[NTFS] - Disable write support by default. Enable it via the registry.

[BOOTDATA] - Add a commented-out section to hivesys.inf which can add the required key to enable NTFS write support.

svn path=/branches/GSoC_2016/NTFS/; revision=74685

boot/bootdata/hivesys.inf

@@ -1605,6 +1605,8 @@ HKLM,"SYSTEM\CurrentControlSet\Services\Ntfs","Group",0x00000000,"File System"
 HKLM,"SYSTEM\CurrentControlSet\Services\Ntfs","ImagePath",0x00020000,"system32\drivers\ntfs.sys"
 HKLM,"SYSTEM\CurrentControlSet\Services\Ntfs","Start",0x00010001,0x00000003
 HKLM,"SYSTEM\CurrentControlSet\Services\Ntfs","Type",0x00010001,0x00000002
+; un-comment the line below to enable EXPERIMENTAL write-support on NTFS volumes:
+;HKLM,"SYSTEM\CurrentControlSet\Services\Ntfs","MyDataDoesNotMatterSoEnableExperimentalWriteSupportForEveryNTFSVolume",0x00010001,0x00000001
 
 ; Null device driver
 HKLM,"SYSTEM\CurrentControlSet\Services\Null","ErrorControl",0x00010001,0x00000000

drivers/filesystems/ntfs/create.c

@@ -486,6 +486,13 @@ NtfsCreateFile(PDEVICE_OBJECT DeviceObject,
             LARGE_INTEGER Zero;
             Zero.QuadPart = 0;
 
+            if (!NtfsGlobalData->EnableWriteSupport)
+            {
+                DPRINT1("NTFS write-support is EXPERIMENTAL and is disabled by default!\n");
+                NtfsCloseFile(DeviceExt, FileObject);
+                return STATUS_ACCESS_DENIED;
+            }
+
             // TODO: check for appropriate access
            
             ExAcquireResourceExclusiveLite(&(Fcb->MainResource), TRUE);
@@ -545,7 +552,14 @@ NtfsCreateFile(PDEVICE_OBJECT DeviceObject,
             RequestedDisposition == FILE_OPEN_IF ||
             RequestedDisposition == FILE_OVERWRITE_IF ||
             RequestedDisposition == FILE_SUPERSEDE)
-        {            
+        {
+            if (!NtfsGlobalData->EnableWriteSupport)
+            {
+                DPRINT1("NTFS write-support is EXPERIMENTAL and is disabled by default!\n");
+                NtfsCloseFile(DeviceExt, FileObject);
+                return STATUS_ACCESS_DENIED;
+            }
+
             // Create the file record on disk
             Status = NtfsCreateFileRecord(DeviceExt, FileObject);
 

drivers/filesystems/ntfs/dispatch.c

@@ -82,7 +82,15 @@ NtfsDispatch(PNTFS_IRP_CONTEXT IrpContext)
             break;
 
         case IRP_MJ_SET_INFORMATION:
-            Status = NtfsSetInformation(IrpContext);
+            if (!NtfsGlobalData->EnableWriteSupport)
+            {
+                DPRINT1("NTFS write-support is EXPERIMENTAL and is disabled by default!\n");
+                Status = STATUS_ACCESS_DENIED;
+            }
+            else
+            {
+                Status = NtfsSetInformation(IrpContext);
+            }
             break;
 
         case IRP_MJ_DIRECTORY_CONTROL:
@@ -98,7 +106,15 @@ NtfsDispatch(PNTFS_IRP_CONTEXT IrpContext)
              break;
 
         case IRP_MJ_WRITE:
-            Status = NtfsWrite(IrpContext);
+            if (!NtfsGlobalData->EnableWriteSupport)
+            {
+                DPRINT1("NTFS write-support is EXPERIMENTAL and is disabled by default!\n");
+                Status = STATUS_ACCESS_DENIED;
+            }
+            else
+            {
+                Status = NtfsWrite(IrpContext);
+            }
             break;
 
         case IRP_MJ_CLOSE:

drivers/filesystems/ntfs/ntfs.c

@@ -58,6 +58,8 @@ DriverEntry(PDRIVER_OBJECT DriverObject,
     UNICODE_STRING DeviceName = RTL_CONSTANT_STRING(DEVICE_NAME);
     NTSTATUS Status;
     PDEVICE_OBJECT DeviceObject;
+    OBJECT_ATTRIBUTES Attributes;
+    HANDLE DriverKey = NULL;
 
     TRACE_(NTFS, "DriverEntry(%p, '%wZ')\n", DriverObject, RegistryPath);
 
@@ -84,6 +86,42 @@ DriverEntry(PDRIVER_OBJECT DriverObject,
 
     ExInitializeResourceLite(&NtfsGlobalData->Resource);
 
+    NtfsGlobalData->EnableWriteSupport = FALSE;
+
+    // Read registry to determine if write support should be enabled
+    InitializeObjectAttributes(&Attributes,
+                               RegistryPath,
+                               OBJ_CASE_INSENSITIVE | OBJ_KERNEL_HANDLE,
+                               NULL,
+                               NULL);
+
+    Status = ZwOpenKey(&DriverKey, KEY_READ, &Attributes);
+    if (NT_SUCCESS(Status))
+    {
+        UNICODE_STRING ValueName;
+        UCHAR Buffer[sizeof(KEY_VALUE_PARTIAL_INFORMATION) + sizeof(ULONG)];
+        PKEY_VALUE_PARTIAL_INFORMATION Value = (PKEY_VALUE_PARTIAL_INFORMATION)Buffer;
+        ULONG ValueLength = sizeof(Buffer);
+        ULONG ResultLength;
+
+        RtlInitUnicodeString(&ValueName, L"MyDataDoesNotMatterSoEnableExperimentalWriteSupportForEveryNTFSVolume");
+
+        Status = ZwQueryValueKey(DriverKey,
+                                 &ValueName,
+                                 KeyValuePartialInformation,
+                                 Value,
+                                 ValueLength,
+                                 &ResultLength);
+
+        if (NT_SUCCESS(Status) && Value->Data[0] == TRUE)
+        {
+            DPRINT1("\tEnabling write support on ALL NTFS volumes!\n");
+            NtfsGlobalData->EnableWriteSupport = TRUE;
+        }
+
+        ZwClose(DriverKey);
+    }
+
     /* Keep trace of Driver Object */
     NtfsGlobalData->DriverObject = DriverObject;
 
@@ -118,7 +156,7 @@ DriverEntry(PDRIVER_OBJECT DriverObject,
     IoRegisterFileSystem(NtfsGlobalData->DeviceObject);
     ObReferenceObject(NtfsGlobalData->DeviceObject);
 
-    return Status;
+    return STATUS_SUCCESS;
 }
 
 

drivers/filesystems/ntfs/ntfs.h

@@ -151,6 +151,7 @@ typedef struct
     FAST_IO_DISPATCH FastIoDispatch;
     NPAGED_LOOKASIDE_LIST IrpContextLookasideList;
     NPAGED_LOOKASIDE_LIST FcbLookasideList;
+    BOOLEAN EnableWriteSupport;
 } NTFS_GLOBAL_DATA, *PNTFS_GLOBAL_DATA;