8_name)
439                 goto out;
440
441         if (utf8_name[0] == '.' &&
442              (utf8_name[1] == '\0' ||
443               (utf8_name[1] == '.' && utf8_name[2] == '\0'))) {
444                 ret = 0;
445                 goto out_free_utf8_name;
446         }
447
448         ctx = dirent;
449
450         ntfs_inode *ni = ntfs_inode_open(ctx->dir_ni->vol, mref);
451         if (!ni) {
452                 ERROR_WITH_ERRNO("Failed to open NTFS inode");
453                 ret = 1;
454         }
455         path_len = ctx->path_len;
456         if (path_len != 1)
457                 ctx->path[path_len++] = '/';
458         memcpy(ctx->path + path_len, utf8_name, utf8_name_len + 1);
459         path_len += utf8_name_len;
460         ret = build_dentry_tree_ntfs_recursive(&child, ctx->dir_ni,
461                                                ni, ctx->path, path_len, name_type,
462                                                ctx->lookup_table, ctx->sd_set,
463                                                ctx->config, ctx->ntfs_vol_p,
464                                                ctx->flags);
465
466         if (child)
467                 link_dentry(child, ctx->parent);
468
469         ntfs_inode_close(ni);
470 out_free_utf8_name:
471         FREE(utf8_name);
472 out:
473         return ret;
474 }
475
476 static int change_dentry_short_name(struct dentry *dentry,
477                                     const char short_name_utf8[],
478                                     int short_name_utf8_len)
479 {
480         size_t short_name_utf16_len;
481         char *short_name_utf16;
482         short_name_utf16 = utf8_to_utf16(short_name_utf8, short_name_utf8_len,
483                                          &short_name_utf16_len);
484         if (!short_name_utf16) {
485                 ERROR_WITH_ERRNO("Failed to convert short name to UTF-16");
486                 return WIMLIB_ERR_NOMEM;
487         }
488         dentry->short_name = short_name_utf16;
489         dentry->short_name_len = short_name_utf16_len;
490         return 0;
491 }
492
493 /*#define HAVE_NTFS_INODE_FUNCTIONS*/
494
495 /* Recursively build a WIM dentry tree corresponding to a NTFS volume.
496  * At the same time, update the WIM lookup table with lookup table entries for
497  * the NTFS streams, and build an array of security descriptors.
498  */
499 static int build_dentry_tree_ntfs_recursive(struct dentry **root_p,
500                                             ntfs_inode *dir_ni,
501                                             ntfs_inode *ni,
502                                             char path[],
503                                             size_t path_len,
504                                             int name_type,
505                                             struct lookup_table *lookup_table,
506                                             struct sd_set *sd_set,
507                                             const struct capture_config *config,
508                                             ntfs_volume **ntfs_vol_p,
509                                             int flags)
510 {
511         u32 attributes;
512         int mrec_flags;
513         u32 sd_size = 0;
514         int ret;
515         char dos_name_utf8[64];
516         struct dentry *root;
517
518         mrec_flags = ni->mrec->flags;
519 #ifdef HAVE_NTFS_INODE_FUNCTIONS
520         attributes = ntfs_get_inode_attributes(ni);
521 #else
522         struct SECURITY_CONTEXT ctx;
523         memset(&ctx, 0, sizeof(ctx));
524         ctx.vol = ni->vol;
525         ret = ntfs_xattr_system_getxattr(&ctx, XATTR_NTFS_ATTRIB,
526                                          ni, dir_ni, (char *)&attributes,
527                                          sizeof(u32));
528         if (ret != 4) {
529                 ERROR_WITH_ERRNO("Failed to get NTFS attributes from `%s'",
530                                  path);
531                 return WIMLIB_ERR_NTFS_3G;
532         }
533 #endif
534
535         if (exclude_path(path, config, false)) {
536                 if (flags & WIMLIB_ADD_IMAGE_FLAG_VERBOSE) {
537                         const char *file_type;
538                         if (attributes & MFT_RECORD_IS_DIRECTORY)
539                                 file_type = "directory";
540                         else
541                                 file_type = "file";
542                         printf("Excluding %s `%s' from capture\n",
543                                file_type, path);
544                 }
545                 *root_p = NULL;
546                 return 0;
547         }
548
549         if (flags & WIMLIB_ADD_IMAGE_FLAG_VERBOSE)
550                 printf("Scanning `%s'\n", path);
551
552         root = new_dentry(path_basename(path));
553         if (!root)
554                 return WIMLIB_ERR_NOMEM;
555         *root_p = root;
556
557         if (dir_ni && (name_type == FILE_NAME_WIN32_AND_DOS
558                        || name_type == FILE_NAME_WIN32))
559         {
560                 ret = ntfs_get_ntfs_dos_name(ni, dir_ni, dos_name_utf8,
561                                              sizeof(dos_name_utf8));
562                 if (ret > 0) {
563                         DEBUG("Changing short name of `%s'", path);
564                         ret = change_dentry_short_name(root, dos_name_utf8,
565                                                        ret);
566                         if (ret != 0)
567                                 return ret;
568                 } else {
569                         if (errno != ENODATA) {
570                                 ERROR_WITH_ERRNO("Error getting DOS name "
571                                                  "of `%s'", path);
572                                 return WIMLIB_ERR_NTFS_3G;
573                         }
574                 }
575         }
576
577         root->creation_time    = le64_to_cpu(ni->creation_time);
578         root->last_write_time  = le64_to_cpu(ni->last_data_change_time);
579         root->last_access_time = le64_to_cpu(ni->last_access_time);
580         root->attributes       = le32_to_cpu(attributes);
581         root->link_group_id    = ni->mft_no;
582         root->resolved         = true;
583
584         if (attributes & FILE_ATTR_REPARSE_POINT) {
585                 /* Junction point, symbolic link, or other reparse point */
586                 ret = capture_ntfs_streams(root, ni, path, path_len,
587                                            lookup_table, ntfs_vol_p,
588                                            AT_REPARSE_POINT);
589         } else if (mrec_flags & MFT_RECORD_IS_DIRECTORY) {
590
591                 /* Normal directory */
592                 s64 pos = 0;
593                 struct readdir_ctx ctx = {
594                         .parent       = root,
595                         .dir_ni       = ni,
596                         .path         = path,
597                         .path_len     = path_len,
598                         .lookup_table = lookup_table,
599                         .sd_set       = sd_set,
600                         .config       = config,
601                         .ntfs_vol_p   = ntfs_vol_p,
602                         .flags        = flags,
603                 };
604                 ret = ntfs_readdir(ni, &pos, &ctx, wim_ntfs_capture_filldir);
605                 if (ret != 0) {
606                         ERROR_WITH_ERRNO("ntfs_readdir()");
607                         ret = WIMLIB_ERR_NTFS_3G;
608                 }
609         } else {
610                 /* Normal file */
611                 ret = capture_ntfs_streams(root, ni, path, path_len,
612                                            lookup_table, ntfs_vol_p,
613                                            AT_DATA);
614         }
615         if (ret != 0)
616                 return ret;
617
618 #ifdef HAVE_NTFS_INODE_FUNCTIONS
619         ret = ntfs_get_inode_security(ni,
620                                       OWNER_SECURITY_INFORMATION |
621                                       GROUP_SECURITY_INFORMATION |
622                                       DACL_SECURITY_INFORMATION  |
623                                       SACL_SECURITY_INFORMATION,
624                                       NULL, 0, &sd_size);
625         char sd[sd_size];
626         ret = ntfs_get_inode_security(ni,
627                                       OWNER_SECURITY_INFORMATION |
628                                       GROUP_SECURITY_INFORMATION |
629                                       DACL_SECURITY_INFORMATION  |
630                                       SACL_SECURITY_INFORMATION,
631                                       sd, sd_size, &sd_size);
632         if (ret == 0) {
633                 ERROR_WITH_ERRNO("Failed to get security information from "
634                                  "`%s'", path);
635                 ret = WIMLIB_ERR_NTFS_3G;
636         } else {
637                 if (ret > 0) {
638                         /*print_security_descriptor(sd, sd_size);*/
639                         root->security_id = sd_set_add_sd(sd_set, sd, ret);
640                         if (root->security_id == -1) {
641                                 ERROR("Out of memory");
642                                 return WIMLIB_ERR_NOMEM;
643                         }
644                         DEBUG("Added security ID = %u for `%s'",
645                               root->security_id, path);
646                 } else { 
647                         root->security_id = -1;
648                         DEBUG("No security ID for `%s'", path);
649                 }
650                 ret = 0;
651         }
652 #else
653         char _sd[1];
654         char *sd = _sd;
655         errno = 0;
656         ret = ntfs_xattr_system_getxattr(&ctx, XATTR_NTFS_ACL,
657                                          ni, dir_ni, sd,
658                                          sizeof(sd));
659         if (ret > sizeof(sd)) {
660                 sd = alloca(ret);
661                 ret = ntfs_xattr_system_getxattr(&ctx, XATTR_NTFS_ACL,
662                                                  ni, dir_ni, sd, ret);
663         }
664         if (ret > 0) {
665                 root->security_id = sd_set_add_sd(sd_set, sd, ret);
666                 if (root->security_id == -1) {
667                         ERROR("Out of memory");
668                         return WIMLIB_ERR_NOMEM;
669                 }
670                 DEBUG("Added security ID = %u for `%s'",
671                       root->security_id, path);
672                 ret = 0;
673         } else if (ret < 0) {
674                 ERROR_WITH_ERRNO("Failed to get security information from "
675                                  "`%s'", path);
676                 ret = WIMLIB_ERR_NTFS_3G;
677         } else {
678                 root->security_id = -1;
679                 DEBUG("No security ID for `%s'", path);
680         }
681 #endif
682         return ret;
683 }
684
685 static int build_dentry_tree_ntfs(struct dentry **root_p,
686                                   const char *device,
687                                   struct lookup_table *lookup_table,
688                                   struct wim_security_data *sd,
689                                   const struct capture_config *config,
690                                   int flags,
691                                   void *extra_arg)
692 {
693         ntfs_volume *vol;
694         ntfs_inode *root_ni;
695         int ret = 0;
696         struct sd_set sd_set = {
697                 .sd = sd,
698                 .root = NULL,
699         };
700         ntfs_volume **ntfs_vol_p = extra_arg;
701
702         DEBUG("Mounting NTFS volume `%s' read-only", device);
703         
704         vol = ntfs_mount(device, MS_RDONLY);
705         if (!vol) {
706                 ERROR_WITH_ERRNO("Failed to mount NTFS volume `%s' read-only",
707                                  device);
708                 return WIMLIB_ERR_NTFS_3G;
709         }
710         ntfs_open_secure(vol);
711
712         /* We don't want to capture the special NTFS files such as $Bitmap.  Not
713          * to be confused with "hidden" or "system" files which are real files
714          * that we do need to capture.  */
715         NVolClearShowSysFiles(vol);
716
717         DEBUG("Opening root NTFS dentry");
718         root_ni = ntfs_inode_open(vol, FILE_root);
719         if (!root_ni) {
720                 ERROR_WITH_ERRNO("Failed to open root inode of NTFS volume "
721                                  "`%s'", device);
722                 ret = WIMLIB_ERR_NTFS_3G;
723                 goto out;
724         }
725
726         /* Currently we assume that all the UTF-8 paths fit into this length and
727          * there is no check for overflow. */
728         char *path = MALLOC(32768);
729         if (!path) {
730                 ERROR("Could not allocate memory for NTFS pathname");
731                 goto out_cleanup;
732         }
733
734         path[0] = '/';
735         path[1] = '\0';
736         ret = build_dentry_tree_ntfs_recursive(root_p, NULL, root_ni, path, 1,
737                                                FILE_NAME_POSIX, lookup_table,
738                                                &sd_set, config, ntfs_vol_p,
739                                                flags);
740 out_cleanup:
741         FREE(path);
742         ntfs_inode_close(root_ni);
743         destroy_sd_set(&sd_set);
744
745 out:
746         if (ret) {
747                 if (ntfs_umount(vol, FALSE) != 0) {
748                         ERROR_WITH_ERRNO("Failed to unmount NTFS volume `%s'",
749                                          device);
750                         if (ret == 0)
751                                 ret = WIMLIB_ERR_NTFS_3G;
752                 }
753         } else {
754                 /* We need to leave the NTFS volume mounted so that we can read
755                  * the NTFS files again when we are actually writing the WIM */
756                 *ntfs_vol_p = vol;
757         }
758         return ret;
759 }
760
761
762
763 WIMLIBAPI int wimlib_add_image_from_ntfs_volume(WIMStruct *w,
764                                                 const char *device,
765                                                 const char *name,
766                                                 const char *config_str,
767                                                 size_t config_len,
768                                                 int flags)
769 {
770         if (flags & (WIMLIB_ADD_IMAGE_FLAG_DEREFERENCE)) {
771                 ERROR("Cannot dereference files when capturing directly from NTFS");
772                 return WIMLIB_ERR_INVALID_PARAM;
773         }
774         return do_add_image(w, device, name, config_str, config_len, flags,
775                             build_dentry_tree_ntfs, &w->ntfs_vol);
776 }
777
778 #else /* WITH_NTFS_3G */
779 WIMLIBAPI int wimlib_add_image_from_ntfs_volume(WIMStruct *w,
780                                                 const char *device,
781                                                 const char *name,
782                                                 const char *config_str,
783                                                 size_t config_len,
784                                                 int flags)
785 {
786         ERROR("wimlib was compiled without support for NTFS-3g, so");
787         ERROR("we cannot capture a WIM image directly from a NTFS volume");
788         return WIMLIB_ERR_UNSUPPORTED;
789 }
790 #endif /* WITH_NTFS_3G */