diff options
author | Mounir IDRASSI <mounir.idrassi@idrix.fr> | 2015-12-20 20:11:50 +0100 |
---|---|---|
committer | Mounir IDRASSI <mounir.idrassi@idrix.fr> | 2015-12-21 01:19:04 +0100 |
commit | 8f6c08330ac37b7729d8c1bf7276e8fede2d17fa (patch) | |
tree | d395993fe27894fcc2436e7a8e7a35ab4040da00 /src/Driver | |
parent | 7832d712fda877001ea5ae825d1a07d424cb72b7 (diff) | |
download | VeraCrypt-8f6c08330ac37b7729d8c1bf7276e8fede2d17fa.tar.gz VeraCrypt-8f6c08330ac37b7729d8c1bf7276e8fede2d17fa.zip |
Windows: Implement PIM caching, both for system encryption and for normal volumes. Add options to activate it in the Preferences and System Settings.
Diffstat (limited to 'src/Driver')
-rw-r--r-- | src/Driver/DriveFilter.c | 5 | ||||
-rw-r--r-- | src/Driver/Ntdriver.c | 6 | ||||
-rw-r--r-- | src/Driver/Ntdriver.h | 1 | ||||
-rw-r--r-- | src/Driver/Ntvol.c | 2 |
4 files changed, 12 insertions, 2 deletions
diff --git a/src/Driver/DriveFilter.c b/src/Driver/DriveFilter.c index d5daf89f..7268afa0 100644 --- a/src/Driver/DriveFilter.c +++ b/src/Driver/DriveFilter.c @@ -125,7 +125,10 @@ NTSTATUS LoadBootArguments () Dump ("BootArgumentsCrc32 = %x\n", BootArgs.BootArgumentsCrc32);
if (CacheBootPassword && BootArgs.BootPassword.Length > 0)
- AddPasswordToCache (&BootArgs.BootPassword);
+ {
+ int pim = CacheBootPim? (int) (BootArgs.Flags >> 16) : 0;
+ AddPasswordToCache (&BootArgs.BootPassword, pim);
+ }
// clear fingerprint
burn (BootLoaderFingerprint, sizeof (BootLoaderFingerprint));
diff --git a/src/Driver/Ntdriver.c b/src/Driver/Ntdriver.c index a069bd10..993b8102 100644 --- a/src/Driver/Ntdriver.c +++ b/src/Driver/Ntdriver.c @@ -54,6 +54,7 @@ BOOL DriverUnloadDisabled = FALSE; BOOL PortableMode = FALSE;
BOOL VolumeClassFilterRegistered = FALSE;
BOOL CacheBootPassword = FALSE;
+BOOL CacheBootPim = FALSE;
BOOL NonAdminSystemFavoritesAccessDisabled = FALSE;
static size_t EncryptionThreadPoolFreeCpuCountLimit = 0;
static BOOL SystemFavoriteVolumeDirty = FALSE;
@@ -1444,7 +1445,7 @@ NTSTATUS ProcessMainDeviceControlIrp (PDEVICE_OBJECT DeviceObject, PEXTENSION Ex if (mount->VolumePassword.Length > MAX_PASSWORD || mount->ProtectedHidVolPassword.Length > MAX_PASSWORD
|| mount->pkcs5_prf < 0 || mount->pkcs5_prf > LAST_PRF_ID
- || mount->VolumePim < 0 || mount->VolumePim == INT_MAX
+ || mount->VolumePim < -1 || mount->VolumePim == INT_MAX
|| mount->ProtectedHidVolPkcs5Prf < 0 || mount->ProtectedHidVolPkcs5Prf > LAST_PRF_ID
|| (mount->bTrueCryptMode != FALSE && mount->bTrueCryptMode != TRUE)
)
@@ -3293,6 +3294,9 @@ NTSTATUS ReadRegistryConfigFlags (BOOL driverEntry) if (flags & TC_DRIVER_CONFIG_DISABLE_NONADMIN_SYS_FAVORITES_ACCESS)
NonAdminSystemFavoritesAccessDisabled = TRUE;
+
+ if (flags & TC_DRIVER_CONFIG_CACHE_BOOT_PIM)
+ CacheBootPim = TRUE;
}
EnableHwEncryption ((flags & TC_DRIVER_CONFIG_DISABLE_HARDWARE_ENCRYPTION) ? FALSE : TRUE);
diff --git a/src/Driver/Ntdriver.h b/src/Driver/Ntdriver.h index 07ae5f83..28772faf 100644 --- a/src/Driver/Ntdriver.h +++ b/src/Driver/Ntdriver.h @@ -114,6 +114,7 @@ extern ULONG OsMajorVersion; extern ULONG OsMinorVersion;
extern BOOL VolumeClassFilterRegistered;
extern BOOL CacheBootPassword;
+extern BOOL CacheBootPim;
/* Helper macro returning x seconds in units of 100 nanoseconds */
#define WAIT_SECONDS(x) ((x)*10000000)
diff --git a/src/Driver/Ntvol.c b/src/Driver/Ntvol.c index 845961d4..2c2fd168 100644 --- a/src/Driver/Ntvol.c +++ b/src/Driver/Ntvol.c @@ -466,6 +466,7 @@ NTSTATUS TCOpenVolume (PDEVICE_OBJECT DeviceObject, mount->nReturnCode = ReadVolumeHeaderWCache (
FALSE,
mount->bCache,
+ mount->bCachePim,
readBuffer,
&mount->ProtectedHidVolPassword,
mount->ProtectedHidVolPkcs5Prf,
@@ -478,6 +479,7 @@ NTSTATUS TCOpenVolume (PDEVICE_OBJECT DeviceObject, mount->nReturnCode = ReadVolumeHeaderWCache (
mount->bPartitionInInactiveSysEncScope && volumeType == TC_VOLUME_TYPE_NORMAL,
mount->bCache,
+ mount->bCachePim,
readBuffer,
&mount->VolumePassword,
mount->pkcs5_prf,
|