X-Git-Url: https://wimlib.net/git/?p=wimlib;a=blobdiff_plain;f=src%2Fwin32.c;h=e9bdeeb87ffd46a1278512a31240a3c32979bab3;hp=35026a56d258d38436dabb911a5ef30dc247fbaf;hb=ec37396062ce5fa23e40f5fe15108a94a3e88d3f;hpb=5873df008e648b9646b07c7d4eeda511adf92e28 diff --git a/src/win32.c b/src/win32.c index 35026a56..e9bdeeb8 100644 --- a/src/win32.c +++ b/src/win32.c @@ -29,7 +29,8 @@ #include #include #include -#include /* shlwapi.h for PathMatchSpecW() */ +#include /* for PathMatchSpecW() */ +#include /* for SetSecurityInfo() */ #ifdef ERROR /* windows.h defines this */ # undef ERROR #endif @@ -39,12 +40,14 @@ #include "lookup_table.h" #include "security.h" #include "endianness.h" +#include "buffer_io.h" #include #include #define MAX_GET_SD_ACCESS_DENIED_WARNINGS 1 #define MAX_GET_SACL_PRIV_NOTHELD_WARNINGS 1 +#define MAX_CREATE_HARD_LINK_WARNINGS 5 struct win32_capture_state { unsigned long num_get_sd_access_denied; unsigned long num_get_sacl_priv_notheld; @@ -392,22 +395,31 @@ static int win32_get_short_name(struct wim_dentry *dentry, const wchar_t *path) { WIN32_FIND_DATAW dat; - if (FindFirstFileW(path, &dat) && dat.cAlternateFileName[0] != L'\0') { - DEBUG("\"%ls\": short name \"%ls\"", path, dat.cAlternateFileName); - size_t short_name_nbytes = wcslen(dat.cAlternateFileName) * - sizeof(wchar_t); - size_t n = short_name_nbytes + sizeof(wchar_t); - dentry->short_name = MALLOC(n); - if (!dentry->short_name) - return WIMLIB_ERR_NOMEM; - memcpy(dentry->short_name, dat.cAlternateFileName, n); - dentry->short_name_nbytes = short_name_nbytes; - } + HANDLE hFind; + int ret = 0; + /* If we can't read the short filename for some reason, we just ignore * the error and assume the file has no short name. I don't think this * should be an issue, since the short names are essentially obsolete * anyway. */ - return 0; + hFind = FindFirstFileW(path, &dat); + if (hFind != INVALID_HANDLE_VALUE) { + if (dat.cAlternateFileName[0] != L'\0') { + DEBUG("\"%ls\": short name \"%ls\"", path, dat.cAlternateFileName); + size_t short_name_nbytes = wcslen(dat.cAlternateFileName) * + sizeof(wchar_t); + size_t n = short_name_nbytes + sizeof(wchar_t); + dentry->short_name = MALLOC(n); + if (dentry->short_name) { + memcpy(dentry->short_name, dat.cAlternateFileName, n); + dentry->short_name_nbytes = short_name_nbytes; + } else { + ret = WIMLIB_ERR_NOMEM; + } + } + FindClose(hFind); + } + return ret; } static int @@ -493,12 +505,7 @@ static int win32_build_dentry_tree_recursive(struct wim_dentry **root_ret, wchar_t *path, size_t path_num_chars, - struct wim_lookup_table *lookup_table, - struct wim_inode_table *inode_table, - struct sd_set *sd_set, - const struct wimlib_capture_config *config, - int add_image_flags, - wimlib_progress_func_t progress_func, + struct add_image_params *params, struct win32_capture_state *state, unsigned vol_flags); @@ -508,12 +515,7 @@ static int win32_recurse_directory(struct wim_dentry *root, wchar_t *dir_path, size_t dir_path_num_chars, - struct wim_lookup_table *lookup_table, - struct wim_inode_table *inode_table, - struct sd_set *sd_set, - const struct wimlib_capture_config *config, - int add_image_flags, - wimlib_progress_func_t progress_func, + struct add_image_params *params, struct win32_capture_state *state, unsigned vol_flags) { @@ -564,12 +566,7 @@ win32_recurse_directory(struct wim_dentry *root, ret = win32_build_dentry_tree_recursive(&child, dir_path, path_len, - lookup_table, - inode_table, - sd_set, - config, - add_image_flags, - progress_func, + params, state, vol_flags); dir_path[dir_path_num_chars] = L'\0'; @@ -590,56 +587,258 @@ out_find_close: return ret; } -/* Load a reparse point into a WIM inode. It is just stored in memory. - * - * @hFile: Open handle to a reparse point, with permission to read the reparse - * data. - * - * @inode: WIM inode for the reparse point. - * - * @lookup_table: Stream lookup table for the WIM; an entry will be added to it - * for the reparse point unless an entry already exists for - * the exact same data stream. +int +win32_get_file_and_vol_ids(const wchar_t *path, u64 *ino_ret, u64 *dev_ret) +{ + HANDLE hFile; + DWORD err; + BY_HANDLE_FILE_INFORMATION file_info; + int ret; + + hFile = win32_open_existing_file(path, FILE_READ_ATTRIBUTES); + if (hFile == INVALID_HANDLE_VALUE) { + err = GetLastError(); + WARNING("Failed to open \"%ls\" to get file and volume IDs", + path); + win32_error(err); + return WIMLIB_ERR_OPEN; + } + + if (!GetFileInformationByHandle(hFile, &file_info)) { + err = GetLastError(); + ERROR("Failed to get file information for \"%ls\"", path); + win32_error(err); + ret = WIMLIB_ERR_STAT; + } else { + *ino_ret = ((u64)file_info.nFileIndexHigh << 32) | + (u64)file_info.nFileIndexLow; + *dev_ret = file_info.dwVolumeSerialNumber; + ret = 0; + } + CloseHandle(hFile); + return ret; +} + +/* Reparse point fixup status code */ +enum rp_status { + /* Reparse point corresponded to an absolute symbolic link or junction + * point that pointed outside the directory tree being captured, and + * therefore was excluded. */ + RP_EXCLUDED = 0x0, + + /* Reparse point was not fixed as it was either a relative symbolic + * link, a mount point, or something else we could not understand. */ + RP_NOT_FIXED = 0x1, + + /* Reparse point corresponded to an absolute symbolic link or junction + * point that pointed inside the directory tree being captured, where + * the target was specified by a "full" \??\ prefixed path, and + * therefore was fixed to be relative to the root of the directory tree + * being captured. */ + RP_FIXED_FULLPATH = 0x2, + + /* Same as RP_FIXED_FULLPATH, except the absolute link target did not + * have the \??\ prefix. It may have begun with a drive letter though. + * */ + RP_FIXED_ABSPATH = 0x4, + + /* Either RP_FIXED_FULLPATH or RP_FIXED_ABSPATH. */ + RP_FIXED = RP_FIXED_FULLPATH | RP_FIXED_ABSPATH, +}; + +/* Given the "substitute name" target of a Windows reparse point, try doing a + * fixup where we change it to be absolute relative to the root of the directory + * tree being captured. * - * @path: External path to the reparse point. Used for error messages only. + * Note that this is only executed when WIMLIB_ADD_IMAGE_FLAG_RPFIX has been + * set. * - * Returns 0 on success; nonzero on failure. */ -static int -win32_capture_reparse_point(HANDLE hFile, - struct wim_inode *inode, - struct wim_lookup_table *lookup_table, - const wchar_t *path) + * @capture_root_ino and @capture_root_dev indicate the inode number and device + * of the root of the directory tree being captured. They are meant to identify + * this directory (as an alternative to its actual path, which could potentially + * be reached via multiple destinations due to other symbolic links). This may + * not work properly on FAT, which doesn't seem to supply proper inode numbers + * or file IDs. However, FAT doesn't support reparse points so this function + * wouldn't even be called anyway. */ +static enum rp_status +win32_maybe_rpfix_target(wchar_t *target, size_t *target_nchars_p, + u64 capture_root_ino, u64 capture_root_dev) { - DEBUG("Capturing reparse point \"%ls\"", path); + size_t target_nchars= *target_nchars_p; + size_t stripped_chars; + wchar_t *orig_target; + + if (target_nchars == 0) + /* Invalid reparse point (empty target) */ + return RP_NOT_FIXED; + + if (target[0] == L'\\') { + if (target_nchars >= 2 && target[1] == L'\\') { + /* Probably a volume. Can't do anything with it. */ + DEBUG("Not fixing target (probably a volume)"); + return RP_NOT_FIXED; + } else if (target_nchars >= 7 && + target[1] == '?' && + target[2] == '?' && + target[3] == '\\' && + target[4] != '\0' && + target[5] == ':' && + target[6] == '\\') + { + DEBUG("Full style path"); + /* Full \??\x:\ style path (may be junction or symlink) + * */ + stripped_chars = 6; + } else { + DEBUG("Absolute target without drive letter"); + /* Absolute target, without drive letter */ + stripped_chars = 0; + } + } else if (target_nchars >= 3 && + target[0] != L'\0' && + target[1] == L':' && + target[2] == L'\\') + { + DEBUG("Absolute target with drive letter"); + /* Absolute target, with drive letter */ + stripped_chars = 2; + } else { + DEBUG("Relative symlink or other link"); + /* Relative symlink or other unexpected format */ + return RP_NOT_FIXED; + } + target[target_nchars] = L'\0'; + orig_target = target; + target = fixup_symlink(target + stripped_chars, capture_root_ino, capture_root_dev); + if (!target) + return RP_EXCLUDED; + target_nchars = wcslen(target); + wmemmove(orig_target + stripped_chars, target, target_nchars + 1); + *target_nchars_p = target_nchars + stripped_chars; + DEBUG("Fixed reparse point (new target: \"%ls\")", orig_target); + if (stripped_chars == 6) + return RP_FIXED_FULLPATH; + else + return RP_FIXED_ABSPATH; +} + +static enum rp_status +win32_try_capture_rpfix(char *rpbuf, DWORD *rpbuflen_p, + u64 capture_root_ino, u64 capture_root_dev) +{ + const char *p_get; + char *p_put; + u16 substitute_name_offset; + u16 substitute_name_len; + wchar_t *target; + size_t target_nchars; + enum rp_status status; + u32 rptag; + DWORD rpbuflen = *rpbuflen_p; + + if (rpbuflen < 16) /* Invalid reparse point (length too small) */ + return RP_NOT_FIXED; + p_get = get_u32(rpbuf, &rptag); + p_get += 4; + p_get = get_u16(p_get, &substitute_name_offset); + p_get = get_u16(p_get, &substitute_name_len); + p_get += 4; + if (rptag == WIM_IO_REPARSE_TAG_SYMLINK) { + if (rpbuflen < 20) /* Invalid reparse point (length too small) */ + return RP_NOT_FIXED; + p_get += 4; + } + if ((DWORD)substitute_name_offset + + substitute_name_len + (p_get - rpbuf) > rpbuflen) + /* Invalid reparse point (length too small) */ + return RP_NOT_FIXED; + + target = (wchar_t*)&p_get[substitute_name_offset]; + target_nchars = substitute_name_len / 2; + /* Note: target is not necessarily null-terminated */ + + status = win32_maybe_rpfix_target(target, &target_nchars, + capture_root_ino, capture_root_dev); + if (status & RP_FIXED) { + size_t target_nbytes = target_nchars * 2; + size_t print_nbytes = target_nbytes; + wchar_t target_copy[target_nchars]; + wchar_t *print_name = target_copy; + + if (status == RP_FIXED_FULLPATH) { + /* "full path", meaning \??\ prefixed. We should not + * include this prefix in the print name, as it is + * apparently meant for the filesystem driver only. */ + print_nbytes -= 8; + print_name += 4; + } + wmemcpy(target_copy, target, target_nchars); + p_put = rpbuf + 8; + p_put = put_u16(p_put, 0); /* Substitute name offset */ + p_put = put_u16(p_put, target_nbytes); /* Substitute name length */ + p_put = put_u16(p_put, target_nbytes + 2); /* Print name offset */ + p_put = put_u16(p_put, print_nbytes); /* Print name length */ + if (rptag == WIM_IO_REPARSE_TAG_SYMLINK) + p_put = put_u32(p_put, 1); + p_put = put_bytes(p_put, target_nbytes, target_copy); + p_put = put_u16(p_put, 0); + p_put = put_bytes(p_put, print_nbytes, print_name); + p_put = put_u16(p_put, 0); + + /* Wrote the end of the reparse data. Recalculate the length, + * set the length field correctly, and return it. */ + rpbuflen = p_put - rpbuf; + put_u16(rpbuf + 4, rpbuflen - 8); + *rpbuflen_p = rpbuflen; + } + return status; +} - /* "Reparse point data, including the tag and optional GUID, - * cannot exceed 16 kilobytes." - MSDN */ - char reparse_point_buf[16 * 1024]; +static int +win32_get_reparse_data(HANDLE hFile, const wchar_t *path, + struct add_image_params *params, + void *reparse_data, size_t *reparse_data_len_ret) +{ DWORD bytesReturned; + u32 reparse_tag; + enum rp_status status; + DEBUG("Loading reparse data from \"%ls\"", path); if (!DeviceIoControl(hFile, FSCTL_GET_REPARSE_POINT, NULL, /* "Not used with this operation; set to NULL" */ 0, /* "Not used with this operation; set to 0" */ - reparse_point_buf, /* "A pointer to a buffer that + reparse_data, /* "A pointer to a buffer that receives the reparse point data */ - sizeof(reparse_point_buf), /* "The size of the output - buffer, in bytes */ + REPARSE_POINT_MAX_SIZE, /* "The size of the output + buffer, in bytes */ &bytesReturned, NULL)) { DWORD err = GetLastError(); ERROR("Failed to get reparse data of \"%ls\"", path); win32_error(err); - return WIMLIB_ERR_READ; + return -WIMLIB_ERR_READ; } if (bytesReturned < 8) { ERROR("Reparse data on \"%ls\" is invalid", path); - return WIMLIB_ERR_READ; + return -WIMLIB_ERR_READ; } - inode->i_reparse_tag = le32_to_cpu(*(u32*)reparse_point_buf); - return inode_add_ads_with_data(inode, L"", - reparse_point_buf + 8, - bytesReturned - 8, lookup_table); + + reparse_tag = le32_to_cpu(*(u32*)reparse_data); + if (params->add_image_flags & WIMLIB_ADD_IMAGE_FLAG_RPFIX && + (reparse_tag == WIM_IO_REPARSE_TAG_SYMLINK || + reparse_tag == WIM_IO_REPARSE_TAG_MOUNT_POINT)) + { + /* Try doing reparse point fixup */ + status = win32_try_capture_rpfix(reparse_data, + &bytesReturned, + params->capture_root_ino, + params->capture_root_dev); + } else { + status = RP_NOT_FIXED; + } + *reparse_data_len_ret = bytesReturned; + return status; } /* Scans an unnamed or named stream of a Win32 file (not a reparse point @@ -711,6 +910,12 @@ win32_capture_stream(const wchar_t *path, } } + /* If zero length stream, no lookup table entry needed. */ + if ((u64)dat->StreamSize.QuadPart == 0) { + ret = 0; + goto out; + } + /* Create a UTF-16LE string @spath that gives the filename, then a * colon, then the stream name. Or, if it's an unnamed stream, just the * filename. It is MALLOC()'ed so that it can be saved in the @@ -884,12 +1089,7 @@ static int win32_build_dentry_tree_recursive(struct wim_dentry **root_ret, wchar_t *path, size_t path_num_chars, - struct wim_lookup_table *lookup_table, - struct wim_inode_table *inode_table, - struct sd_set *sd_set, - const struct wimlib_capture_config *config, - int add_image_flags, - wimlib_progress_func_t progress_func, + struct add_image_params *params, struct win32_capture_state *state, unsigned vol_flags) { @@ -897,32 +1097,36 @@ win32_build_dentry_tree_recursive(struct wim_dentry **root_ret, struct wim_inode *inode; DWORD err; u64 file_size; - int ret = 0; + int ret; + void *reparse_data; + size_t reparse_data_len; + u16 not_rpfixed; - if (exclude_path(path, path_num_chars, config, true)) { - if (add_image_flags & WIMLIB_ADD_IMAGE_FLAG_ROOT) { + if (exclude_path(path, path_num_chars, params->config, true)) { + if (params->add_image_flags & WIMLIB_ADD_IMAGE_FLAG_ROOT) { ERROR("Cannot exclude the root directory from capture"); ret = WIMLIB_ERR_INVALID_CAPTURE_CONFIG; goto out; } - if ((add_image_flags & WIMLIB_ADD_IMAGE_FLAG_EXCLUDE_VERBOSE) - && progress_func) + if ((params->add_image_flags & WIMLIB_ADD_IMAGE_FLAG_EXCLUDE_VERBOSE) + && params->progress_func) { union wimlib_progress_info info; info.scan.cur_path = path; info.scan.excluded = true; - progress_func(WIMLIB_PROGRESS_MSG_SCAN_DENTRY, &info); + params->progress_func(WIMLIB_PROGRESS_MSG_SCAN_DENTRY, &info); } + ret = 0; goto out; } - if ((add_image_flags & WIMLIB_ADD_IMAGE_FLAG_VERBOSE) - && progress_func) + if ((params->add_image_flags & WIMLIB_ADD_IMAGE_FLAG_VERBOSE) + && params->progress_func) { union wimlib_progress_info info; info.scan.cur_path = path; info.scan.excluded = false; - progress_func(WIMLIB_PROGRESS_MSG_SCAN_DENTRY, &info); + params->progress_func(WIMLIB_PROGRESS_MSG_SCAN_DENTRY, &info); } HANDLE hFile = win32_open_existing_file(path, @@ -945,12 +1149,37 @@ win32_build_dentry_tree_recursive(struct wim_dentry **root_ret, goto out_close_handle; } - /* Create a WIM dentry with an associated inode, which may be shared */ - ret = inode_table_new_dentry(inode_table, + if (file_info.dwFileAttributes & FILE_ATTRIBUTE_REPARSE_POINT) { + reparse_data = alloca(REPARSE_POINT_MAX_SIZE); + ret = win32_get_reparse_data(hFile, path, params, + reparse_data, &reparse_data_len); + if (ret < 0) { + /* WIMLIB_ERR_* (inverted) */ + ret = -ret; + goto out_close_handle; + } else if (ret & RP_FIXED) { + not_rpfixed = 0; + } else if (ret == RP_EXCLUDED) { + ret = 0; + goto out_close_handle; + } else { + not_rpfixed = 1; + } + } + + /* Create a WIM dentry with an associated inode, which may be shared. + * + * However, we need to explicitly check for directories and files with + * only 1 link and refuse to hard link them. This is because Windows + * has a bug where it can return duplicate File IDs for files and + * directories on the FAT filesystem. */ + ret = inode_table_new_dentry(params->inode_table, path_basename_with_len(path, path_num_chars), ((u64)file_info.nFileIndexHigh << 32) | - (u64)file_info.nFileIndexLow, + (u64)file_info.nFileIndexLow, file_info.dwVolumeSerialNumber, + (file_info.nNumberOfLinks <= 1 || + (file_info.dwFileAttributes & FILE_ATTRIBUTE_DIRECTORY)), &root); if (ret) goto out_close_handle; @@ -970,13 +1199,14 @@ win32_build_dentry_tree_recursive(struct wim_dentry **root_ret, inode->i_last_access_time = FILETIME_to_u64(&file_info.ftLastAccessTime); inode->i_resolved = 1; - add_image_flags &= ~(WIMLIB_ADD_IMAGE_FLAG_ROOT | WIMLIB_ADD_IMAGE_FLAG_SOURCE); + params->add_image_flags &= ~(WIMLIB_ADD_IMAGE_FLAG_ROOT | WIMLIB_ADD_IMAGE_FLAG_SOURCE); - if (!(add_image_flags & WIMLIB_ADD_IMAGE_FLAG_NO_ACLS) + if (!(params->add_image_flags & WIMLIB_ADD_IMAGE_FLAG_NO_ACLS) && (vol_flags & FILE_PERSISTENT_ACLS)) { - ret = win32_get_security_descriptor(root, sd_set, path, state, - add_image_flags); + ret = win32_get_security_descriptor(root, params->sd_set, + path, state, + params->add_image_flags); if (ret) goto out_close_handle; } @@ -984,47 +1214,33 @@ win32_build_dentry_tree_recursive(struct wim_dentry **root_ret, file_size = ((u64)file_info.nFileSizeHigh << 32) | (u64)file_info.nFileSizeLow; - if (inode_is_directory(inode)) { - /* Directory (not a reparse point) --- recurse to children */ + /* Capture the unnamed data stream (only should be present for regular + * files) and any alternate data streams. */ + ret = win32_capture_streams(path, + path_num_chars, + inode, + params->lookup_table, + file_size, + vol_flags); + if (ret) + goto out_close_handle; - /* But first... directories may have alternate data streams that - * need to be captured. */ - ret = win32_capture_streams(path, - path_num_chars, - inode, - lookup_table, - file_size, - vol_flags); - if (ret) - goto out_close_handle; + if (inode->i_attributes & FILE_ATTRIBUTE_REPARSE_POINT) { + /* Reparse point: set the reparse data (which we read already) + * */ + inode->i_not_rpfixed = not_rpfixed; + inode->i_reparse_tag = le32_to_cpu(*(u32*)reparse_data); + ret = inode_set_unnamed_stream(inode, reparse_data + 8, + reparse_data_len - 8, + params->lookup_table); + } else if (inode->i_attributes & FILE_ATTRIBUTE_DIRECTORY) { + /* Directory (not a reparse point) --- recurse to children */ ret = win32_recurse_directory(root, path, path_num_chars, - lookup_table, - inode_table, - sd_set, - config, - add_image_flags, - progress_func, + params, state, vol_flags); - } else if (inode->i_attributes & FILE_ATTRIBUTE_REPARSE_POINT) { - /* Reparse point: save the reparse tag and data. Alternate data - * streams are not captured, if it's even possible for a reparse - * point to have alternate data streams... */ - ret = win32_capture_reparse_point(hFile, - inode, - lookup_table, - path); - } else { - /* Not a directory, not a reparse point; capture the default - * file contents and any alternate data streams. */ - ret = win32_capture_streams(path, - path_num_chars, - inode, - lookup_table, - file_size, - vol_flags); } out_close_handle: CloseHandle(hFile); @@ -1032,7 +1248,7 @@ out: if (ret == 0) *root_ret = root; else - free_dentry_tree(root, lookup_table); + free_dentry_tree(root, params->lookup_table); return ret; } @@ -1072,13 +1288,7 @@ win32_do_capture_warnings(const struct win32_capture_state *state, int win32_build_dentry_tree(struct wim_dentry **root_ret, const wchar_t *root_disk_path, - struct wim_lookup_table *lookup_table, - struct wim_inode_table *inode_table, - struct sd_set *sd_set, - const struct wimlib_capture_config *config, - int add_image_flags, - wimlib_progress_func_t progress_func, - void *extra_arg) + struct add_image_params *params) { size_t path_nchars; wchar_t *path; @@ -1086,10 +1296,17 @@ win32_build_dentry_tree(struct wim_dentry **root_ret, struct win32_capture_state state; unsigned vol_flags; + path_nchars = wcslen(root_disk_path); if (path_nchars > 32767) return WIMLIB_ERR_INVALID_PARAM; + ret = win32_get_file_and_vol_ids(root_disk_path, + ¶ms->capture_root_ino, + ¶ms->capture_root_dev); + if (ret) + return ret; + win32_get_vol_flags(root_disk_path, &vol_flags); /* There is no check for overflow later when this buffer is being used! @@ -1103,20 +1320,12 @@ win32_build_dentry_tree(struct wim_dentry **root_ret, wmemcpy(path, root_disk_path, path_nchars + 1); memset(&state, 0, sizeof(state)); - ret = win32_build_dentry_tree_recursive(root_ret, - path, - path_nchars, - lookup_table, - inode_table, - sd_set, - config, - add_image_flags, - progress_func, - &state, - vol_flags); + ret = win32_build_dentry_tree_recursive(root_ret, path, + path_nchars, params, + &state, vol_flags); FREE(path); if (ret == 0) - win32_do_capture_warnings(&state, add_image_flags); + win32_do_capture_warnings(&state, params->add_image_flags); return ret; } @@ -1182,15 +1391,20 @@ win32_set_reparse_data(HANDLE h, DWORD err = GetLastError(); ERROR("Failed to set reparse data on \"%ls\"", path); win32_error(err); - return WIMLIB_ERR_WRITE; + if (err == ERROR_ACCESS_DENIED || err == ERROR_PRIVILEGE_NOT_HELD) + return WIMLIB_ERR_INSUFFICIENT_PRIVILEGES_TO_EXTRACT; + else if (reparse_tag == WIM_IO_REPARSE_TAG_SYMLINK || + reparse_tag == WIM_IO_REPARSE_TAG_MOUNT_POINT) + return WIMLIB_ERR_LINK; + else + return WIMLIB_ERR_WRITE; } return 0; } static int -win32_set_compressed(HANDLE hFile, const wchar_t *path) +win32_set_compression_state(HANDLE hFile, USHORT format, const wchar_t *path) { - USHORT format = COMPRESSION_FORMAT_DEFAULT; DWORD bytesReturned = 0; if (!DeviceIoControl(hFile, FSCTL_SET_COMPRESSION, &format, sizeof(USHORT), @@ -1202,7 +1416,10 @@ win32_set_compressed(HANDLE hFile, const wchar_t *path) DWORD err = GetLastError(); ERROR("Failed to set compression flag on \"%ls\"", path); win32_error(err); - return WIMLIB_ERR_WRITE; + if (err == ERROR_ACCESS_DENIED || err == ERROR_PRIVILEGE_NOT_HELD) + return WIMLIB_ERR_INSUFFICIENT_PRIVILEGES_TO_EXTRACT; + else + return WIMLIB_ERR_WRITE; } return 0; } @@ -1221,7 +1438,10 @@ win32_set_sparse(HANDLE hFile, const wchar_t *path) DWORD err = GetLastError(); WARNING("Failed to set sparse flag on \"%ls\"", path); win32_error(err); - return WIMLIB_ERR_WRITE; + if (err == ERROR_ACCESS_DENIED || err == ERROR_PRIVILEGE_NOT_HELD) + return WIMLIB_ERR_INSUFFICIENT_PRIVILEGES_TO_EXTRACT; + else + return WIMLIB_ERR_WRITE; } return 0; } @@ -1231,21 +1451,55 @@ win32_set_sparse(HANDLE hFile, const wchar_t *path) */ static int win32_set_security_data(const struct wim_inode *inode, + HANDLE hFile, const wchar_t *path, struct apply_args *args) { PSECURITY_DESCRIPTOR descriptor; unsigned long n; DWORD err; + const struct wim_security_data *sd; + + SECURITY_INFORMATION securityInformation = 0; + + void *owner = NULL; + void *group = NULL; + ACL *dacl = NULL; + ACL *sacl = NULL; + + BOOL owner_defaulted; + BOOL group_defaulted; + BOOL dacl_present; + BOOL dacl_defaulted; + BOOL sacl_present; + BOOL sacl_defaulted; - descriptor = wim_const_security_data(args->w)->descriptors[inode->i_security_id]; + sd = wim_const_security_data(args->w); + descriptor = sd->descriptors[inode->i_security_id]; + + GetSecurityDescriptorOwner(descriptor, &owner, &owner_defaulted); + if (owner) + securityInformation |= OWNER_SECURITY_INFORMATION; + + GetSecurityDescriptorGroup(descriptor, &group, &group_defaulted); + if (group) + securityInformation |= GROUP_SECURITY_INFORMATION; + + GetSecurityDescriptorDacl(descriptor, &dacl_present, + &dacl, &dacl_defaulted); + if (dacl) + securityInformation |= DACL_SECURITY_INFORMATION; + + GetSecurityDescriptorSacl(descriptor, &sacl_present, + &sacl, &sacl_defaulted); + if (sacl) + securityInformation |= SACL_SECURITY_INFORMATION; - SECURITY_INFORMATION securityInformation = DACL_SECURITY_INFORMATION | - SACL_SECURITY_INFORMATION | - OWNER_SECURITY_INFORMATION | - GROUP_SECURITY_INFORMATION; again: - if (SetFileSecurityW(path, securityInformation, descriptor)) + if (securityInformation == 0) + return 0; + if (SetSecurityInfo(hFile, SE_FILE_OBJECT, + securityInformation, owner, group, dacl, sacl)) return 0; err = GetLastError(); if (args->extract_flags & WIMLIB_EXTRACT_FLAG_STRICT_ACLS) @@ -1255,6 +1509,7 @@ again: if (securityInformation & SACL_SECURITY_INFORMATION) { n = args->num_set_sacl_priv_notheld++; securityInformation &= ~SACL_SECURITY_INFORMATION; + sacl = NULL; if (n < MAX_SET_SACL_PRIV_NOTHELD_WARNINGS) { WARNING( "We don't have enough privileges to set the full security\n" @@ -1294,7 +1549,10 @@ again: fail: ERROR("Failed to set security descriptor on \"%ls\"", path); win32_error(err); - return WIMLIB_ERR_WRITE; + if (err == ERROR_ACCESS_DENIED || err == ERROR_PRIVILEGE_NOT_HELD) + return WIMLIB_ERR_INSUFFICIENT_PRIVILEGES_TO_EXTRACT; + else + return WIMLIB_ERR_WRITE; } } @@ -1396,14 +1654,6 @@ win32_get_create_flags_and_attributes(DWORD i_attributes) FILE_FLAG_BACKUP_SEMANTICS; } -static bool -inode_has_special_attributes(const struct wim_inode *inode) -{ - return (inode->i_attributes & (FILE_ATTRIBUTE_COMPRESSED | - FILE_ATTRIBUTE_REPARSE_POINT | - FILE_ATTRIBUTE_SPARSE_FILE)) != 0; -} - /* Set compression or sparse attributes, and reparse data, if supported by the * volume. */ static int @@ -1413,13 +1663,21 @@ win32_set_special_attributes(HANDLE hFile, const struct wim_inode *inode, { int ret; - if (inode->i_attributes & FILE_ATTRIBUTE_COMPRESSED) { - if (vol_flags & FILE_FILE_COMPRESSION) { + if (vol_flags & FILE_FILE_COMPRESSION) { + + USHORT format; + if (inode->i_attributes & FILE_ATTRIBUTE_COMPRESSED) { + format = COMPRESSION_FORMAT_DEFAULT; DEBUG("Setting compression flag on \"%ls\"", path); - ret = win32_set_compressed(hFile, path); - if (ret) - return ret; } else { + format = COMPRESSION_FORMAT_NONE; + DEBUG("Clearing compression flag on \"%ls\"", path); + } + ret = win32_set_compression_state(hFile, format, path); + if (ret) + return ret; + } else { + if (inode->i_attributes & FILE_ATTRIBUTE_COMPRESSED) { DEBUG("Cannot set compression attribute on \"%ls\": " "volume does not support transparent compression", path); @@ -1451,7 +1709,6 @@ win32_set_special_attributes(HANDLE hFile, const struct wim_inode *inode, "does not support reparse points", path); } } - return 0; } @@ -1460,17 +1717,18 @@ win32_extract_stream(const struct wim_inode *inode, const wchar_t *path, const wchar_t *stream_name_utf16, struct wim_lookup_table_entry *lte, - unsigned vol_flags) + struct apply_args *args) { wchar_t *stream_path; HANDLE h; int ret; DWORD err; DWORD creationDisposition = CREATE_ALWAYS; + DWORD requestedAccess; if (stream_name_utf16) { /* Named stream. Create a buffer that contains the UTF-16LE - * string [.\]@path:@stream_name_utf16. This is needed to + * string [./]path:stream_name_utf16. This is needed to * create and open the stream using CreateFileW(). I'm not * aware of any other APIs to do this. Note: the '$DATA' suffix * seems to be unneeded. Additional note: a "./" prefix needs @@ -1524,19 +1782,16 @@ win32_extract_stream(const struct wim_inode *inode, } } DEBUG("Created directory \"%ls\"", stream_path); - if (!inode_has_special_attributes(inode)) { - ret = 0; - goto out; - } - DEBUG("Directory \"%ls\" has special attributes!", - stream_path); creationDisposition = OPEN_EXISTING; } } DEBUG("Opening \"%ls\"", stream_path); + requestedAccess = GENERIC_READ | GENERIC_WRITE | + ACCESS_SYSTEM_SECURITY; +try_open_again: h = CreateFileW(stream_path, - GENERIC_READ | GENERIC_WRITE, + requestedAccess, 0, NULL, creationDisposition, @@ -1544,15 +1799,30 @@ win32_extract_stream(const struct wim_inode *inode, NULL); if (h == INVALID_HANDLE_VALUE) { err = GetLastError(); + if (err == ERROR_PRIVILEGE_NOT_HELD && + (requestedAccess & ACCESS_SYSTEM_SECURITY)) + { + requestedAccess &= ~ACCESS_SYSTEM_SECURITY; + goto try_open_again; + } ERROR("Failed to create \"%ls\"", stream_path); win32_error(err); ret = WIMLIB_ERR_OPEN; goto fail; } - if (stream_name_utf16 == NULL && inode_has_special_attributes(inode)) { + if (stream_name_utf16 == NULL) { + if (inode->i_security_id >= 0 && + !(args->extract_flags & WIMLIB_EXTRACT_FLAG_NO_ACLS) + && (args->vol_flags & FILE_PERSISTENT_ACLS)) + { + ret = win32_set_security_data(inode, h, path, args); + if (ret) + goto fail_close_handle; + } + ret = win32_set_special_attributes(h, inode, lte, path, - vol_flags); + args->vol_flags); if (ret) goto fail_close_handle; } @@ -1563,7 +1833,7 @@ win32_extract_stream(const struct wim_inode *inode, stream_path, wim_resource_size(lte)); if (inode->i_attributes & FILE_ATTRIBUTE_ENCRYPTED && stream_name_utf16 == NULL - && (vol_flags & FILE_SUPPORTS_ENCRYPTION)) + && (args->vol_flags & FILE_SUPPORTS_ENCRYPTION)) { ret = do_win32_extract_encrypted_stream(stream_path, lte); @@ -1596,56 +1866,151 @@ out: /* * Creates a file, directory, or reparse point and extracts all streams to it * (unnamed data stream and/or reparse point stream, plus any alternate data - * streams). This in Win32-specific code. + * streams). * * @inode: WIM inode for this file or directory. * @path: UTF-16LE external path to extract the inode to. + * @args: Additional extraction context. * * Returns 0 on success; nonzero on failure. */ static int win32_extract_streams(const struct wim_inode *inode, - const wchar_t *path, u64 *completed_bytes_p, - unsigned vol_flags) + const wchar_t *path, struct apply_args *args) { struct wim_lookup_table_entry *unnamed_lte; int ret; + /* Extract the unnamed stream. */ + unnamed_lte = inode_unnamed_lte_resolved(inode); - ret = win32_extract_stream(inode, path, NULL, unnamed_lte, - vol_flags); + ret = win32_extract_stream(inode, path, NULL, unnamed_lte, args); if (ret) goto out; - if (unnamed_lte) - *completed_bytes_p += wim_resource_size(unnamed_lte); + if (unnamed_lte && inode->i_extracted_file == NULL) + { + args->progress.extract.completed_bytes += + wim_resource_size(unnamed_lte); + } - if (!(vol_flags & FILE_NAMED_STREAMS)) + /* Extract any named streams, if supported by the volume. */ + + if (!(args->vol_flags & FILE_NAMED_STREAMS)) goto out; for (u16 i = 0; i < inode->i_num_ads; i++) { const struct wim_ads_entry *ads_entry = &inode->i_ads_entries[i]; - if (ads_entry->stream_name_nbytes != 0) { - /* Skip special UNIX data entries (see documentation for - * WIMLIB_ADD_IMAGE_FLAG_UNIX_DATA) */ - if (ads_entry->stream_name_nbytes == WIMLIB_UNIX_DATA_TAG_UTF16LE_NBYTES - && !memcmp(ads_entry->stream_name, - WIMLIB_UNIX_DATA_TAG_UTF16LE, - WIMLIB_UNIX_DATA_TAG_UTF16LE_NBYTES)) - continue; - ret = win32_extract_stream(inode, - path, - ads_entry->stream_name, - ads_entry->lte, - vol_flags); - if (ret) - break; - if (ads_entry->lte) - *completed_bytes_p += wim_resource_size(ads_entry->lte); + + /* Skip the unnamed stream if it's in the ADS entries (we + * already extracted it...) */ + if (ads_entry->stream_name_nbytes == 0) + continue; + + /* Skip special UNIX data entries (see documentation for + * WIMLIB_ADD_IMAGE_FLAG_UNIX_DATA) */ + if (ads_entry->stream_name_nbytes == WIMLIB_UNIX_DATA_TAG_UTF16LE_NBYTES + && !memcmp(ads_entry->stream_name, + WIMLIB_UNIX_DATA_TAG_UTF16LE, + WIMLIB_UNIX_DATA_TAG_UTF16LE_NBYTES)) + continue; + + /* Extract the named stream */ + ret = win32_extract_stream(inode, + path, + ads_entry->stream_name, + ads_entry->lte, + args); + if (ret) + break; + + /* Tally the bytes extracted, unless this was supposed to be a + * hard link and we are extracting the data again only as a + * fallback. */ + if (ads_entry->lte && inode->i_extracted_file == NULL) + { + args->progress.extract.completed_bytes += + wim_resource_size(ads_entry->lte); } } out: return ret; } +static int +win32_check_vol_flags(const wchar_t *output_path, struct apply_args *args) +{ + if (args->have_vol_flags) + return 0; + + win32_get_vol_flags(output_path, &args->vol_flags); + args->have_vol_flags = true; + /* Warn the user about data that may not be extracted. */ + if (!(args->vol_flags & FILE_SUPPORTS_SPARSE_FILES)) + WARNING("Volume does not support sparse files!\n" + " Sparse files will be extracted as non-sparse."); + if (!(args->vol_flags & FILE_SUPPORTS_REPARSE_POINTS)) + WARNING("Volume does not support reparse points!\n" + " Reparse point data will not be extracted."); + if (!(args->vol_flags & FILE_NAMED_STREAMS)) { + WARNING("Volume does not support named data streams!\n" + " Named data streams will not be extracted."); + } + if (!(args->vol_flags & FILE_SUPPORTS_ENCRYPTION)) { + WARNING("Volume does not support encryption!\n" + " Encrypted files will be extracted as raw data."); + } + if (!(args->vol_flags & FILE_FILE_COMPRESSION)) { + WARNING("Volume does not support transparent compression!\n" + " Compressed files will be extracted as non-compressed."); + } + if (!(args->vol_flags & FILE_PERSISTENT_ACLS)) { + if (args->extract_flags & WIMLIB_EXTRACT_FLAG_STRICT_ACLS) { + ERROR("Strict ACLs requested, but the volume does not " + "support ACLs!"); + return WIMLIB_ERR_VOLUME_LACKS_FEATURES; + } else { + WARNING("Volume does not support persistent ACLS!\n" + " File permissions will not be extracted."); + } + } + return 0; +} + +static int +win32_try_hard_link(const wchar_t *output_path, const struct wim_inode *inode, + struct apply_args *args) +{ + DWORD err; + + /* There is a volume flag for this (FILE_SUPPORTS_HARD_LINKS), + * but it's only available on Windows 7 and later. So no use + * even checking it, really. Instead, CreateHardLinkW() will + * apparently return ERROR_INVALID_FUNCTION if the volume does + * not support hard links. */ + DEBUG("Creating hard link \"%ls => %ls\"", + output_path, inode->i_extracted_file); + if (CreateHardLinkW(output_path, inode->i_extracted_file, NULL)) + return 0; + + err = GetLastError(); + if (err != ERROR_INVALID_FUNCTION) { + ERROR("Can't create hard link \"%ls => %ls\"", + output_path, inode->i_extracted_file); + win32_error(err); + return WIMLIB_ERR_LINK; + } else { + args->num_hard_links_failed++; + if (args->num_hard_links_failed < MAX_CREATE_HARD_LINK_WARNINGS) { + WARNING("Can't create hard link \"%ls => %ls\":\n" + " Volume does not support hard links!\n" + " Falling back to extracting a copy of the file.", + output_path, inode->i_extracted_file); + } else if (args->num_hard_links_failed == MAX_CREATE_HARD_LINK_WARNINGS) { + WARNING("Suppressing further hard linking warnings..."); + } + return -1; + } +} + /* Extract a file, directory, reparse point, or hard link to an * already-extracted file using the Win32 API */ int @@ -1656,84 +2021,38 @@ win32_do_apply_dentry(const wchar_t *output_path, { int ret; struct wim_inode *inode = dentry->d_inode; - DWORD err; - - if (!args->have_vol_flags) { - win32_get_vol_flags(output_path, &args->vol_flags); - args->have_vol_flags = true; - /* Warn the user about data that may not be extracted. */ - if (!(args->vol_flags & FILE_SUPPORTS_SPARSE_FILES)) - WARNING("Volume does not support sparse files!\n" - " Sparse files will be extracted as non-sparse."); - if (!(args->vol_flags & FILE_SUPPORTS_REPARSE_POINTS)) - WARNING("Volume does not support reparse points!\n" - " Reparse point data will not be extracted."); - if (!(args->vol_flags & FILE_NAMED_STREAMS)) { - WARNING("Volume does not support named data streams!\n" - " Named data streams will not be extracted."); - } - if (!(args->vol_flags & FILE_SUPPORTS_ENCRYPTION)) { - WARNING("Volume does not support encryption!\n" - " Encrypted files will be extracted as raw data."); - } - if (!(args->vol_flags & FILE_FILE_COMPRESSION)) { - WARNING("Volume does not support transparent compression!\n" - " Compressed files will be extracted as non-compressed."); - } - if (!(args->vol_flags & FILE_PERSISTENT_ACLS)) { - if (args->extract_flags & WIMLIB_EXTRACT_FLAG_STRICT_ACLS) { - ERROR("Strict ACLs requested, but the volume does not " - "support ACLs!"); - return WIMLIB_ERR_VOLUME_LACKS_FEATURES; - } else { - WARNING("Volume does not support persistent ACLS!\n" - " File permissions will not be extracted."); - } - } - } + ret = win32_check_vol_flags(output_path, args); + if (ret) + return ret; if (inode->i_nlink > 1 && inode->i_extracted_file != NULL) { /* Linked file, with another name already extracted. Create a * hard link. */ + ret = win32_try_hard_link(output_path, inode, args); + if (ret >= 0) + return ret; + /* Falling back to extracting copy of file */ + } - /* There is a volume flag for this (FILE_SUPPORTS_HARD_LINKS), - * but it's only available on Windows 7 and later. So no use - * even checking it, really. Instead, CreateHardLinkW() will - * apparently return ERROR_INVALID_FUNCTION if the volume does - * not support hard links. */ - DEBUG("Creating hard link \"%ls => %ls\"", - output_path, inode->i_extracted_file); - if (CreateHardLinkW(output_path, inode->i_extracted_file, NULL)) - return 0; - - err = GetLastError(); - if (err != ERROR_INVALID_FUNCTION) { - ERROR("Can't create hard link \"%ls => %ls\"", - output_path, inode->i_extracted_file); - win32_error(err); - return WIMLIB_ERR_LINK; - } else { - WARNING("Can't create hard link \"%ls => %ls\":\n" - " Volume does not support hard links!\n" - " Falling back to extracting a copy of the file."); - } + if (inode->i_attributes & FILE_ATTRIBUTE_REPARSE_POINT && + !(args->vol_flags & FILE_SUPPORTS_REPARSE_POINTS)) + { + WARNING("Skipping extraction of reparse point \"%ls\":\n" + " Not supported by destination filesystem", + output_path); + struct wim_lookup_table_entry *lte; + lte = inode_unnamed_lte_resolved(inode); + if (lte) + args->progress.extract.completed_bytes += wim_resource_size(lte); + return 0; } + /* Create the file, directory, or reparse point, and extract the * data streams. */ - ret = win32_extract_streams(inode, output_path, - &args->progress.extract.completed_bytes, - args->vol_flags); + ret = win32_extract_streams(inode, output_path, args); if (ret) return ret; - if (inode->i_security_id >= 0 && - !(args->extract_flags & WIMLIB_EXTRACT_FLAG_NO_ACLS) - && (args->vol_flags & FILE_PERSISTENT_ACLS)) - { - ret = win32_set_security_data(inode, output_path, args); - if (ret) - return ret; - } if (inode->i_nlink > 1) { /* Save extracted path for a later call to * CreateHardLinkW() if this inode has multiple links. @@ -1742,7 +2061,7 @@ win32_do_apply_dentry(const wchar_t *output_path, if (!inode->i_extracted_file) ret = WIMLIB_ERR_NOMEM; } - return 0; + return ret; } /* Set timestamps on an extracted file using the Win32 API */ @@ -1756,6 +2075,19 @@ win32_do_apply_dentry_timestamps(const wchar_t *path, HANDLE h; const struct wim_inode *inode = dentry->d_inode; + if (inode->i_attributes & FILE_ATTRIBUTE_REPARSE_POINT && + !(args->vol_flags & FILE_SUPPORTS_REPARSE_POINTS)) + { + /* Skip reparse points not extracted */ + return 0; + } + + /* Windows doesn't let you change the timestamps of the root directory + * (at least on FAT, which is dumb but expected since FAT doesn't store + * any metadata about the root directory...) */ + if (path_is_root_of_drive(path)) + return 0; + DEBUG("Opening \"%ls\" to set timestamps", path); h = win32_open_existing_file(path, FILE_WRITE_ATTRIBUTES); if (h == INVALID_HANDLE_VALUE) {