Windows: Add checks that the System Favorites service is running. Warn user if he enabled option to clear RAM encryption keys and the service is stopped.

src/Common/BootEncryption.cpp

@@ -4628,6 +4628,16 @@ namespace VeraCrypt
 
 		if (registerService)
 		{
+			// check if service already exists.
+			// If yes then start it immediatly after reinstalling it
+			bool bAlreadyExists = false;
+			SC_HANDLE service = OpenService (scm, TC_SYSTEM_FAVORITES_SERVICE_NAME, GENERIC_READ);
+			if (service)
+			{
+				bAlreadyExists = true;
+				CloseServiceHandle (service);
+			}
+
 			try
 			{
 				RegisterSystemFavoritesService (FALSE, noFileHandling);
@@ -4650,7 +4660,7 @@ namespace VeraCrypt
 				throw_sys_if (!CopyFile (appPath, servicePath.c_str(), FALSE));
 			}
 
-			SC_HANDLE service = CreateService (scm,
+			service = CreateService (scm,
 				TC_SYSTEM_FAVORITES_SERVICE_NAME,
 				_T(TC_APP_NAME) L" System Favorites",
 				SERVICE_ALL_ACCESS,
@@ -4670,6 +4680,10 @@ namespace VeraCrypt
 			description.lpDescription = L"Mounts VeraCrypt system favorite volumes.";
 			ChangeServiceConfig2 (service, SERVICE_CONFIG_DESCRIPTION, &description);
 
+			// start the service immediatly if it already existed before
+			if (bAlreadyExists)
+				StartService (service, 0, NULL);
+
 			CloseServiceHandle (service);
 
 			try
@@ -4711,6 +4725,30 @@ namespace VeraCrypt
 		}
 	}
 
+	bool BootEncryption::IsSystemFavoritesServiceRunning ()
+	{
+		bool bRet = false;
+		SC_HANDLE scm = OpenSCManager (NULL, NULL, SC_MANAGER_CONNECT);
+		if (scm)
+		{
+			SC_HANDLE service = OpenService(scm, TC_SYSTEM_FAVORITES_SERVICE_NAME, GENERIC_READ);
+			if (service)
+			{
+				SERVICE_STATUS status;
+				if (QueryServiceStatus(service, &status))
+				{
+					bRet = (status.dwCurrentState == SERVICE_RUNNING);
+				}
+
+				CloseServiceHandle(service);
+			}
+
+			CloseServiceHandle (scm);
+		}
+
+		return bRet;
+	}
+
 	void BootEncryption::UpdateSystemFavoritesService ()
 	{
 		SC_HANDLE scm = OpenSCManager (NULL, NULL, SC_MANAGER_ALL_ACCESS);

src/Common/BootEncryption.h

@@ -287,6 +287,7 @@ namespace VeraCrypt
 		void RegisterFilterDriver (bool registerDriver, FilterType filterType);
 		void RegisterSystemFavoritesService (BOOL registerService);
 		void RegisterSystemFavoritesService (BOOL registerService, BOOL noFileHandling);
+		bool IsSystemFavoritesServiceRunning ();
 		void UpdateSystemFavoritesService ();
 		void RenameDeprecatedSystemLoaderBackup ();
 		bool RestartComputer (BOOL bShutdown = FALSE);

src/Common/Dlgcode.c

@@ -11142,7 +11142,7 @@ void InconsistencyResolved (char *techInfo)
 }
 
 
-void ReportUnexpectedState (char *techInfo)
+void ReportUnexpectedState (const char *techInfo)
 {
 	wchar_t finalMsg[8024];
 

src/Common/Dlgcode.h

@@ -473,7 +473,7 @@ BOOL CALLBACK CloseTCWindowsEnum( HWND hwnd, LPARAM lParam);
 BOOL CALLBACK FindTCWindowEnum (HWND hwnd, LPARAM lParam);
 BYTE *MapResource (wchar_t *resourceType, int resourceId, PDWORD size);
 void InconsistencyResolved (char *msg);
-void ReportUnexpectedState (char *techInfo);
+void ReportUnexpectedState (const char *techInfo);
 BOOL SelectMultipleFiles (HWND hwndDlg, const char *stringId, wchar_t *lpszFileName, size_t cbFileName, BOOL keepHistory);
 BOOL SelectMultipleFilesNext (wchar_t *lpszFileName, size_t cbFileName);
 void OpenOnlineHelp ();

src/Mount/Favorites.cpp

@@ -260,6 +260,13 @@ namespace VeraCrypt
 								if (reqConfig != (ReadDriverConfigurationFlags() & TC_DRIVER_CONFIG_CACHE_BOOT_PASSWORD_FOR_SYS_FAVORITES))
 									BootEncObj.SetDriverConfigurationFlag (TC_DRIVER_CONFIG_CACHE_BOOT_PASSWORD_FOR_SYS_FAVORITES, reqConfig ? true : false);
 
+								if (!BootEncObj.IsSystemFavoritesServiceRunning())
+								{
+									// The system favorites service should be always running
+									// If it is stopped for some reason, we reconfigure it
+									BootEncObj.RegisterSystemFavoritesService (TRUE);
+								}
+
 								SetDriverConfigurationFlag (TC_DRIVER_CONFIG_DISABLE_NONADMIN_SYS_FAVORITES_ACCESS, IsDlgButtonChecked (hwndDlg, IDC_FAVORITE_DISABLE_HOTKEY));
 							}
 							catch (Exception &e)

src/Mount/Mount.c

@@ -11626,6 +11626,14 @@ static BOOL CALLBACK BootLoaderPreferencesDlgProc (HWND hwndDlg, UINT msg, WPARA
 				BOOL bClearKeysEnabled = (driverConfig & VC_DRIVER_CONFIG_CLEAR_KEYS_ON_NEW_DEVICE_INSERTION)? TRUE : FALSE;
 				BOOL bIsHiddenOS = IsHiddenOSRunning ();
 
+				if (bClearKeysEnabled)
+				{
+					// the clear keys option works only if the service is running
+					if (!BootEncObj->IsSystemFavoritesServiceRunning())
+						bClearKeysEnabled = false;
+				}
+
+
 				if (!BootEncObj->ReadBootSectorConfig (nullptr, 0, &userConfig, &customUserMessage, &bootLoaderVersion))
 				{
 					// operations canceled
@@ -11789,6 +11797,17 @@ static BOOL CALLBACK BootLoaderPreferencesDlgProc (HWND hwndDlg, UINT msg, WPARA
 					BOOL bPimCacheEnabled = IsDlgButtonChecked (hwndDlg, IDC_BOOT_LOADER_CACHE_PIM);
 					BOOL bBlockSysEncTrimEnabled = IsDlgButtonChecked (hwndDlg, IDC_BLOCK_SYSENC_TRIM);
 					BOOL bClearKeysEnabled = IsDlgButtonChecked (hwndDlg, IDC_CLEAR_KEYS_ON_NEW_DEVICE_INSERTION);
+
+					if (bClearKeysEnabled && !BootEncObj->IsSystemFavoritesServiceRunning())
+					{
+						// the system favorite service service should be running
+						// if it is not the case, report a failure and quit
+						std::string techInfo = SRC_POS;
+						techInfo += "\nIsSystemFavoritesServiceRunning = False.";
+						ReportUnexpectedState (techInfo.c_str());
+						return 1;
+					}
+
 					BootEncObj->WriteBootSectorUserConfig (userConfig, customUserMessage, prop.volumePim, prop.pkcs5);
 					SetDriverConfigurationFlag (TC_DRIVER_CONFIG_CACHE_BOOT_PASSWORD, bPasswordCacheEnabled);
 					SetDriverConfigurationFlag (TC_DRIVER_CONFIG_CACHE_BOOT_PIM, (bPasswordCacheEnabled && bPimCacheEnabled)? TRUE : FALSE);
@@ -11841,7 +11860,18 @@ static BOOL CALLBACK BootLoaderPreferencesDlgProc (HWND hwndDlg, UINT msg, WPARA
 		case IDC_CLEAR_KEYS_ON_NEW_DEVICE_INSERTION:
 			if (IsDlgButtonChecked (hwndDlg, IDC_CLEAR_KEYS_ON_NEW_DEVICE_INSERTION))
 			{
-				Warning ("CLEAR_KEYS_ON_DEVICE_INSERTION_WARNING", hwndDlg);
+				if (!BootEncObj->IsSystemFavoritesServiceRunning())
+				{
+					// the system favorite service service should be running
+					// if it is not the case, report a failure
+					std::string techInfo = SRC_POS;
+					techInfo += "\nIsSystemFavoritesServiceRunning = False.";
+					ReportUnexpectedState (techInfo.c_str());
+
+					CheckDlgButton (hwndDlg, IDC_CLEAR_KEYS_ON_NEW_DEVICE_INSERTION, BST_UNCHECKED);
+				}
+				else
+					Warning ("CLEAR_KEYS_ON_DEVICE_INSERTION_WARNING", hwndDlg);
 			}
 
 			break;