1 files changed, 17 insertions, 3 deletions
diff --git a/src/Driver/Ntdriver.c b/src/Driver/Ntdriver.c
index 3c7b50dc..6f068a8f 100644
--- a/src/Driver/Ntdriver.c
+++ b/src/Driver/Ntdriver.c
@@ -2854,70 +2854,82 @@ NTSTATUS ProcessMainDeviceControlIrp (PDEVICE_OBJECT DeviceObject, PEXTENSION Ex
 		Irp->IoStatus.Status = ReadRegistryConfigFlags (FALSE);
 		Irp->IoStatus.Information = 0;
 		break;
 
 	case TC_IOCTL_GET_SYSTEM_DRIVE_DUMP_CONFIG:
 		if (	(ValidateIOBufferSize (Irp, sizeof (GetSystemDriveDumpConfigRequest), ValidateOutput))
 			&&	(Irp->RequestorMode == KernelMode)
 			)
 		{
 			GetSystemDriveDumpConfigRequest *request = (GetSystemDriveDumpConfigRequest *) Irp->AssociatedIrp.SystemBuffer;
 
 			request->BootDriveFilterExtension = GetBootDriveFilterExtension();
 			if (IsBootDriveMounted() && request->BootDriveFilterExtension)
 			{
 				request->HwEncryptionEnabled = IsHwEncryptionEnabled();
 				Irp->IoStatus.Status = STATUS_SUCCESS;
 				Irp->IoStatus.Information = sizeof (*request);
 			}
 			else
 			{
 				Irp->IoStatus.Status = STATUS_INVALID_PARAMETER;
 				Irp->IoStatus.Information = 0;
 			}
 		}
 		break;
 
 	case VC_IOCTL_IS_RAM_ENCRYPTION_ENABLED:
 		if (ValidateIOBufferSize (Irp, sizeof (int), ValidateOutput))
 		{
 			*(int *) Irp->AssociatedIrp.SystemBuffer = IsRamEncryptionEnabled() ? 1 : 0;
 			Irp->IoStatus.Information = sizeof (int);
 			Irp->IoStatus.Status = STATUS_SUCCESS;
 		}
 		break;
 
+	case VC_IOCTL_ENCRYPTION_QUEUE_PARAMS:
+		if (ValidateIOBufferSize (Irp, sizeof (EncryptionQueueParameters), ValidateOutput))
+		{
+			EncryptionQueueParameters* pParams = (EncryptionQueueParameters*) Irp->AssociatedIrp.SystemBuffer;
+			pParams->EncryptionFragmentSize = EncryptionFragmentSize;
+			pParams->EncryptionIoRequestCount = EncryptionIoRequestCount;
+			pParams->EncryptionItemCount = EncryptionItemCount;
+			Irp->IoStatus.Information = sizeof (EncryptionQueueParameters);
+			Irp->IoStatus.Status = STATUS_SUCCESS;
+		}
+		break;
+
 	default:
 		return TCCompleteIrp (Irp, STATUS_INVALID_DEVICE_REQUEST, 0);
 	}
 
 
 #if defined(DEBUG) || defined(DEBUG_TRACE)
 	if (!NT_SUCCESS (Irp->IoStatus.Status))
 	{
 		switch (irpSp->Parameters.DeviceIoControl.IoControlCode)
 		{
 		case TC_IOCTL_GET_MOUNTED_VOLUMES:
 		case TC_IOCTL_GET_PASSWORD_CACHE_STATUS:
 		case TC_IOCTL_GET_PORTABLE_MODE_STATUS:
 		case TC_IOCTL_SET_PORTABLE_MODE_STATUS:
 		case TC_IOCTL_OPEN_TEST:
 		case TC_IOCTL_GET_RESOLVED_SYMLINK:
 		case TC_IOCTL_GET_DRIVE_PARTITION_INFO:
 		case TC_IOCTL_GET_BOOT_DRIVE_VOLUME_PROPERTIES:
 		case TC_IOCTL_GET_BOOT_ENCRYPTION_STATUS:
 		case TC_IOCTL_IS_HIDDEN_SYSTEM_RUNNING:
 			break;
 
 		default:
 			Dump ("IOCTL error 0x%08x\n", Irp->IoStatus.Status);
 		}
 	}
 #endif
 
 	return TCCompleteIrp (Irp, Irp->IoStatus.Status, Irp->IoStatus.Information);
 }
 
 
 NTSTATUS TCStartThread (PKSTART_ROUTINE threadProc, PVOID threadArg, PKTHREAD *kThread)
 {
 	return TCStartThreadInProcess (threadProc, threadArg, kThread, NULL);
@@ -3264,70 +3276,71 @@ LPWSTR TCTranslateCode (ULONG ulCode)
 		TC_CASE_RET_NAME (TC_IOCTL_GET_BOOT_ENCRYPTION_ALGORITHM_NAME);
 		TC_CASE_RET_NAME (TC_IOCTL_GET_BOOT_ENCRYPTION_SETUP_RESULT);
 		TC_CASE_RET_NAME (TC_IOCTL_GET_BOOT_ENCRYPTION_STATUS);
 		TC_CASE_RET_NAME (TC_IOCTL_GET_BOOT_LOADER_VERSION);
 		TC_CASE_RET_NAME (TC_IOCTL_GET_DECOY_SYSTEM_WIPE_RESULT);
 		TC_CASE_RET_NAME (TC_IOCTL_GET_DECOY_SYSTEM_WIPE_STATUS);
 		TC_CASE_RET_NAME (TC_IOCTL_GET_DEVICE_REFCOUNT);
 		TC_CASE_RET_NAME (TC_IOCTL_GET_DRIVE_GEOMETRY);
 		TC_CASE_RET_NAME (TC_IOCTL_GET_DRIVE_PARTITION_INFO);
 		TC_CASE_RET_NAME (TC_IOCTL_GET_DRIVER_VERSION);
 		TC_CASE_RET_NAME (TC_IOCTL_GET_MOUNTED_VOLUMES);
 		TC_CASE_RET_NAME (TC_IOCTL_GET_PASSWORD_CACHE_STATUS);
 		TC_CASE_RET_NAME (TC_IOCTL_GET_SYSTEM_DRIVE_CONFIG);
 		TC_CASE_RET_NAME (TC_IOCTL_GET_PORTABLE_MODE_STATUS);
 		TC_CASE_RET_NAME (TC_IOCTL_SET_PORTABLE_MODE_STATUS);
 		TC_CASE_RET_NAME (TC_IOCTL_GET_RESOLVED_SYMLINK);
 		TC_CASE_RET_NAME (TC_IOCTL_GET_SYSTEM_DRIVE_DUMP_CONFIG);
 		TC_CASE_RET_NAME (TC_IOCTL_GET_VOLUME_PROPERTIES);
 		TC_CASE_RET_NAME (TC_IOCTL_GET_WARNING_FLAGS);
 		TC_CASE_RET_NAME (TC_IOCTL_DISK_IS_WRITABLE);
 		TC_CASE_RET_NAME (TC_IOCTL_IS_ANY_VOLUME_MOUNTED);
 		TC_CASE_RET_NAME (TC_IOCTL_IS_DRIVER_UNLOAD_DISABLED);
 		TC_CASE_RET_NAME (TC_IOCTL_IS_HIDDEN_SYSTEM_RUNNING);
 		TC_CASE_RET_NAME (TC_IOCTL_MOUNT_VOLUME);
 		TC_CASE_RET_NAME (TC_IOCTL_OPEN_TEST);
 		TC_CASE_RET_NAME (TC_IOCTL_PROBE_REAL_DRIVE_SIZE);
 		TC_CASE_RET_NAME (TC_IOCTL_REOPEN_BOOT_VOLUME_HEADER);
 		TC_CASE_RET_NAME (TC_IOCTL_REREAD_DRIVER_CONFIG);
 		TC_CASE_RET_NAME (TC_IOCTL_SET_SYSTEM_FAVORITE_VOLUME_DIRTY);
 		TC_CASE_RET_NAME (TC_IOCTL_START_DECOY_SYSTEM_WIPE);
 		TC_CASE_RET_NAME (TC_IOCTL_WIPE_PASSWORD_CACHE);
 		TC_CASE_RET_NAME (TC_IOCTL_WRITE_BOOT_DRIVE_SECTOR);
 		TC_CASE_RET_NAME (VC_IOCTL_GET_DRIVE_GEOMETRY_EX);
 		TC_CASE_RET_NAME (VC_IOCTL_EMERGENCY_CLEAR_ALL_KEYS);
 		TC_CASE_RET_NAME (VC_IOCTL_IS_RAM_ENCRYPTION_ENABLED);
+		TC_CASE_RET_NAME (VC_IOCTL_ENCRYPTION_QUEUE_PARAMS);
 
 		TC_CASE_RET_NAME (IOCTL_VOLUME_GET_VOLUME_DISK_EXTENTS);
 
 #undef TC_CASE_RET_NAME
 	}
 
 	if (ulCode ==			 IOCTL_DISK_GET_DRIVE_GEOMETRY)
 		return (LPWSTR) _T ("IOCTL_DISK_GET_DRIVE_GEOMETRY");
 	else if (ulCode ==		 IOCTL_DISK_GET_DRIVE_GEOMETRY_EX)
 		return (LPWSTR) _T ("IOCTL_DISK_GET_DRIVE_GEOMETRY_EX");
 	else if (ulCode ==		 IOCTL_MOUNTDEV_QUERY_DEVICE_NAME)
 		return (LPWSTR) _T ("IOCTL_MOUNTDEV_QUERY_DEVICE_NAME");
 	else if (ulCode ==		 IOCTL_MOUNTDEV_QUERY_SUGGESTED_LINK_NAME)
 		return (LPWSTR) _T ("IOCTL_MOUNTDEV_QUERY_SUGGESTED_LINK_NAME");
 	else if (ulCode ==		 IOCTL_MOUNTDEV_QUERY_UNIQUE_ID)
 		return (LPWSTR) _T ("IOCTL_MOUNTDEV_QUERY_UNIQUE_ID");
 	else if (ulCode ==		 IOCTL_VOLUME_ONLINE)
 		return (LPWSTR) _T ("IOCTL_VOLUME_ONLINE");
 	else if (ulCode ==		 IOCTL_MOUNTDEV_LINK_CREATED)
 		return (LPWSTR) _T ("IOCTL_MOUNTDEV_LINK_CREATED");
 	else if (ulCode ==		 IOCTL_MOUNTDEV_LINK_DELETED)
 		return (LPWSTR) _T ("IOCTL_MOUNTDEV_LINK_DELETED");
 	else if (ulCode ==		 IOCTL_MOUNTMGR_QUERY_POINTS)
 		return (LPWSTR) _T ("IOCTL_MOUNTMGR_QUERY_POINTS");
 	else if (ulCode ==		 IOCTL_MOUNTMGR_VOLUME_MOUNT_POINT_CREATED)
 		return (LPWSTR) _T ("IOCTL_MOUNTMGR_VOLUME_MOUNT_POINT_CREATED");
 	else if (ulCode ==		 IOCTL_MOUNTMGR_VOLUME_MOUNT_POINT_DELETED)
 		return (LPWSTR) _T ("IOCTL_MOUNTMGR_VOLUME_MOUNT_POINT_DELETED");
 	else if (ulCode ==		 IOCTL_DISK_GET_LENGTH_INFO)
 		return (LPWSTR) _T ("IOCTL_DISK_GET_LENGTH_INFO");
 	else if (ulCode ==		 IOCTL_STORAGE_GET_DEVICE_NUMBER)
 		return (LPWSTR) _T ("IOCTL_STORAGE_GET_DEVICE_NUMBER");
 	else if (ulCode ==		 IOCTL_DISK_GET_PARTITION_INFO)
 		return (LPWSTR) _T ("IOCTL_DISK_GET_PARTITION_INFO");
 	else if (ulCode ==		 IOCTL_DISK_GET_PARTITION_INFO_EX)
@@ -4794,77 +4807,78 @@ NTSTATUS ReadRegistryConfigFlags (BOOL driverEntry)
 	{
 		if (data->Type == REG_DWORD)
 			EncryptionThreadPoolFreeCpuCountLimit = *(uint32 *) data->Data;
 
 		TCfree (data);
 	}
 
 	if (driverEntry && NT_SUCCESS (TCReadRegistryKey (&name, VC_ENCRYPTION_IO_REQUEST_COUNT, &data)))
 	{
 		if (data->Type == REG_DWORD)
 			EncryptionIoRequestCount = *(uint32 *) data->Data;
 
 		TCfree (data);
 	}
 
 	if (driverEntry && NT_SUCCESS (TCReadRegistryKey (&name, VC_ENCRYPTION_ITEM_COUNT, &data)))
 	{
 		if (data->Type == REG_DWORD)
 			EncryptionItemCount = *(uint32 *) data->Data;
 
 		TCfree (data);
 	}
 
 	if (driverEntry && NT_SUCCESS (TCReadRegistryKey (&name, VC_ENCRYPTION_FRAGMENT_SIZE, &data)))
 	{
 		if (data->Type == REG_DWORD)
 			EncryptionFragmentSize = *(uint32 *) data->Data;
 
 		TCfree (data);
 	}
 
 	if (driverEntry)
 	{
 		if (EncryptionIoRequestCount < TC_ENC_IO_QUEUE_PREALLOCATED_IO_REQUEST_COUNT)
 			EncryptionIoRequestCount = TC_ENC_IO_QUEUE_PREALLOCATED_IO_REQUEST_COUNT;
+		else if (EncryptionIoRequestCount > TC_ENC_IO_QUEUE_PREALLOCATED_IO_REQUEST_MAX_COUNT)
+			EncryptionIoRequestCount = TC_ENC_IO_QUEUE_PREALLOCATED_IO_REQUEST_MAX_COUNT;
 
-		if (EncryptionItemCount == 0)
+		if ((EncryptionItemCount == 0) || (EncryptionItemCount > (EncryptionIoRequestCount / 2)))
 			EncryptionItemCount = EncryptionIoRequestCount / 2;
-		else if (EncryptionItemCount >= EncryptionIoRequestCount)
-			EncryptionItemCount = EncryptionIoRequestCount - 1;
 
 		/* EncryptionFragmentSize value in registry is expressed in KiB */
+		/* Maximum allowed value for EncryptionFragmentSize is 2048 KiB */
 		EncryptionFragmentSize *= 1024;
 		if (EncryptionFragmentSize == 0)
 			EncryptionFragmentSize = TC_ENC_IO_QUEUE_MAX_FRAGMENT_SIZE;
 		else if (EncryptionFragmentSize > (8 * TC_ENC_IO_QUEUE_MAX_FRAGMENT_SIZE))
 			EncryptionFragmentSize = 8 * TC_ENC_IO_QUEUE_MAX_FRAGMENT_SIZE;
 		
 		
 	}
 
 
 	return status;
 }
 
 
 NTSTATUS WriteRegistryConfigFlags (uint32 flags)
 {
 	UNICODE_STRING name;
 	RtlInitUnicodeString (&name, L"\\REGISTRY\\MACHINE\\SYSTEM\\CurrentControlSet\\Services\\veracrypt");
 
 	return TCWriteRegistryKey (&name, TC_DRIVER_CONFIG_REG_VALUE_NAME, REG_DWORD, &flags, sizeof (flags));
 }
 
 
 NTSTATUS GetDeviceSectorSize (PDEVICE_OBJECT deviceObject, ULONG *bytesPerSector)
 {
 	NTSTATUS status;
 	DISK_GEOMETRY geometry;
 
 	status = SendDeviceIoControlRequest (deviceObject, IOCTL_DISK_GET_DRIVE_GEOMETRY, NULL, 0, &geometry, sizeof (geometry));
 	if (!NT_SUCCESS (status))
 		return status;
 
 	*bytesPerSector = geometry.BytesPerSector;
 	
 	return STATUS_SUCCESS;