2 * win32_apply.c - Windows-specific code for applying files from a WIM image.
6 * Copyright (C) 2013 Eric Biggers
8 * This file is part of wimlib, a library for working with WIM files.
10 * wimlib is free software; you can redistribute it and/or modify it under the
11 * terms of the GNU General Public License as published by the Free
12 * Software Foundation; either version 3 of the License, or (at your option)
15 * wimlib is distributed in the hope that it will be useful, but WITHOUT ANY
16 * WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR
17 * A PARTICULAR PURPOSE. See the GNU General Public License for more
20 * You should have received a copy of the GNU General Public License
21 * along with wimlib; if not, see http://www.gnu.org/licenses/.
30 #include "wimlib/win32_common.h"
32 #include "wimlib/apply.h"
33 #include "wimlib/dentry.h"
34 #include "wimlib/endianness.h"
35 #include "wimlib/error.h"
36 #include "wimlib/lookup_table.h"
37 #include "wimlib/metadata.h"
38 #include "wimlib/reparse.h"
39 #include "wimlib/security.h"
41 #define MAX_CREATE_HARD_LINK_WARNINGS 5
42 #define MAX_CREATE_SOFT_LINK_WARNINGS 5
44 #define MAX_SET_SD_ACCESS_DENIED_WARNINGS 1
45 #define MAX_SET_SACL_PRIV_NOTHELD_WARNINGS 1
47 static const wchar_t *apply_access_denied_msg =
48 L"If you are not running this program as the administrator, you may\n"
49 " need to do so, so that all data and metadata can be extracted\n"
50 " exactly as the origignal copy. However, if you do not care that\n"
51 " the security descriptors are extracted correctly, you could run\n"
52 " `wimlib-imagex apply' with the --no-acls flag instead.\n"
57 win32_extract_try_rpfix(u8 *rpbuf,
59 const wchar_t *extract_root_realpath,
60 unsigned extract_root_realpath_nchars)
62 struct reparse_data rpdata;
65 size_t stripped_nchars;
66 wchar_t *stripped_target;
67 wchar_t stripped_target_nchars;
70 utf16lechar *new_target;
71 utf16lechar *new_print_name;
72 size_t new_target_nchars;
73 size_t new_print_name_nchars;
76 ret = parse_reparse_data(rpbuf, *rpbuflen_p, &rpdata);
80 if (extract_root_realpath[0] == L'\0' ||
81 extract_root_realpath[1] != L':' ||
82 extract_root_realpath[2] != L'\\')
84 ERROR("Can't understand full path format \"%ls\". "
85 "Try turning reparse point fixups off...",
86 extract_root_realpath);
87 return WIMLIB_ERR_REPARSE_POINT_FIXUP_FAILED;
90 ret = parse_substitute_name(rpdata.substitute_name,
91 rpdata.substitute_name_nbytes,
95 stripped_nchars = ret;
96 target = rpdata.substitute_name;
97 target_nchars = rpdata.substitute_name_nbytes / sizeof(utf16lechar);
98 stripped_target = target + stripped_nchars;
99 stripped_target_nchars = target_nchars - stripped_nchars;
101 new_target = alloca((6 + extract_root_realpath_nchars +
102 stripped_target_nchars) * sizeof(utf16lechar));
105 if (stripped_nchars == 6) {
106 /* Include \??\ prefix if it was present before */
107 p = wmempcpy(p, L"\\??\\", 4);
110 /* Print name excludes the \??\ if present. */
112 if (stripped_nchars != 0) {
113 /* Get drive letter from real path to extract root, if a drive
114 * letter was present before. */
115 *p++ = extract_root_realpath[0];
116 *p++ = extract_root_realpath[1];
118 /* Copy the rest of the extract root */
119 p = wmempcpy(p, extract_root_realpath + 2, extract_root_realpath_nchars - 2);
121 /* Append the stripped target */
122 p = wmempcpy(p, stripped_target, stripped_target_nchars);
123 new_target_nchars = p - new_target;
124 new_print_name_nchars = p - new_print_name;
126 if (new_target_nchars * sizeof(utf16lechar) >= REPARSE_POINT_MAX_SIZE ||
127 new_print_name_nchars * sizeof(utf16lechar) >= REPARSE_POINT_MAX_SIZE)
129 ERROR("Path names too long to do reparse point fixup!");
130 return WIMLIB_ERR_REPARSE_POINT_FIXUP_FAILED;
132 rpdata.substitute_name = new_target;
133 rpdata.substitute_name_nbytes = new_target_nchars * sizeof(utf16lechar);
134 rpdata.print_name = new_print_name;
135 rpdata.print_name_nbytes = new_print_name_nchars * sizeof(utf16lechar);
136 return make_reparse_buffer(&rpdata, rpbuf, rpbuflen_p);
139 /* Wrapper around the FSCTL_SET_REPARSE_POINT ioctl to set the reparse data on
140 * an extracted reparse point. */
142 win32_set_reparse_data(HANDLE h,
143 const struct wim_inode *inode,
144 const struct wim_lookup_table_entry *lte,
146 struct apply_args *args)
149 u8 rpbuf[REPARSE_POINT_MAX_SIZE] _aligned_attribute(8);
153 DEBUG("Setting reparse data on \"%ls\"", path);
155 ret = wim_inode_get_reparse_data(inode, rpbuf, &rpbuflen);
159 if (args->extract_flags & WIMLIB_EXTRACT_FLAG_RPFIX &&
160 (inode->i_reparse_tag == WIM_IO_REPARSE_TAG_SYMLINK ||
161 inode->i_reparse_tag == WIM_IO_REPARSE_TAG_MOUNT_POINT) &&
162 !inode->i_not_rpfixed)
164 ret = win32_extract_try_rpfix(rpbuf,
166 args->target_realpath,
167 args->target_realpath_len);
169 return WIMLIB_ERR_REPARSE_POINT_FIXUP_FAILED;
172 /* Set the reparse data on the open file using the
173 * FSCTL_SET_REPARSE_POINT ioctl.
175 * There are contradictions in Microsoft's documentation for this:
177 * "If hDevice was opened without specifying FILE_FLAG_OVERLAPPED,
178 * lpOverlapped is ignored."
180 * --- So setting lpOverlapped to NULL is okay since it's ignored.
182 * "If lpOverlapped is NULL, lpBytesReturned cannot be NULL. Even when an
183 * operation returns no output data and lpOutBuffer is NULL,
184 * DeviceIoControl makes use of lpBytesReturned. After such an
185 * operation, the value of lpBytesReturned is meaningless."
187 * --- So lpOverlapped not really ignored, as it affects another
188 * parameter. This is the actual behavior: lpBytesReturned must be
189 * specified, even though lpBytesReturned is documented as:
191 * "Not used with this operation; set to NULL."
193 if (!DeviceIoControl(h, FSCTL_SET_REPARSE_POINT, rpbuf,
196 &bytesReturned /* lpBytesReturned */,
197 NULL /* lpOverlapped */))
199 DWORD err = GetLastError();
200 if (err == ERROR_ACCESS_DENIED || err == ERROR_PRIVILEGE_NOT_HELD)
202 args->num_soft_links_failed++;
203 if (args->num_soft_links_failed <= MAX_CREATE_SOFT_LINK_WARNINGS) {
204 WARNING("Can't set reparse data on \"%ls\": Access denied!\n"
205 " You may be trying to extract a symbolic "
207 " SeCreateSymbolicLink privilege, which by "
208 "default non-Administrator\n"
209 " accounts do not have.", path);
211 if (args->num_hard_links_failed == MAX_CREATE_HARD_LINK_WARNINGS) {
212 WARNING("Suppressing further warnings regarding failure to extract\n"
213 " reparse points due to insufficient privileges...");
216 ERROR("Failed to set reparse data on \"%ls\"", path);
218 if (inode->i_reparse_tag == WIM_IO_REPARSE_TAG_SYMLINK ||
219 inode->i_reparse_tag == WIM_IO_REPARSE_TAG_MOUNT_POINT)
220 return WIMLIB_ERR_LINK;
222 return WIMLIB_ERR_WRITE;
228 /* Wrapper around the FSCTL_SET_COMPRESSION ioctl to change the
229 * FILE_ATTRIBUTE_COMPRESSED flag of a file or directory. */
231 win32_set_compression_state(HANDLE hFile, USHORT format, const wchar_t *path)
234 if (!DeviceIoControl(hFile, FSCTL_SET_COMPRESSION,
235 &format, sizeof(USHORT),
237 &bytesReturned, NULL))
239 /* Could be a warning only, but we only call this if the volume
240 * supports compression. So I'm calling this an error. */
241 DWORD err = GetLastError();
242 ERROR("Failed to set compression flag on \"%ls\"", path);
244 if (err == ERROR_ACCESS_DENIED || err == ERROR_PRIVILEGE_NOT_HELD)
245 return WIMLIB_ERR_INSUFFICIENT_PRIVILEGES_TO_EXTRACT;
247 return WIMLIB_ERR_WRITE;
252 /* Wrapper around FSCTL_SET_SPARSE ioctl to set a file as sparse. */
254 win32_set_sparse(HANDLE hFile, const wchar_t *path)
257 if (!DeviceIoControl(hFile, FSCTL_SET_SPARSE,
260 &bytesReturned, NULL))
262 /* Could be a warning only, but we only call this if the volume
263 * supports sparse files. So I'm calling this an error. */
264 DWORD err = GetLastError();
265 WARNING("Failed to set sparse flag on \"%ls\"", path);
267 if (err == ERROR_ACCESS_DENIED || err == ERROR_PRIVILEGE_NOT_HELD)
268 return WIMLIB_ERR_INSUFFICIENT_PRIVILEGES_TO_EXTRACT;
270 return WIMLIB_ERR_WRITE;
276 * Sets the security descriptor on an extracted file.
279 win32_set_security_data(const struct wim_inode *inode,
282 struct apply_args *args)
284 PSECURITY_DESCRIPTOR descriptor;
287 const struct wim_security_data *sd;
288 SECURITY_INFORMATION securityInformation;
290 securityInformation = OWNER_SECURITY_INFORMATION |
291 GROUP_SECURITY_INFORMATION |
292 DACL_SECURITY_INFORMATION |
293 SACL_SECURITY_INFORMATION;
295 sd = wim_const_security_data(args->wim);
296 descriptor = sd->descriptors[inode->i_security_id];
299 if (SetFileSecurity(path, securityInformation, descriptor))
301 err = GetLastError();
302 if (args->extract_flags & WIMLIB_EXTRACT_FLAG_STRICT_ACLS)
305 case ERROR_PRIVILEGE_NOT_HELD:
306 if (securityInformation & SACL_SECURITY_INFORMATION) {
307 n = args->num_set_sacl_priv_notheld++;
308 securityInformation &= ~SACL_SECURITY_INFORMATION;
309 if (n < MAX_SET_SACL_PRIV_NOTHELD_WARNINGS) {
311 "We don't have enough privileges to set the full security\n"
312 " descriptor on \"%ls\"!\n", path);
313 if (args->num_set_sd_access_denied +
314 args->num_set_sacl_priv_notheld == 1)
316 WARNING("%ls", apply_access_denied_msg);
318 WARNING("Re-trying with SACL omitted.\n", path);
319 } else if (n == MAX_SET_SACL_PRIV_NOTHELD_WARNINGS) {
321 "Suppressing further 'privileges not held' error messages when setting\n"
322 " security descriptors.");
327 case ERROR_INVALID_OWNER:
328 case ERROR_ACCESS_DENIED:
329 n = args->num_set_sd_access_denied++;
330 if (n < MAX_SET_SD_ACCESS_DENIED_WARNINGS) {
331 WARNING("Failed to set security descriptor on \"%ls\": "
332 "Access denied!\n", path);
333 if (args->num_set_sd_access_denied +
334 args->num_set_sacl_priv_notheld == 1)
336 WARNING("%ls", apply_access_denied_msg);
338 } else if (n == MAX_SET_SD_ACCESS_DENIED_WARNINGS) {
340 "Suppressing further access denied error messages when setting\n"
341 " security descriptors");
346 ERROR("Failed to set security descriptor on \"%ls\"", path);
348 if (err == ERROR_ACCESS_DENIED || err == ERROR_PRIVILEGE_NOT_HELD)
349 return WIMLIB_ERR_INSUFFICIENT_PRIVILEGES_TO_EXTRACT;
351 return WIMLIB_ERR_WRITE;
357 win32_extract_chunk(const void *buf, size_t len, void *arg)
359 HANDLE hStream = arg;
361 DWORD nbytes_written;
362 wimlib_assert(len <= 0xffffffff);
364 if (!WriteFile(hStream, buf, len, &nbytes_written, NULL) ||
365 nbytes_written != len)
367 DWORD err = GetLastError();
368 ERROR("WriteFile(): write error");
370 return WIMLIB_ERR_WRITE;
376 do_win32_extract_stream(HANDLE hStream, const struct wim_lookup_table_entry *lte)
378 return extract_wim_resource(lte, wim_resource_size(lte),
379 win32_extract_chunk, hStream);
382 struct win32_encrypted_extract_ctx {
383 const struct wim_lookup_table_entry *lte;
388 win32_encrypted_import_cb(unsigned char *data, void *_ctx,
389 unsigned long *len_p)
391 struct win32_encrypted_extract_ctx *ctx = _ctx;
392 unsigned long len = *len_p;
393 const struct wim_lookup_table_entry *lte = ctx->lte;
395 len = min(len, wim_resource_size(lte) - ctx->offset);
397 if (read_partial_wim_resource_into_buf(lte, len, ctx->offset, data))
398 return ERROR_READ_FAULT;
402 return ERROR_SUCCESS;
405 /* Create an encrypted file and extract the raw encrypted data to it.
407 * @path: Path to encrypted file to create.
408 * @lte: WIM lookup_table entry for the raw encrypted data.
410 * This is separate from do_win32_extract_stream() because the WIM is supposed
411 * to contain the *raw* encrypted data, which needs to be extracted ("imported")
412 * using the special APIs OpenEncryptedFileRawW(), WriteEncryptedFileRaw(), and
413 * CloseEncryptedFileRaw().
415 * Returns 0 on success; nonzero on failure.
418 do_win32_extract_encrypted_stream(const wchar_t *path,
419 const struct wim_lookup_table_entry *lte)
424 DEBUG("Opening file \"%ls\" to extract raw encrypted data", path);
426 ret = OpenEncryptedFileRawW(path, CREATE_FOR_IMPORT, &file_ctx);
428 ERROR("Failed to open \"%ls\" to write raw encrypted data", path);
430 return WIMLIB_ERR_OPEN;
434 struct win32_encrypted_extract_ctx ctx;
438 ret = WriteEncryptedFileRaw(win32_encrypted_import_cb, &ctx, file_ctx);
439 if (ret == ERROR_SUCCESS) {
442 ret = WIMLIB_ERR_WRITE;
443 ERROR("Failed to extract encrypted file \"%ls\"", path);
446 CloseEncryptedFileRaw(file_ctx);
451 win32_mask_attributes(DWORD i_attributes)
453 return i_attributes & ~(FILE_ATTRIBUTE_SPARSE_FILE |
454 FILE_ATTRIBUTE_COMPRESSED |
455 FILE_ATTRIBUTE_REPARSE_POINT |
456 FILE_ATTRIBUTE_DIRECTORY |
457 FILE_ATTRIBUTE_ENCRYPTED |
458 FILE_FLAG_DELETE_ON_CLOSE |
459 FILE_FLAG_NO_BUFFERING |
460 FILE_FLAG_OPEN_NO_RECALL |
461 FILE_FLAG_OVERLAPPED |
462 FILE_FLAG_RANDOM_ACCESS |
463 /*FILE_FLAG_SESSION_AWARE |*/
464 FILE_FLAG_SEQUENTIAL_SCAN |
465 FILE_FLAG_WRITE_THROUGH);
469 win32_get_create_flags_and_attributes(DWORD i_attributes)
472 * Some attributes cannot be set by passing them to CreateFile(). In
475 * FILE_ATTRIBUTE_DIRECTORY:
476 * CreateDirectory() must be called instead of CreateFile().
478 * FILE_ATTRIBUTE_SPARSE_FILE:
480 * See: win32_set_sparse().
482 * FILE_ATTRIBUTE_COMPRESSED:
483 * Not clear from the documentation, but apparently this needs an
485 * See: win32_set_compressed().
487 * FILE_ATTRIBUTE_REPARSE_POINT:
488 * Needs an ioctl, with the reparse data specified.
489 * See: win32_set_reparse_data().
491 * In addition, clear any file flags in the attributes that we don't
492 * want, but also specify FILE_FLAG_OPEN_REPARSE_POINT and
493 * FILE_FLAG_BACKUP_SEMANTICS as we are a backup application.
495 return win32_mask_attributes(i_attributes) |
496 FILE_FLAG_OPEN_REPARSE_POINT |
497 FILE_FLAG_BACKUP_SEMANTICS;
500 /* Set compression and/or sparse attributes on a stream, if supported by the
503 win32_set_special_stream_attributes(HANDLE hFile, const struct wim_inode *inode,
504 struct wim_lookup_table_entry *unnamed_stream_lte,
505 const wchar_t *path, unsigned vol_flags)
509 if (inode->i_attributes & FILE_ATTRIBUTE_COMPRESSED) {
510 if (vol_flags & FILE_FILE_COMPRESSION) {
511 ret = win32_set_compression_state(hFile,
512 COMPRESSION_FORMAT_DEFAULT,
517 DEBUG("Cannot set compression attribute on \"%ls\": "
518 "volume does not support transparent compression",
523 if (inode->i_attributes & FILE_ATTRIBUTE_SPARSE_FILE) {
524 if (vol_flags & FILE_SUPPORTS_SPARSE_FILES) {
525 DEBUG("Setting sparse flag on \"%ls\"", path);
526 ret = win32_set_sparse(hFile, path);
530 DEBUG("Cannot set sparse attribute on \"%ls\": "
531 "volume does not support sparse files",
538 /* Pre-create directories; extract encrypted streams */
540 win32_begin_extract_unnamed_stream(const struct wim_inode *inode,
541 const struct wim_lookup_table_entry *lte,
543 DWORD *creationDisposition_ret,
544 unsigned int vol_flags)
549 /* Directories must be created with CreateDirectoryW(). Then the call
550 * to CreateFileW() will merely open the directory that was already
551 * created rather than creating a new file. */
552 if (inode->i_attributes & FILE_ATTRIBUTE_DIRECTORY) {
553 if (!win32_path_is_root_of_drive(path)) {
554 if (!CreateDirectoryW(path, NULL)) {
555 err = GetLastError();
556 if (err != ERROR_ALREADY_EXISTS) {
557 ERROR("Failed to create directory \"%ls\"",
560 return WIMLIB_ERR_MKDIR;
563 DEBUG("Created directory \"%ls\"", path);
565 *creationDisposition_ret = OPEN_EXISTING;
567 if (inode->i_attributes & FILE_ATTRIBUTE_ENCRYPTED &&
568 vol_flags & FILE_SUPPORTS_ENCRYPTION)
570 if (inode->i_attributes & FILE_ATTRIBUTE_DIRECTORY) {
571 unsigned remaining_sharing_violations = 100;
572 while (!EncryptFile(path)) {
573 if (remaining_sharing_violations &&
574 err == ERROR_SHARING_VIOLATION)
576 WARNING("Couldn't encrypt directory \"%ls\" "
577 "due to sharing violation; re-trying "
578 "after 100 ms", path);
580 remaining_sharing_violations--;
582 err = GetLastError();
583 ERROR("Failed to encrypt directory \"%ls\"",
586 return WIMLIB_ERR_WRITE;
590 ret = do_win32_extract_encrypted_stream(path, lte);
593 DEBUG("Extracted encrypted file \"%ls\"", path);
595 *creationDisposition_ret = OPEN_EXISTING;
598 /* Set file attributes if we created the file. Otherwise, we haven't
599 * created the file set and we will set the attributes in the call to
602 * The FAT filesystem does not let you change the attributes of the root
603 * directory, so treat that as a special case and do not set attributes.
605 if (*creationDisposition_ret == OPEN_EXISTING &&
606 !win32_path_is_root_of_drive(path))
608 if (!SetFileAttributesW(path,
609 win32_mask_attributes(inode->i_attributes)))
611 err = GetLastError();
612 ERROR("Failed to set attributes on \"%ls\"", path);
614 return WIMLIB_ERR_WRITE;
620 /* Extract stream data or reparse data (skip the unnamed data stream of
621 * encrypted files, which was already extracted) and set short file name. */
623 win32_finish_extract_stream(HANDLE h, const struct wim_dentry *dentry,
624 const struct wim_lookup_table_entry *lte,
625 const wchar_t *stream_path,
626 const wchar_t *stream_name_utf16,
627 struct apply_args *args)
630 const struct wim_inode *inode = dentry->d_inode;
631 if (stream_name_utf16 == NULL) {
632 /* Unnamed stream. */
634 /* Handle reparse points. The data for them needs to be set
635 * using a special ioctl. Note that the reparse point may have
636 * been created using CreateFileW() in the case of
637 * non-directories or CreateDirectoryW() in the case of
638 * directories; but the ioctl works either way. Also, it is
639 * only this step that actually sets the
640 * FILE_ATTRIBUTE_REPARSE_POINT, as it is not valid to set it
641 * using SetFileAttributesW() or CreateFileW().
643 * If the volume does not support reparse points we simply
644 * ignore the reparse data. (N.B. the code currently doesn't
645 * actually reach this case because reparse points are skipped
646 * entirely on such volumes.) */
647 if (inode->i_attributes & FILE_ATTRIBUTE_REPARSE_POINT) {
648 if (args->vol_flags & FILE_SUPPORTS_REPARSE_POINTS) {
649 ret = win32_set_reparse_data(h, inode,
655 DEBUG("Cannot set reparse data on \"%ls\": volume "
656 "does not support reparse points", stream_path);
658 } else if (lte != NULL &&
659 !(args->vol_flags & FILE_SUPPORTS_ENCRYPTION &&
660 inode->i_attributes & FILE_ATTRIBUTE_ENCRYPTED))
662 /* Extract the data of the unnamed stream, unless the
663 * lookup table entry is NULL (indicating an empty
664 * stream for which no data needs to be extracted), or
665 * the stream is encrypted and therefore was already
666 * extracted as a special case. */
667 ret = do_win32_extract_stream(h, lte);
672 if (dentry_has_short_name(dentry) && !dentry->dos_name_invalid)
673 SetFileShortNameW(h, dentry->short_name);
674 else if (running_on_windows_7_or_later())
675 SetFileShortNameW(h, L"");
677 /* Extract the data for a named data stream. */
679 DEBUG("Extracting named data stream \"%ls\" (len = %"PRIu64")",
680 stream_path, wim_resource_size(lte));
681 ret = do_win32_extract_stream(h, lte);
688 win32_decrypt_file(HANDLE open_handle, const wchar_t *path)
691 /* We cannot call DecryptFileW() while there is an open handle to the
692 * file. So close it first. */
693 if (!CloseHandle(open_handle)) {
694 err = GetLastError();
695 ERROR("Failed to close handle for \"%ls\"", path);
697 return WIMLIB_ERR_WRITE;
699 if (!DecryptFileW(path, 0 /* reserved parameter; set to 0 */)) {
700 err = GetLastError();
701 ERROR("Failed to decrypt file \"%ls\"", path);
703 return WIMLIB_ERR_WRITE;
709 * Create and extract a stream to a file, or create a directory, using the
712 * This handles reparse points, directories, alternate data streams, encrypted
713 * files, compressed files, etc.
715 * @dentry: WIM dentry for the file or directory being extracted.
717 * @path: Path to extract the file to.
719 * @stream_name_utf16:
720 * Name of the stream, or NULL if the stream is unnamed. This will
721 * be called with a NULL stream_name_utf16 before any non-NULL
722 * stream_name_utf16's.
724 * @lte: WIM lookup table entry for the stream. May be NULL to indicate
725 * a stream of length 0.
727 * @args: Additional apply context, including flags indicating supported
730 * Returns 0 on success; nonzero on failure.
733 win32_extract_stream(const struct wim_dentry *dentry,
735 const wchar_t *stream_name_utf16,
736 struct wim_lookup_table_entry *lte,
737 struct apply_args *args)
739 wchar_t *stream_path;
743 DWORD creationDisposition = CREATE_ALWAYS;
744 DWORD requestedAccess;
745 BY_HANDLE_FILE_INFORMATION file_info;
746 unsigned remaining_sharing_violations = 1000;
747 const struct wim_inode *inode = dentry->d_inode;
749 if (stream_name_utf16) {
750 /* Named stream. Create a buffer that contains the UTF-16LE
751 * string [.\]path:stream_name_utf16. This is needed to
752 * create and open the stream using CreateFileW(). I'm not
753 * aware of any other APIs to do this. Note: the '$DATA' suffix
754 * seems to be unneeded. Additional note: a ".\" prefix needs
755 * to be added when the path is a 1-character long relative path
756 * to avoid ambiguity with drive letters. */
757 size_t stream_path_nchars;
759 size_t stream_name_nchars;
760 const wchar_t *prefix;
762 path_nchars = wcslen(path);
763 stream_name_nchars = wcslen(stream_name_utf16);
764 stream_path_nchars = path_nchars + 1 + stream_name_nchars;
765 if (path_nchars == 1 && !is_any_path_separator(path[0])) {
766 static const wchar_t _prefix[] =
767 {L'.', OS_PREFERRED_PATH_SEPARATOR, L'\0'};
769 stream_path_nchars += 2;
773 stream_path = alloca((stream_path_nchars + 1) * sizeof(wchar_t));
774 swprintf(stream_path, L"%ls%ls:%ls",
775 prefix, path, stream_name_utf16);
777 /* Unnamed stream; its path is just the path to the file itself.
779 stream_path = (wchar_t*)path;
781 ret = win32_begin_extract_unnamed_stream(inode, lte, path,
782 &creationDisposition,
788 DEBUG("Opening \"%ls\"", stream_path);
789 requestedAccess = GENERIC_READ | GENERIC_WRITE;
790 /* DELETE access is needed for SetFileShortNameW(), for some reason.
791 * But don't request it for the extraction root, for the following
794 * - Requesting DELETE access on the extraction root will cause a
795 * sharing violation if the extraction root is the current working
797 * - The extraction root may be extracted to a different name than given
798 * in the WIM file, in which case the DOS name, if given, would not be
800 * - For full-image extractions, the root dentry is supposed to be
802 * - Microsoft's ImageX does not extract the root directory.
804 if (dentry != args->extract_root)
805 requestedAccess |= DELETE;
808 /* Open the stream to be extracted. Depending on what we have set
809 * creationDisposition to, we may be creating this for the first time,
810 * or we may be opening on existing stream we already created using
811 * CreateDirectoryW() or OpenEncryptedFileRawW(). */
812 h = CreateFileW(stream_path,
817 win32_get_create_flags_and_attributes(inode->i_attributes),
819 if (h == INVALID_HANDLE_VALUE) {
820 err = GetLastError();
821 if (err == ERROR_ACCESS_DENIED &&
822 win32_path_is_root_of_drive(stream_path))
827 if ((err == ERROR_PRIVILEGE_NOT_HELD ||
828 err == ERROR_ACCESS_DENIED) &&
829 (requestedAccess & ACCESS_SYSTEM_SECURITY))
831 /* Try opening the file again without privilege to
833 requestedAccess &= ~ACCESS_SYSTEM_SECURITY;
836 if (err == ERROR_SHARING_VIOLATION &&
837 (inode->i_attributes & (FILE_ATTRIBUTE_ENCRYPTED |
838 FILE_ATTRIBUTE_DIRECTORY)) ==
839 (FILE_ATTRIBUTE_ENCRYPTED | FILE_ATTRIBUTE_DIRECTORY))
841 if (remaining_sharing_violations) {
842 --remaining_sharing_violations;
843 /* This can happen when restoring encrypted directories
844 * for some reason. Probably a bug in EncryptFile(). */
845 WARNING("Couldn't open \"%ls\" due to sharing violation; "
846 "re-trying after 100ms", stream_path);
850 ERROR("Too many sharing violations; giving up...");
853 if (creationDisposition == OPEN_EXISTING)
854 ERROR("Failed to open \"%ls\"", stream_path);
856 ERROR("Failed to create \"%ls\"", stream_path);
858 ret = WIMLIB_ERR_OPEN;
862 /* Check the attributes of the file we just opened, and remove
863 * encryption or compression if either was set by default but is not
864 * supposed to be set based on the WIM inode attributes. */
865 if (!GetFileInformationByHandle(h, &file_info)) {
866 err = GetLastError();
867 ERROR("Failed to get attributes of \"%ls\"", stream_path);
869 ret = WIMLIB_ERR_STAT;
870 goto fail_close_handle;
873 /* Remove encryption? */
874 if (file_info.dwFileAttributes & FILE_ATTRIBUTE_ENCRYPTED &&
875 !(inode->i_attributes & FILE_ATTRIBUTE_ENCRYPTED))
877 /* File defaulted to encrypted due to being in an encrypted
878 * directory, but is not actually supposed to be encrypted.
880 * This is a workaround, because I'm not aware of any way to
881 * directly (e.g. with CreateFileW()) create an unencrypted file
882 * in a directory with FILE_ATTRIBUTE_ENCRYPTED set. */
883 ret = win32_decrypt_file(h, stream_path);
885 goto fail; /* win32_decrypt_file() closed the handle. */
886 creationDisposition = OPEN_EXISTING;
890 /* Remove compression? */
891 if (file_info.dwFileAttributes & FILE_ATTRIBUTE_COMPRESSED &&
892 !(inode->i_attributes & FILE_ATTRIBUTE_COMPRESSED))
894 /* Similar to the encrypted case, above, if the file defaulted
895 * to compressed due to being in an compressed directory, but is
896 * not actually supposed to be compressed, explicitly set the
897 * compression format to COMPRESSION_FORMAT_NONE. */
898 ret = win32_set_compression_state(h, COMPRESSION_FORMAT_NONE,
901 goto fail_close_handle;
904 /* Set compression and/or sparse attributes if needed */
905 ret = win32_set_special_stream_attributes(h, inode, lte, path,
909 goto fail_close_handle;
911 /* At this point we have at least created the needed stream with the
912 * appropriate attributes. We have yet to set the appropriate security
913 * descriptor and actually extract the stream data (other than for
914 * extracted files, which were already extracted).
915 * win32_finish_extract_stream() handles these additional steps, except
916 * the security descriptor. */
917 ret = win32_finish_extract_stream(h, dentry, lte, stream_path,
918 stream_name_utf16, args);
920 goto fail_close_handle;
922 /* Done extracting the stream. Close the handle and return. */
923 DEBUG("Closing \"%ls\"", stream_path);
924 if (!CloseHandle(h)) {
925 err = GetLastError();
926 ERROR("Failed to close \"%ls\"", stream_path);
928 ret = WIMLIB_ERR_WRITE;
936 ERROR("Error extracting \"%ls\"", stream_path);
942 * Creates a file, directory, or reparse point and extracts all streams to it
943 * (unnamed data stream and/or reparse point stream, plus any alternate data
944 * streams). Handles sparse, compressed, and/or encrypted files.
946 * @dentry: WIM dentry for this file or directory.
947 * @path: UTF-16LE external path to extract the inode to.
948 * @args: Additional extraction context.
950 * Returns 0 on success; nonzero on failure.
953 win32_extract_streams(const struct wim_dentry *dentry,
954 const wchar_t *path, struct apply_args *args)
956 struct wim_lookup_table_entry *unnamed_lte;
958 const struct wim_inode *inode = dentry->d_inode;
960 /* First extract the unnamed stream. */
962 unnamed_lte = inode_unnamed_lte_resolved(inode);
963 ret = win32_extract_stream(dentry, path, NULL, unnamed_lte, args);
967 /* Extract any named streams, if supported by the volume. */
969 if (!(args->vol_flags & FILE_NAMED_STREAMS))
971 for (u16 i = 0; i < inode->i_num_ads; i++) {
972 const struct wim_ads_entry *ads_entry = &inode->i_ads_entries[i];
974 /* Skip the unnamed stream if it's in the ADS entries (we
975 * already extracted it...) */
976 if (ads_entry->stream_name_nbytes == 0)
979 /* Skip special UNIX data entries (see documentation for
980 * WIMLIB_ADD_FLAG_UNIX_DATA) */
981 if (ads_entry->stream_name_nbytes == WIMLIB_UNIX_DATA_TAG_UTF16LE_NBYTES
982 && !memcmp(ads_entry->stream_name,
983 WIMLIB_UNIX_DATA_TAG_UTF16LE,
984 WIMLIB_UNIX_DATA_TAG_UTF16LE_NBYTES))
987 /* Extract the named stream */
988 ret = win32_extract_stream(dentry,
990 ads_entry->stream_name,
1001 dentry_clear_inode_visited(struct wim_dentry *dentry, void *_ignore)
1003 dentry->d_inode->i_visited = 0;
1008 dentry_get_features(struct wim_dentry *dentry, void *_features_p)
1011 DWORD *features_p = _features_p;
1012 struct wim_inode *inode = dentry->d_inode;
1014 if (inode->i_visited) {
1015 features |= FILE_SUPPORTS_HARD_LINKS;
1017 inode->i_visited = 1;
1018 if (inode->i_attributes & FILE_ATTRIBUTE_SPARSE_FILE)
1019 features |= FILE_SUPPORTS_SPARSE_FILES;
1020 if (inode->i_attributes & FILE_ATTRIBUTE_REPARSE_POINT)
1021 features |= FILE_SUPPORTS_REPARSE_POINTS;
1022 for (unsigned i = 0; i < inode->i_num_ads; i++)
1023 if (inode->i_ads_entries[i].stream_name_nbytes)
1024 features |= FILE_NAMED_STREAMS;
1025 if (inode->i_attributes & FILE_ATTRIBUTE_ENCRYPTED)
1026 features |= FILE_SUPPORTS_ENCRYPTION;
1027 if (inode->i_attributes & FILE_ATTRIBUTE_COMPRESSED)
1028 features |= FILE_FILE_COMPRESSION;
1029 if (inode->i_security_id != -1)
1030 features |= FILE_PERSISTENT_ACLS;
1032 *features_p |= features;
1036 /* If not done already, load the supported feature flags for the volume onto
1037 * which the image is being extracted, and warn the user about any missing
1038 * features that could be important. */
1040 win32_check_vol_flags(const wchar_t *output_path,
1041 struct wim_dentry *root, struct apply_args *args)
1043 DWORD dentry_features = 0;
1044 DWORD missing_features;
1046 if (args->have_vol_flags)
1049 for_dentry_in_tree(root, dentry_clear_inode_visited, NULL);
1050 for_dentry_in_tree(root, dentry_get_features, &dentry_features);
1052 win32_get_vol_flags(output_path, &args->vol_flags);
1053 args->have_vol_flags = true;
1055 missing_features = dentry_features & ~args->vol_flags;
1057 /* Warn the user about data that may not be extracted. */
1058 if (missing_features & FILE_SUPPORTS_SPARSE_FILES)
1059 WARNING("Volume does not support sparse files!\n"
1060 " Sparse files will be extracted as non-sparse.");
1061 if (missing_features & FILE_SUPPORTS_REPARSE_POINTS)
1062 WARNING("Volume does not support reparse points!\n"
1063 " Reparse point data will not be extracted.");
1064 if (missing_features & FILE_NAMED_STREAMS) {
1065 WARNING("Volume does not support named data streams!\n"
1066 " Named data streams will not be extracted.");
1068 if (missing_features & FILE_SUPPORTS_ENCRYPTION) {
1069 WARNING("Volume does not support encryption!\n"
1070 " Encrypted files will be extracted as raw data.");
1072 if (missing_features & FILE_FILE_COMPRESSION) {
1073 WARNING("Volume does not support transparent compression!\n"
1074 " Compressed files will be extracted as non-compressed.");
1076 if (missing_features & FILE_PERSISTENT_ACLS) {
1077 if (args->extract_flags & WIMLIB_EXTRACT_FLAG_STRICT_ACLS) {
1078 ERROR("Strict ACLs requested, but the volume does not "
1080 return WIMLIB_ERR_VOLUME_LACKS_FEATURES;
1082 WARNING("Volume does not support persistent ACLS!\n"
1083 " File permissions will not be extracted.");
1086 if (running_on_windows_7_or_later() &&
1087 (missing_features & FILE_SUPPORTS_HARD_LINKS))
1089 WARNING("Volume does not support hard links!\n"
1090 " Hard links will be extracted as duplicate files.");
1096 * Try extracting a hard link.
1098 * @output_path: Path to link to be extracted.
1100 * @inode: WIM inode that the link is to; inode->i_extracted_file
1101 * the path to a name of the file that has already been
1102 * extracted (we use this to create the hard link).
1104 * @args: Additional apply context, used here to keep track of
1105 * the number of times creating a hard link failed due to
1106 * ERROR_INVALID_FUNCTION. This error should indicate that hard
1107 * links are not supported by the volume, and we would like to
1108 * warn the user a few times, but not too many times.
1110 * Returns 0 if the hard link was successfully extracted. Returns
1111 * WIMLIB_ERR_LINK (> 0) if an error occurred, other than hard links possibly
1112 * being unsupported by the volume. Returns a negative value if creating the
1113 * hard link failed due to ERROR_INVALID_FUNCTION.
1116 win32_try_hard_link(const wchar_t *output_path, const struct wim_inode *inode,
1117 struct apply_args *args)
1121 /* There is a volume flag for this (FILE_SUPPORTS_HARD_LINKS),
1122 * but it's only available on Windows 7 and later.
1124 * Otherwise, CreateHardLinkW() will apparently return
1125 * ERROR_INVALID_FUNCTION if the volume does not support hard links. */
1127 DEBUG("Creating hard link \"%ls => %ls\"",
1128 output_path, inode->i_extracted_file);
1130 if (running_on_windows_7_or_later() &&
1131 !(args->vol_flags & FILE_SUPPORTS_HARD_LINKS))
1132 goto hard_links_unsupported;
1134 if (CreateHardLinkW(output_path, inode->i_extracted_file, NULL))
1137 err = GetLastError();
1138 if (err != ERROR_INVALID_FUNCTION) {
1139 ERROR("Can't create hard link \"%ls => %ls\"",
1140 output_path, inode->i_extracted_file);
1142 return WIMLIB_ERR_LINK;
1144 hard_links_unsupported:
1145 args->num_hard_links_failed++;
1146 if (args->num_hard_links_failed <= MAX_CREATE_HARD_LINK_WARNINGS) {
1147 if (running_on_windows_7_or_later())
1149 WARNING("Extracting duplicate copy of \"%ls\" "
1150 "rather than hard link", output_path);
1152 WARNING("Can't create hard link \"%ls\" => \"%ls\":\n"
1153 " Volume does not support hard links!\n"
1154 " Falling back to extracting a copy of the file.",
1155 output_path, inode->i_extracted_file);
1158 if (args->num_hard_links_failed == MAX_CREATE_HARD_LINK_WARNINGS)
1159 WARNING("Suppressing further hard linking warnings...");
1163 /* Extract a file, directory, reparse point, or hard link to an
1164 * already-extracted file using the Win32 API */
1166 win32_do_apply_dentry(const wchar_t *output_path,
1167 size_t output_path_num_chars,
1168 struct wim_dentry *dentry,
1169 struct apply_args *args)
1172 struct wim_inode *inode = dentry->d_inode;
1174 ret = win32_check_vol_flags(output_path, dentry, args);
1177 if (inode->i_nlink > 1 && inode->i_extracted_file != NULL) {
1178 /* Linked file, with another name already extracted. Create a
1180 ret = win32_try_hard_link(output_path, inode, args);
1183 /* Negative return value from win32_try_hard_link() indicates
1184 * that hard links are probably not supported by the volume.
1185 * Fall back to extracting a copy of the file. */
1188 /* If this is a reparse point and the volume does not support reparse
1189 * points, just skip it completely. */
1190 if (inode->i_attributes & FILE_ATTRIBUTE_REPARSE_POINT &&
1191 !(args->vol_flags & FILE_SUPPORTS_REPARSE_POINTS))
1193 WARNING("Not extracting reparse point \"%ls\"", output_path);
1194 dentry->not_extracted = 1;
1196 /* Create the file, directory, or reparse point, and extract the
1198 ret = win32_extract_streams(dentry, output_path, args);
1202 if (inode->i_extracted_file == NULL) {
1203 const struct wim_lookup_table_entry *lte;
1205 /* Tally bytes extracted, including all alternate data streams,
1206 * unless we extracted a hard link (or, at least extracted a
1207 * name that was supposed to be a hard link) */
1208 for (unsigned i = 0; i <= inode->i_num_ads; i++) {
1209 lte = inode_stream_lte_resolved(inode, i);
1211 args->progress.extract.completed_bytes +=
1212 wim_resource_size(lte);
1214 if (inode->i_nlink > 1) {
1215 /* Save extracted path for a later call to
1216 * CreateHardLinkW() if this inode has multiple links.
1218 inode->i_extracted_file = WCSDUP(output_path);
1219 if (!inode->i_extracted_file)
1220 return WIMLIB_ERR_NOMEM;
1226 /* Set timestamps on an extracted file using the Win32 API */
1228 win32_do_apply_dentry_timestamps(const wchar_t *path,
1229 size_t path_num_chars,
1230 struct wim_dentry *dentry,
1231 struct apply_args *args)
1235 const struct wim_inode *inode = dentry->d_inode;
1237 /* On Windows we also use the timestamps pass to apply security
1238 * descriptors. This is because it seems we really need the depth-first
1239 * behavior: in particular, Windows contains files like
1240 * \Windows\Registration\CRMLog that have funny permissions and don't
1241 * even let the administrator with SE_RESTORE_NAME open (at least, with
1242 * privileges other than FILE_WRITE_ATTRIBUTES as we do below) after the
1243 * security descriptor has been applied. */
1244 if (inode->i_security_id >= 0 &&
1245 !(args->extract_flags & WIMLIB_EXTRACT_FLAG_NO_ACLS)
1246 && (args->vol_flags & FILE_PERSISTENT_ACLS))
1248 int ret = win32_set_security_data(inode, NULL, path, args);
1253 /* Windows doesn't let you change the timestamps of the root directory
1254 * (at least on FAT, which is dumb but expected since FAT doesn't store
1255 * any metadata about the root directory...) */
1256 if (win32_path_is_root_of_drive(path))
1259 DEBUG("Opening \"%ls\" to set timestamps", path);
1260 h = win32_open_existing_file(path, FILE_WRITE_ATTRIBUTES);
1261 if (h == INVALID_HANDLE_VALUE) {
1262 err = GetLastError();
1266 FILETIME creationTime = {.dwLowDateTime = inode->i_creation_time & 0xffffffff,
1267 .dwHighDateTime = inode->i_creation_time >> 32};
1268 FILETIME lastAccessTime = {.dwLowDateTime = inode->i_last_access_time & 0xffffffff,
1269 .dwHighDateTime = inode->i_last_access_time >> 32};
1270 FILETIME lastWriteTime = {.dwLowDateTime = inode->i_last_write_time & 0xffffffff,
1271 .dwHighDateTime = inode->i_last_write_time >> 32};
1273 DEBUG("Calling SetFileTime() on \"%ls\"", path);
1274 if (!SetFileTime(h, &creationTime, &lastAccessTime, &lastWriteTime)) {
1275 err = GetLastError();
1279 DEBUG("Closing \"%ls\"", path);
1280 if (!CloseHandle(h)) {
1281 err = GetLastError();
1286 /* Only warn if setting timestamps failed; still return 0. */
1287 WARNING("Can't set timestamps on \"%ls\"", path);
1293 #endif /* __WIN32__ */
git://wimlib.net / wimlib / blob