diff options
| author | Mounir IDRASSI <mounir.idrassi@idrix.fr> | 2019-12-10 00:44:47 +0100 |
|---|---|---|
| committer | Mounir IDRASSI <mounir.idrassi@idrix.fr> | 2019-12-10 00:51:34 +0100 |
| commit | f9d95ef2c84ebc61e4e0c77f8b9f054c65abd7cd (patch) | |
| tree | 0f0dc8c824a639577a8e8f2d7599ebcad4711ac9 /src/Common | |
| parent | 5eaa204d83a1d9867094c14b4a35f310f27f6c65 (diff) | |
| download | VeraCrypt-f9d95ef2c84ebc61e4e0c77f8b9f054c65abd7cd.tar.gz VeraCrypt-f9d95ef2c84ebc61e4e0c77f8b9f054c65abd7cd.zip | |
Windows: Add switch /FastCreateFile for VeraCrypt Format.exe to speedup creation of large file container if quick format is selected. This switch comes with security issues since it will embed existing content on disk into the file container which may expose sensitive content to an attacker who has access to the file container.
Diffstat (limited to 'src/Common')
| -rw-r--r-- | src/Common/Format.c | 25 | ||||
| -rw-r--r-- | src/Common/Format.h | 1 |
2 files changed, 24 insertions, 2 deletions
diff --git a/src/Common/Format.c b/src/Common/Format.c index 82c4df55..4aaf8b32 100644 --- a/src/Common/Format.c +++ b/src/Common/Format.c @@ -369,8 +369,13 @@ begin_format: if (!volParams->hiddenVol && !bInstantRetryOtherFilesys) { LARGE_INTEGER volumeSize; + BOOL speedupFileCreation = FALSE; volumeSize.QuadPart = dataAreaSize + TC_VOLUME_HEADER_GROUP_SIZE; + // speedup for file creation only makes sens when using quick format + if (volParams->quickFormat && volParams->fastCreateFile) + speedupFileCreation = TRUE; + if (volParams->sparseFileSwitch && volParams->quickFormat) { // Create as sparse file container @@ -384,12 +389,28 @@ begin_format: // Preallocate the file if (!SetFilePointerEx (dev, volumeSize, NULL, FILE_BEGIN) - || !SetEndOfFile (dev) - || SetFilePointer (dev, 0, NULL, FILE_BEGIN) != 0) + || !SetEndOfFile (dev)) + { + nStatus = ERR_OS_ERROR; + goto error; + } + + if (speedupFileCreation) + { + // accelerate file creation by telling Windows not to fill all file content with zeros + // this has security issues since it will put existing disk content into file container + // We use this mechanism only when switch /fastCreateFile specific and when quick format + // also specified and which is documented to have security issues. + // we don't check returned status because failure is not issue for us + SetFileValidData (dev, volumeSize.QuadPart); + } + + if (SetFilePointer (dev, 0, NULL, FILE_BEGIN) != 0) { nStatus = ERR_OS_ERROR; goto error; } + } } diff --git a/src/Common/Format.h b/src/Common/Format.h index 961ece7c..4ce1b8c7 100644 --- a/src/Common/Format.h +++ b/src/Common/Format.h @@ -38,6 +38,7 @@ typedef struct unsigned int clusterSize; BOOL sparseFileSwitch; BOOL quickFormat; + BOOL fastCreateFile; DWORD sectorSize; int *realClusterSize; Password *password; |