VeraCrypt
aboutsummaryrefslogtreecommitdiff
path: root/src/Mount/Mount.c
diff options
context:
space:
mode:
authorMounir IDRASSI <mounir.idrassi@idrix.fr>2020-07-08 02:12:46 +0200
committerMounir IDRASSI <mounir.idrassi@idrix.fr>2020-07-08 02:16:06 +0200
commitafc11eca51440f78c17793782ef57306acd854b6 (patch)
tree86ec650bed71038eb22b139394cf8f6210a13c5c /src/Mount/Mount.c
parent023ac6b76fa99191bd8124525610dec297f02e72 (diff)
downloadVeraCrypt-afc11eca51440f78c17793782ef57306acd854b6.tar.gz
VeraCrypt-afc11eca51440f78c17793782ef57306acd854b6.zip
Windows: Add UI options to control the behavior of automatic bootloader fixing when System Encryption used.
Diffstat (limited to 'src/Mount/Mount.c')
-rw-r--r--src/Mount/Mount.c86
1 files changed, 84 insertions, 2 deletions
diff --git a/src/Mount/Mount.c b/src/Mount/Mount.c
index 30714560..7d4fa81b 100644
--- a/src/Mount/Mount.c
+++ b/src/Mount/Mount.c
@@ -9603,7 +9603,7 @@ static DWORD WINAPI SystemFavoritesServiceCtrlHandler ( DWORD dwControl,
case SERVICE_CONTROL_STOP:
SystemFavoritesServiceSetStatus (SERVICE_STOP_PENDING);
- if (!(BootEncObj->ReadServiceConfigurationFlags () & VC_SYSTEM_FAVORITES_SERVICE_CONFIG_DONT_UPDATE_LOADER))
+ if (!(BootEncObj->ReadServiceConfigurationFlags () & VC_SYSTEM_FAVORITES_SERVICE_CONFIG_DONT_UPDATE_LOADER))
{
try
{
@@ -11818,6 +11818,17 @@ static BOOL CALLBACK BootLoaderPreferencesDlgProc (HWND hwndDlg, UINT msg, WPARA
BOOL bPimCacheEnabled = (driverConfig & TC_DRIVER_CONFIG_CACHE_BOOT_PIM)? TRUE : FALSE;
BOOL bBlockSysEncTrimEnabled = (driverConfig & VC_DRIVER_CONFIG_BLOCK_SYS_TRIM)? TRUE : FALSE;
BOOL bClearKeysEnabled = (driverConfig & VC_DRIVER_CONFIG_CLEAR_KEYS_ON_NEW_DEVICE_INSERTION)? TRUE : FALSE;
+ BOOL bAutoFixBootloader = (driverConfig & VC_SYSTEM_FAVORITES_SERVICE_CONFIG_DONT_UPDATE_LOADER)? FALSE : TRUE;
+ BOOL bForceVeraCryptNextBoot = FALSE;
+ BOOL bForceSetVeraCryptBootEntry = TRUE;
+ BOOL bForceVeraCryptFirstEntry = TRUE;
+ if (bSystemIsGPT)
+ {
+ bForceVeraCryptNextBoot = (driverConfig & VC_SYSTEM_FAVORITES_SERVICE_CONFIG_FORCE_SET_BOOTNEXT)? TRUE : FALSE;
+ bForceSetVeraCryptBootEntry = (driverConfig & VC_SYSTEM_FAVORITES_SERVICE_CONFIG_DONT_SET_BOOTENTRY)? FALSE : TRUE;
+ bForceVeraCryptFirstEntry = (driverConfig & VC_SYSTEM_FAVORITES_SERVICE_CONFIG_DONT_FORCE_FIRST_BOOTENTRY)? FALSE : TRUE;
+ }
+
BOOL bIsHiddenOS = IsHiddenOSRunning ();
if (bClearKeysEnabled)
@@ -11882,6 +11893,24 @@ static BOOL CALLBACK BootLoaderPreferencesDlgProc (HWND hwndDlg, UINT msg, WPARA
}
else
CheckDlgButton (hwndDlg, IDC_BLOCK_SYSENC_TRIM, bBlockSysEncTrimEnabled ? BST_CHECKED : BST_UNCHECKED);
+
+ CheckDlgButton (hwndDlg, IDC_UPDATE_BOOTLOADER_ON_SHUTDOWN, bAutoFixBootloader? BST_CHECKED : BST_UNCHECKED);
+ if (bSystemIsGPT)
+ {
+ if (!bAutoFixBootloader || bIsHiddenOS)
+ {
+ // we disable other options if updating bootloader is not allowed or if hidden OS us running
+ EnableWindow (GetDlgItem (hwndDlg, IDC_FORCE_NEXT_BOOT_VERACRYPT), FALSE);
+ EnableWindow (GetDlgItem (hwndDlg, IDC_FORCE_VERACRYPT_BOOT_ENTRY), FALSE);
+ EnableWindow (GetDlgItem (hwndDlg, IDC_FORCE_VERACRYPT_FIRST_BOOT_ENTRY), FALSE);
+ }
+ else
+ {
+ CheckDlgButton (hwndDlg, IDC_FORCE_NEXT_BOOT_VERACRYPT, bForceVeraCryptNextBoot? BST_CHECKED : BST_UNCHECKED);
+ CheckDlgButton (hwndDlg, IDC_FORCE_VERACRYPT_BOOT_ENTRY, bForceSetVeraCryptBootEntry? BST_CHECKED : BST_UNCHECKED);
+ CheckDlgButton (hwndDlg, IDC_FORCE_VERACRYPT_FIRST_BOOT_ENTRY, bForceVeraCryptFirstEntry? BST_CHECKED : BST_UNCHECKED);
+ }
+ }
}
catch (Exception &e)
{
@@ -11992,6 +12021,17 @@ static BOOL CALLBACK BootLoaderPreferencesDlgProc (HWND hwndDlg, UINT msg, WPARA
BOOL bBlockSysEncTrimEnabled = IsDlgButtonChecked (hwndDlg, IDC_BLOCK_SYSENC_TRIM);
BOOL bClearKeysEnabled = IsDlgButtonChecked (hwndDlg, IDC_CLEAR_KEYS_ON_NEW_DEVICE_INSERTION);
+ BOOL bAutoFixBootloader = IsDlgButtonChecked (hwndDlg, IDC_UPDATE_BOOTLOADER_ON_SHUTDOWN);
+ BOOL bForceVeraCryptNextBoot = FALSE;
+ BOOL bForceSetVeraCryptBootEntry = TRUE;
+ BOOL bForceVeraCryptFirstEntry = TRUE;
+ if (bSystemIsGPT)
+ {
+ bForceVeraCryptNextBoot = IsDlgButtonChecked (hwndDlg, IDC_FORCE_NEXT_BOOT_VERACRYPT);
+ bForceSetVeraCryptBootEntry = IsDlgButtonChecked (hwndDlg, IDC_FORCE_VERACRYPT_BOOT_ENTRY);
+ bForceVeraCryptFirstEntry = IsDlgButtonChecked (hwndDlg, IDC_FORCE_VERACRYPT_FIRST_BOOT_ENTRY);
+ }
+
if (bClearKeysEnabled && !BootEncObj->IsSystemFavoritesServiceRunning())
{
// the system favorite service service should be running
@@ -12010,8 +12050,17 @@ static BOOL CALLBACK BootLoaderPreferencesDlgProc (HWND hwndDlg, UINT msg, WPARA
SetDriverConfigurationFlag (TC_DRIVER_CONFIG_CACHE_BOOT_PIM, (bPasswordCacheEnabled && bPimCacheEnabled)? TRUE : FALSE);
SetDriverConfigurationFlag (TC_DRIVER_CONFIG_DISABLE_EVIL_MAID_ATTACK_DETECTION, IsDlgButtonChecked (hwndDlg, IDC_DISABLE_EVIL_MAID_ATTACK_DETECTION));
SetDriverConfigurationFlag (VC_DRIVER_CONFIG_CLEAR_KEYS_ON_NEW_DEVICE_INSERTION, bClearKeysEnabled);
- if (!IsHiddenOSRunning ()) /* we don't need to update TRIM config for hidden OS since it's always blocked */
+ SetDriverConfigurationFlag (VC_SYSTEM_FAVORITES_SERVICE_CONFIG_DONT_UPDATE_LOADER, bAutoFixBootloader? FALSE : TRUE);
+ if (bSystemIsGPT && !IsHiddenOSRunning ())
+ {
+ /* we don't need to update TRIM config for hidden OS since it's always blocked */
SetDriverConfigurationFlag (VC_DRIVER_CONFIG_BLOCK_SYS_TRIM, bBlockSysEncTrimEnabled);
+
+ /* we don't update bootloader settings since we never update bootloader under Hidden OS */
+ SetDriverConfigurationFlag (VC_SYSTEM_FAVORITES_SERVICE_CONFIG_FORCE_SET_BOOTNEXT, bForceVeraCryptNextBoot);
+ SetDriverConfigurationFlag (VC_SYSTEM_FAVORITES_SERVICE_CONFIG_DONT_SET_BOOTENTRY, bForceSetVeraCryptBootEntry? FALSE : TRUE);
+ SetDriverConfigurationFlag (VC_SYSTEM_FAVORITES_SERVICE_CONFIG_DONT_FORCE_FIRST_BOOTENTRY, bForceVeraCryptFirstEntry? FALSE : TRUE);
+ }
}
catch (Exception &e)
{
@@ -12072,6 +12121,39 @@ static BOOL CALLBACK BootLoaderPreferencesDlgProc (HWND hwndDlg, UINT msg, WPARA
}
break;
+
+ case IDC_UPDATE_BOOTLOADER_ON_SHUTDOWN:
+ if (bSystemIsGPT)
+ {
+ if (IsDlgButtonChecked (hwndDlg, IDC_UPDATE_BOOTLOADER_ON_SHUTDOWN))
+ {
+ if (!IsHiddenOSRunning ())
+ {
+ uint32 driverConfig = ReadDriverConfigurationFlags();
+ BOOL bForceVeraCryptNextBoot = (driverConfig & VC_SYSTEM_FAVORITES_SERVICE_CONFIG_FORCE_SET_BOOTNEXT)? TRUE : FALSE;
+ BOOL bForceSetVeraCryptBootEntry = (driverConfig & VC_SYSTEM_FAVORITES_SERVICE_CONFIG_DONT_SET_BOOTENTRY)? FALSE : TRUE;
+ BOOL bForceVeraCryptFirstEntry = (driverConfig & VC_SYSTEM_FAVORITES_SERVICE_CONFIG_DONT_FORCE_FIRST_BOOTENTRY)? FALSE : TRUE;
+
+ EnableWindow (GetDlgItem (hwndDlg, IDC_FORCE_NEXT_BOOT_VERACRYPT), TRUE);
+ EnableWindow (GetDlgItem (hwndDlg, IDC_FORCE_VERACRYPT_BOOT_ENTRY), TRUE);
+ EnableWindow (GetDlgItem (hwndDlg, IDC_FORCE_VERACRYPT_FIRST_BOOT_ENTRY), TRUE);
+
+ CheckDlgButton (hwndDlg, IDC_FORCE_NEXT_BOOT_VERACRYPT, bForceVeraCryptNextBoot? BST_CHECKED : BST_UNCHECKED);
+ CheckDlgButton (hwndDlg, IDC_FORCE_VERACRYPT_BOOT_ENTRY, bForceSetVeraCryptBootEntry? BST_CHECKED : BST_UNCHECKED);
+ CheckDlgButton (hwndDlg, IDC_FORCE_VERACRYPT_FIRST_BOOT_ENTRY, bForceVeraCryptFirstEntry? BST_CHECKED : BST_UNCHECKED);
+ }
+ }
+ else
+ {
+ CheckDlgButton (hwndDlg, IDC_FORCE_NEXT_BOOT_VERACRYPT, BST_UNCHECKED);
+ CheckDlgButton (hwndDlg, IDC_FORCE_VERACRYPT_BOOT_ENTRY, BST_UNCHECKED);
+ CheckDlgButton (hwndDlg, IDC_FORCE_VERACRYPT_FIRST_BOOT_ENTRY, BST_UNCHECKED);
+ EnableWindow (GetDlgItem (hwndDlg, IDC_FORCE_NEXT_BOOT_VERACRYPT), FALSE);
+ EnableWindow (GetDlgItem (hwndDlg, IDC_FORCE_VERACRYPT_BOOT_ENTRY), FALSE);
+ EnableWindow (GetDlgItem (hwndDlg, IDC_FORCE_VERACRYPT_FIRST_BOOT_ENTRY), FALSE);
+ }
+ }
+ break;
}
return 0;
}