I want to copy some files on EFI System Partition, which is FAT formated partition on a GPT disk.
But mounting the System Partition requires administrative priviledges and I don’t have that luxury with me as my is a simple usermode application that runs in any user’s context.
But my application has access to a driver through IOCTL. So I want to deligate the task to driver so that driver will mount the System Partition and copy the files.
But I don’t know how to mount the System Partition from the kernel mode, So please can anyone tell me how to do it?
Thanks & Regards,
Amit.
First, from a user mode application running with restricted credentials,
you will need to open up a non-secure channel to your existing driver to
issue the IOCtl. This is generally not a good idea since you are opening
a potential security hole in this approach. Why can’t you have a
minifilter which is loaded by the system on all partitions and come up
with a method to have this instance copy the files per your
requirements? Maybe just have it copy the files at system initialization
or at some other trigger point during system start up?
Pete
On 11/14/2012 6:00 AM, xxxxx@yahoo.com wrote:
I want to copy some files on EFI System Partition, which is FAT formated partition on a GPT disk.
But mounting the System Partition requires administrative priviledges and I don’t have that luxury with me as my is a simple usermode application that runs in any user’s context.
But my application has access to a driver through IOCTL. So I want to deligate the task to driver so that driver will mount the System Partition and copy the files.
But I don’t know how to mount the System Partition from the kernel mode, So please can anyone tell me how to do it?
Thanks& Regards,
Amit.
NTFSD is sponsored by OSR
For our schedule of debugging and file system seminars visit:
http://www.osr.com/seminars
To unsubscribe, visit the List Server section of OSR Online at http://www.osronline.com/page.cfm?name=ListServer
–
Kernel Drivers
Windows File System and Device Driver Consulting
www.KernelDrivers.com
866.263.9295
Peter Scott, you are absolutely right about the risk, but that is the different story and can be handled using other ways.
The hot issue is I am not able to copy my files on EFI System Partition. So I will like to clear some points about EFI System Partition. It’s a system partition and doe’s not get mounted automatically and to mount it you need administrative priviledges. So your idea to attach on all partitions will not work becaues that partition is not going to be mounted atall.
So do you know any method to mount the partition from kernal mode?
Thnaks for the prompt reply:)
If all your code is correct in the mini-filter and you are certain that
the partition is not being mounted by FM then you could go down the path
of a legacy filter. I would first confirm in WinDbg that FM is not
attaching to these volumes.
Pete
On 11/14/2012 11:53 PM, xxxxx@yahoo.com wrote:
Peter Scott, you are absolutely right about the risk, but that is the different story and can be handled using other ways.
The hot issue is I am not able to copy my files on EFI System Partition. So I will like to clear some points about EFI System Partition. It’s a system partition and doe’s not get mounted automatically and to mount it you need administrative priviledges. So your idea to attach on all partitions will not work becaues that partition is not going to be mounted atall.
So do you know any method to mount the partition from kernal mode?
Thnaks for the prompt reply:)
NTFSD is sponsored by OSR
For our schedule of debugging and file system seminars visit:
http://www.osr.com/seminars
To unsubscribe, visit the List Server section of OSR Online at http://www.osronline.com/page.cfm?name=ListServer
–
Kernel Drivers
Windows File System and Device Driver Consulting
www.KernelDrivers.com
866.263.9295