Driver Problems? Questions? Issues?
Put OSR's experience to work for you! Contact us for assistance with:
  • Creating the right design for your requirements
  • Reviewing your existing driver code
  • Analyzing driver reliability/performance issues
  • Custom training mixed with consulting and focused directly on your specific areas of interest/concern.
Check us out. OSR, the Windows driver experts.

Upcoming OSR Seminars:
Writing WDF Drivers: Core Concepts Lab, Boston/Waltham, MA 22-26 September, 2014
Windows Internals & Software Drivers Lab, Dulles/Sterling, VA, 20-24 October, 2014
Developing File Systems for Windows, Seattle, WA 4-7 November, 2014
Kernel Debugging & Crash Analysis Lab, Boston/Waltham, MA 10-14 November, 2014


Go Back   OSR Online Lists > ntdev
Welcome, Guest
You must login to post to this list
  Message 1 of 5  
06 Sep 12 14:29
ntdev member 133564
xxxxxx@gmx.de
Join Date:
Posts To This List: 12
Access unter win7 with user rights to an pnp driver fails

Hello everybody, i have a problem with accessing my plug and play virtual smartcard reader driver under windows7 64bit with no user (standard) rights (no administrator). With administrator rights everything works fine. I have already set the SDDL rights in the EvtDeviceAdd callback method. status = WdfDeviceInitAssignSDDLString(DeviceInit, &SDDL_DEVOBJ_SYS_ALL_ADM_RWX_WORLD_RWX_RES_RWX); if (!NT_SUCCESS(status)) { KdPrint(( "WdfDeviceInitAssignSDDLString failed\n" )); } // // Create a framework device object.This call will in turn create // a WDM device object, attach to the lower stack, and set the // appropriate flags and attributes. // status = WdfDeviceCreate(&DeviceInit, &attributes, &device); if (!NT_SUCCESS(status)) { SmartcardLogError( WdfDriverWdmGetDriverObject(WdfGetDriver()), VCR_INSUFFICIENT_RESOURCES, NULL, 0 ); return status; } I thought this should be enough to get the access in user mode, but it doesn´t work. I tried also to set the security registry entrys in the INF file, but this doesn´t work too. Then i tried to change my driver as non plug and play driver like in the ioctl kmdf example (nonpnp), and then my access problems disappeared (with the same SDDL rights string), but then i got other problems. // // // In order to create a control device, we first need to allocate a // WDFDEVICE_INIT structure and set all properties. // pInit = WdfControlDeviceInitAllocate( hDriver, &SDDL_DEVOBJ_SYS_ALL_ADM_RWX_WORLD_RWX_RES_RWX ); if (pInit == NULL) { status = STATUS_INSUFFICIENT_RESOURCES; return status; } // // Call NonPnpDeviceAdd to create a deviceobject to represent our // software device. // status = EvtDeviceAdd(hDriver, pInit); With the non pnp version of my driver i got an error in the following method: // // Tell the Framework that this device will need an interface // status = WdfDeviceCreateDeviceInterface( device, &SmartCardReaderGuid, NULL // ReferenceString ); with status 0xC0000010. So finally i changed back to my pnp version, but then a had the access right problems again. Some more information: - create file can called from 2 different places (from the scmLib (smart card library) and from my user program) the problem i have to access with my user program, but only in user mode. - access to the driver is made by my user programm with //Create IOCTL communications channel to driver m_hDevice = CreateFile(DEVICE_NAME, GENERIC_READ|GENERIC_WRITE, FILE_SHARE_READ|FILE_SHARE_WRITE, NULL, OPEN_EXISTING, FILE_ATTRIBUTE_NORMAL | FILE_FLAG_OVERLAPPED, NULL); which failed with no administrator rights. Hopefully someone has some hint what might be wrong. If you need more information about my driver, please let me know. regards, Michael
  Message 2 of 5  
06 Sep 12 15:33
Alex Grig
xxxxxx@broadcom.com
Join Date: 14 Apr 2008
Posts To This List: 2530
Access unter win7 with user rights to an pnp driver fails

1. Do you actually need GENERIC_READ *and* GENERIC_WRITE? It depends on how your IOCTL codes are defined. 2. FILE_SHARE arguments don't matter for a device. 3. FILE_ATTRIBUTE_NORMAL is only used for a filesystem file. Do you have the security descriptor specified in your INF or in the registry for the devnode? Dis you assign a name to your device, or asked for autogenerated name?
  Message 3 of 5  
06 Sep 12 16:28
ntdev member 133564
xxxxxx@gmx.de
Join Date:
Posts To This List: 12
Access unter win7 with user rights to an pnp driver fails

- i need read and write access for some IOCTL´s - as i told in my last post, i tried to specify the security descriptor in the INF file with no success - yes, i assign a name bevore assigning the security descriptor status = WdfDeviceInitAssignName(DeviceInit, &ntDeviceName); Am 06.09.2012 21:31, schrieb xxxxx@broadcom.com: > 1. Do you actually need GENERIC_READ *and* GENERIC_WRITE? It depends on how your IOCTL codes are defined. > 2. FILE_SHARE arguments don't matter for a device. > 3. FILE_ATTRIBUTE_NORMAL is only used for a filesystem file. > > Do you have the security descriptor specified in your INF or in the registry for the devnode? > Dis you assign a name to your device, or asked for autogenerated name? > > --- > NTDEV is sponsored by OSR > <...excess quoted lines suppressed...>
  Message 4 of 5  
06 Sep 12 16:39
Alex Grig
xxxxxx@broadcom.com
Join Date: 14 Apr 2008
Posts To This List: 2530
Access unter win7 with user rights to an pnp driver fails

Is your device the top of the stack, or there is an upper filter?
  Message 5 of 5  
07 Sep 12 01:36
ntdev member 133564
xxxxxx@gmx.de
Join Date:
Posts To This List: 12
Access unter win7 with user rights to an pnp driver fails

Yes, it´s top of stack, no upper filter. Am 06.09.2012 22:37, schrieb xxxxx@broadcom.com: > Is your device the top of the stack, or there is an upper filter? > > --- > NTDEV is sponsored by OSR > > For our schedule of WDF, WDM, debugging and other seminars visit: > http://www.osr.com/seminars > > To unsubscribe, visit the List Server section of OSR Online at http://www.osronline.com/page.cfm?name=ListServer > <...excess quoted lines suppressed...>
Posting Rules  
You may not post new threads
You may not post replies
You may not post attachments
You must login to OSR Online AND be a member of the ntdev list to be able to post.

All times are GMT -5. The time now is 20:25.


Copyright ©2014, OSR Open Systems Resources, Inc.
Based on vBulletin Copyright ©2000 - 2005, Jelsoft Enterprises Ltd.
Modified under license