Since its 2017 edition, Windows 10 has stopped mirroring $MFT to the
full size of $MFTMirr leading to mounts of partitions with big clusters
to be rejected because of mismatches. With this patch, only 16 records
are checked, though mirroring is still done for all records in $MFTMirr.
Currently, applications that wish to access security descriptors have to
explicitly open the volume's security descriptor index ("$Secure") using
ntfs_open_secure(). Applications are also responsible for closing the
index when done with it. However, the cleanup function for doing,
ntfs_close_secure(), cannot be called easily by all applications because
it requires a SECURITY_CONTEXT argument, not simply the ntfs_volume.
Some applications therefore have to close the inode and index contexts
manually in order to clean up properly.
This proposal updates libntfs-3g to open $Secure unconditonally as part
of ntfs_mount(), so that applications do not have to worry about it.
This proposal updates libntfs-3g to open $Secure unconditonally as part
of ntfs_mount(), so that applications do not have to worry about it.
ntfs_close_secure() is updated to take in a ntfs_volume for internal use,
and ntfs_destroy_security_context() is now the function to call to free
memory associated with a SECURITY_CONTEXT rather than a ntfs_volume.
Some memory leaks in error paths of ntfs_open_secure() are also fixed.
Signed-off-by: Eric Biggers <ebiggers3@gmail.com>
The file /etc/mtab is traditionally checked to avoid multiple mountings
of the same device, but this is not accurate enough in some conditions.
So use /proc/mounts when available and fall back to /etc/mtab on
systems which do not have /proc/mounts.
The MS_* flags originated from system constants. However the flags
passed to ntfs_mount were really unrelated to the system constants and
many new MS_* flags had to be introduced as different features were
added to the library. Those flags had no counterparts in any system
APIs, so using the same naming scheme is inappropriate.
Instead, let's namespace these flags similarly to what has already been
done in ntfsprogs/libntfs earlier. This avoids any possible conflicts
with system constants.
The values of the flags themselves are kept the same as earlier, so
backward compatibility is retained.
- Replaced 'ntfschar*' parameters with 'const ntfschar*' where
appropriate (the function does not need to modify the string).
- Replaced some instances of 'u8*' and 'char*' read-only buffer
arguments with 'const u8*' and 'const char*'.
Windows 8 includes a "fast restart" feature for restarting without fully
remounting the internal volumes. When this mode is selected, metadata
stored in the cache (probably hiberfil.sys) is used instead of what
is actually on disk, and this may lead to inconsistencies when changes
have been made by ntfs-3g in the meantime.
This patch tries to prevent ntfs-3g from mounting in read-write mode
when a fast restart of Windows 8 is detected. It relies on the restart
pages in the $LogFile being identified as version 2.0, which is
apparently related to data being cached for hibernation or fast restarting.
External devices, such as USB keys, may have a switch to make them
temporarily unwriteable. When such a device is plugged in, mount it
as read-only by default.
The suggestion to use option remove_hiberfile was displayed in the
standard help and when a volume is found dirty. As this option may
lead to loss of data, only mention it in the manual, with a proper
warning.
On Windows XP and Vista, the system hibernation is identified by the
sequence "hibr" at the beginning of hiberfil.sys. This had been changed
to "HIBR" in Windows 7, so both sequences have to be accepted as
hibernation criteria.
With the default mount options, compression of new files are now done
if the parent directory is marked for compression. The mount option
"compression" is not needed any more, but the option "nocompression"
can be used to disable compression of new files.
The default option also applies to applications using libntfs-3g with
no mount command.
The label changing code in ntfslabel was cleaned up and modified to use the more
advanced functionality of libntfs-3g instead of using older custom code to
resize and create resident attributes.
The core label changing functionality was also moved into the library so it can
be reused by other programs.
For some reason, when the monted device is "/dev/mapper/*", a record
in the form "/dev/dm-*" ends up in /etc/mtab and the device cannot be
unmounted.
The reason is unclear, the /dev/mapper name is not a symlink, and the
function doing the name change is not known. No detailed feedback from
the users having met the issue.
The patch changes the name back to the /dev/mapper name after realpath()
is called, and, if there is an actual change, both the name passed to
ntfs-3g and the one passed to fuse and mount are logged in the hope
of getting a clue about what is happening.
But ntfs-3g is probably not the right place for a fix.
