hi,
i am writing a file sys filter driver that attempts to encrypt the buffer
specified in irp->mdladdress for noncached writes from the virtual mem
manager. as i discovered, if i modify the original buffer, subsequent reads
will result in the encrypted data being displayed. i presume this buffer is
that specified by the cache manager so those subsequent reads were from
cache.
in order not to let this happen, i attempt to init a mdl for my buffer, copy
the original buffer into my buffer, modify it, and then send my mdl down to
the fsd. this works for ntfs but not for fat. the data written is neither
the original nor the encrypted one. can anyone enlighten me?
also, i have thought of encrypting the original buffer, send it down, then
decrypt it on completion. but is there a possibility that some other process
might attempt to access the buffer while it is being sent down and yet to
complete? i would think not as paging writes (as i see) usually happens
after all cleanups…
Ho Mun Chuen
@@ “Not everything that counts can be counted;
<” )~ and not everything that can be counted counts"
//\ … Albert Einstein
in order to conserve mem, i also tried building a partial mdl from the
original mdl, backup the data in this partial buffer to my own buffer,
encrypt the partial buffer, then send down the partial mdl. on completion, i
will restore the buffer. this also doesn’t work. and so sorry, the part
about ntfs ok and fat not ok is for this portion. for the portion i used my
own new mdl, ntfs and fat both don’t work.
is it that it will only work for the original mdl??
Ho Mun Chuen
@@ “Not everything that counts can be counted;
<” )~ and not everything that can be counted counts"
//\ … Albert Einstein
----- Original Message -----
hi,
i am writing a file sys filter driver that attempts to encrypt the buffer
specified in irp->mdladdress for noncached writes from the virtual mem
manager. as i discovered, if i modify the original buffer, subsequent reads
will result in the encrypted data being displayed. i presume this buffer is
that specified by the cache manager so those subsequent reads were from
cache.
in order not to let this happen, i attempt to init a mdl for my buffer, copy
the original buffer into my buffer, modify it, and then send my mdl down to
the fsd. this works for ntfs but not for fat. the data written is neither
the original nor the encrypted one. can anyone enlighten me?
also, i have thought of encrypting the original buffer, send it down, then
decrypt it on completion. but is there a possibility that some other process
might attempt to access the buffer while it is being sent down and yet to
complete? i would think not as paging writes (as i see) usually happens
after all cleanups…
Ho Mun Chuen
@@ “Not everything that counts can be counted;
<” )~ and not everything that can be counted counts"
//\ … Albert Einstein
In completion routine for write you can just decrypt original buffer back. I
had a same problem and this approach work perfect for me.
Mikhail
-----Original Message-----
From: xxxxx@lists.osr.com
[mailto:xxxxx@lists.osr.com]On Behalf Of Ho Mun Chuen
Sent: Wednesday, May 31, 2000 3:28 AM
To: File Systems Developers
Subject: [ntfsd] How to replace MDL
hi,
i am writing a file sys filter driver that attempts to encrypt the buffer
specified in irp->mdladdress for noncached writes from the virtual mem
manager. as i discovered, if i modify the original buffer,
subsequent reads
will result in the encrypted data being displayed. i presume this
buffer is
that specified by the cache manager so those subsequent reads were from
cache.
in order not to let this happen, i attempt to init a mdl for my
buffer, copy
the original buffer into my buffer, modify it, and then send my
mdl down to
the fsd. this works for ntfs but not for fat. the data written is neither
the original nor the encrypted one. can anyone enlighten me?
also, i have thought of encrypting the original buffer, send it down, then
decrypt it on completion. but is there a possibility that some
other process
might attempt to access the buffer while it is being sent down and yet to
complete? i would think not as paging writes (as i see) usually happens
after all cleanups…
Ho Mun Chuen
@@ “Not everything that counts can be counted;
<” )~ and not everything that can be counted counts"
//\ … Albert Einstein
You are currently subscribed to ntfsd as: xxxxx@pcguardian.com
To unsubscribe send a blank email to $subst(‘Email.Unsub’)
try this:
Irp->MdlAddress = yoursMdl;
Irp->UserBuffer = yoursBuffer;
it may help.
Best regards
mari
-----Original Message-----
From: Mikhail Paley [mailto:xxxxx@pcguardian.com]
Sent: Wednesday, May 31, 2000 7:29 PM
To: File Systems Developers
Subject: [ntfsd] RE: How to replace MDL
In completion routine for write you can just decrypt original buffer back. I
had a same problem and this approach work perfect for me.
Mikhail
-----Original Message-----
From: xxxxx@lists.osr.com
[mailto:xxxxx@lists.osr.com]On Behalf Of Ho Mun Chuen
Sent: Wednesday, May 31, 2000 3:28 AM
To: File Systems Developers
Subject: [ntfsd] How to replace MDL
hi,
i am writing a file sys filter driver that attempts to encrypt the buffer
specified in irp->mdladdress for noncached writes from the virtual mem
manager. as i discovered, if i modify the original buffer,
subsequent reads
will result in the encrypted data being displayed. i presume this
buffer is
that specified by the cache manager so those subsequent reads were from
cache.
in order not to let this happen, i attempt to init a mdl for my
buffer, copy
the original buffer into my buffer, modify it, and then send my
mdl down to
the fsd. this works for ntfs but not for fat. the data written is neither
the original nor the encrypted one. can anyone enlighten me?
also, i have thought of encrypting the original buffer, send it down, then
decrypt it on completion. but is there a possibility that some
other process
might attempt to access the buffer while it is being sent down and yet to
complete? i would think not as paging writes (as i see) usually happens
after all cleanups…
Ho Mun Chuen
@@ “Not everything that counts can be counted;
<” )~ and not everything that can be counted counts"
//\ … Albert Einstein
You are currently subscribed to ntfsd as: xxxxx@pcguardian.com
To unsubscribe send a blank email to $subst(‘Email.Unsub’)
You are currently subscribed to ntfsd as: xxxxx@decros.cz
To unsubscribe send a blank email to $subst(‘Email.Unsub’)
Hi,
also, i have thought of encrypting the original
buffer, send it down,
then
decrypt it on completion. but is there a possibility
that some
other process
might attempt to access the buffer while it is being
sent down and
yet to
complete?
You can try MmProbeAndLockPages to lock the buffer and
send it to the lower driver.
Hope it helps.
Regards,
Gurpreet
— Ho Mun Chuen wrote:
> hi,
>
> i am writing a file sys filter driver that attempts
> to encrypt the buffer
> specified in irp->mdladdress for noncached writes
> from the virtual mem
> manager. as i discovered, if i modify the original
> buffer, subsequent reads
> will result in the encrypted data being displayed. i
> presume this buffer is
> that specified by the cache manager so those
> subsequent reads were from
> cache.
>
> in order not to let this happen, i attempt to init a
> mdl for my buffer, copy
> the original buffer into my buffer, modify it, and
> then send my mdl down to
> the fsd. this works for ntfs but not for fat. the
> data written is neither
> the original nor the encrypted one. can anyone
> enlighten me?
>
> also, i have thought of encrypting the original
> buffer, send it down, then
> decrypt it on completion. but is there a possibility
> that some other process
> might attempt to access the buffer while it is being
> sent down and yet to
> complete? i would think not as paging writes (as i
> see) usually happens
> after all cleanups…
>
> Ho Mun Chuen
> @@ “Not everything that counts can be counted;
> <” )~ and not everything that can be counted
> counts"
> //\ … Albert Einstein
>
>
> —
> You are currently subscribed to ntfsd as:
> xxxxx@yahoo.com
> To unsubscribe send a blank email to
> $subst(‘Email.Unsub’)
>
__________________________________________________
Do You Yahoo!?
Send instant messages & get email alerts with Yahoo! Messenger.
http://im.yahoo.com/
*sigh* it doesn’t work…
Ho Mun Chuen
@@ “Not everything that counts can be counted;
<” )~ and not everything that can be counted counts"
//\ … Albert Einstein
----- Original Message -----
From: Marik Miloslav
To: File Systems Developers
Sent: Thursday, June 01, 2000 6:05 PM
Subject: [ntfsd] RE: How to replace MDL
try this:
Irp->MdlAddress = yoursMdl;
Irp->UserBuffer = yoursBuffer;
it may help.
Best regards
mari
-----Original Message-----
From: Mikhail Paley [mailto:xxxxx@pcguardian.com]
Sent: Wednesday, May 31, 2000 7:29 PM
To: File Systems Developers
Subject: [ntfsd] RE: How to replace MDL
In completion routine for write you can just decrypt original buffer back. I
had a same problem and this approach work perfect for me.
Mikhail
> -----Original Message-----
> From: xxxxx@lists.osr.com
> [mailto:xxxxx@lists.osr.com]On Behalf Of Ho Mun Chuen
> Sent: Wednesday, May 31, 2000 3:28 AM
> To: File Systems Developers
> Subject: [ntfsd] How to replace MDL
>
>
> hi,
>
> i am writing a file sys filter driver that attempts to encrypt the buffer
> specified in irp->mdladdress for noncached writes from the virtual mem
> manager. as i discovered, if i modify the original buffer,
> subsequent reads
> will result in the encrypted data being displayed. i presume this
> buffer is
> that specified by the cache manager so those subsequent reads were from
> cache.
>
> in order not to let this happen, i attempt to init a mdl for my
> buffer, copy
> the original buffer into my buffer, modify it, and then send my
> mdl down to
> the fsd. this works for ntfs but not for fat. the data written is neither
> the original nor the encrypted one. can anyone enlighten me?
>
> also, i have thought of encrypting the original buffer, send it down, then
> decrypt it on completion. but is there a possibility that some
> other process
> might attempt to access the buffer while it is being sent down and yet to
> complete? i would think not as paging writes (as i see) usually happens
> after all cleanups…
>
> Ho Mun Chuen
> @@ “Not everything that counts can be counted;
> <” )~ and not everything that can be counted counts"
> //\ … Albert Einstein
>
>
> —
> You are currently subscribed to ntfsd as: xxxxx@pcguardian.com
> To unsubscribe send a blank email to $subst(‘Email.Unsub’)
>
—
You are currently subscribed to ntfsd as: xxxxx@decros.cz
To unsubscribe send a blank email to $subst(‘Email.Unsub’)
—
You are currently subscribed to ntfsd as: xxxxx@pmail.ntu.edu.sg
To unsubscribe send a blank email to $subst(‘Email.Unsub’)
MmProbeAndLockPages locks the virtual addresses to physical pages, does it
lock it from other processes as well?
Ho Mun Chuen
@@ “Not everything that counts can be counted;
<” )~ and not everything that can be counted counts"
//\ … Albert Einstein
----- Original Message -----
From: Gurpreet Anand
To: File Systems Developers
Sent: Friday, June 02, 2000 12:56 AM
Subject: [ntfsd] Re: How to replace MDL
Hi,
also, i have thought of encrypting the original
buffer, send it down,
then
> decrypt it on completion. but is there a possibility
that some
> other process
> might attempt to access the buffer while it is being
sent down and
yet to
> complete?
You can try MmProbeAndLockPages to lock the buffer and
send it to the lower driver.
Hope it helps.
Regards,
Gurpreet
> i am writing a file sys filter driver that attempts to encrypt the buffer
specified in irp->mdladdress for noncached writes from the virtual mem
manager. as i discovered, if i modify the original buffer, subsequent
reads
Never, ever do this. This will result in the source file changed by
CopyFile
API.
CopyFile mmap()s (sorry for UNIX terminology) the source file and then
write()s to the destination file from the mmaped section view. The MDL
which arrives to your filter during this write operation describes the
mmaped
view of the source file. Any changes to the data described by the MDL will
mark the pages as dirty and then MM will merrily flush these changes to the
original file - and the protection flags are irrelevant for this and will
not guard
from this.
Max