From edd1b00126fa39396fbb76c73cc3ea17aa955fc8 Mon Sep 17 00:00:00 2001 From: Mounir IDRASSI Date: Fri, 1 Mar 2019 00:32:21 +0100 Subject: Windows Driver: Enable RAM encryption only after its security parameters were created --- src/Driver/Ntdriver.c | 11 +++++------ 1 file changed, 5 insertions(+), 6 deletions(-) diff --git a/src/Driver/Ntdriver.c b/src/Driver/Ntdriver.c index bf57fcdc..70b34f43 100644 --- a/src/Driver/Ntdriver.c +++ b/src/Driver/Ntdriver.c @@ -138,6 +138,7 @@ static BOOL SystemFavoriteVolumeDirty = FALSE; static BOOL PagingFileCreationPrevented = FALSE; static BOOL EnableExtendedIoctlSupport = FALSE; static BOOL AllowTrimCommand = FALSE; +static BOOL RamEncryptionActivated = FALSE; static KeSaveExtendedProcessorStateFn KeSaveExtendedProcessorStatePtr = NULL; static KeRestoreExtendedProcessorStateFn KeRestoreExtendedProcessorStatePtr = NULL; static ExGetFirmwareEnvironmentVariableFn ExGetFirmwareEnvironmentVariablePtr = NULL; @@ -331,18 +332,16 @@ NTSTATUS DriverEntry (PDRIVER_OBJECT DriverObject, PUNICODE_STRING RegistryPath) if ((OsMajorVersion > 6) || (OsMajorVersion == 6 && OsMinorVersion >= 1)) { // we enable RAM encryption only starting from Windows 7 - if (IsRamEncryptionEnabled()) + if (RamEncryptionActivated) { if (t1ha_selfcheck__t1ha2() != 0) TC_BUG_CHECK (STATUS_INVALID_PARAMETER); if (!InitializeSecurityParameters(GetDriverRandomSeed)) TC_BUG_CHECK (STATUS_INVALID_PARAMETER); + + EnableRamEncryption (TRUE); } } - else - { - EnableRamEncryption (FALSE); - } #endif for (i = 0; i <= IRP_MJ_MAXIMUM_FUNCTION; ++i) @@ -4513,7 +4512,7 @@ NTSTATUS ReadRegistryConfigFlags (BOOL driverEntry) WriteRegistryConfigFlags (flags); } - EnableRamEncryption ((flags & VC_DRIVER_CONFIG_ENABLE_RAM_ENCRYPTION) ? TRUE : FALSE); + RamEncryptionActivated = (flags & VC_DRIVER_CONFIG_ENABLE_RAM_ENCRYPTION) ? TRUE : FALSE; } EnableHwEncryption ((flags & TC_DRIVER_CONFIG_DISABLE_HARDWARE_ENCRYPTION) ? FALSE : TRUE); -- cgit v1.2.3