mirror of
https://github.com/veracrypt/VeraCrypt.git
synced 2024-09-09 11:01:31 +02:00
comments and better cleanup
Signed-off-by: kavsrf <kavsrf@gmail.com>
This commit is contained in:
parent
cd6df44d6f
commit
ac53e293d4
1 changed files with 20 additions and 12 deletions
|
@ -135,6 +135,7 @@ NTSTATUS LoadBootArguments ()
|
||||||
burn (BootLoaderFingerprint, sizeof (BootLoaderFingerprint));
|
burn (BootLoaderFingerprint, sizeof (BootLoaderFingerprint));
|
||||||
MmUnmapIoSpace (mappedBootArgs, sizeof (BootArguments));
|
MmUnmapIoSpace (mappedBootArgs, sizeof (BootArguments));
|
||||||
|
|
||||||
|
// Extra parameters? (pkcs5, hash)
|
||||||
if (BootArgs.CryptoInfoLength > 0)
|
if (BootArgs.CryptoInfoLength > 0)
|
||||||
{
|
{
|
||||||
PHYSICAL_ADDRESS cryptoInfoAddress;
|
PHYSICAL_ADDRESS cryptoInfoAddress;
|
||||||
|
@ -146,11 +147,12 @@ NTSTATUS LoadBootArguments ()
|
||||||
{
|
{
|
||||||
/* Get the parameters used for booting to speed up driver startup and avoid testing irrelevant PRFs */
|
/* Get the parameters used for booting to speed up driver startup and avoid testing irrelevant PRFs */
|
||||||
BOOT_CRYPTO_HEADER* pBootCryptoInfo = (BOOT_CRYPTO_HEADER*) mappedCryptoInfo;
|
BOOT_CRYPTO_HEADER* pBootCryptoInfo = (BOOT_CRYPTO_HEADER*) mappedCryptoInfo;
|
||||||
BootPkcs5 = pBootCryptoInfo->pkcs5;
|
BootPkcs5 = pBootCryptoInfo->pkcs5; // save hash to speed up boot.
|
||||||
|
|
||||||
BootSecRegionData = NULL;
|
BootSecRegionData = NULL;
|
||||||
BootSecRegionSize = 0;
|
BootSecRegionSize = 0;
|
||||||
|
|
||||||
|
// SecRegion data?
|
||||||
if(BootArgs.CryptoInfoLength > (sizeof(BOOT_CRYPTO_HEADER) + sizeof(SECREGION_BOOT_PARAMS)) ) {
|
if(BootArgs.CryptoInfoLength > (sizeof(BOOT_CRYPTO_HEADER) + sizeof(SECREGION_BOOT_PARAMS)) ) {
|
||||||
uint32 crc;
|
uint32 crc;
|
||||||
PHYSICAL_ADDRESS SecRegionAddress;
|
PHYSICAL_ADDRESS SecRegionAddress;
|
||||||
|
@ -159,25 +161,27 @@ NTSTATUS LoadBootArguments ()
|
||||||
|
|
||||||
SecRegionAddress.QuadPart = SecRegionParams->Ptr;
|
SecRegionAddress.QuadPart = SecRegionParams->Ptr;
|
||||||
Dump ("SecRegion memory 0x%x %d\n", SecRegionAddress.LowPart, SecRegionParams->Size);
|
Dump ("SecRegion memory 0x%x %d\n", SecRegionAddress.LowPart, SecRegionParams->Size);
|
||||||
|
// SecRegion correct?
|
||||||
if( (SecRegionParams->Ptr != 0) && (SecRegionParams->Size > 0)) {
|
if( (SecRegionParams->Ptr != 0) && (SecRegionParams->Size > 0)) {
|
||||||
crc = GetCrc32((byte*)SecRegionParams, 12);
|
crc = GetCrc32((byte*)SecRegionParams, 12);
|
||||||
if(crc == SecRegionParams->Crc) {
|
if(crc == SecRegionParams->Crc) {
|
||||||
Dump ("SecRegion crc ok\n");
|
Dump ("SecRegion crc ok\n");
|
||||||
secRegionData = MmMapIoSpace (SecRegionAddress, SecRegionParams->Size, MmCached);
|
secRegionData = MmMapIoSpace (SecRegionAddress, SecRegionParams->Size, MmCached);
|
||||||
BootSecRegionData = TCalloc (SecRegionParams->Size);
|
if(secRegionData) {
|
||||||
if(BootSecRegionData != NULL) {
|
BootSecRegionData = TCalloc (SecRegionParams->Size);
|
||||||
BootSecRegionSize = SecRegionParams->Size;
|
if(BootSecRegionData != NULL) {
|
||||||
memcpy(BootSecRegionData, secRegionData, SecRegionParams->Size);
|
BootSecRegionSize = SecRegionParams->Size;
|
||||||
|
memcpy(BootSecRegionData, secRegionData, SecRegionParams->Size);
|
||||||
|
}
|
||||||
|
burn (secRegionData, SecRegionParams->Size);
|
||||||
|
MmUnmapIoSpace (secRegionData, SecRegionParams->Size);
|
||||||
}
|
}
|
||||||
burn (secRegionData, SecRegionParams->Size);
|
|
||||||
MmUnmapIoSpace (secRegionData, SecRegionParams->Size);
|
|
||||||
}
|
}
|
||||||
// Erase boot loader scheduled keys
|
|
||||||
burn (mappedCryptoInfo, BootArgs.CryptoInfoLength);
|
|
||||||
MmUnmapIoSpace (mappedCryptoInfo, BootArgs.CryptoInfoLength);
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
// Erase boot loader scheduled keys
|
||||||
|
burn (mappedCryptoInfo, BootArgs.CryptoInfoLength);
|
||||||
|
MmUnmapIoSpace (mappedCryptoInfo, BootArgs.CryptoInfoLength);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
status = STATUS_SUCCESS;
|
status = STATUS_SUCCESS;
|
||||||
|
@ -371,6 +375,7 @@ static NTSTATUS MountDrive (DriveFilterExtension *Extension, Password *password,
|
||||||
Dump ("MountDrive pdo=%p\n", Extension->Pdo);
|
Dump ("MountDrive pdo=%p\n", Extension->Pdo);
|
||||||
ASSERT (KeGetCurrentIrql() == PASSIVE_LEVEL);
|
ASSERT (KeGetCurrentIrql() == PASSIVE_LEVEL);
|
||||||
|
|
||||||
|
// Check disk MBR id and GPT ID if BootSecRegion is available to detect boot drive
|
||||||
if (BootSecRegionData != NULL && BootSecRegionSize >= 1024) {
|
if (BootSecRegionData != NULL && BootSecRegionSize >= 1024) {
|
||||||
byte mbr[TC_SECTOR_SIZE_BIOS];
|
byte mbr[TC_SECTOR_SIZE_BIOS];
|
||||||
DCS_DISK_ENTRY_LIST* DeList = (DCS_DISK_ENTRY_LIST*)(BootSecRegionData + 512);
|
DCS_DISK_ENTRY_LIST* DeList = (DCS_DISK_ENTRY_LIST*)(BootSecRegionData + 512);
|
||||||
|
@ -388,8 +393,10 @@ static NTSTATUS MountDrive (DriveFilterExtension *Extension, Password *password,
|
||||||
header = TCalloc (TC_BOOT_ENCRYPTION_VOLUME_HEADER_SIZE);
|
header = TCalloc (TC_BOOT_ENCRYPTION_VOLUME_HEADER_SIZE);
|
||||||
if (!header)
|
if (!header)
|
||||||
return STATUS_INSUFFICIENT_RESOURCES;
|
return STATUS_INSUFFICIENT_RESOURCES;
|
||||||
|
// Copy header from SecRegion instead of read from disk
|
||||||
memcpy(header, BootSecRegionData, 512);
|
memcpy(header, BootSecRegionData, 512);
|
||||||
// Set extra data for the disk
|
|
||||||
|
// Set SecRegion data for the disk (sectors to substitute to hide GPT table)
|
||||||
Extension->Queue.SecRegionData = BootSecRegionData;
|
Extension->Queue.SecRegionData = BootSecRegionData;
|
||||||
Extension->Queue.SecRegionSize = BootSecRegionSize;
|
Extension->Queue.SecRegionSize = BootSecRegionSize;
|
||||||
} else {
|
} else {
|
||||||
|
@ -538,6 +545,7 @@ static NTSTATUS MountDrive (DriveFilterExtension *Extension, Password *password,
|
||||||
BootDriveFound = Extension->BootDrive = Extension->DriveMounted = Extension->VolumeHeaderPresent = TRUE;
|
BootDriveFound = Extension->BootDrive = Extension->DriveMounted = Extension->VolumeHeaderPresent = TRUE;
|
||||||
BootDriveFilterExtension->MagicNumber = TC_BOOT_DRIVE_FILTER_EXTENSION_MAGIC_NUMBER;
|
BootDriveFilterExtension->MagicNumber = TC_BOOT_DRIVE_FILTER_EXTENSION_MAGIC_NUMBER;
|
||||||
|
|
||||||
|
// Try to load password cached if saved in SecRegion
|
||||||
if (BootSecRegionData != NULL && BootSecRegionSize > 1024) {
|
if (BootSecRegionData != NULL && BootSecRegionSize > 1024) {
|
||||||
DCS_DISK_ENTRY_LIST* DeList = (DCS_DISK_ENTRY_LIST*)(BootSecRegionData + 512);
|
DCS_DISK_ENTRY_LIST* DeList = (DCS_DISK_ENTRY_LIST*)(BootSecRegionData + 512);
|
||||||
uint32 crc;
|
uint32 crc;
|
||||||
|
|
Loading…
Reference in a new issue