[Openib-windows] Running WSD from as a non-administrator

Tzachi Dar tzachid at mellanox.co.il
Sun Jul 30 08:07:57 PDT 2006 

Hi Fab,
 
When testing WSD from an account that is not an administrator, I have
found out that we have a critical problem in this scenario. IT seems
that the way that we were creating the IOCTLs for IBAT was wrong, and so
was the way that we were opening the devices.
 
The following patch solves this problem. (See also discussions on the
OpenVpn forums about this: 
http://openvpn.net/archive/openvpn-users/2004-09/msg00233.html)
 
 
Please also note that such a user will also not be able to connect to
the performance counters. Can you please fix this problem?
 
Another issue that we have noticed is that there is no counter that
tells the number of sockets that were connected using WSD. Can you add
such a counter?
 
 
Thanks
Tzachi
 
Index: inc/iba/ib_at_ioctl.h
===================================================================
--- inc/iba/ib_at_ioctl.h (revision 420)
+++ inc/iba/ib_at_ioctl.h (working copy)
@@ -46,7 +46,7 @@
 
 #define IOCTL_IBAT( n )  \
  CTL_CODE( FILE_DEVICE_UNKNOWN, (0x800 + n), \
-  METHOD_BUFFERED, FILE_READ_ACCESS )
+  METHOD_BUFFERED, FILE_ANY_ACCESS )
 
 /** This IRP is used to return all available CAs ports number
  * and port guid */
Index: ulp/wsd/user/ibsp_ip.c
===================================================================
--- ulp/wsd/user/ibsp_ip.c (revision 420)
+++ ulp/wsd/user/ibsp_ip.c (working copy)
@@ -96,7 +96,7 @@
  if( g_ibsp.h_ibat_dev == INVALID_HANDLE_VALUE )
  {
   g_ibsp.h_ibat_dev = CreateFileW( IBAT_WIN32_NAME,
-   GENERIC_READ, FILE_SHARE_READ | FILE_SHARE_WRITE, NULL,
+   MAXIMUM_ALLOWED, 0, NULL,
    OPEN_EXISTING, FILE_ATTRIBUTE_NORMAL, NULL );
  }
  cl_spinlock_release( &g_ibsp.ip_mutex );

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openfabrics.org/pipermail/ofw/attachments/20060730/530263b8/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: wsd_non_admin.patch
Type: application/octet-stream
Size: 958 bytes
Desc: wsd_non_admin.patch
URL: <http://lists.openfabrics.org/pipermail/ofw/attachments/20060730/530263b8/attachment.obj>

More information about the ofw mailing list