diff options
Diffstat (limited to 'src')
| -rw-r--r-- | src/Common/Apidrvr.h | 2 | ||||
| -rw-r--r-- | src/Driver/Driver.rc | 4 | ||||
| -rw-r--r-- | src/Driver/Driver.vcxproj | 8 | ||||
| -rw-r--r-- | src/Driver/EncryptedIoQueue.c | 88 | ||||
| -rw-r--r-- | src/Driver/EncryptedIoQueue.h | 2 | ||||
| -rw-r--r-- | src/Driver/Ntdriver.c | 13 | ||||
| -rw-r--r-- | src/Driver/Ntdriver.h | 1 | ||||
| -rw-r--r-- | src/Release/Setup Files/veracrypt-arm64.cat | bin | 11875 -> 11878 bytes | |||
| -rw-r--r-- | src/Release/Setup Files/veracrypt-arm64.sys | bin | 445992 -> 442880 bytes | |||
| -rw-r--r-- | src/Release/Setup Files/veracrypt-x64.cat | bin | 11934 -> 11947 bytes | |||
| -rw-r--r-- | src/Release/Setup Files/veracrypt-x64.sys | bin | 650008 -> 646944 bytes | |||
| -rw-r--r-- | src/Release/Setup Files/veracrypt.Inf | 2 |
12 files changed, 67 insertions, 53 deletions
diff --git a/src/Common/Apidrvr.h b/src/Common/Apidrvr.h index 04d69c05..955286da 100644 --- a/src/Common/Apidrvr.h +++ b/src/Common/Apidrvr.h @@ -396,6 +396,7 @@ typedef struct int EncryptionIoRequestCount; int EncryptionItemCount; int EncryptionFragmentSize; + int EncryptionMaxWorkItems; } EncryptionQueueParameters; #pragma pack (pop) @@ -418,6 +419,7 @@ typedef struct #define VC_ENCRYPTION_IO_REQUEST_COUNT DRIVER_STR("VeraCryptEncryptionIoRequestCount") #define VC_ENCRYPTION_ITEM_COUNT DRIVER_STR("VeraCryptEncryptionItemCount") #define VC_ENCRYPTION_FRAGMENT_SIZE DRIVER_STR("VeraCryptEncryptionFragmentSize") +#define VC_ENCRYPTION_MAX_WORK_ITEMS DRIVER_STR("VeraCryptEncryptionMaxWorkItems") #define VC_ERASE_KEYS_SHUTDOWN DRIVER_STR("VeraCryptEraseKeysShutdown") diff --git a/src/Driver/Driver.rc b/src/Driver/Driver.rc index 66bd8316..2ea931ea 100644 --- a/src/Driver/Driver.rc +++ b/src/Driver/Driver.rc @@ -27,8 +27,8 @@ LANGUAGE LANG_ENGLISH, SUBLANG_ENGLISH_US // VS_VERSION_INFO VERSIONINFO - FILEVERSION 1,26,17,0 - PRODUCTVERSION 1,26,17,0 + FILEVERSION 1,26,17,1 + PRODUCTVERSION 1,26,17,1 FILEFLAGSMASK 0x17L #ifdef _DEBUG FILEFLAGS 0x1L diff --git a/src/Driver/Driver.vcxproj b/src/Driver/Driver.vcxproj index b9596e22..302c50ae 100644 --- a/src/Driver/Driver.vcxproj +++ b/src/Driver/Driver.vcxproj @@ -108,7 +108,7 @@ <Inf> <ProviderName> </ProviderName> - <TimeStamp>1.26.17.0</TimeStamp> + <TimeStamp>1.26.17.1</TimeStamp> </Inf> <Link> <AdditionalDependencies>fltmgr.lib;%(AdditionalDependencies);$(KernelBufferOverflowLib);$(DDK_LIB_PATH)ntoskrnl.lib;$(DDK_LIB_PATH)hal.lib;$(DDK_LIB_PATH)wmilib.lib;$(KMDF_LIB_PATH)$(KMDF_VER_PATH)\WdfLdr.lib;$(KMDF_LIB_PATH)$(KMDF_VER_PATH)\WdfDriverEntry.lib</AdditionalDependencies> @@ -134,7 +134,7 @@ copy $(OutDir)veracrypt.inf "$(SolutionDir)Debug\Setup Files\veracrypt.inf"</Com <Inf> <ProviderName> </ProviderName> - <TimeStamp>1.26.17.0</TimeStamp> + <TimeStamp>1.26.17.1</TimeStamp> </Inf> <Link> <AdditionalDependencies>fltmgr.lib;%(AdditionalDependencies);$(KernelBufferOverflowLib);$(DDK_LIB_PATH)ntoskrnl.lib;$(DDK_LIB_PATH)hal.lib;$(DDK_LIB_PATH)wmilib.lib;$(KMDF_LIB_PATH)$(KMDF_VER_PATH)\WdfLdr.lib;$(KMDF_LIB_PATH)$(KMDF_VER_PATH)\WdfDriverEntry.lib</AdditionalDependencies> @@ -160,7 +160,7 @@ copy $(OutDir)veracrypt.inf "$(SolutionDir)Release\Setup Files\veracrypt.inf"</C <Inf> <ProviderName> </ProviderName> - <TimeStamp>1.26.17.0</TimeStamp> + <TimeStamp>1.26.17.1</TimeStamp> </Inf> <Link> <AdditionalDependencies>fltmgr.lib;%(AdditionalDependencies);$(KernelBufferOverflowLib);$(DDK_LIB_PATH)ntoskrnl.lib;$(DDK_LIB_PATH)hal.lib;$(DDK_LIB_PATH)wmilib.lib;$(KMDF_LIB_PATH)$(KMDF_VER_PATH)\WdfLdr.lib;$(KMDF_LIB_PATH)$(KMDF_VER_PATH)\WdfDriverEntry.lib</AdditionalDependencies> @@ -186,7 +186,7 @@ copy $(OutDir)veracrypt.inf "$(SolutionDir)Release\Setup Files\veracrypt.inf"</C <Inf> <ProviderName> </ProviderName> - <TimeStamp>1.26.17.0</TimeStamp> + <TimeStamp>1.26.17.1</TimeStamp> </Inf> <Link> <AdditionalDependencies>fltmgr.lib;%(AdditionalDependencies);$(KernelBufferOverflowLib);$(DDK_LIB_PATH)ntoskrnl.lib;$(DDK_LIB_PATH)hal.lib;$(DDK_LIB_PATH)wmilib.lib;$(KMDF_LIB_PATH)$(KMDF_VER_PATH)\WdfLdr.lib;$(KMDF_LIB_PATH)$(KMDF_VER_PATH)\WdfDriverEntry.lib</AdditionalDependencies> diff --git a/src/Driver/EncryptedIoQueue.c b/src/Driver/EncryptedIoQueue.c index 85d7ccff..91399c47 100644 --- a/src/Driver/EncryptedIoQueue.c +++ b/src/Driver/EncryptedIoQueue.c @@ -271,6 +271,7 @@ static VOID CompleteIrpWorkItemRoutine(PDEVICE_OBJECT DeviceObject, PVOID Contex PCOMPLETE_IRP_WORK_ITEM workItem = (PCOMPLETE_IRP_WORK_ITEM)Context; EncryptedIoQueueItem* item = (EncryptedIoQueueItem * ) workItem->Item; EncryptedIoQueue* queue = item->Queue; + KIRQL oldIrql; UNREFERENCED_PARAMETER(DeviceObject); __try @@ -283,19 +284,14 @@ static VOID CompleteIrpWorkItemRoutine(PDEVICE_OBJECT DeviceObject, PVOID Contex } __finally { - // Return the work item to the free list - KIRQL oldIrql; - KeAcquireSpinLock(&queue->WorkItemLock, &oldIrql); - - // Decrement ActiveWorkItems - LONG activeWorkItems = InterlockedDecrement(&queue->ActiveWorkItems); - // If no active work items remain, signal the event - if (activeWorkItems == 0) + if (InterlockedDecrement(&queue->ActiveWorkItems) == 0) { KeSetEvent(&queue->NoActiveWorkItemsEvent, IO_NO_INCREMENT, FALSE); } + // Return the work item to the free list + KeAcquireSpinLock(&queue->WorkItemLock, &oldIrql); InsertTailList(&queue->FreeWorkItemsList, &workItem->ListEntry); KeReleaseSpinLock(&queue->WorkItemLock, oldIrql); @@ -307,8 +303,43 @@ static VOID CompleteIrpWorkItemRoutine(PDEVICE_OBJECT DeviceObject, PVOID Contex } } +// Handles the completion of the original IRP. +static VOID HandleCompleteOriginalIrp(EncryptedIoQueue* queue, EncryptedIoRequest* request) +{ + NTSTATUS status = KeWaitForSingleObject(&queue->WorkItemSemaphore, Executive, KernelMode, FALSE, NULL); + if (queue->ThreadExitRequested) + return; + if (!NT_SUCCESS(status)) + { + // Handle wait failure: we call the completion routine directly. + // This is not ideal since it can cause deadlock that we are trying to fix but it is better than losing the IRP. + CompleteOriginalIrp(request->Item, STATUS_INSUFFICIENT_RESOURCES, 0); + } + else + { + // Obtain a work item from the free list. + KIRQL oldIrql; + KeAcquireSpinLock(&queue->WorkItemLock, &oldIrql); + PLIST_ENTRY freeEntry = RemoveHeadList(&queue->FreeWorkItemsList); + KeReleaseSpinLock(&queue->WorkItemLock, oldIrql); + + PCOMPLETE_IRP_WORK_ITEM workItem = CONTAINING_RECORD(freeEntry, COMPLETE_IRP_WORK_ITEM, ListEntry); + + // Increment ActiveWorkItems. + InterlockedIncrement(&queue->ActiveWorkItems); + KeResetEvent(&queue->NoActiveWorkItemsEvent); + // Prepare the work item. + workItem->Irp = request->Item->OriginalIrp; + workItem->Status = request->Item->Status; + workItem->Information = NT_SUCCESS(request->Item->Status) ? request->Item->OriginalLength : 0; + workItem->Item = request->Item; + + // Queue the work item. + IoQueueWorkItem(workItem->WorkItem, CompleteIrpWorkItemRoutine, DelayedWorkQueue, workItem); + } +} static VOID CompletionThreadProc(PVOID threadArg) { @@ -352,39 +383,7 @@ static VOID CompletionThreadProc(PVOID threadArg) if (request->CompleteOriginalIrp) { - // Wait for a work item to become available - NTSTATUS status = KeWaitForSingleObject(&queue->WorkItemSemaphore, Executive, KernelMode, FALSE, NULL); - if (queue->ThreadExitRequested) - break; - if (!NT_SUCCESS(status)) - { - // Handle wait failure: we call the completion routine directly. - // This is not ideal since it can cause deadlock that we are trying to fix but it is better than losing the IRP. - CompleteOriginalIrp(request->Item, STATUS_INSUFFICIENT_RESOURCES, 0); - } - else - { - // Obtain a work item from the free list - KIRQL oldIrql; - KeAcquireSpinLock(&queue->WorkItemLock, &oldIrql); - PLIST_ENTRY freeEntry = RemoveHeadList(&queue->FreeWorkItemsList); - KeReleaseSpinLock(&queue->WorkItemLock, oldIrql); - - PCOMPLETE_IRP_WORK_ITEM workItem = CONTAINING_RECORD(freeEntry, COMPLETE_IRP_WORK_ITEM, ListEntry); - - // Increment ActiveWorkItems - InterlockedIncrement(&queue->ActiveWorkItems); - KeResetEvent(&queue->NoActiveWorkItemsEvent); - - // Prepare the work item - workItem->Irp = request->Item->OriginalIrp; - workItem->Status = request->Item->Status; - workItem->Information = NT_SUCCESS(request->Item->Status) ? request->Item->OriginalLength : 0; - workItem->Item = request->Item; - - // Queue the work item - IoQueueWorkItem(workItem->WorkItem, CompleteIrpWorkItemRoutine, DelayedWorkQueue, workItem); - } + HandleCompleteOriginalIrp(queue, request); } ReleasePoolBuffer(queue, request); @@ -545,8 +544,7 @@ static VOID IoThreadProc (PVOID threadArg) if (request->CompleteOriginalIrp) { - CompleteOriginalIrp (request->Item, request->Item->Status, - NT_SUCCESS (request->Item->Status) ? request->Item->OriginalLength : 0); + HandleCompleteOriginalIrp(queue, request); } ReleasePoolBuffer (queue, request); @@ -1152,10 +1150,10 @@ retry_preallocated: // Initialize the free work item list InitializeListHead(&queue->FreeWorkItemsList); - KeInitializeSemaphore(&queue->WorkItemSemaphore, VC_MAX_WORK_ITEMS, VC_MAX_WORK_ITEMS); + KeInitializeSemaphore(&queue->WorkItemSemaphore, EncryptionMaxWorkItems, EncryptionMaxWorkItems); KeInitializeSpinLock(&queue->WorkItemLock); - queue->MaxWorkItems = VC_MAX_WORK_ITEMS; + queue->MaxWorkItems = EncryptionMaxWorkItems; queue->WorkItemPool = (PCOMPLETE_IRP_WORK_ITEM)TCalloc(sizeof(COMPLETE_IRP_WORK_ITEM) * queue->MaxWorkItems); if (!queue->WorkItemPool) { diff --git a/src/Driver/EncryptedIoQueue.h b/src/Driver/EncryptedIoQueue.h index 2e7439f8..3738065a 100644 --- a/src/Driver/EncryptedIoQueue.h +++ b/src/Driver/EncryptedIoQueue.h @@ -26,7 +26,7 @@ #define TC_ENC_IO_QUEUE_PREALLOCATED_IO_REQUEST_COUNT 16 #define TC_ENC_IO_QUEUE_PREALLOCATED_IO_REQUEST_MAX_COUNT 8192 -#define VC_MAX_WORK_ITEMS 256 +#define VC_MAX_WORK_ITEMS 1024 typedef struct EncryptedIoQueueBufferStruct { diff --git a/src/Driver/Ntdriver.c b/src/Driver/Ntdriver.c index ac2fb00a..12943dc8 100644 --- a/src/Driver/Ntdriver.c +++ b/src/Driver/Ntdriver.c @@ -145,6 +145,7 @@ static BOOL RamEncryptionActivated = FALSE; int EncryptionIoRequestCount = 0; int EncryptionItemCount = 0; int EncryptionFragmentSize = 0; +int EncryptionMaxWorkItems = 0; PDEVICE_OBJECT VirtualVolumeDeviceObjects[MAX_MOUNTED_VOLUME_DRIVE_NUMBER + 1]; @@ -2776,6 +2777,7 @@ NTSTATUS ProcessMainDeviceControlIrp (PDEVICE_OBJECT DeviceObject, PEXTENSION Ex if (ValidateIOBufferSize (Irp, sizeof (EncryptionQueueParameters), ValidateOutput)) { EncryptionQueueParameters* pParams = (EncryptionQueueParameters*) Irp->AssociatedIrp.SystemBuffer; + pParams->EncryptionMaxWorkItems = EncryptionMaxWorkItems; pParams->EncryptionFragmentSize = EncryptionFragmentSize; pParams->EncryptionIoRequestCount = EncryptionIoRequestCount; pParams->EncryptionItemCount = EncryptionItemCount; @@ -4646,6 +4648,14 @@ NTSTATUS ReadRegistryConfigFlags (BOOL driverEntry) TCfree (data); } + if (driverEntry && NT_SUCCESS(TCReadRegistryKey(&name, VC_ENCRYPTION_MAX_WORK_ITEMS, &data))) + { + if (data->Type == REG_DWORD) + EncryptionMaxWorkItems = *(uint32*)data->Data; + + TCfree(data); + } + if (driverEntry) { if (EncryptionIoRequestCount < TC_ENC_IO_QUEUE_PREALLOCATED_IO_REQUEST_COUNT) @@ -4663,6 +4673,9 @@ NTSTATUS ReadRegistryConfigFlags (BOOL driverEntry) EncryptionFragmentSize = TC_ENC_IO_QUEUE_MAX_FRAGMENT_SIZE; else if (EncryptionFragmentSize > (8 * TC_ENC_IO_QUEUE_MAX_FRAGMENT_SIZE)) EncryptionFragmentSize = 8 * TC_ENC_IO_QUEUE_MAX_FRAGMENT_SIZE; + + if (EncryptionMaxWorkItems == 0) + EncryptionMaxWorkItems = VC_MAX_WORK_ITEMS; } diff --git a/src/Driver/Ntdriver.h b/src/Driver/Ntdriver.h index 3995ffdf..b03b5e93 100644 --- a/src/Driver/Ntdriver.h +++ b/src/Driver/Ntdriver.h @@ -128,6 +128,7 @@ extern BOOL AllowWindowsDefrag; extern int EncryptionIoRequestCount; extern int EncryptionItemCount; extern int EncryptionFragmentSize; +extern int EncryptionMaxWorkItems; extern BOOL EraseKeysOnShutdown; /* Helper macro returning x seconds in units of 100 nanoseconds */ #define WAIT_SECONDS(x) ((x)*10000000) diff --git a/src/Release/Setup Files/veracrypt-arm64.cat b/src/Release/Setup Files/veracrypt-arm64.cat Binary files differindex 5304478d..a6acd9bc 100644 --- a/src/Release/Setup Files/veracrypt-arm64.cat +++ b/src/Release/Setup Files/veracrypt-arm64.cat diff --git a/src/Release/Setup Files/veracrypt-arm64.sys b/src/Release/Setup Files/veracrypt-arm64.sys Binary files differindex 13e3b460..7e9f73c5 100644 --- a/src/Release/Setup Files/veracrypt-arm64.sys +++ b/src/Release/Setup Files/veracrypt-arm64.sys diff --git a/src/Release/Setup Files/veracrypt-x64.cat b/src/Release/Setup Files/veracrypt-x64.cat Binary files differindex fc5e6693..9367ca3f 100644 --- a/src/Release/Setup Files/veracrypt-x64.cat +++ b/src/Release/Setup Files/veracrypt-x64.cat diff --git a/src/Release/Setup Files/veracrypt-x64.sys b/src/Release/Setup Files/veracrypt-x64.sys Binary files differindex 85658d8c..0cee9609 100644 --- a/src/Release/Setup Files/veracrypt-x64.sys +++ b/src/Release/Setup Files/veracrypt-x64.sys diff --git a/src/Release/Setup Files/veracrypt.Inf b/src/Release/Setup Files/veracrypt.Inf index 2b021283..b6a82528 100644 --- a/src/Release/Setup Files/veracrypt.Inf +++ b/src/Release/Setup Files/veracrypt.Inf @@ -10,7 +10,7 @@ signature = "$Windows NT$" Class = "Encryption" ;This is determined by the work this filter driver does ClassGuid = {a0a701c0-a511-42ff-aa6c-06dc0395576f} ;This value is determined by the Class Provider = %ProviderString% -DriverVer = 11/17/2024,1.26.16.0 +DriverVer = 11/24/2024,1.26.17.1 CatalogFile = veracrypt.cat PnpLockdown = 1 |