Get pointer to device \Device\Floppy0

Hello,
I want to get a pointer to the device “\Device\Floppy0”. I’m using
IoGetObjectPointer but if it has a File System device attached, I get a
pointer to the File System device instead of the “\Device\Floppy0”. What do
I have to do?
Thanks in advance.


Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com

Do you need Load your Device Driver before File System.

Ratmil Torres wrote:

Hello,
I want to get a pointer to the device “\Device\Floppy0”. I’m using
IoGetObjectPointer but if it has a File System device attached, I get a
pointer to the File System device instead of the “\Device\Floppy0”. What do
I have to do?
Thanks in advance.


Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com


You are currently subscribed to ntfsd as: xxxxx@seil.com.br
To unsubscribe send a blank email to $subst(‘Email.Unsub’)

>From: Heldai Lemos Ferreira
>Reply-To: “File Systems Developers”
>To: “File Systems Developers”
>Subject: [ntfsd] Re: Get pointer to device \Device\Floppy0
>Date: Tue, 30 May 2000 08:28:31 -0300
>
>Do you need Load your Device Driver before File System.
Thank you. I got it.
But isn’t there a way to get a pointer to “\Device\Floppy0” given a
pointer to the attached File System device or to get a pointer to the File
System device given the pointer to “\Device\Floppy0”?

>
>Ratmil Torres wrote:
>
> > Hello,
> > I want to get a pointer to the device “\Device\Floppy0”. I’m using
> > IoGetObjectPointer but if it has a File System device attached, I get a
> > pointer to the File System device instead of the “\Device\Floppy0”. What
>do
> > I have to do?
> > Thanks in advance.
> >
> > Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com
> >
> > —
> > You are currently subscribed to ntfsd as: xxxxx@seil.com.br
> > To unsubscribe send a blank email to $subst(‘Email.Unsub’)
>
>
>—
>You are currently subscribed to ntfsd as: xxxxx@hotmail.com
>To unsubscribe send a blank email to $subst(‘Email.Unsub’)
>


Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com

ratmil,
After a succesfull IoGetObjectPointer(…) you get a fileobject.
if ( fileobject->vpb )
then fileobject->vpb->RealDevice IS what u want
else
fileobject->DeviceObject->Vpb->RealDevice COULD be what u want

regds
alexander suresh

----- Original Message -----
From: Ratmil Torres
To: File Systems Developers
Sent: Monday, May 29, 2000 2:39 PM
Subject: [ntfsd] Get pointer to device \Device\Floppy0

> Hello,
> I want to get a pointer to the device “\Device\Floppy0”. I’m using
> IoGetObjectPointer but if it has a File System device attached, I get a
> pointer to the File System device instead of the “\Device\Floppy0”. What
do
> I have to do?
> Thanks in advance.
> ________________________________________________________________________
> Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com
>
>
> —
> You are currently subscribed to ntfsd as: xxxxx@mobiliti.com
> To unsubscribe send a blank email to $subst(‘Email.Unsub’)
>
>

Thank you, Alexander. I will try now your solution. But let me tell you why
I need that, because maybe there’s a more elegant or safer solution. I’m
making a resident antivirus program, a File System Filter driver. The driver
attaches to Harddisks, LanmanRedirector and File System Recognizers. Because
I was testing it, my driver is started by an application, not automatic. So
when somebody accesses a diskette , my driver get called to check boot
sector or file viruses, something like it with the CDROM. For some reasons I
need that my driver start automatically, but when I set it to automatic
start, it crashes after attaching to “\Cdfs” (this happens when the user
mode application is not loaded yet).

From: “Alexander Suresh”
>Reply-To: “File Systems Developers”
>To: “File Systems Developers”
>Subject: [ntfsd] Re: Get pointer to device \Device\Floppy0
>Date: Tue, 30 May 2000 10:24:53 -0400
>
>ratmil,
>After a succesfull IoGetObjectPointer(…) you get a fileobject.
>if ( fileobject->vpb )
> then fileobject->vpb->RealDevice IS what u want
>else
> fileobject->DeviceObject->Vpb->RealDevice COULD be what u want
>
>regds
>alexander suresh
>
>----- Original Message -----
>From: Ratmil Torres
>To: File Systems Developers
>Sent: Monday, May 29, 2000 2:39 PM
>Subject: [ntfsd] Get pointer to device \Device\Floppy0
>
>
> > Hello,
> > I want to get a pointer to the device “\Device\Floppy0”. I’m using
> > IoGetObjectPointer but if it has a File System device attached, I get a
> > pointer to the File System device instead of the “\Device\Floppy0”. What
>do
> > I have to do?
> > Thanks in advance.
> >
> > Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com
> >
> >
> > —
> > You are currently subscribed to ntfsd as: xxxxx@mobiliti.com
> > To unsubscribe send a blank email to $subst(‘Email.Unsub’)
> >
> >
>
>
>—
>You are currently subscribed to ntfsd as: xxxxx@hotmail.com
>To unsubscribe send a blank email to $subst(‘Email.Unsub’)
>


Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com

hi ratmil,
though i have developed a couple of filter drivers, i havent developed an
anti-virus one, monitoring boot sectors, floppies and all that stuff. I may
not be the right person to advice you regarding this. So people who have
REALLY developed anti-virus drivers can help you regarding the real issues
they encountered. You can also search the archives for similar
problems/topics. As you are following this list, you might be already
knowing that there is a nice “searchable” archive, recently put up in
http://www.ntfsd.org

But still, as for your question, AFAIK the best time to check for viruses
in floppy disks is during the mount operation. To put it in a sequence of
steps… 1) Attach to a device called “FAT”. 2) have a handler for
IRP_MJ_FILE_SYSTEM_CONTROL & IRP_MN_MOUNT_VOLUME. 3) in this set a
completion routine. 4) in the completion routine, if mount was SUCCESSful
then you will have a device object created by “FAT” file system which you
should to attach to, if needed, in a worker thread after returning
STATUS_MORE_PROCESSING_REQUIRED from the completion routine. Or at this
time, in a worker thread, simply open \device\floppy0 and through a series
of deviceIOCTL calls to fileobject->vpb->RealDevice , you get boot
information to check for virus
BTW why do you need to attach to \CDFS for virus checking? boot viruses
generally affect WRITABLE_MEDIA device only. hope this little outline helps

thanks & regds
GOOD LUCK !!
alex

----- Original Message -----
From: Ratmil Torres
To: File Systems Developers
Sent: Tuesday, May 30, 2000 12:08 PM
Subject: [ntfsd] Re: Get pointer to device \Device\Floppy0

>
> Thank you, Alexander. I will try now your solution. But let me tell you
why
> I need that, because maybe there’s a more elegant or safer solution. I’m
> making a resident antivirus program, a File System Filter driver. The
driver
> attaches to Harddisks, LanmanRedirector and File System Recognizers.
Because
> I was testing it, my driver is started by an application, not automatic.
So
> when somebody accesses a diskette , my driver get called to check boot
> sector or file viruses, something like it with the CDROM. For some reasons
I
> need that my driver start automatically, but when I set it to automatic
> start, it crashes after attaching to “\Cdfs” (this happens when the user
> mode application is not loaded yet).
>
> >From: “Alexander Suresh”
> >Reply-To: “File Systems Developers”
> >To: “File Systems Developers”
> >Subject: [ntfsd] Re: Get pointer to device \Device\Floppy0
> >Date: Tue, 30 May 2000 10:24:53 -0400
> >
> >ratmil,
> >After a succesfull IoGetObjectPointer(…) you get a fileobject.
> >if ( fileobject->vpb )
> > then fileobject->vpb->RealDevice IS what u want
> >else
> > fileobject->DeviceObject->Vpb->RealDevice COULD be what u want
> >
> >regds
> >alexander suresh
> >
> >----- Original Message -----
> >From: Ratmil Torres
> >To: File Systems Developers
> >Sent: Monday, May 29, 2000 2:39 PM
> >Subject: [ntfsd] Get pointer to device \Device\Floppy0
> >
> >
> > > Hello,
> > > I want to get a pointer to the device “\Device\Floppy0”. I’m using
> > > IoGetObjectPointer but if it has a File System device attached, I get
a
> > > pointer to the File System device instead of the “\Device\Floppy0”.
What
> >do
> > > I have to do?
> > > Thanks in advance.
> > >

> > > Get Your Private, Free E-mail from MSN Hotmail at
http://www.hotmail.com
> > >
> > >
> > > —
> > > You are currently subscribed to ntfsd as: xxxxx@mobiliti.com
> > > To unsubscribe send a blank email to $subst(‘Email.Unsub’)
> > >
> > >
> >
> >
> >—
> >You are currently subscribed to ntfsd as: xxxxx@hotmail.com
> >To unsubscribe send a blank email to $subst(‘Email.Unsub’)
> >
>
>

> Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com
>
>
> —
> You are currently subscribed to ntfsd as: xxxxx@mobiliti.com
> To unsubscribe send a blank email to $subst(‘Email.Unsub’)
>
>

Thank you very much, Alexander.
I tested your solution and it worked OK. But I still don’t know why my
driver crashes when it starts automatically and I access the CDROM. So I am
loading my driver from a user mode application. Yes you are right about
viruses in CDs but I am working in my thesis project and my professor told
me check in CDROM too. Do you think is OK to start the driver from a user
mode application and not let it start by itself?

hi ratmil,
though i have developed a couple of filter drivers, i havent developed
an
anti-virus one, monitoring boot sectors, floppies and all that stuff. I may
not be the right person to advice you regarding this. So people who have
REALLY developed anti-virus drivers can help you regarding the real issues
they encountered. You can also search the archives for similar
problems/topics. As you are following this list, you might be already
knowing that there is a nice “searchable” archive, recently put up in
http://www.ntfsd.org

BTW why do you need to attach to \CDFS for virus checking? boot viruses
generally affect WRITABLE_MEDIA device only. hope this little outline
helps

thanks & regds
GOOD LUCK !!
alex

----- Original Message -----
From: Ratmil Torres
>To: File Systems Developers
>Sent: Tuesday, May 30, 2000 12:08 PM
>Subject: [ntfsd] Re: Get pointer to device \Device\Floppy0
>
>

________________________________________________________________________
Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com

hi ratmil,
A user running this user mode application must have the LOAD_DRIVER
privilege. This is rather unusual.

Best regards
mari

-----Original Message-----
From: Ratmil Torres [mailto:xxxxx@hotmail.com]
Sent: Wednesday, May 31, 2000 12:58 AM
To: File Systems Developers
Subject: [ntfsd] Re: Get pointer to device \Device\Floppy0

Thank you very much, Alexander.
I tested your solution and it worked OK. But I still don’t know why my
driver crashes when it starts automatically and I access the CDROM. So I am
loading my driver from a user mode application. Yes you are right about
viruses in CDs but I am working in my thesis project and my professor told
me check in CDROM too. Do you think is OK to start the driver from a user
mode application and not let it start by itself?

hi ratmil,
though i have developed a couple of filter drivers, i havent developed
an
anti-virus one, monitoring boot sectors, floppies and all that stuff. I may
not be the right person to advice you regarding this. So people who have
REALLY developed anti-virus drivers can help you regarding the real issues
they encountered. You can also search the archives for similar
problems/topics. As you are following this list, you might be already
knowing that there is a nice “searchable” archive, recently put up in
http://www.ntfsd.org

BTW why do you need to attach to \CDFS for virus checking? boot viruses
generally affect WRITABLE_MEDIA device only. hope this little outline
helps

thanks & regds
GOOD LUCK !!
alex

----- Original Message -----
From: Ratmil Torres
>To: File Systems Developers
>Sent: Tuesday, May 30, 2000 12:08 PM
>Subject: [ntfsd] Re: Get pointer to device \Device\Floppy0
>
>

________________________________________________________________________
Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com


You are currently subscribed to ntfsd as: xxxxx@decros.cz
To unsubscribe send a blank email to $subst(‘Email.Unsub’)

Yes, you are right. I could see that yesterday, but I fixed the driver
already. If you don’t say that I wouldn’t have realised.

On Wed, 31 May 2000, Marik Miloslav wrote:

hi ratmil,
A user running this user mode application must have the LOAD_DRIVER
privilege. This is rather unusual.

Best regards
mari

-----Original Message-----
From: Ratmil Torres [mailto:xxxxx@hotmail.com]
Sent: Wednesday, May 31, 2000 12:58 AM
To: File Systems Developers
Subject: [ntfsd] Re: Get pointer to device \Device\Floppy0

Thank you very much, Alexander.
I tested your solution and it worked OK. But I still don’t know why my
driver crashes when it starts automatically and I access the CDROM. So I am
loading my driver from a user mode application. Yes you are right about
viruses in CDs but I am working in my thesis project and my professor told
me check in CDROM too. Do you think is OK to start the driver from a user
mode application and not let it start by itself?

>
>hi ratmil,
> though i have developed a couple of filter drivers, i havent developed
>an
>anti-virus one, monitoring boot sectors, floppies and all that stuff. I may
>not be the right person to advice you regarding this. So people who have
>REALLY developed anti-virus drivers can help you regarding the real issues
>they encountered. You can also search the archives for similar
>problems/topics. As you are following this list, you might be already
>knowing that there is a nice “searchable” archive, recently put up in
>http://www.ntfsd.org
>

>BTW why do you need to attach to \CDFS for virus checking? boot viruses
>generally affect WRITABLE_MEDIA device only. hope this little outline
>helps
>
>thanks & regds
>GOOD LUCK !!
>alex
>
>----- Original Message -----
>From: Ratmil Torres
> >To: File Systems Developers
> >Sent: Tuesday, May 30, 2000 12:08 PM
> >Subject: [ntfsd] Re: Get pointer to device \Device\Floppy0
> >
> >
>
> ________________________________________________________________________
> Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com
>
>
> —
> You are currently subscribed to ntfsd as: xxxxx@decros.cz
> To unsubscribe send a blank email to $subst(‘Email.Unsub’)
>
> —
> You are currently subscribed to ntfsd as: xxxxx@ghost.matcom.uh.cu
> To unsubscribe send a blank email to $subst(‘Email.Unsub’)
>

IIRC if you open “A:” or “\Device\Floppy0”, then the FS (FASTFAT in this
case) will open the whole volume for you - just as if there was no FS at
all.

And if you open "A:" or "\Device\Floppy0", then FASTFAT will see the ""
name in the file object (instead of empty name) and will open the root
directory.

At least Rajeev Nagar’s book described it so.

Max

----- Original Message -----
From: Ratmil Torres
To: File Systems Developers
Sent: Monday, May 29, 2000 10:39 PM
Subject: [ntfsd] Get pointer to device \Device\Floppy0

> Hello,
> I want to get a pointer to the device “\Device\Floppy0”. I’m using
> IoGetObjectPointer but if it has a File System device attached, I get a
> pointer to the File System device instead of the “\Device\Floppy0”. What
do
> I have to do?
> Thanks in advance.
> ________________________________________________________________________
> Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com
>
>
> —
> You are currently subscribed to ntfsd as: xxxxx@storagecraft.com
> To unsubscribe send a blank email to $subst(‘Email.Unsub’)
>