Public/VeraCrypt
1
0
Fork 0
mirror of https://github.com/veracrypt/VeraCrypt.git synced 2025-11-11 11:08:02 -06:00
Code Activity

Windows Driver: erase system encryption keys from memory during shutdown/reboot to help mitigate some cold boot attacks

Browse Source
This commit is contained in:
Mounir IDRASSI
2019-01-09 00:15:51 +01:00
parent 11f0b99846
commit 7c2cf7889f
1 changed files with 2 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
src/Driver/DriveFilter.c
View File

@@ -917,8 +917,9 @@ static NTSTATUS DispatchPower (PDEVICE_OBJECT DeviceObject, PIRP Irp, DriveFilte
while (SendDeviceIoControlRequest (RootDeviceObject, TC_IOCTL_ABORT_BOOT_ENCRYPTION_SETUP, NULL, 0, NULL, 0) == STATUS_INSUFFICIENT_RESOURCES); while (SendDeviceIoControlRequest (RootDeviceObject, TC_IOCTL_ABORT_BOOT_ENCRYPTION_SETUP, NULL, 0, NULL, 0) == STATUS_INSUFFICIENT_RESOURCES);
} }
#if 0 // Dismount of the system drive is disabled until there is a way to do it without causing system errors (see the documentation for more info) // Dismount the system drive on shutdown on Windows 7 and later
if (DriverShuttingDown if (DriverShuttingDown
&& IsOSAtLeast (WIN_7)
&& Extension->BootDrive && Extension->BootDrive
&& Extension->DriveMounted && Extension->DriveMounted
&& irpSp->MinorFunction == IRP_MN_SET_POWER && irpSp->MinorFunction == IRP_MN_SET_POWER
@@ -926,7 +927,6 @@ static NTSTATUS DispatchPower (PDEVICE_OBJECT DeviceObject, PIRP Irp, DriveFilte
{ {
DismountDrive (Extension, TRUE); DismountDrive (Extension, TRUE);
} }
#endif // 0
PoStartNextPowerIrp (Irp); PoStartNextPowerIrp (Irp);