linux-ntfs-cvs

[Anton A. <an...@us...>]

Changes by: antona

Update of /cvsroot/linux-ntfs/linux-ntfs/include
In directory usw-pr-cvs1:/tmp/cvs-serv10765

Modified Files:
	attrib.h 
Log Message:
Mostly finished adding the $Secure information.


Index: attrib.h
===================================================================
RCS file: /cvsroot/linux-ntfs/linux-ntfs/include/attrib.h,v
retrieving revision 1.9
retrieving revision 1.10
diff -C2 -r1.9 -r1.10
*** attrib.h	2001/03/02 15:03:56	1.9
--- attrib.h	2001/03/03 00:11:17	1.10
***************
*** 406,411 ****
  				   disabled. */
  /* 50*/	__u32 security_id;	/* Security id for the file. Translate via
! 				   bidir index to granted access Acl. Is an
! 				   index into FILE_$Secure. */
  /* 54*/	__u64 quota_charged;	/* Byte size of the charge to the quota for
  				   all streams of the file. Is zero if quotas
--- 406,411 ----
  				   disabled. */
  /* 50*/	__u32 security_id;	/* Security id for the file. Translate via
! 				   $SII index and $SDS data stream in
! 				   FILE_$Secure to the security descriptor. */
  /* 54*/	__u64 quota_charged;	/* Byte size of the charge to the quota for
  				   all streams of the file. Is zero if quotas
***************
*** 1112,1115 ****
--- 1112,1195 ----
  
  /*
+  * On NTFS 3.0+, all security descriptors are stored in FILE_$Secure. Only one
+  * referenced instance of each unique security descriptor is stored.
+  * 
+  * FILE_$Secure contains no unnamed data attribute, i.e. it has zero length. It
+  * does, however, contain two indexes ($SDH and $SII) as well as a named data
+  * stream ($SDS).
+  * 
+  * Every unique security descriptor is assigned a unique security identifier
+  * (security_id, not to be confused with a SID). The security_id is unique for
+  * the NTFS volume and is used as an index into the $SII index, which maps
+  * security_ids to the security descriptor's storage location within the $SDS
+  * data attribute. The $SII index is sorted by ascending security_id.
+  *
+  * A simple hash is computed from each security descriptor. This hash is used
+  * as an index into the $SDH index, which maps security descriptor hashes to
+  * the security descriptor's storage location within the $SDS data attribute.
+  * The $SDH index is sorted by security descriptor hash and is stored in a B+
+  * tree. When searching $SDH (with the intent of determining whether or not a
+  * new security descriptor is already present in the $SDS data stream), if a
+  * matching hash is found, but the security descriptors do not match, the
+  * search in the $SDH index is continued, searching for a next matching hash.
+  * 
+  * When a precise match is found, the security_id coresponding to the security
+  * descriptor in the $SDS attribute is read from the found $SDH index entry and
+  * is stored in the $STANDARD_INFORMATION attribute of the file/directory to
+  * which the security descriptor is being applied. The $STANDARD_INFORMATION
+  * attribute is present in all base mft records (i.e. in all files and 
+  * directories).
+  *
+  * If a match is not found, the security descriptor is assigned a new unique
+  * security_id and is added to the $SDS data attribute. Then, entries
+  * referencing the this security descriptor in the $SDS data attribute are
+  * added to the $SDH and $SII indexes.
+  *
+  * Note: Entries are never deleted from FILE_$Secure, even if nothing
+  * references an entry any more.
+  */
+  
+ /*
+  * This header precedes each security descriptor in the $SDS data stream.
+  * This is also the index entry data part of both the $SII and $SDH indexes.
+  */
+ typedef struct {
+ 	__u32 hash;	   /* Hash of the security descriptor. */
+ 	__u32 security_id; /* The security_id assigned to the descriptor. */
+ 	__u64 offset;	   /* Byte offset of this entry in the $SDS stream. */
+ 	__u32 length;	   /* Size in bytes of this entry. */
+ } __attribute__ ((__packed__)) SECURITY_DESCRIPTOR_HEADER;
+ 
+ /*
+  * The $SDS data stream contains the security descriptors, aligned on 32-bit
+  * boundaries, sorted by security_id in a B+ tree. Security descriptors cannot
+  * cross 256kib boundaries (this restriction is imposed by the Windows cache
+  * manager). Each security descriptor is contained in a SDS_ENTRY structure.
+  * Also, each security descriptor is stored twice in the $SDS stream with a
+  * fixed offset of XYZ bytes between them.
+  */
+ typedef struct {
+ 	SECURITY_DESCRIPTOR_HEADER;	/* The security descriptor header. */
+ 	SECURITY_DESCRIPTOR_RELATIVE;	/* The self-relative security
+ 					   descriptor. */
+ } __attribute__ ((__packed__)) SDS_ENTRY;
+ 
+ /*
+  * The index entry key used in the $SII index.
+  */
+ typedef struct {
+ 	__u32 security_id; /* The security_id assigned to the descriptor. */
+ } __attribute__ ((__packed__)) SII_INDEX_KEY;
+ 
+ /*
+  * The index entry key used in the $SDH index. The keys are sorted by first by
+  * hash and then by security_id.
+  */
+ typedef struct {
+ 	__u32 hash;	   /* Hash of the security descriptor. */
+ 	__u32 security_id; /* The security_id assigned to the descriptor. */
+ } __attribute__ ((__packed__)) SDH_INDEX_KEY;
+ 
+ /*
   * Attribute: Volume name (0x60).
   * 
***************
*** 1279,1282 ****
--- 1359,1373 ----
  
  /*
+  * The system file FILE_$Extend/$Reparse contains an index listing all reparse
+  * points on the volume. The index entry keys are as defined below.
+  * Note: There is no data associated with the index entries.
+  */
+ typedef struct {
+ 	__u32 reparse_tag;	/* Reparse point type (inc. flags). */
+ 	MFT_REFERENCE file_id;	/* Mft record of the file containing the
+ 				   reparse point attribute. */
+ } __attribute__ ((__packed__)) REPARSE_INDEX_KEY;
+ 
+ /*
   * This is an index entry. A sequence of such entries follows each INDEX_HEADER
   * structure. Together they make up a complete index. The index follows either
***************
*** 1291,1298 ****
  						   entry. Used for directory
  						   indexes. */
! 		struct {	/* Used for view indexes. */
! 			__u16 data_offset;	/* View data byte offset. */
! 			__u16 data_length;	/* View data length in bytes. */
! 			__u32 reserved;		/* Reserved. Set to zero. */
  		} __attribute__ ((__packed__));
  	} __attribute__ ((__packed__));
--- 1382,1389 ----
  						   entry. Used for directory
  						   indexes. */
! 		struct { /* Used for views/indexes to find the entry's data. */
! 			__u16 data_offset;	/* Data byte offset. */
! 			__u16 data_length;	/* Data length in bytes. */
! 			__u32 reserved;		/* Reserved (zero). */
  		} __attribute__ ((__packed__));
  	} __attribute__ ((__packed__));
***************
*** 1303,1321 ****
  	INDEX_ENTRY_FLAGS flags;	/* Bit field of INDEX_ENTRY_* flags. */
  	__u16 reserved;			/* Reserved/align to 8-byte boundary. */
! 	// FILENAME_ATTRIBUTE filename;	/* The value of the indexed attribute.
! 	// 				   On NTFS versions before 3.0 this is
! 	// 				   always a FILENAME_ATTRIBUTE.
! 	// 				   NOTE: Only present if bit in flags
! 	// 				   INDEX_ENTRY_END is not set. */
! 	// __s64 vcn;			/* If INDEX_ENTRY_NODE bit in flags is
! 	//				   set, the last eight bytes of this
! 	//				   index entry contain the virtual
! 	//				   cluster number of the index block
! 	//				   that holds the entries immediately
! 	//				   preceding the current entry (the
! 	//				   vcn references the corresponding
! 	//				   cluster in the data of the
! 	//				   non-resident index allocation
! 	//				   attribute). */
  } __attribute__ ((__packed__)) INDEX_ENTRY;
  
--- 1394,1412 ----
  	INDEX_ENTRY_FLAGS flags;	/* Bit field of INDEX_ENTRY_* flags. */
  	__u16 reserved;			/* Reserved/align to 8-byte boundary. */
! 	union {		/* The key of the indexed attribute. NOTE: Only present
! 			   if INDEX_ENTRY_END bit in flags is not set. NOTE: On
! 			   NTFS versions before 3.0 the only valid key is the
! 			   FILENAME_ATTRIBUTE. */
! 		FILENAME_ATTRIBUTE filename;	/* Used in directory indexes. */
! 		SII_INDEX_KEY sii;		/* Used in $SII index. */
! 		SDH_INDEX_KEY sdh;		/* Used in $SDH index. */
! 		REPARSE_INDEX_KEY reparse;	/* Used in $Reparse index. */
! 	} __attribute__ ((__packed__));
! 	// __s64 vcn;	/* If INDEX_ENTRY_NODE bit in flags is set, the last
! 	//		   eight bytes of this index entry contain the virtual
! 	//		   cluster number of the index block that holds the
! 	//		   entries immediately preceding the current entry (the
! 	//		   vcn references the corresponding cluster in the data
! 	//		   of the non-resident index allocation attribute). */
  } __attribute__ ((__packed__)) INDEX_ENTRY;
  
***************
*** 1352,1366 ****
  
  /*
-  * The system file FILE_$Extend/$Reparse contains an index listing all reparse
-  * points on the volume. The index entries have keys as defined below and there
-  * is no data associated with them.
-  */
- typedef struct {
- 	__u32 reparse_tag;	/* Reparse point type (inc. flags). */
- 	MFT_REFERENCE file_id;	/* Mft record of the file containing the
- 				   reparse point attribute. */
- } __attribute__ ((__packed__)) REPARSE_INDEX_KEY;
- 
- /*
   * Attribute: Extended attribute (EA) information (0xd0).
   */
--- 1443,1446 ----
***************
*** 1460,1464 ****
   */
  typedef struct {
! 	__u32 version;		/* Equals 2. */
  	QUOTA_FLAGS flags;	/* Flags describing this quota entry. */
  	__u64 bytes_used;	/* How many bytes of the quota are in use. */
--- 1540,1544 ----
   */
  typedef struct {
! 	__u32 version;		/* Currently equals 2. */
  	QUOTA_FLAGS flags;	/* Flags describing this quota entry. */
  	__u64 bytes_used;	/* How many bytes of the quota are in use. */