*
* Apply a WIM image directly to an NTFS volume using libntfs-3g. Restore as
* much information as possible, including security data, file attributes, DOS
- * names, and alternate data streams.
+ * names, alternate data streams, and object IDs.
*
- * Note: because NTFS-3g offers inode-based interfaces, we actually don't need
+ * Note: because NTFS-3G offers inode-based interfaces, we actually don't need
* to deal with paths at all! (Other than for error messages.)
*/
/*
- * Copyright (C) 2012, 2013, 2014, 2015 Eric Biggers
+ * Copyright (C) 2012-2016 Eric Biggers
*
* This file is free software; you can redistribute it and/or modify it under
* the terms of the GNU Lesser General Public License as published by the Free
# include "config.h"
#endif
+#include <errno.h>
#include <locale.h>
#include <string.h>
#include <ntfs-3g/attrib.h>
+#include <ntfs-3g/object_id.h>
#include <ntfs-3g/reparse.h>
#include <ntfs-3g/security.h>
#include "wimlib/error.h"
#include "wimlib/metadata.h"
#include "wimlib/ntfs_3g.h"
+#include "wimlib/object_id.h"
#include "wimlib/reparse.h"
#include "wimlib/security.h"
#include "wimlib/security_descriptor.h"
ntfs_3g_get_supported_features(const char *target,
struct wim_features *supported_features)
{
- supported_features->archive_files = 1;
+ supported_features->readonly_files = 1;
supported_features->hidden_files = 1;
supported_features->system_files = 1;
+ supported_features->archive_files = 1;
supported_features->compressed_files = 1;
supported_features->not_context_indexed_files = 1;
supported_features->named_data_streams = 1;
supported_features->reparse_points = 1;
supported_features->security_descriptors = 1;
supported_features->short_names = 1;
+ supported_features->object_ids = 1;
supported_features->timestamps = 1;
supported_features->case_sensitive_filenames = 1;
return 0;
* moving the empty SACL earlier in the security descriptor or by removing the
* SACL entirely. The latter work-around is valid because an empty SACL is
* equivalent to a "null", or non-existent, SACL.
- * - Versions up to and including 2013.1.13 reject security descriptors ending
- * with an empty DACL (Discretionary Access Control List). This is very
- * similar to the SACL bug and should be fixed in the next release after
- * 2013.1.13. However, removing the DACL is not a valid workaround because
- * this changes the meaning of the security descriptor--- an empty DACL allows
- * no access, whereas a "null" DACL allows all access.
+ * - Versions before 2014.2.15 reject security descriptors ending with an empty
+ * DACL (Discretionary Access Control List). This is very similar to the SACL
+ * bug. However, removing the DACL is not a valid workaround because this
+ * changes the meaning of the security descriptor--- an empty DACL allows no
+ * access, whereas a "null" DACL allows all access.
+ * - Versions before 2016.2.22 reject security descriptors containing SIDs with
+ * too many subauthorities. We do not work around this.
*
* If the security descriptor was fixed, this function returns an allocated
* buffer containing the fixed security descriptor, and its size is updated.
- * Otherwise (or if no memory is available) the original descriptor is returned.
+ * Otherwise (or if no memory is available) NULL is returned.
*/
-static u8 *
-sd_fixup(const u8 *_desc, size_t *size_p)
+static void *
+sd_fixup(const void *_desc, size_t *size_p)
{
- u32 owner_offset, group_offset, dacl_offset;
-#if !defined(HAVE_NTFS_MNT_RDONLY)
- u32 sacl_offset;
-#endif
+ u32 owner_offset, group_offset, dacl_offset, sacl_offset;
bool owner_valid, group_valid;
size_t size = *size_p;
- const wimlib_SECURITY_DESCRIPTOR_RELATIVE *desc =
- (const wimlib_SECURITY_DESCRIPTOR_RELATIVE*)_desc;
+ const wimlib_SECURITY_DESCRIPTOR_RELATIVE *desc = _desc;
wimlib_SECURITY_DESCRIPTOR_RELATIVE *desc_new;
const wimlib_SID *owner, *group, *sid;
/* Don't attempt to fix clearly invalid security descriptors. */
if (size < sizeof(wimlib_SECURITY_DESCRIPTOR_RELATIVE))
- return (u8*)_desc;
+ return NULL;
if (le16_to_cpu(desc->control) & wimlib_SE_DACL_PRESENT)
dacl_offset = le32_to_cpu(desc->dacl_offset);
else
dacl_offset = 0;
-#if !defined(HAVE_NTFS_MNT_RDONLY)
if (le16_to_cpu(desc->control) & wimlib_SE_SACL_PRESENT)
sacl_offset = le32_to_cpu(desc->sacl_offset);
else
sacl_offset = 0;
-#endif
/* Check if the security descriptor will be affected by one of the bugs.
- * If not, do nothing and return.
- *
- * Note: HAVE_NTFS_MNT_RDONLY is defined if libntfs-3g is
- * version 2013.1.13 or later. */
- if (!(
- #if !defined(HAVE_NTFS_MNT_RDONLY)
- (sacl_offset != 0 && sacl_offset == size - sizeof(wimlib_ACL)) ||
- #endif
- (dacl_offset != 0 && dacl_offset == size - sizeof(wimlib_ACL))))
- return (u8*)_desc;
+ * If not, do nothing and return. */
+ if (!((sacl_offset != 0 && sacl_offset == size - sizeof(wimlib_ACL)) ||
+ (dacl_offset != 0 && dacl_offset == size - sizeof(wimlib_ACL))))
+ return NULL;
owner_offset = le32_to_cpu(desc->owner_offset);
group_offset = le32_to_cpu(desc->group_offset);
} else if (group_valid) {
sid = group;
} else {
- return (u8*)_desc;
+ return NULL;
}
desc_new = MALLOC(size + sid_size(sid));
if (!desc_new)
- return (u8*)_desc;
+ return NULL;
memcpy(desc_new, desc, size);
if (owner_valid)
desc_new->group_offset = cpu_to_le32(size);
memcpy((u8*)desc_new + size, sid, sid_size(sid));
*size_p = size + sid_size(sid);
- return (u8*)desc_new;
+ return desc_new;
}
/* Set the security descriptor @desc of size @desc_size on the NTFS inode @ni.
ntfs_3g_set_security_descriptor(ntfs_inode *ni, const void *desc, size_t desc_size)
{
struct SECURITY_CONTEXT sec_ctx;
- u8 *desc_fixed;
+ void *desc_fixed = NULL;
int ret = 0;
memset(&sec_ctx, 0, sizeof(sec_ctx));
sec_ctx.vol = ni->vol;
- desc_fixed = sd_fixup(desc, &desc_size);
-
- if (ntfs_set_ntfs_acl(&sec_ctx, ni, desc_fixed, desc_size, 0))
+retry:
+ if (ntfs_set_ntfs_acl(&sec_ctx, ni, desc, desc_size, 0)) {
+ if (desc_fixed == NULL) {
+ desc_fixed = sd_fixup(desc, &desc_size);
+ if (desc_fixed != NULL) {
+ desc = desc_fixed;
+ goto retry;
+ }
+ }
ret = WIMLIB_ERR_SET_SECURITY;
+ }
- if (desc_fixed != desc)
- FREE(desc_fixed);
-
+ FREE(desc_fixed);
return ret;
}
goto out_close;
}
- /* Unlike most other NTFS-3g functions, ntfs_set_ntfs_dos_name()
+ /* Unlike most other NTFS-3G functions, ntfs_set_ntfs_dos_name()
* changes the directory's last modification timestamp...
* Change it back. */
return ntfs_3g_restore_timestamps(vol, dentry->d_parent->d_inode);
if (ntfs_set_ntfs_reparse_data(ni, (const char *)&ctx->rpbuf,
REPARSE_DATA_OFFSET + blob_size, 0))
{
+ int err = errno;
ERROR_WITH_ERRNO("Failed to set reparse data on \"%s\"",
dentry_full_path(
inode_first_extraction_dentry(inode)));
+ if (err == EINVAL && !(inode->i_reparse_tag & 0x80000000)) {
+ WARNING("This reparse point had a non-Microsoft reparse "
+ "tag. The preceding error may have been caused "
+ "by a known bug in libntfs-3g where it does not "
+ "correctly validate non-Microsoft reparse "
+ "points. This bug was fixed in NTFS-3G version "
+ "2016.2.22.");
+ }
return WIMLIB_ERR_SET_REPARSE_DATA;
}
return 0;
}
+static bool
+ntfs_3g_has_empty_attributes(const struct wim_inode *inode)
+{
+ for (unsigned i = 0; i < inode->i_num_streams; i++) {
+ const struct wim_inode_stream *strm = &inode->i_streams[i];
+
+ if (stream_blob_resolved(strm) == NULL &&
+ (strm->stream_type == STREAM_TYPE_REPARSE_POINT ||
+ stream_is_named_data_stream(strm)))
+ return true;
+ }
+ return false;
+}
/*
* Create empty attributes (named data streams and potentially a reparse point)
*
* Since these won't have blob descriptors, they won't show up in the call to
* extract_blob_list(). Hence the need for the special case.
+ *
+ * Keep this in sync with ntfs_3g_has_empty_attributes()!
*/
static int
ntfs_3g_create_empty_attributes(ntfs_inode *ni,
const struct wim_inode *inode,
struct ntfs_3g_apply_ctx *ctx)
{
-
for (unsigned i = 0; i < inode->i_num_streams; i++) {
const struct wim_inode_stream *strm = &inode->i_streams[i];
sd = wim_get_current_security_data(ctx->common.wim);
one_dentry = inode_first_extraction_dentry(inode);
+ /* Object ID */
+ {
+ u32 len;
+ const void *object_id = inode_get_object_id(inode, &len);
+ if (unlikely(object_id != NULL) &&
+ ntfs_set_ntfs_object_id(ni, object_id, len, 0))
+ {
+ if (errno == EEXIST) {
+ WARNING("Duplicate object ID on file \"%s\"",
+ dentry_full_path(one_dentry));
+ } else {
+ ERROR_WITH_ERRNO("Failed to set object ID on "
+ "\"%s\" in NTFS volume",
+ dentry_full_path(one_dentry));
+ return WIMLIB_ERR_NTFS_3G;
+ }
+ }
+ }
+
/* Attributes */
if (!(extract_flags & WIMLIB_EXTRACT_FLAG_NO_ATTRIBUTES)) {
u32 attrib = inode->i_attributes;
desc_size = sd->sizes[inode->i_security_id];
ret = ntfs_3g_set_security_descriptor(ni, desc, desc_size);
- if (ret) {
- if (wimlib_print_errors) {
- ERROR_WITH_ERRNO("Failed to set security descriptor "
- "on \"%s\" in NTFS volume",
- dentry_full_path(one_dentry));
+
+ if (unlikely(ret)) {
+ int err = errno;
+ ERROR_WITH_ERRNO("Failed to set security descriptor on "
+ "\"%s\" in NTFS volume",
+ dentry_full_path(one_dentry));
+ if (err == EINVAL && wimlib_print_errors) {
fprintf(wimlib_error_file,
"The security descriptor is: ");
print_byte_field(desc, desc_size, wimlib_error_file);
fprintf(wimlib_error_file, "\n");
+ fprintf(wimlib_error_file,
+ "\nThis error occurred because libntfs-3g thinks "
+ "the security descriptor is invalid. If you "
+ "are extracting a Windows 10 image, this may be "
+ "caused by a known bug in libntfs-3g. This bug "
+ "was fixed in NTFS-3G version 2016.2.22. See: "
+ "https://wimlib.net/forums/viewtopic.php?f=1&t=4 "
+ "for more information.\n\n");
}
return ret;
}
ret = report_file_created(&ctx->common);
if (!ret)
ret = ntfs_3g_set_metadata(ni, child->d_inode, ctx);
- if (!ret)
- ret = ntfs_3g_create_empty_attributes(ni, child->d_inode, ctx);
if (!ret)
ret = ntfs_3g_create_dirs_recursive(ni, child, ctx);
root->d_inode->i_mft_no = FILE_root;
- ret = ntfs_3g_create_dirs_recursive(root_ni, root, ctx);
+ ret = ntfs_3g_set_metadata(root_ni, root->d_inode, ctx);
+ if (!ret)
+ ret = ntfs_3g_create_dirs_recursive(root_ni, root, ctx);
if (ntfs_inode_close(root_ni) && !ret) {
ERROR_WITH_ERRNO("Error closing root of NTFS volume");
if (ret)
return ret;
- /* Set the DOS name of any directory that has one. */
+ /* Set the DOS name of any directory that has one. In addition, create
+ * empty attributes for directories that have them. Note that creating
+ * an empty reparse point attribute must happen *after* setting the DOS
+ * name in order to work around a case where ntfs_set_ntfs_dos_name()
+ * fails with EOPNOTSUPP. This bug was fixed in NTFS-3G version
+ * 2016.2.22. */
list_for_each_entry(dentry, dentry_list, d_extraction_list_node) {
- if (!(dentry->d_inode->i_attributes & FILE_ATTRIBUTE_DIRECTORY))
- continue;
- if (!dentry_has_short_name(dentry))
+ const struct wim_inode *inode = dentry->d_inode;
+
+ if (!(inode->i_attributes & FILE_ATTRIBUTE_DIRECTORY))
continue;
- ret = ntfs_3g_restore_dos_name(NULL, NULL, dentry, ctx->vol);
- if (ret)
- return ret;
- ret = report_file_created(&ctx->common);
- if (ret)
- return ret;
+ if (dentry_has_short_name(dentry)) {
+ ret = ntfs_3g_restore_dos_name(NULL, NULL, dentry,
+ ctx->vol);
+ if (ret)
+ return ret;
+ ret = report_file_created(&ctx->common);
+ if (ret)
+ return ret;
+ }
+ if (ntfs_3g_has_empty_attributes(inode)) {
+ ntfs_inode *ni;
+
+ ret = WIMLIB_ERR_NTFS_3G;
+ ni = ntfs_inode_open(ctx->vol, inode->i_mft_no);
+ if (ni) {
+ ret = ntfs_3g_create_empty_attributes(ni, inode,
+ ctx);
+ if (ntfs_inode_close(ni) && !ret)
+ ret = WIMLIB_ERR_NTFS_3G;
+ }
+ if (ret) {
+ ERROR_WITH_ERRNO("Failed to create empty "
+ "attributes of directory "
+ "\"%s\" in NTFS volume",
+ dentry_full_path(dentry));
+ return ret;
+ }
+ }
}
return 0;
}
struct ntfs_3g_apply_ctx *ctx)
{
struct wim_dentry *one_dentry = inode_first_extraction_dentry(inode);
+ ntfschar *stream_name;
size_t stream_name_nchars;
ntfs_attr *attr;
/* It's a data stream (may be unnamed or named). */
wimlib_assert(strm->stream_type == STREAM_TYPE_DATA);
- stream_name_nchars = utf16le_len_chars(strm->stream_name);
+ if (unlikely(stream_is_named(strm))) {
+ stream_name = strm->stream_name;
+ stream_name_nchars = utf16le_len_chars(stream_name);
- if (stream_name_nchars &&
- (ntfs_attr_add(ni, AT_DATA, strm->stream_name,
- stream_name_nchars, NULL, 0)))
- {
- ERROR_WITH_ERRNO("Failed to create named data stream of \"%s\"",
- dentry_full_path(one_dentry));
- return WIMLIB_ERR_NTFS_3G;
+ if (ntfs_attr_add(ni, AT_DATA, stream_name,
+ stream_name_nchars, NULL, 0))
+ {
+ ERROR_WITH_ERRNO("Failed to create named data stream of \"%s\"",
+ dentry_full_path(one_dentry));
+ return WIMLIB_ERR_NTFS_3G;
+ }
+ } else {
+ /* Don't pass an empty string other than AT_UNNAMED to
+ * ntfs_attr_open() --- it violates assumptions made by
+ * libntfs-3g. */
+ stream_name = AT_UNNAMED;
+ stream_name_nchars = 0;
}
/* This should be ensured by extract_blob_list() */
wimlib_assert(ctx->num_open_attrs < MAX_OPEN_FILES);
- attr = ntfs_attr_open(ni, AT_DATA, strm->stream_name,
- stream_name_nchars);
+ attr = ntfs_attr_open(ni, AT_DATA, stream_name, stream_name_nchars);
if (!attr) {
ERROR_WITH_ERRNO("Failed to open data stream of \"%s\"",
dentry_full_path(one_dentry));
return ret;
}
+/* Note: contrary to its documentation, ntfs_attr_pwrite() can return a short
+ * count in non-error cases --- specifically, when writing to a compressed
+ * attribute and the requested count exceeds the size of an NTFS "compression
+ * block". Therefore, we must continue calling ntfs_attr_pwrite() until all
+ * bytes have been written or a real error has occurred. */
+static bool
+ntfs_3g_full_pwrite(ntfs_attr *na, u64 offset, size_t size, const u8 *data)
+{
+ while (size) {
+ s64 res = ntfs_attr_pwrite(na, offset, size, data);
+ if (unlikely(res <= 0))
+ return false;
+ wimlib_assert(res <= size);
+ offset += res;
+ size -= res;
+ data += res;
+ }
+ return true;
+}
+
static int
ntfs_3g_extract_chunk(const void *chunk, size_t size, void *_ctx)
{
struct ntfs_3g_apply_ctx *ctx = _ctx;
- s64 res;
for (unsigned i = 0; i < ctx->num_open_attrs; i++) {
- res = ntfs_attr_pwrite(ctx->open_attrs[i],
- ctx->offset, size, chunk);
- if (res != size) {
+ if (!ntfs_3g_full_pwrite(ctx->open_attrs[i],
+ ctx->offset, size, chunk))
+ {
ERROR_WITH_ERRNO("Error writing data to NTFS volume");
return WIMLIB_ERR_NTFS_3G;
}
struct wim_dentry *root;
int ret;
- /* For NTFS-3g extraction mode we require that the dentries to extract
+ /* For NTFS-3G extraction mode we require that the dentries to extract
* form a single tree. */
root = list_first_entry(dentry_list, struct wim_dentry,
d_extraction_list_node);
/* Mount the NTFS volume. */
vol = ntfs_mount(ctx->common.target, 0);
if (!vol) {
- ERROR_WITH_ERRNO("Failed to mount \"%s\" with NTFS-3g",
+ ERROR_WITH_ERRNO("Failed to mount \"%s\" with NTFS-3G",
ctx->common.target);
return WIMLIB_ERR_NTFS_3G;
}
out_unmount:
if (ntfs_umount(ctx->vol, FALSE) && !ret) {
- ERROR_WITH_ERRNO("Failed to unmount \"%s\" with NTFS-3g",
+ ERROR_WITH_ERRNO("Failed to unmount \"%s\" with NTFS-3G",
ctx->common.target);
ret = WIMLIB_ERR_NTFS_3G;
}
}
const struct apply_operations ntfs_3g_apply_ops = {
- .name = "NTFS-3g",
+ .name = "NTFS-3G",
.get_supported_features = ntfs_3g_get_supported_features,
.extract = ntfs_3g_extract,
.context_size = sizeof(struct ntfs_3g_apply_ctx),
git://wimlib.net / wimlib / blobdiff