Merge bcb8490430 into 9490336357

2024-11-30 15:03:31 +01:00 · 2024-11-20 22:13:22 +00:00
13 changed files with 437 additions and 451 deletions
--- a/Translations/Language.sl.xml
+++ b/Translations/Language.sl.xml
--- a/src/Common/Apidrvr.h
+++ b/src/Common/Apidrvr.h
@ -396,7 +396,6 @@ typedef struct
 	int EncryptionIoRequestCount;
 	int EncryptionItemCount;
 	int EncryptionFragmentSize;
-	int EncryptionMaxWorkItems;
 } EncryptionQueueParameters;

 #pragma pack (pop)
@ -419,7 +418,6 @@ typedef struct
 #define VC_ENCRYPTION_IO_REQUEST_COUNT DRIVER_STR("VeraCryptEncryptionIoRequestCount")
 #define VC_ENCRYPTION_ITEM_COUNT DRIVER_STR("VeraCryptEncryptionItemCount")
 #define VC_ENCRYPTION_FRAGMENT_SIZE DRIVER_STR("VeraCryptEncryptionFragmentSize")
-#define VC_ENCRYPTION_MAX_WORK_ITEMS DRIVER_STR("VeraCryptEncryptionMaxWorkItems")

 #define VC_ERASE_KEYS_SHUTDOWN DRIVER_STR("VeraCryptEraseKeysShutdown")

--- a/src/Driver/Driver.rc
+++ b/src/Driver/Driver.rc
@ -27,8 +27,8 @@ LANGUAGE LANG_ENGLISH, SUBLANG_ENGLISH_US
 //

 VS_VERSION_INFO VERSIONINFO
- FILEVERSION 1,26,17,1
- PRODUCTVERSION 1,26,17,1
+ FILEVERSION 1,26,17,0
+ PRODUCTVERSION 1,26,17,0
 FILEFLAGSMASK 0x17L
 #ifdef _DEBUG
 FILEFLAGS 0x1L
--- a/src/Driver/Driver.vcxproj
+++ b/src/Driver/Driver.vcxproj
@ -108,7 +108,7 @@
    <Inf>
      <ProviderName>
      </ProviderName>
-      <TimeStamp>1.26.17.1</TimeStamp>
+      <TimeStamp>1.26.17.0</TimeStamp>
    </Inf>
    <Link>
      <AdditionalDependencies>fltmgr.lib;%(AdditionalDependencies);$(KernelBufferOverflowLib);$(DDK_LIB_PATH)ntoskrnl.lib;$(DDK_LIB_PATH)hal.lib;$(DDK_LIB_PATH)wmilib.lib;$(KMDF_LIB_PATH)$(KMDF_VER_PATH)\WdfLdr.lib;$(KMDF_LIB_PATH)$(KMDF_VER_PATH)\WdfDriverEntry.lib</AdditionalDependencies>
@ -134,7 +134,7 @@ copy $(OutDir)veracrypt.inf "$(SolutionDir)Debug\Setup Files\veracrypt.inf"</Com
    <Inf>
      <ProviderName>
      </ProviderName>
-      <TimeStamp>1.26.17.1</TimeStamp>
+      <TimeStamp>1.26.17.0</TimeStamp>
    </Inf>
    <Link>
      <AdditionalDependencies>fltmgr.lib;%(AdditionalDependencies);$(KernelBufferOverflowLib);$(DDK_LIB_PATH)ntoskrnl.lib;$(DDK_LIB_PATH)hal.lib;$(DDK_LIB_PATH)wmilib.lib;$(KMDF_LIB_PATH)$(KMDF_VER_PATH)\WdfLdr.lib;$(KMDF_LIB_PATH)$(KMDF_VER_PATH)\WdfDriverEntry.lib</AdditionalDependencies>
@ -160,7 +160,7 @@ copy $(OutDir)veracrypt.inf "$(SolutionDir)Release\Setup Files\veracrypt.inf"</C
    <Inf>
      <ProviderName>
      </ProviderName>
-      <TimeStamp>1.26.17.1</TimeStamp>
+      <TimeStamp>1.26.17.0</TimeStamp>
    </Inf>
    <Link>
      <AdditionalDependencies>fltmgr.lib;%(AdditionalDependencies);$(KernelBufferOverflowLib);$(DDK_LIB_PATH)ntoskrnl.lib;$(DDK_LIB_PATH)hal.lib;$(DDK_LIB_PATH)wmilib.lib;$(KMDF_LIB_PATH)$(KMDF_VER_PATH)\WdfLdr.lib;$(KMDF_LIB_PATH)$(KMDF_VER_PATH)\WdfDriverEntry.lib</AdditionalDependencies>
@ -186,7 +186,7 @@ copy $(OutDir)veracrypt.inf "$(SolutionDir)Release\Setup Files\veracrypt.inf"</C
    <Inf>
      <ProviderName>
      </ProviderName>
-      <TimeStamp>1.26.17.1</TimeStamp>
+      <TimeStamp>1.26.17.0</TimeStamp>
    </Inf>
    <Link>
      <AdditionalDependencies>fltmgr.lib;%(AdditionalDependencies);$(KernelBufferOverflowLib);$(DDK_LIB_PATH)ntoskrnl.lib;$(DDK_LIB_PATH)hal.lib;$(DDK_LIB_PATH)wmilib.lib;$(KMDF_LIB_PATH)$(KMDF_VER_PATH)\WdfLdr.lib;$(KMDF_LIB_PATH)$(KMDF_VER_PATH)\WdfDriverEntry.lib</AdditionalDependencies>
--- a/src/Driver/EncryptedIoQueue.c
+++ b/src/Driver/EncryptedIoQueue.c
@ -271,7 +271,6 @@ static VOID CompleteIrpWorkItemRoutine(PDEVICE_OBJECT DeviceObject, PVOID Contex
 	PCOMPLETE_IRP_WORK_ITEM workItem = (PCOMPLETE_IRP_WORK_ITEM)Context;
 	EncryptedIoQueueItem* item = (EncryptedIoQueueItem * ) workItem->Item;
 	EncryptedIoQueue* queue = item->Queue;
-	KIRQL oldIrql;
 	UNREFERENCED_PARAMETER(DeviceObject);

 	__try
@ -284,14 +283,19 @@ static VOID CompleteIrpWorkItemRoutine(PDEVICE_OBJECT DeviceObject, PVOID Contex
 	}
 	__finally
 	{
+		// Return the work item to the free list
+		KIRQL oldIrql;
+		KeAcquireSpinLock(&queue->WorkItemLock, &oldIrql);
+
+		// Decrement ActiveWorkItems
+		LONG activeWorkItems = InterlockedDecrement(&queue->ActiveWorkItems);
+
 		// If no active work items remain, signal the event
-		if (InterlockedDecrement(&queue->ActiveWorkItems) == 0)
+		if (activeWorkItems == 0)
 		{
 			KeSetEvent(&queue->NoActiveWorkItemsEvent, IO_NO_INCREMENT, FALSE);
 		}

-		// Return the work item to the free list
-		KeAcquireSpinLock(&queue->WorkItemLock, &oldIrql);
 		InsertTailList(&queue->FreeWorkItemsList, &workItem->ListEntry);
 		KeReleaseSpinLock(&queue->WorkItemLock, oldIrql);

@ -303,43 +307,8 @@ static VOID CompleteIrpWorkItemRoutine(PDEVICE_OBJECT DeviceObject, PVOID Contex
 	}
 }

-// Handles the completion of the original IRP.
-static VOID HandleCompleteOriginalIrp(EncryptedIoQueue* queue, EncryptedIoRequest* request)
-{
-	NTSTATUS status = KeWaitForSingleObject(&queue->WorkItemSemaphore, Executive, KernelMode, FALSE, NULL);
-	if (queue->ThreadExitRequested)
-		return;

-	if (!NT_SUCCESS(status))
-	{
-		// Handle wait failure: we call the completion routine directly. 
-		// This is not ideal since it can cause deadlock that we are trying to fix but it is better than losing the IRP.
-		CompleteOriginalIrp(request->Item, STATUS_INSUFFICIENT_RESOURCES, 0);
-	}
-	else
-	{
-		// Obtain a work item from the free list.
-		KIRQL oldIrql;
-		KeAcquireSpinLock(&queue->WorkItemLock, &oldIrql);
-		PLIST_ENTRY freeEntry = RemoveHeadList(&queue->FreeWorkItemsList);
-		KeReleaseSpinLock(&queue->WorkItemLock, oldIrql);

-		PCOMPLETE_IRP_WORK_ITEM workItem = CONTAINING_RECORD(freeEntry, COMPLETE_IRP_WORK_ITEM, ListEntry);
-
-		// Increment ActiveWorkItems.
-		InterlockedIncrement(&queue->ActiveWorkItems);
-		KeResetEvent(&queue->NoActiveWorkItemsEvent);
-
-		// Prepare the work item.
-		workItem->Irp = request->Item->OriginalIrp;
-		workItem->Status = request->Item->Status;
-		workItem->Information = NT_SUCCESS(request->Item->Status) ? request->Item->OriginalLength : 0;
-		workItem->Item = request->Item;
-
-		// Queue the work item.
-		IoQueueWorkItem(workItem->WorkItem, CompleteIrpWorkItemRoutine, DelayedWorkQueue, workItem);
-	}
-}

 static VOID CompletionThreadProc(PVOID threadArg)
 {
@ -383,7 +352,39 @@ static VOID CompletionThreadProc(PVOID threadArg)

 			if (request->CompleteOriginalIrp)
 			{
-				HandleCompleteOriginalIrp(queue, request);
+				// Wait for a work item to become available
+				NTSTATUS status = KeWaitForSingleObject(&queue->WorkItemSemaphore, Executive, KernelMode, FALSE, NULL);
+				if (queue->ThreadExitRequested)
+					break;
+				if (!NT_SUCCESS(status))
+				{
+					// Handle wait failure: we call the completion routine directly. 
+					// This is not ideal since it can cause deadlock that we are trying to fix but it is better than losing the IRP.
+					CompleteOriginalIrp(request->Item, STATUS_INSUFFICIENT_RESOURCES, 0);
+				}
+				else
+				{
+					// Obtain a work item from the free list
+					KIRQL oldIrql;
+					KeAcquireSpinLock(&queue->WorkItemLock, &oldIrql);
+					PLIST_ENTRY freeEntry = RemoveHeadList(&queue->FreeWorkItemsList);
+					KeReleaseSpinLock(&queue->WorkItemLock, oldIrql);
+
+					PCOMPLETE_IRP_WORK_ITEM workItem = CONTAINING_RECORD(freeEntry, COMPLETE_IRP_WORK_ITEM, ListEntry);
+
+					// Increment ActiveWorkItems
+					InterlockedIncrement(&queue->ActiveWorkItems);
+					KeResetEvent(&queue->NoActiveWorkItemsEvent);
+
+					// Prepare the work item
+					workItem->Irp = request->Item->OriginalIrp;
+					workItem->Status = request->Item->Status;
+					workItem->Information = NT_SUCCESS(request->Item->Status) ? request->Item->OriginalLength : 0;
+					workItem->Item = request->Item;
+
+					// Queue the work item
+					IoQueueWorkItem(workItem->WorkItem, CompleteIrpWorkItemRoutine, DelayedWorkQueue, workItem);
+				}
 			}

 			ReleasePoolBuffer(queue, request);
@ -544,7 +545,8 @@ static VOID IoThreadProc (PVOID threadArg)

 				if (request->CompleteOriginalIrp)
 				{
-					HandleCompleteOriginalIrp(queue, request);
+					CompleteOriginalIrp (request->Item, request->Item->Status,
+						NT_SUCCESS (request->Item->Status) ? request->Item->OriginalLength : 0);
 				}

 				ReleasePoolBuffer (queue, request);
@ -1150,10 +1152,10 @@ NTSTATUS EncryptedIoQueueStart (EncryptedIoQueue *queue)

 	// Initialize the free work item list
 	InitializeListHead(&queue->FreeWorkItemsList);
-	KeInitializeSemaphore(&queue->WorkItemSemaphore, EncryptionMaxWorkItems, EncryptionMaxWorkItems);
+	KeInitializeSemaphore(&queue->WorkItemSemaphore, VC_MAX_WORK_ITEMS, VC_MAX_WORK_ITEMS);
 	KeInitializeSpinLock(&queue->WorkItemLock);

-	queue->MaxWorkItems = EncryptionMaxWorkItems;
+	queue->MaxWorkItems = VC_MAX_WORK_ITEMS;
 	queue->WorkItemPool = (PCOMPLETE_IRP_WORK_ITEM)TCalloc(sizeof(COMPLETE_IRP_WORK_ITEM) * queue->MaxWorkItems);
 	if (!queue->WorkItemPool)
 	{
--- a/src/Driver/EncryptedIoQueue.h
+++ b/src/Driver/EncryptedIoQueue.h
@ -26,7 +26,7 @@
 #define TC_ENC_IO_QUEUE_PREALLOCATED_IO_REQUEST_COUNT 16
 #define TC_ENC_IO_QUEUE_PREALLOCATED_IO_REQUEST_MAX_COUNT 8192

-#define VC_MAX_WORK_ITEMS 1024 
+#define VC_MAX_WORK_ITEMS 256 

 typedef struct EncryptedIoQueueBufferStruct
 {
--- a/src/Driver/Ntdriver.c
+++ b/src/Driver/Ntdriver.c
@ -145,7 +145,6 @@ static BOOL RamEncryptionActivated = FALSE;
 int EncryptionIoRequestCount = 0;
 int EncryptionItemCount = 0;
 int EncryptionFragmentSize = 0;
-int EncryptionMaxWorkItems = 0;

 PDEVICE_OBJECT VirtualVolumeDeviceObjects[MAX_MOUNTED_VOLUME_DRIVE_NUMBER + 1];

@ -2777,7 +2776,6 @@ NTSTATUS ProcessMainDeviceControlIrp (PDEVICE_OBJECT DeviceObject, PEXTENSION Ex
 		if (ValidateIOBufferSize (Irp, sizeof (EncryptionQueueParameters), ValidateOutput))
 		{
 			EncryptionQueueParameters* pParams = (EncryptionQueueParameters*) Irp->AssociatedIrp.SystemBuffer;
-			pParams->EncryptionMaxWorkItems = EncryptionMaxWorkItems;
 			pParams->EncryptionFragmentSize = EncryptionFragmentSize;
 			pParams->EncryptionIoRequestCount = EncryptionIoRequestCount;
 			pParams->EncryptionItemCount = EncryptionItemCount;
@ -4648,14 +4646,6 @@ NTSTATUS ReadRegistryConfigFlags (BOOL driverEntry)
 		TCfree (data);
 	}

-	if (driverEntry && NT_SUCCESS(TCReadRegistryKey(&name, VC_ENCRYPTION_MAX_WORK_ITEMS, &data)))
-	{
-		if (data->Type == REG_DWORD)
-			EncryptionMaxWorkItems = *(uint32*)data->Data;
-
-		TCfree(data);
-	}
-
 	if (driverEntry)
 	{
 		if (EncryptionIoRequestCount < TC_ENC_IO_QUEUE_PREALLOCATED_IO_REQUEST_COUNT)
@ -4673,9 +4663,6 @@ NTSTATUS ReadRegistryConfigFlags (BOOL driverEntry)
 			EncryptionFragmentSize = TC_ENC_IO_QUEUE_MAX_FRAGMENT_SIZE;
 		else if (EncryptionFragmentSize > (8 * TC_ENC_IO_QUEUE_MAX_FRAGMENT_SIZE))
 			EncryptionFragmentSize = 8 * TC_ENC_IO_QUEUE_MAX_FRAGMENT_SIZE;
-
-		if (EncryptionMaxWorkItems == 0)
-			EncryptionMaxWorkItems = VC_MAX_WORK_ITEMS;
 		
 		
 	}
--- a/src/Driver/Ntdriver.h
+++ b/src/Driver/Ntdriver.h
@ -128,7 +128,6 @@ extern BOOL AllowWindowsDefrag;
 extern int EncryptionIoRequestCount;
 extern int EncryptionItemCount;
 extern int EncryptionFragmentSize;
-extern int EncryptionMaxWorkItems;
 extern BOOL EraseKeysOnShutdown;
 /* Helper macro returning x seconds in units of 100 nanoseconds */
 #define WAIT_SECONDS(x) ((x)*10000000)
--- a/Files/veracrypt-arm64.cat
+++ b/Files/veracrypt-arm64.cat
--- a/Files/veracrypt-arm64.sys
+++ b/Files/veracrypt-arm64.sys
--- a/Files/veracrypt-x64.cat
+++ b/Files/veracrypt-x64.cat
--- a/Files/veracrypt-x64.sys
+++ b/Files/veracrypt-x64.sys
--- a/Files/veracrypt.Inf
+++ b/Files/veracrypt.Inf
@ -10,7 +10,7 @@ signature   = "$Windows NT$"
 Class       = "Encryption"                              ;This is determined by the work this filter driver does
 ClassGuid   = {a0a701c0-a511-42ff-aa6c-06dc0395576f}    ;This value is determined by the Class
 Provider    = %ProviderString%
-DriverVer = 11/24/2024,1.26.17.1
+DriverVer = 11/19/2024,1.26.17.0
 CatalogFile = veracrypt.cat
 PnpLockdown = 1