VeraCrypt
aboutsummaryrefslogtreecommitdiff
path: root/src/Driver/DriveFilter.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/Driver/DriveFilter.c')
-rw-r--r--src/Driver/DriveFilter.c35
1 files changed, 26 insertions, 9 deletions
diff --git a/src/Driver/DriveFilter.c b/src/Driver/DriveFilter.c
index 9700226f..49d62126 100644
--- a/src/Driver/DriveFilter.c
+++ b/src/Driver/DriveFilter.c
@@ -220,7 +220,7 @@ NTSTATUS LoadBootArguments (BOOL bIsEfi)
NTSTATUS DriveFilterAddDevice (PDRIVER_OBJECT driverObject, PDEVICE_OBJECT pdo)
{
- DriveFilterExtension *Extension;
+ DriveFilterExtension *Extension = NULL;
NTSTATUS status;
PDEVICE_OBJECT filterDeviceObject = NULL;
PDEVICE_OBJECT attachedDeviceObject;
@@ -275,7 +275,7 @@ NTSTATUS DriveFilterAddDevice (PDRIVER_OBJECT driverObject, PDEVICE_OBJECT pdo)
err:
if (filterDeviceObject)
{
- if (Extension->LowerDeviceObject)
+ if (Extension && Extension->LowerDeviceObject)
IoDetachDevice (Extension->LowerDeviceObject);
IoDeleteDevice (filterDeviceObject);
@@ -362,8 +362,8 @@ static void ComputeBootLoaderFingerprint(PDEVICE_OBJECT LowerDeviceObject, byte*
NTSTATUS saveStatus = STATUS_INVALID_PARAMETER;
#ifdef _WIN64
XSTATE_SAVE SaveState;
- if (g_isIntel && HasSAVX())
- saveStatus = KeSaveExtendedProcessorState(XSTATE_MASK_GSSE, &SaveState);
+ if (IsCpuIntel() && HasSAVX())
+ saveStatus = KeSaveExtendedProcessorStateVC(XSTATE_MASK_GSSE, &SaveState);
#else
KFLOATING_SAVE floatingPointState;
if (HasISSE() || (HasSSSE3() && HasMMX()))
@@ -405,7 +405,7 @@ static void ComputeBootLoaderFingerprint(PDEVICE_OBJECT LowerDeviceObject, byte*
if (NT_SUCCESS (saveStatus))
#ifdef _WIN64
- KeRestoreExtendedProcessorState(&SaveState);
+ KeRestoreExtendedProcessorStateVC(&SaveState);
#else
KeRestoreFloatingPointState (&floatingPointState);
#endif
@@ -520,7 +520,7 @@ static NTSTATUS MountDrive (DriveFilterExtension *Extension, Password *password,
pim = (int) (BootArgs.Flags >> 16);
- if (ReadVolumeHeader (!hiddenVolume, header, password, pkcs5_prf, pim, FALSE, &Extension->Queue.CryptoInfo, Extension->HeaderCryptoInfo) == 0)
+ if (ReadVolumeHeader (!hiddenVolume, header, password, pkcs5_prf, pim, &Extension->Queue.CryptoInfo, Extension->HeaderCryptoInfo) == 0)
{
// Header decrypted
status = STATUS_SUCCESS;
@@ -660,6 +660,12 @@ static NTSTATUS MountDrive (DriveFilterExtension *Extension, Password *password,
{
CrashDumpEnabled = TRUE;
HibernationEnabled = TRUE;
+#ifdef _WIN64
+ if (IsRamEncryptionEnabled())
+ {
+ HibernationEnabled = FALSE;
+ }
+#endif
}
else if (!LegacyHibernationDriverFilterActive)
StartLegacyHibernationDriverFilter();
@@ -982,6 +988,7 @@ static NTSTATUS DispatchPower (PDEVICE_OBJECT DeviceObject, PIRP Irp, DriveFilte
// Dismount the system drive on shutdown on Windows 7 and later
if (DriverShuttingDown
+ && EraseKeysOnShutdown
&& IsOSAtLeast (WIN_7)
&& Extension->BootDrive
&& Extension->DriveMounted
@@ -1040,6 +1047,11 @@ static NTSTATUS DispatchControl (PDEVICE_OBJECT DeviceObject, PIRP Irp, DriveFil
}
}
break;
+ case IOCTL_DISK_GROW_PARTITION:
+ Dump ("DriverFilter-DispatchControl: IOCTL_DISK_GROW_PARTITION blocked\n");
+ IoReleaseRemoveLock (&Extension->Queue.RemoveLock, Irp);
+ return TCCompleteDiskIrp (Irp, STATUS_UNSUCCESSFUL, 0);
+ break;
}
status = PassIrp (Extension->LowerDeviceObject, Irp);
@@ -1181,7 +1193,7 @@ void ReopenBootVolumeHeader (PIRP irp, PIO_STACK_LOCATION irpSp)
}
#endif
- if (ReadVolumeHeader (!BootDriveFilterExtension->HiddenSystem, header, &request->VolumePassword, request->pkcs5_prf, request->pim, FALSE, NULL, BootDriveFilterExtension->HeaderCryptoInfo) == 0)
+ if (ReadVolumeHeader (!BootDriveFilterExtension->HiddenSystem, header, &request->VolumePassword, request->pkcs5_prf, request->pim, NULL, BootDriveFilterExtension->HeaderCryptoInfo) == 0)
{
Dump ("Header reopened\n");
#ifdef _WIN64
@@ -2101,8 +2113,8 @@ void GetBootEncryptionAlgorithmName (PIRP irp, PIO_STACK_LOCATION irpSp)
wchar_t BootEncryptionAlgorithmNameW[256];
wchar_t BootPrfAlgorithmNameW[256];
GetBootEncryptionAlgorithmNameRequest *request = (GetBootEncryptionAlgorithmNameRequest *) irp->AssociatedIrp.SystemBuffer;
- EAGetName (BootEncryptionAlgorithmNameW, BootDriveFilterExtension->Queue.CryptoInfo->ea, 0);
- HashGetName2 (BootPrfAlgorithmNameW, BootDriveFilterExtension->Queue.CryptoInfo->pkcs5);
+ EAGetName (BootEncryptionAlgorithmNameW, 256, BootDriveFilterExtension->Queue.CryptoInfo->ea, 0);
+ HashGetName2 (BootPrfAlgorithmNameW, 256, BootDriveFilterExtension->Queue.CryptoInfo->pkcs5);
RtlStringCbPrintfA (request->BootEncryptionAlgorithmName, sizeof (request->BootEncryptionAlgorithmName), "%S", BootEncryptionAlgorithmNameW);
RtlStringCbPrintfA (request->BootPrfAlgorithmName, sizeof (request->BootPrfAlgorithmName), "%S", BootPrfAlgorithmNameW);
@@ -2228,6 +2240,11 @@ static VOID DecoySystemWipeThreadProc (PVOID threadArg)
goto err;
}
+#ifdef _WIN64
+ if (IsRamEncryptionEnabled ())
+ VcProtectKeys (wipeCryptoInfo, VcGetEncryptionID (wipeCryptoInfo));
+#endif
+
EncryptDataUnits (wipeRandBuffer, &dataUnit, wipeBlockSize / ENCRYPTION_DATA_UNIT_SIZE, wipeCryptoInfo);
memcpy (wipeRandChars, wipeRandBuffer, sizeof (wipeRandChars));