#include "ntfs.h"
#define NDEBUG
-#undef NDEBUG
#include <debug.h>
/* FUNCTIONS ****************************************************************/
{
LONGLONG DataRunOffset;
ULONGLONG DataRunLength;
+ ULONGLONG NextVBN = 0;
+ PUCHAR DataRun = (PUCHAR)&Context->Record + Context->Record.NonResident.MappingPairsOffset;
- Context->CacheRun = (PUCHAR)&Context->Record + Context->Record.NonResident.MappingPairsOffset;
+ Context->CacheRun = DataRun;
Context->CacheRunOffset = 0;
Context->CacheRun = DecodeRun(Context->CacheRun, &DataRunOffset, &DataRunLength);
Context->CacheRunLength = DataRunLength;
Context->CacheRunLastLCN = 0;
}
Context->CacheRunCurrentOffset = 0;
+
+ // Convert the data runs to a map control block
+ if (!NT_SUCCESS(ConvertDataRunsToLargeMCB(DataRun, &Context->DataRunsMCB, &NextVBN)))
+ {
+ DPRINT1("Unable to convert data runs to MCB!\n");
+ ExFreePoolWithTag(Context, TAG_NTFS);
+ return NULL;
+ }
}
return Context;
VOID
ReleaseAttributeContext(PNTFS_ATTR_CONTEXT Context)
{
+ if (Context->Record.IsNonResident)
+ {
+ FsRtlUninitializeLargeMcb(&Context->DataRunsMCB);
+ }
+
ExFreePoolWithTag(Context, TAG_NTFS);
}
DPRINT("Found context\n");
*AttrCtx = PrepareAttributeContext(Attribute);
+ (*AttrCtx)->FileMFTIndex = MftRecord->MFTRecordNumber;
+
if (Offset != NULL)
*Offset = Context.Offset;
}
-ULONG
+ULONGLONG
AttributeAllocatedLength(PNTFS_ATTR_RECORD AttrRecord)
{
if (AttrRecord->IsNonResident)
return AttrRecord->Resident.ValueLength;
}
+/**
+* @name IncreaseMftSize
+* @implemented
+*
+* Increases the size of the master file table on a volume, increasing the space available for file records.
+*
+* @param Vcb
+* Pointer to the VCB (DEVICE_EXTENSION) of the target volume.
+*
+*
+* @param CanWait
+* Boolean indicating if the function is allowed to wait for exclusive access to the master file table.
+* This will only be relevant if the MFT doesn't have any free file records and needs to be enlarged.
+*
+* @return
+* STATUS_SUCCESS on success.
+* STATUS_INSUFFICIENT_RESOURCES if an allocation fails.
+* STATUS_INVALID_PARAMETER if there was an error reading the Mft's bitmap.
+* STATUS_CANT_WAIT if CanWait was FALSE and the function could not get immediate, exclusive access to the MFT.
+*
+* @remarks
+* Increases the size of the Master File Table by 8 records. Bitmap entries for the new records are cleared,
+* and the bitmap is also enlarged if needed. Mimicking Windows' behavior when enlarging the mft is still TODO.
+* This function will wait for exlusive access to the volume fcb.
+*/
+NTSTATUS
+IncreaseMftSize(PDEVICE_EXTENSION Vcb, BOOLEAN CanWait)
+{
+ PNTFS_ATTR_CONTEXT BitmapContext;
+ LARGE_INTEGER BitmapSize;
+ LARGE_INTEGER DataSize;
+ LONGLONG BitmapSizeDifference;
+ ULONG DataSizeDifference = Vcb->NtfsInfo.BytesPerFileRecord * 8;
+ ULONG BitmapOffset;
+ PUCHAR BitmapBuffer;
+ ULONGLONG BitmapBytes;
+ ULONGLONG NewBitmapSize;
+ ULONG BytesRead;
+ ULONG LengthWritten;
+ NTSTATUS Status;
+
+ DPRINT1("IncreaseMftSize(%p, %s)\n", Vcb, CanWait ? "TRUE" : "FALSE");
+
+ // We need exclusive access to the mft while we change its size
+ if (!ExAcquireResourceExclusiveLite(&(Vcb->DirResource), CanWait))
+ {
+ return STATUS_CANT_WAIT;
+ }
+
+ // Find the bitmap attribute of master file table
+ Status = FindAttribute(Vcb, Vcb->MasterFileTable, AttributeBitmap, L"", 0, &BitmapContext, &BitmapOffset);
+ if (!NT_SUCCESS(Status))
+ {
+ DPRINT1("ERROR: Couldn't find $BITMAP attribute of Mft!\n");
+ ExReleaseResourceLite(&(Vcb->DirResource));
+ return Status;
+ }
+
+ // Get size of Bitmap Attribute
+ BitmapSize.QuadPart = AttributeDataLength(&BitmapContext->Record);
+
+ // Calculate the new mft size
+ DataSize.QuadPart = AttributeDataLength(&(Vcb->MFTContext->Record)) + DataSizeDifference;
+
+ // Determine how many bytes will make up the bitmap
+ BitmapBytes = DataSize.QuadPart / Vcb->NtfsInfo.BytesPerFileRecord / 8;
+
+ // Determine how much we need to adjust the bitmap size (it's possible we don't)
+ BitmapSizeDifference = BitmapBytes - BitmapSize.QuadPart;
+ NewBitmapSize = max(BitmapSize.QuadPart + BitmapSizeDifference, BitmapSize.QuadPart);
+
+ // Allocate memory for the bitmap
+ BitmapBuffer = ExAllocatePoolWithTag(NonPagedPool, NewBitmapSize, TAG_NTFS);
+ if (!BitmapBuffer)
+ {
+ DPRINT1("ERROR: Unable to allocate memory for bitmap attribute!\n");
+ ExReleaseResourceLite(&(Vcb->DirResource));
+ ReleaseAttributeContext(BitmapContext);
+ return STATUS_INSUFFICIENT_RESOURCES;
+ }
+
+ // Zero the bytes we'll be adding
+ RtlZeroMemory((PUCHAR)((ULONG_PTR)BitmapBuffer), NewBitmapSize);
+
+ // Read the bitmap attribute
+ BytesRead = ReadAttribute(Vcb,
+ BitmapContext,
+ 0,
+ (PCHAR)BitmapBuffer,
+ BitmapSize.LowPart);
+ if (BytesRead != BitmapSize.LowPart)
+ {
+ DPRINT1("ERROR: Bytes read != Bitmap size!\n");
+ ExReleaseResourceLite(&(Vcb->DirResource));
+ ExFreePoolWithTag(BitmapBuffer, TAG_NTFS);
+ ReleaseAttributeContext(BitmapContext);
+ return STATUS_INVALID_PARAMETER;
+ }
+
+ // Increase the mft size
+ Status = SetNonResidentAttributeDataLength(Vcb, Vcb->MFTContext, Vcb->MftDataOffset, Vcb->MasterFileTable, &DataSize);
+ if (!NT_SUCCESS(Status))
+ {
+ DPRINT1("ERROR: Failed to set size of $MFT data attribute!\n");
+ ExReleaseResourceLite(&(Vcb->DirResource));
+ ExFreePoolWithTag(BitmapBuffer, TAG_NTFS);
+ ReleaseAttributeContext(BitmapContext);
+ return Status;
+ }
+
+ // If the bitmap grew
+ if (BitmapSizeDifference > 0)
+ {
+ // Set the new bitmap size
+ BitmapSize.QuadPart += BitmapSizeDifference;
+ if (BitmapContext->Record.IsNonResident)
+ Status = SetNonResidentAttributeDataLength(Vcb, BitmapContext, BitmapOffset, Vcb->MasterFileTable, &BitmapSize);
+ else
+ Status = SetResidentAttributeDataLength(Vcb, BitmapContext, BitmapOffset, Vcb->MasterFileTable, &BitmapSize);
+
+ if (!NT_SUCCESS(Status))
+ {
+ DPRINT1("ERROR: Failed to set size of bitmap attribute!\n");
+ ExReleaseResourceLite(&(Vcb->DirResource));
+ ExFreePoolWithTag(BitmapBuffer, TAG_NTFS);
+ ReleaseAttributeContext(BitmapContext);
+ return Status;
+ }
+ }
+
+ //NtfsDumpFileAttributes(Vcb, FileRecord);
+
+ // Update the file record with the new attribute sizes
+ Status = UpdateFileRecord(Vcb, Vcb->VolumeFcb->MFTIndex, Vcb->MasterFileTable);
+ if (!NT_SUCCESS(Status))
+ {
+ DPRINT1("ERROR: Failed to update $MFT file record!\n");
+ ExReleaseResourceLite(&(Vcb->DirResource));
+ ExFreePoolWithTag(BitmapBuffer, TAG_NTFS);
+ ReleaseAttributeContext(BitmapContext);
+ return Status;
+ }
+
+ // Write out the new bitmap
+ Status = WriteAttribute(Vcb, BitmapContext, BitmapOffset, BitmapBuffer, BitmapSize.LowPart, &LengthWritten);
+ if (!NT_SUCCESS(Status))
+ {
+ ExReleaseResourceLite(&(Vcb->DirResource));
+ ExFreePoolWithTag(BitmapBuffer, TAG_NTFS);
+ ReleaseAttributeContext(BitmapContext);
+ DPRINT1("ERROR: Couldn't write to bitmap attribute of $MFT!\n");
+ }
+
+ // Cleanup
+ ExReleaseResourceLite(&(Vcb->DirResource));
+ ExFreePoolWithTag(BitmapBuffer, TAG_NTFS);
+ ReleaseAttributeContext(BitmapContext);
+
+ return STATUS_SUCCESS;
+}
+
+VOID
+InternalSetResidentAttributeLength(PNTFS_ATTR_CONTEXT AttrContext,
+ PFILE_RECORD_HEADER FileRecord,
+ ULONG AttrOffset,
+ ULONG DataSize)
+{
+ PNTFS_ATTR_RECORD Destination = (PNTFS_ATTR_RECORD)((ULONG_PTR)FileRecord + AttrOffset);
+ ULONG NextAttributeOffset;
+
+ DPRINT("InternalSetResidentAttributeLength( %p, %p, %lu, %lu )\n", AttrContext, FileRecord, AttrOffset, DataSize);
+
+ // update ValueLength Field
+ AttrContext->Record.Resident.ValueLength =
+ Destination->Resident.ValueLength = DataSize;
+
+ // calculate the record length and end marker offset
+ AttrContext->Record.Length =
+ Destination->Length = DataSize + AttrContext->Record.Resident.ValueOffset;
+ NextAttributeOffset = AttrOffset + AttrContext->Record.Length;
+
+ // Ensure NextAttributeOffset is aligned to an 8-byte boundary
+ if (NextAttributeOffset % 8 != 0)
+ {
+ USHORT Padding = 8 - (NextAttributeOffset % 8);
+ NextAttributeOffset += Padding;
+ AttrContext->Record.Length += Padding;
+ Destination->Length += Padding;
+ }
+
+ // advance Destination to the final "attribute" and set the file record end
+ Destination = (PNTFS_ATTR_RECORD)((ULONG_PTR)Destination + Destination->Length);
+ SetFileRecordEnd(FileRecord, Destination, FILE_RECORD_END);
+}
+/**
+* @parameter FileRecord
+* Pointer to a file record. Must be a full record at least
+* Fcb->Vcb->NtfsInfo.BytesPerFileRecord bytes large, not just the header.
+*/
NTSTATUS
SetAttributeDataLength(PFILE_OBJECT FileObject,
PNTFS_FCB Fcb,
PFILE_RECORD_HEADER FileRecord,
PLARGE_INTEGER DataSize)
{
- if (AttrContext->Record.IsNonResident)
+ NTSTATUS Status = STATUS_SUCCESS;
+
+ // are we truncating the file?
+ if (DataSize->QuadPart < AttributeDataLength(&AttrContext->Record))
{
- // do we need to increase the allocation size?
- if (AttrContext->Record.NonResident.AllocatedSize < DataSize->QuadPart)
- {
- DPRINT1("FixMe: Increasing allocation size is unimplemented!\n");
- return STATUS_NOT_IMPLEMENTED;
+ if (!MmCanFileBeTruncated(FileObject->SectionObjectPointer, DataSize))
+ {
+ DPRINT1("Can't truncate a memory-mapped file!\n");
+ return STATUS_USER_MAPPED_FILE;
}
+ }
- // TODO: is the file compressed, encrypted, or sparse?
+ if (AttrContext->Record.IsNonResident)
+ {
+ Status = SetNonResidentAttributeDataLength(Fcb->Vcb,
+ AttrContext,
+ AttrOffset,
+ FileRecord,
+ DataSize);
+ }
+ else
+ {
+ // resident attribute
+ Status = SetResidentAttributeDataLength(Fcb->Vcb,
+ AttrContext,
+ AttrOffset,
+ FileRecord,
+ DataSize);
+ }
- // NOTE: we need to have acquired the main resource exclusively, as well as(?) the PagingIoResource
+ if (!NT_SUCCESS(Status))
+ {
+ DPRINT1("ERROR: Failed to set size of attribute!\n");
+ return Status;
+ }
- // TODO: update the allocated size on-disk
- DPRINT("Allocated Size: %I64u\n", AttrContext->Record.NonResident.AllocatedSize);
+ //NtfsDumpFileAttributes(Fcb->Vcb, FileRecord);
- AttrContext->Record.NonResident.DataSize = DataSize->QuadPart;
- AttrContext->Record.NonResident.InitializedSize = DataSize->QuadPart;
+ // write the updated file record back to disk
+ Status = UpdateFileRecord(Fcb->Vcb, Fcb->MFTIndex, FileRecord);
+ if (NT_SUCCESS(Status))
+ {
+ if(AttrContext->Record.IsNonResident)
+ Fcb->RFCB.AllocationSize.QuadPart = AttrContext->Record.NonResident.AllocatedSize;
+ else
+ Fcb->RFCB.AllocationSize = *DataSize;
Fcb->RFCB.FileSize = *DataSize;
Fcb->RFCB.ValidDataLength = *DataSize;
+ CcSetFileSizes(FileObject, (PCC_FILE_SIZES)&Fcb->RFCB.AllocationSize);
+ }
- DPRINT("Data Size: %I64u\n", Fcb->RFCB.FileSize.QuadPart);
+ return STATUS_SUCCESS;
+}
- //NtfsDumpFileAttributes(Fcb->Vcb, FileRecord);
+/**
+* @name SetFileRecordEnd
+* @implemented
+*
+* This small function sets a new endpoint for the file record. It set's the final
+* AttrEnd->Type to AttributeEnd and recalculates the bytes used by the file record.
+*
+* @param FileRecord
+* Pointer to the file record whose endpoint (length) will be set.
+*
+* @param AttrEnd
+* Pointer to section of memory that will receive the AttributeEnd marker. This must point
+* to memory allocated for the FileRecord. Must be aligned to an 8-byte boundary (relative to FileRecord).
+*
+* @param EndMarker
+* This value will be written after AttributeEnd but isn't critical at all. When Windows resizes
+* a file record, it preserves the final ULONG that previously ended the record, even though this
+* value is (to my knowledge) never used. We emulate this behavior.
+*
+*/
+VOID
+SetFileRecordEnd(PFILE_RECORD_HEADER FileRecord,
+ PNTFS_ATTR_RECORD AttrEnd,
+ ULONG EndMarker)
+{
+ // mark the end of attributes
+ AttrEnd->Type = AttributeEnd;
- // copy the attribute back into the FileRecord
- RtlCopyMemory((PCHAR)FileRecord + AttrOffset, &AttrContext->Record, AttrContext->Record.Length);
+ // Restore the "file-record-end marker." The value is never checked but this behavior is consistent with Win2k3.
+ AttrEnd->Length = EndMarker;
- //NtfsDumpFileAttributes(Fcb->Vcb, FileRecord);
+ // recalculate bytes in use
+ FileRecord->BytesInUse = (ULONG_PTR)AttrEnd - (ULONG_PTR)FileRecord + sizeof(ULONG) * 2;
+}
- // write the updated file record back to disk
- UpdateFileRecord(Fcb->Vcb, Fcb->MFTIndex, FileRecord);
+/**
+* @name SetNonResidentAttributeDataLength
+* @implemented
+*
+* Called by SetAttributeDataLength() to set the size of a non-resident attribute. Doesn't update the file record.
+*
+* @param Vcb
+* Pointer to a DEVICE_EXTENSION describing the target disk.
+*
+* @param AttrContext
+* PNTFS_ATTR_CONTEXT describing the location of the attribute whose size is being set.
+*
+* @param AttrOffset
+* Offset, from the beginning of the record, of the attribute being sized.
+*
+* @param FileRecord
+* Pointer to a file record containing the attribute to be resized. Must be a complete file record,
+* not just the header.
+*
+* @param DataSize
+* Pointer to a LARGE_INTEGER describing the new size of the attribute's data.
+*
+* @return
+* STATUS_SUCCESS on success;
+* STATUS_INSUFFICIENT_RESOURCES if an allocation fails.
+* STATUS_INVALID_PARAMETER if we can't find the last cluster in the data run.
+*
+* @remarks
+* Called by SetAttributeDataLength() and IncreaseMftSize(). Use SetAttributeDataLength() unless you have a good
+* reason to use this. Doesn't update the file record on disk. Doesn't inform the cache controller of changes with
+* any associated files. Synchronization is the callers responsibility.
+*/
+NTSTATUS
+SetNonResidentAttributeDataLength(PDEVICE_EXTENSION Vcb,
+ PNTFS_ATTR_CONTEXT AttrContext,
+ ULONG AttrOffset,
+ PFILE_RECORD_HEADER FileRecord,
+ PLARGE_INTEGER DataSize)
+{
+ NTSTATUS Status = STATUS_SUCCESS;
+ ULONG BytesPerCluster = Vcb->NtfsInfo.BytesPerCluster;
+ ULONGLONG AllocationSize = ROUND_UP(DataSize->QuadPart, BytesPerCluster);
+ PNTFS_ATTR_RECORD DestinationAttribute = (PNTFS_ATTR_RECORD)((ULONG_PTR)FileRecord + AttrOffset);
+ ULONG ExistingClusters = AttrContext->Record.NonResident.AllocatedSize / BytesPerCluster;
- CcSetFileSizes(FileObject, (PCC_FILE_SIZES)&Fcb->RFCB.AllocationSize);
+ if (!AttrContext->Record.IsNonResident)
+ {
+ DPRINT1("ERROR: SetNonResidentAttributeDataLength() called for resident attribute!\n");
+ return STATUS_INVALID_PARAMETER;
}
- else
+
+ // do we need to increase the allocation size?
+ if (AttrContext->Record.NonResident.AllocatedSize < AllocationSize)
+ {
+ ULONG ClustersNeeded = (AllocationSize / BytesPerCluster) - ExistingClusters;
+ LARGE_INTEGER LastClusterInDataRun;
+ ULONG NextAssignedCluster;
+ ULONG AssignedClusters;
+
+ if (ExistingClusters == 0)
+ {
+ LastClusterInDataRun.QuadPart = 0;
+ }
+ else
+ {
+ if (!FsRtlLookupLargeMcbEntry(&AttrContext->DataRunsMCB,
+ (LONGLONG)AttrContext->Record.NonResident.HighestVCN,
+ (PLONGLONG)&LastClusterInDataRun.QuadPart,
+ NULL,
+ NULL,
+ NULL,
+ NULL))
+ {
+ DPRINT1("Error looking up final large MCB entry!\n");
+
+ // Most likely, HighestVCN went above the largest mapping
+ DPRINT1("Highest VCN of record: %I64u\n", AttrContext->Record.NonResident.HighestVCN);
+ return STATUS_INVALID_PARAMETER;
+ }
+ }
+
+ DPRINT("LastClusterInDataRun: %I64u\n", LastClusterInDataRun.QuadPart);
+ DPRINT("Highest VCN of record: %I64u\n", AttrContext->Record.NonResident.HighestVCN);
+
+ while (ClustersNeeded > 0)
+ {
+ Status = NtfsAllocateClusters(Vcb,
+ LastClusterInDataRun.LowPart + 1,
+ ClustersNeeded,
+ &NextAssignedCluster,
+ &AssignedClusters);
+
+ if (!NT_SUCCESS(Status))
+ {
+ DPRINT1("Error: Unable to allocate requested clusters!\n");
+ return Status;
+ }
+
+ // now we need to add the clusters we allocated to the data run
+ Status = AddRun(Vcb, AttrContext, AttrOffset, FileRecord, NextAssignedCluster, AssignedClusters);
+ if (!NT_SUCCESS(Status))
+ {
+ DPRINT1("Error: Unable to add data run!\n");
+ return Status;
+ }
+
+ ClustersNeeded -= AssignedClusters;
+ LastClusterInDataRun.LowPart = NextAssignedCluster + AssignedClusters - 1;
+ }
+ }
+ else if (AttrContext->Record.NonResident.AllocatedSize > AllocationSize)
{
- // we can't yet handle resident attributes
- DPRINT1("FixMe: Can't handle increasing length of resident attribute\n");
- return STATUS_NOT_IMPLEMENTED;
+ // shrink allocation size
+ ULONG ClustersToFree = ExistingClusters - (AllocationSize / BytesPerCluster);
+ Status = FreeClusters(Vcb, AttrContext, AttrOffset, FileRecord, ClustersToFree);
}
+ // TODO: is the file compressed, encrypted, or sparse?
+
+ AttrContext->Record.NonResident.AllocatedSize = AllocationSize;
+ AttrContext->Record.NonResident.DataSize = DataSize->QuadPart;
+ AttrContext->Record.NonResident.InitializedSize = DataSize->QuadPart;
+
+ DestinationAttribute->NonResident.AllocatedSize = AllocationSize;
+ DestinationAttribute->NonResident.DataSize = DataSize->QuadPart;
+ DestinationAttribute->NonResident.InitializedSize = DataSize->QuadPart;
+
+ DPRINT("Allocated Size: %I64u\n", DestinationAttribute->NonResident.AllocatedSize);
+
+ return Status;
+}
+
+/**
+* @name SetResidentAttributeDataLength
+* @implemented
+*
+* Called by SetAttributeDataLength() to set the size of a non-resident attribute. Doesn't update the file record.
+*
+* @param Vcb
+* Pointer to a DEVICE_EXTENSION describing the target disk.
+*
+* @param AttrContext
+* PNTFS_ATTR_CONTEXT describing the location of the attribute whose size is being set.
+*
+* @param AttrOffset
+* Offset, from the beginning of the record, of the attribute being sized.
+*
+* @param FileRecord
+* Pointer to a file record containing the attribute to be resized. Must be a complete file record,
+* not just the header.
+*
+* @param DataSize
+* Pointer to a LARGE_INTEGER describing the new size of the attribute's data.
+*
+* @return
+* STATUS_SUCCESS on success;
+* STATUS_INSUFFICIENT_RESOURCES if an allocation fails.
+* STATUS_INVALID_PARAMETER if AttrContext describes a non-resident attribute.
+* STATUS_NOT_IMPLEMENTED if requested to decrease the size of an attribute that isn't the
+* last attribute listed in the file record.
+*
+* @remarks
+* Called by SetAttributeDataLength() and IncreaseMftSize(). Use SetAttributeDataLength() unless you have a good
+* reason to use this. Doesn't update the file record on disk. Doesn't inform the cache controller of changes with
+* any associated files. Synchronization is the callers responsibility.
+*/
+NTSTATUS
+SetResidentAttributeDataLength(PDEVICE_EXTENSION Vcb,
+ PNTFS_ATTR_CONTEXT AttrContext,
+ ULONG AttrOffset,
+ PFILE_RECORD_HEADER FileRecord,
+ PLARGE_INTEGER DataSize)
+{
+ NTSTATUS Status;
+
+ // find the next attribute
+ ULONG NextAttributeOffset = AttrOffset + AttrContext->Record.Length;
+ PNTFS_ATTR_RECORD NextAttribute = (PNTFS_ATTR_RECORD)((PCHAR)FileRecord + NextAttributeOffset);
+
+ if (AttrContext->Record.IsNonResident)
+ {
+ DPRINT1("ERROR: SetResidentAttributeDataLength() called for non-resident attribute!\n");
+ return STATUS_INVALID_PARAMETER;
+ }
+
+ //NtfsDumpFileAttributes(Vcb, FileRecord);
+
+ // Do we need to increase the data length?
+ if (DataSize->QuadPart > AttrContext->Record.Resident.ValueLength)
+ {
+ // There's usually padding at the end of a record. Do we need to extend past it?
+ ULONG MaxValueLength = AttrContext->Record.Length - AttrContext->Record.Resident.ValueOffset;
+ if (MaxValueLength < DataSize->LowPart)
+ {
+ // If this is the last attribute, we could move the end marker to the very end of the file record
+ MaxValueLength += Vcb->NtfsInfo.BytesPerFileRecord - NextAttributeOffset - (sizeof(ULONG) * 2);
+
+ if (MaxValueLength < DataSize->LowPart || NextAttribute->Type != AttributeEnd)
+ {
+ // convert attribute to non-resident
+ PNTFS_ATTR_RECORD Destination = (PNTFS_ATTR_RECORD)((ULONG_PTR)FileRecord + AttrOffset);
+ LARGE_INTEGER AttribDataSize;
+ PVOID AttribData;
+ ULONG EndAttributeOffset;
+ ULONG LengthWritten;
+
+ DPRINT1("Converting attribute to non-resident.\n");
+
+ AttribDataSize.QuadPart = AttrContext->Record.Resident.ValueLength;
+
+ // Is there existing data we need to back-up?
+ if (AttribDataSize.QuadPart > 0)
+ {
+ AttribData = ExAllocatePoolWithTag(NonPagedPool, AttribDataSize.QuadPart, TAG_NTFS);
+ if (AttribData == NULL)
+ {
+ DPRINT1("ERROR: Couldn't allocate memory for attribute data. Can't migrate to non-resident!\n");
+ return STATUS_INSUFFICIENT_RESOURCES;
+ }
+
+ // read data to temp buffer
+ Status = ReadAttribute(Vcb, AttrContext, 0, AttribData, AttribDataSize.QuadPart);
+ if (!NT_SUCCESS(Status))
+ {
+ DPRINT1("ERROR: Unable to read attribute before migrating!\n");
+ ExFreePoolWithTag(AttribData, TAG_NTFS);
+ return Status;
+ }
+ }
+
+ // Start by turning this attribute into a 0-length, non-resident attribute, then enlarge it.
+
+ // Zero out the NonResident structure
+ RtlZeroMemory(&AttrContext->Record.NonResident.LowestVCN,
+ FIELD_OFFSET(NTFS_ATTR_RECORD, NonResident.CompressedSize) - FIELD_OFFSET(NTFS_ATTR_RECORD, NonResident.LowestVCN));
+ RtlZeroMemory(&Destination->NonResident.LowestVCN,
+ FIELD_OFFSET(NTFS_ATTR_RECORD, NonResident.CompressedSize) - FIELD_OFFSET(NTFS_ATTR_RECORD, NonResident.LowestVCN));
+
+ // update the mapping pairs offset, which will be 0x40 + length in bytes of the name
+ AttrContext->Record.NonResident.MappingPairsOffset = Destination->NonResident.MappingPairsOffset = 0x40 + (Destination->NameLength * 2);
+
+ // mark the attribute as non-resident
+ AttrContext->Record.IsNonResident = Destination->IsNonResident = 1;
+
+ // update the end of the file record
+ // calculate position of end markers (1 byte for empty data run)
+ EndAttributeOffset = AttrOffset + AttrContext->Record.NonResident.MappingPairsOffset + 1;
+ EndAttributeOffset = ALIGN_UP_BY(EndAttributeOffset, 8);
+
+ // Update the length
+ Destination->Length = EndAttributeOffset - AttrOffset;
+ AttrContext->Record.Length = Destination->Length;
+
+ // Update the file record end
+ SetFileRecordEnd(FileRecord,
+ (PNTFS_ATTR_RECORD)((ULONG_PTR)FileRecord + EndAttributeOffset),
+ FILE_RECORD_END);
+
+ // update file record on disk
+ Status = UpdateFileRecord(Vcb, AttrContext->FileMFTIndex, FileRecord);
+ if (!NT_SUCCESS(Status))
+ {
+ DPRINT1("ERROR: Couldn't update file record to continue migration!\n");
+ if (AttribDataSize.QuadPart > 0)
+ ExFreePoolWithTag(AttribData, TAG_NTFS);
+ return Status;
+ }
+
+ // Initialize the MCB, potentially catch an exception
+ _SEH2_TRY{
+ FsRtlInitializeLargeMcb(&AttrContext->DataRunsMCB, NonPagedPool);
+ } _SEH2_EXCEPT(EXCEPTION_EXECUTE_HANDLER) {
+ _SEH2_YIELD(return _SEH2_GetExceptionCode());
+ } _SEH2_END;
+
+ // Now we can treat the attribute as non-resident and enlarge it normally
+ Status = SetNonResidentAttributeDataLength(Vcb, AttrContext, AttrOffset, FileRecord, DataSize);
+ if (!NT_SUCCESS(Status))
+ {
+ DPRINT1("ERROR: Unable to migrate resident attribute!\n");
+ if (AttribDataSize.QuadPart > 0)
+ ExFreePoolWithTag(AttribData, TAG_NTFS);
+ return Status;
+ }
+
+ // restore the back-up attribute, if we made one
+ if (AttribDataSize.QuadPart > 0)
+ {
+ Status = WriteAttribute(Vcb, AttrContext, 0, AttribData, AttribDataSize.QuadPart, &LengthWritten);
+ if (!NT_SUCCESS(Status))
+ {
+ DPRINT1("ERROR: Unable to write attribute data to non-resident clusters during migration!\n");
+ // TODO: Reverse migration so no data is lost
+ ExFreePoolWithTag(AttribData, TAG_NTFS);
+ return Status;
+ }
+
+ ExFreePoolWithTag(AttribData, TAG_NTFS);
+ }
+ }
+ }
+ }
+ else if (DataSize->LowPart < AttrContext->Record.Resident.ValueLength)
+ {
+ // we need to decrease the length
+ if (NextAttribute->Type != AttributeEnd)
+ {
+ DPRINT1("FIXME: Don't know how to decrease length of resident attribute unless it's the final attribute!\n");
+ return STATUS_NOT_IMPLEMENTED;
+ }
+ }
+
+ // set the new length of the resident attribute (if we didn't migrate it)
+ if (!AttrContext->Record.IsNonResident)
+ InternalSetResidentAttributeLength(AttrContext, FileRecord, AttrOffset, DataSize->LowPart);
+
return STATUS_SUCCESS;
}
ULONG ReadLength;
ULONG AlreadyRead;
NTSTATUS Status;
+
+ //TEMPTEMP
+ PUCHAR TempBuffer;
if (!Context->Record.IsNonResident)
{
}
else
{
+ //TEMPTEMP
+ ULONG UsedBufferSize;
+ TempBuffer = ExAllocatePoolWithTag(NonPagedPool, Vcb->NtfsInfo.BytesPerFileRecord, TAG_NTFS);
+
LastLCN = 0;
- DataRun = (PUCHAR)&Context->Record + Context->Record.NonResident.MappingPairsOffset;
CurrentOffset = 0;
+ // This will be rewritten in the next iteration to just use the DataRuns MCB directly
+ ConvertLargeMCBToDataRuns(&Context->DataRunsMCB,
+ TempBuffer,
+ Vcb->NtfsInfo.BytesPerFileRecord,
+ &UsedBufferSize);
+
+ DataRun = TempBuffer;
+
while (1)
{
DataRun = DecodeRun(DataRun, &DataRunOffset, &DataRunLength);
} /* if Disk */
+ // TEMPTEMP
+ if (Context->Record.IsNonResident)
+ ExFreePoolWithTag(TempBuffer, TAG_NTFS);
+
Context->CacheRun = DataRun;
Context->CacheRunOffset = Offset + AlreadyRead;
Context->CacheRunStartLCN = DataRunStartLCN;
NTSTATUS Status;
PUCHAR SourceBuffer = Buffer;
LONGLONG StartingOffset;
+
+ //TEMPTEMP
+ PUCHAR TempBuffer;
+
+
+ DPRINT("WriteAttribute(%p, %p, %I64u, %p, %lu, %p)\n", Vcb, Context, Offset, Buffer, Length, RealLengthWritten);
- DPRINT("WriteAttribute(%p, %p, %I64U, %p, %lu)\n", Vcb, Context, Offset, Buffer, Length);
+ *RealLengthWritten = 0;
// is this a resident attribute?
if (!Context->Record.IsNonResident)
{
- DPRINT1("FIXME: Writing to resident NTFS records (small files) is not supported at this time.\n");
- // (TODO: This should be really easy to implement)
+ ULONG AttributeOffset;
+ PNTFS_ATTR_CONTEXT FoundContext;
+ PFILE_RECORD_HEADER FileRecord;
- /* LeftOver code from ReadAttribute(), may be helpful:
- if (Offset > Context->Record.Resident.ValueLength)
- return 0;
if (Offset + Length > Context->Record.Resident.ValueLength)
- Length = (ULONG)(Context->Record.Resident.ValueLength - Offset);
- RtlCopyMemory(Buffer, (PCHAR)&Context->Record + Context->Record.Resident.ValueOffset + Offset, Length);
- return Length;*/
+ {
+ DPRINT1("DRIVER ERROR: Attribute is too small!\n");
+ return STATUS_INVALID_PARAMETER;
+ }
+
+ FileRecord = ExAllocatePoolWithTag(NonPagedPool, Vcb->NtfsInfo.BytesPerFileRecord, TAG_NTFS);
+
+ if (!FileRecord)
+ {
+ DPRINT1("Error: Couldn't allocate file record!\n");
+ return STATUS_NO_MEMORY;
+ }
+
+ // read the file record
+ ReadFileRecord(Vcb, Context->FileMFTIndex, FileRecord);
+
+ // find where to write the attribute data to
+ Status = FindAttribute(Vcb, FileRecord,
+ Context->Record.Type,
+ (PCWSTR)((PCHAR)&Context->Record + Context->Record.NameOffset),
+ Context->Record.NameLength,
+ &FoundContext,
+ &AttributeOffset);
- return STATUS_NOT_IMPLEMENTED; // until we implement it
+ if (!NT_SUCCESS(Status))
+ {
+ DPRINT1("ERROR: Couldn't find matching attribute!\n");
+ ExFreePoolWithTag(FileRecord, TAG_NTFS);
+ return Status;
+ }
+
+ DPRINT("Offset: %I64u, AttributeOffset: %u, ValueOffset: %u\n", Offset, AttributeOffset, Context->Record.Resident.ValueLength);
+ Offset += AttributeOffset + Context->Record.Resident.ValueOffset;
+
+ if (Offset + Length > Vcb->NtfsInfo.BytesPerFileRecord)
+ {
+ DPRINT1("DRIVER ERROR: Data being written extends past end of file record!\n");
+ ReleaseAttributeContext(FoundContext);
+ ExFreePoolWithTag(FileRecord, TAG_NTFS);
+ return STATUS_INVALID_PARAMETER;
+ }
+
+ // copy the data being written into the file record
+ RtlCopyMemory((PCHAR)FileRecord + Offset, Buffer, Length);
+
+ Status = UpdateFileRecord(Vcb, Context->FileMFTIndex, FileRecord);
+
+ ReleaseAttributeContext(FoundContext);
+ ExFreePoolWithTag(FileRecord, TAG_NTFS);
+
+ if (NT_SUCCESS(Status))
+ *RealLengthWritten = Length;
+
+ return Status;
}
// This is a non-resident attribute.
// I. Find the corresponding start data run.
- *RealLengthWritten = 0;
-
// FIXME: Cache seems to be non-working. Disable it for now
//if(Context->CacheRunOffset <= Offset && Offset < Context->CacheRunOffset + Context->CacheRunLength * Volume->ClusterSize)
/*if (0)
}
else*/
{
+ ULONG UsedBufferSize;
LastLCN = 0;
- DataRun = (PUCHAR)&Context->Record + Context->Record.NonResident.MappingPairsOffset;
- CurrentOffset = 0;
+ CurrentOffset = 0;
+
+ // This will be rewritten in the next iteration to just use the DataRuns MCB directly
+ TempBuffer = ExAllocatePoolWithTag(NonPagedPool, Vcb->NtfsInfo.BytesPerFileRecord, TAG_NTFS);
+
+ ConvertLargeMCBToDataRuns(&Context->DataRunsMCB,
+ TempBuffer,
+ Vcb->NtfsInfo.BytesPerFileRecord,
+ &UsedBufferSize);
+
+ DataRun = TempBuffer;
while (1)
{
{
// We reached the last assigned cluster
// TODO: assign new clusters to the end of the file.
- // (Presently, this code will never be reached, the write should have already failed by now)
+ // (Presently, this code will rarely be reached, the write will usually have already failed by now)
+ // [We can reach here by creating a new file record when the MFT isn't large enough]
+ DPRINT1("FIXME: Master File Table needs to be enlarged.\n");
return STATUS_END_OF_FILE;
}
}
} // end while (Length > 0) [more data to write]
+ // TEMPTEMP
+ if(Context->Record.IsNonResident)
+ ExFreePoolWithTag(TempBuffer, TAG_NTFS);
+
Context->CacheRun = DataRun;
Context->CacheRunOffset = Offset + *RealLengthWritten;
Context->CacheRunStartLCN = DataRunStartLCN;
}
/* Apply update sequence array fixups. */
+ DPRINT("Sequence number: %u\n", file->SequenceNumber);
return FixupUpdateSequenceArray(Vcb, &file->Ntfs);
}
PUNICODE_STRING FileName,
BOOLEAN DirSearch,
ULONGLONG NewDataSize,
- ULONGLONG NewAllocationSize)
+ ULONGLONG NewAllocationSize,
+ BOOLEAN CaseSensitive)
{
PFILE_RECORD_HEADER MftRecord;
PNTFS_ATTR_CONTEXT IndexRootCtx;
NTSTATUS Status;
ULONG CurrentEntry = 0;
- DPRINT("UpdateFileNameRecord(%p, %I64d, %wZ, %u, %I64u, %I64u)\n", Vcb, ParentMFTIndex, FileName, DirSearch, NewDataSize, NewAllocationSize);
+ DPRINT("UpdateFileNameRecord(%p, %I64d, %wZ, %u, %I64u, %I64u, %s)\n",
+ Vcb,
+ ParentMFTIndex,
+ FileName,
+ DirSearch,
+ NewDataSize,
+ NewAllocationSize,
+ CaseSensitive ? "TRUE" : "FALSE");
MftRecord = ExAllocatePoolWithTag(NonPagedPool,
Vcb->NtfsInfo.BytesPerFileRecord,
&CurrentEntry,
DirSearch,
NewDataSize,
- NewAllocationSize);
+ NewAllocationSize,
+ CaseSensitive);
ReleaseAttributeContext(IndexRootCtx);
ExFreePoolWithTag(IndexRecord, TAG_NTFS);
PULONG CurrentEntry,
BOOLEAN DirSearch,
ULONGLONG NewDataSize,
- ULONGLONG NewAllocatedSize)
+ ULONGLONG NewAllocatedSize,
+ BOOLEAN CaseSensitive)
{
NTSTATUS Status;
ULONG RecordOffset;
if ((IndexEntry->Data.Directory.IndexedFile & NTFS_MFT_MASK) > 0x10 &&
*CurrentEntry >= *StartEntry &&
IndexEntry->FileName.NameType != NTFS_FILE_NAME_DOS &&
- CompareFileName(FileName, IndexEntry, DirSearch))
+ CompareFileName(FileName, IndexEntry, DirSearch, CaseSensitive))
{
*StartEntry = *CurrentEntry;
IndexEntry->FileName.DataSize = NewDataSize;
LastEntry = (PINDEX_ENTRY_ATTRIBUTE)((ULONG_PTR)&IndexBuffer->Header + IndexBuffer->Header.TotalSizeOfEntries);
ASSERT(LastEntry <= (PINDEX_ENTRY_ATTRIBUTE)((ULONG_PTR)IndexBuffer + IndexBlockSize));
- Status = UpdateIndexEntryFileNameSize(NULL, NULL, NULL, 0, FirstEntry, LastEntry, FileName, StartEntry, CurrentEntry, DirSearch, NewDataSize, NewAllocatedSize);
+ Status = UpdateIndexEntryFileNameSize(NULL,
+ NULL,
+ NULL,
+ 0,
+ FirstEntry,
+ LastEntry,
+ FileName,
+ StartEntry,
+ CurrentEntry,
+ DirSearch,
+ NewDataSize,
+ NewAllocatedSize,
+ CaseSensitive);
if (Status == STATUS_PENDING)
{
// write the index record back to disk
}
/**
-* UpdateFileRecord
+* @name UpdateFileRecord
* @implemented
+*
* Writes a file record to the master file table, at a given index.
+*
+* @param Vcb
+* Pointer to the DEVICE_EXTENSION of the target drive being written to.
+*
+* @param MftIndex
+* Target index in the master file table to store the file record.
+*
+* @param FileRecord
+* Pointer to the complete file record which will be written to the master file table.
+*
+* @return
+* STATUS_SUCCESSFUL on success. An error passed from WriteAttribute() otherwise.
+*
*/
NTSTATUS
UpdateFileRecord(PDEVICE_EXTENSION Vcb,
- ULONGLONG index,
- PFILE_RECORD_HEADER file)
+ ULONGLONG MftIndex,
+ PFILE_RECORD_HEADER FileRecord)
{
ULONG BytesWritten;
NTSTATUS Status = STATUS_SUCCESS;
- DPRINT("UpdateFileRecord(%p, %I64x, %p)\n", Vcb, index, file);
+ DPRINT("UpdateFileRecord(%p, 0x%I64x, %p)\n", Vcb, MftIndex, FileRecord);
// Add the fixup array to prepare the data for writing to disk
- AddFixupArray(Vcb, &file->Ntfs);
+ AddFixupArray(Vcb, &FileRecord->Ntfs);
// write the file record to the master file table
- Status = WriteAttribute(Vcb, Vcb->MFTContext, index * Vcb->NtfsInfo.BytesPerFileRecord, (const PUCHAR)file, Vcb->NtfsInfo.BytesPerFileRecord, &BytesWritten);
-
- // TODO: Update MFT mirror
+ Status = WriteAttribute(Vcb, Vcb->MFTContext, MftIndex * Vcb->NtfsInfo.BytesPerFileRecord, (const PUCHAR)FileRecord, Vcb->NtfsInfo.BytesPerFileRecord, &BytesWritten);
if (!NT_SUCCESS(Status))
{
- DPRINT1("UpdateFileRecord failed: %I64u written, %u expected\n", BytesWritten, Vcb->NtfsInfo.BytesPerFileRecord);
+ DPRINT1("UpdateFileRecord failed: %lu written, %lu expected\n", BytesWritten, Vcb->NtfsInfo.BytesPerFileRecord);
}
+ // remove the fixup array (so the file record pointer can still be used)
+ FixupUpdateSequenceArray(Vcb, &FileRecord->Ntfs);
+
return Status;
}
return STATUS_SUCCESS;
}
+/**
+* @name AddNewMftEntry
+* @implemented
+*
+* Adds a file record to the master file table of a given device.
+*
+* @param FileRecord
+* Pointer to a complete file record which will be saved to disk.
+*
+* @param DeviceExt
+* Pointer to the DEVICE_EXTENSION of the target drive.
+*
+* @param DestinationIndex
+* Pointer to a ULONGLONG which will receive the MFT index where the file record was stored.
+*
+* @param CanWait
+* Boolean indicating if the function is allowed to wait for exclusive access to the master file table.
+* This will only be relevant if the MFT doesn't have any free file records and needs to be enlarged.
+*
+* @return
+* STATUS_SUCCESS on success.
+* STATUS_OBJECT_NAME_NOT_FOUND if we can't find the MFT's $Bitmap or if we weren't able
+* to read the attribute.
+* STATUS_INSUFFICIENT_RESOURCES if we can't allocate enough memory for a copy of $Bitmap.
+* STATUS_CANT_WAIT if CanWait was FALSE and the function could not get immediate, exclusive access to the MFT.
+*/
+NTSTATUS
+AddNewMftEntry(PFILE_RECORD_HEADER FileRecord,
+ PDEVICE_EXTENSION DeviceExt,
+ PULONGLONG DestinationIndex,
+ BOOLEAN CanWait)
+{
+ NTSTATUS Status = STATUS_SUCCESS;
+ ULONGLONG MftIndex;
+ RTL_BITMAP Bitmap;
+ ULONGLONG BitmapDataSize;
+ ULONGLONG AttrBytesRead;
+ PVOID BitmapData;
+ ULONG LengthWritten;
+ PNTFS_ATTR_CONTEXT BitmapContext;
+ LARGE_INTEGER BitmapBits;
+ UCHAR SystemReservedBits;
+
+ DPRINT1("AddNewMftEntry(%p, %p, %p, %s)\n", FileRecord, DeviceExt, DestinationIndex, CanWait ? "TRUE" : "FALSE");
+
+ // First, we have to read the mft's $Bitmap attribute
+ Status = FindAttribute(DeviceExt, DeviceExt->MasterFileTable, AttributeBitmap, L"", 0, &BitmapContext, NULL);
+ if (!NT_SUCCESS(Status))
+ {
+ DPRINT1("ERROR: Couldn't find $Bitmap attribute of master file table!\n");
+ return Status;
+ }
+
+ // allocate a buffer for the $Bitmap attribute
+ BitmapDataSize = AttributeDataLength(&BitmapContext->Record);
+ BitmapData = ExAllocatePoolWithTag(NonPagedPool, BitmapDataSize, TAG_NTFS);
+ if (!BitmapData)
+ {
+ ReleaseAttributeContext(BitmapContext);
+ return STATUS_INSUFFICIENT_RESOURCES;
+ }
+
+ // read $Bitmap attribute
+ AttrBytesRead = ReadAttribute(DeviceExt, BitmapContext, 0, BitmapData, BitmapDataSize);
+
+ if (AttrBytesRead == 0)
+ {
+ DPRINT1("ERROR: Unable to read $Bitmap attribute of master file table!\n");
+ ExFreePoolWithTag(BitmapData, TAG_NTFS);
+ ReleaseAttributeContext(BitmapContext);
+ return STATUS_OBJECT_NAME_NOT_FOUND;
+ }
+
+ // we need to backup the bits for records 0x10 - 0x17 and leave them unassigned if they aren't assigned
+ RtlCopyMemory(&SystemReservedBits, (PVOID)((ULONG_PTR)BitmapData + 2), 1);
+ RtlFillMemory((PVOID)((ULONG_PTR)BitmapData + 2), 1, (UCHAR)0xFF);
+
+ // Calculate bit count
+ BitmapBits.QuadPart = AttributeDataLength(&(DeviceExt->MFTContext->Record)) /
+ DeviceExt->NtfsInfo.BytesPerFileRecord;
+ if (BitmapBits.HighPart != 0)
+ {
+ DPRINT1("\tFIXME: bitmap sizes beyond 32bits are not yet supported!\n");
+ BitmapBits.LowPart = 0xFFFFFFFF;
+ }
+
+ // convert buffer into bitmap
+ RtlInitializeBitMap(&Bitmap, (PULONG)BitmapData, BitmapBits.LowPart);
+
+ // set next available bit, preferrably after 23rd bit
+ MftIndex = RtlFindClearBitsAndSet(&Bitmap, 1, 24);
+ if ((LONG)MftIndex == -1)
+ {
+ DPRINT1("Couldn't find free space in MFT for file record, increasing MFT size.\n");
+
+ ExFreePoolWithTag(BitmapData, TAG_NTFS);
+ ReleaseAttributeContext(BitmapContext);
+
+ // Couldn't find a free record in the MFT, add some blank records and try again
+ Status = IncreaseMftSize(DeviceExt, CanWait);
+ if (!NT_SUCCESS(Status))
+ {
+ DPRINT1("ERROR: Couldn't find space in MFT for file or increase MFT size!\n");
+ return Status;
+ }
+
+ return AddNewMftEntry(FileRecord, DeviceExt, DestinationIndex, CanWait);
+ }
+
+ DPRINT1("Creating file record at MFT index: %I64u\n", MftIndex);
+
+ // update file record with index
+ FileRecord->MFTRecordNumber = MftIndex;
+
+ // [BitmapData should have been updated via RtlFindClearBitsAndSet()]
+
+ // Restore the system reserved bits
+ RtlCopyMemory((PVOID)((ULONG_PTR)BitmapData + 2), &SystemReservedBits, 1);
+
+ // write the bitmap back to the MFT's $Bitmap attribute
+ Status = WriteAttribute(DeviceExt, BitmapContext, 0, BitmapData, BitmapDataSize, &LengthWritten);
+ if (!NT_SUCCESS(Status))
+ {
+ DPRINT1("ERROR encountered when writing $Bitmap attribute!\n");
+ ExFreePoolWithTag(BitmapData, TAG_NTFS);
+ ReleaseAttributeContext(BitmapContext);
+ return Status;
+ }
+
+ // update the file record (write it to disk)
+ Status = UpdateFileRecord(DeviceExt, MftIndex, FileRecord);
+
+ if (!NT_SUCCESS(Status))
+ {
+ DPRINT1("ERROR: Unable to write file record!\n");
+ ExFreePoolWithTag(BitmapData, TAG_NTFS);
+ ReleaseAttributeContext(BitmapContext);
+ return Status;
+ }
+
+ *DestinationIndex = MftIndex;
+
+ ExFreePoolWithTag(BitmapData, TAG_NTFS);
+ ReleaseAttributeContext(BitmapContext);
+
+ return Status;
+}
+
NTSTATUS
AddFixupArray(PDEVICE_EXTENSION Vcb,
PNTFS_RECORD_HEADER Record)
BOOLEAN
CompareFileName(PUNICODE_STRING FileName,
PINDEX_ENTRY_ATTRIBUTE IndexEntry,
- BOOLEAN DirSearch)
+ BOOLEAN DirSearch,
+ BOOLEAN CaseSensitive)
{
BOOLEAN Ret, Alloc = FALSE;
UNICODE_STRING EntryName;
if (DirSearch)
{
UNICODE_STRING IntFileName;
- if (IndexEntry->FileName.NameType != NTFS_FILE_NAME_POSIX)
+ if (!CaseSensitive)
{
NT_VERIFY(NT_SUCCESS(RtlUpcaseUnicodeString(&IntFileName, FileName, TRUE)));
Alloc = TRUE;
IntFileName = *FileName;
}
- Ret = FsRtlIsNameInExpression(&IntFileName, &EntryName, (IndexEntry->FileName.NameType != NTFS_FILE_NAME_POSIX), NULL);
+ Ret = FsRtlIsNameInExpression(&IntFileName, &EntryName, !CaseSensitive, NULL);
if (Alloc)
{
}
else
{
- return (RtlCompareUnicodeString(FileName, &EntryName, (IndexEntry->FileName.NameType != NTFS_FILE_NAME_POSIX)) == 0);
+ return (RtlCompareUnicodeString(FileName, &EntryName, !CaseSensitive) == 0);
}
}
PULONG StartEntry,
PULONG CurrentEntry,
BOOLEAN DirSearch,
+ BOOLEAN CaseSensitive,
ULONGLONG *OutMFTIndex)
{
NTSTATUS Status;
ULONGLONG IndexAllocationSize;
PINDEX_BUFFER IndexBuffer;
- DPRINT("BrowseIndexEntries(%p, %p, %p, %u, %p, %p, %wZ, %u, %u, %u, %p)\n", Vcb, MftRecord, IndexRecord, IndexBlockSize, FirstEntry, LastEntry, FileName, *StartEntry, *CurrentEntry, DirSearch, OutMFTIndex);
+ DPRINT("BrowseIndexEntries(%p, %p, %p, %u, %p, %p, %wZ, %u, %u, %s, %s, %p)\n",
+ Vcb,
+ MftRecord,
+ IndexRecord,
+ IndexBlockSize,
+ FirstEntry,
+ LastEntry,
+ FileName,
+ *StartEntry,
+ *CurrentEntry,
+ DirSearch ? "TRUE" : "FALSE",
+ CaseSensitive ? "TRUE" : "FALSE",
+ OutMFTIndex);
IndexEntry = FirstEntry;
while (IndexEntry < LastEntry &&
!(IndexEntry->Flags & NTFS_INDEX_ENTRY_END))
{
- if ((IndexEntry->Data.Directory.IndexedFile & NTFS_MFT_MASK) > 0x10 &&
+ if ((IndexEntry->Data.Directory.IndexedFile & NTFS_MFT_MASK) >= 0x10 &&
*CurrentEntry >= *StartEntry &&
IndexEntry->FileName.NameType != NTFS_FILE_NAME_DOS &&
- CompareFileName(FileName, IndexEntry, DirSearch))
+ CompareFileName(FileName, IndexEntry, DirSearch, CaseSensitive))
{
*StartEntry = *CurrentEntry;
*OutMFTIndex = (IndexEntry->Data.Directory.IndexedFile & NTFS_MFT_MASK);
LastEntry = (PINDEX_ENTRY_ATTRIBUTE)((ULONG_PTR)&IndexBuffer->Header + IndexBuffer->Header.TotalSizeOfEntries);
ASSERT(LastEntry <= (PINDEX_ENTRY_ATTRIBUTE)((ULONG_PTR)IndexBuffer + IndexBlockSize));
- Status = BrowseIndexEntries(NULL, NULL, NULL, 0, FirstEntry, LastEntry, FileName, StartEntry, CurrentEntry, DirSearch, OutMFTIndex);
+ Status = BrowseIndexEntries(NULL,
+ NULL,
+ NULL,
+ 0,
+ FirstEntry,
+ LastEntry,
+ FileName,
+ StartEntry,
+ CurrentEntry,
+ DirSearch,
+ CaseSensitive,
+ OutMFTIndex);
if (NT_SUCCESS(Status))
{
break;
PUNICODE_STRING FileName,
PULONG FirstEntry,
BOOLEAN DirSearch,
- ULONGLONG *OutMFTIndex)
+ ULONGLONG *OutMFTIndex,
+ BOOLEAN CaseSensitive)
{
PFILE_RECORD_HEADER MftRecord;
PNTFS_ATTR_CONTEXT IndexRootCtx;
DPRINT("IndexRecordSize: %x IndexBlockSize: %x\n", Vcb->NtfsInfo.BytesPerIndexRecord, IndexRoot->SizeOfEntry);
- Status = BrowseIndexEntries(Vcb, MftRecord, IndexRecord, IndexRoot->SizeOfEntry, IndexEntry, IndexEntryEnd, FileName, FirstEntry, &CurrentEntry, DirSearch, OutMFTIndex);
+ Status = BrowseIndexEntries(Vcb,
+ MftRecord,
+ IndexRecord,
+ IndexRoot->SizeOfEntry,
+ IndexEntry,
+ IndexEntryEnd,
+ FileName,
+ FirstEntry,
+ &CurrentEntry,
+ DirSearch,
+ CaseSensitive,
+ OutMFTIndex);
ExFreePoolWithTag(IndexRecord, TAG_NTFS);
ExFreePoolWithTag(MftRecord, TAG_NTFS);
NTSTATUS
NtfsLookupFileAt(PDEVICE_EXTENSION Vcb,
PUNICODE_STRING PathName,
+ BOOLEAN CaseSensitive,
PFILE_RECORD_HEADER *FileRecord,
PULONGLONG MFTIndex,
ULONGLONG CurrentMFTIndex)
NTSTATUS Status;
ULONG FirstEntry = 0;
- DPRINT("NtfsLookupFileAt(%p, %wZ, %p, %I64x)\n", Vcb, PathName, FileRecord, CurrentMFTIndex);
+ DPRINT("NtfsLookupFileAt(%p, %wZ, %s, %p, %p, %I64x)\n",
+ Vcb,
+ PathName,
+ CaseSensitive ? "TRUE" : "FALSE",
+ FileRecord,
+ MFTIndex,
+ CurrentMFTIndex);
FsRtlDissectName(*PathName, &Current, &Remaining);
{
DPRINT("Current: %wZ\n", &Current);
- Status = NtfsFindMftRecord(Vcb, CurrentMFTIndex, &Current, &FirstEntry, FALSE, &CurrentMFTIndex);
+ Status = NtfsFindMftRecord(Vcb, CurrentMFTIndex, &Current, &FirstEntry, FALSE, &CurrentMFTIndex, CaseSensitive);
if (!NT_SUCCESS(Status))
{
return Status;
NTSTATUS
NtfsLookupFile(PDEVICE_EXTENSION Vcb,
PUNICODE_STRING PathName,
+ BOOLEAN CaseSensitive,
PFILE_RECORD_HEADER *FileRecord,
PULONGLONG MFTIndex)
{
- return NtfsLookupFileAt(Vcb, PathName, FileRecord, MFTIndex, NTFS_FILE_ROOT);
+ return NtfsLookupFileAt(Vcb, PathName, CaseSensitive, FileRecord, MFTIndex, NTFS_FILE_ROOT);
+}
+
+/**
+* @name NtfsDumpFileRecord
+* @implemented
+*
+* Provides diagnostic information about a file record. Prints a hex dump
+* of the entire record (based on the size reported by FileRecord->ByesInUse),
+* then prints a dump of each attribute.
+*
+* @param Vcb
+* Pointer to a DEVICE_EXTENSION describing the volume.
+*
+* @param FileRecord
+* Pointer to the file record to be analyzed.
+*
+* @remarks
+* FileRecord must be a complete file record at least FileRecord->BytesAllocated
+* in size, and not just the header.
+*
+*/
+VOID
+NtfsDumpFileRecord(PDEVICE_EXTENSION Vcb,
+ PFILE_RECORD_HEADER FileRecord)
+{
+ ULONG i, j;
+
+ // dump binary data, 8 bytes at a time
+ for (i = 0; i < FileRecord->BytesInUse; i += 8)
+ {
+ // display current offset, in hex
+ DbgPrint("\t%03x\t", i);
+
+ // display hex value of each of the next 8 bytes
+ for (j = 0; j < 8; j++)
+ DbgPrint("%02x ", *(PUCHAR)((ULONG_PTR)FileRecord + i + j));
+ DbgPrint("\n");
+ }
+
+ NtfsDumpFileAttributes(Vcb, FileRecord);
}
NTSTATUS
PULONG FirstEntry,
PFILE_RECORD_HEADER *FileRecord,
PULONGLONG MFTIndex,
- ULONGLONG CurrentMFTIndex)
+ ULONGLONG CurrentMFTIndex,
+ BOOLEAN CaseSensitive)
{
NTSTATUS Status;
- DPRINT("NtfsFindFileAt(%p, %wZ, %u, %p, %p, %I64x)\n", Vcb, SearchPattern, *FirstEntry, FileRecord, MFTIndex, CurrentMFTIndex);
+ DPRINT("NtfsFindFileAt(%p, %wZ, %u, %p, %p, %I64x, %s)\n",
+ Vcb,
+ SearchPattern,
+ *FirstEntry,
+ FileRecord,
+ MFTIndex,
+ CurrentMFTIndex,
+ (CaseSensitive ? "TRUE" : "FALSE"));
- Status = NtfsFindMftRecord(Vcb, CurrentMFTIndex, SearchPattern, FirstEntry, TRUE, &CurrentMFTIndex);
+ Status = NtfsFindMftRecord(Vcb, CurrentMFTIndex, SearchPattern, FirstEntry, TRUE, &CurrentMFTIndex, CaseSensitive);
if (!NT_SUCCESS(Status))
{
DPRINT("NtfsFindFileAt: NtfsFindMftRecord() failed with status 0x%08lx\n", Status);
projects / reactos.git / blobdiff