Windows driver: Set maximum values for encryption queue parameters. Add IOCTL code to read used values from user space maximum value for EncryptionFragmentSize is 2048 maximum value for EncryptionIoRequestCount is 8192 maximum value for EncryptionItemCount is (EncryptionIoRequestCount/2)

This commit is contained in:
Mounir IDRASSI 2021-12-30 00:34:52 +01:00
parent fac35ab08a
commit f63c2ec13c
No known key found for this signature in database
GPG Key ID: 02C30AE90FAE4A6F
3 changed files with 27 additions and 3 deletions

View File

@ -127,6 +127,8 @@
#define VC_IOCTL_IS_RAM_ENCRYPTION_ENABLED TC_IOCTL (42) #define VC_IOCTL_IS_RAM_ENCRYPTION_ENABLED TC_IOCTL (42)
#define VC_IOCTL_ENCRYPTION_QUEUE_PARAMS TC_IOCTL (43)
// Legacy IOCTLs used before version 5.0 // Legacy IOCTLs used before version 5.0
#define TC_IOCTL_LEGACY_GET_DRIVER_VERSION 466968 #define TC_IOCTL_LEGACY_GET_DRIVER_VERSION 466968
#define TC_IOCTL_LEGACY_GET_MOUNTED_VOLUMES 466948 #define TC_IOCTL_LEGACY_GET_MOUNTED_VOLUMES 466948
@ -390,6 +392,13 @@ typedef struct
BOOL HwEncryptionEnabled; BOOL HwEncryptionEnabled;
} GetSystemDriveDumpConfigRequest; } GetSystemDriveDumpConfigRequest;
typedef struct
{
int EncryptionIoRequestCount;
int EncryptionItemCount;
int EncryptionFragmentSize;
} EncryptionQueueParameters;
#pragma pack (pop) #pragma pack (pop)
#define DRIVER_STR WIDE #define DRIVER_STR WIDE

View File

@ -24,6 +24,7 @@
#define TC_ENC_IO_QUEUE_PREALLOCATED_ITEM_COUNT 8 #define TC_ENC_IO_QUEUE_PREALLOCATED_ITEM_COUNT 8
#define TC_ENC_IO_QUEUE_PREALLOCATED_IO_REQUEST_COUNT 16 #define TC_ENC_IO_QUEUE_PREALLOCATED_IO_REQUEST_COUNT 16
#define TC_ENC_IO_QUEUE_PREALLOCATED_IO_REQUEST_MAX_COUNT 8192
typedef struct EncryptedIoQueueBufferStruct typedef struct EncryptedIoQueueBufferStruct

View File

@ -2886,6 +2886,18 @@ NTSTATUS ProcessMainDeviceControlIrp (PDEVICE_OBJECT DeviceObject, PEXTENSION Ex
} }
break; break;
case VC_IOCTL_ENCRYPTION_QUEUE_PARAMS:
if (ValidateIOBufferSize (Irp, sizeof (EncryptionQueueParameters), ValidateOutput))
{
EncryptionQueueParameters* pParams = (EncryptionQueueParameters*) Irp->AssociatedIrp.SystemBuffer;
pParams->EncryptionFragmentSize = EncryptionFragmentSize;
pParams->EncryptionIoRequestCount = EncryptionIoRequestCount;
pParams->EncryptionItemCount = EncryptionItemCount;
Irp->IoStatus.Information = sizeof (EncryptionQueueParameters);
Irp->IoStatus.Status = STATUS_SUCCESS;
}
break;
default: default:
return TCCompleteIrp (Irp, STATUS_INVALID_DEVICE_REQUEST, 0); return TCCompleteIrp (Irp, STATUS_INVALID_DEVICE_REQUEST, 0);
} }
@ -3296,6 +3308,7 @@ LPWSTR TCTranslateCode (ULONG ulCode)
TC_CASE_RET_NAME (VC_IOCTL_GET_DRIVE_GEOMETRY_EX); TC_CASE_RET_NAME (VC_IOCTL_GET_DRIVE_GEOMETRY_EX);
TC_CASE_RET_NAME (VC_IOCTL_EMERGENCY_CLEAR_ALL_KEYS); TC_CASE_RET_NAME (VC_IOCTL_EMERGENCY_CLEAR_ALL_KEYS);
TC_CASE_RET_NAME (VC_IOCTL_IS_RAM_ENCRYPTION_ENABLED); TC_CASE_RET_NAME (VC_IOCTL_IS_RAM_ENCRYPTION_ENABLED);
TC_CASE_RET_NAME (VC_IOCTL_ENCRYPTION_QUEUE_PARAMS);
TC_CASE_RET_NAME (IOCTL_VOLUME_GET_VOLUME_DISK_EXTENTS); TC_CASE_RET_NAME (IOCTL_VOLUME_GET_VOLUME_DISK_EXTENTS);
@ -4826,13 +4839,14 @@ NTSTATUS ReadRegistryConfigFlags (BOOL driverEntry)
{ {
if (EncryptionIoRequestCount < TC_ENC_IO_QUEUE_PREALLOCATED_IO_REQUEST_COUNT) if (EncryptionIoRequestCount < TC_ENC_IO_QUEUE_PREALLOCATED_IO_REQUEST_COUNT)
EncryptionIoRequestCount = TC_ENC_IO_QUEUE_PREALLOCATED_IO_REQUEST_COUNT; EncryptionIoRequestCount = TC_ENC_IO_QUEUE_PREALLOCATED_IO_REQUEST_COUNT;
else if (EncryptionIoRequestCount > TC_ENC_IO_QUEUE_PREALLOCATED_IO_REQUEST_MAX_COUNT)
EncryptionIoRequestCount = TC_ENC_IO_QUEUE_PREALLOCATED_IO_REQUEST_MAX_COUNT;
if (EncryptionItemCount == 0) if ((EncryptionItemCount == 0) || (EncryptionItemCount > (EncryptionIoRequestCount / 2)))
EncryptionItemCount = EncryptionIoRequestCount / 2; EncryptionItemCount = EncryptionIoRequestCount / 2;
else if (EncryptionItemCount >= EncryptionIoRequestCount)
EncryptionItemCount = EncryptionIoRequestCount - 1;
/* EncryptionFragmentSize value in registry is expressed in KiB */ /* EncryptionFragmentSize value in registry is expressed in KiB */
/* Maximum allowed value for EncryptionFragmentSize is 2048 KiB */
EncryptionFragmentSize *= 1024; EncryptionFragmentSize *= 1024;
if (EncryptionFragmentSize == 0) if (EncryptionFragmentSize == 0)
EncryptionFragmentSize = TC_ENC_IO_QUEUE_MAX_FRAGMENT_SIZE; EncryptionFragmentSize = TC_ENC_IO_QUEUE_MAX_FRAGMENT_SIZE;