1 files changed, 11 insertions, 5 deletions
diff --git a/src/Common/Apidrvr.h b/src/Common/Apidrvr.h
index d8bfc74f..04d69c05 100644
--- a/src/Common/Apidrvr.h
+++ b/src/Common/Apidrvr.h
@@ -139,70 +139,72 @@
 #pragma pack (push)
 #pragma pack(1)
 
 typedef struct
 {
 	int nReturnCode;					/* Return code back from driver */
 	BOOL FilesystemDirty;
 	BOOL VolumeMountedReadOnlyAfterAccessDenied;
 	BOOL VolumeMountedReadOnlyAfterDeviceWriteProtected;
 
 	wchar_t wszVolume[TC_MAX_PATH];		/* Volume to be mounted */
 	Password VolumePassword;			/* User password */
 	BOOL bCache;						/* Cache passwords in driver */
 	int nDosDriveNo;					/* Drive number to mount */
 	uint32 BytesPerSector;
 	BOOL bMountReadOnly;				/* Mount volume in read-only mode */
 	BOOL bMountRemovable;				/* Mount volume as removable media */
 	BOOL bExclusiveAccess;				/* Open host file/device in exclusive access mode */
 	BOOL bMountManager;					/* Announce volume to mount manager */
 	BOOL bPreserveTimestamp;			/* Preserve file container timestamp */
 	BOOL bPartitionInInactiveSysEncScope;		/* If TRUE, we are to attempt to mount a partition located on an encrypted system drive without pre-boot authentication. */
 	int nPartitionInInactiveSysEncScopeDriveNo;	/* If bPartitionInInactiveSysEncScope is TRUE, this contains the drive number of the system drive on which the partition is located. */
 	BOOL SystemFavorite;
 	// Hidden volume protection
 	BOOL bProtectHiddenVolume;			/* TRUE if the user wants the hidden volume within this volume to be protected against being overwritten (damaged) */
 	Password ProtectedHidVolPassword;	/* Password to the hidden volume to be protected against overwriting */
 	BOOL UseBackupHeader;
 	BOOL RecoveryMode;
 	int pkcs5_prf;
 	int ProtectedHidVolPkcs5Prf;
+	BOOL VolumeMountedReadOnlyAfterPartialSysEnc;
 	uint32 BytesPerPhysicalSector;
 	int VolumePim;
 	int ProtectedHidVolPim;
 	wchar_t wszLabel[33]; // maximum label length is 32 for NTFS and 11 for FAT32
 	BOOL bIsNTFS; // output only
 	BOOL bDriverSetLabel;
 	BOOL bCachePim;
 	ULONG MaximumTransferLength;
 	ULONG MaximumPhysicalPages;
 	ULONG AlignmentMask;
+	BOOL VolumeMasterKeyVulnerable;
 } MOUNT_STRUCT;
 
 typedef struct
 {
 	int nDosDriveNo;	/* Drive letter to unmount */
 	BOOL ignoreOpenFiles;
 	BOOL HiddenVolumeProtectionTriggered;
 	int nReturnCode;	/* Return code back from driver */
 } UNMOUNT_STRUCT;
 
 typedef struct
 {
 	unsigned __int32 ulMountedDrives;	/* Bitfield of all mounted drive letters */
 	wchar_t wszVolume[26][TC_MAX_PATH];	/* Volume names of mounted volumes */
 	wchar_t wszLabel[26][33];	/* Labels of mounted volumes */
 	wchar_t volumeID[26][VOLUME_ID_SIZE];	/* IDs of mounted volumes */
 	unsigned __int64 diskLength[26];
 	int ea[26];
 	int volumeType[26];	/* Volume type (e.g. PROP_VOL_TYPE_OUTER, PROP_VOL_TYPE_OUTER_VOL_WRITE_PREVENTED, etc.) */
 	BOOL reserved[26]; /* needed to keep the same size for the structure so that installer of new version can communicate with installed old version */
 } MOUNT_LIST_STRUCT;
 
 typedef struct
 {
 	int driveNo;
 	int uniqueId;
 	wchar_t wszVolume[TC_MAX_PATH];
 	unsigned __int64 diskLength;
 	int ea;
 	int mode;
@@ -288,148 +290,152 @@ typedef struct
 	BOOL DeviceFilterActive;
 
 	uint16 BootLoaderVersion;
 
 	BOOL DriveMounted;
 	BOOL VolumeHeaderPresent;
 	BOOL DriveEncrypted;
 
 	LARGE_INTEGER BootDriveLength;
 
 	int64 ConfiguredEncryptedAreaStart;
 	int64 ConfiguredEncryptedAreaEnd;
 	int64 EncryptedAreaStart;
 	int64 EncryptedAreaEnd;
 
 	uint32 VolumeHeaderSaltCrc32;
 
 	BOOL SetupInProgress;
 	BootEncryptionSetupMode SetupMode;
 	BOOL TransformWaitingForIdle;
 
 	uint32 HibernationPreventionCount;
 
 	BOOL HiddenSystem;
 	int64 HiddenSystemPartitionStart;
 
 	// Number of times the filter driver answered that an unencrypted volume
 	// is read-only (or mounted an outer/normal TrueCrypt volume as read only)
 	uint32 HiddenSysLeakProtectionCount;
 
+	BOOL MasterKeyVulnerable;
+
 } BootEncryptionStatus;
 
 
 typedef struct
 {
 	BootEncryptionSetupMode SetupMode;
 	WipeAlgorithmId WipeAlgorithm;
 	BOOL ZeroUnreadableSectors;
 	BOOL DiscardUnreadableEncryptedSectors;
 } BootEncryptionSetupRequest;
 
 
 typedef struct
 {
 	Password VolumePassword;
 	int pkcs5_prf;
 	int pim;
 } ReopenBootVolumeHeaderRequest;
 
 
 typedef struct
 {
 	char BootEncryptionAlgorithmName[256];
 	char BootPrfAlgorithmName[256];
 } GetBootEncryptionAlgorithmNameRequest;
 
 typedef struct
 {
-	byte Fingerprint[WHIRLPOOL_DIGESTSIZE + SHA512_DIGESTSIZE];
+	uint8 Fingerprint[WHIRLPOOL_DIGESTSIZE + SHA512_DIGESTSIZE];
 } BootLoaderFingerprintRequest;
 
 typedef struct
 {
 	wchar_t DevicePath[TC_MAX_PATH];
-	byte Configuration;
+	uint8 Configuration;
 	BOOL DriveIsDynamic;
 	uint16 BootLoaderVersion;
-	byte UserConfiguration;
+	uint8 UserConfiguration;
 	char CustomUserMessage[TC_BOOT_SECTOR_USER_MESSAGE_MAX_LENGTH + 1];
 } GetSystemDriveConfigurationRequest;
 
 typedef struct
 {
 	WipeAlgorithmId WipeAlgorithm;
-	CRYPTOPP_ALIGN_DATA(16) byte WipeKey[MASTER_KEYDATA_SIZE];
+	CRYPTOPP_ALIGN_DATA(16) uint8 WipeKey[MASTER_KEYDATA_SIZE];
 } WipeDecoySystemRequest;
 
 typedef struct
 {
 	BOOL WipeInProgress;
 	WipeAlgorithmId WipeAlgorithm;
 	int64 WipedAreaEnd;
 } DecoySystemWipeStatus;
 
 typedef struct
 {
 	LARGE_INTEGER Offset;
-	byte Data[TC_SECTOR_SIZE_BIOS];
+	uint8 Data[TC_SECTOR_SIZE_BIOS];
 } WriteBootDriveSectorRequest;
 
 typedef struct
 {
 	BOOL PagingFileCreationPrevented;
 	BOOL SystemFavoriteVolumeDirty;
 } GetWarningFlagsRequest;
 
 typedef struct
 {
 	struct _DriveFilterExtension *BootDriveFilterExtension;
 	BOOL HwEncryptionEnabled;
 } GetSystemDriveDumpConfigRequest;
 
 typedef struct
 {
 	int EncryptionIoRequestCount;
 	int EncryptionItemCount;
 	int EncryptionFragmentSize;
 } EncryptionQueueParameters;
 
 #pragma pack (pop)
 
 #define DRIVER_STR WIDE
 
 #define TC_UNIQUE_ID_PREFIX "VeraCryptVolume"
 #define TC_MOUNT_PREFIX L"\\Device\\VeraCryptVolume"
 
 #define NT_MOUNT_PREFIX DRIVER_STR("\\Device\\VeraCryptVolume")
 #define NT_ROOT_PREFIX DRIVER_STR("\\Device\\VeraCrypt")
 #define DOS_MOUNT_PREFIX_DEFAULT DRIVER_STR("\\DosDevices\\")
 #define DOS_MOUNT_PREFIX_GLOBAL DRIVER_STR("\\GLOBAL??\\") // Use Global MS-DOS device names for sanity checks on drive letters
 #define DOS_ROOT_PREFIX DRIVER_STR("\\DosDevices\\VeraCrypt")
 #define WIN32_ROOT_PREFIX DRIVER_STR("\\\\.\\VeraCrypt")
 
 #define TC_DRIVER_CONFIG_REG_VALUE_NAME DRIVER_STR("VeraCryptConfig")
 #define TC_ENCRYPTION_FREE_CPU_COUNT_REG_VALUE_NAME DRIVER_STR("VeraCryptEncryptionFreeCpuCount")
 
 #define VC_ENCRYPTION_IO_REQUEST_COUNT DRIVER_STR("VeraCryptEncryptionIoRequestCount")
 #define VC_ENCRYPTION_ITEM_COUNT DRIVER_STR("VeraCryptEncryptionItemCount")
 #define VC_ENCRYPTION_FRAGMENT_SIZE DRIVER_STR("VeraCryptEncryptionFragmentSize")
 
 #define VC_ERASE_KEYS_SHUTDOWN DRIVER_STR("VeraCryptEraseKeysShutdown")
 
+#define VC_ENABLE_MEMORY_PROTECTION DRIVER_STR("VeraCryptEnableMemoryProtection")
+
 // WARNING: Modifying the following values can introduce incompatibility with previous versions.
 #define TC_DRIVER_CONFIG_CACHE_BOOT_PASSWORD						0x1
 #define TC_DRIVER_CONFIG_CACHE_BOOT_PASSWORD_FOR_SYS_FAVORITES		0x2
 #define TC_DRIVER_CONFIG_DISABLE_NONADMIN_SYS_FAVORITES_ACCESS		0x4
 #define TC_DRIVER_CONFIG_DISABLE_HARDWARE_ENCRYPTION				0x8
 #define TC_DRIVER_CONFIG_ENABLE_EXTENDED_IOCTL						0x10
 #define TC_DRIVER_CONFIG_DISABLE_EVIL_MAID_ATTACK_DETECTION			0x20
 #define TC_DRIVER_CONFIG_CACHE_BOOT_PIM								0x40
 #define VC_DRIVER_CONFIG_ALLOW_NONSYS_TRIM							0x80
 #define VC_DRIVER_CONFIG_BLOCK_SYS_TRIM								0x100
 #define VC_DRIVER_CONFIG_ALLOW_WINDOWS_DEFRAG						0x200
 #define VC_DRIVER_CONFIG_CLEAR_KEYS_ON_NEW_DEVICE_INSERTION			0x400
 #define VC_DRIVER_CONFIG_ENABLE_CPU_RNG								0x800
 #define VC_DRIVER_CONFIG_ENABLE_RAM_ENCRYPTION						0x1000
 
 #endif		/* _WIN32 */