Windows: Add switch /FastCreateFile for VeraCrypt Format.exe to speedup creation of large file container if quick format is selected. This switch comes with security issues since it will embed existing content on disk into the file container which may expose sensitive content to an attacker who has access to the file container.

2024-09-20 12:56:19 +02:00 · 2019-12-10 00:44:47 +01:00 · 2019-12-10 00:44:47 +01:00 · f9d95ef2c8
commit f9d95ef2c8
parent 5eaa204d83
3 changed files with 34 additions and 2 deletions
--- a/src/Common/Format.c
+++ b/src/Common/Format.c
@ -369,8 +369,13 @@ int TCFormatVolume (volatile FORMAT_VOL_PARAMETERS *volParams)
 		if (!volParams->hiddenVol && !bInstantRetryOtherFilesys)
 		{
 			LARGE_INTEGER volumeSize;
+			BOOL speedupFileCreation = FALSE;
 			volumeSize.QuadPart = dataAreaSize + TC_VOLUME_HEADER_GROUP_SIZE;

+			// speedup for file creation only makes sens when using quick format
+			if (volParams->quickFormat && volParams->fastCreateFile)
+				speedupFileCreation = TRUE;
+
 			if (volParams->sparseFileSwitch && volParams->quickFormat)
 			{
 				// Create as sparse file container
@ -384,12 +389,28 @@ int TCFormatVolume (volatile FORMAT_VOL_PARAMETERS *volParams)

 			// Preallocate the file
 			if (!SetFilePointerEx (dev, volumeSize, NULL, FILE_BEGIN)
-				|| !SetEndOfFile (dev)
-				|| SetFilePointer (dev, 0, NULL, FILE_BEGIN) != 0)
+				|| !SetEndOfFile (dev))
 			{
 				nStatus = ERR_OS_ERROR;
 				goto error;
 			}
+
+			if (speedupFileCreation)
+			{
+				// accelerate file creation by telling Windows not to fill all file content with zeros
+				// this has security issues since it will put existing disk content into file container
+				// We use this mechanism only when switch /fastCreateFile specific and when quick format
+				// also specified and which is documented to have security issues.
+				// we don't check returned status because failure is not issue for us
+				SetFileValidData (dev, volumeSize.QuadPart);
+			}
+
+			if (SetFilePointer (dev, 0, NULL, FILE_BEGIN) != 0)
+			{
+				nStatus = ERR_OS_ERROR;
+				goto error;
+			}
+
 		}
 	}

--- a/src/Common/Format.h
+++ b/src/Common/Format.h
@ -38,6 +38,7 @@ typedef struct
 	unsigned int clusterSize;
 	BOOL sparseFileSwitch;
 	BOOL quickFormat;
+	BOOL fastCreateFile;
 	DWORD sectorSize;
 	int *realClusterSize;
 	Password *password;
--- a/src/Format/Tcformat.c
+++ b/src/Format/Tcformat.c
@ -250,6 +250,7 @@ int CmdVolumeFilesystem = FILESYS_NONE;
 unsigned __int64 CmdVolumeFileSize = 0;
 BOOL CmdSparseFileSwitch = FALSE;
 BOOL CmdQuickFormat = FALSE;
+BOOL CmdFastCreateFile = FALSE;

 BOOL bForceOperation = FALSE;

@ -282,6 +283,7 @@ BOOL bDisplayPoolContents = TRUE;

 volatile BOOL bSparseFileSwitch = FALSE;
 volatile BOOL quickFormat = FALSE;
+volatile BOOL fastCreateFile = FALSE;
 volatile BOOL dynamicFormat = FALSE; /* this variable represents the sparse file flag. */
 volatile int fileSystem = FILESYS_NONE;
 volatile int clusterSize = 0;
@ -2635,6 +2637,7 @@ static void __cdecl volTransformThreadFunction (void *hwndDlgArg)
 	volParams->clusterSize = clusterSize;
 	volParams->sparseFileSwitch = dynamicFormat;
 	volParams->quickFormat = quickFormat;
+	volParams->fastCreateFile = fastCreateFile;
 	volParams->sectorSize = GetFormatSectorSize();
 	volParams->realClusterSize = &realClusterSize;
 	volParams->password = &volumePassword;
@ -6234,6 +6237,7 @@ BOOL CALLBACK MainDialogProc (HWND hwndDlg, UINT uMsg, WPARAM wParam, LPARAM lPa
 				}

 				quickFormat = CmdQuickFormat;
+				fastCreateFile = CmdFastCreateFile;
 				dynamicFormat = CmdSparseFileSwitch;

 				if (!GetDiskFreeSpaceEx (root, &free, 0, 0))
@ -8994,6 +8998,7 @@ void ExtractCommandLine (HWND hwndDlg, wchar_t *lpszCommandLine)
 				OptionForce,
 				OptionNoSizeCheck,
 				OptionQuickFormat,
+				OptionFastCreateFile,
 			};

 			argument args[]=
@ -9016,6 +9021,7 @@ void ExtractCommandLine (HWND hwndDlg, wchar_t *lpszCommandLine)
 				{ OptionForce,					L"/force",			NULL, FALSE },
 				{ OptionNoSizeCheck,			L"/nosizecheck",	NULL, FALSE },
 				{ OptionQuickFormat,			L"/quick",	NULL, FALSE },
+				{ OptionFastCreateFile,			L"/fastcreatefile",	NULL, FALSE },

 				// Internal
 				{ CommandResumeSysEncLogOn,		L"/acsysenc",		L"/a", TRUE },
@ -9372,6 +9378,10 @@ void ExtractCommandLine (HWND hwndDlg, wchar_t *lpszCommandLine)
 				CmdQuickFormat = TRUE;
 				break;

+			case OptionFastCreateFile:
+				CmdFastCreateFile = TRUE;
+				break;
+
 			case OptionHistory:
 				{
 					wchar_t szTmp[8] = {0};