VeraCrypt
aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorMounir IDRASSI <mounir.idrassi@idrix.fr>2019-10-18 00:55:32 +0200
committerMounir IDRASSI <mounir.idrassi@idrix.fr>2019-10-18 00:56:39 +0200
commit5b88a183ac297cbb7d332b23a6800bd4681da7db (patch)
tree40a73594bd50fbf4631c2680e1e676e7a8ce6c19
parent4119521f9e7e11f6bae29963605b9acb2960fa8c (diff)
downloadVeraCrypt-5b88a183ac297cbb7d332b23a6800bd4681da7db.tar.gz
VeraCrypt-5b88a183ac297cbb7d332b23a6800bd4681da7db.zip
Windows: handle case of DcsProp configuration file for EFI system encryption contains wrong "ActionSuccess" entry that points towards bootmgfw.efi which is now our bootloader and not Microsoft one.
-rw-r--r--src/Common/BootEncryption.cpp121
-rw-r--r--src/Common/BootEncryption.h2
2 files changed, 93 insertions, 30 deletions
diff --git a/src/Common/BootEncryption.cpp b/src/Common/BootEncryption.cpp
index cc3caa92..597a567d 100644
--- a/src/Common/BootEncryption.cpp
+++ b/src/Common/BootEncryption.cpp
@@ -2364,6 +2364,35 @@ namespace VeraCrypt
WriteConfigInteger (configFile, configContent, "AuthorizeRetry", authorizeRetry);
WriteConfigInteger (configFile, configContent, "DcsBmlLockFlags", bmlLockFlags);
WriteConfigInteger (configFile, configContent, "DcsBmlDriver", bmlDriverEnabled);
+
+ string fieldValue;
+ if (IsPostExecFileField(actionSuccessValue, fieldValue) && (0 == _stricmp(fieldValue.c_str(), "\\EFI\\Microsoft\\Boot\\bootmgfw.efi")))
+ {
+ // fix wrong configuration file since bootmgfw.efi is now a copy of VeraCrypt and if we don't fix the DcsProp
+ // file, veraCrypt bootloader will call itself
+ // We first check if bootmgfw.efi is original Microsoft one. If yes, we don't do anything, otherwise we set the field to bootmgfw_ms.vc
+ unsigned __int64 loaderSize = 0;
+ bool bModifiedMsBoot = true;
+ EfiBootInst.GetFileSize(L"\\EFI\\Microsoft\\Boot\\bootmgfw.efi", loaderSize);
+
+ if (loaderSize > 32768)
+ {
+ std::vector<byte> bootLoaderBuf ((size_t) loaderSize);
+
+ EfiBootInst.ReadFile(L"\\EFI\\Microsoft\\Boot\\bootmgfw.efi", &bootLoaderBuf[0], (DWORD) loaderSize);
+
+ // look for bootmgfw.efi identifiant string
+ const char* g_szMsBootString = "bootmgfw.pdb";
+ if (BufferHasPattern (bootLoaderBuf.data (), (size_t) loaderSize, g_szMsBootString, strlen (g_szMsBootString)))
+ {
+ bModifiedMsBoot = false;
+ }
+ }
+
+ if (bModifiedMsBoot)
+ actionSuccessValue = "postexec file(EFI\\Microsoft\\Boot\\bootmgfw_ms.vc)";
+ }
+
WriteConfigString (configFile, configContent, "ActionSuccess", actionSuccessValue.c_str());
// Write unmodified values
@@ -2396,6 +2425,55 @@ namespace VeraCrypt
return bRet;
}
+ BOOL EfiBootConf::IsPostExecFileField (const string& fieldValue, string& filePath)
+ {
+ BOOL bRet = FALSE;
+ filePath = "";
+
+ if (!fieldValue.empty() && strlen (fieldValue.c_str()))
+ {
+ string copieValue = fieldValue;
+ std::transform(copieValue.begin(), copieValue.end(), copieValue.begin(), ::tolower);
+
+ if (strstr (copieValue.c_str(), "postexec") && strstr (copieValue.c_str(), "file("))
+ {
+ char c;
+ const char* ptr = strstr (copieValue.c_str(), "file(");
+
+ filePath = "\\";
+ ptr += 5;
+ while ((c = *ptr))
+ {
+ if (c == ')')
+ break;
+ if (c == '/')
+ c = '\\';
+ filePath += c;
+ ptr++;
+ }
+
+ if (c == ')')
+ bRet = TRUE;
+ else
+ filePath = "";
+ }
+ }
+
+ return bRet;
+ }
+
+ BOOL EfiBootConf::IsPostExecFileField (const string& fieldValue, wstring& filePath)
+ {
+ string aPath;
+ BOOL bRet = IsPostExecFileField (fieldValue, aPath);
+ if (bRet)
+ filePath = wstring(aPath.begin(), aPath.end());
+ else
+ filePath = L"";
+
+ return bRet;
+ }
+
static const wchar_t* EfiVarGuid = L"{8BE4DF61-93CA-11D2-AA0D-00E098032B8C}";
void
@@ -3120,24 +3198,15 @@ namespace VeraCrypt
EfiBootConf conf;
if (EfiBootInst.ReadConfig (L"\\EFI\\VeraCrypt\\DcsProp", conf) && strlen (conf.actionSuccessValue.c_str()))
{
- string actionValue = conf.actionSuccessValue;
- std::transform(actionValue.begin(), actionValue.end(), actionValue.begin(), ::tolower);
-
- if (strstr (actionValue.c_str(), "postexec") && strstr (actionValue.c_str(), "file("))
+ wstring loaderPath;
+ if (EfiBootConf::IsPostExecFileField (conf.actionSuccessValue, loaderPath))
{
- char c;
- const char* ptr = strstr (actionValue.c_str(), "file(");
- ptr += 5;
- wstring loaderPath = L"\\";
- while ((c = *ptr))
+ // check that it is not bootmgfw.efi
+ if (0 != _wcsicmp (loaderPath.c_str(), L"\\EFI\\Microsoft\\Boot\\bootmgfw.efi"))
{
- if (c == ')' || c == ' ')
- break;
- loaderPath += (wchar_t) c;
- ptr++;
+ bFound = true;
+ EfiBootInst.RenameFile(loaderPath.c_str(), L"\\EFI\\Microsoft\\Boot\\bootmgfw_ms.vc", TRUE);
}
- bFound = true;
- EfiBootInst.RenameFile(loaderPath.c_str(), L"\\EFI\\Microsoft\\Boot\\bootmgfw_ms.vc", TRUE);
}
}
@@ -4230,24 +4299,16 @@ namespace VeraCrypt
EfiBootConf conf;
if (EfiBootInst.ReadConfig (L"\\EFI\\VeraCrypt\\DcsProp", conf) && strlen (conf.actionSuccessValue.c_str()))
{
- string actionValue = conf.actionSuccessValue;
- std::transform(actionValue.begin(), actionValue.end(), actionValue.begin(), ::tolower);
-
- if (strstr (actionValue.c_str(), "postexec") && strstr (actionValue.c_str(), "file("))
+ wstring loaderPath;
+ if (EfiBootConf::IsPostExecFileField (conf.actionSuccessValue, loaderPath))
{
- char c;
- const char* ptr = strstr (actionValue.c_str(), "file(");
- ptr += 5;
- wstring loaderPath = L"\\";
- while ((c = *ptr))
+ // check that it is not bootmgfw_ms.vc or bootmgfw.efi
+ if ( (0 != _wcsicmp (loaderPath.c_str(), L"\\EFI\\Microsoft\\Boot\\bootmgfw_ms.vc"))
+ && (0 != _wcsicmp (loaderPath.c_str(), L"\\EFI\\Microsoft\\Boot\\bootmgfw.efi"))
+ )
{
- if (c == ')' || c == ' ')
- break;
- loaderPath += (wchar_t) c;
- ptr++;
+ EfiBootInst.RenameFile(loaderPath.c_str(), L"\\EFI\\Microsoft\\Boot\\bootmgfw.efi", TRUE);
}
-
- EfiBootInst.RenameFile(loaderPath.c_str(), L"\\EFI\\Microsoft\\Boot\\bootmgfw.efi", TRUE);
}
}
}
diff --git a/src/Common/BootEncryption.h b/src/Common/BootEncryption.h
index 0b5fe4f0..de4f7489 100644
--- a/src/Common/BootEncryption.h
+++ b/src/Common/BootEncryption.h
@@ -189,6 +189,8 @@ namespace VeraCrypt
BOOL Load (const wchar_t* fileName);
void Load (char* configContent);
BOOL Save (const wchar_t* fileName, HWND hwnd);
+ static BOOL IsPostExecFileField (const string& szFieldValue, string& filePath);
+ static BOOL IsPostExecFileField (const string& szFieldValue, wstring& filePath);
};
void GetVolumeESP(wstring& path);