Windows System Software -- Consulting, Training, Development -- Unique Expertise, Guaranteed Results
The free OSR Learning Library has more than 50 articles on a wide variety of topics about writing and debugging device drivers and Minifilters. From introductory level to advanced. All the articles have been recently reviewed and updated, and are written using the clear and definitive style you've come to expect from OSR over the years.
Check out The OSR Learning Library at: https://www.osr.com/osr-learning-library/
Upcoming OSR Seminars | ||
---|---|---|
OSR has suspended in-person seminars due to the Covid-19 outbreak. But, don't miss your training! Attend via the internet instead! | ||
Writing WDF Drivers | 12 September 2022 | Live, Online |
Internals & Software Drivers | 23 October 2022 | Live, Online |
Kernel Debugging | 14 November 2022 | Live, Online |
Developing Minifilters | 5 December 2022 | Live, Online |
Comments
> making the oplock requests on behalf of the userspace code
I think that this is a normal thing about oplocks. They originate in SMB redir when SMB redir thinks it is a good idea.
Then they are sent to the server by SMB protocol, where SRV converts the SMB requests to the Windows FSD calls.
The filters on server should see these requests if attached between SRV and the FSD.
--
Maxim S. Shatskih
Windows DDK MVP
[email protected]
http://www.storagecraft.com
>> Alternatively, is it possible that the CIFS filesystem driver is
>> making the oplock requests on behalf of the userspace code
>
> I think that this is a normal thing about oplocks. They originate in SMB redir when SMB redir thinks it is a good idea.
>
Hum, I was afraid of that.
I wonder, though, what logic determines "when SMB redir thinks it is a
good idea". Observing the on-the-wire SMB traffic between the server
and client I see no oplock requests when I open e.g. .zip, .txt or
.jpeg files (with Explorer, Notepad and Fax/Picture viewer,
respectively). Yet when I open an .xls file with Excel I see a flood
of oplock requests. Two options come to mind: firstly that the
options passed to CreateFile() by Excel imply to the CIFS redirector
that an oplock is necessary; secondly that some kind of heuristic is
performed within the CIFS redirector on the basis of file type or
similar (yikes!).
In any case, it seems from what you say that I cannot gain knowledge
of the oplocks held on a file from my minifilter... ?
Thanks,
Tom
--
Tom Parkin
www.thhp.org.uk
The worst moment for the atheist is when he is really thankful and has
nobody to thank /Rossetti/
> options passed to CreateFile() by Excel imply to the CIFS redirector
> that an oplock is necessary
I think so.
--
Maxim S. Shatskih
Windows DDK MVP
[email protected]
http://www.storagecraft.com
> I wonder, though, what logic determines "when SMB redir thinks it is a
> good idea". Observing the on-the-wire SMB traffic between the server
> and client I see no oplock requests when I open e.g. .zip, .txt or
> .jpeg files (with Explorer, Notepad and Fax/Picture viewer,
> respectively). Yet when I open an .xls file with Excel I see a flood
> of oplock requests.
An oplock request is actually embedded in the SMB create request, so you
don't see any separate oplock request frames for the .zip, .txt, and
.jpeg files. Any stand-alone oplock frames you see will be oplock
breaks. Another confusing point in the SMB1 protocol is that byte-range
lock request/response packets are identical to oplock break packets.
When a batch oplock breaks, the client flows byte-range lock requests to
the server. What you're probably seeing are byte-range locks, rather
than oplock requests, since Office uses byte-range locks.
> In any case, it seems from what you say that I cannot gain knowledge
> of the oplocks held on a file from my minifilter... ?
Maxim is correct about how oplocks factor in to the RDR/SRV interaction.
So yes, there is no way to know from a minifilter on the client what
oplocks are being used.
In fact, you'll see that if you have an app that attempts to directly
request an oplock on a remote file server, RDR will fail the oplock request.
--
Christian [MSFT]
This posting is provided "AS IS" with no warranties, and confers no rights.