CreateFile returns invalid handle with ERROR_ACCESS_DENIED.

I am attempting to create a file (on my C: driver) under a software only PnP driver: CreateFile((LPCTSTR)file,GENERIC_WRITE,0,NULL,CREATE_ALWAYS,FILE_ATTRIBUTE_NORMAL,NULL).

I am returned an invalid handle and GetLastError returns ERROR_ACCESS_DENIED. This is a UMDF driver similar to the Echo sample in the WDK.

What would be proper way to have the correct permissions to create and write to a file?

What is the exact string you are pass for the ‘file’ parameter? “c:” ?

d

-----Original Message-----
From: xxxxx@lists.osr.com [mailto:xxxxx@lists.osr.com] On Behalf Of xxxxx@aeshen.com
Sent: Monday, October 29, 2007 11:02 AM
To: Windows System Software Devs Interest List
Subject: [ntdev] CreateFile returns invalid handle with ERROR_ACCESS_DENIED.

I am attempting to create a file (on my C: driver) under a software only PnP driver: CreateFile((LPCTSTR)file,GENERIC_WRITE,0,NULL,CREATE_ALWAYS,FILE_ATTRIBUTE_NORMAL,NULL).

I am returned an invalid handle and GetLastError returns ERROR_ACCESS_DENIED. This is a UMDF driver similar to the Echo sample in the WDK.

What would be proper way to have the correct permissions to create and write to a file?


NTDEV is sponsored by OSR

For our schedule of WDF, WDM, debugging and other seminars visit:
http://www.osr.com/seminars

To unsubscribe, visit the List Server section of OSR Online at http://www.osronline.com/page.cfm?name=ListServer

Hi,

You can create a file like the following
HANDLE hHandle = CreateFile(L"\\.\k:\echow.txt",
GENERIC_READ|GENERIC_WRITE,
FILE_SHARE_READ | FILE_SHARE_WRITE,
NULL, CREATE_ALWAYS, 0, 0);

BUT, the easiest thing to forget is that the driver is not run under the
account your
are logged in with. It is as default under Local Service, and therefore you
need
to give access to this user in the folder you want to use.

If you want to change the user you have to use
SECURITY_IMPERSONATION
with the CreateFile when you open your driver handle, not creating the
file itself in the driver.

More about this under MSDN
http://msdn2.microsoft.com/en-us/library/aa363858.aspx

Also some minor changes is needed in the driver. The inf file has to add an
UmdfImpersonationLevel row. For the echo driver it would be something like

[Echo_Install.NT.Wdf]
UmdfService=WUDFEchoDriver,WUDFEchoDriver_Install
UmdfServiceOrder=WUDFEchoDriver
UmdfImpersonationLevel=Impersonation

Google UmdfImpersonationLevel to get some background.

Regards,
Daniel

----- Original Message -----
From:
To: “Windows System Software Devs Interest List”
Sent: Monday, October 29, 2007 7:01 PM
Subject: [ntdev] CreateFile returns invalid handle with ERROR_ACCESS_DENIED.

>I am attempting to create a file (on my C: driver) under a software only
>PnP driver:
>CreateFile((LPCTSTR)file,GENERIC_WRITE,0,NULL,CREATE_ALWAYS,FILE_ATTRIBUTE_NORMAL,NULL).
>
> I am returned an invalid handle and GetLastError returns
> ERROR_ACCESS_DENIED. This is a UMDF driver similar to the Echo sample in
> the WDK.
>
> What would be proper way to have the correct permissions to create and
> write to a file?
>
> —
> NTDEV is sponsored by OSR
>
> For our schedule of WDF, WDM, debugging and other seminars visit:
> http://www.osr.com/seminars
>
> To unsubscribe, visit the List Server section of OSR Online at
> http://www.osronline.com/page.cfm?name=ListServer
>

The string is: “c:\performance.txt”.

SECURITY_IMPERSONATION is something I never even looked into. I will give it shot and let you know.

Thanks!

No luck with SECURITY_IMPRESONATION…

Here is my call (file = “performance.txt”)
if ( (logFile = CreateFile((LPCTSTR)file,GENERIC_WRITE,0,NULL,CREATE_ALWAYS,SECURITY_SQOS_PRESENT|SECURITY_IMPERSONATION
,NULL)) == INVALID_HANDLE_VALUE)
{
fileerror=GetLastError();
return;
}
Here is my inf file:
[VA_Install.NT.Wdf]
UmdfService=VADriver,VADriver_Install
UmdfServiceOrder=VADriver
UmdfImpersonationLevel=Impersonation

GetLastError() still return ERROR_ACCESS_DENIED.

What could it be?

Hi,

As I wrote, this should be done when you open the handle to the driver
not when you creating the file inside of your driver. You can see your
driver in taskmanager to see which user is used.

Daniel

----- Original Message -----
From:
To: “Windows System Software Devs Interest List”
Sent: Tuesday, October 30, 2007 6:12 AM
Subject: RE:[ntdev] CreateFile returns invalid handle with
ERROR_ACCESS_DENIED.

> No luck with SECURITY_IMPRESONATION…
>
> Here is my call (file = “performance.txt”)
> if ( (logFile =
> CreateFile((LPCTSTR)file,GENERIC_WRITE,0,NULL,CREATE_ALWAYS,SECURITY_SQOS_PRESENT|SECURITY_IMPERSONATION
> ,NULL)) == INVALID_HANDLE_VALUE)
> {
> fileerror=GetLastError();
> return;
> }
> Here is my inf file:
> [VA_Install.NT.Wdf]
> UmdfService=VADriver,VADriver_Install
> UmdfServiceOrder=VADriver
> UmdfImpersonationLevel=Impersonation
>
> GetLastError() still return ERROR_ACCESS_DENIED.
>
> What could it be?
>
>
> —
> NTDEV is sponsored by OSR
>
> For our schedule of WDF, WDM, debugging and other seminars visit:
> http://www.osr.com/seminars
>
> To unsubscribe, visit the List Server section of OSR Online at
> http://www.osronline.com/page.cfm?name=ListServer
>

Thanks for clarifying. When I read your explanation I was a bit confused. In general I will be creating a file (inside the driver), so you are say that I do not need to use “SECURITY_SQOS_PRESENT|SECURITY_IMPERSONATION” when I first create the file?

My other problem was the first parameter(LPCTSTR)file (“file” is a char *). Althought there were no errors it still returned ERROR_ACCESS_DENIED, so I hardcoded something like: L"\\.\c:\Test Drivers\performance.txt". How do I convert a char * to the LPCTSTR type and have it work?

Later on I am getting an exception during a WriteFile():
This exception may be expected and handled.
eax=00000027 ebx=00000000 ecx=0097fe28 edx=7c90eb94 esi=00000000 edi=000004c4
eip=7c810e0c esp=0097fe54 ebp=0097fe88 iopl=0 nv up ei pl zr na pe nc
cs=001b ss=0023 ds=0023 es=0023 fs=003b gs=0000 efl=00010246
kernel32!WriteFile+0x117:
7c810e0c 8903 mov dword ptr [ebx],eax ds:0023:00000000=???
0:008> g
(1a4.1ac): Access violation - code c0000005 (!!! second chance !!!)
eax=00000027 ebx=00000000 ecx=0097fe28 edx=7c90eb94 esi=00000000 edi=000004c4
eip=7c810e0c esp=0097fe54 ebp=0097fe88 iopl=0 nv up ei pl zr na pe nc
cs=001b ss=0023 ds=0023 es=0023 fs=003b gs=0000 efl=00000246
kernel32!WriteFile+0x117:
7c810e0c 8903 mov dword ptr [ebx],eax ds:0023:00000000=???

I think I am confusing the CreateFile() for creating a text file vs. CreateFile() for opening a driver.

When creating the text file within the driver, can I use the “fopen” (original method) vs. “CreateFile” when using IMPRESONATION?

Please post the actual code for your function in question, unmodified.
The same goes for the stack trace. In my opinion, these bits and pieces
are essentially incomprehensible out of context and require guessing.

mm

xxxxx@aeshen.com wrote:

I think I am confusing the CreateFile() for creating a text file vs. CreateFile() for opening a driver.

When creating the text file within the driver, can I use the “fopen” (original method) vs. “CreateFile” when using IMPRESONATION?

fopen calls CreateFile, so they are fundamentally the same at open time (there are differences in buffering of i/o later on though)

d

-----Original Message-----
From: xxxxx@lists.osr.com [mailto:xxxxx@lists.osr.com] On Behalf Of xxxxx@aeshen.com
Sent: Tuesday, October 30, 2007 10:25 AM
To: Windows System Software Devs Interest List
Subject: RE:[ntdev] CreateFile returns invalid handle with ERROR_ACCESS_DENIED.

I think I am confusing the CreateFile() for creating a text file vs. CreateFile() for opening a driver.

When creating the text file within the driver, can I use the “fopen” (original method) vs. “CreateFile” when using IMPRESONATION?


NTDEV is sponsored by OSR

For our schedule of WDF, WDM, debugging and other seminars visit:
http://www.osr.com/seminars

To unsubscribe, visit the List Server section of OSR Online at http://www.osronline.com/page.cfm?name=ListServer

xxxxx@aeshen.com wrote:

My other problem was the first parameter(LPCTSTR)file (“file” is a char *). Althought there were no errors it still returned ERROR_ACCESS_DENIED, so I hardcoded something like: L"\\.\c:\Test Drivers\performance.txt". How do I convert a char * to the LPCTSTR type and have it work?

If you do not have UNICODE defined, then LPCTSTR is a const char *, so
no conversion is required. If you do have UNICODE defined, then LPCTSTR
is a const short *, so you have to convert your ASCII string to
Unicode. You can use mbstowcs or the equivalent Win32 API to do that.

Alternatively, if you are running a UNICODE app, you might consider
creating your file name as Unicode to begin with and save yourself the
trouble.


Tim Roberts, xxxxx@probo.com
Providenza & Boekelheide, Inc.

xxxxx@aeshen.com wrote:

Later on I am getting an exception during a WriteFile():
This exception may be expected and handled.
eax=00000027 ebx=00000000 ecx=0097fe28 edx=7c90eb94 esi=00000000 edi=000004c4
eip=7c810e0c esp=0097fe54 ebp=0097fe88 iopl=0 nv up ei pl zr na pe nc
cs=001b ss=0023 ds=0023 es=0023 fs=003b gs=0000 efl=00010246
kernel32!WriteFile+0x117:
7c810e0c 8903 mov dword ptr [ebx],eax ds:0023:00000000=???
0:008> g
(1a4.1ac): Access violation - code c0000005 (!!! second chance !!!)
eax=00000027 ebx=00000000 ecx=0097fe28 edx=7c90eb94 esi=00000000 edi=000004c4
eip=7c810e0c esp=0097fe54 ebp=0097fe88 iopl=0 nv up ei pl zr na pe nc
cs=001b ss=0023 ds=0023 es=0023 fs=003b gs=0000 efl=00000246
kernel32!WriteFile+0x117:
7c810e0c 8903 mov dword ptr [ebx],eax ds:0023:00000000=???

Why is this a driver question?

It’s a little much for you to expect us to debug your code, when you
haven’t even shown us your code. My guess is that you are using
WriteFile incorrectly. For example, passing a closed handle, or passing
NULL for both lpNumberOfBytesWritten and lpOverlapped.


Tim Roberts, xxxxx@probo.com
Providenza & Boekelheide, Inc.

Thanks for the guidance, I finally was able to create and write to a file using standard calls such as fopen() for using Security Impersonation under UMDF.

This was a driver question. The reason it appeared to change to a CreateFile() coding issue was due to my debugging questions. Some of these turned out not to be relevant.

The changes to the driver code appear to using IWDFIoRequest::Impersonate() in the driver. I was not able to find this in MSDN, but it was mentioned in the book “Developing Drivers with WDF”.