2 * win32_common.c - Windows code common to applying and capturing images.
6 * Copyright (C) 2013-2016 Eric Biggers
8 * This file is free software; you can redistribute it and/or modify it under
9 * the terms of the GNU Lesser General Public License as published by the Free
10 * Software Foundation; either version 3 of the License, or (at your option) any
13 * This file is distributed in the hope that it will be useful, but WITHOUT
14 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
15 * FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
18 * You should have received a copy of the GNU Lesser General Public License
19 * along with this file; if not, see http://www.gnu.org/licenses/.
28 #include "wimlib/win32_common.h"
30 #include "wimlib/assert.h"
31 #include "wimlib/error.h"
32 #include "wimlib/util.h"
33 #include "wimlib/win32_vss.h"
36 win32_modify_privilege(const wchar_t *privilege, bool enable)
40 TOKEN_PRIVILEGES newState;
43 if (!OpenProcessToken(GetCurrentProcess(),
44 TOKEN_ADJUST_PRIVILEGES | TOKEN_QUERY,
48 if (!LookupPrivilegeValue(NULL, privilege, &luid))
49 goto out_close_handle;
51 newState.PrivilegeCount = 1;
52 newState.Privileges[0].Luid = luid;
53 newState.Privileges[0].Attributes = (enable ? SE_PRIVILEGE_ENABLED : 0);
54 SetLastError(ERROR_SUCCESS);
55 ret = AdjustTokenPrivileges(hToken, FALSE, &newState, 0, NULL, NULL);
56 if (ret && GetLastError() == ERROR_NOT_ALL_ASSIGNED)
65 win32_modify_capture_privileges(bool enable)
68 ok &= win32_modify_privilege(SE_BACKUP_NAME, enable);
69 ok &= win32_modify_privilege(SE_SECURITY_NAME, enable);
74 win32_modify_apply_privileges(bool enable)
77 ok &= win32_modify_privilege(SE_RESTORE_NAME, enable);
78 ok &= win32_modify_privilege(SE_SECURITY_NAME, enable);
79 ok &= win32_modify_privilege(SE_TAKE_OWNERSHIP_NAME, enable);
80 ok &= win32_modify_privilege(SE_MANAGE_VOLUME_NAME, enable);
85 win32_release_capture_and_apply_privileges(void)
87 win32_modify_capture_privileges(false);
88 win32_modify_apply_privileges(false);
91 /* Pointers to dynamically loaded functions */
95 NTSTATUS (WINAPI *func_NtCreateFile)(PHANDLE FileHandle,
96 ACCESS_MASK DesiredAccess,
97 POBJECT_ATTRIBUTES ObjectAttributes,
98 PIO_STATUS_BLOCK IoStatusBlock,
99 PLARGE_INTEGER AllocationSize,
100 ULONG FileAttributes,
102 ULONG CreateDisposition,
107 NTSTATUS (WINAPI *func_NtOpenFile) (PHANDLE FileHandle,
108 ACCESS_MASK DesiredAccess,
109 POBJECT_ATTRIBUTES ObjectAttributes,
110 PIO_STATUS_BLOCK IoStatusBlock,
114 NTSTATUS (WINAPI *func_NtReadFile) (HANDLE FileHandle,
116 PIO_APC_ROUTINE ApcRoutine,
118 PIO_STATUS_BLOCK IoStatusBlock,
121 PLARGE_INTEGER ByteOffset,
124 NTSTATUS (WINAPI *func_NtWriteFile) (HANDLE FileHandle,
126 PIO_APC_ROUTINE ApcRoutine,
128 PIO_STATUS_BLOCK IoStatusBlock,
131 PLARGE_INTEGER ByteOffset,
134 NTSTATUS (WINAPI *func_NtQueryInformationFile)(HANDLE FileHandle,
135 PIO_STATUS_BLOCK IoStatusBlock,
136 PVOID FileInformation,
138 FILE_INFORMATION_CLASS FileInformationClass);
140 NTSTATUS (WINAPI *func_NtQuerySecurityObject)(HANDLE handle,
141 SECURITY_INFORMATION SecurityInformation,
142 PSECURITY_DESCRIPTOR SecurityDescriptor,
144 PULONG LengthNeeded);
146 NTSTATUS (WINAPI *func_NtQueryDirectoryFile) (HANDLE FileHandle,
148 PIO_APC_ROUTINE ApcRoutine,
150 PIO_STATUS_BLOCK IoStatusBlock,
151 PVOID FileInformation,
153 FILE_INFORMATION_CLASS FileInformationClass,
154 BOOLEAN ReturnSingleEntry,
155 PUNICODE_STRING FileName,
156 BOOLEAN RestartScan);
158 NTSTATUS (WINAPI *func_NtQueryVolumeInformationFile) (HANDLE FileHandle,
159 PIO_STATUS_BLOCK IoStatusBlock,
162 FS_INFORMATION_CLASS FsInformationClass);
164 NTSTATUS (WINAPI *func_NtSetInformationFile)(HANDLE FileHandle,
165 PIO_STATUS_BLOCK IoStatusBlock,
166 PVOID FileInformation,
168 FILE_INFORMATION_CLASS FileInformationClass);
170 NTSTATUS (WINAPI *func_NtSetSecurityObject)(HANDLE Handle,
171 SECURITY_INFORMATION SecurityInformation,
172 PSECURITY_DESCRIPTOR SecurityDescriptor);
174 static NTSTATUS (WINAPI *func_NtFsControlFile) (HANDLE FileHandle,
176 PIO_APC_ROUTINE ApcRoutine,
178 PIO_STATUS_BLOCK IoStatusBlock,
181 ULONG InputBufferLength,
183 ULONG OutputBufferLength);
185 static NTSTATUS (WINAPI *func_NtWaitForSingleObject) (HANDLE Handle,
187 PLARGE_INTEGER Timeout);
189 NTSTATUS (WINAPI *func_NtClose) (HANDLE Handle);
191 DWORD (WINAPI *func_RtlNtStatusToDosError)(NTSTATUS status);
193 BOOLEAN (WINAPI *func_RtlDosPathNameToNtPathName_U)
195 OUT PUNICODE_STRING NtName,
196 OUT PCWSTR *PartName,
197 OUT PRTL_RELATIVE_NAME_U RelativeName);
199 NTSTATUS (WINAPI *func_RtlDosPathNameToNtPathName_U_WithStatus)
201 OUT PUNICODE_STRING NtName,
202 OUT PCWSTR *PartName,
203 OUT PRTL_RELATIVE_NAME_U RelativeName);
205 NTSTATUS (WINAPI *func_RtlCreateSystemVolumeInformationFolder)
206 (PCUNICODE_STRING VolumeRootPath);
208 static bool acquired_privileges = false;
216 #define DLL_SYM(name, required) { (void **)&func_##name, #name, required }
218 #define for_each_sym(sym, spec) \
219 for ((sym) = (spec)->syms; (sym)->name; (sym)++)
224 const struct dll_sym syms[];
227 struct dll_spec ntdll_spec = {
228 .name = L"ntdll.dll",
230 DLL_SYM(NtCreateFile, true),
231 DLL_SYM(NtOpenFile, true),
232 DLL_SYM(NtReadFile, true),
233 DLL_SYM(NtWriteFile, true),
234 DLL_SYM(NtQueryInformationFile, true),
235 DLL_SYM(NtQuerySecurityObject, true),
236 DLL_SYM(NtQueryDirectoryFile, true),
237 DLL_SYM(NtQueryVolumeInformationFile, true),
238 DLL_SYM(NtSetInformationFile, true),
239 DLL_SYM(NtSetSecurityObject, true),
240 DLL_SYM(NtFsControlFile, true),
241 DLL_SYM(NtWaitForSingleObject, true),
242 DLL_SYM(NtClose, true),
243 DLL_SYM(RtlNtStatusToDosError, true),
244 DLL_SYM(RtlCreateSystemVolumeInformationFolder, false),
245 DLL_SYM(RtlDosPathNameToNtPathName_U, true),
246 DLL_SYM(RtlDosPathNameToNtPathName_U_WithStatus, false), /* Not present on XP */
252 init_dll(struct dll_spec *spec)
254 const struct dll_sym *sym;
258 spec->handle = LoadLibrary(spec->name);
260 for_each_sym(sym, spec) {
262 ERROR("%ls could not be loaded!", spec->name);
263 return WIMLIB_ERR_UNSUPPORTED;
268 for_each_sym(sym, spec) {
269 addr = (void *)GetProcAddress(spec->handle, sym->name);
271 *(sym->func_ptr) = addr;
272 } else if (sym->required) {
273 ERROR("Can't find %s in %ls", sym->name, spec->name);
274 return WIMLIB_ERR_UNSUPPORTED;
281 cleanup_dll(struct dll_spec *spec)
283 const struct dll_sym *sym;
286 FreeLibrary(spec->handle);
289 for_each_sym(sym, spec)
290 *(sym->func_ptr) = NULL;
294 /* One-time initialization for Windows capture/apply code. */
296 win32_global_init(int init_flags)
300 /* Try to acquire useful privileges. */
301 if (!(init_flags & WIMLIB_INIT_FLAG_DONT_ACQUIRE_PRIVILEGES)) {
302 ret = WIMLIB_ERR_INSUFFICIENT_PRIVILEGES;
303 if (!win32_modify_capture_privileges(true))
304 if (init_flags & WIMLIB_INIT_FLAG_STRICT_CAPTURE_PRIVILEGES)
306 if (!win32_modify_apply_privileges(true))
307 if (init_flags & WIMLIB_INIT_FLAG_STRICT_APPLY_PRIVILEGES)
309 acquired_privileges = true;
312 ret = init_dll(&ntdll_spec);
319 win32_release_capture_and_apply_privileges();
324 win32_global_cleanup(void)
326 vss_global_cleanup();
328 if (acquired_privileges)
329 win32_release_capture_and_apply_privileges();
331 cleanup_dll(&ntdll_spec);
335 * Translates a Win32-namespace path into an NT-namespace path.
337 * On success, returns 0. The NT-namespace path will be stored in the
338 * UNICODE_STRING structure pointed to by nt_path. nt_path->Buffer will be set
339 * to a new buffer that must later be freed with HeapFree(). (Really
340 * RtlHeapFree(), but HeapFree() seems to be the same thing.)
342 * On failure, returns WIMLIB_ERR_NOMEM or WIMLIB_ERR_INVALID_PARAM.
345 win32_path_to_nt_path(const wchar_t *win32_path, UNICODE_STRING *nt_path)
349 if (func_RtlDosPathNameToNtPathName_U_WithStatus) {
350 status = (*func_RtlDosPathNameToNtPathName_U_WithStatus)(win32_path,
354 if ((*func_RtlDosPathNameToNtPathName_U)(win32_path, nt_path,
356 status = STATUS_SUCCESS;
358 status = STATUS_NO_MEMORY;
361 if (likely(NT_SUCCESS(status)))
364 if (status == STATUS_NO_MEMORY)
365 return WIMLIB_ERR_NOMEM;
367 winnt_error(status, L"\"%ls\": invalid path name", win32_path);
368 return WIMLIB_ERR_INVALID_PARAM;
372 win32_get_drive_path(const wchar_t *file_path, wchar_t drive_path[7])
376 file_abspath = realpath(file_path, NULL);
378 return WIMLIB_ERR_NOMEM;
380 if (file_abspath[0] == L'\0' || file_abspath[1] != L':') {
381 ERROR("\"%ls\": Path format not recognized", file_abspath);
383 return WIMLIB_ERR_UNSUPPORTED;
386 wsprintf(drive_path, L"\\\\.\\%lc:", file_abspath[0]);
391 /* Try to attach an instance of the Windows Overlay File System Filter Driver to
392 * the specified drive (such as C:) */
394 win32_try_to_attach_wof(const wchar_t *drive)
399 /* Use FilterAttach() from Fltlib.dll. */
401 fltlib = LoadLibrary(L"Fltlib.dll");
404 WARNING("Failed to load Fltlib.dll");
408 HRESULT (WINAPI *func_FilterAttach)(LPCWSTR lpFilterName,
409 LPCWSTR lpVolumeName,
410 LPCWSTR lpInstanceName,
411 DWORD dwCreatedInstanceNameLength,
412 LPWSTR lpCreatedInstanceName);
414 func_FilterAttach = (void *)GetProcAddress(fltlib, "FilterAttach");
416 if (func_FilterAttach) {
419 res = (*func_FilterAttach)(L"wof", drive, NULL, 0, NULL);
422 res = (*func_FilterAttach)(L"wofadk", drive, NULL, 0, NULL);
427 WARNING("FilterAttach() does not exist in Fltlib.dll");
437 windows_msg(u32 code, const wchar_t *format, va_list va,
438 bool is_ntstatus, bool is_error)
440 wchar_t _buf[STACK_MAX / 8];
442 size_t buflen = ARRAY_LEN(_buf);
447 n = vsnwprintf(buf, buflen, format, va);
452 n += snwprintf(&buf[n], buflen - n,
454 L" (status=%08"PRIx32"): " :
455 L" (err=%"PRIu32"): "),
461 ret = FormatMessage(FORMAT_MESSAGE_FROM_SYSTEM |
462 FORMAT_MESSAGE_IGNORE_INSERTS |
463 (is_ntstatus ? FORMAT_MESSAGE_FROM_HMODULE : 0),
464 (is_ntstatus ? ntdll_spec.handle : NULL),
466 MAKELANGID(LANG_NEUTRAL, SUBLANG_DEFAULT),
472 if (n >= buflen || (ret == 0 && GetLastError() == ERROR_INSUFFICIENT_BUFFER))
475 if (buf[n - 1] == L'\n')
477 if (buf[n - 1] == L'\r')
479 if (buf[n - 1] == L'.')
494 buf = MALLOC(buflen * sizeof(buf[0]));
497 ERROR("Ran out of memory while building error message!!!");
501 win32_warning(DWORD err, const wchar_t *format, ...)
505 va_start(va, format);
506 windows_msg(err, format, va, false, false);
511 win32_error(DWORD err, const wchar_t *format, ...)
515 va_start(va, format);
516 windows_msg(err, format, va, false, true);
521 winnt_warning(NTSTATUS status, const wchar_t *format, ...)
525 va_start(va, format);
526 windows_msg(status, format, va, true, false);
531 winnt_error(NTSTATUS status, const wchar_t *format, ...)
535 va_start(va, format);
536 windows_msg(status, format, va, true, true);
541 * Synchronously execute a filesystem control method. This is a wrapper around
542 * NtFsControlFile() that handles STATUS_PENDING. Note that SYNCHRONIZE
543 * permission is, in general, required on the handle.
546 winnt_fsctl(HANDLE h, u32 code, const void *in, u32 in_size,
547 void *out, u32 out_size_avail, u32 *actual_out_size_ret)
549 IO_STATUS_BLOCK iosb;
552 status = (*func_NtFsControlFile)(h, NULL, NULL, NULL, &iosb, code,
554 out, out_size_avail);
555 if (status == STATUS_PENDING) {
556 /* Beware: this case is often encountered with remote
557 * filesystems, but rarely with local filesystems. */
559 status = (*func_NtWaitForSingleObject)(h, FALSE, NULL);
560 if (NT_SUCCESS(status)) {
561 status = iosb.Status;
563 /* We shouldn't be issuing ioctls on a handle to which
564 * we don't have SYNCHRONIZE access. Otherwise we have
565 * no way to wait for them to complete. */
566 wimlib_assert(status != STATUS_ACCESS_DENIED);
570 if (NT_SUCCESS(status) && actual_out_size_ret != NULL)
571 *actual_out_size_ret = (u32)iosb.Information;
576 #endif /* __WIN32__ */