Read-only volume

Chepuri · January 8, 2012, 12:05pm

Hi,

I have legacy driver that mounts NTFS virtual volume which is a
snapshot of source volume @ given point in time. I am planning to make
it read-only to avoid accidental writes by user. DDK documentation
says the flag FILE_READ_ONLY_DEVICE can be set as Device
characterstics as part of IoCreateDevice() to make it read-only
device. But this does not work. Am i missing anything here?
I have tried this as well. There is a command from DiskPart.exe which
sets read-only attribute. I am wondering how this works, tried to look
at IOCTLs, but no luck.
Please suggest any ideas on this?

Thanks,
Suresh

Alex_Carp · January 8, 2012, 12:35pm

I’ve done this by handling IOCTL_VOLUME_GET_GPT_ATTRIBUTES ( by setting
GPT_BASIC_DATA_ATTRIBUTE_READ_ONLY) and IOCTL_DISK_IS_WRITABLE (return
STATUS_MEDIA_WRITE_PROTECTED). I don’t think I used FILE_READ_ONLY_DEVICE at
all…

Thanks,
Alex.

Chepuri · January 9, 2012, 7:12am

Thanks Alex.
IIRC, IOCTL_VOLUME_GET_GPT_ATTRIBUTES is used to get the attributes as
per the documentation. Is there any IOCTL to set this flag
GPT_BASIC_DATA_ATTRIBUTE_READ_ONLY. More over is it specific to GPT
disk?
I am looking for any IOCTL that is irrespective of type of disk MBR or GPT…
Please suggest.

Thanks,
Suresh

On 1/8/12, Alex Carp wrote:
> I’ve done this by handling IOCTL_VOLUME_GET_GPT_ATTRIBUTES ( by setting
> GPT_BASIC_DATA_ATTRIBUTE_READ_ONLY) and IOCTL_DISK_IS_WRITABLE (return
> STATUS_MEDIA_WRITE_PROTECTED). I don’t think I used FILE_READ_ONLY_DEVICE at
> all…
>
> Thanks,
> Alex.
>
>
>
> —
> NTFSD is sponsored by OSR
>
> For our schedule of debugging and file system seminars visit:
> http://www.osr.com/seminars
>
> To unsubscribe, visit the List Server section of OSR Online at
> http://www.osronline.com/page.cfm?name=ListServer
>

Alex_Carp · January 9, 2012, 12:32pm

As far I know the IOCTL_VOLUME_GET_GPT_ATTRIBUTES is not specific to GPT disks.
Could you please tell me what your implementation looks like ? How does the virtual volume get created ?

Thanks,
Alex.

Chepuri · January 14, 2012, 3:26am

*Alex -* Thanks, I tried your advice, this works.Is it a physical volume in
your case?
It looks like IOCTL_VOLUME_GET_GPT_ATTRIBUTES and
IOCTL_VOLUME_SET_GPT_ATTRIBUTES is valid for the volumes managed by Volume
Manager. These ioctls would set and persist Attributes info on partition.
Upon success of this ioctl, i see there is another ioctl which invalidates
cache and updates partition information. I got this by tracking ioctls
looking at setting read-only attribute using DiskPart.exe.

In my case, This is a virtual volume like VSS shadow copy. This is created
by notifying mount manager using mount manager ioctl. These volumes are not
seen by MountManager.
I am finding IOCTL_VOLUME_GET_GPT_ATTRIBUTES is issued on virtual volume as
well. My virtual volume becomes read-only irrespective of setting above
flag(faking) or not and also on returning IOCTL_DISK_IS_WRITABLE with
STATUS_MEDIA_WRITE_PROTECTED.

Is it the recommended/legitimate way by Microsoft to make it read-only?
Just want to avoid any issues future. Please advice.

Thanks,
Suresh

On Mon, Jan 9, 2012 at 11:02 PM, wrote:

> As far I know the IOCTL_VOLUME_GET_GPT_ATTRIBUTES is not specific to GPT
> disks.
> Could you please tell me what your implementation looks like ? How does
> the virtual volume get created ?
>
> Thanks,
> Alex.
>
> —
> NTFSD is sponsored by OSR
>
> For our schedule of debugging and file system seminars visit:
> http://www.osr.com/seminars
>
> To unsubscribe, visit the List Server section of OSR Online at
> http://www.osronline.com/page.cfm?name=ListServer
>

Alex_Carp · January 19, 2012, 11:27am

I have a virtual volume as well. I don’t know what Microsoft recommends or if it has any recommendation at all, please let me know if you find such a recommendation. I don’t know what kind of recommendation you’re looking for, I’ve just been going by the documentation for VOLUME_GET_GPT_ATTRIBUTES_INFORMATION (http://msdn.microsoft.com/en-us/library/windows/desktop/dd627180(v=vs.85).aspx).

Perhaps other people on the list that have implemented virtual volumes can speak on this, I haven’t had any trouble so far (though technically volume questions belong on NTDEV and not on NTFSD).

Thanks,
Alex.

Christian_Allred · January 19, 2012, 4:12pm

I’m not aware of an official document that says “this is how you make a volume read-only”. FWIW when the in-box file systems (FAT, NTFS, etc.) are processing IRP_MJ_MOUNT they issue IOCTL_DISK_IS_WRITABLE to the storage stack and treat STATUS_MEDIA_WRITE_PROTECTED as the indication that the media is read-only. None of them issue IOCTL_VOLUME_GET_GPT_ATTRIBUTES, but it stands to reason you’d have to set GPT_BASIC_DATA_ATTRIBUTE_READ_ONLY when responding to it.

Christian [MSFT]
This posting is provided “AS IS” with no warranties, and confers no rights.

OSR_Community_User · January 20, 2012, 12:03am

>IOCTL_DISK_IS_WRITABLE to the storage stack and treat

STATUS_MEDIA_WRITE_PROTECTED as the indication that the media is read-only.

I second this. Having the experience of developing some virtual volume implementations, I can say that this is what really matters about read-only status.

GPT attributes are optional. You can just plain not implement this IOCTL.

–
Maxim S. Shatskih
Windows DDK MVP
xxxxx@storagecraft.com
http://www.storagecraft.com

arushi_aggarwal · February 9, 2012, 2:16pm

I am creating a Disk using IoCreateDevice, with the ReadOnly characteristic
set. The disk gets mounted, however I never get a IOCTL_DISK_IS_WRITABLE in
my SCSI port driver. Is there any other IOCTLs to support to be able to
mount the disk read only?

Thanks,
Arushi

On Thu, Jan 19, 2012 at 9:02 PM, Maxim S. Shatskih
wrote:

> >IOCTL_DISK_IS_WRITABLE to the storage stack and treat
> >STATUS_MEDIA_WRITE_PROTECTED as the indication that the media is
> read-only.
>
> I second this. Having the experience of developing some virtual volume
> implementations, I can say that this is what really matters about read-only
> status.
>
> GPT attributes are optional. You can just plain not implement this IOCTL.
>
> –
> Maxim S. Shatskih
> Windows DDK MVP
> xxxxx@storagecraft.com
> http://www.storagecraft.com
>
>
> —
> NTFSD is sponsored by OSR
>
> For our schedule of debugging and file system seminars visit:
> http://www.osr.com/seminars
>
> To unsubscribe, visit the List Server section of OSR Online at
> http://www.osronline.com/page.cfm?name=ListServer
>

Christian_Allred · February 9, 2012, 6:16pm

As I mentioned earlier, the in-box file systems send IOCTL_DISK_IS_WRITEABLE to determine whether the disk is read-only or not. They don’t send anything else but that to make that determination. If you’re not seeing it then it is being intercepted above you, since a successful mount will always have sent it.

One thing to note is that the file systems assume the disk is writeable if they don’t see STATUS_MEDIA_WRITE_PROTECTED returned from IOCTL_DISK_IS_WRITEABLE. So if the IOCTL is somehow returning an error to the file system they’ll be happy with it. As an example, see FatIsMediaWriteProtected() in the FastFat sample.

Christian [MSFT]
This posting is provided “AS IS” with no warranties, and confers no rights.