VeraCrypt
aboutsummaryrefslogtreecommitdiff
path: root/src/Driver
diff options
context:
space:
mode:
authorMounir IDRASSI <mounir.idrassi@idrix.fr>2015-12-20 19:11:50 (GMT)
committerMounir IDRASSI <mounir.idrassi@idrix.fr>2015-12-21 00:19:04 (GMT)
commit8f6c08330ac37b7729d8c1bf7276e8fede2d17fa (patch)
treed395993fe27894fcc2436e7a8e7a35ab4040da00 /src/Driver
parent7832d712fda877001ea5ae825d1a07d424cb72b7 (diff)
downloadVeraCrypt-8f6c08330ac37b7729d8c1bf7276e8fede2d17fa.zip
VeraCrypt-8f6c08330ac37b7729d8c1bf7276e8fede2d17fa.tar.gz
Windows: Implement PIM caching, both for system encryption and for normal volumes. Add options to activate it in the Preferences and System Settings.
Diffstat (limited to 'src/Driver')
-rw-r--r--src/Driver/DriveFilter.c5
-rw-r--r--src/Driver/Ntdriver.c6
-rw-r--r--src/Driver/Ntdriver.h1
-rw-r--r--src/Driver/Ntvol.c2
4 files changed, 12 insertions, 2 deletions
diff --git a/src/Driver/DriveFilter.c b/src/Driver/DriveFilter.c
index d5daf89..7268afa 100644
--- a/src/Driver/DriveFilter.c
+++ b/src/Driver/DriveFilter.c
@@ -125,7 +125,10 @@ NTSTATUS LoadBootArguments ()
Dump ("BootArgumentsCrc32 = %x\n", BootArgs.BootArgumentsCrc32);
if (CacheBootPassword && BootArgs.BootPassword.Length > 0)
- AddPasswordToCache (&BootArgs.BootPassword);
+ {
+ int pim = CacheBootPim? (int) (BootArgs.Flags >> 16) : 0;
+ AddPasswordToCache (&BootArgs.BootPassword, pim);
+ }
// clear fingerprint
burn (BootLoaderFingerprint, sizeof (BootLoaderFingerprint));
diff --git a/src/Driver/Ntdriver.c b/src/Driver/Ntdriver.c
index a069bd1..993b810 100644
--- a/src/Driver/Ntdriver.c
+++ b/src/Driver/Ntdriver.c
@@ -54,6 +54,7 @@ BOOL DriverUnloadDisabled = FALSE;
BOOL PortableMode = FALSE;
BOOL VolumeClassFilterRegistered = FALSE;
BOOL CacheBootPassword = FALSE;
+BOOL CacheBootPim = FALSE;
BOOL NonAdminSystemFavoritesAccessDisabled = FALSE;
static size_t EncryptionThreadPoolFreeCpuCountLimit = 0;
static BOOL SystemFavoriteVolumeDirty = FALSE;
@@ -1444,7 +1445,7 @@ NTSTATUS ProcessMainDeviceControlIrp (PDEVICE_OBJECT DeviceObject, PEXTENSION Ex
if (mount->VolumePassword.Length > MAX_PASSWORD || mount->ProtectedHidVolPassword.Length > MAX_PASSWORD
|| mount->pkcs5_prf < 0 || mount->pkcs5_prf > LAST_PRF_ID
- || mount->VolumePim < 0 || mount->VolumePim == INT_MAX
+ || mount->VolumePim < -1 || mount->VolumePim == INT_MAX
|| mount->ProtectedHidVolPkcs5Prf < 0 || mount->ProtectedHidVolPkcs5Prf > LAST_PRF_ID
|| (mount->bTrueCryptMode != FALSE && mount->bTrueCryptMode != TRUE)
)
@@ -3293,6 +3294,9 @@ NTSTATUS ReadRegistryConfigFlags (BOOL driverEntry)
if (flags & TC_DRIVER_CONFIG_DISABLE_NONADMIN_SYS_FAVORITES_ACCESS)
NonAdminSystemFavoritesAccessDisabled = TRUE;
+
+ if (flags & TC_DRIVER_CONFIG_CACHE_BOOT_PIM)
+ CacheBootPim = TRUE;
}
EnableHwEncryption ((flags & TC_DRIVER_CONFIG_DISABLE_HARDWARE_ENCRYPTION) ? FALSE : TRUE);
diff --git a/src/Driver/Ntdriver.h b/src/Driver/Ntdriver.h
index 07ae5f8..28772fa 100644
--- a/src/Driver/Ntdriver.h
+++ b/src/Driver/Ntdriver.h
@@ -114,6 +114,7 @@ extern ULONG OsMajorVersion;
extern ULONG OsMinorVersion;
extern BOOL VolumeClassFilterRegistered;
extern BOOL CacheBootPassword;
+extern BOOL CacheBootPim;
/* Helper macro returning x seconds in units of 100 nanoseconds */
#define WAIT_SECONDS(x) ((x)*10000000)
diff --git a/src/Driver/Ntvol.c b/src/Driver/Ntvol.c
index 845961d..2c2fd16 100644
--- a/src/Driver/Ntvol.c
+++ b/src/Driver/Ntvol.c
@@ -466,6 +466,7 @@ NTSTATUS TCOpenVolume (PDEVICE_OBJECT DeviceObject,
mount->nReturnCode = ReadVolumeHeaderWCache (
FALSE,
mount->bCache,
+ mount->bCachePim,
readBuffer,
&mount->ProtectedHidVolPassword,
mount->ProtectedHidVolPkcs5Prf,
@@ -478,6 +479,7 @@ NTSTATUS TCOpenVolume (PDEVICE_OBJECT DeviceObject,
mount->nReturnCode = ReadVolumeHeaderWCache (
mount->bPartitionInInactiveSysEncScope && volumeType == TC_VOLUME_TYPE_NORMAL,
mount->bCache,
+ mount->bCachePim,
readBuffer,
&mount->VolumePassword,
mount->pkcs5_prf,