void EncryptionThreadPoolDoWork (EncryptionThreadPoolWorkType type, byte *data, const UINT64_STRUCT *startUnitNo, TC_LARGEST_COMPILER_UINT unitCount, PCRYPTO_INFO cryptoInfo)
{
size_t fragmentCount;
size_t unitsPerFragment;
size_t remainder;
byte *fragmentData;
TC_LARGEST_COMPILER_UINT fragmentStartUnitNo;
EncryptionThreadPoolWorkItem *workItem;
EncryptionThreadPoolWorkItem *firstFragmentWorkItem;
if (unitCount == 0)
return;
if (!ThreadPoolRunning || unitCount == 1)
{
switch (type)
{
case DecryptDataUnitsWork:
DecryptDataUnitsCurrentThread (data, startUnitNo, unitCount, cryptoInfo);
break;
case EncryptDataUnitsWork:
EncryptDataUnitsCurrentThread (data, startUnitNo, unitCount, cryptoInfo);
break;
default:
TC_THROW_FATAL_EXCEPTION;
}
return;
}
if (unitCount <= ThreadCount)
{
fragmentCount = (size_t) unitCount;
unitsPerFragment = 1;
remainder = 0;
}
else
{
/* Note that it is not efficient to divide the data into fragments smaller than a few hundred bytes.
The reason is that the overhead associated with thread handling would in most cases make a multi-threaded
process actually slower than a single-threaded process. */
fragmentCount = ThreadCount;
unitsPerFragment = (size_t) unitCount / ThreadCount;
remainder = (size_t) unitCount % ThreadCount;
if (remainder > 0)
++unitsPerFragment;
}
fragmentData = data;
fragmentStartUnitNo = startUnitNo->Value;
TC_ACQUIRE_MUTEX (&EnqueueMutex);
firstFragmentWorkItem = &WorkItemQueue[EnqueuePosition];
while (GetWorkItemState (firstFragmentWorkItem) != WorkItemFree)
{
TC_WAIT_EVENT (WorkItemCompletedEvent);
}
firstFragmentWorkItem->OutstandingFragmentCount = fragmentCount;
while (fragmentCount-- > 0)
{
workItem = &WorkItemQueue[EnqueuePosition++];
if (EnqueuePosition >= TC_ENC_THREAD_POOL_QUEUE_SIZE)
EnqueuePosition = 0;
while (GetWorkItemState (workItem) != WorkItemFree)
{
TC_WAIT_EVENT (WorkItemCompletedEvent);
}
workItem->Type = type;
workItem->FirstFragment = firstFragmentWorkItem;
workItem->Encryption.CryptoInfo = cryptoInfo;
workItem->Encryption.Data = fragmentData;
workItem->Encryption.UnitCount = unitsPerFragment;
workItem->Encryption.StartUnitNo.Value = fragmentStartUnitNo;
fragmentData += unitsPerFragment * ENCRYPTION_DATA_UNIT_SIZE;
fragmentStartUnitNo += unitsPerFragment;
if (remainder > 0 && --remainder == 0)
--unitsPerFragment;
SetWorkItemState (workItem, WorkItemReady);
TC_SET_EVENT (WorkItemReadyEvent);
}
TC_RELEASE_MUTEX (&EnqueueMutex);
TC_WAIT_EVENT (firstFragmentWorkItem->ItemCompletedEvent);
SetWorkItemState (firstFragmentWorkItem, WorkItemFree);
TC_SET_EVENT (WorkItemCompletedEvent);
}
static NTSTATUS DumpFilterWrite (PFILTER_EXTENSION filterExtension, PLARGE_INTEGER diskWriteOffset, PMDL writeMdl)
{
ULONG dataLength = MmGetMdlByteCount (writeMdl);
uint64 offset = DumpPartitionOffset.QuadPart + diskWriteOffset->QuadPart;
uint64 intersectStart;
uint32 intersectLength;
PVOID writeBuffer;
CSHORT origMdlFlags;
if (BootDriveFilterExtension->MagicNumber != TC_BOOT_DRIVE_FILTER_EXTENSION_MAGIC_NUMBER)
TC_BUG_CHECK (STATUS_CRC_ERROR);
if (BootDriveFilterExtension->Queue.EncryptedAreaEndUpdatePending) // Hibernation should always abort the setup thread
TC_BUG_CHECK (STATUS_INVALID_PARAMETER);
if (BootDriveFilterExtension->Queue.EncryptedAreaStart == -1 || BootDriveFilterExtension->Queue.EncryptedAreaEnd == -1)
return STATUS_SUCCESS;
if (dataLength > WriteFilterBufferSize)
TC_BUG_CHECK (STATUS_BUFFER_OVERFLOW); // Bug check is required as returning an error does not prevent data from being written to disk
if ((dataLength & (ENCRYPTION_DATA_UNIT_SIZE - 1)) != 0)
TC_BUG_CHECK (STATUS_INVALID_PARAMETER);
if ((offset & (ENCRYPTION_DATA_UNIT_SIZE - 1)) != 0)
TC_BUG_CHECK (STATUS_INVALID_PARAMETER);
writeBuffer = MmGetSystemAddressForMdlSafe (writeMdl, HighPagePriority);
if (!writeBuffer)
TC_BUG_CHECK (STATUS_INSUFFICIENT_RESOURCES);
memcpy (WriteFilterBuffer, writeBuffer, dataLength);
GetIntersection (offset,
dataLength,
BootDriveFilterExtension->Queue.EncryptedAreaStart,
BootDriveFilterExtension->Queue.EncryptedAreaEnd,
&intersectStart,
&intersectLength);
if (intersectLength > 0)
{
UINT64_STRUCT dataUnit;
dataUnit.Value = intersectStart / ENCRYPTION_DATA_UNIT_SIZE;
if (BootDriveFilterExtension->Queue.RemapEncryptedArea)
{
diskWriteOffset->QuadPart += BootDriveFilterExtension->Queue.RemappedAreaOffset;
dataUnit.Value += BootDriveFilterExtension->Queue.RemappedAreaDataUnitOffset;
}
EncryptDataUnitsCurrentThread (WriteFilterBuffer + (intersectStart - offset),
&dataUnit,
intersectLength / ENCRYPTION_DATA_UNIT_SIZE,
BootDriveFilterExtension->Queue.CryptoInfo);
}
origMdlFlags = writeMdl->MdlFlags;
MmInitializeMdl (writeMdl, WriteFilterBuffer, dataLength);
MmBuildMdlForNonPagedPool (writeMdl);
// Instead of using MmGetSystemAddressForMdlSafe(), some buggy custom storage drivers may directly test MDL_MAPPED_TO_SYSTEM_VA flag,
// disregarding the fact that other MDL flags may be set by the system or a dump filter (e.g. MDL_SOURCE_IS_NONPAGED_POOL flag only).
// Therefore, to work around this issue, the original flags will be restored even if they do not match the new MDL.
// MS BitLocker also uses this hack/workaround (it should be safe to use until the MDL structure is changed).
writeMdl->MdlFlags = origMdlFlags;
return STATUS_SUCCESS;
}
static TC_THREAD_PROC EncryptionThreadProc (void *threadArg)
{
EncryptionThreadPoolWorkItem *workItem;
while (!StopPending)
{
TC_ACQUIRE_MUTEX (&DequeueMutex);
workItem = &WorkItemQueue[DequeuePosition++];
if (DequeuePosition >= TC_ENC_THREAD_POOL_QUEUE_SIZE)
DequeuePosition = 0;
while (!StopPending && GetWorkItemState (workItem) != WorkItemReady)
{
TC_WAIT_EVENT (WorkItemReadyEvent);
}
SetWorkItemState (workItem, WorkItemBusy);
TC_RELEASE_MUTEX (&DequeueMutex);
if (StopPending)
break;
switch (workItem->Type)
{
case DecryptDataUnitsWork:
DecryptDataUnitsCurrentThread (workItem->Encryption.Data, &workItem->Encryption.StartUnitNo, workItem->Encryption.UnitCount, workItem->Encryption.CryptoInfo);
break;
case EncryptDataUnitsWork:
EncryptDataUnitsCurrentThread (workItem->Encryption.Data, &workItem->Encryption.StartUnitNo, workItem->Encryption.UnitCount, workItem->Encryption.CryptoInfo);
break;
case DeriveKeyWork:
switch (workItem->KeyDerivation.Pkcs5Prf)
{
case RIPEMD160:
derive_key_ripemd160 (workItem->KeyDerivation.Password, workItem->KeyDerivation.PasswordLength, workItem->KeyDerivation.Salt, PKCS5_SALT_SIZE,
workItem->KeyDerivation.IterationCount, workItem->KeyDerivation.DerivedKey, GetMaxPkcs5OutSize());
break;
case SHA512:
derive_key_sha512 (workItem->KeyDerivation.Password, workItem->KeyDerivation.PasswordLength, workItem->KeyDerivation.Salt, PKCS5_SALT_SIZE,
workItem->KeyDerivation.IterationCount, workItem->KeyDerivation.DerivedKey, GetMaxPkcs5OutSize());
break;
case WHIRLPOOL:
derive_key_whirlpool (workItem->KeyDerivation.Password, workItem->KeyDerivation.PasswordLength, workItem->KeyDerivation.Salt, PKCS5_SALT_SIZE,
workItem->KeyDerivation.IterationCount, workItem->KeyDerivation.DerivedKey, GetMaxPkcs5OutSize());
break;
case SHA1:
derive_key_sha1 (workItem->KeyDerivation.Password, workItem->KeyDerivation.PasswordLength, workItem->KeyDerivation.Salt, PKCS5_SALT_SIZE,
workItem->KeyDerivation.IterationCount, workItem->KeyDerivation.DerivedKey, GetMaxPkcs5OutSize());
break;
default:
TC_THROW_FATAL_EXCEPTION;
}
InterlockedExchange (workItem->KeyDerivation.CompletionFlag, TRUE);
TC_SET_EVENT (*workItem->KeyDerivation.CompletionEvent);
if (InterlockedDecrement (workItem->KeyDerivation.OutstandingWorkItemCount) == 0)
TC_SET_EVENT (*workItem->KeyDerivation.NoOutstandingWorkItemEvent);
SetWorkItemState (workItem, WorkItemFree);
TC_SET_EVENT (WorkItemCompletedEvent);
continue;
default:
TC_THROW_FATAL_EXCEPTION;
}
if (workItem != workItem->FirstFragment)
{
SetWorkItemState (workItem, WorkItemFree);
TC_SET_EVENT (WorkItemCompletedEvent);
}
if (InterlockedDecrement (&workItem->FirstFragment->OutstandingFragmentCount) == 0)
TC_SET_EVENT (workItem->FirstFragment->ItemCompletedEvent);
}
#ifdef DEVICE_DRIVER
PsTerminateSystemThread (STATUS_SUCCESS);
#else
_endthreadex (0);
return 0;
#endif
}