diff options
author | Mounir IDRASSI <mounir.idrassi@idrix.fr> | 2017-06-18 16:08:27 +0200 |
---|---|---|
committer | Mounir IDRASSI <mounir.idrassi@idrix.fr> | 2017-06-21 01:39:54 +0200 |
commit | ee5c1784ea0ed1328f7607bf3ea619ef3bd96d03 (patch) | |
tree | 97df22b245b927ab66497ad455ce24305c2e798b /src/Common | |
parent | d71658efd292da22c55701d7155b1a318e400f56 (diff) | |
download | VeraCrypt-ee5c1784ea0ed1328f7607bf3ea619ef3bd96d03.tar.gz VeraCrypt-ee5c1784ea0ed1328f7607bf3ea619ef3bd96d03.zip |
Windows EFI Bootloader: Add new attributes "DcsBmlDriver" and "DcsBmlLockFlags" to EFI configuration DcsProp. Set their values to 0 to disable DcsBml functionality.
Diffstat (limited to 'src/Common')
-rw-r--r-- | src/Common/BootEncryption.cpp | 9 | ||||
-rw-r--r-- | src/Common/BootEncryption.h | 2 |
2 files changed, 10 insertions, 1 deletions
diff --git a/src/Common/BootEncryption.cpp b/src/Common/BootEncryption.cpp index 4e505eca..aaf30a06 100644 --- a/src/Common/BootEncryption.cpp +++ b/src/Common/BootEncryption.cpp @@ -1854,7 +1854,9 @@ namespace VeraCrypt pim (0), requestPim (1), authorizeVisible (0), - authorizeRetry (10) + authorizeRetry (10), + bmlLockFlags (0), + bmlDriverEnabled (0) { } @@ -1970,6 +1972,8 @@ namespace VeraCrypt requestPim = ReadConfigInteger (configContent, "PimRqt", 1); authorizeVisible = ReadConfigInteger (configContent, "AuthorizeVisible", 0); authorizeRetry = ReadConfigInteger (configContent, "AuthorizeRetry", 0); + bmlLockFlags = ReadConfigInteger (configContent, "DcsBmlLockFlags", 0); + bmlDriverEnabled = ReadConfigInteger (configContent, "DcsBmlDriver", 0); burn (buffer, sizeof (buffer)); } @@ -2003,6 +2007,8 @@ namespace VeraCrypt WriteConfigInteger (configFile, configContent, "PimRqt", requestPim); WriteConfigInteger (configFile, configContent, "AuthorizeVisible", authorizeVisible); WriteConfigInteger (configFile, configContent, "AuthorizeRetry", authorizeRetry); + WriteConfigInteger (configFile, configContent, "DcsBmlLockFlags", bmlLockFlags); + WriteConfigInteger (configFile, configContent, "DcsBmlDriver", bmlDriverEnabled); // Write unmodified values char* xml = configContent; @@ -3585,6 +3591,7 @@ namespace VeraCrypt EfiBootInst.MountBootPartition(0); EfiBootInst.DeleteStartExec(); + EfiBootInst.DeleteStartExec(0xDC5B, L"Driver"); // remove DcsBml boot driver it was installed if (Is64BitOs()) EfiBootInst.RenameFile(L"\\EFI\\Boot\\original_bootx64.vc_backup", L"\\EFI\\Boot\\bootx64.efi", TRUE); else diff --git a/src/Common/BootEncryption.h b/src/Common/BootEncryption.h index 06329717..38568d46 100644 --- a/src/Common/BootEncryption.h +++ b/src/Common/BootEncryption.h @@ -173,6 +173,8 @@ namespace VeraCrypt int requestPim; int authorizeVisible; int authorizeRetry; + int bmlLockFlags; + int bmlDriverEnabled; EfiBootConf(); |