diff options
author | Mounir IDRASSI <mounir.idrassi@idrix.fr> | 2020-07-21 10:59:44 +0200 |
---|---|---|
committer | Mounir IDRASSI <mounir.idrassi@idrix.fr> | 2020-07-21 12:47:20 +0200 |
commit | f9782fb3f6393b967d2997feff85d59c01a7db80 (patch) | |
tree | be475906690b04857b551003c47b041e2b286553 | |
parent | 425e4e7d365795b820fa145403b2be372894c48b (diff) | |
download | VeraCrypt-f9782fb3f6393b967d2997feff85d59c01a7db80.tar.gz VeraCrypt-f9782fb3f6393b967d2997feff85d59c01a7db80.zip |
Windows: Implement detection of Hibernate and Fast Startup and disable them if RAM encryption is activated.
-rw-r--r-- | src/Common/Dlgcode.c | 73 | ||||
-rw-r--r-- | src/Common/Dlgcode.h | 1 | ||||
-rw-r--r-- | src/Common/Language.xml | 1 | ||||
-rw-r--r-- | src/Mount/Mount.c | 37 |
4 files changed, 112 insertions, 0 deletions
diff --git a/src/Common/Dlgcode.c b/src/Common/Dlgcode.c index 0203a931..7a4f473e 100644 --- a/src/Common/Dlgcode.c +++ b/src/Common/Dlgcode.c @@ -14896,3 +14896,76 @@ void PasswordEditDropTarget::GotDrop(CLIPFORMAT format) } } + +/* + * Query the status of Hibernate and Fast Startup + */ + +typedef BOOLEAN (WINAPI *GetPwrCapabilitiesFn)( + PSYSTEM_POWER_CAPABILITIES lpspc +); + +BOOL GetHibernateStatus (BOOL& bHibernateEnabled, BOOL& bHiberbootEnabled) +{ + wchar_t szPowrProfPath[MAX_PATH] = {0}; + HMODULE hPowrProf = NULL; + BOOL bResult = FALSE; + + bHibernateEnabled = bHiberbootEnabled = FALSE; + + if (GetSystemDirectory(szPowrProfPath, MAX_PATH)) + StringCchCatW (szPowrProfPath, MAX_PATH, L"\\PowrProf.dll"); + else + StringCchCopyW (szPowrProfPath, MAX_PATH, L"C:\\Windows\\System32\\PowrProf.dll"); + + hPowrProf = LoadLibrary (szPowrProfPath); + if (hPowrProf) + { + GetPwrCapabilitiesFn GetPwrCapabilitiesPtr = (GetPwrCapabilitiesFn) GetProcAddress (hPowrProf, "GetPwrCapabilities"); + if ( GetPwrCapabilitiesPtr) + { + SYSTEM_POWER_CAPABILITIES spc; + BOOLEAN bRet = GetPwrCapabilitiesPtr (&spc); + if (bRet) + { + DWORD dwHibernateEnabled = 0; + DWORD dwHiberbootEnabled = 0; + + if (spc.SystemS4) + { + dwHibernateEnabled = 1; + if(!ReadLocalMachineRegistryDword (L"SYSTEM\\CurrentControlSet\\Control\\Power", L"HibernateEnabled", &dwHibernateEnabled)) + { + // starting from Windows 10 1809 (Build 17763), HibernateEnabledDefault is used when HibernateEnabled is absent + if (IsOSVersionAtLeast (WIN_10, 0) && CurrentOSBuildNumber >= 17763) + ReadLocalMachineRegistryDword (L"SYSTEM\\CurrentControlSet\\Control\\Power", L"HibernateEnabledDefault", &dwHibernateEnabled); + } + } + + // check if Fast Startup / Hybrid Boot is enabled + if (IsOSVersionAtLeast (WIN_8, 0) && spc.spare2[0]) + { + dwHiberbootEnabled = 1; + ReadLocalMachineRegistryDword (L"SYSTEM\\CurrentControlSet\\Control\\Session Manager\\Power", L"HiberbootEnabled", &dwHiberbootEnabled); + } + + if (dwHibernateEnabled) + bHibernateEnabled = TRUE; + else + bHibernateEnabled = FALSE; + + if (dwHiberbootEnabled) + bHiberbootEnabled = TRUE; + else + bHiberbootEnabled = FALSE; + + bResult = TRUE; + } + } + + FreeLibrary (hPowrProf); + } + + return bResult; +} + diff --git a/src/Common/Dlgcode.h b/src/Common/Dlgcode.h index 52d94f10..2378aeb8 100644 --- a/src/Common/Dlgcode.h +++ b/src/Common/Dlgcode.h @@ -745,6 +745,7 @@ public: DWORD GotEnter(void); }; +BOOL GetHibernateStatus (BOOL& bHibernateEnabled, BOOL& bHiberbootEnabled); #endif // __cplusplus diff --git a/src/Common/Language.xml b/src/Common/Language.xml index 0545996c..cc12e8b7 100644 --- a/src/Common/Language.xml +++ b/src/Common/Language.xml @@ -1444,6 +1444,7 @@ <entry lang="en" key="IDC_FORCE_NEXT_BOOT_VERACRYPT">Force machine to boot on VeraCrypt in the next startup</entry> <entry lang="en" key="IDC_FORCE_VERACRYPT_BOOT_ENTRY">Force the presence of VeraCrypt entry in the EFI firmware boot menu</entry> <entry lang="en" key="IDC_FORCE_VERACRYPT_FIRST_BOOT_ENTRY">Force VeraCrypt entry to be the first in the EFI firmware boot menu</entry> + <entry lang="en" key="RAM_ENCRYPTION_DISABLE_HIBERNATE">WARNING: RAM encryption is not compatible with Windows Hibernate and Windows Fast Startup features. VeraCrypt needs to disable them before activating RAM encryption.\n\nContinue?</entry> </localization> <xs:schema attributeFormDefault="unqualified" elementFormDefault="qualified" xmlns:xs="http://www.w3.org/2001/XMLSchema"> <xs:element name="VeraCrypt"> diff --git a/src/Mount/Mount.c b/src/Mount/Mount.c index 7d4fa81b..ff66fab5 100644 --- a/src/Mount/Mount.c +++ b/src/Mount/Mount.c @@ -11462,7 +11462,26 @@ static BOOL CALLBACK PerformanceSettingsDlgProc (HWND hwndDlg, UINT msg, WPARAM { BOOL originalRamEncryptionEnabled = (driverConfig & VC_DRIVER_CONFIG_ENABLE_RAM_ENCRYPTION)? TRUE : FALSE; if (originalRamEncryptionEnabled != enableRamEncryption) + { + if (enableRamEncryption) + { + // Disable Hibernate and Fast Startup if they are enabled + BOOL bHibernateEnabled, bHiberbootEnabled; + if (GetHibernateStatus (bHibernateEnabled, bHiberbootEnabled)) + { + if (bHibernateEnabled) + { + BootEncObj->WriteLocalMachineRegistryDwordValue (L"SYSTEM\\CurrentControlSet\\Control\\Power", L"HibernateEnabled", 0); + } + + if (bHiberbootEnabled) + { + BootEncObj->WriteLocalMachineRegistryDwordValue (L"SYSTEM\\CurrentControlSet\\Control\\Session Manager\\Power", L"HiberbootEnabled", 0); + } + } + } rebootRequired = true; + } SetDriverConfigurationFlag (VC_DRIVER_CONFIG_ENABLE_RAM_ENCRYPTION, enableRamEncryption); } @@ -11538,7 +11557,25 @@ static BOOL CALLBACK PerformanceSettingsDlgProc (HWND hwndDlg, UINT msg, WPARAM BOOL enableRamEncryption = IsDlgButtonChecked (hwndDlg, IDC_ENABLE_RAM_ENCRYPTION); if (originalRamEncryptionEnabled != enableRamEncryption) + { + if (enableRamEncryption) + { + // check if Hibernate or Fast Startup are enabled + BOOL bHibernateEnabled, bHiberbootEnabled; + if (GetHibernateStatus (bHibernateEnabled, bHiberbootEnabled)) + { + if (bHibernateEnabled || bHiberbootEnabled) + { + if (AskWarnYesNo ("RAM_ENCRYPTION_DISABLE_HIBERNATE", hwndDlg) == IDNO) + { + CheckDlgButton (hwndDlg, IDC_ENABLE_RAM_ENCRYPTION, BST_UNCHECKED); + return 1; + } + } + } + } Warning ("SETTING_REQUIRES_REBOOT", hwndDlg); + } } return 1; |