diff options
author | Mounir IDRASSI <mounir.idrassi@idrix.fr> | 2017-06-10 18:43:15 +0200 |
---|---|---|
committer | Mounir IDRASSI <mounir.idrassi@idrix.fr> | 2017-06-10 18:44:49 +0200 |
commit | 458bb091bb8e6ffa73a1c7c9736e93b52a0a95d7 (patch) | |
tree | 89310156a81efcddc26062f69a3f5cd523929e41 | |
parent | c7cd89a24a3663cb375f9d6a901d34586d0d9192 (diff) | |
download | VeraCrypt-458bb091bb8e6ffa73a1c7c9736e93b52a0a95d7.tar.gz VeraCrypt-458bb091bb8e6ffa73a1c7c9736e93b52a0a95d7.zip |
Windows Driver Security: Use enhanced protection of NX pool under Windows 8 and later.
-rw-r--r-- | src/Common/Tcdefs.h | 10 | ||||
-rw-r--r-- | src/Driver/DumpFilter.c | 2 | ||||
-rw-r--r-- | src/Driver/EncryptedIoQueue.c | 4 | ||||
-rw-r--r-- | src/Driver/Ntdriver.c | 10 |
4 files changed, 22 insertions, 4 deletions
diff --git a/src/Common/Tcdefs.h b/src/Common/Tcdefs.h index 149603a2..7c8382c3 100644 --- a/src/Common/Tcdefs.h +++ b/src/Common/Tcdefs.h @@ -235,7 +235,15 @@ void ThrowFatalException(int line); #include <ntddk.h> /* Standard header file for nt drivers */ #include <ntdddisk.h> /* Standard I/O control codes */ -#define TCalloc(size) ((void *) ExAllocatePoolWithTag( NonPagedPool, size, 'MMCV' )) +/* defines needed for using enhanced protection of NX pool under Windows 8 and later */ +#define NonPagedPoolNx 512 +#define MdlMappingNoExecute 0x40000000 + +/* variables used in the implementation of enhanced protection of NX pool under Windows 8 and later */ +extern POOL_TYPE ExDefaultNonPagedPoolType; +extern ULONG ExDefaultMdlProtection; + +#define TCalloc(size) ((void *) ExAllocatePoolWithTag( ExDefaultNonPagedPoolType, size, 'MMCV' )) #define TCfree(memblock) ExFreePoolWithTag( memblock, 'MMCV' ) #define DEVICE_DRIVER diff --git a/src/Driver/DumpFilter.c b/src/Driver/DumpFilter.c index ff570b1e..ca921d27 100644 --- a/src/Driver/DumpFilter.c +++ b/src/Driver/DumpFilter.c @@ -189,7 +189,7 @@ static NTSTATUS DumpFilterWrite (PFILTER_EXTENSION filterExtension, PLARGE_INTEG if ((offset & (ENCRYPTION_DATA_UNIT_SIZE - 1)) != 0) TC_BUG_CHECK (STATUS_INVALID_PARAMETER); - writeBuffer = MmGetSystemAddressForMdlSafe (writeMdl, HighPagePriority); + writeBuffer = MmGetSystemAddressForMdlSafe (writeMdl, (HighPagePriority | ExDefaultMdlProtection)); if (!writeBuffer) TC_BUG_CHECK (STATUS_INSUFFICIENT_RESOURCES); diff --git a/src/Driver/EncryptedIoQueue.c b/src/Driver/EncryptedIoQueue.c index 7f50ec30..400416b7 100644 --- a/src/Driver/EncryptedIoQueue.c +++ b/src/Driver/EncryptedIoQueue.c @@ -638,7 +638,7 @@ static VOID MainThreadProc (PVOID threadArg) { UINT64_STRUCT dataUnit; - dataBuffer = (PUCHAR) MmGetSystemAddressForMdlSafe (irp->MdlAddress, HighPagePriority); + dataBuffer = (PUCHAR) MmGetSystemAddressForMdlSafe (irp->MdlAddress, (HighPagePriority | ExDefaultMdlProtection)); if (!dataBuffer) { TCfree (buffer); @@ -758,7 +758,7 @@ static VOID MainThreadProc (PVOID threadArg) continue; } - dataBuffer = (PUCHAR) MmGetSystemAddressForMdlSafe (irp->MdlAddress, HighPagePriority); + dataBuffer = (PUCHAR) MmGetSystemAddressForMdlSafe (irp->MdlAddress, (HighPagePriority | ExDefaultMdlProtection)); if (dataBuffer == NULL) { diff --git a/src/Driver/Ntdriver.c b/src/Driver/Ntdriver.c index a84ada37..4172a193 100644 --- a/src/Driver/Ntdriver.c +++ b/src/Driver/Ntdriver.c @@ -92,6 +92,9 @@ static BOOL SystemFavoriteVolumeDirty = FALSE; static BOOL PagingFileCreationPrevented = FALSE; static BOOL EnableExtendedIoctlSupport = FALSE; +POOL_TYPE ExDefaultNonPagedPoolType = NonPagedPool; +ULONG ExDefaultMdlProtection = 0; + PDEVICE_OBJECT VirtualVolumeDeviceObjects[MAX_MOUNTED_VOLUME_DRIVE_NUMBER + 1]; @@ -109,6 +112,13 @@ NTSTATUS DriverEntry (PDRIVER_OBJECT DriverObject, PUNICODE_STRING RegistryPath) Dump ("OsMajorVersion=%d OsMinorVersion=%d\n", OsMajorVersion, OsMinorVersion); + // NX pool support is available starting from Windows 8 + if ((OsMajorVersion > 6) || (OsMajorVersion == 6 && OsMinorVersion >= 2)) + { + ExDefaultNonPagedPoolType = (POOL_TYPE) NonPagedPoolNx; + ExDefaultMdlProtection = MdlMappingNoExecute; + } + // Load dump filter if the main driver is already loaded if (NT_SUCCESS (TCDeviceIoControl (NT_ROOT_PREFIX, TC_IOCTL_GET_DRIVER_VERSION, NULL, 0, &version, sizeof (version)))) return DumpFilterEntry ((PFILTER_EXTENSION) DriverObject, (PFILTER_INITIALIZATION_DATA) RegistryPath); |