From 8f6c08330ac37b7729d8c1bf7276e8fede2d17fa Mon Sep 17 00:00:00 2001 From: Mounir IDRASSI Date: Sun, 20 Dec 2015 20:11:50 +0100 Subject: Windows: Implement PIM caching, both for system encryption and for normal volumes. Add options to activate it in the Preferences and System Settings. --- src/Driver/DriveFilter.c | 5 ++++- src/Driver/Ntdriver.c | 6 +++++- src/Driver/Ntdriver.h | 1 + src/Driver/Ntvol.c | 2 ++ 4 files changed, 12 insertions(+), 2 deletions(-) (limited to 'src/Driver') diff --git a/src/Driver/DriveFilter.c b/src/Driver/DriveFilter.c index d5daf89f..7268afa0 100644 --- a/src/Driver/DriveFilter.c +++ b/src/Driver/DriveFilter.c @@ -125,7 +125,10 @@ NTSTATUS LoadBootArguments () Dump ("BootArgumentsCrc32 = %x\n", BootArgs.BootArgumentsCrc32); if (CacheBootPassword && BootArgs.BootPassword.Length > 0) - AddPasswordToCache (&BootArgs.BootPassword); + { + int pim = CacheBootPim? (int) (BootArgs.Flags >> 16) : 0; + AddPasswordToCache (&BootArgs.BootPassword, pim); + } // clear fingerprint burn (BootLoaderFingerprint, sizeof (BootLoaderFingerprint)); diff --git a/src/Driver/Ntdriver.c b/src/Driver/Ntdriver.c index a069bd10..993b8102 100644 --- a/src/Driver/Ntdriver.c +++ b/src/Driver/Ntdriver.c @@ -54,6 +54,7 @@ BOOL DriverUnloadDisabled = FALSE; BOOL PortableMode = FALSE; BOOL VolumeClassFilterRegistered = FALSE; BOOL CacheBootPassword = FALSE; +BOOL CacheBootPim = FALSE; BOOL NonAdminSystemFavoritesAccessDisabled = FALSE; static size_t EncryptionThreadPoolFreeCpuCountLimit = 0; static BOOL SystemFavoriteVolumeDirty = FALSE; @@ -1444,7 +1445,7 @@ NTSTATUS ProcessMainDeviceControlIrp (PDEVICE_OBJECT DeviceObject, PEXTENSION Ex if (mount->VolumePassword.Length > MAX_PASSWORD || mount->ProtectedHidVolPassword.Length > MAX_PASSWORD || mount->pkcs5_prf < 0 || mount->pkcs5_prf > LAST_PRF_ID - || mount->VolumePim < 0 || mount->VolumePim == INT_MAX + || mount->VolumePim < -1 || mount->VolumePim == INT_MAX || mount->ProtectedHidVolPkcs5Prf < 0 || mount->ProtectedHidVolPkcs5Prf > LAST_PRF_ID || (mount->bTrueCryptMode != FALSE && mount->bTrueCryptMode != TRUE) ) @@ -3293,6 +3294,9 @@ NTSTATUS ReadRegistryConfigFlags (BOOL driverEntry) if (flags & TC_DRIVER_CONFIG_DISABLE_NONADMIN_SYS_FAVORITES_ACCESS) NonAdminSystemFavoritesAccessDisabled = TRUE; + + if (flags & TC_DRIVER_CONFIG_CACHE_BOOT_PIM) + CacheBootPim = TRUE; } EnableHwEncryption ((flags & TC_DRIVER_CONFIG_DISABLE_HARDWARE_ENCRYPTION) ? FALSE : TRUE); diff --git a/src/Driver/Ntdriver.h b/src/Driver/Ntdriver.h index 07ae5f83..28772faf 100644 --- a/src/Driver/Ntdriver.h +++ b/src/Driver/Ntdriver.h @@ -114,6 +114,7 @@ extern ULONG OsMajorVersion; extern ULONG OsMinorVersion; extern BOOL VolumeClassFilterRegistered; extern BOOL CacheBootPassword; +extern BOOL CacheBootPim; /* Helper macro returning x seconds in units of 100 nanoseconds */ #define WAIT_SECONDS(x) ((x)*10000000) diff --git a/src/Driver/Ntvol.c b/src/Driver/Ntvol.c index 845961d4..2c2fd168 100644 --- a/src/Driver/Ntvol.c +++ b/src/Driver/Ntvol.c @@ -466,6 +466,7 @@ NTSTATUS TCOpenVolume (PDEVICE_OBJECT DeviceObject, mount->nReturnCode = ReadVolumeHeaderWCache ( FALSE, mount->bCache, + mount->bCachePim, readBuffer, &mount->ProtectedHidVolPassword, mount->ProtectedHidVolPkcs5Prf, @@ -478,6 +479,7 @@ NTSTATUS TCOpenVolume (PDEVICE_OBJECT DeviceObject, mount->nReturnCode = ReadVolumeHeaderWCache ( mount->bPartitionInInactiveSysEncScope && volumeType == TC_VOLUME_TYPE_NORMAL, mount->bCache, + mount->bCachePim, readBuffer, &mount->VolumePassword, mount->pkcs5_prf, -- cgit v1.2.3