diff --git a/ChangeLog b/ChangeLog index 0034c3bf..8e237dd3 100644 --- a/ChangeLog +++ b/ChangeLog @@ -117,6 +117,14 @@ xx/12/2006 - 2.0.0 - ntfsmount sports full r/w and ntfsresize supports Vista. - mkntfs: Remove lots of unused/unneeded debugging code. (Anton) - libntfs: Add support for FreeBSD 5.0+ sector aligned access requirements. (Max Khon) + - mkntfs: Create more Vista like volumes. We now match the security + descriptor attributes (but not yet the security descriptors stored in + $Secure). (Anton) + - libntfs: Rewrite ntfs_upcase_table_build() to generate a Vista + compatible upcase table ($UpCase). (Anton) + - mkntfs: Remove own generation of upcase table, i.e. delete + ntfsprogs/upcase.[ch] and use ntfs_upcase_table_build() supplied by + libntfs. (Anton) 21/06/2006 - 1.13.1 - Various fixes. diff --git a/include/ntfs/unistr.h b/include/ntfs/unistr.h index 81450f89..2c5fd554 100644 --- a/include/ntfs/unistr.h +++ b/include/ntfs/unistr.h @@ -2,7 +2,7 @@ * unistr.h - Exports for Unicode string handling. Part of the Linux-NTFS * project. * - * Copyright (c) 2000-2004 Anton Altaparmakov + * Copyright (c) 2000-2006 Anton Altaparmakov * * This program/include file is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License as published diff --git a/libntfs/unistr.c b/libntfs/unistr.c index c1a4d2a5..53de09e8 100644 --- a/libntfs/unistr.c +++ b/libntfs/unistr.c @@ -1,7 +1,7 @@ /** * unistr.c - Unicode string handling. Part of the Linux-NTFS project. * - * Copyright (c) 2000-2004 Anton Altaparmakov + * Copyright (c) 2000-2006 Anton Altaparmakov * * This program/include file is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License as published @@ -40,6 +40,7 @@ #endif #include "attrib.h" +#include "endians.h" #include "types.h" #include "unistr.h" #include "debug.h" @@ -644,62 +645,86 @@ err_out: * ntfs_upcase_table_build() builds the default upcase table for NTFS and * stores it in the caller supplied buffer @uc of size @uc_len. * + * The generated $UpCase table is the one used by Windows Vista. + * * Note, @uc_len must be at least 128kiB in size or bad things will happen! */ void ntfs_upcase_table_build(ntfschar *uc, u32 uc_len) { - static int uc_run_table[][3] = { /* Start, End, Add */ - {0x0061, 0x007B, -32}, {0x0451, 0x045D, -80}, {0x1F70, 0x1F72, 74}, - {0x00E0, 0x00F7, -32}, {0x045E, 0x0460, -80}, {0x1F72, 0x1F76, 86}, - {0x00F8, 0x00FF, -32}, {0x0561, 0x0587, -48}, {0x1F76, 0x1F78, 100}, - {0x0256, 0x0258, -205}, {0x1F00, 0x1F08, 8}, {0x1F78, 0x1F7A, 128}, - {0x028A, 0x028C, -217}, {0x1F10, 0x1F16, 8}, {0x1F7A, 0x1F7C, 112}, - {0x03AC, 0x03AD, -38}, {0x1F20, 0x1F28, 8}, {0x1F7C, 0x1F7E, 126}, - {0x03AD, 0x03B0, -37}, {0x1F30, 0x1F38, 8}, {0x1FB0, 0x1FB2, 8}, - {0x03B1, 0x03C2, -32}, {0x1F40, 0x1F46, 8}, {0x1FD0, 0x1FD2, 8}, - {0x03C2, 0x03C3, -31}, {0x1F51, 0x1F52, 8}, {0x1FE0, 0x1FE2, 8}, - {0x03C3, 0x03CC, -32}, {0x1F53, 0x1F54, 8}, {0x1FE5, 0x1FE6, 7}, - {0x03CC, 0x03CD, -64}, {0x1F55, 0x1F56, 8}, {0x2170, 0x2180, -16}, - {0x03CD, 0x03CF, -63}, {0x1F57, 0x1F58, 8}, {0x24D0, 0x24EA, -26}, - {0x0430, 0x0450, -32}, {0x1F60, 0x1F68, 8}, {0xFF41, 0xFF5B, -32}, - {0} + /* + * "Start" is inclusive and "End" is exclusive, every value has the + * value of "Add" added to it. + */ + static int add[][3] = { /* Start, End, Add */ + {0x0061, 0x007b, -32}, {0x00e0, 0x00f7, -32}, {0x00f8, 0x00ff, -32}, + {0x0256, 0x0258, -205}, {0x028a, 0x028c, -217}, {0x037b, 0x037e, 130}, + {0x03ac, 0x03ad, -38}, {0x03ad, 0x03b0, -37}, {0x03b1, 0x03c2, -32}, + {0x03c2, 0x03c3, -31}, {0x03c3, 0x03cc, -32}, {0x03cc, 0x03cd, -64}, + {0x03cd, 0x03cf, -63}, {0x0430, 0x0450, -32}, {0x0450, 0x0460, -80}, + {0x0561, 0x0587, -48}, {0x1f00, 0x1f08, 8}, {0x1f10, 0x1f16, 8}, + {0x1f20, 0x1f28, 8}, {0x1f30, 0x1f38, 8}, {0x1f40, 0x1f46, 8}, + {0x1f51, 0x1f52, 8}, {0x1f53, 0x1f54, 8}, {0x1f55, 0x1f56, 8}, + {0x1f57, 0x1f58, 8}, {0x1f60, 0x1f68, 8}, {0x1f70, 0x1f72, 74}, + {0x1f72, 0x1f76, 86}, {0x1f76, 0x1f78, 100}, {0x1f78, 0x1f7a, 128}, + {0x1f7a, 0x1f7c, 112}, {0x1f7c, 0x1f7e, 126}, {0x1f80, 0x1f88, 8}, + {0x1f90, 0x1f98, 8}, {0x1fa0, 0x1fa8, 8}, {0x1fb0, 0x1fb2, 8}, + {0x1fb3, 0x1fb4, 9}, {0x1fcc, 0x1fcd, -9}, {0x1fd0, 0x1fd2, 8}, + {0x1fe0, 0x1fe2, 8}, {0x1fe5, 0x1fe6, 7}, {0x1ffc, 0x1ffd, -9}, + {0x2170, 0x2180, -16}, {0x24d0, 0x24ea, -26}, {0x2c30, 0x2c5f, -48}, + {0x2d00, 0x2d26, -7264}, {0xff41, 0xff5b, -32}, {0} }; - static int uc_dup_table[][2] = { /* Start, End */ - {0x0100, 0x012F}, {0x01A0, 0x01A6}, {0x03E2, 0x03EF}, {0x04CB, 0x04CC}, - {0x0132, 0x0137}, {0x01B3, 0x01B7}, {0x0460, 0x0481}, {0x04D0, 0x04EB}, - {0x0139, 0x0149}, {0x01CD, 0x01DD}, {0x0490, 0x04BF}, {0x04EE, 0x04F5}, - {0x014A, 0x0178}, {0x01DE, 0x01EF}, {0x04BF, 0x04BF}, {0x04F8, 0x04F9}, - {0x0179, 0x017E}, {0x01F4, 0x01F5}, {0x04C1, 0x04C4}, {0x1E00, 0x1E95}, - {0x018B, 0x018B}, {0x01FA, 0x0218}, {0x04C7, 0x04C8}, {0x1EA0, 0x1EF9}, - {0} + /* + * "Start" is exclusive and "End" is inclusive, every second value is + * decremented by one. + */ + static int skip_dec[][2] = { /* Start, End */ + {0x0100, 0x012f}, {0x0132, 0x0137}, {0x0139, 0x0149}, {0x014a, 0x0178}, + {0x0179, 0x017e}, {0x01a0, 0x01a6}, {0x01b3, 0x01b7}, {0x01cd, 0x01dd}, + {0x01de, 0x01ef}, {0x01f4, 0x01f5}, {0x01f8, 0x01f9}, {0x01fa, 0x0220}, + {0x0222, 0x0234}, {0x023b, 0x023c}, {0x0241, 0x0242}, {0x0246, 0x024f}, + {0x03d8, 0x03ef}, {0x03f7, 0x03f8}, {0x03fa, 0x03fb}, {0x0460, 0x0481}, + {0x048a, 0x04bf}, {0x04c1, 0x04c4}, {0x04c5, 0x04c8}, {0x04c9, 0x04ce}, + {0x04ec, 0x04ed}, {0x04d0, 0x04eb}, {0x04ee, 0x04f5}, {0x04f6, 0x0513}, + {0x1e00, 0x1e95}, {0x1ea0, 0x1ef9}, {0x2183, 0x2184}, {0x2c60, 0x2c61}, + {0x2c67, 0x2c6c}, {0x2c75, 0x2c76}, {0x2c80, 0x2ce3}, {0} }; - static int uc_byte_table[][2] = { /* Offset, Value */ - {0x00FF, 0x0178}, {0x01AD, 0x01AC}, {0x01F3, 0x01F1}, {0x0269, 0x0196}, - {0x0183, 0x0182}, {0x01B0, 0x01AF}, {0x0253, 0x0181}, {0x026F, 0x019C}, - {0x0185, 0x0184}, {0x01B9, 0x01B8}, {0x0254, 0x0186}, {0x0272, 0x019D}, - {0x0188, 0x0187}, {0x01BD, 0x01BC}, {0x0259, 0x018F}, {0x0275, 0x019F}, - {0x018C, 0x018B}, {0x01C6, 0x01C4}, {0x025B, 0x0190}, {0x0283, 0x01A9}, - {0x0192, 0x0191}, {0x01C9, 0x01C7}, {0x0260, 0x0193}, {0x0288, 0x01AE}, - {0x0199, 0x0198}, {0x01CC, 0x01CA}, {0x0263, 0x0194}, {0x0292, 0x01B7}, - {0x01A8, 0x01A7}, {0x01DD, 0x018E}, {0x0268, 0x0197}, - {0} + /* + * Set the Unicode character at offset "Offset" to "Value". Note, + * "Value" is host endian. + */ + static int set[][2] = { /* Offset, Value */ + {0x00ff, 0x0178}, {0x0180, 0x0243}, {0x0183, 0x0182}, {0x0185, 0x0184}, + {0x0188, 0x0187}, {0x018c, 0x018b}, {0x0192, 0x0191}, {0x0195, 0x01f6}, + {0x0199, 0x0198}, {0x019a, 0x023d}, {0x019e, 0x0220}, {0x01a8, 0x01a7}, + {0x01ad, 0x01ac}, {0x01b0, 0x01af}, {0x01b9, 0x01b8}, {0x01bd, 0x01bc}, + {0x01bf, 0x01f7}, {0x01c6, 0x01c4}, {0x01c9, 0x01c7}, {0x01cc, 0x01ca}, + {0x01dd, 0x018e}, {0x01f3, 0x01f1}, {0x023a, 0x2c65}, {0x023e, 0x2c66}, + {0x0253, 0x0181}, {0x0254, 0x0186}, {0x0259, 0x018f}, {0x025b, 0x0190}, + {0x0260, 0x0193}, {0x0263, 0x0194}, {0x0268, 0x0197}, {0x0269, 0x0196}, + {0x026b, 0x2c62}, {0x026f, 0x019c}, {0x0272, 0x019d}, {0x0275, 0x019f}, + {0x027d, 0x2c64}, {0x0280, 0x01a6}, {0x0283, 0x01a9}, {0x0288, 0x01ae}, + {0x0289, 0x0244}, {0x028c, 0x0245}, {0x0292, 0x01b7}, {0x03f2, 0x03f9}, + {0x04cf, 0x04c0}, {0x1d7d, 0x2c63}, {0x214e, 0x2132}, {0} }; - int i, r; + unsigned i, r; - memset((char*)uc, 0, uc_len); - uc_len >>= 1; - if (uc_len > 65536) - uc_len = 65536; - for (i = 0; (u32)i < uc_len; i++) - uc[i] = i; - for (r = 0; uc_run_table[r][0]; r++) - for (i = uc_run_table[r][0]; i < uc_run_table[r][1]; i++) - uc[i] += uc_run_table[r][2]; - for (r = 0; uc_dup_table[r][0]; r++) - for (i = uc_dup_table[r][0]; i < uc_dup_table[r][1]; i += 2) - uc[i + 1]--; - for (r = 0; uc_byte_table[r][0]; r++) - uc[uc_byte_table[r][0]] = uc_byte_table[r][1]; + memset(uc, 0, uc_len); + uc_len /= 2; + /* Start with a one-to-one mapping, i.e. no upcasing happens at all. */ + for (i = 0; i < uc_len; i++) + uc[i] = cpu_to_le16(i); + /* Adjust specified runs by the specified amount. */ + for (r = 0; add[r][0]; r++) + for (i = add[r][0]; i < add[r][1]; i++) + uc[i] = cpu_to_le16(le16_to_cpu(uc[i]) + add[r][2]); + /* Decrement every second value in specified runs. */ + for (r = 0; skip_dec[r][0]; r++) + for (i = skip_dec[r][0]; i < skip_dec[r][1]; + i += 2) + uc[i + 1] = cpu_to_le16(le16_to_cpu(uc[i + 1]) - 1); + /* Set specified characters to specified values. */ + for (r = 0; set[r][0]; r++) + uc[set[r][0]] = cpu_to_le16(set[r][1]); } /** diff --git a/libntfs/volume.c b/libntfs/volume.c index 020ef1ab..bc658b40 100644 --- a/libntfs/volume.c +++ b/libntfs/volume.c @@ -436,7 +436,6 @@ ntfs_volume *ntfs_volume_startup(struct ntfs_device *dev, sizeof(ntfschar)); if (!vol->upcase) goto error_exit; - ntfs_upcase_table_build(vol->upcase, vol->upcase_len * sizeof(ntfschar)); if (flags & NTFS_MNT_RDONLY) diff --git a/ntfsprogs/Makefile.am b/ntfsprogs/Makefile.am index 398a7917..42a4aeb0 100644 --- a/ntfsprogs/Makefile.am +++ b/ntfsprogs/Makefile.am @@ -45,7 +45,7 @@ ntfsfix_LDADD = $(AM_LIBS) ntfsfix_LDFLAGS = $(AM_LFLAGS) mkntfs_CPPFLAGS = $(AM_CPPFLAGS) $(MKNTFS_CPPFLAGS) -mkntfs_SOURCES = attrdef.c attrdef.h upcase.c upcase.h boot.c boot.h sd.c sd.h mkntfs.c utils.c utils.h +mkntfs_SOURCES = attrdef.c attrdef.h boot.c boot.h sd.c sd.h mkntfs.c utils.c utils.h mkntfs_LDADD = $(AM_LIBS) $(MKNTFS_LIBS) mkntfs_LDFLAGS = $(AM_LFLAGS) diff --git a/ntfsprogs/mkntfs.c b/ntfsprogs/mkntfs.c index 8559fd2a..a654853b 100644 --- a/ntfsprogs/mkntfs.c +++ b/ntfsprogs/mkntfs.c @@ -145,12 +145,12 @@ #include "utils.h" #include "ntfstime.h" #include "sd.h" -#include "upcase.h" #include "boot.h" #include "attrdef.h" #include "version.h" #include "logging.h" #include "support.h" +#include "unistr.h" #ifdef NO_NTFS_DEVICE_DEFAULT_IO_OPS #error "No default device io operations! Cannot build mkntfs. \ @@ -4065,7 +4065,7 @@ static BOOL mkntfs_create_root_structures(void) FILE_ATTR_I30_INDEX_PRESENT, 0, 0, ".", FILE_NAME_WIN32_AND_DOS); if (!err) { - init_root_sd_31(&sd, &i); + init_root_sd(&sd, &i); err = add_attr_sd(m, sd, i); } /* FIXME: This should be IGNORE_CASE */ @@ -4349,7 +4349,7 @@ static BOOL mkntfs_create_root_structures(void) buf_sds = ntfs_calloc(buf_sds_size); if (!buf_sds) return FALSE; - init_secure_31(buf_sds); + init_secure_sds(buf_sds); memcpy(buf_sds + 0x40000, buf_sds, buf_sds_first_size); err = add_attr_data(m, "$SDS", 4, 0, 0, (u8*)buf_sds, buf_sds_size); @@ -4541,8 +4541,8 @@ static int mkntfs_redirect(struct mkntfs_options *opts2) g_vol->upcase = ntfs_malloc(g_vol->upcase_len * sizeof(ntfschar)); if (!g_vol->upcase) goto done; - - init_upcase_table(g_vol->upcase, g_vol->upcase_len * sizeof(ntfschar)); + ntfs_upcase_table_build(g_vol->upcase, + g_vol->upcase_len * sizeof(ntfschar)); g_vol->attrdef = ntfs_malloc(sizeof(attrdef_ntfs3x_array)); if (!g_vol->attrdef) { ntfs_log_perror("Could not create attrdef structure"); diff --git a/ntfsprogs/sd.c b/ntfsprogs/sd.c index 379233cf..06d35fe8 100644 --- a/ntfsprogs/sd.c +++ b/ntfsprogs/sd.c @@ -3,7 +3,7 @@ #include "sd.h" /** - * init_system_file_sd + * init_system_file_sd - * * NTFS 3.1 - System files security decriptors * ===================================================== @@ -11,15 +11,8 @@ * Create the security descriptor for system file number @sys_file_no and * return a pointer to the descriptor. * - * $MFT, $MFTMirr, $LogFile, $AttrDef, $Bitmap, $Boot, $BadClus, and $UpCase - * are the same. - * - * $Volume, $Quota, and system files 0xb-0xf are the same. They are almost the - * same as the above, the only difference being that the two SIDs present in - * the DACL grant GENERIC_WRITE and GENERIC_READ equivalent privileges while - * the above only grant GENERIC_READ equivalent privileges. - * - * Root directory system file (".") is different altogether. + * Note the root directory system file (".") is very different and handled by a + * different function. * * The sd is returned in *@sd_val and has length *@sd_val_len. * @@ -165,17 +158,14 @@ void init_system_file_sd(int sys_file_no, u8 **sd_val, int *sd_val_len) } /** - * init_root_sd_31 + * init_root_sd - * - * creates the security_descriptor for the root folder on ntfs 3.1. - * It is very long; lots of ACE's at first, then large pieces of zeroes; - * the owner user/group is near the end. On a partition created with - * w2k3 the owner user/group at the end is surrounded by 'garbage', which I - * yet do not understand. Here I have replaced the 'garbage' with - * zeros, which seems to work. Chkdsk does not add the 'garbage', nor alter - * this security descriptor in any way. + * Creates the security_descriptor for the root folder on ntfs 3.1 as created + * by Windows Vista (when the format is done from the disk management MMC + * snap-in, note this is different from the format done from the disk + * properties in Windows Explorer). */ -void init_root_sd_31(u8 **sd_val, int *sd_val_len) +void init_root_sd(u8 **sd_val, int *sd_val_len) { SECURITY_DESCRIPTOR_RELATIVE *sd; ACL *acl; @@ -188,34 +178,33 @@ void init_root_sd_31(u8 **sd_val, int *sd_val_len) //security descriptor relative sd = (SECURITY_DESCRIPTOR_RELATIVE*)sd_array; - sd->revision = 0x01; - sd->alignment = 0x00; + sd->revision = SECURITY_DESCRIPTOR_REVISION; + sd->alignment = 0; sd->control = SE_SELF_RELATIVE | SE_DACL_PRESENT; sd->owner = const_cpu_to_le32(0x1014); sd->group = const_cpu_to_le32(0x1020); - sd->sacl = const_cpu_to_le32(0x00); - sd->dacl = const_cpu_to_le32(0x14); + sd->sacl = 0; + sd->dacl = const_cpu_to_le32(sizeof(SECURITY_DESCRIPTOR_RELATIVE)); //acl acl = (ACL*)((u8*)sd + sizeof(SECURITY_DESCRIPTOR_RELATIVE)); - acl->revision = 0x02; - acl->alignment1 = 0x00; + acl->revision = ACL_REVISION; + acl->alignment1 = 0; acl->size = const_cpu_to_le16(0x1000); - acl->ace_count = const_cpu_to_le16(0x07); - acl->alignment2 = const_cpu_to_le16(0x00); + acl->ace_count = const_cpu_to_le16(0x08); + acl->alignment2 = 0; //ace1 ace = (ACCESS_ALLOWED_ACE*)((u8*)acl + sizeof(ACL)); - ace->type = 0x00; - ace->flags = OBJECT_INHERIT_ACE | CONTAINER_INHERIT_ACE; + ace->type = ACCESS_ALLOWED_ACE_TYPE; + ace->flags = 0; ace->size = const_cpu_to_le16(0x18); ace->mask = STANDARD_RIGHTS_ALL | FILE_WRITE_ATTRIBUTES | FILE_LIST_DIRECTORY | FILE_WRITE_DATA | FILE_ADD_SUBDIRECTORY | FILE_READ_EA | FILE_WRITE_EA | FILE_TRAVERSE | FILE_DELETE_CHILD | FILE_READ_ATTRIBUTES; - - ace->sid.revision = 0x01; + ace->sid.revision = SID_REVISION; ace->sid.sub_authority_count = 0x02; /* SECURITY_NT_SID_AUTHORITY (S-1-5) */ ace->sid.identifier_authority.value[0] = 0; @@ -230,15 +219,35 @@ void init_root_sd_31(u8 **sd_val, int *sd_val_len) //ace2 ace = (ACCESS_ALLOWED_ACE*)((u8*)ace + le16_to_cpu(ace->size)); - ace->type = 0x00; - ace->flags = OBJECT_INHERIT_ACE | CONTAINER_INHERIT_ACE; + ace->type = ACCESS_ALLOWED_ACE_TYPE; + ace->flags = OBJECT_INHERIT_ACE | CONTAINER_INHERIT_ACE | + INHERIT_ONLY_ACE; + ace->size = const_cpu_to_le16(0x18); + ace->mask = GENERIC_ALL; + ace->sid.revision = SID_REVISION; + ace->sid.sub_authority_count = 0x02; + /* SECURITY_NT_SID_AUTHORITY (S-1-5) */ + ace->sid.identifier_authority.value[0] = 0; + ace->sid.identifier_authority.value[1] = 0; + ace->sid.identifier_authority.value[2] = 0; + ace->sid.identifier_authority.value[3] = 0; + ace->sid.identifier_authority.value[4] = 0; + ace->sid.identifier_authority.value[5] = 5; + ace->sid.sub_authority[0] = + const_cpu_to_le32(SECURITY_BUILTIN_DOMAIN_RID); + ace->sid.sub_authority[1] = const_cpu_to_le32(DOMAIN_ALIAS_RID_ADMINS); + + //ace3 + ace = (ACCESS_ALLOWED_ACE*)((u8*)ace + le16_to_cpu(ace->size)); + ace->type = ACCESS_ALLOWED_ACE_TYPE; + ace->flags = 0; ace->size = const_cpu_to_le16(0x14); ace->mask = STANDARD_RIGHTS_ALL | FILE_WRITE_ATTRIBUTES | FILE_LIST_DIRECTORY | FILE_WRITE_DATA | FILE_ADD_SUBDIRECTORY | FILE_READ_EA | FILE_WRITE_EA | FILE_TRAVERSE | FILE_DELETE_CHILD | FILE_READ_ATTRIBUTES; - ace->sid.revision = 0x01; + ace->sid.revision = SID_REVISION; ace->sid.sub_authority_count = 0x01; /* SECURITY_NT_SID_AUTHORITY (S-1-5) */ ace->sid.identifier_authority.value[0] = 0; @@ -250,33 +259,15 @@ void init_root_sd_31(u8 **sd_val, int *sd_val_len) ace->sid.sub_authority[0] = const_cpu_to_le32(SECURITY_LOCAL_SYSTEM_RID); - //ace3 + //ace4 ace = (ACCESS_ALLOWED_ACE*)((u8*)ace + le16_to_cpu(ace->size)); - ace->type = 0x00; + ace->type = ACCESS_ALLOWED_ACE_TYPE; ace->flags = OBJECT_INHERIT_ACE | CONTAINER_INHERIT_ACE | INHERIT_ONLY_ACE; ace->size = const_cpu_to_le16(0x14); - ace->mask = const_cpu_to_le32(0x10000000); - ace->sid.revision = 0x01; + ace->mask = GENERIC_ALL; + ace->sid.revision = SID_REVISION; ace->sid.sub_authority_count = 0x01; - /* SECURITY_CREATOR_SID_AUTHORITY (S-1-3) */ - ace->sid.identifier_authority.value[0] = 0; - ace->sid.identifier_authority.value[1] = 0; - ace->sid.identifier_authority.value[2] = 0; - ace->sid.identifier_authority.value[3] = 0; - ace->sid.identifier_authority.value[4] = 0; - ace->sid.identifier_authority.value[5] = 3; - ace->sid.sub_authority[0] = - const_cpu_to_le32(SECURITY_CREATOR_OWNER_RID); - - //ace4 - ace = (ACCESS_ALLOWED_ACE*)((u8*)ace + le16_to_cpu(ace->size)); - ace->type = 0x00; - ace->flags = OBJECT_INHERIT_ACE | CONTAINER_INHERIT_ACE; - ace->size = const_cpu_to_le16(0x18); - ace->mask = const_cpu_to_le32(0x1200A9); - ace->sid.revision = 0x01; - ace->sid.sub_authority_count = 0x02; /* SECURITY_NT_SID_AUTHORITY (S-1-5) */ ace->sid.identifier_authority.value[0] = 0; ace->sid.identifier_authority.value[1] = 0; @@ -285,17 +276,20 @@ void init_root_sd_31(u8 **sd_val, int *sd_val_len) ace->sid.identifier_authority.value[4] = 0; ace->sid.identifier_authority.value[5] = 5; ace->sid.sub_authority[0] = - const_cpu_to_le32(SECURITY_BUILTIN_DOMAIN_RID); - ace->sid.sub_authority[1] = const_cpu_to_le32(DOMAIN_ALIAS_RID_USERS); + const_cpu_to_le32(SECURITY_LOCAL_SYSTEM_RID); //ace5 ace = (ACCESS_ALLOWED_ACE*)((char*)ace + le16_to_cpu(ace->size)); - ace->type = 0x00; - ace->flags = CONTAINER_INHERIT_ACE; - ace->size = const_cpu_to_le16(0x18); - ace->mask = const_cpu_to_le32(0x04); - ace->sid.revision = 0x01; - ace->sid.sub_authority_count = 0x02; + ace->type = ACCESS_ALLOWED_ACE_TYPE; + ace->flags = 0; + ace->size = const_cpu_to_le16(0x14); + ace->mask = SYNCHRONIZE | READ_CONTROL | DELETE | + FILE_WRITE_ATTRIBUTES | FILE_READ_ATTRIBUTES | + FILE_TRAVERSE | FILE_WRITE_EA | FILE_READ_EA | + FILE_ADD_SUBDIRECTORY | FILE_ADD_FILE | + FILE_LIST_DIRECTORY; + ace->sid.revision = SID_REVISION; + ace->sid.sub_authority_count = 0x01; /* SECURITY_NT_SID_AUTHORITY (S-1-5) */ ace->sid.identifier_authority.value[0] = 0; ace->sid.identifier_authority.value[1] = 0; @@ -304,16 +298,36 @@ void init_root_sd_31(u8 **sd_val, int *sd_val_len) ace->sid.identifier_authority.value[4] = 0; ace->sid.identifier_authority.value[5] = 5; ace->sid.sub_authority[0] = - const_cpu_to_le32(SECURITY_BUILTIN_DOMAIN_RID); - ace->sid.sub_authority[1] = const_cpu_to_le32(DOMAIN_ALIAS_RID_USERS); + const_cpu_to_le32(SECURITY_AUTHENTICATED_USER_RID); //ace6 ace = (ACCESS_ALLOWED_ACE*)((u8*)ace + le16_to_cpu(ace->size)); - ace->type = 0x00; - ace->flags = CONTAINER_INHERIT_ACE | INHERIT_ONLY_ACE; + ace->type = ACCESS_ALLOWED_ACE_TYPE; + ace->flags = OBJECT_INHERIT_ACE | CONTAINER_INHERIT_ACE | + INHERIT_ONLY_ACE; + ace->size = const_cpu_to_le16(0x14); + ace->mask = GENERIC_READ | GENERIC_WRITE | GENERIC_EXECUTE | DELETE; + ace->sid.revision = SID_REVISION; + ace->sid.sub_authority_count = 0x01; + /* SECURITY_NT_SID_AUTHORITY (S-1-5) */ + ace->sid.identifier_authority.value[0] = 0; + ace->sid.identifier_authority.value[1] = 0; + ace->sid.identifier_authority.value[2] = 0; + ace->sid.identifier_authority.value[3] = 0; + ace->sid.identifier_authority.value[4] = 0; + ace->sid.identifier_authority.value[5] = 5; + ace->sid.sub_authority[0] = + const_cpu_to_le32(SECURITY_AUTHENTICATED_USER_RID); + + //ace7 + ace = (ACCESS_ALLOWED_ACE*)((u8*)ace + le16_to_cpu(ace->size)); + ace->type = ACCESS_ALLOWED_ACE_TYPE; + ace->flags = 0; ace->size = const_cpu_to_le16(0x18); - ace->mask = const_cpu_to_le32(0x02); - ace->sid.revision = 0x01; + ace->mask = 9; + ace->mask = SYNCHRONIZE | READ_CONTROL | FILE_READ_ATTRIBUTES | + FILE_TRAVERSE | FILE_READ_EA | FILE_LIST_DIRECTORY; + ace->sid.revision = SID_REVISION; ace->sid.sub_authority_count = 0x02; /* SECURITY_NT_SID_AUTHORITY (S-1-5) */ ace->sid.identifier_authority.value[0] = 0; @@ -326,22 +340,25 @@ void init_root_sd_31(u8 **sd_val, int *sd_val_len) const_cpu_to_le32(SECURITY_BUILTIN_DOMAIN_RID); ace->sid.sub_authority[1] = const_cpu_to_le32(DOMAIN_ALIAS_RID_USERS); - //ace7 + //ace8 ace = (ACCESS_ALLOWED_ACE*)((u8*)ace + le16_to_cpu(ace->size)); - ace->type = 0x00; - ace->flags = 0x00; - ace->size = const_cpu_to_le16(0x14); - ace->mask = const_cpu_to_le32(0x1200A9); - ace->sid.revision = 0x01; - ace->sid.sub_authority_count = 0x01; - /* SECURITY_WORLD_SID_AUTHORITY (S-1-1) */ + ace->type = ACCESS_ALLOWED_ACE_TYPE; + ace->flags = OBJECT_INHERIT_ACE | CONTAINER_INHERIT_ACE | + INHERIT_ONLY_ACE; + ace->size = const_cpu_to_le16(0x18); + ace->mask = GENERIC_READ | GENERIC_EXECUTE; + ace->sid.revision = SID_REVISION; + ace->sid.sub_authority_count = 0x02; + /* SECURITY_NT_SID_AUTHORITY (S-1-5) */ ace->sid.identifier_authority.value[0] = 0; ace->sid.identifier_authority.value[1] = 0; ace->sid.identifier_authority.value[2] = 0; ace->sid.identifier_authority.value[3] = 0; ace->sid.identifier_authority.value[4] = 0; - ace->sid.identifier_authority.value[5] = 1; - ace->sid.sub_authority[0] = const_cpu_to_le32(SECURITY_WORLD_RID); + ace->sid.identifier_authority.value[5] = 5; + ace->sid.sub_authority[0] = + const_cpu_to_le32(SECURITY_BUILTIN_DOMAIN_RID); + ace->sid.sub_authority[1] = const_cpu_to_le32(DOMAIN_ALIAS_RID_USERS); //owner sid sid = (SID*)((char*)sd + le32_to_cpu(sd->owner)); @@ -371,14 +388,14 @@ void init_root_sd_31(u8 **sd_val, int *sd_val_len) } /** - * init_secure_31(char **r, int size); + * init_secure_sds - * * NTFS 3.1 - System files security decriptors * =========================================== * Create the security descriptor entries in $SDS data stream like they * are in a partition, newly formatted with windows 2003 */ -void init_secure_31(char *sd_val) +void init_secure_sds(char *sd_val) { SECURITY_DESCRIPTOR_HEADER *sds; SECURITY_DESCRIPTOR_RELATIVE *sd; diff --git a/ntfsprogs/sd.h b/ntfsprogs/sd.h index 0dc5f977..7ad3e6a7 100644 --- a/ntfsprogs/sd.h +++ b/ntfsprogs/sd.h @@ -4,8 +4,8 @@ #include "types.h" void init_system_file_sd(int sys_file_no, u8 **sd_val, int *sd_val_len); -void init_root_sd_31(u8 **sd_val, int *sd_val_len); -void init_secure_31(char *sd_val); +void init_root_sd(u8 **sd_val, int *sd_val_len); +void init_secure_sds(char *sd_val); #endif /* _NTFS_SD_H_ */ diff --git a/ntfsprogs/upcase.c b/ntfsprogs/upcase.c deleted file mode 100644 index 113686cd..00000000 --- a/ntfsprogs/upcase.c +++ /dev/null @@ -1,90 +0,0 @@ -/** - * upcase - Part of the Linux-NTFS project. - * - * Copyright (c) 2001 Richard Russon - * Copyright (c) 2001-2006 Anton Altaparmakov - * - * This program is free software; you can redistribute it and/or modify it - * under the terms of the GNU General Public License as published by the Free - * Software Foundation; either version 2 of the License, or (at your option) - * any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program (in the main directory of the Linux-NTFS source - * in the file COPYING); if not, write to the Free Software Foundation, - * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA - */ - -#include "config.h" - -#ifdef HAVE_STRING_H -#include -#endif - -#include "endians.h" -#include "types.h" -#include "upcase.h" - -/** - * init_upcase_table - */ -void init_upcase_table(ntfschar *uc, u32 uc_len) -{ - static int uc_run_table[][3] = { /* Start, End, Add */ - {0x0061, 0x007B, -32}, {0x0451, 0x045D, -80}, {0x1F70, 0x1F72, 74}, - {0x00E0, 0x00F7, -32}, {0x045E, 0x0460, -80}, {0x1F72, 0x1F76, 86}, - {0x00F8, 0x00FF, -32}, {0x0561, 0x0587, -48}, {0x1F76, 0x1F78, 100}, - {0x0256, 0x0258, -205}, {0x1F00, 0x1F08, 8}, {0x1F78, 0x1F7A, 128}, - {0x028A, 0x028C, -217}, {0x1F10, 0x1F16, 8}, {0x1F7A, 0x1F7C, 112}, - {0x03AC, 0x03AD, -38}, {0x1F20, 0x1F28, 8}, {0x1F7C, 0x1F7E, 126}, - {0x03AD, 0x03B0, -37}, {0x1F30, 0x1F38, 8}, {0x1FB0, 0x1FB2, 8}, - {0x03B1, 0x03C2, -32}, {0x1F40, 0x1F46, 8}, {0x1FD0, 0x1FD2, 8}, - {0x03C2, 0x03C3, -31}, {0x1F51, 0x1F52, 8}, {0x1FE0, 0x1FE2, 8}, - {0x03C3, 0x03CC, -32}, {0x1F53, 0x1F54, 8}, {0x1FE5, 0x1FE6, 7}, - {0x03CC, 0x03CD, -64}, {0x1F55, 0x1F56, 8}, {0x2170, 0x2180, -16}, - {0x03CD, 0x03CF, -63}, {0x1F57, 0x1F58, 8}, {0x24D0, 0x24EA, -26}, - {0x0430, 0x0450, -32}, {0x1F60, 0x1F68, 8}, {0xFF41, 0xFF5B, -32}, - {0} - }; - static int uc_dup_table[][2] = { /* Start, End */ - {0x0100, 0x012F}, {0x01A0, 0x01A6}, {0x03E2, 0x03EF}, {0x04CB, 0x04CC}, - {0x0132, 0x0137}, {0x01B3, 0x01B7}, {0x0460, 0x0481}, {0x04D0, 0x04EB}, - {0x0139, 0x0149}, {0x01CD, 0x01DD}, {0x0490, 0x04BF}, {0x04EE, 0x04F5}, - {0x014A, 0x0178}, {0x01DE, 0x01EF}, {0x04BF, 0x04BF}, {0x04F8, 0x04F9}, - {0x0179, 0x017E}, {0x01F4, 0x01F5}, {0x04C1, 0x04C4}, {0x1E00, 0x1E95}, - {0x018B, 0x018B}, {0x01FA, 0x0218}, {0x04C7, 0x04C8}, {0x1EA0, 0x1EF9}, - {0} - }; - static int uc_byte_table[][2] = { /* Offset, Value */ - {0x00FF, 0x0178}, {0x01AD, 0x01AC}, {0x01F3, 0x01F1}, {0x0269, 0x0196}, - {0x0183, 0x0182}, {0x01B0, 0x01AF}, {0x0253, 0x0181}, {0x026F, 0x019C}, - {0x0185, 0x0184}, {0x01B9, 0x01B8}, {0x0254, 0x0186}, {0x0272, 0x019D}, - {0x0188, 0x0187}, {0x01BD, 0x01BC}, {0x0259, 0x018F}, {0x0275, 0x019F}, - {0x018C, 0x018B}, {0x01C6, 0x01C4}, {0x025B, 0x0190}, {0x0283, 0x01A9}, - {0x0192, 0x0191}, {0x01C9, 0x01C7}, {0x0260, 0x0193}, {0x0288, 0x01AE}, - {0x0199, 0x0198}, {0x01CC, 0x01CA}, {0x0263, 0x0194}, {0x0292, 0x01B7}, - {0x01A8, 0x01A7}, {0x01DD, 0x018E}, {0x0268, 0x0197}, - {0} - }; - int i, r; - - memset(uc, 0, uc_len); - uc_len >>= 1; - /* Generate the little endian Unicode upcase table used by ntfs. */ - for (i = 0; (u32)i < uc_len; i++) - uc[i] = cpu_to_le16(i); - for (r = 0; uc_run_table[r][0]; r++) - for (i = uc_run_table[r][0]; i < uc_run_table[r][1]; i++) - uc[i] = cpu_to_le16(le16_to_cpu(uc[i]) + - uc_run_table[r][2]); - for (r = 0; uc_dup_table[r][0]; r++) - for (i = uc_dup_table[r][0]; i < uc_dup_table[r][1]; i += 2) - uc[i + 1] = cpu_to_le16(le16_to_cpu(uc[i + 1]) - 1); - for (r = 0; uc_byte_table[r][0]; r++) - uc[uc_byte_table[r][0]] = cpu_to_le16(uc_byte_table[r][1]); -} diff --git a/ntfsprogs/upcase.h b/ntfsprogs/upcase.h deleted file mode 100644 index 9ec567dc..00000000 --- a/ntfsprogs/upcase.h +++ /dev/null @@ -1,7 +0,0 @@ -#ifndef _NTFS_UPCASE_H_ -#define _NTFS_UPCASE_H_ - -void init_upcase_table(ntfschar *uc, u32 uc_len); - -#endif /* _NTFS_UPCASE_H_ */ -