X-Git-Url: https://wimlib.net/git/?p=wimlib;a=blobdiff_plain;f=src%2Fntfs-3g_apply.c;h=c012c8e5b600188d76115949098763eb5b22d6b0;hp=8f0774679909e53a50aa4f829c5357297edb0a8a;hb=a9b5ef0483d60ef1d8bf6014f223dfeaa68c091e;hpb=26a90546f2a8ded51376d631e5a13f3d7a84f8dc diff --git a/src/ntfs-3g_apply.c b/src/ntfs-3g_apply.c index 8f077467..c012c8e5 100644 --- a/src/ntfs-3g_apply.c +++ b/src/ntfs-3g_apply.c @@ -3,14 +3,14 @@ * * Apply a WIM image directly to an NTFS volume using libntfs-3g. Restore as * much information as possible, including security data, file attributes, DOS - * names, and alternate data streams. + * names, alternate data streams, and object IDs. * - * Note: because NTFS-3g offers inode-based interfaces, we actually don't need + * Note: because NTFS-3G offers inode-based interfaces, we actually don't need * to deal with paths at all! (Other than for error messages.) */ /* - * Copyright (C) 2012, 2013, 2014, 2015 Eric Biggers + * Copyright (C) 2012-2017 Eric Biggers * * This file is free software; you can redistribute it and/or modify it under * the terms of the GNU Lesser General Public License as published by the Free @@ -30,10 +30,12 @@ # include "config.h" #endif +#include #include #include #include +#include #include #include @@ -45,24 +47,27 @@ #include "wimlib/error.h" #include "wimlib/metadata.h" #include "wimlib/ntfs_3g.h" +#include "wimlib/object_id.h" #include "wimlib/reparse.h" #include "wimlib/security.h" -#include "wimlib/security_descriptor.h" static int ntfs_3g_get_supported_features(const char *target, struct wim_features *supported_features) { - supported_features->archive_files = 1; + supported_features->readonly_files = 1; supported_features->hidden_files = 1; supported_features->system_files = 1; + supported_features->archive_files = 1; supported_features->compressed_files = 1; supported_features->not_context_indexed_files = 1; + supported_features->sparse_files = 1; supported_features->named_data_streams = 1; supported_features->hard_links = 1; supported_features->reparse_points = 1; supported_features->security_descriptors = 1; supported_features->short_names = 1; + supported_features->object_ids = 1; supported_features->timestamps = 1; supported_features->case_sensitive_filenames = 1; return 0; @@ -80,152 +85,21 @@ struct ntfs_3g_apply_ctx { ntfs_inode *open_inodes[MAX_OPEN_FILES]; unsigned num_open_inodes; + /* For each currently open attribute, whether we're writing to it in + * "sparse" mode or not. */ + bool is_sparse_attr[MAX_OPEN_FILES]; + + /* Whether is_sparse_attr[] is true for any currently open attribute */ + bool any_sparse_attrs; + struct reparse_buffer_disk rpbuf; u8 *reparse_ptr; - /* Offset in the blob currently being read */ - u64 offset; - unsigned num_reparse_inodes; ntfs_inode *ntfs_reparse_inodes[MAX_OPEN_FILES]; struct wim_inode *wim_reparse_inodes[MAX_OPEN_FILES]; }; -static size_t -sid_size(const wimlib_SID *sid) -{ - return offsetof(wimlib_SID, sub_authority) + - sizeof(le32) * sid->sub_authority_count; -} - -/* - * sd_fixup - Fix up a Windows NT security descriptor for libntfs-3g. - * - * libntfs-3g validates security descriptors before setting them, but old - * versions contain bugs causing it to reject unusual but valid security - * descriptors: - * - * - Versions before 2013.1.13 reject security descriptors ending with an empty - * SACL (System Access Control List). This bug can be worked around either by - * moving the empty SACL earlier in the security descriptor or by removing the - * SACL entirely. The latter work-around is valid because an empty SACL is - * equivalent to a "null", or non-existent, SACL. - * - Versions up to and including 2013.1.13 reject security descriptors ending - * with an empty DACL (Discretionary Access Control List). This is very - * similar to the SACL bug and should be fixed in the next release after - * 2013.1.13. However, removing the DACL is not a valid workaround because - * this changes the meaning of the security descriptor--- an empty DACL allows - * no access, whereas a "null" DACL allows all access. - * - * If the security descriptor was fixed, this function returns an allocated - * buffer containing the fixed security descriptor, and its size is updated. - * Otherwise (or if no memory is available) the original descriptor is returned. - */ -static u8 * -sd_fixup(const u8 *_desc, size_t *size_p) -{ - u32 owner_offset, group_offset, dacl_offset; -#if !defined(HAVE_NTFS_MNT_RDONLY) - u32 sacl_offset; -#endif - bool owner_valid, group_valid; - size_t size = *size_p; - const wimlib_SECURITY_DESCRIPTOR_RELATIVE *desc = - (const wimlib_SECURITY_DESCRIPTOR_RELATIVE*)_desc; - wimlib_SECURITY_DESCRIPTOR_RELATIVE *desc_new; - const wimlib_SID *owner, *group, *sid; - - /* Don't attempt to fix clearly invalid security descriptors. */ - if (size < sizeof(wimlib_SECURITY_DESCRIPTOR_RELATIVE)) - return (u8*)_desc; - - if (le16_to_cpu(desc->control) & wimlib_SE_DACL_PRESENT) - dacl_offset = le32_to_cpu(desc->dacl_offset); - else - dacl_offset = 0; - -#if !defined(HAVE_NTFS_MNT_RDONLY) - if (le16_to_cpu(desc->control) & wimlib_SE_SACL_PRESENT) - sacl_offset = le32_to_cpu(desc->sacl_offset); - else - sacl_offset = 0; -#endif - - /* Check if the security descriptor will be affected by one of the bugs. - * If not, do nothing and return. - * - * Note: HAVE_NTFS_MNT_RDONLY is defined if libntfs-3g is - * version 2013.1.13 or later. */ - if (!( - #if !defined(HAVE_NTFS_MNT_RDONLY) - (sacl_offset != 0 && sacl_offset == size - sizeof(wimlib_ACL)) || - #endif - (dacl_offset != 0 && dacl_offset == size - sizeof(wimlib_ACL)))) - return (u8*)_desc; - - owner_offset = le32_to_cpu(desc->owner_offset); - group_offset = le32_to_cpu(desc->group_offset); - owner = (const wimlib_SID*)((const u8*)desc + owner_offset); - group = (const wimlib_SID*)((const u8*)desc + group_offset); - - /* We'll try to move the owner or group SID to the end of the security - * descriptor to avoid the bug. This is only possible if at least one - * is valid. */ - owner_valid = (owner_offset != 0) && - (owner_offset % 4 == 0) && - (owner_offset <= size - sizeof(SID)) && - (owner_offset + sid_size(owner) <= size) && - (owner_offset >= sizeof(wimlib_SECURITY_DESCRIPTOR_RELATIVE)); - group_valid = (group_offset != 0) && - (group_offset % 4 == 0) && - (group_offset <= size - sizeof(SID)) && - (group_offset + sid_size(group) <= size) && - (group_offset >= sizeof(wimlib_SECURITY_DESCRIPTOR_RELATIVE)); - if (owner_valid) { - sid = owner; - } else if (group_valid) { - sid = group; - } else { - return (u8*)_desc; - } - - desc_new = MALLOC(size + sid_size(sid)); - if (!desc_new) - return (u8*)_desc; - - memcpy(desc_new, desc, size); - if (owner_valid) - desc_new->owner_offset = cpu_to_le32(size); - else if (group_valid) - desc_new->group_offset = cpu_to_le32(size); - memcpy((u8*)desc_new + size, sid, sid_size(sid)); - *size_p = size + sid_size(sid); - return (u8*)desc_new; -} - -/* Set the security descriptor @desc of size @desc_size on the NTFS inode @ni. - */ -static int -ntfs_3g_set_security_descriptor(ntfs_inode *ni, const void *desc, size_t desc_size) -{ - struct SECURITY_CONTEXT sec_ctx; - u8 *desc_fixed; - int ret = 0; - - memset(&sec_ctx, 0, sizeof(sec_ctx)); - sec_ctx.vol = ni->vol; - - desc_fixed = sd_fixup(desc, &desc_size); - - if (ntfs_set_ntfs_acl(&sec_ctx, ni, desc_fixed, desc_size, 0)) - ret = WIMLIB_ERR_SET_SECURITY; - - if (desc_fixed != desc) - FREE(desc_fixed); - - return ret; -} - static int ntfs_3g_set_timestamps(ntfs_inode *ni, const struct wim_inode *inode) { @@ -298,14 +172,34 @@ ntfs_3g_restore_dos_name(ntfs_inode *ni, ntfs_inode *dir_ni, ret = -1; } utf16le_put_tstr(dos_name); - if (ret) { + if (unlikely(ret)) { + int err = errno; ERROR_WITH_ERRNO("Failed to set DOS name of \"%s\" in NTFS " "volume", dentry_full_path(dentry)); + if (err == EILSEQ) { + ERROR("This error may have been caused by a known " + "bug in libntfs-3g where it is unable to set " + "DOS names on files whose long names contain " + "unpaired surrogate characters. This bug " + "was fixed in NTFS-3G version 2017.3.23."); + } + if (err == EINVAL) { + utf16lechar c = + dentry->d_name[dentry->d_name_nbytes / 2 - 1]; + if (c == cpu_to_le16('.') || c == cpu_to_le16(' ')) { + ERROR("This error was probably caused by a " + "known bug in libntfs-3g where it is " + "unable to set DOS names on files whose " + "long names end with a dot or space " + "character. This bug was fixed in " + "NTFS-3G version 2017.3.23."); + } + } ret = WIMLIB_ERR_SET_SHORT_NAME; goto out_close; } - /* Unlike most other NTFS-3g functions, ntfs_set_ntfs_dos_name() + /* Unlike most other NTFS-3G functions, ntfs_set_ntfs_dos_name() * changes the directory's last modification timestamp... * Change it back. */ return ntfs_3g_restore_timestamps(vol, dentry->d_parent->d_inode); @@ -320,33 +214,84 @@ out_close: return ret; } +static int +ntfs_3g_restore_reparse_point(ntfs_inode *ni, const struct wim_inode *inode, + unsigned blob_size, struct ntfs_3g_apply_ctx *ctx) +{ + complete_reparse_point(&ctx->rpbuf, inode, blob_size); + + if (ntfs_set_ntfs_reparse_data(ni, (const char *)&ctx->rpbuf, + REPARSE_DATA_OFFSET + blob_size, 0)) + { + int err = errno; + ERROR_WITH_ERRNO("Failed to set reparse data on \"%s\"", + dentry_full_path( + inode_first_extraction_dentry(inode))); + if (err == EINVAL && !(inode->i_reparse_tag & 0x80000000)) { + WARNING("This reparse point had a non-Microsoft reparse " + "tag. The preceding error may have been caused " + "by a known bug in libntfs-3g where it does not " + "correctly validate non-Microsoft reparse " + "points. This bug was fixed in NTFS-3G version " + "2016.2.22."); + } + return WIMLIB_ERR_SET_REPARSE_DATA; + } + + return 0; +} + +static bool +ntfs_3g_has_empty_attributes(const struct wim_inode *inode) +{ + for (unsigned i = 0; i < inode->i_num_streams; i++) { + const struct wim_inode_stream *strm = &inode->i_streams[i]; + + if (stream_blob_resolved(strm) == NULL && + (strm->stream_type == STREAM_TYPE_REPARSE_POINT || + stream_is_named_data_stream(strm))) + return true; + } + return false; +} + /* - * Create empty named data streams for the specified file, if there are any. + * Create empty attributes (named data streams and potentially a reparse point) + * for the specified file, if there are any. * * Since these won't have blob descriptors, they won't show up in the call to * extract_blob_list(). Hence the need for the special case. + * + * Keep this in sync with ntfs_3g_has_empty_attributes()! */ static int -ntfs_3g_create_empty_named_data_streams(ntfs_inode *ni, - const struct wim_inode *inode, - const struct ntfs_3g_apply_ctx *ctx) +ntfs_3g_create_empty_attributes(ntfs_inode *ni, + const struct wim_inode *inode, + struct ntfs_3g_apply_ctx *ctx) { for (unsigned i = 0; i < inode->i_num_streams; i++) { const struct wim_inode_stream *strm = &inode->i_streams[i]; + int ret; - if (!stream_is_named_data_stream(strm) || - stream_blob_resolved(strm) != NULL) + if (stream_blob_resolved(strm) != NULL) continue; - if (ntfs_attr_add(ni, AT_DATA, strm->stream_name, - utf16le_len_chars(strm->stream_name), - NULL, 0)) - { - ERROR_WITH_ERRNO("Failed to create named data stream " - "of \"%s\"", dentry_full_path( - inode_first_extraction_dentry(inode))); - return WIMLIB_ERR_NTFS_3G; + if (strm->stream_type == STREAM_TYPE_REPARSE_POINT) { + ret = ntfs_3g_restore_reparse_point(ni, inode, 0, ctx); + if (ret) + return ret; + } else if (stream_is_named_data_stream(strm)) { + if (ntfs_attr_add(ni, AT_DATA, strm->stream_name, + utf16le_len_chars(strm->stream_name), + NULL, 0)) + { + ERROR_WITH_ERRNO("Failed to create named data " + "stream of \"%s\"", + dentry_full_path( + inode_first_extraction_dentry(inode))); + return WIMLIB_ERR_NTFS_3G; + } } } return 0; @@ -367,13 +312,29 @@ ntfs_3g_set_metadata(ntfs_inode *ni, const struct wim_inode *inode, sd = wim_get_current_security_data(ctx->common.wim); one_dentry = inode_first_extraction_dentry(inode); + /* Object ID */ + { + u32 len; + const void *object_id = inode_get_object_id(inode, &len); + if (unlikely(object_id != NULL) && + ntfs_set_ntfs_object_id(ni, object_id, len, 0)) + { + if (errno == EEXIST) { + WARNING("Duplicate object ID on file \"%s\"", + dentry_full_path(one_dentry)); + } else { + ERROR_WITH_ERRNO("Failed to set object ID on " + "\"%s\" in NTFS volume", + dentry_full_path(one_dentry)); + return WIMLIB_ERR_NTFS_3G; + } + } + } + /* Attributes */ if (!(extract_flags & WIMLIB_EXTRACT_FLAG_NO_ATTRIBUTES)) { u32 attrib = inode->i_attributes; - attrib &= ~(FILE_ATTRIBUTE_SPARSE_FILE | - FILE_ATTRIBUTE_ENCRYPTED); - if (ntfs_set_ntfs_attrib(ni, (const char *)&attrib, sizeof(attrib), 0)) { @@ -388,24 +349,33 @@ ntfs_3g_set_metadata(ntfs_inode *ni, const struct wim_inode *inode, if (inode_has_security_descriptor(inode) && !(extract_flags & WIMLIB_EXTRACT_FLAG_NO_ACLS)) { + struct SECURITY_CONTEXT sec_ctx = { ctx->vol }; const void *desc; size_t desc_size; desc = sd->descriptors[inode->i_security_id]; desc_size = sd->sizes[inode->i_security_id]; - ret = ntfs_3g_set_security_descriptor(ni, desc, desc_size); - if (ret) { - if (wimlib_print_errors) { - ERROR_WITH_ERRNO("Failed to set security descriptor " - "on \"%s\" in NTFS volume", - dentry_full_path(one_dentry)); + ret = ntfs_set_ntfs_acl(&sec_ctx, ni, desc, desc_size, 0); + + if (unlikely(ret)) { + int err = errno; + ERROR_WITH_ERRNO("Failed to set security descriptor on " + "\"%s\" in NTFS volume", + dentry_full_path(one_dentry)); + if (err == EINVAL && wimlib_print_errors) { fprintf(wimlib_error_file, "The security descriptor is: "); print_byte_field(desc, desc_size, wimlib_error_file); - fprintf(wimlib_error_file, "\n"); + fprintf(wimlib_error_file, + "\n\nThis error occurred because libntfs-3g thinks " + "the security descriptor is invalid. There " + "are several known bugs with libntfs-3g's " + "security descriptor validation logic in older " + "versions. Please upgrade to NTFS-3G version " + "2016.2.22 or later if you haven't already.\n"); } - return ret; + return WIMLIB_ERR_SET_SECURITY; } } @@ -450,8 +420,6 @@ ntfs_3g_create_dirs_recursive(ntfs_inode *dir_ni, struct wim_dentry *dir, ret = report_file_created(&ctx->common); if (!ret) ret = ntfs_3g_set_metadata(ni, child->d_inode, ctx); - if (!ret) - ret = ntfs_3g_create_empty_named_data_streams(ni, child->d_inode, ctx); if (!ret) ret = ntfs_3g_create_dirs_recursive(ni, child, ctx); @@ -487,7 +455,9 @@ ntfs_3g_create_directories(struct wim_dentry *root, root->d_inode->i_mft_no = FILE_root; - ret = ntfs_3g_create_dirs_recursive(root_ni, root, ctx); + ret = ntfs_3g_set_metadata(root_ni, root->d_inode, ctx); + if (!ret) + ret = ntfs_3g_create_dirs_recursive(root_ni, root, ctx); if (ntfs_inode_close(root_ni) && !ret) { ERROR_WITH_ERRNO("Error closing root of NTFS volume"); @@ -496,18 +466,45 @@ ntfs_3g_create_directories(struct wim_dentry *root, if (ret) return ret; - /* Set the DOS name of any directory that has one. */ + /* Set the DOS name of any directory that has one. In addition, create + * empty attributes for directories that have them. Note that creating + * an empty reparse point attribute must happen *after* setting the DOS + * name in order to work around a case where ntfs_set_ntfs_dos_name() + * fails with EOPNOTSUPP. This bug was fixed in NTFS-3G version + * 2016.2.22. */ list_for_each_entry(dentry, dentry_list, d_extraction_list_node) { - if (!(dentry->d_inode->i_attributes & FILE_ATTRIBUTE_DIRECTORY)) - continue; - if (!dentry_has_short_name(dentry)) + const struct wim_inode *inode = dentry->d_inode; + + if (!(inode->i_attributes & FILE_ATTRIBUTE_DIRECTORY)) continue; - ret = ntfs_3g_restore_dos_name(NULL, NULL, dentry, ctx->vol); - if (ret) - return ret; - ret = report_file_created(&ctx->common); - if (ret) - return ret; + if (dentry_has_short_name(dentry)) { + ret = ntfs_3g_restore_dos_name(NULL, NULL, dentry, + ctx->vol); + if (ret) + return ret; + ret = report_file_created(&ctx->common); + if (ret) + return ret; + } + if (ntfs_3g_has_empty_attributes(inode)) { + ntfs_inode *ni; + + ret = WIMLIB_ERR_NTFS_3G; + ni = ntfs_inode_open(ctx->vol, inode->i_mft_no); + if (ni) { + ret = ntfs_3g_create_empty_attributes(ni, inode, + ctx); + if (ntfs_inode_close(ni) && !ret) + ret = WIMLIB_ERR_NTFS_3G; + } + if (ret) { + ERROR_WITH_ERRNO("Failed to create empty " + "attributes of directory " + "\"%s\" in NTFS volume", + dentry_full_path(dentry)); + return ret; + } + } } return 0; } @@ -563,7 +560,7 @@ fail: static int ntfs_3g_create_nondirectory(struct wim_inode *inode, - const struct ntfs_3g_apply_ctx *ctx) + struct ntfs_3g_apply_ctx *ctx) { struct wim_dentry *first_dentry; ntfs_inode *dir_ni; @@ -636,7 +633,7 @@ ntfs_3g_create_nondirectory(struct wim_inode *inode, if (ret) goto out_close_ni; - ret = ntfs_3g_create_empty_named_data_streams(ni, inode, ctx); + ret = ntfs_3g_create_empty_attributes(ni, inode, ctx); out_close_ni: /* Close the inode. */ @@ -684,8 +681,9 @@ ntfs_3g_begin_extract_blob_instance(struct blob_descriptor *blob, struct ntfs_3g_apply_ctx *ctx) { struct wim_dentry *one_dentry = inode_first_extraction_dentry(inode); + ntfschar *stream_name; size_t stream_name_nchars; - ntfs_attr *attr; + ntfs_attr *na; if (unlikely(strm->stream_type == STREAM_TYPE_REPARSE_POINT)) { @@ -706,29 +704,55 @@ ntfs_3g_begin_extract_blob_instance(struct blob_descriptor *blob, /* It's a data stream (may be unnamed or named). */ wimlib_assert(strm->stream_type == STREAM_TYPE_DATA); - stream_name_nchars = utf16le_len_chars(strm->stream_name); + if (unlikely(stream_is_named(strm))) { + stream_name = strm->stream_name; + stream_name_nchars = utf16le_len_chars(stream_name); - if (stream_name_nchars && - (ntfs_attr_add(ni, AT_DATA, strm->stream_name, - stream_name_nchars, NULL, 0))) - { - ERROR_WITH_ERRNO("Failed to create named data stream of \"%s\"", - dentry_full_path(one_dentry)); - return WIMLIB_ERR_NTFS_3G; + if (ntfs_attr_add(ni, AT_DATA, stream_name, + stream_name_nchars, NULL, 0)) + { + ERROR_WITH_ERRNO("Failed to create named data stream of \"%s\"", + dentry_full_path(one_dentry)); + return WIMLIB_ERR_NTFS_3G; + } + } else { + /* Don't pass an empty string other than AT_UNNAMED to + * ntfs_attr_open() --- it violates assumptions made by + * libntfs-3g. */ + stream_name = AT_UNNAMED; + stream_name_nchars = 0; } /* This should be ensured by extract_blob_list() */ wimlib_assert(ctx->num_open_attrs < MAX_OPEN_FILES); - attr = ntfs_attr_open(ni, AT_DATA, strm->stream_name, - stream_name_nchars); - if (!attr) { + na = ntfs_attr_open(ni, AT_DATA, stream_name, stream_name_nchars); + if (!na) { ERROR_WITH_ERRNO("Failed to open data stream of \"%s\"", dentry_full_path(one_dentry)); return WIMLIB_ERR_NTFS_3G; } - ctx->open_attrs[ctx->num_open_attrs++] = attr; - ntfs_attr_truncate_solid(attr, blob->size); + + /* + * Note: there are problems with trying to combine compression with + * sparseness when extracting. For example, doing ntfs_attr_truncate() + * at the end to extend the attribute to its final size actually extends + * to a compression block size boundary rather than to the requested + * size. Until these problems are solved, we always write the full data + * to compressed attributes. We also don't attempt to preallocate space + * for compressed attributes, since we don't know how much space they + * are going to actually need. + */ + ctx->is_sparse_attr[ctx->num_open_attrs] = false; + if (!(na->data_flags & ATTR_COMPRESSION_MASK)) { + if (inode->i_attributes & FILE_ATTRIBUTE_SPARSE_FILE) { + ctx->is_sparse_attr[ctx->num_open_attrs] = true; + ctx->any_sparse_attrs = true; + } else { + ntfs_attr_truncate_solid(na, blob->size); + } + } + ctx->open_attrs[ctx->num_open_attrs++] = na; return 0; } @@ -751,7 +775,7 @@ ntfs_3g_cleanup_blob_extract(struct ntfs_3g_apply_ctx *ctx) } ctx->num_open_inodes = 0; - ctx->offset = 0; + ctx->any_sparse_attrs = false; ctx->reparse_ptr = NULL; ctx->num_reparse_inodes = 0; return ret; @@ -767,8 +791,7 @@ ntfs_3g_open_inode(struct wim_inode *inode, struct ntfs_3g_apply_ctx *ctx) if (unlikely(inode->i_num_streams > 1)) { for (unsigned i = 0; i < ctx->num_open_inodes; i++) { if (ctx->open_inodes[i]->mft_no == inode->i_mft_no) { - ni = ctx->open_inodes[i]; - goto have_inode; + return ctx->open_inodes[i]; } } } @@ -781,7 +804,6 @@ ntfs_3g_open_inode(struct wim_inode *inode, struct ntfs_3g_apply_ctx *ctx) return NULL; } -have_inode: ctx->open_inodes[ctx->num_open_inodes++] = ni; return ni; } @@ -815,24 +837,63 @@ out: return ret; } +/* + * Note: prior to NTFS-3G version 2016.2.22, ntfs_attr_pwrite() could return a + * short count in non-error cases, contrary to its documentation. Specifically, + * a short count could be returned when writing to a compressed attribute and + * the requested count exceeded the size of an NTFS "compression block". + * Therefore, we must continue calling ntfs_attr_pwrite() until all bytes have + * been written or a real error has occurred. + */ +static bool +ntfs_3g_full_pwrite(ntfs_attr *na, u64 offset, size_t size, const u8 *data) +{ + while (size) { + s64 res = ntfs_attr_pwrite(na, offset, size, data); + if (unlikely(res <= 0)) + return false; + wimlib_assert(res <= size); + offset += res; + size -= res; + data += res; + } + return true; +} + static int -ntfs_3g_extract_chunk(const void *chunk, size_t size, void *_ctx) +ntfs_3g_extract_chunk(const struct blob_descriptor *blob, u64 offset, + const void *chunk, size_t size, void *_ctx) { struct ntfs_3g_apply_ctx *ctx = _ctx; - s64 res; - - for (unsigned i = 0; i < ctx->num_open_attrs; i++) { - res = ntfs_attr_pwrite(ctx->open_attrs[i], - ctx->offset, size, chunk); - if (res != size) { - ERROR_WITH_ERRNO("Error writing data to NTFS volume"); - return WIMLIB_ERR_NTFS_3G; + const void * const end = chunk + size; + const void *p; + bool zeroes; + size_t len; + unsigned i; + + /* + * For sparse attributes, only write nonzero regions. This lets the + * filesystem use holes to represent zero regions. + */ + for (p = chunk; p != end; p += len, offset += len) { + zeroes = maybe_detect_sparse_region(p, end - p, &len, + ctx->any_sparse_attrs); + for (i = 0; i < ctx->num_open_attrs; i++) { + if (!zeroes || !ctx->is_sparse_attr[i]) { + if (!ntfs_3g_full_pwrite(ctx->open_attrs[i], + offset, len, p)) + goto err; + } } } + if (ctx->reparse_ptr) ctx->reparse_ptr = mempcpy(ctx->reparse_ptr, chunk, size); - ctx->offset += size; return 0; + +err: + ERROR_WITH_ERRNO("Error writing data to NTFS volume"); + return WIMLIB_ERR_NTFS_3G; } static int @@ -846,23 +907,27 @@ ntfs_3g_end_extract_blob(struct blob_descriptor *blob, int status, void *_ctx) goto out; } - for (u32 i = 0; i < ctx->num_reparse_inodes; i++) { - struct wim_inode *inode = ctx->wim_reparse_inodes[i]; - - complete_reparse_point(&ctx->rpbuf, inode, blob->size); + /* Extend sparse attributes to their final size. */ + if (ctx->any_sparse_attrs) { + for (unsigned i = 0; i < ctx->num_open_attrs; i++) { + if (!ctx->is_sparse_attr[i]) + continue; + if (ntfs_attr_truncate(ctx->open_attrs[i], blob->size)) + { + ERROR_WITH_ERRNO("Error extending attribute to " + "final size"); + ret = WIMLIB_ERR_WRITE; + goto out; + } + } + } - if (ntfs_set_ntfs_reparse_data(ctx->ntfs_reparse_inodes[i], - (const char *)&ctx->rpbuf, - REPARSE_DATA_OFFSET + blob->size, - 0)) - { - ERROR_WITH_ERRNO("Failed to set reparse " - "data on \"%s\"", - dentry_full_path( - inode_first_extraction_dentry(inode))); - ret = WIMLIB_ERR_SET_REPARSE_DATA; + for (u32 i = 0; i < ctx->num_reparse_inodes; i++) { + ret = ntfs_3g_restore_reparse_point(ctx->ntfs_reparse_inodes[i], + ctx->wim_reparse_inodes[i], + blob->size, ctx); + if (ret) goto out; - } } ret = 0; out: @@ -899,7 +964,7 @@ ntfs_3g_extract(struct list_head *dentry_list, struct apply_ctx *_ctx) struct wim_dentry *root; int ret; - /* For NTFS-3g extraction mode we require that the dentries to extract + /* For NTFS-3G extraction mode we require that the dentries to extract * form a single tree. */ root = list_first_entry(dentry_list, struct wim_dentry, d_extraction_list_node); @@ -907,12 +972,22 @@ ntfs_3g_extract(struct list_head *dentry_list, struct apply_ctx *_ctx) /* Mount the NTFS volume. */ vol = ntfs_mount(ctx->common.target, 0); if (!vol) { - ERROR_WITH_ERRNO("Failed to mount \"%s\" with NTFS-3g", + ERROR_WITH_ERRNO("Failed to mount \"%s\" with NTFS-3G", ctx->common.target); return WIMLIB_ERR_NTFS_3G; } ctx->vol = vol; + /* Opening $Secure is required to set security descriptors in NTFS v3.0 + * format, where security descriptors are stored in a per-volume index + * rather than being fully specified for each file. */ + if (ntfs_open_secure(vol) && vol->major_ver >= 3) { + ERROR_WITH_ERRNO("Unable to open security descriptor index of " + "NTFS volume \"%s\"", ctx->common.target); + ret = WIMLIB_ERR_NTFS_3G; + goto out_unmount; + } + /* Create all inodes and aliases, including short names, and set * metadata (attributes, security descriptors, and timestamps). */ @@ -936,7 +1011,7 @@ ntfs_3g_extract(struct list_head *dentry_list, struct apply_ctx *_ctx) /* Extract blobs. */ struct read_blob_callbacks cbs = { .begin_blob = ntfs_3g_begin_extract_blob, - .consume_chunk = ntfs_3g_extract_chunk, + .continue_blob = ntfs_3g_extract_chunk, .end_blob = ntfs_3g_end_extract_blob, .ctx = ctx, }; @@ -947,8 +1022,19 @@ ntfs_3g_extract(struct list_head *dentry_list, struct apply_ctx *_ctx) * ntfs_set_ntfs_dos_name() does, but we handle this elsewhere). */ out_unmount: + if (vol->secure_ni) { + ntfs_index_ctx_put(vol->secure_xsii); + ntfs_index_ctx_put(vol->secure_xsdh); + if (ntfs_inode_close(vol->secure_ni) && !ret) { + ERROR_WITH_ERRNO("Failed to close security descriptor " + "index of NTFS volume \"%s\"", + ctx->common.target); + ret = WIMLIB_ERR_NTFS_3G; + } + vol->secure_ni = NULL; + } if (ntfs_umount(ctx->vol, FALSE) && !ret) { - ERROR_WITH_ERRNO("Failed to unmount \"%s\" with NTFS-3g", + ERROR_WITH_ERRNO("Failed to unmount \"%s\" with NTFS-3G", ctx->common.target); ret = WIMLIB_ERR_NTFS_3G; } @@ -956,15 +1042,9 @@ out_unmount: } const struct apply_operations ntfs_3g_apply_ops = { - .name = "NTFS-3g", + .name = "NTFS-3G", .get_supported_features = ntfs_3g_get_supported_features, .extract = ntfs_3g_extract, .context_size = sizeof(struct ntfs_3g_apply_ctx), .single_tree_only = true, }; - -void -libntfs3g_global_init(void) -{ - ntfs_set_char_encoding(setlocale(LC_ALL, "")); -}