From f9782fb3f6393b967d2997feff85d59c01a7db80 Mon Sep 17 00:00:00 2001 From: Mounir IDRASSI Date: Tue, 21 Jul 2020 10:59:44 +0200 Subject: Windows: Implement detection of Hibernate and Fast Startup and disable them if RAM encryption is activated. --- src/Common/Dlgcode.c | 73 +++++++++++++++++++++++++++++++++++++++++++++++++ src/Common/Dlgcode.h | 1 + src/Common/Language.xml | 1 + src/Mount/Mount.c | 37 +++++++++++++++++++++++++ 4 files changed, 112 insertions(+) (limited to 'src') diff --git a/src/Common/Dlgcode.c b/src/Common/Dlgcode.c index 0203a931..7a4f473e 100644 --- a/src/Common/Dlgcode.c +++ b/src/Common/Dlgcode.c @@ -14896,3 +14896,76 @@ void PasswordEditDropTarget::GotDrop(CLIPFORMAT format) } } + +/* + * Query the status of Hibernate and Fast Startup + */ + +typedef BOOLEAN (WINAPI *GetPwrCapabilitiesFn)( + PSYSTEM_POWER_CAPABILITIES lpspc +); + +BOOL GetHibernateStatus (BOOL& bHibernateEnabled, BOOL& bHiberbootEnabled) +{ + wchar_t szPowrProfPath[MAX_PATH] = {0}; + HMODULE hPowrProf = NULL; + BOOL bResult = FALSE; + + bHibernateEnabled = bHiberbootEnabled = FALSE; + + if (GetSystemDirectory(szPowrProfPath, MAX_PATH)) + StringCchCatW (szPowrProfPath, MAX_PATH, L"\\PowrProf.dll"); + else + StringCchCopyW (szPowrProfPath, MAX_PATH, L"C:\\Windows\\System32\\PowrProf.dll"); + + hPowrProf = LoadLibrary (szPowrProfPath); + if (hPowrProf) + { + GetPwrCapabilitiesFn GetPwrCapabilitiesPtr = (GetPwrCapabilitiesFn) GetProcAddress (hPowrProf, "GetPwrCapabilities"); + if ( GetPwrCapabilitiesPtr) + { + SYSTEM_POWER_CAPABILITIES spc; + BOOLEAN bRet = GetPwrCapabilitiesPtr (&spc); + if (bRet) + { + DWORD dwHibernateEnabled = 0; + DWORD dwHiberbootEnabled = 0; + + if (spc.SystemS4) + { + dwHibernateEnabled = 1; + if(!ReadLocalMachineRegistryDword (L"SYSTEM\\CurrentControlSet\\Control\\Power", L"HibernateEnabled", &dwHibernateEnabled)) + { + // starting from Windows 10 1809 (Build 17763), HibernateEnabledDefault is used when HibernateEnabled is absent + if (IsOSVersionAtLeast (WIN_10, 0) && CurrentOSBuildNumber >= 17763) + ReadLocalMachineRegistryDword (L"SYSTEM\\CurrentControlSet\\Control\\Power", L"HibernateEnabledDefault", &dwHibernateEnabled); + } + } + + // check if Fast Startup / Hybrid Boot is enabled + if (IsOSVersionAtLeast (WIN_8, 0) && spc.spare2[0]) + { + dwHiberbootEnabled = 1; + ReadLocalMachineRegistryDword (L"SYSTEM\\CurrentControlSet\\Control\\Session Manager\\Power", L"HiberbootEnabled", &dwHiberbootEnabled); + } + + if (dwHibernateEnabled) + bHibernateEnabled = TRUE; + else + bHibernateEnabled = FALSE; + + if (dwHiberbootEnabled) + bHiberbootEnabled = TRUE; + else + bHiberbootEnabled = FALSE; + + bResult = TRUE; + } + } + + FreeLibrary (hPowrProf); + } + + return bResult; +} + diff --git a/src/Common/Dlgcode.h b/src/Common/Dlgcode.h index 52d94f10..2378aeb8 100644 --- a/src/Common/Dlgcode.h +++ b/src/Common/Dlgcode.h @@ -745,6 +745,7 @@ public: DWORD GotEnter(void); }; +BOOL GetHibernateStatus (BOOL& bHibernateEnabled, BOOL& bHiberbootEnabled); #endif // __cplusplus diff --git a/src/Common/Language.xml b/src/Common/Language.xml index 0545996c..cc12e8b7 100644 --- a/src/Common/Language.xml +++ b/src/Common/Language.xml @@ -1444,6 +1444,7 @@ Force machine to boot on VeraCrypt in the next startup Force the presence of VeraCrypt entry in the EFI firmware boot menu Force VeraCrypt entry to be the first in the EFI firmware boot menu + WARNING: RAM encryption is not compatible with Windows Hibernate and Windows Fast Startup features. VeraCrypt needs to disable them before activating RAM encryption.\n\nContinue? diff --git a/src/Mount/Mount.c b/src/Mount/Mount.c index 7d4fa81b..ff66fab5 100644 --- a/src/Mount/Mount.c +++ b/src/Mount/Mount.c @@ -11462,7 +11462,26 @@ static BOOL CALLBACK PerformanceSettingsDlgProc (HWND hwndDlg, UINT msg, WPARAM { BOOL originalRamEncryptionEnabled = (driverConfig & VC_DRIVER_CONFIG_ENABLE_RAM_ENCRYPTION)? TRUE : FALSE; if (originalRamEncryptionEnabled != enableRamEncryption) + { + if (enableRamEncryption) + { + // Disable Hibernate and Fast Startup if they are enabled + BOOL bHibernateEnabled, bHiberbootEnabled; + if (GetHibernateStatus (bHibernateEnabled, bHiberbootEnabled)) + { + if (bHibernateEnabled) + { + BootEncObj->WriteLocalMachineRegistryDwordValue (L"SYSTEM\\CurrentControlSet\\Control\\Power", L"HibernateEnabled", 0); + } + + if (bHiberbootEnabled) + { + BootEncObj->WriteLocalMachineRegistryDwordValue (L"SYSTEM\\CurrentControlSet\\Control\\Session Manager\\Power", L"HiberbootEnabled", 0); + } + } + } rebootRequired = true; + } SetDriverConfigurationFlag (VC_DRIVER_CONFIG_ENABLE_RAM_ENCRYPTION, enableRamEncryption); } @@ -11538,7 +11557,25 @@ static BOOL CALLBACK PerformanceSettingsDlgProc (HWND hwndDlg, UINT msg, WPARAM BOOL enableRamEncryption = IsDlgButtonChecked (hwndDlg, IDC_ENABLE_RAM_ENCRYPTION); if (originalRamEncryptionEnabled != enableRamEncryption) + { + if (enableRamEncryption) + { + // check if Hibernate or Fast Startup are enabled + BOOL bHibernateEnabled, bHiberbootEnabled; + if (GetHibernateStatus (bHibernateEnabled, bHiberbootEnabled)) + { + if (bHibernateEnabled || bHiberbootEnabled) + { + if (AskWarnYesNo ("RAM_ENCRYPTION_DISABLE_HIBERNATE", hwndDlg) == IDNO) + { + CheckDlgButton (hwndDlg, IDC_ENABLE_RAM_ENCRYPTION, BST_UNCHECKED); + return 1; + } + } + } + } Warning ("SETTING_REQUIRES_REBOOT", hwndDlg); + } } return 1; -- cgit v1.2.3