+ /* Normally, FSCTL_QUERY_FILE_LAYOUT fails with error code 38 after all
+ * files have been enumerated. */
+ err = GetLastError();
+ if (err != 38) {
+ if (err == ERROR_INVALID_FUNCTION ||
+ err == ERROR_INVALID_PARAMETER) {
+ /* Silently try standard recursive scan instead */
+ ret = -1;
+ } else {
+ win32_error(err,
+ L"Error enumerating files on volume \"%ls\"",
+ path);
+ /* Try standard recursive scan instead */
+ ret = WIMLIB_ERR_UNSUPPORTED;
+ }
+ goto out;
+ }
+ ret = 0;
+out:
+ FREE(out);
+ (*func_NtClose)(h);
+ return ret;
+}
+
+/* Build the list of child dentries for each inode in @map. This is done by
+ * iterating through each name of each inode and adding it to its parent's
+ * children list. Note that every name should have a parent, i.e. should belong
+ * to some directory. The root directory does not have any names. */
+static int
+build_children_lists(struct ntfs_inode_map *map, struct ntfs_inode **root_ret)
+{
+ struct ntfs_inode *ni;
+
+ avl_tree_for_each_in_order(ni, map->root, struct ntfs_inode, index_node)
+ {
+ struct ntfs_dentry *nd;
+ u32 n;
+
+ if (NTFS_IS_ROOT_FILE(ni->ino)) {
+ *root_ret = ni;
+ continue;
+ }
+
+ n = ni->num_aliases;
+ nd = FIRST_DENTRY(ni);
+ for (;;) {
+ struct ntfs_inode *parent;
+
+ parent = ntfs_inode_map_lookup(map, nd->parent_ino);
+ if (unlikely(!parent)) {
+ ERROR("Parent inode 0x%016"PRIx64" of"
+ "directory entry \"%ls\" (inode "
+ "0x%016"PRIx64") was missing from the "
+ "MFT listing!",
+ nd->parent_ino, nd->name, ni->ino);
+ return WIMLIB_ERR_UNSUPPORTED;
+ }
+ nd->next_child = parent->first_child;
+ parent->first_child = nd;
+ if (!--n)
+ break;
+ nd = NEXT_DENTRY(nd);
+ }
+ }
+ return 0;
+}
+
+struct security_map_node {
+ struct avl_tree_node index_node;
+ u32 disk_security_id;
+ u32 wim_security_id;
+};
+
+/* Map from disk security IDs to WIM security IDs */
+struct security_map {
+ struct avl_tree_node *root;
+};
+
+#define SECURITY_MAP_NODE(node) \
+ avl_tree_entry((node), struct security_map_node, index_node)
+
+static int
+_avl_cmp_security_map_nodes(const struct avl_tree_node *node1,
+ const struct avl_tree_node *node2)
+{
+ return cmp_u32(SECURITY_MAP_NODE(node1)->disk_security_id,
+ SECURITY_MAP_NODE(node2)->disk_security_id);
+}
+
+static s32
+security_map_lookup(struct security_map *map, u32 disk_security_id)
+{
+ struct security_map_node tmp;
+ const struct avl_tree_node *res;
+
+ if (disk_security_id == 0) /* No on-disk security ID; uncacheable */
+ return -1;
+
+ tmp.disk_security_id = disk_security_id;
+ res = avl_tree_lookup_node(map->root, &tmp.index_node,
+ _avl_cmp_security_map_nodes);
+ if (!res)
+ return -1;
+ return SECURITY_MAP_NODE(res)->wim_security_id;
+}
+
+static int
+security_map_insert(struct security_map *map, u32 disk_security_id,
+ u32 wim_security_id)
+{
+ struct security_map_node *node;
+
+ if (disk_security_id == 0) /* No on-disk security ID; uncacheable */
+ return 0;
+
+ node = MALLOC(sizeof(*node));
+ if (!node)
+ return WIMLIB_ERR_NOMEM;
+
+ node->disk_security_id = disk_security_id;
+ node->wim_security_id = wim_security_id;
+ avl_tree_insert(&map->root, &node->index_node,
+ _avl_cmp_security_map_nodes);
+ return 0;
+}
+
+static void
+security_map_destroy(struct security_map *map)
+{
+ struct security_map_node *node;
+
+ avl_tree_for_each_in_postorder(node, map->root,
+ struct security_map_node, index_node)
+ FREE(node);
+}
+
+/*
+ * Turn our temporary NTFS structures into the final WIM structures:
+ *
+ * ntfs_inode => wim_inode
+ * ntfs_dentry => wim_dentry
+ * ntfs_stream => wim_inode_stream
+ *
+ * This also handles things such as exclusions and issuing progress messages.
+ * It's similar to winnt_build_dentry_tree_recursive(), but this is much faster
+ * because almost all information we need is already loaded in memory in the
+ * ntfs_* structures. However, in some cases we still fall back to
+ * winnt_build_dentry_tree_recursive() and/or opening the file.
+ */
+static int
+generate_wim_structures_recursive(struct wim_dentry **root_ret,
+ wchar_t *path, size_t path_nchars,
+ const wchar_t *filename, bool is_primary_name,
+ struct ntfs_inode *ni,
+ struct winnt_scan_ctx *ctx,
+ struct ntfs_inode_map *inode_map,
+ struct security_map *security_map)
+{
+ int ret = 0;
+ struct wim_dentry *root = NULL;
+ struct wim_inode *inode = NULL;
+ const struct ntfs_stream *ns;
+
+ /* Completely ignore NTFS special files. */
+ if (NTFS_IS_SPECIAL_FILE(ni->ino))
+ goto out;
+
+ /* Fall back to a recursive scan for unhandled cases. Reparse points,
+ * in particular, can't be properly handled here because a commonly used
+ * filter driver (WOF) hides reparse points from regular filesystem APIs
+ * but not from FSCTL_QUERY_FILE_LAYOUT. */
+ if (ni->attributes & (FILE_ATTRIBUTE_REPARSE_POINT |
+ FILE_ATTRIBUTE_ENCRYPTED))
+ {
+ ret = winnt_build_dentry_tree_recursive(&root,
+ NULL,
+ path,
+ path_nchars,
+ path,
+ path_nchars,
+ filename,
+ ctx);
+ goto out;
+ }
+
+ /* Test for exclusion based on path. */
+ ret = try_exclude(path, ctx->params);
+ if (unlikely(ret < 0)) /* Excluded? */
+ goto out_progress;
+ if (unlikely(ret > 0)) /* Error? */
+ goto out;
+
+ /* Create the WIM dentry and possibly a new WIM inode */
+ ret = inode_table_new_dentry(ctx->params->inode_table, filename,
+ ni->ino, ctx->params->capture_root_dev,
+ false, &root);