├── Kconfig ├── LICENSE ├── Makefile ├── README.rst ├── attrib.c ├── attrlist.c ├── bitfunc.c ├── bitmap.c ├── compat.h ├── debug.h ├── dir.c ├── file.c ├── frecord.c ├── fslog.c ├── fsntfs.c ├── index.c ├── inode.c ├── lib ├── decompress_common.c ├── decompress_common.h ├── lib.h ├── lzx_decompress.c └── xpress_decompress.c ├── lznt.c ├── namei.c ├── ntfs.h ├── ntfs3.rst ├── ntfs_fs.h ├── record.c ├── run.c ├── super.c ├── upcase.c └── xattr.c /Kconfig: -------------------------------------------------------------------------------- 1 | # SPDX-License-Identifier: GPL-2.0-only 2 | config NTFS3_FS 3 | tristate "NTFS Read-Write file system support" 4 | select NLS 5 | help 6 | Windows OS native file system (NTFS) support up to NTFS version 3.1. 7 | 8 | Y or M enables the NTFS3 driver with full features enabled (read, 9 | write, journal replaying, sparse/compressed files support). 10 | File system type to use on mount is "ntfs3". Module name (M option) 11 | is also "ntfs3". 12 | 13 | Documentation: 14 | 15 | config NTFS3_64BIT_CLUSTER 16 | bool "64 bits per NTFS clusters" 17 | depends on NTFS3_FS && 64BIT 18 | help 19 | Windows implementation of ntfs.sys uses 32 bits per clusters. 20 | If activated 64 bits per clusters you will be able to use 4k cluster 21 | for 16T+ volumes. Windows will not be able to mount such volumes. 22 | 23 | It is recommended to say N here. 24 | 25 | config NTFS3_LZX_XPRESS 26 | bool "activate support of external compressions lzx/xpress" 27 | depends on NTFS3_FS 28 | help 29 | In Windows 10 one can use command "compact" to compress any files. 30 | 4 possible variants of compression are: xpress4k, xpress8k, xpress16k and lzx. 31 | If activated you will be able to read such files correctly. 32 | 33 | It is recommended to say Y here. 34 | 35 | config NTFS3_FS_POSIX_ACL 36 | bool "NTFS POSIX Access Control Lists" 37 | depends on NTFS3_FS 38 | select FS_POSIX_ACL 39 | help 40 | POSIX Access Control Lists (ACLs) support additional access rights 41 | for users and groups beyond the standard owner/group/world scheme, 42 | and this option selects support for ACLs specifically for ntfs 43 | filesystems. 44 | NOTE: this is linux only feature. Windows will ignore these ACLs. 45 | 46 | If you don't know what Access Control Lists are, say N. 47 | -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- 1 | GNU GENERAL PUBLIC LICENSE 2 | Version 2, June 1991 3 | 4 | Copyright (C) 1989, 1991 Free Software Foundation, Inc., 5 | 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA 6 | Everyone is permitted to copy and distribute verbatim copies 7 | of this license document, but changing it is not allowed. 8 | 9 | Preamble 10 | 11 | The licenses for most software are designed to take away your 12 | freedom to share and change it. By contrast, the GNU General Public 13 | License is intended to guarantee your freedom to share and change free 14 | software--to make sure the software is free for all its users. This 15 | General Public License applies to most of the Free Software 16 | Foundation's software and to any other program whose authors commit to 17 | using it. (Some other Free Software Foundation software is covered by 18 | the GNU Lesser General Public License instead.) You can apply it to 19 | your programs, too. 20 | 21 | When we speak of free software, we are referring to freedom, not 22 | price. Our General Public Licenses are designed to make sure that you 23 | have the freedom to distribute copies of free software (and charge for 24 | this service if you wish), that you receive source code or can get it 25 | if you want it, that you can change the software or use pieces of it 26 | in new free programs; and that you know you can do these things. 27 | 28 | To protect your rights, we need to make restrictions that forbid 29 | anyone to deny you these rights or to ask you to surrender the rights. 30 | These restrictions translate to certain responsibilities for you if you 31 | distribute copies of the software, or if you modify it. 32 | 33 | For example, if you distribute copies of such a program, whether 34 | gratis or for a fee, you must give the recipients all the rights that 35 | you have. You must make sure that they, too, receive or can get the 36 | source code. And you must show them these terms so they know their 37 | rights. 38 | 39 | We protect your rights with two steps: (1) copyright the software, and 40 | (2) offer you this license which gives you legal permission to copy, 41 | distribute and/or modify the software. 42 | 43 | Also, for each author's protection and ours, we want to make certain 44 | that everyone understands that there is no warranty for this free 45 | software. If the software is modified by someone else and passed on, we 46 | want its recipients to know that what they have is not the original, so 47 | that any problems introduced by others will not reflect on the original 48 | authors' reputations. 49 | 50 | Finally, any free program is threatened constantly by software 51 | patents. We wish to avoid the danger that redistributors of a free 52 | program will individually obtain patent licenses, in effect making the 53 | program proprietary. To prevent this, we have made it clear that any 54 | patent must be licensed for everyone's free use or not licensed at all. 55 | 56 | The precise terms and conditions for copying, distribution and 57 | modification follow. 58 | 59 | GNU GENERAL PUBLIC LICENSE 60 | TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION 61 | 62 | 0. This License applies to any program or other work which contains 63 | a notice placed by the copyright holder saying it may be distributed 64 | under the terms of this General Public License. The "Program", below, 65 | refers to any such program or work, and a "work based on the Program" 66 | means either the Program or any derivative work under copyright law: 67 | that is to say, a work containing the Program or a portion of it, 68 | either verbatim or with modifications and/or translated into another 69 | language. (Hereinafter, translation is included without limitation in 70 | the term "modification".) Each licensee is addressed as "you". 71 | 72 | Activities other than copying, distribution and modification are not 73 | covered by this License; they are outside its scope. The act of 74 | running the Program is not restricted, and the output from the Program 75 | is covered only if its contents constitute a work based on the 76 | Program (independent of having been made by running the Program). 77 | Whether that is true depends on what the Program does. 78 | 79 | 1. You may copy and distribute verbatim copies of the Program's 80 | source code as you receive it, in any medium, provided that you 81 | conspicuously and appropriately publish on each copy an appropriate 82 | copyright notice and disclaimer of warranty; keep intact all the 83 | notices that refer to this License and to the absence of any warranty; 84 | and give any other recipients of the Program a copy of this License 85 | along with the Program. 86 | 87 | You may charge a fee for the physical act of transferring a copy, and 88 | you may at your option offer warranty protection in exchange for a fee. 89 | 90 | 2. You may modify your copy or copies of the Program or any portion 91 | of it, thus forming a work based on the Program, and copy and 92 | distribute such modifications or work under the terms of Section 1 93 | above, provided that you also meet all of these conditions: 94 | 95 | a) You must cause the modified files to carry prominent notices 96 | stating that you changed the files and the date of any change. 97 | 98 | b) You must cause any work that you distribute or publish, that in 99 | whole or in part contains or is derived from the Program or any 100 | part thereof, to be licensed as a whole at no charge to all third 101 | parties under the terms of this License. 102 | 103 | c) If the modified program normally reads commands interactively 104 | when run, you must cause it, when started running for such 105 | interactive use in the most ordinary way, to print or display an 106 | announcement including an appropriate copyright notice and a 107 | notice that there is no warranty (or else, saying that you provide 108 | a warranty) and that users may redistribute the program under 109 | these conditions, and telling the user how to view a copy of this 110 | License. (Exception: if the Program itself is interactive but 111 | does not normally print such an announcement, your work based on 112 | the Program is not required to print an announcement.) 113 | 114 | These requirements apply to the modified work as a whole. If 115 | identifiable sections of that work are not derived from the Program, 116 | and can be reasonably considered independent and separate works in 117 | themselves, then this License, and its terms, do not apply to those 118 | sections when you distribute them as separate works. But when you 119 | distribute the same sections as part of a whole which is a work based 120 | on the Program, the distribution of the whole must be on the terms of 121 | this License, whose permissions for other licensees extend to the 122 | entire whole, and thus to each and every part regardless of who wrote it. 123 | 124 | Thus, it is not the intent of this section to claim rights or contest 125 | your rights to work written entirely by you; rather, the intent is to 126 | exercise the right to control the distribution of derivative or 127 | collective works based on the Program. 128 | 129 | In addition, mere aggregation of another work not based on the Program 130 | with the Program (or with a work based on the Program) on a volume of 131 | a storage or distribution medium does not bring the other work under 132 | the scope of this License. 133 | 134 | 3. You may copy and distribute the Program (or a work based on it, 135 | under Section 2) in object code or executable form under the terms of 136 | Sections 1 and 2 above provided that you also do one of the following: 137 | 138 | a) Accompany it with the complete corresponding machine-readable 139 | source code, which must be distributed under the terms of Sections 140 | 1 and 2 above on a medium customarily used for software interchange; or, 141 | 142 | b) Accompany it with a written offer, valid for at least three 143 | years, to give any third party, for a charge no more than your 144 | cost of physically performing source distribution, a complete 145 | machine-readable copy of the corresponding source code, to be 146 | distributed under the terms of Sections 1 and 2 above on a medium 147 | customarily used for software interchange; or, 148 | 149 | c) Accompany it with the information you received as to the offer 150 | to distribute corresponding source code. (This alternative is 151 | allowed only for noncommercial distribution and only if you 152 | received the program in object code or executable form with such 153 | an offer, in accord with Subsection b above.) 154 | 155 | The source code for a work means the preferred form of the work for 156 | making modifications to it. For an executable work, complete source 157 | code means all the source code for all modules it contains, plus any 158 | associated interface definition files, plus the scripts used to 159 | control compilation and installation of the executable. However, as a 160 | special exception, the source code distributed need not include 161 | anything that is normally distributed (in either source or binary 162 | form) with the major components (compiler, kernel, and so on) of the 163 | operating system on which the executable runs, unless that component 164 | itself accompanies the executable. 165 | 166 | If distribution of executable or object code is made by offering 167 | access to copy from a designated place, then offering equivalent 168 | access to copy the source code from the same place counts as 169 | distribution of the source code, even though third parties are not 170 | compelled to copy the source along with the object code. 171 | 172 | 4. You may not copy, modify, sublicense, or distribute the Program 173 | except as expressly provided under this License. Any attempt 174 | otherwise to copy, modify, sublicense or distribute the Program is 175 | void, and will automatically terminate your rights under this License. 176 | However, parties who have received copies, or rights, from you under 177 | this License will not have their licenses terminated so long as such 178 | parties remain in full compliance. 179 | 180 | 5. You are not required to accept this License, since you have not 181 | signed it. However, nothing else grants you permission to modify or 182 | distribute the Program or its derivative works. These actions are 183 | prohibited by law if you do not accept this License. Therefore, by 184 | modifying or distributing the Program (or any work based on the 185 | Program), you indicate your acceptance of this License to do so, and 186 | all its terms and conditions for copying, distributing or modifying 187 | the Program or works based on it. 188 | 189 | 6. Each time you redistribute the Program (or any work based on the 190 | Program), the recipient automatically receives a license from the 191 | original licensor to copy, distribute or modify the Program subject to 192 | these terms and conditions. You may not impose any further 193 | restrictions on the recipients' exercise of the rights granted herein. 194 | You are not responsible for enforcing compliance by third parties to 195 | this License. 196 | 197 | 7. If, as a consequence of a court judgment or allegation of patent 198 | infringement or for any other reason (not limited to patent issues), 199 | conditions are imposed on you (whether by court order, agreement or 200 | otherwise) that contradict the conditions of this License, they do not 201 | excuse you from the conditions of this License. If you cannot 202 | distribute so as to satisfy simultaneously your obligations under this 203 | License and any other pertinent obligations, then as a consequence you 204 | may not distribute the Program at all. For example, if a patent 205 | license would not permit royalty-free redistribution of the Program by 206 | all those who receive copies directly or indirectly through you, then 207 | the only way you could satisfy both it and this License would be to 208 | refrain entirely from distribution of the Program. 209 | 210 | If any portion of this section is held invalid or unenforceable under 211 | any particular circumstance, the balance of the section is intended to 212 | apply and the section as a whole is intended to apply in other 213 | circumstances. 214 | 215 | It is not the purpose of this section to induce you to infringe any 216 | patents or other property right claims or to contest validity of any 217 | such claims; this section has the sole purpose of protecting the 218 | integrity of the free software distribution system, which is 219 | implemented by public license practices. Many people have made 220 | generous contributions to the wide range of software distributed 221 | through that system in reliance on consistent application of that 222 | system; it is up to the author/donor to decide if he or she is willing 223 | to distribute software through any other system and a licensee cannot 224 | impose that choice. 225 | 226 | This section is intended to make thoroughly clear what is believed to 227 | be a consequence of the rest of this License. 228 | 229 | 8. If the distribution and/or use of the Program is restricted in 230 | certain countries either by patents or by copyrighted interfaces, the 231 | original copyright holder who places the Program under this License 232 | may add an explicit geographical distribution limitation excluding 233 | those countries, so that distribution is permitted only in or among 234 | countries not thus excluded. In such case, this License incorporates 235 | the limitation as if written in the body of this License. 236 | 237 | 9. The Free Software Foundation may publish revised and/or new versions 238 | of the General Public License from time to time. Such new versions will 239 | be similar in spirit to the present version, but may differ in detail to 240 | address new problems or concerns. 241 | 242 | Each version is given a distinguishing version number. If the Program 243 | specifies a version number of this License which applies to it and "any 244 | later version", you have the option of following the terms and conditions 245 | either of that version or of any later version published by the Free 246 | Software Foundation. If the Program does not specify a version number of 247 | this License, you may choose any version ever published by the Free Software 248 | Foundation. 249 | 250 | 10. If you wish to incorporate parts of the Program into other free 251 | programs whose distribution conditions are different, write to the author 252 | to ask for permission. For software which is copyrighted by the Free 253 | Software Foundation, write to the Free Software Foundation; we sometimes 254 | make exceptions for this. Our decision will be guided by the two goals 255 | of preserving the free status of all derivatives of our free software and 256 | of promoting the sharing and reuse of software generally. 257 | 258 | NO WARRANTY 259 | 260 | 11. BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY 261 | FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN 262 | OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES 263 | PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED 264 | OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF 265 | MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS 266 | TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE 267 | PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING, 268 | REPAIR OR CORRECTION. 269 | 270 | 12. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING 271 | WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR 272 | REDISTRIBUTE THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, 273 | INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING 274 | OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED 275 | TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY 276 | YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER 277 | PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE 278 | POSSIBILITY OF SUCH DAMAGES. 279 | 280 | END OF TERMS AND CONDITIONS 281 | 282 | How to Apply These Terms to Your New Programs 283 | 284 | If you develop a new program, and you want it to be of the greatest 285 | possible use to the public, the best way to achieve this is to make it 286 | free software which everyone can redistribute and change under these terms. 287 | 288 | To do so, attach the following notices to the program. It is safest 289 | to attach them to the start of each source file to most effectively 290 | convey the exclusion of warranty; and each file should have at least 291 | the "copyright" line and a pointer to where the full notice is found. 292 | 293 | 294 | Copyright (C) 295 | 296 | This program is free software; you can redistribute it and/or modify 297 | it under the terms of the GNU General Public License as published by 298 | the Free Software Foundation; either version 2 of the License, or 299 | (at your option) any later version. 300 | 301 | This program is distributed in the hope that it will be useful, 302 | but WITHOUT ANY WARRANTY; without even the implied warranty of 303 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 304 | GNU General Public License for more details. 305 | 306 | You should have received a copy of the GNU General Public License along 307 | with this program; if not, write to the Free Software Foundation, Inc., 308 | 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. 309 | 310 | Also add information on how to contact you by electronic and paper mail. 311 | 312 | If the program is interactive, make it output a short notice like this 313 | when it starts in an interactive mode: 314 | 315 | Gnomovision version 69, Copyright (C) year name of author 316 | Gnomovision comes with ABSOLUTELY NO WARRANTY; for details type `show w'. 317 | This is free software, and you are welcome to redistribute it 318 | under certain conditions; type `show c' for details. 319 | 320 | The hypothetical commands `show w' and `show c' should show the appropriate 321 | parts of the General Public License. Of course, the commands you use may 322 | be called something other than `show w' and `show c'; they could even be 323 | mouse-clicks or menu items--whatever suits your program. 324 | 325 | You should also get your employer (if you work as a programmer) or your 326 | school, if any, to sign a "copyright disclaimer" for the program, if 327 | necessary. Here is a sample; alter the names: 328 | 329 | Yoyodyne, Inc., hereby disclaims all copyright interest in the program 330 | `Gnomovision' (which makes passes at compilers) written by James Hacker. 331 | 332 | , 1 April 1989 333 | Ty Coon, President of Vice 334 | 335 | This General Public License does not permit incorporating your program into 336 | proprietary programs. If your program is a subroutine library, you may 337 | consider it more useful to permit linking proprietary applications with the 338 | library. If this is what you want to do, use the GNU Lesser General 339 | Public License instead of this License. 340 | -------------------------------------------------------------------------------- /Makefile: -------------------------------------------------------------------------------- 1 | # SPDX-License-Identifier: GPL-2.0 2 | # 3 | # Makefile for the ntfs3 filesystem support. 4 | # 5 | 6 | # to check robot warnings 7 | ccflags-y += -Wunused-but-set-variable -Wold-style-declaration -Wint-to-pointer-cast 8 | 9 | obj-$(CONFIG_NTFS3_FS) += ntfs3.o 10 | 11 | ntfs3-y := attrib.o \ 12 | attrlist.o \ 13 | bitfunc.o \ 14 | bitmap.o \ 15 | dir.o \ 16 | fsntfs.o \ 17 | frecord.o \ 18 | file.o \ 19 | fslog.o \ 20 | inode.o \ 21 | index.o \ 22 | lznt.o \ 23 | namei.o \ 24 | record.o \ 25 | run.o \ 26 | super.o \ 27 | upcase.o \ 28 | xattr.o 29 | 30 | ntfs3-$(CONFIG_NTFS3_LZX_XPRESS) += $(addprefix lib/,\ 31 | decompress_common.o \ 32 | lzx_decompress.o \ 33 | xpress_decompress.o \ 34 | ) 35 | 36 | ccflags-$(CONFIG_NTFS3_LZX_XPRESS) += -DCONFIG_NTFS3_LZX_XPRESS 37 | ccflags-$(CONFIG_NTFS3_FS_POSIX_ACL) += -DCONFIG_NTFS3_FS_POSIX_ACL 38 | 39 | all: 40 | make -C /lib/modules/$(KVERSION)/build M=$(PWD) modules 41 | 42 | clean: 43 | make -C /lib/modules/$(KVERSION)/build M=$(PWD) clean -------------------------------------------------------------------------------- /README.rst: -------------------------------------------------------------------------------- 1 | ntfs3.rst -------------------------------------------------------------------------------- /attrlist.c: -------------------------------------------------------------------------------- 1 | // SPDX-License-Identifier: GPL-2.0 2 | /* 3 | * 4 | * Copyright (C) 2019-2021 Paragon Software GmbH, All rights reserved. 5 | * 6 | */ 7 | 8 | #include 9 | #include 10 | #include 11 | #include 12 | 13 | #include "debug.h" 14 | #include "ntfs.h" 15 | #include "ntfs_fs.h" 16 | 17 | /* Returns true if le is valid */ 18 | static inline bool al_is_valid_le(const struct ntfs_inode *ni, 19 | struct ATTR_LIST_ENTRY *le) 20 | { 21 | if (!le || !ni->attr_list.le || !ni->attr_list.size) 22 | return false; 23 | 24 | return PtrOffset(ni->attr_list.le, le) + le16_to_cpu(le->size) <= 25 | ni->attr_list.size; 26 | } 27 | 28 | void al_destroy(struct ntfs_inode *ni) 29 | { 30 | run_close(&ni->attr_list.run); 31 | ntfs_free(ni->attr_list.le); 32 | ni->attr_list.le = NULL; 33 | ni->attr_list.size = 0; 34 | ni->attr_list.dirty = false; 35 | } 36 | 37 | /* 38 | * ntfs_load_attr_list 39 | * 40 | * This method makes sure that the ATTRIB list, if present, 41 | * has been properly set up. 42 | */ 43 | int ntfs_load_attr_list(struct ntfs_inode *ni, struct ATTRIB *attr) 44 | { 45 | int err; 46 | size_t lsize; 47 | void *le = NULL; 48 | 49 | if (ni->attr_list.size) 50 | return 0; 51 | 52 | if (!attr->non_res) { 53 | lsize = le32_to_cpu(attr->res.data_size); 54 | le = ntfs_malloc(al_aligned(lsize)); 55 | if (!le) { 56 | err = -ENOMEM; 57 | goto out; 58 | } 59 | memcpy(le, resident_data(attr), lsize); 60 | } else if (attr->nres.svcn) { 61 | err = -EINVAL; 62 | goto out; 63 | } else { 64 | u16 run_off = le16_to_cpu(attr->nres.run_off); 65 | 66 | lsize = le64_to_cpu(attr->nres.data_size); 67 | 68 | run_init(&ni->attr_list.run); 69 | 70 | err = run_unpack_ex(&ni->attr_list.run, ni->mi.sbi, ni->mi.rno, 71 | 0, le64_to_cpu(attr->nres.evcn), 0, 72 | Add2Ptr(attr, run_off), 73 | le32_to_cpu(attr->size) - run_off); 74 | if (err < 0) 75 | goto out; 76 | 77 | le = ntfs_malloc(al_aligned(lsize)); 78 | if (!le) { 79 | err = -ENOMEM; 80 | goto out; 81 | } 82 | 83 | err = ntfs_read_run_nb(ni->mi.sbi, &ni->attr_list.run, 0, le, 84 | lsize, NULL); 85 | if (err) 86 | goto out; 87 | } 88 | 89 | ni->attr_list.size = lsize; 90 | ni->attr_list.le = le; 91 | 92 | return 0; 93 | 94 | out: 95 | ni->attr_list.le = le; 96 | al_destroy(ni); 97 | 98 | return err; 99 | } 100 | 101 | /* 102 | * al_enumerate 103 | * 104 | * Returns the next list 'le' 105 | * if 'le' is NULL then returns the first 'le' 106 | */ 107 | struct ATTR_LIST_ENTRY *al_enumerate(struct ntfs_inode *ni, 108 | struct ATTR_LIST_ENTRY *le) 109 | { 110 | size_t off; 111 | u16 sz; 112 | 113 | if (!le) { 114 | le = ni->attr_list.le; 115 | } else { 116 | sz = le16_to_cpu(le->size); 117 | if (sz < sizeof(struct ATTR_LIST_ENTRY)) { 118 | /* Impossible 'cause we should not return such 'le' */ 119 | return NULL; 120 | } 121 | le = Add2Ptr(le, sz); 122 | } 123 | 124 | /* Check boundary */ 125 | off = PtrOffset(ni->attr_list.le, le); 126 | if (off + sizeof(struct ATTR_LIST_ENTRY) > ni->attr_list.size) { 127 | // The regular end of list 128 | return NULL; 129 | } 130 | 131 | sz = le16_to_cpu(le->size); 132 | 133 | /* Check 'le' for errors */ 134 | if (sz < sizeof(struct ATTR_LIST_ENTRY) || 135 | off + sz > ni->attr_list.size || 136 | sz < le->name_off + le->name_len * sizeof(short)) { 137 | return NULL; 138 | } 139 | 140 | return le; 141 | } 142 | 143 | /* 144 | * al_find_le 145 | * 146 | * finds the first 'le' in the list which matches type, name and vcn 147 | * Returns NULL if not found 148 | */ 149 | struct ATTR_LIST_ENTRY *al_find_le(struct ntfs_inode *ni, 150 | struct ATTR_LIST_ENTRY *le, 151 | const struct ATTRIB *attr) 152 | { 153 | CLST svcn = attr_svcn(attr); 154 | 155 | return al_find_ex(ni, le, attr->type, attr_name(attr), attr->name_len, 156 | &svcn); 157 | } 158 | 159 | /* 160 | * al_find_ex 161 | * 162 | * finds the first 'le' in the list which matches type, name and vcn 163 | * Returns NULL if not found 164 | */ 165 | struct ATTR_LIST_ENTRY *al_find_ex(struct ntfs_inode *ni, 166 | struct ATTR_LIST_ENTRY *le, 167 | enum ATTR_TYPE type, const __le16 *name, 168 | u8 name_len, const CLST *vcn) 169 | { 170 | struct ATTR_LIST_ENTRY *ret = NULL; 171 | u32 type_in = le32_to_cpu(type); 172 | 173 | while ((le = al_enumerate(ni, le))) { 174 | u64 le_vcn; 175 | int diff = le32_to_cpu(le->type) - type_in; 176 | 177 | /* List entries are sorted by type, name and vcn */ 178 | if (diff < 0) 179 | continue; 180 | 181 | if (diff > 0) 182 | return ret; 183 | 184 | if (le->name_len != name_len) 185 | continue; 186 | 187 | le_vcn = le64_to_cpu(le->vcn); 188 | if (!le_vcn) { 189 | /* 190 | * compare entry names only for entry with vcn == 0 191 | */ 192 | diff = ntfs_cmp_names(le_name(le), name_len, name, 193 | name_len, ni->mi.sbi->upcase, 194 | true); 195 | if (diff < 0) 196 | continue; 197 | 198 | if (diff > 0) 199 | return ret; 200 | } 201 | 202 | if (!vcn) 203 | return le; 204 | 205 | if (*vcn == le_vcn) 206 | return le; 207 | 208 | if (*vcn < le_vcn) 209 | return ret; 210 | 211 | ret = le; 212 | } 213 | 214 | return ret; 215 | } 216 | 217 | /* 218 | * al_find_le_to_insert 219 | * 220 | * finds the first list entry which matches type, name and vcn 221 | */ 222 | static struct ATTR_LIST_ENTRY *al_find_le_to_insert(struct ntfs_inode *ni, 223 | enum ATTR_TYPE type, 224 | const __le16 *name, 225 | u8 name_len, CLST vcn) 226 | { 227 | struct ATTR_LIST_ENTRY *le = NULL, *prev; 228 | u32 type_in = le32_to_cpu(type); 229 | 230 | /* List entries are sorted by type, name, vcn */ 231 | while ((le = al_enumerate(ni, prev = le))) { 232 | int diff = le32_to_cpu(le->type) - type_in; 233 | 234 | if (diff < 0) 235 | continue; 236 | 237 | if (diff > 0) 238 | return le; 239 | 240 | if (!le->vcn) { 241 | /* 242 | * compare entry names only for entry with vcn == 0 243 | */ 244 | diff = ntfs_cmp_names(le_name(le), le->name_len, name, 245 | name_len, ni->mi.sbi->upcase, 246 | true); 247 | if (diff < 0) 248 | continue; 249 | 250 | if (diff > 0) 251 | return le; 252 | } 253 | 254 | if (le64_to_cpu(le->vcn) >= vcn) 255 | return le; 256 | } 257 | 258 | return prev ? Add2Ptr(prev, le16_to_cpu(prev->size)) : ni->attr_list.le; 259 | } 260 | 261 | /* 262 | * al_add_le 263 | * 264 | * adds an "attribute list entry" to the list. 265 | */ 266 | int al_add_le(struct ntfs_inode *ni, enum ATTR_TYPE type, const __le16 *name, 267 | u8 name_len, CLST svcn, __le16 id, const struct MFT_REF *ref, 268 | struct ATTR_LIST_ENTRY **new_le) 269 | { 270 | int err; 271 | struct ATTRIB *attr; 272 | struct ATTR_LIST_ENTRY *le; 273 | size_t off; 274 | u16 sz; 275 | size_t asize, new_asize; 276 | u64 new_size; 277 | typeof(ni->attr_list) *al = &ni->attr_list; 278 | 279 | /* 280 | * Compute the size of the new 'le' 281 | */ 282 | sz = le_size(name_len); 283 | new_size = al->size + sz; 284 | asize = al_aligned(al->size); 285 | new_asize = al_aligned(new_size); 286 | 287 | /* Scan forward to the point at which the new 'le' should be inserted. */ 288 | le = al_find_le_to_insert(ni, type, name, name_len, svcn); 289 | off = PtrOffset(al->le, le); 290 | 291 | if (new_size > asize) { 292 | void *ptr = ntfs_malloc(new_asize); 293 | 294 | if (!ptr) 295 | return -ENOMEM; 296 | 297 | memcpy(ptr, al->le, off); 298 | memcpy(Add2Ptr(ptr, off + sz), le, al->size - off); 299 | le = Add2Ptr(ptr, off); 300 | ntfs_free(al->le); 301 | al->le = ptr; 302 | } else { 303 | memmove(Add2Ptr(le, sz), le, al->size - off); 304 | } 305 | 306 | al->size = new_size; 307 | 308 | le->type = type; 309 | le->size = cpu_to_le16(sz); 310 | le->name_len = name_len; 311 | le->name_off = offsetof(struct ATTR_LIST_ENTRY, name); 312 | le->vcn = cpu_to_le64(svcn); 313 | le->ref = *ref; 314 | le->id = id; 315 | memcpy(le->name, name, sizeof(short) * name_len); 316 | 317 | al->dirty = true; 318 | 319 | err = attr_set_size(ni, ATTR_LIST, NULL, 0, &al->run, new_size, 320 | &new_size, true, &attr); 321 | if (err) 322 | return err; 323 | 324 | if (attr && attr->non_res) { 325 | err = ntfs_sb_write_run(ni->mi.sbi, &al->run, 0, al->le, 326 | al->size); 327 | if (err) 328 | return err; 329 | } 330 | 331 | al->dirty = false; 332 | *new_le = le; 333 | 334 | return 0; 335 | } 336 | 337 | /* 338 | * al_remove_le 339 | * 340 | * removes 'le' from attribute list 341 | */ 342 | bool al_remove_le(struct ntfs_inode *ni, struct ATTR_LIST_ENTRY *le) 343 | { 344 | u16 size; 345 | size_t off; 346 | typeof(ni->attr_list) *al = &ni->attr_list; 347 | 348 | if (!al_is_valid_le(ni, le)) 349 | return false; 350 | 351 | /* Save on stack the size of 'le' */ 352 | size = le16_to_cpu(le->size); 353 | off = PtrOffset(al->le, le); 354 | 355 | memmove(le, Add2Ptr(le, size), al->size - (off + size)); 356 | 357 | al->size -= size; 358 | al->dirty = true; 359 | 360 | return true; 361 | } 362 | 363 | /* 364 | * al_delete_le 365 | * 366 | * deletes from the list the first 'le' which matches its parameters. 367 | */ 368 | bool al_delete_le(struct ntfs_inode *ni, enum ATTR_TYPE type, CLST vcn, 369 | const __le16 *name, size_t name_len, 370 | const struct MFT_REF *ref) 371 | { 372 | u16 size; 373 | struct ATTR_LIST_ENTRY *le; 374 | size_t off; 375 | typeof(ni->attr_list) *al = &ni->attr_list; 376 | 377 | /* Scan forward to the first 'le' that matches the input */ 378 | le = al_find_ex(ni, NULL, type, name, name_len, &vcn); 379 | if (!le) 380 | return false; 381 | 382 | off = PtrOffset(al->le, le); 383 | 384 | next: 385 | if (off >= al->size) 386 | return false; 387 | if (le->type != type) 388 | return false; 389 | if (le->name_len != name_len) 390 | return false; 391 | if (name_len && ntfs_cmp_names(le_name(le), name_len, name, name_len, 392 | ni->mi.sbi->upcase, true)) 393 | return false; 394 | if (le64_to_cpu(le->vcn) != vcn) 395 | return false; 396 | 397 | /* 398 | * The caller specified a segment reference, so we have to 399 | * scan through the matching entries until we find that segment 400 | * reference or we run of matching entries. 401 | */ 402 | if (ref && memcmp(ref, &le->ref, sizeof(*ref))) { 403 | off += le16_to_cpu(le->size); 404 | le = Add2Ptr(al->le, off); 405 | goto next; 406 | } 407 | 408 | /* Save on stack the size of 'le' */ 409 | size = le16_to_cpu(le->size); 410 | /* Delete 'le'. */ 411 | memmove(le, Add2Ptr(le, size), al->size - (off + size)); 412 | 413 | al->size -= size; 414 | al->dirty = true; 415 | 416 | return true; 417 | } 418 | 419 | /* 420 | * al_update 421 | */ 422 | int al_update(struct ntfs_inode *ni) 423 | { 424 | int err; 425 | struct ATTRIB *attr; 426 | typeof(ni->attr_list) *al = &ni->attr_list; 427 | 428 | if (!al->dirty || !al->size) 429 | return 0; 430 | 431 | /* 432 | * attribute list increased on demand in al_add_le 433 | * attribute list decreased here 434 | */ 435 | err = attr_set_size(ni, ATTR_LIST, NULL, 0, &al->run, al->size, NULL, 436 | false, &attr); 437 | if (err) 438 | goto out; 439 | 440 | if (!attr->non_res) { 441 | memcpy(resident_data(attr), al->le, al->size); 442 | } else { 443 | err = ntfs_sb_write_run(ni->mi.sbi, &al->run, 0, al->le, 444 | al->size); 445 | if (err) 446 | goto out; 447 | 448 | attr->nres.valid_size = attr->nres.data_size; 449 | } 450 | 451 | ni->mi.dirty = true; 452 | al->dirty = false; 453 | 454 | out: 455 | return err; 456 | } 457 | -------------------------------------------------------------------------------- /bitfunc.c: -------------------------------------------------------------------------------- 1 | // SPDX-License-Identifier: GPL-2.0 2 | /* 3 | * 4 | * Copyright (C) 2019-2021 Paragon Software GmbH, All rights reserved. 5 | * 6 | */ 7 | #include 8 | #include 9 | #include 10 | #include 11 | 12 | #include "debug.h" 13 | #include "ntfs.h" 14 | #include "ntfs_fs.h" 15 | 16 | #define BITS_IN_SIZE_T (sizeof(size_t) * 8) 17 | 18 | /* 19 | * fill_mask[i] - first i bits are '1' , i = 0,1,2,3,4,5,6,7,8 20 | * fill_mask[i] = 0xFF >> (8-i) 21 | */ 22 | static const u8 fill_mask[] = { 0x00, 0x01, 0x03, 0x07, 0x0F, 23 | 0x1F, 0x3F, 0x7F, 0xFF }; 24 | 25 | /* 26 | * zero_mask[i] - first i bits are '0' , i = 0,1,2,3,4,5,6,7,8 27 | * zero_mask[i] = 0xFF << i 28 | */ 29 | static const u8 zero_mask[] = { 0xFF, 0xFE, 0xFC, 0xF8, 0xF0, 30 | 0xE0, 0xC0, 0x80, 0x00 }; 31 | 32 | /* 33 | * are_bits_clear 34 | * 35 | * Returns true if all bits [bit, bit+nbits) are zeros "0" 36 | */ 37 | bool are_bits_clear(const ulong *lmap, size_t bit, size_t nbits) 38 | { 39 | size_t pos = bit & 7; 40 | const u8 *map = (u8 *)lmap + (bit >> 3); 41 | 42 | if (pos) { 43 | if (8 - pos >= nbits) 44 | return !nbits || !(*map & fill_mask[pos + nbits] & 45 | zero_mask[pos]); 46 | 47 | if (*map++ & zero_mask[pos]) 48 | return false; 49 | nbits -= 8 - pos; 50 | } 51 | 52 | pos = ((size_t)map) & (sizeof(size_t) - 1); 53 | if (pos) { 54 | pos = sizeof(size_t) - pos; 55 | if (nbits >= pos * 8) { 56 | for (nbits -= pos * 8; pos; pos--, map++) { 57 | if (*map) 58 | return false; 59 | } 60 | } 61 | } 62 | 63 | for (pos = nbits / BITS_IN_SIZE_T; pos; pos--, map += sizeof(size_t)) { 64 | if (*((size_t *)map)) 65 | return false; 66 | } 67 | 68 | for (pos = (nbits % BITS_IN_SIZE_T) >> 3; pos; pos--, map++) { 69 | if (*map) 70 | return false; 71 | } 72 | 73 | pos = nbits & 7; 74 | if (pos && (*map & fill_mask[pos])) 75 | return false; 76 | 77 | // All bits are zero 78 | return true; 79 | } 80 | 81 | /* 82 | * are_bits_set 83 | * 84 | * Returns true if all bits [bit, bit+nbits) are ones "1" 85 | */ 86 | bool are_bits_set(const ulong *lmap, size_t bit, size_t nbits) 87 | { 88 | u8 mask; 89 | size_t pos = bit & 7; 90 | const u8 *map = (u8 *)lmap + (bit >> 3); 91 | 92 | if (pos) { 93 | if (8 - pos >= nbits) { 94 | mask = fill_mask[pos + nbits] & zero_mask[pos]; 95 | return !nbits || (*map & mask) == mask; 96 | } 97 | 98 | mask = zero_mask[pos]; 99 | if ((*map++ & mask) != mask) 100 | return false; 101 | nbits -= 8 - pos; 102 | } 103 | 104 | pos = ((size_t)map) & (sizeof(size_t) - 1); 105 | if (pos) { 106 | pos = sizeof(size_t) - pos; 107 | if (nbits >= pos * 8) { 108 | for (nbits -= pos * 8; pos; pos--, map++) { 109 | if (*map != 0xFF) 110 | return false; 111 | } 112 | } 113 | } 114 | 115 | for (pos = nbits / BITS_IN_SIZE_T; pos; pos--, map += sizeof(size_t)) { 116 | if (*((size_t *)map) != MINUS_ONE_T) 117 | return false; 118 | } 119 | 120 | for (pos = (nbits % BITS_IN_SIZE_T) >> 3; pos; pos--, map++) { 121 | if (*map != 0xFF) 122 | return false; 123 | } 124 | 125 | pos = nbits & 7; 126 | if (pos) { 127 | u8 mask = fill_mask[pos]; 128 | 129 | if ((*map & mask) != mask) 130 | return false; 131 | } 132 | 133 | // All bits are ones 134 | return true; 135 | } 136 | -------------------------------------------------------------------------------- /compat.h: -------------------------------------------------------------------------------- 1 | /* SPDX-License-Identifier: GPL-2.0 */ 2 | 3 | #ifndef __bitmap_set 4 | #define __bitmap_set(a, b, c) bitmap_set(a, b, c) 5 | #endif 6 | 7 | #ifndef __bitmap_clear 8 | #define __bitmap_clear(a, b, c) bitmap_clear(a, b, c) 9 | #endif 10 | 11 | /* 12 | * Copy from include/linux/compiler_attributes.h 13 | */ 14 | #ifndef __has_attribute 15 | #define __has_attribute(x) 0 16 | #endif 17 | 18 | #ifndef fallthrough 19 | #if __has_attribute(__fallthrough__) 20 | #define fallthrough __attribute__((__fallthrough__)) 21 | #else 22 | #define fallthrough do {} while (0) /* fallthrough */ 23 | #endif 24 | #endif 25 | 26 | /* 27 | * Copy from include/linux/build_bug.h 28 | */ 29 | #ifndef static_assert 30 | #define static_assert(expr, ...) __static_assert(expr, ##__VA_ARGS__, #expr) 31 | #define __static_assert(expr, msg, ...) _Static_assert(expr, msg) 32 | #endif 33 | 34 | /* 35 | * Copy from include/linux/overflow.h 36 | */ 37 | #ifndef struct_size 38 | #define struct_size(p, member, n) (sizeof(*(p)) + n * sizeof(*(p)->member)) 39 | #endif 40 | -------------------------------------------------------------------------------- /debug.h: -------------------------------------------------------------------------------- 1 | /* SPDX-License-Identifier: GPL-2.0 */ 2 | /* 3 | * 4 | * Copyright (C) 2019-2021 Paragon Software GmbH, All rights reserved. 5 | * 6 | * useful functions for debuging 7 | */ 8 | 9 | // clang-format off 10 | #ifndef Add2Ptr 11 | #define Add2Ptr(P, I) ((void *)((u8 *)(P) + (I))) 12 | #define PtrOffset(B, O) ((size_t)((size_t)(O) - (size_t)(B))) 13 | #endif 14 | 15 | #define QuadAlign(n) (((n) + 7u) & (~7u)) 16 | #define IsQuadAligned(n) (!((size_t)(n)&7u)) 17 | #define Quad2Align(n) (((n) + 15u) & (~15u)) 18 | #define IsQuad2Aligned(n) (!((size_t)(n)&15u)) 19 | #define Quad4Align(n) (((n) + 31u) & (~31u)) 20 | #define IsSizeTAligned(n) (!((size_t)(n) & (sizeof(size_t) - 1))) 21 | #define DwordAlign(n) (((n) + 3u) & (~3u)) 22 | #define IsDwordAligned(n) (!((size_t)(n)&3u)) 23 | #define WordAlign(n) (((n) + 1u) & (~1u)) 24 | #define IsWordAligned(n) (!((size_t)(n)&1u)) 25 | 26 | #ifdef CONFIG_PRINTK 27 | __printf(2, 3) 28 | void ntfs_printk(const struct super_block *sb, const char *fmt, ...); 29 | __printf(2, 3) 30 | void ntfs_inode_printk(struct inode *inode, const char *fmt, ...); 31 | #else 32 | static inline __printf(2, 3) 33 | void ntfs_printk(const struct super_block *sb, const char *fmt, ...) 34 | { 35 | } 36 | 37 | static inline __printf(2, 3) 38 | void ntfs_inode_printk(struct inode *inode, const char *fmt, ...) 39 | { 40 | } 41 | #endif 42 | 43 | /* 44 | * Logging macros ( thanks Joe Perches for implementation ) 45 | */ 46 | 47 | #define ntfs_err(sb, fmt, ...) ntfs_printk(sb, KERN_ERR fmt, ##__VA_ARGS__) 48 | #define ntfs_warn(sb, fmt, ...) ntfs_printk(sb, KERN_WARNING fmt, ##__VA_ARGS__) 49 | #define ntfs_info(sb, fmt, ...) ntfs_printk(sb, KERN_INFO fmt, ##__VA_ARGS__) 50 | #define ntfs_notice(sb, fmt, ...) \ 51 | ntfs_printk(sb, KERN_NOTICE fmt, ##__VA_ARGS__) 52 | 53 | #define ntfs_inode_err(inode, fmt, ...) \ 54 | ntfs_inode_printk(inode, KERN_ERR fmt, ##__VA_ARGS__) 55 | #define ntfs_inode_warn(inode, fmt, ...) \ 56 | ntfs_inode_printk(inode, KERN_WARNING fmt, ##__VA_ARGS__) 57 | 58 | #define ntfs_malloc(s) kmalloc(s, GFP_NOFS) 59 | #define ntfs_zalloc(s) kzalloc(s, GFP_NOFS) 60 | #define ntfs_vmalloc(s) kvmalloc(s, GFP_KERNEL) 61 | #define ntfs_free(p) kfree(p) 62 | #define ntfs_vfree(p) kvfree(p) 63 | #define ntfs_memdup(src, len) kmemdup(src, len, GFP_NOFS) 64 | // clang-format on 65 | -------------------------------------------------------------------------------- /dir.c: -------------------------------------------------------------------------------- 1 | // SPDX-License-Identifier: GPL-2.0 2 | /* 3 | * 4 | * Copyright (C) 2019-2021 Paragon Software GmbH, All rights reserved. 5 | * 6 | * directory handling functions for ntfs-based filesystems 7 | * 8 | */ 9 | #include 10 | #include 11 | #include 12 | #include 13 | #include 14 | 15 | #if LINUX_VERSION_CODE >= KERNEL_VERSION(4, 16, 0) 16 | #include 17 | #endif 18 | 19 | #include "debug.h" 20 | #include "ntfs.h" 21 | #include "ntfs_fs.h" 22 | 23 | /* 24 | * Convert little endian utf16 to nls string 25 | */ 26 | int ntfs_utf16_to_nls(struct ntfs_sb_info *sbi, const struct le_str *uni, 27 | u8 *buf, int buf_len) 28 | { 29 | int ret, uni_len, warn; 30 | const __le16 *ip; 31 | u8 *op; 32 | struct nls_table *nls = sbi->options.nls; 33 | 34 | static_assert(sizeof(wchar_t) == sizeof(__le16)); 35 | 36 | if (!nls) { 37 | /* utf16 -> utf8 */ 38 | ret = utf16s_to_utf8s((wchar_t *)uni->name, uni->len, 39 | UTF16_LITTLE_ENDIAN, buf, buf_len); 40 | buf[ret] = '\0'; 41 | return ret; 42 | } 43 | 44 | ip = uni->name; 45 | op = buf; 46 | uni_len = uni->len; 47 | warn = 0; 48 | 49 | while (uni_len--) { 50 | u16 ec; 51 | int charlen; 52 | char dump[5]; 53 | 54 | if (buf_len < NLS_MAX_CHARSET_SIZE) { 55 | ntfs_warn(sbi->sb, 56 | "filename was truncated while converting."); 57 | break; 58 | } 59 | 60 | ec = le16_to_cpu(*ip++); 61 | charlen = nls->uni2char(ec, op, buf_len); 62 | 63 | if (charlen > 0) { 64 | op += charlen; 65 | buf_len -= charlen; 66 | continue; 67 | } 68 | 69 | *op++ = '_'; 70 | buf_len -= 1; 71 | if (warn) 72 | continue; 73 | 74 | warn = 1; 75 | hex_byte_pack(&dump[0], ec >> 8); 76 | hex_byte_pack(&dump[2], ec); 77 | dump[4] = 0; 78 | 79 | ntfs_err(sbi->sb, "failed to convert \"%s\" to %s", dump, 80 | nls->charset); 81 | } 82 | 83 | *op = '\0'; 84 | return op - buf; 85 | } 86 | 87 | // clang-format off 88 | #define PLANE_SIZE 0x00010000 89 | 90 | #define SURROGATE_PAIR 0x0000d800 91 | #define SURROGATE_LOW 0x00000400 92 | #define SURROGATE_BITS 0x000003ff 93 | // clang-format on 94 | 95 | /* 96 | * modified version of put_utf16 from fs/nls/nls_base.c 97 | * is sparse warnings free 98 | */ 99 | static inline void put_utf16(wchar_t *s, unsigned int c, 100 | enum utf16_endian endian) 101 | { 102 | static_assert(sizeof(wchar_t) == sizeof(__le16)); 103 | static_assert(sizeof(wchar_t) == sizeof(__be16)); 104 | 105 | switch (endian) { 106 | default: 107 | *s = (wchar_t)c; 108 | break; 109 | case UTF16_LITTLE_ENDIAN: 110 | *(__le16 *)s = __cpu_to_le16(c); 111 | break; 112 | case UTF16_BIG_ENDIAN: 113 | *(__be16 *)s = __cpu_to_be16(c); 114 | break; 115 | } 116 | } 117 | 118 | /* 119 | * modified version of 'utf8s_to_utf16s' allows to 120 | * detect -ENAMETOOLONG without writing out of expected maximum 121 | */ 122 | static int _utf8s_to_utf16s(const u8 *s, int inlen, enum utf16_endian endian, 123 | wchar_t *pwcs, int maxout) 124 | { 125 | u16 *op; 126 | int size; 127 | unicode_t u; 128 | 129 | op = pwcs; 130 | while (inlen > 0 && *s) { 131 | if (*s & 0x80) { 132 | size = utf8_to_utf32(s, inlen, &u); 133 | if (size < 0) 134 | return -EINVAL; 135 | s += size; 136 | inlen -= size; 137 | 138 | if (u >= PLANE_SIZE) { 139 | if (maxout < 2) 140 | return -ENAMETOOLONG; 141 | 142 | u -= PLANE_SIZE; 143 | put_utf16(op++, 144 | SURROGATE_PAIR | 145 | ((u >> 10) & SURROGATE_BITS), 146 | endian); 147 | put_utf16(op++, 148 | SURROGATE_PAIR | SURROGATE_LOW | 149 | (u & SURROGATE_BITS), 150 | endian); 151 | maxout -= 2; 152 | } else { 153 | if (maxout < 1) 154 | return -ENAMETOOLONG; 155 | 156 | put_utf16(op++, u, endian); 157 | maxout--; 158 | } 159 | } else { 160 | if (maxout < 1) 161 | return -ENAMETOOLONG; 162 | 163 | put_utf16(op++, *s++, endian); 164 | inlen--; 165 | maxout--; 166 | } 167 | } 168 | return op - pwcs; 169 | } 170 | 171 | /* 172 | * Convert input string to utf16 173 | * 174 | * name, name_len - input name 175 | * uni, max_ulen - destination memory 176 | * endian - endian of target utf16 string 177 | * 178 | * This function is called: 179 | * - to create ntfs name 180 | * - to create symlink 181 | * 182 | * returns utf16 string length or error (if negative) 183 | */ 184 | int ntfs_nls_to_utf16(struct ntfs_sb_info *sbi, const u8 *name, u32 name_len, 185 | struct cpu_str *uni, u32 max_ulen, 186 | enum utf16_endian endian) 187 | { 188 | int ret, slen; 189 | const u8 *end; 190 | struct nls_table *nls = sbi->options.nls; 191 | u16 *uname = uni->name; 192 | 193 | static_assert(sizeof(wchar_t) == sizeof(u16)); 194 | 195 | if (!nls) { 196 | /* utf8 -> utf16 */ 197 | ret = _utf8s_to_utf16s(name, name_len, endian, uname, max_ulen); 198 | uni->len = ret; 199 | return ret; 200 | } 201 | 202 | for (ret = 0, end = name + name_len; name < end; ret++, name += slen) { 203 | if (ret >= max_ulen) 204 | return -ENAMETOOLONG; 205 | 206 | slen = nls->char2uni(name, end - name, uname + ret); 207 | if (!slen) 208 | return -EINVAL; 209 | if (slen < 0) 210 | return slen; 211 | } 212 | 213 | #ifdef __BIG_ENDIAN 214 | if (endian == UTF16_LITTLE_ENDIAN) { 215 | int i = ret; 216 | 217 | while (i--) { 218 | __cpu_to_le16s(uname); 219 | uname++; 220 | } 221 | } 222 | #else 223 | if (endian == UTF16_BIG_ENDIAN) { 224 | int i = ret; 225 | 226 | while (i--) { 227 | __cpu_to_be16s(uname); 228 | uname++; 229 | } 230 | } 231 | #endif 232 | 233 | uni->len = ret; 234 | return ret; 235 | } 236 | 237 | /* helper function */ 238 | struct inode *dir_search_u(struct inode *dir, const struct cpu_str *uni, 239 | struct ntfs_fnd *fnd) 240 | { 241 | int err = 0; 242 | struct super_block *sb = dir->i_sb; 243 | struct ntfs_sb_info *sbi = sb->s_fs_info; 244 | struct ntfs_inode *ni = ntfs_i(dir); 245 | struct NTFS_DE *e; 246 | int diff; 247 | struct inode *inode = NULL; 248 | struct ntfs_fnd *fnd_a = NULL; 249 | 250 | if (!fnd) { 251 | fnd_a = fnd_get(); 252 | if (!fnd_a) { 253 | err = -ENOMEM; 254 | goto out; 255 | } 256 | fnd = fnd_a; 257 | } 258 | 259 | err = indx_find(&ni->dir, ni, NULL, uni, 0, sbi, &diff, &e, fnd); 260 | 261 | if (err) 262 | goto out; 263 | 264 | if (diff) { 265 | err = -ENOENT; 266 | goto out; 267 | } 268 | 269 | inode = ntfs_iget5(sb, &e->ref, uni); 270 | if (!IS_ERR(inode) && is_bad_inode(inode)) { 271 | iput(inode); 272 | err = -EINVAL; 273 | } 274 | out: 275 | fnd_put(fnd_a); 276 | 277 | return err == -ENOENT ? NULL : err ? ERR_PTR(err) : inode; 278 | } 279 | 280 | static inline int ntfs_filldir(struct ntfs_sb_info *sbi, struct ntfs_inode *ni, 281 | const struct NTFS_DE *e, u8 *name, 282 | struct dir_context *ctx) 283 | { 284 | const struct ATTR_FILE_NAME *fname; 285 | unsigned long ino; 286 | int name_len; 287 | u32 dt_type; 288 | 289 | fname = Add2Ptr(e, sizeof(struct NTFS_DE)); 290 | 291 | if (fname->type == FILE_NAME_DOS) 292 | return 0; 293 | 294 | if (!mi_is_ref(&ni->mi, &fname->home)) 295 | return 0; 296 | 297 | ino = ino_get(&e->ref); 298 | 299 | if (ino == MFT_REC_ROOT) 300 | return 0; 301 | 302 | /* Skip meta files ( unless option to show metafiles is set ) */ 303 | if (!sbi->options.showmeta && ntfs_is_meta_file(sbi, ino)) 304 | return 0; 305 | 306 | if (sbi->options.nohidden && (fname->dup.fa & FILE_ATTRIBUTE_HIDDEN)) 307 | return 0; 308 | 309 | name_len = ntfs_utf16_to_nls(sbi, (struct le_str *)&fname->name_len, 310 | name, PATH_MAX); 311 | if (name_len <= 0) { 312 | ntfs_warn(sbi->sb, "failed to convert name for inode %lx.", 313 | ino); 314 | return 0; 315 | } 316 | 317 | dt_type = (fname->dup.fa & FILE_ATTRIBUTE_DIRECTORY) ? DT_DIR : DT_REG; 318 | 319 | return !dir_emit(ctx, (s8 *)name, name_len, ino, dt_type); 320 | } 321 | 322 | /* 323 | * ntfs_read_hdr 324 | * 325 | * helper function 'ntfs_readdir' 326 | */ 327 | static int ntfs_read_hdr(struct ntfs_sb_info *sbi, struct ntfs_inode *ni, 328 | const struct INDEX_HDR *hdr, u64 vbo, u64 pos, 329 | u8 *name, struct dir_context *ctx) 330 | { 331 | int err; 332 | const struct NTFS_DE *e; 333 | u32 e_size; 334 | u32 end = le32_to_cpu(hdr->used); 335 | u32 off = le32_to_cpu(hdr->de_off); 336 | 337 | for (;; off += e_size) { 338 | if (off + sizeof(struct NTFS_DE) > end) 339 | return -1; 340 | 341 | e = Add2Ptr(hdr, off); 342 | e_size = le16_to_cpu(e->size); 343 | if (e_size < sizeof(struct NTFS_DE) || off + e_size > end) 344 | return -1; 345 | 346 | if (de_is_last(e)) 347 | return 0; 348 | 349 | /* Skip already enumerated*/ 350 | if (vbo + off < pos) 351 | continue; 352 | 353 | if (le16_to_cpu(e->key_size) < SIZEOF_ATTRIBUTE_FILENAME) 354 | return -1; 355 | 356 | ctx->pos = vbo + off; 357 | 358 | /* Submit the name to the filldir callback. */ 359 | err = ntfs_filldir(sbi, ni, e, name, ctx); 360 | if (err) 361 | return err; 362 | } 363 | } 364 | 365 | /* 366 | * file_operations::iterate_shared 367 | * 368 | * Use non sorted enumeration. 369 | * We have an example of broken volume where sorted enumeration 370 | * counts each name twice 371 | */ 372 | static int ntfs_readdir(struct file *file, struct dir_context *ctx) 373 | { 374 | const struct INDEX_ROOT *root; 375 | u64 vbo; 376 | size_t bit; 377 | loff_t eod; 378 | int err = 0; 379 | struct inode *dir = file_inode(file); 380 | struct ntfs_inode *ni = ntfs_i(dir); 381 | struct super_block *sb = dir->i_sb; 382 | struct ntfs_sb_info *sbi = sb->s_fs_info; 383 | loff_t i_size = i_size_read(dir); 384 | u32 pos = ctx->pos; 385 | u8 *name = NULL; 386 | struct indx_node *node = NULL; 387 | u8 index_bits = ni->dir.index_bits; 388 | 389 | /* name is a buffer of PATH_MAX length */ 390 | static_assert(NTFS_NAME_LEN * 4 < PATH_MAX); 391 | 392 | eod = i_size + sbi->record_size; 393 | 394 | if (pos >= eod) 395 | return 0; 396 | 397 | if (!dir_emit_dots(file, ctx)) 398 | return 0; 399 | 400 | /* allocate PATH_MAX bytes */ 401 | name = __getname(); 402 | if (!name) 403 | return -ENOMEM; 404 | 405 | if (!ni->mi_loaded && ni->attr_list.size) { 406 | /* 407 | * directory inode is locked for read 408 | * load all subrecords to avoid 'write' access to 'ni' during 409 | * directory reading 410 | */ 411 | ni_lock(ni); 412 | if (!ni->mi_loaded && ni->attr_list.size) { 413 | err = ni_load_all_mi(ni); 414 | if (!err) 415 | ni->mi_loaded = true; 416 | } 417 | ni_unlock(ni); 418 | if (err) 419 | goto out; 420 | } 421 | 422 | root = indx_get_root(&ni->dir, ni, NULL, NULL); 423 | if (!root) { 424 | err = -EINVAL; 425 | goto out; 426 | } 427 | 428 | if (pos >= sbi->record_size) { 429 | bit = (pos - sbi->record_size) >> index_bits; 430 | } else { 431 | err = ntfs_read_hdr(sbi, ni, &root->ihdr, 0, pos, name, ctx); 432 | if (err) 433 | goto out; 434 | bit = 0; 435 | } 436 | 437 | if (!i_size) { 438 | ctx->pos = eod; 439 | goto out; 440 | } 441 | 442 | for (;;) { 443 | vbo = (u64)bit << index_bits; 444 | if (vbo >= i_size) { 445 | ctx->pos = eod; 446 | goto out; 447 | } 448 | 449 | err = indx_used_bit(&ni->dir, ni, &bit); 450 | if (err) 451 | goto out; 452 | 453 | if (bit == MINUS_ONE_T) { 454 | ctx->pos = eod; 455 | goto out; 456 | } 457 | 458 | vbo = (u64)bit << index_bits; 459 | if (vbo >= i_size) { 460 | ntfs_inode_err(dir, "Looks like your dir is corrupt"); 461 | err = -EINVAL; 462 | goto out; 463 | } 464 | 465 | err = indx_read(&ni->dir, ni, bit << ni->dir.idx2vbn_bits, 466 | &node); 467 | if (err) 468 | goto out; 469 | 470 | err = ntfs_read_hdr(sbi, ni, &node->index->ihdr, 471 | vbo + sbi->record_size, pos, name, ctx); 472 | if (err) 473 | goto out; 474 | 475 | bit += 1; 476 | } 477 | 478 | out: 479 | 480 | __putname(name); 481 | put_indx_node(node); 482 | 483 | if (err == -ENOENT) { 484 | err = 0; 485 | ctx->pos = pos; 486 | } 487 | 488 | return err; 489 | } 490 | 491 | static int ntfs_dir_count(struct inode *dir, bool *is_empty, size_t *dirs, 492 | size_t *files) 493 | { 494 | int err = 0; 495 | struct ntfs_inode *ni = ntfs_i(dir); 496 | struct NTFS_DE *e = NULL; 497 | struct INDEX_ROOT *root; 498 | struct INDEX_HDR *hdr; 499 | const struct ATTR_FILE_NAME *fname; 500 | u32 e_size, off, end; 501 | u64 vbo = 0; 502 | size_t drs = 0, fles = 0, bit = 0; 503 | loff_t i_size = ni->vfs_inode.i_size; 504 | struct indx_node *node = NULL; 505 | u8 index_bits = ni->dir.index_bits; 506 | 507 | if (is_empty) 508 | *is_empty = true; 509 | 510 | root = indx_get_root(&ni->dir, ni, NULL, NULL); 511 | if (!root) 512 | return -EINVAL; 513 | 514 | hdr = &root->ihdr; 515 | 516 | for (;;) { 517 | end = le32_to_cpu(hdr->used); 518 | off = le32_to_cpu(hdr->de_off); 519 | 520 | for (; off + sizeof(struct NTFS_DE) <= end; off += e_size) { 521 | e = Add2Ptr(hdr, off); 522 | e_size = le16_to_cpu(e->size); 523 | if (e_size < sizeof(struct NTFS_DE) || 524 | off + e_size > end) 525 | break; 526 | 527 | if (de_is_last(e)) 528 | break; 529 | 530 | fname = de_get_fname(e); 531 | if (!fname) 532 | continue; 533 | 534 | if (fname->type == FILE_NAME_DOS) 535 | continue; 536 | 537 | if (is_empty) { 538 | *is_empty = false; 539 | if (!dirs && !files) 540 | goto out; 541 | } 542 | 543 | if (fname->dup.fa & FILE_ATTRIBUTE_DIRECTORY) 544 | drs += 1; 545 | else 546 | fles += 1; 547 | } 548 | 549 | if (vbo >= i_size) 550 | goto out; 551 | 552 | err = indx_used_bit(&ni->dir, ni, &bit); 553 | if (err) 554 | goto out; 555 | 556 | if (bit == MINUS_ONE_T) 557 | goto out; 558 | 559 | vbo = (u64)bit << index_bits; 560 | if (vbo >= i_size) 561 | goto out; 562 | 563 | err = indx_read(&ni->dir, ni, bit << ni->dir.idx2vbn_bits, 564 | &node); 565 | if (err) 566 | goto out; 567 | 568 | hdr = &node->index->ihdr; 569 | bit += 1; 570 | vbo = (u64)bit << ni->dir.idx2vbn_bits; 571 | } 572 | 573 | out: 574 | put_indx_node(node); 575 | if (dirs) 576 | *dirs = drs; 577 | if (files) 578 | *files = fles; 579 | 580 | return err; 581 | } 582 | 583 | bool dir_is_empty(struct inode *dir) 584 | { 585 | bool is_empty = false; 586 | 587 | ntfs_dir_count(dir, &is_empty, NULL, NULL); 588 | 589 | return is_empty; 590 | } 591 | 592 | const struct file_operations ntfs_dir_operations = { 593 | .llseek = generic_file_llseek, 594 | .read = generic_read_dir, 595 | .iterate_shared = ntfs_readdir, 596 | .fsync = generic_file_fsync, 597 | .open = ntfs_file_open, 598 | }; 599 | -------------------------------------------------------------------------------- /frecord.c: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/LGA1150/ntfs3-oot/46d199e7d7302879b23ad20097ba53b152257288/frecord.c -------------------------------------------------------------------------------- /lib/decompress_common.c: -------------------------------------------------------------------------------- 1 | // SPDX-License-Identifier: GPL-2.0-or-later 2 | /* 3 | * decompress_common.c - Code shared by the XPRESS and LZX decompressors 4 | * 5 | * Copyright (C) 2015 Eric Biggers 6 | * 7 | * This program is free software: you can redistribute it and/or modify it under 8 | * the terms of the GNU General Public License as published by the Free Software 9 | * Foundation, either version 2 of the License, or (at your option) any later 10 | * version. 11 | * 12 | * This program is distributed in the hope that it will be useful, but WITHOUT 13 | * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS 14 | * FOR A PARTICULAR PURPOSE. See the GNU General Public License for more 15 | * details. 16 | * 17 | * You should have received a copy of the GNU General Public License along with 18 | * this program. If not, see . 19 | */ 20 | 21 | #include "decompress_common.h" 22 | 23 | /* 24 | * make_huffman_decode_table() - 25 | * 26 | * Build a decoding table for a canonical prefix code, or "Huffman code". 27 | * 28 | * This is an internal function, not part of the library API! 29 | * 30 | * This takes as input the length of the codeword for each symbol in the 31 | * alphabet and produces as output a table that can be used for fast 32 | * decoding of prefix-encoded symbols using read_huffsym(). 33 | * 34 | * Strictly speaking, a canonical prefix code might not be a Huffman 35 | * code. But this algorithm will work either way; and in fact, since 36 | * Huffman codes are defined in terms of symbol frequencies, there is no 37 | * way for the decompressor to know whether the code is a true Huffman 38 | * code or not until all symbols have been decoded. 39 | * 40 | * Because the prefix code is assumed to be "canonical", it can be 41 | * reconstructed directly from the codeword lengths. A prefix code is 42 | * canonical if and only if a longer codeword never lexicographically 43 | * precedes a shorter codeword, and the lexicographic ordering of 44 | * codewords of the same length is the same as the lexicographic ordering 45 | * of the corresponding symbols. Consequently, we can sort the symbols 46 | * primarily by codeword length and secondarily by symbol value, then 47 | * reconstruct the prefix code by generating codewords lexicographically 48 | * in that order. 49 | * 50 | * This function does not, however, generate the prefix code explicitly. 51 | * Instead, it directly builds a table for decoding symbols using the 52 | * code. The basic idea is this: given the next 'max_codeword_len' bits 53 | * in the input, we can look up the decoded symbol by indexing a table 54 | * containing 2**max_codeword_len entries. A codeword with length 55 | * 'max_codeword_len' will have exactly one entry in this table, whereas 56 | * a codeword shorter than 'max_codeword_len' will have multiple entries 57 | * in this table. Precisely, a codeword of length n will be represented 58 | * by 2**(max_codeword_len - n) entries in this table. The 0-based index 59 | * of each such entry will contain the corresponding codeword as a prefix 60 | * when zero-padded on the left to 'max_codeword_len' binary digits. 61 | * 62 | * That's the basic idea, but we implement two optimizations regarding 63 | * the format of the decode table itself: 64 | * 65 | * - For many compression formats, the maximum codeword length is too 66 | * long for it to be efficient to build the full decoding table 67 | * whenever a new prefix code is used. Instead, we can build the table 68 | * using only 2**table_bits entries, where 'table_bits' is some number 69 | * less than or equal to 'max_codeword_len'. Then, only codewords of 70 | * length 'table_bits' and shorter can be directly looked up. For 71 | * longer codewords, the direct lookup instead produces the root of a 72 | * binary tree. Using this tree, the decoder can do traditional 73 | * bit-by-bit decoding of the remainder of the codeword. Child nodes 74 | * are allocated in extra entries at the end of the table; leaf nodes 75 | * contain symbols. Note that the long-codeword case is, in general, 76 | * not performance critical, since in Huffman codes the most frequently 77 | * used symbols are assigned the shortest codeword lengths. 78 | * 79 | * - When we decode a symbol using a direct lookup of the table, we still 80 | * need to know its length so that the bitstream can be advanced by the 81 | * appropriate number of bits. The simple solution is to simply retain 82 | * the 'lens' array and use the decoded symbol as an index into it. 83 | * However, this requires two separate array accesses in the fast path. 84 | * The optimization is to store the length directly in the decode 85 | * table. We use the bottom 11 bits for the symbol and the top 5 bits 86 | * for the length. In addition, to combine this optimization with the 87 | * previous one, we introduce a special case where the top 2 bits of 88 | * the length are both set if the entry is actually the root of a 89 | * binary tree. 90 | * 91 | * @decode_table: 92 | * The array in which to create the decoding table. This must have 93 | * a length of at least ((2**table_bits) + 2 * num_syms) entries. 94 | * 95 | * @num_syms: 96 | * The number of symbols in the alphabet; also, the length of the 97 | * 'lens' array. Must be less than or equal to 2048. 98 | * 99 | * @table_bits: 100 | * The order of the decode table size, as explained above. Must be 101 | * less than or equal to 13. 102 | * 103 | * @lens: 104 | * An array of length @num_syms, indexable by symbol, that gives the 105 | * length of the codeword, in bits, for that symbol. The length can 106 | * be 0, which means that the symbol does not have a codeword 107 | * assigned. 108 | * 109 | * @max_codeword_len: 110 | * The longest codeword length allowed in the compression format. 111 | * All entries in 'lens' must be less than or equal to this value. 112 | * This must be less than or equal to 23. 113 | * 114 | * @working_space 115 | * A temporary array of length '2 * (max_codeword_len + 1) + 116 | * num_syms'. 117 | * 118 | * Returns 0 on success, or -1 if the lengths do not form a valid prefix 119 | * code. 120 | */ 121 | int make_huffman_decode_table(u16 decode_table[], const u32 num_syms, 122 | const u32 table_bits, const u8 lens[], 123 | const u32 max_codeword_len, 124 | u16 working_space[]) 125 | { 126 | const u32 table_num_entries = 1 << table_bits; 127 | u16 * const len_counts = &working_space[0]; 128 | u16 * const offsets = &working_space[1 * (max_codeword_len + 1)]; 129 | u16 * const sorted_syms = &working_space[2 * (max_codeword_len + 1)]; 130 | int left; 131 | void *decode_table_ptr; 132 | u32 sym_idx; 133 | u32 codeword_len; 134 | u32 stores_per_loop; 135 | u32 decode_table_pos; 136 | u32 len; 137 | u32 sym; 138 | 139 | /* Count how many symbols have each possible codeword length. 140 | * Note that a length of 0 indicates the corresponding symbol is not 141 | * used in the code and therefore does not have a codeword. 142 | */ 143 | for (len = 0; len <= max_codeword_len; len++) 144 | len_counts[len] = 0; 145 | for (sym = 0; sym < num_syms; sym++) 146 | len_counts[lens[sym]]++; 147 | 148 | /* We can assume all lengths are <= max_codeword_len, but we 149 | * cannot assume they form a valid prefix code. A codeword of 150 | * length n should require a proportion of the codespace equaling 151 | * (1/2)^n. The code is valid if and only if the codespace is 152 | * exactly filled by the lengths, by this measure. 153 | */ 154 | left = 1; 155 | for (len = 1; len <= max_codeword_len; len++) { 156 | left <<= 1; 157 | left -= len_counts[len]; 158 | if (left < 0) { 159 | /* The lengths overflow the codespace; that is, the code 160 | * is over-subscribed. 161 | */ 162 | return -1; 163 | } 164 | } 165 | 166 | if (left) { 167 | /* The lengths do not fill the codespace; that is, they form an 168 | * incomplete set. 169 | */ 170 | if (left == (1 << max_codeword_len)) { 171 | /* The code is completely empty. This is arguably 172 | * invalid, but in fact it is valid in LZX and XPRESS, 173 | * so we must allow it. By definition, no symbols can 174 | * be decoded with an empty code. Consequently, we 175 | * technically don't even need to fill in the decode 176 | * table. However, to avoid accessing uninitialized 177 | * memory if the algorithm nevertheless attempts to 178 | * decode symbols using such a code, we zero out the 179 | * decode table. 180 | */ 181 | memset(decode_table, 0, 182 | table_num_entries * sizeof(decode_table[0])); 183 | return 0; 184 | } 185 | return -1; 186 | } 187 | 188 | /* Sort the symbols primarily by length and secondarily by symbol order. 189 | */ 190 | 191 | /* Initialize 'offsets' so that offsets[len] for 1 <= len <= 192 | * max_codeword_len is the number of codewords shorter than 'len' bits. 193 | */ 194 | offsets[1] = 0; 195 | for (len = 1; len < max_codeword_len; len++) 196 | offsets[len + 1] = offsets[len] + len_counts[len]; 197 | 198 | /* Use the 'offsets' array to sort the symbols. Note that we do not 199 | * include symbols that are not used in the code. Consequently, fewer 200 | * than 'num_syms' entries in 'sorted_syms' may be filled. 201 | */ 202 | for (sym = 0; sym < num_syms; sym++) 203 | if (lens[sym]) 204 | sorted_syms[offsets[lens[sym]]++] = sym; 205 | 206 | /* Fill entries for codewords with length <= table_bits 207 | * --- that is, those short enough for a direct mapping. 208 | * 209 | * The table will start with entries for the shortest codeword(s), which 210 | * have the most entries. From there, the number of entries per 211 | * codeword will decrease. 212 | */ 213 | decode_table_ptr = decode_table; 214 | sym_idx = 0; 215 | codeword_len = 1; 216 | stores_per_loop = (1 << (table_bits - codeword_len)); 217 | for (; stores_per_loop != 0; codeword_len++, stores_per_loop >>= 1) { 218 | u32 end_sym_idx = sym_idx + len_counts[codeword_len]; 219 | 220 | for (; sym_idx < end_sym_idx; sym_idx++) { 221 | u16 entry; 222 | u16 *p; 223 | u32 n; 224 | 225 | entry = ((u32)codeword_len << 11) | sorted_syms[sym_idx]; 226 | p = (u16 *)decode_table_ptr; 227 | n = stores_per_loop; 228 | 229 | do { 230 | *p++ = entry; 231 | } while (--n); 232 | 233 | decode_table_ptr = p; 234 | } 235 | } 236 | 237 | /* If we've filled in the entire table, we are done. Otherwise, 238 | * there are codewords longer than table_bits for which we must 239 | * generate binary trees. 240 | */ 241 | decode_table_pos = (u16 *)decode_table_ptr - decode_table; 242 | if (decode_table_pos != table_num_entries) { 243 | u32 j; 244 | u32 next_free_tree_slot; 245 | u32 cur_codeword; 246 | 247 | /* First, zero out the remaining entries. This is 248 | * necessary so that these entries appear as 249 | * "unallocated" in the next part. Each of these entries 250 | * will eventually be filled with the representation of 251 | * the root node of a binary tree. 252 | */ 253 | j = decode_table_pos; 254 | do { 255 | decode_table[j] = 0; 256 | } while (++j != table_num_entries); 257 | 258 | /* We allocate child nodes starting at the end of the 259 | * direct lookup table. Note that there should be 260 | * 2*num_syms extra entries for this purpose, although 261 | * fewer than this may actually be needed. 262 | */ 263 | next_free_tree_slot = table_num_entries; 264 | 265 | /* Iterate through each codeword with length greater than 266 | * 'table_bits', primarily in order of codeword length 267 | * and secondarily in order of symbol. 268 | */ 269 | for (cur_codeword = decode_table_pos << 1; 270 | codeword_len <= max_codeword_len; 271 | codeword_len++, cur_codeword <<= 1) { 272 | u32 end_sym_idx = sym_idx + len_counts[codeword_len]; 273 | 274 | for (; sym_idx < end_sym_idx; sym_idx++, cur_codeword++) { 275 | /* 'sorted_sym' is the symbol represented by the 276 | * codeword. 277 | */ 278 | u32 sorted_sym = sorted_syms[sym_idx]; 279 | u32 extra_bits = codeword_len - table_bits; 280 | u32 node_idx = cur_codeword >> extra_bits; 281 | 282 | /* Go through each bit of the current codeword 283 | * beyond the prefix of length @table_bits and 284 | * walk the appropriate binary tree, allocating 285 | * any slots that have not yet been allocated. 286 | * 287 | * Note that the 'pointer' entry to the binary 288 | * tree, which is stored in the direct lookup 289 | * portion of the table, is represented 290 | * identically to other internal (non-leaf) 291 | * nodes of the binary tree; it can be thought 292 | * of as simply the root of the tree. The 293 | * representation of these internal nodes is 294 | * simply the index of the left child combined 295 | * with the special bits 0xC000 to distingush 296 | * the entry from direct mapping and leaf node 297 | * entries. 298 | */ 299 | do { 300 | /* At least one bit remains in the 301 | * codeword, but the current node is an 302 | * unallocated leaf. Change it to an 303 | * internal node. 304 | */ 305 | if (decode_table[node_idx] == 0) { 306 | decode_table[node_idx] = 307 | next_free_tree_slot | 0xC000; 308 | decode_table[next_free_tree_slot++] = 0; 309 | decode_table[next_free_tree_slot++] = 0; 310 | } 311 | 312 | /* Go to the left child if the next bit 313 | * in the codeword is 0; otherwise go to 314 | * the right child. 315 | */ 316 | node_idx = decode_table[node_idx] & 0x3FFF; 317 | --extra_bits; 318 | node_idx += (cur_codeword >> extra_bits) & 1; 319 | } while (extra_bits != 0); 320 | 321 | /* We've traversed the tree using the entire 322 | * codeword, and we're now at the entry where 323 | * the actual symbol will be stored. This is 324 | * distinguished from internal nodes by not 325 | * having its high two bits set. 326 | */ 327 | decode_table[node_idx] = sorted_sym; 328 | } 329 | } 330 | } 331 | return 0; 332 | } 333 | -------------------------------------------------------------------------------- /lib/decompress_common.h: -------------------------------------------------------------------------------- 1 | /* SPDX-License-Identifier: GPL-2.0-or-later */ 2 | 3 | /* 4 | * decompress_common.h - Code shared by the XPRESS and LZX decompressors 5 | * 6 | * Copyright (C) 2015 Eric Biggers 7 | * 8 | * This program is free software: you can redistribute it and/or modify it under 9 | * the terms of the GNU General Public License as published by the Free Software 10 | * Foundation, either version 2 of the License, or (at your option) any later 11 | * version. 12 | * 13 | * This program is distributed in the hope that it will be useful, but WITHOUT 14 | * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS 15 | * FOR A PARTICULAR PURPOSE. See the GNU General Public License for more 16 | * details. 17 | * 18 | * You should have received a copy of the GNU General Public License along with 19 | * this program. If not, see . 20 | */ 21 | 22 | #include 23 | #include 24 | #include 25 | #include 26 | #include 27 | 28 | 29 | /* "Force inline" macro (not required, but helpful for performance) */ 30 | #define forceinline __always_inline 31 | 32 | /* Enable whole-word match copying on selected architectures */ 33 | #if defined(__i386__) || defined(__x86_64__) || defined(__ARM_FEATURE_UNALIGNED) 34 | # define FAST_UNALIGNED_ACCESS 35 | #endif 36 | 37 | /* Size of a machine word */ 38 | #define WORDBYTES (sizeof(size_t)) 39 | 40 | static forceinline void 41 | copy_unaligned_word(const void *src, void *dst) 42 | { 43 | put_unaligned(get_unaligned((const size_t *)src), (size_t *)dst); 44 | } 45 | 46 | 47 | /* Generate a "word" with platform-dependent size whose bytes all contain the 48 | * value 'b'. 49 | */ 50 | static forceinline size_t repeat_byte(u8 b) 51 | { 52 | size_t v; 53 | 54 | v = b; 55 | v |= v << 8; 56 | v |= v << 16; 57 | v |= v << ((WORDBYTES == 8) ? 32 : 0); 58 | return v; 59 | } 60 | 61 | /* Structure that encapsulates a block of in-memory data being interpreted as a 62 | * stream of bits, optionally with interwoven literal bytes. Bits are assumed 63 | * to be stored in little endian 16-bit coding units, with the bits ordered high 64 | * to low. 65 | */ 66 | struct input_bitstream { 67 | 68 | /* Bits that have been read from the input buffer. The bits are 69 | * left-justified; the next bit is always bit 31. 70 | */ 71 | u32 bitbuf; 72 | 73 | /* Number of bits currently held in @bitbuf. */ 74 | u32 bitsleft; 75 | 76 | /* Pointer to the next byte to be retrieved from the input buffer. */ 77 | const u8 *next; 78 | 79 | /* Pointer to just past the end of the input buffer. */ 80 | const u8 *end; 81 | }; 82 | 83 | /* Initialize a bitstream to read from the specified input buffer. */ 84 | static forceinline void init_input_bitstream(struct input_bitstream *is, 85 | const void *buffer, u32 size) 86 | { 87 | is->bitbuf = 0; 88 | is->bitsleft = 0; 89 | is->next = buffer; 90 | is->end = is->next + size; 91 | } 92 | 93 | /* Ensure the bit buffer variable for the bitstream contains at least @num_bits 94 | * bits. Following this, bitstream_peek_bits() and/or bitstream_remove_bits() 95 | * may be called on the bitstream to peek or remove up to @num_bits bits. Note 96 | * that @num_bits must be <= 16. 97 | */ 98 | static forceinline void bitstream_ensure_bits(struct input_bitstream *is, 99 | u32 num_bits) 100 | { 101 | if (is->bitsleft < num_bits) { 102 | if (is->end - is->next >= 2) { 103 | is->bitbuf |= (u32)get_unaligned_le16(is->next) 104 | << (16 - is->bitsleft); 105 | is->next += 2; 106 | } 107 | is->bitsleft += 16; 108 | } 109 | } 110 | 111 | /* Return the next @num_bits bits from the bitstream, without removing them. 112 | * There must be at least @num_bits remaining in the buffer variable, from a 113 | * previous call to bitstream_ensure_bits(). 114 | */ 115 | static forceinline u32 116 | bitstream_peek_bits(const struct input_bitstream *is, const u32 num_bits) 117 | { 118 | return (is->bitbuf >> 1) >> (sizeof(is->bitbuf) * 8 - num_bits - 1); 119 | } 120 | 121 | /* Remove @num_bits from the bitstream. There must be at least @num_bits 122 | * remaining in the buffer variable, from a previous call to 123 | * bitstream_ensure_bits(). 124 | */ 125 | static forceinline void 126 | bitstream_remove_bits(struct input_bitstream *is, u32 num_bits) 127 | { 128 | is->bitbuf <<= num_bits; 129 | is->bitsleft -= num_bits; 130 | } 131 | 132 | /* Remove and return @num_bits bits from the bitstream. There must be at least 133 | * @num_bits remaining in the buffer variable, from a previous call to 134 | * bitstream_ensure_bits(). 135 | */ 136 | static forceinline u32 137 | bitstream_pop_bits(struct input_bitstream *is, u32 num_bits) 138 | { 139 | u32 bits = bitstream_peek_bits(is, num_bits); 140 | 141 | bitstream_remove_bits(is, num_bits); 142 | return bits; 143 | } 144 | 145 | /* Read and return the next @num_bits bits from the bitstream. */ 146 | static forceinline u32 147 | bitstream_read_bits(struct input_bitstream *is, u32 num_bits) 148 | { 149 | bitstream_ensure_bits(is, num_bits); 150 | return bitstream_pop_bits(is, num_bits); 151 | } 152 | 153 | /* Read and return the next literal byte embedded in the bitstream. */ 154 | static forceinline u8 155 | bitstream_read_byte(struct input_bitstream *is) 156 | { 157 | if (unlikely(is->end == is->next)) 158 | return 0; 159 | return *is->next++; 160 | } 161 | 162 | /* Read and return the next 16-bit integer embedded in the bitstream. */ 163 | static forceinline u16 164 | bitstream_read_u16(struct input_bitstream *is) 165 | { 166 | u16 v; 167 | 168 | if (unlikely(is->end - is->next < 2)) 169 | return 0; 170 | v = get_unaligned_le16(is->next); 171 | is->next += 2; 172 | return v; 173 | } 174 | 175 | /* Read and return the next 32-bit integer embedded in the bitstream. */ 176 | static forceinline u32 177 | bitstream_read_u32(struct input_bitstream *is) 178 | { 179 | u32 v; 180 | 181 | if (unlikely(is->end - is->next < 4)) 182 | return 0; 183 | v = get_unaligned_le32(is->next); 184 | is->next += 4; 185 | return v; 186 | } 187 | 188 | /* Read into @dst_buffer an array of literal bytes embedded in the bitstream. 189 | * Return either a pointer to the byte past the last written, or NULL if the 190 | * read overflows the input buffer. 191 | */ 192 | static forceinline void *bitstream_read_bytes(struct input_bitstream *is, 193 | void *dst_buffer, size_t count) 194 | { 195 | if ((size_t)(is->end - is->next) < count) 196 | return NULL; 197 | memcpy(dst_buffer, is->next, count); 198 | is->next += count; 199 | return (u8 *)dst_buffer + count; 200 | } 201 | 202 | /* Align the input bitstream on a coding-unit boundary. */ 203 | static forceinline void bitstream_align(struct input_bitstream *is) 204 | { 205 | is->bitsleft = 0; 206 | is->bitbuf = 0; 207 | } 208 | 209 | extern int make_huffman_decode_table(u16 decode_table[], const u32 num_syms, 210 | const u32 num_bits, const u8 lens[], 211 | const u32 max_codeword_len, 212 | u16 working_space[]); 213 | 214 | 215 | /* Reads and returns the next Huffman-encoded symbol from a bitstream. If the 216 | * input data is exhausted, the Huffman symbol is decoded as if the missing bits 217 | * are all zeroes. 218 | */ 219 | static forceinline u32 read_huffsym(struct input_bitstream *istream, 220 | const u16 decode_table[], 221 | u32 table_bits, 222 | u32 max_codeword_len) 223 | { 224 | u32 entry; 225 | u32 key_bits; 226 | 227 | bitstream_ensure_bits(istream, max_codeword_len); 228 | 229 | /* Index the decode table by the next table_bits bits of the input. */ 230 | key_bits = bitstream_peek_bits(istream, table_bits); 231 | entry = decode_table[key_bits]; 232 | if (entry < 0xC000) { 233 | /* Fast case: The decode table directly provided the 234 | * symbol and codeword length. The low 11 bits are the 235 | * symbol, and the high 5 bits are the codeword length. 236 | */ 237 | bitstream_remove_bits(istream, entry >> 11); 238 | return entry & 0x7FF; 239 | } 240 | /* Slow case: The codeword for the symbol is longer than 241 | * table_bits, so the symbol does not have an entry 242 | * directly in the first (1 << table_bits) entries of the 243 | * decode table. Traverse the appropriate binary tree 244 | * bit-by-bit to decode the symbol. 245 | */ 246 | bitstream_remove_bits(istream, table_bits); 247 | do { 248 | key_bits = (entry & 0x3FFF) + bitstream_pop_bits(istream, 1); 249 | } while ((entry = decode_table[key_bits]) >= 0xC000); 250 | return entry; 251 | } 252 | 253 | /* 254 | * Copy an LZ77 match at (dst - offset) to dst. 255 | * 256 | * The length and offset must be already validated --- that is, (dst - offset) 257 | * can't underrun the output buffer, and (dst + length) can't overrun the output 258 | * buffer. Also, the length cannot be 0. 259 | * 260 | * @bufend points to the byte past the end of the output buffer. This function 261 | * won't write any data beyond this position. 262 | * 263 | * Returns dst + length. 264 | */ 265 | static forceinline u8 *lz_copy(u8 *dst, u32 length, u32 offset, const u8 *bufend, 266 | u32 min_length) 267 | { 268 | const u8 *src = dst - offset; 269 | 270 | /* 271 | * Try to copy one machine word at a time. On i386 and x86_64 this is 272 | * faster than copying one byte at a time, unless the data is 273 | * near-random and all the matches have very short lengths. Note that 274 | * since this requires unaligned memory accesses, it won't necessarily 275 | * be faster on every architecture. 276 | * 277 | * Also note that we might copy more than the length of the match. For 278 | * example, if a word is 8 bytes and the match is of length 5, then 279 | * we'll simply copy 8 bytes. This is okay as long as we don't write 280 | * beyond the end of the output buffer, hence the check for (bufend - 281 | * end >= WORDBYTES - 1). 282 | */ 283 | #ifdef FAST_UNALIGNED_ACCESS 284 | u8 * const end = dst + length; 285 | 286 | if (bufend - end >= (ptrdiff_t)(WORDBYTES - 1)) { 287 | 288 | if (offset >= WORDBYTES) { 289 | /* The source and destination words don't overlap. */ 290 | 291 | /* To improve branch prediction, one iteration of this 292 | * loop is unrolled. Most matches are short and will 293 | * fail the first check. But if that check passes, then 294 | * it becomes increasing likely that the match is long 295 | * and we'll need to continue copying. 296 | */ 297 | 298 | copy_unaligned_word(src, dst); 299 | src += WORDBYTES; 300 | dst += WORDBYTES; 301 | 302 | if (dst < end) { 303 | do { 304 | copy_unaligned_word(src, dst); 305 | src += WORDBYTES; 306 | dst += WORDBYTES; 307 | } while (dst < end); 308 | } 309 | return end; 310 | } else if (offset == 1) { 311 | 312 | /* Offset 1 matches are equivalent to run-length 313 | * encoding of the previous byte. This case is common 314 | * if the data contains many repeated bytes. 315 | */ 316 | size_t v = repeat_byte(*(dst - 1)); 317 | 318 | do { 319 | put_unaligned(v, (size_t *)dst); 320 | src += WORDBYTES; 321 | dst += WORDBYTES; 322 | } while (dst < end); 323 | return end; 324 | } 325 | /* 326 | * We don't bother with special cases for other 'offset < 327 | * WORDBYTES', which are usually rarer than 'offset == 1'. Extra 328 | * checks will just slow things down. Actually, it's possible 329 | * to handle all the 'offset < WORDBYTES' cases using the same 330 | * code, but it still becomes more complicated doesn't seem any 331 | * faster overall; it definitely slows down the more common 332 | * 'offset == 1' case. 333 | */ 334 | } 335 | #endif /* FAST_UNALIGNED_ACCESS */ 336 | 337 | /* Fall back to a bytewise copy. */ 338 | 339 | if (min_length >= 2) { 340 | *dst++ = *src++; 341 | length--; 342 | } 343 | if (min_length >= 3) { 344 | *dst++ = *src++; 345 | length--; 346 | } 347 | do { 348 | *dst++ = *src++; 349 | } while (--length); 350 | 351 | return dst; 352 | } 353 | -------------------------------------------------------------------------------- /lib/lib.h: -------------------------------------------------------------------------------- 1 | /* SPDX-License-Identifier: GPL-2.0-or-later */ 2 | /* 3 | * Adapted for linux kernel by Alexander Mamaev: 4 | * - remove implementations of get_unaligned_ 5 | * - assume GCC is always defined 6 | * - ISO C90 7 | * - linux kernel code style 8 | */ 9 | 10 | 11 | /* globals from xpress_decompress.c */ 12 | struct xpress_decompressor *xpress_allocate_decompressor(void); 13 | void xpress_free_decompressor(struct xpress_decompressor *d); 14 | int xpress_decompress(struct xpress_decompressor *__restrict d, 15 | const void *__restrict compressed_data, 16 | size_t compressed_size, 17 | void *__restrict uncompressed_data, 18 | size_t uncompressed_size); 19 | 20 | /* globals from lzx_decompress.c */ 21 | struct lzx_decompressor *lzx_allocate_decompressor(void); 22 | void lzx_free_decompressor(struct lzx_decompressor *d); 23 | int lzx_decompress(struct lzx_decompressor *__restrict d, 24 | const void *__restrict compressed_data, 25 | size_t compressed_size, void *__restrict uncompressed_data, 26 | size_t uncompressed_size); 27 | -------------------------------------------------------------------------------- /lib/lzx_decompress.c: -------------------------------------------------------------------------------- 1 | // SPDX-License-Identifier: GPL-2.0-or-later 2 | /* 3 | * lzx_decompress.c - A decompressor for the LZX compression format, which can 4 | * be used in "System Compressed" files. This is based on the code from wimlib. 5 | * This code only supports a window size (dictionary size) of 32768 bytes, since 6 | * this is the only size used in System Compression. 7 | * 8 | * Copyright (C) 2015 Eric Biggers 9 | * 10 | * This program is free software: you can redistribute it and/or modify it under 11 | * the terms of the GNU General Public License as published by the Free Software 12 | * Foundation, either version 2 of the License, or (at your option) any later 13 | * version. 14 | * 15 | * This program is distributed in the hope that it will be useful, but WITHOUT 16 | * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS 17 | * FOR A PARTICULAR PURPOSE. See the GNU General Public License for more 18 | * details. 19 | * 20 | * You should have received a copy of the GNU General Public License along with 21 | * this program. If not, see . 22 | */ 23 | 24 | #include "decompress_common.h" 25 | #include "lib.h" 26 | 27 | /* Number of literal byte values */ 28 | #define LZX_NUM_CHARS 256 29 | 30 | /* The smallest and largest allowed match lengths */ 31 | #define LZX_MIN_MATCH_LEN 2 32 | #define LZX_MAX_MATCH_LEN 257 33 | 34 | /* Number of distinct match lengths that can be represented */ 35 | #define LZX_NUM_LENS (LZX_MAX_MATCH_LEN - LZX_MIN_MATCH_LEN + 1) 36 | 37 | /* Number of match lengths for which no length symbol is required */ 38 | #define LZX_NUM_PRIMARY_LENS 7 39 | #define LZX_NUM_LEN_HEADERS (LZX_NUM_PRIMARY_LENS + 1) 40 | 41 | /* Valid values of the 3-bit block type field */ 42 | #define LZX_BLOCKTYPE_VERBATIM 1 43 | #define LZX_BLOCKTYPE_ALIGNED 2 44 | #define LZX_BLOCKTYPE_UNCOMPRESSED 3 45 | 46 | /* Number of offset slots for a window size of 32768 */ 47 | #define LZX_NUM_OFFSET_SLOTS 30 48 | 49 | /* Number of symbols in the main code for a window size of 32768 */ 50 | #define LZX_MAINCODE_NUM_SYMBOLS \ 51 | (LZX_NUM_CHARS + (LZX_NUM_OFFSET_SLOTS * LZX_NUM_LEN_HEADERS)) 52 | 53 | /* Number of symbols in the length code */ 54 | #define LZX_LENCODE_NUM_SYMBOLS (LZX_NUM_LENS - LZX_NUM_PRIMARY_LENS) 55 | 56 | /* Number of symbols in the precode */ 57 | #define LZX_PRECODE_NUM_SYMBOLS 20 58 | 59 | /* Number of bits in which each precode codeword length is represented */ 60 | #define LZX_PRECODE_ELEMENT_SIZE 4 61 | 62 | /* Number of low-order bits of each match offset that are entropy-encoded in 63 | * aligned offset blocks 64 | */ 65 | #define LZX_NUM_ALIGNED_OFFSET_BITS 3 66 | 67 | /* Number of symbols in the aligned offset code */ 68 | #define LZX_ALIGNEDCODE_NUM_SYMBOLS (1 << LZX_NUM_ALIGNED_OFFSET_BITS) 69 | 70 | /* Mask for the match offset bits that are entropy-encoded in aligned offset 71 | * blocks 72 | */ 73 | #define LZX_ALIGNED_OFFSET_BITMASK ((1 << LZX_NUM_ALIGNED_OFFSET_BITS) - 1) 74 | 75 | /* Number of bits in which each aligned offset codeword length is represented */ 76 | #define LZX_ALIGNEDCODE_ELEMENT_SIZE 3 77 | 78 | /* Maximum lengths (in bits) of the codewords in each Huffman code */ 79 | #define LZX_MAX_MAIN_CODEWORD_LEN 16 80 | #define LZX_MAX_LEN_CODEWORD_LEN 16 81 | #define LZX_MAX_PRE_CODEWORD_LEN ((1 << LZX_PRECODE_ELEMENT_SIZE) - 1) 82 | #define LZX_MAX_ALIGNED_CODEWORD_LEN ((1 << LZX_ALIGNEDCODE_ELEMENT_SIZE) - 1) 83 | 84 | /* The default "filesize" value used in pre/post-processing. In the LZX format 85 | * used in cabinet files this value must be given to the decompressor, whereas 86 | * in the LZX format used in WIM files and system-compressed files this value is 87 | * fixed at 12000000. 88 | */ 89 | #define LZX_DEFAULT_FILESIZE 12000000 90 | 91 | /* Assumed block size when the encoded block size begins with a 0 bit. */ 92 | #define LZX_DEFAULT_BLOCK_SIZE 32768 93 | 94 | /* Number of offsets in the recent (or "repeat") offsets queue. */ 95 | #define LZX_NUM_RECENT_OFFSETS 3 96 | 97 | /* These values are chosen for fast decompression. */ 98 | #define LZX_MAINCODE_TABLEBITS 11 99 | #define LZX_LENCODE_TABLEBITS 10 100 | #define LZX_PRECODE_TABLEBITS 6 101 | #define LZX_ALIGNEDCODE_TABLEBITS 7 102 | 103 | #define LZX_READ_LENS_MAX_OVERRUN 50 104 | 105 | /* Mapping: offset slot => first match offset that uses that offset slot. 106 | */ 107 | static const u32 lzx_offset_slot_base[LZX_NUM_OFFSET_SLOTS + 1] = { 108 | 0, 1, 2, 3, 4, /* 0 --- 4 */ 109 | 6, 8, 12, 16, 24, /* 5 --- 9 */ 110 | 32, 48, 64, 96, 128, /* 10 --- 14 */ 111 | 192, 256, 384, 512, 768, /* 15 --- 19 */ 112 | 1024, 1536, 2048, 3072, 4096, /* 20 --- 24 */ 113 | 6144, 8192, 12288, 16384, 24576, /* 25 --- 29 */ 114 | 32768, /* extra */ 115 | }; 116 | 117 | /* Mapping: offset slot => how many extra bits must be read and added to the 118 | * corresponding offset slot base to decode the match offset. 119 | */ 120 | static const u8 lzx_extra_offset_bits[LZX_NUM_OFFSET_SLOTS] = { 121 | 0, 0, 0, 0, 1, 122 | 1, 2, 2, 3, 3, 123 | 4, 4, 5, 5, 6, 124 | 6, 7, 7, 8, 8, 125 | 9, 9, 10, 10, 11, 126 | 11, 12, 12, 13, 13, 127 | }; 128 | 129 | /* Reusable heap-allocated memory for LZX decompression */ 130 | struct lzx_decompressor { 131 | 132 | /* Huffman decoding tables, and arrays that map symbols to codeword 133 | * lengths 134 | */ 135 | 136 | u16 maincode_decode_table[(1 << LZX_MAINCODE_TABLEBITS) + 137 | (LZX_MAINCODE_NUM_SYMBOLS * 2)]; 138 | u8 maincode_lens[LZX_MAINCODE_NUM_SYMBOLS + LZX_READ_LENS_MAX_OVERRUN]; 139 | 140 | 141 | u16 lencode_decode_table[(1 << LZX_LENCODE_TABLEBITS) + 142 | (LZX_LENCODE_NUM_SYMBOLS * 2)]; 143 | u8 lencode_lens[LZX_LENCODE_NUM_SYMBOLS + LZX_READ_LENS_MAX_OVERRUN]; 144 | 145 | 146 | u16 alignedcode_decode_table[(1 << LZX_ALIGNEDCODE_TABLEBITS) + 147 | (LZX_ALIGNEDCODE_NUM_SYMBOLS * 2)]; 148 | u8 alignedcode_lens[LZX_ALIGNEDCODE_NUM_SYMBOLS]; 149 | 150 | u16 precode_decode_table[(1 << LZX_PRECODE_TABLEBITS) + 151 | (LZX_PRECODE_NUM_SYMBOLS * 2)]; 152 | u8 precode_lens[LZX_PRECODE_NUM_SYMBOLS]; 153 | 154 | /* Temporary space for make_huffman_decode_table() */ 155 | u16 working_space[2 * (1 + LZX_MAX_MAIN_CODEWORD_LEN) + 156 | LZX_MAINCODE_NUM_SYMBOLS]; 157 | }; 158 | 159 | static void undo_e8_translation(void *target, s32 input_pos) 160 | { 161 | s32 abs_offset, rel_offset; 162 | 163 | abs_offset = get_unaligned_le32(target); 164 | if (abs_offset >= 0) { 165 | if (abs_offset < LZX_DEFAULT_FILESIZE) { 166 | /* "good translation" */ 167 | rel_offset = abs_offset - input_pos; 168 | put_unaligned_le32(rel_offset, target); 169 | } 170 | } else { 171 | if (abs_offset >= -input_pos) { 172 | /* "compensating translation" */ 173 | rel_offset = abs_offset + LZX_DEFAULT_FILESIZE; 174 | put_unaligned_le32(rel_offset, target); 175 | } 176 | } 177 | } 178 | 179 | /* 180 | * Undo the 'E8' preprocessing used in LZX. Before compression, the 181 | * uncompressed data was preprocessed by changing the targets of suspected x86 182 | * CALL instructions from relative offsets to absolute offsets. After 183 | * match/literal decoding, the decompressor must undo the translation. 184 | */ 185 | static void lzx_postprocess(u8 *data, u32 size) 186 | { 187 | /* 188 | * A worthwhile optimization is to push the end-of-buffer check into the 189 | * relatively rare E8 case. This is possible if we replace the last six 190 | * bytes of data with E8 bytes; then we are guaranteed to hit an E8 byte 191 | * before reaching end-of-buffer. In addition, this scheme guarantees 192 | * that no translation can begin following an E8 byte in the last 10 193 | * bytes because a 4-byte offset containing E8 as its high byte is a 194 | * large negative number that is not valid for translation. That is 195 | * exactly what we need. 196 | */ 197 | u8 *tail; 198 | u8 saved_bytes[6]; 199 | u8 *p; 200 | 201 | if (size <= 10) 202 | return; 203 | 204 | tail = &data[size - 6]; 205 | memcpy(saved_bytes, tail, 6); 206 | memset(tail, 0xE8, 6); 207 | p = data; 208 | for (;;) { 209 | while (*p != 0xE8) 210 | p++; 211 | if (p >= tail) 212 | break; 213 | undo_e8_translation(p + 1, p - data); 214 | p += 5; 215 | } 216 | memcpy(tail, saved_bytes, 6); 217 | } 218 | 219 | /* Read a Huffman-encoded symbol using the precode. */ 220 | static forceinline u32 read_presym(const struct lzx_decompressor *d, 221 | struct input_bitstream *is) 222 | { 223 | return read_huffsym(is, d->precode_decode_table, 224 | LZX_PRECODE_TABLEBITS, LZX_MAX_PRE_CODEWORD_LEN); 225 | } 226 | 227 | /* Read a Huffman-encoded symbol using the main code. */ 228 | static forceinline u32 read_mainsym(const struct lzx_decompressor *d, 229 | struct input_bitstream *is) 230 | { 231 | return read_huffsym(is, d->maincode_decode_table, 232 | LZX_MAINCODE_TABLEBITS, LZX_MAX_MAIN_CODEWORD_LEN); 233 | } 234 | 235 | /* Read a Huffman-encoded symbol using the length code. */ 236 | static forceinline u32 read_lensym(const struct lzx_decompressor *d, 237 | struct input_bitstream *is) 238 | { 239 | return read_huffsym(is, d->lencode_decode_table, 240 | LZX_LENCODE_TABLEBITS, LZX_MAX_LEN_CODEWORD_LEN); 241 | } 242 | 243 | /* Read a Huffman-encoded symbol using the aligned offset code. */ 244 | static forceinline u32 read_alignedsym(const struct lzx_decompressor *d, 245 | struct input_bitstream *is) 246 | { 247 | return read_huffsym(is, d->alignedcode_decode_table, 248 | LZX_ALIGNEDCODE_TABLEBITS, 249 | LZX_MAX_ALIGNED_CODEWORD_LEN); 250 | } 251 | 252 | /* 253 | * Read the precode from the compressed input bitstream, then use it to decode 254 | * @num_lens codeword length values. 255 | * 256 | * @is: The input bitstream. 257 | * 258 | * @lens: An array that contains the length values from the previous time 259 | * the codeword lengths for this Huffman code were read, or all 0's 260 | * if this is the first time. This array must have at least 261 | * (@num_lens + LZX_READ_LENS_MAX_OVERRUN) entries. 262 | * 263 | * @num_lens: Number of length values to decode. 264 | * 265 | * Returns 0 on success, or -1 if the data was invalid. 266 | */ 267 | static int lzx_read_codeword_lens(struct lzx_decompressor *d, 268 | struct input_bitstream *is, 269 | u8 *lens, u32 num_lens) 270 | { 271 | u8 *len_ptr = lens; 272 | u8 *lens_end = lens + num_lens; 273 | int i; 274 | 275 | /* Read the lengths of the precode codewords. These are given 276 | * explicitly. 277 | */ 278 | for (i = 0; i < LZX_PRECODE_NUM_SYMBOLS; i++) { 279 | d->precode_lens[i] = 280 | bitstream_read_bits(is, LZX_PRECODE_ELEMENT_SIZE); 281 | } 282 | 283 | /* Make the decoding table for the precode. */ 284 | if (make_huffman_decode_table(d->precode_decode_table, 285 | LZX_PRECODE_NUM_SYMBOLS, 286 | LZX_PRECODE_TABLEBITS, 287 | d->precode_lens, 288 | LZX_MAX_PRE_CODEWORD_LEN, 289 | d->working_space)) 290 | return -1; 291 | 292 | /* Decode the codeword lengths. */ 293 | do { 294 | u32 presym; 295 | u8 len; 296 | 297 | /* Read the next precode symbol. */ 298 | presym = read_presym(d, is); 299 | if (presym < 17) { 300 | /* Difference from old length */ 301 | len = *len_ptr - presym; 302 | if ((s8)len < 0) 303 | len += 17; 304 | *len_ptr++ = len; 305 | } else { 306 | /* Special RLE values */ 307 | 308 | u32 run_len; 309 | 310 | if (presym == 17) { 311 | /* Run of 0's */ 312 | run_len = 4 + bitstream_read_bits(is, 4); 313 | len = 0; 314 | } else if (presym == 18) { 315 | /* Longer run of 0's */ 316 | run_len = 20 + bitstream_read_bits(is, 5); 317 | len = 0; 318 | } else { 319 | /* Run of identical lengths */ 320 | run_len = 4 + bitstream_read_bits(is, 1); 321 | presym = read_presym(d, is); 322 | if (presym > 17) 323 | return -1; 324 | len = *len_ptr - presym; 325 | if ((s8)len < 0) 326 | len += 17; 327 | } 328 | 329 | do { 330 | *len_ptr++ = len; 331 | } while (--run_len); 332 | /* Worst case overrun is when presym == 18, 333 | * run_len == 20 + 31, and only 1 length was remaining. 334 | * So LZX_READ_LENS_MAX_OVERRUN == 50. 335 | * 336 | * Overrun while reading the first half of maincode_lens 337 | * can corrupt the previous values in the second half. 338 | * This doesn't really matter because the resulting 339 | * lengths will still be in range, and data that 340 | * generates overruns is invalid anyway. 341 | */ 342 | } 343 | } while (len_ptr < lens_end); 344 | 345 | return 0; 346 | } 347 | 348 | /* 349 | * Read the header of an LZX block and save the block type and (uncompressed) 350 | * size in *block_type_ret and *block_size_ret, respectively. 351 | * 352 | * If the block is compressed, also update the Huffman decode @tables with the 353 | * new Huffman codes. If the block is uncompressed, also update the match 354 | * offset @queue with the new match offsets. 355 | * 356 | * Return 0 on success, or -1 if the data was invalid. 357 | */ 358 | static int lzx_read_block_header(struct lzx_decompressor *d, 359 | struct input_bitstream *is, 360 | int *block_type_ret, 361 | u32 *block_size_ret, 362 | u32 recent_offsets[]) 363 | { 364 | int block_type; 365 | u32 block_size; 366 | int i; 367 | 368 | bitstream_ensure_bits(is, 4); 369 | 370 | /* The first three bits tell us what kind of block it is, and should be 371 | * one of the LZX_BLOCKTYPE_* values. 372 | */ 373 | block_type = bitstream_pop_bits(is, 3); 374 | 375 | /* Read the block size. */ 376 | if (bitstream_pop_bits(is, 1)) { 377 | block_size = LZX_DEFAULT_BLOCK_SIZE; 378 | } else { 379 | block_size = 0; 380 | block_size |= bitstream_read_bits(is, 8); 381 | block_size <<= 8; 382 | block_size |= bitstream_read_bits(is, 8); 383 | } 384 | 385 | switch (block_type) { 386 | 387 | case LZX_BLOCKTYPE_ALIGNED: 388 | 389 | /* Read the aligned offset code and prepare its decode table. 390 | */ 391 | 392 | for (i = 0; i < LZX_ALIGNEDCODE_NUM_SYMBOLS; i++) { 393 | d->alignedcode_lens[i] = 394 | bitstream_read_bits(is, 395 | LZX_ALIGNEDCODE_ELEMENT_SIZE); 396 | } 397 | 398 | if (make_huffman_decode_table(d->alignedcode_decode_table, 399 | LZX_ALIGNEDCODE_NUM_SYMBOLS, 400 | LZX_ALIGNEDCODE_TABLEBITS, 401 | d->alignedcode_lens, 402 | LZX_MAX_ALIGNED_CODEWORD_LEN, 403 | d->working_space)) 404 | return -1; 405 | 406 | /* Fall though, since the rest of the header for aligned offset 407 | * blocks is the same as that for verbatim blocks. 408 | */ 409 | fallthrough; 410 | 411 | case LZX_BLOCKTYPE_VERBATIM: 412 | 413 | /* Read the main code and prepare its decode table. 414 | * 415 | * Note that the codeword lengths in the main code are encoded 416 | * in two parts: one part for literal symbols, and one part for 417 | * match symbols. 418 | */ 419 | 420 | if (lzx_read_codeword_lens(d, is, d->maincode_lens, 421 | LZX_NUM_CHARS)) 422 | return -1; 423 | 424 | if (lzx_read_codeword_lens(d, is, 425 | d->maincode_lens + LZX_NUM_CHARS, 426 | LZX_MAINCODE_NUM_SYMBOLS - LZX_NUM_CHARS)) 427 | return -1; 428 | 429 | if (make_huffman_decode_table(d->maincode_decode_table, 430 | LZX_MAINCODE_NUM_SYMBOLS, 431 | LZX_MAINCODE_TABLEBITS, 432 | d->maincode_lens, 433 | LZX_MAX_MAIN_CODEWORD_LEN, 434 | d->working_space)) 435 | return -1; 436 | 437 | /* Read the length code and prepare its decode table. */ 438 | 439 | if (lzx_read_codeword_lens(d, is, d->lencode_lens, 440 | LZX_LENCODE_NUM_SYMBOLS)) 441 | return -1; 442 | 443 | if (make_huffman_decode_table(d->lencode_decode_table, 444 | LZX_LENCODE_NUM_SYMBOLS, 445 | LZX_LENCODE_TABLEBITS, 446 | d->lencode_lens, 447 | LZX_MAX_LEN_CODEWORD_LEN, 448 | d->working_space)) 449 | return -1; 450 | 451 | break; 452 | 453 | case LZX_BLOCKTYPE_UNCOMPRESSED: 454 | 455 | /* Before reading the three recent offsets from the uncompressed 456 | * block header, the stream must be aligned on a 16-bit 457 | * boundary. But if the stream is *already* aligned, then the 458 | * next 16 bits must be discarded. 459 | */ 460 | bitstream_ensure_bits(is, 1); 461 | bitstream_align(is); 462 | 463 | recent_offsets[0] = bitstream_read_u32(is); 464 | recent_offsets[1] = bitstream_read_u32(is); 465 | recent_offsets[2] = bitstream_read_u32(is); 466 | 467 | /* Offsets of 0 are invalid. */ 468 | if (recent_offsets[0] == 0 || recent_offsets[1] == 0 || 469 | recent_offsets[2] == 0) 470 | return -1; 471 | break; 472 | 473 | default: 474 | /* Unrecognized block type. */ 475 | return -1; 476 | } 477 | 478 | *block_type_ret = block_type; 479 | *block_size_ret = block_size; 480 | return 0; 481 | } 482 | 483 | /* Decompress a block of LZX-compressed data. */ 484 | static int lzx_decompress_block(const struct lzx_decompressor *d, 485 | struct input_bitstream *is, 486 | int block_type, u32 block_size, 487 | u8 * const out_begin, u8 *out_next, 488 | u32 recent_offsets[]) 489 | { 490 | u8 * const block_end = out_next + block_size; 491 | u32 ones_if_aligned = 0U - (block_type == LZX_BLOCKTYPE_ALIGNED); 492 | 493 | do { 494 | u32 mainsym; 495 | u32 match_len; 496 | u32 match_offset; 497 | u32 offset_slot; 498 | u32 num_extra_bits; 499 | 500 | mainsym = read_mainsym(d, is); 501 | if (mainsym < LZX_NUM_CHARS) { 502 | /* Literal */ 503 | *out_next++ = mainsym; 504 | continue; 505 | } 506 | 507 | /* Match */ 508 | 509 | /* Decode the length header and offset slot. */ 510 | mainsym -= LZX_NUM_CHARS; 511 | match_len = mainsym % LZX_NUM_LEN_HEADERS; 512 | offset_slot = mainsym / LZX_NUM_LEN_HEADERS; 513 | 514 | /* If needed, read a length symbol to decode the full length. */ 515 | if (match_len == LZX_NUM_PRIMARY_LENS) 516 | match_len += read_lensym(d, is); 517 | match_len += LZX_MIN_MATCH_LEN; 518 | 519 | if (offset_slot < LZX_NUM_RECENT_OFFSETS) { 520 | /* Repeat offset */ 521 | 522 | /* Note: This isn't a real LRU queue, since using the R2 523 | * offset doesn't bump the R1 offset down to R2. This 524 | * quirk allows all 3 recent offsets to be handled by 525 | * the same code. (For R0, the swap is a no-op.) 526 | */ 527 | match_offset = recent_offsets[offset_slot]; 528 | recent_offsets[offset_slot] = recent_offsets[0]; 529 | recent_offsets[0] = match_offset; 530 | } else { 531 | /* Explicit offset */ 532 | 533 | /* Look up the number of extra bits that need to be read 534 | * to decode offsets with this offset slot. 535 | */ 536 | num_extra_bits = lzx_extra_offset_bits[offset_slot]; 537 | 538 | /* Start with the offset slot base value. */ 539 | match_offset = lzx_offset_slot_base[offset_slot]; 540 | 541 | /* In aligned offset blocks, the low-order 3 bits of 542 | * each offset are encoded using the aligned offset 543 | * code. Otherwise, all the extra bits are literal. 544 | */ 545 | 546 | if ((num_extra_bits & ones_if_aligned) >= LZX_NUM_ALIGNED_OFFSET_BITS) { 547 | match_offset += 548 | bitstream_read_bits(is, num_extra_bits - 549 | LZX_NUM_ALIGNED_OFFSET_BITS) 550 | << LZX_NUM_ALIGNED_OFFSET_BITS; 551 | match_offset += read_alignedsym(d, is); 552 | } else { 553 | match_offset += bitstream_read_bits(is, num_extra_bits); 554 | } 555 | 556 | /* Adjust the offset. */ 557 | match_offset -= (LZX_NUM_RECENT_OFFSETS - 1); 558 | 559 | /* Update the recent offsets. */ 560 | recent_offsets[2] = recent_offsets[1]; 561 | recent_offsets[1] = recent_offsets[0]; 562 | recent_offsets[0] = match_offset; 563 | } 564 | 565 | /* Validate the match, then copy it to the current position. */ 566 | 567 | if (match_len > (size_t)(block_end - out_next)) 568 | return -1; 569 | 570 | if (match_offset > (size_t)(out_next - out_begin)) 571 | return -1; 572 | 573 | out_next = lz_copy(out_next, match_len, match_offset, 574 | block_end, LZX_MIN_MATCH_LEN); 575 | 576 | } while (out_next != block_end); 577 | 578 | return 0; 579 | } 580 | 581 | /* 582 | * lzx_allocate_decompressor - Allocate an LZX decompressor 583 | * 584 | * Return the pointer to the decompressor on success, or return NULL and set 585 | * errno on failure. 586 | */ 587 | struct lzx_decompressor *lzx_allocate_decompressor(void) 588 | { 589 | return kmalloc(sizeof(struct lzx_decompressor), GFP_NOFS); 590 | } 591 | 592 | /* 593 | * lzx_decompress - Decompress a buffer of LZX-compressed data 594 | * 595 | * @decompressor: A decompressor allocated with lzx_allocate_decompressor() 596 | * @compressed_data: The buffer of data to decompress 597 | * @compressed_size: Number of bytes of compressed data 598 | * @uncompressed_data: The buffer in which to store the decompressed data 599 | * @uncompressed_size: The number of bytes the data decompresses into 600 | * 601 | * Return 0 on success, or return -1 and set errno on failure. 602 | */ 603 | int lzx_decompress(struct lzx_decompressor *decompressor, 604 | const void *compressed_data, size_t compressed_size, 605 | void *uncompressed_data, size_t uncompressed_size) 606 | { 607 | struct lzx_decompressor *d = decompressor; 608 | u8 * const out_begin = uncompressed_data; 609 | u8 *out_next = out_begin; 610 | u8 * const out_end = out_begin + uncompressed_size; 611 | struct input_bitstream is; 612 | u32 recent_offsets[LZX_NUM_RECENT_OFFSETS] = {1, 1, 1}; 613 | int e8_status = 0; 614 | 615 | init_input_bitstream(&is, compressed_data, compressed_size); 616 | 617 | /* Codeword lengths begin as all 0's for delta encoding purposes. */ 618 | memset(d->maincode_lens, 0, LZX_MAINCODE_NUM_SYMBOLS); 619 | memset(d->lencode_lens, 0, LZX_LENCODE_NUM_SYMBOLS); 620 | 621 | /* Decompress blocks until we have all the uncompressed data. */ 622 | 623 | while (out_next != out_end) { 624 | int block_type; 625 | u32 block_size; 626 | 627 | if (lzx_read_block_header(d, &is, &block_type, &block_size, 628 | recent_offsets)) 629 | goto invalid; 630 | 631 | if (block_size < 1 || block_size > (size_t)(out_end - out_next)) 632 | goto invalid; 633 | 634 | if (block_type != LZX_BLOCKTYPE_UNCOMPRESSED) { 635 | 636 | /* Compressed block */ 637 | 638 | if (lzx_decompress_block(d, 639 | &is, 640 | block_type, 641 | block_size, 642 | out_begin, 643 | out_next, 644 | recent_offsets)) 645 | goto invalid; 646 | 647 | e8_status |= d->maincode_lens[0xe8]; 648 | out_next += block_size; 649 | } else { 650 | /* Uncompressed block */ 651 | 652 | out_next = bitstream_read_bytes(&is, out_next, 653 | block_size); 654 | if (!out_next) 655 | goto invalid; 656 | 657 | if (block_size & 1) 658 | bitstream_read_byte(&is); 659 | 660 | e8_status = 1; 661 | } 662 | } 663 | 664 | /* Postprocess the data unless it cannot possibly contain 0xe8 bytes. */ 665 | if (e8_status) 666 | lzx_postprocess(uncompressed_data, uncompressed_size); 667 | 668 | return 0; 669 | 670 | invalid: 671 | return -1; 672 | } 673 | 674 | /* 675 | * lzx_free_decompressor - Free an LZX decompressor 676 | * 677 | * @decompressor: A decompressor that was allocated with 678 | * lzx_allocate_decompressor(), or NULL. 679 | */ 680 | void lzx_free_decompressor(struct lzx_decompressor *decompressor) 681 | { 682 | kfree(decompressor); 683 | } 684 | -------------------------------------------------------------------------------- /lib/xpress_decompress.c: -------------------------------------------------------------------------------- 1 | // SPDX-License-Identifier: GPL-2.0-or-later 2 | /* 3 | * xpress_decompress.c - A decompressor for the XPRESS compression format 4 | * (Huffman variant), which can be used in "System Compressed" files. This is 5 | * based on the code from wimlib. 6 | * 7 | * Copyright (C) 2015 Eric Biggers 8 | * 9 | * This program is free software: you can redistribute it and/or modify it under 10 | * the terms of the GNU General Public License as published by the Free Software 11 | * Foundation, either version 2 of the License, or (at your option) any later 12 | * version. 13 | * 14 | * This program is distributed in the hope that it will be useful, but WITHOUT 15 | * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS 16 | * FOR A PARTICULAR PURPOSE. See the GNU General Public License for more 17 | * details. 18 | * 19 | * You should have received a copy of the GNU General Public License along with 20 | * this program. If not, see . 21 | */ 22 | 23 | #include "decompress_common.h" 24 | #include "lib.h" 25 | 26 | #define XPRESS_NUM_SYMBOLS 512 27 | #define XPRESS_MAX_CODEWORD_LEN 15 28 | #define XPRESS_MIN_MATCH_LEN 3 29 | 30 | /* This value is chosen for fast decompression. */ 31 | #define XPRESS_TABLEBITS 12 32 | 33 | /* Reusable heap-allocated memory for XPRESS decompression */ 34 | struct xpress_decompressor { 35 | 36 | /* The Huffman decoding table */ 37 | u16 decode_table[(1 << XPRESS_TABLEBITS) + 2 * XPRESS_NUM_SYMBOLS]; 38 | 39 | /* An array that maps symbols to codeword lengths */ 40 | u8 lens[XPRESS_NUM_SYMBOLS]; 41 | 42 | /* Temporary space for make_huffman_decode_table() */ 43 | u16 working_space[2 * (1 + XPRESS_MAX_CODEWORD_LEN) + 44 | XPRESS_NUM_SYMBOLS]; 45 | }; 46 | 47 | /* 48 | * xpress_allocate_decompressor - Allocate an XPRESS decompressor 49 | * 50 | * Return the pointer to the decompressor on success, or return NULL and set 51 | * errno on failure. 52 | */ 53 | struct xpress_decompressor *xpress_allocate_decompressor(void) 54 | { 55 | return kmalloc(sizeof(struct xpress_decompressor), GFP_NOFS); 56 | } 57 | 58 | /* 59 | * xpress_decompress - Decompress a buffer of XPRESS-compressed data 60 | * 61 | * @decompressor: A decompressor that was allocated with 62 | * xpress_allocate_decompressor() 63 | * @compressed_data: The buffer of data to decompress 64 | * @compressed_size: Number of bytes of compressed data 65 | * @uncompressed_data: The buffer in which to store the decompressed data 66 | * @uncompressed_size: The number of bytes the data decompresses into 67 | * 68 | * Return 0 on success, or return -1 and set errno on failure. 69 | */ 70 | int xpress_decompress(struct xpress_decompressor *decompressor, 71 | const void *compressed_data, size_t compressed_size, 72 | void *uncompressed_data, size_t uncompressed_size) 73 | { 74 | struct xpress_decompressor *d = decompressor; 75 | const u8 * const in_begin = compressed_data; 76 | u8 * const out_begin = uncompressed_data; 77 | u8 *out_next = out_begin; 78 | u8 * const out_end = out_begin + uncompressed_size; 79 | struct input_bitstream is; 80 | u32 i; 81 | 82 | /* Read the Huffman codeword lengths. */ 83 | if (compressed_size < XPRESS_NUM_SYMBOLS / 2) 84 | goto invalid; 85 | for (i = 0; i < XPRESS_NUM_SYMBOLS / 2; i++) { 86 | d->lens[i*2 + 0] = in_begin[i] & 0xF; 87 | d->lens[i*2 + 1] = in_begin[i] >> 4; 88 | } 89 | 90 | /* Build a decoding table for the Huffman code. */ 91 | if (make_huffman_decode_table(d->decode_table, XPRESS_NUM_SYMBOLS, 92 | XPRESS_TABLEBITS, d->lens, 93 | XPRESS_MAX_CODEWORD_LEN, 94 | d->working_space)) 95 | goto invalid; 96 | 97 | /* Decode the matches and literals. */ 98 | 99 | init_input_bitstream(&is, in_begin + XPRESS_NUM_SYMBOLS / 2, 100 | compressed_size - XPRESS_NUM_SYMBOLS / 2); 101 | 102 | while (out_next != out_end) { 103 | u32 sym; 104 | u32 log2_offset; 105 | u32 length; 106 | u32 offset; 107 | 108 | sym = read_huffsym(&is, d->decode_table, 109 | XPRESS_TABLEBITS, XPRESS_MAX_CODEWORD_LEN); 110 | if (sym < 256) { 111 | /* Literal */ 112 | *out_next++ = sym; 113 | } else { 114 | /* Match */ 115 | length = sym & 0xf; 116 | log2_offset = (sym >> 4) & 0xf; 117 | 118 | bitstream_ensure_bits(&is, 16); 119 | 120 | offset = ((u32)1 << log2_offset) | 121 | bitstream_pop_bits(&is, log2_offset); 122 | 123 | if (length == 0xf) { 124 | length += bitstream_read_byte(&is); 125 | if (length == 0xf + 0xff) 126 | length = bitstream_read_u16(&is); 127 | } 128 | length += XPRESS_MIN_MATCH_LEN; 129 | 130 | if (offset > (size_t)(out_next - out_begin)) 131 | goto invalid; 132 | 133 | if (length > (size_t)(out_end - out_next)) 134 | goto invalid; 135 | 136 | out_next = lz_copy(out_next, length, offset, out_end, 137 | XPRESS_MIN_MATCH_LEN); 138 | } 139 | } 140 | return 0; 141 | 142 | invalid: 143 | return -1; 144 | } 145 | 146 | /* 147 | * xpress_free_decompressor - Free an XPRESS decompressor 148 | * 149 | * @decompressor: A decompressor that was allocated with 150 | * xpress_allocate_decompressor(), or NULL. 151 | */ 152 | void xpress_free_decompressor(struct xpress_decompressor *decompressor) 153 | { 154 | kfree(decompressor); 155 | } 156 | -------------------------------------------------------------------------------- /lznt.c: -------------------------------------------------------------------------------- 1 | // SPDX-License-Identifier: GPL-2.0 2 | /* 3 | * 4 | * Copyright (C) 2019-2021 Paragon Software GmbH, All rights reserved. 5 | * 6 | */ 7 | #include 8 | #include 9 | #include 10 | #include 11 | 12 | #include "debug.h" 13 | #include "ntfs.h" 14 | #include "ntfs_fs.h" 15 | 16 | // clang-format off 17 | /* src buffer is zero */ 18 | #define LZNT_ERROR_ALL_ZEROS 1 19 | #define LZNT_CHUNK_SIZE 0x1000 20 | // clang-format on 21 | 22 | struct lznt_hash { 23 | const u8 *p1; 24 | const u8 *p2; 25 | }; 26 | 27 | struct lznt { 28 | const u8 *unc; 29 | const u8 *unc_end; 30 | const u8 *best_match; 31 | size_t max_len; 32 | bool std; 33 | 34 | struct lznt_hash hash[LZNT_CHUNK_SIZE]; 35 | }; 36 | 37 | static inline size_t get_match_len(const u8 *ptr, const u8 *end, const u8 *prev, 38 | size_t max_len) 39 | { 40 | size_t len = 0; 41 | 42 | while (ptr + len < end && ptr[len] == prev[len] && ++len < max_len) 43 | ; 44 | return len; 45 | } 46 | 47 | static size_t longest_match_std(const u8 *src, struct lznt *ctx) 48 | { 49 | size_t hash_index; 50 | size_t len1 = 0, len2 = 0; 51 | const u8 **hash; 52 | 53 | hash_index = 54 | ((40543U * ((((src[0] << 4) ^ src[1]) << 4) ^ src[2])) >> 4) & 55 | (LZNT_CHUNK_SIZE - 1); 56 | 57 | hash = &(ctx->hash[hash_index].p1); 58 | 59 | if (hash[0] >= ctx->unc && hash[0] < src && hash[0][0] == src[0] && 60 | hash[0][1] == src[1] && hash[0][2] == src[2]) { 61 | len1 = 3; 62 | if (ctx->max_len > 3) 63 | len1 += get_match_len(src + 3, ctx->unc_end, 64 | hash[0] + 3, ctx->max_len - 3); 65 | } 66 | 67 | if (hash[1] >= ctx->unc && hash[1] < src && hash[1][0] == src[0] && 68 | hash[1][1] == src[1] && hash[1][2] == src[2]) { 69 | len2 = 3; 70 | if (ctx->max_len > 3) 71 | len2 += get_match_len(src + 3, ctx->unc_end, 72 | hash[1] + 3, ctx->max_len - 3); 73 | } 74 | 75 | /* Compare two matches and select the best one */ 76 | if (len1 < len2) { 77 | ctx->best_match = hash[1]; 78 | len1 = len2; 79 | } else { 80 | ctx->best_match = hash[0]; 81 | } 82 | 83 | hash[1] = hash[0]; 84 | hash[0] = src; 85 | return len1; 86 | } 87 | 88 | static size_t longest_match_best(const u8 *src, struct lznt *ctx) 89 | { 90 | size_t max_len; 91 | const u8 *ptr; 92 | 93 | if (ctx->unc >= src || !ctx->max_len) 94 | return 0; 95 | 96 | max_len = 0; 97 | for (ptr = ctx->unc; ptr < src; ++ptr) { 98 | size_t len = 99 | get_match_len(src, ctx->unc_end, ptr, ctx->max_len); 100 | if (len >= max_len) { 101 | max_len = len; 102 | ctx->best_match = ptr; 103 | } 104 | } 105 | 106 | return max_len >= 3 ? max_len : 0; 107 | } 108 | 109 | static const size_t s_max_len[] = { 110 | 0x1002, 0x802, 0x402, 0x202, 0x102, 0x82, 0x42, 0x22, 0x12, 111 | }; 112 | 113 | static const size_t s_max_off[] = { 114 | 0x10, 0x20, 0x40, 0x80, 0x100, 0x200, 0x400, 0x800, 0x1000, 115 | }; 116 | 117 | static inline u16 make_pair(size_t offset, size_t len, size_t index) 118 | { 119 | return ((offset - 1) << (12 - index)) | 120 | ((len - 3) & (((1 << (12 - index)) - 1))); 121 | } 122 | 123 | static inline size_t parse_pair(u16 pair, size_t *offset, size_t index) 124 | { 125 | *offset = 1 + (pair >> (12 - index)); 126 | return 3 + (pair & ((1 << (12 - index)) - 1)); 127 | } 128 | 129 | /* 130 | * compress_chunk 131 | * 132 | * returns one of the three values: 133 | * 0 - ok, 'cmpr' contains 'cmpr_chunk_size' bytes of compressed data 134 | * 1 - input buffer is full zero 135 | * -2 - the compressed buffer is too small to hold the compressed data 136 | */ 137 | static inline int compress_chunk(size_t (*match)(const u8 *, struct lznt *), 138 | const u8 *unc, const u8 *unc_end, u8 *cmpr, 139 | u8 *cmpr_end, size_t *cmpr_chunk_size, 140 | struct lznt *ctx) 141 | { 142 | size_t cnt = 0; 143 | size_t idx = 0; 144 | const u8 *up = unc; 145 | u8 *cp = cmpr + 3; 146 | u8 *cp2 = cmpr + 2; 147 | u8 not_zero = 0; 148 | /* Control byte of 8-bit values: ( 0 - means byte as is, 1 - short pair ) */ 149 | u8 ohdr = 0; 150 | u8 *last; 151 | u16 t16; 152 | 153 | if (unc + LZNT_CHUNK_SIZE < unc_end) 154 | unc_end = unc + LZNT_CHUNK_SIZE; 155 | 156 | last = min(cmpr + LZNT_CHUNK_SIZE + sizeof(short), cmpr_end); 157 | 158 | ctx->unc = unc; 159 | ctx->unc_end = unc_end; 160 | ctx->max_len = s_max_len[0]; 161 | 162 | while (up < unc_end) { 163 | size_t max_len; 164 | 165 | while (unc + s_max_off[idx] < up) 166 | ctx->max_len = s_max_len[++idx]; 167 | 168 | // Find match 169 | max_len = up + 3 <= unc_end ? (*match)(up, ctx) : 0; 170 | 171 | if (!max_len) { 172 | if (cp >= last) 173 | goto NotCompressed; 174 | not_zero |= *cp++ = *up++; 175 | } else if (cp + 1 >= last) { 176 | goto NotCompressed; 177 | } else { 178 | t16 = make_pair(up - ctx->best_match, max_len, idx); 179 | *cp++ = t16; 180 | *cp++ = t16 >> 8; 181 | 182 | ohdr |= 1 << cnt; 183 | up += max_len; 184 | } 185 | 186 | cnt = (cnt + 1) & 7; 187 | if (!cnt) { 188 | *cp2 = ohdr; 189 | ohdr = 0; 190 | cp2 = cp; 191 | cp += 1; 192 | } 193 | } 194 | 195 | if (cp2 < last) 196 | *cp2 = ohdr; 197 | else 198 | cp -= 1; 199 | 200 | *cmpr_chunk_size = cp - cmpr; 201 | 202 | t16 = (*cmpr_chunk_size - 3) | 0xB000; 203 | cmpr[0] = t16; 204 | cmpr[1] = t16 >> 8; 205 | 206 | return not_zero ? 0 : LZNT_ERROR_ALL_ZEROS; 207 | 208 | NotCompressed: 209 | 210 | if ((cmpr + LZNT_CHUNK_SIZE + sizeof(short)) > last) 211 | return -2; 212 | 213 | /* 214 | * Copy non cmpr data 215 | * 0x3FFF == ((LZNT_CHUNK_SIZE + 2 - 3) | 0x3000) 216 | */ 217 | cmpr[0] = 0xff; 218 | cmpr[1] = 0x3f; 219 | 220 | memcpy(cmpr + sizeof(short), unc, LZNT_CHUNK_SIZE); 221 | *cmpr_chunk_size = LZNT_CHUNK_SIZE + sizeof(short); 222 | 223 | return 0; 224 | } 225 | 226 | static inline ssize_t decompress_chunk(u8 *unc, u8 *unc_end, const u8 *cmpr, 227 | const u8 *cmpr_end) 228 | { 229 | u8 *up = unc; 230 | u8 ch = *cmpr++; 231 | size_t bit = 0; 232 | size_t index = 0; 233 | u16 pair; 234 | size_t offset, length; 235 | 236 | /* Do decompression until pointers are inside range */ 237 | while (up < unc_end && cmpr < cmpr_end) { 238 | /* Correct index */ 239 | while (unc + s_max_off[index] < up) 240 | index += 1; 241 | 242 | /* Check the current flag for zero */ 243 | if (!(ch & (1 << bit))) { 244 | /* Just copy byte */ 245 | *up++ = *cmpr++; 246 | goto next; 247 | } 248 | 249 | /* Check for boundary */ 250 | if (cmpr + 1 >= cmpr_end) 251 | return -EINVAL; 252 | 253 | /* Read a short from little endian stream */ 254 | pair = cmpr[1]; 255 | pair <<= 8; 256 | pair |= cmpr[0]; 257 | 258 | cmpr += 2; 259 | 260 | /* Translate packed information into offset and length */ 261 | length = parse_pair(pair, &offset, index); 262 | 263 | /* Check offset for boundary */ 264 | if (unc + offset > up) 265 | return -EINVAL; 266 | 267 | /* Truncate the length if necessary */ 268 | if (up + length >= unc_end) 269 | length = unc_end - up; 270 | 271 | /* Now we copy bytes. This is the heart of LZ algorithm. */ 272 | for (; length > 0; length--, up++) 273 | *up = *(up - offset); 274 | 275 | next: 276 | /* Advance flag bit value */ 277 | bit = (bit + 1) & 7; 278 | 279 | if (!bit) { 280 | if (cmpr >= cmpr_end) 281 | break; 282 | 283 | ch = *cmpr++; 284 | } 285 | } 286 | 287 | /* return the size of uncompressed data */ 288 | return up - unc; 289 | } 290 | 291 | /* 292 | * 0 - standard compression 293 | * !0 - best compression, requires a lot of cpu 294 | */ 295 | struct lznt *get_lznt_ctx(int level) 296 | { 297 | struct lznt *r = ntfs_zalloc(level ? offsetof(struct lznt, hash) 298 | : sizeof(struct lznt)); 299 | 300 | if (r) 301 | r->std = !level; 302 | return r; 303 | } 304 | 305 | /* 306 | * compress_lznt 307 | * 308 | * Compresses "unc" into "cmpr" 309 | * +x - ok, 'cmpr' contains 'final_compressed_size' bytes of compressed data 310 | * 0 - input buffer is full zero 311 | */ 312 | size_t compress_lznt(const void *unc, size_t unc_size, void *cmpr, 313 | size_t cmpr_size, struct lznt *ctx) 314 | { 315 | int err; 316 | size_t (*match)(const u8 *src, struct lznt *ctx); 317 | u8 *p = cmpr; 318 | u8 *end = p + cmpr_size; 319 | const u8 *unc_chunk = unc; 320 | const u8 *unc_end = unc_chunk + unc_size; 321 | bool is_zero = true; 322 | 323 | if (ctx->std) { 324 | match = &longest_match_std; 325 | memset(ctx->hash, 0, sizeof(ctx->hash)); 326 | } else { 327 | match = &longest_match_best; 328 | } 329 | 330 | /* compression cycle */ 331 | for (; unc_chunk < unc_end; unc_chunk += LZNT_CHUNK_SIZE) { 332 | cmpr_size = 0; 333 | err = compress_chunk(match, unc_chunk, unc_end, p, end, 334 | &cmpr_size, ctx); 335 | if (err < 0) 336 | return unc_size; 337 | 338 | if (is_zero && err != LZNT_ERROR_ALL_ZEROS) 339 | is_zero = false; 340 | 341 | p += cmpr_size; 342 | } 343 | 344 | if (p <= end - 2) 345 | p[0] = p[1] = 0; 346 | 347 | return is_zero ? 0 : PtrOffset(cmpr, p); 348 | } 349 | 350 | /* 351 | * decompress_lznt 352 | * 353 | * decompresses "cmpr" into "unc" 354 | */ 355 | ssize_t decompress_lznt(const void *cmpr, size_t cmpr_size, void *unc, 356 | size_t unc_size) 357 | { 358 | const u8 *cmpr_chunk = cmpr; 359 | const u8 *cmpr_end = cmpr_chunk + cmpr_size; 360 | u8 *unc_chunk = unc; 361 | u8 *unc_end = unc_chunk + unc_size; 362 | u16 chunk_hdr; 363 | 364 | if (cmpr_size < sizeof(short)) 365 | return -EINVAL; 366 | 367 | /* read chunk header */ 368 | chunk_hdr = cmpr_chunk[1]; 369 | chunk_hdr <<= 8; 370 | chunk_hdr |= cmpr_chunk[0]; 371 | 372 | /* loop through decompressing chunks */ 373 | for (;;) { 374 | size_t chunk_size_saved; 375 | size_t unc_use; 376 | size_t cmpr_use = 3 + (chunk_hdr & (LZNT_CHUNK_SIZE - 1)); 377 | 378 | /* Check that the chunk actually fits the supplied buffer */ 379 | if (cmpr_chunk + cmpr_use > cmpr_end) 380 | return -EINVAL; 381 | 382 | /* First make sure the chunk contains compressed data */ 383 | if (chunk_hdr & 0x8000) { 384 | /* Decompress a chunk and return if we get an error */ 385 | ssize_t err = 386 | decompress_chunk(unc_chunk, unc_end, 387 | cmpr_chunk + sizeof(chunk_hdr), 388 | cmpr_chunk + cmpr_use); 389 | if (err < 0) 390 | return err; 391 | unc_use = err; 392 | } else { 393 | /* This chunk does not contain compressed data */ 394 | unc_use = unc_chunk + LZNT_CHUNK_SIZE > unc_end 395 | ? unc_end - unc_chunk 396 | : LZNT_CHUNK_SIZE; 397 | 398 | if (cmpr_chunk + sizeof(chunk_hdr) + unc_use > 399 | cmpr_end) { 400 | return -EINVAL; 401 | } 402 | 403 | memcpy(unc_chunk, cmpr_chunk + sizeof(chunk_hdr), 404 | unc_use); 405 | } 406 | 407 | /* Advance pointers */ 408 | cmpr_chunk += cmpr_use; 409 | unc_chunk += unc_use; 410 | 411 | /* Check for the end of unc buffer */ 412 | if (unc_chunk >= unc_end) 413 | break; 414 | 415 | /* Proceed the next chunk */ 416 | if (cmpr_chunk > cmpr_end - 2) 417 | break; 418 | 419 | chunk_size_saved = LZNT_CHUNK_SIZE; 420 | 421 | /* read chunk header */ 422 | chunk_hdr = cmpr_chunk[1]; 423 | chunk_hdr <<= 8; 424 | chunk_hdr |= cmpr_chunk[0]; 425 | 426 | if (!chunk_hdr) 427 | break; 428 | 429 | /* Check the size of unc buffer */ 430 | if (unc_use < chunk_size_saved) { 431 | size_t t1 = chunk_size_saved - unc_use; 432 | u8 *t2 = unc_chunk + t1; 433 | 434 | /* 'Zero' memory */ 435 | if (t2 >= unc_end) 436 | break; 437 | 438 | memset(unc_chunk, 0, t1); 439 | unc_chunk = t2; 440 | } 441 | } 442 | 443 | /* Check compression boundary */ 444 | if (cmpr_chunk > cmpr_end) 445 | return -EINVAL; 446 | 447 | /* 448 | * The unc size is just a difference between current 449 | * pointer and original one 450 | */ 451 | return PtrOffset(unc, unc_chunk); 452 | } 453 | -------------------------------------------------------------------------------- /namei.c: -------------------------------------------------------------------------------- 1 | // SPDX-License-Identifier: GPL-2.0 2 | /* 3 | * 4 | * Copyright (C) 2019-2021 Paragon Software GmbH, All rights reserved. 5 | * 6 | */ 7 | 8 | #include 9 | #include 10 | #include 11 | #include 12 | #include 13 | #include 14 | 15 | #if LINUX_VERSION_CODE >= KERNEL_VERSION(4, 16, 0) 16 | #include 17 | #endif 18 | 19 | #include "debug.h" 20 | #include "ntfs.h" 21 | #include "ntfs_fs.h" 22 | 23 | /* 24 | * fill_name_de 25 | * 26 | * formats NTFS_DE in 'buf' 27 | */ 28 | int fill_name_de(struct ntfs_sb_info *sbi, void *buf, const struct qstr *name, 29 | const struct cpu_str *uni) 30 | { 31 | int err; 32 | struct NTFS_DE *e = buf; 33 | u16 data_size; 34 | struct ATTR_FILE_NAME *fname = (struct ATTR_FILE_NAME *)(e + 1); 35 | 36 | #ifndef CONFIG_NTFS3_64BIT_CLUSTER 37 | e->ref.high = fname->home.high = 0; 38 | #endif 39 | if (uni) { 40 | #ifdef __BIG_ENDIAN 41 | int ulen = uni->len; 42 | __le16 *uname = fname->name; 43 | const u16 *name_cpu = uni->name; 44 | 45 | while (ulen--) 46 | *uname++ = cpu_to_le16(*name_cpu++); 47 | #else 48 | memcpy(fname->name, uni->name, uni->len * sizeof(u16)); 49 | #endif 50 | fname->name_len = uni->len; 51 | 52 | } else { 53 | /* Convert input string to unicode */ 54 | err = ntfs_nls_to_utf16(sbi, name->name, name->len, 55 | (struct cpu_str *)&fname->name_len, 56 | NTFS_NAME_LEN, UTF16_LITTLE_ENDIAN); 57 | if (err < 0) 58 | return err; 59 | } 60 | 61 | fname->type = FILE_NAME_POSIX; 62 | data_size = fname_full_size(fname); 63 | 64 | e->size = cpu_to_le16(QuadAlign(data_size) + sizeof(struct NTFS_DE)); 65 | e->key_size = cpu_to_le16(data_size); 66 | e->flags = 0; 67 | e->res = 0; 68 | 69 | return 0; 70 | } 71 | 72 | /* 73 | * ntfs_lookup 74 | * 75 | * inode_operations::lookup 76 | */ 77 | static struct dentry *ntfs_lookup(struct inode *dir, struct dentry *dentry, 78 | u32 flags) 79 | { 80 | struct ntfs_inode *ni = ntfs_i(dir); 81 | struct cpu_str *uni = __getname(); 82 | struct inode *inode; 83 | int err; 84 | 85 | if (!uni) 86 | inode = ERR_PTR(-ENOMEM); 87 | else { 88 | err = ntfs_nls_to_utf16(ni->mi.sbi, dentry->d_name.name, 89 | dentry->d_name.len, uni, NTFS_NAME_LEN, 90 | UTF16_HOST_ENDIAN); 91 | if (err < 0) 92 | inode = ERR_PTR(err); 93 | else { 94 | ni_lock(ni); 95 | inode = dir_search_u(dir, uni, NULL); 96 | ni_unlock(ni); 97 | } 98 | __putname(uni); 99 | } 100 | 101 | return d_splice_alias(inode, dentry); 102 | } 103 | 104 | /* 105 | * ntfs_create 106 | * 107 | * inode_operations::create 108 | */ 109 | #if LINUX_VERSION_CODE >= KERNEL_VERSION(5, 12, 0) 110 | static int ntfs_create(struct user_namespace *mnt_userns, struct inode *dir, 111 | #else 112 | static int ntfs_create(struct inode *dir, 113 | #endif 114 | struct dentry *dentry, umode_t mode, bool excl) 115 | { 116 | struct ntfs_inode *ni = ntfs_i(dir); 117 | struct inode *inode; 118 | 119 | ni_lock_dir(ni); 120 | 121 | #if LINUX_VERSION_CODE >= KERNEL_VERSION(5, 12, 0) 122 | inode = ntfs_create_inode(mnt_userns, dir, dentry, NULL, S_IFREG | mode, 123 | #else 124 | inode = ntfs_create_inode(dir, dentry, NULL, S_IFREG | mode, 125 | #endif 126 | 0, NULL, 0, excl, NULL); 127 | 128 | ni_unlock(ni); 129 | 130 | return IS_ERR(inode) ? PTR_ERR(inode) : 0; 131 | } 132 | 133 | /* 134 | * ntfs_link 135 | * 136 | * inode_operations::link 137 | */ 138 | static int ntfs_link(struct dentry *ode, struct inode *dir, struct dentry *de) 139 | { 140 | int err; 141 | struct inode *inode = d_inode(ode); 142 | struct ntfs_inode *ni = ntfs_i(inode); 143 | 144 | if (S_ISDIR(inode->i_mode)) 145 | return -EPERM; 146 | 147 | if (inode->i_nlink >= NTFS_LINK_MAX) 148 | return -EMLINK; 149 | 150 | ni_lock_dir(ntfs_i(dir)); 151 | if (inode != dir) 152 | ni_lock(ni); 153 | 154 | dir->i_ctime = dir->i_mtime = inode->i_ctime = current_time(inode); 155 | inc_nlink(inode); 156 | ihold(inode); 157 | 158 | err = ntfs_link_inode(inode, de); 159 | if (!err) { 160 | mark_inode_dirty(inode); 161 | mark_inode_dirty(dir); 162 | d_instantiate(de, inode); 163 | } else { 164 | drop_nlink(inode); 165 | iput(inode); 166 | } 167 | 168 | if (inode != dir) 169 | ni_unlock(ni); 170 | ni_unlock(ntfs_i(dir)); 171 | 172 | return err; 173 | } 174 | 175 | /* 176 | * ntfs_unlink 177 | * 178 | * inode_operations::unlink 179 | */ 180 | static int ntfs_unlink(struct inode *dir, struct dentry *dentry) 181 | { 182 | struct ntfs_inode *ni = ntfs_i(dir); 183 | int err; 184 | 185 | ni_lock_dir(ni); 186 | 187 | err = ntfs_unlink_inode(dir, dentry); 188 | 189 | ni_unlock(ni); 190 | 191 | return err; 192 | } 193 | 194 | /* 195 | * ntfs_symlink 196 | * 197 | * inode_operations::symlink 198 | */ 199 | #if LINUX_VERSION_CODE >= KERNEL_VERSION(5, 12, 0) 200 | static int ntfs_symlink(struct user_namespace *mnt_userns, struct inode *dir, 201 | #else 202 | static int ntfs_symlink(struct inode *dir, 203 | #endif 204 | struct dentry *dentry, const char *symname) 205 | { 206 | u32 size = strlen(symname); 207 | struct inode *inode; 208 | struct ntfs_inode *ni = ntfs_i(dir); 209 | 210 | ni_lock_dir(ni); 211 | 212 | #if LINUX_VERSION_CODE >= KERNEL_VERSION(5, 12, 0) 213 | inode = ntfs_create_inode(mnt_userns, dir, dentry, NULL, S_IFLNK | 0777, 214 | #else 215 | inode = ntfs_create_inode(dir, dentry, NULL, S_IFLNK | 0777, 216 | #endif 217 | 0, symname, size, 0, NULL); 218 | 219 | ni_unlock(ni); 220 | 221 | return IS_ERR(inode) ? PTR_ERR(inode) : 0; 222 | } 223 | 224 | /* 225 | * ntfs_mkdir 226 | * 227 | * inode_operations::mkdir 228 | */ 229 | #if LINUX_VERSION_CODE >= KERNEL_VERSION(5, 12, 0) 230 | static int ntfs_mkdir(struct user_namespace *mnt_userns, struct inode *dir, 231 | #else 232 | static int ntfs_mkdir(struct inode *dir, 233 | #endif 234 | struct dentry *dentry, umode_t mode) 235 | { 236 | struct inode *inode; 237 | struct ntfs_inode *ni = ntfs_i(dir); 238 | 239 | ni_lock_dir(ni); 240 | 241 | #if LINUX_VERSION_CODE >= KERNEL_VERSION(5, 12, 0) 242 | inode = ntfs_create_inode(mnt_userns, dir, dentry, NULL, S_IFDIR | mode, 243 | #else 244 | inode = ntfs_create_inode(dir, dentry, NULL, S_IFDIR | mode, 245 | #endif 246 | 0, NULL, -1, 0, NULL); 247 | 248 | ni_unlock(ni); 249 | 250 | return IS_ERR(inode) ? PTR_ERR(inode) : 0; 251 | } 252 | 253 | /* 254 | * ntfs_rmdir 255 | * 256 | * inode_operations::rm_dir 257 | */ 258 | static int ntfs_rmdir(struct inode *dir, struct dentry *dentry) 259 | { 260 | struct ntfs_inode *ni = ntfs_i(dir); 261 | int err; 262 | 263 | ni_lock_dir(ni); 264 | 265 | err = ntfs_unlink_inode(dir, dentry); 266 | 267 | ni_unlock(ni); 268 | 269 | return err; 270 | } 271 | 272 | /* 273 | * ntfs_rename 274 | * 275 | * inode_operations::rename 276 | */ 277 | #if LINUX_VERSION_CODE >= KERNEL_VERSION(5, 12, 0) 278 | static int ntfs_rename(struct user_namespace *mnt_userns, struct inode *old_dir, 279 | #else 280 | static int ntfs_rename(struct inode *old_dir, 281 | #endif 282 | struct dentry *old_dentry, struct inode *new_dir, 283 | struct dentry *new_dentry, u32 flags) 284 | { 285 | int err; 286 | struct super_block *sb = old_dir->i_sb; 287 | struct ntfs_sb_info *sbi = sb->s_fs_info; 288 | struct ntfs_inode *old_dir_ni = ntfs_i(old_dir); 289 | struct ntfs_inode *new_dir_ni = ntfs_i(new_dir); 290 | struct ntfs_inode *old_ni; 291 | struct ATTR_FILE_NAME *old_name, *new_name, *fname; 292 | u8 name_type; 293 | bool is_same; 294 | struct inode *old_inode, *new_inode; 295 | struct NTFS_DE *old_de, *new_de; 296 | struct ATTRIB *attr; 297 | struct ATTR_LIST_ENTRY *le; 298 | u16 new_de_key_size; 299 | 300 | static_assert(SIZEOF_ATTRIBUTE_FILENAME_MAX + SIZEOF_RESIDENT < 1024); 301 | static_assert(SIZEOF_ATTRIBUTE_FILENAME_MAX + sizeof(struct NTFS_DE) < 302 | 1024); 303 | static_assert(PATH_MAX >= 4 * 1024); 304 | 305 | if (flags & ~RENAME_NOREPLACE) 306 | return -EINVAL; 307 | 308 | old_inode = d_inode(old_dentry); 309 | new_inode = d_inode(new_dentry); 310 | 311 | old_ni = ntfs_i(old_inode); 312 | 313 | is_same = old_dentry->d_name.len == new_dentry->d_name.len && 314 | !memcmp(old_dentry->d_name.name, new_dentry->d_name.name, 315 | old_dentry->d_name.len); 316 | 317 | if (is_same && old_dir == new_dir) { 318 | /* Nothing to do */ 319 | err = 0; 320 | goto out; 321 | } 322 | 323 | if (ntfs_is_meta_file(sbi, old_inode->i_ino)) { 324 | err = -EINVAL; 325 | goto out; 326 | } 327 | 328 | if (new_inode) { 329 | /*target name exists. unlink it*/ 330 | dget(new_dentry); 331 | ni_lock_dir(new_dir_ni); 332 | err = ntfs_unlink_inode(new_dir, new_dentry); 333 | ni_unlock(new_dir_ni); 334 | dput(new_dentry); 335 | if (err) 336 | goto out; 337 | } 338 | 339 | /* allocate PATH_MAX bytes */ 340 | old_de = __getname(); 341 | if (!old_de) { 342 | err = -ENOMEM; 343 | goto out; 344 | } 345 | 346 | err = fill_name_de(sbi, old_de, &old_dentry->d_name, NULL); 347 | if (err < 0) 348 | goto out1; 349 | 350 | old_name = (struct ATTR_FILE_NAME *)(old_de + 1); 351 | 352 | if (is_same) { 353 | new_de = old_de; 354 | } else { 355 | new_de = Add2Ptr(old_de, 1024); 356 | err = fill_name_de(sbi, new_de, &new_dentry->d_name, NULL); 357 | if (err < 0) 358 | goto out1; 359 | } 360 | 361 | ni_lock_dir(old_dir_ni); 362 | ni_lock(old_ni); 363 | 364 | mi_get_ref(&old_dir_ni->mi, &old_name->home); 365 | 366 | /*get pointer to file_name in mft*/ 367 | fname = ni_fname_name(old_ni, (struct cpu_str *)&old_name->name_len, 368 | &old_name->home, &le); 369 | if (!fname) { 370 | err = -EINVAL; 371 | goto out2; 372 | } 373 | 374 | /* Copy fname info from record into new fname */ 375 | new_name = (struct ATTR_FILE_NAME *)(new_de + 1); 376 | memcpy(&new_name->dup, &fname->dup, sizeof(fname->dup)); 377 | 378 | name_type = paired_name(fname->type); 379 | 380 | /* remove first name from directory */ 381 | err = indx_delete_entry(&old_dir_ni->dir, old_dir_ni, old_de + 1, 382 | le16_to_cpu(old_de->key_size), sbi); 383 | if (err) 384 | goto out3; 385 | 386 | /* remove first name from mft */ 387 | err = ni_remove_attr_le(old_ni, attr_from_name(fname), le); 388 | if (err) 389 | goto out4; 390 | 391 | le16_add_cpu(&old_ni->mi.mrec->hard_links, -1); 392 | old_ni->mi.dirty = true; 393 | 394 | if (name_type != FILE_NAME_POSIX) { 395 | /* get paired name */ 396 | fname = ni_fname_type(old_ni, name_type, &le); 397 | if (fname) { 398 | /* remove second name from directory */ 399 | err = indx_delete_entry(&old_dir_ni->dir, old_dir_ni, 400 | fname, fname_full_size(fname), 401 | sbi); 402 | if (err) 403 | goto out5; 404 | 405 | /* remove second name from mft */ 406 | err = ni_remove_attr_le(old_ni, attr_from_name(fname), 407 | le); 408 | if (err) 409 | goto out6; 410 | 411 | le16_add_cpu(&old_ni->mi.mrec->hard_links, -1); 412 | old_ni->mi.dirty = true; 413 | } 414 | } 415 | 416 | /* Add new name */ 417 | mi_get_ref(&old_ni->mi, &new_de->ref); 418 | mi_get_ref(&ntfs_i(new_dir)->mi, &new_name->home); 419 | 420 | new_de_key_size = le16_to_cpu(new_de->key_size); 421 | 422 | /* insert new name in mft */ 423 | err = ni_insert_resident(old_ni, new_de_key_size, ATTR_NAME, NULL, 0, 424 | &attr, NULL); 425 | if (err) 426 | goto out7; 427 | 428 | attr->res.flags = RESIDENT_FLAG_INDEXED; 429 | 430 | memcpy(Add2Ptr(attr, SIZEOF_RESIDENT), new_name, new_de_key_size); 431 | 432 | le16_add_cpu(&old_ni->mi.mrec->hard_links, 1); 433 | old_ni->mi.dirty = true; 434 | 435 | /* insert new name in directory */ 436 | err = indx_insert_entry(&new_dir_ni->dir, new_dir_ni, new_de, sbi, 437 | NULL); 438 | if (err) 439 | goto out8; 440 | 441 | if (IS_DIRSYNC(new_dir)) 442 | err = ntfs_sync_inode(old_inode); 443 | else 444 | mark_inode_dirty(old_inode); 445 | 446 | old_dir->i_ctime = old_dir->i_mtime = current_time(old_dir); 447 | if (IS_DIRSYNC(old_dir)) 448 | (void)ntfs_sync_inode(old_dir); 449 | else 450 | mark_inode_dirty(old_dir); 451 | 452 | if (old_dir != new_dir) { 453 | new_dir->i_mtime = new_dir->i_ctime = old_dir->i_ctime; 454 | mark_inode_dirty(new_dir); 455 | } 456 | 457 | if (old_inode) { 458 | old_inode->i_ctime = old_dir->i_ctime; 459 | mark_inode_dirty(old_inode); 460 | } 461 | 462 | err = 0; 463 | /* normal way */ 464 | goto out2; 465 | 466 | out8: 467 | /* undo 468 | * ni_insert_resident(old_ni, new_de_key_size, ATTR_NAME, NULL, 0, 469 | * &attr, NULL); 470 | */ 471 | mi_remove_attr(&old_ni->mi, attr); 472 | out7: 473 | /* undo 474 | * ni_remove_attr_le(old_ni, attr_from_name(fname), le); 475 | */ 476 | out6: 477 | /* undo 478 | * indx_delete_entry(&old_dir_ni->dir, old_dir_ni, 479 | * fname, fname_full_size(fname), 480 | * sbi); 481 | */ 482 | out5: 483 | /* undo 484 | * ni_remove_attr_le(old_ni, attr_from_name(fname), le); 485 | */ 486 | out4: 487 | /* undo: 488 | * indx_delete_entry(&old_dir_ni->dir, old_dir_ni, old_de + 1, 489 | * old_de->key_size, NULL); 490 | */ 491 | out3: 492 | out2: 493 | ni_unlock(old_ni); 494 | ni_unlock(old_dir_ni); 495 | out1: 496 | __putname(old_de); 497 | out: 498 | return err; 499 | } 500 | 501 | /* 502 | * ntfs_atomic_open 503 | * 504 | * inode_operations::atomic_open 505 | */ 506 | static int ntfs_atomic_open(struct inode *dir, struct dentry *dentry, 507 | #if LINUX_VERSION_CODE >= KERNEL_VERSION(4, 19, 0) 508 | struct file *file, u32 flags, umode_t mode) 509 | #else 510 | struct file *file, u32 flags, umode_t mode, int *opened) 511 | #endif 512 | { 513 | int err; 514 | bool excl = !!(flags & O_EXCL); 515 | struct inode *inode; 516 | struct ntfs_fnd *fnd = NULL; 517 | struct ntfs_inode *ni = ntfs_i(dir); 518 | struct dentry *d = NULL; 519 | struct cpu_str *uni = __getname(); 520 | 521 | if (!uni) 522 | return -ENOMEM; 523 | 524 | err = ntfs_nls_to_utf16(ni->mi.sbi, dentry->d_name.name, 525 | dentry->d_name.len, uni, NTFS_NAME_LEN, 526 | UTF16_HOST_ENDIAN); 527 | if (err < 0) 528 | goto out; 529 | 530 | ni_lock_dir(ni); 531 | 532 | if (d_in_lookup(dentry)) { 533 | fnd = fnd_get(); 534 | if (!fnd) { 535 | err = -ENOMEM; 536 | goto out1; 537 | } 538 | 539 | d = d_splice_alias(dir_search_u(dir, uni, fnd), dentry); 540 | if (IS_ERR(d)) { 541 | err = PTR_ERR(d); 542 | d = NULL; 543 | goto out2; 544 | } 545 | 546 | if (d) 547 | dentry = d; 548 | } 549 | 550 | if (!(flags & O_CREAT) || d_really_is_positive(dentry)) { 551 | err = finish_no_open(file, d); 552 | goto out2; 553 | } 554 | 555 | #if LINUX_VERSION_CODE >= KERNEL_VERSION(4, 19, 0) 556 | file->f_mode |= FMODE_CREATED; 557 | #else 558 | *opened |= FILE_CREATED; 559 | #endif 560 | 561 | /*fnd contains tree's path to insert to*/ 562 | /* TODO: init_user_ns? */ 563 | #if LINUX_VERSION_CODE >= KERNEL_VERSION(5, 12, 0) 564 | inode = ntfs_create_inode(&init_user_ns, dir, dentry, uni, mode, 0, 565 | #else 566 | inode = ntfs_create_inode(dir, dentry, uni, mode, 0, 567 | #endif 568 | NULL, 0, excl, fnd); 569 | err = IS_ERR(inode) ? PTR_ERR(inode) 570 | #if LINUX_VERSION_CODE >= KERNEL_VERSION(4, 19, 0) 571 | : finish_open(file, dentry, ntfs_file_open); 572 | #else 573 | : finish_open(file, dentry, ntfs_file_open, opened); 574 | #endif 575 | dput(d); 576 | 577 | out2: 578 | fnd_put(fnd); 579 | out1: 580 | ni_unlock(ni); 581 | out: 582 | __putname(uni); 583 | 584 | return err; 585 | } 586 | 587 | struct dentry *ntfs3_get_parent(struct dentry *child) 588 | { 589 | struct inode *inode = d_inode(child); 590 | struct ntfs_inode *ni = ntfs_i(inode); 591 | 592 | struct ATTR_LIST_ENTRY *le = NULL; 593 | struct ATTRIB *attr = NULL; 594 | struct ATTR_FILE_NAME *fname; 595 | 596 | while ((attr = ni_find_attr(ni, attr, &le, ATTR_NAME, NULL, 0, NULL, 597 | NULL))) { 598 | fname = resident_data_ex(attr, SIZEOF_ATTRIBUTE_FILENAME); 599 | if (!fname) 600 | continue; 601 | 602 | return d_obtain_alias( 603 | ntfs_iget5(inode->i_sb, &fname->home, NULL)); 604 | } 605 | 606 | return ERR_PTR(-ENOENT); 607 | } 608 | 609 | const struct inode_operations ntfs_dir_inode_operations = { 610 | .lookup = ntfs_lookup, 611 | .create = ntfs_create, 612 | .link = ntfs_link, 613 | .unlink = ntfs_unlink, 614 | .symlink = ntfs_symlink, 615 | .mkdir = ntfs_mkdir, 616 | .rmdir = ntfs_rmdir, 617 | .rename = ntfs_rename, 618 | .permission = ntfs_permission, 619 | .get_acl = ntfs_get_acl, 620 | .set_acl = ntfs_set_acl, 621 | .setattr = ntfs3_setattr, 622 | .getattr = ntfs_getattr, 623 | .listxattr = ntfs_listxattr, 624 | .atomic_open = ntfs_atomic_open, 625 | .fiemap = ntfs_fiemap, 626 | }; 627 | -------------------------------------------------------------------------------- /ntfs3.rst: -------------------------------------------------------------------------------- 1 | .. SPDX-License-Identifier: GPL-2.0 2 | 3 | ===== 4 | NTFS3 5 | ===== 6 | 7 | 8 | Summary and Features 9 | ==================== 10 | 11 | NTFS3 is fully functional NTFS Read-Write driver. The driver works with 12 | NTFS versions up to 3.1, normal/compressed/sparse files 13 | and journal replaying. File system type to use on mount is 'ntfs3'. 14 | 15 | - This driver implements NTFS read/write support for normal, sparse and 16 | compressed files. 17 | - Supports native journal replaying; 18 | - Supports extended attributes 19 | Predefined extended attributes: 20 | - 'system.ntfs_security' gets/sets security 21 | descriptor (SECURITY_DESCRIPTOR_RELATIVE) 22 | - 'system.ntfs_attrib' gets/sets ntfs file/dir attributes. 23 | Note: applied to empty files, this allows to switch type between 24 | sparse(0x200), compressed(0x800) and normal; 25 | - Supports NFS export of mounted NTFS volumes. 26 | 27 | Mount Options 28 | ============= 29 | 30 | The list below describes mount options supported by NTFS3 driver in addition to 31 | generic ones. 32 | 33 | =============================================================================== 34 | 35 | nls=name This option informs the driver how to interpret path 36 | strings and translate them to Unicode and back. If 37 | this option is not set, the default codepage will be 38 | used (CONFIG_NLS_DEFAULT). 39 | Examples: 40 | 'nls=utf8' 41 | 42 | uid= 43 | gid= 44 | umask= Controls the default permissions for files/directories created 45 | after the NTFS volume is mounted. 46 | 47 | fmask= 48 | dmask= Instead of specifying umask which applies both to 49 | files and directories, fmask applies only to files and 50 | dmask only to directories. 51 | 52 | nohidden Files with the Windows-specific HIDDEN (FILE_ATTRIBUTE_HIDDEN) 53 | attribute will not be shown under Linux. 54 | 55 | sys_immutable Files with the Windows-specific SYSTEM 56 | (FILE_ATTRIBUTE_SYSTEM) attribute will be marked as system 57 | immutable files. 58 | 59 | discard Enable support of the TRIM command for improved performance 60 | on delete operations, which is recommended for use with the 61 | solid-state drives (SSD). 62 | 63 | force Forces the driver to mount partitions even if 'dirty' flag 64 | (volume dirty) is set. Not recommended for use. 65 | 66 | sparse Create new files as "sparse". 67 | 68 | showmeta Use this parameter to show all meta-files (System Files) on 69 | a mounted NTFS partition. 70 | By default, all meta-files are hidden. 71 | 72 | prealloc Preallocate space for files excessively when file size is 73 | increasing on writes. Decreases fragmentation in case of 74 | parallel write operations to different files. 75 | 76 | no_acs_rules "No access rules" mount option sets access rights for 77 | files/folders to 777 and owner/group to root. This mount 78 | option absorbs all other permissions: 79 | - permissions change for files/folders will be reported 80 | as successful, but they will remain 777; 81 | - owner/group change will be reported as successful, but 82 | they will stay as root 83 | 84 | acl Support POSIX ACLs (Access Control Lists). Effective if 85 | supported by Kernel. Not to be confused with NTFS ACLs. 86 | The option specified as acl enables support for POSIX ACLs. 87 | 88 | noatime All files and directories will not update their last access 89 | time attribute if a partition is mounted with this parameter. 90 | This option can speed up file system operation. 91 | 92 | =============================================================================== 93 | 94 | ToDo list 95 | ========= 96 | 97 | - Full journaling support (currently journal replaying is supported) over JBD. 98 | 99 | 100 | References 101 | ========== 102 | https://www.paragon-software.com/home/ntfs-linux-professional/ 103 | - Commercial version of the NTFS driver for Linux. 104 | 105 | almaz.alexandrovich@paragon-software.com 106 | - Direct e-mail address for feedback and requests on the NTFS3 implementation. 107 | 108 | -------------------------------------------------------------------------------- /record.c: -------------------------------------------------------------------------------- 1 | // SPDX-License-Identifier: GPL-2.0 2 | /* 3 | * 4 | * Copyright (C) 2019-2021 Paragon Software GmbH, All rights reserved. 5 | * 6 | */ 7 | 8 | #include 9 | #include 10 | #include 11 | #include 12 | 13 | #include "debug.h" 14 | #include "ntfs.h" 15 | #include "ntfs_fs.h" 16 | 17 | static inline int compare_attr(const struct ATTRIB *left, enum ATTR_TYPE type, 18 | const __le16 *name, u8 name_len, 19 | const u16 *upcase) 20 | { 21 | /* First, compare the type codes: */ 22 | int diff = le32_to_cpu(left->type) - le32_to_cpu(type); 23 | 24 | if (diff) 25 | return diff; 26 | 27 | /* 28 | * They have the same type code, so we have to compare the names. 29 | */ 30 | return ntfs_cmp_names(attr_name(left), left->name_len, name, name_len, 31 | upcase, true); 32 | } 33 | 34 | /* 35 | * mi_new_attt_id 36 | * 37 | * returns unused attribute id that is less than mrec->next_attr_id 38 | */ 39 | static __le16 mi_new_attt_id(struct mft_inode *mi) 40 | { 41 | u16 free_id, max_id, t16; 42 | struct MFT_REC *rec = mi->mrec; 43 | struct ATTRIB *attr; 44 | __le16 id; 45 | 46 | id = rec->next_attr_id; 47 | free_id = le16_to_cpu(id); 48 | if (free_id < 0x7FFF) { 49 | rec->next_attr_id = cpu_to_le16(free_id + 1); 50 | return id; 51 | } 52 | 53 | /* One record can store up to 1024/24 ~= 42 attributes */ 54 | free_id = 0; 55 | max_id = 0; 56 | 57 | attr = NULL; 58 | 59 | for (;;) { 60 | attr = mi_enum_attr(mi, attr); 61 | if (!attr) { 62 | rec->next_attr_id = cpu_to_le16(max_id + 1); 63 | mi->dirty = true; 64 | return cpu_to_le16(free_id); 65 | } 66 | 67 | t16 = le16_to_cpu(attr->id); 68 | if (t16 == free_id) { 69 | free_id += 1; 70 | attr = NULL; 71 | } else if (max_id < t16) 72 | max_id = t16; 73 | } 74 | } 75 | 76 | int mi_get(struct ntfs_sb_info *sbi, CLST rno, struct mft_inode **mi) 77 | { 78 | int err; 79 | struct mft_inode *m = ntfs_zalloc(sizeof(struct mft_inode)); 80 | 81 | if (!m) 82 | return -ENOMEM; 83 | 84 | err = mi_init(m, sbi, rno); 85 | if (err) { 86 | ntfs_free(m); 87 | return err; 88 | } 89 | 90 | err = mi_read(m, false); 91 | if (err) { 92 | mi_put(m); 93 | return err; 94 | } 95 | 96 | *mi = m; 97 | return 0; 98 | } 99 | 100 | void mi_put(struct mft_inode *mi) 101 | { 102 | mi_clear(mi); 103 | ntfs_free(mi); 104 | } 105 | 106 | int mi_init(struct mft_inode *mi, struct ntfs_sb_info *sbi, CLST rno) 107 | { 108 | mi->sbi = sbi; 109 | mi->rno = rno; 110 | mi->mrec = ntfs_malloc(sbi->record_size); 111 | if (!mi->mrec) 112 | return -ENOMEM; 113 | 114 | return 0; 115 | } 116 | 117 | /* 118 | * mi_read 119 | * 120 | * reads MFT data 121 | */ 122 | int mi_read(struct mft_inode *mi, bool is_mft) 123 | { 124 | int err; 125 | struct MFT_REC *rec = mi->mrec; 126 | struct ntfs_sb_info *sbi = mi->sbi; 127 | u32 bpr = sbi->record_size; 128 | u64 vbo = (u64)mi->rno << sbi->record_bits; 129 | struct ntfs_inode *mft_ni = sbi->mft.ni; 130 | struct runs_tree *run = mft_ni ? &mft_ni->file.run : NULL; 131 | struct rw_semaphore *rw_lock = NULL; 132 | 133 | if (is_mounted(sbi)) { 134 | if (!is_mft) { 135 | rw_lock = &mft_ni->file.run_lock; 136 | down_read(rw_lock); 137 | } 138 | } 139 | 140 | err = ntfs_read_bh(sbi, run, vbo, &rec->rhdr, bpr, &mi->nb); 141 | if (rw_lock) 142 | up_read(rw_lock); 143 | if (!err) 144 | goto ok; 145 | 146 | if (err == -E_NTFS_FIXUP) { 147 | mi->dirty = true; 148 | goto ok; 149 | } 150 | 151 | if (err != -ENOENT) 152 | goto out; 153 | 154 | if (rw_lock) { 155 | ni_lock(mft_ni); 156 | down_write(rw_lock); 157 | } 158 | err = attr_load_runs_vcn(mft_ni, ATTR_DATA, NULL, 0, &mft_ni->file.run, 159 | vbo >> sbi->cluster_bits); 160 | if (rw_lock) { 161 | up_write(rw_lock); 162 | ni_unlock(mft_ni); 163 | } 164 | if (err) 165 | goto out; 166 | 167 | if (rw_lock) 168 | down_read(rw_lock); 169 | err = ntfs_read_bh(sbi, run, vbo, &rec->rhdr, bpr, &mi->nb); 170 | if (rw_lock) 171 | up_read(rw_lock); 172 | 173 | if (err == -E_NTFS_FIXUP) { 174 | mi->dirty = true; 175 | goto ok; 176 | } 177 | if (err) 178 | goto out; 179 | 180 | ok: 181 | /* check field 'total' only here */ 182 | if (le32_to_cpu(rec->total) != bpr) { 183 | err = -EINVAL; 184 | goto out; 185 | } 186 | 187 | return 0; 188 | 189 | out: 190 | return err; 191 | } 192 | 193 | struct ATTRIB *mi_enum_attr(struct mft_inode *mi, struct ATTRIB *attr) 194 | { 195 | const struct MFT_REC *rec = mi->mrec; 196 | u32 used = le32_to_cpu(rec->used); 197 | u32 t32, off, asize; 198 | u16 t16; 199 | 200 | if (!attr) { 201 | u32 total = le32_to_cpu(rec->total); 202 | 203 | off = le16_to_cpu(rec->attr_off); 204 | 205 | if (used > total) 206 | return NULL; 207 | 208 | if (off >= used || off < MFTRECORD_FIXUP_OFFSET_1 || 209 | !IsDwordAligned(off)) { 210 | return NULL; 211 | } 212 | 213 | /* Skip non-resident records */ 214 | if (!is_rec_inuse(rec)) 215 | return NULL; 216 | 217 | attr = Add2Ptr(rec, off); 218 | } else { 219 | /* Check if input attr inside record */ 220 | off = PtrOffset(rec, attr); 221 | if (off >= used) 222 | return NULL; 223 | 224 | asize = le32_to_cpu(attr->size); 225 | if (asize < SIZEOF_RESIDENT) { 226 | /* Impossible 'cause we should not return such attribute */ 227 | return NULL; 228 | } 229 | 230 | attr = Add2Ptr(attr, asize); 231 | off += asize; 232 | } 233 | 234 | asize = le32_to_cpu(attr->size); 235 | 236 | /* Can we use the first field (attr->type) */ 237 | if (off + 8 > used) { 238 | static_assert(QuadAlign(sizeof(enum ATTR_TYPE)) == 8); 239 | return NULL; 240 | } 241 | 242 | if (attr->type == ATTR_END) { 243 | /* end of enumeration */ 244 | return NULL; 245 | } 246 | 247 | /* 0x100 is last known attribute for now*/ 248 | t32 = le32_to_cpu(attr->type); 249 | if ((t32 & 0xf) || (t32 > 0x100)) 250 | return NULL; 251 | 252 | /* Check boundary */ 253 | if (off + asize > used) 254 | return NULL; 255 | 256 | /* Check size of attribute */ 257 | if (!attr->non_res) { 258 | if (asize < SIZEOF_RESIDENT) 259 | return NULL; 260 | 261 | t16 = le16_to_cpu(attr->res.data_off); 262 | 263 | if (t16 > asize) 264 | return NULL; 265 | 266 | t32 = le32_to_cpu(attr->res.data_size); 267 | if (t16 + t32 > asize) 268 | return NULL; 269 | 270 | return attr; 271 | } 272 | 273 | /* Check some nonresident fields */ 274 | if (attr->name_len && 275 | le16_to_cpu(attr->name_off) + sizeof(short) * attr->name_len > 276 | le16_to_cpu(attr->nres.run_off)) { 277 | return NULL; 278 | } 279 | 280 | if (attr->nres.svcn || !is_attr_ext(attr)) { 281 | if (asize + 8 < SIZEOF_NONRESIDENT) 282 | return NULL; 283 | 284 | if (attr->nres.c_unit) 285 | return NULL; 286 | } else if (asize + 8 < SIZEOF_NONRESIDENT_EX) 287 | return NULL; 288 | 289 | return attr; 290 | } 291 | 292 | /* 293 | * mi_find_attr 294 | * 295 | * finds the attribute by type and name and id 296 | */ 297 | struct ATTRIB *mi_find_attr(struct mft_inode *mi, struct ATTRIB *attr, 298 | enum ATTR_TYPE type, const __le16 *name, 299 | size_t name_len, const __le16 *id) 300 | { 301 | u32 type_in = le32_to_cpu(type); 302 | u32 atype; 303 | 304 | next_attr: 305 | attr = mi_enum_attr(mi, attr); 306 | if (!attr) 307 | return NULL; 308 | 309 | atype = le32_to_cpu(attr->type); 310 | if (atype > type_in) 311 | return NULL; 312 | 313 | if (atype < type_in) 314 | goto next_attr; 315 | 316 | if (attr->name_len != name_len) 317 | goto next_attr; 318 | 319 | if (name_len && memcmp(attr_name(attr), name, name_len * sizeof(short))) 320 | goto next_attr; 321 | 322 | if (id && *id != attr->id) 323 | goto next_attr; 324 | 325 | return attr; 326 | } 327 | 328 | int mi_write(struct mft_inode *mi, int wait) 329 | { 330 | struct MFT_REC *rec; 331 | int err; 332 | struct ntfs_sb_info *sbi; 333 | 334 | if (!mi->dirty) 335 | return 0; 336 | 337 | sbi = mi->sbi; 338 | rec = mi->mrec; 339 | 340 | err = ntfs_write_bh(sbi, &rec->rhdr, &mi->nb, wait); 341 | if (err) 342 | return err; 343 | 344 | if (mi->rno < sbi->mft.recs_mirr) 345 | sbi->flags |= NTFS_FLAGS_MFTMIRR; 346 | 347 | mi->dirty = false; 348 | 349 | return 0; 350 | } 351 | 352 | int mi_format_new(struct mft_inode *mi, struct ntfs_sb_info *sbi, CLST rno, 353 | __le16 flags, bool is_mft) 354 | { 355 | int err; 356 | u16 seq = 1; 357 | struct MFT_REC *rec; 358 | u64 vbo = (u64)rno << sbi->record_bits; 359 | 360 | err = mi_init(mi, sbi, rno); 361 | if (err) 362 | return err; 363 | 364 | rec = mi->mrec; 365 | 366 | if (rno == MFT_REC_MFT) { 367 | ; 368 | } else if (rno < MFT_REC_FREE) { 369 | seq = rno; 370 | } else if (rno >= sbi->mft.used) { 371 | ; 372 | } else if (mi_read(mi, is_mft)) { 373 | ; 374 | } else if (rec->rhdr.sign == NTFS_FILE_SIGNATURE) { 375 | /* Record is reused. Update its sequence number */ 376 | seq = le16_to_cpu(rec->seq) + 1; 377 | if (!seq) 378 | seq = 1; 379 | } 380 | 381 | memcpy(rec, sbi->new_rec, sbi->record_size); 382 | 383 | rec->seq = cpu_to_le16(seq); 384 | rec->flags = RECORD_FLAG_IN_USE | flags; 385 | 386 | mi->dirty = true; 387 | 388 | if (!mi->nb.nbufs) { 389 | struct ntfs_inode *ni = sbi->mft.ni; 390 | bool lock = false; 391 | 392 | if (is_mounted(sbi) && !is_mft) { 393 | down_read(&ni->file.run_lock); 394 | lock = true; 395 | } 396 | 397 | err = ntfs_get_bh(sbi, &ni->file.run, vbo, sbi->record_size, 398 | &mi->nb); 399 | if (lock) 400 | up_read(&ni->file.run_lock); 401 | } 402 | 403 | return err; 404 | } 405 | 406 | /* 407 | * mi_mark_free 408 | * 409 | * marks record as unused and marks it as free in bitmap 410 | */ 411 | void mi_mark_free(struct mft_inode *mi) 412 | { 413 | CLST rno = mi->rno; 414 | struct ntfs_sb_info *sbi = mi->sbi; 415 | 416 | if (rno >= MFT_REC_RESERVED && rno < MFT_REC_FREE) { 417 | ntfs_clear_mft_tail(sbi, rno, rno + 1); 418 | mi->dirty = false; 419 | return; 420 | } 421 | 422 | if (mi->mrec) { 423 | clear_rec_inuse(mi->mrec); 424 | mi->dirty = true; 425 | mi_write(mi, 0); 426 | } 427 | ntfs_mark_rec_free(sbi, rno); 428 | } 429 | 430 | /* 431 | * mi_insert_attr 432 | * 433 | * reserves space for new attribute 434 | * returns not full constructed attribute or NULL if not possible to create 435 | */ 436 | struct ATTRIB *mi_insert_attr(struct mft_inode *mi, enum ATTR_TYPE type, 437 | const __le16 *name, u8 name_len, u32 asize, 438 | u16 name_off) 439 | { 440 | size_t tail; 441 | struct ATTRIB *attr; 442 | __le16 id; 443 | struct MFT_REC *rec = mi->mrec; 444 | struct ntfs_sb_info *sbi = mi->sbi; 445 | u32 used = le32_to_cpu(rec->used); 446 | const u16 *upcase = sbi->upcase; 447 | int diff; 448 | 449 | /* Can we insert mi attribute? */ 450 | if (used + asize > mi->sbi->record_size) 451 | return NULL; 452 | 453 | /* 454 | * Scan through the list of attributes to find the point 455 | * at which we should insert it. 456 | */ 457 | attr = NULL; 458 | while ((attr = mi_enum_attr(mi, attr))) { 459 | diff = compare_attr(attr, type, name, name_len, upcase); 460 | if (diff > 0) 461 | break; 462 | if (diff < 0) 463 | continue; 464 | 465 | if (!is_attr_indexed(attr)) 466 | return NULL; 467 | break; 468 | } 469 | 470 | if (!attr) { 471 | tail = 8; /* not used, just to suppress warning */ 472 | attr = Add2Ptr(rec, used - 8); 473 | } else { 474 | tail = used - PtrOffset(rec, attr); 475 | } 476 | 477 | id = mi_new_attt_id(mi); 478 | 479 | memmove(Add2Ptr(attr, asize), attr, tail); 480 | memset(attr, 0, asize); 481 | 482 | attr->type = type; 483 | attr->size = cpu_to_le32(asize); 484 | attr->name_len = name_len; 485 | attr->name_off = cpu_to_le16(name_off); 486 | attr->id = id; 487 | 488 | memmove(Add2Ptr(attr, name_off), name, name_len * sizeof(short)); 489 | rec->used = cpu_to_le32(used + asize); 490 | 491 | mi->dirty = true; 492 | 493 | return attr; 494 | } 495 | 496 | /* 497 | * mi_remove_attr 498 | * 499 | * removes the attribute from record 500 | * NOTE: The source attr will point to next attribute 501 | */ 502 | bool mi_remove_attr(struct mft_inode *mi, struct ATTRIB *attr) 503 | { 504 | struct MFT_REC *rec = mi->mrec; 505 | u32 aoff = PtrOffset(rec, attr); 506 | u32 used = le32_to_cpu(rec->used); 507 | u32 asize = le32_to_cpu(attr->size); 508 | 509 | if (aoff + asize > used) 510 | return false; 511 | 512 | used -= asize; 513 | memmove(attr, Add2Ptr(attr, asize), used - aoff); 514 | rec->used = cpu_to_le32(used); 515 | mi->dirty = true; 516 | 517 | return true; 518 | } 519 | 520 | /* bytes = "new attribute size" - "old attribute size" */ 521 | bool mi_resize_attr(struct mft_inode *mi, struct ATTRIB *attr, int bytes) 522 | { 523 | struct MFT_REC *rec = mi->mrec; 524 | u32 aoff = PtrOffset(rec, attr); 525 | u32 total, used = le32_to_cpu(rec->used); 526 | u32 nsize, asize = le32_to_cpu(attr->size); 527 | u32 rsize = le32_to_cpu(attr->res.data_size); 528 | int tail = (int)(used - aoff - asize); 529 | int dsize; 530 | char *next; 531 | 532 | if (tail < 0 || aoff >= used) 533 | return false; 534 | 535 | if (!bytes) 536 | return true; 537 | 538 | total = le32_to_cpu(rec->total); 539 | next = Add2Ptr(attr, asize); 540 | 541 | if (bytes > 0) { 542 | dsize = QuadAlign(bytes); 543 | if (used + dsize > total) 544 | return false; 545 | nsize = asize + dsize; 546 | // move tail 547 | memmove(next + dsize, next, tail); 548 | memset(next, 0, dsize); 549 | used += dsize; 550 | rsize += dsize; 551 | } else { 552 | dsize = QuadAlign(-bytes); 553 | if (dsize > asize) 554 | return false; 555 | nsize = asize - dsize; 556 | memmove(next - dsize, next, tail); 557 | used -= dsize; 558 | rsize -= dsize; 559 | } 560 | 561 | rec->used = cpu_to_le32(used); 562 | attr->size = cpu_to_le32(nsize); 563 | if (!attr->non_res) 564 | attr->res.data_size = cpu_to_le32(rsize); 565 | mi->dirty = true; 566 | 567 | return true; 568 | } 569 | 570 | int mi_pack_runs(struct mft_inode *mi, struct ATTRIB *attr, 571 | struct runs_tree *run, CLST len) 572 | { 573 | int err = 0; 574 | struct ntfs_sb_info *sbi = mi->sbi; 575 | u32 new_run_size; 576 | CLST plen; 577 | struct MFT_REC *rec = mi->mrec; 578 | CLST svcn = le64_to_cpu(attr->nres.svcn); 579 | u32 used = le32_to_cpu(rec->used); 580 | u32 aoff = PtrOffset(rec, attr); 581 | u32 asize = le32_to_cpu(attr->size); 582 | char *next = Add2Ptr(attr, asize); 583 | u16 run_off = le16_to_cpu(attr->nres.run_off); 584 | u32 run_size = asize - run_off; 585 | u32 tail = used - aoff - asize; 586 | u32 dsize = sbi->record_size - used; 587 | 588 | /* Make a maximum gap in current record */ 589 | memmove(next + dsize, next, tail); 590 | 591 | /* Pack as much as possible */ 592 | err = run_pack(run, svcn, len, Add2Ptr(attr, run_off), run_size + dsize, 593 | &plen); 594 | if (err < 0) { 595 | memmove(next, next + dsize, tail); 596 | return err; 597 | } 598 | 599 | new_run_size = QuadAlign(err); 600 | 601 | memmove(next + new_run_size - run_size, next + dsize, tail); 602 | 603 | attr->size = cpu_to_le32(asize + new_run_size - run_size); 604 | attr->nres.evcn = cpu_to_le64(svcn + plen - 1); 605 | rec->used = cpu_to_le32(used + new_run_size - run_size); 606 | mi->dirty = true; 607 | 608 | return 0; 609 | } 610 | -------------------------------------------------------------------------------- /run.c: -------------------------------------------------------------------------------- 1 | // SPDX-License-Identifier: GPL-2.0 2 | /* 3 | * 4 | * Copyright (C) 2019-2021 Paragon Software GmbH, All rights reserved. 5 | * 6 | * TODO: try to use extents tree (instead of array) 7 | */ 8 | 9 | #include 10 | #include 11 | #include 12 | #include 13 | #include 14 | #include 15 | 16 | #include "debug.h" 17 | #include "ntfs.h" 18 | #include "ntfs_fs.h" 19 | 20 | /* runs_tree is a continues memory. Try to avoid big size */ 21 | #define NTFS3_RUN_MAX_BYTES 0x10000 22 | 23 | struct ntfs_run { 24 | CLST vcn; /* virtual cluster number */ 25 | CLST len; /* length in clusters */ 26 | CLST lcn; /* logical cluster number */ 27 | }; 28 | 29 | /* 30 | * run_lookup 31 | * 32 | * Lookup the index of a MCB entry that is first <= vcn. 33 | * case of success it will return non-zero value and set 34 | * 'index' parameter to index of entry been found. 35 | * case of entry missing from list 'index' will be set to 36 | * point to insertion position for the entry question. 37 | */ 38 | bool run_lookup(const struct runs_tree *run, CLST vcn, size_t *index) 39 | { 40 | size_t min_idx, max_idx, mid_idx; 41 | struct ntfs_run *r; 42 | 43 | if (!run->count) { 44 | *index = 0; 45 | return false; 46 | } 47 | 48 | min_idx = 0; 49 | max_idx = run->count - 1; 50 | 51 | /* Check boundary cases specially, 'cause they cover the often requests */ 52 | r = run->runs; 53 | if (vcn < r->vcn) { 54 | *index = 0; 55 | return false; 56 | } 57 | 58 | if (vcn < r->vcn + r->len) { 59 | *index = 0; 60 | return true; 61 | } 62 | 63 | r += max_idx; 64 | if (vcn >= r->vcn + r->len) { 65 | *index = run->count; 66 | return false; 67 | } 68 | 69 | if (vcn >= r->vcn) { 70 | *index = max_idx; 71 | return true; 72 | } 73 | 74 | do { 75 | mid_idx = min_idx + ((max_idx - min_idx) >> 1); 76 | r = run->runs + mid_idx; 77 | 78 | if (vcn < r->vcn) { 79 | max_idx = mid_idx - 1; 80 | if (!mid_idx) 81 | break; 82 | } else if (vcn >= r->vcn + r->len) { 83 | min_idx = mid_idx + 1; 84 | } else { 85 | *index = mid_idx; 86 | return true; 87 | } 88 | } while (min_idx <= max_idx); 89 | 90 | *index = max_idx + 1; 91 | return false; 92 | } 93 | 94 | /* 95 | * run_consolidate 96 | * 97 | * consolidate runs starting from a given one. 98 | */ 99 | static void run_consolidate(struct runs_tree *run, size_t index) 100 | { 101 | size_t i; 102 | struct ntfs_run *r = run->runs + index; 103 | 104 | while (index + 1 < run->count) { 105 | /* 106 | * I should merge current run with next 107 | * if start of the next run lies inside one being tested. 108 | */ 109 | struct ntfs_run *n = r + 1; 110 | CLST end = r->vcn + r->len; 111 | CLST dl; 112 | 113 | /* Stop if runs are not aligned one to another. */ 114 | if (n->vcn > end) 115 | break; 116 | 117 | dl = end - n->vcn; 118 | 119 | /* 120 | * If range at index overlaps with next one 121 | * then I will either adjust it's start position 122 | * or (if completely matches) dust remove one from the list. 123 | */ 124 | if (dl > 0) { 125 | if (n->len <= dl) 126 | goto remove_next_range; 127 | 128 | n->len -= dl; 129 | n->vcn += dl; 130 | if (n->lcn != SPARSE_LCN) 131 | n->lcn += dl; 132 | dl = 0; 133 | } 134 | 135 | /* 136 | * Stop if sparse mode does not match 137 | * both current and next runs. 138 | */ 139 | if ((n->lcn == SPARSE_LCN) != (r->lcn == SPARSE_LCN)) { 140 | index += 1; 141 | r = n; 142 | continue; 143 | } 144 | 145 | /* 146 | * Check if volume block 147 | * of a next run lcn does not match 148 | * last volume block of the current run. 149 | */ 150 | if (n->lcn != SPARSE_LCN && n->lcn != r->lcn + r->len) 151 | break; 152 | 153 | /* 154 | * Next and current are siblings. 155 | * Eat/join. 156 | */ 157 | r->len += n->len - dl; 158 | 159 | remove_next_range: 160 | i = run->count - (index + 1); 161 | if (i > 1) 162 | memmove(n, n + 1, sizeof(*n) * (i - 1)); 163 | 164 | run->count -= 1; 165 | } 166 | } 167 | 168 | /* returns true if range [svcn - evcn] is mapped*/ 169 | bool run_is_mapped_full(const struct runs_tree *run, CLST svcn, CLST evcn) 170 | { 171 | size_t i; 172 | const struct ntfs_run *r, *end; 173 | CLST next_vcn; 174 | 175 | if (!run_lookup(run, svcn, &i)) 176 | return false; 177 | 178 | end = run->runs + run->count; 179 | r = run->runs + i; 180 | 181 | for (;;) { 182 | next_vcn = r->vcn + r->len; 183 | if (next_vcn > evcn) 184 | return true; 185 | 186 | if (++r >= end) 187 | return false; 188 | 189 | if (r->vcn != next_vcn) 190 | return false; 191 | } 192 | } 193 | 194 | bool run_lookup_entry(const struct runs_tree *run, CLST vcn, CLST *lcn, 195 | CLST *len, size_t *index) 196 | { 197 | size_t idx; 198 | CLST gap; 199 | struct ntfs_run *r; 200 | 201 | /* Fail immediately if nrun was not touched yet. */ 202 | if (!run->runs) 203 | return false; 204 | 205 | if (!run_lookup(run, vcn, &idx)) 206 | return false; 207 | 208 | r = run->runs + idx; 209 | 210 | if (vcn >= r->vcn + r->len) 211 | return false; 212 | 213 | gap = vcn - r->vcn; 214 | if (r->len <= gap) 215 | return false; 216 | 217 | *lcn = r->lcn == SPARSE_LCN ? SPARSE_LCN : (r->lcn + gap); 218 | 219 | if (len) 220 | *len = r->len - gap; 221 | if (index) 222 | *index = idx; 223 | 224 | return true; 225 | } 226 | 227 | /* 228 | * run_truncate_head 229 | * 230 | * decommit the range before vcn 231 | */ 232 | void run_truncate_head(struct runs_tree *run, CLST vcn) 233 | { 234 | size_t index; 235 | struct ntfs_run *r; 236 | 237 | if (run_lookup(run, vcn, &index)) { 238 | r = run->runs + index; 239 | 240 | if (vcn > r->vcn) { 241 | CLST dlen = vcn - r->vcn; 242 | 243 | r->vcn = vcn; 244 | r->len -= dlen; 245 | if (r->lcn != SPARSE_LCN) 246 | r->lcn += dlen; 247 | } 248 | 249 | if (!index) 250 | return; 251 | } 252 | r = run->runs; 253 | memmove(r, r + index, sizeof(*r) * (run->count - index)); 254 | 255 | run->count -= index; 256 | 257 | if (!run->count) { 258 | ntfs_vfree(run->runs); 259 | run->runs = NULL; 260 | run->allocated = 0; 261 | } 262 | } 263 | 264 | /* 265 | * run_truncate 266 | * 267 | * decommit the range after vcn 268 | */ 269 | void run_truncate(struct runs_tree *run, CLST vcn) 270 | { 271 | size_t index; 272 | 273 | /* 274 | * If I hit the range then 275 | * I have to truncate one. 276 | * If range to be truncated is becoming empty 277 | * then it will entirely be removed. 278 | */ 279 | if (run_lookup(run, vcn, &index)) { 280 | struct ntfs_run *r = run->runs + index; 281 | 282 | r->len = vcn - r->vcn; 283 | 284 | if (r->len > 0) 285 | index += 1; 286 | } 287 | 288 | /* 289 | * At this point 'index' is set to 290 | * position that should be thrown away (including index itself) 291 | * Simple one - just set the limit. 292 | */ 293 | run->count = index; 294 | 295 | /* Do not reallocate array 'runs'. Only free if possible */ 296 | if (!index) { 297 | ntfs_vfree(run->runs); 298 | run->runs = NULL; 299 | run->allocated = 0; 300 | } 301 | } 302 | 303 | /* trim head and tail if necessary*/ 304 | void run_truncate_around(struct runs_tree *run, CLST vcn) 305 | { 306 | run_truncate_head(run, vcn); 307 | 308 | if (run->count >= NTFS3_RUN_MAX_BYTES / sizeof(struct ntfs_run) / 2) 309 | run_truncate(run, (run->runs + (run->count >> 1))->vcn); 310 | } 311 | 312 | /* 313 | * run_add_entry 314 | * 315 | * sets location to known state. 316 | * run to be added may overlap with existing location. 317 | * returns false if of memory 318 | */ 319 | bool run_add_entry(struct runs_tree *run, CLST vcn, CLST lcn, CLST len, 320 | bool is_mft) 321 | { 322 | size_t used, index; 323 | struct ntfs_run *r; 324 | bool inrange; 325 | CLST tail_vcn = 0, tail_len = 0, tail_lcn = 0; 326 | bool should_add_tail = false; 327 | 328 | /* 329 | * Lookup the insertion point. 330 | * 331 | * Execute bsearch for the entry containing 332 | * start position question. 333 | */ 334 | inrange = run_lookup(run, vcn, &index); 335 | 336 | /* 337 | * Shortcut here would be case of 338 | * range not been found but one been added 339 | * continues previous run. 340 | * this case I can directly make use of 341 | * existing range as my start point. 342 | */ 343 | if (!inrange && index > 0) { 344 | struct ntfs_run *t = run->runs + index - 1; 345 | 346 | if (t->vcn + t->len == vcn && 347 | (t->lcn == SPARSE_LCN) == (lcn == SPARSE_LCN) && 348 | (lcn == SPARSE_LCN || lcn == t->lcn + t->len)) { 349 | inrange = true; 350 | index -= 1; 351 | } 352 | } 353 | 354 | /* 355 | * At this point 'index' either points to the range 356 | * containing start position or to the insertion position 357 | * for a new range. 358 | * So first let's check if range I'm probing is here already. 359 | */ 360 | if (!inrange) { 361 | requires_new_range: 362 | /* 363 | * Range was not found. 364 | * Insert at position 'index' 365 | */ 366 | used = run->count * sizeof(struct ntfs_run); 367 | 368 | /* 369 | * Check allocated space. 370 | * If one is not enough to get one more entry 371 | * then it will be reallocated 372 | */ 373 | if (run->allocated < used + sizeof(struct ntfs_run)) { 374 | size_t bytes; 375 | struct ntfs_run *new_ptr; 376 | 377 | /* Use power of 2 for 'bytes'*/ 378 | if (!used) { 379 | bytes = 64; 380 | } else if (used <= 16 * PAGE_SIZE) { 381 | if (is_power_of2(run->allocated)) 382 | bytes = run->allocated << 1; 383 | else 384 | bytes = (size_t)1 385 | << (2 + blksize_bits(used)); 386 | } else { 387 | bytes = run->allocated + (16 * PAGE_SIZE); 388 | } 389 | 390 | WARN_ON(!is_mft && bytes > NTFS3_RUN_MAX_BYTES); 391 | 392 | #if LINUX_VERSION_CODE >= KERNEL_VERSION(4, 12, 0) 393 | new_ptr = ntfs_vmalloc(bytes); 394 | #else 395 | new_ptr = kmalloc(bytes, GFP_KERNEL | __GFP_NOWARN); 396 | if (!new_ptr) 397 | new_ptr = vmalloc(bytes); 398 | #endif 399 | 400 | if (!new_ptr) 401 | return false; 402 | 403 | r = new_ptr + index; 404 | memcpy(new_ptr, run->runs, 405 | index * sizeof(struct ntfs_run)); 406 | memcpy(r + 1, run->runs + index, 407 | sizeof(struct ntfs_run) * (run->count - index)); 408 | 409 | ntfs_vfree(run->runs); 410 | run->runs = new_ptr; 411 | run->allocated = bytes; 412 | 413 | } else { 414 | size_t i = run->count - index; 415 | 416 | r = run->runs + index; 417 | 418 | /* memmove appears to be a bottle neck here... */ 419 | if (i > 0) 420 | memmove(r + 1, r, sizeof(struct ntfs_run) * i); 421 | } 422 | 423 | r->vcn = vcn; 424 | r->lcn = lcn; 425 | r->len = len; 426 | run->count += 1; 427 | } else { 428 | r = run->runs + index; 429 | 430 | /* 431 | * If one of ranges was not allocated 432 | * then I have to split location I just matched. 433 | * and insert current one 434 | * a common case this requires tail to be reinserted 435 | * a recursive call. 436 | */ 437 | if (((lcn == SPARSE_LCN) != (r->lcn == SPARSE_LCN)) || 438 | (lcn != SPARSE_LCN && lcn != r->lcn + (vcn - r->vcn))) { 439 | CLST to_eat = vcn - r->vcn; 440 | CLST Tovcn = to_eat + len; 441 | 442 | should_add_tail = Tovcn < r->len; 443 | 444 | if (should_add_tail) { 445 | tail_lcn = r->lcn == SPARSE_LCN 446 | ? SPARSE_LCN 447 | : (r->lcn + Tovcn); 448 | tail_vcn = r->vcn + Tovcn; 449 | tail_len = r->len - Tovcn; 450 | } 451 | 452 | if (to_eat > 0) { 453 | r->len = to_eat; 454 | inrange = false; 455 | index += 1; 456 | goto requires_new_range; 457 | } 458 | 459 | /* lcn should match one I'm going to add. */ 460 | r->lcn = lcn; 461 | } 462 | 463 | /* 464 | * If existing range fits then I'm done. 465 | * Otherwise extend found one and fall back to range jocode. 466 | */ 467 | if (r->vcn + r->len < vcn + len) 468 | r->len += len - ((r->vcn + r->len) - vcn); 469 | } 470 | 471 | /* 472 | * And normalize it starting from insertion point. 473 | * It's possible that no insertion needed case if 474 | * start point lies within the range of an entry 475 | * that 'index' points to. 476 | */ 477 | if (inrange && index > 0) 478 | index -= 1; 479 | run_consolidate(run, index); 480 | run_consolidate(run, index + 1); 481 | 482 | /* 483 | * a special case 484 | * I have to add extra range a tail. 485 | */ 486 | if (should_add_tail && 487 | !run_add_entry(run, tail_vcn, tail_lcn, tail_len, is_mft)) 488 | return false; 489 | 490 | return true; 491 | } 492 | 493 | /*helper for attr_collapse_range, which is helper for fallocate(collapse_range)*/ 494 | bool run_collapse_range(struct runs_tree *run, CLST vcn, CLST len) 495 | { 496 | size_t index, eat; 497 | struct ntfs_run *r, *e, *eat_start, *eat_end; 498 | CLST end; 499 | 500 | if (WARN_ON(!run_lookup(run, vcn, &index))) 501 | return true; /* should never be here */ 502 | 503 | e = run->runs + run->count; 504 | r = run->runs + index; 505 | end = vcn + len; 506 | 507 | if (vcn > r->vcn) { 508 | if (r->vcn + r->len <= end) { 509 | /* collapse tail of run */ 510 | r->len = vcn - r->vcn; 511 | } else if (r->lcn == SPARSE_LCN) { 512 | /* collapse a middle part of sparsed run */ 513 | r->len -= len; 514 | } else { 515 | /* collapse a middle part of normal run, split */ 516 | if (!run_add_entry(run, vcn, SPARSE_LCN, len, false)) 517 | return false; 518 | return run_collapse_range(run, vcn, len); 519 | } 520 | 521 | r += 1; 522 | } 523 | 524 | eat_start = r; 525 | eat_end = r; 526 | 527 | for (; r < e; r++) { 528 | CLST d; 529 | 530 | if (r->vcn >= end) { 531 | r->vcn -= len; 532 | continue; 533 | } 534 | 535 | if (r->vcn + r->len <= end) { 536 | /* eat this run */ 537 | eat_end = r + 1; 538 | continue; 539 | } 540 | 541 | d = end - r->vcn; 542 | if (r->lcn != SPARSE_LCN) 543 | r->lcn += d; 544 | r->len -= d; 545 | r->vcn -= len - d; 546 | } 547 | 548 | eat = eat_end - eat_start; 549 | memmove(eat_start, eat_end, (e - eat_end) * sizeof(*r)); 550 | run->count -= eat; 551 | 552 | return true; 553 | } 554 | 555 | /* 556 | * run_get_entry 557 | * 558 | * returns index-th mapped region 559 | */ 560 | bool run_get_entry(const struct runs_tree *run, size_t index, CLST *vcn, 561 | CLST *lcn, CLST *len) 562 | { 563 | const struct ntfs_run *r; 564 | 565 | if (index >= run->count) 566 | return false; 567 | 568 | r = run->runs + index; 569 | 570 | if (!r->len) 571 | return false; 572 | 573 | if (vcn) 574 | *vcn = r->vcn; 575 | if (lcn) 576 | *lcn = r->lcn; 577 | if (len) 578 | *len = r->len; 579 | return true; 580 | } 581 | 582 | /* 583 | * run_packed_size 584 | * 585 | * calculates the size of packed int64 586 | */ 587 | #ifdef __BIG_ENDIAN 588 | static inline int run_packed_size(const s64 n) 589 | { 590 | const u8 *p = (const u8 *)&n + sizeof(n) - 1; 591 | 592 | if (n >= 0) { 593 | if (p[-7] || p[-6] || p[-5] || p[-4]) 594 | p -= 4; 595 | if (p[-3] || p[-2]) 596 | p -= 2; 597 | if (p[-1]) 598 | p -= 1; 599 | if (p[0] & 0x80) 600 | p -= 1; 601 | } else { 602 | if (p[-7] != 0xff || p[-6] != 0xff || p[-5] != 0xff || 603 | p[-4] != 0xff) 604 | p -= 4; 605 | if (p[-3] != 0xff || p[-2] != 0xff) 606 | p -= 2; 607 | if (p[-1] != 0xff) 608 | p -= 1; 609 | if (!(p[0] & 0x80)) 610 | p -= 1; 611 | } 612 | return (const u8 *)&n + sizeof(n) - p; 613 | } 614 | 615 | /* full trusted function. It does not check 'size' for errors */ 616 | static inline void run_pack_s64(u8 *run_buf, u8 size, s64 v) 617 | { 618 | const u8 *p = (u8 *)&v; 619 | 620 | switch (size) { 621 | case 8: 622 | run_buf[7] = p[0]; 623 | fallthrough; 624 | case 7: 625 | run_buf[6] = p[1]; 626 | fallthrough; 627 | case 6: 628 | run_buf[5] = p[2]; 629 | fallthrough; 630 | case 5: 631 | run_buf[4] = p[3]; 632 | fallthrough; 633 | case 4: 634 | run_buf[3] = p[4]; 635 | fallthrough; 636 | case 3: 637 | run_buf[2] = p[5]; 638 | fallthrough; 639 | case 2: 640 | run_buf[1] = p[6]; 641 | fallthrough; 642 | case 1: 643 | run_buf[0] = p[7]; 644 | } 645 | } 646 | 647 | /* full trusted function. It does not check 'size' for errors */ 648 | static inline s64 run_unpack_s64(const u8 *run_buf, u8 size, s64 v) 649 | { 650 | u8 *p = (u8 *)&v; 651 | 652 | switch (size) { 653 | case 8: 654 | p[0] = run_buf[7]; 655 | fallthrough; 656 | case 7: 657 | p[1] = run_buf[6]; 658 | fallthrough; 659 | case 6: 660 | p[2] = run_buf[5]; 661 | fallthrough; 662 | case 5: 663 | p[3] = run_buf[4]; 664 | fallthrough; 665 | case 4: 666 | p[4] = run_buf[3]; 667 | fallthrough; 668 | case 3: 669 | p[5] = run_buf[2]; 670 | fallthrough; 671 | case 2: 672 | p[6] = run_buf[1]; 673 | fallthrough; 674 | case 1: 675 | p[7] = run_buf[0]; 676 | } 677 | return v; 678 | } 679 | 680 | #else 681 | 682 | static inline int run_packed_size(const s64 n) 683 | { 684 | const u8 *p = (const u8 *)&n; 685 | 686 | if (n >= 0) { 687 | if (p[7] || p[6] || p[5] || p[4]) 688 | p += 4; 689 | if (p[3] || p[2]) 690 | p += 2; 691 | if (p[1]) 692 | p += 1; 693 | if (p[0] & 0x80) 694 | p += 1; 695 | } else { 696 | if (p[7] != 0xff || p[6] != 0xff || p[5] != 0xff || 697 | p[4] != 0xff) 698 | p += 4; 699 | if (p[3] != 0xff || p[2] != 0xff) 700 | p += 2; 701 | if (p[1] != 0xff) 702 | p += 1; 703 | if (!(p[0] & 0x80)) 704 | p += 1; 705 | } 706 | 707 | return 1 + p - (const u8 *)&n; 708 | } 709 | 710 | /* full trusted function. It does not check 'size' for errors */ 711 | static inline void run_pack_s64(u8 *run_buf, u8 size, s64 v) 712 | { 713 | const u8 *p = (u8 *)&v; 714 | 715 | /* memcpy( run_buf, &v, size); is it faster? */ 716 | switch (size) { 717 | case 8: 718 | run_buf[7] = p[7]; 719 | fallthrough; 720 | case 7: 721 | run_buf[6] = p[6]; 722 | fallthrough; 723 | case 6: 724 | run_buf[5] = p[5]; 725 | fallthrough; 726 | case 5: 727 | run_buf[4] = p[4]; 728 | fallthrough; 729 | case 4: 730 | run_buf[3] = p[3]; 731 | fallthrough; 732 | case 3: 733 | run_buf[2] = p[2]; 734 | fallthrough; 735 | case 2: 736 | run_buf[1] = p[1]; 737 | fallthrough; 738 | case 1: 739 | run_buf[0] = p[0]; 740 | } 741 | } 742 | 743 | /* full trusted function. It does not check 'size' for errors */ 744 | static inline s64 run_unpack_s64(const u8 *run_buf, u8 size, s64 v) 745 | { 746 | u8 *p = (u8 *)&v; 747 | 748 | /* memcpy( &v, run_buf, size); is it faster? */ 749 | switch (size) { 750 | case 8: 751 | p[7] = run_buf[7]; 752 | fallthrough; 753 | case 7: 754 | p[6] = run_buf[6]; 755 | fallthrough; 756 | case 6: 757 | p[5] = run_buf[5]; 758 | fallthrough; 759 | case 5: 760 | p[4] = run_buf[4]; 761 | fallthrough; 762 | case 4: 763 | p[3] = run_buf[3]; 764 | fallthrough; 765 | case 3: 766 | p[2] = run_buf[2]; 767 | fallthrough; 768 | case 2: 769 | p[1] = run_buf[1]; 770 | fallthrough; 771 | case 1: 772 | p[0] = run_buf[0]; 773 | } 774 | return v; 775 | } 776 | #endif 777 | 778 | /* 779 | * run_pack 780 | * 781 | * packs runs into buffer 782 | * packed_vcns - how much runs we have packed 783 | * packed_size - how much bytes we have used run_buf 784 | */ 785 | int run_pack(const struct runs_tree *run, CLST svcn, CLST len, u8 *run_buf, 786 | u32 run_buf_size, CLST *packed_vcns) 787 | { 788 | CLST next_vcn, vcn, lcn; 789 | CLST prev_lcn = 0; 790 | CLST evcn1 = svcn + len; 791 | int packed_size = 0; 792 | size_t i; 793 | bool ok; 794 | s64 dlcn; 795 | int offset_size, size_size, tmp; 796 | 797 | next_vcn = vcn = svcn; 798 | 799 | *packed_vcns = 0; 800 | 801 | if (!len) 802 | goto out; 803 | 804 | ok = run_lookup_entry(run, vcn, &lcn, &len, &i); 805 | 806 | if (!ok) 807 | goto error; 808 | 809 | if (next_vcn != vcn) 810 | goto error; 811 | 812 | for (;;) { 813 | next_vcn = vcn + len; 814 | if (next_vcn > evcn1) 815 | len = evcn1 - vcn; 816 | 817 | /* how much bytes required to pack len */ 818 | size_size = run_packed_size(len); 819 | 820 | /* offset_size - how much bytes is packed dlcn */ 821 | if (lcn == SPARSE_LCN) { 822 | offset_size = 0; 823 | dlcn = 0; 824 | } else { 825 | /* NOTE: lcn can be less than prev_lcn! */ 826 | dlcn = (s64)lcn - prev_lcn; 827 | offset_size = run_packed_size(dlcn); 828 | prev_lcn = lcn; 829 | } 830 | 831 | tmp = run_buf_size - packed_size - 2 - offset_size; 832 | if (tmp <= 0) 833 | goto out; 834 | 835 | /* can we store this entire run */ 836 | if (tmp < size_size) 837 | goto out; 838 | 839 | if (run_buf) { 840 | /* pack run header */ 841 | run_buf[0] = ((u8)(size_size | (offset_size << 4))); 842 | run_buf += 1; 843 | 844 | /* Pack the length of run */ 845 | run_pack_s64(run_buf, size_size, len); 846 | 847 | run_buf += size_size; 848 | /* Pack the offset from previous lcn */ 849 | run_pack_s64(run_buf, offset_size, dlcn); 850 | run_buf += offset_size; 851 | } 852 | 853 | packed_size += 1 + offset_size + size_size; 854 | *packed_vcns += len; 855 | 856 | if (packed_size + 1 >= run_buf_size || next_vcn >= evcn1) 857 | goto out; 858 | 859 | ok = run_get_entry(run, ++i, &vcn, &lcn, &len); 860 | if (!ok) 861 | goto error; 862 | 863 | if (next_vcn != vcn) 864 | goto error; 865 | } 866 | 867 | out: 868 | /* Store last zero */ 869 | if (run_buf) 870 | run_buf[0] = 0; 871 | 872 | return packed_size + 1; 873 | 874 | error: 875 | return -EOPNOTSUPP; 876 | } 877 | 878 | /* 879 | * run_unpack 880 | * 881 | * unpacks packed runs from "run_buf" 882 | * returns error, if negative, or real used bytes 883 | */ 884 | int run_unpack(struct runs_tree *run, struct ntfs_sb_info *sbi, CLST ino, 885 | CLST svcn, CLST evcn, CLST vcn, const u8 *run_buf, 886 | u32 run_buf_size) 887 | { 888 | u64 prev_lcn, vcn64, lcn, next_vcn; 889 | const u8 *run_last, *run_0; 890 | bool is_mft = ino == MFT_REC_MFT; 891 | 892 | /* Check for empty */ 893 | if (evcn + 1 == svcn) 894 | return 0; 895 | 896 | if (evcn < svcn) 897 | return -EINVAL; 898 | 899 | run_0 = run_buf; 900 | run_last = run_buf + run_buf_size; 901 | prev_lcn = 0; 902 | vcn64 = svcn; 903 | 904 | /* Read all runs the chain */ 905 | /* size_size - how much bytes is packed len */ 906 | while (run_buf < run_last) { 907 | /* size_size - how much bytes is packed len */ 908 | u8 size_size = *run_buf & 0xF; 909 | /* offset_size - how much bytes is packed dlcn */ 910 | u8 offset_size = *run_buf++ >> 4; 911 | u64 len; 912 | 913 | if (!size_size) 914 | break; 915 | 916 | /* 917 | * Unpack runs. 918 | * NOTE: runs are stored little endian order 919 | * "len" is unsigned value, "dlcn" is signed 920 | * Large positive number requires to store 5 bytes 921 | * e.g.: 05 FF 7E FF FF 00 00 00 922 | */ 923 | if (size_size > 8) 924 | return -EINVAL; 925 | 926 | len = run_unpack_s64(run_buf, size_size, 0); 927 | /* skip size_size */ 928 | run_buf += size_size; 929 | 930 | if (!len) 931 | return -EINVAL; 932 | 933 | if (!offset_size) 934 | lcn = SPARSE_LCN64; 935 | else if (offset_size <= 8) { 936 | s64 dlcn; 937 | 938 | /* initial value of dlcn is -1 or 0 */ 939 | dlcn = (run_buf[offset_size - 1] & 0x80) ? (s64)-1 : 0; 940 | dlcn = run_unpack_s64(run_buf, offset_size, dlcn); 941 | /* skip offset_size */ 942 | run_buf += offset_size; 943 | 944 | if (!dlcn) 945 | return -EINVAL; 946 | lcn = prev_lcn + dlcn; 947 | prev_lcn = lcn; 948 | } else 949 | return -EINVAL; 950 | 951 | next_vcn = vcn64 + len; 952 | /* check boundary */ 953 | if (next_vcn > evcn + 1) 954 | return -EINVAL; 955 | 956 | #ifndef CONFIG_NTFS3_64BIT_CLUSTER 957 | if (next_vcn > 0x100000000ull || (lcn + len) > 0x100000000ull) { 958 | ntfs_err( 959 | sbi->sb, 960 | "This driver is compiled whitout CONFIG_NTFS3_64BIT_CLUSTER (like windows driver).\n" 961 | "Volume contains 64 bits run: vcn %llx, lcn %llx, len %llx.\n" 962 | "Activate CONFIG_NTFS3_64BIT_CLUSTER to process this case", 963 | vcn64, lcn, len); 964 | return -EOPNOTSUPP; 965 | } 966 | #endif 967 | if (lcn != SPARSE_LCN64 && lcn + len > sbi->used.bitmap.nbits) { 968 | /* lcn range is out of volume */ 969 | return -EINVAL; 970 | } 971 | 972 | if (!run) 973 | ; /* called from check_attr(fslog.c) to check run */ 974 | else if (run == RUN_DEALLOCATE) { 975 | /* called from ni_delete_all to free clusters without storing in run */ 976 | if (lcn != SPARSE_LCN64) 977 | mark_as_free_ex(sbi, lcn, len, true); 978 | } else if (vcn64 >= vcn) { 979 | if (!run_add_entry(run, vcn64, lcn, len, is_mft)) 980 | return -ENOMEM; 981 | } else if (next_vcn > vcn) { 982 | u64 dlen = vcn - vcn64; 983 | 984 | if (!run_add_entry(run, vcn, lcn + dlen, len - dlen, 985 | is_mft)) 986 | return -ENOMEM; 987 | } 988 | 989 | vcn64 = next_vcn; 990 | } 991 | 992 | if (vcn64 != evcn + 1) { 993 | /* not expected length of unpacked runs */ 994 | return -EINVAL; 995 | } 996 | 997 | return run_buf - run_0; 998 | } 999 | 1000 | #ifdef NTFS3_CHECK_FREE_CLST 1001 | /* 1002 | * run_unpack_ex 1003 | * 1004 | * unpacks packed runs from "run_buf" 1005 | * checks unpacked runs to be used in bitmap 1006 | * returns error, if negative, or real used bytes 1007 | */ 1008 | int run_unpack_ex(struct runs_tree *run, struct ntfs_sb_info *sbi, CLST ino, 1009 | CLST svcn, CLST evcn, CLST vcn, const u8 *run_buf, 1010 | u32 run_buf_size) 1011 | { 1012 | int ret, err; 1013 | CLST next_vcn, lcn, len; 1014 | size_t index; 1015 | bool ok; 1016 | struct wnd_bitmap *wnd; 1017 | 1018 | ret = run_unpack(run, sbi, ino, svcn, evcn, vcn, run_buf, run_buf_size); 1019 | if (ret <= 0) 1020 | return ret; 1021 | 1022 | if (!sbi->used.bitmap.sb || !run || run == RUN_DEALLOCATE) 1023 | return ret; 1024 | 1025 | if (ino == MFT_REC_BADCLUST) 1026 | return ret; 1027 | 1028 | next_vcn = vcn = svcn; 1029 | wnd = &sbi->used.bitmap; 1030 | 1031 | for (ok = run_lookup_entry(run, vcn, &lcn, &len, &index); 1032 | next_vcn <= evcn; 1033 | ok = run_get_entry(run, ++index, &vcn, &lcn, &len)) { 1034 | if (!ok || next_vcn != vcn) 1035 | return -EINVAL; 1036 | 1037 | next_vcn = vcn + len; 1038 | 1039 | if (lcn == SPARSE_LCN) 1040 | continue; 1041 | 1042 | if (sbi->flags & NTFS_FLAGS_NEED_REPLAY) 1043 | continue; 1044 | 1045 | down_read_nested(&wnd->rw_lock, BITMAP_MUTEX_CLUSTERS); 1046 | /* Check for free blocks */ 1047 | ok = wnd_is_used(wnd, lcn, len); 1048 | up_read(&wnd->rw_lock); 1049 | if (ok) 1050 | continue; 1051 | 1052 | /* Looks like volume is corrupted */ 1053 | ntfs_set_state(sbi, NTFS_DIRTY_ERROR); 1054 | 1055 | if (down_write_trylock(&wnd->rw_lock)) { 1056 | /* mark all zero bits as used in range [lcn, lcn+len) */ 1057 | CLST i, lcn_f = 0, len_f = 0; 1058 | 1059 | err = 0; 1060 | for (i = 0; i < len; i++) { 1061 | if (wnd_is_free(wnd, lcn + i, 1)) { 1062 | if (!len_f) 1063 | lcn_f = lcn + i; 1064 | len_f += 1; 1065 | } else if (len_f) { 1066 | err = wnd_set_used(wnd, lcn_f, len_f); 1067 | len_f = 0; 1068 | if (err) 1069 | break; 1070 | } 1071 | } 1072 | 1073 | if (len_f) 1074 | err = wnd_set_used(wnd, lcn_f, len_f); 1075 | 1076 | up_write(&wnd->rw_lock); 1077 | if (err) 1078 | return err; 1079 | } 1080 | } 1081 | 1082 | return ret; 1083 | } 1084 | #endif 1085 | 1086 | /* 1087 | * run_get_highest_vcn 1088 | * 1089 | * returns the highest vcn from a mapping pairs array 1090 | * it used while replaying log file 1091 | */ 1092 | int run_get_highest_vcn(CLST vcn, const u8 *run_buf, u64 *highest_vcn) 1093 | { 1094 | u64 vcn64 = vcn; 1095 | u8 size_size; 1096 | 1097 | while ((size_size = *run_buf & 0xF)) { 1098 | u8 offset_size = *run_buf++ >> 4; 1099 | u64 len; 1100 | 1101 | if (size_size > 8 || offset_size > 8) 1102 | return -EINVAL; 1103 | 1104 | len = run_unpack_s64(run_buf, size_size, 0); 1105 | if (!len) 1106 | return -EINVAL; 1107 | 1108 | run_buf += size_size + offset_size; 1109 | vcn64 += len; 1110 | 1111 | #ifndef CONFIG_NTFS3_64BIT_CLUSTER 1112 | if (vcn64 > 0x100000000ull) 1113 | return -EINVAL; 1114 | #endif 1115 | } 1116 | 1117 | *highest_vcn = vcn64 - 1; 1118 | return 0; 1119 | } 1120 | -------------------------------------------------------------------------------- /upcase.c: -------------------------------------------------------------------------------- 1 | // SPDX-License-Identifier: GPL-2.0 2 | /* 3 | * 4 | * Copyright (C) 2019-2021 Paragon Software GmbH, All rights reserved. 5 | * 6 | */ 7 | #include 8 | #include 9 | #include 10 | #include 11 | 12 | #include "debug.h" 13 | #include "ntfs.h" 14 | #include "ntfs_fs.h" 15 | 16 | static inline u16 upcase_unicode_char(const u16 *upcase, u16 chr) 17 | { 18 | if (chr < 'a') 19 | return chr; 20 | 21 | if (chr <= 'z') 22 | return chr - ('a' - 'A'); 23 | 24 | return upcase[chr]; 25 | } 26 | 27 | /* 28 | * Thanks Kari Argillander for idea and implementation 'bothcase' 29 | * 30 | * Straigth way to compare names: 31 | * - case insensitive 32 | * - if name equals and 'bothcases' then 33 | * - case sensitive 34 | * 'Straigth way' code scans input names twice in worst case 35 | * Optimized code scans input names only once 36 | */ 37 | int ntfs_cmp_names(const __le16 *s1, size_t l1, const __le16 *s2, size_t l2, 38 | const u16 *upcase, bool bothcase) 39 | { 40 | int diff1 = 0; 41 | int diff2; 42 | size_t len = min(l1, l2); 43 | 44 | if (!bothcase && upcase) 45 | goto case_insentive; 46 | 47 | for (; len; s1++, s2++, len--) { 48 | diff1 = le16_to_cpu(*s1) - le16_to_cpu(*s2); 49 | if (diff1) { 50 | if (bothcase && upcase) 51 | goto case_insentive; 52 | 53 | return diff1; 54 | } 55 | } 56 | return l1 - l2; 57 | 58 | case_insentive: 59 | for (; len; s1++, s2++, len--) { 60 | diff2 = upcase_unicode_char(upcase, le16_to_cpu(*s1)) - 61 | upcase_unicode_char(upcase, le16_to_cpu(*s2)); 62 | if (diff2) 63 | return diff2; 64 | } 65 | 66 | diff2 = l1 - l2; 67 | return diff2 ? diff2 : diff1; 68 | } 69 | 70 | int ntfs_cmp_names_cpu(const struct cpu_str *uni1, const struct le_str *uni2, 71 | const u16 *upcase, bool bothcase) 72 | { 73 | const u16 *s1 = uni1->name; 74 | const __le16 *s2 = uni2->name; 75 | size_t l1 = uni1->len; 76 | size_t l2 = uni2->len; 77 | size_t len = min(l1, l2); 78 | int diff1 = 0; 79 | int diff2; 80 | 81 | if (!bothcase && upcase) 82 | goto case_insentive; 83 | 84 | for (; len; s1++, s2++, len--) { 85 | diff1 = *s1 - le16_to_cpu(*s2); 86 | if (diff1) { 87 | if (bothcase && upcase) 88 | goto case_insentive; 89 | 90 | return diff1; 91 | } 92 | } 93 | return l1 - l2; 94 | 95 | case_insentive: 96 | for (; len; s1++, s2++, len--) { 97 | diff2 = upcase_unicode_char(upcase, *s1) - 98 | upcase_unicode_char(upcase, le16_to_cpu(*s2)); 99 | if (diff2) 100 | return diff2; 101 | } 102 | 103 | diff2 = l1 - l2; 104 | return diff2 ? diff2 : diff1; 105 | } 106 | -------------------------------------------------------------------------------- /xattr.c: -------------------------------------------------------------------------------- 1 | // SPDX-License-Identifier: GPL-2.0 2 | /* 3 | * 4 | * Copyright (C) 2019-2021 Paragon Software GmbH, All rights reserved. 5 | * 6 | */ 7 | 8 | #include 9 | #include 10 | #include 11 | #include 12 | #include 13 | #include 14 | #include 15 | 16 | #include "debug.h" 17 | #include "ntfs.h" 18 | #include "ntfs_fs.h" 19 | 20 | // clang-format off 21 | #define SYSTEM_DOS_ATTRIB "system.dos_attrib" 22 | #define SYSTEM_NTFS_ATTRIB "system.ntfs_attrib" 23 | #define SYSTEM_NTFS_SECURITY "system.ntfs_security" 24 | // clang-format on 25 | 26 | static inline size_t unpacked_ea_size(const struct EA_FULL *ea) 27 | { 28 | return ea->size ? le32_to_cpu(ea->size) 29 | : DwordAlign(struct_size( 30 | ea, name, 31 | 1 + ea->name_len + le16_to_cpu(ea->elength))); 32 | } 33 | 34 | static inline size_t packed_ea_size(const struct EA_FULL *ea) 35 | { 36 | return struct_size(ea, name, 37 | 1 + ea->name_len + le16_to_cpu(ea->elength)) - 38 | offsetof(struct EA_FULL, flags); 39 | } 40 | 41 | /* 42 | * find_ea 43 | * 44 | * assume there is at least one xattr in the list 45 | */ 46 | static inline bool find_ea(const struct EA_FULL *ea_all, u32 bytes, 47 | const char *name, u8 name_len, u32 *off) 48 | { 49 | *off = 0; 50 | 51 | if (!ea_all || !bytes) 52 | return false; 53 | 54 | for (;;) { 55 | const struct EA_FULL *ea = Add2Ptr(ea_all, *off); 56 | u32 next_off = *off + unpacked_ea_size(ea); 57 | 58 | if (next_off > bytes) 59 | return false; 60 | 61 | if (ea->name_len == name_len && 62 | !memcmp(ea->name, name, name_len)) 63 | return true; 64 | 65 | *off = next_off; 66 | if (next_off >= bytes) 67 | return false; 68 | } 69 | } 70 | 71 | /* 72 | * ntfs_read_ea 73 | * 74 | * reads all extended attributes 75 | * ea - new allocated memory 76 | * info - pointer into resident data 77 | */ 78 | static int ntfs_read_ea(struct ntfs_inode *ni, struct EA_FULL **ea, 79 | size_t add_bytes, const struct EA_INFO **info) 80 | { 81 | int err; 82 | struct ATTR_LIST_ENTRY *le = NULL; 83 | struct ATTRIB *attr_info, *attr_ea; 84 | void *ea_p; 85 | u32 size; 86 | 87 | static_assert(le32_to_cpu(ATTR_EA_INFO) < le32_to_cpu(ATTR_EA)); 88 | 89 | *ea = NULL; 90 | *info = NULL; 91 | 92 | attr_info = 93 | ni_find_attr(ni, NULL, &le, ATTR_EA_INFO, NULL, 0, NULL, NULL); 94 | attr_ea = 95 | ni_find_attr(ni, attr_info, &le, ATTR_EA, NULL, 0, NULL, NULL); 96 | 97 | if (!attr_ea || !attr_info) 98 | return 0; 99 | 100 | *info = resident_data_ex(attr_info, sizeof(struct EA_INFO)); 101 | if (!*info) 102 | return -EINVAL; 103 | 104 | /* Check Ea limit */ 105 | size = le32_to_cpu((*info)->size); 106 | if (size > ni->mi.sbi->ea_max_size) 107 | return -EFBIG; 108 | 109 | if (attr_size(attr_ea) > ni->mi.sbi->ea_max_size) 110 | return -EFBIG; 111 | 112 | /* Allocate memory for packed Ea */ 113 | ea_p = ntfs_malloc(size + add_bytes); 114 | if (!ea_p) 115 | return -ENOMEM; 116 | 117 | if (attr_ea->non_res) { 118 | struct runs_tree run; 119 | 120 | run_init(&run); 121 | 122 | err = attr_load_runs(attr_ea, ni, &run, NULL); 123 | if (!err) 124 | err = ntfs_read_run_nb(ni->mi.sbi, &run, 0, ea_p, size, 125 | NULL); 126 | run_close(&run); 127 | 128 | if (err) 129 | goto out; 130 | } else { 131 | void *p = resident_data_ex(attr_ea, size); 132 | 133 | if (!p) { 134 | err = -EINVAL; 135 | goto out; 136 | } 137 | memcpy(ea_p, p, size); 138 | } 139 | 140 | memset(Add2Ptr(ea_p, size), 0, add_bytes); 141 | *ea = ea_p; 142 | return 0; 143 | 144 | out: 145 | ntfs_free(ea_p); 146 | *ea = NULL; 147 | return err; 148 | } 149 | 150 | /* 151 | * ntfs_list_ea 152 | * 153 | * copy a list of xattrs names into the buffer 154 | * provided, or compute the buffer size required 155 | * 156 | * Returns a negative error number on failure, or the number of bytes 157 | * used / required on success. 158 | */ 159 | static ssize_t ntfs_list_ea(struct ntfs_inode *ni, char *buffer, 160 | size_t bytes_per_buffer) 161 | { 162 | const struct EA_INFO *info; 163 | struct EA_FULL *ea_all = NULL; 164 | const struct EA_FULL *ea; 165 | u32 off, size; 166 | int err; 167 | size_t ret; 168 | 169 | err = ntfs_read_ea(ni, &ea_all, 0, &info); 170 | if (err) 171 | return err; 172 | 173 | if (!info || !ea_all) 174 | return 0; 175 | 176 | size = le32_to_cpu(info->size); 177 | 178 | /* Enumerate all xattrs */ 179 | for (ret = 0, off = 0; off < size; off += unpacked_ea_size(ea)) { 180 | ea = Add2Ptr(ea_all, off); 181 | 182 | if (buffer) { 183 | if (ret + ea->name_len + 1 > bytes_per_buffer) { 184 | err = -ERANGE; 185 | goto out; 186 | } 187 | 188 | memcpy(buffer + ret, ea->name, ea->name_len); 189 | buffer[ret + ea->name_len] = 0; 190 | } 191 | 192 | ret += ea->name_len + 1; 193 | } 194 | 195 | out: 196 | ntfs_free(ea_all); 197 | return err ? err : ret; 198 | } 199 | 200 | static int ntfs_get_ea(struct inode *inode, const char *name, size_t name_len, 201 | void *buffer, size_t size, size_t *required) 202 | { 203 | struct ntfs_inode *ni = ntfs_i(inode); 204 | const struct EA_INFO *info; 205 | struct EA_FULL *ea_all = NULL; 206 | const struct EA_FULL *ea; 207 | u32 off, len; 208 | int err; 209 | 210 | if (!(ni->ni_flags & NI_FLAG_EA)) 211 | return -ENODATA; 212 | 213 | if (!required) 214 | ni_lock(ni); 215 | 216 | len = 0; 217 | 218 | if (name_len > 255) { 219 | err = -ENAMETOOLONG; 220 | goto out; 221 | } 222 | 223 | err = ntfs_read_ea(ni, &ea_all, 0, &info); 224 | if (err) 225 | goto out; 226 | 227 | if (!info) 228 | goto out; 229 | 230 | /* Enumerate all xattrs */ 231 | if (!find_ea(ea_all, le32_to_cpu(info->size), name, name_len, &off)) { 232 | err = -ENODATA; 233 | goto out; 234 | } 235 | ea = Add2Ptr(ea_all, off); 236 | 237 | len = le16_to_cpu(ea->elength); 238 | if (!buffer) { 239 | err = 0; 240 | goto out; 241 | } 242 | 243 | if (len > size) { 244 | err = -ERANGE; 245 | if (required) 246 | *required = len; 247 | goto out; 248 | } 249 | 250 | memcpy(buffer, ea->name + ea->name_len + 1, len); 251 | err = 0; 252 | 253 | out: 254 | ntfs_free(ea_all); 255 | if (!required) 256 | ni_unlock(ni); 257 | 258 | return err ? err : len; 259 | } 260 | 261 | static noinline int ntfs_set_ea(struct inode *inode, const char *name, 262 | size_t name_len, const void *value, 263 | size_t val_size, int flags, int locked) 264 | { 265 | struct ntfs_inode *ni = ntfs_i(inode); 266 | struct ntfs_sb_info *sbi = ni->mi.sbi; 267 | int err; 268 | struct EA_INFO ea_info; 269 | const struct EA_INFO *info; 270 | struct EA_FULL *new_ea; 271 | struct EA_FULL *ea_all = NULL; 272 | size_t add, new_pack; 273 | u32 off, size; 274 | __le16 size_pack; 275 | struct ATTRIB *attr; 276 | struct ATTR_LIST_ENTRY *le; 277 | struct mft_inode *mi; 278 | struct runs_tree ea_run; 279 | u64 new_sz; 280 | void *p; 281 | 282 | if (!locked) 283 | ni_lock(ni); 284 | 285 | run_init(&ea_run); 286 | 287 | if (name_len > 255) { 288 | err = -ENAMETOOLONG; 289 | goto out; 290 | } 291 | 292 | add = DwordAlign(struct_size(ea_all, name, 1 + name_len + val_size)); 293 | 294 | err = ntfs_read_ea(ni, &ea_all, add, &info); 295 | if (err) 296 | goto out; 297 | 298 | if (!info) { 299 | memset(&ea_info, 0, sizeof(ea_info)); 300 | size = 0; 301 | size_pack = 0; 302 | } else { 303 | memcpy(&ea_info, info, sizeof(ea_info)); 304 | size = le32_to_cpu(ea_info.size); 305 | size_pack = ea_info.size_pack; 306 | } 307 | 308 | if (info && find_ea(ea_all, size, name, name_len, &off)) { 309 | struct EA_FULL *ea; 310 | size_t ea_sz; 311 | 312 | if (flags & XATTR_CREATE) { 313 | err = -EEXIST; 314 | goto out; 315 | } 316 | 317 | /* Remove current xattr */ 318 | ea = Add2Ptr(ea_all, off); 319 | if (ea->flags & FILE_NEED_EA) 320 | le16_add_cpu(&ea_info.count, -1); 321 | 322 | ea_sz = unpacked_ea_size(ea); 323 | 324 | le16_add_cpu(&ea_info.size_pack, 0 - packed_ea_size(ea)); 325 | 326 | memmove(ea, Add2Ptr(ea, ea_sz), size - off - ea_sz); 327 | 328 | size -= ea_sz; 329 | memset(Add2Ptr(ea_all, size), 0, ea_sz); 330 | 331 | ea_info.size = cpu_to_le32(size); 332 | 333 | if ((flags & XATTR_REPLACE) && !val_size) 334 | goto update_ea; 335 | } else { 336 | if (flags & XATTR_REPLACE) { 337 | err = -ENODATA; 338 | goto out; 339 | } 340 | 341 | if (!ea_all) { 342 | ea_all = ntfs_zalloc(add); 343 | if (!ea_all) { 344 | err = -ENOMEM; 345 | goto out; 346 | } 347 | } 348 | } 349 | 350 | /* append new xattr */ 351 | new_ea = Add2Ptr(ea_all, size); 352 | new_ea->size = cpu_to_le32(add); 353 | new_ea->flags = 0; 354 | new_ea->name_len = name_len; 355 | new_ea->elength = cpu_to_le16(val_size); 356 | memcpy(new_ea->name, name, name_len); 357 | new_ea->name[name_len] = 0; 358 | memcpy(new_ea->name + name_len + 1, value, val_size); 359 | new_pack = le16_to_cpu(ea_info.size_pack) + packed_ea_size(new_ea); 360 | 361 | /* should fit into 16 bits */ 362 | if (new_pack > 0xffff) { 363 | err = -EFBIG; // -EINVAL? 364 | goto out; 365 | } 366 | ea_info.size_pack = cpu_to_le16(new_pack); 367 | 368 | /* new size of ATTR_EA */ 369 | size += add; 370 | if (size > sbi->ea_max_size) { 371 | err = -EFBIG; // -EINVAL? 372 | goto out; 373 | } 374 | ea_info.size = cpu_to_le32(size); 375 | 376 | update_ea: 377 | 378 | if (!info) { 379 | /* Create xattr */ 380 | if (!size) { 381 | err = 0; 382 | goto out; 383 | } 384 | 385 | err = ni_insert_resident(ni, sizeof(struct EA_INFO), 386 | ATTR_EA_INFO, NULL, 0, NULL, NULL); 387 | if (err) 388 | goto out; 389 | 390 | err = ni_insert_resident(ni, 0, ATTR_EA, NULL, 0, NULL, NULL); 391 | if (err) 392 | goto out; 393 | } 394 | 395 | new_sz = size; 396 | err = attr_set_size(ni, ATTR_EA, NULL, 0, &ea_run, new_sz, &new_sz, 397 | false, NULL); 398 | if (err) 399 | goto out; 400 | 401 | le = NULL; 402 | attr = ni_find_attr(ni, NULL, &le, ATTR_EA_INFO, NULL, 0, NULL, &mi); 403 | if (!attr) { 404 | err = -EINVAL; 405 | goto out; 406 | } 407 | 408 | if (!size) { 409 | /* delete xattr, ATTR_EA_INFO */ 410 | err = ni_remove_attr_le(ni, attr, le); 411 | if (err) 412 | goto out; 413 | } else { 414 | p = resident_data_ex(attr, sizeof(struct EA_INFO)); 415 | if (!p) { 416 | err = -EINVAL; 417 | goto out; 418 | } 419 | memcpy(p, &ea_info, sizeof(struct EA_INFO)); 420 | mi->dirty = true; 421 | } 422 | 423 | le = NULL; 424 | attr = ni_find_attr(ni, NULL, &le, ATTR_EA, NULL, 0, NULL, &mi); 425 | if (!attr) { 426 | err = -EINVAL; 427 | goto out; 428 | } 429 | 430 | if (!size) { 431 | /* delete xattr, ATTR_EA */ 432 | err = ni_remove_attr_le(ni, attr, le); 433 | if (err) 434 | goto out; 435 | } else if (attr->non_res) { 436 | err = ntfs_sb_write_run(sbi, &ea_run, 0, ea_all, size); 437 | if (err) 438 | goto out; 439 | } else { 440 | p = resident_data_ex(attr, size); 441 | if (!p) { 442 | err = -EINVAL; 443 | goto out; 444 | } 445 | memcpy(p, ea_all, size); 446 | mi->dirty = true; 447 | } 448 | 449 | /* Check if we delete the last xattr */ 450 | if (size) 451 | ni->ni_flags |= NI_FLAG_EA; 452 | else 453 | ni->ni_flags &= ~NI_FLAG_EA; 454 | 455 | if (ea_info.size_pack != size_pack) 456 | ni->ni_flags |= NI_FLAG_UPDATE_PARENT; 457 | mark_inode_dirty(&ni->vfs_inode); 458 | 459 | out: 460 | if (!locked) 461 | ni_unlock(ni); 462 | 463 | run_close(&ea_run); 464 | ntfs_free(ea_all); 465 | 466 | return err; 467 | } 468 | 469 | #ifdef CONFIG_NTFS3_FS_POSIX_ACL 470 | static inline void ntfs_posix_acl_release(struct posix_acl *acl) 471 | { 472 | if (acl && refcount_dec_and_test(&acl->a_refcount)) 473 | kfree(acl); 474 | } 475 | 476 | #if LINUX_VERSION_CODE >= KERNEL_VERSION(5, 12, 0) 477 | static struct posix_acl *ntfs_get_acl_ex(struct user_namespace *mnt_userns, 478 | #else 479 | static struct posix_acl *ntfs_get_acl_ex( 480 | #endif 481 | struct inode *inode, int type, 482 | int locked) 483 | { 484 | struct ntfs_inode *ni = ntfs_i(inode); 485 | const char *name; 486 | size_t name_len; 487 | struct posix_acl *acl; 488 | size_t req; 489 | int err; 490 | void *buf; 491 | 492 | /* allocate PATH_MAX bytes */ 493 | buf = __getname(); 494 | if (!buf) 495 | return ERR_PTR(-ENOMEM); 496 | 497 | /* Possible values of 'type' was already checked above */ 498 | if (type == ACL_TYPE_ACCESS) { 499 | name = XATTR_NAME_POSIX_ACL_ACCESS; 500 | name_len = sizeof(XATTR_NAME_POSIX_ACL_ACCESS) - 1; 501 | } else { 502 | name = XATTR_NAME_POSIX_ACL_DEFAULT; 503 | name_len = sizeof(XATTR_NAME_POSIX_ACL_DEFAULT) - 1; 504 | } 505 | 506 | if (!locked) 507 | ni_lock(ni); 508 | 509 | err = ntfs_get_ea(inode, name, name_len, buf, PATH_MAX, &req); 510 | 511 | if (!locked) 512 | ni_unlock(ni); 513 | 514 | /* Translate extended attribute to acl */ 515 | if (err > 0) { 516 | #if LINUX_VERSION_CODE >= KERNEL_VERSION(5, 12, 0) 517 | acl = posix_acl_from_xattr(mnt_userns, buf, err); 518 | #else 519 | acl = posix_acl_from_xattr(&init_user_ns, buf, err); 520 | #endif 521 | if (!IS_ERR(acl)) 522 | set_cached_acl(inode, type, acl); 523 | } else { 524 | acl = err == -ENODATA ? NULL : ERR_PTR(err); 525 | } 526 | 527 | __putname(buf); 528 | 529 | return acl; 530 | } 531 | 532 | /* 533 | * ntfs_get_acl 534 | * 535 | * inode_operations::get_acl 536 | */ 537 | struct posix_acl *ntfs_get_acl(struct inode *inode, int type) 538 | { 539 | /* TODO: init_user_ns? */ 540 | #if LINUX_VERSION_CODE >= KERNEL_VERSION(5, 12, 0) 541 | return ntfs_get_acl_ex(&init_user_ns, inode, type, 0); 542 | #else 543 | return ntfs_get_acl_ex(inode, type, 0); 544 | #endif 545 | } 546 | 547 | #if LINUX_VERSION_CODE >= KERNEL_VERSION(5, 12, 0) 548 | static noinline int ntfs_set_acl_ex(struct user_namespace *mnt_userns, 549 | #else 550 | static noinline int ntfs_set_acl_ex( 551 | #endif 552 | struct inode *inode, struct posix_acl *acl, 553 | int type, int locked) 554 | { 555 | const char *name; 556 | size_t size, name_len; 557 | void *value = NULL; 558 | int err = 0; 559 | 560 | if (S_ISLNK(inode->i_mode)) 561 | return -EOPNOTSUPP; 562 | 563 | switch (type) { 564 | case ACL_TYPE_ACCESS: 565 | if (acl) { 566 | umode_t mode = inode->i_mode; 567 | 568 | err = posix_acl_equiv_mode(acl, &mode); 569 | if (err < 0) 570 | return err; 571 | 572 | if (inode->i_mode != mode) { 573 | inode->i_mode = mode; 574 | mark_inode_dirty(inode); 575 | } 576 | 577 | if (!err) { 578 | /* 579 | * acl can be exactly represented in the 580 | * traditional file mode permission bits 581 | */ 582 | acl = NULL; 583 | goto out; 584 | } 585 | } 586 | name = XATTR_NAME_POSIX_ACL_ACCESS; 587 | name_len = sizeof(XATTR_NAME_POSIX_ACL_ACCESS) - 1; 588 | break; 589 | 590 | case ACL_TYPE_DEFAULT: 591 | if (!S_ISDIR(inode->i_mode)) 592 | return acl ? -EACCES : 0; 593 | name = XATTR_NAME_POSIX_ACL_DEFAULT; 594 | name_len = sizeof(XATTR_NAME_POSIX_ACL_DEFAULT) - 1; 595 | break; 596 | 597 | default: 598 | return -EINVAL; 599 | } 600 | 601 | if (!acl) 602 | goto out; 603 | 604 | size = posix_acl_xattr_size(acl->a_count); 605 | value = ntfs_malloc(size); 606 | if (!value) 607 | return -ENOMEM; 608 | 609 | #if LINUX_VERSION_CODE >= KERNEL_VERSION(5, 12, 0) 610 | err = posix_acl_to_xattr(mnt_userns, acl, value, size); 611 | #else 612 | err = posix_acl_to_xattr(&init_user_ns, acl, value, size); 613 | #endif 614 | if (err) 615 | goto out; 616 | 617 | err = ntfs_set_ea(inode, name, name_len, value, size, 0, locked); 618 | if (err) 619 | goto out; 620 | 621 | inode->i_flags &= ~S_NOSEC; 622 | 623 | out: 624 | if (!err) 625 | set_cached_acl(inode, type, acl); 626 | 627 | kfree(value); 628 | 629 | return err; 630 | } 631 | 632 | /* 633 | * ntfs_set_acl 634 | * 635 | * inode_operations::set_acl 636 | */ 637 | #if LINUX_VERSION_CODE >= KERNEL_VERSION(5, 12, 0) 638 | int ntfs_set_acl(struct user_namespace *mnt_userns, struct inode *inode, 639 | #else 640 | int ntfs_set_acl(struct inode *inode, 641 | #endif 642 | struct posix_acl *acl, int type) 643 | { 644 | #if LINUX_VERSION_CODE >= KERNEL_VERSION(5, 12, 0) 645 | return ntfs_set_acl_ex(mnt_userns, inode, acl, type, 0); 646 | #else 647 | return ntfs_set_acl_ex(inode, acl, type, 0); 648 | #endif 649 | } 650 | 651 | #if LINUX_VERSION_CODE >= KERNEL_VERSION(5, 12, 0) 652 | static int ntfs_xattr_get_acl(struct user_namespace *mnt_userns, 653 | #else 654 | static int ntfs_xattr_get_acl( 655 | #endif 656 | struct inode *inode, int type, void *buffer, 657 | size_t size) 658 | { 659 | struct posix_acl *acl; 660 | int err; 661 | 662 | #if LINUX_VERSION_CODE >= KERNEL_VERSION(4, 14, 0) 663 | if (!(inode->i_sb->s_flags & SB_POSIXACL)) 664 | #else 665 | if (!(inode->i_sb->s_flags & MS_POSIXACL)) 666 | #endif 667 | return -EOPNOTSUPP; 668 | 669 | acl = ntfs_get_acl(inode, type); 670 | if (IS_ERR(acl)) 671 | return PTR_ERR(acl); 672 | 673 | if (!acl) 674 | return -ENODATA; 675 | 676 | #if LINUX_VERSION_CODE >= KERNEL_VERSION(5, 12, 0) 677 | err = posix_acl_to_xattr(mnt_userns, acl, buffer, size); 678 | #else 679 | err = posix_acl_to_xattr(&init_user_ns, acl, buffer, size); 680 | #endif 681 | ntfs_posix_acl_release(acl); 682 | 683 | return err; 684 | } 685 | 686 | #if LINUX_VERSION_CODE >= KERNEL_VERSION(5, 12, 0) 687 | static int ntfs_xattr_set_acl(struct user_namespace *mnt_userns, 688 | #else 689 | static int ntfs_xattr_set_acl( 690 | #endif 691 | struct inode *inode, int type, const void *value, 692 | size_t size) 693 | { 694 | struct posix_acl *acl; 695 | int err; 696 | 697 | #if LINUX_VERSION_CODE >= KERNEL_VERSION(4, 14, 0) 698 | if (!(inode->i_sb->s_flags & SB_POSIXACL)) 699 | #else 700 | if (!(inode->i_sb->s_flags & MS_POSIXACL)) 701 | #endif 702 | return -EOPNOTSUPP; 703 | 704 | #if LINUX_VERSION_CODE >= KERNEL_VERSION(5, 12, 0) 705 | if (!inode_owner_or_capable(mnt_userns, inode)) 706 | #else 707 | if (!inode_owner_or_capable(inode)) 708 | #endif 709 | return -EPERM; 710 | 711 | if (!value) 712 | return 0; 713 | 714 | #if LINUX_VERSION_CODE >= KERNEL_VERSION(5, 12, 0) 715 | acl = posix_acl_from_xattr(mnt_userns, value, size); 716 | #else 717 | acl = posix_acl_from_xattr(&init_user_ns, value, size); 718 | #endif 719 | if (IS_ERR(acl)) 720 | return PTR_ERR(acl); 721 | 722 | if (acl) { 723 | #if LINUX_VERSION_CODE >= KERNEL_VERSION(5, 12, 0) 724 | err = posix_acl_valid(mnt_userns, acl); 725 | #else 726 | err = posix_acl_valid(&init_user_ns, acl); 727 | #endif 728 | if (err) 729 | goto release_and_out; 730 | } 731 | 732 | #if LINUX_VERSION_CODE >= KERNEL_VERSION(5, 12, 0) 733 | err = ntfs_set_acl(mnt_userns, inode, acl, type); 734 | #else 735 | err = ntfs_set_acl(inode, acl, type); 736 | #endif 737 | 738 | release_and_out: 739 | ntfs_posix_acl_release(acl); 740 | return err; 741 | } 742 | 743 | /* 744 | * Initialize the ACLs of a new inode. Called from ntfs_create_inode. 745 | */ 746 | #if LINUX_VERSION_CODE >= KERNEL_VERSION(5, 12, 0) 747 | int ntfs_init_acl(struct user_namespace *mnt_userns, struct inode *inode, 748 | #else 749 | int ntfs_init_acl(struct inode *inode, 750 | #endif 751 | struct inode *dir) 752 | { 753 | struct posix_acl *default_acl, *acl; 754 | int err; 755 | 756 | /* 757 | * TODO refactoring lock 758 | * ni_lock(dir) ... -> posix_acl_create(dir,...) -> ntfs_get_acl -> ni_lock(dir) 759 | */ 760 | inode->i_default_acl = NULL; 761 | 762 | #if LINUX_VERSION_CODE >= KERNEL_VERSION(5, 12, 0) 763 | default_acl = ntfs_get_acl_ex(mnt_userns, dir, ACL_TYPE_DEFAULT, 1); 764 | #else 765 | default_acl = ntfs_get_acl_ex(dir, ACL_TYPE_DEFAULT, 1); 766 | #endif 767 | 768 | if (!default_acl || default_acl == ERR_PTR(-EOPNOTSUPP)) { 769 | inode->i_mode &= ~current_umask(); 770 | err = 0; 771 | goto out; 772 | } 773 | 774 | if (IS_ERR(default_acl)) { 775 | err = PTR_ERR(default_acl); 776 | goto out; 777 | } 778 | 779 | acl = default_acl; 780 | err = __posix_acl_create(&acl, GFP_NOFS, &inode->i_mode); 781 | if (err < 0) 782 | goto out1; 783 | if (!err) { 784 | posix_acl_release(acl); 785 | acl = NULL; 786 | } 787 | 788 | if (!S_ISDIR(inode->i_mode)) { 789 | posix_acl_release(default_acl); 790 | default_acl = NULL; 791 | } 792 | 793 | if (default_acl) 794 | #if LINUX_VERSION_CODE >= KERNEL_VERSION(5, 12, 0) 795 | err = ntfs_set_acl_ex(mnt_userns, inode, default_acl, 796 | #else 797 | err = ntfs_set_acl_ex(inode, default_acl, 798 | #endif 799 | ACL_TYPE_DEFAULT, 1); 800 | 801 | if (!acl) 802 | inode->i_acl = NULL; 803 | else if (!err) 804 | #if LINUX_VERSION_CODE >= KERNEL_VERSION(5, 12, 0) 805 | err = ntfs_set_acl_ex(mnt_userns, inode, acl, ACL_TYPE_ACCESS, 806 | #else 807 | err = ntfs_set_acl_ex(inode, acl, ACL_TYPE_ACCESS, 808 | #endif 809 | 1); 810 | 811 | posix_acl_release(acl); 812 | out1: 813 | posix_acl_release(default_acl); 814 | 815 | out: 816 | return err; 817 | } 818 | #endif 819 | 820 | /* 821 | * ntfs_acl_chmod 822 | * 823 | * helper for 'ntfs3_setattr' 824 | */ 825 | #if LINUX_VERSION_CODE >= KERNEL_VERSION(5, 12, 0) 826 | int ntfs_acl_chmod(struct user_namespace *mnt_userns, struct inode *inode) 827 | #else 828 | int ntfs_acl_chmod(struct inode *inode) 829 | #endif 830 | { 831 | struct super_block *sb = inode->i_sb; 832 | 833 | #if LINUX_VERSION_CODE >= KERNEL_VERSION(4, 14, 0) 834 | if (!(sb->s_flags & SB_POSIXACL)) 835 | #else 836 | if (!(sb->s_flags & MS_POSIXACL)) 837 | #endif 838 | return 0; 839 | 840 | if (S_ISLNK(inode->i_mode)) 841 | return -EOPNOTSUPP; 842 | 843 | #if LINUX_VERSION_CODE >= KERNEL_VERSION(5, 12, 0) 844 | return posix_acl_chmod(mnt_userns, inode, inode->i_mode); 845 | #else 846 | return posix_acl_chmod(inode, inode->i_mode); 847 | #endif 848 | } 849 | 850 | /* 851 | * ntfs_permission 852 | * 853 | * inode_operations::permission 854 | */ 855 | #if LINUX_VERSION_CODE >= KERNEL_VERSION(5, 12, 0) 856 | int ntfs_permission(struct user_namespace *mnt_userns, struct inode *inode, 857 | #else 858 | int ntfs_permission(struct inode *inode, 859 | #endif 860 | int mask) 861 | { 862 | if (ntfs_sb(inode->i_sb)->options.no_acs_rules) { 863 | /* "no access rules" mode - allow all changes */ 864 | return 0; 865 | } 866 | 867 | #if LINUX_VERSION_CODE >= KERNEL_VERSION(5, 12, 0) 868 | return generic_permission(mnt_userns, inode, mask); 869 | #else 870 | return generic_permission(inode, mask); 871 | #endif 872 | } 873 | 874 | /* 875 | * ntfs_listxattr 876 | * 877 | * inode_operations::listxattr 878 | */ 879 | ssize_t ntfs_listxattr(struct dentry *dentry, char *buffer, size_t size) 880 | { 881 | struct inode *inode = d_inode(dentry); 882 | struct ntfs_inode *ni = ntfs_i(inode); 883 | ssize_t ret; 884 | 885 | if (!(ni->ni_flags & NI_FLAG_EA)) { 886 | /* no xattr in file */ 887 | return 0; 888 | } 889 | 890 | ni_lock(ni); 891 | 892 | ret = ntfs_list_ea(ni, buffer, size); 893 | 894 | ni_unlock(ni); 895 | 896 | return ret; 897 | } 898 | 899 | static int ntfs_getxattr(const struct xattr_handler *handler, struct dentry *de, 900 | struct inode *inode, const char *name, void *buffer, 901 | size_t size) 902 | { 903 | int err; 904 | struct ntfs_inode *ni = ntfs_i(inode); 905 | size_t name_len = strlen(name); 906 | 907 | /* Dispatch request */ 908 | if (name_len == sizeof(SYSTEM_DOS_ATTRIB) - 1 && 909 | !memcmp(name, SYSTEM_DOS_ATTRIB, sizeof(SYSTEM_DOS_ATTRIB))) { 910 | /* system.dos_attrib */ 911 | if (!buffer) { 912 | err = sizeof(u8); 913 | } else if (size < sizeof(u8)) { 914 | err = -ENODATA; 915 | } else { 916 | err = sizeof(u8); 917 | *(u8 *)buffer = le32_to_cpu(ni->std_fa); 918 | } 919 | goto out; 920 | } 921 | 922 | if (name_len == sizeof(SYSTEM_NTFS_ATTRIB) - 1 && 923 | !memcmp(name, SYSTEM_NTFS_ATTRIB, sizeof(SYSTEM_NTFS_ATTRIB))) { 924 | /* system.ntfs_attrib */ 925 | if (!buffer) { 926 | err = sizeof(u32); 927 | } else if (size < sizeof(u32)) { 928 | err = -ENODATA; 929 | } else { 930 | err = sizeof(u32); 931 | *(u32 *)buffer = le32_to_cpu(ni->std_fa); 932 | } 933 | goto out; 934 | } 935 | 936 | if (name_len == sizeof(SYSTEM_NTFS_SECURITY) - 1 && 937 | !memcmp(name, SYSTEM_NTFS_SECURITY, sizeof(SYSTEM_NTFS_SECURITY))) { 938 | /* system.ntfs_security*/ 939 | struct SECURITY_DESCRIPTOR_RELATIVE *sd = NULL; 940 | size_t sd_size = 0; 941 | 942 | if (!is_ntfs3(ni->mi.sbi)) { 943 | /* we should get nt4 security */ 944 | err = -EINVAL; 945 | goto out; 946 | } else if (le32_to_cpu(ni->std_security_id) < 947 | SECURITY_ID_FIRST) { 948 | err = -ENOENT; 949 | goto out; 950 | } 951 | 952 | err = ntfs_get_security_by_id(ni->mi.sbi, ni->std_security_id, 953 | &sd, &sd_size); 954 | if (err) 955 | goto out; 956 | 957 | if (!is_sd_valid(sd, sd_size)) { 958 | ntfs_inode_warn( 959 | inode, 960 | "looks like you get incorrect security descriptor id=%u", 961 | ni->std_security_id); 962 | } 963 | 964 | if (!buffer) { 965 | err = sd_size; 966 | } else if (size < sd_size) { 967 | err = -ENODATA; 968 | } else { 969 | err = sd_size; 970 | memcpy(buffer, sd, sd_size); 971 | } 972 | ntfs_free(sd); 973 | goto out; 974 | } 975 | 976 | #ifdef CONFIG_NTFS3_FS_POSIX_ACL 977 | if ((name_len == sizeof(XATTR_NAME_POSIX_ACL_ACCESS) - 1 && 978 | !memcmp(name, XATTR_NAME_POSIX_ACL_ACCESS, 979 | sizeof(XATTR_NAME_POSIX_ACL_ACCESS))) || 980 | (name_len == sizeof(XATTR_NAME_POSIX_ACL_DEFAULT) - 1 && 981 | !memcmp(name, XATTR_NAME_POSIX_ACL_DEFAULT, 982 | sizeof(XATTR_NAME_POSIX_ACL_DEFAULT)))) { 983 | /* TODO: init_user_ns? */ 984 | err = ntfs_xattr_get_acl( 985 | #if LINUX_VERSION_CODE >= KERNEL_VERSION(5, 12, 0) 986 | &init_user_ns, inode, 987 | #else 988 | inode, 989 | #endif 990 | name_len == sizeof(XATTR_NAME_POSIX_ACL_ACCESS) - 1 991 | ? ACL_TYPE_ACCESS 992 | : ACL_TYPE_DEFAULT, 993 | buffer, size); 994 | goto out; 995 | } 996 | #endif 997 | /* deal with ntfs extended attribute */ 998 | err = ntfs_get_ea(inode, name, name_len, buffer, size, NULL); 999 | 1000 | out: 1001 | return err; 1002 | } 1003 | 1004 | /* 1005 | * ntfs_setxattr 1006 | * 1007 | * inode_operations::setxattr 1008 | */ 1009 | static noinline int ntfs_setxattr(const struct xattr_handler *handler, 1010 | #if LINUX_VERSION_CODE >= KERNEL_VERSION(5, 12, 0) 1011 | struct user_namespace *mnt_userns, 1012 | #endif 1013 | struct dentry *de, struct inode *inode, 1014 | const char *name, const void *value, 1015 | size_t size, int flags) 1016 | { 1017 | int err = -EINVAL; 1018 | struct ntfs_inode *ni = ntfs_i(inode); 1019 | size_t name_len = strlen(name); 1020 | enum FILE_ATTRIBUTE new_fa; 1021 | 1022 | /* Dispatch request */ 1023 | if (name_len == sizeof(SYSTEM_DOS_ATTRIB) - 1 && 1024 | !memcmp(name, SYSTEM_DOS_ATTRIB, sizeof(SYSTEM_DOS_ATTRIB))) { 1025 | if (sizeof(u8) != size) 1026 | goto out; 1027 | new_fa = cpu_to_le32(*(u8 *)value); 1028 | goto set_new_fa; 1029 | } 1030 | 1031 | if (name_len == sizeof(SYSTEM_NTFS_ATTRIB) - 1 && 1032 | !memcmp(name, SYSTEM_NTFS_ATTRIB, sizeof(SYSTEM_NTFS_ATTRIB))) { 1033 | if (size != sizeof(u32)) 1034 | goto out; 1035 | new_fa = cpu_to_le32(*(u32 *)value); 1036 | 1037 | if (S_ISREG(inode->i_mode)) { 1038 | /* Process compressed/sparsed in special way*/ 1039 | ni_lock(ni); 1040 | err = ni_new_attr_flags(ni, new_fa); 1041 | ni_unlock(ni); 1042 | if (err) 1043 | goto out; 1044 | } 1045 | set_new_fa: 1046 | /* 1047 | * Thanks Mark Harmstone: 1048 | * keep directory bit consistency 1049 | */ 1050 | if (S_ISDIR(inode->i_mode)) 1051 | new_fa |= FILE_ATTRIBUTE_DIRECTORY; 1052 | else 1053 | new_fa &= ~FILE_ATTRIBUTE_DIRECTORY; 1054 | 1055 | if (ni->std_fa != new_fa) { 1056 | ni->std_fa = new_fa; 1057 | if (new_fa & FILE_ATTRIBUTE_READONLY) 1058 | inode->i_mode &= ~0222; 1059 | else 1060 | inode->i_mode |= 0222; 1061 | /* std attribute always in primary record */ 1062 | ni->mi.dirty = true; 1063 | mark_inode_dirty(inode); 1064 | } 1065 | err = 0; 1066 | 1067 | goto out; 1068 | } 1069 | 1070 | if (name_len == sizeof(SYSTEM_NTFS_SECURITY) - 1 && 1071 | !memcmp(name, SYSTEM_NTFS_SECURITY, sizeof(SYSTEM_NTFS_SECURITY))) { 1072 | /* system.ntfs_security*/ 1073 | __le32 security_id; 1074 | bool inserted; 1075 | struct ATTR_STD_INFO5 *std; 1076 | 1077 | if (!is_ntfs3(ni->mi.sbi)) { 1078 | /* 1079 | * we should replace ATTR_SECURE 1080 | * Skip this way cause it is nt4 feature 1081 | */ 1082 | err = -EINVAL; 1083 | goto out; 1084 | } 1085 | 1086 | if (!is_sd_valid(value, size)) { 1087 | err = -EINVAL; 1088 | ntfs_inode_warn( 1089 | inode, 1090 | "you try to set invalid security descriptor"); 1091 | goto out; 1092 | } 1093 | 1094 | err = ntfs_insert_security(ni->mi.sbi, value, size, 1095 | &security_id, &inserted); 1096 | if (err) 1097 | goto out; 1098 | 1099 | ni_lock(ni); 1100 | std = ni_std5(ni); 1101 | if (!std) { 1102 | err = -EINVAL; 1103 | } else if (std->security_id != security_id) { 1104 | std->security_id = ni->std_security_id = security_id; 1105 | /* std attribute always in primary record */ 1106 | ni->mi.dirty = true; 1107 | mark_inode_dirty(&ni->vfs_inode); 1108 | } 1109 | ni_unlock(ni); 1110 | goto out; 1111 | } 1112 | 1113 | #ifdef CONFIG_NTFS3_FS_POSIX_ACL 1114 | if ((name_len == sizeof(XATTR_NAME_POSIX_ACL_ACCESS) - 1 && 1115 | !memcmp(name, XATTR_NAME_POSIX_ACL_ACCESS, 1116 | sizeof(XATTR_NAME_POSIX_ACL_ACCESS))) || 1117 | (name_len == sizeof(XATTR_NAME_POSIX_ACL_DEFAULT) - 1 && 1118 | !memcmp(name, XATTR_NAME_POSIX_ACL_DEFAULT, 1119 | sizeof(XATTR_NAME_POSIX_ACL_DEFAULT)))) { 1120 | /* TODO: init_user_ns? */ 1121 | err = ntfs_xattr_set_acl( 1122 | #if LINUX_VERSION_CODE >= KERNEL_VERSION(5, 12, 0) 1123 | &init_user_ns, inode, 1124 | #else 1125 | inode, 1126 | #endif 1127 | name_len == sizeof(XATTR_NAME_POSIX_ACL_ACCESS) - 1 1128 | ? ACL_TYPE_ACCESS 1129 | : ACL_TYPE_DEFAULT, 1130 | value, size); 1131 | goto out; 1132 | } 1133 | #endif 1134 | /* deal with ntfs extended attribute */ 1135 | err = ntfs_set_ea(inode, name, name_len, value, size, flags, 0); 1136 | 1137 | out: 1138 | return err; 1139 | } 1140 | 1141 | static bool ntfs_xattr_user_list(struct dentry *dentry) 1142 | { 1143 | return true; 1144 | } 1145 | 1146 | static const struct xattr_handler ntfs_xattr_handler = { 1147 | .prefix = "", 1148 | .get = ntfs_getxattr, 1149 | .set = ntfs_setxattr, 1150 | .list = ntfs_xattr_user_list, 1151 | }; 1152 | 1153 | const struct xattr_handler *ntfs_xattr_handlers[] = { 1154 | &ntfs_xattr_handler, 1155 | NULL, 1156 | }; 1157 | --------------------------------------------------------------------------------