Public/VeraCrypt
1
0
Fork 0
mirror of https://github.com/veracrypt/VeraCrypt.git synced 2025-11-11 02:58:02 -06:00
Code Activity

Windows: Add registry setting to disable erasing encryption keys on Windows shutdown/reboot. This helps solve BSOD during shutdown/reboot on some machines.

Browse Source 
Under "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\veracrypt", create a REG_DWORD value named "VeraCryptEraseKeysShutdown" and set its value to 0.
This commit is contained in:
Mounir IDRASSI
2022-02-06 09:34:32 +01:00
parent 6f3fc5b9e3
commit c51a209879
5 changed files with 20 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
src/Common/Apidrvr.h
View File

@@ -420,6 +420,8 @@ typedef struct
#define VC_ENCRYPTION_ITEM_COUNT DRIVER_STR("VeraCryptEncryptionItemCount") #define VC_ENCRYPTION_ITEM_COUNT DRIVER_STR("VeraCryptEncryptionItemCount")
#define VC_ENCRYPTION_FRAGMENT_SIZE DRIVER_STR("VeraCryptEncryptionFragmentSize") #define VC_ENCRYPTION_FRAGMENT_SIZE DRIVER_STR("VeraCryptEncryptionFragmentSize")
#define VC_ERASE_KEYS_SHUTDOWN DRIVER_STR("VeraCryptEraseKeysShutdown")
// WARNING: Modifying the following values can introduce incompatibility with previous versions. // WARNING: Modifying the following values can introduce incompatibility with previous versions.
#define TC_DRIVER_CONFIG_CACHE_BOOT_PASSWORD 0x1 #define TC_DRIVER_CONFIG_CACHE_BOOT_PASSWORD 0x1
#define TC_DRIVER_CONFIG_CACHE_BOOT_PASSWORD_FOR_SYS_FAVORITES 0x2 #define TC_DRIVER_CONFIG_CACHE_BOOT_PASSWORD_FOR_SYS_FAVORITES 0x2

1
src/Driver/DriveFilter.c
View File

@@ -988,6 +988,7 @@ static NTSTATUS DispatchPower (PDEVICE_OBJECT DeviceObject, PIRP Irp, DriveFilte
// Dismount the system drive on shutdown on Windows 7 and later // Dismount the system drive on shutdown on Windows 7 and later
if (DriverShuttingDown if (DriverShuttingDown
&& EraseKeysOnShutdown
&& IsOSAtLeast (WIN_7) && IsOSAtLeast (WIN_7)
&& Extension->BootDrive && Extension->BootDrive
&& Extension->DriveMounted && Extension->DriveMounted

4
src/Driver/Driver.rc
View File

@@ -27,8 +27,8 @@ LANGUAGE LANG_ENGLISH, SUBLANG_ENGLISH_US
// //
VS_VERSION_INFO VERSIONINFO VS_VERSION_INFO VERSIONINFO
FILEVERSION 1,25,6,1 FILEVERSION 1,25,8,0
PRODUCTVERSION 1,25,6,1 PRODUCTVERSION 1,25,8,0
FILEFLAGSMASK 0x17L FILEFLAGSMASK 0x17L
#ifdef _DEBUG #ifdef _DEBUG
FILEFLAGS 0x1L FILEFLAGS 0x1L

14
src/Driver/Ntdriver.c
View File

@@ -135,6 +135,7 @@ BOOL CacheBootPim = FALSE;
BOOL NonAdminSystemFavoritesAccessDisabled = FALSE; BOOL NonAdminSystemFavoritesAccessDisabled = FALSE;
BOOL BlockSystemTrimCommand = FALSE; BOOL BlockSystemTrimCommand = FALSE;
BOOL AllowWindowsDefrag = FALSE; BOOL AllowWindowsDefrag = FALSE;
BOOL EraseKeysOnShutdown = TRUE; // by default, we erase encryption keys on system shutdown
static size_t EncryptionThreadPoolFreeCpuCountLimit = 0; static size_t EncryptionThreadPoolFreeCpuCountLimit = 0;
static BOOL SystemFavoriteVolumeDirty = FALSE; static BOOL SystemFavoriteVolumeDirty = FALSE;
static BOOL PagingFileCreationPrevented = FALSE; static BOOL PagingFileCreationPrevented = FALSE;
@@ -4856,6 +4857,19 @@ NTSTATUS ReadRegistryConfigFlags (BOOL driverEntry)
} }
if (driverEntry && NT_SUCCESS (TCReadRegistryKey (&name, VC_ERASE_KEYS_SHUTDOWN, &data)))
{
if (data->Type == REG_DWORD)
{
if (*((uint32 *) data->Data))
EraseKeysOnShutdown = TRUE;
else
EraseKeysOnShutdown = FALSE;
}
TCfree (data);
}
return status; return status;
} }

1
src/Driver/Ntdriver.h
View File

@@ -128,6 +128,7 @@ extern BOOL AllowWindowsDefrag;
extern int EncryptionIoRequestCount; extern int EncryptionIoRequestCount;
extern int EncryptionItemCount; extern int EncryptionItemCount;
extern int EncryptionFragmentSize; extern int EncryptionFragmentSize;
extern BOOL EraseKeysOnShutdown;
/* Helper macro returning x seconds in units of 100 nanoseconds */ /* Helper macro returning x seconds in units of 100 nanoseconds */
#define WAIT_SECONDS(x) ((x)*10000000) #define WAIT_SECONDS(x) ((x)*10000000)