Slashdot Mirror

← Back to Stories (view on slashdot.org)

Fully Open Source NTFS Support Under Linux

Posted by ryuzaki0 on from the long-time-coming dept.

lord_rob the only on writes "The Linux NTFS project has released a beta version of its fully open source userspace (using FUSE) 3G-Linux NTFS support driver. According to the developer, this driver beats hands down other NTFS support solutions performance-wise (including commercial Paragon NTFS driver and also Captive NTFS, which is using windows ntfs.sys driver under WINE)." That's right, writing to NTFS even works. Soon it'll mean one less recovery disk to keep around, I hope.

10 of 310 comments (clear)

  1. Not Just Linux by TheRaven64 · · Score: 5, Informative

    FUSE has been ported to FreeBSD, and it appears that the driver also works there.

    --
    I am TheRaven on Soylent News
  2. No 64-bit by Bill+Dimm · · Score: 4, Informative

    Looks like a great piece of work. One important note from the article:
    Problem: Why doesn't the driver work on 64-bit and bigendian systems?
    Answer: We have no resource for that. Neither hardware, nor workforce.
    Status: Low priority.

  3. Re:Awesome! by lord_rob+the+only+on · · Score: 5, Informative

    A reply from the developper :

    Currently I'm not interested in the kernel driver. It's a lost case for over a decade. Full read-write could be done in user space pretty fast and I can't see drawbacks, only benefits:

    - NTFS is huge and complex, not for the kernel. Crash in kernel (hw error, corrupt ntfs, etc) and game is over. Crash in user space then just restart the service.
    - kernel has a lot of limitations, restrictions which are all gone.
    - fedora/redhat users have never ending hassles with installing the driver. Instead they could install ntfs-3g once and forget the issue forever.

  4. Re:Great news. by Tim+C · · Score: 4, Informative

    You also can't hide from a different installation of Windows that has the infected disk mounted. Rootkits hide themselves by hooking into the running kernel/fs drivers - inspect the disk with a clean install and they can't hide then either.

    Of course, the more tools you have available to you, the better, and while it's very unlikely that a rootkit from one install can infect another as long as you're careful, it's *extremely* unlikely that it'll be able to infect a Linux install. That may change with time, of course - as with so many things, it's an arms race, and this one is unlikely to do anything but get hotter.

    --
    It's official. Most of you are morons.
  5. Re:Awesome! by ratboy666 · · Score: 5, Informative

    How to do it...

    Assuming partition tables are "fubar".

    #1 BACK UP ALL YOUR DATA. This is normally a sign of a failing drive.

    #2 Download and burn a bootable CD of you hard drive vendors diagnostic kit.

    #3 Run it, and "recertify" your drive. May take a couple of hours (and, you may just want to dumpster the drive, if your time is valuable). If the drive does not certify, discard it.

    #4 Boot your system with Knoppix, or another recovery Linux system. Issue the command: "dd if=/dev/zero of=/dev/hda" (replace hda with hdb, hdc, hdd, etc. depending on which hard drive it is).

    #5 Run Linux partitioning tool "fdisk /dev/hda". You *will* get a complaint about an improper partition table, which is ok. Partition, and write the new partition table.

    #5b Alternatively, boot a Linux installation CD, and load Linux. Ignore warnings about "improper partitioning", and choose to have the partition table replaced.

    The IMPORTANT steps are 1 to 3. If the partition table cannot be manipulated, it is an almost sure sign your drive is heading south.

    Ratboy

    --
    Just another "Cubible(sic) Joe" 2 17 3061
  6. Re:Great news. by Vo0k · · Score: 4, Informative

    AFAIK most of their methods of protection would fail. Still, they could quite nicely hide in "alternate data streams" - every file or directory in NTFS chan have arbitrary metadata attached to it. Usually it's things like ownerships, permissions etc, but 'arbitrary' in this case means that besides the official metadata you can attach whole files making them invisible in the filesystem tree, existing in separate namespace, each file entry being a root directory for a whole invisible filesystem. So plain 'ls' won't show them. You need a tool that will examine each file, extract its metadata, discard the "standard" metadata and list whatever has been attached to files additionally.

    --
    Anagram("United States of America") == "Dine out, taste a Mac, fries"
  7. ntfsmount != ntfs-3g by Chris+Pimlott · · Score: 4, Informative

    ntfs-3g is brand new and it not the same thing as ntfsmount, which is what the current documentation covers. Please read the ntfs-3g announcement, which promises practically unlimited file creation and deletion.

  8. Re:Performance by Schraegstrichpunkt · · Score: 4, Informative
    Performance problems are a well-known fundamental problem with microkernel architectures that use user-mode processes.

    It's a widely-believed myth, mainly due to the poor performance of bloated first-generation microkernels like Mach, although I suppose it probably also applies to Linux when Linux acts as a microkernel.

    Google is your friend.

    Just because Linus Torvalds thought something was impossible during the 1990s doesn't make it so, so I suggest you skip the infamous Linus vs. AST discussion from that time period.

    The reality is that:

    1. Microkernel architectures are hard to design. This is suspected as being the real reason why they are not very popular today.
    2. Monolithic kernel architectures are prone to insecurities. There is just way too much privileged code, and too many failure scenarios.

    Unlike Linus, some people are actually devoting much of their time to solving these problems. AST is one such person. See this page on the subject.

    --
    http://outcampaign.org/
  9. Re:Performance by azhrei_fje · · Score: 5, Informative
    Kernel drivers can not use virtual memory, explicit multithreading or advanced algorithms from MP, STL and hundreds of other C++ libraries.

    Wow, I don't know where to start with this. First, mod parent down using -1, vague.

    Have you written a filesystem? I have. The "virtual memory" you're apparently referring to is the process' virtual memory. This sounds like what you're trying to say is that the protection provided by process virtual memory isn't available in the kernel. And that's true. But that doesn't change the fact that the kernel can map any physical memory to any effective address. So the statement that the "kernel can not use virtual memory," is extremely bogus. ("Bogus" is a technical term. It means "completely wrong.")

    Concerning "explicit multithreading," you must be referring to the idea that the kernel can't call pthread_create()? But there's no reason for the kernel to do so. Multi-threading in a user-level process is often done to achieve concurrency related to the delays that a single-threaded application would have if it had to wait for I/O to complete. The kernel doesn't have to do that at all. The kernel would queue up the I/O request, then continue on its merry way. When the interrupt from the device signals that the I/O has completed, a separate handler takes care of it. In a user process, threads are useful in order to modularize the I/O functions. In the kernel, they often aren't needed, since callbacks are used instead. Same functionality, different design technique. And even if they are needed for some obscure reason, all modern kernels (Linux included) support kernel threads. (My SUSE Linux 10 box currently has 19 kernel threads executing.)

    The "advanced algorithms" you're referring to are probably coming out of user-space libraries. And in this regard, you're correct -- user-space libraries cannot (currently) be linked into the kernel and there is plenty of debate about whether such abilities should even be attempted. (The problem with user-space libraries inside kernel space revolves mostly around bugs and implementation deficiencies. The truth is that an algorithm that is mostly cpu-intensive probably could be loaded into kernel space using some kind of hack, and there are open source projects that are already working along these lines.)

    In any case, there's no reason why those algorithms couldn't be executed inside the kernel. For example, take the find() generic algorithm from the STL (a macro from one of the libraries you mentioned). Why can't I use it? (The truth is I can.) And why can't I use the list class from the same library? I admit that linking large objects into the kernel could result in quite a bit of bloat, but there is not a technical reason that it couldn't be done. (Except in the case of C++ exceptions within the kernel. There is a group that has patches available for the Linux kernel that add support for C++ exception handling. With those patches, any STL code should be able to work in kernel space, although I've not tried it personally.)

    It seems to me like the parent has read a magazine article and jumped to conclusions. Or perhaps they are even an experienced developer, but took huge liberties with the wording of their statement. But as "Captain Obvious," I felt it was my slashdot civic duty to clarify he issue. :)

  10. Re:It is good news ... But ... by Antique+Geekmeister · · Score: 4, Informative

    No, Microsoft deliberately breaks compatibility. I suggest you look at the old FreeDOS lawsuits, and the Netscape lawsuits where Microsoft tried to pretend that NT Workstation couldn't work as a Netscape server, the oddness of Internet Explorer and their refusal to make it removable, and the weirdness they did to Kerberos that MIT sued them successfully over, and even take a look at what Active Directory does to DNS, and the current lawsuits about ODF in Massachusetts, and the recent EU lawsuit whaere Microsoft refused to document their software, instead publishing deliberately obfuscated and unusable documentation.