Windows: enhance support of new behavior of favorite service which is now always running in case of system encryption

2024-09-20 12:56:19 +02:00 · 2019-01-14 01:01:00 +01:00 · 2019-01-14 01:01:00 +01:00 · 07f6793bd2
commit 07f6793bd2
parent d3e7ed96f3
4 changed files with 46 additions and 27 deletions
--- a/src/Common/BootEncryption.cpp
+++ b/src/Common/BootEncryption.cpp
@ -4599,8 +4599,6 @@ namespace VeraCrypt
 			{
 				WriteLocalMachineRegistryString (L"SYSTEM\\CurrentControlSet\\Control\\SafeBoot\\Minimal\\" TC_SYSTEM_FAVORITES_SERVICE_NAME, NULL, L"Service", FALSE);
 				WriteLocalMachineRegistryString (L"SYSTEM\\CurrentControlSet\\Control\\SafeBoot\\Network\\" TC_SYSTEM_FAVORITES_SERVICE_NAME, NULL, L"Service", FALSE);
-
-				SetDriverConfigurationFlag (TC_DRIVER_CONFIG_CACHE_BOOT_PASSWORD_FOR_SYS_FAVORITES, true);
 			}
 			catch (...)
 			{
@ -4615,14 +4613,15 @@ namespace VeraCrypt
 		}
 		else
 		{
-			SetDriverConfigurationFlag (TC_DRIVER_CONFIG_CACHE_BOOT_PASSWORD_FOR_SYS_FAVORITES, false);
-
 			DeleteLocalMachineRegistryKey (L"SYSTEM\\CurrentControlSet\\Control\\SafeBoot\\Minimal", TC_SYSTEM_FAVORITES_SERVICE_NAME);
 			DeleteLocalMachineRegistryKey (L"SYSTEM\\CurrentControlSet\\Control\\SafeBoot\\Network", TC_SYSTEM_FAVORITES_SERVICE_NAME);

 			SC_HANDLE service = OpenService (scm, TC_SYSTEM_FAVORITES_SERVICE_NAME, SERVICE_ALL_ACCESS);
 			throw_sys_if (!service);

+			SERVICE_STATUS serviceStatus = {0};
+			ControlService (service, SERVICE_CONTROL_STOP, &serviceStatus);
+
 			throw_sys_if (!DeleteService (service));
 			CloseServiceHandle (service);

@ -4940,7 +4939,7 @@ namespace VeraCrypt

 		try
 		{
-			RegisterSystemFavoritesService (false);
+			RegisterSystemFavoritesService (FALSE);
 		}
 		catch (...) { }

@ -5168,6 +5167,8 @@ namespace VeraCrypt
 				InstallVolumeHeader ();

 			RegisterBootDriver (hiddenSystem);
+
+			RegisterSystemFavoritesService (TRUE);
 		}
 		catch (Exception &)
 		{
--- a/src/Mount/Favorites.cpp
+++ b/src/Mount/Favorites.cpp
@ -256,7 +256,7 @@ namespace VeraCrypt
 						{
 							uint32 reqConfig = IsDlgButtonChecked (hwndDlg, IDC_FAVORITE_OPEN_EXPLORER_WIN_ON_MOUNT) ? TC_DRIVER_CONFIG_CACHE_BOOT_PASSWORD_FOR_SYS_FAVORITES : 0;
 							if (reqConfig != (ReadDriverConfigurationFlags() & TC_DRIVER_CONFIG_CACHE_BOOT_PASSWORD_FOR_SYS_FAVORITES))
-								BootEncObj.RegisterSystemFavoritesService (reqConfig ? TRUE : FALSE);
+								BootEncObj.SetDriverConfigurationFlag (TC_DRIVER_CONFIG_CACHE_BOOT_PASSWORD_FOR_SYS_FAVORITES, reqConfig ? true : false);

 							SetDriverConfigurationFlag (TC_DRIVER_CONFIG_DISABLE_NONADMIN_SYS_FAVORITES_ACCESS, IsDlgButtonChecked (hwndDlg, IDC_FAVORITE_DISABLE_HOTKEY));
 						}
--- a/src/Mount/Mount.c
+++ b/src/Mount/Mount.c
@ -9352,7 +9352,7 @@ static DWORD WINAPI SystemFavoritesServiceCtrlHandler (	DWORD dwControl,
 	case SERVICE_CONTROL_PRESHUTDOWN:
 		SystemFavoritesServiceSetStatus (SERVICE_STOP_PENDING);

-		if (BootEncObj)
+		if (BootEncObj && BootEncStatus.DriveMounted && BootEncObj->GetSystemDriveConfiguration().SystemPartition.IsGPT)
 		{
 			try
 			{
@ -9383,11 +9383,10 @@ static DWORD WINAPI SystemFavoritesServiceCtrlHandler (	DWORD dwControl,
 			DEV_BROADCAST_HDR* pHdr = (DEV_BROADCAST_HDR *) lpEventData;
 			if (pHdr->dbch_devicetype != DBT_DEVTYP_VOLUME &&  pHdr->dbch_devicetype != DBT_DEVTYP_HANDLE)			
 			{
-				SystemFavoritesServiceLogInfo (L"SERVICE_CONTROL_DEVICEEVENT - DBT_DEVICEARRIVAL received");
-
 				if (ReadDriverConfigurationFlags() & VC_DRIVER_CONFIG_CLEAR_KEYS_ON_NEW_DEVICE_INSERTION)
 				{
 					BOOL bClearKeys = TRUE;
+					SystemFavoritesServiceLogInfo (L"SERVICE_CONTROL_DEVICEEVENT - DBT_DEVICEARRIVAL received");
 					if (pHdr->dbch_devicetype == DBT_DEVTYP_DEVICEINTERFACE)
 					{
 						DEV_BROADCAST_DEVICEINTERFACE* pInf = (DEV_BROADCAST_DEVICEINTERFACE*) pHdr;
@ -9402,13 +9401,9 @@ static DWORD WINAPI SystemFavoritesServiceCtrlHandler (	DWORD dwControl,
 					}

 					if (bClearKeys)
-					{						
+					{
 						DWORD cbBytesReturned = 0;
-						BOOL bResult = DeviceIoControl (hDriver, VC_IOCTL_EMERGENCY_CLEAR_ALL_KEYS, NULL, 0, NULL, 0, &cbBytesReturned, NULL);
-						if (bResult)
-							SystemFavoritesServiceLogInfo (L"New device insertion detected - encryption keys cleared");
-						else
-							SystemFavoritesServiceLogInfo (L"New device insertion detected - failed to clear encryption keys");
+						DeviceIoControl (hDriver, VC_IOCTL_EMERGENCY_CLEAR_ALL_KEYS, NULL, 0, NULL, 0, &cbBytesReturned, NULL);
 					}
 				}
 			}
@ -9445,8 +9440,8 @@ static VOID WINAPI SystemFavoritesServiceMain (DWORD argc, LPTSTR *argv)
 	memset (&SystemFavoritesServiceStatus, 0, sizeof (SystemFavoritesServiceStatus));
 	SystemFavoritesServiceStatus.dwServiceType = SERVICE_WIN32_OWN_PROCESS;
 	SystemFavoritesServiceStatus.dwControlsAccepted = SERVICE_ACCEPT_STOP;
-	if (IsOSAtLeast (WIN_VISTA) && BootEncObj && BootEncStatus.DriveMounted && BootEncObj->GetSystemDriveConfiguration().SystemPartition.IsGPT)
-		SystemFavoritesServiceStatus.dwControlsAccepted |= SERVICE_ACCEPT_PRESHUTDOWN;
+	if (IsOSAtLeast (WIN_VISTA))
+		SystemFavoritesServiceStatus.dwControlsAccepted |= SERVICE_ACCEPT_PRESHUTDOWN;		

 	ZeroMemory (&hdr, sizeof(hdr));
 	hdr.dbcc_size = sizeof (hdr);
--- a/src/Setup/Setup.c
+++ b/src/Setup/Setup.c
@ -92,6 +92,34 @@ void localcleanup (void)
 	CloseAppSetupMutex ();
 }

+BOOL ForceCopyFile (LPCWSTR szSrcFile, LPCWSTR szDestFile)
+{
+	BOOL bRet = CopyFileW (szSrcFile, szDestFile, FALSE);
+	if (!bRet)
+	{
+		wstring renamedPath = szDestFile;
+		renamedPath += VC_FILENAME_RENAMED_SUFFIX;
+
+		/* rename the locked file in order to be able to create a new one */
+		if (MoveFileExW (szDestFile, renamedPath.c_str(), MOVEFILE_REPLACE_EXISTING))
+		{
+			bRet = CopyFileW (szSrcFile, szDestFile, FALSE);
+			if (bRet)
+			{
+				/* delete the renamed file when the machine reboots */
+				MoveFileEx (renamedPath.c_str(), NULL, MOVEFILE_DELAY_UNTIL_REBOOT);
+			}
+			else
+			{
+				/* restore the original file name */
+				MoveFileEx (renamedPath.c_str(), szDestFile, MOVEFILE_REPLACE_EXISTING);
+			}
+		}
+	}
+
+	return bRet;
+}
+
 BOOL ForceDeleteFile (LPCWSTR szFileName)
 {
 	if (!DeleteFile (szFileName))
@ -814,14 +842,6 @@ BOOL DoFilesInstall (HWND hwndDlg, wchar_t *szDestDir)
 					wstring favoritesFile = GetServiceConfigPath (TC_APPD_FILENAME_SYSTEM_FAVORITE_VOLUMES, false);
 					wstring favoritesLegacyFile = GetServiceConfigPath (TC_APPD_FILENAME_SYSTEM_FAVORITE_VOLUMES, true);

-					if (	FileExists (servicePath.c_str())
-						||	(Is64BitOs () && FileExists (serviceLegacyPath.c_str()))
-						)
-					{
-						CopyMessage (hwndDlg, (wchar_t *) servicePath.c_str());
-						bResult = CopyFile (szTmp, servicePath.c_str(), FALSE);
-					}
-
 					if (bResult && Is64BitOs ()
 						&& FileExists (favoritesLegacyFile.c_str())
 						&& !FileExists (favoritesFile.c_str()))
@ -830,7 +850,7 @@ BOOL DoFilesInstall (HWND hwndDlg, wchar_t *szDestDir)
 						bResult = CopyFile (favoritesLegacyFile.c_str(), favoritesFile.c_str(), FALSE);
 					}

-					if (bResult && Is64BitOs () && FileExists (favoritesFile.c_str()) && FileExists (servicePath.c_str()))
+					if (bResult)
 					{
 						// Update the path of the service
 						BootEncryption BootEncObj (hwndDlg);
@ -839,7 +859,10 @@ BOOL DoFilesInstall (HWND hwndDlg, wchar_t *szDestDir)
 						{
 							if (BootEncObj.GetDriverServiceStartType() == SERVICE_BOOT_START)
 							{
-								BootEncObj.UpdateSystemFavoritesService ();
+								CopyMessage (hwndDlg, (wchar_t *) servicePath.c_str());
+								bResult = ForceCopyFile (szTmp, servicePath.c_str());
+								if (bResult)
+									BootEncObj.UpdateSystemFavoritesService ();
 							}
 						}
 						catch (...) {}