Hi,
I’m developing a driver for some proprietary hardware. The driver works ok;
the problem I’m having is access from user-mode programs (this is a NT4
style kmd running under W2K SP1).
I’ve defined a couple of custom ioctls which configures the device and are
marked FILE_WRITE_ACCESS and other that read the device status which are
marked FILE_READ_ACCESS. The problem is that I’d like to have write access
from one point only, so I figured the OS would take care of that if I just
opened the device as follows from my test app:
HANDLE hDevice = CreateFileW(L"\\.\RU",
GENERIC_WRITE | GENERIC_READ,
FILE_SHARE_READ,
NULL,
OPEN_EXISTING,
FILE_ATTRIBUTE_NORMAL |
FILE_FLAG_OVERLAPPED,
NULL);
Which should mean that I get write and read access via the returned handle,
but that subsequent reqests specifying write access should fail - but they
don’t. I can start several instances of the same process at the same time
and the call to CreateFile will always succeed. What am I missing here - is
there anything special that I should do to make sure this works as expected?
// Johan
The sharing flags are not enforced by the operating system, but by the
driver that receives the create IRP. File-system drivers do this to
control file sharing. While your driver is not an FSD, I think you
could examine the parameters passed in with the create IRP as if it
were, and enforce the sharing rules. You need some single-instance
context (such as the device-object extension) to track the currently-
granted access. I seem to recall some support in the IFS kit for
doing this (structs and functions).
Dave Cox
Hewlett-Packard Co.
HPSO/SMSO (Santa Barbara)
https://ecardfile.com/id/Dave+Cox
-----Original Message-----
From: xxxxx@esrange.ssc.se [mailto:xxxxx@esrange.ssc.se]
Sent: Tuesday, November 14, 2000 11:49 PM
To: NT Developers Interest List
Subject: [ntdev] Access to device
Hi,
I’m developing a driver for some proprietary hardware. The driver works ok;
the problem I’m having is access from user-mode programs (this is a NT4
style kmd running under W2K SP1).
I’ve defined a couple of custom ioctls which configures the device and are
marked FILE_WRITE_ACCESS and other that read the device status which are
marked FILE_READ_ACCESS. The problem is that I’d like to have write access
from one point only, so I figured the OS would take care of that if I just
opened the device as follows from my test app:
HANDLE hDevice = CreateFileW(L"\\.\RU",
GENERIC_WRITE | GENERIC_READ,
FILE_SHARE_READ,
NULL,
OPEN_EXISTING,
FILE_ATTRIBUTE_NORMAL |
FILE_FLAG_OVERLAPPED,
NULL);
Which should mean that I get write and read access via the returned handle,
but that subsequent reqests specifying write access should fail - but they
don’t. I can start several instances of the same process at the same time
and the call to CreateFile will always succeed. What am I missing here - is
there anything special that I should do to make sure this works as expected?
// Johan
You are currently subscribed to ntdev as: david_cox2@hp.com
To unsubscribe send a blank email to $subst(‘Email.Unsub’)
Now if I only had the IFS kit …
Do you know if there are any other samples on this subject?
// Johan
-----Original Message-----
From: COX,DAVID (HP-Roseville,ex1) [mailto:david_cox2@hp.com]
Sent: den 15 november 2000 19:46
To: NT Developers Interest List
Subject: [ntdev] RE: Access to device
The sharing flags are not enforced by the operating system, but by the
driver that receives the create IRP. File-system drivers do this to
control file sharing. While your driver is not an FSD, I think you
could examine the parameters passed in with the create IRP as if it
were, and enforce the sharing rules. You need some single-instance
context (such as the device-object extension) to track the currently-
granted access. I seem to recall some support in the IFS kit for
doing this (structs and functions).
Dave Cox
Hewlett-Packard Co.
HPSO/SMSO (Santa Barbara)
https://ecardfile.com/id/Dave+Cox