path: root/src/Driver/Ntdriver.h
diff options
authorMounir IDRASSI <>2019-01-09 00:25:06 +0100
committerMounir IDRASSI <>2019-01-09 00:30:12 +0100
commit652e989d238fff2ade0de5a33a0e307e233c06e0 (patch)
tree21ead198c765bc51b839748ca06c7cdecea663d7 /src/Driver/Ntdriver.h
parent7c2cf7889f96292d037c21c680b641f70a4d390f (diff)
Windows Security: Add new entry point in driver that allows emergency clearing of all encryption keys from memory. This entry point requires administrative privileges and it will caused BSDO when system encryption is active. It can be useful for example to applications that monitors physical access to the machine and which need to erase sensitive key material from RAM when unauthorized access is detected.
Diffstat (limited to 'src/Driver/Ntdriver.h')
1 files changed, 2 insertions, 1 deletions
diff --git a/src/Driver/Ntdriver.h b/src/Driver/Ntdriver.h
index 2479d45b..4ee25454 100644
--- a/src/Driver/Ntdriver.h
+++ b/src/Driver/Ntdriver.h
@@ -51,7 +51,7 @@ typedef struct EXTENSION
PFILE_OBJECT pfoDeviceFile; /* Device fileobject for this device */
PDEVICE_OBJECT pFsdDevice; /* lower level device handle */
- CRYPTO_INFO *cryptoInfo; /* Cryptographic and other information for this device */
+ volatile CRYPTO_INFO *cryptoInfo; /* Cryptographic and other information for this device */
__int64 HostLength;
__int64 DiskLength; /* The length of the disk referred to by this device */
@@ -190,6 +190,7 @@ BOOL IsVolumeAccessibleByCurrentUser (PEXTENSION volumeDeviceExtension);
void GetElapsedTimeInit (LARGE_INTEGER *lastPerfCounter);
int64 GetElapsedTime (LARGE_INTEGER *lastPerfCounter);
BOOL IsOSAtLeast (OSVersionEnum reqMinOS);
+PDEVICE_OBJECT GetVirtualVolumeDeviceObject (int driveNumber);
#define TC_BUG_CHECK(status) KeBugCheckEx (SECURITY_SYSTEM, __LINE__, (ULONG_PTR) status, 0, 'VC')