X-Git-Url: https://wimlib.net/git/?p=wimlib;a=blobdiff_plain;f=src%2Fwin32_capture.c;h=bc05d70779459c59871530c88cae5585d4ead1f5;hp=4bc0f7c2b89d6e564c2f7f0cb4a2d4dc671e664a;hb=HEAD;hpb=e3782beb9f112e4f4f3b41cf809f639e852932f5 diff --git a/src/win32_capture.c b/src/win32_capture.c index 4bc0f7c2..958147e6 100644 --- a/src/win32_capture.c +++ b/src/win32_capture.c @@ -5,7 +5,7 @@ */ /* - * Copyright (C) 2013-2016 Eric Biggers + * Copyright (C) 2013-2021 Eric Biggers * * This file is free software; you can redistribute it and/or modify it under * the terms of the GNU Lesser General Public License as published by the Free @@ -18,10 +18,10 @@ * details. * * You should have received a copy of the GNU Lesser General Public License - * along with this file; if not, see http://www.gnu.org/licenses/. + * along with this file; if not, see https://www.gnu.org/licenses/. */ -#ifdef __WIN32__ +#ifdef _WIN32 #ifdef HAVE_CONFIG_H # include "config.h" @@ -31,18 +31,20 @@ #include "wimlib/assert.h" #include "wimlib/blob_table.h" -#include "wimlib/capture.h" #include "wimlib/dentry.h" #include "wimlib/encoding.h" #include "wimlib/endianness.h" #include "wimlib/error.h" +#include "wimlib/object_id.h" #include "wimlib/paths.h" #include "wimlib/reparse.h" +#include "wimlib/scan.h" #include "wimlib/win32_vss.h" #include "wimlib/wof.h" +#include "wimlib/xattr.h" struct winnt_scan_ctx { - struct capture_params *params; + struct scan_params *params; bool is_ntfs; u32 vol_flags; unsigned long num_get_sd_access_denied; @@ -57,10 +59,10 @@ struct winnt_scan_ctx { }; static inline const wchar_t * -printable_path(const wchar_t *full_path) +printable_path(const struct winnt_scan_ctx *ctx) { /* Skip over \\?\ or \??\ */ - return full_path + 4; + return ctx->params->cur_path + 4; } /* Description of where data is located on a Windows filesystem */ @@ -269,8 +271,8 @@ winnt_openat(HANDLE cur_dir, const wchar_t *path, size_t path_nchars, options |= FILE_SEQUENTIAL_ONLY; } retry: - status = (*func_NtOpenFile)(h_ret, perms, &attr, &iosb, - FILE_SHARE_VALID_FLAGS, options); + status = NtOpenFile(h_ret, perms, &attr, &iosb, + FILE_SHARE_VALID_FLAGS, options); if (!NT_SUCCESS(status)) { /* Try requesting fewer permissions */ if (status == STATUS_ACCESS_DENIED || @@ -314,7 +316,7 @@ windows_file_to_string(const struct windows_file *file, u8 *buf, size_t bufsize) static int read_winnt_stream_prefix(const struct windows_file *file, - u64 size, const struct read_blob_callbacks *cbs) + u64 size, const struct consume_chunk_callback *cb) { IO_STATUS_BLOCK iosb; UNICODE_STRING name = { @@ -328,18 +330,18 @@ read_winnt_stream_prefix(const struct windows_file *file, }; HANDLE h; NTSTATUS status; - u8 buf[BUFFER_SIZE] _aligned_attribute(8); + u8 buf[BUFFER_SIZE] __attribute__((aligned(8))); u64 bytes_remaining; int ret; - status = (*func_NtOpenFile)(&h, FILE_READ_DATA | SYNCHRONIZE, - &attr, &iosb, - FILE_SHARE_VALID_FLAGS, - FILE_OPEN_REPARSE_POINT | - FILE_OPEN_FOR_BACKUP_INTENT | - FILE_SYNCHRONOUS_IO_NONALERT | - FILE_SEQUENTIAL_ONLY | - (file->is_file_id ? FILE_OPEN_BY_FILE_ID : 0)); + status = NtOpenFile(&h, FILE_READ_DATA | SYNCHRONIZE, + &attr, &iosb, + FILE_SHARE_VALID_FLAGS, + FILE_OPEN_REPARSE_POINT | + FILE_OPEN_FOR_BACKUP_INTENT | + FILE_SYNCHRONOUS_IO_NONALERT | + FILE_SEQUENTIAL_ONLY | + (file->is_file_id ? FILE_OPEN_BY_FILE_ID : 0)); if (unlikely(!NT_SUCCESS(status))) { if (status == STATUS_SHARING_VIOLATION) { ERROR("Can't open %ls for reading:\n" @@ -365,8 +367,8 @@ read_winnt_stream_prefix(const struct windows_file *file, count = min(sizeof(buf), bytes_remaining); retry_read: - status = (*func_NtReadFile)(h, NULL, NULL, NULL, - &iosb, buf, count, NULL, NULL); + status = NtReadFile(h, NULL, NULL, NULL, + &iosb, buf, count, NULL, NULL); if (unlikely(!NT_SUCCESS(status))) { if (status == STATUS_END_OF_FILE) { ERROR("%ls: File was concurrently truncated", @@ -400,16 +402,16 @@ read_winnt_stream_prefix(const struct windows_file *file, bytes_read = iosb.Information; bytes_remaining -= bytes_read; - ret = call_consume_chunk(buf, bytes_read, cbs); + ret = consume_chunk(cb, buf, bytes_read); if (ret) break; } - (*func_NtClose)(h); + NtClose(h); return ret; } struct win32_encrypted_read_ctx { - const struct read_blob_callbacks *cbs; + const struct consume_chunk_callback *cb; int wimlib_err_code; u64 bytes_remaining; }; @@ -424,7 +426,7 @@ win32_encrypted_export_cb(unsigned char *data, void *_ctx, unsigned long len) if (bytes_to_consume == 0) return ERROR_SUCCESS; - ret = call_consume_chunk(data, bytes_to_consume, ctx->cbs); + ret = consume_chunk(ctx->cb, data, bytes_to_consume); if (ret) { ctx->wimlib_err_code = ret; /* It doesn't matter what error code is returned here, as long @@ -437,7 +439,7 @@ win32_encrypted_export_cb(unsigned char *data, void *_ctx, unsigned long len) static int read_win32_encrypted_file_prefix(const wchar_t *path, bool is_dir, u64 size, - const struct read_blob_callbacks *cbs) + const struct consume_chunk_callback *cb) { struct win32_encrypted_read_ctx export_ctx; DWORD err; @@ -448,7 +450,7 @@ read_win32_encrypted_file_prefix(const wchar_t *path, bool is_dir, u64 size, if (is_dir) flags |= CREATE_FOR_DIR; - export_ctx.cbs = cbs; + export_ctx.cb = cb; export_ctx.wimlib_err_code = 0; export_ctx.bytes_remaining = size; @@ -456,7 +458,7 @@ read_win32_encrypted_file_prefix(const wchar_t *path, bool is_dir, u64 size, if (err != ERROR_SUCCESS) { win32_error(err, L"Failed to open encrypted file \"%ls\" for raw read", - printable_path(path)); + path); return WIMLIB_ERR_OPEN; } err = ReadEncryptedFileRaw(win32_encrypted_export_cb, @@ -466,14 +468,14 @@ read_win32_encrypted_file_prefix(const wchar_t *path, bool is_dir, u64 size, if (ret == 0) { win32_error(err, L"Failed to read encrypted file \"%ls\"", - printable_path(path)); + path); ret = WIMLIB_ERR_READ; } } else if (export_ctx.bytes_remaining != 0) { ERROR("Only could read %"PRIu64" of %"PRIu64" bytes from " "encrypted file \"%ls\"", size - export_ctx.bytes_remaining, size, - printable_path(path)); + path); ret = WIMLIB_ERR_READ; } else { ret = 0; @@ -486,16 +488,17 @@ read_win32_encrypted_file_prefix(const wchar_t *path, bool is_dir, u64 size, * described by @blob. */ int read_windows_file_prefix(const struct blob_descriptor *blob, u64 size, - const struct read_blob_callbacks *cbs) + const struct consume_chunk_callback *cb, + bool recover_data) { const struct windows_file *file = blob->windows_file; if (unlikely(file->is_encrypted)) { bool is_dir = (blob->file_inode->i_attributes & FILE_ATTRIBUTE_DIRECTORY); - return read_win32_encrypted_file_prefix(file->path, is_dir, size, cbs); + return read_win32_encrypted_file_prefix(file->path, is_dir, size, cb); } - return read_winnt_stream_prefix(file, size, cbs); + return read_winnt_stream_prefix(file, size, cb); } /* @@ -509,11 +512,11 @@ winnt_get_short_name(HANDLE h, struct wim_dentry *dentry) * course has to create its own handle. */ NTSTATUS status; IO_STATUS_BLOCK iosb; - u8 buf[128] _aligned_attribute(8); + u8 buf[128] __attribute__((aligned(8))); const FILE_NAME_INFORMATION *info; - status = (*func_NtQueryInformationFile)(h, &iosb, buf, sizeof(buf), - FileAlternateNameInformation); + status = NtQueryInformationFile(h, &iosb, buf, sizeof(buf), + FileAlternateNameInformation); info = (const FILE_NAME_INFORMATION *)buf; if (NT_SUCCESS(status) && info->FileNameLength != 0) { dentry->d_short_name = utf16le_dupz(info->FileName, @@ -531,11 +534,10 @@ winnt_get_short_name(HANDLE h, struct wim_dentry *dentry) */ static noinline_for_stack int winnt_load_security_descriptor(HANDLE h, struct wim_inode *inode, - const wchar_t *full_path, struct winnt_scan_ctx *ctx) { SECURITY_INFORMATION requestedInformation; - u8 _buf[4096] _aligned_attribute(8); + u8 _buf[4096] __attribute__((aligned(8))); u8 *buf; ULONG bufsize; ULONG len_needed; @@ -594,11 +596,11 @@ winnt_load_security_descriptor(HANDLE h, struct wim_inode *inode, * ntdll function and therefore not officially part of the Win32 API. * Oh well. */ - while (!(NT_SUCCESS(status = (*func_NtQuerySecurityObject)(h, - requestedInformation, - (PSECURITY_DESCRIPTOR)buf, - bufsize, - &len_needed)))) + while (!NT_SUCCESS(status = NtQuerySecurityObject(h, + requestedInformation, + (PSECURITY_DESCRIPTOR)buf, + bufsize, + &len_needed))) { switch (status) { case STATUS_BUFFER_TOO_SMALL: @@ -649,26 +651,169 @@ out: FREE(buf); if (!NT_SUCCESS(status)) { winnt_error(status, L"\"%ls\": Can't read security descriptor", - printable_path(full_path)); + printable_path(ctx)); + return WIMLIB_ERR_STAT; + } + return 0; +} + +/* Load a file's object ID into the corresponding WIM inode. */ +static noinline_for_stack int +winnt_load_object_id(HANDLE h, struct wim_inode *inode, + struct winnt_scan_ctx *ctx) +{ + FILE_OBJECTID_BUFFER buffer; + NTSTATUS status; + u32 len; + + if (!(ctx->vol_flags & FILE_SUPPORTS_OBJECT_IDS)) + return 0; + + status = winnt_fsctl(h, FSCTL_GET_OBJECT_ID, NULL, 0, + &buffer, sizeof(buffer), &len); + + if (status == STATUS_OBJECTID_NOT_FOUND) /* No object ID */ + return 0; + + if (status == STATUS_INVALID_DEVICE_REQUEST || + status == STATUS_NOT_SUPPORTED /* Samba volume, WinXP */) { + /* The filesystem claimed to support object IDs, but we can't + * actually read them. This happens with Samba. */ + ctx->vol_flags &= ~FILE_SUPPORTS_OBJECT_IDS; + return 0; + } + + if (!NT_SUCCESS(status)) { + winnt_error(status, L"\"%ls\": Can't read object ID", + printable_path(ctx)); return WIMLIB_ERR_STAT; } + + if (len == 0) /* No object ID (for directories) */ + return 0; + + if (!inode_set_object_id(inode, &buffer, len)) + return WIMLIB_ERR_NOMEM; + return 0; } +/* Load a file's extended attributes into the corresponding WIM inode. */ +static noinline_for_stack int +winnt_load_xattrs(HANDLE h, struct wim_inode *inode, + struct winnt_scan_ctx *ctx, u32 ea_size) +{ + IO_STATUS_BLOCK iosb; + NTSTATUS status; + u8 _buf[1024] __attribute__((aligned(4))); + u8 *buf = _buf; + const FILE_FULL_EA_INFORMATION *ea; + struct wim_xattr_entry *entry; + int ret; + + + /* + * EaSize from FILE_EA_INFORMATION is apparently supposed to give the + * size of the buffer required for NtQueryEaFile(), but it doesn't + * actually work correctly; it can be off by about 4 bytes per xattr. + * + * So just start out by doubling the advertised size, and also handle + * STATUS_BUFFER_OVERFLOW just in case. + */ +retry: + if (unlikely(ea_size * 2 < ea_size)) + ea_size = UINT32_MAX; + else + ea_size *= 2; + if (unlikely(ea_size > sizeof(_buf))) { + buf = MALLOC(ea_size); + if (!buf) { + if (ea_size >= (1 << 20)) { + WARNING("\"%ls\": EaSize was extremely large (%u)", + printable_path(ctx), ea_size); + } + return WIMLIB_ERR_NOMEM; + } + } + + status = NtQueryEaFile(h, &iosb, buf, ea_size, + FALSE, NULL, 0, NULL, TRUE); + + if (unlikely(!NT_SUCCESS(status))) { + if (status == STATUS_BUFFER_OVERFLOW) { + if (buf != _buf) { + FREE(buf); + buf = NULL; + } + goto retry; + } + if (status == STATUS_NO_EAS_ON_FILE) { + /* + * FILE_EA_INFORMATION.EaSize was nonzero so this + * shouldn't happen, but just in case... + */ + ret = 0; + goto out; + } + winnt_error(status, L"\"%ls\": Can't read extended attributes", + printable_path(ctx)); + ret = WIMLIB_ERR_STAT; + goto out; + } + + ea = (const FILE_FULL_EA_INFORMATION *)buf; + entry = (struct wim_xattr_entry *)buf; + for (;;) { + /* + * wim_xattr_entry is not larger than FILE_FULL_EA_INFORMATION, + * so we can reuse the same buffer by overwriting the + * FILE_FULL_EA_INFORMATION with the wim_xattr_entry in-place. + */ + FILE_FULL_EA_INFORMATION _ea; + + STATIC_ASSERT(offsetof(struct wim_xattr_entry, name) <= + offsetof(FILE_FULL_EA_INFORMATION, EaName)); + wimlib_assert((u8 *)entry <= (const u8 *)ea); + + memcpy(&_ea, ea, sizeof(_ea)); + + entry->value_len = cpu_to_le16(_ea.EaValueLength); + entry->name_len = _ea.EaNameLength; + entry->flags = _ea.Flags; + memmove(entry->name, ea->EaName, _ea.EaNameLength); + entry->name[_ea.EaNameLength] = '\0'; + memmove(&entry->name[_ea.EaNameLength + 1], + &ea->EaName[_ea.EaNameLength + 1], _ea.EaValueLength); + entry = (struct wim_xattr_entry *) + &entry->name[_ea.EaNameLength + 1 + _ea.EaValueLength]; + if (_ea.NextEntryOffset == 0) + break; + ea = (const FILE_FULL_EA_INFORMATION *) + ((const u8 *)ea + _ea.NextEntryOffset); + } + wimlib_assert((u8 *)entry - buf <= ea_size); + + ret = WIMLIB_ERR_NOMEM; + if (!inode_set_xattrs(inode, buf, (u8 *)entry - buf)) + goto out; + ret = 0; +out: + if (unlikely(buf != _buf)) + FREE(buf); + return ret; +} + static int -winnt_build_dentry_tree_recursive(struct wim_dentry **root_ret, - HANDLE cur_dir, - wchar_t *full_path, - size_t full_path_nchars, - wchar_t *relative_path, - size_t relative_path_nchars, - const wchar_t *filename, - struct winnt_scan_ctx *ctx); +winnt_build_dentry_tree(struct wim_dentry **root_ret, + HANDLE cur_dir, + const wchar_t *relative_path, + size_t relative_path_nchars, + const wchar_t *filename, + struct winnt_scan_ctx *ctx, + bool recursive); static int winnt_recurse_directory(HANDLE h, - wchar_t *full_path, - size_t full_path_nchars, struct wim_dentry *parent, struct winnt_scan_ctx *ctx) { @@ -685,43 +830,38 @@ winnt_recurse_directory(HANDLE h, /* Using NtQueryDirectoryFile() we can re-use the same open handle, * which we opened with FILE_FLAG_BACKUP_SEMANTICS. */ - while (NT_SUCCESS(status = (*func_NtQueryDirectoryFile)(h, NULL, NULL, NULL, - &iosb, buf, bufsize, - FileNamesInformation, - FALSE, NULL, FALSE))) + while (NT_SUCCESS(status = NtQueryDirectoryFile(h, NULL, NULL, NULL, + &iosb, buf, bufsize, + FileNamesInformation, + FALSE, NULL, FALSE))) { const FILE_NAMES_INFORMATION *info = buf; for (;;) { if (!should_ignore_filename(info->FileName, info->FileNameLength / 2)) { - wchar_t *p; - wchar_t *filename; struct wim_dentry *child; + size_t orig_path_nchars; + const wchar_t *filename; + + ret = WIMLIB_ERR_NOMEM; + filename = pathbuf_append_name(ctx->params, + info->FileName, + info->FileNameLength / 2, + &orig_path_nchars); + if (!filename) + goto out_free_buf; - p = full_path + full_path_nchars; - /* Only add a backslash if we don't already have - * one. This prevents a duplicate backslash - * from being added when the path to the capture - * dir had a trailing backslash. */ - if (*(p - 1) != L'\\') - *p++ = L'\\'; - filename = p; - p = wmempcpy(filename, info->FileName, - info->FileNameLength / 2); - *p = '\0'; - - ret = winnt_build_dentry_tree_recursive( + ret = winnt_build_dentry_tree( &child, h, - full_path, - p - full_path, filename, info->FileNameLength / 2, filename, - ctx); + ctx, + true); - full_path[full_path_nchars] = L'\0'; + pathbuf_truncate(ctx->params, orig_path_nchars); if (ret) goto out_free_buf; @@ -737,7 +877,7 @@ winnt_recurse_directory(HANDLE h, if (unlikely(status != STATUS_NO_MORE_FILES)) { winnt_error(status, L"\"%ls\": Can't read directory", - printable_path(full_path)); + printable_path(ctx)); ret = WIMLIB_ERR_READ; } out_free_buf: @@ -756,18 +896,17 @@ file_has_ino_and_dev(HANDLE h, u64 ino, u64 dev) FILE_INTERNAL_INFORMATION int_info; FILE_FS_VOLUME_INFORMATION vol_info; - status = (*func_NtQueryInformationFile)(h, &iosb, - &int_info, sizeof(int_info), - FileInternalInformation); + status = NtQueryInformationFile(h, &iosb, &int_info, sizeof(int_info), + FileInternalInformation); if (!NT_SUCCESS(status)) return false; if (int_info.IndexNumber.QuadPart != ino) return false; - status = (*func_NtQueryVolumeInformationFile)(h, &iosb, - &vol_info, sizeof(vol_info), - FileFsVolumeInformation); + status = NtQueryVolumeInformationFile(h, &iosb, + &vol_info, sizeof(vol_info), + FileFsVolumeInformation); if (!(NT_SUCCESS(status) || status == STATUS_BUFFER_OVERFLOW)) return false; @@ -839,17 +978,17 @@ winnt_relativize_link_target(const wchar_t *target, size_t target_nbytes, name.MaximumLength = name.Length; /* Try opening the file */ - status = (*func_NtOpenFile) (&h, - FILE_READ_ATTRIBUTES | FILE_TRAVERSE, - &attr, - &iosb, - FILE_SHARE_VALID_FLAGS, - FILE_OPEN_FOR_BACKUP_INTENT); + status = NtOpenFile(&h, + FILE_READ_ATTRIBUTES | FILE_TRAVERSE, + &attr, + &iosb, + FILE_SHARE_VALID_FLAGS, + FILE_OPEN_FOR_BACKUP_INTENT); if (NT_SUCCESS(status)) { /* Reset root directory */ if (attr.RootDirectory) - (*func_NtClose)(attr.RootDirectory); + NtClose(attr.RootDirectory); attr.RootDirectory = h; name.Buffer = (wchar_t *)p; name.Length = 0; @@ -863,14 +1002,14 @@ winnt_relativize_link_target(const wchar_t *target, size_t target_nbytes, out_close_root_dir: if (attr.RootDirectory) - (*func_NtClose)(attr.RootDirectory); + NtClose(attr.RootDirectory); while (p > target && *(p - 1) == L'\\') p--; return p; } static int -winnt_rpfix_progress(struct capture_params *params, const wchar_t *path, +winnt_rpfix_progress(struct scan_params *params, const struct link_reparse_point *link, int scan_status) { size_t print_name_nchars = link->print_name_nbytes / sizeof(wchar_t); @@ -879,14 +1018,13 @@ winnt_rpfix_progress(struct capture_params *params, const wchar_t *path, wmemcpy(print_name0, link->print_name, print_name_nchars); print_name0[print_name_nchars] = L'\0'; - params->progress.scan.cur_path = path; params->progress.scan.symlink_target = print_name0; - return do_capture_progress(params, scan_status, NULL); + return do_scan_progress(params, scan_status, NULL); } static int winnt_try_rpfix(struct reparse_buffer_disk *rpbuf, u16 *rpbuflen_p, - const wchar_t *path, struct capture_params *params) + struct scan_params *params) { struct link_reparse_point link; const wchar_t *rel_target; @@ -930,7 +1068,7 @@ winnt_try_rpfix(struct reparse_buffer_disk *rpbuf, u16 *rpbuflen_p, if (rel_target == link.substitute_name) { /* Target points outside of the tree being captured or had an * unrecognized path format. Don't adjust it. */ - return winnt_rpfix_progress(params, path, &link, + return winnt_rpfix_progress(params, &link, WIMLIB_SCAN_DENTRY_NOT_FIXED_SYMLINK); } @@ -966,7 +1104,7 @@ winnt_try_rpfix(struct reparse_buffer_disk *rpbuf, u16 *rpbuflen_p, if (make_link_reparse_point(&link, rpbuf, rpbuflen_p)) return 0; - ret = winnt_rpfix_progress(params, path, &link, + ret = winnt_rpfix_progress(params, &link, WIMLIB_SCAN_DENTRY_FIXED_SYMLINK); if (ret) return ret; @@ -979,7 +1117,7 @@ winnt_try_rpfix(struct reparse_buffer_disk *rpbuf, u16 *rpbuflen_p, * capture root. */ static noinline_for_stack int winnt_load_reparse_data(HANDLE h, struct wim_inode *inode, - const wchar_t *full_path, struct capture_params *params) + struct winnt_scan_ctx *ctx) { struct reparse_buffer_disk rpbuf; NTSTATUS status; @@ -990,7 +1128,7 @@ winnt_load_reparse_data(HANDLE h, struct wim_inode *inode, if (inode->i_attributes & FILE_ATTRIBUTE_ENCRYPTED) { /* See comment above assign_stream_types_encrypted() */ WARNING("Ignoring reparse data of encrypted file \"%ls\"", - printable_path(full_path)); + printable_path(ctx)); return 0; } @@ -998,7 +1136,7 @@ winnt_load_reparse_data(HANDLE h, struct wim_inode *inode, NULL, 0, &rpbuf, sizeof(rpbuf), &len); if (!NT_SUCCESS(status)) { winnt_error(status, L"\"%ls\": Can't get reparse point", - printable_path(full_path)); + printable_path(ctx)); return WIMLIB_ERR_READLINK; } @@ -1006,12 +1144,27 @@ winnt_load_reparse_data(HANDLE h, struct wim_inode *inode, if (unlikely(rpbuflen < REPARSE_DATA_OFFSET)) { ERROR("\"%ls\": reparse point buffer is too short", - printable_path(full_path)); + printable_path(ctx)); return WIMLIB_ERR_INVALID_REPARSE_DATA; } - if (params->add_flags & WIMLIB_ADD_FLAG_RPFIX) { - ret = winnt_try_rpfix(&rpbuf, &rpbuflen, full_path, params); + if (le32_to_cpu(rpbuf.rptag) == WIM_IO_REPARSE_TAG_DEDUP) { + /* + * Windows treats Data Deduplication reparse points specially. + * Reads from the unnamed data stream actually return the + * redirected file contents, even with FILE_OPEN_REPARSE_POINT. + * Deduplicated files also cannot be properly restored without + * also restoring the "System Volume Information" directory, + * which wimlib excludes by default. Therefore, the logical + * behavior for us seems to be to ignore the reparse point and + * treat the file as a normal file. + */ + inode->i_attributes &= ~FILE_ATTRIBUTE_REPARSE_POINT; + return 0; + } + + if (ctx->params->add_flags & WIMLIB_ADD_FLAG_RPFIX) { + ret = winnt_try_rpfix(&rpbuf, &rpbuflen, ctx->params); if (ret == RP_FIXED) inode->i_rp_flags &= ~WIM_RP_FLAG_NOT_FIXED; else if (ret) @@ -1026,7 +1179,7 @@ winnt_load_reparse_data(HANDLE h, struct wim_inode *inode, NO_STREAM_NAME, rpbuf.rpdata, rpbuflen - REPARSE_DATA_OFFSET, - params->blob_table)) + ctx->params->blob_table)) return WIMLIB_ERR_NOMEM; return 0; @@ -1055,7 +1208,7 @@ win32_get_encrypted_file_size(const wchar_t *path, bool is_dir, u64 *size_ret) if (err != ERROR_SUCCESS) { win32_error(err, L"Failed to open encrypted file \"%ls\" for raw read", - printable_path(path)); + path); return WIMLIB_ERR_OPEN; } *size_ret = 0; @@ -1064,7 +1217,7 @@ win32_get_encrypted_file_size(const wchar_t *path, bool is_dir, u64 *size_ret) if (err != ERROR_SUCCESS) { win32_error(err, L"Failed to read raw encrypted data from \"%ls\"", - printable_path(path)); + path); ret = WIMLIB_ERR_READ; } else { ret = 0; @@ -1075,9 +1228,10 @@ win32_get_encrypted_file_size(const wchar_t *path, bool is_dir, u64 *size_ret) static int winnt_scan_efsrpc_raw_data(struct wim_inode *inode, - wchar_t *path, size_t path_nchars, struct winnt_scan_ctx *ctx) { + wchar_t *path = ctx->params->cur_path; + size_t path_nchars = ctx->params->cur_path_nchars; const bool is_dir = (inode->i_attributes & FILE_ATTRIBUTE_DIRECTORY); struct windows_file *windows_file; u64 size; @@ -1137,8 +1291,7 @@ get_data_stream_name(const wchar_t *raw_stream_name, size_t raw_stream_name_ncha } static int -winnt_scan_data_stream(const wchar_t *path, size_t path_nchars, - wchar_t *raw_stream_name, size_t raw_stream_name_nchars, +winnt_scan_data_stream(wchar_t *raw_stream_name, size_t raw_stream_name_nchars, u64 stream_size, struct wim_inode *inode, struct winnt_scan_ctx *ctx) { @@ -1156,7 +1309,8 @@ winnt_scan_data_stream(const wchar_t *path, size_t path_nchars, stream_name[stream_name_nchars] = L'\0'; - windows_file = alloc_windows_file(path, path_nchars, + windows_file = alloc_windows_file(ctx->params->cur_path, + ctx->params->cur_path_nchars, stream_name, stream_name_nchars, ctx->snapshot, false); return add_stream(inode, windows_file, stream_size, STREAM_TYPE_DATA, @@ -1167,23 +1321,17 @@ winnt_scan_data_stream(const wchar_t *path, size_t path_nchars, * Load information about the data streams of an open file into a WIM inode. * * We use the NtQueryInformationFile() system call instead of FindFirstStream() - * and FindNextStream(). This is done for two reasons: - * - * - FindFirstStream() opens its own handle to the file or directory and - * apparently does so without specifying FILE_FLAG_BACKUP_SEMANTICS, thereby - * causing access denied errors on certain files (even when running as the - * Administrator). - * - FindFirstStream() and FindNextStream() is only available on Windows Vista - * and later, whereas the stream support in NtQueryInformationFile() was - * already present in Windows XP. + * and FindNextStream(), since FindFirstStream() opens its own handle to the + * file or directory and apparently does so without specifying + * FILE_FLAG_BACKUP_SEMANTICS. This causing access denied errors on certain + * files, even when running as the Administrator. */ static noinline_for_stack int -winnt_scan_data_streams(HANDLE h, const wchar_t *path, size_t path_nchars, - struct wim_inode *inode, u64 file_size, +winnt_scan_data_streams(HANDLE h, struct wim_inode *inode, u64 file_size, struct winnt_scan_ctx *ctx) { int ret; - u8 _buf[4096] _aligned_attribute(8); + u8 _buf[4096] __attribute__((aligned(8))); u8 *buf; size_t bufsize; IO_STATUS_BLOCK iosb; @@ -1197,11 +1345,11 @@ winnt_scan_data_streams(HANDLE h, const wchar_t *path, size_t path_nchars, goto unnamed_only; /* Get a buffer containing the stream information. */ - while (!NT_SUCCESS(status = (*func_NtQueryInformationFile)(h, - &iosb, - buf, - bufsize, - FileStreamInformation))) + while (!NT_SUCCESS(status = NtQueryInformationFile(h, + &iosb, + buf, + bufsize, + FileStreamInformation))) { switch (status) { @@ -1228,7 +1376,7 @@ winnt_scan_data_streams(HANDLE h, const wchar_t *path, size_t path_nchars, default: winnt_error(status, L"\"%ls\": Failed to query stream information", - printable_path(path)); + printable_path(ctx)); ret = WIMLIB_ERR_READ; goto out_free_buf; } @@ -1244,8 +1392,7 @@ winnt_scan_data_streams(HANDLE h, const wchar_t *path, size_t path_nchars, info = (FILE_STREAM_INFORMATION *)buf; for (;;) { /* Load the stream information. */ - ret = winnt_scan_data_stream(path, path_nchars, - info->StreamName, + ret = winnt_scan_data_stream(info->StreamName, info->StreamNameLength / 2, info->StreamSize.QuadPart, inode, ctx); @@ -1275,8 +1422,8 @@ unnamed_only: { wchar_t stream_name[] = L"::$DATA"; - ret = winnt_scan_data_stream(path, path_nchars, stream_name, 7, - file_size, inode, ctx); + ret = winnt_scan_data_stream(stream_name, 7, file_size, + inode, ctx); } out_free_buf: /* Free buffer if allocated on heap. */ @@ -1320,8 +1467,7 @@ set_sort_key(struct wim_inode *inode, u64 sort_key) static inline bool should_try_to_use_wimboot_hash(const struct wim_inode *inode, - const struct winnt_scan_ctx *ctx, - const struct capture_params *params) + const struct winnt_scan_ctx *ctx) { /* Directories and encrypted files aren't valid for external backing. */ if (inode->i_attributes & (FILE_ATTRIBUTE_DIRECTORY | @@ -1333,7 +1479,7 @@ should_try_to_use_wimboot_hash(const struct wim_inode *inode, * fixup if WOF may be attached. */ if (inode->i_attributes & FILE_ATTRIBUTE_REPARSE_POINT) return (inode->i_reparse_tag == WIM_IO_REPARSE_TAG_WOF) && - (params->add_flags & WIMLIB_ADD_FLAG_WIMBOOT); + (ctx->params->add_flags & WIMLIB_ADD_FLAG_WIMBOOT); return !ctx->wof_not_attached; } @@ -1355,7 +1501,7 @@ should_try_to_use_wimboot_hash(const struct wim_inode *inode, */ static noinline_for_stack int try_to_use_wimboot_hash(HANDLE h, struct wim_inode *inode, - struct winnt_scan_ctx *ctx, const wchar_t *full_path) + struct winnt_scan_ctx *ctx) { struct blob_table *blob_table = ctx->params->blob_table; struct wim_inode_stream *reparse_strm = NULL; @@ -1367,7 +1513,7 @@ try_to_use_wimboot_hash(HANDLE h, struct wim_inode *inode, if (inode->i_attributes & FILE_ATTRIBUTE_REPARSE_POINT) { struct reparse_buffer_disk rpbuf; struct { - struct wof_external_info wof_info; + WOF_EXTERNAL_INFO wof_info; struct wim_provider_rpdata wim_info; } *rpdata = (void *)rpbuf.rpdata; struct blob_descriptor *reparse_blob; @@ -1385,8 +1531,8 @@ try_to_use_wimboot_hash(HANDLE h, struct wim_inode *inode, if (ret) return ret; - if (rpdata->wof_info.version != WOF_CURRENT_VERSION || - rpdata->wof_info.provider != WOF_PROVIDER_WIM || + if (rpdata->wof_info.Version != WOF_CURRENT_VERSION || + rpdata->wof_info.Provider != WOF_PROVIDER_WIM || rpdata->wim_info.version != 2) return 0; /* Not a WIM-backed file */ @@ -1394,8 +1540,8 @@ try_to_use_wimboot_hash(HANDLE h, struct wim_inode *inode, copy_hash(hash, rpdata->wim_info.unnamed_data_stream_hash); } else { struct { - struct wof_external_info wof_info; - struct wim_provider_external_info wim_info; + WOF_EXTERNAL_INFO wof_info; + WIM_PROVIDER_EXTERNAL_INFO wim_info; } out; NTSTATUS status; @@ -1424,18 +1570,18 @@ try_to_use_wimboot_hash(HANDLE h, struct wim_inode *inode, if (status != STATUS_SUCCESS) { winnt_error(status, L"\"%ls\": FSCTL_GET_EXTERNAL_BACKING failed", - full_path); + printable_path(ctx)); return WIMLIB_ERR_STAT; } /* Is this file backed by a WIM? */ - if (out.wof_info.version != WOF_CURRENT_VERSION || - out.wof_info.provider != WOF_PROVIDER_WIM || - out.wim_info.version != WIM_PROVIDER_CURRENT_VERSION) + if (out.wof_info.Version != WOF_CURRENT_VERSION || + out.wof_info.Provider != WOF_PROVIDER_WIM || + out.wim_info.Version != WIM_PROVIDER_CURRENT_VERSION) return 0; /* Okay, this is a WIM backed file. Get its SHA-1 hash. */ - copy_hash(hash, out.wim_info.unnamed_data_stream_hash); + copy_hash(hash, out.wim_info.ResourceHash); } /* If the file's unnamed data stream is nonempty, then fill in its hash @@ -1453,7 +1599,8 @@ try_to_use_wimboot_hash(HANDLE h, struct wim_inode *inode, return 0; back_ptr = retrieve_pointer_to_unhashed_blob(blob); copy_hash(blob->hash, hash); - if (after_blob_hashed(blob, back_ptr, blob_table) != blob) + if (after_blob_hashed(blob, back_ptr, blob_table, + inode) != blob) free_blob_descriptor(blob); } @@ -1477,6 +1624,7 @@ struct file_info { u64 last_access_time; u64 ino; u64 end_of_file; + u32 ea_size; }; static noinline_for_stack NTSTATUS @@ -1486,9 +1634,8 @@ get_file_info(HANDLE h, struct file_info *info) NTSTATUS status; FILE_ALL_INFORMATION all_info; - status = (*func_NtQueryInformationFile)(h, &iosb, &all_info, - sizeof(all_info), - FileAllInformation); + status = NtQueryInformationFile(h, &iosb, &all_info, sizeof(all_info), + FileAllInformation); if (unlikely(!NT_SUCCESS(status) && status != STATUS_BUFFER_OVERFLOW)) return status; @@ -1500,14 +1647,15 @@ get_file_info(HANDLE h, struct file_info *info) info->last_access_time = all_info.BasicInformation.LastAccessTime.QuadPart; info->ino = all_info.InternalInformation.IndexNumber.QuadPart; info->end_of_file = all_info.StandardInformation.EndOfFile.QuadPart; + info->ea_size = all_info.EaInformation.EaSize; return STATUS_SUCCESS; } static void -get_volume_information(HANDLE h, const wchar_t *full_path, - struct winnt_scan_ctx *ctx) +get_volume_information(HANDLE h, struct winnt_scan_ctx *ctx) { - u8 _attr_info[sizeof(FILE_FS_ATTRIBUTE_INFORMATION) + 128] _aligned_attribute(8); + u8 _attr_info[sizeof(FILE_FS_ATTRIBUTE_INFORMATION) + 128] + __attribute__((aligned(8))); FILE_FS_ATTRIBUTE_INFORMATION *attr_info = (void *)_attr_info; FILE_FS_VOLUME_INFORMATION vol_info; struct file_info file_info; @@ -1515,22 +1663,22 @@ get_volume_information(HANDLE h, const wchar_t *full_path, NTSTATUS status; /* Get volume flags */ - status = (*func_NtQueryVolumeInformationFile)(h, &iosb, attr_info, - sizeof(_attr_info), - FileFsAttributeInformation); + status = NtQueryVolumeInformationFile(h, &iosb, attr_info, + sizeof(_attr_info), + FileFsAttributeInformation); if (NT_SUCCESS(status)) { ctx->vol_flags = attr_info->FileSystemAttributes; ctx->is_ntfs = (attr_info->FileSystemNameLength == 4 * sizeof(wchar_t)) && !wmemcmp(attr_info->FileSystemName, L"NTFS", 4); } else { winnt_warning(status, L"\"%ls\": Can't get volume attributes", - printable_path(full_path)); + printable_path(ctx)); } /* Get volume ID. */ - status = (*func_NtQueryVolumeInformationFile)(h, &iosb, &vol_info, - sizeof(vol_info), - FileFsVolumeInformation); + status = NtQueryVolumeInformationFile(h, &iosb, &vol_info, + sizeof(vol_info), + FileFsVolumeInformation); if ((NT_SUCCESS(status) || status == STATUS_BUFFER_OVERFLOW) && (iosb.Information >= offsetof(FILE_FS_VOLUME_INFORMATION, VolumeSerialNumber) + @@ -1539,7 +1687,7 @@ get_volume_information(HANDLE h, const wchar_t *full_path, ctx->params->capture_root_dev = vol_info.VolumeSerialNumber; } else { winnt_warning(status, L"\"%ls\": Can't get volume ID", - printable_path(full_path)); + printable_path(ctx)); } /* Get inode number. */ @@ -1548,19 +1696,18 @@ get_volume_information(HANDLE h, const wchar_t *full_path, ctx->params->capture_root_ino = file_info.ino; } else { winnt_warning(status, L"\"%ls\": Can't get file information", - printable_path(full_path)); + printable_path(ctx)); } } static int -winnt_build_dentry_tree_recursive(struct wim_dentry **root_ret, - HANDLE cur_dir, - wchar_t *full_path, - size_t full_path_nchars, - wchar_t *relative_path, - size_t relative_path_nchars, - const wchar_t *filename, - struct winnt_scan_ctx *ctx) +winnt_build_dentry_tree(struct wim_dentry **root_ret, + HANDLE cur_dir, + const wchar_t *relative_path, + size_t relative_path_nchars, + const wchar_t *filename, + struct winnt_scan_ctx *ctx, + bool recursive) { struct wim_dentry *root = NULL; struct wim_inode *inode = NULL; @@ -1570,7 +1717,7 @@ winnt_build_dentry_tree_recursive(struct wim_dentry **root_ret, struct file_info file_info; u64 sort_key; - ret = try_exclude(full_path, ctx->params); + ret = try_exclude(ctx->params); if (unlikely(ret < 0)) /* Excluded? */ goto out_progress; if (unlikely(ret > 0)) /* Error? */ @@ -1583,13 +1730,13 @@ winnt_build_dentry_tree_recursive(struct wim_dentry **root_ret, * this permission on all nondirectories. Perhaps it causes Windows to * start prefetching the file contents... */ status = winnt_openat(cur_dir, relative_path, relative_path_nchars, - FILE_READ_ATTRIBUTES | READ_CONTROL | - ACCESS_SYSTEM_SECURITY, + FILE_READ_ATTRIBUTES | FILE_READ_EA | + READ_CONTROL | ACCESS_SYSTEM_SECURITY, &h); if (unlikely(!NT_SUCCESS(status))) { if (status == STATUS_DELETE_PENDING) { WARNING("\"%ls\": Deletion pending; skipping file", - printable_path(full_path)); + printable_path(ctx)); ret = 0; goto out; } @@ -1597,12 +1744,12 @@ winnt_build_dentry_tree_recursive(struct wim_dentry **root_ret, ERROR("Can't open \"%ls\":\n" " File is in use by another process! " "Consider using snapshot (VSS) mode.", - printable_path(full_path)); + printable_path(ctx)); ret = WIMLIB_ERR_OPEN; goto out; } winnt_error(status, L"\"%ls\": Can't open file", - printable_path(full_path)); + printable_path(ctx)); if (status == STATUS_FVE_LOCKED_VOLUME) ret = WIMLIB_ERR_FVE_LOCKED_VOLUME; else @@ -1614,7 +1761,7 @@ winnt_build_dentry_tree_recursive(struct wim_dentry **root_ret, status = get_file_info(h, &file_info); if (!NT_SUCCESS(status)) { winnt_error(status, L"\"%ls\": Can't get file information", - printable_path(full_path)); + printable_path(ctx)); ret = WIMLIB_ERR_STAT; goto out; } @@ -1670,14 +1817,26 @@ winnt_build_dentry_tree_recursive(struct wim_dentry **root_ret, if (!(ctx->params->add_flags & WIMLIB_ADD_FLAG_NO_ACLS) && (ctx->vol_flags & FILE_PERSISTENT_ACLS)) { - ret = winnt_load_security_descriptor(h, inode, full_path, ctx); + ret = winnt_load_security_descriptor(h, inode, ctx); + if (ret) + goto out; + } + + /* Get the file's object ID. */ + ret = winnt_load_object_id(h, inode, ctx); + if (ret) + goto out; + + /* Get the file's extended attributes. */ + if (unlikely(file_info.ea_size != 0)) { + ret = winnt_load_xattrs(h, inode, ctx, file_info.ea_size); if (ret) goto out; } /* If this is a reparse point, load the reparse data. */ if (unlikely(inode->i_attributes & FILE_ATTRIBUTE_REPARSE_POINT)) { - ret = winnt_load_reparse_data(h, inode, full_path, ctx->params); + ret = winnt_load_reparse_data(h, inode, ctx); if (ret) goto out; } @@ -1693,10 +1852,9 @@ winnt_build_dentry_tree_recursive(struct wim_dentry **root_ret, * ERROR_SHARING_VIOLATION if there are any open handles to the * file, we have to close the file and re-open it later if * needed. */ - (*func_NtClose)(h); + NtClose(h); h = NULL; - ret = winnt_scan_efsrpc_raw_data(inode, full_path, - full_path_nchars, ctx); + ret = winnt_scan_efsrpc_raw_data(inode, ctx); if (ret) goto out; } else { @@ -1711,8 +1869,6 @@ winnt_build_dentry_tree_recursive(struct wim_dentry **root_ret, * the EFSRPC data and the named data stream(s)...! */ ret = winnt_scan_data_streams(h, - full_path, - full_path_nchars, inode, file_info.end_of_file, ctx); @@ -1720,21 +1876,21 @@ winnt_build_dentry_tree_recursive(struct wim_dentry **root_ret, goto out; } - if (unlikely(should_try_to_use_wimboot_hash(inode, ctx, ctx->params))) { - ret = try_to_use_wimboot_hash(h, inode, ctx, full_path); + if (unlikely(should_try_to_use_wimboot_hash(inode, ctx))) { + ret = try_to_use_wimboot_hash(h, inode, ctx); if (ret) goto out; } set_sort_key(inode, sort_key); - if (inode_is_directory(inode)) { + if (inode_is_directory(inode) && recursive) { /* Directory: recurse to children. */ /* Re-open the directory with FILE_LIST_DIRECTORY access. */ if (h) { - (*func_NtClose)(h); + NtClose(h); h = NULL; } status = winnt_openat(cur_dir, relative_path, @@ -1742,32 +1898,33 @@ winnt_build_dentry_tree_recursive(struct wim_dentry **root_ret, &h); if (!NT_SUCCESS(status)) { winnt_error(status, L"\"%ls\": Can't open directory", - printable_path(full_path)); + printable_path(ctx)); ret = WIMLIB_ERR_OPEN; goto out; } - ret = winnt_recurse_directory(h, - full_path, - full_path_nchars, - root, - ctx); + ret = winnt_recurse_directory(h, root, ctx); if (ret) goto out; } out_progress: - ctx->params->progress.scan.cur_path = full_path; - if (likely(root)) - ret = do_capture_progress(ctx->params, WIMLIB_SCAN_DENTRY_OK, inode); - else - ret = do_capture_progress(ctx->params, WIMLIB_SCAN_DENTRY_EXCLUDED, NULL); + ret = 0; + if (recursive) { /* if !recursive, caller handles progress */ + if (likely(root)) + ret = do_scan_progress(ctx->params, + WIMLIB_SCAN_DENTRY_OK, inode); + else + ret = do_scan_progress(ctx->params, + WIMLIB_SCAN_DENTRY_EXCLUDED, + NULL); + } out: if (likely(h)) - (*func_NtClose)(h); + NtClose(h); if (unlikely(ret)) { free_dentry_tree(root, ctx->params->blob_table); root = NULL; - ret = report_capture_error(ctx->params, ret, full_path); + ret = report_scan_error(ctx->params, ret); } *root_ret = root; return ret; @@ -1927,6 +2084,10 @@ typedef struct { #define NTFS_IS_SPECIAL_FILE(ino) \ (NTFS_MFT_NO(ino) <= 15 && !NTFS_IS_ROOT_FILE(ino)) +#define NTFS_SPECIAL_STREAM_OBJECT_ID 0x00000001 +#define NTFS_SPECIAL_STREAM_EA 0x00000002 +#define NTFS_SPECIAL_STREAM_EA_INFORMATION 0x00000004 + /* Intermediate inode structure. This is used to temporarily save information * from FSCTL_QUERY_FILE_LAYOUT before creating the full 'struct wim_inode'. */ struct ntfs_inode { @@ -1940,6 +2101,7 @@ struct ntfs_inode { u32 security_id; u32 num_aliases; u32 num_streams; + u32 special_streams; u32 first_stream_offset; struct ntfs_dentry *first_child; wchar_t short_name[13]; @@ -2110,6 +2272,10 @@ is_valid_stream_entry(const STREAM_LAYOUT_ENTRY *stream) stream->StreamIdentifierLength / 2); } +/* assumes that 'id' is a wide string literal */ +#define stream_has_identifier(stream, id) \ + ((stream)->StreamIdentifierLength == sizeof(id) - 2 && \ + !memcmp((stream)->StreamIdentifier, id, sizeof(id) - 2)) /* * If the specified STREAM_LAYOUT_ENTRY represents a DATA stream as opposed to * some other type of NTFS stream such as a STANDARD_INFORMATION stream, return @@ -2146,14 +2312,18 @@ use_stream(const FILE_LAYOUT_ENTRY *file, const STREAM_LAYOUT_ENTRY *stream, /* Validate the STREAM_LAYOUT_ENTRYs of the specified file and compute the total * length in bytes of the ntfs_stream structures needed to hold the stream - * information. */ + * information. In addition, set *special_streams_ret to a bitmask of special + * stream types that were found. */ static int validate_streams_and_compute_total_length(const FILE_LAYOUT_ENTRY *file, - size_t *total_length_ret) + size_t *total_length_ret, + u32 *special_streams_ret) { const STREAM_LAYOUT_ENTRY *stream = (const void *)file + file->FirstStreamOffset; size_t total = 0; + u32 special_streams = 0; + for (;;) { const wchar_t *name; size_t name_nchars; @@ -2173,6 +2343,12 @@ validate_streams_and_compute_total_length(const FILE_LAYOUT_ENTRY *file, if (use_stream(file, stream, &name, &name_nchars)) { total += ALIGN(sizeof(struct ntfs_stream) + (name_nchars + 1) * sizeof(wchar_t), 8); + } else if (stream_has_identifier(stream, L"::$OBJECT_ID")) { + special_streams |= NTFS_SPECIAL_STREAM_OBJECT_ID; + } else if (stream_has_identifier(stream, L"::$EA")) { + special_streams |= NTFS_SPECIAL_STREAM_EA; + } else if (stream_has_identifier(stream, L"::$EA_INFORMATION")) { + special_streams |= NTFS_SPECIAL_STREAM_EA_INFORMATION; } if (stream->NextStreamOffset == 0) break; @@ -2180,6 +2356,7 @@ validate_streams_and_compute_total_length(const FILE_LAYOUT_ENTRY *file, } *total_length_ret = total; + *special_streams_ret = special_streams; return 0; } @@ -2276,6 +2453,7 @@ load_one_file(const FILE_LAYOUT_ENTRY *file, struct ntfs_inode_map *inode_map) size_t n; int ret; void *p; + u32 special_streams = 0; inode_size = ALIGN(sizeof(struct ntfs_inode), 8); @@ -2292,7 +2470,8 @@ load_one_file(const FILE_LAYOUT_ENTRY *file, struct ntfs_inode_map *inode_map) } if (file_has_streams(file)) { - ret = validate_streams_and_compute_total_length(file, &n); + ret = validate_streams_and_compute_total_length(file, &n, + &special_streams); if (ret) return ret; inode_size += n; @@ -2310,6 +2489,7 @@ load_one_file(const FILE_LAYOUT_ENTRY *file, struct ntfs_inode_map *inode_map) ni->last_write_time = info->BasicInformation.LastWriteTime; ni->last_access_time = info->BasicInformation.LastAccessTime; ni->security_id = info->SecurityId; + ni->special_streams = special_streams; p = FIRST_DENTRY(ni); @@ -2346,7 +2526,7 @@ load_files_from_mft(const wchar_t *path, struct ntfs_inode_map *inode_map) QUERY_FILE_LAYOUT_INCLUDE_STREAMS_WITH_NO_CLUSTERS_ALLOCATED, .FilterType = QUERY_FILE_LAYOUT_FILTER_TYPE_NONE, }; - const size_t outsize = 32768; + size_t outsize = 32768; QUERY_FILE_LAYOUT_OUTPUT *out = NULL; int ret; NTSTATUS status; @@ -2358,34 +2538,47 @@ load_files_from_mft(const wchar_t *path, struct ntfs_inode_map *inode_map) goto out; } - out = MALLOC(outsize); - if (!out) { - ret = WIMLIB_ERR_NOMEM; - goto out; - } + for (;;) { + /* Allocate a buffer for the output of the ioctl. */ + out = MALLOC(outsize); + if (!out) { + ret = WIMLIB_ERR_NOMEM; + goto out; + } - while (NT_SUCCESS(status = winnt_fsctl(h, FSCTL_QUERY_FILE_LAYOUT, - &in, sizeof(in), - out, outsize, NULL))) - { - const FILE_LAYOUT_ENTRY *file = - (const void *)out + out->FirstFileOffset; - for (;;) { - ret = load_one_file(file, inode_map); - if (ret) - goto out; - if (file->NextFileOffset == 0) - break; - file = (const void *)file + file->NextFileOffset; + /* Execute FSCTL_QUERY_FILE_LAYOUT until it fails. */ + while (NT_SUCCESS(status = winnt_fsctl(h, + FSCTL_QUERY_FILE_LAYOUT, + &in, sizeof(in), + out, outsize, NULL))) + { + const FILE_LAYOUT_ENTRY *file = + (const void *)out + out->FirstFileOffset; + for (;;) { + ret = load_one_file(file, inode_map); + if (ret) + goto out; + if (file->NextFileOffset == 0) + break; + file = (const void *)file + file->NextFileOffset; + } + in.Flags &= ~QUERY_FILE_LAYOUT_RESTART; } - in.Flags &= ~QUERY_FILE_LAYOUT_RESTART; + + /* Enlarge the buffer if needed. */ + if (status != STATUS_BUFFER_TOO_SMALL) + break; + FREE(out); + outsize *= 2; } /* Normally, FSCTL_QUERY_FILE_LAYOUT fails with STATUS_END_OF_FILE after * all files have been enumerated. */ if (status != STATUS_END_OF_FILE) { if (status == STATUS_INVALID_DEVICE_REQUEST /* old OS */ || - status == STATUS_INVALID_PARAMETER /* not root directory */ ) { + status == STATUS_NOT_SUPPORTED /* Samba volume, WinXP */ || + status == STATUS_INVALID_PARAMETER /* not root directory */ ) + { /* Silently try standard recursive scan instead */ ret = -1; } else { @@ -2400,7 +2593,7 @@ load_files_from_mft(const wchar_t *path, struct ntfs_inode_map *inode_map) ret = 0; out: FREE(out); - (*func_NtClose)(h); + NtClose(h); return ret; } @@ -2524,14 +2717,13 @@ security_map_destroy(struct security_map *map) * ntfs_stream => wim_inode_stream * * This also handles things such as exclusions and issuing progress messages. - * It's similar to winnt_build_dentry_tree_recursive(), but this is much faster - * because almost all information we need is already loaded in memory in the - * ntfs_* structures. However, in some cases we still fall back to - * winnt_build_dentry_tree_recursive() and/or opening the file. + * It's similar to winnt_build_dentry_tree(), but this is much faster because + * almost all information we need is already loaded in memory in the ntfs_* + * structures. However, in some cases we still fall back to + * winnt_build_dentry_tree() and/or opening the file. */ static int generate_wim_structures_recursive(struct wim_dentry **root_ret, - wchar_t *path, size_t path_nchars, const wchar_t *filename, bool is_primary_name, struct ntfs_inode *ni, struct winnt_scan_ctx *ctx, @@ -2547,26 +2739,28 @@ generate_wim_structures_recursive(struct wim_dentry **root_ret, if (NTFS_IS_SPECIAL_FILE(ni->ino)) goto out; - /* Fall back to a recursive scan for unhandled cases. Reparse points, + /* Fall back to the standard scan for unhandled cases. Reparse points, * in particular, can't be properly handled here because a commonly used * filter driver (WOF) hides reparse points from regular filesystem APIs * but not from FSCTL_QUERY_FILE_LAYOUT. */ if (ni->attributes & (FILE_ATTRIBUTE_REPARSE_POINT | - FILE_ATTRIBUTE_ENCRYPTED)) + FILE_ATTRIBUTE_ENCRYPTED) || + ni->special_streams != 0) { - ret = winnt_build_dentry_tree_recursive(&root, - NULL, - path, - path_nchars, - path, - path_nchars, - filename, - ctx); - goto out; + ret = winnt_build_dentry_tree(&root, NULL, + ctx->params->cur_path, + ctx->params->cur_path_nchars, + filename, ctx, false); + if (ret) /* Error? */ + goto out; + if (!root) /* Excluded? */ + goto out_progress; + inode = root->d_inode; + goto process_children; } /* Test for exclusion based on path. */ - ret = try_exclude(path, ctx->params); + ret = try_exclude(ctx->params); if (unlikely(ret < 0)) /* Excluded? */ goto out_progress; if (unlikely(ret > 0)) /* Error? */ @@ -2620,18 +2814,19 @@ generate_wim_structures_recursive(struct wim_dentry **root_ret, /* Create a mapping for this security ID and insert it * into the security map. */ - status = winnt_open(path, path_nchars, + status = winnt_open(ctx->params->cur_path, + ctx->params->cur_path_nchars, READ_CONTROL | ACCESS_SYSTEM_SECURITY, &h); if (!NT_SUCCESS(status)) { winnt_error(status, L"Can't open \"%ls\" to " "read security descriptor", - printable_path(path)); + printable_path(ctx)); ret = WIMLIB_ERR_OPEN; goto out; } - ret = winnt_load_security_descriptor(h, inode, path, ctx); - (*func_NtClose)(h); + ret = winnt_load_security_descriptor(h, inode, ctx); + NtClose(h); if (ret) goto out; @@ -2655,16 +2850,16 @@ generate_wim_structures_recursive(struct wim_dentry **root_ret, !(ctx->vol_flags & FILE_SUPPORTS_OPEN_BY_FILE_ID) || !(ctx->params->add_flags & WIMLIB_ADD_FLAG_FILE_PATHS_UNNEEDED)) { - windows_file = alloc_windows_file(path, - path_nchars, + windows_file = alloc_windows_file(ctx->params->cur_path, + ctx->params->cur_path_nchars, ns->name, wcslen(ns->name), ctx->snapshot, false); } else { windows_file = alloc_windows_file_for_file_id(ni->ino, - path, - ctx->params->capture_root_nchars + 1, + ctx->params->cur_path, + ctx->params->root_path_nchars, ctx->snapshot); } @@ -2681,24 +2876,23 @@ generate_wim_structures_recursive(struct wim_dentry **root_ret, /* If processing a directory, then recurse to its children. In this * version there is no need to go to disk, as we already have the list * of children cached from the MFT. */ +process_children: if (inode_is_directory(inode)) { const struct ntfs_dentry *nd = ni->first_child; while (nd != NULL) { - const size_t name_len = wcslen(nd->name); - wchar_t *p = path + path_nchars; + size_t orig_path_nchars; struct wim_dentry *child; const struct ntfs_dentry *next = nd->next_child; - if (*(p - 1) != L'\\') - *p++ = L'\\'; - p = wmempcpy(p, nd->name, name_len); - *p = '\0'; + ret = WIMLIB_ERR_NOMEM; + if (!pathbuf_append_name(ctx->params, nd->name, + wcslen(nd->name), + &orig_path_nchars)) + goto out; ret = generate_wim_structures_recursive( &child, - path, - p - path, nd->name, nd->is_primary, (void *)nd - nd->offset_from_inode, @@ -2706,7 +2900,7 @@ generate_wim_structures_recursive(struct wim_dentry **root_ret, inode_map, security_map); - path[path_nchars] = L'\0'; + pathbuf_truncate(ctx->params, orig_path_nchars); if (ret) goto out; @@ -2717,11 +2911,10 @@ generate_wim_structures_recursive(struct wim_dentry **root_ret, } out_progress: - ctx->params->progress.scan.cur_path = path; if (likely(root)) - ret = do_capture_progress(ctx->params, WIMLIB_SCAN_DENTRY_OK, inode); + ret = do_scan_progress(ctx->params, WIMLIB_SCAN_DENTRY_OK, inode); else - ret = do_capture_progress(ctx->params, WIMLIB_SCAN_DENTRY_EXCLUDED, NULL); + ret = do_scan_progress(ctx->params, WIMLIB_SCAN_DENTRY_EXCLUDED, NULL); out: if (--ni->num_aliases == 0) { /* Memory usage optimization: when we don't need the ntfs_inode @@ -2737,12 +2930,14 @@ out: } static int -winnt_build_dentry_tree_fast(struct wim_dentry **root_ret, wchar_t *path, - size_t path_nchars, struct winnt_scan_ctx *ctx) +winnt_build_dentry_tree_fast(struct wim_dentry **root_ret, + struct winnt_scan_ctx *ctx) { struct ntfs_inode_map inode_map = { .root = NULL }; struct security_map security_map = { .root = NULL }; struct ntfs_inode *root = NULL; + wchar_t *path = ctx->params->cur_path; + size_t path_nchars = ctx->params->cur_path_nchars; bool adjust_path; int ret; @@ -2771,8 +2966,7 @@ winnt_build_dentry_tree_fast(struct wim_dentry **root_ret, wchar_t *path, root->num_aliases = 1; - ret = generate_wim_structures_recursive(root_ret, path, path_nchars, - L"", false, root, ctx, + ret = generate_wim_structures_recursive(root_ret, L"", false, root, ctx, &inode_map, &security_map); out: ntfs_inode_map_destroy(&inode_map); @@ -2786,28 +2980,17 @@ out: * Entry point for directory tree scans on Windows * *----------------------------------------------------------------------------*/ -#define WINDOWS_NT_MAX_PATH 32768 - int win32_build_dentry_tree(struct wim_dentry **root_ret, const wchar_t *root_disk_path, - struct capture_params *params) + struct scan_params *params) { - wchar_t *path = NULL; struct winnt_scan_ctx ctx = { .params = params }; UNICODE_STRING ntpath; - size_t ntpath_nchars; HANDLE h = NULL; NTSTATUS status; int ret; - /* WARNING: There is no check for overflow later when this buffer is - * being used! But it's as long as the maximum path length understood - * by Windows NT (which is NOT the same as MAX_PATH). */ - path = MALLOC((WINDOWS_NT_MAX_PATH + 1) * sizeof(wchar_t)); - if (!path) - return WIMLIB_ERR_NOMEM; - if (params->add_flags & WIMLIB_ADD_FLAG_SNAPSHOT) ret = vss_create_snapshot(root_disk_path, &ntpath, &ctx.snapshot); else @@ -2817,28 +3000,21 @@ win32_build_dentry_tree(struct wim_dentry **root_ret, goto out; if (ntpath.Length < 4 * sizeof(wchar_t) || - ntpath.Length > WINDOWS_NT_MAX_PATH * sizeof(wchar_t) || wmemcmp(ntpath.Buffer, L"\\??\\", 4)) { ERROR("\"%ls\": unrecognized path format", root_disk_path); ret = WIMLIB_ERR_INVALID_PARAM; } else { - ntpath_nchars = ntpath.Length / sizeof(wchar_t); - wmemcpy(path, ntpath.Buffer, ntpath_nchars); - path[ntpath_nchars] = L'\0'; - - params->capture_root_nchars = ntpath_nchars; - if (path[ntpath_nchars - 1] == L'\\') - params->capture_root_nchars--; - ret = 0; + ret = pathbuf_init(params, ntpath.Buffer); } HeapFree(GetProcessHeap(), 0, ntpath.Buffer); if (ret) goto out; - status = winnt_open(path, ntpath_nchars, FILE_READ_ATTRIBUTES, &h); + status = winnt_open(params->cur_path, params->cur_path_nchars, + FILE_READ_ATTRIBUTES, &h); if (!NT_SUCCESS(status)) { - winnt_error(status, L"Can't open \"%ls\"", printable_path(path)); + winnt_error(status, L"Can't open \"%ls\"", root_disk_path); if (status == STATUS_FVE_LOCKED_VOLUME) ret = WIMLIB_ERR_FVE_LOCKED_VOLUME; else @@ -2846,14 +3022,13 @@ win32_build_dentry_tree(struct wim_dentry **root_ret, goto out; } - get_volume_information(h, path, &ctx); + get_volume_information(h, &ctx); - (*func_NtClose)(h); + NtClose(h); #ifdef ENABLE_FAST_MFT_SCAN if (ctx.is_ntfs && !_wgetenv(L"WIMLIB_DISABLE_QUERY_FILE_LAYOUT")) { - ret = winnt_build_dentry_tree_fast(root_ret, path, - ntpath_nchars, &ctx); + ret = winnt_build_dentry_tree_fast(root_ret, &ctx); if (ret >= 0 && ret != WIMLIB_ERR_UNSUPPORTED) goto out; if (ret >= 0) { @@ -2863,16 +3038,13 @@ win32_build_dentry_tree(struct wim_dentry **root_ret, } } #endif - ret = winnt_build_dentry_tree_recursive(root_ret, NULL, - path, ntpath_nchars, - path, ntpath_nchars, - L"", &ctx); + ret = winnt_build_dentry_tree(root_ret, NULL, params->cur_path, + params->cur_path_nchars, L"", &ctx, true); out: vss_put_snapshot(ctx.snapshot); - FREE(path); if (ret == 0) winnt_do_scan_warnings(root_disk_path, &ctx); return ret; } -#endif /* __WIN32__ */ +#endif /* _WIN32 */