This query comes from a fellow student.
I am hoping someone else knows more about this than I do…
Basically I’m implementing a filter driver which is essentially for Windows
CE, but the prototype will be run on windows nt. What’s meant to happen is
when a file is accessed in a certain folder, it first has to be downloaded
from the home server.
I don’t know if the way I’m doing this is the most efficient but with a week
and a bit left I’m not too worried about that. Basically I’m trying to
intercept the irp’s for that folder with the CREATE as their major function.
I
have written a seperate program that does the downloading section of the
project. I’ve been hitting a brick wall trying to launch the .exe. I’ve
tried
using zwCreateFile and setting its value to FILE_EXECUTE but that doesn’t
work. I’ve tried creating totally new irps, but that just gives me that
lovely
blue screen.
So basically I’m just trying to find a way to launch a file before the
original one is run.
Thanks
Hello!
I’m new to this as well, but I’m currently planning something quite
similar… But I still don’t know if my idea could possibly work 
Well, here it is anyway:
I have a file system driver, a system service and a 3rd party usermode
.DLL.
When an IRP_MJ_CREATE arrives at my driver, I post this request to the
service (named events, special IOCTLs, or something like that, I’m still
investigating here) [I think I read at some time that create requests
should not be posted, but I don’t think I have a choice here]. The service
in turn (impersonating the currently logged in user) loads the usermode
.DLL, which then processes the create request. The result will be sent back
to the driver which completes the original IRP.
(the same goes for the other stuff, like READ/WRITE/CLOSE/Directory-Stuff).
Cheers,
Mr. BlueScreen
erm, I mean
Michael
|---------±------------------------------>
| | “Darragh Jones” |
| | <darragh.jones>| | d.ie> |
| | Sent by: |
| | bounce-ntfsd-5035@li|
| | sts.osr.com |
| | |
| | |
| | 02/04/2002 14:44 |
| | Please respond to |
| | “File Systems |
| | Developers” |
| | |
|---------±------------------------------>
>--------------------------------------------------------------------------------------------------------------|
| |
| To: “File Systems Developers” |
| cc: |
| Subject: [ntfsd] Filter driver across network |
>--------------------------------------------------------------------------------------------------------------|
This query comes from a fellow student.
I am hoping someone else knows more about this than I do…
Basically I’m implementing a filter driver which is essentially for Windows
CE, but the prototype will be run on windows nt. What’s meant to happen is
when a file is accessed in a certain folder, it first has to be downloaded
from the home server.
I don’t know if the way I’m doing this is the most efficient but with a
week
and a bit left I’m not too worried about that. Basically I’m trying to
intercept the irp’s for that folder with the CREATE as their major
function.
I
have written a seperate program that does the downloading section of the
project. I’ve been hitting a brick wall trying to launch the .exe. I’ve
tried
using zwCreateFile and setting its value to FILE_EXECUTE but that doesn’t
work. I’ve tried creating totally new irps, but that just gives me that
lovely
blue screen.
So basically I’m just trying to find a way to launch a file before the
original one is run.</darragh.jones>
> I’m new to this as well, but I’m currently planning something quite
similar… But I still don’t know if my idea could possibly work
We have implemented this thing at SCI in late 2000 on NT4. It works.
It will not work on smaller Windows though due to some idiotic mutexes taken in kernel32.dll in CreateFile or such calls.
Max