VeraCrypt
aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorMounir IDRASSI <mounir.idrassi@idrix.fr>2019-01-15 15:03:08 +0100
committerMounir IDRASSI <mounir.idrassi@idrix.fr>2019-01-15 15:05:19 +0100
commit202caea3a983198231e4ebde458817355e6629fb (patch)
tree0d660aef702ce040d9b4bf1f1d25ae9c4c49d984
parent07fd2aa9a58cc86dd447826865ca317cad92fd45 (diff)
downloadVeraCrypt-202caea3a983198231e4ebde458817355e6629fb.tar.gz
VeraCrypt-202caea3a983198231e4ebde458817355e6629fb.zip
Windows: enhancements to EFI system encryption, like handling of Multi-Boot and better compatibility with Windows Upgrade process.
-rw-r--r--Translations/Language.ar.xml1
-rw-r--r--Translations/Language.be.xml1
-rw-r--r--Translations/Language.bg.xml1
-rw-r--r--Translations/Language.ca.xml1
-rw-r--r--Translations/Language.cs.xml1
-rw-r--r--Translations/Language.da.xml1
-rw-r--r--Translations/Language.de.xml1
-rw-r--r--Translations/Language.el.xml1
-rw-r--r--Translations/Language.es.xml1
-rw-r--r--Translations/Language.et.xml1
-rw-r--r--Translations/Language.eu.xml1
-rw-r--r--Translations/Language.fa.xml1
-rw-r--r--Translations/Language.fi.xml1
-rw-r--r--Translations/Language.fr.xml1
-rw-r--r--Translations/Language.hu.xml1
-rw-r--r--Translations/Language.id.xml1
-rw-r--r--Translations/Language.it.xml1
-rw-r--r--Translations/Language.ja.xml1
-rw-r--r--Translations/Language.ka.xml1
-rw-r--r--Translations/Language.ko.xml1
-rw-r--r--Translations/Language.lv.xml1
-rw-r--r--Translations/Language.my.xml1
-rw-r--r--Translations/Language.nl.xml1
-rw-r--r--Translations/Language.nn.xml1
-rw-r--r--Translations/Language.pl.xml1
-rw-r--r--Translations/Language.pt-br.xml1
-rw-r--r--Translations/Language.ro.xml1
-rw-r--r--Translations/Language.ru.xml1
-rw-r--r--Translations/Language.sk.xml1
-rw-r--r--Translations/Language.sl.xml1
-rw-r--r--Translations/Language.sv.xml1
-rw-r--r--Translations/Language.th.xml1
-rw-r--r--Translations/Language.tr.xml1
-rw-r--r--Translations/Language.uk.xml1
-rw-r--r--Translations/Language.uz.xml1
-rw-r--r--Translations/Language.vi.xml1
-rw-r--r--Translations/Language.zh-cn.xml1
-rw-r--r--Translations/Language.zh-hk.xml1
-rw-r--r--Translations/Language.zh-tw.xml1
-rw-r--r--doc/chm/VeraCrypt User Guide.chmbin1952823 -> 1952957 bytes
-rw-r--r--doc/html/Release Notes.html2
-rw-r--r--src/Common/BootEncryption.cpp109
-rw-r--r--src/Common/BootEncryption.h7
-rw-r--r--src/Common/Language.xml1
-rw-r--r--src/Common/Tcdefs.h2
-rw-r--r--src/Format/Tcformat.c10
-rw-r--r--src/Mount/Mount.c86
-rw-r--r--src/Setup/Setup.c99
48 files changed, 265 insertions, 90 deletions
diff --git a/Translations/Language.ar.xml b/Translations/Language.ar.xml
index e98333f4..9408d9df 100644
--- a/Translations/Language.ar.xml
+++ b/Translations/Language.ar.xml
@@ -1431,6 +1431,7 @@
<entry lang="en" key="MOUNTED_VOLUME_NOT_ASSOCIATED">The selected mounted volume is not associated with its drive letter in Windows and so it can not be opened in Windows Explorer.</entry>
<entry lang="en" key="IDC_CLEAR_KEYS_ON_NEW_DEVICE_INSERTION">Clear encryption keys from memory if a new device is inserted</entry>
<entry lang="en" key="CLEAR_KEYS_ON_DEVICE_INSERTION_WARNING">IMPORTANT NOTES:\n - Please keep in mind that this option will not persist after a shutdown/reboot so you will need to select it again next time the machine is started.\n\n - With this option enabled and after a new device is connected, the machine will freeze and it will eventually crash with a BSOD since Windows can not access the encrypted disk after its keys are cleared from memory.\n</entry>
+ <entry lang="en" key="STARTING">Starting</entry>
</localization>
<xs:schema attributeFormDefault="unqualified" elementFormDefault="qualified" xmlns:xs="http://www.w3.org/2001/XMLSchema">
<xs:element name="VeraCrypt">
diff --git a/Translations/Language.be.xml b/Translations/Language.be.xml
index a4741f54..3223b002 100644
--- a/Translations/Language.be.xml
+++ b/Translations/Language.be.xml
@@ -1431,6 +1431,7 @@
<entry lang="en" key="MOUNTED_VOLUME_NOT_ASSOCIATED">The selected mounted volume is not associated with its drive letter in Windows and so it can not be opened in Windows Explorer.</entry>
<entry lang="en" key="IDC_CLEAR_KEYS_ON_NEW_DEVICE_INSERTION">Clear encryption keys from memory if a new device is inserted</entry>
<entry lang="en" key="CLEAR_KEYS_ON_DEVICE_INSERTION_WARNING">IMPORTANT NOTES:\n - Please keep in mind that this option will not persist after a shutdown/reboot so you will need to select it again next time the machine is started.\n\n - With this option enabled and after a new device is connected, the machine will freeze and it will eventually crash with a BSOD since Windows can not access the encrypted disk after its keys are cleared from memory.\n</entry>
+ <entry lang="en" key="STARTING">Starting</entry>
</localization>
<xs:schema attributeFormDefault="unqualified" elementFormDefault="qualified" xmlns:xs="http://www.w3.org/2001/XMLSchema">
<xs:element name="VeraCrypt">
diff --git a/Translations/Language.bg.xml b/Translations/Language.bg.xml
index bc9be1f5..0e262d7b 100644
--- a/Translations/Language.bg.xml
+++ b/Translations/Language.bg.xml
@@ -1431,6 +1431,7 @@
<entry lang="en" key="MOUNTED_VOLUME_NOT_ASSOCIATED">The selected mounted volume is not associated with its drive letter in Windows and so it can not be opened in Windows Explorer.</entry>
<entry lang="en" key="IDC_CLEAR_KEYS_ON_NEW_DEVICE_INSERTION">Clear encryption keys from memory if a new device is inserted</entry>
<entry lang="en" key="CLEAR_KEYS_ON_DEVICE_INSERTION_WARNING">IMPORTANT NOTES:\n - Please keep in mind that this option will not persist after a shutdown/reboot so you will need to select it again next time the machine is started.\n\n - With this option enabled and after a new device is connected, the machine will freeze and it will eventually crash with a BSOD since Windows can not access the encrypted disk after its keys are cleared from memory.\n</entry>
+ <entry lang="en" key="STARTING">Starting</entry>
</localization>
<xs:schema attributeFormDefault="unqualified" elementFormDefault="qualified" xmlns:xs="http://www.w3.org/2001/XMLSchema">
<xs:element name="VeraCrypt">
diff --git a/Translations/Language.ca.xml b/Translations/Language.ca.xml
index d592a60e..8d26cf0e 100644
--- a/Translations/Language.ca.xml
+++ b/Translations/Language.ca.xml
@@ -1431,6 +1431,7 @@
<entry lang="en" key="MOUNTED_VOLUME_NOT_ASSOCIATED">The selected mounted volume is not associated with its drive letter in Windows and so it can not be opened in Windows Explorer.</entry>
<entry lang="en" key="IDC_CLEAR_KEYS_ON_NEW_DEVICE_INSERTION">Clear encryption keys from memory if a new device is inserted</entry>
<entry lang="en" key="CLEAR_KEYS_ON_DEVICE_INSERTION_WARNING">IMPORTANT NOTES:\n - Please keep in mind that this option will not persist after a shutdown/reboot so you will need to select it again next time the machine is started.\n\n - With this option enabled and after a new device is connected, the machine will freeze and it will eventually crash with a BSOD since Windows can not access the encrypted disk after its keys are cleared from memory.\n</entry>
+ <entry lang="en" key="STARTING">Starting</entry>
</localization>
<xs:schema attributeFormDefault="unqualified" elementFormDefault="qualified" xmlns:xs="http://www.w3.org/2001/XMLSchema">
<xs:element name="VeraCrypt">
diff --git a/Translations/Language.cs.xml b/Translations/Language.cs.xml
index f98ead65..8f28a555 100644
--- a/Translations/Language.cs.xml
+++ b/Translations/Language.cs.xml
@@ -1431,6 +1431,7 @@
<entry lang="en" key="MOUNTED_VOLUME_NOT_ASSOCIATED">The selected mounted volume is not associated with its drive letter in Windows and so it can not be opened in Windows Explorer.</entry>
<entry lang="en" key="IDC_CLEAR_KEYS_ON_NEW_DEVICE_INSERTION">Clear encryption keys from memory if a new device is inserted</entry>
<entry lang="en" key="CLEAR_KEYS_ON_DEVICE_INSERTION_WARNING">IMPORTANT NOTES:\n - Please keep in mind that this option will not persist after a shutdown/reboot so you will need to select it again next time the machine is started.\n\n - With this option enabled and after a new device is connected, the machine will freeze and it will eventually crash with a BSOD since Windows can not access the encrypted disk after its keys are cleared from memory.\n</entry>
+ <entry lang="en" key="STARTING">Starting</entry>
</localization>
<xs:schema attributeFormDefault="unqualified" elementFormDefault="qualified" xmlns:xs="http://www.w3.org/2001/XMLSchema">
<xs:element name="VeraCrypt">
diff --git a/Translations/Language.da.xml b/Translations/Language.da.xml
index 88163f4f..79a4ed13 100644
--- a/Translations/Language.da.xml
+++ b/Translations/Language.da.xml
@@ -1431,6 +1431,7 @@
<entry lang="en" key="MOUNTED_VOLUME_NOT_ASSOCIATED">The selected mounted volume is not associated with its drive letter in Windows and so it can not be opened in Windows Explorer.</entry>
<entry lang="en" key="IDC_CLEAR_KEYS_ON_NEW_DEVICE_INSERTION">Clear encryption keys from memory if a new device is inserted</entry>
<entry lang="en" key="CLEAR_KEYS_ON_DEVICE_INSERTION_WARNING">IMPORTANT NOTES:\n - Please keep in mind that this option will not persist after a shutdown/reboot so you will need to select it again next time the machine is started.\n\n - With this option enabled and after a new device is connected, the machine will freeze and it will eventually crash with a BSOD since Windows can not access the encrypted disk after its keys are cleared from memory.\n</entry>
+ <entry lang="en" key="STARTING">Starting</entry>
</localization>
<xs:schema attributeFormDefault="unqualified" elementFormDefault="qualified" xmlns:xs="http://www.w3.org/2001/XMLSchema">
<xs:element name="VeraCrypt">
diff --git a/Translations/Language.de.xml b/Translations/Language.de.xml
index 46280876..fb294b0e 100644
--- a/Translations/Language.de.xml
+++ b/Translations/Language.de.xml
@@ -1434,6 +1434,7 @@
<entry lang="de" key="MOUNTED_VOLUME_NOT_ASSOCIATED">Das ausgewählte eingebundene Volume ist nicht mit seinem Laufwerksbuchstaben in Windows verknüpft und kann daher nicht im Windows Explorer geöffnet werden.</entry>
<entry lang="en" key="IDC_CLEAR_KEYS_ON_NEW_DEVICE_INSERTION">Clear encryption keys from memory if a new device is inserted</entry>
<entry lang="en" key="CLEAR_KEYS_ON_DEVICE_INSERTION_WARNING">IMPORTANT NOTES:\n - Please keep in mind that this option will not persist after a shutdown/reboot so you will need to select it again next time the machine is started.\n\n - With this option enabled and after a new device is connected, the machine will freeze and it will eventually crash with a BSOD since Windows can not access the encrypted disk after its keys are cleared from memory.\n</entry>
+ <entry lang="en" key="STARTING">Starting</entry>
</localization>
<!-- XML-Schema -->
<xs:schema attributeFormDefault="unqualified" elementFormDefault="qualified" xmlns:xs="http://www.w3.org/2001/XMLSchema">
diff --git a/Translations/Language.el.xml b/Translations/Language.el.xml
index 0b1c5d95..6f0b25ef 100644
--- a/Translations/Language.el.xml
+++ b/Translations/Language.el.xml
@@ -1431,6 +1431,7 @@
<entry lang="en" key="MOUNTED_VOLUME_NOT_ASSOCIATED">The selected mounted volume is not associated with its drive letter in Windows and so it can not be opened in Windows Explorer.</entry>
<entry lang="en" key="IDC_CLEAR_KEYS_ON_NEW_DEVICE_INSERTION">Clear encryption keys from memory if a new device is inserted</entry>
<entry lang="en" key="CLEAR_KEYS_ON_DEVICE_INSERTION_WARNING">IMPORTANT NOTES:\n - Please keep in mind that this option will not persist after a shutdown/reboot so you will need to select it again next time the machine is started.\n\n - With this option enabled and after a new device is connected, the machine will freeze and it will eventually crash with a BSOD since Windows can not access the encrypted disk after its keys are cleared from memory.\n</entry>
+ <entry lang="en" key="STARTING">Starting</entry>
</localization>
<xs:schema attributeFormDefault="unqualified" elementFormDefault="qualified" xmlns:xs="http://www.w3.org/2001/XMLSchema">
<xs:element name="VeraCrypt">
diff --git a/Translations/Language.es.xml b/Translations/Language.es.xml
index dc05e0f2..e39ad366 100644
--- a/Translations/Language.es.xml
+++ b/Translations/Language.es.xml
@@ -1431,6 +1431,7 @@
<entry lang="en" key="MOUNTED_VOLUME_NOT_ASSOCIATED">The selected mounted volume is not associated with its drive letter in Windows and so it can not be opened in Windows Explorer.</entry>
<entry lang="en" key="IDC_CLEAR_KEYS_ON_NEW_DEVICE_INSERTION">Clear encryption keys from memory if a new device is inserted</entry>
<entry lang="en" key="CLEAR_KEYS_ON_DEVICE_INSERTION_WARNING">IMPORTANT NOTES:\n - Please keep in mind that this option will not persist after a shutdown/reboot so you will need to select it again next time the machine is started.\n\n - With this option enabled and after a new device is connected, the machine will freeze and it will eventually crash with a BSOD since Windows can not access the encrypted disk after its keys are cleared from memory.\n</entry>
+ <entry lang="es" key="STARTING">Iniciando</entry>
</localization>
<xs:schema attributeFormDefault="unqualified" elementFormDefault="qualified" xmlns:xs="http://www.w3.org/2001/XMLSchema">
<xs:element name="VeraCrypt">
diff --git a/Translations/Language.et.xml b/Translations/Language.et.xml
index 7aec2c0d..0cd77ecb 100644
--- a/Translations/Language.et.xml
+++ b/Translations/Language.et.xml
@@ -1431,6 +1431,7 @@
<entry lang="en" key="MOUNTED_VOLUME_NOT_ASSOCIATED">The selected mounted volume is not associated with its drive letter in Windows and so it can not be opened in Windows Explorer.</entry>
<entry lang="en" key="IDC_CLEAR_KEYS_ON_NEW_DEVICE_INSERTION">Clear encryption keys from memory if a new device is inserted</entry>
<entry lang="en" key="CLEAR_KEYS_ON_DEVICE_INSERTION_WARNING">IMPORTANT NOTES:\n - Please keep in mind that this option will not persist after a shutdown/reboot so you will need to select it again next time the machine is started.\n\n - With this option enabled and after a new device is connected, the machine will freeze and it will eventually crash with a BSOD since Windows can not access the encrypted disk after its keys are cleared from memory.\n</entry>
+ <entry lang="en" key="STARTING">Starting</entry>
</localization>
<xs:schema attributeFormDefault="unqualified" elementFormDefault="qualified" xmlns:xs="http://www.w3.org/2001/XMLSchema">
<xs:element name="VeraCrypt">
diff --git a/Translations/Language.eu.xml b/Translations/Language.eu.xml
index 09aab075..bf2ccd40 100644
--- a/Translations/Language.eu.xml
+++ b/Translations/Language.eu.xml
@@ -1431,6 +1431,7 @@
<entry lang="en" key="MOUNTED_VOLUME_NOT_ASSOCIATED">The selected mounted volume is not associated with its drive letter in Windows and so it can not be opened in Windows Explorer.</entry>
<entry lang="en" key="IDC_CLEAR_KEYS_ON_NEW_DEVICE_INSERTION">Clear encryption keys from memory if a new device is inserted</entry>
<entry lang="en" key="CLEAR_KEYS_ON_DEVICE_INSERTION_WARNING">IMPORTANT NOTES:\n - Please keep in mind that this option will not persist after a shutdown/reboot so you will need to select it again next time the machine is started.\n\n - With this option enabled and after a new device is connected, the machine will freeze and it will eventually crash with a BSOD since Windows can not access the encrypted disk after its keys are cleared from memory.\n</entry>
+ <entry lang="en" key="STARTING">Starting</entry>
</localization>
<xs:schema attributeFormDefault="unqualified" elementFormDefault="qualified" xmlns:xs="http://www.w3.org/2001/XMLSchema">
<xs:element name="VeraCrypt">
diff --git a/Translations/Language.fa.xml b/Translations/Language.fa.xml
index 1493131b..c3f7826c 100644
--- a/Translations/Language.fa.xml
+++ b/Translations/Language.fa.xml
@@ -1431,6 +1431,7 @@
<entry lang="en" key="MOUNTED_VOLUME_NOT_ASSOCIATED">The selected mounted volume is not associated with its drive letter in Windows and so it can not be opened in Windows Explorer.</entry>
<entry lang="en" key="IDC_CLEAR_KEYS_ON_NEW_DEVICE_INSERTION">Clear encryption keys from memory if a new device is inserted</entry>
<entry lang="en" key="CLEAR_KEYS_ON_DEVICE_INSERTION_WARNING">IMPORTANT NOTES:\n - Please keep in mind that this option will not persist after a shutdown/reboot so you will need to select it again next time the machine is started.\n\n - With this option enabled and after a new device is connected, the machine will freeze and it will eventually crash with a BSOD since Windows can not access the encrypted disk after its keys are cleared from memory.\n</entry>
+ <entry lang="en" key="STARTING">Starting</entry>
</localization>
<xs:schema attributeFormDefault="unqualified" elementFormDefault="qualified" xmlns:xs="http://www.w3.org/2001/XMLSchema">
<xs:element name="VeraCrypt">
diff --git a/Translations/Language.fi.xml b/Translations/Language.fi.xml
index a5a2d8fe..643299c7 100644
--- a/Translations/Language.fi.xml
+++ b/Translations/Language.fi.xml
@@ -1431,6 +1431,7 @@
<entry lang="en" key="MOUNTED_VOLUME_NOT_ASSOCIATED">The selected mounted volume is not associated with its drive letter in Windows and so it can not be opened in Windows Explorer.</entry>
<entry lang="en" key="IDC_CLEAR_KEYS_ON_NEW_DEVICE_INSERTION">Clear encryption keys from memory if a new device is inserted</entry>
<entry lang="en" key="CLEAR_KEYS_ON_DEVICE_INSERTION_WARNING">IMPORTANT NOTES:\n - Please keep in mind that this option will not persist after a shutdown/reboot so you will need to select it again next time the machine is started.\n\n - With this option enabled and after a new device is connected, the machine will freeze and it will eventually crash with a BSOD since Windows can not access the encrypted disk after its keys are cleared from memory.\n</entry>
+ <entry lang="en" key="STARTING">Starting</entry>
</localization>
<xs:schema attributeFormDefault="unqualified" elementFormDefault="qualified" xmlns:xs="http://www.w3.org/2001/XMLSchema">
<xs:element name="VeraCrypt">
diff --git a/Translations/Language.fr.xml b/Translations/Language.fr.xml
index a654383a..88eb0a4e 100644
--- a/Translations/Language.fr.xml
+++ b/Translations/Language.fr.xml
@@ -1431,6 +1431,7 @@
<entry lang="fr" key="MOUNTED_VOLUME_NOT_ASSOCIATED">Le volume monté sélectionné n'est pas attaché à sa lettre de lecteur Windows et donc il ne peut pas être ouvert dans l'explorateur de fichiers.</entry>
<entry lang="fr" key="IDC_CLEAR_KEYS_ON_NEW_DEVICE_INSERTION">Effacer les clefs de chiffrement de la mémoire si un nouveau périphérique est connecté à la machine</entry>
<entry lang="fr" key="CLEAR_KEYS_ON_DEVICE_INSERTION_WARNING">IMPORTANT:\n - Cette option ne persiste pas après l'arrêt ou le redémarrage de la machine et donc il va falloir la sélectionner à nouveau au prochain démarrage.\n\n - Une fois cette option sélectionnée, dès qu'un nouveau périphérique est connecté, l'ordinateur va se figer et Windows s'arrêtera de fonctionner vu qu'il ne peut plus accéder au disque une fois que les clefs de chiffrement ont été effacées de la mémoire.\n</entry>
+ <entry lang="fr" key="STARTING">Exécution</entry>
</localization>
<xs:schema attributeFormDefault="unqualified" elementFormDefault="qualified" xmlns:xs="http://www.w3.org/2001/XMLSchema">
<xs:element name="VeraCrypt">
diff --git a/Translations/Language.hu.xml b/Translations/Language.hu.xml
index b6c96891..dcba1f7e 100644
--- a/Translations/Language.hu.xml
+++ b/Translations/Language.hu.xml
@@ -1431,6 +1431,7 @@
<entry lang="en" key="MOUNTED_VOLUME_NOT_ASSOCIATED">The selected mounted volume is not associated with its drive letter in Windows and so it can not be opened in Windows Explorer.</entry>
<entry lang="en" key="IDC_CLEAR_KEYS_ON_NEW_DEVICE_INSERTION">Clear encryption keys from memory if a new device is inserted</entry>
<entry lang="en" key="CLEAR_KEYS_ON_DEVICE_INSERTION_WARNING">IMPORTANT NOTES:\n - Please keep in mind that this option will not persist after a shutdown/reboot so you will need to select it again next time the machine is started.\n\n - With this option enabled and after a new device is connected, the machine will freeze and it will eventually crash with a BSOD since Windows can not access the encrypted disk after its keys are cleared from memory.\n</entry>
+ <entry lang="en" key="STARTING">Starting</entry>
</localization>
<xs:schema attributeFormDefault="unqualified" elementFormDefault="qualified" xmlns:xs="http://www.w3.org/2001/XMLSchema">
<xs:element name="VeraCrypt">
diff --git a/Translations/Language.id.xml b/Translations/Language.id.xml
index 27272e99..001ee8ef 100644
--- a/Translations/Language.id.xml
+++ b/Translations/Language.id.xml
@@ -1431,6 +1431,7 @@
<entry lang="en" key="MOUNTED_VOLUME_NOT_ASSOCIATED">The selected mounted volume is not associated with its drive letter in Windows and so it can not be opened in Windows Explorer.</entry>
<entry lang="en" key="IDC_CLEAR_KEYS_ON_NEW_DEVICE_INSERTION">Clear encryption keys from memory if a new device is inserted</entry>
<entry lang="en" key="CLEAR_KEYS_ON_DEVICE_INSERTION_WARNING">IMPORTANT NOTES:\n - Please keep in mind that this option will not persist after a shutdown/reboot so you will need to select it again next time the machine is started.\n\n - With this option enabled and after a new device is connected, the machine will freeze and it will eventually crash with a BSOD since Windows can not access the encrypted disk after its keys are cleared from memory.\n</entry>
+ <entry lang="en" key="STARTING">Starting</entry>
</localization>
<xs:schema attributeFormDefault="unqualified" elementFormDefault="qualified" xmlns:xs="http://www.w3.org/2001/XMLSchema">
<xs:element name="VeraCrypt">
diff --git a/Translations/Language.it.xml b/Translations/Language.it.xml
index 0afcbcab..0c011061 100644
--- a/Translations/Language.it.xml
+++ b/Translations/Language.it.xml
@@ -1431,6 +1431,7 @@
<entry lang="en" key="MOUNTED_VOLUME_NOT_ASSOCIATED">The selected mounted volume is not associated with its drive letter in Windows and so it can not be opened in Windows Explorer.</entry>
<entry lang="en" key="IDC_CLEAR_KEYS_ON_NEW_DEVICE_INSERTION">Clear encryption keys from memory if a new device is inserted</entry>
<entry lang="en" key="CLEAR_KEYS_ON_DEVICE_INSERTION_WARNING">IMPORTANT NOTES:\n - Please keep in mind that this option will not persist after a shutdown/reboot so you will need to select it again next time the machine is started.\n\n - With this option enabled and after a new device is connected, the machine will freeze and it will eventually crash with a BSOD since Windows can not access the encrypted disk after its keys are cleared from memory.\n</entry>
+ <entry lang="it" key="STARTING">Caricamento</entry>
</localization>
<xs:schema attributeFormDefault="unqualified" elementFormDefault="qualified" xmlns:xs="http://www.w3.org/2001/XMLSchema">
<xs:element name="VeraCrypt">
diff --git a/Translations/Language.ja.xml b/Translations/Language.ja.xml
index c472c363..7645f326 100644
--- a/Translations/Language.ja.xml
+++ b/Translations/Language.ja.xml
@@ -1431,6 +1431,7 @@
<entry lang="en" key="MOUNTED_VOLUME_NOT_ASSOCIATED">The selected mounted volume is not associated with its drive letter in Windows and so it can not be opened in Windows Explorer.</entry>
<entry lang="en" key="IDC_CLEAR_KEYS_ON_NEW_DEVICE_INSERTION">Clear encryption keys from memory if a new device is inserted</entry>
<entry lang="en" key="CLEAR_KEYS_ON_DEVICE_INSERTION_WARNING">IMPORTANT NOTES:\n - Please keep in mind that this option will not persist after a shutdown/reboot so you will need to select it again next time the machine is started.\n\n - With this option enabled and after a new device is connected, the machine will freeze and it will eventually crash with a BSOD since Windows can not access the encrypted disk after its keys are cleared from memory.\n</entry>
+ <entry lang="en" key="STARTING">Starting</entry>
</localization>
<xs:schema attributeFormDefault="unqualified" elementFormDefault="qualified" xmlns:xs="http://www.w3.org/2001/XMLSchema">
<xs:element name="VeraCrypt">
diff --git a/Translations/Language.ka.xml b/Translations/Language.ka.xml
index cd3dfd14..68b35298 100644
--- a/Translations/Language.ka.xml
+++ b/Translations/Language.ka.xml
@@ -1431,6 +1431,7 @@
<entry lang="en" key="MOUNTED_VOLUME_NOT_ASSOCIATED">The selected mounted volume is not associated with its drive letter in Windows and so it can not be opened in Windows Explorer.</entry>
<entry lang="en" key="IDC_CLEAR_KEYS_ON_NEW_DEVICE_INSERTION">Clear encryption keys from memory if a new device is inserted</entry>
<entry lang="en" key="CLEAR_KEYS_ON_DEVICE_INSERTION_WARNING">IMPORTANT NOTES:\n - Please keep in mind that this option will not persist after a shutdown/reboot so you will need to select it again next time the machine is started.\n\n - With this option enabled and after a new device is connected, the machine will freeze and it will eventually crash with a BSOD since Windows can not access the encrypted disk after its keys are cleared from memory.\n</entry>
+ <entry lang="en" key="STARTING">Starting</entry>
</localization>
<xs:schema attributeFormDefault="unqualified" elementFormDefault="qualified" xmlns:xs="http://www.w3.org/2001/XMLSchema">
<xs:element name="VeraCrypt">
diff --git a/Translations/Language.ko.xml b/Translations/Language.ko.xml
index f8734dcd..cf6c63e8 100644
--- a/Translations/Language.ko.xml
+++ b/Translations/Language.ko.xml
@@ -1431,6 +1431,7 @@
<entry lang="en" key="MOUNTED_VOLUME_NOT_ASSOCIATED">The selected mounted volume is not associated with its drive letter in Windows and so it can not be opened in Windows Explorer.</entry>
<entry lang="en" key="IDC_CLEAR_KEYS_ON_NEW_DEVICE_INSERTION">Clear encryption keys from memory if a new device is inserted</entry>
<entry lang="en" key="CLEAR_KEYS_ON_DEVICE_INSERTION_WARNING">IMPORTANT NOTES:\n - Please keep in mind that this option will not persist after a shutdown/reboot so you will need to select it again next time the machine is started.\n\n - With this option enabled and after a new device is connected, the machine will freeze and it will eventually crash with a BSOD since Windows can not access the encrypted disk after its keys are cleared from memory.\n</entry>
+ <entry lang="en" key="STARTING">Starting</entry>
</localization>
<xs:schema attributeFormDefault="unqualified" elementFormDefault="qualified" xmlns:xs="http://www.w3.org/2001/XMLSchema">
<xs:element name="VeraCrypt">
diff --git a/Translations/Language.lv.xml b/Translations/Language.lv.xml
index 1cfde32b..9e29724f 100644
--- a/Translations/Language.lv.xml
+++ b/Translations/Language.lv.xml
@@ -1431,6 +1431,7 @@
<entry lang="en" key="MOUNTED_VOLUME_NOT_ASSOCIATED">The selected mounted volume is not associated with its drive letter in Windows and so it can not be opened in Windows Explorer.</entry>
<entry lang="en" key="IDC_CLEAR_KEYS_ON_NEW_DEVICE_INSERTION">Clear encryption keys from memory if a new device is inserted</entry>
<entry lang="en" key="CLEAR_KEYS_ON_DEVICE_INSERTION_WARNING">IMPORTANT NOTES:\n - Please keep in mind that this option will not persist after a shutdown/reboot so you will need to select it again next time the machine is started.\n\n - With this option enabled and after a new device is connected, the machine will freeze and it will eventually crash with a BSOD since Windows can not access the encrypted disk after its keys are cleared from memory.\n</entry>
+ <entry lang="en" key="STARTING">Starting</entry>
</localization>
<xs:schema attributeFormDefault="unqualified" elementFormDefault="qualified" xmlns:xs="http://www.w3.org/2001/XMLSchema">
<xs:element name="VeraCrypt">
diff --git a/Translations/Language.my.xml b/Translations/Language.my.xml
index c702739e..c5a7215d 100644
--- a/Translations/Language.my.xml
+++ b/Translations/Language.my.xml
@@ -1433,6 +1433,7 @@
<entry lang="en" key="MOUNTED_VOLUME_NOT_ASSOCIATED">The selected mounted volume is not associated with its drive letter in Windows and so it can not be opened in Windows Explorer.</entry>
<entry lang="en" key="IDC_CLEAR_KEYS_ON_NEW_DEVICE_INSERTION">Clear encryption keys from memory if a new device is inserted</entry>
<entry lang="en" key="CLEAR_KEYS_ON_DEVICE_INSERTION_WARNING">IMPORTANT NOTES:\n - Please keep in mind that this option will not persist after a shutdown/reboot so you will need to select it again next time the machine is started.\n\n - With this option enabled and after a new device is connected, the machine will freeze and it will eventually crash with a BSOD since Windows can not access the encrypted disk after its keys are cleared from memory.\n</entry>
+ <entry lang="en" key="STARTING">Starting</entry>
</localization>
<xs:schema attributeFormDefault="unqualified" elementFormDefault="qualified" xmlns:xs="http://www.w3.org/2001/XMLSchema">
<xs:element name="VeraCrypt">
diff --git a/Translations/Language.nl.xml b/Translations/Language.nl.xml
index 184a752c..9d399d89 100644
--- a/Translations/Language.nl.xml
+++ b/Translations/Language.nl.xml
@@ -1432,6 +1432,7 @@
<entry lang="en" key="MOUNTED_VOLUME_NOT_ASSOCIATED">The selected mounted volume is not associated with its drive letter in Windows and so it can not be opened in Windows Explorer.</entry>
<entry lang="en" key="IDC_CLEAR_KEYS_ON_NEW_DEVICE_INSERTION">Clear encryption keys from memory if a new device is inserted</entry>
<entry lang="en" key="CLEAR_KEYS_ON_DEVICE_INSERTION_WARNING">IMPORTANT NOTES:\n - Please keep in mind that this option will not persist after a shutdown/reboot so you will need to select it again next time the machine is started.\n\n - With this option enabled and after a new device is connected, the machine will freeze and it will eventually crash with a BSOD since Windows can not access the encrypted disk after its keys are cleared from memory.\n</entry>
+ <entry lang="en" key="STARTING">Starting</entry>
</localization>
<xs:schema attributeFormDefault="unqualified" elementFormDefault="qualified" xmlns:xs="http://www.w3.org/2001/XMLSchema">
<xs:element name="VeraCrypt">
diff --git a/Translations/Language.nn.xml b/Translations/Language.nn.xml
index f43e4774..7d0d58d8 100644
--- a/Translations/Language.nn.xml
+++ b/Translations/Language.nn.xml
@@ -1431,6 +1431,7 @@
<entry lang="en" key="MOUNTED_VOLUME_NOT_ASSOCIATED">The selected mounted volume is not associated with its drive letter in Windows and so it can not be opened in Windows Explorer.</entry>
<entry lang="en" key="IDC_CLEAR_KEYS_ON_NEW_DEVICE_INSERTION">Clear encryption keys from memory if a new device is inserted</entry>
<entry lang="en" key="CLEAR_KEYS_ON_DEVICE_INSERTION_WARNING">IMPORTANT NOTES:\n - Please keep in mind that this option will not persist after a shutdown/reboot so you will need to select it again next time the machine is started.\n\n - With this option enabled and after a new device is connected, the machine will freeze and it will eventually crash with a BSOD since Windows can not access the encrypted disk after its keys are cleared from memory.\n</entry>
+ <entry lang="en" key="STARTING">Starting</entry>
</localization>
<xs:schema attributeFormDefault="unqualified" elementFormDefault="qualified" xmlns:xs="http://www.w3.org/2001/XMLSchema">
<xs:element name="VeraCrypt">
diff --git a/Translations/Language.pl.xml b/Translations/Language.pl.xml
index 0fed6abc..b9cd2f6d 100644
--- a/Translations/Language.pl.xml
+++ b/Translations/Language.pl.xml
@@ -1431,6 +1431,7 @@
<entry lang="en" key="MOUNTED_VOLUME_NOT_ASSOCIATED">The selected mounted volume is not associated with its drive letter in Windows and so it can not be opened in Windows Explorer.</entry>
<entry lang="en" key="IDC_CLEAR_KEYS_ON_NEW_DEVICE_INSERTION">Clear encryption keys from memory if a new device is inserted</entry>
<entry lang="en" key="CLEAR_KEYS_ON_DEVICE_INSERTION_WARNING">IMPORTANT NOTES:\n - Please keep in mind that this option will not persist after a shutdown/reboot so you will need to select it again next time the machine is started.\n\n - With this option enabled and after a new device is connected, the machine will freeze and it will eventually crash with a BSOD since Windows can not access the encrypted disk after its keys are cleared from memory.\n</entry>
+ <entry lang="en" key="STARTING">Starting</entry>
</localization>
<xs:schema attributeFormDefault="unqualified" elementFormDefault="qualified" xmlns:xs="http://www.w3.org/2001/XMLSchema">
<xs:element name="VeraCrypt">
diff --git a/Translations/Language.pt-br.xml b/Translations/Language.pt-br.xml
index 941eaed9..55b26551 100644
--- a/Translations/Language.pt-br.xml
+++ b/Translations/Language.pt-br.xml
@@ -1431,6 +1431,7 @@
<entry lang="en" key="MOUNTED_VOLUME_NOT_ASSOCIATED">The selected mounted volume is not associated with its drive letter in Windows and so it can not be opened in Windows Explorer.</entry>
<entry lang="en" key="IDC_CLEAR_KEYS_ON_NEW_DEVICE_INSERTION">Clear encryption keys from memory if a new device is inserted</entry>
<entry lang="en" key="CLEAR_KEYS_ON_DEVICE_INSERTION_WARNING">IMPORTANT NOTES:\n - Please keep in mind that this option will not persist after a shutdown/reboot so you will need to select it again next time the machine is started.\n\n - With this option enabled and after a new device is connected, the machine will freeze and it will eventually crash with a BSOD since Windows can not access the encrypted disk after its keys are cleared from memory.\n</entry>
+ <entry lang="en" key="STARTING">Starting</entry>
</localization>
<xs:schema attributeFormDefault="unqualified" elementFormDefault="qualified" xmlns:xs="http://www.w3.org/2001/XMLSchema">
<xs:element name="VeraCrypt">
diff --git a/Translations/Language.ro.xml b/Translations/Language.ro.xml
index 335fa1cf..abc1c956 100644
--- a/Translations/Language.ro.xml
+++ b/Translations/Language.ro.xml
@@ -1431,6 +1431,7 @@
<entry lang="en" key="MOUNTED_VOLUME_NOT_ASSOCIATED">The selected mounted volume is not associated with its drive letter in Windows and so it can not be opened in Windows Explorer.</entry>
<entry lang="en" key="IDC_CLEAR_KEYS_ON_NEW_DEVICE_INSERTION">Clear encryption keys from memory if a new device is inserted</entry>
<entry lang="en" key="CLEAR_KEYS_ON_DEVICE_INSERTION_WARNING">IMPORTANT NOTES:\n - Please keep in mind that this option will not persist after a shutdown/reboot so you will need to select it again next time the machine is started.\n\n - With this option enabled and after a new device is connected, the machine will freeze and it will eventually crash with a BSOD since Windows can not access the encrypted disk after its keys are cleared from memory.\n</entry>
+ <entry lang="en" key="STARTING">Starting</entry>
</localization>
<xs:schema attributeFormDefault="unqualified" elementFormDefault="qualified" xmlns:xs="http://www.w3.org/2001/XMLSchema">
<xs:element name="VeraCrypt">
diff --git a/Translations/Language.ru.xml b/Translations/Language.ru.xml
index 5790e18a..2625caf3 100644
--- a/Translations/Language.ru.xml
+++ b/Translations/Language.ru.xml
@@ -1431,6 +1431,7 @@
<entry lang="en" key="MOUNTED_VOLUME_NOT_ASSOCIATED">The selected mounted volume is not associated with its drive letter in Windows and so it can not be opened in Windows Explorer.</entry>
<entry lang="en" key="IDC_CLEAR_KEYS_ON_NEW_DEVICE_INSERTION">Clear encryption keys from memory if a new device is inserted</entry>
<entry lang="en" key="CLEAR_KEYS_ON_DEVICE_INSERTION_WARNING">IMPORTANT NOTES:\n - Please keep in mind that this option will not persist after a shutdown/reboot so you will need to select it again next time the machine is started.\n\n - With this option enabled and after a new device is connected, the machine will freeze and it will eventually crash with a BSOD since Windows can not access the encrypted disk after its keys are cleared from memory.\n</entry>
+ <entry lang="en" key="STARTING">Starting</entry>
</localization>
<xs:schema attributeFormDefault="unqualified" elementFormDefault="qualified" xmlns:xs="http://www.w3.org/2001/XMLSchema">
<xs:element name="VeraCrypt">
diff --git a/Translations/Language.sk.xml b/Translations/Language.sk.xml
index 92f28a40..90bdf033 100644
--- a/Translations/Language.sk.xml
+++ b/Translations/Language.sk.xml
@@ -1431,6 +1431,7 @@
<entry lang="en" key="MOUNTED_VOLUME_NOT_ASSOCIATED">The selected mounted volume is not associated with its drive letter in Windows and so it can not be opened in Windows Explorer.</entry>
<entry lang="en" key="IDC_CLEAR_KEYS_ON_NEW_DEVICE_INSERTION">Clear encryption keys from memory if a new device is inserted</entry>
<entry lang="en" key="CLEAR_KEYS_ON_DEVICE_INSERTION_WARNING">IMPORTANT NOTES:\n - Please keep in mind that this option will not persist after a shutdown/reboot so you will need to select it again next time the machine is started.\n\n - With this option enabled and after a new device is connected, the machine will freeze and it will eventually crash with a BSOD since Windows can not access the encrypted disk after its keys are cleared from memory.\n</entry>
+ <entry lang="en" key="STARTING">Starting</entry>
</localization>
<xs:schema attributeFormDefault="unqualified" elementFormDefault="qualified" xmlns:xs="http://www.w3.org/2001/XMLSchema">
<xs:element name="VeraCrypt">
diff --git a/Translations/Language.sl.xml b/Translations/Language.sl.xml
index 0d3f2b9e..20a9715b 100644
--- a/Translations/Language.sl.xml
+++ b/Translations/Language.sl.xml
@@ -1431,6 +1431,7 @@
<entry lang="en" key="MOUNTED_VOLUME_NOT_ASSOCIATED">The selected mounted volume is not associated with its drive letter in Windows and so it can not be opened in Windows Explorer.</entry>
<entry lang="en" key="IDC_CLEAR_KEYS_ON_NEW_DEVICE_INSERTION">Clear encryption keys from memory if a new device is inserted</entry>
<entry lang="en" key="CLEAR_KEYS_ON_DEVICE_INSERTION_WARNING">IMPORTANT NOTES:\n - Please keep in mind that this option will not persist after a shutdown/reboot so you will need to select it again next time the machine is started.\n\n - With this option enabled and after a new device is connected, the machine will freeze and it will eventually crash with a BSOD since Windows can not access the encrypted disk after its keys are cleared from memory.\n</entry>
+ <entry lang="en" key="STARTING">Starting</entry>
</localization>
<xs:schema attributeFormDefault="unqualified" elementFormDefault="qualified" xmlns:xs="http://www.w3.org/2001/XMLSchema">
<xs:element name="VeraCrypt">
diff --git a/Translations/Language.sv.xml b/Translations/Language.sv.xml
index 9bbdb4c4..145ab4a5 100644
--- a/Translations/Language.sv.xml
+++ b/Translations/Language.sv.xml
@@ -1431,6 +1431,7 @@
<entry lang="en" key="MOUNTED_VOLUME_NOT_ASSOCIATED">The selected mounted volume is not associated with its drive letter in Windows and so it can not be opened in Windows Explorer.</entry>
<entry lang="en" key="IDC_CLEAR_KEYS_ON_NEW_DEVICE_INSERTION">Clear encryption keys from memory if a new device is inserted</entry>
<entry lang="en" key="CLEAR_KEYS_ON_DEVICE_INSERTION_WARNING">IMPORTANT NOTES:\n - Please keep in mind that this option will not persist after a shutdown/reboot so you will need to select it again next time the machine is started.\n\n - With this option enabled and after a new device is connected, the machine will freeze and it will eventually crash with a BSOD since Windows can not access the encrypted disk after its keys are cleared from memory.\n</entry>
+ <entry lang="en" key="STARTING">Starting</entry>
</localization>
<xs:schema attributeFormDefault="unqualified" elementFormDefault="qualified" xmlns:xs="http://www.w3.org/2001/XMLSchema">
<xs:element name="VeraCrypt">
diff --git a/Translations/Language.th.xml b/Translations/Language.th.xml
index 0a725f1c..5634a6f8 100644
--- a/Translations/Language.th.xml
+++ b/Translations/Language.th.xml
@@ -1432,6 +1432,7 @@
<entry lang="en" key="MOUNTED_VOLUME_NOT_ASSOCIATED">The selected mounted volume is not associated with its drive letter in Windows and so it can not be opened in Windows Explorer.</entry>
<entry lang="en" key="IDC_CLEAR_KEYS_ON_NEW_DEVICE_INSERTION">Clear encryption keys from memory if a new device is inserted</entry>
<entry lang="en" key="CLEAR_KEYS_ON_DEVICE_INSERTION_WARNING">IMPORTANT NOTES:\n - Please keep in mind that this option will not persist after a shutdown/reboot so you will need to select it again next time the machine is started.\n\n - With this option enabled and after a new device is connected, the machine will freeze and it will eventually crash with a BSOD since Windows can not access the encrypted disk after its keys are cleared from memory.\n</entry>
+ <entry lang="en" key="STARTING">Starting</entry>
</localization>
<xs:schema attributeFormDefault="unqualified" elementFormDefault="qualified" xmlns:xs="http://www.w3.org/2001/XMLSchema">
<xs:element name="VeraCrypt">
diff --git a/Translations/Language.tr.xml b/Translations/Language.tr.xml
index 4ff17e38..f2ae80f8 100644
--- a/Translations/Language.tr.xml
+++ b/Translations/Language.tr.xml
@@ -1431,6 +1431,7 @@
<entry lang="en" key="MOUNTED_VOLUME_NOT_ASSOCIATED">The selected mounted volume is not associated with its drive letter in Windows and so it can not be opened in Windows Explorer.</entry>
<entry lang="en" key="IDC_CLEAR_KEYS_ON_NEW_DEVICE_INSERTION">Clear encryption keys from memory if a new device is inserted</entry>
<entry lang="en" key="CLEAR_KEYS_ON_DEVICE_INSERTION_WARNING">IMPORTANT NOTES:\n - Please keep in mind that this option will not persist after a shutdown/reboot so you will need to select it again next time the machine is started.\n\n - With this option enabled and after a new device is connected, the machine will freeze and it will eventually crash with a BSOD since Windows can not access the encrypted disk after its keys are cleared from memory.\n</entry>
+ <entry lang="en" key="STARTING">Starting</entry>
</localization>
<xs:schema attributeFormDefault="unqualified" elementFormDefault="qualified" xmlns:xs="http://www.w3.org/2001/XMLSchema">
<xs:element name="VeraCrypt">
diff --git a/Translations/Language.uk.xml b/Translations/Language.uk.xml
index b8148d10..a0175b6a 100644
--- a/Translations/Language.uk.xml
+++ b/Translations/Language.uk.xml
@@ -1431,6 +1431,7 @@
<entry lang="en" key="MOUNTED_VOLUME_NOT_ASSOCIATED">The selected mounted volume is not associated with its drive letter in Windows and so it can not be opened in Windows Explorer.</entry>
<entry lang="en" key="IDC_CLEAR_KEYS_ON_NEW_DEVICE_INSERTION">Clear encryption keys from memory if a new device is inserted</entry>
<entry lang="en" key="CLEAR_KEYS_ON_DEVICE_INSERTION_WARNING">IMPORTANT NOTES:\n - Please keep in mind that this option will not persist after a shutdown/reboot so you will need to select it again next time the machine is started.\n\n - With this option enabled and after a new device is connected, the machine will freeze and it will eventually crash with a BSOD since Windows can not access the encrypted disk after its keys are cleared from memory.\n</entry>
+ <entry lang="en" key="STARTING">Starting</entry>
</localization>
<xs:schema attributeFormDefault="unqualified" elementFormDefault="qualified" xmlns:xs="http://www.w3.org/2001/XMLSchema">
<xs:element name="VeraCrypt">
diff --git a/Translations/Language.uz.xml b/Translations/Language.uz.xml
index 5cd92e6f..a1b93109 100644
--- a/Translations/Language.uz.xml
+++ b/Translations/Language.uz.xml
@@ -1431,6 +1431,7 @@
<entry lang="en" key="MOUNTED_VOLUME_NOT_ASSOCIATED">The selected mounted volume is not associated with its drive letter in Windows and so it can not be opened in Windows Explorer.</entry>
<entry lang="en" key="IDC_CLEAR_KEYS_ON_NEW_DEVICE_INSERTION">Clear encryption keys from memory if a new device is inserted</entry>
<entry lang="en" key="CLEAR_KEYS_ON_DEVICE_INSERTION_WARNING">IMPORTANT NOTES:\n - Please keep in mind that this option will not persist after a shutdown/reboot so you will need to select it again next time the machine is started.\n\n - With this option enabled and after a new device is connected, the machine will freeze and it will eventually crash with a BSOD since Windows can not access the encrypted disk after its keys are cleared from memory.\n</entry>
+ <entry lang="en" key="STARTING">Starting</entry>
</localization>
<xs:schema attributeFormDefault="unqualified" elementFormDefault="qualified" xmlns:xs="http://www.w3.org/2001/XMLSchema">
<xs:element name="VeraCrypt">
diff --git a/Translations/Language.vi.xml b/Translations/Language.vi.xml
index 15c3e9cc..7170a361 100644
--- a/Translations/Language.vi.xml
+++ b/Translations/Language.vi.xml
@@ -1431,6 +1431,7 @@
<entry lang="en" key="MOUNTED_VOLUME_NOT_ASSOCIATED">The selected mounted volume is not associated with its drive letter in Windows and so it can not be opened in Windows Explorer.</entry>
<entry lang="en" key="IDC_CLEAR_KEYS_ON_NEW_DEVICE_INSERTION">Clear encryption keys from memory if a new device is inserted</entry>
<entry lang="en" key="CLEAR_KEYS_ON_DEVICE_INSERTION_WARNING">IMPORTANT NOTES:\n - Please keep in mind that this option will not persist after a shutdown/reboot so you will need to select it again next time the machine is started.\n\n - With this option enabled and after a new device is connected, the machine will freeze and it will eventually crash with a BSOD since Windows can not access the encrypted disk after its keys are cleared from memory.\n</entry>
+ <entry lang="en" key="STARTING">Starting</entry>
</localization>
<xs:schema attributeFormDefault="unqualified" elementFormDefault="qualified" xmlns:xs="http://www.w3.org/2001/XMLSchema">
<xs:element name="VeraCrypt">
diff --git a/Translations/Language.zh-cn.xml b/Translations/Language.zh-cn.xml
index b2e046ad..3bc7772e 100644
--- a/Translations/Language.zh-cn.xml
+++ b/Translations/Language.zh-cn.xml
@@ -1431,6 +1431,7 @@
<entry lang="zh-cn" key="MOUNTED_VOLUME_NOT_ASSOCIATED">选中的已挂载卷与它在Windows中的盘符不相符,因此无法在Windows资源管理器中打开。</entry>
<entry lang="en" key="IDC_CLEAR_KEYS_ON_NEW_DEVICE_INSERTION">Clear encryption keys from memory if a new device is inserted</entry>
<entry lang="en" key="CLEAR_KEYS_ON_DEVICE_INSERTION_WARNING">IMPORTANT NOTES:\n - Please keep in mind that this option will not persist after a shutdown/reboot so you will need to select it again next time the machine is started.\n\n - With this option enabled and after a new device is connected, the machine will freeze and it will eventually crash with a BSOD since Windows can not access the encrypted disk after its keys are cleared from memory.\n</entry>
+ <entry lang="en" key="STARTING">Starting</entry>
</localization>
<xs:schema attributeFormDefault="unqualified" elementFormDefault="qualified" xmlns:xs="http://www.w3.org/2001/XMLSchema">
<xs:element name="VeraCrypt">
diff --git a/Translations/Language.zh-hk.xml b/Translations/Language.zh-hk.xml
index 318f199b..5a0b07c9 100644
--- a/Translations/Language.zh-hk.xml
+++ b/Translations/Language.zh-hk.xml
@@ -1431,6 +1431,7 @@
<entry lang="en" key="MOUNTED_VOLUME_NOT_ASSOCIATED">The selected mounted volume is not associated with its drive letter in Windows and so it can not be opened in Windows Explorer.</entry>
<entry lang="en" key="IDC_CLEAR_KEYS_ON_NEW_DEVICE_INSERTION">Clear encryption keys from memory if a new device is inserted</entry>
<entry lang="en" key="CLEAR_KEYS_ON_DEVICE_INSERTION_WARNING">IMPORTANT NOTES:\n - Please keep in mind that this option will not persist after a shutdown/reboot so you will need to select it again next time the machine is started.\n\n - With this option enabled and after a new device is connected, the machine will freeze and it will eventually crash with a BSOD since Windows can not access the encrypted disk after its keys are cleared from memory.\n</entry>
+ <entry lang="en" key="STARTING">Starting</entry>
</localization>
<xs:schema attributeFormDefault="unqualified" elementFormDefault="qualified" xmlns:xs="http://www.w3.org/2001/XMLSchema">
<xs:element name="VeraCrypt">
diff --git a/Translations/Language.zh-tw.xml b/Translations/Language.zh-tw.xml
index b23e31b7..373e15a0 100644
--- a/Translations/Language.zh-tw.xml
+++ b/Translations/Language.zh-tw.xml
@@ -1431,6 +1431,7 @@
<entry lang="en" key="MOUNTED_VOLUME_NOT_ASSOCIATED">The selected mounted volume is not associated with its drive letter in Windows and so it can not be opened in Windows Explorer.</entry>
<entry lang="en" key="IDC_CLEAR_KEYS_ON_NEW_DEVICE_INSERTION">Clear encryption keys from memory if a new device is inserted</entry>
<entry lang="en" key="CLEAR_KEYS_ON_DEVICE_INSERTION_WARNING">IMPORTANT NOTES:\n - Please keep in mind that this option will not persist after a shutdown/reboot so you will need to select it again next time the machine is started.\n\n - With this option enabled and after a new device is connected, the machine will freeze and it will eventually crash with a BSOD since Windows can not access the encrypted disk after its keys are cleared from memory.\n</entry>
+ <entry lang="en" key="STARTING">Starting</entry>
</localization>
<xs:schema attributeFormDefault="unqualified" elementFormDefault="qualified" xmlns:xs="http://www.w3.org/2001/XMLSchema">
<xs:element name="VeraCrypt">
diff --git a/doc/chm/VeraCrypt User Guide.chm b/doc/chm/VeraCrypt User Guide.chm
index 8fc216c7..54159856 100644
--- a/doc/chm/VeraCrypt User Guide.chm
+++ b/doc/chm/VeraCrypt User Guide.chm
Binary files differ
diff --git a/doc/html/Release Notes.html b/doc/html/Release Notes.html
index df4b61e9..70f8c58d 100644
--- a/doc/html/Release Notes.html
+++ b/doc/html/Release Notes.html
@@ -45,6 +45,8 @@
<ul>
<li>MBR Bootloader: dynamically determine boot loader memory segment instead of hardcoded values (proposed by neos6464)</li>
<li>MBR Bootloader: workaround for issue affecting creation of hidden OS on some SSD drives.</li>
+<li>Fix issue related to Windows Update breaking VeraCrypt UEFI bootloader.</li>
+<li>Support Multi-boot for EFI system encryption.</li>
<li>New security features:</li>
<ul>
<li>Erase system encryption keys from memory during shutdown/reboot to help mitigate some cold boot attacks</li>
diff --git a/src/Common/BootEncryption.cpp b/src/Common/BootEncryption.cpp
index 9f065615..2bf7991c 100644
--- a/src/Common/BootEncryption.cpp
+++ b/src/Common/BootEncryption.cpp
@@ -2800,7 +2800,7 @@ namespace VeraCrypt
throw_sys_if (!::CopyFileW (path.c_str(), targetPath.c_str(), FALSE));
}
- BOOL EfiBoot::RenameFile(const wchar_t* name, wchar_t* nameNew, BOOL bForce) {
+ BOOL EfiBoot::RenameFile(const wchar_t* name, const wchar_t* nameNew, BOOL bForce) {
wstring path = EfiBootPartPath;
path += name;
wstring pathNew = EfiBootPartPath;
@@ -3069,12 +3069,14 @@ namespace VeraCrypt
{
// Save modules
bool bAlreadyExist;
+ const char* g_szMsBootString = "bootmgfw.pdb";
+ unsigned __int64 loaderSize = 0;
+ const wchar_t * szStdEfiBootloader = Is64BitOs()? L"\\EFI\\Boot\\bootx64.efi": L"\\EFI\\Boot\\bootia32.efi";
+ const wchar_t * szBackupEfiBootloader = Is64BitOs()? L"\\EFI\\Boot\\original_bootx64.vc_backup": L"\\EFI\\Boot\\original_bootia32.vc_backup";
if (preserveUserConfig)
{
bool bModifiedMsBoot = true;
- const char* g_szMsBootString = "bootmgfw.pdb";
- unsigned __int64 loaderSize = 0;
EfiBootInst.GetFileSize(L"\\EFI\\Microsoft\\Boot\\bootmgfw.efi", loaderSize);
if (EfiBootInst.FileExists (L"\\EFI\\Microsoft\\Boot\\bootmgfw_ms.vc"))
@@ -3150,12 +3152,30 @@ namespace VeraCrypt
// if yes, replace it with our bootloader after it was copied to bootmgfw_ms.vc
if (!bModifiedMsBoot)
EfiBootInst.CopyFile (L"\\EFI\\VeraCrypt\\DcsBoot.efi", L"\\EFI\\Microsoft\\Boot\\bootmgfw.efi");
+
+ if (EfiBootInst.FileExists (szStdEfiBootloader))
+ {
+ // check if standard bootloader under EFI\Boot has been set to Microsoft version
+ // if yes, replace it with our bootloader
+ EfiBootInst.GetFileSize(szStdEfiBootloader, loaderSize);
+ if (loaderSize > 32768)
+ {
+ std::vector<byte> bootLoaderBuf ((size_t) loaderSize);
+
+ EfiBootInst.ReadFile(szStdEfiBootloader, &bootLoaderBuf[0], (DWORD) loaderSize);
+
+ // look for bootmgfw.efi identifiant string
+ if (BufferHasPattern (bootLoaderBuf.data (), (size_t) loaderSize, g_szMsBootString, strlen (g_szMsBootString)))
+ {
+ EfiBootInst.RenameFile (szStdEfiBootloader, szBackupEfiBootloader, TRUE);
+ EfiBootInst.CopyFile (L"\\EFI\\VeraCrypt\\DcsBoot.efi", szStdEfiBootloader);
+ }
+ }
+ }
return;
}
}
- const wchar_t * szStdEfiBootloader = Is64BitOs()? L"\\EFI\\Boot\\bootx64.efi": L"\\EFI\\Boot\\bootia32.efi";
-
EfiBootInst.MkDir(L"\\EFI\\VeraCrypt", bAlreadyExist);
EfiBootInst.SaveFile(L"\\EFI\\VeraCrypt\\DcsBoot.efi", dcsBootImg, sizeDcsBoot);
EfiBootInst.SaveFile(L"\\EFI\\VeraCrypt\\DcsInt.dcs", dcsIntImg, sizeDcsInt);
@@ -3170,7 +3190,26 @@ namespace VeraCrypt
EfiBootInst.SetStartExec(L"VeraCrypt BootLoader (DcsBoot)", L"\\EFI\\VeraCrypt\\DcsBoot.efi");
if (EfiBootInst.FileExists (szStdEfiBootloader))
- EfiBootInst.SaveFile(szStdEfiBootloader, dcsBootImg, sizeDcsBoot);
+ {
+ // check if standard bootloader under EFI\Boot is Microsoft one or if it is ours
+ // if both cases, replace it with our bootloader otherwise do nothing
+ EfiBootInst.GetFileSize(szStdEfiBootloader, loaderSize);
+ std::vector<byte> bootLoaderBuf ((size_t) loaderSize);
+ EfiBootInst.ReadFile(szStdEfiBootloader, &bootLoaderBuf[0], (DWORD) loaderSize);
+
+ // look for bootmgfw.efi or VeraCrypt identifiant strings
+ if ( ((loaderSize > 32768) && BufferHasPattern (bootLoaderBuf.data (), (size_t) loaderSize, g_szMsBootString, strlen (g_szMsBootString)))
+ )
+ {
+ EfiBootInst.RenameFile (szStdEfiBootloader, szBackupEfiBootloader, TRUE);
+ EfiBootInst.SaveFile(szStdEfiBootloader, dcsBootImg, sizeDcsBoot);
+ }
+ if ( ((loaderSize <= 32768) && BufferHasPattern (bootLoaderBuf.data (), (size_t) loaderSize, _T(TC_APP_NAME), strlen (TC_APP_NAME) * 2))
+ )
+ {
+ EfiBootInst.SaveFile(szStdEfiBootloader, dcsBootImg, sizeDcsBoot);
+ }
+ }
EfiBootInst.SaveFile(L"\\EFI\\Microsoft\\Boot\\bootmgfw.efi", dcsBootImg, sizeDcsBoot);
// move configuration file from old location (if it exists) to new location
// we don't force the move operation if the new location already exists
@@ -4080,8 +4119,6 @@ namespace VeraCrypt
}
unsigned __int64 loaderSize = 0;
std::vector<byte> bootLoaderBuf;
- const wchar_t * szStdEfiBootloader = Is64BitOs()? L"\\EFI\\Boot\\bootx64.efi": L"\\EFI\\Boot\\bootia32.efi";
- const wchar_t * szBackupEfiBootloader = Is64BitOs()? L"\\EFI\\Boot\\original_bootx64.vc_backup": L"\\EFI\\Boot\\original_bootia32.vc_backup";
const wchar_t * szStdMsBootloader = L"\\EFI\\Microsoft\\Boot\\bootmgfw.efi";
const wchar_t * szBackupMsBootloader = L"\\EFI\\Microsoft\\Boot\\bootmgfw_ms.vc";
const char* g_szMsBootString = "bootmgfw.pdb";
@@ -4134,36 +4171,7 @@ namespace VeraCrypt
}
EfiBootInst.CopyFile (szStdMsBootloader, szBackupMsBootloader);
-
- if (EfiBootInst.FileExists (szStdEfiBootloader))
- {
- EfiBootInst.GetFileSize (szStdEfiBootloader, loaderSize);
-
- bootLoaderBuf.resize ((size_t) loaderSize);
-
- EfiBootInst.ReadFile (szStdEfiBootloader, &bootLoaderBuf[0], (DWORD) loaderSize);
-
- // Prevent VeraCrypt EFI loader from being backed up
- if (BufferHasPattern (bootLoaderBuf.data (), (size_t) loaderSize, _T(TC_APP_NAME), wcslen (_T(TC_APP_NAME)) * 2))
- {
- if (AskWarnNoYes ("TC_BOOT_LOADER_ALREADY_INSTALLED", ParentWindow) == IDNO)
- throw UserAbort (SRC_POS);
-
- // check if backup exists already and if it has bootmgfw signature
- if (EfiBootInst.FileExists (szBackupEfiBootloader))
- {
- // perform the backup on disk using this file
- EfiBootInst.CopyFile (szBackupEfiBootloader, GetSystemLoaderBackupPath().c_str());
- }
-
- return;
- }
-
- EfiBootInst.CopyFile (szStdEfiBootloader, GetSystemLoaderBackupPath().c_str());
- EfiBootInst.CopyFile (szStdEfiBootloader, szBackupEfiBootloader);
- }
- else
- EfiBootInst.CopyFile (szStdMsBootloader, GetSystemLoaderBackupPath().c_str());
+ EfiBootInst.CopyFile (szStdMsBootloader, GetSystemLoaderBackupPath().c_str());
}
else
@@ -4683,6 +4691,21 @@ namespace VeraCrypt
#endif
}
+ void BootEncryption::SetServiceConfigurationFlag (uint32 flag, bool state)
+ {
+ DWORD configMap = ReadDriverConfigurationFlags();
+
+ if (state)
+ configMap |= flag;
+ else
+ configMap &= ~flag;
+#ifdef SETUP
+ WriteLocalMachineRegistryDword (L"SYSTEM\\CurrentControlSet\\Services\\" TC_SYSTEM_FAVORITES_SERVICE_NAME, TC_SYSTEM_FAVORITES_SERVICE_NAME L"Config", configMap);
+#else
+ WriteLocalMachineRegistryDwordValue (L"SYSTEM\\CurrentControlSet\\Services\\" TC_SYSTEM_FAVORITES_SERVICE_NAME, TC_SYSTEM_FAVORITES_SERVICE_NAME L"Config", configMap);
+#endif
+ }
+
#ifndef SETUP
void BootEncryption::RegisterSystemFavoritesService (BOOL registerService)
@@ -5359,6 +5382,16 @@ namespace VeraCrypt
return configMap;
}
+ uint32 BootEncryption::ReadServiceConfigurationFlags ()
+ {
+ DWORD configMap;
+
+ if (!ReadLocalMachineRegistryDword (L"SYSTEM\\CurrentControlSet\\Services\\" TC_SYSTEM_FAVORITES_SERVICE_NAME, TC_SYSTEM_FAVORITES_SERVICE_NAME L"Config", &configMap))
+ configMap = 0;
+
+ return configMap;
+ }
+
void BootEncryption::WriteBootDriveSector (uint64 offset, byte *data)
{
WriteBootDriveSectorRequest request;
diff --git a/src/Common/BootEncryption.h b/src/Common/BootEncryption.h
index ea0e728c..0b5fe4f0 100644
--- a/src/Common/BootEncryption.h
+++ b/src/Common/BootEncryption.h
@@ -210,7 +210,7 @@ namespace VeraCrypt
void CopyFile(const wchar_t* name, const wchar_t* targetName);
bool FileExists(const wchar_t* name);
- BOOL RenameFile(const wchar_t* name, wchar_t* nameNew, BOOL bForce);
+ BOOL RenameFile(const wchar_t* name, const wchar_t* nameNew, BOOL bForce);
BOOL DelFile(const wchar_t* name);
BOOL MkDir(const wchar_t* name, bool& bAlreadyExists);
BOOL ReadConfig (const wchar_t* name, EfiBootConf& conf);
@@ -280,6 +280,7 @@ namespace VeraCrypt
void ProbeRealSystemDriveSize ();
bool ReadBootSectorConfig (byte *config, size_t bufLength, byte *userConfig = nullptr, string *customUserMessage = nullptr, uint16 *bootLoaderVersion = nullptr);
uint32 ReadDriverConfigurationFlags ();
+ uint32 ReadServiceConfigurationFlags ();
void RegisterBootDriver (bool hiddenSystem);
void RegisterFilterDriver (bool registerDriver, FilterType filterType);
void RegisterSystemFavoritesService (BOOL registerService);
@@ -290,6 +291,7 @@ namespace VeraCrypt
void InitialSecurityChecksForHiddenOS ();
void RestrictPagingFilesToSystemPartition ();
void SetDriverConfigurationFlag (uint32 flag, bool state);
+ void SetServiceConfigurationFlag (uint32 flag, bool state);
void SetDriverServiceStartType (DWORD startType);
void SetHiddenOSCreationPhase (unsigned int newPhase);
void StartDecryption (BOOL discardUnreadableEncryptedSectors);
@@ -356,6 +358,9 @@ namespace VeraCrypt
#define TC_SYSTEM_FAVORITES_SERVICE_NAME _T(TC_APP_NAME) L"SystemFavorites"
#define TC_SYSTEM_FAVORITES_SERVICE_LOAD_ORDER_GROUP L"Event Log"
#define TC_SYSTEM_FAVORITES_SERVICE_CMDLINE_OPTION L"/systemFavoritesService"
+#define VC_SYSTEM_FAVORITES_SERVICE_ARG_SKIP_MOUNT L"/SkipMount"
+
+#define VC_SYSTEM_FAVORITES_SERVICE_CONFIG_DONT_UPDATE_LOADER 0x1
#define VC_WINDOWS_UPGRADE_POSTOOBE_CMDLINE_OPTION L"/PostOOBE"
diff --git a/src/Common/Language.xml b/src/Common/Language.xml
index b2700e6d..1921b1aa 100644
--- a/src/Common/Language.xml
+++ b/src/Common/Language.xml
@@ -1431,6 +1431,7 @@
<entry lang="en" key="MOUNTED_VOLUME_NOT_ASSOCIATED">The selected mounted volume is not associated with its drive letter in Windows and so it can not be opened in Windows Explorer.</entry>
<entry lang="en" key="IDC_CLEAR_KEYS_ON_NEW_DEVICE_INSERTION">Clear encryption keys from memory if a new device is inserted</entry>
<entry lang="en" key="CLEAR_KEYS_ON_DEVICE_INSERTION_WARNING">IMPORTANT NOTES:\n - Please keep in mind that this option will not persist after a shutdown/reboot so you will need to select it again next time the machine is started.\n\n - With this option enabled and after a new device is connected, the machine will freeze and it will eventually crash with a BSOD since Windows can not access the encrypted disk after its keys are cleared from memory.\n</entry>
+ <entry lang="en" key="STARTING">Starting</entry>
</localization>
<xs:schema attributeFormDefault="unqualified" elementFormDefault="qualified" xmlns:xs="http://www.w3.org/2001/XMLSchema">
<xs:element name="VeraCrypt">
diff --git a/src/Common/Tcdefs.h b/src/Common/Tcdefs.h
index 5915e401..8f201448 100644
--- a/src/Common/Tcdefs.h
+++ b/src/Common/Tcdefs.h
@@ -61,7 +61,7 @@ extern unsigned short _rotl16(unsigned short value, unsigned char shift);
#define VERSION_NUM 0x0124
// Release date
-#define TC_STR_RELEASE_DATE L"January 12, 2019"
+#define TC_STR_RELEASE_DATE L"January 15, 2019"
#define TC_RELEASE_DATE_YEAR 2019
#define TC_RELEASE_DATE_MONTH 1
diff --git a/src/Format/Tcformat.c b/src/Format/Tcformat.c
index 128f927f..e91a5bf6 100644
--- a/src/Format/Tcformat.c
+++ b/src/Format/Tcformat.c
@@ -1611,10 +1611,6 @@ static void RefreshMultiBootControls (HWND hwndDlg)
nMultiBoot = 1;
#endif
- // For now, we force single configuration in wizard
- if (bSystemIsGPT && nMultiBoot == 0)
- nMultiBoot = 1;
-
SendMessage (GetDlgItem (hwndDlg, IDC_SINGLE_BOOT),
BM_SETCHECK,
nMultiBoot == 1 ? BST_CHECKED : BST_UNCHECKED,
@@ -3874,7 +3870,6 @@ BOOL CALLBACK PageDialogProc (HWND hwndDlg, UINT uMsg, WPARAM wParam, LPARAM lPa
SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDCANCEL), GetString ("CANCEL"));
RefreshMultiBootControls (hwndDlg);
- DisableIfGpt(GetDlgItem(hwndDlg, IDC_MULTI_BOOT));
EnableWindow (GetDlgItem (GetParent (hwndDlg), IDC_NEXT), nMultiBoot > 0);
EnableWindow (GetDlgItem (GetParent (hwndDlg), IDC_PREV), TRUE);
EnableWindow (GetDlgItem (GetParent (hwndDlg), IDCANCEL), TRUE);
@@ -7182,9 +7177,10 @@ BOOL CALLBACK MainDialogProc (HWND hwndDlg, UINT uMsg, WPARAM wParam, LPARAM lPa
// Skip irrelevant pages
nNewPageNo = HIDDEN_VOL_HOST_PRE_CIPHER_PAGE - 1;
}
- else if (nMultiBoot <= 1)
+ else if ((nMultiBoot <= 1) || bSystemIsGPT)
{
// Single-boot (not creating a hidden OS)
+ // Multi-boot in case of GPT
// Skip irrelevant pages
nNewPageNo = CIPHER_PAGE - 1;
@@ -8766,7 +8762,7 @@ ovf_end:
if (WizardMode == WIZARD_MODE_SYS_DEVICE)
{
- if (nMultiBoot > 1)
+ if ((nMultiBoot > 1) && !bSystemIsGPT)
nNewPageNo = SYSENC_MULTI_BOOT_OUTCOME_PAGE + 1; // Skip irrelevant pages
else
nNewPageNo = SYSENC_MULTI_BOOT_MODE_PAGE + 1; // Skip irrelevant pages
diff --git a/src/Mount/Mount.c b/src/Mount/Mount.c
index 13c353fa..337f20d8 100644
--- a/src/Mount/Mount.c
+++ b/src/Mount/Mount.c
@@ -9350,33 +9350,36 @@ static DWORD WINAPI SystemFavoritesServiceCtrlHandler ( DWORD dwControl,
switch (dwControl)
{
case SERVICE_CONTROL_PRESHUTDOWN:
+ case SERVICE_CONTROL_STOP:
SystemFavoritesServiceSetStatus (SERVICE_STOP_PENDING);
- if (BootEncObj && BootEncStatus.DriveMounted && BootEncObj->GetSystemDriveConfiguration().SystemPartition.IsGPT)
+ if (bSystemIsGPT)
{
- try
- {
- BootEncryption::UpdateSetupConfigFile (true);
- // re-install our bootloader again in case the update process has removed it.
- BootEncryption bootEnc (NULL, true);
- bootEnc.InstallBootLoader (true);
- }
- catch (...)
+ uint32 serviceFlags = BootEncObj->ReadServiceConfigurationFlags ();
+ if (!(serviceFlags & VC_SYSTEM_FAVORITES_SERVICE_CONFIG_DONT_UPDATE_LOADER))
{
+ try
+ {
+ BootEncryption::UpdateSetupConfigFile (true);
+ if (!BootEncStatus.HiddenSystem)
+ {
+ // re-install our bootloader again in case the update process has removed it.
+ BootEncryption bootEnc (NULL, true);
+ bootEnc.InstallBootLoader (true);
+ }
+ }
+ catch (...)
+ {
+ }
}
}
/* clear VC_DRIVER_CONFIG_CLEAR_KEYS_ON_NEW_DEVICE_INSERTION flag */
SetDriverConfigurationFlag (VC_DRIVER_CONFIG_CLEAR_KEYS_ON_NEW_DEVICE_INSERTION, FALSE);
-
SetEvent (SystemFavoriteServiceStopEvent);
SystemFavoritesServiceSetStatus (SERVICE_STOP_PENDING);
break;
- case SERVICE_CONTROL_STOP:
- SetEvent (SystemFavoriteServiceStopEvent);
- SystemFavoritesServiceSetStatus (SERVICE_STOP_PENDING);
- break;
case SERVICE_CONTROL_DEVICEEVENT:
if (DBT_DEVICEARRIVAL == dwEventType)
{
@@ -9437,11 +9440,15 @@ static VOID WINAPI SystemFavoritesServiceMain (DWORD argc, LPTSTR *argv)
{
BOOL status = FALSE;
DEV_BROADCAST_DEVICEINTERFACE hdr;
+ BOOL bSkipMount = FALSE;
memset (&SystemFavoritesServiceStatus, 0, sizeof (SystemFavoritesServiceStatus));
SystemFavoritesServiceStatus.dwServiceType = SERVICE_WIN32_OWN_PROCESS;
SystemFavoritesServiceStatus.dwControlsAccepted = SERVICE_ACCEPT_STOP;
if (IsOSAtLeast (WIN_VISTA))
- SystemFavoritesServiceStatus.dwControlsAccepted |= SERVICE_ACCEPT_PRESHUTDOWN;
+ SystemFavoritesServiceStatus.dwControlsAccepted |= SERVICE_ACCEPT_PRESHUTDOWN;
+
+ if ((argc >= 2) && (0 == _wcsicmp (argv[1], VC_SYSTEM_FAVORITES_SERVICE_ARG_SKIP_MOUNT)))
+ bSkipMount = TRUE;
ZeroMemory (&hdr, sizeof(hdr));
hdr.dbcc_size = sizeof (hdr);
@@ -9457,38 +9464,40 @@ static VOID WINAPI SystemFavoritesServiceMain (DWORD argc, LPTSTR *argv)
SystemFavoriteServiceNotify = RegisterDeviceNotification (SystemFavoritesServiceStatusHandle, &hdr,DEVICE_NOTIFY_SERVICE_HANDLE | DEVICE_NOTIFY_ALL_INTERFACE_CLASSES);
- InitGlobalLocks ();
-
SetUnhandledExceptionFilter (SystemFavoritesServiceExceptionHandler);
_set_invalid_parameter_handler (SystemFavoritesServiceInvalidParameterHandler);
- SystemFavoritesServiceSetStatus (SERVICE_START_PENDING, 120000);
+ if (!bSkipMount)
+ {
+ InitGlobalLocks ();
+ SystemFavoritesServiceSetStatus (SERVICE_START_PENDING, 120000);
- SystemFavoritesServiceLogInfo (wstring (L"Initializing list of host devices"));
- // initialize the list of devices available for mounting as early as possible
- UpdateMountableHostDeviceList ();
+ SystemFavoritesServiceLogInfo (wstring (L"Initializing list of host devices"));
+ // initialize the list of devices available for mounting as early as possible
+ UpdateMountableHostDeviceList ();
- SystemFavoritesServiceLogInfo (wstring (L"Starting System Favorites mounting process"));
+ SystemFavoritesServiceLogInfo (wstring (L"Starting System Favorites mounting process"));
- try
- {
- status = MountFavoriteVolumes (NULL, TRUE);
- }
- catch (...) { }
+ try
+ {
+ status = MountFavoriteVolumes (NULL, TRUE);
+ }
+ catch (...) { }
- if (status)
- {
- SystemFavoritesServiceLogInfo (wstring (L"System Favorites mounting process finished"));
- }
- else
- {
- SystemFavoritesServiceLogError (wstring (L"System Favorites mounting process failed."));
- }
+ if (status)
+ {
+ SystemFavoritesServiceLogInfo (wstring (L"System Favorites mounting process finished"));
+ }
+ else
+ {
+ SystemFavoritesServiceLogError (wstring (L"System Favorites mounting process failed."));
+ }
- FinalizeGlobalLocks ();
+ FinalizeGlobalLocks ();
- if (!(ReadDriverConfigurationFlags() & TC_DRIVER_CONFIG_CACHE_BOOT_PASSWORD))
- WipeCache (NULL, TRUE);
+ if (!(ReadDriverConfigurationFlags() & TC_DRIVER_CONFIG_CACHE_BOOT_PASSWORD))
+ WipeCache (NULL, TRUE);
+ }
SystemFavoritesServiceSetStatus (SERVICE_RUNNING);
@@ -9525,6 +9534,7 @@ static BOOL StartSystemFavoritesService ()
{
BootEncObj = new BootEncryption (NULL);
BootEncStatus = BootEncObj->GetStatus();
+ bSystemIsGPT = BootEncObj->GetSystemDriveConfiguration().SystemPartition.IsGPT;
}
catch (Exception &)
{
diff --git a/src/Setup/Setup.c b/src/Setup/Setup.c
index 5e339f2f..bd073d9a 100644
--- a/src/Setup/Setup.c
+++ b/src/Setup/Setup.c
@@ -92,6 +92,74 @@ void localcleanup (void)
CloseAppSetupMutex ();
}
+#define WAIT_PERIOD 3
+
+BOOL StartStopService (HWND hwndDlg, wchar_t *lpszService, BOOL bStart, DWORD argc, LPCWSTR* argv)
+{
+ SC_HANDLE hManager, hService = NULL;
+ BOOL bOK = FALSE, bRet;
+ SERVICE_STATUS status = {0};
+ int x;
+ DWORD dwExpectedState = bStart? SERVICE_RUNNING : SERVICE_STOPPED;
+
+ hManager = OpenSCManager (NULL, NULL, SC_MANAGER_ALL_ACCESS);
+ if (hManager == NULL)
+ goto error;
+
+ hService = OpenService (hManager, lpszService, SERVICE_ALL_ACCESS);
+ if (hService == NULL)
+ goto error;
+
+ if (bStart)
+ StatusMessageParam (hwndDlg, "STARTING", lpszService);
+ else
+ StatusMessageParam (hwndDlg, "STOPPING", lpszService);
+
+ if (bStart)
+ {
+ if (!StartService (hService, argc, argv) && (GetLastError () != ERROR_SERVICE_ALREADY_RUNNING))
+ goto error;
+ }
+ else
+ ControlService (hService, SERVICE_CONTROL_STOP, &status);
+
+ for (x = 0; x < WAIT_PERIOD; x++)
+ {
+ bRet = QueryServiceStatus (hService, &status);
+ if (bRet != TRUE)
+ goto error;
+
+ if (status.dwCurrentState == dwExpectedState)
+ break;
+
+ Sleep (1000);
+ }
+
+ bRet = QueryServiceStatus (hService, &status);
+ if (bRet != TRUE)
+ goto error;
+
+ if (status.dwCurrentState != dwExpectedState)
+ goto error;
+
+ bOK = TRUE;
+
+error:
+
+ if (bOK == FALSE && GetLastError () == ERROR_SERVICE_DOES_NOT_EXIST)
+ {
+ bOK = TRUE;
+ }
+
+ if (hService != NULL)
+ CloseServiceHandle (hService);
+
+ if (hManager != NULL)
+ CloseServiceHandle (hManager);
+
+ return bOK;
+}
+
BOOL ForceCopyFile (LPCWSTR szSrcFile, LPCWSTR szDestFile)
{
BOOL bRet = CopyFileW (szSrcFile, szDestFile, FALSE);
@@ -859,10 +927,33 @@ BOOL DoFilesInstall (HWND hwndDlg, wchar_t *szDestDir)
{
if (BootEncObj.GetDriverServiceStartType() == SERVICE_BOOT_START)
{
+ uint32 driverFlags = ReadDriverConfigurationFlags ();
+ uint32 serviceFlags = BootEncObj.ReadServiceConfigurationFlags ();
+
+ BootEncObj.UpdateSystemFavoritesService ();
+
CopyMessage (hwndDlg, (wchar_t *) servicePath.c_str());
- bResult = ForceCopyFile (szTmp, servicePath.c_str());
- if (bResult)
- BootEncObj.UpdateSystemFavoritesService ();
+
+ // Tell the service not to update loader on stop
+ BootEncObj.SetServiceConfigurationFlag (VC_SYSTEM_FAVORITES_SERVICE_CONFIG_DONT_UPDATE_LOADER, true);
+
+ if (StartStopService (hwndDlg, TC_SYSTEM_FAVORITES_SERVICE_NAME, FALSE, 0, NULL))
+ {
+ // we tell the service not to load system favorites on startup
+ LPCWSTR szArgs[2] = { TC_SYSTEM_FAVORITES_SERVICE_NAME, VC_SYSTEM_FAVORITES_SERVICE_ARG_SKIP_MOUNT};
+ if (!CopyFile (szTmp, servicePath.c_str(), FALSE))
+ ForceCopyFile (szTmp, servicePath.c_str());
+
+ StartStopService (hwndDlg, TC_SYSTEM_FAVORITES_SERVICE_NAME, TRUE, 2, szArgs);
+ }
+ else
+ ForceCopyFile (szTmp, servicePath.c_str());
+
+ BootEncObj.SetDriverConfigurationFlag (driverFlags, true);
+
+ // remove the service flag if it was set originally
+ if (!(serviceFlags & VC_SYSTEM_FAVORITES_SERVICE_CONFIG_DONT_UPDATE_LOADER))
+ BootEncObj.SetServiceConfigurationFlag (VC_SYSTEM_FAVORITES_SERVICE_CONFIG_DONT_UPDATE_LOADER, false);
}
}
catch (...) {}
@@ -1378,8 +1469,6 @@ retry:
else
StatusMessageParam (hwndDlg, "STOPPING", lpszService);
-#define WAIT_PERIOD 3
-
for (x = 0; x < WAIT_PERIOD; x++)
{
bRet = QueryServiceStatus (hService, &status);