From b1657e88e4f7922cda6795d843b5b7723b27102f Mon Sep 17 00:00:00 2001
From: Mounir IDRASSI <mounir.idrassi@idrix.fr>
Date: Mon, 18 Sep 2023 00:13:52 +0200
Subject: Windows Security: make memory protection enabled by default. Add
 process mitigation (ASLR, Dynamic code, extension points)

Memory protection can be disabled using registry value "VeraCryptEnableMemoryProtection" under the key "HKLM\SYSTEM\CurrentControlSet\Services\veracrypt"
---
 src/Common/Dlgcode.h | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

(limited to 'src/Common/Dlgcode.h')

diff --git a/src/Common/Dlgcode.h b/src/Common/Dlgcode.h
index 12957232..245df6c1 100644
--- a/src/Common/Dlgcode.h
+++ b/src/Common/Dlgcode.h
@@ -349,6 +349,7 @@ BOOL IsTrueCryptInstallerRunning (void);
 uint32 ReadDriverConfigurationFlags ();
 uint32 ReadServiceConfigurationFlags ();
 uint32 ReadEncryptionThreadPoolFreeCpuCountLimit ();
+BOOL ReadMemoryProtectionConfig ();
 BOOL LoadSysEncSettings ();
 int LoadNonSysInPlaceEncSettings (WipeAlgorithmId *wipeAlgorithm);
 void RemoveNonSysInPlaceEncNotifications (void);
@@ -582,7 +583,8 @@ BOOL VerifyModuleSignature (const wchar_t* path);
 void GetInstallationPath (HWND hwndDlg, wchar_t* szInstallPath, DWORD cchSize, BOOL* pbInstallPathDetermined);
 BOOL GetSetupconfigLocation (wchar_t* path, DWORD cchSize);
 BOOL BufferHasPattern (const unsigned char* buffer, size_t bufferLen, const void* pattern, size_t patternLen);
-BOOL EnableProcessProtection();
+void ActivateProcessMitigations();
+BOOL ActivateMemoryProtection();
 void SafeOpenURL (LPCWSTR szUrl);
 BitLockerEncryptionStatus GetBitLockerEncryptionStatus(WCHAR driveLetter);
 BOOL IsTestSigningModeEnabled ();
-- 
cgit v1.2.3