WebSVN – Kolibri OS – Diff – /kernel/branches/kolibri-process/fs/ntfs.inc


;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
;;                                                              ;;
;; Copyright (C) KolibriOS team 2004-2013. All rights reserved. ;;
;; Distributed under terms of the GNU General Public License    ;;
;;                                                              ;;
;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
 
$Revision: 5089 $
 
struct NTFS PARTITION
Lock                    MUTEX ?    ; currently operations with one partition
                                   ; can not be executed in parallel since the
                                   ; legacy code is not ready; this mutex guards
                                   ; all operations
sectors_per_cluster     dd      ?
mft_cluster             dd      ?
mftmirr_cluster         dd      ?
frs_size                dd      ?       ; FRS size in bytes
iab_size                dd      ?       ; IndexAllocationBuffer size in bytes
frs_buffer              dd      ?
iab_buffer              dd      ?
mft_retrieval           dd      ?
mft_retrieval_size      dd      ?
mft_retrieval_alloc     dd      ?
mft_retrieval_end       dd      ?
cur_index_size          dd      ?
cur_index_buf           dd      ?
 
ntfs_cur_attr   dd      ?
ntfs_cur_iRecord dd     ?
ntfs_cur_offs   dd      ?       ; in sectors
ntfs_cur_size   dd      ?       ; in sectors
ntfs_cur_buf    dd      ?
ntfs_cur_read   dd      ?       ; [output]
ntfs_bCanContinue db    ?
                rb      3
 
cur_subnode_size        dd      ?
ntfs_attr_iRecord       dd      ?
ntfs_attr_iBaseRecord   dd      ?
ntfs_attr_offs          dd      ?
ntfs_attr_list          dd      ?
ntfs_attr_size          dq      ?
ntfs_cur_tail           dd      ?
 
ntfs_attrlist_buf       rb      0x400
ntfs_attrlist_mft_buf   rb      0x400
ntfs_bitmap_buf         rb      0x400
ends
 
iglobal
align 4
ntfs_user_functions:
        dd      ntfs_free
        dd      (ntfs_user_functions_end - ntfs_user_functions - 4) / 4
        dd      ntfs_Read
        dd      ntfs_ReadFolder
        dd      ntfs_Rewrite
        dd      ntfs_Write
        dd      ntfs_SetFileEnd
        dd      ntfs_GetFileInfo
        dd      ntfs_SetFileInfo
        dd      0
        dd      ntfs_Delete
        dd      ntfs_CreateFolder
ntfs_user_functions_end:
endg
 
ntfs_test_bootsec:
; in: ebx->buffer, edx=size of partition
; out: CF set <=> invalid
; 1. Name=='NTFS    '
        cmp     dword [ebx+3], 'NTFS'
        jnz     .no
        cmp     dword [ebx+7], '    '
        jnz     .no
; 2. Number of bytes per sector is the same as for physical device
; (that is, 0x200 for hard disk)
        cmp     word [ebx+11], 0x200
        jnz     .no
; 3. Number of sectors per cluster must be power of 2
        movzx   eax, byte [ebx+13]
        dec     eax
        js      .no
        test    al, [ebx+13]
        jnz     .no
; 4. FAT parameters must be zero
        cmp     word [ebx+14], 0
        jnz     .no
        cmp     dword [ebx+16], 0
        jnz     .no
        cmp     byte [ebx+20], 0
        jnz     .no
        cmp     word [ebx+22], 0
        jnz     .no
        cmp     dword [ebx+32], 0
        jnz     .no
; 5. Number of sectors <= partition size
        cmp     dword [ebx+0x2C], 0
        ja      .no
        cmp     [ebx+0x28], edx
        ja      .no
; 6. $MFT and $MFTMirr clusters must be within partition
        cmp     dword [ebx+0x34], 0
        ja      .no
        push    edx
        movzx   eax, byte [ebx+13]
        mul     dword [ebx+0x30]
        test    edx, edx
        pop     edx
        jnz     .no
        cmp     eax, edx
        ja      .no
        cmp     dword [ebx+0x3C], 0
        ja      .no
        push    edx
        movzx   eax, byte [ebx+13]
        mul     dword [ebx+0x38]
        test    edx, edx
        pop     edx
        jnz     .no
        cmp     eax, edx
        ja      .no
; 7. Clusters per FRS must be either negative and in [-31,-9] or positive and power of 2
        movsx   eax, byte [ebx+0x40]
        cmp     al, -31
        jl      .no
        cmp     al, -9
        jle     @f
        dec     eax
        js      .no
        test    [ebx+0x40], al
        jnz     .no
@@:
; 8. Same for clusters per IndexAllocationBuffer
        movsx   eax, byte [ebx+0x44]
        cmp     al, -31
        jl      .no
        cmp     al, -9
        jle     @f
        dec     eax
        js      .no
        test    [ebx+0x44], al
        jnz     .no
@@:
; OK, this is correct NTFS bootsector
        clc
        ret
.no:
; No, this bootsector isn't NTFS
        stc
        ret
 
proc ntfs_create_partition
        cmp     dword [esi+DISK.MediaInfo.SectorSize], 512
        jnz     .nope
        mov     edx, dword [ebp+PARTITION.Length]
        cmp     dword [esp+4], 0
        jz      .boot_read_ok
        add     ebx, 512
        lea     eax, [edx-1]
        call    fs_read32_sys
        test    eax, eax
        jnz     @f
        call    ntfs_test_bootsec
        jnc     .ntfs_setup
@@:
        mov     eax, edx
        shr     eax, 1
        call    fs_read32_sys
        test    eax, eax
        jnz     .nope                   ; no chance...
.boot_read_ok:
        call    ntfs_test_bootsec
        jnc     .ntfs_setup
.nope:
        xor     eax, eax
        jmp     .exit
 
.ntfs_setup:
; By given bootsector, initialize some NTFS variables
        movi    eax, sizeof.NTFS
        call    malloc
        test    eax, eax
        jz      .exit
        mov     ecx, dword [ebp+PARTITION.FirstSector]
        mov     dword [eax+NTFS.FirstSector], ecx
        mov     ecx, dword [ebp+PARTITION.FirstSector+4]
        mov     dword [eax+NTFS.FirstSector+4], ecx
        mov     ecx, dword [ebp+PARTITION.Length]
        mov     dword [eax+NTFS.Length], ecx
        mov     ecx, dword [ebp+PARTITION.Length+4]
        mov     dword [eax+NTFS.Length+4], ecx
        mov     ecx, [ebp+PARTITION.Disk]
        mov     [eax+NTFS.Disk], ecx
        mov     [eax+NTFS.FSUserFunctions], ntfs_user_functions
        push    ebx ebp esi
        mov     ebp, eax
 
        lea     ecx, [ebp+NTFS.Lock]
        call    mutex_init
 
        movzx   eax, byte [ebx+13]
        mov     [ebp+NTFS.sectors_per_cluster], eax
        mov     eax, [ebx+0x28]
        mov     dword [ebp+NTFS.Length], eax
        and     dword [ebp+NTFS.Length+4], 0
        mov     eax, [ebx+0x30]
        mov     [ebp+NTFS.mft_cluster], eax
        mov     eax, [ebx+0x38]
        mov     [ebp+NTFS.mftmirr_cluster], eax
        movsx   eax, byte [ebx+0x40]
        test    eax, eax
        js      .1
        mul     [ebp+NTFS.sectors_per_cluster]
        shl     eax, 9
        jmp     .2
.1:
        neg     eax
        mov     ecx, eax
        mov     eax, 1
        shl     eax, cl
.2:
        mov     [ebp+NTFS.frs_size], eax
        movsx   eax, byte [ebx+0x44]
        test    eax, eax
        js      .3
        mul     [ebp+NTFS.sectors_per_cluster]
        shl     eax, 9
        jmp     .4
.3:
        neg     eax
        mov     ecx, eax
        mov     eax, 1
        shl     eax, cl
.4:
        mov     [ebp+NTFS.iab_size], eax
; allocate space for buffers
        add     eax, [ebp+NTFS.frs_size]
        push    eax
        call    kernel_alloc
        test    eax, eax
        jz      .fail_free
        mov     [ebp+NTFS.frs_buffer], eax
        add     eax, [ebp+NTFS.frs_size]
        mov     [ebp+NTFS.iab_buffer], eax
; read $MFT disposition
        mov     eax, [ebp+NTFS.mft_cluster]
        mul     [ebp+NTFS.sectors_per_cluster]
        call    ntfs_read_frs_sector
        test    eax, eax
        jnz     .usemirr
        cmp     dword [ebx], 'FILE'
        jnz     .usemirr
        call    ntfs_restore_usa_frs
        jnc     .mftok
.usemirr:
        mov     eax, [ebp+NTFS.mftmirr_cluster]
        mul     [ebp+NTFS.sectors_per_cluster]
        call    ntfs_read_frs_sector
        test    eax, eax
        jnz     @f
        cmp     dword [ebx], 'FILE'
        jnz     @f
        call    ntfs_restore_usa_frs
        jnc     .mftok
@@:
; $MFT and $MFTMirr invalid!
.fail_free_frs:
        push    [ebp+NTFS.frs_buffer]
        call    kernel_free
.fail_free:
        mov     eax, ebp
        call    free
        xor     eax, eax
.pop_exit:
        pop     esi ebp ebx
.exit:
        cmp     dword [esp+4], 0
        jz      @f
        sub     ebx, 512
@@:
        ret
.fail_free_mft:
        push    [ebp+NTFS.mft_retrieval]
        call    kernel_free
        jmp     .fail_free_frs
.mftok:
; read $MFT table retrieval information
; start with one page, increase if not enough (when MFT too fragmented)
        push    ebx
        push    0x1000
        call    kernel_alloc
        pop     ebx
        test    eax, eax
        jz      .fail_free_frs
        mov     [ebp+NTFS.mft_retrieval], eax
        and     [ebp+NTFS.mft_retrieval_size], 0
        mov     [ebp+NTFS.mft_retrieval_alloc], 0x1000/8
; $MFT base record must contain unnamed non-resident $DATA attribute
        movzx   eax, word [ebx+14h]
        add     eax, ebx
.scandata:
        cmp     dword [eax], -1
        jz      .fail_free_mft
        cmp     dword [eax], 0x80
        jnz     @f
        cmp     byte [eax+9], 0
        jz      .founddata
@@:
        add     eax, [eax+4]
        jmp     .scandata
.founddata:
        cmp     byte [eax+8], 0
        jz      .fail_free_mft
; load first portion of $DATA attribute retrieval information
        mov     edx, [eax+0x18]
        mov     [ebp+NTFS.mft_retrieval_end], edx
        mov     esi, eax
        movzx   eax, word [eax+0x20]
        add     esi, eax
        sub     esp, 10h
.scanmcb:
        call    ntfs_decode_mcb_entry
        jnc     .scanmcbend
        call    .get_mft_retrieval_ptr
        mov     edx, [esp]      ; block length
        mov     [eax], edx
        mov     edx, [esp+8]    ; block addr (relative)
        mov     [eax+4], edx
        inc     [ebp+NTFS.mft_retrieval_size]
        jmp     .scanmcb
.scanmcbend:
        add     esp, 10h
; there may be other portions of $DATA attribute in auxiliary records;
; if they will be needed, they will be loaded later
 
        mov     [ebp+NTFS.cur_index_size], 0x1000/0x200
        push    0x1000
        call    kernel_alloc
        test    eax, eax
        jz      .fail_free_mft
        mov     [ebp+NTFS.cur_index_buf], eax
 
        mov     eax, ebp
        jmp     .pop_exit
endp
 
.get_mft_retrieval_ptr:
        pushad
        mov     eax, [ebp+NTFS.mft_retrieval_size]
        cmp     eax, [ebp+NTFS.mft_retrieval_alloc]
        jnz     .ok
        add     eax, 0x1000/8
        mov     [ebp+NTFS.mft_retrieval_alloc], eax
        shl     eax, 3
        push    eax
        call    kernel_alloc
        test    eax, eax
        jnz     @f
        popad
        add     esp, 14h
        jmp     .fail_free_mft
@@:
        mov     esi, [ebp+NTFS.mft_retrieval]
        mov     edi, eax
        mov     ecx, [ebp+NTFS.mft_retrieval_size]
        add     ecx, ecx
        rep movsd
        push    [ebp+NTFS.mft_retrieval]
        mov     [ebp+NTFS.mft_retrieval], eax
        call    kernel_free
        mov     eax, [ebp+NTFS.mft_retrieval_size]
.ok:
        shl     eax, 3
        add     eax, [ebp+NTFS.mft_retrieval]
        mov     [esp+28], eax
        popad
        ret
 
proc ntfs_free
        push    ebx
        xchg    ebx, eax
        stdcall kernel_free, [ebx+NTFS.frs_buffer]
        stdcall kernel_free, [ebx+NTFS.mft_retrieval]
        stdcall kernel_free, [ebx+NTFS.cur_index_buf]
        xchg    ebx, eax
        call    free
        pop     ebx
        ret
endp
 
proc ntfs_lock
        lea     ecx, [ebp+NTFS.Lock]
        jmp     mutex_lock
endp
 
proc ntfs_unlock
        lea     ecx, [ebp+NTFS.Lock]
        jmp     mutex_unlock
endp
 
ntfs_read_frs_sector:
        push    ecx
        mov     ebx, [ebp+NTFS.frs_buffer]
        push    ebx
        mov     ecx, [ebp+NTFS.frs_size]
        shr     ecx, 9
        push    ecx
        mov     ecx, eax
@@:
        mov     eax, ecx
        call    fs_read32_sys
        test    eax, eax
        jnz     .fail
        add     ebx, 0x200
        inc     ecx
        dec     dword [esp]
        jnz     @b
        pop     eax
.fail:
        pop     ebx
        pop     ecx
        ret
 
ntfs_read_attr:
; in: variables in ebp+NTFS.*
; out: [ebp+NTFS.ntfs_cur_read]
; out: CF=1 => notfound, in this case eax=0 => disk ok, otherwise eax=disk error code
        xor     eax, eax
        pushad
        and     [ebp+NTFS.ntfs_cur_read], 0
        cmp     [ebp+NTFS.ntfs_cur_iRecord], 0
        jnz     .nomft
        cmp     [ebp+NTFS.ntfs_cur_attr], 0x80
        jnz     .nomft
        mov     eax, [ebp+NTFS.mft_retrieval_end]
        inc     eax
        mul     [ebp+NTFS.sectors_per_cluster]
        cmp     eax, [ebp+NTFS.ntfs_cur_offs]
        jbe     .nomft
; precalculated part of $Mft $DATA
        mov     esi, [ebp+NTFS.mft_retrieval]
        mov     eax, [ebp+NTFS.ntfs_cur_offs]
        xor     edx, edx
        div     [ebp+NTFS.sectors_per_cluster]
; eax = VCN, edx = offset in sectors from beginning of cluster
        xor     ecx, ecx        ; ecx will contain LCN
.mftscan:
        add     ecx, [esi+4]
        sub     eax, [esi]
        jb      @f
        add     esi, 8
        push    eax
        mov     eax, [ebp+NTFS.mft_retrieval_end]
        shl     eax, 3
        add     eax, [ebp+NTFS.mft_retrieval]
        cmp     eax, esi
        pop     eax
        jnz     .mftscan
        jmp     .nomft
@@:
        push    ecx
        add     ecx, eax
        add     ecx, [esi]
        push    eax
        push    edx
        mov     eax, [ebp+NTFS.sectors_per_cluster]
        mul     ecx
; eax = sector on partition
        pop     edx
        add     eax, edx
        mov     ebx, [ebp+NTFS.ntfs_cur_buf]
        pop     ecx
        neg     ecx
        imul    ecx, [ebp+NTFS.sectors_per_cluster]
        sub     ecx, edx
        cmp     ecx, [ebp+NTFS.ntfs_cur_size]
        jb      @f
        mov     ecx, [ebp+NTFS.ntfs_cur_size]
@@:
; ecx = number of sequential sectors to read
        push    eax
        call    fs_read32_sys
        pop     edx
        test    eax, eax
        jnz     .errread
        add     [ebp+NTFS.ntfs_cur_read], 0x200
        dec     [ebp+NTFS.ntfs_cur_size]
        inc     [ebp+NTFS.ntfs_cur_offs]
        add     ebx, 0x200
        mov     [ebp+NTFS.ntfs_cur_buf], ebx
        lea     eax, [edx+1]
        loop    @b
        pop     ecx
        xor     eax, eax
        xor     edx, edx
        cmp     [ebp+NTFS.ntfs_cur_size], eax
        jz      @f
        add     esi, 8
        push    eax
        mov     eax, [ebp+NTFS.mft_retrieval_end]
        shl     eax, 3
        add     eax, [ebp+NTFS.mft_retrieval]
        cmp     eax, esi
        pop     eax
        jz      .nomft
        jmp     .mftscan
@@:
        popad
        ret
.errread:
        pop     ecx
.errret:
        mov     [esp+28], eax
        stc
        popad
        ret
.nomft:
; 1. Read file record.
; N.B. This will do recursive call of read_attr for $MFT::$Data.
        mov     eax, [ebp+NTFS.ntfs_cur_iRecord]
        mov     [ebp+NTFS.ntfs_attr_iRecord], eax
        and     [ebp+NTFS.ntfs_attr_list], 0
        or      dword [ebp+NTFS.ntfs_attr_size], -1
        or      dword [ebp+NTFS.ntfs_attr_size+4], -1
        or      [ebp+NTFS.ntfs_attr_iBaseRecord], -1
        call    ntfs_read_file_record
        jc      .errret
; 2. Find required attribute.
        mov     eax, [ebp+NTFS.frs_buffer]
; a) For auxiliary records, read base record
; N.B. If base record is present,
;      base iRecord may be 0 (for $Mft), but SequenceNumber is nonzero
        cmp     dword [eax+24h], 0
        jz      @f
        mov     eax, [eax+20h]
;        test    eax, eax
;        jz      @f
.beginfindattr:
        mov     [ebp+NTFS.ntfs_attr_iRecord], eax
        call    ntfs_read_file_record
        jc      .errret
@@:
; b) Scan for required attribute and for $ATTR_LIST
        mov     eax, [ebp+NTFS.frs_buffer]
        movzx   ecx, word [eax+14h]
        add     eax, ecx
        mov     ecx, [ebp+NTFS.ntfs_cur_attr]
        and     [ebp+NTFS.ntfs_attr_offs], 0
.scanattr:
        cmp     dword [eax], -1
        jz      .scandone
        cmp     dword [eax], ecx
        jz      .okattr
        cmp     [ebp+NTFS.ntfs_attr_iBaseRecord], -1
        jnz     .scancont
        cmp     dword [eax], 0x20       ; $ATTR_LIST
        jnz     .scancont
        mov     [ebp+NTFS.ntfs_attr_list], eax
        jmp     .scancont
.okattr:
; ignore named $DATA attributes (aka NTFS streams)
        cmp     ecx, 0x80
        jnz     @f
        cmp     byte [eax+9], 0
        jnz     .scancont
@@:
        mov     [ebp+NTFS.ntfs_attr_offs], eax
.scancont:
        add     eax, [eax+4]
        jmp     .scanattr
.continue:
        pushad
        and     [ebp+NTFS.ntfs_cur_read], 0
.scandone:
; c) Check for required offset and length
        mov     ecx, [ebp+NTFS.ntfs_attr_offs]
        jecxz   .noattr
        push    [ebp+NTFS.ntfs_cur_size]
        push    [ebp+NTFS.ntfs_cur_read]
        call    .doreadattr
        pop     edx
        pop     ecx
        jc      @f
        cmp     [ebp+NTFS.ntfs_bCanContinue], 0
        jz      @f
        sub     edx, [ebp+NTFS.ntfs_cur_read]
        neg     edx
        shr     edx, 9
        sub     ecx, edx
        mov     [ebp+NTFS.ntfs_cur_size], ecx
        jnz     .not_in_cur
@@:
        popad
        ret
.noattr:
.not_in_cur:
        cmp     [ebp+NTFS.ntfs_cur_attr], 0x20
        jz      @f
        mov     ecx, [ebp+NTFS.ntfs_attr_list]
        test    ecx, ecx
        jnz     .lookattr
.ret_is_attr:
        and     dword [esp+28], 0
        cmp     [ebp+NTFS.ntfs_attr_offs], 1     ; CF set <=> ntfs_attr_offs == 0
        popad
        ret
.lookattr:
; required attribute or required offset was not found in base record;
; it may be present in auxiliary records;
; scan $ATTR_LIST
        mov     eax, [ebp+NTFS.ntfs_attr_iBaseRecord]
        cmp     eax, -1
        jz      @f
        call    ntfs_read_file_record
        jc      .errret
        or      [ebp+NTFS.ntfs_attr_iBaseRecord], -1
@@:
        push    [ebp+NTFS.ntfs_cur_offs]
        push    [ebp+NTFS.ntfs_cur_size]
        push    [ebp+NTFS.ntfs_cur_read]
        push    [ebp+NTFS.ntfs_cur_buf]
        push    dword [ebp+NTFS.ntfs_attr_size]
        push    dword [ebp+NTFS.ntfs_attr_size+4]
        or      dword [ebp+NTFS.ntfs_attr_size], -1
        or      dword [ebp+NTFS.ntfs_attr_size+4], -1
        and     [ebp+NTFS.ntfs_cur_offs], 0
        mov     [ebp+NTFS.ntfs_cur_size], 2
        and     [ebp+NTFS.ntfs_cur_read], 0
        lea     eax, [ebp+NTFS.ntfs_attrlist_buf]
        cmp     [ebp+NTFS.ntfs_cur_iRecord], 0
        jnz     @f
        lea     eax, [ebp+NTFS.ntfs_attrlist_mft_buf]
@@:
        mov     [ebp+NTFS.ntfs_cur_buf], eax
        push    eax
        call    .doreadattr
        pop     esi
        mov     edx, 1
        pop     dword [ebp+NTFS.ntfs_attr_size+4]
        pop     dword [ebp+NTFS.ntfs_attr_size]
        mov     ecx, [ebp+NTFS.ntfs_cur_read]
        pop     [ebp+NTFS.ntfs_cur_buf]
        pop     [ebp+NTFS.ntfs_cur_read]
        pop     [ebp+NTFS.ntfs_cur_size]
        pop     [ebp+NTFS.ntfs_cur_offs]
        jc      .errret
        or      edi, -1
        lea     ecx, [ecx+esi-1Ah]
.scanliststart:
        push    ecx
        mov     eax, [ebp+NTFS.ntfs_cur_attr]
.scanlist:
        cmp     esi, [esp]
        jae     .scanlistdone
        cmp     eax, [esi]
        jz      @f
.scanlistcont:
        movzx   ecx, word [esi+4]
        add     esi, ecx
        jmp     .scanlist
@@:
; ignore named $DATA attributes (aka NTFS streams)
        cmp     eax, 0x80
        jnz     @f
        cmp     byte [esi+6], 0
        jnz     .scanlistcont
@@:
        push    eax
        mov     eax, [esi+8]
        test    eax, eax
        jnz     .testf
        mov     eax, dword [ebp+NTFS.ntfs_attr_size]
        and     eax, dword [ebp+NTFS.ntfs_attr_size+4]
        cmp     eax, -1
        jnz     .testfz
; if attribute is in auxiliary records, its size is defined only in first
        mov     eax, [esi+10h]
        call    ntfs_read_file_record
        jnc     @f
.errret_pop:
        pop     ecx ecx
        jmp     .errret
.errret2_pop:
        xor     eax, eax
        jmp     .errret_pop
@@:
        mov     eax, [ebp+NTFS.frs_buffer]
        movzx   ecx, word [eax+14h]
        add     eax, ecx
        mov     ecx, [ebp+NTFS.ntfs_cur_attr]
@@:
        cmp     dword [eax], -1
        jz      .errret2_pop
        cmp     dword [eax], ecx
        jz      @f
.l1:
        add     eax, [eax+4]
        jmp     @b
@@:
        cmp     eax, 0x80
        jnz     @f
        cmp     byte [eax+9], 0
        jnz     .l1
@@:
        cmp     byte [eax+8], 0
        jnz     .sdnores
        mov     eax, [eax+10h]
        mov     dword [ebp+NTFS.ntfs_attr_size], eax
        and     dword [ebp+NTFS.ntfs_attr_size+4], 0
        jmp     .testfz
.sdnores:
        mov     ecx, [eax+30h]
        mov     dword [ebp+NTFS.ntfs_attr_size], ecx
        mov     ecx, [eax+34h]
        mov     dword [ebp+NTFS.ntfs_attr_size+4], ecx
.testfz:
        xor     eax, eax
.testf:
        imul    eax, [ebp+NTFS.sectors_per_cluster]
        cmp     eax, [ebp+NTFS.ntfs_cur_offs]
        pop     eax
        ja      @f
        mov     edi, [esi+10h]  ; keep previous iRecord
        jmp     .scanlistcont
@@:
        pop     ecx
.scanlistfound:
        cmp     edi, -1
        jnz     @f
        popad
        ret
@@:
        mov     eax, [ebp+NTFS.ntfs_cur_iRecord]
        mov     [ebp+NTFS.ntfs_attr_iBaseRecord], eax
        mov     eax, edi
        jmp     .beginfindattr
.scanlistdone:
        pop     ecx
        sub     ecx, ebp
        sub     ecx, NTFS.ntfs_attrlist_buf-1Ah
        cmp     [ebp+NTFS.ntfs_cur_iRecord], 0
        jnz     @f
        sub     ecx, NTFS.ntfs_attrlist_mft_buf-NTFS.ntfs_attrlist_buf
@@:
        cmp     ecx, 0x400
        jnz     .scanlistfound
        inc     edx
        push    esi edi
        lea     esi, [ebp+NTFS.ntfs_attrlist_buf+0x200]
        lea     edi, [ebp+NTFS.ntfs_attrlist_buf]
        cmp     [ebp+NTFS.ntfs_cur_iRecord], 0
        jnz     @f
        lea     esi, [ebp+NTFS.ntfs_attrlist_mft_buf+0x200]
        lea     edi, [ebp+NTFS.ntfs_attrlist_mft_buf]
@@:
        mov     ecx, 0x200/4
        rep movsd
        mov     eax, edi
        pop     edi esi
        sub     esi, 0x200
        push    [ebp+NTFS.ntfs_cur_offs]
        push    [ebp+NTFS.ntfs_cur_size]
        push    [ebp+NTFS.ntfs_cur_read]
        push    [ebp+NTFS.ntfs_cur_buf]
        push    dword [ebp+NTFS.ntfs_attr_size]
        push    dword [ebp+NTFS.ntfs_attr_size+4]
        or      dword [ebp+NTFS.ntfs_attr_size], -1
        or      dword [ebp+NTFS.ntfs_attr_size+4], -1
        mov     [ebp+NTFS.ntfs_cur_offs], edx
        mov     [ebp+NTFS.ntfs_cur_size], 1
        and     [ebp+NTFS.ntfs_cur_read], 0
        mov     [ebp+NTFS.ntfs_cur_buf], eax
        mov     ecx, [ebp+NTFS.ntfs_attr_list]
        push    esi edx edi
        call    .doreadattr
        pop     edi edx esi
        mov     ecx, [ebp+NTFS.ntfs_cur_read]
        pop     dword [ebp+NTFS.ntfs_attr_size+4]
        pop     dword [ebp+NTFS.ntfs_attr_size]
        pop     [ebp+NTFS.ntfs_cur_buf]
        pop     [ebp+NTFS.ntfs_cur_read]
        pop     [ebp+NTFS.ntfs_cur_size]
        pop     [ebp+NTFS.ntfs_cur_offs]
        jc      .errret
        lea     ecx, [ecx+ebp+NTFS.ntfs_attrlist_buf+0x200-0x1A]
        cmp     [ebp+NTFS.ntfs_cur_iRecord], 0
        jnz     .scanliststart
        add     ecx, NTFS.ntfs_attrlist_mft_buf-NTFS.ntfs_attrlist_buf
        jmp     .scanliststart
 
.doreadattr:
        mov     [ebp+NTFS.ntfs_bCanContinue], 0
        cmp     byte [ecx+8], 0
        jnz     .nonresident
        mov     eax, [ecx+10h]  ; length
        mov     esi, eax
        mov     edx, [ebp+NTFS.ntfs_cur_offs]
        shr     eax, 9
        cmp     eax, edx
        jb      .okret
        shl     edx, 9
        sub     esi, edx
        movzx   eax, word [ecx+14h]
        add     edx, eax
        add     edx, ecx        ; edx -> data
        mov     eax, [ebp+NTFS.ntfs_cur_size]
        cmp     eax, (0xFFFFFFFF shr 9)+1
        jbe     @f
        mov     eax, (0xFFFFFFFF shr 9)+1
@@:
        shl     eax, 9
        cmp     eax, esi
        jbe     @f
        mov     eax, esi
@@:
; eax = length, edx -> data
        mov     [ebp+NTFS.ntfs_cur_read], eax
        mov     ecx, eax
        mov     eax, edx
        mov     ebx, [ebp+NTFS.ntfs_cur_buf]
        call    memmove
        and     [ebp+NTFS.ntfs_cur_size], 0      ; CF=0
        ret
.nonresident:
; Not all auxiliary records contain correct FileSize info
        mov     eax, dword [ebp+NTFS.ntfs_attr_size]
        mov     edx, dword [ebp+NTFS.ntfs_attr_size+4]
        push    eax
        and     eax, edx
        cmp     eax, -1
        pop     eax
        jnz     @f
        mov     eax, [ecx+30h]  ; FileSize
        mov     edx, [ecx+34h]
        mov     dword [ebp+NTFS.ntfs_attr_size], eax
        mov     dword [ebp+NTFS.ntfs_attr_size+4], edx
@@:
        add     eax, 0x1FF
        adc     edx, 0
        shrd    eax, edx, 9
        sub     eax, [ebp+NTFS.ntfs_cur_offs]
        ja      @f
; return with nothing read
        and     [ebp+NTFS.ntfs_cur_size], 0
.okret:
        clc
        ret
@@:
; reduce read length
        and     [ebp+NTFS.ntfs_cur_tail], 0
        cmp     [ebp+NTFS.ntfs_cur_size], eax
        jb      @f
        mov     [ebp+NTFS.ntfs_cur_size], eax
        mov     eax, dword [ebp+NTFS.ntfs_attr_size]
        and     eax, 0x1FF
        mov     [ebp+NTFS.ntfs_cur_tail], eax
@@:
        cmp     [ebp+NTFS.ntfs_cur_size], 0
        jz      .okret
        mov     eax, [ebp+NTFS.ntfs_cur_offs]
        xor     edx, edx
        div     [ebp+NTFS.sectors_per_cluster]
        sub     eax, [ecx+10h]  ; first_vbo
        jb      .okret
; eax = cluster, edx = starting sector
        sub     esp, 10h
        movzx   esi, word [ecx+20h]     ; mcb_info_ofs
        add     esi, ecx
        xor     edi, edi
.readloop:
        call    ntfs_decode_mcb_entry
        jnc     .break
        add     edi, [esp+8]
        sub     eax, [esp]
        jae     .readloop
        push    ecx
        push    eax
        add     eax, [esp+8]
        add     eax, edi
        imul    eax, [ebp+NTFS.sectors_per_cluster]
        add     eax, edx
        pop     ecx
        neg     ecx
        imul    ecx, [ebp+NTFS.sectors_per_cluster]
        sub     ecx, edx
        cmp     ecx, [ebp+NTFS.ntfs_cur_size]
        jb      @f
        mov     ecx, [ebp+NTFS.ntfs_cur_size]
@@:
        mov     ebx, [ebp+NTFS.ntfs_cur_buf]
@@:
        push    eax
        cmp     [ebp+NTFS.ntfs_cur_attr], 0x80
        jnz     .sys
        cmp     [ebp+NTFS.ntfs_cur_iRecord], 0
        jz      .sys
        call    fs_read32_app
        jmp     .appsys
.sys:
        call    fs_read32_sys
.appsys:
        pop     edx
        test    eax, eax
        jnz     .errread2
        add     ebx, 0x200
        mov     [ebp+NTFS.ntfs_cur_buf], ebx
        lea     eax, [edx+1]
        add     [ebp+NTFS.ntfs_cur_read], 0x200
        dec     [ebp+NTFS.ntfs_cur_size]
        inc     [ebp+NTFS.ntfs_cur_offs]
        loop    @b
        pop     ecx
        xor     eax, eax
        xor     edx, edx
        cmp     [ebp+NTFS.ntfs_cur_size], 0
        jnz     .readloop
        add     esp, 10h
        mov     eax, [ebp+NTFS.ntfs_cur_tail]
        test    eax, eax
        jz      @f
        sub     eax, 0x200
        add     [ebp+NTFS.ntfs_cur_read], eax
@@:
        clc
        ret
.errread2:
        pop     ecx
        add     esp, 10h
        stc
        ret
.break:
        add     esp, 10h        ; CF=0
        mov     [ebp+NTFS.ntfs_bCanContinue], 1
        ret
 
ntfs_read_file_record:
; in: eax=iRecord
; out: [ebp+NTFS.frs_buffer] contains information
;      CF=1 - failed, in this case eax=0 => something with FS, eax nonzero => disk error
; Read attr $DATA of $Mft, starting from eax*[ebp+NTFS.frs_size]
        push    ecx edx
        mov     ecx, [ebp+NTFS.frs_size]
        mul     ecx
        shrd    eax, edx, 9
        shr     edx, 9
        jnz     .errret
        push    [ebp+NTFS.ntfs_attr_iRecord]
        push    [ebp+NTFS.ntfs_attr_iBaseRecord]
        push    [ebp+NTFS.ntfs_attr_offs]
        push    [ebp+NTFS.ntfs_attr_list]
        push    dword [ebp+NTFS.ntfs_attr_size+4]
        push    dword [ebp+NTFS.ntfs_attr_size]
        push    [ebp+NTFS.ntfs_cur_iRecord]
        push    [ebp+NTFS.ntfs_cur_attr]
        push    [ebp+NTFS.ntfs_cur_offs]
        push    [ebp+NTFS.ntfs_cur_size]
        push    [ebp+NTFS.ntfs_cur_buf]
        push    [ebp+NTFS.ntfs_cur_read]
        mov     [ebp+NTFS.ntfs_cur_attr], 0x80   ; $DATA
        and     [ebp+NTFS.ntfs_cur_iRecord], 0   ; $Mft
        mov     [ebp+NTFS.ntfs_cur_offs], eax
        shr     ecx, 9
        mov     [ebp+NTFS.ntfs_cur_size], ecx
        mov     eax, [ebp+NTFS.frs_buffer]
        mov     [ebp+NTFS.ntfs_cur_buf], eax
        call    ntfs_read_attr
        mov     edx, [ebp+NTFS.ntfs_cur_read]
        pop     [ebp+NTFS.ntfs_cur_read]
        pop     [ebp+NTFS.ntfs_cur_buf]
        pop     [ebp+NTFS.ntfs_cur_size]
        pop     [ebp+NTFS.ntfs_cur_offs]
        pop     [ebp+NTFS.ntfs_cur_attr]
        pop     [ebp+NTFS.ntfs_cur_iRecord]
        pop     dword [ebp+NTFS.ntfs_attr_size]
        pop     dword [ebp+NTFS.ntfs_attr_size+4]
        pop     [ebp+NTFS.ntfs_attr_list]
        pop     [ebp+NTFS.ntfs_attr_offs]
        pop     [ebp+NTFS.ntfs_attr_iBaseRecord]
        pop     [ebp+NTFS.ntfs_attr_iRecord]
        jc      .ret
        cmp     edx, [ebp+NTFS.frs_size]
        jnz     .errret
        mov     eax, [ebp+NTFS.frs_buffer]
        cmp     dword [eax], 'FILE'
        jnz     .errret
        push    ebx
        mov     ebx, eax
        call    ntfs_restore_usa_frs
        pop     ebx
        jc      .errret
.ret:
        pop     edx ecx
        ret
.errret:
        pop     edx ecx
        xor     eax, eax
        stc
        ret
 
ntfs_restore_usa_frs:
        mov     eax, [ebp+NTFS.frs_size]
ntfs_restore_usa:
        pushad
        shr     eax, 9
        mov     ecx, eax
        inc     eax
        cmp     [ebx+6], ax
        jnz     .err
        movzx   eax, word [ebx+4]
        lea     esi, [eax+ebx]
        lodsw
        mov     edx, eax
        lea     edi, [ebx+0x1FE]
@@:
        cmp     [edi], dx
        jnz     .err
        lodsw
        stosw
        add     edi, 0x1FE
        loop    @b
        popad
        clc
        ret
.err:
        popad
        stc
        ret
 
ntfs_decode_mcb_entry:
        push    eax ecx edi
        lea     edi, [esp+16]
        xor     eax, eax
        lodsb
        test    al, al
        jz      .end
        mov     ecx, eax
        and     ecx, 0xF
        cmp     ecx, 8
        ja      .end
        push    ecx
        rep movsb
        pop     ecx
        sub     ecx, 8
        neg     ecx
        cmp     byte [esi-1], 80h
        jae     .end
        push    eax
        xor     eax, eax
        rep stosb
        pop     ecx
        shr     ecx, 4
        cmp     ecx, 8
        ja      .end
        push    ecx
        rep movsb
        pop     ecx
        sub     ecx, 8
        neg     ecx
        cmp     byte [esi-1], 80h
        cmc
        sbb     eax, eax
        rep stosb
        stc
.end:
        pop     edi ecx eax
        ret
 
unichar_toupper:
        push    eax
        call    uni2ansi_char
        cmp     al, '_'
        jz      .unk
        add     esp, 4
        call    char_toupper
        jmp     ansi2uni_char
.unk:
        pop     eax
        ret
 
ntfs_find_lfn:
; in: esi+[esp+4] -> name
; out: CF=1 - file not found
;      else CF=0, [ebp+NTFS.ntfs_cur_iRecord] valid, eax->record in parent directory
        mov     [ebp+NTFS.ntfs_cur_iRecord], 5   ; start parse from root cluster
.doit2:
        mov     [ebp+NTFS.ntfs_cur_attr], 0x90   ; $INDEX_ROOT
        and     [ebp+NTFS.ntfs_cur_offs], 0
        mov     eax, [ebp+NTFS.cur_index_size]
        mov     [ebp+NTFS.ntfs_cur_size], eax
        mov     eax, [ebp+NTFS.cur_index_buf]
        mov     [ebp+NTFS.ntfs_cur_buf], eax
        call    ntfs_read_attr
        jnc     @f
.ret:
        ret     4
@@:
        xor     eax, eax
        cmp     [ebp+NTFS.ntfs_cur_read], 0x20
        jc      .ret
        pushad
        mov     esi, [ebp+NTFS.cur_index_buf]
        mov     eax, [esi+14h]
        add     eax, 10h
        cmp     [ebp+NTFS.ntfs_cur_read], eax
        jae     .readok1
        add     eax, 1FFh
        shr     eax, 9
        cmp     eax, [ebp+NTFS.cur_index_size]
        ja      @f
.stc_ret:
        popad
        stc
        ret     4
@@:
; reallocate
        push    eax
        push    [ebp+NTFS.cur_index_buf]
        call    kernel_free
        pop     eax
        mov     [ebp+NTFS.cur_index_size], eax
        push    eax
        call    kernel_alloc
        test    eax, eax
        jnz     @f
        and     [ebp+NTFS.cur_index_size], 0
        and     [ebp+NTFS.cur_index_buf], 0
        jmp     .stc_ret
@@:
        mov     [ebp+NTFS.cur_index_buf], eax
        popad
        jmp     .doit2
.readok1:
        mov     edx, [esi+8]    ; subnode_size
        shr     edx, 9
        cmp     edx, [ebp+NTFS.cur_index_size]
        jbe     .ok2
        push    esi edx
        push    edx
        call    kernel_alloc
        pop     edx esi
        test    eax, eax
        jz      .stc_ret
        mov     edi, eax
        mov     ecx, [ebp+NTFS.cur_index_size]
        shl     ecx, 9-2
        rep movsd
        mov     esi, eax
        mov     [ebp+NTFS.cur_index_size], edx
        push    esi edx
        push    [ebp+NTFS.cur_index_buf]
        call    kernel_free
        pop     edx esi
        mov     [ebp+NTFS.cur_index_buf], esi
.ok2:
        add     esi, 10h
        mov     edi, [esp+4]
; edi -> name, esi -> current index data, edx = subnode size
.scanloop:
        add     esi, [esi]
.scanloopint:
        test    byte [esi+0Ch], 2
        jnz     .subnode
        push    esi
        add     esi, 0x52
        movzx   ecx, byte [esi-2]
        push    edi
@@:
        lodsw
        call    unichar_toupper
        push    eax
        mov     al, [edi]
        inc     edi
        cmp     al, '/'
        jz      .slash
        call    char_toupper
        call    ansi2uni_char
        cmp     ax, [esp]
        pop     eax
        loopz   @b
        jz      .found
        pop     edi
        pop     esi
        jb      .subnode
.scanloopcont:
        movzx   eax, word [esi+8]
        add     esi, eax
        jmp     .scanloopint
.slash:
        pop     eax
        pop     edi
        pop     esi
.subnode:
        test    byte [esi+0Ch], 1
        jz      .notfound
        movzx   eax, word [esi+8]
        mov     eax, [esi+eax-8]
        imul    eax, [ebp+NTFS.sectors_per_cluster]
        mov     [ebp+NTFS.ntfs_cur_offs], eax
        mov     [ebp+NTFS.ntfs_cur_attr], 0xA0   ; $INDEX_ALLOCATION
        mov     [ebp+NTFS.ntfs_cur_size], edx
        mov     eax, [ebp+NTFS.cur_index_buf]
        mov     esi, eax
        mov     [ebp+NTFS.ntfs_cur_buf], eax
        push    edx
        call    ntfs_read_attr
        pop     edx
        mov     eax, edx
        shl     eax, 9
        cmp     [ebp+NTFS.ntfs_cur_read], eax
        jnz     .notfound
        cmp     dword [esi], 'INDX'
        jnz     .notfound
        mov     ebx, esi
        call    ntfs_restore_usa
        jc      .notfound
        add     esi, 0x18
        jmp     .scanloop
.notfound:
        popad
        stc
        ret     4
.found:
        cmp     byte [edi], 0
        jz      .done
        cmp     byte [edi], '/'
        jz      .next
        pop     edi
        pop     esi
        jmp     .scanloopcont
.done:
.next:
        pop     esi
        pop     esi
        mov     eax, [esi]
        mov     [ebp+NTFS.ntfs_cur_iRecord], eax
        mov     [esp+1Ch], esi
        mov     [esp+4], edi
        popad
        inc     esi
        cmp     byte [esi-1], 0
        jnz     .doit2
        cmp     dword [esp+4], 0
        jz      @f
        mov     esi, [esp+4]
        mov     dword [esp+4], 0
        jmp     .doit2
@@:
        ret     4
 
;----------------------------------------------------------------
; ntfs_Read - NTFS implementation of reading a file
; in:  ebp = pointer to NTFS structure
; in:  esi+[esp+4] = name
; in:  ebx = pointer to parameters from sysfunc 70
; out: eax, ebx = return values for sysfunc 70
;----------------------------------------------------------------
ntfs_Read:
        cmp     byte [esi], 0
        jnz     @f
        or      ebx, -1
        movi    eax, ERROR_ACCESS_DENIED
        ret
@@:
        call    ntfs_lock
        stdcall ntfs_find_lfn, [esp+4]
        jnc     .found
        call    ntfs_unlock
        or      ebx, -1
        movi    eax, ERROR_FILE_NOT_FOUND
        ret
.found:
        mov     [ebp+NTFS.ntfs_cur_attr], 0x80   ; $DATA
        and     [ebp+NTFS.ntfs_cur_offs], 0
        and     [ebp+NTFS.ntfs_cur_size], 0
        call    ntfs_read_attr
        jnc     @f
        call    ntfs_unlock
        or      ebx, -1
        movi    eax, ERROR_ACCESS_DENIED
        ret
@@:
        pushad
        and     dword [esp+10h], 0
        xor     eax, eax
        cmp     dword [ebx+8], 0x200
        jb      @f
.eof0:
        popad
        xor     ebx, ebx
.eof:
        movi    eax, ERROR_END_OF_FILE
        push    eax
        call    ntfs_unlock
        pop     eax
        ret
@@:
        mov     ecx, [ebx+12]
        mov     edx, [ebx+16]
        mov     eax, [ebx+4]
        test    eax, 0x1FF
        jz      .alignedstart
        push    edx
        mov     edx, [ebx+8]
        shrd    eax, edx, 9
        pop     edx
        mov     [ebp+NTFS.ntfs_cur_offs], eax
        mov     [ebp+NTFS.ntfs_cur_size], 1
        lea     eax, [ebp+NTFS.ntfs_bitmap_buf]
        mov     [ebp+NTFS.ntfs_cur_buf], eax
        call    ntfs_read_attr.continue
        mov     eax, [ebx+4]
        and     eax, 0x1FF
        lea     esi, [ebp+NTFS.ntfs_bitmap_buf+eax]
        sub     eax, [ebp+NTFS.ntfs_cur_read]
        jae     .eof0
        neg     eax
        push    ecx
        cmp     ecx, eax
        jb      @f
        mov     ecx, eax
@@:
        mov     [esp+10h+4], ecx
        mov     edi, edx
        rep movsb
        mov     edx, edi
        pop     ecx
        sub     ecx, [esp+10h]
        jnz     @f
.retok:
        popad
        call    ntfs_unlock
        xor     eax, eax
        ret
@@:
        cmp     [ebp+NTFS.ntfs_cur_read], 0x200
        jz      .alignedstart
.eof_ebx:
        popad
        jmp     .eof
.alignedstart:
        mov     eax, [ebx+4]
        push    edx
        mov     edx, [ebx+8]
        add     eax, 511
        adc     edx, 0
        shrd    eax, edx, 9
        pop     edx
.zero1:
        mov     [ebp+NTFS.ntfs_cur_offs], eax
        mov     [ebp+NTFS.ntfs_cur_buf], edx
        mov     eax, ecx
        shr     eax, 9
        mov     [ebp+NTFS.ntfs_cur_size], eax
        add     eax, [ebp+NTFS.ntfs_cur_offs]
        push    eax
        call    ntfs_read_attr.continue
        pop     [ebp+NTFS.ntfs_cur_offs]
        mov     eax, [ebp+NTFS.ntfs_cur_read]
        add     [esp+10h], eax
        mov     eax, ecx
        and     eax, not 0x1FF
        cmp     [ebp+NTFS.ntfs_cur_read], eax
        jnz     .eof_ebx
        and     ecx, 0x1FF
        jz      .retok
        add     edx, [ebp+NTFS.ntfs_cur_read]
        mov     [ebp+NTFS.ntfs_cur_size], 1
        lea     eax, [ebp+NTFS.ntfs_bitmap_buf]
        mov     [ebp+NTFS.ntfs_cur_buf], eax
        call    ntfs_read_attr.continue
        cmp     [ebp+NTFS.ntfs_cur_read], ecx
        jb      @f
        mov     [ebp+NTFS.ntfs_cur_read], ecx
@@:
        xchg    ecx, [ebp+NTFS.ntfs_cur_read]
        push    ecx
        mov     edi, edx
        lea     esi, [ebp+NTFS.ntfs_bitmap_buf]
        add     [esp+10h+4], ecx
        rep movsb
        pop     ecx
        xor     eax, eax
        cmp     ecx, [ebp+NTFS.ntfs_cur_read]
        jz      @f
        mov     al, ERROR_END_OF_FILE
@@:
        mov     [esp+1Ch], eax
        call    ntfs_unlock
        popad
        ret
 
;----------------------------------------------------------------
; ntfs_ReadFolder - NTFS implementation of reading a folder
; in:  ebp = pointer to NTFS structure
; in:  esi+[esp+4] = name
; in:  ebx = pointer to parameters from sysfunc 70
; out: eax, ebx = return values for sysfunc 70
;----------------------------------------------------------------
ntfs_ReadFolder:
        call    ntfs_lock
        mov     eax, 5          ; root cluster
        cmp     byte [esi], 0
        jz      .doit
        stdcall ntfs_find_lfn, [esp+4]
        jnc     .doit2
.notfound:
        or      ebx, -1
        push    ERROR_FILE_NOT_FOUND
.pop_ret:
        call    ntfs_unlock
        pop     eax
        ret
.doit:
        mov     [ebp+NTFS.ntfs_cur_iRecord], eax
.doit2:
        mov     [ebp+NTFS.ntfs_cur_attr], 0x10   ; $STANDARD_INFORMATION
        and     [ebp+NTFS.ntfs_cur_offs], 0
        mov     [ebp+NTFS.ntfs_cur_size], 1
        lea     eax, [ebp+NTFS.ntfs_bitmap_buf]
        mov     [ebp+NTFS.ntfs_cur_buf], eax
        call    ntfs_read_attr
        jc      .notfound
        mov     [ebp+NTFS.ntfs_cur_attr], 0x90   ; $INDEX_ROOT
        and     [ebp+NTFS.ntfs_cur_offs], 0
        mov     eax, [ebp+NTFS.cur_index_size]
        mov     [ebp+NTFS.ntfs_cur_size], eax
        mov     eax, [ebp+NTFS.cur_index_buf]
        mov     [ebp+NTFS.ntfs_cur_buf], eax
        call    ntfs_read_attr
        jnc     .ok
        test    eax, eax
        jz      .notfound
        or      ebx, -1
        push    11
        jmp     .pop_ret
.ok:
        cmp     [ebp+NTFS.ntfs_cur_read], 0x20
        jae     @f
        or      ebx, -1
.fserr:
        push    ERROR_FAT_TABLE
        jmp     .pop_ret
@@:
        pushad
        mov     esi, [ebp+NTFS.cur_index_buf]
        mov     eax, [esi+14h]
        add     eax, 10h
        cmp     [ebp+NTFS.ntfs_cur_read], eax
        jae     .readok1
        add     eax, 1FFh
        shr     eax, 9
        cmp     eax, [ebp+NTFS.cur_index_size]
        ja      @f
        popad
        jmp     .fserr
@@:
; reallocate
        push    eax
        push    [ebp+NTFS.cur_index_buf]
        call    kernel_free
        pop     eax
        mov     [ebp+NTFS.cur_index_size], eax
        push    eax
        call    kernel_alloc
        test    eax, eax
        jnz     @f
        and     [ebp+NTFS.cur_index_size], 0
        and     [ebp+NTFS.cur_index_buf], 0
.nomem:
        call    ntfs_unlock
        popad
        or      ebx, -1
        movi    eax, 12
        ret
@@:
        mov     [ebp+NTFS.cur_index_buf], eax
        popad
        jmp     .doit2
.readok1:
        mov     edx, [esi+8]    ; subnode_size
        shr     edx, 9
        mov     [ebp+NTFS.cur_subnode_size], edx
        cmp     edx, [ebp+NTFS.cur_index_size]
        jbe     .ok2
        push    esi edx
        push    edx
        call    kernel_alloc
        pop     edx esi
        test    eax, eax
        jz      .nomem
        mov     edi, eax
        mov     ecx, [ebp+NTFS.cur_index_size]
        shl     ecx, 9-2
        rep movsd
        mov     esi, eax
        mov     [ebp+NTFS.cur_index_size], edx
        push    [ebp+NTFS.cur_index_buf]
        call    kernel_free
        mov     [ebp+NTFS.cur_index_buf], esi
.ok2:
        add     esi, 10h
        mov     edx, [ebx+16]
        push    dword [ebx+8]   ; read ANSI/UNICODE name
; init header
        mov     edi, edx
        mov     ecx, 32/4
        xor     eax, eax
        rep stosd
        mov     byte [edx], 1   ; version
        mov     ecx, [ebx+12]
        mov     ebx, [ebx+4]
        push    edx
        mov     edx, esp
; edi -> BDFE, esi -> current index data, ebx = first wanted block,
; ecx = number of blocks to read
; edx -> parameters block: dd , dd 
        cmp     [ebp+NTFS.ntfs_cur_iRecord], 5
        jz      .skip_specials
; dot and dotdot entries
        push    esi
        xor     esi, esi
        call    .add_special_entry
        inc     esi
        call    .add_special_entry
        pop     esi
.skip_specials:
; at first, dump index root
        add     esi, [esi]
.dump_root:
        test    byte [esi+0Ch], 2
        jnz     .dump_root_done
        call    .add_entry
        movzx   eax, word [esi+8]
        add     esi, eax
        jmp     .dump_root
.dump_root_done:
; now dump all subnodes
        push    ecx edi
        lea     edi, [ebp+NTFS.ntfs_bitmap_buf]
        mov     [ebp+NTFS.ntfs_cur_buf], edi
        mov     ecx, 0x400/4
        xor     eax, eax
        rep stosd
        mov     [ebp+NTFS.ntfs_cur_attr], 0xB0   ; $BITMAP
        and     [ebp+NTFS.ntfs_cur_offs], 0
        mov     [ebp+NTFS.ntfs_cur_size], 2
        call    ntfs_read_attr
        pop     edi ecx
        push    0       ; save offset in $BITMAP attribute
        and     [ebp+NTFS.ntfs_cur_offs], 0
.dumploop:
        mov     [ebp+NTFS.ntfs_cur_attr], 0xA0
        mov     eax, [ebp+NTFS.cur_subnode_size]
        mov     [ebp+NTFS.ntfs_cur_size], eax
        mov     eax, [ebp+NTFS.cur_index_buf]
        mov     esi, eax
        mov     [ebp+NTFS.ntfs_cur_buf], eax
        push    [ebp+NTFS.ntfs_cur_offs]
        mov     eax, [ebp+NTFS.ntfs_cur_offs]
        imul    eax, [ebp+NTFS.cur_subnode_size]
        mov     [ebp+NTFS.ntfs_cur_offs], eax
        call    ntfs_read_attr
        pop     [ebp+NTFS.ntfs_cur_offs]
        mov     eax, [ebp+NTFS.cur_subnode_size]
        shl     eax, 9
        cmp     [ebp+NTFS.ntfs_cur_read], eax
        jnz     .done
        push    eax
        mov     eax, [ebp+NTFS.ntfs_cur_offs]
        and     eax, 0x400*8-1
        bt      dword [ebp+NTFS.ntfs_bitmap_buf], eax
        pop     eax
        jnc     .dump_subnode_done
        cmp     dword [esi], 'INDX'
        jnz     .dump_subnode_done
        push    ebx
        mov     ebx, esi
        call    ntfs_restore_usa
        pop     ebx
        jc      .dump_subnode_done
        add     esi, 0x18
        add     esi, [esi]
.dump_subnode:
        test    byte [esi+0Ch], 2
        jnz     .dump_subnode_done
        call    .add_entry
        movzx   eax, word [esi+8]
        add     esi, eax
        jmp     .dump_subnode
.dump_subnode_done:
        inc     [ebp+NTFS.ntfs_cur_offs]
        test    [ebp+NTFS.ntfs_cur_offs], 0x400*8-1
        jnz     .dumploop
        mov     [ebp+NTFS.ntfs_cur_attr], 0xB0
        push    ecx edi
        lea     edi, [ebp+NTFS.ntfs_bitmap_buf]
        mov     [ebp+NTFS.ntfs_cur_buf], edi
        mov     ecx, 0x400/4
        xor     eax, eax
        rep stosd
        pop     edi ecx
        pop     eax
        push    [ebp+NTFS.ntfs_cur_offs]
        inc     eax
        mov     [ebp+NTFS.ntfs_cur_offs], eax
        mov     [ebp+NTFS.ntfs_cur_size], 2
        push    eax
        call    ntfs_read_attr
        pop     eax
        pop     [ebp+NTFS.ntfs_cur_offs]
        push    eax
        jmp     .dumploop
.done:
        pop     eax
        pop     edx
        mov     ebx, [edx+4]
        pop     edx
        xor     eax, eax
        dec     ecx
        js      @f
        mov     al, ERROR_END_OF_FILE
@@:
        mov     [esp+1Ch], eax
        mov     [esp+10h], ebx
        call    ntfs_unlock
        popad
        ret
 
.add_special_entry:
        mov     eax, [edx]
        inc     dword [eax+8]   ; new file found
        dec     ebx
        jns     .ret
        dec     ecx
        js      .ret
        inc     dword [eax+4]   ; new file block copied
        mov     eax, [edx+4]
        mov     [edi+4], eax
;        mov     eax, dword [ntfs_bitmap_buf+0x20]
;        or      al, 0x10
        mov     eax, 0x10
        stosd
        scasd
        push    edx
        mov     eax, dword [ebp+NTFS.ntfs_bitmap_buf]
        mov     edx, dword [ebp+NTFS.ntfs_bitmap_buf+4]
        call    ntfs_datetime_to_bdfe
        mov     eax, dword [ebp+NTFS.ntfs_bitmap_buf+0x18]
        mov     edx, dword [ebp+NTFS.ntfs_bitmap_buf+0x1C]
        call    ntfs_datetime_to_bdfe
        mov     eax, dword [ebp+NTFS.ntfs_bitmap_buf+8]
        mov     edx, dword [ebp+NTFS.ntfs_bitmap_buf+0xC]
        call    ntfs_datetime_to_bdfe
        pop     edx
        xor     eax, eax
        stosd
        stosd
        mov     al, '.'
        push    edi ecx
        lea     ecx, [esi+1]
        test    byte [edi-0x24], 1
        jz      @f
        rep stosw
        pop     ecx
        xor     eax, eax
        stosw
        pop     edi
        add     edi, 520
        ret
@@:
        rep stosb
        pop     ecx
        xor     eax, eax
        stosb
        pop     edi
        add     edi, 264
.ret:
        ret
 
.add_entry:
; do not return DOS 8.3 names
        cmp     byte [esi+0x51], 2
        jz      .ret
; do not return system files
; ... note that there will be no bad effects if system files also were reported ...
        cmp     dword [esi], 0x10
        jb      .ret
        mov     eax, [edx]
        inc     dword [eax+8]   ; new file found
        dec     ebx
        jns     .ret
        dec     ecx
        js      .ret
        inc     dword [eax+4]   ; new file block copied
        mov     eax, [edx+4]    ; flags
        call    ntfs_direntry_to_bdfe
        push    ecx esi edi
        movzx   ecx, byte [esi+0x50]
        add     esi, 0x52
        test    byte [edi-0x24], 1
        jz      .ansi
        shr     ecx, 1
        rep movsd
        adc     ecx, ecx
        rep movsw
        and     word [edi], 0
        pop     edi
        add     edi, 520
        pop     esi ecx
        ret
.ansi:
        jecxz   .skip
@@:
        lodsw
        call    uni2ansi_char
        stosb
        loop    @b
.skip:
        xor     al, al
        stosb
        pop     edi
        add     edi, 264
        pop     esi ecx
        ret
 
ntfs_direntry_to_bdfe:
        mov     [edi+4], eax    ; ANSI/UNICODE name
        mov     eax, [esi+48h]
        test    eax, 0x10000000
        jz      @f
        and     eax, not 0x10000000
        or      al, 0x10
@@:
        stosd
        scasd
        push    edx
        mov     eax, [esi+0x18]
        mov     edx, [esi+0x1C]
        call    ntfs_datetime_to_bdfe
        mov     eax, [esi+0x30]
        mov     edx, [esi+0x34]
        call    ntfs_datetime_to_bdfe
        mov     eax, [esi+0x20]
        mov     edx, [esi+0x24]
        call    ntfs_datetime_to_bdfe
        pop     edx
        mov     eax, [esi+0x40]
        stosd
        mov     eax, [esi+0x44]
        stosd
        ret
 
iglobal
_24             dd      24
_60             dd      60
_10000000       dd      10000000
days400year     dd      365*400+100-4+1
days100year     dd      365*100+25-1
days4year       dd      365*4+1
days1year       dd      365
months  dd      31, 28, 31, 30, 31, 30, 31, 31, 30, 31, 30, 31
months2 dd      31, 29, 31, 30, 31, 30, 31, 31, 30, 31, 30, 31
_400            dd      400
_100            dd      100
endg
 
ntfs_datetime_to_bdfe:
; edx:eax = number of 100-nanosecond intervals since January 1, 1601, in UTC
        push    eax
        mov     eax, edx
        xor     edx, edx
        div     [_10000000]
        xchg    eax, [esp]
        div     [_10000000]
        pop     edx
    .sec:
; edx:eax = number of seconds since January 1, 1601
        push    eax
        mov     eax, edx
        xor     edx, edx
        div     [_60]
        xchg    eax, [esp]
        div     [_60]
        mov     [edi], dl
        pop     edx
; edx:eax = number of minutes
        div     [_60]
        mov     [edi+1], dl
; eax = number of hours (note that 2^64/(10^7*60*60) < 2^32)
        xor     edx, edx
        div     [_24]
        mov     [edi+2], dl
        mov     [edi+3], byte 0
; eax = number of days since January 1, 1601
        xor     edx, edx
        div     [days400year]
        imul    eax, 400
        add     eax, 1601
        mov     [edi+6], ax
        mov     eax, edx
        xor     edx, edx
        div     [days100year]
        cmp     al, 4
        jnz     @f
        dec     eax
        add     edx, [days100year]
@@:
        imul    eax, 100
        add     [edi+6], ax
        mov     eax, edx
        xor     edx, edx
        div     [days4year]
        shl     eax, 2
        add     [edi+6], ax
        mov     eax, edx
        xor     edx, edx
        div     [days1year]
        cmp     al, 4
        jnz     @f
        dec     eax
        add     edx, [days1year]
@@:
        add     [edi+6], ax
        push    esi edx
        mov     esi, months
        movzx   eax, word [edi+6]
        test    al, 3
        jnz     .noleap
        xor     edx, edx
        push    eax
        div     [_400]
        pop     eax
        test    edx, edx
        jz      .leap
        xor     edx, edx
        div     [_100]
        test    edx, edx
        jz      .noleap
.leap:
        mov     esi, months2
.noleap:
        pop     edx
        xor     eax, eax
        inc     eax
@@:
        sub     edx, [esi]
        jb      @f
        add     esi, 4
        inc     eax
        jmp     @b
@@:
        add     edx, [esi]
        pop     esi
        inc     edx
        mov     [edi+4], dl
        mov     [edi+5], al
        add     edi, 8
        ret
 
;----------------------------------------------------------------
; ntfs_Rewrite - NTFS implementation of creating a new file
; in:  ebp = pointer to NTFS structure
; in:  esi+[esp+4] = name
; in:  ebx = pointer to parameters from sysfunc 70
; out: eax, ebx = return values for sysfunc 70
;----------------------------------------------------------------
ntfs_Rewrite:
ntfs_CreateFolder:
        xor     ebx, ebx
        mov     eax, ERROR_UNSUPPORTED_FS
        ret
 
;----------------------------------------------------------------
; ntfs_Write - NTFS implementation of writing to file
; in:  ebp = pointer to NTFS structure
; in:  esi+[esp+4] = name
; in:  ebx = pointer to parameters from sysfunc 70
; out: eax, ebx = return values for sysfunc 70
;----------------------------------------------------------------
ntfs_Write:
        xor     ebx, ebx
        mov     eax, ERROR_UNSUPPORTED_FS
        ret
 
ntfs_SetFileEnd:
ntfs_SetFileInfo:
ntfs_Delete:
        mov     eax, ERROR_UNSUPPORTED_FS
        ret
 
;----------------------------------------------------------------
; ntfs_GetFileInfo - NTFS implementation of getting file info
; in:  ebp = pointer to NTFS structure
; in:  esi+[esp+4] = name
; in:  ebx = pointer to parameters from sysfunc 70
; out: eax, ebx = return values for sysfunc 70
;----------------------------------------------------------------
ntfs_GetFileInfo:
        cmp     byte [esi], 0
        jnz     @f
        movi    eax, 2
        ret
@@:
        call    ntfs_lock
        stdcall ntfs_find_lfn, [esp+4]
        jnc     .doit
        test    eax, eax
        movi    eax, ERROR_FILE_NOT_FOUND
        jz      @f
        mov     al, 11
@@:
        push    eax
        call    ntfs_unlock
        pop     eax
        ret
.doit:
        push    esi edi
        mov     esi, eax
        mov     edi, [ebx+16]
        xor     eax, eax
        call    ntfs_direntry_to_bdfe
        pop     edi esi
        call    ntfs_unlock
        xor     eax, eax
        ret

Rev 4429	Rev 5116
1	;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;	1	;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
2	;; ;;	2	;; ;;
3	;; Copyright (C) KolibriOS team 2004-2013. All rights reserved. ;;	3	;; Copyright (C) KolibriOS team 2004-2013. All rights reserved. ;;
4	;; Distributed under terms of the GNU General Public License ;;	4	;; Distributed under terms of the GNU General Public License ;;
5	;; ;;	5	;; ;;
6	;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;	6	;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
7		7
8	$Revision: 3742 $	8	$Revision: 5089 $
9		9
10	struct NTFS PARTITION	10	struct NTFS PARTITION
11	Lock MUTEX ? ; currently operations with one partition	11	Lock MUTEX ? ; currently operations with one partition
12	; can not be executed in parallel since the	12	; can not be executed in parallel since the
13	; legacy code is not ready; this mutex guards	13	; legacy code is not ready; this mutex guards
14	; all operations	14	; all operations
15	sectors_per_cluster dd ?	15	sectors_per_cluster dd ?
16	mft_cluster dd ?	16	mft_cluster dd ?
17	mftmirr_cluster dd ?	17	mftmirr_cluster dd ?
18	frs_size dd ? ; FRS size in bytes	18	frs_size dd ? ; FRS size in bytes
19	iab_size dd ? ; IndexAllocationBuffer size in bytes	19	iab_size dd ? ; IndexAllocationBuffer size in bytes
20	frs_buffer dd ?	20	frs_buffer dd ?
21	iab_buffer dd ?	21	iab_buffer dd ?
22	mft_retrieval dd ?	22	mft_retrieval dd ?
23	mft_retrieval_size dd ?	23	mft_retrieval_size dd ?
24	mft_retrieval_alloc dd ?	24	mft_retrieval_alloc dd ?
25	mft_retrieval_end dd ?	25	mft_retrieval_end dd ?
26	cur_index_size dd ?	26	cur_index_size dd ?
27	cur_index_buf dd ?	27	cur_index_buf dd ?
28		28
29	ntfs_cur_attr dd ?	29	ntfs_cur_attr dd ?
30	ntfs_cur_iRecord dd ?	30	ntfs_cur_iRecord dd ?
31	ntfs_cur_offs dd ? ; in sectors	31	ntfs_cur_offs dd ? ; in sectors
32	ntfs_cur_size dd ? ; in sectors	32	ntfs_cur_size dd ? ; in sectors
33	ntfs_cur_buf dd ?	33	ntfs_cur_buf dd ?
34	ntfs_cur_read dd ? ; [output]	34	ntfs_cur_read dd ? ; [output]
35	ntfs_bCanContinue db ?	35	ntfs_bCanContinue db ?
36	rb 3	36	rb 3
37		37
38	cur_subnode_size dd ?	38	cur_subnode_size dd ?
39	ntfs_attr_iRecord dd ?	39	ntfs_attr_iRecord dd ?
40	ntfs_attr_iBaseRecord dd ?	40	ntfs_attr_iBaseRecord dd ?
41	ntfs_attr_offs dd ?	41	ntfs_attr_offs dd ?
42	ntfs_attr_list dd ?	42	ntfs_attr_list dd ?
43	ntfs_attr_size dq ?	43	ntfs_attr_size dq ?
44	ntfs_cur_tail dd ?	44	ntfs_cur_tail dd ?
45		45
46	ntfs_attrlist_buf rb 0x400	46	ntfs_attrlist_buf rb 0x400
47	ntfs_attrlist_mft_buf rb 0x400	47	ntfs_attrlist_mft_buf rb 0x400
48	ntfs_bitmap_buf rb 0x400	48	ntfs_bitmap_buf rb 0x400
49	ends	49	ends
50		50
51	iglobal	51	iglobal
52	align 4	52	align 4
53	ntfs_user_functions:	53	ntfs_user_functions:
54	dd ntfs_free	54	dd ntfs_free
55	dd (ntfs_user_functions_end - ntfs_user_functions - 4) / 4	55	dd (ntfs_user_functions_end - ntfs_user_functions - 4) / 4
56	dd ntfs_Read	56	dd ntfs_Read
57	dd ntfs_ReadFolder	57	dd ntfs_ReadFolder
58	dd ntfs_Rewrite	58	dd ntfs_Rewrite
59	dd ntfs_Write	59	dd ntfs_Write
60	dd ntfs_SetFileEnd	60	dd ntfs_SetFileEnd
61	dd ntfs_GetFileInfo	61	dd ntfs_GetFileInfo
62	dd ntfs_SetFileInfo	62	dd ntfs_SetFileInfo
63	dd 0	63	dd 0
64	dd ntfs_Delete	64	dd ntfs_Delete
65	dd ntfs_CreateFolder	65	dd ntfs_CreateFolder
66	ntfs_user_functions_end:	66	ntfs_user_functions_end:
67	endg	67	endg
68		68
69	ntfs_test_bootsec:	69	ntfs_test_bootsec:
70	; in: ebx->buffer, edx=size of partition	70	; in: ebx->buffer, edx=size of partition
71	; out: CF set <=> invalid	71	; out: CF set <=> invalid
72	; 1. Name=='NTFS '	72	; 1. Name=='NTFS '
73	cmp dword [ebx+3], 'NTFS'	73	cmp dword [ebx+3], 'NTFS'
74	jnz .no	74	jnz .no
75	cmp dword [ebx+7], ' '	75	cmp dword [ebx+7], ' '
76	jnz .no	76	jnz .no
77	; 2. Number of bytes per sector is the same as for physical device	77	; 2. Number of bytes per sector is the same as for physical device
78	; (that is, 0x200 for hard disk)	78	; (that is, 0x200 for hard disk)
79	cmp word [ebx+11], 0x200	79	cmp word [ebx+11], 0x200
80	jnz .no	80	jnz .no
81	; 3. Number of sectors per cluster must be power of 2	81	; 3. Number of sectors per cluster must be power of 2
82	movzx eax, byte [ebx+13]	82	movzx eax, byte [ebx+13]
83	dec eax	83	dec eax
84	js .no	84	js .no
85	test al, [ebx+13]	85	test al, [ebx+13]
86	jnz .no	86	jnz .no
87	; 4. FAT parameters must be zero	87	; 4. FAT parameters must be zero
88	cmp word [ebx+14], 0	88	cmp word [ebx+14], 0
89	jnz .no	89	jnz .no
90	cmp dword [ebx+16], 0	90	cmp dword [ebx+16], 0
91	jnz .no	91	jnz .no
92	cmp byte [ebx+20], 0	92	cmp byte [ebx+20], 0
93	jnz .no	93	jnz .no
94	cmp word [ebx+22], 0	94	cmp word [ebx+22], 0
95	jnz .no	95	jnz .no
96	cmp dword [ebx+32], 0	96	cmp dword [ebx+32], 0
97	jnz .no	97	jnz .no
98	; 5. Number of sectors <= partition size	98	; 5. Number of sectors <= partition size
99	cmp dword [ebx+0x2C], 0	99	cmp dword [ebx+0x2C], 0
100	ja .no	100	ja .no
101	cmp [ebx+0x28], edx	101	cmp [ebx+0x28], edx
102	ja .no	102	ja .no
103	; 6. $MFT and $MFTMirr clusters must be within partition	103	; 6. $MFT and $MFTMirr clusters must be within partition
104	cmp dword [ebx+0x34], 0	104	cmp dword [ebx+0x34], 0
105	ja .no	105	ja .no
106	push edx	106	push edx
107	movzx eax, byte [ebx+13]	107	movzx eax, byte [ebx+13]
108	mul dword [ebx+0x30]	108	mul dword [ebx+0x30]
109	test edx, edx	109	test edx, edx
110	pop edx	110	pop edx
111	jnz .no	111	jnz .no
112	cmp eax, edx	112	cmp eax, edx
113	ja .no	113	ja .no
114	cmp dword [ebx+0x3C], 0	114	cmp dword [ebx+0x3C], 0
115	ja .no	115	ja .no
116	push edx	116	push edx
117	movzx eax, byte [ebx+13]	117	movzx eax, byte [ebx+13]
118	mul dword [ebx+0x38]	118	mul dword [ebx+0x38]
119	test edx, edx	119	test edx, edx
120	pop edx	120	pop edx
121	jnz .no	121	jnz .no
122	cmp eax, edx	122	cmp eax, edx
123	ja .no	123	ja .no
124	; 7. Clusters per FRS must be either negative and in [-31,-9] or positive and power of 2	124	; 7. Clusters per FRS must be either negative and in [-31,-9] or positive and power of 2
125	movsx eax, byte [ebx+0x40]	125	movsx eax, byte [ebx+0x40]
126	cmp al, -31	126	cmp al, -31
127	jl .no	127	jl .no
128	cmp al, -9	128	cmp al, -9
129	jle @f	129	jle @f
130	dec eax	130	dec eax
131	js .no	131	js .no
132	test [ebx+0x40], al	132	test [ebx+0x40], al
133	jnz .no	133	jnz .no
134	@@:	134	@@:
135	; 8. Same for clusters per IndexAllocationBuffer	135	; 8. Same for clusters per IndexAllocationBuffer
136	movsx eax, byte [ebx+0x44]	136	movsx eax, byte [ebx+0x44]
137	cmp al, -31	137	cmp al, -31
138	jl .no	138	jl .no
139	cmp al, -9	139	cmp al, -9
140	jle @f	140	jle @f
141	dec eax	141	dec eax
142	js .no	142	js .no
143	test [ebx+0x44], al	143	test [ebx+0x44], al
144	jnz .no	144	jnz .no
145	@@:	145	@@:
146	; OK, this is correct NTFS bootsector	146	; OK, this is correct NTFS bootsector
147	clc	147	clc
148	ret	148	ret
149	.no:	149	.no:
150	; No, this bootsector isn't NTFS	150	; No, this bootsector isn't NTFS
151	stc	151	stc
152	ret	152	ret
153		153
154	proc ntfs_create_partition	154	proc ntfs_create_partition
-		155	cmp dword [esi+DISK.MediaInfo.SectorSize], 512
-		156	jnz .nope
155	mov edx, dword [ebp+PARTITION.Length]	157	mov edx, dword [ebp+PARTITION.Length]
156	cmp dword [esp+4], 0	158	cmp dword [esp+4], 0
157	jz .boot_read_ok	159	jz .boot_read_ok
158	add ebx, 512	160	add ebx, 512
159	lea eax, [edx-1]	161	lea eax, [edx-1]
160	call fs_read32_sys	162	call fs_read32_sys
161	test eax, eax	163	test eax, eax
162	jnz @f	164	jnz @f
163	call ntfs_test_bootsec	165	call ntfs_test_bootsec
164	jnc .ntfs_setup	166	jnc .ntfs_setup
165	@@:	167	@@:
166	mov eax, edx	168	mov eax, edx
167	shr eax, 1	169	shr eax, 1
168	call fs_read32_sys	170	call fs_read32_sys
169	test eax, eax	171	test eax, eax
170	jnz .nope ; no chance...	172	jnz .nope ; no chance...
171	.boot_read_ok:	173	.boot_read_ok:
172	call ntfs_test_bootsec	174	call ntfs_test_bootsec
173	jnc .ntfs_setup	175	jnc .ntfs_setup
174	.nope:	176	.nope:
175	xor eax, eax	177	xor eax, eax
176	jmp .exit	178	jmp .exit
177		179
178	.ntfs_setup:	180	.ntfs_setup:
179	; By given bootsector, initialize some NTFS variables	181	; By given bootsector, initialize some NTFS variables
180	movi eax, sizeof.NTFS	182	movi eax, sizeof.NTFS
181	call malloc	183	call malloc
182	test eax, eax	184	test eax, eax
183	jz .exit	185	jz .exit
184	mov ecx, dword [ebp+PARTITION.FirstSector]	186	mov ecx, dword [ebp+PARTITION.FirstSector]
185	mov dword [eax+NTFS.FirstSector], ecx	187	mov dword [eax+NTFS.FirstSector], ecx
186	mov ecx, dword [ebp+PARTITION.FirstSector+4]	188	mov ecx, dword [ebp+PARTITION.FirstSector+4]
187	mov dword [eax+NTFS.FirstSector+4], ecx	189	mov dword [eax+NTFS.FirstSector+4], ecx
188	mov ecx, dword [ebp+PARTITION.Length]	190	mov ecx, dword [ebp+PARTITION.Length]
189	mov dword [eax+NTFS.Length], ecx	191	mov dword [eax+NTFS.Length], ecx
190	mov ecx, dword [ebp+PARTITION.Length+4]	192	mov ecx, dword [ebp+PARTITION.Length+4]
191	mov dword [eax+NTFS.Length+4], ecx	193	mov dword [eax+NTFS.Length+4], ecx
192	mov ecx, [ebp+PARTITION.Disk]	194	mov ecx, [ebp+PARTITION.Disk]
193	mov [eax+NTFS.Disk], ecx	195	mov [eax+NTFS.Disk], ecx
194	mov [eax+NTFS.FSUserFunctions], ntfs_user_functions	196	mov [eax+NTFS.FSUserFunctions], ntfs_user_functions
195	push ebx ebp esi	197	push ebx ebp esi
196	mov ebp, eax	198	mov ebp, eax
197		199
198	lea ecx, [ebp+NTFS.Lock]	200	lea ecx, [ebp+NTFS.Lock]
199	call mutex_init	201	call mutex_init
200		202
201	movzx eax, byte [ebx+13]	203	movzx eax, byte [ebx+13]
202	mov [ebp+NTFS.sectors_per_cluster], eax	204	mov [ebp+NTFS.sectors_per_cluster], eax
203	mov eax, [ebx+0x28]	205	mov eax, [ebx+0x28]
204	mov dword [ebp+NTFS.Length], eax	206	mov dword [ebp+NTFS.Length], eax
205	and dword [ebp+NTFS.Length+4], 0	207	and dword [ebp+NTFS.Length+4], 0
206	mov eax, [ebx+0x30]	208	mov eax, [ebx+0x30]
207	mov [ebp+NTFS.mft_cluster], eax	209	mov [ebp+NTFS.mft_cluster], eax
208	mov eax, [ebx+0x38]	210	mov eax, [ebx+0x38]
209	mov [ebp+NTFS.mftmirr_cluster], eax	211	mov [ebp+NTFS.mftmirr_cluster], eax
210	movsx eax, byte [ebx+0x40]	212	movsx eax, byte [ebx+0x40]
211	test eax, eax	213	test eax, eax
212	js .1	214	js .1
213	mul [ebp+NTFS.sectors_per_cluster]	215	mul [ebp+NTFS.sectors_per_cluster]
214	shl eax, 9	216	shl eax, 9
215	jmp .2	217	jmp .2
216	.1:	218	.1:
217	neg eax	219	neg eax
218	mov ecx, eax	220	mov ecx, eax
219	mov eax, 1	221	mov eax, 1
220	shl eax, cl	222	shl eax, cl
221	.2:	223	.2:
222	mov [ebp+NTFS.frs_size], eax	224	mov [ebp+NTFS.frs_size], eax
223	movsx eax, byte [ebx+0x44]	225	movsx eax, byte [ebx+0x44]
224	test eax, eax	226	test eax, eax
225	js .3	227	js .3
226	mul [ebp+NTFS.sectors_per_cluster]	228	mul [ebp+NTFS.sectors_per_cluster]
227	shl eax, 9	229	shl eax, 9
228	jmp .4	230	jmp .4
229	.3:	231	.3:
230	neg eax	232	neg eax
231	mov ecx, eax	233	mov ecx, eax
232	mov eax, 1	234	mov eax, 1
233	shl eax, cl	235	shl eax, cl
234	.4:	236	.4:
235	mov [ebp+NTFS.iab_size], eax	237	mov [ebp+NTFS.iab_size], eax
236	; allocate space for buffers	238	; allocate space for buffers
237	add eax, [ebp+NTFS.frs_size]	239	add eax, [ebp+NTFS.frs_size]
238	push eax	240	push eax
239	call kernel_alloc	241	call kernel_alloc
240	test eax, eax	242	test eax, eax
241	jz .fail_free	243	jz .fail_free
242	mov [ebp+NTFS.frs_buffer], eax	244	mov [ebp+NTFS.frs_buffer], eax
243	add eax, [ebp+NTFS.frs_size]	245	add eax, [ebp+NTFS.frs_size]
244	mov [ebp+NTFS.iab_buffer], eax	246	mov [ebp+NTFS.iab_buffer], eax
245	; read $MFT disposition	247	; read $MFT disposition
246	mov eax, [ebp+NTFS.mft_cluster]	248	mov eax, [ebp+NTFS.mft_cluster]
247	mul [ebp+NTFS.sectors_per_cluster]	249	mul [ebp+NTFS.sectors_per_cluster]
248	call ntfs_read_frs_sector	250	call ntfs_read_frs_sector
249	test eax, eax	251	test eax, eax
250	jnz .usemirr	252	jnz .usemirr
251	cmp dword [ebx], 'FILE'	253	cmp dword [ebx], 'FILE'
252	jnz .usemirr	254	jnz .usemirr
253	call ntfs_restore_usa_frs	255	call ntfs_restore_usa_frs
254	jnc .mftok	256	jnc .mftok
255	.usemirr:	257	.usemirr:
256	mov eax, [ebp+NTFS.mftmirr_cluster]	258	mov eax, [ebp+NTFS.mftmirr_cluster]
257	mul [ebp+NTFS.sectors_per_cluster]	259	mul [ebp+NTFS.sectors_per_cluster]
258	call ntfs_read_frs_sector	260	call ntfs_read_frs_sector
259	test eax, eax	261	test eax, eax
260	jnz @f	262	jnz @f
261	cmp dword [ebx], 'FILE'	263	cmp dword [ebx], 'FILE'
262	jnz @f	264	jnz @f
263	call ntfs_restore_usa_frs	265	call ntfs_restore_usa_frs
264	jnc .mftok	266	jnc .mftok
265	@@:	267	@@:
266	; $MFT and $MFTMirr invalid!	268	; $MFT and $MFTMirr invalid!
267	.fail_free_frs:	269	.fail_free_frs:
268	push [ebp+NTFS.frs_buffer]	270	push [ebp+NTFS.frs_buffer]
269	call kernel_free	271	call kernel_free
270	.fail_free:	272	.fail_free:
271	mov eax, ebp	273	mov eax, ebp
272	call free	274	call free
273	xor eax, eax	275	xor eax, eax
274	.pop_exit:	276	.pop_exit:
275	pop esi ebp ebx	277	pop esi ebp ebx
276	.exit:	278	.exit:
277	cmp dword [esp+4], 0	279	cmp dword [esp+4], 0
278	jz @f	280	jz @f
279	sub ebx, 512	281	sub ebx, 512
280	@@:	282	@@:
281	ret	283	ret
282	.fail_free_mft:	284	.fail_free_mft:
283	push [ebp+NTFS.mft_retrieval]	285	push [ebp+NTFS.mft_retrieval]
284	call kernel_free	286	call kernel_free
285	jmp .fail_free_frs	287	jmp .fail_free_frs
286	.mftok:	288	.mftok:
287	; read $MFT table retrieval information	289	; read $MFT table retrieval information
288	; start with one page, increase if not enough (when MFT too fragmented)	290	; start with one page, increase if not enough (when MFT too fragmented)
289	push ebx	291	push ebx
290	push 0x1000	292	push 0x1000
291	call kernel_alloc	293	call kernel_alloc
292	pop ebx	294	pop ebx
293	test eax, eax	295	test eax, eax
294	jz .fail_free_frs	296	jz .fail_free_frs
295	mov [ebp+NTFS.mft_retrieval], eax	297	mov [ebp+NTFS.mft_retrieval], eax
296	and [ebp+NTFS.mft_retrieval_size], 0	298	and [ebp+NTFS.mft_retrieval_size], 0
297	mov [ebp+NTFS.mft_retrieval_alloc], 0x1000/8	299	mov [ebp+NTFS.mft_retrieval_alloc], 0x1000/8
298	; $MFT base record must contain unnamed non-resident $DATA attribute	300	; $MFT base record must contain unnamed non-resident $DATA attribute
299	movzx eax, word [ebx+14h]	301	movzx eax, word [ebx+14h]
300	add eax, ebx	302	add eax, ebx
301	.scandata:	303	.scandata:
302	cmp dword [eax], -1	304	cmp dword [eax], -1
303	jz .fail_free_mft	305	jz .fail_free_mft
304	cmp dword [eax], 0x80	306	cmp dword [eax], 0x80
305	jnz @f	307	jnz @f
306	cmp byte [eax+9], 0	308	cmp byte [eax+9], 0
307	jz .founddata	309	jz .founddata
308	@@:	310	@@:
309	add eax, [eax+4]	311	add eax, [eax+4]
310	jmp .scandata	312	jmp .scandata
311	.founddata:	313	.founddata:
312	cmp byte [eax+8], 0	314	cmp byte [eax+8], 0
313	jz .fail_free_mft	315	jz .fail_free_mft
314	; load first portion of $DATA attribute retrieval information	316	; load first portion of $DATA attribute retrieval information
315	mov edx, [eax+0x18]	317	mov edx, [eax+0x18]
316	mov [ebp+NTFS.mft_retrieval_end], edx	318	mov [ebp+NTFS.mft_retrieval_end], edx
317	mov esi, eax	319	mov esi, eax
318	movzx eax, word [eax+0x20]	320	movzx eax, word [eax+0x20]
319	add esi, eax	321	add esi, eax
320	sub esp, 10h	322	sub esp, 10h
321	.scanmcb:	323	.scanmcb:
322	call ntfs_decode_mcb_entry	324	call ntfs_decode_mcb_entry
323	jnc .scanmcbend	325	jnc .scanmcbend
324	call .get_mft_retrieval_ptr	326	call .get_mft_retrieval_ptr
325	mov edx, [esp] ; block length	327	mov edx, [esp] ; block length
326	mov [eax], edx	328	mov [eax], edx
327	mov edx, [esp+8] ; block addr (relative)	329	mov edx, [esp+8] ; block addr (relative)
328	mov [eax+4], edx	330	mov [eax+4], edx
329	inc [ebp+NTFS.mft_retrieval_size]	331	inc [ebp+NTFS.mft_retrieval_size]
330	jmp .scanmcb	332	jmp .scanmcb
331	.scanmcbend:	333	.scanmcbend:
332	add esp, 10h	334	add esp, 10h
333	; there may be other portions of $DATA attribute in auxiliary records;	335	; there may be other portions of $DATA attribute in auxiliary records;
334	; if they will be needed, they will be loaded later	336	; if they will be needed, they will be loaded later
335		337
336	mov [ebp+NTFS.cur_index_size], 0x1000/0x200	338	mov [ebp+NTFS.cur_index_size], 0x1000/0x200
337	push 0x1000	339	push 0x1000
338	call kernel_alloc	340	call kernel_alloc
339	test eax, eax	341	test eax, eax
340	jz .fail_free_mft	342	jz .fail_free_mft
341	mov [ebp+NTFS.cur_index_buf], eax	343	mov [ebp+NTFS.cur_index_buf], eax
342		344
343	mov eax, ebp	345	mov eax, ebp
344	jmp .pop_exit	346	jmp .pop_exit
345	endp	347	endp
346		348
347	.get_mft_retrieval_ptr:	349	.get_mft_retrieval_ptr:
348	pushad	350	pushad
349	mov eax, [ebp+NTFS.mft_retrieval_size]	351	mov eax, [ebp+NTFS.mft_retrieval_size]
350	cmp eax, [ebp+NTFS.mft_retrieval_alloc]	352	cmp eax, [ebp+NTFS.mft_retrieval_alloc]
351	jnz .ok	353	jnz .ok
352	add eax, 0x1000/8	354	add eax, 0x1000/8
353	mov [ebp+NTFS.mft_retrieval_alloc], eax	355	mov [ebp+NTFS.mft_retrieval_alloc], eax
354	shl eax, 3	356	shl eax, 3
355	push eax	357	push eax
356	call kernel_alloc	358	call kernel_alloc
357	test eax, eax	359	test eax, eax
358	jnz @f	360	jnz @f
359	popad	361	popad
360	add esp, 14h	362	add esp, 14h
361	jmp .fail_free_mft	363	jmp .fail_free_mft
362	@@:	364	@@:
363	mov esi, [ebp+NTFS.mft_retrieval]	365	mov esi, [ebp+NTFS.mft_retrieval]
364	mov edi, eax	366	mov edi, eax
365	mov ecx, [ebp+NTFS.mft_retrieval_size]	367	mov ecx, [ebp+NTFS.mft_retrieval_size]
366	add ecx, ecx	368	add ecx, ecx
367	rep movsd	369	rep movsd
368	push [ebp+NTFS.mft_retrieval]	370	push [ebp+NTFS.mft_retrieval]
369	mov [ebp+NTFS.mft_retrieval], eax	371	mov [ebp+NTFS.mft_retrieval], eax
370	call kernel_free	372	call kernel_free
371	mov eax, [ebp+NTFS.mft_retrieval_size]	373	mov eax, [ebp+NTFS.mft_retrieval_size]
372	.ok:	374	.ok:
373	shl eax, 3	375	shl eax, 3
374	add eax, [ebp+NTFS.mft_retrieval]	376	add eax, [ebp+NTFS.mft_retrieval]
375	mov [esp+28], eax	377	mov [esp+28], eax
376	popad	378	popad
377	ret	379	ret
378		380
379	proc ntfs_free	381	proc ntfs_free
380	push ebx	382	push ebx
381	xchg ebx, eax	383	xchg ebx, eax
382	stdcall kernel_free, [ebx+NTFS.frs_buffer]	384	stdcall kernel_free, [ebx+NTFS.frs_buffer]
383	stdcall kernel_free, [ebx+NTFS.mft_retrieval]	385	stdcall kernel_free, [ebx+NTFS.mft_retrieval]
384	stdcall kernel_free, [ebx+NTFS.cur_index_buf]	386	stdcall kernel_free, [ebx+NTFS.cur_index_buf]
385	xchg ebx, eax	387	xchg ebx, eax
386	call free	388	call free
387	pop ebx	389	pop ebx
388	ret	390	ret
389	endp	391	endp
390		392
391	proc ntfs_lock	393	proc ntfs_lock
392	lea ecx, [ebp+NTFS.Lock]	394	lea ecx, [ebp+NTFS.Lock]
393	jmp mutex_lock	395	jmp mutex_lock
394	endp	396	endp
395		397
396	proc ntfs_unlock	398	proc ntfs_unlock
397	lea ecx, [ebp+NTFS.Lock]	399	lea ecx, [ebp+NTFS.Lock]
398	jmp mutex_unlock	400	jmp mutex_unlock
399	endp	401	endp
400		402
401	ntfs_read_frs_sector:	403	ntfs_read_frs_sector:
402	push ecx	404	push ecx
403	mov ebx, [ebp+NTFS.frs_buffer]	405	mov ebx, [ebp+NTFS.frs_buffer]
404	push ebx	406	push ebx
405	mov ecx, [ebp+NTFS.frs_size]	407	mov ecx, [ebp+NTFS.frs_size]
406	shr ecx, 9	408	shr ecx, 9
407	push ecx	409	push ecx
408	mov ecx, eax	410	mov ecx, eax
409	@@:	411	@@:
410	mov eax, ecx	412	mov eax, ecx
411	call fs_read32_sys	413	call fs_read32_sys
412	test eax, eax	414	test eax, eax
413	jnz .fail	415	jnz .fail
414	add ebx, 0x200	416	add ebx, 0x200
415	inc ecx	417	inc ecx
416	dec dword [esp]	418	dec dword [esp]
417	jnz @b	419	jnz @b
418	pop eax	420	pop eax
419	.fail:	421	.fail:
420	pop ebx	422	pop ebx
421	pop ecx	423	pop ecx
422	ret	424	ret
423		425
424	ntfs_read_attr:	426	ntfs_read_attr:
425	; in: variables in ebp+NTFS.*	427	; in: variables in ebp+NTFS.*
426	; out: [ebp+NTFS.ntfs_cur_read]	428	; out: [ebp+NTFS.ntfs_cur_read]
427	; out: CF=1 => notfound, in this case eax=0 => disk ok, otherwise eax=disk error code	429	; out: CF=1 => notfound, in this case eax=0 => disk ok, otherwise eax=disk error code
428	xor eax, eax	430	xor eax, eax
429	pushad	431	pushad
430	and [ebp+NTFS.ntfs_cur_read], 0	432	and [ebp+NTFS.ntfs_cur_read], 0
431	cmp [ebp+NTFS.ntfs_cur_iRecord], 0	433	cmp [ebp+NTFS.ntfs_cur_iRecord], 0
432	jnz .nomft	434	jnz .nomft
433	cmp [ebp+NTFS.ntfs_cur_attr], 0x80	435	cmp [ebp+NTFS.ntfs_cur_attr], 0x80
434	jnz .nomft	436	jnz .nomft
435	mov eax, [ebp+NTFS.mft_retrieval_end]	437	mov eax, [ebp+NTFS.mft_retrieval_end]
436	inc eax	438	inc eax
437	mul [ebp+NTFS.sectors_per_cluster]	439	mul [ebp+NTFS.sectors_per_cluster]
438	cmp eax, [ebp+NTFS.ntfs_cur_offs]	440	cmp eax, [ebp+NTFS.ntfs_cur_offs]
439	jbe .nomft	441	jbe .nomft
440	; precalculated part of $Mft $DATA	442	; precalculated part of $Mft $DATA
441	mov esi, [ebp+NTFS.mft_retrieval]	443	mov esi, [ebp+NTFS.mft_retrieval]
442	mov eax, [ebp+NTFS.ntfs_cur_offs]	444	mov eax, [ebp+NTFS.ntfs_cur_offs]
443	xor edx, edx	445	xor edx, edx
444	div [ebp+NTFS.sectors_per_cluster]	446	div [ebp+NTFS.sectors_per_cluster]
445	; eax = VCN, edx = offset in sectors from beginning of cluster	447	; eax = VCN, edx = offset in sectors from beginning of cluster
446	xor ecx, ecx ; ecx will contain LCN	448	xor ecx, ecx ; ecx will contain LCN
447	.mftscan:	449	.mftscan:
448	add ecx, [esi+4]	450	add ecx, [esi+4]
449	sub eax, [esi]	451	sub eax, [esi]
450	jb @f	452	jb @f
451	add esi, 8	453	add esi, 8
452	push eax	454	push eax
453	mov eax, [ebp+NTFS.mft_retrieval_end]	455	mov eax, [ebp+NTFS.mft_retrieval_end]
454	shl eax, 3	456	shl eax, 3
455	add eax, [ebp+NTFS.mft_retrieval]	457	add eax, [ebp+NTFS.mft_retrieval]
456	cmp eax, esi	458	cmp eax, esi
457	pop eax	459	pop eax
458	jnz .mftscan	460	jnz .mftscan
459	jmp .nomft	461	jmp .nomft
460	@@:	462	@@:
461	push ecx	463	push ecx
462	add ecx, eax	464	add ecx, eax
463	add ecx, [esi]	465	add ecx, [esi]
464	push eax	466	push eax
465	push edx	467	push edx
466	mov eax, [ebp+NTFS.sectors_per_cluster]	468	mov eax, [ebp+NTFS.sectors_per_cluster]
467	mul ecx	469	mul ecx
468	; eax = sector on partition	470	; eax = sector on partition
469	pop edx	471	pop edx
470	add eax, edx	472	add eax, edx
471	mov ebx, [ebp+NTFS.ntfs_cur_buf]	473	mov ebx, [ebp+NTFS.ntfs_cur_buf]
472	pop ecx	474	pop ecx
473	neg ecx	475	neg ecx
474	imul ecx, [ebp+NTFS.sectors_per_cluster]	476	imul ecx, [ebp+NTFS.sectors_per_cluster]
475	sub ecx, edx	477	sub ecx, edx
476	cmp ecx, [ebp+NTFS.ntfs_cur_size]	478	cmp ecx, [ebp+NTFS.ntfs_cur_size]
477	jb @f	479	jb @f
478	mov ecx, [ebp+NTFS.ntfs_cur_size]	480	mov ecx, [ebp+NTFS.ntfs_cur_size]
479	@@:	481	@@:
480	; ecx = number of sequential sectors to read	482	; ecx = number of sequential sectors to read
481	push eax	483	push eax
482	call fs_read32_sys	484	call fs_read32_sys
483	pop edx	485	pop edx
484	test eax, eax	486	test eax, eax
485	jnz .errread	487	jnz .errread
486	add [ebp+NTFS.ntfs_cur_read], 0x200	488	add [ebp+NTFS.ntfs_cur_read], 0x200
487	dec [ebp+NTFS.ntfs_cur_size]	489	dec [ebp+NTFS.ntfs_cur_size]
488	inc [ebp+NTFS.ntfs_cur_offs]	490	inc [ebp+NTFS.ntfs_cur_offs]
489	add ebx, 0x200	491	add ebx, 0x200
490	mov [ebp+NTFS.ntfs_cur_buf], ebx	492	mov [ebp+NTFS.ntfs_cur_buf], ebx
491	lea eax, [edx+1]	493	lea eax, [edx+1]
492	loop @b	494	loop @b
493	pop ecx	495	pop ecx
494	xor eax, eax	496	xor eax, eax
495	xor edx, edx	497	xor edx, edx
496	cmp [ebp+NTFS.ntfs_cur_size], eax	498	cmp [ebp+NTFS.ntfs_cur_size], eax
497	jz @f	499	jz @f
498	add esi, 8	500	add esi, 8

Subversion Repositories Kolibri OS

(root)/kernel/branches/kolibri-process/fs/ntfs.inc – Rev 4429 → 5116