VeraCrypt
aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorMounir IDRASSI <mounir.idrassi@idrix.fr>2019-01-09 00:15:51 +0100
committerMounir IDRASSI <mounir.idrassi@idrix.fr>2019-01-09 00:30:05 +0100
commit7c2cf7889f96292d037c21c680b641f70a4d390f (patch)
treed917ecc8153cc4cbc8ef5433bf386f5f4b5d8a26
parent11f0b99846e9ca497284b57425a845474f1c39bf (diff)
downloadVeraCrypt-7c2cf7889f96292d037c21c680b641f70a4d390f.tar.gz
VeraCrypt-7c2cf7889f96292d037c21c680b641f70a4d390f.zip
Windows Driver: erase system encryption keys from memory during shutdown/reboot to help mitigate some cold boot attacks
-rw-r--r--src/Driver/DriveFilter.c4
1 files changed, 2 insertions, 2 deletions
diff --git a/src/Driver/DriveFilter.c b/src/Driver/DriveFilter.c
index bb7083ce..2daf1f52 100644
--- a/src/Driver/DriveFilter.c
+++ b/src/Driver/DriveFilter.c
@@ -917,8 +917,9 @@ static NTSTATUS DispatchPower (PDEVICE_OBJECT DeviceObject, PIRP Irp, DriveFilte
while (SendDeviceIoControlRequest (RootDeviceObject, TC_IOCTL_ABORT_BOOT_ENCRYPTION_SETUP, NULL, 0, NULL, 0) == STATUS_INSUFFICIENT_RESOURCES);
}
-#if 0 // Dismount of the system drive is disabled until there is a way to do it without causing system errors (see the documentation for more info)
+ // Dismount the system drive on shutdown on Windows 7 and later
if (DriverShuttingDown
+ && IsOSAtLeast (WIN_7)
&& Extension->BootDrive
&& Extension->DriveMounted
&& irpSp->MinorFunction == IRP_MN_SET_POWER
@@ -926,7 +927,6 @@ static NTSTATUS DispatchPower (PDEVICE_OBJECT DeviceObject, PIRP Irp, DriveFilte
{
DismountDrive (Extension, TRUE);
}
-#endif // 0
PoStartNextPowerIrp (Irp);