[ofw] WinVerbs address translation required administrative privileges
Hefty, Sean
sean.hefty at intel.com
Wed Mar 7 14:07:37 PST 2012
According to the initial bug report, the function below is what's failing. There's nothing obvious to me why it should fail without administrative permission. It sounds like the CreateFileW() call is failing.
TranslateAddress(const SOCKADDR* pAddress, WV_DEVICE_ADDRESS* pDeviceAddress)
{
HANDLE hIbat;
IOCTL_IBAT_IP_TO_PORT_IN addr;
IBAT_PORT_RECORD port;
DWORD bytes;
HRESULT hr;
hIbat = CreateFileW(IBAT_WIN32_NAME, GENERIC_READ | GENERIC_WRITE,
FILE_SHARE_READ | FILE_SHARE_WRITE, NULL,
OPEN_EXISTING, FILE_ATTRIBUTE_NORMAL, NULL);
if (hIbat == INVALID_HANDLE_VALUE) {
return HRESULT_FROM_WIN32(GetLastError());
}
addr.Version = IBAT_IOCTL_VERSION;
if (pAddress->sa_family == AF_INET) {
addr.Address.IpVersion = 4;
RtlCopyMemory(addr.Address.Address + 12,
&((SOCKADDR_IN *)pAddress)->sin_addr, 4);
} else {
addr.Address.IpVersion = 6;
RtlCopyMemory(addr.Address.Address,
&((SOCKADDR_IN6 *)pAddress)->sin6_addr, 16);
}
if (DeviceIoControl(hIbat, IOCTL_IBAT_IP_TO_PORT,
&addr, sizeof addr, &port, sizeof port, &bytes, NULL)) {
hr = WV_SUCCESS;
pDeviceAddress->DeviceGuid = port.CaGuid;
pDeviceAddress->Pkey = port.PKey;
pDeviceAddress->PortNumber = port.PortNum;
} else {
hr = HRESULT_FROM_WIN32(GetLastError());
}
CloseHandle(hIbat);
return hr;
}
If the printip test is included in the OFED release, that could be run to see if the permission issue is specific to IBAT, rather than some interaction between winverbs and ibat. The following code in ipoib is where the ibat file gets created.
void
ipoib_ref_ibat()
{
UNICODE_STRING DeviceName;
UNICODE_STRING DeviceLinkUnicodeString;
NDIS_DEVICE_OBJECT_ATTRIBUTES DeviceObjectAttributes;
PDRIVER_DISPATCH DispatchTable[IRP_MJ_MAXIMUM_FUNCTION+1];
NDIS_STATUS Status = NDIS_STATUS_SUCCESS;
IPOIB_ENTER( IPOIB_DBG_IOCTL );
if( InterlockedIncrement( &g_ipoib.ibat_ref ) == 1 )
{
memset(DispatchTable, 0, (IRP_MJ_MAXIMUM_FUNCTION+1) * sizeof(PDRIVER_DISPATCH));
DispatchTable[IRP_MJ_CREATE] = __ipoib_create;
DispatchTable[IRP_MJ_CLEANUP] = __ipoib_cleanup;
DispatchTable[IRP_MJ_CLOSE] = __ipoib_close;
DispatchTable[IRP_MJ_DEVICE_CONTROL] = __ipoib_dispatch;
DispatchTable[IRP_MJ_INTERNAL_DEVICE_CONTROL] = __ipoib_dispatch;
NdisInitUnicodeString( &DeviceName, IBAT_DEV_NAME );
NdisInitUnicodeString( &DeviceLinkUnicodeString, IBAT_DOS_DEV_NAME );
memset(&DeviceObjectAttributes, 0, sizeof(NDIS_DEVICE_OBJECT_ATTRIBUTES));
DeviceObjectAttributes.Header.Type = NDIS_OBJECT_TYPE_DEFAULT; // type implicit from the context
DeviceObjectAttributes.Header.Revision = NDIS_DEVICE_OBJECT_ATTRIBUTES_REVISION_1;
DeviceObjectAttributes.Header.Size = sizeof(NDIS_DEVICE_OBJECT_ATTRIBUTES);
DeviceObjectAttributes.DeviceName = &DeviceName;
DeviceObjectAttributes.SymbolicName = &DeviceLinkUnicodeString;
DeviceObjectAttributes.MajorFunctions = &DispatchTable[0];
DeviceObjectAttributes.ExtensionSize = 0;
DeviceObjectAttributes.DefaultSDDLString = NULL;
DeviceObjectAttributes.DeviceClassGuid = 0;
Status = NdisRegisterDeviceEx(
g_IpoibMiniportDriverHandle,
&DeviceObjectAttributes,
&g_ipoib.h_ibat_dev,
&g_ipoib.h_ibat_dev_handle);
if( Status != NDIS_STATUS_SUCCESS )
{
IPOIB_PRINT( TRACE_LEVEL_ERROR, IPOIB_DBG_ERROR,
("NdisRegisterDeviceEx failed with status of %d\n", Status) );
}
}
IPOIB_EXIT( IPOIB_DBG_IOCTL );
}
Note that the default SDDL string is set to NULL. Is there a registry setting for ipoib (possibly inherited from NDIS or somewhere else) that gets used if the SDDL is NULL?
- Sean
More information about the ofw
mailing list