diff options
author | Mounir IDRASSI <mounir.idrassi@idrix.fr> | 2017-06-10 18:43:15 +0200 |
---|---|---|
committer | Mounir IDRASSI <mounir.idrassi@idrix.fr> | 2017-06-10 18:44:49 +0200 |
commit | 458bb091bb8e6ffa73a1c7c9736e93b52a0a95d7 (patch) | |
tree | 89310156a81efcddc26062f69a3f5cd523929e41 /src/Driver | |
parent | c7cd89a24a3663cb375f9d6a901d34586d0d9192 (diff) | |
download | VeraCrypt-458bb091bb8e6ffa73a1c7c9736e93b52a0a95d7.tar.gz VeraCrypt-458bb091bb8e6ffa73a1c7c9736e93b52a0a95d7.zip |
Windows Driver Security: Use enhanced protection of NX pool under Windows 8 and later.
Diffstat (limited to 'src/Driver')
-rw-r--r-- | src/Driver/DumpFilter.c | 2 | ||||
-rw-r--r-- | src/Driver/EncryptedIoQueue.c | 4 | ||||
-rw-r--r-- | src/Driver/Ntdriver.c | 10 |
3 files changed, 13 insertions, 3 deletions
diff --git a/src/Driver/DumpFilter.c b/src/Driver/DumpFilter.c index ff570b1e..ca921d27 100644 --- a/src/Driver/DumpFilter.c +++ b/src/Driver/DumpFilter.c @@ -189,7 +189,7 @@ static NTSTATUS DumpFilterWrite (PFILTER_EXTENSION filterExtension, PLARGE_INTEG if ((offset & (ENCRYPTION_DATA_UNIT_SIZE - 1)) != 0) TC_BUG_CHECK (STATUS_INVALID_PARAMETER); - writeBuffer = MmGetSystemAddressForMdlSafe (writeMdl, HighPagePriority); + writeBuffer = MmGetSystemAddressForMdlSafe (writeMdl, (HighPagePriority | ExDefaultMdlProtection)); if (!writeBuffer) TC_BUG_CHECK (STATUS_INSUFFICIENT_RESOURCES); diff --git a/src/Driver/EncryptedIoQueue.c b/src/Driver/EncryptedIoQueue.c index 7f50ec30..400416b7 100644 --- a/src/Driver/EncryptedIoQueue.c +++ b/src/Driver/EncryptedIoQueue.c @@ -638,7 +638,7 @@ static VOID MainThreadProc (PVOID threadArg) { UINT64_STRUCT dataUnit; - dataBuffer = (PUCHAR) MmGetSystemAddressForMdlSafe (irp->MdlAddress, HighPagePriority); + dataBuffer = (PUCHAR) MmGetSystemAddressForMdlSafe (irp->MdlAddress, (HighPagePriority | ExDefaultMdlProtection)); if (!dataBuffer) { TCfree (buffer); @@ -758,7 +758,7 @@ static VOID MainThreadProc (PVOID threadArg) continue; } - dataBuffer = (PUCHAR) MmGetSystemAddressForMdlSafe (irp->MdlAddress, HighPagePriority); + dataBuffer = (PUCHAR) MmGetSystemAddressForMdlSafe (irp->MdlAddress, (HighPagePriority | ExDefaultMdlProtection)); if (dataBuffer == NULL) { diff --git a/src/Driver/Ntdriver.c b/src/Driver/Ntdriver.c index a84ada37..4172a193 100644 --- a/src/Driver/Ntdriver.c +++ b/src/Driver/Ntdriver.c @@ -92,6 +92,9 @@ static BOOL SystemFavoriteVolumeDirty = FALSE; static BOOL PagingFileCreationPrevented = FALSE; static BOOL EnableExtendedIoctlSupport = FALSE; +POOL_TYPE ExDefaultNonPagedPoolType = NonPagedPool; +ULONG ExDefaultMdlProtection = 0; + PDEVICE_OBJECT VirtualVolumeDeviceObjects[MAX_MOUNTED_VOLUME_DRIVE_NUMBER + 1]; @@ -109,6 +112,13 @@ NTSTATUS DriverEntry (PDRIVER_OBJECT DriverObject, PUNICODE_STRING RegistryPath) Dump ("OsMajorVersion=%d OsMinorVersion=%d\n", OsMajorVersion, OsMinorVersion); + // NX pool support is available starting from Windows 8 + if ((OsMajorVersion > 6) || (OsMajorVersion == 6 && OsMinorVersion >= 2)) + { + ExDefaultNonPagedPoolType = (POOL_TYPE) NonPagedPoolNx; + ExDefaultMdlProtection = MdlMappingNoExecute; + } + // Load dump filter if the main driver is already loaded if (NT_SUCCESS (TCDeviceIoControl (NT_ROOT_PREFIX, TC_IOCTL_GET_DRIVER_VERSION, NULL, 0, &version, sizeof (version)))) return DumpFilterEntry ((PFILTER_EXTENSION) DriverObject, (PFILTER_INITIALIZATION_DATA) RegistryPath); |