A Policy DLL's PolApproveTransactedOpen callback function is called to allow the Policy DLL to approve or reject a transacted (or similar) open. All such opens are given RAW access and this call provides a mechanism to “veto” such raw access.
POL_APPROVE_TRANSACTED_OPEN PolApproveTransactedOpen;
bool
PolApproveTransactedOpen (
_In_ FE_POLICY_PATH_INFORMATION *PolicyPathInfo,
_In_ LPGUID TransactionUnitOfWork,
_In_ DWORD ThreadId,
_In_ DWORD GrantedAccess,
_In_ DWORD CreateAction
)
PolicyPathInfo [in]
A pointer to an FESF allocated FE_POLICY_PATH_INFORMATION structure describing the name of the file to be transactionally opened (for example, by a user having called the Windows function CreateFileTransacted).
If the FE_POLICY_PATH_MULTIPLE_VIEWS flag is set,
then FESF has determined that some other kernel subsystem is presenting FESF
multiple different views of the file.
A “view” of a file might be the plaintext of an encrypted file, some previous state of the file, or something else. The key point is that, for any given action, FESF cannot distinguish which “view” of the data is appropriate. Proceeding under such circumstances would inevitably lead to data corruption (as FESF mixes the data from the views). In this case, just as for transactions, FESF has to completely ignore this file, making it effectively RAW from now on.
TransactionUnitOfWork [in]
The ID (unit of work) of the transaction which this
create is a part of.
This will be all zeros if the
FE_POLICY_PATH_MULTIPLE_VIEWS flag is set.
ThreadId [in]
The identifier of the thread attempting to open the file.
GrantedAccess [in]
A bitmask representing the File Access Rights that the thread opening/creating the file/directory has been granted. See PolGetPolicyExistingFile for more details
CreateAction [in]
A value indicating the action taken as a result of the thread's CreateFile call. See the description of the CreateAction parameter on the PolGetPolicyNewFile call for a list of these constants.
To approve the transactional open, the PolApproveTransactedOpen callback function returns TRUE. Otherwise, it returns FALSE.
If FALSE is returned, FESF will fail the open. How the requesting thread/process reacts to having this error returned is dependent on the thread/process.
A Policy DLL's PolApproveTransactedOpen callback function is called by FESF to allow the Policy DLL to approve or reject the transactional open of a file.
Implementation of this callback function is optional for a Policy DLL. If this function is not implemented, FESF will allow transactions.
Solution developers should be VERY cautious about returning FALSE from this callback. Many critical parts of the system (notably Windows Update) rely on transacted opens and failing them will (at best) cause such operations to fail.
Note that if a file was created as a result of a transacted open, then failing the transaction will not cause the file to be deleted. It is to be expected, however, that the application issuing the transacted open will roll back the transaction and that will have the effect of deleting the file (which was only visible within the transaction anyway).
|
Software version |
FESF V1.1 (or later) |
|
Library |
FESFPolicy.lib |
|
Header |
PolDllApi.h |