From 07f6793bd25c7f2eab49292d36b2b64f86dfbf2a Mon Sep 17 00:00:00 2001 From: Mounir IDRASSI Date: Mon, 14 Jan 2019 01:01:00 +0100 Subject: Windows: enhance support of new behavior of favorite service which is now always running in case of system encryption --- src/Common/BootEncryption.cpp | 11 ++++++----- src/Mount/Favorites.cpp | 2 +- src/Mount/Mount.c | 17 ++++++----------- src/Setup/Setup.c | 43 +++++++++++++++++++++++++++++++++---------- 4 files changed, 46 insertions(+), 27 deletions(-) diff --git a/src/Common/BootEncryption.cpp b/src/Common/BootEncryption.cpp index 364f0869..9f065615 100644 --- a/src/Common/BootEncryption.cpp +++ b/src/Common/BootEncryption.cpp @@ -4599,8 +4599,6 @@ namespace VeraCrypt { WriteLocalMachineRegistryString (L"SYSTEM\\CurrentControlSet\\Control\\SafeBoot\\Minimal\\" TC_SYSTEM_FAVORITES_SERVICE_NAME, NULL, L"Service", FALSE); WriteLocalMachineRegistryString (L"SYSTEM\\CurrentControlSet\\Control\\SafeBoot\\Network\\" TC_SYSTEM_FAVORITES_SERVICE_NAME, NULL, L"Service", FALSE); - - SetDriverConfigurationFlag (TC_DRIVER_CONFIG_CACHE_BOOT_PASSWORD_FOR_SYS_FAVORITES, true); } catch (...) { @@ -4615,14 +4613,15 @@ namespace VeraCrypt } else { - SetDriverConfigurationFlag (TC_DRIVER_CONFIG_CACHE_BOOT_PASSWORD_FOR_SYS_FAVORITES, false); - DeleteLocalMachineRegistryKey (L"SYSTEM\\CurrentControlSet\\Control\\SafeBoot\\Minimal", TC_SYSTEM_FAVORITES_SERVICE_NAME); DeleteLocalMachineRegistryKey (L"SYSTEM\\CurrentControlSet\\Control\\SafeBoot\\Network", TC_SYSTEM_FAVORITES_SERVICE_NAME); SC_HANDLE service = OpenService (scm, TC_SYSTEM_FAVORITES_SERVICE_NAME, SERVICE_ALL_ACCESS); throw_sys_if (!service); + SERVICE_STATUS serviceStatus = {0}; + ControlService (service, SERVICE_CONTROL_STOP, &serviceStatus); + throw_sys_if (!DeleteService (service)); CloseServiceHandle (service); @@ -4940,7 +4939,7 @@ namespace VeraCrypt try { - RegisterSystemFavoritesService (false); + RegisterSystemFavoritesService (FALSE); } catch (...) { } @@ -5168,6 +5167,8 @@ namespace VeraCrypt InstallVolumeHeader (); RegisterBootDriver (hiddenSystem); + + RegisterSystemFavoritesService (TRUE); } catch (Exception &) { diff --git a/src/Mount/Favorites.cpp b/src/Mount/Favorites.cpp index dab58bc6..284c0b5c 100644 --- a/src/Mount/Favorites.cpp +++ b/src/Mount/Favorites.cpp @@ -256,7 +256,7 @@ namespace VeraCrypt { uint32 reqConfig = IsDlgButtonChecked (hwndDlg, IDC_FAVORITE_OPEN_EXPLORER_WIN_ON_MOUNT) ? TC_DRIVER_CONFIG_CACHE_BOOT_PASSWORD_FOR_SYS_FAVORITES : 0; if (reqConfig != (ReadDriverConfigurationFlags() & TC_DRIVER_CONFIG_CACHE_BOOT_PASSWORD_FOR_SYS_FAVORITES)) - BootEncObj.RegisterSystemFavoritesService (reqConfig ? TRUE : FALSE); + BootEncObj.SetDriverConfigurationFlag (TC_DRIVER_CONFIG_CACHE_BOOT_PASSWORD_FOR_SYS_FAVORITES, reqConfig ? true : false); SetDriverConfigurationFlag (TC_DRIVER_CONFIG_DISABLE_NONADMIN_SYS_FAVORITES_ACCESS, IsDlgButtonChecked (hwndDlg, IDC_FAVORITE_DISABLE_HOTKEY)); } diff --git a/src/Mount/Mount.c b/src/Mount/Mount.c index 473372e1..13c353fa 100644 --- a/src/Mount/Mount.c +++ b/src/Mount/Mount.c @@ -9352,7 +9352,7 @@ static DWORD WINAPI SystemFavoritesServiceCtrlHandler ( DWORD dwControl, case SERVICE_CONTROL_PRESHUTDOWN: SystemFavoritesServiceSetStatus (SERVICE_STOP_PENDING); - if (BootEncObj) + if (BootEncObj && BootEncStatus.DriveMounted && BootEncObj->GetSystemDriveConfiguration().SystemPartition.IsGPT) { try { @@ -9383,11 +9383,10 @@ static DWORD WINAPI SystemFavoritesServiceCtrlHandler ( DWORD dwControl, DEV_BROADCAST_HDR* pHdr = (DEV_BROADCAST_HDR *) lpEventData; if (pHdr->dbch_devicetype != DBT_DEVTYP_VOLUME && pHdr->dbch_devicetype != DBT_DEVTYP_HANDLE) { - SystemFavoritesServiceLogInfo (L"SERVICE_CONTROL_DEVICEEVENT - DBT_DEVICEARRIVAL received"); - if (ReadDriverConfigurationFlags() & VC_DRIVER_CONFIG_CLEAR_KEYS_ON_NEW_DEVICE_INSERTION) { BOOL bClearKeys = TRUE; + SystemFavoritesServiceLogInfo (L"SERVICE_CONTROL_DEVICEEVENT - DBT_DEVICEARRIVAL received"); if (pHdr->dbch_devicetype == DBT_DEVTYP_DEVICEINTERFACE) { DEV_BROADCAST_DEVICEINTERFACE* pInf = (DEV_BROADCAST_DEVICEINTERFACE*) pHdr; @@ -9402,13 +9401,9 @@ static DWORD WINAPI SystemFavoritesServiceCtrlHandler ( DWORD dwControl, } if (bClearKeys) - { + { DWORD cbBytesReturned = 0; - BOOL bResult = DeviceIoControl (hDriver, VC_IOCTL_EMERGENCY_CLEAR_ALL_KEYS, NULL, 0, NULL, 0, &cbBytesReturned, NULL); - if (bResult) - SystemFavoritesServiceLogInfo (L"New device insertion detected - encryption keys cleared"); - else - SystemFavoritesServiceLogInfo (L"New device insertion detected - failed to clear encryption keys"); + DeviceIoControl (hDriver, VC_IOCTL_EMERGENCY_CLEAR_ALL_KEYS, NULL, 0, NULL, 0, &cbBytesReturned, NULL); } } } @@ -9445,8 +9440,8 @@ static VOID WINAPI SystemFavoritesServiceMain (DWORD argc, LPTSTR *argv) memset (&SystemFavoritesServiceStatus, 0, sizeof (SystemFavoritesServiceStatus)); SystemFavoritesServiceStatus.dwServiceType = SERVICE_WIN32_OWN_PROCESS; SystemFavoritesServiceStatus.dwControlsAccepted = SERVICE_ACCEPT_STOP; - if (IsOSAtLeast (WIN_VISTA) && BootEncObj && BootEncStatus.DriveMounted && BootEncObj->GetSystemDriveConfiguration().SystemPartition.IsGPT) - SystemFavoritesServiceStatus.dwControlsAccepted |= SERVICE_ACCEPT_PRESHUTDOWN; + if (IsOSAtLeast (WIN_VISTA)) + SystemFavoritesServiceStatus.dwControlsAccepted |= SERVICE_ACCEPT_PRESHUTDOWN; ZeroMemory (&hdr, sizeof(hdr)); hdr.dbcc_size = sizeof (hdr); diff --git a/src/Setup/Setup.c b/src/Setup/Setup.c index 57c0cca5..5e339f2f 100644 --- a/src/Setup/Setup.c +++ b/src/Setup/Setup.c @@ -92,6 +92,34 @@ void localcleanup (void) CloseAppSetupMutex (); } +BOOL ForceCopyFile (LPCWSTR szSrcFile, LPCWSTR szDestFile) +{ + BOOL bRet = CopyFileW (szSrcFile, szDestFile, FALSE); + if (!bRet) + { + wstring renamedPath = szDestFile; + renamedPath += VC_FILENAME_RENAMED_SUFFIX; + + /* rename the locked file in order to be able to create a new one */ + if (MoveFileExW (szDestFile, renamedPath.c_str(), MOVEFILE_REPLACE_EXISTING)) + { + bRet = CopyFileW (szSrcFile, szDestFile, FALSE); + if (bRet) + { + /* delete the renamed file when the machine reboots */ + MoveFileEx (renamedPath.c_str(), NULL, MOVEFILE_DELAY_UNTIL_REBOOT); + } + else + { + /* restore the original file name */ + MoveFileEx (renamedPath.c_str(), szDestFile, MOVEFILE_REPLACE_EXISTING); + } + } + } + + return bRet; +} + BOOL ForceDeleteFile (LPCWSTR szFileName) { if (!DeleteFile (szFileName)) @@ -814,14 +842,6 @@ BOOL DoFilesInstall (HWND hwndDlg, wchar_t *szDestDir) wstring favoritesFile = GetServiceConfigPath (TC_APPD_FILENAME_SYSTEM_FAVORITE_VOLUMES, false); wstring favoritesLegacyFile = GetServiceConfigPath (TC_APPD_FILENAME_SYSTEM_FAVORITE_VOLUMES, true); - if ( FileExists (servicePath.c_str()) - || (Is64BitOs () && FileExists (serviceLegacyPath.c_str())) - ) - { - CopyMessage (hwndDlg, (wchar_t *) servicePath.c_str()); - bResult = CopyFile (szTmp, servicePath.c_str(), FALSE); - } - if (bResult && Is64BitOs () && FileExists (favoritesLegacyFile.c_str()) && !FileExists (favoritesFile.c_str())) @@ -830,7 +850,7 @@ BOOL DoFilesInstall (HWND hwndDlg, wchar_t *szDestDir) bResult = CopyFile (favoritesLegacyFile.c_str(), favoritesFile.c_str(), FALSE); } - if (bResult && Is64BitOs () && FileExists (favoritesFile.c_str()) && FileExists (servicePath.c_str())) + if (bResult) { // Update the path of the service BootEncryption BootEncObj (hwndDlg); @@ -839,7 +859,10 @@ BOOL DoFilesInstall (HWND hwndDlg, wchar_t *szDestDir) { if (BootEncObj.GetDriverServiceStartType() == SERVICE_BOOT_START) { - BootEncObj.UpdateSystemFavoritesService (); + CopyMessage (hwndDlg, (wchar_t *) servicePath.c_str()); + bResult = ForceCopyFile (szTmp, servicePath.c_str()); + if (bResult) + BootEncObj.UpdateSystemFavoritesService (); } } catch (...) {} -- cgit v1.2.3