static BOOL LoadStoredSettings() { WipeAlgorithmId savedWipeAlgorithm = TC_WIPE_NONE; EnableHwEncryption ((ReadDriverConfigurationFlags() & TC_DRIVER_CONFIG_DISABLE_HARDWARE_ENCRYPTION) ? FALSE : TRUE); if (TryDetectSystemEncryptionStatus()) { set_error_debug_out(TCAPI_E_TC_CONFIG_CORRUPTED); return FALSE; } //TODO: need to check if this is an issue for us. if (TryDetectNonSysInPlaceEncSettings (&savedWipeAlgorithm) != 0) bInPlaceEncNonSysPending = TRUE; mountOptions = defaultMountOptions; //TODO: Boot project transfer //if (IsHiddenOSRunning()) // HiddenSysLeakProtectionNotificationStatus = ConfigReadInt ("HiddenSystemLeakProtNotifStatus", TC_HIDDEN_OS_READ_ONLY_NOTIF_MODE_NONE); return TRUE; }
void ReadBootSectorUserConfiguration () { byte userConfig; AcquireSectorBuffer(); if (ReadWriteMBR (false, BootLoaderDrive, true) != BiosResultSuccess) goto ret; userConfig = SectorBuffer[TC_BOOT_SECTOR_USER_CONFIG_OFFSET]; #ifdef TC_WINDOWS_BOOT_AES EnableHwEncryption (!(userConfig & TC_BOOT_USER_CFG_FLAG_DISABLE_HW_ENCRYPTION)); #endif PreventBootMenu = (userConfig & TC_BOOT_USER_CFG_FLAG_DISABLE_ESC); memcpy (CustomUserMessage, SectorBuffer + TC_BOOT_SECTOR_USER_MESSAGE_OFFSET, TC_BOOT_SECTOR_USER_MESSAGE_MAX_LENGTH); CustomUserMessage[TC_BOOT_SECTOR_USER_MESSAGE_MAX_LENGTH] = 0; if (userConfig & TC_BOOT_USER_CFG_FLAG_SILENT_MODE) { if (CustomUserMessage[0]) { InitVideoMode(); Print (CustomUserMessage); } DisableScreenOutput(); } OuterVolumeBackupHeaderCrc = *(uint32 *) (SectorBuffer + TC_BOOT_SECTOR_OUTER_VOLUME_BAK_HEADER_CRC_OFFSET); ret: ReleaseSectorBuffer(); }
NTSTATUS DumpFilterEntry (PFILTER_EXTENSION filterExtension, PFILTER_INITIALIZATION_DATA filterInitData) { GetSystemDriveDumpConfigRequest dumpConfig; PHYSICAL_ADDRESS highestAcceptableWriteBufferAddr; STORAGE_DEVICE_NUMBER storageDeviceNumber; PARTITION_INFORMATION partitionInfo; LONG version; NTSTATUS status; Dump ("DumpFilterEntry type=%d\n", filterExtension->DumpType); filterInitData->MajorVersion = DUMP_FILTER_MAJOR_VERSION; filterInitData->MinorVersion = DUMP_FILTER_MINOR_VERSION; filterInitData->Flags |= DUMP_FILTER_CRITICAL; // Check driver version of the main device status = TCDeviceIoControl (NT_ROOT_PREFIX, TC_IOCTL_GET_DRIVER_VERSION, NULL, 0, &version, sizeof (version)); if (!NT_SUCCESS (status)) goto err; if (version != VERSION_NUM) { status = STATUS_INVALID_PARAMETER; goto err; } // Get dump configuration from the main device status = TCDeviceIoControl (NT_ROOT_PREFIX, TC_IOCTL_GET_SYSTEM_DRIVE_DUMP_CONFIG, NULL, 0, &dumpConfig, sizeof (dumpConfig)); if (!NT_SUCCESS (status)) goto err; BootDriveFilterExtension = dumpConfig.BootDriveFilterExtension; if (BootDriveFilterExtension->MagicNumber != TC_BOOT_DRIVE_FILTER_EXTENSION_MAGIC_NUMBER) { status = STATUS_CRC_ERROR; goto err; } // KeSaveFloatingPointState() may generate a bug check during crash dump #if !defined (_WIN64) if (filterExtension->DumpType == DumpTypeCrashdump) dumpConfig.HwEncryptionEnabled = FALSE; #endif EnableHwEncryption (dumpConfig.HwEncryptionEnabled); if (!AutoTestAlgorithms()) { status = STATUS_INVALID_PARAMETER; goto err; } // Check dump volume is located on the system drive status = SendDeviceIoControlRequest (filterExtension->DeviceObject, IOCTL_STORAGE_GET_DEVICE_NUMBER, NULL, 0, &storageDeviceNumber, sizeof (storageDeviceNumber)); if (!NT_SUCCESS (status)) goto err; if (!BootDriveFilterExtension->SystemStorageDeviceNumberValid) { status = STATUS_INVALID_PARAMETER; goto err; } if (storageDeviceNumber.DeviceNumber != BootDriveFilterExtension->SystemStorageDeviceNumber) { status = STATUS_ACCESS_DENIED; goto err; } // Check dump volume is located within the scope of system encryption status = SendDeviceIoControlRequest (filterExtension->DeviceObject, IOCTL_DISK_GET_PARTITION_INFO, NULL, 0, &partitionInfo, sizeof (partitionInfo)); if (!NT_SUCCESS (status)) goto err; DumpPartitionOffset = partitionInfo.StartingOffset; if (DumpPartitionOffset.QuadPart < BootDriveFilterExtension->ConfiguredEncryptedAreaStart || DumpPartitionOffset.QuadPart > BootDriveFilterExtension->ConfiguredEncryptedAreaEnd) { status = STATUS_ACCESS_DENIED; goto err; } // Allocate buffer for encryption if (filterInitData->MaxPagesPerWrite == 0) { status = STATUS_INVALID_PARAMETER; goto err; } WriteFilterBufferSize = filterInitData->MaxPagesPerWrite * PAGE_SIZE; #ifdef _WIN64 highestAcceptableWriteBufferAddr.QuadPart = 0x7FFffffFFFFLL; #else highestAcceptableWriteBufferAddr.QuadPart = 0xffffFFFFLL; #endif WriteFilterBuffer = MmAllocateContiguousMemory (WriteFilterBufferSize, highestAcceptableWriteBufferAddr); if (!WriteFilterBuffer) { status = STATUS_INSUFFICIENT_RESOURCES; goto err; } filterInitData->DumpStart = DumpFilterStart; filterInitData->DumpWrite = DumpFilterWrite; filterInitData->DumpFinish = DumpFilterFinish; filterInitData->DumpUnload = DumpFilterUnload; Dump ("Dump filter loaded type=%d\n", filterExtension->DumpType); return STATUS_SUCCESS; err: Dump ("DumpFilterEntry error %x\n", status); return status; }