Hi all,
I try to use ZwSetInformationFile with FileShortNameInformation in the minifilter FS driver. I called this routine both in the driver entry routine and in the system work item thread. However, the ZwSetInfo… call always failed with STATUS_PRIVILEGE_NOT_HELD (0xC0000061).
I am running Win 7 32 bit on the NTFS volume. I have also enabled the privilege SE_RESTORE_PRIVILEGE using ZwAdjustPrivilegesToken on the current process token. But it still fails.
Does anybody know what I am doing wrong?
The code was posted below as well:
NTSTATUS status;
TOKEN_PRIVILEGES privSet;
HANDLE tokenHandle;
TOKEN_PRIVILEGES tokenPriv;
// Open current process token
status = ZwOpenProcessToken(NtCurrentProcess(), TOKEN_ALL_ACCESS,
&tokenHandle);
if ( !NT_SUCCESS( status ) )
{
KdPrint((" NtOpenProcessToken failed, status 0x%x\n", status));
return status;
}
// Set up the information about the privilege we are adjusting
privSet.PrivilegeCount = 1;
privSet.Privileges[0].Luid = RtlConvertUlongToLuid(SE_RESTORE_PRIVILEGE);
privSet.Privileges[0].Attributes = SE_PRIVILEGE_ENABLED;
status = ZwAdjustPrivilegesToken(tokenHandle, FALSE, &privSet, sizeof(privSet), NULL, NULL);
if ( !NT_SUCCESS( status ) )
KdPrint((“ZwAdjustPrivilegesToken failed, status 0x%x\n”, status));
ZwClose(tokenHandle);
OBJECT_ATTRIBUTES oa;
UNICODE_STRING filenameu;
HANDLE handle;
IO_STATUS_BLOCK iosb;
RtlInitUnicodeString( &filenameu, L"\DosDevices\D:\this is a long name folder" );
InitializeObjectAttributes( &oa, &filenameu, OBJ_CASE_INSENSITIVE|
OBJ_KERNEL_HANDLE , NULL, NULL );
NTSTATUS ntStatus = ZwCreateFile( &handle, GENERIC_WRITE|DELETE, &oa,
&iosb, 0, FILE_ATTRIBUTE_NORMAL, 0, FILE_OPEN, 0, NULL, 0 );
if ( NT_SUCCESS( ntStatus ) )
{
PFILE_NAME_INFORMATION fileNameInfo = (PFILE_NAME_INFORMATION) ExAllocatePool(PagedPool, sizeof(FILE_NAME_INFORMATION)+ 128);
fileNameInfo->FileNameLength = wcslen( L"thisis~3" ) * sizeof( WCHAR );
memcpy( fileNameInfo->FileName, L"thisis~3", fileNameInfo->FileNameLength );
ntStatus = ZwSetInformationFile( handle, &iosb, fileNameInfo, sizeof( FILE_NAME_INFORMATION ) + fileNameInfo->FileNameLength, FileShortNameInformation );
ExFreePool(fileNameInfo);
// Always returns STATUS_PRIVILEGE_NOT_HELD ((NTSTATUS)0xC0000061L):
// A required privilege is not held by the client
KdPrint((“ntStatus: 0x%X\n”, ntStatus));
ZwClose( handle );
}