Merge 8506cc03ec into 55c3a8dc58

Currently the maximum hidden volume size for file containers is
limited by available free space on the device the file container
resides on, which we do not care about. This commit changes so
that only Normal volumes get their `maxVolumeSize` limited by
`AvailableDiskSpace`. Also the --size=max parameter is restricted
from hidden volume creation as there is no way to determine a good
size as we do not mount the outer volume through the CLI process
flow to determine available free space on the outer volume.

README.md

@@ -151,9 +151,24 @@ of the SDK (i.e. 10.15), you can export the environment variable VC_OSX_TARGET:
 
 	$ export VC_OSX_TARGET=10.15
 
+For development dependencies management, you can use [homebrew](https://brew.sh).
 
-Before building under MacOSX, pkg-config must be installed if not yet available.
-Get it from https://pkgconfig.freedesktop.org/releases/pkg-config-0.28.tar.gz and
+	$ brew install pkg-config yasm wxwidgets
+
+You also need system dependencies
+
+	$ brew install --cask macfuse packages
+
+After installating dependencies via brew, you can build a local development build
+
+	$ ./src/Build/build_veracrypt_macosx.sh -b
+
+If you want to build the package, you also need to pass `-p` to the build script above. The built
+executable will be in `.src/Main`
+
+If you prefer to build from sources, or without homebrew, pkg-config and packages must be installed.
+
+Get pkg-config from https://pkgconfig.freedesktop.org/releases/pkg-config-0.28.tar.gz and
 compile using the following commands :
 
 	$ ./configure --with-internal-glib
@@ -178,7 +193,7 @@ Because of incompatibility issues with OSXFUSE, the SDK 10.9 generates a
 VeraCrypt binary that has issues communicating with the OSXFUSE kernel extension.
 Thus, we recommend using a different OSX SDK version for building VeraCrypt.
 
-
+To build the installation package, you will need [packages](http://s.sudre.free.fr/Software/Packages/about.html)
 
 III. FreeBSD
 ============================

src/Build/build_veracrypt_macosx.sh

@@ -1,3 +1,5 @@
+#!/usr/bin/env bash
+
 #
 # Copyright (c) 2013-2019 IDRIX
 # Governed by the Apache License 2.0 the full text of which is contained
@@ -12,6 +14,37 @@ SOURCEPATH=$(cd "$(dirname "$SCRIPTPATH/../.")"; pwd)
 # directory where the VeraCrypt project has been checked out
 PARENTDIR=$(cd "$(dirname "$SCRIPTPATH/../../../.")"; pwd)
 
+while getopts bpr flag
+do
+    case "${flag}" in
+        b) brew=true;;
+        p) package=true;;
+    esac
+done
+
+if [ -n "$brew" ]; then
+    export VC_OSX_SDK=$(xcrun --show-sdk-version) #use the latest version installed, this might fail
+    export VC_OSX_TARGET=${VC_OSX_SDK}
+    echo "Using MacOSX SDK $VC_OSX_SDK with target set to $VC_OSX_TARGET"
+    cd $SOURCEPATH
+
+    echo "Building VeraCrypt with precompiled homebrew packages"
+    cellar=$(brew --cellar "wxwidgets")
+    version=$(brew list --versions "wxwidgets" | head -1 | awk '{print $2}')
+    export WX_BUILD_DIR="$cellar/$version/bin"
+    # skip signing and build only for local arch
+    export LOCAL_DEVELOPMENT_BUILD=true
+    # set the correct CPU arch for Makefile
+    export CPU_ARCH=$(uname -m)
+    export AS=$(which yasm)
+    export COMPILE_ASM=$( if [[ "$CPU_ARCH" != "arm64" ]]; then echo true; else echo false; fi )
+    make clean && make
+    if [ -n "$package" ]; then
+        make package
+    fi
+    exit 0
+fi
+
 # the sources of wxWidgets 3.1.2 must be extracted to the parent directory (for night mode)
 export WX_ROOT=$PARENTDIR/wxWidgets-3.2.2.1
 echo "Using wxWidgets sources in $WX_ROOT"
@@ -19,7 +52,7 @@ echo "Using wxWidgets sources in $WX_ROOT"
 # this will be the temporary wxWidgets directory
 export WX_BUILD_DIR=$PARENTDIR/wxBuild-3.2.2.1
 
-# define the SDK version to use and OSX minimum target. We target 10.9 by default
+# define the SDK version to use and OSX minimum target. We target 12 by default
 export VC_OSX_TARGET=12
 export VC_OSX_SDK=13
 echo "Using MacOSX SDK $VC_OSX_SDK with target set to $VC_OSX_TARGET"

src/Common/Dlgcode.c

@@ -14240,9 +14240,11 @@ BOOL BufferHasPattern (const unsigned char* buffer, size_t bufferLen, const void
 	return bRet;
 }
 
-/* Implementation borrowed from KeePassXC source code (https://github.com/keepassxreboot/keepassxc/blob/release/2.4.0/src/core/Bootstrap.cpp#L150) 
+/* Implementation borrowed from KeePassXC source code (https://github.com/keepassxreboot/keepassxc/blob/2.7.8/src/core/Bootstrap.cpp#L121) 
  *
  * Reduce current user acess rights for this process to the minimum in order to forbid non-admin users from reading the process memory.
+ * Restrict access to changing DACL's after the process is started. This prevents the creator of veracrypt process from simply adding 
+ * the permission to read memory back to the DACL list.
  */
 BOOL ActivateMemoryProtection()
 {
@@ -14252,6 +14254,8 @@ BOOL ActivateMemoryProtection()
     HANDLE hToken = NULL;
     PTOKEN_USER pTokenUser = NULL;
     DWORD cbBufferSize = 0;
+    PSID pOwnerRightsSid = NULL;
+    DWORD pOwnerRightsSidSize = SECURITY_MAX_SID_SIZE;
 
     // Access control list
     PACL pACL = NULL;
@@ -14292,8 +14296,19 @@ BOOL ActivateMemoryProtection()
         goto Cleanup;
     }
 
+    // Retrieve CreaterOwnerRights SID
+    pOwnerRightsSid = (PSID) HeapAlloc(GetProcessHeap(), 0, pOwnerRightsSidSize);
+    if (pOwnerRightsSid == NULL) {
+        goto Cleanup;
+    }
+
+    if (!CreateWellKnownSid(WinCreatorOwnerRightsSid, NULL, pOwnerRightsSid, &pOwnerRightsSidSize)) {
+        goto Cleanup;
+    }
+
     // Calculate the amount of memory that must be allocated for the DACL
-    cbACL = sizeof(ACL) + sizeof(ACCESS_ALLOWED_ACE) + GetLengthSid(pTokenUser->User.Sid);
+    cbACL = sizeof(ACL) + sizeof(ACCESS_ALLOWED_ACE) + GetLengthSid(pTokenUser->User.Sid) 
+        + sizeof(ACCESS_ALLOWED_ACE) + GetLengthSid(pOwnerRightsSid);
 
     // Create and initialize an ACL
     pACL = (PACL) HeapAlloc(GetProcessHeap(), 0, cbACL);
@@ -14315,6 +14330,17 @@ BOOL ActivateMemoryProtection()
         goto Cleanup;
     }
 
+    // Explicitly set "Process Owner" rights to Read Only. The default is Full Control.
+    if (!AddAccessAllowedAce(
+            pACL,
+            ACL_REVISION,
+            READ_CONTROL,
+            pOwnerRightsSid
+            )) {
+        goto Cleanup;
+    }
+
+
     // Set discretionary access control list
     bSuccess = (ERROR_SUCCESS == SetSecurityInfo(GetCurrentProcess(), // object handle
                                     SE_KERNEL_OBJECT, // type of object
@@ -14333,6 +14359,9 @@ Cleanup:
     if (pACL != NULL) {
         HeapFree(GetProcessHeap(), 0, pACL);
     }
+    if (pOwnerRightsSid != NULL) {
+        HeapFree(GetProcessHeap(), 0, pOwnerRightsSid);
+    }
     if (pTokenUser != NULL) {
         HeapFree(GetProcessHeap(), 0, pTokenUser);
     }

src/Main/Main.make

@@ -210,7 +210,9 @@ else
 	sed -e 's/_VERSION_/$(patsubst %a,%.1,$(patsubst %b,%.2,$(TC_VERSION)))/' ../Build/Resources/MacOSX/Info.plist.xml >$(APPNAME).app/Contents/Info.plist
 endif
 	chmod -R go-w $(APPNAME).app
+ifneq ($(LOCAL_DEVELOPMENT_BUILD),"true")
 	codesign -s "Developer ID Application: IDRIX (Z933746L2S)" --timestamp $(APPNAME).app
+endif
 
 install: prepare
 	cp -R $(APPNAME).app /Applications/.

src/Main/TextUserInterface.cpp

@@ -668,7 +668,7 @@ namespace VeraCrypt
 				{
 					parentDir = wxT(".");
 				}
-				if (wxDirExists(parentDir) && wxGetDiskSpace (parentDir, nullptr, &diskSpace))
+				if (options->Type == VolumeType::Normal && wxDirExists(parentDir) && wxGetDiskSpace (parentDir, nullptr, &diskSpace))
 				{
 					AvailableDiskSpace = (uint64) diskSpace.GetValue ();
 					if (maxVolumeSize > AvailableDiskSpace)
@@ -678,10 +678,13 @@ namespace VeraCrypt
 
 			if (options->Size == (uint64) (-1))
 			{
-				if (AvailableDiskSpace)
+				if (options->Type == VolumeType::Hidden) {
+					throw_err (_("Please do not use maximum size for hidden volume. As we do not mount the outer volume to determine the available space, it is your responsibility to choose a value so that the hidden volume does not overlap the outer volume."));
+				}
+				else if (AvailableDiskSpace)
 				{
 					// caller requesting maximum size
-					// we use maxVolumeSize because it is guaranteed to be less of equal to AvailableDiskSpace
+					// we use maxVolumeSize because it is guaranteed to be less or equal to AvailableDiskSpace for outer volumes
 					options->Size = maxVolumeSize;
 				}
 				else
@@ -702,14 +705,17 @@ namespace VeraCrypt
 					throw MissingArgument (SRC_POS);
 
 				uint64 multiplier = 1024 * 1024;
-				wxString sizeStr = AskString (options->Type == VolumeType::Hidden ? _("\nEnter hidden volume size (sizeK/size[M]/sizeG/sizeT/max): ") : _("\nEnter volume size (sizeK/size[M]/sizeG.sizeT/max): "));
+				wxString sizeStr = AskString (options->Type == VolumeType::Hidden ? _("\nEnter hidden volume size (sizeK/size[M]/sizeG/sizeT): ") : _("\nEnter volume size (sizeK/size[M]/sizeG.sizeT/max): "));
 				if (sizeStr.CmpNoCase(wxT("max")) == 0)
 				{
 					multiplier = 1;
-					if (AvailableDiskSpace)
+					if (options->Type == VolumeType::Hidden) {
+						throw_err (_("Please do not use maximum size for hidden volume. As we do not mount the outer volume to determine the available space, it is your responsibility to choose a value so that the hidden volume does not overlap the outer volume."));
+					}
+					else if (AvailableDiskSpace)
 					{
 						// caller requesting maximum size
-						// we use maxVolumeSize because it is guaranteed to be less of equal to AvailableDiskSpace
+						// we use maxVolumeSize because it is guaranteed to be less or equal to AvailableDiskSpace for outer volumes
 						options->Size = maxVolumeSize;
 					}
 					else

src/Makefile

@@ -295,7 +295,7 @@ ifeq "$(shell uname -s)" "Darwin"
 	PLATFORM := MacOSX
 	APPNAME := VeraCrypt
 
-	export VC_OSX_TARGET ?= 10.7
+	export VC_OSX_TARGET ?= 12
 	export VC_OSX_SDK ?= $(VC_OSX_TARGET)
 
 	#check to see if XCode 3 path exists.Otherwise, use XCode 4 path
@@ -323,11 +323,13 @@ ifeq "$(shell uname -s)" "Darwin"
 	endif
 	
 	ifeq "$(CPU_ARCH)" "arm64"
-		CPU_ARCH = x86
+		CPU_ARCH = arm64
 	endif
 
-	CFLAGS += -msse2
-	CXXFLAGS += -msse2
+	ifneq "$(CPU_ARCH)" "arm64"
+		CFLAGS += -msse2
+		CXXFLAGS += -msse2
+	endif
 
 	ifeq "$(origin SSSE3)" "command line"
 		CFLAGS += -mssse3
@@ -339,7 +341,7 @@ ifeq "$(shell uname -s)" "Darwin"
 		CXXFLAGS += -mssse3 -msse4.1
 	endif
 
-	AS := $(BASE_DIR)/Build/Tools/MacOSX/yasm
+	AS ?= $(BASE_DIR)/Build/Tools/MacOSX/yasm
 	export ASFLAGS32 := -D __GNUC__ -D __YASM__ -D __BITS__=32 --prefix=_ -f macho32
 	export ASFLAGS64 := -D __GNUC__ -D __YASM__ -D __BITS__=64 --prefix=_ -f macho64
 
@@ -350,8 +352,20 @@ ifeq "$(shell uname -s)" "Darwin"
 		S := $(C_CXX_FLAGS)
 		C_CXX_FLAGS = $(subst -MMD,,$(S))
 
-		C_CXX_FLAGS += -gfull -arch x86_64
-		LFLAGS += -Wl,-dead_strip -arch x86_64
+		# only build local arch in development builds
+		ifeq "$(LOCAL_DEVELOPMENT_BUILD)" "true"
+			ifeq "$(CPU_ARCH)" "arm64"
+				C_CXX_FLAGS += -gfull -arch $(CPU_ARCH)
+				LFLAGS += -Wl,-dead_strip -arch $(CPU_ARCH)
+			else
+				C_CXX_FLAGS += -gfull -arch x86_64
+				LFLAGS += -Wl,-dead_strip -arch x86_64
+			endif
+		else
+			# leave previous logic as is
+			C_CXX_FLAGS += -gfull -arch x86_64
+			LFLAGS += -Wl,-dead_strip -arch x86_64
+		endif
 		
 		WX_CONFIGURE_FLAGS += --without-libpng --disable-gif --disable-pcx --disable-tga --disable-iff --disable-gif --disable-svg
 
@@ -361,10 +375,22 @@ ifeq "$(shell uname -s)" "Darwin"
 			LFLAGS += -arch i386
 			WX_CONFIGURE_FLAGS += --enable-universal_binary=i386,x86_64
 		else
-			CXXFLAGS += -std=c++11			
-			C_CXX_FLAGS += -arch arm64
-			LFLAGS += -arch arm64
-			WX_CONFIGURE_FLAGS += --enable-universal_binary=arm64,x86_64
+			CXXFLAGS += -std=c++11
+			ifeq "$(LOCAL_DEVELOPMENT_BUILD)" "true"
+				ifeq "$(CPU_ARCH)" "arm64"
+					C_CXX_FLAGS += -arch arm64
+					LFLAGS += -arch arm64
+				else
+					C_CXX_FLAGS += -arch x86_64
+					LFLAGS += -arch x86_64
+				endif
+				WX_CONFIGURE_FLAGS += --disable-universal_binary
+			else
+				# leave previous logic as is
+				C_CXX_FLAGS += -arch arm64
+				LFLAGS += -arch arm64
+				WX_CONFIGURE_FLAGS += --enable-universal_binary=arm64,x86_64
+			endif
 		endif
 
 		WXCONFIG_CFLAGS += -gfull

src/Volume/Volume.make

@@ -37,6 +37,7 @@ endif
 
 ifeq "$(ENABLE_WOLFCRYPT)" "0"
 ifeq "$(PLATFORM)" "MacOSX"
+ifneq "$(COMPILE_ASM)" "false"
 	OBJSEX += ../Crypto/Aes_asm.oo
 	OBJS += ../Crypto/Aes_hw_cpu.o
 	OBJS += ../Crypto/Aescrypt.o
@@ -76,6 +77,7 @@ else ifeq "$(CPU_ARCH)" "x64"
 else
 	OBJS += ../Crypto/Aescrypt.o
 endif
+endif
 
 ifeq "$(GCC_GTEQ_430)" "1"
 	OBJSSSE41 += ../Crypto/blake2s_SSE41.osse41
@@ -129,6 +131,7 @@ VolumeLibrary: Volume.a
 
 ifeq "$(ENABLE_WOLFCRYPT)" "0"
 ifeq "$(PLATFORM)" "MacOSX"
+ifneq "$(COMPILE_ASM)" "false"
 ../Crypto/Aes_asm.oo: ../Crypto/Aes_x86.asm ../Crypto/Aes_x64.asm
 	@echo Assembling $(<F)
 	$(AS) $(ASFLAGS32) -o ../Crypto/Aes_x86.o ../Crypto/Aes_x86.asm
@@ -137,7 +140,7 @@ ifeq "$(PLATFORM)" "MacOSX"
 	rm -fr ../Crypto/Aes_x86.o ../Crypto/Aes_x64.o
 ../Crypto/Twofish_asm.oo: ../Crypto/Twofish_x64.S
 	@echo Assembling $(<F)
-	$(AS) $(ASFLAGS64) -p gas -o ../Crypto/Twofish_asm.oo ../Crypto/Twofish_x64.S 
+	$(AS) $(ASFLAGS64) -p gas -o ../Crypto/Twofish_asm.oo ../Crypto/Twofish_x64.S
 ../Crypto/Camellia_asm.oo: ../Crypto/Camellia_x64.S
 	@echo Assembling $(<F)
 	$(AS) $(ASFLAGS64) -p gas -o ../Crypto/Camellia_asm.oo ../Crypto/Camellia_x64.S
@@ -173,5 +176,6 @@ ifeq "$(PLATFORM)" "MacOSX"
 	$(AS) $(ASFLAGS64) -o ../Crypto/sha512_sse4.oo ../Crypto/sha512_sse4_x64.asm
 endif
 endif
+endif
 
 include $(BUILD_INC)/Makefile.inc