From e8f83544ead2011112788d48bff610574f5d6395 Mon Sep 17 00:00:00 2001
From: Mounir IDRASSI <mounir.idrassi@idrix.fr>
Date: Sat, 5 Aug 2023 00:45:39 +0200
Subject: Windows: Fix false positive detection of new device insertion when
 clear keys option is enable

When this option is enabled, we first build the list of currently inserted devices then we start listening to insertion events.
When a device insertion occurs, we check if this device is on our list and if yes, we ignore its insertion.
We also ignore devices whose Device ID starts with "SWD\" and "ROOT\" since these are not real devices.
---
 src/Common/BootEncryption.cpp | 28 ++++++++++++++++++++++++++++
 1 file changed, 28 insertions(+)

(limited to 'src/Common/BootEncryption.cpp')

diff --git a/src/Common/BootEncryption.cpp b/src/Common/BootEncryption.cpp
index 71d39057..189d5a78 100644
--- a/src/Common/BootEncryption.cpp
+++ b/src/Common/BootEncryption.cpp
@@ -667,6 +667,18 @@ namespace VeraCrypt
 			}
 		}
 
+		static void NotifyService (DWORD dwNotifyCmd)
+		{
+			Elevate();
+
+			DWORD result = ElevatedComInstance->NotifyService (dwNotifyCmd);
+			if (result != ERROR_SUCCESS)
+			{
+				SetLastError (result);
+				throw SystemException(SRC_POS);
+			}
+		}
+
 		static void Release ()
 		{
 			if (--ReferenceCount == 0 && ElevatedComInstance)
@@ -5708,6 +5720,22 @@ namespace VeraCrypt
 		throw_sys_if (!WriteLocalMachineRegistryDword (keyPath, valueName, value));
 	}
 
+	void BootEncryption::NotifyService (DWORD dwNotifyCmd)
+	{
+		if (!IsAdmin() && IsUacSupported())
+		{
+			Elevator::NotifyService (dwNotifyCmd);
+			return;
+		}
+
+		DWORD dwRet = SendServiceNotification(dwNotifyCmd);
+		if (dwRet != ERROR_SUCCESS)
+		{
+			SetLastError(dwRet);
+			throw SystemException (SRC_POS);
+		}
+	}
+
 	void BootEncryption::StartDecryption (BOOL discardUnreadableEncryptedSectors)
 	{
 		BootEncryptionStatus encStatus = GetStatus();
-- 
cgit v1.2.3