CIFS File Attribute Encoding
When a client or server exchanges file attribute information, the information may be encoded in 16 bits as the following values.
| Value | Description |
|---|---|
| 0x01 | Read-only file |
| 0x02 | Hidden file |
| 0x04 | System file |
| 0x08 | Volume |
| 0x10 | Directory |
| 0x20 | Archive file |
Extended File Attribute Encoding
Extended file attributes are encoded as a 32-bit value composed of attributes and flags. Any combination of the following attributes is acceptable. All file attributes override ATTR_NORMAL.
| Value | Description |
|---|---|
| ATTR_READONLY 0x001 |
File is read-only. The file can be read, but not written to or deleted. |
| ATTR_HIDDEN 0x002 |
Hidden file. The file is not to be included in the ordinary directory listing. |
| ATTR_SYSTEM 0x004 |
System file. The file is part of or is used by the operating system. |
| ATTR_DIRECTORY 0x010 |
File is a directory. |
| ATTR_ARCHIVE 0x020 |
File has not been archived since it was last modified. |
| ATTR_NORMAL 0x080 |
File has no other attributes set. The file cannot be used in combination with other attribute flags. |
| ATTR_TEMPORARY 0x100 |
File is temporary. |
| ATTR_COMPRESSED 0x800 |
File or directory is compressed. For a directory, this indicates that compression is the default for newly-created files and subdirectories. |
| POSIX_SEMANTICS 0x01000000 |
File is to be accessed according to POSIX rules. This includes allowing multiple files with names differing only in case, for file systems that support such naming. (Files created with this flag may not be accessible by applications written for MS-DOS, Windows 3.x, or Windows NT.) |
| BACKUP_SEMANTICS 0x02000000 |
File is being opened or created for a backup or restore operation. |
| DELETE_ON_CLOSE 0x04000000 |
File is to be deleted by the server immediately after all of its handles have been closed. |
| SEQUENTIAL_SCAN 0x08000000 |
File is to be accessed sequentially from beginning to end. Windows uses this flag to optimize file caching. If an application moves the file pointer for random access, optimum caching may not occur; however, correct operation is still guaranteed. Specifying this flag can increase performance for applications that read large files using sequential access. Performance gains can be even more noticeable for applications that read large files mostly sequentially, but occasionally skip over small ranges of bytes. |
| RANDOM_ACCESS 0x10000000 |
Application will access the file randomly. The server may use this flag to optimize file caching. |
| NO_BUFFERING 0x20000000 |
Server is requested to open the file with no intermediate buffering or caching; the server is not obliged to honor the request. An application must meet certain requirements when working with files opened with FILE_FLAG_NO_BUFFERING. File access must begin at offsets within the file that are integer multiples of the volume's sector size; and must be for numbers of bytes that are integer multiples of the volume's sector size. For example, if the sector size is 512 bytes, an application can request read and write operations of 512, 1024, or 2048 bytes, but not of 335, 981, or 7171 bytes. |
| WRITE_THROUGH 0x80000000 |
Operating system is instructed to write through any intermediate cache and go directly to the file. The operating system can still cache write operations, but cannot lazily flush them. |