fixed!

2025-12-10 00:44:55 -06:00 · 2025-11-21 23:14:42 -08:00 · 2025-11-21 23:14:42 -08:00 · 45cff62787
commit 45cff62787
parent 1ec883f81e
3 changed files with 24 additions and 12 deletions
--- a/src/windows/service/exe/VirtioNetworking.cpp
+++ b/src/windows/service/exe/VirtioNetworking.cpp
@ -12,10 +12,12 @@ using wsl::core::VirtioNetworking;

 static constexpr auto c_loopbackDeviceName = TEXT(LX_INIT_LOOPBACK_DEVICE_NAME);

-VirtioNetworking::VirtioNetworking(const std::wstring& vmId, const GUID& runtimeId, GnsChannel&& gnsChannel, bool enableLocalhostRelay) :
+VirtioNetworking::VirtioNetworking(
+    const std::wstring& vmId, const GUID& runtimeId, GnsChannel&& gnsChannel, bool enableLocalhostRelay, const wil::shared_handle& userToken) :
    m_deviceHostProxy(wil::MakeOrThrow<DeviceHostProxy>(vmId, runtimeId)),
    m_gnsChannel(std::move(gnsChannel)),
-    m_enableLocalhostRelay(enableLocalhostRelay)
+    m_enableLocalhostRelay(enableLocalhostRelay),
+    m_userToken(userToken)
 {
 }

@ -372,19 +374,28 @@ std::optional<ULONGLONG> VirtioNetworking::FindVirtioInterfaceLuid(const SOCKADD
    return ipv4Connected ? VirtioLuid.Value : std::optional<ULONGLONG>();
 }

-GUID VirtioNetworking::AddGuestDevice(const GUID& clsid, const GUID& deviceId, PCWSTR tag, PCWSTR options)
+GUID VirtioNetworking::AddGuestDevice(const GUID& clsid, const GUID& deviceId, PCWSTR tag, PCWSTR path)
 {
    auto lock = m_guestDeviceLock.lock_exclusive();

-    // Get or create the Plan9 file system for this device
-    auto server = m_deviceHostProxy->GetRemoteFileSystem(clsid, c_defaultTag);
-    if (!server)
+    wil::com_ptr<IPlan9FileSystem> server;
+
+    // Impersonate the user token when creating/accessing the Plan9 file system
    {
-        server = wil::CoCreateInstance<IPlan9FileSystem>(__uuidof(p9fs::Plan9FileSystem));
-        m_deviceHostProxy->AddRemoteFileSystem(clsid, c_defaultTag, server);
+        auto revert = wil::impersonate_token(m_userToken.get());
+
+        server = m_deviceHostProxy->GetRemoteFileSystem(clsid, c_defaultTag);
+        if (!server)
+        {
+            server = wil::CoCreateInstance<IPlan9FileSystem>(clsid, (CLSCTX_LOCAL_SERVER | CLSCTX_ENABLE_CLOAKING | CLSCTX_ENABLE_AAA));
+            m_deviceHostProxy->AddRemoteFileSystem(clsid, c_defaultTag, server);
+        }
+
+        THROW_IF_FAILED(server->AddSharePath(tag, path, 0));
    }

-    return m_deviceHostProxy->AddNewDevice(deviceId, server, tag);
+    const std::wstring virtioTag(tag);
+    return m_deviceHostProxy->AddNewDevice(deviceId, server, virtioTag);
 }

 int VirtioNetworking::ModifyOpenPorts(const GUID& clsid, PCWSTR tag, const SOCKADDR_INET& addr, int protocol, bool isOpen) const
--- a/src/windows/service/exe/VirtioNetworking.h
+++ b/src/windows/service/exe/VirtioNetworking.h
@ -13,7 +13,7 @@ namespace wsl::core {
 class VirtioNetworking : public INetworkingEngine
 {
 public:
-    VirtioNetworking(const std::wstring& vmId, const GUID& runtimeId, GnsChannel&& gnsChannel, bool enableLocalhostRelay);
+    VirtioNetworking(const std::wstring& vmId, const GUID& runtimeId, GnsChannel&& gnsChannel, bool enableLocalhostRelay, const wil::shared_handle& userToken);
    ~VirtioNetworking();

    // Note: This class cannot be moved because m_networkNotifyHandle captures a 'this' pointer.
@ -40,12 +40,13 @@ private:
    void UpdateDns(wsl::shared::hns::DNS&& dnsSettings);
    void UpdateMtu();

-    GUID AddGuestDevice(const GUID& clsid, const GUID& deviceId, PCWSTR tag, PCWSTR options);
+    GUID AddGuestDevice(const GUID& clsid, const GUID& deviceId, PCWSTR tag, PCWSTR path);
    int ModifyOpenPorts(const GUID& clsid, PCWSTR tag, const SOCKADDR_INET& addr, int protocol, bool isOpen) const;

    mutable wil::srwlock m_lock;
    mutable wil::srwlock m_guestDeviceLock;

+    wil::shared_handle m_userToken;
    wil::com_ptr<DeviceHostProxy> m_deviceHostProxy;
    GnsChannel m_gnsChannel;
    std::optional<GnsPortTrackerChannel> m_gnsPortTrackerChannel;
--- a/src/windows/service/exe/WslCoreVm.cpp
+++ b/src/windows/service/exe/WslCoreVm.cpp
@ -606,7 +606,7 @@ void WslCoreVm::Initialize(const GUID& VmId, const wil::shared_handle& UserToken
            else if (m_vmConfig.NetworkingMode == NetworkingMode::VirtioProxy)
            {
                m_networkingEngine = std::make_unique<wsl::core::VirtioNetworking>(
-                    m_machineId, m_runtimeId, std::move(gnsChannel), m_vmConfig.EnableLocalhostRelay);
+                    m_machineId, m_runtimeId, std::move(gnsChannel), m_vmConfig.EnableLocalhostRelay, m_userToken);
            }
            else if (m_vmConfig.NetworkingMode == NetworkingMode::Bridged)
            {