简单之微文件系统

            为什么需要自定义一个微文件系统(高仿可以不考虑很多硬件的特性例如磁头或是磁盘单位大小)，何时需要定义又使用在什么地方，我想说的是地方很多，先不说需要用到的地方就单单说微文件系统是驻扎在内存的一个块“缓存”，效率之高且具有一定的安全性（注意逻辑BUG导致的漏洞）；例如文件加密或者说WEB服务器，特别是WEB服务器，无论是对于静态文件（高效访问，上传临时文件到服务器）还是动态CGI（执行二进制安全，上传恶意脚本）而言都具有一定的优势（在微系统内由于只有读写功能不存在内核镜像加载执行），让服务器访问属于一个自定义的微文件系统内，可以读取任何数据甚至修改任何数据（例如压缩数据），但我们不会保存（当然有存储功能）；高仿微文件系统可以支持各种逻辑卷名与路径名。

【例如通过服务器进程0Day上传的恶意文件在隔离的微文件系统内，实际硬盘是不存在，执行自然失败】

       这里会能充分利用空缝隙块（排除空间不足），也就是支持单个文件数据散乱无序（分块）存储，重要的是注意块对齐。

#define BOOT_AREA_SIZE  (512)#define ZONE_NAME_SIZE  (16)#define DISK_ZONE_COUNT (16)  //最大创建逻辑磁盘总数#define USER_NAME_SIZE  (20)#define USER_NAME_COUNT (64)  //UACL 用户上限总数#define FOLDER_NAME_SIZE  (128)#define FOLDER_NAME_COUNT (256) //每层文件夹最大创建数#define FOLDER_DIR_COUNT  (16) //子文件夹最大数#define FOLDER_MASK_SIZE  FOLDER_DIR_COUNT#define FILE_NAME_SIZE (128)#define FILE_MASK_SIZE FOLDER_DIR_COUNT#define FILE_SYSTEM_NAME_SIZE (8)#define SINGLE_CLUSTER_SIZE (1024)#define SINGLE_SECTION_SIZE (512)#define FILE_SYSTEM_TYPE     (0x0CC99)#define FILE_SYSTEM_VERSION  (0x0100)#define RESERVED_AREA_SIZE    (908) //(SINGLE_CLUSTER_SIZE - (sizeof(_FALS_LOGICDISK_HEADER) % SINGLE_CLUSTER_SIZE))#define RESERVED_SECTION_SIZE (24) //(SINGLE_CLUSTER_SIZE - (sizeof(_FALS_PHYSICSDISK_HEADER) % SINGLE_CLUSTER_SIZE))#define FILE_SYSTEM_NAME ("FALS")#define INITVALUE (0x0FFFF)#pragma pack(1)typedef struct _FALS_ACE_USER {unsigned char uUserName[USER_NAME_SIZE];union _USER_CONTROL_ {struct _CONTROL_ {unsigned char uRead : 1;unsigned char uWrite : 1;unsigned char uReadOrWrite : 1;unsigned char uDelete : 1; //标记用户已被删除unsigned char uDisableAccess : 1;unsigned char uNotAllowExecution : 1; //不允许执行操作unsigned char uAllowAccessFolders : 1; //是否允许打开文件夹unsigned char uUserActivate : 1; //是否已激活unsigned char uRootPower : 1;  //该权限可以直接对逻辑磁盘数据结构进行读写unsigned int uReservedAttreib : 23;} CTL;unsigned int uUserAttreib;} USER;} FALS_ACE_USER, *PFALS_ACE_USER;typedef struct _FALS_ZONE_INFO {unsigned char uLogicDiskName[ZONE_NAME_SIZE];ULONG_PTR uStartLogicDiskPoint;LONG_PTR lLogicDiskSize;   //分配的逻辑磁盘大小union _ZONE_ATTREIB_ {struct _ATTREIB_ {unsigned char uRead : 1;unsigned char uWrite : 1;unsigned char uReadOrWrite : 1;unsigned char uShutDown : 1; //未使用unsigned char uDisableAccess : 1;unsigned char uOpenedUserAccessControl : 1; //开启用户访问权限unsigned char uOpenedDataCompress : 1; //开启磁盘压缩加密unsigned char uShareZone : 1;unsigned int uReservedAttreib : 24;} ATB;unsigned int uZoneAttreib;} ZONE;FALS_ACE_USER stFalsAceUser[USER_NAME_COUNT]; //用户控制列表} FALS_ZONE_INFO, *PFALS_ZONE_INFO;typedef struct _FALS_FILE_INFO {unsigned char uFileName[FILE_NAME_SIZE];unsigned short uFileMask[FILE_MASK_SIZE];  //文件夹伪识别码LONG_PTR lFileSize;  //文件实际大小LONG_PTR lFileLogicSize; //实际占用空间对齐大小，不包括FALS_FILE_INFO头大小union _FILE_ATTREIB_ {struct _ATTREIB_ {unsigned char uRead : 1;unsigned char uWrite : 1;unsigned char uReadOrWrite : 1;unsigned char uIsDelete : 1;  //已被删除unsigned char uDisableAccess : 1;unsigned char uOpenedUserAccessControl : 1; //开启用户访问权限unsigned char uOpenedDataCompress : 1; //开启磁盘压缩加密unsigned char uSliverData : 1;  //是一个分片的文件数据unsigned short uFileMaskSize;unsigned char uShareFile : 1;unsigned int uReservedAttreib : 7;} ATB;unsigned int uFileAttreib;} FILE;//FALS_ACE_USER stFalsAceUser[USER_NAME_COUNT]; //用户控制列表ULONG_PTR uNextFilePoint; //下一个文件位置ULONG_PTR uBeforeFilePoint; //先前文件的位置struct _FILE_SLIVER_ {LONG_PTR lFileDataSize; //实际数据大小，排除_FILE_SLIVER_的大小LONG_PTR lFileLogicSize; //实际占用的总大小，包括_FILE_SLIVER_的大小//ULONG_PTR uFileDataPoint;ULONG_PTR uNextFileSliver;} FS;unsigned char uFileData[0];} FALS_FILE_INFO, *PFALS_FILE_INFO;typedef struct _FALS_FOLDER_INFO {unsigned char uFolderName[FOLDER_NAME_SIZE];unsigned short uFolderMask[FOLDER_MASK_SIZE];union _FOLDER_ATTREIB_ {struct _ATTREIB_ {unsigned char uRead : 1;unsigned char uWrite : 1;unsigned char uReadOrWrite : 1;unsigned char uIsDelete : 1;  //已被删除unsigned char uDisableAccess : 1;unsigned char uOpenedUserAccessControl : 1; //开启用户访问权限unsigned short uFolderMaskSize;unsigned char uShareFolder : 1;unsigned int uReservedAttreib : 9;} ATB;unsigned int uFolderAttreib;} FOLDER;unsigned short uSubFolderCount; //子目录总数ULONG_PTR uFileCacheListPoint; //用于快速定位查找//FALS_ACE_USER stFalsAceUser[USER_NAME_COUNT]; //用户控制列表} FALS_FOLDER_INFO, *PFALS_FOLDER_INFO;typedef struct _FALS_FOLDER_LIST {unsigned int uUseFolderListCount;  //已使用总数FALS_FOLDER_INFO stFalsFolderInfo[FOLDER_NAME_COUNT]; //当前目录数} FALS_FOLDER_LIST, *PFALS_FOLDER_LIST;typedef struct _FALS_LOGICDISK_HEADER {unsigned char uFileSystemName[FILE_SYSTEM_NAME_SIZE];unsigned long uSingleClusterSize; //每簇大小unsigned long uSingleSectionSize; //每个扇区的大小unsigned int uSingleClusterCount; //逻辑磁盘簇总数unsigned int uSingleSectionCount; //逻辑磁盘扇区总数LONG_PTR llogicDiskSurplusSize; //逻辑磁盘剩余空间LONG_PTR lLogicDiskDeleteSize; //已删除的数据大小FALS_FOLDER_LIST stFalsFolderDirList[FOLDER_DIR_COUNT]; //逻辑磁盘目录层数struct _FILE_LIST_POS_ {ULONG_PTR uStartFileListPoint; //文件数据起始头ULONG_PTR uStartFileDeleteList; //删除的文件信息ULONG_PTR uFinalFileListPoint;  //最后一个文件链ULONG_PTR uNextFileDataPoint;   //当前可用的文件数据位置ULONG_PTR uNextFileDeletePoint; //当前可保存的删除链接点} FLP;unsigned char uReservedArea[RESERVED_AREA_SIZE]; //保留的对齐区域unsigned char uFileListData[0]; //this->FALS_FILE_INFO} FALS_LOGICDISK_HEADER, *PFALS_LOGICDISK_HEADER;typedef struct _FALS_PHYSICSDISK_HEADER {unsigned char uBootAreaOpcodes[BOOT_AREA_SIZE];unsigned short uFileSystemType;  //文件系统类型unsigned short uFileSystemVersion; //文件系统版本unsigned long uSingleClusterSize; //每簇大小unsigned long uSingleSectionSize; //每个扇区的大小unsigned int uSingleClusterCount; //硬盘簇总数unsigned int uSingleSectionCount; //硬盘扇区总数LONG_PTR lPhysicsDiskSurplusSize; //硬盘剩余空间FALS_ZONE_INFO stFalsZoneInfo[DISK_ZONE_COUNT]; //逻辑磁盘列表信息unsigned char uReservedSection[RESERVED_SECTION_SIZE]; //保留的对齐区间unsigned char uFalsLogicDiskData[0];   // this->FALS_LOGICDISK_HEADER} FALS_PHYSICSDISK_HEADER, *PFALS_PHYSICSDISK_HEADER;typedef struct _FALS_SLIVER_INFO {LONG_PTR lFileDataSize;LONG_PTR lFileLogicSize;//ULONG_PTR uFileDataPoint;ULONG_PTR uNextFileSliver;unsigned char uFileData[0];} FALS_SLIVER_INFO, *PFALS_SLIVER_INFO;typedef struct _FALS_FOLDER_DATA {unsigned short uDataMaskSize;unsigned short uDataMask[FOLDER_MASK_SIZE];PFALS_FOLDER_LIST lpFolderList; //当前目录下的文件夹信息PFALS_FILE_INFO lpFileInfo;  //当前目录下的文件信息} FALS_FOLDER_DATA, *PFALS_FOLDER_DATA;#pragma pack()enum _FALS_ERROR_CODE_ {FALS_SUCCRESS,FALS_FAILURE,FALS_NULL_PARAM,FALS_SIZE_PARAM,  //参数大小不正确FALS_FOLDER_CAP,  //文件夹总数已上线FALS_FOLDER_NOT_FIND,FALS_FOLDER_EXISTS,FALS_FOLDER_DIR,FALS_FILE_EXISTS,FALS_NOT_FIND_LOGICDISK,FALS_NOT_FIND_FOLDER,FALS_NOT_FIND_FILE,FALS_NOT_FIND_USER,WRITE_FILE_DATA_FAIL} ;#define FALS_PATH TEXT("D:\\TDDownload\\Fals.sys")#define MAX_SUPPORT_AREA_SIZE (SINGLE_CLUSTER_SIZE * 2 - 1)void * __cdecl InitFalsSystem(LONG_PTR * lpPhysicsDiskSize);void * __cdecl CreateFalsLogicDisk(PFALS_PHYSICSDISK_HEADER lpFalsPhyDiskHeader, const char * lpLogicName, const char * lpDefaultUserName, LONG_PTR * lpLogicDiskSize);void * __cdecl GetFalsLogicDiskZoneInfo(PFALS_PHYSICSDISK_HEADER lpFalsPhyDiskHeader, const char * lpLogicName);void __cdecl FormatFalsLogicDisk(PFALS_PHYSICSDISK_HEADER lpFalsPhyDiskHeader);void * __cdecl GetLogicDiskSpecifyUserInfo(PFALS_PHYSICSDISK_HEADER lpFalsPhyDiskHeader, const char * lpLogicName, const char * lpszUserName);void * __cdecl CreateLogicDiskSpecifyUserName(PFALS_PHYSICSDISK_HEADER lpFalsPhyDiskHeader, const char * lpLogicName, const char * lpszUserName);int __cdecl DeleteLogicDiskSpecifyUser(PFALS_PHYSICSDISK_HEADER lpFalsPhyDiskHeader, const char * lpLogicName, const char * lpszUserName);int __cdecl CreateLogicDiskFolder(PFALS_LOGICDISK_HEADER lpFalsLogDiskHeader, const char * lpszFolderPath);int __cdecl DeleteLogicDiskFolder(PFALS_LOGICDISK_HEADER lpFalsLogDiskHeader, const char * lpszFolderPath);int __cdecl CreateLogicDiskFile(PFALS_LOGICDISK_HEADER lpFalsLogDiskHeader, const char * lpszFilePath, const void * lpFileData, LONG_PTR uFileDataSize);int __cdecl DeleteLogicDiskFile(PFALS_LOGICDISK_HEADER lpFalsLogDiskHeader, const char * lpszFilePath);int __cdecl ReadLogicDiskFile(PFALS_LOGICDISK_HEADER lpFalsLogDiskHeader,const char * lpszFilePath, LONG_PTR lStartReadFilePos, void * lpReadBuffer, LONG_PTR * lpReadSize);int __cdecl WriteLogicDiskFile(PFALS_LOGICDISK_HEADER lpFalsLogDiskHeader,const char * lpszFilePath, LONG_PTR lStartWriteFilePos, void * lpWriteBuffer, LONG_PTR uWriteSize);LONG_PTR __cdecl GetLogicDiskSpecifyFileSize(PFALS_LOGICDISK_HEADER lpFalsLogDiskHeader, const char * lpszFilePath);int __cdecl GetLogicDiskSpecifyFolderData(PFALS_LOGICDISK_HEADER lpFalsLogDiskHeader, const char * lpszFolderPath, PFALS_FOLDER_DATA lpFalsFolderData);void * __cdecl OpenFalsSystem(LONG_PTR * lpPhysicsDiskSize);bool __cdecl SaveFalsSystem(PFALS_PHYSICSDISK_HEADER lpFalsPhyDiskHeader);......