nihilist/VeraCrypt
1
0
Fork 0
mirror of https://github.com/veracrypt/VeraCrypt synced 2024-11-10 13:13:34 +01:00
Code Issues Packages Projects Releases Wiki Activity

Windows driver: avoid race condition by using IoAttachDeviceToDeviceStackSafe instead IoAttachDeviceToDeviceStack. Set BootArgs.CryptoInfoLength to 0 after clearing boot memory.

Browse Source
This commit is contained in:
Mounir IDRASSI 2015-05-14 23:10:38 +02:00
parent 4a5154e750
commit e95c075f0c
2 changed files with 16 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
src/Driver/DriveFilter.c
View File

@ -155,7 +155,12 @@ NTSTATUS DriveFilterAddDevice (PDRIVER_OBJECT driverObject, PDEVICE_OBJECT pdo)
Extension = (DriveFilterExtension *) filterDeviceObject->DeviceExtension; Extension = (DriveFilterExtension *) filterDeviceObject->DeviceExtension;
memset (Extension, 0, sizeof (DriveFilterExtension)); memset (Extension, 0, sizeof (DriveFilterExtension));
Extension->LowerDeviceObject = IoAttachDeviceToDeviceStack (filterDeviceObject, pdo); // IoAttachDeviceToDeviceStackSafe() is not required in AddDevice routine and is also unavailable on Windows 2000 SP4 status = IoAttachDeviceToDeviceStackSafe (filterDeviceObject, pdo, &(Extension->LowerDeviceObject));
if (!NT_SUCCESS (status))
{
goto err;
}
if (!Extension->LowerDeviceObject) if (!Extension->LowerDeviceObject)
{ {
status = STATUS_DEVICE_REMOVED; status = STATUS_DEVICE_REMOVED;
@ -276,6 +281,9 @@ static NTSTATUS MountDrive (DriveFilterExtension *Extension, Password *password,
PHYSICAL_ADDRESS cryptoInfoAddress; PHYSICAL_ADDRESS cryptoInfoAddress;
cryptoInfoAddress.QuadPart = (BootLoaderSegment << 4) + BootArgs.CryptoInfoOffset; cryptoInfoAddress.QuadPart = (BootLoaderSegment << 4) + BootArgs.CryptoInfoOffset;
#ifdef DEBUG
Dump ("Wiping memory %x %d\n", cryptoInfoAddress.LowPart, BootArgs.CryptoInfoLength);
#endif
mappedCryptoInfo = MmMapIoSpace (cryptoInfoAddress, BootArgs.CryptoInfoLength, MmCached); mappedCryptoInfo = MmMapIoSpace (cryptoInfoAddress, BootArgs.CryptoInfoLength, MmCached);
if (mappedCryptoInfo) if (mappedCryptoInfo)
{ {
@ -336,13 +344,9 @@ static NTSTATUS MountDrive (DriveFilterExtension *Extension, Password *password,
// Erase boot loader scheduled keys // Erase boot loader scheduled keys
if (mappedCryptoInfo) if (mappedCryptoInfo)
{ {
#ifdef DEBUG
PHYSICAL_ADDRESS cryptoInfoAddress;
cryptoInfoAddress.QuadPart = (BootLoaderSegment << 4) + BootArgs.CryptoInfoOffset;
Dump ("Wiping memory %x %d\n", cryptoInfoAddress.LowPart, BootArgs.CryptoInfoLength);
#endif
burn (mappedCryptoInfo, BootArgs.CryptoInfoLength); burn (mappedCryptoInfo, BootArgs.CryptoInfoLength);
MmUnmapIoSpace (mappedCryptoInfo, BootArgs.CryptoInfoLength); MmUnmapIoSpace (mappedCryptoInfo, BootArgs.CryptoInfoLength);
BootArgs.CryptoInfoLength = 0;
} }
BootDriveFilterExtension = Extension; BootDriveFilterExtension = Extension;

7
src/Driver/VolumeFilter.c
View File

@ -42,7 +42,12 @@ NTSTATUS VolumeFilterAddDevice (PDRIVER_OBJECT driverObject, PDEVICE_OBJECT pdo)
Extension = (VolumeFilterExtension *) filterDeviceObject->DeviceExtension; Extension = (VolumeFilterExtension *) filterDeviceObject->DeviceExtension;
memset (Extension, 0, sizeof (VolumeFilterExtension)); memset (Extension, 0, sizeof (VolumeFilterExtension));
Extension->LowerDeviceObject = IoAttachDeviceToDeviceStack (filterDeviceObject, pdo); // IoAttachDeviceToDeviceStackSafe() is not required in AddDevice routine and is also unavailable on Windows 2000 SP4 status = IoAttachDeviceToDeviceStackSafe (filterDeviceObject, pdo, &(Extension->LowerDeviceObject));
if (status != STATUS_SUCCESS)
{
goto err;
}
if (!Extension->LowerDeviceObject) if (!Extension->LowerDeviceObject)
{ {
status = STATUS_DEVICE_REMOVED; status = STATUS_DEVICE_REMOVED;