Public/VeraCrypt
1
0
Fork 0
mirror of https://github.com/veracrypt/VeraCrypt.git synced 2025-11-12 11:28:26 -06:00
Code Activity

Normalize all line terminators

Browse Source
This commit is contained in:
David Foerster
2016-05-10 20:20:14 +02:00
parent 98b04198c6
commit fc37cc4a02
297 changed files with 202290 additions and 202290 deletions
Download Patch File Download Diff File Expand all files Collapse all files

332
src/Driver/BuildDriver.cmd
View File

@@ -1,166 +1,166 @@
::
:: Derived from source code of TrueCrypt 7.1a, which is
:: Copyright (c) 2008-2012 TrueCrypt Developers Association and which is governed
:: by the TrueCrypt License 3.0.
::
:: Modifications and additions to the original source code (contained in this file)
:: and all other portions of this file are Copyright (c) 2013-2016 IDRIX
:: and are governed by the Apache License 2.0 the full text of which is
:: contained in the file License.txt included in VeraCrypt binary and source
:: code distribution packages.
::
:: Usage: BuildDriver <-build|-rebuild|-clean> <-release|-debug> <-x86|-x64> <dir1> [dir2] ...
@echo off
set TC_ARG_CMD=%~1
shift
set TC_ARG_TYPE=%~1
shift
set TC_ARG_ARCH=%~1
shift
:: Windows Driver Kit build number
set TC_WINDDK_BUILD=7600.16385.1
:: Check for spaces in the current directory path
cd | find " " >NUL:
if %ERRORLEVEL% == 0 (
echo BuildDriver.cmd: error: MS Build does not support building of projects stored in a path containing spaces. >&2
exit /B 1
)
:: Build options
set TC_C_DEFINES=-D_WIN32 -DTC_WINDOWS_DRIVER
set TC_C_FLAGS=-nologo -I..
set TC_C_WARNING_LEVEL=-W4
set TC_C_DISABLED_WARNINGS=-wd4057 -wd4100 -wd4127 -wd4152 -wd4201 -wd4701 -wd4702 -wd4706
set TC_LIBRARIAN_FLAGS=-nologo
set TC_LINKER_FLAGS=-nologo
set TC_TEST_SIGN=0
:: Windows Driver Kit root
set TC_WINDDK_ROOT=%SYSTEMDRIVE%\WinDDK\%TC_WINDDK_BUILD%
if exist "%TC_WINDDK_ROOT%\bin\setenv.bat" goto ddk_found
set TC_WINDDK_ROOT=%WINDDK_ROOT%\%TC_WINDDK_BUILD%
if exist "%TC_WINDDK_ROOT%\bin\setenv.bat" goto ddk_found
set TC_WINDDK_ROOT=%WINDDK_ROOT%
if exist "%TC_WINDDK_ROOT%\bin\setenv.bat" goto ddk_found
echo BuildDriver.cmd: error: Windows Driver Development Kit not found in the default directory. Set WINDDK_ROOT environment variable to point to your Windows DDK installation directory. >&2
exit /B 1
:ddk_found
:: CPU architecture
if "%TC_ARG_ARCH%"=="-x64" (
set TC_BUILD_ARCH=x64 WNET
set TC_BUILD_ARCH_DIR=amd64
set TC_ARCH=x64
set TC_ARCH_SUFFIX=-x64
set TC_C_DISABLED_WARNINGS=%TC_C_DISABLED_WARNINGS% -wd4328 -wd4366
set TC_LINKER_FLAGS=%TC_LINKER_FLAGS% -LTCG
if defined TC_KERNEL_TEST_CERTIFICATE_NAME set TC_TEST_SIGN=1
) else (
set TC_BUILD_ARCH=WXP
set TC_BUILD_ARCH_DIR=i386
set TC_ARCH=x86
set TC_ARCH_SUFFIX=
)
:: Build type
if "%TC_ARG_TYPE%"=="-debug" (
set TC_BUILD_TYPE=chk
set TC_C_DEFINES=%TC_C_DEFINES% -DDEBUG -D_DEBUG
set TC_BUILD_ALT_DIR=_driver_debug
set TC_COPY_DIR="..\Debug"
) else (
set TC_BUILD_TYPE=fre
set TC_BUILD_ALT_DIR=_driver_release
set TC_COPY_DIR="..\Release"
set TC_TEST_SIGN=0
)
:: WDK environment
pushd .
call %TC_WINDDK_ROOT%\bin\setenv %TC_WINDDK_ROOT% %TC_BUILD_TYPE% %TC_BUILD_ARCH% no_oacr || exit /B %errorlevel%
popd
:: Build
if "%TC_ARG_CMD%"=="-rebuild" (set TC_BUILD_OPTS=-c -Z)
pushd .
:build_dirs
if "%~1"=="" goto done
cd /D "%~1" || exit /B %errorlevel%
if "%TC_ARG_CMD%"=="-clean" (
rd /s /q obj%TC_BUILD_ALT_DIR%\%TC_BUILD_ARCH_DIR% 2>NUL:
rd /q obj%TC_BUILD_ALT_DIR% 2>NUL:
) else (
set USER_C_FLAGS=%TC_C_FLAGS% %TC_C_DISABLED_WARNINGS% -FAcs -Fa%~1\obj%TC_BUILD_ALT_DIR%\%TC_BUILD_ARCH_DIR%\
set MSC_WARNING_LEVEL=%TC_C_WARNING_LEVEL%
set C_DEFINES=%TC_C_DEFINES%
set RCOPTIONS=/I %MFC_INC_PATH%
set LIBRARIAN_FLAGS=%TC_LIBRARIAN_FLAGS%
set LINKER_FLAGS=%TC_LINKER_FLAGS%
set BUILD_ALT_DIR=%TC_BUILD_ALT_DIR%
build %TC_BUILD_OPTS% -w -nmake /S -nmake /C 2>build_errors.log 1>&2
if errorlevel 1 (
type build_errors.log
type build_errors_asm.log 2>NUL:
exit /B 1
)
del /q build_errors.log build_errors_asm.log build%BUILD_ALT_DIR%.* 2>NUL:
)
shift
goto build_dirs
:done
popd
if "%TC_ARG_CMD%"=="-clean" exit /B 0
md "%TC_COPY_DIR%\Setup Files" >NUL: 2>NUL:
copy /B /Y obj%TC_BUILD_ALT_DIR%\%TC_BUILD_ARCH_DIR%\veracrypt.sys "%TC_COPY_DIR%\Setup Files\veracrypt%TC_ARCH_SUFFIX%.sys" >NUL:
if errorlevel 1 (
echo BuildDriver.cmd: error: Cannot copy target. >&2
exit /B 1
)
if %TC_TEST_SIGN% equ 1 (
signtool sign /s "%TC_KERNEL_TEST_CERTIFICATE_STORE%" /n "%TC_KERNEL_TEST_CERTIFICATE_NAME%" "%TC_COPY_DIR%\Setup Files\veracrypt%TC_ARCH_SUFFIX%.sys" >NUL:
if errorlevel 1 (
echo BuildDriver.cmd: error: Cannot test-sign target. >&2
exit /B 1
)
)
exit /B 0
::
:: Derived from source code of TrueCrypt 7.1a, which is
:: Copyright (c) 2008-2012 TrueCrypt Developers Association and which is governed
:: by the TrueCrypt License 3.0.
::
:: Modifications and additions to the original source code (contained in this file)
:: and all other portions of this file are Copyright (c) 2013-2016 IDRIX
:: and are governed by the Apache License 2.0 the full text of which is
:: contained in the file License.txt included in VeraCrypt binary and source
:: code distribution packages.
::
:: Usage: BuildDriver <-build|-rebuild|-clean> <-release|-debug> <-x86|-x64> <dir1> [dir2] ...
@echo off
set TC_ARG_CMD=%~1
shift
set TC_ARG_TYPE=%~1
shift
set TC_ARG_ARCH=%~1
shift
:: Windows Driver Kit build number
set TC_WINDDK_BUILD=7600.16385.1
:: Check for spaces in the current directory path
cd | find " " >NUL:
if %ERRORLEVEL% == 0 (
echo BuildDriver.cmd: error: MS Build does not support building of projects stored in a path containing spaces. >&2
exit /B 1
)
:: Build options
set TC_C_DEFINES=-D_WIN32 -DTC_WINDOWS_DRIVER
set TC_C_FLAGS=-nologo -I..
set TC_C_WARNING_LEVEL=-W4
set TC_C_DISABLED_WARNINGS=-wd4057 -wd4100 -wd4127 -wd4152 -wd4201 -wd4701 -wd4702 -wd4706
set TC_LIBRARIAN_FLAGS=-nologo
set TC_LINKER_FLAGS=-nologo
set TC_TEST_SIGN=0
:: Windows Driver Kit root
set TC_WINDDK_ROOT=%SYSTEMDRIVE%\WinDDK\%TC_WINDDK_BUILD%
if exist "%TC_WINDDK_ROOT%\bin\setenv.bat" goto ddk_found
set TC_WINDDK_ROOT=%WINDDK_ROOT%\%TC_WINDDK_BUILD%
if exist "%TC_WINDDK_ROOT%\bin\setenv.bat" goto ddk_found
set TC_WINDDK_ROOT=%WINDDK_ROOT%
if exist "%TC_WINDDK_ROOT%\bin\setenv.bat" goto ddk_found
echo BuildDriver.cmd: error: Windows Driver Development Kit not found in the default directory. Set WINDDK_ROOT environment variable to point to your Windows DDK installation directory. >&2
exit /B 1
:ddk_found
:: CPU architecture
if "%TC_ARG_ARCH%"=="-x64" (
set TC_BUILD_ARCH=x64 WNET
set TC_BUILD_ARCH_DIR=amd64
set TC_ARCH=x64
set TC_ARCH_SUFFIX=-x64
set TC_C_DISABLED_WARNINGS=%TC_C_DISABLED_WARNINGS% -wd4328 -wd4366
set TC_LINKER_FLAGS=%TC_LINKER_FLAGS% -LTCG
if defined TC_KERNEL_TEST_CERTIFICATE_NAME set TC_TEST_SIGN=1
) else (
set TC_BUILD_ARCH=WXP
set TC_BUILD_ARCH_DIR=i386
set TC_ARCH=x86
set TC_ARCH_SUFFIX=
)
:: Build type
if "%TC_ARG_TYPE%"=="-debug" (
set TC_BUILD_TYPE=chk
set TC_C_DEFINES=%TC_C_DEFINES% -DDEBUG -D_DEBUG
set TC_BUILD_ALT_DIR=_driver_debug
set TC_COPY_DIR="..\Debug"
) else (
set TC_BUILD_TYPE=fre
set TC_BUILD_ALT_DIR=_driver_release
set TC_COPY_DIR="..\Release"
set TC_TEST_SIGN=0
)
:: WDK environment
pushd .
call %TC_WINDDK_ROOT%\bin\setenv %TC_WINDDK_ROOT% %TC_BUILD_TYPE% %TC_BUILD_ARCH% no_oacr || exit /B %errorlevel%
popd
:: Build
if "%TC_ARG_CMD%"=="-rebuild" (set TC_BUILD_OPTS=-c -Z)
pushd .
:build_dirs
if "%~1"=="" goto done
cd /D "%~1" || exit /B %errorlevel%
if "%TC_ARG_CMD%"=="-clean" (
rd /s /q obj%TC_BUILD_ALT_DIR%\%TC_BUILD_ARCH_DIR% 2>NUL:
rd /q obj%TC_BUILD_ALT_DIR% 2>NUL:
) else (
set USER_C_FLAGS=%TC_C_FLAGS% %TC_C_DISABLED_WARNINGS% -FAcs -Fa%~1\obj%TC_BUILD_ALT_DIR%\%TC_BUILD_ARCH_DIR%\
set MSC_WARNING_LEVEL=%TC_C_WARNING_LEVEL%
set C_DEFINES=%TC_C_DEFINES%
set RCOPTIONS=/I %MFC_INC_PATH%
set LIBRARIAN_FLAGS=%TC_LIBRARIAN_FLAGS%
set LINKER_FLAGS=%TC_LINKER_FLAGS%
set BUILD_ALT_DIR=%TC_BUILD_ALT_DIR%
build %TC_BUILD_OPTS% -w -nmake /S -nmake /C 2>build_errors.log 1>&2
if errorlevel 1 (
type build_errors.log
type build_errors_asm.log 2>NUL:
exit /B 1
)
del /q build_errors.log build_errors_asm.log build%BUILD_ALT_DIR%.* 2>NUL:
)
shift
goto build_dirs
:done
popd
if "%TC_ARG_CMD%"=="-clean" exit /B 0
md "%TC_COPY_DIR%\Setup Files" >NUL: 2>NUL:
copy /B /Y obj%TC_BUILD_ALT_DIR%\%TC_BUILD_ARCH_DIR%\veracrypt.sys "%TC_COPY_DIR%\Setup Files\veracrypt%TC_ARCH_SUFFIX%.sys" >NUL:
if errorlevel 1 (
echo BuildDriver.cmd: error: Cannot copy target. >&2
exit /B 1
)
if %TC_TEST_SIGN% equ 1 (
signtool sign /s "%TC_KERNEL_TEST_CERTIFICATE_STORE%" /n "%TC_KERNEL_TEST_CERTIFICATE_NAME%" "%TC_COPY_DIR%\Setup Files\veracrypt%TC_ARCH_SUFFIX%.sys" >NUL:
if errorlevel 1 (
echo BuildDriver.cmd: error: Cannot test-sign target. >&2
exit /B 1
)
)
exit /B 0

4306
src/Driver/DriveFilter.c
View File

File diff suppressed because it is too large Load Diff

180
src/Driver/DriveFilter.h
View File

@@ -1,90 +1,90 @@
/*
Derived from source code of TrueCrypt 7.1a, which is
Copyright (c) 2008-2012 TrueCrypt Developers Association and which is governed
by the TrueCrypt License 3.0.
Modifications and additions to the original source code (contained in this file)
and all other portions of this file are Copyright (c) 2013-2016 IDRIX
and are governed by the Apache License 2.0 the full text of which is
contained in the file License.txt included in VeraCrypt binary and source
code distribution packages.
*/
#ifndef TC_HEADER_DRIVER_DRIVE_FILTER
#define TC_HEADER_DRIVER_DRIVE_FILTER
#include "TCdefs.h"
#include "Boot/Windows/BootCommon.h"
#include "EncryptedIoQueue.h"
typedef struct _DriveFilterExtension
{
BOOL bRootDevice;
BOOL IsVolumeDevice;
BOOL IsDriveFilterDevice;
BOOL IsVolumeFilterDevice;
uint64 MagicNumber;
PDEVICE_OBJECT DeviceObject;
PDEVICE_OBJECT LowerDeviceObject;
PDEVICE_OBJECT Pdo;
ULONG SystemStorageDeviceNumber;
BOOL SystemStorageDeviceNumberValid;
int64 ConfiguredEncryptedAreaStart;
int64 ConfiguredEncryptedAreaEnd;
uint32 VolumeHeaderSaltCrc32;
EncryptedIoQueue Queue;
BOOL BootDrive;
BOOL VolumeHeaderPresent;
BOOL DriveMounted;
KEVENT MountWorkItemCompletedEvent;
CRYPTO_INFO *HeaderCryptoInfo;
BOOL HiddenSystem;
} DriveFilterExtension;
#define TC_BOOT_DRIVE_FILTER_EXTENSION_MAGIC_NUMBER 0x5645524142455854
extern BOOL BootArgsValid;
extern BootArguments BootArgs;
extern PKTHREAD EncryptionSetupThread;
extern PKTHREAD DecoySystemWipeThread;
NTSTATUS AbortBootEncryptionSetup ();
NTSTATUS DriveFilterAddDevice (PDRIVER_OBJECT driverObject, PDEVICE_OBJECT pdo);
NTSTATUS DriveFilterDispatchIrp (PDEVICE_OBJECT DeviceObject, PIRP Irp);
void GetBootDriveVolumeProperties (PIRP irp, PIO_STACK_LOCATION irpSp);
void GetBootEncryptionAlgorithmName (PIRP irp, PIO_STACK_LOCATION irpSp);
void GetBootEncryptionStatus (PIRP irp, PIO_STACK_LOCATION irpSp);
void GetBootLoaderVersion (PIRP irp, PIO_STACK_LOCATION irpSp);
void GetBootLoaderFingerprint (PIRP irp, PIO_STACK_LOCATION irpSp);
NTSTATUS GetSetupResult ();
DriveFilterExtension *GetBootDriveFilterExtension ();
CRYPTO_INFO *GetSystemDriveCryptoInfo ();
BOOL IsBootDriveMounted ();
BOOL IsBootEncryptionSetupInProgress ();
BOOL IsHiddenSystemRunning ();
NTSTATUS LoadBootArguments ();
static NTSTATUS SaveDriveVolumeHeader (DriveFilterExtension *Extension);
NTSTATUS StartBootEncryptionSetup (PDEVICE_OBJECT DeviceObject, PIRP irp, PIO_STACK_LOCATION irpSp);
void ReopenBootVolumeHeader (PIRP irp, PIO_STACK_LOCATION irpSp);
NTSTATUS StartDecoySystemWipe (PDEVICE_OBJECT DeviceObject, PIRP irp, PIO_STACK_LOCATION irpSp);
void StartLegacyHibernationDriverFilter ();
NTSTATUS AbortDecoySystemWipe ();
BOOL IsDecoySystemWipeInProgress();
NTSTATUS GetDecoySystemWipeResult();
void GetDecoySystemWipeStatus (PIRP irp, PIO_STACK_LOCATION irpSp);
uint64 GetBootDriveLength ();
NTSTATUS WriteBootDriveSector (PIRP irp, PIO_STACK_LOCATION irpSp);
#define TC_ENCRYPTION_SETUP_IO_BLOCK_SIZE (1536 * 1024)
#define TC_ENCRYPTION_SETUP_HEADER_UPDATE_THRESHOLD (64 * 1024 * 1024)
#define TC_HIBERNATION_WRITE_BUFFER_SIZE (128 * 1024)
#endif // TC_HEADER_DRIVER_DRIVE_FILTER
/*
Derived from source code of TrueCrypt 7.1a, which is
Copyright (c) 2008-2012 TrueCrypt Developers Association and which is governed
by the TrueCrypt License 3.0.
Modifications and additions to the original source code (contained in this file)
and all other portions of this file are Copyright (c) 2013-2016 IDRIX
and are governed by the Apache License 2.0 the full text of which is
contained in the file License.txt included in VeraCrypt binary and source
code distribution packages.
*/
#ifndef TC_HEADER_DRIVER_DRIVE_FILTER
#define TC_HEADER_DRIVER_DRIVE_FILTER
#include "TCdefs.h"
#include "Boot/Windows/BootCommon.h"
#include "EncryptedIoQueue.h"
typedef struct _DriveFilterExtension
{
BOOL bRootDevice;
BOOL IsVolumeDevice;
BOOL IsDriveFilterDevice;
BOOL IsVolumeFilterDevice;
uint64 MagicNumber;
PDEVICE_OBJECT DeviceObject;
PDEVICE_OBJECT LowerDeviceObject;
PDEVICE_OBJECT Pdo;
ULONG SystemStorageDeviceNumber;
BOOL SystemStorageDeviceNumberValid;
int64 ConfiguredEncryptedAreaStart;
int64 ConfiguredEncryptedAreaEnd;
uint32 VolumeHeaderSaltCrc32;
EncryptedIoQueue Queue;
BOOL BootDrive;
BOOL VolumeHeaderPresent;
BOOL DriveMounted;
KEVENT MountWorkItemCompletedEvent;
CRYPTO_INFO *HeaderCryptoInfo;
BOOL HiddenSystem;
} DriveFilterExtension;
#define TC_BOOT_DRIVE_FILTER_EXTENSION_MAGIC_NUMBER 0x5645524142455854
extern BOOL BootArgsValid;
extern BootArguments BootArgs;
extern PKTHREAD EncryptionSetupThread;
extern PKTHREAD DecoySystemWipeThread;
NTSTATUS AbortBootEncryptionSetup ();
NTSTATUS DriveFilterAddDevice (PDRIVER_OBJECT driverObject, PDEVICE_OBJECT pdo);
NTSTATUS DriveFilterDispatchIrp (PDEVICE_OBJECT DeviceObject, PIRP Irp);
void GetBootDriveVolumeProperties (PIRP irp, PIO_STACK_LOCATION irpSp);
void GetBootEncryptionAlgorithmName (PIRP irp, PIO_STACK_LOCATION irpSp);
void GetBootEncryptionStatus (PIRP irp, PIO_STACK_LOCATION irpSp);
void GetBootLoaderVersion (PIRP irp, PIO_STACK_LOCATION irpSp);
void GetBootLoaderFingerprint (PIRP irp, PIO_STACK_LOCATION irpSp);
NTSTATUS GetSetupResult ();
DriveFilterExtension *GetBootDriveFilterExtension ();
CRYPTO_INFO *GetSystemDriveCryptoInfo ();
BOOL IsBootDriveMounted ();
BOOL IsBootEncryptionSetupInProgress ();
BOOL IsHiddenSystemRunning ();
NTSTATUS LoadBootArguments ();
static NTSTATUS SaveDriveVolumeHeader (DriveFilterExtension *Extension);
NTSTATUS StartBootEncryptionSetup (PDEVICE_OBJECT DeviceObject, PIRP irp, PIO_STACK_LOCATION irpSp);
void ReopenBootVolumeHeader (PIRP irp, PIO_STACK_LOCATION irpSp);
NTSTATUS StartDecoySystemWipe (PDEVICE_OBJECT DeviceObject, PIRP irp, PIO_STACK_LOCATION irpSp);
void StartLegacyHibernationDriverFilter ();
NTSTATUS AbortDecoySystemWipe ();
BOOL IsDecoySystemWipeInProgress();
NTSTATUS GetDecoySystemWipeResult();
void GetDecoySystemWipeStatus (PIRP irp, PIO_STACK_LOCATION irpSp);
uint64 GetBootDriveLength ();
NTSTATUS WriteBootDriveSector (PIRP irp, PIO_STACK_LOCATION irpSp);
#define TC_ENCRYPTION_SETUP_IO_BLOCK_SIZE (1536 * 1024)
#define TC_ENCRYPTION_SETUP_HEADER_UPDATE_THRESHOLD (64 * 1024 * 1024)
#define TC_HIBERNATION_WRITE_BUFFER_SIZE (128 * 1024)
#endif // TC_HEADER_DRIVER_DRIVE_FILTER

202
src/Driver/Driver.rc
View File

@@ -1,101 +1,101 @@
// Microsoft Visual C++ generated resource script.
//
#include "resource.h"
#define APSTUDIO_READONLY_SYMBOLS
/////////////////////////////////////////////////////////////////////////////
//
// Generated from the TEXTINCLUDE 2 resource.
//
#include "afxres.h"
/////////////////////////////////////////////////////////////////////////////
#undef APSTUDIO_READONLY_SYMBOLS
/////////////////////////////////////////////////////////////////////////////
// English (U.S.) resources
#if !defined(AFX_RESOURCE_DLL) || defined(AFX_TARG_ENU)
#ifdef _WIN32
LANGUAGE LANG_ENGLISH, SUBLANG_ENGLISH_US
#pragma code_page(1252)
#endif //_WIN32
/////////////////////////////////////////////////////////////////////////////
//
// Version
//
VS_VERSION_INFO VERSIONINFO
FILEVERSION 1,17,22,0
PRODUCTVERSION 1,17,22,0
FILEFLAGSMASK 0x17L
#ifdef _DEBUG
FILEFLAGS 0x1L
#else
FILEFLAGS 0x0L
#endif
FILEOS 0x4L
FILETYPE 0x3L
FILESUBTYPE 0x0L
BEGIN
BLOCK "StringFileInfo"
BEGIN
BLOCK "040904b0"
BEGIN
VALUE "CompanyName", "IDRIX"
VALUE "FileDescription", "VeraCrypt Driver"
VALUE "FileVersion", "1.17"
VALUE "LegalTrademarks", "VeraCrypt"
VALUE "OriginalFilename", "veracrypt.sys"
VALUE "ProductName", "VeraCrypt"
VALUE "ProductVersion", "1.17"
END
END
BLOCK "VarFileInfo"
BEGIN
VALUE "Translation", 0x409, 1200
END
END
#ifdef APSTUDIO_INVOKED
/////////////////////////////////////////////////////////////////////////////
//
// TEXTINCLUDE
//
1 TEXTINCLUDE
BEGIN
"resource.h\0"
END
2 TEXTINCLUDE
BEGIN
"#include ""afxres.h""\r\n"
"\0"
END
3 TEXTINCLUDE
BEGIN
"\r\n"
"\0"
END
#endif // APSTUDIO_INVOKED
#endif // English (U.S.) resources
/////////////////////////////////////////////////////////////////////////////
#ifndef APSTUDIO_INVOKED
/////////////////////////////////////////////////////////////////////////////
//
// Generated from the TEXTINCLUDE 3 resource.
//
/////////////////////////////////////////////////////////////////////////////
#endif // not APSTUDIO_INVOKED
// Microsoft Visual C++ generated resource script.
//
#include "resource.h"
#define APSTUDIO_READONLY_SYMBOLS
/////////////////////////////////////////////////////////////////////////////
//
// Generated from the TEXTINCLUDE 2 resource.
//
#include "afxres.h"
/////////////////////////////////////////////////////////////////////////////
#undef APSTUDIO_READONLY_SYMBOLS
/////////////////////////////////////////////////////////////////////////////
// English (U.S.) resources
#if !defined(AFX_RESOURCE_DLL) || defined(AFX_TARG_ENU)
#ifdef _WIN32
LANGUAGE LANG_ENGLISH, SUBLANG_ENGLISH_US
#pragma code_page(1252)
#endif //_WIN32
/////////////////////////////////////////////////////////////////////////////
//
// Version
//
VS_VERSION_INFO VERSIONINFO
FILEVERSION 1,17,22,0
PRODUCTVERSION 1,17,22,0
FILEFLAGSMASK 0x17L
#ifdef _DEBUG
FILEFLAGS 0x1L
#else
FILEFLAGS 0x0L
#endif
FILEOS 0x4L
FILETYPE 0x3L
FILESUBTYPE 0x0L
BEGIN
BLOCK "StringFileInfo"
BEGIN
BLOCK "040904b0"
BEGIN
VALUE "CompanyName", "IDRIX"
VALUE "FileDescription", "VeraCrypt Driver"
VALUE "FileVersion", "1.17"
VALUE "LegalTrademarks", "VeraCrypt"
VALUE "OriginalFilename", "veracrypt.sys"
VALUE "ProductName", "VeraCrypt"
VALUE "ProductVersion", "1.17"
END
END
BLOCK "VarFileInfo"
BEGIN
VALUE "Translation", 0x409, 1200
END
END
#ifdef APSTUDIO_INVOKED
/////////////////////////////////////////////////////////////////////////////
//
// TEXTINCLUDE
//
1 TEXTINCLUDE
BEGIN
"resource.h\0"
END
2 TEXTINCLUDE
BEGIN
"#include ""afxres.h""\r\n"
"\0"
END
3 TEXTINCLUDE
BEGIN
"\r\n"
"\0"
END
#endif // APSTUDIO_INVOKED
#endif // English (U.S.) resources
/////////////////////////////////////////////////////////////////////////////
#ifndef APSTUDIO_INVOKED
/////////////////////////////////////////////////////////////////////////////
//
// Generated from the TEXTINCLUDE 3 resource.
//
/////////////////////////////////////////////////////////////////////////////
#endif // not APSTUDIO_INVOKED

796
src/Driver/Driver.vcproj
View File

@@ -1,398 +1,398 @@
<?xml version="1.0" encoding="Windows-1252"?>
<VisualStudioProject
ProjectType="Visual C++"
Version="9.00"
Name="Driver"
ProjectGUID="{EF5EF444-18D0-40D7-8DFA-775EC4448602}"
RootNamespace="Driver"
Keyword="MakeFileProj"
TargetFrameworkVersion="131072"
>
<Platforms>
<Platform
Name="Win32"
/>
</Platforms>
<ToolFiles>
</ToolFiles>
<Configurations>
<Configuration
Name="Debug|Win32"
OutputDirectory="Debug"
IntermediateDirectory="Debug"
ConfigurationType="0"
InheritedPropertySheets="$(VCInstallDir)VCProjectDefaults\UpgradeFromVC71.vsprops"
>
<Tool
Name="VCNMakeTool"
BuildCommandLine="echo ------ Building veracrypt.sys: Debug x86 ------&#x0D;&#x0A;cmd.exe /c BuildDriver.cmd -build -debug -x86 &quot;$(SolutionDir)\Common&quot; &quot;$(SolutionDir)\Crypto&quot; &quot;$(ProjectDir)&quot;&#x0D;&#x0A;if errorlevel 1 exit %errorlevel%&#x0D;&#x0A;echo.&#x0D;&#x0A;echo ------ Building veracrypt.sys: Debug x64 ------&#x0D;&#x0A;BuildDriver.cmd -build -debug -x64 &quot;$(SolutionDir)\Common&quot; &quot;$(SolutionDir)\Crypto&quot; &quot;$(ProjectDir)&quot;"
ReBuildCommandLine="echo ------ Rebuilding veracrypt.sys: Debug x86 ------&#x0D;&#x0A;cmd.exe /c BuildDriver.cmd -rebuild -debug -x86 &quot;$(SolutionDir)\Common&quot; &quot;$(SolutionDir)\Crypto&quot; &quot;$(ProjectDir)&quot;&#x0D;&#x0A;if errorlevel 1 exit %errorlevel%&#x0D;&#x0A;echo.&#x0D;&#x0A;echo ------ Rebuilding veracrypt.sys: Debug x64 ------&#x0D;&#x0A;BuildDriver.cmd -rebuild -debug -x64 &quot;$(SolutionDir)\Common&quot; &quot;$(SolutionDir)\Crypto&quot; &quot;$(ProjectDir)&quot;"
CleanCommandLine="echo ------ Cleaning veracrypt.sys: Debug x86 ------&#x0D;&#x0A;cmd.exe /c BuildDriver.cmd -clean -debug -x86 &quot;$(SolutionDir)\Common&quot; &quot;$(SolutionDir)\Crypto&quot; &quot;$(ProjectDir)&quot;&#x0D;&#x0A;if errorlevel 1 exit %errorlevel%&#x0D;&#x0A;echo.&#x0D;&#x0A;echo ------ Cleaning veracrypt.sys: Debug x64 ------&#x0D;&#x0A;BuildDriver.cmd -clean -debug -x64 &quot;$(SolutionDir)\Common&quot; &quot;$(SolutionDir)\Crypto&quot; &quot;$(ProjectDir)&quot;"
Output=""
PreprocessorDefinitions="DEBUG;_DEBUG;TC_WINDOWS_DRIVER"
IncludeSearchPath="&quot;$(ProjectDir)&quot;;&quot;$(SolutionDir)&quot;;&quot;$(SolutionDir)\Common&quot;;&quot;$(SolutionDir)\Crypto&quot;;&quot;$(WINDDK_ROOT)\inc\ddk&quot;;&quot;$(WINDDK_ROOT)\inc\api&quot;"
ForcedIncludes=""
AssemblySearchPath=""
ForcedUsingAssemblies=""
CompileAsManaged=""
/>
</Configuration>
<Configuration
Name="Release|Win32"
OutputDirectory="Release"
IntermediateDirectory="Release"
ConfigurationType="0"
InheritedPropertySheets="$(VCInstallDir)VCProjectDefaults\UpgradeFromVC71.vsprops"
>
<Tool
Name="VCNMakeTool"
BuildCommandLine="echo ------ Building veracrypt.sys: Release x86 ------&#x0D;&#x0A;cmd.exe /c BuildDriver.cmd -build -release -x86 &quot;$(SolutionDir)\Common&quot; &quot;$(SolutionDir)\Crypto&quot; &quot;$(ProjectDir)&quot;&#x0D;&#x0A;if errorlevel 1 exit %errorlevel%&#x0D;&#x0A;echo.&#x0D;&#x0A;echo ------ Building veracrypt.sys: Release x64 ------&#x0D;&#x0A;BuildDriver.cmd -build -release -x64 &quot;$(SolutionDir)\Common&quot; &quot;$(SolutionDir)\Crypto&quot; &quot;$(ProjectDir)&quot;"
ReBuildCommandLine="echo ------ Rebuilding veracrypt.sys: Release x86 ------&#x0D;&#x0A;cmd.exe /c BuildDriver.cmd -rebuild -release -x86 &quot;$(SolutionDir)\Common&quot; &quot;$(SolutionDir)\Crypto&quot; &quot;$(ProjectDir)&quot;&#x0D;&#x0A;if errorlevel 1 exit %errorlevel%&#x0D;&#x0A;echo.&#x0D;&#x0A;echo ------ Rebuilding veracrypt.sys: Release x64 ------&#x0D;&#x0A;BuildDriver.cmd -rebuild -release -x64 &quot;$(SolutionDir)\Common&quot; &quot;$(SolutionDir)\Crypto&quot; &quot;$(ProjectDir)&quot;"
CleanCommandLine="echo ------ Cleaning veracrypt.sys: Release x86 ------&#x0D;&#x0A;cmd.exe /c BuildDriver.cmd -clean -release -x86 &quot;$(SolutionDir)\Common&quot; &quot;$(SolutionDir)\Crypto&quot; &quot;$(ProjectDir)&quot;&#x0D;&#x0A;if errorlevel 1 exit %errorlevel%&#x0D;&#x0A;echo.&#x0D;&#x0A;echo ------ Cleaning veracrypt.sys: Release x64 ------&#x0D;&#x0A;BuildDriver.cmd -clean -release -x64 &quot;$(SolutionDir)\Common&quot; &quot;$(SolutionDir)\Crypto&quot; &quot;$(ProjectDir)&quot;"
Output=""
PreprocessorDefinitions="TC_WINDOWS_DRIVER"
IncludeSearchPath="&quot;$(ProjectDir)&quot;;&quot;$(SolutionDir)&quot;;&quot;$(SolutionDir)\Common&quot;;&quot;$(SolutionDir)\Crypto&quot;;&quot;$(WINDDK_ROOT)\inc\ddk&quot;;&quot;$(WINDDK_ROOT)\inc\api&quot;"
ForcedIncludes=""
AssemblySearchPath=""
ForcedUsingAssemblies=""
CompileAsManaged=""
/>
</Configuration>
<Configuration
Name="Release x86|Win32"
OutputDirectory="$(ConfigurationName)"
IntermediateDirectory="$(ConfigurationName)"
ConfigurationType="0"
InheritedPropertySheets="$(VCInstallDir)VCProjectDefaults\UpgradeFromVC71.vsprops"
>
<Tool
Name="VCNMakeTool"
BuildCommandLine="BuildDriver.cmd -build -release -x86 &quot;$(SolutionDir)\Common&quot; &quot;$(SolutionDir)\Crypto&quot; &quot;$(ProjectDir)&quot;"
ReBuildCommandLine="BuildDriver.cmd -rebuild -release -x86 &quot;$(SolutionDir)\Common&quot; &quot;$(SolutionDir)\Crypto&quot; &quot;$(ProjectDir)&quot;"
CleanCommandLine="BuildDriver.cmd -clean -release -x86 &quot;$(SolutionDir)\Common&quot; &quot;$(SolutionDir)\Crypto&quot; &quot;$(ProjectDir)&quot;"
Output=""
PreprocessorDefinitions="TC_WINDOWS_DRIVER"
IncludeSearchPath="&quot;$(ProjectDir)&quot;;&quot;$(SolutionDir)&quot;;&quot;$(SolutionDir)\Common&quot;;&quot;$(SolutionDir)\Crypto&quot;;&quot;$(WINDDK_ROOT)\inc\ddk&quot;;&quot;$(WINDDK_ROOT)\inc\api&quot;"
ForcedIncludes=""
AssemblySearchPath=""
ForcedUsingAssemblies=""
CompileAsManaged=""
/>
</Configuration>
<Configuration
Name="Debug x86|Win32"
OutputDirectory="$(ConfigurationName)"
IntermediateDirectory="$(ConfigurationName)"
ConfigurationType="0"
InheritedPropertySheets="$(VCInstallDir)VCProjectDefaults\UpgradeFromVC71.vsprops"
>
<Tool
Name="VCNMakeTool"
BuildCommandLine="if exist $(SolutionDir)\Mount\Debug\VeraCrypt.exe ( copy $(SolutionDir)\Mount\Debug\VeraCrypt.exe $(ProjectDir)\obj_driver_debug\i386\VeraCrypt.exe &gt;NUL:&#x0D;&#x0A;) else ( copy $(SolutionDir)\Mount\Release\VeraCrypt.exe $(ProjectDir)\obj_driver_debug\i386\VeraCrypt.exe &gt;NUL: )&#x0D;&#x0A;&#x0D;&#x0A;BuildDriver.cmd -build -debug -x86 &quot;$(SolutionDir)\Common&quot; &quot;$(SolutionDir)\Crypto&quot; &quot;$(ProjectDir)&quot;"
ReBuildCommandLine="if exist $(SolutionDir)\Mount\Debug\VeraCrypt.exe ( copy $(SolutionDir)\Mount\Debug\VeraCrypt.exe $(ProjectDir)\obj_driver_debug\i386\VeraCrypt.exe &gt;NUL:&#x0D;&#x0A;) else ( copy $(SolutionDir)\Mount\Release\VeraCrypt.exe $(ProjectDir)\obj_driver_debug\i386\VeraCrypt.exe &gt;NUL: )&#x0D;&#x0A;&#x0D;&#x0A;BuildDriver.cmd -rebuild -debug -x86 &quot;$(SolutionDir)\Common&quot; &quot;$(SolutionDir)\Crypto&quot; &quot;$(ProjectDir)&quot;"
CleanCommandLine="BuildDriver.cmd -clean -debug -x86 &quot;$(SolutionDir)\Common&quot; &quot;$(SolutionDir)\Crypto&quot; &quot;$(ProjectDir)&quot;"
Output="$(ProjectDir)\obj_driver_debug\i386\VeraCrypt.exe"
PreprocessorDefinitions="DEBUG;_DEBUG;TC_WINDOWS_DRIVER"
IncludeSearchPath="&quot;$(ProjectDir)&quot;;&quot;$(SolutionDir)&quot;;&quot;$(SolutionDir)\Common&quot;;&quot;$(SolutionDir)\Crypto&quot;;&quot;$(WINDDK_ROOT)\inc\ddk&quot;;&quot;$(WINDDK_ROOT)\inc\api&quot;"
ForcedIncludes=""
AssemblySearchPath=""
ForcedUsingAssemblies=""
CompileAsManaged=""
/>
</Configuration>
<Configuration
Name="Release x64|Win32"
OutputDirectory="$(ConfigurationName)"
IntermediateDirectory="$(ConfigurationName)"
ConfigurationType="0"
InheritedPropertySheets="$(VCInstallDir)VCProjectDefaults\UpgradeFromVC71.vsprops"
>
<Tool
Name="VCNMakeTool"
BuildCommandLine="BuildDriver.cmd -build -release -x64 &quot;$(SolutionDir)\Common&quot; &quot;$(SolutionDir)\Crypto&quot; &quot;$(ProjectDir)&quot;"
ReBuildCommandLine="BuildDriver.cmd -rebuild -release -x64 &quot;$(SolutionDir)\Common&quot; &quot;$(SolutionDir)\Crypto&quot; &quot;$(ProjectDir)&quot;"
CleanCommandLine="BuildDriver.cmd -clean -release -x64 &quot;$(SolutionDir)\Common&quot; &quot;$(SolutionDir)\Crypto&quot; &quot;$(ProjectDir)&quot;"
Output=""
PreprocessorDefinitions="TC_WINDOWS_DRIVER"
IncludeSearchPath="&quot;$(ProjectDir)&quot;;&quot;$(SolutionDir)&quot;;&quot;$(SolutionDir)\Common&quot;;&quot;$(SolutionDir)\Crypto&quot;;&quot;$(WINDDK_ROOT)\inc\ddk&quot;;&quot;$(WINDDK_ROOT)\inc\api&quot;"
ForcedIncludes=""
AssemblySearchPath=""
ForcedUsingAssemblies=""
CompileAsManaged=""
/>
</Configuration>
<Configuration
Name="Debug x64|Win32"
OutputDirectory="$(ConfigurationName)"
IntermediateDirectory="$(ConfigurationName)"
ConfigurationType="0"
InheritedPropertySheets="$(VCInstallDir)VCProjectDefaults\UpgradeFromVC71.vsprops"
>
<Tool
Name="VCNMakeTool"
BuildCommandLine="if exist $(SolutionDir)\Mount\Debug\VeraCrypt.exe ( copy $(SolutionDir)\Mount\Debug\VeraCrypt.exe $(ProjectDir)\obj_driver_debug\amd64\VeraCrypt.exe &gt;NUL:&#x0D;&#x0A;) else ( copy $(SolutionDir)\Mount\Release\VeraCrypt.exe $(ProjectDir)\obj_driver_debug\amd64\VeraCrypt.exe &gt;NUL: )&#x0D;&#x0A;&#x0D;&#x0A;BuildDriver.cmd -build -debug -x64 &quot;$(SolutionDir)\Common&quot; &quot;$(SolutionDir)\Crypto&quot; &quot;$(ProjectDir)&quot;"
ReBuildCommandLine="if exist $(SolutionDir)\Mount\Debug\VeraCrypt.exe ( copy $(SolutionDir)\Mount\Debug\VeraCrypt.exe $(ProjectDir)\obj_driver_debug\amd64\VeraCrypt.exe &gt;NUL:&#x0D;&#x0A;) else ( copy $(SolutionDir)\Mount\Release\VeraCrypt.exe $(ProjectDir)\obj_driver_debug\amd64\VeraCrypt.exe &gt;NUL: )&#x0D;&#x0A;&#x0D;&#x0A;BuildDriver.cmd -rebuild -debug -x64 &quot;$(SolutionDir)\Common&quot; &quot;$(SolutionDir)\Crypto&quot; &quot;$(ProjectDir)&quot;"
CleanCommandLine="BuildDriver.cmd -clean -debug -x64 &quot;$(SolutionDir)\Common&quot; &quot;$(SolutionDir)\Crypto&quot; &quot;$(ProjectDir)&quot;"
Output="$(ProjectDir)\obj_driver_debug\amd64\VeraCrypt.exe"
PreprocessorDefinitions="DEBUG;_DEBUG;TC_WINDOWS_DRIVER"
IncludeSearchPath="&quot;$(ProjectDir)&quot;;&quot;$(SolutionDir)&quot;;&quot;$(SolutionDir)\Common&quot;;&quot;$(SolutionDir)\Crypto&quot;;&quot;$(WINDDK_ROOT)\inc\ddk&quot;;&quot;$(WINDDK_ROOT)\inc\api&quot;"
ForcedIncludes=""
AssemblySearchPath=""
ForcedUsingAssemblies=""
CompileAsManaged=""
/>
</Configuration>
</Configurations>
<References>
</References>
<Files>
<Filter
Name="Source Files"
Filter="cpp;c;cxx;def;odl;idl;hpj;bat;asm;asmx"
UniqueIdentifier="{4FC737F1-C7A5-4376-A066-2A32D752A2FF}"
>
<File
RelativePath=".\DriveFilter.c"
>
</File>
<File
RelativePath=".\DumpFilter.c"
>
</File>
<File
RelativePath=".\EncryptedIoQueue.c"
>
</File>
<File
RelativePath=".\Ntdriver.c"
>
</File>
<File
RelativePath=".\Ntvol.c"
>
</File>
<File
RelativePath=".\VolumeFilter.c"
>
</File>
<Filter
Name="Common"
>
<File
RelativePath="..\Common\Cache.c"
>
</File>
<File
RelativePath="..\Common\Crc.c"
>
</File>
<File
RelativePath="..\Common\Crypto.c"
>
</File>
<File
RelativePath="..\Common\EncryptionThreadPool.c"
>
</File>
<File
RelativePath="..\Common\Endian.c"
>
</File>
<File
RelativePath="..\Common\GfMul.c"
>
</File>
<File
RelativePath="..\Common\Pkcs5.c"
>
</File>
<File
RelativePath="..\Common\Tests.c"
>
</File>
<File
RelativePath="..\Common\Volumes.c"
>
</File>
<File
RelativePath="..\Common\Wipe.c"
>
</File>
<File
RelativePath="..\Common\Xts.c"
>
</File>
</Filter>
<Filter
Name="Crypto"
>
<File
RelativePath="..\Crypto\Aes_hw_cpu.asm"
>
</File>
<File
RelativePath="..\Crypto\Aes_x64.asm"
>
</File>
<File
RelativePath="..\Crypto\Aes_x86.asm"
>
</File>
<File
RelativePath="..\Crypto\Aeskey.c"
>
</File>
<File
RelativePath="..\Crypto\Aestab.c"
>
</File>
<File
RelativePath="..\Crypto\Rmd160.c"
>
</File>
<File
RelativePath="..\Crypto\Serpent.c"
>
</File>
<File
RelativePath="..\Crypto\Sha2.c"
>
</File>
<File
RelativePath="..\Crypto\Twofish.c"
>
</File>
<File
RelativePath="..\Crypto\Whirlpool.c"
>
</File>
</Filter>
</Filter>
<Filter
Name="Header Files"
Filter="h;hpp;hxx;hm;inl;inc;xsd"
UniqueIdentifier="{93995380-89BD-4b04-88EB-625FBE52EBFB}"
>
<File
RelativePath="..\Common\Apidrvr.h"
>
</File>
<File
RelativePath="..\Common\Cache.h"
>
</File>
<File
RelativePath="..\Common\Common.h"
>
</File>
<File
RelativePath=".\DriveFilter.h"
>
</File>
<File
RelativePath=".\DumpFilter.h"
>
</File>
<File
RelativePath=".\EncryptedIoQueue.h"
>
</File>
<File
RelativePath="..\Common\EncryptionThreadPool.h"
>
</File>
<File
RelativePath="..\Common\GfMul.h"
>
</File>
<File
RelativePath=".\Ntdriver.h"
>
</File>
<File
RelativePath=".\Ntvol.h"
>
</File>
<File
RelativePath=".\resource.h"
>
</File>
<File
RelativePath="..\Common\Tcdefs.h"
>
</File>
<File
RelativePath=".\VolumeFilter.h"
>
</File>
<File
RelativePath="..\Common\Volumes.h"
>
</File>
<File
RelativePath="..\Common\Wipe.h"
>
</File>
<File
RelativePath="..\Common\Xts.h"
>
</File>
</Filter>
<Filter
Name="Resource Files"
Filter="rc;ico;cur;bmp;dlg;rc2;rct;bin;rgs;gif;jpg;jpeg;jpe;resx"
UniqueIdentifier="{67DA6AB6-F800-4c08-8B7A-83BB121AAD01}"
>
<File
RelativePath=".\Driver.rc"
>
</File>
</Filter>
<Filter
Name="Build Files"
>
<File
RelativePath=".\BuildDriver.cmd"
>
</File>
<File
RelativePath=".\Makefile"
>
</File>
<File
RelativePath=".\Sources"
>
</File>
<Filter
Name="Common"
>
<File
RelativePath="..\Common\Makefile"
>
</File>
<File
RelativePath="..\Common\Sources"
>
</File>
</Filter>
<Filter
Name="Crypto"
>
<File
RelativePath="..\Crypto\Makefile"
>
</File>
<File
RelativePath="..\Crypto\Makefile.inc"
>
</File>
<File
RelativePath="..\Crypto\Sources"
>
</File>
</Filter>
</Filter>
</Files>
<Globals>
</Globals>
</VisualStudioProject>
<?xml version="1.0" encoding="Windows-1252"?>
<VisualStudioProject
ProjectType="Visual C++"
Version="9.00"
Name="Driver"
ProjectGUID="{EF5EF444-18D0-40D7-8DFA-775EC4448602}"
RootNamespace="Driver"
Keyword="MakeFileProj"
TargetFrameworkVersion="131072"
>
<Platforms>
<Platform
Name="Win32"
/>
</Platforms>
<ToolFiles>
</ToolFiles>
<Configurations>
<Configuration
Name="Debug|Win32"
OutputDirectory="Debug"
IntermediateDirectory="Debug"
ConfigurationType="0"
InheritedPropertySheets="$(VCInstallDir)VCProjectDefaults\UpgradeFromVC71.vsprops"
>
<Tool
Name="VCNMakeTool"
BuildCommandLine="echo ------ Building veracrypt.sys: Debug x86 ------&#x0D;&#x0A;cmd.exe /c BuildDriver.cmd -build -debug -x86 &quot;$(SolutionDir)\Common&quot; &quot;$(SolutionDir)\Crypto&quot; &quot;$(ProjectDir)&quot;&#x0D;&#x0A;if errorlevel 1 exit %errorlevel%&#x0D;&#x0A;echo.&#x0D;&#x0A;echo ------ Building veracrypt.sys: Debug x64 ------&#x0D;&#x0A;BuildDriver.cmd -build -debug -x64 &quot;$(SolutionDir)\Common&quot; &quot;$(SolutionDir)\Crypto&quot; &quot;$(ProjectDir)&quot;"
ReBuildCommandLine="echo ------ Rebuilding veracrypt.sys: Debug x86 ------&#x0D;&#x0A;cmd.exe /c BuildDriver.cmd -rebuild -debug -x86 &quot;$(SolutionDir)\Common&quot; &quot;$(SolutionDir)\Crypto&quot; &quot;$(ProjectDir)&quot;&#x0D;&#x0A;if errorlevel 1 exit %errorlevel%&#x0D;&#x0A;echo.&#x0D;&#x0A;echo ------ Rebuilding veracrypt.sys: Debug x64 ------&#x0D;&#x0A;BuildDriver.cmd -rebuild -debug -x64 &quot;$(SolutionDir)\Common&quot; &quot;$(SolutionDir)\Crypto&quot; &quot;$(ProjectDir)&quot;"
CleanCommandLine="echo ------ Cleaning veracrypt.sys: Debug x86 ------&#x0D;&#x0A;cmd.exe /c BuildDriver.cmd -clean -debug -x86 &quot;$(SolutionDir)\Common&quot; &quot;$(SolutionDir)\Crypto&quot; &quot;$(ProjectDir)&quot;&#x0D;&#x0A;if errorlevel 1 exit %errorlevel%&#x0D;&#x0A;echo.&#x0D;&#x0A;echo ------ Cleaning veracrypt.sys: Debug x64 ------&#x0D;&#x0A;BuildDriver.cmd -clean -debug -x64 &quot;$(SolutionDir)\Common&quot; &quot;$(SolutionDir)\Crypto&quot; &quot;$(ProjectDir)&quot;"
Output=""
PreprocessorDefinitions="DEBUG;_DEBUG;TC_WINDOWS_DRIVER"
IncludeSearchPath="&quot;$(ProjectDir)&quot;;&quot;$(SolutionDir)&quot;;&quot;$(SolutionDir)\Common&quot;;&quot;$(SolutionDir)\Crypto&quot;;&quot;$(WINDDK_ROOT)\inc\ddk&quot;;&quot;$(WINDDK_ROOT)\inc\api&quot;"
ForcedIncludes=""
AssemblySearchPath=""
ForcedUsingAssemblies=""
CompileAsManaged=""
/>
</Configuration>
<Configuration
Name="Release|Win32"
OutputDirectory="Release"
IntermediateDirectory="Release"
ConfigurationType="0"
InheritedPropertySheets="$(VCInstallDir)VCProjectDefaults\UpgradeFromVC71.vsprops"
>
<Tool
Name="VCNMakeTool"
BuildCommandLine="echo ------ Building veracrypt.sys: Release x86 ------&#x0D;&#x0A;cmd.exe /c BuildDriver.cmd -build -release -x86 &quot;$(SolutionDir)\Common&quot; &quot;$(SolutionDir)\Crypto&quot; &quot;$(ProjectDir)&quot;&#x0D;&#x0A;if errorlevel 1 exit %errorlevel%&#x0D;&#x0A;echo.&#x0D;&#x0A;echo ------ Building veracrypt.sys: Release x64 ------&#x0D;&#x0A;BuildDriver.cmd -build -release -x64 &quot;$(SolutionDir)\Common&quot; &quot;$(SolutionDir)\Crypto&quot; &quot;$(ProjectDir)&quot;"
ReBuildCommandLine="echo ------ Rebuilding veracrypt.sys: Release x86 ------&#x0D;&#x0A;cmd.exe /c BuildDriver.cmd -rebuild -release -x86 &quot;$(SolutionDir)\Common&quot; &quot;$(SolutionDir)\Crypto&quot; &quot;$(ProjectDir)&quot;&#x0D;&#x0A;if errorlevel 1 exit %errorlevel%&#x0D;&#x0A;echo.&#x0D;&#x0A;echo ------ Rebuilding veracrypt.sys: Release x64 ------&#x0D;&#x0A;BuildDriver.cmd -rebuild -release -x64 &quot;$(SolutionDir)\Common&quot; &quot;$(SolutionDir)\Crypto&quot; &quot;$(ProjectDir)&quot;"
CleanCommandLine="echo ------ Cleaning veracrypt.sys: Release x86 ------&#x0D;&#x0A;cmd.exe /c BuildDriver.cmd -clean -release -x86 &quot;$(SolutionDir)\Common&quot; &quot;$(SolutionDir)\Crypto&quot; &quot;$(ProjectDir)&quot;&#x0D;&#x0A;if errorlevel 1 exit %errorlevel%&#x0D;&#x0A;echo.&#x0D;&#x0A;echo ------ Cleaning veracrypt.sys: Release x64 ------&#x0D;&#x0A;BuildDriver.cmd -clean -release -x64 &quot;$(SolutionDir)\Common&quot; &quot;$(SolutionDir)\Crypto&quot; &quot;$(ProjectDir)&quot;"
Output=""
PreprocessorDefinitions="TC_WINDOWS_DRIVER"
IncludeSearchPath="&quot;$(ProjectDir)&quot;;&quot;$(SolutionDir)&quot;;&quot;$(SolutionDir)\Common&quot;;&quot;$(SolutionDir)\Crypto&quot;;&quot;$(WINDDK_ROOT)\inc\ddk&quot;;&quot;$(WINDDK_ROOT)\inc\api&quot;"
ForcedIncludes=""
AssemblySearchPath=""
ForcedUsingAssemblies=""
CompileAsManaged=""
/>
</Configuration>
<Configuration
Name="Release x86|Win32"
OutputDirectory="$(ConfigurationName)"
IntermediateDirectory="$(ConfigurationName)"
ConfigurationType="0"
InheritedPropertySheets="$(VCInstallDir)VCProjectDefaults\UpgradeFromVC71.vsprops"
>
<Tool
Name="VCNMakeTool"
BuildCommandLine="BuildDriver.cmd -build -release -x86 &quot;$(SolutionDir)\Common&quot; &quot;$(SolutionDir)\Crypto&quot; &quot;$(ProjectDir)&quot;"
ReBuildCommandLine="BuildDriver.cmd -rebuild -release -x86 &quot;$(SolutionDir)\Common&quot; &quot;$(SolutionDir)\Crypto&quot; &quot;$(ProjectDir)&quot;"
CleanCommandLine="BuildDriver.cmd -clean -release -x86 &quot;$(SolutionDir)\Common&quot; &quot;$(SolutionDir)\Crypto&quot; &quot;$(ProjectDir)&quot;"
Output=""
PreprocessorDefinitions="TC_WINDOWS_DRIVER"
IncludeSearchPath="&quot;$(ProjectDir)&quot;;&quot;$(SolutionDir)&quot;;&quot;$(SolutionDir)\Common&quot;;&quot;$(SolutionDir)\Crypto&quot;;&quot;$(WINDDK_ROOT)\inc\ddk&quot;;&quot;$(WINDDK_ROOT)\inc\api&quot;"
ForcedIncludes=""
AssemblySearchPath=""
ForcedUsingAssemblies=""
CompileAsManaged=""
/>
</Configuration>
<Configuration
Name="Debug x86|Win32"
OutputDirectory="$(ConfigurationName)"
IntermediateDirectory="$(ConfigurationName)"
ConfigurationType="0"
InheritedPropertySheets="$(VCInstallDir)VCProjectDefaults\UpgradeFromVC71.vsprops"
>
<Tool
Name="VCNMakeTool"
BuildCommandLine="if exist $(SolutionDir)\Mount\Debug\VeraCrypt.exe ( copy $(SolutionDir)\Mount\Debug\VeraCrypt.exe $(ProjectDir)\obj_driver_debug\i386\VeraCrypt.exe &gt;NUL:&#x0D;&#x0A;) else ( copy $(SolutionDir)\Mount\Release\VeraCrypt.exe $(ProjectDir)\obj_driver_debug\i386\VeraCrypt.exe &gt;NUL: )&#x0D;&#x0A;&#x0D;&#x0A;BuildDriver.cmd -build -debug -x86 &quot;$(SolutionDir)\Common&quot; &quot;$(SolutionDir)\Crypto&quot; &quot;$(ProjectDir)&quot;"
ReBuildCommandLine="if exist $(SolutionDir)\Mount\Debug\VeraCrypt.exe ( copy $(SolutionDir)\Mount\Debug\VeraCrypt.exe $(ProjectDir)\obj_driver_debug\i386\VeraCrypt.exe &gt;NUL:&#x0D;&#x0A;) else ( copy $(SolutionDir)\Mount\Release\VeraCrypt.exe $(ProjectDir)\obj_driver_debug\i386\VeraCrypt.exe &gt;NUL: )&#x0D;&#x0A;&#x0D;&#x0A;BuildDriver.cmd -rebuild -debug -x86 &quot;$(SolutionDir)\Common&quot; &quot;$(SolutionDir)\Crypto&quot; &quot;$(ProjectDir)&quot;"
CleanCommandLine="BuildDriver.cmd -clean -debug -x86 &quot;$(SolutionDir)\Common&quot; &quot;$(SolutionDir)\Crypto&quot; &quot;$(ProjectDir)&quot;"
Output="$(ProjectDir)\obj_driver_debug\i386\VeraCrypt.exe"
PreprocessorDefinitions="DEBUG;_DEBUG;TC_WINDOWS_DRIVER"
IncludeSearchPath="&quot;$(ProjectDir)&quot;;&quot;$(SolutionDir)&quot;;&quot;$(SolutionDir)\Common&quot;;&quot;$(SolutionDir)\Crypto&quot;;&quot;$(WINDDK_ROOT)\inc\ddk&quot;;&quot;$(WINDDK_ROOT)\inc\api&quot;"
ForcedIncludes=""
AssemblySearchPath=""
ForcedUsingAssemblies=""
CompileAsManaged=""
/>
</Configuration>
<Configuration
Name="Release x64|Win32"
OutputDirectory="$(ConfigurationName)"
IntermediateDirectory="$(ConfigurationName)"
ConfigurationType="0"
InheritedPropertySheets="$(VCInstallDir)VCProjectDefaults\UpgradeFromVC71.vsprops"
>
<Tool
Name="VCNMakeTool"
BuildCommandLine="BuildDriver.cmd -build -release -x64 &quot;$(SolutionDir)\Common&quot; &quot;$(SolutionDir)\Crypto&quot; &quot;$(ProjectDir)&quot;"
ReBuildCommandLine="BuildDriver.cmd -rebuild -release -x64 &quot;$(SolutionDir)\Common&quot; &quot;$(SolutionDir)\Crypto&quot; &quot;$(ProjectDir)&quot;"
CleanCommandLine="BuildDriver.cmd -clean -release -x64 &quot;$(SolutionDir)\Common&quot; &quot;$(SolutionDir)\Crypto&quot; &quot;$(ProjectDir)&quot;"
Output=""
PreprocessorDefinitions="TC_WINDOWS_DRIVER"
IncludeSearchPath="&quot;$(ProjectDir)&quot;;&quot;$(SolutionDir)&quot;;&quot;$(SolutionDir)\Common&quot;;&quot;$(SolutionDir)\Crypto&quot;;&quot;$(WINDDK_ROOT)\inc\ddk&quot;;&quot;$(WINDDK_ROOT)\inc\api&quot;"
ForcedIncludes=""
AssemblySearchPath=""
ForcedUsingAssemblies=""
CompileAsManaged=""
/>
</Configuration>
<Configuration
Name="Debug x64|Win32"
OutputDirectory="$(ConfigurationName)"
IntermediateDirectory="$(ConfigurationName)"
ConfigurationType="0"
InheritedPropertySheets="$(VCInstallDir)VCProjectDefaults\UpgradeFromVC71.vsprops"
>
<Tool
Name="VCNMakeTool"
BuildCommandLine="if exist $(SolutionDir)\Mount\Debug\VeraCrypt.exe ( copy $(SolutionDir)\Mount\Debug\VeraCrypt.exe $(ProjectDir)\obj_driver_debug\amd64\VeraCrypt.exe &gt;NUL:&#x0D;&#x0A;) else ( copy $(SolutionDir)\Mount\Release\VeraCrypt.exe $(ProjectDir)\obj_driver_debug\amd64\VeraCrypt.exe &gt;NUL: )&#x0D;&#x0A;&#x0D;&#x0A;BuildDriver.cmd -build -debug -x64 &quot;$(SolutionDir)\Common&quot; &quot;$(SolutionDir)\Crypto&quot; &quot;$(ProjectDir)&quot;"
ReBuildCommandLine="if exist $(SolutionDir)\Mount\Debug\VeraCrypt.exe ( copy $(SolutionDir)\Mount\Debug\VeraCrypt.exe $(ProjectDir)\obj_driver_debug\amd64\VeraCrypt.exe &gt;NUL:&#x0D;&#x0A;) else ( copy $(SolutionDir)\Mount\Release\VeraCrypt.exe $(ProjectDir)\obj_driver_debug\amd64\VeraCrypt.exe &gt;NUL: )&#x0D;&#x0A;&#x0D;&#x0A;BuildDriver.cmd -rebuild -debug -x64 &quot;$(SolutionDir)\Common&quot; &quot;$(SolutionDir)\Crypto&quot; &quot;$(ProjectDir)&quot;"
CleanCommandLine="BuildDriver.cmd -clean -debug -x64 &quot;$(SolutionDir)\Common&quot; &quot;$(SolutionDir)\Crypto&quot; &quot;$(ProjectDir)&quot;"
Output="$(ProjectDir)\obj_driver_debug\amd64\VeraCrypt.exe"
PreprocessorDefinitions="DEBUG;_DEBUG;TC_WINDOWS_DRIVER"
IncludeSearchPath="&quot;$(ProjectDir)&quot;;&quot;$(SolutionDir)&quot;;&quot;$(SolutionDir)\Common&quot;;&quot;$(SolutionDir)\Crypto&quot;;&quot;$(WINDDK_ROOT)\inc\ddk&quot;;&quot;$(WINDDK_ROOT)\inc\api&quot;"
ForcedIncludes=""
AssemblySearchPath=""
ForcedUsingAssemblies=""
CompileAsManaged=""
/>
</Configuration>
</Configurations>
<References>
</References>
<Files>
<Filter
Name="Source Files"
Filter="cpp;c;cxx;def;odl;idl;hpj;bat;asm;asmx"
UniqueIdentifier="{4FC737F1-C7A5-4376-A066-2A32D752A2FF}"
>
<File
RelativePath=".\DriveFilter.c"
>
</File>
<File
RelativePath=".\DumpFilter.c"
>
</File>
<File
RelativePath=".\EncryptedIoQueue.c"
>
</File>
<File
RelativePath=".\Ntdriver.c"
>
</File>
<File
RelativePath=".\Ntvol.c"
>
</File>
<File
RelativePath=".\VolumeFilter.c"
>
</File>
<Filter
Name="Common"
>
<File
RelativePath="..\Common\Cache.c"
>
</File>
<File
RelativePath="..\Common\Crc.c"
>
</File>
<File
RelativePath="..\Common\Crypto.c"
>
</File>
<File
RelativePath="..\Common\EncryptionThreadPool.c"
>
</File>
<File
RelativePath="..\Common\Endian.c"
>
</File>
<File
RelativePath="..\Common\GfMul.c"
>
</File>
<File
RelativePath="..\Common\Pkcs5.c"
>
</File>
<File
RelativePath="..\Common\Tests.c"
>
</File>
<File
RelativePath="..\Common\Volumes.c"
>
</File>
<File
RelativePath="..\Common\Wipe.c"
>
</File>
<File
RelativePath="..\Common\Xts.c"
>
</File>
</Filter>
<Filter
Name="Crypto"
>
<File
RelativePath="..\Crypto\Aes_hw_cpu.asm"
>
</File>
<File
RelativePath="..\Crypto\Aes_x64.asm"
>
</File>
<File
RelativePath="..\Crypto\Aes_x86.asm"
>
</File>
<File
RelativePath="..\Crypto\Aeskey.c"
>
</File>
<File
RelativePath="..\Crypto\Aestab.c"
>
</File>
<File
RelativePath="..\Crypto\Rmd160.c"
>
</File>
<File
RelativePath="..\Crypto\Serpent.c"
>
</File>
<File
RelativePath="..\Crypto\Sha2.c"
>
</File>
<File
RelativePath="..\Crypto\Twofish.c"
>
</File>
<File
RelativePath="..\Crypto\Whirlpool.c"
>
</File>
</Filter>
</Filter>
<Filter
Name="Header Files"
Filter="h;hpp;hxx;hm;inl;inc;xsd"
UniqueIdentifier="{93995380-89BD-4b04-88EB-625FBE52EBFB}"
>
<File
RelativePath="..\Common\Apidrvr.h"
>
</File>
<File
RelativePath="..\Common\Cache.h"
>
</File>
<File
RelativePath="..\Common\Common.h"
>
</File>
<File
RelativePath=".\DriveFilter.h"
>
</File>
<File
RelativePath=".\DumpFilter.h"
>
</File>
<File
RelativePath=".\EncryptedIoQueue.h"
>
</File>
<File
RelativePath="..\Common\EncryptionThreadPool.h"
>
</File>
<File
RelativePath="..\Common\GfMul.h"
>
</File>
<File
RelativePath=".\Ntdriver.h"
>
</File>
<File
RelativePath=".\Ntvol.h"
>
</File>
<File
RelativePath=".\resource.h"
>
</File>
<File
RelativePath="..\Common\Tcdefs.h"
>
</File>
<File
RelativePath=".\VolumeFilter.h"
>
</File>
<File
RelativePath="..\Common\Volumes.h"
>
</File>
<File
RelativePath="..\Common\Wipe.h"
>
</File>
<File
RelativePath="..\Common\Xts.h"
>
</File>
</Filter>
<Filter
Name="Resource Files"
Filter="rc;ico;cur;bmp;dlg;rc2;rct;bin;rgs;gif;jpg;jpeg;jpe;resx"
UniqueIdentifier="{67DA6AB6-F800-4c08-8B7A-83BB121AAD01}"
>
<File
RelativePath=".\Driver.rc"
>
</File>
</Filter>
<Filter
Name="Build Files"
>
<File
RelativePath=".\BuildDriver.cmd"
>
</File>
<File
RelativePath=".\Makefile"
>
</File>
<File
RelativePath=".\Sources"
>
</File>
<Filter
Name="Common"
>
<File
RelativePath="..\Common\Makefile"
>
</File>
<File
RelativePath="..\Common\Sources"
>
</File>
</Filter>
<Filter
Name="Crypto"
>
<File
RelativePath="..\Crypto\Makefile"
>
</File>
<File
RelativePath="..\Crypto\Makefile.inc"
>
</File>
<File
RelativePath="..\Crypto\Sources"
>
</File>
</Filter>
</Filter>
</Files>
<Globals>
</Globals>
</VisualStudioProject>

496
src/Driver/DumpFilter.c
View File

@@ -1,248 +1,248 @@
/*
Derived from source code of TrueCrypt 7.1a, which is
Copyright (c) 2008-2012 TrueCrypt Developers Association and which is governed
by the TrueCrypt License 3.0.
Modifications and additions to the original source code (contained in this file)
and all other portions of this file are Copyright (c) 2013-2016 IDRIX
and are governed by the Apache License 2.0 the full text of which is
contained in the file License.txt included in VeraCrypt binary and source
code distribution packages.
*/
#include "DumpFilter.h"
#include "DriveFilter.h"
#include "Ntdriver.h"
#include "Tests.h"
static DriveFilterExtension *BootDriveFilterExtension = NULL;
static LARGE_INTEGER DumpPartitionOffset;
static byte *WriteFilterBuffer = NULL;
static SIZE_T WriteFilterBufferSize;
NTSTATUS DumpFilterEntry (PFILTER_EXTENSION filterExtension, PFILTER_INITIALIZATION_DATA filterInitData)
{
GetSystemDriveDumpConfigRequest dumpConfig;
PHYSICAL_ADDRESS highestAcceptableWriteBufferAddr;
STORAGE_DEVICE_NUMBER storageDeviceNumber;
PARTITION_INFORMATION partitionInfo;
LONG version;
NTSTATUS status;
Dump ("DumpFilterEntry type=%d\n", filterExtension->DumpType);
filterInitData->MajorVersion = DUMP_FILTER_MAJOR_VERSION;
filterInitData->MinorVersion = DUMP_FILTER_MINOR_VERSION;
filterInitData->Flags |= DUMP_FILTER_CRITICAL;
// Check driver version of the main device
status = TCDeviceIoControl (NT_ROOT_PREFIX, TC_IOCTL_GET_DRIVER_VERSION, NULL, 0, &version, sizeof (version));
if (!NT_SUCCESS (status))
goto err;
if (version != VERSION_NUM)
{
status = STATUS_INVALID_PARAMETER;
goto err;
}
// Get dump configuration from the main device
status = TCDeviceIoControl (NT_ROOT_PREFIX, TC_IOCTL_GET_SYSTEM_DRIVE_DUMP_CONFIG, NULL, 0, &dumpConfig, sizeof (dumpConfig));
if (!NT_SUCCESS (status))
goto err;
BootDriveFilterExtension = dumpConfig.BootDriveFilterExtension;
if (BootDriveFilterExtension->MagicNumber != TC_BOOT_DRIVE_FILTER_EXTENSION_MAGIC_NUMBER)
{
status = STATUS_CRC_ERROR;
goto err;
}
// KeSaveFloatingPointState() may generate a bug check during crash dump
#if !defined (_WIN64)
if (filterExtension->DumpType == DumpTypeCrashdump)
dumpConfig.HwEncryptionEnabled = FALSE;
#endif
EnableHwEncryption (dumpConfig.HwEncryptionEnabled);
if (!AutoTestAlgorithms())
{
status = STATUS_INVALID_PARAMETER;
goto err;
}
// Check dump volume is located on the system drive
status = SendDeviceIoControlRequest (filterExtension->DeviceObject, IOCTL_STORAGE_GET_DEVICE_NUMBER, NULL, 0, &storageDeviceNumber, sizeof (storageDeviceNumber));
if (!NT_SUCCESS (status))
goto err;
if (!BootDriveFilterExtension->SystemStorageDeviceNumberValid)
{
status = STATUS_INVALID_PARAMETER;
goto err;
}
if (storageDeviceNumber.DeviceNumber != BootDriveFilterExtension->SystemStorageDeviceNumber)
{
status = STATUS_ACCESS_DENIED;
goto err;
}
// Check dump volume is located within the scope of system encryption
status = SendDeviceIoControlRequest (filterExtension->DeviceObject, IOCTL_DISK_GET_PARTITION_INFO, NULL, 0, &partitionInfo, sizeof (partitionInfo));
if (!NT_SUCCESS (status))
goto err;
DumpPartitionOffset = partitionInfo.StartingOffset;
if (DumpPartitionOffset.QuadPart < BootDriveFilterExtension->ConfiguredEncryptedAreaStart
|| DumpPartitionOffset.QuadPart > BootDriveFilterExtension->ConfiguredEncryptedAreaEnd)
{
status = STATUS_ACCESS_DENIED;
goto err;
}
// Allocate buffer for encryption
if (filterInitData->MaxPagesPerWrite == 0)
{
status = STATUS_INVALID_PARAMETER;
goto err;
}
WriteFilterBufferSize = filterInitData->MaxPagesPerWrite * PAGE_SIZE;
#ifdef _WIN64
highestAcceptableWriteBufferAddr.QuadPart = 0x7FFffffFFFFLL;
#else
highestAcceptableWriteBufferAddr.QuadPart = 0xffffFFFFLL;
#endif
WriteFilterBuffer = MmAllocateContiguousMemory (WriteFilterBufferSize, highestAcceptableWriteBufferAddr);
if (!WriteFilterBuffer)
{
status = STATUS_INSUFFICIENT_RESOURCES;
goto err;
}
filterInitData->DumpStart = DumpFilterStart;
filterInitData->DumpWrite = DumpFilterWrite;
filterInitData->DumpFinish = DumpFilterFinish;
filterInitData->DumpUnload = DumpFilterUnload;
Dump ("Dump filter loaded type=%d\n", filterExtension->DumpType);
return STATUS_SUCCESS;
err:
Dump ("DumpFilterEntry error %x\n", status);
return status;
}
static NTSTATUS DumpFilterStart (PFILTER_EXTENSION filterExtension)
{
Dump ("DumpFilterStart type=%d\n", filterExtension->DumpType);
if (BootDriveFilterExtension->MagicNumber != TC_BOOT_DRIVE_FILTER_EXTENSION_MAGIC_NUMBER)
TC_BUG_CHECK (STATUS_CRC_ERROR);
return BootDriveFilterExtension->DriveMounted ? STATUS_SUCCESS : STATUS_UNSUCCESSFUL;
}
static NTSTATUS DumpFilterWrite (PFILTER_EXTENSION filterExtension, PLARGE_INTEGER diskWriteOffset, PMDL writeMdl)
{
ULONG dataLength = MmGetMdlByteCount (writeMdl);
uint64 offset = DumpPartitionOffset.QuadPart + diskWriteOffset->QuadPart;
uint64 intersectStart;
uint32 intersectLength;
PVOID writeBuffer;
CSHORT origMdlFlags;
if (BootDriveFilterExtension->MagicNumber != TC_BOOT_DRIVE_FILTER_EXTENSION_MAGIC_NUMBER)
TC_BUG_CHECK (STATUS_CRC_ERROR);
if (BootDriveFilterExtension->Queue.EncryptedAreaEndUpdatePending) // Hibernation should always abort the setup thread
TC_BUG_CHECK (STATUS_INVALID_PARAMETER);
if (BootDriveFilterExtension->Queue.EncryptedAreaStart == -1 || BootDriveFilterExtension->Queue.EncryptedAreaEnd == -1)
return STATUS_SUCCESS;
if (dataLength > WriteFilterBufferSize)
TC_BUG_CHECK (STATUS_BUFFER_OVERFLOW); // Bug check is required as returning an error does not prevent data from being written to disk
if ((dataLength & (ENCRYPTION_DATA_UNIT_SIZE - 1)) != 0)
TC_BUG_CHECK (STATUS_INVALID_PARAMETER);
if ((offset & (ENCRYPTION_DATA_UNIT_SIZE - 1)) != 0)
TC_BUG_CHECK (STATUS_INVALID_PARAMETER);
writeBuffer = MmGetSystemAddressForMdlSafe (writeMdl, HighPagePriority);
if (!writeBuffer)
TC_BUG_CHECK (STATUS_INSUFFICIENT_RESOURCES);
memcpy (WriteFilterBuffer, writeBuffer, dataLength);
GetIntersection (offset,
dataLength,
BootDriveFilterExtension->Queue.EncryptedAreaStart,
BootDriveFilterExtension->Queue.EncryptedAreaEnd,
&intersectStart,
&intersectLength);
if (intersectLength > 0)
{
UINT64_STRUCT dataUnit;
dataUnit.Value = intersectStart / ENCRYPTION_DATA_UNIT_SIZE;
if (BootDriveFilterExtension->Queue.RemapEncryptedArea)
{
diskWriteOffset->QuadPart += BootDriveFilterExtension->Queue.RemappedAreaOffset;
dataUnit.Value += BootDriveFilterExtension->Queue.RemappedAreaDataUnitOffset;
}
EncryptDataUnitsCurrentThread (WriteFilterBuffer + (intersectStart - offset),
&dataUnit,
intersectLength / ENCRYPTION_DATA_UNIT_SIZE,
BootDriveFilterExtension->Queue.CryptoInfo);
}
origMdlFlags = writeMdl->MdlFlags;
MmInitializeMdl (writeMdl, WriteFilterBuffer, dataLength);
MmBuildMdlForNonPagedPool (writeMdl);
// Instead of using MmGetSystemAddressForMdlSafe(), some buggy custom storage drivers may directly test MDL_MAPPED_TO_SYSTEM_VA flag,
// disregarding the fact that other MDL flags may be set by the system or a dump filter (e.g. MDL_SOURCE_IS_NONPAGED_POOL flag only).
// Therefore, to work around this issue, the original flags will be restored even if they do not match the new MDL.
// MS BitLocker also uses this hack/workaround (it should be safe to use until the MDL structure is changed).
writeMdl->MdlFlags = origMdlFlags;
return STATUS_SUCCESS;
}
static NTSTATUS DumpFilterFinish (PFILTER_EXTENSION filterExtension)
{
Dump ("DumpFilterFinish type=%d\n", filterExtension->DumpType);
return STATUS_SUCCESS;
}
static NTSTATUS DumpFilterUnload (PFILTER_EXTENSION filterExtension)
{
Dump ("DumpFilterUnload type=%d\n", filterExtension->DumpType);
if (WriteFilterBuffer)
{
memset (WriteFilterBuffer, 0, WriteFilterBufferSize);
MmFreeContiguousMemory (WriteFilterBuffer);
WriteFilterBuffer = NULL;
}
return STATUS_SUCCESS;
}
/*
Derived from source code of TrueCrypt 7.1a, which is
Copyright (c) 2008-2012 TrueCrypt Developers Association and which is governed
by the TrueCrypt License 3.0.
Modifications and additions to the original source code (contained in this file)
and all other portions of this file are Copyright (c) 2013-2016 IDRIX
and are governed by the Apache License 2.0 the full text of which is
contained in the file License.txt included in VeraCrypt binary and source
code distribution packages.
*/
#include "DumpFilter.h"
#include "DriveFilter.h"
#include "Ntdriver.h"
#include "Tests.h"
static DriveFilterExtension *BootDriveFilterExtension = NULL;
static LARGE_INTEGER DumpPartitionOffset;
static byte *WriteFilterBuffer = NULL;
static SIZE_T WriteFilterBufferSize;
NTSTATUS DumpFilterEntry (PFILTER_EXTENSION filterExtension, PFILTER_INITIALIZATION_DATA filterInitData)
{
GetSystemDriveDumpConfigRequest dumpConfig;
PHYSICAL_ADDRESS highestAcceptableWriteBufferAddr;
STORAGE_DEVICE_NUMBER storageDeviceNumber;
PARTITION_INFORMATION partitionInfo;
LONG version;
NTSTATUS status;
Dump ("DumpFilterEntry type=%d\n", filterExtension->DumpType);
filterInitData->MajorVersion = DUMP_FILTER_MAJOR_VERSION;
filterInitData->MinorVersion = DUMP_FILTER_MINOR_VERSION;
filterInitData->Flags |= DUMP_FILTER_CRITICAL;
// Check driver version of the main device
status = TCDeviceIoControl (NT_ROOT_PREFIX, TC_IOCTL_GET_DRIVER_VERSION, NULL, 0, &version, sizeof (version));
if (!NT_SUCCESS (status))
goto err;
if (version != VERSION_NUM)
{
status = STATUS_INVALID_PARAMETER;
goto err;
}
// Get dump configuration from the main device
status = TCDeviceIoControl (NT_ROOT_PREFIX, TC_IOCTL_GET_SYSTEM_DRIVE_DUMP_CONFIG, NULL, 0, &dumpConfig, sizeof (dumpConfig));
if (!NT_SUCCESS (status))
goto err;
BootDriveFilterExtension = dumpConfig.BootDriveFilterExtension;
if (BootDriveFilterExtension->MagicNumber != TC_BOOT_DRIVE_FILTER_EXTENSION_MAGIC_NUMBER)
{
status = STATUS_CRC_ERROR;
goto err;
}
// KeSaveFloatingPointState() may generate a bug check during crash dump
#if !defined (_WIN64)
if (filterExtension->DumpType == DumpTypeCrashdump)
dumpConfig.HwEncryptionEnabled = FALSE;
#endif
EnableHwEncryption (dumpConfig.HwEncryptionEnabled);
if (!AutoTestAlgorithms())
{
status = STATUS_INVALID_PARAMETER;
goto err;
}
// Check dump volume is located on the system drive
status = SendDeviceIoControlRequest (filterExtension->DeviceObject, IOCTL_STORAGE_GET_DEVICE_NUMBER, NULL, 0, &storageDeviceNumber, sizeof (storageDeviceNumber));
if (!NT_SUCCESS (status))
goto err;
if (!BootDriveFilterExtension->SystemStorageDeviceNumberValid)
{
status = STATUS_INVALID_PARAMETER;
goto err;
}
if (storageDeviceNumber.DeviceNumber != BootDriveFilterExtension->SystemStorageDeviceNumber)
{
status = STATUS_ACCESS_DENIED;
goto err;
}
// Check dump volume is located within the scope of system encryption
status = SendDeviceIoControlRequest (filterExtension->DeviceObject, IOCTL_DISK_GET_PARTITION_INFO, NULL, 0, &partitionInfo, sizeof (partitionInfo));
if (!NT_SUCCESS (status))
goto err;
DumpPartitionOffset = partitionInfo.StartingOffset;
if (DumpPartitionOffset.QuadPart < BootDriveFilterExtension->ConfiguredEncryptedAreaStart
|| DumpPartitionOffset.QuadPart > BootDriveFilterExtension->ConfiguredEncryptedAreaEnd)
{
status = STATUS_ACCESS_DENIED;
goto err;
}
// Allocate buffer for encryption
if (filterInitData->MaxPagesPerWrite == 0)
{
status = STATUS_INVALID_PARAMETER;
goto err;
}
WriteFilterBufferSize = filterInitData->MaxPagesPerWrite * PAGE_SIZE;
#ifdef _WIN64
highestAcceptableWriteBufferAddr.QuadPart = 0x7FFffffFFFFLL;
#else
highestAcceptableWriteBufferAddr.QuadPart = 0xffffFFFFLL;
#endif
WriteFilterBuffer = MmAllocateContiguousMemory (WriteFilterBufferSize, highestAcceptableWriteBufferAddr);
if (!WriteFilterBuffer)
{
status = STATUS_INSUFFICIENT_RESOURCES;
goto err;
}
filterInitData->DumpStart = DumpFilterStart;
filterInitData->DumpWrite = DumpFilterWrite;
filterInitData->DumpFinish = DumpFilterFinish;
filterInitData->DumpUnload = DumpFilterUnload;
Dump ("Dump filter loaded type=%d\n", filterExtension->DumpType);
return STATUS_SUCCESS;
err:
Dump ("DumpFilterEntry error %x\n", status);
return status;
}
static NTSTATUS DumpFilterStart (PFILTER_EXTENSION filterExtension)
{
Dump ("DumpFilterStart type=%d\n", filterExtension->DumpType);
if (BootDriveFilterExtension->MagicNumber != TC_BOOT_DRIVE_FILTER_EXTENSION_MAGIC_NUMBER)
TC_BUG_CHECK (STATUS_CRC_ERROR);
return BootDriveFilterExtension->DriveMounted ? STATUS_SUCCESS : STATUS_UNSUCCESSFUL;
}
static NTSTATUS DumpFilterWrite (PFILTER_EXTENSION filterExtension, PLARGE_INTEGER diskWriteOffset, PMDL writeMdl)
{
ULONG dataLength = MmGetMdlByteCount (writeMdl);
uint64 offset = DumpPartitionOffset.QuadPart + diskWriteOffset->QuadPart;
uint64 intersectStart;
uint32 intersectLength;
PVOID writeBuffer;
CSHORT origMdlFlags;
if (BootDriveFilterExtension->MagicNumber != TC_BOOT_DRIVE_FILTER_EXTENSION_MAGIC_NUMBER)
TC_BUG_CHECK (STATUS_CRC_ERROR);
if (BootDriveFilterExtension->Queue.EncryptedAreaEndUpdatePending) // Hibernation should always abort the setup thread
TC_BUG_CHECK (STATUS_INVALID_PARAMETER);
if (BootDriveFilterExtension->Queue.EncryptedAreaStart == -1 || BootDriveFilterExtension->Queue.EncryptedAreaEnd == -1)
return STATUS_SUCCESS;
if (dataLength > WriteFilterBufferSize)
TC_BUG_CHECK (STATUS_BUFFER_OVERFLOW); // Bug check is required as returning an error does not prevent data from being written to disk
if ((dataLength & (ENCRYPTION_DATA_UNIT_SIZE - 1)) != 0)
TC_BUG_CHECK (STATUS_INVALID_PARAMETER);
if ((offset & (ENCRYPTION_DATA_UNIT_SIZE - 1)) != 0)
TC_BUG_CHECK (STATUS_INVALID_PARAMETER);
writeBuffer = MmGetSystemAddressForMdlSafe (writeMdl, HighPagePriority);
if (!writeBuffer)
TC_BUG_CHECK (STATUS_INSUFFICIENT_RESOURCES);
memcpy (WriteFilterBuffer, writeBuffer, dataLength);
GetIntersection (offset,
dataLength,
BootDriveFilterExtension->Queue.EncryptedAreaStart,
BootDriveFilterExtension->Queue.EncryptedAreaEnd,
&intersectStart,
&intersectLength);
if (intersectLength > 0)
{
UINT64_STRUCT dataUnit;
dataUnit.Value = intersectStart / ENCRYPTION_DATA_UNIT_SIZE;
if (BootDriveFilterExtension->Queue.RemapEncryptedArea)
{
diskWriteOffset->QuadPart += BootDriveFilterExtension->Queue.RemappedAreaOffset;
dataUnit.Value += BootDriveFilterExtension->Queue.RemappedAreaDataUnitOffset;
}
EncryptDataUnitsCurrentThread (WriteFilterBuffer + (intersectStart - offset),
&dataUnit,
intersectLength / ENCRYPTION_DATA_UNIT_SIZE,
BootDriveFilterExtension->Queue.CryptoInfo);
}
origMdlFlags = writeMdl->MdlFlags;
MmInitializeMdl (writeMdl, WriteFilterBuffer, dataLength);
MmBuildMdlForNonPagedPool (writeMdl);
// Instead of using MmGetSystemAddressForMdlSafe(), some buggy custom storage drivers may directly test MDL_MAPPED_TO_SYSTEM_VA flag,
// disregarding the fact that other MDL flags may be set by the system or a dump filter (e.g. MDL_SOURCE_IS_NONPAGED_POOL flag only).
// Therefore, to work around this issue, the original flags will be restored even if they do not match the new MDL.
// MS BitLocker also uses this hack/workaround (it should be safe to use until the MDL structure is changed).
writeMdl->MdlFlags = origMdlFlags;
return STATUS_SUCCESS;
}
static NTSTATUS DumpFilterFinish (PFILTER_EXTENSION filterExtension)
{
Dump ("DumpFilterFinish type=%d\n", filterExtension->DumpType);
return STATUS_SUCCESS;
}
static NTSTATUS DumpFilterUnload (PFILTER_EXTENSION filterExtension)
{
Dump ("DumpFilterUnload type=%d\n", filterExtension->DumpType);
if (WriteFilterBuffer)
{
memset (WriteFilterBuffer, 0, WriteFilterBufferSize);
MmFreeContiguousMemory (WriteFilterBuffer);
WriteFilterBuffer = NULL;
}
return STATUS_SUCCESS;
}

50
src/Driver/DumpFilter.h
View File

@@ -1,25 +1,25 @@
/*
Derived from source code of TrueCrypt 7.1a, which is
Copyright (c) 2008-2012 TrueCrypt Developers Association and which is governed
by the TrueCrypt License 3.0.
Modifications and additions to the original source code (contained in this file)
and all other portions of this file are Copyright (c) 2013-2016 IDRIX
and are governed by the Apache License 2.0 the full text of which is
contained in the file License.txt included in VeraCrypt binary and source
code distribution packages.
*/
#ifndef TC_HEADER_DRIVER_DUMP_FILTER
#define TC_HEADER_DRIVER_DUMP_FILTER
#include "Tcdefs.h"
#include <ntdddump.h>
NTSTATUS DumpFilterEntry (PFILTER_EXTENSION filterExtension, PFILTER_INITIALIZATION_DATA filterInitData);
static NTSTATUS DumpFilterStart (PFILTER_EXTENSION filterExtension);
static NTSTATUS DumpFilterWrite (PFILTER_EXTENSION filterExtension, PLARGE_INTEGER diskWriteOffset, PMDL writeMdl);
static NTSTATUS DumpFilterFinish (PFILTER_EXTENSION filterExtension);
static NTSTATUS DumpFilterUnload (PFILTER_EXTENSION filterExtension);
#endif // TC_HEADER_DRIVER_DUMP_FILTER
/*
Derived from source code of TrueCrypt 7.1a, which is
Copyright (c) 2008-2012 TrueCrypt Developers Association and which is governed
by the TrueCrypt License 3.0.
Modifications and additions to the original source code (contained in this file)
and all other portions of this file are Copyright (c) 2013-2016 IDRIX
and are governed by the Apache License 2.0 the full text of which is
contained in the file License.txt included in VeraCrypt binary and source
code distribution packages.
*/
#ifndef TC_HEADER_DRIVER_DUMP_FILTER
#define TC_HEADER_DRIVER_DUMP_FILTER
#include "Tcdefs.h"
#include <ntdddump.h>
NTSTATUS DumpFilterEntry (PFILTER_EXTENSION filterExtension, PFILTER_INITIALIZATION_DATA filterInitData);
static NTSTATUS DumpFilterStart (PFILTER_EXTENSION filterExtension);
static NTSTATUS DumpFilterWrite (PFILTER_EXTENSION filterExtension, PLARGE_INTEGER diskWriteOffset, PMDL writeMdl);
static NTSTATUS DumpFilterFinish (PFILTER_EXTENSION filterExtension);
static NTSTATUS DumpFilterUnload (PFILTER_EXTENSION filterExtension);
#endif // TC_HEADER_DRIVER_DUMP_FILTER

2098
src/Driver/EncryptedIoQueue.c
View File

File diff suppressed because it is too large Load Diff

330
src/Driver/EncryptedIoQueue.h
View File

@@ -1,165 +1,165 @@
/*
Derived from source code of TrueCrypt 7.1a, which is
Copyright (c) 2008-2012 TrueCrypt Developers Association and which is governed
by the TrueCrypt License 3.0.
Modifications and additions to the original source code (contained in this file)
and all other portions of this file are Copyright (c) 2013-2016 IDRIX
and are governed by the Apache License 2.0 the full text of which is
contained in the file License.txt included in VeraCrypt binary and source
code distribution packages.
*/
#ifndef TC_HEADER_DRIVER_ENCRYPTED_IO_QUEUE
#define TC_HEADER_DRIVER_ENCRYPTED_IO_QUEUE
#include "TCdefs.h"
#include "Apidrvr.h"
#if 0
# define TC_TRACE_IO_QUEUE
#endif
#define TC_ENC_IO_QUEUE_MAX_FRAGMENT_SIZE (256 * 1024)
#define TC_ENC_IO_QUEUE_PREALLOCATED_ITEM_COUNT 8
#define TC_ENC_IO_QUEUE_PREALLOCATED_IO_REQUEST_COUNT 16
typedef struct EncryptedIoQueueBufferStruct
{
struct EncryptedIoQueueBufferStruct *NextBuffer;
void *Address;
ULONG Size;
BOOL InUse;
} EncryptedIoQueueBuffer;
typedef struct
{
PDEVICE_OBJECT DeviceObject;
KMUTEX BufferPoolMutex;
EncryptedIoQueueBuffer *FirstPoolBuffer;
CRYPTO_INFO *CryptoInfo;
// File-handle-based IO
HANDLE HostFileHandle;
int64 VirtualDeviceLength;
SECURITY_CLIENT_CONTEXT *SecurityClientContext;
// Filter device
BOOL IsFilterDevice;
PDEVICE_OBJECT LowerDeviceObject;
int64 EncryptedAreaStart;
volatile int64 EncryptedAreaEnd;
volatile BOOL EncryptedAreaEndUpdatePending;
BOOL RemapEncryptedArea;
int64 RemappedAreaOffset;
int64 RemappedAreaDataUnitOffset;
IO_REMOVE_LOCK RemoveLock;
// Main tread
PKTHREAD MainThread;
LIST_ENTRY MainThreadQueue;
KSPIN_LOCK MainThreadQueueLock;
KEVENT MainThreadQueueNotEmptyEvent;
// IO thread
PKTHREAD IoThread;
LIST_ENTRY IoThreadQueue;
KSPIN_LOCK IoThreadQueueLock;
KEVENT IoThreadQueueNotEmptyEvent;
// Completion thread
PKTHREAD CompletionThread;
LIST_ENTRY CompletionThreadQueue;
KSPIN_LOCK CompletionThreadQueueLock;
KEVENT CompletionThreadQueueNotEmptyEvent;
// Fragment buffers
byte *FragmentBufferA;
byte *FragmentBufferB;
KEVENT FragmentBufferAFreeEvent;
KEVENT FragmentBufferBFreeEvent;
// Read-ahead buffer
BOOL ReadAheadBufferValid;
LARGE_INTEGER LastReadOffset;
ULONG LastReadLength;
LARGE_INTEGER ReadAheadOffset;
ULONG ReadAheadLength;
byte *ReadAheadBuffer;
LARGE_INTEGER MaxReadAheadOffset;
LONG OutstandingIoCount;
KEVENT NoOutstandingIoEvent;
LONG IoThreadPendingRequestCount;
KEVENT PoolBufferFreeEvent;
__int64 TotalBytesRead;
__int64 TotalBytesWritten;
volatile BOOL StartPending;
volatile BOOL ThreadExitRequested;
volatile BOOL Suspended;
volatile BOOL SuspendPending;
volatile BOOL StopPending;
KEVENT QueueResumedEvent;
#ifdef TC_TRACE_IO_QUEUE
LARGE_INTEGER LastPerformanceCounter;
#endif
} EncryptedIoQueue;
typedef struct
{
EncryptedIoQueue *Queue;
PIRP OriginalIrp;
BOOL Write;
ULONG OriginalLength;
LARGE_INTEGER OriginalOffset;
NTSTATUS Status;
#ifdef TC_TRACE_IO_QUEUE
LARGE_INTEGER OriginalIrpOffset;
#endif
} EncryptedIoQueueItem;
typedef struct
{
EncryptedIoQueueItem *Item;
BOOL CompleteOriginalIrp;
LARGE_INTEGER Offset;
ULONG Length;
int64 EncryptedOffset;
ULONG EncryptedLength;
byte *Data;
byte *OrigDataBufferFragment;
LIST_ENTRY ListEntry;
LIST_ENTRY CompletionListEntry;
} EncryptedIoRequest;
NTSTATUS EncryptedIoQueueAddIrp (EncryptedIoQueue *queue, PIRP irp);
BOOL EncryptedIoQueueIsRunning (EncryptedIoQueue *queue);
BOOL EncryptedIoQueueIsSuspended (EncryptedIoQueue *queue);
NTSTATUS EncryptedIoQueueResumeFromHold (EncryptedIoQueue *queue);
NTSTATUS EncryptedIoQueueStart (EncryptedIoQueue *queue);
NTSTATUS EncryptedIoQueueStop (EncryptedIoQueue *queue);
NTSTATUS EncryptedIoQueueHoldWhenIdle (EncryptedIoQueue *queue, int64 timeout);
#endif // TC_HEADER_DRIVER_ENCRYPTED_IO_QUEUE
/*
Derived from source code of TrueCrypt 7.1a, which is
Copyright (c) 2008-2012 TrueCrypt Developers Association and which is governed
by the TrueCrypt License 3.0.
Modifications and additions to the original source code (contained in this file)
and all other portions of this file are Copyright (c) 2013-2016 IDRIX
and are governed by the Apache License 2.0 the full text of which is
contained in the file License.txt included in VeraCrypt binary and source
code distribution packages.
*/
#ifndef TC_HEADER_DRIVER_ENCRYPTED_IO_QUEUE
#define TC_HEADER_DRIVER_ENCRYPTED_IO_QUEUE
#include "TCdefs.h"
#include "Apidrvr.h"
#if 0
# define TC_TRACE_IO_QUEUE
#endif
#define TC_ENC_IO_QUEUE_MAX_FRAGMENT_SIZE (256 * 1024)
#define TC_ENC_IO_QUEUE_PREALLOCATED_ITEM_COUNT 8
#define TC_ENC_IO_QUEUE_PREALLOCATED_IO_REQUEST_COUNT 16
typedef struct EncryptedIoQueueBufferStruct
{
struct EncryptedIoQueueBufferStruct *NextBuffer;
void *Address;
ULONG Size;
BOOL InUse;
} EncryptedIoQueueBuffer;
typedef struct
{
PDEVICE_OBJECT DeviceObject;
KMUTEX BufferPoolMutex;
EncryptedIoQueueBuffer *FirstPoolBuffer;
CRYPTO_INFO *CryptoInfo;
// File-handle-based IO
HANDLE HostFileHandle;
int64 VirtualDeviceLength;
SECURITY_CLIENT_CONTEXT *SecurityClientContext;
// Filter device
BOOL IsFilterDevice;
PDEVICE_OBJECT LowerDeviceObject;
int64 EncryptedAreaStart;
volatile int64 EncryptedAreaEnd;
volatile BOOL EncryptedAreaEndUpdatePending;
BOOL RemapEncryptedArea;
int64 RemappedAreaOffset;
int64 RemappedAreaDataUnitOffset;
IO_REMOVE_LOCK RemoveLock;
// Main tread
PKTHREAD MainThread;
LIST_ENTRY MainThreadQueue;
KSPIN_LOCK MainThreadQueueLock;
KEVENT MainThreadQueueNotEmptyEvent;
// IO thread
PKTHREAD IoThread;
LIST_ENTRY IoThreadQueue;
KSPIN_LOCK IoThreadQueueLock;
KEVENT IoThreadQueueNotEmptyEvent;
// Completion thread
PKTHREAD CompletionThread;
LIST_ENTRY CompletionThreadQueue;
KSPIN_LOCK CompletionThreadQueueLock;
KEVENT CompletionThreadQueueNotEmptyEvent;
// Fragment buffers
byte *FragmentBufferA;
byte *FragmentBufferB;
KEVENT FragmentBufferAFreeEvent;
KEVENT FragmentBufferBFreeEvent;
// Read-ahead buffer
BOOL ReadAheadBufferValid;
LARGE_INTEGER LastReadOffset;
ULONG LastReadLength;
LARGE_INTEGER ReadAheadOffset;
ULONG ReadAheadLength;
byte *ReadAheadBuffer;
LARGE_INTEGER MaxReadAheadOffset;
LONG OutstandingIoCount;
KEVENT NoOutstandingIoEvent;
LONG IoThreadPendingRequestCount;
KEVENT PoolBufferFreeEvent;
__int64 TotalBytesRead;
__int64 TotalBytesWritten;
volatile BOOL StartPending;
volatile BOOL ThreadExitRequested;
volatile BOOL Suspended;
volatile BOOL SuspendPending;
volatile BOOL StopPending;
KEVENT QueueResumedEvent;
#ifdef TC_TRACE_IO_QUEUE
LARGE_INTEGER LastPerformanceCounter;
#endif
} EncryptedIoQueue;
typedef struct
{
EncryptedIoQueue *Queue;
PIRP OriginalIrp;
BOOL Write;
ULONG OriginalLength;
LARGE_INTEGER OriginalOffset;
NTSTATUS Status;
#ifdef TC_TRACE_IO_QUEUE
LARGE_INTEGER OriginalIrpOffset;
#endif
} EncryptedIoQueueItem;
typedef struct
{
EncryptedIoQueueItem *Item;
BOOL CompleteOriginalIrp;
LARGE_INTEGER Offset;
ULONG Length;
int64 EncryptedOffset;
ULONG EncryptedLength;
byte *Data;
byte *OrigDataBufferFragment;
LIST_ENTRY ListEntry;
LIST_ENTRY CompletionListEntry;
} EncryptedIoRequest;
NTSTATUS EncryptedIoQueueAddIrp (EncryptedIoQueue *queue, PIRP irp);
BOOL EncryptedIoQueueIsRunning (EncryptedIoQueue *queue);
BOOL EncryptedIoQueueIsSuspended (EncryptedIoQueue *queue);
NTSTATUS EncryptedIoQueueResumeFromHold (EncryptedIoQueue *queue);
NTSTATUS EncryptedIoQueueStart (EncryptedIoQueue *queue);
NTSTATUS EncryptedIoQueueStop (EncryptedIoQueue *queue);
NTSTATUS EncryptedIoQueueHoldWhenIdle (EncryptedIoQueue *queue, int64 timeout);
#endif // TC_HEADER_DRIVER_ENCRYPTED_IO_QUEUE

2
src/Driver/Makefile
View File

@@ -1 +1 @@
!INCLUDE $(NTMAKEENV)\makefile.def
!INCLUDE $(NTMAKEENV)\makefile.def

7126
src/Driver/Ntdriver.c
View File

File diff suppressed because it is too large Load Diff

378
src/Driver/Ntdriver.h
View File

@@ -1,189 +1,189 @@
/*
Legal Notice: Some portions of the source code contained in this file were
derived from the source code of TrueCrypt 7.1a, which is
Copyright (c) 2003-2012 TrueCrypt Developers Association and which is
governed by the TrueCrypt License 3.0, also from the source code of
Encryption for the Masses 2.02a, which is Copyright (c) 1998-2000 Paul Le Roux
and which is governed by the 'License Agreement for Encryption for the Masses'
Modifications and additions to the original source code (contained in this file)
and all other portions of this file are Copyright (c) 2013-2016 IDRIX
and are governed by the Apache License 2.0 the full text of which is
contained in the file License.txt included in VeraCrypt binary and source
code distribution packages. */
#ifndef TC_HEADER_NTDRIVER
#define TC_HEADER_NTDRIVER
#include "Common.h"
#include "EncryptedIoQueue.h"
/* This structure is used to start new threads */
typedef struct _THREAD_BLOCK_
{
PDEVICE_OBJECT DeviceObject;
NTSTATUS ntCreateStatus;
WCHAR wszMountVolume[TC_MAX_PATH + 8];
MOUNT_STRUCT *mount;
} THREAD_BLOCK, *PTHREAD_BLOCK;
/* This structure is allocated for non-root devices! WARNING: bRootDevice
must be the first member of the structure! */
typedef struct EXTENSION
{
BOOL bRootDevice; /* Is this the root device ? which the user-mode apps talk to */
BOOL IsVolumeDevice;
BOOL IsDriveFilterDevice;
BOOL IsVolumeFilterDevice;
int UniqueVolumeId;
int nDosDriveNo; /* Drive number this extension is mounted against */
BOOL bShuttingDown; /* Is the driver shutting down ? */
BOOL bThreadShouldQuit; /* Instruct per device worker thread to quit */
PETHREAD peThread; /* Thread handle */
KEVENT keCreateEvent; /* Device creation event */
KSPIN_LOCK ListSpinLock; /* IRP spinlock */
LIST_ENTRY ListEntry; /* IRP listentry */
KSEMAPHORE RequestSemaphore; /* IRP list request Semaphore */
HANDLE hDeviceFile; /* Device handle for this device */
PFILE_OBJECT pfoDeviceFile; /* Device fileobject for this device */
PDEVICE_OBJECT pFsdDevice; /* lower level device handle */
CRYPTO_INFO *cryptoInfo; /* Cryptographic and other information for this device */
__int64 HostLength;
__int64 DiskLength; /* The length of the disk referred to by this device */
__int64 NumberOfCylinders; /* Partition info */
ULONG TracksPerCylinder; /* Partition info */
ULONG SectorsPerTrack; /* Partition info */
ULONG BytesPerSector; /* Partition info */
UCHAR PartitionType; /* Partition info */
uint32 HostBytesPerSector;
uint32 HostBytesPerPhysicalSector;
ULONG BytesOffsetForSectorAlignment;
KEVENT keVolumeEvent; /* Event structure used when setting up a device */
EncryptedIoQueue Queue;
BOOL bReadOnly; /* Is this device read-only ? */
BOOL bRemovable; /* Is this device removable media ? */
BOOL PartitionInInactiveSysEncScope;
BOOL bRawDevice; /* Is this a raw-partition or raw-floppy device ? */
BOOL bMountManager; /* Mount manager knows about volume */
BOOL SystemFavorite;
WCHAR wszVolume[TC_MAX_PATH]; /* DONT change this size without also changing MOUNT_LIST_STRUCT! */
WCHAR wszLabel[33];
BOOL bIsNTFS;
BOOL bDriverSetLabel;
unsigned char volumeID[VOLUME_ID_SIZE];
LARGE_INTEGER fileCreationTime;
LARGE_INTEGER fileLastAccessTime;
LARGE_INTEGER fileLastWriteTime;
LARGE_INTEGER fileLastChangeTime;
BOOL bTimeStampValid;
PSID UserSid;
BOOL SecurityClientContextValid;
SECURITY_CLIENT_CONTEXT SecurityClientContext;
} EXTENSION, *PEXTENSION;
typedef enum
{
ValidateInput,
ValidateOutput,
ValidateInputOutput
} ValidateIOBufferSizeType;
typedef enum
{
DeviceNamespaceDefault,
DeviceNamespaceGlobal,
} DeviceNamespaceType;
extern PDRIVER_OBJECT TCDriverObject;
extern PDEVICE_OBJECT RootDeviceObject;
extern BOOL DriverShuttingDown;
extern ULONG OsMajorVersion;
extern ULONG OsMinorVersion;
extern BOOL VolumeClassFilterRegistered;
extern BOOL CacheBootPassword;
extern BOOL CacheBootPim;
/* Helper macro returning x seconds in units of 100 nanoseconds */
#define WAIT_SECONDS(x) ((x)*10000000)
NTSTATUS DriverEntry (PDRIVER_OBJECT DriverObject, PUNICODE_STRING RegistryPath);
NTSTATUS DriverAddDevice (PDRIVER_OBJECT driverObject, PDEVICE_OBJECT pdo);
void DumpMemory (void *memory, int size);
BOOL IsAccessibleByUser (PUNICODE_STRING objectFileName, BOOL readOnly);
NTSTATUS ProcessMainDeviceControlIrp (PDEVICE_OBJECT DeviceObject, PEXTENSION Extension, PIRP Irp);
NTSTATUS ProcessVolumeDeviceControlIrp (PDEVICE_OBJECT DeviceObject, PEXTENSION Extension, PIRP Irp);
NTSTATUS SendDeviceIoControlRequest (PDEVICE_OBJECT deviceObject, ULONG ioControlCode, void *inputBuffer, int inputBufferSize, void *outputBuffer, int outputBufferSize);
NTSTATUS TCDispatchQueueIRP (PDEVICE_OBJECT DeviceObject, PIRP Irp);
NTSTATUS TCCreateRootDeviceObject (PDRIVER_OBJECT DriverObject);
NTSTATUS TCCreateDeviceObject (PDRIVER_OBJECT DriverObject, PDEVICE_OBJECT * ppDeviceObject, MOUNT_STRUCT * mount);
NTSTATUS TCReadDevice (PDEVICE_OBJECT deviceObject, PVOID buffer, LARGE_INTEGER offset, ULONG length);
NTSTATUS TCWriteDevice (PDEVICE_OBJECT deviceObject, PVOID buffer, LARGE_INTEGER offset, ULONG length);
NTSTATUS TCStartThread (PKSTART_ROUTINE threadProc, PVOID threadArg, PKTHREAD *kThread);
NTSTATUS TCStartThreadInProcess (PKSTART_ROUTINE threadProc, PVOID threadArg, PKTHREAD *kThread, PEPROCESS process);
NTSTATUS TCStartVolumeThread (PDEVICE_OBJECT DeviceObject, PEXTENSION Extension, MOUNT_STRUCT * mount);
void TCStopThread (PKTHREAD kThread, PKEVENT wakeUpEvent);
void TCStopVolumeThread (PDEVICE_OBJECT DeviceObject, PEXTENSION Extension);
VOID VolumeThreadProc (PVOID Context);
void TCSleep (int milliSeconds);
void TCGetNTNameFromNumber (LPWSTR ntname, int cbNtName, int nDriveNo);
void TCGetDosNameFromNumber (LPWSTR dosname, int cbDosName, int nDriveNo, DeviceNamespaceType namespaceType);
LPWSTR TCTranslateCode (ULONG ulCode);
void TCDeleteDeviceObject (PDEVICE_OBJECT DeviceObject, PEXTENSION Extension);
VOID TCUnloadDriver (PDRIVER_OBJECT DriverObject);
void OnShutdownPending ();
NTSTATUS TCDeviceIoControl (PWSTR deviceName, ULONG IoControlCode, void *InputBuffer, ULONG InputBufferSize, void *OutputBuffer, ULONG OutputBufferSize);
NTSTATUS TCOpenFsVolume (PEXTENSION Extension, PHANDLE volumeHandle, PFILE_OBJECT * fileObject);
void TCCloseFsVolume (HANDLE volumeHandle, PFILE_OBJECT fileObject);
NTSTATUS TCFsctlCall (PFILE_OBJECT fileObject, LONG IoControlCode, void *InputBuffer, int InputBufferSize, void *OutputBuffer, int OutputBufferSize);
NTSTATUS CreateDriveLink (int nDosDriveNo);
NTSTATUS RemoveDriveLink (int nDosDriveNo);
NTSTATUS MountManagerMount (MOUNT_STRUCT *mount);
NTSTATUS MountManagerUnmount (int nDosDriveNo);
NTSTATUS MountDevice (PDEVICE_OBJECT deviceObject, MOUNT_STRUCT *mount);
NTSTATUS UnmountDevice (UNMOUNT_STRUCT *unmountRequest, PDEVICE_OBJECT deviceObject, BOOL ignoreOpenFiles);
NTSTATUS UnmountAllDevices (UNMOUNT_STRUCT *unmountRequest, BOOL ignoreOpenFiles);
NTSTATUS SymbolicLinkToTarget (PWSTR symlinkName, PWSTR targetName, USHORT maxTargetNameLength);
BOOL RootDeviceControlMutexAcquireNoWait ();
void RootDeviceControlMutexRelease ();
BOOL RegionsOverlap (unsigned __int64 start1, unsigned __int64 end1, unsigned __int64 start2, unsigned __int64 end2);
void GetIntersection (uint64 start1, uint32 length1, uint64 start2, uint64 end2, uint64 *intersectStart, uint32 *intersectLength);
NTSTATUS TCCompleteIrp (PIRP irp, NTSTATUS status, ULONG_PTR information);
NTSTATUS TCCompleteDiskIrp (PIRP irp, NTSTATUS status, ULONG_PTR information);
NTSTATUS ProbeRealDriveSize (PDEVICE_OBJECT driveDeviceObject, LARGE_INTEGER *driveSize);
BOOL UserCanAccessDriveDevice ();
size_t GetCpuCount ();
void EnsureNullTerminatedString (wchar_t *str, size_t maxSizeInBytes);
void *AllocateMemoryWithTimeout (size_t size, int retryDelay, int timeout);
BOOL IsDriveLetterAvailable (int nDosDriveNo, DeviceNamespaceType namespaceType);
NTSTATUS TCReadRegistryKey (PUNICODE_STRING keyPath, wchar_t *keyValueName, PKEY_VALUE_PARTIAL_INFORMATION *keyData);
NTSTATUS TCWriteRegistryKey (PUNICODE_STRING keyPath, wchar_t *keyValueName, ULONG keyValueType, void *valueData, ULONG valueSize);
BOOL IsVolumeClassFilterRegistered ();
NTSTATUS ReadRegistryConfigFlags (BOOL driverEntry);
NTSTATUS WriteRegistryConfigFlags (uint32 flags);
BOOL ValidateIOBufferSize (PIRP irp, size_t requiredBufferSize, ValidateIOBufferSizeType type);
NTSTATUS GetDeviceSectorSize (PDEVICE_OBJECT deviceObject, ULONG *bytesPerSector);
NTSTATUS ZeroUnreadableSectors (PDEVICE_OBJECT deviceObject, LARGE_INTEGER startOffset, ULONG size, uint64 *zeroedSectorCount);
NTSTATUS ReadDeviceSkipUnreadableSectors (PDEVICE_OBJECT deviceObject, byte *buffer, LARGE_INTEGER startOffset, ULONG size, uint64 *badSectorCount);
BOOL IsVolumeAccessibleByCurrentUser (PEXTENSION volumeDeviceExtension);
void GetElapsedTimeInit (LARGE_INTEGER *lastPerfCounter);
int64 GetElapsedTime (LARGE_INTEGER *lastPerfCounter);
BOOL IsOSAtLeast (OSVersionEnum reqMinOS);
#define TC_BUG_CHECK(status) KeBugCheckEx (SECURITY_SYSTEM, __LINE__, (ULONG_PTR) status, 0, 'VC')
#endif // TC_HEADER_NTDRIVER
/*
Legal Notice: Some portions of the source code contained in this file were
derived from the source code of TrueCrypt 7.1a, which is
Copyright (c) 2003-2012 TrueCrypt Developers Association and which is
governed by the TrueCrypt License 3.0, also from the source code of
Encryption for the Masses 2.02a, which is Copyright (c) 1998-2000 Paul Le Roux
and which is governed by the 'License Agreement for Encryption for the Masses'
Modifications and additions to the original source code (contained in this file)
and all other portions of this file are Copyright (c) 2013-2016 IDRIX
and are governed by the Apache License 2.0 the full text of which is
contained in the file License.txt included in VeraCrypt binary and source
code distribution packages. */
#ifndef TC_HEADER_NTDRIVER
#define TC_HEADER_NTDRIVER
#include "Common.h"
#include "EncryptedIoQueue.h"
/* This structure is used to start new threads */
typedef struct _THREAD_BLOCK_
{
PDEVICE_OBJECT DeviceObject;
NTSTATUS ntCreateStatus;
WCHAR wszMountVolume[TC_MAX_PATH + 8];
MOUNT_STRUCT *mount;
} THREAD_BLOCK, *PTHREAD_BLOCK;
/* This structure is allocated for non-root devices! WARNING: bRootDevice
must be the first member of the structure! */
typedef struct EXTENSION
{
BOOL bRootDevice; /* Is this the root device ? which the user-mode apps talk to */
BOOL IsVolumeDevice;
BOOL IsDriveFilterDevice;
BOOL IsVolumeFilterDevice;
int UniqueVolumeId;
int nDosDriveNo; /* Drive number this extension is mounted against */
BOOL bShuttingDown; /* Is the driver shutting down ? */
BOOL bThreadShouldQuit; /* Instruct per device worker thread to quit */
PETHREAD peThread; /* Thread handle */
KEVENT keCreateEvent; /* Device creation event */
KSPIN_LOCK ListSpinLock; /* IRP spinlock */
LIST_ENTRY ListEntry; /* IRP listentry */
KSEMAPHORE RequestSemaphore; /* IRP list request Semaphore */
HANDLE hDeviceFile; /* Device handle for this device */
PFILE_OBJECT pfoDeviceFile; /* Device fileobject for this device */
PDEVICE_OBJECT pFsdDevice; /* lower level device handle */
CRYPTO_INFO *cryptoInfo; /* Cryptographic and other information for this device */
__int64 HostLength;
__int64 DiskLength; /* The length of the disk referred to by this device */
__int64 NumberOfCylinders; /* Partition info */
ULONG TracksPerCylinder; /* Partition info */
ULONG SectorsPerTrack; /* Partition info */
ULONG BytesPerSector; /* Partition info */
UCHAR PartitionType; /* Partition info */
uint32 HostBytesPerSector;
uint32 HostBytesPerPhysicalSector;
ULONG BytesOffsetForSectorAlignment;
KEVENT keVolumeEvent; /* Event structure used when setting up a device */
EncryptedIoQueue Queue;
BOOL bReadOnly; /* Is this device read-only ? */
BOOL bRemovable; /* Is this device removable media ? */
BOOL PartitionInInactiveSysEncScope;
BOOL bRawDevice; /* Is this a raw-partition or raw-floppy device ? */
BOOL bMountManager; /* Mount manager knows about volume */
BOOL SystemFavorite;
WCHAR wszVolume[TC_MAX_PATH]; /* DONT change this size without also changing MOUNT_LIST_STRUCT! */
WCHAR wszLabel[33];
BOOL bIsNTFS;
BOOL bDriverSetLabel;
unsigned char volumeID[VOLUME_ID_SIZE];
LARGE_INTEGER fileCreationTime;
LARGE_INTEGER fileLastAccessTime;
LARGE_INTEGER fileLastWriteTime;
LARGE_INTEGER fileLastChangeTime;
BOOL bTimeStampValid;
PSID UserSid;
BOOL SecurityClientContextValid;
SECURITY_CLIENT_CONTEXT SecurityClientContext;
} EXTENSION, *PEXTENSION;
typedef enum
{
ValidateInput,
ValidateOutput,
ValidateInputOutput
} ValidateIOBufferSizeType;
typedef enum
{
DeviceNamespaceDefault,
DeviceNamespaceGlobal,
} DeviceNamespaceType;
extern PDRIVER_OBJECT TCDriverObject;
extern PDEVICE_OBJECT RootDeviceObject;
extern BOOL DriverShuttingDown;
extern ULONG OsMajorVersion;
extern ULONG OsMinorVersion;
extern BOOL VolumeClassFilterRegistered;
extern BOOL CacheBootPassword;
extern BOOL CacheBootPim;
/* Helper macro returning x seconds in units of 100 nanoseconds */
#define WAIT_SECONDS(x) ((x)*10000000)
NTSTATUS DriverEntry (PDRIVER_OBJECT DriverObject, PUNICODE_STRING RegistryPath);
NTSTATUS DriverAddDevice (PDRIVER_OBJECT driverObject, PDEVICE_OBJECT pdo);
void DumpMemory (void *memory, int size);
BOOL IsAccessibleByUser (PUNICODE_STRING objectFileName, BOOL readOnly);
NTSTATUS ProcessMainDeviceControlIrp (PDEVICE_OBJECT DeviceObject, PEXTENSION Extension, PIRP Irp);
NTSTATUS ProcessVolumeDeviceControlIrp (PDEVICE_OBJECT DeviceObject, PEXTENSION Extension, PIRP Irp);
NTSTATUS SendDeviceIoControlRequest (PDEVICE_OBJECT deviceObject, ULONG ioControlCode, void *inputBuffer, int inputBufferSize, void *outputBuffer, int outputBufferSize);
NTSTATUS TCDispatchQueueIRP (PDEVICE_OBJECT DeviceObject, PIRP Irp);
NTSTATUS TCCreateRootDeviceObject (PDRIVER_OBJECT DriverObject);
NTSTATUS TCCreateDeviceObject (PDRIVER_OBJECT DriverObject, PDEVICE_OBJECT * ppDeviceObject, MOUNT_STRUCT * mount);
NTSTATUS TCReadDevice (PDEVICE_OBJECT deviceObject, PVOID buffer, LARGE_INTEGER offset, ULONG length);
NTSTATUS TCWriteDevice (PDEVICE_OBJECT deviceObject, PVOID buffer, LARGE_INTEGER offset, ULONG length);
NTSTATUS TCStartThread (PKSTART_ROUTINE threadProc, PVOID threadArg, PKTHREAD *kThread);
NTSTATUS TCStartThreadInProcess (PKSTART_ROUTINE threadProc, PVOID threadArg, PKTHREAD *kThread, PEPROCESS process);
NTSTATUS TCStartVolumeThread (PDEVICE_OBJECT DeviceObject, PEXTENSION Extension, MOUNT_STRUCT * mount);
void TCStopThread (PKTHREAD kThread, PKEVENT wakeUpEvent);
void TCStopVolumeThread (PDEVICE_OBJECT DeviceObject, PEXTENSION Extension);
VOID VolumeThreadProc (PVOID Context);
void TCSleep (int milliSeconds);
void TCGetNTNameFromNumber (LPWSTR ntname, int cbNtName, int nDriveNo);
void TCGetDosNameFromNumber (LPWSTR dosname, int cbDosName, int nDriveNo, DeviceNamespaceType namespaceType);
LPWSTR TCTranslateCode (ULONG ulCode);
void TCDeleteDeviceObject (PDEVICE_OBJECT DeviceObject, PEXTENSION Extension);
VOID TCUnloadDriver (PDRIVER_OBJECT DriverObject);
void OnShutdownPending ();
NTSTATUS TCDeviceIoControl (PWSTR deviceName, ULONG IoControlCode, void *InputBuffer, ULONG InputBufferSize, void *OutputBuffer, ULONG OutputBufferSize);
NTSTATUS TCOpenFsVolume (PEXTENSION Extension, PHANDLE volumeHandle, PFILE_OBJECT * fileObject);
void TCCloseFsVolume (HANDLE volumeHandle, PFILE_OBJECT fileObject);
NTSTATUS TCFsctlCall (PFILE_OBJECT fileObject, LONG IoControlCode, void *InputBuffer, int InputBufferSize, void *OutputBuffer, int OutputBufferSize);
NTSTATUS CreateDriveLink (int nDosDriveNo);
NTSTATUS RemoveDriveLink (int nDosDriveNo);
NTSTATUS MountManagerMount (MOUNT_STRUCT *mount);
NTSTATUS MountManagerUnmount (int nDosDriveNo);
NTSTATUS MountDevice (PDEVICE_OBJECT deviceObject, MOUNT_STRUCT *mount);
NTSTATUS UnmountDevice (UNMOUNT_STRUCT *unmountRequest, PDEVICE_OBJECT deviceObject, BOOL ignoreOpenFiles);
NTSTATUS UnmountAllDevices (UNMOUNT_STRUCT *unmountRequest, BOOL ignoreOpenFiles);
NTSTATUS SymbolicLinkToTarget (PWSTR symlinkName, PWSTR targetName, USHORT maxTargetNameLength);
BOOL RootDeviceControlMutexAcquireNoWait ();
void RootDeviceControlMutexRelease ();
BOOL RegionsOverlap (unsigned __int64 start1, unsigned __int64 end1, unsigned __int64 start2, unsigned __int64 end2);
void GetIntersection (uint64 start1, uint32 length1, uint64 start2, uint64 end2, uint64 *intersectStart, uint32 *intersectLength);
NTSTATUS TCCompleteIrp (PIRP irp, NTSTATUS status, ULONG_PTR information);
NTSTATUS TCCompleteDiskIrp (PIRP irp, NTSTATUS status, ULONG_PTR information);
NTSTATUS ProbeRealDriveSize (PDEVICE_OBJECT driveDeviceObject, LARGE_INTEGER *driveSize);
BOOL UserCanAccessDriveDevice ();
size_t GetCpuCount ();
void EnsureNullTerminatedString (wchar_t *str, size_t maxSizeInBytes);
void *AllocateMemoryWithTimeout (size_t size, int retryDelay, int timeout);
BOOL IsDriveLetterAvailable (int nDosDriveNo, DeviceNamespaceType namespaceType);
NTSTATUS TCReadRegistryKey (PUNICODE_STRING keyPath, wchar_t *keyValueName, PKEY_VALUE_PARTIAL_INFORMATION *keyData);
NTSTATUS TCWriteRegistryKey (PUNICODE_STRING keyPath, wchar_t *keyValueName, ULONG keyValueType, void *valueData, ULONG valueSize);
BOOL IsVolumeClassFilterRegistered ();
NTSTATUS ReadRegistryConfigFlags (BOOL driverEntry);
NTSTATUS WriteRegistryConfigFlags (uint32 flags);
BOOL ValidateIOBufferSize (PIRP irp, size_t requiredBufferSize, ValidateIOBufferSizeType type);
NTSTATUS GetDeviceSectorSize (PDEVICE_OBJECT deviceObject, ULONG *bytesPerSector);
NTSTATUS ZeroUnreadableSectors (PDEVICE_OBJECT deviceObject, LARGE_INTEGER startOffset, ULONG size, uint64 *zeroedSectorCount);
NTSTATUS ReadDeviceSkipUnreadableSectors (PDEVICE_OBJECT deviceObject, byte *buffer, LARGE_INTEGER startOffset, ULONG size, uint64 *badSectorCount);
BOOL IsVolumeAccessibleByCurrentUser (PEXTENSION volumeDeviceExtension);
void GetElapsedTimeInit (LARGE_INTEGER *lastPerfCounter);
int64 GetElapsedTime (LARGE_INTEGER *lastPerfCounter);
BOOL IsOSAtLeast (OSVersionEnum reqMinOS);
#define TC_BUG_CHECK(status) KeBugCheckEx (SECURITY_SYSTEM, __LINE__, (ULONG_PTR) status, 0, 'VC')
#endif // TC_HEADER_NTDRIVER

1800
src/Driver/Ntvol.c
View File

File diff suppressed because it is too large Load Diff

44
src/Driver/Ntvol.h
View File

@@ -1,22 +1,22 @@
/*
Legal Notice: Some portions of the source code contained in this file were
derived from the source code of TrueCrypt 7.1a, which is
Copyright (c) 2003-2012 TrueCrypt Developers Association and which is
governed by the TrueCrypt License 3.0, also from the source code of
Encryption for the Masses 2.02a, which is Copyright (c) 1998-2000 Paul Le Roux
and which is governed by the 'License Agreement for Encryption for the Masses'
Modifications and additions to the original source code (contained in this file)
and all other portions of this file are Copyright (c) 2013-2016 IDRIX
and are governed by the Apache License 2.0 the full text of which is
contained in the file License.txt included in VeraCrypt binary and source
code distribution packages. */
extern volatile BOOL ProbingHostDeviceForWrite;
NTSTATUS TCOpenVolume ( PDEVICE_OBJECT DeviceObject , PEXTENSION Extension , MOUNT_STRUCT *mount , PWSTR pwszMountVolume , BOOL bRawDevice );
void TCCloseVolume ( PDEVICE_OBJECT DeviceObject , PEXTENSION Extension );
NTSTATUS TCCompletion ( PDEVICE_OBJECT DeviceObject , PIRP Irp , PVOID pUserBuffer );
static NTSTATUS TCSendHostDeviceIoControlRequest ( PDEVICE_OBJECT DeviceObject , PEXTENSION Extension , ULONG IoControlCode , void *OutputBuffer , ULONG OutputBufferSize );
static NTSTATUS TCSendHostDeviceIoControlRequestEx ( PDEVICE_OBJECT DeviceObject , PEXTENSION Extension , ULONG IoControlCode , void *InputBuffer , ULONG InputBufferSize , void *OutputBuffer , ULONG OutputBufferSize );
NTSTATUS COMPLETE_IRP ( PDEVICE_OBJECT DeviceObject , PIRP Irp , NTSTATUS IrpStatus , ULONG_PTR IrpInformation );
static void RestoreTimeStamp ( PEXTENSION Extension );
/*
Legal Notice: Some portions of the source code contained in this file were
derived from the source code of TrueCrypt 7.1a, which is
Copyright (c) 2003-2012 TrueCrypt Developers Association and which is
governed by the TrueCrypt License 3.0, also from the source code of
Encryption for the Masses 2.02a, which is Copyright (c) 1998-2000 Paul Le Roux
and which is governed by the 'License Agreement for Encryption for the Masses'
Modifications and additions to the original source code (contained in this file)
and all other portions of this file are Copyright (c) 2013-2016 IDRIX
and are governed by the Apache License 2.0 the full text of which is
contained in the file License.txt included in VeraCrypt binary and source
code distribution packages. */
extern volatile BOOL ProbingHostDeviceForWrite;
NTSTATUS TCOpenVolume ( PDEVICE_OBJECT DeviceObject , PEXTENSION Extension , MOUNT_STRUCT *mount , PWSTR pwszMountVolume , BOOL bRawDevice );
void TCCloseVolume ( PDEVICE_OBJECT DeviceObject , PEXTENSION Extension );
NTSTATUS TCCompletion ( PDEVICE_OBJECT DeviceObject , PIRP Irp , PVOID pUserBuffer );
static NTSTATUS TCSendHostDeviceIoControlRequest ( PDEVICE_OBJECT DeviceObject , PEXTENSION Extension , ULONG IoControlCode , void *OutputBuffer , ULONG OutputBufferSize );
static NTSTATUS TCSendHostDeviceIoControlRequestEx ( PDEVICE_OBJECT DeviceObject , PEXTENSION Extension , ULONG IoControlCode , void *InputBuffer , ULONG InputBufferSize , void *OutputBuffer , ULONG OutputBufferSize );
NTSTATUS COMPLETE_IRP ( PDEVICE_OBJECT DeviceObject , PIRP Irp , NTSTATUS IrpStatus , ULONG_PTR IrpInformation );
static void RestoreTimeStamp ( PEXTENSION Extension );

32
src/Driver/Resource.h
View File

@@ -1,16 +1,16 @@
//{{NO_DEPENDENCIES}}
// Microsoft Visual C++ generated include file.
// Used by Driver.rc
//
// Next default values for new objects
//
#ifdef APSTUDIO_INVOKED
#ifndef APSTUDIO_READONLY_SYMBOLS
#define _APS_NO_MFC 1
#define _APS_NEXT_RESOURCE_VALUE 101
#define _APS_NEXT_COMMAND_VALUE 40001
#define _APS_NEXT_CONTROL_VALUE 1001
#define _APS_NEXT_SYMED_VALUE 101
#endif
#endif
//{{NO_DEPENDENCIES}}
// Microsoft Visual C++ generated include file.
// Used by Driver.rc
//
// Next default values for new objects
//
#ifdef APSTUDIO_INVOKED
#ifndef APSTUDIO_READONLY_SYMBOLS
#define _APS_NO_MFC 1
#define _APS_NEXT_RESOURCE_VALUE 101
#define _APS_NEXT_COMMAND_VALUE 40001
#define _APS_NEXT_CONTROL_VALUE 1001
#define _APS_NEXT_SYMED_VALUE 101
#endif
#endif

42
src/Driver/Sources
View File

@@ -1,21 +1,21 @@
TARGETNAME=veracrypt
TARGETTYPE=DRIVER
USER_C_FLAGS=$(USER_C_FLAGS) -D_UNICODE
LINKER_FLAGS=$(LINKER_FLAGS) -map
INCLUDES = ../Common;../Crypto
SOURCES = \
DriveFilter.c \
DumpFilter.c \
EncryptedIoQueue.c \
Ntdriver.c \
Ntvol.c \
VolumeFilter.c \
Driver.rc
TARGETLIBS = \
$(SDK_LIB_PATH)/uuid.lib \
../Common/obj$(BUILD_ALT_DIR)/*/Common.lib \
../Crypto/obj$(BUILD_ALT_DIR)/*/Crypto.lib
TARGETNAME=veracrypt
TARGETTYPE=DRIVER
USER_C_FLAGS=$(USER_C_FLAGS) -D_UNICODE
LINKER_FLAGS=$(LINKER_FLAGS) -map
INCLUDES = ../Common;../Crypto
SOURCES = \
DriveFilter.c \
DumpFilter.c \
EncryptedIoQueue.c \
Ntdriver.c \
Ntvol.c \
VolumeFilter.c \
Driver.rc
TARGETLIBS = \
$(SDK_LIB_PATH)/uuid.lib \
../Common/obj$(BUILD_ALT_DIR)/*/Common.lib \
../Crypto/obj$(BUILD_ALT_DIR)/*/Crypto.lib

598
src/Driver/VolumeFilter.c
View File

@@ -1,299 +1,299 @@
/*
Derived from source code of TrueCrypt 7.1a, which is
Copyright (c) 2008-2012 TrueCrypt Developers Association and which is governed
by the TrueCrypt License 3.0.
Modifications and additions to the original source code (contained in this file)
and all other portions of this file are Copyright (c) 2013-2016 IDRIX
and are governed by the Apache License 2.0 the full text of which is
contained in the file License.txt included in VeraCrypt binary and source
code distribution packages.
*/
#include "TCdefs.h"
#include "Ntdriver.h"
#include "Ntvol.h"
#include "DriveFilter.h"
#include "VolumeFilter.h"
typedef DriveFilterExtension VolumeFilterExtension;
// Number of times the filter driver answered that an unencrypted volume
// is read-only (or mounted an outer/normal TrueCrypt volume as read only)
uint32 HiddenSysLeakProtectionCount = 0;
NTSTATUS VolumeFilterAddDevice (PDRIVER_OBJECT driverObject, PDEVICE_OBJECT pdo)
{
VolumeFilterExtension *Extension;
NTSTATUS status;
PDEVICE_OBJECT filterDeviceObject = NULL;
PDEVICE_OBJECT attachedDeviceObject;
Dump ("VolumeFilterAddDevice pdo=%p\n", pdo);
attachedDeviceObject = IoGetAttachedDeviceReference (pdo);
status = IoCreateDevice (driverObject, sizeof (VolumeFilterExtension), NULL, attachedDeviceObject->DeviceType, 0, FALSE, &filterDeviceObject);
ObDereferenceObject (attachedDeviceObject);
if (!NT_SUCCESS (status))
{
filterDeviceObject = NULL;
goto err;
}
Extension = (VolumeFilterExtension *) filterDeviceObject->DeviceExtension;
memset (Extension, 0, sizeof (VolumeFilterExtension));
status = IoAttachDeviceToDeviceStackSafe (filterDeviceObject, pdo, &(Extension->LowerDeviceObject));
if (status != STATUS_SUCCESS)
{
goto err;
}
if (!Extension->LowerDeviceObject)
{
status = STATUS_DEVICE_REMOVED;
goto err;
}
Extension->IsVolumeFilterDevice = TRUE;
Extension->DeviceObject = filterDeviceObject;
Extension->Pdo = pdo;
IoInitializeRemoveLock (&Extension->Queue.RemoveLock, 'LRCV', 0, 0);
filterDeviceObject->Flags |= Extension->LowerDeviceObject->Flags & (DO_DIRECT_IO | DO_BUFFERED_IO | DO_POWER_PAGABLE);
filterDeviceObject->Flags &= ~DO_DEVICE_INITIALIZING;
return status;
err:
if (filterDeviceObject)
{
if (Extension->LowerDeviceObject)
IoDetachDevice (Extension->LowerDeviceObject);
IoDeleteDevice (filterDeviceObject);
}
return status;
}
static NTSTATUS PassIrp (PDEVICE_OBJECT deviceObject, PIRP irp)
{
IoSkipCurrentIrpStackLocation (irp);
return IoCallDriver (deviceObject, irp);
}
static NTSTATUS PassFilteredIrp (PDEVICE_OBJECT deviceObject, PIRP irp, PIO_COMPLETION_ROUTINE completionRoutine, PVOID completionRoutineArg)
{
IoCopyCurrentIrpStackLocationToNext (irp);
if (completionRoutine)
IoSetCompletionRoutine (irp, completionRoutine, completionRoutineArg, TRUE, TRUE, TRUE);
return IoCallDriver (deviceObject, irp);
}
static NTSTATUS OnDeviceUsageNotificationCompleted (PDEVICE_OBJECT filterDeviceObject, PIRP Irp, VolumeFilterExtension *Extension)
{
if (Irp->PendingReturned)
IoMarkIrpPending (Irp);
if (!(Extension->LowerDeviceObject->Flags & DO_POWER_PAGABLE))
filterDeviceObject->Flags &= ~DO_POWER_PAGABLE;
IoReleaseRemoveLock (&Extension->Queue.RemoveLock, Irp);
return STATUS_CONTINUE_COMPLETION;
}
static NTSTATUS OnStartDeviceCompleted (PDEVICE_OBJECT filterDeviceObject, PIRP Irp, VolumeFilterExtension *Extension)
{
if (Irp->PendingReturned)
IoMarkIrpPending (Irp);
if (Extension->LowerDeviceObject->Characteristics & FILE_REMOVABLE_MEDIA)
filterDeviceObject->Characteristics |= FILE_REMOVABLE_MEDIA;
IoReleaseRemoveLock (&Extension->Queue.RemoveLock, Irp);
return STATUS_CONTINUE_COMPLETION;
}
static NTSTATUS DispatchControl (PDEVICE_OBJECT DeviceObject, PIRP Irp, VolumeFilterExtension *Extension, PIO_STACK_LOCATION irpSp)
{
NTSTATUS status = IoAcquireRemoveLock (&Extension->Queue.RemoveLock, Irp);
if (!NT_SUCCESS (status))
return TCCompleteIrp (Irp, status, 0);
if (IsHiddenSystemRunning())
{
switch (irpSp->Parameters.DeviceIoControl.IoControlCode)
{
case IOCTL_DISK_IS_WRITABLE:
{
// All volumes except the system volume must be read-only
DriveFilterExtension *bootDriveExtension = GetBootDriveFilterExtension();
STORAGE_DEVICE_NUMBER storageDeviceNumber;
if (!bootDriveExtension->SystemStorageDeviceNumberValid)
TC_BUG_CHECK (STATUS_INVALID_PARAMETER);
status = SendDeviceIoControlRequest (Extension->LowerDeviceObject, IOCTL_STORAGE_GET_DEVICE_NUMBER, NULL, 0, &storageDeviceNumber, sizeof (storageDeviceNumber));
if (NT_SUCCESS (status) && bootDriveExtension->SystemStorageDeviceNumber == storageDeviceNumber.DeviceNumber)
{
PARTITION_INFORMATION_EX partition;
status = SendDeviceIoControlRequest (Extension->LowerDeviceObject, IOCTL_DISK_GET_PARTITION_INFO_EX, NULL, 0, &partition, sizeof (partition));
if (NT_SUCCESS (status) && partition.StartingOffset.QuadPart == bootDriveExtension->ConfiguredEncryptedAreaStart)
{
IoReleaseRemoveLock (&Extension->Queue.RemoveLock, Irp);
return TCCompleteDiskIrp (Irp, STATUS_SUCCESS, 0);
}
}
IoReleaseRemoveLock (&Extension->Queue.RemoveLock, Irp);
++HiddenSysLeakProtectionCount;
return TCCompleteDiskIrp (Irp, STATUS_MEDIA_WRITE_PROTECTED, 0);
}
case TC_IOCTL_DISK_IS_WRITABLE:
Dump ("TC_IOCTL_DISK_IS_WRITABLE pdo=%p\n", Extension->Pdo);
if (!ProbingHostDeviceForWrite)
break;
// Probe the real state of the device as the user is mounting a TrueCrypt volume.
// Volume filter may be attached to a merged drive+volume PDO. First test if TC_IOCTL_DISK_IS_WRITABLE works for the underlying device.
status = SendDeviceIoControlRequest (Extension->LowerDeviceObject, TC_IOCTL_DISK_IS_WRITABLE, NULL, 0, NULL, 0);
if (NT_SUCCESS (status) || status == STATUS_MEDIA_WRITE_PROTECTED)
{
IoReleaseRemoveLock (&Extension->Queue.RemoveLock, Irp);
return TCCompleteDiskIrp (Irp, status, 0);
}
status = SendDeviceIoControlRequest (Extension->LowerDeviceObject, IOCTL_DISK_IS_WRITABLE, NULL, 0, NULL, 0);
IoReleaseRemoveLock (&Extension->Queue.RemoveLock, Irp);
return TCCompleteDiskIrp (Irp, status, 0);
case IOCTL_STORAGE_MANAGE_DATA_SET_ATTRIBUTES:
// Filter IOCTL_STORAGE_MANAGE_DATA_SET_ATTRIBUTES to enable potential future use of hidden systems on drives that use the trim operation but not wear-leveling (if any appear in future). The documentation forbids users to create hidden volumes/systems on drives that use wear-leveling and consequently also on drives that use trim (as trim is used only by drives that use wear-leveling, as of 2010).
IoReleaseRemoveLock (&Extension->Queue.RemoveLock, Irp);
return TCCompleteDiskIrp (Irp, STATUS_SUCCESS, 0);
}
}
status = PassIrp (Extension->LowerDeviceObject, Irp);
IoReleaseRemoveLock (&Extension->Queue.RemoveLock, Irp);
return status;
}
static NTSTATUS DispatchPnp (PDEVICE_OBJECT DeviceObject, PIRP Irp, VolumeFilterExtension *Extension, PIO_STACK_LOCATION irpSp)
{
NTSTATUS status;
status = IoAcquireRemoveLock (&Extension->Queue.RemoveLock, Irp);
if (!NT_SUCCESS (status))
return TCCompleteIrp (Irp, status, 0);
switch (irpSp->MinorFunction)
{
case IRP_MN_START_DEVICE:
Dump ("IRP_MN_START_DEVICE volume pdo=%p\n", Extension->Pdo);
return PassFilteredIrp (Extension->LowerDeviceObject, Irp, OnStartDeviceCompleted, Extension);
case IRP_MN_DEVICE_USAGE_NOTIFICATION:
{
PDEVICE_OBJECT attachedDevice = IoGetAttachedDeviceReference (DeviceObject);
if (attachedDevice == DeviceObject || (attachedDevice->Flags & DO_POWER_PAGABLE))
DeviceObject->Flags |= DO_POWER_PAGABLE;
ObDereferenceObject (attachedDevice);
}
return PassFilteredIrp (Extension->LowerDeviceObject, Irp, OnDeviceUsageNotificationCompleted, Extension);
case IRP_MN_REMOVE_DEVICE:
Dump ("IRP_MN_REMOVE_DEVICE volume pdo=%p\n", Extension->Pdo);
IoReleaseRemoveLockAndWait (&Extension->Queue.RemoveLock, Irp);
status = PassIrp (Extension->LowerDeviceObject, Irp);
IoDetachDevice (Extension->LowerDeviceObject);
IoDeleteDevice (DeviceObject);
return status;
default:
status = PassIrp (Extension->LowerDeviceObject, Irp);
IoReleaseRemoveLock (&Extension->Queue.RemoveLock, Irp);
}
return status;
}
static NTSTATUS DispatchPower (PDEVICE_OBJECT DeviceObject, PIRP Irp, VolumeFilterExtension *Extension, PIO_STACK_LOCATION irpSp)
{
NTSTATUS status;
PoStartNextPowerIrp (Irp);
status = IoAcquireRemoveLock (&Extension->Queue.RemoveLock, Irp);
if (!NT_SUCCESS (status))
return TCCompleteIrp (Irp, status, 0);
IoSkipCurrentIrpStackLocation (Irp);
status = PoCallDriver (Extension->LowerDeviceObject, Irp);
IoReleaseRemoveLock (&Extension->Queue.RemoveLock, Irp);
return status;
}
NTSTATUS VolumeFilterDispatchIrp (PDEVICE_OBJECT DeviceObject, PIRP Irp)
{
VolumeFilterExtension *Extension = (VolumeFilterExtension *) DeviceObject->DeviceExtension;
PIO_STACK_LOCATION irpSp = IoGetCurrentIrpStackLocation (Irp);
NTSTATUS status;
ASSERT (!Extension->bRootDevice && Extension->IsVolumeFilterDevice);
switch (irpSp->MajorFunction)
{
case IRP_MJ_DEVICE_CONTROL:
return DispatchControl (DeviceObject, Irp, Extension, irpSp);
case IRP_MJ_PNP:
return DispatchPnp (DeviceObject, Irp, Extension, irpSp);
case IRP_MJ_POWER:
return DispatchPower (DeviceObject, Irp, Extension, irpSp);
default:
status = IoAcquireRemoveLock (&Extension->Queue.RemoveLock, Irp);
if (!NT_SUCCESS (status))
return TCCompleteIrp (Irp, status, 0);
status = PassIrp (Extension->LowerDeviceObject, Irp);
IoReleaseRemoveLock (&Extension->Queue.RemoveLock, Irp);
return status;
}
}
/*
Derived from source code of TrueCrypt 7.1a, which is
Copyright (c) 2008-2012 TrueCrypt Developers Association and which is governed
by the TrueCrypt License 3.0.
Modifications and additions to the original source code (contained in this file)
and all other portions of this file are Copyright (c) 2013-2016 IDRIX
and are governed by the Apache License 2.0 the full text of which is
contained in the file License.txt included in VeraCrypt binary and source
code distribution packages.
*/
#include "TCdefs.h"
#include "Ntdriver.h"
#include "Ntvol.h"
#include "DriveFilter.h"
#include "VolumeFilter.h"
typedef DriveFilterExtension VolumeFilterExtension;
// Number of times the filter driver answered that an unencrypted volume
// is read-only (or mounted an outer/normal TrueCrypt volume as read only)
uint32 HiddenSysLeakProtectionCount = 0;
NTSTATUS VolumeFilterAddDevice (PDRIVER_OBJECT driverObject, PDEVICE_OBJECT pdo)
{
VolumeFilterExtension *Extension;
NTSTATUS status;
PDEVICE_OBJECT filterDeviceObject = NULL;
PDEVICE_OBJECT attachedDeviceObject;
Dump ("VolumeFilterAddDevice pdo=%p\n", pdo);
attachedDeviceObject = IoGetAttachedDeviceReference (pdo);
status = IoCreateDevice (driverObject, sizeof (VolumeFilterExtension), NULL, attachedDeviceObject->DeviceType, 0, FALSE, &filterDeviceObject);
ObDereferenceObject (attachedDeviceObject);
if (!NT_SUCCESS (status))
{
filterDeviceObject = NULL;
goto err;
}
Extension = (VolumeFilterExtension *) filterDeviceObject->DeviceExtension;
memset (Extension, 0, sizeof (VolumeFilterExtension));
status = IoAttachDeviceToDeviceStackSafe (filterDeviceObject, pdo, &(Extension->LowerDeviceObject));
if (status != STATUS_SUCCESS)
{
goto err;
}
if (!Extension->LowerDeviceObject)
{
status = STATUS_DEVICE_REMOVED;
goto err;
}
Extension->IsVolumeFilterDevice = TRUE;
Extension->DeviceObject = filterDeviceObject;
Extension->Pdo = pdo;
IoInitializeRemoveLock (&Extension->Queue.RemoveLock, 'LRCV', 0, 0);
filterDeviceObject->Flags |= Extension->LowerDeviceObject->Flags & (DO_DIRECT_IO | DO_BUFFERED_IO | DO_POWER_PAGABLE);
filterDeviceObject->Flags &= ~DO_DEVICE_INITIALIZING;
return status;
err:
if (filterDeviceObject)
{
if (Extension->LowerDeviceObject)
IoDetachDevice (Extension->LowerDeviceObject);
IoDeleteDevice (filterDeviceObject);
}
return status;
}
static NTSTATUS PassIrp (PDEVICE_OBJECT deviceObject, PIRP irp)
{
IoSkipCurrentIrpStackLocation (irp);
return IoCallDriver (deviceObject, irp);
}
static NTSTATUS PassFilteredIrp (PDEVICE_OBJECT deviceObject, PIRP irp, PIO_COMPLETION_ROUTINE completionRoutine, PVOID completionRoutineArg)
{
IoCopyCurrentIrpStackLocationToNext (irp);
if (completionRoutine)
IoSetCompletionRoutine (irp, completionRoutine, completionRoutineArg, TRUE, TRUE, TRUE);
return IoCallDriver (deviceObject, irp);
}
static NTSTATUS OnDeviceUsageNotificationCompleted (PDEVICE_OBJECT filterDeviceObject, PIRP Irp, VolumeFilterExtension *Extension)
{
if (Irp->PendingReturned)
IoMarkIrpPending (Irp);
if (!(Extension->LowerDeviceObject->Flags & DO_POWER_PAGABLE))
filterDeviceObject->Flags &= ~DO_POWER_PAGABLE;
IoReleaseRemoveLock (&Extension->Queue.RemoveLock, Irp);
return STATUS_CONTINUE_COMPLETION;
}
static NTSTATUS OnStartDeviceCompleted (PDEVICE_OBJECT filterDeviceObject, PIRP Irp, VolumeFilterExtension *Extension)
{
if (Irp->PendingReturned)
IoMarkIrpPending (Irp);
if (Extension->LowerDeviceObject->Characteristics & FILE_REMOVABLE_MEDIA)
filterDeviceObject->Characteristics |= FILE_REMOVABLE_MEDIA;
IoReleaseRemoveLock (&Extension->Queue.RemoveLock, Irp);
return STATUS_CONTINUE_COMPLETION;
}
static NTSTATUS DispatchControl (PDEVICE_OBJECT DeviceObject, PIRP Irp, VolumeFilterExtension *Extension, PIO_STACK_LOCATION irpSp)
{
NTSTATUS status = IoAcquireRemoveLock (&Extension->Queue.RemoveLock, Irp);
if (!NT_SUCCESS (status))
return TCCompleteIrp (Irp, status, 0);
if (IsHiddenSystemRunning())
{
switch (irpSp->Parameters.DeviceIoControl.IoControlCode)
{
case IOCTL_DISK_IS_WRITABLE:
{
// All volumes except the system volume must be read-only
DriveFilterExtension *bootDriveExtension = GetBootDriveFilterExtension();
STORAGE_DEVICE_NUMBER storageDeviceNumber;
if (!bootDriveExtension->SystemStorageDeviceNumberValid)
TC_BUG_CHECK (STATUS_INVALID_PARAMETER);
status = SendDeviceIoControlRequest (Extension->LowerDeviceObject, IOCTL_STORAGE_GET_DEVICE_NUMBER, NULL, 0, &storageDeviceNumber, sizeof (storageDeviceNumber));
if (NT_SUCCESS (status) && bootDriveExtension->SystemStorageDeviceNumber == storageDeviceNumber.DeviceNumber)
{
PARTITION_INFORMATION_EX partition;
status = SendDeviceIoControlRequest (Extension->LowerDeviceObject, IOCTL_DISK_GET_PARTITION_INFO_EX, NULL, 0, &partition, sizeof (partition));
if (NT_SUCCESS (status) && partition.StartingOffset.QuadPart == bootDriveExtension->ConfiguredEncryptedAreaStart)
{
IoReleaseRemoveLock (&Extension->Queue.RemoveLock, Irp);
return TCCompleteDiskIrp (Irp, STATUS_SUCCESS, 0);
}
}
IoReleaseRemoveLock (&Extension->Queue.RemoveLock, Irp);
++HiddenSysLeakProtectionCount;
return TCCompleteDiskIrp (Irp, STATUS_MEDIA_WRITE_PROTECTED, 0);
}
case TC_IOCTL_DISK_IS_WRITABLE:
Dump ("TC_IOCTL_DISK_IS_WRITABLE pdo=%p\n", Extension->Pdo);
if (!ProbingHostDeviceForWrite)
break;
// Probe the real state of the device as the user is mounting a TrueCrypt volume.
// Volume filter may be attached to a merged drive+volume PDO. First test if TC_IOCTL_DISK_IS_WRITABLE works for the underlying device.
status = SendDeviceIoControlRequest (Extension->LowerDeviceObject, TC_IOCTL_DISK_IS_WRITABLE, NULL, 0, NULL, 0);
if (NT_SUCCESS (status) || status == STATUS_MEDIA_WRITE_PROTECTED)
{
IoReleaseRemoveLock (&Extension->Queue.RemoveLock, Irp);
return TCCompleteDiskIrp (Irp, status, 0);
}
status = SendDeviceIoControlRequest (Extension->LowerDeviceObject, IOCTL_DISK_IS_WRITABLE, NULL, 0, NULL, 0);
IoReleaseRemoveLock (&Extension->Queue.RemoveLock, Irp);
return TCCompleteDiskIrp (Irp, status, 0);
case IOCTL_STORAGE_MANAGE_DATA_SET_ATTRIBUTES:
// Filter IOCTL_STORAGE_MANAGE_DATA_SET_ATTRIBUTES to enable potential future use of hidden systems on drives that use the trim operation but not wear-leveling (if any appear in future). The documentation forbids users to create hidden volumes/systems on drives that use wear-leveling and consequently also on drives that use trim (as trim is used only by drives that use wear-leveling, as of 2010).
IoReleaseRemoveLock (&Extension->Queue.RemoveLock, Irp);
return TCCompleteDiskIrp (Irp, STATUS_SUCCESS, 0);
}
}
status = PassIrp (Extension->LowerDeviceObject, Irp);
IoReleaseRemoveLock (&Extension->Queue.RemoveLock, Irp);
return status;
}
static NTSTATUS DispatchPnp (PDEVICE_OBJECT DeviceObject, PIRP Irp, VolumeFilterExtension *Extension, PIO_STACK_LOCATION irpSp)
{
NTSTATUS status;
status = IoAcquireRemoveLock (&Extension->Queue.RemoveLock, Irp);
if (!NT_SUCCESS (status))
return TCCompleteIrp (Irp, status, 0);
switch (irpSp->MinorFunction)
{
case IRP_MN_START_DEVICE:
Dump ("IRP_MN_START_DEVICE volume pdo=%p\n", Extension->Pdo);
return PassFilteredIrp (Extension->LowerDeviceObject, Irp, OnStartDeviceCompleted, Extension);
case IRP_MN_DEVICE_USAGE_NOTIFICATION:
{
PDEVICE_OBJECT attachedDevice = IoGetAttachedDeviceReference (DeviceObject);
if (attachedDevice == DeviceObject || (attachedDevice->Flags & DO_POWER_PAGABLE))
DeviceObject->Flags |= DO_POWER_PAGABLE;
ObDereferenceObject (attachedDevice);
}
return PassFilteredIrp (Extension->LowerDeviceObject, Irp, OnDeviceUsageNotificationCompleted, Extension);
case IRP_MN_REMOVE_DEVICE:
Dump ("IRP_MN_REMOVE_DEVICE volume pdo=%p\n", Extension->Pdo);
IoReleaseRemoveLockAndWait (&Extension->Queue.RemoveLock, Irp);
status = PassIrp (Extension->LowerDeviceObject, Irp);
IoDetachDevice (Extension->LowerDeviceObject);
IoDeleteDevice (DeviceObject);
return status;
default:
status = PassIrp (Extension->LowerDeviceObject, Irp);
IoReleaseRemoveLock (&Extension->Queue.RemoveLock, Irp);
}
return status;
}
static NTSTATUS DispatchPower (PDEVICE_OBJECT DeviceObject, PIRP Irp, VolumeFilterExtension *Extension, PIO_STACK_LOCATION irpSp)
{
NTSTATUS status;
PoStartNextPowerIrp (Irp);
status = IoAcquireRemoveLock (&Extension->Queue.RemoveLock, Irp);
if (!NT_SUCCESS (status))
return TCCompleteIrp (Irp, status, 0);
IoSkipCurrentIrpStackLocation (Irp);
status = PoCallDriver (Extension->LowerDeviceObject, Irp);
IoReleaseRemoveLock (&Extension->Queue.RemoveLock, Irp);
return status;
}
NTSTATUS VolumeFilterDispatchIrp (PDEVICE_OBJECT DeviceObject, PIRP Irp)
{
VolumeFilterExtension *Extension = (VolumeFilterExtension *) DeviceObject->DeviceExtension;
PIO_STACK_LOCATION irpSp = IoGetCurrentIrpStackLocation (Irp);
NTSTATUS status;
ASSERT (!Extension->bRootDevice && Extension->IsVolumeFilterDevice);
switch (irpSp->MajorFunction)
{
case IRP_MJ_DEVICE_CONTROL:
return DispatchControl (DeviceObject, Irp, Extension, irpSp);
case IRP_MJ_PNP:
return DispatchPnp (DeviceObject, Irp, Extension, irpSp);
case IRP_MJ_POWER:
return DispatchPower (DeviceObject, Irp, Extension, irpSp);
default:
status = IoAcquireRemoveLock (&Extension->Queue.RemoveLock, Irp);
if (!NT_SUCCESS (status))
return TCCompleteIrp (Irp, status, 0);
status = PassIrp (Extension->LowerDeviceObject, Irp);
IoReleaseRemoveLock (&Extension->Queue.RemoveLock, Irp);
return status;
}
}

46
src/Driver/VolumeFilter.h
View File

@@ -1,23 +1,23 @@
/*
Derived from source code of TrueCrypt 7.1a, which is
Copyright (c) 2008-2012 TrueCrypt Developers Association and which is governed
by the TrueCrypt License 3.0.
Modifications and additions to the original source code (contained in this file)
and all other portions of this file are Copyright (c) 2013-2016 IDRIX
and are governed by the Apache License 2.0 the full text of which is
contained in the file License.txt included in VeraCrypt binary and source
code distribution packages.
*/
#ifndef TC_HEADER_DRIVER_VOLUME_FILTER
#define TC_HEADER_DRIVER_VOLUME_FILTER
#include "TCdefs.h"
extern uint32 HiddenSysLeakProtectionCount;
NTSTATUS VolumeFilterAddDevice (PDRIVER_OBJECT driverObject, PDEVICE_OBJECT pdo);
NTSTATUS VolumeFilterDispatchIrp (PDEVICE_OBJECT DeviceObject, PIRP Irp);
#endif // TC_HEADER_DRIVER_VOLUME_FILTER
/*
Derived from source code of TrueCrypt 7.1a, which is
Copyright (c) 2008-2012 TrueCrypt Developers Association and which is governed
by the TrueCrypt License 3.0.
Modifications and additions to the original source code (contained in this file)
and all other portions of this file are Copyright (c) 2013-2016 IDRIX
and are governed by the Apache License 2.0 the full text of which is
contained in the file License.txt included in VeraCrypt binary and source
code distribution packages.
*/
#ifndef TC_HEADER_DRIVER_VOLUME_FILTER
#define TC_HEADER_DRIVER_VOLUME_FILTER
#include "TCdefs.h"
extern uint32 HiddenSysLeakProtectionCount;
NTSTATUS VolumeFilterAddDevice (PDRIVER_OBJECT driverObject, PDEVICE_OBJECT pdo);
NTSTATUS VolumeFilterDispatchIrp (PDEVICE_OBJECT DeviceObject, PIRP Irp);
#endif // TC_HEADER_DRIVER_VOLUME_FILTER