Comments etc.
[wimlib] / src / ntfs-capture.c
1 /*
2  * ntfs-capture.c
3  *
4  * Capture a WIM image from a NTFS volume.  We capture everything we can,
5  * including security data and alternate data streams.  There should be no loss
6  * of information.
7  */
8
9 /*
10  * Copyright (C) 2012 Eric Biggers
11  *
12  * This file is part of wimlib, a library for working with WIM files.
13  *
14  * wimlib is free software; you can redistribute it and/or modify it under the
15  * terms of the GNU Lesser General Public License as published by the Free
16  * Software Foundation; either version 2.1 of the License, or (at your option)
17  * any later version.
18  *
19  * wimlib is distributed in the hope that it will be useful, but WITHOUT ANY
20  * WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR
21  * A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
22  * details.
23  *
24  * You should have received a copy of the GNU Lesser General Public License
25  * along with wimlib; if not, see http://www.gnu.org/licenses/.
26  */
27
28 #include "config.h"
29 #include "wimlib_internal.h"
30
31
32 #ifdef WITH_NTFS_3G
33 #include "dentry.h"
34 #include "lookup_table.h"
35 #include "io.h"
36 #include <ntfs-3g/layout.h>
37 #include <ntfs-3g/acls.h>
38 #include <ntfs-3g/attrib.h>
39 #include <ntfs-3g/misc.h>
40 #include <ntfs-3g/reparse.h>
41 #include <ntfs-3g/security.h>
42 #include <ntfs-3g/volume.h>
43 #include <stdlib.h>
44 #include <unistd.h>
45
46 extern int ntfs_inode_get_security(ntfs_inode *ni, u32 selection, char *buf,
47                                    u32 buflen, u32 *psize);
48
49 extern int ntfs_inode_get_attributes(ntfs_inode *ni);
50
51 /* Structure that allows searching the security descriptors by SHA1 message
52  * digest. */
53 struct sd_set {
54         struct wim_security_data *sd;
55         struct sd_node *root;
56 };
57
58 /* Binary tree node of security descriptors, indexed by the @hash field. */
59 struct sd_node {
60         int security_id;
61         u8 hash[SHA1_HASH_SIZE];
62         struct sd_node *left;
63         struct sd_node *right;
64 };
65
66 static void free_sd_tree(struct sd_node *root)
67 {
68         if (root) {
69                 free_sd_tree(root->left);
70                 free_sd_tree(root->right);
71                 FREE(root);
72         }
73 }
74 /* Frees a security descriptor index set. */
75 static void destroy_sd_set(struct sd_set *sd_set)
76 {
77         free_sd_tree(sd_set->root);
78 }
79
80 /* Inserts a a new node into the security descriptor index tree. */
81 static void insert_sd_node(struct sd_node *new, struct sd_node *root)
82 {
83         int cmp = hashes_cmp(new->hash, root->hash);
84         if (cmp < 0) {
85                 if (root->left)
86                         insert_sd_node(new, root->left);
87                 else 
88                         root->left = new;
89         } else if (cmp > 0) {
90                 if (root->right)
91                         insert_sd_node(new, root->right);
92                 else 
93                         root->right = new;
94         } else {
95                 wimlib_assert(0);
96         }
97 }
98
99 /* Returns the security ID of the security data having a SHA1 message digest of
100  * @hash in the security descriptor index tree rooted at @root. 
101  *
102  * If not found, return -1. */
103 static int lookup_sd(const u8 hash[SHA1_HASH_SIZE], struct sd_node *root)
104 {
105         int cmp;
106         if (!root)
107                 return -1;
108         cmp = hashes_cmp(hash, root->hash);
109         if (cmp < 0)
110                 return lookup_sd(hash, root->left);
111         else if (cmp > 0)
112                 return lookup_sd(hash, root->right);
113         else
114                 return root->security_id;
115 }
116
117 /*
118  * Adds a security descriptor to the indexed security descriptor set as well as
119  * the corresponding `struct wim_security_data', and returns the new security
120  * ID; or, if there is an existing security descriptor that is the same, return
121  * the security ID for it.  If a new security descriptor cannot be allocated,
122  * return -1.
123  */
124 static int sd_set_add_sd(struct sd_set *sd_set, const char descriptor[],
125                          size_t size)
126 {
127         u8 hash[SHA1_HASH_SIZE];
128         int security_id;
129         struct sd_node *new;
130         u8 **descriptors;
131         u64 *sizes;
132         u8 *descr_copy;
133         struct wim_security_data *sd;
134
135         sha1_buffer((const u8*)descriptor, size, hash);
136         security_id = lookup_sd(hash, sd_set->root);
137         if (security_id >= 0)
138                 return security_id;
139
140         new = MALLOC(sizeof(*new));
141         if (!new)
142                 goto out;
143         descr_copy = MALLOC(size);
144         if (!descr_copy)
145                 goto out_free_node;
146
147         sd = sd_set->sd;
148
149         memcpy(descr_copy, descriptor, size);
150         new->security_id = sd->num_entries;
151         new->left = NULL;
152         new->right = NULL;
153         copy_hash(new->hash, hash);
154
155
156         descriptors = REALLOC(sd->descriptors,
157                               (sd->num_entries + 1) * sizeof(sd->descriptors[0]));
158         if (!descriptors)
159                 goto out_free_descr;
160         sd->descriptors = descriptors;
161         sizes = REALLOC(sd->sizes,
162                         (sd->num_entries + 1) * sizeof(sd->sizes[0]));
163         if (!sizes)
164                 goto out_free_descr;
165         sd->sizes = sizes;
166         sd->descriptors[sd->num_entries] = descr_copy;
167         sd->sizes[sd->num_entries] = size;
168         sd->num_entries++;
169         DEBUG("There are now %d security descriptors", sd->num_entries);
170         sd->total_length += size + sizeof(sd->sizes[0]);
171
172         if (sd_set->root)
173                 insert_sd_node(sd_set->root, new);
174         else
175                 sd_set->root = new;
176         return new->security_id;
177 out_free_descr:
178         FREE(descr_copy);
179 out_free_node:
180         FREE(new);
181 out:
182         return -1;
183 }
184
185 static inline ntfschar *attr_record_name(ATTR_RECORD *ar)
186 {
187         return (ntfschar*)((u8*)ar + le16_to_cpu(ar->name_offset));
188 }
189
190 /* Calculates the SHA1 message digest of a NTFS attribute. 
191  *
192  * @ni:  The NTFS inode containing the attribute.
193  * @ar:  The ATTR_RECORD describing the attribute.
194  * @md:  If successful, the returned SHA1 message digest.
195  *
196  * Return 0 on success or nonzero on error.
197  */
198 static int ntfs_attr_sha1sum(ntfs_inode *ni, ATTR_RECORD *ar,
199                              u8 md[SHA1_HASH_SIZE])
200 {
201         s64 pos = 0;
202         s64 bytes_remaining;
203         char buf[4096];
204         ntfs_attr *na;
205         SHA_CTX ctx;
206
207         na = ntfs_attr_open(ni, ar->type, attr_record_name(ar),
208                             ar->name_length);
209         if (!na) {
210                 ERROR_WITH_ERRNO("Failed to open NTFS attribute");
211                 return WIMLIB_ERR_NTFS_3G;
212         }
213
214         bytes_remaining = na->data_size;
215         sha1_init(&ctx);
216
217         DEBUG("Calculating SHA1 message digest (%"PRIu64" bytes)",
218                         bytes_remaining);
219
220         while (bytes_remaining) {
221                 s64 to_read = min(bytes_remaining, sizeof(buf));
222                 if (ntfs_attr_pread(na, pos, to_read, buf) != to_read) {
223                         ERROR_WITH_ERRNO("Error reading NTFS attribute");
224                         return WIMLIB_ERR_NTFS_3G;
225                 }
226                 sha1_update(&ctx, buf, to_read);
227                 pos += to_read;
228                 bytes_remaining -= to_read;
229         }
230         sha1_final(md, &ctx);
231         ntfs_attr_close(na);
232         return 0;
233 }
234
235 /* Load the streams from a WIM file or reparse point in the NTFS volume into the
236  * WIM lookup table */
237 static int capture_ntfs_streams(struct dentry *dentry, ntfs_inode *ni,
238                                 char path[], size_t path_len,
239                                 struct lookup_table *lookup_table,
240                                 ntfs_volume **ntfs_vol_p,
241                                 ATTR_TYPES type)
242 {
243
244         ntfs_attr_search_ctx *actx;
245         u8 attr_hash[SHA1_HASH_SIZE];
246         struct ntfs_location *ntfs_loc = NULL;
247         struct lookup_table_entry *lte;
248         int ret = 0;
249
250         DEBUG("Capturing NTFS data streams from `%s'", path);
251
252         /* Get context to search the streams of the NTFS file. */
253         actx = ntfs_attr_get_search_ctx(ni, NULL);
254         if (!actx) {
255                 ERROR_WITH_ERRNO("Cannot get NTFS attribute search "
256                                  "context");
257                 return WIMLIB_ERR_NTFS_3G;
258         }
259
260         /* Capture each data stream or reparse data stream. */
261         while (!ntfs_attr_lookup(type, NULL, 0,
262                                  CASE_SENSITIVE, 0, NULL, 0, actx))
263         {
264                 char *stream_name_utf8;
265                 size_t stream_name_utf16_len;
266
267                 /* Checksum the stream. */
268                 ret = ntfs_attr_sha1sum(ni, actx->attr, attr_hash);
269                 if (ret != 0)
270                         goto out_put_actx;
271
272                 /* Make a lookup table entry for the stream, or use an existing
273                  * one if there's already an identical stream. */
274                 lte = __lookup_resource(lookup_table, attr_hash);
275                 ret = WIMLIB_ERR_NOMEM;
276                 if (lte) {
277                         lte->refcnt++;
278                 } else {
279                         ntfs_loc = CALLOC(1, sizeof(*ntfs_loc));
280                         if (!ntfs_loc)
281                                 goto out_put_actx;
282                         ntfs_loc->ntfs_vol_p = ntfs_vol_p;
283                         ntfs_loc->path_utf8 = MALLOC(path_len + 1);
284                         if (!ntfs_loc->path_utf8)
285                                 goto out_free_ntfs_loc;
286                         memcpy(ntfs_loc->path_utf8, path, path_len + 1);
287                         ntfs_loc->stream_name_utf16 = MALLOC(actx->attr->name_length * 2);
288                         if (!ntfs_loc->stream_name_utf16)
289                                 goto out_free_ntfs_loc;
290                         memcpy(ntfs_loc->stream_name_utf16,
291                                attr_record_name(actx->attr),
292                                actx->attr->name_length * 2);
293
294                         ntfs_loc->stream_name_utf16_num_chars = actx->attr->name_length;
295                         ntfs_loc->is_reparse_point = (type == AT_REPARSE_POINT);
296                         lte = new_lookup_table_entry();
297                         if (!lte)
298                                 goto out_free_ntfs_loc;
299                         lte->ntfs_loc = ntfs_loc;
300                         lte->resource_location = RESOURCE_IN_NTFS_VOLUME;
301                         lte->resource_entry.original_size = actx->attr->data_size;
302                         lte->resource_entry.size = actx->attr->data_size;
303                         DEBUG("Add resource for `%s' (size = %zu)",
304                                 dentry->file_name_utf8,
305                                 lte->resource_entry.original_size);
306                         copy_hash(lte->hash, attr_hash);
307                         lookup_table_insert(lookup_table, lte);
308                 }
309                 if (actx->attr->name_length == 0) {
310                         if (dentry->lte) {
311                                 ERROR("Found two un-named data streams for "
312                                       "`%s'", path);
313                                 ret = WIMLIB_ERR_NTFS_3G;
314                                 goto out_free_lte;
315                         }
316                         dentry->lte = lte;
317                 } else {
318                         struct ads_entry *new_ads_entry;
319                         size_t stream_name_utf8_len;
320                         stream_name_utf8 = utf16_to_utf8((const char*)attr_record_name(actx->attr),
321                                                          actx->attr->name_length,
322                                                          &stream_name_utf8_len);
323                         if (!stream_name_utf8)
324                                 goto out_free_lte;
325                         new_ads_entry = dentry_add_ads(dentry, stream_name_utf8);
326                         FREE(stream_name_utf8);
327                         if (!new_ads_entry)
328                                 goto out_free_lte;
329                                 
330                         new_ads_entry->lte = lte;
331                 }
332         }
333         ret = 0;
334         goto out_put_actx;
335 out_free_lte:
336         free_lookup_table_entry(lte);
337 out_free_ntfs_loc:
338         if (ntfs_loc) {
339                 FREE(ntfs_loc->path_utf8);
340                 FREE(ntfs_loc->stream_name_utf16);
341                 FREE(ntfs_loc);
342         }
343 out_put_actx:
344         ntfs_attr_put_search_ctx(actx);
345         if (ret == 0)
346                 DEBUG("Successfully captured NTFS streams from `%s'", path);
347         else
348                 DEBUG("Failed to capture NTFS streams from `%s", path);
349         return ret;
350 }
351
352 struct readdir_ctx {
353         struct dentry       *parent;
354         ntfs_inode          *dir_ni;
355         char                *path;
356         size_t               path_len;
357         struct lookup_table *lookup_table;
358         struct sd_set       *sd_set;
359         const struct capture_config *config;
360         ntfs_volume        **ntfs_vol_p;
361 };
362
363 static int
364 build_dentry_tree_ntfs_recursive(struct dentry **root_p, ntfs_inode *ni,
365                                  char path[], size_t path_len,
366                                  struct lookup_table *lookup_table,
367                                  struct sd_set *sd_set,
368                                  const struct capture_config *config,
369                                  ntfs_volume **ntfs_vol_p);
370
371 static int wim_ntfs_capture_filldir(void *dirent, const ntfschar *name,
372                                     const int name_len, const int name_type,
373                                     const s64 pos, const MFT_REF mref,
374                                     const unsigned dt_type)
375 {
376         struct readdir_ctx *ctx;
377         size_t utf8_name_len;
378         char *utf8_name;
379         struct dentry *child = NULL;
380         int ret;
381         size_t path_len;
382
383         if (name_type == FILE_NAME_DOS)
384                 return 0;
385
386         ret = -1;
387
388         utf8_name = utf16_to_utf8((const char*)name, name_len * 2,
389                                   &utf8_name_len);
390         if (!utf8_name)
391                 goto out;
392
393         if (utf8_name[0] == '.' &&
394              (utf8_name[1] == '\0' ||
395               (utf8_name[1] == '.' && utf8_name[2] == '\0'))) {
396                 DEBUG("Skipping dentry `%s'", utf8_name);
397                 ret = 0;
398                 goto out_free_utf8_name;
399         }
400
401         DEBUG("Opening inode for `%s'", utf8_name);
402
403         ctx = dirent;
404
405         ntfs_inode *ni = ntfs_inode_open(ctx->dir_ni->vol, mref);
406         if (!ni) {
407                 ERROR_WITH_ERRNO("Failed to open NTFS inode");
408                 ret = 1;
409         }
410         path_len = ctx->path_len;
411         if (path_len != 1)
412                 ctx->path[path_len++] = '/';
413         memcpy(ctx->path + path_len, utf8_name, utf8_name_len + 1);
414         path_len += utf8_name_len;
415         ret = build_dentry_tree_ntfs_recursive(&child, ni, ctx->path, path_len,
416                                                ctx->lookup_table, ctx->sd_set,
417                                                ctx->config, ctx->ntfs_vol_p);
418
419         if (child) {
420                 DEBUG("Linking dentry `%s' with parent `%s'",
421                       child->file_name_utf8, ctx->parent->file_name_utf8);
422                 link_dentry(child, ctx->parent);
423         }
424         ntfs_inode_close(ni);
425 out_free_utf8_name:
426         FREE(utf8_name);
427 out:
428         return ret;
429 }
430
431 /* Recursively build a WIM dentry tree corresponding to a NTFS volume.
432  * At the same time, update the WIM lookup table with lookup table entries for
433  * the NTFS streams, and build an array of security descriptors.
434  */
435 static int build_dentry_tree_ntfs_recursive(struct dentry **root_p,
436                                             ntfs_inode *ni,
437                                             char path[],
438                                             size_t path_len,
439                                             struct lookup_table *lookup_table,
440                                             struct sd_set *sd_set,
441                                             const struct capture_config *config,
442                                             ntfs_volume **ntfs_vol_p)
443 {
444         u32 attributes;
445         int mrec_flags;
446         u32 sd_size = 0;
447         int ret = 0;
448         struct dentry *root;
449
450         if (exclude_path(path, config, false)) {
451                 DEBUG("Excluding `%s' from capture", path);
452                 return 0;
453         }
454
455         DEBUG("Starting recursive capture at path = `%s'", path);
456         mrec_flags = ni->mrec->flags;
457         attributes = ntfs_inode_get_attributes(ni);
458
459         root = new_dentry(path_basename(path));
460         if (!root)
461                 return WIMLIB_ERR_NOMEM;
462
463         *root_p = root;
464         root->creation_time    = le64_to_cpu(ni->creation_time);
465         root->last_write_time  = le64_to_cpu(ni->last_data_change_time);
466         root->last_access_time = le64_to_cpu(ni->last_access_time);
467         root->attributes       = le32_to_cpu(attributes);
468         root->link_group_id    = ni->mft_no;
469         root->resolved         = true;
470
471         if (attributes & FILE_ATTR_REPARSE_POINT) {
472                 DEBUG("Reparse point `%s'", path);
473                 /* Junction point, symbolic link, or other reparse point */
474                 ret = capture_ntfs_streams(root, ni, path, path_len,
475                                            lookup_table, ntfs_vol_p,
476                                            AT_REPARSE_POINT);
477         } else if (mrec_flags & MFT_RECORD_IS_DIRECTORY) {
478                 DEBUG("Directory `%s'", path);
479
480                 /* Normal directory */
481                 s64 pos = 0;
482                 struct readdir_ctx ctx = {
483                         .parent       = root,
484                         .dir_ni       = ni,
485                         .path         = path,
486                         .path_len     = path_len,
487                         .lookup_table = lookup_table,
488                         .sd_set       = sd_set,
489                         .config       = config,
490                         .ntfs_vol_p   = ntfs_vol_p,
491                 };
492                 ret = ntfs_readdir(ni, &pos, &ctx, wim_ntfs_capture_filldir);
493                 if (ret != 0) {
494                         ERROR_WITH_ERRNO("ntfs_readdir()");
495                         ret = WIMLIB_ERR_NTFS_3G;
496                 }
497         } else {
498                 DEBUG("Normal file `%s'", path);
499                 /* Normal file */
500                 ret = capture_ntfs_streams(root, ni, path, path_len,
501                                            lookup_table, ntfs_vol_p,
502                                            AT_DATA);
503         }
504         if (ret != 0)
505                 return ret;
506
507         ret = ntfs_inode_get_security(ni,
508                                       OWNER_SECURITY_INFORMATION |
509                                       GROUP_SECURITY_INFORMATION |
510                                       DACL_SECURITY_INFORMATION  |
511                                       SACL_SECURITY_INFORMATION,
512                                       NULL, 0, &sd_size);
513         char sd[sd_size];
514         ret = ntfs_inode_get_security(ni,
515                                       OWNER_SECURITY_INFORMATION |
516                                       GROUP_SECURITY_INFORMATION |
517                                       DACL_SECURITY_INFORMATION  |
518                                       SACL_SECURITY_INFORMATION,
519                                       sd, sd_size, &sd_size);
520         if (ret == 0) {
521                 ERROR_WITH_ERRNO("Failed to get security information from "
522                                  "`%s'", path);
523                 ret = WIMLIB_ERR_NTFS_3G;
524         } else {
525                 if (ret > 0) {
526                         /*print_security_descriptor(sd, sd_size);*/
527                         root->security_id = sd_set_add_sd(sd_set, sd, sd_size);
528                         if (root->security_id == -1) {
529                                 ERROR("Out of memory");
530                                 return WIMLIB_ERR_NOMEM;
531                         }
532                         DEBUG("Added security ID = %u for `%s'",
533                               root->security_id, path);
534                 } else { 
535                         root->security_id = -1;
536                         DEBUG("No security ID for `%s'", path);
537                 }
538                 ret = 0;
539         }
540         return ret;
541 }
542
543 static int build_dentry_tree_ntfs(struct dentry **root_p,
544                                   const char *device,
545                                   struct lookup_table *lookup_table,
546                                   struct wim_security_data *sd,
547                                   const struct capture_config *config,
548                                   int flags,
549                                   void *extra_arg)
550 {
551         ntfs_volume *vol;
552         ntfs_inode *root_ni;
553         int ret = 0;
554         struct sd_set sd_set = {
555                 .sd = sd,
556                 .root = NULL,
557         };
558         ntfs_volume **ntfs_vol_p = extra_arg;
559
560         DEBUG("Mounting NTFS volume `%s' read-only", device);
561         
562         vol = ntfs_mount(device, MS_RDONLY);
563         if (!vol) {
564                 ERROR_WITH_ERRNO("Failed to mount NTFS volume `%s' read-only",
565                                  device);
566                 return WIMLIB_ERR_NTFS_3G;
567         }
568
569         /* We don't want to capture the special NTFS files such as $Bitmap.  Not
570          * to be confused with "hidden" or "system" files which are real files
571          * that we do need to capture.  */
572         NVolClearShowSysFiles(vol);
573
574         DEBUG("Opening root NTFS dentry");
575         root_ni = ntfs_inode_open(vol, FILE_root);
576         if (!root_ni) {
577                 ERROR_WITH_ERRNO("Failed to open root inode of NTFS volume "
578                                  "`%s'", device);
579                 ret = WIMLIB_ERR_NTFS_3G;
580                 goto out;
581         }
582
583         /* Currently we assume that all the UTF-8 paths fit into this length and
584          * there is no check for overflow. */
585         char *path = MALLOC(32768);
586         if (!path) {
587                 ERROR("Could not allocate memory for NTFS pathname");
588                 goto out_cleanup;
589         }
590
591         path[0] = '/';
592         path[1] = '\0';
593         ret = build_dentry_tree_ntfs_recursive(root_p, root_ni, path, 1,
594                                                lookup_table, &sd_set,
595                                                config, ntfs_vol_p);
596 out_cleanup:
597         FREE(path);
598         ntfs_inode_close(root_ni);
599         destroy_sd_set(&sd_set);
600
601 out:
602         if (ret) {
603                 if (ntfs_umount(vol, FALSE) != 0) {
604                         ERROR_WITH_ERRNO("Failed to unmount NTFS volume `%s'",
605                                          device);
606                         if (ret == 0)
607                                 ret = WIMLIB_ERR_NTFS_3G;
608                 }
609         } else {
610                 /* We need to leave the NTFS volume mounted so that we can read
611                  * the NTFS files again when we are actually writing the WIM */
612                 *ntfs_vol_p = vol;
613         }
614         return ret;
615 }
616
617
618
619 WIMLIBAPI int wimlib_add_image_from_ntfs_volume(WIMStruct *w,
620                                                 const char *device,
621                                                 const char *name,
622                                                 const char *config_str,
623                                                 size_t config_len,
624                                                 int flags)
625 {
626         if (flags & (WIMLIB_ADD_IMAGE_FLAG_DEREFERENCE)) {
627                 ERROR("Cannot dereference files when capturing directly from NTFS");
628                 return WIMLIB_ERR_INVALID_PARAM;
629         }
630         return do_add_image(w, device, name, config_str, config_len, flags,
631                             build_dentry_tree_ntfs, &w->ntfs_vol);
632 }
633
634 #else /* WITH_NTFS_3G */
635 WIMLIBAPI int wimlib_add_image_from_ntfs_volume(WIMStruct *w,
636                                                 const char *device,
637                                                 const char *name,
638                                                 const char *config_str,
639                                                 size_t config_len,
640                                                 int flags)
641 {
642         ERROR("wimlib was compiled without support for NTFS-3g, so");
643         ERROR("we cannot capture a WIM image directly from a NTFS volume");
644         return WIMLIB_ERR_UNSUPPORTED;
645 }
646 #endif /* WITH_NTFS_3G */