mirror of
https://github.com/libguestfs/libguestfs.git
synced 2026-03-21 22:53:37 +00:00
filesystem_walk: more information into tsk_dirent
Access, modification, last status change and creation time in Unix format as for statns. Number of links pointing to a given entry. If the entry is a symbolic link, report the its target path. A new flag (DIRENT_COMPRESSED 0x04) indicating whether the file is compressed using native filesystem compression support. Signed-off-by: Matteo Cafasso <noxdafox@gmail.com>
This commit is contained in:
Matteo Cafasso
committed by
Pino Toscano
Pino Toscano
parent
123dc018b8
commit
abf85b050e
44
daemon/tsk.c
44
daemon/tsk.c
@@ -38,13 +38,15 @@
|
||||
enum tsk_dirent_flags {
|
||||
DIRENT_UNALLOC = 0x00,
|
||||
DIRENT_ALLOC = 0x01,
|
||||
DIRENT_REALLOC = 0x02
|
||||
DIRENT_REALLOC = 0x02,
|
||||
DIRENT_COMPRESSED = 0x04
|
||||
};
|
||||
|
||||
static int open_filesystem (const char *, TSK_IMG_INFO **, TSK_FS_INFO **);
|
||||
static TSK_WALK_RET_ENUM fswalk_callback (TSK_FS_FILE *, const char *, void *);
|
||||
static char file_type (TSK_FS_FILE *);
|
||||
static int file_flags (TSK_FS_FILE *fsfile);
|
||||
static void file_metadata (TSK_FS_META *, guestfs_int_tsk_dirent *);
|
||||
static int send_dirent_info (guestfs_int_tsk_dirent *);
|
||||
static void reply_with_tsk_error (const char *);
|
||||
|
||||
@@ -122,15 +124,15 @@ fswalk_callback (TSK_FS_FILE *fsfile, const char *path, void *data)
|
||||
return TSK_WALK_ERROR;
|
||||
}
|
||||
|
||||
/* Set dirent fields */
|
||||
memset (&dirent, 0, sizeof dirent);
|
||||
|
||||
dirent.tsk_inode = fsfile->name->meta_addr;
|
||||
dirent.tsk_type = file_type (fsfile);
|
||||
dirent.tsk_size = (fsfile->meta != NULL) ? fsfile->meta->size : -1;
|
||||
dirent.tsk_name = fname;
|
||||
dirent.tsk_flags = file_flags (fsfile);
|
||||
dirent.tsk_spare1 = dirent.tsk_spare2 = dirent.tsk_spare3 =
|
||||
dirent.tsk_spare4 = dirent.tsk_spare5 = dirent.tsk_spare6 =
|
||||
dirent.tsk_spare7 = dirent.tsk_spare8 = dirent.tsk_spare9 =
|
||||
dirent.tsk_spare10 = dirent.tsk_spare11 = 0;
|
||||
|
||||
file_metadata (fsfile->meta, &dirent);
|
||||
|
||||
ret = send_dirent_info (&dirent);
|
||||
ret = (ret == 0) ? TSK_WALK_CONT : TSK_WALK_ERROR;
|
||||
@@ -175,7 +177,7 @@ file_type (TSK_FS_FILE *fsfile)
|
||||
return 'u';
|
||||
}
|
||||
|
||||
/* Inspect fsfile to retrieve the file allocation state. */
|
||||
/* Inspect fsfile to retrieve file flags. */
|
||||
static int
|
||||
file_flags (TSK_FS_FILE *fsfile)
|
||||
{
|
||||
@@ -188,9 +190,37 @@ file_flags (TSK_FS_FILE *fsfile)
|
||||
else
|
||||
flags |= DIRENT_ALLOC;
|
||||
|
||||
if (fsfile->meta && fsfile->meta->flags & TSK_FS_META_FLAG_COMP)
|
||||
flags |= DIRENT_COMPRESSED;
|
||||
|
||||
return flags;
|
||||
}
|
||||
|
||||
/* Inspect fsfile to retrieve file metadata. */
|
||||
static void
|
||||
file_metadata (TSK_FS_META *fsmeta, guestfs_int_tsk_dirent *dirent)
|
||||
{
|
||||
if (fsmeta != NULL) {
|
||||
dirent->tsk_size = fsmeta->size;
|
||||
dirent->tsk_nlink = fsmeta->nlink;
|
||||
dirent->tsk_atime_sec = fsmeta->atime;
|
||||
dirent->tsk_atime_nsec = fsmeta->atime_nano;
|
||||
dirent->tsk_mtime_sec = fsmeta->mtime;
|
||||
dirent->tsk_mtime_nsec = fsmeta->mtime_nano;
|
||||
dirent->tsk_ctime_sec = fsmeta->ctime;
|
||||
dirent->tsk_ctime_nsec = fsmeta->ctime_nano;
|
||||
dirent->tsk_crtime_sec = fsmeta->crtime;
|
||||
dirent->tsk_crtime_nsec = fsmeta->crtime_nano;
|
||||
/* tsk_link never changes */
|
||||
dirent->tsk_link = (fsmeta->link != NULL) ? fsmeta->link : (char *) "";
|
||||
}
|
||||
else {
|
||||
dirent->tsk_size = -1;
|
||||
/* tsk_link never changes */
|
||||
dirent->tsk_link = (char *) "";
|
||||
}
|
||||
}
|
||||
|
||||
/* Serialise dirent into XDR stream and send it to the appliance.
|
||||
* Return 0 on success, -1 on error.
|
||||
*/
|
||||
|
||||
@@ -3612,11 +3612,46 @@ from the metadata structure.
|
||||
The bit is set to C<1> when the file name is in an unallocated state
|
||||
and the metadata structure is in an allocated one.
|
||||
This generally implies the metadata has been reallocated to a new file.
|
||||
Therefore, information such as file type and file size
|
||||
might not correspond with the ones of the original deleted entry.
|
||||
Therefore, information such as file type, file size, timestamps,
|
||||
number of links and symlink target might not correspond
|
||||
with the ones of the original deleted entry.
|
||||
|
||||
=item 0x0004
|
||||
|
||||
The bit is set to C<1> when the file is compressed using filesystem
|
||||
native compression support (NTFS). The API is not able to detect
|
||||
application level compression.
|
||||
|
||||
=back
|
||||
|
||||
=item 'tsk_atime_sec'
|
||||
|
||||
=item 'tsk_atime_nsec'
|
||||
|
||||
=item 'tsk_mtime_sec'
|
||||
|
||||
=item 'tsk_mtime_nsec'
|
||||
|
||||
=item 'tsk_ctime_sec'
|
||||
|
||||
=item 'tsk_ctime_nsec'
|
||||
|
||||
=item 'tsk_crtime_sec'
|
||||
|
||||
=item 'tsk_crtime_nsec'
|
||||
|
||||
Respectively, access, modification, last status change and creation
|
||||
time in Unix format in seconds and nanoseconds.
|
||||
|
||||
=item 'tsk_nlink'
|
||||
|
||||
Number of file names pointing to this entry.
|
||||
|
||||
=item 'tsk_link'
|
||||
|
||||
If the entry is a symbolic link, this field will contain the path
|
||||
to the target file.
|
||||
|
||||
=back
|
||||
|
||||
The C<tsk_type> field will contain one of the following characters:
|
||||
|
||||
@@ -454,17 +454,17 @@ let structs = [
|
||||
"tsk_size", FInt64;
|
||||
"tsk_name", FString;
|
||||
"tsk_flags", FUInt32;
|
||||
"tsk_atime_sec", FInt64;
|
||||
"tsk_atime_nsec", FInt64;
|
||||
"tsk_mtime_sec", FInt64;
|
||||
"tsk_mtime_nsec", FInt64;
|
||||
"tsk_ctime_sec", FInt64;
|
||||
"tsk_ctime_nsec", FInt64;
|
||||
"tsk_crtime_sec", FInt64;
|
||||
"tsk_crtime_nsec", FInt64;
|
||||
"tsk_nlink", FInt64;
|
||||
"tsk_link", FString;
|
||||
"tsk_spare1", FInt64;
|
||||
"tsk_spare2", FInt64;
|
||||
"tsk_spare3", FInt64;
|
||||
"tsk_spare4", FInt64;
|
||||
"tsk_spare5", FInt64;
|
||||
"tsk_spare6", FInt64;
|
||||
"tsk_spare7", FInt64;
|
||||
"tsk_spare8", FInt64;
|
||||
"tsk_spare9", FInt64;
|
||||
"tsk_spare10", FInt64;
|
||||
"tsk_spare11", FInt64;
|
||||
];
|
||||
s_camel_name = "TSKDirent" };
|
||||
|
||||
|
||||
@@ -51,17 +51,17 @@ tsk_type: r
|
||||
tsk_size: .*
|
||||
tsk_name: \$MFT
|
||||
tsk_flags: 1
|
||||
tsk_spare1: 0
|
||||
tsk_spare2: 0
|
||||
tsk_spare3: 0
|
||||
tsk_spare4: 0
|
||||
tsk_spare5: 0
|
||||
tsk_spare6: 0
|
||||
tsk_spare7: 0
|
||||
tsk_spare8: 0
|
||||
tsk_spare9: 0
|
||||
tsk_spare10: 0
|
||||
tsk_spare11: 0 }'
|
||||
tsk_atime_sec: .*
|
||||
tsk_atime_nsec: .*
|
||||
tsk_mtime_sec: .*
|
||||
tsk_mtime_nsec: .*
|
||||
tsk_ctime_sec: .*
|
||||
tsk_ctime_nsec: .*
|
||||
tsk_crtime_sec: .*
|
||||
tsk_crtime_nsec: .*
|
||||
tsk_nlink: 1
|
||||
tsk_link:
|
||||
tsk_spare1: 0 }'
|
||||
if [ $? != 0 ]; then
|
||||
echo "$0: \$MFT not found in files list."
|
||||
echo "File list:"
|
||||
@@ -75,17 +75,17 @@ tsk_type: [ru]
|
||||
tsk_size: .*
|
||||
tsk_name: test.txt
|
||||
tsk_flags: 0
|
||||
tsk_spare1: 0
|
||||
tsk_spare2: 0
|
||||
tsk_spare3: 0
|
||||
tsk_spare4: 0
|
||||
tsk_spare5: 0
|
||||
tsk_spare6: 0
|
||||
tsk_spare7: 0
|
||||
tsk_spare8: 0
|
||||
tsk_spare9: 0
|
||||
tsk_spare10: 0
|
||||
tsk_spare11: 0 }'
|
||||
tsk_atime_sec: .*
|
||||
tsk_atime_nsec: .*
|
||||
tsk_mtime_sec: .*
|
||||
tsk_mtime_nsec: .*
|
||||
tsk_ctime_sec: .*
|
||||
tsk_ctime_nsec: .*
|
||||
tsk_crtime_sec: .*
|
||||
tsk_crtime_nsec: .*
|
||||
tsk_nlink: .*
|
||||
tsk_link:
|
||||
tsk_spare1: 0 }'
|
||||
if [ $? != 0 ]; then
|
||||
echo "$0: /test.txt not found in files list."
|
||||
echo "File list:"
|
||||
|
||||
Reference in New Issue
Block a user