On linux the request argument of ioctl() is defined as an unsigned long,
but the fuse protocol squashes it into a signed int. As a consequence
the value received by ntfs-3g may appear as negative and different from
the value defined by the corresponding macro.
So define the request argument as unsigned long in ntfs-3g. It has
however to be fed as unsigned from fuse until the fuse protocol is
updated.
An earlier patch enabled updating a file proper id without changing
the other id (birth, volume, domain). However the first time the id
is set, these other ids have to be zeroed.
As similar reparse tags are being used for accessing OneDrive files
and directories, a similar policy has to be used for accessing them.
Until giving full access to OneDrive files with a local copy is
mature enough to have it processed internally, it is safer to have
it delegated to an external plugin. This reverts [4f450a]
When permissions are enabled and setxattr() is rejected, an error
must be returned even though the option silent is set. This is needed
for "cp -p" to know it has to try setting the permissions again and use
chmod().
The alignment of times set in an extended attribute value cannot be
asserted, and this cause alignment errors on some CPUs (met on ARM).
Be safe by copying them in a properly aligned array.
Even though mft or index records may be smaller than a cluster,
reading and rescuing them is done on a full cluster base, so
full clusters must be allocated for processing them.
From Windows 10 Creators edition, the cluster size limit has been
extended to 2MB. This has implied redefining the boot sector field
"sectors_per_cluster" so that values greater than 128 can be recorded.
When the bit 28 of a reparse tag is set on a directory, the reparse
information should be ignored and the directory should be accessed
the usual way (this setting is new to Windows 10). In such a situation
access to the directory through an internal plugin rather than through
an external one.
The same policy applies to REPARSE_TAG_WCI which had been defined
earlier without the bit 28 being set.
When extents are needed to store the runlist of the MFT, the first one
must be located in record 15 so that its location can be determined from
the part in the base extent. As this record is always marked in use,
determining whether it is not really in use requires a specific logic.
When trying a resize in "no action" (read-only) mode, and the MFT runlist
has to be reorganized to take its new fragmentation into account, the updated
runlist cannot be read from the device while updating the runlist of
normal files. To avoid having to read the updated runlist, the update
is delayed so that the original runlist is used. As a consequence the test
of reorganizing the runlists is only an approximation of what would happen
in a real resize.
Newer versions of Windows 10 use several reparse tags for files which
are synchronized to OneDrive cloud storage (0x9000301a, 0x9000601a,
0x9000701a, ...). identify them as IO_REPARSE_TAG_CLOUD and use a
single plugin to process them.
Since its 2017 edition, Windows 10 has stopped mirroring $MFT to the
full size of $MFTMirr leading to mounts of partitions with big clusters
to be rejected because of mismatches. With this patch, only 16 records
are checked, though mirroring is still done for all records in $MFTMirr.
Document an earlier update which forced read-only mode when mounting
a partition which has been left by Windows in an inconsistent state
through hibernation or fast restarting.
Object ids can be used to locate files which have been move to another
volume. This is only possible when the birth ids are recorded, but in most
cases files reside on their birth volume and their birth ids are not set.
The patch enables setting a file id without changing its birth id, by
setting an extended attribute "system.ntfs_object_id" limited to 16
bytes.
At least when there is a shortage of space on the target device, several
redo actions are associated to undoing a CompensationlogRecord, and they
should be redone upon recovery.
Under some circumstances, the temporary log file blocks are not the
latest ones, so check whether there are more recent ones.
Only done for log version 1.x, as log version 2.x follow a different
logic.
The struct members for the time fields in struct stat vary depending on
platform, so introduce #ifdefs using the config.h-supplied definitions
for determining which stat time definition is appropriate.
When the ntfs image is unclean, usually because it was not unmounted
properly from Windows, mounting read-write is denied and falls back
to read-only. Log this situation in the syslog, so that users mounting
through /etc/fstab can more easily know what is going on. Also remove
the "rw" option if it was stated.
Windows 10 brought a new type of reparse point for directories (0x80000018),
so add opendir() and readdir() to the plugin interface to take directories
into account. The interface for releasedir() is merged with release() as
the plugins can discriminate them if needed.
Windows 10 brought security descriptors which contain ACE's related to
new ways of accessing files or directories. These ACE are now accepted
with minimal consistency checks. They are still ignored for translating
permissions and for Windows-type inheritance.
The logic for determining where the actions SetIndexEntryVcnRoot and
SetIndexEntryVcnAllocation had to insert a new vcn was unclear and was
wrong in some situations. This is to fix the logic as determined by new
evidence.
When a file is partially truncated, the highest_vcn has to be recomputed
before the file size is adjusted. As a consequence the unmapped run
inserted at the end of runlist to match the file size should not be taken
into account when determining the higest_vcn.
When the fast restart mode of Windows 8 (or later) is activated, the
log file format is different (version 2.0 instead of 1.1), having 32
temporaty blocks instead of 2. This patch upgrades ntfsrecover to take
the new format into account.
When using option --ignore-fs-check in ntfsclone, doubly allocated cluster
still lead to aborting the process. Bypassing the error is useful for
creating a metadata image intended for debugging, for example when the
partition was not closed properly and the logfile has to be applied to
restore the integrity of metadata.
The computing of replacement bytes for overwriting undeletable files
uses random values and standard ones instead of the values provided in
option --bytes. Fix the mixup between both logics, mention the difference
in the documentation and reject defining both options --bytes and --undel.