Windows System Software -- Consulting, Training, Development -- Unique Expertise, Guaranteed Results

Home NTFSD
Before Posting...
Please check out the Community Guidelines in the Announcements and Administration Category.

More Info on Driver Writing and Debugging


The free OSR Learning Library has more than 50 articles on a wide variety of topics about writing and debugging device drivers and Minifilters. From introductory level to advanced. All the articles have been recently reviewed and updated, and are written using the clear and definitive style you've come to expect from OSR over the years.


Check out The OSR Learning Library at: https://www.osr.com/osr-learning-library/


SetFileValidData and SMB, what's the trick?

Jason_T.Jason_T. Member Posts: 72

I'm using the SetFileValidData call to quickly allocate a large region on disk prior to filling it with data. I add the SE_MANAGE_VOLUME_NAME priv to the process prior to opening any file handles and everything works great when I specify a local NTFS file path. But when I specify an SMB path, the SetFileValidData call fails with ERROR_PRIVILEGE_NOT_HELD. The SMB path refers to another Windows 10 machine and if I run the code locally on that machine it works as well. The documentation for SetFileValidData indicates support for SMB, but I'm wondering if there's some kind special token/priv manipulation I need to do in order for this priv to pass from SMB client, to SMB server, and finally along to that local NTFS instance. One other data point, it works properly when I specify the SMB path of a local resource, but as soon as the SMB path points to a different machine, I get the error.

Any ideas?

-JT

Comments

  • rod_widdowsonrod_widdowson Member - All Emails Posts: 1,120

    Any ideas?

    First thing I would do would be see where the error comes from (client or server). My bet would be the server and at that stage I'm guessing that all bets are off - you'd need to persuade the server to impersonate in the Set File Info Path which it probable doesn't know how to.

    I guess I should also say that I'm assuming that the thread calling the set info call has the required privileges. For obvious reasons you cannot rely on kernel mode giving you priviledge when you are running against a remote resources. Also that the file object is opened appropriately...

Sign In or Register to comment.

Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!

Upcoming OSR Seminars
OSR has suspended in-person seminars due to the Covid-19 outbreak. But, don't miss your training! Attend via the internet instead!
Kernel Debugging 30 Mar 2020 OSR Seminar Space
Developing Minifilters 15 Jun 2020 LIVE ONLINE
Writing WDF Drivers 22 June 2020 LIVE ONLINE
Internals & Software Drivers 28 Sept 2020 Dulles, VA