void print_bek_header(dataset_t* bek)
{
time_t ts;
char rec_id[37];
ntfs2utc(bek->timestamp, &ts);
format_guid(bek->hash, rec_id);
xprintf(L_INFO, "==[ Generic BEK file information ]==\n");
xprintf(L_INFO, "Total Size: %hu bytes\n", bek->size);
xprintf(L_INFO, "Unknown: %hu\n", bek->unknown1);
xprintf(L_INFO, "Header Size: %d bytes\n", bek->header_size);
xprintf(L_INFO, "Recovery Key Id: %16s \n", rec_id);
xprintf(L_INFO, "Next counter: %d\n", bek->next_counter);
xprintf(L_INFO, "Reserved field: 0x%x\n", bek->algo_zeroed);
xprintf(L_INFO, "Epoch Timestamp: %ud sec, or %s\n", (unsigned int)ts, asctime(gmtime(&ts)));
}
void print_ext_info_header(external_info_header_t* header)
{
char rec_id[37] = {0,};
time_t ts;
char* type_str = NULL;
ntfs2utc(header->timestamp, &ts);
format_guid(header->guid, rec_id);
type_str = datumtypestr(header->datum_type);
xprintf(L_INFO, "===[ Header information ]===\n");
xprintf(L_INFO, "Size: %hu bytes\n", header->size);
xprintf(L_INFO, "Unknown1: %#.4x\n", header->unknown1);
xprintf(L_INFO, "Datum type: %s (%#.4x)\n", type_str, header->datum_type);
xprintf(L_INFO, "Error status: %hu\n", header->error_status);
xprintf(L_INFO, "Recovery Key Id: %s\n", rec_id);
xprintf(L_INFO, "Epoch Timestamp: %ud sec, or %s\n", (unsigned int)ts, asctime(gmtime(&ts)));
xfree(type_str);
}
/**
* ntfs_inode_open - open an inode ready for access
* @vol: volume to get the inode from
* @mref: inode number / mft record number to open
*
* Allocate an ntfs_inode structure and initialize it for the given inode
* specified by @mref. @mref specifies the inode number / mft record to read,
* including the sequence number, which can be 0 if no sequence number checking
* is to be performed.
*
* Then, allocate a buffer for the mft record, read the mft record from the
* volume @vol, and attach it to the ntfs_inode structure (->mrec). The
* mft record is mst deprotected and sanity checked for validity and we abort
* if deprotection or checks fail.
*
* Finally, search for an attribute list attribute in the mft record and if one
* is found, load the attribute list attribute value and attach it to the
* ntfs_inode structure (->attr_list). Also set the NI_AttrList bit to indicate
* this.
*
* Return a pointer to the ntfs_inode structure on success or NULL on error,
* with errno set to the error code.
*/
ntfs_inode *ntfs_inode_open(ntfs_volume *vol, const MFT_REF mref)
{
s64 l;
ntfs_inode *ni = NULL;
ntfs_attr_search_ctx *ctx;
STANDARD_INFORMATION *std_info;
le32 lthle;
int olderrno;
ntfs_log_enter("Entering for inode %lld\n", (long long)MREF(mref));
if (!vol) {
errno = EINVAL;
goto out;
}
ni = __ntfs_inode_allocate(vol);
if (!ni)
goto out;
if (ntfs_file_record_read(vol, mref, &ni->mrec, NULL))
goto err_out;
if (!(ni->mrec->flags & MFT_RECORD_IN_USE)) {
errno = ENOENT;
goto err_out;
}
ni->mft_no = MREF(mref);
ctx = ntfs_attr_get_search_ctx(ni, NULL);
if (!ctx)
goto err_out;
/* Receive some basic information about inode. */
if (ntfs_attr_lookup(AT_STANDARD_INFORMATION, AT_UNNAMED,
0, CASE_SENSITIVE, 0, NULL, 0, ctx)) {
if (!ni->mrec->base_mft_record)
ntfs_log_perror("No STANDARD_INFORMATION in base record"
" %lld", (long long)MREF(mref));
goto put_err_out;
}
std_info = (STANDARD_INFORMATION *)((u8 *)ctx->attr +
le16_to_cpu(ctx->attr->value_offset));
ni->flags = std_info->file_attributes;
ni->creation_time = ntfs2utc(std_info->creation_time);
ni->last_data_change_time = ntfs2utc(std_info->last_data_change_time);
ni->last_mft_change_time = ntfs2utc(std_info->last_mft_change_time);
ni->last_access_time = ntfs2utc(std_info->last_access_time);
/* JPA insert v3 extensions if present */
/* length may be seen as 72 (v1.x) or 96 (v3.x) */
lthle = ctx->attr->length;
if (le32_to_cpu(lthle) > sizeof(STANDARD_INFORMATION)) {
set_nino_flag(ni, v3_Extensions);
ni->owner_id = std_info->owner_id;
ni->security_id = std_info->security_id;
ni->quota_charged = std_info->quota_charged;
ni->usn = std_info->usn;
} else {
clear_nino_flag(ni, v3_Extensions);
ni->owner_id = 0;
ni->security_id = 0;
}
/* Set attribute list information. */
olderrno = errno;
if (ntfs_attr_lookup(AT_ATTRIBUTE_LIST, AT_UNNAMED, 0, 0, 0, NULL, 0,
ctx)) {
if (errno != ENOENT)
goto put_err_out;
/* Attribute list attribute does not present. */
/* restore previous errno to avoid misinterpretation */
errno = olderrno;
goto get_size;
}
NInoSetAttrList(ni);
l = ntfs_get_attribute_value_length(ctx->attr);
if (!l)
goto put_err_out;
if (l > 0x40000) {
errno = EIO;
ntfs_log_perror("Too large attrlist attribute (%lld), inode "
"%lld", (long long)l, (long long)MREF(mref));
goto put_err_out;
}
ni->attr_list_size = l;
ni->attr_list = ntfs_malloc(ni->attr_list_size);
if (!ni->attr_list)
goto put_err_out;
l = ntfs_get_attribute_value(vol, ctx->attr, ni->attr_list);
if (!l)
goto put_err_out;
if (l != ni->attr_list_size) {
errno = EIO;
ntfs_log_perror("Unexpected attrlist size (%lld <> %u), inode "
"%lld", (long long)l, ni->attr_list_size,
(long long)MREF(mref));
goto put_err_out;
}
get_size:
olderrno = errno;
if (ntfs_attr_lookup(AT_DATA, AT_UNNAMED, 0, 0, 0, NULL, 0, ctx)) {
if (errno != ENOENT)
goto put_err_out;
/* Directory or special file. */
/* restore previous errno to avoid misinterpretation */
errno = olderrno;
ni->data_size = ni->allocated_size = 0;
} else {
if (ctx->attr->non_resident) {
ni->data_size = sle64_to_cpu(ctx->attr->data_size);
if (ctx->attr->flags &
(ATTR_IS_COMPRESSED | ATTR_IS_SPARSE))
ni->allocated_size = sle64_to_cpu(
ctx->attr->compressed_size);
else
ni->allocated_size = sle64_to_cpu(
ctx->attr->allocated_size);
} else {
ni->data_size = le32_to_cpu(ctx->attr->value_length);
ni->allocated_size = (ni->data_size + 7) & ~7;
}
}
ntfs_attr_put_search_ctx(ctx);
out:
ntfs_log_leave("\n");
return ni;
put_err_out:
ntfs_attr_put_search_ctx(ctx);
err_out:
__ntfs_inode_release(ni);
ni = NULL;
goto out;
}
