how to simple rename a file in minifilter?

OSR_Community_User · March 27, 2009, 4:19am

In my opinion,the steps is:
1.Open the file by fltcreatefile
2.rename the file by fltsetinformation with renameinfoclass.
3.close the file by fltclose.

But,in my test,it will fail with STATUS_OBJECT_NAME_INVALID.

So,I think I should add SL_OPEN_TARGET_DIRECTORY in step 1.
But,how can I specify the SL_OPEN_TARGET_DIRECTORY in fltcreatefile?

OSR_Community_User · March 27, 2009, 4:42am

I monitor the rename operation by cmd.exe,in FileSpy:
1.Open the source file (e:\test\1.txt) with Delete access.
2.Open the target file (e:\test\2.txt) with write access,and SL_OPEN_TARGET_DIRECTORY.
It will return STATUS_SUCCESS,and the iostatus.Information is FILE_DOES_NOT_EXIST.
3.SetInformation with RenameInfoClass to the sourcefile (e:\test\1.txt).
4.Cleanup and Close the target file (e:\test\2.txt),yes,it should be a Directory.
5.Cleanup and Close the source file (e:\test\1.txt).yes,it have been renamed e:\test\2.txt.

I just want to do a simple rename(don’t modify the location).
whether if I must do the above steps (step1-step5)?

And how can I specify the SL_OPEN_TARGET_DIRECTORY in fltcreatefile?

Petr_Kurtin · March 27, 2009, 4:48am

You open the source file (poFileObject) and you have to open folder of the
target file (poTargetFolder) with SL_OPEN_TARGET_DIRECTORY (this open checks
for file creation access)

InitializeObjectAttributes( &attr, &uTargetFileName, OBJ_KERNEL_HANDLE,
NULL, NULL );
status = FltCreateFile( …, &attr, …, IO_IGNORE_SHARE_ACCESS_CHECK |
IO_OPEN_TARGET_DIRECTORY );

FltAllocateCallbackData( pInstance, poFileObject, &cdata );
…
cdata->Iopb->Parameters.SetFileInformation.ParentOfTarget = poTargetFolder;
FltPerformSynchronousIo/IRP_MJ_SET_INFORMATION

-pk

-----Original Message-----
From: xxxxx@lists.osr.com
[mailto:xxxxx@lists.osr.com] On Behalf Of
xxxxx@hotmail.com
Sent: 27. b?ezna 2009 9:20
To: Windows File Systems Devs Interest List
Subject: [ntfsd] how to simple rename a file in minifilter?

In my opinion,the steps is:
1.Open the file by fltcreatefile
2.rename the file by fltsetinformation with renameinfoclass.
3.close the file by fltclose.

But,in my test,it will fail with STATUS_OBJECT_NAME_INVALID.

So,I think I should add SL_OPEN_TARGET_DIRECTORY in step 1.
But,how can I specify the SL_OPEN_TARGET_DIRECTORY in fltcreatefile?

NTFSD is sponsored by OSR

For our schedule of debugging and file system seminars
(including our new fs mini-filter seminar) visit:
http://www.osr.com/seminars

To unsubscribe, visit the List Server section of OSR Online at
http://www.osronline.com/page.cfm?name=ListServer

Haibo · March 27, 2009, 5:18am

No, just 3 steps as you said in your 1st mail. Also, you need not specify
SL_OPEN_TARGET_DIRECTORY flag, just set RootDirectory in
FILE_RENAME_INFORMATION to NULL.

For your STATUS_OBJECT_NAME_INVALID error, I think you did not fill
FILE_RENAME_INFORMATION correctly. Can you post some related codes?

Haibo

-----Original Message-----
From: xxxxx@lists.osr.com
[mailto:xxxxx@lists.osr.com] On Behalf Of
xxxxx@hotmail.com
Sent: Friday, March 27, 2009 4:44 PM
To: Windows File Systems Devs Interest List
Subject: RE:[ntfsd] how to simple rename a file in minifilter?

I monitor the rename operation by cmd.exe,in FileSpy:
1.Open the source file (e:\test\1.txt) with Delete access.
2.Open the target file (e:\test\2.txt) with write access,and
SL_OPEN_TARGET_DIRECTORY.
It will return STATUS_SUCCESS,and the iostatus.Information is
FILE_DOES_NOT_EXIST.
3.SetInformation with RenameInfoClass to the sourcefile (e:\test\1.txt).
4.Cleanup and Close the target file (e:\test\2.txt),yes,it should be a
Directory.
5.Cleanup and Close the source file (e:\test\1.txt).yes,it have been renamed
e:\test\2.txt.

I just want to do a simple rename(don’t modify the location).
whether if I must do the above steps (step1-step5)?

And how can I specify the SL_OPEN_TARGET_DIRECTORY in fltcreatefile?

NTFSD is sponsored by OSR

For our schedule of debugging and file system seminars
(including our new fs mini-filter seminar) visit:
http://www.osr.com/seminars

To unsubscribe, visit the List Server section of OSR Online at
http://www.osronline.com/page.cfm?name=ListServer

OSR_Community_User · March 27, 2009, 6:13am

HANDLE CreateTempFile(PFLT_INSTANCE pInstance,
PUNICODE_STRING filename)
{
OBJECT_ATTRIBUTES objectAttributes;
HANDLE hFile;
IO_STATUS_BLOCK ioStatus;
NTSTATUS status;
ACCESS_MASK access=GENERIC_ALL;
WCHAR chold;

filename->Length -=sizeof(WCHAR);
filename->MaximumLength -=sizeof(WCHAR);
chold=filename->Buffer[filename->Length/2-1];
filename->Buffer[filename->Length/2-1]=L’Z’;//txt->txz
InitializeObjectAttributes( &objectAttributes,
filename,
OBJ_KERNEL_HANDLE|OBJ_CASE_INSENSITIVE,
NULL,
NULL );
status = FltCreateFile(g_FilterHandle,
pInstance,
&hFile,
access,
&objectAttributes,
&ioStatus,
(PLARGE_INTEGER) NULL,
FILE_ATTRIBUTE_NORMAL,
0,
FILE_CREATE,
FILE_NON_DIRECTORY_FILE|FILE_SYNCHRONOUS_IO_ALERT,
NULL,
0L,
0 );
filename->Buffer[filename->Length/2-1]=chold;
filename->Length +=sizeof(WCHAR);
filename->MaximumLength +=sizeof(WCHAR);
if (!(ioStatus.Status==STATUS_SUCCESS && ioStatus.Information==FILE_CREATED))
{
return INVALID_HANDLE_VALUE;
}
return hFile;
}

in postcreate,I just do a test:
{
…
HANDLE hTempFile;
PFILE_OBJECT tempfo;
NTSTATUS tempstatus = STATUS_SUCCESS;
hTempFile=CreateTempFile(FltObjects->Instance,filename);
ObReferenceObjectByHandle(hTempFile, 0,NULL,KernelMode,(PVOID*)&tempfo,NULL);
int tempsize=sizeof(FILE_RENAME_INFORMATION)+sizeof(L"1.zzz");
PFILE_RENAME_INFORMATION tempinfo=(FILE_RENAME_INFORMATION *)ExAllocatePool(PagedPool, tempsize );
memset(tempinfo,0,tempsize);
tempinfo->ReplaceIfExists =TRUE;
tempinfo->RootDirectory=NULL;
tempinfo->FileNameLength=sizeof(L"1.zzz")-sizeof(WCHAR);
wcscpy(tempinfo->FileName,L"1.zzz");

//the temp file is created,now rename it
tempstatus=FltSetInformationFile(FltObjects->Instance,tempfo, &tempinfo,tempsize,FileRenameInformation);
DbgPrint(“\r\n—rename status:%x”,tempstatus);
ObDereferenceObject(tempfo);
FltClose(hTempFile);
ExFreePool(tempinfo);
…
}

For test,I do a simple process.
When my postcreate is for e:\test\1.txt,I will create a temp file e:\test\1.txz.
and I will rename the e:\test\1.txz to e:\test\1.zzz
but failed,and return STATUS_OBJECT_NAME_INVALID.

Aditya_Shrivastava · March 27, 2009, 7:37am

STATUS_OBJECT_NAME_INVALID,

either src or trgt is not valid, so you can simply check src filename or file_rename structure in debugger before calling rename.

I am not sure what your code is using but based on your comment I am assuming that you are using dos names;

"When my postcreate is for e:\test\1.txt,I will create a temp file e:\test\1.txz. and I will rename the e:\test\1.txz to e:\test\1.zzz ",

At this level you need \Device\HarddikVolumeX instead of e:.

Aditya_Shrivastava · March 27, 2009, 7:39am

*src filename

read src fileobject

OSR_Community_User · March 27, 2009, 9:23am

no,no,I use the devicename.
in my comments,I just is for describing the problem.

In debugger,my tempfile(\device\harddiskvolume1\test\1.txz) have created.so the handle is not valid.
In debugger,my FILE_RENAME_INFORMATION is OK.
tempinfo->FileNameLength is 10;
tempinfo->FileName is L"1.zzz".
but I get the STATUS_OBJECT_NAME_INVALID

Haibo · March 27, 2009, 9:51am

Why “&” in

tempstatus=FltSetInformationFile(FltObjects->Instance,tempfo, &tempinfo,tempsize,FileRenameInformation);

?

Haibo

OSR_Community_User · March 27, 2009, 11:19am

oh my god!My fault!!!
not &tempinfo,should be tempinfo.
So sorry!!!
my poor fault,my head should be frozen…
God!