Public/VeraCrypt
1
0
Fork 0
mirror of https://github.com/veracrypt/VeraCrypt.git synced 2026-06-09 22:36:59 -05:00
Code Activity

Windows: Add CLI switches to control memory/screen protection features. Disable non-configurable settings in portable mode

Browse Source
This commit is contained in:
Mounir IDRASSI
2025-06-24 15:48:01 +09:00
parent c1dbcb32e6
commit 5627e7a738
6 changed files with 263 additions and 43 deletions
Download Patch File Download Diff File Expand all files Collapse all files
src/Common/Dlgcode.c
+6 -16
View File
@@ -220,6 +220,7 @@ BOOL EMVSupportEnabled = FALSE;
volatile BOOL NeedPeriodicDeviceListUpdate = FALSE;
BOOL DisablePeriodicDeviceListUpdate = FALSE;
BOOL EnableMemoryProtection = FALSE;
BOOL EnableScreenProtection = FALSE;
BOOL MemoryProtectionActivated = FALSE;
@@ -3697,11 +3698,9 @@ extern "C" {
ActivateProcessMitigations();
#ifndef SETUP
// call ActivateMemoryProtection if corresponding setting has been enabled (default is enabled)
if (ReadMemoryProtectionConfig())
{
ActivateMemoryProtection();
}
// initiaize memory protection and screen protection settings using the registry
EnableMemoryProtection = ReadMemoryProtectionConfig();
EnableScreenProtection = ReadScreenProtectionConfig();
#endif
return wWinMainCRTStartup();
}
@@ -16201,8 +16200,6 @@ cleanup:
#include <map>
#include <mutex>
static std::once_flag g_configOnce; // ensures one-time read
static std::atomic_bool g_screenProtectionEnabled; // readonly after init
static thread_local HHOOK g_cbtHook = nullptr; // one per thread
static thread_local int g_protectionRefCount = 0;
@@ -16210,17 +16207,10 @@ std::map<HWND, WNDPROC> g_MenuWndProcs;
std::map<HWND, bool> g_Initialized;
std::mutex g_MenuMutex;
static void InitScreenProtectionFlag()
{
// Runs exactly once thanks to std::call_once
BOOL enabled = ReadScreenProtectionConfig();
g_screenProtectionEnabled.store(enabled, std::memory_order_release);
}
static bool IsScreenProtectionEnabled()
{
std::call_once(g_configOnce, InitScreenProtectionFlag);
return g_screenProtectionEnabled.load(std::memory_order_acquire);
// EnableScreenProtection is populated at startup based on registry settings and command line options
return EnableScreenProtection? true: false;
}
src/Common/Dlgcode.h
+1
View File
@@ -174,6 +174,7 @@ extern BOOL EMVSupportEnabled;
extern volatile BOOL NeedPeriodicDeviceListUpdate;
extern BOOL DisablePeriodicDeviceListUpdate;
extern BOOL EnableMemoryProtection;
extern BOOL EnableScreenProtection;
#ifndef SETUP
extern BOOL bLanguageSetInSetup;