/*
Copyright (c) 2008-2009 TrueCrypt Developers Association. All rights reserved.
Governed by the TrueCrypt License 3.0 the full text of which is contained in
the file License.txt included in TrueCrypt binary and source code distribution
packages.
*/
#ifndef TC_HEADER_Boot_BootDefs
#define TC_HEADER_Boot_BootDefs
// Total memory required (CODE + DATA + BSS + STACK + 0x100) in KBytes - determined from linker map.
#define TC__BOOT_MEMORY_REQUIRED 42
#ifdef TC_WINDOWS_BOOT_SINGLE_CIPHER_MODE
# undef TC__BOOT_MEMORY_REQUIRED
# ifdef TC_WINDOWS_BOOT_AES
# ifdef TC_WINDOWS_BOOT_RESCUE_DISK_MODE
# define TC__BOOT_MEMORY_REQUIRED 30
# else
# define TC__BOOT_MEMORY_REQUIRED 28
# endif
# elif defined (TC_WINDOWS_BOOT_SERPENT)
# define TC__BOOT_MEMORY_REQUIRED 32
# elif defined (TC_WINDOWS_BOOT_TWOFISH)
# define TC__BOOT_MEMORY_REQUIRED 40
# endif
#if 0
# undef TC__BOOT_MEMORY_REQUIRED
# define TC__BOOT_MEMORY_REQUIRED 60
#endif
#endif
// Modifying this value can introduce incompatibility with previous versions
#define TC__BOOT_LOADER_SEGMENT TC_HEX (9000) // Some buggy BIOS routines fail if CS bits 0-10 are not zero
#if TC__BOOT_MEMORY_REQUIRED <= 32
# define TC__BOOT_LOADER_SEGMENT_LOW (TC__BOOT_LOADER_SEGMENT - 32 * 1024 / 16)
#else
# define TC__BOOT_LOADER_SEGMENT_LOW (TC__BOOT_LOADER_SEGMENT - 64 * 1024 / 16)
#endif
#define TC__COM_EXECUTABLE_OFFSET TC_HEX (100)
#define TC__BOOT_LOADER_LOWMEM_SEGMENT TC_HEX (2000)
#define TC__BOOT_LOADER_BUFFER_SEGMENT TC_HEX (4000)
#define TC__BOOT_LOADER_ALT_SEGMENT TC_HEX (6000)
#define TC__BOOT_LOADER_STACK_TOP (TC_BOOT_MEMORY_REQUIRED * TC_UNSIGNED (1024) - 4)
#define TC__LB_SIZE 512
#define TC__BOOT_LOADER_AREA_SECTOR_COUNT 63
#define TC__BOOT_SECTOR_VERSION_OFFSET 430
#define TC__BOOT_SECTOR_LOADER_LENGTH_OFFSET 432
#define TC__BOOT_SECTOR_LOADER_CHECKSUM_OFFSET 434
#define TC__BOOT_SECTOR_USER_CONFIG_OFFSET 438
#define TC__BOOT_SECTOR_CONFIG_OFFSET 439 // The last byte that is reserved for the boot loader
#define TC__BOOT_SECTOR_USER_MESSAGE_MAX_LENGTH 24
#define TC__BOOT_SECTOR_USER_MESSAGE_OFFSET (TC__BOOT_SECTOR_VERSION_OFFSET - TC__BOOT_SECTOR_USER_MESSAGE_MAX_LENGTH)
#define TC__BOOT_SECTOR_OUTER_VOLUME_BAK_HEADER_CRC_SIZE 4
#define TC__BOOT_SECTOR_OUTER_VOLUME_BAK_HEADER_CRC_OFFSET (TC__BOOT_SECTOR_USER_MESSAGE_OFFSET - TC__BOOT_SECTOR_OUTER_VOLUME_BAK_HEADER_CRC_SIZE)
#define TC__BOOT_LOADER_DECOMPRESSOR_START_SECTOR 2
#define TC__BOOT_LOADER_DECOMPRESSOR_SECTOR_COUNT 4
#define TC__BOOT_LOADER_DECOMPRESSOR_MEMORY_SIZE 32768
#define TC__BOOT_LOADER_COMPRESSED_BUFFER_OFFSET (TC_COM_EXECUTABLE_OFFSET + 3072)
#define TC__BOOT_LOADER_START_SECTOR (TC_BOOT_LOADER_DECOMPRESSOR_START_SECTOR + TC_BOOT_LOADER_DECOMPRESSOR_SECTOR_COUNT)
#define TC__MAX_BOOT_LOADER_SECTOR_COUNT (TC_BOOT_LOADER_AREA_SECTOR_COUNT - TC_BOOT_LOADER_DECOMPRESSOR_SECTOR_COUNT - 2)
#define TC__MAX_BOOT_LOADER_DECOMPRESSED_SIZE ((TC_BOOT_LOADER_AREA_SECTOR_COUNT - 2) * TC_LB_SIZE)
#define TC__BOOT_LOADER_BACKUP_SECTOR_COUNT 30
#define TC__GZIP_HEADER_SIZE 10
#define TC__BOOT_CFG_FLAG_AREA_SIZE 1 // In bytes
// If you add more flags, revise TC__BOOT_CFG_FLAG_AREA_SIZE
#define TC__BOOT_CFG_FLAG_BACKUP_LOADER_AVAILABLE TC_HEX (02)
#define TC__BOOT_CFG_FLAG_WINDOWS_VISTA_OR_LATER TC_HEX (04)
#define TC__BOOT_CFG_FLAG_RESCUE_DISABLE_HW_ENCRYPTION TC_HEX (10)
#define TC__BOOT_CFG_FLAG_RESCUE_DISK_ORIG_SYS_LOADER TC_HEX (20)
#define TC__BOOT_CFG_MASK_HIDDEN_OS_CREATION_PHASE (TC_HEX (40) + TC_HEX (80))
// Modifying the following values can introduce incompatibility with previous versions
#define TC__BOOT_USER_CFG_FLAG_SILENT_MODE TC_HEX (01)
#define TC__BOOT_USER_CFG_FLAG_DISABLE_ESC TC_HEX (02)
#define TC__BOOT_USER_CFG_FLAG_DISABLE_HW_ENCRYPTION TC_HEX (04)
// The following items are treated as a 2-bit value (apply TC_BOOT_CFG_MASK_HIDDEN_OS_CREATION_PHASE to obtain the value)
#define TC__HIDDEN_OS_CREATION_PHASE_NONE 0
#define TC__HIDDEN_OS_CREATION_PHASE_CLONING TC_HEX (40) // The boot loader is to copy the content of the system partition to the hidden volume
#define TC__HIDDEN_OS_CREATION_PHASE_WIPING TC_HEX (80) // The boot loader has successfully copied the content of the system partition to the hidden volume. The original OS is to be wiped now.
#define TC__HIDDEN_OS_CREATION_PHASE_WIPED (TC_HEX (40) + TC_HEX (80)) // The original OS has been wiped. The user is required to install a new OS (decoy OS) on the system partition now.
#ifdef TC_ASM_PREPROCESS
#define TC_HEX(N) 0##N##h
#define TC_UNSIGNED(N) N
TC_BOOT_MEMORY_REQUIRED = TC__BOOT_MEMORY_REQUIRED
TC_BOOT_LOADER_SEGMENT = TC__BOOT_LOADER_SEGMENT
TC_BOOT_LOADER_SEGMENT_LOW = TC__BOOT_LOADER_SEGMENT_LOW
TC_COM_EXECUTABLE_OFFSET = TC__COM_EXECUTABLE_OFFSET
TC_BOOT_LOADER_LOWMEM_SEGMENT = TC__BOOT_LOADER_LOWMEM_SEGMENT
TC_BOOT_LOADER_BUFFER_SEGMENT = TC__BOOT_LOADER_BUFFER_SEGMENT
TC_BOOT_LOADER_ALT_SEGMENT = TC__BOOT_LOADER_ALT_SEGMENT
TC_BOOT_LOADER_STACK_TOP = TC__BOOT_LOADER_STACK_TOP
TC_LB_SIZE = TC__LB_SIZE
TC_BOOT_LOADER_AREA_SECTOR_COUNT = TC__BOOT_LOADER_AREA_SECTOR_COUNT
TC_BOOT_SECTOR_LOADER_LENGTH_OFFSET = TC__BOOT_SECTOR_LOADER_LENGTH_OFFSET
TC_BOOT_SECTOR_LOADER_CHECKSUM_OFFSET = TC__BOOT_SECTOR_LOADER_CHECKSUM_OFFSET
TC_BOOT_SECTOR_CONFIG_OFFSET = TC__BOOT_SECTOR_CONFIG_OFFSET
TC_BOOT_SECTOR_USER_CONFIG_OFFSET = TC__BOOT_SECTOR_USER_CONFIG_OFFSET
TC_BOOT_LOADER_DECOMPRESSOR_START_SECTOR = TC__BOOT_LOADER_DECOMPRESSOR_START_SECTOR
TC_BOOT_LOADER_DECOMPRESSOR_SECTOR_COUNT = TC__BOOT_LOADER_DECOMPRESSOR_SECTOR_COUNT
TC_BOOT_LOADER_DECOMPRESSOR_MEMORY_SIZE = TC__BOOT_LOADER_DECOMPRESSOR_MEMORY_SIZE
TC_BOOT_LOADER_COMPRESSED_BUFFER_OFFSET = TC__BOOT_LOADER_COMPRESSED_BUFFER_OFFSET
TC_BOOT_LOADER_START_SECTOR = TC__BOOT_LOADER_START_SECTOR
TC_MAX_BOOT_LOADER_SECTOR_COUNT = TC__MAX_BOOT_LOADER_SECTOR_COUNT
TC_MAX_BOOT_LOADER_DECOMPRESSED_SIZE = TC__MAX_BOOT_LOADER_DECOMPRESSED_SIZE
TC_BOOT_LOADER_BACKUP_SECTOR_COUNT = TC__BOOT_LOADER_BACKUP_SECTOR_COUNT
TC_GZIP_HEADER_SIZE = TC__GZIP_HEADER_SIZE
TC_BOOT_CFG_FLAG_AREA_SIZE = TC__BOOT_CFG_FLAG_AREA_SIZE
TC_BOOT_CFG_FLAG_BACKUP_LOADER_AVAILABLE = TC__BOOT_CFG_FLAG_BACKUP_LOADER_AVAILABLE
TC_BOOT_CFG_FLAG_WINDOWS_VISTA_OR_LATER = TC__BOOT_CFG_FLAG_WINDOWS_VISTA_OR_LATER
TC_BOOT_CFG_FLAG_RESCUE_DISK_ORIG_SYS_LOADER = TC__BOOT_CFG_FLAG_RESCUE_DISK_ORIG_SYS_LOADER
TC_BOOT_CFG_MASK_HIDDEN_OS_CREATION_PHASE = TC__BOOT_CFG_MASK_HIDDEN_OS_CREATION_PHASE
TC_BOOT_USER_CFG_FLAG_SILENT_MODE = TC__BOOT_USER_CFG_FLAG_SILENT_MODE
TC_HIDDEN_OS_CREATION_PHASE_NONE = TC__HIDDEN_OS_CREATION_PHASE_NONE
TC_HIDDEN_OS_CREATION_PHASE_CLONING = TC__HIDDEN_OS_CREATION_PHASE_CLONING
TC_HIDDEN_OS_CREATION_PHASE_WIPING = TC__HIDDEN_OS_CREATION_PHASE_WIPING
TC_HIDDEN_OS_CREATION_PHASE_WIPED = TC__HIDDEN_OS_CREATION_PHASE_WIPED
#else // TC_ASM_PREPROCESS
#define TC_HEX(N) 0x##N
#define TC_UNSIGNED(N) N##U
#define TC_BOOT_MEMORY_REQUIRED TC__BOOT_MEMORY_REQUIRED
#define TC_BOOT_LOADER_SEGMENT TC__BOOT_LOADER_SEGMENT
#define TC_COM_EXECUTABLE_OFFSET TC__COM_EXECUTABLE_OFFSET
#define TC_BOOT_LOADER_LOWMEM_SEGMENT TC__BOOT_LOADER_LOWMEM_SEGMENT
#define TC_BOOT_LOADER_BUFFER_SEGMENT TC__BOOT_LOADER_BUFFER_SEGMENT
#define TC_BOOT_LOADER_ALT_SEGMENT TC__BOOT_LOADER_ALT_SEGMENT
#define TC_BOOT_LOADER_STACK_TOP (TC__BOOT_LOADER_STACK_TOP)
#define TC_BOOT_LOADER_AREA_SECTOR_COUNT TC__BOOT_LOADER_AREA_SECTOR_COUNT
#define TC_BOOT_SECTOR_USER_MESSAGE_OFFSET TC__BOOT_SECTOR_USER_MESSAGE_OFFSET
#define TC_BOOT_SECTOR_OUTER_VOLUME_BAK_HEADER_CRC_SIZE TC__BOOT_SECTOR_OUTER_VOLUME_BAK_HEADER_CRC_SIZE
#define TC_BOOT_SECTOR_OUTER_VOLUME_BAK_HEADER_CRC_OFFSET TC__BOOT_SECTOR_OUTER_VOLUME_BAK_HEADER_CRC_OFFSET
#define TC_BOOT_SECTOR_USER_MESSAGE_MAX_LENGTH TC__BOOT_SECTOR_USER_MESSAGE_MAX_LENGTH
#define TC_BOOT_SECTOR_VERSION_OFFSET TC__BOOT_SECTOR_VERSION_OFFSET
#define TC_BOOT_SECTOR_LOADER_LENGTH_OFFSET TC__BOOT_SECTOR_LOADER_LENGTH_OFFSET
#define TC_BOOT_SECTOR_LOADER_CHECKSUM_OFFSET TC__BOOT_SECTOR_LOADER_CHECKSUM_OFFSET
#define TC_BOOT_LOADER_DECOMPRESSOR_START_SECTOR TC__BOOT_LOADER_DECOMPRESSOR_START_SECTOR
#define TC_BOOT_LOADER_DECOMPRESSOR_SECTOR_COUNT TC__BOOT_LOADER_DECOMPRESSOR_SECTOR_COUNT
#define TC_BOOT_SECTOR_CONFIG_OFFSET TC__BOOT_SECTOR_CONFIG_OFFSET
#define TC_BOOT_SECTOR_USER_CONFIG_OFFSET TC__BOOT_SECTOR_USER_CONFIG_OFFSET
#define TC_BOOT_LOADER_START_SECTOR TC__BOOT_LOADER_START_SECTOR
#define TC_LB_SIZE TC__LB_SIZE
#define TC_MAX_BOOT_LOADER_SECTOR_COUNT TC__MAX_BOOT_LOADER_SECTOR_COUNT
#define TC_MAX_BOOT_LOADER_DECOMPRESSED_SIZE TC__MAX_BOOT_LOADER_DECOMPRESSED_SIZE
#define TC_BOOT_LOADER_BACKUP_SECTOR_COUNT TC__BOOT_LOADER_BACKUP_SECTOR_COUNT
#define TC_GZIP_HEADER_SIZE TC__GZIP_HEADER_SIZE
#define TC_BOOT_CFG_FLAG_AREA_SIZE TC__BOOT_CFG_FLAG_AREA_SIZE
#define TC_BOOT_CFG_FLAG_BACKUP_LOADER_AVAILABLE TC__BOOT_CFG_FLAG_BACKUP_LOADER_AVAILABLE
#define TC_BOOT_CFG_FLAG_WINDOWS_VISTA_OR_LATER TC__BOOT_CFG_FLAG_WINDOWS_VISTA_OR_LATER
#define TC_BOOT_CFG_FLAG_RESCUE_DISK_ORIG_SYS_LOADER TC__BOOT_CFG_FLAG_RESCUE_DISK_ORIG_SYS_LOADER
#define TC_BOOT_CFG_FLAG_RESCUE_DISABLE_HW_ENCRYPTION TC__BOOT_CFG_FLAG_RESCUE_DISABLE_HW_ENCRYPTION
#define TC_BOOT_CFG_MASK_HIDDEN_OS_CREATION_PHASE TC__BOOT_CFG_MASK_HIDDEN_OS_CREATION_PHASE
#define TC_BOOT_USER_CFG_FLAG_SILENT_MODE TC__BOOT_USER_CFG_FLAG_SILENT_MODE
#define TC_BOOT_USER_CFG_FLAG_DISABLE_ESC TC__BOOT_USER_CFG_FLAG_DISABLE_ESC
#define TC_BOOT_USER_CFG_FLAG_DISABLE_HW_ENCRYPTION TC__BOOT_USER_CFG_FLAG_DISABLE_HW_ENCRYPTION
#define TC_HIDDEN_OS_CREATION_PHASE_NONE TC__HIDDEN_OS_CREATION_PHASE_NONE
#define TC_HIDDEN_OS_CREATION_PHASE_CLONING TC__HIDDEN_OS_CREATION_PHASE_CLONING
#define TC_HIDDEN_OS_CREATION_PHASE_WIPING TC__HIDDEN_OS_CREATION_PHASE_WIPING
#define TC_HIDDEN_OS_CREATION_PHASE_WIPED TC__HIDDEN_OS_CREATION_PHASE_WIPED
#endif // TC_ASM_PREPROCESS
#endif // TC_HEADER_Boot_BootDefs
a>
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
;
; Copyright (c) 2008-2009 TrueCrypt Developers Association. All rights reserved.
;
; Governed by the TrueCrypt License 3.0 the full text of which is contained in
; the file License.txt included in TrueCrypt binary and source code distribution
; packages.
;
.MODEL tiny
.386
_TEXT SEGMENT USE16
INCLUDE BootDefs.i
ORG 7C00h ; Standard boot sector offset
start:
; BIOS executes boot sector from 0:7C00 or 7C0:0000 (default CD boot loader address).
; Far jump to the next instruction sets IP to the standard offset 7C00.
db 0EAh ; jmp 0:main
dw main, 0
loader_name_msg:
db ' VeraCrypt Boot Loader', 13, 10, 0
main:
cli
xor ax, ax
mov ds, ax
mov ss, ax
mov sp, 7C00h
sti
; Display boot loader name
test byte ptr [start + TC_BOOT_SECTOR_USER_CONFIG_OFFSET], TC_BOOT_USER_CFG_FLAG_SILENT_MODE
jnz skip_loader_name_msg
lea si, loader_name_msg
call print
skip_loader_name_msg:
; Determine boot loader segment
mov ax, TC_BOOT_LOADER_SEGMENT
; Check available memory
cmp word ptr [ds:413h], TC_BOOT_LOADER_SEGMENT / 1024 * 16 + TC_BOOT_MEMORY_REQUIRED
jge memory_ok
mov ax, TC_BOOT_LOADER_SEGMENT_LOW
cmp word ptr [ds:413h], TC_BOOT_LOADER_SEGMENT_LOW / 1024 * 16 + TC_BOOT_MEMORY_REQUIRED
jge memory_ok
; Insufficient memory
mov ax, TC_BOOT_LOADER_LOWMEM_SEGMENT
memory_ok:
mov es, ax
; Clear BSS section
xor al, al
mov di, TC_COM_EXECUTABLE_OFFSET
mov cx, TC_BOOT_MEMORY_REQUIRED * 1024 - TC_COM_EXECUTABLE_OFFSET - 1
cld
rep stosb
mov ax, es
sub ax, TC_BOOT_LOADER_DECOMPRESSOR_MEMORY_SIZE / 16 ; Decompressor segment
mov es, ax
; Load decompressor
mov cl, TC_BOOT_LOADER_DECOMPRESSOR_START_SECTOR
retry_backup:
mov al, TC_BOOT_LOADER_DECOMPRESSOR_SECTOR_COUNT
mov bx, TC_COM_EXECUTABLE_OFFSET
call read_sectors
; Decompressor checksum
xor ebx, ebx
mov si, TC_COM_EXECUTABLE_OFFSET
mov cx, TC_BOOT_LOADER_DECOMPRESSOR_SECTOR_COUNT * TC_LB_SIZE
call checksum
push ebx
; Load compressed boot loader
mov bx, TC_BOOT_LOADER_COMPRESSED_BUFFER_OFFSET
mov cl, TC_BOOT_LOADER_START_SECTOR
mov al, TC_MAX_BOOT_LOADER_SECTOR_COUNT
test backup_loader_used, 1
jz non_backup
mov al, TC_BOOT_LOADER_BACKUP_SECTOR_COUNT - TC_BOOT_LOADER_DECOMPRESSOR_SECTOR_COUNT
mov cl, TC_BOOT_LOADER_START_SECTOR + TC_BOOT_LOADER_BACKUP_SECTOR_COUNT
non_backup:
call read_sectors
; Boot loader checksum
pop ebx
mov si, TC_BOOT_LOADER_COMPRESSED_BUFFER_OFFSET
mov cx, word ptr [start + TC_BOOT_SECTOR_LOADER_LENGTH_OFFSET]
call checksum
; Verify checksum
cmp ebx, dword ptr [start + TC_BOOT_SECTOR_LOADER_CHECKSUM_OFFSET]
je checksum_ok
; Checksum incorrect - try using backup if available
test backup_loader_used, 1
jnz loader_damaged
mov backup_loader_used, 1
mov cl, TC_BOOT_LOADER_DECOMPRESSOR_START_SECTOR + TC_BOOT_LOADER_BACKUP_SECTOR_COUNT
test TC_BOOT_CFG_FLAG_BACKUP_LOADER_AVAILABLE, byte ptr [start + TC_BOOT_SECTOR_CONFIG_OFFSET]
jnz retry_backup
loader_damaged:
lea si, loader_damaged_msg
call print
lea si, loader_name_msg
call print
jmp $
checksum_ok:
; Set up decompressor segment
mov ax, es
mov ds, ax
cli
mov ss, ax
mov sp, TC_BOOT_LOADER_DECOMPRESSOR_MEMORY_SIZE
sti
push dx
; Decompress boot loader
push TC_BOOT_LOADER_COMPRESSED_BUFFER_OFFSET + TC_GZIP_HEADER_SIZE ; Compressed data
push TC_MAX_BOOT_LOADER_DECOMPRESSED_SIZE ; Output buffer size
push TC_BOOT_LOADER_DECOMPRESSOR_MEMORY_SIZE + TC_COM_EXECUTABLE_OFFSET ; Output buffer
push cs
push decompressor_ret
push es
push TC_COM_EXECUTABLE_OFFSET
retf
decompressor_ret:
add sp, 6
pop dx
; Restore boot sector segment
push cs
pop ds
; Check decompression result
test ax, ax
jz decompression_ok
lea si, loader_damaged_msg
call print
jmp $
decompression_ok:
; DH = boot sector flags
mov dh, byte ptr [start + TC_BOOT_SECTOR_CONFIG_OFFSET]
; Set up boot loader segment
mov ax, es
add ax, TC_BOOT_LOADER_DECOMPRESSOR_MEMORY_SIZE / 16
mov es, ax
mov ds, ax
cli
mov ss, ax
mov sp, TC_BOOT_LOADER_STACK_TOP
sti
; Execute boot loader
push es
push TC_COM_EXECUTABLE_OFFSET
retf
; Print string
print:
xor bx, bx
mov ah, 0eh
cld
@@: lodsb
test al, al
jz print_end
int 10h
jmp @B
print_end:
ret
; Read sectors of the first cylinder
read_sectors:
mov ch, 0 ; Cylinder
mov dh, 0 ; Head
; DL = drive number passed from BIOS
mov ah, 2
int 13h
jnc read_ok
lea si, disk_error_msg
call print
read_ok:
ret
; Calculate checksum
checksum:
push ds
push es
pop ds
xor eax, eax
cld
@@: lodsb
add ebx, eax
rol ebx, 1
loop @B
pop ds
ret
backup_loader_used db 0
disk_error_msg db 'Disk error', 13, 10, 7, 0
loader_damaged_msg db 7, 'Loader damaged! Use Rescue Disk: Repair Options > Restore', 0
ORG 7C00h + 510
dw 0AA55h ; Boot sector signature
_TEXT ENDS
END start
|