archive
/
windows-xp
mirror of https://github.com/tongzx/nt5src
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Source code of Windows XP (NT5)
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
8 Commits
1 Branch
0 Tags
2.0 GiB
Tree: 744f0b4006
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '744f0b4006'
${ noResults }
windows-xp/Source/XPSP1/NT/base/fs/ntfs/fu/usn.c

750 lines
18 KiB
Raw Normal View History

Add source files
4 years ago
  1. /*++
  3. Copyright (c) 2000 Microsoft Corporation
  5. Module Name:
  7. usn.c
  9. Abstract:
  11. This file contains code for commands that affect
  12. the usn journal.
  14. Author:
  16. Wesley Witt [wesw] 1-March-2000
  18. Revision History:
  20. --*/
  22. #include <precomp.h>
  25. #define MAX_USN_DATA 4096
  27. INT
  28. UsnHelp(
  29. IN INT argc,
  30. IN PWSTR argv[]
  31. )
  32. {
  33. DisplayMsg( MSG_USAGE_USN );
  34. return EXIT_CODE_SUCCESS;
  35. }
  37. __inline PUSN_RECORD
  38. NextUsnRecord(
  39. const PUSN_RECORD input
  40. )
  41. {
  42. ULONGLONG output;
  44. // Get the base address of the current record.
  45. (PUSN_RECORD) output = input;
  47. // Add the size of the record (structure + file name after the end
  48. // of the structure).
  49. output += input->RecordLength;
  51. // Round up the record size to match the 64-bit alignment, if the
  52. // size is not already a multiple of 8. Perform a bitwise AND
  53. // operation here instead of division because it is much faster than
  54. // division. However, the bitwise AND operation only works because
  55. // the divisor 8 is a power of 2.
  57. if (output & 8-1) {
  58. // Round down to nearest multiple of 8.
  59. output &= -8;
  60. // Then add 8.
  61. output += 8;
  62. }
  64. return((PUSN_RECORD) output);
  65. }
  67. VOID
  68. DisplayUsnRecord(
  69. const PUSN_RECORD UsnRecord
  70. )
  71. {
  73. WCHAR DateString[128];
  74. WCHAR TimeString[128];
  75. TIME_FIELDS TimeFields;
  76. SYSTEMTIME SystemTime;
  78. RtlTimeToTimeFields(&UsnRecord->TimeStamp, &TimeFields);
  80. SystemTime.wYear = TimeFields.Year ;
  81. SystemTime.wMonth = TimeFields.Month ;
  82. SystemTime.wDayOfWeek = TimeFields.Weekday ;
  83. SystemTime.wDay = TimeFields.Day ;
  84. SystemTime.wHour = TimeFields.Hour ;
  85. SystemTime.wMinute = TimeFields.Minute ;
  86. SystemTime.wSecond = TimeFields.Second ;
  87. SystemTime.wMilliseconds = TimeFields.Milliseconds;
  90. GetDateFormat( LOCALE_USER_DEFAULT,
  91. DATE_SHORTDATE,
  92. &SystemTime,
  93. NULL,
  94. DateString,
  95. sizeof( DateString ) / sizeof( DateString[0] ));
  97. GetTimeFormat( LOCALE_USER_DEFAULT,
  98. FALSE,
  99. &SystemTime,
  100. NULL,
  101. TimeString,
  102. sizeof( TimeString ) / sizeof( TimeString[0] ));
  104. DisplayMsg(
  105. MSG_USNRECORD,
  106. UsnRecord->MajorVersion,
  107. UsnRecord->MinorVersion,
  108. QuadToPaddedHexText( UsnRecord->FileReferenceNumber ),
  109. QuadToPaddedHexText( UsnRecord->ParentFileReferenceNumber ),
  110. QuadToPaddedHexText( UsnRecord->Usn ),
  111. QuadToPaddedHexText( UsnRecord->TimeStamp.QuadPart ),
  112. TimeString, DateString,
  113. UsnRecord->Reason,
  114. UsnRecord->SourceInfo,
  115. UsnRecord->SecurityId,
  116. UsnRecord->FileAttributes,
  117. UsnRecord->FileNameLength,
  118. UsnRecord->FileNameOffset,
  119. UsnRecord->FileNameLength/sizeof(WCHAR),
  120. UsnRecord->FileName
  121. );
  122. }
  125. INT
  126. CreateUsnJournal(
  127. IN INT argc,
  128. IN PWSTR argv[]
  129. )
  130. /*++
  132. Routine Description:
  134. This routine create the USN journal for the volume specified.
  136. Arguments:
  138. argc - The argument count.
  139. argv - Array of Strings of the form :
  140. ' fscutl crusnj m=<max-value> a=<alloc-delta> <volume pathname>'.
  142. Return Value:
  144. None
  146. --*/
  147. {
  148. HANDLE FileHandle = INVALID_HANDLE_VALUE;
  149. WCHAR FileName[MAX_PATH];
  150. BOOL Status;
  151. DWORD BytesReturned;
  152. CREATE_USN_JOURNAL_DATA InBuffer;
  153. ULONGLONG MaxSize;
  154. ULONGLONG AllocDelta;
  155. PWSTR EndPtr;
  156. INT ExitCode = EXIT_CODE_SUCCESS;
  158. try {
  160. if (argc != 3) {
  161. DisplayMsg( MSG_USAGE_CREATEUSN );
  162. if (argc != 0) {
  163. ExitCode = EXIT_CODE_FAILURE;
  164. }
  165. leave;
  166. }
  168. if (!IsVolumeLocalNTFS( argv[2][0] )) {
  169. DisplayMsg( MSG_NTFS_REQUIRED );
  170. ExitCode = EXIT_CODE_FAILURE;
  171. leave;
  172. }
  174. wcscpy( FileName, L"\\\\.\\" );
  175. wcscat( FileName, argv[2] );
  177. FileHandle = CreateFile(
  178. FileName,
  179. GENERIC_WRITE,
  180. FILE_SHARE_READ | FILE_SHARE_WRITE,
  181. NULL,
  182. OPEN_EXISTING,
  183. FILE_ATTRIBUTE_NORMAL,
  184. NULL
  185. );
  186. if (FileHandle == INVALID_HANDLE_VALUE) {
  187. DisplayError();
  188. ExitCode = EXIT_CODE_FAILURE;
  189. leave;
  190. }
  192. if (_wcsnicmp( argv[0], L"m=", 2)
  193. || wcslen( argv[0] ) == 2) {
  194. DisplayMsg( MSG_INVALID_PARAMETER, argv[0] );
  195. DisplayMsg( MSG_USAGE_CREATEUSN );
  196. ExitCode = EXIT_CODE_FAILURE;
  197. leave;
  198. }
  199. if (_wcsnicmp( argv[1], L"a=", 2)
  200. || wcslen( argv[1] ) == 2) {
  201. DisplayMsg( MSG_INVALID_PARAMETER, argv[1] );
  202. DisplayMsg( MSG_USAGE_CREATEUSN );
  203. ExitCode = EXIT_CODE_FAILURE;
  204. leave;
  205. }
  207. MaxSize = My_wcstoui64( argv[0] + 2, &EndPtr, 0 );
  208. if (UnsignedI64NumberCheck( MaxSize, EndPtr )) {
  209. DisplayMsg( MSG_INVALID_PARAMETER, argv[0] );
  210. DisplayMsg( MSG_USAGE_CREATEUSN );
  211. ExitCode = EXIT_CODE_FAILURE;
  212. leave;
  213. }
  215. AllocDelta = My_wcstoui64( argv[1] + 2, &EndPtr, 0 );
  216. if (UnsignedI64NumberCheck( AllocDelta, EndPtr )) {
  217. DisplayMsg( MSG_INVALID_PARAMETER, argv[1] );
  218. DisplayMsg( MSG_USAGE_CREATEUSN );
  219. ExitCode = EXIT_CODE_FAILURE;
  220. leave;
  221. }
  223. InBuffer.MaximumSize = MaxSize;
  224. InBuffer.AllocationDelta = AllocDelta;
  226. Status = DeviceIoControl(
  227. FileHandle,
  228. FSCTL_CREATE_USN_JOURNAL,
  229. &InBuffer,
  230. sizeof(InBuffer),
  231. NULL,
  232. 0,
  233. &BytesReturned,
  234. (LPOVERLAPPED)NULL
  235. );
  236. if (!Status) {
  237. DisplayError();
  238. ExitCode = EXIT_CODE_FAILURE;
  239. leave;
  240. }
  242. } finally {
  244. if (FileHandle != INVALID_HANDLE_VALUE) {
  245. CloseHandle( FileHandle );
  246. }
  248. }
  250. return ExitCode;
  251. }
  254. INT
  255. QueryUsnJournal(
  256. IN INT argc,
  257. IN PWSTR argv[]
  258. )
  259. /*++
  261. Routine Description:
  263. This routine queries the USN journal for the volume specified.
  265. Arguments:
  267. argc - The argument count.
  268. argv - Array of Strings of the form :
  269. ' fscutl queryusnj <volume pathname>'.
  271. Return Value:
  273. None
  275. --*/
  276. {
  277. HANDLE FileHandle = INVALID_HANDLE_VALUE;
  278. WCHAR FileName[MAX_PATH];
  279. BOOL Status;
  280. DWORD BytesReturned;
  281. USN_JOURNAL_DATA UsnJournalData;
  282. INT ExitCode = EXIT_CODE_SUCCESS;
  284. try {
  286. if (argc != 1) {
  287. DisplayMsg( MSG_USAGE_QUERYUSN );
  288. if (argc != 0) {
  289. ExitCode = EXIT_CODE_FAILURE;
  290. }
  291. leave;
  292. }
  294. if (!IsVolumeLocalNTFS( argv[0][0] )) {
  295. DisplayMsg( MSG_NTFS_REQUIRED );
  296. ExitCode = EXIT_CODE_FAILURE;
  297. leave;
  298. }
  300. wcscpy( FileName, L"\\\\.\\" );
  301. wcscat( FileName, argv[0] );
  303. FileHandle = CreateFile(
  304. FileName,
  305. GENERIC_READ,
  306. FILE_SHARE_READ | FILE_SHARE_WRITE,
  307. NULL,
  308. OPEN_EXISTING,
  309. FILE_ATTRIBUTE_NORMAL,
  310. NULL
  311. );
  312. if (FileHandle == INVALID_HANDLE_VALUE) {
  313. DisplayError();
  314. ExitCode = EXIT_CODE_FAILURE;
  315. leave;
  316. }
  318. Status = DeviceIoControl(
  319. FileHandle,
  320. FSCTL_QUERY_USN_JOURNAL,
  321. NULL,
  322. 0,
  323. &UsnJournalData,
  324. sizeof(USN_JOURNAL_DATA),
  325. &BytesReturned,
  326. (LPOVERLAPPED)NULL
  327. );
  328. if (!Status) {
  329. DisplayError();
  330. ExitCode = EXIT_CODE_FAILURE;
  331. leave;
  332. }
  334. DisplayMsg(
  335. MSG_QUERYUSN,
  336. QuadToPaddedHexText( UsnJournalData.UsnJournalID ),
  337. QuadToPaddedHexText( UsnJournalData.FirstUsn ),
  338. QuadToPaddedHexText( UsnJournalData.NextUsn ),
  339. QuadToPaddedHexText( UsnJournalData.LowestValidUsn ),
  340. QuadToPaddedHexText( UsnJournalData.MaxUsn ),
  341. QuadToPaddedHexText( UsnJournalData.MaximumSize ),
  342. QuadToPaddedHexText( UsnJournalData.AllocationDelta )
  343. );
  345. } finally {
  347. if (FileHandle != INVALID_HANDLE_VALUE) {
  348. CloseHandle( FileHandle );
  349. }
  351. }
  353. return ExitCode;
  354. }
  357. INT
  358. DeleteUsnJournal(
  359. IN INT argc,
  360. IN PWSTR argv[]
  361. )
  362. /*++
  364. Routine Description:
  366. This routine deletes the USN journal for the volume specified.
  368. Arguments:
  370. argc - The argument count.
  371. argv - Array of Strings of the form :
  372. ' fscutl delusnj <flags> <volume pathname>'.
  374. Return Value:
  376. None
  378. --*/
  379. {
  380. HANDLE FileHandle = INVALID_HANDLE_VALUE;
  381. WCHAR FileName[MAX_PATH];
  382. BOOL Status;
  383. DWORD BytesReturned;
  384. DELETE_USN_JOURNAL_DATA DeleteUsnJournalData;
  385. USN_JOURNAL_DATA UsnJournalData;
  386. INT i;
  387. INT ExitCode = EXIT_CODE_SUCCESS;
  389. try {
  391. if (argc < 2) {
  392. DisplayMsg( MSG_USAGE_DELETEUSN );
  393. if (argc != 0) {
  394. ExitCode = EXIT_CODE_FAILURE;
  395. }
  396. leave;
  397. }
  399. if (!IsVolumeLocalNTFS( argv[argc-1][0] )) {
  400. DisplayMsg( MSG_NTFS_REQUIRED );
  401. ExitCode = EXIT_CODE_FAILURE;
  402. leave;
  403. }
  405. wcscpy( FileName, L"\\\\.\\" );
  406. wcscat( FileName, argv[argc-1] );
  408. FileHandle = CreateFile(
  409. FileName,
  410. GENERIC_WRITE,
  411. FILE_SHARE_READ | FILE_SHARE_WRITE,
  412. NULL,
  413. OPEN_EXISTING,
  414. FILE_ATTRIBUTE_NORMAL,
  415. NULL
  416. );
  417. if (FileHandle == INVALID_HANDLE_VALUE) {
  418. DisplayError();
  419. ExitCode = EXIT_CODE_FAILURE;
  420. leave;
  421. }
  423. Status = DeviceIoControl(
  424. FileHandle,
  425. FSCTL_QUERY_USN_JOURNAL,
  426. NULL,
  427. 0,
  428. &UsnJournalData,
  429. sizeof(USN_JOURNAL_DATA),
  430. &BytesReturned,
  431. (LPOVERLAPPED)NULL
  432. );
  433. if (!Status) {
  434. DisplayError();
  435. ExitCode = EXIT_CODE_FAILURE;
  436. leave;
  437. }
  439. DeleteUsnJournalData.DeleteFlags = USN_DELETE_FLAG_DELETE ;
  441. for (i = 0; i < argc - 1; i++) {
  442. if (argv[i][0] == L'/' && wcslen( argv[i] ) == 2) {
  443. switch (towupper( argv[i][1] ) ) {
  444. case L'D':
  445. DeleteUsnJournalData.DeleteFlags |= USN_DELETE_FLAG_DELETE ;
  446. continue;
  448. case L'N':
  449. DeleteUsnJournalData.DeleteFlags |= USN_DELETE_FLAG_NOTIFY ;
  450. continue;
  451. }
  453. }
  454. DisplayMsg( MSG_INVALID_PARAMETER, argv[i] );
  455. DisplayMsg( MSG_USAGE_DELETEUSN );
  456. ExitCode = EXIT_CODE_FAILURE;
  457. leave;
  459. }
  461. DeleteUsnJournalData.UsnJournalID = UsnJournalData.UsnJournalID;
  463. Status = DeviceIoControl(
  464. FileHandle,
  465. FSCTL_DELETE_USN_JOURNAL,
  466. &DeleteUsnJournalData,
  467. sizeof(DELETE_USN_JOURNAL_DATA),
  468. NULL,
  469. 0,
  470. &BytesReturned,
  471. (LPOVERLAPPED)NULL
  472. );
  473. if (!Status) {
  474. DisplayError();
  475. ExitCode = EXIT_CODE_FAILURE;
  476. leave;
  477. }
  479. } finally {
  481. if (FileHandle != INVALID_HANDLE_VALUE) {
  482. CloseHandle( FileHandle );
  483. }
  485. }
  487. return ExitCode;
  488. }
  490. INT
  491. EnumUsnData(
  492. IN INT argc,
  493. IN PWSTR argv[]
  494. )
  495. /*++
  497. Routine Description:
  499. This routine enumerated the USN data associated with the volume
  500. specified.
  502. Arguments:
  504. argc - The argument count.
  505. argv - Array of Strings of the form :
  506. ' fscutl enusndata <file ref#> <lowUsn> <highUsn> <pathname>'.
  508. Return Value:
  510. None
  512. --*/
  513. {
  514. HANDLE FileHandle = INVALID_HANDLE_VALUE;
  515. WCHAR FileName[MAX_PATH];
  516. BOOL Status;
  517. DWORD BytesReturned;
  518. MFT_ENUM_DATA MftEnumData;
  519. PVOID lpOutBuffer;
  520. DWORD nOutBufferSize;
  521. PUSN_RECORD UsnRecord;
  522. WORD Index;
  523. LONG Length;
  524. PWSTR EndStr;
  525. INT ExitCode = EXIT_CODE_SUCCESS;
  527. try {
  529. if (argc != 4) {
  530. DisplayMsg( MSG_USAGE_ENUMDATA );
  531. if (argc != 0) {
  532. ExitCode = EXIT_CODE_FAILURE;
  533. }
  534. leave;
  535. }
  537. if (!IsVolumeLocalNTFS( argv[argc-1][0] )) {
  538. DisplayMsg( MSG_NTFS_REQUIRED );
  539. ExitCode = EXIT_CODE_FAILURE;
  540. leave;
  541. }
  543. wcscpy( FileName, L"\\\\.\\" );
  544. wcscat( FileName, argv[argc-1] );
  546. FileHandle = CreateFile(
  547. FileName,
  548. GENERIC_READ,
  549. FILE_SHARE_READ | FILE_SHARE_WRITE,
  550. NULL,
  551. OPEN_EXISTING,
  552. FILE_ATTRIBUTE_NORMAL,
  553. NULL
  554. );
  555. if (FileHandle == INVALID_HANDLE_VALUE) {
  556. DisplayError();
  557. ExitCode = EXIT_CODE_FAILURE;
  558. leave;
  559. }
  561. nOutBufferSize = MAX_USN_DATA;
  562. lpOutBuffer = (PVOID) malloc ( nOutBufferSize );
  564. MftEnumData.StartFileReferenceNumber = My_wcstoui64( argv[0], &EndStr, 0 );
  565. if (UnsignedI64NumberCheck( MftEnumData.StartFileReferenceNumber, EndStr )) {
  566. DisplayMsg( MSG_USAGE_ENUMDATA );
  567. ExitCode = EXIT_CODE_FAILURE;
  568. leave;
  569. }
  571. MftEnumData.LowUsn = My_wcstoui64( argv[1], &EndStr, 0 );
  572. if (UnsignedI64NumberCheck( MftEnumData.LowUsn, EndStr )) {
  573. DisplayMsg( MSG_USAGE_ENUMDATA );
  574. ExitCode = EXIT_CODE_FAILURE;
  575. leave;
  576. }
  578. MftEnumData.HighUsn = My_wcstoui64( argv[2], &EndStr, 0 );
  579. if (UnsignedI64NumberCheck( MftEnumData.HighUsn, EndStr )) {
  580. DisplayMsg( MSG_USAGE_ENUMDATA );
  581. ExitCode = EXIT_CODE_FAILURE;
  582. leave;
  583. }
  585. while (TRUE) {
  586. Status = DeviceIoControl(
  587. FileHandle,
  588. FSCTL_ENUM_USN_DATA,
  589. &MftEnumData,
  590. sizeof(MFT_ENUM_DATA),
  591. lpOutBuffer,
  592. nOutBufferSize,
  593. &BytesReturned,
  594. (LPOVERLAPPED)NULL
  595. );
  596. if (!Status) {
  597. if (GetLastError() != ERROR_HANDLE_EOF) {
  598. DisplayError();
  599. ExitCode = EXIT_CODE_FAILURE;
  600. }
  601. leave;
  602. }
  604. if ( BytesReturned < sizeof( ULONGLONG ) + sizeof( USN_RECORD )) {
  605. break;
  606. }
  608. UsnRecord = (PUSN_RECORD) ((PBYTE)lpOutBuffer + sizeof( ULONGLONG ));
  609. while ((PBYTE)UsnRecord < (PBYTE)lpOutBuffer + BytesReturned) {
  610. DisplayMsg(
  611. MSG_ENUMDATA,
  612. QuadToPaddedHexText( UsnRecord->FileReferenceNumber ),
  613. QuadToPaddedHexText( UsnRecord->ParentFileReferenceNumber ),
  614. QuadToPaddedHexText( UsnRecord->Usn ),
  615. UsnRecord->SecurityId,
  616. UsnRecord->Reason,
  617. UsnRecord->FileNameLength,
  618. UsnRecord->FileNameLength / sizeof(WCHAR),
  619. UsnRecord->FileName
  620. );
  621. UsnRecord = NextUsnRecord( UsnRecord );
  622. }
  623. MftEnumData.StartFileReferenceNumber = *(PLONGLONG)lpOutBuffer;
  624. }
  626. } finally {
  628. if (FileHandle != INVALID_HANDLE_VALUE) {
  629. CloseHandle( FileHandle );
  630. }
  631. if (lpOutBuffer) {
  632. free( lpOutBuffer );
  633. }
  635. }
  637. return ExitCode;
  638. }
  641. INT
  642. ReadFileUsnData(
  643. IN INT argc,
  644. IN PWSTR argv[]
  645. )
  646. /*++
  648. Routine Description:
  650. This routine reads the usn data for the volume specified.
  652. Arguments:
  654. argc - The argument count.
  655. argv - Array of Strings of the form :
  656. ' fscutl rdusndata <pathname>'.
  658. Return Value:
  660. None
  662. --*/
  663. {
  664. HANDLE FileHandle = INVALID_HANDLE_VALUE;
  665. WCHAR FileName[MAX_PATH];
  666. BOOL Status;
  667. DWORD BytesReturned;
  668. DWORD nOutBufferSize;
  669. PUSN_RECORD UsnRecord;
  670. PWSTR FullName;
  671. INT ExitCode = EXIT_CODE_SUCCESS;
  673. try {
  675. if (argc != 1) {
  676. DisplayMsg( MSG_USAGE_READDATA );
  677. if (argc != 0) {
  678. ExitCode = EXIT_CODE_FAILURE;
  679. }
  680. leave;
  681. }
  683. FullName = GetFullPath( argv[0] );
  685. if (!FullName) {
  686. DisplayError();
  687. ExitCode = EXIT_CODE_FAILURE;
  688. leave;
  689. }
  691. if (!IsVolumeLocalNTFS( FullName[0] )) {
  692. DisplayMsg( MSG_NTFS_REQUIRED );
  693. ExitCode = EXIT_CODE_FAILURE;
  694. leave;
  695. }
  697. wcscpy( FileName, L"\\\\.\\" );
  698. wcscat( FileName, FullName );
  700. FileHandle = CreateFile(
  701. FileName,
  702. GENERIC_READ,
  703. FILE_SHARE_READ | FILE_SHARE_WRITE,
  704. NULL,
  705. OPEN_EXISTING,
  706. FILE_ATTRIBUTE_NORMAL,
  707. NULL
  708. );
  709. if (FileHandle == INVALID_HANDLE_VALUE) {
  710. DisplayError();
  711. ExitCode = EXIT_CODE_FAILURE;
  712. leave;
  713. }
  715. nOutBufferSize = MAX_USN_DATA;
  716. UsnRecord = (PUSN_RECORD) malloc ( nOutBufferSize );
  718. Status = DeviceIoControl(
  719. FileHandle,
  720. FSCTL_READ_FILE_USN_DATA,
  721. NULL,
  722. 0,
  723. UsnRecord,
  724. nOutBufferSize,
  725. &BytesReturned,
  726. (LPOVERLAPPED)NULL
  727. );
  728. if (!Status) {
  729. DisplayError();
  730. ExitCode = EXIT_CODE_FAILURE;
  731. leave;
  732. }
  734. DisplayUsnRecord( UsnRecord );
  736. } finally {
  738. if (FileHandle != INVALID_HANDLE_VALUE) {
  739. CloseHandle( FileHandle );
  740. }
  741. if (UsnRecord) {
  742. free( UsnRecord );
  743. }
  745. free( FullName );
  747. }
  749. return ExitCode;
  750. }