From c51a209879107a0331c293087122e1c6e884b32d Mon Sep 17 00:00:00 2001 From: Mounir IDRASSI Date: Sun, 6 Feb 2022 09:34:32 +0100 Subject: Windows: Add registry setting to disable erasing encryption keys on Windows shutdown/reboot. This helps solve BSOD during shutdown/reboot on some machines. Under "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\veracrypt", create a REG_DWORD value named "VeraCryptEraseKeysShutdown" and set its value to 0. --- src/Common/Apidrvr.h | 2 ++ src/Driver/DriveFilter.c | 1 + src/Driver/Driver.rc | 4 ++-- src/Driver/Ntdriver.c | 14 ++++++++++++++ src/Driver/Ntdriver.h | 1 + 5 files changed, 20 insertions(+), 2 deletions(-) (limited to 'src') diff --git a/src/Common/Apidrvr.h b/src/Common/Apidrvr.h index 36946e6c..2eddc3dd 100644 --- a/src/Common/Apidrvr.h +++ b/src/Common/Apidrvr.h @@ -420,6 +420,8 @@ typedef struct #define VC_ENCRYPTION_ITEM_COUNT DRIVER_STR("VeraCryptEncryptionItemCount") #define VC_ENCRYPTION_FRAGMENT_SIZE DRIVER_STR("VeraCryptEncryptionFragmentSize") +#define VC_ERASE_KEYS_SHUTDOWN DRIVER_STR("VeraCryptEraseKeysShutdown") + // WARNING: Modifying the following values can introduce incompatibility with previous versions. #define TC_DRIVER_CONFIG_CACHE_BOOT_PASSWORD 0x1 #define TC_DRIVER_CONFIG_CACHE_BOOT_PASSWORD_FOR_SYS_FAVORITES 0x2 diff --git a/src/Driver/DriveFilter.c b/src/Driver/DriveFilter.c index d3510052..0da212f6 100644 --- a/src/Driver/DriveFilter.c +++ b/src/Driver/DriveFilter.c @@ -988,6 +988,7 @@ static NTSTATUS DispatchPower (PDEVICE_OBJECT DeviceObject, PIRP Irp, DriveFilte // Dismount the system drive on shutdown on Windows 7 and later if (DriverShuttingDown + && EraseKeysOnShutdown && IsOSAtLeast (WIN_7) && Extension->BootDrive && Extension->DriveMounted diff --git a/src/Driver/Driver.rc b/src/Driver/Driver.rc index 3af073ce..ef233463 100644 --- a/src/Driver/Driver.rc +++ b/src/Driver/Driver.rc @@ -27,8 +27,8 @@ LANGUAGE LANG_ENGLISH, SUBLANG_ENGLISH_US // VS_VERSION_INFO VERSIONINFO - FILEVERSION 1,25,6,1 - PRODUCTVERSION 1,25,6,1 + FILEVERSION 1,25,8,0 + PRODUCTVERSION 1,25,8,0 FILEFLAGSMASK 0x17L #ifdef _DEBUG FILEFLAGS 0x1L diff --git a/src/Driver/Ntdriver.c b/src/Driver/Ntdriver.c index 6f068a8f..e70c0463 100644 --- a/src/Driver/Ntdriver.c +++ b/src/Driver/Ntdriver.c @@ -135,6 +135,7 @@ BOOL CacheBootPim = FALSE; BOOL NonAdminSystemFavoritesAccessDisabled = FALSE; BOOL BlockSystemTrimCommand = FALSE; BOOL AllowWindowsDefrag = FALSE; +BOOL EraseKeysOnShutdown = TRUE; // by default, we erase encryption keys on system shutdown static size_t EncryptionThreadPoolFreeCpuCountLimit = 0; static BOOL SystemFavoriteVolumeDirty = FALSE; static BOOL PagingFileCreationPrevented = FALSE; @@ -4856,6 +4857,19 @@ NTSTATUS ReadRegistryConfigFlags (BOOL driverEntry) } + if (driverEntry && NT_SUCCESS (TCReadRegistryKey (&name, VC_ERASE_KEYS_SHUTDOWN, &data))) + { + if (data->Type == REG_DWORD) + { + if (*((uint32 *) data->Data)) + EraseKeysOnShutdown = TRUE; + else + EraseKeysOnShutdown = FALSE; + } + + TCfree (data); + } + return status; } diff --git a/src/Driver/Ntdriver.h b/src/Driver/Ntdriver.h index b7e2d56e..3bbeb457 100644 --- a/src/Driver/Ntdriver.h +++ b/src/Driver/Ntdriver.h @@ -128,6 +128,7 @@ extern BOOL AllowWindowsDefrag; extern int EncryptionIoRequestCount; extern int EncryptionItemCount; extern int EncryptionFragmentSize; +extern BOOL EraseKeysOnShutdown; /* Helper macro returning x seconds in units of 100 nanoseconds */ #define WAIT_SECONDS(x) ((x)*10000000) -- cgit v1.2.3