From db80c0234236dc9beff60b4c47b5627dbfb99bd2 Mon Sep 17 00:00:00 2001
From: Mounir IDRASSI <mounir.idrassi@idrix.fr>
Date: Tue, 15 Sep 2015 01:26:30 +0200
Subject: Windows: Add option to explicitly support extended disk IOCTLs and
 disable this support by default. This will avoid having issue with software
 that doesn't handle correctly partial IOCTL_STORAGE_QUERY_PROPERTY support.

---
 src/Common/Apidrvr.h    |  1 +
 src/Common/Language.xml |  2 +
 src/Driver/Ntdriver.c   | 98 ++++++++++++++++++++++++++-----------------------
 src/Mount/Mount.c       |  3 ++
 src/Mount/Mount.rc      | 13 ++++---
 src/Mount/Resource.h    |  4 +-
 6 files changed, 70 insertions(+), 51 deletions(-)

(limited to 'src')

diff --git a/src/Common/Apidrvr.h b/src/Common/Apidrvr.h
index c49eafa9..d78e96db 100644
--- a/src/Common/Apidrvr.h
+++ b/src/Common/Apidrvr.h
@@ -334,5 +334,6 @@ typedef struct
 #define TC_DRIVER_CONFIG_CACHE_BOOT_PASSWORD_FOR_SYS_FAVORITES		0x2
 #define TC_DRIVER_CONFIG_DISABLE_NONADMIN_SYS_FAVORITES_ACCESS		0x4
 #define TC_DRIVER_CONFIG_DISABLE_HARDWARE_ENCRYPTION				0x8
+#define TC_DRIVER_CONFIG_ENABLE_EXTENDED_IOCTL						0x10
 
 #endif		/* _WIN32 */
diff --git a/src/Common/Language.xml b/src/Common/Language.xml
index 27d7874e..4a111e84 100644
--- a/src/Common/Language.xml
+++ b/src/Common/Language.xml
@@ -274,6 +274,8 @@
     <control lang="en" key="IDT_CUSTOM_BOOT_LOADER_MESSAGE">Display this custom message in the pre-boot authentication screen (24 characters maximum):</control>
     <control lang="en" key="IDT_DEFAULT_MOUNT_OPTIONS">Default Mount Options</control>
     <control lang="en" key="IDT_DISMOUNT_ACTION">Hot Key Options</control>
+    <control lang="en" key="IDT_DRIVER_OPTIONS">Driver Configuration</control>
+    <control lang="en" key="IDC_ENABLE_EXTENDED_IOCTL_SUPPORT">Enable extended disk control codes support</control>
     <control lang="en" key="IDT_FAVORITE_LABEL">Label of selected favorite volume:</control>
     <control lang="en" key="IDT_FILE_SETTINGS">File Settings</control>
     <control lang="en" key="IDT_HOTKEY_KEY">Key to assign:</control>
diff --git a/src/Driver/Ntdriver.c b/src/Driver/Ntdriver.c
index 9c0a8500..845aec6f 100644
--- a/src/Driver/Ntdriver.c
+++ b/src/Driver/Ntdriver.c
@@ -58,6 +58,7 @@ BOOL NonAdminSystemFavoritesAccessDisabled = FALSE;
 static size_t EncryptionThreadPoolFreeCpuCountLimit = 0;
 static BOOL SystemFavoriteVolumeDirty = FALSE;
 static BOOL PagingFileCreationPrevented = FALSE;
+static BOOL EnableExtendedIoctlSupport = FALSE;
 
 PDEVICE_OBJECT VirtualVolumeDeviceObjects[MAX_MOUNTED_VOLUME_DRIVE_NUMBER + 1];
 
@@ -631,63 +632,68 @@ NTSTATUS ProcessVolumeDeviceControlIrp (PDEVICE_OBJECT DeviceObject, PEXTENSION
 		break;
 
 	case IOCTL_STORAGE_QUERY_PROPERTY:
-		if (ValidateIOBufferSize (Irp, sizeof (STORAGE_PROPERTY_QUERY), ValidateInput))
-		{			
-			PSTORAGE_PROPERTY_QUERY pStoragePropQuery = (PSTORAGE_PROPERTY_QUERY) Irp->AssociatedIrp.SystemBuffer;
-			STORAGE_QUERY_TYPE type = pStoragePropQuery->QueryType;
+		if (EnableExtendedIoctlSupport)
+		{
+			if (ValidateIOBufferSize (Irp, sizeof (STORAGE_PROPERTY_QUERY), ValidateInput))
+			{			
+				PSTORAGE_PROPERTY_QUERY pStoragePropQuery = (PSTORAGE_PROPERTY_QUERY) Irp->AssociatedIrp.SystemBuffer;
+				STORAGE_QUERY_TYPE type = pStoragePropQuery->QueryType;
 
-			/* return error if an unsupported type is encountered */
-			Irp->IoStatus.Status = STATUS_INVALID_DEVICE_REQUEST;
-			Irp->IoStatus.Information = 0;
+				/* return error if an unsupported type is encountered */
+				Irp->IoStatus.Status = STATUS_INVALID_DEVICE_REQUEST;
+				Irp->IoStatus.Information = 0;
 
-			if (	(pStoragePropQuery->PropertyId == StorageAccessAlignmentProperty)
-				||	(pStoragePropQuery->PropertyId == StorageDeviceProperty)
-				)
-			{
-				if (type == PropertyExistsQuery)
-				{
-					Irp->IoStatus.Status = STATUS_SUCCESS;
-					Irp->IoStatus.Information = 0;
-				}
-				else if (type == PropertyStandardQuery)
+				if (	(pStoragePropQuery->PropertyId == StorageAccessAlignmentProperty)
+					||	(pStoragePropQuery->PropertyId == StorageDeviceProperty)
+					)
 				{
-					switch (pStoragePropQuery->PropertyId)
+					if (type == PropertyExistsQuery)
 					{
-						case StorageDeviceProperty:
-							{
-								if (ValidateIOBufferSize (Irp, sizeof (STORAGE_DEVICE_DESCRIPTOR), ValidateOutput))
+						Irp->IoStatus.Status = STATUS_SUCCESS;
+						Irp->IoStatus.Information = 0;
+					}
+					else if (type == PropertyStandardQuery)
+					{
+						switch (pStoragePropQuery->PropertyId)
+						{
+							case StorageDeviceProperty:
 								{
-									PSTORAGE_DEVICE_DESCRIPTOR outputBuffer = (PSTORAGE_DEVICE_DESCRIPTOR) Irp->AssociatedIrp.SystemBuffer;
-
-									outputBuffer->Version = sizeof(STORAGE_DEVICE_DESCRIPTOR);
-									outputBuffer->Size = sizeof(STORAGE_DEVICE_DESCRIPTOR);
-									outputBuffer->DeviceType = FILE_DEVICE_DISK;
-									outputBuffer->RemovableMedia = Extension->bRemovable? TRUE : FALSE;
-									Irp->IoStatus.Status = STATUS_SUCCESS;
-									Irp->IoStatus.Information = sizeof (STORAGE_DEVICE_DESCRIPTOR);
+									if (ValidateIOBufferSize (Irp, sizeof (STORAGE_DEVICE_DESCRIPTOR), ValidateOutput))
+									{
+										PSTORAGE_DEVICE_DESCRIPTOR outputBuffer = (PSTORAGE_DEVICE_DESCRIPTOR) Irp->AssociatedIrp.SystemBuffer;
+
+										outputBuffer->Version = sizeof(STORAGE_DEVICE_DESCRIPTOR);
+										outputBuffer->Size = sizeof(STORAGE_DEVICE_DESCRIPTOR);
+										outputBuffer->DeviceType = FILE_DEVICE_DISK;
+										outputBuffer->RemovableMedia = Extension->bRemovable? TRUE : FALSE;
+										Irp->IoStatus.Status = STATUS_SUCCESS;
+										Irp->IoStatus.Information = sizeof (STORAGE_DEVICE_DESCRIPTOR);
+									}
 								}
-							}
-							break;
-						case StorageAccessAlignmentProperty:
-							{
-								if (ValidateIOBufferSize (Irp, sizeof (STORAGE_ACCESS_ALIGNMENT_DESCRIPTOR), ValidateOutput))
+								break;
+							case StorageAccessAlignmentProperty:
 								{
-									PSTORAGE_ACCESS_ALIGNMENT_DESCRIPTOR outputBuffer = (PSTORAGE_ACCESS_ALIGNMENT_DESCRIPTOR) Irp->AssociatedIrp.SystemBuffer;
-
-									outputBuffer->Version = sizeof(STORAGE_ACCESS_ALIGNMENT_DESCRIPTOR);
-									outputBuffer->Size = sizeof(STORAGE_ACCESS_ALIGNMENT_DESCRIPTOR);
-									outputBuffer->BytesPerLogicalSector = Extension->BytesPerSector;
-									outputBuffer->BytesPerPhysicalSector = Extension->HostBytesPerPhysicalSector;
-									outputBuffer->BytesOffsetForSectorAlignment = Extension->BytesOffsetForSectorAlignment;
-									Irp->IoStatus.Status = STATUS_SUCCESS;
-									Irp->IoStatus.Information = sizeof (STORAGE_ACCESS_ALIGNMENT_DESCRIPTOR);
+									if (ValidateIOBufferSize (Irp, sizeof (STORAGE_ACCESS_ALIGNMENT_DESCRIPTOR), ValidateOutput))
+									{
+										PSTORAGE_ACCESS_ALIGNMENT_DESCRIPTOR outputBuffer = (PSTORAGE_ACCESS_ALIGNMENT_DESCRIPTOR) Irp->AssociatedIrp.SystemBuffer;
+
+										outputBuffer->Version = sizeof(STORAGE_ACCESS_ALIGNMENT_DESCRIPTOR);
+										outputBuffer->Size = sizeof(STORAGE_ACCESS_ALIGNMENT_DESCRIPTOR);
+										outputBuffer->BytesPerLogicalSector = Extension->BytesPerSector;
+										outputBuffer->BytesPerPhysicalSector = Extension->HostBytesPerPhysicalSector;
+										outputBuffer->BytesOffsetForSectorAlignment = Extension->BytesOffsetForSectorAlignment;
+										Irp->IoStatus.Status = STATUS_SUCCESS;
+										Irp->IoStatus.Information = sizeof (STORAGE_ACCESS_ALIGNMENT_DESCRIPTOR);
+									}
 								}
-							}
-							break;
+								break;
+						}
 					}
 				}
 			}
 		}
+		else
+			return TCCompleteIrp (Irp, STATUS_INVALID_DEVICE_REQUEST, 0);
 		
 		break;
 
@@ -3266,6 +3272,8 @@ NTSTATUS ReadRegistryConfigFlags (BOOL driverEntry)
 			}
 
 			EnableHwEncryption ((flags & TC_DRIVER_CONFIG_DISABLE_HARDWARE_ENCRYPTION) ? FALSE : TRUE);
+			
+			EnableExtendedIoctlSupport = (flags & TC_DRIVER_CONFIG_ENABLE_EXTENDED_IOCTL)? TRUE : FALSE;
 		}
 		else
 			status = STATUS_INVALID_PARAMETER;
diff --git a/src/Mount/Mount.c b/src/Mount/Mount.c
index 834ed198..84baea17 100644
--- a/src/Mount/Mount.c
+++ b/src/Mount/Mount.c
@@ -9884,6 +9884,7 @@ static BOOL CALLBACK PerformanceSettingsDlgProc (HWND hwndDlg, UINT msg, WPARAM
 
 			uint32 driverConfig = ReadDriverConfigurationFlags();
 			CheckDlgButton (hwndDlg, IDC_ENABLE_HARDWARE_ENCRYPTION, (driverConfig & TC_DRIVER_CONFIG_DISABLE_HARDWARE_ENCRYPTION) ? BST_UNCHECKED : BST_CHECKED);
+			CheckDlgButton (hwndDlg, IDC_ENABLE_EXTENDED_IOCTL_SUPPORT, (driverConfig & TC_DRIVER_CONFIG_ENABLE_EXTENDED_IOCTL) ? BST_CHECKED : BST_UNCHECKED);
 
 			SYSTEM_INFO sysInfo;
 			GetSystemInfo (&sysInfo);
@@ -9940,6 +9941,7 @@ static BOOL CALLBACK PerformanceSettingsDlgProc (HWND hwndDlg, UINT msg, WPARAM
 				}
 
 				BOOL disableHW = !IsDlgButtonChecked (hwndDlg, IDC_ENABLE_HARDWARE_ENCRYPTION);
+				BOOL enableExtendedIOCTL = IsDlgButtonChecked (hwndDlg, IDC_ENABLE_EXTENDED_IOCTL_SUPPORT);
 
 				try
 				{
@@ -9972,6 +9974,7 @@ static BOOL CALLBACK PerformanceSettingsDlgProc (HWND hwndDlg, UINT msg, WPARAM
 					}
 
 					SetDriverConfigurationFlag (TC_DRIVER_CONFIG_DISABLE_HARDWARE_ENCRYPTION, disableHW);
+					SetDriverConfigurationFlag (TC_DRIVER_CONFIG_ENABLE_EXTENDED_IOCTL, enableExtendedIOCTL);
 
 					DWORD bytesReturned;
 					if (!DeviceIoControl (hDriver, TC_IOCTL_REREAD_DRIVER_CONFIG, NULL, 0, NULL, 0, &bytesReturned, NULL))
diff --git a/src/Mount/Mount.rc b/src/Mount/Mount.rc
index 09a2b637..4d40c358 100644
--- a/src/Mount/Mount.rc
+++ b/src/Mount/Mount.rc
@@ -295,7 +295,7 @@ BEGIN
     LTEXT           "",IDC_CUSTOM_BOOT_LOADER_MESSAGE_HELP,18,74,337,73
 END
 
-IDD_PERFORMANCE_SETTINGS DIALOGEX 0, 0, 370, 206
+IDD_PERFORMANCE_SETTINGS DIALOGEX 0, 0, 370, 248
 STYLE DS_SETFONT | DS_MODALFRAME | DS_FIXEDSYS | DS_CENTER | WS_POPUP | WS_CAPTION | WS_SYSMENU
 CAPTION "VeraCrypt - Performance Options"
 FONT 8, "MS Shell Dlg", 400, 0, 0x1
@@ -308,13 +308,16 @@ BEGIN
                     "Button",BS_AUTOCHECKBOX | BS_TOP | WS_TABSTOP,18,103,283,11
     COMBOBOX        IDC_ENCRYPTION_FREE_CPU_COUNT,304,101,48,51,CBS_DROPDOWNLIST | WS_VSCROLL | WS_TABSTOP
     LTEXT           "More information",IDC_MORE_INFO_ON_THREAD_BASED_PARALLELIZATION,18,159,165,10,SS_NOTIFY
-    PUSHBUTTON      "&Benchmark",IDC_BENCHMARK,7,185,59,14
-    DEFPUSHBUTTON   "OK",IDOK,257,185,50,14
-    PUSHBUTTON      "Cancel",IDCANCEL,313,185,50,14
+    PUSHBUTTON      "&Benchmark",IDC_BENCHMARK,7,227,59,14
+    DEFPUSHBUTTON   "OK",IDOK,257,227,50,14
+    PUSHBUTTON      "Cancel",IDCANCEL,313,227,50,14
     LTEXT           "Processor (CPU) in this computer supports hardware acceleration for AES:",IDT_HW_AES_SUPPORTED_BY_CPU,18,23,273,9
     GROUPBOX        "Hardware Acceleration",IDT_ACCELERATION_OPTIONS,7,6,355,74
     GROUPBOX        "Thread-Based Parallelization",IDT_PARALLELIZATION_OPTIONS,7,84,355,93
     LTEXT           "",IDT_LIMIT_ENC_THREAD_POOL_NOTE,18,126,334,33
+    GROUPBOX        "Driver Configuration",IDT_DRIVER_OPTIONS,7,183,356,36
+    CONTROL         "Enable extended disk control codes support",IDC_ENABLE_EXTENDED_IOCTL_SUPPORT,
+                    "Button",BS_AUTOCHECKBOX | WS_TABSTOP,18,198,337,10
 END
 
 IDD_FAVORITE_VOLUMES DIALOGEX 0, 0, 380, 339
@@ -446,7 +449,7 @@ BEGIN
         LEFTMARGIN, 7
         RIGHTMARGIN, 363
         TOPMARGIN, 7
-        BOTTOMMARGIN, 199
+        BOTTOMMARGIN, 241
     END
 
     IDD_FAVORITE_VOLUMES, DIALOG
diff --git a/src/Mount/Resource.h b/src/Mount/Resource.h
index aeffde57..78642bf2 100644
--- a/src/Mount/Resource.h
+++ b/src/Mount/Resource.h
@@ -170,6 +170,8 @@
 #define IDC_SHOW_PIM                    1146
 #define IDC_FAVORITE_USE_LABEL_IN_EXPLORER 1147
 #define IDC_COPY_EXPANDER               1148
+#define IDT_DRIVER_OPTIONS              1149
+#define IDC_ENABLE_EXTENDED_IOCTL_SUPPORT 1150
 #define IDM_HELP                        40001
 #define IDM_ABOUT                       40002
 #define IDM_UNMOUNT_VOLUME              40003
@@ -245,7 +247,7 @@
 #define _APS_NO_MFC                     1
 #define _APS_NEXT_RESOURCE_VALUE        119
 #define _APS_NEXT_COMMAND_VALUE         40068
-#define _APS_NEXT_CONTROL_VALUE         1149
+#define _APS_NEXT_CONTROL_VALUE         1151
 #define _APS_NEXT_SYMED_VALUE           101
 #endif
 #endif
-- 
cgit v1.2.3