mirror of
https://github.com/veracrypt/VeraCrypt
synced 2024-11-30 23:13:31 +01:00
Windows driver: fix reading of boot PRF after latest EFI hidden OS changes. Better memory cleanup and changes for code clarity.
This commit is contained in:
parent
ac53e293d4
commit
9b0669da29
@ -35,7 +35,7 @@ BOOL BootArgsValid = FALSE;
|
|||||||
BootArguments BootArgs;
|
BootArguments BootArgs;
|
||||||
byte* BootSecRegionData = NULL;
|
byte* BootSecRegionData = NULL;
|
||||||
uint32 BootSecRegionSize = 0;
|
uint32 BootSecRegionSize = 0;
|
||||||
uint32 BootPkcs5;
|
uint32 BootPkcs5 = 0;
|
||||||
|
|
||||||
static uint64 BootLoaderArgsPtr;
|
static uint64 BootLoaderArgsPtr;
|
||||||
static BOOL BootDriveSignatureValid = FALSE;
|
static BOOL BootDriveSignatureValid = FALSE;
|
||||||
@ -107,6 +107,9 @@ NTSTATUS LoadBootArguments ()
|
|||||||
&& bootArguments->BootArgumentsCrc32 != GetCrc32 ((byte *) bootArguments, (int) ((byte *) &bootArguments->BootArgumentsCrc32 - (byte *) bootArguments)))
|
&& bootArguments->BootArgumentsCrc32 != GetCrc32 ((byte *) bootArguments, (int) ((byte *) &bootArguments->BootArgumentsCrc32 - (byte *) bootArguments)))
|
||||||
{
|
{
|
||||||
Dump ("BootArguments CRC incorrect\n");
|
Dump ("BootArguments CRC incorrect\n");
|
||||||
|
burn (mappedBootArgs, sizeof (BootArguments));
|
||||||
|
MmUnmapIoSpace (mappedBootArgs, sizeof (BootArguments));
|
||||||
|
mappedBootArgs = NULL;
|
||||||
TC_BUG_CHECK (STATUS_CRC_ERROR);
|
TC_BUG_CHECK (STATUS_CRC_ERROR);
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -134,6 +137,7 @@ NTSTATUS LoadBootArguments ()
|
|||||||
// clear fingerprint
|
// clear fingerprint
|
||||||
burn (BootLoaderFingerprint, sizeof (BootLoaderFingerprint));
|
burn (BootLoaderFingerprint, sizeof (BootLoaderFingerprint));
|
||||||
MmUnmapIoSpace (mappedBootArgs, sizeof (BootArguments));
|
MmUnmapIoSpace (mappedBootArgs, sizeof (BootArguments));
|
||||||
|
mappedBootArgs = NULL;
|
||||||
|
|
||||||
// Extra parameters? (pkcs5, hash)
|
// Extra parameters? (pkcs5, hash)
|
||||||
if (BootArgs.CryptoInfoLength > 0)
|
if (BootArgs.CryptoInfoLength > 0)
|
||||||
@ -182,11 +186,26 @@ NTSTATUS LoadBootArguments ()
|
|||||||
// Erase boot loader scheduled keys
|
// Erase boot loader scheduled keys
|
||||||
burn (mappedCryptoInfo, BootArgs.CryptoInfoLength);
|
burn (mappedCryptoInfo, BootArgs.CryptoInfoLength);
|
||||||
MmUnmapIoSpace (mappedCryptoInfo, BootArgs.CryptoInfoLength);
|
MmUnmapIoSpace (mappedCryptoInfo, BootArgs.CryptoInfoLength);
|
||||||
|
BootArgs.CryptoInfoLength = 0;
|
||||||
|
}
|
||||||
|
else
|
||||||
|
{
|
||||||
|
BootArgs.CryptoInfoLength = 0;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
status = STATUS_SUCCESS;
|
status = STATUS_SUCCESS;
|
||||||
}
|
}
|
||||||
} else {
|
else
|
||||||
|
{
|
||||||
|
Dump ("BootArguments contains a password larger than maximum limit\n");
|
||||||
|
burn (mappedBootArgs, sizeof (BootArguments));
|
||||||
|
MmUnmapIoSpace (mappedBootArgs, sizeof (BootArguments));
|
||||||
|
mappedBootArgs = NULL;
|
||||||
|
TC_BUG_CHECK (STATUS_FAIL_CHECK);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
if (mappedBootArgs) {
|
||||||
MmUnmapIoSpace (mappedBootArgs, sizeof (BootArguments));
|
MmUnmapIoSpace (mappedBootArgs, sizeof (BootArguments));
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
@ -368,7 +387,6 @@ static NTSTATUS MountDrive (DriveFilterExtension *Extension, Password *password,
|
|||||||
LARGE_INTEGER offset;
|
LARGE_INTEGER offset;
|
||||||
char *header;
|
char *header;
|
||||||
int pkcs5_prf = 0, pim = 0;
|
int pkcs5_prf = 0, pim = 0;
|
||||||
byte *mappedCryptoInfo = NULL;
|
|
||||||
PARTITION_INFORMATION_EX pi;
|
PARTITION_INFORMATION_EX pi;
|
||||||
BOOL bIsGPT = FALSE;
|
BOOL bIsGPT = FALSE;
|
||||||
|
|
||||||
@ -454,23 +472,12 @@ static NTSTATUS MountDrive (DriveFilterExtension *Extension, Password *password,
|
|||||||
bIsGPT = (pi.PartitionStyle == PARTITION_STYLE_GPT)? TRUE : FALSE;
|
bIsGPT = (pi.PartitionStyle == PARTITION_STYLE_GPT)? TRUE : FALSE;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (BootArgs.CryptoInfoLength > 0)
|
if (BootPkcs5 > 0)
|
||||||
{
|
|
||||||
PHYSICAL_ADDRESS cryptoInfoAddress;
|
|
||||||
|
|
||||||
cryptoInfoAddress.QuadPart = BootLoaderArgsPtr + BootArgs.CryptoInfoOffset;
|
|
||||||
#ifdef DEBUG
|
|
||||||
Dump ("Wiping memory %x %d\n", cryptoInfoAddress.LowPart, BootArgs.CryptoInfoLength);
|
|
||||||
#endif
|
|
||||||
mappedCryptoInfo = MmMapIoSpace (cryptoInfoAddress, BootArgs.CryptoInfoLength, MmCached);
|
|
||||||
if (mappedCryptoInfo)
|
|
||||||
{
|
{
|
||||||
/* Get the parameters used for booting to speed up driver startup and avoid testing irrelevant PRFs */
|
/* Get the parameters used for booting to speed up driver startup and avoid testing irrelevant PRFs */
|
||||||
BOOT_CRYPTO_HEADER* pBootCryptoInfo = (BOOT_CRYPTO_HEADER*) mappedCryptoInfo;
|
Hash* pHash = HashGet(BootPkcs5);
|
||||||
Hash* pHash = HashGet(pBootCryptoInfo->pkcs5);
|
|
||||||
if (pHash && (bIsGPT || pHash->SystemEncryption))
|
if (pHash && (bIsGPT || pHash->SystemEncryption))
|
||||||
pkcs5_prf = pBootCryptoInfo->pkcs5;
|
pkcs5_prf = BootPkcs5;
|
||||||
}
|
|
||||||
}
|
}
|
||||||
|
|
||||||
pim = (int) (BootArgs.Flags >> 16);
|
pim = (int) (BootArgs.Flags >> 16);
|
||||||
@ -499,13 +506,7 @@ static NTSTATUS MountDrive (DriveFilterExtension *Extension, Password *password,
|
|||||||
|
|
||||||
if (Extension->Queue.CryptoInfo->VolumeSize.Value > hiddenPartitionOffset - BootArgs.DecoySystemPartitionStart)
|
if (Extension->Queue.CryptoInfo->VolumeSize.Value > hiddenPartitionOffset - BootArgs.DecoySystemPartitionStart)
|
||||||
{
|
{
|
||||||
// Erase boot loader scheduled keys
|
// we have already erased boot loader scheduled keys
|
||||||
if (mappedCryptoInfo)
|
|
||||||
{
|
|
||||||
burn (mappedCryptoInfo, BootArgs.CryptoInfoLength);
|
|
||||||
MmUnmapIoSpace (mappedCryptoInfo, BootArgs.CryptoInfoLength);
|
|
||||||
BootArgs.CryptoInfoLength = 0;
|
|
||||||
}
|
|
||||||
TC_THROW_FATAL_EXCEPTION;
|
TC_THROW_FATAL_EXCEPTION;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -533,13 +534,7 @@ static NTSTATUS MountDrive (DriveFilterExtension *Extension, Password *password,
|
|||||||
Dump ("Loaded: ConfiguredEncryptedAreaStart=%I64d (%I64d) ConfiguredEncryptedAreaEnd=%I64d (%I64d)\n", Extension->ConfiguredEncryptedAreaStart / 1024 / 1024, Extension->ConfiguredEncryptedAreaStart, Extension->ConfiguredEncryptedAreaEnd / 1024 / 1024, Extension->ConfiguredEncryptedAreaEnd);
|
Dump ("Loaded: ConfiguredEncryptedAreaStart=%I64d (%I64d) ConfiguredEncryptedAreaEnd=%I64d (%I64d)\n", Extension->ConfiguredEncryptedAreaStart / 1024 / 1024, Extension->ConfiguredEncryptedAreaStart, Extension->ConfiguredEncryptedAreaEnd / 1024 / 1024, Extension->ConfiguredEncryptedAreaEnd);
|
||||||
Dump ("Loaded: EncryptedAreaStart=%I64d (%I64d) EncryptedAreaEnd=%I64d (%I64d)\n", Extension->Queue.EncryptedAreaStart / 1024 / 1024, Extension->Queue.EncryptedAreaStart, Extension->Queue.EncryptedAreaEnd / 1024 / 1024, Extension->Queue.EncryptedAreaEnd);
|
Dump ("Loaded: EncryptedAreaStart=%I64d (%I64d) EncryptedAreaEnd=%I64d (%I64d)\n", Extension->Queue.EncryptedAreaStart / 1024 / 1024, Extension->Queue.EncryptedAreaStart, Extension->Queue.EncryptedAreaEnd / 1024 / 1024, Extension->Queue.EncryptedAreaEnd);
|
||||||
|
|
||||||
// Erase boot loader scheduled keys
|
// at this stage, we have already erased boot loader scheduled keys
|
||||||
if (mappedCryptoInfo)
|
|
||||||
{
|
|
||||||
burn (mappedCryptoInfo, BootArgs.CryptoInfoLength);
|
|
||||||
MmUnmapIoSpace (mappedCryptoInfo, BootArgs.CryptoInfoLength);
|
|
||||||
BootArgs.CryptoInfoLength = 0;
|
|
||||||
}
|
|
||||||
|
|
||||||
BootDriveFilterExtension = Extension;
|
BootDriveFilterExtension = Extension;
|
||||||
BootDriveFound = Extension->BootDrive = Extension->DriveMounted = Extension->VolumeHeaderPresent = TRUE;
|
BootDriveFound = Extension->BootDrive = Extension->DriveMounted = Extension->VolumeHeaderPresent = TRUE;
|
||||||
@ -565,8 +560,8 @@ static NTSTATUS MountDrive (DriveFilterExtension *Extension, Password *password,
|
|||||||
uint32 i;
|
uint32 i;
|
||||||
for(i = 0; i<pwdCache->Count; ++i){
|
for(i = 0; i<pwdCache->Count; ++i){
|
||||||
if (CacheBootPassword && pwdCache->Pwd[i].Length > 0) {
|
if (CacheBootPassword && pwdCache->Pwd[i].Length > 0) {
|
||||||
int pim = CacheBootPim? (int) (pwdCache->Pim[i]) : 0;
|
int cachedPim = CacheBootPim? (int) (pwdCache->Pim[i]) : 0;
|
||||||
AddPasswordToCache (&pwdCache->Pwd[i], pim);
|
AddPasswordToCache (&pwdCache->Pwd[i], cachedPim);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
burn(pwdCache, sizeof(*pwdCache));
|
burn(pwdCache, sizeof(*pwdCache));
|
||||||
@ -577,8 +572,8 @@ static NTSTATUS MountDrive (DriveFilterExtension *Extension, Password *password,
|
|||||||
|
|
||||||
if (CacheBootPassword && BootArgs.BootPassword.Length > 0)
|
if (CacheBootPassword && BootArgs.BootPassword.Length > 0)
|
||||||
{
|
{
|
||||||
int pim = CacheBootPim? (int) (BootArgs.Flags >> 16) : 0;
|
int cachedPim = CacheBootPim? pim : 0;
|
||||||
AddPasswordToCache (&BootArgs.BootPassword, pim);
|
AddPasswordToCache (&BootArgs.BootPassword, cachedPim);
|
||||||
}
|
}
|
||||||
|
|
||||||
burn (&BootArgs.BootPassword, sizeof (BootArgs.BootPassword));
|
burn (&BootArgs.BootPassword, sizeof (BootArgs.BootPassword));
|
||||||
|
Loading…
Reference in New Issue
Block a user