Prevented partitions with metadata cached in Windows from being mounted

Windows 8 includes a "fast restart" feature for restarting without fully remounting the internal volumes. When this mode is selected, metadata stored in the cache (probably hiberfil.sys) is used instead of what is actually on disk, and this may lead to inconsistencies when changes have been made by ntfs-3g in the meantime. This patch tries to prevent ntfs-3g from mounting in read-write mode when a fast restart of Windows 8 is detected. It relies on the restart pages in the $LogFile being identified as version 2.0, which is apparently related to data being cached for hibernation or fast restarting.
2012-09-25 09:46:54 +02:00 · 2012-09-25 09:46:54 +02:00 · 559270a8f6
parent 9337e0a069
commit 559270a8f6
3 changed files with 49 additions and 4 deletions
--- a/libntfs-3g/logfile.c
+++ b/libntfs-3g/logfile.c
@ -84,7 +84,12 @@ static BOOL ntfs_check_restart_page_header(RESTART_PAGE_HEADER *rp, s64 pos)
 				"position in $LogFile.\n");
 		return FALSE;
 	}
-	/* We only know how to handle version 1.1 and 2.0. */
+	/*
+	 * We only know how to handle version 1.1 and 2.0, though
+	 * version 2.0 is probably related to cached metadata in
+	 * Windows 8, and we will refuse to mount.
+	 * Nevertheless, do all the relevant checks before rejecting.
+	 */
 	if (((rp->major_ver != const_cpu_to_le16(1))
 			 || (rp->minor_ver != const_cpu_to_le16(1)))
 	   && ((rp->major_ver != const_cpu_to_le16(2))
--- a/libntfs-3g/volume.c
+++ b/libntfs-3g/volume.c
@ -93,8 +93,9 @@ static const char *corrupt_volume_msg =
 "for more details.\n";

 static const char *hibernated_volume_msg =
-"The NTFS partition is hibernated. Please resume and shutdown Windows\n"
-"properly, or mount the volume read-only with the 'ro' mount option.\n";
+"The NTFS partition is in an unsafe state. Please resume and shutdown\n"
+"Windows fully (no hibernation or fast restarting), or mount the volume\n"
+"read-only with the 'ro' mount option.\n";

 static const char *unclean_journal_msg =
 "Write access is denied because the disk wasn't safely powered\n"
@ -660,6 +661,24 @@ static int ntfs_volume_check_logfile(ntfs_volume *vol)
 	
 	if (!ntfs_check_logfile(na, &rp) || !ntfs_is_logfile_clean(na, rp))
 		err = EOPNOTSUPP;
+		/*
+		 * If the latest restart page was identified as version
+		 * 2.0, then Windows may have kept a cached copy of
+		 * metadata for fast restarting, and we should not mount.
+		 * Hibernation will be seen the same way on a non
+		 * Windows-system partition, so we have to use the same
+		 * error code (EPERM).
+		 * The restart page may also be identified as version 2.0
+		 * when access to the file system is terminated abruptly
+		 * by unplugging or power cut, so mounting is also rejected
+		 * after such an event.
+		 */
+	if (rp
+	    && (rp->major_ver == const_cpu_to_le16(2))
+	    && (rp->minor_ver == const_cpu_to_le16(0))) {
+		ntfs_log_error("Metadata kept in Windows cache, refused to mount.\n");
+		err = EPERM;
+	}
 	free(rp);
 	ntfs_attr_close(na);
 out:	
@ -1212,7 +1231,8 @@ ntfs_volume *ntfs_device_mount(struct ntfs_device *dev, unsigned long flags)
 		    ntfs_volume_check_hiberfile(vol, 1) < 0)
 			goto error_exit;
 		if (ntfs_volume_check_logfile(vol) < 0) {
-			if (!(flags & MS_RECOVER))
+			/* Always reject cached metadata for now */
+			if (!(flags & MS_RECOVER) || (errno == EPERM))
 				goto error_exit;
 			ntfs_log_info("The file system wasn't safely "
 				      "closed on Windows. Fixing.\n");
@ -1708,6 +1728,10 @@ int ntfs_volume_error(int err)
 			ret = NTFS_VOLUME_CORRUPT;
 			break;
 		case EPERM:
+			/*
+			 * Hibernation and fast restarting are seen the
+			 * same way on a non Windows-system partition.
+			 */
 			ret = NTFS_VOLUME_HIBERNATED;
 			break;
 		case EOPNOTSUPP:
--- a/src/ntfs-3g.8.in
+++ b/src/ntfs-3g.8.in
@ -36,6 +36,22 @@ a few differences mentioned below in relevant options descriptions.
 .PP
 The \fIvolume\fR to be mounted can be either a block device or 
 an image file.
+.SS Windows hibernation and fast restarting
+On computers which can be dual-booted into Windows or Linux, Windows has
+to be fully shut down before booting into Linux, otherwise the NTFS file
+systems on internal disks may be left in an inconsistent state and changes
+made by Linux may be ignored by Windows.
+.P
+So, Windows may not be left in hibernation when starting Linux, in order
+to avoid inconsistencies. Moreover, the fast restart feature available on
+recent Windows systems has to be disabled. This can be achieved by issuing
+as an Administrator the Windows command which disables both
+hibernation and fast restarting :
+.RS
+.sp
+powercfg /h off
+.sp
+.RE
 .SS Access Handling and Security
 By default, files and directories are owned by the effective 
 user and group of the mounting process, and everybody has